www.dlfn.nl

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:36:6e:e3:e4:20:e5:df:a6:4a:dd:b9:18:ba:6d:88:bd:52 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.dlfn.nl

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:36:6e:e3:e4:20:e5:df:a6:4a:dd:b9:18:ba:6d:88:bd:52
Serial Number (int): 279859503966930478394823072100379341143378
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 81:2e:66:1a:25:a5:76:11:c1:cb:cb:cb:40:61:c9:17:c8:c3:8c:37
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 5b:27:c1:66:27:6b:b9:49:d3:0c:2a:b3:29:d4:25:8e:b5:9c:08:7a
Fingerprint (sha256): 94:21:b8:01:ae:3e:2d:e2:53:fb:e6:38:54:1f:68:b0:b4:cf:08:68:e9:c6:68:a2:76:e3:ee:8f:7d:aa:30:4b

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org/

Check the revocation status for certificate www.dlfn.nl

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.dlfn.nl

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.dlfn.nl

Other certificates including the domain name dlfn.nl

(limited to 100 certificates)
dlfn.nl
dlfn.nl
dlfn.nl
router.dlfn.nl
www.dlfn.nl
www.dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
www.dlfn.nl
www.dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
www.dlfn.nl
dlfn.nl
dlfn.nl
sni.cloudflaressl.com
dlfn.nl
dlfn.nl
www.dlfn.nl
www.dlfn.nl
www.dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
dlfn.nl
sni.cloudflaressl.com
www.dlfn.nl
www.dlfn.nl
dlfn.nl
dlfn.nl

Certificate

The complete raw certificate details for www.dlfn.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAzZu4+Qg5d+mSt25GLptiL1SMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjEyMDgxMDExMDBaFw0x
NzAzMDgxMDExMDBaMBYxFDASBgNVBAMTC3d3dy5kbGZuLm5sMIICIjANBgkqhkiG
9w0BAQEFAAOCAg8AMIICCgKCAgEAtcSuxyFf0Izi+/9Ycmr/T1AzcwiWSfRRPind
lUlWZUvZVGyxSFfQwxSaN27n5S/PD1An+49/58tK1fZmnl5b/SqPEBbz3aB/2tHv
3oiD8Mx/luH1S7jfAbh5t5F837jj+8xzilqg6D+MpvsAk7nSxZzlaTB0qfqk66Ug
LQcntgQ4KjgMI3FmjWRxPMtzK2Wan9CEIPMwJrVtjD9dthm6/TSkPsLGWaUJdpE2
PX+iOWSsQGl6UAAGznjqt3AZsYDd+9MKLCxNiQu79gGF0SweFNhrV/8XO1Cm/0Yn
lNCe6qdMIl113EGcxI5JkV2rHfYGzXsyQctiYOnrQv1A2e43sG3LqgxzMrfWStmf
ZePc69bsds5rxaGfSmhtFYK3fazY2aqIInLaT8F5r0KifOXWGp8dQAsq8hTSjWZE
wpRo98jCpg6gAcJSMu50Hdd/9cjzeaFn6WOr2bs3VU3XbF+63BVidaeiejAwGaF+
+VjLboxvxI70HSElR1UvQzXW05ZjsSmmG3Ooy49K2I/0gPxb6WHVH5h15Vv70a2D
wlMlF/XTkdeyU02Nlh4n8W0m9pgl3WXNR4vKwwgQMX78le415WKEy7Z3hzYFQCVz
xpKnMNCEsmtwi3FQa96GZ0yhjHTC8heRTcsDD+exliUpwzbkKOU1d73weBfY7oyU
VDRGKd8CAwEAAaOCAgwwggIIMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUgS5mGiWl
dhHBy8vLQGHJF8jDjDcwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw
cAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMu
bGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz
LmxldHNlbmNyeXB0Lm9yZy8wFgYDVR0RBA8wDYILd3d3LmRsZm4ubmwwgf4GA1Ud
IASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIB
FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtU
aGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlp
bmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRp
ZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9y
ZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAkB7mqVC/9LSWfCLX+eaVK/Lf
jTNA9SRd8vOuBNiMjmC7bTIRnyTz7AswvEqcOiIN3dSG1mE/+MaSICbOChwHfoPz
LWfvh72EHp4m10kXSuvmDaOZ60meYL2NmZzqsZA0oOIE0p1xHZo+Ui7x8RpumbgQ
38lmA9d/rum8btn1Rq6pBZLPdJ1Aij/9G95/VloJkBL6RvB2K+qKIen+xooQyF5s
q8kP86YwxSlF2KC47XHFkhnvPow/dJOrzQuX/syhNbNCzPYuCANm5uLDR+IATeUr
hGnVLLWbdvy6Q/f3A5BoT2FoM84jtH2lLsDOVDai11W+3oOxVSnJCVaWu2MH8A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtcSuxyFf0Izi+/9Ycmr/
T1AzcwiWSfRRPindlUlWZUvZVGyxSFfQwxSaN27n5S/PD1An+49/58tK1fZmnl5b
/SqPEBbz3aB/2tHv3oiD8Mx/luH1S7jfAbh5t5F837jj+8xzilqg6D+MpvsAk7nS
xZzlaTB0qfqk66UgLQcntgQ4KjgMI3FmjWRxPMtzK2Wan9CEIPMwJrVtjD9dthm6
/TSkPsLGWaUJdpE2PX+iOWSsQGl6UAAGznjqt3AZsYDd+9MKLCxNiQu79gGF0Swe
FNhrV/8XO1Cm/0YnlNCe6qdMIl113EGcxI5JkV2rHfYGzXsyQctiYOnrQv1A2e43
sG3LqgxzMrfWStmfZePc69bsds5rxaGfSmhtFYK3fazY2aqIInLaT8F5r0KifOXW
Gp8dQAsq8hTSjWZEwpRo98jCpg6gAcJSMu50Hdd/9cjzeaFn6WOr2bs3VU3XbF+6
3BVidaeiejAwGaF++VjLboxvxI70HSElR1UvQzXW05ZjsSmmG3Ooy49K2I/0gPxb
6WHVH5h15Vv70a2DwlMlF/XTkdeyU02Nlh4n8W0m9pgl3WXNR4vKwwgQMX78le41
5WKEy7Z3hzYFQCVzxpKnMNCEsmtwi3FQa96GZ0yhjHTC8heRTcsDD+exliUpwzbk
KOU1d73weBfY7oyUVDRGKd8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 279859503966930478394823072100379341143378
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-08 10:11:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-08 10:11:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.dlfn.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 741549933797424765268655071048424862917182639185609642703289248517809435055769068996399705694315510967131494241761074877985624641432008348272483931647176855218917660136865488589572841747636663490991541553176185021894063015960475011189037598650362540008953885405220195624212810744335187986145814981111976270551808738175442864354933155672494590595238365379047693707197463007815496104663643148042974642172612042303390938802012880550310661535534346342098383290455763023522763689564602570221709964452958127262705574536377289576037358069366011676333623287238182491953355584886938304006440755429155441721033037751284673484506755348818235302876341660602574822029726567490617947697450519442541060966860418121887944348162366279672409230942584420539433521322952950942624696282250428302346977038657897770440055602462228101117418924977172700889068608942527762614378368932120539063887583672946122151201742958746399780143061972183143927205616268882381295050564097228960181749551128750681227434287513116387730244150380317193993525694154115067220519880587184565961566965935778796273356642976802458707825778573397404786132916149943794848717956533063161187796994110525408467956312440533146530066526873083792662449579759229036405432401201568663833291231
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							812e661a25a57611c1cbcbcb4061c917c8c38c37
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dlfn.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00901ee6a950bff4b4967c22d7f9e6952bf2df8d3340f5245df2f3ae04d88c8e60bb6d32119f24f3ec0b30bc4a9c3a220dddd486d6613ff8c6922026ce0a1c077e83f32d67ef87bd841e9e26d749174aebe60da399eb499e60bd8d999ceab19034a0e204d29d711d9a3e522ef1f11a6e99b810dfc96603d77faee9bc6ed9f546aea90592cf749d408a3ffd1bde7f565a099012fa46f0762bea8a21e9fec68a10c85e6cabc90ff3a630c52945d8a0b8ed71c59219ef3e8c3f7493abcd0b97fecca135b342ccf62e080366e6e2c347e2004de52b8469d52cb59b76fcba43f7f70390684f616833ce23b47da52ec0ce5436a2d755bede83b15529c9095696bb6307f0