From 863dc562bf8498b90fdcc9315d5dc3b995f9f40f Mon Sep 17 00:00:00 2001 From: Kenneth Yang Date: Sun, 11 Jun 2023 21:07:56 -0700 Subject: [PATCH] v0.0.1-beta (#1) v0.0.1-beta --- .dockerignore | 13 + .github/ISSUE_TEMPLATE/bug_report.yml | 45 + .github/ISSUE_TEMPLATE/feature_request.yml | 54 + .github/workflows/pr_build.yml | 33 + .github/workflows/release_build.yml | 60 + CONTRIBUTING.md | 53 + Dockerfile | 25 + LICENSE | 201 ++ Makefile | 83 + README.md | 29 + SECURITY.md | 5 + cmd/server/baseca/server.go | 69 + cmd/server/main.go | 46 + config/config.primary.development.aws.yml | 61 + config/config.primary.local.sandbox.yml | 47 + config/config.primary.production.aws.yml | 64 + db/init/init-docker.sql | 5 + db/init/init.sql | 5 + db/migration/000001_init_schema.down.sql | 5 + db/migration/000001_init_schema.up.sql | 73 + db/mock/store.go | 393 ++ db/query/accounts.sql | 61 + db/query/aws_attestation.sql | 21 + db/query/certificate.sql | 35 + db/query/provisioners.sql | 0 db/query/users.sql | 37 + db/sqlc.yaml | 13 + db/sqlc/accounts.sql.go | 329 ++ db/sqlc/aws_attestation.sql.go | 97 + db/sqlc/certificate.sql.go | 211 ++ db/sqlc/common.go | 19 + db/sqlc/db.go | 31 + db/sqlc/models.go | 83 + db/sqlc/querier.go | 37 + db/sqlc/store.go | 52 + db/sqlc/tx_service_account.go | 51 + db/sqlc/tx_update_account.go | 66 + db/sqlc/users.sql.go | 188 + docs/ARCHITECTURE.md | 34 + docs/CONFIGURATION.md | 95 + docs/ENDPOINTS.md | 1072 ++++++ docs/GETTING_STARTED.md | 352 ++ docs/PRODUCTION_DEPLOYMENT.md | 281 ++ docs/SCOPE.md | 185 + docs/images/architecture.png | Bin 0 -> 110836 bytes docs/images/baseca_image.png | Bin 0 -> 248104 bytes docs/images/configuration.png | Bin 0 -> 140399 bytes docs/images/provisioner.png | Bin 0 -> 132116 bytes docs/images/public_key_infrastructure.png | Bin 0 -> 255169 bytes docs/images/secrets_manager.png | Bin 0 -> 275419 bytes docs/images/service_authentication.png | Bin 0 -> 156475 bytes docs/images/sign_csr.png | Bin 0 -> 185125 bytes docs/images/user_authentication.png | Bin 0 -> 104236 bytes examples/Dockerfile | 6 + .../baseca.v1.Certificate/code_sign.go | 52 + .../baseca.v1.Certificate/sign_csr.go | 55 + .../config/config.primary.development.aws.yml | 61 + .../config/config.primary.local.sandbox.yml | 47 + .../config/config.primary.production.aws.yml | 64 + gen/go/baseca/v1/api.pb.go | 3199 +++++++++++++++++ gen/go/baseca/v1/api_grpc.pb.go | 904 +++++ go.mod | 77 + go.sum | 645 ++++ .../aws_iid/certificate/ec2.amazonaws.com.crt | 19 + .../aws_iid/certificate/rds.global.bundle.pem | 2876 +++++++++++++++ internal/attestor/aws_iid/iid.go | 220 ++ internal/authentication/authentication.go | 35 + internal/authentication/issuer.go | 230 ++ internal/authentication/payload.go | 28 + internal/authorization/casbin/model.conf | 11 + internal/authorization/casbin/policy.csv | 3 + internal/authorization/permission.go | 16 + internal/client/acmpca/client.go | 38 + internal/client/acmpca/issue.go | 141 + internal/client/acmpca/query.go | 19 + internal/client/acmpca/revoke.go | 18 + internal/client/firehose/client.go | 33 + internal/client/firehose/stream.go | 45 + internal/client/redis/client.go | 63 + internal/client/redis/increment.go | 47 + internal/client/secretsmanager/client.go | 31 + internal/client/secretsmanager/query.go | 45 + internal/config/config.go | 83 + internal/config/fx.go | 63 + internal/config/load.go | 72 + internal/config/path.go | 38 + internal/environment/environment.go | 51 + internal/environment/fx.go | 11 + internal/gateway/grpc/fx.go | 163 + internal/lib/crypto/chain.go | 127 + internal/lib/crypto/pk.go | 258 ++ internal/lib/crypto/store.go | 134 + internal/lib/util/backoff.go | 54 + internal/lib/util/errors.go | 11 + internal/lib/util/random.go | 98 + internal/logger/logger.go | 205 ++ internal/types/account.go | 24 + internal/types/attestation.go | 23 + internal/types/certificate.go | 177 + internal/types/constants.go | 9 + internal/types/enrollment.go | 14 + internal/v1/accounts/accounts.go | 22 + internal/v1/accounts/accounts_test.go | 25 + internal/v1/accounts/operation_test.go | 83 + internal/v1/accounts/operations.go | 26 + internal/v1/accounts/query.go | 145 + internal/v1/accounts/query_test.go | 340 ++ internal/v1/accounts/service.go | 173 + internal/v1/accounts/service_test.go | 207 ++ internal/v1/accounts/validate.go | 215 ++ internal/v1/certificate/certificate.go | 45 + internal/v1/certificate/certificate_test.go | 205 ++ internal/v1/certificate/operations.go | 178 + internal/v1/certificate/operations_test.go | 69 + internal/v1/certificate/pca.go | 120 + internal/v1/certificate/query.go | 69 + internal/v1/certificate/sign.go | 249 ++ internal/v1/certificate/sign_test.go | 80 + internal/v1/certificate/validate.go | 145 + internal/v1/health/health.go | 48 + internal/v1/middleware/authentication.go | 201 ++ internal/v1/middleware/middleware.go | 39 + internal/v1/users/operations.go | 252 ++ internal/v1/users/operations_test.go | 147 + internal/v1/users/users.go | 23 + internal/v1/users/users_test.go | 59 + internal/validator/domain.go | 70 + internal/validator/environment.go | 32 + internal/validator/fx.go | 11 + internal/validator/validate.go | 104 + internal/validator/validate_test.go | 63 + pkg/attestor/aws_iid/iid.go | 57 + pkg/certificate/pk.go | 70 + pkg/client/certificate.go | 84 + pkg/client/client.go | 178 + pkg/client/csr.go | 95 + pkg/client/sign.go | 154 + protos/baseca/v1/api.proto | 252 ++ protos/buf.gen.yaml | 10 + terraform/README.md | 117 + terraform/development/baseca/firehose.tf | 64 + terraform/development/baseca/kms.tf | 31 + terraform/development/baseca/output.tf | 9 + terraform/development/baseca/variables.tf | 31 + terraform/development/output.tf | 9 + terraform/development/provider.tf | 12 + terraform/production/baseca/ecr.tf | 8 + terraform/production/baseca/elasticache.tf | 47 + terraform/production/baseca/firehose.tf | 64 + terraform/production/baseca/iam.tf | 85 + terraform/production/baseca/kms.tf | 44 + terraform/production/baseca/output.tf | 34 + terraform/production/baseca/rds.tf | 65 + terraform/production/baseca/secretsmanager.tf | 4 + terraform/production/baseca/variables.tf | 53 + terraform/production/compute/ecs.tf | 142 + terraform/production/compute/efs.tf | 121 + terraform/production/compute/iam.tf | 21 + terraform/production/compute/variables.tf | 86 + terraform/production/output.tf | 29 + terraform/production/provider.tf | 12 + test/config.go | 62 + test/config/config.test.local.sandbox.yml | 59 + 163 files changed, 20916 insertions(+) create mode 100644 .dockerignore create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml create mode 100644 .github/workflows/pr_build.yml create mode 100644 .github/workflows/release_build.yml create mode 100644 CONTRIBUTING.md create mode 100644 Dockerfile create mode 100644 LICENSE create mode 100644 Makefile create mode 100644 SECURITY.md create mode 100644 cmd/server/baseca/server.go create mode 100644 cmd/server/main.go create mode 100644 config/config.primary.development.aws.yml create mode 100644 config/config.primary.local.sandbox.yml create mode 100644 config/config.primary.production.aws.yml create mode 100644 db/init/init-docker.sql create mode 100644 db/init/init.sql create mode 100644 db/migration/000001_init_schema.down.sql create mode 100644 db/migration/000001_init_schema.up.sql create mode 100644 db/mock/store.go create mode 100644 db/query/accounts.sql create mode 100644 db/query/aws_attestation.sql create mode 100644 db/query/certificate.sql create mode 100644 db/query/provisioners.sql create mode 100644 db/query/users.sql create mode 100644 db/sqlc.yaml create mode 100644 db/sqlc/accounts.sql.go create mode 100644 db/sqlc/aws_attestation.sql.go create mode 100644 db/sqlc/certificate.sql.go create mode 100644 db/sqlc/common.go create mode 100644 db/sqlc/db.go create mode 100644 db/sqlc/models.go create mode 100644 db/sqlc/querier.go create mode 100644 db/sqlc/store.go create mode 100644 db/sqlc/tx_service_account.go create mode 100644 db/sqlc/tx_update_account.go create mode 100644 db/sqlc/users.sql.go create mode 100644 docs/ARCHITECTURE.md create mode 100644 docs/CONFIGURATION.md create mode 100644 docs/ENDPOINTS.md create mode 100644 docs/GETTING_STARTED.md create mode 100644 docs/PRODUCTION_DEPLOYMENT.md create mode 100644 docs/SCOPE.md create mode 100644 docs/images/architecture.png create mode 100644 docs/images/baseca_image.png create mode 100644 docs/images/configuration.png create mode 100644 docs/images/provisioner.png create mode 100644 docs/images/public_key_infrastructure.png create mode 100644 docs/images/secrets_manager.png create mode 100644 docs/images/service_authentication.png create mode 100644 docs/images/sign_csr.png create mode 100644 docs/images/user_authentication.png create mode 100644 examples/Dockerfile create mode 100644 examples/certificate/baseca.v1.Certificate/code_sign.go create mode 100644 examples/certificate/baseca.v1.Certificate/sign_csr.go create mode 100644 examples/config/config.primary.development.aws.yml create mode 100644 examples/config/config.primary.local.sandbox.yml create mode 100644 examples/config/config.primary.production.aws.yml create mode 100644 gen/go/baseca/v1/api.pb.go create mode 100644 gen/go/baseca/v1/api_grpc.pb.go create mode 100644 go.mod create mode 100644 go.sum create mode 100644 internal/attestor/aws_iid/certificate/ec2.amazonaws.com.crt create mode 100644 internal/attestor/aws_iid/certificate/rds.global.bundle.pem create mode 100644 internal/attestor/aws_iid/iid.go create mode 100644 internal/authentication/authentication.go create mode 100644 internal/authentication/issuer.go create mode 100644 internal/authentication/payload.go create mode 100644 internal/authorization/casbin/model.conf create mode 100644 internal/authorization/casbin/policy.csv create mode 100644 internal/authorization/permission.go create mode 100644 internal/client/acmpca/client.go create mode 100644 internal/client/acmpca/issue.go create mode 100644 internal/client/acmpca/query.go create mode 100644 internal/client/acmpca/revoke.go create mode 100644 internal/client/firehose/client.go create mode 100644 internal/client/firehose/stream.go create mode 100644 internal/client/redis/client.go create mode 100644 internal/client/redis/increment.go create mode 100644 internal/client/secretsmanager/client.go create mode 100644 internal/client/secretsmanager/query.go create mode 100644 internal/config/config.go create mode 100644 internal/config/fx.go create mode 100644 internal/config/load.go create mode 100644 internal/config/path.go create mode 100644 internal/environment/environment.go create mode 100644 internal/environment/fx.go create mode 100644 internal/gateway/grpc/fx.go create mode 100644 internal/lib/crypto/chain.go create mode 100644 internal/lib/crypto/pk.go create mode 100644 internal/lib/crypto/store.go create mode 100644 internal/lib/util/backoff.go create mode 100644 internal/lib/util/errors.go create mode 100644 internal/lib/util/random.go create mode 100644 internal/logger/logger.go create mode 100644 internal/types/account.go create mode 100644 internal/types/attestation.go create mode 100644 internal/types/certificate.go create mode 100644 internal/types/constants.go create mode 100644 internal/types/enrollment.go create mode 100644 internal/v1/accounts/accounts.go create mode 100644 internal/v1/accounts/accounts_test.go create mode 100644 internal/v1/accounts/operation_test.go create mode 100644 internal/v1/accounts/operations.go create mode 100644 internal/v1/accounts/query.go create mode 100644 internal/v1/accounts/query_test.go create mode 100644 internal/v1/accounts/service.go create mode 100644 internal/v1/accounts/service_test.go create mode 100644 internal/v1/accounts/validate.go create mode 100644 internal/v1/certificate/certificate.go create mode 100644 internal/v1/certificate/certificate_test.go create mode 100644 internal/v1/certificate/operations.go create mode 100644 internal/v1/certificate/operations_test.go create mode 100644 internal/v1/certificate/pca.go create mode 100644 internal/v1/certificate/query.go create mode 100644 internal/v1/certificate/sign.go create mode 100644 internal/v1/certificate/sign_test.go create mode 100644 internal/v1/certificate/validate.go create mode 100644 internal/v1/health/health.go create mode 100644 internal/v1/middleware/authentication.go create mode 100644 internal/v1/middleware/middleware.go create mode 100644 internal/v1/users/operations.go create mode 100644 internal/v1/users/operations_test.go create mode 100644 internal/v1/users/users.go create mode 100644 internal/v1/users/users_test.go create mode 100644 internal/validator/domain.go create mode 100644 internal/validator/environment.go create mode 100644 internal/validator/fx.go create mode 100644 internal/validator/validate.go create mode 100644 internal/validator/validate_test.go create mode 100644 pkg/attestor/aws_iid/iid.go create mode 100644 pkg/certificate/pk.go create mode 100644 pkg/client/certificate.go create mode 100644 pkg/client/client.go create mode 100644 pkg/client/csr.go create mode 100644 pkg/client/sign.go create mode 100644 protos/baseca/v1/api.proto create mode 100644 protos/buf.gen.yaml create mode 100644 terraform/README.md create mode 100644 terraform/development/baseca/firehose.tf create mode 100644 terraform/development/baseca/kms.tf create mode 100644 terraform/development/baseca/output.tf create mode 100644 terraform/development/baseca/variables.tf create mode 100644 terraform/development/output.tf create mode 100644 terraform/development/provider.tf create mode 100644 terraform/production/baseca/ecr.tf create mode 100644 terraform/production/baseca/elasticache.tf create mode 100644 terraform/production/baseca/firehose.tf create mode 100644 terraform/production/baseca/iam.tf create mode 100644 terraform/production/baseca/kms.tf create mode 100644 terraform/production/baseca/output.tf create mode 100644 terraform/production/baseca/rds.tf create mode 100644 terraform/production/baseca/secretsmanager.tf create mode 100644 terraform/production/baseca/variables.tf create mode 100644 terraform/production/compute/ecs.tf create mode 100644 terraform/production/compute/efs.tf create mode 100644 terraform/production/compute/iam.tf create mode 100644 terraform/production/compute/variables.tf create mode 100644 terraform/production/output.tf create mode 100644 terraform/production/provider.tf create mode 100644 test/config.go create mode 100644 test/config/config.test.local.sandbox.yml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..cfc83e6 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,13 @@ +.github/ +config/ +docs/ +examples/ +pkg/ +test/ +terraform/ + +*.md + +.dockerignore +.git +.gitignore \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..c975c1d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,45 @@ +name: Bug Report +description: File a Bug Report +title: "[Bug]: " +labels: ["bug", "triage"] +assignees: + - yangkenneth +body: + - type: input + id: contact + attributes: + label: Contact Details + description: How can we get in touch with you if we need more info? + placeholder: ex. email@example.com + validations: + required: false + - type: textarea + id: explanation + attributes: + label: What happened? + description: Also tell us, what did you expect to happen? + placeholder: Tell us what you see! + validations: + required: true + - type: input + id: version + attributes: + label: Version + description: What release of baseca are you running? + placeholder: ex. 1.0.0 + validations: + required: true + - type: textarea + id: logs + attributes: + label: Relevant Log Output + description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + render: shell + - type: checkboxes + id: terms + attributes: + label: Code of Conduct + description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/coinbase/code-of-conduct) + options: + - label: I agree to follow this project's Code of Conduct + required: true \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..73c952d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,54 @@ +name: Feature Request +description: Request a Feature +title: "[Feature]: " +labels: ["enhancement"] +assignees: + - yangkenneth +body: + - type: input + id: contact + attributes: + label: Contact Details + description: How can we get in touch with you if we need more info? + placeholder: ex. email@example.com + validations: + required: false + - type: textarea + id: background + attributes: + label: Background + description: Is your feature request related to a problem? Please describe. + placeholder: A clear and concise description of what the problem is. + validations: + required: true + - type: textarea + id: description + attributes: + label: Description + description: Describe the solution that you'd like implemented. + placeholder: A clear and concise description of what you want to happen. + validations: + required: true + - type: textarea + id: alternate + attributes: + label: Alternative Solution + description: Describe any alternatives that you've considered. + placeholder: A clear and concise description of any alternative solutions or features you've considered. + validations: + required: false + - type: textarea + id: addition + attributes: + label: Additional Context + description: Add any other context or screenshots about the feature request here. + validations: + required: false + - type: checkboxes + id: terms + attributes: + label: Code of Conduct + description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/coinbase/code-of-conduct) + options: + - label: I agree to follow this project's Code of Conduct + required: true \ No newline at end of file diff --git a/.github/workflows/pr_build.yml b/.github/workflows/pr_build.yml new file mode 100644 index 0000000..dd8c506 --- /dev/null +++ b/.github/workflows/pr_build.yml @@ -0,0 +1,33 @@ +name: PR Build + +on: + pull_request: {} + + +jobs: + unit-test: + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - uses: actions/checkout@v3 + + - name: Setup Golang + uses: actions/setup-go@v4 + with: + go-version: '1.19' + + - name: Install Dependencies + run: | + sudo apt-get update + sudo apt-get install -y make + + - name: Build baseca Executable + run: make build + + - name: baseca Unit Test + run: make test + + - name: Build baseca Container + run: docker build -f Dockerfile -t baseca . \ No newline at end of file diff --git a/.github/workflows/release_build.yml b/.github/workflows/release_build.yml new file mode 100644 index 0000000..37ddc81 --- /dev/null +++ b/.github/workflows/release_build.yml @@ -0,0 +1,60 @@ +name: Release Build + +on: + push: + tags: [ 'v*' ] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + + +jobs: + build: + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker Metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=ref,event=branch + type=sha + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and Push Docker Image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..2445538 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,53 @@ +# Contributing to baseca + +## Code of Conduct + +All interactions with this project follow our [Code of Conduct][code-of-conduct]. +By participating, you are expected to honor this code. Violators can be banned +from further participation in this project, or potentially all Coinbase projects. + +[code-of-conduct]: https://github.com/coinbase/code-of-conduct + +## Bug Reports + +* Ensure your issue [has not already been reported][1]. It may already be fixed! +* Include the steps you carried out to produce the problem. +* Include the behavior you observed along with the behavior you expected, and + why you expected it. +* Include any relevant stack traces or debugging output. + +## Feature Requests + +We welcome feedback with or without pull requests. If you have an idea for how +to improve the project, great! All we ask is that you take the time to write a +clear and concise explanation of what need you are trying to solve. If you have +thoughts on _how_ it can be solved, include those too! + +The best way to see a feature added, however, is to submit a pull request. + +## Pull Requests + +* Before creating your pull request, it's usually worth asking if the code + you're planning on writing will actually be considered for merging. You can + do this by [opening an issue][1] and asking. It may also help give the + maintainers context for when the time comes to review your code. + +* Ensure your [commit messages are well-written][2]. This can double as your + pull request message, so it pays to take the time to write a clear message. + +* Add tests for your feature. You should be able to look at other tests for + examples. If you're unsure, don't hesitate to [open an issue][1] and ask! + +* Submit your pull request! + +## Support Requests + +For security reasons, any communication referencing support tickets for Coinbase +products will be ignored. The request will have its content redacted and will +be locked to prevent further discussion. + +All support requests must be made via [our support team][3]. + +[1]: https://github.com/coinbase/baseca/issues +[2]: https://medium.com/brigade-engineering/the-secrets-to-great-commit-messages-106fc0a92a25 +[3]: https://support.coinbase.com/customer/en/portal/articles/2288496-how-can-i-contact-coinbase-support \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..ae1e832 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,25 @@ +# Build Image +FROM golang:1.20 as builder + +ENV CGO_ENABLED=0 +WORKDIR /baseca +COPY . /baseca +RUN apt update && apt clean && make build + +# Deploy Image +FROM alpine:3.17 + +RUN adduser --home /home/baseca baseca --gecos "baseca" --disabled-password && \ + apk --no-cache add ca-certificates && \ + rm -rf /var/cache/apk/* + +COPY --from=builder /baseca/target/bin/linux/baseca /home/baseca/baseca +COPY --from=builder /baseca/internal/authorization/casbin /home/baseca/internal/authorization/casbin +COPY --from=builder /baseca/internal/attestor/aws_iid/certificate /home/baseca/internal/attestor/aws_iid/certificate + +RUN chown -R baseca:baseca /home/baseca + +USER baseca +WORKDIR /home/baseca + +CMD ["/home/baseca/baseca"] \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..b963f81 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..97bcde0 --- /dev/null +++ b/Makefile @@ -0,0 +1,83 @@ +SERVICE := baseca +VERSION := $(shell git describe --tags) +BUILD := $(shell git rev-parse --short HEAD) +GITHUB_REPO := github.com/coinbase/baseca + +TARGET=target +BIN=$(TARGET)/bin +LDFLAGS=-ldflags "-X=main.Version=$(VERSION) -X=main.Build=$(BUILD)" + +.PHONY: usage +usage: + @ echo "Usage: make [`cat Makefile | grep "^[A-z\%\-]*:" | awk '{print $$1}' | sed "s/://g" | sed "s/%/[1-3]/g" | xargs`]" + +.PHONY: info +info: + @ echo SERVICE: $(SERVICE) + @ echo VERSION: $(VERSION) + @ echo BUILD: $(BUILD) + +.PHONY: clean +clean: info + @ rm -rf target + +.PHONY: deps +deps: info clean + @ go mod tidy + +.PHONY: test +test: info clean deps + @ go test -v -cover -short $$(go list ./... | grep -v /examples) + +.PHONY: build +build: info clean + @ GOOS=darwin GOARCH=amd64 go build $(LDFLAGS) -o $(BIN)/darwin/$(SERVICE) cmd/server/main.go + @ GOOS=linux GOARCH=amd64 go build $(LDFLAGS) -o $(BIN)/linux/$(SERVICE) cmd/server/main.go + +.PHONY: postgres +postgres: + @ docker run --name baseca -p 5432:5432 -v ${pwd)/db/init:/db/init -e POSTGRES_USER=root -e POSTGRES_PASSWORD=secret -d postgres:latest + +.PHONY: createdb +createdb: + @ docker exec -it baseca createdb --username=root --owner=root baseca + +.PHONY: dropdb +dropdb: + @ docker exec -it baseca dropdb baseca + +.PHONY: migrateup +migrateup: + @ migrate -path db/migration -database "postgresql://root:secret@localhost:5432/baseca?sslmode=disable" -verbose up + +.PHONY: migratedown +migratedown: + @ migrate -path db/migration -database "postgresql://root:secret@localhost:5432/baseca?sslmode=disable" -verbose down + +.PHONY: sqlc +sqlc: + @ sqlc generate -f db/sqlc.yaml + +.PHONY: mock +mock: + @ mockgen --build_flags=--mod=mod -package mock -destination db/mock/store.go ${GITHUB_REPO}/db/sqlc Store + +.PHONY: gen +gen: info clean + @ buf generate protos --template protos/buf.gen.yaml + +.PHONY: server +server: + @ password=${DATABASE_CREDENTIALS} \ + go run cmd/server/main.go + +.PHONY: lint +lint: + @ golangci-lint run + +.PHONY: tools +tools: + @ go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28 + @ go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2 + @ go install google.golang.org/protobuf/cmd/protoc-gen-go@latest + @ which buf || (go install github.com/bufbuild/buf/cmd/buf@latest) diff --git a/README.md b/README.md index e88576d..2eca385 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,32 @@

coinbase/baseca

+ +## Overview + +`baseca` is a `gRPC` service that serves as a Public Key Infrastructure (PKI) control plane intended to provide a safe and scalable approach to issue short-lived end-entities certificates. + +### Use Cases + +`baseca` extends the `pathlen` constraint from AWS Private CA and acts as an Intermediate CA; instead of issuing leaf certificates directly from Private CA, `baseca` manages many Subordinate CAs and signs requests in-memory depending on the [`scope`](docs/SCOPE.md) of the service account. + +- Client Authentication +- Server Authentication +- Code Signing +- SSH Certificates (Pending) + +### Running `baseca` + +- [`Architecture`](docs/ARCHITECTURE.md) +- [`Getting Started`](docs/GETTING_STARTED.md) +- [`Production Deployment`](docs/PRODUCTION_DEPLOYMENT.md) +- [`baseca gRPC Methods`](docs/ENDPOINTS.md) + +### Benefits + +- Short-Lived Certificates with Ephemeral Private Key Material +- No Quotas on Quantity of Issued Certificates +- Supports Issuance from On-Prem and Multi-Cloud +- Protects Issuance of Certificates on Scope +- Supports Node Attestation +- Cost Savings diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..76f7883 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,5 @@ +# Security Policy + +Please report your findings to our [HackerOne][1] program. + +[1]: https://hackerone.com/coinbase diff --git a/cmd/server/baseca/server.go b/cmd/server/baseca/server.go new file mode 100644 index 0000000..2b732f6 --- /dev/null +++ b/cmd/server/baseca/server.go @@ -0,0 +1,69 @@ +package apiservice + +import ( + "context" + "fmt" + "time" + + "github.com/allegro/bigcache/v3" + "github.com/casbin/casbin/v2" + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/config" + "github.com/coinbase/baseca/internal/v1/accounts" + "github.com/coinbase/baseca/internal/v1/certificate" + "github.com/coinbase/baseca/internal/v1/middleware" + "github.com/coinbase/baseca/internal/v1/users" +) + +const ( + // Local Memory (Authentication) + _default_cleanup = 10 * time.Minute +) + +type Server struct { + apiv1.CertificateServer + Store db.DatabaseEndpoints + Auth authentication.Auth + Service *accounts.Service + Certificate *certificate.Certificate + User *users.User + Middleware *middleware.Middleware +} + +func BuildServer(store db.DatabaseEndpoints, cfg *config.Config, enforcer *casbin.Enforcer) (*Server, error) { + signer, err := authentication.BuildSigningClient(cfg) + if err != nil { + return nil, err + } + + auth, err := authentication.NewAuthSigningMetadata(signer) + if err != nil { + return nil, err + } + + cache, err := bigcache.New(context.Background(), bigcache.DefaultConfig(_default_cleanup)) + if err != nil { + return nil, fmt.Errorf("error instantiating memory cache") + } + + service := accounts.New(cfg, store) + user := users.New(cfg, store, auth) + middleware := middleware.New(auth, store, enforcer, cache) + certificate, err := certificate.New(cfg, store) + if err != nil { + return nil, fmt.Errorf("issue instantiating certificate client [%s]", err) + } + + server := &Server{ + Store: store, + Auth: auth, + Service: service, + Certificate: certificate, + User: user, + Middleware: middleware, + } + + return server, nil +} diff --git a/cmd/server/main.go b/cmd/server/main.go new file mode 100644 index 0000000..3b93fdb --- /dev/null +++ b/cmd/server/main.go @@ -0,0 +1,46 @@ +package main + +import ( + "context" + "log" + "time" + + "github.com/coinbase/baseca/internal/config" + "github.com/coinbase/baseca/internal/environment" + "github.com/coinbase/baseca/internal/gateway/grpc" + "github.com/coinbase/baseca/internal/validator" + _ "github.com/lib/pq" + "go.uber.org/fx" + "go.uber.org/fx/fxevent" +) + +func main() { + + app := fx.New( + fx.Options( + config.Module, + environment.Module, + grpc.Module, + validator.Module, + ), + fx.WithLogger( + func() fxevent.Logger { + return fxevent.NopLogger + }, + ), + ) + + startCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second) + defer cancel() + if err := app.Start(startCtx); err != nil { + log.Fatal(err) + } + + <-app.Done() + + stopCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second) + defer cancel() + if err := app.Stop(stopCtx); err != nil { + log.Fatal(err) + } +} diff --git a/config/config.primary.development.aws.yml b/config/config.primary.development.aws.yml new file mode 100644 index 0000000..f659dad --- /dev/null +++ b/config/config.primary.development.aws.yml @@ -0,0 +1,61 @@ +grpc_server_address: 0.0.0.0:9090 + +database: + database_driver: postgres + database_table: baseca + database_endpoint: xxxxxx.cluster.xxxxxx.us-east-1.rds.amazonaws.com + database_reader_endpoint: xxxxxx.cluster-ro.xxxxxx.us-east-1.rds.amazonaws.com + database_user: baseca + database_port: 5432 + region: us-east-1 + ssl_mode: verify-full + +redis: + cluster_endpoint: xxxxxx.xxxxxx.0001.use1.cache.amazonaws.com + port: 6379 + rate_limit: 20 + +domains: + - example.com + +acm_pca: + development_use1: + region: us-east-1 + ca_arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + ca_active_day: 90 + assume_role: false + root_ca: false + development_usw1: + region: us-west-1 + ca_arn: arn:aws:acm-pca:us-west-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + ca_active_day: 90 + assume_role: false + +firehose: + stream: baseca-development + region: us-east-1 + +kms: + key_id: 12345678-1234-1234-1234-123456789012 + signing_algorithm: RSASSA_PSS_SHA_512 + region: us-east-1 + auth_validity: 5 + +secrets_manager: + secret_id: baseca-xxxxxxxxxxxx + +subordinate_ca_metadata: + country: "US" + province: "CA" + locality: "San Francisco" + organization: "Example" + organization_unit: "Security" + email: "example@example.com" + signing_algorithm: SHA512WITHRSA + key_algorithm: "RSA" + key_size: 4096 + +certificate_authority: + development: + - development_use1 + - development_usw1 \ No newline at end of file diff --git a/config/config.primary.local.sandbox.yml b/config/config.primary.local.sandbox.yml new file mode 100644 index 0000000..dbb6af8 --- /dev/null +++ b/config/config.primary.local.sandbox.yml @@ -0,0 +1,47 @@ +grpc_server_address: 0.0.0.0:9090 + +database: + database_driver: postgres + database_table: baseca + database_endpoint: localhost + database_reader_endpoint: localhost + database_user: root + database_port: 5432 + region: us-east-1 + ssl_mode: disable + +domains: + - example.com + +acm_pca: + development_use1: + region: us-east-1 + ca_arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + ca_active_day: 90 + assume_role: false + root_ca: false + +firehose: + stream: baseca-development + region: us-east-1 + +kms: + key_id: 12345678-1234-1234-1234-123456789012 + signing_algorithm: RSASSA_PSS_SHA_512 + region: us-east-1 + auth_validity: 5 + +subordinate_ca_metadata: + country: "US" + province: "CA" + locality: "San Francisco" + organization: "Example" + organization_unit: "Security" + email: "example@example.com" + signing_algorithm: SHA512WITHRSA + key_algorithm: "RSA" + key_size: 4096 + +certificate_authority: + development: + - development_use1 diff --git a/config/config.primary.production.aws.yml b/config/config.primary.production.aws.yml new file mode 100644 index 0000000..5d4eab9 --- /dev/null +++ b/config/config.primary.production.aws.yml @@ -0,0 +1,64 @@ +grpc_server_address: 0.0.0.0:9090 + +ocsp_server: + - production.ocsp.example.com + +database: + database_driver: postgres + database_table: baseca + database_endpoint: xxxxxx.cluster.xxxxxx.us-east-1.rds.amazonaws.com + database_reader_endpoint: xxxxxx.cluster-ro.xxxxxx.us-east-1.rds.amazonaws.com + database_user: baseca + database_port: 5432 + region: us-east-1 + ssl_mode: verify-full + +redis: + cluster_endpoint: xxxxxx.xxxxxx.0001.use1.cache.amazonaws.com + port: 6379 + rate_limit: 20 + +domains: + - example.com + +acm_pca: + production_use1: + region: us-east-1 + ca_arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + ca_active_day: 90 + assume_role: false + root_ca: false + + # Configure Additional Certificate Authorities (development_use1, staging_use1, etc) + +firehose: + stream: baseca-production + region: us-east-1 + +kms: + key_id: 12345678-1234-1234-1234-123456789012 + signing_algorithm: RSASSA_PSS_SHA_512 + region: us-east-1 + auth_validity: 5 + +secrets_manager: + secret_id: baseca-xxxxxxxxxxxx + +subordinate_ca_metadata: + country: "US" + province: "CA" + locality: "San Francisco" + organization: "Example" + organization_unit: "Security" + email: "example@example.com" + signing_algorithm: SHA512WITHRSA + key_algorithm: "RSA" + key_size: 4096 + +certificate_authority: + production: + - production_use1 + pre_production: + - pre_production_use1 + corporate: + - corporate_use1 \ No newline at end of file diff --git a/db/init/init-docker.sql b/db/init/init-docker.sql new file mode 100644 index 0000000..b329e84 --- /dev/null +++ b/db/init/init-docker.sql @@ -0,0 +1,5 @@ +-- init-docker.sql +CREATE EXTENSION IF NOT EXISTS pgcrypto; +CREATE EXTENSION IF NOT EXISTS "uuid-ossp"; +INSERT INTO users (uuid, username, hashed_credential, full_name, email, permissions, credential_changed_at) +VALUES (uuid_generate_v4(), 'defaultuser', crypt('defaultpassword', gen_salt('bf')), 'Default User', 'defaultuser@example.com', 'ADMIN', now()); diff --git a/db/init/init.sql b/db/init/init.sql new file mode 100644 index 0000000..fa7420d --- /dev/null +++ b/db/init/init.sql @@ -0,0 +1,5 @@ +-- init.sql +CREATE EXTENSION IF NOT EXISTS pgcrypto; +CREATE EXTENSION IF NOT EXISTS "uuid-ossp"; +INSERT INTO users (uuid, username, hashed_credential, full_name, email, permissions, credential_changed_at) +VALUES (uuid_generate_v4(), 'defaultuser', crypt('defaultpassword', gen_salt('bf')), 'Default User', 'defaultuser@example.com', 'ADMIN', now()); diff --git a/db/migration/000001_init_schema.down.sql b/db/migration/000001_init_schema.down.sql new file mode 100644 index 0000000..85cf247 --- /dev/null +++ b/db/migration/000001_init_schema.down.sql @@ -0,0 +1,5 @@ +DROP TABLE IF EXISTS aws_attestation; +DROP TABLE IF EXISTS accounts; +DROP TABLE IF EXISTS provisioners; +DROP TABLE IF EXISTS certificates; +DROP TABLE IF EXISTS users; diff --git a/db/migration/000001_init_schema.up.sql b/db/migration/000001_init_schema.up.sql new file mode 100644 index 0000000..b25ea29 --- /dev/null +++ b/db/migration/000001_init_schema.up.sql @@ -0,0 +1,73 @@ +CREATE TABLE "users" ( + "uuid" uuid UNIQUE PRIMARY KEY, + "username" varchar UNIQUE NOT NULL, + "hashed_credential" varchar NOT NULL, + "full_name" varchar NOT NULL, + "email" varchar UNIQUE NOT NULL, + "permissions" varchar NOT NULL, + "credential_changed_at" timestamptz NOT NULL DEFAULT '0001-01-01 00:00:00Z', + "created_at" timestamptz NOT NULL DEFAULT (now()) +); + +CREATE TABLE "accounts" ( + "client_id" uuid UNIQUE PRIMARY KEY, + "api_token" varchar NOT NULL, + "service_account" varchar NOT NULL, + "environment" varchar NOT NULL, + "team" varchar NOT NULL, + "email" varchar NOT NULL, + "regular_expression" varchar, + "valid_subject_alternate_name" varchar[] NOT NULL, + "valid_certificate_authorities" varchar[] NOT NULL, + "extended_key" varchar NOT NULL, + "certificate_validity" smallserial NOT NULL, + "subordinate_ca" varchar NOT NULL, + "node_attestation" varchar[], + "created_at" timestamptz NOT NULL DEFAULT (now()), + "created_by" uuid NOT NULL +); + +CREATE TABLE "certificates" ( + "serial_number" varchar PRIMARY KEY, + "account" varchar NOT NULL, + "environment" varchar NOT NULL, + "extended_key" varchar NOT NULL, + "common_name" varchar NOT NULL, + "subject_alternative_name" varchar[] NOT NULL, + "expiration_date" timestamptz NOT NULL DEFAULT (now()), + "issued_date" timestamptz NOT NULL DEFAULT (now()), + "revoked" boolean NOT NULL DEFAULT false, + "revoked_by" varchar, + "revoke_date" timestamptz, + "certificate_authority_arn" varchar +); + +CREATE TABLE "aws_attestation" ( + "client_id" uuid UNIQUE PRIMARY KEY, + "role_arn" varchar, + "assume_role" varchar, + "security_group_id" varchar[], + "region" varchar, + "instance_id" varchar, + "image_id" varchar, + "instance_tags" json +); + +CREATE TABLE "provisioners" ( + "client_id" uuid UNIQUE PRIMARY KEY, + "api_token" varchar NOT NULL, + "provisioner_account" varchar NOT NULL, + "environments" varchar[] NOT NULL, + "team" varchar NOT NULL, + "email" varchar NOT NULL, + "regular_expression" varchar, + "valid_subject_alternate_names" varchar[] NOT NULL, + "extended_keys" varchar[] NOT NULL, + "max_certificate_validity" smallserial NOT NULL, + "node_attestation" varchar[], + "created_at" timestamptz NOT NULL DEFAULT (now()), + "created_by" uuid NOT NULL +); + +ALTER TABLE "accounts" ADD FOREIGN KEY ("created_by") REFERENCES "users" ("uuid"); +ALTER TABLE "provisioners" ADD FOREIGN KEY ("created_by") REFERENCES "users" ("uuid"); \ No newline at end of file diff --git a/db/mock/store.go b/db/mock/store.go new file mode 100644 index 0000000..116854b --- /dev/null +++ b/db/mock/store.go @@ -0,0 +1,393 @@ +// Code generated by MockGen. DO NOT EDIT. +// Source: github.com/coinbase/baseca/db/sqlc (interfaces: Store) + +// Package mock is a generated GoMock package. +package mock + +import ( + context "context" + reflect "reflect" + + db "github.com/coinbase/baseca/db/sqlc" + types "github.com/coinbase/baseca/internal/types" + gomock "github.com/golang/mock/gomock" + uuid "github.com/google/uuid" +) + +// MockStore is a mock of Store interface. +type MockStore struct { + ctrl *gomock.Controller + recorder *MockStoreMockRecorder +} + +// MockStoreMockRecorder is the mock recorder for MockStore. +type MockStoreMockRecorder struct { + mock *MockStore +} + +// NewMockStore creates a new mock instance. +func NewMockStore(ctrl *gomock.Controller) *MockStore { + mock := &MockStore{ctrl: ctrl} + mock.recorder = &MockStoreMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockStore) EXPECT() *MockStoreMockRecorder { + return m.recorder +} + +// CreateServiceAccount mocks base method. +func (m *MockStore) CreateServiceAccount(arg0 context.Context, arg1 db.CreateServiceAccountParams) (*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateServiceAccount", arg0, arg1) + ret0, _ := ret[0].(*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateServiceAccount indicates an expected call of CreateServiceAccount. +func (mr *MockStoreMockRecorder) CreateServiceAccount(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateServiceAccount", reflect.TypeOf((*MockStore)(nil).CreateServiceAccount), arg0, arg1) +} + +// CreateUser mocks base method. +func (m *MockStore) CreateUser(arg0 context.Context, arg1 db.CreateUserParams) (*db.User, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "CreateUser", arg0, arg1) + ret0, _ := ret[0].(*db.User) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// CreateUser indicates an expected call of CreateUser. +func (mr *MockStoreMockRecorder) CreateUser(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateUser", reflect.TypeOf((*MockStore)(nil).CreateUser), arg0, arg1) +} + +// DeleteInstanceIdentityDocument mocks base method. +func (m *MockStore) DeleteInstanceIdentityDocument(arg0 context.Context, arg1 uuid.UUID) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteInstanceIdentityDocument", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteInstanceIdentityDocument indicates an expected call of DeleteInstanceIdentityDocument. +func (mr *MockStoreMockRecorder) DeleteInstanceIdentityDocument(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteInstanceIdentityDocument", reflect.TypeOf((*MockStore)(nil).DeleteInstanceIdentityDocument), arg0, arg1) +} + +// DeleteServiceAccount mocks base method. +func (m *MockStore) DeleteServiceAccount(arg0 context.Context, arg1 uuid.UUID) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteServiceAccount", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteServiceAccount indicates an expected call of DeleteServiceAccount. +func (mr *MockStoreMockRecorder) DeleteServiceAccount(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteServiceAccount", reflect.TypeOf((*MockStore)(nil).DeleteServiceAccount), arg0, arg1) +} + +// DeleteUser mocks base method. +func (m *MockStore) DeleteUser(arg0 context.Context, arg1 string) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteUser", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteUser indicates an expected call of DeleteUser. +func (mr *MockStoreMockRecorder) DeleteUser(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteUser", reflect.TypeOf((*MockStore)(nil).DeleteUser), arg0, arg1) +} + +// GetCertificate mocks base method. +func (m *MockStore) GetCertificate(arg0 context.Context, arg1 string) (*db.Certificate, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetCertificate", arg0, arg1) + ret0, _ := ret[0].(*db.Certificate) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetCertificate indicates an expected call of GetCertificate. +func (mr *MockStoreMockRecorder) GetCertificate(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetCertificate", reflect.TypeOf((*MockStore)(nil).GetCertificate), arg0, arg1) +} + +// GetInstanceIdentityDocument mocks base method. +func (m *MockStore) GetInstanceIdentityDocument(arg0 context.Context, arg1 uuid.UUID) (*db.AwsAttestation, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetInstanceIdentityDocument", arg0, arg1) + ret0, _ := ret[0].(*db.AwsAttestation) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetInstanceIdentityDocument indicates an expected call of GetInstanceIdentityDocument. +func (mr *MockStoreMockRecorder) GetInstanceIdentityDocument(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetInstanceIdentityDocument", reflect.TypeOf((*MockStore)(nil).GetInstanceIdentityDocument), arg0, arg1) +} + +// GetServiceAccounts mocks base method. +func (m *MockStore) GetServiceAccounts(arg0 context.Context, arg1 string) ([]*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetServiceAccounts", arg0, arg1) + ret0, _ := ret[0].([]*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetServiceAccounts indicates an expected call of GetServiceAccounts. +func (mr *MockStoreMockRecorder) GetServiceAccounts(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetServiceAccounts", reflect.TypeOf((*MockStore)(nil).GetServiceAccounts), arg0, arg1) +} + +// GetServiceUUID mocks base method. +func (m *MockStore) GetServiceUUID(arg0 context.Context, arg1 uuid.UUID) (*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetServiceUUID", arg0, arg1) + ret0, _ := ret[0].(*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetServiceUUID indicates an expected call of GetServiceUUID. +func (mr *MockStoreMockRecorder) GetServiceUUID(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetServiceUUID", reflect.TypeOf((*MockStore)(nil).GetServiceUUID), arg0, arg1) +} + +// GetUser mocks base method. +func (m *MockStore) GetUser(arg0 context.Context, arg1 string) (*db.User, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetUser", arg0, arg1) + ret0, _ := ret[0].(*db.User) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetUser indicates an expected call of GetUser. +func (mr *MockStoreMockRecorder) GetUser(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUser", reflect.TypeOf((*MockStore)(nil).GetUser), arg0, arg1) +} + +// ListCertificateSubjectAlternativeName mocks base method. +func (m *MockStore) ListCertificateSubjectAlternativeName(arg0 context.Context, arg1 db.ListCertificateSubjectAlternativeNameParams) ([]*db.Certificate, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListCertificateSubjectAlternativeName", arg0, arg1) + ret0, _ := ret[0].([]*db.Certificate) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListCertificateSubjectAlternativeName indicates an expected call of ListCertificateSubjectAlternativeName. +func (mr *MockStoreMockRecorder) ListCertificateSubjectAlternativeName(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListCertificateSubjectAlternativeName", reflect.TypeOf((*MockStore)(nil).ListCertificateSubjectAlternativeName), arg0, arg1) +} + +// ListCertificates mocks base method. +func (m *MockStore) ListCertificates(arg0 context.Context, arg1 db.ListCertificatesParams) ([]*db.Certificate, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListCertificates", arg0, arg1) + ret0, _ := ret[0].([]*db.Certificate) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListCertificates indicates an expected call of ListCertificates. +func (mr *MockStoreMockRecorder) ListCertificates(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListCertificates", reflect.TypeOf((*MockStore)(nil).ListCertificates), arg0, arg1) +} + +// ListServiceAccounts mocks base method. +func (m *MockStore) ListServiceAccounts(arg0 context.Context, arg1 db.ListServiceAccountsParams) ([]*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListServiceAccounts", arg0, arg1) + ret0, _ := ret[0].([]*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListServiceAccounts indicates an expected call of ListServiceAccounts. +func (mr *MockStoreMockRecorder) ListServiceAccounts(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListServiceAccounts", reflect.TypeOf((*MockStore)(nil).ListServiceAccounts), arg0, arg1) +} + +// ListUsers mocks base method. +func (m *MockStore) ListUsers(arg0 context.Context, arg1 db.ListUsersParams) ([]*db.User, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ListUsers", arg0, arg1) + ret0, _ := ret[0].([]*db.User) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ListUsers indicates an expected call of ListUsers. +func (mr *MockStoreMockRecorder) ListUsers(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListUsers", reflect.TypeOf((*MockStore)(nil).ListUsers), arg0, arg1) +} + +// LogCertificate mocks base method. +func (m *MockStore) LogCertificate(arg0 context.Context, arg1 db.LogCertificateParams) (*db.Certificate, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "LogCertificate", arg0, arg1) + ret0, _ := ret[0].(*db.Certificate) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// LogCertificate indicates an expected call of LogCertificate. +func (mr *MockStoreMockRecorder) LogCertificate(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "LogCertificate", reflect.TypeOf((*MockStore)(nil).LogCertificate), arg0, arg1) +} + +// RevokeIssuedCertificateSerialNumber mocks base method. +func (m *MockStore) RevokeIssuedCertificateSerialNumber(arg0 context.Context, arg1 db.RevokeIssuedCertificateSerialNumberParams) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "RevokeIssuedCertificateSerialNumber", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// RevokeIssuedCertificateSerialNumber indicates an expected call of RevokeIssuedCertificateSerialNumber. +func (mr *MockStoreMockRecorder) RevokeIssuedCertificateSerialNumber(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RevokeIssuedCertificateSerialNumber", reflect.TypeOf((*MockStore)(nil).RevokeIssuedCertificateSerialNumber), arg0, arg1) +} + +// StoreInstanceIdentityDocument mocks base method. +func (m *MockStore) StoreInstanceIdentityDocument(arg0 context.Context, arg1 db.StoreInstanceIdentityDocumentParams) (*db.AwsAttestation, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "StoreInstanceIdentityDocument", arg0, arg1) + ret0, _ := ret[0].(*db.AwsAttestation) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// StoreInstanceIdentityDocument indicates an expected call of StoreInstanceIdentityDocument. +func (mr *MockStoreMockRecorder) StoreInstanceIdentityDocument(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "StoreInstanceIdentityDocument", reflect.TypeOf((*MockStore)(nil).StoreInstanceIdentityDocument), arg0, arg1) +} + +// TxCreateServiceAccount mocks base method. +func (m *MockStore) TxCreateServiceAccount(arg0 context.Context, arg1 db.CreateServiceAccountParams, arg2 db.StoreInstanceIdentityDocumentParams) (*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "TxCreateServiceAccount", arg0, arg1, arg2) + ret0, _ := ret[0].(*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// TxCreateServiceAccount indicates an expected call of TxCreateServiceAccount. +func (mr *MockStoreMockRecorder) TxCreateServiceAccount(arg0, arg1, arg2 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "TxCreateServiceAccount", reflect.TypeOf((*MockStore)(nil).TxCreateServiceAccount), arg0, arg1, arg2) +} + +// TxDeleteServiceAccount mocks base method. +func (m *MockStore) TxDeleteServiceAccount(arg0 context.Context, arg1 uuid.UUID) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "TxDeleteServiceAccount", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// TxDeleteServiceAccount indicates an expected call of TxDeleteServiceAccount. +func (mr *MockStoreMockRecorder) TxDeleteServiceAccount(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "TxDeleteServiceAccount", reflect.TypeOf((*MockStore)(nil).TxDeleteServiceAccount), arg0, arg1) +} + +// TxUpdateServiceAccount mocks base method. +func (m *MockStore) TxUpdateServiceAccount(arg0 context.Context, arg1 db.Account, arg2 types.NodeAttestation) (*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "TxUpdateServiceAccount", arg0, arg1, arg2) + ret0, _ := ret[0].(*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// TxUpdateServiceAccount indicates an expected call of TxUpdateServiceAccount. +func (mr *MockStoreMockRecorder) TxUpdateServiceAccount(arg0, arg1, arg2 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "TxUpdateServiceAccount", reflect.TypeOf((*MockStore)(nil).TxUpdateServiceAccount), arg0, arg1, arg2) +} + +// UpdateInstanceIdentityNodeAttestor mocks base method. +func (m *MockStore) UpdateInstanceIdentityNodeAttestor(arg0 context.Context, arg1 db.UpdateInstanceIdentityNodeAttestorParams) (*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateInstanceIdentityNodeAttestor", arg0, arg1) + ret0, _ := ret[0].(*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateInstanceIdentityNodeAttestor indicates an expected call of UpdateInstanceIdentityNodeAttestor. +func (mr *MockStoreMockRecorder) UpdateInstanceIdentityNodeAttestor(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateInstanceIdentityNodeAttestor", reflect.TypeOf((*MockStore)(nil).UpdateInstanceIdentityNodeAttestor), arg0, arg1) +} + +// UpdateServiceAccount mocks base method. +func (m *MockStore) UpdateServiceAccount(arg0 context.Context, arg1 db.UpdateServiceAccountParams) (*db.Account, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateServiceAccount", arg0, arg1) + ret0, _ := ret[0].(*db.Account) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateServiceAccount indicates an expected call of UpdateServiceAccount. +func (mr *MockStoreMockRecorder) UpdateServiceAccount(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateServiceAccount", reflect.TypeOf((*MockStore)(nil).UpdateServiceAccount), arg0, arg1) +} + +// UpdateUserAuthentication mocks base method. +func (m *MockStore) UpdateUserAuthentication(arg0 context.Context, arg1 db.UpdateUserAuthenticationParams) (*db.User, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateUserAuthentication", arg0, arg1) + ret0, _ := ret[0].(*db.User) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateUserAuthentication indicates an expected call of UpdateUserAuthentication. +func (mr *MockStoreMockRecorder) UpdateUserAuthentication(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateUserAuthentication", reflect.TypeOf((*MockStore)(nil).UpdateUserAuthentication), arg0, arg1) +} + +// UpdateUserPermission mocks base method. +func (m *MockStore) UpdateUserPermission(arg0 context.Context, arg1 db.UpdateUserPermissionParams) (*db.User, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "UpdateUserPermission", arg0, arg1) + ret0, _ := ret[0].(*db.User) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// UpdateUserPermission indicates an expected call of UpdateUserPermission. +func (mr *MockStoreMockRecorder) UpdateUserPermission(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateUserPermission", reflect.TypeOf((*MockStore)(nil).UpdateUserPermission), arg0, arg1) +} diff --git a/db/query/accounts.sql b/db/query/accounts.sql new file mode 100644 index 0000000..4dd6386 --- /dev/null +++ b/db/query/accounts.sql @@ -0,0 +1,61 @@ +-- name: CreateServiceAccount :one +INSERT INTO accounts ( + client_id, + api_token, + service_account, + environment, + team, + email, + regular_expression, + valid_subject_alternate_name, + valid_certificate_authorities, + extended_key, + certificate_validity, + subordinate_ca, + node_attestation, + created_at, + created_by +) VALUES ( + $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15 +) RETURNING *; + +-- name: GetServiceUUID :one +SELECT * FROM accounts +WHERE client_id = $1; + +-- name: GetServiceAccounts :many +SELECT * FROM accounts +WHERE service_account = $1; + +-- name: ListServiceAccounts :many +SELECT * FROM accounts +ORDER BY service_account +LIMIT $1 +OFFSET $2; + +-- name: UpdateServiceAccount :one +UPDATE accounts +SET + environment = $2, + team = $3, + email = $4, + regular_expression = $5, + valid_subject_alternate_name = $6, + valid_certificate_authorities = $7, + extended_key = $8, + certificate_validity = $9, + subordinate_ca = $10, + node_attestation = $11 +WHERE client_id = $1 +RETURNING *; + +-- name: UpdateInstanceIdentityNodeAttestor :one +UPDATE accounts +SET + node_attestation = $2 +WHERE client_id = $1 +RETURNING *; + +-- name: DeleteServiceAccount :exec +DELETE FROM accounts +WHERE client_id = $1; \ No newline at end of file diff --git a/db/query/aws_attestation.sql b/db/query/aws_attestation.sql new file mode 100644 index 0000000..83e99f9 --- /dev/null +++ b/db/query/aws_attestation.sql @@ -0,0 +1,21 @@ +-- name: StoreInstanceIdentityDocument :one +INSERT into aws_attestation ( + client_id, + role_arn, + assume_role, + security_group_id, + region, + instance_id, + image_id, + instance_tags +) VALUES ( + $1, $2, $3, $4, $5, $6, $7, $8 +) RETURNING *; + +-- name: GetInstanceIdentityDocument :one +SELECT * from aws_attestation +WHERE client_id = $1; + +-- name: DeleteInstanceIdentityDocument :exec +DELETE FROM aws_attestation +WHERE client_id = $1; \ No newline at end of file diff --git a/db/query/certificate.sql b/db/query/certificate.sql new file mode 100644 index 0000000..df9ae48 --- /dev/null +++ b/db/query/certificate.sql @@ -0,0 +1,35 @@ +-- name: LogCertificate :one +INSERT INTO certificates ( + serial_number, + account, + environment, + extended_key, + common_name, + subject_alternative_name, + expiration_date, + issued_date, + certificate_authority_arn +) VALUES ( + $1, $2, $3, $4, $5, $6, $7, $8, $9 +) RETURNING *; + +-- name: GetCertificate :one +SELECT * FROM certificates +WHERE serial_number = $1; + +-- name: ListCertificateSubjectAlternativeName :many +SELECT * FROM certificates +WHERE common_name = $1 OR $1 = ANY(subject_alternative_name) +LIMIT $2 +OFFSET $3; + +-- name: ListCertificates :many +SELECT * FROM certificates +ORDER BY certificates +LIMIT $1 +OFFSET $2; + +-- name: RevokeIssuedCertificateSerialNumber :exec +UPDATE certificates +SET revoked = TRUE, revoke_date = $2, revoked_by = $3 +WHERE serial_number = $1; \ No newline at end of file diff --git a/db/query/provisioners.sql b/db/query/provisioners.sql new file mode 100644 index 0000000..e69de29 diff --git a/db/query/users.sql b/db/query/users.sql new file mode 100644 index 0000000..4788712 --- /dev/null +++ b/db/query/users.sql @@ -0,0 +1,37 @@ +-- name: CreateUser :one +INSERT INTO users ( + uuid, + username, + hashed_credential, + full_name, + email, + permissions +) VALUES ( + $1, $2, $3, $4, $5, $6 +) RETURNING *; + +-- name: GetUser :one +SELECT * FROM users +WHERE username = $1 LIMIT 1; + +-- name: ListUsers :many +SELECT * FROM users +ORDER BY username +LIMIT $1 +OFFSET $2; + +-- name: UpdateUserAuthentication :one +UPDATE users +SET hashed_credential = $2, credential_changed_at = now() +WHERE username = $1 +RETURNING *; + +-- name: UpdateUserPermission :one +UPDATE users +SET permissions = $2 +WHERE username = $1 +RETURNING *; + +-- name: DeleteUser :exec +DELETE FROM users +WHERE username = $1; \ No newline at end of file diff --git a/db/sqlc.yaml b/db/sqlc.yaml new file mode 100644 index 0000000..0377ada --- /dev/null +++ b/db/sqlc.yaml @@ -0,0 +1,13 @@ +version: '1' +packages: + - name: 'db' + path: './sqlc' + queries: './query/' + schema: './migration/' + engine: 'postgresql' + emit_json_tags: true + emit_prepared_queries: false + emit_interface: true + emit_exact_table_names: false + emit_empty_slices: true + emit_result_struct_pointers: true diff --git a/db/sqlc/accounts.sql.go b/db/sqlc/accounts.sql.go new file mode 100644 index 0000000..ce82f5a --- /dev/null +++ b/db/sqlc/accounts.sql.go @@ -0,0 +1,329 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.18.0 +// source: accounts.sql + +package db + +import ( + "context" + "database/sql" + "time" + + "github.com/google/uuid" + "github.com/lib/pq" +) + +const createServiceAccount = `-- name: CreateServiceAccount :one +INSERT INTO accounts ( + client_id, + api_token, + service_account, + environment, + team, + email, + regular_expression, + valid_subject_alternate_name, + valid_certificate_authorities, + extended_key, + certificate_validity, + subordinate_ca, + node_attestation, + created_at, + created_by +) VALUES ( + $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15 +) RETURNING client_id, api_token, service_account, environment, team, email, regular_expression, valid_subject_alternate_name, valid_certificate_authorities, extended_key, certificate_validity, subordinate_ca, node_attestation, created_at, created_by +` + +type CreateServiceAccountParams struct { + ClientID uuid.UUID `json:"client_id"` + ApiToken string `json:"api_token"` + ServiceAccount string `json:"service_account"` + Environment string `json:"environment"` + Team string `json:"team"` + Email string `json:"email"` + RegularExpression sql.NullString `json:"regular_expression"` + ValidSubjectAlternateName []string `json:"valid_subject_alternate_name"` + ValidCertificateAuthorities []string `json:"valid_certificate_authorities"` + ExtendedKey string `json:"extended_key"` + CertificateValidity int16 `json:"certificate_validity"` + SubordinateCa string `json:"subordinate_ca"` + NodeAttestation []string `json:"node_attestation"` + CreatedAt time.Time `json:"created_at"` + CreatedBy uuid.UUID `json:"created_by"` +} + +func (q *Queries) CreateServiceAccount(ctx context.Context, arg CreateServiceAccountParams) (*Account, error) { + row := q.db.QueryRowContext(ctx, createServiceAccount, + arg.ClientID, + arg.ApiToken, + arg.ServiceAccount, + arg.Environment, + arg.Team, + arg.Email, + arg.RegularExpression, + pq.Array(arg.ValidSubjectAlternateName), + pq.Array(arg.ValidCertificateAuthorities), + arg.ExtendedKey, + arg.CertificateValidity, + arg.SubordinateCa, + pq.Array(arg.NodeAttestation), + arg.CreatedAt, + arg.CreatedBy, + ) + var i Account + err := row.Scan( + &i.ClientID, + &i.ApiToken, + &i.ServiceAccount, + &i.Environment, + &i.Team, + &i.Email, + &i.RegularExpression, + pq.Array(&i.ValidSubjectAlternateName), + pq.Array(&i.ValidCertificateAuthorities), + &i.ExtendedKey, + &i.CertificateValidity, + &i.SubordinateCa, + pq.Array(&i.NodeAttestation), + &i.CreatedAt, + &i.CreatedBy, + ) + return &i, err +} + +const deleteServiceAccount = `-- name: DeleteServiceAccount :exec +DELETE FROM accounts +WHERE client_id = $1 +` + +func (q *Queries) DeleteServiceAccount(ctx context.Context, clientID uuid.UUID) error { + _, err := q.db.ExecContext(ctx, deleteServiceAccount, clientID) + return err +} + +const getServiceAccounts = `-- name: GetServiceAccounts :many +SELECT client_id, api_token, service_account, environment, team, email, regular_expression, valid_subject_alternate_name, valid_certificate_authorities, extended_key, certificate_validity, subordinate_ca, node_attestation, created_at, created_by FROM accounts +WHERE service_account = $1 +` + +func (q *Queries) GetServiceAccounts(ctx context.Context, serviceAccount string) ([]*Account, error) { + rows, err := q.db.QueryContext(ctx, getServiceAccounts, serviceAccount) + if err != nil { + return nil, err + } + defer rows.Close() + items := []*Account{} + for rows.Next() { + var i Account + if err := rows.Scan( + &i.ClientID, + &i.ApiToken, + &i.ServiceAccount, + &i.Environment, + &i.Team, + &i.Email, + &i.RegularExpression, + pq.Array(&i.ValidSubjectAlternateName), + pq.Array(&i.ValidCertificateAuthorities), + &i.ExtendedKey, + &i.CertificateValidity, + &i.SubordinateCa, + pq.Array(&i.NodeAttestation), + &i.CreatedAt, + &i.CreatedBy, + ); err != nil { + return nil, err + } + items = append(items, &i) + } + if err := rows.Close(); err != nil { + return nil, err + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const getServiceUUID = `-- name: GetServiceUUID :one +SELECT client_id, api_token, service_account, environment, team, email, regular_expression, valid_subject_alternate_name, valid_certificate_authorities, extended_key, certificate_validity, subordinate_ca, node_attestation, created_at, created_by FROM accounts +WHERE client_id = $1 +` + +func (q *Queries) GetServiceUUID(ctx context.Context, clientID uuid.UUID) (*Account, error) { + row := q.db.QueryRowContext(ctx, getServiceUUID, clientID) + var i Account + err := row.Scan( + &i.ClientID, + &i.ApiToken, + &i.ServiceAccount, + &i.Environment, + &i.Team, + &i.Email, + &i.RegularExpression, + pq.Array(&i.ValidSubjectAlternateName), + pq.Array(&i.ValidCertificateAuthorities), + &i.ExtendedKey, + &i.CertificateValidity, + &i.SubordinateCa, + pq.Array(&i.NodeAttestation), + &i.CreatedAt, + &i.CreatedBy, + ) + return &i, err +} + +const listServiceAccounts = `-- name: ListServiceAccounts :many +SELECT client_id, api_token, service_account, environment, team, email, regular_expression, valid_subject_alternate_name, valid_certificate_authorities, extended_key, certificate_validity, subordinate_ca, node_attestation, created_at, created_by FROM accounts +ORDER BY service_account +LIMIT $1 +OFFSET $2 +` + +type ListServiceAccountsParams struct { + Limit int32 `json:"limit"` + Offset int32 `json:"offset"` +} + +func (q *Queries) ListServiceAccounts(ctx context.Context, arg ListServiceAccountsParams) ([]*Account, error) { + rows, err := q.db.QueryContext(ctx, listServiceAccounts, arg.Limit, arg.Offset) + if err != nil { + return nil, err + } + defer rows.Close() + items := []*Account{} + for rows.Next() { + var i Account + if err := rows.Scan( + &i.ClientID, + &i.ApiToken, + &i.ServiceAccount, + &i.Environment, + &i.Team, + &i.Email, + &i.RegularExpression, + pq.Array(&i.ValidSubjectAlternateName), + pq.Array(&i.ValidCertificateAuthorities), + &i.ExtendedKey, + &i.CertificateValidity, + &i.SubordinateCa, + pq.Array(&i.NodeAttestation), + &i.CreatedAt, + &i.CreatedBy, + ); err != nil { + return nil, err + } + items = append(items, &i) + } + if err := rows.Close(); err != nil { + return nil, err + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const updateInstanceIdentityNodeAttestor = `-- name: UpdateInstanceIdentityNodeAttestor :one +UPDATE accounts +SET + node_attestation = $2 +WHERE client_id = $1 +RETURNING client_id, api_token, service_account, environment, team, email, regular_expression, valid_subject_alternate_name, valid_certificate_authorities, extended_key, certificate_validity, subordinate_ca, node_attestation, created_at, created_by +` + +type UpdateInstanceIdentityNodeAttestorParams struct { + ClientID uuid.UUID `json:"client_id"` + NodeAttestation []string `json:"node_attestation"` +} + +func (q *Queries) UpdateInstanceIdentityNodeAttestor(ctx context.Context, arg UpdateInstanceIdentityNodeAttestorParams) (*Account, error) { + row := q.db.QueryRowContext(ctx, updateInstanceIdentityNodeAttestor, arg.ClientID, pq.Array(arg.NodeAttestation)) + var i Account + err := row.Scan( + &i.ClientID, + &i.ApiToken, + &i.ServiceAccount, + &i.Environment, + &i.Team, + &i.Email, + &i.RegularExpression, + pq.Array(&i.ValidSubjectAlternateName), + pq.Array(&i.ValidCertificateAuthorities), + &i.ExtendedKey, + &i.CertificateValidity, + &i.SubordinateCa, + pq.Array(&i.NodeAttestation), + &i.CreatedAt, + &i.CreatedBy, + ) + return &i, err +} + +const updateServiceAccount = `-- name: UpdateServiceAccount :one +UPDATE accounts +SET + environment = $2, + team = $3, + email = $4, + regular_expression = $5, + valid_subject_alternate_name = $6, + valid_certificate_authorities = $7, + extended_key = $8, + certificate_validity = $9, + subordinate_ca = $10, + node_attestation = $11 +WHERE client_id = $1 +RETURNING client_id, api_token, service_account, environment, team, email, regular_expression, valid_subject_alternate_name, valid_certificate_authorities, extended_key, certificate_validity, subordinate_ca, node_attestation, created_at, created_by +` + +type UpdateServiceAccountParams struct { + ClientID uuid.UUID `json:"client_id"` + Environment string `json:"environment"` + Team string `json:"team"` + Email string `json:"email"` + RegularExpression sql.NullString `json:"regular_expression"` + ValidSubjectAlternateName []string `json:"valid_subject_alternate_name"` + ValidCertificateAuthorities []string `json:"valid_certificate_authorities"` + ExtendedKey string `json:"extended_key"` + CertificateValidity int16 `json:"certificate_validity"` + SubordinateCa string `json:"subordinate_ca"` + NodeAttestation []string `json:"node_attestation"` +} + +func (q *Queries) UpdateServiceAccount(ctx context.Context, arg UpdateServiceAccountParams) (*Account, error) { + row := q.db.QueryRowContext(ctx, updateServiceAccount, + arg.ClientID, + arg.Environment, + arg.Team, + arg.Email, + arg.RegularExpression, + pq.Array(arg.ValidSubjectAlternateName), + pq.Array(arg.ValidCertificateAuthorities), + arg.ExtendedKey, + arg.CertificateValidity, + arg.SubordinateCa, + pq.Array(arg.NodeAttestation), + ) + var i Account + err := row.Scan( + &i.ClientID, + &i.ApiToken, + &i.ServiceAccount, + &i.Environment, + &i.Team, + &i.Email, + &i.RegularExpression, + pq.Array(&i.ValidSubjectAlternateName), + pq.Array(&i.ValidCertificateAuthorities), + &i.ExtendedKey, + &i.CertificateValidity, + &i.SubordinateCa, + pq.Array(&i.NodeAttestation), + &i.CreatedAt, + &i.CreatedBy, + ) + return &i, err +} diff --git a/db/sqlc/aws_attestation.sql.go b/db/sqlc/aws_attestation.sql.go new file mode 100644 index 0000000..7d7ed10 --- /dev/null +++ b/db/sqlc/aws_attestation.sql.go @@ -0,0 +1,97 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.18.0 +// source: aws_attestation.sql + +package db + +import ( + "context" + "database/sql" + + "github.com/google/uuid" + "github.com/lib/pq" + "github.com/tabbed/pqtype" +) + +const deleteInstanceIdentityDocument = `-- name: DeleteInstanceIdentityDocument :exec +DELETE FROM aws_attestation +WHERE client_id = $1 +` + +func (q *Queries) DeleteInstanceIdentityDocument(ctx context.Context, clientID uuid.UUID) error { + _, err := q.db.ExecContext(ctx, deleteInstanceIdentityDocument, clientID) + return err +} + +const getInstanceIdentityDocument = `-- name: GetInstanceIdentityDocument :one +SELECT client_id, role_arn, assume_role, security_group_id, region, instance_id, image_id, instance_tags from aws_attestation +WHERE client_id = $1 +` + +func (q *Queries) GetInstanceIdentityDocument(ctx context.Context, clientID uuid.UUID) (*AwsAttestation, error) { + row := q.db.QueryRowContext(ctx, getInstanceIdentityDocument, clientID) + var i AwsAttestation + err := row.Scan( + &i.ClientID, + &i.RoleArn, + &i.AssumeRole, + pq.Array(&i.SecurityGroupID), + &i.Region, + &i.InstanceID, + &i.ImageID, + &i.InstanceTags, + ) + return &i, err +} + +const storeInstanceIdentityDocument = `-- name: StoreInstanceIdentityDocument :one +INSERT into aws_attestation ( + client_id, + role_arn, + assume_role, + security_group_id, + region, + instance_id, + image_id, + instance_tags +) VALUES ( + $1, $2, $3, $4, $5, $6, $7, $8 +) RETURNING client_id, role_arn, assume_role, security_group_id, region, instance_id, image_id, instance_tags +` + +type StoreInstanceIdentityDocumentParams struct { + ClientID uuid.UUID `json:"client_id"` + RoleArn sql.NullString `json:"role_arn"` + AssumeRole sql.NullString `json:"assume_role"` + SecurityGroupID []string `json:"security_group_id"` + Region sql.NullString `json:"region"` + InstanceID sql.NullString `json:"instance_id"` + ImageID sql.NullString `json:"image_id"` + InstanceTags pqtype.NullRawMessage `json:"instance_tags"` +} + +func (q *Queries) StoreInstanceIdentityDocument(ctx context.Context, arg StoreInstanceIdentityDocumentParams) (*AwsAttestation, error) { + row := q.db.QueryRowContext(ctx, storeInstanceIdentityDocument, + arg.ClientID, + arg.RoleArn, + arg.AssumeRole, + pq.Array(arg.SecurityGroupID), + arg.Region, + arg.InstanceID, + arg.ImageID, + arg.InstanceTags, + ) + var i AwsAttestation + err := row.Scan( + &i.ClientID, + &i.RoleArn, + &i.AssumeRole, + pq.Array(&i.SecurityGroupID), + &i.Region, + &i.InstanceID, + &i.ImageID, + &i.InstanceTags, + ) + return &i, err +} diff --git a/db/sqlc/certificate.sql.go b/db/sqlc/certificate.sql.go new file mode 100644 index 0000000..33a10c9 --- /dev/null +++ b/db/sqlc/certificate.sql.go @@ -0,0 +1,211 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.18.0 +// source: certificate.sql + +package db + +import ( + "context" + "database/sql" + "time" + + "github.com/lib/pq" +) + +const getCertificate = `-- name: GetCertificate :one +SELECT serial_number, account, environment, extended_key, common_name, subject_alternative_name, expiration_date, issued_date, revoked, revoked_by, revoke_date, certificate_authority_arn FROM certificates +WHERE serial_number = $1 +` + +func (q *Queries) GetCertificate(ctx context.Context, serialNumber string) (*Certificate, error) { + row := q.db.QueryRowContext(ctx, getCertificate, serialNumber) + var i Certificate + err := row.Scan( + &i.SerialNumber, + &i.Account, + &i.Environment, + &i.ExtendedKey, + &i.CommonName, + pq.Array(&i.SubjectAlternativeName), + &i.ExpirationDate, + &i.IssuedDate, + &i.Revoked, + &i.RevokedBy, + &i.RevokeDate, + &i.CertificateAuthorityArn, + ) + return &i, err +} + +const listCertificateSubjectAlternativeName = `-- name: ListCertificateSubjectAlternativeName :many +SELECT serial_number, account, environment, extended_key, common_name, subject_alternative_name, expiration_date, issued_date, revoked, revoked_by, revoke_date, certificate_authority_arn FROM certificates +WHERE common_name = $1 OR $1 = ANY(subject_alternative_name) +LIMIT $2 +OFFSET $3 +` + +type ListCertificateSubjectAlternativeNameParams struct { + CommonName string `json:"common_name"` + Limit int32 `json:"limit"` + Offset int32 `json:"offset"` +} + +func (q *Queries) ListCertificateSubjectAlternativeName(ctx context.Context, arg ListCertificateSubjectAlternativeNameParams) ([]*Certificate, error) { + rows, err := q.db.QueryContext(ctx, listCertificateSubjectAlternativeName, arg.CommonName, arg.Limit, arg.Offset) + if err != nil { + return nil, err + } + defer rows.Close() + items := []*Certificate{} + for rows.Next() { + var i Certificate + if err := rows.Scan( + &i.SerialNumber, + &i.Account, + &i.Environment, + &i.ExtendedKey, + &i.CommonName, + pq.Array(&i.SubjectAlternativeName), + &i.ExpirationDate, + &i.IssuedDate, + &i.Revoked, + &i.RevokedBy, + &i.RevokeDate, + &i.CertificateAuthorityArn, + ); err != nil { + return nil, err + } + items = append(items, &i) + } + if err := rows.Close(); err != nil { + return nil, err + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const listCertificates = `-- name: ListCertificates :many +SELECT serial_number, account, environment, extended_key, common_name, subject_alternative_name, expiration_date, issued_date, revoked, revoked_by, revoke_date, certificate_authority_arn FROM certificates +ORDER BY certificates +LIMIT $1 +OFFSET $2 +` + +type ListCertificatesParams struct { + Limit int32 `json:"limit"` + Offset int32 `json:"offset"` +} + +func (q *Queries) ListCertificates(ctx context.Context, arg ListCertificatesParams) ([]*Certificate, error) { + rows, err := q.db.QueryContext(ctx, listCertificates, arg.Limit, arg.Offset) + if err != nil { + return nil, err + } + defer rows.Close() + items := []*Certificate{} + for rows.Next() { + var i Certificate + if err := rows.Scan( + &i.SerialNumber, + &i.Account, + &i.Environment, + &i.ExtendedKey, + &i.CommonName, + pq.Array(&i.SubjectAlternativeName), + &i.ExpirationDate, + &i.IssuedDate, + &i.Revoked, + &i.RevokedBy, + &i.RevokeDate, + &i.CertificateAuthorityArn, + ); err != nil { + return nil, err + } + items = append(items, &i) + } + if err := rows.Close(); err != nil { + return nil, err + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const logCertificate = `-- name: LogCertificate :one +INSERT INTO certificates ( + serial_number, + account, + environment, + extended_key, + common_name, + subject_alternative_name, + expiration_date, + issued_date, + certificate_authority_arn +) VALUES ( + $1, $2, $3, $4, $5, $6, $7, $8, $9 +) RETURNING serial_number, account, environment, extended_key, common_name, subject_alternative_name, expiration_date, issued_date, revoked, revoked_by, revoke_date, certificate_authority_arn +` + +type LogCertificateParams struct { + SerialNumber string `json:"serial_number"` + Account string `json:"account"` + Environment string `json:"environment"` + ExtendedKey string `json:"extended_key"` + CommonName string `json:"common_name"` + SubjectAlternativeName []string `json:"subject_alternative_name"` + ExpirationDate time.Time `json:"expiration_date"` + IssuedDate time.Time `json:"issued_date"` + CertificateAuthorityArn sql.NullString `json:"certificate_authority_arn"` +} + +func (q *Queries) LogCertificate(ctx context.Context, arg LogCertificateParams) (*Certificate, error) { + row := q.db.QueryRowContext(ctx, logCertificate, + arg.SerialNumber, + arg.Account, + arg.Environment, + arg.ExtendedKey, + arg.CommonName, + pq.Array(arg.SubjectAlternativeName), + arg.ExpirationDate, + arg.IssuedDate, + arg.CertificateAuthorityArn, + ) + var i Certificate + err := row.Scan( + &i.SerialNumber, + &i.Account, + &i.Environment, + &i.ExtendedKey, + &i.CommonName, + pq.Array(&i.SubjectAlternativeName), + &i.ExpirationDate, + &i.IssuedDate, + &i.Revoked, + &i.RevokedBy, + &i.RevokeDate, + &i.CertificateAuthorityArn, + ) + return &i, err +} + +const revokeIssuedCertificateSerialNumber = `-- name: RevokeIssuedCertificateSerialNumber :exec +UPDATE certificates +SET revoked = TRUE, revoke_date = $2, revoked_by = $3 +WHERE serial_number = $1 +` + +type RevokeIssuedCertificateSerialNumberParams struct { + SerialNumber string `json:"serial_number"` + RevokeDate sql.NullTime `json:"revoke_date"` + RevokedBy sql.NullString `json:"revoked_by"` +} + +func (q *Queries) RevokeIssuedCertificateSerialNumber(ctx context.Context, arg RevokeIssuedCertificateSerialNumberParams) error { + _, err := q.db.ExecContext(ctx, revokeIssuedCertificateSerialNumber, arg.SerialNumber, arg.RevokeDate, arg.RevokedBy) + return err +} diff --git a/db/sqlc/common.go b/db/sqlc/common.go new file mode 100644 index 0000000..172e4ca --- /dev/null +++ b/db/sqlc/common.go @@ -0,0 +1,19 @@ +package db + +import "github.com/coinbase/baseca/internal/types" + +type CertificateResponseData struct { + Certificate string `json:"certificate"` + CertificateChain string `json:"certificate_chain,omitempty"` + Metadata types.CertificateMetadata `json:"metadata"` +} + +type DatabaseEndpoints struct { + Writer Store + Reader Store +} + +type CachedServiceAccount struct { + ServiceAccount Account `json:"service_account"` + AwsIid AwsAttestation `json:"aws_iid"` +} diff --git a/db/sqlc/db.go b/db/sqlc/db.go new file mode 100644 index 0000000..e0b5347 --- /dev/null +++ b/db/sqlc/db.go @@ -0,0 +1,31 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.18.0 + +package db + +import ( + "context" + "database/sql" +) + +type DBTX interface { + ExecContext(context.Context, string, ...interface{}) (sql.Result, error) + PrepareContext(context.Context, string) (*sql.Stmt, error) + QueryContext(context.Context, string, ...interface{}) (*sql.Rows, error) + QueryRowContext(context.Context, string, ...interface{}) *sql.Row +} + +func New(db DBTX) *Queries { + return &Queries{db: db} +} + +type Queries struct { + db DBTX +} + +func (q *Queries) WithTx(tx *sql.Tx) *Queries { + return &Queries{ + db: tx, + } +} diff --git a/db/sqlc/models.go b/db/sqlc/models.go new file mode 100644 index 0000000..74b3c5a --- /dev/null +++ b/db/sqlc/models.go @@ -0,0 +1,83 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.18.0 + +package db + +import ( + "database/sql" + "time" + + "github.com/google/uuid" + "github.com/tabbed/pqtype" +) + +type Account struct { + ClientID uuid.UUID `json:"client_id"` + ApiToken string `json:"api_token"` + ServiceAccount string `json:"service_account"` + Environment string `json:"environment"` + Team string `json:"team"` + Email string `json:"email"` + RegularExpression sql.NullString `json:"regular_expression"` + ValidSubjectAlternateName []string `json:"valid_subject_alternate_name"` + ValidCertificateAuthorities []string `json:"valid_certificate_authorities"` + ExtendedKey string `json:"extended_key"` + CertificateValidity int16 `json:"certificate_validity"` + SubordinateCa string `json:"subordinate_ca"` + NodeAttestation []string `json:"node_attestation"` + CreatedAt time.Time `json:"created_at"` + CreatedBy uuid.UUID `json:"created_by"` +} + +type AwsAttestation struct { + ClientID uuid.UUID `json:"client_id"` + RoleArn sql.NullString `json:"role_arn"` + AssumeRole sql.NullString `json:"assume_role"` + SecurityGroupID []string `json:"security_group_id"` + Region sql.NullString `json:"region"` + InstanceID sql.NullString `json:"instance_id"` + ImageID sql.NullString `json:"image_id"` + InstanceTags pqtype.NullRawMessage `json:"instance_tags"` +} + +type Certificate struct { + SerialNumber string `json:"serial_number"` + Account string `json:"account"` + Environment string `json:"environment"` + ExtendedKey string `json:"extended_key"` + CommonName string `json:"common_name"` + SubjectAlternativeName []string `json:"subject_alternative_name"` + ExpirationDate time.Time `json:"expiration_date"` + IssuedDate time.Time `json:"issued_date"` + Revoked bool `json:"revoked"` + RevokedBy sql.NullString `json:"revoked_by"` + RevokeDate sql.NullTime `json:"revoke_date"` + CertificateAuthorityArn sql.NullString `json:"certificate_authority_arn"` +} + +type Provisioner struct { + ClientID uuid.UUID `json:"client_id"` + ApiToken string `json:"api_token"` + ProvisionerAccount string `json:"provisioner_account"` + Environments []string `json:"environments"` + Team string `json:"team"` + Email string `json:"email"` + RegularExpression sql.NullString `json:"regular_expression"` + ValidSubjectAlternateNames []string `json:"valid_subject_alternate_names"` + ExtendedKeys []string `json:"extended_keys"` + MaxCertificateValidity int16 `json:"max_certificate_validity"` + CreatedAt time.Time `json:"created_at"` + CreatedBy uuid.UUID `json:"created_by"` +} + +type User struct { + Uuid uuid.UUID `json:"uuid"` + Username string `json:"username"` + HashedCredential string `json:"hashed_credential"` + FullName string `json:"full_name"` + Email string `json:"email"` + Permissions string `json:"permissions"` + CredentialChangedAt time.Time `json:"credential_changed_at"` + CreatedAt time.Time `json:"created_at"` +} diff --git a/db/sqlc/querier.go b/db/sqlc/querier.go new file mode 100644 index 0000000..2480f70 --- /dev/null +++ b/db/sqlc/querier.go @@ -0,0 +1,37 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.18.0 + +package db + +import ( + "context" + + "github.com/google/uuid" +) + +type Querier interface { + CreateServiceAccount(ctx context.Context, arg CreateServiceAccountParams) (*Account, error) + CreateUser(ctx context.Context, arg CreateUserParams) (*User, error) + DeleteInstanceIdentityDocument(ctx context.Context, clientID uuid.UUID) error + DeleteServiceAccount(ctx context.Context, clientID uuid.UUID) error + DeleteUser(ctx context.Context, username string) error + GetCertificate(ctx context.Context, serialNumber string) (*Certificate, error) + GetInstanceIdentityDocument(ctx context.Context, clientID uuid.UUID) (*AwsAttestation, error) + GetServiceAccounts(ctx context.Context, serviceAccount string) ([]*Account, error) + GetServiceUUID(ctx context.Context, clientID uuid.UUID) (*Account, error) + GetUser(ctx context.Context, username string) (*User, error) + ListCertificateSubjectAlternativeName(ctx context.Context, arg ListCertificateSubjectAlternativeNameParams) ([]*Certificate, error) + ListCertificates(ctx context.Context, arg ListCertificatesParams) ([]*Certificate, error) + ListServiceAccounts(ctx context.Context, arg ListServiceAccountsParams) ([]*Account, error) + ListUsers(ctx context.Context, arg ListUsersParams) ([]*User, error) + LogCertificate(ctx context.Context, arg LogCertificateParams) (*Certificate, error) + RevokeIssuedCertificateSerialNumber(ctx context.Context, arg RevokeIssuedCertificateSerialNumberParams) error + StoreInstanceIdentityDocument(ctx context.Context, arg StoreInstanceIdentityDocumentParams) (*AwsAttestation, error) + UpdateInstanceIdentityNodeAttestor(ctx context.Context, arg UpdateInstanceIdentityNodeAttestorParams) (*Account, error) + UpdateServiceAccount(ctx context.Context, arg UpdateServiceAccountParams) (*Account, error) + UpdateUserAuthentication(ctx context.Context, arg UpdateUserAuthenticationParams) (*User, error) + UpdateUserPermission(ctx context.Context, arg UpdateUserPermissionParams) (*User, error) +} + +var _ Querier = (*Queries)(nil) diff --git a/db/sqlc/store.go b/db/sqlc/store.go new file mode 100644 index 0000000..8d61a5b --- /dev/null +++ b/db/sqlc/store.go @@ -0,0 +1,52 @@ +package db + +import ( + "context" + "database/sql" + "fmt" + + "github.com/coinbase/baseca/internal/types" + "github.com/google/uuid" +) + +type Store interface { + Querier + TxCreateServiceAccount(ctx context.Context, arg CreateServiceAccountParams, iid StoreInstanceIdentityDocumentParams) (*Account, error) + TxDeleteServiceAccount(ctx context.Context, client_id uuid.UUID) error + TxUpdateServiceAccount(ctx context.Context, arg Account, attestation types.NodeAttestation) (*Account, error) +} +type SQLStore struct { + db *sql.DB + *Queries +} + +func BuildDatastore(db *sql.DB) Store { + return &SQLStore{ + db: db, + Queries: New(db), + } +} + +func BuildReadDatastore(db *sql.DB) Store { + return &SQLStore{ + db: db, + Queries: New(db), + } +} + +func (store *SQLStore) execTx(ctx context.Context, fn func(*Queries) error) error { + tx, err := store.db.BeginTx(ctx, nil) + if err != nil { + return err + } + + query := New(tx) + err = fn(query) + if err != nil { + if rollbackErr := tx.Rollback(); rollbackErr != nil { + return fmt.Errorf("tx error: %v, rollback error: %v", err, rollbackErr) + } + return err + } + return tx.Commit() +} diff --git a/db/sqlc/tx_service_account.go b/db/sqlc/tx_service_account.go new file mode 100644 index 0000000..e00515b --- /dev/null +++ b/db/sqlc/tx_service_account.go @@ -0,0 +1,51 @@ +package db + +import ( + "context" + + "github.com/google/uuid" +) + +func (store *SQLStore) TxCreateServiceAccount(ctx context.Context, arg CreateServiceAccountParams, iid StoreInstanceIdentityDocumentParams) (*Account, error) { + var serviceAccountResponse *Account + + err := store.execTx(ctx, func(q *Queries) error { + var err error + + serviceAccountResponse, err = store.CreateServiceAccount(ctx, arg) + if err != nil { + return err + } + + for _, node_attestation := range arg.NodeAttestation { + switch node_attestation { + case "AWS_IID": + // Add to AWS_IID Database + _, err = store.StoreInstanceIdentityDocument(ctx, iid) + if err != nil { + return err + } + } + } + return nil + }) + return serviceAccountResponse, err +} + +func (store *SQLStore) TxDeleteServiceAccount(ctx context.Context, client_id uuid.UUID) error { + err := store.execTx(ctx, func(q *Queries) error { + var err error + + err = store.DeleteInstanceIdentityDocument(ctx, client_id) + if err != nil { + return err + } + + err = store.DeleteServiceAccount(ctx, client_id) + if err != nil { + return err + } + return err + }) + return err +} diff --git a/db/sqlc/tx_update_account.go b/db/sqlc/tx_update_account.go new file mode 100644 index 0000000..815eba7 --- /dev/null +++ b/db/sqlc/tx_update_account.go @@ -0,0 +1,66 @@ +package db + +import ( + "context" + "database/sql" + + "github.com/coinbase/baseca/internal/types" + "github.com/coinbase/baseca/internal/validator" +) + +func (store *SQLStore) TxUpdateServiceAccount(ctx context.Context, arg Account, attestation types.NodeAttestation) (*Account, error) { + var serviceAccountResponse *Account + // TODO: Input Validation for Service Account + + updateServiceAccountInput := UpdateServiceAccountParams{ + ClientID: arg.ClientID, + Environment: arg.Environment, + Team: arg.Team, + Email: arg.Email, + RegularExpression: arg.RegularExpression, + ValidSubjectAlternateName: arg.ValidCertificateAuthorities, + ValidCertificateAuthorities: arg.ValidCertificateAuthorities, + ExtendedKey: arg.ExtendedKey, + CertificateValidity: arg.CertificateValidity, + SubordinateCa: arg.SubordinateCa, + NodeAttestation: arg.NodeAttestation, + } + + raw_message, err := validator.MapToNullRawMessage(attestation.AWSInstanceIdentityDocument.InstanceTags) + if err != nil { + return nil, err + } + + iid := StoreInstanceIdentityDocumentParams{ + ClientID: arg.ClientID, + RoleArn: sql.NullString{String: attestation.AWSInstanceIdentityDocument.RoleArn, Valid: len(attestation.AWSInstanceIdentityDocument.RoleArn) != 0}, + AssumeRole: sql.NullString{String: attestation.AWSInstanceIdentityDocument.AssumeRole, Valid: len(attestation.AWSInstanceIdentityDocument.AssumeRole) != 0}, + SecurityGroupID: attestation.AWSInstanceIdentityDocument.SecurityGroups, + Region: sql.NullString{String: attestation.AWSInstanceIdentityDocument.Region, Valid: len(attestation.AWSInstanceIdentityDocument.Region) != 0}, + InstanceID: sql.NullString{String: attestation.AWSInstanceIdentityDocument.InstanceID, Valid: len(attestation.AWSInstanceIdentityDocument.InstanceID) != 0}, + ImageID: sql.NullString{String: attestation.AWSInstanceIdentityDocument.ImageID, Valid: len(attestation.AWSInstanceIdentityDocument.ImageID) != 0}, + InstanceTags: raw_message, + } + + err = store.execTx(ctx, func(q *Queries) error { + var err error + + serviceAccountResponse, err = store.UpdateServiceAccount(ctx, updateServiceAccountInput) + if err != nil { + return err + } + + for _, node_attestation := range arg.NodeAttestation { + switch node_attestation { + case types.Attestation.AWS_IID: + // Add to AWS_IID Database + _, err = store.StoreInstanceIdentityDocument(ctx, iid) + if err != nil { + return err + } + } + } + return nil + }) + return serviceAccountResponse, err +} diff --git a/db/sqlc/users.sql.go b/db/sqlc/users.sql.go new file mode 100644 index 0000000..10f8410 --- /dev/null +++ b/db/sqlc/users.sql.go @@ -0,0 +1,188 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.18.0 +// source: users.sql + +package db + +import ( + "context" + + "github.com/google/uuid" +) + +const createUser = `-- name: CreateUser :one +INSERT INTO users ( + uuid, + username, + hashed_credential, + full_name, + email, + permissions +) VALUES ( + $1, $2, $3, $4, $5, $6 +) RETURNING uuid, username, hashed_credential, full_name, email, permissions, credential_changed_at, created_at +` + +type CreateUserParams struct { + Uuid uuid.UUID `json:"uuid"` + Username string `json:"username"` + HashedCredential string `json:"hashed_credential"` + FullName string `json:"full_name"` + Email string `json:"email"` + Permissions string `json:"permissions"` +} + +func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (*User, error) { + row := q.db.QueryRowContext(ctx, createUser, + arg.Uuid, + arg.Username, + arg.HashedCredential, + arg.FullName, + arg.Email, + arg.Permissions, + ) + var i User + err := row.Scan( + &i.Uuid, + &i.Username, + &i.HashedCredential, + &i.FullName, + &i.Email, + &i.Permissions, + &i.CredentialChangedAt, + &i.CreatedAt, + ) + return &i, err +} + +const deleteUser = `-- name: DeleteUser :exec +DELETE FROM users +WHERE username = $1 +` + +func (q *Queries) DeleteUser(ctx context.Context, username string) error { + _, err := q.db.ExecContext(ctx, deleteUser, username) + return err +} + +const getUser = `-- name: GetUser :one +SELECT uuid, username, hashed_credential, full_name, email, permissions, credential_changed_at, created_at FROM users +WHERE username = $1 LIMIT 1 +` + +func (q *Queries) GetUser(ctx context.Context, username string) (*User, error) { + row := q.db.QueryRowContext(ctx, getUser, username) + var i User + err := row.Scan( + &i.Uuid, + &i.Username, + &i.HashedCredential, + &i.FullName, + &i.Email, + &i.Permissions, + &i.CredentialChangedAt, + &i.CreatedAt, + ) + return &i, err +} + +const listUsers = `-- name: ListUsers :many +SELECT uuid, username, hashed_credential, full_name, email, permissions, credential_changed_at, created_at FROM users +ORDER BY username +LIMIT $1 +OFFSET $2 +` + +type ListUsersParams struct { + Limit int32 `json:"limit"` + Offset int32 `json:"offset"` +} + +func (q *Queries) ListUsers(ctx context.Context, arg ListUsersParams) ([]*User, error) { + rows, err := q.db.QueryContext(ctx, listUsers, arg.Limit, arg.Offset) + if err != nil { + return nil, err + } + defer rows.Close() + items := []*User{} + for rows.Next() { + var i User + if err := rows.Scan( + &i.Uuid, + &i.Username, + &i.HashedCredential, + &i.FullName, + &i.Email, + &i.Permissions, + &i.CredentialChangedAt, + &i.CreatedAt, + ); err != nil { + return nil, err + } + items = append(items, &i) + } + if err := rows.Close(); err != nil { + return nil, err + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const updateUserAuthentication = `-- name: UpdateUserAuthentication :one +UPDATE users +SET hashed_credential = $2, credential_changed_at = now() +WHERE username = $1 +RETURNING uuid, username, hashed_credential, full_name, email, permissions, credential_changed_at, created_at +` + +type UpdateUserAuthenticationParams struct { + Username string `json:"username"` + HashedCredential string `json:"hashed_credential"` +} + +func (q *Queries) UpdateUserAuthentication(ctx context.Context, arg UpdateUserAuthenticationParams) (*User, error) { + row := q.db.QueryRowContext(ctx, updateUserAuthentication, arg.Username, arg.HashedCredential) + var i User + err := row.Scan( + &i.Uuid, + &i.Username, + &i.HashedCredential, + &i.FullName, + &i.Email, + &i.Permissions, + &i.CredentialChangedAt, + &i.CreatedAt, + ) + return &i, err +} + +const updateUserPermission = `-- name: UpdateUserPermission :one +UPDATE users +SET permissions = $2 +WHERE username = $1 +RETURNING uuid, username, hashed_credential, full_name, email, permissions, credential_changed_at, created_at +` + +type UpdateUserPermissionParams struct { + Username string `json:"username"` + Permissions string `json:"permissions"` +} + +func (q *Queries) UpdateUserPermission(ctx context.Context, arg UpdateUserPermissionParams) (*User, error) { + row := q.db.QueryRowContext(ctx, updateUserPermission, arg.Username, arg.Permissions) + var i User + err := row.Scan( + &i.Uuid, + &i.Username, + &i.HashedCredential, + &i.FullName, + &i.Email, + &i.Permissions, + &i.CredentialChangedAt, + &i.CreatedAt, + ) + return &i, err +} diff --git a/docs/ARCHITECTURE.md b/docs/ARCHITECTURE.md new file mode 100644 index 0000000..efb1b8d --- /dev/null +++ b/docs/ARCHITECTURE.md @@ -0,0 +1,34 @@ +# `baseca` Architecture + +At the core, `baseca` is a control plane used to issue certificates for service accounts within a granted scope. Instead of issuing [`end-entity certificates`](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#EndEntityServerAuthCertificate-V1) directly from AWS, baseca issues [`subordinate certificate authorities`](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#SubordinateCACertificate_PathLen0-V1) from upstream Root Certificate or Intermediate Certificate Authorities from Private CA. When certificate signing requests (CSR) are sent to `baseca`, the service authenticates and validates based off the scope of the service account and signs the CSR in memory within the control plane. + + + +Prior to client authentication, a service account must be provisioned for baseca. For detailed information on service accounts and their associated scopes, please refer to the [`SCOPE.md`](SCOPE.md) document. + +Upon receiving an RPC request, baseca validates the client's credentials against the stored service account within RDS. Successful authentication triggers a Node Attestation process which verifies that the request originates from the designated instance. If the request signature fails to match the scope outlined in the service account, authentication will be denied. + +Post-authentication, the Certificate Signing Request (CSR) attached to the request is verified, and an X.509 certificate is issued corresponding to the scopes of the service account. During the certificate signing process, baseca checks the `/tmp/baseca/ssl` directory for an existing Subordinate Certificate Authority (CA). If none exists, baseca communicates with AWS Private CA using the `SubordinateCACertificate_PathLen0/V1` template to generate a Subordinate CA. This Subordinate CA is then stored in memory and utilized for signing incoming requests that share the same `subordinate_ca` scope. + + +```sh +# Example of baseca Host Filesystem + +/tmp +└── baseca + └── ssl + ├── subordinate_a_development + │ ├── acm-ca.txt + │ ├── ca-intermediate.crt + │ ├── ca-root.crt + │ ├── ca-subordinate.crt + │ ├── ca-subordinate.key + │ └── serial.txt + ├── subordinate_a_production + ├── subordinate_b_development + └── subordinate_b_production +``` + +Because baseca performs signing, AWS Private CA does not have access to data about issued end-entity certificates as it only is able to track issued Subordinate CAs. However, it is essential to maintain a link between each Subordinate CA and the respective end-entity certificates. To achieve this, baseca streams this data via Kinesis Firehose to S3 after every successful request, thereby maintaining a record. + + diff --git a/docs/CONFIGURATION.md b/docs/CONFIGURATION.md new file mode 100644 index 0000000..f2039a2 --- /dev/null +++ b/docs/CONFIGURATION.md @@ -0,0 +1,95 @@ +```yml +grpc_server_address: 0.0.0.0:9090 # baseca gRPC Server Port + +ocsp_server: # Optional + - production.ocsp.example.com # Custom OCSP Server URL + +database: + database_driver: postgres # Do Not Modify + database_table: baseca # Database Table Name + database_endpoint: xxxxxx.cluster.xxxxxx.us-east-1.rds.amazonaws.com # Database Writer Endpoint + database_reader_endpoint: xxxxxx.cluster-ro.xxxxxx.us-east-1.rds.amazonaws.com # Database Reader Endpoint + database_user: root # Database User + database_port: 5432 # Database Port + region: us-east-1 # RDS Region + ssl_mode: verify-full # RDS SSL Mode + +redis: + cluster_endpoint: xxxxxx.xxxxxx.0001.use1.cache.amazonaws.com # Redis Endpoint + port: 6379 # Redis Port + rate_limit: 20 # 5-minute Sliding Window Rate Limit per Subject Alternative Name (SAN) + +domains: + - example.com # Domains baseca Can Issue Certificates + +acm_pca: + # Alias for Certificate Authority (production_use1) + production_use1: + region: us-east-1 # Region Private CA is Deployed In + ca_arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx # Private CA ARN + ca_active_day: 90 # Days Subordinate CA Issued from baseca is Active + assume_role: false # baseca Supports Cross-Account Access to Private CA; if baseca is deployed in a different account than the Private CA set this to true. + root_ca: false # Root CA or Subordinate CA + + # Alias for Certificate Authority (production_usw1) + production_usw1: + region: us-west-1 + ca_arn: arn:aws:acm-pca:us-west-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + ca_active_day: 180 + assume_role: false + root_ca: false + + # Alias for Certificate Authority (development_use1) + development_use1: + region: us-east-1 + ca_arn: arn:aws:acm-pca:us-east-1:987654321098:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + ca_active_day: 180 + assume_role: true + role_arn: arn:aws:iam::987654321098:role/[ROLE] + root_ca: false + +firehose: + stream: baseca-production # Kinesis Firehose Stream Name + region: us-east-1 # Kinesis Firehose Region + +kms: + key_id: 12345678-1234-1234-1234-123456789012 # KMS Key ID for Signing and Validating Requests + signing_algorithm: RSASSA_PSS_SHA_512 # [RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, RSASSA_PKCS1_V1_5_SHA_512, RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, RSASSA_PSS_SHA_512] + region: us-east-1 # KMS Region + auth_validity: 5 # User Authentication Token Validity (Minutes) + +secrets_manager: + secret_id: baseca-xxxxxxxxxxxx # AWS Secrets Manager ID + +subordinate_ca_metadata: + # baseca Subordinate CA Metadata + country: "US" + province: "CA" + locality: "San Francisco" + organization: "Example" + organization_unit: "Security" + email: "example@example.com" + + # [RSA, ECDSA] + key_algorithm: "RSA" + + # RSA [SHA256WITHRSA, SHA384WITHRSA, SHA512WITHRSA] + # ECDSA [SHA256WITHECDSA, SHA384WITHECDSA, SHA512WITHECDSA] + signing_algorithm: SHA512WITHRSA + + # RSA [2048, 4096] + # ECDSA [256, 384, 521] + key_size: 4096 + +certificate_authority: # CA Environments: [local, sandbox, development, staging, pre_production, production, corporate]. Each value within the environment maps to the CA configured within acm_pca. + + # List of Development Certificate Authority Alias + development: + - development_use1 + + # List of Production Certificate Authority Alias + production: + - production_use1 + - production_usw1 +``` + diff --git a/docs/ENDPOINTS.md b/docs/ENDPOINTS.md new file mode 100644 index 0000000..e4a6699 --- /dev/null +++ b/docs/ENDPOINTS.md @@ -0,0 +1,1072 @@ +# baseca RPC Methods + +[`Certificate Endpoints`](#Certificate) + +```protobuf +service Certificate { + rpc SignCSR (CertificateSigningRequest) returns (SignedCertificate); + rpc GetCertificate (CertificateSerialNumber) returns (CertificateParameter); + rpc ListCertificates (ListCertificatesRequest) returns (CertificatesParameter); + rpc RevokeCertificate (RevokeCertificateRequest) returns (RevokeCertificateResponse); + rpc OperationsSignCSR (OperationsSignRequest) returns (SignedCertificate); +} +``` + +[`Service Endpoints`](#Service) + +```protobuf +service Service { + rpc CreateServiceAccount (CreateServiceAccountRequest) returns (CreateServiceAccountResponse); + rpc ListServiceAccounts (QueryParameter) returns (ServiceAccounts); + rpc GetServiceAccount (ServiceAccountId) returns (ServiceAccount); + rpc GetServiceAccountByName (ServiceAccountName) returns (ServiceAccounts); + rpc DeleteServiceAccount (ServiceAccountId) returns (google.protobuf.Empty); +} +``` + +[`Account Endpoints`](#Account) + +```protobuf +service Account { + rpc LoginUser (LoginUserRequest) returns (LoginUserResponse); + rpc DeleteUser (UsernameRequest) returns (google.protobuf.Empty); + rpc GetUser (UsernameRequest) returns (User); + rpc ListUsers (QueryParameter) returns (Users); + rpc CreateUser (CreateUserRequest) returns (User); + rpc UpdateUserCredentials (UpdateCredentialsRequest) returns (User); + rpc UpdateUserPermissions (UpdatePermissionsRequest) returns (User); +} +``` + +## Certificate + +### **baseca.v1.Certificate/SignCSR** + +```protobuf +rpc SignCSR (CertificateSigningRequest) returns (SignedCertificate); +``` + +**Description** +Sign Certificate Signing Request (CSR) + +**Request** + +```protobuf +message CertificateSigningRequest { + string certificate_signing_request = 1; +} +``` + +**Response** + +```protobuf +message SignedCertificate { + string certificate = 1; + string certificate_chain = 2; + CertificateParameter metadata = 3; +} +message CertificateParameter { + string serial_number = 1; + string common_name = 2; + repeated string subject_alternative_name = 3; + google.protobuf.Timestamp expiration_date = 4; + google.protobuf.Timestamp issued_date = 5; + bool revoked = 6; + string revoked_by = 7; + google.protobuf.Timestamp revoke_date = 8; + string ca_serial_number = 9; + string certificate_authority_arn = 10; +} +``` + +```json +{ + "certificate": "-----BEGIN CERTIFICATE-----", + "certificate_chain": "-----BEGIN CERTIFICATE-----", + "metadata": { + "serial_number": "4c15b9ec07c2779f5319ab68ea16b7fc5f452f36", + "common_name": "sandbox.example.com", + "subject_alternative_name": ["test.example.com"], + "expiration_date": { + "seconds": 1685128356, + "nanos": 876043203 + }, + "issued_date": { + "seconds": 1682536356, + "nanos": 876043115 + }, + "revoke_date": { + "seconds": -62135596800 + }, + "ca_serial_number": "50919db8e90a157cb5d44f8b1eb87879", + "certificate_authority_arn": "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/11111111-22222-3333-4444-555555555555" + } +} +``` + +### **baseca.v1.Certificate/GetCertificate** + +```protobuf +rpc GetCertificate (CertificateSerialNumber) returns (CertificateParameter); +``` + +**Description** +Query Issued Certificate Metadata from Database + +**Request** + +```protobuf +message CertificateSerialNumber { + string serial_number = 1; +} +``` + +```bash +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "serial_number": "4c15b9ec07c2779f5319ab68ea16b7fc5f452f36" + }' \ + localhost:9090 baseca.v1.Certificate/GetCertificate +``` + +**Response** + +```protobuf +message CertificateParameter { + string serial_number = 1; + string common_name = 2; + repeated string subject_alternative_name = 3; + google.protobuf.Timestamp expiration_date = 4; + google.protobuf.Timestamp issued_date = 5; + bool revoked = 6; + string revoked_by = 7; + google.protobuf.Timestamp revoke_date = 8; + string ca_serial_number = 9; + string certificate_authority_arn = 10; +} +``` + +```json +{ + "metadata": { + "serial_number": "4c15b9ec07c2779f5319ab68ea16b7fc5f452f36", + "common_name": "sandbox.example.com", + "subject_alternative_name": ["test.example.com"], + "expiration_date": { + "seconds": 1685128356, + "nanos": 876043203 + }, + "issued_date": { + "seconds": 1682536356, + "nanos": 876043115 + }, + "revoke_date": { + "seconds": -62135596800 + }, + "ca_serial_number": "50919db8e90a157cb5d44f8b1eb87879", + "certificate_authority_arn": "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/11111111-22222-3333-4444-555555555555" + } +} +``` + +### **baseca.v1.Certificate/ListCertificates** + +```protobuf +rpc ListCertificates (ListCertificatesRequest) returns (CertificatesParameter); +``` + +**Description** +List Issued Certificates via Common Name (CN) + +**Request** + +```protobuf +message ListCertificatesRequest { + string common_name = 1; + int32 page_id = 3; + int32 page_size = 4; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "common_name": "sandbox.example.com", + "page_id": 1, + "page_size": 20 + }' \ + localhost:9090 baseca.v1.Certificate/ListCertificates +``` + +**Response** + +```protobuf +message CertificatesParameter { + repeated CertificateParameter certificates = 1; +} +message CertificateAuthorityParameter { + string region = 1; + string ca_arn = 2; + string sign_algorithm = 3; + bool assume_role = 4; + string role_arn = 5; + int32 validity = 6; +} +``` + +### **baseca.v1.Certificate/RevokeCertificateRequest** + +```protobuf +rpc RevokeCertificate (RevokeCertificateRequest) returns (RevokeCertificateResponse); +``` + +**Description** +Revoke Subordinate CA Certificate from ACM Private CA + +**Request** + +```protobuf +message RevokeCertificateRequest { + string serial_number = 1; + string revocation_reason = 2; +} +AFFILIATION_CHANGED +CESSATION_OF_OPERATION +A_A_COMPROMISE +PRIVILEGE_WITHDRAWN +SUPERSEDED +UNSPECIFIED +KEY_COMPROMISE +CERTIFICATE_AUTHORITY_COMPROMISE +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "serial_number": "50919db8e90a157cb5d44f8b1eb87879", + "revocation_reason": "PRIVILEGE_WITHDRAWN" + }' \ + localhost:9090 baseca.v1.Certificate/RevokeCertificate +``` + +**Response** + +```protobuf +message RevokeCertificateResponse { + string serial_number = 1; + google.protobuf.Timestamp revocation_date = 2; + string status = 3; +} +``` + +```json +{ + "serialNumber": "50919db8e90a157cb5d44f8b1eb87879", + "revocationDate": "2023-04-26T21:49:59.846588Z", + "status": "PRIVILEGE_WITHDRAWN" +} +``` + +### **baseca.v1.Certificate/OperationsSignCSR** + +```protobuf +rpc OperationsSignCSR (OperationsSignRequest) returns (SignedCertificate); +``` + +**Description** +Manual Sign Certificate Signing Request (CSR) + +**Request** + +```protobuf +message OperationsSignRequest { + string certificate_signing_request = 1; + CertificateAuthorityParameter certificate_authority = 2; + string service_account = 3; + string environment = 4; + string extended_key = 5;} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "certificate_signing_request": "-----BEGIN CERTIFICATE REQUEST-----", + "certificate_authority": { + "region": "us-east-1", + "ca_arn": "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/11111111-22222-3333-4444-555555555555", + "sign_algorithm": "SHA512WITHRSA", + "assume_role": "false", + "validity": "30" + }, + "service_account": "example", + "environment": "development", + "extended_key": "EndEntityServerAuthCertificate" + }' \ + localhost:9090 baseca.v1.Certificate/OperationsSignCSR +``` + +**Response** + +```protobuf +message SignedCertificate { + string certificate = 1; + string certificate_chain = 2; + CertificateParameter metadata = 3; +} +message CertificateParameter { + string serial_number = 1; + string common_name = 2; + repeated string subject_alternative_name = 3; + google.protobuf.Timestamp expiration_date = 4; + google.protobuf.Timestamp issued_date = 5; + bool revoked = 6; + string revoked_by = 7; + google.protobuf.Timestamp revoke_date = 8; + string certificate_authority_arn = 9; + string account = 10; + string environment = 11; + string extended_key = 12; +``` + +## Service + +### **baseca.v1.Service/CreateServiceAccount** + +```protobuf +rpc CreateServiceAccount (CreateServiceAccountRequest) returns (CreateServiceAccountResponse); +``` + +**Description** +Create Service Account Record + +**Request** + +```protobuf +message CreateServiceAccountRequest { + string service_account = 1; + string environment = 2; + optional string regular_expression = 3; + repeated string subject_alternative_names = 4; + repeated string certificate_authorities = 5; + string extended_key = 6; + int32 certificate_validity = 7; + string subordinate_ca = 8; + optional NodeAttestation node_attestation = 9; + string team = 10; + string email = 11; + +} + +message NodeAttestation { + AWSInstanceIdentityDocument aws_iid = 1; +} + +message AWSInstanceIdentityDocument { + string role_arn = 1; + string assume_role = 2; + repeated string security_groups = 3; + string region = 4; + string instance_id = 5; + string image_id = 6; + map instance_tags = 7; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "service_account": "example", + "environment": "development", + "subject_alternative_names": [ + "development.coinbase.com" + ], + "extended_key": "EndEntityServerAuthCertificate", + "node_attestation": { + "aws_iid": { + "role_arn": "arn:aws:iam::123456789012:role/role", + "assume_role": "arn:aws:iam::123456789012:role/assumed-role", + "security_groups": ["sg-0123456789abcdef0"], + "region": "us-east-1" + } + }, + "certificate_authorities": [ + "development_use1" + ], + "certificate_validity": 30, + "subordinate_ca": "infrastructure", + "team": "Infrastructure Security", + "email": "security@coinbase.com" + }' \ + localhost:9090 baseca.v1.Service/CreateServiceAccount +``` + +**Response** + +```protobuf +message CreateServiceAccountResponse { + string client_id = 1; + string client_token = 2; + string service_account = 3; + string environment = 4; + string regular_expression = 5; + repeated string subject_alternative_names = 6; + repeated string certificate_authorities = 7; + string extended_key = 8; + NodeAttestation node_attestation = 9; + int32 certificate_validity = 10; + string subordinate_ca = 11; + string team = 12; + string email = 13; + google.protobuf.Timestamp created_at = 14; + string created_by = 15; +} +``` + +```json +{ + "clientId": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "clientToken": "[CLIENT_TOKEN]", + "serviceAccount": "example", + "environment": "development", + "subjectAlternativeNames": ["development.coinbase.com"], + "certificateAuthorities": ["development_use1"], + "extendedKey": "EndEntityServerAuthCertificate", + "nodeAttestation": { + "awsIid": { + "roleArn": "arn:aws:iam::123456789012:role/role", + "assumeRole": "arn:aws:iam::123456789012:role/assumed-role", + "securityGroups": ["sg-0123456789abcdef0"], + "region": "us-east-1" + } + }, + "certificateValidity": 30, + "subordinateCa": "infrastructure", + "team": "Infrastructure Security", + "email": "security@coinbase.com", + "createdAt": "2023-04-26T22:24:42.873116Z", + "createdBy": "830b9b81-37c0-4180-9dba-9f21b1f6ae21" +} +``` + +### **baseca.v1.Service/ListServiceAccounts** + +```protobuf +rpc ListServiceAccounts (QueryParameter) returns (ServiceAccounts); +``` + +**Description** +Query Service Accounts from Database + +**Request** + +```protobuf +message QueryParameter { + int32 page_id = 2; + int32 page_size = 3; +} +``` + +```sh + grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "page_id": 1, + "page_size": 20 + }' \ + localhost:9090 baseca.v1.Service/ListServiceAccounts +``` + +**Response** + +```protobuf +message ServiceAccounts { + repeated ServiceAccount service_accounts = 1; +} +message ServiceAccount { + string client_id = 1; + string service_account = 2; + string environment = 3; + string regular_expression = 4; + repeated string subject_alternative_names = 5; + repeated string certificate_authorities = 6; + string extended_key = 7; + NodeAttestation node_attestation = 8; + int32 certificate_validity = 9; + string team = 10; + string email = 11; + google.protobuf.Timestamp created_at = 12; + string created_by = 13; +} +``` + +```json +{ + "serviceAccounts": [ + { + "clientId": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "serviceAccount": "example", + "environment": "development", + "subjectAlternativeNames": ["development.coinbase.com"], + "certificateAuthorities": ["development_use1"], + "extendedKey": "EndEntityServerAuthCertificate", + "nodeAttestation": { + "awsIid": { + "roleArn": "arn:aws:iam::123456789012:role/role", + "assumeRole": "arn:aws:iam::123456789012:role/assumed-role", + "securityGroups": ["sg-0123456789abcdef0"], + "region": "us-east-1" + } + }, + "certificateValidity": 30, + "team": "Infrastructure Security", + "email": "security@coinbase.com", + "createdAt": "2023-04-26T22:24:42.873116Z", + "createdBy": "830b9b81-37c0-4180-9dba-9f21b1f6ae21" + } + ] +} +``` + +### **baseca.v1.Service/GetServiceAccountUuid** + +```protobuf +rpc GetServiceAccountUuid (ServiceAccountId) returns (ServiceAccount); +``` + +**Description** +Query Service Account from Database + +**Request** + +```protobuf +message ServiceAccountId { + string uuid = 1; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "uuid": "585c2f84-9a0e-4775-827a-a0a99c7dddcc" + }' \ + localhost:9090 baseca.v1.Service/GetServiceAccount +``` + +**Response** + +```protobuf +message ServiceAccount { + string client_id = 1; + string service_account = 2; + string environment = 3; + string regular_expression = 4; + repeated string subject_alternative_names = 5; + repeated string certificate_authorities = 6; + string extended_key = 7; + NodeAttestation node_attestation = 8; + int32 certificate_validity = 9; + string team = 10; + string email = 11; + google.protobuf.Timestamp created_at = 12; + string created_by = 13; +} +``` + +```json +{ + "clientId": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "serviceAccount": "example", + "environment": "development", + "subjectAlternativeNames": ["development.coinbase.com"], + "certificateAuthorities": ["development_use1"], + "extendedKey": "EndEntityServerAuthCertificate", + "nodeAttestation": { + "awsIid": { + "roleArn": "arn:aws:iam::123456789012:role/role", + "assumeRole": "arn:aws:iam::123456789012:role/assumed-role", + "securityGroups": ["sg-0123456789abcdef0"], + "region": "us-east-1" + } + }, + "certificateValidity": 30, + "team": "Infrastructure Security", + "email": "security@coinbase.com", + "createdAt": "2023-04-26T22:24:42.873116Z", + "createdBy": "830b9b81-37c0-4180-9dba-9f21b1f6ae21" +} +``` + +### **baseca.v1.Service/GetServiceAccountName** + +```protobuf +rpc GetServiceAccountName (ServiceAccountName) returns (ServiceAccounts); +``` + +**Description** +Query Service Account from Database By Name + +**Request** + +```protobuf +message ServiceAccountName { + string service_account = 1; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "service_account": "example" + }' \ + localhost:9090 baseca.v1.Service/GetServiceAccountByName +``` + +**Response** + +```protobuf +message ServiceAccounts { + repeated ServiceAccount service_accounts = 1; +} +message ServiceAccount { + string client_id = 1; + string service_account = 2; + string environment = 3; + string regular_expression = 4; + repeated string subject_alternative_names = 5; + repeated string certificate_authorities = 6; + string extended_key = 7; + NodeAttestation node_attestation = 8; + int32 certificate_validity = 9; + string team = 10; + string email = 11; + google.protobuf.Timestamp created_at = 12; + string created_by = 13; +} +``` + +```json +{ + "serviceAccounts": [ + { + "clientId": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "serviceAccount": "example", + "environment": "development", + "subjectAlternativeNames": ["development.coinbase.com"], + "certificateAuthorities": ["development_use1"], + "extendedKey": "EndEntityServerAuthCertificate", + "nodeAttestation": { + "awsIid": { + "roleArn": "arn:aws:iam::123456789012:role/role", + "assumeRole": "arn:aws:iam::123456789012:role/assumed-role", + "securityGroups": ["sg-0123456789abcdef0"], + "region": "us-east-1" + } + }, + "certificateValidity": 30, + "team": "Infrastructure Security", + "email": "security@coinbase.com", + "createdAt": "2023-04-26T22:24:42.873116Z", + "createdBy": "830b9b81-37c0-4180-9dba-9f21b1f6ae21" + } + ] +} +``` + +### **baseca.v1.Service/DeleteServiceAccount** + +```protobuf +rpc DeleteServiceAccount (ServiceAccountId) returns (google.protobuf.Empty); +``` + +**Description** +Delete Service Account from Database + +**Request** + +```protobuf +message ServiceAccountId { + string uuid = 1; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "uuid": "585c2f84-9a0e-4775-827a-a0a99c7dddcc" + }' \ + localhost:9090 baseca.v1.Service/DeleteServiceAccount +``` + +**Response** + +```protobuf +google.protobuf.Empty +``` + +## Account + +### **baseca.v1.Account/LoginUser** + +```protobuf +rpc LoginUser (LoginUserRequest) returns (LoginUserResponse); +``` + +**Description** +User Authentication, Returns JSON Web Token (JWT) + +**Request** + +```protobuf +message LoginUserRequest { + string username = 1; + string password = 2; +} +``` + +```sh +grpcurl -vv -plaintext \ + -d '{ + "username": "[USERNAME]", + "password": "[PASSWORD]" + }' \ + localhost:9090 baseca.v1.Account/LoginUser +``` + +**Response** + +```protobuf +message LoginUserResponse { + string access_token = 1; + User user = 2; +} + +message User { + string uuid = 1; + string username = 2; + string full_name = 3; + string email = 4; + string permissions = 5; + google.protobuf.Timestamp credential_changed_at = 6; + google.protobuf.Timestamp created_at = 7; +} +``` + +```json +{ + "accessToken": "[JSON_WEB_TOKEN_OUTPUT]", + "user": { + "uuid": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "username": "security_operations", + "fullName": "Example User", + "email": "security@coinbase.com", + "permissions": "ADMIN", + "credentialChangedAt": "0001-01-01T00:00:00Z", + "createdAt": "2023-02-28T07:21:04.221349Z" + } +} +``` + +### **baseca.v1.Account/DeleteUser** + +```protobuf +rpc DeleteUser (UsernameRequest) returns (google.protobuf.Empty); +``` + +**Description** +Delete User from Database + +**Request** + +```protobuf +message UsernameRequest { + string username = 1; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "username": "example@coinbase.com" + }' \ + localhost:9090 baseca.v1.Service/DeleteUser +``` + +**Response** + +```protobuf +google.protobuf.Empty +``` + +### **baseca.v1.Account/GetUser** + +```protobuf +rpc GetUser (UsernameRequest) returns (User); +``` + +**Description** +Query User from Database + +**Request** + +```protobuf +message UsernameRequest { + string username = 1; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "username": "production_sample" + }' \ + localhost:9090 baseca.v1.Account/GetUser +``` + +**Response** + +```protobuf +message User { + string uuid = 1; + string username = 2; + string full_name = 3; + string email = 4; + string permissions = 5; + google.protobuf.Timestamp credential_changed_at = 6; + google.protobuf.Timestamp created_at = 7; +} +``` + +```json +{ + "uuid": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "username": "example@coinbase.com", + "fullName": "Example User", + "email": "example@coinbase.com", + "permissions": "ADMIN", + "credentialChangedAt": "0001-01-01T00:00:00Z", + "createdAt": "2023-04-06T05:31:03.960297Z" +} +``` + +### **baseca.v1.Account/ListUsers** + +```protobuf +rpc ListUsers (QueryParameter) returns (Users); +``` + +**Description** +Query Users from Database + +**Request** + +```protobuf +message QueryParameter { + int32 page_id = 2; + int32 page_size = 3; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "page_id": 1, + "page_size": 20 + }' \ + localhost:9090 baseca.v1.Account/ListUsers +``` + +**Response** + +```protobuf +message Users { + repeated User users = 1; +} +message User { + string uuid = 1; + string username = 2; + string full_name = 3; + string email = 4; + string permissions = 5; + google.protobuf.Timestamp credential_changed_at = 6; + google.protobuf.Timestamp created_at = 7; +} +``` + +```json +{ + "users": [ + { + "uuid": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "username": "example@coinbase.com", + "fullName": "Example User", + "email": "example@coinbase.com", + "permissions": "ADMIN", + "credentialChangedAt": "0001-01-01T00:00:00Z", + "createdAt": "2023-02-28T07:21:04.221349Z" + }, + { + "uuid": "bb8e9e1d-2a11-43ae-86f1-9a19b6c8f47e", + "username": "sample@coinbase.com", + "fullName": "Sample User", + "email": "sample@coinbase.com", + "permissions": "READ", + "credentialChangedAt": "0001-01-01T00:00:00Z", + "createdAt": "2023-03-28T05:58:07.822324Z" + } + ] +} +``` + +### **baseca.v1.Account/CreateUser** + +```protobuf +rpc CreateUser (CreateUserRequest) returns (User); +``` + +**Description** +Create User to Manually Interface with baseca Control Plane + +**Request** + +```protobuf +message CreateUserRequest { + string username = 1; + string password = 2; + string full_name = 3; + string email = 4; + string permissions = 5; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "username": "example@coinbase.com", + "password": "[PASSWORD]", + "full_name": "Example User", + "email": "example@coinbase.com", + "permissions": "READ" + }' \ + localhost:9090 baseca.v1.Account/CreateUser +``` + +**Response** + +```protobuf +message User { + string uuid = 1; + string username = 2; + string full_name = 3; + string email = 4; + string permissions = 5; + google.protobuf.Timestamp credential_changed_at = 6; + google.protobuf.Timestamp created_at = 7; +} +``` + +```json +{ + "uuid": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "username": "example@coinbase.com", + "fullName": "Example User", + "email": "example@coinbase.com", + "permissions": "READ", + "credentialChangedAt": "0001-01-01T00:00:00Z", + "createdAt": "2023-04-27T00:38:22.776949Z" +} +``` + +### **baseca.v1.Account/UpdateUserCredentials** + +```protobuf +rpc UpdateUserCredentials (UpdateCredentialsRequest) returns (User); +``` + +**Description** +Update User Password + +**Request** + +```protobuf +message UpdateCredentialsRequest { + string username = 1; + string password = 2; + string updated_password = 3; +} +``` + +```sh +grpcurl -vv -plaintext \ + -d '{ + "username": "example@coinbase.com", + "password": "[PASSWORD]", + "updated_password": "[UPDATED_PASSWORD]" + }' \ + localhost:9090 baseca.v1.Account/UpdateUserCredentials +``` + +**Response** + +```protobuf +message User { + string uuid = 1; + string username = 2; + string full_name = 3; + string email = 4; + string permissions = 5; + google.protobuf.Timestamp credential_changed_at = 6; + google.protobuf.Timestamp created_at = 7; +} +``` + +### **baseca.v1.Account/UpdateUserPermissions** + +```protobuf +rpc UpdateUserPermissions (UpdatePermissionsRequest) returns (User); +``` + +**Description** +Update Permissions Parameter for User + +**Request** + +```protobuf +message UpdatePermissionsRequest { + string username = 1; + string permissions = 2; +} +``` + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "username": "example@coinbase.com", + "permissions": "ADMIN" + }' \ + localhost:9090 baseca.v1.Account/UpdateUserPermissions +``` + +**Response** + +```protobuf +message User { + string uuid = 1; + string username = 2; + string full_name = 3; + string email = 4; + string permissions = 5; + google.protobuf.Timestamp credential_changed_at = 6; + google.protobuf.Timestamp created_at = 7; +} +``` + +```json +{ + "uuid": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", + "username": "example@coinbase.com", + "fullName": "Example User", + "email": "example@coinbase.com", + "permissions": "ADMIN", + "credentialChangedAt": "2023-06-04T01:17:48.919754Z", + "createdAt": "2023-06-04T00:53:45.946512Z" +} +``` diff --git a/docs/GETTING_STARTED.md b/docs/GETTING_STARTED.md new file mode 100644 index 0000000..b9dffdd --- /dev/null +++ b/docs/GETTING_STARTED.md @@ -0,0 +1,352 @@ +# Getting Started + +`AWS` Dependencies: + +- [Build Public Key Infrastructure](#public-key-infrastructure) +- [Create baseca Infrastructure](#build-infrastructure) + +`baseca` Configuration: + +- [baseca Service Configuration](CONFIGURATION.md) + +`baseca` Database: + +- [Run and Create Local Database Container](#1-run-and-create-local-database-container) + +`baseca` gRPC Server: + +- Option 1: [Build and Run baseca as Container](#3a-run-baseca-as-container-option-a) +- Option 2: [Compile baseca as Executable (amd64)](#3b-compile-baseca-as-executable-option-b) +- Option 3: [Run baseca as One-Off Execution](#3c-run-baseca-as-one-off-execution-option-c) + +`Signing` x.509 Certificate: + +- [Create Admin User](#2-create-initial-admin-user) +- [Create Service Account](#2-create-service-account) +- [Issue x.509 Certificate with `baseca` Client](#3-issue-x509-certificate-with-baseca-client) + +## Public Key Infrastructure + +Each organization will have different Public Key Infrastructure topologies depending on its needs; for your PKI to be compatible with `baseca` (a) Certificate Authorities must be AWS Private CA and (b) there must be a minimum [PathLen](https://docs.aws.amazon.com/privateca/latest/userguide/PcaTerms.html#terms-pathlength) depending on where `baseca` issues the Subordinate CA from. Designing a Public Key Infrastructure is out of scope of this document, but we will take a look at topologies that `baseca` is compatible with below: + +- Option 1: Root CA (Self-Managed) → Intermediate CA (AWS): Minimum PathLen2 on Root CA, PathLen1 on Intermediate CA (Higher Complexity, Recommended) + +- Option 2: Root CA (AWS) → Intermediate CA (AWS): Minimum PathLen2 on Root CA, PathLen1 on Intermediate CA (Lower Complexity, Recommended) + +- Option 3: Root CA (AWS) → No AWS Intermediate CA: Minimum PathLen1 on Root CA (Not Recommended) + +_PKI Architecture Example: Option 1_ + + +## Build Infrastructure + +### 1. Install Terraform + +```sh +brew install tfenv +tfenv install 1.4.2 +tfenv use 1.4.2 +``` + +### 2. Configure Resource Module in `baseca/terraform/development` + +`baseca` Infrastructure [Documentation](../terraform/README.md) + +**NOTE:** Private CA(s) in `acm_pca_arns` must already exist within your infrastructure; refer to the [Public Key Infrastructure](#public-key-infrastructure) section if you need to design and deploy a Public Key Infrastructure. + +**DISCLAIMER**: `DO NOT` use Private CA(s) that are used within your organization's `PRODUCTION` environment for this `GETTING_STARTED.md` document, this is meant to build a local development environment. For production deployments please refer to [`PRODUCTION_DEPLOYMENT.md`](PRODUCTION_DEPLOYMENT.md). + +```sh +module "baseca" { + source = "./baseca" + service = "baseca" + environment = "development" + region = "us-east-1" + key_spec = "RSA_4096" + bucket = "baseca-firehose-example" +} +``` + +### 3. Deploy Terraform Resource Module + +```sh +cd /path/to/baseca/terraform/development + +terraform init +terraform apply +``` + +### 4. Terraform Outputs + +These outputs from Terraform will be utilized within the baseca `config.primary.local.sandbox.yml` configuration file. + +```sh +terraform output + +# Example Output + +kinesis_firehose_stream = "baseca-development" +kms_key_id = "xxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" +``` + +## Configuration + +Create and update the configuration [`config/config.primary.local.sandbox.yml`](../config/config.primary.local.sandbox.yml) file using the outputs created from the Terraform infrastructure; an example configuration can be seen within [CONFIGURATION.md](CONFIGURATION.md). + +```yml +# Update config.primary.local.sandbox.yml +firehose: + stream: baseca-development + +kms: + key_id: xxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx # kms_key_id +``` + +| Variable | Description | Update | +| ------------------------- | ----------------------------------------------------- | ---------------------------- | +| `grpc_server_address` | gRPC Server Address and Port | No | +| `ocsp_server` | Custom OCSP Server URL | Remove for Local Development | +| `database` | baseca RDS Database | No | +| `redis` | baseca Elasticache Redis Cluster | Remove for Local Development | +| `domains` | List of Valid Domains for `baseca` x.509 Certificates | Yes | +| `firehose` | baseca Kinesis Data Firehose | Yes | +| `kms` | baseca Customer Managed KMS Key | Yes | +| `acm_pca` | AWS Private Certificate Authorities | Yes | +| `secrets_manager` | AWS Secrets Manager | Remove for Local Development | +| `subordinate_ca_metadata` | baseca Subordinate CA Attributes | Optional | +| `certificate_authority` | Environment(s) for `acm_pca` Private CA(s) | Yes | + +## Local Deployment + +### 1. Run and Create Local Database Container + +Launch the PostgreSQL Container + +```sh +# Start Postgres Database and Mount db/init to Container +docker run --name baseca -p 5432:5432 -v /path/to/baseca/db/init:/db/init -e POSTGRES_USER=root -e POSTGRES_PASSWORD=secret -d postgres:latest + +# Create Initial baseca Database and Configure Root User Account +docker exec -it baseca createdb --username=root --owner=root baseca +``` + +[`golang-migrate Download Instructions`](https://github.com/golang-migrate/migrate/blob/master/cmd/migrate/README.md) + +```sh +brew install golang-migrate # Darwin (MacOS) + +migrate -path db/migration -database "postgresql://root:secret@localhost:5432/baseca?sslmode=disable" -verbose up +``` + +### 2. Create Initial Admin User + +```sh +# Update db/init/init-docker.sql for Admin User +VALUES (uuid_generate_v4(), 'example@example.com', crypt('ADMIN_CREDENTIALS', gen_salt('bf')), 'Example User', 'example@example.com', 'ADMIN', now()); + +# Run Database Init to Create Admin User +docker exec -it baseca psql -U root -d baseca -a -f db/init/init-docker.sql +``` + +### 3a. Run baseca as Container (Option A) + +_This step is recommended for production deployments using the standard Dockerfile that is provided for baseca._ + +Update the configuration file `config.primary.local.sandbox.yml` + +```yml +# IPv4_ADDRESS (Darwin) +ifconfig en0 | grep inet + +# Update config.primary.local.sandbox.yml +database_endpoint: IPv4_ADDRESS +database_reader_endpoint: IPv4_ADDRESS +ssl_mode: disable +``` + +Run the `baseca` Container + +**NOTE:** You must have AWS credentials stored locally within `~/.aws` with permissions to all infrastructure components created from Terraform and access to the Private CAs. + +```sh +docker run -p 9090:9090 -e password=secret -v ~/.aws/:/home/baseca/.aws/:ro -v $(pwd)/config:/home/baseca/config ghcr.io/coinbase/baseca:v0.0.1-beta +``` + +### 3b. Compile `baseca` as Executable (Option B) + +_This step is recommended for users that may want build the binary and then deploy their own custom container._ + +Update the configuration file `config.primary.local.sandbox.yml` + +```yml +# Update config.primary.local.sandbox.yml +database_endpoint: localhost +database_reader_endpoint: localhost +ssl_mode: disable +``` + +Compile the Golang Binary `baseca` + +```sh +# Darwin AMD64 +GOOS=darwin GOARCH=amd64 go build -o target/bin/darwin/baseca cmd/server/main.go +password=secret ./target/bin/darwin/baseca + +# Linux AMD64 +GOOS=linux GOARCH=amd64 go build -o target/bin/linux/baseca cmd/server/main.go +password=secret ./target/bin/linux/baseca +``` + +### 3c. Run baseca as One-Off Execution (Option C) + +_This step is recommended for local testing and getting `baseca` running most quickly._ + +Update the configuration file `config.primary.local.sandbox.yml` + +```yml +# Update config.primary.local.sandbox.yml +database_endpoint: localhost +database_reader_endpoint: localhost +ssl_mode: disable +``` + +Start the Golang `baseca` gRPC Server + +```sh +password=secret go run cmd/server/main.go +``` + +## Signing x.509 Certificate + +Start the `baseca` gRPC server via the preferred method within the [Local Deployment](#local-deployment) section and then run the [`baseca.v1.Account/LoginUser`](ENDPOINTS.md#basecav1accountloginuser) RPC method. + +### 1. Generate Authentication Token + +Authenticate with the `ADMIN` user created from the [`Create Initial Admin User`](#2-create-initial-admin-user) section. + +```sh +grpcurl -vv -plaintext \ + -d '{ + "username": "[USERNAME]", + "password": "[PASSWORD]" + }' \ + localhost:9090 baseca.v1.Account/LoginUser + +# baseca.v1.Account/LoginUser Response +{ + "accessToken": "[AUTH_TOKEN]", + "user": { + "username": "example@coinbase.com", + "fullName": "Example User", + "email": "example@coinbase.com", + "permissions": "ADMIN", + "credentialChangedAt": "0001-01-01T00:00:00Z", + "createdAt": "2023-05-01T12:00:00.000000Z" + } +} + +export AUTH_TOKEN=[AUTH_TOKEN] +``` + +### 2. Create Service Account + +Build gRPC request to provision a service account; ensure that the environment and certificate authorities are mapped to the baseca configuration in `config/config.primary.local.sandbox.yml`. + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "service_account": "example", + "environment": "development", + "subject_alternative_names": [ + "development.coinbase.com" + ], + "extended_key": "EndEntityServerAuthCertificate", + "certificate_authorities": [ + "development_use1" + ], + "certificate_validity": 30, + "subordinate_ca": "infrastructure", + "team": "Infrastructure Security", + "email": "security@coinbase.com" + }' \ + localhost:9090 baseca.v1.Service/CreateServiceAccount + +# baseca.v1.Account/CreateServiceAccount Response + +{ + "clientId": "585c2f84-9a0e-4775-827a-a0a99c7dddcc", # Service Account UUID + "clientToken": "[CLIENT_TOKEN]", # Service Account Auth Token + "serviceAccount": "example", + "environment": "development", + "subjectAlternativeNames": ["development.coinbase.com"], + "certificateAuthorities": ["development_use1"], + "extendedKey": "EndEntityServerAuthCertificate", + "nodeAttestation": {}, # Node Attestation Not Applicable to Local Development + "certificateValidity": 30, + "subordinateCa": "infrastructure", + "team": "Infrastructure Security", + "email": "security@coinbase.com", + "createdAt": "2023-05-01T12:00:00.000000Z", + "createdBy": "830b9b81-37c0-4180-9dba-9f21b1f6ae21" # Admin User UUID +} +``` + +_Mapping Between `Service Account` and `baseca` Configuration_ + + + +### 3. Issue x.509 Certificate with `baseca` Client + +After using the `baseca` client to issue a certificate the private key material and signed certificate will be stored within the parameters defined within `baseca.Output`. The private key material is generated locally, and because we are running the `baseca` server on our local machine the Subordinate CA will also be generated and written in memory under the `/tmp/baseca/ssl/[SUBORDINATE_CA]` directory. + +```go +package main + +import ( + "crypto/x509" + "fmt" + "log" + + baseca "github.com/coinbase/baseca/pkg/client" +) + +func main() { + client_id := [CLIENT_ID] + client_token := [CLIENT_TOKEN] + + configuration := baseca.Configuration{ + URL: "localhost:9090", + Environment: baseca.Env.Local, + } + + client, err := baseca.LoadDefaultConfiguration(configuration, client_id, client_token, baseca.Attestation.Local) + + if err != nil { + // Handle Error + log.Fatal(err) + } + + metadata := baseca.CertificateRequest{ + CommonName: "development.coinbase.com", + SubjectAlternateNames: []string{"development.coinbase.com"}, + SigningAlgorithm: x509.SHA512WithRSA, + PublicKeyAlgorithm: x509.RSA, + KeySize: 4096, + Output: baseca.Output{ + PrivateKey: "/tmp/private.key", // baseca Generate Private Key Output Location + Certificate: "/tmp/certificate.crt", // baseca Signed Leaf Certificate Output Location + CertificateChain: "/tmp/full_chain.crt", // baseca Signed Certificate Chain Output Location + CertificateSigningRequest: "/tmp/request.csr", // baseca CSR Output Location + } + } + + response, err := client.IssueCertificate(metadata) + + if err != nil { + // Handle Error + log.Fatal(err) + } + + log.Printf("%+v", response) +} +``` diff --git a/docs/PRODUCTION_DEPLOYMENT.md b/docs/PRODUCTION_DEPLOYMENT.md new file mode 100644 index 0000000..032dc2e --- /dev/null +++ b/docs/PRODUCTION_DEPLOYMENT.md @@ -0,0 +1,281 @@ +# Production Deployment + +`AWS` Dependencies + +- [Build Public Key Infrastructure](#public-key-infrastructure) +- [Create baseca Resource Infrastructure](#build-infrastructure) + +`baseca` Database Migration + +- [Bootstrap RDS Database](#bootstrap-rds-database) + +Build and Upload `baseca`: + +- [Build and Upload baseca to ECR](#build-and-upload-baseca-to-ecr) + +Deploy Compute for `baseca`: + +- [Create baseca Compute Infrastructure](#build-compute-infrastructure) + +## Public Key Infrastructure + +Please read the [`GETTING_STARTED.md`](GETTING_STARTED.md#public-key-infrastructure) documentation and set up a local development environment before proceeding and deploying the production infrastructure. + +## Build Infrastructure + +### 1. Install Terraform + +```sh +brew install tfenv +tfenv install 1.4.2 +tfenv use 1.4.2 +``` + +### 2. Configure Resource Module in `baseca/terraform/production` + +`baseca` Infrastructure [Documentation](../terraform/README.md#production-deployment-resources) + +**NOTE:** Private CA(s) in `acm_pca_arns` must already exist within your infrastructure; refer to the [Public Key Infrastructure](#public-key-infrastructure) section if you need to design and deploy a Public Key Infrastructure. + +```sh +# baseca/terraform/production/baseca.tf + +module "baseca" { + source = "./baseca" + service = "baseca" + environment = "production" + region = "us-east-1" + key_spec = "RSA_4096" + bucket = "baseca-firehose-example" + db_ingress = ["10.0.0.0/8"] + acm_pca_arns = [ + "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "arn:aws:acm-pca:us-east-1:987654321098:certificate-authority/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy" + ] +} +``` + +### 3. Deploy Terraform Resource Module + +```sh +cd /path/to/baseca/terraform/production + +terraform init +terraform apply +``` + +### 4. Terraform Outputs + +These outputs from Terraform will be utilized within the baseca `config.primary.production.aws.yml` configuration file. + +```sh +terraform output + +# Example Output + +ecr_repository = "012345678901.dkr.ecr.us-east-1.amazonaws.com/baseca" +kinesis_firehose_stream = "baseca-production" +kms_key_id = "xxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" +rds_reader_endpoint = "baseca-production-cluster.cluster-ro-xxxxxxxxxxxx.us-east-1.rds.amazonaws.com" +rds_writer_endpoint = "baseca-production-cluster.cluster-xxxxxxxxxxxx.us-east-1.rds.amazonaws.com" +redis_endpoint = "baseca-production.xxxxxx.0001.use1.cache.amazonaws.com" +``` + +## Configuration + +Update the [`config/config.primary.production.aws.yml`](../examples/config/config.primary.production.aws.yml) configuration file using the outputs from Terraform; an example configuration can be seen within [CONFIGURATION.md](CONFIGURATION.md). + +```yml +# Update config.primary.production.aws.yml +database: + database_endpoint: baseca-production-cluster.cluster-xxxxxxxxxxxx.us-east-1.rds.amazonaws.com # rds_writer_endpoint + database_reader_endpoint: baseca-production-cluster.cluster-ro-xxxxxxxxxxxx.us-east-1.rds.amazonaws.com # rds_reader_endpoint + +redis: + cluster_endpoint: baseca-production.xxxxxx.0001.use1.cache.amazonaws.com # redis_endpoint + +firehose: + stream: baseca-production + +kms: + key_id: xxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx # kms_key_id +``` + +| Variable | Description | Update | +| ------------------------- | ----------------------------------------------------- | -------- | +| `grpc_server_address` | gRPC Server Address and Port | No | +| `ocsp_server` | Custom OCSP Server URL | Optional | +| `database` | baseca RDS Database | Yes | +| `redis` | baseca Elasticache Redis Cluster | Yes | +| `domains` | List of Valid Domains for `baseca` x.509 Certificates | Yes | +| `firehose` | baseca Kinesis Data Firehose | Yes | +| `kms` | baseca Customer Managed KMS Key | Yes | +| `acm_pca` | AWS Private Certificate Authorities | Yes | +| `secrets_manager` | AWS Secrets Manager | Yes | +| `subordinate_ca_metadata` | baseca Subordinate CA Attributes | Optional | +| `certificate_authority` | Environment(s) for `acm_pca` Private CA(s) | Yes | + +## Bootstrap RDS Database + +### 1. Search RDS Credentials from Secrets Manager + + + +```yml +# Update config.primary.production.aws.yml +secrets_manager: + secret_id: rds!cluster-bcc40600-5fa7-4877-aa35-529cae165937 +``` + +### 2. Launch Temporary EC2 Instance + +A temporary `Ubuntu` EC2 instance with the requirements below will need to be deployed to perform the database migration. + +- Egress Port 80 to 0.0.0.0/0 +- Egress Port 5432 to 0.0.0.0/0 +- Ingress Port 22 from Local IP +- Deploy in Subnet Routable to RDS Cluster +- Private IP within `db_ingress_cidr` CIDR Block + +### 3. Perform Database Migration + +[`golang-migrate Download Instructions`](https://github.com/golang-migrate/migrate/blob/master/cmd/migrate/README.md) + +```sh +cd /path/to/baseca + +# Copy Database Migration Files and RDS Certificate to EC2 +scp -i /path/to/your/key.pem -r db/migration ubuntu@[IP_ADDRESS]:/home/ubuntu +scp -i /path/to/your/key.pem internal/attestor/aws_iid/certificate/rds.global.bundle.pem ubuntu@[IP_ADDRESS]:/home/ubuntu + +# SSH to EC2 +ssh -i /path/to/your/key.pem ubuntu@[IP_ADDRESS] + +# Download golang-migrate +curl -L https://github.com/golang-migrate/migrate/releases/download/v4.16.1/migrate.linux-amd64.tar.gz | tar xvz # AMD64 Example + +# Execute Database Migration +./migrate -path migration -database "postgresql://[username]:[password]@[rds_writer_endpoint]:5432/baseca?sslmode=verify-full&sslrootcert=/home/ubuntu/rds.global.bundle.pem" -verbose up +``` + +**Note:** If you see the error below you will need to encode the credentials; please do this `locally` and not through an online encoder. + +``` +error: parse "postgresql://baseca:[PASSWORD]@[RDS_WRITER_ENDPOINT]:5432/baseca?sslmode=disable": net/url: invalid userinfo +``` + +### 4. Create Initial Admin User + +```sh +# Update db/init/init.sql for Admin User +VALUES (uuid_generate_v4(), 'example@example.com', crypt('ADMIN_CREDENTIALS', gen_salt('bf')), 'Example User', 'example@example.com', 'ADMIN', now()); + +# Copy db.init/init.sql to EC2 +scp -i /path/to/your/key.pem db/init/init.sql ubuntu@[IP_ADDRESS]:/home/ubuntu + +# SSH to EC2 +ssh -i /path/to/your/key.pem ubuntu@[IP_ADDRESS] + +# Download Postgres Client +sudo apt-get update +sudo apt-get install -y postgresql-client + +# Run Database Init to Create Admin User +psql -h [rds_writer_endpoint] -U [username] -d baseca -f /path/to/init.sql +``` + +**Note:** [`Terminate`](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html) the Migration EC2 Instance After Migration Completed + +## Build and Upload `baseca` to ECR + +### Option A: Build from Published `baseca` Image + +_Use this option by using the published image from `baseca` without any code changes or updates to your Dockerfile._ + +Create `Dockerfile` and Copy [`Configurations`](../config) to `/home/baseca/config` within the Docker Container. + +```Dockerfile +FROM ghcr.io/coinbase/baseca:v0.0.1-beta + +COPY ./config /home/baseca/config +CMD ["/home/baseca/baseca"] +``` + +```sh +cd /path/to/Dockerfile +docker build -t baseca . +``` + +Push Image to ECR Registry + +```sh +docker tag baseca .dkr.ecr..amazonaws.com/baseca:latest +aws ecr get-login-password --region | docker login --username AWS --password-stdin .dkr.ecr..amazonaws.com +docker push .dkr.ecr..amazonaws.com/baseca:latest +``` + +**NOTE:** This is an image built from [`examples/Dockerfile`](../examples/Dockerfile); there are alternative methods to get the config files onto the image, but you must copy your configurations within the `/home/baseca/config` path. + + + +### Option B: Local Build + +_Use this option if you have requirements to change the `baseca` image through either custom code changes or updates to the Dockerfile._ + +```sh +cd /path/to/baseca +docker build -t baseca . + +docker tag baseca .dkr.ecr..amazonaws.com/baseca:latest +aws ecr get-login-password --region | docker login --username AWS --password-stdin .dkr.ecr..amazonaws.com +docker push .dkr.ecr..amazonaws.com/baseca:latest +``` + +## Build Compute Infrastructure + +**DISCLAIMER:** The compute deployment is a sample of how `baseca` can run within an environment; if you decide to run this ECS Service as is, be cautious as it has not been fully tested. `baseca` is not intended to run on ephemeral instances; if a design decision is made to run on ephemeral nodes you will need to have a shared volume such as EFS. The `recommended` method is to deploy the service directly on an EC2 instance that supports [`Nitro Enclaves`](https://docs.aws.amazon.com/enclaves/latest/user/using.html); this ensures that key material never leaves the host it was generated on and is never accessible by anything outside of the `baseca` process. + +`baseca` Infrastructure [Documentation](../terraform/README.md#production-compute-deployment) + +### 1. Configure Compute Module in `baseca/terraform/production` + +```sh +# baseca/terraform/production/baseca.tf + +module "compute" { + source = "./compute" + service = "baseca" + region = "us-east-1" + environment = "production" + configuration = "production" + + vpc_id = "vpc-xxxxxxxx" + subnet_ids = ["subnet-0123456789abcdef", "subnet-9876543210fedcba"] + + host_port = 9090 + network_ingress = ["10.0.0.0/8"] + public_ip = false + + baseca_iam_role = module.baseca.baseca_iam_role + ecr_repository = module.baseca.ecr_repository + depends_on = [ + module.baseca + ] +} +``` + +**NOTE:** `environment` and `configuration` are values used to concatenate and build the configuration file for `baseca`. Within Terraform we auto export these as environment variables within the ECS Task Definition, but if you are using your own deployment you will need to have these environment variables accessible by `baseca`. If the values below were exported then `baseca` would read the `config/config.primary.production.aws.yml` file. Changing `configuration` to `development` would read the `config/config.primary.development.aws.yml` file. + +```sh +export ENVIRONMENT=production +export CONFIGURATION=production +``` + +### 2. Deploy Terraform Compute Module + +```sh +cd /path/to/baseca/terraform/production + +terraform init +terraform apply +``` diff --git a/docs/SCOPE.md b/docs/SCOPE.md new file mode 100644 index 0000000..24f9c8a --- /dev/null +++ b/docs/SCOPE.md @@ -0,0 +1,185 @@ +# Scope + +`Scope` is a concept for `service accounts` where attributes are defined to ensure that (a) the x.509 certificate issued should be unique to the service depending on the requirements, and (b) only the intended service is able to issue that x.509 certificate. + +- **`Certificate Authorities`** define which Certificate Authority a service is able to issue from; this scope goes together with the environment constraint to ensure that a service is not able to have a certificate authorities that cross environments (i.e. development_use1, production_use1). + +- **`Subject Alternative Names`** determine which Common Name (CN) and Subject Alternative Names (SAN) that are valid for the service account. + +- **`Extended Key`** dictates the type of x.509 certificate that will be issued whether it will be used for client authentication (EndEntityClientAuthCertificate), server authentication (EndEntityServerAuthCertificate), or code signing (CodeSigningCertificate). + +- **`Certificate Validity`** is a configurable value to determine when the expiration for an x.509 certificate will be; while we aim to have short-lived certificates for all of our services this is not always possible due to the nature of how often services are re-deployed. + +- **`Node Attestation`** is used to ensure that the request is originating from the node we expect it; currently we support attestation from AWS Instance Identity Document (IID) which validates the signature of the request and maps it to ensure the request is coming from the intended server. In the case the service account credentials are compromised a certificate would not be issued unless the request is originating from the underlying node (i.e. EC2 instance). + +- **`Subordinate CA`** is the and Subject Alternative Name (SAN) value of the Subordinate CA that will be issued from Private CA and used to sign requests downstream requests. For example, if the service account below made a request to baseca a Subordinate CA named `infrastructure_sandbox` would be created on the host and used to sign requests that also have a service account that uses the `infrastructure` subordinate_ca and is in the `sandbox` environment. + +```sh +grpcurl -vv -plaintext -H "Authorization: Bearer ${AUTH_TOKEN}" \ + -d '{ + "service_account": "example", + "environment": "sandbox", # << Environment Scope >> + "subject_alternative_names": [ # << Subject Alternative Names (SAN) Scope >> + "sandbox.coinbase.com" + ], + "extended_key": "EndEntityServerAuthCertificate", + "node_attestation": { # << Node Attestation Scope >> + "aws_iid": { + "role_arn": "arn:aws:iam::123456789012:role/role", + "assume_role": "arn:aws:iam::123456789012:role/assumed-role", + "security_groups": ["sg-0123456789abcdef0"], + "region": "us-east-1" + } + }, + "certificate_authorities": [ # << Certificate Authorities Scope >> + "sandbox_use1" + ], + "certificate_validity": 30, # << Certificate Validity Scope >> + "account_type": "SERVICE", + "subordinate_ca": "infrastructure", # << Subordinate CA Scope >> + "team": "Infrastructure Security", + "email": "security@coinbase.com" + }' \ + localhost:9090 baseca.v1.Service/CreateServiceAccount +``` + +Using the service account issued above, if we generated a CSR and sent it to [`baseca.v1.Certificate/SignCSR`](ENDPOINTS.md#basecav1certificatesigncsr) the output for the leaf certificate would be similar to the one below. + +``` +-----BEGIN CERTIFICATE----- +MIIF4TCCA8mgAwIBAgIUYKMFt0fz3ajjsiQ6O1VT0XTGuUEwDQYJKoZIhvcNAQEN +BQAwczELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJh +bmNpc2NvMQswCQYDVQQKEwJDQTERMA8GA1UECxMIU2VjdXJpdHkxHzAdBgNVBAMM +FmluZnJhc3RydWN0dXJlX3NhbmRib3gwHhcNMjMwNTI0MjIxNTMzWhcNMjMwNjIz +MjIxNTMzWjB3MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNh +biBGcmFuY2lzY28xETAPBgNVBAoTCENvaW5iYXNlMREwDwYDVQQLEwhTZWN1cml0 +eTEdMBsGA1UEAxMUc2FuZGJveC5jb2luYmFzZS5jb20wggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDLP6qvTSG+4qnfGCcY6ECEz4VBlaYI7cKjKarnxbUP +3RChJUsUUzDAohxol82LwBwN1zEkD2jtTFRnRN86DeTN9moQ2pDL4ePFm7tADnxc +wHd+xVBtvJjLQOKe5Oa21zGbRtfuXw/2nW1yeZPmVm3yhdOseoJjP2qEi8pnNyno +nP4mYvUYDHLJV5RY5IhjHkl6vQdenw9+9PiZUbLp1WGtgWYney9QhS5rGdy5IN5e +X3TVwKyUyNTApqt+dOgXsH8hOAyprgPB54bvjoH3q2oskJpHDD9QQtEtZ+8vod7v +vhdp62ywWrxLyjdE0Q+u5v8OyEXYKmVFzww2OSKVFPu6M5nj1SZvbYqZpfVnrYWz +RfEkJZ288tU0NKbOQEe0I4V5yMGT3DhFTE31h0CV7dop2qQpDZZCWtO5VusvL9p0 +/6RCta9jOfsBBHAwx/UCrgB9tW5hP7CDYnjz6a8+awK4NMV7BU0JLOTt9EgCFUSg +3I7qQFc8IuAGbMX4RGpo0iCvWkOK/SCegAv96lwMT1WvgYlN+hNxAuM0mn0PDFvn +4K1RlNCQnys30i4qgJ0dIANhiO64VRHC8a6NGJy+h1uQ/Yq/YbLvGYctTkMIqGqq +D4CnhDfCntidtfcNqhhVJrH5pFE3OAtxi6IgSqjHijZ6NRTNIdXSr5/3vSXjAF8o +aQIDAQABo2kwZzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw +HwYDVR0jBBgwFoAUXq371v0v7mpEhQwZ5ZEl8ZXhSNgwHwYDVR0RBBgwFoIUc2Fu +ZGJveC5jb2luYmFzZS5jb20wDQYJKoZIhvcNAQENBQADggIBACdsEXqo7TLV0kDC +uCZgiNr0tdTrziKdex9vBJyxQCDJlDJRD2119kl4uZCP5B+uy1JTjOKDMCzzLkK8 +Fi1STvIXOpQyO2zlAR0id3UuJGkJ+DpxFAqIHRCiPGTdxoqqggRI5Lo+PCVzE8Ya +p+lOsY9seqcS0hUxtowwSNL29VnuSEECNQ3yV3Z9moReWkjLHt+mOyBJVCNHRmxx +u3CO73g/WgkjAUpH2qZaURtNFtaEh3hnQ7wPs8A9UOSMbmI8brdo586IFAGfJlAr +hnVdoZO+5uOmNU1IhhRfXlHCX8MRuN06ci1MQ2LdqCvVmw1MdtE9HRBj3kj824E+ +LyBZ1LP+hcz0LXfhU9lpLezRha+47d5TvseI9oijPvwdbwfPv2UfA2qQ9Wges1/o +y/LldJAzk6Wkk9vNrThBDRYCjWdoKxcROotWMYOzm+IZQOZ2+u+gV3WPO5U2r6mV +kxbVFaoLMA3485aXQBpnyFC/nqro6lf5SgtcTopFRCYQef+eVkuLsf+I7iMKObFE +t2dQy6vIXN1kHsAM9QKQDSKBYh3TjZi9KmY3e8gEFpXv0KzgOWS7JXCNZzZbegvL +XrHnWSowNC+VcpjTtLpI22cYFtYYPOlsSqgqYIS3VLecwdzBKsS/1qRQLvW4/pXN +jqXtvcRCofiEWOkOxBlz1JJvHV/N +-----END CERTIFICATE----- +``` + +Taking a further look, we can decode the certificate with `openssl x509 -in [file].crt -noout -text` which we can then correlate to the scopes that were defined within the service account. + +- x.509 Server Certificate +- Signed by Subordinate CA Generated from `sandbox_use1` +- Common Name (CN) and Subject Alternative Names (SAN) of `sandbox.coinbase.com` +- Certificate Validity of `30 Days` +- Request Must Come from EC2 with Attributes within `aws_iid` + +```sh +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 60:a3:05:b7:47:f3:dd:a8:e3:b2:24:3a:3b:55:53:d1:74:c6:b9:41 + Signature Algorithm: sha512WithRSAEncryption # Signing Algorithm (Configurable in baseca Client) + Issuer: C=US, ST=CA, L=San Francisco, O=CA, OU=Security, CN=infrastructure_sandbox # Subordinate CA Issued by baseca + Validity + Not Before: May 24 22:15:33 2023 GMT + Not After : Jun 23 22:15:33 2023 GMT # Certificate Validity + Subject: C=US, ST=CA, L=San Francisco, O=Coinbase, OU=Security, CN=sandbox.coinbase.com # Common Name (CN) + Subject Public Key Info: + Public Key Algorithm: rsaEncryption # Key Algorithm (Configurable in baseca Client) + RSA Public-Key: (4096 bit) # Key Size (Configurable in baseca Client) + Modulus: + 00:cb:3f:aa:af:4d:21:be:e2:a9:df:18:27:18:e8: + 40:84:cf:85:41:95:a6:08:ed:c2:a3:29:aa:e7:c5: + b5:0f:dd:10:a1:25:4b:14:53:30:c0:a2:1c:68:97: + cd:8b:c0:1c:0d:d7:31:24:0f:68:ed:4c:54:67:44: + df:3a:0d:e4:cd:f6:6a:10:da:90:cb:e1:e3:c5:9b: + bb:40:0e:7c:5c:c0:77:7e:c5:50:6d:bc:98:cb:40: + e2:9e:e4:e6:b6:d7:31:9b:46:d7:ee:5f:0f:f6:9d: + 6d:72:79:93:e6:56:6d:f2:85:d3:ac:7a:82:63:3f: + 6a:84:8b:ca:67:37:29:e8:9c:fe:26:62:f5:18:0c: + 72:c9:57:94:58:e4:88:63:1e:49:7a:bd:07:5e:9f: + 0f:7e:f4:f8:99:51:b2:e9:d5:61:ad:81:66:27:7b: + 2f:50:85:2e:6b:19:dc:b9:20:de:5e:5f:74:d5:c0: + ac:94:c8:d4:c0:a6:ab:7e:74:e8:17:b0:7f:21:38: + 0c:a9:ae:03:c1:e7:86:ef:8e:81:f7:ab:6a:2c:90: + 9a:47:0c:3f:50:42:d1:2d:67:ef:2f:a1:de:ef:be: + 17:69:eb:6c:b0:5a:bc:4b:ca:37:44:d1:0f:ae:e6: + ff:0e:c8:45:d8:2a:65:45:cf:0c:36:39:22:95:14: + fb:ba:33:99:e3:d5:26:6f:6d:8a:99:a5:f5:67:ad: + 85:b3:45:f1:24:25:9d:bc:f2:d5:34:34:a6:ce:40: + 47:b4:23:85:79:c8:c1:93:dc:38:45:4c:4d:f5:87: + 40:95:ed:da:29:da:a4:29:0d:96:42:5a:d3:b9:56: + eb:2f:2f:da:74:ff:a4:42:b5:af:63:39:fb:01:04: + 70:30:c7:f5:02:ae:00:7d:b5:6e:61:3f:b0:83:62: + 78:f3:e9:af:3e:6b:02:b8:34:c5:7b:05:4d:09:2c: + e4:ed:f4:48:02:15:44:a0:dc:8e:ea:40:57:3c:22: + e0:06:6c:c5:f8:44:6a:68:d2:20:af:5a:43:8a:fd: + 20:9e:80:0b:fd:ea:5c:0c:4f:55:af:81:89:4d:fa: + 13:71:02:e3:34:9a:7d:0f:0c:5b:e7:e0:ad:51:94: + d0:90:9f:2b:37:d2:2e:2a:80:9d:1d:20:03:61:88: + ee:b8:55:11:c2:f1:ae:8d:18:9c:be:87:5b:90:fd: + 8a:bf:61:b2:ef:19:87:2d:4e:43:08:a8:6a:aa:0f: + 80:a7:84:37:c2:9e:d8:9d:b5:f7:0d:aa:18:55:26: + b1:f9:a4:51:37:38:0b:71:8b:a2:20:4a:a8:c7:8a: + 36:7a:35:14:cd:21:d5:d2:af:9f:f7:bd:25:e3:00: + 5f:28:69 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication # Extended Key + X509v3 Authority Key Identifier: + keyid:5E:AD:FB:D6:FD:2F:EE:6A:44:85:0C:19:E5:91:25:F1:95:E1:48:D8 + + X509v3 Subject Alternative Name: + DNS:sandbox.coinbase.com # Subject Alternative Name (SAN) + Signature Algorithm: sha512WithRSAEncryption + 27:6c:11:7a:a8:ed:32:d5:d2:40:c2:b8:26:60:88:da:f4:b5: + d4:eb:ce:22:9d:7b:1f:6f:04:9c:b1:40:20:c9:94:32:51:0f: + 6d:75:f6:49:78:b9:90:8f:e4:1f:ae:cb:52:53:8c:e2:83:30: + 2c:f3:2e:42:bc:16:2d:52:4e:f2:17:3a:94:32:3b:6c:e5:01: + 1d:22:77:75:2e:24:69:09:f8:3a:71:14:0a:88:1d:10:a2:3c: + 64:dd:c6:8a:aa:82:04:48:e4:ba:3e:3c:25:73:13:c6:1a:a7: + e9:4e:b1:8f:6c:7a:a7:12:d2:15:31:b6:8c:30:48:d2:f6:f5: + 59:ee:48:41:02:35:0d:f2:57:76:7d:9a:84:5e:5a:48:cb:1e: + df:a6:3b:20:49:54:23:47:46:6c:71:bb:70:8e:ef:78:3f:5a: + 09:23:01:4a:47:da:a6:5a:51:1b:4d:16:d6:84:87:78:67:43: + bc:0f:b3:c0:3d:50:e4:8c:6e:62:3c:6e:b7:68:e7:ce:88:14: + 01:9f:26:50:2b:86:75:5d:a1:93:be:e6:e3:a6:35:4d:48:86: + 14:5f:5e:51:c2:5f:c3:11:b8:dd:3a:72:2d:4c:43:62:dd:a8: + 2b:d5:9b:0d:4c:76:d1:3d:1d:10:63:de:48:fc:db:81:3e:2f: + 20:59:d4:b3:fe:85:cc:f4:2d:77:e1:53:d9:69:2d:ec:d1:85: + af:b8:ed:de:53:be:c7:88:f6:88:a3:3e:fc:1d:6f:07:cf:bf: + 65:1f:03:6a:90:f5:68:1e:b3:5f:e8:cb:f2:e5:74:90:33:93: + a5:a4:93:db:cd:ad:38:41:0d:16:02:8d:67:68:2b:17:11:3a: + 8b:56:31:83:b3:9b:e2:19:40:e6:76:fa:ef:a0:57:75:8f:3b: + 95:36:af:a9:95:93:16:d5:15:aa:0b:30:0d:f8:f3:96:97:40: + 1a:67:c8:50:bf:9e:aa:e8:ea:57:f9:4a:0b:5c:4e:8a:45:44: + 26:10:79:ff:9e:56:4b:8b:b1:ff:88:ee:23:0a:39:b1:44:b7: + 67:50:cb:ab:c8:5c:dd:64:1e:c0:0c:f5:02:90:0d:22:81:62: + 1d:d3:8d:98:bd:2a:66:37:7b:c8:04:16:95:ef:d0:ac:e0:39: + 64:bb:25:70:8d:67:36:5b:7a:0b:cb:5e:b1:e7:59:2a:30:34: + 2f:95:72:98:d3:b4:ba:48:db:67:18:16:d6:18:3c:e9:6c:4a: + a8:2a:60:84:b7:54:b7:9c:c1:dc:c1:2a:c4:bf:d6:a4:50:2e: + f5:b8:fe:95:cd:8e:a5:ed:bd:c4:42:a1:f8:84:58:e9:0e:c4: + 19:73:d4:92:6f:1d:5f:cd +``` diff --git a/docs/images/architecture.png b/docs/images/architecture.png new file mode 100644 index 0000000000000000000000000000000000000000..65b99b0bd70e81d8ff08d1c157945eeaed1785b2 GIT binary patch literal 110836 zcmeFZ`B#(K(l$&_$3AL1Ad1M;q6h+lfCxx{RzVOD1Q}&&K}1AEhztP&cH1a3GK6_( zK}5y~$Pf||wSh3F1tma$D1k&|NRtRL1If4V#P0K)cYW_#?;r5^i!9BZy?5=ZtFF4L zZjvwBTm7*0z*Z?KsUOZ;TR2HcZ9zy$eb@2*zrerXE+FEhr0za$_?Xx`Nkml_c zueRZ{tKd6XpMRfrrK_YWr5S8PFZcZg3!U2@MZ5dcFFmopoWA>_!FBGj<;%*%H(o=( zDfP6u-)PeP8usz@c(3i+qZN2 z=Z6Lc1~6~mz6~5~#&u{NO_}59cz1rdGTn161KnRR%MBF)*lyS@M}aFZtVAxeZws=o_P!Q+K(*eKkNwz zjoZTJNK5|bz?=^@ay3QEY7V=f+AlEuPO@BK*9>;GU9;J15_9|gD}62>!YwJO7e{3| zUxggaKgE8t({6cnCzUK&(qxuwS*_(bMET`QwVsaq~7JKr_9|nW+>sp za5uFpGfp*qb278CO#SYI*@N-{;R@IiqTYsAfBztkBszgzeJwHeZJWK8O|PAP9F|U` z|7m$+o}IaRqSwh`d3HEcP6cU_N-WYe#w0UOQ#TYi z+dc0}|`j4_P{9!e_d98ez_?{Bq=I^w2H@ zyR|NTEzQ&|yi>ZoMKD>na7`Hhjd-2guj=dTOM;K4T*HKIUatK4fCe()qdPW$pTf{( z*x38>A~ER3Mzdl9Lvn(W9|JsA=d;zNtzKocdbWjD&uzrEA0Y2U<@?4o>6SHtX9DNg z?LtyvL21LV&jTtK4&nPrjlI|-5q7n zZ8B$Dy1N45g(ob8t2zm@`)yGjR-yR#r=Mm-cj__H$)9G_PT^_X*q!2sUg)+qH-~G> zo^k2bx9R>zjxN+i7@l(jvztDa_3PL@0*m66_0f@7eE($PHrcZN9($CbFLp}(xBCO>OXLHz8deWc`DCNA%1-6!;Isfay3Ksh zo^q<7uu(eL!pHE-vyL8lhVYt8sy4%3{{klrW4qT{aDgQ?kd_nfaMker$)#+rzW3lT z?v~_<gutD12p~e?#BWmm4^w zJ{Yc+Z=9umi6B_cIrr}q7G_=8+5HZv70xY#Mr92h!Y4m}m_G^Ccjbr~(VO$K>{=j% zYr$Vq%r^jm{A{!I2O*PxeLd+D%FeMl!{y02ObJnZca}V1pI=cbLQ!J=pMSJ;EIBq9 z-d@#RsE8^_Eq^o`<#kgbzXWVC40gwD4MqnS?$ViITYk-OJOfwu<#2Z^)O|vZ-oD12 zqwSQhBJE1nGsvtOC`NmSc$quTBKZxy(Y8 z$zLr5LX^EE|6x?$u0@k4IQ5itT%+XUw=JNkA56R;wp&WsBNj+(CwuoKXD<$t%!0hk zC1!;}zwcr)2_al|OKv@k{^BSK&64P!@fx?NxT;uZx1yQ73LpSH=BM2msS91)*&}8Q z?}WR$!?)^>B1*rUZ5Il{*QbRL3j7+FG^BZny?(X|9jz4HXwhp;&Danp9kQHclRM5k z$^^nsgP1odPAz>T&7lm_YNR=fVqlUDQW}JI=e~$FjHo|`==ysJ05tmf`YuXl9c1;0 z`_{P~2rZXeUWD-u$QYL)V-zHlkV5S@;ri$=&I_wTp-}K+JwsYeIVWXLfgRbU&phYy z0CvJM!CCyPL&?Z`UBt|nHIC*6U~+5=t*5sct|k``mK+?7DkpU)-vajTM&4zMZ#KZ1 zy4g}a*}t?yau|oF>M87Fi9=5VZsb}Hx<8rqCCuz6O#qCsTjXch!FAE*UvBcxt9r(l z@)mB{%IRx*z<<$qt~d^z+awOy>TziP9E3|Z7kS^L2Sxf1_b=^|JhtVcOi$f0%OR~W z=A_r`_N)%_Ev5gYl~5?Hc=UdnX+Jeyg4-cE$FtwJ$!f!LwiWz?k`RP{{9_B}fWOCm z@cHp>j!J@CZTD0T`H*CleHZf4isB8Zn>K^(QkdLKR+vHk;tC5DUiCtD4v=6#Dhwy4#Y)gKrdn$`3S^cNfW-XmI z8SNG^+jz4*3$LecGcL|I$wnaGC{%ZI4ktw2z!Z?xB&W*;IGq=Op*Xb-0i^tH_+qku zCdjtkVg1m8#IsQ#m_|^2VYX!5Gx+12Y_i{nnc z?Oi{+(7PTi0e7PA8nU1INTcb~1TVT2$Gi0BV(9zpBB#iRnwdB(0m}ogbC~pAx1hfY~ zhZw?08`mtF96$ogP2$QVmM_@~aZ1)-yNK!#QDsFqN=NqqTu%+=NrfP+u7qt`i`k}Mz|-!o5VjZ(I@ADsCUu(v_ym=Mg?%t@by6|d(}yWJ zQbyO`gfqk9|A%l^8zZTM01wj#mn4kyMU!jZLQkIG)x3$;qHU;y(p497pCDja>Tnjw zIHAOMU~?*)Cd<_z`X$u-u790+O3SgtKCLk7q}Su^s17QWcsm>bF;Dt5!-oTp$g*0* zx<%GUAU3}oCoiSKeK5cp1;P-@(7jFpLwf7~1UxHZF1CPB?BdrjxTGvT$BU*GF_k|k zCY%=m;kVYf8mLpQ`oY)kG85LLS#D3gTnJom7yb zof~}+RpLU%qG%CY4td(&Pn}GuFrqr$9cl(u@3}BNi;5Biw@Ox?mTVEU$D9OeKMpz6 zP|Q`Wqvm1@33V=hD}zf1C0iW*Qql}BSV4rdU^@!$NB^5}HogFuWWgI--*N~L&I1Kx zONkp)MJ|q3$zD#$^qA|I_sZLzWyI>JvrDhchFmTqNnAczT#e_gR(gXxh47Xf&;7Ej zwpa8KStXa*xRo1~>T()lvJN2L03faeMa^<_b4C=*4BGtprv z6RnC_6+|a~JOJp#)iv=W!I;8-o@nXp1WYZh~#>0dAuf3a1B6RvGdWCL{;7yk33n=tr;Fr z?vgol_Axq6450=C3oxh#wJ3uj6YTVcdvHDyuuW?OUIHL~}Qy^N!*+b3m=K5Hk`>?spN_mGUiOtkk=jWKmc|bXow?2Vm|RO#G&+ zm=!0%kaPTE!kEjG;Q7lwhLSy=llbHTF-=lGbKgb=gMf(%R0r^U)K4JiB`Mg?#g-5# zz?FxVB-!$XI^>!G=fq{^!-LXRx{M}g0Hj>rqfvOt(skg>5AyM}3IG2*@lH%SEzgNb z=hlb+kWSXZ|4BNN6mHG&O9(U~8Aruj|4Z|9UsB{?Ykc``FfI088M33Q!!gHl$t5EMRt3i<81NnMMI z?qUC$a2l@_uz)J`2RY!CK-Z!&1*PbPYd&rg<7bG4xV%?>c>p(4GafTTVZi^y&gzdz&%DP)=ug#wVNZG7K)ntT%E|LL8E;8b&FFT|NOX?s4N|C>Wg z&fkxnb(87g=2iH;(KE2g4fs;ALq%ZL`?23G-^NdR&02$4uF16AlYTyc*Mq0lMxzo|-96bc z5`ys88*Q(SzwES+)TVhnnFXm@w@d?M!+)wwi{1-yB6iWmfPjDnFP|uhxyo#yI`gQb zYUCJQ&p+wYN?NMK<=p1e4BS-o;(7K;1@vqGe0%~@BabC^YcWNCm7dGeb?#gZljFPs zHA{M|6k|>658yQ6kC{qyP2==+S@Bukz4+p2;c~l^_0}QR%-w%>9!NsH(X|%I*`V^% zl|_ovo62C0`xZabzTj@3NWbCXrQ_l+c=3x^>_{qr%ABvkCQ*kSo9RmrY^XcBAfLLe~vMxKSj?dzhB#CQC zqI>Lgfk5-z6+^qhrp04A`TDJ3)*t z945VF;bT%OV;N?KCW)Vx`T@dGk31~qW|Bq!Dc8a&x8J5g(F8E5+w0ECD|uj#`RJ;p zo$gO2(+!N#W0I%%UQjUSRb0t4(l*ZDbM`UQddx^eyv?K!l5J-A@-iwi|MN&Du>VQf z?UEc+u>T8My5K*5{sTnr;S>feFQ7nkw{cl=#38h*i`Z*@&=P;V1~^^eV4?=(wYkz~ z58F(`^2A9D$-Is5W0`np6& zeJ3xembSHY+fR8}Zx;(9)lfkXG15vGVo6n9j>Ja|OrHJ^{gjViL zo||ZeAQP{z;_o!Zrzln;D!{d*w#k2hDriHIXAlkC#8HZ_VnEUCl2~zw`pCut4-um@_xPxh3LOZ&_V{ZSH+cUtRNc#8jSoRORg<(qz8+ zJ?sDppKa))=1a|sHs?0E+*e1y{iaj*Er!jUX6SGIWLZuq!y{5iws_%*BjcHk{7eYP zzN{>x3F$YFj*Imh6+aMLivLr;Ip*&d7^KbmX#8PhxFdcRzM+~j)aLyZsT%rtMb{Xq zy0~986om+gp^nU0hClQ>8J~b;%UH(64+UMQKZFRWS@82Ah%ff;rR#s=pj`o~26K16 zxH|X?x(h@P94~x+B;(SEs?W&jt*<~~Gn6&qeTrFRtsTNZ;h2JAQG;&YJy`ruwxP61 zIU8=pi+p>o;-U9rXWvhpiS`z(P24RO%|19LqlPLb?!+&PK2c9`^Gx~81MA)jh1w_@R-xwQ*I4vR)wQWZO(dr^Cu( zD!v`btYI9to%Om%-2G-PbS>V$gv+z0WQ}aTyZ4sP2Q>MP5HTi?#P?kQC-YQb2ru=R<>3lFl?^x4{B0 zqjN7Qu3Fm7aQ&1aL5Fp2D?1}DWAwPWwv&!6#by>J#D~#?;f0%zdjga$9nQxYdndv- z!@P+{I5X`XHo0Bguq*@?L5Ykcy2E#yqc56=BuA*C4FEYES(20+w?Xm(^3E0)Kf@4h z#rxJ!ITQq_kwinv(+#P*xxAbn-n2qx)8OH|_a|qE`@Hm2&2Ma~yyMefJUH4IM&}$r zqcV+@n&(3_FCB6maV0-Ttz;p-3q=X|NgNaOd>+;74^IGvgiHKh z#@*W+*;r*%pt|~?c-sSTBW=SpNDZcybwCmUM{0xyl#|Q7^S_>OTKO%+q}k9MU)Jbd zz2zwAIMH~GzdmmO%Z9RPDi~avC>Hofw(Sb+ep@-?P(5FokQ0rM34`fy4VDNT0Y6>Z z*j#u5NF(!2_Zbn2;w=~*refK&(8iF^c+q-8Iu#qv7$_95o5YILy(GQX!T_zZd;`q$ zI@!k|SZjXdt+u_-vhcK=okeZrqy!SPGK6tkTgTtaKM&_!72Wl4*nH63e0lyAOgiEF zi<>a!cArm5glg3${GA5#vE})HmJN=Y6*U;f^K#HC!IWY`oPR8Pe92QjUv!-|j-C&G zFxsAKm@@8lVmqo)?~u^c*92l%x{MogW08VeUGq0hnlV0~7oLO7#LbL7UNM-X!np;R zhexaqxdlXO$3M_QP;5T&Xj63aQMc#jAybi&WU3VAX?RmkT#f1HH?hL3ptx_*ofI4ggiI2o3TAEt;x=qx-qu(S~I*F@V z;Gb9v%GOD*jB}llx6XwXqD}iY{bkR4u6eB7Y!G>BSHeAJHVXQ#mS;va5E*(PI4b0#f%6^Z5?gn;KVw~`rytOOu%s~eTPX2 z7cCueMYg|MFFzixdUcVDB?u5e6ahgB)E*qvVub{b!6J2EN=m2tJ~#^*d?>`kkYdx1 ztK0}0+c@CTU!1yBdt$iiYM0$G$>3bSJp7GIHXVElE_$BK7&1wtiAKs3H4t_o*cT45 zP%%|+nPn7jj%JI`|KifATyPs7-5J3Yc|x&o@NRMQ??*j4G87v*l!2sD8cX5+BX9MN ztYV98JMTSd$X$+^g*!Ho#yVRQ0B)liw0wHU5h-}?NVfs?Z6imL3q zLpGihc3=!nWtHMaB#`K^_{??|IVtR?)`uYf3Pe+9K95%rPqoW@+cJOVN*~ng(JiwU z#Ns3S<{_SW%zw_E?)9hQ32)+YtEM7!h~{s6Y1&dJGt{?VzTYI5*6}{Zu_$UE19YRa z4a+pu=oKs9&o|B=dRl%pO*bF(rcLfrd>FqQf9SA3%ew5Wy4qSsmh{Tr9mT~nHsR^v z8%fP=U5KcVU^dp9c*<(`!@*zr-fBLG{dV>A9-=Zs*U}8MtY}l9^tBLk-(&t$DHCev zDI>$U;FIAGE8~{FyOXA$;o3+T!DSoDPGE3DoIN9?^~aV0@nx_^wF~j)S?aa?t(2IL z?7f+(oN`-wqvFJt3!6SfmU>v{X`dVwNJL`ANW4<(T>^J4lZ3~&u5tVsw@^k-h>&2K zjkf;-Yf96IKP3`9ZLM8Lk!CLmyXJrnN%(7O$+Or^_-SNI!meZyzHR+wx?!84d7OVRdxO?3 znsKVv4%x_v5Hds?<5A(pyC8wkZoi&)k0nIMcAy%wqX3|^b&pJV4IOjZ--c?(Xw{Fl z6&p&UOVJI|3pZs_xw={Rmgm#&m^vIL+!At|QMjx&>66mfTx{g0UP9ESQuynclfJ3B ztPtAe`Ib9HqphwQ2r&&XYWrBV(z=o^qEF52^ojL)b1QTCkm*>5O&sVm3-{CA&m>6Os%gqgtAJYsLyQohqOX+$jDlNaYDSNO*cdQatiY5ByYB0+gO=S^J@;_FjW>c4p0V0+VomiBH%CO`l0pZlewXq zE&zgG$_Eu!-^+a-Vs)~8rNFGAf5{Pr8yAQAi&wR@?8+DEbCHpD;kj+LI7(zlEL&7F zFwqr;_f=#oVA@)_51Q_MPA`xD%X}G|z&wEt4H0ZclMqT%^JLTI?#)Qi)!<5;I9E?a zKy{7wmfCr}D}CL_TR{F4^JWw0xp+{#gKB6nTm5smoNSQEEsRcxs=x2i{b)*?=X1@l zlG~IFibiT44)f;-QO2#G)H(#{thy^U!+#`M+K}GT@D7ld8MmqSswMc_jhO0VP+3xM z89Uh@EDk|@u~yE>U;8AyVFNEVkyPuDG-3&a(M&dG_1;JgwBb4!!p{b>RH@g z&0Ju~mv^mkSWD|iQ~WBc4)2d3FEf;9g3{FVHX0|PYBengL_%Ko=B3IPL;d7oTbX>W z@xG(_wDroHX)J@SWNVq;weq#lEr>D!Z!MJDsg9PF^N(+AT%xO*JCHkeXgXFz4hKeL z&f=S4qZ`-~PC=V9=PRX;UCQ}Tx#ym$GG>50_66rlR50CLZC%{zmajR1#he4*(SAy< zEUp{fNS_G6f=g(*nef+Th4WshHg@E*jAI0}+VGS^0_*2fYWdU&VX7KlpmVn9gmG5GJQY!1iaD^}-Ti}yBj3?6 z9|!L!CCCv7!Jg*A6@ixnBvxY%Kb5Y!rY(ElhTJ%*?#yllJlI_hs*CSb1tYa)GR1<% zyXcz8g>!}SCgFit|MmoyAw~|0CyA2b znpvwOy|>FUK`@sD^S+HBs_~#^i zwg<)0s7o^_LR7+8W9>(JleZ(h#io7teHR{JRzh>DWADhcx@ZS>D4jvkOcq^C#wyf~ znq`oMv|;7V8$#}WS6A1Oh0)(_mY)s>{Bdzn!}(BCowyB`k_SoN_K|b$U^Zj9N83ki zhDs+C#<6WAGF*6*?W29QT!UiHE%rck0N-r-#%N&rV5T4-EcB+RN1sd0J5BCF9CEx# ze{}_P5)$;bzJt1uorX+E@mDhp(_!Jp--PR;8DdMoeo?Hpc-o%Zj1&3Zsm0d|THVR^+!y6)?E#?~jW+^%eyS zknqm}+uo}X78eBAoP^gv%C)@@PxxnmxIHGR5+8PFOsabZa!50?xV_jLa9zFycaq-K z+OTuBVPHA{1Mu;^RtHHL7H0MS`84CUlc7W;!k-hWuvFr^r+1&pAD0Jy^YF9s&^~zIM&Vuw zaZmCYgA4~S=#pim4F+8xRp0*H+$;^0_tI9&jCFa)4)5M1&$IxP_9~lM+Blx!Ed(2l zZj2sLhoh%4;YSEZwCbRNiZhP}+!H^FJ{Y^0hnMR{lPX{)aiw~^+Z9@*p;Vbb>h)8u#oNvcsLA0am& zns^gmI<&}JEiob_JG4lC)p{z@c(pPX7`-UJPQ-ED6t&PzsF`qnN?2g871^(2_h#rcRWsSxY<@fPziKHNa*aa z>dG(8n>mE!QoQ2_h^EB?-z6xOI5%CY2ZE&6aSOi(9@?s)?Z{nQoB@rkv-3a>Eu4`z z5)Tk%(egk0=QXZBh9*l~B@1|lktma|2OT^LR{Emc>E8)doL>t2AoArgyq?$fcpL&GAYChN6djAJ+_9)LFTwCzr+Bl+J3VT!tzpI~ zlj_&uK_)tH?PsEQa7GjVkTvPMZ1cbaoR`1qZS4B!05(ZHX=!m4v4@BuHmxFtCk98Z z>Vp*|QP!2biC^+;Q-OSw*1Z`9_32i( zeeoRDlh9#E>d;0Lp|6p;mlXR>*gt*_15)p%VSF1xC%+B8hx2}B3a7|P1IY^#61hpE$gaLa%+;0KeH&#>)6cs<{d+#3F%Xw8gvnL9; zb>(yK!?7k2sLp3F5X`p!*0s%Tz~F$=R6<_^XrWklaRp1DL!mN=!tAG^U5rsl#q|0QYm=ns#QSAsp*V<(hpkI6CQbkNg7Ruj^*zM zIrk#+Zz1d*l!KZT7EdMqTr^{(VvZ(2$CPqdKA(974_IPqhZ+;8CWPuYiL_&p1+BT# zEf!6Msc8TPdI5l*_v~Oy3XQx#5HHGpb{EOw9X}kg}##r-@Ufenz&%^0x+705$|gY z=-LsQx-fE9nxx28?Se^r>IxzHh`I9ZaB&Nx1hg=oE;xY}#$L5Bts4TE`L(3~B!FI9 zs`BG{Xy*2xE)bYove#BuaeSWP@-$u|3WInDb|!ZjLXAr~Go;lZm_Gfd+oTa$(wZv+ z6z^8ATOf`73mO4Tydk3nscA&ZFAbV!$+5pN41Tv!NGvCNKpQuT6uxZN_Kn-1=pYRS z**c}4OMhU`GHK-(*uzwjGHIdwo3uwzGw!LR8TV4x0#a1LP|iOiAyE*9%V{GMmcyXV zHH!yLAd(?zQi~zpFH}`%feUo*r%TCaFr$oqa_lb+>3lH;IM2rr_ z5^Q{amg^a5@p5%ecGAyRI4hpxfku=h&~CQ``RgB#mnJrXBGteU4Gs@A85K-gevLv8 zrOauHO8#J%@69I(r`Y-A168+t%LuqNU%{A2SO^4}kT0vOQ(uN@AZRVpv~<#Cq1GfDN+9WL+V7ZL7P%H0GBbufTMLE29Wd8g4RK@E+L!r;9NSlzuCqakE z2IatPghJUje&c)~7aDx*dtJqhH6OP3xdaty8OKza$3L>Y_NIFGga~34$R(*jVYzau zrYbN$=W~2uxjZ$%Xs@5zWm|+exIgVzajd_in0X-4R_s|2-Ip}1tU%+K<^~b6bs6x* z??~&OWn3{bcwryCs>whqx>G&_if& z>opkMdL(UiP7+b!pOa(nGMEU|Vi6{f>cLV5=K-pfHQiP_L$& zT1B8=C$1WHat>r6Nb++<>K6n3CrwUqi$yb{Ps`I}kBe#kz8=^YFcR$493m?6H}*2; zQ|TsWS6vs$a#bG7oLcl>GGEd#_21#AU4|60wq>rW2};?iIMrdGnaIchB?28K6gt~D)2WHOFMhBJrX z;+XCRc}PxdnHiqP!4s9%1C@$qdz`24s)I5n2)J z!GTo)G9&AZ>)cIxW#ib=igS6-EW;Y@De~BCdK(z#dZZmUTgf2cbVD0AQr?d+dn*}1 z=5yFEZ~H;M=X}&2bGMCG;i;uTn7*gdJ=e5lotnr4!+EBq;nwZ8W zy>~8Jd9XJ2R=M!#Rl)HT;jz(mlLp^C--XiFg0v|qi*)}d<&2o46c&Gi(`gDf;4@Q) z-`Z~)f82+NTR}v!l@;fM51ePBm!ih<5UQ}_jT43APS=K{tz;O|SHV>O9{r3v5Fwqg zEFm^;2aw=Uj*tD-p~VC-U_Jp2aJbvBZDuELkuNXqA-_rOnhZm)|N0l@Se3g%F%}Ku zjc|E8UV3?Kg9(* zu;bo8wVADzN)y#9!v!B&{#r-+DibnqG7A=YY|GQ0351rWYICJN|E=rgZsl*)?fh{q zZ!&^!#f>~EuMv2J9CP+GJA|a!zzrxfc&2GDBk+{NTT<qCyglu9e?y_A ziwSo%4RjK5zlIx_eBBv;A;9<1)W)gBmI6j|Hr^LN;FZ}ZDDq0fXThs*bWujFOqf9`={JMPP-l9 zcz@xH)*IWZw#owKV!M%U8pY;ijNJIikxqPeJ0`U~5JtT&lUHiBs$J1Ec0!HL;|}V) zi6U(n4`jEa({}QS_=FuC+2T!74&yL^xrt_vx`mXdKTJTkc(*FDRzC^k{>?92I!dqg zQEx}a&utRfJrT(AC4rCyO9WT)jG4LbRAbGXsF3z_MR%p9OAS@i1p)PE44TstZ%~mY z;yI$`Pcxyh;`s_4F)pMbdM?fe8KFOfw4l{9$cq!E6M?fvOCJ{kwX4H*r(E;iE-Ybf zdM$^`bcU_m{FYldQ%$xfGLMO1b-pI(juMU;c0lCy`$%k=m6d!{W}UEQa&>w~I_5(` zi_OpqnZ&=N8Y)D1<4=kNKhnGCIHq-3C4x{az}}3#@G}DH?a3;*_*HvqpZikZgAwLX z=*<}MFfBA#z1ujNH(pSozC$1igtlztO5b}HQN5r=jahqpPsWUE*4P3|;3gteFU{b> z#uxO!9-f;ttxr(ugUGsR^+7R=^QXB@}F^*9eI#k7WaVD>?vc(R1Oz2fmq=5e@+a0l9tz~ z##Ag^j~d&Wr=E4q>TU1pY#GD-Y6;3K>1{&Z;Lts~dTL|zYQY2EZi0(n8LN?o=S)6f zBIgk`qWTMN{l(ihdH$WBHg7GFPzkPNgEH;)*y%QJ--MZ2%niiNnF>PXB<@0aolotC zYG%-ef+>4Hi~0HYMU$`P-FGy>8>*He?`UPl7y9q3ZOZvl;q{C~QJFypL?+Pt6YshU z-L|`2Gl?-tnIbMy-kX@@8K%^)G79#3jWPNHuDRbSd4zTk*1WhgTg~_eFWHWvnQ0(o z@>CJ|5u1S_AIWs;*y)tPKU<5}e<$tvNT3Lmmi$LJ!UmHMOCwmku+u@`4O!lEobuW` zR+M@q^XL#i0~P`_;*uBPg?1uphFJB;oZJk9pVxDq^JxcTYI8~$ap(2hjM#6!5NC5F zl^PVunu4}`TV+`DezSVjwE#y44@%_o+cV2PD7bHK-M>|6~W4M;?XT+I}-}O z_XHn7g55{bX0h}igMce@#q{|TpwIY)=Bt1{>p4E{g(X?)u!#CLu( zm9bI@$Pn%2@UPrO9>qv9Ic4NtTFod2yCM(wCP#O^@oib*;mKe;X?@sASUS(~G35V| zRHmDVM{MV|%o`7oIfM5`97X6Y!&^n5jaku;lCm~;q(CWZh zEiJx6*-qj1M3s5@ElA(+IqH^g%ixiCHtm(H4+aEyysH;yI;!J>QfSxop!rhls@Go& z+0PtV8!)$tsB-#Z0$RBFqkruia}zEe&5s{ z*6*d>sRMVpRp1EUw{bvs)0h2G^7@KBaF<6he-99zfW}%M7ea4M ze9myiK*RN5;Me{U^>b;0U^-M#$qu&h-Yuu;DCoVM3tnlsTluHk_7#(JT<)O!dU*h5 zsMe+}dW1-Fq^wOI$;Yib88Ks)r;e7C`)|PdPe*=d9*>{&@3ieTTR(GxUV*+_KWOrp zGO)tq4-p8RFg46!&}^XM=9`b3lkwhoQ_>zM1Yt~o;4t*-NG{aYR2&)4iE>wERwQ&h zEI%~r`sXU&D=Losk^Fo(YKCThu^^tqr|)sM2ldFXsx^d@2t8-NsGHCo{sJnO$IQ=U zNNL@uUW#4^D88$l!p53pF=GWkU@*_JE_|RJe%j|FmD_c z5@WLDYJ{fwja&mIkZK>Ff%|@iO6}Qis~zKyTW9q7*ZAg_*M;PV(G1F;%@4zOB_sN1 zXo}l24o-+iBnVmO%vPh@T8tHa6&H_b*FE3Fv)Qe=qV&?{5E46`jvLa{HZeDe-9Qa0 z0@;cEI`;a$*7b7Eh|8e=5-YGl*dlnaErizK+ro^R(W~a$%!am$4q6E9M3;%X=eRq! zS3DdcOAYEowzcLSZ0R-)hyMa*vM;9dXCP_gML&2a4^puu5?EYmM^u#Xmg~`!iZw#k zFP9ES4lRURT3q$;bJLN!ol8eu#~8&pe}+xH?QFM=Iwp(5>>5z@&$U|Xh!)fzFE;bl zKH<3y-PqKf(T7B5twv0#_?V{$sim|`Mn4fvMmrpDu%D?r3#V8MBKE!Ue zjfS7x5O`(IUSe#9aAfmabWLMKy69MTGY4D7kKMZNU7JaC9%jx?Y@}nWw05w~$|Eo@ z;$Xt)t|{hoo&brw(DJmw+)CtSpzKL@W6{lTKJBG!$W3c*DrX`#Iu?V;jK_{|NVBnV z<{Oz!D^Yt$-d(o_IS~!Q=y#u!N<*Mh^UPuC#E;O6!0JxG@jc)`6$H~o((u=AW|?5N zb5yih@`Q6$`rU7r{z~Z!ORA8SGSW!Ry^eTrHFRpAZ*rBC_iLN}uwvb#ChRj+$NTI1 zf(_E0>NOR=n?Jp>H-bM%Ge&%hr!Xq@qHb|)@Vp3i%Ah5qQ>fq(*i^bFLFUiq;uBgd zZoTK7Y5u@kUPW8{CJs|8(kkY7+|*oz*CIwZQ6nTdlPK&gpN#(8_f@>1yf;DqU9@B< zNTyJAVBG5on1AtitL&4jyO<7U3ZQnLO0_8%i1}*bHhQbgR&V8BGx>`o`b==7t5bwbZwq77mHj>aCc1BmPpXYM-#c(zu8PS(>M0zuOXoimT8P)RR0*cK#_{$D6CT>gxh4rG^Xr5B)yn}){1 zd#n#{eQRW9EUR%=^3wSw)eL*+-BWSL5SlwS9u`lJ@!bPD+l)iLwQuR52538eG!{9y zLc@zfL0zW#W{(>|;NY8_q;Ot{CI~ZIBIxBvj_=9wM=^8w_mJ`S+sasA?w)!YEf_N+ zKFYuNU^6bY2)~N^HTH_ty3!6BVkgab$Bi^{oRfb>#1Q#k8P3ah1{Wl6P1~RzvFO2W z@*wH;*n@XG#FO()&_r;__@{?;vzR5b0Z6&xc(8(fSvuDZV`GqKI3nA4vC^HGyBF zgWs$2Y?ww*oeICiQ9%L!j9*lYbW9J!iGRPOINk1DXt-zK{|%TmpCPamh+T1&s2 zDgG4$EuZ+CR`LVcVSc?{+8+C|)We_bt#$lsel2z2!#cZl(_^Dadh+pe?|aqurOl%U zZ#I*VYo9AIM#W{_OR6blu=w3U#g-jI{;JLY4l2GtU0RQ1cl|JNyqrJkRyI&|e!i<5=d0;qVUdTD zC2YpF^51mK&tM-c@S(xn7g}HkF^BVyxcDv3d$nn4G;I%`Ew8kW6YFN1Ll<9xq4ImE!<5xn&(ve0^~rQ&TP=*fvI@APIVB^XGyOn=Sf z_znXT1?;U&;LVz}B5PPvQSsQ5@s5bK$_!j^L$eg*Y-iNV@;K z)TF-V9OfljHW>~LjNJX^RM=eiJ>XSPGuV3{s%+eR@WsCd5|gvtEINzg%4@Tk!H@yjDRN;ys16u4*@bEQ?8_>UE9O+$$e1Gp z71H|2Y@rt4J-OaLK78G8<$xyZIzIC&d5wHk8=u{aH&{p;@r=!Moj);ShRo!I8ps?~ z7LBP9d^COcpcD@%R4BKevHp!vGB z2GYGp!;0;{p3>y+M~~{9uS} zD|6v(9QEsyUfQ;~IF-@2^ZeXwsE{|(QgbL1*qyD>vxlXg%-2mFNF~Krwwb$B>>8lS zW|V?;g~UmqHkRz>>w7haMJY9c%Zd zz}vHD)H8j-m~>EGoB5!bt4du-8v)i76&j;KMN5HgH0$+qj;caqhPMl1x@N247^i^3 z#2Z5y!~9DD9*H+7&CP=_@K{mM;P1?Z@g{%b>L5o`N)??{Zzs8pXFkGn%%N)0I4w}A zA=@`FY*n~}urbeI2TLtAQkmvc7n{@ekotyufMH3PbjA#QGuc8nm#Cw$=JgII*;GMW zFxb5!iF5RBlUJTP!t!yQWLwXycZ#OWxkG;tc=DOf3*d=@H8l zNZJauAKzX$YkrJByZUR7nHlS?nt5ZkFBQ$gTK!Vu>uc4X`JSBN#t4i@DutD~5nk#D zrpP0CMBR~ASiH}g{Bp2o4`OB=F6*wN>koEJ9k8?oDMj52e!3;;IqD~-Ph926_}zsr zW;#pY5}c+QE4#c%9QC`{|MH_3j;T%`v&I6;J|~U^-a;+-AFC!UpR0-dQ$_chZ5}0+ zRP1qgZ@BR(&8E$+o0)+@t2B7VWuX#xeN&^obwvMOr4(}hQx2L=<=)!xp*WmBz=&I) zEf-n&isrhxqR-@=0$4{hvzti?U$uM=1;x#Ed}hIe`^0%s4FC^7ap)7Qx>ic-NtooUyVLL9n=!X5yC2lQOl{Ql*Ac2RF+ zP$%T=K#^rt13+UCQWjGKi~uFgtj6k%rIY3g#E(lD=x}wexb@^4ae0AAc^b zmkspTqSQ~que2m}4^7~7Tq=$O>_D}t2Ifc9TXdGRRgG|(BSp(w6@K}z__{sOtFJs* z5j2(E{6l!qDYv7jyk`w4G(28-dhoRX$+`4fZ{R9NuDfL;tcg~rcX?jF+;h?9Sa?sx!LJ{zI51*kOjE$t+J3_-4KnKL7E;Zs<`ARC2r`5 zjp)8^O?@d}=XCDEU(X5F$IZ5kMpVv!*ZG*r^d(u^9ZnesTp`4^>)bC8RF7R#(`LIT z-vJ`!Y;2d$O4B~6OaBcee>m@};~#ytLqoPG!1xqbYm~>fZNW7NVv3U|D}S)O>@$jh z#e3PUuJ~U%UASSm5#n|HNz+=OOD(gEV6|TMQJ+W&Qb$(rea~gHmiSqLx|y6HCTVqf zY|kD`dMT1b`5rM;8ZyJX>iI)URdIa&+&UsJO}iXnvLYxGr0!Us#3S1H@#covBI%#x zRdxPUl~5^NF_oIr(x4jgNq`&x;&&K;PoFYUWD}Cmc^f!eb{oU39EM=&bA{g=clod6 zY-AU(`|Zg+>}PhlWi>Ab0xpl)jW}srv6se%yc&&7^*d@56i7byEfK|eT4jOC>;jW= zOle?rMy7+~{gW$h>g{kH)zA<^MPFHyL)H`N=kNJ%uYCmKlFb_I+BoAX*JPf279--a zHTF<-%XNO3<6uqV%PkwSWj_?f6GS((uhz!hrfq3e3Ea&c5C{yfh-I`QP3z4t2nUGG|ZolR6@YB!;baDa&!7KSq-u6#GbR-!%MZvEFqt-3up925S779M<%6rYJp5R zv+5{>XI2>L%M3j_PSfQ#o% zGNQ1lPCF^mk*fv6nalB??|KilP)sr`P8P>XWr%G@ zV-lIGk6Jsv9-@U3sdMy?EVYV%7f(41&FUl-cgkDIc>jP5Ht_{VE&4g~Ubm{Ue6P4~ z4a2GCQ1tMxENGiuZu(L6Nqn@c_9xoC^%vTGkozav&34pR0XC|5)SvLdwWzgDiWCU* zY8OC>_oVQ_7{dE9Q*DnEPrSoZrj>ewXRA>0aV^^1TubpBS>B6+IL3%_yun3>8Fk@c zgd~0LxrSFubh1Z=QIkV4K1Z=QXD7ZHVbva7Z<{B=N=j|*%1g#DBb7+1rV9hoo=j4R z*f0E-97Zg6aO4K>PJ6y`I203xI}J?%7_f#L@|Ju6ImoieOoGx%w;oe1_P{4o~woc_Th-J<$~&CBbl}<>8gwbPAq? z_J^DvF3k#ic;n2K;g@S2Gd)Cv#_<$wMR^r{R>Bb1 z+QIhu*H_d!tBttKFn6IwH)!JQq}#;5(v1J%=6t5doy!g|=3IAt2ukn2^tn_Lij(7{2Z(v98CK2opNDs;>W~KXWR$f1!LI_M&_PH2^;0 zoVGkNuJPw!U%`E>q*7$NJn=8~m3h#)*0EAq^mW6R{^%hH?B#TodwW8lB#I3e{Ut|G z+ym|V)_zj`A!p|6%aLb_%fSv>3(Oi*Y45h|!Omi8m3Y>9SI3$+&h-jP_~HL7Corq+ zy|Elr&cFSiFytN@OO#2Lt)V~LPMPTzqsPO%$!HgDN|3~&w@z;4!zRS16>nw~9iX86 zKlp(aF`oW3U)1*w{s=8q6R8_b^e3V&2$_LE`oAFK;Ry(WgcONte=^9}Z1PdiA1H~2 zPY%YyQ>+m!{>r)1-ZlMkLmFk`gNIAl@Wc$cKd!i5O(KNpHE9B;W-e zzMrxztMXo{6uxHjCY1=!&s97(W=VfotsSO%SbhJj zb&60HyPz(VN1odzcTB;@VZzCu@}b}aa%0fL#pa5yqUvTH{1ofo4ZlwP zoesF2bIi5AQWmc-m%hgJ!}!q%56?5zl(}Xo#1YXn}G3ax6%L1j}fN=I6vaovdI zJ1&u4^Ji>a6Aj?O2WDfbKeoQ9n9+}7p_?Da`Y%pKBmsqKW+O^@bT9Wa2n}i$)sE9u z$}9a>u+ZziIaA81v>aF70 zf);S~;i1}MSH~_ht5^}~2i0<_?%r)uK1}C6PD&2FeK;#+AQgkOY2Q~=x-*_Zk~>DH zjE+8*%ZoDWonx62ZT*l#T+Lh`0Y+5(P2B%DG+3ZmfbZUukjcDY1*@}Z+GcBl84{zZJ{}=abYYW};t}3^+Ge+`#aK}kZVpaPI6(oTT z!0D6xOSFfh+1*aMF_qa`qR&!Z6ak5>q1DXW#9CVGeAW=jb%fwXv3Bgo5|m}7G}p3e z>Udh3kG?T?l<~B3a&yTwfR5fc&p^KUpsEMG-rB+I`A}uj!n=o{jo?&bJu)}M%nmVM z+M4~5vFmok69N4fA+IU+6(7RZ#?Q~Hn#ZR;;PjEguG(6NQWK8b0MvZ^mJ>vatyAtv zRbm+~II4c(=b{!{oFnD^Z$*+3!z&hw((K_?6y{2$iY{iN{ni7~^LFLBL=) zFJei^^5-K5D5G(KpN*ayUIoijOkpS<@h8)vrKx+lkg0#`%jZTr(@km8|NONn;El6) zWP{on94Jn22_T~6EldFBY%h06gxITX7Znrq7gVfP!s}`i9X4rM3xG}->%BA$sOK#<64?7q^iVpVew)|y$EQDxI9+cJ6MrC}`7qcgLryfW&w0g~ zIo7i0`j+k^J+`mw**&)Y>=!+@eBNkY#-Csd@I)75+wC(?1;h%2)x0LmMV(C5vw88k zL#q2lkH+w^2XBEE$2v42+@K(3+7#zzT`kP`EfNXSQv2ud^CcqYOJxokp@Jq3pwY69 zXNR)I4&qxo0Ry0kit9#h3ys$nP9M)cUG^=qUxWs z56FNl)j=hwtQt^$S1LfshyS^$6M&8_FX!BetzM&ZU}K*I!bm_d7tO7P*P>w$&OSeg zlc7vp+sn+My1iL2Pqsg)4SZ33&>D)spU_J=fBX|7E}y9nyYaI?j@_scua#&6bwd?KqW@Xv9W47;7X@2ls=gPs4UY8L$FTFjUQ*#ZU8(~s?6Xr*3= z;|CT1M9u;bdBj4$mDaIAdb~A>$Xj&{IHVIYUmwZ&PCQ*e#TvS`G)Fk(Kv(oiBE0fm z%qzM*?6N*ky6(G{*D_Jgb@mERL>^-?%*i*PrrALN0vzEZ05cJUni~UlUXV+_Q5_Pn zID*x~tPFKk;3NsOwXu8nUCO#ir0-xIGG6PeEY94n=1F7o2>AJ$)goC{5FF z3Qlh|($Mio%DJl$=<0iJObJTip3L@<1>e-b&+Vgi@o}UK9R`H~gR$UWKEFACu>E-u zl;n_C+DLL-5OOSy42EtT+>LIrJD_B6`Z+|FNAL7u~t}R_r4hk(aN{+0bS`b&HU9a!jByvQ+johGC-b;1sXkM%yIkZcE8SirWm zs_ml@lp(SLdgPEOhM-JZV!Ob!PV#pFAsdH&%ckS18dT$CPvv3pKa(GAUb+71)2+a! zV>E{*_@Tno z+L%2P6}l2IEyp_7KpoNZo++i`LBsGHM=dtDrm^dD%!XBC09Sc6N_9>}r0K~VGkmMP zU_jNt?%EZKp9&6jUUC&gs;-qArE)8qlnsQS5O$R}f&A z$88Rc(5ilf8yz-Qa|8`^-Oqh3I51%-g!!dP&?)6bcrn=D=>+bHP6PMdLM4j=NnJ)S3e^$B9_03) zJtd68N!W0if%*=t4u{x%8iAB!@I^OnTq3XAfPJq5pOu^g1b4EH(jsoLw0Tr;H@YT* z9~iCISbyq>);Sm%wm8HHN9e*n?F!BAt{uH}EcPRf_SSo8bCw`9e?5G#ezkdFd@RO! zX)#_Ic{AYVavAhHJ)r7g$S!h*;nc@qg`(!jsLeOe38?gC%Z{GHO$CCtqXAcXD@!YAqEY7#H6H|- zN!CYBc!StAK=(VH2czpaA!hh@GZ;Z@d8J>WC+_@_956LAap075@ zkn&a-JT8fMnn0V$NzAryosX(=YbV_rWJVyV)F=&;EAHK&|J;<)MUD~}(5(8O1P#}$8C_>=@La!$=kI^Zloc8(E_Kos&NS zki)#{`GlVcy4+`~6m~C$_w{{pl|&ab2Uv^1M%f^*6G5Jj(jh1#vCqdizwno_To9t= z`$dG!3iF45Lom;D*~Wj53btSjQkdO>5l+DizJ&;5avJYBeW3;YHeoC}rRjp8v9d85d$H;y1_Zrt<*{r?nQDnl87w_Q(f}l7WoSGM=fhC74>OBe=MsUO zqH^OXz8=F*NN(iRXgaST!QV)zmsw{sp)}ID!tt zk#_F;4Dd4&cO2E%Vs0Ewjjn=^k0RY7+=Qj5UpEr_4e|qMG@J)%@Z1(E-^{`6(2y^! zC8ATGXtopB#1o`QP=&!TF^&#QPgBZlrKm+E${P_^H}d(ni{gF@r7Se=0XG;s4U8Np zPu0d4Ovy7CslcRaW}T;dN}z6;Cbn1({M}25BaV7ZvO3pRTfZ@bPq+AjwOwi{AVLrb zGF})Q%HD_8!9P8zdSf5;wU6M73|W<-5{Sb|?D|ZDuXLVkgn9CMyl#E`lh7!TP;`+) z;CF>0wNso%4(#fp5MZ}E)wz@y>!pX@tMXxxT|__@Kn)bk2QYO8Och?v8aI=jjmeS?0MBXi zPG#+7xz+#qEW;FxVJT}N*1anJNvdfONZa%C`XCQe?R=8ahr-W zVs4x-@3CJtRB`H^#)_esFTeOkY_u}}u&SANyt>@b^yk|A^NSag}idTiT zr3GA~MSUqTA_kR;sfO&aoKLZ!_54JlMvt$gJC!Q>OK6%hU8Shp=H)JIBZ<8Y%e^c? zn10-f<$gZ;3Kh8;$QgQy!WY|2RQ$LFu;j8Z@lG@1IhRHUd~GqrmH_H6U6JRg(KbZe2&+E^?tmTX@;Lk_|4c6OikkVLTO z%*mzxZyB7zR=n;rw|w^dS=HexXE?iUfnj|u*taMYCXu<(0>gsa!7U8^m zSGrlwpmams{??@MsU8E-_*DOTG#try5I1E1RNB*OJ+`#z^a_wy%ah8${iY$4Sh#lh z!7vSvbNGP1@G$q;B%U5>Nh=DZMP1K+qWNGHz^B=x3L!XIgwL@ctb%c?Hfonsy<3|O z7Tc{upN);u1+igm?zHPrimP&Rnfa>}OvEsED%8c~N;p2H1n*+tJ@!ZCxmvd_o=J(` z!N_&~j>9+G-KG$fn9Fj$e-6sm96*EGHIGQMq*8>RYd_jV!fD}*P!$oHiSaCNfeo<#^n=k8IgRG^2y%~s>)Ebd+q|nlz@!_dTqmBpQa5#{d+hzXc8hPy z@;>4&QmDaTefX@KEyV+YY;T_Y+*5MtAlInG__9NRlO6l_@V*4LmIgHrtvHPm128G1o@;?ReWiuL zEINL^1*NGMvHk~3S3i_0{*+c#{IIROCvrl&wwcwA&tHQZ;HT<1k)&E|cN4-UJHJ;g z%FK_xxQwYqMYPJLFtX`GSLh>5?}vNn2K&!0XYe;w@wXce1pPyTi2@?y!7%4%uT6Gk z{&3nrup~{tr7VnYGXCX2z3F5!W-cQVC2veD9Cvbyp9uEV3Nzrv^&5Ids8uKPOf=L! zG>Y}{@F|Q}>m+i=C)wN=y7?^{awLPoAL?8l3VV(xHBn55TLu;ei>gq)CzTSBoHqz# zVytC_Iy~hWy@sO~Ao|&jbG1J}c`(E1lTl$(N346`{wZL zmg!NCqLfo>0*vR)^-*+mPtupn4iDVIi0~GK#aLAyd62+_du8RDl6JYvO)o#`nB{%P z55f2z>mF38LtHgeK6}(uDlpq3;*&MLv$JioJ?i5fu;L6IuQfB4*~V6CSRXl2ns$oC zn?^R)#LFVc0ggt*V-{VVX{Gk{*f)Q4HV-WL6SJcR)ab#OEV(jq`oMDZqQ4BjsZ+|6 zX!g<2Ia}!&!$;SN_9)&vUj*e;uVLX{73q~N74Genpo+keRFU}Lj81Hyj0b39P-q`d zQc0-QQ9W62MKsg)h{Uo+?6;Gc+)18aSYaejrVMUX>JsT{Q%RY$3V8LzK(+onJFgVA zjAGV;l2en1a$S9O9KR8>m*mJRssLWqrBHbh$Tg!4H~4e#6$l_r0Ry)NNv25&HFNCO zaR1@QxkAI?>>d5fD2sv3Q@J+Zh_5BV~ zGWdfm8d~J?l|+?V#xyP{1V*3w5(_UmDT!lQA+l2pt*sEYawHV)t@8si!5H1tY3MwJ za{NA$u#R~5ltI@08Cm6=oh-c_EtfkQJw+W{8T1^_N<0%{56<)z4(V$qc2drvdHz_0 zP|IZLE2{2OG)VqYJO(QZLL9bI@Y^e>pD*{PS!*St%5*!S5(bVmmau}o_L$)_q@{sF zcQ@nvc?ZU5=kfE|$e%VKzzK+DDhdrge6TIoC;Ot4=MeoCPED`1Dl$4CSy!5RhE3JY zGt$ke63@Us-9Tl%M#LT{s!8x3#^|kIS#bL(5ppgjltwv&Kt2mQtfv_=L_dRLP)-Lf zy01M9zU!;pCj9_^_eoKbx272;&1kIhgzD5_I^(2OaBzxm-N=roIJ!pS8*$qf zYd1{aKccyPl#Pcii=sei3j}%ezk+lwnf9JIm#0*lxxWlSkD$}qA45|EZP-mV@c3{$ z>EZ@HL>Lh*h3cJhjPVi<(NyRQ+l_@l5T{@9o-*V`$tYw;gX@7wWlHL?R1c4|y}y z3T1KlPyUV*)oT7alZ2j*k%3}|^ibxwLwk>IWxAV+sZg%c7UuJ0O!M(r%j1$UnQe6U z;Eeq!MqB7W0`++I_({)MYL6}}vpH~o>-r*BST5BvV90e?+sa1_{)nSgmF&$;DXvgD zbEuuRyq5Dirj18U?9ohw0$lt1f9)4ZTYP(W4uy3s>Kd!t#U9ZJJepd@T+Mq@ z<)d@lN-GifA9+N`A&g5`CeVNZpzee~C!)3(Acadr6wUXrXaV|yBCgE&b_x|IW&6}e zYN*@*mFFMnu?d|xMa4>@uf=mRQ-a&3D^IUqG9qG{XwkhTow1&8#P)e!9o9Y$NA0lq z%}iNR@93^!Umb6Ge~+~?Y%(qKBi4nf&8%r}hhHY*y*RoCBMSr`k_6|698ypu8Cv&r zNB0GX5)I+}<;+n`R;8M7Ga{YL4!3G!1@e~g(k*8PGh5Hn{zN(uZtbaFI<%Ored#Z) zvT5I}&|V(Q9D8@U-P0Pqz;=A<7#rf<;=O?Pz9xn(c%n(|jaK#dp?r`3p7kKbWsw&bO^*^$kO2-0eH+ywspw9=D@GB~mu z6O<#9ea}m)+|!NL_gC*NS89eM7(Ld<@bGww+)p@sdS%ub)$Ct&n4`3^tCT@X+hEx$ z#W2;YvpkD}0fP+c>KsTlLKjAwRn?_*!grU{=dlfo6%bH6u!i^lC6|=mO(_ZAq5AH> zQ~V@#Yp+qhG}-TS(DxZBxK7W{XG<#?L};UfUxV+pTci{?G$Q)_n2yR{@;ceNCKWx* zt`nc>X_=>7P`TRXjhg0H90Oj>!go6f^^;Bd-+kT#Uw{Xh&`k#XhD=tB^i^nc&;3mn zDh^o-Bn zy5G3toZPS_Ersl*y!^~WDCmt)K!j3;^VTYEoisS>TlfQM(zSgom_(27b7+58Hv40j z)sm@5UT2w!?-uUP<4`y?W9JQahe zT&Tcn}U2(l!W=@b=^nZP`RW1 zeYx#9vSoGdrOx3_bw)4KqoTG>lU96P^;QzA}dW{x`3C*Ju z*jan?dE@#bKs$I1p+lIRfGq%2R2n}nQ{)F6e;#v4wfSW0XsQYTpKMOBgQ(%a*(;ja zo6;W)-hHo}`pDu*LR__u;n2cFsq4}?8YnRo=S4YZi{v`{sZb+&85vSuiz%#3H&pA@ z1J6=Q&5W&D8TUDg4E5BfrRIHUw5pH8?N}Q&V<6fo2!;E)>@AG#9bHh%6eWjDgDIfv znVOiWdLhagZh#Mh5*ghb)P+iAyop58HM-`f;a-v1d7J?G7~H~?|5Xs)m)%|0Coodo%}H1?i13-@6FA)a zkXi7e%%lR3zL}u5Fc%i-XvTaRX$g8Xnqsiy^tX)UJg$V*!?|+$TX8~|i*OPqgPcA} z-!l)mb~THohg&6~koFQk0xc29Z`+=7kR}s`K6|-$$>uz3AwYZtGitD4!8+H0>5UKz zHI-Ax#T&P2ujOAP5`4(3y3+04!N>_66FHl>Dsv^t45LO2DIxYi^R8w;smgBqnLPGs z-JGy?XmMqIoD5!R*_sY3R0&f8dn?zhXm@pt&uWUagu=ge1k9ZnZyu#!;AJF4BSk;O$j%SB%K@zB&i9$JPu z?*!ho+~X-Sf4G(0v7auEw*)U7dlSt-RI1|jTY2?5()u1$gIE4o$Nt){rnIzJ|J()Z zVjDS*i&Wb|s2n{u3iu9fK4zFn zf-u8hXJc-tgq$Nq9ZT`dmJK@}gIeGxKp+gldKuo!`T&Jc`0y}G zkcFRK9T|InW*E@jPs_r#Q8yr@f8$Qh$qxR| zZ3RSmSv|qqdiOSSDunJ`Pgcnde=sIhzEox$=|X))sE3{0z;XxvzGAogMDGOZ%G`qD z`qUfR$GzAlHf1V<_sZU<2iBy&si11k0<2b^es~nd#88Mc@#=n6Sw}pj8;1sna2IC!FR*h+6D4N z1=zyw#Z(VK4urx18;8oOtzm^Jc4kyHPCqyuI^lf4g)94jwBh&20%=E$^Xj!wCgg+j z()2#+$c-DekIyT%W#SX&*$RXS?$Wff5?T z`2A;tfR)F3M&JQG=4;Hz^K+?N@r&=IdauUEv1p705-|`;A`}SLj?(Wx33Q&SOsuMjY|v17UrjSA{U0;hjt1WX|6Kt2|{_Cc%*LMc2iuVwxO1hTdbSBC0o z)1vO_)6PFeTdwUU#-2WoO(eHt(>I24P9QUQL&&{9po3VLj0tuBp0fC(D1DZp9l8)v zx1pd50t%`nZ!y8gA3K_AW2G|h)nYSAt?ufb6P+Gl9bx^J0-6Jk^tlEO@9QEcW0??> zPh)9?CzOTh=|DbkKuADsM95Hz%qw=T0zSM<7t+zo{(s-o zHrc;i-q)4WSan^BDuZ^nrMjmzLvr^MOd{ic*fLq}z!y$-U&PAV!_|!0YTgz8i<3(F z1(Zq=R{$>jV61|IAU#`uaTKIy@RUh^5h$Zs5+r!B(_8@&6y8AMxfH#J;RU64Xj-ky zcCR6$5EJnJzlfH1en}u_pd=U9=n-0JvYqtf`kEtpPd9X_PC%Dj_IU;*)u4YDPpwM{ z)EA0qT^`=w8gi3)v{e|~c;JG-veig?J!?79iJm$n3a+k~fui!X#M%BnWBfGV(8L5h z^Dm;!9X)BFr)OJGw=Z-0I~;x@!2wfh9kO9$dj+O=Go75V$GlgO2>;MHxSNu0Q2qz0=C>=#5M*^-2!_ z-Q1=iG1uthiBRrqKvrOWwr#*A+*C&7JG`Ns6E(wsx#6u{9p6tZ(zk4Hvz6sWlcM?IH@)pU$ z?13pd2>z-}b%>(_r3%qwBjqnN>#0o)$z4U$$AKYiH_OyozU+{+2FjM8>Nt6Dyk}s4 z1dn$czrf21fE|VNJ_ztvhdP3#!6-ehSi5IeZdbi#SK8e;AF1 zbP#tb`6+a&?4_(S>a9^{9k1R=2=xv>q8;5=8u=DU`LT6bBj?AT1oqpKA`SFRCtikl za5oVTmSC)8HN4K8LaUS)V+8A^KJJNaqFQp!?f1OF&Sq+Ewbv2Qu>L`?Fr{knuk|Vv zFuNN+c*Z&@J}qc)p~lCJT_2oz`>!s_)&?Vignr3lo@ian4#fP)FsPb_?J|j{X~AG= zdCwk;-El3Ar@hr9*@`?}hX0=L`MeXh)mBjBOpg`Lj2_%opWa$jQ<$Hcoh4gV>{9=@ z71UH}g@71%muGj^Gy)&C3rM z9*a~ChpO?u7RDi$;E4IRP&orKsgE4$n0lZc)N$y5g6N}s{pM`x{Hz!Cl^~O1%H=Y6 zlhxuF1ijd|`FVl)1OOe{(bVAd87)bgcJNuW1O<^vWgdi8dkfCS=0gD?F_b95J_abz z5aF}WouX5N#%o`Yw!m(CEwg)cjE}YYjXM8+$T2&ThDtET1ZxB+bI-m_D!V<2iKWY+ ztnQ_2@g`3$>AH)_);<^vtNlZsn=c{L9{2VIH&y=Wr?DSud*}@+@^yDlX_q z{$OUqwZ$1w;M8N5!u8B&n*>h;-8Nl=HfspE_Qer#D$}JdBBZ0pdjQn%V-Nd7%ZfeV z=;Srt52#`%ks1TetXrRv_TwD0%+T}J?3P=!*WT-!St)-H#V+^q3m@raen;_pLRknu zJ9VYLOrY>32l-{;AJQts@WxTIxg^f|M6+c2bA>FkOjJ;I3p4yjJTqZVrYI-Uf0JNU zO~WgF;X47!h#c7{eo0$poMPWjSjktucLKHU>Y}!+i#A_~)ytw4M@+BU?4tyNhM@3B z6hgfyKeBL>;5nTJ|I)MY!kM}d<~iM3&BTR$#_Hd}3M%bgLsZPwg{)QSQ%`yGlhjCx z8(4&q~9sW(sjD%S|qyqG4qM9@8VVeakN#xRPP`rV@EG2fJ>!UE0ZLaez2_c8KB<;it9=P~4rMz2>mQ9Tr2P{@u$iDYY;+E+%OkbZvJ(WB zlz~zY2Jn!h&id+7UJCWxuUO{#D+5lxW24lOs{MrX&NB3_#e_MPq7RY&oBz=l`T3%(Wcd>#cwjJchf7r_j@gX zaMXqm>>{=q1`<;IE1@;Hj;8MS+v2M3Dd4AAazdmSE<@z1)zFWm0 zz2;lV#T7@YCTcne@+DUUT*0wXKFY9U(7Yt7c2bHK^|N=(0L*!N@mfYR3wU7PwW5!E ze=f?euBWNnHT${#?X>(awVhw$Jl4ve4(M3WvnR@(|pq6fJwQ&6*hyp8|;&b;;s~5zmo*LbN3{U;F=s+ zxLHiFW}ZICUw`Vm6n|n(`0QY8)Pdc^kHDeMq&O?uFv0$CtMJjj#~)0cy_rK+w9OuZ zkH+t?BZh0GVw^rSvLLUclBjnb1V4ST>6j0V>CmzTv^86%^Hm}D?9`2Y1iSj_Bus;g z;B822OSHI(7mP2t-t_96ayXpA#q9YHH2I{2wr`J3zpEJt#`4F$$1zexuPP55AEtez7 zLxLVg3r`s9`TSdkLIF8?3L>qP5_SA6ex~3PK*kQB#GB^IDQizm1vl&Pz>hx?s%1QdH1AiJ=br!v&8(4AQFhh9|Tkn2>5={B)h*cvboy)u56oJ$y;5}ZoFl<8uAcQ=^x)p zbxmraCNW)$BpXUg((SOd7C?E8c_leHO71mqy}f z93SVU=vf5el2(6fMH6E}ea@Tf?@19vuoj+QF|mzM0_0(_~n$ zotxmO)UDJSxjCd;=LTd}-3#Kj-b(VWrUcp0Dz^Lm;l}Q<(?{W+zMDyKxQPziyI1>5 z)Ah~0+ld!OYH85Z+@j4EEjp(Qqq=S^o%`z%%C&EsXyuF(amQsUg`4dZomjmnuFV4d ztVpsJZ$dYozFdM|t`4A4Y}zLIt9S`?&04mD|7t0neUC{rC)%w)`1n|QQB@_H#c;%p z@;iKaz#6!q>X|CO>PM{euRp;&klnfiR$>%fYAq#dp?&Hkmtd|weXF1PE zOfh@?-(;KW;p11?M0uv;7LCs&?l6!33Lbj|q$}7Hr984KQ-3RLp45Mhfjh64QB|q9 zlB|h+1R0wP+Wzg6xYw0u9YTce1g6VQOsKv{iU3HpfSruqN4c1(5=3lb!qZf5!r!`U z7Tv>0f~K->o)p_$j;T-@Ry@*^Y!6u0-2{uS>Cpp#5OY4#O2179_`F5|s8;Y^^}rXG zSR4|M*y@efw;GXc>Zo^V*;aS1ZyfXVk6DaQ;f?bX0WpFiQ3jD8NGi0&+AZE>|9X|KtUC z5l^8&i<(1ZMUqeKX65#J+3~kzROe>bI_t8ad~)(6Bc6220{Qq4lg!p2{Z>SjJ;j0> z4=vlewPMUcd~FB$0q7C755FtXlT7DqhiQpJrPLS75N>UtAw5($b`_zkl>x1t|Hj&V zxS)$#0YEAtwOnuB`wxkqEd~r7>_r+&kruM@F^T#%2(j2nSCQ(+p6uq^nOf$PkqMj( z3bSV0MQ#W5;A#c0j;KXrH*_`*GOnMw@7h$jJ5S?y(q2u}KcyOi!ze?*z)+c; zI)E4+OblCFv=9RGR+U5^MbwCb({<Cg{Nr(TK85N*qD5Z*Lo$uI~0GoHpu5Rx7TzIo}UgsO3G z4<1tK{KI_dN=YIk>CRk$+&+6NE-xr3$=0q@^+_nm07nP8>19(`zzz)Y-@ zJ>)^7CO`%424q5d>=OpaL4dA8%Zj8}f9JY#NNGzBZa9+Qus7L9b(K6VYFyTV=eaKqf1xRZUw{JTohdwBgkM_u{ucZPOc( z*t@i49cDIQ=AfZI{>M<|y~b1SEP%MVP*-{w7-$SluQU?=t;b)x6;K`F^`azeIdYWG zZ+r7L(wy7=cc|A^puf-L%4{F+1_l0L1+KUKV+DKwCu;wWPbJdR+R@`Q-H_#lw0B5oKuoq_i_t%%n>4(2HhMZy(R?ibq>-VOXmw>mtb+6_;H z7*8khdz~Ddq-lID;Ljm2Vr#6N0y_A`nbxmuv@vvcKNsLYJeQu)nhBA_vBx8rSW@_0 zFT{J~ONoMx9FLo&-6A$rUYT!sJ4PTZa6?<#YoSa2w@om6044?06%M!>Zi!+LogPvJ zXm34;wFyir{tj01EEv4wMcBcQR`CinXo10|HRjL|><-K$xXHO~13^9cA5&R?P8zu9 zEe^*>CKXdTgBed%qkydtz++AS`B?rDxBXIqQ`23XzB!fnt)lIO7edOUJ+KDQx0Ka< zA^6Z*c%=O=dm=yWA3wjhMDp54)(bnikC^Z6ry3ufx_wwX;YZEA<;L=rub&t0*fe$W zZZN{fQb%tkH)z*siyva^y{0ale#g#9CuRjanMn4qddYZSX|gHlx3f)s!al5no35U1 zc!^Yx@-pXr$$a|-X)~%v+7|gp>(*Ov(oz2vkG+;TWTI<-WXjObjvDbhltzI*$M$b4 z-bIX$8R2w~%it>=U?W&&kIY0A#2#N(UA`RqNVL?Yj=GoMu@QXNV6t*P#(VN7P1h%b zXNdWl#jf{5pvAnst2svMv};qyYW?|-Q04&os9J<8Q*SK!b2vjY0u>jKgJCd5gGs9cmXUJ zmRDrUqE*bCBw9mvWaAD4X5W~ZDn5QIVe%I{V=d~QZCGE`NYp9^y5~2i)vE9E6dysvK5gA&~*dfT3uC6hDy|t-8XYp#tTl= zOG4NANlPg1r5&lvXXu@Vd^z+!*dp16E-^1D4D9(B6V|N1F^<6b-5vJvgw341XA_a$-MYfFA|BU!Iu1Gw+NeHx~} zArf@8hPdR_By~}0aSmu!*_?DWv=UdC- zm@@dC>z|AJ;eQu*$M`0d!%%jvVQu_>E%eUPZN_D_uu&ZJ>;|vNZ(Z>yls7%@>k8!; zVH#q4QvQwDJKV>T;NKMbPO*u*G{f3(KEnzBD|``mWZ3$_jWL9L>j^*c9mYWP|IV)D zhg|Zr#Kd~4C-k7p8oP!0@DQ;8hl5rzNPO6>2)fYh?q)PkfWr(t7Cek+0XE3p&w zKHnHkR!(CX;qE<@<0dAsvCJLTsjbWbA=ZMB(E4xxr@oQX!AYqRPr5(vxg_HuhfgK1VP>se7g2-x08rmYP|RTt-Ynjtsb8|ey;=RE{Se>5KGhT zYg5JeI59O)g45rauj$&ONaW_9Co#q<{J~1IfLpQSWgwSTjHshMF|uc!6Nrr8^s_f^ z+@O8sgfByn_u~Hjf#mHGp&=o8Dfhu!um*0v_=)iaNVj%-(45zowR z54bCXUP$cj@E`8n&+lfrerknUbA!)7u+SgJ;G%m8HVNkc0>dkLBm1cj?q9rXo1O6V z;+}2P@cTne+?kns+$x(P$z9Q}9cs;Y6(O67+erB_e@(d_difvtIPKh|awOn4{*As@ zRQO~%D0zsJ%=4FeIL84hKp}`sQhQJBdGSM#dN^rExEq8Dz{alR#Wq|*@Z9g;uYP!a z)=TmO__F3~ne*yAfE;5ufIhewp|q|y?;&A6e^`r*T$$p|ENOxbmQXkH?lbddc1(9% zC{sOei81rXHjDe!2kWR?>WU$M4E#{a3B=aG*|;n7``yClrwTQTP;9n$m6;iLcH8~? z#&(l9bL2|hQz|&D{S>bsiB{X)ObjJOg|h5{kNPA+IH!UvFc8-zN=oQe%_xqZeZ;zW zh=e~dBPq$vlk~7?B`jCeIMm9qIodO)go=ov(d%(fHS2lYBoc2A&szQ-qR*9h_qv@* zm6^btJ=s!A{yfVcBiF{h|IOvB->4h=11U3-ZjMq&xcE4b|MU|1)35WT;`f}>)L(j3 zUJBO1`Pb`ve;`H9?zanc&0_BT*HH1z5pBiyd^1jdxX8I2ss9mC1cq>Z)&7h2=IHpxB9SyskEIn46T+-uiZt z;1*R?&eP2sI!r;XuJ;-u-c)|NMYxl9-OAu${#@U28(V@+Xoq|Sa#VfxTE`#`Uz58Cr0pP=;-;^Ui9B`?^GR|Sk#V~` z_DV=mN>I_WbRC7b-!U~JcRHRa&9`Q4Lk0qctuT}SO#eaU^-n#xZC2ws?@y_SX6)FL z|NhDyv?~`Iw!$zX-`vR=#o4~0#oet#`#v-5(-ZB;8$!o!kM>4uRFu7UGBC^H(a?dO zbHqEqjEHv7-UTHv= zeC_nFKj@0sg2B3+#vO#aG5PeaPyX$?hXZ+iVpR`5g-2#ZV+@xV(?Ip+uJ#oWtkVvD z?x}Ni4M*Fnh!t$V=ce^_&JwXDE+`!l^Jz@+%In(rM|N)ut**?zAmokNGTIZx@^6Rs z-`2G)er`Ql`w7@53*soi$L}!L^Vn;Od-woY$2;K?)rl6CybH~(YG5Jre!pxtUU2Wl zEs?T_doh8&=t{xR-?l^j=0->L67O1ZBc*78~`Tt$fNNx zquM}xUJp)Bj$l{&Pu`-3Uyq&f#1EN{Q*po@^fz1Ip7|AZ+LEO58up2i_}xGaym|Wl zxOK^oshxTh%}|W9Uhry>s__3K?!5!qUfch19ca;_HL8m0(AI42s!>!Iszr<>tX>WaPSiN8OY7CW+k=mipZMZ47UK{SdbV$98b-b&5Q+JMJnsOwR z=}Un;s4-fV)6#qcrNnnUHtKjr{<6Izv5^Z?X8xbIB@F-lw$L<@ERbp?Am`+>;cn?4 zB*OtjZx29XcZ7`O_T8LZ`wO+o+uuf89V0Vz6c`rSc`CtELY~NF!W2pI49qD~ zwXsWTuw7&h+n!gUg{h6%n!h%UH^erCIvOTnGZNGdjrIB^W=^;!`_FeC8Pt{^PAITx zUoysSg3$L*V)IU!@S;n)*SSfK?EeJ3**vlfoZhLG3**I+)UH1SJHzaYit0dU7bcU5 z%>W@Bd9up6@?}Gr;o?pJfzKMOjqB|Z@*k86FazgzGQ|Yym)#bAI+JQwl@p0RygsTm zmV&0}xw+d1C+n1NQg3`JcG@vArENrbQkgtw&vHPWRrt88(&tp4e6;|K?o zh?;CNrBAtV&IW!|b2~@v5CU_N(W{B>67fd36(Ues4(yxlPWzd%5RO|FyjeEn4W=Do z@0L0GoQGFG>_06?^JDRGeTvJR0)SGHfX}EdYuQc?fL|?uBQbI*x7Ji-wYm73Fa_A; z;$G8^hvX%OP;Sq61q~^O4QV+=ZizVZ>Sy-VJfW3^F(H)rSlEz8S6_i*U+ftBhpqaR z!k0z!Y!ER8Hf_2Cn>ST4bVv`fgi6iC9RGP-3ZX240Q!CqeS!>uo8ht#8sEOcagm_$ zQQ;#8KwN(CGZ4D}QNM`2e;|gQJa~Tr`|y@(1>6&q;&n%VxIc(d?rzq-bKsP~Xoz)| z5_uvBAx#yx8#Qx-G1$+vC#Bm}YA_Ht)u5uM(-o|_UEV1V&hw_kf)JL+V7qR5zmkV- z`IGzKowe<<^|eM3Pzr$Lh~1;x_jZ8U1gDmo0np@VX6`zyUKkOTh#c){{;K|5+p&D` zCd0O$6+GDwDW^alk2)GE>l^ykrwktK%nov<)t~yrnMFA-m=}<@XoZ#T?eG24r~DU# z3^>EP>Dr$4%NU8&DKkRB|(V^{%}R$u#Jz8%E6v z^26%Ou~Z@65WX~N_%1>>JOT5crkjQ8-cEDErAdWa#}FX!8+Eg@a@j;4M2wA&KpGXG z2Y4F>PyA31VKG!!IAfSJO06oMLq&tUfn62yc%JB+-Gz(P;V*uu=PjpCUhmGAi9x~v zFIm)Ik~8f7#jG)!3Tr%c)0=8+{agDMHd77rff_N;{mXTv7` zyq0L6NcluBl6u$VhKP}nosZszU!in0=$%AveHc3h(4 z^@5{Lw(o;6rcWqmP8d1rBf{!55*CTM8NblXN~fgCd=Ix5T2u~3_r#>z9b9Se3JgyX z<;5-yhf_nNE z_FZ_^qez4Wpp{m0#5SRe-+H9hh};fY@BZqZ{-zCmj~EtvTL%|_+QD)sHax^0nEwHm!`z&M??HF{qx|SPsXft?1*^^o%Krr@~i^!#NKX?nZtKS(B56TE)h{I1C#y55~k)Ot|rt_J!8=0D5@G{oM|+b z8cuF_P)Uact*I|aRpN9cA$e9y* zu0~8b+|fPX$2HUJn^!eRGcfp}7Ln!kuvPs8N)@CZiY71p)(|vOt1SkQ`UJK)THL zi}_7dgjHE-Cn~}t#+*P==60PKLZLSH2WV*e2JR{D>fT) z)?50KPL}#2!xhCZ$xe|mkwDS+^?q@Y|n=k^@n4j$0HNCli@g(zgps9eC3{l`Al$D;l1zwmE5sG(igr@|d( zJ`~L~0-Mb?JCl*@rS{SylzZe-aE72`TS`Mqt6QMyP#fzC*1h$M+ZQk`RkP`FC`e;n zC*1Rwt4Nnop{0cqYpP0;AB(jBQwam}+)zuD(Td}+A^@n0f?Q_MHnFDD2(NoGkGNa9 zbIM}YZuf!C&k-B7Yo5p6Bbwb!r|hD-T(fGa<{00gUKZV}J(jk_GhwT-zP12D>_*4Q zBx66X@_0TX?~BSqUe}t@PPG;Lr8bs#^R*6otk-9dSW1{opWFA#@FSf669xV4{%FaV zhnuhuZ6*M*;UckWQQY==_o`5d!)5ekkV<{TE!fT>GS9k*fV^Y@pJ;}aJyPiHzMZrbTe@Dq{%QDC zVeB3ny{>2!dd}nSj{N>kq0$yF71<06dBK6F?3SW-)@R${QxuA~fxIS|%*irb$h^A* zm0d!Tk*N&=RSM46y4j$!M~+<>=k6&?;uvt#Jxu1=KNstFCOJpr6&@C zeh2tR(pq(D0OEtOwUdv$M4=Em;hpO54`goI#9kBX{`%mSOQXixCU6f2;DNF=0Dk%%A3h^r&{&5J5OKnu5zZQ z*L+s7Z+W9_vu|QWR~QhC)=Ts4WRW1o+^ zdA782UN5a?g!(VCm+(JVbNh8LK(Xirux% zQEyu5`3Zn|{5+Ro*Qg`%R&yZtBWlU}Ri7Vd;&i;iA%megTFM~8J#T{4VC?28l(Qkz z4(vL>7X7Kowry!qbx7N~Bg}Vd^IKbIr(BoQB>`nN+JC*~30buF3hbxO$ zNK7if+@O6n)c!ia>5_C~gfiiz2M5ic{2p+rV}#atIXTWu%G1KaSO71;WDa-XNb=$h zp(JY$7>@EQed^bbyCg$gHZ}po{8Vc_=*cFaYdF6!eT`rpD(5RGXGSujG@0@;q4KX{ zP72?uvbnx#eeJpIo%tpK*tJ{U;~#=7$jBaZ5hAm2!J0D!i46HNI(nn{%}%3ayEh~e zTd(FPk(U+{e6C37!rv{9u zuscCU*0k0uJlV?Uy-kvxIum^kj|1}L8fnoMo+dLu5MQxu>wIc?ua1=Y!^6l-F5}s? z{(8*q;i?>GK8M{~4<;vlT~TzE7f?-;HBsKlo|QE4!83us1a3-kin;4FkONB(r;K3s zp#9s?x;;JyA%*IB(vR?l6l4iE%S2ANmPyMB_#gZoIjoeN?D<>7RAf9m`$nl`<%Lb6 ze)|t1m$YDV>8nSjbb;f0%8|Nx9jKLv0Wu&L#^tuf8Q1VkWClIYx2AyXgCni;TTcRD zfwkgTG+tKhlmAf3AmBtFk9y0s*D&6x&0M#8Ln}nm7a(VNf&X)mnkj!b$0Nm`W%d(uaV^kNOVYbEV{8`96r`Ldt3_Wva z13V$90LZc59?Ou^rFBxN8LC2OmTkxCjZhjy{^o8N=Yj0%0LO{FPg*HAH+opb;)}ML zq`>S3{lE7hG6PmTq2i}9;sGg9kpxlrpMn4~rgv(6*X+1wC-?yJS9E;I104cTo62mp~@QO`}Nw>Ri`I*uoW6Ba8r+mo*NYO=$I3*wpEz8TC* z#cwT?z=$bTFkk-V-&uj>&0Dva84z`Qor}YC+LfG#Ku28cQsFduFjlR00uz?ro-J@svTJhZF^k+3D{^Ri+kI=;*zA3ChU8m} zRDTs|`zBg9Ki;0-k*CgfWf1d8>Ix>wLNO1tnD>7C#Z8Qfr8^UkhoBR-$2cw%TrDKtWf+xr9YpX2vwz_O{&b8M!G-^8rAa)(C z9A#s@s$AgMkB$wmo3RzCCRtp(CJ%MQvBraiu!#y&?^ZlM^;dE#qMDMuIEJ;#&M&7Ao=)2t)X+Q#3So4Gu=l*aue<1%;%xdEhp!cU`>=wQl)f+ zIY(aN5`U@H6(Y|Wem2c*hZyFfEC8}0GOyUN_Xzdyv#-==5whbs6jK88uKJV?P5h2^ z=#ze9Y?ef3Vct6d;5YHvmC-isyN#^R?b9cf+IXP;c;12WZQcYWUsSoIBO<14rb?gt z`o=^I1bS^ETgmp^m+9)6%`-)|IbQM5P~RL36+c4u`&-d5M3hJ zI4(YR9#PPX?1X7vx3UU9hEd$V&w0{SUfU-AQ_JS2Q+l#YQdDpO^!JR2|6wFznfv5@ zwE?53qo|j~=d-@%JTx2$Et97u9##{QRGYD&J4#I+WhWl}wA>l-C{nQc$cE}|=sji6 zTZxDOzPeqob>v(jOfq4erOiFiQ$R6RLURbl9BMqz!9Hoi{k<^?sb}8Y zQkHhXI=ZMOmzkH+W1sp5j$;SFV?rgRZ-PJ1t5EUXp zCk6Ai31(+>nV0L-$z4Bv&57z&bV*=FldYeBY>W#CntG{U%BM-FR9_B{Fw=32yPX+; zL0R|Wc(1OhKTpTK&7jV}EtaHlcTGCdtC@Shv10GNW!FDgmgW`gT=rYu){=HlvJcUZ zEKj$!zB|i%NEZ}*CF&e<@yreO**ealZoBFBBNYg%Hee-%eq0Srp?Hfxr%38nzqmdB zLp>>rIw4RE&|RSDJh_-#qiT;v|6AXYo)+)duV-?Hvd ztv@sjts`|?y-pZo4;LcNtK_n*U?DqaO&uUiFG@4`X$F0Q3yy8^fCcJcn2j9Ate0Gb zbcB-Ia5tXK##`ar73UaZ+urg>(U(2HXE08>nJh}CnC!I)Hhw+9x;h6}kO&rdF}{|{QBS1hyN zpAk|pTJ5irZXHr^xvW{9k9T3|9bU4rZ3u#C@h5@PG}sGZ2ZNGTjtCZgPZ5 z7#$dTEFTaRH_Z#g;WGF{U%uPD@EZiJ7&=BHQ9I!A+u2;e&p0gA=zKW>6oyy&g{3c3^&%st#7UL}K z(-DIB7R(^(;}QJ)v}b`bqJ@QtJ2f-)s}z!3Xg%nNIoL=JopWMpJ?d@2R$d)xjb*XS zz9h3*cJ<$v$gF{K0%D^nRXuw85>>;cN6&6*X$6R{eF#mAP5c6q#dLou*W5TcVRgej zMm-zE?EVIEy&X=qRw`|t(M5O@4L&P%bsi?gqvR#_RXfylDRlYiP8c`EDz&2|3tayO+WuOc=2Z5meUpfX!99`t9xVKU}_=W z_>;|bBha65&p~Q)hUOnIw=;jdl*=b|u{*Vn>WX5-K3bF!x;sM;EBe4hd!({Epzo?d z*NFVA({{xZt*B!wlAdo*9MaJ{b7rDpb>Wk6jf?#tiYzmikF7Bo8cXNJO zID|b1Q&(^cUR=E~x^(Mj3`44#@pSO}2QYsN1)<2oH23i8hZ48Y)}b5s?&$iR)hBUn zj1!JS4pmDfOXVf79e*)HISFfy)EM-MK6i&|0Jf_p6k`?cYk)wYhu2}wo zYFJW&z`P**Dd7rt=Bo!CYMh;&X?LZ7WU|4Non5Yf-vcYsbO8eUY(ju&1N=kFJCHr_ zgzc>?;0e^@OCtZStOHuDz3bce!_4p2Itmr!0&nFWaxSQ#1-{SgRe|~U4cHiYEcZTv zOXJ!#UcJh!zs!NWgq{ML`i&?4r(f^WectJ)!+D{&2yZ^WyC)6&ZuYU)gs8u=ssD7# z2L9u#h=VeAMJ_z}e-JxsG_`WEHP4+pVq)NRQlYxR*MJe7Va3vsn4N_Ypup`e=eRvc zX0==lFLmHJ@6*uu{^SH?IWWK*-IRiY3v!CuKjZS{?!0iA03FnPhqWv&TFc~+%kH8Om?DrEr0tAN$8QE0;K3ZAw3(pm2(9sVKy7Z9B<2^5<0C;c>@27#UInNf{0MMOqN2=EFNT2gx3(_DlB)kJKNJC) zyz~&*5TTawtMI*#(N(PK6{La^!0Mj)lj-=yt~4qEQgzdITxzBTsTnW6 z)m*V-b}e15wqIRF)ni4P3Ar~5V<2nelotP!M)Q)+JVbUolAY7W$RY6o#>)5A>~uZy zps+ao72qFhYKd(hRiwA(zh>y{Yf)v=0AZ6G~8wB8a&w~vj44C*7k#;&X)H}a1O}G zQBQ}5&w{W1`=es*(5CLh#USu-NyV~Iko#akycH`^u>|U{e_!7@F8>Le986toQt^9(b#DQn zRqis?F=O=hu|=uX`^uANzn~ms4?VMeFDkHT_JWsfpt%L8dI4$(*FM|sY%edE4%G9X z^6QOFwR*F69Ug?89x%KGl+VF<@$4Vhn?lh{D8><&iG6Nz@T(bxvb`SKZjRC*b@<*i zjE>9`pt8j7lERgL7SPg4AHcrgS7tcgdKW!xFlIi^p6G|)-OS^GF4Zk8C`6s|{~(cK z6CYl@EaF~9w^A*-43tdio~u|Yjdc+~2p=tPXpk}R6R^&Mz;KSzD%rR2R_j7bP%<*| z*Ro0fs<-^U`dh8&VG+iwZKD#r@g*6xiBS5swi`z@Wp}!zO1==X!y|#8cGPYb(RZ7D zuLzpa7EKhGJgggL;RmRdVwoQrtGqQCf@V_03>U8lB?r^kb#>#kvP{b|ck`sZAsdUA zmjH5H?GiI^BXK7Wi>Tq>E82M`?`KuKYu-q0lFsep zRc=gLma?94J-iM-?=*kG5UIwz!vD4lGmJ%F9DgjyymI(eEWQs;NEkkBnAL6B;IV46 z$1JBmct$=AiCKt2IU4nNENTMRhl1?!g&VIJeiEnTFkK+yBe?xxb|Q6NqHt~dXqj&G zv|LE$02O^l>pM*;xnW;C-7>%m$_q>|pm9JBDX(h4l?!~*B*UkwSNH?KGM_YWui>>1U=hUV#PeB1(ZBxx0X} z1fud+)x{A|;vCvI-r)>ZTCs%x*5nC7&%U%uBWs`tPU`jkp&CJX@K6D&nAfcSskliO zksLV#n65GlXJX~Oe!C%_JOc~!r~tqjEl9Iy3=E&KXSJtMQ% z>rutGi6mh$YtnDlbH5@sX_jmI*n4b+%Us^6yNh-Fgn0`VgY5FU`eo`IEy2I$@eFt-7*iY3srSBHW;csC>eM8kT(lK$d0tllA%N)zTGpk`kmT<{eK z#%@RFX6;o}1gfQEo+zFvCoYx{t0+0#Tmbo9$4lqGVEi`c3a7#c26;R_3OR5^ef|T; z#e&6>#R@PbL@HgpMM^Epp=@})m{1N_bvo(MfAu6w)eJ&Mq%N6XN97;in+LNIg$p5* zANWLu2lvYqq>c-`3?c5PAN%6?;um3a2`yYW1Fmp#g(1 zy04dNll7Fl=p;D?#omlN<3Ey2W-oa9X+vzc2cos-Bz)N|F&HB^J07RBr~qf*cp53u z#unmn>^dxcfFN>9XY0Kp{>CS$*gDO`GC}-R2DNJ$%(3Od=bjel^#VH`C@T;lZHhyb z6|x3U?voAglk@%Zo&g8*Nb2p2or>LID$}j$Qpo!23-iPfnXR_|6?DsC;0-;NgW08D z7E>3Ii&-P9Ox>14dy|fO5CGF@oqc^M?cePvDXC4zUYDpIaz2NOHb{+A<3dbyl<%ye zHug;Q5oLiHPMa|xv7qjWtIFk2bjc3m7K%)kU_1kf)Q+Iy7Vy}+F|w#co}?k28NLWZ zustMX@wX`H>X%kf2D#h7pt2_QdCaTOFbNI%j|~l-yDE>FN8dCF4#x{-p*r&}V<)WC zV+8O|SKTKGti91+9oz(z!<^i2;iWMM%}lraW7HGpH>bi!xDP8-kM^)u>%g6Yj_AUP z6NGdiv5x~~>BMDGlVyB36HN6pG522`mTH8gj%bmkb%aP-yMRcv&^=J&86)&N*pj9E zOak<|ookaB*n4=H!)ect zXnAl6!340oR`aW6CryZ=A}4*44}Ue#;*xN|^~!`DZne_Duh_spXGr zx-xewy^9dqRaC_cCcfuy`aENANeQzL#FGi|FEy-;_Tp{%hD9wRdWBmoWsEUZ$(Sp%Q{ROD zf=&6^e3PkUrL+{`f^afS&9#wXAMsp1lRKj4rA^PBgEZpMMvkR!rF?NyxI_AH;LCjU zK5f-6(w>5c#S%8mAsHa`Jnsmx$&6c>s1`CI%~aF^BWdMIgB$SjG4(R(hr4OdG_vp?6N=Zzp#4>S2z6xvT*Crm)twk)X04EP??FlAn}4#-#iO z-a98h56ken?yDR!DpvFvg?`2BtLE^S`FzSNGz%KC_V@MobP)`IG77FXL?1Xt z7UapA#;xY;mWntL?YCX6k1A(tV}?9Jc-<@>xVtmCHsz>nhYn=E!=YeT2B8cxaNjpHbi- zuMX|KXdj!eD+;e%h)Y7ZOm%9N@?g)lX5b4&Q(lg2qPOy2yGI~ARcnd$R_sfdKf;_s zf;Gpi7dbd5mC8;c4iDbWY)Nl^{1#z>v=})f2Y&u0Z1kNenLnM&r;3L0?Wcn%x^X{X zq;U=nnU3%4zM=WCZS4J!SPwsY&pAw{Bph5WH&oQ9>s3#xM9R(`89w&eC>Iyroq z7T(Kzpy8Tv*W9iaC9@Rk0N-|aWO*?~{1{^5>N$<*2eC=VPFRFJ$fV|+fbqx;7bNL@ zP$y5U-tUl2Qz>L`#rAGV9a9FD4wiqZ8_Ct+jL6K$gc{PDFoP;o$|S(qmeUAz!D zv%jFn*9Igch-~X%vb)dfkBe%Bl(cq^6=NkGPf%SGQk2jn4^Ccq4P{um#klg6?Gv!< z-WpTQAY9^kD5Av&K|I??UU&oGegl`(^9*}LO<7!7>@Ry*k2@A z``74HSiaEWx+z|?S183_w~)NCDhfoJG}5yae>1ROnP)rCeEa9qSCk#o#8DTC;5Oyo(|5QkCX2J4<#eB;Y1D6N{2RBYJs1goN%Kj_Y- z(P+Y;7kmN;@0RX?h$(4NPv&3R_2Bx@xGef7jH48Yrf#+oxOol2Do{V#hEmJ9+QG*G zyIXEmb}~nDgo!NS2xLmY`)@b4Wm3`AjAr2O=iSbOMa$=D=-W$6UVL`QC)3@Y0rAmfz%G5M{?ua9=lnF;7) z%5My(l(UgYoQVf+EdP&+dsqBd>(2b?!E9)ae6ngEqrVNKVH$?>q=V`4OB4NZ@W=}M zO@!QIddyG_4zZnb6)WNtmTy(9PBf34p34?u<*#?lGFPK5Hij!H0}I7rI7W0l7HVBw zme#W$i*T&O?HPH^uB&H;q#dkyToewC-3oAyhv|{l%K;-zt*xvN*%Z|JyEmfr`0wW2 z$6qOR+PlKjON_R~O*DmL;7EF9H?K1FoaFUYhohy^aEH)Lq0^F3Ee(k_udpLMgcq4~XZ$3z zBUQDy##en-xf6PB+6Xx7O7ueEWCh(O6QUg>)u?xG7u1BTjA1U)Jj3p(j_{L5%D{H4 zE@e`;`I-<5SFBW-ex-`ywO_n{u1C%Ev&*?&i|w0r**JNf#3pWHxZdHwg4LO}RVmGyF9 zY%KMGe*osj|L$f1c>;cg_?v!(bpL=hz4+fe*@JKW|MO#Lf0<1@@d`kEzGy=4;xUR- zYhnU3#&qF8VIDwN8|-c-50%}Lfw(U1jgrz&^W&lS;#FKVrW5b+?>5=EZ}7`7k+t~$ z!oCQkN0?fd+pBoEOdyT+ZJRnqJ<6PRV)wrtOj#kTq`LpzcVhb)-0DxAkwNrmQ))qeEIP1l92VZMc#Q!C>VI8yDRh?dOaR*TKZg3(Gq;3*Qx0SH)u| z#N#1F=1oR252Ll|uRyKJ+s>RxS87+rK%|scIU7dtfak5+&bi;ns@{j3*vv^}ebe7p zEOt;$Sq1sTu>;%rs7DzNj!y`;==#4r3@MqyGfL`N*se*kamm*4DM_jd`abLCz$TFK zT>7yJ8ODc@W1Zb2r5iROvNm18Vl8I_*9D^!GB1{Ej0ED6e~4;1SaV-*>YmK%Yy)s0 z;E{$T{K&A$-6e=EPyk_Qr+>^vCI_zuUol9x|;P z-!I@O1U?lmwG+{!-aa5aIm9%PoRMtPuzpZHYmx2l(uf;C0o4;%{mX)MSDv*?n-aW( zosHUmb;mES0Fx3LR)7jk;A3%ryx9N%{Dsok{$lo83K5}oq6Z=58H*`-Avf~27J7R9 zi|W9*QG6=U1UHGn8rzl~RKA`~=Wy^ZHCk)Ixaj+qgSiwU=yy7rp#+{YanA6Waq&na zA1mJphq?iV#|@~E)cng4+ye&rU%pMnk@!k+kFMR6YzZcexO56Lwa?5lVz6JT=!>&> zvtyjt-e{=i;vlJqa(|e7`xh`L`_gs|tNyw{_*CS99q9G>ZU$_nx`qCbiug!n$M_Vo z)z|ItA~}$yN%(}TBY)_-b-_$I(@^LZdcXKsQnK7^F(kEZhFJSDKP;zrKPamicU}#Z zIN`9#YdR19p=ow!X@(aq%F6;#$uFli_lX-qPEPzWQaqxmCUK(2XT@Q(ZmF4KM!M{ag%jUe!x!Ur=(gQG zT-Ne{_B53_S0`}hiM3x~XhYdt$vT;bEyEGpvy#iP4v4k7pW)pC3>0Y0*Jf&+?LaGS2JJB1Y zeMIHTN!_+xRK8jA$N% z-G#z;M_N45AElx@Br@;i=;Al`{jV1xz$mbTt|;S57}lowQmV;x3Q*+XPOHLp<*DEH z3$uCrx~a*dcs|TIjPFzw&jY_wJZ*9+Fs@5&v;@m?<5y~Uosu$%d8w&&cnBCpW9$kP z&;g?pL@s_eCG*3&xBLHKvQbl;(YgePq;xxa15KVQO%!!5FYd3Zx{ecbhTS~wic$HY zY&R@MS&|Y2hcyjN^jLg@!FSWx?astV^r~y6dkW>{qQZPPv}<^PTuA1lcpkm1PlJW* zMG~)zaRS)}L(QO813xpMoaF;)j6@)}=+HhCK%~ic?vX1<2gmB-w_}Q=L>EyISy7@;v1RI2BCoWk&dWFvXvS8Q8%! z2CWp6)D)AE`l@7;;q8qGak}1|39D2gpuiMq{$S?WT^k_gZ`01Y$&cf-F)PB}sbpQg zEne=Yohi_Q1?iQx9(Rova%jA@px8{~w*HGtk;u6n^Telc3e6e9c#i^FPQr!2?84*U zt)~HjyD`8cCLDhI1${Wn3dDs+&CmiHV@DTrOCRe}G?l2hI#_a8=$-G%#7`WInE z(QoJ=y%xl~CI&?w%~8(h=hEuOk|`^%rCCUqSSi3#m9=wrH@&E@@ZwLp5%v0otJDdkg-4olh z1E(DBQ&1w$ggbne!?=`$1#c{XUgn1Pqz@LaP6dWXbpVa^Ie(GC*vlC=Y5T81JUe~T zIN>_=V`rrboO+kPn4A5PrCG|SpqtOIa(6%#-S3zZ7ipoWsnWBR*p(nA=^)OpS(m=> zB2N2hBP;RSsB$YJa@}9^S57SLwxR&R|K7+|Sbanv$MB~7$id(^vfkkD);Jp~!YZ<7 zc(4aujmBt+K$AZ1v`2F&_uUxysw>?&CBD-O4I$vW5EfklQaeH+1nV~VTfuJcR@<4|({-tV(8Lghm9d{dX z4UzqKj_F9+h{Y{L+n4HF_g?3;anN8}dE_clL%@^ZS`bEl_7{YN*A3T=Ma5(^?di9X zWk8#4BjEtDc#8Z$_<*L^AAo z1{U*Se<747nd7Q$SvT|@W#}H5VZwMf^2?)Zlb~e@Z@Xaa9V`2Dz`KpmAs6_U3{&;* z9jJ@oWY4PWY0UeAah7tR;pD}x8fNU9<7-54flR4gMFmAROhi5v7{0)YuI~WAhu?o8 zXMK1qo$cq-HZ3JJ&G=tzP96S5pyah7P&G0IYjfdV^LTxN9G#(DlzvOUktG?Z(Q5#DP?8ecXc|srKE9cQJUk|WsBUJ!cXon@amf~MfKqPX)BxZfz;eU=e`SqlqDX@;`(&gcoieA7=8aPVlblKVoA3D(1+_@w^1oVw zTZeboM?8viZO)xat?vI*m3x|7o?+dJf(zzETp|^){tL4|*QiD%$vRqP+ViEg3+B2< zr%n{jFvSD&K}tn{R*8Ze(hmL2^+JBpycf%8Uc~9@(5+-v@M20MfW*Q={&uX)UeX6J z1${{m@%g~6@IfgOnvXOe4eQ|PAu3J`NLUUxT{@VYWl8x1TffrZ5(mUtCehf*6QGwq4mmJt^y=)RPQh4##P zFs9nHM`&2uH_ZJcdVy_;IlM>2zrO*GdZkt?n^|DiBRZCK$nq8P^v?BLQWhI!>e=a@-3>u&Io9!thR?BD(r+~(jXWvg ze#1boO&K1qzF)}Zrh|~KHoeAkF0cSPtIK>Q-ZXQ_ZEmqMC|xm^r`DV>G$Zv#mU}$9D$NtHpNXdWKD?C7^3c!VD3a>2DX1z7t!s5QI7LoVAPI2k zvgYC`)p~mV;SZ!r#2m{>LsVE1{M^wH@C~P|ACVi7YGX{EsWAyN+K9|kxGJ$XF!u!= zq#M=pEcRr;Y1wSb!f*G8OzZ78Q@jTT6wh9f1IuWL+lcpS+ae8aN?3DGu1_J~S`_VU zHM|HMmz>z=psa$^VQK~nrBew&+RHuWleB13e~?;ta-rY7c!EQmv&N~FgGqzu=0%P> z8U524A-eTB%*7ktoqct5b4) zDVShrIbiY2aH&7e1;D6`OzGv}(REKx`gCcq$zQ6`Mjg|fST)ARB{!w`jA$X|!IZXeo`JQq-4yT%ivNJrInRNizZMi3;m4KaT2Q9wZ|+NG z6jq>0)~jA%D3`5W3qZ5*9!;}rjD}5T9v-ay(6ZMu2#j2j6$f+u!H3n%+h;R$#XWO! zfWI4`P|pt`?-CS&Zk7UgkJw2fG@7GcCLP2*R+QnHKXb#mLmJ8MTaQb|=<|_bm)rQz z=@mRXZmYf7$E5OvQE^{!Q{yY{JIWmcp1}p*4vHj)9s=@|J~Om=djQl%IG9}M$@i0y zun{rZ0K87d9}(NQiv1V#CfvD7tsma?th$3ld*g$6)=4DNGsZOR4tMId%Wf_ov*b)$ zYBA(y|JqrvL~x?CxqO~6|DF29@6r41fWzqGcGOAoaCjx^Nh52b5rg9c-qTV7hyl5V zb4$$M?zf%pWFode_xMbwgPnz43?r+ozmwYeY`VpNQY%h6Tc*Y8E}zMi(AK+vjceJN zR}IDNQJr+8A@|>2+9&MpKjzj+H3>wVlz3!2Y_x?}uW${zSmQ`B6FF7flHas-%VXzW zGLdh8Hrhkg)h2I<@ZMZT0OyD6T<3+LRk54qsCF<2!wG|%08>zqtFti@&LPBwtOD(} zx%E)6N$5cZ=2CAWni8ZaMDX{;cjAQ1>V`!l z^-NGPFk`_EV1s7XY8FU?_*QnqUmq}Qf7_(1EkpH1a@8X37)Y3fURpAp05c5*qqykt zVun{eQZgD1=4ZvHGZoEQ#)~V3G#s1R1X=9zzp$QfQds*@X z$7VT;eMF_E<0?$<*6b!+;%m3a)M0DQDSP59WX-v(ciiGF;kDJuyiwUB>|(~!#j+Oe z?=B-lHlDsdp4ojqp0iC_u@o|)u|KUCzr1^}-_diyf6H+t@Evna4E&?`dz%NZA-s6nrZqnXEcHeNogaS-mCUHbh&&Dl1 z#SuZ}YK-u3X+#RbH!{CqIhb9v|FmD$k^m|gdF-jPeeT9OZ5>6>kLzw5_=6ibXrU&> z1MN(Z4Vz6_V7RfWPq4F~5y65q7S~*;?;Qzix;Op5d+AyhY%vc2-4CVaL+-^<$s)Z< z)i;@xTE|;jp8*4AVD`NRqUV}T)A>;uQ4ta;l!(jCK%i!&vpK!<`(4!%=J`JVYzXe@?6P(u%mgUs1wKG;_~4oEPPd(j zIZJZe?fbfSs(7*n;RcvLDJ>`4xj%D516EU2?TvG~uziDxQ?bM@*8cN&&qpPPJ4DKyD@ z;Lvd(p3zP&!UIHUi5)OMs>10y1kXS6ee8GJweLRndkZKom8E$(MRea8o_T!o%| zd&JcCkc}p{>+vN}PI_bC%a`J>?miF>WTWNH`-7?E?Z-bZ=ihsuZ+ZpKegB^9^>6E1 zQAbOtU9M9=aLy%o^pMI;w~{c8D;>4V&ihr+8`&3DlwriL>Q!4+XP*07H9H@%Sqw0rLNJB$>T zI4*w+Op8Frc4`|J2;iEpmbY++07cy&OJft8#e}aqS3D{rAv^=QW#jBO;XFQcolb5s z5Ak*FrLL9hew}<6(n)N3d$I0q{l`I?x@|%3%+7#DhWOY> zsIGp!B3L0=C%4?}^+PFv(`u@Qy6E)C*e5SjKeHrpFLVZ=x0NP=wQGN6%q}0)KD98D z_J{Io6G7riheT+ac;Ik+NBZLP*wwJoA}_Imc!y@(`i3#1hr4^pIPR&jJy7}o!8v2D z^F&FOhiR$|d-;-YW_SremkVs}l7ftcQ*JEj<5N_eKDlfhsj6;3b+1yV0KmJeKV%MP zABkho&-}wa`N14)s_y*Kc}qM-7rSiipT*N>3M=P93?v;?Z{Uz;c*W>>vHuOALW zZr}>G7LfNtU?Mz4D;?pt6hC2_O?@ySJmR?KJHD3cgQ9x+*0DtdH}#e2hp@}sQDuc2 zcY?+SCJK1U<3Lj#x(TA@;bOqIvlx7>y)cb;OB(1Wk4nxmq^5g|}*vxoba)2&b8i%n_D-DhoYwpuj z9>+cYgt6|pGazFzvbpjQChDNxxP7e}_u9mRDA*z4Fu)>}I>>8#dHdesu7`$~xf^zG z>^Rk7P)(CS$H3*KrycMx!b#dVY>+<(BvJ9ZS{PP^S8;E!MY;O)5UfL@BqOS{!T znm_r4-5h@50errok(ynJmKv_KtUT+KgsbkGrDmr?tX0O5JiV* zU(T{|=;DRyw?0&FpJ{4UIK`Nb>XpGsci@)DpG$REEGRhTwhcPn#WnLq>kx7mT8A1` zA{YPjG^>YQZ1?w`Z}JH^NbPo1QLE7Emk%r*@M~)1`V>f)BDrInRt*hs22$%t$Qm_J zO%d8zm)uZrr7oN&QrAosqVH-ajFgN5LFUw(+@Wu*yLOWtm7uzzFQUrknrFs^q#S}U z!s}fN+g5LEY`W5)=_@Pd(x$e027V~XPZvaHzZ1ksKRG0kA^dJblUWg55j2vy3DJlI zEO64KRqIrhqO+*PM3Y7Huq@#98o=l5@p2jsyuB}-+_%6WwQHn~0IoS^z)Nr^ zzf}yfQF$YvDOl9`d98e9{JDnfWHYzfwB?H-%}|#o?`NA^A-W1dA&;yiGtPss3cBjn z*xcgsJ+9a6m~gWXpe5wh4!93MT7*Y4NqJbMnw*EaO4x8BHdporqZkrU`BmYs0c+6q z99Co;`kaF(Be5*(>ao4>Cd)MRD^TSA@c(1)J>#0Z`afW7>!_o&3Q|;{+M*JKRM{h7 zDTsoAjIc?l$PxkB5Jt4F0tyuf5fEZoVMk=iNaDf>0b^K^8Dv8Yfj|f(Bzdl2+xu4W z`Fp>5-aL8NPvub-&H#JtHEk_u5BdCEpPXl_nkbfn zUBFp(XL$Zp&Piy>N^om6`-mARHm~;{=fKY(PA>C&%G6?O-zK;vb%E-k%&SUS@}G_^ zFm8UZQ<`j@D=6yFLal=6f^e|1w|_E>?37&pQZaB5;j6F`%rO>Se5CL+&>;p=dKw5d ztl7J7dogE;M`QZQK!Hwwm2tk8yA;Ufi0S>v=y&iHXp`&ytAEx4bH@q5*ukY!ylX%! zklFM|$7p}*2pM&{LR|@uYtpt^Mch-eKI#M>&;3FjG?trUF@M(F`m!U~G|$-cH~i1H zyc{MHv>-#(q=X)6RFzrijsZJF#aXz^WExO{Llm^+t2y*J4a z)Bcj$w$GNBlksMT(k|AQ?ZH>`*lp%|=nn7l{Lho$av~m)>!s z-4ui`^zs9432BPxPR2usyq^?{L@w8T|7@V_T;X9W@bxNlxVc z(y^smJq7)XedA`MMFTf`B6?D^xT~B7-$Bl#G@gqu`Z2Ev)d#97tSVS+hHK{A(x_c1?7~l=NLw%IuKLKMn0_Fe+lz+AWcW-(Ksa2^ z0Y%(S|A^GFoGdVQ`PkorrFtPkeK{?`&Fxnjut`&L>}v(N7&q=hn0TL$%s$^x=Ko%C zD!y128#j2S;8Zys(F8Z%Hsb(~==yR7KWty<-BF!zo;*c0OHU?*{6-qrwnBm}Oq z)4#LHq#-BK3&L-h$?!H*?z`?II!ralT)G?U)Qq++#N*Pf*`UnZ5QerHHJD?2Gdd=! z8SV7W$JZTo^KhWGL9I)l^q3DQ)#v&x%m@jVz}6)W9{{3>X0o)=7GFIB%YtQKT%>eg47t)kh|Qp$GE{CSRv#VqY_faU29vz3Ig? zaN`kB6}mP|c9#Y_Y}udBT-HX70Aq&kDRFOrrZSs`hl|Tg`OCqIsmd08Lk`wrFpw$g-Wv7EtHDmVQbQ_qj>bDw z{^Rqj@whGfpS{D93Ve1AZPw{rt!lF>u)w94TRvsJ{AJMpBFS2=^!}@n0I&<(WAIB z`3c_|=>vgX-Ln*K1T31FWH&Gb3fzpbzuc&`M|eWF{DGM(_&0Q>)^&R45jQt0v@LjT z@0FiYn2zwE>3>|iZ#4WnqdyL5!2}c{-xV1cIsSOi?}}l++zyd(ubzHnY@q(??9kL< zQ{-&&rW^dxDhF~Lp6{0LciHeH*64yvJX3NE6C(Tm%fTMDtO?vneV;!e8{jz zTGQ1(XP^B8GJ#O));kTo`t1k+sbF_2pwAr)b#qpt$9paeKQ=+tqc?*Gr!j6~>ReJ< zCA+^DXG#2AY}(SV4d6d!tjU)BIRlXz)@8MK@biyFctd$%6f$&fQULr%uB|>xPTuuQ zWvMM#&2}vS-aQ82WcvZk0TA7DAa?L)DI0B>AA7D0c5eI=Po2A7!D`f!Hz>8$VBOlx zHH5^h1c>z4!0EmP@D-)^5q`eBV&Etc>iw&rc>QvCY8|kf;lm1tLC{W(D1O61me1UC zDv~~ve4WO}Ns5NdU)wJ{pNlr_k16WZW8IR>={Pcc2rfuPj$p#XN52pKzmFc4Mp>SG zlpCr$K1dywu`2^*{uaF`LWlN^d*kF*ON5OgUbk|0Sh(raKwr&S<5P_#``~nkDrA^H zJX_dXx7MemY5$ofqajlylte}?u;`-4#j8jKAt`?Rq(LA2?b8-xR=K2Mr1#l+3roNN zs8o(Y679YLD2EvWgvYGlB2qsFW^%u^7l=h9cQrG22KxDSE_VA9MDiE{|f{T%I99 z8>WkSw;$>$bN}UK&rB9cXih zSPf24kbMogoe+vHYWd(#K!&2WdaT|0ROv{aq3-g`6SX*!gJFlDM&4^hoThNx_L&aI zIjrdiTf4cHU|xn-c!|%#xU_T#p$YtJi=JK|i9iqCaSpBuib983IJf`VE?wTYn|Pu^ z2vlc6hTpp_^l@j;&ca#Vt|L0OSaqn;sD+T1u;ZW-pYj@ zgq{3(0jI0Z6xlY(3vC%l?JSO;&+I&6pIy?Yz&H|b77B)t)-M zpwkTO%_ScNlYY42wP3rmrfQ+6BA=w8EUL!|{)N<(wH#Xr)i(#)Gt<>3n4i0t`zrf( z9zUjt@kOb2PeaUFhW!4{&nNLdva~M{oOtxGw5(cyl2SQnTL^X}dnwZT>pLC!O=F)!wR?g!GUR5SP`i@H^{NKPc+C|m zuH~sHWBH46l9=wBZs0KNM2~N_Qp_4Ug?*+ewU+~vf=x0Hfh-w{lhqwH^5Bi$Cgc-U zULncY->Jyi_=>2ko$cqd(+fR)q)^!e!jv751-hV`H+IXb546yBvwPu8Fu(d#=IXD% zr%lz+w)?>Y{-&XMSTJIe`q+UBB+zy>2OK1+#SqQjtQlFwPloyZ%?1CaRhY3gGm$#! z${jN;?Mtrb4g$!F2S{pbyX!A|+XHUNQxd19Ds6K86MKq%8f`A`10t=A;;Nkx`apv{ zlzpOL=~$0mVD2P#IarBs7ycun^Br%M*KmD=a`~}(ZgX{SJvH1ExK>e7oHB25X%nX(!Dp6*VE~M%0mGx2 z^6)h$slNMD;p#^Ulz3Fpfn9R(rWXPP`kp~PQBaD$=6ui%t)Zw339=hr(L9liH3o8a zF7Sh(Jp!FV;{vWeR?BieY+18=7pf`o8Er4q4>@Qr%dGPWuO7igL8!tzwK24JN?z_* zG#4wF;Rt;qt+7{^IBPMg-RBeVds}t2ZZgeB(;ouTWiW0fbeWK!6g^r9GfBpdB^bb8 zqO&J?52+lFSbpX++IQ`$mhnq12j)2^6axbkRP{P5C~sL{t7=29K`i-QLaax{W?3Ap zjqvbdZtnSHD&~Ex47jD{*9T;g$e$~RibAuYF(qTRM<=mTNeQNKhsDSQ!xIUZvrfh6 z3~S$_+2Hf?e{1-MRYb_FW+ zNrd`pk8$PRF`x>MGpI9+8&`#|fxx?;@7$YT>r>0f14k%Dq3x)E%>4}V%LJS7ZM+UIn-I9uoqzLVl^|_tliT!RSPjh4JNl$(}<@Ymm1?lC3TJM@AAccHbKDc z#+cVYcoA8@w*c@UJRm(w#I3d39gg~Xe|G%)$0d`Q)l^zj%zhhZ~VoI}QBLldXBmsd5*DDbZqp-jAYFpkE!3FUk9*O(dTUEDMXK-=>`^!+0^@`~#; zyfGNFmc4$I{yzxVot@I<3kN}NjDjq$jeI63HWrcqo@BHF`O^+HP!fZp=L`?vr%NOC zrSl1=TS4YSK7)waDzAx&+0rhqzugOvw-PmvlpUcNhJI&ev$4H+T}TL0Uw?b+U}sgd zq~xaP(Z|?WIk9ePx_-WYdfxP>i@NnGXRudZf0(m7oFYk&_B*QscL<2>G^02v2HF`Z z8~g~hUU4!+EtD~&Cr6SCmX9e}7wa%rUhaaJ;&&6`1gCK~z?fW{ZdP7o)ZTKJYvI*_ zSqJ+R$dL*-zjqa?ythf4h_9ylfb>8X=(<3-woSYLVVmjDB$EP0Sw@qYuFCxYpm66f zZ={CMhZp7m1(cl-!d5fz9R~K0C0RX#GXsqpc;8XEnY((MaBWzJ_RUy%04F5QAD zt6;;7`Dz8Q$jP44u=8?Nxqbp(Er{wjj+;FA&gpBd6{lE9n`G8}>&C!XFIMETaF#*u zrCx9c9{vVE`HoLk)jswUm7XXM>*<+sAN4%jc|Xp19Z^Q^6L7g2qNysq33LeS?_t*p zvi9x!$=W(2OQ&>_Nmk7qh)Y{euQ6V(1@;ZM`@E^bn@fEC_*y6{`5@WL(%0N`{X4<1Bd+t(e3aPctFY4tFlu_Eq>GO|0un z&+0~4j1)3j6#IIn6t)?&YAnpw{6s+ZC}SxuHg|Z3*HZ8vu}N|Nb)6t4JUo1MZeDHt zkRidqdS6;Xp!vHB)VWTepk+{+qC7Pb-}8pijw<5S2RK~DPEqRp`p!F9&CajdJ?7;5 zwY*$t;y8k&pl1vHp_Tn(1dCnS;o8m-ect33)dIU@*e(b%J6H!I;u*X`1k=6+T&|dm z8oC=pX9ZPC@7!#84dBBn3O#Xa#r)%>kM~)bot=F-`L9;Jz#6U2_BzFPCA6;gFt6;>RG+B_Igquf5qGYW$H7eoJ;k zbIplS^AlFyZ4EBa7?-~buW3#B=hS!gn44#R(To1EZfEwaUM92AcWvLWeU18&(=VOW zqJhAK59IG4#I@*EL*^qu^-TN_Zez@Li{Z&*aEh@gn zgtbmtoLpny6LplPty&Ts6AIn`P7hhL&sqX~2+e}|?&PL1NK52$p(W=n z(ET`|>ta*>BIY>eY3saUML9ZG;VVpU|2}4Nsvx9^*g=TCM}Ws-zLZGXc*XC78bECr z7=eFr7${jAwU}>ls$28Y;NACZ)fiIkKs5O@K833dl)!0VNmxTCYnw#Y2|BvzVNGwf zR4sEX|9i`-KN#2U!?chp8{G3Ye(CxC^7k@EbGbnZ4z&HSb7?>&^sh0+t7R^04ot@T zz8G7g>S1#^Qh*b?A+8J%6(mAWfr2`xZ+DjUhY4@o&yPxilTv#hPcKr_9!Y2>NnZLO zg%}g+pC6_i{qYgfk7K=OlW*LBv2)V!I5?i5B|pI8et9YEjY&ZAPV~M*s7H{k?haWs>56uA zmE&S0VF$-2TA*`S=*n4*#f1LAk|)yD7q~FIqyYc5MERCYW$(9F9FJJOlQUv+0%)}X z)XeBb!#iKSL1M3wni8kJw&L1spkQhIev#bjFw3%)q9vM9IJDK4UF9Rnk1Y`FmVVYp zA+Tsa9BRf5VTD5*FCF;(aq;_iJ1S*%1qE-Uu{t(#<7T&M*{*6zFcEW)H?uk>?Qs{2`LAV& zcBtQpToxhZ`~(vjDZ=h5I4})c)a~)!#0cwQl+y<3+mw@rXc#JgfXg6FWLc|C1h1<4m%K9u$9^DK;ngeyG?3Thky}*j# zR|Mxu2FA(!6etAfX1F0+f9_4b>?4Fi0h>nmBX7M1zEm*xSn;z?vuCR}3-)k%3LLkz z4bwDPC1Q{I>a_QDQ^d!Lh+R>Y!lyMI*Au&cZ31Do!|QEfZ~e3s*;N6Z_Q#O-bQeYW z4u^j^X_p*0Zu^Euryt+5`MmGW$u@y5X5Ib0H}SXjsqUJX*!nP|mThSTz43TOHxF)I z9G~5eTNP>r#_?|{1ebU|u&45^S>|{{jsb@|`+L;wUcAJ_&h0;a(6cc+cNEf`cvIX9 zC60{3%-7u6+3PcVnmDrcGOFK9D4nl~5daTj3rD)Rcjc|ruGF}qMl+rm)`iTsRi*Ed z?zA-+BfjB;b$K8EvVY>u4F%yC)%#WB<4K#*q9dKY!5V%kwyLSBCM*Yh zAV=tCG|jI_I%N19Xp8&#lHKQ+iA32L&DnwGF~EKJZVC+JO>C1%zH;UKiJ!2rgIQ8|42RIe=WoYG#95Qj3L!vj`@MF_`)yByZ#)nQGP2^b zu{a86yaPtf>LBy-n~NrUTBJ(iy=p9_F!gPBPQ|#kPHgLzWfX(+GU}>;zKE)-n}N~; zu|zAWa_lzRkxje9W~U;jRL;zn%ylRQXfUXWM~yT!5JW~S(ftiSH%ZHI(}o}Ti5l-! zu$M9U&QqU7?G6 zh;E{8!Qwzo&Ztv8)_V&^#398(Myl@B5JEF2&bygXM!T387xzN-R~vxaa);gUI#%tc zE6rb&=Rct(-Ucz$zmjj=rM1^+_M>*UBnTu_(6cI8nON>hxo5>{D2H^Cdn_P;W z;WyGt>GlzR_AE*|C%C~NvCi4*%-q4MoV~B07TbmZPn6@-c(v_2Ik0ZPs$+r?b=&Y& z$#38H%b)NrN1KZ~_in~&s`@(@>r!e<>@2XSmyBwJ-|K3G2x@KLBAPSzyAtc;`lbdh z3^#OQ^K;k_kDKnp z<6CO0g~{pOL)!M*_Zmar5<-_Hev6YKb4ZJwV2WG?IWZ}E`OOX14uimwn58F^f$}gB z)%cXj79E#R*Xd=phpGvwK%rEk_NL_a&m_5Vi(cNMYnq{DYGjKG(cf2*wY@%t<}F9b z*7UOY(tPp7kIDLbVutKCc4Z+s$-Bm-_Mg+C&ZCqOVXnN&t?uOIM}K}Eb%Fl&=9y!6 zb=%q2B~DE;ss<%~13gyV`hG6<$5JD%KUZX3OT2Qv_qo$*Xy+r{7uh8%d!I%eG*dEq z5u7*LmJIn{PxiF<0ed_4J9}S-VQ1TLJjW_S#TBl3I0_wX(a-Z(_E&WPniF3(>lOMd z-=F@Sk_n=VvP7EJC%-dF-z(=G_qJep?RfY8bG&8pc8O5Ty0W8I6j?5l4*EGZ!>L18 zy}uT=G()kVF{?cA+K{l;NwqX8hcwskS}|50koBPaQQ|;%FP|cw*@O*3VFhX7sV+wFAy+FADiAGJC!?JRk)Qlrg*L^;SJMNi+}?^@0UKr z=foe&vs;VM{`E0FC$AMJv?9KC1|Njl*?W4HFPD+F!RBQfph^fKO@SCTGft8(LSr&H zex6gCL19+qw1nqZdO!fd)R@o+FP8L%46}_#}L|87!qQ{Ni*mX^Mf4)=b>XbIyLs@2R=XsZhO%%RQs~bXi=bjUHpazdV zPd@m(c=UA4<;@bIroh%&O&qpyhBas{>irjgx8>=U&rvKZ2Yv!+#@1fQmigMTE|TSz%x z{Zm^P7CNw8sjeJX_QmUCdU|@2%a88quZ)eyr-=KITQA;$n0!rq^u?ub$O5-Tc51R! znruPJe;`9M{dVOR=}eMZ#KQPEU>|&z0*uGK?AnHSy&jTX=x$vG`TX9QI)?xN@GY4z z%Dg1_ZYjJ6^&^@(P`0I#PjceqTVaQPmHf7;6hP>$)qk|cW(y=)qR`x~1Lykl04GV( zSBrrBv%LtwoIO#>0`SV8A|4!xSO~%JSD$@fP_%CjxTp1%T&GaAuSY2>L>!O*%Wdr+ zvxA*BdYY;0)mG;53pqacxCNv04E@ep6?6Y+Z4EU|C?H`G1R!`h7Y^Q!MEdnqByBc4 zu{&ODs?W?i`v`;!yF9n;znb<^L0~NeLqMBjP6GmF4seOWg6AAoH~ZH;{)J0 ztp~7Z!P{#T+vSvUb5J-($n`jDUkDg4fY?UK`s^2Z2HN>WuJca-TALZGMS4p$b!*&} zkQmftvU2IGqd3d7J*AfK2i_9*&jGR}jdHj_L#o$Y&D<>wqr{C%28c29(CQF<^<3`v zKjxQG`A#f9JW)m|Tw2aSmr!j$R9UklQ_Jd63d<6=b7k>b0joZ_mjKy=8eQQ-w@5W>{pI| zE~^lo`*Wg1lgr>>{LN7)JLf-Vp&n7t@YBaH+tO~r**p3oPI*krv!Q2+e235%-ixNq+bJi z0;Gt@1hE9(jjIn=*KV4+vQa#>lAW9JJ3yy?U6ET_3L3Bre*uqFr0tC9v70|oa?0jS zV_WZ^)*WSVR9NQaVs?_P!7dZlmw1Im!b#77c64k~?h{a|r3&FD(sh_&32<7%G77*#hV?J8?LS_<;H5r0C9}E)#SK(9 zNYs*a1t0H!=7{xCtW7{Sw#7e%&SR3hHGL)u%o@~pIc9`0?H=^`h_JK+;-tbNVmfSr z_TXHH;l5Y=$X=2ABL!u#e81=eUaS1IYI>1eo3~+1?drD=+KRfmzt5|DP67(rW`GTw z3d&(@gy($3@bqlEF$f=Jc-UZD)hQduRP}o6) zQqVvv0zdD~E`t7j6*01c8JFAItndMJ9(gP;RL+WT-g+q8%Z0TKZ`f1Z*4~WyRV;_% z--U8{K&1131Z2+M1Lz;`5-!h}@__`M>{zRKs)ZMO$wKCxC@Rl?v8+rKS(pv)Farf~ z8p4ZTWbZ~Mt+zWl>3Sedp7l#hv{-J2xtK3}Pv6WDtl)J@^t?hu2iEOY@-gO^(q+1HC(EwJq`Y%P9?< z5&QXA!mW7$dV~a8JD*FbDIodNCl5zmJ|>=c$ptzI889{|I`7Sn!CCGGO^Z1v+vdc> z9r|>B7UnMK7%+dn)aCshrPTwz+VPB`ZWW4zd#n0tmLJNNua}3w>6`PTR>RE1>Hz#M zl>_rXidRE_0un4bnUyZ>13MCiT&fT_gGpfRQ}5O`dU1Y)1pAlbDyScY%}(!fufVq0 zIkGzt4F_@PCg}60S{QjkOdWmm>#yEftu6aY;}xR+Ll?WGWf|{l|5%B>AaQ>(DD;pS ztbIyO(r^G6Dgo%@_Ksl*-#*A(uKW)r%*X#g2HCIW1^~l&&ke}%#^cTztYuJvKTc@VnA$Nl9Qf(1(u3;lqIn_Z#>|MV3W&PZW^) zr?b8cwf>yLaxPBy74-9f-mYDWfx6cgriT5TpR+cHeio%TxlWB@zJa4kbGe*Sng)Xg zd=~(dVg~-d6Pc68n44uFntq{11A#P<*_M2@@pCBLLz{gw90SZ5y)qvv0Z5Eo%aQ}~ z{PLYVe`jRB%W%o&U#n5PZyx+|>pxDStPXnvOb6O|3Db(KAS(Y2P&eEN{BgzS{Bh{7 z$WV?BI0_lgo4A5wNKxVx+y?>d{(o|4DoNZ_zt*4860Kj#6^Oh3fv;MA)>jj~-Y%JL zhA*UOd9vn)i_K}OgA?2@dw%&GDhI5k;*)W4V~T+qrD7KGX%z#2CiLxIGa>(nL^i4d zMGc_jAJb_*l={FyEw0`k+;j4CK0M1vzHYT|oCIUrV*}-P1Oml)44W_Ezh%wUnQU>g zSbc5&ugca`RV`flM-|dtTljNNC6OH@O$i2rOoKIg_mvIhxpua}i3(>@kUja4-+j0M z=N0hI`~Xo~8I6gF$#n-1m*&E%a6G=!jH*51vG)?kp?wBW$L(fAS-cf0QwGp2C81O5 zhzStOYs`Cq|MdhtK>b=y*sSxeB>Mmuw{)Qz8q5d%y-q+;MK>SldnBA3bW55!RRP(+EB;74hNPKnUY zwaHe}(@Fd=q-F2Zx_2D@(*Chwpv_0N!#-M^&S!%uO7Fn0%GGaej_tV-bHQv4Nlbg} zxfIYZN94r|84ftBv?e8BxB_%l5clZV%A`etjP=z&yPqZF#n?u?v)2ey_#HY2{7MPr zc!z4fMM=(0Mqld+SDVFi+~gjzC?2;3I$1Lhi|xaVDNvg;0mS~uV{c0U|9wC%jyz)O zuVlW=6v99>wUR~0^A2@~9fdYU%Ko}#KlzX6GH#Nq;^^q+ukzXFhe*dHvOJNit!`q^ zc+8qDZ>ko@eSU=x?9^$++w!BGJ|dO)Ef~zgbHCny&SD`q`8Nqonp)m3f#M3LVxWpc z&YG2%bhMkR|JZg7zo-wH4CwFem0gzcHQEAnci-)Z9QXMCQhOm|ZpqXEvu*1Tru}U< z(-kLUK8%4V!HnNGLlUIJ2mt-=+X|D&tZWopAE0Xb5C%?vWQhETM-u0g5{F2FZ5jX+ zy(9T>6Zlet6ZYZ+0FHW#u$$@@r9FDWIFhc+h>?2r?O!SdcC+qCv`RwYHN82YLL*i}1TNJsB~ z78292ETb`T=Is|g=fz|Pg#Y_I7$#b99Q=n7jMc}dew4z5HL`<58ykU%kw?ck zK);3+)^~}5NzIMWU%hYGz#Dj1n!ceVz;f!VvNAl9BjxjN`O7*gOa_BPs3i9F#{@3#4~@hRv(AIy6sr>r#qO5FPvSoe`G09f4v3Qfc#Sg@OMcjW|AHeeZ1W^tG?^A?9hB7<@ z*V^oS58lUpIXK$96L8F)qa*whNtV( zGRq9>ZGW4A36Yn60=k|t*bjjnv1aeI(Tsa*4a8UCpOiR4d>y(*4qyiDXNKKN=+O6s z@?b|Sa*5+Eh+LQC?k+_SnSdix*FjZvD9FX2I(2Yb>l5$7kEl8e%W+o}P^yP>0kv40 z#GB{bbNj?zyc)j2Rgn5a!*Q0AWxbDFi4lriUzDibK{(yAAiIOe0p>jxJk37w^_N~$Swbr??3-t(8~Iy=`oq_#jym905!XdA7RfNcUSu)N=*` zF3+Nqrb8Xp_;-YAxr8VBi;%Tl;q zOZ3cwRV6s-!6*3VS#+;^yMr{))IWGn%714z@Zwsm?Ys+5ss(YHUg$*CEPV@Gszt0T zffCGD(|5w0CxCw1QfScLw7gqt1fF%~ym&swWxO~ixt61KP#&2C@a0$3AfLsg&oXk* zpP+=iIvF}XITX44HWwR_^J4E)mTwO(!O2b85$i0>27uO6g=l$GWJF}ZNYL(+VW1h{ zW`|7Kx5?DBPb`=ditv`cmziDa)R0-u!1QjL^l^jB19w4$wGX&pV|(7x*U)PJn;d-j zTQ&lFHgc}%7*1EO+s;}fSnJ(E$D-V|;3%)sOfcmriHeC!mKb}Xjsch6T zh&1!OD4Np~m4b;~Q;4U4Ww+Ssy}nZ3>z`4JgZ^m`jAM<2#!n|p3MECopcKnVeJ1b8 zC!}?Pdc+Zxcc>~37~Ps$Y$I!r0|0pS5wdnBzf-65RfVC|`rmSIERvW7nsw;_oVx}L z`e`K@@NsqHJPx&my5Alcumb zXmx0ohPvxXFLU`XkRf)f66yshJ))suKs4V?G)HS|BgHn5kmSie>kG68n`wbZcE_V5 zyj2Wo`$6s;eW~`>oPLxE20M#AKx6G4CxC@Z?Ih8ZUiZ>6q6Z=b?ik1l`_ObzA34e($`C#Z&|9qR2q}qm+b%S16Xw2R%}iPGe8gf)5HR3 zdXuikeRxQOeN*IHL`&&p)mwjB949t+Dzt5SPg7qY;(|&khW|jxO((1>kb7*&!{tLh zy@JAyls_1QQh~cvvP{fjZhU(n6b9&SgP5qep{J4=pS88q&RE2+6NQY1t#E>~F7T_T zDr1p{C0!9-Gn(VG*qyJ@<%is?v>`|Vw+!dkU=Wl*mj|9H?@M-eK$OcU;X3`wxi@nr zs|8W%A5vio1Wwm1AA{;}U$IsLcX3Zq%j~5u#~CJ@J#hjapD8=<2HMQv-m29>`*P!R zysI%aa)ce$)#Y(;MUZg~1a>C68kx&KLFEPWZ4Ep9JI$a(t3Is;s{nkT@F3r$ARtu4 z^RVczjrsu3NZc!Ja_q}b(TdnJdKmP(K&S*-EJVf0mzTo6IMIKXT+Lrzu={IM4`-UOFU{^gJ1=vqW)*BIt;{nHLo zs(e2b&rp<%d6o@(!mGIO_m{}RqL@XXJAIrJBAqW>2z3FS&hvlinKLO1F@;nFikx=( zn+hsdy%Q3;ijMS9a=FcAQ(YYdRrm>pf5WWn*F%d!&XG|F^L>!^?oeqdTA&}GBPBj| z!BsK%yEo-2=53(~?r>F9{B&PMeON*N4F8aG55`;lM|v;xM@ItmOjNt!L-WCK@NhXe?#x_>8YkHWgjA_DuV8zdFP}zw~z1JY}bUUN6_L z7MRI_CbJmUF}*(hol6vFP2G)bCvOzOF3l7-Ubb9&g7JcxcW^#z+!9x2%r6$|n$}TL zeUk@&`T)>NG_J0T!_6%nvsv-yIhWGuW}VR(2z*Rb$ZAqmw|A_dOVSsRFR< zKqF|o7spe*vB#=lU-ok?2X;>$+n#Jfp(=E;806(zta?-qwdNu!YAHk)T3HJnj}+7v z9dW2+Fp_Jb#o%2`KR88yK5T_hd8kdxwm>WBy7RC`3zrB^?;SYN5l$rQ>G`Q&h(mF!0rnbW6=F2q?g%!j`0aF`13%A z{Y>)VD!{6aryZnC+%gMbmM-qgd!Uclkw>2(k4vt7Ka^nx50IWoF0b6&L6E+xEWYzqILd8tutD{`gY{#u(RDSj?`le2 zOIwfKc}wM>PTqvd87vCPTd59Hab|-M232NbhZ~Y*nv|+wBwk261jl2bvp9Fn?dCv) zf$G>!U>;p1%RHce;v-Pt4dG#b3S}*%zf|(_7+fygRl**(Q zr`F8c-O-HAu?_{UnrlZ@__{!6U-sEEu|>;WwY(4un(mU|d+8xx3?E_Z<(~yM^rsv5 zvuL|3O!-y}GShG{T{&K6T}5k~$7}x%F~D5@HbZVWv!+yOD4kUmuK%!N>o92p}D>mYnuw;fd_H97aYTup}<#f22;F6<0QdS!&$9GYUcMAup>GOu~?XJf?(1+sFsP z=B{M7BzQf3 zOpH?t0lLZHqyt2dAZf?}fn4#=<@T3z-I{L7cmkLstB|kUIW)>J@?2_=^V_A!vfkZ` z-s2quA+$Y!vTl#k=z)Hz#0bHXr#ZGww@$^Mk&wk8k0(C z+HSugRc{BQWqXr`vRQ4*{M$iWMJJ936p&=qeb9S+I)F$7DQx<`}XM9?(0}KU-H*e6FPw*_0~pP4(CzaX;=u6LF->z{A4&=oI<% z7E6}?(JZb{MryzKle-a+8P9Uzz+&G6*iTSa;&rZD4bRZbu{yE@-IQ42k$o3|@0oJc z(@3ogcN;w6(MGaF-;Ar>01xjqGw9J@eZAO^E*2&mYrfImATjWf6#a%x_&z(c?yniC zmn1B|eCwmpUSbVnE+_5S^x`9>>4v*?71CL8aegPpTWWsxPTL0JtCMjsO$LSM6o!$l zx}7>RACP?=G17qPOLC&+-mDO1E?M+#?$(rtT*oo&<2kRt)EupJuAN?*>@wHz97?H$ z6`s$E>1QNaeLa{A3t`^yrTqrs$ZO{ujbT@fhRLzW=MDJ`CQBh6mMX&F`SF!+8(3fB zHeNpRaL(*bLH&y-$J;Dw_k54vd&zvmS9{JAzGyn*{-EXDfw~K4zkl_>^m6=3&Bp1k zH8S2jYdPujMP{XxTAF7`qe+;{x#7wuMfYNm_5%VzKkY0$imGh&sLU)O&W2VTFc+^{R7k#1L5~XUs3G7Wgo)}9eHKdKk z$OJ@5ht*Xedh0Aj*=;M6HS7ekQsH%#QoM}<(GrJ(;EG7Nuyr-$cE8X*Qg=6pN42ZVvw6#1&K%&on|qa!Pa+d zD5(o}#Yf`UE4CJ%G2RW38Y%tS)ZwWLx{2@5 zG;VY6$TVB!5B{Xw1(uoWp@y>sK^(`38fRzC9_kUPkjfx;-`-G@i)COL%lYMd!%TQq zb-U}uKoAkDOfJal14k}Y#)j6wYmO_x_Gg-x_UN2(b#o*Tx=Xi_X~D%~5XbP;kg9<= zCWp-W4JmvUX9q*iATR!zSUDRN)IBj|Fc}tl%A+dMB9mmR3Xk?D(*mdO4$z10Z5ceV zVh}2V4V`ba=5g5r-x?}&Rlo`*qRS@8m>`31;4HmyWYatq)l_`H?5;v-Ee-z?wO}}e z?O`|(?D>rNC}v0M=E*0f3n%;PnsWX`J4M3^g6i8H^&AQH_*F-=hcIcwaAa_0{+P7R z;8-PAj9i9au%(0f$g85a-94z%EN4)fO>Y-@BOLy1ms!ovhb=*Mv5<$JQ#Lxc(O)yt zr(x)7d|%v-){K(~!8c33XDY@#n6Tutu{DA|V}}l@{+49S)n9&dRQhTGiki=)rJur` zN-JpZ{}qk1D*Xyx*LHBytKMoQR$-O2X|v)vCG?}HjEXZyYOVFqk}zU{a=`*aMpGx} zicQ=KXk~Q|3x2ykbhZmdv_P?bU5(bEJqsEiHz#`p60aWNDuWf+-|yW=CxIsYN5kNC zWcLC#PN~(TD&02EA>GnM|*45+i0e~!7NKgB1u)o+zfWR z(?ULats0r62w#c1bEUK;SNru+GCNDks{XVSha~z%)=g>GHzxaSj%1lP{PLZR(iMbf zke#ybCg5r~P>pNwSO*SGPy8jQ`m&uAy(L+}MRmLKM%G`y=+wk?yEFH_U^)1vj`$89 z%etFYx`aJqG`i{|7p=OSo*5SMXfI3 zSRIrU{Q!G8xWOcwuNB#JfC#QxD07exDIb7=s`oA!9m1>D#46LEDmjv4!L@M(D>Fe- z?5J*p)dB;mm%Kq+uHMmxop3jR{n}Psh`V^9{-=RMD-p6Z`k|!yPp9jRGBC<)_ru5L~ZUo29O1R`=Akb{J^D_@gfrR~kZoJCm@R zJzqOiI&`qPv%ynSM~fWW%K8QLFl+K{++#dadH(gpa9Cfoevg~-YculX>$!AV);_DI z*}cq=lb$0bPeM`7Esgq=?a7L1Dd1jgM@F78NNk|rg4O5 z_;hF8fITxt1$8Ybgsus}C2+a|{D=Yj*JkU_I|Ui$Lx)4>m(|~ zC~EsSd(gvWmQ}Ly6OlCTVOlw}Dmm`Kc!@3GHaw{CFN<#P$&TpPo#t$~sQv+C*dsG# zNH#^m;BYMN2tAmaXZ)LO zqJm1Wap zj{0_FV5pp4wAEn=o|>TvYce(^&zb{Js#IZ?T!tTOD&*Ye3ir#|;>UOgWCEMVF$(2%30%kiAd@~`c)Dg z?wpn>)xcyp?eu6HU~!Lh&P>ZV^)+#0dkJR@f@?x4mN+Wo!EAKY;KYinNB&L8T(DWu z&9XbJ+JqKdnn=!hLAlv-zOVF&%fQgaEQV_CY*_Y%^kNUnqhX&9F1q~vXr>1&ruV)| z)I>!E!710;w(U{ZHP1Husi~(Sd1pF1&WH)o)Y;BRb}&im*%26?Gt#y|3KpU(^L5xa zg*=+?MM>{#8l_t5Qt!Z_uhp8ZJ%w|PZ=_PHwWDal@a!Bq`?CARYz~p(OEYpiit9}) z{(j#zjaB~v_cbTk11#-TB!Kq*llPn~Z)OgE!0?z3Y_BFfGU`KH-_qnZYW4ka^X6D(o-8>+ctg!kM5N4=)Jf4Ljr5;c&(~^>ZHjg*=4{+5#lZ$Wvr6pM7+Hwu%$$8~H!&E-$twn@dzJtm=RURY7eXf!Ra?4t7@HU3&s;-`!2 zZwT8=jeMMsVR)MVC+>HDXd>d5zLy<)U7dDbABm}aVCi^PUpMXPR+axA zx0Me2skU;La^mphzta7g5$_&Q8T-kngaShmbp{?j;9vCKJ(?oR+k2O_-98{ zlV(0POz2|`U(BF0Dq=%(xzCu!9NL5UC=ae{lPWkX#?*C!aWmx}BngljmafWAh6rN(Jd2di#;b&zd5~ z_d^X&W?3HJ1-t#L)!4q}WlKgAtOm3Gx?5ZJ`ro9{xpp*N@UvX$f%RXw8eF6X*V>`` z2p$jKBxf68ND@2Z;?wmH|CsPc-iW&I{BgAF$rL;X_G8p393tMccc;LcxJBGB+A&h< z6wdQ0Pe>CQnPRc6KLjS2?oTsiU4FH6?07{1`(;BGL7MS7waVFZ)|VzY6|YC$hmWYm zc%@kIIFvwKPnVQ2m*LW|RQF9rNy-bxK}-!YAx09HoRh&5>(kpB?z!gUu5wmxj-&ZP~g>A`Y>S4Zw&eTG!70M9(v8a2^NsANg z>`Ai#nllyq8=D<{22+_jPRDpqEB7b6t@bkP#D`0S+pOHUL%Af@NFrnGV8--FiRM20 z3{~Iz=T5?P*H`z!y`Hp4Tyul*iw{#%_9=U156^VMLR-T*+t>+)>4#ck3{48N4} zQgbpQjNz_xK6$!@8UJwlHC-eM48M48oYIAE@f==9q&9ITYP(eRCA`e0yLAjL!KuyP zI8HwuNAd<3ME?O)@X&e`42hg4M<^?)=RNLhGYiP z^FQUFc2ap>GWNo0KTaj^M|28hKk|DETRfBF6d3R4l`8gJU#TSXf(4oF4N#qrMSU_Rf%?#{`Hnriy!Q-@x_eRU5 zH`n~`{AwnN@z^3Ekhx!69+l1oN3GZ#k$9o9lij;lEA*D{1cpX1Hb5_6G<7R>Fj4XG zEeQoG!+2apu?2Pmm+&sZqpK|XOK=I0cbRWF-c2WP=u{q}w;(&e0LB?}<59cn87`%4 zxH+b`mM}J`^mdfvbE-`@yrIq40qW{&ZZof|@E6})(Ek12gCq+XjXt?#v~)1zv5rsm zV)+-=qLUT``!Kbxcz0ATwjNHvI;N_R`;*h0IFnh86FeS*?drZiVcz{1#h4SEG{Rey z;o>}N&3a2XIt$@?YbhkD3?5T$U5TbV`7WX5gDfT`veLZw8Nd47R1}j>e<-uuui-vZ zlp}EEd-Pw%Hq1-}ldWfiTTfYA`NSQc>dVL^dA!FpS;TpE$2)mt_cmchERqR6ai-Xs z5+TY3-&w+Oc8PK5H8*RL4us4%{eq5wgcDan3)p3*al=e@#t!IoaLcR5G*Aq}Eu>?lLkE zEniFmkL>$qSk7KDxV?)!{qj69R4Q>;Qv#Mb?Gx8xM)NgP88QBJ&q(RLN8QzT?>r8m zj|&j-AD`VVP{|z8YIQ1qoA$D1lF|`gXJIV(Avms;A$gvA_r6MIu~zGO4PQSW zi`KtKZLpkwU#!Uncd@c*rN&qZ+CR!`aq?*5b2}Ro`&8^UTVznlVA9lWiZ(celDJtF zyzKsr=e5NB9yQDs87nFIM!kD}!{NfZvSTuis@GuSY@_Ceb$S~g?rXJA&9}%6ND8}6 z*(;y>3Z2iEy;+|yJ;5?YZdbZq#eDic?d6uFFlPUfl%cu7PCv7zXq&2$l}TN=_yFi} z2KkTkr69ED4!`Z~AVjRd>v+wJy%3SOR~fUofwZaLD6j4eMx|Va1}=OHq@leHG+1l& zfy21%FLvf)ilXh_>G~U>s?>N18k^Kc15ybVYoNYhv(+G0_D=7_S}*;O^8?x^Ao$+L z`3XZ5QrshGs##cCBw#lr8)ZJ++sQM-jYzG0s?_RtjOb>VLkBsV2~sn+YZ3)xtg)?~ z=1ap2EOU{y#B*mkWi(M>r8#C^BcwEuY3E2>NN66jDHiJL^#&J-l$u?y0%YApq(}RO zp3U(KOJUaS5~f)%wcT~uRPU7}GU}w6Sv%Z)GZAsP)j{JtwAr97fb^}NtKL>+tJywZ zhsp8r!G}4nwswQFvtIF2Ei8-|s)iWQrC-E3q{4G82n`!*kswl;hK%rit*25k7QaHP zY+C_xX;+Ez^k#@i=E0=SIhm)&kd83MEg36&9K8HDsSMF zR%>Fp{3jdsLa2RmVXmleOA~$?ws^u-73O^c$;+jyB#FN6ylG}QZ!G==*IB_y_mLm< zXUOrTX`rTGX9&i};{tfUG`&D{$8ljrt~%F8oJo~RMGo`2;S271;^QGCfyASZk|dfx zA6CSRfZnpbo&+WFpMqzFCV#4L1oqgj8?BEjU)z+r~i?Q1gtae{q8K3Cf)`hZf`=x+jFb%TU+vRSST-XLWYQ z$@r?RWPVoy>}psg6{ocIIS zd}y8a9KbnmM_Yo!M(n69K2s;d%6Ui8_s(AO9437TsaNNnFMx#*zW^hzwnF~gSqCo} z9EkcRaNQf5EDWh~@hIOM8{QgzRpVvC7hl1+@!#b^o!#GNgLS>t!&i`8^or8D96q*h`qY|pNqOOzajmcIU4p16VjJbeqwY(gLJ@8l5@^yj8~ zPzn$F-2O_Q_62`6|MF)OztUbC$ksuh1K$7`<)7=H|JjuN|Cjv#xP(~Z|2ZZ~eJLWy zK5BX)7xR}!9)V{uDwkpmkRoIJXz=pw6s4=D4W+LMV3@j8Xiy5;fx=ek@icX@>jP3M=7t$PsbGso2Nk6^5bmp8x^!wkf=e5Y!YdYAqps z`DxX&uhtV}Z%67MSUS)4VhEogX#PCr9no}XM-JY$Z74?A@ab!_i(x68V;5t8sdGBG zJimGW+;Cc`G{_(*Bg@4BZu)6eaWmR_epWgB3Q;clpS~U34GS5X!+Q*dWJkxt_x(Bc zRaj{MxO2y+f6K;i2!^6{F$6U~0TOue%b!7C+eSYTN8qspQ}~W7nh&(btRFn1LZ|VU z?_wyu-R#kX9KnSr5p}BK;L!87(5GyaTA^mh-Gy-Sk&wVIlF2`3+vJqs{oA*%(e9?Q zBba*p%Wz5kr=bPaXB2_leO1B@B>%Ra<>pf__4qVqGEtWhBK0$f>~*R??D}T3f_dV55R7YZGo0 z8!?_6^ZY_6W^`XorSx6NtVWA!Ody(VzH68G2y9E!@<7-Gydv($t(nMH&6i4M)!K*= z#3_zA<<_f*`()o|uU9p&DBwZ&#c$&&8nNST(r;XCI#2jWdFCsWoRf4B;`p0`ZRGPd zHj{|KDsaf_2YsttEb^_lrM&95YhQ&7QM!Joa8dA5U23p#<92(gZ7Nu+z369{&AfKZ z3YUGAztPCnHa4x>VAFsE2i)^Fljta!h{%rNpjn8am_TtNg1sd(b5wU}mc5}huybiX zkX*Zf$9N4j%Erox33HmV?@fzD#^%XzCAZ<&L6IQMttfW3pJkdL5J$1=<5A*7YnkuH z%uV*~x<=$U2_oKKoM(?&BXXb?M({cax-c;fUGPS+L`nHuJ9#Mws?q%8XInTR>!(5 zZ5;`$9BbSpvMD;MWJcT|Tk@5ms+Nenet$G^S2$Zm-GGuHd05aZ}zp;92ur(!6 zk|=nm`N2f{md&W_lBYSbW6qOMd3&Gq*caE~{6MSWbq&~;tlc^-fSgyfxW8Li&rGqP zD>?1Y<&l!?52kLb(Tp}YIOI=1%E>Dny*LM z$}9nvqRC$TNS6iu@buQL!HmZZcTDM5zyb&M$7+V)xXMIS{M;-vQD|$^nyqT+rIE_a z-a(#{k~(+6L>?=f`@>~Y$xR)yW|UXlWc{(WUAw}qMeQZ_iS;@vB9|g21d7UV>@DG1 zmX%k6gmdh}?p-5oM|CUh%pOju@!R;5BeCsDowbeZRmwc}mn^|u41C9CJs<-IjSM;U zV{ez}Rs}p0u*~gW8kK7aqP47(gQby7!PMr=?v8^F)|T6d`z+&qEpkF3(N3KJA1aM!9L?wLuYb=O%+YgdE)h9qLl@n zNA2Jn^G?dWwsz{-5uKsBBL^@RyNoNJRt`79MhN)E+qS|%aO@|=qgyhQx z^@T48Y>mxeXwl1U9V4^w47L+<+VirKe|LHo%w{jRzz5DyQzgDQ8^BpLIT?XnlHMKM zm>I@tp<&kgiVwAhKDG`OeGL<-uWFV~Xd{nb+9h}Y4y=c~a_UW{!M;V$qFv$Dk`D_4 z<<^NSX>2EUhnmQ)C{XD(VW$@E*6BTR&++m_AmQ$ktFiPZ+IgF^1`yVt^;vdIG3P^u zZo`BgtC~rQ>m#8s+FOt~UI;c}3CL5ecmLR!IW_u%h(KT)qQeeEIYdZXqlC4};rqB4 z3!c&eF9j@}9s(NB%2DFY++yqaHRn4BrM(kbU`nOV9pCu2hz&}jEu51w&#xSX$*=n4 zUa+@t*6JltYfmOZR^-#vH*SZ)NpZ*nQ3A?bFw6MJf7xWfrz-l1@b_Ap!%%GK52LqU zMGGOmPGv3}j`xj4YRF(N;1o_|BPr2)D&A4FoX3|PD-JPfc07Lg8 z-VNcV)R-L$DoMz_bW5f7^EtaE;%{xhEZ>yBW-)X$1BgOxRWm?$3$cW*+&a0aPOj)O z=jK_6l@2&KrjN2$Z3Gxk)t6&@Z(vWwoe`5K_00fpm%!fw24EU>Wbusc|=1 zRq!RW?+V3z+bZrHFU@x%9B*QeAbOhW{SN+|C^(~pKW9^OXu z-2t{u^&M)9*r+5@;hZd5+6}mVyStq0Pj~rL)t!?ZATDrc_=(R?0IV63r@Oqz)2~Qd z<3~{`FG<kvEtfIxNXMHxLiZ4n6yv~2@P20+_O z2sV;mam*1YA}Sj^(C+kdz84l!P&&N(8+3-PnH82q8}t*F*!ge)*es0 zmAcR9gs5&OACMVmq|B-R{5rA^;%}Q}{yt~mQTOpG=ldW;q_@Ep2)=jBP{2jEDWUvF zBe!n~2mjS*t>s1}}cU3yOS2hoaUza2U6f7vB zz)!G>-$T9GH@WVae7JC!LrbhW%AI012+e>YFsgIvxy+%TXReAr3^99f)^l)6_(cMa4?Do3w3(1)2(y zZ0weBZDF2fsGPhVP;ZD7kCM;uT@qSpzSN{EUDoD`sRcNoD_=X6`Qev}Hapi+3j!q)YbGU6oG5 za&{vtGZfTSOoeqVijRh^ISw5?6#OUyK$beWiY(c-VL0PQrGqM>7{5vw5Rv!GA~Fp; z<{Gqe$n z+%gOQ6$cc}cPgCoeIUl;`K?!TS(J$!N~qPZR>;nk-VKUK!b2Gz&iDLD$dSeDQFVMqsw}$f~D^ru>vR(JN{P6`JLnncL$0EnrEO? zx*zBex`Gbb25of`+A5!cQ(gx_-?Y@K285O~rM6I*p`{|aP()O^T?!=3g1tBix`AH3 zT1M3y;MiB~)75l?Y|;T>lj0ym`y!|#1Shxual1z42QX+3vzfaRqGInvTG*PuQQSUjx^rg&#=|&o7D_Zfb8KoC zQ0`)OwC{l^-hp`EC6Uo_pC)R=Hl^-Oz~GG#*Jx%Q$y4ek+{4voQDQH}V zD+OZ+jDdP<=y-xvX`)951XhiLKl$SX%B=Ccr1^-pr_H4}Bou=571HK9DA#^Firlcu zJ4TTX71WzOm1fi%DYsG$k>j0Lq_ykDEpDzjU1P%94T|HqUvP}P{8JGyI{i&*wf zd57ZNwL;t7kp`>0-4rQMqHV9E>Aco2MO_~^B%S;knOBpgx!9ASN!mJ9Ln;U=a&F7V zK$wDEPCds-48V9iZ8u6t5QjEoRkgD;m!h9|=t}BQR6mWTx&C9qm`=NU zZ#r--t_F<`yO4vOVN$LyKN|$arHYP}#n&V4*8u$uG!==PE>46k-wcKHf{%ZDZzC2-8Yy#4`l`6d($@(J5EqGua1_?d3F zVezPwaOG)NK(P=-iXExQ5_bU8dz_|TbEb`{6U}Z|Ong@DuQfHlxX2=JmrCKB$&7@! zM@+R?H!ZM#h}7Id*|lev`R48XEWeg80mOIxwGx4ZgQ#X8C5~ax7nF z*|f=&+AS?`8=lb-7oQ$K|2VK`0uxB7A3K~n(GpK->a9i0SK#}d+WSEzh*4j#}X@> zNU)3sm)b0lJ2MBuYIB1dC-DV6Og{pZUZ2M94QrL6d54rrcXOwxgOz`~Xz!oO>SpE9 ztbRm0Xn1itRH2d~4BHG-EG4+FjlR-G=>y)NZ#>LK0VSzeuyNNe_Wz>irO5GcQf@Ufz=+2>=T|hxU zs?kkyyMiV;?&4x?@BP@$cfpX-Pr^%`<4??oAIwb>;_+Vf+G*j34L7wBqS8m`oFF(X zm@SN%kK}NC5*QV_p@w$Tq|+6o3iPwEz%kNbfoRz)rvQ6`{Iq+Of|`GCbLyPr?h#_v z1GJk_o;`ge_ZA=&SV5XPs(aC$#&zGq$Zhirz)A}n!)}Z}qU^@I8`<7VO=CQDUTJI6 zj~g%!BfgKj5mw(gfNu8(bt5gq<{U-)d&Dv8g4Kh`_-OIuU4Y>LEkVQRxo}UR2qI-w z9(-EKT=@sM_z8JF(hCr6sW97dUz#jLWErihUm+TOpi#T479h76RwsJ?huA8VDS%?Q( zAm_%_z*yAq;bc^ruM2FxH~k=nlsO=t$YrLCr0@!7x(H4}E{FSDTANU`np_g zZ;@!>O?r*9u(#46L~97!2cL-QjBwB(L}&p2bYT=yIf~)iH66`!#L=JqDjx!NxSOlx z=TYdU3;NYI4!K4d?6_2vTtO=40*;`SA9{vAGiJQ88*(%6pD*egs5Y0F%gOHn&hIBW63F?{ zW2YK_a8Cu(z&2?I?zjiXgL&d?(~kP6f{HAHLy%$Rp2{su^D2*cSpf*^3V@H>YK1(z z%KOMaC_}yZW-`_)0_+v!COi?anzOgX2W|z>RT0}GmdSTww=o-T2*XtTu0A%kV-Gkr zN$`(%@__8uHb!>@GE;`lt^GUOd=Z@^gqg(`@+}~jI7ZQAJd8V87<}pi%|t8ozH`wD z=PeJA{U_m*R)7|MVqZfn83yhzaEdbY?Czo6eT7=p!3Dfr2MH|>}vq|Rnq+$b1QR?ua zS4qRO16OTRXdS&b0 z#sS+PZG4`u?my^!#IW0+H9L%I!@ck*9%X^ogmXa#2^B9(vL_JBV;!C~WT|rXK^@PSQxJ%hBn4WJlS9#yX@xa*bNoS)yU8Z zA%e|?Je~X;EVHr(Kjie#(@3o(wETi6dLTGAa3MS6U@api7^dZQ*g~w06c>+{_&pp& z4cEX#BfsmqVC$ww;guZo650q^8Wi7o>bwGRcZH!Ryx~I!96NiHhqTjSo*M_jul-5O zo;8dHExWM~p4tuJ$Wq~5@4UeD^THF`x3eSiv6}nWcS>FM-~zLSHK*aVwVhUugSE3Y z4j#|)aSa_wi&s2XkUlijns-KjY082J?uLWNs-Ab?<(fZk%tP(~aQ4U(Iodo-HKDFL+pV1}Czu zKUtpMbOaU-iq5rNxOcPzir?#>C*HxM=RyXgQc}9qHhy+z{Zvh_6PeRP0!qI|1p1Nkm?j zxP2deXQmV3bb3~8lvaqx1k-R6yCPo`=Q*L~cQx3vDPJ5Uf5@=;0m!VBs%Z)0b4X9s z%SOMX-Qf5m0=0q>oDiKAZb`eMe|Q`}{v+tVd_MCL>EIDl9e4JO>)Y0*oQz1nAbxC; z?iJ6>eDPuOubB{B=i1!4pa9+g)yh>v7N5PfXoShNx0rakEw*$Mtesn59JwVlPx~h? z6i3Z-`$Dm`WXM}G=W3w=8*2^D-(4|W8|C-0f>HTpZg$P4KQ+OYypSBy0^rW@!7NkN zI!ROu3o%!^^6N^tr3d&~!nF;|ovInU@WUW@Nb^DT#MG3Wiw?D>QP%j4Lz0EG=SA!1 zV!f6shf8MEr2=r}j^0BQ6K1dOeh87LZ3yUOr9jDeN zg_{^647&i0?1o8?3ksJrUTCNq>LK~<2onU6XFsJ}fl(|UO+)I@gTG357fvQ%f+TBY z7g9^z)fjg4ul%mK{>EkQ)WnZ=5WcJQ)EcA_0u0C*rlDkH;FyOS4BqXrl@i9Nyv~&k zJQzK5Lx9dVjh}#TZUT`qvT?z)bktImR33!kmL|TWF9_(3u!pF9g1s;m8cF`zruT(A z2`>3pPVF%UB0>iu(mT~^k;^mrjADQk=Onx}T;Kc7i9}m{wf4eiWvDi-K#9wbXwt9z$Q(>U?HsNDFi%Wf+vj0*v0)w zB~^~1Cu^ykxU5a=5;eb|!4UHhK>?P0W*%r!H%_(t;ZFhd71_n$QmxEa1zkFpJdhNk zs6nN=uM2G2+;boJJ-dTT)yJOC4qf!HiYmx5rE+9dPJ|!>+@8)BewVM>;Mw|_JHL1c zb2E%IK;JR#+6_Sme`!+K!HEAR)c3s6O&B*)3wKR29YNRZ+{age4YZ2ipZGwW*g`;h z`Z=RQaRn8hD8|+7z3irv)V{x>E20v_k|d)HPW_k9Pvwv}n)9^pB9JUhC7S-wjt~!z zB#sKNTy$#7$7xrxs_XUc2NE0%uvjvpu9T!>CZG!u!jO**SG@`@0Coor5((R3b0O|? zt?KYR2Ab5RMIGox@tZ*E!=gtADrqI!lk;o27DkFo?uE!-g?B4NJlCi{0{n^RN% z=BHIfRuT#7-gpN+yJpL>aCb>x44k&#m1$n$6w?_gtxXq87~~m3{e`cR*kKfXBuzj} z%ORMj>$)spDTp_%wY6=hSe5lPW6pm73DSu34;_l~_>eD-^y?BYRI(VBlE$o>?8N8d zlIoAaav*{->ng(eI&AF_kr1%Rm%JGpll`fFP5%=?$a4ebOZuvxhyNPEZ|#}$m!_v= zO?}J|0b2uVGhdawx21bEeK+gEKO6q~jwbuQnP(Gf+7@sv?fqE9`C|pRX;$yvg(K1Q z(Q$5X8qP|TAQN~|MKO>L)O9bN0Z)yy8j$^GgdccCnvZEcB!7^n0TtU5T2{X~Tix%h zRpbuxT!nRX=nv|z`a3>HlO#tGqAlh2{3bKK%Y-l$tx#mkje2x}a5-HtlBOFe^2HA>8nUem=+u`n0sJ%@ z^8!Y<8^dwEZys=n063|3abH)+-A4tL0+)5-$u!PS1@8*JZOdOjG!PMC6kDL{Eou;s zw`Tw`_oZ!!_9I2V9uCg9vQk#5e}}on4Lw?je=ahF0mlD zKUUAW3`2YE{4mdc(4&q^p;4ZfYK0>7G$+J(S%U3;H9|-y4Rh`yis%+ZnZTyZL=kSB z<$LNN)o|wGWe4Ec_So;_%Am4uu@g`6n!_1N6G;<#%lg@Jq<+2!_a$#6W#LAUg)_WI zttC_%TalBN!!C~H;{y{Z3x31NLoN)+sSNSN-!pF#nF`APGI7fabEm09*)o&VzSxPA z=CgN>k7UTk$jZ6dAId(7t0}k2f^h5=JD+&w-Zs|g!WE1ieUZmXuO={Ohpg9f!b%QV zJC=uC=MPOaguBHD8g>h_VvT z^VaZMbpAp;zn11VJar~FiD@9_r>PL4@Pg9*(cIU@Yz6)PgGyuM!dlOF$O4Z=F1{p^ zYdvivj1nMx$RaBpBrgxps?1Mb>!LD;(flaP{U&R4P`ku&JfFM757 zb(f{NL~;|qJ;w&h)4t6($lSZGJG@Xbb#iEOF+EE>ejlLkqO`Z`6Lb7dEDX;{4^-g< zB3c3lPaspm32(OG!OwKO(1njI1mYey=tM8&zSf*@h$rc0Dr?XPF`dIl!$nmbKj(p? zG8vV1?A^l4lE5h!na0q$dK|tycl%9nK47@#XxdR&GIAmtS!lZ@BH9lQ6WU?wgeKIU zNZ2^{WiT4%8L759TrV37vky8NA}U~f<8Qcp1ddc9Qg#9=>E50ORbUXhOs%bc)kf0K zeoCa$<|;~@gmO2dPLS@hHKWrbJyDC9L-MSO<+r9_LYrpSBQ5uR14UT~GA)OcrNYir zV^iF9{flpjsmMvPKuqYasIktC zUmEtGa)HNt&M(%_cLWm25;RVuG9r7VBgr>u@jYXs`B;3KrQOgXVB*>c7vYJjSWznu zHPvbwZ(Q;L3kB=8E%4*quor`0Vn*WMUPx3R_?=<2PxNx4EO`f`ezY)EM${MJ`NTx%V_-V6&I`Z&j{gXm^ zqpW`Iq<@t=)B_+7c0k*S-X~^u62?nPFl$!R-kj657r@%oVE0cvyPW{H!r@QrRt(qF zf+GZ4(_NjWTW5Q>RQvUAp@i|rr3Fq&9QW11LH^ySl&(2#*k>6=6aZQvch2U7NAyb8XyXn-D&wDJ(n@Ema+vU}A1 zxNU&o%%1dvvxjGQTW?Kb7~ukYn()0_Zd@%tP;?HY-$Ct5Kg>ho0@69xKgds}nC(9f zvi-t&P-=+05wIB@c67w0GU068zF@dP@+)C-x659y3O8LpSg>_&hL2g(f{Ar+nKQN5 zjyvZ{P6#U>bTB|CcI8NCg{1r-{{uXL+Ch*RnYEl~fKyn+ai~A7q+E>vQ6#={k#yEBr+IsexLd6Upq8!Cu8*coLdC{)KtysZ}60 z^7>uv3c9BJ9CN9+sRgl)=O^lUah?X%Z(Aol0D7Ss9WVkb4nS=~NX0_n`wMdA@o39+ z=3Z5B4f)kxre|c&j}rlJwEcW7@uRwaH1|!m0VP2Ot_yEMHWe~pL?_Xs@TXB0$ifQu zqm-)Sr_>jE8pe>Un0ej!hyYrp&QMvFMHJ6CKJW^f^gm_?S*S@7R&%r7dHaeWmdQRR z;fb(34FA0Dal)x4JA$*2tDCi84@xDga@k;OP)8f77&jt)cxexOY{zjHs@3x0@; zy?<{83)K7EhUUa3Ffnl3yyy<0u!8rpda5YMZI;V~Gtv*| zw&5If%ZD%z_hc}kV+oCB+n_4NKk5YIC~Z&z&FB9G2q;80U~8mktaNS zc0$4r)u;F4S6+4MZ#X5F`{E!|L(MB&YQkCqC!D)bfE5Eh@#P^AZECB7;g_8<-I(zc zbG}T+&uoRhr~s|$o>2JFIE%`Gjtl~*G(^r2-dP3wWYr3?QlK_pU{>_sDhZ#qhicl| zZlyWJITd_4Ue*1Gc%F@G9<9IbXA?urdWKuu9Y(i5@DpoKlUW{z7?s0m?uHmzi%4i( zv6%ARQA79K=Z?L-ArtC2e}ixk;+Ez(w;i3C%HKrE&Y1cdXt>Xr3Qa86?(KOP_d{VE z5c{(X^xvCSR2!?nx=vJWhdtr?-TTbyY@Vy`RdC{mTWT`P`urXeghf$bKhtD&k)mhnJgq0Na=YA1dL( zs@qR)Q*%9ruzPjqYuaVxEDqSZRz)gX+f*}QgNh#ztu zrjEp+!}6jnto@zbR)>;9^DA*tGoqYs9b}nRe8h0H&`9H@W{=Wdy??Ju9$Ko4TAT-! ztaJDNmG->)bon;cAtVa_-E-%-2JgnI4UN4A2rk7 zYLGP+5Y%=QEjl_Y^9kX&uKCv8Cs(;00YK>ags00j{e?f##)c)bc=_VK83&7~k~DE9 z+kJC{?w_b-E26eFm*k*nZSeQ%azI{Xsoq6Zff}A=^(gv+`!ePp@*8k#49c@zRZg9s zoalEAiz>SoPst@25rlfH?&|;h@W8j#4LXJ%dwO72g!4zp5=+lq|7}VW3fS#&gP+Y< zYw#FCEy}WQP_J|HLT6~agX&J+_BG$eDj*l1i|H=>X+3{z!AjHx(ZRB-ZU!I%^}+}z z{9@Hz%SM2&6U+E=^JG}6*F7;I@5u`JZkZ6z<%A$n4}NidR)G)!X|k+|w|8AgCm)rY zl}X0WzLTam;%>u`zpnVB=r(WFL5RU3ml>==5-00uzJZr$WnSA96M5}I0c(E&y9%`Y zlv}(|`q4qpR+#FwD234Fx{R(slYGEvPb!=E2MytSdV2bN)7-7ezU;&5A|3hxrGZU= z%SRMQfp4f>2zdLvA^IuaNe`O9tf>KP{7%}+rwjHcBhe7{l7Oc;l?e{}Nq_=YsrEV{ zr*=JT64nEXBaU))ooNJ9AA0& z3}CtlD+L}64i28^Z7zunOYkjrfuKk5crE?G5`e@`fmX6P+Fw;EI2j;Oq=3X2n*G>^ z=9WnOw^aLW07JFgf+wWu`j36BIC-nTB`WaYOfKe4;ZG_2F~=v!jk_OKwrYe8f;UTI zr?0h_S=1=~2vflOP-CoEcIaxDC&|J>Z>v$(*ccGYuqby6@>Gl{_Lk4`;sE>pCKl;C&F%)D%JP5Y2Tw`MBBj>YpFvB+k{Ps(Z|5l|5=(IBm zr~Q1DD#Hna9`20WQUK-@X=O0EFeh03ek;AeDdo zgkyV&MY+El|=r z`5ss=vcdlmFc)`s;^C`EPqeBrAOcH*3=44w`slFN)`)QUr*V;MCblG_BBh4; zT$0AXctva$Y16fp1{nX`fdGxKnV67|Z_O>iW7*Lt$zj|7VFzCnYH_xCb<~u1M2$;3 zz$`?T{$NNk&~WC-$Q=L8N)r%fB?_3`Pg~Fb(5w|TH9P*;r4vkAP*ZE^uYd%BikrFD zZIQ2Z``5n>=pQ+p8_lB1bS zmj2d50H-a_j)g@9T9Kz3gn^B(3_F$f>RgsK4+4(5;3-#zhy3Kq@TK!oV^Nk2A-AUx zFzG1G(DvWuu($xPMAKDh_eg)45(lp)c{=gMF?RDy!upCCDSQe=O0mdRx}B~7bwT`S zEYeFuV{6I|NV7GP@P+JXOUYsQ=tA_0y^j@Gx{Tity4IjN1>(wka=CH{gyc#XnCc@N z&HGpLwU;1;B6|fiez08Q|4}eAGs9e^+V6yP1Y{j5DA>%aZ58EvG5w4Zgr`?}A5qW? z*}1BWk)LSe!)2NYdbx)IN}h2q1C$&gPaP2k65pHAcPW)Bcp-;?Exox4)88UmT=cp4 zC)c=l18iq{0b9NA-^X9E!X{W=&GSTkcfc?R67qe1f#zgi?4k7fZ2yf)-H^+)q+m?4 zdqK?crN?Dh3nHFdl6F5P1`!W0V7he*oY>pd|8xCve#5?1ssjNU5}hj~x#U*711NvM z-G^KQx`lz7wO+OBZ;z~oE0UQ0H6CVb3s`G;e5mk?mEJKxt0k;wnWbtVGTkb7zZOr^D1%`?0*`1#-KSl9L+WoMoGUk#90~k`wVO-4vYY(a`@GesB zA@o&htjdR+S=b8zF~Z@qu}7tZn7=(pj-Xh^SJ1GGx)=olW4Zxg8{ILL^GM>=cPT))Eq z8wc43X4lsP=`0s4w%hMKH8VZ@_O2PxYfRdT)s)W=t~b7}w)gTp`5GHMuEH{Y?nv2rDiTj1 zx)-nvp+j%kDcVEdrc{di`_QLb=jZ1qep)|iNWQ($j$M;8y$}--ey)H?N5$jjH;1-o zTlj+eK7UK%0ibUtI-9k`DRG3d`)r0>do0v<3f4BIAokI>DupO0n*;l6`p2Qc7_UxL zslzI}`9q7+`N*&kYlft8>^#ZHRv5J6?PUc%$?ndGyJH#?8|ADQyQinSuMBC;k)&Dg zTk02Z&Xbf(T@(&lP;S++@MB=P%bc869SaWut;{9#ruMSv6(O}%OPZ2#L4x5{y{v16 zEgsYw>Jkg?cOAa+9#1ud?2^)p}8cZOJ;GRas0}nui$`8_*6yFBaVCj${!e&tqNneuGqx z{nubA;m0Rn8J@ItN%p8EtUblzd!@R()}qfwGCQ&YK1i%(j_nUp&WcWhtMb?PMtX`b zy&Wcw5%iMxpz4c)LsfaRgaUSk%SWrWnpM~H0|8qXCOCU=yGdD<#M|E^O&S?23+Qt2 z-BYR=!B!e|(#rp}U#8tkp7Gl%az2C7@ST6NKL1|G`hHV#e*W9P1jJx4BmKl=T?_a$}hXQ$f5cE2wLrZ%9#KG%-xRjK;g zbH_2*JxQL&rtB$NvTNVII%{A%9k{hvq&v=2Y!5@tny2S`*8iUP{`u4;Qjn%3Q0t`l zYo6xYg7>p9Ke*oIf8yx*361l$Cza$LReoCA1lnmToepY~egdBP6+cDQciZm5cb|0_ z8u|tAmsY;Nx7Ysbw7rwo?SGtF{&^0tBikUYT9>%}P2!*63(V8gJ$c2S|9VtYKlQvF z!ymEtf18`Ee?IS1sXf;BSl;C0NzjoI5{9$SzVpc13_RTY-TrIWum2bLZ#6%c;YZA; t^U9vTru<|VgC21JR67brL*T*Y-}X~fU#D~bQ3juC;pyt@+Db}#?{ literal 0 HcmV?d00001 diff --git a/docs/images/baseca_image.png b/docs/images/baseca_image.png new file mode 100644 index 0000000000000000000000000000000000000000..2a34f305d6e0bd382361e7cb4b625068642a1585 GIT binary patch literal 248104 zcmeFZby$?!+crFulmd#tmX;K05RgV`N$EzUYle=YK?RHMmTsiGRHSq0p{0is7<%Bl z*?Sw$^ZFd$^E=*u-#L!qUUSD<_qx_vSDe?mc&(}|djpRg4+H|;ke8EE1A%aBK_GM? zoNK_DorFf<2VRl2q@=36q$I7X6U4&W&Kv}idmR&pt)aet%m2~~Ciz(Y@fs17IEz@~ z2@dy+GE_iL>ikRwSl&eq%m(l(w4q$5JP7xeH)&U_ssnf=}mJ(wh2{FvWG8b zd{&#>XOnp?n-y2m5-!D$S}Zw0X3`}($!M(T;Vj)TFV3Jm&%Z6+slDrub~_z?#2+Ir zj^5(st83^|7MpX+lAQibTU2km3@$G&{YV&_X@jvrx8FG25)Y1hy(=$ey!R#20Ho@5 zv*lvZ;5&mmtzs1I4LWbXNc9{~v&g8Nzi#9_r~5pK0|T{2)f&j-ff%kWS}uK83m0J^ zd{Hdr{Q<{>`x7`JLD&05*j>B8FSKIAX1*4~#(P=k?3R&i%yCI{-`1NHac33c>HFt7 zP~u_V{1hx+x#YaMnUSUO+W6sfmd=D3l>xl)vU@BK&0f7c&p&2SjyaX?IFXJ$Oof+TfVYx_Ma_1e=B@fx&j|{8^TCBRCEc&>#dGxgtsTuck@gA0+pX5hy z^CmODBS>9HJ_zxj{HwZ`GvZaxDOrfOs3qdG^Ds4GKMsW_SYB0^AK_cx;CTPGo8Q@1x$KJU?9k#HOJQN3g-=IB zU#yK=_+agzIV`IvDki5QvB*IVPE?>Ts}*A3DnOluAcyQ1%rQ$!XF1!qt`P;Gr{9I3 z+ouyM`eS`WBWT6)072#nA4@QVVBn(>W(6u{?YBP@)WLWofjfcj=8va(<1j#S{@z0Z zy;f@nG=pp7ZR~>>)B$2#I7R_achTNS61@oOBqC7@a-o&%q%04J52skVf%SMnl`)^m3%Nn{1$;K;c3Dh9h0qH4v=CfOhK~>M_Jve$_=sJKX zaXJ0f=j|TSaJ&#`TXtag#st6OY#m>qt|j!v3i|+hLLe=>p24Q7c$96y(%A<&ti)YzCkFS+luALQw9^ScBn?rm39tDc z+&dM1^={}(ylFBwr6L;>R>fcHFIYZPwmvZ7FoALf#S`kV#fI{I6?%^P=s59UlV?+A z6KqF+C{j%!>`(Q1!NKOCb22LjW=H$-;v0ts2U&+zhZ@JAS``n$MuOREJ3(O`Z+Eed zdCpDFb zeH?$R4184jKPAx?5KBh9;qAfK8cArcKxe8Q-hK8ol}{tt!$g<_#-XUL+T? zeZy;nGe68~@PWYt5At^M4nAs|Pl*E?S_ta3yP~0#d{2m;)U7K2F6m1k>lsQZ6 zlOd)quIty}+i;N=5c(**%_#^P6#NQPGRLG~LHV=t=P;SCGTbtV_j>P){wgGQez*S~ z@t!6rTxnXVT**dhJMp=7n! z`ie(@r}UvovPg=SV2a!6=H`4d!h8Beg$zH=CGIl^=gOS{;$FBoq*Zeu2BG(DYW1sw zf(slmwpxPdcP(}GTluilcJy$b`wNeGc3J30BQHJACn8BA;^irmtP`tEsz%L5?M8;P zw|DOC;O*p!LB&|akYbt5hs{0S17{}Z=;zg^GvBNnJ(7j`^I9@5@h(F_Y7$Zs(ybK| z6%z8#^ob~!Xe!y)96y?TyjRPJ`NH9G^-B?4K7u|16ytRYQgW?3ha%HL-ku(on0(Kl zepv`1j7W`0qNkBgkdn`w$|T7k&Ol^{fAwgO{(8{f|K9MXm#DI+@?YcRVQ<4i#filE z=e#aLPl9j{aiwva@ZXWK={mT6IQ{hQr6nl~+aiZhM2P%5d6DGf7>ZBD%b|>pkp+=5 zo_4d!v#ib7e!_k_^Y`zOTxV=xieqY#b5xp))9dasPW>W?)WxSu30qgZuVZL}V< zMrl=-4jXIM+Bj70Y)IOM*ba}M>pjy{)!X&8@13fCT>NSDB?iKKe3Yz-I*cxokDYhE z`+wVFj%OxUCQmK0$>1juknB@PlGRt!Kh^uD*PwEeW&?4ywmog%iwnwiRnbm;DpqmA z_T6q_^0o8H>ev3a17QYobzFnZd8ncGiMQ^;pM>f;ung**CRg{`m9*8#_l04Xz3v+uO|G&&ROuDS_?-WgHMD8aW6HD4_vgF*J&wWf`=4 zAdJ7yqk}-f)*#G(?@~3a8x&SGB*c1TR~i~1vrd=6Sxj?y3QaFDdW`_O8xB_9E3PI-QC?e+<7@5PL`b9f`Wpa zTs)jSJnX<7?9QHG7ZVS5urvKXmHenj%G}x1$=boi8Um)hs@LQ>#MMQVj_#_VpPzr; z)7-=QS4&{$f4c>Akn`#aCpQNd=g+!U1OF0{|78;QsGQ;vQO5UjzVv*D?zo(8qYPe za7gR@U5M60)H3|{<`N$E%q~Yx8{x$*x%)OIr2rq)Hq(MdT8exm@6qR)mt^QTwEm#~ z^`A#f;V(cnw8Hccu+cDyBtZYmKN9#v^Iu>72kqd{5=En9)?zJNe|Y*Iy&z_-c}6X~pQzSGdwlT1VZ}ZjO}Sdku^@138*64O60eUjW_D zaj7MuZSBL-@@9SFukS5vT1ob&)fe!EMM6S$QDldb4;|+P+5C}-2eH#{?b5cgqZwmh z)-ujV^?dl_90~Ww#95P*V2+Y}1PZXi-96*d^R|2Ua~6h6VBt6@q%&(#k)nZdkC&XR z{Y<;Dy(6Wep#Rwy230il>04{BHG`%7_0h%ZD9Qi0{BY&` z{X;Qbcm!`_5{1NqS_m`SJHGyE4_9Np1iO}9_kpomR;~8_;pV99;U_a1c@cyxk^2*e}2<9J5mT^k9AY zC0Qy=)&<#3qI>CQ+&(en=+`FR{j6ThbRW8_^0`9eW0hgNT zfe~UxrhW@MaEQO%iJNUN<((?7!2fYYf58tprX1u3Z{B0k_?WJ;%4^v#7bK(PU82C2 zU~a_DewPZ4_}t{VpQ8b7(tAfGbVQbsbG;hD%U>Ft$M-1?r}{9D^y}(e@WRWkN53>P ztpz5I!`nL@=|wMZP6zH)4&M8-;@-U#Qi?`Ztj{0U9mDEL*=HEqw#kasK~L=>lL10%k)<**$gIei!}lXZBX90NXKAjAR}tsa zjN03rMv7|Lii~H6TXCh$v-4%Mb*klNxJ@2g8=8W<`;WR}+22NUpx#XT84H~_p1Dmn zGM?wTkg#fnPuDp;*}L7fy!i5Mxz`c(q&bQviW7bMxmr~HZ%g4f^F>>Y`CK^tTRT}= zoa`IYm@KWq$=S5St~g^KD*E8Pp~RR-5l<(>I6OOBcy$n^u&)7UjV)a74JiwqQc}%G z&t!#pRMBMl#=$zQrF$J_=_=&DZ4k+ADw87Sx}h!T#m{DJsRIF@rOm`@pMB327g7Iu zJ(ATOJX3^E#?kqjn7P<@H!fRl;jz}`;jDwtT0uX9d}Oz}is;?Z0*xW~OuefD6uF)Y z+t@lkadz5UV)2@^rwa$wym0VqGiDYT&#mb1P>7Ab6-E-pFy_)A?7kgsKZlw(D26$D ziekc%ci>0v&(DrbYNO<@{kG1&OVAo&)#j&Htn&i7RiJ+mAvnj0)(JT!Xn-UI>TRn6kP`UhS$uSMAlE9SEm;A65-Ttl z0QBC%#bXWXek8b5rON&$E3NaO|L&3OV@b(uNDEr|=lV+%BS*)-C9i$t?v2`vX5A4~ z%Mv8?{-w=n!*wthHT{#wUG4YIi0MQHDl7)dWS!3rqN<=T1ghFb@?mD}1*1^-YO0qE z^k~y$9QN_M@TqkjrJz&iJ8Sh#`%U!FFH0;modu(|o0OKp0V(S-I`u9IifMxStGacO}^{`xLhlhnUf>+hw-$F%(DLXRI$DI^SM)7v+@ z`$4i^HfdE`k3PPyS&-+f*=n$S--OV>i==`qlVaXNdnv}@P`qKi)D2Fvecfu$Ca`J3 zZ=QCt()z8@p{w#%;3d-{Pb>S~Y2)3)w|0|T$OIO3rUU`Y9G{j?4PaN!OzVo3!w|1B zA5qM2$UA_n&QB)4i;1)SG8DAogIIryslaFPMcH1TK$2NsViiDQOc9QSJYpsYeEE`xXbUOJ3fB{iC9r+RRG;qx_x@6X#^PN(ZC_S}NpU8YX5lA(0g zv*%c2QC6#2Pd}eV@>(hzer?G7q#fKAN+rD1LE|o$c$pQUZS13aan!nIk_6a@;Vf(CI*0F(W?hle8zUv_+y+gvx)0_Q{gXDb1f7;bWbN07v-fo@(0&)~ zZ;A&;V?OD968ek=WR*3YUWlGFpGDrw1+k%>G_px;6H8cA+7@*BHnIC@6NgbfEo9U_ z4|cPuUBh2r3N>KU0zNIAISlr~en2JSq3S!`ENL_5@j10@iPd&v{O)HNt3bTv9^E!I z`Q-@NH=V4UEk*kyiY&y%5&OM}i851Yw@$_8A*>Gv{2g@>s83NdzB<88pY8DBF;rkf zB)<*w;^GW~xRAr}(n_J14SVu7*4`yyqM15y>-1gEnQ*f&O}*%4wCr#8})g4%GdJ7WUCZc)~^JMQ> zg8HwN?ojb3>W_!_mUKd1gK9cY(?(0C542?;U_6mRE%f^{k$^Ot7ZImx76ZvlljY{H z^%<{2IXUKm)=xa8v9aNyCd~qn+2|*w+Awp|#Xcqfq)B7%rj}<@J3F~>1WZt9GB?ea z$@J^Xz8qL@;$jUH`O$f$ao`qwT=Jt~nxm&*$M}w<-+=J)Z!<$K5B>Z7R(7A$gE1U% zCZpu(yPK(mt7NvCR-k-Hs|GE_OV(I zXECvS`>GPIGUk&LmqK-||8(<{5$PV(cVEZ2Y38dfkWO_1?M=Q_>!lQaT?ozD-NK@Z!QBr* zSsvdPg%Hzq&SQ#q-=`FQ&IYu@ipph03u-jrAXpe9F_}02I`xDKwcoj;PvaROW%$vQ z>%qgrXSfauI7eh6&oXr!ynKX$3ZMs@^mCWHL9>z{0ttI+%QCl``0UO@lf`_rp6^3( z#t^(E+dB^jUfxha|FyaTq&SF5(Wk$LQ88lSlO8-YuK~{t_jE-v!qWPgLo{U0j;1LzVS}4&AqT(Af0=y02J^W>>(vaDaoE>1 zHnT4^%uO|D_7*IsTNrb-n$zlzVK3a5lq^*k-KhE$<7goz(At-FVd-~Ph_O!Se(gbu zh^Ja&BL)BS8UG8PrF`bJkzn%PzYR~|KJ?A~t(8+YRoWIsO7XFh;WNvDlYO(mx!(lT zv=#OEzX=F}K0V^FXQSh}e~LV?wjQa?H!9k*B@5x8w za*J}OoWzgQ0A5w?oj-0)PIH({;h^YyCj1PRA%3DboDh%{SNvVOvB-bz_@>bG zq4=4;Sop>6#C5B3!U^+Fb1YAYr%+ga@zX|W{b_BFBwuyEx?z&Z6U(Oi_|pcgtlK_;gF04@Qi2&)G~Q?g5a2x=w0kcOLhPnXgu+6imP66yq#y-g|Sf4L63YBzMCE zlY%QkYw;Y^Z#Zp_r(NtyU`!i%FLZ_-1GeVty{w%ni!N40n3NLFUNa=zdkXWIg7kJ z%Dzs+-AxbKT)U}O>tNE5YT6OjQ=?z=Ch;0_;T%g!G(XEI#;7z$d^9NuRP%eFYC9bsPLWY1!jKPz-o8BgGS0i5yA(UcFxs`$$4}`iB5BVkkxI6Rax#gXQWo3!Qxf5F(-yXSj)R#`b2Wfpqy5E z?^qAsWAi96gpa8;pWC`kUKxha%}EBI)9Y?V2G?rqwg?Fyq_b$3Q1YOH@(;OpxrPPaeK(wsJ3xWUkhZN zR*9E2H1Q-yp(eFn(axB#&CTcQGAbqh!pAC2mpX|#*aXM6z!`+jr z-c>4^v1+F6RT46F`B?Al>-OH6*GiZ0O?W7FUUawr#y6hUK6^ipbTp-nV=Xp)Ho$l} zQWq%G2)W4VRauj9%*|c51Y90CL-ZN`O)6uv6L5)&W|;GBfgNbm&igNiNFuxOT%gZ| zXToLQ&j!!D%YT6s{u18AA!KOax3O#yx)m!=s_k^mjtAQ!1)WLZx>%Jy7wu$fC3X`; zlQ*$yZ&2{aQF|5D&Ta$d3vdy?x>5B@<-EI-Wjr?<$!RQRS*={i>EKnAyHW49V_sTl zkRMnHCK*Fpw4G9KNRPP(M5+hdlagw=1Qf-6b;_fnFuX%0*?&5MsH>19gdhs0iBTuYL+ z<&Shz%jqpV+{;!VTi%GVjXZ0c7J_`s>En4epRxx&P1D2z_cW{%65?8Onm>sf+Y)g+ zfAPScdW>^+ZbO9=h{aM`AeX+@<6=^|DUkcMrJ1gqg3e1HbK5i!gnFy#t`GVH!~rX_ zd=UtP*-yqfCHqsGc&#K13<%p?{+^B#r#@?rYP!G2 z)2X=ANKlPL<4E|*OFYuZw{aX@VdCJULcCQRaK&nG%*(g2QgwzAbkYnesliJ}J#ou% z#>%e~%OB(z+0?_>5_olCX&3CwMY))S=iXd71=WbVt$jJP0l)Ok@1;jkU;he=Rf0>@fFb_zoWjUDCIV@z@%~bbUB6Z8nA{N`+#c z8Z(|7_Vu?A=O-#g8*X)ly*!z8}D#nRRy7v@^XfWcQvU8)59I#-Y zH?|O!Dr=$JvH^8Z;4VA-y7##h?IY~k<-R1@?WQB6I#&cl&|~-6JOB3FCqM%#mT#+n z3y*&jiU$@Tl*UytoiLHIIb)o${m8$j+IK#GaflU^`6c`s^b+*xX)R^XU#I>zC3F(N zPN)i2|JhFbZhU`rgeXK4fG?lN#C87?+;3O^C?-I6{@*kuu-9Dy0B4$oS`h$d)Lm}Q zO2^qdCB>);gh*X6thq%7O)>;DVv%{FDM5eK)3joEnEHN@k5$ZKsp?aJsx$#W+1KY! zb~|!)VeSlGhj!E??~}OXISlKUB0A82!bJWMv=)r%sg`k>RL`8~X?J5G`ACM>)6G8m z90rZ|0MH@=iD)@6^rGw98m`L}xtw;6q?5+;`O>}89V5Qfu_bKQIe7Et{b=81#`S3y zsmK4gymV}FL|P80TH&{E#gdr`MRxtYx$NuNjLW)bzDEDiqo$?C5mBoQxlTDaP?%k_ zyth2Jyc?0Zcag>NedDX&N955peXmAkmq2|=!RL8P192++;AsXRf<-=T<}cQhTOTg% zEc@1xZFol1#9`dr$Yb+`E6iyY->?B0j>7gGn}p>kMqVM6mG#&k0-r0VoN6|oZ`h(* zj;aGVEW6_$ogQpki~6T1sO2c;7uGp`du2CM4

3Hrf%72 z2(R>;F{p51ABVi^@$ql-HkQ

(1&JJVMvQw{AdZ)fC z#fD}(wU3m{^%i2T6*kE5jMqUdjqmwW&Jvw!o#8BbQ!P*L3-8_ZN^AHmJ!kmKNJfPa z8{565F67FF(V*zjG`)Nj(`XNk&)#drk21+>rO)hIz<)t*;>Dj4Zg zxw4*%Eb~2HpiAI|H2X|9dAZhHaK|!D$MH2tpsQ3`U6g15;3Rb)7(j-~Tlct21#HKo z1!nV@_-vcZ%e{RIa+4pI26qGK^qB$89B-X3x^U3STP8Gcz)2a&&(-qFDoO0(Kg5_; z9F)kwEF70mBU*m68+LBkY%`*}#UyTNEAB4-CFUHbZ zS*DQBO0OU)e^${S{tD6@Q8(t32tcgSJf+PUep(}^|AI3bJoDp;qdiEB^ZUE`&a2?V zHOKq$#qOoxJ)}U=CP<(v>Y1%yD|RXl|B|oP2=gRntxuV6Q*X`oiDwG{^;9Q|`^^f& zjokLn4!>0uG5}@~vvv~7@MF#d**H&-!zK*8FZnV%coU{$Ps8p z?m-V{SBa>X+2>d9$Hqw`iPVSTA zC|By`Ku436cll#v1C)C+M{^1TMm{L;^8j=#2J1-ScFD_gb>-xTp3I*kphX_sbw{%w zOGmlkGBt=7t9FMp_M} zoIGSkb1R_`Mkbrs0@^Gf4{U%AAJ zdij-)CrDj6V09#lnMOB}_Tz=xva==n+HqIVz(DXGuZ0{Z8HdrZc`~GI#&@+@4x6bJ zRg^aa%*SrcLi6qs>!*-sF*r*{#RU@p_$BVQgGb`6qjo9$>Dzn&3h6WRdPgNvy=C@} z!RK+Syo(DTm*>Z@)U{}LumbrHv+95+MLs{)sH={!uDf5~=o#2wSLS{SBttzdbybcj z!yjYePo0Q^=Qw8SgKr2Mmp%5hhUdh*c=bx}(m3v5op)k+WOpA3oMYZ6@xwjaV!0m4 zogMDPxot_FgHvnN%~b9tet1D&aE_9X`iym>S=^+Ege_*yG)lh)+_hHr%?x$QDY|Fs z+_r_xoXQCN1f&e^Tf=hpt)_rko8>&dt+i`95oK$WU6a}Ub`$EXZ!}s1UFHGcO>h4N zBx0N~%UL@t^xA0GNT$B_2@FqX8e&Mi!J@uu+ZOneXB?4FgOn;D$9*cAZ)&7nat^*h zlcGo{0HAF$FI9f1sNZ6$fEP?ex&VkQfS4<-5nEcIm-Rfbt>3z&6nBfhU3r=}+Nlj> zn()WnZBDn)*Tpq%9L#c*U(5nor=BZofoy?|2o9|GrwA8|sSf0`&&0aJsRdAF0SA6U zVVoawceMPIocIC+?|T$G$89g<^#!fjv@bF$T;bab-SKBsxymV#UzHMH>eJ}TxS&sK zG(D{nFZZeF7e{mUtxF>*i>o7;!K|%2LG4Uew4i}6E}D2VIfafEQnWH9!6$Bovehkq zG<`A`)y#u?7Q$jbeIsM^h-rC1rh>JyV&?YmnsG9q52lKk-QfSCFd?1wXe<6%^&I$1VP54-j$=;qn1(*)-ZZGR8vRNy*Q*Or%$+e3x4A6TV!JZa zJpim>UO0LIA4Bd{@|7C{Hca})+Y4xnz@|lg)9iGtwy+vJ52Q%)(QRYg7Re377&nr~5zx#4i7!9(nQ)t^LriA`i7o?;^b>877qzS_7&G za{#_%FF2H~hK!vsUulUHKuZ9*6mwLZ@k{u#qiw?l8DiJ{voYNdKzIqhnB{}aYVhcw zjcgzn@j2H9sD#~g{B}y#Dxpb≀hDXJ|B$B%b22c#La3)tH?^lZ0C{u2P%`=@foX zvChN?nbdRV$;aZ8Du)(4#ZuxhsFkxANGa`!NA%2H*`g}qQR~c{N!R8Pu1)-vfl*!c z9A8>i?cyP8OYE?HXn!JKMQ;M1dfXizms)Qm@>C4e$1&J^>2zbUx>h{cIU- zVaLTRs`(X&UuFeC%wcZJ_`%Zx5FLr!l6SuE7l4HzSh2}}qCZ>bsIlb;r$JO-!X{(C zgf}OlfrG9c#4x9NJRW(5F*=KL$<+jm?#fiMjZ$Cjr^Jk*KGu3P@YAX}CH;E{eg8Av zX2aw5XqrI-7qV zHt)9!tAzXQ7QDCYkGFZh7xQ_QOp^pN7RVCzY(^ez&S>vkC0b7RTR25H`E18_ABsbz z*_!K`d;#;3Bg?r@@c0DUYvJviGOapY1sV*~;Bc){`ra?Xm=u#w~s)5ECE z9gvAtJl1;}DXW|F>r+j^c5}_@tAzr*A_pS2Z-!6CG_p7N{ATUCqPa5%l=)x@68=d! zi#LAQ&flU;S~NVs*VGW-wMVp^4d=izKhgrNU1KHEXc`es{Q4e&sDw7SE!PiVuK^h# zQq8liYvBNK=cs~imA3_=nVwfau!2%Ma=VJHcI=ucM|bph-e=%B;2-RyOoi16AeaC> z(h>%Sf2(e+A?*2qm-%xB$YD%d=x6%ox3U|f$u{3trvd?CORffxTrB06)Jp;h>|+h| z?t{^%lOH+e%-+|$uh6s7_en{?dJG$$3q8$NoE%o0P7LL7Ug>q)zjmFHa=Rx(cm0s2 zai+mF_OkgnBXy<998rCUW0}(&(-SARF_Pc+{6*S|x0DX;E3Mil-(KVbC93y9wogO# zo?cx!HChOf8ZG0%_myi1jsOt*%2s+oc5t_T>@ZCFacGhmi?6HPPY+3 z*5%;r#FJy#96Z;Z(DN|C^1$MLx&*Sx?-E6LSVYo)sxf8nxqA4ts>9x|2!5erseemy z%A;WYMuQ7t!LieZ{PS$hbZ48w;T$o?mGU`_^D~Je}t|2Zh|!^w&@K+Zpji z2iP1NJDKpqTK1i-&pbc$(!2ugFsLSi{#AEon8@Nyjitg{QMt{am#jdk~j zC+or(ZO4j+|D_O!1|~UEsK=djq?bOstInh&P6OS2ly@Be9?w4_4I^a+Kav@P$uR*+3OnHx2d`26t*Q4^j#4jWRk(M)Rew9~c+x@SYov!id|dpUu5Q{Sq^$Lue2t!1B|JRlU5C7pL$Sj5WL zFEx1>xppli!S?+8CBE9u)-Ey_{vqr-@$Cw$u3HIwwk3uc4hxU>qWMtycrI^?K{fGK zEi=zQS@P25Z5S^Bdkw1VImwBM&YxfN+eRjlUxh|>(>`D&Z?TdZ;%RY;c=5rp+fJ9UR`vm5}2w0-)8 zZ2cM>3G`b)Cgy|}A(f6wWAgYq8Mpd&$o}$!JJnS*w)G^I?e1uyX2h*9Q6?a%ygx~3 z-CdwkvkdGP19T>!aV+V*p@3Ub95Lb4HQVHsEh$G9h8~1{7}Y`JXQ1I=@%gKg=ve;C zwQIG-|G*;j*aVc})muWZ3g^6mcF<0u%Ye-@gu4A2Vj+?%fk=RO|8Pj%`25XAE%YDc5F^0=3~_QMqu9z2Ec z+a6NtR(j-z-QPB=+X8W+feT*c^y#e)l_}c$6yL2%D|ZoVDz@4K$_ACzMm}$$Y&k^t()=Lr zCUhw6ru#WNjpk*=Kc;Nu_*PG@=d;t!q0He7bBeIf{0IUXK{|H*Dx^*>DKJY8&z%RJ zl%~$OrrhkiD0gV11R}c_j?8Ujk?vWUvhZBJ>pBBx(}8gs2K5&UAjI8rua0u*#di>A z?R~(3F+Emf!~wu>+7`XZj0&+Fgzjn>SA)WnnG3McM#!^FOl#{??p#H_aO#@n6nnb& zKc<`%1Ch0V(v;Qk7ssm<6Ut1vR15_Wk80qqnngN~@RoX5O*?|I+Ujo5I$f*Xg0~n? zRS^!k7J_I<2BQHg;&(p7>>2-t( zG_irB4md?+IZfwbMFv&C4yCOZ zNr+sR^|)+jxe1s#>Xa}X$gyv%{0*m^oa|dD0Ex2p2Fd4Z z^Jr=rQn)j()-Y@Ntfy6N#)>}pRVV7fCK9d9gKykn2ou#Z7+3L6vY7uL9GKc04)_3^ zF-LKHrS?=_TN_)gx#sK5xEq5rWsssdej2VC_l%WiZ7E2JMgb<=*ga#*t%8}@8iC4N zf15it0F;^8UAIu0i`W<~TnCjA+)Xi`YevC$+-K^j=G|lvtN%|+8Zr*$3zfp z&A$D9bNbxA#Tq*;;A%41G}K;qND{Do#iyW3dIDs!mQr&1KJ)dTUudyT&+hQj(*aTM z(Qu~roP(<{?>Xvhty&b^BMg`NiGzg5(RPDsfc&E_%rvwtbz43kaf~|Z**n|OW>C+0 z2h}M1K}Hm+p#t@T1T+Iq(cKQGJ-Z-SBl+{yNdk~3+2e)l^+DhJL|n6{4m$wseJ{Hw zQc%GHzHzt(A1-&*2dHUzGu}u>I{h&_=!v*BOz!mHj#P}W=VF%O%4g}ft`2%_!T6mX zJw{CclW}>Y%GT{p)L-Jhfp%xx*cJDpiv7Pd#->353{08O)7QA(B~sLjAN3%lbYW=g zz3JVBmD8sU+A5KEi20tUly@aDhh6OXEO+myWsao`?M`1gzyOY|QJ|Thp;=;3N4KHS zv|%Ne#Gk@Wk^*$7OV(CvYW(!W=V0W3=GW_YwoY*!Dp=%xuKC{#DFYW;4H|f37i0bM z;OJU2{6caRz&V-<8mEFc_Ro0LYN!k1QBL}^_FmHm z9ROaI7K=k{!B6TMI*=l4n__ztDbXU-A^@Ha@764U!wW9_c%6&^0NXV@QSW3x{BrG5 zvtD6*yWA2oaqyDKN_w>TLK_|*S1&%)BugXO@V3j@_mpB@s}xM-*t=V$aH`)sNxq*i$K_VIr zZ1K%nok^a9bwbJKCU5B#%+(!JXm;8=Da2ZYG2aifX7b22IC%m^Z6?4N^sDWLYvw?c zds|xEm;MbFSl|>fAHBWR0Z2hLdVPsPhqB@F?gG7=(MQGtO&`Mz06-khZV)$s`JQbF z+z~g)5XDPi`RH_V>xu@fdvH?cGU=2cW*U3@o~i^>C?USXzV2Xm^6>@3mA67&2(Pkd zFKyE5|7MVn-tF1;NxIzo~$kpCE>Ws37lw)h2f8&yeLL{Jv zZU=HeYT8dH)mgo7Y;@vF}ui+5nJk$F7AfW_>tIpnWW@%Xe)%BuSg5$^^omAjju88DxFu}f zTZ`+~T>9cpf>N=5tw&jJs_1|=cgoQwZ+4b*E|F+!Kt*_cFsuRMC-{Bm^Qq&cuch!0 zOt!c31FKe1bUw^Ns_qeO3nV3m-=iUwZ^Km6Yw&ti{~6>1yv04|f+Iz^dw)PQ*D{gE zv+3+0t{7gOAdOnznUk%ExN_Gaho6~$c&zgZtveur3db^8nuugU=QU35m9D!L{ad*} zR1JMUHP&gkzTCx36PM;Ec272p+F5_bki9f#NTbawu88^WNS@njaqiCcp@LG3Uf%p? zCt#liN<)ULva1idzlcBZR_A*(1;1TmVRQnIMK}Q0#}sOp2A_5KDe@^|)st`-$oU>$ zU;`vuHAPJY(cjkoFMYtE6Yy;F@__8@dn6;HZFSLJ5?|r#4Z^Sjl|g$?KllP085^ps zpTB*)azmX1U|9I#pqOn7hAS+06oo0$Lh}z;IooYoJiN>0utu`B=e zIb1D&Pz|P+jUd+_qQoD*_ixev-|!f%FaGo>NI+T}0JiF&TLqM2-VDA9!_fbr3Q)jb zBq3a__T6O2=Pt6dF?_7NbHZ=U|9@+kFTuUddYJd_FMcT@*L9`_x21B zKxr_2^fPYw@9+Kt-@8=??5lfyyyU$0@3TaeSDOI0@;{jTs_f4tqB!8r_H6#MpJ3rR zF|b=oocYNg_c;9`7x+t{lK}*PfV5`>g#XHR@oG!p_r1!YwHNoo#eAT3F6)tV!K9ie z0P|ihWr}Zkx^ADx{Q|uO(L{k|J6?3R&S^P1rf|G-;j?UpT_Ak#sn(io!126pt;1aw zKJJtz#TCtv0l@F|TtIc}DACWa3z@>FRJ}dJ+@2bz^e-Gs0%QCMR08rFNlgyrD|g+-~4Be9=(vb5^b4l^JVP8hX+;T_@UY)a0hrpDIcZAcYgdw?lW z9?nrJtSHfidw*|1@_2S*=Y(J`T0fSB6&3L3p%e90aW-h5Qhx_iU{g_w24{Dxw) zr1+)}Z0*=F{+DUNpm!9N?3?u?2@^0uBsYi#28akB15@b;O4QQ54!0vh?;2uM7yr#@ z8&!jp2AYnr0_={{{h)Q;PgpGLB)*O8hI=2T;||3PojO8Ow1|udy;zZ0t6j{ggFPQU ze9+oeQ%czek}lErkVm>7_TsPLE9!xE#wn3Y70sEsYMFJo35PdSn#$z*-HJFH=I!!%6Pf1s{pCAy(S9R0eX)9Ds|=f# znU8-;%*W3VH{`1|>(ma;4-d?aZ=oE=`TpX;9 z7o5Cm)NP0bHX(j3Sp@dqsby+Wc?k;P!sfPB{PnqJ2b`#df$-+W&z!S_0}jI)z_z`m z)*ZbNRLEn|X@wPWecUo#dq=E%t3fz3vrd$qrdT&W2%xeEF}_cF081*2__nvwmD%F2 zQDiV`A5-7RORMmHR%0D$<0jgl&TWhaZb2O;HJ*&Y>%CJ&2<5Z!mb2Be-#}0P&HJyp z7&InS`(Dupj<}Up=KSVj_g4oHIq{&HEqD#!95*d}z@~}rF4c}62DY7~oj!f}FLzrv zZXlXFs5ebOHn)%8<^v=xb*~quf;eZ|;g5=9R*|Potq-(nWH;a%$D2@qjL%ceYi;D` zE=^jd#g5vJbw|+4y4GFIBxYNNlFi9aGCRC&em2?gy`dYOZwgR{0qqi>ydA@OZvIVE z3Omn5?}Q$$+g?)t#c!4_ayVhS;Om=-SSO4k|IP()Su%WAunF(nPpYvSP0DYriMu$< zP)rhoS@K;G2oKiA_zaSKNSTO#jp>h42sS$S?CoOP-61K=KqK1fZTEPLu&vWR-^Fj1 z?Qcl3>=7T^Zflk3v8(4O!-Ajw8w)&xze}hv>l$7bBjhZ&IJcWD@7zq_J*X~FF%VTP zMxWVs14eje!08iHHAuj9^JH&1W)SgV53vqY#v4u{wsQXQzW{z%K8eArv9Ae%-Fd>NNqfGdaz~%*sz-7VIKp?JI$}4$i)J-&*-Gwb~=b z?1urzvmqXL_URo~ZGGd-oEJW2>Ywf7SoO8AF$6I{nt~N`|FYOCFs7$H3ZUpde4e=x z{~uw09TxT0zW>8Yh=P=~q=KY`ARsv)2m;dGol;8I5F#M0lz?=1cY{iINe`}9 zGo!afO${_D48Z0X3#=*8x%^M(qS+NveWE=JYfXA%Re_9!)!?!llhok+@oo4$`k4lo z634rnMkRw^o`m!zQJ%hnT^y0;=CtfG>C{GsQVJ>6WH`+@zyH1Ps6iJ0iFEA!E1{zi zZ~Y+%R=%=PYw9EC1LYiORra~iTlPf%nIqHc<^Q!hSa0*fA)v`FrFzh3E%fU$1nSBI zWMrkqs`p=*otUSLggA09{Zv}IS+^gx>o%N;Pp_oE!t8BgQtkn4Y@AVq@Z;_;43n1n ziycdrF!&f@w=Qy(I3E{9kKsl0aOpSN^2LHZ%%y#^pIKMfGoAAwi=E zbWpvzzK2t+S+4T8H}A;BPzpOn5;dyme3Sng&8VmofJ0@XUWIJE{dTM@{ItB~9zo;{ z$C8t?@LcpoN5K7Zi8y99dKm0hjVep5Mn-B@tk>0>YG%}8+w6u!mCk2 zezbPCVLwxSA6l<_wB8^4hK#G{bB1Krt6m-|8%hDQOhPu5*L{_RzOL>n8%Cn&ultkv zWWDiKY0tebyS3DTQo3yQ{dbys1o*sy4nt(cSNlm4AVutSlg0Wm_cytwCDWSeA}E9; zCQ6Va16=oNcD=pZHCQxQTc&ip^A|?}nm|$v<;G09Ot%eCRsUF`b1}zX(|tT@G*4Sw z$7%%~Hj&NRtp)Y*DR zn*~B$vTBqnY-wds<;5MfnItWqoKDq8ILal}pA>0A0yg7`JkfQYeuZd{ z_0g=e>qNTS@gC>?NIC60dDiez@`*69nWk6h*7=f$hbP5DO;N_1rJ0SZLpkveR1(g? ze-c>m^tRazmi>^|mekT`ru|2V>FJIemE?Xk1ZGVE-eP7vt8^#aMPTghsdHFg*}W6y zMDQ5PzCjz{e_@xQVYg~dcc**auJ&xrY){4`1vJ1C51(5ty*+w;^hW4rQjfjWQj{aA+NQK6 zMR|e?`xHel6X?8uLD9B5UGpK;tzZO2tgL+^HzV?^k2ff1IbB6I;?;jaal3dbi>k z&u;ELcP^t>au@(6W90JYUbZ7Q)aoqm8u1aX`_bxr3jVB0pk5*mtJ6ZVrH9E?cwytk zOXF(wwpgp=y3^C?fRRNKHbDLvOgKTkC|YMtMs zRcU1`-;y6Io0?uP!D}=Bl&{=8F8x(VzUt*F00pWWFFCXQgvUt=m0J+ZZdC5Csi5bE z@S_aBy>H5Q5*I4EP-f*QAdh4d1F^BFgK`p2-z2;kc!(mH;(29(T{sbzOyH(%*cDe}DN9Q|1TgUCk5rJPd-t6v)0}3S{@M zdX)$9lrH-8+@UbK?h0kN4rX}SI<6>AxImnAx!)`|TiN=eSg%5jUN$-3Wja^U%dJ99 zqxEx%k1j9#VjzR#Ou@(jjhB0M6)5z_`(w&2$zOi%Kd(qMK$-R1gvQRjV8I`~ZEM%4 zC_8U+7{1q`&eb`Vr#w?17^i~qq1t9tS}F6jAx!ywbqCCm=8RosZcC7^EWlowHZA{( zNfEs^{*A%N6W3<6}I57Z(DHKq*ns8?+xAH7@xKk^1*hPB?W+q!A#h_}^ zzgP^UUU~agt1}2?)>AcCa_1qp)&vr!-mKQCl?;Z!78o*dtZ|!MW}D;m=WD=i6i3x` zsU73B+l{Vjei4)5XtrQ6{w>K|pv1nmaycYosx*_mpP z6^&d$;00r$;QSK852O9v6jO$?Nmyb z_jzoV-p%pVs9M&n_j-8zuTJ7C@!d?MWK|nlblx$q8f3Gz&9LH8uIY&q?VUUyU&$iq zIG`STeSAN3sJS);I$AK8_B2|_7C9?u)!39w<_C&h9q(n0ekgQTh3LYB4SPEzLyxCg zw&Xn?Cmi+{NG%c*y!2?NBqS4M`scx|A%5F-I1j?uW|XFwk6UlEt>%8`u@gkR>5G=A z!q)90(=ELoASDkr)@=^*&U_vGg<~&Jiu4Jkc=iUPh7$7b<-85?DNWr}%RPIp-hsge zCrIzq9fE~yzu|C-IxenI<|sDZbA-ow_57wCkL?2|$ab>F-tY&M+^awr7Z?FRW|S7A3!Q6@IK|M;rgT1|OnlTeOUS@<$i{p~R`c)!2pF~G+l(c`}d^OenzzA3x)MgoT5 z86F)P$EJ%}({M3S`a@q!jJ+W4o;{X&SC4{x*!^n6yGEOtvr{WB$HVrIAttA@7tYPn zV{R3(-1VwnNjb?@nBPY;UP4I5?s{zH4YTPs^oA!j9ILG*gfO-ifyVz(PkWF_&1HXz z_EFLvnl7Kq{>`dRxWtBit}ySA=uvj60vRMdao(&tx3UvY3$}%TUEs3u6aY%Rin``o zC;BWF^6>k)IITApbvH9Q2fvuumoYTJ<}*}cOX20)<;uk_#ogKD{n+{i7bn&7L2A2$|b+BhvD+*F>cG6yNut->keY55t$xOaQ%-B$ zRxyN6uf6cTSS8sUZ%DbeIw2R(x4k?{n#pstzVjCx-)N0J5&2Y;^I{5<#`ehWR#^o$ zppw4sne)wnKih zm(y}%HajT>vR%8ZkM`uAkjd3)k~8^ap)j07}t}HH``1VKV;(E2)Xrr02O1~TYx$KIy%{hjlgi_p*+Oe)pQei~D~Ojo^CumvlmD{L&%7i$aJ>MG z(y6E0jt}}j8tFe;Gw`huqoHgf75h1EoBkoJF0A9pR3%Q1a`E5gtGVfFX}~46OfPfZ z*uUiO82g}tu}6c+-OV4m{%0eBVF-17De_N z_=P)dr#4uMe9p#mB=uYc!CZiXMjr(V-xWw0u|fhYJgJ}%V|y-aAr@q9+~i~AZk8%% z-^W5b$sN+-*d}Jvds<-*=mEF5PatyzPP1Qsjcw26t(-KI*dmXZ#c;Hh{CDzf&k~sn zo@9|N0BQUTFx=O1wnB4SA6Xy{KUKOv3kAY)2aibDUN_Z{Z@u@rI*v9^hH8CtTVxKR z>kw#_MPH8r0Zi7F0i0BP?uB54@3C~yX*$#jb&oiiw>7BRHlp*0s8jVttF-}cDfhG8 z5^}}igme|k2297Jy(HzDgwcAZQ)x9dxKvfL4E{%-!~t3lGV__&7a^Nf4I!h$WHBDKERg#0H~ss5*jir zV6YB=zOnS9wZ5^*;LCFFVa#I{Q6m7?)c{yDw^^;RJ@QnK!r9_`Bkf8-zME zr)8aGR<7%R%tDMbT94JwXY@^+?NEAn?4};WF9XA%#uI!HS(r(PnoXut@0!xs7OfKd zIFid?NC9}g13FPt2W$jfw!lfMG9PQ#5(5-!eszybxTXBh`PRC{8SAqePGNo_f}yR`HEbVh;F+0|Hd z)(w@f$7U2Z9}A4i6R4NXIql(ANZWmV*U5D|pG3^>1xiH$ooj36Gm{2{ROtV)5T`Rm zT7YLQl4g%|MDuh9+oR{nV~FZ}BaWshTQka+pW$RoAF+r=eyE6qZ87q>AAi+D`~i}- zyTfTm%2l9U<>#^;7|EQ1ZqXqK%5qZK*+u_}&qn}m=qsYxb(*<_bO`gE9 zV@Xe~Xa@bMN+K`^!~k2xHbZQqqzk!`ESKg;g4tmNi}&k(Ejzb2iuvHt1HCvrW+Rv? zPh{X2j~q?pvH4WUAAgK+?T+Iu*{MKTns(YCwA8E`QFlA~_;Zqgn}{VkuG&Ux>b4J9 zk!V>(IyPYgyrx>wHqXU|3Le#xu<7h5&g(GzwFdhKGfET*R2Q_@`rw7hZX)_!9j`Z^bQ-rL6Z<0ZrqZKRO_*M{#@rV97omMda~pcKSh5H z(FM#XSq|!h2ET5@uey}wg)L$GcfrbpX>lF?x7d^PVZdmZLif&VERG3;RbnT)cj(1 zwn~QIWs?eo{aMkK7AFZ@Rz5XEpU#VO=U<w7Bx6)?H1?Xk zrk(eIj~kZn%?IfSiGcqUbNoY*H$Y=JMyDjkH}iV(b1X^vQVPC+Q~-miTFVN#h65Gy zS{wPJHQ6k!80OQ;`oEq@Z{dFu4+d2EcLAFt|0vcip)&5A)$1g{5Dv zj=iA(Bo(ta;v`O`Ka~|#_YZVe3VH!d!$IcE#vJ3lw$97y0Uj| z&jW*iI)+TM1&d#`d7bzP80G!etiH$V9x4{B0LYukWKuRg*{YgAox|1k4a+z#WU<O{b=P)ou$)n2vnzc;aK~ZckPde4axp!XMTz_!@x2Lv_N>oM%7!$mrqgI;_htVJXMbQ>YkJl z9?yPfiz#Q4StZ<2AHV3izS&Kx(lzC~r|IlyTb9ZA9RVAQsqlNhLvm$(R}xz*0Rzfy zXNHc{pp+j_oW&H@5&0QGo{?B(4~(foF3oa(je~EMU0b84RbBAjl|{GjPv#bL8Sw&o z3#WTu5{_V%{Jy&QF0a0;%0*g-gug(zdeNim(QJ5x7o6vY*VB^knFle03C%O@$rFyh zB1I2>8UHx3O}Z({22*&oIW^^B;EY$%sYxaFIt!Y+9i|5|XXO}PKN z^#yXJ@#(&uh$gTon)Kx^nsHf9)ff5e;l^lk?e|Fx6}V7OozCGplU1>KR9jD2*tN*? zPaArPtu2oHsaK{=W!qt=Uk`1CL7zKI!EU-=?6aBT=+V+)oujqCGkPlgPzSmbE;YR{!b>m8V-V4@D5n6Tzzq?<)COiR5frZfD{PP8$r`t2-HPEfm4;vRvbS^z z$R>i0%I@YU-0zr$+{JFP4P#dC^{8q*Upg8AcES`?IgVGBFWCNpdTC%Qj>%Yh@-p_TvR{R3lD11`m6%? zy+FQ5MQ}{P^oeA2P%b?GdgaqHU5RRnd*1Mmu~E~rEExt+21j`)&$4)&?ZtrV7sM=@ z4W#j#ai7>_zaiUAA*q@tyOA2*9;@5rG)Jd^q8>P04bi8vlr?Wu$n0kOf}D5W4W61` z<{ToZy4gSj!yozn_mJUfoK01k_Mpf#m#c!eTce58oZ5-WLDk#Iljje&)?bt#t%9YO zKel@@g1z`ZVAP;jw`<_9@|o!IzBiO~s&n;sA2&bi*M?xPLjm$HEJv2Bxd7TyQX z>}^5raRu?VC%F~(g#DHG*O31oI zZ)^VhO%UA?$p3+`EN#$}b%1=~t4P97+5IgS!g^W-D zqzZ%bQ@T!uO}ktKW9?0Kc7;xryKHS(Z!9Y<Rw#>3ZD|w8bX2&BX{Hc#?HUMS#8PbC?gf!?6(!zLB`C+l8noN2 z05dU>0wF=iLo=XRDmxleHYXc_q)N&r@;fCIYE(_@tyeb!U{SdnKnd(fslH=00P9LUC*>P_vo)y;5%TH&-6aDp25_oOXza_}3UHZi;In&RAc42yI@ zEUTkl3j)>TD7NU-op-m4H~8`A$Z3KfY32M~XedDRMv)p%n+>~S5|tpecSyc*Kb`53 zZ_g`eMewUoBWn)`iV(ZlR2R*}kGBW+|4b#Dc}Cr=AiyLDaaZ>zcP-MWGWx{rr)}lt zJz^4JX{E|BIXh)o0bIzAZLW}Bw-;qZ3v08IZ?b{>XXw{N`?hn$wAb`9R5QJ}Urz{( zhUmnK@aNm_5I&oU2P}4ccenL_&_%o;k@UOvSZMT-Hqt^T(X$Tn4S*OH7~uTHh(JwF^Mk-2gsFntJwS zAdxp>yzIObdMS-Qkkn%TtleF;({!=@<4WMZcO;0(dZjT?Xs;{`l6}*gJ@uO0=SqC! zPF6J1{Lohb+Z&i@HogN%m-iL~j>etsvZWt%72HCbdvgtipAQBSc1W)r9h!}-b5#8Q zUp7pfW+5BN;K$r00SG<9pxrCVGF|WcO5fd7x6*dnKVogc_aOEPW7gb_OKLRD=(QIk z2kVHBCA(e!M%wtP0;14Bh^rFoKkMax|7%Hw<`Dqtm`DZw{oy4M@WU@e%t-#>5B}d* z_;<;OcYQk={hx_0|8ylct`%zVqZcBN{(XJ5z2FOTs|2lk z|1VXX;Bs3{b!zc^uh) z|M-7@=l|7@d}{$+$hucJMey%fy9E5F2x&!}|NH9x`)~aFS3IZ$-+1rx_`UrcwAx2mHrUaxQ;8 z%1tT5U-kB8uDXhx62LuY4leSgCd3za_fg0Sl2!~xpHcS3V5ZE(9Qhm`J(N{5RB#*Z zrO)@F0>Z`RsaKwaig=MYe#gwI8z1Zj{2k)wcA8ww_nW%=`=_pH<_Inq=bkAp zETiSh3@qG1ba2f2fqsMUXrUrxjHFg8 z)LH04fl zvVGspS8mg{qJ0$^d2rVfy#|bd+jle-Z9hRT#wR&|bGLV06$T}E$ZK_Llgq>h0FE!? zisxA2X|!zbx$O{C{;OS&;5zl5_)AN~9rY*VvjJsS2IIk5k)mCA+z!NrdQB6?r2xtn z$qFXIh9WN3scStiFs zpgMGddX@vYuqUtsi>B(a@$?<*dI6tUhdXoS4QQj9AIzE zv9!N)O+qVLnYNT3DWPFt`X-)zjR# zJbU=a9FMg* zUR+*)4;RAFJ$xb3nzH)wh{8@S59J0~iQWL}!|y5udMa-B!Yu!K1S_qfq$HZ-S_#FI zR^KmSBJaa7;8V$T!PkeMVK)YpYH+W%E~1vR^*St8=_a z{<9Wt5xmYrd#Tk{B;xDIvA(Qn+iNyitUFYL6zMp+a{}{~z$O>@8A_(R2ST?4-LW4w z?2U&!94~meE=QR)I@jQ`$|sxf{P6nVTU{yeKa4k=Rt=yn0!2O5^MYhH8$hi@7DJ3} z_5RxOP)|H+Ug~mld45e;ebEw|ZR8dDp=*zxwf z%?Julu|C%Ki{FbKL&KThdCZPqGb(30ibVey8u{M1F{RWDN{@DV$o}U^IpQFbRuAMC zE8pIv>-?wA#ZeA^qv4)yJCZIUdE1b$M^uI7@4Vy~$y|2Dau46d>FduN85FH|KOs4K z!*=-1mgepTv&lR7nGR;Xpin2Vj{NR1>`Oj!KRh(*@&~~ z{x9sm5WF5ZNNt&pq6_?akJFd%4b9Lt<;|y*fh#?Xs;O7Gw#>FH)s$=+`+;b-PyGBp zACmz}w>*t1V{O`!W{6r5i1l+=`__gnyVohsprPN&ag%WuY@19tE38|g1eNmK8e^J7 z+YZgOQ~*JNBHNbZR%1MwX&xC|qOVc?dgIu|GF)I$Qox#UH(%Y0JYT(pexKL&`aZpE zJbei&Jc4lc_2<$d;|S5Pgz;3RkC-FOl-Wqp8mdxcYl#wJ4yG+>txW@t{nB?SGF${! zrr*qlVn>?JRQbpQ-3nqG9ZP;qn)m3 zcub*fFH|+-Efb7r5#Vf|7<788E;?OlsoB;~xuCLRTZ8ZrBcv66+Dj|Uk->+47%?&3 za(PK!@08>OZ$LTxsDF2(PygbHXgFQ>UAlGGA^lycFKtWyUq$ZX-92`fOkKwHeSA0n zDO!1>pN&xO{pA1k8H_X5HmOzxs88oE5DS@Ce`SO}l#mSnut)9a3#{b?vrM&VmTN)D z_q5}hFPxp!uPY70ak$K&_rW;$ozQ5LJ+J6j?zd`;N|~jhw(A4Bhi_2*fMxIHGJQX` z6yTHZnG8g0GW(`+YA8`;E>zph;Br`Waj1WJ{wx58MZF{-o{OL`?IL}l+GSsF1An+P zMuLWDw#$9CYxwi;arHBX@qR3E_Qu~7(cX)0FPwL3f4y84sC~a0EF*l9u2E+6Tf}b| zvgs*feUZn!od@lWVZq`>oTK7gyW?RJKc%Vh>R5*bor8-kGTog#cIBYlw_=A0UKYQJ z5XM{|ND17Xap`*A4;^EbPU^|{xjDG4^hBn0bWjkx?uXhB2Jfr>3AI$`kTEDW~mwDbPdGs#Vq6=x(L1m=D*=^uuetH^ns*1eD9wWIpgvVY4O(ZafA+`*jWG~{Iq`z~@9DHI*?*M8<1MTM(kW~k^ zs%<+et}tV?C(I}1bm#MKXOui))C@b4erp4;%nv?_VNfDs@hx7|zomW|6VY&eIg-3x zjq7_Yq%=HZgPT-o7afqpbySIL{{8(KU$QCzwG>FCz3aSpiQf!&W=S3IcoR=0JH|jW z^{rCfd7B~IFsJE>=I_F*E2WP5h6&ZKrOW*~#P*@1I$PUmquxo%nNjg+DJs^fuD@t)AGe(ntS(bdOOc@l^#T*H? z`P^^A^sM8>{`J21?`7L%ok&VIMw}#v+^&o$^V396G*8WakRyvGNGA+!?U>WaV?SV^ zju}gQpW4gvYoem>NzxahS;zUDuXX~<+@8p}CJ#wZ&+?g2>G?P&c<8q)=QBj*{qN!b zmMgaihUi)`ZK-_Rl~71BMcCs8Bt&vkv~ zHErVhVy?q}Z>Sj40>Y+b!{CFrUK+Qm6Gk|>hD!;^KjHIhViG>>PH*L zbDG|VE-ft?iduhb>-Suif*vOdc{qO+@SqobZ#VOZ`xNH&LE>65Me>$-gRNDEz>t ze>nmoS92IT!Nee!Y^0fzBbR(jUiczYg;3(vT?Y+;ld(vR2XncCyNKpe*5nt$oQk?) zSsU|SSLB4a{VfiC#Ld*n4+=MaF;(~PnNRa*$3cFquI%J_-F+pTe7Kz{G-*TqW$7$; zlxnM|M7i_px|i18Jjt0CS|<_nCN9-^+9Ld;_J>S-ZTuw+g0(Xe>7p6E%`y3;Q)1J1 zhga?P&N#XspB5v}^0daib(7DGv65Mm5ad!ednC2n$PDkf%fiuQP%%ei2+pY5k6KcH z`>kSn=olv5pxXeFG?!5EO_GH?aN=AjO2R0J?!i2-l6tY(9bMDC=MKxaQ?^1c4JotD zg}d~@qj&)fat<>X8{n$JGC2_HuEUpZxqB3N@U>!|HC0Era{q)GmG$hcft%(>L*6UAO{;!ZhI_VZNmlhW3bd zbc;(pEV0v_u4S9~0ldYgM7Q>YCj%v!j&6mAKW*D2TjNe}E`#tKs$9F3KnV>|yyNu= zqG+;%XOH5`R$`z%$cZZZ3DZ_?K4&aY?Z}QBDc^D+`XR8bni{Imgv#72PYO}1=eC|5 zD=NbfqiHt$t0(xY1Mopb$$Qy`U8mCk#pcW$q$w)9N$6)b|60SyeRPz)z~eD-pU*H< zpY80LX_K2DUQKB{r{&A`>fD?k)wxA8bxY~D+rULO zH1Bs_xc>IVNOO!g_a`bNSrNbM4(4nxtl`i^mNzu);C#%J_Q|C?nlew!B9*%-SX!uh zFyCtB_EmUYIg@hO2ZgdIVA@s&8JosO5C;V@F_)yCRLAKv5swR%>54yu5glc4@S@!_+EStY`@$NC4de)Kmwk(e<5BoTpvh!KZ0L#pG~i^ zHunnFF=Ti~q~J9A1D#d}PYgX*IY++t(0%C>!^-}!m5hoE8NgKaG-2-w@MGcfT zPo&cod#>g-WiXCK*?~(LoMU3}_iwa-+F#z+=kGKj{Vj$J*Sh!kYk!Xk`#+|Zzi|5d z7()ncRR`7|ZmT?7+k|_ib#O6Vk6hg)5*d0Lho}InA zD0e`(WCah&YPkK(cw0ktC=`Ur461kO8n+{o*27hnRc^%cpEJ!DJ00t?>DTUl+J^HL zaznjFc)N04Zi}Hu9HU95;UvfhWR68uEEdiPzgV<zMDX3o$;l5|mEuq@j`{iPSSEE=r7UO1ya!lWN9#sFpT zbUX}({=HE#?HbeOpi9MMWms$7WgzO!3q3=E;pwll;EmhAT-q*Dh>NDB3r?(rce|EN zgy~dP6g3Z=en0qa+Vmk>pTlL3aMtq^#5M0@vB{s!8D}D`Vn6By9xRh)gQ0$Y5k&sf z-m}sA* zIJ>k=+{IqmGE=Y0-0!$Kdplpf;ErTCRSYI2h&YMtp*$gP+zwVgdznNdSc<$AO3f=F zS4u%baIjyqZ4nfH2klO$2e0$tTcQCH-Ytr#B~6X+9Y1;1T(w=Byx*p3YxemI0otiJ z)coH|X+*KmlM5ehtQ8ptIx7^IVdpKVG}yw$+s4r!=M$`aA|?((uPa!WCW86QH$Apy zs$Jx%rd}^updG$$ru&R0?Te!|DhYL3F{vX4a>E45hTQj+ZBrJ*ukq*oEn z(hXz|NR2zUTS;>ZiY~-yMw?J!{cN?zz=y3C!QdmybfRDLaN`u#ci{2gN1PQ^BU9~W zHE#2vifKi?8jh|{(@Es{yU!!<`Lw>03qKZJ#2QtO2%?%x zeZT76yQ?nXvWp`(Egw2)>n%LA`msFMfnx0)kuWcHJ)(b646gUr(Khsz-fHdXZys+V z>%!02wr!sRr-f@1?cQBpjdZ)DULEltY#$DHGh8}N-;{?#?-};4Q%9lcZ_dlM7DQ1G zl$d`R!Cbo*{I9?$LwkT>=5yz!=WE6;TEoMZREC9K_drT?Ui~Fpch^UZ2C2O=yAAON zPdeRWHSZ|dchoh|N`?y5m~

3jL&*n7k@!xlj|poIA_gb1gCpvl_}X4irCn#kc|D zlxcM99r0*|FGKVz#kHMrfWUQ&;Lm<)xRExnimSp=92b|OjB zRhd6n>g-`U|*c-qp7&e^rQJqXm6gb#OCKsR3aSQ0%` z@g>=IAa!*Em4K=}uro+Al0LD<7a{oUt6-lY=YGBP1CO9$=n1cGE|&O~bKZHQ_T<2C za6yloitBN8YnB}2=`Q4!^X{~)R0o(Ot;SYi886fD47g*-*&Q02teE$D3kQ}h)7LK5 z)c;ncDtMvF`;DX8;re)Vu$W(#fJqIL)_G~<-~+*&W`#+NsKkBhr!{#xO=hg({a>HV z8Ik-H87SqDdBU#Mr9_102q*9cA4}5Vt0zU^{)^tCFky=4;%oP2@CEgdlLh5rTr7|U zu7n|OZH^A}W{Ua~(MiaGIN9!XGkq|t%+SM>m@ly7yr@*rX&UuTcMO#sVQ|i9tTD4+ zCWI5t=QiyOSCH($O;bEmUM%iMKO4t(+11WHIEV#;jDy`SYAivwK~9s?p~rESP$g}P zoUU2QhdRrYqurHYz#k4nkdnR@DWj;%*Xs3TN=0}_cb>5ZK5o+}?ILe?Xk zuI$V%nof|zE$k;#+8%pv;m6qv*)zf$hhwbls)jjIqh|IXLs9*6BzUiOVO>$Y$#Olt zwii5B8q`|V7HmI{%@>>2in3mh(JOm@agF*x$gs;GVO;|$(biM42=lH?5)60Qn{PrT z;}k@(2x|eznNC@%>gQf{HkpvidW7!h%n>ZRld10gSLO(5l7_u~-AV7%PJ#ME8tTh1 zfq2+&wdVSpox`f1v->IOv`6Yn>hNr1o@l;M=~ejZFm_SZXd~@~;-K@2C{k_OJ9aqd+{=3V1gg1g|yC*KF2924A|J~M;kZaKcD*Ul7{ zehMcATA!5WEJX~snOf`-I$bd=ygCieL?AXR{SMYIZYJy05!h~vofvgJJLeu0}YN`>Q-s}*{=W(?d)qItJ45>H;9#Kq%?hY{o4wm-|RFGQq4;+Hise ze>V8Na_sEYQqG?4mvo`bv*Fndw^EbM_a8Wp-*|a%R;$;aL`_RJ?6P7O9$j&oaNOe6 zK@x~LX(0(ZSEimYd9yoTd6<3rYmeA^O;`>ljmdN4f~TP442G5Q&hIf+{Yt1TrofgY zMs$i+m6b^6>Fxs?u9A*XDYq$BeHAs)g1IsEBHaRdN4(_+f;lev%)*r~9#_jH zqt-bDYBL*aoT!_cETzmL8s*#+XZg){AjZ%crwugRkROL2)Tigdf4oQX)yDet$y*<_ zBPaNF*8^s#(^f^)jTRAuqdW)mC=J7KTJ1cQu4(ZXbm~#(h0YzM%3Y-YyKVA%-b!;~rZV{kjc% zav21tS-F1WZY7>=e(*NDK5*|!#icRe@J;dy9N_K60jb-8wsW+ZLB_O_FTvPhG3fkP zLq}6Ylar}A^1pUWsSJ%ObL}GvkR`+#i!W#gx)y92X4Xvk6siIJ+FP=)w~s#Hl3hP) zJYEX9!+TSC%Hhq|zC*nkZ85mP>|mmvO`bh?F+iVi7!<~$mAoH=NNk?e>2eyzO^op|9iox1CS@^-WW~a}kj{b<{cRn-PflzZFdRgt-W)rw0++76A)^*6| z?efn-8bLvdo@geUI@PR4Mv1&C`W$;w%GsI$>FAGHdR0pr4F5gQZS$mb%=&vmU^djU3 zrS>oC0r$!7J0%cbXUkpPohX7Cyf&Kp;%a!nN|1X~%_U7>G_1-TUb9vAerM%k#cfMN z27bVfuy{GyC|lANwH9XU_3IRV24I{xFgtlSVg<|Do@lGw-+*>mi@dtQHoEyIAd4ir;NBGYCZqUlKSPRh@|VS>h=0vR3h0_Xhi*P zn(_q`_548J=+RX>IpoAmsWNa3@g|v*h{t+1lYV~-qTST8)6DL8bNtAl%)q@qBSn(x z5LYFL?N~)6gx=2SS)beQ2_ys3dAq{aqgWdvMa8e|VK_f9e?4n^C2}yen5W(RLXYMn zWtF@{xsqli3R(U3VP@@4Y+SK-`RPQOGReklSyLr_=sOBR;`zXcP(n-_2W)B;J{!pH z>AF)-$f4EQtb)dOyYYN<3L)qF(=HoNKXBWOkj}rI7S}r?=fDFI39Lt<#^uPX7FI39 zOm%}D`atm;rnwZb+2Ktz)JYdCl*#oiX9ncBTRrS&*N|~SIH1pcSfcunb!aO>lhLiGAAdu=l%)MCHUU(wn(C4eQf7kK4O@_x* znt0Z>CSp6(F)M;T7_2p)6v}oIRytJRP<25jU++x^oATX zf^T$za}`>hsA=D&T3om=qH&2}fDlNrb*R?scj6 zV-|w1cvS>@gjB;3HHS~0G{zKsRBer~cotOjf!?tnv#=V4A%kJ=Qjp!9XN5?Opas4s zK+5A8EqWLfw5L#~^yGtIMX_JvUz=j~mkssHj}dc!Z;B6f7T0i(F&kX37}z)JBcY>4 z`R`j^?~s=EI>Q3~g%1jphBLD+5hFGwf9;2Yo{-6TsJ<(U z=IY!kLfW0~7YT2J&2}>S6qhw9)pQTstnuTT6r4KxZuAdYS450CSwd!JWr2|?j;6j|Y%k?tle4x{m)9_F!9fO<*=cBy_Jzdb?$_ARMmNieg4>NV z8Rcf=8{iirv6EkiX}@E>1n+efI7Za3%U4+pPQO{mRD**#A%v9$Mx?F2ROWVs zYy%>*?!k~rOY!?47C#S?=c1&4Pv41?-4E}56}0rLeEd;6Bb=0I6LZN@WGG!z*<$vE z=mfZPtt~uBKz9+vX;H2Xdo)9?G~eJgYBsof}9Cv`vCub6$%cDdce~9<_bv_77}Uyfgu30f2kMteue1rp1#K}NCe#O-Y>e^ zRD;fzLlEq|T0*uc@r>n<`W;o97)#&`EHWov+&w@j0!uI>mDl zm74EqfzieJW3RMP0D_Knc|!eK?+1@)T~^j@M}?cN1khb5^s=NZ%THJgTt7Gw^-|!< zW7>{=%T8DW1+>V}JPn?a`;43}5SgD~1E8Ruy+@9upz z{k|h%GG>yKzZd?ZGpyDo#;suUWrWb33Nt9(M-`a9+%(IQK@N1Qx@M2D{>rQFXrJ8$ z=+sh5br=rt7WSehmN`TspPC)qyTZHPMLor7#$oPKYID@Be{1!(eSKh?m5lLm#*FZJ zPt?kL7y6Hsp5ereLx&`kCce6JP`NmUAEv?$EbJAKdYAPU5J;tvqsIEe>5>o#__#dQ zzwQEbon#EZ$8DwhphEVB&)M6FVwq@K{Uv!qG6A%2B7X)#BFYJViGP(~5}to#vBu|nzWYCNl06?d z@6Tg5UE$EMdz$^1M%H@QztWG~mf&nu-oxN3obrwjSGK(G<5wZlyehLI=r{!(iGJh( zk6y7jk;`EQ>hs-9Y*ojq=lTfzNlU?{kP7=r^_=0KGiVn<^up)Ky*p^HLWq6e8B56Y z+JP{P50}{UF$h%nV3eP>$AOce-1h>t+36}9Y%n|f96RDJejET4Oc{JdL|znw^hfS* z-%|vg>O&ed+loFZys)Mx#ND(v#|}&O5NJ6zawFw*O^qff^3$z#?Y6;l^4(BZ%&DJM z#%$lkFk0)6i84yDnMNaEc=GhcSK7ns)>V_2ijvUi9MfL2PlO#^OZdWe!}(RE>2U_{ z20sasO48t7j!E+i555Vk)HlO2k1ci5*yO+S|i8 zjy?l!3={D()Vv+TI@1hmtLk3|&&Ji$I#Q9pPLV}LOHABv&$U3La^uh4V5_lQwvzrE z#aiYBpEj6+3r85aBtymkzXIZ~QOJNKP~^B*=mvei4RO=0tdoPO3t~PHhn$VjphoJ` z(BaRG&mF7WO!UiPe;q2EhKWeW=|F{rj41so&)v$KT8mgQ)jNWJH;v%JMvZGT%#D8N z{aN#nVLT!9?L_XKB!1^euN1|M&b!;0_uzd~Tp6hg#^_mhx2}4nJhGG_UWrT zkwlcSl>djlE(#fv};tM`FCIRlMr8QFVY47643ffMo+&3p?wCLerNSY@tLOz*6Os|9Z`{K zRtxX#r?BtY6ZRwKFVL+`&m99e5h-bZ#AbpGm-&snaI3Wv_b$_6kM_Z7Snj0&TJjPVFM z?BuCyBbn@@b_Q zkA8EoOCu97aN~B_dBD#SMgO6=*_1IsU+k`E(jGtCj0F2z{A2b2ZF#|Lb-XjfeuHf7 zrC(DFA3oYD{Aztxt_g(nJmhy^sWSG1sl0bt8wJyhr4MTJ4su3V2oMlRx zVFVpxdQiow@pk=c1AWN)*|7Rtr2M`tgg37o4{OPnWtkDji1s*sf;;bh zWu?E-6epSoE9l_*Ib+_Vfhy>N?FwVjSIED_WvvuDwLyXwQoUUjdGe6nJ#6T%(|hd1 zcFT&SRH5Jf9K}n26MdJHy(Z#YgtQ>NdzY1VJ9_#eFz_?K{e;$0;pJuH6EEJ%>&)7V zLM@^!mdWki^`jdFVE>UfnY1|~$4;sOw-S2)y&e&T(sY##5lP);QfIEkWlHB@ba)85 zitdp+Fxz^n%ePBXs86g~sL@6c$s&i5rKI}`7TH3buz1^-qG!~2+QvBm^GdY148+|y zx}7TDUSRkcCA+Dv;1bA$lJj8!*Hqs|@lTa2CQo{C>n<9S>L8v49>gCQE;6-}?L1gN zeqON|!glMMHoZoh_E|?ca%?lvUFRaq0w&?0+1lUD-eGX+_Gy2!RE>ArC=BHDbTg@6G$FIP;^taxguBtb4F%*vJeC@j|OV3G3CoNb-Y z%H~r>0NW!{GTFoZ6eiUZGUgMCYTAy?@~W zD0E)os#c^zEcXC^fB{!n`I%;wH9=QksML{JU&Hkth&`aSrVRirG0{W^lD>R??6q0s z>*I}Fe<@XE3sQbtUube9>BPIaZ&}25OJ*uD=e^?)b6?YjCVQ4|^PwSCc*)nhI*GAy zquO8YPFn43@e~tm@{gS~Vf(Lo)t*0Qxod5RZIio3gxgQXpqBHPHrV)4y?Sw*eqX>< zx?(f~sRaSM>+|%^98%1yO4#=#gs547{Pnoa@5T%+dP!&p+?ECjeFgynbZKbD^u?eIGuN5|^V1zh^eC1IBdhW3-^J!d{V;fb{4nqiO3Z0wmgVd_`SG;z z;05_p4MD>-D-aFr&A}b4919V_!RD&o7JIq+?dvT>XK@*h50OZ`1?aGc8T+YL;ys%O zFCXESQd%`2RU5Q?>OkUGP9LlMfTx_b#|s!%UY6Wkq)K$0mSfyC=fxpJ-EJ z72KdID`{ShW}{bMaV1_0{Y(W@V8Vv>c(Chk1#^y8Mfq4LL)|9sv1PkRrd!{#l*t%R zWFyweoBgH`u$E2{U|gCAv>?j@F7k(}c|R<@BZf2*5`= z|M@->p{FUYZjXt6Kju_3hG*O-pAbUN6W%haHgqoQMa75@?-v(%$WU>R0bbHCM4Mr( z64|+S@fn2omLo*%wAH#Bg`M$cbt_$<-=uJ>JQ;AS2+eOK>8(rSxO8i6<3(J5*awH^ z*vZt6Mj&5J@`y^2^PRsHf{HbCI3v@4HegvGV)c)U^Rr-IdhA{ivG3!Fhobxot0TVc zpV}M<4igvRQfW>$xiE@7S_=DnzU^_{&NnLcN*(dIG0nZyfB`h5Y=i>V-L)!6PbJcV z5BB#D<|?a&j!JL%d77++fo^R1`3b8*F7Qq6rQz`p`z{+3M83jIZ-n(DQKbjOi@<>79u(oKgt<4R- z@M=>&2|cLNcSr;c14O)#q{BLVoM#nln#>fM$AgNH9YAWq_0}S zl=xYtBeZ5Qc2_(4r0X(D`ql%1(?p!i-~|%9}ySW^U84}iijp_Qz#;w^MUPz9BDssEn-^j z5aP=iI;^lj^B>qBi?cOQ6^SDAxY4^16>+?VMg-FVXEY_JJ?$>N z7vM-dR;0{Q&1bOPo>DLqazvgfP-T~-HY)zr1l&Q5Be0*kT%rYw^xm%D=I_QJP5109D^B{LvG)jmLDVdFpBWSF4A;`dwqFfm7pNw;wJ19!gQ; ztCw`tF;CS|_I9b&UwSY9;ShWd0#~Faa(Wf}*KO>8d;99b3G@ByXW&z$zl7K4`5_i~ zkDAiuWXlSq$Bk9lsO2m*#DjW^vJ@rCeTDdJv6UjQTpuf6+u9<|(*wL=i_ile!avXL z?Y-AX6;T=%OdP*~JDdqbbtrRbXRJ-zA9&->!4urz|NM`qEPUSFJ3M@sH-D9S_inHK z*tc8i>HmDepYQWOU*WIo;?&;0w_~S2^`8qVvcjoaN!PvY z_z!}P&w)VUCpJ^-gkb_?B5!kbuD1ypr(f_poR{ zti^qe#N{VH{v#t*Dc}T$oE+;GOmMXZv5IGae@N-Re^0&MHDiG^uZFm4rqi-fc_&Blx}`;>&0z`dzIu z6C<=pD?XQZ_)A^Ucvuh42riCDU$3`iFG@zZOGR8eXhCi}_U*(6xJ#t+i*a76&wCi4e(PK;kZ1;Z&H=onpwK~H5>dd5SbIDR0 zcSoq;K`4q`g+;FvJw)pv?5N>WSmE*}ZNH-UGga7sQ@GTHFT9S{E3oVdigV&MT79-O z)*i7pxjy*BZbQN|2=(gn#QP0k%nSu=CTv)DNEq7ij_!X^1`h_!Vah^GzJW#JU zh~Df6jN0WfI=~Rwu8$)-r+=t-DTI%m9RHsg;5A1*R{+7Sy;ou=L-`Cv`PzZncm^hb z(itK4Zf#&W2#2WRKIr|-#bVs$b%&tDV?=Q4SbpI*;RiCHEbYNYyV&=m1)|z8gNntc z+Kjix&kXa%xO)v#xT~|mFG6-biaxA=UxfbsO0ikK(`wN-xQEyGx5CKf=LzKPZs0ZKfY@=Ty zghB;nhcLm8@Y&GW9%#tpx5i#$w?K{l>=~7)m7A7`6+=v9c#`9YrpkqAiF|fZ@eNh3 z`~x4cNA}Mgd#0YhxU+;1;^7slCl-}*xM5fq*s2#7|0^GegKcK7gEr{(wdi6G+)zQ9 zhq76d&q#y((*nTG9_U^d0=#)-IcRl~xRabLngxITcg0oq-^&or7T6(V=~E9_Ywxf^ zV2|>2O9;Wyk0BWt_QE@h+ahZlHZOKpsk_LCOrdI{YIrcQlp)2Hb-K-4O7oMR~lcxg*l zts%+Kbo#+1J4F~N+nJc-dJEB8#TB?=N_{_;MJi&QpDwot)vdcl@+kEmN-pBy^jk~BfmF%m;EZ>FN!yb zD}Wc3P9qn;VVtX|XjS8WRXt^3xwIyEwvlUjhoI6QlMHdmBIB01-WPAm}Wqdo7GNpHot1y`>=Y{tGLun4IGWa2SJEP|ijFR8B~tG{#8zyQ8RY=h50Xt5-{w zmnURabE7^n?)}9;@&zsFjgFjLx-}@bz}*}m|0&SW@0fLGH&e;*w|fL3 znIY>106jc;N1TE)8HYh!p2MKfCvT<9T}HK34xz(TM!9;|b4rIDZPES%E)6y7PcT&i zJk)=6Iwed&rlK9Ck`basHltyC+Z9?Fjb`6v!m61O_+W`EqX`}k{BGIF*pFR@=p(DC z%U?I!w{6g=6);WVXbHd3d5#B*qamODc;NwT&T}aPr=~hAPmCSlC^p4XmfB|9W%cbM z@w22}t2HowrB>LWrLi-SJW*r{`2Qg z_xW;BAc36D-4k}EIHP5WCvD5)w(~3y?b$6zp-Os}QU+YgWj&|Ay+0>ay>u=Z{|+GD*{H<6BwS_mCR(sn&X z|L&xvidP#2D_V`i4ThfE6=tQDm3>8umsUL?z2g0EFOS?y7$J}gAw`tyKWA=4GPs&6 zO#G=H7)EH~4K4-Npat3voA!_A9~{+P&py4e%3S=wcTg!k8|jkOzDOSiV{$~v+9Wv= z;dzrF(DNKEm^M8S)R~N*J+yN*cMxdL47Pgx*9?uj-Pln-4l}=cJa=O6IOiP; zd_avz1*5NxdPDr*cB;0&PxMF+Kk?AIrmEOV&yQ#gCa15jr^j5fP=lHef1(b5*hE!i zdE>q|A|NV(-{wA9@t!d+d-(JGFkEpB%A0@qklfZsbhc|_Epz4v>HG4q>`dY5cf;VE zK@V^67#xp0nY9FC_w9DZ$U(cr;(l{~DtGmty=nyY-kd?vmU(CM%8?h39y=nv`($!T2qfsB3ve)1TsoE*qzP*2Y{T3+D;sU@P`cOQlk|zm1I-_sj1K>4$^FKZ#@Ac4$--u4wVgU@ z?rIG#L`jYX8g&oIU!4~5e4KZ0@0%|=zBFgyqCJpF*+WgKaZ!!V9yv!CE+9nUm&hYG8>=M2l+Ja{PcJ7W{QW@TEjqnxuuJ zDuL@skUeTXOHRN~1v|AufsVq9ruP?#E+un>bmzmcksPI7O5LL=jc`^=K^`8-NzKLb zR%4zaQ*T-p&by7)zR+`YqLg(PW{eNnTuEo#^m@~?(phCf3|f4nNoTpoP>U-G>dL^z zd)Za_;(n*U6h^e&$M=_~J?8H4Q%|t)+M`KlU+rkTq~@yG#y(f;O#&OxwjjO3?&hW7 zy@I$*k4x-#^&54Gr}XE^Y<47hvwOtT6TF)v9%XJthxL>XyC5zOyLtz5Mtr*xTWX7< zDCSx|`h|KB20;=jMgsWmE8<)vOtYr%L4q_V!{BsCE5z`Sc+X7Dop1T=&TjVl-d~k& z0;26DX&gG=A-k-v$|L^TZfQk5M2Ceq%DgjP;;_kxfR&(hdCnW2L<$s6C$o34b=2%$ z#Sv7gw(A2annR6YYmX#CY^D4U(ZLF^UY&`4A&I_A#HxYTf4DM8H98)9_KQ<$nmKe# z^CefS*nqn0OJYjj3rAHZEvB~j8zjOY{4qr(m(afq_W*Ro_k)PUWV%GHM+7&6kp<{0 zZ%NfWC4g+aIg`&=d;E?d9={-YF5-o2^QSf^zXTW7DrzQ74oyHS?U)gqN`j>MYud(HuGY8)Q>2mEIZKJwLF>;oI5=EYy4 z&;^YZF9GC+@zR7vl8}fomNnv&x}GaN??FUsD1ZEV!Lr8t+FvPFCO+$Ck2 z>YFoe3njDCa%~CJ%1Zkj?}Xbg`rMpW^O-UvDoxTD8oBeq`c8huJZHtNb|@%*6C2C0 zxJ%*T!qEDlJkSj}0tt`d)swFe+8m`G-m9n*mlkRhhut=1@Cb~0lKf7{c$E$g9{kd+ z_deVl!xn<6(e)(+tR}mtx}*A&^V)70$fq?p69}BX;X!G7X1_BR|A z`ownZ3Kd7^9J4WyRE{607Z{@uOFAh5^rv?K1I2D5M=DH2;;8n%Nq5*zV!IfgZ`^Ev zuV4QA(LyLl%9@M7Aa0J)6mMxfy&K2r<}c%2-qR@luJon<$c(&5G}fVa5taw-d4}!! zR$yl2Mc}>xU(|~@;ig)HE8B{OSLkPtJK+>=EK$U}Z;eh_QncKpB;D769_m2M=wMS8 z$}E4NEv9>E#DdYPo+2PU5%~KV*unKjD#zyOp*K+pb*e&)K z-tv?^5mYrWZp2HVfYgopAd^V=)+Bpa3BGz+eA{RG6e+{}^h*4CT?V2fw=1#HJ9mF^ zaq;{~wmwVTR&%jm!N6iQ>1 zwG%FRD=>cvW*o&B9J2_+y5c!cAqk;vz;@bigP6q=WWe?|_Ca4fZ7#bYri4 zhvaL;Cz_cJJo2#Dr(N;veYJ1DJ{O%-usWo^evbP65wgRktUdm1b^x6Dq=RjLnziPC zSoa{S@@@#pv+&Uwd~Y4xs;WL>>;-OMpg=^a4g|6q2Nm9ve7i$lr<0{IeD~*F%@|@rDh@#r$;t=&*&!fdrz6}D~32Uu>0E7#d5C$TL|C6BeGTo{O(@(iK~p)@kS%s1za8y|$HR$TcJ(D3OfD@5M|Ysb-N#$MZl za--1FuzUEvbn>||-KqLM7mE8E`8gcvC45L+$~c>YHL+8QXwh&TLM_LZ#R8-Zfmv-s zCKS-ywhwJ`A)mc5a+&GK6S{{v5jp5dv*y#L@`zO8{veL2$@kkz6&RiE<0-rY}T1>+cl~Jsn>RJrjP*$w*C8 zI;4=*_vWsX-Lk{m=h}{o*%ujs{U>C6(#!0}@y^@N$-fjeJJu6InsC3}%i~k5jkBEk zTmrN@^4SJ{Kud1F{y2&?mzGX12fgvtnbH^gL+R`Ntq?HlvRn1C7f8KDeBVwBdpz?B z9yP`cD<^Mt=JC*d#)~dKT5K_?ZF$g%66G;eAGcY)&|jtaTVp#EeUite< zBrMH!8LFtUg+(HfE^qbqfU&{!$J3{{F*8Wlp9f;j;f*E=cW~!{_Xwi`0LV`Sj)!N$EoB!28xBllOVb>}6^L^}Yl|hN6%0)Ey zxgeXwtTj~#v?kD(s)gQluE+Z;ke$DLLcmk0WvR*S!Lsx-niROnBM4AkRDYZcXgix{ zA_tMCo(^A2!$;4s+p=`{96rCNt$gR(h9KI3HmVTAtc7Kh_9p%7pa<`wh@w@=OGX|r zIjzIJNel8H@EA<-&`J|7T5zrut^86ag+eG?_e4yd-|>($ev3W+4GukFvFZ33f7fK& zmqlxb-A-82^nTfnb2y*Ic;a8!@vB>09;qtF5`s!$%V805ewZYH)4zF534Ii2OTusL zS=4a+xiom7T9&WMYOAM^){zVFZUov zO`&WS$i6S{U1GyFJ~4(9NfWk+#xQA^TL!&E-zzQ3`Z-dmfMDET8*iJ2 zH%sr$r#u{>7$N1?C3=~B?1yTjT$BwIakfn!&pzm92(KP2tpKFiRQ_iWUs8@<4FVfS zu#S^)?9O*SAcS{}H z;7~O?H??z&oPE$b312@Bfh=djHW-+W{w>0i%_{rRl}y?0h5*#`{pzVGo3H4l znD%xO{qD{LV-EKHvg4(9_uhb&_s3f%I?p9FjzSS|)G4v{cK;|HZChws!&9pe*NgGR-{2^){K*U) z2>2iU%R_r#8mbD~k4_;sR&8lX0@Xk5NMpZMo&gKn*K;YUp`#^qETA@|uSDu}CS3OF zNuPUhTA%O%%VNRzgY`AbJCR1hA_}ZEWbAaOJN_Y(V{og}FEE!2(0%S=)w1^QK+)sAPs04ErH$1KgaO1;bX*Sf@*})yd+b^j=mXhq zWJnSUqe&xwhIb5AN=!wP%gq8;mL-u*v zWhC!-?-Kl&A2Ky*y`xU z^2ouq-@E}>fOW1hC5lb1oT+kYc2*!ve4-EAOW@CW{#9#MCbx>fy$jW)_cVbxa@9Ax!>IHTSH zo{`sgUs@Wu-xUfKX54>vlJiT!bZF`*f8*aOO~&Uy@Co?^x&ZGj9)i!TiJ10XE_&VN z(um_)y5qpHlT`>C3tpP2O#~P`Efo-mf5MNU_~`ME7>-b~<6x!xtNd!B?>3WN29_mF(YmdoPJFJMPaT@AZXor$14o>=bnvSW89XfQ*}0K zuEsatwcDU&vE;aJb3h*#;hq2+B*y;i{gpRU+=QmhnJ`1v2;e6BTOc=~LnEogRMV;x zj~pvsvn>43ZherJ&YR>BJ{LE(XYZ8TllLc<_1H%j-jTG@vc7QSh-8M6rC>d_%CctzWY9GV;Z^IY7Cj>3&uEV*fL+zT6>0o@agh6*Z(2KmC~F7wN6 z2FkO~dJ{W@ho#4tyZY^YxGP)4JKKA=8c#^9ys-y{mHE`ze4!Ra`;Vw-6~&20Qrf5Q zM`hz)zYtHnjkRaSk~iFFlGhUOn0cU&^i13R;RQfMb+qt#O+2=iz)n(k$`M0w_#CaZ z$>j1)F!er}1#ytp`#CT4JI2TNFV#j{?D;D117z#U#n!Sf%Va^)ta1%VVo#t<-W8{X z5^?`VfxS_et`R47=hKSPE)q>wQW?19o<>$j}LmMP8lt48gj*1)hL#is4Vn$#I1OzSfi1u-fxfuOl)z)xOGWhbwo!afl} z#*~TMm6n8F-Sl!=Neu0Ie8{iBgT3SUO$ps5c_T zc)gCd<_e{e-%hh5&jt7v-~U8FdtnniA!>c+_pN)Po=JKVOqsz4Ul=psGb{z>QHeW?MHRmMGup4Z@sU2r_*!~B`T(0*u|S(S z?_GC-EOaVqnD?!O$v`#?ctm+m5Qp5(f+ZrT3()7 z4jyt;Y=6X?`5;zEnpV>|3&r$--G$4;c}3Gpv4cs0$>l<=n^n}HEGIwlAxp?5mOrLk zk>E=<@#nSyKcg9lY2xe%rV`49><>GSLtdh%r&ZUSavaw7O4S{dT`4Ro7VdNTL6~a- zEc7B5hVyS;%@P$HG1NaKG@vrmNYl#ZxA2cYQNQNSprif4=^toVF zNI{wP1juG)Ag1bx*I^`~f9hkexkq#95HFr0J|Q0p4t#p;`-H76f!iXRP~i7DPq9C5 z^ha5QkohXnTh)AmxZ(D!^z)76^F^AB&TkPaCtrdQjbVO|<^lw>?mHi?J*Dq&D@mIx z_D1rf&ZX)rR#IF4e#zRmzxfj{@A|5E=9x{aEuD52j@jf10tV1@zT*(Is8{#sfU9xX z^`CJ=zW+nWb?mj{{P`;8ChJ{nPD@+BpunFRDho*0>}50RPX?ZQTs@=NKmE8>Uog7d zf@xBN_b1n3K7;21GE+Tgn#_27n<8vVu&}?13wIj8JmK_GT-Cc;K=Qe55j`<$e{G_& z2?0fQ07Af6aDNGx2V-TK@d!Q%*Q+tXvKvp4qBpCrdg0IJP39X|v5W~QQCm$NQiIt}tBWdXO&qo%p>DrP^7zZ`zC0u!x!DQ<4bKZ`{^Bsafx3TX}cBT zEXx!5Chlc+je(I|_GcvL=gx`kPedof2IISqwakg7-G@pb%dEhkOyMOFLw8zj2-UdSc8;#^ibrD>DrsK6 ziJ6_O)48rbrl=Td%`f|K`SBg|#Qo-5C$FX6WD2YY+;?TTcqAZzKT+NZ!A!D?*{4(b!ikiA8R@SFYMPK0mZuZsBA4Z1m}v~As`gSdqv@} zUd;C!%?$_Ifg>(?)0#teP{#Z5mYKq7c7u!;3bU~y+-uk-YnIYw{bXw|Cp5j|v;xbH zjl6;}3~wQoGAz>7CN7;e#Uii@XwW(m4JFYwJZdhvNk-*v#XWV4nhn4;k1lI-OBz-n zDGF<(*pxM9W@F*hum5oNQDLvUVphuZ*@-y19&_`VntrM%8sZOJv#ecS%e{G561-6dMt!i4 z`)tyPQXfV4`*96y(HqylC}j<^w+;S>6D4iPfJ_m#cTS|oP;jSIfQFYv_XmF3YIkg} zbTkv(V(W{auhwSjTv8>TQ;2cvSr`{RwHawEvL62OTwz_^iczx^C76_5Q!`SLIfeSu zvpZM{gPFqpY2q2#x9U-}`Wo$QWx$8{ggQ&G1T_-n}jg2J}wr4h4YIee*_45^V~rLtMuU#YV1qC zwYlf+WJ##mG%#Af_HEI1TTjvqCEA16TlTa}9l`t~en5#+iN6gTj6Q#Fead1d5=Us; zKh5HC6cmsMOA`W0;$u9}A^I6sZJu_atp-JI+GsEQ?l+3Q+Do8{Wz%E{xw@M_S(Y--B;ZHS zGMn@&u5*_;Y{#t5EH*jmi8WhE1*|J;X~gf<_N!QZy9m|aE*IiGS6N;?O+3E*;&f4Q z<7ua{+AxbDyD&)9@lLvecR$1w0rWhST>hXUQeADaA7@CfCstu zO;{+mwrq8=~!Z!PNrqil`i3UAU@Syl0Uk_z}%Dz}TH12cyiP3Q76iA57vLkIV;v|_&c5l})` zp8usxh4TPBOfEkfy9IfT)#@=ccG)k;lwb(5P~6hvs*g#kcT~g)w2z8;Inj_ZOa{~P z$enBt#i5u~t^9Klz&D5INd(tI@n!|$)vxx;*SQEd3p=cBDv|yx$t3OWN+ zxUg7y#Uw{HKM{e|%@Puh?^TEbZqf@aekurPWi=Hqwq;b*8c5ewHS$t^DdZXzArq`# z-dsBUJTOVYKvZKycKvEYsEk&f7N~M)CZA2cL!Pub^rij*vD=J!AB13SNjjdxE#aGyZ>2l`XX%Jc7|w8 zZ}rOWdbp|QGGYQ}ONorvRsCebsZ!uSUI2^xoz}cvzuK=y(j(?ilfHLrR_879M9*5> z1S~E6Md7Ob)po^8JSYCaEk?od`YgILwt*^)|FfiiTZf~z8u^jsDGGtp)=KOZwGiBd z1|l`|JeSX5SF%&l5n?{cSv>u=F~HujkUYK8|JFG zWH@HQ1#R3OijYtE6grF)LB98w}+wY;VYrrEuIV!c5=(#^QcW6Doo z|BJ4H7O;?%j6(@yijtfzOtSI6b9Z(E!71u;T(Lj%{19BgxX`r6{&MUSUN(I`N$V0D z-SWq;7+AXF&Wk(YV@L`>3SnQ#C9(nB<#+W43rdRl1^M%XWfetU9Mbn_I~Zty;QMuAEbwPr4E{&jbWgt&S`phwI zo-2h4yG7{j0iyKC(UfZ|>L}3RNclZZkevRnI-K?fuxA})0?1Y^7W8wZBAXsZ4m2B#p9a7ov9t2$|-{L)+2lN1d+dnRMf2Tw2b-A^xMQOzRf z^I|9&AEmZB@ADS*pO%2<{Lp$x5(BhYs0k1Q<#P<__pgh~)69fc5R+eRKtSWP zBkk}y?a2m!&~Sy+q4`R{jb;tapU}_7u$SgCzT~-wrJtkGpvdG;cYKbfB4*qZVxs29 z>h!9YY4z>9`8Q&0`|-ak3=|9a>MP8y5Wp^STPkrmwJ2uRZfr|x3c&OyO7hU9bJX?) z_^Gt;tJcNmsuJXAi`x%g0xXSD2%7~Sn1FbB)LrDfXQ3d_kgqb|>%+A`q83*?!htwG zZEj|=-5iyISx}*;B7-T}-uUek-0D6u7708E49Mi|e4h}xLBn+L_TDDyhSz(1rRGqd*>KA#2P`|OwNFq;s}7#I!1 z_S@Xp7DGM--I9E%BtomZF)b4Pd~$`ZD^27_tVxCW9m}%$V^;aY>I?wWh(Lm z@R0D6ww&Z9iShAPZPA_8?S{Y#K;?aTn{7~WWTEEnu~&-Uuw<-8uJk0?LTWsH6L}hQ zvN|V%cfQb{OYhPrGx5UY)u`U-b@;5_k24Z%3&!|c>udmMxQ6^Bn4xgpiYknpm40dF zq5axi_sj>m(wcVXjk!&S(T#!dn-fsw!VBbtLE4>mYx?Rq>| zl`{c2j?i1omCC(0*O^I7G!D79zGLQrU({UB)N9Wo2X?O!kTa-RwBVE?GNZuuB)(+s z9tJzNE@w|(l!iTs`8~Q`!@s-zf@m5~Wf~sd>Vg8{ZhZPY8idc*R|T-%%)fq4iSI}V zpjs>nK~as*tER&_qN6=z%bf9+YPlwkVAqc7VbACUs9Q^Ayj%*ZOQ=xUzMT2_vGzs1 z(A%VX_NDuOyaNBid_WyBCkIcj1MN;`;%52l7l`O!VMdSn{F(>64uuCEeN{pX1VuEf zmLSg`L^JN$W`7Rnu_27_mHo=q(g@UPeZRiOMWfT52EdYz1=fj8s7d-y;; z1uFMc%^wM@;Psyq8~*h$30yksT}^I^E5^H5Rf6!luKSN-yPL7z+*a0eAxE) zAO7EuK^Wy$SA#?Mya)dGP2pJI%6OJOMX@*kgPEQC(}^_m16g zH(+kd-?ZxO9WQdP%>HY%&4<7V;3b2Cj_$L}sCG+F(%!LW*=o0>B|m9GgqKZmYch~8 z6{d-+*ua5VuW6=4E}s3mY5Fh11zXrnRni{gJ!0zRwpQ~8=9AY-U)z8yj_MP+yK4jK z+zC}ycr?vha^@{9=YJlqA}V-zN@&&pO$a1d<#Ngb)?JP`QUQuvW3IEiakw0q2fhKM zQ(auhSPwjbp};dfv0Edi)({e5=ZKzocB543(Valp8t<)jE`v&*G0I7=&`rZ~r`qey z(^;{j+H-#+DW}0JAC|oV>E(wuD@@_Qx?8va_^bIkJw4P1w(gi|r6$Ahx8dQSkchN} zd|14D8%Xfv%}U!{kBpZwp14f`BvW^G&@!5Htz+Du$0qmjx3*2 zobM!Xw4gL9NU)k~C`{|RtA6oegIh6OPci*wdSq9Bs}hy%%gbm6;oXl(R+}TTKu+y7 zn5FcVn=$DfPBcS3T%C(JqOWB%L$o+)1i5OV?)z7q={vE^feu$#^lzq}pEuOIIU^YI zEsO6XFPLT4>i*Y!n>yi-^GXR`dA-%%~Tw6oiS6uktuAru5dRfs#R#rBTV(J z;b?bG{kdkn{UDaOhbn*fIfmht!vOi0WogvYDGHP%MKnXVk?xGh3ksQouZQn51)c^- zZMf*o5CeWRmIU~MRk{q5bhKTjw2B?(yo z(9t!}csVc-c_uMSi|jmDfBW$;_S)B^7$Q7Xy~z1yZ;QEa-{qBnZBo4=3x>Zv1H!qD zk+1DKc@%LI5EgmBFctPMU!SnOsnOUfmUx)*Y2wVTG+$=<33h8r2IIG!_cr<+SZp;Xfv<^$*FqedzA8Ex9vdkecB z&DH(OLi&dzgHP;tSizWbiyXk8%Bf2t`i|*{YjJgs9hFx_ll|d?^IxlmO zad0zUgT+m6%5tszNrF|PP(lKS+gSk@S=SNfmE5iKInw1f8Tk5X05|<~#%1@k z|ERO`V1>=4q^4tQ+vx$Z`;;LYD=X`bA=`NTP3|I~(lD2h@kN$Yn zVcL;~6b!>1<+h9lRA&@Gbspwcsnb-+()h;P985ge?gBe|>Z(&0^TCX(zfg{q4n#b5 zE?`p#dTww)J~+*&(Y}-UiUBfimp1m1M*vtij$L33I|D4ZJ)O<+7sH9XzXn?zhYg8Zf3}Spx9u5$^)0!`d zUZ|1E*4sVX5#op~BJ&`WMWxaiezmoF(us&zWHbf8PgpN@1pz{eWv;L;O7imJ3Hjw~vI?jYw*Mp9eLOS|*L*!_RE2J-TOCthPLD(_*_c|P z-VM4!ns05d=E0`Z8ovRgzo*Ivy@}RI^Z_Rr0+21I!f%!e#ytmveGUuyV!G7D9ws~= zN%?qLe;hV2XAL@iRd5|?Xq11J{B6bv%KFfSx=mt{{er;P04b8xx+m}wJ6SBr^nF4} z)3!SJl$fSE5if+PQgHiFj1ix~lfaoEK7-17qM=$44`lizdlSNa9=BrbstqkOnf~O# z9Mo2}F~m{pJ+IbE;l4&`I?po!!@D3g%t@+qZrXv68Pa1^ak#8tu=opcgQSMmKns0Y zs~V3R!J)h>=0aLZO6Dk5t-C*CS=+)!3uo_qYYSan-#Z)3bik%l?%TKP0YQ@(HY-Lt)biZwFxrH>DT*J8+$AdXlBj4B))9xXqp^H_y^f$e`lAeVr``JBkrLxdoNlnof-*}RJ&jH7Oc)0L9Mng>~aUo4`*7CVeeI$jj$!tJi+kG zfS5Ua4De>VI_AVNb>&DBXdv1s#Yjp;D-Ql>05R5jem^-)pkP4%1H|#`o(E}xgqqtj z%j~ctdeF6<8W@GEXmYtH7pAbuMC^PsSFM91=Q+qOy*+Us$4uK=B|y^Geg-6J){tgjL1#nx@J+$NrxP|D3r zh4VYHaesjQKhoYZEUsg=+*06cXG+aQDK32lwC-AV_cv?(V^z z!o6@Qpf~5-+xOh}`}#*e{gelHMOa!0Z&ay1Wh-e2>ri2qKUJ8M;N0(liWYvll$s>;dgOJ2xXhTS&PcbONLP*k0WM{Gf~~bj=TKSifo}(rm7wOJV3hTt zSXBG<-r?>=k3mVOf&U+tex*-8yvx7!yAH>5p-M#_qLGWAhurEkxP%3P-Uv~s!g51Z z_wzX`T<1t1R8bFv!xdvrH{f(!q8<({$6cOsb*>FA0WGDaJ*};&$NM{6t`Gh=nNsB= ztE160@cUE&6&YtrhG*(C!j>CMdu(69n+|54+SSu3_wi|>eb19&G8J{T6S{i3Y}r=7 zj%i8buVqa{%7rKk*M8c!D3$AV$~wXIHJd2dOL5Q@7Y3GEl+=EBE9;to_Rf9w&OwIe z)o$Mv3%;>!@g-l+rrb(PY2eVxMfu$2MYgY|@*992W=bt;5BFvk1f)J3$Q#_*p4W?6CsnFG}_9X3$BOmXk zdFS-c9Sz+nSk@|7AgSUNX!7zHkKp1szpQ&|QLFvb1*z7DkV8|WnZ)*@pP<@$*V} z|6G5U4xh1WEmrBKVD?Hsp$-#HpZhr?i-pAQxP7c}UB^Mq@ntEhU5U1~X2r8C+ z+-DyAqHJlquYH|+BVSHsTH;00%)*~sbghj=IN2ped+5VZF0*92AUnLKktIq$q-;BE z^X-ge{imKj`0=EaBE%f$U9us@*+|%d_dL;l@^~n}Ejz0naC~>f^PfmFipD^diEbTZ zYo$^9{k=j82SEZ0`t@#CA-~(x+jD^8xL#1MMh#*Ep<54lYa&4)94l8L1fw-NvWdI_ z8zGxR-`Q=x#Miw$Dce+dfV)*vMYo8i3VBli7JK2j4(X6-oN`OgJ z+C6}mu>rJO)a^HTU=z^KxwRhuFzE-cyPajab(FTW7mPtaoV$A*OHL~syNzWZZ;we9 zsO3bwB^UO2prp|k_PRjAr#t2w&hes=3FqC^#hRJk%jsF|=hVPp zBSq0R__cT-EBH3t&j$bSm{#+*+K$HAnygzLF*+grjFYeKL#I`n->W1cZ{O%@`>u}{ zKax9!en;=bZBNvS?!zq-8P$nK05?X7&B0^=yyqRS1ulV6>0d-&Y+&CzrWLr_p8nBe zx(GffQQfd0=;ku};7i!2Vmp#TDD$bhMe2?dihwPKzre6bIxe8f6O#apyLcWN9AsjA zOKf5nOFqKzKAni&s``%KE+(WZ$FGGcU9~0jj>&ayhpi&yBE6fw|Joj+lALj{z%~le zgm)k+7Au-K1htTRsCGwkv3|Y`iKQov7N{Ki>NOajvCS)(_2_dyEp#!X)m0cf{tV-fEVjqLDUHpozCf<4@Z(r+XJzH&M8v#J3bG*d|>t zoz|z_bAr2{8E+Ek4cjoCR;Jw|*G#LQW^pB?N0>~-<{ItS!O8%i2*J3yqBWWb%48r8 zd}T?eRrE++R=IllRCqCG%W{rF6w<3pEwlQy_2)!hiU_UN{ea;`Y7Y*bLOLR|8oz|s zDi62sU0%=fuUhNHHA+}C>%zbs+l1a4oN+2^;st^b+A9P@`y+|GQFj~);UEUeMx1g( znE-K>XYFS{%;XCbBiS$nIO&b0>X@VGG(Yqva5V40udaJC&-o%oy{MIYXwNoR7E1MC zgzl`LxPLQTdKydD&5)|1#L%Akleze1*;;XtN_MA@IVfs?k9ch+Qa?twQ`Cn4p{Kz@ z6vbvkM0TJ<7|VGc^Jx?Ndaw+(64IdbW5^Vmgm1>D${~@gpzDelID~eM8*kh=rYLx} z#DysL4f}<1946o}k7>DVCeKgEGX~;!ouf*snK=&iB|?*e>dMOR0zUq^)T!O#!oC~WwW zini^|OHIPHE{>K!j{_F9DTb_|CN^fohzr~jw10XqLrU!c-^2o9!HVWI;GtZP!m z0P5&~HOzR;N`S#3|qBzRO;e3tzbZ;Jx2Un@?{)yP!wLRy?v?cw&pJNM5OMl{pKJ#pY_t$%{QNt*ZrRl8nCqy*xNV* zl4b1LqlG|Ew^Q~=!w9ysPoC3rQgdx~JPzHeK;8Vh!ycGyUpz=IM~vGVOr=RWyT`UY zZx^W8_{kGD`m}UdA#MuR{SL8)&AsgEP^lKq^H`_28e(!t4PJK4k@qEP* z-LqnU7y%tAl5pWb>>a}v_Wjo;jJEK8jc{+U$7k#6-)bdj)`fS{H{j#kdZgPg#0|Rl zCY^u$kTH)T1Y1nwAs(~$KRAJGW<#jzfx?i3EqpD3+x#O$*f3r0qRS{AmKjRF+auov zAp!x;x*ge3E$Q9)rCWUQ*R#WS637o_tz1Z&^>IS*gP9yoi0wW!kiuxmD4iH4*oNH) z7^La0U$Sj^_@rH@GJBo&=y)8QmG+;9(G`5-i&M8MEiEOkdb_Z&`qsYUG;-Iqk_$*h zLad^i^a|!8e}j8)60*X}ruPseXxD24baD9E?R0UBe(j$JS3E`>Sfo=hS-83S9$0VW z-!TXL9C#v?&MAR#tMg06-nY|N2+x1*9hEIdpcBxoP(oLa78+d0m!beOi_a(82gL)s z8bp*|O81X23ss&g#^ei!^SGSSdzJZ(IMy7^w27>}9hR((d8P=Q$O3}SXL9!*>$}xO zqh-omOkeha+QXrRi)jo!+y@(JxVW^vH}%MFgnh48&)0{roJz4K3P*eqZ$Y=wb*O_; z#1sBfA=Lwo<1V{ZmIY~f#9~CE%g~%(d^k-u+g>`h;n%@A{k z)2~_2WH+jtl-ke6TcFe`U$za=(iUHjaDtR~NPI3AXCzx9i2enU}>7=0xJNIg_(q?U${Ok1KuOw<0kvh}KM#0`$NPDrLS#pa{ zuc-XyH}({-POIYH8rhR8rZ;_^Af}L5k-cwh)aYTA!BXrDUfsqrAeivJ8|Gs8&c~Q5 zx9b|H^Q-HK4nM7r-|IhhJ`l=U5fS8VE1z@;SoCGT+RUQo{Z}!(?>XlPGH=(A>ycx) z8m|J(Sn?c(QKjZE_Hcg;pRaISqVd`jTEdNDC(Sd~RLhZM z4>ZM^7WXIPwEECYlQ2_2vxlr8R|E%FE4}DMJqEmcx$)YzyM_T!A=6_-L`KsSjV(~1 zi{O4gpw;i%p?+|kQN>{PB#N@+41akyKz=+oMBaD^m=%Wco%>7gIlri51^_+Lzt#Qi zivFG3rqASfBsT;q;MN@~6{r`HFQ3wFTndCKX_i%VMdjxcuS30`J$l(t*ID67EK{>O zm=3M)0_7!23a`zoISi-C_485%5q(C;7K0V4BFlTWDvqZ3fE-fx&uDbv*mhk?9cL0K zioJ73K(gZ{7>V7%p8xfO_s<#01F#oDfN9?u@s6w;DX2)j2qXLjub3Tf4?^He$*h!1pxD&Y^hUwd7F#O9EHJXSaw%4NHYiVcwlp;Vi?_f$ z4VQ?QaLdoZ5$8iI-KT;S4DF9=>;pQ;-aV~} zXy~4DaNYvOd#F4{qTTcNR)6+2Q3j9WCPN*Ct|ji1N8m$A&$-B>1q7nNcT3s!9P^{V&F66 zZ3pWiv5yvA3f2v-JNVpI&rcc_mFQ?y_Y>=v(F>hE(qw*X-Tvj4`4PswFMVSn)2U$) zM>)lT+ssPT8VQ6NCH=*Of#by|sCeOond;vWtPrV|dqVU(YM4i}m#qa&=5UUZ$O;qQ zVah5j`iGYA!W>>>(g!elVVpV^A$XVL80&TXX_mgSyUl9QzwRyqy}76IBipR6*gET? zH^kd*6Ix^nUO37d40V2o^J-gU}VzA0#1akZ!_`IhSCH-Os~-k3cO<4fZ^EnAdT zQ`M*3kqt0BpYG_g7|DEFjdd(Z5OiO-{Lt43TikL##&M$;c7RdEeW@7hod!;Ye;|y1 zWlcC}=ZBMNZhx3M(GA02@Il!G7l|}moQd?V1PH>5`>#S*0*z}d1{;X2uS^^pU12jg zDVJ`pp}yZ(9M;wunH}0eHe(~FRMrcw;|9t*8%0EnxoShZN-erN)-+8~&(WCf=8ni=o#{-MxL2LW%K=EQ_-jMxvYLel;+RDJ;z;EVh>B84{M?E zMfz*Gj3AtcC~UHaD}q35O7nHC*HLk?oF?z;T#hKtwkLzaR_fYH7)}i}O6H~)2(+(5 z!LAhdSupGK_61z~=%{i%mUmWm0r?DJ=88D`fPrSe^T8DP#gS<6+h%3{gva5WaAff~ zt9=uSo0nMB}zcGDMcw~C-Si!J2158ly`Dm_!sXc)iQ zIDJ9}yEQkU5Qz@J62W|<QeP6vxrMe~cAeuCzIeobo1pqqcZv*JzO z+*@Z@byuy6i_`+N)MG~4VeuBH8j7EiCHf)&Po!?{FgMt6jq zqw}xjXXyo!7mzIXCjNPPE=VV*yD%C~QEXYi(s z`Xx;q>>Mt`+dDY2w8RDqr?lB3=zMRgRq+|&;b5-LoU6|Bx^T6+R4wf{ytd%mGiFk- zXF(GXcJ%Mkj~#2qCg1@7%~Edt$mTklK$zK1+V<88D#M^w#c(MF**!D=yqK5faGn(b zevCB%g<@u(kqB{TU@D}C=DneWGHfG2cu5r=3CO-NiOllep1P3<)7kVGF~W+a>5K?3g&ZjRYvHj2P+`)LSk0xVvA$cTMa4cXt#fDZ_Vk=f-@{UuLuAQ2 zif8RhxBEG^3;o3M2=YZ{tCur_8xp+-@Z9^H|J|E-%vrDzzprefq`EIdo&r*jb$m{w z^r_|YvZRdx&A`yA!tTc;!($RKuTkA-6ySPgw?_MK=o+S@+1=TbC8ny+KR>?Cl59AV4F91RN@$wJnR0@aaryck)Sr#~oKw6p2H=%B4|jb`S!zPyJ^zSz&L38uv%dGbr_4&k{*}fHbKMZlIr-v~a zlJBYSDxe03`#T`V((QwAc7SGp?Wy^j&_kTqoi*V=Z(Q0#5t_XIdHEn{Sm~^CgkPY+ zq=+{m9R++$-&B{_rV`gvMSly1sUEP6Q6$4iDNa-R;g(wvs+w7X`=u4eDVo@XHoZxT zNti!dNLRh_dA~{OOT|mh@#%aU@8@4U5>M`wJH_)J5tQ>AFsV)9W$AI9E}9A{=xxG9 z^UDX$(=4WR(4Dr&5s_ z0WB0=F(#)e|JniQ`z&DI0Y1Ny!abQdW!iWP1bvF;`-mzvKY3 zSTTumID6t`%ZH7a73Y+pQsmUlX{*zBk|(qrtM?sSQTd-fNBaKSM;q{@u3Np?-LF5T zn}m7pw^?C^?PveSYYRVgGj#jyJ^0BP<3>@iUC}B{D>Mj0r(px*^uqMQUNG0|mFffM zlg?&wKeB*R8DtU&@0UL~K4{jtk?sBCB)A7oOn#=Yy6aA%{e?AAT z`M`aH!9XM1ENb3^SYE|Iz{iO70#-LyIT_H6*B1EmoQFCCY5yy~6d{iox^K^7ZwYg$ ztuMp)w7()3u_YNVnR>Z6O7wQPU1{SJO1)$|OhrE}>W8oFfJi~tdt}K=|MF0nPRrA7 zv{{FYL8p-L@|9|ywsa&I=*4295@kc!mTJZJFi%O$zlMmE?&2;v< zt;8~U{MajHieg?KXQc!r6VI%LGFNp!EVWJcubxbCJ2o}!jon&j0utXBm&aZyIQ|`O z5;HN5&RTI0#dkKXw#JVi(q+1|54$*COMb7iXkkeo4s>_dKN`ZsPDX_ny2jj{wNLaD zp!KZ)ySCvj9@?1mLC2-#;)__}z! zSIYk7j2|dsi`LklC;ao!u8?*144j6`IJ)Lg^0-V=fA~#D zK8*U;(VTj|XB6&(fk;?kyS`6z3{}kkARUsr8L?uz;U=S6;rtH07ay0nyQ0i;$ig`A zHd6N_>hs&XJN>Icn$Z$Xg*w{}4nmu&6b-CUVmZW#TVjq4FVSr_jq086jFHcPv$>BV zMt!m6;G&>Lec*u)jfGr`5V4YOJ)Q>EsC~M;(&>iEVbW2BAH^ZB%?~+570e>p!tYRDQ7NZ`h zRHq~q>Vc!PNbi!Y06c(aU9EMgTjsJXLT}N2&khiAfJwQ&%;`KH&)|)=<@4`QE{>i8 zu6aBG*g1%2nHMX7|499NzI1YBbZes`Rb1Nu(@PS) zvWcfhL;#z#^X;=Ehul~Seh+HtEYF(AiuQu&4mV|v&dooJ1XS|7e{64n;%YLF{HJq6 zzPq<>6`JYL_dT_#Uw0M2L3sGrL1??Z(b+04N%C`aPN$9>RF2*3o@GVs-5%e*Hkc%U z`TULUyVUfXMHuF^W_pfDa0(oiP9XhYBP=J+(@pFGtriY7 zBTKG4`M@|vmG-_^`YieRXEGvm#<$a|!Q`$lMrak&*++mmze8G8+51W!V7N3gr)%g* z(uFb5Q3SdL7rhaRaX69J;Xr|1bgg*~5x@C-gznwo8UvYaV!1E8D2Sj0`=u;iYu5lr z`jj;xA;_s}N95iM>C6#WJtg#x^HNCteA_eJ2MdvK-14@W?AU4=myMM%wsU1^ zQYnZJsaE%mXy8peS9?HFWW8Bo#&o*>%2sKnc>D*MrR?*qti6J}!1{YwPFszeiR<=w zxVKKggYW}tKaqS_h+WqUIL5R!GFe63@$0rXoHLUAJ6@eKVpy8>XVaJqr_VJ%EG212 zgPoD%4U7*Mv^|k%B8PQIPl{6;6f;bkDn-*{ zv%J4W;ohd;JnA>ENx-o1(+axLTxpo2g!S(}lo8eJH(BYF<2cX=wY~X#MX&VA%&^WK zithR8Qk@`%%*+!3;pbXwR;){w{oW8fm8mUUu6&!L+OSBT?(XKFw775|okwDv7^_E3 zr2bVI6(|lmmLr?x)x+AZdD(Yvp$?-&E>bHAL?@tcAci>bHlkSr{@wnolBlP)L`+Da zpE9nv-}wz#fWgw~^*7$g04FlQ>sEr|Ilvx&&dE97{mmh2h10Ab4cZ;C`NH21VyeeF zvbD1d$RTn9v0Y#ES;^UVyrITl=%s_VV>f+YtoMkV|8g$t`NTUky8lxPRlEUO;%ueq zvF)2|)V%9cQ%P!XZ+@41P}S$zIVFLwZnc=kO9!?NbagzRmG}r@-$2hZJ?{d;S8mQz zlDH{Gjobl~+2bv`9vos&_dytbm!?LXMw#XHJ6V)lA;;qPw(U6cj6xYj zRq9oGdEN)wE$^TuS6id?DzZx@6$j_%=h=SreA-u%cUxcXRmpAqzCR-kzH?i(q5Eh+ zwpV=j`CJr!^%JyV2YlzYM$=Qj3mw3DIVjRQXLu)`@YfdB%>wX}vJkQ9Zc6cqT}{`d z(U@>=6NABYJ9*4NFT?=**PG@xXx45OT|r$rVWd;>HrGO!^%ofTsdqo3rwe-2t{hy@ z-258n7QC-so~UYdYy`7V2U>CymVISIw~lV3z++B}m_bWjR0?R>x;ibj7%iCATbOA( zuon;K+;P=_o&8AEFBXY_2%fVp!;)i#HIPEbj7s`SB$EU~HxXh-iu2)wA zNNP@l9ien?ZzzBh6x=L_4#4PJ{5*S=Pa*Sm{`sOqX=s~R*Kzr`@}MV`i5XCHu%Ffj zKBK-WaZrA1jlWC4i+sKK56Cb>>44;cmp5*&ZzBIILB)AYP@jxe^$}1xeg6YOMb}iD zcYl6j1-}Z(Q^6+tDS(ih#iI6w-<_dqghKsx_f|>@hfa z9GH0~7P`*3avc4aWy#hT`JT0>t{`6nDeI-*$fP7x?0~^Fyv-Tt_J==q*L|7dnP5<$ zp6b{bNJN;&6LQv;1d{ncoc(A^mxCLgI$&@Gt$a*UY#cyM7v{HJdF6PW)u8;GAeMxR zgS?2cR%*H9HRP9W{kQqBbA8H1Grc8x`R{SDFex@?=Y91y z0;|L6e0tjV-?3tGnVmm8KjEdadDwWL=tgmWy|WdN+Gw^FK*G2K@O=Rrmn6!yYUfK< zvZCTUpj!pN-NR8yZ$Mt>67$dQWh6EH+BXd;02hG4M({nrg;uJ(s0~bd=RI2WLI`wiJ0g1JSm$o9*xJm74} z|6IIkGstB&a`&(@mlH zS7+0YCeP~^5vguZfI)&jw1cO(R!g`GNHac(1tB21?Jee(52t% zd5gYwq&NGx7L+fSZz}=U4*OL4V|-<*&fT#48AofDi6w;*EqkgECCI&PEB`Bu{Kx<| zgI-ZjB7&(1s{mqRV9Hg-URl@VejXXkM)%x`9~H2-d5IN#oj(5f#Ft^jrEWyZIn6eW zTpiyM?ws3itfsH)kM9Y9un|ljT?^A3?!%0{YQpJoZ|Pa06m~s(Y41%g!K(VYF6*8r zR-<6y491Q=Z6h2IHk}~`=O0U!oz&R(QX!P7Y8(nq(7JZJll?DT3k$%t=rU>X7rt7m z*iUQ@vAYJ-G}5GH;?gIw>iW?QX??8O(Dh{h{CZ_*df=+80tgJmc)4W6d2G7PK3aS> zZB;v!`qPJtj!fE@!B$K%&K&_9R&vzZHI@P&G6Yg8uF~6^LX*`DxHwWRADX@DNSflF z57fPfcIbL;hoz9@P3Vv+ZUMum5RGKQR}AI9SNpt2{Mlb*St_X~=O)CXN!)UcY*Bl5g9 zF;~$uNY4MpUg_gDrS&h*h=5u1zn5nw!FqzLg^>I)Dd*i7Yr>! zEgSo`uiJDR@Vi?T_EN|+*F^6{eB;}hay=(F|FkABKVhY)l!@#s7^FCzo_7DS8npv0 zix?a46sR60K5jDNhWuDMO9V=XyI6X8AD=374s*-H#)ZBMHYOF)5mGMGujo)2GG2|> zbO7NQK320=Ph&s0PzMHLp;q&HKqtJ;Gz$7T&QyxhGQgdT7sD(=Egn4pgg!__F< zA8R+G!=8RGym(r&tp6q%nZRd~70a+I=3DQ*UfC=)4yxRO&@eus0n!^^0FbO))>4tz zZ8td=7?^F7J--aVNFTmfEpNCc7=fbtU45W39ZYiVl-u?nphU0l*1t{cTMGb7ZBN+ohBJEBHwT3hHc{ zxNAM(&z{m#`jECH2{*EksT10pzC|nI)A8f=zfj^BxJ#)2L1i+YbUfXbqSP?q%*y2; zMs)@9=B)dR>}wBdV2YWi1n7a^GAMbW>@+*6ygNmI;am1n%D7F7nNgv_bU&=0QO62f zfB&f{ErvvQ){A2zB5weq>~_KO-v5mv4;b0XIP<0i=O&4AZ1aCha$3;r{XJwo8qUhJ+)`Wf2S;!z9M8x(k6r=6%l_cb2;DSBH=z~Cv)MG-|9GB zv7)K-x_--?>j0Y8KFXd* zU%+GWD+X1e;U}P7Rj=OQur=Jk5}2iZ+%p+VKOzzRQ=6ziR)~)tVbM$%rjRCh!0X7g zBbUhPgIB@{D{UHMp0(OU7@l}el0*=iImpYP5GaS8 z<_~~`UY}(2Q3TK}%KP*C4%hXF$Q_ao%ta^Q$%$r{E>n$vOCtCk5sn4uAVP6$rYvylNjD^ji1$Xb7ZNk78Ao3arLsIuHxHE#JJxp$a*4RUOqhPJv0`ol z^^P|~Rn(jLVg~P>F{o|Xp8>EcPGM?#BUEpJp{2J0=bqLso}ndZ1K09@EX*L?C!Cj< z<>@YO-h?Sir6@*i2YwxF^0;_+=j=Uw1Fq$>r}2@hZ7qfw3@q2KbT4j2HriD>abc)?8tQm3Ee&o%ZDjj@%54f?Xvm9*e5yILmG^D?%l z&lf5(UYq5rZ8}+<^4Nei6Gpy^JX`O7NePVEeFhLtg7#d_yq548(tiG+h z$D*`UHnDqR8ZD>VIo#{w478?fur;AY&Ug==F0x??3k! zTNeiw6t$w>Zo=O>u>T@${LhR0Tc7jyHFaMB%z0g({IDwbLdA6GoKe!R_*jOd=)KmPh(gtq@K*#D8&Q#?|2ah~h|)aZXa%>7f~ zJ3kP8qND!LAL1YX_Ftd=hb(CnO$vl0a+iyCwtfE;i-ez~#(JIthIOVNO}Fj#L@s0M zUs^igUMnS1kMGiNJt1T9&u{17a=U*#&VSwD@kcNS2ZUS!JlUTz{_B~J@PL;&;`sC8 z|ML(3=jZ+FH}#eC0WK)*r|?JqAGd!s{wREi{`KC;|Nr)a0M8t#mdO7&lK$6gG(W~B z&#=s7L~l1T$w7FXLq^x3pUcAEvGdf?^LR{ zfBjf}uxOsVr!@y(@#bj8$~>x`RDJ*hd%k*H9wwih`O2(VNs2i^l;VkD1P{&vX^Kg@20@0b3?j!?9ipo%a5Ep`-9uF4#zbMyr5JZoTNix~TSWHMTN*M?8LV z^gR>!8Eqm_bA!>}SeOJ_)TXy>*VDJx+UunJd9Zna*5miXF#I-{?J9;`>X#(v5#(X+3LHSd8-Kc5brJ?~(-gQ&g@Z;O! zpl|WLW$`_^(1V{rhpau%>vx3y!{kC@w#QrraIjND;c}n7nycVbjf?mu>MoaI-V`tYonEOQ~+;?9n@BP+Il% ziTk(h=|ryQ&XMQtgRJ(41JY+O8V9d>8-q^KB0}Xxl!WH%Mh0|`rlcB3 zqO`|bOzSVyQBncy=+P2jdVwtr|3fNwSHj$}?g)S`YlXY3Y##-fP#M5+3`XPp*}Zl& zZB%zEUid1Z{b5Q$X)cOK2Gr4riN8bx-j(nM#AJOde61oLgfdI@wjIZ9>cHc{A9fnq z=Ep<)wzKN8y74DxpTA2p5Ny?8$@2i2!499OO5rhy!KHUq;^yQG>< zkd5gF0!%^PUKD9W0!gfvfr+io0-O~gsdX5 zh_CGRF5(c+yWxjS%gS(&aHjmT0&VJWs-Td>(ixAO+Xw$;XI*~-u88E}fJd{O7?XMT!?->BI?4Vx#(HSb0#Vm#aTxM;6=PI^vQi1kQ z>Z;F6aa&H0ETa8I3&Eoy@e|`d{i#87ZRz}Boz>A*8W8ys&Z{PKNhzj13`H|Cuj^K) z#qaSx&xOsD#tc-nvIDf!S&~E(CEYLfHD}t;ZXa%!9r&I1k#247GF7C3 zMqo1#=X!{pHFg|%mZ+KAhQJ=cBL3p&I_waT@9S1hFo-OL=r(#Q#9_{?SY2xhX4Um%d!8vO zqr+^zuBk_4rQ7QGkAIe&RCB@>5i{IvdaelQ-LTCy>puSs-lAE0_A=#f0X_fH5B<#; zy%EVRyxVZ+VRCH}kv@X8mDLRIdy^3lawF1!O%_pXFM0~zbuj*IVuC*)4LGG1!ddVW zOsggBGQ(!Ul0FsK^?DA+uTZy-N;ExVM(e_$<6BQ9xTF*b0!>cwn+4661M8RUPb0Ow zEv83`P)L>u+kN8!9~2>EWt=<+Ms^ZiLO z=ZAw=qIhlCPJqx@j-`Eq&-$z95B%L+<3Mu1`McZ8EYkxUH*5q1^DNIhHpaTwY^(+4sS5YLBbv zX9*LV>aq;{Ai_)&6k-`bVLkvZ_)zA)FtB@B(EA>t;mTFBMAc3m8qOYRNwJ_^tzO!b z8~C1qO5HUO-h=9p> zTb_VP9jj;F!`Upef+Ii`5i0+Ue;MJl+Hb_Lbj+vgd=Q5p_4*ZSqx(6IF_Xo`)S-nN z(W|BEi$Z+@QsXe76a6EUHb{VZxE)p*!9EP&@MgMYC*r%t&uqTzyt^~xCPKHKbXJo`k!p{n$bj6eo!I6dsmGGqV|2CJ zJTosd*;69{8T0EWeZcbC30>JNBoL~x!F>H5g2(hHOV0MT!V+1%tEnGo(MWRY{&qyr z=5uH02nW?IHnmShshv;3EKV?`3Imms7XOZ02|zH0>Id$?Pc*uAIiYPYLVz`){ON5{KFX zRGJmJwn69TtCF&-Kx;dpA}$0cm#f^q+^EY>tJn*e-yRT~uQ0KrbX#RUE|%U{{|If{ zu3f#QpyrK>QbBR=yXEiciTWCF*yOnpI-um~yiZ(YA3)!i30dvnLNleBvR%-!s&_zb zp8zJcKL4qbkGM~;P{RQSawa3DnAZ+;!LV+E^-P4jtGe`Ks8pT%o39|*>Fl4cgp}I2 z057>H+P8)>>y7O_)PWMLfcr@c3FL8tw2EHQj3V!B*YY7IIQc$?bmTGM6NuCSjkCDK z`sT)RdYg1m6pgGi@2_PeidQ&fv=+tlZYrdr!zM6(mK)5T4d%_Cv5nwQlm2eABK;U+ zq~$Z$zoXkG;uRFHnNFYXevI$oG-+l*Cgscx0u;iP=RLeiZdtqN-hU!f_C3QY06fYW z5M+!nxvufIADm`qoKzz~a!0*a^wWd90o&K^U?^X>(T9RD|a{|KKNZCL6Wi&$LGqMA4q4t>iD${EP~^U zid#l6P$<<8Cigh5&vR#{|B~kKDVqozx!j940K(mU&tUgQP=3L9iy+9c7ihI%wzUhq zu7n($!g~j8jAQ$+vN+dtH*ZcHMaTCznkYIrHX4V!L6g^{1KZ~_GGE(@-iZ4l?I)`d z{xVwo3WG!Ee=Yv5Gy_i?^yh}a{RfWbYl2W&PW;j$O%969Y_Z`i{3OF^LN;H>h7DlQ zt^gWYNssqxq@r{`Fi?30@&fls*V-bUy67JySgb^>JddKL!yF)fI;`u42sFDTPdXt= zl^6_6!o9VArtQE)EU3IqEmlayV$*7PE;6&W-a$ToJ{CN6~z^C@vJ9y)K|VHZ#+o2K{HX?!NsCJ zgOWvBpUk++#W)Sa?3D{pMF>8I6^S|JNUpXLSKm%cIBh^IF~whOwCy?K1Qf4S4vLgW z0*;SnAL{zL$E}@5TzKeX`~an&WW)#9D~00Ewg(qnGbfkw{H`ZdY0s)hI@@ob4<#av zmsR)N8(kXg*i0RzboyOa^aQ~L@Wn$rIRMC|hgGsXepXk=ZY37M5 zGD}U6y8}KFfiJ~b7cIcC8`g~u?I|nO&F%o)JNOwf!|i2l0aZ2i@o5;s!5X zeYabcO=rPa;G&~nH#PYLg&y3+cvW#E-O1BU`uYl&NV2ormB2LS#15F2{MSgeq^=3k zit>0WNfZ?k$WP(_sp7x=|5fqNV($&EB1y49X#G84$oJ^ZI+@d=c3Nex&^Cwl^o>ij z%j5JMWCEqL|AMnib@I3hT_ec2@Hx$f2Se&f(tGRKdI3*>F$SCC{5`2I|CIdukL9wD zhxsmd{QbxJ=KUFehdYK%w{ZbS-k7RK(f+P9QjNGXT*;%$OXHka$3K13E2apX&kD#- zaa4~957geOq^WjK!o{}0>#%13^tWRZR92CcqQ<$q3~=Nrpjy+x_f}paxM#@WT+VLn zca?FQg&CQFav+)@b4Um0ubM^g2W(-FbDp$>NyPxw5GC3;`qu+7rrGlZ|#iU z1eZIEL|)%Ny?-#BPR$p>=VBC~T^rE^^nejb90O&%C7j#=iC*h^x<^ad_oXs!jZq;lXO{2Zy;QcJ6 z%nI;_-jsP|@F0BrBX+v7VjiSFXLuU4oSj~BZbDb-`>$BJ}$KxNoqFvWM z!2tFCAoIgt9e#T0f2`d;YA#3TUT&j1ee*8MTQ3BUwm}lF zg_)>#`nAD!D%+XTAqUc4z`wZ~u-*Hbq{u;F+P}o+2Y!xXZt!ighA`KFp(#x*H^xJ(heaL9MR-T zP$|Fn5g}MCM&Jzcdnb!RIQs|tMwwGzq(3(7g$JSNNb%RZL{E`VuP8Tf4gg}3c-=f zrquB^YWoM}mN}p5>A!f$gN0%DV}y0{qkZsAcmyhN{y zf%x|(vUTme%WT%azZY&pfXX_4KQ+a*ajpCHGN8z}>;rM2pVMvKP*!w1m&jxj5~~1< zdJ|nyo0akUaG`f#(boYADl8;AF1q>AujSz-p=18M^(&7Un_$}hHOCWD`_-VdQ4F#< z_$yk1M>zt8cfGx2_I}?b{6v=iMglY?0hNTFESSZR2v9R0br!aIsZ~Z{H}r&&!0%5# z(JSj^?}F(^n(18#zrVt+JclVziq4ZaaX|;S7{I%~iA@P6q|{17uu3~oNd-*E`}sFK zUI$?&lgy#CZsGYl$3%?KW(nfI*$NcTA^2cL(*-~$@O8c^5bai5SpcbMt$-CMp!Ujo zClZ#qtXMVuzLcalI%1|j$I<^r6$B@G+EIjSozo;ig$b0eoK1rmj7rT$X}+- z#IWI-9;3eX=3(y2WES@;kVIp87WGM)x71S&ABh3WUK(67AhFEeG5n}blV9=X@G*69 zb?gHpm-LQ8R64!7Gl^yk=2x06_Q=vus2DUs$lV;d`Xsu`4LHVv9%}vd$74i@t^~v* zo^;XX$ePCxuND0jnn;;ee;7uQjJtL4vU3vOP2&e@6ghK04Sc^hKffbbQGef9jloNR zZx!mN@X~}=8*=raWWkn!0ZwBlJBx0;6qH{oX17z6aXu zN3X87kkt9MmTK=WPY!}Nj|9kOBvKA29^c760Ke0aSMCtQ^$C8zP!v3yEONpkX+T(!d#3ZpU$zT zC0&EU186x&t-7ma+>T%6f;|MR?jy^MOKu0HVtm5=h`ai}0v{Y&(1O zcFW@(gXwra#mxHs_*WoRmx5xmyGCO=&TF_Rlf;=8GgmBOxN}HuInVamUFmSUr|A}G zIs0$qfNwvoF+p5a#&(YW!6?Y08Ex1ihGu`L0k(R10!}9)I2S@F6B=qRolyQky5qAL zDk$}z(6dhiiXXr$ax;17v+q#sKlNRJwA>9(@P?zKYbSK*XF!E~Q$ zcrrV2n35D9KMHgL4P2sA4=3P@Jkm3}7!^2orUBV5FO z=#r+z`Mm1j(`5$iZAohJMMOR#6^tCXqzm{myyEW^BW+L z4#=a^xhxtOtClpV`-|^b;xb^QF4l^arW(z>&CvL;iS+`VmN%SZ3KF{KAv(kDij%p{ zH1vKG0OZXEBZSU{Y73aQO)t&N-YsZ&@IEJUh+%q`+&&Y3PCI#J#B#Xn252oay%KMG zk8Yw<(GO>>o%!2;?O&?0+C1_J*@p}rlT4jvakoZ$&7BILRRiI$VQ-{%O@JkVx%h50jxUdyA2U=UkIJ8KJRH^Jqa1AQk^l(m3D)amA)+WH z_T6(HU5g(kh4U#2lb%d)6U$6>r+XVi)e*IJapsJYw}rg!cHT?rLEqhR{sXjxJkcB% zvxpIeMKog=(GQEU^(lZZpo!;UZ~QcV##_8IMI^T}(J)O`}pYxg?43>UWLtfZuxJQJuGNSWG5N$YwmQ^sj`a6z2d4f%L}6 z>nYYYbQ!yo38mJj7+35jxlBQ@(x|2fLQYaZK$Q+p4lGqww^78a=gNQz!C69^qhxNi zt@Ksly!GdN^nVMMClQoD5tEerPp(N~MVh!nA0N#~uoYbX9kUW>EE)(g`8|t#H0r7< zi=wb~pSd8c6rZjR2)jLHXPZO?ZA3NaRI8$gItK)w$(K zI^sZ1HJHNb`iXI?>LN3JTX?bVG`ll%d=QagT&yH%Dv<-!u&C@tL65cgw`3EL>Tkjd znosV12xIJR(&DmypH~%y97gB25KhFAq3z!@La9wwrhbYH`Akg+`&JVH7~_tdBj@o# zt=5aGuAjH?_w;`Q55!u|Q(-cYcH-4SJ-DC03t~_%_4^i+i*IMx*(2~60MyY4Zk`z#|Sbr?`7?l?a|*CJD9jzyusLnMH7XHMd(xO}fn zxVmVIBi+gTI%Bn@_w?wWut5}vp2*=1HKcj+W++u(ktdYnLb=HZbiANWN7@b(#D$DmwnhGRbQg zmN7d&C{>98I`mf3#_dHzifW?MLetWW+vF4NI#ZT&MwZ~gDAYn1?po2U*@^p=;?5Y} zz}a7vIpfX4B<q?Z z(bGsJ>&@&T^LB$_B;VhLC~yYWEjRlTR!`&{#?``N`6o6ppHoVVo6-y|C2rc^P89v0 zr{d6D6v3e&5Ka<}z?9Zoy#z#f{1-i5)pADsA6@@MfdQqqQ$NgwMQUE^|tgSHmi9QCY=^@5&V20BKF3m zD(Y2}b>tJiE(;N|S@C&oZaNpcAfTwu<>5@?jl0GbiKNt$5bWqIEj zf}PyMf<(##X#I$y>ErL+NMFOHuKhf;;q|y1RyS4V!=5Zj`7JVXQPYI5oT-rRt8;xxWL?D)_kCfJ7GNUMJ!{AAJ^9# zyiaV4FYwCvs<6%zXt5TrNE?v{dqD37Cifd~e$YIQ(X^xPx42AU($F{!w82J6$f!B1Q6Y@5wKhKVUvMtMXeSXl2mt4z%6g_VE}6o>R(?TKzUnJC_Rm>0 z9IQ#Kp3sph6EwOG;eZh>ps!Jy_iG5Ljuv9(`(rD>;09a?Uq5dYb+W~JJd{g!P6YSk zs>l&r1|2pywvx2KGE7zwGR5`;Vdr;26Q$q;T7y=)vj38exTrjfFF5#??|5*xDm}Qi z2Ci^oi{$6Rvu|Go!5+@k;*DNhF-TL^efyvqeR#qPxGe`tMY4Pq2tX4t3>K{{bR;QX zfcb~Lgpu1lUH0?4xUj(TYD!bpDM@C6cd@iBZFseRqYWH(+htGq>Hc$J$G3eG@{Ou!xGYcz{2Ix_OBRM<-GY$TMXGWTVJKL_RLkjegP|QmjcI z7+8_4tiHZzOC#Ok4*uAA#^wZis{;i%OH^?^X+4FFfB|s%VdqBSv^7L7xvswauVPr{>7j8p$*I8K{2Tzx50-P3C z)MYaU$Nr7Wd4)hvnHwLj-^&seA-l=Xb!eH9dZz}HfgjJc+)`D37dNE+gn;T^XWcCZ z($Nse%~19CA4QfHBY2UC`Rct#d;eq3OtIn_w}JOtp$(uT?d(G2R~rRnHg{g=;993? z1YvWqdeoy3evyUe)7V$!FyaVeeWnv|I&ER%Y(oAL8AiM_tUY=u+^$}lC4lkF zAt5sgfhnT((ktwo^2JF!vi#Mn#PhW8As0~A96ES9<|5HHl*B}uEki)`nvwHm)>g_3 zN)mp(G&j4Z)5&!USL;(ZK;`pR+gbxa6bOI$FGRt`TD<5<*zRK5KbV5AJORWC=@K@= zk!r#5Dn6<#nS^?ui@XyDXxb0ilXZ|ehszeW;(|6L^*bJdM=9h!1P6;$w46wI-$`Qb z{CM7|3ni=1o4Y9D;ARm1;;z3Qei!V9tRFTjtfp~ zy}g-9)0YI;yiJU-9fG(>P_@=ACGY?{5hwJHT1HQySOQ-e=d(tMc43Xx64n6dtp#P+ zH_}CJ$0H>X24>U7Sbk`e*&-re;@?~-$(`3UH9leXJcIK z{Z0jC!RLR&qR|)WPF&0)57KTP?0bt}cm@p2i{jH@Cmk6yZ_?vbzF?F9&&t2SI?k0& z?P)?U{qQvl&lo=fPuNe*su*k)h7po1u|ZArcCe|x+Cl&q)IL#fC5Nur?3%%FE+ma3 zSDCJz&mCNnb6%}dvrKefA!{Bf9r8Kx@vH~fokmD{e^F?(+2`YXV=qyga1 z0BG66&oU3779^}+BZR~A?87Ji2{8DcQ@p_D*C~h~1J3=As(>J@JR>&mHgUrS*y7e> z7-_*FH+5152q%)*B%=YD0JR{CapgP(=(0IQ_qxB=KSAd@#Xm2ax$jBk25kcoMt-tMheuvdwlP}F1Os$j{cifEH=Q9@CnIWJ=DY8l=5Cap+7a!$Vw|`1q(lHj6~O$O;gGK}Zd}A% z7_N-2`U0~9N2|vyW#)Ae4UWg&J`}<_%`f{vd=yL6Amz9IUUx@=T!Yy zups-acw}nOpbh}I1Brp;d|N`}+>q_`t&jINrvzL_-MAD|o3?9`UR};s7>tz)o5bAw zHD(~=jbWaIO$>$VHzZF<8wQPBHjm}pnqDX1#6Gj5o>wXTN?Vp)n z3!oSIQlPH&YP+izQ0MvMw1>mmZ=(g26@Kw+)2w&N*D&F`81tS(+N$|_#zwzo#~ks7 zU_4t3Vsz@jJ~;uSVoka;(2QXprEYji4cQG$XlxNtQ-U0>$vOQ-R%&8DC3LLmzXEYw z^{p_^(^8djKZ*hz5eFc$XT2KICw&+59z9{f`M}5Pfdu?oQoJ|fFvIX0R#?7AFlPL| zBKz`S1R4EC(PIaQa~B#~7wiWopBl*F1&q*c((h9D-tx4YKH&P38gRP=65fkp(kzES znuLafUD&9n3K7F; z1xTtqJ{_dOd%Wsi=p~D#r);JoDHs@|14^<=EPUI~761g0%H3u7F{JacN@zv8IzU>GH9eCXXfm!I*{ zNu!;0@*-1o7o02~f%wNgWeSEj3Nh4WR8-zWZ(TZXbZ8Ka=m$$;jvGYsBU%a7A?r(S)S7bYp8w4 zR>v7m5gqpcc<=J8o0Q>Rsk1m6m=!YV_U_>5@$-aQ1w2T;Cnpy0FJ6Wx|N2tZ2{bTL zNX0Wg^BQ($>yvj=rXGb8p&gs&tIgnQ%%=keRhWdgq!WR8S|umF>E1#mk(BFz0v>Ih zR+>^#^Qh#+A@R3VcI~#my_5B>8Df>Nz#~F4!; z`cS|W6!#dmJ2^}w_ra3<^_L0{k~Cj0?YU-cdRhj(q6eAl`^!8X@`Hg zkFw|?cwD2o)d7Ou8p(wKlwK~`&cO@kYBIye2K1ZU zkj?dx76dLd1=y!>NUwZO4aEDol@zoJzZASkm#h=bYddVb#UZy30_k1<1X`g%oybV@ zQ8W)yNur_aYM79&;T7RR%t z5gKv7#7lvW7M<1Z(;n~&y>1F$^~9O|A}L*Tk(LbiB!{!AXeWi4w8uSpee)S)qgnHy zvit3Ok|5ag%c*e2gyK@&a%*? zka>;;r`U0JYLu;{q;4HasV^2;_F>-p?Wj8>crW$W#j7wh`(x@CgQuVe@Yl8Tf5vF( z6G7qD)z@bN?T}H-w?yn;1Kud+HA)8#c9HP85u*|FnsN(R4v6$6GJwK_e_}B88#`w~ zF=N%~ah0gE2g~u7z70hoVS;5}=AN!{rnLcPH_?WXa%nPIo2!(Y%sdwOi88gXSyyanfvX2W*zO$%I3||S+&4OL)^JngTC|cpnxb1GZw+H=YmNVz z>i$-}=BMd|_O{!tek9Igp`P;iLcKQkHRu=L=73v~xQic7 z79v?KKzo|5xoaw^7&`A;{kcYIKFx?VbNU zqYKH-cNcY(pVIy|2W`g&3f_^kp5En?-Z!2ojU;uD2RgaC6ZEC@qcrppQFp1)V*|Zq~E+Jd2JfvBK1 zoR`U}35M*u#%1q#bpJXZvoAJ?upM0+7$@2o5KuJ?hITO+Jmh*x+zP7r8dX|JZa~H1k!;VFMDrd zC99%aH98&pQV0jX;kxiIg|$-sGy{YO~k+%MDz=HdsU~ ziJu}kr!>+u;A58HJhO^F>A?%?;Jj7zXB>5 zpuz3JwIQO8_#&0E4u<|1;aq6~3WW|4o3$>)9m2(ld~_J1nX>3BeLk1)qY&oE_lAAs z-7bZAJUmzXCn6dzgD--^2w3$ov}NPJfYVK9aza6d#E(@jyR2`(6RA;bNEp6Q50JLT z<0h)C6YWMvsS70qxt)_}p)t1}3G-l+jMrZdPdErEp{u_#^{iGlpa(chIp962J&1|1 zrtWWs@+sfO=qXR^YcnrFq-IF(i2ObG@5@>T_=5($)*c`$?R+=cRxtGAv(NU2Vr(Xq z7wR`P+H}3~l%30N4#-f0Ua25Lp~o1Mr{Dwf899dv9hZ?C74mqU!sV{~m?{-Be|n8P zXpdXBd(wMfr$7Qut4&a@6)+%8ee~b8t#b3;J#&b)@|0xc+0@u1AQ@%gnF+;Lo7=zO z;PEDNOjB_w6Y#pn=Px{TnaSN3JhnUE8i_x~^bZc|I9hTyI(N9;sRk|gHnqy_opd4R z+6&C@T2F45@OuLuN4)i=YraJ*^C)(8=yGr7BWVTXQMcx4hj;meaMifxNmo4;GAR4B zdR@T=SgPn&ImfioSpl;udYdXm{$_X=_tu(;r+%-Z>&Dbpyf4AEp5c2+KegmFIBA+} zoUyd)_C1yHlGx2q#3P7(Nt^H729GYAjvy$w5}6h#>n@Wqv~n9f_@wJwj5byFo+LDC zkn72wB)c_25E`G?7L(zpYpiU%v|!V7(Ul;hDDgOf^n29XA};<#-iBY?P4}OnZy{fB z=)w<_QTDzJQLHm~x4?L{oHVjgY2<=*O;kl|N%f#>r({#{H<1y7gIi&6 zfT>II_k(UvsKw#BVW zUC`Ee^lY`+bgm;kRdov;j^!`7=PAEFK{XxgT$K($nq`w=ykywxJ=_Zqwprafj`|#% z&UZej-@?dG%xkNNAljO>VJCOYcH4fY63%?kgGa7 zvQj3(GmIo!61Y*PtwZiV!+}r}$c|3VM4i@j6$?H`FeBxYdVF&`o58NLeF##ecVs$v zdUWT;DS@a>u=<=^U6dTsdyg>e<4HGq*rn9xQ`!g$-l$e zDuQ;aqoyo>03^Eh09%8NTji344pGrBoAio_<77fW8wwO;B@h{p-23rfj5X!v5L{I& z31BCbtSw{lTgSb))L1J#fYIi6$=13z2)$=nE?&3efl<8m>u@RK>uGmkgyO3sBn!eh zpKxSmkVXMY4hAmbs9TY8V(X`_7JP08jEobpB^w)uyD+tKGy4snsECIK-U=(M(R?S) zV3lG`xT@`;z-zE4{N44wL6Tu!HQVoM<3sMbm)}*c`P?0_jhYy|G-=o};ZcZ*H%TWp zxokUBK{Mm|8)j{QS9PDd-?{!eoKWa+o{YdxDJ;uaqdfL+p1&B>PFbYN{14lvZ=qkaQYn?i;qD@sN;J)x$voy@7EM*1BtsdvpFF_^RPycw`x`x_$3_fWpR|8rI4& zXP2!)##^qV(-;xGoPfe`3}d!&lw~IvvE=NxC39Lkq9m7{3?U`zO-V&4>1ZWoARG%iAC`+p2l*gGHT&hv4O2K{vte zYZme4NmqUzJI=?=YnJPE3VK?()iDYR`AiYSiqGxPs+EQWVI=RNk#HEPdx(sanl{|& zJ14k!fCPvmQ8QtY0U>-h5)MHCt=GK`z@qH3dO9_%bz_qI1=5=eVEvr`@pLDe#AMYYPHNFiFN&rt9UAG6XeN>OfENQsIZAMx&(i zpVq>=KL}R0N_yoB(+m#wme$O4+e6SdZWZh!5Py#`=bjPH^g&S^k^ps#-~&wTshO~I z?koJnCRqI#KJ6sJlDs^0MmQYs@WHQVeXYo8Rv_%bTywodi=|INlh5C6dbm-9b-=&! zHiTizwk$d{fdOP+eL03KuoeZT3VyC#_78g(2)fS;%GV9$DMl&3l;i9yivL zAtp)sdt@3yJJ^WgDYS*Z z)Y{yGBqB{sQ};^3iyyAqlq4SQgh0m#@G4*8j&Wk+uS}R0{gFy2o7)t4kAfYUkkXZ% zJRC}UvV0uQGShXZ2dd23vZdk>I)Yo_Z|y|5bK79OkubN%%!2iP=OT-_X+grni2s?& zjuDL5<>ss5pt+DKiX==};b79N6ap;_CvQhdg1`+|FBaO7cAGre{l9qf%xo~9afv-@Kb zJnqi(#H&-bv$7i=$-J$w6NEhtk523WDXtmRsTmwNk00N^Fd4v}xl(o!n>im?o*5*2 zkjWFcfw*pJ)^hMangW|m^z$|RXy166XP?H?Hzs75OWq3iW@w|xGG5106^AC^&9_&7 z{SAw!li2j-Uf$oXUZdSx*A*tf2mlDmyi$`3i$o$N*TMbSzKNc3EVsgrGNbpWo2y_V zo5SgJg%NvLY?opbgDP07ywetw|~y4F;jG)L%_SfeaA@?ic z)g49ZpX+QP=$uY>5joBg_x0MonXZbTBER+mUV#c#Q)^y^JYQq}cAow9YHy5lpWy^J z;vpCM#s~2o)boKRNKDlRUCZgzUSID^RciKXq7@?v*^EP|AWwC?+wME}rxV=dDb zZI9;6&=*W{*;O*>{8F^8)!Ca68ufSfG;)YtHIKM6^F%ulBfKy&v#p!wmuJkQf*{#LpAMg8*tNSK=^ntS)z2e4Uy5|PcD#Q)f2dKa_Z1-P1Hi!Q{?>2kk=XVX~=nDVe zm-)YL(j^{Nb>)h27pA=JaPDk-{-4LdTlV~VlQ!Vp{r|sBQyO4-nRb)pu;SKf z_tt#K+n_m)UjF;@|9(>cEYW{|^XC))BKp5>Yio5N`%@ee(296S5qSIM`>QuAfbwfg zg8%z_SfE`7<&wVyhQn$x;1(Irtd>VO$l>I-_y-EgHQZv&dUYOe2a~=87CyFo6}ed= zsMT{kG3U!sPtT$4Ic-Xv<6aYshjSI4bB|v$)TMlKb*+30kGUG|4m!*X$5JI4H9mk$ zKPidT_Uuc^wcF6WS*qO1luA`wlH>mB!JNIAs|*oG0Gru(Tj2+b)%#nWa2EzBhAWLX z!4rS&z<)p9UrS#e@x&wkQ|I+NnHAinb%U1j&8B~zl|C!5gx;u>sa8;q zm0A+@MNz;2^KJ#xZjW1^Rsd*3FwJ0mXQ7fs?BokIK=M7D#2%zC8Y=XIS~B+HT2FSC zcec{8@lEqcdl#ZX__z9Ks@@J?fB5i&KpkdSpusu1moCVhX!2taPqj7j=0N<1alIAb z%0WENM;%~K2>I6|-idlaGF>7d8*W~>bsdbpdUt7o@%kp^W;c6xG2u5AxpS#zxy6hX z{(CFGUCm&pOv}xIjxszZ!EL7Ya#KA{YUu>|T!MEt?^1YO2U1#uF+5Hl-7zS-i~%?Z zYwCIL$DJq)I@NOWgSkd@v2ap`P)3zflnaETmp~_yU!?iWRB5i}-1u0Qd->r#H%>#P z4y{1$!;1fPhV`-bNiUhV;IMl7j&bDWZerxNR58TkL{ojTss$XWAQiU2GW7ngw6$p4 z{;OA7ojLP$ZQE6?0+rBeErW{gcsBD3fsvhwqDGh21_Z^t;c_M0zrJP$5VNmg|BuA^ ziFym0*lSTmXgqi+JZ7I~knxaOmEP1|jo9~^B9%Vpr-BKSwgyL{us>h3A{P#QEZ!yc zbgBQ@`TyG8*RX|ON)ayki;%x{*F6FQRDKHgGFf4Ro^-fO$FniBB~#UN>piz|8P%&% z*e$_pta2F>jm48vhME>-c*GTJY@;S{SFDw7Z_7QJ<47l9t$y?IZ-tYkoBUII(LgM3 zlc}$iA^Z?^$fq9Q z_RqVt-0NH6N?Vmm)Zw^)q5Hiz84(0H^*^mrBY%pX8~>AZQSScj*<9SjyxA8`@}uSA z$Jfyv1*#2*tMscn%eiXpdGPD}=3jZ78hA19S^k^t^yL(M;SKM3Wu_&O#8&Wo9v+>v zjn;9Wpw~RZt%e?;~XXu%vDaQnq~LC5<6ZpwVJ!?Yfl zt_*NZwmz)@z8uL-u@_Y$yLiNbe90%HeC3itUhwlWPUln$f_XqkRQ0+)72lc46EGZ& zM=hMmN7@{SW#I)o?k(cTrar1A>8q>+C2G`I0opiiAS{*eT{zJb&Ty&FAIH{O&wU%t z{lL2O8feDrM^1f@rK7h~I4vsQ-QlamYc}hVRexO=$z- zPn2PeU-7PaGN~wlraG!9?@P&JbitWm9*5G_COJ@UMUGH)PI~^TB>x{@74i&;sMUIJ z#E&<<5$OmEwZ|t3$XZeG&h~X|>F;cRl;nH@GL-_Qw%>99*2v0&wKLSCDFLtP3;8An z-vwZDeL#8Xw|+5tbWvTpm!T2iu#AvvZ*&-;mqbeAB79=SYPD#&a?UQoKzeBFz?C`* zn&XUAd?tW!i?>~)(h$+M862SF-TY$ta303_7@U)x>zT&ux&jyco}1uFmGQRV`{iU8 z(5mDgtlz&lA@D>A>g(pVU7#6w+628f|6Hr*d{snnLfHKJ;M3LFpw0T03_zXDD4yU7 zZxDIIG-uIES|jZp^bA`m!}B5;&yzt0c|nG&s}ltFPL=sD?bSP!g5|z(fPFdwk-vFi z%DEu$zFdC7s25?Gk9b(IrtqLS_C1<+x{1=Pxd0WR^RJZ{i{VtlW{jo~^}{l$0BWjX~-CSlLL4YS!(Z=R_MrcUr3kx|F? zx6+3j4yJZR>zt$c0p5~p_y%03=cVK8k(QBKm))He9JvyRr}K*PV%+B9#`bn3`nrbK z&h=!u>%GH6kPK6@VV;2E$D{edhvC+Tw}5VQtrH|vwl6z%z;0OkVNmFJ} z*%WCOKyQqsB1aH&yqs1oFS(-T$OZBJ5vcC3B;eOD}V zZpS7=G?@S=NXGHxA6xM3EZBZ~(ZZ7}myX7yb%$#8y`rdE|32?i&iAN|9O`oCW3O8c z@W_qib3Atsix^h%$|P5Ht5tt0vQvD>08aV9mT7Rn_G?A&CygvBRHT*;<58?*$a4D$ zX4X%sJT!U93nFJ|4#yOohm%x(QlVs9IJ~1)a1tC?v{rK83*_^pkxgtw?fs)&WGa2#+`Gm}T|9 zEa&JZhLW&f0_gFpBrq2g;`pQWHt3|)&L})5OQKHnR2k07LWLPmdqUd}06}~N+=h`U zxQ*FVA2&%c>l@1$FumKZ8_Kik!e}L2b zexgyuneJgV7+`Jj<)53uC`Pljhx+9PM|uTM7L4O>+uqKztoL+|r0NjZzRGA3>OK0Z z42PE2

I`3J7 zS6jURzU5Z8FXK@NKWXs`y;oel&8fa>oz1s5+ShI7w@x=12v&;;msAn-0<#dM z^Bj)w25!1H5QTW7lhHOGpZzjh?AHw*{Hll6s!^p6hOpnlPF&{Ba4^`NNmBv&(1ajG z>ygtG8KvSZva1_E{F$rY^mvs}%{@SoiDI_arrL`->6zDXF;L=IdMw_$oYX$Dj?P}> z^QKgEK`+s%MFL1%8+<<{SZv1)XPbWxd}^6~4@0U$C=eAOptHDfq5X+#unkNwXDW5m=zbcQRn{J0G~`P#TV( zFM)`iL3wt)&~j8bg~N9tAM>YtwgjfUigbHqmlz82hoRo(QD9hAOs}u3^%r_*VAW4v z;79ZyI$9xseMD>TYnlKp(cpXk8$+5F@ zM68vPC2uk?X*O14PisSC<9>5O5r+SPP}^fwlRI%80Kmrd`C^v#nW`yMe zG3n_6!XmpB7^OR)mL>&-&t~Pt#UUAGJ^ZH?v6$>Vkn1FcsUIl9)&{1zcD1smtZ5BH zqka$FU-+dU?`j8XE8B21Ut?Wvsi-R(h4f}R?xw)2j^vKARwi0Q1re2cb5!m_yW@VZ zA;Co(HO&iRr;oGgZxqG2qU>ct;1{Ybtz-Am-NQQWU$uFWvYX^yIQdy}I_yLdJ9N>& zoNbRXzxKaw&uEW^k#CsVi?t3$M^yNI1*9-uJbkmco7TwLcqrrdRxZO1;L;&3kQ`|M=}i59xbcx0pmP``wRME_*ZHodR@hdQ~Ok2}b&UFN5rMwK9JbNeY zIXr=tbFm87B76+45^qv5{vlQSSq%(pRkyLzb!tE|h^vJ;h+AVSqZZz*1X-vyqv8J{ zL38eT@(8i>zB$pWW9~Yt4je|sBfTLebCf4O{wE{{B1nuGgs2RZUU@8pNQ-N-#o+U8 z??BKGYD}q)Z7edYufD7~QWlZv87knw^X&oF*4rx$eD=kPLhC?u;Svlq3GRsNh)L}v~oclMd-&Pp$ z`{AGdbCUUx067o)kEn3w?d@7!KP(XgwuA5tk%$=y-aGMnJPg+|*(GEtGwD!*Z~%A+ zA)D3Sjje_3>O+VZT~=F3)QS8RxbZlop*0%ZiAKtcupD9(vxvB;8OOvI5>5io(|SKY zwd>RMdxHaUbUftSq&XlhnJSFSSs8S#Tr6!v1qqU{(up8F0Yyrt1tDg)qb_|XLgL9^ zA0~?xmZ<5!3@XsNTmyJGtk2P7KC1b*beg4K&31nC&HiXZZIwkOVgGDA97RDgluY!x zvr|0GZb7_xE)p)PuRYEOeP02@l!a(MWYSAIw0&$jKiLm><0>;Gd_{(%X);WWCbinB zXO6d%CFd*vicUId8VD+gW4mEA*PxsCe(nHqW)23wH$@l$pO72VVvRdG3IX?!k-cA| zQ_$Jw6K#Cy1Khmx0d&Jv9phwV^z&&^c(@qZhXC?Z=J2q3tInw-wtDU|Jb&3^mI~R7 zkuw)A!W}l!Hi?Gw4EH?k5H+28-AAXB*Q)ng3sOMI0Fya1@o`Ymn>@|w3Y<3Da9uWX z4tto>BCUf` z#L-u9$hfeL;Go^4J#FT_(FSOatd`2OWe^?7VKd^Q+ttoXqrq5TTDdgA%cPn&L=OA& zi1e|{%#nPEi?Zq5Zy%W=W3e;vn6v{%HN^RQ!#iSqYOncd3RX{5J(=Z4?GyeZ>tvhw z0&yU!-B~}yVdq`%9#I!;uP?WgX&#@K-|eZvlrIc1X|b?qJtq?}>zFOC`2{{`y-4|> z-sKc4F|Q^P^~&@ECn2^ww#QpFHXScU5rbxu`C6Ry1*KI$A7pn>syWB{SyL^~%G1m- zW1`5kIBYwAmj#e-?Jwf;M^FQ2Ks4h$fxd6DfY}~M6q+NYh}(Ijsq)j=#@3Ykh17M* zdZSh&AFYk8va<(D=orap9*YLUxwBJ`b(RHx2ONLIKj}i{nNj$;p3-4&w%y?+ zr~~B)JosvRPj|(qMIU3sQt(tcG`?h0q`b%hyaohsassIVlGwdOYHrtu%uSv-whT6% z4P^+&!gW9M(C)|41KsL0vCsxmxF4z%l*wVJb#0a4k)nbSS*EX-$==B>;MB?Bg2iy( zIxu1i3KadIc}$n+=Z2c+>M1&%5HsSK>Dfbe6UP+a;Kv7JIk6!O)p)a%nLX|K1bW6 z+550U$0NK3Qb5iT1@H+Gcj0 z+4PTZ`gBNchr7BRqmK+ZL=-UBLm-*%PkTU}O_rFr9g%3ydt>-}8m$8Wubn254ROZe zc~IM2EqRVcCzb&NMV)T+R=^q+#H5AWA=-O(Sr_(!Kl#9_VJ7tM{G8H8qmEqD&D`n3 zn@=#oN3d2rPDcT(`nz|}?9)*pdGJSsfo4lE_s*F% zNsp%qg$G3_&bw7JEJ`}}ERS=@ie<@Z4m$V&T9csvz zeZ;QeRDEZSmMsM$Jz8#scjUL!<;Kg0Ny6wQdyso{gGR)rj@8aDZ%OyMLu_!^*DIXI z^CkNKIQz@EuD-SH7bc~oyIVlIJ0z7xK)M8^Q@WAvl8{EEySqz3>5>lVZjjo8zq;1C zuKQlk-k;|s2>6?Gjyc8|-{UytaAMVXypiS!f_G=twe?gX^x1TYMv#h&a-Pzw(4sCh zIzXvy<`bFw(H|Nn1wQjHi1>(lxnfX7maU%t{`;&Wi)Syx`NyYP6{MIb9?wU*SuQxS zw1|0Z72S}#cpOiANNR}G477JFc0Rr;m6r&~?vOZhz~P!B7Xt1gRMH*t=#A^UCt3Fj z`$|QJV-1ulh3YTh(TFa&?q^<31w)?RDBLqI|bGNyksupVxA#F_6YMIO$- zsr;a1Wrtn+zQrK}wRGnk%Vg6_T;Y=yjFfil?BvF6m(r$JmPvh){Upy$Q{x@-;7E;L z$+T9It0eW$dD73h=XwWUkRX z#qopRY(QnE+U)&DZO%fq0H+sL#IQ5RE({JGO2RfNn2%Nvw zBV^Ls(vv5ALBy6(UYROa!mP))8~jXt5f|eFn}|k?#-@&=qROBYY8670pyhybGD7zK zPpLFF^iO3}w7Ue}bflbaBoT&?+vW*yP9#JovwX~bjJ`sELg(>dH)Dd_Di(wLZFfH& zwsAJDItFXNOe+KwJUXA$;@e5D9>;C={ZIH%Ib z9XJd@Nq%=R%4|FrTXdP_+EP^MfRX%JcaGTo^(HATRl<|+(xIAddoXb#!fAd(L5xzst_+DQPVST(t6HO|;e7fJ^ck{YEiK<`5 z-ql&4_X-rCRhZ+~%MZ@S_J@Z8UEKBT}U3ApG&Hfr=<(vuM z1*0CYEQ((6exFZ==c?luk7WaRh__~jp}1*WJih*`qu0#`<*p|w{quM=*&zi(et`_*hv${;--YZ{idZXB7~P^#_8&sSUXHBEGCzj2>P9&eYK_D+Cz<|6j^0{Mqk@0q-k!w+cE%5v@WlE6lm76AsgM{Q6@f6xh&U6=+#}j^XvN;Gh zbVsx+v7*)Ju&s?a|CPz+5-Eggsu)ujCvW((rS&D?cGPYb2u{vmPQ$5;a)iZmFNi9C zc}%rhgIn`{#ce4m1%#6HeaYJ)jG)2fdx<=CPk2TI6=fK~Q2l;w| z5jWF$s7$NdtivAY1kl8KME)!C4c>)$skm_qS;CIHaEv)n=H()32hxuZWo_39KuuJ1 zk;G<3)a~HT0Wg_YEeNfq&9D)j6_&RnXQ1<#69G)X0xUJE5QjxK$?|oi@WJw{#2~#7 z0SgdPHGCMniLH8~IQ7>+h3EMLRxxgl&C|I<|Rt$ztR$~a|wA*@4b zf=G`IJNtMB4X7tUPe1BguwDnITvSHpkkcNW}U9&@b}(A$#nm&__`r(MD#{R{$@QiEGu zFZLr|5H(%!BpwbMCd2E3Szh1L_?I#y1}hx~rq|icf3ncNt}jRP045-ETFI6f>=t|= z1A~>%5JD#AcaGcqf7jXYB)Co1^cjgjpnx;I@!8fQ03;uqG_q+M>N^QLUv>|yMu^6n zn)FOZFa`Jir5-9dGtt}Yvxwob!!Sb%r37}l5$Gg1msUWAY+N`LQp0>_9QOWZk%!KcZWP4$ztn)1l zZ_djYD4d}TdO^}d%=Ec?j}!68-4#T*@0uPc+%}8hAI1v>mDn_cgOM-PO*hzIt;!uu z{u3%LvF5fK_C55+tA15<(^C_E_Y{DqgqQ!L`sV&j#IQ^tWBpTHUKNAwsW{EiCRn7% z{pz1c&x{51a!4^ZDOGNG|9&u$M37uzy zQ9_#2EFwMn!C5*v-~!lk$sIUpqMYAlL)(6o=lBX@AU^-Uu&o4mcerKfO_2uGL>8S_xnmyuFyS8TqVAsL}dMVQ@n(EAq%c zlvJwvQQs1N2J|iV4eqkLa?62cnl+Xv86Mh%erSB!@MEnD)LlalBX@@D#PI@M#Au|W zXXoQm977jJtp8$%0Oa!=vgiXF*lmBl(5*Q9ouiPUkMiU-isuXr6$+Y@6s^qYM@`mB zI`i3lV6G18m78F-9tbj=i!W5+{zSZWrh-4|*LTqSo|bXH|KLw!SgG1fVO_{(pA)|y z?lA*{t)&Ev(m#FtI9O`|(iJzMo;l9Ve~Gb*(e!;&L_?m%99cBOiNfPBFCs;=8B0_4 zfYAwA7c?0JeO0*%0mVNm2MklO-q%=Rf5`2R%WLFYXB`3w6Hd5QJ90}B==v!H9%ldv zMMvp^d-$5j6Vqj>JJ#Z|!?c`S#XZWHg$9Iv6xwgwfc3D%|C^ z7CF#vFygO>dTgW84KGLEN3)7a;$PZVe(6-!HmA#NayX8Su|6I%e*H9?-nJdeVXyCu zXC-{E?B8Mu``38aMT-|KCB*J5dYRliYBMO>pHCx?WaEI@E}iblM!;~W)tkY(uAl?_ z>bpmQf`#v3G{plP>OqJvO<(5oAFt9qUsn4Z|Lj2sSrP%PmjAJRPNvoILVehi6L7C^OaB2P!I|9SEsA`PZQliFFZ zrkRn^A4X2Gq85;Y*%S`%d|fmbb_E_w%MMW*uIc)EfV8MU^Pi5{P;R3<)O?gE43GW^ zXxSow+|rEslKbJJ4vaAsZOW{*m3D#Lr)u_@x+!Mjuo}Yy%|a+axAU4=edq6qUR>D8QiSX?iAy-H5#7>)$Pe3 zewPr+f8a@EOc*2RAGgCZ9R8FamYQa(tx(%^>&cGa4J4s&1YfoQbmWE0^c{+5Py~m; zbVc9C(ZLs>%_zg3eeRGrM4Sa`YL)Vid#SzShl@>c$b_7nmY?H!S)jbzZf};_dJh8t zder5E))!Rpk$hykfP{XHH;JpZI&t><%}XeO4D5aiG;*AJ*bjy0Y=)KX$XeT0UL!*; zUY4Jt$`_G%sQ~QjsQlUZ=x2XiCt(+D9Fp5_xVPU+)F|?t41Y zP20nwgHSYF7;b>rj*40PB&ugIH%~p%M`ks76ucNTP~4nn$<(ukVSio0ra?aD;EpoD z@e}qd@{F{Y9MZQe%<4m^1EGv7ws^&sJ9siu&v;XyZoz!2^TB9RA)m=9hNFV~vKHPRBKL7ycpf=Uu> z5{J*sl*yzn_MSD(yQYzkhCF|b$L2!z(c@I^7(`kP)V zE$@|dwm3J}jrzM!-n({OyOzFhQ*=$^uMLupf1d2$=Yj$|5thIZpjtGg_`0EPc8R5; z^iBmG`E2bt)_9OizytE1_M~s8vNwyq2K<&##{S}CM+U`L>r0<9#!YlPqkv_?kz$7px7H~mhgI6f3->dy4za=Q$qC$>fWqZ^E1zW=-)!m~-XX8F#~n_pVn^%35}s;+QWk z_eSNK-?v!2<YF^RtPtYjryg6(!3Ex~!;*WGiCE}P+ zMMncrdqMm$ku0v(Y?#%`cUhm!s&4|fp50K~-k6j0%()2jd*M;rpbC<34d0U9UhubJ zlmvjV@885o9{DES@3FA4EhmV#PTSl(_GkHFDn!^Xq3S)}bbNqa&+JfmTQCMD3&U0N zB^rCPx<1ki`~$H8Oqfj};^eE3bCKs8POV?VFwNrLEYa#}%d;(^Qxt%SE>w|KDV~qI+Up=4ZhN@@TIte0 zbQjBRg2IaSkbHLFr|V*k7!|U}MSu4_@@{d*(K+3$l%ax6O+{_M0{%lkqK ztOkje(&6{v@w)*RYi#p$%2YvVdR}+h9B={Fv|j~Wmi5CuFI|~LD*w%%K2j92WC<9w zs+CmDS8oMos<=^nG@rMz`B6uyoYZ$cr%aI=7K`y;a!){vfI#JX_5 z8APSk`B+XkV)m`S@Q4IimyONJ*l#lF|DavL-~F8ONJXdAH?+=>*|OIKNB#Rpy&vNN zVOo3q|7eZ>zc9nyE}&fCUYi&Vh~Na_>7hS`jb+zIM0fLipj_ww``;3$2lX@w`UBed zigrdsjL3ig*D&B8?708^^}j#z-=gvV{$Jq#`B)2&pz{AeAIn!=T7NDfqN3V(p5f24 z*oJAnJK%>W=EC@Ov5i35{NN>PBOhM%@D&W@&Q{aIgfPb1o{1kNf=aPA2Kjc%l56=+LH5e zt^I$#$KYbXeW*C=w6FT-##Q)$znZ=;VdOhkwSG7}tFgSHkgSdK`>-o-kGT0~DgWQr z&foj~=Sf+YhX4MY9Ds$FgMI@M3$RfLMb1!dU=SypMr$CNuaw;=Ih6khw#6g#{k}>c z&&LYWaO8V7Uv&vG!``!zOkKg?;9wt6voKVh)8>2z2qwkDaXt_%$|beg#uQNz_5G`0 z_V-TxT?}YsQ0Xw%iDlY>*;0}H$?QfiQNebI6pgLT@cV+U{MvJ55|^)zF)Q-{|0O#5 zS>je{kDcBRERClv#Yvz;vFQ!uvGtBOTmrXuSq$?FHF82#=aV9cDAh2XDRDyj}a;jTO;+8XYKlpO4pA zE@C}bErbVJ-?% zAOY$MHD6;FlhnecwX(_F2229Wl(OY^xxGU7P-!|iHD=N3`Y#X7S6#k6u6_T($qOO7 zFFX!L$VD$)<9r)?(9HI9mCg6=rY&gFVybh6Qi?jTGe9pWd9tX({jg=1Jweaw8rF-? zRT?p>RHy0LU|0qjc{nNmfYp!23mCo@EwQ!s5OhkZFy4^C${d^c=dj2G6IBa4hJ8^W zQTK!n@)CeiE7MI}&vc3wGn2LRr6JVL{~uaBHj4-g;dH_^85ZVuZ{=8>42 z$u9qB*zt`)>lyWRj(spp#7pXOyYXj90>;VcRc`BS03fEzhclOe!eCVycUj>Lx0O7|Hr100d|J(G#;tE320ZE9Zc@w*i?gVmqR;m@+y{FkjacoEjV1VDtYAFX*h zYl)GkTTGPuHjV49Il@|la6jghVeTJ9d#L4ND z?RM;17&S()(kvMC{onyuW_a zD@QwNO~4&^C@Z!t(NURoJh*i=eH2-2XFSCp>(}3q)zDYp(#MyKS-RF69y|hUDJ|XB ztc}qbD~rbr8ZA?Tqlkhta0KFz4l9A;cHTGkO|jeN{SQUZ|HRQvX_n>n{Q~pXoDT%T z#hW^`$uZ#}e1Uc%hE&IJ^wByASI+}|D3v!X$o|wJLydO(6X;oOF zH=jt`Yna@iq^+NPNkZjT+h%QDG;z!_i|fVnx9$*Jz6!}OQoq}rRAUb#^S9hulCC=YJR z%IBY5@L0^PN}qX*20o(8rwK477CU|#k@(Vd0g4&Y2@H@q(ya(>_iit4%a@?HYJW^7 zL{F?){`CT&Q6Qn!t%f)HmIO)B-Qu*jg}`G!QQ_fJbcPpXsfT$T+j7e`k0x_L!efgj z|8N`D^s{z03>vd6Y#r$z032pewP?DLVJY&C32F7^e~X;1L`1MbLC8%t*lnnN@a-Oq z@HdsdLv4h4CY?qq3;B<<=wD{k;vQHawuG$Y&nrS8SAVTyImR zLYs_qFhk~0O1VTE89jI#irXXadcSV)=w}&CwEVXp(Q8l5GaCDDpf__A9g+ntxV|Pc z7P-yBk9+#ltL6X&8)!Q)ZhT-8zy5~Y3K4*a?GHvf!_!c2ICGriXK$>t z{0_2MAo(Au?4acD0@;%OqA?T_BIo6SpEJ6KS%e$Qr>PS?L%{1l`TxIFjTX^5g|OA>&z z-yD()vX7d!oc9j_^ZnFvT{fW=_Njdd5r2^g{aQGqh#Fjr#OD^0z6L0^Kj?+>t3dofnx!9H z|FXmT-y6118~lj+XftR5f~tsQMLmO#V+BFahk!8S)T(wl;;6wie%z1u%brQZIMzS= zAWGrU*-Z1pi!`eEU~24&zZghUp>&G3K0+p@)l%3v1?Qh%n%-OxvjLvX^3_kgPpa;w z0f;7q0>ph!+y!cwOEXef>@X~UH0r!HohTRLuvFATgx2&Tx%PGY;}MaaISbeT?Rs0K z-nL|Fq=|ebL1}_bcvT~j%Zy~n>2!d6T7}81=rmonM`v{z#o0Yg>23GKu5U1$$)u4?@I@Oz2dPud3;=Vt~dlGmhb8%h;l7X`vl=cfgOa3lYF{Ikw2jo6%qg#QZ~E7wJ2~ z7q3PSK+kL>%dE|D&IwQ0AeIhAu)9RPLb`W_e-<~6rjcP9Or!jpJ()hH*-ses;#L!% z(Zaum6Z~2=dk1%!6U6C}Wj0ovQ&RYH`Qm6r43E{Eqxq^cO!14U!Ag7~6;QV;B^2Bz zm8*vI$byqDfX`6~T`yS&8(OR+^HF9|@LJ+iN^5&6uVLX;B^mv4)N#LZZb!1}U=G^W zu1%}&3Z-O<`R7}2p=(U@iCcgz(by_W_|bltt^Lk=CH{evLHN+33;|UeA2L9;#qIL_ zwr|*2Tub2#Dp7mq77z6LhAO?1C2N=Qz#25rNli?LdId%;txc1n2G|xI?UoG+d@Zz} zByi9?c*PT}V3BIf4NUO#Iz>? zE#Gm3Q?g>}^7Cy9IydA(e4fJL*ST69xVT_>ocvqBOH($Dl-D|vyW#xLC1h{ z#}#IyNR02{5&(`piV!Xu9^Ydr-JM+I&ZxDWW+pMZD1(9!v-Huo$iy@vX>Quz{HPr=G15jwuUqKG>0Tptc>Ro4O%) zlL*p|jpQ*n{6s&2UiT~16ud0N`Cf!kEigYjp#79vok_f}+8m_> z>Wg7e+Zez~^r-gZF)?ASg%ROUT2hI4@=I(M3SlQoi5uMF8@sELQMz2({DZ#7l8hdy zW7n@#6j=eb$TAZ1j>ALPkHkvg2E0PApz&!Yrg_PqSfFFltm{b#5|$G&3FX*Nxo<(Da$p)mNo! zZ1`3NZp;rawG&qVQrL?_I(|J6YjpU%-W#E~?pV$`SbB7|=9os^MUXc8s<74$3a`B| z4n}LTT#Wn&3kwM^nk0}m2lKbt-*qO}#K=5VCe&dR4A)jYPEEUzPvO%*fd?7cOzoBudC8=wwGO7ZF_22ZMxOLp2(sZqCv;l8?3k&A3NrY-`d`o{K{NV8{ z6RJ+JLj0iaZGrZDC=T6IN+}+Jz8@; z7u1T?NgACFzDP<~ByGHO2^ll(u~v};z57mj4UqnXyF3N6FNYoW4xyW5##WnYhP+o3 zSPk8-TYVzAY`2FeS9M)3)9R3Y=TgfXM85$myueGTsO3_7)xwatJUkhd>3m)6Sy)~H zHxOr=PZuJc*BnK9eJO5i^ZsP@N>@ z*;C!k8@gksd%p1;qFkcq3lgIj-_^+q!;9mLPsr-T*a=e$Y4vv z;6F;#SfX^0?1F6r%(TLi`Na36ZsPspOUC%SB{q~Z z&BP!kwVXTk%0TU6oVUqc^NnMFr7;>wE15KFVS9;MM(fd9lvFr}%N>xJQ6&Vb!yxs% z&H;1TRY4`ofsQSO%}fAv@1z)hxZ-@6<@fSm&7^k2@3M#@WbE4U5NvYVMWONHqdSaZ z=xh;c4Zb8qqd3(U?%fwVJ|}R4R~d|>`REPY7P0F&t!JT1k)q729S>$mo~xDqRI&|) zs=*S?44E4thhE3X+MTlTDHwmJ$lCk57N|!Mf$xAtcN1bJtzuovqXVj_s2UWXnq$7* zn?1Gh|Di?rA8*<{m5-qW2b2Fg3U2ynsPK7su9xh#-10v{iM0ss&q=kSE|8ydWGYG- zwQ4*4Unv{${bGsT$y+BcKy&OD3KfGSDIHm9=0$p(5Oe)fe^Wc~^th<(ov*|87~v@E z50Y$jqF_-G?5n3J+srVqhGa^g{YT1dY~T+TWpbTqnBe`}NCUQ0I*K3pa*}cm3=J5j~ z6=M8+;TM7+8z*ik5XGqfM3KD>v4rnXSG76xLa`}Qvi5hw4Tby@dI8MD{ZfeqO}=7l zvw+MU3hKmW+jCpxfSc^zaLxo)YsCk4)A{_Y*I|@1MGC^KOU~*fV5Fu(ap&2aj~wPO zL(JS3#|`1HtrW*cZZLZbC=^w%dZD=E@q&K$t=jb-IdkS%oB@pr%a}8Ui?l0>Cv7|; zsyBbM;3C56^R6&eiUQI9;>wj1U{5!`zKHpqF%TvV!S49L$X-z!0qu9zVjGNte>+{` zl_*AwLl!R6Bqd>vUXyi;wy1JVQHTp&5wq^l#2J-sS3QllpszmyhI9q$#?5wK1_Yef zL!9@Fv004(Z;Q&Y)p9fbKU>LXAq@=2}{QYwluAofjBy~$SjjQ)bTHXX)* z%9c{;v!+0!XfLzeRIv^m(EG*aZ3GP`$OIHJ&wtF5*^E>ycneD|AGQ~El`XO^0VU;z zo_q2S(`|9Uolu;^wy;mv=C&y9{%ARFHVPb=!kFdxB+yw}FAw-fBt2fGa>)_Y@KNqD z7*VR-CqX1yN<_VfLm}d5p2f$P@JZNGUDFOIXxW)g!PC zKv;jJoZFczm$FU=@cb!}x#ZlMCMk%%X>vrDc zw66t=b+C(&I8-gW#DBihd#8A>1Z$nX7gCQ6iA=zyYTt+&3la6Y+sHj1xj9PON9eYf zea879)R<0*Hd@HjZEL2W=$pvkCf}x{jZGA(V8Uof92Jh?!**(%IPaT2w8@(YjGbA` zturGv?H_ScuN*aIMG)p|0k~F}mlM+^mSs9hA(Z7rW9!bSV4WmjCi<~b)mMSP;+HHC zl>9W8YP#HGZ`N-ZB+My?5Fcp{dcKGt!m0g*5Q@sy;?7luHP7^7+3DdPn!Di^)5_%4 zu}+gySF~cE{n&xHL80T$sXBJzA{e(uz-eYcm19x^7Wz_{N)V1?ccBbpMrorF78#T; zPW|XD`&0uMpP0mI5m}rLYmEW@@Tbb|^$c{5grUz>v}aO*fvNI4x|3I_Jgk5Y_5n^u z0}SM%oDa2%-;3W>JiZ5~{OamZ<-HHpYVe4`inf|>#xGPYfV#@w zKF;tKDM{uu=n9NbY;ohPuoU?@7HXkZ7Oh9c6XrjXjzavw2)|Gy495D8m4HlDQ7E~-2lO}}AZcx>MBZokmolh>~s^3Ff zYmW<%9e+GURja|ns4t-4;8XBa!zLw|c8*hj?G$>wtE&0>O-t()MQJDkV2=Uwf-{)) z&gT#H(i>aD;}ay4&^Yg3KYHD0z(@a2zC8?*oEeqdro&cb=wIjYc4uOgRVb}n2A;4lAQ1CL$p(+R$YxwLY9f1*%zMA2A)NUoU zb$_sT4XPh6*PCYNYL-+r{(EOi42fr1Hgtp%-R;OH<>N z4Jy*$FdrlG8)-6e25qhi@??=w#T2d*gRfv&cvP7HC}2FmHMNI-FoB_Si#A2o9i(6e zIjocEwCy~dWFvWp5Iinh(RSLvp8=1J7Ut!QFAZWa^;U0`W4Hk!g4L4=R&flue2MMH zRb6ORAy_O#dgPkKRk8-X3pOyqK~xH8kB#%aMLCAM#5pdEO;$?Mq~ z#ESL5Snmi-{!^Z+$^PzqFz-9O!_5{ekH<{_6u34-QffXtpjF!#oU)s>NyfCK{Uz9D zRpx!aFK;LBF!1#r>{N{@ESgQ-^i9j?+o?+KwgJbpeGcMCLtK~E{K@*;n(~H~%H%DK zdYv{eWCHF8?NXf@y)*?-hAt`^w)+#FJa&bzr4=b3{ErREyjwlk;1G>wYj^dF-G$!w zs(el0q~~d>n513IhT}e$VV?ACkiTv;+b)vSev6UF(BnpWe~Q`cOlZN6iIW<2o-}~Jt=2_q6ZEuF06}-R>UP1WPiH^^0HZ`X1HWsg6qL-m7qG!15 zGX>x_qaRmMMQ0ANLuo>u1bj{hlB2zgK=z3QJV%u3-(^a#hmI5&!WlNGJO2RfiK}?4 zXDgFdm+68mF2RN@(E})6js8WyK9|zlf_E+C*4*Md-wLO7W0wU{{Gpjm4M=j|uUACQ zXB2&qZuHi1)ev7H^rC(x?56WW?GbI)DSC!QuZgwV7lk^szE!K%k~i4_q2_3qT6WPy zpSbpy#`qhP|80=!2SK>qDz5ghdR%_0&^{J$QN2hA6nJa;(g6R_H&*;fr~_ zz2)Bk2cELM)*H?tNZOpEHe8g>$eNz|EZ=M|P}P?(Qm5{|8T;uYBOKW~LMKW*4!j#& zbg|D?;eI~Qt0h!Q%%%7K0zGA`uX5Nu9KLfx6{$zfL$?Xe2~DNdR2(fn2jE zzFgC5aq6Y?x&Sz7IOJ>eJfF#BuqqeB)acGC9EzK3W*hv=%}_rMbO|g!RK-Ok{OE4x zce*7F$H(1H_|(k39qOvWzttDq$Uv25Gh0tSQFQr9z~R0!bnME#to15;rua2>A1+@t z7Tr|deI_DknNmxCWMMRX#TAn&OUz=w-Vrfoqh3dV@k|yz2$j?~y@fcvKL6=C5|nJ4 z)4BbM=Pq@F|CgQqK^-?oMT2iM$K`7ePOocv7au9h)d8<;+wTy_D6yM-|E#NQNfbYd z03;;HtZNHo2JfNb?PzKl97R|kusg1GM2Kg!-JXOUbC&VXO}Z34ZiE{W726H(HzVHu zIy- zdCl>HNjaZk7zP$im$I*>CbomS%md?mNIjfQLp^URi^NUf9S^7Qpwvfi#-=8CXu*>^ zw`Or;_})vkJoBQ<>kcl|?$obx`wtl{(ZOQa%fREc>K{IwA)Ik#+9>ytV+eicPVzGX zXT)RQscaT!t_wiy0i_*+*&L@UT}yH#^N-$bo^FoZ-7FtFq`kqf^Ee;b7_hbV5)zM5^`*&BbFj(uC^aobJK+S1oRpP4I@eBOo z`$ea%H%>PF_tqQqKVVwwIn6C!6}3%h zRM=xP+%BFB_N4L(`2)|I{$GO$jJRzdZ(rrMq1mlzwL}muH7R)G2SOkbA7GXKy?xa;Ph4ENs{t31)5YCz$YyX2J&D8%}@%JQ@=EYN6_I7+Vo31t?M9&xm-= zIKOK(l#22Z?W81fOWqx=;?{0<(5OOs&|lt6e8N)9U_CTb=Gcqy-?~%vpCIl_Ufz*2 zx!szLUCEHo@|v9cy;g&!}c89Dn=#rwC zU5&-~8b&gL=$#g9scr*Q)nec;&%0j{;i;nWEdC@`OAfmf_mNvPsNZMTwtpEJIxLW) z>1G8spCbnBW}8GEG}49_!=0GEBF?w)IRSCtQ)7Rg@1NxEwD=I_S>{c{-dJ(Ql<#1@ zXsMel(80ubCJnEUArR0d71_Q&=gf(@1-Gv$2}8YQb65Bsor43F65b`H9a({(HM_$E zZ#J3R261~VH(+_L&Y;8v$4s#;{h9i`D~M*fy~$MrfDQEEW#oGal8~J?^D#UEZfmMt z7tLj-y%|>Y*}HV2-44GXisGB5@;#u%9ozdB!wzROn2c??-*?mB;!gf%nn@6|U2VR7sAMbwRBhF=S?Jhms2Vk|*894`m;Pr(VLnoQZFB)IMT8R!MYdl0& z$#6Wj2+~>uo*F1rD&S%a0#|iWwZin-32(HSSux$F5hASUJDU5`^NOPmJ#IxFWrjTO z`J%TkzUA#t>rF|=i~*giKN#PeNu!?Kcm)S>D+Xb`)~nzHG(TqNN-n_i`$WJ zvUtfdET+q3eJXEi%|I;&ht-dIkO;jj1Mt`V)n)Un z+DOYKb4~YlCk{*&sm1l}L@}_x`v!5k@h$c`t;xYpCK1|bb_ywm2G&}sg9Mp_#sT4$ ztaF8_1|diW`>qGIelCR6e%DG8Mve+?)S_(Tdn&6cA`Z)Nv0!>>*(^Ts_yJZuKKiF> z^HHMKtIz4m`R6d!Go#ED6a(RP=t_!I&DP(a{{S_HDsKHbF2=0VwzihHQ5)k+za}p= zNQk5P>nKDn%j^s#MFGrOGC;8l85%n0ykkBspcR#R)rz^ay=CR)RbVjM39A{C2Wu@B zh!O-1$0*NG{lXEWM2jovmuP;FR^O10@mJ>>0^K#L5kub;>A>+naV`@$4Bq3u!n|9C zwkwFG=3K!?R92kN?KR;ZO?#v2xTf%F=Ca6J_r=!*v||gO!p~i4 zRrQHXCCrt#H!<;yaWrzkSJ_@;JuA9+Tnkl8rQD&Pg3hao=IP##Dt;AOHF?Bv7J;2% z`a}fQ*KcQP4dG;ySV9^{FWQRr7$uZxQHph|BHv^@Z}vFHAPLbUA{O?-cqaEr^2e+$ zvS5MnEY&Yhezg1B)B10m7Hx8BDqqSRHG44{2|w`zFmn$ zQ~{>*&SzUnFR7+fOH+9brVkca+`=V(2Cvg6KEMDQf$YLrp(9DM>g!)=P39#cRN+I3 zvsYJF?O)NwAOiw+E_NpAT}!>@>R%0VfkP=8^FJb+zkA9*OWKwl@>f&V^U!v3U^oH2 zF2syH{!YEy7;uIdpmN$Q0{r+|0yAmWWxq!UZ+qo?s~TkU%R(T&N~6>7WQR)QYo{<3$i~`fTWN=5(># zyzmP$^WJ^9%Kpsq_G*O1QRUb;NtC+l;;`x6{;`8+&xC2B0Ifj%sC#xOHoZvHfsP|S zo(Affv&#a?;=5YwNvNIaqTT$^h02n-T1eL>l_f|6=<_@A?*x;XhCvr^$WbQcS)W?; zKHbiGor6g6RtBMlR&*TDQi}5iPfjI$3FRqhdEkNPCQ6=sT5YoOqqTQpElA@v*AQ6o2{lA>1sE96%Zd zqULS`c()4^oq`)+ODL+@R(+D1A?*Ev zacm4k1)Li&f7yut9UaVz`@mRF5QmP&(#SlaQ_lUuu*mLfDgi-hq)&zR^Z^H-tLnm~ z(aT7`lS`ZwT%~*4=ByU1^>a>->9eR{td9U5#kZ4Utdh&Vtn&`&!tlu3WSnam8DTm7 z46nfhhgIM;UP6yF-@NW$nfA{TW+n&4A!c4B%V(G@GWvJ3838_QIA^%JYw~GAhP4gT zlTp^E=Z%=%PuTwl@b&L6M9B5&ZIwfL`v3CXEg1T~bM8H;N-vf#yb#>H9L^9!NW@R! z6|8`{h7WMD>x{|ntM;XXX+}Sc(WI3Bo0Y-`fh4OFvb*QMy;^_Yvt`}K?T}gFAmaD) zo|gj1?SbL8tOEFUpk{Zi9hLU!sSI)$4pa0K-a_08oKw@^e-jP+(V6>sszf^Ue|rGG z+qmsvk8om`JWk5M<7EZE0|ns=F9k4MXOY>PG8+}2k4QdM0G3&|d8827|B*g_Lkp+J zWe(pjKI1wM1VJk+f1Yr?FSw|Ah?u6oAO3%zd;bEe*B&XERP5>BtxezHM@l|;-HM+8 zWS$}72W#$^2QNUM)iJ`zH-!mj=uZcf24M!fe*d8EM?X^p=grdAK=1R`k{<6PmVhw& z|9E2UyYNS(0?h{>D?0w$-3_*fk&eH8`ov=nRWh6i+5O@m%>FcN5A($79v1Ou5Ey-^4Ns`+^FAI>64!A84 zdTj?fFpERuX^&>EEf!(!hX2)OokgL24))E42~mTl3%@teCX}9cPyN0~kqPih)xGp! zvRQ0KFd0gX$N6=A{US>gma?M8k^mEe$Nhp~-unpR-t8i>I|kUi0R+z$kE5fb187RM zK9K@`LcQ*tY7$=zBPBSIQU#smljDWN+`u`ZXT&~Qa*@jCN$|lMwqNLU<2w?V17~aT zFt72G5-q+=ud15T{w~N__|e#eh{u-Y8^layTf)xJorH5mFHSV9(Gk{Hk@~tFQb~{u6WM3EiOH^p#_upD$$*@ zSNey!^k^7o6Y-@2v$e0g1fmC+D<<*6XoxHMHlUv!wZbvZIOzC{C6^tGV2Dkc-EA1qvv!)KSv- z)#OcQGQIHR=bZL@0NB%2pq!9+bbYend$K+t8vi`LM0T;-jNKCJp-2ma#O-}F4XHNA zt3B19A)(>A*7_3cEGCOl0P8V5z;fJ|E?90J-;=HW0R};TFG=amI=ZLGdzmC!^l*Gm ziqApZf+UD6t=m7Onrid?9^#)PEL|MR1kElke1I=8 zVJVXC4+~r0omaomt@6!3i`bn7#y};S>vx1Z)Hqwm;ooxIZ_dM(dTuUBeP&i~N>vAO zY$;jLxNH_FV(KjBdg;#48}7TBNOkL7&>Nk0(ch7PB$w^(uH3T^xK^z2|44N6=DKOl zBEU?)GuM&L5O9=!2lTwC_8VUfw4MTelAk~O|Mle-2U#oin6GyV#R)76ipSvvrh3~E z710gl2&0orqjw$Nbvi%Y>*vraHgC`{sKTK;rb#;|yxN*9l~#Wq>wks1iBY+@bwij6 zIo%uJvXk=!uDwhQcr9=!hs`VHMLT-yLBkfCm4&AplZ5asH?pNQ#6`^N@e*ggbx6e& z$%##Ur%w0a95@WkpRQ$5$L=r%kFc>aFJM5prd#;8l*q-_Yuz00X*%GhT^``NJlsIjbe{ z;7u^2%d$?O8LEmoHHE|K$))Jw+&-5^T(lhdbpZM$52+nj2ehx-kQ=u1{XX_0L2l@4aZ;EoV3tiybY*C z*(g)5?Jo2JtU5=`+wo_5qH(=?n(4$sI z8~^R$VloO@IFg}}HPU!kYq!&gm%dR!3MT%}Wqs_O5iG2kb$V@>&*VP<4-SaXTpERB zc$vg9A5t&%r=>3c4{dK571z3@3kM7C4#6Q1+}&M+ySqz*dkAg;LU4xw!QCmGKyY^_ zxCaU^xQpHUobG#0_qhGz`~GGOGFDZ+YrbBd5DD zEEPk1iEw+0wuXm8lef5tyZZQpbURaAmd zuHBw7Uk^#Z2noOua++zcNg?wol2(Oe(hn()L%c)3<(ZT1!{b?wa?EY z7MhHp(K&C>-a>ULW9z0Xw~<=CKtc#1 z;1gmP52bf$^MLUCt#%}8;rAnc*#0>w*kRiJ?H4u$pd_ySLJ!3A2@4CKi-rtnjDG;S zaMSCNgW3Sc=X@g&Wg=DNL~D-^Zgr2M=;Jk~<@LM&w>*TTU{DD$k@$*N&1NeG zTFhy)9MOcinfIV7IqD--yS;m9(et)jL9$P4V1b9^PoH0EeZe)uhjP;@2Dir->uUSE zPC>-it2YV?oWx1J+YfD~AV4qE@cv6Ui(+)rI5bx}-nRkblBO(p!n1*W}FCCm$cgv`% zv+e@U!Qo@k^BjV31U3Np(tm5R1$^#pT92n3 z86o5l`>9Ciel*o8pURqtgOb0On_(8CXtoL%X~IpHRQz$+j9TB24+}Ip!_&2QF^Tou zZXB8GhI_?iN3FGc2g^A|<1*lVSIW>5XjEE3Mg_8B$0bGx*eHxU+T$5@*>iz&9g7Tv z@YFhPP1OhixqMCMxA7Fxx8_-?HD=;FPmp*{Tdctpo*W#o9IHBSTJy+R3DYeTOxeug2i;*|)yLYoiaxa9Hy@tTW_!rWYYmAbP!&XAVdTR>EV zR%D8gw7~(~J~J*akv@1^wXS<;Dj+*eNi!c;E6B8eWJltM34qnDQ!fLFR7@47PPpT$hN zBtXpd?I??1#g5Ujmo&sjgE`rjzayMoG1IdmO30yb41*;a&N|Twn+{`~dp~ zq}i#Qr=vS85D#a5-LpwD-%F4rte_S_D3CldaHQ<)S{Mj=%GV=BT9IbH4qqi^?iorO z$kmF5Rsjz~Zy*NgKgiEvI<53iC3K;l{c4^BB?~sMq6R<*r$fvvdr~c*;svFkn?Ewc z{&Zip)5KGSUt_M0qI;iBG_ZW<+t$S-(fB)_FNNjyyW%U);B0=Bom4Jmq`|KOaD6d| zE?@&X13u!?HpX+(^FRH>2pty$YPU3>#B+2qdo%g4P&}Q4QK!RB3E@OWUuhEUq>TG= zygr#Z6l%UPSRtzjZLwv4i+P4+ZsTr*6toNx2(%sWiOhcoH@1uZYYGd_x>Tv4BILWRzWe zx#i90SoB@xhsA3I%)Q(FN@CNZXoxlT9*$^$W)^)rW(Xshc3j zKpX9q+nV|_j#+4i~=&^Knfb6I=y zAX{KsgU%n%?THr>WEfQ)?k7A`ohP5HU?r_8WeSd_7s0`oto+6nc2`fLM=%d(LWNPl zXZqw#_4Mh1vX9U4dJZp%c#&B5*`|r%c})_^+2=#2Qv5m0yPv4MxLe7-=wsugFk3P^ zm6^tG21f4t?oSu;L%ST$Iv}imeRRLd3;sN-YA6*Lll*x)df6!7HoN+06(G3vpbA5O*9{-XAg z>)%-Q$pW{Skr!(xz_6T^TrFHaCxNJRo*jXCR^%lf0X2V%pZ?=FYA z4+;EzZ*Zdac$bzUP}Y{OPgmgq<{`N;pwpzXau8lhn&9g=_Zz0A^D zz@^U+942L05Z+ zy4Uj=Lr3t3x|{YOORMAgvS|Mw#Qp;WC1s7!xBCqn z_T3L84qLwo3nO6)#8(aF_o=5l*7O2jEvaQ=`UV(#Mwa^eku4ry+=h6+YQnJL$fX84 zM2;V%4d;d0od;(DqF(nd7>dtxe*&aP+~$&h{(+;~t;qDp@hI=e#T%|?fP^0~5?M&% z24y&>hp@VMxKj|^iMH4K!%FDuubuH?H7h-~2vf@w;lC$qg`0*y_F=JJ2FCd_xO8H8 zu*cIHy^BH$AK?avWAl8htlH!%;KXZci3Ql~z`Mjoa~@8!-Rhi>&pT8A zQhoS!lq~eq;_SPTzB}Kf*OzNDqy)Wrww>~^vtHl8$V*~%ADLO=w&jId(Ci}6+tNqsAWfl@PZj()@X~*kn!2OJv2Z(WuOs*) zqAV7}GwCz*#Cfjxahy`2M%#9HLo72kYo3CmoP~vK`{fVdLnR$u8^k6-+`2A41 z>@;}nqtwBg%52ht10^eX%&7&DRjlm}fSQ?$xCgsAuPJTLaot;(SimP_ch#Xc%-HmP zWU-dzssmraYXk|U{au`XlO3k?rvg+WvB)vQRyk#x(k@YwmvrTcre{&EVR}b~T$SEh zJxv_=<^VjVOj@B`lQjDHnhJ#hAPaF;5U=zoamewe^b_>(jH{yiTaaJ@_g$#XyS0m(gHjPP408`s;Ty8&#f(ShRrW zGP|G$r?KWn!93n&tLF&{kWKKlzj40ACn~nrBplZ!{y@PvN;k||3xFK1D#Qn`NgD}*hmLpB44)H}Hj2X58hK>E zPvw>H_fH?L+JpQLvtWF0TtTgk9yMK~$p~cs1!erp;=K{^3MA@#cVkcZ{=#(Mbu*Sy z(r0B*l@--N&x1%_dz`}9WR$cO`O6uoa5?KU!i zB=1#+=8+8F!wyB>PoO>jB)8!4oaQHA2H}n}tC0*Pd z?w`$X1T|}0jGV&UMHh$rXE66FC!*UQg@pX53VF4^G4~3y8)hRhYVkMtX{#zQSKo0M zy{86B$XRupL+0~F3q}AgbDA7dyvo&V&5#=X>nm8TyZ}<~n6>KKJta7s>5kE4Sv4J( zU6pu@;nle%6X-LB{lbxX7R=v+IeH;JjVvxym3ao0_*DK)!Jq9eRXiXx+_^w;P zg@Dy_GDG~^f^#j}cBm;U-+*w4iaHYJ#mbu%54h9tN18cnY1tf_764K#SSM19|JAs zxxDW8X()o37{ktc$0w0H3-$Q&8E1}w}vKH_W#OBGw=sWv*dd;K}@D3u^ z9XRZ3wQ}wo4TE*W&h9_%KH3FGh9rPX<~(Kihmco_-e*8{I<8QMVk7U4e^y9=7NmC} z=Ceb2tQq(d*C`H%+_k_~kSVO($dc*r_qF$s>&PN-Khkn#VUp6#Lb@VQza~QKoI5Y< zrk?4t?_z3)VI!OjZ@5wfQV)wl%G-6y+PH;*pO0V`9kn6n=u$)5kPj0gdx{IMfZE}pDY&k4Yj<|tAM11Q08LNzdJsHxUu zaB@yg4vKq|bb0K!Fhueaquylm<|~}X=c7W;ap%5ZTg6m%NB)%#f9>mvFtG;Q!Q1%~ zIPcIwo28hv^ze$8E!yszPzX&x7+^#IBYNDl)yP!)7cTob9HiZG+9PVY&zo=8g;-5~ zsG_KQ0stvq(HN;OS2=4GCXhEw373&rq?qWx9WDUpw0Y6Aqh9QxG?+-sxzpgl)DcRWAI@F`z?OI9`5OMI)GGyq6sa6XTI&h-fskMm>F=L`n)2R--3 z++E2`$t=P$JyYkq_6+A@}ql*IB@G62)23jX@~(|q~7KXq@!Z`6Rr>O>}EhDk76XFf*A zY7YI{u}!$(9vlr_8MxLShS(EK;q-!enUMveT<)^O-!NQh=@rUb>S}cu=(g}&ntDJ4 zs9ZQ)MW~l!eO#z&Xc~JTL?5b_dk&_p%LQ9Y<_i}0P><(hAapuEPnN((td6ZTiu?gA zs6-RSyW8+Si@j$Y;0Ggy-~Z0>b%g@p(;&oh`isu2D9h_7$0%`Cif^~u^U>87 zQSN-2*Up9r^jw3qJ?XD|zjX+_TfSP05Xx)H$vB-~d<{%$)_dJ2l*wJ^WOibu^^vCI z&MDs`^6s_o@}#Ff_rQc9JTUaQB~_)!AQjwm>tX+7r2?$v_vjoZoP+1zyGHTIkch2N zpGd~uG~z`s%psovw!78VKM41u?4-} zn7>C`NI2;L0La8-tNZndk*1}YE2*UL^B^(*$O8DtU_}~~WzRCiU;1h128?fVcU8bH zQsOK~(A1u-sC?2y6=Q;mEUz&L&EykkwPUEk?Q)(_l}hGDs{7uPd7(U@jq;BGYCnyk z9pk)D{+ZB7HLj>_5(>2j6s8Zc5nC_2v4ebeo=2q+I)fyyoxAJx9aH<=*H5ACijxaAyW|r_w;oJZjL2ac z^YRI}s6!D^Ac@u0lZkqznpx zy?l@>ET3pEwiH6QzbwNcp8N!{)=J2?2m2luu&3pYHWj|=&&n!eDk%LZVhO>=U=e$B z@y1<6P+1o?&FZ1)P~}YsEjhcd5O7bsjm1`y)m^&pJc)`+gM}@I$J5LUjyg|r)m|!M zDlCY{EQ z`;QB&fK#W+pd?bwWy0Il>KFd-ST-Fvv~CH$1BX<^Lov0Z7aN#(^x#_EPJejpOxDxO zib3hkGiRNA3EyO0_J@pd%Ro2%T8|9}mUagNGMV`cTAHZd`0hE}~dui{!k z8x#`3SMqeGYP}kGgnu(@y5E;_=QO3z0BVJ*PqomZhThM$7zq7)vigq-rqXr29{6mR zeSaURQcH*R9dJ0F_p{cQda}$aP>8E7CJgW-F%|V@RMDS{vF+rCB3s}$W`iB7X5-^A z5Ri~Q!=saRm!+^!Ts`@JsL&%lpSg4g^l20k#EcJpT%T@i_y^dhcYBZhMvYiFGgTi- zgim_6ZRbcij^G_x+k}5Pt@s{+%Y2UB@Oa?hFsg{^KL8n_A$FRjKc+d8xZ9opOfx}D z`ZQca+du3BPQC^RK8BRbAVM8^n7QM0LJpg18M}E>r@85-J#UW9{2AChoD1Z+*S65d zYd)wuYG3k={tJR6Iz#=5#UjRGerz2-?}XG|^8hZlA{?XQv+TF>bkuZ@XV}k@vhAkM z5?cuf;ZL8|t@SJi(-}f{KMW;a=Q>(F@aX64I)^ArE=hP?2!F&TKO@UX$q52rAh`r+ zANFqiwZc+=I-$~q4#pzF24VxGE!taAQYRx1X`b(?43KHwN!v33x~)ADuFS+Cc>$|x zq*5E9b1XmUjUvgR%U_RG5bjccU1&UH{8o~ra2>sgP<)L{JeLgXL}!JJ;zb@V_l>&p zeC3A9_qTe`x%dUbeTH{fOQWa*FAlm_kdNKH{FwqomEpDU$ZxQJV;N%latq~ zH73z#5BQ51f4@t|V}8?#n&@*DzgYUo(ychw1(Ls$J|K?7)9iLgak1)}21uW>F`7{g zb+D%_Wb+w%DA7t^$#eWP5y!=t#oMImRDK_AMB9){5;5!UQC$ zyHu(ei_&Y2(tZ$z6`U=LWmGsGMC|^gMMLS7BIrO>M1yYO%nqh{U>&#@YYvOz{Di^xqo9^WAKL;kYDw(ztWaLQKjr;01>LmE zq%Wtec^Di5)Qc?WrqPV1Plviu?TjrSzXC1zg#I)DLif5=AW`xIurDBYe35c@cR=6^ zH(-eu?1_swcq|x=YGDKJe^EN98h<}>_XpO%Vmj3{Xjw3%tC9`wj%Fhga#*5hZ|vGA zCMD7DPN76>^Z^WNo_fmZM-5+7nwuzNLliPTy}24%B=ylov!Vzl3Gq|$X{(C*(mp-h z!5_!Tf5F|lf){!CRdY=GHjeK$ZG%R($nX&2OiFfK?B~iu`7RmF7&KX>8hPt@dVo=j z7J#NCjvoh4-P#QqEt=X7D%h)mgu!0$C)`3x97tT)Wm&m$KJDhs(}MVM4_n zN-AL7OgKt7xJw5axv7L@8w{H$10xFba6j z^wm}wVP!CyNC>?&SS^kIliG0XcRA7Tdz)oCi;5Ga#_uK`62cPp^g$P~2rD!3Inx35 z)FAt*mZHm&u+TA0I$X|U0|TV~tDiI2yQwvu;t&Hh-Y`=Y-`lFM5}apDJ-%9lcyGTq ztlfV3v;XEW%NR?ebkDPA$S0oHTTsSuhjJ6TGT50!Hl~&{lu6 z7#79h;s+XO7*68s<3M#XCmpB zlSMxkPMma3$4Xpmjv*D@L@#Mv7tIm_%vSdXuW0?2Kh`?u5Xwc)d{`&Ix)D^BeuPZg zbhd!FP3uQ{@*$;b6d{nqZ{$xW)vkccgbH8rIdEBU_JUVCg8kznY73gkeqSh!a26Y}}-#f#p1=*H)o5m5n&N%no$BeFPOvY=cEi$a#pMRu!q9lF0S+n*b*cMn!RC_B3d{CRFZ-gb zPyP7XF@uP;W_;IN<^rxaioX6kuqyk?ID~NV+PMRI;0a--bPAahsqhEx0`>m3X?P0w_QdaU~uG6f@_`=M$N1s)d_TYC1w`2Hm^ zSjzYCa?zXuugn@VT9xorwJU$gjKPJNwV2*w@Q_MUSHBQm3&%HB-$*+wUCP;lZV0jc z4U+TPBmAAh_i)L`?aymBp}G&h^w(~kGNkB^RLI+Q(Vlw`Ta2@!6F9SsK>$B~UaN4IuPM|~;#!BhtP&2S^}wUN0~sI7p@dtmv!o&e3#5`}XV_v#=10J04A9)> zovPVZ$K8l!m#EGV6MvvHTAuhzOHj6SHg+^Wmq9k#y_S9Id_8oslcD=eAP$VmTtAG_ z^%@Eki+`Q0BtR_~g%c!mlhZ3wWh9Xv^ULJd z@8F628*3NHlt01hhs323x1}FKMFJkRVit7+zieIV5Z+GMN)iql3xeL@8rz^d)sTvR z&iS=%l*k}{-CnZMBZv91vY6&~rtYQSYNxI*rLR8+pwS7L^Z-~?8q_nHM;&6ddm1bj zjjG;uOkdQdx(Zon9xSprV_og271rbBE-O6cw3(j?T}&Tpn^{dY{dJQ<&}W$Qum3A! zo6)5N+Kq{je;6;Pgq`d-A8^L+znsA=vs9^aH2t9>Qk6u$gbNi-3+v?OOvzGs2s_wT zB@~pA@W6x^F+-+0K|nKP9fs#Gujk#D&u*QwzQW{EaCY>9Nd`@w=U1$ulS0|a21x1K-S$i`GOtsjc7smY1fJYZH@ubDsNCuM+0M=O=h-hQJk^Y#^-CYW4p1hnp4QlA*H!|Ge~ZaVuxsc_mBTUdny3zZXDV zw78O40v2Da$BgVVSVGv7s?Ka(Z-7u@&cblIn(7nLa30I_rd&yrdY3KW$-F=DWKTbJ zZO6+wq9LWLM}v=5+I4ctUYO^cW5nvdgmUXxu!GLrAB`JqDgkdxwSe6$ucvNYv>gux1?BR1i}-`3?^Saw&X&-}tg^YRm+-Y^r#qRt!`XN2$SX1B zWPG+4Y>qz_Z^84ipX@(uKJtAdu?hr)flG~bAtim{ATS;d4)sI#N2JMU+gX^n*2f=cUW{+{7%46m)CvEl442`$cB({G)+!lhZ87ur$`(t^!-uM|Lyt?mb~nx#4c zlSS`|`>9)8chu@os(1i~qB3z?ym?6*voik^LVq1yexVW=i!X5VrrK`SPS-+tL;A!; z#OV=sp~f|3`%(L1Zc$UDhOxM=I&+gg#qKG>&VjCJQmi@A|nVZFK)RL0rw=PlT~z$ z<=GGa)?&ZHRzW2257H`BC4J}6M$!I0*Sa)T;e8~&N>$$bGD`MG%w0!-{Fq}BEb(yW z2lOM;Bm#@%wTs)oIh%E1vFY?_X*u`LYu>mIM{!gGVA3eGkGJL7&RI2?o%rY54;GLe z%JPFrL!SD^Z!U#_hgAG0u}CZOn!{*Htw|FT<$n{OB*bzP$Xm0Qaouycd$F986%x=* za0NGAn^`;|2$UrVmO6$$P(2e(!$lzM9)JTavA1;CQ*r@+rV)=g%_SYW@(4-_ua?wl zS{qwmhIR5XI}on6o5Nh_*v;>CUG*@Lqr2}M5qG%62y23jmOACwCQ+0jxccwPVkjOx zw=ud(b!`Efk4{2O3j(KQl^Z}w*%Lu_B%7fLg`+gF4@riVT&N73Zg6=XGoFEqmzil3 ziwpHsh)&U$69mY9X{JkabKjq&$Fr)6d)@zjm+Q5Aed3AVa5&me*fvtH3%;~V?cDIKK#XdB z@gP!AP`LcwX9J?d|B{L(=LmXZ`P}&Lm7ul^M3JZqpzFxtx=UFBH5L$pv^hccTRLMD`KOY7mOUGm7EZ2fmPC@BQt+Jl|GUupkmq$(7RolF3J|KUZ#I zFJfeTa~i5sVW|!0WObXdV{YF`^)!Y6Fs}x%3|bJznmm>7fQTedc2gWfK#TDmuY~Uh z{d$+6mF@7f7d3=KbbboppXsUHVW@YF2U25GIX}F?)Av3uJu)UsD%&#kk{b}E3z@? zda9)`0QsPzz45z2XVcuUN~U#pAg&cqNFGti^V7Y6{|y_@=*@onJ!B^?4bn*hJMi?V z&Mgt=phOh-u2Vpk@eAB0;>sH#XI}fx3V2~0@+}Ur)v@eyS1B@`7uG<|#L>5p(*n-1@_Tzvaw> zH}Lq&ORw{yne@KT)TDMofcbpGlqaG1^sWGJ6R#yRKND+TaI=-H$nuJ2P@_sN2GV;>? zk9LB%Huv?dr6T><5lQNTd0Rb+h#vSECCWcrinL8)BaB2egf&PiC7a*d`M6u%v~jqF8ZNdkh7_}zdlpA zLfl~NXz}}=-8W$NiH&6KzP{q@i#cG%Aa_xR!@Pbk4eVgwjAmgZ9Xg(^NvQ&YTUt9G zYoV-0YQ65&;HZF*4Wk^#<@%7;r>E;Ep|9)3&Vjri{(N&<2R7U>01Mz(b0@Drt-w;GfRc(n#rZ?! zs?Th_AUL29>1#cby!cr{k z78SC%5jQ{>yg@Fyjstr;O2^25`%Hm04+kN~=Us

7cC#tjZzjaO$(AMdMJB|R z^H)OlTh~Dt{u7xOUTRepE}J1zyukyQE#7Ti^pv{ZW{dzV9@um`TTGV8@4kc`Avi@F zy4SZyg|hi{zGlq+h9)YD?ur#v@dl@y*kzabk>T_m-=E@ydDh0GhaJ6AA`0lHs*ZPP zC81f(H1A23*Ulyy%l4SQ@URAMf1OVEiaZ|htH*~^yui{COfbu)|I}l?60_#435D6% zM*IjX?j#)a25wpukb9qmZE{{dS^)w!IL6-zNRBcIT$Q0Qi~i)^Lm{a&Jf4UvrGZIg zcAQLf4>QQt5D(rKjv+FJX}zCkSOR{ZEMw0iLgTC`9Scb%|wg#uBxo9iL^IxtJRp*j%B6AmgyU3Ye1&% z%ZwhWcww;G{*g@FStNLd@avE-lQ7I8GQRUn0OIyZc*4W%BX!^fb*sm2 zepw9l8l8kQyeiA|VMaZF+j5DEDiTm;sZe~Z z4_E8L=TLf~%yfiSSl{Ra%WhAi3@7aM{IVmA zExFO%a9E9fHs;o8tFO>2!~*uJEtY1}yFBCv7~0I%hHADHz-TY=AEpceBSN`?(JReO z7_g}`8O|Hn#9~GCOO;F-1uIb&Q}4^&2D?()uv`o`yZ%_ps}medX#6HS%`#D7<(j2W z(m58lu@`bLKvQdy7x*kD#;yebRs!hjv!=&G<BVxl* zE0l)=F65K}kS`b`8(k#D_Ayn+nz`KYCfY+05vNI$(HN=&C;Ph%2gmx^Tjd}i`|wwh zS5`hPJ($ewZz))DXzB`!s44du$vc$D=nU+h$R$j zb**l8=%Gls`HYUvRvin20DSN>;CLBDxjZi8r78i<6*$u{XJL-GYW;OAk;3?=(RA(v zd%v!(?kR>JYarA;8xKGZ?z~h__*OZq5)~{Lxdi|P1);bD_IY10K5XtDL*n@dCOW-D zG~q@{Wu(fBqkdly3=jJo>4m(@4h>gnb$f@I4~kO+V1A%l;lMB(*QkZiiP&0-gywVq z*@m*^{I`YyqXN;5=&l6?rr!L-TZiv5RRRxYS0jm~cqRo7M-9PvAH@#u`ive;VCEgC zdE9%~CTl5f-xXo8(}@CDBDY6`p_!2q#MpDVm8VgtYOg5)WpLx`iD;n_<99vFCoULk zV`)#01JR`ehtYZcr>L<+6yqmCNG_YqeZVy`yiZdB) z-*&mXdcbVTQw7?HTIi!tcwjgI{Lal9K8lR!d`RDG^tb{=0^vm73nBn0X#LRHg&`b; zoq}Uh@t!5UcAkd#xf*7+kUyf(qqgqs831ykP<48A=Tv)pFWgA|4LI}&Q9!H0329|T zz-Zc7=t~cXj0?P8*2*rH5Eav{>m_3d6dNW1sZCvUPlcy=gIKr zXdqHZrT3jf7C+rWXFCU_&Jt0U(jBs~Kbu z%ldtt1e2M|G+z?P7+eTcECCsVJd~cI5PCJG`(wp1O7j8P0ty1cr$D35Fkn@HsQg7| z0V+sllZCF|sQgjq)`Mt`-i!!=+i;#Ry;Iw#myo%MhrFI( zO=#I{#uALV+tOZp3S&cEXCO^>;vt@+SPIpdt7{nsMa)Zo;VZCWY7j7386~lL19qDb zU{j)~BBs%-Ho|9>3H&v@H9znYaf?yR(%BcVc^_$dc=0@X?DiOlw#wLZ$+n(_>WJ)t zKk!NLyIkVyue8ce_4aXdZEkn9&9v0P-zZV4c^rUzrm(s`ZubAQ!vAB%ji?*>CyE2J zzApTpY)nG$*5`efFPUlPKhgck(-0Ez6%hEH487?jsRH??mA*M|1F*QWh!}9NGvJ)+ zJ=piIpw?$1Ef%)OH%Esilgni7F8nbikj0LFI9aezv7JuL5tsMWr`PD?Vu0_>8XWZY zr`>uO7R&)s*s7@PMvn);=;Ggn$6=6mB2wXfOfiKMkwYd4OG;WRKMoc1v}D9-1&Dl< z_s8>b9!2w>hi;MNhI79^ne_p0+~z?+iqCB37(nA~8pdIQgoT8RiA)T8j zdX#raaU&3F+Lb^hQ<(BLozSPe%m_q8lD;Iv^8|P=i|~T6lhUkjCj`AAVIutV=URZj z|8kCFz~f)FrT+j<$qzBk0koni2hn+t3>VgEts|_bPDHb{&$RtV!a02Jv3q$fXFKz8 zvbxCr9gsrl!60+_c~fNOvxY5pZ%HtZ>Cdj!$xP`!#hiKTK9?^j1(LHzfSW79)V&53 z=>7JwT&Uf;FfxGvfeFWfG~i#_1EKvO9nY>Cv3R_CJZrpUjcI>pP5jfp|4%o1*8_rA zTi4J-guedqi?!X#Uzlopa^r56BGlMy)18@sRKyGIPWU}-kM`TIMNUQmujiO~H|rM} z$v?(0+h^lYu2?}0CiCF-#p3I0k**x#A23aPP+)e4hce1J%_Z=Dh(MdiM_!>kyEh+B z6|JXbwb*w7T6dfmuc3Jm1vkTgW)TRjy@VHJ!rtD;X716{>h}X}b3oXF@IRmRA1C(j zPa)|K{W7jybNqgJaJ)NhlX*5v3gyXqQ0GiZkZ8zn-$)H?|h6NWO&8?0H7|T``S)X(WYq2sR%J zsw1FaYVqpW05J9IcB}~et8L()Ex73Ii>V*?35CiN^)FNZAgDv*=p(Kis@&Isa9=Uy zjipd{y99-U7_$4W_3>v!?ANn}?+aASf9+LizZlk$Mu&WhdXA=j$C5abrNKwTm0c$y z);1rA|EF)^--qwiPbpY02QI~Ie&qVaUOfGthV~!s=jNoBh=-^|f&V!z;2)_6|2V&0 z`iL(_M873*b!{vM2w{KgJ^r^krwjBFb6}LcLi|5|BmZ{fjO1U!2#lf(IhL32fHfWh zN&lI1_3|#cGQ2H$_99l~CY3VJco9>ACJd=oagERsnD@vKO-3AYN z*~z@xAg5*zx;y3Z{Qg)AZ3jpputG_z_uu7TS=#M>3eOwgym3!i;nMhaNLyM(24ppq z>-HwmSz;j$xNWy_ALQ zqF^gH3b7tuUS!^4r%sxaarbCbbQ*f&6|#>o!q_m2(#2M z76HzVm8Q%8?oE-TfF?^CLvVcks62+yuiV@pLnv_yaL@4Yje17RLnySu0QrRdR;u*v ze#v)_;huPEZ@*DyoLsO|v$TK*_hju^u}ZsvR>j@X{IfWqoNL&2UndJ!QW&=z7^4PY z_;fHMRF2k=lV|FLfb!;Y(a}k=Z|lp!&)(fWcmidK0B>QN_^yLJr9ivOVz?5h z=Z)RM2bZHI^VOjIj17j?QSF=W%N9lQ831D+ap1+!JR(N%zyjVSSg>2!XkaL8d^pRFq-nk4X^U#zVyI}#sP3D1Ls^qwSvzO`z zByb!{nzwSh0uP%pT_<)c8IMUQtOMRO!kBtnK%#} zH*E2l_k($Ni@7KH`5&0Uufyt^48l^kmXll_S=y&@@DW#YwJ5aCcWOQ!5jyqLwZ$N~+9DQh_-HuHh6x?Ye2$I7d! zd1H-XiJ;}d{-=yU8%w8!v-p)I?)3oM?8A&xnTa}E_BLnOsKX1Un}-x8Op*CY?zQgO zNP!ocfx7#?~t?la{Q*@nvYZ+`d#ad_GpuMf9+a`~gNKV2;(Gdc?ssgV^HH4MZ z^*iK5kEZ|MtfJ3)kTu{jp>U4;|G^ zJiZRn8|H38W!wZHqme(~*+v$W9b-;aMbnK8&JeKz$oq4lip7sB{W-3;`M6y{iJ<@6 zw`#~r=`x(n1NWQ$5Z<$o%h%15+`X`k=VJhel`>k5*+6yMlZ%t{+NWN7G0*d+G^_c} zx_OqxjbC61bIB_p!5mX5bKw7Zrxqi+k%IYtKk$+q8+bxJ_6;|!NKNU18~lEn+AP$h zj;M$7YbC9bsw|Y9A09Lm3Q}D^cAR2q-rNcU{M!ZM#7fM$}$Zk`iAz-@9 z4w57M26nm=Vkl75SI!jMpi;zOO%@6Sji@9vdKLy&B-(t7pbH|VEPU9=M|{}qN-le^ zK8M|WS0sl3W37$-90{cXM8>wV3Sp1f8?m;S z&viaDO6(hjhz3=Y2cYJoh5FA(JICd>G{QW?k7sv;boM=$OuwBhHTBxJg)}O#WhLKn zn*!wAzMtdKrpv8=cBc;iXh^R>RnOV~#qcqPFPbuBA_M zY7P_#*=I=2Ydrx3vNh92u)voJnvCNp?I)Kjh_^TKC!3kbELUAlb#3-zLcC)}LEB%# zgNoYG1?Bmw$s-c@d)7eueg2}%S@11@N^beYyaO$k+S3GH)B{Qf-L9t`;Q*+TX_{Gw z{v-SAc*Ctb3Z3EJkhII?Kr39p#Kp3YcplDNj%dqH9R!Rurm|(ITIK{otZh#RJ}M9B zXZM;%K6a2F=8|qe!TVpHvkBz-l)%p9O&qc?Vf-~Z@$Un%0Fv2NWLcc&27dD=G=eHl z@(?-o)LqMGCfhhr@Wk!eikN5avN)RE2K( zTRTKOxrQ2uwvG7<#ZDg(s*Vr?7R+|#_2xH71^frYuay%Zc`9M-xyyq@oueb^Ab62_udE*=)W6#ek}I{(h`s&ouPBG+H0z zA(bl*5@a{{*!kAJP+Lyd zgb8F$hxVhC=xT>0%(8%U?fd^veMRCX)ICo|KCgEA6@+kF!H)HBV@&_=qxxYOLQ&!j z-Ryosf#Up-pYnh;1Jgb+f200DvocMZYa-95Ow zHx}I8-95OwyELwiySv-puv88*naTc5IjSrkg0L0Gk6k zkI=O1MR6elb~D5sDpRP3Q6&{#M9bkTRvVu1icZPEh}qGW-l zkuwLiIiDv6?UvcSrpIZ%bms-g@zt5aNYzvW&X-9;IapGrK_a3Y_0WRW;1ngpO9CC1 z(g#v7?0IK#|2xZbHxPfJ@%{5`adHb4_dMIwGX+%z5my-|oLGqglm6fl4%$D=p<~gf z6Cde))7NdfB3hlHXei>W459uLimA*%vw9~la z^!xB(cy2?KZmV~q``HQ)T&Rm=yYRlyvM{pY@4%^>+!=9HR-PAU5vd>i{~AZc zgW0T4XjJh93MT|tuRSLo=0G$zP2UmpI+@j+lqpy)~R^Xfmi}k+%{F(5*t|`?_ z)_gUGOBpu0JCePYUk-4qt(U3bwgP6i1Vd8ZlaOi8**%wD4~%6Z*6JO#P=Z705&?kH zu$NyXe+DI4W%;rYN9Vh>E0W+}EdO8Xq)*7;4$HN!*K%pbZxh6H>Gp8YYpotYS`Ra# zMD2(GYP8bp$ocoa>iH4QbHZQgdp=YJy09Jx1JEFMyGQWPIEcW~8Ah`+SIO5;R{4r` zgChmzLd=Vy$X9_DvI_3)V1V@S|7l3zA&Mt!vWGe^N6?_wLv05SGCT7r5(d7(2KD)_ z3?64!&?N#nS9eY?q8Ug|UlRm0pPZm~P*3H&qKAbAxq^mYy;H z_O#pfIT*M0&5f-Iy!cBmU@TzX=vmqi;^=%2j4Fs=0>E_&+EF!)my6WWrQ<4e&E`B3 zz~E0YFZ$u+^pkh_5~yIN{asf==yO*BfBc`Wgy%*e+IL2XPjXg%n@t?<5~Mn>=EJ5y zYl(gE63aYiO!X;1|CvD{9jjr;%B;l2;J(muh^YmIdV>X`cwlMEy6tE+72RcG)8bCT zcmuZ3i$e8K0*i6@XqDs0$`MUPC3ODE@p)tL{*Bz0_!ZG$1LpbX*9=Q(s4U5h6^~NO zdY89y2xpzQQg?1RfHGDS;w~%UzrmybZWLb=kXz9-`KuoiOIph~psEVap@taAgXLFD zJsOeU88yGZpGS>eN$td`dIlGJC6oc+}*{`4k_G zJMK%eE>Z~urL708J=9sz8+_`KhwbAElV9W=_4EP6W@rw1cF#%rKQxk$ZM!!;KlcL8 z%-VoqmMN^xF9BFF7EinJ%~FdoR?aNIc?B@p5q)7@LmBXG;W7Y_o0Wk@iGV|kmTtON z@z0?J43=}X*qzwv^_%I>K|IU#NLf;9KMCLNEASY4=^YL!y(YN7&AhnppB#eGaHjAQ z3Dw{Z1);8dgj1Ide{CzYgs|7l@jfvoCELXG2+kc7j$IFN0jB3_ajd(&(<}PotL3SK z8JyJZe*Vv6`9?m^u+L%=`}*fM!M7P~7x}cgw2(|r{;DqdWyYW4a=l@bZwN2uNZCqP z?|Udp$asb_h^E8Ra`B=Ji2*@ooOP;jYygoeBr~Ho=5XY~Tr#bI)x~<^KaP{vzO{8aZdB$n*QF{^zbc{vIwAk8gSOVQUrbp#)c~Tc=d# zlP;i|VWi3{+V40`K zKUxj{cKoa9p&1<*(%f#)0HTbFsK0B(x#NnJ+R%wld4s*c|C$a6SXb9h$o7Q8RRoV^ zKF95m<;MkyDB)%4x`dTX|I#nAh~&+Y}I)+kFB^%n(}0lrZCGj6Kp7!g5to z-Ji_!ov_+=8lg`Zt9&M%02_bvV*QbhPq0GSb+E zqrmSdZlfwsdwF$-*<0#Vmid>aLFy`R;1LrIy?w=+^erkb$G_*kU-WWGgi3oD0qcGj zR4K9Vd~?NrU3ftw29>&E%G6q99BLZawhv--Y8qi3Iwj!gs7T#iSwv?C)WbM;5|~#q z$KrJjELB*B=FBfaxgRb${M`}{ZYVgD-;abw10gSK?T$b1&YTPnD1og-=NG9?R%8By zUF&RS%?|b8;ybrhjKy1fpgCs|Xhesj>IEQVv?Kz?@V~8~{8g18hYo7yEF2>a{Zy@) zhkq_wW!Xp4iiQnzRfn&HQk##LkC&RQ2*r+IRP|(YiPDFdT*gr+7d8t(8TIx*%S9yI z5YZcNZ|v54y9F2%n!wg+a!hzZpRD!X4)7_CXEvBUcLxeTO$gY`VWQMV7sOyC*pQ{C zD>2^@?<=}+vB)FOp5^?)UXqJYcYJTs0N|`xl7VXCK#bb9&1T`S^)%b?7*|k8>`Fi% zMbh+^>!7YzZ?=0T1INvvXI5bDd%9YZFBW^O zCHMKghstQoJK+wjq+NDPW!5M;o$+INZiM;FTbBU>%zcF<1-PcUrll!|N`imFP+d{ltvKc|e9NIYDT)HjayO4X@teEe_NM7V#TeuzlE=*fr5G{yd zmqWRZ^eld;ze|?!!@e&-sV*wfw*I<;5kyeyw>$OF3(aKG3Jc8i-Att^ZFX?{F$hk1 z)jYiPQ!GX3w|#kYUSMDGU14Zjs@pvuh~~iJBr^IJLF;lxU`xSMXv}iXE=Sv$|7QIM zNQR?rCnFcruA*&T|$QF*Yb}L48;4li6YIoD1tLwPzzpg z3cu7q3jeZ_qWKt@aXrG%dvkD@3R9=&nuaH;wQJ3v3PNGp5Kt_I6|tegyKx^Ui}M~A zVXoASd6N@0d6SJzFWY=joIDbPx2wiiyvuLSRl8E9B=rGHi9~2hdLYmB1iuPhJV(Ua zE3$W7sjIpQtDme(ZADKNS{uy5hGo*635TV}-XzvRQ8Ge$YT8ID8%#|&oXSt*ts z3haTf*eBi}eTwH*j?$J+xIh$@cbvS~$TQDvxJ%#mCzVCG)(^?rk@4Zn&GKmreE$fM z=z0jIsqRBa<+iZyAoUOS`1SQGEG*Rj`r-9!7@jkv)WUTcsFa`bi%*^KiXCIWH&mP$|6*yBA4^f9V8MoY%!jRV3UOU}Tq`ISu0R9HTY<)Xu zrv2X02n*~aPzapaOh`CGSrC&T4h_xPHa1nF{DJr8>&WlO4xiI80Vje7Ei>a|`NvXL zv}l>3!2)sZO(puj#-#9O{bdl(GU#Ss>8d2uFGnmPR>(veB5Jp^e~Tu^K=M#|6tU-y z&?JiKOZkqMk!D&X0D`iUJu>j>xX=S}RpVfeF8ZIW;hIID`+rJRf@4tZ$+&ef{#L8m zQY^ET)^PA;P+Y`^Y)wl*v?Jfzbv(X=lFJAGYvzGqIlo4n(`cApb|f!7m%vJ z(X~D1N^PyH#yW!05a1wiL^dc{Ge1suAzFSYe_&)c>u2vY!m&@JRv92ayDW)hq0S2eiF$ zdL^f&eXc>eWMgfE@#rcv!r>>9)0$c|D#W+Hfvn-_`6RF*rJcY*(nWV?t5ktNF@Zx`5?s<44hO&nJDxHa!Cbfcv`YDw^4qBPz zdV8jW#rKinC1kl{8a~gZ7Hb_(!=@ZKLVxbIGx3Ch*zre8O&3nB)2LwoWrSyYy zik}9Bqi_pZOcjsO4is-{azgZ*DPzN3w`G#B7u@Ee6p;z>P+vVGTc2c^tJ{Q%{v8u6UEeSULAq=It#I^EZP9l=VJ9gBdL-~V zTy)@OhR>GUbiUa~2)=WC0|RkMkLvRZ-(tewORgv+IdOEFfY;?P6~Pw{qo#b2b&Zb$ zwf^ppVizGzn9wGAux31Op09tZk^@o~4}g}i;zKu`7K*8VH2GePow)$fNdux4FkCN>`X1M7n*MegIb zyEg=)j*M}#5nFmhe@;((vS^l2vGp)%+cE7jWd?jU@5|z`vFNeYHA%THmwjzSm*zz* zqe0c!3hPGGn#-}0{8X*lvU}pF48GBx>j^)z{Ayvn-tlUl^9A%jTwjggbcXi0EaSSx zn)gHYXAjt1b>;(4w9sDa18~sYsFmI0Fu6tK)_XKimT;sOHpErj-kd$UOYe&LZMJ4A zn&tLt-y6NXO|gu@=vc`SIf9(% z<#jYGCvO_yLe9`cM6i5faVag#G)6go#Gvbms|@S2O^e7LzpIF|cAcJr1Oyfp8$^y7lLYi~H{D6GzjSa>U`H&8_ zS|RtuA6yLZS>C+XUk|G!uIs0KBngRnOlTy;C^u3dy{TPc3ToIO^YpMkUTnE_hT=k-A?f=e{euPk+eEZp z{AVFk8$HK{VtY8j^?Uas zk%=BO=#Z;|i!GRZ7}oalpKn0T+d2y)?}NJcD>ylsW0B~`vJgzx&|N_X`|cb4{*={F7GNJ@098P{N_!)A+s z>=kG0fDWDB-hg1Ma9;&!vDECyP@~h3D1STm`Q7LNV%K|Uk3L{H?)JTR3zok`hxN_Ob!(Gk!(ZZe0;pbGfk83_tH;H~}p6LuOauph`2Ui#*?j=>Xq(J>fR?E7z$$aq%1#=Nt<^7GSK z;EXp9CJ!mQo2g!mv-v7Ona`Ks6fx3%@@A*E7*ndb^1f?K+JpC`{b5iZ)8|Y~3|}v+ zr{p(JpG=(*DqZ7{xy{w4j97f8PKMfYwacEKm8B&TtIvB(F5l4a#Te8Dh;z49g~Wgi zpI)xZ)ghKx{EuY2qnp%O5We@uKy-ErTfIM}GsK9&2y>^n(9{9Iv~@*fj#Aj#gJ7Pg zYY_hrFZ=wEyCBi=hW$?dP-}!1BoyZf*$FN7yH<-qJJ*j!IxQ*<;OxtK<-hu}jwn{S z=&f{llz&uwD%<;<#o#Hj8$SY8mk4QK^aZihs)N>N*Pxr0T1&O3P#JJmh@tKssI352?Q~Xlbq)9zfPKowv$=0X`nu6(mp%E1MdD)P z4X6F1qv+G3gPvW+3}LIk=^lgANOC20J&ak4*^@f!t9M3aQZ-w0N#^39awVF1eAAD( zHtS-y!+GSxaIlcyFFad^XulXkF)arA-kMA`eq(#eB&(3eh{E^ z6_DZ4w>0&HhFOk6n7y62F={eWN<9LH)!CgWyv)K$EHLS7NV5l`B5Hf8cOEWBIP`fs z?krbSn$5>Xhvm@ldD~Fk=QHo941b;lYpFkaR0-CJ$~GyvhA&m$lbb3#Fmf}_&dmbO zsk(Sx>Xw-6V&iTKK3gS046iW1<% zO{omtdw2t#OdAE=Z#9-gpC`#lT`oVqs<(e?&T0PHb|1yz1|W{qNNSA^{*RCb37L{% zU@U~Bjz*KSQ0!A3x4ODv9yxqnJf4!(?cM~*51Sdr5*s7;d0=4Y&PZE_Y>k=eZL!Wa zRo-60s~*m)zQ*;8g56_2{zl?G#2|qQpc2$ z4h_5Il=;kCawl+OXEK|;x?ab=DN?Omk+S#LU6wYQDl2FZ+HGs*dTJAvE>5!_8N)^ z$=ito$+R0b`lEAx#ZOp*)0EH&Y!ugQ%VNE6>h1T?>zwMO-L=>=7H-zA1{Xuu+3=s3 z*k$W1)lV9)_Ljj?Lmt>L6?bdKL#in|k>T*;2)zdgfGmaUv9R9IA$+W;ggScU_+$m* z&e+ZiyCb2_M%D7;k-=d<6UbxO^40nBr8Pi7Of!KQ8+k|s|Mt0KyuHt{Zvx!;==?NJ z9O2jZD8%97UvdNYfhh_;>#}LJh%lwv&Z}S*&6t56@L)(ugZ@Vl>L>1LDt1)xj3$OF z>4OPhcjXWi!(M4u#^6aI}PKmFM&~kT4 zTTRJQ+1^q1KIvtWr55Vj`(cKGrxv)Q+i2&TUro94dedfK5}2%T*z|DQH}no?w%L}} zKRcJiB66tnA0qBDpXXd8fgvG&_fO&QR^w&bTm7sXR+a~HmpmT5wXw$x2`q$-s@M`r z=6e^zJ*$||X6avkKQiE1tYuW)SZ_(PBDZ}?T?S;cZ0@fuF<5Q9;!1`>i}KVLe&7x5 zkt!77j-7(d6PbwDj;T|T2_NwaY8{L_kJHz83xeqedK5QXlI~+mqImpVh7u<8c^XoA zZ!h+yZ8is$NR=!7a)zv?^iRgXPq-7Z%6)k-W{;0#27R<{qoDiR(I^fL_HahEM5H^n zrN_kRS)RgT^(J8~7JC$Q{QHg8&CTVMEmFCB%0#bOOr+Y$0wqsZqr1$HoAPXml9C@7 z%*IsJKBZSyaD?$2oNT{)juijv^`1NJYajhM?sbrYI0 z=SR`Kx9&L{3wr5B>=+++;e>qR5w)cNX6JI6Qj3u5XUAJ3^X$yv)q#g3*pYF6E6~x- zSn8oKaLKc8?(H@dUykXgqd`be6Z7J0vfm>?xT865iehk|&#Jm05jusoIoxic*IrHy zH_a(N0g{qzj=0@nV6NVRw(=-1rptqSUFVzsSt0FqUQ&#loZB%yqdu|{=&q>7jk&S45q*M#k^!rP5Vr%6ui zXX36>bD~Qkz(r;0_RjSpCLrb_TNYc0nD`haS%*rahLR0OvmghG3A^27dB0$l-DOYs zYw%$yPdpD$|K@;8XYRO+7(k(;(nNltE| zYnE6~8Q{O0M$*!Kbhcd$#oT}VAi7ggE47%hv%P#tR%y~tvoRxrON!{|tg|Jz>F1ND z=sma!LUgD`12=EEzM{RWF8RDW!C$@dEYu2`CWE0;UH;RXy7q&yQ>{82lbcB4hz0v~iBdWl>}n{Z@7VS+LtC*6jm^V~+mfS)4t0T|St}u_;dbr_i$A`fU;9 zJK8sEYZRH-{Aiy2&?iSvbygSrq4Xt%h$;!u{=4vY4Oal zeYc+R;YliG{GQ$RcG5RnD;hQct^7uGgOv;2yERr>Y>BbDG1Wl#b{=(}+ZN8zR zAmF}%f)o#3jzs#y9pc#LkP7ejk%@en@sYMy#3C`|T0R2q?h}zlus?p}7K!hv^d-OFL8M5OskhnTO{_6r zlD#w%? z&>ouw`438@>+tT<>@`=^t)=3}vb!80_>dqCeG=`ZMn{>TA^4!vEf-SRpS$*ioNF$1 zH4M#sF|9>1zIL)rpuAct0)jYKlkpHJoHtSl^oDts9k)>|3Y13U#h!6=w2!@Sq$#Z$ zT_5W8de{3RjZb_37L4IE!7F`gZ6j7Gc6RS3y0<>lRi=5U)iXO}NE1(NmyLt_cKKiz zf1hi#r@Qup12ruG;jFYY=gPon>8Vev!-?$@dJ&P4wYUiD%MiB8w7aX6$j{Ezg!OPn zl7pq&&<`}SKmuC8GyrCGC@pPyf|jZS)hX6y|Js7TLEE!AWFAb7@;&?=}x!`^wwq1b0Kni099M;@{N<5Eg zXFZjxDAuM2a+}ZTmZg7zWpc8cO|wMhh2!s@EGzP;oLnWT&u+!SLyci4r7_NT)e%$- zM<>C8h(=}MP>0?=jO*={QXB$PP^%CQH)yHnasLq@U(3!sW{>CU%FWwrY;2fPFYd7CjicTPo)DCHm^H zIe6N?Gyp>AI=Fr!KTmvj8@wPPa0QW8Ac102H`uvJ;y}F95pU}RrypH8F)EU^gZtgP zDN88WGizIo9`47>XGRtm?}JmGF6L2ktZc2v03`q1dT6p=*{Ft+Ga6$9$?@WbumlZ| z$H$*8(Rv{wxRQMPLw-6@#MizVeFJ}bV2c*yMy;P(N87YzJ>T}t2lPf{QScYrSHb;f*Y)9+>kstvD%JH3j7NSX6cxlaWQ__-W)(FU znoGy=S^7jK%=6k8^g|}FU}8n+!oisiC8}y~#NP~3OEO4wO%;#cHs!*OHnuf__M$mebBCLb=R-HYJ|F-q>hri8%lahV~(Q4|T-^2K& z9CUZ}*c?sKW#>D;G}y)EHEjLZRj8Arw-7L@hWgR`IycNg+6%ws_=v9Q>qV^TS-YULYd&;_x`E) z!LkKuQ<|X6cnF46j?VXZu(KmrY!8j`chRR>OPcwELN2WYg1(Q`U@?EC32Zbwu$%B1 z|Nb=OE_mkSXf*(P2W;PFHndcng$`f&SF?tmtWl(f55m!lf_*PLnvoZC2mKY?uvL7l zP{c)I#TRn>ny&ncfo%~dKEJ)WF=Cve&~M>Ckc*|8%BCQiTOQbI8mED9dM>0V@AZv2 z4@N*U=xr`1MQH>$sa%AOu$T-Cy@q(imfJ?bE)cYK0ZLt3SG2-OS@wfhpU`3_F^Z^0 z&`{;^lERujWUBAz?90JK+a?f?;QVBdF2fHy!btH$Z2rC~g(G-|qq_yQVTlMSr9BH^ zfcmV{>$uv|gytU)O%NJ8I-N0r9ud_flN;lD7_BonNcg2w%}+rzct9PaC}mG!NIV4| z04V7C1&U+mbni$X)0 zhEiDsc6#^}?^7YFs;W8>!0;9E`RXUiQzQ385Noz2^hZF^okTh-O^z&v1pjJhJ{9{7 zTXml+yPvvyBE@}n_~nP%ld{PScIIhdN~8hKUDx*c4xO%4*8aw;oqcBO9SoMx36-}F z7BXv`7=L5YUt^GFYB=b#(ie5lMr`p>CnqLVAB$h`tJ=Q>b~MSO|ou9L6kyL&F;A2iZRHROmm=p1Hd1 z5}+>@*>0f99^>Q&q?*+R9dA}Hq?h%?*J&JF8BT}8JUpP(rCSIwCp-9*=77LU>UF<3 zau@XDeR4+K(BcttFng#aX5Cg54LK{xQr5PR4*5O$U!ap{Q{>6!=^3|+smRMfXF?f7 zmY?#vsIM7N{#}@?7tT6ZX%hoUMS?wdg>;jZEwYNIBV(Y*u$!x_Cs7h8`TBLzrXGaD z>TnFV9h)cLU6N!9Ea#w#h%L=2I!s6PC}T_5DsDg5Kc%)ZxZ`xq#I3op@h@XbQayL8 z9;Cgv4uE=ST!!wEmh5k5Jz4}qQ!`g%-OEiX#~rq(4QAa#=SV1tKOXpkCUTDfEn{N) zf~;rN$q5z`bQ-=_wef70Rh5fpv)fNNuMV3(j58i6dp&$6NEAFXzU$5wunF;&icu#o zn$5`_?!9P-G268k0ACbWzl369K!7&{1fmRO2&FFfXBqH;bV+@Et(-c}neO8K)WO!U zY`!#~R8L1NyYuz0)AjeZR}Lque7kc^v3W91PRKCwkK`K75vWuMC~^5PW;rV&MeouJ z`y*N@+?t&`JAU^E7oM0_rG};}EbGC$8D=&?n*}QpkL8Fp=K>x0Zdim{Yj=R!gkC*}%8=HK2y4l~ zfmq>B8mcHdV6KQc2#)a~zxOXyJenEk5l>ZTpPR?dT*EY_iY(R0X9C5U zR5am@B5cvm-35ata>hml_&+&;4hb@no956_TPTiE2fYf=>b7Z>%PvFaf8#Wz!9$hO zOk*O#%hCz$F2{?`tM7Iks(h<-29gA8kopN_Z}%m@&<3r?Wb1F&e4D$<*4^7odwmdR zvGa_mQ_0p6z>ph_dVkSyWi(NB2&krN`5GAA#0G69-Ady$lWMcu+S0GeN@HouCY(U4 zndL?7a^pdBO|TddDM*vROcT1e#l#!~8K9XQ)Wuq|ZVQ}4m1!IJi^V{AHAli)dV2A! zWb2i%k)m4Xw{;oKd3(IV(SK+ALpXxoUCA<2>Mnb_3?LAcN=~^G93-%4rEb<~G@-H? zk^m%4rOU|QcphH?^7r2)HVT-Rg4C(_OEmgCjt+1EU)r+`n!MZ-!emPg zeteReYi**7DURlGNRQTqSg(HE#JcKS1V4pF+wxxlF?!~7Lq682GuGlJQ@s=2Zvlbv z%hB-ANJ^J#uvxz>Y8+W*&ns_rca__7c6wkEa96w2)zLU&(VU<28b3mwZr~=KDXGPp zdXM}ymDKIY?RU#nzx!p}j-Bl?ZM=h>9j-vMTap9uRCY12hF1Y)bi0IqFecNucMDZO zlJauS`%t5~o|wjO?(=|DbN+QrdfCth2r%gRY=LDxGPgQ2z{y{nObnd+;v~p~w|kSg z_`KWiMk2Lax4zn4h#gKDuNRDFL|@=p*85)-M$UEQFshM3M{!B;)W7%?k@BJ({eZS{ zMy_b%$>D+1sc5RleeRcZ9FUs`)03kpfU+yt(RZhlwI3ba!x!%mnDr-E0dG5jEnp6`b9KXLS~Wb{ zr->R}Ci6$tSsn@TA-4uMj`0LNn5WX&+>!S-$Jsk9e~t|dmYu{2nN9jX_rJM zL|be*hMo^9p*E-4fYckYTtoKY;DnvNz$6sz?3ddFHs1w9u7E5lfPhx3>w#r@7`ms7 zRl@qG!9_^C0=%tSi0+AvOhSOZF^u3*vr(w>E{N?)g``ya$&Wka#I`QzoF{b^15u=W zcxsD@WG;Z*J@LNL^<MctVUPi5!otYdp6bW;|roKN=&VKjt!V&a&b2$9*d70{#v1z{%( zkZ*sHlTEBp+8@k`A-l!n6-Ke4c^=F?+;CV(QCJkJ7rnLJA5llzS*Uf4oU1w_*sthv zT`be_U!_lTGnkRLzIRCUJKlN#kRRdL+mPE!xQpLCcNoEFEem#?eP=KyyY@;&xL^@*gwGhoH|RMF`sq|soDi}dIhYpP)x!g!nP zA0`Dl@E;*~{evZe?X{@DxBM27pv`2+a5n8Ml+PBvqxwN9JHn zM>4H3n(Ghi*$Q3C-g$WXV2gxQI>WO(bu`_N_pZh;?`}ff-*7!*u3fKcS&&ll=t2H1 z#DQZxY-9|-fVr%!2y7lsVG-%^TP#q#LSMfK8Qn33*QYf&(5bdY{7~%Ra`Nk`?#d{l zSqry_D>G@h@ny&#_sC<1eYa$*OuZRaPKf?K5-ks0V-tU^uWvg#JdufqMs*@aVX@}u zsCus2(%1x9KU-L5Z`dBwK-4XpbaB{9lwz-5#5qqv<#`OH|5{x+Y zq*}-A`5G}3(2tb{A1=(iDi7S&7f;K+lq7t!1eC80?!AO)$u4DF<2jkFH)Xr)9QRPM zm_bnsic2!pPeRn$^pU$|k1n(yG*!1W=jTXxsKh;b0$L*0L1;dk0{Pxczm9#`b5mWuHtmZ;L zyY_TgGS|+U%SoEE2EeUXnm(CwckJ0ustA@zEZK9^^09U4qm+{fPwV&T2 zd;;MfA1=#X)Ah?Sg^L_%=SoG-CQWO(w)+e2&){fTvU;iJY}dkowmA8WMnDVj!%*>{$r6>E_sv?ma7KchT~n9-;>(rA z^a2TqyN;kD4e?z^>ZGHftaW1MF_3fp75ql*P_k2-=V0y#{q$2*2TB;;u~aEEY)e^T zraS8$Hb3VXMw^W)SY;&T45hxkia!2 zlL?1Q)1*=|SwD++VkyVGYS&FCG0~R!d|Sm#UrC(V7OS+lZw@_uk)K4p+o;{O$SV&z zD*3B=#K(VAa;zb0W|lwE5if?L3suv`<7>Qok2;8ZRJjN+W#Hi8^ir-c{H!P~_QvY8 z;~2}I>t7SU9YqLd;3N2u<~lr8ypGf9{+2bx`}QS1)r)Ka&oG6fJmVrcE!P{X)`Xuu ze(C)CG_=J9Zr(T)`2OY~}Bg?S8h%V+%Xh zAUd>~c=&9ht&s*MB8xSb>>2{wZDtaSwF^iE;ZiLYC8Z^A!c#oNm`Lph7HN{y+f3q@ z?sA{ptEmyLRbFUsX`!b?a^ReNIF!I{`nW<|H`6EkVt~y)M<`L$ud_JCO%P|+Y0t!w zt&3ss?&87KQ>&;53YGmA5DWt3RuY7YNOOQWDr?f!TlQ58gIQb9l}e=A0?&VTnQq}3 zyHaL>SNVb3)+V1;Ai29r)uv-UsN!Br)OzJNhZvDvNT)^$$GtM#(fwBUfN`MPdv$i( zROt$10d|cO(D<2HK)D0f*6HR2%jt>jno?OjaG0bg@qjNdf4r57EY^_fE12brnZG<< z(m%&h8TS}{v)z^q=H|iQ!o(Sb#Zfsz1cBcG#K+7hxAp1ITdrGk+HV`5BF3%>(5}QE zMXj}t#1fcJfAJRYU(A)*{Dfnh4jkQ6V`G;nJko$Ptd6%Th{k^Mea*OJFh@UkDvoQR zQU_w7P_6Z9Y#bZ8F3arezz>EBf^V`roZ~|wll`Czzzu8NL0Z_I>$7qfWPgc7ky9QYxD4XAk6MHc?S|Dyn z*;dvH-Q`i=t=3@?&>3k(84%eLXQvgkB`hqcCyOyjEyxt9IS{bF|58;`>p0)|eIG|` z_0TP*xobl4t93};YWvN9FSi07KU^SfJZ~(j#*gV>7Qj})tcJGB?$!lx%k5VFOnmttcvcdZSBYrKVER}1d6v@sL z8Mvo>U(M4l-|H27QmiFn5)sDaYtSdEEd86ZUGQ(pcKPu&6Of@d7bVFtH#g#6MKNYR zVWXNISM(6-a=wB?e{Hgu_n_H6A^r>?P}GBPe-YX&2;J*4*YGr*SRaV>Isu6)Nl~hO zKygwawk2i_92D6_xc@EvwE&wnvv#P^hS#y&=FOw+v5GS74lFrbO{*8C&VZtEDhsO zA9-gMp~P}TaG>lWMY7=m@VT4f)-cglIlN~63k6&LE$?%Etbshpc$nKTnz^pj0Rm)R z)wAwohO^WTU$P^3U)KZzyDc(C>uUi@=Ml%^{b$Z=*ryQIkC6@f(#n6arK8R`Ac2Y{ zBq$6S1NaTakqX^9@&I~0U6KS0Ky8<8w9*?=MQ%8naDI)+ytG~mx|spFjX1GeI0dDE z`JbM?8ySjOe%YAYP-j2uZ3LNjy4toJ7yl_1U9%4HbSappq^d?bqdxTCc^l4e_X;!s zv%UGw!V;Lvx6*pJxbSSUQ)nizA*dAU++^~_?`u?wRqKdla)QqHcVup_mKr*FVt$P4 zQQeuYn46oiI-6jGPLL<+Fqam{JyMFy`xblZa@LuqjZ&qMOl40M7 zb+~B;z^^iK(w=kJsh~AyJ%rnticX`}tk9ZMHdR7|mamo!Y-C@?aU?gzA_17B-1l%- znGEqRG0y)j7zcjuym#&ef3b$~8ZUn`5_>pJYBo*As`KSgc!0OHxF`URR1ch0uoa_; zG=8arkieLM++!$Y0vg9a&sDD|i`b*3mfV6#;~gxh15Qrd7w(B3P;mdqBK_bO4*j(> zV6o%v+GJOyl14+=T=FJazbu+rx%LKIaaS;q*oD+CTl zN<1(5`;FQ-q^Y$&ydn4*y4UqG7QI-AMtS*ieiI?#I3}svyu~zor)Bsp+B=M2zeoTo ztf>E2#J_bt|5;U{q(B$1`E zQ&v+&i#fe_9~6}Ywg5VkH^-nrytR|0hnFSa8g3C2yt(_7({3S*n@iG2KQrvi9mw+i zTV*os;MRkM278<15nK#9JCB$bR$tR10iN;?u5|RjjT`<``1=mLk>43tt?q8;r=bWH zPpsANHb|2g2c_*x8U&5?Qs2p#WxaqR+p83o9pV;iaHYU#a=CLy4Vuek(aF6C=P_>6 zK>Su|i3)Yute)iUIXC>7!s6^=h!^f70igA-WU@`BFtNvv0sRgc@YU3`Hvd4#eC9ak z;=OQ}JIAIx4po0FGrR=MRuUjyZjUZ(*{n%RW>K)Y$TNYk?kPn-PY5Qq_PzP&tlpFj z03ZkDACGI`<=Ir4A08f7nsxBkTdwKNycU;*a#uOW zCf7%+bp(MVi5W>K~81@4rnx3D`Pwn}w zs`X$N!uXK&MiF2Y%4w^NZ!kDqEUX>tPX<7 z4K@|EzfL#$r2|oidfDViM+vw4v`?=z_*804ndW;I4~E1s#5GM+%)fvC(yRUwsIFZsHLy~ED_W0lgI$bBhVz=_TN2Q#a;In-VRg*_poD80YG1DE0 z%2;dyNec>6PZo@GHq^pylFAZ;iz~cV)U}b424~42)r}SI=uQNz z3ip87RIC@wDK)?)~Tc$AJfOGp}o&F~&H@Y4W3G0GodN`HJ%a!x!%A`)q@sKmPMQ`VU{Qy#ua! z!loR1P%5ChH40mT(4ob+u;fR;s8dC$d8l%F1#A@xIb3X%ECk<+pKm0UyD;h#9-8HS zyHJa}n5%CzD6?cJHEUd1w!Hq9-W34)Dj7ouj?`f+gt#kB?@jajm>tAI@aalsr25(~BCS`fswsZ-+s@S8O6rDeK!rp8tI?Zu8iB z?wBw~-V@(4`b0RvMa=1(fNuiR*r&^|$1*pPCfL+7gae$TQT)ZC>*Y;qd+s;V3 zXe5W-w>*Vh!jIO{LO!uy*7|44m2%|xori?p8xAE_*LBX{*II9+IqvK8E?wW4n+J&R zF;_RmC>xwRs;apS9ct#f+*ktxGMoLeo>}({^0s^9nUtEf))S+MEYa!!&_$nAY(YX_ z)X*$}V9w7Ul4})#9>+dape552PLe)XeIys3JZrL>M)AsBT`7!(H>4bPzRX}if+kgl z=U1D6Rx|omY3-*|Lw^-o?a>XlA~}FyP^vOD9@%ek7t|>ldOuShwnsXYo-PVcdMIw& zStM`pJ2xGvkHZpfZX5Z0T5`nQ}u6fy@dmEh)@sVa21PW{)@~n0M^C=p@G2 zuD$n753FI|0HqxCLRS|fY0a^Am2Zt<#@||}0XgS=)v|u=F;Q8A)Fm!|n9FTd6Wa(Z$ zdjYTu#$kU9kFb~UJ80+>18OxtasZTIDbkkqL#`eDB^jM#Qk@iLoOW1BU^y1lOY<)A z(=tgiIdNoY=$E`tq^8?T;U5FW0E&Hw8Kp(@>z0!{1e6{|>DCba?$(ci_(}3qZ{~NO zVpH2ihF6GEwXpP0iuY$3T}4(GMcrZos$g%XNO2buSoREWMK}aD-DmD zY!7Db#wb1l9LC=jsPDydvbxBA@#3F{^dG+9J4XyntO;7t|A{kiMVaoz>B zp&$;#GfFy6tl*70U+vIRMJ8olvv+YzaXTJ=SGzw>&nb5RF%tsp^1fN~$jQWBP|(it zpsbD5I(N_%v)QBPrWUhJr;?T1z3Z0DX65n6D6+?QnPRcw!0reM(Ga|BEJnk4oKd;h z+?F68qXZ5o1*4cH5LLg$-Y{LWiyVOeTs@Yqkq%?fXv;l9-1r70)s{qCY(jFT5yCzK z;SVabP->+Bf)%XQr9(4cV>kl98ZlZZSh2ZllY~(TP z*?gNSdI!J-C^z9BC43(MW!=o#5L{-^Qk$?;%dK3`-(Z`s&pMC&J{!t5Z(4B^6;&JR znaBaBeb(NT1=)dkON*3R)f$;?hYkbV zD^ZMx06XJ_s799${cuz>?Scn0WxpUnrm7A~=PV-XC~s;;Qrmrur;p{wYZXCx z%9RwF%~pcY6n#I*sXL-Ba9n8nD}lpC`S-&%pht?QMY)MP8?6GM7?kcBMyokS0L*cU zIo!PUGDekg2Tdo1?^tTYK zAh`+NEYzA4y5Xr}6K>E)S-i{p30~`K>MMLUOmMoTS|rfpIbZGON-lS{8-!qU%LH!! zCTIQ5V@lU{h8pkM`ib2@byw{F@B+XbE)pa?QAN#qNtvTk3}0!CyGvdAcV(0rdkzn} zn>712CIiykbxo3on?Ii&y4#;~;4AecomZ?4dn)^wW(sUfuh7vo>b8(3`sv;>5D9(y ze5QyXU|!E^K#r@EQI@1Ajj`J=O}vkQRV?+%2wb;U^lLvSSG25GLCx06z!(;H*?GVi&|V zws9+(*LgD)Ct80s#fl;gOg?8G#VWT%+GU z#K~qgK0iPIIAdpZwe4`>rPMj2vJI`$RkZ^)aLg!GJWZ%IsuudmYBzz1VIu%Rd3%Y^ zmo1YhpB1qp7F{;H+4ng|VN5!tMVe;`5(;VrSOED8@xE?#&f%kfzz`kHaylwy-ZA#;z8?f^>y6KVL~asH#`y5cJ)RtC{ki`kxJ3TmLVbw` zDtP~=mM$%*CF`9DxlWtc`c}2Ca-nK|sbJG`C5dId^99B8CbltIgA5E*tj&Do0qpT6 zO?7$dtvj=`*B`X@hI8RG>$5Hp%eyV`oLpfeuGq*zfdMrIcw7ToZD{p!AD`WLc3riY zrcKy>znz2`JR1{Rud-uEArs{r#WKAf?-yfJtSC+((Aen)rSZwAKC!S*D^-TZLEXC! z>-`0uwEnMi&P2VGb$31v4N?bt^I=Yy11w4YC?698(S%gqk^27saW@W4}CBcUGGG}>8(T3-qKk;LmJa)HA#GA{h-xz!*v zbHbysW~|OEDSuP#+Rtbz#M%hKdJ~wIBnw`&n6B|N7>dmWtPkNa|Q1lx|9)mhdVfOXOn&Mq>VlE(J zjs&(n%J&I|2V*k-{7I$uMgHw*y$ZtW2eKRc>uw}$4$};=_&cKC=dgm!W%RxFP^TBX zROwS?zK})kU;tu*vr3V2gdl8&vgzh5WNidLs6o@?L%miQGobzj`vV?J>{ruc+_?Uw zIljCtQ0*gape;PKb82N>7HZe~13R^)fH}M@U=A-%IpVD(CZO)F+#R19cQ_dJqfja8 zXp3%2aejwwvKy#34pFUAtOWzAd68vSe`&ils5u}9BzJ9e8mV*t$w)?W(2O-jjJN~0YWOrV+MlIf$Wj^*= z*x#)*+VjDn`CtV={;8GjA|w#pq*g17R4(|ONiX9+Rsb{K@5G^qz+kdzdpZ#5_w)9y z{5a(zhBXD_Jjr|A+E7OxgGNotZ0=sn;b<{anfEc{P((NYHFc%^wMlPhAg-+2;X*cf z1lElJ8y83qlnyei1{6T)d9IESY2*>43WM+2z1X>!$T1`qYpfL4w+3Uyu|~7AO{R(! zeS$TGVjJfI#0if{s|r~ma^9zzICe>zWvC%e0_#{g+*T~?D#c_I8T_pEhGaIm6ng10 zH#;bFUY98V?}frXrLY5+)YmnV0cLKXXjG`rPScmf2)Ok8@itSpOUCF{MELo&NO^Cw z2)41MTSxJ>#o-7o#xV<|nxngBU z|C>*yPX^jA`X@|X?>|)p%a)Kosp4dfM;%ACvt{I)A3ag;Ml-~T8uCv(e4*!OD@_C| zO(rwyuMS~lHGuXcWy)ev?m#WM&;GtCf<*S_JqMGpKWc?(j{s8LIrQ25<>rApFd{1M z+~sA(TVXC4g2%0}9|_Y)>!lAOx{LV|5_Tb?KL^Ag>Nw`iqhPRu5V;umn=Be?r-S*h%Bs8Q0vsEY*#t+oHO=4zB=jv54zEX9M9=-m3_kExUo(` zyzlMj^)x>!+zNk!cn(Xrj9aDIEz;n}z^_vgnU;A9 zUIW~d_Pe9fta^<@j3Q9xr*GcHvsk3YmTwyEhvDrMJc#lADAZoA4t-wTw-fUAuRe)y zAHWCI_c<0nQ~#-NVuN(YSFg;t?Jo!XI*xLs=Po5M3$1iT4aBdU=BrF^f(-f-r~}&f_3P2{l>yvDQkWY9^==?p z&}yyomr1yZlGv;~Ucbfu_A@IXStS^k)&23>rZ`KpwoLys<~4DJ&YFRAEs%oK zA*z9QM*iC-_tk9>&Ullcq5fcLx~N>M2bAz)T#FfyY5M!ru>oGgE!QsIUc!y|Z%+vP zXHSSF`Y!+fI`#$R?UoPF_f<}w$3Hu{Gc+6RgA}suNw1U+{mp=LIN{GQ3}v-gk_(En z`&EN8SxBOyqQZbiW_L8{O`)7a&^uRoB*bd5fP66K>@)&F^1{l>iXKNm@(50cKE|CF zfFNE;R)NOMHS6VO7&3oxX$+%~%DfNT+`?Z<;sJ?B$5)~nKW4i%FSdE&%bw8zt3~f} z5|V)iMnA0@sX=09e?d!z*js`NsMgUHCn=|J$F4*|Ft$c^ebC2C_+8zzzHWR|Mhe1X zPJqRrAfB}x`dO?66+kz5ueL0(1~3$=2l!fvEw4rRNzxY&kbFt*7%JeDmh4zRwB z4Ugkf#I*SI)=ao;j=rSnE}kvayrNPAFC~!JlZi6*8cfn;<8<=_WFeP+qrAGY-8zfn;Kv0=R`s+ioN&8MDm6xl&29v`bIzPc#=qZ z4Ub2mHZx(!(@dw2k^09* z6vT4@H#H<<-?tv-|8|TDUw7*vz zbr$QeoHY95Ev~rR(}P3JLm_jh4zyb$yCe!r^jx*x2*d}2pZ3=Da==^5+~OZicTqndGaM+v5&smxTJe-MxEp|g`T}ji^Xs z;{huNSg!y^*M&rmz>Vkh%Zm6=B4-~LC-=REdn5qg;>dW#2(jL?t-FxlZ(^NM&B~s*9Iec=m?L$I14u1XE68w&9LS#t^kAx&`Wqq^d$e25`>=l z4Wu=n#XqI%f5N7KxsTU#eqZPNiuKPQp!a|N)~@AO`hR}w&tFsl?aBXABwPZVPyEC5 zSG_+y?0?}qNP+AYkAh1T1N)Dz6ww44XjDz$nbH6Gt$+F0|KS6D2?9R$EeesC71fY+iAIPe*|iU^HYb*8Nf&Ck_h_l z_iuY21^g|+&U#eSmG+gqAEo0GUcbW==n77*7^bjC2mODjt3@iW=k~e6xRJ?DF?%Q@ zCB+vGP-`~k0>hQ4h{wJ^sm`YQb;xyPLF);C=TEk^e&29U1ZnP5%ZD;d(0@I3%g+$+ z_NIvNlWi+>#tiE059-=yVcLHuRRNd^)5Xa7g$3hkX%${q{r#*kJhJnRm3}1ZYZ0}pPp5P zfGP-j=GX!JMf}5uR;7HISLOK{_0CWz&?FP%b_a_QG+GTA9v_IL(Y?(3gngwBRXJZys6M_v9axPLbH~ zAFq*rB@si01i+7>91c4MR{YNnKIqhOVW2#vH0j}puJxm4|0?r2^Qw@>x%fn;gf_rb z$kLL{r7~%a`ME1OJ+G+y*%wW#m<)a;9REDE+rZ99UA0ti!7H7_Fz~f8$vq@GVtGy+2kZT&t5V!m6q7p$WyK@{y^gMu@MU%&fSR>4Q62q)*id^$4M=nY8 z3Z}hra|4NGR_n5SYH?)0bc%zX<~gKvphBPnEVs|5R1vB#%woO+-IN(ay^;@ z3=S}wh^xFz?1vGZBC_m@Bq#c4Z-%j(bS}zAZ|Nd~8t&;!U?o_78I~=*y4!A?52SO;CR9)sF!vfR#>Xwoh& z4aSf2?C9~y9CrQydZSmWCF_mkK6jkznQJsci0%_)E{XuSp zOZsS+_5^YOM>bw;Vc`roIep5PpMz)Y2>ifkc$pcxj0jljfNS7p>-33!0fQN8Q0Cu= zi01GvrU4yt3VE{>F?iv*A<^_^`kw&*zd(1k_do!7e;CTv$p1G1SPK8hZER^-g7|-D z0I_KRE-IEPLF#W#cy{|lB8(8~qZB4@e;oiMj%E0*3E!l&3T{uIL=aL#ncvS_%;ed{ zfD!N@y~r8Wz67)!055$9(aYI&XK2XgtAx$G z5*IyL?Mm-*580WoJ+uA!5Rf}}ZX7|bK3QOUx-P!UYw7z--}j0ex;r9DUf})4<2mI1Pr;2wj4>-$aSG9^$ zq>8x{5;=s7k^BpLsh3N1 z>(Uv3BsKzJjsXaBXge|N&)nyE6T(0kH%=}1)QiJ;-7*y_=44N*4s=w0hU8RuMr2yi zcw0bs%TqyYv)sOvO)4Gk1u@OI3J3_=x8D+e9g6mbQv?dOY0wVaKGsGcM(UaHgiG>kb1$d%pmF1RRGH{0$Yqmjw+MfUM- zddbDJ6zDg@N|42qfgS-mvGHycz`~=-aObLged1aLe~gXjc12nzEemknP^SF|il$t3*5H}r>sI!yzO;Mm*@l1xeQMY&{op^BZ zV&4(^%~fv%NifPYc_otfb?sK5hB@W%>6WO;}{E&nmD1!Oq4e9pF(S019Hi zXn!byU9j;EUhcGNy8TGMS?ax{cm#<`=L!r>_|ZbO8)g?{!=ToXkBh14b5(+<4kHBY zdU}G;oh+VQ0L)A(KA&uMxTH zZxZu5mxLk$O4#u6fh|$ew&wAQriLm1&!FeXiuCQ@NqS?c1FlU_yI5dui*<8=hg` z6~UZt73~pMbcqW6e3st#BAwBR*KS^`bQtFM(Q)%h-KfCEHBn#|PxHR--C^TF{8wRb zwy@~x>r^yV>kI0kgQ5k{=&yk2b-K6**r#9Xn?EJIu(<)w^G@IZ$@M~C=Q7}v>`0Mo z*PsD@n&ZazN7o!ZKV+R46B54H|CKmN3;lk-cs7x*@+>91BwDC=M&o}$m_SrJ^b6uV zm0p}-4DECV#jnSaA?Xh$#8#Ot$z)1KAw$%XD`t;e;&MivjKho_Db_}(>Pw>g(_bCV zW#5a{sSF(|6`5iog@?OE_cV6qvfe<9#c_`r0usZKs9^HTZ8cLSCRka%=dsRJ+KO7A zibdC3IJitha`51Z5f%a-*O#T6N3vZ2rwQr?Cip;e7Pc-I&bqoB4QFHTQJiGg?4;wL zQfgJifzge%EsHcSKQB5@POoL&r0VlUkLs!VSm(b$vMiY-RP4rrW%=g*c1U#NH6R!n4R*2t+ye)??}qIUX6Z=r%~xAa zu7X`SU2mD{s~ZrFAG<782rqd~Q@e4@hB&cY@j1-<$u_$`@}3ydAF3XpgLwPWznpB_ zBH;04*dK7hs9)o&?}xRi^E}F5f-iY5;UD&j1N`si0MD2lk%7A2YX+U-EkSmkzc6P+ zoac)y{fMml^ypdPbcVii8W9lu10FBs-e2Ycu6pA!0F_qd{*^ljy)TRi=M$N>7CSni z<;{ja$Z@`qQ(4yNIMK zDq%bTqqj_70xnhV;q?-n&B21!K*zsb=Ll8Ctng<(o&$Z^YyyIHtceg} zAVa%phitE&UfEVl$7g-k9y0ue;_rL)-{@+v9Th4T;z#)>b54Ry81O zKyWwZ3i|Zj+<+`33AMN{nE?5qTJi zr5BoX9-PPXK1tHUU(HwPw2NehkX4*^#X^~9Hc^T{++Lz<)dP-u=2lSvLVR(+`&}lH zBR!CMp`1o@Q?@Tg(#;0PjX(@wi*vBqzxrDC)%n5T7!JmzGesl3*6or`;eDK^?7gA2 z{DFY;{?Pe6uvn@C88FSr?LrvBt86KB>YF?deIVomKx5l9;G~V4jzjGL-;tIeUgAv2 z=wL^(MR!jhe{&idnkT~}j^zxppWqciC|5FeUqXH*DPL8(bOLdY_4iSZ$iW2cTW^se zgNfdY$q*6_9g$N&d%z+K!BBXFM|j-6T~eZDJ|7%7v>jN~D!6$#tjn&itGiv&F|2zU zE1b_xc7gb&`tXW$K0!}lv{?3s6YcKmB#A!O`8mt(M!ez z?wHpYV$wy4oXsA^SFXANS$3d(j|_$o40m51wa#?BCAA7A>aS~cLIATiu3Hs_7%l%uWV&zYX+iS$wiX6d`kk#*wnh}P09x6uff`kbUEo1o#_6R+2!e@fj zvY}SIMd4NlqiPP_yJ87@KI6k(oR3_>wNlSQXInf7SxWjTj55j)JAn#)cI%9BKa+xY zPGp+>xVV$8CIyXkqpqHgn(3^^F%7Fe97*qEnc(V#)Wg-AF)%o-vXN;uu)Sxqd@)<) zMoor4w$+{@WKHyYM+qXjJMqVwl~+JhqKRQj-F`K130eJccO_U4kLx))@{VS3l^l)fO0{rTa=0^Ysw3bO1iF9~)-svn z=~Rn(yQt&6DJuUsz7rwW%&&M}r&aMCYY>ks&!TtTuV^RH-CVD(!Zf7ZC3j;nfUiPN z9%A0IJ;?vNYK0L}OQIS&l_T6{e>{Q^2Y`1FD!J8GQ7BYw5dES~k78A5P~d1(ab-W) z8y=k1DY4EhF+m(;a+JkEPI2ojVEbHW%kJ!|DP%c@QXh6emjrDNkoq3Z@8Y(_zbq!G z0%Q|UOJ%c~9X8~zk5fU2^Wkti=dlP#^Cb`XY>s3(p)=_Xo^v85hU&Z+hTKY176OQC zy?3ez6SYv+tuMnzs?6q+j8vEx(9h$id0D|(c5xcusSsQayFho0zUXomQgN=Iv0V5Z z2VtP!Taw(5p^3>`gI<5*mL$Ggj$*el*jUAosex1VLv{e1snS1TK8}gApA!VH$avs@ zou&ZRiTULF$*tXHKUR)0xc5x7X+cHLvj zE5YO|4C)`RO*rPuxT83>op+z_2I~k8Br#|!WCFWiuRxpI+Um&(9Q?39Ga4&;Rberw zcF^QL;z+y$7#mN#nKsAIPm`)H(k!^?G#r78=Y2rEMZhe$H-9qH;!5DIwb}4$a)mha zH0L-kxxiWUsWe#{@f@w-=7$m&X4Qfuj3es0Iipf7Yw?R9P1Q-y%7c8kyZF(C527NY znmr8@h#u+1A=e^L1R_+zCAD@PbW!u8^Yv*TZR*`#W8#R;k)PD6NYT6aVWeD?dGN!9 ziatVkptkYCYXA&DCdLh3z8v;MXbWw973tD0B3%Hsryw)4o`-IwW|xy`c0z0|G`X63 z>7XxtfZ@QcL>mIbA4n-X`^e{6#`qxbb`^cT!7 zYI*fkk+*n6wt~V2i^U}5?sySYG>xX$H)aSg2V^=Y9%5B1sNc)B`Vqw#Jk(PKs#^kg zR9@Q=FEg1eN~p>go0}QUW|W?yw7#?Ot?+(?K>^k}?@gvp-G-Y%pi(MJ-7IvgV2%{1 z>N<8fcT?N$6|y+Nx7XY6z2t13^}ru^xPget^Qi(%0+60 zgZQFQ8UpjzR_Uo7i4Go*pRln!I;w$ddOz_qY-2Y)|b?0kGxVR0~sk;{Gu>XX*6cEy$}IY z45`%H^P5iLi5Lrs{c*pTFFJ&6M*3U==>Yi;q8g_#`Yf4PNI-_-?gRrfd6L3hxbU5( zC3#Z7(0uRn_{@pTa+EUlN_QC1aKlDEzwo#NQ<|?%yJ*`ReDjPsf@pNQ#(fxxjvDd3 zOFI9!g0$zGBrBY5srkw;+y~w@+tkJ87PY2Q?t_V8lIL)hW*}@pRYNbahZ|O50}@{p zMY!`sw0VXM^d9ou0EY+DiL(#Q(Rp*_7rgcEuy(?(gOYA510juU_y$rBoG@2oP1q2u zf+>O$5wV>%q-W=GsI#pB`83zt3!g&uYWXrf8}H?xrgGVRfuq>1LEz?^z2?tOB#`ut z;nM3wnh37T?h110&Y#Hao*w)Kmz8PCdODJ3CUXs0RkM>^%ZyRpzGsRIr(k8NLTQkz zGDTcTgiL#I5xeoFe9morA_4?G(B`+Vm>}2;<{=%A8sEY8!K`()Bs$Ee-gC4DL33le zYY$Y0>_7rya-SO;!#U0hZ^9aK{phEGSZaz18AGSyEh=D{4wL;Uf2t)icZ^(pWAxQ` zoJY^sm!6_{;LnZwM2dKGZNa#lDe5817$2K&dk|?_gM!&(&{%QMX;nqOnMRucv03h= zjQx8qNBy~#q+$op>||$H026`(oM$V}hPkyahcjR<(6|fz+;rOBcgHefY@4+ZCwBjN z>(~h2_h6UX`vBVIizL^5s?&|WY7UUUKu< zohb5ZtbgRjWPR)%Nxi*4&z>AKYkoTMiJNM78Ze;NatEXb)Ar${ad0s^t$1zZm9<)s zX(U0|0uQ%#Q8PF!_isc(a4j(0Ct1!z!qTZN49%S^i&!Op7EnO<#N|&FOr&c*7}quw zK}l@6Yh7ewBzKc<(I)t)RqpM{i-6UZRO?LH`(v;SBRi#ifrWNi(mtQ^CqJ9;SGQkV z>5k{};j4C$z~gbu%b*7@PgYn7=BUsPU$rHE)1wUV5QR3Ef5H4JSIPvE_0Ty-E9xA? z*0H-p(v=?9En0^sak=2C0)xqE5LpLk^%|uWvK?)Kx{3WOS!BZz51akIq0xLrX3~3u zftc5H2bJYl6IqYHl12)fe)BTN&96(&1XT|0lkBP_?%iz{nuDl;Fz@4?vd*zbrYBGZS ziDw?%ED_b)TO1Kz!&x(sjDg@(P>h3s#{p?JYhO}|!()pWN%2Wyp?*cSgR=nC0MLqh zl|kT=i}Hirq{o{H*_~R*Y9|{5)%w8=Pkgs~B(;if($DuWM8>lHa;cTjbk(~Hp<^g1 zQ!IXO353uYT+g6mU})gfu%CLW6SqPn((1;0Ehh^<6zw`VOL(54<#euk5(pHE?hG`Aj z{Fp1nMr*&b`mrUEZQFWKag+x4_C13uTOPi=_|8bsCWL`=iD(xE^NlpL&{0#l$bg~6 zOc@%$_T=87EO_sYR{eXO_^cv|A#Y5feg~9Qx=kqpyc`$v1Bj=U*M_GiAEXeGxZf>Z$>)4`g<~%LqxvHL{E0cFjd|3 zdjrdtWrFDnrvQl%&R_3v7{qS;rcEfTxJF!f#?O$N|9Z$+Fwb@U2!_MTi*fB+OT*Hc z@t(vZm z+#ajuwtiBpQ;n*B(ZN|e@vm|rz<5E(wBpL04?ORahNmS+n0VTUY%%L(>$t1q90oxh2{W-VI!AeA2VjO~2Efub0g z)ymoOm5Uz}+Pk4c%0d2X^(7D%TVj^8+?cDc_KH(=v!{jV(8xj&MBwrBz;tBDZ*H$x zOyy8sVQwZcwUhuur+k2#Xace|^$1>dJp(^gz#D@e_PHp{kuMKEji&g7e0zBaHKmC$ zT__C&^q#zN&pn#U1_k%@k09{eBmQ`YV0tBSvOS8mzKw8|)-fR)A)muKUa7ak5W{X#Wx`~R zqn$2NNf4g-h}>PeHDj3c18<=oB5C8Xk@@CRnh*@9Y)1`HHEZH;ntte8(?{sF4>U%g zZTh^JLJ?#K6BAOk(sggLj~nGBB83q1j*{RBKu;H&3ZDa}8kK6CjD3#l!Oy&d5({$mNVi=gWr!_R<<8koW zHh%1P48Y;Jo{ywZm0CQUH1jTBm#$69=a%dAO&0Q>^f(bgR<8?jK5RryLYsenm2e?v z7z8kHP)THpBt~X+7R~M-?n-jG47qJj)Xyet(#Ke^Z4y>)8*{nGvSfY`dc*CB3nn4| z5EyafdE2XD{#Wei{tk_aGS4=>T%_f&XhoV()?{>he@5FzLalXQC6s|5XWQbH8XVGL z#(TCgpnKqdfpLG_j!<$GZ_&OPp+)GIGY(YWmOxD$`b)sYTCW*t@u?X>p!YhcJAxBq zxqXJVS>x@E<*Ev6RzMZF$SiDHv1lHy#O(>p=6HCQhIIwW7%)&VZii+KiA2c($E- zHTr?h!OG-g6s^>1j=oyIk&2i61i6S}Xpq%%-mSW#l+8-qN)=vkf85>sZ;w7y4;tu; zds6yC{ecksAzu@g`Zu%|`W8Bat<~(gLJuP%)$7$e*l@bJ-AZ;_UQQLHGrfjpb74ED zPavi(`hWd9{{G!zganY)Vo3edJ3#wXx~DBc`!|-y4XKc@EF#>ONJ+Zh9Shg=aH$T9 ztn$bH^51q_yXy(^L7VrywyWz065>voTBh9Jzc%-UyON-#B-CeLn16c+|MIZ^?cYM( zkq|x9Ul-jIlR2wd@Cpn|dWaBE{GFuJJiY^qwjuJ#{)_?tuaxdy@q0+h(2k`IsvD}$q~foQZ@q$vJH7Yj@jhxr+g(C_27#mv+ucMi*G5%QZ;dMG-|`c z*}?a0Oy5Si3L1o7Ba(f}Bd#zR!v?x{1Ql)9O4$477Y>-{aQ6;CZ!goQB=pFWOI1%% z9qW|aeZ2c%GFcG!ct%HQ4qpJeYV2hWYRmFECJsj&)XqhiyJX1{S0!uywDFTw zHi?T)_cktV$Tgvkm{!yTF!s$3crJF`7ReI?6%lL3pxY(V95+G9Y?vW&}X&NQ!F z5Q8mfb~T;oSEzQ)bLp1BY)IoS@igJF`=&9) zMd~8Hiq+ih1E-Xx`4jWR9?8}lSxs4mz^$;zXx(Px2kSeG6?#WGx0+@>@w?cgA>Jo1 z&3gOR5~OrN@b@oYd8-?(HhLb7>a*5Tmrf+AdFPMd9PY2?@N7XHf5)-kHKd3z0r?^Z z1BJbUxdo)uVzwBZ1DI&`R1c$Tz-VLRO9ZyQ^lrdi6IRc?AGru+G_AaeGyo9DGCl2% zkEFWdklkr~(S7URUK1fV}@nUV2Uqtk4#m$c%{jrR5r$=VfFLXO)N{(uiQUzbPc_MIqA-%ghYF^39FDg4y zQLFcH3d1m4K}@2Eq7=BZH~U2O^JTGAECcz~Ky0~(m@^n%$z;kIYj-mD-ITUl(yz<|Mnrj#4mduuQX1$lGm(+Z$h`z}2RH)GNK z01vu!F?%==Cq8-$eZeRHOvnI+6g8J|CZCWyP@hT`0re~Ngm#m_+rSQRHn+G{a^wL! zD$je)hYHqFeB+03yzD;XLcoERIgYI8HYHdCAX7b7{lp?_;*S9$tKN-Bl<%C zoCXhAm{fX_N+m!Z6{uS*rTdU54Tn6u@@o@9*D6`2j$yRm5y=gh&s z+z3Vh?*@z|)dJOa)NWN^{>v?mdn+fw}+mL1dHuKW*V&#-L?~jPR@lO&bLijROr@vF&8zMH*;C+ z8To1hziku(LI=h?QETr7P~-EMvh!RY3u3akD1FBIP~+`Qs<)mV!Ud5j$@?1ck#P5X zgFs$ee^>`sr^e~Ipp^2xj#fL>y8B!Uspf^FdTCn8mzA%43^-bu_-?3QIVx1@eO6o> zUk4F!pkDyJENUuHYW{`z<{%&Ur9HP~Q1cR>@^b0!yENsf!q&YZ(TVH4 ziE6C&TN4G!^lCe+Lbw2`p-RkvXu=E_z4@|dI7i-VpX|H~vwh(lBBWmd#l@A1N4D8H zf@>b)dO&>!=S+e-!0O`2&f#U;K5ag_G}Vnebwq{Qn$d?_ z6@SI1XcDdx3ud!L0anEux5pbtIZPGasmGN5f_QHjo0lQp>3!ms=}WW~%@)m%_Pn_C zrgZZb2Wozh$gcM*Kse%>>9JyeNKD7j2cl8(?P`T#(L-H>xZC;J^QGAaj{koyjihzh zvN%V#wEszhx>nHxFdTkaED=Q^Aa&Q$^#Yh5_b?taBy+@O$$1lm{o2>8eAS?R^<$qB z+Z5OwwAQPrDKfSZ=mYMgT(B=*!Z^GhGDE1NevSmcDT(KlmQECkdIX1sD@g7}2Qhy| zE;W$2DRWTUvc_Fl<1<%dJl+8J&C+0o-z0ybFqwuDdrC%6!pM1O~DO+w0)G+ zMOO#zz<9cz5OSn!ao{rfzC?sV`tbWQiDD$r{lg1@Fz=CAT%%vDx!Lvv`TfHVDUqv& zlLE!ioR?P(P`!jIBSK4Bj=|AeUn7zk0gdeutc@@Wn)j$;Ee({XEG%eO6u-tDw2<_T(b0Aqv5Az@M1V}h>rIfyxrHPzvaI{=U zb8DHADD%1S>ko|- z(>fCA!23o~8Lm>I*Ozk-kqH|=%C%KGjCn~8_@@f*q-V=vcCYn>>p)DsD-{ z&~dm>pK4?3!0FWFa`VO9)gANiDosn0Cx#;D^Cl2v)w)6uJM`a#xQDlI;i% z3J$%32Vwxu2jK~tR3_mCmveF2MXLSeURj&Lo~N7(M(0&0Z()d#1GtisD$-%;6GYKK zI26y*JzUMvB8Z^8@)g(Z0?qhMwOwy#G^fW>rS!hl*cRGPt^E@UL+f8QOWEgF&=Jou zc8_g^vwI?176ik56_M1NAI;r(TYG^9>mzp*KYtS;ciZj_T#FA_#efi>f;_0W!gJ2p z1il z8V*g&-fGsry)xN0$!#BNS!%vDSX_W>1F`;pD0}m8sQdSCxKP$oBwKc&ged!#CHqd1 zH6esCWM9Tk2-%V>W8asOeP5DLgzRJAm$4hn7@jwE{l3@tx$onCp8K!sI6CTc%`x*n zKkxH=ZD%#eD3-}&`-ybh0b7tR5m9m%K}Z=SY>{ddj8M(`YTawip%I!aA%(v5;+`#( zChOH?)<;k#=r3Q1(8%GhDQ_2f^e%u{aFQ6;x@S!rb`)Y}Pm`JNtn%5b(AYX*gwGUeK z^R*S0O$)bEj8U;%Is3{UDcma#s8W%NSJJzSs%>P5o80<%+uOUzcLy61K;eChXU|me z*;JS;Z#beRy+fM2CSV->c4d>eQ`D$*d+H8Dfw<7Zyz#&0X1}+-7Y@8H@+JzwNDvMk zbgON;Vk@n}x{2>TU8B*fW1h<!xGg)`&Ymh=AIbQPH?_|jku|EmWU62;{d&CFm%V-e#f(uD z9HvhSvZP27#>44124Q7|mO)B24<%V^t^ zvrbnajg>_guipcs7>*}MgGr{CO;*oYlIYo;0ck>mq0+!u8vr=Wp2VOE_s|18NK?NX_~k7cw}@We;Q5P@ zqur&nrzy?RDz$G9af!duiIfL{?xJne=lCkm6K`RHo5@>mlJ;|$y{38J!+lO_K039q zNGSuo&zbt+GD*GkePSiAqs4so;yHd#l!mM7M}B-PM=R(NiWs&Hea&l%4J5xf!F@v* zJT&N%LJ7yp*Pb)vikP8wniD9G{fi6^Qk59I-Cv)yy6<1=0doh5>c*Z15`TsZB_o0WpP^ zd?@pxlQ)={4yW59oQT(kN-DqG>b8JRp9pR{hIh%nmT;pH0}(Z5uU1VIyBJ2nc^U9y zz056G9CZmznzE(u7ngccgSZSN0y?#GMpvZWTSud;tC1lC^a$Hl`~oO4F@SV+X`~Gt z?bU<;ORaMCuZ%iingbn^20LoF=vi68oKLjxTl1&hhL5OAU@CJiL1l1rOO+&?AP5(p zkY)sV+rz{qL`#J6%hu~!u)`C4t3eUyJ;s$`qf%6UcgB=*>VO1x&($lj1~>z}>{O3$ z347cKyTMITH3h2^VHOn(rDu24Vr~<3YX)WV zH8|6xgA8lzmOZf+_PfiC0&ZwY2s09aNFcR5gl-=z|XBm{2Oq4H+g-!k%y69mZR;c zx3HLQ7`ie0D}8giw&>a5@hCt8TfX#)WlBJaD*|{{(=8tyPglO$|L9vs0(OiUtQnQdv)Y=w6We^*h{no%gOS5rKPyy2FxS23M(!>}E98 zdmX$gtMT5!(gZ;kbi-IKE!)E!)8yA!=Kdq{s^er+AXB1G6f{Lp@#oMBd*FSnavM~W z#uGH8rIv8KalBUGBh`u7)ZQEs>h;wH!+H^aF_+87`MvX7>cwsM+j5M>Rq%2J=z|pX zoGaIadPDTuSc0!;CLK+G0e4KJ|7P*Njo1Q-dJ|?;q^8h02^C6<^8l}-U1jJdr1}AG z$tHNs3+=#Cs}dK(tIsj6PX9+SWQgS%3a-<+D9PtN^+!XI+EIAOWi~uPSi`Kpp{*^u zP4{*o1vL@>H0km(@0|a4Eh-7;F4jkUN#jxUF+YhY8z}@J$5fAHjL$?%E9UU= zJcQ6N!qcHZO_lZ}ym`ZuPPC(SvcY6rWZ6bK<$l?H(~=kE_G9(WqE|)A?Q!EdpZJ3e zheARN2gfZofUW*lA%in39Ex6>`C%@y-ZGu(W! zB7Cfyzo3P)Sl_?VGew(WL;n!*rMI9_EBnPo8JWbR{E`G4fT2XuU=E zO~&KV(0fq{svK(;lDSyuIPU1HvDBJFC^9swA@O%LWY=-xX)O0jYRXsWoe~_-` zm3%v|*$nm+e$&l2ygpWCL;Jhbimz7@nj~m>bN*)%sS9%QlFL!ZXp_2gF{fbXK zdW~O#Rq6SqzycnK=i+SU_=_=y{fD56YKub8W($-&H@LaF2TSJyU_4?qbHc0hD41fX~mp=;8^KhWA^l56we%H(l zSd>vn2^DwyoeJj^ADPQVbVh$$^9~bjx^CxANB)t#?Nb(W_2Y3^39O->x^Ht(V&XpG zK_m6baVS{3d|#g>na@sS9pl09mY!cadc5&;2H$OAaGEqCbb9f(-vMN|7vk7QqI@=3 zzhJ3txUR5<3;}|V+y-mAS7cs%KOzL#jNyB7Ukzt7qa=ALhgemYV&$V~Hr9^bxhTu1 zJS`zIw(NvU+GnUTJscRB1g8;qqV`*D$$s6P-IxPRJ@S1*;5kb9uK$lV(e>W%qz9HQ z01(tUdRnTVQ_1j+mZ|!Vg5K%fryQiE?M?(ryMrZ0*T(mWtOJ-=+J}(%@6B6lfKt26 zMa9#w;ZeEO(cN1Wk!@MTRmKfRi%G>?+v+l#jo2smxf^Hq%OAHETF`wCBA19aDJW@u z6BjJ+&`@D@=edVro*g19F{T);70>7h;+4j#t%<{*yQ-|T_|Tb+$pjJcT)sZL{=J*N zlv1KZTn+1{e&})iu?oTU-KF-zltTpDOdih)o?saR@)4hbu8pqPvHsrRQ?4|*hzpAl z`K}BxBV&|yy&`6&62GjaT>SO+%ow?%=YxEcdp!8+1ttS0(r&AeYJlq4_aqCOZZ*R` zEg~y!D%w`@Uw4Rj{N3wvfo@?zSZ4GJe0R)4T+QjM#Z(8CLzTYxExz>c@&oy%)Z z#N-_2Jx0M34Bg8Ex+o)-@M+ZVGf2)c zq%1+a<3^rq=|7Nx#I1Rd6#ZXC*5o!4Xet0TOJ5rJLWPV`*_2W9*H}{H)d2bc{^3wU zhlJ_~25&r>;7G=Osgh9f4{0vN(*r{OaaMw&t}u%f$aVx>%nL3%&$G1)}Tk8Yr zh3@nA_i!9Sy768Z0nx9*OHq%#ys*~HQ|OYCp=)b}EGzYzS$e9(*aKRAN^ELb>W%=H*Vjw$6LX~;v}Q>_~a zY}76p@4(p199glmd*N4> zrc9nmQ%TnkJ3q(vvi1_oaQvdW9r%uM8HW@dR~TLiU`9DGKr5|`T$hjKb3?iBC*XG2 z_xTr$YkDknHC!+fX~>DZn5UCH7XRZRe3+PFm|nGF$HmGL`AD}$OOKW#f{@8SQY`$7 zi^a2Y^Ep9lybidzGzoP2&Usk%b zd?mC_e%PW&Rz-)4m;0i(=%xNJc<=)*F2UKjF7EY`g`iy8~rZjKG>^1^D^ z7-Po9(gQSP)$)uloV&@VaMR zh@Vs=y^DuPG&}b)&(blDR4~MMn+*kIyEk%FQs2y` zCeS8wbB)hEo4!G|+bl^SUbn-P3J}!P8u_q*0 zM)!@p1-ZAPtx+mPE>8Fhf?n!{2mIB$s{)?zHlJ7ni+g}T)oWZ~8mN5!?7ADw+m*irw>fB?!*KDZs+vA7)#yN?taD{-Cx&@h- z3-=%PbkeqH4XUQ(eEPY2xJq4}L%X)Tmh>_7OHjL6;04u26`&O!D)E-j?lX~nWBxMh z2bo8{(rv3@fk$uk|Hv8>I9A5^IR_~Pt3Bnur^pu7ZdxPX2kIh^p1@IPK8a6Jrln1lvRARsVEWJe0i(W4Vf_5n1&;A}o&n5~DPsFdocG5H3>h1>N95 zH&4?D+f2fUn;j6_q1GpeH%q22SoWqqF+Hr9`qYA(_U`djaNB%AuhK-_I$BvW^Oa|1 z5CeXcav#;sV9e4GU#mPf(q!u3BR!wBluCQuf5vv_327Bj;<%2&B7Gg^D6=_b>Fk)MyqXQg% z3?^eK9is~4sUHg{QU9+S!W<88`RLc4x8Hpx>Cv2@Nv6%sOgEChXHN)#$@BuyUIf<_ zyPDTSVb6cPo4GFtd-^@yvSCjO z^ezJSgIEOTNtArk`Mcey=|p<)c4d;Yc_xPYZrr!PYf=V79la^|#FX3_SzXy7oGH@+ zrpHv(yOE-XO;p)tO3^BM6&^nsjoi!t6$xet8RpFL3stBe?IAYmtjM2Puo^eC9Xtms z7_;;0Np`(G*9UxI$9Z3#CWL9UI4=1Y*nZMT?@_D!^fc2}Cwo!~8~%iPk_a^zsf!dG zyfLICVXx~PY~T>b8;fkcc7Q)qL&{H4#I8%t8cf!^%a9>dzTx*!l?2_ z!gQ5#4+?lD8WpAlClgz`z6kLJeq0+_L=2jNltrk_d&GJC0r0qm4*SYsZ z>dv|ML;<5XS(`m&^5@m9Q-Dv;af!c(d{}A1r)kWvh07#nf6n9jP_jtFJXXS9boZ|* zNedT8Q4ZSHT4ZuiX~dTN@PnjJdTs6m$rjs<7G#9t+~D>1907F!*H;KP7nI&!;0hLT zWz?^7sSxqlEN%}sMXlF_l8Z>wyU#P(a4y4M4a3i*+rYRj%36XTyK|)pYRfRNq9jWI zhq3+!-d;bDtS}z)_2zJ=V|iMbv_h~bNCD!S+TDk2?P;sG)V#J#cbN!wsovQ3n3)^P zT+0c`+@b zk{ijtGYu$nsaG38$Xb`U;~v2+NtatWDxMFP4~;FEkM%`NVb5)EJ#^zZ8x(UDGCZqL zi3$qDV23==9Qfo?#{Ka)_+=J!vKEwT#Gd5L1z3BVHX_cdsVlg|+UNIx8+bF9!S=M# z8h_r+A+}5jV*!)@G%ZnC;@ZNU&YV2$(O{{~*?eUbaskm-WWD>; z!;ujuWqhNObs1bzKt9lSwRLp97&=9tFJM2v4QY!WZ737nV-8L=V#%-jF1C1T7x zKiP&Vgcf^Zp}Uve`oGpXZ?@Vuon8fNK`s$_x?(-=LyqG!WwwPKP7tHe{XyNf|M58_ z02uRQh1(^yWFe`SBPIFbE;zyL;v;Pwkg~9U-p!=}0hD3_3S^##unAEf*Z=YRk)phIFOl1LZ z8|FmNN;h~o$J_ojzm2cNbhF@P&r5?X6f8(~_qBLY`1;b(uVUFVI_6s>b#{h+m7Tr) z&MaFu;VyHLu(Nw7#(UCbk>%i=@5#D+rkG7`mAy8xwkD;*K{O)Nu#XdmBz86H$l_KeL_0^#DBSpTV@$6lj zt)nHAR-pL5PY`gGZcG|*nomYD+Lak0s9U12Gs$gJJ5>iECBoWvN^ok-;V|0-WRRLJ z6b#;7r!R!aMcgV`bw1db_$6Ff$F;VY&Y7nJ^FE+VbgL)fwT-jP`ko!-3!}Fm;Q*7kC7jqKk%Pd-G4nsTh#>J zHa(bHO7(*nnLUYC^_e1MaBA3^k6Z!;%2f)f3&nD@<(n8u?gv1z;Wu0F8;zrQq0`M$ z*%{AU{C(>fEz2V5T~K!7q&&x?$cQ6Pze*@agPaerOmk!@1+Jzd&8EvxIWk!wpeFU!hP@z*A`ZiFv8etv30?;-IGBs6zn%xzjeTOnJ-;pZJd zG|oWQGUZ6LJCZ&^gwk%XZA&t7+~!TAR!J#`&lf{CyvpE9Z2-q+AJfZu5wx?Vuku_x z2gI`v;s5A}$(nxXSUxM*2iQ)aaqe|8eA%h~$viMk8Ea*heRt5-ea~r?3fBVe`7{Uwn>^#f znY;2LczE>nl0RFD5Q^i{kfhgkp?2N-S}v1xzDps_s)W~dbgec)ngSz8I}nig;1@eB z;Pm~G+m;``&g5bIN@49`bs;<45<2EGQZnHtU>5yUnpTqTaV z!!rz1!!k>_C8A1a+wB7s$-j;E-aoA0BR#%S<9InWK|?nxwP8A($0beI=oY318NsP8 zph=f>Jn1m@V0GzSKXNx%;uB#3T{aj-p|7reCrxaUazO~eW+e(r;jaTOCVYD zCbFCDv6nSSg=Vav=?Yd>&8({2A2B@Ut4Q-|*to?{Jrpbr);Dx+ETT;&ekT zRqWEy?m`eS!{!T5fOh!egvn;mi^kHwULPGa@cK;ZM|EfKh#t3@8Z7x&-5gEog)U&l z?8m9Y<{}8D-Z)nHb%g0qkLbaKXQ?VjUw6IhrZE+tZPwcRLj`GSJ~v-xi52UU zPn8330q@I2-j*puLzEYsg(ps1LKs><&G;do+^IKH@pRj6-$6;=3u2k!Hk~o}WIIYk zqy_oM#IUe^@xosZgXhpI7V%owOSTWD3}WR$^8BYc9-~@3qq-&t@@B=_yfH7gERD7ROe(}H5C0&vXGQdv9b6de%{OTs zDECP}Cbv+M=@=H#%ld5_XIOK1>w)R4dEqI9glK8x9GvBQi}AD^OI2)Iaa(q+&+z&V z^g6Sy$4lk-Wm1O!rQah0daFxcEm{wGnWmgms)0#Y+xxiAtmEqP5X+}SA*<(-Zu2uC z#iWkvQVo|?bz=T#C}iR!dp;iMm780?D@Z8N@prKs&--){7r!Ovr@^{gq__(+sk%p5 zM`m6p%};kYb6fQ;ZQpzOIxACpEE+QGR%!yQD;|mcU#8T(6C3T(iIOufR6Fn*c`aW3 z`dlMqd0$Whszh4+g;98}PoCjQ7tV0x$>9_O^mxSK1Mh1A+tFHn4hdoVRIdz@y^Vbl z5_&!o3G`v?{15#dC42%f&73IB|6tE_&gl)&iD|e0sk>I`q|O~-?X)?Z9mUg{ZBpix z=v_dsJK4MIB4og-c3wwu(v0_7xX3c04(lB(^2oV0=Dzs8ftz=q%YIh{O9SK$kQ0~+2NCj?Gjj>KVpUf6c24 zxxeMq-MBQ;o{sCkvA9np)!Q|@gZ`QR3Znp4Dud5+q{I_*yJ$}@9KXDanZYv?uzcx)C z6pw`tKje~+9GKML(M{d;?69-XnPb8yl`MN4wguxko@Y9ftDlKP&;Rq?iU10v$20<3 zlVBy^x$L-4?)Dh!^}c*vJ@sRs@+I|t;z(%?B_94nzJ+(FSib7lOR-qJ&|KREo_7pA zdJKwQyFaVG+0?>z!sKY&CnGNxWN3q@$B_HwT}Q-xxfYXf4x|5Dll6Z#E1Y>gvd=vq z*;sP~x?@gDc(~m9fzT}TAG3R~JaBDLHxd$D`2YV*@Hc%42&5Fpq*%d048?0GPr9jI z@B#ge_31?#fmgHc(lpBH1n2DhyPh)-he+x3JE{LyAN&IoBi`)?$+BH^7p)~Xs?7s` z0ZDXO*ytBsllS$1AKiEMXgT|fTK{!P{`>d%53BjFA4%ivqti(L`RL+`=U>BF8x|-B zzKQhD(NzEWJ^#1={=fh5`y=qUJGf6=ZiL-MvJ<88=}fv#HQayo_5Si0)_J66ms3vZ z`ro-y0eR;5sTh7Y!v4p2b1qo_KbxD+{z@nCy2Qm?T69VZEr-Vy>jRg{y_1-_^Dned z7JTYHSzV`piy{6$pZn;e)FT2V>zo3u?DT$^R;500Ae9{|Z=9b2+4IA8mbySUR`sOv z6ouKm?=b=bW-T%aw@!EA9X^k*~MiRK*n0lAMnZ4#;ADrHQZY*2|BE$Dp?hI}py{~v{ml-BCX1gOE5~njXFe&0 zZ42}7cg(Mw%s^G69N6Xvs}RQf@i&kUl2!YL7`W}Ls(-(XN{S$3`_B)&Lg{BEwwY~G zo@IXi^=66TsL~4Ryx#79S`-LCOJ(-}=1<_)xbDlYD0TKV;hcX>pq&o_%P{r5g3jG7 zEM`KxN3cCwY9?v$ly_`r3f?4MJEHl{qz>-yKo)gTlKzO$W#gC#h`>I#O^8`1P6rbk zs7pMPqgYEIrkn;+hUVfo`P}RIxv9R!r3b!KFwB*Lr=^MWD2lsI#1C!8r~niu3DEK< zEAl(DJWa_V&m3MqpQzisw2;WIPXB?|TS?;sYjVIq9QmKkPl6A+C3~ zm2Xm@nohB#AnWid7N10o)t*M9Ku6JPIER0}7tT=9h<+7+@A)auCurXby-M51?+VH+ z;6aejM$`S-;Tpwq$h7LL>clhj@RKc}D-vWT04_o_TH$|eG6f-UABoF!FGOy~5K?aa z$N!?D2RJvfh1t0(SVt7?l`0C(oK;{4|Ccp|FVRL_p?5^?8ps>hBZh2*Or zdWZ9|Kbb5Vww7jPs1s*5byNEtCamIze_!2jBeOo`tLRqc=6Wk>C^pe$P4-fRKBlB4 z0NsYYtvuFb3S{i;>thwf!4XtQC84FRBvh$F2j@NY>g}(ahbltu`|=PhP>f*13*lYX zBB>ZUdtQc~-C%3Xwt?~8s*TzRc8~f{xPeJ@r8-YijI>YnNxK~>49RN;H+BmQTZ)9I z?fyX&Pqexj1NOwgMOXF7Em=+KYHB2g(e zsxSJH&(0&`2$tJ;6*>NBbSagX=vz(6Un9)EVE~B|RS+!`$K#8?NwT!SS$$dwQlYM% zIxZN0`nG>B)vPwv4E&=r+#q6jxM6V@@FO4_AxFK-Q}U42;v_@)+V?jEfw!ywNfy#I zd4smG4Z$F}Hb$klTueG7pHh5l62$2aP2?UnWW^UA!&*>Fi zBjdi+{D5Z7t{!i04AYJsT@ePcNq~*p6W`pT2v|VU~cq+CRtcQ~Civx&L_ciT4cXf(a9U{zbT%<}&G+fT)Kh zxp7|^qd1DD@Hgn60W;LA3c0CTJI}ckVPU+7u}5B()sa(8sf40kz%n@=9}P|; zA%x%t87mDxgowR}i*14%!Au6Um&cr0Zw+eWu9EvFd0v_JN7=Q9wfYBzU+lDXi-#R+ zzFGNYjJzCtuut=_G76hT$!5zA)CtYYX=_XHDEx`JpNPZ6cRVJrM=xf6nYNh@EOIGb zrc{Hwqwjp+eZZ|rGvEvS3wTNiFp{Um#<=*T^je)8wQJnVuaJAr+I~2zjb1@rl_HYF z9xg9%NjIEgZg=yCvVs$07kw;OuqEM*X&LIRO9FhI; zm5Qrdv*8Pa)qPbaK6Qpb1sIGeHo6%7Ni$!GpO&;l+(o)u##}vD&FGst)^UuTk^yqs z-~B?%IL_xRYK}w9ah~9z{ZWCIp9z|RON;gTNiA%TN96-?b=_?v5IV+&f^N5X2_Isj zbIZ#*K*Q#+PX!Cmj-fr zHCAc=7i)|zJ-NgAFa|}!5XM3 z0v(p+9sDI=mU(b# zyLROZ!Xv;>H2q6~qaZ8Uj3g^ztcA2RLoHzcmBL?OCWqvpk>GY@F3&%wn0{hl!^ zmfPG+9NBoQE9~mll6MRefQMJ)7)w?i_RPy4$Q)bx;4mVax1C;%NjTbAh;=OA4;~3c z>wsmlv-9>1ud3=MPq6BcgA;J*)1|^z@6hI+5r1^)Bi)T1DdT)55+~6(r{&+3K$h5J zpp9nb5y$?H^%eEEJM8tD-kM?AYR1iuLzFfh<6s((1T<;H)bh+bF^o3vi$1w-4sW%D z(2{p9U#uQ6Sbm>0vuaZktbLPdle3#XS2gbe00pPd>@y&VsbF5=-O7NyZ}IBa(77%N zQN~0uq2?)IGcm^;G|e1_l7F%rN6A+Iin>6j87BW`CgX-NgHJtSBi5yDUZ54X!60hNUxpCT7xRJR2%{vA$i2TJV`n`mlaYluNp z`61Xd4_Ur7K5?1Lq|xiCz>_P9Gn`r_GX?HNB_YwIc+wg~z;g#SfI z^35ip@oxW{9}}+ezBXUX{eW5?#|lD=g;1^@kBd;ucGI=I&SgVYuj~>j^Pt?~AJoj& z{OvlW8)t?^#Mmd(wM2RPfxA3uYEtWkk5#)W^dg7)vYEn$Mz*l33%qIlG=qFw~r-0 zNA37_v%eFJFK>fss+j`sEg^)Ekl1wN7%$#&{!O~ZP9r9cLD3rhVh!zVZ_)=F4XINN zVit1VxRLpW!y}{g0Qn`dv{vTQ^=IL;4%cWNev&kFop8R9Wms+oYsFFc6e;|>^wkp+ ze_a!6YNt51cDRJMK2k{T08*)as|IY}3js;P{l!R^zhI5TJ6Y7^6_`eOf9*WK!`Wzam`kW^IKLg6>|W0jUslI*smT zkIcx=4;1*y3Ea9F2+EujtVi2il=x-IXSN#v$_nb{)i=pJIQ+*&L}Y6ZTtorqmZRX*tmarJp(vFrUEgbYnW|?>SQVVUdnF!+ zh;SPUS?-7Ycy%BM;;T5o6{ftP-{^Ho1%92eTr+W5$lNk1$8F+@1!;wk(a_2iderh) z?&bxGAH^ns#G0Kef70Z-W&$9}TM}QHbK?Uaj8Qr$tkOw1y-A^nYyeip7gL$|gm1PT z9^CkR*>xndagi0c17~L2+Ton)K`^s^w{Q{<+KIcAp*_GLMX!F=wR)>>Vk#-^5L;J~x z_gd^`G9F)JkW_y{tUGD%lP-`}2brU2Pl^PknK;hSNuR5{PgVe9i3f$AT)Qn1Cyv-o z7M&Ea+xD1LC_s@H)LTWtx4)K4igYUNE1Pr`CAIz-#;Fu?}Z`y8iaUOk5iFdh`uN7csG3?Y0+(Y-@WT0nd&^+Jzf5`kl#?ci~)!P5aMA*7N_s=*Hl?+Nc3*|<-)o=1(#ln0ovx{skM-02LwR7{;q(IW zmpAHH*s3ubb#_mTK}63XbS;7YYAct*$rhIMSAp|1mBhHhPx2o6TMQostn;$$D_o{) zLA2+fy?_rozj%h+hEiz^2?hqByld|e=$|13UD`qlulL<)a~xO;qS#YCp4gi(1WVrZ z26MCoPgnf%Uh3wL4+58nCiDs3Fe-chRD{lrwY7(YOX|`SgYP8LnZ$;BKdHib&2lJk zpU~|v9e?n1C)E@P;K#VlStU^Jwh^v_E!qWB_rxlXc6%jtW0&2sY(vRz7bS$K1Nj^$ z-eZ+aljLo@fuJ=Ls$ROO{_(@PAog7BAvJ0K<_zz+c8*%dUBAB;qa`ZrGm<&ri$N1F z&eTgs=(1Xhq(VC^AwI00PQ!&TAXt6909+OFl7N(mtWqi+%qf8ZZbyBoXo?}KkHZ+RcRT6=gsc^o8~ zh*opkJmqgX?5TC$T7S@+M=B}H1SQ;j zq;-6s(lug$huo7*HMM}9cPE$9^DR*ljK+bCmKi|MgQ7gfO z5!O^oh9=XEq_rytM6byZTLd*=*Igd({`WrM{%CV=Cp|}mRM=h2kyb% zaUcug`EFGDb9e@(-LUW-sPQ=Kj9WmM)3-zh87JZ02p!rSV6`%+DiiST%#RV@pO5Xr zf~er)B_wfH*O(RC$6BwrK9y^f;_y$JI`Y!ST9Hz!_n;FPynqg2 z=I;NLb}%k^LZX626U5>aA(u9Zm!4tbe&n7t_ktCvLvLuwkq2I~CCQW^RfyFO~g@+h$VRzdB z^dcG6=bd-*czgL{oU3W8VR(H!c^;Rm)zsy?x&?SZd7?$$d?puAy*ylCH1*Ud+wrm0 zREgcS$lt@sc!HwQ>Ed9zJ$$_Y(sV8s>*F=jua5{nrSn#`$SBR0xqe@DYw11ZZqAfg zRl>(V~9Zx9rI$?bK8K-G^pj>{VxF?(iebdP)sh8`hNWX5>8hWR=?H z9}`rcWTaSClLoz-Ai}MkTD^Mi3nWC*=l4Qq?-92BAsb*XAG^GxRRh(2@ZjVf-Li+c zJ?mo(p|0_UTPre3=ji}?7PwKwfp1wd_n#(O79-r`3j3!1Lx%f5bb&$x0Th0a$6Ed< zkA_`;4gJ2@0k_*5uC| zQ{?_y5BpS4YqPOgwsas8dw7VHolqt!)Dn4~g>(98Q8m5Pt2*Y@E&z zDn)y;E8&4umKzPTz(Y>}tJUcJI&H;~)w3%2>@A3OPzT>izVEbnAWHTLO6 zdzY*{%Zub)58%kWHh%klx*s_e@I-CgP;_G8@*n^Bq^Y(lu`cb?jQq`t! z=ZVlOIvyp;80*WV>-aX4#x~I(T?}~mhV=pqEz>+I3SP+zvu}qfn0=rpG&U+W%Gt8{ zu4_=?OT&-joW|g%bd)Cgau535(QZ0#@XUonuIo|1AK{rQngx=Zd$a0OgB9mrhDL&r7k(IljbuUm*k)i+QFEc zBJ!;{e4#tPaiq{yas+~u3mOJ%2h+}Umr*7*gL%*7k5)hn$r@GCiF>^YR)dTUkAg@Z zwe9o70I_bpxgKt;f-YJMe@W|ZFofJCT|Cd zO02nj*poL(J)T)jFn1c3owPq~^=e(oMf1`1V&6)7JZnf5{7$c8#wW2>+sRN;kJt_b zefH)5wIYG`9!ZYOMFTtJ?gQ8hddGi7i>*HP#nj8+PQN6w6iRX<3SzW|yYx~uNl$*3 z?n~rXoAiw3(Eyj0oF#sCsl3;@RA-pMN8;wdYUSh;sn1$D*ax5S+iiwx9X$fyi$%Kv z4eaxh3C;dAt8vL!H6yG*&&%Z?eHS1gu^2 zGig;Sx4VJOrv#+v9RoqI+=GyFnL0K}Fk*^r*KF^&%cz&n+j!7UkO{i7vnzE#V1cv#FM&hU4@^}3GOy7;=U^{Db@%JCyV&<+B*a0}w_8S7Or zW7$gP^)ug*BWwA2DI+xcJZEV6?7B&&+CIm<1TQ=~1$Zrii( zz%~!14gh#5{h&-fRY@`J(q=v6`Mi8Apo*`paOU z-J{cj=*vE0ljRGXb_!2qA*O3oe>`I8?=?FpggQCP)0SLxI5%`gvIlHd_54A$(Wr~8 zzh#KaP^5l5=k0!LPFJ^jW9SM&u8@r`9PI14oXysnN!t>E*RaJToJ(5((~R7CEV-c+ zKRWi9l%3%7&le0X<1JS#wr5Aob{>5#p2~U!pV=aed$0%EU-{ml#QFmBEf@6A-WtV@^fpAbpDoquFEbHQiOJS4joMXlvd9Xx_S+%Z1bPE4VIQLU=7`4PqLS0vf-=UPGZB( zYbP3W#oPg~(xoe9_!g?)EaL`vN_QMP$R)9wRUL(m)yP;IAPB1RS+N+zrjG#x>8#WS zdN=7TkAHV_{EK>5NIAd#Zj?W&0*Rzn!|5!S@N24tf^zkL8Qw`1=>PT+zdd}hd)dtI zA2*kTl?25?+s|jF^`YWtsn>U6*)yt_7UXi2yHRd8g@W)@rd(Cv_BFk2hDQpfT~-Sb zH%jBwHlLWNVd^JKQ+AvfR=wZN3UdQ9*F%W8=v#LGaS%>%mP_kFmNrr6z*P#OzRvKX zfHgS)=yI12m`DJ&yHPEAe$mAuYUe71wwPaNqdkRTu17FNoUOMIxG4zz!p%GRnbM+* z;QRbMSVOVCn>}dC(Z~`)3D}x)ul$*n2YTtE30_sq!2~{wyy583gx&T;`1I4i(L&>7 zM)=}y%viyvDjq?~GKtBKHCr8Pm6`^i!(``fNP<=Fzl*27Q-2prRpj#W{mb*ben$rAtWxUE_r1UZGMFg_f1Fd z(?U&71$^WOmllz!x^n}UqJvEAGjeuyzX}`N5B>hB;|Xd1>^OO*JsyFlu2b%{!u+_r z?e&kkrpfUydd57}Hp4|aCJL&_duM_IU+|*f-ruyD4|Hwn^eGYBr$l&vuOWYLm-(1^)fy?WT%Vz7?END28w|{3lE!XY?m)EtfS!zSQ1R_HqSxUW1sw`od`&j8qGRUPU+dj&xIjIP=7 z@TfY;?f~7-+aC$8m+<~Ywr0E!kNTM(9VkEDJoxTGlZG)}drBq2?4L1LZ0+(EghopZ_n2xJ z*6)73G$kJ-FWW`>>8Avw{UOj6zTYgoU%%hMU^=oDP4&>IXoNh5pO}Pt-3@M~|Ay?S zeX;bdYut^LWMsMkYehxX65RyGz$f=0-bBf!w6vZ~w5e)t;T4=`lk-O^zEO8oSuqg; zTKS$G?xhv>R+3;1&$1`^_1)Ik=3=mS>l)Ly>rm^-jCePD@4-9vi~@RTHwd~~4Db)& z)8dsUR*4%J-ddj_?^Ejq*kFbCQ#`{G_j~R{ioj!-}fYa^K>)3@)z{ zN10hDCA^7%GtO?^locJmHS$-?tz9A4e2;&u7W#r;Y4&0x7CZ(?@7wuN+p zjS0{Hhq12?sA}8Rmu`@j7HR2_ZUm%7kPc}9>25Zyqyo|k?!u_ zedqp(!rE)EHRl{-eBU>|5fI;dXlV9;{$$x2jIus6Pkh69m?}41&7CQn zfC|RD2m6bcj%LPXT5+XI>$~M6OcpAW)wyi1aG7N2rfL*lwM^72iLhrEw4+68Ji)5NbyIJA2{WYWHKQAcezlgwwtAMm@EPEti8DBO0&ta`bh zoRQ~cT^A4KbuOK-^8hR3ZuZ?r!Na<6R%fMTUWUVgRD6WN-~DJ^5fs4#x^^CCuJ?M+3XTl;`eCAK6uXGyKTx*m0y84))c6aY>s-p@^-!FS==I+Un z3QXcw*_o~ro>CMv6Sg|umbHz>-DQ?{l}?}9+Rb@(f1zOnkqhYx!>r$O9TnPV|6#XKrF%3>GpEDwpBhojzzhxu z5S8EYyhxYu;C0y}t+ZNH?nm5ed9wS2jE|t{?zi@gqn3767ejQXls!~BGY>{#Yu8Qs z{BB}#(M4+Pju2pB@07UND5QN|rXT zT(ZHI^XHfGUD}s*f}3~!TNi{gqM;8PgmApo5*!Q3DDTncEGF|QgUFW>dASB4F_1MT&M+HHF>jinvV#B2foA-(_IzKbL;_OXY zN%D#g&+o3jK%iRgd0!Ftw50j$IXW?~=$;GRk^}Q`w0ZPejL#EbqW7A5r6k+6>>Hb1 z8?UCP#(HtkD@pYwDb}coVr?vCPEwWS&;5>K&TA?e;%>|Q?%z+Y&PF514i1+LVk9jU z)(RFD+uHbB>YcU|KhaXP1&duCtu2pa%ME>dJL~GS{LUNbcT5DElC_}T5)E9b&t9RY zyFbo^5$X#zOkeF%dLoH_^PQsM@M_!k_&3J;v8>uKXnQnj7R8`8)JCjbYG0+Ys|t!V zhfwA~DIJkq3aJ0(Oo)GY`Pe1|oLqeuPY@E}`yxtYIEVuEOFEggp0+PjNw=PBd)vm1 zg`As4#*#dnU)`3w=R)^+Y}?hfcWIK{xP|9eJgHPi5M6^Nl!?AEIXnKLRyRkUs8-nJ zj#LLUw0tuia86Ww;-Xb1O|bGil88e0u5MH2mvpnFwLE9|nY2gQvz1cgX^xPOcF9yZ zh&3-~YE!>U#;54lO+w$*-Dxau%H1nZ*VmJ?=$|ndzeiu!Pk-`z5Y;xieotiqioNV?OLsB&G=%@t=o7@ew%X= z=PRsngY3q-$>;!nieagW)$Cajr`=(O#eqx7o&E{aTd^*3rcuTFEO#fL{W0#EdhdL5 z-ah#FN4W1`!9Jo^fUP_C7(*?9b98L}w9kGNGR@3wJqPb|b4k~rUBdEuE{C-#Kqi_( zk?hmC=85-}^m6U);Pv^Mhv-TEe9kBWp$cP?Xi6lc=3#l%S`!=^J zdV&6fjCK3%(GDKt)wwaH(A8}F(j(8J92bmHhlJd7xMH`yYMCX17Y+o4y7hXzT=dk! z0f|q$qHXgRKW9D*|Bwm~h8J-M=O`p~SHdA-KvL?Ri7sLB!L~|&g=8iKw$*XXRmEFJ zvg#vm`ExI-X{&Yb*iI~}AE&chCj|@e?~SpFofg-P$QjqR55~yu#Yx_mwRP}I(|XHkXJ z9}l$?u~cm}Fivim6gcEY_=*?WG+kmwkPDz@T#Ccw?#U)`r^v59Uux?%OZ^GwU?zg+ zsaxxgaJDb<$Y=f@?Tn1~k$wonr4Hd$8^Ws1d>!x$;Binev?LK4tVJcUP%S|PN`Km3 z%lYb*CkIXR?RBtFNi-wMqzkP>ASD>etH=~&qPJJ&jS7)mQ~Bn~{)C4c$2NZq&QGF5 z_|~Lx@2=8n6cy;Uu^w~;vK$hw8@=}}5)_|^m0ydaeSAX5s*74yhGxQrTK;W);EUe& zMlXe|l4VcutXv#(@J9S)Wv|Bh-YF%}%aPn&pYlkNBGx%=qgPpsMcG;CIf?G88yN8z zFtYIa5|D5zosF_K-QdtF+BZBJU1LD=I0)X+Z@%MAtnm2Mw8!1Z5RUqfU9->oW!R+nx4fsY!DD zm_N35=-Q}V`G|F)EYR;{J@cXghs*F^`D3i_8t zJRM_HUTh>UBZvt1`464fpijN7a^F=QJl?9iC};$Ze=*IO7qDbP0_1n6%T+kda|5xA zxyjBmv4Oh%(ePHsyS+|Gn*p(lM?O+FYEbTb}_pm$l_>!|BOcZ-Jig) z-#@l!KYya}q-wP1a;^7NmiTT7YkbpPsLa7D$G#{zGKOH%*gyAJ^5HDV)^4(Z#%|Z9 zY!_MJ-YU8#(x&oiZHib-#|+~7%!4p{`Q4+z@jACysBW!5aGb5oNeDoD{$w8Ctr>4| zttM_8M{B+F<^RQIci&T9)EyCa(gkc*JeNTscHp4u`QCzm{05)Y+!CdP!L<_BqW($~ z=rrSNT+NQ8V9~FAmeXr#^())=tp|PM0RNMnVRM_Oqg#Ue8ja24jT93KN}lu-)&={O z=FQXme9*~4p;mIUHCJr7Ev(ek5~nnzybmc=1uYoI&hHlqh#S=P32@o9kg1z)^@8S6 z=7zK{YuGc_PICA$VT?0SE`kwcQII(i2s&=*5Xc=Vk_wOi*xd=HV0R1J?LF2C6(dMl zi1Gqmrh)FKB+92b5AjnYB=*S3bt}Rr52LItc&Ed&ZZ*`8!cwVkaBX59rhQsDo+9* z<+otues+W|jYTtSRR=MumvqR96H-r-Nk@_gvdp{JNclIzTl0o99`X7t3+mL`hVpi4wmQ25Bqo}eGPa8XVtKJU4=cNAv~oSPEJrZ{509XK`yCc+Dl7$ zk;u&~yZ7zRSI=bV_P*JVhuneRo8JCqr0y2Sb3^zTMr}2zW%U>^2OxG7`5k#-1t<(H z?5X6jY@aOeK~ll&@z1kuDq8ufk)pr*62duvd>ZbQgp0d+97ZVYCC?0DAX4pm056tg zeDT@FQP!t})^fYdAo~i7Q!PBJy1nVl`U{{8IH$zrS1MJgnX7Rd-K3c{+g6j)wz~)Y z?vDa2M$Umur)Hg1#wllou z4~}YRv>yKAH|VRAud$Ryz&u5OQ1J5=3baknr;2b^be%1giq`}+RbT^x*YVTTPrqOi zcmB9{;57V$Qp6;Mab)P*)Oa;0uuH*0Bk;t`QAjY>IX=9(CA@>BB7JQi`+LL zDZtF1#7nQ=9Id$rIt{Pvxf`xu$(v~LQ7{yNV@6O7B(?g^JHxf9v$YFb3pN`k6au^B zwW;qe`PVb|4$DVHoOa4ogxTLt?hUZc-@WT1Pq~xf9%ZjS^2l|#%{p=eA?ClrtQD*y z>$|nf&syI&MWx9}RR<>v)LHx;H%B^>WMD`Al9l%-YyguMo^7IX*xXa&{ z+nthdD=hTyAZN6~P$i!Kt8AlFbR3MF-CGD=ZF*MfC{dhTYh0H* zBEoR;NYkW_Gk36?_vU!>OZH*1oQ7ALO|EBw;BJ_Ya%SOCnM1>OOg&B*+9mmx%$D%q z@HtGb%i@%Hm{*Z$Y|{tGlGh^Pp-#jfvRx-%)Hze|duCw^adW@|#-COHG3XSA9Y_{N z8!u3gzSfnL=CwIGFpx-Zfx~(yMfuG4Y!IyvjrCEI;Hp(S&>(IWR42Oh8al^TRM4S@;c=8OtxlOa0Q#-C5D*AmxG@I>3#6KPdG0Jaj_n^Vcc5`FC%Y9k6 zj?MG7pNEZqgqHz^jO9cBd@Y3-#L!&nMSxzxYL57a9hU z2ZLAFCKY2)8*hyJzi6HnXntcI;!A&spxLa7KM8bJ`Gj4&*?13n#a<9Q?kaOm5{}9{ z?o7cH>o;R6EZAi1akM!{u$orS{24~2Bwn`2dNACkLvEL=)b(Esur?@5*(JFv_Wt;Q&@E`G%iNt5s!*fc( z6-PcYsnc)rmO&*qbaC4zoELo~r%O-`ESF++4J_upVmjxNL5(OWi3+*t3HK8?izoHBw?E zu`+Q0&W3Y6X>l1pzpulJW6{GIcwzW%_H0-28m{(mrl6#y%U{^Y^7mN?x#kyc<)}uHtedXBB`i9Itoon&)I2kHQ8Ch8IMgBd0yqM-DXR>R=cbXCy6pe(7X$R8gfdAzR79 zZeyG&H$Gyo&UN!>yF^;PabUWNNYbB1P8h5C-g|PhtJ~VG_)<3RISOUl?9ghY2qI8( zpSdQFHN>;l$EP|jHZ^u~6>fRgFM|&}0Pgb=SLj4bI|&sJP-L&<+q@&pbi!s(Zr1d# z+N4@Do|VGs;}I}x!8`9wZC33E1Z^D-3pHJ2t9@=mSO%>-;kjcxmVU)TrY0KU751Ka zOa-?paaghY`!5vjE;lmslJz>T>J=-Fc8|(>(zeDF(nNf|Z{!C4nhdxganf`hk`L*y z_9(OV1itv{)_g@Lt^UC{ZKRhZ`3^#r4qkEtlN9w)MQ0TA+mti@dT^fzn3)s=94|sn zcGiC?f~4{5-sMW(UBFDPgO}oWelKP^F4g_>F>5cduA6jx96ubJ-GfjS)vq?#HT3$r zOD@+(t15V>t4i_GLRiT_|H?l?NbNe;q9ArrKwwg-3KJ6?$^dbEh)^=ozA4v@S<^Vx z&oxjs78b7r8k_m9XT9f-Zs!+b-ZZfe`ZEM#S4ShrGHkx5^VF`rrxqNIQTql0#*ZHZ z*HS%6Zze$EOLSk}9vK-&W|16>B1j#z0n3x@hbxpyCgiN+ZvUJnK#hpgl!NK!%5quk zLs+|iJoeB3zJvdUbp8sMf1;uP^n)lYE~xup;S>xy?Cxa@kdl*n|Gaw`swirB>piW| z(U6J!fs%j zll}AQBMU-a64oe3OO%^J`ZUYiK2u54f13P{F8N0V&j#_u2G6DCHIj)WsE3bA?KA&6 zs!+g$ZCEIEi=V=uzxba#?57A14;fYX0%gc?PXy%=I|89{`LAO(>%R9Jv-ea}^)C9T zw52&X+!5Vtnho^yuHuq*pY@HS? z#&-#i(B_yjR|5X?FAvWN9xB4|@Tt#i&HY819or|H;<|v^S&H_64ChQ1NRYI zFmaJV!1CokeFoIRkO}4_iC3?X3w0V1f$vbl1>)s97_=Bq-!4taHI@skK5}VGKW8JD z7}Oe0!Xrqx(g;2qo*6(DP+)T-cDnTz_~-Qna9 zP{U_5m~>9`ezcC}L2!T9xwPPOe@p0ne@oC8nu+*x|Yv;C5 za#0&DTQm)1Hs&X8`m5!(obfwgc081?;4$jO@Zt-CHN$DQL;auI`rki_r+GN<#}0(v zkJMlbUjB*>`UtgI3_=V~B%ZYZKCi?>RdQxTf&O_lS+cRR#b&^Rj#0h%tHIUk{)uYj zxD((}-m=KNNZC6au?lYPoy4vQf5Hv_T&-}a8imJZ!BoM%*xj*=NI#?oqsKEfcEJ#o zHygiYmd>W@#t#6X)ef`)=~mYf9Q$Eluz?5{-q5US|IBG}BKWe3v2N3^%y&=ysDAEO zJ2W^Fuk9ZV69~XUwFnmIv`PvlV8Lpz}W`!vzjcD(DB zt|r1PUArBY$83e()}vU|`@->%gTb`Dk+oSB8_*`Gpi2JwF^Ss}WwKb;VW3+ZEZ_Io z$ixs5p(ulG<*A8A4_02ct(bt}Ob>N>FzCe**}=0l3rC#BDq)0%GB$p|aWGY=^fotT z%bJKqyBhuGxcR>#Qh{UTpI`k0PYvu>_CHz}3lE4?1NYz#f- zbh%mdw+7Hm1kqy2?j`twpZYUN-CD2K9ziip7&xM<`x#1xwlsMmEp6L0WoIc`GTnC& zGPZ>$@fd)frA>}J?Cpy#v(0FeYvo`m4<)Y_V3ULJ0*7JxS zU?8q%+|4=Qj2FDFg(kEcG?ZPRDG*OpZJR}I3hq`KM&{n2G_vMRM-S~*Xp^IQ0%#6m z(|nC7B^}|PO5yBp@oljNw`N&2)5~2ThowmCHUrmpII}I|LjuPL`pFZ&R0&(Kg*AWr zi*)>`=>v@hw9wM#B<9vJy^1pg?c|4L+}zwN?JxUmgd`MsI4#kM{`aR5dv z4YjtHUW(|ubp-K;u7fO&@5k*;LWLQy4tt?@{0{cC$?_;BPgv=#R_Qx2dhI&AUp=w7 z#UYD1ULIK8W~k~$JuwUjF8gzV(&S!v&(+;=&-NCvKzpdhg~=fb{M( zWNa;+95HUc`5q>Ml<#?au}|UD{`T?Yc1bg8;19c3_hTxyGJ>n1r$c3C!y=S*mjAXN zRjK~A)taPm#^%(m^wqL>)E>laTbWAw74!Is(zm6#OSGVmj{BxBsqI@bk)UA4q3C%r zR)-~a=Ch9W#dC6nPNag61A{0QUH)80aFY8Qw6`0alXtbNjnamvI~9E8z(8FG)2{>2 zGo@=l0!>m(qihwLuMKiRje+E8gS{QiBQ!?Mnj@rn^}CZ%B{pM?8thr96057Wj;n30 z>mg4!wQ935VJDf8J6@gRHbl%QflU}k7LV27gHf%=`JVsC3T#O4gI}ydF2j z30RDDJcG%6aG6q(*}4q?Jp1=2=EMK+z~?BYJ_0_oU&XTlUfAj|D6}5K!D7wMW%)ba z{tZ4YAB}tIVMphnaW~;0mfDVHDg8j9d-D&P7alhw-SG5dNi9|%jN!omdsI~{72Xhh zzUOV}MA@!(}DkjjnHp=e>zz(Z&REV|+em`PZD@C?bMe7GSL{k8hQm z0OUcYC7;Hv8BvwDY64gT5QqFL%|}~XC4$qX2Zfus$JM+E=%?E{6UZMg-L>ns62ks` zyL9%kW}(JUH_Jc{L8nt*4GyYtx>{WQn_9mCN9IdX>Fk2DP^UfdqdcJ zpyB;yKsQr(Y)w^xx+w8sYv{J$g7@_a$s+*t@;ED}NChA--M+&<{2<<2oaPf0i3s4Q zAqEQ0&veY0kK$VBl!04@@_RKM%@t`J&y_a){Y>2z`6~F?{b>{VS8^yM^S0!xPE(So|YfJntSOdTBXcC1EOAR9GZK@6vOs zh$qS@dMmF4Ypi!=>4ahuguWlnT&;3f=zhdmS6<3-e^&2vFFaPPy_os=B73gwa=6n! z*3z)ysnf<2+NMH*b!rUKW2y52m0Wv^q=LTLfYSI@d3+a$N`35EAlH3@Y|?SHd?Xy1wZ z>P_9#2v#nie1=*t`r*z4=y{yUvKvFter%s3i5x46Lea%diN%}ik|UI zK1sM;%K#!Z^Js%t}l$O+a^TTgK-XGwxo%3GqXUlSvXij;!iPMD*6T|!F!Q6J`Y*f#z!%{gCQ=w&galLI zJ+X~x*)BoJm}r6F$a$Moy^^}~rCgmgN- zUuWF!h&lPi`6I=zhmYs-qI0tdMQ?_FK|={C3suxPCMUF@&6@|6qZE!L8I~en!FkBW zR0wB`4=bUg=d=5wcA?P&>e|%A+;1kx?Z!S7 zUx8OGdLwB)2>dSdO@FQ?#hw&Q7Di*GU6^#cELuUFwkPBWgXr5xxQ(MSo_2dDz_hcoR~sC+y%5e2)oP{NnTqmwpY0BUt0$-~UY> zO^poWZV(yhMQ2J%#9&IUOn9@^c1pL|hkwRsM#=FnAwkk%QdgZ7Cc`=~1INyXO%rV4zW z5Wk)to3~$9dV<0i;-o;OF5C96R<(H_lf`c)Ue67-FbW>22#i#IFJj@13)^b?$`p8O z)7_TCjze79Hud}Ss_8x7A7!EpPviZoarQ*SJl?~NumQZ7YojYtY-! z#yG3%(L&dH?|EVJ*{FGNZzpiV3+yUCu~%#QT0}-cQbS$V@bMdKvZ<=BI4FQ?B+-oV zEZ)BM@IymM?3N?4IwwpWv89!`V*W5%4VO&#j9168Cyq$|?sY9Fz8rBpUszm_S6a?W z{eDXKx(1@6`c1u3RouVA^$;gSxAawxGJ^G@_c__iFk-4zJJTPR?86*_{Ps)$vxRbm z`4rBGcpt+N`2czO40A(`cq?jA`tgsg3x@aU!**DLy@S8M8SPbrzqxRFy2LM%kS z9eo*@0WkKvjMj@sdsfBQ7~7MtOz3hJD>u>NxjL4Gij0DtUpL>?KVgoo2QnsS@Ej$V zLDx3~i=UT87_7=bFTb<*br2-6h`?6Y$Rlv6mSof z8o+(m&aJ*VNHJ{!8D{JvJUhnQL^@Ixb7sAAc~rjfThoW|U2z8Qk^B(8uWyxwF`8`d zwiv&kbduONJSNj}Mk_956t2rapRWFB~}wZ2VrT* zw2~)cADvUEKWiwG@P)VLcf)zkJWsV9BYi#!Y6t(wVDxBB<#R|cNn0=R0%wL>G2Z5}K9IZAsW{AK%;@lM_Yyyjm@{RVHP^QHf1tPTheX z-vl}p>er*b$yHN5 zmZO;bquk=qMB(u_Xm9sn;~{!e6o00w23m-iP3eTN?)Tay)?^!aXApT3GBPx|xDwyN ziK4Fyfq+_PS-mxnwDyQ&(%n-RhE#T)JfeZTvVl!olUsc%5fnBe_wMc{V+0q`J1ml7 z@_cJrcR(}~lM5V}CEahdJiOLor!E`GSoL?0r7x*%RjgDR7rq}-+txepKIgKUkex?B zTOah_nRaL?(&otk9h!>QuvM+F*`l8@2i$A!;n(djR101$1x*fu#%12ONk0e4=bG?S zKRd;ZGsek4%Auark0b^ShaJca**_hBRi9tXmvnHwzoq5qDHc^^#%eEVI^qcUxE}C< z@^>Q6Th~DMC*u$tA*I*a1V091RVwmFKWxYBTg>{HNPZ1bon zorA1?sNL#^z=Sp-JX;D=tW%pG>pgQq)ESCd4l~KC#KFQF%*Jxjf$tvEE{R{00?aUH ze1>E?gCn1y;_JDJ1p!RqH%UpmG~Crs-YWF4CmgO%8;*{8?b8GxNpnB{?zm!zdZc*G zX0i>##VOZAmo+CV*#Zm z)?&?i@{3vW`6JMEmZ^UUKSCbY{>7NP5yi7x8xhlRrH^e(`mjC78yy&Ue^W_r9=%3o z$*!7I*ZY{VID2?BF6=q0C*K-6Ic$+P%?#AJmLy$gi0Ag)_BZJd*u2uXJ0sVIV4-;l*Pj=ke(7 zS6Dt>`*5}OJJFsG zIEBf9+BdB3tzBY7OaC|{nd0InLIIs_e7Ydbr64@lzsteUK@L`e$(;}@NM%9%3kxGK z(9X`#eF(9QWXS458$Bifc^{pJo@gDby zX`=uLRHzchT*Dr>rbwe&1G#XdeXFW%d$KQBuX(QZP01nuv){5dO)zj*=dm66*%3Imh1IIy>$ba}`?I<#|GVZxmd*1dpbOkEw9LF3pcw znh*6Y>Ow1WM{WOuUHiiueA4cdN?ig z;jQmV)261}$k9*zYYPgc`Jp_9m@WM z#}nvgD67GU@i7e5@yu$MRu!GM;{6Y506vV$F3O$K9w_Iw%>1d6Z72HBt^JWdetZAK zB9ySJpHOdYq=z2QvRJ!WY~G4kabWj_)$1r}cLBYzn;ZoaiS4h;Qm^=aWR~!e-Jb_{I{TyY;+KVlnYReGbX>#Q~@jU z&&U~&zJI(Mmaw1P6Jj=aM%n+xr1vSUDP&R*|9MO>c6(6IVssjq2@;8fb)49>wZ97b zECb@I9ZQ|(-9r+W*=+hZd*HKt1!5yj7IIm?49dx;Ksur&H{i>8d}!*dDIf z43#^1@**sWoA8M4gsZ~;6%CYnj7xKYpRl}oId_rf1xji?2(H%hi{`A7ooj*eD z3ap3uyCs|JJWqi^{}WGK%Du@Qd3AZGYmbzz&4$3c7X<;&q|r&x@fp>)zN9m@psllt zcFGey1wy@tkw;<$+!4_xHMYIC-)wsodO=qVoX_pP4TGOt?DN<#aG3F&+;14sv0B_c zuE{`?dh2^uQ1cy=oP)F{mJ!a&{gi8t-|? z0+87+N`&G-|723G4Yd|;@9d{XEBQOoX&hR6U`#TlTglTppBYBnrr{2pC~0>>mN6Cg)WNpPt+Z=BU;?#eFR-Yr3rT zpNnVPUzK(hK3Z;>{ly~GNv3nQ6c89zdA^8*vSD_oGkt63ZBJ**2RP*N~FWQcxjA^b@*U%fBwi07}5(P zAz`Q@L&7BW)$_U{F&9E8yc1^8dV)3`;Ih6-rzn~`Fdz1eN;*&ic-;M}W`*UMKPnT) z$#FZSqO^Y1 zwbFVP6BPWf6uw#(bP?iiKa^IG$2FT%N>Mw4SYOuX$;4mscl(9JY@wda6tpmd*-&g| z&Uio{-8u%+&ma`leUoCMgJ*9G2I@Ix7Rl#cgPEbuEWf%xkB+0~TAfm=ntgi1lvQSH zxmaywnR}$eqp|c`HURoJ@B9p9qoFjH_3R!nC}VlosfCWGJthxO?CV90Stz1t7l;XE zi9C7JM&o;;S?$xN&zs-MsGUw3Man2Wt$`R3J_zJ+6QS<`reU@ueY+GssUJ7X+rJ`m ze+LJ2a=*?%r+>f(vrf=vWb>$s5H()A6^H;puT>>5H3{@uZX4(aGYtB{wE(+3mL3dj z|1R@iUH~aHW?XH@g>Jpv_NZ?klw17wV-7g0?a~o``_LQTR$o@8*QmTl>G@IDO0UTV ze0gYVQRW^Gg>9-l^?|^C!MC7d37OvJFz!PJJdPjT8xa`OHm;GFrP~Ye^HN>Bo&cb) z-+Yi#(KUiNm`aH)m>u_&4=+bem&?d6^I2)djItCoNB*)y=gju<)L{74zI3V_7|v<%`o01v9_y4 zvYJ%REV4CX4vHer4bhTavp1%!w^I5ewK1|bhfS|FP6J8Un%&1ILWmD&{c3a@MF}hq z2hRLqtmmEEDkO46cl{XSXCgvp1ljJd4)oD)+CQ3Zkv>*Q=uT(ZNdS5=mdW%JFUmb$ z@v_YPLunx$NfxY(9g(LrS#pnFjO@$5nJe9ox3xgZ#%&)X2-B@6$k#O2K$NeR_bk)4 zUMqZtL;m>jYUid(Zia-08Bxi?dkR5EWcL%t?@@Mi!jDx8w&>BI$};s{*GdOD@kqpR zz}HDURBhK-Xv1C4cv(rwb{V8Cd@BT)PX=Jb>9f1h82;*=Og#vXYpM33zpRtcdb z=#$m3GfwuYbpDr+t5eEW9;U-eA~=$Z5%wm9oG}|BfzGN|hi7O+XvnsJ!?YVdS^6}* z)S+RljQhuzp<6Me7YasaGGpku<_>mDAH;S9U2hJ%!pnFjr!z~*1)+QQP82M<4e$=X zJ6o!EXPxquhAIKk`#PDSm<>oQ_M+(C`$q%p59VZJ0YCq3fyEpvc8q{{IzH4DrBJ6f z@!KzAAChMe;xHzsuG{N#gWrXGrOU_R99sA_d7ERU)0~ij{miYR@E%E4HKlANiv5Ik z%J+3>r&~N|k1Ob*5Fp09KSK%k?_0G3Dge1>V z#Ac@*)&t!SL-c#r#sB7LdjQ-aKPY`wOoguAKR4QJN2Gd2_>hY zY&?Dk`GU!;xGn2@9m$BjFhLomgJ3<@d2=Zd$dVa#GVxI_jRh@IXW=V{iLBV3PVE|3 z29Q@BeVt>yt_UV9ZN0Ei z^DB0`N@{k!8hJ`~?UhHD_j{b6hGsmdRQK;_fq&H207-=CPeS+PxNEF)7=2`F7f2GT z)q2Apm#~2c=Y9C&{XZlr|7Q36^JhJk1mFG5C*D49OX_oq<_raFgo+ksNm5g5Y9RdK zMgj5*THb-q|C_`82X%|6?SlZvmTXWI8g#9c{t-#ti^&$Pc=cxyC|8~ufa@_ExY?Wk z^G*C)hz|T3waSAeDF=z=V|@QD-AB?8V+%yIxi6a#qYCiqk&$5tY7pQ#)!Y8_JA4DA zI@wv?0bi=U=6t@K9m;G?l(jJDQBYP#KCBgLpqlxSHR$v|im<=C*(hW1N*I2Uelj*k zK2I}toB9$q%w#La5$uQY@TF03-a)i+1nEEEJV>ejukZRlZw&Hqk1d>7ImEU1@T0@% zp4u8q1g^hzsK6zD1_SBMm%%bax&L78|D|&}pn4EoVOyipCtfR|@^*WFcn0J<$Z?^7 z(|kG&WKP=UA^|9~zJS~l?I7#{lAI8xi!Q6#O}BEkh%qp&7j~luH$KOE+H)vIQ*&?17wf^%DJFBR z6u}ox*<_O{w*OzRShR$ji?Vb zazV-6wyMQ-bZL_X^SWK*Dv@Lgx$wBjbx2L~6T(PeQ5)u|S(xitRqk3l=7^v!J+)Mk*kHSCa5TDZ4nYwPDpfK2}L4o8? zr6x2u{|*i$1c)@z4b;bFGT>7-utb(casGMEbGlr+(UnQ|UIU+3)CW7D{% zy7RweS1D%*?hir@T5_FJyL*)4RicfFEMrJg{b7kH1)R<4A1g)(@?=qd?<~o#0(ZT* z`7%0^On@(v6Gjde>gHhDHmW4T?C`C07nn8sjpeEI?q*6yipNuMC{iXm@2X|&pD;`7f{ZUrCdZ>@T8NHi6 zidFo%JzfNt(k2{b=Pyi-`p}RzL(v@$gau-NWYRSGtFs$YxS*y>saYX9_YHw#zs#s> z3F+|BA@C1tV{InIx%XjbR*`;epyiwPZ2k~S4ScsV#1*6=rC>JYP^T_VD_+=!;s@)R;l zUI5%99n*iOCL1`^Dq~XglusHqQaPiT!fL!mXH!tgvZajYaQjwf(=%ocD00>?D*+fX z$ZQB`jWFy$wJxZ2J4OU!%;$E!efB|=Z$?3KxdhVC>x-*;Cnnp_{iW8$KBrzR42AeZ z;R<)S|2Z5|TKdyGccy;2C8N0F*I@6Q*+2%RMf6%8EHr=I@@LH_{O2w8rxp^MBiU>I-?qp; zv|YTSbYz6_S-8jD8uJ>=qp?&k@#QifX(^G8aJ`x7VTexSmWo6TE;s3E=?HBW>z&xW zRh4TakXvEB5zhe)PhZhkL7Dteoe${OyyJ^(#;sdbvO?#^vfi5^384`6q3HcVzeqOt zqqM^!WeggYIYDRids1-ph)z2K~(rQd?} zm*c+fmDTtTN0BSRPs6V=8x5BAl8LYZsFaRBq#6j;GWtt7XDIre*JJkd zq#K9*zpO>+< zcdzTS`u(SdV^3-a<(H%qULE+(KJZ0gyl#*A_CXFwd8j-+(2_ksTf?;)ZIX8k{SAFfs(XSN_Uw;wt5uQ3dw%+_r+-RJwbRSbW zN?og@ymt`|CMa5~T|`l;UBoe{pzbZyqD2Z`(W@4p(C*AP>yzKN1)_dhJs?QN?{b~L z!cff`)~PvE5iQ;L9#ifyE-(o7ujC(*RBG-!+yIc-@ZhJn6350lp|N z*RiTy?Z^OBlyo|^&iH4$LXUuG?}dWg=kDsL?zp?W+@&wP_s%<0n}<^~<|X6D9TB%< zm^$^Vc{#16Z#~$GV(&X?b$3%g5r8)%3WmF$zG#}?ac*BZoX~PbzcHU+a26tqvlL4x#2QD&&%I$-xw=g%VGsOsX!iL9BYQ7sECH^0mz$ z7H%X{i5o$>dSAfr%x?7igGPmO$_KyZ(Sqbp0F#Rhjij@)JKy7upDCyo(rB;i>Lm*n zZgg)E*l)ndKSrLc+?}n001=1(eEqp--W!^=dSM^n0gzz_0wEG{lT_`exy|s3)q$j7DFuF+T+(u*WOq1-%0K`b!9RDeuGTNf50^@_RvsZ zHEBw?esz`qOndo#m-qak=KP@}02rGMgvo@RPq2)Wa$i)RgMPHYiS-a$c{S`FG=-mF z+6|zqNQ6w_7|$-g*&J%rQnpN;ZP>z<`!RT)K3Xb!)|+ ze{l~m<3*)(5E6HL5_ZoJCZnATl!I~g``G2bq`$tSacU)+(w)j(S1Y}&1}j;4il>O~ ztC=ufff_p)HBQ^KTp#B8Dz6@rTcBn;oRiKJwfRfR7Vb&kmPju+SzDLb8NBBW&TbTT zRhY>PiQp_k!OW-FA)(snXapTZ$}tNeY$zY@H|d@T8rO`bvT}R>uH4-eLy>$df#ky^ zgs)7y1D6-@3Y+4!>0km-=1RL277HEbo_%ZSN2MrK32tU2?DN?;FnDm>MO-VFbLGC- zfS5^qx;CCMrqpwb;9etczDweD`!u|t;{2Q>bw*C)>C}RNi%)Q&rg&Jg>s?qHFN5CY zFO=a|7f*fLx`Yku=8d`{1a`$g<0u*=@3mHjZVd=|oP`MUzY70iFn_j{%vyI=PrUw- zE_=L8I`@9#Oi5PBIiV=}=&~Lt;#{Ad;+mRvg;pHfOG58)m2g_}rCtsuApp+cGb`g^ zc6MD&>UnB$u!Zo|{1KNV!yV?gT-B2ksovdLp1^M47liEC=$(i%SBj-bIQhibYjcE# z0XDbX)@s}vBxh3xwo^cBSLON-jWz!ePY%!^dC_#D28RO}fwC8rMcef+Jh5g96O4Lf zZ1$@*r)$hBzCM%(+GoID!i&|i0Ot>=8DkVK@lTCpz~lQE*ztBeOjyZ?Pi#9s&YLOD zHkhHeDGT3K;Wwys!O)Bkd@sBD)LoK-fZ>7y3Er>I3lVYkzefd*fJ!3>1vmGH+*c|j zcaCJLt|?n?iY+Nyobv$< z*3(3h6MPy?8$^X+=bK@K+YvT~0-Mmqs{Xys^KnPD9raNUwC$M^0pWriX#V-ou8jpr z(b4d@$ag1K)Xa@?Ad6aQ5A--%4P??RC;q9tkInuZr)lxXA6pux;B2UZZLPfu-wWsh zh72NMp~~1)={nQpir=`D5R3I{(22_NgU zO`P{K$N?Q62W2F!Op(QoR{zFUZ-E#XUfwj9P?31gmt?-RH zOpYFs)Vw>%tZ!u_i|(sIya zR)_0^KJJudnw4@aHw>Xj((5B_g+ZP!{l6i%yn0zcJcegYMC?MV4A>AO|-Hmh$(jna`-QD#)+jHK!_dVx-zcKbe1~N9k z{p4D6%{f;*Zd6T&O_=M=sa1vkcBM>X{jzoMl3&PRGCM!$!IaILr+Md_!`$zmK-yuV zr|Bl!lt{Put+O&G1iKk-Z>Bn8&D(aLQfp-C$y4|+8ULnms{a_GhOq!$ubFm4*nWMk!D%cB2<+vH`SKDV=o`HHa=tke=4f!#i8{J9l{xEf zb3-;Ava{-PABxTPx;KC#ZcB~D^7a+QuLMRqYydN5v&d5wLH5r$4!N>UqXv@3=;%TA zPMyrwHNcY16$@Z44i^1pY}6EMv*BepQRhp--=P%z|Bd+{NcM zU518l+4*4sdy)0a_5n(CJH$xpfAg_C33#Dti*|r>wqL}rK3m)G7e$xZHzy?G-E=dc z;Pl=e=Tky2Qm*sX%sf4McDX$9$Bq5xY`weY8K7i z+l6H!D;sdoEVnsPHheQ83bu+^I61-!iulqx1boLDO0+2;-9XIE;ls6*j!2&*~Uo8 z>PlxcAe8;#25zO#5*U1)!SU1$P^6FED9GXrRf-WW(-dU~6Y&_`3_HhItLROI@S4T2aX6?BIWXC!`vfx|DXx< z2`?hdp^NwTD&+OrE&q1jsTCVW>%RMtCtj+!p<&1!z?;_+saE|bckzAJB~Xm?0V25vy0vT*)CGLLoUj0(bMZX#69K+yt z$5nu~y)RM0AiGhzL1J%_=RR@@4?1ZloFaX;dpkJgzIjiUXw>`srst0 zH0^5~B~C8Oonm9!f!;DK7vkJlAr!o%r%rrW;evb^EiG6Q5Kx1_;g-b^xC5pqGX)QrgqqEcZHO6z2Gmba;S zS6?uc#>xjCh1|;2Vs)CX#m!8Y;9O1w3X5;Yko8Qi$3dqT`5jjOx;u&jb?IFX(BG_9 zs&7|mkv<)QsN~>n!j;SI zUEguYV}*(;S>UyI88ztk^4N#0YmL5(>SE)T{Y&a>5ssqGPrIkARUr$PLno_M#*?j~ z3j)P`)J0F{5}3^q0N%{_HC^DX%`;#2!khuM9tU8)cSa+;7Vzqj+#(2FGt0{Hh$wqT z`b!G4@g&sK_hZ?LLF7V@Loueg$EG#j7A&}uCMuZ>trRg}(9OBYAh&6V^r z0ZHYAI0?q#>X?j>g4UjKJhavHw@8>&JjjUJ8@>6I8sl+sE&5^mvc*Q|xi2KhDtDOT z;!;9E(a0E5@O!mZc`2|YTrli7OkZYlC7ye2kXp#wP7%@R3vq6;xmtncMeiDFC&D$R zGzXzKJ^CI?8ii{UbL4U1R#9cF8*hIOM)CVK+|BtD0gL&IZ7Mnel_|Jznm2;QgYXRt z?|>tRXl<*D*nSsgAbICpxlZn~;!rm^bp75qmsT0A#!U}56}VZ`R|Yod7K3gS zzQqPe`gv*}PDe@Jx-S!Lj(_6-G6~rIg(k#<=1I}&LBM1aiu;$lVcm=f<3?@sNv;i3 z(`@tIO}fk?6xtr9XQEs!e62GicCnR>Ii^YCL8{RI2~}e@54zSQ%GvNv0%VGOKdmtM zMrH_i#Df)H$V^Xyl*ifPM#(|Axg?E!E6PK?99lVPmMD=;2ezN(oNtl{y3k( z#qVld*zICs4=TBmCY6fUQ`6~q zivID(A)!@jyg?5$sv`@-iMEJ*bAf#F2!g3d+A@+SPV(WOF{O(J$cC@qGK_Ywh|6(oSxh07!mf2$d&*=!td_uKve|Vw5=6(|0n}cljsHgTR=!axR-s&k z1B)N$+WoYA)C}cTd-WKdY8jY1u%2h;N_+r(ofj>yIpGtVr=Ed&*4y(P7@GwdCzRS~ zI^`D-I)Wmr`LKABzOrqfE-LwjSL74=R>)hzUoapHH`N@AB#gpcJN>-x=Kj+G;)a`~{OGu&+~1hzKQ5V*-0RiTGGzXGb}dF1 zzPZLd9b#r_*{duQ6naN(aU%Hjg8qLSVDJ)vq%mQ-E6(WdGD72iNLJ+)CRq-gDM2ID zyl+c~Up%4q`Ioq5Bs}(K)#i(z#=T)Ax}dXR1mcMhf89qCAvp({ z{~6j+elTAdHd3QJbg@=i2>{1TOHJ*0|?U)o6zBp|O%e(Q|EWk|_xQ z65m!7pW3~x0gGKArPQu;1OZw=d2 zRFfzR1cq78Uw%M&za(sCKJWogM`N|ZVe%&r5Iex>M18PY?IvuY?Rq}BLw58hAs7h| zpTG1(l8TlFFCx^85Q_-0Kc&AaB(}&*tb>R%%NuW4Egyb3NaBI3@YgNb6q zjlone&bpJ<&X7c)7k==z@A&wr!}R)>L>$xfj6(i?@HeBdhFb*O)UjQ$&2th3#|0R{ zVl^hei$!yy!r4DPfisPqcrx4?cMnd5*NDpAnKd6$#sYuAsR7_CHTEA8>ui?PCpG2) zs`S__PFnLM?U4F8)ZOb9(Gre6_%5{CCFY}%4hdvt>*}QG4(8-&Q&4{X7teWPp_NbI z<3@>w65xR`{Ra=s+6xw{@FLZ&v!(x015Q{D;8Ni=Z(}uvTx^9xKt&K7kV!A>=GrLz zk*fV;4R?j!L&dADfq<-1Te*-JwO*SP~kXCfn+|BmuWwfMaF~P(+Av zIDtkL*if(S_O7Sj)`13NvSqw(ah&6XU#LFh5lAL8i0y0ri9NLc1D*JUR+HZSJoY1U ztsKrFBJF9f9f(b*S?t|AgYgiuef+3SlYF#BAl3m9Xt})ozz`Ho?qik{6mV>R?KV{} zl_T`|80a0aNC_XCZKe!Wc)+>e5{Bo?H;~$F&560qvlyMe5`d@I*F#%%WhpJ1R!mEu z(IqKr|DCtZBR)b9FH4Tl>HO~Aa^IQXW3KEbAt`W)R;2lD(0|gf)aappBAwTO`0Z~xX;5WLY%K)fdlxGPU$ zipJ#$+*A)OHC;2f{xBdEy*YQrvbz)5$VEr8d84vet^@ZBo3p=)eBr-34=mY3E5Qwo zL7_4gSWoU-9PD$E9UOc4J@eV)**opgD?Gnc2oPQexP+3^ZrQnO`u z*~<~`UOydZh$^#UdT}eCp#ZL?$u&*Jv3q~E#$3QlSc+oCP-=~|>YN=bo}Z=YH61@+ zm+9U0&yP-Hl7ZEgIgOw_o!3uRw@(yd4T9_kWDw)h**S=DsZHTNjPw4sOt%9DImw%W zC}oU`)F}J@x{e80GqAdCIy1LaRM3&H3Vxr_p~`AlbV{S@Sc{d6+|t1odjoFb#?c@& zP-z~#EGk)Omv+x&S((AX$JXkAY>BuDN*To^yTc*E&EaoIdT=)WUtW~sx!+n|nzTQO zV{!Ejo~#m4UL>LtTjkM&HFG@Semv@JKqHmFG@@{NX>+n}+8sj!GXgXVKRGb-q3MsR zjFp$Qj_8bIkmD!E=Q#o-EONK$MM%$&yHe$&)b?Zzv`;ygvn5^bYRn(pHb?C}Fbi=T z44tH19to39n$LLvA(XgfL?Pz8TNEmZn4IeVg)~FamHjcQfMcs4#6;K(@Zfitb4D!3FPxNW+ zi!bmi@WY~6@9k(GF?xG2wIGN8vI4~x!Y2)nuo(2bfpX_NYJRE*XxGjQER3IHv+pUo z^OikI$~nx)TVa#K*WCS}p*n(D9EYK01s?XvA*VztH?eR}2jG*N3bSm`CHVpK9{$1C z)7b`aHygm?KMnAb$O{4djmfCW^?Nr&Vgp@}Wa+5;?x{=#1zSpsO}m4rL;9_(L%PXK z*2_w>ag;xKw--1@xr1so4?5E}sQ#Zgwe}ZV=t>7_LxKuhr7oN{$vcjen+U%fdYcE8 zQaxO4Xc-*e3ml}6P0AvN$bVirFcVekI-rR8<#fm7?CHI=xr0ib3#i||_M8ppNLZZ6 znvPeWsnr6jN;T12&VI2Y6MFZHguaeGy7l|7FgOpwCVXu-F^{XRpIxzL-8102PL`^# z0V{5|J5k;xeO2!W3bOU*H;k@7@#fQy)uVOM0S_Y1yOLP)wT){^edCF67}EM7z$e^5jaDa{N)XwS3?)P|V0} ztk0=Y1NfVjD$6<|4X>pv88vP0Y?!};70!&&nLB>P0bVC|^Q8ztz4 z$A4floI{?eH2WM?;js1IKSaa8L_Q645PIwQ%b{*-8zp=suGq4-!9SuM%ExH?i*{iA zxAoTFhL&&tK`8<&Sa)OllHm#(L1YH@FlX+kbep z|MWa0Yt5!Ss~H!EO9Z%h!?yeS0frs!!sXjfe_C-$Z(wvT)>*^-@+SKMyo^>zH>+#@ z?0NykrJc-fE51rc+4r4iN(9Ik$x~hlolOV_3`>m4Z;b|Ry+CZATy%MyNsK!h_Uryn z1e83#{155>j)_SjRN-DWC;J8nx$8Oirn~?p8o%KVbw@OGgHFm2x8WlpwPqt41U*CP zknrCbH6bhYnd0UM0>lO_+ss&QMehdd4e4$QPUDR5>9cFY4X3c05zf}qQgROCS3H@Kl~it#xq`Q6Yv|CI6l$L*q4k}kEb>s@1Msx3V8k<3Jm5QY z9fkla?d(ONn6p@mV_5jP=LN=8=jv;QU2e%osvIj@^>GgIc-Y z%<{p#z!{8oGV+Ew!LChlI|yAk-#xckm&95we7KpZ@)w-$#Gyme-JdHT9jS{Z7q-g& zw@UqgAj|Mp(7^b`Lj+$6mdC{P@~9%0^oFA;w;okH6;k)(A)NW~`7Kl-j7pkrG+Hhr zaqC@I@Y61O&r2Aau9n?kk*?Blr(m8=fxTc%$c4|&ZPs*#5IYihr;^yxr4QtlxX_^H zkg^S&Du7pa3_f$?AwOGw*E`E!S-C}4TKuysRc(*n3<1V>YmTmb$ILj@kH>qNZ!LyC zPBoajSCn&v`(luX^Q0J6f~a<=$ylErcacZ7Ne_2+J&Wm{qPVG=!?z>2f0TpVJ*8#A zcmwUPKIp$bHM9&wj;N0($!zt2kdxVCDuw{#z{y1NdTn)DSlLtk*hHvJZ2-E)d#xwC z4q4?L4>p7TAaza~Cp08D*pNW;dxpi(tDt4JaQm>E4CjERIN5~+FUku;$P4`iEkg4Q zmg;H5LbSK^BOwYXigbxhWG7ccPc#B=6nI>;J59bU1ac|ff>UhvbcDquoc*`orW1C} z>{uTh@$AglE*7la8K-ge?yYI1l9!w_Z5#1d|}`Vz(oLUkmCXMC?>1x;b!r{V7E3v ztXJ+4G{F*pur7AkyP#A4?(aN;f9LlIMtpF2H$QXf_GpYa$kCA!iWBKZ=0!2CLArN>NEH?A(azfWXhC;SLgSx$A52U_^g+hMx*Dnhp zXk_xbUvifCsTTLOKg+-55)dFPIp)3bY$|*SS|q-nZ*UKjPT^cLD#;GyL9WeyYWM6Z zG#Ik~_iM=rhCtS;iujl2JurWW=?udaaJ_z>27<2o*povH7~V&a*N3=AFlMwa7E9QF zJ?{TLB_1d6yi4nx6DjXdV9Zh+6zIwR_;|_$k318pUc+AgUmgwoPWUzqfrZ4Gz|zDE z@O~41NP}L#|4i*$DEPS#mrJe8e>ZIZHliCZJz57Gi?}S`z|V0WS6-5#{uT;!@)egm{QS)=uW+`E%pRnP>;_O zI(gK)yCxJ%rOX#m9&6T6FHlK`cBI&#H~*Q+lMC$QhHekZXKJ@Z<~j8TlBAotx$7C)`vDm{ zZ_(r6c~DQx37MD?fMyDaWpcJSYyyNn2d(^GP}^)?g{XKM7=0FBCud| zK!2E> z14T2|$TFPfrtx%pMhLCk!M_F=u?5`CIi47H1ip)i!4IvDT~TR}F+Qn^2_l;c!DCKZ zC{_?l?)|3!licKzr7k?+X3*|x+F848Cr8mAv z&(kRtDHAIjU2ia8naoWq7KYK0YuOUY^e>P+6Sr0xEbp+7G{*BKkdwJxJM#!(%!JEd z(Ny~8eiDG6dlo=|1WqDpu>P%cGhwy(e(%HoxiJ6uA;ELVdVBs_mrN!imNV#CDxL7> z@)<8UB=4btq*l}Ugm=Ah^u!vq7M|=bcf|&M5oLjBw34q)3pBkt>s8;)XtKunNU9~4 z!oJ2+1}A<^5Jq|jeV>1aNu%o}ANuwJji_MDs!NcPDFruoO5_iTIM7E>EUOBCp{~*J zm$zkxfkij+%-xMJOeYXZFgkvuFnMBMsx5Dj>oo$ z_I8or=aQu6zIA%F4xAoU3Wu+4L$ju6$gSP5F7rWaG}`o>>L$zTJeScis||eUbP>RU zoI7#E;PhYv4sm~dQi5G+@y?UI%6Mef95egw25DqMt0scYQ~mz-io$$>(`J9pvEFVE zdu=c|aeJafNK>`Zpet0P@}U)~Kp~%q%k|j%#cNL8iHnhJ@sYxK#?fY1ciFm%&*WZ2 zdcP{mLvCEo4_Zz)?jP418Q%^wmocnR+^eu@_$8KqBy-V>vvRu=*WvGy|9Ma^XS&u% zPhzo>E$rn?MysJ#DD67lLZ2xjn;nQQltQd4W*L#WrwA7%2-0bC9p7ge{y*(?63GT8 zr*38Sl042ilNfB(zGjO*SBJgW=3_Q;Nzu*cQvZqH?nbkg-AcoK?@ROpaV(xrt2$2e z=Q(>amvbn)+pMbcM$t1Evq7T0_?6ni)?xr;D&+G!9-p11@ANLNe}C-P!5m$lsgPqs z;S?Uun=73>p?JbPjKfwjn%?f7zeW<+BA}`%D2>ZyRqOA~zS6?D)z%UF>+N1uYDow7M=`@>a(`ZIyJ*dvN`@_*=Dv?*;&|0~_2y!KxV$ASlBP={ z)Qbx;-6|5`a5fhE{^D=X=GGFJ0)-Mupc;Pfi>Zyff4e_F+k32tC1_Jz_vyr-qgSz> zK36JUv?B-;lRw*~xjFFdzNv<*jSc8s6kWTTr4*ON=oE4FX@x!Fm#7FTSun}|&$uNb zC%HG4S(!koBfrD4XQQFI^7D((a6QX}E>T-MXB)opdIB~JFy&d{7m)+ju3|W!3bZ?p z(b%1$w)cm1x;7i|nuHdH&$rXWwMTucw%_N2E=swF{^X`r!<8IACpW!i4ZeEZY9c1$ zOP7~ZNzGVxY}cxgRH*A+Tb}48yfZ8iQ+vO}>_?bWD*hm>sj0fzJ)AiPs9^zk zuhpMwADTXl!8*bGOhkeBvtV~4YShY~|kDgik`mqHJt{9=#iZ2)o@ zN9EbIlv|CsJ_-t+>?Qk30IW(*FWs|kjJGkeBe{bq6y({Kkt;cgY&S!FE-$WzT; zR-u~A(<*Lo6?_0^jdZCo#8JC;9-dK)jDcpo-$%k_P0({J&#$vk`32MX zx-$1UjM;fsd?$4C@;|%)&abURJaK|jQKI}!sL2~Fj)>4{75oLEBv-~mwj9;{1VnOf4l*f+)dfIn6 z{yhg&{0&y0`vNhEK>rG1+ihlrSu6ghI#+678!m3uX`kHRD0)AH;qhenhBS{&TX#50K zy(pR9=$5_3%0BHw68C!{)*pt$k>%sh2j{Q|90ykvG)HF(Oq0%g=+;tw7%+O(n7lhD@QtpmgN zvokGr&7$fu1a_*yDBsC(H0rG4XR0O8v=WTCj5`%5GyJ~*Uv@$21?C#nYiIh&36*5D zTC75yqh9ZT$Y8fc>~HphSTJUxX$f}MQP8ZRAMLis`nvTc34omA1?M5jj33#j)JmW31km1s<=R2HLllv*a6VyOpQl&N|qz7}ZEsNgfH3PGu8FW`{E@?8dmC@trsvo3Wnx`cQpbdFFt1?ZpW> zou~N0>8x(>{U0g9e-BMsX<;yEg0top7KDX9Sz(cYS(SguHdVJiaGUSiz+3Nh_OuG& zR{WAmh|g;Jz1!y1dZPK)Wt6ZcC%arVX5*)pIIOGWmNRfg8H@vdF1$vA_$(W6z7rt0D}ejeYJh&HC|%~Zs&gu_-RiG)sv0O%`}DnHwLzIw12h0Sb|hN{m#qZwqL zQSnTDU70Z`BaWocJ6vAfoO*BYgqa0DiiG6t8(n1A%kOYMpvy~}?_+2w+nB8rZ>7hc zDoakQv%5=HF)Gr+n(gigk*J}W1MiEM5lnz*Tk2x3r6@>~UVp$Z@5+|(8k$u^R*J(_ z+*94CUqy2zOVsoh;fDOIX59IRQ4ZwOb1gxhF$)^cPgcdtI7RYx;U2eAQR*r){ zy(0%fQQ6{-iCNV2KZo6a-do48+ihpeSZQ}w_9%cJZl43jBgaTKIW&^1Ce7=G#XG<9 z_7A0;FjU~uUCpdYtn?-H+QnQ-a4c}}FX>T%{aD5`@tUr>{R!j@?g0m~x>Zj)E@bNd z^2J+$P!t-J4aBhW4i0Z*+=z)ded8FR^^hnKsWUO;_m=F^v=MbC8A&-tK*d1mAlU_-h8k_q(UnSBkNQm^L z$^bpjxazGD_gYV6EU@~Ox*t&6+D?l0Y#mU|;*GQp6hUS z&`pw)9R|BVM3-Rf6761XM*tq7Au)Ms8s(;mzqx zj`0%3$Y9q=73;ekT=g7NAgg>m6w6(#rsyAbm2d*?unH<$b42&5h_4pl5K&4wb}2h| zFuW7N{=eUr;o8uEN}2&sm!Zn7hwL*PmhJ1vzTJ4#+MaA;+vm*jz^nRwj%0kE^`sfv zSaziU{`c|5H(UO4>6HXl&0>}!i`-4o@VMiG=0I?pmEJCFsKf2{eFm(v*Np0I4S8yJnoLT8DnC zTR!FK>B;6f>wM5GktzHFl}4=wLE(PT>{X?m3kEc67h@-Ui2woUfLHmJ@&ol+PlUKR zd7HeZ+8q!%XETWFGHEKwQ#HqaAr(QKE863+Q?2x8s4=^9O5oOsd12yr?m0%?y0~eT zG4Y{gi`_Y*TxeNMPqTmIV7ubHv|F$0J`#5PpdLS?=`aK#%Zy)feJ35mH$CZGV9Gh#wrTL$aVSTe zDXro3vA%fIpN$g+&y(vl$`SVV7!<)I<+X7OmYUTMgt;_$ZT$u zgj%AxxMQ8fjZvzrIN9eOK^Cv1Ls~vAqBxoZ+Saa6O@ym-GAQJUqz+8rYEgMa>h3E`;56 z`wiji+vP5N!x7z;2p7{ey1R`gX3nbfr0P`=Lzr@D`rbnl-bc{YAeSA$P%Ha;M63)E zst#tPndd$Y>M>lQ>-s>VvY_(Hmnir-cH3=HDQxBpL`*u_dzUN2l}@SC!(n2hk;~81 zIrwf_J@T5|7X1;#aG-}WVGQkjzMz@&>1DZ!(slq*u<^q6@oLnKS)Mio0h&Pd83_?8I@v=1I#|G^I}FQL@dT zXCSjMo~&lBGKi?1+iv9}th8U`mXg?bLug_B0@PBmVOA00fVFTos5xyWeTAkh_HR+h zf6wIj>)j`1NOH*yG}*leqtFqoBo>h^shPrllo@O*efcw#aoDVOOn~1OTJoVz(sb6f z__{sd>eDx1xxSbMly-7}pkr&>)8zK;4RWMcky_mc!4?kJ^=G!*uipek?wYQZ?zLj4 zs5wikA1^AURO8VJxQ7F<>JgMW0QvL~X{NsX&6NTI1)tVQ+?j|L6xF@0(cH14#6g>* z5t88p;82&x?{iF)jN+Mi4n=K0L6XNo!YN7+DoI%LolwBw;=uW{(wHS$IETGir299e zjHC`hHtTf;>^raLUvE4VaK|M1g@-Nl-TNi!6bp-9?wZV$Df#=^?afFL3iu(qf943? zR%$SNJpcN&DIHwoiiO)&#Tvk*ND3wQvlsuwfr4jx+%!y^g_EULd_d>;jH4BP3IOof zfa>5j`rJ<=qT_d^8V#X({Yj>Z9L9tAh3rnBbj6pHz-@-jV;8K#J&pmDLZhRugXo#a z9QAR9;*W4g+-6ojS4Mt=c7DvzClrql*yN!(7Pp2Vx=qzeM}6yd>KR!h8tD7ZY7kED zzzF6G_zsb0%<+*5)>S{vxxForTU-)6nkic*Hn<7ZXiF83rW}crBNlX8-({ z)gSYA(8$lWr<0Awizs^8 zMmpo&?_au=Et%dovhj;*UwXv;o*o;s^>+DNdPbpK<+I&kjermDrGgU)1)dOUt~^V1 zZ=A1pO;oEfBpbPa=Ye~6bRh#8euHa^;Sm2+6dDzRHyKC zUcXf&g*E#?_i$h79{GVAWDPUtvv$(#t^jx1>Zboli4y+Od>R&mFO|bS^eI}m%yh+P z7bueF!#V3`jo+dn1YC zzS0pNR^f_Bu5i)GrviVu&(byMpX`50AQpIux5ez#EDOLzmWGuY+^ba={px_jTbY}- zHi`wpg6xO83ZK9h`QRL>Wa?g26qL<{yPJX#Ny$VO4cG5PY`33zCJuGg)o=Bk)g4GT z9FAU1LGC63HV82Og1HjvZ?P~@de1Mgh(l3gsDhPv(^w+NJ<%u6dsDdJ2I5hLsg#Rj z6t#J5dj%=w8sFVjd`1jGz%4Cg>=zX3M@9MoG)OY8H%KVs#J))By$@Gm$Gqo|fQr1A zQi)n7JyRsW<{v>~!Jl`(Tu#V~HrVRR%$+gG&PXu%Qn|{8_%Jv)b1GTUe2;I2$?)Ba z0+%m6S%PMLpWzr5AzD>(AyN7yCWWfjM-dTYS~2vjQ=CXK(4&PbE$Kb=D?bp`nR?7$pvZ-TX>$S&aPr}#7xldr+|KE2a~pv=`!T*j{upYZ`hAUIrI*&&Yc36n3G*Q1)W=&W{g zbsp`)cg-@!VbHC;W_>sk!5>*VfI|st$99h(?~cCn{+X&%@i6^OPj;E#Co6vn)HPF@ zx2MFENg1m@wDiOh>#FPAtd&z4EZo9_u28QA;$p}x81=e7Gv0GVPL#~1Db4n3ndZHr zK7veXtgCt-W8FXTuK#03wGX4RsZ^nhFw>wsTYtZ^McC!jamF#x#(XH`kz0%fYh&?Uz0f?{Np{stKp~K zShT}x%&@b)Rp;`wTI(ITEZ51CX@Rm?YUOh!vHIr&|IIgMGLL==%-Dst5J~N)%rJ&^yhyqp@GR}gJpbTDF^L(iUC2VH)Dq1mVMGj}*}3>I89bx8+LxfJ2Pxsr%;7zUoXD+_2w4TK#jZEi zV|kvMo4W8fe)z1Tz)1Uf(5N7{$+={2GFc7#WUdVU=oMn@W~-+cq&^mt%M<~`;Mc2> zVS=onJ9~EO!$EA6U3^v(Xmq#XHl8nIQTk>N=ozG>9;=a1$b>+D7|MQP8~o4p_dkX< z90TEh)&?qMGcrkz!mJyQZ zHa1{A(Z992vyw^0*#DZtF8KQS01O=!q3U6Gj_Mj#(*s|Y&;|!~~COiD09e0l7 zi05$5{LWX(#Lz6dn8Y*jww!hM88oW^(eH}lzn>ES{N7^&6(k}jVU|YyZ(AQEj25VQ z?HBJ#jz{cAJurml4P{$sVQu$_wpBQPsMp(U{cziFysFd|N)qiu5}EC@ESk@)x>D=w zK;0D%!owU!?49?3SbdT%oUC4-41 zkrBph7vE1|ZErF6A>oXzOv>13x}vVkr&a1>>tB;AvM3;bIlp}`s^|K8J-hqxN}Ia5 z=6>n>V?rB7G7I$@(ohDyeo;)?4{0y7+^J@)-V}jM7*!;(U^10>D+Xs)cz zCjg0)?TQ1;5$KvI+<>U3a}K8&y%)}HUNE5F@cZ5*K4ZwTI(!QmzR`-;nCyYQv2=8S zp_HG(TXu%k)oDheDHXHyAMPbUFUVZq=R3ny#;gW+*Ux{X$L&nyO96dc28l#0nV~YM zr~zJ7rOJNfVoANzT7ewLbeT$d&DLl^DsszF1;89O=jsrD=$zO+EO4=(UsxIz>{BUG zmtJaxHZnL5gNCqMu{7%A^{b?n&^16)F?_ygHx#SIBIi^0UXsj`AJ z3!0^*P%68HB`_JiNjP@zg+sz3ZIFAVg?^%p80AgF$!4YgWbKKEopXU;0Efk4c(rJ( zbZBd_W>dXFS!-exy}WRJI{f_$%DY4y0oJr=tPew~2v7C?@-p~H{5KWVUe~^p-n%~I zD3GQV6gG zAN`#xovG67Mzq?Fu0>gI2T%5swLXl|ooUTnP}7&|GUwR&2P{Y*N`+!^v5|iJy1}Hb zB1*ZAo74Wju_t>UIEM>IQ$~?#Y2nwGxM1RPTBv*wNZ=q**fEaAJ@ zolX>F{YY-HvT>+L`QSI0bmiwZU#+o;6&&*YK1=2q3RM9r9yi*eSEtEUf`So-3fXs^ z<7%m`hsz_>&V;mQkh_}mi^nYdoEj5Snw_U9?5Ri?{xGQDp>IJfxqunv*ihds%hQ(V zHXM;>iLCaa4(;M-2HYx*=Qjr}^4&u(6W(WNay7^oCotQ7rmm%uYpf-A&by5Rc5w>D z8~8mh+x^~yK67IX(iRUv8JO~?zewt>)EU$~)j?U5Mg@%~AqE6(m>aAhG37>EV>lqxtr$BSo5i; z%vCmM4UyO{7{L8yAP`C<3qY`^Se)SujmSHP?-~mPu2280-G1eaOJey|CEUMK_z!sQY_Q@yEZ&fFX4i~f=G+;}`2 z(tuEU`K8>9QKq4NO6f2{`p_Gwt0oK(=z2uB;C*S&k?~R>utD zM?RNQ0OxG6T3v8sW5rNJrbxcX&yT2F@2Xz`K=WAWphT)wBh?QK`WHZyPts-6bE9oC zIMPq72 z%aW!uthJKUag+d4x>>rTWU}f0SQXzWrc=n{%M)efm*5T3G%A_>&Z$@DXtfZpIs22K zo0u*yI{pL~th9Kk-mm*ke6ba(naqC~w!RB(?L0I7(N_o(&fLXn^W593V>w_YI1V*{ zFqcA3C3JWkVZXod@&Yvca-@)8N6&ta!}`AJCpRiIoAt}!N+kHJY(333^WiV>!y7Th z>V~IrKR(}F!(3$iyekMIp_sMZB+ux~e?bYv`HUMsPqDsLN)?Ga2l6OMv7iT2BiOaA z_oEbc{f`%ErZJL8R@$}^Y(w+wjvC+C>Yp=a%72Zswu zarzE;Sq$c@UB4c%m!@@1>9nr9}KhcR_D61wT`6 z9m_mFJrAf+4a7ozW`eD_seZ?ZNXsW1f%-pOxPT&%`{+G19ff9vuGm_GF4=RO`}b*s zKT82V;LW?+))AyoD@*9Kk!=5iIjx+eyDJnc8@{I(^}=;&iSJq@pfiRpwNxc}|2Udz zEZ;iZ$veAM3Zv{*N@mRw!$@gMiUu0ajobP`hmANqYp7)Zy$VWg&wUuh-J)_zKrEo% zax$_$3nktw`;GF+5G=(&*UXErR-Fds?KWL3pmr@CtaL@=yviN#HvYEJpIxhH{KK7F zUow@y<^CF{SoNEdH~bpDPdcI3Sj}~%`5aAXsDk3y?c_OJ zUVJ}REH81DE>lXqs1^u{$E5Wu_)S<3u8!Z^)HiDkA|0*wzK9e4RfXD=9XF`hj>N@nv3}tx?t%#v}#4KNs5HN7!Mh^ zAZoDR5&zs5m2TQ%n){MiWM})cFztZ-hq{*6V@waMZz`&0d57e$N0@nIES2|_V zKq`Pa{b63h69+Ty*e`ZQVsIVd{*C^^pn;B987gX%$2;x5b6k!e0!L z7~kopZWK#Ne?;Fy(fBlgsx^b<|E^j$ktZG(Z8KDv#*#NPjXO;Q=PL-lgav)!0#q7} z&Ay#pXqOb1vxDuTL`L*lDoOYBW+JYMxED~-U=&ZcXkp%;I2u@$ki{3e2%AZwbx!*D zJZ%yJCV}!uP>3#7jwOeK(UBRLG{`LPjR|nNJ!m_jXAhqmsL_`zEs>TI>hdt~uK_ZG z!O&8Ag-Xpu;XT&b9;!)nYe*(m7;s^!)aS_{Y7=sj+r5iH-9%RTCU??8) zvVexUc`MGr60gRH8JE+>pTAk=*+ZR*Dh89$GSS&3ntN^>(Jx9VKvg6fvr1`n93$bb z`oes*^5eO3NpL3HrxPK3wdKSK&70J2HtRNn>|b!^zR*lqa?%Pjho8ikIyDSjliyl0 znBH&cYp7VM-{wQIqzmar&vsUmZB`TQ2?=9IBMu7X>SrPNu@0F%U}@>yOXUmr*=fJp zXQVZYcIvOxnWdtk+uR+;zy520PKJ;`Ilk;OcMyi~doy$M%#62=52Hz~d&4UtV`am! z!hR+tjgMxVH3&4CoP1_r+(=AT?>=l%l@5NVqr{;-nkv+{KVo2Bq*@Ef{9%Ys5Xe8^ zhgKVZ;y3X4Hsq#YOZ*Me>vy6eVRywC4Glcof*+_qiIoxK^Ph}_NW^poj(@o1wt>{h zOXm{J#>$`!JL17=`IY#NFp8liK^3ioT9wp0X~szhatoGUrBPFO5{g^+A@N*#s1Tfw zPcDuK3DxSEMJ@*T^1sl56frty;;15_Sm=W{8Sdkv-?y+7A``}JHuT5+hh5~sNIFpbSTyEbJs|(1>JAU zwf3|Jw$V?Ga+HN+Q-p@;Vs#athyTWMSjiyAnc?Vz1QI@1R`d5J*!%80*j}|MGQ%H- zpNQz(Z7%l;utv%9<)(vishS;1+mU zUbS~Vl&`s4tsq*|NhPyrAOt;l^{X|38*^poR6E-nqz9{Q2^Eb2j#;|79hfGOX z#NbTxZTvVKYQHgPI#bX{&+d9HX=)ibdi*8y;hX*On4yL{8}fIluE$t^0Y!OM3Vkd@ z5gV8=wf#`!K*+|)`89?%Y@9h3X%jHUq?6w9X*8S-RYhW9b?`4dtc{bf+g}SS^c_tU z2cZ6{qUD>9zUjM0$02HO?^agb53IpCn#})PXh&qaD*#M2|52__C|?)r{avn4eS>Nf z0sTk0zT>_2>*!L^h_)zzjeMn>lo(!q{8_AwRO^X9769zCr$%O63?g!>pVexWPshe-gA-&x%XAXAiIv5o=#u}h zySI#sYHR<81yMmn8l+2*Mv!hv1?g@T>6GpekS+m{?k?$W>F(~1p*#O;Jl-en`<(N8 zUO#?#F*D8#o4waw>ssHsdR1_MN>mtkse&5Dg~HI-^60RCSzYR2*Yd39hu+EP!)4x^ zb-~S4b?gIwtX5V*k{Csr1_tKX>or=)L~$f3c8!xJ!(}Keo3?n|L8o4=ql?~2^_Z%A zOigRV(t)NXgN1qGgqS&@@z3JO0FGOBzU(&^8LI;ianhrekD^AWJ>=!KN;s59(z%A9 zG3yM%$+Qwp67kz7^{vRxrz0Wtt*o-1Cumx-wr;*bmfSjwf#fk7)F&{%YS;P%25wt8 zQEa7?*-6=FUGmatPX4wAZK^5LTr8444qmhQea}Zr0*-1I(r>UtaLUwurw0DKVa}E%a~zh<`jD!~F%wYb(iZKC5;-U4ztZbe0(YHkF|qSPZ4H)6sRL5sI1V1P z8nwfP2?m|%G>d~k1t=Sg?fu?#E-9tGT%V910z2hbf>H5N3G3!$H;!Bu2#{0< zKG$VDw`A$_`CGW@N=GGK>q~{4QD{}N-kICce*5;jNeP;WRb#UL0F*EHjaaF9eJi&Z z%mT}%nJ}#w-_(dr1SYAHwzl!$;xer$)44i21;v{oxxKt{`F+x{3%Qq=}T;hhHnCRzv3gANdP!m^3qtm96Ee6)2n z{+2B#L5E-iI@0iyi-)7|?mOFIiN%A4>C0=s$qzDfk3RZUSwZMK0l|9zb)zU45f7y+ z6^8yJK;Xp_!DnJY&2!7OHP_;_I%AMaH>^xM6lE!4dM7#mb&3m{PW1`71MV*YLZ>D~ z@4kD?wQ@38>X~66wx3y&mCqgX0-LCvKP;$$ZEwKC=~Rg{G0Y8rioi_JTyZg~JiyMtS>N906E@N0?Vfok5II0h zP%8{>1zVlJ$$mGw97|6jT@4Km4yG(xlOP9!Aw2Z{KVa5(+{00oQ8XzrDj!KBH{ zMy`l<6Cm(Rm&#GZL?)ebJw^hp$t8~EDDbJw58+&&K2w?kDii%kC+3=4h6M5-d5T}} z#Kcv=eM^CqUO{CIE6%k-sQxTtxf%s|tkE`W=eThw53?**PW8|FNk|_K>^h$GpL%$! z3Jd#j?M&ASg4#3BP#a9}+30~#@qKk!UY4-`j}^rSj~^!0UY;1Jay~mT{{NzZgq=Q2PY6UjQ*NZ)qDy5`Sdh*X6OyR{u7b6-ohHLcqh0ZGn%V1 z5)z-QU*~#TN4bXg=x|jugf$!6JJ{lTWNjW0&;ZhAX7r>4p zyLD=zpB#_n+Xf$2eWrTXGN;t!*9FN(3k?(u*6aQzgO!CkUGcUvb-!~kom`mU)N(b! zRUgD*kmg=51#h8uiFw?2uj*4j-FpZ>XR&sY{?PA>hN+VvzbTh3 zBpvK2B2@V_qjheFAJ`{RZLSGUt2bQRHV=(JnB#1`kPv@mb7{Y|E` z_Qy{JhZ=A(=pX#}m`rrDjy4>JM)*`($S#@Kx9h(5qokSo-Idhw3VHzHpg|z4=WIsg zoyu>*U+B@#ScEflxAcNFT53-a#g< znL*Zg&ZLUvjq=Cd2OOPG0?s69L$Qvrkuk|{qOS&P_yB?zvfSRQ?fUpp z2jg>X3Ty0W`2_{Y`$cgzV6u8$8KGa7A(@cgt5KC@12}N$7C+y<6Ql%&L$UXtn<}fU z4F_yz(5K3`_AoW7tb~u!Fe?gqlVZ@Mz1cMLd70kV^%Gp}Ed?_h9CTsRdN%qa*Ka1s z%<(pchwQoGx}qlLp>1Rus@D5VBd-va}_r3cQpn)M0O@O=UyasAO-gR24on~wrN zl)$nz8=e@nbg~1sJYO;G2a%k19Q(&lRW@5Bt=}UuYW7n&^+}UzIfx~ek-v9$)t!a1@Fczq zcct=e!y9_!uHK2{7Xc+n+!YXI@9a4{+s`HR@y(jf)Jfz`m7p8kgoG-x6A%$e^~Lka z_4R3VcI}V|ike4MaZGAHetJ(VmhGAOVfcBcz4q-F{_*W7`MtbP$!@|;tz{B^ZtpLS zqN=hVL+)m&xYbh@mpBCFtp%GBBjQk*Yri-@&A5(PK7j7pKarV76|??UmAbiI!?zoW z)zvMLuba(Qkt<%kXN(!f+tX)iV#rWAat1+Ci*KI;LCG3vA&%zmN0cW!r;BO+R-o8A z=!g+j>0~ab2s%6LyB;=cAf5;ZSB8Fh3nW$)3{DCA`x$B8^yUNJ#IVozmv)5Gkxor< z|NXsS+nsHW5!3xIX-D;1Wq^jIMtce>gh68H5V`l@G!@syMYquM14EsU$!vGRWH};6 znOufMhNu{&y&}UQ79nBQ^cA~siYR&AOY%9+{o@{S;9~J7dh#yQX)m}jIEKw14^zGM ze9{`P-LQ}dP$GU9RHUZLvAmY5=lkqZV9~*{##h<#Pw$a;)Esjh??<7|zM{l2b&_#e z?`9L{cfAsHd~F~0vFQiZCSG8+`q$_~`=30_xP)Yag$I6s+UAHEHFM;0c(FIyxWv6L8?n4!^D1NGP(ToZqM z(fOURc=7Q4O7_TSg^pgq`LD)S`tbjVGK(N!&?@t*P-%bi86`tvPZr6KHIqKs=Fsnr z{r>dy?5ysc?_vv-e$juUzc?sel()c3{XX8VqSE!&Wpj#ee__dIK``^c^(KYeyyhjH zD*3GCs$(Ej0<-F*^>O1sSwjg4Z#X4igVVnVFp`wWVzybwKnBBF6tef!mG;d@)(9xK z2Stfo^ex^%uJsI<_22ScEH4EsFyiycz5N(d=r}puI&i}M8N<|qQ+GqwFF?J$<0%k4 zv32~A<_B9AD*VtZI`Y z92%ifikN?lT4Dq&6SXg100KXZwG|fT5@mk3Ooq%`CbY@Rnt)gFYfM6(x>P>cQqYZw z7=?K`hGRBs%Efo#Rkx~_eF&|fk0`S++paE|)Ju@Pb#eA7pt_OK{2G$e_%X)Q6K-?J z%&m$uW?Qt*iR7^Lq)S`LM`0JbBg4JA<{wa6VnDmsHK=(%#8)mp_%OB*sv2<1Kz*g) z9#j0bXtPRaAI(Zo=GCEWyx=UL5`9c*{Pqsl z7&6VyHUeV5eGKO-+p`+Avga7DvA3YOYvd}$;y(6{(M{TIB22L=l?gjD%- zvNK^+j)`+bM*IMlimX9Aw)Q}bGp=GlJs3D**~)k}e`38;+LG&c;c}t+i_+A$4`B0O zyJ=yxuf<5w3OX#e%cMwJ^gnSqaonA~n{%%e@Vi31ofa8v5s^=CZZ0cE#&QApNUX^M z0Sz-noL`dsTvy$!;RXR1$BE&qi2wcwR4k;V_@YKM1y|qqV?J423L{)|=;of6!=}-l z#0x{kEu8V+kp5vs{?ju31nP7Rfj{_zzYDnl>WLTZ_i4>vlX&q!w)egX>R~( z(~twrz#k|~47TjF%l^hpWt~gOg3kY4W(o?I)c<{J#a);fAbNRDa`w-&!|w<1+k*}gs8u2}2?@U9J`5b~ z$H1jK4A4{4fC|n46af7v?ZsdJK;n5D==-Y$?|Z-GhmImYSOn;LxyKIv9{XvM7SBJ< z_djg$etW|gK|o$FOAF$mm?MFYRD@rnB4pA;`Y;jTZHXmc*;r)Nk! znu!y^h>;L>hl7qSJA9z5;@$~)FYsUI;h&!V<@~@;=kh)7xr&i>hc%O(-ej>lSf<*- z!&P>f+NbG^>{C+Ww7z)b7aTkmVQ-lJp#x2Rg>N^syuAF|Vy{NE!Iaq)k9E~IZ1_}a za1gSXeD{Ac4u2f;fBgyIsX2u^D6(YyS7E{@y8P+2>I7!0PMJBJ0{gBhpMOWPU+W|{ zUNoCcTwhNsacLGwF~K)6vyw*iGBBybGPhGNWofhhO{}7Avjc)qQe5uVVY7nHed*sh zUPw%uO<&pn6AvgLT{lF#2q)_NbL;uSq@(_8A=E-~#f(Vqa};lap z)b-^qGy8{c`H!IR-X&D=&Wk_re=57&5YgfHZofpcAtvUk6lZIKKH8Dd_e-P?CxyUv zlq%B*TjmI8qza_~U^3np$CjX&>oXJ`mIAT%Pzi+!FJOH|qsA?qv?GOS7Cp9g*Ff7A zl1+kXt#OQ>P-dL=;7u@))Zg5F5R+Rj&*-ENuaG4>kvajono%a&8-*PQ<%2^V@EqWS zXAc7R?`UypWJ4a1UWBuVV=?Z5>Km$W5krJ!+g0bFau|SR+zopsHE1K8c)hnkcCl5E z(pg_G#K8*&_BPbqdwC#a_D{p?_t)t~8phZdgg^ITYZfX)8a*Betm{ewq)q}~r~6wd zXgbYLPH*-aa8D1QYK~@q z7fVTm&*W)yTc?zo))08BIB9)G{kpmh(6505T+zfS=A*y#96{Y2EB7TDl9)0D76B z?{lFYK>ybn-OU4Gxi2B%V6{hZtv4>iXe=Lk)Mwz5h^10o>pm`N?TfJ(Em)skitbgW zkql~Y3iKS~dgFOS3F;xaIhKmhJc!U%cH+0LusamyIm(6HJQcTYgY^dw&lN5M9^-Qg z0VXMBaTkM(uYS|&=E`2R*rrxSdbjqH9%Na49;6x2LB{9K^a~HfrSY;h97`>qqZhk8 zC6dqgE(;}hS4%3NO}3rO5jsCO9~>ZS(?68ri`i7Avn^@Jd$S=cU#70onWKK2AUFO^ zO?5<-_v-fZFYCEn-;`d0i$JO2Cz!Me`MH&VX z^;D26muU~Jy0@YF#mhn=so#g|-#&Ou@!SN+tTk&YP^ec9j}-`qYxD3JIXOS8mWruc z$kMzS#Hnq+`u;KQRjK~S*Tto!z$j(f;?{(F{>gMF+6;G<4%;*ji){J+;yCvs67UWp zOsldu8fU!77c~pDEve|s8wqC%I zfB|AHazARO{#MdM@H0+0DIzQ}u$qJV&x7>hf0v9uzheFnhHBm+SxA3rg=`lfRUob; ziB?lnzC>SU^7}_Jh0E<1`wga`<6_Cjpzv3!lP2jCmn0v_B7T;CzXMLD=3d>(u+vGYhKId3#wP90wpYczj^tDY-2> zDTrej{EDE=nGkqPTz|JR-+JnVlr+5raAv)S=Q|M-;zC^9wmY#XY~x10gO{hfa_bfQ zM`9OBnND67KS&>8(I2w@5)ZuMy1WaGRcW&$e#-~DLv3Ddweba|;PUJY{z*;v1rUV@ zf|h)#pfr{N@*Ra&vhdwwP1QEHl6?^ur*j3Q`Tj&aE<#9n&RM`;x^%(f_l=Hc-*(4r zs$33url2-?T*`DDtB>n9HV(?QM!Eoy_F4`BZLY^ja#3I;p)Ag8Eiuzet@ z3Wmc_@ZW9X;nro_dHaA(w;WwHykR$*Eeq0qje>z*%Wq#16IQl6PC^)MgSh$TcxxmD zSa=X$rfD4;3Y;ww^~*kj=sQBL{^nvn|7H7Dksrtx6piy$oKMe@X1e=Mn{APG>B?wyGIymXQ zs)De^REMKZe;9rjwVNUI{?hUmMiuJO9vSqXq?sGSj@aG0bIY)i^BB^?9#;kDYlPPO zeb3Nk+?WK`-&aKd@B;`jz||mkY&f#MztlFIIDnlTz~^v!5o9=;Npb)bUqk6y(rpEt zJ_m%gpElYSXNCy(In8VTM^3|+%v*n~rAM;Q`bk5$)w~#Id+#%q092LIAMB0M^QtFS-5Zcj^g9*qmqz)Dmw(yY&8+U6qJx}}U;~-! ztzwP!XHqw zFL%n5)vBX_=$S2i9Ud-L5>y$nyx*A;Yg$WmjIl~S!hHwag^w=NWc0SUh}_mlH8R1? zmQNA$hBB&i&$o8tUq*0F`-7*}2p5t^<@)cQuAH2(UdZ}j3>g56@&!8x=&3`-p}v@3 zH>+{J=xAHSeYI7P+3&(K{ejmDt;noiLug%SWJxwH${>|SVo&Lj07Ei)GFV$`9hcEhYsTy($lFsnG z%3SGRmT^y$-&{lDTcbaG(_*XOtg%;uj@m}gp&c%goMJbE2ktJzdVPg^*%c`=v{j&o zjqK@`OF4J`G1rtoI_qRhg4GWHCBL)KQJ2=`%j2Y;79(38|XdS zQVp!Oqevmmji}RQ)S+G`Gs+)M_7(&Uhf}lksSBji8cbd;a~Cpas+Xy(A{7Kzegv_r zSvGmmsn@0&1lZzHFZ3wvuXB#29##N#FMvIL?zMeo-AG7^s|9>O6ur|dK4U-@V=3== zrzoHpZ*fYTg{e`uoFZ0amK5{SCoG#v6iAUkv-PKxcVN7s!t@0n#y>#-e}me)eTAmZ zVKCW+l(m1j@b2Lox&V>i4pio0;-cA@_kI7{EpF5Ji#mq7#i@79OZdu8>W$VUy$?R7 z^WFDu(J2C#1PIiirrH)kJ(uTBkPB~4QfPqX|2<_Yf?A}}zbC?I>9 z_xe7HD2&Z<;5}0W1cc!;MAwCEurvXDu1Gx{8HtF)&*jqOK?}Wqy75HOP}T94!9{>d z)rPe`(W@TVtB4yy%4_n6duj8=lSj9M7f5*4Cxu<_!|RGdfffm3e{QIWHnN^BR6=le zjgq2JRJ(AHE)tkWIs7mu4;6UB!PO`s72Nn*Q?``(5uc~m92f_oP|Lg>bT$KC=|2}2 z|NHnmIt=It^fdn)kh)<~sei)~5vA$!U{y$lnMup&M3bKFWRmzZDZ8*`Cbt|_dXuV; zf`?lj&Bt1?BQGcZDUmAdnREvlxu;YOGZiAa6o@%Kuw3g-Eq{n5Pud&{JmBbLcR0bx zH~-VgpFG#U_o3F~l3G0ECM^%7L>1YQ)b6+9`LUbUlLi$_W*U!Y0dCH8SG`34UAR7z zUAy#Ttz+;zOYb#Mudu&=bO-h^+584cAa zWDaE!$N<1Le9GTI2Tcsb@;+` zda9pTx!A$csns=oD8{0TmZ>f?8NT?9A4{%Kp>qlisptB|r+yx(0_!xf`Ot#keK_@a zuxqDx^_eIB_p<8g+dQ|NU+(gW05C^qcs@Y*5lXPk%KiZ!a^qakO<`n~$JepRjT5Ne zlknk9Bb7uhDxAsW_pcy{TC~~*k{*)O?4?yiAZnchEL*)wz!THB%pS{j%C9_msCnUh zx}#x;+b^J&mabEu&#E=@^64A2@2h8>t-l+t>HMu7HCJ~U+yzVY3T`exLRE^X`ZDjj znjT>BKh*=SX&TiM_&_2q5!!@kbr?;HD@J1g%=}!noZ;=N8hZK)aF3BBF$$3Ict3&4 zj{LDC*f<+>XQGnwSf1dk);i?9a-B&cIHw5>NZ@rABdFiVrRU88w6 zUm;BxJU{Z3ML-A*i8gH7GJjc1!t#-s5gynhD&7(p%oU5;9^`0BJPQ3~w&r`j0vUx& z4OdBUg{}s>-@O>jP{{Ffa&qG4al8qrv9$NU%GapI7*JdE_#iV6=g1L+LHThO=!@i5 zY1RU3N;8fnttuZK6ZE<_?3}1pP<8S3qo&$H?Lhp4@Zz&wAb%6K@EqXeYk;ztfA+u;le z47Jf43Y<=7&yOGOw57i;a{xhup!^p;f3Z@&l#fPtG*P@ZT(i=pZ=!DC-w+5{!ME#$ z+LK~BEz)^;dBdls)KJeMP!m~U)VT2i7(J<TFG_Difuh+wZ`4n5suii$qmV1NP*bnQ%x^h zbq}Ut;8cc$y=Ik)GW+72#E4P-Vi$5s~#%nY_F6Tj7h-Jvpf z8JPcDeE!cq(E5k2x ztSxwp6765O8qV#kSXWeT;g~j)ZUMRq74f`eYN;*QpltCLEa0UriihWCDaZyuU`0hj z@{;4eFRb~5%-I!3IG>gax$2A|<7e8)O9ouFWV3q6D>k#)H>C4ntWX+#JQ7TQCo8_Q z|0nd$9dL)i{kW56V>qpWR^or`)M28D0_PUXc|vU+-x%)_a99NNUL8sua9R{A0*rkE z#-o}zk!0Q!mMw6rLrf7w#wA-pQLW@JQ+O3+sA@TBmx;_r$6~_KOOn| zNzhAteexJjvD7kErp0fCD#48RedsJek9!{LAOfN<2@TK?gOau@3p2}H9cTwWEbl{`868u!J^pE<7Vfo>}9YL_P_Su!5?b>q$#+IpCc zPSlH8GvCC({T6;Q`%4fL!bOywoa%70{T-c?gJb~UOPBBPNL(l_S@J!6 zWGpyaX@L-P7Q;r#=|Gh?_kBPggeBn-3=6#b8F*_@<m|m`@Ez&tU$&Y|BCUGe1N>^S}JikN3p0VEue{V!76n z0j6LfRTq%|8>9{41x$%5y}^j-NaxCOnh&SF)B;s%IpTwX6Dtk!80IhFx*twExQqoFj^*pvVAUH>2!Kqin9`Rz zlTQI1JITHC?VlZF;GVC*h0&U;!NB3ws%Rl4z&iW>pX6f_*ede{SnIP3wE>%7%GgDH zxno@BQHh~}ld4AA4`9ngH~;Ez|`QCfy!9ZuBcM%cN21Q0`#xD20~PqYX{PLgCS&Q`%SA*o0A71 zke4E8pTEHc%AxmJTu&;5gW{}6alW+{lTOtWsO9=w#3Q?HgH)kYlKFF(VpulF_^)hP z;elU)vZW)W8dSWs9aQr(V&~bW<7R>SAL&Qo1wCGTtTDd-m7J5AyL8al> z8BQfpdAN*a#s?Pqk<2*bcI>_c#cNM!4rq+)g>P?MH9t42+3D^~inc3JWcp?ukk|O# zuC&t>N5Yq%gZM~84GZ+jT1y!aA|rgbHC8YL>M5b&B3W|r{zeb)j^QVxy=;}-6C|SD zV~UcWVaq!s=2EC5ZUyyvuLSE&r|5ehXgg!kCuZud&k=InGD8eC%tfW=|-1J z;sePA!kLL-QTjv*oa;xE4&jf(akJAC4gKKXQ(}?`NgHOX-2Z`c*iWsgrItsnkk*Rj zE0&{gA2EF9T5#hCnR4EaiFMrNu=RQBvUd2fkN0x>9b`AqvXA4ke9S?Hc9>o@m(m0q z_K{0u`>x_GjS$WpWGW%AE`FcC2c=5Fb7rdcQjKRyang^c4ELze+_bo@ZQ(4B6R~b_ zttTxn!Id5xLem&bj`2`a-WK354)=Sh~}jJt0N| zij&l)_ZHD?O1r&>Lv}0t`wQqW#jpjK@Wms}pgPTw?RD_Rs-WAqf zX1?__FDlB_#|VO&eS4-YFV+1nBc0F|=dp%Nj#4@ONcJ)D3~5c5OSxGBiKgOO&xzta zQ|>uu|7L?chSvN?% z4MghVWUAIdf$Tb@KV@3>d*a+S8|VZM$Ip+p7t@dj*~+6TkrSO*kH}Ga6xjm8tdl{s z&nu-!rvuPDYEgGYCf^ujhnV#mSHg-Z4nzIX$75P@@>T&~#fR&)*lYVUL*)n&cMRnV z=nv`r{f&xO=>iX(2K;a^C0cGQs^tdnW^$;^PZ)0QQJxi}$)X9nIBNzC1{PaN^as$$=JKyagrU6T zKmE|6e&e(!Rlwf$P|1|9Q?E4Mz4#IqDP3(76cSeTyd!sC0*|fT*hQ~rH@|iwcf9zm zOc9%eqr$WDiKP)@i^MO_++$Ra3LL*JdaZmc)PA&OrFRDmJ}YW8BIk-(_=qZ69gdb~ zPd73ohV1QY((ekS)4>|`%v4E`1+$q?_57B@}EY>O)JIq2*Z~-%mdy zFH;Wzoz_Nk#ZZ&v{Rfhoy{VG5Qs*v8hJe7)Mn8!bewiNDUSj^_%bq&UYz7;UAHBY+ ze)aNY+M`771YQc(pt|vsw9qyL8+zuAnF?deG1^HY<`0=DZD|}4W5~d_G0anx-BngQ z*<`J6m~*&+$EWE2o2}3K+@Nh9lXpQB$M3PCsh5!Jkf)ruiEyrr%OdGHBJs9-i#qGWdKOLXui9$4a+OGUUfIl-_sL?{_P?#_D**#&lb@ z{CbbY_T&wRdpF_WeI!C^E~WUiGqWI`H~X-+l5un4Yp@!cM77cCE8MOK)37G>GbhLU zq!2C`8rX7lzW78_9*2%z-8TuO1sO4{W?wbE;$1coHkKD^e1=Q3+s2rkTWJ#lWMRvp z$(++?2=aShKgnMvsggeIPm!(Y4ipUzK(%}x^gWZ;dR15le!9l(Gc|FDIQ%luGB&j> z&Z0k)Y(KZMscW*F4AgQGj{E9J4!7#KK=8iqG8(0chn~BB-|3u$$1#hT`;sGbc0CHbPx(QM2c^qmQa~Z!Y!w;%k}D zO!P##7*j<0Q-ZnCo`0;k;UPtWWut)(M4N|wM%xdIHESKdY#}$r>8h$mFW8%aF3}|p zJ)Gy}>>74M7gvWSC8jeDII>?Dz6{7T2PoLmQW(yW$d?tfa}4akwqhG&WsGFX1cJb1 z%DzMI8>aWG0S2-@Kh9~RRVfua;;t z4RWdBdGtcz&X5#eO5qYkd%B8*iFFMa>(o+Ot$6zGQ;}2UTnLTB$h!b;(jVW`zsplE zKUsB*xbzJ@P5hqBLGnE&scT3ktXPW)h5UzL`zpJ9oi425JR@us79;h2&$G&dq}Q%) zOP~C*CW2XA6ELZ#cRv(pT#m5+W>o)uJNK6d-$nQlDk_dZO8UzbFFi!(rBj=2gr!|% zUP>Om?+@UM>55$8Sd7o4a2`|BPNVt_=Ei1l)11VzhwfzI)W`LioSd1wbun!ZYcP3z z0J||DSUa_YJ{qR!vOz9}X-QDyR^NEo_xhtw&Zya|F6bz9A%-(`FPk&Hys!&BiEC&| zJtv)%eGcLKo^W62F(d9WN2M?#+VcK{W&HpiL_kNir%gvUzHgPp2k{#M`UhcuBC&a0 zMRk!o(d@pwH>Vl88J16xVaxFw10?y0iQ#~5XDvuhE{@CtlVJxxuWRnU(@hKOlms=h zsd{KFday5nUP;oAjs%k#Lm@4rnN60>$+TkHl-T(__Z@h>jxTB96>mcag5tkZo6A|_ za^KP-;Xc^_84h~9*Y43I%m&GVTmyC5dKX}wR8T4*C0DswHJ&(NKt(Vu3N>SU*G6bM z6*QZ;LBk-ktI3mg7#A7CYRhB-3RYp*YGzpQ-(KgOrDUY`&-JkXK`zn048(!|peT`9S zIKng)9QxjnA~6he#!0zwPQp4C_8)CrP7-d<)^m;LoXdkByWV=p$Rkut+h^L@R@oXXRgKV5bTT1NYqu$fJe zCU@tC47?xr7i*J@1Njgq&yyJvk*)0G=7dnc=C+#%f54JT)J4)rk5t&G;nrlizg_#R zpMf+Mx4!?C11#=IFZ_jwP|gA!J?m#+o+caGmdF$CVr9y^i9dI1F}~}CEr>;8wL2Q2 zT4MeNc(sY7K&QGdD-ah-cf7v5IE(=&JMhAj2uc}&UWRxMOOekjLj~71mwRd4aHe(r zf*L3lg|UT-jd7 zhTL3AwnENeA?Pfmq^y-fz=I0!9#hp;#+gv(q*4@cl8!h5>NF8K3aKyYx|nqvCu*;! zO51{F-7b~hDK2@2rAT=elg*Cb-N+1;Nhdu00OJG}p))UjemGOPj9RJ40`>Hlp?6b5 zb7fZ$0S6FzUibf11Ur3rdw=Ta$iq3MZIX&<5%B{2B%h8Z*|(R)9TH^ zKX~wSWmmKV0{g~{{exhQ4m4Y_n7)L*klCYUcVr@Jp)3{s0TGaz?G;Y?gp5dEuI(Z)ud zVtdCWmxyl@+mqSb2jvYtG3Q5Y)t;R#u=wt~BUpK<1}WOf8>pxRduw5Qa*_En5tU`9 zv*TdhZMZKH&+INBAmG#7A#&s&&KeYqCs=AUmM)*`#k@U-QLz1ObqHP8Kc(>2dKv9SYJFJ)_XV_!^T}Kg zvA0Dymfp+{nBdTuPoHbgIqOsx#jcpZDIjpiJG@$rnSmiHz`1K{4_1V-F9#jZw(tnA zhiyCJkFh9PAt>o?0mbPVsJ*%CF&}TeWE1$xU&xgZJQDC>$pDv-sjtC6r z{CD7|pSw>1Tb2IKc2sMKviWeOIGcU0e>GUtrPfKrtP6}@q)R1rM$mLsf#@^E^^Q0D zg?fF2sE=RB5pY7ra#chhJSMd0EVg(nI&U-Qd^(9+(AyC9fb9lGt?qrAdT8eM;~#bk zQ;MhH)3@u{Rhw<9N-0tP(a)t?R6LMm-iIMK@7kQ`q1;n~ z7LM{+?}b&r#nLu;l%)m)ytybqu?oi;AVWh7ThB8!1MOoF8Bom}cF8|g7a2+^Ucy?( zPHiI$vpbuNfyt$Icg4jn{*%`i1A{i5a!cL5#LM04;Gnd0*@D@}$ZqcR3|uD*OJJBF zXPQ=JLnHV7Fsb_iflfv35RQKv-hrMaa=a<2IfL;8GhM!?Ez5}u3=B4BQxOEB?Gi|E z5lY3m2k9ih+P(|$_eA9gV>`rQ6|km&ozCk*XMh5%P?7V`o~%SNQ&T81NQQ=9XTI~e zFA3|E0lUbLFnxjaMCbuBVYdV4R3X?9yY!SXCFFBTpGtrs0|GHwm8CSvP43p;=06UsEkDV;&%J>p&rurk`JR0wgGTDhyJW?}`Eoji;0D|ya>t`E zpQ>}tD1`O!ez9LmRbpQ(*pqD<%b|r`k%dUVc9{L;`<}}W8c8g=S0Se199s2Bik(`$ zW7_P8g_F29#V{u4V{M!Lqq9K`5?UXd;_Pq>G~DqVe;n%6>`KMZYUCE1(6Y)SuQ&lj z1I|=Ef#^m~ZYUuAa~+S*&3^X_pts%~zBoQ%a_z~+SV+rzl7&(x@-9@mFqfycWRVkj z_)*ep^k?mxJPuwujvI+LHXmS+iL&R?sHnn2zBiZ{xK8Yrp~wCs59A&b>!tvs6ihgi zXq!FI9ahzR^_zvkOe!;3;)LFkQWWza95%Xi+TjpCg-Fgdw2J0S~s}9ZLQ#h z8=;QVT3^bnX1{8ie(UN}bWT6E+=Hqb-W~Fe*Yc^aWTIN$_gHW7^-IO1A0F6AJn(!| zkMhXcO?n(xmHFG;(H{iKGEr;0 ztxal9UXPinHYtS!H~o3EAWT;nkB0PjYUdIPI9ydIXKUnOf%biVoS*A9hP@t=TwkBg z$=Ut5lVQ2Z@0Alzl)z8brIc+P=_m!umanhJt6`m5g1$|;w%ieB)yH!RpLG0~q$Eg2 zIQGP3sw@eN;eZ+)sxB&Ck`DG!^x5&0v9%JKT6gLU(u@7~4{X+(llN)?{g6n~ERVVk zmV8+LhP6P9g)ZqLY^$>{@f-GED&x)3&! z%~tHKN<)h`Sew}1>DA2c9qH7FV>6_FAs6oq)%_5gp=dH$`K0vNSOWx~nGun^S`H-o zhK9b{wQDj2g7P+a+7MHP5z#m33muqP=mH&1HnpuVu<-<~H`(iQa$(DRy4 z?``7kWD-rL(Oe&N8BBb=fLZmZ_=vt9CdK#SV*Upo9ybGb&2^w6Vz7%L9_VYp^OU=3 zA9={F{pHa$vgj}sPE(0`Wl@Q4UP=wy30@!xnDhU{82;t)TVLp4?1^UCsP$b6WOelN z8cOqz^x@IUG_f0opFBTi+w9M&RdB2^oc0&1>>*_M973i52H`k-X{P$AaoXmFC3fdL ze`MbzGEsHRyuylo!L|*yB2)j#l!;b3k-;1S_xT6s$ug7b0cmMzl%8nD2tRCwmr+q` z!WA-W_9Vy7bSh;5Xz19T4vmeC7<^`B0m(~LZ%PJ2UpGZGD~wW%I*aW+y!1r4>x*qE~~TW!k|8RcIMFaiDmTV`ogQ@^V86j_v>8{t`GL3 zJOKntDBeBaSYk%=HO&0%-VHjTve12Vx!8ENIhp5efWsr#Q&9a-rc(#fov~$7pcy65 z;)nU7=uGo^yik5gS!x`J;Gk7D|3qs1i!+yya#)Z+kmtYKhnejR9e>>j6_^zpu=IzU zPwAtl43;w)H4&yk4V^MSUz8vH_54DRbk6u$cLJHPi32%(Gd9w!6|(8}44sNkI$&2) zv2De+NSNXzmD&5xQ-7=e!b`*7M7YC>M~TB+qpj2dhI{>x`rEMj*wi@}E^!@?u681w8^`ft zJq9Ef$8Xuxr!R!rr^H;nidRO2>*39;ZLt_6LBqF{Dbw1($N230*JKa4Mr0U^D~TSf z>=7;OlmK0!Y(U1%P30%H6E17dpFza`EA{*NN-*3ud`0*JsEb>ANVlM)Y~(}q&CY~& zhUvrc!ZwK)E?f~)+xt@uSN+oUKIVpdSC&QO@odtE54oiprgqo*g9_)0Nt4BN+nMaU?uZ2kTeBs;*F&su)GueZ zceD_-ms&w|yB51O3YRX%i1XRIs5VUo2K5TcX5PcwxZFc7NlZF?u#v-7xV=5P4T~*s z3}0G`ohCN#dOf+02xn>vTh$QwI+n{;u{-0|usb8h0B1bRNLrf8{#ugDMSX`xA(wL3 zs2i?}^Ia{UjbS*|j~}i#_JNwNOI5ZdG6T(7>Jt`4lXE*2GwU?hLRAC9i)mf4u^q~B zQf#;=zPz=LgIx^uPm9lZb4;p(E(|hCz=Wbyq8+SJ>(2CsM{ch$Uq)u_=UT`IQx409 znK7YJzMcQgj7iIE$dA+8=8JH~n>Z0A&m7wzmTomCCsG1TL$x}bRTJQ=hXQ%jO7!1a z+gik4e&HtJJri*_{7QEukRrm=wN2i9R>25FZR8s(bPzk-w1hL?Xl4W2u427PEV`-8 zRZsXVjKF}PqP6k8Kthd2}d10+^m1Xkvkl)cb2v$I&64YCEW z(Ebv}Q^;8J=gvnAeDRJa0C?Wxud>@Gy{4>L^YZk3LI>b#-}{eU)I6hk43|F&oQ|eT zZcmo_-`KPf43@5CBshy`FX1nUo;!683R_r*Qsw|Lz6$i&d9PbDjqCaxtJNc%Xf6hK5E;H<#rq8TPlHsiec65z#Ng85#KsT-L3XNhXr7QJRuTxcavm+*q znSq#CS*D2thXz;U`Oc2(Sq*_>%>bS`QI(>Qfi61{v~r(^2eaJ0e6_W&6XHsNn=I?O z(yKeO*LjB>w4w?*iX9YwvJ6xenbnAF)qc6kg|KnhIdWi*)x#+Y-&#J>)vKu+|EkuS z6PzTI^4SV7M`98ZL&b4}w1YVcTf0YXMA&qE4SUqdMWpKMu0O=Hh=iUD%=N}w8V+qI zf*u!(yZN}+^f!dc`lmU2ch(GY_N4@X9+I4I9*`3D}#ed zZ#GxA>v?CXWW~Y06abs{$1xr=#385f>#%G#i_J~BqJ&vAYt=)8L5}$SFQoX$7qw+s z8Da@(?tgcSIJeq~x4wJ#;yB`Q2yXqESOaa5VKAG6hZ|1dXRvga-W;KmX)Q?f%l!54W%7;u9W7x-%D3h`#b&Xnfnu@*AFBw=|lXWWgBq_ zoGGijT5Xjz;2#~ciJNk;=+%{zkq~#ECFc2h0^ooY{4!{A_GS4gwF;BZLkyHU z*4s${eNzaE1O?)WZfx-77(LC@_GXk&^OVh2)qObON20O3|kJkBWeA%$6s){ z7@|*Z9!-`Q_y=Ri5WoR@2}#Hroav@Nl?Jts*!_r4(Mm9lKfAL2ME^g6S}(?$T7N4xjA)pBhEjLz`6CL-0Im|79Ng^MAoW?fU%RlV$$6 zjC;P|J9rlab^dti_ape52kuu;1=H1m#C!bTzxW*b73UjM-J;r+IaXAg=%eC6>mW`S zgUiN=7nk7kpL&S={+a)N5P}B=%vZd6%yGE?)S%|Y=x46M{*B0!*{6^@;NNRuNuhj! Hx1atWwqwC1 literal 0 HcmV?d00001 diff --git a/docs/images/configuration.png b/docs/images/configuration.png new file mode 100644 index 0000000000000000000000000000000000000000..c68059e23f1a7b48e66c4e68d057255356ccbed2 GIT binary patch literal 140399 zcmeFZg;yJ0vw5kFC;Kl#|`1k_=SLh+1O#r}=3jo;u0ssgl0sv%RQyW#@0RWHOl;zbW z@9*zdclX#W9i7s1PA@L^j*fHxbf^Y|!=jU}Z*B%ri-CpZ?_IvPk54AlG*%-AXI9s5 zuP!f-_W#X}952t@-QJw1kojGIid$<-dJ)wVqbqacYyb9lPmcGehZYArwMII++mpK53p!iUdpmRbdyh`fQhE?Y!~JImyMLD#w%1o{ zCP(uIkr}<6RTCo)qZx*n5^F;6#l?;-oL!E$i`Dufd^pxx#fn)v@6|0jX}k4j(=OHS&d z!9A+7dp~Kd(*>|*<2<^uRC)I4obZ8Tn)Vr(wuV3@u1sIk_P^#a&Art3@JHwqOS5n5 zfIDFks%rI?)Ywn#7@WD?084)Z47P$~9=l@7?>IZXbryPN}z=!d?m11!5)M(LQm)ELp^yxDV^pJ>y;o7Nq+5hK-70m>UDm6yg$N>2KjybDY+^KoHEaYfr`@!Q z3rLG9PnIK%=(A4c*o`sC8io`S9K@0e45t;Mp5GR7KS>2uNe0Yy@6z8ZQz+ik-6zd4 z%njZqC+eC9iEbrFW$05$nKU}B0v=2j0L7vU7c3ZOfvJonvak2)RF6vIw&w8uDq>6- z4Jc%bBU8`iZ1~oV5p}IgvR7TyFZ0u_jt=1wYF+mkz7<9W8H%x~V?q>n9b*iXX^1yr zKF};DU@Qy!qf((W+oxdxQ)M#G_TsS5$wA)i*o{!{-g z1ghQZ^vkg_pHDHZxLWm%y=v%8>q&Z&<8zsk>>7Esq(_afb>lu>79yoHz^oZ8^NcyA zVO?7T{Ins}zwIz;F#B1Bp^Y2}sfldbj{1?G%+8Vl2Nf}pS=Y%x10Ir7^G}WcGar0= zRajo&L^kvN3zh4n3A?lP#V@TF00z@%0CBIO(-_+%y!zepL5{nwcFysz9z$Tu+{D}@-e z{@bIP615|kqIy9%KE|SUIc)9)bMU+aHj7B_tuc}}s z6t|c85lVPbsBR@1NDMV)L|~2{q?JSsTFS%3ItzhW29#C;H*a%~A3uJey8DI$L7rA9 z{bVuco=NMjlr5>83;DJTSxKiuu3=xQglg*1o<=k0sx_ky2R#BIxi%`~Qk+JIf`EPb zK-{KWToc^xrw^340tngvIs`~ZCprDH{CbV$`S>`U^+PestV6{xz2g0AKG6ANGYxow z9iO>}0bFOpa2}Ite(x99YN4j%jv`y&e}oqLL;9TdqiG!{Ze2GUi%?--V- zPP_f%PrszpDrr&lG#z2Q4V$u-6j72j#A>>F$lVBW^d4?5Hvc>h;`R;6a&cQe&Beb( z0a)4^PQ*N&H=d%yt*sSNF{0{aomV1BP8^>K*^oQd!Yy{h1SEd=gjr&tqA4E$IczBW zQgR5XagbN~=ph+?Gc7+=G-}?3@{Q$SB%6P!_=(QbFb={{*`M=+hGN*gDIcgt4Bq*7 zo(QxgYr+I!{y9uSmVZ$M(+k+Kr0sI+j2qQv=m@TY@`>oG9s&A?A1Ug7oc;|7Ce-D3 zyuJ8@ln~n#@mHbci1WWe8nemMPl6;#3qpRXNs$W|kiE9U-mN((w40w}L7aTqS`y0i zG8sfA^9Abfgq=w2sl&l+ix`rWqcvQ%Os-WwDCgUF9R% zw6B|iCL<=r%aYlT&1$;xC%jaCO)_PtY0{R=t2LZ32A>ARF?m)O>a57T(e9GB^I%LK zPhQYXzEnSj*5&wKFQwM*0LC*d>bvzkK6NIqzn zn5y9?LTS$za^x;6TtBhia+)%*@;OL|@~B;`A3xJubNcaZmYWk79-7-P5o!Olc^7ES znN?*ebJo;L0=Gk?#@$q8a=!OJjut%s9BVQ(n$#(+@uD%k)+Sv&=0st6U`HL!o@2`= z$~7-=ZokF9iNR?QE(PDp?D3sTbI}5|>h}8a(JTCLC#LIWAQ6W@`uB8H+(DHeCNDgV zxa>Fi4mOuC1DesJo+aFcQr?rM6cuwx@mczLYZg zT$ns~n55MuX-F>WbFnCh;ar^8WVTWncYVk@5B-E3@dUs@`o=(lK4=#kmdF7P$2<0mUVaSYW&rmS7|pVbj@FvB6H6o? zL_rGDcuVpGdxxqP&eVQb<~D^DC0ifRb^@PtATf9a9>Pf3v;6_tFii0ZS)OEqghTTumk; z>WU|;JhT|*-n8K2WSpiDlRwN76r|4pK6<81x%{Mnuggz+4dbEO zmd$c8In9*K&5Nv#x!~d~JR*zv47=HkAfWM>XU+sDsMHdy`w|^KQZrBtx_=jx0qEnh z1SBZbP$0R|1a+`ex?T*267}A2{XRhXEvPW(Imt4XL_YUSo8zO$i$|dY6Yf2N5fgsl z>Oqlp=ZRj+!Ufz4JE4LH?*~|lrt$O9kbo!UE3GU=gi@3Q1)U&?4WF?(6N5BIVz227 z+!r#G;q*{4GD=b%>UTTEoMm%p)A4YtorMLO#$UQwj#jP92 z@zP-JFZ8$ynE5qt6{qnzZOY?;B!DbH;bw_Js4x6GaBM^$*;Ip$FLSZvsBd0zn9%)J z94oRXtBKf9-Fd!s>pB&E=fJSp!nI>q$g%nASUi9AGKs{|=!?A4+$(*@@IUo*4-`2f z24xrt6ChBUuiT>{3Z$#}8q*SRkO8BCI`hEG+;03{J5;Gy9IGa<6jvOHv-Y&lPc%O% z+9v0peTK;c0UuCJj3O?$pDD|VeX02uQGOa}65HOu?`_%UZ7_(raI}}HECW-I$+!hq zXX|WFM)*69J8tZ91w`w^()YmVkb4EG(3NH+Z@+SDf$8jEH}q@fLGb{6Hl58X zH+j5W6;?BKwlo{%d+d2_9f~;t*w}@8m&t_W`G29+TTakU$IrXM3^qgrP>T5B)~^Vr zy&O_9*;~2}+(+R5vY)yz#oFYlhKyDh=KsyJ;tP6rKg4+cfv5jF{(me1{bwY`6Ajl7GkggebiFIan=}rc(RJRo&xnqB z<>q!_qf{?ZXD_4^UA~oD+M0xLXG;~JozsIKu-YY!e>%84w0sKiVT`83_MXI)1bb&< z&Jzx~KPETMgp_u%6IaBBr>slD#B1yBdNaj-1)_;{3#A=B)s9eET<(Wyr_(Jj=Tt2W zl$OkY_`&!Vtn+Epu}>4fAw+ZKybLpwyl~6#1XFHa5jSl#ttWRrnsQu_sp#ilhtU3rCg|0N_IF%!x2z^clGRQ{$EVVsDN0>)U_BKSmIKP9n&yRqV`70>MpV z+xVvF5~b~Qzl80&3qbbx!5jn>}9!NM8G zB=gv!)hPS^*;0!Uf9rr$^X$803}O5SH!i%?4xPSY(sjCs{Lo_i-Zl#u0}G*h9ak{5 z5l@!7)BXlF-R2j4$4h0YY{#OP?g;(#LgF!gwVcQ)IH&Oa*W5v7M4>1uS<8Xb+fO4$ z4dM>f7Tk&#<)uGMEP6|em|n4II=1&1@fVi?{OSA#0b3ok1n$r73;%usB`5I8Kee>; zE>HNM$BcivUrhk}u+GwvKXb=quf3-d3?-&qW=cX}MO{VH-Fe3GE&<4@#Efv-uDSCN2p?zm!yB>nee`>YCWnBDy*+~64MB>( z>jIYFpNI~LwGZ?En$(VtB;p{IP-3eJ$$4=tTySv;(996`L234?ct*1P4q(E|HpNXQ#Ie3K-qHLj@|-y6^&*cQtbSo{|ZwgwD%MhcnQ`aev9TB9)GH zA+2o;ELIxuV1`YKD9D}C{6rG4Z&#*?NIS1Y*M)o4U^42u6E&y7{#!h8A<$T%O_7;9 z_o&s5#ZsZH&cnZn1NScc3mC9ZBytq0~hrsL?>jq>O zpNktbDRnY;4B{ZLf0{A2(MFZbI`+>3nxS4Y)kw`UfH4D(ZLLQfE^Yo8xf1SM z)%wC8Qf3Z^YK5hdf>59Z)-lohRavI^Ik4yr{W9zQa{f$c6}Wa+s~d?4D;9#f@YyTW&bh#sl6D+5BR0#FR=WD>6kvN)IQ9(ga(~ysEzLwZY7el%P6u30-u#@SQ^_S49F%KdxFM}AkY8G;zn4DJxRnkl*1r}wIvbfFKF!3a*wC*TQz(y|M z9VFo8wXW!t9#p%qTTB(KuVuE9Hrh@IB6SeA**+DIlX=d~!0D7mwjWMYH-S9g_D3CW zfb%2@X9KnDUb0CF;t!09Aaz)gfMXaaZy8a27d?z>zXuYMt2R4NU+@pAN za_hEa1rw)y8XNUJ?G(Uia(-tnoinSB?K3I1fb-<6ha za^zBBmkePk6?pZ=IvN6dezibP3Dve0{>v0`KgzsaOjQau(6yZ zx)|I+u!Ap3PVbcp-0_{u^zaAD8C|P86~#jcNotkg1%5jw&qfcNr}YQiq{2|3G(Jy~ z@Q|#mC$&rsF=^8!y}b?@5#NDTt+T8sLFavKB=BO;osF;6aX#Hb6G~Kz0^mi!NNDj{57m<C-BeyXvBhrix zuRcWbNOXM3@qC?gFv$SoH_ZT69iO+4RY=15vgf-}A=CroiJ^Nd4Q~>d&NmpSG>j!F ziW%m)0;4fBw8iCzzQq;82?DkhoBLSurrP?}0$AnL%4)0kC-HxhMKu-JwcUv5q*Tb| z+6$cW;rgCzXxX7(m#VpLeR$3Bhws3ht-9yzgx0e?T&L_SEpO{>JwA(u6zL501Q(}) z{>9(ZEGDc{_PIBW8=hHBi*+l(XT4~E<0V}T!cE~LnNYwV1ESxQI2MAt-N`@sJ)}{Q zo#T_};=nn_>>EVtRCjB>`$pdE@jm`%#mPk?1xduOhN`rY=Ky3NcdE9FAYQe<$n*{{;8X(>obcHP8ZluCuc>Q;GYQ z4c~o_=PvcpmREZf18K{jdj*PbAW#vwTF?5~ByuJ;*;fFJF)zgA1Qq~OU^PG}xhpnV z8$e->DA?TMPJ_$a7J0#{^eB#bqYCWp~G#LOe=v+=`~DH z?j*R9G2h`^a0ekVgHqaO9X$uH{xet;uU))T>6(ygfU_d}$=b0WONJa=@gz9y)Zktpt&EHEme-xcFS?4-r2;Se*Q~rnAR{Fuh$F2-^|)) zPBmh$Fx9P)6q@+cx6hHsEn;Q(S3$B?L6%v3>Bk%7Xx+O0S?Pv6_4yWM7NStx#NPrz zDCya8?-}5t9P*C!xdr+bsy%mW`d|B7hF{{oHQzAsX zg)FF$9^4-?gaKmM#mV0vLF+M%;QY_rJJ#P#xzIX*4{>CN)kq_7<G-dAM@HN~bc_&k@}W?swMA+x|?>lC5A zCGBS^kS{JT(K=(?ft zndmoxM8m$I7c(>ntE2KSZcqa{cjz>F9@XOTnTB$7VR(I~a3_bS>FgJOOh#P~*UmPc zH5Op$4y#`=L*izW2gLAqu)w_h9{pmVa5(ZZtEKT=A&CmGj+1A?W%#m%=CM|@xU`7% ztqhOuxtzL)-ogD7CB=Q^(f}0;O6TsK_M>=MVmMxrsWoSBIR|#TPwYz~ zI@}KA&+Jx%&38Tq*-=<(?6mWih*85GEvG}EZ4^XSakXHOWCtqA)AX|Bz==jwA7>)x ziEspvScXowud^k}Jk47BYbcOMR#o0(MW!M>>aXl1PYAM{izpT-J4(rtcEh$7dz!eP z09j4Wt1%=ow;iPb{MoA{|3yt5TW#W*0hFulEyu2Li_=hNcd$@P-mTg#dVM8H6uKc( zizmy`ObN3Yg^%5cwsM{w_Rl_IOa zot2j(hS5=&rVKmK44{3MV3a?}(>QK6`j$$yo^r_cj+xA`(kFhKCq+% z<;sabvAoZUNJ)D+jovBf2pinLF7(4N@RU`K)9k%E9B(zZM#kISzM6g}%7T^iwqrG4 zpP{hxK}oo(l~J^A#LaE(bl54-M8#K9(CKtKWa%*9X2=qprDtr(_Igt6EiMoJ+WOLK z$Bar!SmLV@eZw3yCa^P{o#+_N)>9r$S|=!0U@3~X$a1>^O}rtshI-yY)f&#P-Qrs& z&g>}usnA_Rr#t3em^7O5`fWYGal-+T(z*Sd3U#ZEeVyU(ngxMF(W;&-M;-^!5VTGt zJr+Rf!*fnP)UOu&NPs8~`pYm(dmQF0Au;vl*AsX-7XRXR~!qd+tXWJNZ@7{XW za3IW(TI;1ydouv-Ix>dfmwY|8~8@TxQx0A_DM^*ZECuExXjNh z|COlrX(7EnlI-Qw_?LK-6#104JDD25*Y>~Y9~FOd-q+N&+FfWgNZ-9K6w!tUBr}*L z+_V<}c?_^}*|b5LG3S!;@?;CyA}4;c$R6}VVuu!KMU06Vny5}6ZM~(t*6pWB&e@;#LEdq0mpnf%X}a6 zHm723+me|&U46)QE09EVhVl3N{*E{e`@2(5vdUrKhbryks${6E&D<8$>8I>sXt?TQ zA4P)+O)t&{XctvN!NsStA5#d(F8{{soay9(Pm{gEfNHoD0cwNlyvRG12s2LeBW01# z@(dD;wT?RQsDR?QtN~%NamyagQ`$g!N1#T`?(qy28{!Ch_Mu9VjWL#mimwH?>ABpZ z?9{g*Us!2g0#gQci0a(-+d%$rp?P^;5}mJbbgnC$7*#q3zj?${H@qYn>l<*s6WWyf z+eJWDW>uaZEkf!%#^JxYBe`%~p`BiIUO+uF*KjO6GZaCzLw=Fnr{3xcZk&&oJoaKkxAd;F*M9ALawu4*hl+Ck9?|j&H4I=srzFi1kY-onc~}a_3Y8#5MY%!^T9yWh!9t)~0fQ`u0SAkMNN&5PH@4QYGj zcHN2c)!*>rA$vC;XBt0`Z$2Y4dY3yo5PM<})K@OP6Q-Mwt=k}MA0rpLW#JM@qh+ww zq9!1lI}|jdn?JUSPd_D6q;Vq@rF?Av8;x8Q*VSs2I9&;CYOVc^JKfNswzq90CM-y2 zk-vws_F8Qi2$lBk30}l-o`YSnW`iwH)WKE>vuc{NcjsrhNvJPLN>_0b<;Zx=MUfA1 zyb(tZPW(Nwy$Qq;L$GC;$yfp9ydlC7llv&9q9J(^ zqhrAzocsdOd~uMw+f}$hWxLLSFB6Z!*yL{rPb>iIiJXIKx+ixrgmd6ZV36pF_eo8` zkAoP92^mR`c;$;~n?$7NfgU&ax0e!c)!`Gps8&s#bKG+SJKApN*Bl7n7sc%Y;0B4R zRc)uu&IKl6&s^tq&tEM6_?*1Do&F`5dQtHAmQOZ3*?6cSMIZOyq*(}Xa)fJ-Rr019 z+zR|n&HkwOQT%#d-gYLYxBM{dS(4+P%n#HTA-rV4Tm`WF=WWD)u69-JesV#1q^Wo5?5YKvl@8QsX9v?R&q{g%;P zHqqS{FiX<<5f4E&sSXP4&2!Gm-T&e_C@`A7d>Xq04#QW!sIxEIwIeCEUC}h`pMBF; zo-hAxpUnCov_h^%`0-Q#2B=nUPp+#4VwAwdf^bSAlpdW>ZE)eep2TK2)e}JtpDu6Y zLCS!vE~3MWLOW(h*cxP|Y$8J%wuUhQ%^EtD`NWmtJvy(AXciyW9@7yGs6~gjH~)B} zL#4=sa56uj`y$@nu`ZC9!qK1uhy93zc(h($(Q*wr&R{tEH}x6yb#_4$-3wz~d(fVX z$}+bO2MxG6hllQ@6EI8*nCUu?Z7FThz?USWxm7Yu_fKUx`HIgx6=vcUbLGofP~M;E z*eSP7PabC%r%>F47uu1u#JWEGeBEhy7Yvc^um-T7Xn3!KP`M2`(&IJQt*4Q zN8=IT-)aT9{kI;uO)LFRoNatuagb4k?*&#kUQ})8Xrzcw-OnubK%^0;*AXjqXOq4j z6Fm6D7UD#osW|lBjy@|KeGR+1m#Fvl=;~Abz&{NUhQ38~-wC9NOJ&i$%u8GOi3Xs| z;menpkEULKEzL?;Vqwk{eWCHFl?II>P$si7$G^T7dOGNMLZnYG)b##RUe+r8Eqg;y z#rsk=43saLygm!KPn6$sj{$GC?&!OMBf3w@^b%SyBU?*qUon78C zqeSq3co^tn&g@4*>y5|8_DW!D35{nkIrjsN)YQdr>fH@{=T%yl!*g5Rz+2CKbe{8o zpt)vdwR>G(qo^9l4R5j;!|uHHBmO&+>zcWed1t@xrT>D{Yb5GwWBx(Ux0G=j{&8aYiE}`(#xAx1MhREU{v0kPhz|?nkdoz#OZV% zms9%eckcV5j{$$A#$WcfM(~M%b$BADYX8nsb8>$s@(DHOKv)bmT;A=R&~|L>zX1TO zRsvUYP3oCJx%At%8~YdlA8-O>wAu`$DTAjOVyX*3L!0R#IKb;evx)h5;MgGqi{Qyp zbWk7HEg9wg_RzdIx{nR{<5T*Z1`0|iPp}oET0_h4WB*!!K53M=jHzyRRKei?TvW92 z(y{3S=EDhzjMa?b=wb|(m z$~i>a`LGS8d;EcHmCD8B+-onC*cWvopQ@}qDdr567Y9PsM(hl2Ljh!e5Ms6qEpy8I zLwiM9rn18?bVoK7bV*2b)8l3_B%#{TGT+pQdg)=>dqv!nsyjd9i^5At$QR)1`K6%dC@$lQa8`Z_!qyX-;Jem zlk{?IpRdLiU3#pEMIzT;D*sLit#QDVWxA}*Ue~KhRmV6xHHw|r2~?JWvI44`iiNp5 z7nyxDw_-z{l8@>wv#Gf5I8K{um})2<6nd!wmOnb!s9Bat;@w@VrO2rs!Dl+vNlsRf zYLF($awLp{Oj^k|M6;FHf6V#pBV5umILfIyCyKPi) z8<-K&u*7So8cNDSl>c#=YvQ~nU6t*uKT8>k{q?6J`-&T*$cCGyKch7TEgAwLTd*5(COHOnP%C zjdb9>_1ttL&j6`uLBJS9%x6YKOzRMgoX^ug2)LpK%Dt0>CCV+LKZunio@f;J2_~4g zTYZ-wvfkZ^CEaL`9)iE36#>S@{R4-^2nF^I5gLkY$fAvGKnm%=>07$2RtcE)LMb%; z5x{2y-DYZnh#~Y8SD?;J`=m%Bo`iBqN9PrBLLkyjmXd5~J5Ez8Ph^Fza5Wr?Gz4{- zg2VPqz+q7tWP|GmJy`^Qsy|htZ!?%J z|2^DWgJH`8f`W8SYt|@K%odK9|NROg?K%`Qgv-=iox5_-0i64m7r6LN8+!Qb(6(A> z{j|<@QB?HZJC9oq*W)4n1rJX~wUAqMo9Use(-@e^_)RDNIlO?2E5=`px7OU0=v*Mz zWr)dqI8EAW3Pl;e_lgzqoD%cTI@FG`y)85^Iq0Y33C2!r(w4q;zvB z8%P`j-c3*#SpN}>XD?RT2`_N?qNy@qqNM3}6pR;Bph`#!W=WO!La_W5bViAeI85nX zZpPx0q8${`9a}HIt2l=j?kryu!?fPAnUC(+4pC03h{bnF`I*ZSzjI0i8efUgm)J*l ze8}k^bcX!>iG^SbkbJA)GZ_0$8UET9O%KjeW+MsD>7m2~yv5AOzPP%&T{On#ENl~P zqPe9ODBD%o2-V8bl@jQIQV&qBpXGx4VNZC{ImM+Y)vvD2IV#$A)7Z+cn0n1b0=6Mk zKxnnY$Tx5GYuGda8p%jaiuO2-V+G6KVWI7f3mbTFXHVRw?0m7+`~DyLxJ>EjTJY9m zxm#x+c$NFKiy*~KYF(0ISz>IGwKI!%#t^jrSfKyv6JL}`y9q9_!j_%CM(!3(sMov$ z@kVMf%59?m%AO=`QE<9!6$Yw}l)OI}Fd_kbr4X{UxuVng+>iBOyU9Oi@9ZG>r>0U= zoILp|EnORW>VfX}j*Z=)v)V6)az)*SqV?3GH)%6?qmWzzP#GAxfto6kb3G?X_lf?k zBE6OkPA-&4eO(G{Iq161!s|$8;uHOL_ogs`7-XVQt6jb89l^MDZd#A->X%cuD8--C zC`4^&zG>NgaJP9Q1kMh(P%rqtXBSs{0^-_CmqA- zAypE6PB7@xqEK_pZr`s(22Tb?@x~sHhJ*To=$O>(SQhy|+R+3nWjcFy!38ADf!{KU zDbLMo1j4G-HecnYQC8)*zp~iz$OpO~vQB~@FQMw?eY295(DHvk*UygkRuF-Xw>ceC zb+#F=bndGg38=Hy?jng+I&)b-y%oAwCq!AVEDThG=i@uW)Geqt&MQUBHBBFniE%Y= zp4Dr8z)5~;+!%z{&A1264lLQqoE_gbplIGx2Av(dgczo;^P?k-&aHAolf3WfHokWu zQwOhFO8vc>FYj)bm*&?_5D<?UweoX3s6to z;^{$&*XDhHyN4M2*m_2sK@R%p=I%8|n&TaqF9`fc`uHpRu!KLr$9;9IF0ibEyXW9D z^#T?5l_dcs-}GRIsI{E#H}9K&M?TYnfIl<6<5n3FBFzkdKNE*n^BW+UEv8P=`Qw#PQh4$avs{){#iS`Iu1OadW!{WV~WV25qv3j^Vs@f%cMTt zVs6ESZHw4%Vc4s3;;imPFVA2zhk?+=iOWCI53&4L6%V&_F6^%R^Sy3X%`X&G;deV_ zt+x^CIh%SQ8_shpM*;#LW zsP8-)-5N-^3?6cYdVrz#-E*lG@8&z@a(crXJbH#e828JEof@fWN(b#xJ>H9k#~wY_ zH#cJkWrocjjfo9XUhb#cc^Q#e4?8d33NOC$jp`8)APy%$M-hZy2aoN~mlgB7?LGHJ zee93cj3ZM{Zv*G3g3t|DDQ}F!!tX)%V!}oxGSMhF|FpN;=wTg_#KWs&7WuPrapEH5 zge~m}tBajJLI)3{{QQ`#W!i}bi2pAB zhmqCI(AW6E?`lU^$LCzHsNY1P#cchRJu!q%a2>p;CC1e2T5?~cq}1er#vX_hSP=g4 zkd1E>-(wDi9Q-^l!lKZ-BI`ed4K8)ZL8cT9* z`JTd>2|E37{}l)fRh}EGxIf`y_v>hYLj=(IHFTQ&aGy1}$NT>DjTG%8z>*tbB!tk; zUFa+$Jv1Kj61>}m#XEhj*Z%`8D(8UVwhal>o&s;9d|y?P9se(0dW9PplOJw4+jU&x z(o@I=*`NjjNoLyIuNxJR@A=ub%}0uf#|lD^6}G0a=Ho|u!)gPajD=qHMb6s6qE9R^ zS65FG&7;Jh)c}pu;jk9)e5`F9ZJrb z*hKOe@9dEcdgE@rmp>_aa~x#rBEi>rUm=6UL{H_qIhx9{`~JSHUBM`rM;ZE7s;2A|ms=eyYGiBQs7|blY5m`=2sjs-nczHl3 z1aD>RJTZ^`FGk&_GBc~!uEw1U7qFYt`q;?BMOE$9v+`M-Kmd+=zUIgfg_;y-#cmkk;z?~FD+8O-B{6n2OuC#|L z&a&Yg$-$FwDqjF=<3_K!>#~Ev`G;~t9<4L@BM#=))F=n2#JX|PO6}l|mXIZq`E^#b zW{eIj^J#QEV~L8Yd4AliMFme`_N%fOj$d}BJKTJvCLXqx1^i95SMQ-@C){Y5ESqY) zwhND(0r&N#-P+I7<>rOUf>=HI`mw)V!k&6pY)tp0RRa_XDTEoC#sYQ+Pt}Ci+Egy% zb&|exb%p~T)aop;Os^6Df+bZhGOA_#j{QbDNfldDE>22ICu;0^`K_Lk(zbCCBASX> zN4Mhj4Mz>3kD+j*Li2gL>*w)GVA1U|-`P}mZ{qk5(n20%yWnqoO-TJGaS4fqV~V#r z=RfU8H22xoa!H+qa?aQ`RWR7?kKfc={CrSjOHh5DZgN6w%3_>A|BK>}RAVV_**yiR z#By#EI7vDgHmY%)eF3o*gP3KwtnYC~(|)aasLH5(x!nPING4Dtq~Y`+;6* z?-$S*x>Fv99##CD81O@S^t#phz_KRcmkr z80~%lW7>2qc1!Ft75czz854DE2yJfGdYWBLff>TasvfS5Op12nl6K+>9r!>5@`e0s zgpIEf_5JB(+j9c+vODh{R-S*8qtV7Z3L@D~MTN=6^FEpk5hzZbAd}1qx3*V_5%29` zGD*;n2U_}NtyJ4&%zPB?u77T)engJmyitSN{Zn%|V2boU{Pb*3x993{Uktt*2{fw`Y*m)!&#S=uFJ5k+0Irp&j?h!k4WyvT>d?d+_V> zercPlb0PF&P|Gd`8e_Ag0Fg?I_{!7HeNDME%)_WMWe|~omjrCS(U>MV9{jX+AKDp$ zUiSOTCO~%V__x);5d+==0KvbY7PQA<^4e-03M% zKeb@Ieg@;xwsg#g!N8ci)YtTLM4T^iR6p+v9*HG2Fp(YW8e*T0;KXY`t93#EZRLjBiuuR2rLbM&&nZ1Dp97CbY`=D35puLO=97Mj8!;RkXnHA+f{>+HXd(2hSns?5Pg zbFKo{l+`pm>SMEph7~PBihGPyqEzr+5fboGGtoeOwK>WJR!LM=rde0o-%?`#v>{5c z#=(hfQG%j3^>5T{Q4flL{v&A|#EI%?8e5kP%yPC+hM_ZSU$ACv(MenvQWWiKU`^1g zy)6O9ZX!0AZK}n{V<*5pyz;O;Z>#b>d4V?g@8aSaeS@V68TRy5u*;CYNfmaW?dot1 zw^u*y|GWi#ahjazIcX76^A^QY%)^%&W`1QMXjwIWNe*S!7UoC>n38+&FX zWc|)YRkF4@67SqY1I{O;&|PeQ4NDXXupXOe7W0EPe1f=T4a$u;R=PWuD*e+XysC0D1>XW@)ylxRd(0>r_ z#q3Wg$OGc{PiOzt3x0#Idv9sMCtZ==NXyrRT!jejyvu5;Yj^bk*O?2aAJ*zEw?SrNJOt&9Hz$x>RqUl}K>rE3xiA^Ve1w?GJ&e1o<>K1J`}%_PxB z{yjx`d~kcnLzZw{8-bSmrC$Jw9hPhq4-vgSy;3|ROx^@zXfSU`S_yp{K%W^sl#_&o zGx#3Oqsk?Eh~sIr>Gyy2o&Gk-c?7b)Jm3F&fId?sgz`JEN%g;}{OOE7CO;ixZQ-Lq zlt!U}fu3`1-v55nV96DWG+g384$$SYM_bHjis<5eh7$T3?{c&Mc0m2%IULN(yCD02 zPd>|jNU6}d#1m>yw~&MX;SBKa-EXP?rDMt{t@J-^ph*SVqD{^JET7b{SZ+=0*$X!I z4Bzbr3O6TkuAsA+4bFe`{#o_F9H(>tAI9D?AgcF^7RE$y1O@4m?i!>8q@}xafT6n^ zB?js4lI|{PaOk1CL%O9K-ox*IKfL$bJ)hvrInQ}I_Fil4u;H;2TK(b4k!r)~e_w!K z-~3k@D+;}@hZxTpoIByRT6j&ydDZ|2AuswK~nHzAqUG!{#6{aob?BmuUU{Co@Z|F(waGxQp zi%{rta-G2zSfE_f+ALb@5u0JsF|(ZEz;g~}bBSn%X8}hQr1U=@pfjsAa#4`{514~- z=u=_&`7n?NcCS9gm=f^2>&L&LUtCry%pqNmHb;e z{!56sha0MX{}E3$Lqz(E7@qFO&9f4s*G4ljq;Flw>442Z`x+iJER}2rfRa1tQbG9> zpQoiu7FJ@?)#Bp&hhA9oU<#?k01N=*6(*aB-qtRd ziIBr5hDw(khBod5(x*96rJRk`f~I2QHxl=)5y*O8QwjF{`m?waNvDb~wDmFXX0IO8 zmVY#0_q<@3d{$Phz-FgVFOBwj5FS4nJ6Wj`k8mgtCo4^H{-U-1G8~zO*lG6d-|eE# z8IiGzi}nzCn4SB%WyU9Xx(EwyP{9)~PwuPfJ@kPsxS~^G{`pd6bRy?(4B=Wvb=9&Q z1uQ4tLec11X%xw;1MMIvCt+cpKJVPO-wu<%eG&?p^B;y|v77i!b%es>iiK^7);XGs zB+sN3s{(g>S3IT;RB4PH%F?_mq2%HFcApL3R%6mE@RwrQNSeHkJC%oZVJLlt@%^x6 z!T4{mq>Gd;^42;VsoXG@-zkeBG4xkx7ZPW|n?dAsaEl0O1Z}-l8;C&KMwz^HN{tmS z9xJDT!(n4=3Q?i$TtD(E?B{3;LtLB8r9BfomgQt9f9hw|7q0d=lsLr`$JUMHI_>TF zl!_ewY+;UvsogZkQ>=U|XKU)&`LT@cR0oYEo{mrOa8#mD&ybEMU7sFNp5N|;hKhx6 zG#ktmU}2QvNs6>>k(ic}t1R@WMGF?_x%4pel7Dvu2{DlWZELqqxofD5mKVJETC_C9HUG(a)k`wBXEdpSLFXVZj{msEG7)4-{-Ja*@?vXU8kW8sR%%fVO4Vja;_S)>U;Y3M(~heYR?Gq_R+44K2ilV0_PcaIcw-#egZ9>y>w?r7}gWq#k~6MSMRCFSbcn zkjl5vDT6qn_^V$fOEkfJV9S-}_c_Uy^&$N%hwSl+8nT!?m+y%PfTd`wS>|4MX*Q2j z1J5`joY33$JNvuk6fQ=? zyFM@(emD6gV@$gB1N4M#7s{D;3;1YM-7DR<9 zII(Y~A(;)J(+9dO|9-!UdwZG5e_o82%CIO*^IPi(PTboPX&H8>Q>)kDeIyoKV1Zeg z)ptkL)ANX{q=9=5jEcY{rlW0f@l@4)Fd=QAV)X>XgqkRD5HQMUuo!Y*d>(;y9;(0^ z%Q}kKjWH61q0l!L#Y-2QA*+jphY}lnu;6BAtVfB0l;JCm5Zf3`txeU;y-+JW9phLO z3`rG+S#2&N|F2a1o=g>UTh());8#rYAWY{>46@o%1WR<9g$B&2db6`8&<;;^V_a4Y zs&3Bb!&F!NlSrSC-;7(&GAYon!0&pTP@Km?5o>54g|4%^{mGD{s@vuj@!yadmQ+dD z90VA3xrMjq8qh?UeofmUoxiXK5N7oz0AuVZpxukLkGr;S^c@S8HGMlg4&nfW_PnK2kRZ%zW!&VyY;z%-nScWtKX6?tHBi9us}wf5pwAkU z?dL{_@$ybM65}FN4dBXU)xR1X>j9W8=)EZ4j)XL9(p|aAeu$wE#RM5Qkhyk2R!cVl zLT4vBl7p!er+xOVZ!)aoCKBS&@n8R9Q#4Z>tw=G=H8QlE(bhTd%Ot%qCmae6W6}tF zmqIPSNDt>}v{L~#gvw(Dl`Z$_#0E7`&Ne#<0At9N7sx`b#9!%IkJ4M=wB*(GUy7$$ zS>Xd&%d!qe5|(*J@dGB3L%T6^hP$O232dLO{E}0Do8{$DMnbGaKz-d7iu!yyeK8)h=gM=oTudvdu?6|N0n;t^uzLlkJ=ko+@yxYSN z;2zx!PNe({H8PyDw~iZeM^4qG1@NrNB3$#l0N6zkHoB%61p(`+YhJ(jNvxlm8*hfq zMh#z35HZ4CCchu!nBC3t18Mo1S8&=?S_96f?~%5)j1LLVn{S_I1oT+{ z8zv2AKT~?pUVxd4PADQFMuOel))R=A9|Yp1(3Tq-Rerkjm|2HwDk?r|6yu&%d=Mz0 zQBg2+3?t|RG$aNHLnTNusR_XI2!0w9v;woApxq!@^MW_29}omo+5~wU9mElgz%ifh zIN3}*?`_N;i-H+PCo&~8y7C*ah6?d}ov~g&Hb4IR;1`u3*3HeCiF|&Q@3wFc&{2QC znjo9)_lR?nP5NluN@fvV_Y2Ihv+;38|d-Vi7Xp!ga zmw^ZP6r;bB3)X&}H7!Jw1Xu1=(7c5HIhDv$sE$|>Rs5GabXdHb8o|C5I-!lN&2T|E zm}|6s{w;q+JEv$PcHdH2ZSK5^re2CAtSdloxyO0_p?yCy-Vo>f2O77HvUpW`J$Qwp z;Om27mG;Ode7EoS?uR$;7}*x>WwL&I3OeK+Tw^xNNXmLdpG%G(^Ye#cR6;^LN!?B| zJD7;B|0PlfB_atDGXp)!q$~nHRr5-V;#Z9q87%xi(!FB{;z((ZsRu|mxPJaC$bvnrc=b;jjEaHCU|lEc@JIEui~6 z+`}7e8VpaM7~zk@x9AzH7*DG!-PLMB!dCpNmD%gPBZp;|p4Ia$bT$;&lkWma?N3O? z5aXM6x2wG#hh-1Bjd|hsVa#lPg1%4HK=yEvUZJ+a^lxprTsQUh!sD~vl1$d|<28;F z;HN;+#%oK&Imz(RJ0id%>?h&)_-}(9wkP%K!ket)efWQk=6amqjraKSoil(ZzzR&Y*=#9%jDeB<@NOD%b$7= zLScov27TK4gKzoBysm%TEc5%M(N_38h<^UB(!^Q<97T14Y;ufIC!Ulcg;ADiKP=kug&?I#Mb{C-Bby?qtJha$=yWGmx zeE&d|)z1G1`KbfmxEI0Q#9k!f{W7ODM9R>M=s3;k_5E^34S2ju(;Xkji!ixyASOL@-J82~3mk9wcZ9AyT1Mcrvjh=P7AG~~ z43{K<(;ERLS~?qlz2Q}~+mnMuI6Uy^kzu?1$z+Q{y~n-pWO^;_C(+0q3}e4(92pe3^xt1vZhj_Tu{SlTqO_yJVPhjna* zNLs!16!jE+TD-1cp8%&A zQhg|XNHPz6T}xAzss_y9^qjh|1yt=056b+UNqT>%SCjfdMHl9FupSpxVq;72wv;*N zurJl1n66&0A;l$-WBgk7P}N9%gCYS_{zahzoxnIJHJt8|x7tg(%2`uJtVrTS!=kKS zH}b~*Enkf}=QiZPL;Y4*cD_Q=>kk=NT6E{JikG!KcW=+bXqWs92bd^s*95dMuzD|j zNOAX)kF9K=iSCmLLKBjF1r=VjVW}4RZ00`#HYSc_VYHOw#bqAMVe5Guw5OSeT3WUH z!WtCNo>=jcotQcj*n-rrT;p!{lp$q-c;I_4~teUd3W~EfCgO!FnsI zq=P;6vt&y0qP7Z&IH&x|#4wRf^t+wHG=MLnZ?Q1-t#V;oKCMI*r z0?n5@E^PO0l&WQ&r3+-IcHa~&(t+*z5aSEbj8-oX*DCfo>#i>%OlXC2K!u?Q_mPVxTh+ij83FN$91P0 zGx!=FXVVLpE=SZ3BDl$0Ioz_E_@=Knjum$z8u#XVknv7x!TZ~r0^uinYn;+Q0QnkQ zmtM7_*8Lr?zb|$hfPL6o8p?(o`$7x>x+MG{7Dlz1G-#Nj-^UAa>c89afU~i z+Z}QonIL%_+HQ@tR2*dSxUhF2E=heGZu~=l^VPo{lbY~8B6?e!Q%{bL{L;!@GqGPs-qBoQ9=2isict&Wj*o)Ehxj5VhhM)O%`=lnT zR4P!z;dE|HzERyiKp{k+G^ZpI9P;n5qe{m`V|p467YFe@Ed@=BA&lVA;E?|Q3g0}t zTDsheKflh74RqzzI}D(S6>vA_gwC2R$~YCd1$sKM&XhR4kU_2kNUer4td?z-JS0j+ zgp8*P%I7aDU|+N#0v-ihp&i?`CU2)nl{cClhc4kw`ASA08)9C4d-cB_7{#kh z5L>wehtj)+c%pTZSFIIJsoW-`(7D%e?ni;8w^%XR4H@2c<7?QQYZy1G zy%v9OJZ6J_uzIMEM`Z|qaCy9cToPFo)_Q6zYGb&NFHnFTEi-FW$+7^ILog>rC7wIN zFM85?{uf0Y#3KcT4&WO0);ZJJTdq$&0}r4j1e=c`3+H8ZO%(3-ezOQ=c`vO%Oat#< z5YP~(O1AJrv-8OtCsP=F`=xp3frkcbBY*}n* z7WpD9#|5C}N`0ytB?(W;d7o3xya|>bbn872I&eWuph!SiFIY~;KRK4i1j#Q98cQBV zL5?>>pK8jMu8x61{k^!fHB?=$W~8iWM=`pT0V=9clRAm~dx)a>JECCmh3@`CNzV9{QI4VtC?G+gC^ZhJ zg?8)gS$&A`VeikhU^D8zD_*6scLV?h(SS_>&p7QHo}pNt?Q)LBhyqj1I$BW$zF9e_ zTCtyQUVEfZeigxP^F`{!)f+1avbk~eo?bA<%Gh<&jxL>)T^zj0wqXsLn^ywB_p z00WVbh7lRJY=OB!M3%*83;eYzHyNSQeL?wR5?~%pv3?YKiB$ebA6%j--uqv3EC|OY z(Xzrr6sUUT+<-QWy|un|tm80!vyQ}j)-G;C>ZJ@bfM}2pjHwf&D>hMOtIMfx6osxv8 zki}Y;Q8z2(&3ecV$aMTssQXz|h}yfXzvB2#ng>D`ANSdumL@&Fs9GY)h5ItvVZ=mZ zJ=ZDuz?W4f%}wvo{7L#%UDltcV#Q%dN&d?5zRwJ% zMr-6ZkW%gx;?6?1Kgq^Rj};*&8? z$E~%gGSW3wlfkBt-40Epd8y;rC}&#XRzo<6?Dv5;fM7~lh-^127T1;BdYOn|#h>b4tL!E>M=3+$0H;Tv?-K5d; zn_Yu|Q#dfAfVS2CEpHvdsAn_GJ`%>^_*g~%1@0qpahQMIon9VZd9x4J%ZNV%@4H=V_5EvO+BgCH*GQKEQxImK#!yaHqZx;jwPL-@KfvAZ zY$vBujGf+X{xnv-6((z4%bNc8H`K~cnu)ed4_8uc;Xd~Vml*)5sQK-e`bfxddxXHl zJpc>LBIf~i+DKf~%--(T^uOhFNv-IgUeeXQv$y6(8tSkS5V&7@%2qq(^{PPmP$^3L z>B&6vd&twRfPa6FGQ54xQP*PXhxN)I?soE}5~H4;{(rc>Tlkq(Ib1%K3Tb8N+h=w7 zhyVU`d&1TN7uQ>Zod4t2y03aC=4a%u$cfwOcdtYX{ZM3^#}gO+<%*-85% zlXBjC5-_uWA$~HQK$YTx$X&G9_-8pDD2t{n37ngj?lekhay{?7)aHYKD_N$M=Hm{; z&s}Ef8>iqtb^uWk{<;1~aS2m^Xd}voETOx4H~G3&QDDnEm*Tow6>1;r%N(&-p`r_{ zII%#pSNUITgPgt1u%_&l8kPxw(*67R-}^FKgz_ilsu6<5+3n_m<_XRL=Yf4BF^bsx zwPm}CI!qeQfhe^~0@&Yp%Ny1K_0{-#RntOMBfdCgzp(!+ot^b4XWha!F^vgxr#Q)L zibbW)GC!v{ z3h5HgXoSCip-#>Vna957Q##)hSOcuvCnrw`^OD(caQ*1TR=}s*9A2QoUO(xN6?fbe zx`PQ5QM(oIQ&g1sP{_32pCUHEAw3Fnq?giALs0#s=t1g}- zsPyo(KhR?ck^gJCm_`sp88!&QQIPZHLewED(ugw&3jzmNYicl`5?g!fFTYKt=_aRs zXN5Dt=`>$Vo3ZABi@}l=gtziSz`pIG!t>C8FFv_Ru9hZLs+c*}Kh#Rh*_APzV zZzX*9^eM`5c@+^8N!hpj8Zf+jl|g7?zf64B#WO%I@Y&Nhj5INg-!R@jh9DqOPkNO9=QEixWFGWzT$F4%t)VV!DtL(`Aj#z03{li$r^qd);U1n~ z=0Mk&{QqT)R6}EO=GTSfhX|~`EIDYRilhe=cQC6Qn}MuDk1E8QPXhKKNdhngMRX(; zggT&&KS%n_@|%Ejpue+>MB=1O)kvoA72XuHDnCF2c+~j)iXyB&)GZ-Z^VveIq0k!! zK=IHORTg%DAO!r=CSQ4)f*a?cSu&D%<;xNq*|66Rb%>KcMOgt1H=fI5OIBkM(DAu) z3EEs$jeM2GnGw&~IrSp^ZpJG8j=Vu&k}!N4#M)pipMy#=oq zPm>yO{VQp{`mjK`)p`v4^Sx=aYuTsu4r_t2?f&Gn!A20cxx(ajoT0WA|7>Ny`R)|3 z_x%KJwl5x&Ty=c^%L$TuI%N&_Ew^1y|I;gPClWgRuJ+zwrSWP_pso34Z-IoRz7wHV z?)`Y%)xb=TMD?vUJ3bGVxi6*7Zd^hvOgiJ0P>C%Pbhw6z+)p;EqmUWm>Vq540!XqElF#zXjoU z%;VdAD+}F`yEou{`|VOu;!;_!9xy|-c!K`~IDrN3A9^H>^GT1`D2IRu}fhu*s2-j;k_o$7wh$ zC0F`P8$@fR@jzbMGni-8y&kC7qrQ2TSZl+uUzg(o4xJqe&MU88?4&@%L^s9!+3X=< z@v~ZD^CQ+hth*KhV8U{zrDpa- zCj}Dr%4#z8IV<>OfVdRAM>d-E`{+mI@s$ws%my6Wuot#ux}wBPnHh)$zI1brFtSV0 zXr0N#(i2F0SK(#Bx9GZ)VBv>)x-`*ZoiHz~VpeJbCCv6uqQYgD7COQzHuUDD$MS~3 z1N%8r_F6xiMkVOs(bt!GiMn4^T7;$H-iyz^KatfD4E#^Q@iwRc)YkLWhh7iT3vRJqK|AKp2Y^YH=mGaMS z3(9NM8+1Ow8-J4ypjOxB5%iHa8q}Gx8E_^hYff63*JZurQR0${Z=55T&Z^BiX`Zoa z6vzY_N)2`Zy~XT`^ujU;r>3H+e~$fJTdnTfUzs2xzQ@~qC7WVrlD#dVplJW8TO&Y! z$A>ZX%c4)Y*n!1Y1WQ}YD8xRS_sTxO9jghjqkgVFHEDbzaoRFR;I^$`;%d{`K~_o? zcT6OCGS@pJKNButQ9e>;Bq#FOH5&CJRtx$?XIWJM`kiIMZyM&2L@lA%|s+X~UUsR>C(q)@c&sNwLQBKw-ctZ#8 zmiwbhof98lg(ck2V-}98W+*VlRnakNnoRpr38ReYvAkS^(FKe*h+3<`a*xGbV3o~H zH=jf3QuI~{Y*^LDv}qmDTY)n6{g?@euw(YtB6~q%CoReHAoCl(!<#7khn$?<9ww>1 zg;~=)G`EHR-Bu@Lx<`3rfnLAibMC%HH%&`evBmn3X}{4qA5p)$c%LJM^~;1_=E_dz zlUtJ-GFr@1&+s#0mD+w;$4=RaL%2ykNhg(VcrS}#9UYZWb?&>&Drh73{d(6x{DV1o z@TVDD0IOChZQygaM(t>2XYZ!DWG}=$@kHeT% zqnJ03vi(eFNSmtRuV-8&%!XC%cpovPR)}BSQxu43^pj^q?oUiPM%n-2ySV6Eu&BH7 z55M0NSC$@7t<^FYOJUUUl9DP*{ZRlSxFffgslJhM`4%AfGK4Jvn^a4;$qbHoj$}*2 zypBASzTZnm>K9g8spEUqL~od{sK_F<5Sak%SFy9H-Ak+ZDFi()F4mN7CNiuCv}jd+ z&}l|SRwM_f_&V~(@*^Ae&`W#FQH;kZQhF;-;aAM1rvK8GD)~Gw!~eyhYE)&-5qq{^ zz-ePhqFT!Wmaeck@dLas@GTdeDJEm%E^0?iEIqx0AL%5@);Wt!PwJgpnbbjVMqG8C z6dw;CD=8NH%ZoL{P6?ke{St^>i<@1GKK~Ow!4zh>C;WCUwi=Rm(ypc1XB<)i-F}H= z`$<8HgA~^y$I$9fgA?)h_v2wrSLH@3h+rV1&+&|jjZ$hX??&r=rjU8XuF)^-&cd&U zSXnxa+km)~giz3ZY&!Z^Ro<;w6`)SVqT*~R7<^%w_sRje{w8JtT0as z@h;;`V&o*Outx=YjD+!Oy0T!SoCpHQ`9?MokaGd6-aed8)CmzmuIbuy*tD){jfglm zo^h~R-{<(nDVjX?v9R3oj^JW>Ee)*B79(z7kl}>C)}snb)+)bg0H!<^>*}$+^WX0_ zz0!Y-e$>|EC*t0Qt1EcO0+yAuQDNxJA!p9p=Qw@E>fgPEGYY*=+RacO4-ANt!%d6a zxc}})q%fKgzcxtV(L?A~=O(Xq^5P_x#wh{eadg1rkRQ1c)KvOSqOJiA(MW`885djR z@+1)h25t0yM^d+uyvM6;p9?|NJif1n`D$h0HDcz*SIw{E$l>RMnk(&_grczP99_Wv z{E(x*xOR|&m2+wjXNrVSFbopv;gTU*hWrQZ%A6j zuS~i<8Z_b)u)N%-44>t%mCvO0nGvJj{*pkf5ThHXU9^nzO{px%Ax2G@uZSHUQTHXK zO^*NdVTBAvR{9TuOTznD%qll>kic)n!OjqYXodoy&1PJDx7+`MEB$K zw$G-bx!#HcRQcanG+Eo!e|p=j4xVH za2!Nc5tx(jF-$sV#V<6hshY(C`zyTaze%&TgqY=(vksm;WH|ggnmL)Slp-NTlqGK4 zx=CaZ?>eW?2Mu`V<*4d+A(D{6kzeepq4#%Wo+9X+T3S%`kw$v06ivi}v%%EL8erRB zeZ2BHLBB~bX|e_Z-~gh`s_b2eD3f#sg{UiOPlZ!`PSF9?=A^a0 z3L=Mw@!w-fvr$Hgp`(xGkJm?ea>IdvfiA9|NUjt<2MG{GO{`Rd{G|cCV^wc%ZtPx` z+Y*-_8(Dghvo+oCzzo~?!_E$P*aNa(5)0A}fLbOBA*ymhVc*;UppYcKW4CG@!5}Rg zpn3r#+ap}yajl_ttomR1SyYFhGtpgz4lIt1ch#Fi$>NOq??QS`(YsTU0Bdu}mF zVZWxtF;cIrPx^$pmH)K8O5zs3;zT4 zzf0xRL3xSBH-zKTTM9f?P|Uw=Oo)g3@ZsAK zN_>KDaw)efg&ve#d+ZHs9D?WXG49W*j3KNdKC63`T9%uAV9T;Y<>y+hzWU0oal+L|A?;7*suG)%xl0F*K2Y zVjrVCu3vpe6@QM$PH8wBs8aVE=YnsOjHScYIixq^4j5K>{K24@`rgMqz*`d4zadt- zYq3M8mBRS%;dVMui|>k_YPa8Jn@#2YJXpkh1l@eKm2GXK*KcP~Rkmoz%!?yq)pu6& zaLCX|ouwjj0D)#qAOrir+e$qU>v?}LZ?a?J-Imj}qV!rnj*%^r``#I0p3%lf1?Rb* zo%B$6pF)d=|Ej6;P#G3CZcKK;K-gY9Te9-ONL`dt){KCmpmz9f!PaRz_mU*O(!P#a za0>l0!XMYHUfUfk;Obtmabe*I(EA_!u}s!t&Z4|@93ug8{lDw^hTAuUqYSE_i_?Rp z>*?!7tiujB}4%oGRfV4Co;u5OX(((50O(jrriywb!;o7OH@k$4@B( z;O~Pb0dxlhI9sVFBdIFnmd<_0+~bnxsp0t@)qZWH)GwE!Z4-sMxEs(dE7 zkEJ8G%gI9K)L~lY6sog@&3v^IwGm1dJ5W9<@37$QuZLM3ZF^mz{9d@0^8RV>1$Gz))~>-<#VD)q?p#IZ4F4}RX0#^Tsj!1=)Tz!FqP?>CNa_6zcmTn zf5Bonei?>(CjEPR@-iOHKe6?1T46y@@C;)gORmYB*jaA5T?nXpx7#M36klRAB+to! zmI+=&ajcqD1z-(7v{k;F6*(f*lV&%S3nqCrVmxb-`UVm7Pd;u{w*SjkRqVBPTzvI; z(}eR{5h#QmGXX-CJ0fkz*vrCjP|APQ)@`8oaQ}Tac58jZ)#l;LqG@ZK{f^E>b*hIU zwK9I-l!uoSD)Xa_TG{!=LN!h@<0Av&+e@WdRb@ajyavy_E)`U5Y_apPpmPvP?x8%# zRi&NrEVDG2BY0_yV(ABmOw+dXp)V)~lGR4y7$C-o?cLRUjhc^(gvr6DLF=X))~<;k z``OvB;xQCap`-d6bsnNPHu2j`-agig0*5TcrN?6-MI6Cm^{3|gB<&kwRze|#+L=#v zh{SyImV|(0lG#)9Zq5q8idGu`RdnN$hTYdfFnZGdJ?Ut;ts`#Huet>=+e8FDm_P1E zQvW)2&Y~o@-@VS3sQJdtYrUP(5~>W|mXW;uo&P&k9NImonuEtSHn$y*BAd*y|zEX>)#^zhj|-A(r3odOaN>R6z48+!52hu z9vJ^l)DR01DIx+-Pl}GN8I3MG==*55{EV5&-8{~@rkxlN;B&lAPVbhGiwwzYol!;6Ibd!Z+S1Dg2aIY@TNCW=%4F;Q02RWB7Zt6upL)#OT`3ML5geucI07)jgzNr=$f!5L@+ zjAdNjS58hRZv|ntB=rYtD!@ADx0owXEWBM@mL3L{5h-=d> zw4>aOp270qSGqoV%gm3h0hoA5gG&5%?X=&Bd2>&LDtaeebH^^BpBvQpy#N?m&~lGw zg^4JwpBGz;93s6_w;mpnAnvN<=`NmTU_-ou`9j}>0ngWm>8C><%ZJWhQ={z_ghv{6 zLzoSE3~Rp+$-ksW?K^wtJtt=HegFuAPjWMP+9n9&_TfVYBNB}ijPu}?9TlEx?dcb6 zIpVW7aEAaD z^PzmhXdgmD!oRw>x$5s3FOKG2whqULeiqu|dqBUI{R!PzC0N@?^F`B=egzhkB z+{2$I;QqEbo5x;-B>d^>tq{l@Ch15RCh_%*OMLIFIia==h;Df0Z5{zFJCc93@c<1) z+dNm}OniK;V6c)t`V2cTSNt`#pM$PIOFXq&zd3nY# zhPpyT#NLjUglOy*S38Nfd*SdAigM!mn#*IVz9q&2Gf(?ptiSN@YZ1$_G0!eL$*)h2 z_dIASO;*uMF}?54hueI(IM`*A#Lb zzzYEIoV<&Fg~$Pa;N4qUxLm$Vu#er)8YlXd_Or_%Vn6%<+@)rh;o;3Rn8I%Mdm2_F z37!uE4<{$b;1?zTrsalD?H>AMQa#a0UmwQcTzH(+FGppqc)K0fd!#{zx{qDOpLZ=a zi&C6OT&-QImH+Ar@3R3shQkhMk)F4Qt*ZY*zc;NPE#IA9P8SRKJa_3XR$E7N4fxuz zCKNZ*mT}yG-k!>=r$fd1hSfIV4tY8H>oI}I49YJ_5X1mU1Q0uP847v)G=cShY~b~% zVVE8f9TG^Jp6;$sc}m9dc|^&WAv&FBe)H}Nts`p-`p;=({nsB1a9fZs`$I^4?uJi$ zsP26p5kA+MolE zRfD-(JX6y)I<1lntM(nKXX!63xJY3dF-TviEpN?(izzcqlIrvS#H^bY{~~lwl(s)K z)ZJTl{ak#HNdJ|L;ZjCFTI54$Tb}0cqQ}bNcD&z0-LV6d=u)O^T7uwFz-P#Km>ItQ z+%Adt0XIqan05Tsq))!(7ZX|7MifugJ1k3q0lF>jYrT#{tw~_keGRcxBM~~-Bir61aXkXfD+9nbn4DX4Uz@YwWgwl!UQ#+5pOxd zE$%iD=G@^X0!z6OYVk`0Y?2*;=wl%+H0-)EarPV}G47sPx}STtZki5F%vF#%U{27) zSv;Xkxi2B9LAa}y>=Pj)^H{NlhF6!OkuKg_|^GEu#SE+QJzfx-0N0H+752Zkj@^<$@J zhsOx_gTc>9WEZhhE<9C%^Bw*skfAJ$aW}aEw5QQ47KhneA%V5$onW>+rm{mlESA+n zR!o{8_IoCckk*J(XV4%6q(oMQb?&M~+r%#)Yku z9p-8vkd${&HYXs~fr*qJ@f$S1w~^FWN7pLFPVf%Ak+(@&<)JAmCEL`NV{y?;&I!0d z%?$iNDMbFi5VaKHLXXHK<1oNqH1 zvqc0Z#F)rlw-?2)NUN6Td!=$Q=l$bv^YKh-tEwH5x1^r(%8M@(CMOCFZXSz|nLjv- zmFTF8VGX%%)kr3P7JPN6J>^VS#`AevuFlXLR5d`aH%c+07s;qm7NNuCl_NXLLj3Xa zGMg8xfmg+ChKTCuFpHE<>e7$_u}@m$(IewW zoN6~Xd7drts_3XT$8z`Akom|(3AvVAjuWR>@>Jo`C|K`?Yr;ii@2D!OXo@ubRobcc z&TaK5W)Pb>rBL*rh1_XMxN`>afJy(>Q|B`g+U`-F$*(<8Sf^^$Y6X=-@nU^M{Z}_A zD&~Tbm>%~R{rRdVrx!n*Mq=^*UDW7bn*OZkx3q&LO^smN%d+I?m;zFwetV-{z3mCpjUzupGh5 zs}vn`(HkJO=b1_j5m1Oy*^43bSEpOO z`Sme!$Q4>r!BNsrJ8lyV5xPjQQ2CSs#1&&_9n}2MFKiPNpkFZqjdP+Cjid1ySwY1S zi)GYSC+$_(^_w=C;br6OWw|b+j}079o}{GbRvI9vP}%ShP+tU~c4uZZTJ~RC8l-mz zJ|8Ys-&fIk2R6=TS3C6d>4YB?~+q9DoWI@c$P7eXpx@ zyvXxabMD1~vAs9OuD-mO6t=QnR7T~Y6hV4BRY+Vaj0UX3b=z71Rw zYWVI~x@|-K0IL-0P7S4QPqAC_Hb7jvn3|@@P+n2-^@Rl_`h#5^6Vd<9OfqydQ4HWtMSnf=2ohFfCrh_9?Vx$tD%b!&omtwE6Bfdo^@rE*F+f zpuJMYZ>I(9AxqGr0{4M+9LeG>0qP5-xQ1)aJ=Vx+Ae0|38~Bl-toPL&=mz$Q>9l~ z`q&q$;2Hbu>}Nde@8H~dz((=e#FTgCSh?C=K)`o&%A7K>(S+AoTpxtY^>{wpZg{gG5(NJDM zXu~g&NS!e-vJ%Go!pg1v=9Xoa8oByJN@DF5bIW9_C#@E`ra&qEEVBl2t|p$iGWv6* zE_eO(C~=q2lI z_ysZ1V;-7hU7hdLWZ|HS&4X67?mi&UOjX<6`0B{PqF7VUFu}5qokx6-_v5oAHv>$1 zt`MzA+hYDm2n6fTj1Hc_w`cCRr?m2~!k87utZ`OSJw{-o!(u+XkTG2A?ge(vsKY^O1t3d{BcW`DJ-?Ls))q_&R`JF&NyUBdiiRW`7@5C5duxb zjOG@XXNCf5V8VRUo^S03Qleu>ITM7u`gV9=S82A9#vR3Q^H6%wnBuCks)_d;kE3Jq zKskkX*a9q#^66epRQlj6*^pG!jqJ6f!9^8n75jOh{-1j_CWat>a)XiX`~xa)VfW7> zu!a!p2y&D>l$Y|u%R}#eVIX&L;9(Og@C~Qz@od|i>9crztILmB4AzrEXHFp(Y-RGz z^l%{<&Cg8lXNekN>5KOyp9wVM^ZcPn!mC0l6+QXVyShnQ#N2A1G?y5ryg>F!YK=lR?FWu78&-#1*+}qooo!Qyl z`OIhDuXhjtNqfQ$=V(FQ| zsxGinraK&*CT!0;YMiWYdg3cR^Xvu~zdHPJsbfqdyv#r?A;HJliq|rgC!1$MKF?Xx z4&YP;DPzb z9_JAQRl!|tH+|9)^prTn^!#=#n zui5uV@VF$MpQ7hUNoa3k7#NUe^T%pnBGLvXxjuSP&dB@&r+2?1uuM6=6o!1#9wRg7 zg11If^_UPnz@Q}dlJI$T0}XtNQ_g0p^PfY4zu5%=qr2}w^@brDmfYn>_WHiS;JkXy z?5oqq!9Cwo53tmk+=!XBp!H4l5G}$~+Gxdef%+lO5AB~5!5q1t;b`8){T7s5QY!YT>2y5HBELEJ{J=94VQE%| zUYjINB0?NrFUl?^+MvuKvr3k^^w)+Zmp1n`a6p_q(O6$^+f+5LPo+`IT@P4^B|y(w z*n+sqw3NCo5&>VpoBK@`cP*|UkyC>Tb2c$^jZxb6d9-5uN+l9dB zKH=H1za$o|Q4{^mIC13Ie=!49Kj*5_a5uZ=s`$#}o^Xr=;R?h|nmeo_`gTq#1nufJ(B9%!nSFto2u-7GAZ*5sp*-e%FPQ|a!yy~{?!rE zhD$<{Lc_|Vdf{1vPrMrmI_tX+tvgnye7V^_=Axc_s-d;9EB6nSB}4EQv-FGh^t18Dp)9ZB@|L;OMOA+*iPgHTK zM=!Uri`2jj&(kDSqX0LSFi+X74N``?Kib;QrmeZi-q{-ndENlCs`8~VGQJKNbdE`R zY7lil!%Tij*9!rloxj6m4Wqbe@i&w9uLn7Aj5_mRsdtgzGo>FkxN|E9Io&4?<0cK= zi{hZV0!d0T!&+u_mKzDFSvmbx3SoycCI8u-1ZNrCu1v}7ER})QGhlN|6ooTUB@E7j zdrU&C5@M;*x^xf$hLJh-MgB87`?YY@~+mq84PvMJ>FQ!+Kq%Q$rd-q(^`A6Fn z=vHsLAX}Pr!_Q+#y0u3#j}9T{Ym94Zq|KjAcaTCr2BXKitJ$$dhpc_LJhNg@yw6CB zme0?O1svKDSZbXmk3lgXZug63_<^fOXhwk*{{ZKuW3l&}aDN?uy1*D( zU88srbB@hmy}dxwe*YAx{DOG% zWb9Qs;~LLgoNRf)^_RlOcR7ham;S;ap}J-~u~3(F>dJvah>bvm{YK7P>&=PmJEh+8 ze!La42jiaca_p(0tHG>{o-(;be51>`6(FUjjE>IGJ)#!paxvU-rs1aENEsDjz=tkQ z*Ig<&YU9}qWfR{xOu3DpBujHQy$Q#Bs!jI(~ zOFpTfGT+8KIst8XbLzXCbcF|%-wjjRr@f9cD|m9jNf9Zo0LXUOMnY+JBDj8m^}l}B z`;6{lvi6E*z12C6Wga1@7p7;;euN-tW%*GecM4rJpR%we3nbD*XCysdG#D}Pg0sJK zpa+|7x5{cyA38?Ia9c7bkRU_xC{ws`b=5b9Uz6F&C$P{GB=4ONEX{o_Kw?nky)*In z`u;;czf&;rokpBQ->v5+`#GA9wYLCWLgtr*tPP6|K3J+VAyN%wM?rYDV%8dtx$}E0 z%lWM<%Lh5yxH2Z|K?99wDhJDDI+ygUvPs?NTO?pHnc51v)5n@GT=^Tve!30m0sMY% z%w5xLF5q#0IFpKUDPy4hdg;!(%7=P?W6iveH0XTGH0^*aSo||y*CZUp2_kj4Vj12A z`Mjx^ptw^IC9Cgf`LtXZ31{RE*Df76iQ-yy*yD1&Tr?d~1BjTrxv zTl3rbO1HMcGX|##16x?RULusw`^8wRE)PNr+G35JFmC@?K(IuNXsO?1_6E@8mws&w zY3Y^>s}_NRMtj=!8E>*IC05^|COnEIDSR+AW9T2^c`Hkle`(6)$O*LP`+&QT*n;7| zvr94x-YCrHTCQ;VR?0T&Xx z>R4|no%=%MT@mv!&4AbBZ5e-z^l`bw2Sii^zwS;4yYerIeOed%rT2tc4}}^dAB5%D z@B81VtsC$l6PW-5Hki4=f!0?g%QL33G?{_&Wd>y37nK_YO9*7Y^D`UUi(UH!D7U#Y z?)`L!*Ys6Sx{{VExE}=!&7C%x(eNw_On8GK`XeJFbSrpPnJHugRnw`l!0McWtTX3r=!~tt zqq%|r9#3lcGk1QVZr|6fr%@4_dKgNDNxR-o->=ibd)b3k-3>gQXC2)WeKNX%Q|RsA zUCvv}fie3w`_E4ku!msXJMc-Hm$*&*#bPeXf>J zEF@WFsC;Ty0zuBW=u(H>Q3*H!#Aqi+i-IrH<&NaSlfJwkL#*$6Wk)`_WEU+|G`^!I zk!P{W9+rzJ1Y4enSm@s}|E*n5lXOo4w%I zl&G=Twv&r<^_{2+7Q(Yr_I_?AGP<$)6DQc|LfJ2n!ea#P8;NvFUnlMN`~S@rCSN$;Umm86HtIQ7D?u0Hr>z(M1=Xc@>I- zS$=m9ZzBrJ#$-iT?L>~!tIkg!&Y0en-!=KmwKth9C8sIe<*|Pbe6~B@A3~d|}0#Y76 zstMgyyLJN%ON6T{8+R|hS<|Q;urK2uCYnOm0yv)ykbDzh2WNjj=!4-QUl0L$grY4L zbYqlMljn?F{(%0u%km~vK^A5BZ#ZTGus7R(wmi-r$fsQjM1JT`NpIhvR(~rI+$Ew?T8q@NAYm^NG$xXIHh4? znA~&Y!J@Bm{eaxBi`zJv2abcwnv? z?TPI$vb7MnaPjAsnBea#3iJwa?eN&7=2fgbU-sRHe@8$|xhRyC3!Z8 ztT(vvwe+#f*Y!+rnKdI`6X__mnJo0#NF*y+=#l5LG<<6`IEV6><>V?d(#dd942PU)jsa<9`7kk( z^!yLW3bopVYwQcYdaI9F>LI~c&4@W&*NW1YHj0oR)t%0lmBAIup&;%Y#^2C2QZ7iO z5gf#_#JJ+nGj5hz__!pv67%_gM*2B-IUVXlfzt&N zL+*_as-)>;yKexRrEMHk`F#kAjiiMfkVdu%ohivjEx%A9+Fzy9m+$j(U2F&BK78Q0 z%w0hWo8*Q6gzs+{%u)?@@0ONP);(4 z?2Tf<*4wE2qzcprWra=o^9^VS2+YR4@LBmDStYg~sSzY;Vsv*bf3w zERwqz6HVbR7iyJ(#G#7)a%9)C|GoAi@c*m^);yINco$e!J4-bDGx^o}g->?tR4=YaAr}S3S_Gjm^j7E1KEC*MQ;8)7^AU!6s^j1 z?I#N_=qSkNG;%Q%1+V)2wwT~2c>6j9s-ZNPb}Xd~P_>#^zax|PK226(MJd(@q6*QX z5APG)7#9H~z!geT?kZ_`SZMe6b`lrm1KapwD-BzXza>Hk-D?f+kckP(BN<6hpocTd z*7J)@H=`D`ljO`wabC7tP;K0 zL%F3OQ4dI2QLF2Pq)>tBp|6Jzr0k0hM<=$^123~ea{^*L{;S4^fP|@jLmizM&C&1v z?952*riKyLPI;!ysM)J#B(8j)BMq`<+F)nOW#oKc=9yzFQZw)%ep?_=O8q{u1SH=s zGnHp8<8xNEm;`N&Va^&tHn%?O`k_J!`~9`(sv42tFsKZbPY;koyyHe@zFIsAb1A-W zEG%6`;~Ivg-iFsw`cM$&x>qmW1}Vd|727nTYHggsGYO^+Jxa0Tp*D*>|3HM?AG8(fnr|nFLq!Qy%l&%sO{y9j;;UR zD6Y{&O7Rd)zAk~83_IYVUE4SRS3J+R(z>rNy8pV^*#8{b0^uy0O0}i4%!DWqwsZdy z;2rh{$zQ&qZ?y_dLtkxqAE%cLl?v&W2UQS?Q<+=C@LTZV*!TI#1wg(|hN+*=J4D}r z3rtihpynd8y&C11(VuLlO%e{>F#S_4vU{@4Bz?s#G(pU|#?CsEh@j%#uu=%!63 zMfkA6EY)y_Oc||7^?9oah%{rMN($rM-zbTyU>+7*>`b~W?Gz}rQ(2b(sP9=;*W)WC zhHQ@hD(b2aE^P^t2l})Gc4yB~#?W2n5>0CQW8l17Q**4b6Y+-d=I~w94#1AS%ocs3 z3^V@VL`al*fI+IJ+?Us<5W^mz4UFG9UqAmQU9AW|-IG#ZY0o(?XDah*K#WYB6mNv8j5(8z^jp)~fVm@$pa8!3JP7YSpCqMhZbWISZ5x zpBYXG=@ieZ09dIE@UlrNL06G0%cV`ywE67)TPJWDWAwVdD1#JfA`ZviuN1_S2kbe| zWQh!NvH)s}(R8_gH=jTpv^$?UBj3&IRcr^LzM#j3#}^1&LRG|V-d{to`O|R;$T=so zHi&RYgqpr!&T5Z8y+(eSU4P)yI0B7-7!q4>?C=p>NLnW)q@ceOA&X(j?SKdng&g6LqmRB=d7r(4g_q!-^tZ`{ZsxxZKLH!=Bcb}~Ieg%0(Ve_e zmL`0KY2lq!-7%j~ zmCm3g^sMAn%PL0`c+cTGO^47sL%83m`{8^(>ZCKfPb%%Wj4zV!zinSSDs$@(&v(&8 z6d)6ByYA06YRs2ch`>ZodF&ep-%uT#V&4tK>5!@GOsW|OB=i;OLTclg61gIje z30(!(E^Ri?vK__pLTYc7Ju^#nrtnLPQW9&5DY?2*Se}}WrZv;|!4AIFQo)hnIvTW{ z2})V#IVY9tU;@}+;0&K@mh*L*z;0Ia9_fiwb5m0~?xNxeuB0a>zi@lMd6S_WvCUdYK(&M$>B5cSHutd&q%EGkpPYrofGq_=>JayBJ9MJ9S)80m%A1^I8z1(*?`#jq> zC(|BJI3U-%^L<2%MI+oWazh)C`|=+D7+dIbP$DSd-A8cCc7C)GJ}$>didahR=X{v= zCWe3p^t%AC2baPpqKTFWNva}6qlJD;dU>-l3)?NjtV*e=MYSpxP&~r)x?#GXj z(j3*D(`H+6gZDLVd^3uJm_yKRAotm80wjBQYRKVPlOq@oV@Fvc@Zo*pMPb}#dmhgL z;FlxT#6=11|F}Ny68YU9mbP>JqRCV}^$}PU^!&?PBs*$8V0dhYH$XjL`0PDjj{1kQ zM!=Q%9kAy`((u+@v-h*EW@FhzXZHiT-8xFi$BT5pQ=n4g?Qn{-`^H&VM#08@oWvH> zW=u84p}=ip*{_w;fA1_R^y3WgcqjucI=RW3jgJK1gQ9Q($h%y`gA&Z3q;|A*x`!RV z?=Qr#p)$IRP@}M20Rju>yywuB>{eo8j03|B;F92)M6{g~e6w7QSM$vzR8=4MqjQ)`ONM3QG6#8_z z$o@OQw`^kgdlHnFg0^Tq7XX(gGj&#m45#ajhyi{MQ`90O}Pe?kD}~8Ze*o3fP(2MIyiTwe~b-K4zm2881cEhKkZSC-BAiN+;K_Mw~`*FqKai>f6ufpD~jRB8w91(tR1 z=Ka^(V;%uAZHb*TO(!ic#r}qYj34VY8{*{C+vGb+DzWiYcc$TeK^F~VO`Z6pzN>35zRdN5AifaJ zoM}E5iS1doqKK~Dz0gPdDAxJ|e{gIDV}nMXf1rv%HoW%o%{QzU$oQflqYltPV$&;N zVxaKnnxAd`fqZF|R5WkZHjYaw&g573V>^^83=U-P{H?JxGjMRVgL6anbB8cv?Xw^{ zVh$t>q}|=~8e72XcUmXb;_#Y?`5;Gf_F=vOI% z4lh{9u)7WeB?1f~U?R`rZBy!K&{R-1Fj4$8L)!D(K%)O|0YWQr! zYfi=Hzcjwj^4fhG@S1j*$MsG}sCPpw{6S>t-?=TnJmwz}mWugM_73UI!`>nL7UUXh zT?6WQu7VQq`G@pMkd&j#SSXrcm!NM6P?%TLqo$P$sFUe{k&9tJjL$jmdbBNVEb;K( zP68hHboieo6Tl%!Jyq$j6U}KQ9>ZZN2e0?t#+H1u(<9fdaiHfuZje>mIjHGiDX|Ro zu`HjJ{kt%OwBeq$J2IPV<8}%>`D$U#K+m|5BSL+jYA*9?2k;Iwff9eY~)m$&} z&GggyQoDy?zPVLF{AX0JL2Z{&8f@E|^luKFAFay^9pWXY-}j5gntn8Q- z5mU;xn&GmKIt#x9G>pO!clDT}#rf0PqjW&JwEjsQ5so(5lgA>R3_xOrJ)1h;J@i-+ zKj<(fN$q8QxNITce;6Cq`5`5Aqqwy{mIhi>@r5B^aZUHQmd)vEMVAZ>&Jdf4v=zHr z^s3sgwR3rG6)YFE8pnoikhuogyn))bb)I1_m#ToHrj$Px2E#T zNh}-8{lZqDJgUgnOes(WrFqW8OzO9BW*P7Apvd14Ii_M0q)SF9h~VPa2!u5>1`Xx? z)b0?4@8!9O+s0dP^4yaWVn`n@EB{55=IF2KT#`w_`dd+XAf_GloPIHIU4P?X%^#5n zERj?`GK8g4R(2NQzHvCpuU|X9(NMPh@o-$?HK^#2YH%;J)53J?6~mL>&q<{H&7>Ao z*0On(vWBvz;^X<%sF|4>rk|k7y}med(f8h89TV2l_ZEV_XHV#UJ$2pB5qw`>gI?m4`~y5w z3S`FbI;<#|7yOZ6^be6^*MyPeNjf^R*mLP1c>y+0ps3nkLS?_=!SV>F_%V6K*f;W7 zr?Mxtig6^h7YOzbZ2Tij7NL)$KHrU1XdNg>G&If(U-El0PB#=**VYS}iI%g;247|o zvW#N^QtExw6O|!f6bFp{%18d42AGs^5P- z(+%~+3rxp6M{6N3?_@>}A|MLb{tcnOG2RX~whk6hy-((eydBbNhn6r8=qnCB-y$KEL@Rgk5`70gimYfDf12kM5{`u$tbO3-`f?`r$l^A)Y1;a_V`VzwSp}Ha zeM4Teeo^Bo*pi!u{t;LYyBSGB;7>`^d7`Sy+DnuoDm$^4vD z-h^^O1Kbxz=SUPve;#SX1!fre{6qI(xwG+IK^9+GMLzcZ8s<#}{dSeA_?MdoOId#q z7I7p`*!xmT)_!>IsNOnnjpnz5Z_$LMZByG+8#x-L1lZAVXed1a>#Pr8cDk+b!547S z8KCf-c=kTF(mk;hB7bje!2E;hW9!6867`H%8K)g^;n6SW*~ab1iAq*khk9KG$LCa_tJW&t#9{6KxNy$Nq6- z?Q}lWrI*uIudE62QUn-gZT+}$P_hj=lqPxg!9U(Q;xU`aC-p5%ZP_a96=v?Z*M8hJ znG4#A;+mxK5XtwgQew}{AU{WEb0!)l8up0Tpi+q|v3Ou}?2`S+Y1lr}KOc$ixsoNe^3uaWTRhrW@GXo=akP<{v2hztB1Id1v z=%t~S*hD3e_eQN6MpA4!AhPmh71deX1!*So>1NqzQ|%RY zRnax!r!U(vEXQJFvRd6iZ4fWiW&QFOlc_$6kEoeP2^Ijf< z5%cLMGZOiaNhyP8J~HkKvC}_Iiw6{LVoTvs20U5wCAL`yz?JsG4ioC#WKH!Rw9JL( zxSNL)gbOvba;1bbl-!*rAujwc;Pl-ZvGmcSuzsy{Y2Q3BRz4{3wLY|>*GWLel>rIK zVQ4re0N7^H$X`N(B-w<$x5aGq)l#UJyJKJU2l60p_C*Fdeyz-@b5wy%Q$39(#ylsN z>A|Hw$byWhrK0Ai)FiY_}@nhH}>6;8Uy$^FMV^&jJx3BqdEyt*QC#` zB0Ku;u+#zS%9EUBW->_mPk32rfl%hTooiICBe5B#71cs4PQbZO@urp4xCcfra0TyA zj;&;A8L%}u+Ad4Z$G>gqx^s?4Ks{&2QBGHSEnVB|`O?aBUmG^V^42|z5Z|eSK_lNw zm3f!ly}7meMftN{2@^DA1&_)!OMkL6t%gqcq0cGJd?Y>Bf1x&1R&mO<3|sg4n_JKlJ!|tUt_CN$TFYZse=QElNGb;^_OGYY+e+M=k9Ze zSbFWYqhe!i{BK33DNt0DUVouODUw$yR?o>XK=J{4j2kM^^Ff0lljSc~o;#d$QEZ20 zh=z+l`@#GM29VTp5);_7Ir9cAsg zXBQHP^w#QR+~=;H-JgHM+MFc&8~!i&OLRYrcpCZ_;-a15sNDXG|Axq3bfMtw2<81R zI!ugl2ziFLgZ2Mg$=BNTXy4w4PGIm$je7bWi|V72@9gPE7Ws|s``oPHhu`+gPv^v9 zfZFs~Z!VXl8Zq-Ox`PwA`YygUAi%vjmQlZ44z;#gh<{A5d`k^T=^L2oi7fYypB5OC ze8)N=ei4ONose?F%`iqCoIL1EZRKrVgf<{hDLE=h%%@(hIn{f&hZT6WNqic0-^;}30)qcw zyCUYb%@Zoh{M?{Vi+h9@?K?3#$}W{4GQJMtS%9IT2TgIh_WcUT zD|RRzYI7%anI}#O%nk zc1WZ_AxH>Ka}_TxS3`T;9s4!g;A+wvPc5a0lXAcap?s54&HQuHmH{mb^Ja3S+AEeD zr;@tcTse&Sdes9?`jNBrF!(NKK~K2fZwl8Fk{JfTgzHjwers@y$ZM3ZS__^;R@Tk{ zE?k0!er=YZq()A(Z|twV#RF(e;M~>Pk>Ekj>Lq8j=Z`5VVoCB7B8JyW}LF>E9~0m1|Q-LU)aW2e(ph z-*;v($>#k;@;;lL<;7p3;AH&Hb!Gq&fKc8s>*p;0;!+~~5k3tV=i>^_3nUkMEnNq3gY2S3DBZ3HvvNErB za95NA?Yy*9cV9{WQsG!O`>=yXP> zHFMT&+I2YzkP!_(UL9e4E@zSE&{_oJ*t%g39V{vTZ@*Z7&lZyiJU6tLT3}s5Q>34r zuKvOy_Qv0Wsn(MJ zN(7y_(p1TZZ7VlN<_+L_S0DeipFY6&Pb^f)m3$N_`-H$y%kHllR*GM|+hWl7a5HK) zCrBppGSaZ<3rzOu^wRTN2yd`U0^;)s&7EQ5*MlNRgyE2)Ryje4W+pHDf9X;AKp!K(M$@v|GNvTL}q^^)T{&HxRfle=#_aX>4= z0WRY5ZXg?1;!46yo0uZ>!l9^Eu*KVwk8!Hnicm{-+S}F_R&Lx15PR&&ndf>pAtf1- zXiX(w3++TdSjME0S7%uLjwd#j0(FL6sXt~P9gK->gtSjuV(?#Ds zGSNAk++v*$8@>fzzA5q&a7Sw|RY9yV;dMiJ+`J1PqWgK=p36SP93!v|{))Os%*|(| z13xMk$Rju`uaEa;Dl>2bYrkzvT=14q)CSZVfxS))tRcF;-QfYaRWXsoh?e%$PX%x_+n9E(i)lUU^ zH|=E-R{zQvw~!b6eIb{&XsiOqK8`=WpZr4QVYM;?NS)K7xYK+(GE$&i3C-egvu!tA z$~Q*V4$hR6a-JOj-hP;8;#9VhxjXXmlj@=V(}ThJBbf=%K~}zxQ|)}PA(>B;R}`jM zl~V0pzeY-_Z=hQL*o3@|mHNALEn|xF%CBtq)`S0Qzl^E<(r5B5Kifc6O;X>7w9IjtH#eM{E9~0mg;Cw%o@(xe+-bsg5CS6$ z0j@M>aPliNs-QE=p~b9>MGnNzT+=@wf*DjpX^)MYM&<#pn5yW7l|#+mwcqOFf#e9@*lKAdsxOAs?iiNmP^v79G$&tqIZY6#Jy2*i9iCwm# zs=;=`2ebHe5hkA}#P@^c9L&@2>14`(ty!)Ij>aV8y-&))O~XqHN{mP!zUbkxziq-D ztADEG4^J!ZM?_L{Sd7XWR$l^co=fB!2RTw=J1~=#WMsvRLSctzmND~EWiM=oYiPTb z)nHO~uTydxGQ65ONEq__k$#1`p0erHRK`#=rNBrXEwz*|K87Ko^&^4c<%o{B)WZ|7 zKq7hnmoB~u>jNH%t6^*-q<$tE?qQ>AKXqBC@2Nzpr2^y>8Qe49 zQg&m%Du&MwP=r}jhIx)_m^Rtn0&Qby>-WGXp(Zqek|YK|25eSCFYj$Ngg9r-$%)}7 z&o_E6c}#VZu3y*onToxhqv7DPa4l@F7{ndJaV^TpzeUe!f27-DBxR+`lNN@UT#-6p z;7)`dhvort4T0-kf+c}7?yZq1QK~h#u>@Xl^DEu+Z;SlJ32)*>!wPb0^8J|cYN=`> zwTbs9Ul#3A%(#m=_oD?(cE3x;BO|QUf+_x7AvdrT;?^BG{pv+b@Hr{Sf0bZ~MfAKj zW2yJ!Ixd8kkw%%1E>|}ZYL@EUi(ca34lSo*NrVRV2{0$|u(&oEruOIKVr<>Fd_ola zWQ`hV3QNKzzkcVJS6;3zy^TNXK92{L;)P(a+ePWq0=(N~MCQgnN zUNNy_p~(nf>|0iq7$%Tj99_Zi_q2{DJm=$0Gpu@@kT&-;F~G?3uih?#ao&`}%r4L= z@st;VPjA=i?-e}X10(D?R7^QlD*M2@g6jqe!j~(0mor)kWYs3Ul7$LUwREy)7rn4! zUS(BSaE+5PJJq^TZ)r+Nc@;m0X~n^MnINkhiBjZejgLyO6k&1rWdeGA56yu>P4Adr z)yS^P9V&sBr3~-*2kDn7%-A8MA_c!vl`<^ctkAO1_y3DIqKlLss49k#JaeV_*L#J(R!r{Hr>%YOt#3%X?{n!yh8iXk`Xb1%q1yhp z#zxsce`l=6=y}t6cUrI%3K85qX+r@_iO|4#QejCG)mEC;wT$!Uu`G&h|K_Sus&Hsm z4QV`37r#1+>CbWw!Q*<>3$I_ZQ}X_`%YRH@9OTp-(#-sovrxSD(EJYRf_Akte4$`g zUold)K+>ml_l+n>+k<4@*xD5`d@QXhPz4K2kIJzE7ige=ik}%b3r?ldrLK{t@PC{f z$$8lq(K@iTn_#@jt)T|;7@MAYrDh3zq8!ZkZ37K0?8cq_ZKi#KSjZrl*X&g8lrC7n z<9eKt2DKFUn-6=;Eika#r1-5+8YPQQ+q9O1+T@*~J!ya8T7U|;uV~S2ls$iOWN``x zx7?XyPjssoy&Ue%1(lghFJ{!fv>SEXa4NYTNV(=G7s0ecx2n1QP=c57Utuv?d3(B` zC|gr`7$paigps>33xxH2igvOc(^4(guT-&*dUD7>&GtWiP_nG!Z}^G-JXBp|2EU;5|)$JsVh7)%TK25fKPdMCu%7?S)QR3 zS8;8uc?W^?NR4u}*xR(qCkHcgecU2S6PuNOj@MFLjotPQo0XaqiVO+j$E+s@UeLxg zMj5j@cLw;F@Q;58Ee2T^F1j5b3wE`Q@1L*Hn$aL}xYB^nxaRI7G~94t#PeBkK4In9 zzqCqj7~01IlZT^iY+Wj2wHhbGKYt#+r_P9kHL89Y=f3?=qN|#`|@uMYt zwu*4Q>#@W{Fw^4hckE^z2FIY@gST#zP5j=+4{}m!;AAw4n#VeW!w1i5`<58~3})e5 zkCW64Bh>|a>g_zjkr%y^V1|EnqWo8<)5G5|UDK9#$YfLF#-S=3&4ZsSnZ#X;dpLJ~ z|N5(3FAdnn%Jn~NmiP2VWzIYTG$i8!9U!&%&>eQL7KSU|-hibt6dZKcTXZ|l z)C1#<^3rm~mrC54`O23By5gK#{6XmC!ir^rl&QV&DEYMgFNSSKHUqLs%KpI50?&y~fS_Tm#`++&p+*RkDy*w)*fcwkNR#$s7C ze&r>yQ}}CeA%2)m>+IO*9a&aFmHo{p+w6x)Mh0z`Kik%xbBN^DrS7a`LyLtOb5LZ1-k*#iEULa_H4fd&Y91o zzW74HCj6%wXx#_7$LVxtQ7ib(Gq%v(KXjvC{pOfQW*czFL{V%{pKst%dF@0tEC2KQ(nma|5AABU&?;Crl#q~m1^M&aKxp~i za6kiI1}at%1>q>0hmGL0Di@w(GZ3fWD;_7gQRayWWw_D*Fz~>F8&q*`RD6b)2;A_$ zCuV*05UQ)S>5xT#{i3jME69@A6uBvikw22_9fJFUD=lP2iVOy}UHzR$Na=<;L1zOmuV&2blW zw06Cn4H@DTii3`~eUMjxrHl~wqD`cbwRReE(r!Qz({5LC|wbgoZKSIK~pRF)Mt5w94UiDwk%{AXD zv(8>QNX#4lfSFZuO#569jVHp@4(A@ad zt|zQ%e&?evz^NQuz_TtQwYn4M_}1)eQ0l#@KLN*TCL zbw1rlz(p9?2xOg$iv)sMjE@pCQ9Z*-$fSNxXlO+Kz09CQAh zAi}KI+KMr38NFwyHos5<8vA7%EqD8?^*V>LPo!#WZYz zY|Hlj@DgoYp+h8>IXDMgqIHux9Q(e%LU)e!Ui~h0YU}*B`(^a~SH{HD_prE*q=e=an*qH5L$Xx(Q z3W7KF|BKlHGrJVZOT8+*`Ra{I1CVr4Fe2O|N>JF90%eT^@mfP6DVjxriL9R;-|GJi z6VaquI9PV!=;<*bPBPUV59kdSoRUissOPEA_E>^Ssohr{v$wJp_iBCcpP(5C?yn#w zP57|o=NRRophjh*gG+6QH|5Leae5jD5u4nvY{!ue8!`}W+E?)*&NpS0LhIkcS|}Hi^&tt_BL8{mj=kP60>zu;EtOEOQg+^S)4Y6?oDulhOIvDVvCYRAGcb>;q{oRKmO{^No z#l{6IhFp{O%gTlmRT&uarc)d)1kF$W3Eup=d3rAA{;@_bhJr}LjR?Kb(J17@#6bde z?+isoV)0h@+Y$L>1J?jFDre?8Xw(1U(&wS&rVy+H_1=Hh$hrgvTZK`Gf^@kfRkD50kp4*4l8dC`}v$mDY{QhbpkJ z-559+irB9lj;H_{aKB_}ZB|kvKVSZd{J0Qb{S^DFeyU}JSm2tNmSW8ctn;90YT{aC zFESIh{*eCg>8%!^$jS3F{Jf;)g^~axT1V+WQW-$;ZGEAD$9$@l?f-xGi=+(5fYayd z8!&sS$%#c;Mgax{AZ%r_-g6baj1nRHvSMV+F(e?Ly3Y2`W=R+(peTx0epipWa|~1F z*PoCAnBD}DJKq1p!tJ!j9$r#=0VIRVCWku3H<%$AB6Bm|PPOWtnRc`Y;{mwM<7z2@ z#r%!vR~d-9v44$(x?}N08NhwM5wim=Aw7S4Cv4$}Wrup>XAXd%@F2>vJZ zPE4_O>A&3k9*G3h0BA8GwP1-3&|$(iUsb$ah5*N_q1aQnI~T3QFFImwF##M2={xTq zLBq=ze4VJ5IKU4aI@!Q7|Nc9lbsHhnhqU~mSKIxR2gwoB@Z?3D!ee`z2i337k>Qo$ z*!7u%RhuH}-u;=Ot!rbZ#Rw{#76z-7pWgK^zMK3#ET)-EvJt8B=G~xY*N-ru_n1HB zWjVj}rT0(MedP6R&m7PUk=mkQ;M={++*nm;j4ky(@*KtaF5HhgJO^AQ9DqsH5{YTE z$fzL58W^j?lzBpPTB;W^=0wYTn7=t?PiPSE=T|kdz@es|o%dyjppF```Wj|Jk-xj` z>ZpS6N&z%>al7|9kE#u=^UV60SePma z^rb9UR_ifREqrO%9QI*a*kUAl@XNzhFlj94At13WES5e@J!y|w+42Y5U4mIpeIzz- zllCutwF@~DL}Tz+qkh^k*)NcUIT>n=4GjF@nP2|{Sj6vFG1IJ{Zf83E6OG3vXX|EVg_!Sx(o>V$SEn=UNm#)1G=8Mg!|jBzQbRG z?EIE-bqaP+{8~J%pM?k2rX&J%$1QV_DPB4jg0nJk>p7OeEyZU}U~`r^q?EJjA`qn* z^}x-*;K~cMNygB9;4}2< zals|$bQm2|7uI2y6o}Oig)$9^D1+6xACFWS-ONJ_(bIb%`oyaMcj2+qVA|lk7Yk1Y z_(E&ff2G&XzV+j9%TeslQes55)U(^p;&8(67{g66)$!Ug*F%=#7QUsifqTbsjS*8q z{#<*3$x!g+W#MUwq+SAq3F|wiAfqHKwC_1Uv7g-~@y!Hkd4PV=b`mgBAHQRItLZv> zx-el9l4i=cQoBTWA+b)J_x?nia5~Ohh=xpBsPiR=nZ~=v6$0W7Z)s)033qYKT&Z}% z$~UoiT7?2z9^5)r6%rE{wv!kc1b|gkhbG)W@C4KS_Ts(Qff0OE6o`yqCsxFPq=Gce z3muKMA7!+-h6E_$RLh|?B|M7n_E}7((V22jhed+%r|hKZDyJWR@2+tT;1_kv3uIoc zH4?S3dHy-!qXhJatNt>lZr6|?WrXj_=9YUgUtrHUDd(6j|Ehnjlqp{`$yY-us$nZa z?;yUNzgGCON=zfZ7-o6JS1@U-;JNI@jAcvXT6=x(v|Atd5x)>3XbT;+Jx#WS!baQXP45Bo6+^7M7ufa{%# zDVxl$Ys5n>{)F{*(Qu4Nu_0fAO7uF5hDzoSN@ZDEdz*u}#;(JHC;BUhruS z3g3&|1e#0(KjGu?q}9Fq3O7-KR%{mvGS#W1ttQhQu-!n#F#ki9Jw*|i>`&x?s57eT7izD$dL^9As+Ocq z?two6Rj4kw3MEuDdn7W+iGOi;%<98m@@41TDsE9wD;DSVC~Vp~Z~WVkRsLIni#-e3 zN!3zwmAOfKf-oD6BsSJOT*}Vq9ClU89IXZe>%dw5tg5}}?Iw`sXQgqR)+$S%Qkb_X zJ6%N0^;>{5DLGUPi#pqo-jBJ1F3=P)g8e;*k4aA=N0FmT zv5>Yl3IhSmkl#Ata;Tu|?^}0n`5bKD7L#4|JyfSy-28W4Q)DV+K#>}N&NQanV@m!h zIb%j(BkK(GZ5)lYu*FmCy^B{eQ%%-|cQLawkg2)8e|xSTc4-zxdbG(lCA_T7uoBn$ zh(b;7*8_vmmP@-8>4)y9Y%A;~M(@w9ixF+av? z$c{bj`KWv0sRnJ_Yi4yWJ2Ocyz# zkfs)kQC=syIh^JwN%zSGo781*XTJ|?1EW2qxxy98F^`H4_Vxk(D!CKd9IgZ1MI98 zA(AKJk8$W;`&YgNm-CkB$HRRrpu{CIu-v{jJ3p@h3gCpP=C>I+-B&t3YJpfiEwKC; z%OgzyT79@nQB?2o@v6lS4|6jigKqqHe7?0Tt*;DHq#kjSV&6;YnG>^dA~tk^;dFeB zv9l5tFEmJamevfj8+~$gpwDG0(r0s#epTM$;iFCWfojzK*{6(ZmdctB*Qv_9=J4UBh?a~A6Uzx7#SXwBDR`4iB6>qpOS;LyK<(`lC$_-Eaim?C=Khi>a zOtun7E$(X;(|PeY7sE;7p;e_5O-mxP0L%O%Vz-d8A@(W$uwMrXO0mC+Cndt{nhF~H zgD@>BF6($|;%QbqGCY^Vol*O7{K!ts?wfhz*XqVMhERoLa6Ua& zjz`MXlWK~MvJ}}ZzM?TaUNQFtc>+;5>1Vv1Lrx2&>|OM^L2b*583&-e_)S(mF|$Hb z@-v?cNOE-e-#Pe3C|2z5SW#9W^YDVzS;ac1!5Fn?qR<(8CxEiah@u|v>D*2CZ8K`C3EA6!&x~NRpvbM!eywQ z*P=xl8_rKH*YgoAAeY_etmlnlw()-{7+?N{hWSsOykahHj>+c<3qwqc8Ex6OS=;9O z?&B#|Zg$wPkNcF>7TLVu(+ORxuFrnX;Ev?j?H{&sO)PpcLLmZt0}p=!r;pXqq~1l- zXr%dw;^+Le7Zdat`g#FwxH)UY~t$jEEy_ zC6vA6@Fec66v)u1Qd8WDkSRy-AP{*LGq^$VP@G z7Z2sPyd^u?m!MuNS>Vm0K?OilSKH`!f>WHzd<0s2n@5OSda_bY-ROm7tH z**9f4lk?5;V{!+3;L8|=VsOcsU_(;rG)*-5)06_|r&1G3y;6Fr^r56i91@g{iwpTq zNcY9NyYWL9W*oE&yDtqO;-l9c9eI$f4c4V#R8`#B)+ZYMofY5~KE$r}X}^Vnr%{Xn z+ipcVz3E->H94M%trvd+Waoo#VU0V!NG`7{JOj=s$!}C!MMv95-E3@H;xuuP2pt^# zDm_c{6g#9K*k>Z+^EI8g1A|C?p3IsyDkTqni3%~TUuM5YeAb>JFzBD3T5PTzKgmm@ z?l|{wFj{6%O+T|rJ9tyyfGu_NZaEgBq12{>PR9$66dSMzPPp_--o|0_PU;$WpgcML zwp!7BynYwh2wS>+the9YBTX7L)3&Y~+R*i>R}qljt;9R|-HJ4-1_ z3cbpoL<8Y-r0ou{Zvu4xj!)TnnxOUTj4aT#lkaC4dQJpE)#$-)U8pO#eRbHhlQ0J@XR___6n{+T$b zqU*_AqA8wbD+%Kj_Az&5{lEs#7QBD9p7Ly0$0;(iiYW_VvUxM%?|ez(0Q)7`{%xMD z)G2*oJN7yi>X=<-nvb~|?tSG2a+ic532`fZAgR0impW7-abuK(Z;xep@lTC-pUS%( zGn{C&5%c1O-FuL^K4rRX#C?v?zul5odtJ0jjF>5)Us$@TGFl;VuL7;318yTg-BBcRRdE^_G$~kknGU8 zzo1+Evq8#h8#P*L-=q-z<^`;n18DhbNcyeV0Q0i6nDvR(_;lVQ$p*w!h)Cr1!4bA4D@PY}aK3AM0Tme%GR3^ztM%OrGQ zzwy~}a@8#Hv!pR+kb-IoYP(;p5;VP%gzZ>nrf{D9UpvybqILH3JuLB@YF7|(U3q`N z0n~T3Vx}q^%K3%`V+W7LjF8m(Zy}YWTeOaJJvVF{p;A<$G-dhZC1~KFtuEUl0}M>L zEHiad5v(Q{RoD)x86dT$Buhj*tlbnOEgs@(c9tN4@5?r`m1FAOPq5GXv_^N4FGa0# zD&JMs2TiDSvF#dopX*tsisw$6YZBHd(0pZt2|k*LK^bj@a}9Zqm(@!0F34YXmS>*C zL6)q1UlzQ_G=kfnD*0BCGB06us3C{sWnIl@Ff^7+3*0V_b+<@Ed$4x-DXV||>7fmefpuuNUcpP)YaYuJ>KRP)2dU0s$G!SvDAEPbXCuwso| zybe+MGpW+bJ~sCubCWEGnl`Ud@xRu?G4(`NgJ3_FNqfAARaoc9jJ%v5h7lFQ=BC59 z13s$%+(32Q#Wn6)U5vlBe{X&A0PRn(EX?dB$vd7%ag1>0tbe?kEZ2O+I<=P!*Vcek z$1%uES^L*I^V;6|gE1rg^i5}aUDYRFZamPqqq@burhBvyC5IDbq&vq zb#_L?YhTUL>LgULSvS3iVu?}b^^*Py=xmdw`m|#P6QZPMxL-Og{%dJ%mce4=&Ojz! zi_6#|yGC~DLPSI!by(Y&vUeS3T;-E{U*aBrrf$28#e(olRMHV6NYJg^o#44^jMbdc zS-?{PD_!}ZSzW9Eix7+wOSjzL{e)CO=Vnboc>7+cBa%&m?a}YI64AZ=CoLDpNw!^N zxqey60dxGvMhmWFO@X@}1z@`zKfOZdg&$+EFtm!=diH*dXCZ#9H=1kom$Dsx9K^Z@ zHTKNd_fJ;Go7jlyTjQrF=IT=4O-eH`#p{heAi^Nj2?=O8Xu<8K!E;n1J0M2yCEfi; zIugN8e0{Vk@QQSsSsB0bBL|{U3d*gfa}Z=?LOpjucJ-@K*K+w`qR1>Sxb?MrY&JTc ziXA~6mjHbsmKogSw)AN}9x|Mt;tXqbJ`Dn?HlZ}&(YU>vs(JTji&t$(X>q1k(D>29 zMinQuJcE8Gq{N_QdbXT+kbTlibZ3_UCHW)e^T@QCh%Z{+pS_P(k(vMg&o)~(j1&gy1^-IqJQ zcF|$4T$%?OI^f=scvcp3MmbPRS_F|6goX(e?&`7<^9fq0^%{m?w(+qoDQ0AjEB^q! ze=j6FhD(BfX^MxFJ3O|Yv30Va6Nwwwo26h<{7Fw8Ueu;|J`fr|ss2G#VtA^a6+i%t z>8<&0`q}F>(kD$#VVGHVk)E8$xO2&I0s=#ptbORHyqC$7v|yJX!$-+C2D%JADKzAHb)C~Lt9IgioEz^=2V z??j%dPCi&#t!T7=TaM*X(zo%a${J2@5WGdP#Udy9=YzxZn3~e9ZL8AxuStIC-xNSDm4{jdC>v-Pbw!8gjP2xhDE{YfFUGOOeuAkLIKQLdF zcTT+yL5>pLY@HNdW;Wl;G^5qhl(AJKv1^OR@2|bufcz>1s1>aF#$q6D7E53lGlbYA zwgz1_%u3&m$e~QkJ{-$T+u%;EM9TT+?htzwy9b{L{g`*g5Iz2nwcPNR5#8*}%;3sf zw`dYAEiS#-$s=ZC;-HdMdy+WwJNq^z;cXjZEjnq>aX7I4Es{N;JZ-=dsTaRsnj=y#76Ist%j#>%`S)Jf61t|7Fk##bLO6kjV zOi^4UJA&{=KwtJJRwF8NG$UE0>$ldiOgmVMUE{01XvOg<97=T5>Wx_)AZqe(&1 zS^jzg{xEB+!dIzm(h@tdY~7L#WDCjfMrMKwnU2J_=x}p0xt=C=CO3cxfofoQP}WTr zTOoUUo)U8v4I)084p+EPH*XFNe54aonaMC0K0oJMERKQ8(=V8{8LTCnvq1d-_gOb6 z>}7;Gp;(xTF*PfE&S7$%(6kx|IsVGxRm0c_BNCW7$+<&-^Jm>!NarxbZ3(~mWzh0P zFpC!S-xr2xl@cDK;EZ#D=sJgLvUeC2rxN4#C+;9%dgqBfsQQO50sI*85~ZlzX)vC& z&RYA+oIJ$0vrD zd3Jj0hUwTx1Tv{H1wuk@$MVLM%~Q97ez(i6^dqw^iCoJC^N6PEj!ijR?!BU+Zknm} z^Ab=HbvGKbW}DI!{?c|p?&}NNvJ*>ucT))ozgOP7XKzpdYqhjtk3a*VEAK$~%S~bT zGXu1=my_s1EoUk7^PA^YUzGu5;G_pw(q8<9_sid9u9gc>B37}0fHBfH2fzZD-+3j> zCZ8YdXT+c{kUE(Da&%gEu`ldIH^wjM6ivrQ%WM%vU8k&!~ zPU+{h7MdiE!_Dxr*yejQ+3D?I_D+G~^c+ELi0-V07&O4(@4TztvJjGfFC8cLb8uKn z{D*RP@+|@&n0&36P_hUWlOT=TK=hX=fP zjl{aK>)}&F5?>(WSw2Djm#;q!@A+!m_h4|HQzd$WB(?0M{tJ zHokl@KfnvLZ~Om{9HIYy(b{5z4xmj)W7z+l9y&d3%6<=kFT1E5cSuLuOuc^rRA(8d zd+$|6(%5MuaL${aZ}-L?5e_!EGxmRH!gjq>yV1r; zT$J{|EBG)!_y0;Gb;)|s*u9zhVL3GT)_CL+iL7ge^gu;gjzI66f=)~RM|7(T1G-ne z*f69`>{xw*aCY=A5L@A+W*S;yG`>PnQv25t`0Pb?qvcBc{$!>y=L|>Eo93eoh#p3U zf=Bp+;+p`}r3G@y=h8jFM)@^aAl}q@N^y(Dpl|ekB?f!ZYE2qC;{$0+nJjBO6c(!8 zJL-jGdC5BW%xWHwFjeOf2VePSvbvGGlf1aNdXuDY_pj6}d3-K~>@os-6r*p? z!hs=pE3)mQ0}|-^w-4f{B%Ab=F_>BFB^>ih@7~PV-k0!cvAngt7WLSs+^T%|6Jxv5 zHjmsNUS{{?y2QbVM9sVy;k<|g*96&7vx`98(|Wa^rEf;c9-1^zXN+h6`KAF$wnw?x z9ZUV}Wpcei$3BL9lKws>pt=ch3dBde63ffLzXWlR&#?UQA6VU{wVD^|U-Zvl3aMP! z3*FfSJm+hV}##-j4#`CfNg~v{JL>zV$dk^G4Iga`Qu)^f&H8+0-2nLw>a$UTlGpu ze4Z_~^7lP%s~$T{IZ0X?)4`P|Quj7n_VZAY4M3oJeU$YqwAsVEFs~Uhh z)#Ma7@N$~fA~A8lRTy+}cJCcFPmYz(#wGVKv&*d{owUL1_hm;LA+|0>&a9 z0lkPFyh}9|loWtDL^zPj(bU^K72OX1Xk%8rHeB~ZpF(uzw+EiIorU6<(gpJ)vda`# zv7Z~RU1c-WI%lEQMC7FO>R@CI?TM~Zjo^zuw6L0C8S4+c0Wskez4F&4qn$op8gEquKDp%DL;eeMFsl~O9!nPTD`cQs7mLKoT?Ld&j zbYRCsgM&GknSMt8y}FXU#jn>e2fijr7BlT*MXT+=?u-r9^M89snpjwX#sr55-Q65Wnd%-K*|A-0ompZ8=_-4&qwXis%u4^&`1h*-5gkpoBKiN)djmSm6uIj z*#j4b{HF0}Vg2k@7K6r&wfkwR${ZS2TJwqW{#Ult44v8F;aX>^wNYae@hGyZ;Iq{3 z!5|}t2vlV!Fg)pwLxoqIJP)fTg$0YmwkFh64to10;S-emfNo@@WU$C$fnLCC|FNu) zq#a{Ne{e{BsZOC@JcB{PcGN_9NgJM@QRJO#V4ux`{{@1#arMssr3_o>wK$A_}=@c0)y3#|8b?%4&r<%2DgF$4w6r^ClxJTP3flfy-s z@_jji_h#_tsH~KUQwMv}w-$Z^`DmPnY?DfA!kv{Ar*R3@hRZBA)!GXt2GFY*2STim zanLI1M6j(oQ+NY`5uRA))$yf+m6V<^makMIv}(MXNUu444A2K-qvn7~Sf#Yp7$;=&TJS?n6st zzSm{%^X}uDWj?_Ci4FuIPH6Dz{beNTn{wusbaE@w_9-Y7)Ypr#cQb-kGhEfL0#=_E+#{@$zVLQOjddmpfy-3>nyC%1`;uM(MpD zFB=Q-F7T)3*;PY?>8slv#8WoQjK%yiAqvpOyPyJL`?_Wuz1WZJ#{E0^LShkZExt!2 zW@4x4Hq;Wblypq@nvS2L8c)ZH$*EN|!5;fNre+rB{d%FN?bpzcGHaHMWt5UmQDh{r z>J1==<>hkJqSAoVDt<<6e?h#6(v-Gs(?#b}eq}``WQr;l%k%?1h7j)imeHY=Tmea} z$OP;y16O&Eh6ODEA%Q1W1V|@fTx8o5zdy<4U>ls2mi5$d%Io<|F+I$xe|o7aHeAJd z_&@}r)tKEt$C%884&vTu21neQ97RpQyy*#@ zN#vPi!Ds)0a@QnF@n4P?{+LTX85m+Z;zg0=WWoakoXebUR0&&n8s`G-)Z(XjN$gj} zOi;enDqQajKg64OKQ9tD$sn$HaF#dwc0GUus37lQ0(G2dDHDCD=TQ!K{h*zfzHIe) zs)?LhchlSO5ib|xA4NFE$QPIBAkBYCh8|G+e&txV*&nyo>K~-$*n3e#bKx_ogBcvG zv);@WGZw5HvxDpjY>3cck=D=90mx6Y1MQ-pT?4PLV^f*b)zD73Eq!RHyloW?;7?kx zdMZYQtiPs76Q=6hk3`oqqLzS0Iq{AD*GWH&JiaI7Q`zUG-P zj})bi3o-9CbYiiX-sC4u`S!ualG3M85vt=RZA3D4EdRc4JsFeOXF5bwe5GrVbT1B$ zz9tJXchGeI{#{p8z?vM!kFe%`5fCnh+=ww3FSBSi6_vG-!kPflQ4dBQt)rmtGn8=& zwvDgs9jKtxpOf0@OLoMOWm{aBlC$E8LBkL$NR5LCrJ=AxJpxsO%lI|(k@F4V0N3aR z3q`x{!I;`S#wH`--_RyxpevQq`g9!Y%_{ZAAKi4J5+l3INab~5ixv7bsJJd5c;9AF zTfr9D$r;tf*%^YNlY5ILeZ7PS?Z7cVk;Yo;AOJ3^Y*ep{&UK(nO0qMHQ$K)KL0+nv?d-rpVwAGunX#Cy2Ad01()m@7>VDBi#F zsZx+>m&V=FHN}$IrA7bqQB;UA?x`N|0G7kqM+b)3>k<0UkrDZ5vOzf(20`5`prYj> zM|YT}^$!MitG5>ltaMcxI*_QP5~Qx@MqT?OfsBcER^Tv@oc5q$>f@LkpMFv9RCEZtJw`Ant9?OYJJtc)zb{=z)X^f zjV<~Mn>FNcwW#YT{cbTHQvH$H^+k^EJ;E=2pP)<;FDD4GSD?9~jbQ(hLiMa60xMI_ zL#c!?fsX>`E4-vPe^E)~0cq9%`l2yK*n>Ym&pz`d24&wcD7S>mww~de?puYO^CPy` zuOr8F>*(@_j9LBRZVrSo5bFRJMJpVE+bW)*$cPa+qGP>Q>^hg!_{COrXz&QX9&~13 z=w3JJ2jDAZnlvUIdj9)gkKEt#5&&b@;4bU(T{cgLxA>)-;YOBgS`l6hPfy&vA+|^MV5Bv_uWQD)m&SwYPceg8y zwF5~edjBkcx7#2>8t05pr1~(d6@|;ktau}-EdkA;TaT1?p{YN8Lhe9*- zS7>_-8Zue>-_y9-D60;?>ecsH-D$Go`UBF^?%gN>Jl^Jq@lzb`;0c(K0ymULh3zy;71NJeC>L*K(0LJ12En(jDFwUtIx z_S?+Qxl68I+~4wLeo0UM`sj!Y`szHI`xQ2>;@~lR|`yR4>j}N(+7^*@#EYj5ml&RaLw`N}OhX&wbAV7TZxGKiD zb1819#<}Z*ipj#8&P%y*%R18uLH2*F^7r$S*M$n5iQ*v`)(MZo31DQ2s*aVb#T*vqIL9?t<)T!$Mq8PjA zMOFooWd=}dUF6oX@G3s;L)OTGb^D30NdY2nY*JVl_yz4~vioK(^4m$Uq^b{TZ+DVv zYCTOH-Yji6!yTr{;#jdXku0-Q_XurvP7(lBi(|I!GSij4M2#=nctEHlx@=%aIom3+ z|HAbVJ&-dRw_RkV`Tg9d=5KP|KOU))ulAm#>s@yLvSUf&wat9MkaBKO09olDLq8m0 zrN{l^y?d|j9EIR;|I+qV{oL&Rsy#biG52DrJ%P2(Mo?^TZCpa37D`;L^ComEuC3JP ziQz_iIB_U7Mofknrwm%7t2bw7n*8%N1tdg+=~aagGAJyEGJeEk%KJ%qn&v4WCqWj^ zom&ly&EfBsPG6==CubWnw%W-MACmfT`;03?shMY(crm6T?SdrvpY!iGN01-uMUnXBpPS4rq_K2PX0Av@TY-ZS`w{Br zORD!`i}qW2)|vz-fV@b~WAxnxxVqkLzRu_Sq0*#mQSdUMn7uk%&VfP|KF3^axq;>? z8iT3pHA<_+F^WJR`(N8O^)#++T8HF8_AHt}-7bNoID-BS2GtSQNvecGff1a8rjf#t z>LQ}pCR|f{s@t=`y{|icY^e39bY$}9i^G;>0$5k&x{_+6T(z8>a^Bm+=tx5f>B4o~ zeNB}^SC^$C9~YQIjxuO#+eI%UDtaPGe=NK)`jIMkFvZ+h)rGf$Rw=~tHLe_61P~}s z*;NcFTvE8{;#uB<)7q^v%(@x!!hiRIzTVCrtg>dS7}pdZ09we$B{wOGkEE`+Qiq01 zPEkSL7q=6_{p-e;wnSO?Wp_epG>96#oDZeve9}v*wUa1&{4+ZXrPmy%ak59b`X8+K zdq!D!L4)k+C^^w#5T*pBV%vp8%){f5U`)NO&RDwxV`7_hyZp_&wVw6B@|E1tl+!|* z7jrhUtU+DEvPJPh%334nl(fhPwjmOk%;W&~D&Jsxsh9#C(L>ycWc%;HJW>SV)7Gf={z$e3oI zZ0$$jR$5Y~`__)GdN=vWY+E>gk*ir;UB`_0fsi5^VsWwANnn9?S8_0Kzy$s2db8|~ z>!t?kORlp&1vRrWHAzn9+NjUpsr~DnXt?q(yf9tlsY7R6kY9*Js=D$lAuhnEYDRY~8B;H9 z2acK3yaYQne7j98e)BbDNs?$olrJfF+V6pyMF0W8w zErtp68oF?q(YF>8Tw|w1;ADBIo?J;{)2zrtS?E5c7{jb|`M-P)czKa>=&Eh7q=xFx zT4TCSwL(}q1mn(4kIHv5d)t}ZX{j!KxC$`=+g2J5)M3gcUoR+}{>fFpS!a;PGlvC% zlQjk}5!tFiOzw>V^4k0&^X`&7ungLrIl&J?p*(;oNE%O$J@wP6{^W}f`*FW<`tz|mg`F=b+8H(f<=BN7-VZG7`-YdKdRknHY=U0i=H+I~I+kdu8U4m`s{8r>rH!U7Ib|Gok-A@RkP z6D9yHb;M|EKUbIe51P@+SorUz?hg^cKVR_S@>g$90W~PVH)pq`{Lx5!1SKN>9pOJ* z4yw_-XaLwA69E&f<9`hhLK@xX%`E}$5B#0+H{|b}x6pb5;IMvOYq%A4UEh@Q(da*D z#{SEww%;kwa{Ms!d;PU$3hW;(<`!h#imUwhey^IlE?U{Te52K9L|1|886o_&3A+y5 z&Z+pdW-MNbvLG@W-fNRh!)crLNVphHxV3Z8z)N@p%( zGPjmy9xU}Pb7vv;`leU7^VeL(dF3Eehf+_5UOMaGUlH#Nug|X)mAyedT@~SeS~q=L zqk#HoNMLAjlU6LVozz8MW9JO4tq${^bPN};2*xbuO9zFlOxaV47$4GzV~^(L@cpLH z!aTiE*4uwca<47C-9;4QbOjjAz-@mUtU$Tj&=pOWdKQ*lRZH@X9Hm#wV;NfZdYg)D z-8EBlhQF@&+EPhdokm96z}q`3IzvTrEI2m)I6+T|hv-Z?KlJ~2e$xRZlA9nSSy1KI z`2bZy9comoO3=o6KvFd^s9Ftryn0Km8=SB$9}>A@yzato9O(zS40$hZ#%IW{N;WQU zz)uGgskxN3mVoZNJ988mxae9I=6!8IYljzOtH0SS$x$RYZu!2^0{g2!OW9;VSyU zi+r?hQ#e}D47sU8>^mF+vS`VWBAO(c1ZTBg`l*`)mJ(a_yrQfFHQFI9M5-*e{ayuc zG^DD3IP(if`j-{;FY-hn_-P|SB1H7BE_O%bL*P|J2eCE;n;MZzjXN* zO(qdPt+$zW;mvuFt3_PiR<`426xhDbv4T@+rCyeqF<>(KPmciB5(h&;+1Z9ks8veJ z57>4LpZESNCfg-d;)S^-$tl_^Q&cxg!dY`-)l)QVK*zyie5=Ck$s+mE+{^)~*nk2- z0;c%)zgY&m7n^$dmBSEU5@ex6j(bnyW85Y=S(_PCU|(@cXj+_)y@18;KG04c7z|tM=|8$@3Yd1xvA=ZbJkGmI$`&;^KgL-SvRb6-c zBAF9Jar%}l!VAYWiNeuB2AL-GUuaX}*4bvSo$CA_DV+uv_Zi6tWTGnCld6*O&8#P% zD{dR8?33!{?&#~JRHE{nKKCYvX(h$flD7#r#&&Eq=Y)fq`EPs0BOTM)Em|so_v^3< z$&sg>VhZD%p7y`^L0e{=Ft(z{y3yhnyxe6M7YEDr*NqIBp0z~Oxb8XF59aR6(rUK+ z8OxXrto15-gPkhP5h`wndaTQhw>Wy$nTyFDZF~kIFrNZaMoAsFovaZmrBe+M{6aez z4|53jw|aMGu4$wuxMxG?b2h}iQ;A|plP2F(8}H#mWpg*WpxE`Wf}jrhMhjcivOG=L z_RUiIX_0%qgaw`+q~3AT^qlDsXF%vBjoCsAXlE3P$*FdF3e1KdBQnPwI+kM5C^Eg} z-&`S0p=C7y(j;i6l4|h>g7?uR{qbD9<*bZ|US|a;UguPE?q^e|CM55CYWoWmuL~vf zP}4mvm9D-too8TxeLH6YRv#g6y+1LyH1%ftKJ^LhZGQA`>elLU!NbNMc%>cke=wB3 z$D%;449F9BOtoFv8}kr>t>-1_v5^+1n zRL)!_2}*x;N4}|zop*{5xxHk1^hv@t(`iT6d6 z=beM8t4%l~Xv1S%81-l5!@lCso~|QPS1+08cLD##sk&tpMV9yR zCYP~I#y>UJ|5Q1&@txG%v0C6N$XUkD^Am1l(RvAkVPs1Y)?RL$3^E!N$EA6i5j0wx zJQTH7VcrL9pCR$38dYYz|0ac!$(Y4)QW5d5jH#xiA;_$e z3o-Thw7;ymSh@w@UC<_H`*Vu+ogYKI_F2VyJ7828DiKcy;LeN{p)Z(1{w_-`t&qGXb%5p20QfkNLp zZ6-41E~vqZ6~?11XjWjF%wSvd^VhKBhn*bhpvI&p)Y_bu)}?^KiYbw9pqJJ-G;qFG z-$wkF{rgK9ZSpW)Rjh@VH)avpDT_Dy8f}S}ttGwa9AV1ds z?d9NCpbU-SYZy)+&>pFey*PTnk1I36(qCe}W5D~w6NzlYUq9l$89Z1nqr@rqlHV}( zduQy??Ba%=^U|%Qzzt_S1_LTiATj;$6JUMHGEih=Fr@eC2Uqs|JrA zYsTXLOdfXi2>I=iypS@HeR-@twUVaClJ_SFnPoC#K^`h0*=VE#ef-5>gp@Xh8nF{} z6Z94Y3baT?TOXXtJG9n-)>cOD-0n$HhLje1A%j}v^}mYJwZ%A6PhciS+JKq=E<0B5 z-U`^V@Gu+fv5P5vT9$=!Usy*}oy*xTP2YU+DF`i9Jxm&9q`hj^YAR_-(IC+G)k(}m zwQePLOsaqAO83~C{R$y`t`n{dgw z#j=SXylmT5Y5-DFd3d~}1+($WHJ(<3Np5#p71~ImX43TjH`yTj%{Z-|#T0Whkj*wK&^y%=x+aeK3sNGQn zM240aLAslvq$NeV8Jd9^y1NxnKsXp9_<^6{KBaNJb<_p`o^a#!1%Og<;)08cyWJ(>E7TKK{?bhd>T zKabhKb%)f+hwHUf`dK+ih|CA-PO=dzi_*Hf{5V%Y?ru1i zRU^Jtad-w*b4wNSdsxTu>;3$G9uETcJbhAWGXLZ1l7d7!omVSd!<5!MLu2eO(W{{} zg-!Qe{TFUhcC>xlHE<$b8tzy*1dI_qatnqpp*=jQgnV^_6n^l6#&^6`oE~_;L<%Kq z(VicfmZTzze6{kL72LjQg>C(kmUO5pBq{KE4iM)T;MK;Sbr)(CQSvk49Pf5CwEx&o zYPzsdQAvu(0WrZMtc#og!i>CLIc5FV^G^`5;5ta#!wVx`RuOIf&oj0^Kh^aVQR8T7 z*Xx8upO6@pUG+;?SSu-nRjy1B+BI==7n_-e!3W4eJI7`bWskgRgl zZF7Cf2rs+`?m^nmX{6k~)f;&Nfk0Vh7-9~u8K!HK26=Z1a8k6PTly@|NQCyjaECg{ zsBbAb@G%s&8&}Bxq{O8y%s)Gl0I6il3$O`&N?#RgT)bH>^&bl*-Q$nuvU zp>k+?Fxjr*N0Z8}oL}$U{u$te4%-rUXq{<=`T7>zxH4R_C&AsCn=@H1Y_#5}%oRqG z;yqj^{m`jWlB3Sn)@4S zUf)YJm^*qP%=VA&hX5)?+?$9WpCkphAH9G$&kVtm+rLX#j;%8i1pj?IlcU??cDs}= zku1tNV0=5sZ;j-Yc*%6AH8guXhl3tXT6`Mhp;Ouu%w)iyoi1L6X!sLWcyP+cB9+uG zuA6Heh>X-R?0CM1nrtHR);GQzZs;WM_>q?yM3K&89o$81d*v6z#~Fj&%@iP0Nq(ee zQygz{wJ08C0-X}Tdrn7I!3OPu*SoH`0>L?b_5M~bCaZh&w;$HXBIS%0)8ot0Rq&N> z??^pJ?ax@}x!L_!YXXd|2YEA}%q68ysF}mkkMyqvLzcG`t>x;hZC`0NEXaM9b;Vez ztKP}Dwogu3U2GiPC0)k%imEnn${RAu{IV*+4)4F2!&wp-SEgFY)}Fpajpj-9Rp0oX zDYfT;uRn(4fXI(Hm?5DT^cRMo+_ieRw)Rg|^G?ElIo<{+lc-N^(G=+(JT3*zx>k71NeruN{0sJR&^vVZ^PT3C$&u z9mU6e*uQS=qHoQ0xnw_5O#{oPc#HcNug<9ZI-bB7Yv&|KJaSL79yzqM{wGHe^YHJ> z^AXId)7q#}Ijtc~@NFWR%L;bEwe$YgA_B{j%e=$J!Ss#QFm9I8A}bW*ke+hkxOl#)nXT$S%!C{HH$&;#vQMWWdX#eQPf8{cG;(UMf9CS7JoM z?ibVNJF;8+&x{A7krbH=iSA~CStpH8SRRL5Fy;oKR)=^8Of~RifhrM1G=ON&Ayhb# zW1C{-R4k}bRP_rg6i$Ng<~UH2hz#v{vcG=j!{DHo;NP?n6VOZC4>Eoj($~$Ohkywt zaFs(xt;?UCN92$suS$nqlGs#PR;O$UI> zx33f`hmLRW$K}CgL?=*=Z(TGFh=L#ai~J>a?{&OyGkWNg1act)o(e#dT#7*MD-xJg zfTJgQJ(~LM$V-=d@*NIoKri5yjrsYe)tdomB@UIUX2b=h{xO4v0)S|@Zh+kV1sm82 zG@*T3F5`zQSfFm(pr9|wf0(bQj19gZ@@FjSFLmZ1%HHBE&5u**#3t?m8Xrlw0iev` zN2j3)lj5qm@~auja*}ki=N^~2>wYVn&mJC8-yBDL=yR&Z-v@3{PQTRgc%LLR(ggza z*IA~VG)Yh^)wL1Kzi01kfH9r7#Puam*3NhK=IlpPa~P-{n;^Z56uRHIPH+4em;obN zCpx-u>Le5m5ad_B^JQ2d4lW#D3tYEG&F8v+hg@LVa2=EVV!U~+zW)yFA9d1!egB{y zRm8&OehPeR1p#Z@{+^i183&&Zg9d{!2znw%s+DafJkHm`t-8YZ{%<1!hyf0MY&_w? z^+>gADtN;?5sq9Y+nSyES(`P)J3aG5QWeu&n1-6ybs-xGyCkeFXiop1$Ng{1X{kPc zz4Eb_9Yoqf1-6;Xnqd_Us#qbUg0X|u=MiuR&^vL9ySeM(>iy+!^Vb?HN@26HuALX_ zbm6Bx-*>aYiC&d+?sw1V99YH_=&pQYk%9R|Jlj^!^3&N%N)34AWdF^XS!tI>TmtW<0Iatle zyWl-|0qvsZXqV5xp4>TApU>o9+KUE{e1Jn$I^NW(cmA_q>MoLW{+QN!#oE;y_*ZY(eL-=<_mjvnTJNKRwQ?l`2V|@;k{LXQ|TurS9Y^0|PGYl8~`Aa7( zgvJ8wT3TmnE|l-Wv|Q$-4AT3-289SW;R&DLXD5 zl{!l8UoCwyc$600G*hx?2_%2?9i7AQf2fz`x9->1{1)5$k4 zTdZco_0sA34O&!U6PY&cxGGS_y*43w;RF%-`CR_lFt5pQTmqWjYb;&G_u=J_N9|n0 zO0|xPjR=_4(qR|;ieixW2z2B1>1h(fLF8~RYJ}HWW*^s7t*xm>-A&y}%;~_}1{Dp| zfo#IeW~-yaQ*y7P;lr%&KPXaZw7=iCvJC?7533TUB@eFI1!n4vf5h6@#8*>VzGlhl=(@Xr+JY3I#L5? z4s0UIiAei3Q(>MjDrZDvuwBnWu2MhVxP|sr!+H+TnAfvT|Gq2%k077RN;MR!8w?rvwc3H zh)LX*cpaf%M_SXNeMQOnqE@vjiGrwo`9Za;Dh<`&izO;0M`QlFkn_uz9oXV*wV|G+ zemy=G+j6mNX#n!_3A$p?jC8#);{V&YhNB<#CNW0@n-z-;qJ{#@sV zi;rVNg9ZG|ij?Jcnj5t}ifRw2N!a=%0j`Z_wlapdnlO{a1 zF#a_UqW0ez9Kt@OhAreazsFfFoC|MbP8@Hfx2@ZH&|0y>>Vx?NtItx1v%h@Ewsmmk z&NkOHd65Li^HnWVwnV4Bnb+Z|p53+L{4iWS1^F{%m>iHrqmxjh17B@S95yN+&DmFU zcoYBYCl9bTv#6|V^}m1JODNk|f{uEft)>;CyTo=SvYTs>WCff+++J2dIX?R>UCRl~ zSNogKRxxSi#egSO~o%P0b5G4_U?UH^>rrxp|3my)~ zZ$JpxKOseR1?up{ZNi+Y-7WBD&|{DY|Dc~9LH+{@!X*Cg#<3aj-(Pvs1+{y8Y;2Q= z@!G8O+fe7dkKI~dx1I#p4?II}>YoJ@A)@Yh?oUWN3SU{O()7Bk*WWr}qe$5L-mo^! z`5_~2gW3+^pm2F`nFs%rV8F({MIE(jsc-8H9AG*U5mEb5EomZ-)<>q1=)B&wA|)c# zxzevo8qKJ`qdB8)NrIm*eVc>))k^VL6_KM-<v9)zQ{E@FqAi zk;9ZM4zep8EU!f=DTM>8sE8E)#sJcH;2S=58O3*G+R_VvL&BVT-%R>q#cQC7BpGh^ zOMMpA5s&qnyI_mXOLLoU`sDFUE;}smd1*l?7-IqmG~StYF)`E#1!AZJy!jhxJy0Yh zNeNROP7y=AYW7UTeFotz;QZck?kGwY6G1{1Cf4OS0e=3h_wQqZeH=$|xDaXLkqQg* z6YFkcqer99xK(oPjzJJ+ktsRLqbv<~xg9zC+C>i5%%N)W{gTa5Yf#QwiI`jjSzF4)~<&)7dT_=s^5;xP)1$gN7GD*SGM4a~r4Fj`$o_lG%8+0%Vcb=Yn;+&UPAcbtl zqFMT^=IH4AhP(4nO#g=IGv2c)3q~m5lbLe#m3@MEu_wJ=%dcc5ce7>KQH&a?E)hJ{ zonpR-gMX|F$EkRv{zNcDv%g-1RisYBnYpj`V*TANV;I!PgPC)27^PzSua#M^Ovi$q z0F`S{(1?XhIDZ)y94?1n9?;>UAN<*<7_2TNI@4DRG8^x`TCq@bA`p^VivTC83fYU&$*mpjxelE6 zxYsI&wM46m;{H?Fp}V60KrwfKbllMB(J96y(J$C_E1M=PFE4c5CzDYP&!lsv@GySv51`z9L|RdCo{2U8PJM4k5OPDsKBtsI{*WYGXG&0mwO2+{WS9-uZO)lvJG? z{@#5@KmKGa1sXMJ|1LctqfaEUr%oCPBU|WHxzNk#)a~HFgrW*lTxtIpO80(Lex~49 zsr|-xgT0&~6r`$T&9UXA>NNkh=UGlhOS&QVE(ahawIr#STA5B-WF3Q08H!+q!o)gd zA#Hov{s`qYB{8eltu90Woo(-vmU!lXEj6L{yGGg8U8^4}T}EOUh2jPCi|X2R!b-=U zzmCX8AhM>1c#AKZB~;t~z7_pqIsvu91ClMiSz$mUgYO!732E6?npuQRmD=R9+IL4UoFLcca{8!f>D|uo2HL$EAAG^7dHe?Du7Y3_lzcQ+Gz_ca+z@ z7+q1e3xxYdK2TSpO^4ESvB?(IUui`Kl#h!RWCt3!aWm&&*$)dvLiG`_j2sQ?pk&kR zAIcfLw*9Kafk-6zcjD3K1u^W7gZlQF7E6jTUe4=*t%4vRzJ)p^pYfr7HoE;MPPy{( zlWEUpswP3sAX4Yr?tC*uyqC&Wx905{f}$P?5X4zHJy*DFxp<<`kD9OSkDoCoYkFxY zlqMr)Ph_9twNlg%2u{C71Dv+iCL0gy%td9`g7U(m{kmgaXZ5)We^95>XAfPqf|jUuo`s%6g)Y-;uM_a>iV=3T~Sl{n6J8`=?u_>ilpIKO|*B zcrR~%il898|Qk@>}%QcjiML!D@6XsT+ED}=di z;sWr#i1XFq&ylpi169+NTg64|)-fvG5|~;`Qjw;debCgXWHIf`$(xBu`A*wseUnYJ zg3j~lXDC5|*>c~0L2D=n5wM{}zZ%3cDe~LR$nE)is23#KEXT}c%v4A zqQJCL297kswtM1c;a)Z-vexOgcYH#bMkZfw!MsA9lqEpQ2b*Kke-XOLV{a+`;h6IV zb6-8n89CA9wH*Mh>J_@|M=sPH{|?@U2)!LsIbG4rIowba0V)a2xqf=Dz6!~SVZYE?4!}8^SgTW7ht?m&dHSYdSglQJ* zwPS%<7~AycbFGlPNyv&Aam^xS`nML?Ew5oWEI(#P8o$;PVpS3P2BlVw#khK-yw zT>jPVtjh}pXZ{TX1n4Rv-)6yhBTavz`N>e4&2i#Zj=E%WTXn!C>zA2syvQ`+6OzGK zZ{!X-EpBzD6e)A+sOfRVpG&F6#;adAy(_eW^1FSLwx2t7#pwO=LRcPk*yQ(b=Jxs| zY7)VtAZ)bU$ia(whG1Xd9^uV4?hENEW^e>*roG0JpFmjq-{WHKT#5bTGL6=nrM0mq z68zqs!j8x8N4CGDq<|o4kWKBhBqykQvU^V)M9yG&Dz(-|w4OZF-+e$i`F1x1Bu))* z0vJa{P5$!%g0S?9jy{(P_~QZfrn^g?fXGiSU(_V83u+qBv#0F+Jb&`}AxQk$t04eS z!*DBEP&!KZRvNNmB=-XYwEA?gIRt2opdAI6xWrRQD_- z>pk8>o90T;y)}qry|*@iAAr2;kJ#O$gA}*-N-BU5VQ;;R1mgI70=ji9f&a-dAXwd` zH=>@O0Bq_WXCfFDMp-=qZm~Xm_CJ^(fI$HARH1bjzc0>185LdKU^sXeo`H3$Fm zpHI3JMy38z&Rw~lfBiqd5H5zp(I+d(CFD%qHbP}&K-w1eq0#?f-AC-Y2LhyZm*E`!Yz#K_&t#LxC z<#M)cTO;TMc+2rS&vptWt}pcsf>2Zl*#Ft4&XDte?X(;A(ia%!QDuiuy5`;GZySO|H_16wY%z{V{<=na`b(%g)ncNlxmH>8#jXEzX$tMBM7eU z;|RaXajHB9t@tAUbFQHcghtX@xrP}2E-`)@QDfi3dZl81fq=WdwY9K0|&fmqL^ zoP{o(th{0-=#|8q^|FS;f?a|}ZrgPA> zT{K_{|G*@+lxAiXWp^y|5+L{Vuqjfs(g^+gj_ti5k32Ffgi=4-gl9KN7dMHD0wCu^5Qfz z34fZpSQldDo&1rjZta&U=h+YYYBLrzZ`s8D=5X6c@GG9a({Hv*-MeR}gIPRlK)BOU zoUt(SG3e+im5=67{7TXSEU(PpzlSh!HEpfR-B`mU3Y&p?1YX!~An-38p?oj|!OC7RzIy&TU;7;^JaQ+OA=0MhIGmi!_2a zGBYca;ieEgW@ULbYzgmrXPCnWFdw2rDJs}|m1V2jFl%WT`}SfpX^QmH4v9A6hfDtB5tQj z^=_H@T=N2& zGFpBpioJI@U91I3Iwli#dMa%|%2-1}!IVA_LyC9`pGkIP(1~n+o zyfH9=cYu%#iyQj`Fm@p0C&0kZ2TKCS{kja$Oc+G)0B|?~HN*)SB_6Jeeha_9=rJ`N z$Qb*7evb>SI>77xe(yX2RDzIKkAdcZLmmX;egvHTdqB7U`@Ny#K{Gz%e-0=*pG53+ zC193O+AgaW6#}5{XFwJ5XX7Gscn_R`y9RsC9LGQBBm~ip;|}uj8AzWqGw}}`BWkF$ z#@?;Vdki)Ep_6A>ltHnWwViK0lfcStS62xDpV1&L>fqK3ic-?fDe3QdzcdgwqebS< zG&eGaxfrLQ1d0V#)dKy-&vnpS-5j&9j+IZ0W)UT=su)&{O*)7D-?0X(!*|4vn?ksb zOGBIf(*Qn+cY*!I$e>Z4N&&hRgcS+Kwv=FLJ4Ycbrg|L2LTD(8$2?Qb2=L6oLK-@F zz7AFoe=IRBs~#W!XmJqm*e&g;A*7w$JbtSogz~@?H_rq()j)R+10@s6J8zoSbP#yM3Cuu(A;xuJC;oMeIY#x`N z*fno%Ckt}Z&eX!nnkC~+ofWHGiQln81RrksVfg1_|Mb_-!NU#1dhrgys~PljKaXRGz@>$;mo{HfV0T-!Y6 z&Pjp?A_$&+k{afFeLJD3WJ5eyjg1WjI{>OC2(~o{MP=Nv40N7Z`fI%&Vk9tD=)~RX zwWCPP^q`JN*bZf_zXKp}_A+7z&WP;vEFd^Qk^& zq(S)5p8EZI0ALnS^|0pr`P|U+dV711&%dW4lN&b7@q&jsxbP6>C8J7~%i77$S9I>VMI9q4Ts0e`7R%oTGLBJJ$i znV-12^7A&%h-yj}JBAi0PiB%2$&gCeB2UYtilD38>o>5cWKrAG^|;=agGH882V6s9$<%tn=FZG2riHCmXGz; zNL=e5^mZxi%>dLZ$%CTY=5eh0BolL| zy!KJ2uc+mv`+@^0@`Pzbe%yk3_!5`&|Jm~ z>Q1Dip}WsWd#q#_JxrH;Jn6tG%cVo05b>vbaRzHwQ+=qq;Jbo=ufdnmqH*V?OXAE$ z=0X#A%=7IBS7lSY*PK2G{5D>W7g*A!R56PpAkZ){8FPKf7nyX&f_sZ+riJa0ox0T8 z8tc?Cz6lBvhN9vwV(bIib=s#hG^<=@!+;4oCQU=9xC^2V3%&0d`wyjwn|(SED30os z=ple3Vl9Su-opbWGc#$f?*QdZMv}^1kO6Sh@dij((L46VbmXhDmo(F+mJ^~0AD>q7j$+*sEHu2T~3?to5^lBG?hA7{|tw)r=IZnz9 znQMT_6N9S9rPns^-R&+joBn`0fIlIPqyQ20X(k>5s>KWOS0+o8Z^NaBtMBdTd!XSF z?vDp9OxW2w_nCM{fPU%1w8mF^pJqo-XbSF59*n<@{ohN!1EDuVJT7b)fRX~f@0M(9 z(toH7fM5{ae}9w>$iHqRl?Q+~P-6pcNsWl&YvR>95L#(7aCIBthDmljM2-tw?OuCZ%VYY|iF1b1W8>9&GuG8EaHJguD^Aax?mEPk>u%dkcVv==7Xzgv zSsRUCzQ3&NBt0%GY~mq%JMy9k+y)dET!xiodT)I7i50C34iW{%i2(wjtiYioM-jD@SrbZn4I+G+sy}C^B2!au}n93O}OOTd`C3vIA(QUQRS` zF|`K=k2f&cpX!3j0ohK>cJ}{z;fCUY~z6UM87-)cwW}mg3 zi_MZcOUQ2Ol90?30C_1GF)byVltb0~qi|980%1=-*6t}F%{hm=c~`LAGz^mX7c2DP z{m}^Pi69D!mZr?Qta0+$1#`H!?Y2)1E6+?i*?H%s4)M}Z>Mhhs3YQctv-GVV(Suy5 z0W~f_*lA)vz#XEeuf(OBQ0 zFkTcr=2HkhIZ{6O+%kvu=?4_?@E>XR{%bm6zQZF3m?f^(@N56t6VqE)`EG3C7}wtD zsvomIr>(0ESb$04h@c#-7GUq=4)|)}44@Wch=qQ=uOrp7%8wve`2Bq3$pMrQz1*eC zD4M}vgk(>6O2=DAWX~@Ds6Id}NZxk`$f?^ef~vGvfH#^F;HgH>r{CQ#`X^P4eFN@d zxs#4_^olFG#4Ccvvnqqt#Sfrh6zypwWjwsWrmg-7^IrkGRRSJAd*hjcPlg`a|2B*j zWPUEbv8s())hU(wdHT74X1IPcB(0=K_dAJ~QDrZisMLpQ8jmrSV#-mAKHUU>JC zr7x+6&FVXr0o^hxAN6han%Q0*lTIKmJpbFi{djbGPE9$UWHeoA$| z;Lo)Ie>&b2D!ET_+^@B=FyL97s^#a3l4=&@Y74wh4G_tCyrCXJs7hggJwqhJX+J+I37@dV*w{KpNZ7@a4?sc6Wa-rPIGtGu#GS%4=SGfC2?&ajbWlmrTWx zaeNkX6{4qRHZ78zj2|O79rDwFWPa_Z`rwD=0diPrBI{|YUf7?A9YQFW>Z4`l!NIlT zZ!Y;QIV~=-r6#?muj=Eb<@ic_0K<~!Yx*=<*hWZ2Kv*h3e$mioP}+J z$wexLGrNXUjauB^*B!R3OsH_uM!VOJL8``0acVPHgpy$_ac~w91kJ-&pC)692ReW3 zsuhXl{zkT>5@}CNlPR9Bw2G;R2^JtEJO@j7$19*2L%ehG86y=2FIxB2ItI}%qh1ad z0PX|fq{8x`y!qr^5w+|}?cb&LFX;Lr1U;tnPa8k_+uKxn!ns9&DU=Kkc=w`%ua_q3BAh?q79k*ZL;Vym2vFjjGlDXDwXBbsTm!W)*)qkM+7o!QN4BZ-9qQo94bp? zR-ta|!p<(?I2R8-CSA%FjhBh9ZAtO|+R%1H#z{LgZuz%}L9rbb<`Cs}r1dFEcdG$< z(IJ6zYpkJHXV&-}n6_M5Nf`$-oenRJTeEYt)|>Ke3bk!ZojLg+BMuQdsjczHTqj{7 z-x*##Fy8K*gO#L#Ge4trH!C!^>h=2ke___w%&M0u3Yva7U1|kqs+F5d7-gk+AxnFc zxaR3~b0ZoK?=oQ8iAxIe!|1Y=iZMO)P>*`dpYD6p)A|oJ@E60o|HMs}R@|{h6`0?d z)OtDjeK!^xQiCva74q?o8V-+NZ1e=4LQ!;rO_?S^r;Yk#=&_9ClGN@9u=@w6te)pu zQiOaOZ4S4mM$oA1dBxHeok+K;j@t32gt%8zF#uDrrR!irhpk!tZ|eC_|E~BS#1$s&D~cYWhlla9hFk8EATnLT(P~B ztzD36%rss2INFzhIdi7*JTU0z4hRa~4{855t1xktgxKPU)>ir^{MiJGV!0Z4n(k_9 zurahezgm!__MVAl>LxZTwehGoM}|>|Gkt{DXwwFrNhGnOnz1~s7Ko06M`aWaz;vX! zX-NFZ9|NNF>yNldrHoEkn|_tt9uqQOscZ6lH0Na8uwu@u#uLIESv~jZ^@O6DU0<=! zLZ5;u4$v!#FCT4 ztUn@+MA6DU&8rd00uJlxo+-nY1S{a>F4p;4HJHVP4sD6ixDnHf0nYJd$E zUV@JKm`1L)P2DhQuv!`JejJn`ccaX1MMujY4LAcmoj+r;>1T9x7YLy{aV<8jcv^K< zY84juKRRd?ox8Lk2*7|bAiL?viR))A`!sxSqYVM`qgS5S3VR>DNR;q>0^S79%=LjO zOLIQWJOCoiFf=oM167Rrn%aN^3>Zm!e-emLYjhC-Hjg~f7h_L(MA`{`srn9T(nJ_R zL@&G(pciOi@6OC(!IT;aS=5dhmXRJ?YhO-t%IhQjj6cGV$Ge~-8;&U@_E#wQ{nNFseF9zyewqHO8@$veeR+q30i&JR#H%x zT;wM)!J9toRRqRO2 z?!7ah8rHmM1)l^edwmU34g26RtM&zv7JZZy>Y7?HQNaR1rz`aLiW>v7O8qfwE+DTt z8p9|%=^)`nil4}6L+Y_c7~QM>AmAjYzCsFMUs$IC-R0!&yOJN%OnO4%xe(@k5jIq60Ozgf`WV{S{oG0^BzzOt zca?s989zA+)#RG3SOBixPPVzSYG}(-F&0gv@Lp7)BM|zNS4^s$`2r}y({`>|mT$m6 zSiN+=mo#$seZo$Vu!j8_$@g>>%!M`Z>pTlxiuPF>Ahif6X(IiyzXj^x54Elgcq3+Q z^q+`AK*-p+PsojwV$8=5yi&pZpD(wsBhN{==!+@G{mV$08o&t;QAguP&L%3%4DmdD98T zok~k_qZ^@JvIQia@8!0L&F2 zTDqq^kMzZJL7rse!?^KAJzU&_IQWzsqF;pn;fROiMCmkp42gc*#IX+K{1wjP;p%b zKH>ieRED(P{MAUY<&Amq$Gpuw7nr$x*Dux)2a#Efq@K>sjF(YEweo9;VUCdPK(jb;lEZgj7e&X7)?^@)Nk3Hwwb0X*-A~v-OYGp`o`BI z0M`)_sRA0&kkf{`%G|G7Nqdd4nX-fb!>o{bZ>GJQ3&M=~dVXi9WJ*|3nXWu8#z_bg zD?OBg*7=%l=r70B#4KEvF|R#Y9y~~={>znJtAct{ADwdGG(BFC#$4g?nb}04Kl#~9 zn{*ZIz3ud`7pK-^CEwMl-2*5m#6zOIhW^Y+Tq_9W<`0w&w9 zqI+9HwoNlSIrN#W)`IEuE%^;lH}Cmq%K18`GVR=ktXKJ_?Bxm#uXHQdOp-C57Wo;d zaFiF*p#ZDP+t9LbjHZc>cx3-31bs2C=BMt#Y9cD&7P4uBSKsIwXytHjgR7w)+OB^4 z!jELTAd@gAh{d%Eoi8~xs$K<7Hh63h{E&%a69W4Vt>ddtAgzUx8oESQRvYv9N!;M&WM=U z96jT(SuWc-n~7I<_9&!0xV|psV+fh~=%UD;*aKjPlcx&KUeritJL6i1UI2$LRCEvF zwk+V)$LMV*riwm2c_~mBoGK+F?eJbGBq~Q~1EZ(*;~+0Np0p|Vhd)IaQ6my728ogJ zm!TDF<;=F#zWa>8&c|@EfhcUfC#XC=OtR8_)unIg`ARO#z}`a1cB=bB2TM0UWeH(j zX>U8*PsKBLh!D-T(d$rIBKwV&*P{WakzUY;nk^=BMyK94Ji;v&8Kr5que=c^N8DR>0(7OHSO-R#&iwyIS&H6JM%aMiXyTbV9-hm$pjRR@gD?l{_fBa4E{U#N4@dS z_0TH2FZb>!Tq?KoPH1+3gk9w*jmpjOut|O=wd9EVkrNQdv@nwU?~>-tC5Mmp-HH0Y z&Rd52Ufyf!Yh+A)h9$f%l%`eK!I6JYa_?N7KOEEF931|u{UgT9zxweeVx6^pRhID; z4Ae|lH6Pl|baUc-p~q77rR#R&tcwD4_=uVwWQ^fQ_+qTfkLbMV&CSNDw2t~P@F}&T zdpAPk{qDm9m&Y;9fJ-eF15h{mbN}@zRd@Z{>sUJ8ycx+wJ-r_3GBbMyI_x1L2Pm6d zfpKN|>zxn2!|Pp_0Qxj49`R5b&$n1OG1FNSBAap*7y^_zM(!V)}R8LHV$o z`u{y)VKdk7#WBH!(^qA9Sn$7%)dP?@c2#Q$Bd7_$FC6|HqDjNv{_);c_oMo|ItE$? z@}z(l0ETJZ?CznU3(egbPXqx*Y>zWfE70frHmDP8((Hf5{=yqfm)?baycA&k30!WV z5{i3Gqpz*2gA zV_jWJB%|_A<)7oW|B1kszWz{7K#N>aRqj8AOh<+r9E{#|BA=dyj;d(96X}R}8@SQ9Ue`@|&Wi$dUN)O&q+KO)KzLAYalzx=Hg+^%pPWlLxPM z&T{B4QsJdSP191nH!bU9RlO-g)+|w!wC$$Y5B)D?85P?D?I3#X6|oXkGJ8J5TDO-x zF5$u0>p;VSd3P*4;ko$iKpPCcCS`CuZ_hy2(*n4OJ6hnw$gmEPY>qtC{^K2I zG1J+1Mvpo2_Mac}5VrH9*tFSTBS9;GW$o)u8gw*+ph@~-abWDYGMz%f77IF6x2FJ3 z)ck33SUHy3B0$HmSOR{G>mu|PCw;W%U_6Z~Yg!C3Ls41JHM!-zbtdr87wrrA$A-KL#zgC&8Ru0Gqt6Lk)yz)gf`tyaDzmy5gy<7|# zn0axK?s{8u+~`!8(VO(ezV3CMP><-h^dKoCPec4lg(U@&=FerD25z0;YXZ(cc=!_+ z7?lSm?$(kh0gb@M+K~R=-R@Hydp&2%J*=MjoPAXVfr7~lxd)%*I&~s77t!p zDP0MrNK;n4u3_e8u0=~gRT`Y@^%0`)xu>mnpUH9M*~dm*3$iQ=)|>E6+p8^_H1#%# z_-?$6y$2(|Tw4Agj;=B)s&)&jh|;J?3?U&QAu)7+h%|_Fg9Af%Hwef8(%m2(LwDCu zLrQmdch^1M|7Wf9o_zOy_7fJeikA$r+yjAcN^3{E;W24Mv^21a7}$AZtM3C?tEF6_ zhkd~&!*RZ21~nXEW20TkE>U&AAF4`oHShHzP;ixWb_E%^fIWRLJ&6~e`g0`X_>EW z*BV*v&3{Fk`U!Lnaw;+1FRE3e{EZW@@d`Z*l8#?a%9RQ=QP2?Q6ozWyfND^BS>J4t zyT`FbspjvVS)?>TjPYT+#jz#{e>*;nJhE&tL{;Pm9c>vVcsM5iHUiQbjI*=#qXNpx zBdCfiE%O_Y;$;exqcx^#A+m$gq*F;*g^5gie_20wC!F@F&G|)%$-<RbLyNfwVfI_rPoM%s+X`wUqWZQ=ph8<~RFwINQ!I2LStSFplQhxp}8y^*RSKiizmW%SM1wzd4!+H7(A+N|Oa z@t(Eyd>Wmi)ysE%Ns^|zp|}9c)~H3q%z;XaaZObi<(cz_i@7^)31;DAv8PVOa9;6M zfcaRCr)a~P^Uz&%eXX=5qxeOAZH+!}Y`*Pn*0E#lvHBmj$z3n{w6B1u_7Da-HIj?;JGG{M>^9j+ASRlKzPVtRFnmGbuCz2(sdrJZ+n@PXH zQ0;x~;0#7?eU78;G9mN+)U1v6KNyR!6Z%>4AFU4l+sxxsb(kKi4YjNpA(+n-YI%IW z^MWDiS794y{Fq7NE`!Q2(JeU!x)YwLYxQ_Z|8Z^xn3*9lnfoxDPLABcsw44#X8X#b z3f~wtoNQZ$JqR_Bf8^?elbGKt&LXrjD<$bsZ}{d4yXl#)(p-G7l+0MhA)sc4GyL_T zIEY`@5soCx`Z7%(erbd4udfrM^;9i>m}ygs)B(cF|8~f(4%M=$BLsg)b_6ZA zQ0Bsyct@2b#*;Cb#4j_@vkYb;-Vq7AA^``aReh*BLIP5V2L zsR^nvbDQZ{J+S2beh*+hnfI;|7V0LnA(R@IQWH7$j1tn|DUR0XGsV*!|y1Fev zHM(-bEZdnP$ZRW%npCS^OIx`3&KJ<-lb}3|R|px|zvT7w(66;X`;59L8j|se(%RO^ zT(mki_#<{SzW7UNAp59}L3nlR?3;C8Sy|}i!8stu8~U^MB;XhaXp1J!tuzH}h!c-D z)&K%}STDeXUVkrmYrGyGZE*51*$j#AExT3b6cGX1Ro8Ea8+IIBDk7m%E{I2w_?X*E z_qKm;*+UPIC~%2ZQ7TN!`|66w1uv|o#+mROx)(&Z>DO6E>t>a;P&kTXRGD8O2lSHr z=NOzPiiVHUTn30QD^NsnzD|8CR{s}kb^BeW;aJF8N4Ng>Q>L(ZXI#=>t+K;U-b;&y zD>L!1Uz@pqi1?N3>iqIo)Z-!DVR7xvpzE*QH*cXM5Oo|KYiYv`GBd#hB=~EUv0FK9{bQZ7lIAXv}^*R*$>@F zNSscY)S%OaJA!$s6hNz?4(T~-{igQiJgeW##8_d+=#%Ac*7uSKwJz3g%EZw!hSMs3 zQISX$zPs~c!|5gFUXn{WzP=V~^a}FU$9vGn*kx5xIau`$(^oyIKu(YmovZP93kMu* zQB$5%Lyi7!JAxq#%w%D}X}(qrq&$ZxG*lTeJb(RQRSMKv&8H2iz08<3*J!|BZC^v# z&5B)FqS%*PL7oOx{cx$TBk@c2dsFO=7~Y)PEU(EbP6PHV$mc)DdOdLTFXxr6Qg8DY zNIx3M&#plh$cU=USe{zwJm>hNBOY$o_WI8I^t@pNDBQ~?=I#MERz)(u&u9Kb&&C7< zkH2?^5+M^yGcaq*u|Wh?k-6envb&2b&5od4rKp?wl@P9k^p6NtIqTo3AtkFO)@;kH z!15ZX3G&Lo7Js_44t16+vp+C2i3cAV7mK6~o!-{X!w$Q~E*}y`B%2nrifJPt$fj&G zUv&UC5hn5H&gq_ijY+g2C&;pvqPG&xe+t`Q=|4)R<0S}ReYznGQS^oL%;rl+L>N`o z{F081a_9u$0e5ABm!&Kg{z{(*zxX<2Ll0YY`pPz;B=L;2#emjwpGv&F@R{$pjUsI3 z{L5Z$ypkAirOUtW=m#pN%IQ}d^&|JHwD+Hd3;e%IPVS6KzPst5n^Lbz)i_j(lD#w& zHpb>b{x*vj!&LpaQ>^ocjo>Y)MpI51X1U>Q)kLGX*)PdVm}*`M)5{)}sT9-UzZn+9 zEIN`XC@*FEe0joN(dH||n}ntG5S4`6$gE%H7E%7pig$kC^?y75vpP zzh*GQTBb^ZDv{q9#4%#h2F!_%&u1olp>`0GS^0{=m(uxeC#-mv74E~2BGH2Zi14}! z=`D6-K$Al~gmK33f_e= z`@DzCJ8R*m>#`7{yK9gao6Yk8t+_^9&+5zOBSl-NFHdNv>zb=R&w zE|CLVy#FwIt1?M@?Kqi&bp~Hx;8kXt-Of>PQ=H8X=A^kOjMAkH-SLp4n=H7Dh3H@c z+f0J#=d9fL#*Z!s%-ponX*~eLqpTx+-A}jNfHhV$>EK#f7J88xYTQ?bnsVLt z?jeqsw%a7WFGNN9S)65!1WZh>)GE#kvz7q2l6H9A#Pq7o_Ip}_5?mU$ra!)#+&b$9 zbLWdusv3>?-COhjqF&go@kNn`E)8Nf;rT_uCzuQqxc=mw9&HyEqZYy)Tq}5IOf+31 zvF0xDw2?=xp7-TMnfIV0qh+ixIz-j<->O_KnCDz#$znhHly&2LT~n77sAhY@3l!R& zfOQy*qnao<(oNFK%GgX@jkMmBo235hU;w!9SC&IM&k3v~#)?9UNLZCm8 zl0oKT#F&+dNpYx(E51U4Kbs75)9_}%`Rjk!CWofxHo zkT&#&$;>o`Z)ZH7eKyfw$SC5-GgPOMky2IH=m2IU28pkQlZ^H#o)j0&S{BlnML!_-(-0di@ zHz)Svd1bBvfr&MVwU^-#f4^WZcjN48GwsqkTIat_^!GsA@f0BKU_{H)!$=Pje%cC4 zp{(7!N;ejb(eoBB0std6!)e{V2ljV*u~XpYqyFcB3yke`rS{)#mM1Syk=oU23m@&C zwo145(sr~BI-agJE?hc9!ZLFpFtyd5T}5^MJa*Rtz+RuB7*nl}2ZFxQmnVuf z|Gk1OP&@94dEAi>W&TpavaqQFZh-{qMTrJ2Wi_Qn&Y6DLY{ZS0l z*SqoIHy`158(nR^K6>J}Yl3--4`(di&1x=>7#T|Yh@PHPkDs-hlBY0WvLf!{`a>o zCD7x;d!4%CMXIW7mA@9{xxDca0y8JyaGh+oGVs;V#laj9E~g`)n` z<*+d6pv0NLeLwl*@l|UgsNRQnbeGTR zFZBrit>=YpEZ`({b2;}KY=62~{M>nEW%BaXGSPhql;sC@WhUoj6KdWKG9bwFOVcCc zseWbiE|Oz1o-9enYukTaDfCEl#jkcR^(Jt<2RM9@nBX0X`}OHffO8OK`(yu!J~%`! z_v8yYCA0APmvyRoLUN|+Q4-FpLMK7oioG^{-%miVDA4k7-!2gZSzR|j`DyO1hhXnx zt+b%tYAR25TTGl74&XL9Epd`7UTshrZpfwSK5J*N zzrIs9fG`@e)dRy;wVP+-VzS3z?AC@|%;I+QPVp6yEEVb?#T#Ye*G6OHi7W|FEG_^$ z-8u`Fft>8{cUx2QO%wvI5L?1T5&-EgLX zw?#WJo#*EHmwi-#qS()Twp4^goJL3*i`rPJ0;(D9#!R*wG9FlDa9N72MxwFv-1y0MWB0PQau@npRZ5wBycW>XzuGAu zFi&*Zk2g1cRf!y&&Bo!H*a-z+>PvuVXPb?PRDV%AN6*2FoA z)r{vF)uJTQ)2~{}GAva&ns8Ba+bU`7Qx?q+NS?>Cjb&>1=)wvz8!mp7>DxxqigTA% zpv_U6$~l^4{pQ1~(HW?PV-&`;iWz9pq^ZK1)w>04xPZ5n&#TrTI$elL^QnM00c-5= zQ^}cb?ClIQ`J8z4HMggZaZ&&d z%?fR@`)%s40!%eca{38M(#XIe=6(8y?!{&bfLue(Vl9d!xu8Vy{2A~3 zKhLW4i^w^P$h)AV`};Mw{zL%7#*(dMLVcG#cg?U^Ol`MP*&k7(5?&^MKlybFuaj)` z^eK|Vh7J@$LO`2N!#P;yp_JOW;9y<JufO4J+6_?F?DZl(gSaTvWUJ;D>rgiJ}5@V;(SYiwLe? z5(tN#WxwLy_)f`;eUZ)cIr}_jM*VG&l7?6`ZpzjAryMFGGSVW4Z&x{3j2@xB_9Q#8 z>WS|nA$yipil+QakA+y3S`vE=!N@YQX_vY%LTvPRcn<3}tRvdZ@kWIW9!^0oVoyqoV0Z2pbVEU#ZsUapf$!;pE8CQtdr92ss5GzdLUi}Uat>d=C@ ziQ8U)l9IvyHU(9uk5!~u5Wti-L1Pq#ogpe9uBcG|1ruCex*blJxx|LFSPqJhl|fRN1C;!y)9eYoCPw0vH>_5JK{E=F9)_RNCr z5?SLW8zlLNLG{eqh4*H--o zvq`y{9&CrIW~lzh)c9aGHDsS#0-F9h8yn>xkC(d>o$ckGFnNGmiVc;~{aTvj&+jX5 z-YT%O@$9TX6YTo~^Rc2M705yj^qZHtyb&-g#w<&$&Iwc?wWntTESnxYp&uKnyXTS1 z!9E0#bM=8B)yQedMh|VT3*zUuLE1M5wSe%N6a-wClGn|1%FArvMmqYe047&-e^u?A zvjV%BX?Q>cy+Oc4MiM&yl_0xZJsJWbnM+2pwoI?_foKaHg*55)D;>f#aGO%e04pSr z<(DEIKU+p42lbmo-tiwoJXFA2(ybm&^sYe&6!6;?J(ZmcBiP~q1!Q>fpQUd`cCzs_ z3j)TWZdE>_SQ6zQ1F!!_h{A={{AE<(I%(vCArHg&`wHTPxqe7H=P0y8JlRE=5-_Q+V@nR$ z8cTV50mCABQ9xw61_J-18$h()TTF{izF+BE<#M#-NS`X3CknZX15Q(%dHLJ0XvW?y zzn0JjP(ilM9dBd>O+5WP25jOavlxB52aHX>u107?yXEXc9EJMG zn*j=ahcv^gB%sqpVZRDWG54A z!{ZFdVGM{SCH}ayI3{|NN-CRxk9;U7-2{-ST$; z+SmQM&P;~tIm^wQDYJu_^LpHF$&E>A*h%@ZLJkln_jO}dYR9M0wTD?fJAsk_abkMP zlIiV2AS3+Dgy|+xJyMcfaoa!-q2_FIBUCbY;t)c9(vYqY1N9RuSyKV<@($i`LYx z7}2P3t4AbQ_OpU&7DqJv5}hm@sbmtiM+;d8zq{vtG!Mk$p8?>?T%4mb>U7QBn2{Q+ z=tgWexucjvA~DypQAoK zg60|nXE*SbkQYt;6a_HS#keK8%ipD}V&OyOr{B3aaN#FKFAenS=Q4_lQ$O;S!@h3) zz)uFtX0xw{#ooaSV{fDUr;PAYMO+F)0eiY_YL#%UWK%5|eoJJYArZaa*vv`9a?wFI z%wo){bv9kMGPUf>wG+*zq6*U7<`X%X2QV*KF1{I*O}fXY)DIslhbEA{RX${>q>q3| zmAr0k;JR`eLeG+VZ#dx(W~!As@1HjTX}DCzK=Ni?zQ87G(h7AMn3YuPMnYN-V<1SP zqE~<2o|JVPobK{`$Es6VMH2_~1}#CV_EXI0pkhy_7Bc$Gccgg6X_m-Lly zDqs_MALz^+duy1q*cz^L#RHdj(n7!FQ*s`DIWuqXkHVF<9UuIQ!8Id9nL?ybn=NfM zaGw6Wdyw;Z=+#&l>Qr@w@0seh0eH6ica1^>ml1UM(?eT-&G0#7ASJVQtUuIo$*$y; zlzcaAhd|btiV!f<#bc_}3C}E+Uc7YJbKuPzvyzI=gKNb43GlivymModGSF$H?&{;) zkw-gK`57IN7`0#_^yXRZY96`d*6lT^nF8``nZ9Vw=aU{(w<37mS>;GARt*rkv_|jdgIJa#n^rSii&zOcL*<(_3wc~$wtPTU9V7^F zGsEF3MJ2^fM9s4Uhp>f6`PO#90zDsg7C%2HJXQzG4r>?jI4gm|e+QnXm{wzyY}$nZ ztcpg;o@YM}+Zc>WP9m}2yMQeMi85(EM2Hq2G^0cj!1*ikrLxNQFoh@}3>AdWZW#Vw zU_IP`FujDC!Y?I}A#WJ(MBQ)oljpU^QEg^1MSQGZrO3_TtFUkWvFeF;bE_!!@c`ltZG zWx?TSzfhl%M(GJrI(M!4Ag`XK`0s;{Z&9A%1jLSv}*2 z(5zxW%H1x)L-TC8&f^9I9D-RC{<@9V!@UjJ_3S6%YF?>Lpx`@zD3XG5ssiY^!ZeQV z7^ylx`1EK33NH6E5FnM=~5yy+|VWWho-kR%m) z$)r8Zytjd&I9&f@-q7RjclK>~yApH67M9uot9nSmz)|&k+$B@#=t{! z7t@l3hOAyHHvLpeXz@(mXl@2v`03&yo4%>6U^&we2wl^ge#XjjkCUm+pXrgxPi!vT zu6h7J4PM;Ce0EH*9}O8==eZWdNAmZx+J`o{KZvts=aJ*Jw-a>d$4oiIb@TN<{DBrM zB9iufMUblpu$RSH!ESx2?KXZ<7ck-Gc}m3YZz9CdZdpnb{7ZoAKnxPs#a4i8_!A;! zWp;OX^*L0%R}Imlbq=`_BuzN8Ci^&3vsZOZRu}aoM5$GeH3* zJjGqzz@2DiJU6r7^VCLxwGX<}FATM0~K4CyKaK97aNwMJDd`y1j*v1zo{;n}zJ69MgHq#XR{7AWkNW_v)TxRP`#jE1t1ow=Knk_irB zS@2GLBPy?zBMX)4e@7IneT-VK4Qz~)m&|~ikW9*PO}EFO?`^~Uy0r~XMnfPm%qADw zdC>{*m*6QE((@u&3(a=48F~ZplN~01=W+yz>KEHdi)o*+DG3ZmxkeLkCP)9Zc5zgg z9V5xJ+@-pC3-jXgvy(;EW>q@6?p;>GZ_hflE${OG02&145AvsD zd!jN=9yZZ^V?NsTO_ORR(Yi>5qfs`kt_X{O=qB!ToXgo4IDz#Le@yk$vs6a=twygs z%fwOkLgB-B2&Z#0{}~l~M3l;Phb#<#{m$#+{q6ExHz}#CQug4td`px2nJ^$6C{eUD zPV*xEucK9O*)vAOX$)~7&_8WR$OQc65Aqe(wh^x2*MppKLFDAgrZd zfrPb<5?tvcd@Sh%(Vz5Sd&7&B>Pa_Aw%%z)W5npp8{nMuib$R~wj>_yS# zNTcH(F6U^@@nxkG-G5v5TBe{Xvx=#qKla{lACMT%xwm-bPc@rAr=tTnGW$NNmC(s! zsX*607)wM#)Tc>OXve}f2Y7M~S@twXsvt+wT9hxZoMfz$Wp$8BxwZZ6!p4KYA|9X# zHHNw{`n5K(ti?Z7kjUGDHQyc6iPO)tcy>>t>s(|OgZSl{GAVgdlv>Qgk~M{-Zj)Gx z5r7Xg*xO^))J^2@3#fZs%Et8__JnJ-Rbl;)`g*H8Xu^cc%JqM#A9}P&(JJfSQeEI8 zeW2>a7RYh2Snqy;xtzi6+%SFy_^6sGH%D`Y@$Cw;aGd3EcSq~OK@_C=13d?U66Q~{ z!lsK`GY2PWhKjye!Nl=`mLX5ZaI)NDxh!Hf^oByB*u=G(%fjeQnLPc24qDF0qzTmv z1@xR6WKPb3ELG;D23d~d`U|>L_TW*l^Q@KRJVUHBv`pN*Pf*xj#h%$prxkrCY>iVTt|3WG zTC{Mps^CghLoOF*lBS`qC|#gr2y*9VE+hR^Uuz6{sRL7TJPNEZZ+h2bEI~Uw|a~n031}}4~v?a{@ zkn*cvN&nY2Sv5o@;=hjYl8FWqS zKOo? z-kg_gcz4k0|J>5HtM&rfxIcH}4!bf+kscNr?(OEC*&Y>}W~8*6UWDxd%yWVeuDCrg zlXDh&;ZZt!n2G3s?C}AU;VbAgF|8x2k?e;sAY_!{)A+^YxK@(SISbfgWAh}`LEu0Z zWaLNw-X9)KucUA{;Q;lV>|^6oHZC^X8TN(c-BN^%PGfz0bo_{Nh;7TkRYpxq^U;cV zMN6XP!mS!!02eYI(0OeoS4#f(?+Nv$`&}GdmMoRnDvPyKd@%c+GjG5SGTJ|R9N$Wo z_fq8V4dYabY1~ryQ-`AXvcPnO`!DHsC*{Z}bnkz1xsIT!7>Gy@HmM@!tEs2GUeL7> z5Q=`RstT}$s9xN$H!q0;zfk$pgA9TN9-`JAP_#?508tMT;{%^c(F(}8c$Druud6Dsw&K}%IJ!gzG?oX(o52_L-);- zw+L-V|7K(xLJM`YW2@ zj_fygw+D;Z&tnk1WoA|sG0!L&48>qw*a$#I6+A0;5z3I#0_VhJ>lZm7S7S6_F_AOHS@SET8 znW=y^b&bomkF3c(#@q}4!NjJjdapB=1}R&H|YN@Hz;OJnVB<#9psRi1K{jVCPGG zZW$0)rD}iDYx}^P9>%s2h9=*EB`n*5?Z)GA)4mdXkodPYWZ4M*_niiocu1w3EvTl> zPC~S#4dV=T2%>F9#!ISZ_xrpi{WBt)-}KO75`F*mh-84LHcTZrX-)FRa7)6dWWiJ| z(3XLp$h~Y3P=?PyhIdCdW@Nj63#Im#H5Ol9zDcMKJr;7Mz^SaMeJA|fi1DD>$#`zc z(MZjb==PieL@+Bh7wHIot%gx;$E<1@fVJmacne?)kx4Rihk^OPvkME#n~GgPmnK@5}`$LS`eb*taAE`MIKywHoY){DitvqihY zj36~qKwfK30RaZXPH|KPoSxShptxe8tAM|Q*+tr$bN13Ojj74qKh%jeas??^_Jekt zG?iJ-90>iNQft;^re?Hx)k+=#SeQdYhpgl=^9^bJnCYpEh%ghWaQ1Xm0i2zJw{D0V zFcX-Ll_rUn3Ng(q2v@tLv8M_cGS`iVaCFL_+-qX+&?061iki?#k-z!6aNI_mmmxEwL8i;82P zL)fzmxQ)QwjYNJ@{H(=>qbeZ6UNY1R?j_PAmJBZukCy_GP#o3&BuVSV4Q>! zc?R$Ai)*23jcaeeOAI~lb)6;X>*zyD=avaz(<&;m=!mrDfb;`6L0rRi8O(HYOJ-xm znm52qAIGadWt?Z|-TLeVvpo8=-^t3SG=t;+BG}mPh^Kx%?tHt*`N1(LlUB@0^UxTo zGZ2V{n_p7W=tAsLRa9KqUp24HR7i5C`W92?&e6yq7&NjG69*ocW4f5)wf(dEd9;Pi z$cdLXHt(ppth`;4~zPQK`3K`)Eu? zdp9vV@MgARI(K5-(86X#jl>m^f|V5v!gtCNoTg8joD_%}D5a05w=2}tY_AEq1<15H zx?Lk-K=!AMzzv_-K#4;=k&v7bxajIYF)HMnhaI2!ta{>dB>IEFb?kTW*^h+QyvDAO z4-zm>-hm?hW68S5yj(}PkXS?cU7XV^LpLLZi?^W7UkY3ahZ|9(lL806q&^Lz6VP&u zw6wmd3Hn&*;4h5l3LP*F7;#M`3-;VYferk|epK1! z6B=8YTDNMu9}qk)*4Z^8#1?VCZu`l6AA|R2d`}W3dC!SxBqojxS#${g4^}W#ViatR zWSxj^P*pBaku(c)nCQ1_)c#DO#oAmw7F~9M<6m&|m4&1!EGl1gHaFrd*IXsL7vOto zgcT?t99j@xUC#$lV(?)JP76F4uAa)Sk$ zAVnbq-Wi@Evgw4XC)C;6;Js&a+!dO&k&X=SyQ`*jq=QN%65yTTe-Haim| zh4H?VHH8t8?QT99ZOZL5l>2*}E<|L85>Z#%>Gfb)Y0#3-i@sGgW^rAqI#x6tYH7mD z{Z+6$*iGZ7!_*&YlHQrwQ2m_EUwy1@yv36J$mkv@c~Y^kjSc9MF_*w6IA3dFkI!3e z%C8(Phk~)uZ36PE3mp_kEe2wUnst!HSDc-`R{WUG2nt_FZb*W&CGjk>Z-- zbBI@Sh(1dY7l_B2=$$?hK$2Ig<$P7l7&DC=yO|f_#L{FcCY2+vqeVn%Ypq6=KrNk_ zvhb>gC^l)y7c#FW^iO$v+@BebysRced&|l!{S605_EsLLw=w-cHm-06+ zXOEpAx{(TJK?qTPA=j4X`fW>qqQai2;Cd05!r6GLC)f3of3k>>$=P2$k~?aboz^Yx zh~C4N_*9Y`WK!*^l-%uh!LR3Ab+koiRsu5b)UUIfovi$$Nd1OCbV&OI-RIVM6Zlh` zof?4|wq$Jzu0SwPv5QqGx-Da^KfZwL5>(6o73UuQn9-fFXf224P2Jk>g4BJ?vk#aS z_=L14QRl zw=><>Zh}Fyc`5L>O<&HN|N0y>uJT%;K&MmEA@FB)G!Vsm5+!GN`_oT-a3E#$o*?gl znYetvKX?GzopF4H$?K1m{E;6+`|8Q;*HPecE~nmN^aSthu39==}mrKFny;*nN+VqG+V3{GqJyK<_+Xg?mgm8y@_2x;> zzGB$_l<=Qtc3ul!kB0K82Ea;t)smI|>{%K1#k@;)1-v&`o34xr(* zNqND>h@Ksfd))Z^_i$&E516d-(6+7uR)WXt+y6b3qP4nMN8qCWRPy-ZCitwa@(jec z&-~9#&DVOH=Go7!Ejs9U>+6IUuiDTfn(&_;V|d(QkX=6h;QaXP8^u)8HQ-hcIHzf4 zvG00!^obuK6`({0`v+4cX$(kf_v=OulKDh(bsOxT$x)Sz#V4rHqgK8nl+z8hBG#Kl zQZZO_k8edqlsN&xZ_-ER!LY~$L*x;mm}ZXkza9%~-E0OqQL_p8yM^S!%BZJsP^sEe8Q3D=yhq7g33C|LmxT1_7q=JVkg0zq~hhgJe;T`&)4RA|PIUA%Lbt zUJ@lL&>`=VY}Re{<4x`vX%zL8IIT2WJj6iCP~JFv4&cJZD6;&~D4bCIkK1w}s=j>4 z)yBmuQ+jN&u^GCQ94<+5*+OclfDDL&EdE?jgvoVhaXJ~Ae!#G1tE9Zn#kMpp=6V-x z61PJjzT#7PgN@W`w;K4Evh?)Ut7G<}k6BwUh;P`TnUxK2Z1(b57n^%q>==ioG%BCi z?|{WfQXGk6;b~2?Bzv100oi!)M(}6gsd@CQH#@%o@4pZ?wzr~3oD0uC@@7?9+f+N1 zoVB~oppfN$#^IIwh;ZvIlexK|@O&xo;sAJL{E!1!a&H-6X0rE=1#vo5Ul~Yj6crxfn(WF*1|eW(;eUV@50}t_A}ks$>zNhIr4OxRW@v5 zmX5u)U+Vvb93d14Vm&^Ax~-WJ(~7XSXWzLOozn{_rLSV$Y6lR$>JnGI6o`^FOuIdw zhp&d}UN_low<-104ofS)s%5Tv%lO_2$Bo&~d`A4Lrx3u-+LShLbLwXml%@~gN!9EB z+o;oAY+U&XTabazLWTbPs+0*4(R(4t+k(|!nlK>{`~}-kU8e_^*YaZ2A1jz#tR|Hw z7#LdX{FpzOiHzgUFz|{v3KD&jUFvBN0f|2i_F(*nbY)Rg^_irK^ka}kjpL6mZzsCv zAYPx6rq~BTKi<~9-T%j_cMs!*zfQhk^hv^LizCJai)mS)L6`3oS~d6 zGm-!nJU>?v#AkJ}D{`e;a+z|;{c3<~Zd$|mSh*5x`o3R;tM)@cl-Ckd=*O|mY#`@; zfOoEIAGM6&<3%!kG{SdExVTlF$NSy>rm-yXi#xV(8%U$6=qkTXUXkZ{-hwJ&@WQE? ztqJQ`H%trpn6}YgB2*-Jn0?Crdc(H(DO1tu3-5#uh?$v_{vL^@_U7!Vu72?sV5dGg z>j1+t-;bjt#iZC;wP+?5N@%9OT62ocEv^kpb5{qR)dNqjooh=T62dihB$eHuDD6l% z@cl#FL%)(cUYwn9Y2=-#T)h|7MbZRG2<{f`^a;0{Iqfyo+E9b31 zp7(svU}4`clY2+X_8;s+fa6SN*d?55{;-GM;d569$f==k#`?ODB66?MmIIV~-k&dI zH@g!XgQ4fufNhvjtuTc%uZ6Y5`T8N}z9dmDTUWDrphbBX(af(G|7pRDX6iMscip^t z0oj=L44I`fp4xWN8HrNtTP6H`g}lkcoOg;vVK#9MQE3>;8K1LDo~MNFQyvfa^?xch zR1$JLCHQ2}UAd^y*h_m@9mdWKgxNw%6iTBSvhwCwbceb*## z3vH^8Z&p_CS1=* z4A=zbJfZIND&!;$3!382mt5(4o1D)Wfd_JD6EP7YEB}!pq&Jfq9>SKzB8*V2!lUm& zeOFh)d(Gls`2(&x463ZdvQMN=iKU?}Ic{q|f)Ul`RtC@D+5nH91xYIrXlC{Jo`^XAPSS=egq}>SN zZ2#7>F{c52-YA}th_F+k+Bc43fC8l*cW6{2kHIJWn6SUg#0K0XJ+WQr&8)b=&tmWD zA|x8n{JJL!VwsoW9gk$w512I^(G&a0Xv&qnUkoK(w0=8 zGDGl>Xrz@0H$8$b9EfiNG|$$4cThlec7kE>@*##|j7LN9&AX^PLSy@UOcI{tQ8Aj2 zym0?UD{a~HQ(?`{8D~8P)8-qQFCf+8YHCHA6a)5u|6-mPERxPD+@5cyG^XDv5#Q>*fp1yN{Kl%(YkY-=C%(mLHRA^|)9#ohOKpywZi*ZbLd&bY zgEwUKwcCrBy`2jl^SKzVsfz=NCFXj6ePnjkVPNbC9&69nch8eIt(1E z`mNm^<8pgbu}t<$e*g+)mfcZ$eQlYq&|9a_!7qRxLy-28k6+P2@vSy%0S(qA6VfG< z;KPBH3LdbtKSV`_W=uqvn)+IW_Onj)NKhfPb+Javq>Wa`hx&`aHJ*Z`q zR7$pc0aci`#3Y*TXr9Mc`_y@8syrO9AtV9xjZQ@(6CH7}$rF8YRA59kiyH_}JUG(z zyJWf(+OjLp@4*&v+z z;AEh0gQR%@BDkK}SBE5+2fu~aO7au*mHB)a8{h(;`a1bz?ZGx=i1&&KD)~aXts;D0 z*l`QFjeM1`OddHIdRG(-Uez&jsFl=$=O0YipQ*oNg8jHU#@?_w(vnE_|{ zR`M>=(TZ=}EKrD>AtL1DA0jqt#P^Ygy0xq6866k zD-9D^eEGP{|)P}%?Iiy zEzM@GdN@|)M3grETeH>yg_^n_XrrwksI5`e{?JY(T+5MEzX`I^1I3(^)qPtamg0vd z+}gmf*zu?}%szq$z(wPzs!YoSYWd|}cb))rb_ijW&e(`={_@KC@&QKq3u_J;PcFHB zn@b8+kfI@(4Wmwq8v}hzT|BR`XhbQndBK0D;`?{o} zm6I%!%XbYP@1CAI7NNv0-zSHVkl(_+2Klu6kF1_*G5r778H?KknV=1Q@Xobm+lTprItomI;A_7?p(UNOX)^ZK=i%e-{<{vcjwN| z%$>RSoadbLJX+O9P0A9AA7l1{;XS{pv8V4$_cg%0O|@KLPxanN;dP>98kIYapyU)r zU>LHV-&FrQYg&2=dmmR17iF$rBr5I)Y^~P>ss>#j33jA`W{Hd3sPpZ(XsgL#V;QDJ ze42QoHJUJsD5$)HUipRl(=t19*j&QE1Yl#`Mx`L~(E{Q+^%) zI!-RUA&-kTcx+TS?Xmv!cMq$%-rlOa{su=nPd?ep*VU0cXUfEAyWjpB)c(F%^m6cE z0X@4{gW-gk94euHQrLYmdIzJPm{&Ma!Ja2Xsj-sWKa_>`w8k!_Iq7|Mj>^8}I<3fR zhV;j=Fxn*8*sSx(^!E{tiujE2*7+E@LXqJ|)x! zfSzmi1cd$So>INss}w|y$;_s-sQ^@k5>O`=s%QEI$iFH0f*K$)03x_ZjpK>@1Gnck zi&aij<+YG`{!*sf7IIY24rt$0QiM-+Djf3tzT?H8{;39S0 zGQBgEiDHO3{Q0hbY$d*Ngh@!FHgW@yk9~m~r}ht901(P>-FL;oQ}l9h66!EQul?A1 zgUVDbKc{GI#jI{z2i&ffs9a)G9VcxVkE3QBq8E@6>|||`fKA^C+{Cx;kl>LtD$RVP zko)H&N=n_v`B};JTze)rW5xCthko)OH8$RP8jS_kuH<_}3}qqO@Zno}WUE6AC)#;d zS?*sEm0=D|@3S@6;6+IffjUW;O!(>AgDsW%ZfwQ9jWR$eU{6*^d1dcj7cXmybF)VK z=s@T3opVaaLN8c4_T3cJX^?Y9vo#=32dU#}c|j~II4meQ^m#;NLlBvG{4TKP-B~ZA zaN)!Cz?fauihhSSSO=DIvgiG<0OUp%!m77O zVibC*$K$b~`lM4Sw=SnxAc~oMlcXsWuN-=GM)P50{OL9$kBRd{&MpI*f(OxBx;=p$UEyE9|S>+F8k3Y+D_;pV^18oTp#K1A6R z^pDl13H%IHE^LeTA%)w%$(t&r8D=_~W|EX@&D8t_7YpkE59*B%Z62t&rmB2TQz7S{ zQXOAbm#G{&ayhC=GN_hgD{^Qnat+iDijhvisp`ThHQ^M}jCy%^nGaDKrzc8$)+Ptb z3P8^|&lUE`e<-oA(2Zs>d+245E;Y%r%5{%|Dmb(KH{+MXD4R3}&xc~yi{0CTio8kZ zlYJ;MDo}?Bmv&d9z-fXyn|(@_U(Bq0X5Mkh9C5K5eEYY=x=LD09o;2w6~6n@S?a2y zlp!WS=h*%;4gXboSmBD9ZaE03F9BwO4+La7zj3Y{%JY3%K&=ntqtq5LaNB7uVo!T) zpwWI+l{OE!>}LT$*z9^c;;&*GbQCky-lI~ zj9FKA-xVC=)~fS)19jO~_I!j~5GF@$*x^F6(gP!Qm4@f2KCzP?q}Zyp*) zbvn)X82~Oq(>g>H)Lxh&Mo-3kHFmdRg(YDzm~uJDjp%%U+pb*0KM*57XZC!kf9oVP zQ`b75!EcdUGHKU*U2gm-ueBM(Ra(PmzGP{?^b$zw;k#jG~ro|>@@bU2#hp=j9Xr6Di@m|4ZCa@+ht+Z#LceeeTfR@XNuTdRqA>?guBZZF((+~?g& z=aeq19Y)qXR&Vp49}PtH&oX#p&OWuV3lQ2;kof*STte)U>3^~=@J_U}cfKMha!SDz zCT7w0B?Y!gJBHZ>*`P`%W9K{l9nw4PX)J%qu=UhnfK>`j-)EHZD+m84?22P-lMp63 zr)OXSj?VteXWw1{?~IGjkcy6giWq@K?s2!*VkiqYXw^L|iqz(MD6-M4&je4fKQ|A5 z+Md7Cu`K0SDSw4JiS=I-G1eJp*lTm5!k*|Wlmo=7Tbwkl7qwv5*-ogr9D zlcHeW5T`1jbRO>jVR$8W+`s@{h&3OzfQ;?qW4%KC`d_D437i9a;$%1V*gw=hkscsO zuEZcGMGKU{rOz@x89Sk%gaZRJ+?oI534m$N+`wKzL6PDV1T9xOAvtxpo^O5nb1Rmh z3qX4!(}E|=?n}x*^#n!lVyW5xu0ZL=4a8}q{DAP|M8WEW){~*2EPTajBOL^kX18ZW+NuW!h7^kaN>LU4*(pw{`iBuy+hlg{4T7?sXAP2lAoC2fb z(+%Aovjqi63hjn#L#Dg~fp&U&mqq`TMx}(;`D`o5UsrfpLwyR`v{ho~`@O66BxB_} zGhtiI`+)6Tw=`>d=wQE`&+p#f^HGDS8LKZ^utEb;*vZ+J8GchdtfcTVi+oSYN*HI6 zA+u{{mtXN%!0K-{!f`5-96FwgborGe>bW@ImrBzdK8)cJakRGI{#LXalwg(Y#HYZQ znWpG00ZZ%udhTzKl6xNcFifBl1}q1(gQ@sc(y5;Vtv^T zUIQuRiX2RN!qsk@VzAwXY$FK6R5lSt`}A?sXY8n46lg=zDd zAej2r90C$NA$YF^Behq%9I4u#fVEJ>k$4WYV-*g6vJ+uMCUVHvEwibE2S&I9>WflH z9xe)YzH238%e({-$zkHGO}k9v@C%%>+0X-{A6Nr4J<`rzs9klSwt?)q{rj_to*@pP zZpfmIEl|(>sBWmLzD3uBzUrfHWrH7a4zdb;x%bYQd0LC#%uNWa!~APHmW4bj@(7Ut zC{hW+?BQh0Diqk?0jas()<$ykr>r>%?`CvW$tdc(a=hwNd(ztJtfzcAl@UZFnOtI0 zaz1h>wc}0CsNHuqsr^^qIq5Lj@;*y}2R2k-F}@ahwE%@R{oRV~I1lgL%5mQ$|7_TE z!4q3V$qtz#ZTfG3b3j1vK*;mQKS4$$9dri!M|ZBAnPgjw7LPXgeI*)(%#BOEK}mt7 z>zV(^>BpMf=}$;Z@Lr4_odRS^Pd!Qdwc9w)so+W5QI{#OSwnz-rUU-DW)?8YajMoK zCy@)`$M%k|!Hv(|mm0)ir$2P^82wSf3-K;PQbPXM-{~#%7_+RQ?OJP7!k@Ksoo;EqJe>vzgbfP)bit*XWn8x#=pddXa@$t?f;HN_>>c|6l~X3LVnu>J!qNU z^Jhd$>2Zzq;{|5ce?nd#@CtRp7B%B7KP+S{Gu&D>;hXPm`mN-?&Z8lr{QP6@Qi)cj znjQaY)>x0)pvDgJQREda?`K>69^-AT;{Om`)4CVq8KsAdp2TrZqD|x9dF3DT_Lq0c zD0q!m4)kgF!fnb$y#4cnGg{L|oA}cn^XT@^j(AeOv`$%8P1X}GE;42)>(uT`jdF)w zBgLw|wJ`s_8s<1a*a-}+Z17~X)?=_}?R9baGro5G%p)>o$Zz+>*6B;+)Zd+$GtHY} zOgGItM|4wR)aiQbSkVGpBkn$RNuk2icGscm#h67}6-zroCNEmM;JCJl?{nj7&FA@e zU3Nk=)`uEZ#%jgpOC?mSBNQgKKplj=XjCcnJnvpfJkARhh+Hf-8W$SGjnj!9Nle&7 z2iT^}ibBL1t0VNiO6~(az_EU_?ZjBo;+&vYme(ls+i-Pb{-}tzg~<9MVKuSQldV=* z__#vAl#Zx&Br~+uUshKumDKM8!f-}qQ0w87+IpqWqm`Eevw7u4jXU;)aec|U<-ji) zw>(Et`kqmatCThx`E^ek`=F3eV)<=)?0W$PQ4Q|8O2&EftSu>Ro=~>P!oGs~ox4Nj zTuFlWY?jG!M&4EI-&c&9Zoig!T0K-i#*R2b_>6}r0iROysnv7N(C^DQ^K6Q(z|oG= z?=?MsE{?sEZzt^D8bnyU%_cS{ugNQm{gO8HyLv_{tlfr$oX*F-#)N9Hf7PLGo+x*@ zvQX+vYJjg$EWuP*$;%N_OZHQt;VzkQXyscCDxx;#yfdn4Hn#^Q_VoNm^iS; ze+`8yN-^A#2{|WbZ5aiI^FW>)TBzm7&EQ)S(I7k-r53X4LXBEVq`fY^V6=)X<4t)g z#CVMzEw)=cPga6ImARZh2Ah5^sk)qHy zKOnJ)5_1luG7074NB_;Lpu5uLu1o6 zoE@LEZCXirC=GRSV%Ut1IT(e@OveT(mA5s53yUQmLD)<#tdOrGUs>SF zE?m_ELfy3aaOngWyOFtw@bSHpvWAw^5)%gF;yGX55h{>iws>;o*w{hvQQ8UvcH||F z%6UfNloeE1OC4Nfbj5k^A_3EvMwX)5GyDI1@S5ma5+Y^&pff_0UW9+v)LaTG*KDe5 zCxr2k>KxULsfc25&|y0EZ8FdN zsAT?z%rl!TfwnKFH=`U0j^Drm_b+8ndC6(!s?tn0YfQ3_Iz@^Ypya&LRoxp_W;Vkd z(r=NMh!K(_-Au*9A4P6MqT3)?k3<*r4RpwviP&*a)xGVB=epuQVX-jdo@WcU6PZFo zgDI=Ns~NWc&hldYkl;5g@D?6gGGJqWfg(uz51&?4ku36{q&iv znWgtDn*QOP4!fyuzjrV)sy-Q79qgzP+5S8bS;N zBzPyx8obW2(J##RNFW(SY}i>?w2pE{a2k}4{r|p$O?>!r6wd{ewz>#4HPxF~Ji1G&h8-f&rJAV#brU1l z@LL%#CKG#3kAc0=^$#CBhY`*Z`P$&*q&|})7u!Q+Bkr0)r(v_&K;neHHK?;l{Ereb zn6{K#qWd?_>8x(_#`KtIJ<()%_vk@R0dvBtN!q=>w25WQ#ID8&L->fHTJg?kq??fZ zEbs51FFp!;$}1S^Ga%Q7Cnw692+gagB*DCKl9@dSo;PV}7!#{3%d|*-M$3Ak=tKF} zf82mm#EBjUl@wI0Piyw|rCFyvEGexqT;I+b;n-JhB3WnY2$`si(nuHv{02?8H!n@n zV*=$h)<6DbK3D)!M`IS+5BnzU2eaw9(<_OGu2qOBPPTRoH5bL$RGQsLQfB}x;66^QT(*=gV>`J*^qv!{^iB?JIFz{gM^KPx>Q-#l zgZ+ynL@bH<6QR@s=9I{pa3QBKP@QrSowf+YhGSp~^)pgWMs&T^HcAx=#iOG4_f3&O z>BKU(JD&M}Qq&(Uwwp@nsHUZgou91A1z0%b7Z%Bv;(>sM@vLK!j3>qZ=UNgj!OCvs z^R+~%`EL$-<#}RDa|wEx%7gBmbdX*6TUSEl4qnQNK;6FPpz6L6xTx-+Elti{*pnvA zQ<~%1+{#Y3giM?neDiLd48=aTme5^%Aye#)`uGo?&=hE2sDynCzHZ>4O-+51notRKS{~Vr!n+vLwq2MQ^ zLJ~AO0<#8`1OHrVo9n^-0MkDDk)5fO{vGTLE6>-65L{Y1Jd}+E-aAPV5k1h>_R)aN zLk@rb>*}~O@_et`%J4F1BXE7*e|3X**MI)IHzFc6&FQ4=^$$E6xwL%hkrRA%4;qXY zV(5-^Z!v$2kJaogMZ$7MYc_)_T)=xKIu4K<^5U$MXHJ@j6wMjBHV@U>V40AJtGBb- z`ufy#F3=QnJ@WR;COS=Q`JH$KKL{fRpP z^j$h?or>DsCX>`)(s#QYU>%lWj@2Lav#9qB|9KZufNC7uU*$AS7mJ@1Rqi~z`${nE zTOdsF2Vv#jNeSILz5YuHVaej9KY>>W9H4-C@uIln1>@iQkm!zuD31Pol)q6?^kZ+O zIbttt-wgl3z=Slne=@BNxKm*s8B1h!NC0~ae2{~MHn4~?J{)LWxF5_1T1ODpaAChI zS9u^xcwv?AN{LZvbISo90Qfn%!?ywJPHRh$<25Rqfa~Xy<77S<){( zwXD91$#r_E1gsz|&E-q= zs)i|0@i&MF5LRQonfEm-!#k_`n3OnZS->(Oj8ZtLF)c`IiM&IyaO*h@So@BtHy zMexrMdxnGTf>G}|767w*wmDXswtS*-*(o`GPu%p`)@a(i^RC1xJLpKMhvh{@D=cKJ= zNfUuqq30#Jo|Xx`)0z)_Nv_I3noc2Ho4-?kj842v9YsLB;y`XV)LO9VB&DLZ&qV$b z$r_jezkICNluZ9>^hAe*gEYDDiW?s_TA=tUYPV(9>A#GCJk1S){W(1Rw8=ZqVflYt zrcFUt`2#b%*y8LCcgcinR<|`|YjECpPshM8sV%;?)qV>-#DtU-z`@I|E5A=*L6|?S z^O+Ich|tB^HN<_9Zv;-P4?y~9!;~FdxWJ8*=ewPOI6~Pey4kVkizlpFXeK6n&2lRmJR{E=4f*J+?tKGMetU>503tLQja9CoD?t%K{U<616^I7v_y%aWe5eo-pQ zXJ&uW-`DJ2OTq3ZMmN4%B}1cJkb0UxzLCDz>efNolX`E+UsI%{jy=VXuhvE@>q;<2 zeBRe&G_RdRes5PUB#)U{*)OmdoS#$xxuOa%+OVQ5DUo62$D_m9LgV+4?o=9n68x(g zCMK>}>FSTGfgv>tr|PLCxA$ax)s1~UmxI;vypQ!Kn&#mH7p4&#|>*|`>e`hMdF ziAEbHg&$%R8b_67cBbDB!xK8WvA?W5b4GjBwGqpup0L5_Mv7rPR>Cv{Ck|kwN#HtI zle^DKAh&}=53z{g%5Nq_L_J!4G*Zesb^Sz`hd%z?JaqZst2)>HXtMfbtwtul#3*ST&lMczUV1*?-4NEwOrL zC#STi$E+F;^&y~W0Z?LN#7GhHFe{CthEWotAC!Y>_Y(@Ws319+7$BzwH2%k`|| z8bOeP3AOXmxJ&pR;mT3pSym*xMK-X$d!b}LYgjAo9G}ZK+Q1E{5odHO0detxyqY3E zGSj$eCI?TjdU@r<{sxFvwWK5b{|${4xMyW_g&A=*RJIw{gthbsp>d&@!r*~c!m|8j>l#5q+^fUzE}G4FY}+z<6F2CWBs;-9Z>rk7~ORBj@`K}I3@Bw#mx>>uCH``pjsN3w}6j#iYOB(ek_M!Z`kps8km^BkJ zGeVS6s){Dr=Su=*gBE$Y8B+N=$2?p|aky7jIMT(4q8cddQIF2;`j#;&Ng&T9`u5P@OKL z(}kv?@77aFeo{?GT6FCdCwe`I5(ozP?%QS$bKD3TxZ322O2Gr$@`SFb*u_8atS9f+OX0 zTao1+tQb|;1)x6sS^taV#|36EK-^7uuCNE#rt@8ES(@|S3iy+U^eRcIH2Vv=# zlP4Vuq85L;c{>2hivbmm8D*u<##Oo)E zz16qf70u~1XMa@Sd{EK*>`YAu##!_^tqcSrSqv^^{Cd8g6vhy@&4o>V?jaHuj=Vz^f$hdjxvI*Nyi8f<53HVwz zu4`t!luo%8K48c$G&wvrhyCps1#FZ2xLo*#)9Q-_LsB!s;$L@mv@zz=AB)?h!Ht{J zU!*E|hF-3o0-S}KrB$ly4#FGnnbPf3=2}&_ZENbN*r|{+9Dt-RD~M~w-|kO_^}gc+ zEm$Vg2DzDtE~U*Eact^mSQHt>3Lwg5=pXAb0z~QnLOgrV@5lFn&Zwh_%?W?`mYw|8 zo;mYsvGjNg3D>VJGM0Pv;b&^KxjS2ClP{|0s z_IM`v9|hB z@Wi=Fz_3|%PT?6cK|xwV>I}4 z!^O`&Gjf1Hn1IL2$Z0H+o@jn{tbo7A@R9F3 zQ%m%WDy>cd{T*K$*nu4O&JpJ4_o)aKH{BG;3 zAWc15s>}_Pkhu=oZ8&G|eLa>?CK^bkK|#p`qHn?7AkK@6q1^jLLq0$g{0ww}ko@i5 zuSxr?`NfF%KLh$QAW?lB@BmOU*w3)L2iimAiGU<})C0tmeOEId%IYOC&I1a{1&dhN z=`K=R6-cRHj&JHNXE$v6uRGiWg#Ukwieirz4F#In1I>O|65OF}>3`(}0UZGiMB3Ya z_IEt{>?sP>1EO&MedW4`!)Id%U@x9b60`J z^(wM|ED>c!x>a1ZM@1aRTep)J5T7`Z?=3Z|HnvQ# z&F^IgQ-E`6v`xs;cJM=}#b0(v{_fkeyo&@iIk*ATld zyERN&L|8GmtxCe4y>wrqT4g))w~IA2P|^o4l>ZoV*DcMJXRS(9v(s3`^I{>@1nutko~+$OXcM8S@;ReGp+Os&p%?CLRg#v) z{MCv7Yd~QfxSN5K+b-T+`lkSNSWp<%JfzTX(ZO0kbG#E4bnVeFN^xq*+rW@cva&BE z!%7(#dfFq9^R{Gf=8bmquyB&K!o9H?^XCQTuFzVS2!VYw!rn^=ggz&e0{r!MOaUVG9ky)=iC{#~ej(QxAQvRp&&^CN{bt>gxEKiG+%U z(#n9c9CwQap9CUHdVUxXjOQe0$|6Ze;n{)#f!33;uV+{i5|pHgWKIL%3z(ou9T!gG4bDU*)_m9=+#6~o#BIiv^Dfq7G02KqR8&Z8(id9 z=Ke+V(NU3B&d%qs=`aGQ^35LLE=r$n+}1{bj;*_9Q%z*b5%BV=iS}H1K>PW`AcAvuHm8+~ zwaDkmbEsv4EFM~qEp$3WtSyRPtbBB`FnccpDeNdhDyVl4(X@p240!DQ;oY}l zVbb^YyRI@-`D!=?2Bp{a-wqri2~8X*MkHKk+i*!6>5$=DBy}W@%W#mQp*H+DqZdOo z*lV50D360ZO!)$iQ57`F0Z88kdB03tsVaH9L00s0qa;w4C*Dde;fx zYnIb9o(bOJ(%fn;9)|e{%W$=-)l_Cmdym;5Y7qsoKl$dnz&WG65*fs|#}r7&lKPC4 zz)X|e-|Nu_f1u)_%yrd}!*+svfkknK%TBGZdBbi4|E6kTA+n+Breg&T;zGt&IlUF{ z)FK=SQqfEuqjQJygySU8REI9EvQa!cBLZLzr__|jy9HX}P)PHH^0@ujnrs54@s#0X z3WLJDqUE%5U3?&V;d9>%>mu!u0m8Nj022hcJsSeViceEL(DkFZvB(Gy5E$Q^q5-FQ za{!C=%$MQNHYZaFYt{dBE~b-z)9QkXp<(u&6{NxqiPC!)r@j5~E%e4#$PDi0uSh<^ zW2{Q7m69=5Mt?fuZ1miIWK~&q8wiM6=p8*0UA|g&I}_w2G|9g98!@riQIZhs+8&Co z>9Xz<6C@S?h+pYgHoVHZXlzV@{EukWyx!sZula3EOPUfcir6z!UfF@^FHPFJd$+Xg zVJwszCs{zv2KdNMmu21kjOzG$^`{o>ehK&TB?7Uosle)pTf30B{Xj>S0R5pSerTcR zMCw@Cfnz`Vs9cN@+%_AMk zQ=rgQA2z;b?N4vWf11P=T@)0CE@(fItn@U+Z>(jcEIj>|1 zh&MYfnHD|@Djr`WsE`j?x+aa43sQ8m8Lc|ghToZeUh}`lZ}s5%F6X@Y8BF)QONWf} zO-n$CJA=8J=1nX;AIhoL!LzaesQpL@H7wLyO1^4+vhzR`b~q9s5%AJ>~#7q ztkLA8Y%CD0%VYDP;q+}|u;XK$yVbB!7*K;k1!25~7@nW{Iki$Dn;GYtRT$0B~hiHBS9pksRuD1LNe;L ze$zFqoFz+bf9$i+o6EAfOJLG<8w1ao(G7Esd5^kL zP5o zNtX3s7e$9+E?O=@9*vBFR-4ygNslt#Z_7i>lHUg-%Of$>M@K@vsdwtXVVN0xWmUs@ z*lcus*{mzEiCCT_#TNmn(HGG9B3@Df1z|)V^k5z%KU3&{Rk0Hb3zZw~4s$3|(VCpX zrJkR;wkHiK5}lgKVqC;(8=}@{FQwgk3YJBu$Ne1>9W23+K zK9>2~MjK7Sdt7_qe&Hhzn@*FW=Z4A^Q8L)hLVu;^j>rI<+Ij1|9X1V+TkN9BX|d&6id3`{M{(oI6^iX}?);Lyfu!FggGB_EB3 zoTfx=@vk}2`(<2t>`8R7ED;L_o3?}&spsmk&$(gBHXC%0Q%3*|GqSHThjt67uYVmkG~y)y0((AnMzHh)r8 z`auis;`-sZaJI$rtH&@4e_g8w?)}xj!8~04*l1Gk8|j))LJX)JPC@bIcx2jE_10G> zKAvz&SYQebJv-_PUuNQSvgf5zt^*oohfb;2^R9M{!)H0CGsXsl^5udrY{Wl?=dtho zI;9;J-Dj@60Msx;D)gMpaw2*gGNkCgg+YG7&^qq`PnGCVhexioxZ z@nBUU2)4&)9(a!Kp1S{NnGN}y?0&q$^hDEESnv3jxLo^=sl0!nJveh6{Ri&=5W2zJ*D^wL;ud zuv}b8^6U(ZS1;q~NGFr}_xm-cVCi_O2QMu%DJcg-i!Mz1IrR+HVA<+ce zhC>YImn$p(!;h|wYBt82I+>{Td+7Z9n%3t&T@a;aOW#0}UaJjNR&LM@r>%CRKxKc! zfLdx#o>PyvXQ!HDvPm~0Om@cUHbpTIAy4yT;O)@XhPB9)1`zTxOhJ>IGW5}hSPu!! z3S16s_NbOgRMM|MH!kWYK-uQX=1dz8sLhF{jXD=g9X99DaB3ZkU;W;9igKU&61GYv zOs_p*xUo8KC#^~M@?8F0yZl}5^+ep241*KKs#$?V^UGzuHF?u&r&OwA;$6If47Llu zO52{*f}NnEB9DndnO#xVQ}5N=8JmTMp!({yQe~h$e#{H zL=L_MZ}l(9?&MDT)!8537PJ_U_T79fiqujjNKW>5Guh^R$`$S!THwJTE_#g{Uo;CXhsoA*sD7{0coPtJ9@?Dq<@-H!=F#8R- z!cm0DXBwJ}Z+}=gW20*3AZh+N5_aFH?G$9a9pJc-n&Tcm2mINuZBpTulSa;T9I9`X z0&x=B+ibDKnWWNQRO?ZV1RlQ+M3+Ic@(!KnLivo-``aAlJ%;A+(mJz43YHj_Gb6ck~)DJV%5;FI_N#xVnYawA|`tChg#!r!;A z$^jUpo9FUEP)UWtx66YX<+IL?@n4@~pzIta_3A+IWK~-z41m@}DO{O>OPRk_ArVt# z&0dITAm`PH{dE;`>pj|8W(o)F8A><))si4+0=m_CA3jtGq{Pk(14U41=N8V3?L82n zN9T3m3#8<$HLmcrSB`O+S4Mv;1@;Y_EYSF3gfea41Sv}S|9sVbzY;h!Kwd}v3UzUa z`WT^#QTpPHNXqf$q#SFAk%G&gE>XJ{VfnMSR&yM3w+#VjfQT4!Smv6n!N=AUM*TM zi*526Hoh?e!R;&8L{Pbu-8JEU;oqrj3VkONSd8+Chhkf0hHHax6;8saLZ?sn6WX`# z!Nm*z7n9+*ANpJRztuSCgB#nJz6m#&yHP{z*8;E6 z3|c9_l_PhgYMTHU zEJ(B@jI=NRh$DLS>*I^R_giVWE0YnCH_n_H!~S~l{>BIwR>A~zm- z80W_Mf;#6$5AjW&PxZ|FW!=^Dgf%O9&(bs+1|Gwzy82*NDR0HYPdK~| z5KWDMVhBsxB*`^I>BF9#q4l(oi+USSi|J!yw#ObhqH{Xh=x9_%Dw!u8lFfLSuLklV z$f0f0$S1?nW-5fV36mu#fv?d-dgk5(eW}l8rE$+SMwWKPFixJN!=Xt6eFcn;a5@)N zMc<5tX1q_66U`shDU(+SUfsFv8!-4~jFK`Nn_7Icv-A=pOY}#Ry2uecK_%1KA`AQ? z`q?r1H~1gu$XDgLIZx6!{P(_}EZNqcx6y2gL2K%)g`Q(%VQy=*m(F|wcky^TH`jI; zl|CHW9|TJH@L8L-3;#A)LtTX;MzCV`L-K}D^m_<(PA#0f9Pa+;A*q&+j!O84zm!*SU-cxMzj(tQypc#^-i|E0Jrq{v2@TI8>&$P^6Io# zVjLLj72Zxv%pWE%#1N`!Y$pcA#5e_WYaV>&PH4CE;nVoOG_t)y-{_<5nz3k8R1stO zMceR*<+!(U@WFPW;qQw#1xjoul$Vt@+E`CN=J#7p+>x&i%lSA8FWB}gyy%4sa1tK> z0A?nNv&q)?*KA6=J+>d%%2`c4TA|v{S{5-nd@aub-Iq;b*;*PiRAy!A(nW#b za-(#oKP721>`{=42B@w>aF&%{dYsy)7S=YtRaf>IVrF>i`ZPe?>v5qMSAcJ1i&f*X zLg3{YW^HD88WoqOtCHdb4K2~P$38hex zdt?6z|J|{J6lw6@pLzfcIK&ZJu)H%o)3b2Z*G#))OSq(=7E&0*a&r^2hmP?Al8Z(B zjB7@c06wmn!-y-^@YF${SMsA{UdvI?3J+A>>aXa}X(?Eye7Ud0sQrDCj5S~d?B`6T z7DgE-+ANg#Mbw0?n-`z9=lROVQ^R@8HB zleCNhJzBTX%+=G7&*NToo3kNOi`JiK4`=+kV`jK}%j9Os%4dUq_T&oZ;P}SucJyRD z19*pB-nK58I%Ib_UfAuEFAF`DWD8&mU|vgsiQ9s!1PTp2^hVoqV(btNoI+(jYJs7X$5z6q;H4yZ(7ZDpop%+lM44? zd;B41sGRr&*VX*5;mIxjdK}+7F_mMz4U#qR$OrN$$*+o3S+l;DrQ^s}x=HBSI72Q- zQ9F)ZJyQ`@D&D6PxBmf)c+nfoJ0BFt@`JPGT|9Jx(tcke2y_2s^5^Qi-nR4o#GD?L*NSe-bjUWWL1nA}79m`)<4<+=;>)V*g^4l9fz0vDY8K*yc%y(eBc z6Xy}8F7N!2;h&$;%oe<)rUa!1>pOCd`2`gz5%w2nGVornymLAKk^Z)=@t-%#@Bo)n zXHzOFq=sD(aV8P&!=T_2YTHX{Q7eE2%_Ad8SiC#ZWdN*9%HT$oCh@yM zpj={lW#FKc>NF4}grAQjv+6naB1(F37n11_wA{5->t09yKnbZBK{^CQ(~ly`8s8S2 z8Vmo`-!`STq#x$kf40yjVxJj5beukyY)n$F*B2x zGK%@i#1jWh=LwXk?&n9d{1Y45VV0roA^o*W3Ox4v)q7g``zQM9Obj@|MSaiDi5l*O zjbSn7E!YJgQsE;u+eiM83K4+X3tlk!<#Z(e1FzQNwWnGmr8*g%CgwvL=-87PGNv-{ zevPiMN_~~?%7B$qYTQEGK{<40SZUl6BX)E{Tpl1^`E@f--Jxpc?c}WLCo5&@?44(F z7wD!X1uNak=__&v>Y3n2422LHn|c?vIVPw}(M}mCA*gcknDE|p=bJnDd~P}2;C!%) z&9&7(7=C*`#;4>sUGR%b6WhnT(2>uDHtPGFJXRaP%Hb6Uo$Srf{kF5iT#5dT3k~Zm zV-nDtEHg&bLDSllizl6Pk-cB0I}B@w8IgR1^SQXe9!ztxp*ZQO@b z$|Eo_W9TjPQxrc-v#Buv9A=`CB9` zDiq{P0Gyj>6jNZ+cp-g3@Q+ckm%pdE95bkfPNO>3h#ILjMj8ts- zrjHMmqyw5knv^}ZRQ|TCFuQi&8 zy0Ck3y@ph3aJOQFu)G0dex!nJejdh&V!)jnwTX2!gm6B4ghN-F0x9@qZT?cuBwgFq z)m(s4kcSzAAxjRXjMYIvV>VVTCY_vnLe2WFp7R&(v2vAiT&bDexCn!A?)NnYk2{HLw z;3#5i@m9k#Z>7qRHA%lbpkmbnoUC!jY(a2|C3W=BHxZd5b)2!Fs(#&~)sR%C+^D}? zRX#r#vaSQ^>R#wU zQhAt8TA|YRQBFU$x~u~4ug-Yf^HCmfBiA!dIU0W^#M;3g2LaDQ`CB{DvyTetWu7e# z#CZiFHh!9)=j(N0@jL zW8Da7dn)Q1gByK3Lnx3FJ;)cXPrqN~!?$p{<7k%R5?}Q3MVe3M&|o^TM^kM9LoA|@ zv|-WW&Mr+*q)}h}Bj`dnjS*_R2EEVv9JcGd^-y>u;q+OD&*gLDVlc5p@^89)n-F_LtB!qjJz-HcAsw z>KN?jig3{m7PoKYsiA(1F`2t4h1e%TbV3tp)+8K>2jvY4SuN!`o8OVzSCrmKO*b8* z=~ds_9H29DT;0?3x#uZB9Bvf&GiZ|pvO3<7H5xM@YmFDJk$G;le70371Dp*dU%3q} zI@HxFDHQ2kvP$;eHqUOOcG{NfYCI4W@s?K8#c;}EusvAqia&1&=x&8?-Sz;>l9^aT zP2N61Zsh3SX$i`+oc&p=w{2+y9`!_ze|S}J!yNsRIgBsLX4s!bNwozAoLcACC*l z?Ils5(QfUt>i^6iRTN1$ioMi|%unQz`e^cUD*eTqK%=ft{OD`^>@L`- z2uvoEMZY+myl@Ep~TLg4|n84_$m)uu=}r}6hO^sRm-DT zm4Z|5Pd0~$&Z9mHA z)$Q+Pa6pv^EqQGi*Yg|1hVSY`QHlVyJN}RGlj_VTO(bvk`t$hDtK7FCIv7AJ3{6dX z!jGl#m&lf3Ua0@%{E2*W>}Zf_^$gIOyPm3u1*#>`@Z6-2+2GRK3C3(x84IocR(T3_cRN z?6WI^u+ciz5X5qE%!Dq#CDPXY9hVj~`|z!eJ>My?l4m&PU8gACzxoRG*~x|1f_nps z4dYqcez!W_G!=H|v@`l-c|WGK-N3o?VLIe7`E2OxGMjm{@aUY1WiXE{lzoN4vDmQ1 zOsIZ`Sm|9IjGP(E-Nw)lO%l;&hkF?3Z%-Z`abb60{N6^3VaSrkufG$;PY*5zD)$1Q znwl9M0_)NDSee%A!O|Y>cO-kYmiREpKW!#k@udsS52qT3uk!-|&{wX!d7~J}8HTEt zE8rzX*crA>x(J+b`ZURz57MC|CjS%*bew$l)P8EGr{BPfr9-C0l#YU!pult-ki^+q zs|1=q|25)@gD8@~2-dWYpn(rnmIuTyFFlq#S4~k%(9tH`s&TA5yHZ~1z;hc5KQ^AB zJUJi7Z)!5_7gUf(k`20Wws7076$vMwo3n`&dJS)7_329d>A$?e9B^=C7ymXPnwU;d zEk1^V`$_&hA#yrrt0@|tX6fN9eI`4&*~74S#}Kn*iFdf#LOVUUv>0Im5jZe5?hDnV zZ@CDGjiY{zpRd=5F}g|&eHL*iQa`W{`sVG%T}ML=mS_=h=#BdTu;j!7>t&j8(G2-;qHA7@a|w})r0-r)%f*d^?&gbWS4f?!DnJ(>7m*5!N7S?< zO`I5n2hbz$(Y=dru91lATevgXi>8T09<7p9Lg`H4BUwGiw{trU;+4d*pR^AED~q}c z?>$jTKxIu;Y#hY}p&wUTm~=j<)^+qoILLy^VS+hx#cC^7FFr72)?|Ps?tY>YR5GfY zAfYte{yK4T+VCkP)2@H7de+3`0|PVY{^03^+7&%Gyi@s!)GgQX6NaLuTBDrBrAW59 z{5)S)wpxiV8%kx={ib{8Vz^lEWaa~oJ_9_dBCPyee4zs={0a}8y7m-Fe*sUkIY?RW zCs;)$2^yN7eb&ZizQ{=Vp|YbJb$tX(CO-Z|EOBI^Uf3Oem|BlFhz33|ExUgOVijaJ z^jvAcShZ29b|zIB{os8hQ<%Rv)t03Ydor?qOXJZ{C9VKK-;Tdp89-py$$uNoN)1}c z@6=a0`4LNH!ywubm;N5T8KJO=bpi2cAK|>CuxjzDbdL~h&f(qPlrOb6x=cpqFPhTN zU@~D>S+Yr&AA%q*4Rsf~aJN?daa63U!$k~JBOq+soOv4IHHz^wlk8Z#d76oZ<*IJZ zf70m?Fe|;a;Ze+5tlL<04ZOwXA^Iaa5?Ujzw63MhzEcxQsi**;VR06>i1r~A^i1~W z(OS}VnwDZZ(XOL*%VMh6?fAiu7hi&w5{2Htd}GtD@|%5ZN@`_~isL57Q|6#>lalfm zHJnoB1LKo)aunq6-?|D);k$r(iVZ|9B0qCf_wP6J>&Lqh)T|kz?^~^aJi3kdHK3^e z>?G2`f{wL$qLHP)JKEmmN5;fu(6qY>!I%eu;+x{KLlyo6NlVj{C%kXHZV(*DL5=+7 zQ|G6Ty)tnisIS7iqU=Z5<8jY0CJLDPZNFBV)u$Rxj^fE&y48T*Mu^;g6o(a-nIR_= z^&JE+hgsB49=wbcYY&3N@?Zm%)o3LXYVR4JFboq4Xd8@A(@BJ3SiMTe2NgR7(|k0Q zxV_3hCSDuOrqkevRz=bH`$u9oYn_qv{{O_?oh}HNYCPZ)riwV>Nc%6_9 z6;>r~^&*II4C_Y*SmSU;KorV`gHA%8H8yeyVMdegZM)vq@~IWs-siA%4* zMdJlkVkp5BzG_=*-%b@^zP_H@V-7~r`M2T{STgOjH3*h!L}SSOad<2QFXbu^^+J+m zJtOV&=U3Gv6BLC&@B`#Zs6YBEs&(8Ns?HEIPsI0+A3i9)sv*?8CLczHfB*_pVaZxk zAS!Z07D_fNcbNt%Uku#)StzX?ayF?xjycm%b=DPoF0q+o*)JaIfO?|w5Ksw;cV#e~ zK2d`f;mnsfLN7yL>X43&b&<8TJU4u$)o0{*#ueIP0P`|9Ta>YwR^4O&F;#f#b3mHG6WZlahF^$3u`m4*?Cv@6&vb_*HIP^ZVt zodwu0x*l2lO7CbR10vPE z@YX>)f`n(o?Vg5q+95vctjL9y@FYp#SD#z_5*wc4{<3HRm8mo6{YgR~T8*90fIciQ zm6p0o))_6$uuz2~Rw_^bl5ThcH8-F#PgR(!=;!{E>{)7o&p`_hMxa7451z&PjR7oI zYp!^o{-o*LM}QJf@p5v&p+aD6l3hXFlb@GB&SS%;%^@E z_g*FHQS>0WRu6M#h&fe0_Sh*08BcN*7ZwAyM(|4*0SsGr@5#LUbLTXo3(f%7Axo-9 z9GN6T8|oPzFe-2Xf;ir|8n@_>rn<6%UI42nx`j)_mhwr>dpbkfu0@LcYmMZ zeE(gYG}u+8TU|co#WLQ*&XoN!vn<_^_IKTHFkpet0~2>ohXYu~W{K@>Z9fZf}h=4V4;bKi+_3GTq^Y-9+r2Pd=c3-gD&L9ZHa`Rlg|fO65hQU_7j%JMQI!vQ-~ z@Ln)X9>0|Oxt^0rrB9n7Fa*IS3+_mmJg|-46AK(8zn@l^pxnIZ?Slsoveg1)4VSHig_%S;u~S8 z01M$Z_AzuM?Pj+|2Y#tdGo8^1>bIYn-d*gpR*T(kEtAAAv_C%>Tv;E)F21swY_@Hj z2z~`_JI-GH<{=x3)i^Tax2C{m)mdxXk-sesu_%u8sH~%ib z7nbK?9)=w6$3A}8;;?3^(dGuO9!lddc}Vq6b9teG+VTn0-^T|xft2K2Vr=;OoXh2^ z<%g5$;X0ER$!$NFzX&9vM5!7d*r}=69J5Wi8m-Vof;kkakk>$rgA}Zbjc3_3Vf2<7pSij?P-DT%=cFB>7?RZXf zkz`YF=bALq+w*bC8Mw$RDVcY>-kUz?0IgqdXBmg62ddd7A6ld5PuE zO|fc+tZ8<)#L7<&D?MEU7=Tr>BCPgp^)N_}PrZA7r^W);F-Y@EAtw$ZNTf-)BSwkD|o+5@J-t1$Oi}f>FA{v zgaZeHZ)*ey;;BJ_((i$xPpKR%o8V-^Jm?aeX)AIFe;N@l=y@Dj`j9=4zd*QR3!hSn z9HO6C7z4>)JjqbmpRW9#j%cAjlNu*WgVB&K2InB;g80qFRQ`<1DC^Q_(ztCs!>wfk zM?uR8>l*1G6*Bak2})=h+X`)YIDv;PmzI6A5-u0>z$D%J2BaipFe?RH@Q6`K8oskK zgB|e}YduI`1#7R%^h_aco*(%~%<`Rl^)`EQ1b3OO`sI^}YD~Iv{idlw{I?93?zjdA z)cIDqQW<&yJ>;@+UafG20oJQe9vw5IKfzGM7VanJH;1B|QtL+#edv=wKAxyhR*sVW)UTQ=@zTcO7vR+n$(qSlHGAxYjO35Y^ zS$xMTb~tTT2^!k?HNlEvfx5xk)sPBTBOpNdXqJIXUzHZNruJLqN_#ttc0G=nI^c6A zz_lYf_*l|EArfBAotM8T?4}{vb81HF6kJ7(=VUW3!H#Ha>#Sx+VP~2omsGp0s<0>5 zD`^pG+i`I5L4l?&x+h1ZSW+!Pa{rhtyaDpCAKq03$2C=j6YfzLWtt{G)e~Klouu(_ zCNh$%S2Ipn9{zPNoIIi2Mb3G5vPm19%lwtRhBseS!pzAbR5Y{asPpkFvg61mV#Cj7 z%~(jpR_If*Yf*S^Zd5K&G^8EzlNL!kB4_iMubG`|>Jep(ha`vO(1ReIw2O1l#&soC zzt$lriVbR_Hml1{zBW@VJu!T$nxtUGln7tP(s#ai%U#=rJj8f!v`|l z8FnZ^VVjG%K~&7Bp1`r-+0|^a@Da1B)6HAAU6L?hMP(*uN~F1HO2K6S05AvVEQ34n z;dszTCI3*{r71PIXHAx*SmIKTvZaL-AohgyPWb@7Y3{m@1tR$!_#&2epUyt?>n{h0 zDby6eN%#&iS6%ncxU5F8=O@g|ED({G?1v=FC}AAm;Vdfhn;SjJ6?E1l$?uU7S*zE^ zD~TX=Ho-Z-OgYe&;(=cY5Paas?$XK(ZPi*l{AE4zVoRHyav;kYeNeWoW#*-XMOqyJ})*L`VqJ>~g#XyD(Bs2NvuOJdzy zM;`>e%JU*A6N8cp-QR&d{j!(~AZ2l{Zoxv-#vuuKdPS+3_JO<31UVk@y+Fa1@Q$~c zjZ=!s?Zs=yvjw8xjswMWvO({n#sW>Z4UzTZ)8>r{+}_M}aTD&jv(4?$^p$=8$?!}K z(qu+bXrC}QGCc{^upUkh5gVYhq|lsdM}QeGohzzppGdI|prO`COhNlTn8e{21(83O znEj+*zNkrJ zZ~Qx{5vuz5VvW%YG3ZlXrX%zZ8M>-3CuQ_s>6SbmH(Q8{w;(Fgy7?cD4&!mu4e=7Mp_`;zzeEbgw=QoE;DPGyVLJRrb$?IL4> zjTdB3bXM>y&iPQtZmE0Rr6k8Alw*|6rmW-FSIw@%JrA}bTL8r+MPv6q95{(cp2}(~ z0{4aQoj;-NuPtBUP1wN=>+y3LCP}qs>@ib<2U-kWV|BM{V!Wp0JrAAU9!!=tP%}p1 z&3zF|%j+rWsnW<+wC$6aCcVIpolx+JYN-0W#mPjm$pFiQ|IH9RcepPT?7UhZ%{Ow! zbo8f@`2J7LUQZ9Z$M1d1UcAB>{|swkqeVtSoQ%@wS3luBoU4$~BhEha^9?hntEfan z%uh{698bH?t))#T*q4NQ8LGge#dFb zd~Brj59nY=64C^Ah>xUFb4tig9hno{L~hFRx8~-4TTaJDqE1@}^86$rBrmW-z~6G- z(T#Vz8eNv6KRw*5ksF#K&Z2CoMGF>c$H+77uf4gB=5y#LUONR$rq;S}6Lm)GEA7;O z7_U3zhqc($Cn+yg446YQRjO<7l|*imkyITRRMZv%8x@mD44ys$p6QQ%@ff|Qf`trk zE#Ad-ESC?pTHI0w?$2d-D5{-P4500x6E~vJ2IL`B>ba#Hh}E4aESd`vaqFuYCF%+W zXyQ?RQjY0Iy#jADPLrdX#Sej`Sduw6;m;!XjO6YDWA|n1mKZzXN2r^u`OGL5fq6@* zsmQrt)#joc<&RO$>yI^vH`R?CP5H4;lDCZ4b;_H0MUflSVGMRsX$qB8$){XA740`E zI>gjc8r2b7!@-3lz7?#stm-w_Y^;eKOLtz{Z%!Mf4pmC$-h&5!trCi=-d&TBF52&HLlJWb=3b{8hNvOqy@TqY)o@O zfkVSzj=eJ%u>8$TSn8n^C1}Nb?~}Y!khL?H6MLmb8aVHrBezwU+~OT~Y{aHJPu8O# zOqVJ8wMoX^*JHQuRz(O+18JesPM5}-U%AWo%Md>~dAM%}cgkzf^sRQiqn2;!1TBBv$;|+FBIzz@13DQ^J)cn6di+qjq zm2l}(5U3xvW|J)TA`bghqlVXyo&QAjJ>;7>wh!}1nX`jD&>EXR;E#5a?AQ&KEgf$) z;-c%y&Xmopw6=QPo}JfPO@Q9h@BaOKd0U{#!_W-GXqovXmB-A+OOtkBnFpWKSU5>p zU0HKmsH{u8kB2lu) z*ImpFnfoHUKbOfZ1KQ3BpX>V45y?Vzs?VK>5e4z(cCkf*>e_@~oW*CF1oe@_W47MtnFUO7(J^sDJMTuZD2U)(F~ z=OZJw5up}iXp(=ujQ^K>f#Z3u@@%=ddizB?)YO>oP1DB|Q=87RQHHW2@|LS1O3_UT z_$86wHZ_Sn4CTjmi)crwI~^_44{=d-)0)N(?vvu^S3K`)SbJBIaT<9gsv;W>_xBK^ zPkhlWN`Ksh8jfo51w7%}Ce>3l-y^t_fJ>#cmHZ1iQp${S`7UqU}$H+;46U?`SJ6__q< zx&()8h5*3(!-x?;fT==JLk^n18(^g}8N{JL+Ure^=72yE^$3VPq41vD$+gk%cXn>B zho0yVgM;c^#$PdsZ5%tr29BheG^&Q+u1nYzi?4lo7sTi3TPd_< zzy82e5c=rT2YG)EVch%-GYYK_?mXqNyQY877PDq~0p?%=0XNvc0%G!|J>@-li~GnV z6L=wN7OM6V3H0@1XZh`!7}GWPT9816BD z`WqT2{I_L!t!u;qz^Kx&A@8;qKl=@HKqpLa5o7i{iuCG>fQ0(m;&^0TOV(iS5P><8%G8bRirs-eDk>1T4q@vh>lrHs=E;XQttOPC% zQ7)lZ4m`CRVh)0dV6U9q9t;u5k5qB)os%jVBdUEoh)(RH5$Bg~om>|ULA$u>$|pDy zNOC__G!~nZ;)ET?F6SrO3=hB(X^4hIi1lkhD6X!buEy3$aoJ@j=I2dprk{(gh0TZA zhK}>&SqAI8wkpN@2g__5hV4JTW$KhWD09Z}iMO?NDvP6xfkbsAsk(4FfmFnQ#OX(H zl15IFP9&KtvBy9{NVMdjw-~J_l0P4%3{*tvolH?v(;SVmrO?;KI7f{ve{r~`8kM>` zDt!51i)C5q%yVwC2ZWQRS0}hvU)^xSt28)p^cE%#Y<5g=43@2 zxk#Mt7$JRcGMNHH(3@L3))tw7ATN1M=r}+{)w#|@`UaF^Yn1+)!J$6Aj8*z*1bP90 zNNkm#eVdlp*nGvV5LN8&FT|K;>kP=A*sB-|wItX>Cg>fj=av!$FJ(oVVF2 z>zTb*KdT@vId7Y@)5cf=@ISf)4g8LW?8(9Dt7IL|mQ!ODen^uHjcBy=FXRH7dy;tQ zcnDiWjS_X{S*eIE=py&~>(6??mAA10H|qm)CdxcJIWxA8{ok}3fE!wSKHJrU*~6=W zGG~_F0S3UOqHD(=qYTE`GII8J7N|K1d3{d=#gP}EP25WoDhW&4Y2=a9*|eYQS|M%E zFcIOu9wcmdpcr`GNXW1HSd^RC&u|Yn|I6gnMSt8!OG)DN&dV$WIBm+&>Y4?Ac%6A# zHKDqb zKJ0P^LX=l0N&!>xR_7J~XEl9{Ayo};klHgJ*Mwee(yx!H_lE_i7n#Majr%n*M`q1c zqp{ndsu`8qGKxo}DU)Q1M5qHb*c`2OG6ZQHTVK2zn^FDiun{s}s(=Mw3-Y|5Bp8+dm~YjvQddAn^o8l|$h zPEr&9i|Zhm?oQtXi1Xdh{nGuPxHV~3CuKn-vmqpyWgU(}lgms9A(Bc;bbywK*C}o! zjYMv*Du)vApZP*~`T+(+`xg4v|qV2-}OOx)ipWy61# zwwML9V?-(P#H_uGYhYU1+AoMjGsu|rlr=eqJDl3Av!!IlnBs30GehBF6WUkidh+P* zjc{+WxYt_CeW4txDs_ntOVZ9d+Zc~zR3AVO+G7+Ki0u8XMk&qXi?spGch90O56*s9 z=ux$d!-}_>G4@D(GQ`VDVBVUK9}zQXk{Vkdhq=c0swLE(F;iDA`%ELMn~lV|(1Y)N zqS4SFg~l(FnW{q+q@$LKsZXjssCLaw%o8XsItjbE5_2Yw4NjKtpZ(P8O3ICVi(q7? zBXsrsDyGHhaQtWJ_V}@wDnfD0Xqh~^$c6vF6SI_7|I~u7X(%7!JKW94+?FdiGW5hT zl&OsgQV6=a#Me_CN|gj3n{SM&{Y4mjs5Y2!`2vrO!FnN|=XY3{+y$);mtvL9u(0Rk z_z|~@530e$y-Bd<)@7^Sb^65q?KTA=TjGF` zI0<#4f3OmOlC`K=LDacE1)!+a-zuGHb9{o|cJ~a3FV>Mi)Ra)lEN;fP)f41jlN7v@ z<*E`jNoy+vhZJ2Y$86?LMed|Vp%|K-&}Z(;P*cWvqHpW>t;Ve>QJdt}U{2Ih68Hah zj|sYs*DqTvQRkg==vPfpQB41w@GzK%j6W$|%-nHoVH$VkxE0#?hipRUBOK|Yq0emY z9pyKwK*S5#sbWq&egCUTQ3~$Bdc}f)9+o3pN*ici|9*+Fy}P$@j# z#rPGkXzM-A=o(5pjM~<6#05Ey`-?gnd>ldD`aGRVK;PBk>EddF zdxnk|V}D?lWK4dH{{>5vclph{ug2IIE^RuwscWi<_C_r6Jb7pA@s4jzXLlSOnMn{q z-ba+7n`?AK5#LZ7ry|dmKsD)i%ueO56fyNklV2K(#O7%4O5(z<#Tr<2(-7p}C<|)C z*Q2T;xJ%$REc1vcV!LBp`Fuda#1Z}oWj3qXx?^^90Xg2;mpV-P>y*Wgg3RWNB%qvbzKe!UfVh`J*|;CM_<)J@sq8VRZwU$m0vAtrt^c-5OuL)A$Pvhj4E}l7eN~2wi197=hF|bshrzGJSNkyL+wJ&b>{F~f5-M(wuZ^F*kul~{c(QC=N1E;wnw{p6#ackxy}L>U_p4$vFU*dGFCZ?vkzjq(Ec-T#bN zfPF@;`x(%Dra~5v$kteggEOCqIMK$(Zdi);CR$T1Kj#D*k0iiNSlCB!NYX1;lMu3P z-OiR}Ipx@BiQm_eyA_@*3T8FMOMIMB`WW9=R>mG!sUpeB5&)I%sVMkccPlJ2HCmG` zYU(uk%g`F7@yj+TIi|QRj`5_n9e%}acGuz=oT=uI9O8`fjOSf&gO9hIM;#?TU-vaF9^X4kCeO<469 zeJe@p7tk8oriH*gyoCU32|K}q5s@2bsyB5|QMY74%@v)|SG?r=EphxFs+)W=xoC&cOSo%nZo z|1gUh!c(Evx~aPzl%5WeO;u)PoyJw79%tuW^)V2CW{rR}F7?KpB-cI_CwB44%3*D{ zMeXsFzL3)i2b%lVX1`kGYE*$D7VREpfmtq$jJ~C2GG>d9_*_!r`|euxfNC_V~lQX1yAVv;Amzok8_WRUiq#o8?A2CkeQLHu8pwG+3CGY&Sn?; zgwCqO)87R4vI>Wr=x(r0C~lXRLi`O+Xs%+4em|E&$AalP_O}Q*U)k<2MQ5jTUcKh} zOC_Powvdpv%RuwtCWri0D}Ov-kP5@*8?1f0e;J^jteVr*>A6G{G%e;nwX?y~+RkL| zLw^!Vd8kASgkpxlkFXjMJzPq{b@!z_|FeP{GHyZG`SgG>L4w5q)r{`|vMge2YjH%) zUITuW+s2-AA^{d(I;-IBch(zSAKjTsZcnWK3IZ0dZJp<9_l4>XGtakHEOah5=wn+3 z@fwYLwJV^xfG8v!ert*9+QM z%fq;BQp~*3Fa4+;>>afztVZ{X50vqQerT-gKiMxo_|2%k0|P@CC@R3KVB6fnmHXm@t22OQ zh30m-=Lk#gbvOL?I{5j)S()jh*TZQVk0%@F^+C9L?e;(!U=OnNKy(Qd@ZQ!wA-&o^ zD8>eP-kexDjl#bjMZUS&#-A2^2PBiZfANd5veY+-CwQJ$BjciPHAl_73bGOZ?%qnu z^U~rf%5O)(C2itJ z|B2V*_<`eHBf>SN4op)`Fdsm?^2 z;kUD@G9(&Nw5v_lza(qw1OcHpYvh@}US2|2j0C*z{vp*5OjYhwx_h%3K#iUD5FRFT zIun?w`wQ~^PqipftQTv!o!8?ilj2G4Varq5Wja744D05?p!6ig)!lHX%5m&+dCM=#$GZ~n3UcE7)LVBo$r6M)xjj5?j{?K)SCCY@ zC$Iw9 zVUco>#O1F1#Mk{F9>0LD&R5(5NL%CI5h|a*9rLw<(8>b@>d0@)0k+yF^gPK=A0Bfy z7x6g(<#q}h4GnE*r@S115njd0vL?3Pr=f-60Cr<0h=H{1k}#f$h7e55lhvrDP^K}* z#UB-PxYJmKicejzR!cZULLl02?9$3^lLxViWp9|tdCV?1AjGvihl~OB3^#+|!UlODTb>#*LNN&%Xb0tOXr133qDzM1x|3CKT%2$`Q&KW*Rsnp zX!?|mWw-R>QrujzR{DYgr}6DbLU4` z)R%3_oBZ^sGwCPfP-bFwuwN-+&z2_*hu;26i*!s3gwi2$Kq4$LL=00cq0ilaIBq_& z2*E5mEiRpLU$mcr(*evTNCh$+ARJM_Gm)yoVZ&&`-#D3!aKs22vc^dl&SCt4UFPigpj%M8x~)phNk1Y@%zCt9^dbl1UyY)Y3I*oj_mI9t~PQn zy-mG6J33D~fe$yJ?rUjvp(LHF^@>x#4J0Pj?3`AE^rP4u?D^~6G-^*c^N&;fkD)F_74E5qZB0p&mjgyY?tWI+BM7FpY+bn#v=RD8+ZEF4T77*4jbnOi$LuX#}&-!s#i}alu613dnj@m_Hr>C_v14;_< z?e#@Zysr$|jQsZ5rsD3= z2tnY5kK?vBYOT_=Js(?c@}9Jn1n0^3$ZB{T4<_{EBU$S~F;!kO2G|aJD=9RciPfe9 zCcNZ`VqsYwupzXj@{1t-_@FJar8DK>)cp(3XIJx2=s=Y)$$*-ur8ybC!U1$8R&rHD zaAUUV_>&en5-|J0^(QRmf0Mbpt1YC0F`cdzwmntp9z4xJnGf8i>1wm^@&XX|^>!H- zP#$)~FL~A#=371oX@iw$PJ_7*ttdJ`^=*oba22uDqIv18xr3YPta?WX_0%4n-eo5(W1&6i)tA zJeq>8S2);<*Lw?zn*uUbB_5_zJqN$eL|vPD6pG>ch{s5+58u87gvE8_O6?^mtn zNw5zHK3ko;RD4I(2dpAttZ};tmeZDhwL$KU#OQvJL1(q#j1x|Q=j2=gI)>7SvW73&ES`;&6B@C1pPNEwy<<#DG zC9@0~8N@TQsru*za8}R$0>HGZ|VTHq*zr6lv%49@Dy)-0kf4p%Kmz6`MMRiJ=hf@7LfFq}!d`mDw-_aJ{5 z0PHjXJSjj5TYDmC=x^s!8$|qqj#Vjvojp2+#1J#h@M`(Mgd{DTWGspR-aIHp*9 zD#)}OhitkaVX#bd?@h2Er3Rxe!>w;e@l7c&u<@&DrKX;Y}L&OHNp72|(X)EHbk8!yv|1jP+&Xs7;;X%MuHtZJD^Gp<< zQeS&rDqBjG(nrE%?|#^Jb}O z=m}apzaCY+4BzV9?bZIopx3p59I+04jpe?lKn0HMdYH4#-B(5+9j4?*I0171B zVO$*m((z>*fx$f|xc%E|Tl;qn6;QqH3q0(|O}!AWtPkOL2-dM^kdLLaXd=x1oUj*|(hC=ch~2fP%sw)9kZg0w!~!3%Yf|HNDLwi^FWH(uWV_iJn4%q{)FWtnKT z_ys%cC`i@L(An>&ur9j5m{Y z6$0*;7fuC?wcEzP5+yaxkH3)Gx%0eoiF-C6wdDtiBjH zlGh~+Mli!`A1-^qo28SZK0Z{4?`ylAS^yNgZ91DC#1M)G6)JBuEe(&W-{TtVqWtV5=RX()o8EJ&%pIMH%fy|`13 zaI%Iki$u8yO;wAy)}XqGPE?cXA5jcri7$j8={Lb4M@||V%M}wXJuh5Db=0e1O8VGX zkyzZvP#X$%X325J-wsmBn4d(6@dbi-Qb>!{cql%kG7~U3m!TEfg&pxe<^t zF+L;rzJC~H5#%Fbx;<|KW|YOv>kw!m>I9>mQp^35$&l{(7vvvm$#>h*#---yenD7l z(Cu13({*O7ks1QD^=m*4IA5}OH$uodJMu$DWCx9SB%ldh7hgafU%u9z};zMQN8h`N7E;gn@C2P!~g z==>bkGeBVKP7b0ZjZeYJeYpygH27@5*!(+-#|b7k)5|0rF@hVV1@z;xsZjOdJzb&c zF|FCI#ORfzQ9IE8wRer6IV7UeFJOR;n2|U~uvj5%xM!LDi%L6MS^<-_cy_!i+$Av^ zIBWkO9d1yXBhAL2*GvJ7DTHRl3}Q>R!ltB_rFBCCD{9j0#n#u< zGYS70Sr|(s%Fy{NV*#zZ7?L-jo-8^l*NF4!q{d0tWxHK!ha(QMPuQgpweWH?;;8T%U%i*+o1I>$JZvB?_k6^&PaK_bM~TOj{UG;&d1KSxb$u`Zr?t_gq22pB-#B3cMfdM}P@5HeiZP4yx~ zVCv*`)L+h?Ftcy}FL z3(R?}(XC$vTjM+W2 zUkD;wpp6<+4a?dV3rUNr0paeQ!>M|WeMswBfYkc^Gn#D%5$l;$p;ijIRS0oGSt21# zw`5sb?2mbUEDG(7TPxj?E?Dhb_2G)W?C8G9Dx3iIDe zU_v50ByhTdg;`;D%Fn?vt--GGJi$oA-CW_<|1w$}KYS$N(h-?Cvk*SA)O+ z4vT3mt{Qn&mgoLfnU-z^Pb?lGLl(|e%oJvvRstBFxN-v6Vtksl&3Q|KRbree^dx5BasUdnuc;b>RJ=+Jyb^yN4 z3lr5b1V#u2bx>eST_D#I$3(UpV^|)lMVcx?`-hK`yNdM05Qhy^s?b;{OwjG*MnV9Q zyBsUzWlK9mw*0?KjN)T8_)-944hGeN0mpc;(N~~_tTQi~=*1JYDzeRyl&q%EI}agK zFEJ{%=juNm9QD&^mSqfV#poj`bjZ{AXdz@c3uYIB4!bwJY!Uqu8hGTLj)rI1I#ugR zU*Z1aQkY{RWB)x~F#)JSI>#7h7L`a`+ z#i~t8K_D4;1D^m4CSy{n>dY-X%FdpPWmvPVA!b89XOe%971o|oF%XkHsYnbn6#z&0 z2#8Ck*6;r7+!(}KQ+4dHs)E7H-&3sfYAxbl+0eEnVthdZ$stAqITl!9pI&(dS;cEx z@9KbJ$)o;Ya?n{+CN=DihX3Epk4uQ=ro0w*G=l}gf%59dM@h1d#C^akbA+5KVF^;R zkFn8YRO3_vf#d#}8hkV=t02|*dr^_n`CddjSF%i-&Z1v7?Omp5aWrP^rA}@e&?#}S zxs9yo{+B%{?Gq8=RC(`1{SL4*ELz-C5x?uK$=Q7 zD=XY{z5dQ8uo{LTu@bmk^?~DmkdF*0k~6+-h5RoU;2V8Vn%VtWd#r zCLpiT)jg=@W6cccJs+%Gb2IOFxwTR=*vP?Dqv6~!5bgq_JNv@cII=qEeNzoR8H{04nbN>rPe_}TCy z#`SMDZPdnM**8;XrmSq&gf*GXOf`LORRs0BzJB=60H%H81bL@jM)&I_Hq-?5UaliC z3sZSaj~D6JQxM2S`(M2M79z?`4Fq<#Md@mMQb^&KXkKX1D_%tcY^9YWd)Sn<)j_OkK59rfldv-jX_ z8JPerrj6?g^To-uYAbT+T5cvnCLuB@x|ho;>A2Eplym)FiZJzmJ~~0?BCamPA~)yr zwjtKseCiWLWpjuvHa59;(n8St5uA`3nloe}Pn!jHYRklrc@6v~QAyE7mzt$lJJGQtdHwDK zXj%->M57kt#o~GLs2Jv2jsmpZbtN&iX^7UD4u55}!$GiGGH1&Ris}47MSYpPC#1H9 z$6JMAn$avUo^Gbd;XK03o|PevEU*q4ww+YV);6uR$;!&R9n;())tR@ zwH&o37v0!2pP^1;X8lLDX}L(4xSc6~1f$q2kcCjPGwoONkmk$xO{&pZgFu8v{96-M zISQdv8t=J+O_>&=TCQwPWc&Ce)3xkisXxuj@GEM$X2*LlDUBRTS7&;k@jS%_Hz$48 z1l__K#uQMR8}0@*t1UaQz31;$F9V^+q-l=N9%6etlI!`0(5t86j?lE}bu0v~$4S@* zPArP2yO`_J!m~G^eAQW>jog|`G~X5XM3a^M6&|U&q;=3GI=IZvUzLRXF|jjgwC{t$N`}SxplndY(ebS=&5<5tI#DeiX#WQTif@6_gP)v%2(bY zl{}_GFQCChgm3(F1aBclJ1`sb0FWUN($FzH%ojDT z76+z&%j~N_g&cUcWzpD9xCac!3Tp}b9?-~2#mTJu(29C3qgYL(E-=qUx!!jhBJIEe z3DQPJg`_e)=Wt`PJ#s#%Dx*2=^mn@=92IAv9^X|$gvcQ%Ip@3RmX{q9AW}rbEFT|z zXK}D`n+%!2RP*>0wXil_rlfx{eenwGOaTz{4tR5%VYi1E8)kv5Cnd(Oq0_y2FUaNl z=Oy8~o;yg{Wa@yCm}55wzqG_ttKu#k4z^BL+|k}IcmN98&HENvLx&9h1A{<3AhY4T zm$fLO+sI{N&;5)npiofjF4E=~_))SQ^R?8MpMXS@!iMV_xv+QIoIqBcGkG-Bbsk36 zM-oa_r%5qw9z`{~tm>3uxRkA}T-gU;r-}`*V#cS#e*IS5*O$Ji&L|t#zL$hM6u;vy zteOq2@MAjhaAs-S-ajJ^CE3`R^>xgC3GzjeN4;g(oeSXVqrgf2~mMrBPYCcJ9ry zQYxu;V*|ho>2V;{$gG67+`Y;SRo0G7OXcU_Cb}|I6S>Q@lHBtcQ-ys!+#bf2Tey_B7~- zC^Fnd%1ZdcW^T^;;-l^ii>22!!~@xPK9Kq?)arIT35IG6w0}vy;B?tF$yfN-!7`dD z;dy+2&lBtV^=b`VrUpCHm=tjk;CWmrc&c$gope=M@$-bh<({nMIrOf*rvR~mQ@#z( z>r!96H6uj=H|HbMNlcK1b2wK$nzNrFh`Qn6!fuaOnYCw3v&D6C@!_eGuZF6U!&zgA z2KG@;>gstDj^C`OYg|MOep6s6veTP-eU`02y)J7MsQ_&bpZM#^6&wSz){y<2TR4>l zV&~LjU}D=4>V87p|C?>pqV3!1O`RG$ekT#yV@GaXvhCPIqEI!6Xofk%Qz7Rbgvtr; zI>q;L?VmOODOOuv4YZdeO#Z(gOS6CeO{d#YYsDhy3?K|7(v}cO_KBn*{K6@~Ndyjq z8|uM~^x&pA7z}ap6v7a$16;shttNi}q0j%TK*)J=kblfy7vNHDg~Rk(|9(ScPzWU= a(kCSBugetvM1CRsL?~N~O^vnp^?w0thG&uh literal 0 HcmV?d00001 diff --git a/docs/images/provisioner.png b/docs/images/provisioner.png new file mode 100644 index 0000000000000000000000000000000000000000..43d27e73141308bd147968859ca8fe832f9f41d8 GIT binary patch literal 132116 zcmeFac~n!$);Aorl~z=2?G}~EsYO&k84%+v&-A~`=zVBb(_pRkwOBS9}wX15^ zuDySI@2cX;p@S|9=B=0q0)ZB|?)$|P1p2lW`1kSKIl!BmpT~EAKxaX&zwA1a7(CKf zQ@j<4;U!oS3R!lDufA*u>9(aX~3?u)7NNWeQY zDMiJigei3a{TrYUU!SiW_{xF*zjDBmrW?(~$X$5aNg;NU;DOndR#^-?c#E_8U9eWk zQw!*_3vi5#loRF3>4c85^}5vk2WBXagV$55!HJ3{EJ=PDubqIXo9qK#T;^BNWieo{ zvOEsRRn-Y?zLR_BUd~1khzq`Fd&l;?~2GOV?x(htDnx{$U-N^6K zPVS&jDCtuwtY{3Yr0D9Aocje+lWo1JGgyypPeku!Xa^}+4b?vLc@TA=L=!^Qwj%sX z6Xy&Z1FxSrqN?2x7GB7G3A`A+x3r~yKCV**o(Mh^skfG(fa}_Ls^eyUM4OmA?QyVD zny@Kv2FR{3cqakfet_x+(X+(Lh9nrRP6NTNboG#cwI7k$@Qg0Td!c-OVhJHVc^gId z9*Ah=zs9cR#Wb@n-(km^K58!Kkr3{dwo`6&ps&DXk8mYlUV=x}aggZK#5^$y48 z9bz~i-FlLGIJAZ^E+>ffpzo2bKYnxsCMBkL_ST8Q2>S%Ey33q?eQa*?18!Ag1!1<$ z(#-wv0L$G00gik_D-dX55xDK9^~2#cTI1?{cL<&7m$WCA1P-_WLQ}@wPl2{<%d zjNv#dE=+%5U=CG2B-PnWaD7_WpP?oZ?u_~4Q*Ojq4#A2b7hCIWFz;uA-rb!lr%98K zpbtFUW0Q7DOtp38p=HpDpjlI$44Ba9E~(ry%%`0r=i*_dW*6PM4feCVC4K_eUHY!a z4#w4DaypYd%)|WKIX-wy7SYRc^K6jaN?rX3U1d%m<6gCNy;Cq{$#t9@vlYKrb}i)& zRPRqx0phq27&)mEk5IO2-|Y6xYGtqP&`rLSP;HrMTv`&$p*3&zLlDT|iRSh?{Ps1c z<;Loo2^rIC(h@m@0EBV^5K3s-_3sBVu@8rE7!`|`ebUv*FJvC*OuK@oX=kQd-yMFy z8{3nywk6{NxSTt^v|@99rrWP~B7(K8aDYY~Ktt4&oDZHHFo!hx%`O>x2}jHH`6*L3 zV}=j}%grszXM;knZ`4`l+=#s_gHLq9)dTVcgSX%>`g8UVH(?f)gn`!wLA1N~-SK=Q}uQambUI=iWziiF@){Wh4*N(pAC8kE|WppO^SJgn)b%u6U?x8IJS3LnWsK- z4ldizZ2lK1>g8>%_mXWkXR6CCIp?}3MNYW2^XGR#%o;w^IJ37ss44x23iPZb!Tf=g z{lk`Fo5Q{zyk(PRv!M{I9~Ke`w9Pv8em>~MT;R7#D57*V1-_G*QG=N_g>nJKZs=jRpyPqUf#U?)>}N#eOvvod}!I3IiPpn=!dQCBRTrr z0EYXS7>s2}0c8eGy-$gSEd`)mPRRR|{HhG|jnS$(e-H}*+F$=>BQVG# zp4g?WFM2oS+$aIM4LZ97_$`(tJFzE{clI-}q$Z&K*?;hbS-U(7=xsa6&u$jz%=u)S zv{C=OCkJYMHgQo-2XLBeo&&7NOT=cx*Vb*;WIMbh+kmrBGoup*Q%3sXeO*NV*!$&68k?9 z?C_mR#p%=-;cEcLa(v_7A5hTtIo$aKzk83pZzgILx|fD}%iVNLol>JH8B3!na5@~G zD`#p*9yGfwrL|V18@Q?q(rGU9R168a#hA6b6X^}6t0`%$ zipoEs{a}g!vpGP1m9&6>K8?{_zGE9N@%uM^A75_bG+NB(u)A1WUR|bPMchaBt+^XN zyDZ})SMwiyLh7|6`e8En!r=mauOk05hamJ#HxWmIhzIX?vIH>8&KZX=eQrzdz0JOj z*n!A>KyZS)6ea&0cP5jfNRw^p7ufjVD%dIn#7|RIgvBXiI7M0wZCqFp54Kh&^!fei z0mRlvSIHlLq9;Ijtq=L9FN5BTXpVa>D2I3P^H^`G9!)|=YZl-r zOuH-xnE#%SX4;uk;(oN{oCc9eA*QT^yRw;MWN<=8x9l`WL}*TN*{n{uOfVrYS`v*g z@(z~#syxN*8CIdi*^l{i>0vqJNZ3STrUYBh2*6{WlHL_-k(y>1-MW+BW&>tQE0!T! z?vql#aCK}lI3%0S?H`-Tg73sC%mpM={lH2u*@mkGao^v z4r^uGi>kS8GF3}c@f1yz)P(=-wMtuL(tVBD69GTlMOUbmo3N=C;Mw=I2_|=itFvu% z>lj!Z|9noSmA`1ipZ=voC_g?5769SA5qQ`S#3%GD91vY9sb^fzq{eZ(sbT;2&f3Cm zGSE;JSx`>&SJmCLVa#oh`0TFLOK<(*37!hJv&pN5XxFLS7CMAKbF*4)Clf-4MKUkP z;cNBP-15N_)p#58u6osSoo>4S3*J_v2o8Q(Jh)|Zg9!cjnvT}RJwq#+O4zDBFwE<| zfpc1dQ}QnP+d zDg}bAKc?1=$-7nc z-lSbdolg@zw_4jCoy})H#j3*FOesU(Uhu8({Vp$TGr;hR&!UQ#MK>Zv&MBN6#L$=I5j zEA0<)hCuZ&N{ekxG0!KK)r*8i&jYT36(rnZB32*aX;Umjh!<2>2mA11FzzOS1B%>E z0q)=t=M6fiCr%kIKdE>I@_hcCh|VG+F<1aSwYNE|jAMkXi6 z^#wl9?t~Fw9SqHgkFs2(C2OA_;qtmLr(rsp!pXRYVX4Ba+0QC*YD{S*O7iT;ga*uJ z5YS17;`>R01Am5x@P|!foY)UjuW<$)>sP=NdaV0tr(odt69EB~bk%i7E%v!PM0H1i zgm506#K|ouoZj*SIV@pJUZ%B))2Uun@EFFlZ{UWey9QJauVxHpAP!Kw~@iXC0_Gi-g5TTQG_{-){Cv5{?< znFl5Y-@X4)PX==)5+mYFEr;uB@;CQ53;(xTzFEQ5H^*yCHZ|HTCjR{av7sq-mmOK2HHLvAu_t(y6kGrj{nXnD0ySSZ z7Ui_TV=7f3s-X_6BwQZN`wMBmsd{LmBKLNIEBktb2b?znPng&>fv+Se` zr%y{LgWRG(J1;%^CLK5FFnuen9O8^VspgJNx$Kag;`+y}v~i{@_r6c8itCZ7yL1pe zNN4mJ^29Pz%ZrUN(65f&ubYPLpQs3;Bcy%iyufDLW1=bLQHu76mzHBp3;-)CnU3#v zl)iu#QyG12iJ)A3R&0D5+vfG3vCP))@*s4hYpx4%WAt}TlQ()Muu!ub=Izm7FWg4M z+g7UllV+4au)>~X0vRPnLd8pZWO3dk`J8Zc5KNWHDOR(>iG0;`bJ^>t^qhEz0E>2kvFGTNlYLz-n&>2Lga2*`1xX^?N>*2A` zow`>3TT*%sV#fqFGn6ZM)(<^b$z{)d-Fw*@{6L^0>auaCVRQ%X!M=J~dB&cteB?}K z!{;f4aGixxZ>ybtJ7_C-VZmgo3BxxI90aH?p6@MYN1|f@<+iGv#93}8ks0G8?n2nx zxV#E{rNgJ-WmeSt=E?hjVkwi}JubfX^qDj{isgD8m|PvqapzHFN4OZ8xx|kj+A1;= zw`C&&1T`L3T@4%pc`2;ROp6-W23G#UzH8ZN8V1Cq%W}pxBJ+DY(7O!VMC*nya7@QM~~QTdyw`&iJoJ z<=&>ye&@Atia!Ut=^BU4_UPY^wxDPL6~K5-qL#>*Td#3OsL3{bme>S5+J|wrRg(Ca zXgJ+VhwjA@o#=eckpQBlOgccnFy+ip6@`wFBvdWu0ib1Ly&PwG-_%13f;u!OVjT8C6iYVals6c{=4FDMH~p1{4f)zvqJK2~ij``NtYW!!6QAY6Na3sIK+WA4oFdt?h(5S;LYTY|L07{0&Cp9>fK8sZ84T40 zN2}N3(aTAwZKF*Ju5AmtcT)W})EHNzpgp28WUGL@29WzGv&^xNmeE!~Mk1+))Ai;f z-bsA`9J^eygZCt0g~8E!$uWR)+gvzE8~78`upnDs3EXM4x{oT{O3cnQQ;w%euf3w$ zLUCK2GaM5gqY)S|;$v1W6_Wv>%d@zpQl7Ny+~n;&Q0DqCaUrp~$T@M?8GS)Tf%LjDX^H=i{ov<)W9V^%bIXqHk=g#_Wr;&?NT25s!Do|AO(egVpo&xNUM+DcBq~Qq6(>pLG)Fl zP#y82vx0`1g%JoZJ0r6ub~X}c1(w0Bkg?fF6GSt-^MP#yqaI6f!LAGX61|KJk|T>z zWl=E5?auAn6|P9S1w`Py(wYYqYh}zu0#?6K6#_w4%o+4iW))Fwe;bPn^kxz9H8+G* zhpEbF3oH$xjQA3>j9Rz)FpfbvZ>#&Jc!=DBsDNyaj3gs7nq=iC#CB6{_yBf*T{;EQ z8FOZ!!%1PPE8i@%OkK`sGBrV717B9t6mkmm8qr8bZl#?X1X%OQq>^v(rJY^Kd_U6w zf!2beurYxMLK`(aXtAPrtYWz$xdN`b{u!{`UfSB9eH3YZXKZ%7HlwFKG1oC9v6#HH zH3fc0a6ea?z9TwW3#@$_u=d?tiW#yyb(_OVvNMId{Iy6xImZ^}@uuuk=!kL_n@(^6 z-b;GAB4dc^*i0MvKpvpMvE$h()_yzRdVlH42A2huL_@A;`jWr_T2y;tAEAr;ya|0G zI8Q-Q_taL439{|=5>XpwC6O+lES@qQE{&=Y1Vf1(vh*4C!`s}@EnLwB8)lUlnzFI8DuaT{eCq~_P)uqpshI|DI|*~x!AtFThbJ=fMH9uR~PcW6=3(vHbX16{jLISojaV1I2+ zkxM2Hzj8cHrrOayIRVwHhIiVzP1rPI%|j83rqU!L!e4QT#-Gy#9&X$H(xEUe_B&xa z8=AF7^+u57!n5nEqOO6zHKl4xubWH84hN_zrcBMm7erg0h;g!{uqIA6;Y);}*+cbV zvLv0+y}qhK>YmL3l(?ea7Ej3;OWr|+o z3dxfa3d-FX%hxN!b`itgK=S9&UJqoM>`2S}^)W?}+ax+O)YX>*Pw zCg~VxZNZ-BxpseAZFN0hs<)jH{d*HUDQhyQZ=qiW&< z!Hj*u+Vnda=g+)GNg_wJoZ#-1Z#E8wCZd7)vSQ_l8eLT{CpEA=)drm&jC3Gw}t z8?Zewj;5GKX=ijwQa_r#M)0ViQ}rqi3}xgYRgDJrpV8RK_svibt}hfjwgavxuzrouOY;PXd=5+t%Us&eU+a+0A!jGxBx;}mi}v=dr} zT2iqBe>uvGBEKUV{hN{<<&a-kO~XB?!g8TB9*le<%a_ZYDt_B**n$V#cCKa%c5zQ}p@X z8}$q?<``SWfU;VIlmD_&es*K+hQx}eE3Ju!%`V#fj^MbnPkZ;G(Ro=b%v5ZB&B<+A z*RwDNICJ0ntAKg}=T=M=O4TJ;2HMff-RQ`pPkqOKZj{Gw#o%h5N z)-b&JarLv;^J$6DbHm(5#+pv8h0aktDcm5>%ceGwR}k@FI<=`Z3Y(>ROKobEvxN%6 z=XhlEGfho-$jRP=LgyICF-wj6e&dq_)XRBe(Yu z5cmN2$iU2kO_1Vi#JMu5VDNR!IJy@lQ;|+c{Q|tNp67TXJc{0n5y}6v?wM5`;^37 z4i~n`cksZ?=$iHiq4ymz#)fq?0l-z-hX;x{hN3+)l-Fw}5p%|t425-Loq&Kgu!STG z2+>d0Y8#ATJ(F|Vy7YO0>e9H6*9GUVl7RTonNyCt;`=3ZoFX&R#L~c2Cd-T;h{pvd zs27}@QsS5_?ymQ3wmMnV5vbl1z90acy++rSk#V6kDFlrjS~aX}-9OknC7NWV3;Qv?561t4k1*YX642 zQb#zcH>Xvu!1)YZb(^sg$q`7==h?(m6_Xl@BP5$tz@l?meK;&p9 z57T^sLE@Nrq(oA0+~IX}(OK&JOcY-hp``ju7&sfddgHcSpB5hvB&2 zkN(9u;K##Z^uwJ-kxfRZ3UOb+t1ZD;*p}wWOF`Ut+Pa21i;4w+UKX%1#ac!5ZYzm3 zT|v?`vuPW7zqHsI$ABy1jpA|z(iGfAIJ6p1V1;-)%TX`4TJs!w95BaslO|&F3cth} z;>buI#GgCbwLS54AgGi?e8RDdZYFIV)n}smx@uEVl4FvN$mq7A$?AcabVzn4QT(!4 zYTu+fniQ+-=GNY>uFktm;56Y+()RWwVTjYIC?LdyZDU6@Jm43rPn43x$RJ^Z)O&Om zMP8un9-G{tfB;d7xcotaVR~rj?N?*j=AwCrspL)4xx105mN;=4zWk zzkR54%pa_C_{|8L5vM}j_11T)zfgsWd5#&F*rqI70e|F=SwdX+t!R6_ZCo+Ic0V&i zFGsm-I0~jw1taJ4`Mt=FM54Mvtf_YR673z0G|MED@u8&Lz9h>-0;80;Y?6kcbB=rf z&CXUeOu; z-UNHg5;~V^1DwN}Fpg$kT%SI8U+`!;E0`z{y%JzrQIN8~IMLu92UDj2?&t%S5=tMU zMRY*1Br>7TA=0dgSlE>ctFPC%m^KNv@Yq1im6Afa!F1RAijpc3YY6W#X@CwhWkOhAWPdD_RINF$;3B4-DhzZDqx4~Yp$C5B_u za0t<4IE;4$0s*4EuSuLn$Pt1n$doZjeLE5TUAwF-aeRev^mDwU6R;76HOfnGZ`XH@ zPOP@Kh7=j95R0Dr0@H}>I2}<1#o~~H#s-pV_%FGb zid;uen9vmcO`JF9l?!JuivBddFKWjfcv4A_Id6UQ@H1<3s?2s4gY!B)MA>*63KQ>; z%OANlxiW#2K_nE$qk8wXb~!7WMf4=@m?-SeEtOL#vMi`1ar^+H3JBE1eK-x{Wpv6N zJmyD|;(I3skL ziQVlmYG2ydqG|PS0#N$1?&yFpAWkbk2SjLzWVx%GOI|jC)2R57dPOm@iTAWv97ij8ti$%=p1`Wc$iq6O=&kcH7~}{gm+s_Cp#&!M_;zB=6#7l8 z@3ENz_!cWwoeR^gPr}B8i=`}DLd7T>Ly0Ulb#Z=#q*QnZ!Ns;Kiv^TLW6)DpU*P>O zW+<3sR!CeM4)#QR~YtaU24V#zb^S@c!Ogk>cE^`ARu zlT_%Pz9dLtrI{#2m0P7wAx{Hpxp$D=*ke`%5;8`Dwj`n^?r;z-tUn@?U-!U%-Dv!E zH}}^q^Is^Nw6B}mzHVy!zuwgL_3+2n6E=Vv{d&UY>oKOUXT`pr75mR;#iph@%ycx( z%D_!wn}z@5{2t&F(KRku3Dxju+SUN9{4#j5{T$@hALj%M^J&BRFYT~#o~wcLjVFO) zmec17DS>ul=6LNWGGtA49rt<^|A# zKOO)4I0Vtv(R2PhO?q?5r889jr`ucaffehWtm(%LSkr`v7$p=qUg~NPQ&<=pVX(vehWIYGxv=A5WEIaul3X1m^ zx*sZ}tKX7}{v=|C6;f!`V3b1o$o|obiQy9(yJBr%`gjgTZA70c(BwlLz5&_2!|Pfg z+KtLfc#qs0TSKR(AyL9F7kQOMSIu#B!G!15Q9R)!GnAy`lzL!gVEy!=Vz6>Nf&Se3 z$*@Olf67c&lgF>co3`FcLc*hlD4NpQpcluKmmq|FCA?EDhCyku-q5S3s&~y}y{7v? zI*qp4)6;^1O^I(FmDI!mCvb(n_?>s?dvp&H@apUwkC26NrLm$1yH<$SEo7iZT7fw=7F?4Kg<3mTNkWsPN7Hkxnh9}+*dbcrXCPt zr}#W9JmW{|lU&VR;M3I}gZ<1xZni&o`Cz6+Nc=PzB23irAi4`E4FAw$4g8ObntdW$qhpG%uY2s%~fVPG{zyP6Cdh=We>Fv^%}t$wIX&D-F0mpgO!O zXZ}TG(QLSVM;ezrwMQSn6}T~A@317;;rflOZeaVl(l*;qcOh)2_`Yx)KA|<#Kf^<- zPq#kH&kO^9s|W$F-{xC(a)w23F!kZYkWD+sSN{}dT#Umyhb;u1wf$Jf_*JXCN=SO3 zy*g_J9JD{l6O33QcmP+w%f_QDDef=S!>`^O&?g$L-)=&B9dW>GR`zBCU7HGj|7(j! zOByfdvVn)@!>JauB(=kZ(bd43(>DKX4I@VZ*GAdcL5|2LJaT&xFhdjg{i¥>&ZUBvx5rMm15@#(e z0fhw1+d!yW_QA8yqUE=MdoJKFYJLEzbt8Q|=2{lQJU+NNw`6votk!U5zEc0&S(1s# zaQNK8+RZDk+wi+rhiy8X^Zxa|=g%HINx$(u^_LUy#cNhyw@bA(vO7~7)M0dN#&;j@ z?D%O<(gN{@&F2q^>Q)D@<;In)lN3@!xg8$44t<(i}kaE%^V|X$V=YETAkEY(KH(F~OZF!TiYR$~gonvKK?L?2uAM7y81+MDgQ_R3# z`z;D?-a!VbBN67wXuf2{=Yrk){e#v8#r|%1f0|gq!H2D8PCwk8@#$lT`B1zbKtOxq zjMNpV?K%97=;fGg@bC15&y_<~_GMTEN4ys4CM9&uh_!A|k*CSV%2dNUCx|+QPD#Y5 zsc^MkP{_~@94!|w8J7%6ru(sih~r_#2+uu(Ehn?dSLsNA-og!*d=uRqQ1gYT6=z}j zI@|c_hMU6>HAOd6rc-Hj;vTwg3@abesWQ!qjEb-dz5%4NdQ!OB48-Vc&yijjBUanR zS2ey}O3?#>?6U0UUJ-*{#HO@?BGRm~>JULi&sXoCpZGYt7_1^{`M$C-Yr9!5w!D&p z$@u%nS5B(iIux|{_>GbJfTS;qTD+JuiU zcELAcAiGPGMk~qqBG1HieHlMR0?h&yXa1|=V^<(NjcYXnQXhsscWysyM=&9JHOoP% z_XIk!N~+|WBY4gZ*zw3-;O?n+EB*5VXS^u1**oh{x)#q;9+e8Q5)o57zyKRxba>m6 z`EEYQ>sKXRoDu1ATf3Ap3k2#8$U(h|2ZcBQOE>%j><(sX6l?o!>|_4TPh~Z9F$Sd_ zJk14DpnzCJ{vt}>2(mjlU3j|LgU&u`4t9#W^3AZ-9r6p#N=e5?Yi6Y3%s z4IW}x0Hc1m2&?}}?xo9T*L`@deIpe{}LN1=&bT5fWJ$GF# z%%8G{4KW(q%BSwVJa?aYBl+(RI&iz=n-}NI2$?6P?2LfdES~xn1Uk_CY8GgqY1x9E z?m5i5&5XDWvmx3po_5EDLkIlh9vVDWd(d?Tl~^lS<^~c&!#z^K-^aYIwI!RB{g?hc zgBIL6^#OK!J7IOY>6lo8hA+yq?;>PR@qYmNaOHntM9@ZVp2h6ro}1T2`WAhEv+-x! zAv^^=61Q=7(v)z?f2+K~;9j8ZZ)vqQO6UEQi2a;=`lBge3I?@uU!D5GsKnxNdZg|x zZ|MeDI{SljJKr;a*6yAZNawYWabxGUf;J~l2CO7gLgu0Y3%BmnhZ&!&#@%(T!sA(? znNw46ZI}OGfdOg6-{M7@#C#6KbLBdNuKX7VtDTMn7h0OSB?b0c`8bwjTm4%|mTtNS zAeI-e{wg0Mo`}J;bH>O+o)z9DxmtGj4kBJjwc< z61oEFc8ho3q6?y%ybR?$TTI{cH6YODElUhQS=OOjLEEC74PP2_ zeCD^lk_T-hthQPDE3i-}yN}X8is(@!;L4k7_cL?O7F?yzK91DScr(55j;}NQY{tVs zpsX$d`_PueA3SLuil(=chANpUU4kj`;Q-@dr?01SRa}yN5dbP8u zq~Za)g z>+Y_o?b$YxmU=Qm6{Ltu|8E*2Xak+EWtOYDJiux`>F)lb=ivt|KAfoD=5x?qq~cNj|M3$&ZAp?Dzf`vE@7b@N#|OC+!t0Vm>l3u$7F+qV(4PC}MCiWh!`yp(K{s^6qE(ib@pdX3J3+UsN zYx{9-ILR#gsH*HIboB$e&QJ+m^$9opX910Q0%)c4R?jp?MAq6GxaR+;%F+uqx>2Tf zvd0Au)}Ge-1J_cXng1Ux&rXJMG3nibc`fQ5tg=|=fwFW?QnlqyCe3(puTE<;LgkGNB;-wwRIr?;al%g z-pmIXyBI_N^63olDf#m!4`cXWKAmM4PpgBw`po>K>1F*Z9yzxK^dhQmi!B)dD!}vf zkaV}_e8l6I8PlX8#tDC^fA_LO;Bg(TMFdLrw5pYq* z7BN2jg^>DQiSKS3&}OqJ$G=pVwK80>_|A;8h%2Gd5dg3Qo{)RfoSb>M>J~7BW)I`c zFI(2M(A6F0Tjt*qqeS?(PRlmvNJwiX84mV_s=kK6FFa7f2_pNx%hs;O@ z?4Y}8%I`4SAF&5(mS<7^nJ0o{7rQe8^ew+_?ae7G3%IbkxsJ{{zd7jfTE}(CVIShX zD*Y`7cGleP#{6DV`-{s6?%n*H)PE)gGuqogS&~y>uO!4;U04^ujUF5s@u94C*LEX` zeOI#GS0|qmCKS8 zvAINe6kE@wWa6*rDO8FOObG>TFu=^#+LHl6Z#jw>{yXwdwZ}JEa~b47THn!zwL#So z{qIuVHbJzqUv=a@#?i-Xu_N74a`L?I@;g00Y}lN}c2B6T-oqCQhi3Y|WC%Lx@ldAi(iQ%*Q6HRT>~a6# zJpOzBoH#{Il{D@*&8E(GXigsuI)>QCq*yqXbs|l(l0&sivtIwr*>2e)j8P^lx-*J{ zyXn`@&neJXp5B)7ee{)G*CblDubyV(oW(vH!*8CSRp9L;6Ypo-<}6!1I8#5f_}Tab z>K5*4dqWYdBPR7VJnZIhCyV!cw(;&QTidAzHAOq`!TRlFu=-#Mrt_}aQ6RK7puF1I z*f};%L?@ca(BqN|u=6(0a2n~&;3m(+hrO(;p>FpcC8i|v2c6B0rqaRidE8gb)`yCa zp>m`VZ|p^c@fhXBk$+@(CER5S{8|Oi)vHt$b)t44>b@B%!ZNb?VZ=}D|gO&7; z_}w$3_TU_s9d>B#eYmJ*& zsLtSwn_p3Fn0@<_q~jP5nav%0f%;E<=L~#6r@?*adG^1*;fW*~bmw!nO%%7rE;v?q zYgu?h(Cmoz@HOv0=xWZ}7&6ioh2P&9s`K8}PPqPIdv-pfU&D(XVLh|3OKbZ1zz{wZ ziFp$A!%P#Z`?-u0Ue`}}Aw7|K%T}z|L6;(AZ`=aCPk+p7?4Oa{9xp{4M=r)y#HaF~ z)$Q~nPUY#H5@gY5KP>%QNGGOQ+57OSf{Lp091P*;t6dAR(pp`d^)TG%ooo22^Uu?o z*%iy@wv2C|?Y{j=@ui3)ny5j6pEBgcY-w0>VVOu(WCpi<)6V&RZO_}hw|V9lFBKKf zj3Ww$efB|%>jKBOn79;;N|56SmNvGS6Y-Sn`KBT4sXR|_pkS*H`P3))0^q%OD^d}w zPIuI)f`Mtiz8EgCiGL4Va*>=FdyIbOYPS1!lQ64qmUPuxiE1v(U=N}%+-*snQ*(RP z)tY>F;krT?p7_{v-lhKS$@|jWccr#P@XCjZp0 zYqLF%C!RQDC=SJm7xw%d=NOV=~d^ABJaVm?V9ByVT|8ZZr_BRwYMLTn0!Xv z2OG9nuZ2~<;WklJ*_vKf5VC6C_f|t)-PPOZ$`G~*;5?;f$&{d zhhyM}3qp&R_wFx@#*~B-h^)uUO6>&injb3a9s@Q?S!4yhH4{?Yd1@i~!vR#P$;MIZ z?{a1g^k@AmByP8gQGNaS&~BtPFOu_a*F0=21+v0#&#CM)u5{c4XHJmMJWBrEgEWm5 zqaq&qc-ixY^Q$a2-H?;q3a;;=(P2-LsDf9d|?fuwUznsx(6VdZp<5I ze@uje88>T<)cB!rFj#b+{cJ5~JWQ;4>Q6YG`JecZ$ZMh)Rjr4V`CmC@xifvHMO4+D z=eU~vn^%RD#^)H#G=VZ~=KDKB{PGu}%I7L$GIs9@s0jQ)aN6+qhT0t$?$&QR?^NLx z5Va0W$xcmZoGN~ zc{YfTKWbunPo*ciJy;gfzzMH8Yt>Lj#!sAine^=g(=@xA%O374PI(2}-uQB7pE79n ziQ`zJYK1(0Zrt0Mmeg)V5GS2I)(^{`888$$QB3YHUM((NeaQ0Wt%weM_P1~#Y7i6M z%=^QW&AA>LypJ6#rDeixzYWUC?c0yNTAXt;mJ+ zRwtIs3Lvq5boO=3Xy5+K>58Q78S6fas%Km6G5en+ae4->8VVCClHJQq+B!xg9z^-G zRc{Xmw5*};ISAX6O*-p-4D5PwR^(Lm{}g!R@;T?m3#%FhmbqPcaAf+(;+!k1Zdidz z{R(>l&um87q7ya(KDvPAAR`}H1tTNzTsY#{5 z#2+w6Nhh<>DYL)X&v~c`OkQE7(=_URVm(( zlHm_LioJYG=CPYs$8sc;fExm(WlDX%aD>_CLmbl2+;wAg+YkgdLK>OMqB1^&+LFwx zs`D&D+H*U;zuy?#^j1+0du!&VbzZi^pl|F1!{mY`8c8R%Z>OrAvgihtLesfZzx0Iy zi}AMI-^_wh&WwY2U@@5gbup~1S$=fkKPa;EHcyTJ!Pb5g7GnPoMn_O{n^dX#m|Jdn z#$R^#z$SoT_~&*u-TZfSCA3xep>90%o3PX#@X?=YmfHpWL+k{==x&D0s}rwZW_}=F zj&9c0qybw7Aeg9+J;C1p$%p+KIr$of`Z8DgHOTf4ft3Gmg%Ins76lIplgnp6q+DbU zeR6#P24cYepapAG#O^!d+2?QHY3T3d(NQ1GyDvgaGSIlMieEy?$m z|6KfrzUvEjnaQl?bCT7cOa30XZ)RkgWLd~Ul;P)K`=S2bi_fH^7@(MURX~;-c+Rdi zOgo$1zhh3;tbaF9as8X#wY)7aR;inrx(|=Qs@K-^ZkB#n80EwEZM3VOiLZ}dHMiW= zR%;Ri#NUE`(S3@NiR4t)XrQpx!8~LlNqB4K4^cMk7}e;@gh(E8@(FR&hIYY7XZ3mS z%Db)8?c^J&QtfwCO(?4j^7;+iLxY}Uqg8cGf!IIeKqLEp8- zm+sk2!~YBHJARZ^~ee(Q+n&A)iIwKjR}yLBeA9qWQF;%c(SB|$6KRe5{N zW1&Vn^{fqRfAAR7TyvdqEy%ZQeb0o?Pq|kyfug9YqfRcvVG+N7Alx{v%8J#JdvsO+ zr^KynXc7=QQPL%96vK{{9Z^~Lc8{u6^BVR{ca8IXEFNcRni+XZuATt0x1abBa%p<5 z+gH&;JwN_9$2{Cn5<0jB244Ex5ZRq_wvjB^?O=#C3Mf2<=4IYH>s>B%HT~$yaFSQM z&fEKnG0w=2^za%Eoj<1lw2xBhl30 zDac79oTdLLec@S?J#T+xva@dGB-2xzBm-eeO5^@R2N7 zYh=zb#~fq)eq*cxtYbyW_H(Kjw#>ch?B|rjx>2))-U#6E$G~bP!*8wY7-K7KE#`n& zid8kK12h#OIZiG)nh?izH~UmGF>Lbn-5bB_QI>dg-TVD~B6FIOoI5>^bb}mzn*fq| z6OWiOfX4Q3-+9u4%dpV9oNKxnJ8hxy*y8@J)iqOQy-SEBCy#!?vb}fs5SIGoX7&n2 z=rUJSd!({MgA1R8xdy6~qeq34xCUsWKFo<^rC}nFL%Wf`5@*8glta_6$Bj)hWbr0k zS{Q}!Zi_5eD4xiO7~W+*(XO#E`H4|d!7imyz-x%YNZCG`Nhp*;LCrFikHTlWP1KJo zuhC@keOK_AVHu|~;HR)dRMLdt^NR^u?*oN2Yqc7+BktGPUpMiH?>pCtV)l0PciW4iqt@_UwP z=u^*#s`%Vm=FRX0bBG_YhOtPl<4z&KzK$Mtho%otPU=g3y3tHIenHxg@3Op}*o0mzCcHD$`4lJDV={HzP)m1t zc~oUc|G2}_?dyu+hn({GK1eU@y@Y@_L@BErWksY^l@E{IsckSS zs`;1L6Z&V4(GVEkwNY3&(*TXP#Ru=fejAQouL;EIt_+C^8}#EkvJ73tjv$Hx({t;Y z)ABILk|RL;8pMY=9h1As^^1-78u&_?GLy#*NjC_Jidl+P3iYNnd<~XEEsQ4A>|rJG zyJof4Vl)RXfvN16&1JW$f6}r@l)D{nYymua;LJWS)fX zZI9GVA^KC=FY4LbxB_{rQPMF>)~u*zfWe!EpzBFQ(Yo$O_sz7T{UzY*wpLNfy9e39 zFmizvk}_P6E(|AldfV-E*T=6;gq6a?_B%#}P2(oAf9~dMf3gyO`6A8>JXE0($>VYF zE?f?NppAUBj}nDCdxrOHGm5oXUG*BP)0D=4{|D{Zj@^n&KrZM|lvL$2##7>HU()bC z#-MraPWPID@{(9va6vNvNBPmBa!z#aQOk(T0nyreqa!2F9=xvVX&VR2?Yyj#F*)oB zJ;WfWswM0O^$&Al4GYig$CO-S$ENm^_ z+?oFvUboAbPOEyYSGcJ@xx5O)y>yrt+bL@4o&JH~%Prj8XyE$=TS1oLb(&)wh&tu3 zySz?8nTCaiYt2}<+~{~Bs5Ok5AU_GnU(Cm#xJ+i3H>&49s>>IOIZ68^&})J1rf@3r z)1YHmk?(Cbb-WX>-6SCy7*tinE_?w9^9ExVs_7^{IK*zz`R94-@+V=eLI>fAfhhz> zZ*sTVkyi^Myp)1&={Qypf?$}CQXQ1k+anCxp6wFLgD&GaM|^t^p`Q~22OW7Gn%CCX zp@}|Cz1mKt#k8^CY6J`}>FRHb5j52+=qTLf%Z2WE7As9w)d}`OV)|7}*#HS69J=qp zo7YCa&!T9Dt)JWTNkeA4XA15Z;Ko_-Fk9XVin(im!;4%- zdjJ#o@$K%#qKK<$ch5fI|EQ63{Mv}`^5(ptm%5vuq|;4e0Q-~Q4KmdsY##Gn{Tb4K zc0H_AjMS7yO-h&ulZfbtEl{0=;6RS=K1O6kHL{rtq)Dti9J zaZj6AZssyROc5VpCLi69IS0**BUMdz_>3J3#t<|L3k`3fVgp%17Tm1BTqh zl=S?@jeTJr8eTtPa1h;w53PL8)T_(VwH1%!`^4kYlvdT#nkCmgt>Cw!rKWV0znWIp zux#D>Vc+zNLLPo_Q}%lJF;UHsv*ijMC~WGP$I<=#mMFdRhbx981rHKVmTHSK6r+^& zxCLHXiffsN`a1Z8LEv~{nEcwwh~(S4t#e60MbPn|%D&?tg!P$It|DJuF`u1))?GF9 zsXWo*OiilOZ+cQ?)MjcT0wRG>9$`$c0~J*cDCP3=e0W zlXf=KjLsRqX=LAaD&uXHk)GD$O)&D&{gtD2*Dgx`rgV7jcTq8GwuEMui(hVqQDNYi z0iyIPt{>n;#~WeOe7>%-&|)I1TSjEO-H3UekHZ1+$dWoTx!=@Q@h#Q5jSCW+5FFbto1IEnwX`~cf>9L#AYs2&!dnPw)*qe=PpYN z$GvMHGDPsj14XSXb-pwTUPppSPJhNA;f#WO3<_w0$m?^T`Y853gpBl8&TXk7V=7c6 zx@(dSN}+#!q+yAD%~DyTPu1wmJb2;9K-$BMi$Cx+KEn#*J(1MxHN;0HD09*`+1Dj; zbV4Qroo9vg{jLtOLI>JC3XAV;UGUFQHqZRG`n#ZNX6d%U<8$ z?n&(EgY;Y8kbVR*?mDQG_pkhbA{^0nQLHlqcic!#v$k*4^7L4)^ytEeZ3gRbxqqR; z{$bg4qTn?PYnLF_l1|=|BP(;}XTO7L{sk2K!`f_c2h6obDkH+CzZ>}D%_{#0GXFwm z{{7S>Du2#Dw$ojXg~|D1SoWWO?>B>=n94JlXVZWDMxBKJk6s?1t%d@@A*5wZVm%GP zZZSb3qIc6KRT4CSs5DJpYu$X40{#z^4w!hs9U{^reCXNzQM}6Bx;t^P8%?zUPdz+& zfVij=GEAGCKp;lyX~P-(nNJvM57$RZp?h_2qsIAJz7&O$7ry{R^-D%yRzW zHpC&CLT)zj!`1t~7%J`YoWGF+@^`rBv^BSab%zJ`bn_FQA3NhM_DT5{eS};_jxN9z zo~aKig{F9jYk@v*r7rHD_>=Vf`;HkE*Ns}f9l_1XAH^kg@Uf_-d{gTa z%(DxzB$DMbn=mo*VYoEr2&2!g$3uZxl&)X!wRu2k%v72z_2?d*2G-~Yh%3l?R{wAW z7n#YJt8G~8bI)g$vwysF*QL>sg}&$yfukq&jV_};I6Q(Em1dKR4hynW*bm{G?V zj~GA}g!(n?bA0ihsz^QQYd}0@F-8byyp(f91QsK^nODK=@MU!AKye`V>|)BTl!1j+ zMjO60u%LRCD78yZZf#W8jftta>^Cz}Ww6*%>LOiqI-$X7qP}&^U|Cyn&-g>)XM+4P z$d+s3+n93R@ioOQUgmt)zq!qyapU8cSaToQm6w%Mwna<%H$YnAF4>b^Wexdg$7p6{ z27WV2er5IETFD(8UrJ1@l0F`P1mZ{AdG0Gf*mHvV*~z|63BVaQS~h2SR~n9954ZZB z^$Oa|VJ?-?@QTu_>qcJG1f1gRgwijDz)MpXm|%bV4NoDOfK_~Tz}LJ$xo1r1tty1A zpCt2a{Xj6!)h@$)pd5f>x9cCZ1%EmmQ|={!-`T_2X-6J6-CqtR8?#fZK3rF9zOkp$ z3#6sF%iU2>6eg-9U343ueJ{1q(we>dhcDgD;n!(HBc(@k-Gi`iYl>?p zEwxZ0k;?vr9HLlN2&_3`ZGu&E2D7O0gfXbDX0}H$Bi3 zmoI_`zY}=Dc?*6i=eW@v@wZ0T5@w6Lgoxb-*k+e1B8NT(Tj_I0hEqGDpxC7zX^sD6 zOB7*+sJ$N^-e`30OKl=2msz;ne(&aeHEpSif4s^ApT!Ti;ca{oEwwV_7mt*3uk_8`UCsUofrd3GaQ|n?MVR<8UOA!g2?vB<)@gRS=BA@vOIets)Y1O{x z+JMdB(7STc{In0+8|ZT;oW*OV`Jd#vs9Rg&RCg9|q>zF)hRns)Ug^4v)(JiI;L3iX zIG|A+_G#Qeo{Zdgf3+$7ql-aoEE$47e#3OnU9X~jLYSbuh8DAM5wy^fpp9ns4pO^JKl*?3KmZZVJjxQCZd>bM zS+s&}bvd08)l}Vi>C`gBpeebD{N|(LH*OqLAr+)>1WBDPs%|ehFpYRHh$`ih*?^Z_ zj@a^q`2Rh=-4J?lWR22zS^CG)R#x{8Z^OaM0@A;|`Y4!whHyQY1gFMbM9;O^-gn22 zU(_l#Ulue?iWIF5Nq@t#UyY5GDQ>QB!OnP(PRhiN>eub>pI$D)aF%MrLcHWfK8@SE z$#AyB>CJ}oh>FEzONu(#Z@3zU+I#1``w(cn?|Yh-`MJ9t^bDPJv2fzoas)Gn>a9;) zGZ$Ie@=~)t|AQfPCVynRGU#MTtK25~FDv7Ne?+j%d$n*n8DE5YO$U<1Um8fl4{Q|YtK1Y%) zgNdzKtN3_Bdngm+Cc^H6>}P|j<_B37gMY_fOlCsg(7+@-Z&^$`?4yw>O@Bt^C(t9Eyc!9 zl28~lM$Gcl_ufRY~{S~^`v1_m?c!CPIT6n88J~B1pb<`5W?W-YGDWA zj#wS7K}U?;wp*r9E^Q1lj^m_%ZP~5t+76npR0` zUDwF0ba^Ho$A8#Hdq8DtT5t6wHZk4?a%Zn#ec!HYc)efU^jxgG#3$>e`vYs?z30kH zXhgi=4?UbR>UMYjFMsK8f(=c7gx$-D373eCNcUKB77%<=&^M*O4KBCoxBur9embhR z(XWe>q1LY2LpdZ^+60$u`C^bWdEh@1z8sq zKl5>4+J6!a9=^l3RuzmXxfX9(*9I&IJ%yfzdXK9> z>C@*A*D&AmzS8C>P;DWGeX} zk@ojoV{AryX6EPn<(O%gxTK6A-Sh#dncwscIuS3KcwQ2QT&P9nsO4-qm0Kg`^A<=` z$r4FG&h=Q_ay{f6S_JzY8S^ueJGD(UzhyCX;jqdUE2F9lcNpEUE%)ohmb1Gxc8_m? zXSRS=-AW@CbZJ$Ip?A$>xBPK;p2kP-CLxQS?r0q?*kn!~A!I3kkh92RS<{U#^}y=~ zL!QfjU~W77#An@d;yQs6pc=|nfiP2@wN>2RO3t!48-aaicb*Dn02qcN5GD$sx6S1I z?IE8?pOm)By;U;_0Eb*wFPx1H`U`9b;DFJk(y|FaA+f$(s$U`T4H8oBfk` zu?FUhT{Kt6l!V%+_+}c+YxiG3%<8yRd$Ht=ADhck%XPwKJKe40*IBV-4(y-6PzbP4ul>-I~c#BWW;2K=*CqYVwl0 z!@pOQ9AV@ozD7;B^QVsebHI9=9RszK%=s4Df;+8%kq9^bhf0^1)Wv8*Xt>>zYx$E_ ztc{&BxAr1>|Doyyzq&Xm{+hSDVdb_KCr7HjaNa-EW&%MPdALD$W9ArwwZ7TK5JTvO z9u*6Fzg3uNJfSA=?{&>UJmQ03jha8X22@b0Kb>V$A-b zq7(?OeBQuJ8kWb+whDi`uM=a(UNQ)|Ta~m4YQ`;V|5l$1BqeHRSq@THwkjCm&HiWp zs6YF!dSJk3A5mnaJi0sf6qmkL%MLn-&HsneZXjedqb_2Q8Kd;2&6g=UIW0pGZqD*x!NX-mV7M)MgJ%dv<5uq6Loi1dG;%xY$m za@~YdI$=`3(V91@lJ~RSh^?56t{S`jxhJ%4oqPxl_>O~i|JJD>JcQM1;Gb^hR?o!& zE{aW3R7;3pGNqw$&FP7DuRSP|4E-bjAnNzSXy+m|D8>vz#tej1Vs4 z1H`-~=zb|H4!`!Tz5|;}cCo%_tvt_aUk<-Lz-@n;&qXJ$o`1cy5zsMVQx8B80&68H z798(AA%!o{_w4_}D;Or$cz)2lM0%4lLz=X98SJyjz^!pchz_1Blf#3h5%>!zAc_W=R zIU?uar$NOFHS4qlaah;%x3&j%w1pgNX9XLL00`^2^TerBK!D#1s zhh70P8Da(ZH=;~W=LXvC02+bl=bIJr=c-qZ%WoZkKyL*-wy)QBp{*x`+GM z1x?1*F5Y=}tGNi+qi?i$c5^u)@Oj%h0{|JfMo_$*2J?qztdsGPte;&e>eROGB7Gk0 z@EA%6CvDkNO;$3X75{r(a&0o!XBjUo5;h$GUrt z_Qd&}ay((T;5)yb7uR}z%t$gifN0`>e`xI@uqjme6=e?RW2?O!^Jx)$9Q4(#zC1GP z%jpBU1JZyFrM!*hbjG~^wA{oA=+0BJJxYdSP!4*IBh0OiivvpE>R==w2s9N5ngzO; zC{J2&{OGj;^r^6MoQnfxAhy3TQwX{J0;2vPfPL)ZwBjgnpx@kJY2<5>z-+wYTm zuJ0&uZ!O^XlDE~v$oc`$t;j1y=jeTHWuS$T4pahwxVX51zDBjHUjadZW=E^DGQe_K zI{WS7z~}t8h%)~@i~kSk;{X1h`oFxx(!ypR!HGR#)xgMW5H;J-q;1Pg4lf2V&}f#CVi6B5Een5BPu2}fW$Jhu5%wf zt>kxMsS))JNA-1dWSdc}IByQP(bvn7q2zlVEA{~l%f#`V zLQlO#vyx#qi;Gbv+Bbe#?)%q|`^{*tOth2}>gre;Qf|=|x4&H2+nJW6D?CZB9Z3QA zB`jjxD|x(*($aUu!(ZvEVs&G8H8~zdAND=}dH>G|yua_D8YSXxv66Bc+`;!!b)m7M3_CS*?t_5I zRqbtc>xK1Ot00x*ofx}#NKHAn#idklTD>z&EnIgboR^!hp^Edfv3OsKquCrLS<@qe zy2PAD`*(H!S{((@89z7c2jj&^6}9@q-yJXVW9v4StM#Fa;E`xSQuqL=;td@v`)Q{) zC%RBT?a)Ob*QB&{hF(#o-z>vYGjDX@P~%2njM4=+`>UsPT1nI3Vc{`mWK^BX*+sDD`Ls=z)3AJo28%JTL)5X$k*QZ507!VvI~YGK zM!!v)hjm%q@y=ZUY$#*a1XhK=e}E$-7_j)OQ_c4_!cy-(6WIG0wz%`^i$edR12yXZD=?)9Rbr28{gBht27sdj-+s}W% z2SH!9Z`{dzLxqok5n7fT^Hrud@=Zor^+>5GcUsx2IrmefuQKi<$tyZ375w*=;qKK^ z(~v54WPn_``&v-gNO^orL6+ef+qwP{wuh2>Xi~yyLyI&N%E=>B9!|eS5>2G@kh8yL z&RwX?_JP!2zub6bUNc!&rywoQS_`oe+(#>N!PTexu)3j~@{b2gBvBLoY1taP*=yBtwvQ5ZEljN+6wm%Z$fbltgBn}$Qez| z_+y#v(0nOl(8p4NbADp#Hjrb@rqKQxtI7a}6)m^fnR=AuJF$40n*SJ1a|&VH$OAFi z*#a*&5p@ZQJ@FE(R_UZiJuiP~2#x>17(3%W(jPzIq19Rl7w4NG%e*Vok#ag2WYt65@U|cUuwb$G*U`n) zR_K=VaMF+Sr;BpI#5X`%N*$Y+&|JQEA%2)0O!qQ9M@epLHqBeXX|NSa1rvPKzpH$s zm7Mt)C=ivtnxg8I3FnsGup`0`br-GJ5$#MSGL+;&q9whdqt_Rd+xKEEzce~@MZ#mS z2xz?m#IAGBq7O+Onj~UaK0$z8#ZG~7gc-t{vaPbzTnJg zF~6w^-DKGBeA;LY=Oii(KHp&L=$}jNd_g#1aM2Cx?!5*X%`L~IXicJQMH`Ncn-SA} z8(2P7(Jw93S2T~~?IWbR5yVNR($9CUw<>5Kj(KX`{rgC)_o;5^2IG8GRO{lSA!0^j zZe6m(*~+}lv1)@c_OcVZ_s+;*yXL$8;Dx?T;eap{{D8s)eTarrizhzLmECiFM6zvj1h3dYh??m*K-yC!3 zvN{_Qwi$X5HS%1;$y>$7ZWpv7QdUwXt`JTOid>ti7mKQt+#u~8fsb^x&7MHyjJOAE zDkh;opv{0nFHNB*akO(CVn%EEl4Z&;J#fA47%2gFK~I%virPOwUYBL&E_=Z78fWck zHQf*+rT4e@oO!l_^)3%>RlY&!6(`6l$PWirYU3}DTDoD+&Q79{zQ<7R;}`qSQmkAn zRtAXLcXvSzV}kcYs8d4`WhOJ}Ua^bs=&UJK=8 zxIu^Lg#e2sQeTg}Js5WgpHfevIF2qHX}Xsq_X@1A&rp~I@ro5Xb-to6Z04*?#mmXo z{$P*Mm{>ezBU4Apf1a*hJxYwh^<*1I*Av%YSKcM|MkwMh6aaV~N5KKL9Y3AuEGem^ zIXyHUI`iOE!qaM{0~YP-iRUvaUK>5LNJxI!wlPFfY9|!!ZG%^IP9CP-Apz|e352yr z>O(0B{b^{!!?EDg)O?((RAv|v-A^B8P(QMc-xwm~`SCh9ukHS}`7GR|c-4REZiAN{HK>iLNY9alY9&d`KjCUm*9 zKdlW72vx}sp#~j98$O=C;(AsJ-|pY)oUG`Yg&jQNHU?K{c&Hw>EoFsvs}uucx8jM)fn=?VdVA zmhE?UT1;Po`5vt9Ln+a_m>Y3BLxJ%)ani`1WYt+V$5TQmM0^o zv_)vr10`UX=Z1*sA_D9&ns*{rTlyraZx8o;U$$kjFU9_tG--G^^In+=_$A10F|BKH zj;_-knRjAclB5=qNzjux>+m+YGo6@0Od*qQw62_SxQb$qI8H%*cKwhAtjMNs?T}by zeeZLvYom{IiT$k6xQ#FZbEY#sHu>a#WQI+y8kiPQ5cVhQ|cl{*XB+ z%Z^xlIs_klZZ2sa{j}#$0TQ0TBElFed}@af=2IgB*yB&34{Q^*x#qb-{dOMVRr}fraSNeo zcmh4#|1JX_(${N~pLl@km1O2C=6a*ibi6tL>7tj_WH3%v;Y2a5Ftb`4f&T4NaAz0Q ztEjoB*2KoRporh*n*4Z{#WkITBB;l7=ziL}sSc}@zG>kGJ6qbc`G-Y+9c2j96Cwxp zGaO@k#o9zKQ-+vGR7OvGn9_MmP+Lt3LXP z>jl@}T+6{M*7Z}RbE*8mzUHvM!BZTd$>FCCgx#S5rupZEoTi$;sco1`vH}7MQ{1K- zLY8GoU-U2YeVXdKK!FZhw9wkK{`c(vKKq8M*@vZ!wI?8 z4#4}i>OZ`n6o-Ir2TL!`zjnZ6-0zx14|j$i+`KYwc-h#JCi%+F+w&mbfdYd&tQPZj zwPLzCQOs2xTyo_s(#A2?w*MA=_|2MUW3rBztF|3ho^i+TvW)8xhLH%dd!TxilY4c$ z`&{_jy80rOA?ocA?UBuqSR8hqo{`o%Q65pWrqO;pLvj6tE>6WkR;0m#t>I)Mv#6dg z=VD1yHY*-Wyl9*kDd`D;g+V9{nQ)VFit@}!Vl?#55w{YYX| z!3YnBeGHIt$b_4F>=Nj-40r=wrj zb+O;xhZtOF!*mB<uR0)$rWRlI zUdynH8C4rF1PhffMuE)28+6~9{JuR~Q&wga=jiT2MaRp$NL2s!^BKvb5s#%9_ItO= zfaFf^wyGB4s1gQJL)z;3-(IJ-?_CPLeMT48hKDCQybd=g8qiJJi}DXM{(LqGe-zm* zdG6SQ(-KeKB&z57mz~9_M)@p+)xRBjNWP^6GbQv-x%`~7>JyC$Uu}wEC#N?C4)v95 zICSk$ZLjVdfY#OXw&U+LRMvG<&!=lk6(z|l{Wwv)0Rda{eE#ei=PiRbHs*6@8q$|=+SeL8lkRJ7}+wT z7_3k?V@Z~0+ulz!x06e5-)dPHjm$Fh1__(k@6}!7?;jVsV9rJ<*-{bV?j!F?U%FKj z!x#Hk1~(kk_4*>fx>i$QS>|mF=Jdb^o#s}|BwI;!<$B11 zjdz0z`P5~1r%FkS^3BkRbEI#t`D723x}I2KGaCrToXI$lsg_i-T>@mfywF6?H#UeK z9=(~cw-?fAeADDgG7Mp8s1nI#>jt(-^^@gkQuigDPdn~oxP*=ryC!refoQ#O3!^Qi z2zpalA3^KF*Z8IdtKs&9=f{qEDCb2+uDm9$h2l@+vWwkCT~wMx!JR}kihSSqL>u)C zR1!^gM^_Bv&i#>jn{E)vA@3$K^Kx9DqMFZo-2v-(Y-({xW%y>R@{&Wct|p>jmN}QC z+fGtJ4GclV=DuteOJh63%y)}VE5Ca1>T=vyMeDb4Gv?^4ZTpHA*N5lBREwK>)D20h z`{1*vqC%I^Ym$UotCuLeI*q%(!~Ohp=^P`2;B?sr9Og0dNs$d*Vd2Qe`Oni=t~O8bLft1 zk5?+cr`ICJ^qryp{sgc(B)k?1xgBttrk3A-#zkp)ICV+JmG{tNi9IJInJlIi+rQ^X zcMNldUK<~r`o3c?<=)b@8BInwE@LO$Xw}G+0hX=4WZa+kt#-^2VV3EueNQueT=zg# zFZ_K`MR$?#q@TCjp-OjRmv@>f5*w#~ztMk16W`+%A9B~McXJYCDj5aB$4#(ifMs|e zEbm4p&XG67GW*a?cOWc-4G;p<*=}*%ceN9=%$zCkU5UIx$6* z!&nA2(r@9{N%nK&@pUvXGkHqAFMmi*=ZCIUQDe;aqrwd&iVnDe5d*=g(}rkWPn}=V zheTqPM|CiAIb(h5hWOqcE36du<_6w>GCMY-A~qg9g8g1Iqn^x9*d=r!P}U{n@XSS< zXmfPJn6iC`(wz4Y4~c@ia2&`r?>_Wj&T3z>Wci$4o*5gvUQuUNWOZ}%T=BXB9wwgD zhJsINK;~WOwd^Ia2v$e>C-zm{8E>N>m8O}CUXjXXX@>S{1d!CW^aKnxalkndt0i@I zx=1P(gf|^GJ}YG>mB1>xpZDmS?f35vQ`+w~ATy^ZveQ=rMhGJfV=C>WjBSSuhzeT! zEXGU+G@KMYVf(;pu9n@GG(}y*e&ib8Z|b2saee;LPl+LmJ1K(ZbTSyD=B5!?{=9Zy zvYAu#3KWz=sWmzfcyr4Cu-R0XXGtK!<2m$_l(Rf7!y88o5UdHNn%+1OgdD&sB@NsE0-`s(lcq-E1p z$uFFGW$jT;r{h@J*;sr=oQ{7z(RlmeqOdQo2Sui#TN5U-Xk$ z-f+UHvpa8SY5B4>Di=21+o#ka(X&<0S}H_IySqCr_0@Ahk^BJg^Zt``d4L8v#Ba~3 zyPTL8vwjZ5CjH7Bz0DjI$cIe#%A9NU6W^dm*VLDRX{(kiq9ZIKr2KNN?FHVw($|jO zENZMv#~CO0hKlqFc?aYQ%XEnL1mHhIL1Bsv<7a^&R)Q6BRO2mqrrLeUM7mZkKo8Zz z%_2pxg<~jYGeQ{&G&TdqgH-OUUl}x6iz4{UWj5@;HpDY$K9`Ok;DHOF9wDlzklyDN`sv<^bn)TCnTziTd*=kq)@R)jC4ZC zrz@i!Rs__Vk!#qH?|Y)(rq!o2s?+8EIcYidB}u_s4t?=UV%U54$?y)+jfrrq%V_Q+ zz3vl8D?Nil30KFkpdQn)`w79iF9|yg$g^;U`3rDJ zSOX8aD7?Ss`dd&tZt+P@O>*5QifLt905f)$l(W(sQbz~sIra@uN9Z|PwD?fmv=?Dl z5uKOpo6V}!SR4#W>DF#wgwd*1Y8{Khv5To6kQi?hjORJES7-(yDEfXbnotcM>p%Y+ zc03);1X06o2aQ>1s?&rr=gqqFvZu7aeJ3wQB@6&bS%#v#|oS!TS2+-{H5xGQDxbjF^k(V5~_J zG0oi@G7tFF9F0PM1Mcilf@)?tVqI#)lr5^nx5I}h}-=)TyU@~dS`cM zk9O4EGWb7A!SGOgQm{Dt%H?G89N#yr7){V`|~tBPzmEDNm9|9mtiGuOLF2vQ>Ori+fR z{|)p0H(37v4?O>Wz9atMa7FYhg0(bZ6T!*h6%_%{EP8qWV&$KR+T4?9-4w{z4<{h$AQn4-MCIZc(qIn~pH41WjhiTMRMIiZ>N3F#ly7}RD^njr`a$6& za%oBgP>4#v#FDq)r+s_ND%rsydgX67QbaTXubzuYeQ->Ixdr8?Gjtwn{PqUiNfY({@@oz~a-z463mZqi($h2!zQ*>d=`K*;t0mK>0w>wyJ3C=B?cv zS}*>>wXyGa(TT!2Il@x5?ZF;@hy)R^3U$wBLpsX>K8G`UdExm;{{q%@xyJOGfzbAd zR!{cIXwjuWLSveu_v}#}@N`%sc$f8%%TLL#{Y~=H%%%o9gXDDQ%f*cLXD0z4!8Ivv zIb_jg+|Y3{&z!AsccSNka*p?%P!^Ed82z@KH-fInmrV#eEyJVz6}7MAUMv-u*bue9 z5Rj@0v7wx#KF7!74?`cl5{J@n%?KskkJCGTdGfr$RZh)BTx%U<^E=oGfIf9x2>>wt zUBG1eyqPNlfacDBqh86vi9gAis#f<&@|_hpH*F0b^`+IScLOW~mP+jyB zYf&pt+Ya2-gMf`OzWMBsqEH^>bB#>eQ_nTjJen%kbb69lH2IRK>6j2u7|_{YpI5Qn zJpeI0e>8Ya3`vM1@=%5G_*7(~BC5qp3VdJB7yo0#J%6O2kbT1qqHQs$ll#dt#TdTw@*`ExHawHClg<>{iqw{*gbBAySut8wo5z? zG$Z72JQ3$RPD9Kvr_3`Imu@8ok2vnqx-({Zl;%LMvuyV%Dh^23Va*qGnkACHc37cY zv#u>9+&j3r3yC*Yk7vG4N?tzB^jAvOkW7oC>-wX;X?krC{N;{4u zn0|=T4zSC`LwPSMKW`FF&~mj%RIVJpzF_9LtJ`pxoSpfcR%C30vvhEqou&pSC|UBr z)4ZL2n--=(ydBalj}9;R_q{Fz$@F14#$!Y$qeVDMc>bVuor1VX zB;Qs^BkUPI{rb?tbds_JY|=tunj*e5uJ*J+a9y$P;QIqN4i-#x&OxXuCE1(GJ9Ot7 zqjESRFK2$Q)Gp6@JIl6$D~P~V?N!tf_zF>ZZKaYF>W^a$l|fq3l76_9JD1t!0z4$|M)Ma-bYvM zR%OA9`#*WU{@_iOfxq6yn%3;TKowstgoPKO&TgKg0J#4KK!fw&)2BeMFv z-@gmDxWP%N=*GAP&AW^lUfw7lkBR>fW*=#AJFH)M5hP+C4=HDM7PI?m9w-mhM-!I? zSCv2D$Nj`&@whh4Z;QEIDXQe)aDk7F6ox$(!`T5VQCooo5sCrMU4vP;fEXBh>LDvGD)1+NROmn6ct zLj`x}2QcDgYsZ4-SZ<@X+bpY1NGw!m3^ZjG$m7vPaqS)zy(8|0?h%frGiL)3=Xba( zt)JeJXUiB7ZCHNxApp_seUez=z_DznAq#aDtK&?H`=nA!?gIrL?iu zWHKZf_S#y0l2)5)^UC{I^E=um5ecnzHVxssZYb7T%5Zjf7W)q!exNBeIIQI%|?I8hS^E-b1uOBF?6EUgpgb(ZSfd}5 z9GuOhO*bZ5*IP1gd2WdsM!?>XA$X|_FZMWfraB3q)|<@)Heeto6t0Ml1wrX01i z4zm9mCd|IQ0G-rOP#6tevHvhR<)QD2FRXuM>s=^3Y0hWdUli=fq1E{M=LY&$Ns|Zm zPe0sHm)_w58041&f?eBri{-@BdfOZBM8xcSaLE5f8%lYO&?SbqZ4$qnw#=1hGm6Y@ zGRcd4?Y5!pCyBn!idI9<*P)73Qe8(~`!YMzft)0mysLW(WZvnRXD%YOm0Fk6XX;m1 zAN>lAtmmkTJ`Wq*#zFcEarR+{ElEfgc{|PUqnOmE6w?K}-R|dh$e###Tlw)S1}e(0 z02Am@PoUX!pYoH8k~xZOZwrle8^{u<_!2_3z^KPMS$gE7c^QEelN}jKuzr8;h|iw! zU|oT4iPLVZ6BKl0XmYVPZhr74`ewm?wB;eV-#&|4Eou9_(wLq zR_UUy;b-ERqgZnyZal{FMx)mXE9QZ6bR=RD(q**sYeEmm4`wPp98U!2C# zQ#{RgU%az1sXe#LOV|nMmKSW*>xtJu1~_5KS4C^#b{La>XqVObmt{sNi5E`@g`XRV zIx~2xwA;Z!n6;DPeXB!|bK z5AE$_FzW#iN+m9eV6h#T}O;% z(QqPe(R$I;vB0?6)?`LEQP+FRV%Yw)7=PFMWp1~n3u#wyP}>001|Hdaob~3?u{Nd- zK{s~?+!-s=-f>LnboS@QNN$ePkQFUk=^anqsJ=V7D~c~-FjNiri0>@rE0jdwim5V^ zh?B4s7V6F4q*A>(Ij^1p8-3FK*5k?+e9I@6S`2rjX`4ufgp0STT`J1G{N4H~c zx4gdlmP{WN1zC%`+0N8uoE?3BuO8yp)6;H}_87$bOWR&Jw}KnqF|k2M`DC{j~CvyD%cs8m4e6Tf>r%J`WL z$Mut0*`HSe7>Y|0R?*e_?KP5Me%3ZQB3k}t$bPW8J)UGT=fcZ&w3HCqapiVPa*d+_ zw$n;3DXeeUx6rO$V>WRJ++bTJndBukt)*n`ej5F?|8ZciN&wsLCFw@HJR->(paIg} z2soRs5ICRo;SUcF@!jv;Gah89#x-VUhX)@djj z{Wo9HEQGUTCxdTii2?-HV^kjxySE)?Byr)5aKXD4=cm^dL}}SrVI)}Qf{R`oCC)Q! zVObJf>uVRXdjYinx#cl!DL=PBgbV7$^hkB#Bq)d&7T8Jqg4)-(+hogEnos)c!;;BO12py6{I5 zY9s+bJANNQdccE!AGN0dw%@OD-{IgEGveoHl=}%^|NOsm%FgcJKjtVgh&`Z2v4X*v z&z*q2cERY`pMjQ^K+XcSIuXe!X2e*_DG+7^_3I*n7*XhJKz5#( z*{Ft$)f4WF{w|9%sh!S+$8Kpv0zK`I@2>Idz6RSkg~Anb za|XulTxc8vQjL@qdR|?SL{ie-0D^h(vUg@WsGWROn)pp8#dJGFv|J=H>y6`vDw&>; zeO9D&NJ`j#dsqB)Zr$4K zH=RR$)Ore+ti&R)+Z|1zm~~@nhLG-Q>kJZ;di%JcdhGY4>n}YmbQl0t ze$F$A){rC#mYKf3WSQ}J&8&|sH;w4!(I3K))GJyn>v@N9#?{?jo?z;1bXr4d;TiLu zuF7uc?~>kc2hzMk55I&mO*zHx#9c1Fk>Kh!-dSS$n{tVBrY%*SGeCAm%+guC^x5@% ziYcF-MYoB;gR{iX_n&;%I3IaW$?1Qv_Z~n^Ze9OqP$?pc1q2j`2#83R-W3$2E2#9M zs7MEqP6&#MNE7K@4^pJ}P5^022?9zB5Tu0`S|A~WB>yMq@py{oojdn_|M_O_n{kFg zp6qAsz1Lplx5|!m|M>a92CD%C9yKT{l=0N+O&v1-dI6qw^c6tZLXG6!*XM5t%#UX5 zIMfaw>cAgDXIyI&l-y(TAkDzNbBaY3G`JyCY9;ZVpw}fgC%P0s*06JGG~npQIJvny zMz-mtr?1fLx~S_E-}9!Z7R_wg;|rRwo7L8d`vlo<<|eRbO)C}zi1S;^RQh&Iq^zBo z5i=2}XBbpiXLRROf^MRV9&`so+D^sSfmLg&pEcK~q0;uPcLmC6nr>}0f89EAReZMI ze9guJi?bPUG-|zv#TPq<&oIuUoK;3R(G*N$5f2jEou|`K93x+f72zWf_$%Sc9S~E; z-#1;xM8M_DUfT1bugmrDf_t47CgK^M%{dBC?Ts>Aldx!#*jIS{(LT02qWc`!E5U(2 z_oyT`z3+~7;=>RxW;Mk;CGv8j+!ZeFDrSIb*azC)Ksp=E?PJXwAss! zMkPTO(Z-buPGbAsX)i#DV_qT{xi5n*L*urA=?XXv`S>`p0Yt>a@!e;@asP~P>SRT@ z8JpkdH2ciZ(lJ$*s``DIC+3Rx*q8{IcVYPtQ3*%A4idZn8;huzsZi#Txog_kYM+x= zUfzvkGDhXTy^ar2NW1y+Jr7xh!*^YQuSsmJCNskj(*-ZT77<05E-siI6zI%eF&v+g zE1HS6s18he(4pj>(+S`4PT@Qu6NNCzZMp;coEJI-`7+!4)x1x^?DlhRzdn6nQ~Tl zY-3)gGRSRwd%Hd#G$jyevOc7R z^LaQ#?q`f!xS?MUb#jhLL+3ludPkTP@(Zl9@jJSV#%|ij^yW6tCA(2gC{_$G%7d&R zKNX(27~3lb%B}&#CU2!VCDBxc3IqvKQ*AsxY=?i5bhPoBQV%GQfr;&IigO_I34x;I zsLTx948HR5jS~O-3&Da}?gd%cj~CKQ^>4JTxnGX*mC}-Sv@+u2eH>Wgl<($H56_NU z$QwRxGJ|qoroLLf$K-`zx{_{eFFjAkMEZa$T$TkiZv6|(@ff+f{zKyuSFqCb81{E(F&wJr^7D3v7tq5@~u=0b{_zWwERUeEpe*bMAvlIz0RnB3q>)#pCR z+TM(7wy!=TFfCzFmw9$k>Hv*x-Ln0w(`R$v%K272HO7MlD+6ztM%O=#C=IpnEx?48 zq~=SdQR(LY%W|Q#cWfpuIQ6`K!7vcN@5CkJd_x3NHPT2eHs#Uj^m(ym7ExDAKEwOQ zSE@}kXj04Io1c}cA;+2ASVSxoPVQ0AylTLmo$=P^OM-$2P2ioPE6Y*%pmhPZm#=16 zhQk*;UgB(RH`5uG*=`QXE_`v8$hC=qx~8>NgH}0B7b)xt_P+h~2cLA*+!g)caN|w3FHIDK`-(%)dWb`96e#EEL|$-P zZoN;FG~3SgWP=_z?63KXP2p4GRuANXZ{#tu)*`&zbcbnrwA$ev;QTf=WhmC(F9_1j>11%rpCqTErOMe;f z65(8+DvMn6i3RFtnq@gGn{J>4&TnPF2E%G}9w*-$%<)Ix+;3!?XJ>FX4T(~-x>hk} zJJD6P++D%i{$UXz0JTlKc~zT}4NIi^7Ww_3 zjZ%2_is=t{J|Lc)IoPBiy*W>PG;HuTFzx5p;l;`J!-X*L3}<+gL0Ds4TH6E0CaJ-+ zJLBWIi6u_>oXl4ZpEp_a`W>`3AzeGF=g`?pZh7kCof=kJ>D`Cit7QG(sh6gxow{DR z^Axh~eIMO_jy3={^iST&Cc`YfDBIifOK!RoU9@2($M;YJ;MRe6`$W2K8p}pD>{Gt; zNtNdGv>kT{zhU}(ds7@SccTPy_ zQMhor{ATF82;%~S-0&#F(;PR$=9k_4Hm@lgWgn5a!EP9v5To2J57p6kHLJcG>zRk> zTR0D-o6IEngWq7zaO=w?JvM)!-9o%#*d+OGqT;AhwH}$Fg{zhMifAY)yXvAH( zEJY+>N;cY?71tkgEI_n6E<7?BmfEKleIYKc5XP}S%I?gNI48T0$j~HW88;EW&8%i! zZQbE^BCL?%#KP4*>`n`=IdHA@y14L!4%vs8dapHyQ4c!0?TzNqtR09<(4t-}mj4;S z;IU4J|BPR!yFEwgSE-dXim=62o5-wQu`Qdbi2U^qBCCN@gAg=(@C`@k zMd4u&OjV^5*3vE{#9K+GaL0hqwKq|h){JU3)fht&8b8-6SLI2jHE|iePOK7vqLdoB zz1Aj&-!)2tJgmAYZeq=!K?y&a&PxzQSIaZ&riB?)12=BQCFDtAfVjkr5@_ikksu-i zr^Sl(7d9`OL%H34mdc(u@5`*9l}F{fP|c6vcV#(j9Y|ZiSkBt4Dwz`41ask^3q$$I z%Q0fBUhB-ZH|!9w-D zR+D18=lX}g>lqAN*MkD4@}byw5h5Z@DC=|GL#tCaB6kLqk>?Sg<-QJ3Yo9|-|Q z0+pB%#(a;&mvof&0;w4ReD4A6`BTkz#IRxNNkM~udBPqSvs+s3zct&*2=&6ucp776 z0bk4)sH1VB1x*D1<@F~ZGpd1i7kB{rKH8iD@;z2BZ2`fLKMK27V33&xQYWfmXRVth zE$_&`zTISYl)1=wjaij;QU* zFXElv^E@tUBfcFrOn+bBVMEe9qev=oH?L)_d$G_BQF~>N&D;8{e~N+*E((Yoxnuz3 zqsReARn;Nz#2{yjQ4%*ZdlYLAWKeLnkVp6n>;(fGxi0InJ5`{kR=H)BvVy>ygJ^3=ENqto9@ zAHPMP&3`LgqW3!HGcAg-r0i-_s|6ysgb1_l`ep_J3P1{D0pa zVzptoHqBBCj?rB*+X%OBGNymdvga-7KvnhPINR`%Pwz!fy&OX~+Kq?nlqTIgJQU2` z2;#jQ*EAGm1#-P*b3SSx4b6P9?Ikg*)8X+0tLh4?p((?k)*4x9Kk}q9yCLPWoElK? zD#vr&R;sh~>NoKq#!IQ&t_%4&os|op4V{bcEd$**bSd38TtH3*poxb73~MBg%LQHC zZI&Sek_KAMP;^&b0s-h6v&#eQ0Z9TN8A_{-fiB`X(C6K58HXCXnL)`Eg=jzP5A=)K z?e#%BF$;9Iq2O|oZVf=+o88>My)JIlpe%}hNUXM`4v^bzz(G}2y(gfb(rlx96lm#@ zLTTwS0U8B*f6P;&5dVK8^Z%jDI9uyW-uXI4h)|wew1JXX8je!h!S8-#WcjC8H>Ein zJed8xR<}Brp+HZXu?_F!G$OG}y2o;CxPhny%X1!8hOR6+r#7U{26qaz>edP`+B@&` z8BQr^72)N*j(|qW7JKVuz*%=)y0F<*!rw=~d7Anj%$2+oqOf{3M?#O@qh%)Uba^TC z3hDgg3+7gtMV2A%vd(7y`)i0v<<{?-5;}=wLC&a74B0z5qFL)=eK&HR1l_w9k2Y{M z4|@6DWzg}!_o3BAr6o!YoMD?zW<5uzn_{eK18PJsj7AugHxiTKSxm9>i!r68@~)`{ zgVcGG#Y3@%dSeAnmoojKmex%1UUk@aRRu{SvJnNn-)?LH`l}h^absYTWC$IcZe&Db^Uw=l#jt>^AvGsco4RUuC+DEK?{`7q$ktav0J*|c}@K+ zA@(i78U6+NfpjaXZ%q@r=ytAPG1CK{ZeK?IjqCu^Xtlj;3U_oFJ+-)>nE4;y3pAv6 z1L8;I+4Ru2r#`?@h=41w4xXnf`c^!OWy=<}>l3~8)rHvkxJ6D~XK;AdN-$;WHVNOnWsEx|ZEEOvJz_&~?Tw!Z1ctfbQ?-Qg8?NHW zc!7we<)v{a?+g!Bgw5~a9G07unw8>8()n;}iOV~YkH*0RV9uuVx0E-io~87Rdu@PQ z(4mX-t=6At>25dL*&v-9_o|dbc3hU;kljaM5v&h15l3+b{DMc^3ALh+ujX`PBb-rT zu_;5!wkEcODg3n)T)Z5WRRw-N3fTElujK|KGQM<&wf(Mj#%A4CrmJgpA6{DBOb<6a zv^bzL;UcPd9T{8YTw{G0#+~Xr<}YxTGbyrx>pLr3@GFjTKv|KsCqBMj#VIaSucbB!j_KT6A6B9Nsgu<11GXu^h(P zZ0IzA9e$6^K+p4K6ludq#Z$~Uw}wswSw3ttMhb>T zWxTXDfhzU5BfhnG0Ts~)(tc+200*o9v)@>)+*p-TYK-7cY`LmNYE%$T3NoZY9Om3< z5Be;2_-G*8d~IfhqoBgI^Ik74a+bg1(tWMD9yRUV04_ao{IFLjkchE5X7(I;!|O)x z#1~Q9YQI!J<<_eg{SUPe2dVd#Kv*lq7;i2iuwH(svvtQ&cH~xDJRNuS5J}-`WD7>r zS)D<7)N6QWXY|QqkM{!2Md}sHd#P>Kr_xBWq=Ss4wtEh$IyHW6XW7;FuFQLboup8dKgsiZ?B>Enzw9K=d+pxXBZHOizGl+};(_+h zGCiZ9OMX@C2qv(8`)1pUkm4Mtk|4OEI8!30!zhDxF7WC_-sry0!8GLy;4Hg8t*NL8k0|>-$Z0N|5KuNLbtE27W>bx}{OEMZzRgTt} zP2`aV=+Y>sV47YMU8}?Fe$>Fkil`}+%i%n)6LRzfjg5*aJvT!u=4)nCLZ3oCt4~KI zpOgCh(DyAlyrfVBDYE=<>VyIhr!jKk;#zVC=NV5%($tm1F*y)VKPzxnPtNe@&LmDjH~I09|O?F3n``Cb96bM}JlSaGaIxNdPc%=~RkW`=MyR4+{#;R-cz71lYK@F|&X zgQMi6$ROiMl3+Qnurl5LS*gO28hW@nQRk4F$_fA7dWOmg3@*(-!7v#}TUFS;Z&kn= z5HGo{egd5#icAh_(cns6z0APJV2=@%4W~PA=Fh6|u|ZzxZ8+o7)CQyief4(s>)fT7 z3mLY}jwAV`N90lK&mmlq8^#JW-mfzUAOvJuEv zN_fA86V1AP;cig`xQlV67wTkU6`&k2Rz*$25c8I_BG;gl47P=H!)JLqGeJ2U4|zO^RjoN7iN z+KXwTr`urM@Rr`&G>&wgmWKSF4Cs?LZp(0i6?v4p(tJLpo-A{oX5FN@6){>}F8Q)SFP&LvwosjlD9V@uSpdg$Mg- zK{Q{VEpfSSlbU?MOV1umsxCCC;t!7ueRh&bM?PDwEpbdbS}6q48!2?X{!+i_EHbY6 z;QSkJSolVdp<|VqFh`~Th*Ent3uhl=gy}^gm&27@j`m8BA(#mQ3>6)~ZX{-s=f*4( z##q`azJ%K|FlDTCWieK|;aFRVQDly>JHs+ULh?hnHTUbypL&+@X;|p?Nlh}xb3{eH zAHM1!;hD~>DpH@Eol}k9N~U8l$|q+FXJP8E&EIH*PzyNPfTpzA{M{$B5@{{^5K8|h zq)ByB^K81r9xWCg4aP|8mwaJ;MF$(0RC&kFo)zJAVH|lt-nm6SmomA|f5oLbob?-B8*d%8xT44Iwj)?$25L(Wifz2S!Qk5RQr$4A*NU^vHgKW^j?;C9vcKUeOfh7- zd)sufc}E6PDuiO}N3CtO4xVbAHxDZ#rh^p{zOb}m#At45-Ui)8u`*Yb5^#>d$oQaS-mD6YP8XgdVB5=m(jZek|Tfj@`iM2r1ulfiD*e zUYPu|NHH^{-^-xFXY9_1=x-iYvAVO`2x(JYwxgSTfbR=jK%bXqOz)SgnRxF}YlkQ~ z=*Td_+F)NRqE_kXP!_{KmVN4J(0JepTWFza&y}J11sUpcqW&=)F7w%=REyDq+w%IS zZ0raJP{!xKU>kso73sRQu}`1&%FnVR`sRdPeWf3jt=he1LE!6{%;v*VvfSc02;&9I zE3nCPFK&gC(MhoN;}{5sTpD-1*V7#IP;}OWIEKwV*?Ahn~VFWRFguct&rj zT|3jMbp+rjHvaJK4{<5-jE4%Z%~@=tK8iLC52rXKIO@RDG#LH*Ju`yZO5^HxU`(86 z6}wW?oh@@l_M+?^5!$xq?+)6ILEO=7`$I#A_ub|ks~rJbcUodt-3g~m3${559Y!QQ z$NiJ;IYKYm4%aUmHY?2!i1k}l7o*4h)jj?CWh>h~*>4Z05XB9kUHv6%3T*7ik+Szn z!KnTrB=Sp*FoL7<%^6D^EXKLhv5c1^s7}Z&E@JYzx|`}{P<=fGwE%Vej78Xv47)_X z9ih7f;{7|Mks&!YcYVHGcb@s?S4p$^FUGF^0sQ~;nECxPP|5y~PhBj8x;FaP{{Xm{ z7|_GtehM{|pc>4e^e+7~9Aknhm-e5}HTRk&O)=K^tj>)C_riKk`hnd36CyLnztP*% z;7eMtSy8UW4Yx)yDiOc-4^BM#dlkt|I=O&u)UQWza2@Ynux!x%#^jaapWhq zDoEPstvvF}zp8Hb2GLVmn*ZZsI&Snz@Bj5*alK%F)DoPJ#km2CZ|%oTN?v^TE7k(o zFZpm75MpR&BD|5|01f<%Wdf}0BlvB8e?=PI=^+m}zmfj~Z~X2j{O|k`V7h@P=rwc+ z=+c5LIRD3C*5qguQW3hDg@pRx`oT&Nhz7HB!Q?{$BGCX|LUJ}! z{E^seKR=Oi$Oz!>tjMt`=XKy%?AK7ea!7bK=1-%z$JcnFZtXa70#cD`{x-ygD(#CU zX_*nWv#7kSZb|9}lVNgKiHqcU=oSL#TC=T(yz(fcM>uuI71p3!?}bthU1_DzZ<3SZ zUnpu05NKCDspy$p0MM9UA3JLJyO5arH08rwRl2*k3EX5exUiHu6$N`PW| z$y+mITo1WYggn-;b7@S42>h510sc$bJHIxv150dYX;}Z_l?-~#>)pVTMRj3ulITg1 zYlE7W3H~S@u7sh~>uL4mX$uOz;C(pOLTa*H<=D1ciaV~o6lB4bXC zzHzD~O?ozv!0 zddqGWlGcz2*+YPoEh{JoU!bxAuURNi1h;*8q4vdulnP*zIVpH^_}O|@$%ZR>h4;5> zmC5s`KEH8l0M4yZ(s3w=I-uGF!b%4U>a(*n-c~NnjJyvhDo|r&%b)~t6HH9M_*#`C z>!+tD_m)zQbHNO39TSqZf-dV>Oav^w8T``ZM_N4fHW@Ro9(W;0P8X2aMN;`BU_x$X zJEDg{hu#2Ri3+K->_lJz&1T~YaLB}!K7s+}z{945I746_c{;hu0ec$Rg_Ifg1*qPy zF7zXfVGK>3fDI7Ttdohjb;!Mra!G~b&IP*0#8$%EE+w0=l1(fXsPT472!?f5<__@- zA9Q=h(rc5?ydQMTb}wthk77~vWRtUQsJ4blLM|;Tugo?uo=g>Et1SNzEhD==wC=VXtr|3rC}E@ZnmB80o^ZO?Xq zCio`4+L92~Y0=@G|2D)Tt@3uS?$+J3 zK`^mNnaC&qCQ0IiPBQ9K%zIg2r&b?qJvtm98G@VI<( znKg{};l@378OQ(BKCA9YqSx+;^syZFAprfE#3oz48Qhi(Y+GU#HuUN9y52Ea%@0QI z5uLxGYmJQBBRns8b#3#icZTiSjccx^TFjM;6%>=Dd~Gim$o}|BJ77o|)eaCk1`t4G zIOK>3+&bRcDZ@pJQ?43*UmTLrYqjpanclGx6J*hcn|_l(S@ea>_ES0xJ#P)KWZ-XK z;e!kqjus$<|I;2+Gh6mEH4782Gkk3sJQJf9!cXmf8^l*1%MXugII(c|$=&t;#1HYN z-k=!(cDi2Ps0Cb|HSgVueo+Vkz7-JH{x4fs&Aj)V>ozRLqFUnk{otkqlPf4^^3qg_ zcmG)l{6m0lFYkXjKJmcaobc(d@vQehW~C^mj?bnM%8^xx$}p@3z%v${|8kIK2RiBD zEw&jQC>DUm{;&UXWJX^!B{XbL>(OF>&E!e&H*X*z8cM~{XPOdZ8i4awr|>WP-<996 zwWa6rSbQEir9ik2E0EFD7NRrA8QGyQ=K8-drdTBj+oLqTzjh}Oy5$?_J$sYks~>RY zJTnI$ivo0$n~o z-raVY9fT4*X)qfxu-ddj2{|3kWVQnf?74u*q{_Iy4=}de1tz-6x*p|grr5bsQW`emgkN2@1 z=-!BFfb#=)I#Ip~a#G!KR02#jP&m)7@a8&4ZQ3Ugsegg@sl~cxp^+wcSJ(co4dy^` zB8q?R6-n`_d!NF58tR#4ADt`_o8hS0Iq+Vp@){KHOKt_OLfah_9n#PZXaq$#1{{y&LPiaB|Z5{g2h5k=HFY*$=1d-X%28V8>kM z$Lw9&`EMR*Vtcc@G69<}8V>&P_EnkI?YVa75cNHMVrx6}e7yexuf#6sUF5We`wA#t zkjyJDS58&Vg`)3&xUduU$Jnof^E3dna5y9S`P z9x=LOjwbF#$4{|9MZ)_jmQpaFPBz{+-Bb|=i7r!|!r(NjMw2;O%Jn<2^Q3$1Ke%&M z)x6=!J4_q3?r||32tEV;YRqBRo!=CF5zyfC&x!BgN%dK#A()ElVPp zjBbT;;HEMuEAZVi2>RO!7zUjK-V*-`m*RQ?R3<#G-u72xCRdfRHC>Uov~N#n{r!og zSjrPIxHsRP(EHmHP>N$)dA;2MNx?8!a3Ubl?|Why_UAoWWI<8Ps8~ws)^5g0%@57o zyWQ#y7!(1#lw9TA91~!_zgu}_{;uPIHDLAeNAipPk9EzrOs)iW!sz@DKg{F@3;g$W z|6R=NKUhV*Rz_LA_8U@{u{{jj!(P}j%s6u&Z7t?Mn}jNaE8&3qO_N24z764JFuxI# z8G>XiWM3#Hq4zHw$-X$Lpr`;`bG{bWT0`Cnlp()i&xHuR_!=Ywc?ToS;uoV(;{d2C zfs|fOgGK_aPfI0ag;a=Qk9Si0fvu1eA}$56GlR#Qf3`->-- z@0>giBs;4i7Ba__p{(jw#;;_X5^5Pa$3h(ScxA+OU1+K(tt`G}dHrDfwqjwp=N>U! zPudK3!ZcT?Dy>aCa3$;Qp<6kW{GfV?^IB$uomfgD(g3xoFoG$IS0po{Cn_jNDxDHl zd=Dn#htP#+xxVf9lYA(97^HMr1D6N(}#F;UVtK>_CN+Z2~S-X$*tGd9t+ z)$H4pFs1n>Lt&!m*l~?FFM*6EWVi~(!j&hn^RAxbMnZ0{)j5>0P6*11GxSBjQ^+-M ziiWZpE%r|WwDTEYP0d_p_obwau|2u9oTjYB9n@m%>&g@9pCE(mlt3xue(Y%~gHCSn zcBl%vjyM7~7ljPhKge)vO6ZSLi`-8YKWQKGo5cIB+0Dx$v5GN+%Fb&OdezGaw|3sn2@TBZa2e647R~yR0 z%a%vvwg*`=a=PQ*x^H6OwgwG4hEy?5wQ#TpRZOR2c;`|s!g<&qMxaEhz3pJwd}m}z ztsi~qMxk%biTv4hXe~s+26>lIO|bIqs_A`DLEuIAJEfUBsW<4@Zd(l-N}-0npo}L_ zb`6FDz2I6%xQ(5q92m3t7M*%hY9Usy&}1Z;QACYyBsI$#2`$$v8I;KAsI+!KW}&-b zn2==!Z3H{kSjW?$WChR!l%?$s-$W>YK%!rbSWtkG|27C0ILHuVw^VEKM8rc)mw({O zS)Mc-2YKI8m3>KueCY5!206il{M|@UN;SoEmVK<;lvz$GwCc!cAuS|k3La;QB9J!yv4`(Nq>P>pr?w{9Q30mGX zJ4RJtOxV57?B;?|LpNYn90T~>|HDL=Raq2T&fp3cwaT-LVd}U^IjJ`h>vEb+k2X@8 z-9J}~$I+gB!Sz_@{yjdr&k^g9ITHEDtFnhf174Lo^RPZNX#I5MgzG&-W>Z-t`U8qB zG`c_EP25LoR1Z(;?5SRx=)w-+(kGb)dTIUE(O~&hyidjAg4%~*6l$nguu>A;u&e-n z($-h4Y@}3XQyR{K{@5U$!t&G+5x!ucK)d)R?Hy#dL!W?09iQ1-Xi$SB`&xo5)^ zF0p?3BB$J0>SG@7_i-blXqEfqCh1NZAQC#8Ph=c!vU>RP{d3M%?*cBGh|CJ2+-;ex zhYU5=94Z{HsXTc$$HuR4C3O;`1|mhokH7e+(=CoNOQC=IWKi)S!rz-={gkGsKehMs zjEAHQwDzrpTt~>&Ltd>7?_}zwS;x-MBxrKawRoR5__nA6OMfh?5?|=cmY|)$tL^vh z#O7XTvhtZdN9RJ`F(yqYF}lBX|6(EeaC4PR3h7lV$ox_vo(*I?B-!11!g?iPd;Aq^ zWAK}B)p+{wX^;2drxhrK$tX18-Bs=Ll0C_8<;UrRQL9FXspsdt=XjqbO;*Qs?v-&h zeO0CC>T|Rwx6gGh13QfgClWtncQ3Tf8~fvM`{}ZB1vBEUMehJ957v{OpH=otmZL-M zni94~vi(dnIImRc60BX$=r$Bfod3v4kfymZ`QaSCtnY(B^-lyOh@aL6LTVN36WVe; z{T>b#ceiqi%~;uNQSLe#3dpIAJ86!(neXK^9Kn<`&^W@eSP2LktM`CdL_In3YU^bK z)0L0l5ohp*awtZ7*jPz%D2>iDTHDd4;6(E9excBnq;aQJYq{yeV;(MNIGc-)0DVth z>x{kI6%43w;jwMDmA4A93TMG9kY*z{`0$7lrMxttTz~p?tS-Dx^L9Qi2Qfxt{Z{k-uG`I!cAHo zdj=)jbw5p>=+tAYyO;gxnNj(mbF2GI|8FT3VaYZIm@ZjE`!_FB(DiDka(PmsY#S_6 z_RbS3%a8F0I5_Vlz37js3itB6-RdS)Ao32)4bTH1AV0~uWKor);Pv*ymqnhbuP>;u z#`Wh?#Y=R2Bw}n_hf~~v?9+IQgkvn|?qRqE=fHEW$4zu{zBge7vXi-yc8+!7DOMel z=a$pP<~IkAqy2CnyrsUg#>Yy}g}V4xBS}Fo&g2%=uQ{L7)uUM)PVd8?9E|%lL)bS3 zGKFe_TS>&T+2DD6;vrr!xQBi%~R;HG_K{RU`s?O@Z4enf!)b zJv_2Z+s|AwFjG(Dv%Hgr?y?kNR^2DhjWqLznhYw%6xtW~A*QgS*8y|}osuK7N7u|y zNhoobn71q0I(l|*UXIvj&1!OYPos5_(iH{uBN!{5=~vLfNARXy?r3zXl?GS@q;cuu z^?%|N@{lS%k*SXL2~ei9I3{DMLqF1T?fzsl8B!sROl|U6kGzZ>g)i2OrsB3&1fM>h z^(s#Dv`k})xTS=a!w&ZtaJ{-?mnw_06JpX&k{X1|0y^I~ITexOSyk^AuFg4Lvn-_^ zGz4fp;M(<^zww10HE&zXgciM5i+5&=V=y8`FPD06jiKg^S)E%6EXZq&8tj@5rlXk} zW4TW(o(QcIPY!aZzZ^D%6}-dTI>!{HO_5{yPgT}?pJqP3YKwfkqUA1mPJg7*ILTU+ zU+zP0;`(ZLi&W1IggS+SB9A}RH%9i>6CS1Mh>O8W_dh8rC4#VGvJv z^NzxuBhAuWGV2yfLM)Zs{?5rt%n}+@A!Woh3}mM18PoX}gqnMNOUDooz0Ew-7OSBo zQPZ-sX2$Ktn(P4`r z{ZTt!aJEO;^0Weom|wH)R5M=T{?!AyJorGuAQT^0I8u3RA)eJd9SfO9mfFr7ag^eE zl`^Onqq47jWmwF}5+d;`k?H!!N_z){hXVlTi~ZJd1)(}I7n0k1o!(=>P)6FLvUq$v zlpjmu4P%HapjMn zmG)c-cRjcVl(k@ln*tSG{{h2K0S1lRd%BO;UG5#b@4a>bRw#VQ1@Fz^@m4dv+wZ~J z^kst7n|KyRvQ3_~;9LDfX~s(rHvz+J_RW*x!x!m0nFcof^6JHm+|2o-#fD~O-K+KN z5HBA~w{ALN*H$r+k;d!ZZCG>X!$&{nD942#Nq(1__0%!sYdR~a#zZQ$64wKc9Z8<; z9t5(yIdNtIw{t+ma%HX8f_zMw-FXgrF}?MQl+?u zMN9=`-51;?Pm5aS259@YMb)4;c^k9@`JyJF(G<4KtUgagyvG#P{eg9?Ax&AE5t}vQ zxmoj?WpOBU!4=;Vg+yv0BHz>S^AsDm``Xs7-!&i*q{5y)@)^sGq@?bT$yFl0IQJNR zn7mqmZLbhAEa#9!)gY0TP@8)5?CDm4(6%lm@OeCGFa%4>$#2HX`@KTWVTQbpr(0$GsN|Y;Xiddi{!VE6W(bB7SJBG+@9X}%m`0)h z1FT|}yo*3Ly5cEVgYJ_MH;UB&k`bo(kd47Et^k+}eA;IyHonXeVK~L+2TfG%P~3XH z_pP#&UqS3Z1vM3D;!>3i05kx`*VH=2El#FmK~a7MxtLK9h=5~XC)sy@5AUQ{?=Giz zUryMf9JcM<{4PiaGy*fdjn_>3jvr0;1D?gfpI+vc5unQH0mW$j{OwI!ro^gnYmG;dCfU4>rk=tM0#5eyh!(8h6bX;<8~4MPIj_%HW(tpf z1_!E~0vz^3tv`_xH_^2j8U}l%7C#RpciNh}Oz}RoSyu9TxMC+y-;}^VU-ujxib>Ad zF#;mGAeW?{sX%ii%gWb^%l5=43HpL;KgaahzrfyL=r;3@ZJ;?z#N1+?_qNUpA*%$6X3$$eFV zuW4+bv3YmUmBdq#MG$=IBTSYJ^ErmIezy%diQ*vCT_@Jbr$w+wFkNBW&!o6wu_AH& zT+NOGy0Y)SlDTPfu^>2W>;=lFvg;nwoZ7KwBsCXb2LfH4{E0+?XOb^&Jyw}JRmdc9 zmfEVI)`7u3TIE2XJImt}af|*U{>az*M%Ik3WeH3p&oP%oRKy~dTPrdzd`L!zHofF2 zn=-~J;?Mg&v6!s0PK&d1a>+b!q!n}{uX8>Sve8k8zCtKYgSz-Lol_pHbuqk^no^^H zCGPx%2>Wv~QF<$ClU{&-W$^sgVQdwYBp81D!Ps5vE0b~n_N70Z02_XW)1(U4KYO=J zCsrufQHNmbAWz$VMmvH#wf=~o>dgeea*YMbp(JuVzQQ*s^^eC!b$ z+wZC%M8CCC2}`pI2|e3ke^V*0lB0Y>FkUfz6$GHS5 z5|lnPvo&96S{8U#Gk7ZO3B6OvlF@T+X(K4-=b_Nal9OH^_6YNf79Y#L(v*_m0mC$j zc9lfv$MZmi3`{(g6rakj&rDS~jFfnn8<~D$OfhF=K>C6#COz6AOj&Ui^3Uwoy=y+{9zOvb#LhjS3*S#5pc$d0F$!Kau`!nw z$M@`LPGKQ`omy6sa;QX9%j*`UPWXQLmQ(7SpR;uqTPs=}PnMRBcP=#Z4~nreXRV%l zT?NLhgdolzUx+VN&cu3~sVAp~Le!*WnNs&dFWS=X%0_%EHN){Fw=g{$#9gG zP$3|k)-v_5|Jt+rN&bgH3lwaZOc8*`e^R*?sU|L&OkQ(9T^Hc!P;=P5iDbPpWHbD( zNcFrC^!VrJomsY!x!(#U&TA;?DfMaTI2iD6i4P{D^ElF~gsdI2(YY3*u~oaPb7x6@ zvgDmp39@f{{Y0L;_;A7DA&sVlCNa9N8C8cqP*V2(F;pX>Clp_tK$?`4Y^_Ni4{N+e zr()*0O97qsor_^IiCxL(AnF=^`Ff+4gy#f*U3A_1v)U&Su_Ler9W&>yAoE23%=p&eqFf0SNHkp`t_WXLNg^CcwCDi2+$%3W_ugF z-!N^~$>iY9Ot({(1^1@iZ>?nXv}d9^^~wdFmUzTA0H<>qV?^{+4gU2qbRC3WGPmLi zkJqQW6CE9^bL+Xk4}*O4fIRC{o+KOAXRN|dbFqD|a%y^{(wCQDC3YwGy+C*2n%G_C zCpX5ek`55KowOL@TijdbKhAl+g&eMsq=~6<`7$Gi(M)ScFR1Z#SfC|k1{kpi051-G zY~j&SN=f=ZnLBec!Bnxihd)pt^B(in*C*NTZo6xkXLBW#E&*z=vT8}7`PwD@crNga zwfy7GL*_2_U_3xB9Q(uteoBD}9^5x4KaZ&*PtK_Z&TxJX6nCxdD}LVD?#9K@ zzL+YI7xC-m3#GBKm{&O<|20~Hy^oq-<^ET@ZGiqN2hzFBg%VT#(MY|O*=qX9CI9g+ zr?SOZduP4L9JZ$G=*2w(Tt)^4^rj9KUw4cvArz0WLiq-J${9FIrFa1u5T|`u?8W5V z!#zT@HZ+d&v$D{56@J%|OI35;Be71tKu$ZN1LtbyDNS52Rd~YG^KOG^P7uzrtiLCa zGCJ5D7IuT+==@g*n1FCBe+f@|(tF6+GnZfXE;zMrFc zD@wm8{dz{DS~6eS@zwxcOQKZk6mzBIa*vGSu(9V?_p57WCv&ToKN8L447c5KRui*f z+f%73a#6_QeAd;+A1GY~{>d5e@xC3;_3TQYfctH)*VkRElY~tViaV&XW%N9-t+##@ z33EF7WKQit!V#M46HRwoJmfna^BruG`E+|)BTWkid|M{EJa~Q^Yc$9!Gh-!Yv4+l9 zTGv`mVzUuCz3=$S2!QS(v~;r}rl+!^(lmfz@;A^An}*{2MB8%%z4 zDxCaxT*zy*<^i`SCDjKlq{5EBQaQ$-+$ZEl5{1qfz{WDHG*AyX%K7?&P2@GsF$8RZzudhvywg405v5D$hb4b{s#>#|wdpi47Nou{wZYu1 zZF|zLKgzg$DuxARHfosRj+H7*su@*|!(?I3=5sH{jgaQlupdWKGuvmPcFg8g48%u5TDxr{m6FKXV`8Uaw#rtG$d_rqe+S;_#jB6nV;fi^V|I#k8fDQ zZr(}&@_QA0jS(OKyt#|*1+A9UF9F9;=Fd_!t{0|nG&=-5rS%#Lr2mZy?78qKmvzSo zokZWsZhaDDWxEjptdZ~KzbFLcJpy)r=jebG2ykt|l&I>9zlbO0hlGNYv9i-rpbG;3 zJO=nTNDy7;H1i-M$Uftr>8L>yKH|nn9a+kL+uLv6pZ9KE*%MISrwk;SE;IjyJ7IbR zU{;tAPfmaTwP|m&<(JG2ET92RGLXVrZMg5xsuX{nKq*oXaM}yXiy<8W+H(}r{YCfa z6D-t>)PBm_&iK43K*H8O{FakSQBOlkx7hy3>jqN7En1QOaRuM9WP$t%P6VG!`p?PV zow-|xmA>+CNi2ZlriI4jocYrTH~&0>(ia%hZ}^QMJxel>_ggBn;&@|}24o~a|f^Zj_^$4O58FB72Vuc2l|-QpZ<%)VeEw|UBc{^ zA8Z#GxDtQ;;24at0cc@NNja|7cz&kf*e@5|v0|l$E3u06mlJ5Wv!w6c`E!NKR(<;r zFy#|}pYpR14C2~>UP`hz@G)X(IQh*x^(WkZeuk2L1-Oakzk5S?SBT%5fMrheh(pf%ZPT+??_YNSEZUnYsBccUZf7ar!W->R`R?KW4}AHO_E$xCM0pY{~I1 zb{j|}7cKFGmjb6>Ei;V9sxuT&HzK~K3HAO!>^yWS1+%odHz3j$xK88z)D6&F=lIQg zg+T5#1Gg_q!IucKx-)VgRMF+d4B9TKj2T`8rq}%6SN(SZ|H~HtSI^b|8Zq+^0xrP8 zpWsP`>uJ`xl1cSO1NyNL!dG==i&g>{!WQ?j;B&PSZ7s%AmDFJg-MAOLMM&iE)!P|B zZkamQ6G`ce{@bK<8(t68+741{*fG@r1ZqPKD*)G5K7q@E8W#yEIL`W7+$#vz0t-;r zB28XKxXRbnAn{`n>qR~UVC-#-ezuWeX$!o=z?Y{1!dKo13=h1nDsH6+tHU25m#P&6TSv9N?}S! zB%-g@e)0UX!H0Oiz8P;3(>OXjcI8#OWWnX?L$&)7kO~vJH9A)VY2JS zd%biE0C|080|2Z=N96$gwQ%LeF&oWjmLX{(ThjJZQliBG@>wO4FwD1>Y>_$`qK7K$ z^fw}e@?~LbG&pBCEwp*&TT*y?qIuF5WNxpC-8R>JKSGDQp)pV^cQ05R1oCYAp-2J- zS%9(MtKo&zG}iC)x-ccJ6XgTz!xj4th zyH4DFsI7nYql9Zh3IVqguK5t?b&cp(~Bt4u1CVlgwoD@#VBuRLHr zu%Ab4-llNLFQq2W!L4$v6Pb1Cbp}MIGj_(qeIzA<5&W4TqqdW*>wG4`M=H9+%seY& zD%6AEOYWsL9Q=*vnVG+xy&T!#b1EMt+GZf2H< zG5mqjsn0Y0KAROL4J%*X6o+{!)Gvw?6_*NBgE2l}HxX@I&y4K$SG%#c&7|;jCGt$2 zZiDn7|9&-J+>W~Ca;)M*2LOYg{)u6e>Mtq3lqto%i|)KHB(5cz{af^x{rgI-@3%PB zat+^^H!@wch>?6Hc>A=9aY1?Ez!Hy0Cm3>L1@&^k+f37kU*mw*ewO^H(9RY%P3+`( zS=$wvao>daW0lIh{9P5|t%L}rY@DL(Z0dbpWu~>Qg{mvz@s|BnVX-$A59Q07SDK$z zcI zvjD%3ZF0hGN?y!}E%7iw$iZlV~ zgrEj8BuJDNAV4$-5dvgFNeCgy|B22x&Wz5x)?N4B_kQ^01FXP#o^$ruw( zNBfWLJ=m2cR`(`0{g=wjl>ABuX=VsjD|Ooa;2^~u%F6!*xp}VrMcmQvw^z(hx7^@C zS5(?9f9mXJltDhL$jge)< zJ+Sa)hxD6}QYYrlhHwm^o{q1ker_LOcx_lu6nF-VlmboXXU=Xu{qMO zJv%*LLq9c*Fau)tnjR>wv+69j8)Lk`5=!&+(=IXB`MGN4sD`CO9jKz(Rp~-GXF;-J zitXQ0xG3+3sx**~>4WQ+4c>OK+=?UgZdu*x{VSls!GsZ_&w83&p;jZaYI$%WwO zvK7)>UE1lM=^5VgSax-Zl%Relu_3>O0rJGzwqmvl1#ieH5P}f(g*HsmPv~pXJ*y$&9|fm z^Tl25BG9oRls*`(34^KPU+NTPu=q06MNs%K7p}&PM6i3k9OvV|uHdE?$0vZdl45@A zhSrv`BU#|kcTQ)_5a&+bTae0r=hCXLgl`jDfB8Zx zTy+^rbF;Qis8G9m&SBy_)y&Kt;NO%sw}<}W)zAa78s})b<>W?dwe2o-k@dc*Sgwlv zT1VWpRI}hiiJjreh^cu4{nY!=rs&1^@p)IIFI|X3wOLHyC_b>5KHA8*9L60<*{e5u z^9FObRDh380`suQ0>oEIsGW=a{16?G18C(xR+)Lzwntzn(J;( zSgLAJdwJ@OQ|(@~oi^2U-c@vUOg*Aext~3-_WlUXeK%FDPBg};gU4l?s2c~!XPEn& zIf~O8Lt6A`=sMnIgZ4>wqSSW6mNrXjXLrq%G|XZ+GVA!Ho;z7j{z-r&{po_XHFgF& z=UP7aeC~e0P{uoj(xE_3Xq8WunHMGrJ$G}sI&81xqLxn1w>ElV`aWz-F3h1&HULXp z+~Kz#QB_vuqsnrxvJJ5_LZT&n0g2WRZ#3wKC`#si@b>WkknT)^M^LjgwiE2^zpK;kRYXd z7mL&P5M0rhNz(w0gi!evNy_4k8qpq3z1a@3=@U5Zs_)3n;j;XkL0#Wd=pPb1nm36= z43hDHu_ki+Dj?E403$6<*=moYlN8&@m@$ljskXfK0aC{5dUQIE?T*Oui!02@p!+lGNf%Xm_a z?oAM%AN|~GBQI&$H7ZaW%iNMr;$UYv23Etk?&Vj5utK7~=Ikq5l;ewDPVJbXy#o!T z_Y4&>`uqO7!(88q*_3g8g5$?(!US(@7Q?E?ws2LZs`_EhEk89i# zRciz%KPI@SzZ^BZ&_5G?`0%L3xYRj%YJeDFZ27yI*+Ef;(ef`2u_a!wm$2u}R?@TS z^Du^7R`XO*29?zl59Z=t5pIhN?hQr_>Mb(xuQ|?@1vy(f^W!VL}7aug%$kb3NBPu&e^$^zH zZ-YFEXxsH0lxqv7ngy^D59Z~lxTa#al~W$g2Ud3ZQ}K^xET~%asy5ea!(z-ZtXq;I zRkM6-!0Sikt9$;ZlE)G>(9b}{HL8&+n{HjCd!+6}hP1NLO@mji*JO94 z%wJR>sVL9S4d0uyw4Q~RxD~fAr_mi>t%xy-OJ>>w2{0Qy)Y&}ZSKS%FF{vk?_{=Gn zzx z;$p{KlEZM4S_vkJ*W`4~{G7yz9p@CfcKGcri|&xskGG3q<@U~KmOp<_ZJC@dit(3D zW%=m_;HkWZSmPJ%fm2V@KLmt&Cp5T!N7yP&oNYYnu949e>F=OaIeYjB(bNm+DTrlX zxD@5eFUM=nH58IuzaaOirZzhbzkhj#Uu z8neMO;Kp=NhbXCn6u*cjV3Al5pjc377&eeCv&&UvG8O13#7x;XSC)ay;PSWhz$l*++yGe9ooL+}q zWUd#R*b}Fb6nn2EmTM?O9xuYPQfWh9KXyFxDvD$`HREHatbaQGY{5VBVnJ7dxfOPf zeDg*kHog%i7%dqVYYN;VTRxmm8l`X=>moo1j=t`FFI34q#F;yQ7^ckbmTFMOseQw9 z24rxcwk+SsI4u`BRlI1IWdpvps2JKpC+KbkR&{C9t^$bK_ zvrV#M^)Y8wtvcXY6S*QWs817m)DHF-YsAbcX1V`lrZfs$=<|Z%wyAnsET9 zqtK(;4H>2C@d!>AQU2zV&$1a5CDgUUOnru7SRIzU)hPUYBqDb8g2XpgvF0hHy+ovR zkc1kIa0&U!GXEGbU#;NWq63|qZW|oi8adCw`L@kj2^G(;x(;t^lI6O3z5AqP-?;r< z*-`gCDq`>6ys0(gm8i#5y;&}2Vwz?Ir;p^R@s8ul{8b6`493vDHPWh+q~|p9Ic@lcUG;2!In-M8cTW6$&_CTYr7_M&t$( z5T9N_V{nZ?DdZ_JQtZDBDgg#%8Sk_WAsTx7yEcbBPE_Qzz|4}*l6Ilwt&L={qT%!qn z5J|UhkVw-a7J1(ddD%fB6>;S6?C}TP0Rq*)2)g_-R#gV(f5@&-yly+;Oxo97+5OY< zq8^2ANM9IdVWytvik)ejdjt8#?9e_el5{S$xXl~)$Dos+eD}A90!2N1)a~3&siAS> zK+FOz^cVr3^ZLm;2kj;n+X8kIfZ8dsH=kVpzx11AJyZ^;rgGx{GCEV#LzXZs^QS2d zyyCH;fZDO9L%r^QK0NRhznu_>|B1i^5N^Qm7x?IHep+XOp(xZS+Db7XXpZ%x*n-914^HMPU53eYpj5kd-Oh8o=OGAE& zOw^>R2t>cs*GO zfR8W$P3yOIz^_3KbC6w~JU`EZ8gbuKn+=zzR-_`eOjdWaF<}d1m$IDa>&+@l?9mQ2 z)3Z*+k!hR#Ld{PkLk}FWAv?ylhsj-4Jfi<3R*=)&Y_la>OvL|-sPdJxZOrG&`*XLa zZPeV0T~ycwKRA9`FsF{3PK4~Hd5SBY4IhxELqv_0_2vECnKBIyL3J}zY)!eY;l2o6 zeVeVpu#-fpe@(%Bcn@tJV%g?SzSJcewZRm|wKUEdlO@+TSGunWDj*ZFlCk(n$TZ5ecd|L$%-VI^InQk#pH zZjLi5aPKzb#J%A#n(}YY3*zDOa(LfhW*=<<|;_?%#@q5)5n8SS(+&+W9X2pz+)uviE9xi9+Pdb za5%+2NUv)-e8F9QFdH)!-V0gO9qKcbUGD69$I*4xtLyQtl<^xJWZo(t^MUo%s0xN1 z`Q2^PYP(3x>m&Cg9Q$~B?D6r?`bublo--7Fk%rrzrZROeF+HRvM2e&{Q9R4E4Ws2} z;g-YMwR_LOgPFTYi^`P?+80t08j>m_NZiC(e{XRD*l-8WotnqoLPX-}(g`DdI{cToaGj}4Q?Z|GJdoeO!- zoC<@pQJMAG^~A>@T$5`k!vnRD3a`ACRlr~LFU!AE->H1WV^71`=5#>|*}_4geZ0!g z`PKUvf4;c;Si?a7irAGT>lfWSb^(pR-iI}WV`iC+DNvuudOV|yXd_)!m;Io**TfPI z1})B&&4+&AC(yAFmtLA%+Qn}DC>oB`s2Yq9bXwYj;_FvEqkuVOHg)ypY+KWN$iOWl z7JgijVS`V~)fedw{l91)G*JyLgw#exFR#0m^{#N2+{XM-i^{sr@uG(S5={@-MHk3s zr=p2`1BaYP3RACSs*|s5V~ddx@YQOPS9hI}7s~?NGg1PJJ*bt8(_?&nR!eaO#2`mv z5#4Q?J77=C=+J=Don<#W_8IxmU06xiIXBIi;WAJdi3^9Qm2=rvvjn@<=M_9B4xb1$ zvqX*{Vwvi8Q?D1x8Iuz*_U`Q!+gpnvu-eSOtFd=9)6u1vunq^O8?dE)@?Ou9(?-=i z^JF)eVVu#wVPFEMfc0>|%iYmEEvja>FO|eC@qk}LhoC^~`t(~eE;HG&ct z7r4~x0~^M`!Is!Yz}<|?gOp6~rn=eL%V_~5o$q?Cmm$wxW<$8XZ>a&N{EX8^SctR9 z8Pnd?QeJ`QV7oobzD(C z&2iRM`{4OzC#z{khISBGAId#MckbG7)N}&b@9D_!BrisUg&Mu8g?)%zUH|AMpyW57(%aDHx@! zOm$q+Us46Zn(Jnk8?|TQ=)vG4iRwEQG_`w$rZ1j#=cZ~((FS<*`C>srMf!(mMO*|`B5xg zn%nH@#hT z%pR;zowiK7fVqW$_|?XO9gd{p?2JviPdF6HwLJ6fdv{Il!Zm?}d$m1Q_C9*;-TrBb z_u!~ZEpolgp^yc3X zE~{T2LGF`r)#=h(bs$wmZu?HZL0cI_K_KYU+CMnfsndTA#FdOUrg8()&Rb@q((i3& zz|j$VFH{V2wsHqXxMyO>BRp%$$u!apU-49eq(iExhf6o98*pt;rYAJ?C&fYt3aK&? zPwQu*R2laNYfGvw4;#}Nk9z~&g%J~uPBLX@lLo+6y6W(|AGHJsv6q{-7}w+57qs4WKaQ{D^DSdK7bPi@ol zcIEs%O)E_??4gSlgEe{w3VBCKz7F(}IL&uqESJkFKF~?VVJBh;qn)U^=+ffD9k|XM zW*r!{5GlHqUF(19AN~^wutunS^G!xdjpz<)oMw_v9=4BmV^n9hAS680NSgR4n(T@6 z=K2RcIBCLjji9fM5slU8>b)R0HO)s~Hj>}gORcI5cdFoU29$hn9Go316!pl^*q8GD z2_eA$+RqPoi!6HJ!nDeM01E6(ZKNtKxBTU-Q>bgs@SAg4o>H!Ho|NjvJ&SPKty;u+ zt+L?G+SnyZ((-8hV#`3+=wf7tD-d7I^pm?JP0K>f#j6As;16J zOX75Qci6jTn-=zgF#ZdJ@;zcwL3p!W+2byDH4`b;>ZcqgQlxcSQvD5j2uq1;)#X;V z$=(gKe&8yVQIjX0B<&Jvkm_1aDK(gOWi)EKZ`TWI)-!e6fD;!}q%M9a(^rBmsr!w~ zE6+exB_Hc)FK$**yYv2uQ#|xXdB~zvV}JEr6qjwSv2ixK>T*^Nz1bCtEihT zUuosj*gcVR_RT0NYnA!rK&}79e;}mZtIT3uTmIe4E8!-*L_uyi2Xf1=^ZUtuQ*L9k zjdd(xaVpRe3f?OBB9?ckF`rtqh0YkMZkui~cyKI88j7>d?&+tDwyCQc!Ne$ZNI z>9K>mOhk|KJoCZy`vKs6#cA+yCM41<=g>ykMfE1xXuCvkxF-gKXe&EVRFrfle2CL7)|YMWV;Wy$hr`Uie(@AjKcm(+(( z$|QLeMsM8YH<2*68ht}B)wT%O6dB~h@bA?^->GkTrF9{#@AAf75K7aSE@D{+Z&c^r z_F*!+&RtsdV3&KhiA%i>qA5Rf>kB_niP#RR+Je(>+M+7uU8faM(zqWKx}M=pS6*TS zOazRP1hj{>5wQ4-{b1Q)oAH+LP#Fcs~S*^t;yv{96wHOWai?=HLUa>{HVn(Lcg0cJF(%~{EIIlLO~*7+H|L8B2H);`cz zre^i)r2}X3ZtSYK<=n;K<`nQ8lkcxhTC5)-I1AI7!Ee($8sLX>x4zjkGmcurmoqPSr0_?#>4mt}X8`HMh~X zJ)5J5yT#;G^4_PQ1E8FaeA@~%o!7n+*)-JtLLsei9yZO}fxravSNYg~m0C;YeyVT2 zSDx2A4PpftLwJ+pAq+^spcA@cju^$NBnR!R4Dax9rr~ZqjC*ZVZgWX=BNaqdR*Om= zckX)p#;9v@<(%J#;hjyc%?7k4Zwv5Yn!w(-Byc#Yi}!4%WUi~o8(+zfCGHh0oxup8 zfG#ThnF<3xevVG4ex^kR+ob4-AxXEWQrU?zs@6QEmNtIGJ%sbyarzQo zD~Rn1KBVgceRJCX95`_!c`KXTy_i)VJU_7Iu|OuR3r8OYj=%@JL7#t|;QzO?roFD^ zee}07xfZ-n+~b%Camq5}zik^#@~E7_n15Wgi~bJ6sw?z=q@)kh zpS_`E@m3VHAO3&6+OaO4FAN+-GTX*1gt4UkwM^~pK-Qy9!N8U_f02R4ek{lr;`zduNQ*vqDSMZPg;DIxlJ~zu+2_6BC`b4ss3UQZn(qH+eCA_Tzuk?Z z`@e^Mq6?y3@qZ6w1n%L@sG?eU)L0y<83@cN*HZon>YS3YO88qq#r}F8Oc=C7>p)kY z7bji&NHFvHPx znCWjrTCKymgd$&d;x&N2fyWN}nf)2isePOx1RA(j!HW60qGO_p=7v7YuKMPD8tquVeC`mV~}=kWx69RkhUTWiDDtf?!N&`Ecjf> z5@64HHAsY6lFAH<5JF5SSc*bUe8(%P@BCGLYdJtcpX*oD>ryC!smUhjqCRxl&H+HG z&civ+LLCvso>T4P#yjcagjKhj^1ggEb-JUv(MRr~{1JfIvd&NEV*rjh?%;kA`JIi( zk9xnyu0+)%RDXvHj1 znF@XYk-o*Y2t#FngoQ;*vxE{{;fQ{QZ4tnP!_uE$KRAR}?=hq6hJy>?K>fZ*@LRGo zC_+DIAXvy24?R%uMfkW#>&P49KjImW%9K%88qcPO&Ou5o;FjVffNN&YBSqDNhAV_X z#dh(=EIzXR8MrON_6QIuj&Azi`x)>{C5rh35H)WQ56Spl9tfk5NY?uj+bG^|aCxAF zsUYzkh|&7}m*L=TRQX(45?1K%Z;hD-k#Diy+f8@=ZAf2k=ZSft*jEB20X0O{Q$nt` zTV@HT`r>6%UI2G$Z=TJpMhWsytyt5C4sNk@X%LQ`J@V`g@T*p;y#)Am z%E;JPiO@MqjAVXzwNwgRwrKtxd)aKUE%s`WM^Pn|v!;Kx8oIP;MLE2W6U9R5?fb~cdOz;!l^U=OOwpe4CBpH^0C8~S|y^ZDAc zS@a{}l429j&I=`wDA(clah>z3IR=LW7L!Xa&U~cpW*-B-EDQbV-?ng}I+cNWyZz(y z+B+dEWQ7qLrpkKxX+ZtSCJPNsr`hBs3O^Hw5;+5H!j1SC!7^Z|3Am^hF={?DO)vpl znxa==T5Ldm+no*Cxe_9?Lx8rnRMzdDVz-hCf)@YqF-t+j_Mwo8qg8L2tN{0_8*!Mb zf)%pefxFv^5)uvOJp}KHFyjRWMe;r-(fCBHua@n{LI9kMM&FJ4T?!pDAGccNr_8Dl z^uT@_6UoY`ma2_7chS2N0IkVdj-}wjNlmf4MxEA>Lr#3$yENbmf32?H z3H?D28xywd!=r?NHC)P=um}Mi?Xezsw7;!-q{VU0Oy`VyHZZe0wRQjR4E(?X=`A0r z_e*$=qP+5k%AX(Tta<8_Gb1BzgeX=4;B)_jEji%h%Id#MiT74cy}%k&;TzTLjz`zr!%E%`oWH@=`KZGV0R=x-9)5nM zrhHd3@3%ZhgXQrGcL)`-LZqw&+t8*k%L;BTT;!y zjh?(5Lz4(ov}vvx530LY?rPyFWx{UZM!%{a8T+W3HGam(usgL=z#qXhoBYJ_5_Dmj zxD@VQ!)%pZu8Mx{8EAQaj$z?^Wyr*ADh6RrVU!ok8*l;?RBf`!AY@?~4G5W1~N zmST0^vq+*;;M_y3B(Qid+Tg6;NA1n=Gpc-){3ZnadEW|Akjd(E9Pf-kAf?~bEK3ot zHI6b}-IW||#Ydkqd!fix*{HQRHy&_dT*73|eAouf^MnajP`sWJ?_}b>6iOis1=75f zXp1+pK;<6hE`KLr!m7C8mc#rVknF0Ns^MEV#31%I; z%GRbT7D5WwKCE)embG+uQWQA3n6xT(91eVO2D}-Wst7g+w9Ed*GS@r{nE=h`bI;gV zm=ggR>VJl);y-hOTf2bKBbH8ym+*~&t4-mJpvvanycI3E#%DkRT7J%`Zn;M@GBUP9 zuLrp8vmeqEsw=dpKJwDvX?G8h54YObZ1k~*51f8ZtxR98OKKT?DtkaJV)v7T#0T9b z6L9(wx%<69+B#3i)jWF#5Mb~%k_V~+5=*NtiX%!=bgXhyc37RscCcbpl)EZ%ie#tF z$e;zq$K*`_>Ch*>LOKWi3UlP-Xa5 z4=oyK2{wyE=H^@~ z#XRtFDwWNrvM-7fTzWf>2C82uC6@q+`+Wg1{iSNAOx{jV1V@una#;|&Ume&^hiV?UD{sNZvrK#hJ{_SR!}%sO~n$yeOz5FD#$`; zhksS5xKYiJSLNkxq+-%rFSz^;gGN`fq;;XizQx>9jWTD2_+;c&Dl<7G8;kTe>tR4@ zv-?4*Q>-UI$(fz|VI}a<@w#P=%i}sz<8&_@Je70(v{&sfe7&t=(4wcuC-?hwNX+St+O42-4^i*mp0=}EXL!SbtBk@p;M?fi=r(82u`0kS( zDsuSEs-}TZ04Ti+g;`08mBry&hmY7hBb??g&{wk6zlD`z;DP4{yY^M@Slp}`SVgcD z?MRlg;%m#_?B)8(Jxop)y=dZMfsRyqC)Zvg5741vL5p9ufB95CD*aZkenk|pyg{F- z88ehm%yy5>G2?QDMDv;{|CoP)2d^wI_b4}|w`vDPuxwEws);YkETj}sT&QN*0~bG8I$Z-xnu^7xGfpW=u-S07o+Un+zt~)r(pi16GX6%{lG9>^)=+ zoCF>6Y8&&-B@{O*TB+kLvEHe+CLs;QfZ!H$H92}1H>%f_zU`u~ARX91W+Cv2BPZ#8xlR_544fgpa@TqZY0(;}qd{O;nh;sKCW6xR<`0dNRb0880T<+nuuDtvnyVNKK>PncEHa#+6pUFj*R#v zf)71Li@Dpcp#Ld}5LijI6Uq5N$4M0LJ0q;edeyF+NO6Xz$gKGaN{@sc0BJE;=Old;HKB4R7PgUlipK+<0>?@HtMSie;YQXWoGSV4poUQ%Yj8zgg zE55;BU25TjqicSwU7|2-yVe2R{z>N%7(s)HUSNM3ydi$>n%FJR*ZW$_EneIHGTp7c z@7P`QJi4`*lr<$ovSsJBBR|@nH7psCx#q3uw&8)?m3!(Nj&FNPFFjvfeNq?b*!}7| z+gRuUB0S)rKvGhnD?(S>r+;4LjyokhHm(!unmeZbFwS)E4^It$(!d`&eQo{Q$ynIS zu^`s(9m+)3@7KwTI}fxyT1x-a!~-ybPuw&Poj!1MO)Jj$Q@=2gE8Bp_UB!X!MQ(%wu>w zi=E?-V*b7+vy5NiK%>Q*us`Ml_IHiQO}j5%yGo>9*nm>_xqV!?=MJe~?3IYfk&jK< zt{whvb1`;Cq;(AFmvaO0*34+^lE}3l8`j4@Eg3?c*J1hE?V0Ualfp_p?`1qlILEOh zK&So#;XI+I{hagQ86lk4gzC8;a9eThnVW^e@~UT(O5BeqKL=>AKOTuV+REC{wID2W z)rx@Z6|V4?4nSRKFF>pxka>=b1nM+i7gkIk6k_VA@CdF4Zc`>7)aen{HVrMLLmW8z^nJrZaA$+ghfa7PZ`#-=4S@9c~p;K)h8l$i@_KB$ ziDNB!>P`{ih!MNW#C6!RaZT;;fI4vWMZHd;K@!o=CS8@ySq8vv}ns#cRhCOE+Q4AsrdFG z!gSTcVPgS}0yN1K%sTVkw-2A?=Fitnp}In^qu$pBcF{midHxRNFVF3JzZ~HuxTdF7 z$1ABAZJW73vf3uL^P`E=+cUH_)&s{D{Eh6FZoZVv>lTZiaQ}}(Lqe(DpnV`+K z_fTngZX7u=D4P=5WKFZ%CZD<^j#+7pPiKA z)JxbRyHNZH8y9G);u=uRZNi%s-H1al8HUoR*I~$81-tKmE#(=28D~PfZpBx5<7*$I zp#aKwD|I7(mxmUbIz5|wl1V1};dTvZwAO_pw*4;{UABXkzFG7${pPdbm>bGJlF zL!;hyI!-yPKk4$D9FMCOC;HP~-290AHp{gxmvO|ChQ3Y{sEV=^NnQH-@}=_6#2?sk zIX57=%`;C=m^XGQ9}}bd1LxUS@$~*Dji@W98`Qxo7tc#xfgevS-RzUBRG)l2CSIh{?ZSql0VhibWX;d8oF+QY=b>#82TN{Tjb z6e(#nw>yW3gj%~F*rjEWNp;_MiQJl}1pWPF*({kgsc7SiDa-cYZ+t{&Lqv*{A+`s; zQ^D^$t0Mc5{2`Vy99~{L97%rLseHxXJv*t&+iEb%e6-oYzCqq=#H+&PG;(W-xATNo zX`kE(^ofA#6kFSDdehx|Jj0S>cAb&@4Uiu^M?R&RZH|Aodb8T8ZY%%SE-K*<$F-IT z!LSH}+K&@DPG!9sDmuh{`)g(zv)ZahEfix6&9N;1NzCZ}t(CQwkVT-8x&I}kbpwEv zkeqhILRPUOz25QW`d=~ywdB7YuO8U9X5LVB`}?x@j#ka-SzVKr4#>^glhwf3>EUyU zraBsFoufTi;V?e|aat#zx>TGyR$HRK_5^EHdc?89B`K>g5ND;byjTY3x`my!#a2BQLE$Vqb=7QpD_RoN@mA9|Y< zzCpyvKWTs)oK=Ps-_Mji#b%6EraU<1lLttdWsb+Abd$#lyc=acUPhRby}XrO6x97Q zF<~{ci&B%jISxHj>f;gCKdFr?WKa+5*hwx4xAeUR$4zFX_}iQd2;I&TJ5wyQQm(>l z0t%j?!q;LJ~2fpxEK&u4Lr_)(PEHTzQ{+)*pVyCR+E)`}l6 z!PlxF4ErI$GyVdyPCsm!c22+dC$*v%%HvI;BB%!b|5(ns@=n`69F(4C@W*``dr1(q zr8NG$xj}7pmsM+C>AbR=D5&kIVnXb5L={Nw*sXH)9nXT$rJMVc*}659a$XM;k}fxc zVhcqYe+4*LQ6&0=16Z;YT)>(IbkK#*Y$eo1sfz1864l>Yejk_r)RHYGqwnz*2Z$@MK2l&J1-aF>=l3 zcr)%ydG&_rto^m*sfHH{C57A^(s&P6eM`D+@SEiWK4qz=e zDWCOQCUEprr(Cp7P$Wtcc9__049dS^viZ*YMBop55Qe47)jC>H$1mgLftek2<(%}_ z#Z%R4xN(n?0ss&bWlbMt1t$ook;Y?QbT#s2vP~ahisX(7Z zzqkYubQEfkt{U+khy7GAiZjd=Hf9IucBhrwZ59B`0v?^C|Z(PS&GFh zy(=BH@x8wqB>GjCmhtY2Bk~0{LiYouU?ZJY(Gtc^0(5FthtLdfsLxzbE)?l3&n{x+ z++SBtDe_h{6GNDSCf;@~IF%0rmySb8<&#Ud%zV#ID#o(+){(Hm^kGp-TYyT=qqm)B zT=QG}-Tr3t1MZqnv+A2}3K|YP(JX&|*PNydb>(CjlWMm~woS`P1#pJ6TVZdWywMbr z;7{HV#ONW_m5~7(>QO#hPueOg(u&G!pV4Fj?c1=yOov#HLpt+sB#JAfKKe=j;v2&} zY%hrgPihblMuNWikgle)j~;~2HksEOZB#s(WNldd%)46Xi3!b+@CmW>P8<5=F?2W_ zAF0e*xaHAo2Pv#M>o&lU#nsVo4pP@a>spDGNPNL_+bfsx)jf?cT;Y zso@S%^qrhJ1G`Nw$=u{cQ?|X2sUYXYcEw-R`>xth957QgTevbWl@+5OfUH@S0k z+uq`t;Y~B+d@mP?{ASE3Tfa}g|6ooDdDd=*tcKpBJ(GS{&W|ly>pJQyn5;Tk?_txe zA83Lv#zX2_nk&ahLR~{I|@y{~IA%oGXkXPUVZf6p4C`J#g=Qs()^Sb(HO#CY6ZT zrGmYA%nmc;2HQMc>g45pKb^#VO}KpfvAYomWP~ez`y6yi&5?d`)74~e+op=SfsitP z`>L%8on-F|md6f7lMH_rqgIAOw_nqVKtqn@%I6d{vxk~4$>>{!woEp(k7Te`6%EoJ zh!^-fSHALJa`l^LN)bFBDqG)CBqCoLv=OOH+T%Xm*?{Ds+6#4qx+gYxGdG{)w(X3y zeYFf`oN`M7i zx0`Rz`~Q{)0BikHd8eAx>rGv~^7EwfK>s=3VrCjgugI(n8|7hnoZE$oR%tKx@W%|ey z=;kG3rJ$sXVUbaj+Lq3`>Ozy@uTJ!X@ix1XUV6^eT~*sCEuUFJ-kQ|mxh~$Hs(W7( z?+TTtLZ^1$-SO(J*@ZMua^GSajyTlI<{p_z!@GzYK08gwmC4@!P?H&6IYW&|CQ~aR z(F!%EC7-}op+crBrL3{VfLm=z0aW2{j{r*L7_=4&co?I-?NXEV^{8hmwN{&3uroOS z8o}oC&A5wHTC|HjgF@6+-Fmfl(BrwkBEra~G$5Q-B_W!LpN+JHp7XYDs-p%6y(y2P zq+C9$`g7Kk&rq~ z27)Sc#%q@x#$u!i!S5%KIC_5qf_QNK1u9Dj>q_=rjrjSRX_!S2PKFR3m^07?nD$26 zM;*2A{V4wE88y2YO=1RD(Co4g=J=LnQzLLR6gDLWPw8mWFnf-~d(^l<FYdP zq@63G9I2r$+gvcj@VS;|Yg32G+@K1YPG1l+$DT~puzzN^{YW(FTuDwct$fBx289he zQnwh5qiE^`P>Axeiw28M?QaPOqawlE`Y8O)Q1QjC z=lO%7X;-uIYbn%`Etr>_fwn+rRk{1SoQv5KC8~fTfxLGpbT^r}&SA8+??oVhZO*^;-HwU< z36=&H-u|He25mP#bHgxf7`8T(lG)HwUNvI*|hLC+<{xwPL~J(fstF~`vT>$i7 zPElP46PTtmuMPj$3i5Kaog$cXkOX~M+@%Wl6Iatje%BU$s{xJ9;?cu7<~ zbR%k_7<~L*@v9dtMN^ga{m*j^x8QOPbC#?~=fp`8IyzP(n6U=gn%8DN6`pDy!++wm?1PN~mrJGx3{^*W}5SJHd0FnOx0;}{m^y_&DJ>b~rHb!tswj$Q>k zX}KuDF}!P{&xSE4D<}@@On^EXj7|2OxN7flURF17WG^P}X#?&>yH1ewqj@UUI?0x6J%wR?)wdpr0ak5p~Zl61h^Cn=F z_IB$YHWD1kfiit|97kJGIYi)`82P4Z*7Y(U_m&w=JgWOJP zV3L)$3^|n9m9-6lId{{2NVS$hU&fngGWFDMiq%=rTH2tJ#D_2$Ng)~(Fd%C6^&!>U1pQPAr%uN!?lYl-w_ZrjYa*|P2ZO;>8L zS_3akmnm~{^CX23K|K{LxdXgE-QV8(Qf57oznkPN^OKzOky><%{81WFokSQML&qpfTA0`;o)%|8B5Ub*U%R$Hks zm#l!O01&BqpE#sGYgOW5>Rphx6266a(=UE*#JM+Me26K9`yu7^zwA?bpoAyGkX;}w<_IGR=^SxPi()ciOd%Voh`_Eix3-yfCJ%TlLx=^NL1Y1 zTVG^*9TlK=2?1CN_T6G{!DQF;_q{@TYZ-7#_Qz;e&dl!4DjqqBn7V$pL28se1S(F5 z4J!vYXTaZnQ^Zl!)lG*2n*rX>iAc4+srwpSQIjV{e|fOBGiL z*pNd1)eH#=>?b+%4+xp8jsz6s$-OAcJOVDjc~01UXtpYlB}* zX%TqWsR4QlIsp!$Zeg_1=F*Wd-7TvgW~Mk>+RK3CQrUxbevK0?`N7ZtrE5kcPi z4!Hmg7PB1e+g}I1Q8M(Ax`^*7Geg`iESkvkfo^pXOz1TlElj0jzlAyj@D+(RJ6&r{^ygKx2~x zX-5sKao5PW`iThg$V*pH6L4jxdIl~Wvv+=If%{<@Z~xKB`WM6Le=Ow!@PhnHQpmsi zWB&^tlsh`y8i_?28x&&IEORK`p*ryE@H4F4D_!uB%;JY&*bR)kpT)d3-V`5J5fm-_p-{Byd)=2tf_91f7 z_AKOR!AYIT2{x47#9w|zm}E@OM#SPAx)&0l{T3NtINx&$kNWLV=xV|P0d+&{JzvT9 z9ElTpM#~)4mc0t^YzQWqI3AT%)>QG}OqjSZDjhu|X}W25e#96v?PB=`tMBKrdbk;@ z^CkYip%m`*o~Q>?ISfOerhBK!Gm)?{P{%^u;{Rjs&Et~H+W&EznU=98r%hX2ro~K6 zt(;tPn^rRyN=wDHGBrgsH5Wvnraeo`eL<*9$(3Bd6=`wF4KlX`lTwkCkWmBz1b#O< z^E@^4%=7v0yZpYxANivD=A8S!&ULQ+eVs`$B81@%c=s{7ht?#K!q_N{Z#{?;zQ~P*}bWzlC;geiDv;I;H0}!1asW4!Z89(`@sN zaMjGwhrb^7#O^3Pbwtyn_SjK_)6tW;?pF!X+`dK);iAO*Hhm|r=Zp~TZ+?1Biz?(-;B2X`0paD&YqJ$0NKFh`%=xoUQ?T>Fg2#~4}|aK z2Dh+B2di29jG)5_(nuJuqVa6=OT5!`YLlHjl9A(aK0tYcx^-a+rpM#i#O5n2i-CFz z*ZvPC57Q4{7{Arv(xdEnm^3Q5(O*e(*dWW{)=RvR{J#28oxu@78t>f=cWw=dIO(wB z_H`SnFEXQnj&lYB*Ffh(oUO|c#uMse>o+?IH7cwClCz)4zH#ex3{+3^C^9ImX6`U zn?}FL)pYj!?0DqHEqV>8kSISp^Et&o^Ni~Y*7ac49c|yOvbosj2hev6*=p>xmzxMu z$iOj4>#gZRFK<*9zFXTd`$iCr$7wLM^&YN!$r~ z`u4$M&TIGDZO~$^6bf95oh1MVUD-M8X&E+Tea(Lao@xJ?zA?!=_0hWmlLXd? z-B;XNwal@h>^q}l8kdt&QV4j~qF+5U&IVlrKZ=zC+T83iIl6TH(_7kQYr~JNa4Wf{ z=X8tj9uoH5vVzsyC4S2`hbCN3bPv||jjvlhq-)QYxg9XBT#boY;avj$Zn4k6!PDJU zd)nJ40j=(#zq_W~EL48$$)KeCEzWsH6o>NBCx~~_F8UKv4}ZTuaT`f1L0ZJzel=>w zquByJDV!b8C*zDxddTX%860kdw)<&=}ZZY!h^(vIj!9I;E< z>3#^D_@Yy)4q+Wg)xR#o)X0-{x3!blY$q&c3oA|VRjqp(R#*FyZHR6juyZ0Zr2bG#FD9Gvp(AXUGuJBsJSH7S{(y z80jvVmna8cejEXZc&V^_K|e9}Qx(YX4U#q-p15AtCh4WYr>(D=bY4!54biJi&}*)GH&OOvvFeGqv(;0duP+87J#jvCUC zE4@*UJ~6uCB&9qcdbmA&8Ud9;Z>67koMTct)bofmO7H{der(#(zlOd0-~QR3D{&P8 z`tV0p#U&-3t90n~?R}2!n>Dp`x>91}fu+4Q?s}o10lAjC#;x@z;A850p&{gNI&v}~ z`?Jk9YgJRJE)3V(!XN1*mU?+<;`1zTKsA8UUmAn0i{mo4EkT`?4(z0oWrpYqGq=FD z*4Dt+MI9cVQ~|h_5-z!=bgYDGX=d#E@Cotu3HvymU~W`tQy{Epc=|KO8A8sE^&0Z= z+^joQv3=NW!7UH)ELMut?~%ad>7&C$V37WD3K|P8Tqku z65(3?1EuM~%e6<9v5dm3Vd+y}gU3}h_+xFY*tjM66K~HlXz&f}inp4SRn^s#Yuwa4 zmPhn9ffnUEH?B#DY>k;dL>jGy=u?`UmpAn_0q&RG5Ka&hJc7t*ZHD_mxUtaZSxGk( zyX~*3lUr|Sk0%w$pr%mhfxQ@gjWxocAjkf|@-n^>H6DBBigA6kBMZI##iq-5J$B@w zEtBX#jR}!v)kJM-g5PBAsP>0I*U>G?(tDiEiDGL5*I&#>H#8l8-}KMwXX-k>%Ba->YL3cAQjdL z`)|14phewCONy$0z-guYuP<;crwTaBo z``LeS^HWW>pBfGRF`RJorFGYjEo+~dI~3q}X=_;F71p`MW*1kx)gMiHC34YsxuD|^ ziraJcLO{5d3yimi7`U2ll{QR$+Qfcr(p6mKfQ=~X-8y`5$S1VJ0~$4xdzAV(Ug!3M z{gx(9W32*wF1c{^v14*gH%!(r-NQ3YU%rzrX3xN!IEWhRNnoiFRa2XZQL?JO5bSYk zvta!%-+SrYKTSU)UocR7gmyJ1bMQ#&IgROyev22|+eLR;-v*F^yFb7e) zw)xZxgg=2BDqX;`P@G8u*GF%6%{n~XlJQ(d%9g*&879rBfB5`16dXeChsS>Zw_(G* zP7%1(!nQZxLD3)YuBjrVsk~_l%iiXc@{~E<`aS=Ohqv>NpENRbQXu+_vA8BI6QD`~ zaUTeb`}rYiS@O>9{iC2oFQdwk(J&0_cR#re@s)N_U_ z<9;~$AlJaAfj$uZ})sN8S9f7s>uu)N=@$;6ItFUe?aic4(;(YZgO z?am%OuU8+Zfnfz751xi+e{(3!FTzfkPAhcp)449RZh|MV_7SPF-0x93>H51$ZwVWS z$(y z1MKjoEH#2~tHk7cb^I!wmO$pN%?;6?Mvz*%W+{((rSG^Nc0x_JvYV1rKuZ(uz3dV- zS`gX~Sr!bX=LQ%1pMK~w5>9yP3VuV3opP6J7XIKd08VXZMI^7cbT{HXYcc1Z(7%`_ z1WI?qB^p#5G>-!Vt1Jiccu3)1_m2O)VlCnq~s6$N@znJ762DQ>Ge z7BU*rt%;L0x(;_WnC&^KOL$1~?bqJCztz>a@(4QZN|2bA>9)jp<4Q~iT0FHW`N&?AlE@Z{|xwSlAh zi#SudM7xF?jXZ2<@nHZNQyQ~n@nO{{o79V)-q`)obE(eEeU))#mN!B;Qp@yX??;B< zHzlm(YP@u=MhfT|JMpY@F)5lJ{Gp~#NIIVpJ3Pwo+3WV}>DJ}(6|zBM4upf`ZlXR7 zSmj>y-N}HNz=tCQzrnuzb;oZ}&x#S=%g>*(rtbw8+fNIP$})eJdZW($4P*Dl@|zO^ z%`NZS4{0A;Qc&s{nMfS76}4vWagA+*ja?)BP!Og<}H@>}1(0?kZE8 zsx~Rd=0l5F<~Ij|9WP;5(}SbsX^=oBABWg9W0hu;u!gsLTX&=kL(EpE*;rMMS`|F& zq{*&TAll=GSjL%SLcwoHW=sjpcO60ERZNFYZ6?4(7RMVqn6>T1c2%mr8P2+=_BLR- zXY8$=nyx&M@*8|3o~%-?PK%Dg5ZGzZRJJNLDsk<0U6flKb?-ad?jwaxglPQWfMh(o zRd5VIXb;9#ADhVbuTN{;>B<8y|KRodID+}?ugS{|_=w%+mo8+U_I2ndyO(WD7UXcg zbvS#Ix%xwLY}XC3^v=Tvgk5j6{|1M{bOuVT-{?fl6zKxN2AvMutX(%Y=RX*1=k^?| zJ#=CFVs-#(=|=3+`fYy!Yb?NZygC6b_+|{bq7?|XBgvl!Wh|gbLCN$D_tn9r;A0uf zC{5(0ebhj!Z~kt8lOEcmfRU!UIqT8mv_RxcGo3o}@R#G?=UI*EIjU%&ZxuV=t)MwP z`U?hS9u<_@S)gZ1xS``#LHUA zQoc|=+Z9Hh>j5x)KT=_Uhpn{U?h|fg0h;(Vj_jR(Lmc)@Rz<9j(w%Jrmv9RO#^X;| zH;M+{`sDvGHD-F!W{%CUk@qm9f_F9uo`gFhQ#tY9-Uu?Lmw;%1e{b;>u**w?} zh$jFAd7V;k2QZ3o z^Ag`F58xeR&jv`jHR^9&dL$vTdgq4wnAe68^!|Ff$lymZC3-6mtxOun)Fo^FxFmw+Gs@2F19ZeMgzFWf@ux7dF`kNo z^AjeMlitSl(HC86%>$spnDuB8s!_z&YC*jH9XyPkMTMntwkfiX zor)f4{{V&mx1pW^arwV8pZMRf?S|{nqG>hM^h*|=Au~^(<<*1<=5e>vffumt!WkWW z87gj)W!3J-lV~s`g79EBU^ z_YPM>W0Z*d|An>jTM{_j;2`O3=M}S!Tuv9Pc>Vct4`*&Hp&I*cVE}J*+yJl_{*}gP z0-%*N!N;CrHa_V?mYXjrfo^U;I*F6_6>W$o1Q0Mn0DI`n``i zifm*xLnuZl-$9F;Ts-b-UyBS)giAPUOWx*ImOx+*js3w0Yx9zsH#Alv03&v4b!g=# z+S`CwcO^_7NN%Y6@*5hfpuepb;DTkywOAf!M@h!1_~;bzv$B zBZ~>noAH<)1VUK-zZ&-hmTctP(N(yuNPgZ$(z~c0Du~4HfvNCs)0IA(%?lBLiB^mh z0?ugzO4+ChI-%bBzRjbyPPRugL*4CcVcNl8w#X%)YSeEovoR{Y77COK4Y(e*yL|t% zsOYfnfsH)s*)IDqdNsyvaHWeFS_UP{;{RN>3Np%Bw9wYtXeTMHu^?X0MEL1Nzm%3U%8gLmEmVyW+}|> z=jqWuxN~3LHopNkzaHP-=ha@9uHTkg&=>JS+Jxm&;5dfOG_9@d@l;_TF%z(pA^S-&1*DjS6NC9f^1`QEzoTRpql z?4x>>(3oYEp>oO%>f*jD>qVHe=f`46X`>zdU0@*)T4>)!2HyaG^fy?p91YpvVU@1GaHHBrFh<}Ko$8{|ScDs7Qc637PV`LT6L zp!4}H_)DwpmG!T#vkBOoye$lSV6A>TyUW$8)|@-?c1R`t`OOH4_pio>bJc_?T`%;o z@=2Hs1|#o2)Em)|xLczh3Hrl@;mA9Zi(ccIC1$dY#`FmBJQ%K6O)!^ASc z8>R{ssPvGm-F^$rBMQ}bJzo7U-2?2XeTt21;0k~}RgqcO^pEMDzAx-}ep8A=tYnp4 z-59Y6F`Yx+*Z*(`nepBMlsoW3ooVj!+v62|RaH~`RM!gu2B{}KBs*P1gN2_%I{JM2 zDV}=Yx!C8ep!^pA}I zc99*OzNa(%^U3b;br>&a_jAgbC#}6x)rF+Pm-5!F%z8K4PJnRkbz&KFk&fm-6!nK4 zS+wvNqo6*_TUCDmzFOe*PDj2|&xW;*9zZh$9w76t53qm<-mub6?zNmUwEb$btNE=~ z%CEXh0l+m-W2Kd3P;KLJVLat!uz9`Y$+aT|(Z%0gPLvF7dDb20LxA7$kf?JX&Uv{^ zXBAA6*6Q~S4Gr)m6IoYxbpb19%JK=Tbm7*$U-8smMi2c{>kf?08nozKV{)s<$J4~K zZ9uK+#WELdjg&+KcIL~U^8t7;IJ{u)&cum90IaR8aoaUWN>exmvze=6?@Yhl)#6U{H#Vs`GsIb)+^!k$>CCh9yVlb`3yZv{wWdYG6022VN6;xlnzME6ablHU^HNIt>sXT>lo9}A`1A4$rQA^iRQlp3CR@;S%Jw6-| zJ<1%5I@2=4W43L_&jj2*vaV|`K}-ID9h9_u@8rZ5Pds9W?7Xu33<30R+@*P+zi#iV z19{9S5zi_PJ5cy2Ga?uxD9)n625#S`A?__cv{#;koyY-Q9$a`JZxu4UoKayG%&9zS z_U(}IK(z3L!aSUB<<^O^1x$Os{%@Y9NBMq=J9wb(`{Ar!Ek$*^Cy~jaO@d7 zk%c4I)oj`Z=8WZY89nrYbbpeHTpB;f_X&R2MJ2zTGWCfK&Y?fbp;qT3-pyQ1i9?VA zbTz^Kqz1zTGa3%py9Xj8yhz6(Vh@0_C<@t~F}ziJ%RrUNe4X6$y>ex~7PQ zD0*pj0*#(7pbCK9aQ2Gcj?b2&C<{-`+eSX*@ou-RX)z3G`yQ&=HSJTUPk`JCalIEC zF&`g38M~`f5ie;ywTs8g(252Y!2qRu2`2q6nQL@dizDeAu!`k>mnBRJ7sY+ z`4IOv`|E^RC8HuK^wEXuL5h+7g9OOC5J2|V(nWuO{@n`ReUTN@D3WN&TTFf9^Jdg! zGYRe<<>`8l4G`e&m5Ge~zKN%kg8zMMR~9rtq8-z{VyZ>rw6?d&y@C;`R9BMsDI@RKAW zmn86{yrjcfF^y7i4tk~S$KO{Q&`!I)zh-;^cIvz2X61TbX_!q;PBGtyE|eX&j0|;L z)e~vZ*~TbGuS8=Nj0k)#+3i4I?r<@yq-rY%4vYE|gtmrq)iJKS(^3jZ!H~e`*|xQm zXG~r6AZztCOYL*sgG`h74XFRcV}9+l1_c-WYHyR@^)XThpgsQ54K{C z{9A@^JioVsTG;Q_hK(V~8Uzhf<4Cm+E9Z4PFj?l+7aM9CBG*yIB9NmwMvW&Hui?h? zgf?Z5QW$gn3BCr+KY_2#{3d3I-^FMmWuU&*a6Uiet|~y}5G~ zE@{AXAlu8y^KFHAn7y|nZg^;zJAefHc=Cun0~MY1pU?U-8?f?Erbr3hmnyQSxY@wn zg~bSQTSZr`l?s=~;~@5OSrYbLW<#vJix6LU``lzDl?nmNUC$h+^b z+3DW1*K9jrr!r@dlFHH-S$cxlyl0OL0${>-_><*!p`#w@BT24h?1vBX5bqwm$lCeK zphsX#;{bU49oY!UB^mkfJS<3pC=O2$=y}bUP%^cT42UmQ-7yKl#k2662l3vNl)stR zi{kO2$@N2L9xUfY^3Fz41SS@Elf)e@W))=^FDLwk@$P-D74gvSgNr)YxWurSXSP{Qb48Xezs{2C7e)rSSZNH_`Yd2BVwt!+zEVAKgTJM^Rn$#$DIHVw;Xf zN$oRDsi7nKm;2Ls_rhed*1b?sJ2u-i;ke$Z2PZm8MCo|%xY>)D109~X4K({}o!9q- zx;ZgC26SuDJ|8;SQFFnt8Q@`vO>U|r(aFr6CP5kU_kBG9!|q2U8+s+Nd9SpUe~pl& z!-}32^z#pIrXK6=s313fZZF6jR-Fhz1gNZG7uQGFV0Qc#gj?kIH5U;cC3)X^afiU{ z?Kw_^se&y}fb~zqPChQ5zL@Fd>UlAl?E!CZ)2v0iTr&p$nCyEub+NU`r}9DolbvP!HDzvdSlj>GPN)s;QQG=(e+I)N0mU z9i_fmiph8#@7DeVFRI67N7d;u?g5DIV{me_m2%*F@w^=h>=lOtA69q`dvv!RT-4Im z0KQZ~L`TQzFSo3SJv;s6r+~b-d6>ouLW7r^^&)?~ms9nHaZe-Un}*rtVWF+%FS6p3 zBr{BSS5WQT;m}r(6Fqrb9_&OH;?IfaqC|bpkT$9{uDa*a?yqOddz7T3sy`Odk2zWK zYD;SAubD$-q-IUdz_lKoF)tcxo{MZq;7zQP0Kdn<>OqG7jM?tH)Xb&ZNUy@MxQ%lKVcO<-W_c{ zCLH!8YU5ZlJObzE(<>B4mEx0f-0a&7;ggS}x0;oc(ko9`I>#N}QEKZ8s+u9}*T!CW zWBojU`^QXv7>2p4SxQfJe|diOlxvyJa?fL2>G%MI=@!RCc2X~LqrYLzTjIdTr+qK^b{y{``y%)ttI}=NB#d*9;aOpw(?wn^fEjO=#m5*u~ z1m?v)KDX#7J~LnWU_`EG;fp(ZPl9|==e(^*%ufhzEs0Y_&|!_$X_n$rOfj=F5NTBP zFcIhx#o{XjxPGjM@}(J;Z`r!_hv$tTeh;@%^x0SGw5B-dk_52wY@|Q2W}Yk?Ic<`# zPr(-WW&V!Vj{bYQdcr(x2MGDqXcE_|TGT!3-r8R`scT>k%E@1rpT--TZKkVI8j#0c zivc=`Yq#IMr{JY4($FiFyppUpzL)Jl4^m^(A`5k@PIkX=skHpS z?2d4~ZK}E#3fewZ+8!=t)<+6}x#(U$B1 zE?(N6zZ5I4Z!8NQR8s+k7s`<`ZmF<3@Lm4xvouk^@?Aj#e zNe%b0p1Gv>w<3-zl1D z|I7H!g*Vi#?T8o8yaYuI!WH9g|GRNn>+zU8_kz2?a9QX6W;m;;263fU{451$BYr;` zxvryX8n$Rx$|qdJKK#7e`gdSM;nr*&?aOx`&oHtPpK6>!|JPexfNb{vG@LqKHe1g{ zGFe7s9v|e3oRy-tZ`rb?<*w(Sf*ODa;hX4o_|T!p*iZKVi7d=m{u|$pZCkcPK-wBp z-TwM>Mt>|n(B|_;jl(|!GbHs0^5X6O>e_HN;C@HSB&=Ud^ErQ8vxYWgTL~9z$U!wsxA;& zGUYbIQo3MJ$xo|v{yGlxf1vaChZ+XjC@TZmN5yBm!VY*}@uj^1bUy=J|M{y5#{lS! zHveY8e<;)*(84VL3)4Z-W%&!2MbU%#3v*SG#rjhJ|CfnJdbAL~O>Z&{Mb3VJo2w`( zv4AiNLsa+2Xy4C`+|WYgk-}ZB{XBm;h2_iVqLYG z{DceIHd4T+gYj+|Yas+IBl&Lwk=DQ|IX=1YQx7X5jTVNm1EfwKmkhQXWdqp9BcGW` z*6~JIfm`#>=34W2D5=d0+BzH%k-P&Gn9SzlnLPn(cP^L&UV}8ZCB02@YG*V78^ ziI%*lX5cmO3_A>hxXt13LG}ykx>IC|3 zi)R%ldj%>E5L0NQ-_Q$jAjR=xD}IlD|MQUlFHmw}um2zV@1@JuqG2GK3bcwe2UEYY9}uBp84D`X8EiRx&LWE9jW|uvlKwQbUHahFh8e(k z))c=~NPO>%BDTw5|0TL$UR?p&f?-z1AF3(@V+?iBVFr-0ywQ^unt9U>B6*8Kq@BSnPpZ^6Ir4G^Iav+S%-g z80=khzCz<0UU80i5Oa8}p%89y>One3Md{MFMKl{w)uBTH2|3qyWz_wY_tAAMqFd#K zV$y;3rCNdT@5WEE${OpAk3|$lx`3vZD8)V!Lvk&jd(0%s1zIQpSvG;18z`pi<6LLx~6FGRE9&C2A%{HrBm+VzZIWT$AI$n#SR-7pPfNxj0bH zL&>-Z0V;mR*E*QBr6PA9s|@*+LS|c9(p?Wvujt%wvty58pPFlthV%-GjkgN+Q-O(| zO9l-ui)I^JenW{>ZS5OAnW2h!5f$5}Ad@yKsPndfp24ER7u0yVMbFu!Uuxn?mH2 zQNWeZZ-cfgnr?RMpMJ&#<|~8EXx*+maZEX7w^A64V&G&PQ1TH8F>FF z9!N&P9zs32w>F^C^_&N*Vu6ipEIWB87Z(5zIcAs2J*##;ZvZz=y9q8J#QX2Fk8IZM=%!QW^df5Kf4F0L;N+Hg%(+`PJJaW~ zZ`Xz2Z#6w#(s1GfTlbKmn)D|xEI?>+o6VC26O*oY!3u1~BhR^^geNRi@9zc!7$7{T zBU)MM8N~e336as3>U-jZVN=62V#SsKy}KGlKjS^xPE_^+ zS?88wF5Tz2183qY4va+RVM}ZtQRYVio8`^;9tz#eS0lkHwU zkV5Np{BY-0lp-AWUg?_gmWblEoOQ7HZ~wSsJN-2A#OacSAIAfEjiI%an_i|07i8r> z!~a8^e>mr#ZS{{(_(x*?qfY+Owf|TO|Cmw#*qHynvXJv;$WkFnHb|Do$gdbB_Z%KJ z`L_phx1BSFn&ZjE2{JKAK8zBauj|ZGcnX)x6<$Uf``krr0NMgb(mWf&Kt6PSY&?1{ zOp&cnzp(t8v3!<=lAn22z70oqO!t@LFN1ym3-{$>%Q>4&^VVse zste-P8(;G0=PFu`8RjX_UGyEhT#3&^@-mKMD#QF+B1I=QyuDMT)Q8IKEn)Ti_W;cZ~b z8cZQib7dAu#LcY1oQBL8Jwg|1u3Farvau9_>3|=L*c4G`X~37bll8esNuDj%FNY}< z7GeWQL~ox`BUWwnOu%7H#-(`@=I(}-3?0)rD5sI9!!QJ2w7KD@;eda;aI>r1b`KQx znoCK-usliC5X;=#aMLy8U8dKJ{lr`DlN2f43(r1XGlubG(532x2A9Q4ArtG^=RP>( zW9IJja@##NgD91zu-)9F!E#G~i80^pE+H&^Y<5Fs2)hJzzt+_&N{ds#1|Vfb6#v1)vpbm=ZRhL51q6wNqcvW8-L&;KO?FZ%`|F<{Nkdf z!6tixcu#TyYKPiAK6LgscoydP)!sQqsWycziW2EzP56xvIz($MPQP-U-5n=yCGTO0 zi?ZX90wij{8Yc!z%lZ~`#TrFaf{Y}Pz{hx<46JtL4+7qol;-R%P0ScH?WYncR+Dc% zcw>8P^9|BFgII~n>#M(DYto^a21IF?XA1%{+TX4%F}WZ4yBj^7_Pb-8S$m;?w9MVK zoc1Ck4`uGE_9H#v3LNvITu_xm&?ztRzEr~0g3U(NBY@hn`M21M3k;SK5EsX+hT@8z zo`Z35NK?byo!Nyb;qBJR$PQ}d8@OYRfWSE|f3?T({ueHNpaa~Jt-&tNtVl$`=1SGA zmcoK*yaaUgRLxU(P8;CouU)SX_^I9Y+gcH%#!_e23}o~w7+a$op{L+=<-j}mvAP9D z=>*ER7nADj`mEFPZ|{qcl~yfYm8SP>(DTRS!{45ImcpwtCDP;!$<-uUdcJ!>Ix2CK zKWx!nT$nal`D40V{M*N7hJb{vd*6_LVzIU;OTG3?4hT#$cE=058w+Golf#g$DW>`} zpO@T812*BuJ3&cdK<874>3X4H+J4f#PB`ReSKo+^)+3Z{Wz!?i2-T%S=IP;-PNJ3V zSKBsGA`n2$k7&XYQS4S)0lZ8_74$YNRV%e@0v8;l%vlt zT@#*dQjD)TL4cS(^|}{n*wIWYd+%f*-+Cs} zvtnoUJ1+m~WhTp$90)L{=Sbgtuqv1$)w;KhWVy7yAn4Q*TKo6)muV!?kwkyl|(HtMyUpuRLt*_v>_{;>EMn*pdc{5Lv&CuK;S?m=L|YThv1FJJBqP=5k$(m z07r!YoR1{k_1R)RMTdKp`dyUNsRvg1)%p*)b%aWAr8X5$u&n7gur2=-r1jIJ8?CWy zAkd)DFItkFALg;CvMitD8DUXOcBfO?`^{nuJpEe4LX7Mp)CwZyy}?gSv<5TE5J&8_ zP?P9~@5mkQwKAaX)ce(nV3mtmq-?s6MxaLC#ZNK@Hv0C#iwAnGgC%4STfDDF1=@bB z5j;H5&wmG3RDoamHoyQKv~)ek#fOFqt5QoMCZp`Cqr&kS`^@nvv!y9g!DCCK?V+Rs zM~l-%m+k6F=G@`2#l7fZ`+BR|Bsv~n6a;>I0=y*1lm2@6s2BWKst0Y6yDG2Ox+9^& z6Rh9c2HPXDa3QOBnjSQUuq~3~X`RE1F67W``c?{7?9t~mhE|i`wN|b$`ATerMLKl( z$@|N9vFOJ%+<3p9gUc$@hNi6Wg}ve#0;J=K3;|-$*rP>MbG}#`vbfwnJtsw!O*n^o zS3q%_DPVfUNzS*N17xN0!luwp_AA@k`gEU+*h(&C_J2Ojsll|q+ZVt!?{}?GX$xn% zYSFioJzyKS=dkH`i#OF{(XJ6#)@=Lz-G1DpO*Bz3MqMkQpJG7kts-nH%MzhFlT+@009yKq0yS30TrSm zUg>3Ovbq<4x8KHiBFjtLA3MUj_WC8tHOm0pp%T(O>AZe$2VZBONE)=^sY zJ#6#MDo}c16^D7go2H%owYUf$)IuNASVJGcd*ACsJ`g`-;;ZSA$=ZFmD!i}kwgteK zprR`2Y0YXnzm(tYsis_c8a82*LB3QnL74jFR!xbFkgyqquwZkD=_g`(iX>!WG((ut z;bDPuw{UY8i#%M*@{$qqlCLGFtF4%*t}jflcYQoKe7qw(EqSZqy zXE56)%vIo1-B~$nKtL0zPvlg{%G$695rq8&P(n|l#(I{dPXJ2G0z}6fNr*B!rP85; zSppUA;m*h+!JekNk@9i2o-I;^VX`2Xhmr9F*M@y(<4^SfGD-T(rNzw?)Z6y!gJ{bf z1k;tADm_lRkx%UkO0#0E7p_&*YAo$^H%l?SJaga_{Ees1m`H5Gi69#OM1s;dh070d zE(PdbA3O%X0*Cp9@*pITI5Lnppz%ao4;beIW;n@L7RshwqE|%6Q>~ zhp^ol_H-SlW6Lpkw~?gen1%&C;Yk`{%UvHWS^+83olUVWl;xuCll!q_Ca3z9ZFrA3 zGbK#Hsl5NNSGw6gx>-FrAp8UpqnDE5rljFzOsU3XTuojt#8%0G9%b; zeOp^fnSt_}{%WT0)j)EZU#TUgx~<#}e$a5ag`ly_(ZaC(QTmXnh!(E}kveI&RzM^r zxjx|fAa|~AnDe-0+NYR-em4Y^PGx02eKW=IANCLsT5c>Xi&(l}_2D_JOB>Q35}$T$ zyE#Z8g}1tqCOo;t;sKY@7E2@dO&xu*pw=MsB~+x9MCyx&rnB9R#`!T6f-ZFWAh*2C{S&M6EQv>dH;#0hjtNbNMj3F0(qVAvWX66R%L8 zPoKK#2^hk2mz-!Vrr?wA&BC#tjB#$X3D0kzxO`h@!r?a4xYLDWvJN3~YV33*RI7@M zItkyG{H3|jSvWdWIJWq8w1;N(K{z6RfKp={9&M zs2cM>~?a&GS6(Il)Q|t+#7+L2%M5n>lDVpxj58Xj>>{kw?J#TltykDX= z$T?gQox|G;Pq~th#uQ31sNGLZ&bKi`N!0{cB!W|=zSgjf>_Oe{n@=q7CzwDX2#5j> zf#lA7GeWb3Mkrnn9W4oxbCbsOT`ipXY!Ps5I+V}eEI zBu9SGUX)-EO5>M$Z|hoKPl_yV?{}n{5F9ZyjT0M0O8!2)b^2mcL9AwO)RJwIsS z9#n1a3wRdK%LHtX;0Lcm<;k>h!lILg)uubzV3Bd$v#ex6BxO;5H<~u((!+Zc;6xqc zGH83?ZPJ)ozHQISH`SQX$T9pcMqin`open%-rM-e7fjbUQ@&m;295j~r;MC=5sF`i zs}Qz~7tUfDQWh7d8LD>Gc6X6xMAT>9v~S16tul0<;C&Nvua;HnWXY2}Ta1m3N^X)cIfSB5j5 zO`>X(IAH@MA`}vok>)oX?ZFiv)s{3wd(?x3vo}aOy;a=s;+l!%e{*6H*CQer;KNN2 z#Eh#}?8Njb)#*OJq1V+~#7n`(Q4kHpwIHwycPMwRoHP&_8vT@P8le^Dv zc)Z4|&F{36Zw~8ZzacGm@*w@B{556`$Ij4?dyPioxiRjkg@XJ!FGBg(aOo~ABTp=| zn|H;*FpT(>=_hS2?CmPA%Sv6mF$Mts zpg-Az_~E2p_`bNVXs8wgvS8-9d~o14Nly}$_2bl%C~46eutyA^UWkzi(S|xu#nlHG z6!Psog1SN6D}ZEqJR+(s{o6VhH3xmjw|TT`epW9eILn>}i@>@$Ia0~VX4&y5c*La9 zH1&Rbuc-Tu-cfqWmx{;%KIdW4k3GgUddiNi6R5@S_08v`IOSqLO&qK?j5A~xkMd~Z z{`8p11JD9f)Vn)f%Zs9VO2><()qSQyac$iNPp(cz4*S*e29iiP_7V0b|4+Pm>S(fG zWA|udo?p5;>KtlFwk|G_$0I-%Tam2w23-6ae0)zxrj2Zb;Ww( za1ZS*uh+$wyLUm==U>=vbjeB^g4#QuN= z>_(%bu3F{MNaEvn1w&ZRLWB#iY@IIi2g-2QEBMhb-NQj&bq<}F+|e}wP1J-$4nh!a z^o%OdVW@;QDV&K)^U)%t(F!)ILHP#eVHQ&8z&rR^K#jX#Im0iqe8>$tAXw5?AUHl= za3O$EUSTRHCE{s(^yDbu#ErSrtD-pM0nqU8{)YVr2RN^B$)c!7^*S6oDa|en893S3BBCLB@m# zaPJ^SCFEVF=Nov0qqd|J?GscTSd8}qjHSFDW6m50-gV%ki}auc*M-tOY5aH~!TNad&K13vCv^z>+N zb7)wc8gF>JZF+qSFx}2;haff`RlG6ZMFA1d>ICMw*%)phCx$ZwzU`A9g{j+Jmo5+* zSHnS)!S)s3Qoh{PorQi<*NXGojoO(#=ZWGnZJg$sT!fPo)gQetroHheT%ZlC$mVUG zd4{x|2BRd$CxL38dbULoC65rkILf-v-CqU|$I54qGWzWeO>x!caV1c>+3Dh%$D|WA zot1)00y^*MR{5oeoB_CGJ1%z;#JheTi6jMOl{T8=nC6|`Xg@i|c!6*N{!-{FJNOE! z?1^b(d-w^#Vt9|I6Z~#G2+OdCBj$QziNr!;o~(Xuk-e%YWL>Xo1v&SjyzbkqXs84=pS4+5PiwbirR6iN@5wvK4;eilDBJaIEUJ66e;aoO z6f8rAnz~sVaHp~cZg_SFYynVELjVqBgLBa zq&x6?50yC*C(XkeQ3PV&A_LQwJ>)@Cy2{ei_0_##`S{gRQOq6v9{nN}z);_#qbb3L zKeq)U5-wx!Mm%yF;!U(@75!8-BLtU>qBmxLhst>}wO_!Y*USR%J-Lpq<1Q!YIYk70dh*;Wxtzp99 zupmllPXv|LGbpi#tT`$~s(y+mBprR)V1_yX6KRHvQY;3yT%LTNZ3!YGtXpU9!C<+h zyNsm_+Ys}yFJ;=Jl>oQNOw_L5-pycH2FkMAd;ShRYQF!Ag6ycV+r7&$T zgym18x}%0_EAKrnvAeNrshFagNQ5^iZgcU~u`iLx}blNf=!y)GNOuY%$;?N z6AgFiQgc}XcSp5PEdkZ>T2fX#+E%?jk0`@$Re?X-FwlS`5bY#}9&a%xEKg z$2$OHcN}zbQETF+g)_uVHa0{*8Zj4oRXMCNubf0-sBFr0{)5s{o#_NLm zrHOhLB>8}x451H$)Yw4o$MduYA@@SOI|DdDX{NQk8=ofrB6t)Q10N5itLk3y<-hh^ zWMu`AWv`CK!#l#7w>8;8uE-hrfBs-ajUPxvFFqU#ri+EI5)U{K;IZh-DCH&Yk%82B zr5lPEu`Foe(ieA~gP#fYMj zzPJVu!mH6jP=Rhh@_f36IfFm_elS(2To~YAN<~@G2RM_9aTgm7&5mYBz61^iYGsT>(ZKkhKdt_O~VLD*0Kz?D1855 z$dZa5LKZ)vel#hJlzwqB8fFy8(G3M6`51Y2f3W2TyW>+^_xe@lUebPj51!sOrAre! zj6ZqWE1If~SQ5|$X}%?W^%+e_E_m+*EO!FwytkmZNi)>^G(;#=xgv4sW(s4vFnE$| zNv=|zjgsdK!}8ugEX{39AM5!Ysi+Fwb6Xbli+0M$r@|QmalG?YF`On>Uh=Nyo!fh1 zs2Lqcxj)7`g+j;$e|MFWd8#v`9eHk~?_?w@fQ>W4UH*vcS#>&&M_xFKKJ|4Rmcd`! zFyzRt#-HbDs-5waekZiDfI(yG7;X{s@A=rin4I5d8)AChE$tPZ=y9IEE~TVw(BzSU zpcOoF<38>;3FoC3w7HX9wxh)!zQUqm8wl_&ngazuz_g5e3b#f%G;p-qovSlalleSk zx*3tb2F+EdQnyQB{=!hx_WP+?fL#2y(9#`T#EgTynchMZIRzymB#Ipn2|f2e@-rxnZ#M7ve{aFJbN_S{Q08TAt1WEc@P*m}4NRZYJNAV+sW%LTQ% zVqaE@+`t0a&AWqn^1^^oECQr6cT1DE#83HGNmeJW{<K>8-n|elUDNzsc%bv^9IyMl(NBsyN3-jle;@a7@$JilI{HJN^B<3?ma`{+ zgpGtde;MnZ<(S}<<=88-0{>D7eUosqH%!X?*)DW1*S8qZ z5R-%-TP-|OssF{)q{BO8ohyc}cyuL3R~8e9Un}smf}<;$X(ffOkdhVlw8BTLW}}6Vq$`L44v02`$#Q{ ztbLv?WTQsNX-61ZzPj#=lFezYYsDH_pl#>4^X&J~w`1@f2yUEK5>8E}rPe%iN9H>i zX8+|}?}@Hf=1MXEtpqIgX5X{Xcs2z{v-SZWP3vMLx{IdKxOuP-?+^GaHp4gF5l}lA zM*nGZ1wSl^a9-cB2-z(|;kW_NP0az}93|bLEzxBFYXP00rHtTOciu%9TTFI;2cK6_-+%2S)=9g^bqt&wg+O{fP!mLF$HMoTV#h6gem26Pf;Gt!e* zr3CK-4q$?>n!LHHG*ugHqk%P7#w!HK>BU1g^-=jV}@3I}mIx-Lc0&3uBpkDgg$@^m&vjFU19LJ5md- zY_jGaK?0v3fqgYatGnt9vjQ_HQijC^)^@5P+otO_L63mOPw+Lh7-nTfD=@%E3I|v8OiRI7j`qa_Sl;n3B<&?{WHU#PA(>fRtC_Co&MP zfq#cOhXZAJAR`*MbsmVmxzmSP3W5LS1wh?TYr5n~0_R2(HxJnjsHm+y4AR_sO&m;o ze5oBerdXKNTisF&QBw~YhK~P_-W;-G*8hhG@OH~KC!cJ7F&pYP_x6iD|L*%u?eXxd F{{~o%Yw7?1 literal 0 HcmV?d00001 diff --git a/docs/images/public_key_infrastructure.png b/docs/images/public_key_infrastructure.png new file mode 100644 index 0000000000000000000000000000000000000000..255ec4699f314d28712f24ab8c30799397c97a8e GIT binary patch literal 255169 zcmeFZcUV)|+Bb|k=vdHE1jYsq3P@KJkZwVdE+zD$QY91x>7h92ND+{dATf=gb;XlaL##P4xaCMuJ`-C>wT~5@CRtJ_geS5%kTc(_gZ^L z-89hR*>iLc7Z(?g_6<#A;Li&#uARq!-U)nS5b;rviz}Qz8Gs4H82^?rCl>_e^qdmOYs|I}8b3 zI0cCCpP&C|;6EDpzgYv}0*p@h>ZDNZeJV|3c}y`Zl-8fFxMrg{{w#28IaZ@UEpIVx zFl^%zEnbGvD4r`{%9D<*k@}lkpR6q|x1K+kfNv?ER-~AVOEW|^ULH3C3>fA;yBs^> z_?xEYc!^1Hg7DD|SG+x%k+HHA3m<}L>^&(g+|&jP<4J~bZ@k1wNr^dMo|Jx|bm2GQ z5?GfYC>Z2vzu^k5r>`KQ!l)ZaTU?+<#o3MD>_lAAf~f{E@wlbJ(p_P}_L}3LnccE$ z6Elk{YxEfncGFrdn&G&*)CwQ@7_x7}t>N2-FEW`zPF1ILU2x19O4}-3X!Xm?4AbXe z!WSlPjZCA-S8^f^~v3DXPKRD$sz8Fl& zd;U8I!2j`cw%0IhIX~=K?taqwgO(-}qAzV#s+eaP7yfYp=kNZn9J{FMo`7nw7;Cq4 zei9b;e!7A;55u9g^qC#a&GA0=J2u?#`4XUt`zm`+K!GKPtzTZWLb6}!ey6o0X8!#De2*Yh8thnsNY|uVvg@|6)x!+ zSI-UKxY)B6{7Q%0H64qaLv*%nRPn7hQvX@Ve=PD(=lYLp{U=8L=?nmo|97Z0h7f31 zXOEX&V=mKV+d^5>sJ6P`XF87^_bK?@J}aNPSVQqB3Q3g;`J<(da55!jOGNF5AZjmo%Mo81I~6Y0 z(U#N;$i>_3>SAmQw%cSCrpOAZ4ld0lU)6^nWAF10+!`=F4Ea)f)OQz0o6M?_=W`3h zZw-k4F)QJ#7Pb&DmXVtF05+0t%!~JC*Ht}rd4|{B0%68{C0~RrH@j#YFO0I5mo7AJ z%ux}7^h(QicOg|NY2HDM;m54jFhDR974smK=Y zRAxIe0>uaHtQy=3^XAGqTS^0acs*w7qx7{_wDsUIBRF%lzxTue9sD)ouZ!k4> z9|;7c8KFyoTt8Cu?uI2z`WLtq2P6G&!n?iFMhbB+S8ARkiPmA=iL9-XuAP@m-~l?tCaGZ523u%lErO8H^^m+x z3N9u$|2cyEvllbYOi{nejvL5&+2d%0Oi^wc95F{06R4pB)S*Ni$~Mf}{I@OhXIV@^ ziBYJS*bC5QapH`QSBW_c<(Ioht5dW5Dt~(rxu2f3sLz+%PcvsC)Cmmis|!8&4=x|F zdyxysbZ}78bRI4tNX+u*LD=v}4@i3p3t!zfd&h0NS!jNys@bG|10vCwuLY6OBPpQ& zxKP|jB@N`nO^-V3b0|mlVWS@ibq}*N!;b#b1_Z z`ts|n|Hyy^yb&$2o0Mi(P;4HFDCvCwv2K2?4^8s6wf00%#^+U=kPCB8X=Q$|9s7{d zbf;~|J!VX{?UDI?*u+~y)>##y@ivNl-1*~Jkax-OgH{{j>X2SDu3M_s7P_S)R&4LD zYo;3VXCeZUAHNb;sxOijAtjepiJO6>T7nVY0}mjk+oXxLdL_4Dxpj7vZgZJ!06Z)V zdl)pNCnmKcPWA{AXyYoqeyw&@QZZ53L*t+uTPnR6F7b%oa^3Pmnq=IpRXVB6gF8C| z*^Qj#gHc&EiQH%br6x>Q*PAL9+&ZZd$61r_0bN2B*h6p{8=>RnZO0yRTx7BWp-Ef& z?MIAp-=}6LXhsX@T1geF-|S=y7?aes-{{hGW{!DXaKb`fdN-R$!!)~m+w;>Jr5pLaVl$A&1OXns>X( zT3y25HJ6umSMHHiCoxh^6O587z4c{5XA8&4CP7K{usrE|(%PZ8yllX@6In0KcjDzu zf_Qr|eC-o0_pxA^W(=;uTxpAth$9w<_echTjLr~S^*{HUN#MJbCUmaQv5OYg65!7C zlRfGUFZZ|(%=uc+g)Pi8mkWARnrOAGS8bW(0a$HMjOtbE+G!|xB08#5slTj=Ww}t?gZBSBv5IA^xLe!U3Epbu5$ve?XUkOh!58^JxobFc1B3mR5`?Nw| zYls4Q$s#)1OFV8Z*W%hwa>=?ECkh5uKYst=>PW@50P_=8{{5!-tcDwRSP zHKprlV}0d~z{o;Ij`m}eptsp!YIb0PKR_aTk2j;Hg7!^KzKUil-kP|Y^9XjpZ z4+0jopEgo;)QP6U&Q_0O1B?V%bPfyuRAUlV3QKvy8!3kH4p{-OKXxapbV9GFC zn;r5O!CP9+wTxlA$`{!N=~p$b!oKGDbW==lCYdOIBxEfRf(%#iZ>>g6W?*rhm?eMc z*0R(*mk1#Fd;e~R;wqDr&y_%d7>U!E+-L(!cZ6d{p+0g5I!u$*=C25%yk_i|qaz0> zGihl(x+t#7({wE6v_)z<0wayZp>0Zw!!fgISOPh(%l7eBK76=cCQmW7$b1DM2SQHg z_BcK)ZvAw~3i@$EM|Yqt0i5DES*l+UWg8eL^{|^wPO}T*9fBPu$~_7ALtNfgO02Xs zw=GEoqk~LmNe_TMCHW1SM@K+gCDW_hJkDdUn4`X$T+3OmH8(&If_Te=0D#vQoaT!g z4qR)?4xZyfPSsR--kqwOuJ(-^4(WEGLo7e0Co)QkKSP@tmK0H8Zy=9klH&!}?#+&@E*F+k zvebtxXzWrK7yGc)MrInoc?n?@!5G3xj^hGw%Il`f_HxXLc_U7woAyfsGtj7?M$JG zW5-y-8!KlnYk6`yR}@8W zabdET*HqP=s!_w_*%0!4Igq=%QYhJbLaGd8WVb->{oG|^dC|_6L5L_vtgjF62TX2@ z+d#CP61~tk2`AyflpuDg5!04KPf++i_D`F3cqmhnm!&A=-sWsuEY9ZCkC^g(6Q@#< z$N3WOPW6(w6nJ^6WH2dk1W;3~JXF=*zM2!#B@{6Y6@ab+piL02|)$4S&0|)xC)c5pr&bBkQkGh zJj_Cv-YwqaR;6BA{0?R^4y*N1f^6NpY0`xiBA&s(B{x7OZ@qQ;ZQMSY!;pCn%s|;D znHNr%Q7OZYC22vh=?OXWD|ml%@<(|&^&hx|2>zzWZ(to**F;_@ow@>a(7<|+i>u9Y z^RmmE3IpU%u)++pGS(^-AA4AxAM!z6>KWFhEFrh|Cs*gAG}cCIAt_BImwHqTYw{RU z*emw7C|eU^+mGjaWuDw353TTo+gWs`Cn}^2%a@G9xGRR4!Q?)Fea^^M(7OKJE}+Bs zNoRU!|Md90-ECR1LXfyLabZr3_+e@5BoddD%bjo2DH+*Hs>wI>4-J#%E|W+j%}XSa ze7)r?bEOLaA}K;DvC}S2BsNpCo*Hfmv$GeQ51EP(O}+I|Cpp4#YSi1UR(o8bs&%ha zVdQ29FC1%_dEU8SUg?_0oJ}C^hnjuW0`jQ3>$%4qmK$VJKT%Rx)UC3Xw#PLPLaZJ> zT%OwucCU%EvHO9EwfV69-kmnvW&!xHvrtqlE=;Mtj&jWnU#uCI$JlE9FviE3IZXmB z`kd;ws9-_IQ8(r$$PA1lN}_CYw_8yx^waPZS^X^VT&SbXkLE@_gMue|TJ?3oCXIzF z!|ZtVVGIB6J+7c}aD4YqRV%BXIHDW;yW8_jqa=uR?73i<5shFB8uKYV&8)F#c-g!- zd~v8V-n6FP~&SG^MX+mgGEG_ z3+QBeiz&#o@J|r35W;2(93vOkx^b5UX$|zyktT$T#RZHk%GYaf%O7GztuJfgO8q2$ z*8#;Iy@KtQs7IL7AU!-yKM+{2ZV&0a{v;M>l}<*DAFdicEq?^QHHOU_H@?A)KLG0S z_h}09STNG2TbFOJBm>$^vwghXO8;r0f9kXxJ=D!33ztYCt!fE*6(!7X-8VQPE8krt zts1~qgBBJXRQo_FbLV1-pC|$J)bmoPA;Of_TCXF;+y6ms!!naIS@gctU zAszj(fZXV-hcgj3=(9;)3hF5%`NJJHMgTPJlo6*jf7v?Ssd&02T3Y)dqHL?K%P4vc zsbjyTFXa8%yk$EEK;FTw@sf<+%{r^SGi?mqbkar~)PAr;4SD*#Q2V_~u{9}e;Rt;$)O(_E9u7@H>GdM!>- z<+ffUHnd>0*D&<{^cC;cMAOM4wI-nV)@R`Zq5;@XBjafGPsju{=(oBMYU_Ke!1=Aw z7HP+UXa)S(9#`2ci7bwe$JnIco0=+mTSu4}^v^c}Twdw)zWV|c=W!^`(1b$4l&gFp(tC?3=is;IulTq)9g!l)X%?Zz%1oVT3M0=7OLhdt3=ZYU&zZ)}Ih-DDm6A zQbhBq6BtU_uyx3A4MEvF1V+ASI@Ld0+T)b~o?6B-BxJL;29(>0jX4s5<=h2&e0hi) zP;!Ced{K&2u+x#El)Fc*P~m2eE2U87sV(*c$W(@D0nIb`fJqPuT}udZ@vY0a(39s6 zheGnP&G!b3ohqy068LWa;M^*R5Y*-rOJr-_^xSdYH7x)m4O(iUnWDvst(k?=*7O#` zR1fYlTM_i|J5;SRDje2`@@O`;ps0iIScSqS^;7Vy4`8hOR2oyITcy?a#|nnM=s#qv zuUuGSAz0YuSUhx#W&apC1b zHfeF@^@Y*K9#KV^6QDKt2mvf5Zbgr_m5=q1c&*Q{g0~KVMfN&cUcyrtqQ5(xLrKR= zR}q55bdjaw*jm>hhUHy~iJjEeWUApbUJDcr&>JaTr@LTtsgl z24KQ?@c2*VIw1=Fak-3ChEcP;{9VtqpNIw#!F^p-FoWAk>>nVpUP*Xz=bw3950HMg z`YL#N`R>AKeNYjCW-1QWu@l>CStS~89@L1;cx6^_2!sU3yUZ6#$J6t$-K7{pV&^dR zIF>a7?e!ZXzg|FE8>y@OAo)LO{&dI~hAEK(aTgA27FRje&s^KR=ft9q>^bV4t+D2WsBX*+%YHY!u@7&#MCZbr71h1Y964e97{6k? zi<0KH;*#0pf$^*&71JP6sYDw+??W^Ghwk}XfsRg9-g?v97bKM)*S$s#>=(AyUuzk& zJZlXg1;G3i>#RG6s7D7%rk7br6-{8&<)NUYzH!nI^_slEDXrw8%eA(OP)rc1L<$Xh zC`ojzcLyk>PH2U{?DxTf`v%v(j>S%&fye%!W;@$_$CxxAHev%%+dT@e*)RPss%*VNS*39$zH(T65}70XX6;w6VlbKUfHxXvJ64pWT)CXHTLpQ_u2j z;q(Lpte;sCM=T|sC;G$e!r;El)so5zNoEnWnxRa=lo3v`eo#w2@48Tg$w*$C6WMEx zrCQ{PrjcAcItudgNb`QS#g@jsRwXjJmP}QsRHz630*~h;one{6KznVI#^Elo?6hRI z-s1Lq?s&N%`WCjNH(9yIK%}tiLYWQGS;Cb>hGM=Zn>6Mf&j~jpJg4NP46}ND*&#h7 zwHfPu0C8=tBPPWB$lEM$a^RSD1*9(zj&TL;FBG_UHRFet;#K+w{l3{b;4Y z{{5356fkFvF7f`TaC{QAJ?+B}xZeMv9OwVi;|TB9TqvuTPwCF6K2-TyFdraeY1a&RM-TdiQ>PH2Xp7*9U*%i@yZr=SoyIK77KnPuX*}=5~rtMR#sc zw%y3*cN6VD?FhbziQD_}+Wwx02Dn5!-$`?Xptfz;uw;n(x7?a(H8yIsz!YT9-nc7! z1iyX&qyS9K*n9xwIof9Z_(`=W;cv%J{&NfG$jpB<_8*7Ycwp-PhIlFXFqITLrn>29 z+VjM2dXKiu1I^V1Qi=oVz`=xTBnEsf$lV}QpxufUh}?Kw?5v2<@Q257ALeE4pYmPO z)Z~Yb@M$^tOx1>C(3#|or`NblN~-J7(7h)TTr`&FEw*WDIvN2j&$ix-qleoCD->up z8l>1hU4Z_}{RW<*7dH#(;!AO7Hd3un|D?&>i|lF6UmgfBWes1VL?z(TIP znN0t>`x*i&*Gt(ELRqV;H2ZkyRZUIj1dY)7#z``6X=WkkfQDeYR!&qOl)ULQ>Ad3 zb&5c{zv<5ZKmYSO*Pw4;WY*umpM8fmSzpio;K?l17?G?ALkBO6URD>{C``D@XGf&t%)$_*I)PVyO6yS90Ck^#E8U!ks^A)&yv4@8693#re(o zwv0MjD5$W4Z3L~`uj}5uZx?F0X&6}V8&@;_u#0P@6&jT*UmGK0sC~f9|9YLp;Wn9Q z7wnP`YR03HWO!izT)gL{>EtH^Os7rSw=m8TDaDpBG-!FH29_DMGB5bVa%4ApKiAts zU`9;qnH0e6_dyp1)Pm+;D60>~`6alp=Nb|Oc5M{!mL;gMlw;&V9p{udbMA8U#x>=U z-~B4pf;PLU$l>%h#3xG@h=OX{>x^Z0_}m%mYy6{ZBvVM%;QD5dd-EvU-3;2M%+5X$ zHX<2pokLbtyI83qRX`736I&gWwnxThZF14KhmH(|Dl7$CX1p757_(HbQ0|!%S|t}^ zUTs?Y8_nw#@K{f!7+id2F#1IC5QR-oZ`(A|i!ap0Qa_w4&mLzd%0>7w#F)#Z-FTUa zpeLEOaot?5m1oj;bQ}Q@*N_Ssvrud?#Pe%1!5r~t{|NnnAY7n5Iw>9(V8 zj_G}qoe>eN`oV!fPrp344tI?7bEMr|OTxQty4OAN> zxZhN+=}lfN8VR|01_{No148~LEbK=4!CCz~d##cQRMMtp{J-&^vBj2QvwTQhqU%DunQmR?1S=@_&6$^tIGWN+iPu<<%SD~C{ba9cs%SalGryOZ*Nx4hZOi`I z%tI(f-;o*63z#MZba}S=4y_M_l3W!W=-%11d@XpvX`^Ud&r5rq&7g#AM_9bMo!5<; z+VU9;!o!W}u^)feq_=G20dcOk(j27z7DVeCztcyeA%~y&nKTrGoxH-R=ut;2uLB!L z4hKiyF)x2Cg-Iukf}f zMNKH|*gS@?*L7@wczv&1u#=ah&}Q|t$an}y#w6wM+QpzLBO4XMPzd zVdrC{VhZ6(zUp9B_hM-a;Kk;UJ0Qmz}mH(kfBPZa|PAu8nW?zM6Syf8gbNRzCN>kwqqNa07Kc^rv-*A+a7L%;K1 ztM;-)WNqX8L2qHlTiUr~@u!MuRV5~-Wh=iD1?Nrimx zBQtgT=B7>RsC?PW4+IHsuJopl{{V7dDUj4oys|I*n~~;T00E_Dr9Pn4UzGwJx*PQ= z;pDo_XyAY4aH}%ldKT)E2P$Yv{vDo7@8V?ui#HDzp4%f1M?J9P8$!5t&j}Pm+H4i7 z`3!b%e87RL^8C(YbuFXgkZH^NR19|^C+9%=C0Kld)_!mEHkZ-^6b% zE)ns#nG+-9>{gMoyCJKaG|cY?q-CCpENG*4atBqZqGL`Vy`lJ)Nl<2~U){FZ+DHL- z3S>opr$||7M<}~Wb+C=R>HZ5>0HBnsE|aV$p~pT zolQ@vTsn0P?PigvtecDkrsEUA003GSFf;_I-JSiEp+H&7E%tUnIaoESZ=5GQHRg)x z;hdd-na0Pw94faJNg3p^tI19eBCKod-6zI~XdteSNxxJB@-dvS2{T^jS{}~6u4_Ke zfYfSd2PjBA8!EY>xCGHWi2Cwab<->ra=k|tq^wVPlE?HPphZ02)JqA~Ao1{&(Q$xY zorQ1m_cvu6?2Uz$kB%@iM2{vn$zWbIUN3{JRLj^AKGS>_gRC}l(zlD4JcA@e5n=b>?0<#c^g2bjZf*xlHccJ)4?6pqK!~ zj-7czqUDJzJmeW}V-C#7u$n&zT}QDC`XyM<=?y3N0@CL(E;fFJ zF}Is3`$Il%oaEAuYunr&Oj{;rPgJE!>Ud@X-qS--|JVfU{_GHHyO_S*Q?UfOp2rT_ zXsU1(;TCN)$=yQrSTbRM1r#`D zzHUllQV-7va@3y?>yn>Iy=VQ~-Ks{SVqIG|QFYHdZ6xw9x{w4)C`8`{xA{&= zhgC8z`zKg@Yr~75{EZ;SSFCG$Ll>(bnPt55D}!tTkhdRWVT7IOy#QBW9-r`H0Gu3% zEkXW{{j}fo zmEK39_5si-4R3IaAlSP5M-4v+v+gs z-DJ5vcbH3MzQD5XpTKXUP6I*pf7xqWRftj+=Zan`0tEiVN)9i=wX2cW_AQu}mWLW=9^7HH|*EkQJ}hQX*PG z=;qd)ig}I}nkp=fq)i=+x1TEAa!iulMyU|bPR%dwH&ttvD%~$T^t)?pT19cCop z(r~~#8ep69phab`TaS1!E2ps(i0wFOS2PbWwCOzh)$g|csp{%&*XE0sj}ozu6nYf` zR>O*+o20)a{fcT?F_)V;@TsAKlEDc16d>7O}$PAvs9)LnM(*JD6$z%_bPfx7u%QRe1j4SBI^IB>tOi4iZmlKHulfL|A=X|_YX`mmRNYe7dV#(XwJQb{uv=` zby#f7;Wdr5k%(Qos;SLkIcT*43DjWus1Bso=t7X~XQjb9Fnos$xL>q3X00hbf&n_X z@wV^^zJa#)3SvAul2~>xBAH-sW+Zh~dRFs@EWBap!DRLQMRI8<Ypk!mEuPe5xL}9otwxzdhlP zo^?MjU^qH*zv|C!aLYv-t;2-t_;mf6;e9c#JQD32{pqX|CbNDPE|fW=AS^=QF`_a zq)wvR=o^r~FS`fDa6k#Z$+OyT8bzaHCv8B#D9etk0qp)^;k8Nk2T6AhTWyY2H>nn( zXeVL?hpl-=sNmOCzN^yeV_NS_50H*iVqCEy$GA5x%1v13WQ1^cBR}fQqj8@~DRmcs zO(6H2kJuhN>v9jAbKdpzP^Bt-y;G#maAimA5*9A~NbDi9|J44ztl_pdKz`0XIx$lM zQAahxN&y-JVBkQ{#piLo5E$9`u<8K&PUqTsKlms(ggu-ib_^Up>{Y(jn$%Me`JuLC z`Bk|PO)OsI`+(0~Z)R0zKj7z%2V%x4hUgdwP@VQsS}GwT@R*HaO3}|uPKyAdm*U*r zw^sGsuE6yPJyj)Bkd}%1_Mq$c9;6>l&Gs z2m&GxZ@T!huML?rgt$@dF7jz9jDLXeo=p7W=dOzN%gkN&2yjhre`IyIoiIdSZJt#@tM4; z`AR10P(Sbhq*S+T*>_O;oR<9n1GxVCJx3ElJL0ICYS zt&Pmg;#Ms!5ATIO;Ka@q>#W}9fegYYIR0yZOMLB97#yPF)3?H5;AzQyc(sJ z7Rw5pvk}=-jj!e5u(j~U;LgQTN+_9?AGR_YgZ2jAMWA{JKo6Uv{Oy3l(NuSEeg0## zd9Qug%4JDU8`3cwz?)m9f(mPv9UWNJhA#jH10!24~Ur9zFTE=p|XOG{$bIP zAJ2EQ#f^0E4&u&t%Xwrb?v7zJ-`ilbA!5Q*O!FAv6X6x5oDGx_FFt@?!0T4Li+&Ln zmLt5|`5xGB84uja^;W(y!gK!7W5^C&O~>IVG4~*0K<+_lqv%L)O){vXcn@zxa-+6- zg#l;R=Gvs5=G3!pv0`=y%VZ}vP$kw~FxllpzgH7y-LZ1#!ogJkojx@8i6V7RwU6g_ z1M^Quv2v&cYf$JK6V(*GzSnd3HjY{B72o>0o_%#rU^`dkOFBJx-rAeSBMEFsiD7n) zCjhBiD*jC7EKHV&l(=C!5R`o>!5+y!x|-Zn+`8iPH1b0>FM}QzSJ+XUX#TOU^%|kC za;-`BIxld4s5Oq219*z3Oem~H!{Hhx>{|o+5TN*M;QVJMTFLi5ygirIxs59ziAL>% zO1`v90_7)G+{22vgoR69uOKfTO*au>aA%HJ0h$J> zTIy&XO{^@HhzDNk@j}Tj-cI$`!+4+%f&O&WGK15nzbJ;Yu@%>gyum96RQ~)}zS$v$ zg4yUp_KJE;WY=%=F~=MXNPU2I-d0u~kXWE9XgnBmqgZJPEIZ!2n|>sqCmpj=WO^6EbZXBRJso{1E7Dz?|qN- zU1-CY^E^p{dIVtIkspN>u^LYF`_q!-nc9kMad^}X-a|eT3i1<20LOakloWb@H5wE$#=X5sIjj*-X*%1DBno953;=*$A!0#p;`2ejO zE7Fr{P5}4%O{^Y1XsKB@wVJGDsL(@IWl5x9vNKz$kQL1E1+7!__ut8i8;|oP1fJHZ zP09*bP&j{>i|eyY>Vm2!=lp=R=+J>zz^gUB?Y!?GJ`#>NL@I^k00Ea3C8n>x%u_ah zI#;z5h!$o)r@5RcYwzdPAIh1t;HoIJT@X9sMo#s!H9DEqGtr{h+VKI{o^+paICL;o zD?1YAVhpVp<>Wq5W8f7cd78kRIzIDrHbbdAuRj28pz0R^Om#4IA$$$kIz3GQio;u& zY{(ldhW$Nn2*3-SKiQx?)&gwmT~su^Q1l{|v_KnSCDqT>N~JD6IgEw`ua`>dXyd=B!pYrgU{0yY*a zA9vHu6i33Nmpq1qjq_Dm9q~;Qrtj7zIL4{gInfQ22u*uj(99y$!8jjLzP+%_T^-k6 z?T(T&&oW8SqEtAW9gmxJY2Zmcb&b@UrL>ZT1{@A&2wGig6mSrF68S;+5bpIk!s{EV zNZ57G&YZxYzl^Yc6tI!`R(kxHA&43)4M3UmrwDc_#V>_G<_fC9;xUW0^E4(R~g?XCgmjWC|SjRZtP7%C$| zHE0pxk`Gc-yG^*dtX02EPseMx>i17c3d^--w5BChvX9_?x@{>K5GiK~*eBaY!R(jH zGrQl-_c|xpFCy{8cnPM<5e_sH3hEhUV#k^Sk*zxJ_@~9GIZkCl>``1C)-VA`+)uG< z!oo3ns&+6JkfUWNr?2o_fg_L3Kjm4{FBLYfc*p-xwNMy%pN)Ugr&Ivf&OH%S>$AY0 zM`%->(>Rq*;-zG6YLyKPbpS*q$N_^IWSM}dHtA0gPZ!yKDkgY_x6U6GMp(lIjY{mv1fW!>xQ2kTr4R(~?tY`-SK zB>(!|Iud|kl7M&rTo74*SCC@PKc-ms%7Yvva-bGPpLwxO3debx-_q7AbDXlxoK!Qy zT>XqGiu_PUYxN2VcAv0;cGF{vRhyjeavDnj?d=A*hmmqkatRqj-A6)&K)+|i=S+Cm>1c(t%Qk=XTEn%e0S`mO} zuFl8EzOVC-1o8s_^!JxLo(RRaW_Ns~UXJ4IU~n34K>u+F04nsSzQXKdkIOha4>+k# zC~gi!_5FcL^@7~ZIkxBD%0?ER_nYjp*q}SdIw;XOXo>)UW*<1`Mkb7*K>YUyW?^G{ zy?cP}IJ#pd`p>?*`SxXmxC&0oo*;{#8Ak;}A+`W!J)mYF63P9l;{WhDu6yU#GY+6) zuE8sH^M^UwP!=U1BDWuX>unuUg3fdaJKf^K;iFA;=8*t}^OATO;t|5O%eqTEc&v@n z$RJca*FTfdI8h4pXWC+DwCP*wRAQ}8T^5k&l>-fUaOTp_{(DwN1I#LL&YTITIW`3T z3qa2}Cx7yVLYC%xpGL2rw`uD4)qLq*bWh<-CVi1m@d7C4WE<{`qXMB2wg2%7snIHQ z>R|l4#nLk&;}l-N;NLNu1M8uMndE+79tAi(#t(p*!);TNVXcMZ(;Q~@BRBe<%c!yW zk-&Pp&H+grKoS@c$Wslfj8pK?Pe)jSz)RF#uY6I&ok%wUAp-eDN-n1s*$-AHUuTb_ z{GpH&-xtv`lFxtn?_Rp~@F`-s(Kk$}>u!kn5VqXCw!{LCC;%Hq`3=3Um5jZR(Y zcUyp(eLS)Tdj!6xU9Qj0!0WPJiGNQ-kTLOWAOL;!vcCJg{G@gPPBQL&ofe0%B?)FM z4TP=E_|DIOI);GL1)Q@IvM>aQFX%N(3{0NvL-Elw_=S z5k2@Xx)mMjF$Y2jxWFR>STI+3;Xh;TU+^6dULWN*VPE_!vD~10ca%7r)9swr$Yz}m zsQyEz_*VnV>sV=S@?YHPU;J%-v@4oZFl|E}`sa7vO0rq>MHN(Z=hFEwEa1WbBlzyZ z1ONyZC{6K?-IGNw%yM!P^)=*UEr&|iu9x=VlU|3IOu z8o^!!@IV5YERyN_u@=Xrv5mKBAD?l;j>~61y56!pa{1>(>r2OKYj?TDo_l!i*B!?L zZpCxeJIB=4KDn6x<;L%?b{^$V-h1oSJ>gv*t1>mcjpS7@b{0#t3mzfwQawp2umY9a z8Dt{X@K!qFzPO{@xl@3T<(%82)2(#hI%s}{zDxHIAuRxR45F^7iR2*{>?D_~$y-gQ z17W7+P}ZZkOz50Z z#WcrVpZ;#_YjE5i9?F^|*r}_9E>M|tN@!ZZVyjrryHe3%%1$_N0ubB~h^P;N{;(e4lc)Zyl6W4Tmu$=^G`fjs+kH^! zXwD1MOx~t$RNe9vSzC^!{i#ogmtg#U8T$XhicIuW@k9cZuMENy>zn_MHT0SGo3OXX zMML?EsM&%JtC62Ba3m_P`%6VS;vhWmQ5B!w_jUE3l*t0rC+w|x(VUyNJ=u6FRGwpp z-vC7)PDc2QJ`Z9pEPWA5BG_RAR+o3cWceum5d~-`GAUPWvo=l%pnIz=9kT z0jgM6Sh?P%8uhi+fqadXc-b|`LHm`~k<~A2%fvN?&?+9s_6OQ4GE{%u8e1p}7et@v zUx^4?9X&u)keHjYPK%%kR(J|WAFj1h>@jGB7#Rn77Kds%J^_P-CR9Q0WC zBF(t>uEky)Pg(b;Znv+PLqexLE@$MK6d z>JaZ8jw$WxNnr!t&sm9EL}dUVLez(YUu@PbUBK$*i0~-#cr3?DqeAF?orMgcEJ6F# zsX|m}TZwMu2H6~C@EL)znq@z5pR#Eakr(B%kL4{4sPbnq!KbNobZD(LZ~LdVGfb(d z0PSD)GL?_xuZFfMG}Fvc!^%jP)|9UC+W)Se)O8Xy6GcMxvI15oczdcIZ3vs|8u_!C zkqSS60>2Q%PZxUbj_9=xbX&2Jh#A`8l>NdT zW6&uL`^0^)SEU+jg*d@bOQ|s?q49jfcyV-Y^F3|9G4$QAsTfD`vFG`T^j@tgs*94j zpcw1Fi%Vo;eAK~^QOnge7CiSUT~>S(^c53xc{{FyLpW~i`jmr$e*vwjG;ceS0Q;%z zG<5#g&{(N8!DcZC*(?7KB zr@E;auy^2Q$f3$4wR$N;spas@OFtt#V30p4lvMlxxHAlyh`xr-F( ztjy`Xs`=kzQKpGMy{ouiqD>!p)k`B<4N;*@;we*g-d)w!O?Lr+u+4<04Q%2Tm~``n^Yv*KChd*_(7p-dPwO-6jryr^TBW`~o7|1ra54A48 zD?Ob}(seBglb#O+P6vG;U2GIBm#?2X`Yu$VoML}#YuK|uT9?w-EZ3;oR1?;#0h_{)1J)DR;|ls%J@y=?4wXd@H9frIp(+E!fOT5mKdu#$iJlvB>z)`mlgAIjg|wG}axuZ*(PEmyK_krq({ z5x*q|hu)pYYF#N(6dW`j75f2P`z||-_Guj;#E-Bq%+I77Qb{LzaF}&m9QV#}OH%GO zC=tNsVEY-eBF(2B^vm9!w6=Hf`izdX##|fRk&%BigSgnmNp=09rV8yM?%D=e(GX*z z(nPjRMekIg?Tv|nl}yVdRWq!%>fk4Ooz}V*|H|YD*lt%MIr&%IrGda1$)fWmrQZte zUpA^5Ko8apYAiml%UFFVy~xW^$SDN){ZHq!#*D3NGY)J>)Nfq2TU}hX&Sx&h7T2ra zSBT#pGFoXUH=Ilh(mo_Gl2Na25yq46X+Wsbt~uSk^WL-??gBYT!HawA+-{M7I+ZOx zIWu2#I_Jc>`J$-x&zDP%M(l93U#CTx zSG7e~Lj}X=qs-|87Cm5&8+d47L|@Qx#2l`dr#i%%WY8$X`WG)m9Osej%9mOO1ZUedi=pK7BA#163Rqh=(gbSy#vXsIpYAyAD6u_nP(j|H>eSNgFJ# zvy{KmN=9P10_mN8yB^$m2m({v_nIzFlF*-txRC-iGac+`cwm0W4R_NAm{KBhN(QjAt$HHZiIx4Rp!Fn_Ld zb!|n*K22TB{$+rNkZ)UvSWTXNEK6&iFN@FzGUa2MX#}lbDH&ykaU4w{pu!lV10yTH z`(|^fLmB%6?Su>Pejzo=dAZ|9!ex;ZXuQD3bY+sH}(jra8tD+I`^SQ_jUKS%Y+J>k0%<` zjZ-vKoN`P(3@r2Wb*@Y+{w{?lSY5KHA$QX=gGH~ym*%wJa>1Xh2HvS*Uxe8`$)#WE zCt$x&uD^edmOJ@$)~xKD&v6r6j?!9(4;-vsZb`mhyhcXZVSRDlS>4#oh^>)-&iXG4 zR36Cer~DyN8TLSL@k?L4kH&ydg`<7Cx`WV{P~2>+iJ6GV8&B@|BMBi&@tLIuKyB;- zhxO!dqQG4xwI1MYFBR=CO((X8E+I(Mvd_P>B#aPfd%vq4KI1Ld%bl~ZQ-~_hz2N@a zZ#!Mv;1LRo*C(o0SF8_tISIhiuI}I+TvGI$3#dB&w|b#$y1@edRvC&_UA)(`7m5vV z)JiK+>R2_3Ej;JHzbw-otx+03CFykP&W@vfjRCj>!rY9i4T_dpIQVG+wgj^b1n8DZ!Py z>C@-=syH9AS^0VHt!u#*ZBEwIuvZu(cv=3_2*ryvk1$Cs28rwo_EzV!m!mCCMeQ#0 zF@3c^bF9due)ak{n@=OIAJzIg$!X5+K8v#b;5!Z3Ng=T`ySBaSb*j&lxqS%TM>Lxh z98S>P}%O0Lz&hg#Vpeqp^4Vnp(=}PwA@9P>8Q=ZEs z0w1&>Q^{ddUn$KoWyiWp`CuUZ8LDI(OMr5QFHyp!YP?PK`I`(d)X{ zslH0n?MEs4Im-F!Hy%3i0Ym`-7D9jzB3_)s)N{p0m*aM26t0)*n`-_LVkWQl*`*aG zy=gtcedEq(qF9h&jq9~+N(8Ij4X0a4Ak|%9dG_3W3KSJr=+}Fz{DQ>f@e;i*+(~b@ z+rNDv0TL>Hig{>s_Mr{`IxkAOSqEACwy;DMv)5#0g)JGb_Tjz+0MoP3BHN0U^Gf7p z_1~VrewC04Ot6S(ep~j$Oo~SbF+p=17Hd^Z!0G!$)z%_g7h7m9XOm_c{-sPb#T@L} z4SMSAuH3CV(l`7;{Yvol5k-%aFH5Ak<6;)WmUqGWgMuW&F3o^UcHing7ounX`hC`X z?5*G&u<#~oX(P9-*t^%e!^Y$HPo6%X^3(;U9vaxhNjoMb=^OL2ySHZ@`~9s#FX1@I zyBDTUIIOogr4iLCC%Ph?TP<7E*)T34Dvd6_K4gSOlFC9uh%zFl*?4wX{+{ZJ$>*)Vt?LFL@+_vrEEmp*`0a2vLRzRhRfRs?J zAkq{Fy-7f7K!|igL{wBDNN)jDdMJ?=1R((np(YeV2_+~cNRgV*;rD{>eZX_>x%YX# z?>|V^nrqH6#~gFK!RrR^s8hR-E@pP#x&7$xYtkRth|>w@8wOx~(zG3Zoo+hFeD>9( znzTw&vqXv1{(S;q*yOPoCFT3b)U*xmw>F1Lpvdg?3)3i_C-9Q%cPY>^3Vry}zu}dv zqOiBxL5$$r-4uu1=SoS~^wlKn3@*P*-~NOS2r3qH_yv{+nH3&mc8zRUTL)|8giMVr zxjB>fvyTS0rqN9`Uz6v5?_b-^|`! zXW~Nep_}=8;x)eIrf6ZW@Yh7T?Q!u;P&DX+Sy1&5C;nk&YyqmH_h8zqFJASand#MG zKlO_%GfsAhZ{)@-!qKSsT8NAJKWQwvNWHb-_N0>t;Ue_#xw!cro#m zgg2C63>0#N!m$ij#v^N;F052<(O%+k#{3u@|IicOK|ES`PN&=A8prixCQLtc-@9=v zMte$~v*Ss#v7*G%Cf;Zacsryj?XSEC*Oh9-cKxRt2$qScmRADj@l1-whzWfvkSbc* zgR9KvGA&*SwYY3qRT<{yd>Z$#q~i5HcSni zKUC~cUXF}N@3TwjhbacN%?)3yQc_tzBjKkJmc0un^!k-;{b|}$51G@j#hU?*|H2Q{OdLIrDVWZ; zHJ9n7myLHOuf?%(*Rmz)+sYnz;Ig27Pd;AFGw8CN{6Za%4&b5n>&G%gR=AVr_>+)k zN49d7pW{y~y12qEDc*KGf!f{V6Ej%`&&jPRm(ZU(KN*upD3_R1n(PZi?3be!@lkHX zRV!mlB=%Y+*1`s)dAnVP-Tw_r9fh6=^zcQ;9UP{X5Ly^Y`=M%w0rf(*b3;kad<#)o z&6?eTU~v`sRr*^wc;+ET<+>B;3ij?#R&0ysWZb;m=oT|qe#`xCvg)vaYlyG>y)2%O zy$@!Zk4-?Jue4*F^`W8I4>Jp{eJ=OgKf}zJR*Y}S+$1j*_1h0V7?WyEDRx{{4ESP+ zAaxT*yREBmct_MBe^aKO>=Z3z8lP)SuVE=G`Z@u3f%d4?bt-3ZQHWQ#t+-r-bppvRI_W39OUBMwR1-vU$nEc=|2Dch0Ih-9IRl3 z=l!0P_E?$BfsjFak&JxbkpI{Z*t5TGPJaW`mf_m|MjIjBsy_;2ib+08V$IR{~sHKFMjUYtDB7A`t0`^{(wo*jrGmK zEJTx7xUfaIl=JjjUbx%fps{~S|0QDhriOoPl4nv~Uj;}^W^*N8}E2)4S zEk~OZ(TzV-%TGofIO7v$4fYnMCa!1~>4Mf?SwpXe3l+!CK7%?yuG7C&G~6SVW6}I^ z|K4g@^F23D5B3oD*35P;FVspG^^Cf=5!Ngq!)TS@fTBP$*x|0rvm1p;I)ZQM=@zab z#6o`4Ha2&c!qFgt?ehcr z({^m&z&p^z8)@K zJ-UK>k>M_@{JxADCi0v-$GeLMEg)4F$!heNcc3m+kHaA3dS$MgKJ@XJ@pw?jVrX~@ zCW9`#Gs+A3Vj}!s%Ae-Z)OOM)08d)W)Qmp!9PDp)qY}j|n>&OJ8#4hy_Jk;5pLvIc2 zS)Sp%rf|MzU^`)wR>X4Q?)-|Wpq^H@0?6>*5h5wK9H2<@ap@fk_2r4M3AV1<=+wJn zWNLQ6RErf8Wppau?CBOo{Bsr)js97qwgvLnUS|8idX?7)t#f#&;HrxpoR`3=qZ1>b zx5=&EnXl61MVX0E?NPY|_P;)1o=f<+98UX`!%7CdC31Cjj8+(sKArcz>li9J2zSv( zZUi`kK|Kdn`>d2=q0Bs1++=B#{FLxb$R(ukV%k(VO~KL5q3YmH#$aN9C#y!iJnUG! z@Ac*M0!O9N*gWtOJ?X_4_0+V7loyVv>@MGZsr;K~>#i;ERn$^plY;u1MGaV%ip7Wg z%IGy~!}h5h9khVqK)!h|EmP-*sWC{1QM&gwwUA1ddH?nv` zI;{@VGzVV#Y#YUttYteFBU`K<}Z(UCE)syZ?zIBZ*pU0X8Bn$Z|tMVFw_DEc_y!TA6B}efLv<2tU15SioBRR zZn>AvfaEf9qYI0* zoyubdW&@Io??JB?VSCv^Q^)o5HALR6yWS5ww<5VU>Z5Ku+zWXVB0yw0;#F=<+rDw5 zdeIk(6KQc>3Pu)_E3|B42v%H|x81T>xHTOR$Nqa=-{mvc2c5;)z@qFDlb)kxzw zf1YfjQ|1WX(JZa}-R!P;h6|C9hG*B)4D)!=6lMHA+(Oi_^!+~Uxqr(vzfBVXgl6*U zqpUvBaUb|>^^+??G5i%?_J%b#gzTzyq|eHi7%RJ@NOuIM^=YvPf{#Vju2MczI)e-% zNcEV(E|5#DlcnG03s=9csV*3+81`0HfJ=hun$u#H4pDG7=d{0a8P3Caa_K?1WnNU_ z+`5~n=4G1|@|umxD(~>r{pA5U^!SIux5;<@s%`V-_y>}2jZC|a7Vu+l=P!h-;)%w^ zGN<+G?Y;*&&7=sb+mn~^!Q+tbZ~(N6$(@^(E(TgsGHD4WE&fjucgOeWb=wFhUA8qG zST*ZTU&ecp{ms|lIqSqWnGdt*WI=sIntPSEOY_;!s)AcBJWwJF!>~aV~Q}UKuvjOL?E@<=3OUabZT#=JA}n z?f%%ti@%Kv*&|H1Q)FhsyTmSb30&;X@XdAP$#dh(y0GFr{9xJO$mo13V{oXTRu}a7 zyVVhpvi3~*Kw=7`Lk~-?<;Z$KHVo>F)t+#ic)aWC+KCS%uRbboCKLmXl9qVCv)*D{ z{%6sCDdUN_+&QQF&R_&o5zH3`G_XE(cv$$XKbRyQB!;F5LMBtSQck3%2}_8V$j%uI z+ON$|PA|A0yNNBa_>ELx1dTtdmOnj?% z`m7w4Ny_nXtUDzb?OS*vJ#3XX+j&2E(O4YrM#VoCE-&EgL}|Tvek4y}InnoMl-Qy* zcRA0FdjbX+gNY!0tbKvuZd$h>U2Xv^?o@{dop7`Gin3_#)W|LXCxsi!(rN;FK=X8O zB+9N{$P*3<`(H9VKI9K4TTL72a7(RZ2dL$~3Kv3G zOZKOZEn{+iLo3hM2ISAYJ@S>he0y*5Q^uKH1$eg51kcz!*J~ZcIi$acB}t6(SQcXv zm{5Y-jSp3PL-9&a&bj`sRU%IooEliIM`*M?xi{lfGbjR+T;=b(Iz2o$PF<6jnb@Dg zho2L%AOD+wK)}#zE;^-g801&#QxF<|0+kkbd#wsZ!5AW_nRQf+bunY6s58Pnx*msb zdT3>?8#FBaR$1G1nnhxGBR#9`6giDVFxp-?B8N4~(BkPCee-divs5%6GF9F5G$GSM znx-w07!FewY6R)i48rm&7%-V-;G;PTs>I(Z2%st78rc6Dh2O6SI8XS=K;oEOq)3*` z^E4mfIzgl{vhYkz&V$&ulK=BZyg0;KIz19u{8>ZUU@&%Jp|`oLn4`E4|MPQ5H_0+^%0W-Q$m2zO+^!?#R^7PK5wVu&tG=PpDMSW|gRpx$MtJlP!Us~} zCDMwW>3Yz*VPJND>N9BOpYgQ7cTxY1;u9oGMD?;`!mp9XeFTUyrOnH3Z`eQ$5ky!P z@uePIC!v~rD$YQ-nyE`m_81}_qhaLh@>^u2G{{>Tr8V31s~2<^cQRHfSl13A8m0Njc5zSyfn zpgbq9tt%aTYJL?p2ilJmfzqfaJ4aW&`#Seblwg#a%>9b!?^vBfY7X)*+r8O)As>F$ z9jd3YAUU)#SL~@07n(2lDMJxbXEZxyQ07bQR!vi4$!S-iEy?aaR@Ylxzam3dNQ6-2 zD5X%#UG=1_6ffndG&k|zyMX6w*^ktWgY^mb;n<-JCZ#lSKZ$2>WI(f7Sd{*i1rFo( zd4jE0Elio?EK7;>G5pxY(vGM`AeB{R!p{7h-m&66V-Yl3z|6#hzgx0(_j;cAH7|rF z=icda<)Jb;28f1x*L2Iu*3$EVBf#3|^hVZFPzG1 zc64b3%4V1+h~gXb;+8UQ8SsNVFU3hGoeR&YQ@oT|ybMCZi+`}iPVjT3UAMJJ%9uNE zd5cw*CPw?crTDGT8$|(g{-P7VRoHOhcaa{xY^!zY7x%@Un@)vd#q)+1_kfGSs%iXj9 zMyv-S4Uxb}koF2N#rS1gcw>iF|D6Fl<1X^Q2rjHu(0fYu$VFC?5%V5Q`z&TPESOvJ z`Y9w|%{*)Olk9yTA|K1``{crW-CQzO&#H*G$F9YR9s|r9fPYnmVqZ$^rjalz0h`i? zMM`(@mbl70RQ@Lqb>>Xx)2-=H%9cFny(Lt~2rju0>{dS@^w2tTz_jX#-QH#w8*qd6?~a8i7{b>e0!l<@i^zHkYxd<7|&b zR|LbpeO;oTaD`7!EG6k!_^%{czAcc)Y*Ux~f0UUqAWlpsk(H6hJ~JXiYb(TZ@*a7Z zMjFSU0Cf(y$iy-Lx#!Z^XUS5#CbmR89g7KH7B=-y&b(VEs)S-cssl)+;=LJTpXWOH z7E6oQ{{Itn74iWB9aVK(uw+-Zi&bANk3m=n;lkt`a9rwg<2^T%@`_`|SX>-Zr+JoQ zF8%X^NS3%0i!cwLt*89#nHl%C^a%*b>!?c^1b89Px zSZojrD^&c_8{@h-;%Htr5q8)i72aSA)GZgce{m-tH;17oj0%waJ9H}lleCbgc{v2& zX3ayz!vfweE`GC2nhnlC)n5~sB&cvwNAyi+24{?x8Ai%)=m~SCJv5W9kz*&1hEFZc z;g`p64B})LC&E_S-2MLRi?8?$It?(*{bOI_D!v^+^BjHfXBZD3nA-eYPtYIC?0R|< zW~Mi6%GMHTM3^Jt=U^R^cd4(v^gloUSlHg${?SRH;;egsYK7G1;^H6b*RSXUWT-|m z`%+tX2o0m+?d|KoG~Gi`nHM-6Mkh=BpJI0$h(8~7ez>dNCmn;OVPVT&p6{}2#rX{? z_16Vr#RUg#Ow*J*KgeWduNLcVDFlWktU!8O;Y#FWa+G zhw|F9dH#wCl&z)Wv}3Z5?`P$`s>uT>0#h;|IqFD@VN0vP#RuEH1)$aP13(f)4pU7nL)`7^#JXzd4WZ}X>7dZkKUV>ZU=|)F?!GI z4ar^KdT$~eg6oYApM4CUkwvT+B$u!fcCinRaDocIO*eSAb&f*AG(Y9CQATR@%uQ1; zn}6AH80GD~K3hdfwL~Kb!G+{|Tzqs+anM7u0;T z8sZGxYlcvY5qN?QOHs~2-`WQ`!`3*+Ke56R!&eefr2M>Ktk@BD(1I#7iWsKfqVnh* z#Sp5d3sAKDs|c0GtnC!YzbPF(a$r}rgSDT6f}r%z67sh`oCi678r86XX`f~rl9iwlq{*vFj2^S>GbKk#M!y9f?anv$e_k0pevA}UB}q~0zCijiF4|90NFge8Q;~% zvRy83wPwGSwtrK;YHM9i%;g}SH6Ii#j*VK zVt{oQ_&(9@s;ofp9&xr2$I&yFwXQ!n%zt>ywzLj)wEq1U&!mCx~KqKV{v5EGz@)XX`&k++yy^ ztImAMKhzDnXY=q}PTcZ?gVMozWG@{JuJLdZXC{gh_Gz>aWx-=eA-+>3KKE3Hbz;tR zMiUH(`?mn$#&^q&T;-XGt;yY-^d+L#n9TnzaYXMa5&nMuxuhxFd?u>Zt4?0YzZGI{ z3;w_Yhr@OKPbkrq%TN4W|F5>`#t- zczn^Ca9fZf8mO)YV+OBA>ZN+?307WYbtpjTLmA?uc@4mB*WR_PG*s8h(y7kBhs9R#>?o{LLoKH)S_;nOtSjb|h-nTP5-n z0VbfB`3R3FKg!eo1#atp*8`_1muJ6FDvx_JRlGChdin`WpJ(y7@Tup6GWV05%e~Hy z%heeGovhGZqE%Wtl*=N@7qM=VO5W#=CY8R`0-f64Q(OS_>CYxUZ55OP%R)9{!jTR7k5?F&vqgq^hWNpNtZC*7)GmddDboO*L`jUmFE}>CDcy4 zSv|5{@mKLcII-~a53?|dg{&B@LmYc=|sA`Y7K@g9#DHHzgL$_}t~MOZW4t zRPO!oHx)hKxMJt@McYz2c*pyj^sKXfPk9wux9|1A0`&0-*gQ8X#qlo5SJd)W&mpnz zFfnI6;=n1CHtbjc=yANN2e6RZ8wxk zJ}=O8`^Fvfz*YUhAN@ENV=h@t33|vKPhnyIf-amV-S7ZJuz`3H9yRijp7`H_oZDvi z$Iq*5MSo_^C56zX@9(}NHbIl=b-L>ZPIdZ9j~U#qE*#SZ77OYuwpMI<%eML{ zQ#KDmZRpraZJm(+b#L*q-c-2^pTn`Y1qF(Ty4IaOtRUcw7d5c*4xfu!JfN*L>c3rGUz!!57@Wq%1XWN zd#M$u404R+o+9C;Uti~U2&-`|<`bCNs>(c=^v56%cWBK-V^;uz3Q}fJKc*L~FB>dW zaE+UN;G4QT05c)KUPGhX?#2%g!)|3B0100Q=S5?QK8G zhT>mzNjvP$pJ3`eSM1MRctziD@lL9fl^?7{yW&%UzF>m1-}jE0g*5|a!>Z<|mU3xT z&P4HxZ}1zU<5LQlllT_$#|pTlxkrBdv5o-{-SZrSbx|~{uUww&ZPHzbzo>?=%w;UC zT;dvUbGxv8lo0>Wll%URBBffN1==zE)UPB^(=@Mf8I0)tt0_jdsJ#B{`-9b^vc?+A z(LKT2l$u}ifrYLJjo(tsV1&n2M!P>dO@A%_lN$<0EJtKDKdM;`ldJxoe)xfQ>MaB^ ztt^GeYIh;(FK=-*PZTTJ)L5J(4AL59>1%&BjuG#3zEcptBE%<{ zE#Z(?bOjR#8#DuLWI_WGD%#LF6r$Mm$qtgzLmUXn=&vm(E0aaJOzIWq>pGOOibqv?GdK5*m{%Fbi?3C^BY1lFols9Ln?3c_T3VK`)Od6nHs*7A@`fw(A@KV&SQE+JJmJsFxwI>(?|dCS5)$z zOUj5X!7+H;IzMyObWXODl2TAt*V&cmvXeWu3IPqKlYXJiYw7}w4^;&VNg7u-U1d6!Gr?3M z(G(Nh@WX;^N}+*XCqJ+W8O^cyqho?EMlAQUII(r1#*-4Vuq0T}Yl#eB%Q~`x9);>T zr{VW&B6HbrT$Q-jG2jJX8@|THW#2V=;ur*tk@i3rl`fPz20@H;T?_n=?95FwIgiqd z0#8B}N8%~*`ua%(0|T*%@}*=E%z#AIoWFXi`^rCRC}6eC*JU&B=j_P)pV$Zxo#E=K z1q%3N(89{H8(VSZqncT#S8&LMw<*N+eo)hR4Aw`>UgaeGbCvZaY?o&yGG+(!A%+xWbvq@kc*fRrLbqKk7klBB#!E+cXI zv6s2z@FQLU^Ec{_zm%30x9J~WajpkGSZ31Z0Y^<- zmxRX=o@?CPJqLI+G}2kfr7!xzp!$Q~Q($0r@s_)MS<~YO%9{;KfEdK`w$N7 z+1GACQe}ZQui7ciz|+s6Ozf6G&z8#!GX}P8{B8EZ*KNeNmeqbq&DE@*4;E&*_v=*A zqp(i`T$SC?w0K5oNlFC7;|TIDa7plmBbFAJXz+8^`~ce|`{`cp7`<3{Qz`4ngq+Q# zj(l}{XS*L2b7qn0tqtCN*ANqCK6|4s`zmyF$hb29tAYc2nv0nuZ->3y=KcCUmOoN| z$FT%I8TJHkDgfi54L95~T{{wK7IkNuc#MoPX|4hWkP_qb`t=w%Rdleo-ifecSOZxc zag8nh{T50AKEb!}mMbPdn=!W5pR_U{=r_&^wk&}G$=rJ5UZ1d!qk1asu}oslIJkRt zH*`gm>KO8hS9q-jXZcyPZT*I6J)8HDHKptcm9#jG!hRIu^{v?40G(wg6D3pUv@s_r zZ!DNJbqqEso-b?oJ3f^es70US&WpCwGlv$`Q4Y)UF04JxGU}U|xQZWZGqB1I`7gs(Ea)B>u?CnVt!!EC}ph%{sJOrNAmG-X4#|Gw79p7^zSyq;iwkQRk!|0XE zi)GK|czbM8XJvLs)tvxJd;ljMiVIaPa$_*$v1K-{N^go-T8I*c{U3*fkZ=d!raTh? z3Ir=rRHn}yR02-d>L<-7r3M4vu)N<&{4j1v=S82GoZ-rx>_8NUEez`s3X)9u5sIY=M%WUvAhk{Se)d)0 zKI0OYl=K;T(YukW_!_M%rGbZxOAO&e=(Bfj5FZ&eG4I?g%B8)yuW4hj!-_hfvw!z- zfa8Rr<=W~d3AnMQvO?H+G#6m>Z4;A4?JQYy-X(m*Q%RnWs{itg4UT}gswj=p z2bqNYrn;Opm;^WI3}J@A{qju1@b0P$G8`5`X#8ptG;~5vFRw5o6t#Z115>bao>_dJ zW@NsAOGcv@>8iFL4=To?n=_ot8GgUuTEaty-r{>|-IPYdY^VY3)?P%J8tFW(T82VVxKKpvRGXo*%7m0Hzk-%+xZ`xA6O168bTb7+ zN%d~_79~Z|{-l7A{;Xt;MWd|N$g9Ci~o+aafvmy5f4aHW=U)e2jxfdMr&R#a#jS1#q z|648wRZ>JO^>6Zgzg7`2c<;r@K|U@7W84xiJryjt2?dn^c5n>!&UK6TpZCCUCK1CPz*7Ak%av1{c+Kv6k!(8*64= zxwVXWBrV+L8nb$b?9`bI5#&+8*v5-k?zVJ%;F!d-!TPHK)x5kSl)xUheu^mg*qxZ4 z(#k_6Z3NCqu1u~Bac5nVRxx<)u|{Ph7AJ_u4}HRMJ}Z6f$io2>cN;7{oX4)pTvmC) zIi&L?f?X098aO1k4t1C|>l)#Dcf{Lpr@29vz^lC!me@$R++h8?qa*$Phk^U^8!mU( zt%|QIJE{+G(u}7 zR!h|Ks-MO_lHV5^S69lv?ufT)ks*us-qh!9DrPQrhgSLrtiAuW+)>FF3s^l|XIO9f z7T~rRH8%mQe0VWm7Q5723;Ktox3%Rx?QF#(jMb{@oT5+yDnECtZP~uKM~j z+=Ufx^Y$DWEZhG3lw?@6VIWUlada=lVqpxFEMoaV|IbeyG9N(&YZ?Dsk6)6&!+fm+ z`OX=r_gLk$5{U&k*p(j>fJZ+p#GMMtL;sOl?et+5gsuFPpP1?my{0kXq)D%lbt^_K zL?KK&J}`jZw}LRmv?Fb9jtKrtl7zDB+2A#jYzLIRbCU)1fxb0{)}T)JSZuL4rcW=A zZBV{w9g=*B(DGEbFnzMT(7^KjLH;CNor2-$zO(uPkE(si@MgCX4{&<;m~sAc{gU?D zsf#%x`lP0evBwSTYRhrc`A~#8AI`ZLqh22rYt+EN!~(GXmYrHP)%KTWoumo0^koP)FwxB zahvW>j!lE7(q`!0(L4qBBd*_NOROF`lBn%d4T^_Mo^-{4QZgV8;zG9& z&8ltAclAj7R+6}!Hk!`*_Aj5f;5E?y} zdYHb>mxZBYjNh&=WGt-Y0cZORD(v#{Z_qpa$49y!hsj(FYhWcce=_sQeuP5%YOMUL z;dQyDe!(xwIaWM%?WHs0Ze+6&rt|!Hj}X|mwo4Enyr*L=HSaUpN;Be=@-?x)WRTA} z8;g&m`XW2z9*=a?$DB?@9*fl}v^iRcZ9a%CJGbSOupqWM{tV}jpmO|3_6s(ficU%r z0q{MqUe&HBgp`PhwNWXJkDfF*vRn_MP0jW8>I3q1y|p4>bqCo*&ktP-i!53E@H%H* zJHyw>DfQ9`BcfCP54!?|jm(#0AalJ_ZTq9_md77D_z6W6G6VY~u)%6edm zpH|SidXau_;6*^yXKF&8d3Qk2Nm??Gt2N~19TG%of{0mJxHo)ZVfbX)t-!rL5D+;XV+}TAz|J?5*!{w$)+B>DM zZeMjR2}!$S^?^-TO;PqbZ20xT<6L{CM8E5~@ck-16rCkWX;x;as{tbW*m*-|4)^umo4=Cfx)>tLT=ec2cEkapAbd)Y0V zQ4#jul5S?eQ6n!gXIGsanEy?p2;iLS90I$MmS~7xvb#PenUIs^8o~%`tt@}+*qhfr zV5S`NM>XchybLGhis~TE$E9#^s6tT4I(n$%=7%e#{oiS@*s$8F$K|vK1(kOMm65fj zCC#Qk_kVvXJd*B3Kkgs}q28mHUKeqcRfOd%J;O_-fyC$btc-3L+*fvXRZD?Hw|E>Z zf2wGgB8!0zbbV;MZioF05{A-;6GEh(o;oWKoa2-HtMS^H+UQnUKM_|HeEz4x{EHai zT@wLqsg;^7uUpzV0pv|;aN{FLjMG1LH$!~YF7c9JlUjE`-^x!Xinv~kKdrAlBM5Jp z{P=4tI<9rgo@a9h6fc-mwOK}FEia1HbvAjgf-V8l%ongX2j`RccZI>OJS#d1pLQw5 z^#<*kmm2kCHqM;qWDiRf{QFjp-foftX8 zwZkUuBVzxOK~1?cnWQu~DVWhBgqiac=2e>#log zm5zC|S5iU#_n z==U`QB>i`*@W2$bCeEe^LM(fB+=B^|i8IP<3OvUj{&kK* z;`jfNyA)`-Y+d9;R@?A17mNj43g!lsEtfy7&rcK2fj$|ZEFnps|4Pj@-4v5ZqZ?(q zvnreI^Eaq#v#A>@%?6R;wXl@G4X3=oz+l@sh>;x8Y(e~ONV2G3qZ)QRo6J-;dg_?2?J#71hxA>Tu=D;Z&Xo{{$6w0JS!_;5j5z}|yYXqTr!Xnfc$ zeI+i-BJPy(iL{4ZttMrdj|2UVN~wO4c10Av`AP7aTNQD(Ra!HZS@hmZnAJL-Q&_0d|qzid%4si|N5!xo3~UnvhZr^++g-d_`2&2dRd_OsYcKO z!{x_&Ktg6}Rb)=;^)c*>g>FXEk0CQ9=}!F>;uy#}X+p0b7&nj zM&VZ1$uyG(SiXNsM5e5z!gyq}g))A<5AeZhJbuXIahX^6BVEiS%IcwgDR%7S-sc8a zqLz$1yv>rHtcu!_-A>m$f&ck{NQ zv#y_xY3iEa8o}duiPBElBi8^TflYG6O82Ibd$N(8OaHkvdOaH&XGDu0S6)C7W1>(Z zQC9H-My2J)ciyVzWo{*eF~)W+ap~gtr&R>quMzVU3^VMAT=GfEa&XeJ%ty`HTV_q! z>0|QCm*(~XHOM@1u3p+fJmA$~f8oH;(2?Q!2+tzbW;%4`NXMXeu2Z9OXEj#NYgXQ1 z&J}X06R0RMD^)FQ@efxo0NV;>drAafgbh!|t*=gdELBd^4#;r+%9QePfEir(zR8Pv z5(nH*?UW>yUE>*g(553nK@HLJ2=W>^JTr$x<3-LfAJ66)6*I~ngNZ$uZk+j>xU0Oe z(zsxuh*-PA6xZ)ho>)N?ABmA)I!KA2Rw`{NZ68?@4{G4W-diH0TRZSsmB~6Tv}!MQ)*Gp`F+zH$oXq7EWXU|3SoX$} zeZ)VGr+Db(U*L-qW|D))V4WfQmO=3*rgOML|9X=|!gNI;3VteK2eC0=#=40noPI1| z;h&!pA_QR#2Z%jcCE(`Zylax-utOaDE1K~dM;ce_#cP|JS2)CG;PupL+?1nIwQrW$ z!WM*h)G0FGndb--o0z-#4{%$5AOG-pyiI9z>$2O}g8VSKaTg%Rwo{^7blsi|yD1$v zdcRg-Cj5gKT6?Y`OeOkNBO>-2P6zF zYQ!OrN1`#yW*YQT7SQpZWKfQmmO7`#H={?9{d>+;@xGl8-XlHp&h*Rq^YldGbK#36 z%kK3i=*zXBcUZ{4gAQ5$J68fa#)_+Q{vwYps&Wj;?ZwOKhA9Q2d32~=WIJLE;c%RcrWal5inBftP>`*9%zXk~_TSR$ zb4SZ&d7#W|&@cjGEl(phNM;o!VL;uxUtoOA*2yZF^?TU{+F@kD6RA=A1vlS~BvDh= zjgXVa6ttHcs832rcr9q}NtTU(g=u*)5P=m2hz*vWt>>b{7?ogX!IL%KZA7mjd&|`T z5}H2oY!zo9o_T=WxQ|PSG^K>-Z|}gO*stP$B;ESqDE@YUlq+pPF?Ro9x&e%Xo}1R{ z=DX&4NNy&ELQ<0$d?~U#laf16V(u|(jFjl*2Bu(%doGQs^$>xC7fd5e*?0Otdg|lG zQt?Ye`?*_IL!SOJC>lGzrl=po zTHTuhZTWMYd2xTKc649mIF#^;w8uACcqYtp!J3J!=a$c-MpJl)L%IcvubuH|5J?Yn z@E8=L^YARjSj1A2QIb5+9bIPCG}icTvQpOoo)g%a1hIZ)m;Fd%#g}|yJd#YRn@CTg@dkZ-dOk)Ts+EY<>pv$_DlW*VkDX9Zzk3pnBqJ0J5$heowfkbJJpiU3wP=NWX*Sv5B^un&_~ZZ+xn%bxbQEOYE@}+C8?7fUFkwz(G=P4iE4->=%Kxl!icG?>4%~hHWQd27@n-&V z-QFYZ(DYI1drJHu^%c59qX6Fth;!3stzUQfTd(-ceR!SP^%%GGm>%=fG;-|b{}Own zTC?4z&+mm(tJH6<;3k4)?*a%r{JkAuR*CtJvijC`zTWPzddv47)H0fj-Df27X(rnn zqq18E5_1XT5{~@pI?h=-nbx!V13eo+apD|ma5LBi2NZu<2P^2+vMOJ%q9me*S-B@|C zZqb_SK0VUol}^C+qD4EX24f9Xmph~RluOX9nQR_;>C49oaJ45s@lGqyKBE>Vn zmRN<1=4veC-ZmQWH%ru#o&COJM1R z$%N+Fj9>1D3}DOczicQVUkQYi%HF}NpYa3w$W;IO34jO-zccsij|!w#eoyu2kfej9 zKKw;eKACrmi%W2MPlxTJJN#GPfKwfkpcjSE!RnUqX(7zG*%?EQCi%UjFvwSFT3mBS zb)kzOf!sc5QRL!b*;*9z3fa3H1he9@WE1x!RX`P3~Z1xx?*pINmc`ahJ&e|ce+mYqt$ z`-=z4`vlD=Jxl@8^NWWmd^funJakhhvweO>cU{~Y&YPf^A##*eBl-e+OJ?MQcsc2~ zhqZ%#MqbgMq+;f4W#a3|9|yhwj$OE;k>V+Z)Dk#R{1q73O6V9{;k?r~sHc90i|}#o zoAi*h!_e|DDCOXKeu|*QwOCq!q)=!lNT1m?P3E@-VPF5MET%S06p81qF9SXbA-DE-XxH!NFnbW)e+hMZylx z2n%n2j4Dc|;4Et2+bAl*I>YMq;Czpn{a)i!z?Kg#OeY%Bh%%YDAD#!@LTy%I&z;DI zRIJ5E5Zdl}y_G1Y;I4;wW{PWvZK~RTeHa2xl!?8ZLs3+GrPA$ zRwnNQmTZxJtjECF+WFeAw-H;nrv!3!W3&##ZB2TPkY300bgq70az!?h^l)E(=v56# zx1`peNNcl`TlNVWj@g(^)K@k-+ggv?*$-X+$2a#v#vV!~$FsR}7Ns`DU$!{p+ClR7 z&DYces(G9zaJRXNw?HzsEIoTHWS63{e!XHTa4JH$--fAIba}e(i0`Xs##$S$$F{h{}^F=k!dX54v zKk$_~+|N_EBM9{C+Pl5#xEs-Xiq}PMgFhU@cX6Pvr}V$F3=4tIzjYbl?idX{u+|kB z{n;HWf$lsvIn%59lrhHh{mZLX<(Bg5JtbqgX3kmYcHI0+#x)PB>cw4RnsD2EG+ywz zD>K<+WUkrWVo()js5!y{ZaX{vc4t@jTZZ{5_}=JXZ^^DS6Y|7VIty7|@q@7Y1*{_J zzh0B0_SsjwN0-Nh@fQBR^RF)muD9K}$_C8T-aMQ6$9j;@YaRDc99d8@Q`CsrV?l#Yb(rBOClcUjrF?2mkV2F zs$t`I{c;q5&%WtURXsM`{R{4Dgf^7gC6`bmn{lP!8;^fO^z_TZ( zJ|{ZKsnJDe5^Q~jvmN!HhmseK&e4*6HH@SF@OJqh(Z=82*;G>|lZ>B^)xv^z#js^v z1J)ss@?SWk52!(eM*;H7oZK<4@5teN7uNe$%VrPnUq*1x-`&^2?C>5FHS_jJ&+Cm@ zgIAaedBg7g|3h5q>*0(TkfLq?S8sVX62#-Hn&+HoNbZ)O$0r~JR==W=9chDpoC;dZ zC`2D-w12GNx4WVrANK9Bcr&;Cx#D%F-|Y!n)}I{_%2^Zqmx-pd3HNd z&OOM^D}M^pC$X(Smh_oSvQY+_U63V{k=py}|LaNMS(xoLj+yqFdX`a@am$+)G@DE< z_3@T3vrtCAQo=(|(fF>V|K&iXS$2DtxV_n4LnBiiZKlL zt}(@tIya5*`~ojOb@W8Y4z=;W%;KjqBb{Uaisi#OGnPX(+l?1iaj60*!Rg`6Wjs;1 zUvUKv_~B~q+AUVfH*n6M6>yhK?eN7^brBh;GMeljnTFy|{%qbK2Dh8FvaS{5C;TnI|3M(1mBHmHb@EeJ~Iu{_{Og|Gg=02LLdTCZFP}NeWbg&(k72(Xveu zoGnr5s&-c?iSPFbjT6k_4q0u})qLHFpFj1d|&4xd8{dGiY(DF8vp6EAQ)m494cJQFpmzVJzf05NR? zgH@3)A0FQjMf6|eb9myZGtB>CXTIH1i1R$a^ByZ5{ZMH%UQ3zhZ1vpUzXL>t%076 z*uBDaiQuQ>v0fzp&j1zh#{ad*Q)2s~>VlY!9oqd+qz(&Uq!TbK>io#=UFn=2cB46`pzg zaocUS0TRZ%==tEi^kuedmMTd#>y6xNhLXD2vz!hk-y6<`5}K}HOBS<*n8!K6-ifVMhb*-B9l7}^M|aTcUp7jDu_Uubqcsq_GZmI@&7UQ z?SV{x|NleMO)8agTfHlyP;x1^Q6l$TO1W0Zo!pshx>7EyBq1i3F+$2EmswI&a+%w- zg-ULl8Me7>How=V_vcIR_xJnz^k>m_p67XaJRi@;IY$%z6~UDhmiyi}qjDug*s}GU z+36k&Cp89relPiVbM0pVRLYq5TV^W>pWC*uPC4f@jS1V!ZSyhcS;OftpBS}_10fgM z%3f;yx^At+;ZIcUsLz1DNV;8qUK$K?*?fp)O)8VhL^w#VDglI$A2P1x)1M7;3G?wE zujWH@3@p^rv`TRPfv5qiM>AdyQIKJm+_R8>o9$vnUnlx|x?gIar8I;S~C&6_; z1B`jkEIbn``Jmzv=i|OIIk6hv=O4#k%->ooIJXGg2Adi=yj(y}{VVaN&a#*sf{aCqu z5a;s3$61&{;U1JK-m zO}pM%vV8IZy}s0wF2(mVx0-YDLY$MvpdBrG2bl z7Da?e9+=M&jQ&DEbRj-k;ahCz4tPnSH;<=iDk-C}qkc~iH#1A_sg1kv-suRHV&g{Un@XOR77TlPnQX)V z25BtdB9S3omXTY|iJtQ(?S&Ef8MlTL4!C3#H3kyy?DD?&)uB)+i9wlyGMpjgA0d|` zdUiG+`ZJ2P=Vd0mlB@&;RAy*C=09JKqR{#9V}>HPUUqIK+ccat^%@#E`ZB{li(oV3 z;0E~}znR;<;g+Wyjt?)*%4RylA7*VyYV8*P+vNg0vcw(^uSDmrV2_xBfrDw$)H+?e-yhc))KR>w-xbEfW;Ktv9OCD?8SnLtDn5ka*Y1CgQ zg8N*J2yjfkd1#dZHH~*DeZ27Dp_#`TR+hru*=Jnud-b8c=kkf>leLyRQg(Z=NW{xN z!&Zgf?bFxl{(K$*e|el(Q$4-$>o*&TzgkvSzK=Q` zdmRpFo~yhs35=N~qxxmn^OfINqjA6J_TA5!CyDy!Vkpl(JI!u)qLO@H{b9um%7~E< z4$pF+%3{g^_lJFs*#tQ=wjF6ZwEGzOnofPsTdB;VpfLtdXI7he#s7;*iH!689TIMz zqjo=8MzysqK=XL^tNjJpj8YX@$)?Pu`Wa zG4}oO%th_yuhGC=ZY1CSo{?)LN?C%uN1^Y0q1qu%)e?K@I@x`PXA*E8kcOr`mG@6? zUt@G&Z#>^tpc!;q&ne{J6PQu-_N4*y*HNRLuG&CK;@wW1VavP6V%y_~-#0xuXZ-47 z{Y@VKmGqz~FwY#vC20TijLP!yn-~Xa8GW1e>w8S#2A^EDugjTTAp3Cgms*yXz3uXy z(v-cF(S*XfFbCV=g$N&sWXJupPpZ8i(1rspw`E!hf^9y*0#{uVM}FY?niE!G99mfa zdB>HMykeCQPqLrQJ+~fU(r;ECV9RF`xn^?eI{sy_^ox-W65-P@?@WPa;+3SuAEz%2 zURP$GB#0P!Li&!nu;PUuQ+^95+V+WdBl)eLRuG?~A|HXKq^52u$JNpJc{sex;+a}=i~Y1DFCL9pu6HNbUfNi6^|m>wPKaG?6IT08dyykz>Q z{XGwY&NBa7Q(&sAxf$cQ*CsUnGfHd6Df}r-)2!mBYI%~4q5MR2lZI`~aQVi7y2H*^ z2)7&>_i#gkq2eFYe2tD9P8i%{3506;E{zvNiH4#CSFT0*+c7u&k;MaF(rM=Q!OR%k z+O$tMa-e}1m+fhX;&zKI>CyJDzH+Z3*ig1WZ*TCfYDzpXdh0(&V9a!hNRo;Drh)Y@ zUI$ALYi+T!vUNK(V7#&8hvbL1Qcr@Mu0$l34y+ll{yKe%BaIueuySf`xWPW}JpcH& z5$!+Qw!^N7u{qcmIm^jX1Hm<4`6(MUq;BMyU0*fDd+_b@nnx*+@((I~=T&>FH4Y@^lea*Gl-_V1&y=A{Qh&!irg)9b{;xih3fLd5w(T>F*ZIwe znX8wQ+PWVCdY~0AVl696_on0-KP%v082?x-`D35FgdpXB5B3$_hVr7=I(g0o{rS{{ zRGBaE;?#>9N(A&xA*NDO9+*%tZ=sBSc*o$fBT1ZNIjiNOXvy z_k5f_r}dZbgpc8>$4rj!`N9hmB*|-fcl+L!2i{fla~S#D_^2$9_E96q*Je1N?KRkM z(?xf$Q+?l2Z#HBWG&OQp#|wBS`st;$PTE@9^`@^bKI(q5#_nK<*}sOo+r=7Z=PTe{ zmW+lfY^RQ8g>%L0O7n9AM8CqB<7MODPztyGJ%<;L=qXIOX?rGx6pAU9B{~52XaY~* z{Ju6B?$KO)GrF)k@0A4Nd))h{FV9u9tMQMbyh^yxB~z(I;zZ0B_A`jYGxx9NOFv&P zrVRIJNrY48`PHhmc;e2v(z+L9idaMx?NiGV5;GU^P~{UYXZvmbs1YVRBUekffnL88?F)E=>Bp1;Nlo|!BRik#QMp<;Wi!roSlc$F`Pz_`H9z-S3}3EMkR8kt&vc>b%hKk|{P0A3YO zu#wTooD0#%i{BBiQ+nS%)SUeRT8H#XxhK$9>SS>M<0SFO${q2~eg@{GQrKKkX=9-QX z1k(o3F4~akt4L=|23LfqE6olggt(@BQ?x}lJ+b~l;@quYh0gC-d%gO5oqq(ejPc(` z9LA$OyhKJLu=Z`-cOpS!(dwD|`O1G#ps$D3j}znl9Mb&W zFTROi+kuJ4N-K2*Cys>^z3(OV?8409)|7Y{A#wcl#B(N10a`tzt^H zwiYxFLD<&TUG4!2<^$B%4)?zTlt!w`?`To01eKNVAmQ$dF8{bp{9 z;nvs(V1H}#_I|p~czF5u2R@>k-*fh_@;m!Tz;uc@VRIw+=5e>hH-iPA($@2twfAss z7ksKxVb{)#oTkp(ASE%3I^Y$yfU{ov=z96J6255o$@#7*r9TqK4J(N)`g!$KEWNt4jIHi)kAcb0mqGLNQ%rbS~cel$94* zR99jkjoBh_E)PyUz&?Sh6G&SsdHk+I+NPy_XtY4p3(u-vgqFcge53e1!Xy}E9cL%4 z3v=X>lD0aqI_-*-oqZJh9+DT*mrA&PD6Yid#CSOL^bFaUv$v51jM#EaX9bn+tBc*u zAvqk8)Rc#~cT<3A-#F(W%9zuY!*m_=py}mTi`sx|rrIoB;8c%kIjv=-fPjZ*LApY9 z)B6D@DD^w_R_*AaJgh9HmD1d-<~0i4!vE(! zaB6>H*Bd#TsgOkF#u3R*sFA9Dg;*lj&;32Srcr^G&KucsF~xXmqf-3c-0oi4Xtlcf zQ?7LXa@6Ek6#n6Y-{m|S>qIt9Kg8F1H)JxzmO}kp8OV{WU{jtmOA10s~uPY0_wk=?Fc$f-Xf()HuW>Ig5EI+G})-Lq-dQ1i~|_8)H9 zL5AvjPEF2;6i*GquIaQuoOj8^4+oU(w%(P%{$SJ?Z_~Yn&dF%K{;q+N^_5Z9(~~MA z>+u)=eKtfSf*fO=~^ydNv3Y{8qx^ z5s*1HS% zxaDHfeX%s0rQ;L&ss@^~UP#Ud<%p}(0$tDLh3hn3DkN(3rfc`k7nX4fj|ml)k*1VO zj;C}iyEG^AI4ExmUwg=;ufC&UmwrcCg3OEoB~r3!brCYaiZ~f~>Gt1pB?uOKX7$5a zuG^bt2Ej|d50~rFWRyDa#Xc`2=G1PA_K%d7G$_q~G=546YsD` z-3yCl1NDg{H3)+4oj@X>lwscl9AQdB++RP+=FAUyGlG&!gjlb+e!7-5LMMLsz=HjX z>*^Vvj_Xl(?tpLN8Z%}cU-|fW+;y+R-7Vjb7;MzWx$9)E>EQm8#`gqSBj8iLg}%C} zETGH1Z_A*Vz(x1MHj&k1Yx76!qAq=FQOU>|5BEKRJiFx%L*>U_GsWHz)|%L~(T2-( zo*VAP$(L_Pl+&%;{N&ukdDM)O6PEe7$D5B}&2z5fy`gsvMNN}Dhv6ciUr*L*WzSyd z<|Gi{PEGAYNme4Ku}TLkrhz1uWVQR*Q*};+ESq(MEzZ^nPj&6KeLk2wHm4sYgu9{x zJj+fWM2=PEaSM!oGkfmM_!}Rl0wyJ(gJ@H{}rcAJ@Dz_^f27 zf7i*Y)nBu(8mh8!T!VpJPJw)(22o0mEct8d82`fZ?}s+;;{zU{21RcUA2QkoWNZ)j zW8hc|5;f1LmRaj(nkzCn`o!-qjDw1iT#Xz4TUr|~xUSM6*n#@+%~ z)IncL$E{g6uKok3e|5r{hmrbrP)t!bnCUxQl@JzKM+cuxB=@U_+F%Pk3ky*YFlYk7 z3+*Nxu@F~MHgHuwxrLF1{nF^0b_qTEtSZX-tS(Bqv(y@4(%e}wPg}_CUcA0AWZZ1s zp*P%Z{-yMJxphEEA{j%=i0kq`q+q%iQ`~a9J76{FD#au7A|ufnc(}EfY24TOg-1?c zmVexf@kS4MQK`B5bQAy#wdgNfJE;idDQZ&6AKr~$%J8!fIYFW&qkT(;yhI`~&*FEM zJpdfs&DG42$aQecuTmTU(+8Sc7HA*KkHiq>I9g2K`vf-d9-($0mb;58yZ9Lp2p2pk zJ*q4ogocEml;w*!e!qd(0{}XpNJ$@?)!n*w$xPZZgomk1m1UbG4fs8{yCgN$l(auu zEm6nAF|97CJG$IrOCQSbO19pF13cbB=Mi@=K>f>mK@3!-c2%BDwQwC!8{fq0BFh_r zgbCT_Tz5#@$9yy{`Us<6!4M__1KxYR0yQqDkST*h^DHkP+-4P>^{;cQZn=5IFmJbf zOjA}i>pjfY9v}7AC~4puA8l0-{;p5CYMW$ff|wgsFe80{DXfCHrGqs8jTZa8NrQ{m zIklrq|65C;AJcT=x%G`&>!~q-a%g3hQ>vOz9mKJ2t_HfLO6#7(&MGBIRP=j)t2}bb zrYd6h?+OQN|H;S%mnw)+_FuH3MvP;oUs*aPucuY~#!Kg8BY>;i?rkJ~ z=4E7Jpw%rJRLMq0@UzOaUXo0u@Hf2ao2K7MxpKSE$YAL<78hP`Krak|E`=L&6YQ>m zv`{Y<&tPI(tr^1X2E3ww@u|JF!R!v*qSV_G3W`6HqLRFFnEdOQRF9+g3W~*(8~?N+ z%)hRUuKcj33h(bg_^RB4VJ`WytgnZC@%WMU+m_fS)R1pW9!xfQn)7%pL?-7Nvyvk= zVX>;z0pdWk&Y8ji#w0Bu&0U{4*d#=Qkx^wj%P4_Bhn1Q(UQ_V>@Gdvaed9=j(a`Wpl2 z)dLUmj*iZ;-@KNNcXrG`FVcoT+)8T(y*<7Roa&@s-VaSocxS_H2QMHG+8t}KX5O}f zShNPIW;7y3@wuPgaA2PfZu*gAshSG8(;V#oy|(G#{vV?cbQY@A=3`i|SD}Awp(aN0 zu-QoS5BlKb!MBNxV=MZngq$i96H1!{V8yV>xa?2ct%`+b41U-t?el(D&&AT2gC1@PS=$PpsZfz359~5&j$iceOh9 z%yI!;or9ycV@&Jyx3x#+i*E!{?vIQLL`R(E!K|rXQv-%>GF_QS-;!K)gS`l=3(hE*r=N{td5evMtIO;84cic1E3kyxrr;;`TTuwkd*WAd20S?BoH zQ!SBc%Gc(V=4Hm%`Vo4)W4> zI8E(g{K>OLw77)8<)AFk83x&TDi>J%?187WS$dc6IZ27U#a`9UNSfcY=<2u?Js|_B zU)idJzuE}U3Zam$(V^jMyLi3x5!-H|()#%jEPM9DPsQzaE;o3QbZuSM-k;CUfP{fX zWC;v}1FdS4t!TJvfJ&;x`460)Xc&jn0$<374;+kXByn9Yblzk1waTTani?&gi;9UV zZz;o|?~^>j>OHVS`aOeQ00EHX*dyK6(tY=ZR^JXmk;Upd)2qKDCHGM6Y;PPw6u#OcJzSSAk0pn;C9UQ*i+M=E3dEXA`tm%9b zm(~D2!NQ$Zr&%c(M zA_yw@9XhSDkk1}}Rm&Jds|k9bLAk@w&B#sm8daRklsFl0W>7>bDo91DRBrS~c_$f- z87C?r?lw?`?KPsu4S(ZOYQ2xBR%$>ND!JYTX)in z>quc6`8^KOIKtyDSXG0KSH6gPyO`Li! z$J-t?tqo~%7iI%P81&$fkdZ@~BfXmeqD}vI;;-k&hNes_cM90P@>JCfdB9r8F?u5X zN?x#XQ9S$FQ|Fw&n{f^_7gFEr+kUI@!vC?dEdgGWWZxuLlD3H5>1)A zmLuSGS*^~3xhgtx6;BhvDLR{tLB(zG>zHr5G!cg})IRf-dExJUDTWx=rtLVl#TP(m zGaCwy#%==DTK$gywa>Pz(c1jciGfOocDTlAbmZ`@6Y-IPg3PG*oDJzU73rzcvK6e` zYlG{)R07@GDj@pT&pxPjG9BuB#+XYc#U5AX1qLX@BmT0>;f7|>l9u@)?)UzFZEv(1 zoEFg5`P8@dxJOc$LiElAu>Wh7wFt&aJfoujESpEBu|{RI&JXlVV8rr^T831PFHSIC zN5Z5*(T=~XjQ00(-_sS?`6BGV*y0mH&*3|0Iu<_VuB7()j1(>CbG2Yc?tmzEC#Gsc zs;B#LxDq3CAxMAp^2^KNt9qK)0(?n=Y}WDJJKRy{gWOX&11_6QFQ3g#P=|+@*Bm z&hK@zJqFtKl-DfW#Wy(nmKb$U~7QSiWUp7WEv0oL{A=cK;5CJOlD2TB&|HTRi=2Y->9YRCe745sq_OAZ!|RqKtCs{PeU&Nr!Ojq7iA#++;8kZF;nKej zB_BeU1!h3BZB<4jFksG!%bF``CcuR(xt(G;!Xr$%cunCBJ$%t!gIncz_*^p|$TazP zd#L$($Fmvb5)DGn*HUwKU87b=2broNEqw5e_6rM9 z`pP_`hFC{{gB<7q5m-IC_*zpi&v3m35?F|g3~rODg?QH9?8=J^1w zYm9;UJ=g{HE?_ZJrnzIabj|&fjvE|KkG40S#|?d}LwrN{ZVWjP_3Rkb9PXUG#fjuS zCxy#){IFQ2ir=lEK?nnxA#Y(bt=?`SubNkdnPB-IIiU=&Tl?n{x^2ufBgYsd85{K? z=2Fe4IKSg%wNAF5YPaZiWfi`2A;0`u6}M63X{s1`hu&aJtJhjrJ`l=ynXD;jSnq$# zkC?iVg(ptqves{QS%r-2dpE)GV~hpI35$nl$Z65FV-{am&8GUTmU_>L?5CZpAU;Lr zgvPkNw_8rlU9K(-^*ui+EJ0>sc~M#lcia@sJ_RZUM>#oJMeW@ni-zo%AKI81aX~@k z=;^2d=?z7c_F38)?JDN2;9|>bUj)wK7%EbDM&1xqTIBHpdAiv|5Cg=>U&U7V$eS9U}&q?eVck`mB_eFg>V|KB>&QLwo&vT={PbvP~ zjN+OOm4o7IS_g`Sto+|yHJtES3kv$1X`Rg!;s1Wkpy*q18<6LJ99fnBMDW`m$TRZw zZxMkVpr)io!tZxyRb#_SV58TSL7^)LB(?TT_Gulxf&?eHe#oq(8Jkn1WOCW5r?f`t zOi|L%=Tc6bvfj@6$0mB(}~SMW}(Bj?`9yOCm63$E)mG8lQ#0? zAj0DGfU`9bNx`R4QBMHCv}osM4X%sn18OXJDrla;T*x8Q@rQv?7cCeEiOXf)yb$dP zSy?8^BT@%_7R;X0f7>XNYoo7eQx}zMPJEaJNIsFH(J04HDlgG|ZKEx5LNKk90@>VA znEzUfi+Q4;$+bNE7oQ*2VFG^q_A*_qZl`t@2DrCpC1P(>1urIY3B1!v);aj`AON%* z2@-AK8+;S`SHi3jxBA9ZaMA$MK^~urmkJWeLOapt+Rm}Z4?S~H|LswRE=R?0;rc$0 zSH;C8>>(H`*%-KCH6U1^b>cc#=oVdabAi$xafx`QGv*60#kpQpO5pfl*Fq5S%sv_{ zV=SB#j_tJ??5qsp4s-SKNA;JIusY}mj@z}~`>nFhLV-lAt{hw1}yHcGZ; zZ+cvs)(`b?<>Jjla3#!KpLuD~uWkVk@fW6-Uv~}vbam-z?di!a1%ob`F6S0oXCuEh z-+FZ64oY3|C*8(3s~ySqPGnVom*K6pWk;g<7o8O4WEwF}M@a1Zlvq@|GTXEoQd4G! zI$4%EHI)XX>UW=lRGvVcX@mJPwe|V)I3AdIdwJ$^-PMqgoojHtCCvfnQ<`t{c;Om7 zAnY*UJQb``TGvReTV6&-w=A){{X4s-g8daHP3fC-t6Mr#xjxI2Pa5JhR7s9!TBVh| zR$?D(?-^~HpPF1{8&1#dbj3r*$wzB$JjBV%lnmM!s2i!O--Xtr$c*&NF|CKHqa`88 zQ3A^1ey6Z6?6tJnhLR}A%NO`_fyR6)!UkSNs80kuJR*`JCC zCk9eW)$&ssIrPedlrPh(vhgIoTj?j<-wNyO%e2-yxPy_eA`Ht{He+vBWh*}%XUq@Q z_EjJYi*cmd1)4#_{Z9Q2FYqfSmg$HAB}#MNoUCDpZ-P_lM3LXKY?#u6?#S^uPa~x3 zUCMF=`*Mp5@1Fsq9~}Qpr=8qXPU4oX0fZG{L5oz?#xm}9wtbM*nn{^_u zEl)xdsWq&g@o?OrAlRkgoU%$51#h3W?tA;inuhKQ5@SB1%f(pqX_cdUaD8V&<(FI6 zUs3kdL2T)n^X{niHco4a0Kp)6C>o{rNvz1f{%o`l(KuCI@AU`!WXmIFe5&VL*MJIm zv*Pt!(6%y8L!l788g~R!){AAm7_fk;o68R$JmpFfI4BGwQ*pE>p))h1-+GbR^_xXJ zjD%HEn0kvET?>qXy~yPy1)j=^V{v^5y35x1Ij;GA zPV!v%bQHgn0Th01z&2ZlA0iXt$B--VZ(<=a*qTZR5t-BN{JPkIZda*&9$!NCRHll~ z1O->OJ?~Zww0@I#0^o9i|LS+I9Ez7<;pDehYwQ#b_wEQM4n0cqcxE&KRgzcPMgkIH7yBaqxOMsE1FH+t2~`}{%}u%eQ@ISJa6oHys5f8%%y-l zm2RX?Xl+4u`5(zSlEJYbUK}~Yd>fuZKHTras$d3DyjopB+yWms$X8D2kslOlQ#7|t zX%@HH4;1*9a9&>4eUDzn#rWh8ny|F%mlW9j?L$%PUUefL#1v;YR}=X?ESK(*`Gnx+ zREvkOel!3B)pJFThhf^RUhY?VO$F#1=(vM|}>RrqAAGHk`(^TGW zA^?gG;IU}@Tl253M4m4*U=~Uth>Y`>6&RMk<~X=XC%HY(Ioqko2QVpB_F7A9LN{Z4 zAy}*Cyoh%=JZ3I`J|GqAH0bNJ1QDqY!I(QQobRnu@@)n3nZ{zpCH0j_sXv~yu~cLq z#_17^bq|5FUJ{tXxabE?K=Nix!d{pA*zK9bw1>@X!W=2Wp7+%qr z4DTFgXxK6!*;9Vx2bY~sDJsebH>FKR6QIIiEEvfrT9mi|+nX7p(E@NU(s3K8EPje40r=h+T;H)5uOgiUn!~YmER{e{OU};w(JT z<5l#a>9D#LE`%Am%`qSQWXvvSE-wM+zL!x=2KL599ZyNQXz>{6ov8$*#A9I>$_wVN3@gS&_jE!Cdaf#7a|dec*15b2KD{4%~R_XlU^=aNjmD``Z-OKGy zOxU8H&yOO5Qof81L=5WLEf$wg*~=%*bs4ZFYSc1hsY%ny0Q$C8gqAFp;moJ3sCT3# zFp9|1F$5(rqm$KDhb{gzR$+|MVQ4Rq&lqf^xnTa>L~2r;@i5`r^$G8Hj|V}Y#zx)? zb+YZ))iXnOX77=WVP}(SKDD&`!b>>jm(usL?`nuo3|8f(>&lo=00~{LP>0Id{2lwd zz7IgRDDC>j`W~{oSOcx6BfMc`lphEw9{uqzA>}M3D4ZK3Sck|qf=h#gXMt86a)7jP ziuSPp;zA67D*(BJ^{{@%6Hpjx+Kx|GA-|{;asr^GdpGU}qz&p#=@MxMDM2ZHU^P|kZXKj6JC;~O!3lFIJ!4URW(K7~#6JuFqRts4 zy@5P7a!UPhjnSvDQ-_MZeyFR%IE3{ExVPmgv~(MI3F?!%>d5HSXo}9)ESt8L2_g#L zEIbGUWF>_|#?N0fj33>(QJW6Pn~n+sJhsvfwXSF+J_g`U75=v(W04Z-H+?!#>+l}c zr%puVPxgUXqm?ye5LyrVC*lzK!iOO1!7VQ5VEOM5K@8> zw10<=^=^^cPjwa_#GbYTgFk9seZKFo7wc*FQiZ~HSrckZ3K{Ty2+|5{lLX6r#Ej1d z?j%{Ib*v>Pz_8t%a*9|Wzy!&TvWy=fC4gC;cKwZqaz zw=?aN)?~w8j$xWZS5nTk?nV-KxW^lDezT_J+$ z*Rt)pWLVEaaO`jGB(BYTnej*a5#>m*gxP~{D9!GxV0sn`a+jmoQ9v*1>-#S49a%)Zi2Fey*$rqY4h>x%0IyF}o@MT%fGmis1K`SF%{Q@3NlR^Z!9m1mYHu}tB*__=`j zfZgo+@YJ-xfx#b9XE=SGZJGztGqJwaB?eKBIB)dArn1$27c}axoGf=bRhwZ?g0r9A z#4HRg{Ve4`b4rpE?KgkO0bBId1gH$6IuYy}ZX1>fFC{@Ymy|(6IsS8t1tO(fCx$EsD&j zX=T;nI&dQZ(CxaxzoNE46C&WooHW4NX4Q@?>pK54H#|j}=UID+ysz*-vU6hV*q}u> zEb-=>@xj!Xlx%puB{mpVhthfIgpF`?um|j2dMtbHefywm7p+PGe{PB0={|%N>Vz~Z zmhOh|giiv|a?hi`ehLi8)g@?z?_AT_tEVc3RUG9Vi|CW(wYA6Vz`M5+O;(czLg7i` z`+GreL<~&8M`j&2(s!A?>J-icn|PhZFKS%BV~bwDw&t!%z+1r9*vzy*PTHb@dRkxB zJws+~$p_gzz|I%F={0xosA(IsBbu*`9k4~W+csyn8^UQcpvH3*=RgBt!fS@uWKmOM z-_@IMEF2g^okSblLVAh1m!ZMvJs*uQiMfc9N4S!sUPu&c6WhQ0i2@}vI%E~YNE~Na zTg^@9aki)8%Q&p;B|nnIv`)Oo3~Yl#p2jg?5AfF3ZLFhmzhLnAZO~dlvPjMW11` z{dQ5Ybs8^YTlR|G1T zrG9_=cv-q<%wtzCp}Y(anpz^K7A_IWOHaAZ8WkA%K{fEajn^d*o>47jQN2c}S zF~3e{k;;_>C(uAyJYt5W5T4+$4Rz89%%m>Hna=JkgD9Q6IW=3Ph$wU}hpWR8 z2fYQ(5_69Qsbh+BLoHQ4sZ@18L8pFKqOH%eOmAx?K7^Sf275DYh%KkC;DVUB-D8-0 zHmvq`=Nfb5$218?_i;OnX@cCxofMy)cjUEl0mgTw2D7q@iccr80m*iVUAOHcQ>?e; zx_wmel(!LT5KYjiML%2O=(FW4t3QshJ)j)5;YIE7PGoj_bG!AcmW2T8)wR?STdeq{ zmDpq%{^eYHAL}&3A%Z>J9MnaNa6HRYAG9e6=D6Bmle@`Nl>uEe{FAtn#&(=*tG}Kf z9ccWQiJzy(HWc+wJgE#XlIk)C+6?D97y}LPCLmDkKLuw1oEz);9$0UEYb~s+WJ}(9 zOlMeF$C6jJzmCTXW%2MfhMt=ltOxWa)0(8^xo5!kjGS5UOrZ2OlXgpu%pzSUdE~%8 zGvkk?Ev;cK9zhwFC$PP~NWCQJ3mrq`8x)Q7I#y;Uk1$w~q-w`Sch;I3C+FSSQfIcG z_VS#{cxNloALe7fZtu8n?br!6W1jUWUZxFTuvsLx$~*0kaEXez3TUchEAe}0SoqsN zVTi55Hex zfky|9hlM+{;n`iv*5gVdBz5>uJp{n#=sp5qDri zaza1~fq>p6qkFqmm$@hB0w84XTrp}#{M!l*Go*x>t z{2-e*qIt`6Tam>i{pC5zFB7FCXM{`)bH4@JXx^+nxvD+qh@;N94q>5Jmc(43dCNJv zZ(qD$($i9Y4v*yD>3KQM0j|(Du!Yzn5$g zZ1xV$>Wn(RRJIf!qF7^{Be3fa+SMpxdab4^xGB76O_X;}HT}Bu zPc!6>jX9KMO&92k)SZ@ca%w2Vddz2E>@4m-r#-HRz+i(sB}kaazgb7m8Ti{;pq1eE zj7OY#4Mbn-!RV16%Dc@zn>MQ)?UFTT{yGP*qmEdmNs^(v$3=~E@Q*Dj<1-KWBUzKe zY469AR2k1Ab|V22dTul}(~!9zKW0Z8a-_Hag~pF3T>-4UdghUF8YCPLwyL7N@HByH zRy8RiPOQNwB<}jn8`XYf=@M|`fdPRvc6GwT@z?^?sG2JFq zWDg)TkdeNg4e$@Yk4W}2ZorV&@5gd`SZ;p&jaMhGZtuNMC5((|=G(;8azX%YU0l<#1@Nzx zIH{nY?6#%scP5D*WGV=LDW|1|>S_Y)*VlD9jzxRYcp8=wVLlaot?hr7Rk#XTY%6!D zw0cu60P1~}2vx5xlD|g&N&AIFj}6C%5&gCx1wyfcJYFVxOsQxUm)phB~^Qmr_Y#=HfIEVD%ALM$l1E-29ur703_ zxy~li7h*FH!4>LXUn~Y#|Gc;FcQtH?I#2L4Yd^qd7}Qo={^RRQ=49$Wt6kN38c>{+ zZpHqdAOhzz7@NIXKBREZ8+9Xq0rlG-{}j{$czsgDDoKaC=sy7nYh4!Fm%LX7y~lb` zGb?##Xx~omcZ49Ey*V0{=(D!t8YVaH`QlGJ<|m=WoOAOw%#;~2KN_>T0{^PW;#0ZP zx?O{~F8e@AToQNgnN=?c=;k*4Qyse{;6Cs05+CSG3NJy19@~(0y4Lyhu+>we%Xy1b z!co&3`HR!_r_y3-ykwi9saBV~fw6A&41SR-+^R|(C$JaImhP**NkXflQVw}mnX~W*t?+MBMQ6s-(4iAR+NcH)xkhAt zUHEr~G;reaR0xTyTuflj5*UMk;Gnw}SV-4RkoaHH_g9kM!dvqT{y=a!ptSDI7nWu$ zmg+ViT9|aRYCr`i9(0!x1Ty;W|^f2NlH*)*!PRheaNY zYj>OoJ`8n~uA!ZE0%m`XMM#%)+)$p5vvvyg`uUp8KC41u%hu-J6?yR#F#hu*7fG9h zq}>#$w?>@Yx}iWjl0D(%w8RI}4J#+}`a;JJt$3LoHne77L2sx2nQr#}-2O*4M+tRg zzr5%wE#0*=H&nuJAx-LpkLsyGG65ORpot#ZcR2g(6KdrwFXtGOYH0oKzijwDlnH{q z=>Ss|x~e1iH)pbgbRHq$pRx#WO)@-%>mifqhF<)q?H zI!fy%5xy47JP^Zxtv6(iV@ide%U$1zk^V2NZOB*to~x3p*l4jq|CgSM6b(2v@lunJ z@JIuYS6mYRuk0IBZ?(tthJs*|709GvKYOn7S|=RCIXv^=D>vyl#Jrj5FQ;FJCc4%O z*l8F_4|LKGgg^(E;Q z-g%*CX|I5f?hyWOKKjM_ti69!=YLx-))!dsp0rQ{8dd=G_J{}mnBa|yjcGABbKAHo z!rp`$fW^F|{@-L>fc*PIWcjb@vV=RGe!7`^FNAHM>GRhKM+gaGvMnDTeqL|^>S@-d ze_)osC9x`?=!F@`q6K`4S~rlg$($>s1YDOFM@c}2%GL@91xuhFj z^ZCVH6hOf`0(89Narjal1|X~jz4iS+*BIwsitO(yd@bI=tykA`{`=2A7F{`zV0a^@ zXZWZdu!4Z&j==Q@{O$z7)<%yF1sR9MFl=sIOKJc(Z~E-2*-Gs3(|?1W8#mp>%iC>J z4glf+;0Nbcopk!2M0k>WxaWhFJ+>W0fX-#u>j~Wi4okXZYs|Y=AJ=eHG}oDk4P_7V zGKt?m8_mCuEUX1x>+_g`1zqX+S$sZ)J&D6ER5?*i*2;2E7yP?uocHYknH6hO);+OO z=cvN|AM3LL!SY6h+*yELh-U8k|Ltv~z9`xpz$gp)@@6kO6+Oh?+otmB`Tzc*yk458 zREGh&koVle4y`&{{(1%pKK5YeV>~8{O~EbHVzh4l{zj_YB(@%$>yH#JRbai`LCojm*=rPcC?VI^!`&P zrmHWxa$Eou_5VlNn+HO@{r}^yAqhp6P_}ZjWv^_Fts<2@70DJAk!6Un4by5XDk}S+ zC|S$COO|ABLAH@S+k_a#EWh)bmfP)pKkwiBd;h7pbI$WTm&bEGXF%m&>og>L5cr|t z{LWlQ*gky@E-Cc&jgRPfBbULgo>s*FKMMVC8~Oa$=xZl~>+_mz^b2%uH@d2=t-z?B z?ViGkC^+)l@ZZj75VD-I25xaPP6cJN(bK^{Uz+(>EXv%_$z{5=tp%9>em}s;ub{p0 zVFs01b7^uv{Ek6w%&z~q{r9(xD9EuUTvF-|^su7MjhEAJ#Qix`u~Rhi_jf&j-hm_t zX9>yPy9QoGOh7=`b6vTPGlL!Au;(draA-B0^55)IfexHn)}W3Gy6NsYZ~ZAM!0B55 z>$J_^xIll`<$Hi+tb_%v$)$soSyo;`R*evVcgg?8+RZI6Mp`p>xZP~$buZeJ<#Tvx zvEqL}EqEmYg3Jz8JULbe?o%l+{nx!-8-AUgmf=W-J0wm_r{yc;|97kO0-2SuBR+x! z0dCbg-7Dq55L+5pyurxzZI=J$Q-Z>-Ig$wQFtm*i{$I!X{`E!#2Z*uk>b6F(f$bFF zOOmIOg0e(t7=G8#>OfE{5d3fEK}l)W6JYGNR9gnUp{mQa|4-ZcytEP=?2~o$_EtWR z1G9+VUVoXMF^0$CN~Tx6HG(Plo?waFfa`~~|KqOb-^gcIbK_M3c(el!->NSEza3os zLr(#_RPV@Phi?dQe5z@0HqVjwk(XGrz)fBVT0#6bep6l~`|iIwd?xLGha%8MAGufp zzNfa*_~@$}uq%cGArIeYnmu)1tlRO^w3^cqU7777UhoLr1oMC0{-y8@VKv`}|GUL> zNMRrPE|5MxWfdJmjsZ+62uK3=0^>N&?Pn9NA=2S3oHLxjB)cIA^J{;@UO%{HlnAF260RQi3&i^1u~ zrRaZ!gbp>Vc;VqlAFY<_PJOa^6;J%m0Kg4A!QVy$p-Jb>j+%fgBSe$Mo`@a+q7|@) zY4|d^64(`bLw|+gZ>>s+i;BJ_7e(of0R??A0G{*#S*Y*FYd`<$PQkSRF`lC)!S6!0 z_8kcI@oQxV6#z6}-5apC4*0%ec^di3Xfhio%AhLQlDMWGwAlD_^NlgP;XOXgJWoi_ zgj=R!BOjmFfEVQqAG{mh0Mvj!5Dnf+`~F_rzrt~iG@|fE-NrtIEJs>qM>EXu$}`N- zJ)@f=O5mFj9G5CVe0Xb=6!hgP{%|vXog#91z-yOi-5AYQ-3@>jy^$&@ z;2AXf9YoZ7W@sxna|f^cGK|k=a8U)84*Y!Fe-{S62q-&zb+CDQ+OUtM4LJAOO1~GR ziHNfm_IvIIQYy6hLFX(nBr0-P#$d+qbvUZC>XR7_Mr*%dFy&Sa1!W~w7lz1Ee*$bjv&D}SD_ib#yHQ*>ahx_ z=;8>jMB#6SsurdXb_@X_eLVoT_n^I%2=JaBJ*jrayw`&>8lP7MI-sKUKMH4tKFpe$ z62|~W$>rqKZ)enS9$|z^!3(CV&3r*356CTAS{P!2Eya113Up*s$*m4yEx*y_?eO;e zL!qGYO0N)kdyT@|&ntUvP8I`R1*Qsqj7|)z{NHat0xa*pyybCDZhNl=H#8i%Fx92O zq(-*cv!)lk8jY^8sT?Y0KCCmV|4}WTZ*JK%x30h@31|$2{d`9f%$0CH&8XW*zm*Dk zn0MLD0lBsbUU!6JKj0$3omZHaw(oc0zei$Yul4lYf4&n4D-GPNv)l(y(!o*6FzC)< z*B;}s@Pukfqr&}`hOkBzvLf)VTDgP-;nk{`^~WOA)xjkk^)iOA%n`g!oI%;?)MK92 z#!d5nRIDMcYxO=09snvNS1AlPov@Jm(PK)bfp@n6EAw`k@_s-jSLjLDh+ zLd^nCh50lri~^igIeKpYoeNJ;TPR0-ft|-n#J?XUnuUg%nXwgPRz4A@;8GLx?3I97 zGi?P&U24=8fLGs0I&+B^nrDrF_Lv1(a+(!HKpl#|Df5TZupoJczIIquuQmLniP6b8 z@;62r=G>q2e()rxMrheQ6TgSh6hFgo9AIY@Z|{4;>t%O_gKiMEqVBOCaZ~E9k(g7f zvn9dAW(gY%EKcpK?+k}%lwfMeovX?K$Y8}AeD-u~G71;?c^ULDt=39Czl|?gTd0-) zuy#Z6LSA%8RI>VVht>2@L(N|RJ2N#w!)C0PjWnh5F7Ft%ON4rUR0#mnmjxX8%Moj_ zxY(0TaKuIF#4QIk3EbqUgnb%_w*_QxjS)|Q71qCYbunQ;TmwO}roOKQPA}?dkr(KE z;-}8Y2bY=ZiN$?jgU~F7eQMSij3c-x`~6LUIkyw6#^fOaZFumz;8;XQI-kp(NE%!I zKvHoYW5Q^z&jt`F@%N{h7kjRSs@{68R}~4~UE0{+HShQ|tD&C*nFb7DzHS7tty5_3 zeg>W+NFKP{>!ioRngEyyd0RO{PFEz~sX8hE=&Sv_2&~23PK@^1ofhO!3)IUANBia| zuxwVo{iM*uM|ei+XMMDyVk)^_3*DT%7^=#oU(u}3R9k5zup>uqrbp~c^pX0^XQVeX zl4bLcZgop)dw_}Nz)h)_^uSzA3y281nm{BZFotxRCXO~tCz$eq{0vJ$aqA!tECtBw z)N5LYv(on?y7Dz=es~=67M5JwVI~r- z;}M?$6%6g3%|>gt9Cn%!+Rx_>zpM398t!(l&fzhOVT~s~7(aP&u3mhp_^Qa^+b5?U zD1t5%gw^mG?DQXIbSjHCXiCu%Wlx_LFzlv7tf>fwf6S4%4~pfC_w_0-Kj6^$O?i6r zHPUEpyB3P+d#*LU&=uF?;P5iX*zz++l_qUaS7)}RP{H!jWPw!o zjGuB5R_Qua9(ShQiYHqQyZa`m1xT9CeO#;#_Y z5-~Uo0svevajJes0m2@(*C=Z=pFO$Nby-Q;$?>Ong(kZm2XKf0pMld79r*x=pR#wZ zXm;V-Rb!-b({~%|!dD^D5zUj769QxDckmpnTM|KbavpPmZv)^-%8kYoHbAaJeaDt8 zDG%YxWwYTR_ExanM1MRGGT5|bmHQCL8j%gnCm^WEsnbhC()ras@elPsBgRg^2Q&0r zid4D}OaYm^5G`NHew~sUv~MnGI0dLaH;?U4^x_n)9NdB|^_vK&c*L2QTk@ zKlJruW}&L5L^Oju)jz^p89IGz3sf@7sn5J>D$gt;WvD~<`=Cx2N<_BUt`Z?ojTX_= zJYXg?zT6#Sf{U_M5gm!KA{xHl>0~az#PZ?M1Y9OR4!31&4_@pyT}lcvhs&XmAh>5s z-&FjK|2v-R)KFE=cFD#u1=v?Uk-}05B~MciL8gBZE{g|72e*kB)=hejP!}o9)7y{);Co z_WBQQfIK#-gVO#G+@uIhH>8wM=P&HKMX!u^1d|Hx!2Q^Y*OH*tg*+0>D#|`ruBA&U zW9CtBNu3AgnmOqD1qXx#{};>t<0$MKZg%bWn@3kKQT{UAuu3m_X|38)dtl7}LR+Dc z7dnEeazqJN>b{R`=m*^5+Ngx>Duu(oxf0hFwd+VbumYflGY6IyqE)E<;i0`H zGH?p#QL;KsCR1TpSq24KP^Z`h=hNU9+D;?i)|1rb7VWzFz=dr1T0X!%`QA^AH>%~= z(DiUpsCCPhlgZ#=*2R@BFcUX6p2BYUWI4?41agbtDtPb##M3agLnh$;QAj15v9c#< zQ@@7hfx|ij6@(f7LyjRg>lkEKL2O&$`O@l%uDAUDo(6c`+QJk(-7DFRI5BhFY`@GG zRYXdNd?CuClg&(vRRHxG^oF9i?yKZ){Uuh3Ti@ch7?Kwi^xnM|0sd<(uZBE+L`Y0T z^ML;haGct*-=2b=Q^)}xJL-T8gZF!mr^8qgW)KAEI;d$fA7NwLTMaf?>e`nhLPhK;;FwDwL`~r(fvX5U*TLRH+3TM{8D`Ak(d;e2V(T&%Wm{oP@U@M`wkf}p9*fbCGlK_ONT6^kgBiw6<1DPJyt)t$Qn zV?Eki{TD7a27`ZQK$uB*Q;2({`?=ALb~`<~ZPezfliRx(IlOll&D;$+2>h<+*;NB- z_hY>QeMW7^DPsiGyJgx0TXCHM@pR1%gzhX337|W}1|CGUii`gEF`@rpVOGH}Ah~tD zn*KHkmL>Jzjzf<5^51vS^j%$T7U1yN4f|~Z-K%W61$z}ZfgPhXao_etxkPaR_7-X%4cKc zY22F*&GjKn9stQc?O;}@*3Be@VZg9Z`c9o=rfj-N{39T{sXG7p*VBut9BE%vCeN3x z-e*b%KmB#+WD|)Vf2EA^k=;3UV;3OO4f^;t0#{n6J)#;&9em8q;k#4RsH;OnYghJW z2zmI|KGxOXvbsC+qgDP<3GfhFL;^mpWi)W$=rn|*&HsIy2DFCR z);mcZ;@Cq@Q8>YXVfeWh*#7iaH$y8dKcxm8LgI3+Bfc$whG|s(R-nobet{9hAWNE^mPHIew}<WU1^|oq7tuMTa*nudb|-yNFtt)uhMFD#*tg ze$NL(w{jBay@i&L_%$kLMG~TRYbTBY$`|;M3T;j8jN?r@VVfcXFkvbpaH!s2!U*oS zKuM_tIy|OaJoRWt(6<^74wVru(Hx z_O+zMr5aaCz*0{?pBK%DG&6UdqoWD!Dc?#$stptF@Q))ilZNte=s~wqw+@mLQ2tt> z3xi$Db0de4D1}`+*uf1UK-Q_=<;~DyLPrxTozT}l~XsV0go2wLN2xHh96?;*9bHpw_6f6Ls8gwfU z&!5>2ZR*PeyIxpLVxYqn_$_vRU^XS+SHQqY=%lzU!8o`Iv-e(ePnGKVUhqP5Q0#im z+^(8vFKS5}p^f^jr=M9QIf^i56T609th05;8B8NHUC!wN<;AY0J}L7V`dY)-%0xe# z5_~qULNm}0eESv2^j(Z#$2q?h(x)o=TMrB~NB6Gz2Ltv+A2X~TDmZ)#vngdR#Jg&u zL+h^)veD2EM_k-t>d>ZOs@j*lB93=nZDq-Vi^yXFPQeDbTb?k9ZAt~K71Sghgsb#; zOWAM{zgQ{yd7T5N_#J!pVUZkjCxJ8BOE&tU09VEjuU=a?3zc5CDoK@77SD|Yj3qv; z8Pbd!7@N^JaK6{E{Z;rbMko8xHOJlfW{T<<;m+4dTr|~keWwN=_<=UOeeo6@8qloT z~g=X`vole}kctc@#1Mq6-5gbHoN5nor%)6jFEB9z%iCbvA3~lA7r$^xMy05U=P3L#nb#;NcwKF~^eMKm zoPFwLK;2F!xi0?`7|ot35{(;Qf<*=vmf#voYc7_ID~;cn_8?AqbjeIOq1>5|*>aXV7{_I2hi9-eQ21_-@{ z)Q+$p>NtzP+)?wWcsF2Vy#=#tVSgOWBQLkz;^wCLJ>Nq`yXSu}uvXK;m_$>Z4>-7K z3pDX&U5Hy*{Mk?|x=ej#Q9=FEuFEte1d(a8gSMeEXOcx$FtH_m^F$^sVjW5My>oGi z9>WVvI`d=Z?Hn%GZww8*JeXf6Uw-=r&2G!|{PTv5uX`6??_G&i?6v6{oi9I?^S1kV z9siRf9QIZ6#k)%#3L0;{%4fT_K)EpZ>@7)G=i-rz=j+utaU6kh$!|*^Jc#3z=ukri zac18u^O`Clv^S!N_cFboP37&Y4r<6e~ib) zNupG4kX5XYmoL?&?HzB7tK;*`>;~psE=SXO>DWbK5~EkKvo~$Xkx>}$Cmr@Rs&`8 zC?cPl%eG0^oWkSSFP-*gujEVZB+ z`G{;OFQr9%vxYA*FYh0q4lPsWqL9KhPKz#8Ps(!Hl?@*TKPbBNE=WZF6t=jSxNxF8 zcdRVN;LPS(j9}A!Ri9(&}%`$8vcP-_|3Ckyva&u$eR01GcLb|Wwp|Px^Fup zCR=R#Zl7Dl4Y8=;r|KDe74p@FK~<0L2Xg;E=I>uM!MXA|Y>RJ4RxV!$Ey;j0Y4ra*9i6p%?SsOj)-{>O}{0=26&5N|N z-8Qy6&O^_3aYK6y!NEy`b^=@&lm$w4B4}O=KFOX-o<6hL-uDA$uT(`n+M|88f8AF~ zU-RC9@%nNiN{}=%YSF)5Y8^;j9&CHBoM#j1%}}yTW;+gaGzJ%NtT}J_{x?kHXN+J- zb%*M4UlE6P^jkLe+vA@_?cE9f2fVtAJFNDY6`xxxd&IRqq8fL_*2<%1H`w^h;wt*B zgMUD3US!QVspdT5iNz&3F|+xIYTL$pxB$g3v3!*=8aMerI=;i8GBHUkL|sf0ilPv6w=3P9id59rokVFat2?1MU5FPQ?<7Xuid^ZQQD(=j(`y zg~@cyc=%m2?!!XZrmBXtO!U|;VNH0P9zFh&(YVzgQe2yOPyCxi-Nc z`;x+pmD-Q@0*CY}iz4)XPAe`MlpfcqW=TZt{k+a^*-?`MYbD@y3^?YO@*DPjY!}{! zr5%!R)N76*jNZ?a?Du|YN32lN@?l>eRkh^qWINtN^_3cGLQO?PImi+m5?2FBYY8uA zn0VVtl7kPz@&#%u1vKV95O8JGXeV*I9*QuUKzRQmqO9rkyQGfzY=7K##s5RbJ&GDO zi!)U*J*J{gJM zmNX+DyEC9!z8pA{zdjf*f()Uc1YPHw{>8b5S^@Mx{>m5juYzNhYydq`Y6v144b+94#O z*G9M4K`%jx*CjHV1>e;92P*j;x^OJc^IgZfYGgIbfY=k4`+>hi-d(I^6aK@n7uQ!m zQL<<&{^-wZ0B*^orWjl>-K76ho5in9LV|h%tOjD% zV{77C?Ah;EuK5$u=6>v>XINvee@S>8?^%7XB|Pm-sfXFpr^ev*K*X~%OGyud+0`Gd zuSNM<%Mv+*bFMctLibEG9hv%-foOvid31{&)*h#y5|q#}z#jvRAY7YF!f8 zY@G=Fm|)!6!|_i+-4$M!0eRg=5hj0mO?o5_G@)k|%BvCM%I+IQ6wf`RZP7Lq7N@?S z8&@g8*PkjJv=^2;3>^8SzYo)Ai~7$`Bow$PC%d!H2!4uZcAL;=Eq`oLo={t0G0=Q} zEtx?zN|`4%eyL3xhe01osDPfiSEYCeo)m+;SHd z&dxunhm6F2_ylE*q1 z%I*24Jb|`2@N+M*FVf$_y>|KaOD$8ZC#)Y5P}ZmVM3SNyQ?5+3e^!No>DZGxl99GGufN zwhYsv`K{*_SWeCx3ixny|Ai`YGoQS=CaKLhe6lMfqT=Nkj`6mx);8g9^4R#AH(50I z1T>1*;1!Xl)~_%X(!ON5B*4^)lGJ|8IXPx8Cr1;6jyuc?Mn=<>^#MBDmDR!y^4Nn$ zUf&BAg;Guex}OjjF8Ebs&P7V$I;=Y?RM|32-l8^{NV`g!+%N6zPVo6M@xJX5VX_Ik z?9>KM(Uc0}>t}a<>A{_>Hw@6DH1I?0i7!vFdct+ zb~ts@mhLR28q-?A5Wv9{pf6Dq8+qbAtKtth>Yqf|A>pm{(|P=dH1guLB&EHGtbf3dTp;s=iE z)scQbffRM1ACTmOpgroQ*p1^-ZpQ5hol&_hyc86g?l_y29 z-Z7y+Do?ot->U`1M*n@n=vD1z&(CMxYf5QfKL8k)(lTlv(U$dSO%aTvR z!1JIrPYU905$~BPJYruL;6RRA?4d{wub%8PQcb(Ga|%J zd4<0yCwO>xnkgvv66+An%uw6lgzH0QJs~Uk-jp=koS{?mRZz;qM9%AXImJs$r z;+=s+pwHi3LYHb7N9!fzu6ulHQtHKRKWC)YLNX{rk`V}Qz_L%Xu*bf9alfJrHGU*Rh ze%4m75T(c=a{^}as5N4TLxi^-Qukv`C`QJe5t?+WcKGL-Jm!_Az8hzN5!)s4;1Eik ze;AumpIl$CAQ6C{2=jDzJYLc+5?JM~k2yeo5n>nw#Sj(W%)#5R?ek{P=6lZK`JyXzF`0Xxqc5Kba^eyON&OHm9;swL;0Orsa@Tq0JY5fgaFU zg@<#p9}KTCBH<-Nz>>;;F6o1s*Pv~FcJ`-18SG;12+Tt$@cwc>u!t2eOQb8K^G2U5 zttr}7!HZo7iyir6F(_sKPqjfnMT%(lrskifsM<7|^A2Auw1CgGWZVxg@Y(?p57rR< ze^^78C(as=x1K8&P*mJjV%X8oFp~~ssUaNR3B1U&(m@-Bw|Y%N z`@FbBRCnhpcwvIkMg2$Wtvjn}ABi;&N|<`Vss3}JtLgqoqjFTP@bvq5yh0P=tm&0v zSO@Kn%d zNg(*wg3RiDHiDFyiiC;Y)hkQm>wW^zripgM#fjaTofiVU?q;G}OAM!u)<1P5IoG#Df5V_SQFS0;z`kdgvMoy94;<-$im&Y@aQgw{x3&>?qcz zLoT`6Z~5KL_Xww0By((B^lEMHg!3iEyB$%8&9HiH7v@W^NR!Lo`G=<3eX&n2{<5!8 zjY?KENv6})I|GLc1VMR~@XlWx%$MFcqqRB`;Xa9DOgx0xp-mZie$DVKwVBdZ0f@8w zlQ^Z`Dx|?}+~TPAnGw}CRF_t-G3O2_uFQ+BzmQcp;8^)w@`tkWnt*#E%+KQffJKXl zi|Xj2GD>4wAoTDk_-Mrs&G?QiAEa~3{i@0WC<>Z^%X_uhO^}q6(D8`?)?xKN6Fb?U zuMK?opv0!Cnu@nkjI~^nhZs}n8qX2I>K+`k1Ph~5Hh;4sOH%Mg4;J7Ir+Fk?N5<|% ztJdEC@|3}3?~mBeWf4B0Ax)8YYO)Do$HJ3}*a`@N49-{FT?M&eE;eJ+me_0HFb5ih zI*RAeR%+;_H6-AOSf?>l%K0BjLH9+pQI91AJ>0{WI^Kk^&;)7(arfFR%kXZknG3WY z#AD>$85NX)lUV+wff{u#`-2Q_zQxw!?$fRHo2SL2c2cTKH*8HZ$sN>iFD zlB?#f=yF=}JO=PC2NX!#dc@5!ici+}eMoB*qfA)P9!P9SgULhKRWkob#pJk^)n=?% zKX0n5P1S90)S4pnux&sMs=awxA{IUG&l?fCrShtjls4nDmV_0Oc;9U4iQJ&S@~@CG zp_tb1A#1H=gFV^R*3*mFCkO_I^7jLSgXHXpKBEAbT6F;l8nD|Se+VX%lgO&I@1}ld z?lxUOUFLToLC}X*c=I>O+i(~Rdi3qZS}TCCA9l%|?kwyvC!*ySM4?cnHPlR z90T9OtXgYD|DVlY-SHtsuP2~^;p>BV;TM4rG_(9=qJ@~J0-8U;?AjDqa}syWpIGqi zVFh0HD*SOG?3aD0+iTzbu6I!F0iYCBz7~hk#6C3>>^Sg4kVl$v4e5(~lU>;tlZHX* zMPEkbx0uvLI>siV6xv1o7YUUig#OnzD*2tL*iGYPdqj?K+tu?XYiV z2+25t6n4q!FzBFE0o9gy1Rsw3GV|O1k%E4a?YkMp{%r#{lp^tB&^QU`zZSc868%(f ztUItf_`e|_6Vcx+5$lFRo#iWKvXj*u3|tG^*W~$KWwl|P2h5B;C<2Cj-~DDOP7ybW zJqZ;(?o?s`P)LjC9m*x(duU~P5<2kBQH&;hu;oB(7dx3v*v*TXeA9m8cPH;nM~(;r z!6rd^qn+VUAZ@T7Jq$xW{wm}RAhyX*rq;N*A9O=auUH}8euYgt*NyF~&Tkr$BFj6_ zB)H&%sP?lTz9SO2&`_d9nSNT6_*gq6Jq%N|#$E|>82~CK9B^!5pLLXlJOne|Vbd}%o-i_6uo>A0= zVv5Djr(G+pvjvIio!_NYUdFZ~UmvlkUOn689ts#bUDHr>r zEdW6UFH@kDgx_plyC!3J40iTGn=Sa5oU+^I{oYF+X#r;ec=Wv*0m*y-<`I!`k9OH> z9Tg;)BCe>IGs>!vH)VDNDHy?G)yy&cJB(=83^ovPZq95E3vNR3uQ1 zPd@{A#(ZtXvi06K?lx5bh&~(vzO8b^tvpJCO?Efrd*nC%+tpY^ZFNnrNO@H*rR|V2 zGVjPSvovp0ftAp<{(ChAVCrJPi7UuQY=TI?8_w+H$OUbXU0Ti!ZP_2*1u!F~ z3~(W+l%Xzcvy%eY(%QtpfTjG-V0ITdJD;jDiYed_GvLstf@S|7iYNXzi*z>IiR3*? zTitBI4*+`!McnttD*d^qoOn~u_;T>^H6*LSb%*wTLy%Iq@HN@-q=7P;iQM0-fi%YM z3rx-H!48Q1{cpCQ+Fra#oRpkkF2CeZTe?`+5#r!JgxtCZB>v97ssh-zAWiAk1{_r% zpllvi0BIbTIjPNjI5_}uvRBAVQy&p5U={zv&Lg?`6ax4i2dj!NBIN!pnMXY9Eg0Fy zT~>Py;C^g!1r8yo2XZ%cn}zCp?yany76m^e!pNR%>r%S+W^4qp-1jsCG7Xa-y@l=h%D_iwY(sau zk`m^FHs<602p5KZ>A{KCos#TxSp9!S%s2LHgO)lF4-J5l6sB!z+vbe;4=F&$f61`W8kp(r z(Vg>~<3$+lg8otF`K?a$do21rJ)qZhHoAV7gfN?&GKY!a@7jRC>i_ptMN<2^+x)eS ze_IEvL;usKI_9rU_(GE5zn6Tz=d<5yWWOh%za@AFYi8CfvgQ;QCg7;Owdp5Pz?G=) zfhJ_K2Urv+j=eSeQB;FW;=94DhnFCzaN*|%&JS?PY9(94B^}yk>_XhnN+4Vip@+Hu zlDYiG>{&R-6^{&~yE&~0`$E+t#Z4U`t0}mHOh*{J{+%Lz{7Navx2bS)11eWa|IW;( z5jU560A@HGq!4RJ)RM)~+FxbG>l95&Knd-%Ah)?Kp7MT9aC&0iThk`Kej$dY0ln6F zMK~OQH2QYQqF})M(*2U_uYd-j8a7)}VyWE$FrhSC^&TgmM*b$qP8D$Gr3UAt z$q+Wxf7EpnpPpHwd)GC^;a|!0tLPH6QUIrJFJ>uyor|VSGlFh?Dt;~GI-B|8;Vq?> zro+*dLYqOdc6$cpdC`k#Imu*!1ZMT9pz7)cUvrHB_WieI<6GkYvGf8Q#k4Irh;AId z3dnD{)Ymf=0tS8mllJPF60~qAQwk`4lzu+~hOIIuz}|4g9=FENFNogE#BXQ?J^t9v z-eE|s%2yU@YEbq=@`H4|*Zr)8&v3YnsgwxFdxeppi2+iaBH)2Nw)dH1moDl3qg(_{ z2FMsFZoF;^m-JMtc~V~WgSf9mtEK5xN^77DqfFbV|19@XM%0oh&B!7l&}x5k|0_GA zk=H>meg>(E&)YPiIHTn&xMdYLRRsl%=k_w!2f1`+P!oCX|;LQSu$cs-3B{rwQ`- z4w|rCrhQ7WD>HGjW_^~rBBFCZ*hNf>85+#R+d!{QB|t_!x5t+{&fO_?c&Sb}Rl9I* zK3+-sM@f1(&|SW9-A8Z*WPc0%1-kah2f9yLjIpeLFL+O#a=Ro8g*F_(N*yz=KTl{%_^WqZBV5R@|n@-~9SCv$WK0O_t z!RQCUTD5)kyDh(I{e>IAR|t(d)1*Je+ zh6NRwDHc{M%Y#~&_mku*P;Ltr#&lpNH!fKzf3?!QcszFWJB3Q&%Ry@vs>*Vf917JK zhbRncm!t39s5|066d}+3<@mGu2d49c+_b|Eo*OOFyxh@M0^FVubKc06C68;gkHP)` z(zJ%gXpx#3Y$8x%#wA-i({yF#s+(rvGW)~nL}}-ek!zZ@Z!b?iL58D@f!;}KG1pqw zmzB-=hnBdGWU{IMwcx%)0EO_THsu7rNmWv}&Y97A%OsNZR4jrYpE<*olX{hTt=H)X zPEq`$?s40{+h!5Zc$4e;$n#K$!*kvDian=`43BRqRJS7MJb!m%XWk_(IyIQkffC8# z)v2UM`_P8ta1L0!GQ&LzXzHui74bUjYb0}=p*uV8>)4Z01qQ(n2i!#Wb)dc#F@|5V z$ST#=)fA2lLowB^8d*K^jSl9>KGn4F!tlGfugqv1F$!hbVHb9!%(*1`1QbQ$#p3R( zqGE%!AddLry)?n@XL+=HB?*><%EU64J?LrsjNH-`j(p`8`TI(4I@YJ{w)@z4*{n_X z^|`guPZuZPCP8Pnig`I01&0(OQ_&f>D>BCM2$u&@QNJWZ{=y<=JS`I~;j9JEdQfD+qQ%5rzL#{P-Ks}KC&ZyYM@ ztLL^i<*HSkToVmHHJl$faCzSn-0g9iNs695#-lfeN7Slr%)`+UPbmL%&gdwtu@>$j zeiI0}n34MaQcZmsagQulyUfN?=Mn}Mtb}PyLVvT_NO%FXt~7Uns+N6^VSnrpKO4rn zli4CGYrTT6%urp5R}696hj0HR>9<{{c=;&JO}g$EH6sxZFTWwVGQ9%2dL({q&Q3vM z;d6fXf}#RSREB1R6)PJWsA_k`cY%f**724>%3K87PH48L@X^|2{t?zrJAb(;MvrpE za4{fM-*+nFg23XCSBoPZ99QVPb?uCGfRTa--Ikc}uyl3T8~7p&RPX2ypCs6QK=W3^ zdFg!LNvop%kL8Fy&$DW(MpqzdVuozxrJ_5N^+}u-rPU3$KqoG);$m}}Z+4M8M;IFk zl15`L;_zv^u@Y4dc@7SmJ0jm5@Bu!)@_PjFV#aPn^(~DTyHGD^<0i zWn7$(Pmd6N*-gcqw*vgFC|D=A;}Pm!m?P)h3!B%72-mgVp9&@4{nBa>Pn8i7QJZjr zqFFzg4}d%iL=!cl^?kEO~*3edx9wf|m6k9?+{2OYpYQBr-4@&<)4HR_;=i zwEhy*5op3GXJ=MF2_If+2d(7mqqAlD&kkM2hJ7n;Xx!bI>78Bq1E|;qJee9|?-oIj zMb<9!IUis=l%c{0DrIv6eCRI-rx^`S)OndgJ6YgS0yo-rHr0t^9XAr!WRElSy1eNN z4PC-`R0fjOzZp&>ftK#Zrmzah$huju`fgm}>Ytz*JKMk>!>#jQ2H zWhE#}JDXyw86-@S0Id9$69NJrS8J~aawjt*zkC>VvMBuS@6l?=vam!)_)JDfv z3ibiLdSRzTI|~U17MD>2R zh~$bPGlkF2gHThy#?>x931x^KZtF((cVJ+yg1S|fdqNfn5jc~L0tgDkP=qN7Lgru8cH(m%G3GJp*mBHR6%)`y8 zblrU|RIU$3TYKe24#Ri^x@$&DE4^jSTFk?XBZtzuY*8;R_R13%5`K6!)f|U0SDq74 zp>BU{e@lrXf>}YE;A?2hV|RB#r{2_bpoJAw5%$hn56{eVK>>4Bv12^|0}`JT<(wKX zC|Jy>?isc?fn5P(E#n=5>qrr5qkM#5wAON0%|ae!IG8#}+e5Q@B40yt5sB;X|7!?G zP7a%G30_3gLW~zXbVx6|l~w;qj-kCM$dhWXtIUlV>Q$_Xg1-lq$zpaCNZp0_MdvSf zJL@C48l2bgb?;!(bWl1j!NJiM-x5lgQgTX;j({Z0ovju{3O5@_<-66=)TInZQbMCH zQrZE8>wJW2;%7aP8scD7^;$F@v%toAPk*wC1H7S3sE`l(mP80DBvo8-?;j=vecL+} zP1Xz(e7g>AU=;_6drEdquD9palv?TwBz{*J*z^+vZ>xUc$hYN57%zUGCyw)^zS0H>6)OIwD(r{6(si(-vo@THMn<3kqnho|IuUsv zl9;Z{8XL9h9h|Au$i4}N3-qm^oKNt!pi*2D_(+)V2qS+}f!a2Qy{gARKX+k&TS4Cc7zQvZ75Io1HMQwJcjXbrbn&_M_B+q5lyl}Op4&Z2PIX)7T$QtU%o)QNo zWHF>Vl;9h+7$70)>6YdiHsZ_tfMh4ID)zFx0)+4k?qrs~Y!OMA6KF)g)6Sm|Qd3N4II-f7Q zwKy*ip|wcjHPyMwsx`)(ai zx=#biAD!@n9n`nBlvTdq)ezgFA#e;Su7yZ0`ep79eKyjA1%arN*W@!m%PZ$ z$+?jUVqT1V_+KMNn?QrA-&P?gJd zuhQqiNd<1bSGM$CKDgHz7ccX5R_#Nb-a&DI!OC&&#C# z%-(9GN%{Jd(3rcDH||7mjVbTp@)9qzX7rKyyql`YA+ee?z<2NE%c@g8=h&cPiTK3x zT=%YVxt=fp-<H3LVfk-=J`P}SiJlQ3OsI7B8m;9AL z&N+?T7FHHLkc&V**9Z%~5u5+!&b82^Qen|Z)S`NcwO1&+8FgJp=Xf($?k)ak7sZ29 z_0^%R57K2cZ@!?<$^g>M#qXZcU~(EoT@~S!QY>oAxg616%ttVNBQ3ggA>e6py4B9P zIVP?}7aq>IeO*1$7pgY2d@v_}g*Cus;YH{htF_l!W_BsR~Tq%-TG1-7_q@5nv#IEr-e z^5~qawXRO1QK5WU+n2YAC9RRV%xi=%Ex7fi;MC*`;bm}Yk){~Y39pKu4jAK zN5pG{Iq%(1+jK|&i?p^GpfO#nyJM_)&xs|WxOKS?WO?d1Urvv_=w3%s-*8{I6ocdR zOy&Nt#t{)(G>$wnsYP4Qxuv6Xezv|gGcWqxSQUqjK~Mu_YUg;(UlQSmtEpA^E}QT- zx=VV&WR4PU3UmKk6-?#8!w1f9m^gKGCc;JcchAGqF1GGAYV6p8Ek9IMjEj$>WzNtx z+-e{T5WVN9x2_Xoe>ZthRCMnV&$I6zxeBoTHS>ey@g}XcxzlI2nPSC7J=eb7IqU3p z{p!_~Z71tlRDo3Qm2uq!80NgU>Be-mv{#e;GcEG#Jj=X;I%Ds`iXHK3nQE*)AtwUG zMU~QT`7B!~isV0B?W82QJd*`9tnYPtJ03kD{XozYyIZI z4oG<(KKvVpot*a+xtI394k7C!yM_Q`s{&tDPb~ur=RLKhp%4*FV#13P4T8t0>uBz! zuM0`%C^te4?md>%Svy#Uo=G=)VLVQeNn1UrbG*g4hI}q7C;WpIIR!G*aXyAuO`lNa z=YN)$A}VgO%`EiIz!w39BjQyTW?mnow2y>JY8LD~t~1eEEn2w4=qu6ii4w}*Rwv`= zz$<0(uTd6(r1IxkXbBG88WGIpSIwT1~lNj6Gq1)!w&A|cDrLV6kpVFCl zQysB##5p-DLmlI=rGW!j3#psCd+*BByArn}0y3iMU<&1{ei_1vE2(h6DHLp9%}qmz zEe~W^A6GXIqKX@-h8<;DBN2n1e$><*dE)2x{y5k54zh|$*iAOl6VbhTY5cOhwUa(y zUbyC@l&S;-lpKRYJ)IGq=M`x=F>K_}qp!l0pXG&)&;tUMO9j2}Bae(++tGJ|Gwwjw z{A@*vF$#TuHlHx>xX`!g0)TAqdU)sYaubGSGoUj?I*9ntH-Vs=BhAOA;mNo)jQg^Y zN!U@TFS5^Lzuq{79~4cx!gcQi7p7$3h?0~a%3WsoZLm8xT660?HSRfQTTaU_4OJbN z`JS!dFC76eSU=(?A=>STX9`M#)PqGLLJg9t8>;$|yZG#Ekvo>A)|Nv<4dO7mPU(1- zGWX;Iyr;%{q`)~x*h|Xpgx4RqHIVTtlP4wYs4T3~du>7X|8{v0B`PlGd3~4YUUPfI z3Ad;5_1F3aimk65Ob-2UcPQEzxMUl*p5t31*cb7A^=VR^QoBqyCGS9c|C2;(Da8X$Wv{jZOve0w?7e4LQ){<1ysfxF zK}1Blf`S5q6zN5&7OHdsQ7HkX2M8@7BBIhn2sJd3-a%?05rNPXr1t;;0t6BPDWSd# zbU)jDp7QSR`p$cPoqzn$taYz@%rVCtbKYw~l4EnayC6>#_7b_cz!~d&K+<1I8!3RL zke{3=?&L>_1A*CPGO`7f9t8J%vA0;|kI_B%d)g>)Wu^$0E(lff8IoYcUIq_|ONcA| zlAu8JaF#vm=0tG9NCxcEUM>Af&py-yqptVH{~oOcY+=utV>Vn|D*)W`OmUyTvhyl` z{PaEXdvZ?q`{ar{yD}=uGwQfRue;Z75{bdP8@#AdFMHtL(km(}z6I(+?d>#8XD@1Y zH89rVkG^`{Z1jfGXk-52U4^5+-ZgtZ{2Q#a-)=fGNfn%D zU@Wn1D-B2if9^7~u zYxq0^${5jghJbb1r**W^CYlX1`u4VMoHzT#Wg`Xd{g`FRgZrnw?s;ED6-M#orUq`J z0mxh*0LGlE=@IwugRF}-0yLrMyGQ3+(JOz0(rdmon>dnDEI<);e80{B;4gAG8xUIw z_i<8k$Ik4d2{Q+Ka3OV{bb;w>!F!SixoQFQTiz;KB7WpMz`C|C?(L;S7K95KBy- z#Eg>zkOc1GV$&MH6-_0+s{0whb1Z)N(WBpvsL^L%2Gg;vtf=k>-j6ue*O{yuwlLn`=Z_hyqMwhQ|1&Q3 zH~6kPfL&n6l`;1;7;K<;pZ!aIYDi=To9I6sZuM9uj9wyh07J6o>`&k!@j2)fpcKMm_B0Ve)rLMXC#1u_#p#yGm z0I~yC_4NI4+11t6RmR(|Z`;nvWEwv8e+m4L?90@hm7kEpK`S)-=t8sINH#Cp-_Vx# z*rkV#4t_nb8uq;Se-C3Ze`~l9SD7WrS$?HC84_9J_v;pJZc<;`=eX6?d;eu!zCRK4 z%evaN`+<>z5B$KvsvG|aMjevo`+JP{nThzf3nUU_{t+ghL=NgXq1&N8o4s0oQjR7G z|6;*+G>D*AtxzAJjaK)cKqQJ`+K(&AWX~xq;?9@?pb<5JTsP%ze-{dc{s_{|%|B6- ze{vrNGg?5j{AI0G;f24QlKzjdK~oOcj364m?J3c+6$HqtA6i@^yRfhjP@Q-0nVX|} z4*$N7^m}JhVEaVaygkPX?(y-h`y(ir`PP>hQ*KfH_dZe}Cg|f7fB=lg3LVhhei$eL zXFm^%%|05xvX2OV3*WJQR9+RX%7456@1=xpXrwR`g7*^$94q@@V;~)gL;_+I2y5uh zeVR)@bGO0qgPfTOgxm_{7!kCegg^OOXN@!&K0nTWl1=4fbi15WJC=1nM_uNr(BF@H zE<$?7?_zkLeJ%=LiBsFHNtoJE`i0l~`wf9YC_TNf(EQIpXx$gHmb>3WrJl;89vx6= zd>{5CY-GC|>|w{U3s2pV9MZCSQlr zs>IbAz<;BUpma;jWKp(Xtcn6aefmH_RF8z`zZpRLf9J8PCJJG5f6`RIqqSvNW6^7W zcHZ%A11_N=QR(k(>)8~u{ft35_9J6FzzDe(ALOk6j}gCTI{XFr9L&vzCz;z4_M$73 zd8&W!23q$|GXmnp58&4_xcTgpU!ir-#F*n<3i?~St`KwhQ}^E_o{;^%H6S=$1{~sIo#rW;|`K|`<&2jEb3GWg2)+i}WD(L^LNdKQacl^NAhmW_%ROfH|xRZAg zsMT29rcfc39I|KIe2?5e+|N-6k=R=b-wR&E;+M7^-6O-p3zUV;+3qRq?d{$o;>a_d zOMR;z=JAB>G=*KYe1g;}#QpLvbT_ey=SPwBLm97X7PGMDNd`{nQ%M z+loxTYDLHW5x~0&Zxmks9T~SidT9 z8^VH2hUQM9#w3n_^R#o3>Ah6(On070OxC?Xzcu7AGeVxO0oKO!h{MY#+m_lm&8gz* z!?VhOQdn3oA?hF0?7*uZsTvNq!E~=>PJqro-sX zvFQ%5D`RW3XG`)l8+pkg;_=j(M&_V1$BuIDQu)=EnXCCLkJR#xWp3aK?76CDFDl4i zT7n}`{C=ttO5t=Gf&#MZkeSJ_i+`4NewzLbvE;$j2IR0TmaVD3D^j6tn}d9ANmWqi z!Z{W5juq_JFbSY*J-v?Cp2SVzz)xAv+PfO+n2ZVTKaPt4%r@0m+?68zaK&?fEra)8 zfbp~HxJF>A{MoIv>l0WH{afH_cPxO;X zb9J3vCh@Kk!4gu}i-FBpfT26UD!)v9cA95=NEJ z5SAP#*BiLLdtf#o6t~6~8`cRM!;{ciFLtR8FzFn=5fw^k4qgCH-e@8YK(#)cxF8=i zQ#`sZSx)pKLCM~i#tKLK`#xTkZHAl(7DI_LU21stjH7Lj=Zv4XuR=U3pC~BSbO}Wl zf!wiLcd%WOXaLh)yE&|3xHL>+_pjb9ANBK_T`E{0(P_Bj5W2nuqrX5^+1GD6PhxdAQHu9yR>tgP|A`|&2&@R zDGb&v>-BmMZZKvW$)4~_)q3S7zXkA0ia*Q@7vI$2Un|Fh0j%`o2F@>k$EeverS8=H zVTDPGo6*#-%W(vErTv!uEW#slG;p~1o3uhwB-4P}p-v=@^Uarxf)5{RY~+&^_VOrO z%g=%XXSa68W^k*c%seF~cApYFu*$TA_k~7$HJj4g`!>SRm#6b3B1H+ z7WlCP_i3v_JTRvNH?)mJ_V;bqTe`CHP{lCAU6UlJrm#=1LD4*?pI=d z1mQ)M73oP_1IqrbM*^WE*-DV3wXlK+bxg{<>g9mMPNEXXaWzog3-IB_(I<-q{rzW+ zk~e+7Uq;bEkF`a32<+8no~uI>5^w>{B;g3owx;3KCUEso=XPQQr^0ucrn~~edbm$7tmAC zV~g3#Xhz}^y7k4J+EG})e$v*^su%D}Wb=NqeTm7Vcbvq#rHdr9rm&V&nfmGPi{Pr1 z@d1Evv%X#6!?de-Tgvr?+81gXIXS)FmVa!;oEgvW+7u-kSPEjOn&-fXd(+>$RI?6%} zS=k2Hcg~b>PA?w=u$9{}aMsrt{0Uf+p_bSvd}(cgMQj8eo z3ccMwY8>Cs5XfSt;vP}+Tpl&H?a{v?7QBlu-hKd~VU5R%>}`20c343Dnn)`Rpu}Lq zWt^w_=39{`d$y#LJ%&^7BmJ6?Ujhmg6Gst^ZnbMa$ZQIG`5`_PH|WC?)CGZLTKv&t z`7_&GQW)#ynOZ2Phb|5|xQ7>8lsmqskzH|S+tQWi;f5Aos{lzYjj;`75FJd+7In>+ zg`E~q*rxlI>(E87TFO!ZS2=P4i7CK~5%xgjQ3tCx{tKX4cEF@9TQz|(xcoB(B+lp7i=XNL|go@71~$QD;iYrs_mGrIZ#`;ucaEi$;xc%nkxlJ<&P+SD^B`QXE+Y4%^eh?c!&pPBCd^ z7Tw%wEWSLDB-o)Zsp_7ZM4i=-WX>tuWu*GOoVDo$KH$7x&qXejAB)mF7|AqPC+hmX z`ckXpMUlraM;NZ&`_9(na}rZ>8r- zmJQ!_w1(4uP=95A(-Yk>CV^&H$2e_Y_l=%GWc6)kO5Z+swpyv|otPr${l9BC^L0f{ zOR0e)j?^I0f$;3wi5vZV!}n$tEqi(WT+oJ0szjJZw`?Fn zBCOr;;MaH+%`Oie%D0W5VbKyvS(QftJMFYCzxNc_(Eh_)GUFRYDpc7uMsmTK0l_J{ zN7zry_KdTc#KuI@yDB#`S*tQ_|GvWD%HzZ|akV~pvpR*-88h(~OS2oV;eOu&n(O{p zKFR{htWa;(m3b0xY#4TAVl&8ov(+EfdM_xEo~2%(Fa^HJ%?5hGmn?hk=+@2lNr)5X zjbYaaJNHX3zLbYs*1*~g*)9z@uoZ?d8HeB1a%!iM#@t6$E!~CQQoDbvHoDuHoaN+Y zuB|z>X^3~^iEI*PzdI`AycE;4JfQzT-Q51&aD|JcHEZ~!u_hWpn44`VcOqXP(3DX% zQLo-$PXkF3o(5TpxeszO_uT$Pl)Dd~4+sB+K*S(9zP(~L3UY3M^N6n-+UH7qnwp{5WU@|_&dixjS(b(I3|q| z%ug*oUwiP#kBW^mw_WfR!UK{uGv!i4i+6z|^t1@nW`{G=!pEmw)6LQ+mYHF3Oef$c z>F&*)1ipN+8YV(7EkEV5;`uOx&e{!RcAhiK&#kgu2^6jK%@|EU(!0KW?Q&XLUeE2} zMPzNXt+ZJA04mB@Ww8+w2)$svlsju2hRd}zu&`vD&wlQ;n2`E_Xzu*(5yH7fWK62E z)Bo(B)-Eo#RG>>I5q$_cuvxqR7?RGUC75~@0v*oX?AwHQ(+-L%lO zs2*}W`nG?peo&upME+r=+)%cjcUUG|sPY?WOBAEIoDEU41aY8m^gBVT81@7;<7ku= zx{_wzjb^Y!e$wrDm!I8LQ9$Q{6!bj?`#P9c@G-92IzCr+ZnxcGoJAqUG>CS1;=9sz z;q_rrzZ;*93_bJTVR!P$n-qLS zZlEHiIGiQZ&bZU@2W-=bs9U(s1-NxvF|-zqkj^MrDK|(p1u?p8T`!Opm=>xk3NAqfEVsL2a;Ytw-mXmE(Wi+a#zC^-hP&69aSE+$pf))xhrw~$X0DU>8j*0#3^ zR*~}73&17bR3lq+Y?j9B#y%-D%BjypdSn(XqI>7$*OIsNRmR-bS1;h(*Z zmR=l3Q(FzZ3Ncq%G@85LO41IEVEj*8SJE*NN!jLGxL2T31*)tjK&GJC!&o1N-em70 zW)f2cKObv+DSOi0pDB!tR49GMTXnbG{(3>xD`Fd4Atc%By=_eZ!;Io!qrsvqGemI0 zPMiO>!it#-G|I|!o0gB?{ssAVqJ?|1-;VeI^~NA7#z^pn*=4 zFr-DY)pG3PL<8rT_@mSNJ9G<*rn#LarVp7$e6i7t)yZGga(j1>|C1DDQW78Ifxp4y z4}yrfkoSrH@^RS0FG!yzjz=*IMiXnIxG&IKZG0s(`FVIXjD4@~j989blP-qI)MI^z z8N^HJL8v5f;uD@#B0siENIn+K^Idvq)y-VrJX61<@ILV(G+|M=Al$`Q(3ifd(W2X~%{v>q}MY%v`2e4aB6~AZ0dhNmL|Ljt^;7*2b-| zQGx?{XYsQc7Fr*7IGRBw6N*uN=M>{(+QhbP>zBR#jnipey{2#8+N&dAS<7t|2u=} zb1+jB{#Fv=Wl4Ph2@a1iTIaZA{_eX~S0mf<10JCD!xR~78a@P=x1N}(FA19`!rPW_ zGpb{7txSLTo6+9e4iv;2GcGnJ2XcewW);Eo8B7cDruQ>(6vr)vVrt@co0U#%_Zq z$%GR01LNe}JTGyX<5q*F5<9HZ(KTD|U%t~BbgeUcHlAbZKcqU{j1r7Qz4o_P(|ctT zX#-AYqLc_#C1=myi_(e`-n>?EY#NLJ%yaC^;fgF|j+R6CJ2y(+Y;&HE6#Zik zKB1>YukrZPo)B311Xeqn}#E)UY&!REUk zk#9W=%SXti9zjD%*s1kzFfm-?e-q$JgC{UjLAH4x@wCex=ZVWMRN1Zk+SQbsiBw57 zl8vqjzvu07_+X{Cueu7^*C=PkfAk&c?n~eL-*!KL%pQDpS?>A zeO-!s_tjgaNqdGkQ?M;dY}=sEBM5ru z0=v?6dp+?949#*i{@-K9k4nRp*}=zpse|nNhx&dgUTbXb%pe==7!OhUzm`&s?3Obg zkl&ib9%?i}WyI);+>G)+xm8~Chzkhnll?YzIU`ZTaC!_jaS^F4wQ4GhRibR?r;$9% zA}xD(dMBh0fJB}@y;$I9jC_s@yDJ3~oi~OlO*sa+SxrbX*9o7Vbux)L8-*Own;!R| zse*Ih)hwRA%H7hGb*5Saz6RXY1CpunD!(bms9gvZ1(F0m?U@27Shk57Z`eICFk^MD z4$^6M;p^7NPl@@xwSGSGO2%OdbuNfD#i$lH2-CZf*eLjNxL2c!ieV6TWmvL@}pRH2<}@D=nk# zZyB<1!rfZljKIpcB*8-K>)diow!-_;wnrA_L>>fVEpz0~PxH-=Fk-PoBaL9r>%ovP zeMZrQGlMWXoArc=H8Y1jf|K_ls+HFwCCQLBU#i|D{8a*tV9nNU2x}o_)Okr%?qZ2q zfOFWpQBSSQYFod%eQ-Uuj$T4mS4$-*t76-~%P+PRm~zAA>d--(k&iV z(|}b`U15`4`g-De@E*~|j^NnJ$g+~ls!D}R&a74X!%R_a7w0bBK&hv<*|^$`(YV15 z1Xlbr*_P*PpZ1LvplaCK&IP=HhcpZ1=XeW7NM!JKTmq*LkzE!2!d)n@15rv;0h@ zeBasZ1*0DCEqse5-xDojX@l7)T^9jL#vnrOk&- zzk+0}&H=F;(#@Qs)ORXRLdd=Zb5{#{TU9!MLdCX~=CK>^-=(+tbnC9feY#SP7t)<( zaGkL#ftvPuAJt07qv2v=22rRX0lU5^1_~RdVx>VW>-&@IqOTn%Br_Hy(90cF4-m*-21X92+ zzcJUozgJm}UYS3#gOelAn1?aL6wuGtnDfHH2H8$qbfkpBFXhcUjn!WrJXwB0UN`?f z^8Cl3^ZC!q&&O!`B&~qw8f8ALx6cika;}FR^%8HD%}ubB98>Z2O9Y$9CbUg0uu+&! zo5ihoFD|Gmy6FsSOIW!`nL@!eZE9{`39UhH9p-$WM3__)O{JDin>Q;xLC4$ZXTfC< z4zQ?XQ-__lU8VqeUfvsLZRJL8w_Ch^Z^i6imZ98?@)BX>OXBAzzaLv=m}qE1!uJbe zyrV{q=%<^7=kEAVmeJz|Evp*~#uaxgNn?^C=FW|WLRmuw50^_ZVKf%njJM5|rQaq9 zo~aJO9*-(KfzRs7nR$kEd~!}f(JgW}3RB>^-mtV);S-Gzr@AFep)mGiIkM5Z0ViL{dD_hKyFZF<& zXT9PGOLaLNBF5KrEMl>Vr1%oAKTLe;4YJI2VtRj7f<;$!fa(eF*hEqbYI0^0;@P{V z^(zzF35C&zsh|rpM7`8X?W}ZN$!xe{MrgUNb=~HQNP6UB>0U{L#4J`N^JzkEd7FKs z>(Qp&E56gL7&BZJiBfVNUurs~-;t^Bt+&?ymT!kqGQ$)njM_(Ut3cAX<*f1ZR@;Jb zN5daER<`4i#ShQyfBG1q!fa#r^}NrL@*jq5;*owqQw5#y zx0OzuA`Z10wVz#M!^elzi6#YBas3O1>Nz#0amo*|2IB9Wj%Hcf>^+iQG``E<1j;-{ z_?F^AaR0hD=q?a+z7gTFEJ(dBYAOLzfJN2-NTdE*q6mw%K+|FcOmRRRJKEqoc!^+=tqo-dKj)7buf320Tlh&6uu`S{} zmMF}u;Ej`XhlR`QCKO#$DNis2OgAsmKO4{cM5?#paK@X7QZ&791Hjt{(4`xY&wapsk}1>0yDdJxj2I0&yzw@oS^A|jPI1%HFs7=bB4vcS zD|qBJ%|2LBZ$oIrN*-$Hn#QgF@YOm{fn>H*GNl{l7dRUV3#9f$0H^d{<5q>rc?bk@ zsp%6=+vs&YEFCkqr)lu)D*Jr3TnX*(xvS~4=3r*kphAIC#Mv*Kh0T?lM{`h$tbR;w=XkV$xJ^?lri!9cUp^m|jJI)hu*JaOUE`-yl-+C;`C`LMM|6nCAZ zUdc1UyQ-eW1>A$o3rEUF1(1s5qshT*fLHkiX%hIWdn#FA6M3ICY|^ls*^IWOgv9PD zneYMOTIUkhx?ty%hw8>fJsv$K)UQ_wac!KLXR|Q|lq0qcIL9qy{}vG9@TX~}oRBx@ zI_bQUp)ux%lk^z$y||ya&blVWOC-yZg*(h#aEm~N3-|#Z@kdyiW^#9WM(7Bq*QNz_ z3(pWA%~yuZut_*#oWP7iXOh+bGz+%cR~c5b#^n|LbgiRl@yFbv5fz`^y!(g_3V1=1 zq1FA}sK;JUcp{1D8*1r7*(Mg8r1>e=3i*T0VLX4O7R%}$ z|2NWwZUVA)o~-+;oRo>hu``j^&}=dTC0`h1!XsI)wF7vNgJ)fMv=)@6t-jCw<1m-zMgcK+$2H-ioZLYsn+5^P`c_ z@REy#&|JU>Os8qJyh2>t&D(n$l8fjpjXL#RN+`nei*4}Mst+Z}S%81VvSw3lF{xW; zbK(k{$m1h@C_V@Y)mjx2Bcme8p=&S;j&@`Ujd;ptr5ZNzC-%nbN;M;}SI$?oey|wYuTW&d-_l-O=-=mu8--49S%lj$IOD zPnCN!`Q695?;PCkywJc5Vo^B2%1JZO@R2!KNN_+i*9sNzi+@sUQl({9(=DSJW)ZNY zo;HLy6IKVnFRao>)hc7OvE^H>6S2t@g3jK~V{i+4O<*?c(CulG3e6Ez=hjZ_IoA{E zlLT!qxvwP?M1oamCl`n0N}BYYD4-Z;vTqbr%E#6^=4N#aa2j@>Rd@V%z$08*6ZDAK z)1_>S;O5)tP1~>Uvg+YXnS)*xJ9U203ck!Mvvuw_!IxFqsFK%PJbz+PVjqJPYjXpq zG|YzMxcH4O3C|;!5_v~e z_Koc|4%6iOGiH`Yx?oG49s@D^R4gMox2)=R%kF3*R82AmOkYZ7Q#RGw@* zjZ3av{}mqJFbzO7A&!RZ@z{my8zgq}$&?KgLvVL~1xKmLJZ#=9b3}k0ts6r+ZEF+S zTKRR;!+?huKd%)Br^Oq*5v#POZ&yfRBi4JAhxTpDOi#nxN<<#&K~$`Z@)$`m(N|XZ zYH0YyI6Slh-CWIiT&Vw4h3)EvfJ;j-QkFuCooEKT%jBsGoFX^do}j>IHz;BFE@Dws`r@98BDh-C+TF`P{G1I zPfy1U!xx2#_sT<`K~i0mnZZ&pAynCgRz_QwhcPesLK`x95g)*)dqIsIsedP&h#WJi!F9TaNf)Vc{ zrs-m=(x-D*%d-)bR((fJd92r4h`HB?O)c=HxEY|3oVg{9Qv z!x}hY8R(NU99aBhf9QkIHpn|1ao+6d!yssjcpr`#Q%b&2_*D|(!!YNY*=>+QDj1iA z8OJqgjsI;V#{*#hqb4>0K5}`$_foq6LPf6cnpBp`(}QA5x`{qIE|{@)p|`Hzs_d8u zRz145|LAG;9Fs*Pj%t{|5*qKR6$|8sbd6J{HRHxE)>i_Jg#zQFD|ASw+U}}Mg-S_0g}g+&x0hkETMb1!5AY4p(Gjan$uCZ??Au#wKR^Yu@bJ1Go08phdYNEj9cy zwJFNC?dG?8MM7j7JcFR4p1H#Xb`H$Y(!Cl7+H<`_7gD-~2~)iPA#KNJ*pgoTBO?Q& z0%AaB|Iq^2jX&}L{`J`4TK3A>LHu`hQ+Irvwk#HWdXS2{qm}18md}2=c=_1tsyr@C zNR+|H7=_&Vj6HtT2G^Y#?l1m#tlH+n-l_WxeoX47=uUN%gBu2Yd~R9qc4?-I&bK8B zRfUx6$XCJjO_bw5ZOv?NguLFI66zkIbZG@8by%G)1*`gIe~K;BiiVlNL7(+a5`kXz z&n8g{M+#|@{Uo}uwPVuESXH{^mfU64YPWQCL#r&_bQ#L_>$rO5&!x`MO4sEpLM@rG zQZPbl2#6(w$&Q~F%-CnK+II7X&{NGqWJAKr4lTlhV)9F)_E+>u?KgA2(^gmOsMc@+ zu6^Ywg06?ZR|Z>Mnpe6h&HfH&pBXgRB*4G=34vH|SuN{!i<=izFOVRL0X3s3XU#Hl z$v3ofEZ9ZH*7wD~QFMe$=#8%`EdmT!#GCjjS;MJO@RzH8F=JT{H8pWxpEPKwGOtJG z$H%J8S;M>0tt)Rqs3PdbNjyxbJFA)INI%KaP<~+42C@5Cj{nna!nF@aSF{u6z=9i- zE0I+PtSG_Wc@`VMAp)+vD1}`ZkgT_Nzk)w`r}(qg;ABeBvj3zt+2_Wq(TM;hEJEod zOV8_}5YHkZV+k}uJUb=naSeAHA{16Xx6WLE1qCT_$M&f!lsHr+nr+R1KuffSxHyI@ z-5Y0n^nsq{*paO${CzLMNL-p^RA{}?y2GrfoZ2WuP=&f^C+Kak5)P)c?YJ*rB@|4iZ!O>QkndqyxEK9qm3^Aos(m_dh^xXL zV=gVQoYUt~C8w8}8?^bt;#%uut6&t6Rir9g12!YT!`VNrt`$hV*XZ6B{E_8RGtbc;gM^$m$P18^&sd%8st?Rp+YJ2? zZud@>;grmkwhWZoI>U#DUSln@rC-yZ&Zw!D>)jf*;Q@L?AiI8;C|U2>vzh*pn=FU3E{Yd}D zp=oK?0oqK?N%G4~d$w#NDgW#8olk09RNI(%@QPPXxyDz1uX-K&E&(3p*IcQgHg;Na zn)A5GPVT2=)%2W%R&3yjZq}BfP+Jd%p{#~L8y0KZE7r9~R$=2SQu3Li!Gst0-Snh- z*9!8VJn3Nilo-++Y?6__tR^q=s6?JSjps3Y1L=#`@hwqSNl6SYaUJmw&@UTxdk_X_ z6tOk}{HMYm%dwL2v#jh<$VnJ&Q^dH(Ti~>C^nikBEGA2q zWu4ozUzI{Jt_grDQH2wGP?9r zMK3_kFGNVPxzZL>$CS^wlXWP33A0y5L%Q78I$#7_Dv-IzDRl6>@9_!aLwI&6&LLO+ zSnNqqA!OAxYcy9VfSc{e!oSF3?7S5ArL|Y}zct#n-MLiou5am{TPNAt3fA9;$vst^X ziK+HAqq*QyACT0{#%%+@I$xj906GM-`%Weg&K1nq7G<05suf#WkMi5s=HOy)vXa2>c-GnWx z8lR7Y_<13*H!mkcTi_z_m$9@f^l;b27lh+ih2r7MOubg7(RZe*t2B~3!58u3Cp?P@ zJc5GXZGM}|co``x^l{!(qPR3vZK(iWGt##9WV2ug>~mSvgpDkqIAZh>uuW0mY zL8oV`PbQ~xU@L`TO-aGYa#-2Jb2?$CZn4jI>5UpbdVtV21S)WEx&_^^d+2*09qc<< z30+P}Ym4DjNI21K-gkPjD|g;ND*4!5)Pv;XJ;N`mZC-jC8YDr;*9p1CH3>?5%kcT3 z*eU09AJFRWk`SzucR;V$U^^phVLU+qcp1sP~^43kS+sR7; zdpoo?dM0&EFvq0i$1h#l<)_QCfGNNN(|uwB#*ebg>1lS z+uA&0v<7NN;>^lh)DGxITzUu$mM7(1P>`wbtxIG#^>?55v2I^^!LV?L`%j;Dm1>pl zAadZE=>fmFg#y?OqfD&`XVR&yJ;`VkLEU==eu%8NBnf(|+3Yq`o7k*G44cP<@>Ai# z!`DNdUWIwahk z)tRWrHIWm?FUAaC`)#9!|DL*Hfo6eOCB@aHbR%Rlb`dSId^nn)zgs^^Dhb1Xh{@BT zT`CsIU(Yy@JR%D|)V9(6qui`u@3a{?U0RHBjm74il;G~VER|%%*n1d8d1LpEKCl0+ zx}Zdx2`q>;as=HIQ((5iAyuU#71#<(rG4yO1%X*Ts_FJ@S99ua6HiWc2SL@Yp!n!o z(RB|muxFO1(w<{Wwo?)gHk1=#qk9KSsxa zZsfg#Ufg7%Ov>+rxMlg#7AJ+f%ro30RSH`t>aO9@6C$yG0E zG&E}rSwvioT%Q~%;1)-XNL_L^-20mZs*GbZnYu(V7l4jH|QRj6^UZEW-khhE%SV34yhEv5;Nik7J zS3O0{Z%aOsI-k6fDv0%L*pmXGLBhP1GOBUSZTTu(*ZS1_RybOy9TJPF2{!$H{8p3F zf%w&^xF#_eVxkgj1MbtFAe@YjxY1+yTYyPl7tH2ff7+vdi_W7@$p(ObI{mzi$ z4wnl{0a7Z7_&9^SYmhV;QQbx0BHCpzRIZ(0O;xftEbFHpSt(IROt)0ZH(OYp)5@v3 z5Uvw5v)>;2=fUkC>4Z-KZTRY%redk6rZJn}|}nEKPG3AP@? z9pg9wZ#XE4k&Dk~#HH9W_ph;me0k)^gb|iW)z~1@FGu8ehXRiaU$#x9s~kw|Am~wC zR^wZCZ8mxB@23;HS{d4}*(F^;|RF}y4_ z*gP<(oO~NBu4?^9vfxK@hlKBj2!HUiz2HRDM+Q5D==fb7&AXQ<%th46tyn$#Do8zg=~hJKY3tDU&oj4eIxsbDl|&^v18moul>jww^?{w3IyL7pWS- z6tobI5tD{vu?Tl(infCu=C+a*jWsA6a~!aG#s(KX3-~=$i=L9*<`8SXj0Ek^?jJ$} zmw5jyG&X#@e*%8)*gQ2azf_W+RMa`Qjskf&jFKn<*Ww!~eX$<@dSOns-}-^iD|_A5 z@Do9Fefm>Xy^T~C(_AZ$XN^m()5=hey2>-alhq(qBBU_-riIa8s%L&Lt8+jmAUo@o z^g>TfqD9^4`_ZK$h#LY{=gF2v>+^yqb!taPwV>ip85*m=O~8zVV;BSr>KSwJM zcaAvNU1U|noKj0#m>OxpU zFGshqyKBE%J<}sq_kq=(UY3nOIhOhfRj?cWwizIBH>25(ey zCIa1(iM2GZu+E3^Lf1?41e0^rUwGS(1v!bR^AhIPR`bGBcGg}BRkgc6tMj6k7Y)ul zrC4`cF6y>pVYE`4u-3Y*X{}n#SO}{w?e( zVtmN`leoK8Mu>+By4Ngg*CFY2j^ipkYvz2fjx(u1!`C+**>!KE{t9;6VWs~A_nxs- zA|_1}qv!REs<(Tft&iJug|2UfSli^Xu zKG#h`+Pjnp#$6yfjAIY~^i+SukRX0{l5L7{?g7#n0n;(Og4E{eW@F7TK~ zFZHfHGUIb^`b;bKvEYNRGtCCW4`Bm<{XAzodik!jk1uRN>~rN;@1pw|jLdy zEu3*JXFZYz8V##{xl|Yhvx;p*y$^b1j05JNT|9-6ieC4yIbpr8zV`Z^D-;uT7#n0J zw68?|!P~lFhtOctU`8dO)#Iz-CQ6cOV2=2iWl1>+mk*hF;8!0)auuvxSnnsdo^O=? zohAFr`1F`eCKH@vKd9ccUWj`x9bge?nx>~U;jjpJ(D{8kC(yOj+aOuTk*X)(IrVaD4(LXoQj#svvzChToC`Q- zq(w*~-%ugA;ZbOrmEL6=ubH*U@qhkTH}^avpX4+}m5o?%>E z%F&#xJX?x%#_BENr+OuN5O$diRew2qAqE_ZJN1t_?)|Cv_!-ELQI2gls!w*o&EI6> zVshhvGH)cf;Qe|{2rE>Fv8_QwhS|_>=rwrse8t_5w-A|G3x_|I76HAM{uQRWQ2w#Q+X)buzZ>ZV65DKoLE@{&V~i((_8i#tyYz7s&$kaO9K@eYtkr z_V#G1$a7rBfws^D5@gT?#9U=DMx}~ds3-0?Zf;a0zxkUSMr1pXCKYQ$6_f<=;+s4{ z!~k>eqZgyJQL3Jjpx>h(pTn-5&8x7mO531z7%3SE0aGdFPJ>r*|A(}9k7xS--^X7a zq~l7GTXKh$lzAFum$U5{6XarPPHtmrY3-xtPjDebQ4Oy4F9cYhRU zD=asxO+_u&X|4BR0L8x1+)$!&`CLQRK>GC}_+SaPm^va{(IG{;XkB@Be@P}=WNthE%>dq#pFN5mOxos+&vtEPcj5Yi{Z@8wyle1# z=5`_iD|?|P^PBG8hD*T}J%Xam){EqR{vc8UA;*T3bsSJXMTF2K0v}TynJd?}C-+|} zPwf(AK)5+G2hbM5Pyx@|`AY*y)eY~a=ep5rrKtx)&66}mrDTp! z(4QzppQ?EE@DBjjZbG65pE+tpv-!r&T`8iw8peA9q~H%szBH~5V3i6&OMaB>8Vvf~ zi1&dWhSLguN&7`DyS8>H4u3tTu>iBv2#SH(Zn`Lbb*9tBrtc&#x;?n{ea+!E|QN4^&?r|b9 zr)fZ9S+FQCe$LQSEMQ|Swq2=W=VFW4Kt`UvV2{~#(dBY}l|ym|P&1MB35mPb#`+dvUMAzo_3eJpS-cYhWv zMR}m2MzkGDY!OwKxKN$g5Nc(LO?Y;x>-I`!_$Mg=sBnsOWA;HJ5HhAP3*{0G8<{)B z#W{YstDU^J<|VjhKMWk~vQB(r9H}@V;iTO1=2p<@5%l+x#h-h&ISD_LcSW~JYS~9% zN}k`~y~>;5SigMQs72YpS8P7*;GhLLON*$Zqy=Y8zVr~s3H3GDQNT7 zkhE+?hXt5wQ<7B>$-*V_51o)jbKFFQfqd-yE-{!2ShP=0a{A+n{Wb}#jD6{REnN&2 zZyGN^D-v{`$*p-{nrMLj9Z81dDNCn*-joVsUvO46%erIO(FI){JY!zufD8Tt)ArOqGPq_f>d=PNPx zu2XNj!tDJ3eV0o*vq83D{sr?3K%$m|XC3sHg7acS9c>c<;NzdNLf~HLBXhXM^TkAj z+26X`e;pEiJ9gNel?&$1<<*z%=2$^V-VNAJS6Q4`wS0C-#n?R7?wOOAsNEUJ0KRFq z^!2*1HGqqdBFmg24LbO=%H*3X zo#!jbPrs&6F(oGlbTX_Bsq{X`fx9hSYg&X4;a&kYDU{WPIwt6>jGLLBKJfi%ElYZ! z(z8|GXXjr52OLu{6mUO$ zA6+?n8qj_aiQYnKG93d7mu3w9X9z+BWk69~%vHW~x0A0%9ken&D=AtKR`1H_K`rO_ zd(E5^#!XuRa-{YY#9`o`C`2N(Kl8VvTN1DN=&4t-VfFFj|@b1MSaf9O1<*8GTecj`oNU+nBh4!&N`|U5PM49>j_v?1gj;035fvM2*dKp5w zl+@1b+|YBk$@;)~AzccwY#GJ1N^FK2jsNhz0hlgzzc<85m;^_2@D|W*@7VSY?lyM6# zj41Mki6px9N{QF-D*v_!bp+_8)BYc7Vn%aFT(wV|y-xFj@BhG$6y9x7P6x{Futy47 z;oM$GNAS$0ICnddc3;JI-lXdM`dK3Su}v~{3C@>j2Hnfc5p>=*Q!HgEUa+T(z!V1~ z5xmmvacH5CPrL%!<|46$MVNJ9Z-22u-1ZFs_zR)(;wyrZupx!p5auCb0mAraQ|vXH z-9+VGDV*n|$)WR4jR1M8Q-8l#HRG!mKK0)7Hh4JyS82>Tqcbi1fk}T)u(Pw<-ul7= zp!6((s*t4ky9HxXS$*%|s|F4fXFJE=Yc6&6%km3Pl}jP;)(52;)#H-P=+Zs+aSq(* zG^wKCYns&Yon*9&%_1gSEMXae?-Lku5dz=h)$Ugau(IsUAtK`TQFdsl>2w)5A5PFp zZ}sDfh_m~={(@fupa}nyeE!qmBR_H#c~a?2SwULdZr2+_Vf8wJFMtHnci%s+Y_r@gUKjBvsw9nAw(fQ@!!Tn+_XPZ$2^Ma1WBftF<^)NU z{)A8cPu)T(PC)Nmgh$jOGshX3NP<@F&0aDo>NPl zfXFSKh`V7nMTPFhS@6tI*o`q+D{7_AC!CiOIi@FXr(WbrffzkX^KR5|KxA)Frqv3$ zfsat`|9R-kQl$yg9>u4RzNged&NqFe*2uVX^%O3Lt#Ko-(%P_W|hWS+f^==wD@7OLP;-? zU#vp^UC|EgJmDP=s$au6r_G^*1ud&tcgDD)x`*F51WAAdZ|(L@0Z0rp;tiGgQC~Te zsEYnK5?=!_K5xC%_rBs=uJSSg>=FJ_Tar22&B-qchzfeO3;?1wI&=L=*ZSgE?^yX0 z-sU(DSqxj?>3WBl7~SQ-)TvaI0){}ghB8r_xaf^1Rz6>xkUsRzAFrwGOfoe?xZ5q! zgOZNAEe4T`bLyW2nzAV&z1g`)sW6ZxK-xLMIeu>HVM$A+FEOU%;ZV)h8i+UPqSkN5 zSNEoXbUS~CJflPoxLXj#L@mKn1NRCjpUBsdrz$;*Skice9ECgmOL0xcOrHXCz$#yo z_Q~tT!ppf%QW`vv^}_CIKiQ))|L#|8N2SzWGU6Gu*JNzuJ#R=Qa2Nk)>s~vR?zPlN z*}y|jJFuMCaBP*_E((hvy3O6 zbOd{1Wx-u;*YXc_%2hk*$kvuf6))hG&J;*a?L8@MSU!5k73oz-8s$P58#*jI8qHv( zik#_fVYN_ZreIQw>1rWvpy zP}iqeX&J_~JjFI#5q^B7`<50V9Hk0WRuSPe)`5;ZPjLtCvkM5GC2K1>2@PNI*k`yI z`AixeOa!4c>x{l19Jv*=*peik%vBf9A|5c|+jYU>a_k3ChtaUJXkh!0N#L;dU+RG( z_k?$@Gxl!=A4qwnNQ+vTz8!uL6t)k7c>=3dd4+D{JOz@r1~!#Tru4+H8y|(HOdxyJ z_^>d}cJ5YWJ6DvkS0j&4`YB$zYWG%)haFXz1-W~qx`hOs`ybJ|jGs*(FLb{FJ(0Pi zZ#d@-y4Aw?BfB~V;ZN^7Pr4rq=mv^|V52?S4u{5Kxu@@32`qLxHZw;4x#Zv*o1nr? zqs`S!az|QRobCx&G^)f}ahZC!VJ@txnXs=W-+j_o|N8>es3Y-1>Hb<;pV+|oS3rY~ z9%wNBlPc6u@qN4$nbn+0e!f{*+E#oH*W9fzGVqqrcZWLc1As@RXUq`whbx zp9rDxEA*HK$y;7YjiOR3{TY^0uS3oBj-(AvMqQ!5QsG;ViHpHv?W%uXS$w5f|+rD)E)d4L;mjTq#BA|7RHZ4sv%$UpmJiBs3bITyoW4dWyNz=yJM>$M0Rlk9vT zv*+jJ!={O`OoPa4tanlsyZ?#fc|h$$vtEChsk2j~w zznx9B6*mqnE`KETXE{u#U+~HZv+|7kdFLWbxKNESiVzf~I{?F`JnzYV1~V>>f82{$ z9pG?x`%ChmPc0O+hN7;oTmo}ELgUI)Cl;3dkzMSrO}9 zv-fS;F{Qk|?8iDhDzvduvEfB__0R?cEGe-P+l8(K&IGwa5R7-Aq$u#rV zCO?X;+J@PP@>~90fFa11C&|n+cAVl~#z}EN;LD-tL9}%JtO)&KfD`wW@)6A15@s|6 zAS(eeQWnhIWeAK0<)~}jbA0wX4q!%lV5xZ}u;2si)2AGXPv{F@ciDA>1r3aXD|nK< z(++U(cIdiVtSY1gcLX<eDlOTK#;VLpN6>VVhfN=In8+C;6@w9`B zB1#0Eums}GuIS>u1R5&L788% zk^+gJJ@BK@&C+|Z{0?T^@|cj>W1}SQbNDw{Ot_-mt8glvC*zSJP`eW68ZB|9%+nvW zk4a z$7h(r^(2BQ`$WYly$+KvSDzqcLfm+iIKL$L<_7hgQm%E%B8V<>kyWhHK}#s3+q_Bq zk&+*%=fc`v2e_H=bW~6{Cc&u$UE;&lLa}SzpF=+3b7s5Kz|+5_9;g;w+Qr)W*3;YM zNq=t5{(_Cr=5JO$YBNo@qKE(iK&)-Lq@K}lC9*uRA816*y+5kN{m!ddjm?+7X(*N& zs0T)*uaNm-*@i+V`jYb$KWIP5)YRGwNQu?8^kJdRm5Mcm?pOQh<=_pP-)iV4d&9zJ zFKM%4?#>csTl(b7w(P6t2h9~nFW;N!Z}H~LY2VjgCT(IcJoZ`_l}kzVCQ36dXQ+I- zM=BkA+08BcvLB^HTadAma%nx1UG6%S1a$zvYilEkx*kiMt#)fX=eK-@Pm}iVKBrw% zCLyhKt?YtYF%~7So-gWU!Nj(33tN^YF+K(-PG;9wdS0;kBB_ME$2ymJ8+dNDlR;9t z=?j}9&*R6ar5oVx&*p-!a;qRKda~FtvtQ0|fRYsOa2relH$%Ol|2M!6u!8}FG=q%k z5aD^QZD*`k+s(lSAPxRzhcFJH{Uei6`+!Nr3GE(v8kK!7QUG;Qms^n5`mv51-2Y;( zh0QzSm6dN0T0A62a~ghF-<>fzAyDDrm{Bte>U%5-kNF9c=$VfxK=JS+4A zY`7WUYr)32exfh)&3O~|ZZj$)yLJf=32*7XKG{Be4;Uq89JIGh%PMvbJ}KXvd5U@t z`>-)Ap-s$D*eohKL*>PF8Er(Zy@XGEALAige#eJZOFhxsZk&klDzVZUJx{YQ20 zy*g4>xY$RQP-QBGGR&!$?gmI6E|7JxsWbQq6RjYh)N&=d$hA3IqEZ+)HrP-fsNJ$r zKdW$SQEgtgfwb?T$ zhLQ(&gq|K#T8~kV#Ei^~PE!0Ryz*un$e7W&n`RmkjG`zf@tsD%>dLPDxR#$ifbnz$^1? zzVBnc#KIO19b2^xz%&o<`oEYP0+L;7gI}q9okkei4C@?u122XTRr>)i?mP3d zg>B6kI55-52E*cJb54Y6lW9wUD%4xEeurPztHj$$`I0!NRATm(zNBvkINHGe(!NHs z$|IA)?BD~L2-A&Y09LQi$GL6vmHAnNHRE^sRlncg>^Cc)~ElESXlL z^CVc8z*hk3fq+wj6T$rwiH=XY5Gnt59-8Nw{N;vmF{x_@55&bk~tXym3l?gYIzDr2&;QmT>o zZk6jVlG`BY=#14O9))em)Z5RrhGr9`dUjcTj9c7*v(5}Tw>MFEBj)*B&rH-5UGr4Pdn8f-E)h(&6DLO#EYBRhxN5_+6*p5;d#+NG5hbiUyASvtVIh`;Dz zh=daM5zE|lqbGM|d_@92PsW1TIa&;9^ZbfW_n};(^t5Kug!hm!C$(3GMnS3mEIjoxv~nfV_u)CEI$(7JN$au$wGzD zr~n^hzk>xJe4FceXHl2?)0B~RR}}h0k-}T1lWhqqL5H8G*aHr)D@xlt3ouIFZo}>U z4<{0sg#EmEy!dI%i2JDJb1Xu(Rl{)4T{2UecLx8UGwGt`A4nfHc2Q9)-$=C1y46sG zX1Ogdw-!?E32zO3?HDx;jCB{dK_S1TJ-6Xc;))!^hHhk1b9N{(PaLCqpN^YIbt(>c zuj`d6PFgZLGxrLxBHPb?sPm+9gIh1;4?{mXGTnO`m=6E`_808OP&MP}aL33S9w&-U zNvk-YZ8K8!e7%x=TdiWKZUIN@J*PxAfa-bTP#GgG5?0|btKE2=-ByN{FI>}#(@Je`g3onD$3X8tCyy*d#1neen})d6ZVY1P;sc@`B5g>5 zuJcFRj@U-RnQiUA6j*#jIDB3M z+x0R{fGe82V}rDG{GBd;;mYM|QV`cejf2+X%{Au+^7eRcgD+6;6N;|eo}+)c9{nFZ zNB{0C?3JSI#PlDR4A|pba-1S}S_egZF~xe-ZEC6 z75&kx;SSnN)3~@pB9xHhb+s09P`~1Oa#6j4urI+!k~D(564Od( z(grH0;)?fh*fMfjAgH4x`!(q;F^4wldZ^hvt_w&+7(~JbOsFY;>)GAjct}i}t1re*j|`9uthw))CKaDk!IM4mUy4bi=GKfiY(ipa%3L6KaS;UQrEV@{|5yCH2+Y zmq=}nLNyggsvj9L+y*Qezy#*a+|axXx*Va+8zhXo_+lo>HnCCK$Z-zB)%hx)kA3yc zBYo&)S`R|LKWSDKd@AR5$}R0?i;|#0xf5_eMS7T2VTmGKK+CP0iT1w$kMp_x7*O2?^H~W=S z+zn{F;OGj|c-`{-oV2VfXkw7{6 zMnmEaT$2&8qN(${dCya2=FJI&fMdndvX~#{2T6TyCph)9C3EhRlU@NRcUz29y@}q9(>A;Q45+YJwX?* zO$E~&%(%gb63REod(&r+45sLyz<#zJB9UPAJ|2r$Xfxwv`F+!WFO2Jj8lR-sD-S4{ zyRA5|Gg%xfPLoVhX>%3QNRY{qA60_8t|Z-1-DGAzQ1AR=f;}Q}Me)C`h^&>JU4Fv% z{D*q-?s`22*Sks$M~W9NK3=quwpUgzF4TIs`Dv~`3+5Tq1t%?6tT38`+~EA z+3SXrrUC_U+_f!#O_%S$_BH&8zqTUqY_;a)1VTJ=Fv@hE-=XnGFTd8%|2}2+NObRJ zA%bvF9y(hB^Jxn>iwZh{dQ&u~IV7H1>hzO8>!KRB4`Kj%BV^5rW?53^lvV6?Nh#n_ zNKXUUNgb>nc{;}@a`3pQOUsqTJGh?b+{rs582?^Ig-pX=FDHANB}w;tg%7HlvZ77O zomk$BlY!j2Uv9+B#nj^!X{eQ#tQc+>@OXA$UErJ1OhPHu=cXSRw+EMd)>1RPkklM4U1ZOpZ^udA`1x3s6}Z)? zum9@Fo=-;B&s{26;yd7N ze@0s!dmMFU3eDsSLOg3NlOh_|V4a-$CcS&B3Vsoj4cKMmDCgR|Bi)%6_IGnn#*_ue z#n*O2ZBrCj!Fw=pS?_;=CG}eaPjn-I<^4JE*wm@j1@s$u7-^;ibnG%8n*sTNdz49< zaNEOu+*DBKdF2tTQht1hx{ft_^5w@8-Df>sSp?ch_xORug_7qr{_^;(0H1~hcrCwJ z(876*_kY+pn5w>l0iMS|8sZ!R>CB)fQb{xp8)Gq%Y|w*1695ueo#mxT4&|az)hebe7K8y}z&{)=HJF&v%E_ zQQgu`^z6oj8S%DrETYR0WRg2fK%6-Iy)@s68cZjzWQ*m>vDs(Ng39VHm%E-Yk<-kkT1UJ`&{-;^a-N;bRXNq9C`E{ zBBtqJGU7X%y{?RkUFM5t3fIXulG75?0~~@6R_#+xo#Pum&M%xB&$BM@_$;Wm@XCo> zq@HGY;ge_%5?g6W-RGv&{$KPKE_Ru`JXRiG<~0ioS4FErorBh%_th3np)&T1n2HZ7 zT2B{Is(yP5KE)(0PH&VzDQUiDl89Cw{!;TgqmJ6v2Yi05?xcLm4L2G0ap$C>l5z)& zD~&GcUiK+4|9?JOqJRSY2yX*+3vq+PvA^j|gS&?6lzxHbiR^}9bO^)%JNob@? zxKT%G()v~y@R0p5`K4gM&b4Y4p2DnTU@+^qf#ks|Al zht6hp^v~lIewN1Lk-Mkl?GI_ovyZKLm?b%BImo^f^@I%hs>E4&9iI6#T6oUJccTsT zFpWe~|B4%_`CP&PO|Q&F2YRJ*DG04Db;zzA|Fx$AX8eh>KXV<2)5eW`^pnH(S6HZdhpia>CZV|2W0&s7&mJ^5hg>s`3APy z({3EM>a+^wp8Y|SXLg^LgJ?GSfkUh3(j>F~0tJUhLlR@I!%?*#mv0+wz|X2zzG%9o z@FVIzvQju#o_@+Iu)(5zhO{qqu2OVr{5Zd8>LInT6^hlfD|6|4?(*^YV^wbQ!Sy3M zyelfVk85s#VQw|Nh|Zi z$~hVu?w=-0FCDuMyA|vy&IyJ1joE6y<4@u&+;~jQdb}N)X42$-A z0rjD4>`$#`lK?0yc||VLT?F3oJBxM(;+-drAcu)HTy(>Dalw|WOM!?*^ZiQ646-UXJdP3FI{pKzcmXk}8<RiJf*oq76Vb;^Uq@5!-p$D6K{DJ&nuNnXXY}nPy-aD z$LmWP=UpqA<3!Ep!6~{ielgq50F(0Zjx7b%x0DMHT^W*vC;(B*a%$XZUny-v*9K__SOq7h>ltr`@MO~H_R~2fsU#|dU4i>D5+a<^xp1fy)Bu4 z3C1N#;UUO6s0z5%bYpjU^MMnU&KLL(%(PVI4rF*2wO&=xz2tQm|Lk)7|=s;3`ok{aUU^ zjR6Pu6DRu4rV$b^gHf~ zQj>Hsmr{6wR&+-ccQ+nn5!F|Aq*Fs@jLS&Krv@e86X|?+5_l076`D|VM&N(|)}j~0 zCyY|2Pyf-hbWg!yt=Q|qq-Ym|H-Ca+lC*834l@Iu)rfi$s=|b1D}cc5^+3SFI6YhQ zg2`H7s;fn(sCY=J8)J2JpoK#eAS{}wE^p*$8blMiY<-QN`S3g%Ly1I+%=DUzk0`#a zm0I)+bRrC1z@-?+D#C~((}$d%)Isi`myG@A;0u+1Z2~~aE%{8WzaGcVy7wASHvCRv z#xrD$mf*(}=ifPyXwD^f!@~{vsf6m9p40KyaBr!(=V@x zrIi|LG8o(~Zw(ml_N%->dr4f5ExgaD5jApz$+JcHs2)Dbe1U!Pekd@8urOFs8#S?f zUtffBkrx{71r9iDk{Kl88ugSI?|#>&&r~vc@{+j@8Ftn)IgqFQPDm7jkr%_^o&w5;`-9d*xt5jJex zMTu3`!7onMxh1-o-SlGX5wy-f!eQlW9;ftn8}9r9kbyh8RWIdm86v+!%CO6$nbq^j zY5h`(^CeMb^3|kj14{`y?@6F`j9bMjSe*mjanYotPM<*APD&e2Uqe%7(xj~Vy2n$S zl&}7Ec#D(x(GPgy;$R{21C{sAFeWHhRFH)lv=Y{HPvC43Tloo7>Ru_+j~I6uR_I)B zRDe+@qTYMWmqs_dkE1S&BFvC;C|R1J4liOey9w!&yQ^2jkEGnsvdHCj^3jM2+wy6J znQeg*OXK6T=HY<{#AW24Eh1exf4OBe+O;jai_XMmdWnbJI$~$a@25Xc(21R;Yva^ zdsRKZx?BrPQpgV?xW*Bc#ndNqQ5Ve zlG7?^#t|`UUw9L5PwdsY;&T6P)G^3;15W!P)@4SuN3z+)E9WCW)imub_!h4jpFdU= zY(+n%jYh{$?<8&znKN@b%A+z1elQi>TMKtZ-`9VJ@2m-DV#teo*D*E04FT+@NDTEK zWydcHi~05cw9ExK2ZF`=o4+S8TTVIp`2og5p3TPXzj}E8op6QB^T~qaS-K zm~+2ee23~1`s@=}q$79NJc;r~_7=6W>3GN+P(EA}MtE}h*?zfK#j5-2rv&+PURqSl zpUS-VbdFc+bE2bOW%kK)VGo2xy^C~?iuwTUFgQ9*86n8BO4`qB4jh^{E=~nItL7wF6b-8fBgCa4q zb|qhCJq~%aJOBG+r)Nb@ljJDe&UvLl=*32y-Lq~Yua)cbFq8I^XGNKi)-o$Vpw1EnP8o`KPV}L!D_n3PLkgytnH`x-i~@YH8a|8T=|etD3i{DqZ|f| zA@{7xMUj;=AOEBQwNbfK538|M?sc6amk!5MUMhOT%Eo95v{xrWONy+x+>vM- zC+5O_tmK$pEN>2M7Q(Ptx~-LRfivzT%GA0q)dcC#pH=MsswA0D#J=hCicOHNSrN&S zjJy696jcfZT^5|?2?8yH^a6FX=}16+!IZD=w|k>C;%hf{Z1g@}-L7WM&0(H@{&;&g zrqCiuvbyAgru0N-A3Qp9E?S9t6(^!rTtW_}A0gCUuouXnFw#g&VN`i2ZrP1@k;}@A zcX?~Tm<;q=^V=BrgKj;Ds2vn0hq2dHxZ^zAg=G7nC|2QZBHDlI&jqrgZZ488FlED znbex_*tS*TMyGrW(m-&f=tRW?2X~D?Qkc~|52zYGnz0!=hp%KQsBk4*Rhv1`6{)3c z)u$k_t`cCV)5Kn6_iY&ka&krwl~7T^bD~)S*z!AgdE{PS$XWC!Pl8w0#XpK8^- zf-ejj^e;d9oe`y4i1PhvHr2@-tqrKgmsq7LxqpBq|1CrA;M1AXNb0`cU2Tu1f6-1H z{de(AeE?kcdQ&HDbGUx=`OB)Z5Au)Qww%bA%>`@c#Zjc?f6~XyNMl={X2O3~8Q$Y{v+QgquBk)HqqF6{;>UHDOK{xEQLG z*ZrLrkkm%j;x=Y_Bxsb%6+z#30NGo3ty+1r%WpGubIos);Wr$&p^mt<9<;gSw;mVn zb9akr1PnZ7qlidHhViN1KGgJiYgXm3OJKt$HuqCdI2O60;lq|F8f5m zKJd%*9D1Rm#H=@dwDi4t2T{~v+W2PZ#2;{Nxs+)gJZDyE<#fUPC|v3>p+Rwn%&)fN?S0l+b%E_;3256 za{@@+t)i)Oil&pt6Zf4!V=SsGI@`o2F z^?QyxB%_aYCnHkJcCIS*T-b06{)E^pypC_<35nSbT}K}xPT1+*pnK}Gt-9HKKz{>jyu3G5E>z?j*yDS4(IF~w&s+YC+)Lo=OB=+puBiDvJiZvu;EwM`YmsFg#p zqgP5u_?cz}i85j$RYq>+$3|wL^G$(z=y-TE1JBj(@_Zm*tZ2;5Pn&hmN+?ggt2-9E z`n;!U6=V5ruhOmtM|~an8MA~nHGwt*@%hYnRFy1oVMo_HlI(CwVGl*S`0T6?w}8;e z=MI;{_1Ne=a&0%dHm#pt-y5fvA2h#wWJQd^oE)AkESWRI-vr72UUgU zmZ_Vp1+~4tMocITCOmEG6X<&)vwGBc-kJY2r9 zIkCCux1p{0Ci;(Dn}mao^EsA#7+LWLoxKS5>$)hq#&Iosy&B!=#-#yk9Z(7KxK^#h zl$ha?u#0k+{Cbmf*o)4~T{C3}n0AG1D<_Z6K;|r-SOryEFWw(#V>niKoVn5uW2O!s zC{J%O<>+FPe12Y3ldTO~=7zcYj@_g+S7x7oubyfWUc@$aA-{GiZd@>rWU1J2L{a#Y zlhKmq7{+1Z$o$?|RZevu4b)`kNx40U^2Y&TZA!|64}`Ss`#Ey)@|YsojL&X+$GV^8 zzt`Es3_xl%l#o>FGOfls$cO4Xku@#tW288~)@c6$6Zc2%$J1fcw(`ZQE~kGiK-e;m z&&38Ec+;#z;r+_i4v}&dn)vu5S*nti>rm(xa;%i2bnv_aSlruI4xgMjXEf7dUa)hp zgynzB25yA9y{xA@RC4c`)!wo5`mj|3{{wr)Y&6{AmJ$4x(dOHC=ZyxUVBT_YehdLl z*d4D6Dz%7pNqz4GBl(KVV}?p`A^SprUZwj?R25354S>B0Vb0%q)%n{HDc_J)q#1v-jYq)-a?*0lvfUobAguj>`wZZC~pSPA}0OwtY^3 zs*~}_UYglI*&r;l(LN}eqmjRqI%s^>E?T&-lRI%k9I=@}Xc-)Nte`v| z{bkw2!Tb4ow?dLI}c((;Sz1`osjPNWs57q)fKg*q>RXrUa) zqqxVg@%ibB2$NgNINSRs?&W{5gmHd`snf#zMUgaHcpiM}joF(G)#)T~<^1lEI^`;_ z;!LcM^jvQ-gOA?-40fFL?Yqqbh4z&2Oo9blgyU!o!)tQYy~Jv2q{ef_vk>0kI6cJU z;qHYz{l}Exc_6hCsrAv3dDHvq)yO+UIHBS96x*uu?sb_!!lg$i1$nvx-inPl6Y3xX z)p@E}8v`JdHs_nBn1vnrkv3PmdX3}Hgm?| zQ1nz%=rn-gdZ!>)f80acVnk*DipW|cQ+~8>hBn#ZSm#4*k#}*heJxJ=dZTl1UZhp= zP+z%F2E)n^Jz8n&18_3gh>}%PqH_X;@;R=d$);)Zafpp_^UE3Xh z=1i0evbyEshofKg1q+*(OUo2RzN-fxd7;#B!TLaE5H{Pt~(>JCj(DB6>Zk@s2J}8G~0WvFDl^EpwTzcA(^t%!L;&$D5;C@I}Hu z6_G3eCb5&xG0i^uw5HsPb5||cRC_?6|xSt)S8AU zFD2Os1OGN%a`ow4M3*|PsG4E?wl>@VD4$*qgdZlcRx(H4_No_+Q^kB9{ACui|q2+FZyW2g+X3H0B&^a;;UKzH(#g-X*OmnnHhzPLB@^|c~$aK@JD6P-S__R;3(pnK&k$F;q16^MZj z(MLMOW&O#X8$d4Y2a<@mxGwK3Fsh-5txn zyz9D9SZV&q%(rJ2PrXholn69QEGst7pFjH4Ej0X(+|^1*(d)6zI^^_d;hR2p-}x5b zOyadoZ%c54kVMY* zmGi7tPSqY^iu=>|mj}2jt_Fg&iGTd@^pBg@uj-5Nb_-|^nEf1GiE_uNkaK|_?2Ch7 z8RGdT`za~Dhm~W-Q%L3bj6>>#a8*d@sa38<8@(Sv^v-#aS&0^B9yws>+bJeYsBitvT zSg2TNu<>wtNBVKuF5iOh5c=x_lLz64=Uosn-EiBshbL)OMQzg@-mw=*5=5WbiCg*? zar(zRD<*ng5`Si)!5Krr~ zTobL1$;mCype92F%7lz+K<(^>S6A#&n$@v6Z6SITV<-LOfSg;W|FAnu{^XA4qMT2V z?5=$}_XBU^>t1FqBO)Vb5HZ&&;N-f0+`u4tdU$?6Ig!`4?UtV-jI#5tIz@5WTdRDg zYC|WgtPD}WnvWc4bj!wYeZxfAGCU=UONa7|jgj&HA7^jk2=&^(k1KnGPK#u#M@12# zY-6uzwPedqj4As*wi#PevSbUHF{Gj}MD}GYMFulu8T$}pFc^$&#`Ybm^PF=&=kxt7 ze}Lru+OF4iUH5%cKE)kSx~yGxgV>%*`<4H^pW~Fi`zWj_LSy?d2o}OSuak+{st(Xd zTAGrBHu-tkqsY)~7!DpEE48sDIAv)oS7+=_n#jLfz-KY!4<{T!zOeu7VXVjX0-T>h z9{b;>$Pj&sJaPYW6NhpN`C@sn(;na9eD^=;1M?gluO_xai+QyJWgDs1)rZkaOe7vm zaAzUq^$=^8OU)1A3)6`YmacvmZLAxYU8-{5UgrvgVGYQ!2qS2Da0|Fa$=HT(*<)qt z?RsvRjCI#$G;Y`r!c0q1Xr8_^;qznk5+x{#DRV^R9K$@+T?cuZ>irpCzg>7_CGsdb zt#{Kw0VRbK5whpi-kH=N5P^r2z8{$d(-V}}LUtfhhu21>rtaX-Ci3d7&C@+n4mWXQ zo8FrZb2&$PEEU#lgZQ zt_5C;m3z}U8}LtLrIgcg=#OaEhMW*#zEjB2frnpf2+?o!cx%9hEWG`E$lCVqERX!J zTB}E1%^WN4RUHY%8bCA%Mz>j$a~(y7@ObN8*veW-w9#<29fD&@kt12^4B-hm5&hi2 zMk%O#p|Y;y&&+R&Z-lbAmQAaGTc8cnKaOqlA)}9<+%hQA)hcd^Aq)CjXeFnIyTaXp zbI}l-ZhQCmW}@;`_0cOkBb#=JIy=~szt(caK`R=lcRlG{t=hm81~B=F7D66K{z_Ek zz@5#4j%~iB{CITq#r9{J^B3~2AM9Kkt5!CXH_4PHb3(`Mt#M7m3PP>=mj45?MRtxE31u`#Gn&N*%Cwv7Z$79N_WQEslyX%1+$ zoG%0ny=f|)G9u0a{1O=FF}|wA?~m>}4m%2TQZE_9vtBcjU$TSrHu3u9-BQNrcRM!~ z$5(DO`isM$g~cm74@8I1rEg@-K=7?uI{csGD0lcUaw_k0HuI`;d8l;&1e*iWPeWQ? zkYy(xK!j3SG*q5oJ&v0UQE%bS){(;|M4s>+xKB{*fdy$j+A0vnYrce9Sn)Cs-%#JKqa`Yw5?3LO<3 zL*AO^2p`Tk^tYl=x>8xajLXx~)(Y)dj{8QV*IL;o+$o{Yw4f`f5954SU)WO#%{D8koL9edTw=oY z7jl}|YKOOsv(2KolHY;u3noM?1U=8Dg)bL(Qjp&q!Ml%kz3A_D`t-mlFTV@~(EqrW z_Ix~5LZ{3(y}rOCA3^$Z$T`v`!{nue5#TZY7|jAQ)11_OeAtZWF2_vPHPvr2S#IK2|la>8;2napaV z>m0cS6$xK#t3S?VAKn^;mf1zB*7f_2(*Meu3_qLi?f+tEk zOHI?B_)J@&N0L3pxwJY4sh5ytltkpMAUt!6HrpAC!vsT(%C(Lw-&YF{?G?z8U+{@T zoz%mN`X-rUIXoWfHHZ>H%+Kl7W^cZEjE~(qyu$vhYHBM)yxsY6qsnIyVb;xS!QF9p zf{BlGU(QdRsh2HMBf(di>U-5zmXhM4CbH400m6BkL9#Hn*FZsP9C)nyK7J8WMa-Z| zFjLkmmu~$6Q20CCeRbi%$xg#jg&X|C1&D&A&WlRlQx@vKP5CYFG#;ln z|0`UDPeF=)+e5=XZiR7afR%3e%(nMhO+7$wTi{M%8S$U^oxRrNgoILomX5K|p+U8ZQkp9(U@UG#kI*)?u^`O|W&p$;>9XDgaG6FciV*CXHEgCAMs zQ?z6r8k%9nK6pCjmEXu{_i$AZXR93}N|##ff+Gj2&HkFHq8!FCp@$|tsn%&&K)OsA z<$kWE<*gG)cx>+yf%8MWvai1rV^b~TsFYP&UgPRf%CW*4weshL43AYvbTc1<{xr5^ z@TzKcP)6(b-k1-jd|`IF3VgSQ0lxf}T&wYYZ{wSQWlMoya_=@k&G-_3Lii#)D6-pR z{IyD8N`A0!i1p%580A59UoeZ`oU-f?AW*KMY9$EPEzW;lXDu$njdib)4Oz;3a2IulV0=^@!r;tH-@s*J`v7a8!juWEilrNlHLrvgG9ZT91!@9r;^auLCp)R){~P;+ zx<+T8&UpXo>jEKK(;)Fj`0qPDsuB98vQ@hYI19nBvVvTv71UgPfL8v>4Gm#57Y6fw zTQx86IPJkKymS4$b;G0GSjc^ZaBW;Kq)um@6tl&q%+qvAiwe`<8& zR5#G$rQ&y1gSWWb*E{Hl-<@~3GSRIyd(q2pR^ik>Fs~p{)7%AnDoxht2^$W9^x(KaR)&@Pc#}N6X^7OVPqz+>lS44aEM?PJKiN;Pkx1+I`~22RnzyH%#%o0^v%J`hjePrdBdqTj^3jH*6KBG(pBTAEkxcf*!QvGUy&)+B=ld{0 z7sP(ThKj%z2T}ayoaJ)uI&GlLl;;5PlTAjlQruW=3CN2!aZxA5K?vPKZ}yIL2EL>c zp_fAh$sr>|HTcJ@=X~m!%Cn|2W(duqnR~-5fPbdhU}$3p$uf2-IovA( z_(;dY8C>~oIoDdj;`ICxiSYUJ3oi{dd@f|;*bK=2Hru9cr8If{% zlmVsSr*rqH!b~pUF38c(rrM|^jUlt1t3=j0m(+#;txnOa6t8HSFZ24==dUIZ)>+=# zYtV+c%(!>!%63_zepme(MKUYdQF2(c9^fg z2;kD3h{4XCpWR?rzjIq=2JxFY2QObZ{ds~?5kX>1K|>~N~Zt6~%pMyzm}Ai6Z0iuagU zPnKSaQWg^A@hQ$lR_=Ijlc%=xUB2vfyoJgQjMAK}XdGSzv!Pr|9yw*we()Ta=4JTQ zCPQ%ee4q2kcOuN~4fcR&9F+?oP$*07D9ywH!hSAr#4mgW1J@@STnKE2fOy_yl@`dYW!yMo#xp|;|b+^?sShi>5y zBEug{s%?|-JB$>o_>DS_*toHH<#`2&+>_Ymo5HfP*7_TOKPh?o+IO98d|l@ID*4oD z4<81z0$gz-&>Ve2WtrNAIkBxYZ#}q%*~uxa@0F%l$2uF(&vl|OPR^vfMMa0TY9|s` zklW|4U%%m$oLZdYGEqm%O&)loj^QmK$hGd>;k0CF5>CXpIXisQ#qpY(NFiB#E!##&Hu-^=DS(woNMqBBaot;Y7|yJo3h-o%)|?p+_~SMH>%X$Dib?6HMWgJ zU{;9eaVHhl!$;1rmSkK5vZ>^?wfGjnEf!(jN&XHxIHL#jRI;=f>J>dDf6B`-X9s)D z`Gzp>EZ9m-NqI~lOC&p|QY$5$o2d{Q=JopKMx|J~L$-^Qg7aTl*eC{7nNiZD;v*cqkg z^ymer%4T+W$i@m{*fAYkMCrEK{3)-+0f+VbLgX>7%L z;M(n=SCT0M?`ak;bd)>o0s=T}2Rt#?)(Wu6aqGO(_W`x(Rkee+T|o}_|F_Y`&ZKRb zMR=N2lzxx-kTz-%E%!K0ml8fPP;d@Fp&MbpThC2M4#5uJg50mDbB9!M;G~jo4fG6k z6LedHRfXxyADw15nzys+YB^jeI1^I6`0|*G!0d!JxwY1OiYiCn$qL^GbI(o!oTJ#TA%Xi7vxCE!Mm zPmw@mMoth@O)&FFq32uKJj9coK0wxJ(e32QZdOcl5Rh~0yjad5bgA3>c;s#Y!}A;w zLAcj5f6dbZvLN7wo84Oy{;K+qS%xcvEn#vt+B9}Z;tKrx`**?VRqrxKn`ExzL||?& zy}r!+=M8aO=tZD!={=v4t>ag~fm9Le5GT@IoM+vMDKPmq7BG1959h)Mht<98Zn>+4 zkzcv&e*mB3@)-_Jr4%oBp(3&(Hyh+q_7>80ih7J)y*e^Zgx<$p^`72eh`byI;OMY z*}_9;oJg8Bp9wY}>h6UWWDr_K4ay{te&o75aq)q)hrcBU1!og2LMNihkQ+iJsD2?U z>pl5sAOc$!-h9WJ-q9-_PJ0c1+Km8I=vX%WRBpI|1@082J1GdqZRsy@twOpNC`n`@ zI<&<2q~HnJ(5vAtp0o&eJG0eXXk<570X3Y(&>@9n6hzy05suQ>V zic^9rZH}sRINDXKBXs}7cOh@mYtoCf{09-(Y?*?VMne2aOYg+a9h$wb6AKmtam*scbD>C) z*kzpi;ftxL%xDpe9FI0>g6);pb;#qxZ61$Q#;QGY)xfw1CJRy4&q<4SL5G4h{>y4J z-&7VH{Hkqz`n0K5wJ&%yLFk)!56iYWO_~DMnpdpS{f21V{1R0dUnICH@g@w+3{j|F z$sC#$h4_{YAF?{54N>PGpBtnMot&Y855KHXV(6F&&s6kb1)9tC4d70Vj`L+=n;) zba>;r=q@QVKC0IC0FD(1)G=02koubDZ{)ru)T-QSr%K@zH8-X+Z8W2=>5#cmVUoMQ zfJERGGXCn`4B&t%zn6_#wl7z+q*o%w-C^WD6n(cYrK|az>A;tV8C?L;{no$PE(a*} z_&^E(B`6B8-T=>e=@^+>#_5|T9TDJ%9fhSo@i|n$Z#4BtQV;d|)8P5pWN}J_3*GFt z%CTzha$7uZGO@c_+>LC9G=Ow?vC1;xgsedHXaF$ZI%E06--I>yuxi^?tw(f=$2A{r zslSQ*G}o0%JHIE-^kRq=0WE<9<+NnQHqunfT|98KYYW!v&jcLms_o&2AyG2ruvmH0 z3!@EXBZri>UI+Bxcj*CyQ5lj>?n`EyHeWO=$t8Jq2*rfUy5DsycqmjSo{}@cl_l6Z zuj^F`-*vprFj)Ch_C#G%LASa$s?V2Dtk>d7VjRTO2=8s`8fU12vq!$(R#SL@xoB3d z1t~8DK&O?hPS+ShnxZ`H=^`kBjpzo61=CM+>iA&DWRF`fqKug|OAQ)3+ zRR{QdI}-mB($|F1lF9H#!xd$emuU)vr^V@DX}#F8dSc1orv}L%a(-n8cK37u_rf+A z(;Az|oL$*JUULlTk_Y3n6EPjsuPh- z$_xC4LB<-URYM3QXM=L#7+N$yuDoH=e%4VvH<6GZPIfPKMqi9)`0SM*9e2bPvj{&i z$o6jQf`TNSa@LI`96yB{4!LB}*~p0&oqfaXGn*`ZuW}YGB&hcw0@4oFP@I{4qfDOx z{`)iFT()$@LHR|~SKV#wxD(?mCu2KCq^azCo|rtiE|uUNY3cXCK~7h}p?b^P&dY%) zD@C~85WcG|Q{Ck6epYsXmu9}|1CzW240#yd^BTRszIolEa}h-98$TI&+yB_Y@OV*Iw$^M;zz=6UNh>HD8W; zc&^-Z`=cgD;d=+*W4dp{q0bG>M30u4yaWX9`$`-?{4jm$>90esZMdS?&4_jy1N66y$+m$ zT2HCQ5J!IEaqw94E1HY3@aE0@n#8d6wH=RiyS#Mxemf>AdTm6c!y`tQx*D2dhx#X{ zmb>0dw!s9=j)CMBy4^lx^1{&PsB~+(*crknGJsjlqeXjK$<(pRu2c;mX~VTB9WvlmmX9tX z{(IU;1;0unp!4d(9^J3V1^xD^5SyK@{_PX{7@R2+erKQg-FT7A`1VP0ywm$`+voPl ziP{Mrma(^tZx>Dto~u|}3ILtuhhLJuNWba4$;Ws*C!q2b??`MXrCMDXqNSK816M^t zGYS-YP{|0gw{LKA!}^SK-XiaR6W2H7OSgiEHb~>N_&TqS98yySMgz4_GC3CBHwkPv%(gol+;oHbhY###Wjtzfg4E3!-zc(**{ydD2(2c znU?;J%F{Oh7oJXFL%AxzN*j&j(1}Nc%joibDE*_C;q#*G_)`w~Pnr)x`Ja^>zN5Kk z2V6U)&5z$!5foJYa1Sy%)Wt%1Bm%daxJk4d@CgY;nAGN_7d?p-=Ig9KyaSi+Xo8hA zt>zsFFKOZn!VN1=g|e&W*+BN>(S~rQ!c5RZlu{3iD#|?)r?q`cVMpY$E9|VUt$Yn`G!)BomI&<1Op6LnreYAxRz!ncZA;#<3=U zbLgL)FV@?I)dxD#H_FS3bm$>uOO#ZFz9KCXHco@_@pP6jJ$(QZMDnM zC4bf+c-5)~$cK@=9n2$k*SP-#zv2haW-t+^qcBrjC%4J*`1eiz7vC~E*1dAhujlO0 z9h7*}<~Z8}Pvd@FTr%OjBVqwCM1mL|5gR=ftC(X=rI>h6!ZR zu{u|`OZd%lHRsTWLRv+WGFPwuw&cpL+KPS?bnTIi#WN3$X$zGEqAn>i)J6MFs$Plh+tL0-Q_Dpl&jW55XH zXt3y4_btVq1Me~IGbawtumWBr$Mm~-l#YK3xN)#E>>B@(_?B@aKemU2)292o)S8gv z#3#9JpOZ6lEPgH_vrs{sE|d>Ls|y>Y?nkZ_I(zVuk)R{Ex3=T}NkQpJ)8V0PU+_k| zxJy9?dDdF+>_?(e-pu=|T)A#vk1+aRFebD2`kFNP3wsooQeeTrkd}vIiY<@iDaYF^TAZE&1*gr8!tzt zKMLAzpa4&!4xE=BO8+kVsXcogt(41OxFOV^@^DQx81PF=JFFgfkWhUIQJMat2Z)(< zFC3ffy4&~Uau{v59Z6&Qm$|7jPoJCP>;E7Eezlx1%urDHJMOuXHaIu;X>A% zPb=!*LMvV$c+tp=@9aBLtAmq#)n#j?L7g2e^D27oA|#0Mj5Lg!lp>~e8}Tun8!oJz zc2nWy#y{Js3Cb9?R#wN8NIqS}206NnL$}FB1!8Bd*SS`Z7O1srUzO)1hEo?VvjrUs zDFR?n4gXk_)fHtAT}~Y_@C;SjY+u)|Hk`}16R}96d%0ZoeLXr9#9IbpMc|2%$#;B9 zbT>=EjE=lOrHoMYz+ovp&_FUbKOo6g<5tx3{2;U_eE8v%-Uv7;>A`m3wem0$!oI3EF5;EnFa<4%n_5 z&~BbP|DEdhQeQw&@0@eD*jUK6BFA|#zcKX41k@-~Z}$V|I!r}ZDlXEHDr9M?oZ05{ z)Ws?kSOf>T+uiL+?E`pXMOXaQa=$cTeoUWE1hf+uvZ8&++yCtH+({Ji(4$G%k@s)g zPf>Tp%D-Zi*!5BgTy?f*gazr{H`fO<&c+GX9yfZSY= zJtE3Tjh2gG0|Hl%4we3Bc^GKYN5G@^bsM^+1#>O!!b;lI>*_L+u)nCQ+E%mxCyJMr zY}^+MPGtBTxS{Yz$O%n0oa|3J`aT9r@5GJ&bL%=8tH$m6Hs94T0)H6(4#e#il(3IO z=|AnTSdSAV8dV4@e{rAUSJ-#bK&2qc&vjjMtD92tB11KKl#@Kavg|w)RqR}FC6Znq znU6CXKAtXdZyT|0;gzDl=US^U_P zR8Vac7AudPtTE?z2t|sRs#jj36CB8P$xX5Ks-R@&iPw<5#+VK5HJi2%D$sY1^DFQ8 zN~>1=BK6jMfTLm}z}@7}6&u089+&vM2lcEw*$E?iI$0*KNoG_UCzienMsz0~2!gh9 zFPzDUH{COgaBWZ4!Yzne)-_9qdXn2t*zV@{bYzw$2SUYvc0+b`K-|rMCriZk3SQQPWv-d*M%Zw-P>UvXMeTDiq=Ap zugc^ntdSTYw!W?UKehGOOYtPRO0(jStv}!<_YudYQ ztx97;ufaH2y@H!JS)I|V?fZ?S0jb1ucN6Y%*(!XPS^AAjEI_^t3LFPS;MXSN71k2F<-BJp*yW= z?`C29ryRM%^H$_>b0waz`Ipg#rh@2>H|xwp2J`k1kgYIVom3fx&N8;rt<&=Af1)R* zn|{LrKq1ZAsDKMDsqs4<0dbS-hhQjLdVqJzfto4rK#;It1O1r6kpvS-w{n&K3~<}o zwF9g6EG->#It@OCdXkZ9KUYY)2i)hZu0qb{u&RigYUq^2Y7Y3@^kPX@MHZKPZ^bQ! zL6sl@c6AOlK_mfWpHb4X@P<3+#WJwgb4?_A&#yXQ?S6p>3iFGc^Oi~Vhh9u54cHM1 z5)H=2^1gS+v{qX{ z5Nd>9m5U4eCNPVGO0}IwTd%I}^m-YOlyn&M5l2ZFp9Ye6u5KXTLQ11mmfV#d1m|)d zRH)!9{dtUl)ZUo!9o1o)a-j8|ng4I-Bs2C(!Wm{@oOxtwOREL%<$7h1JMg|%@^&X< z_bjhNg~uq4QB)gH;+x-SO|=jF(ghd{tqL(GnJjy6xDLpVOZ~0#(zDyIolH_kurPYV zVec%C>hvu%Qq3dPwdZGC3dT%3s2RJ_?GFJTFWs0KwrGkP&2h$71OLGDt_DLtw8UGU z-S?HtU*4Aj>ECkweq=s}73#Ip%LkLEA1Y|d)mt|E9PC^epP(yueoETQ(MoP~M_^}F zgH*M`P@HZ1FDh11jRH_8z9vQ|68Gwlm~#dY2R;2CRCg}EN$B4e{HOGOy6uN@NwW^3r+X27hss$NNpcCzC(e96_i zY-x!U6pubwo$9t0>ubCCbn~4Y%Q54kQMR2Q!`bpvlQzn31%Ym*ox&|kQt6f{C@0!R5m-d{uHBO;?MGP0#YZFa!u zZNyL4Eqw%Ovgw}rjS`gkXmNg)dc=1^sDtx)_&0zyhqr3PWGJT{T_`nJ&q+K`-;X03HHA ziU`;OaGfe%xR@B~yDENZyCgxLb7Pitd*2f)D1NgHFz}_6G%Yw^4?Pl;66U#e)8xIY zig|jl?C*)eL5Eep_oqesjjvZ~By+WeXTEU_o>j913vJJu5(Ry2H(vZXC8mho+owf@ z*?=v412guQDO+c!t(6|GMBKN9{~J8J#-=;I?=GanXr2YOJu9FY+nJi?M1e=2C~DmB z9+1Fp-eTulE&ztBAyVB>y?;BQ#poYSlzAW@`1pPAf%*FHJY{oO}c~zHcv_=4G_?bw@dx6d|-&1sj7mBY$rq(1T}{ zt0&;0H}Wd#4bV>qYAhnK2E{K>KhC9nCp=O!q;xP`>3!$he$f9hnT>8LM))LWU%M%R zE6B3V-_ttjRK}SnIWK?D)C^9PL^zJw$DRf@&g3RKE9!>&Cd}QT%~~y~MFh+IiG#L+ zsw_@YKa8FMz&RZ<5KIUoh`IHXx3#P^&oAFhj`#iB*p+^=cx+!M+52$gvHL?df~V2x zcU9Ae=Msuh{=&!s9FM>P4!hv3zV^?WZk~R`RecyZ0tj<@0dOWC%p5M<^4_>K_@>aj zrjPut=3+o63&QL3tzagSAA#W|N5;w89L?=-#CdXktD7Y;P{PmeZnRvd|LIw0;T@L0 zwooj_5A5ZCeEm*XzIi)zwJ0~lqE&V0;mNkS;=Hy4BSVCsl&0Bmt7dv^HU#o6GniIn zT0~};im3sGf^T`H3{*cH)g21g1@0@z|M;rD@tDE+jb;9uDM?VvfU2G39q43me4W{P z@`5##F-I3S9yrKo1nM=Xrsa5BC1(d1rEHz3a+@^B;s(73+(DQq76Z{`ALJ^D7XlDb z-zR!?R;7n-Rgc5H0k`IjE$7Jk))8KGPjAkgR7Da+7NOx)+!mD}o^Z>jU@~@Urd{;3 zw`H9dL5eSbH?HoH^V#q_s?Ux1@`FAatboqwu*mA_I~@WRsq(kFbZr{;5PLC_;c;7p z!m*6xd8^i=YyUrj88oCZ5Bs6b-+6|OC9Z-YQM~dWxU=Gdic)SPbs_AG(n7r&?u3i7 zEZgni>U%DNAG?T>!T2H&yp~h-S{G^Jb-#QW*oKZmEhEUcq7OD7*ZXm>IUw^n$CEU{ zAol}K3o7g^v9S3jJj0(Z)uX4!yJ}`9Am{n1FM!pTAGEg)BwHuE4Vp%M{6-xDns76` zSDs#mFMk}8q3u4C45xei=|(w?F52d_&7<9j@;4|(UY^<}XG@#^OH8x4F4e+RV`IH( z@fnKMg)enR=0lPLtAayt-fD=fi7gCLXZ`N?iN{Sm1NSjnHmb>LCCoiKCb3T96oITA zebhSW?e^6Y*+$i0G&o_a9pvuSMYZN=JxfEs7=SPXV-lq&Z?eP%5gV!L7VvhFv$7`k zm&so9Js^y=LG)Iqg|!w{%aFmcgq&zh0+HAUj1@#-}tY1h^2vfEx)1Z#_OjOx{(^^4Cfl1e&bvG*C>y&MtRO0 zz%|oW(zwsQyHb;F{3>0$dI1;K^gHwq_MVX&Q^B~jP!v1#?c6YrFOY*4YhpT(G)3p= z#2Sz zzivQf!6sqqG!gc)COO)W@8MaH4|y)7MXY-Gz(p3`5~S>oY1y^QSV`xUPKpUnVPBQ$ zX*ad&vrx#w&A!UOVY69#I+^z8&Txrs!CFzVsIj_kOP)#lH^}V&I@761EATe51XoF} z`oA(jRh%>b0y&^H)4B?5`)v2bd_6S>C+{e}t&S1O-qzrMAABTY5EJ01)+XgJ|F-aP zkMWcu@?L#8jlMN)ad~S? zi#?pBhy&uTUI>4!MZu-YVSx3eP5Hl~*y!<8uxBjlRjDW24X;R`fdjjIj!9>b!x-Z> z8aBZxaU#fSfi+{G#cr>t-hke5niFz`4JAoldQb{O!PusSrB|@XpU5k0c|IR`%k+-o zYWD}mvW3eoe(>K&tcU}bY6hyJU!G+kI$xE)DZ_-6)^_6Az8L0myj`TKcH-b@F1Wg? zYP&(o&{K{loaIs8r=TuItsb30*04GrTpx5>LYpj7)BN8JgHM5%IXKHo=9Nsv?(!Q- z-goXVn|$@nr8f3%MM7QM07rSm^PT4+mCa>0Sq$Xv>vR*b%gnf_Y~QM~Xc~dj)#Z4Q zye;D2AYQQQFw=xjL&Off1S4qe&Ar{Jf*0xgO@r4jVjX${Lh0|oi%d8t>z>j9Unh0W zjvpxhAiTD}d2)cC7LP@9Q6>2V8~50phs4Oe_2%!cpD?+r@?`{*=|vi+;PA{kM$W2~ zT?#>$9D;LIaXzkw;C^E(oK^q|V*_wmStkvzSVheD&ypuzpTXefDrYAD!KCB-W$?Tl33AW!fi`!bmk0cyb_Pa1`@}4_A zGRu#_ut*KFVY7d}?d6s|g6>*5juS&S9to1f1v}#%2T<|x$Y2};ogrq{P&}R1sw}S8 zci(E)et6({$@WR*-;A^^Fa1FE%nwQYx8N}wy_3MjS?EPdMaTgYv{m{=x^f5vlk==19J zlF8H&fdvYT70v`H1qEH+KTMTtV~@_)+|H4!SfAXwmbc>|l<&E|Jkl|Wa|8VzVyJMT z>$8)>gdx+~^y0o&5~6u-?#lp_GvhC1cd|kGAtAFaH{?R{(D*jD?t8s z+|caoEN;MfW|tPN$4U-mmk2I}nM$_;so#jGB;8);%J> z1isJNg5XBQ#Nn8eBT87fdFR~3I7~Dm^r9}rjP7OAFRpu@s2<+3ADQFmxOfffQFq9B zI~{&X)%l6UVv6W`OL^uV$HQULMIb$b8tA~f&cJJIGZ4>cDOExL*H|^WoW~v%&~&f3 z<~-nx_X5+=^t;uPj-yLp~`lxP=O0q{+uaTzavByMSm~vbB$M@T1V?E2+!oLN4yn#S=T%j{T=O-8Uexj_C@+6AtgZFV#!>{Bm7yKVda(p;Tq|Ly>H6YlcRP-suB>#fIG zNU!exajwmwISnnT_*O3OFjBRPpxygbxpvshpohDcSA=?zc1n-_cbK~n0b?bH`m|YR zrqdl7mG+Gl;}_3@VkZR&U+y-?q_$2YqBeU=biBLPm(Q}A&28~C8qm-C{FTkdXW_fH zKi*@Lm3g|B^_LBK%6=;n{LV5W(Z6U9SO7MA6ER zqxi=#BF?9gnHW1YB@u*I8p-% zE02BMCNj`4R;uaZq2c8kVm7Mn1;?6jsBU!cj zlnz~gMTaJjj+qn$hIF5a%beSsDgIKBY#|G4KTM>vt(SbE`{eB33{PYQ2-v*4C<8%bN=M>EQ4IVr2HR||(O z`1n5TiyQZ$`>(i#=|HnlGASloir}+@NT4iOFk{I}bM!4(9O1&#-sC0s)w#pVXZ7lf z^;l^9BbGMdg35fSB=U%b5!r3;Y|Wkv?&Z1G_S zDvWbsy>7ypy-lqf1O9;-pag;ag#V49gR)%YxGz~zp$IcbKGgY4$eD1AttFR>&qsUS zheMX4XZpY;#XU-B$bTh|yHPRS5|Bz{s})yr8mNw&*LE*GNR z4l|?2R>xOw^r&c?U!1JiYP3Y#cvwrnPBJ-qGS(@_W;aL^DJ|yT^Qwqz|6D6s(^I23 zbDEW7wR~zB^B#)Q71*w_-wqJr_InI9Ne`$^x@D<@Yldz+PE5Z%3q;rmO%=w_lJ9L- z<#ZR)yMyIQ>08<=zs#mQ{RAMrK2M)Ls)UhK)hv!7X;URMmCy7F^jP5Z&Dh2d3oUed9cF{2j<3q;E_=CDUTi%*In1O zJFMG5&G~Sh_3sevz|f1J(x4p5aYy1e>+O&DoY7A~bJBbW2-6Me<>7g&*XI^EcJKG6i>hGp$}ZzoYoP*~pV_NBkDE1_Qc3MxZ0 z#B7HS#;o_tC`FFhXauX)Dp*9hHKWb!_8&75pAfZe&KVBNN9Vzb*@~zHEK} zyKmLz`5m38@eRIQiDPDy-uEh)<4|)=A)!&CLhpm71-0w*K}(Z-w^u zLBVIE%iPJ#eFj*O$Q+LIb}#wKWJ2`dOx+p6%?2foA>O8?+TVL3ZrnoRwpEq?rAKU@ zJC9}G9pvzH16vpgxuSDx5^(3*U~|*J;^?q+CFi3t3cPo7ls{T~#;-2!l+1f;@ouh; zc*a1M=(l=^?AJJoLmsTn#Vb81##`lfR{nY`35vbTb==Z->GeWNknemiXn`jzFVX*r zz077L!5~tw)BvGaX%St=Y%*`cA0-<(>KHQz!4iK2vKKD>%nGqY%r_=cb8VUB9DRKM z2w_#ePI0T;;~&ZKgA1iJqVR-koy{I)f5|-j&m;QmFBO_+$}qyG4vzCmu+!+*?ESY_ zxEJH#9;cN>P7gy9uF*VkK7J$mbzFV=I}B4~1-v9VOIK??oq5~`M$TZhYYT1&1S~j5 zk`R`txXCkQkL_=pjsAaa4q>El8@*S3rBzy{Sc-c>Yks&)e?f;%IZz1Kx1TBwoz`b6 zri@f)SgK4`l!vobx^?u45&($_&LB{}{6BV<2uhxTHkrubuQtyhN)ZdMJkjaP*LyYL zR!I<2W!q{H2&ui$BUf74Hr7i6FDKvAhb`fjM%dS5n>PQAfLoH)Gv(QGxB%WLm6|lG z_sp{_zi#Qcl#4XfWf zDalG>G{2ws8k8S4V8h0y;WP;&yHm9E~WY0M;97GUr_IY^S+RYj7L4bQO zqg*&0q%`sp(i-!F3&V~)Y%BazxM3zDciuB*L_;AjmmR)zJv}&69ETg`J<5ajFcC%E z@Q+1bg2_htf36cqCd#?Q_Jtmwy(2&a1(C@~1LLM#pZlpO#*U>h9222S3{Q8;S6*1` z&b5Y2c!5tc2w?tU4gc$nSZW9UaB|;$G|9o9bq!(W9D4QVNng5~jt^#?^>TiG?ISG6 zck|X@_kC*8{2N4?82)*i0S=9wT|TZfiIrnpce=D9uIE}2FnJV5sgQCouSDsM)L5^0 zi3v^xM&cvq0Ta7ic7IKdh(6wV|JbeXkb8Cv#rD;GMM?&;3A+&8-hvKgC$ZE>r>@(o zCMMRP;mVr@c`7{c?dB5Mxf0oVfzo84Ko&UHQ)w7vVlB(PUel!X7X+A@FE%^;DZMc1 zI46&!|CPjs&&P+Uk25YDYnT1r1)|1I4vIahOwllZ5uid=>(Tdx$>nN-RS zr)3uXizobKEF$#9n+MzPB_)e)T#zW)tlSW~@JEC}acaw@9%s@VP2Zg3qMdA${vtF- zKwsZL=;AR6BBwLH8hto;->OLG3JaU4wuW3mS@ha1n13kPQ-nQ9* zp`Q$VmMHPCRDyZD6X#`d7^ktCARM9Ct)I&` zB-}{(E&ZnkWimw}>n}!iTFuJ31$`gPr&w-`j+mXm`~(>YZf?L*Rc4JRZS06n*?r%g zvlU#&5(<;ZH&$@C|8I$~E-o%94C#VkOwt9UHBn(OeH7_Pi>Es4bx~o7yDl&RB zw%7N2FqxLI88=wZ$R)NGE0>Zo{xnPJE)@$$BZ8F-SR5EN7Dnp8+GsJa?Q z>J_UP8edbWutJt4QZ39)n~ylRU7SlS!u(}{5DPyC9F2X1o%vKBo6@>?;6wp z9o2-RB|+kzE-S#(Tr3R2y{N=EGU)#y_MtCMp^`tk>(3in86UpXaKqz9JddICqesUL zU#7sVU$U3^MMb_-hh@`TWHCcuz*_C8BBxEc@ ziR|kb48~wEX2!hNprYq~?)!e;-}8Hq<2{c15C150UEg#0oagyD&+|L6h}z?xUZLg( zyOE%?RfkO9`=jSd9PZimywl??NHaww1fa%#5HFCxhysy|>cIUZox6L?M_tb8e|(=V zTBzUR_%;eHeS6m+#_Gl`OleZ0aB)}vBg3FRLOdc0xc^O08<_Aq_OF-xYzM9|=?VGH zZTT=_^ak{|4K`nC^p5MbKN(-%?B(9uIX7=r>a>-Tw{vm`aE+Yo5_Lq(jrivtU(S)nOD%xH(=T_5T@yzeX{bLtx6)WJzq&Y%^n9i z8PFN8Z6s#gZ_ICN2h2dvV&a;j;^mlLQTICmDhp3=(ODCtvDw#Irb}shp z^ZrQH6z_nMY;)Cfl+Y5v1|V0yGw`6?K_auk$*sH}*OjsGRG+hKw5$Hm*{U-b?V0k@ zf)nu=U_$*H5q?kNg}JXHh8%Z?je|Y-QtUMgN%ybyGM~{Wa>t=W&JkzR^5r-}$OL!& zX`dXY*D;x5^YYV&B5l$}tP3LgOVValtE}1Q+ixavip+NNJmm7Zr*dO>b6ffF{mhM( z==p7KYkR;z+=EvU+2g6_W(EWnL*v1oj13r@Sdeaxb%u~kX3PgIsevTnXa@P+?zMV-!4pg8# z(_8~ce>CYdY?bu+$TL;xG#eQ?V>UnTTw}+Z^Jk-u>M3>~vQ%$L@XpGVv-1$^F4@vx zN+~7wHR)^wZ%w;k7Kf7RG?x%(jf;xW=SD_^q@r&;h(lyb5Cr);9P%!D4f?;!Ov*K@UXSw4%der=Np zjnr2to1TPXNH-IsyuG8R`JNNyE$3H$TK4%Lou*@NPu*YK;CBx`4Y2j0{*YL^cPYq0 z{fgTm#B4FW(FyB_#`>v4Ly4?cpB9JCA{hfQhHxWhCk9L<>FQ;P1#7d z{OST^H!G?H#LTFe-Po@a>lqnl^BXMMjr+C&&FM0WAQ3GG2UrdTF0Re_mfm=J>qGs$ z&;9(WR`+(W$WE-v{`FkWh%-u})Gf-SZn7&Y=URnZ{&HWn%xWu;$|?9|S-z3UY_MHs8J9gMJ?uVe{`a&%*k$?6OPRH zJLh#X>_5OytIRLCn&ObfJG0NnAbn#CbYV!hsiZKo5tJfQm3j`gzt8ZF%nMxlo1N{5 zxHSgl$H>#8cf=R;s|H?5v;icMgU_U)$izXDona->~}B0eve#3@TE|^^P8^buim)>EH{F# zbys_>63`@L%~#i&_f0pj-9FkqZugm?G^f^dd%H6~Zb!Rh`0jjfRf&*}WigB9XOt~n zv98cP6>d2$>#bUves(k|bmlzA#s~U&9;2^XjuE(6tL654-q)vPBG1wat=e>yKIb@qY;iC05M`CcnKo2^1;I4N^XkOjs))G|IK&l|e^_dkz{fY@=$1^sQ zfDKji=9mZQ40X6CMlw2dY|?Q$u2_;I%fBN56-`4nk|3WCr*XfFqDSH*>7myvz23Od z&9L^V7I2Ua*~$@rWq0tuA+}BiuxO6^wvTZfTRwLZBX|;%!X2@bQDphB{$i%2Joz{P zUMvm2D+0G{JbP7bpuozLL+S2w>+*<1$&>=AkxOM>wZF@>sdEJn$lQw^X-ocX4>kBTT44pO0mb?2h@Ptx#T#HYKI(oc55F>Hgv?eO5RU4`pef6mdS|;iIBwx zjdMKDq1zenyz#CgJgC@GW#xEhssnNkHR3Hk-D33Zmq-MTajUn@X*%jPEO3N!4kgAH zlxRrh=zpsKW&W`?r{Vh%cYfKiiKI6Q6;sx%V;N-siGcBa81h?D2=VgkIho$4Uh{q{ z+f6VPahW!$5GTGc;#l`Mw5v1Ub>f6yL{sLJQPZMb4$$%WG5+QH$ad!-WdqlBSVH># z;@lrCwE^+y^R+|wm>;n97LWM}{|25(qIx|6MtOAt*tn<| zbC+!tyL=eUMt|sl<{?3pAWjegTx;6p8Hv023a_tv$B}DUgaEH!v|9>(`Vxo!o@`ug zvFxpv@`I=-cX|TOJbH5=#^Ejb;`;?`TXpYYiK;Ue?dk&X1lUKO=H;!^dOi0^PVhX` zW=Bj68hPKYJb3qJVTCwqhmmu!<;rjGR%F1kq?@XX+srl=qy06dlQ1N!KtAlq>`Sb^ zP4=EHzNM2W>dB2N6&L}(_Bq)EUf#7F^IHi-NyJ#y6Jss*6iRR6Rx+FcRg-D-E>oAe z>Jtj-!Y*tl&1JoJJ_bRE_8n%{o7jcF6R}RK>8U^?-SlbNn(5Yn$pV3FlY`EWC*F zWz;Kj45YqndaD7sM<;y5fNA}jX6nxPQa_LT5vq~&;R=L?W6w)@c+bBGc0lLv^7DvC zRiUv?U0=V#1Dvd)Oc-fgHkX9@)X2SDeXeT7%~Lh*q6*Kt>TT9E8wY6iv=Ji20deWz zriK%A|E!Kp^OsP;*MV~SrCTiOfLW09#OnCaesmg1Cp8cCy%D8YeFfHPlqxS`?N;j1 z;1#P{VcbOQQXY;OyUzJyOP4O;a(fd^w+a&+y=ktq`b%gBz-{a6&Q9hqtozUp^&Y;D z{TWDsx#I6vlW&fq;!dOWGM}o=m%AAZx6Az2tKcNRV88HUuXbbC(Pc5CnU$y2I6*$_ z0U1G;q>#YpLBQ3p*C?69_@j{)+=I(^1FpgEoBbdKie!#(RyMI;yH|KZnX67+7hn<} zlh15#1#+-HWWKOm=-rWu}5ACYP3_h>+LcP<@%AuF+$6_C9m+UkQTO zw#M|ks4QsT_|ct*SB?9qI$tZnW-(CWpD=q|88$jy?nWI9C6uo1ceZ&<=t zCZ8!hd;eF3Ne&udMhXle&#VHz77zsnmam{76=I$CJAeC9(&z;ADZhXH2oN+;_Yeck z*dgPRQ)uKT%cbpkkgz9ILB)xV4Q!xnu%g~f)ZCX#6~*NWO{$9wzkha{=%~62Cq?Cp zcE1Kou;zx%Uq;>>9VR@D*Dd#c6`I&dsJl&5Wb>LLRebh@{)Zl^WR+-|$o7HvXKE^v zKgjk0yUv)s4!WIUz;upNuq8KtXR`mobmB@-!F0z_lFC9>AB|It>&f@FONm2Ly4V-b)HWV z^U>y8P|U7w`r2%#_c}|1QFx9+VqWxF-8g6C-i05Vw!nNll!Y9{XTpK|93mt+hFDU| zLzUQHc1m#44Q>z2tNn?j7jf8*W7R4U;c?Br6tUa!*C2cJ2@9rQzKT5=iII}v%jIKu zHyb1vHm!dLbEyJqoK+F{!KV|wBOk-;{2%(B!(3c*8`}rP4Jt#~MF+C2tX?<>upY+m z_&&BB&p$inlBC9TNB69!OBl;g@Y#j1vu_Kw_e!A4jx z2+xXZy+H9eA~%uC?*8y5d-UG+)lT|~Rgx{cok_9xF&j=$rgB*1?y{J`aUFrVyj?l* zPZJdyfQbZDWA&S9aq{jHur_tZbHTIae$2dWk_k`0+zi=V%T1mm9`k6bUP#b)n3}9O z?^N7B+z!@y+np_Dz{*+Ho<5MPpI{^zfHd~tEzHSF@Eip^*w#POUZsQTlFR(q6t-=2 zyVsBJA^|!tx!2BRhz?wLz6@6r%Q|Et#U!TyDl%7L7@2VH0=<}Uh0JQtm#M#sM5W!e zLUU0(Lz5aE7D8Gm?CypxdTh88OS(Q^yCK-nWtX%BoGZtS?r7bUjWUQe4zO<;e^;<>u)}>S0RlBo?+YS z5ATFnbqP&4I0Ra7SG|9jQe89n3ty4Pgyvvvm0LcjQ&eDmU6=K}6P917bF!U-@z!3B zkw)2K%N;r8l0~lZx6&Nw_SrIFJ=wGUy*1i^x$uqPWh3ozq&#{qLvqb9FdMm7JYPKdE04<^Q{U zs?feCNy>@0MOY{1#O2|nE354hNh8FBPkZi}-~*J;SAXU2yfh!MFJFk=@fm%ll|HaH z7cmc^dvS%s#h!u`^Y_q!WnU{ul!-lg-Hm~^*nO_b`*@dv=z$cf7Awx`Nq47fNmArj z!t{yh-bQGY;HF80GDh^dCKss6YcA&I#ofXPraSl&v+IH8mDjuyY=7rfL|tT&HDWv1 zoqlHUb%MHUv8y;Lv*=Xi$~Lc!VvZ|j|6uc@J;e5b@Uy@Ic5l9ajmG*#erx;tRt{Y3 zjeE}n^&#y(^Q}qcEEece)`9yoT5)_xp8jCv>rcaB=^FGp8s6T+vE51ehiKS z*OmXICiVhT@qfrmJXo&PD?GLDymZ|Uf*XnC4&DC4isjozSU3ZKId9q|(~6bD+bE_h z9;R=o8COop-WL*93Ubi_?gPI|6EDwQtBMr=#b!jZa)ErFnl8z#AfXY{g_N*tT)wN) z{_WSKg*Q?|whblk7f5kKAHd4&IGa?qU){3Qdnb#TILJZ@9^f*=(RN>vE9y;`I?zQ6 zYp>K;LR^nF^e38pkl9!~b~w!4D3PI8@6Fw{FreS8%Gf-CgC@|~s!!)-`@PkjiSZCp zX0Tw*bu;cS2w0Yd-d)o?^9|cT8&tr3k`b7G#e%p|>HbF3Y+YV>_#pe6?GRwwW z3;tj&t_$bKl;+MRc|UKhRST}Z_T9^6SF%u9qlcgH=G{)D^i{6wpO) z)bs!@`sAJ8<+XXq?j|emq(zHzmGZ*Q{cPc#23GutC`5xod$sS0(Lt9to@|{Ao{QL& z0)278^JDr#b%ah@|BB!#M6`m9gO^)E!UK%eCK=TGY><6@zfN^yUR13 zr0)?NSoafJ!#^q!OvO-5Rybz)s8|>o_iXXjEpumc7;qh!)W6g`sj1zmtGC)62nBG` zVSNT4XwTeV9n`+hW-`1^+XQN<2FfdM!~TmQB=IpEaa7pr(nNWy0a-k7@z4SOO8GKT zUHTKDvv~c!-M+^yE%HL-h^eX26(Jnjl;rkuy2sDt~2F#=abGNi>a(`UW_02zUj6LvF*X6RRhcm)NRq`_=&4I$dPy3XHl4o_0ZKogQB0b1NC(in5JKEgqyZ^(#Dl?UjL1WChFtK<*g7J-zZ;;0U{=7ZEr87JGg!w&lJF&W^VUr3G|2u4Jhn%3Z-g)Cy zu<;;GM!7HC2K}~zb^3o!-LEgo{`V9r$t1444fbnoH6vcGne-cK7|NdI*Jyc;J%BlW zAlZj;_dMi=$g1J;WH+UlmWC!8qPJ1H3~~7>z`R(x5n2SOo~#~txh*sBaU9y)$FyM` z5`QpKz)wQ6NU3K>my^Z3ujrs3e3`)RaYWEYC`b=z{PvkF%AcS<1U_l5{Da`qBw__j zC4pxjEdIC>0N^2jfthk|Zt$rP+t5j|`)t!ccXHO_>|Y?)&t+f9G0hSdmHo2!QSyiH zD{SuY|Dm^j_r`hv;ml<8#zG{uYkN#%fVVp?G}L;9^~Mnuc2ExQj=|eu3lxdIlsSm5N{F|I`!mUg`dRD(;Z>6Z$ueg-!v_k zGQF3$7=mbYzfQef!7d}Ge8&m_Z^!6b5mdmF!oygF&=-;8?5w8-8W?@@X73Ex4^; z;gjw0QW2%#wIhch#SWP2zHZ9VSYp1VO2{2Ge3~!WL&?m`%4_~kE6|Rk$Cy-4-Lmop zu`&e~hkW+>{J){@nVAYdp?y1(A!o2vJC_lPW_dcvkp9*x>W(LxzW27EJf8$?*}3mT zvMe*>&9Ov)u}kyBu0V5{xee>nWJv|W{ntD=#gh?)vYb`oF6})5TaM5*g{?Dp8;CF) zaV536K&N0bb+Y%|Yx9oS0S~dQCe|l&3$g=tnnXFZz1NQW5UU-BS324D@&fx+Gv?wd z3$y1h477AO%`Sh+xN^qe*}>qzw+eT>$_{+l?_>}gF)n=2@&M9gUg=tkcK$QhQ{Tjc zIeT{9k@q;_!;bS=>|M0$k(O$9I|2nSeKAgt!CA;2t&qm3#6Mh0fAlg)@z~U4nb6!3 z-b9{*6?JVeF`i{mmkum3KdLTa$t!o6=!_6uAw>=?7G(uNsXarBpUJPnt0jHRk!4PnI%aL zc_Uuu7*h-XEre%@uO(b8J;nexw@9e<=aYBFuJmGl$75Nh3f%fU$dm9iqlP{s6m*6n zFx2s$janW!G^JeX@-=9&q3UfAi@vcgnLqC3)UtC&4%z-17WZmcv^hOlx`XA`?QERy zM`#WGC3M~mBEjjkF!YE%5s}8?7ERm(LpeNgdnQ*sI53FV#iW9Q!eg zd!ODq+_RqUbo<$VD~LhRbAFzRKNrHSqbpvlHQj-(*bENb<*st+v`x*0%u;Kq?HPlpcUUT~Z21PQa4VVJ(e`3NiCsjtw_i-WX zR5ZP{7G)^@;A7{hC&0;AE>6bKe)IPZY07Xm6nH41_S8xb?Kl$qt#knWsCDHgiY9ep zE(7LB^6q*_?Ni1tB=tC7BbVK`0lRx5Aw zglll&`@IDF6yF&F$0YF*r5r>2f zwY@?U;gFeSPT)hnV6A-F|Ar%dw;}$5&8`5v($_yRRw%RzYsF8{(#VC=>6#7;0#0eq zJ&ZaD{F#uMqiz(Su2jmz_?G8B6{#k-%TZ||OE`sn_I%-OB^&J_{Oy_lzA32PHr}9| z?SKmYx5afIfU;}?@Ks0-fI`J&d~3S^Q%;0DiOfz{P(`7{+$q7SCKKZX$;uu7f%}9T zaA4Xr<81;@7qq)6od^8mCyf4y!~Q3>d{`}eqjenyY{-U^#l#P&uMNQ7H}BIG0x=x? z7B;t0t#fnCKX5v43zsU*Qil(~>}Y<%8I+$f0wC6uo(4zDf7*6gp&ZJ1<6cM# z&2}7v!G*wQrv}&P>i`ZDzL1&5Y`s9FxvL`l>=0s6v&`qB7IvfS(@^Zc?u`8DE{^KE zYKmPiYTNiQ@zaFzZ?XIz_t=Ogf7?AuOI)ba&K&Fr7WL=<>&nm1>;{*RutAR@Oae`R zACv#w4Bm0~6)i4A;P>vnlv_U6JdC&TlH3sEH`qm|j=cLQ=%CSm5Dxz8(a4+mOMY!y zGSBuS-b?*)IFB{1Ia5Jz?LhZm^IsqpF8 z_qcX_JcJ4CejIv-c`X_HbMHIN)bek$`No`~gZ*@;i+ukY(_j#EjXJ(QaHob+B!^rL z_{*zWvF3w+E08)F4gYXOG%+CPN77OH*oK_E`4^=9oF~-}7FYyDHl z{{#!z9vH`8moj7@8Q=F;)(WS;0K~d8EUS>Hpx`DKvs%QYbCQ!;``wQ;zwi5aW<`@M z`%QmA0KaBVuM)Fl+y1qPN@unXGzgmhuwJv_8tC3x{H?@ICdV;;i0&O9r3n&Z7Z%?3 zHXUQ1D0GXyhCJW)iyI+ZfSBW2`+YIh< ztY?uhps4!W1~3euPdOB;p<1Y_c3Xe7&>)!KW~8F^AUqVxv2+VZ^{5;LU?kWvhakAY zDuU841aZ7l12WSHoj}i<2EW$NKsu~Np)nh1P?yBtL7aEo9nzshkO6Td$(?j?S%XUK z53!2~Z+ihD59O*#-kx*+MjQ+b48v&DAhgF9sWYr9RIZC!naDJWS{Z^hBgXsA5CBXt zK`77U2~xyT=`+u_Naim>eoApYwmsB`E%90(-`q#Eu53 zmW4#EEY$UL_8vc$egVC=YACo%p7*$qaii!^|E*7RW#Mm66S`spZ9c^eUHL_u8oK&< zw4DA|$!WDS-=UQeFVlnm?+uKbLiY|UWfENYMvJ(W7w&gF-33hQEN}IeeN|VT2KJoO zC3{6F5>&-PR|=n`D(m$#ez3`uz9W8}f1~`kqw14LF zKvbg@U;xHBPBOJ9&JS{FeC+5=pC@M*Pd;V^#$3E$7v^s32hkPrv<=_g>rYGT{t zoP3Y2^gcieAZn;r`NuVlU6-=F{p{kc%Kukh^9R`hxG6V@?%hxqAss&~>4s_U4#;ti1rfw)wvL3F-sC7AJ zth)Duhx`S$w~u7K8ON26$a~qW&>1)0u>34NR=y7S zV_4k{nVm)}i$an`W$kh+H~}@%dbz>VboFAA`zId$+71LY-9&h%VV1k`?3S}HsO(PSbdgi_c}fxOpk~4m9bM3!y~hu z%E{j>9X3KF+KhErNib^fEdKlhK*|$5S6N&=XhxupUvS2x)b}I(0S|BB-Na*g_T;0r7=`LID}U$Nm1Byc-(Qdlh`{I?cyaB zPX`XxrE@EZ(BScw90+W3)pq*z!r$Hv4n#dJs^tUfGP#Bo{uNQA zDylYFd>+0shu|`9e3H7KGQczzAw-?A+x5-uR?^y|R6`~?|}snThe^x^I_T1|{H zT?ey2oq5SI$3mR&;(ERgz@M0$2EY~i7E+qnMIR~k1L)T(nl~VdR9?nw@I5Tib#@vk*h` zwc!W!6=P4Xc+h~ciT)MKMf36*UD|K-FPlgo6Ea-o9ipoMQwMMXh-&3fF^wC5#W%L? z9YtTbi$8lrE&I7=@NEhs7`?1cmW=W~AC_uMm{*(ipKb2NqYP(Nwueg)(!rjNr_HP^G`e(OT z{y@obdUgwC4?$L`96W~AV^&S;0d!spcILT;GFsby_(sD(A$ayp93EvLtdUfMfCEa( zQUyGKXSRvWb(Oz-?&$~<6MOCi7*u-oUPa^cTCb3Cp*1o(!X2kp$!v`=ArD0jtyixS zJA#}~?zN9RB;=(H|6CfIt4cmXZY6|l1soa=>N0g^yE7Cree6~fGVOB==iSCI4?V{N zH?)F~bl1&_aRtZqiOvGIkB_%Rc@XU@=0>fLC!8c%I^5=& zNU%6&VLkB$btxN6F}+mGc7U37jO0n9Nb4*i2o@kK&EXyjrA{BSpE;WDq8)hrlD;Ax zv5UYZRtq*v_r7gNCSClTEMjjfM-U3v@Bf6!TC(DueN`TAAVoNSD~@QO_-Nqansp6= z4xW(efehu+=jG(vL@)LGW*61EA(Ef3y*=E|b>YKp88$6pF{6mot|+3G<<)pF$JdEo z%QTitJEH{Jo15$19dCp$WH(07+Vwb(T10cG8jrrMF7GQh)M^m*YHb@eE{&+@PNX6G zt%-zE9;I##){dN9e*D&$Zz$e(2d$CSU8`ZD~*0)_FA-3_cDOx zkH+9p3L{s&jupIaOlU}Cm0!>Ri>P!+?V%M@yP~KYA~_G?~c z)ff^xMaX#sz-lyZ$fa{HIXp7GG4N=!Fw^5t&-OzN8uu`~>`q7_(kROGez@uRAXH^cO@x!>46|Xo%VXR2H zrA1C8QLFuKj4>Q)UjZE%b#{#8iCc3OZY6)Tgb|oQ`a-qmu@zYd6W~lZ&8uQS`jTa& zSw3Q1&M%~Vk`=xS2|v72%rB&kR-1J)J=>g{mE(Ezem-23m=EveQaCK2cBTvchyon@ zm7@OJGPV;d39Gp;K#)d9(OZ**!d~i?7wLsdMB;ZrbC&t*-=+z9#X0fRq!BI}WI83h zFS}XUmR1KpS?%oQeAQU*X{v2hhg%J&Yw()%pUL_zph<3tk0H$QF@wuOl|l#GMerT> z=73V#C-AnX#~zqaAkcrxl5d5NZwJJ~Z;@Tb?5YunI?G$W`@=}7+hwg+64`2EPMrdm zm*)?t=?jZJ2$RfcYZ5qGhN63S5NVd73^aOTh`XSPD`QQDc$A15Cl>E}zvJ>nq=`m{ z#=@Dkh}A~-ZWfETxi|L*V$%RjK}YdbZ;2G#dQ;3HtOWd*<0awHXyedgHSp#Dv}v@r#j<$jUX6*=S%-3Km$&c9iyIY_KST?r?bgfN+WI zGEfFMSby^KJ^&u-Mvbj`a-Os$&5n3@+_SIsw`xt%_n70t;|>8}(%3L-?moeBp=qQh zEnGs+@=m;=ew52y@>~pbaTtNoZs9+JTMbj*2azj65mqw3x~LSXB}d~6T8Skd{(OMA zk4+z7xw!Pv1UTy4SeL3D5D>q<;aUxdK#hDuw3?vpt9?345Ac5sz&VmwzRoZ4uT&uE zo}}f%ChMCnw1@S0=NO5LitTuk>e=g_-WX%Tl3<)#W_tTsL>vM&h7(kC5w>}gh(W(Z z2BjquhP2f@gvG`tr=Hk*ct3=NB|B}KvI3V%$+7`~>b3VCv-r!nrfw^HGJkV^Beznf zy)%V4Xd=*emVca$F#o{%nv6IHRWZCR!%Y6rAkE{mCL^TmzkMMl_r3h-@eK}?eFOV; zVWXC?l^y_zS)qJJ0sM$H@b{T5jaHT)Zg}9+{jI|dbWBbV`u36%N+ub|Xf^|xtwUd0 z_<3GP*wDfs0ozZl1|Mij$tRq3=20?4%~)E;NiB7j)uWcK%J8RO0y4F4*yQ}zz}{Tk zi<&w;Ak0e6QQ<(F2Je0}D9IKy$IN;@M@s8D$QGJ!vy02;!HeElg@%X|uPO!V-J>y@het zuT7~jht8;jz1VdZ(5~6~yO8^q zyo!l-is_i1!ENxaqv>`uTydI!Bk7&>(>^%;v_X#(Tdk|1TSp(+crWr~;Q19B%>Z$k znQUppoClTRe9#w6@fUulrJ*<8*KuUY`Z5yDOT@O!*Y0Gv5yr{f@H1dw-moR@BJF-A zuzI}Oh$Zo`DrWI8kL{XpX1bY&G>_F|f%}YAOC>(c&tzgrI;W^V9SBlDzDuN&K07LM zLTc4%0h%N)zE0Wq?4+7$;;K^|)EKIkXB4ZHA3dhzV<}=Qb026_YQW}4*K>TyOpfm# zRxY7T*M2i$$Hv#f1Fz+^=Z{{ia|b3$nYSac9Iqu00xWTwmdNJ#jErhKsuPZ5>E0b# zi8U%6y>4E@w`KklaNs}};eY>@Of9Co{v4*fb9<5$^Vvn;%RF?Y)CK{cP7HAu{4Kma zgIks~73Mu@iGsWDmsyqL-}u-J_v)@TcYo&21AwJGivba0v&Fvv@k7CfVy1D)S=Ni^ z#ER6d3<;~DF&Rdh7-DHM{VOpD_vM{E(>HMb>`$>O`G~�CeJ?XuKjFRtjs>^mVzh z*;3>IOG*50DUYSHu7*ezJqh`)dsbJr^)q~$IrnWX4-~d5 zZE@TidlPVv8}C4?sPz{*EL&)n3qv^KrUcB;9m5@4Fdl1Gedu26=-H~j`3gqEzBwEI zuAPxX<%9uf^pqIggrp(u=O(~!d=mIVVM|iA6s!ck-|%K}D`8iMbdt@Q0n%MGeOFvi z6|g&KzpqE*W#8pSUE0q#r&aIB&`86EgL(*1vUG-t}O zc@EY-pHont7N)R3(4B7)AbxSrE&V{`_`P+@TIBdQr~(Re|Dm_NOF$s~Rg%KE_dNag z1?KNjj26j2u^#bT zzJ;yn8sz?Q_^=Y!0zXKJW3x5UeQNxpw+5A%ZkCdgC2tyN!EDV2K)m=h4*|6>Y_>9x z#GEuk9^V=`f@U7B+m^5BW*6G>B(_e-m-1}Y^B83$)kvB^&psbGr3>(08vyIlF zL%i(49;-8%n{e^({q;-kvvQ>0+mhFct#wP8`$#JtD(}%!+_l8zU+iG8h*k!zL+M%y z>Ps)_PPYL{HyQs2M@OKtUx)t2y&X%_av&zl^?Y>=`8Szu!0-^jWMDRCfFPE}Ka)cZ zQ2#Wq`JuQ5t-c0vKiiz)Z1S?upkK39I%)BrNgxfKH(>}j2aqMotl560Jgr8dcQDM|p6#KDNrTq^fZWn2V#KsJUX`pha$;JROR?W582bFLoRV~6FZbrKgPF9e4 zq6v_m75=Gy@^nll_rbkCIZ+?NUR@1=#4`jw`CG}<1GiAhEJaQuYM1$X_njwRVzVgz zFi-(3EUoC=By>%kvYU5qmsJJWZa&{121tN_1NxksrK+rhe^8K)2jcmuP1f{>ftf}_ z(zumPa?z>bYJXMBW%Q|blezqzoMg=~ue00Vh&yQSaG2{KA^anRe=Ol2cbJy@2NQsZ z{f`j-5yC$q65uZW5yC%0SgXv*e#sU9^n4&wa+< z>OK6yOmz&hD*y9pVFEoF|Cpm<=4DveH1MU&WGe_!iOdNyvduqRY#J>(QPm5t#jz?K zOGz%}EV~1c%S{gb4-qVt9&5z^8u|YR^zh(8rc}a2cR%Ut*h)!K41!32*Wq?mzSEm7 zpS=_0-72ISYM`ak2)J});K+V}GGLOA9>*yJL( z5mKO-QXlGcwzNjf{A!c4pUd~sP)o15KQm_MV#pE}6mJDIPyURC%yCpQ5c3|q%*RLj z*flBifsCfxDWy`w^2S=^3efd^fz!u<7p;4-_3to!T3&=H9Od?1cyIFh>9<#YHSxkE z)D2(hEhf3y*Wj3yE~Hc$zO4#y{(C9}*vdl%s4_x(Z>x`Mpo#kwA!c}St7&4O^SpX| zX6Za_hjTAN0K{HXRa(!;(abr`1+?3xQGdbS0{mi|$M>dxU*o5 zUv>y5sgfm&U7ONB-TfEp^djzSA!0GJmEx)br%o5bI1wD6xpEo_T-PaEx+)naC5x27 zpOW#_cJe}n6)JW^~$3K3WB!#FO!HLc%!&JgcKmlxN~ z3`tvB6A%X|s%EgXK4R(nNiHo=+_BCIODlWvBzlK8H(hHXOr|mbiHqdA9}F&#ts@LB zSqXb6?^VCIfqol^ESm`s^YNZHh~ZSA3cyy@9`rI-+nYA|UV~#$vT$6oTjel+Uo~#& zV_rUGgjhQT_eBA`7rpqMXK>m$M6)eJQo!s3dAugN0&r|!dTWr4qXL7k_8iTBbiA7y zEPPf<`&TT;yr4L9 zoeJQy_c@E*3CxLbl&0Dn&)B3OFBAc)IsjDBz;jLS6!P^@Zk6f2En1a1t3%@}#bTFR zkO~+k9r$nR*NStp5K$Gg_lmaZ8+g=30Llt&8r{CaY&jt6p~YvKS!Q~=x&9^bzM3!b zK_@4S2hg&~V7Hjkc@9{OmKN720 zu3wUN)9)+eO-eM*r7v!#2XX&K9C=&BrvDjJF&o7Ppp1hpQf_}Ou~3_JdgU}!!&h5( z?vani1bw4aV>18-dGBXyv5{Nh`DF(ktpVt%GanA@t2Vybna1)Nr@P;py(}i9m-cOLGw^|$s6sy58 zIUq9>-%tlg8nm-KUfp2QJ41Uk2fBs=YIDV|lv1S)P`EBiY2nZ!gERxH)j&e)6{9Co zvvktASz^OkMv+n}TL(TxO1qgMbTYkj^v>>@C`vl`m=j;ERq<&1h zoZOU4l?UW%rjz(A%-KPgMHOUZJano&7*=Ei=-T;itu&wmg)X z4)Gmoi2_ou?}Hy-Q~GwL5aL9WAf2?jUU_kO2g{Z$4ASQ@Rvx6pj83?y!Wcw+Nm>pw z8nOo@ZHYePhkuj1`k0d-m)^v0X+?n7o!04l$}g&!GZD~X0+WIA`D$yjMAgJf>v-tl zmPmBcxP^~2i`X6kirC-u)md_Z<__CIXL>7Oi|u20%wuGlcP)}QHci4g4 zOK?1{j^<&d%K?0=7c)dIlYonF7r%vPe#NV+c=a$840@eic2mQ9XGzAa5FAee#lM){ zk|KRHw~>noGP*UMhV-IYVsA({+!N+a7Kws{L70_{IgFWRy+uJSJzy#sLsc_MHEPEo zNK=qn9G$}@?hhgHmb240@>@ zrEw()!8Z^YDKI%~8|(q}g@{8mvF7xG^h(MH7_`GICjnj=5LmlrUy;?k^yzEFyC^{Z z>iQnZ*W#mM&>`NS(N3Z^x*T|#z|dZZHzC4`kG_G*gJAS^`G{4r@9`qlFP#B_m=?#S z`pNBMe&fHbWWET#h!MxQ0k*41(4}g^e%6eFxBMQ^hEq3oj7&vX?Ctl*FEebL6vI6j~oz+xyQ~E zRC}^LD9fgZWkil!c4Ii$Ywk&r* zmdemIp0xqKD$eP~$rUK*hM@;NeCgR~B;74v<|ay;Sw{w)>s*%{PM+6l{DMcy)-ko`<#rFAZLH%&F+8 zrtU}Z0-_@LwS{ZM&?UVL%E`7}1hHJCHyX{*P!NTm=7h0=^h8jEnpn@XK-}?>tEaa{ z4|L{BnLHL#i3ZkQSP&+pPfZy0@k3oq;3c^*xx2@Olvz9c!7>X!MYgJAY4<=ye2pHM zb6sTBt0MDSTCD@mjA;_>@mK&lb;K^7B;Mr&8I%lkA&)bq(v8NF+lFbGT`q%ZMPUAX zv-SIx^&=`DDr zOOJY(rT_CPG?EQ`we=D|ft{~)0cpnM_=0~aI0UQ7K@WuNDDL|YP2pPmzqnT2dd{+{XbnjLdjJ%WI@LObZpC=74!7yVcHt3nyR9;W%OsJDB z{QmxRLtT6HTH=vQKj4EC(HNmxu3Es33U6w&w&TeO<5IflQtKQRkJf!4&iLZ@Z|ecq z>5VM*u*;?n^xA*Sr89L)A(q6x=@X>$bOY8&RxK3IP|M*mhajdQRytrr0)!eyT}b5D znX;i)Q|GZT;%p3*Qm;Y9TQ7VBb~@%>FXTD1g20PRV$Z6=b<-Q8CHx!WALR?^DxQ*R zev`PiM*z~DDbDpq*I5PP)`ArIAc$88-blO4CyrKKjJ8wUsQ5{Pwo+GmAb+GOj6?tO z8tNB-TFw{0mylPKIkYP;PC^QmGiRL1_}c6=r2N{J$t>>Ru!6q1gpYLZXk(xiMN78m z3-#1)1QiUW%u#V2;qN@DgWwf#T=8D3)=p${wsb?uUD{%jcJENX{cCRW$-p@z^*A0T zpk|OlrGUx9qv8hfsu;@|06jSC^mEtNc9-egw;>m)sx3m@ZuIvw)lF zDH7b>gK6d<6<6>fwqV5uS2pJkh{jcK;ieVF2CFRDlG1vnzR9KjJ-po$*a<^Ax8g6< zD5E1Da(g~$%iyErQlY0~9^@D!JOrBad5sswtt=R+5HJ-z2IEkZ{S6(_I%IUvb2&vS zY}7@69X;54iYV!eF|;p*kJeBQ0uItl8!NwRs(+=1A(}s1r}&}kR4131&x}7}_`+d_ z+F}m4B6;mBtETn+Eb8^6#)ZR_BlUaP@TmDQ#qNa~eE_8gW?S#{0+x2H*?R(it<0MB zP!O;a*6kB3#dyzneF+6P3(a`A@G|3C#5Nu#KK_E~1S%26*_4)S=HA=bCZHKzZAD$A zk{~KnuZy1#i@+-nV7_Sn+-mzY)BMKD`OUUw60MFt>0ju5(12|3Z~|Ehj-o&0cg~K>C+yN zfLAHkxO01kxp$rw}3YGHuF1B zcUd6GXQ9)Lc<^o#gm?Dpr~kv=n?^O6ZEK@JQAAV<5hRt-F?PA z-;X=S{^8(99C_Ef)@+{VnRBjyK!!87_2ory8y6&7b#}aUcBIYp$m|>a*`Z1_2o!7S za)pt$vOHxaO!CIm?-W0wbLL{&p45ZA3xgLcX*!;{t1mT0OJK~(iSXG(u-H^=rs(D8 zARVcsOto{tW7k%JYR*#nn+vJs7Y$TX%Nq08Z^6#LC^`~9X86gIe*Kkda@k;g&e{*i zCou3v$2E?>^rgQi>CHi@lg9NJe>>ns4m~k_bsr5`m#)9(m(ws-?aqzYBdRVeIFTmH zIjzc0SO)s-<`}ejYSAQ->3N4g_lXOeMy$jLHlZcH`XJD)-tf6@SZrP%D{36-fVp9+ z6r~Lwzp&)O0p!WXZ{OB^xHYLhH)<+-h`DA^U++DsMU7t!5=%8y8Tg>iL%X3xP%I%iF<-yu1a>VB;H6(EDGLH;k}T|NLj!$3OAT6BH_GJdY;t&lq0Dwp>?Ti})v8&{Hq_;ixyNwu ziDczdI;2Ml&&>uSDF$K%(3w5dhC#B+=8e7NP>tK+{UXDABRwKj&~JB4XC>^|Ji--T ziAHUxtfqeLhYb@KEiPY{o{dvUH#*tSy9%^yZ~WQkPK2iR$iBhZFLYU#x4{a~H}}EL z{@DRH+0@Rt?zwN^xIDO#r(aII_etqvQ_9V4OF_A@xW>FCll#RT;d6CR>a>s@dn4R* zPip1v1s$BdrQjGasNot#%oZ{lChtd0PxsrepIlI5^)%5lRZ;DvWbPJi3Vx! zmD-lA7<<>($+qO(Q~;e^zqEi%jxYUiKo}EnFY0+;Dv&`ilBU50px7M%dzce@A3Y&z zJj`y(q*6OfXFh0+E(itzFClf>q3AfqQ(chuW6(7zY+btdW6MayE+SVSW zm(P_z>XW6<%Z~ey@0P&~*9|QLZQKHJymfxI~r1F+JO~-Y0JZ zC1CfF19_S)o|3w-5?n13^Z=(t`K9Oaed#RU+jEyv z7A0tTo$KbSO`1^59B*A#+yP3MNKIG_`fUXe9s8cl)TF<8Q*9hhwS038272(wUB$EY zHtYVbkAY#Q6+m|C8y-hfuavsHec$lA5+qv(B z0$QGXRq-|AiTDG}IgxUHPm&i1gzZbB&hBIlWvr;(>VsXLRt9r;M^s9v&?vI%9w-V=98L^o%Mh=SB)#6!y8TL@Iq0}@=# zX$m)WpZ5xS_b)r{9QmAQRCJT?exNLTvFo2BL>T$aUxR{|d zubc%5d4|=+C1R-Z@5CmDqc)qcuI`}U)H7L+#NKE6k@1Ly+lX7v4~mpQ<1L%DT(!UX znil3jse5Ju6hX&9D6{(nlExLq*GZG61J5rUBMtcVHiLd!Ig}HY%P;1%6ow4CKmPg) zc@-$Dk(JJhqONcM(5AUz$%f2{4d+1PTc3Jk`pag256-3lnHy=ANSeF&x0Y>`DcC$U zdYxzm0%hG;9qF@k5na}QBg~!MsRBH88@e)UrMc;@XzFiU_D?QKxPA5__26!4E7V~Q z#SHwcJnve+6wjRs->^Q%_by)wB>lJ9m>k9P*;oZoR&rad54gG!BH7TVeEJ|Z=<+K- z=&3PpciEjW3yrs2iNwhqd$mBfb_WOeK8jbC#~=HV+`hY?-pXbWXx@na*k0Iq2l#*X4Z4mKm1* zjI7d^)VN;av^KmrH(5o(h}`BgZVa5j*{6G+!A>)yRn*>eKA+u${@7p$?0s;n9Ise( z7WCkTiJtwQx34M7-gR!6atZ^q6%c)2(N%qMi#{SR_sYt%zIl!7yRRV}CxO@4$HQbM z+f<^fjei8h@20P+d=>=a47Q=5ZEx0wag_X4IGWs0Ezr{GGJaJulotMIQG!?V^W#kS z@Wu5&>W46c^*8vHrLOG{T?G0y`N#X{xP=o8-e`i(Jdry2h33GkEt5l#!DXqsNpw|U zJxNc!*}mtEHJ~%QsZpHx;ZWil9oSIY)Q&OadH4=KV7=`>kH6t zDuiKX<=%*?dt3cei^W%gFS?6BIR$l_51P$Cbo+xKzAf#0!*I?4*K034z7J4d(1us#IEZM*)z=EhYl>W~>zEPvS*cT+n#h zktpS}$d8JkhJB)E>hu$zE7!3+AD0{e#O;LJQHYJ6H}f9-L??d<)Ts&A3^Z%Mr)!NN z9cRF>fh6hG7R@kE2JTp%w|4Vhvdf{2gngjppw*8%t@`6b7mL4JZFQysyJIK`n;*q!kO==N(?&VaZUvV)UzM8!*~54=+uHb_edH2n35f7pN5oY8BEUL-Gb9oe z=dDz9d`rSK3Ow@;7HhjGW5$+LzdQW)+YKZh-kUv?Tz4@NtvZ z+F2YSTiA!7Ko63`T*KQGZKf;DsQ< zOUWAk{eS!6YtRnBy4>Uq^y<%$;^8)z?9*q&fGe(H9=pgZ33LhM-8E1E6}PlY0JE64dBUy*9Xe)zZa1O8 z)Z^`}7U=j@+%)}>#y^2vjlUS@PiOwqIN#Bg=Ixft*7)PVmA)VNA|f+uOJX8bRZf5~=SRb<$v zzo$7rn8sP~95FQ^##I)lj9Q)DbRaO+>-#`Ka(r4_Vj|~U-^S-I;Otp%Z#kdznt{nbIfbms`K=dPBs1; z4%gI{ZQ(f2M~*LA**tJFqUuSMgAxyr&$Ryw)?aq%&<6gaPA6TT|5cC=y~WXZCa^vZ z10}Q%B2yr3nnu6REdywvi!|_;(?)UJE|cMJy;ciqjBdr~RQt`-poZ%_qxruz_MS^~ zdbkULkER9urGR?$J{$gxvk-K0$9HXney^!*lj8zl^NNLmuBr13#`B`$>k6RwvN@Cf zMzR3lR{w=XT{bxO(Uu$IuB7?DN}n`1u}(wC6>XaHR`pkU+&ZhJ_|S!AU6y21Zj}OX ztz2E_e~2pcMDsirx8UrIc>W`~Y`!>SF~QZHnE`!Qb!vni=Ff_S2U6!ZFGTL8zJ8u| zK@1c^iNDf}UAU1i0a2^CMXd8r{1oue$)*b5FK=r9p_=@EB&Kik9wbZ`Q^jC;eG`*1 z3r3fv?a?#*n@z4|72eYxLl`1s|yF?|_{{bo*xnWOSQfvT4N3oi<1pAVK50+nejqN07#|GS}K zZ>jw^0?a=-Zz}eF6Zd#1ss|$l&yDzQ_uNOD!(wD}Rkq>L6fRqer7Y~uOS>2+reS93 zRIz9-4IHbTi{V1&-t5HmYR<7b*;HXNnEdEaz5ppxF)dpMtbJ1QmcY-Rh-#LV$!Z(%v`*$CI|x#dbg}14`Ws`yfCpiADXrAoJnZf5+mNi_Z=rQy6WUuZKGC z7TL^>X3N7_mYLMI8zZP?&Y@otu}<^@AJ5FnbT%A_z4SrPC1`@TWW%l4b_Ni2a7;}< z)Z8uXyA*v1cJ6bTVqq}{b!IAyr#p=(Y_5jiIN}$hI&`0?k0N?VOH=e6>4&3Z1aw^R znJ5ZOusNN}C=1Gk?G!L)i{~VbCP$9GgyrtBVUP@;UalS?yqx!PM~7X0^Zv#R{98@t ze|px#i{YWGz{NdCOBtH12zroc;uxZ`;mAz14S8>pIr9MyFo`%+4?{$sv9h~#=c1?E zgL@{^(vCg+Fx-`a{*)(u+q2n7B69D76VF{JWJDuD`K-%Z-qi1jE5B6JZOH3SCBsam z^CIG6$5ho+D3IX33AMfpt^ZxfF!cX-!tf85@$`n37r*h<{sNU-?4W7_8ED^uld}ye zPu?$~W_^~g!!}!qCJ8_QGbWiC&?7}bB$8Ja4n?_!% zRxGaOK$}f(*iWWIS2o{64lu1hsb%as5QO%7?y?@a2vEr`8+=guKma1`xa9BC$!)WL zM*>_k*#ZO{LZPXLc9*bX<*NmuH~E(GY%$~R!*MAPh5dHS%Hot!S$8$=?R^eY!>>F( zjn??2-i53(-tvy_b>kn0^Xq-0=LNUHfaG(@ok3M9Zf8zhG!h@6-tX_L)U&>&y7eI&R-7}eOcQO_MXLrS z-B}amS_0MP2}olj8`_8LHn{XH7k3;d(Pa+Cy|ONOqI|q352UadcG9903e8l;-VW3eEE7!b|d8o_t-S%`lxDeAqt+J@A|HUo7RW zH}y=v@;yfp>s$jbKHk&^HfSG%QVYNipJ1+azT1OzXssLzRhHSS`exS0VrC`|;Re&| z5uH`4vhs18M@AQo*?e3u%Td%Pj5`Y37b--2jX(2Ny=ezcTE*p7E%?8=r(x$su5;bj zB0_gTS6)hsMn+bKpJBVmCK@NRetCJdY>%?D@5;oll4m=^ot;Dk6Y}%$52Pdd@EalV z8xhPS)UXYqVp6L|)JJW|o#VAF>+c<65Q(}Ee`S)xg>t`j{uJ~rYyG5d0qo+R2KY!< zgqy`T-PW5Z8ZD=MmU040r*5Zp$Ioqdi4jJkQpU-$;#)AnFgC|!Z=(Q9$2qWPB6^~& zAg$hGOk-x%%{v;^CREzZ{cQ}LoY@YS2h%ohW5$aRQB?)+=aHPE7!;=gq&mOspXzXi zy7ht!$G7_}{)YP(DzU@%eg6(9-{WusfKw&HtH#=0g!Kw;`>gKV)96#YoICpB&Z5$l z8aiOnegxsPm78D36PKFdl{E4d6Mi7OnR=DzC0}U)*i#|@$P83lgj9^*dt^g;|MuB>wD(|_j3_Rtgi)qMb)7Gr^4#cy)3;!O zBvpGeey(~mK60OY!3hY{9fk5>#_O78$6oTcU=o}D#ZGu0-1WKa^oLXyCtuCpIIN2u z?fFIj!m_?21KFQF?IlPOwF+aKqIl0EEjta%TZ2X>RhPn}vwr7ydZj!Gjyv^OGS?)m zF6{jf`9PNm`9BH^|I=XnDsV4ik?c`b5qsxdE~mr)B`)X41`i1JTJMdefh+G`VXB?Q zB#qJU-nmp2{?uir8CB=E%FRRoyV+R@9p#V5#4dQS3Hu`DtL9Pp_Vi83vEVw3FDttD z2#sSZRPjZ>d|W4Cs@vF|^T$?l`R?|Ye|4TcczF0A7^4B4W54h!lnv%^w)4KOU}~P? z#kOU{r^!+E2hxbacN32F3s~(qch%+Q_a*b=njla*wH>_r%d!)PYsFl`h_h7jGS&GoiY%F3j zZLT-9*-vNGutoj?8!1O9t2+YU5IPn3j3Tm(eb~jE)v-T77&Z)NuNM1E4B8v99P|lj zzB8pfe&0X#+aF^bXY{p|3pw?Y-yPYVb+^F?HNfBV>~2+q9>d<_J=&28)dJ`7-WmOV zyss2diNs{<4|!$qUXcf(v;i7v4`!e6n`fqft{ZZ1>Jf>9^);kEWs3 zkZ&*F=~m}R_hsPD|DP45KVyZ%f;pTB*Xuiu^l|&|3uqsl4+5mGlyYP=Vtl&>#d$qH zdz=SB?6DIYZJLcen#w;ozFxWKqd#Is+BIidk-n`lt6Jn+w4^w8L!+NwN3sU-5FvNoLx zK=ttt9=@(YtgN(|KH^i7zU`EKnnMgJCDY66+}yHD2Kol1d3wwOTlxbf+GZ6ODIjZS_ z1Jrj8IR;irB9dA*7d+woec0!E`odE@BSe$MNYXRcu)qURDj zjteht(p>_EtFQ^Zh^Vn6$q;_9X=Fe_<1WAgswm^b(m-U0o|crTzE?*8FZ!%G+Z2%5 zul$gx>PtfG=6ZRQb&Q7M^C?%l>vf!%lhMog-c&dky*QH>N=3Mav-Ps_k<&7JnU-f{ za@s?CJ@hr8`fIRcQeo04g+u63A8r509~1wk8s|va{>fp(cbaqDUct5LYPc-bY-GiW z=0$mD_K12yMcchSxQKNRnr(-gZjOiVncxgN^WoO{vq(Iz0gddhq(>Y%NB!>z$$Zk8XmU1@hk{6X7=J}iI& zwf#RBwZ4|&?0iw(++AF&TXcILn(I(+dI&v%D`{^`79YHHQl6e#HqKPOEBn>r;Z6g2Z;IQ$Y(@NVjLUgmQ=ZD)ygFC?@#TO+3|6yRkTZlkBUST@g)`c3O(zeRZ!w zvnyA|zP-v%boU819k@La_vP-8%_;sNhq6x6Yv(DbaD+5-XO`d$II4HK{sYVwzR7He z#p2>d^;oIgy5Q#-8%YCgkX^bhkwooh8NCmv2c18Xi(2Js#i?V1DfSB(g{AxX5Cr=Q zA12^9AJO+5jq&|fbODUMw+(gF_p|UAt-TLSGR9_B&QRWsImjx8&8cnpKj;uc#~Iq8 zQS>X}Mr3dV{0wqZ@DT-Mws%&i%RjxG3U~X!sk~5wJ>nbrtjO%Udk!m~^`=uVJh{+( z;Bab_YVW4@ch-0GhKZyJZCb$DL{^(csb$IO(;o;`9Z!S%!VlmtVbHUyAqFoxJ)WUI zUEEnxi^*b>3Xz+yj7)__U zWAwEWi-886)P(8Sr<&yTAAWVVp;)YjX)(8X^UWHZ*5|@i4z3Y6b9sj>oNo+gbYdXMfUNd2m6@sIU`WMwSLmr&!}C)4=I&l$!A$YUDX4es*1;u=GR9I<_`Ofm z$$9(0K9Lr#p5gl(^AMS-|0%>_aEdn!KV}x~n>3nO&7>AnHGz;n@oRy)_F7~4=BjX; zQ^}`{50u?JFrza{D@*mmuJ1OF&Z;FUuT&h-pT8 zf&pvnfbU)Tn5AIvR;?|e@frq*(clYa~^0972U3* zou_1_=qs-t4Q=iq?~~y(Fk{TGZ*}(<_3s^)cU<@?JAsJ2qePgDydWPF#Q@h91pcP9 zPBe^M59#HwtTeo6FRD7ahMZAj(H{QADs{w!@4>`>B1fhdI4}Zz!+m7mt;D&#Vwzi; zxXCxXC*Jbw(p^pOT@+q3fYy$gD6LWMPq68~(TF;;%-ig;msPORnUtB);&1fHkj{Rl z_?jX$3$uFWj6zR9)3?%ccE(p*^lB`#yLw;*{e<`8r<@t+l3M<$J^ZVt_e7&dHkWgT1( z>4C1m7X!DSb-BHqvwsGuqo`%;eCtkO^5ph=RkB+@ zOa}-=jPe`)kml!WXzqS>aLq%*`HybnT~llm-ja%)qQiTK?RuH*k!NJq0ZQ${O13v6 zhDteRJ>o?gVTkv4z0h>lbi@ws?h$FxAV5n$QnP&CHC`|>9Q)rSnWzNOL*>HB+RAU*S%d9<{j?7 zfywR58l%R*w(5r{ z8zc>E>h%vhh>and^J%2Vnt*@M3IqN2bIPtiSQto*B|{#Z|Rh2A9R zEom*jFGvV2u|!R!W8ccpl@td-p9lG;@SuWwJmxJ?GMzwp^%J;zM(P;XX6hO2N+UbMUPo!R@@D>TwvO{gWY zc){E2DU%GVw2OuGcRiCF2g}Ov)aHsHH;q-xWUT3NL8NcIKD}WRI(ZwHM5f6`w?V)I z0s^-;+KMG&@e$DucLKlkXXIb_r7@FIe6hjnJN8E`!)3LU-(J2ZvXteeANYo#xH9D% z>g6-($*tY{R->Lz6vVkjmehqq4v%cxANxy_aFiuBe|Z!XY5|^Gl781>wQt!H)JFM; zHW}p6aA3LqIk8(H!VIX^ap)#+az+9%3z2)4ncG*J7U>nR#Re z%q;v-d2o#HW(SxW+H`u9kDd4BCBQZ)A_ekUd+m>y3UZYa7=yJGSumj8R1pY zXFZ7hnj{FOw!;nLkT$`|vf|FL67kt*o&yC^KiKh5peGS|%hNKpKp9G*(3T@rFXgkG zd`)>t!}fxTn&@tva1T>-ikC!)=A+p}nmit&uU9L)DZP&NnX$O^$&Vx%X_ybQq!(@k zv6lzEfg6y$a5^ealuYCXc%Gi`DeVu2%?V)zz!cr&f%^HND+*hHdrP8(u5$}Ye`)bX zv0d$kKW?EqlNsT<+{4*NYa7e%AD_Hr$yVvU~liI?*+f?l~^ z1bXX|S`_?l+|`aXE1q_wY8Iy4;qQr}m+uxL^ao|R^r|P@FPuIdHG0%H?EUpZ?%*}| zkmiQ$%u$-!kC2X6KI=QaPH7Xqh!=3lC;_r49UnZvt8g?yDio5hja!boTffjKy8V&A zfy2!YufBBzEUw)0${|1NAZ1_l9K`;yn=z_)#YqU)oov?DBbqy#M_7|2ZjS>!UPCwj zHjf}8w-xT5PJV(wPzT%rc;qQgbudWCQ!_MkYcRXC4rGaL9iQ??N zMQJxE6SET+bSuLBi-{~jVc;EQ`B3S%mT46Rj=x8!Zx7?{JHG?@iyXzZR%TW|@&5Kp znD@Ro(=tdReW)nk+#G1k^%Mw1KpDV{xwg7Xe3XQCd#quRXChxp~42Z}JZMC>;SxRbBZy-~L(lu?43sA?@k`_*QRMNu8pOQU8Bf@rJJl(BR5deF?GqBmIO zaE>PxYL;A8J{qbnmQ`~!7}jDxJO`bO`=goshijHE-=O=snnxtsFN5;2T%gcm^QA^8H+F!lf zcf_9ShI7eY+UW1V9ritMyDLiI{*9js^XJO~cQ5!y6=OE&tL%3bM98~(iG^{-F+u3p z&#m3)Mx!v3uGLLlE!OC5x0$YAvhZU_RkYnHvsRh|W^o+$qnhq88AaD@j!!T?Xw$O|Bi+T)w8PO&E|&YhlX0L( z_Rx4H_A}yPbYy>^Ql@Di|2D~soXMolAcyL_k26fqW`ym@YNUCqP@Q3DxA3?v;=O0r%S;7`4 zhkF7Y@xX|x1+7J6qV3AjZBcy(S~nG+-!Z-Vt!?1eC3!S@eTddp8_$wPQjt?MWvnp0 zueNRRBG-hmuh!lwbKCDsH?cd{mzUi*h#E_ZNy+jKXs#7!o$nFCxpiU$y(+h3RnN7w z-042E{L*O0B>W1T(5yUquK4>vKrH~k*4Vc1!YZ~LruB;&7VduX8REd&%Y7iO%pwhq ziVQrUhhrZa=DU@$P~l0el3_|!fo*dO-_K;+GE|q8Rj*})I>Cs$7j`Hr7W~K_qe|6; zf3ZLEaOakSE8mej$_IR7IFs(-k5A_c+p{P`BZb4&Ozy0MQ{0>n-$`RXT^OI~JkHD4 zD=EqFFAY&^H0+K$MZe!=3)`>nA=e%egAnqk!GuHb<=vNg>|2sNTj*d#SSH(jQDw@Y z1MGpj+;a?#Xv^M;67yl7mdFc5A4N0|+(D8#4Mya57r9l{m-u z6X4}uVms&jEXUe5VOg(2v3UpGx$gS>r~~a#x#^awL(f~CyynD3!;%V_d$*5x%6Y{b(3;||d2f^t zP^cFgasQkrXRIz%ZqGH#FWRKNpS&G=fO^=8a(@cT1Lq~t-iwKcW9=%Z2K) zD+i2!%n39+NbpQvE4pYt(KKk^#(sRzzmUa#v3V2zYr$}<#Vfz-kty$edu1;LQz`hY zSk+UZTL(wB48;v?#@#4=Ul%g;D^u5bV)nWSDta!tP$`@vqTb|6jLWu+G1LofzUbpk zJKH9Z*heIahc_d|F6&feK^mz^h=zDiwd=~EL!v^5QCU)9QE&9jqlfa$7GO*w5h*Og zaGa5Q@XcJm7>geT^R5-(clTX=hctWQ_l6YehSmNyHh747pSK-s@-$CiVR!AAdv|z4 z9AxX-6eV;6s^-&*mE^=>2YehJpZAV4)g3tciq*O9x;=^XP~9 zOw6xV{*uhIJ0Llo<3F~ye=>cuEZ)03a%G71?cIwLl{8To*qjg5*1m}9ZMux7Ul)mN zx~x}HA}VvucQCG1BUH&(-{*?Xw~oBMEF^}rFX1u*!y7}65@HzIokJ`8N#NV z%r`W6{|*oS%k!B};h*ZG0*ckSqkLA{aHeQ`V6(Iowqkm{k+U3Vl-6 z+4~LM!#Cwd(evMBck6DVycNb-oRM3@-y}Z#UIMFh#^v;1yq2=$HI$$BwRpMtnrw%S z1QA67T*qJ{beg!CD@vaT)_IZFF_?qyv^C9NeVUx$e>Li`@KF`r#s<-$NwD>J-g=NB zD99hkv6pF6_cE?6ZB%t|gT(6g?402uDBWj)mZ`!4ETd-lq(FxbW$Md^n%Hk}3kRbBMkc&vS<{jk6vhhBp6YAez z`9vikKfBUGkrAi;{Tcd!Q|TnzMb4aMDeOv7X7RJTM&LL6P=4&y?7Q+ChS8MmKcpuk z09eV~Jt7*%Y*MH&oIP)5-&=Do!F4tT%BQi?F5M_}Xn)H~Tk&FQe@;wnh{M-PSP=t; zn=Kr-Ue{bKlD_!bN^>4iX0&v_V?EkT7Dpw0nsqp3_&#nJj$_KBLq#@UR3%;6^`3L~ z>Ocp?FTlURgL&}%fgS?)eKwryO`RFpKB7L$*mm<7;nT{}DFma*gr&P5>}j@CEt2tY zmeldf=+_`bbL|wP&XA5z=ZHE;=uyeJ@MYG{+=*SILSg%GoCo^%t8}=Y^x?xF{)hwo zaUvrAO5xLQH6q=pk!sCZ2SxbkuAv7e4&9F@i5XYYc*rY;<-|y8GggIq?U?ZQF#qVr z;@C{*=3i}k%L4EeAvg95?L}MMbe(YI=a`urF!H+URXS(TrTplm7JRS6skJ@<_#4M! zrAC)w`D2C3O#q1`m)4coDAgwy7#S4C1nn-6)Msv{Zn9S`aqW*<4$q0Qb1RT^WDRB>LK*?5xDjhY<~(J;K5GR@Y%E z9xKm;dm9lSTY7MI$FI+3Z)m=%>aH7!_?msA2~t@VeueG`0GK!RUA3WO544dZp7ijI zKl~QzF`Zbq|5?&hmIptVSATQd)&E^N&%l`mG0E?^%T4rYBaz?+l;cmyP3}>Rxgx*z zJ+osKeuKnk)6m%%6If#;3+zqP6{hi4MQj`zZHbC!aWCh1pY90qe`bnWQEq;1-}b*G zWDmieH07x#31W==g|vZel>n{vI9QpcLOHPD84fPwRgFA(5M zQa|(FKbmjlx0P37bK+@Nr{3Jp>^pnNlXH|~o#NE~DeTtrVIuS@&6*HCULPf%2_EUgQ+!}-RS6VI+<_;H1jG9D|kHX}(Sr90dREtN>+;ZP1??Ii9&N_;+ zp$73-a?i*JI4p$@@BJ{7`BSO>?&?JYgZ7^hIU-Mvq(SO2M6MAYa~3*W&*gvCdkn=} z>V*>0sOI4_K0^_jU=!Jz6bYV8Z8m0D(0ik^93$^$Ia(wp6;?bx5lE5|mip4^-SJJv z-_i76^KVa~^6RB8XP$Mtp1H94)LRw9=O>mhuVgHIY;E7-u}{q8iyGTwTo2h;C(+ZY z+RpaY_*O4Es!J~|Q%ZOmEUyTtR!`a%aVS8pC0f>MC@K6cfe*TuLEZQO}_-OSYy_2<|`?mRTgyn5WgB*eT&6uB1L*{U}?d& zUY|sVW}5nxEy?6dqT8)2)@9Xt-Kzo{ch*r|3J4)eIZ{^2t3kQHsrZ>XZ z`KR=?vTfhD+3}+D3q$x%Wk)g*+ znRDbcBv#EWe~MB@9VP+4Zu-d+wYJOQgM4_DWLdYALgyiGw^3a z^jp@%E`ubWw(QN$MEPZ}{Gs^* zrOY#2HA!!7OJ%08w;>c2&}%&+W{hY3oH;(QYftKKK)1Co?^Eg7?f9GOX^6sOqhFbe zrUNT}j+a*e$5h-wbVjh*z99a9knxLmYq36L5-r3gm{DORx*%HeSS;~C&BtFom zEIKAQk-4_&);Qdp?H!OL7W*ZBsx1nd@R=sCNps-*EO!Qpl^3V}Ae*n_~~j+>nJ#r@&{d5!rBhh(wEyozm?>;eXzE&Z0#o9k6(}7-fz(qiypVRQ06qY+K^=gcm z`u0W3uH0)|d6Y_zo?`dXkhovAnp(x8SkG$~KJ*qsJVXO;4)-WnxG%C;$W|Ot*cqOu zl<1^bqoLESVj`(1diWbBDZ%@r(QNWb=(uYQ#kz9oaEylv9)Y^Bm_HZ9DaVGYo}j<~ zd7T1^J0skF5$ohWw7%%sTuLdsKD4B<1?9Bv*rUp4nodF!Zlvt1mVJ+h#9kjP@p(PN zLHTYo(tROlDfbiB;%^4s3P5=_!UG2fcwRqPAk?CZ!r!pjVBQzbE_~}5gD7xC-r8|w-J2=MwE8fkj6LAahu7R^O)IB0=>q+a==Dc=RxEF zQ?9`Eh?a}4G%AwEW*ce_p>37Tw4oI)iA2{Yt?HA6(9MH*lb4;kj94X zE{lf#kt>uNrDJoUk0&ti_f-ZdRZu?06DHf`zUm0cnfkH%SiASwaQC5KO^@MhwaeOv zO?yNJDMTisVV6#kdZe~Yh9~XGQ}Ukv{VLNv`Nj(V93BN97qdb=V6dr@hidbB%=gQJ zvi>AwAP~@1Jb#PGUEtD{t3WS6{Q2R{kkqDyp>H*n7N~|qXDH!cSuYt7#wD1I8%(zE zIuRZ2x6i}zfa=Va{O1zFw>-}1)beKc=@3;Wf2Gb*dHZjL?l z)ESzyjosy~@VP3%C}r_@;K`r!2$V=!{KLXmI6q?4z7~Rs5&)-ECz^J=zo^;%E z7rs$@vK;47d5ZT!^-En4<%QL;MAMh-qUDdqW_78gVXuaoAAJWj;XU3}<3ali2uFX@ z&Zm-2T5czZQQpM78KK)>?Q<`AyM)PyK0>KZM`aGDhS^;34X5At%Man(kv!x$X&}Gc z5YfzCm<Fd?j47JMwo+A3NhM~20 z_{J#sv%KvU$;3I^9XspNu0$UQfK>ZEC%_M;iIHiciX{Ho?6Ag2c=MzF(!}xDEBgFq zWFF;3@8HGx=7%vs4&Bzhj@Lncp5~?Xr;b5SHJCX2)IVi?%&>1HsxQDMQ)fC>NU`yP zdBhV5??$1RJRj9DUH;U48aUD#Q`UWLMN=13>#2G)EQsR?t4x_ffL$!obSid&(O0U= zqal8xXhkaPr(K(G%31VE;i;xCDXJVZ?0+Hr(F^2YkDaC5zA2vYYPnHoZRfhukYhvJ zFwXeW8ASC}0JLt-ANyE;-B`ZC$63k7jZ2Ve*>h0qkquX}3flHoqnukJJrTRvTuF6` zIsIHP8lebuu2H79hr#W%e<&J1ZlwXHI0{|?ce9+FFQe6lB7sZlo~8m#RH}zVAMZ+E z{fuC6+iK0$g5goi=9`5E4`6vJ#JJ9;#jP@#$w{Ls*SL4DOo#dICB+>EZMSzW_E7ko zyVsx-4A%aQ5sl9oTph?87og0(89{1hHs@Y`uKRPCZaUMSR)4xG?D3)%$vdlqOHdbAP+Po)4JPkd}X!|;-&d(qAKoJF3c|KsYr`u^Cs22zU;Hdj>T~uh?e`pH*ll4Q5no1*T{_O;bwFd^HNi`Xyq@Zc|o(u&Zf!&rs!IW^{->hSr%6q<09p zQ61r-U3=!_&mbKibP%jpOC#q`#r8V~R39DMSG|*Q#>gEf+zzQ2KBzElg*Rm^7E3Z6 zI(TzckMmpI5NK4JJ0oH!A;cM97__Hs=qtw@U~}K(MNSZ=mM&6}&q1Qfyvpi&3;wCk z%Qs)tG9j?R2ghl-qtvcB2;wszaHh(#*$kcpCizP0Y}7prA*Brs3m<&)Y`1fcL*ZZs zcC2rLF2jkvJqBqL{%}e4n!LaiB^Le3tBfWe07n1Ojtf3^>Amw>+dP4}eH)inOi>vt zz(C@O_&qbW{gR=Ph%(GVjD93Sz9w_bHWCI;_2Z353j|f&-mx;4^@VVBmCNc#DKeO4 zbChfR`TJcw1*r-5KT_f}RmXq5g8g_{^DK+cYPnfZ=A#*>eL*U>5zDQPVc^O3KD4N! z2cMqT)A&=&hXUavR3`o=Tz73&HCDN0sAXGeTcB~1U0$yL@KQ!`quGm^Y`2}7;3VKi z%hB(}-l*9&CPq%H?lQj$j6Eex0Bx(Ecq#E+bVl$l5- zW~RT{pL&M_Cz+h@a$gk6sFO8L!+GO@sHk^^ms-qbc7j`;bN*98yv!^(S5yQdT{VFOzlUq%#E(;8J0e*ykJn z(D~;m4RqN5!`XXBCBgpT!!66Qw5ho(E6tgbdzGbFmZKawsnjUqtLl45gq(KPSf3-ows3}>(EQM z)41c=uL(B}lN;dH_lZ8;clrWjp){j#Bt?$h-0Hs^iJ@4{S);PL(nT$_N7&#F=mevR zTwLgwPXL?R+JlDB?-@<}7WP2M^Z~7fFOH|{;Q<2RH;J9F-+J)7*`++_HoXsfaH))TzK`&WyWc(KYp0R z$VUL0BBUSV`;CFc)zW`<*PM;%9}@En`#`sb_!?^AQbKW9Q0)nh#9-Z{p>C~lBV&#P z(jDO>P;p;%e8un-v`Y68V>oB}&V02vYlJ=nm8Y#1<^sy9E8MpSS6}ZR4(%Jq4N(?g{9wP^98@?Mj7pgF z?)Fyg8-Kb<)z)n;DsEXR=jh5ejh+6C=m<@V2UIDGvu&+AEasbAcR0xJl40G%!}u;) zZXJ`$4=LE@X7TCVHdwE6sKhIUB~ka>foxX`)|>5dutJ`7|G(TwdJ`q|I-U{)1^jkO8&&tOjq#llo<}jzwy$~p3T@^WC^Ozm z!n@EO_*eCPPozj0=Pum`wPKo zf=s_?f2@%KvD`@Na`FB?8-wr=Z-S*41z?MN+t(6BC!8zieQVU424A&S*Xh3e?q%LY zwo5D`KT+xp^|9nzS+!VOY#a+^xkx-_I4Z|gW?*tqtkB||`ZWW>DZDMI17J=g{Xwi~ z>ac6DHT6jdZ#(v6Y2rwKFtOI{-S%a2ZTN^gX_tKf?mfL7HDU$q4AN1c(ybut+^AfS zi#@%rJ7H)!X>GK!81@GtyA)zS>VG+|j047EWSEui?48t3;Y_{SYk*MAz(3ehb682T zdIYGTTQsrAvi(#S(8DO>D?Q8tXC`ew;~bu|?3Q>qad3KeZe0Y^n4*q{P)AmSVLE(k zr`<3k>9A4Z+>j=KM?Az`)3^P|UxW4 zn_<3PJgjThB24T9Es^wdQJo{xjApb#J#uY)v5G3>KDWn{Ln+uEd+qMK$s3 z!*s<~Hv&Y8a!|Qy{#6+19=t8KDc5r~L z&o$EDsw!^&;IYi!;}6-2i_1s%>X}%`hvP>qJsVQ|^Fdm9_=@A6NdvAIJGh1l_U(0e zAAGl@V;a78x0pPHh!wTyFehYF6vla;o`^5Yx3{^~K|Ins_0%Oa{_dY0_fTNUp4eHJ z3#Y5@E8Htyu$HTx9x{}oJHldf{F+Ns47bhty+~$%tERM|tx{DkX+?1|_l$P8oF5{C zQyb1Z=69tg#%aIlF>Uv)JK${jbAf|;0}blp8?I5Xo10R+XAY5+H zH;@_Hn&3duy3SG=0fr^VL^q_elrAkQEbPPbH6wlc7?BU2aDPHs13zTsNCtDm1#*g| zh1;8Km4Oh(fEj5uUwnJTXI0}TLwqCh^oy0cq6%UDwb~KCvbnMHGP=z=t~UB1=8!d~ zvfnn^71&Q@EonSTu8tUxVp*VTPEe9uGQR6U2T3vc7$0%-ruZ@1Sc-;tEWWpW68yof zGsi8qxqs6VFR|(i;<#qCd<6E{^G*3nBQ; z1-=)u8X*oV5BH5WP%{4F5jp+0cOrRsNJ!YC_S0;LF14<3ZONnw*q9pc@ROL|#q<-WAe|oO64kM)fxru&s-r936Mg z_gRhRU7iX@Zwy@2DDO%rh~$^B&|vMFWTGJl`5sI^I<|J{W7M1gvo*ba?D znZEg--Y0W_^OSAZ)YaZ&w6~C=OD!^GcEK$AiVr}7QY-VQaw<>*L9Xvwrbz<*S|3v* zKDgw1!seCsoFyKsK-hC_L!0=RmZJFh-UO$J%oM1c4b;rvh$DzO;kH`Q-|f=;+7CXp zE*3dZRB`}!^`U)Y0eR^drLT-KA3`6S-}_V7#@W;xaJx6;62mk4$tO~cZN2-|i=m_s zOG2TtOKhE=mYVTdrNVc7og9{WwaC5&-zqIDvT&+4S5%p`@}aMui;voTDxzMPeYRX+ z?*V^W=3fO@@EZ>Fq=+Q{$_Wc?574A~GsUz&bO@d^Q#!;> zOef;L$46<`RNc-gB|eIe*OpGT{l~b`1AbcU$Lz%GFgt1ERsy_-bkO@i9PS-s24+9X6T>3pt2|VxWPWsT|aQKbPTi+pv zB9$1i&-8xlHQgJeI|{EpsD$mQXr3!}1vy9T=|@sK9#DK1SY?NI8`m&E7FmA1R)(G>!e+k*7|h8By5})ve#kkDFpO4?4$*Sf-}L(js{Ef; zmj$yNuS=8U|FHGkgci?t_K%srw-Mp&4tSIpUI6f+AhQMG2)(VvROXMF>?;t@&z2#+ zA4_f4pT_Q61@O7#Q@Q6YiNISoobyAL+rurqv{gO@eXQ7X&JvnMtATy{tj~9HPx>ny zZB0N7IozNs5C1AqQG3lIvws0Re&M^|A8r3HPvGz!2;n3ugY`){_>ZbS&=r0E3M=c4D4POhY1*>9NHRDcM)>0n=i=@}!f)WjJMH zdfe3aN4P`afgc&V$l}q;Dv>ce@LohI6l)_GNQ?^1TC~ z>z28seF@Dakgare85J$7tJ1~6kit@ES>3X00oBmBfcYJ#dqp+=11~*?nI$8!D3(CZ zkg?Uikxp2%$>7)$|I1IdnX_21Wvtuz7eMp37bimWH<_h8U&(m~E<)|qyPgNyNc?)J zTaKB>(swnXTp=sy55pnu#oOM9o%K8XgjTsz1GC4_!;DM#2y)OBXv(#U)l!{{kbeI9 z>6mN9E&t_|4+wegnn$}X7U+x)J~&EW3$h4{bNZJ#iWrcwugEsCeGGpvr1JJ@{&kj+ zgNJKG%%E`Ti7=7{*ZBj zN+iGOdLa~jq<8Il?A)gG_%C?c!S?wRR1`E?(Jk;axQP>emeI z{2)IChyMOX4J#HwV}-0GX^*CJi3yH=PhTkg9maW6Cx?C8e1B5&f6v#aIr+M5Bcx+> zArX2w5?j;y;2$#JfDKT*Yl^khV?17vf<)M-MJZkIUU-B1`{%d+UV(WB=<>j!^$iw{>NH{%y@(rBN?_q6H&Px-?Zg2RIjg$g-!1F1Ed zwPIC=)~o$jUaJdXLO2^V|27$xp>Ag0SN|jP-ZDFKO!LYSLz>c&-XKA)yih{k4X*xe zTr;(CWzo{TtG1t;)TsCmup@fY8VB-joJFEM>@GGHxUSGEGbTsszrWC7oX^eyU#CAD zu;2pF9`E8T7kusq^H1xn+Z-8gDRX1U(RC#1n-c76K-iOjo)V6 z%MX`2qbPyaphDcri4Ox-{YnoNuwq|}b5z{rzFE+2msM#!#1iukZ3AxR?{KL3vkRcCc%L@3JeNyv-CZswW3s^_opN7Y3}8qvgq)exM{bL0|XCOmP}u& zd1dLak9}!PZ96lp95+ju;d@fnq`9_kSd9RgtGHR|`cG=_)6FGof?c6=-?T;b8RL*O zjs%x;mra+PEr`~kT7`e?Z#iyz)3Ij0nr1tVCjZ!D8*(^XhplzUwF$wvBvx$eeXF84 zKR1{t%|>Qx1n}V%^ILUW^M*Y%Eg3J=yFkNsH;$*@XorTB5HpQlYiMA5jOQrY_5!r5 zFnKH)`5LsYAv#<$h9gX8JaMtJ!Vz*fgk;?2iy@nD5&Uwqvkv0e*@fEtp^y8!4g02I zRlyiG5kAB3jo4XCd! zeu7g0dPAhLMI*j03i#72;BTJv;!#sZRSI{oIxaa+KIYaNN4tuq;Gi3$`FMd&3t*k` z_fS-B5oM;c;xd~&0H!?k)fjA7)wgtB^u4ZY?!O|o5VLL_QXQwJOJz^5k|l;imM-*y z?cpGOyw{*Dd(_2qQXuVq6x>$3$?R9soy)7crc+i?Vjz4qblp6)&|H3G(xoik^L!_A zNoj-{lf3UoDgxRNZK}xuG7YO%mA7$}7Z*1I@F1oZ2uFMxKQvLz$yhCG$p~|2>`P*! zgdxs?AZaS@DT)WQaNx>u!bd&)H)0^Bt>u5ZJhD1DLbKC-;ZB5aV*8wOMPnttK4 z*5`nQVP7HAx_z^*RmzMXg0NcKDs>zAJgPoBz_u5s8I2J1P6&)!G`VxFw-t;X>E`eC zUGgsHNNw=FKAHs@xF3Yur+z8StPgdBcUYu*D)?R1xa&E?OwJdk)jU zr6l>}L|&n%dFT7n3Pie7?M$CR$$8;t>lz{V%A!F;?t!BdjA>fr#vEPr9l5wx(T$_C zm9%-Pm2836YE7&*ql*RA#YraH4|Bh3cd^0>b7a0N<5BAJ7E=w}kvJDJp`#ZMy_71_ zTY}fc<}fJ-aF*^LemDZ3?yzNt#%n?xCQ}G^cK&|Npmt9eeAP&E`Jn4NVon-1wpyvK zLkX!AReQo_F31VQHR_r-|g)9%}`WPUS44dLs8|Q?YNKc(_UQe-yC)d=Y?K ztK|Gc35D%j<~EPk1y;v@F8=hgR0>$;C}In$&b=S!>zD4*{VaUmp^rmn6=I8FPvwwh zH}hO;;zqM6GMGj;j!^l;Z8xucL{O5ZZw}`{LJO(Y;w$@UJ8A%!C&am@l2z^B{$Gyu z&`Afus=-K4RB_8pe~tK~!440im47AMM(LB_uXye~*m3u?icOP(xFx9k#wylAWapNV ziyWEb=2Hkd_9wQ=OlkD5mpl#oTHQu;VjS8w96&cpKVZawJknHLw)%`2ySQOlaoYE> z3(GMfUVS@9*!1f?fz`mb1-@N{OUWC(U@^Qk7oI1bw~r{cwp%+K_OR?flIMRqM_%}} zZObQR&J2#uhZi3UkmWW^<|_FVa(7&w|EVJ&p<|Tk=IWirTvk|o&0LSN~DZvj%2}>XeUw%I6DYb`MkV+3$qVb)u*lJ z?AgZb5R7^1`dyB+=YPMXfXijl#oT}F#?%uO^x&(I41K!((JNKknBTn+~aj*(MI6mUV%_8X@@zG-{P4t@6Fw+U#~>y@RAx@th|?u@4Hha zAYZKYJR#mfn5ZketYA0y;}JRxO56EzhM6nHEB60$z*=&i0ec<$)1Qkt&-r6$jhcH>k=zN;_ z<7JO>lU?o}R!ZSGknKH>)@Hm!b2GoiiH9>A>!h4y!y_JqEhGILH4OgZ}dgk!@VJeN3P3IQPJjQ{NhJ@LhZpIlf!#UUA;L zU^k5n%8Zts>$kRgSiClNV&2(X^62-o$Acn6-P9vaG`_x|Cw53}hvR;!iHGe+wirpi zR2?N2k`WsN!)QkS6G`kUTcf59B_mUoU&`oA*isICimMr0JD|rMa8cXBv>2)s>&Dt) zI26SzvEX%^cz>5a`TPOO8NZ{K-Gl147R57;drQ9)D_T^>jz(BR!rWn*@1;jUC_kU|{z)oAq_#r?2ar59aYh zvqbT0yU!0MuhjC?i64*jQti3HMIVst{?=#m;0sIYyPm6Tx+GV|fj)}~fhYATF>b8f zorWj3%nH4=T{!~HYKY@}$(cXDBqQg+c1A0hX;txO+vKz3f2dXhygig!M1GHg59JG$cP(2@+vQ(6s(;?O2@ zi+W+g73k4|%H?1ZhRKln1nr3%5w8X2?Q6M#FG#BZpFApCTCVUmQ(&?gtlTZ0Z;Ju0 znobS=?W7(#8p)C*W7WxfSc4>3bCOQJ&$$g{6=m2NkSXJgcvgrshCRs+8G)qJi!qu| zdvoD;6yU0t@pLI`t}raiwTIPpQF@RrFgMGz=o$Kvfy)zp$JU>V&&CPbW|+MuTqA-j zPY2Tf2!`LiI*4Sty&!CM7*j9-+c5pPu3(7b!GFY_s1=~=PF-W#XXE(H4=_J zzJ4NLZ54Q9TgUP#ow@KiAoua1eRT5+=;h{frSwC`4(J66N!YSKY(2R9JkRmkM>{gL z9b-B1Gs+jiZ?KhH)V_Gl@B1*9G-*Pge zn4gZTOHyFgX6|>OPp9f%P<^+KTw*X*yL)4oHueX{x#A2NNbupQ!0y$QqNggb3)OGm z+CNq3J0voseJ0M4dt7d4R;|?T#g_7qk!cA&U3*$g9pYprC(Y@Y*tGKfd&tt9kM`@S zHKy`+{2=P?lA90coB6yS7F)ww&pEU8-r7NUz-NX;(=_kdx+?eiNCi~96iW4NA(X*GmyX|T8h>n$N*W`!jWG|dl z+roPq!1j>)dbrQ!%QXikn18%`|E9ygWgWnoSR0xzV#;SIifD~IPga-D9wv^ zzw;jAO452)Hi(<|pC=Txf24jGw(-BSbL9Sv#&3OLE)RZQf6wE;({BI)8#KRvL(J~^ z1-6u81aielTT8X;!zVyu)^;{xA7uGG9CJHEYhGa`+CAUOzTnutzVxm4r~;mcwQ{u% zOO1uMG6j$0GxoG}2}y0_KAG|yL zT~*RHccWblKH`nXzTvNK537rFlhk|lQLmvFMGftXE3Xhggp$z?u-3)nF(078mRIk4K;g*I;i9l=% z%V$Uxu&6##iW$3(#ii|P%IWsBy?y?5_vdxG99brg{gR|n@>)Bg{(wP z9#xB1Pa%t|@+r+n`yQj^A_8y;5HHLZ1MQi`-IV`pF&$8x(30Z<#Rj%yUk;DhBD<+vT0P*trld8x7^0UzP6d%`i)F22#4 z-~}&OROwz7&WQr#_Wtk!Ur2H~8gtwZeah;yW%$G0MrX&)n{q@o;#9$Eh-ij4+1;KT zrH4zOlscacyYJ2ez|E!pt*S&27Gf4Ih_;WFhC7Cm-tgR!Npr}KY3(M7wX{utl5f}$ z>3v7>{_K-_0$2iHAY%rUEr6{iMrR*fK}K8!d+Q5RBU1-+V((X&36BnCA|U$_3r^69VN;VM zJ+APp61KWq4<3)qRV<~$g^q2e*?L<}9|q`C;~eR5+YW&HBg~r{u6&W0jV}C=z6!R~V$%`S zdxrDj=Uul)QA9?2OlVxyi~=%&1|VKQ`!%lI%Ak7(>DhNQ0h(CX(L*VEEl92OjQ4vX znKA{fA7`n_r@>}nXQywPVoE*l`iW80*J8el-%eLehxfm^M-WIbx-yWsa!32~=iygB z)UXR5V%G{%QX(G>NP!>g3fpfLPs>a1Ty*_*Hv4wzq^m5iyo)S!VNBq6R$UtxkR*#H z>zv7Pn5$`gsQF!jD#Eue-RYn`ErL|V0@hDe{dxAY=%t8sPta24zG|mvmyBtit8aF- zRA!IFU>9i3ok1^sD>8OD!=C7{ABG#~d{86Mh^ zuBSbU94|k1<{r_FXa(;c!BJ-7i&h2DxWHKF!@*5Mf>I|&?;rj$MV`qR{d+!XIzn)~ zJEVb1@)Rhqz_*@>!LYlk?t3t@w9_2qZ`1TJ#fK(l9|&De=#*64Gc^D0KWNn^U}@Q z-xE2zr631GK?x_DG?MnTJbAItA=rC~0eU>wA_&diUTJ5jB{5pH__N9TKX2xt(ty0^+$kx($deP4Rjs`PN!SjD_RUhW=pg~@wP>%z13 zV3(v#v|X1zs!_;uRyGM+hS@3KJEe^!w`KOhMJjBZ+8>kO1ad zzXs!wsi(T|^?PVIrOG~|a{7k*xB0z)CQ99&exnQL0bbbG?{IQ$j_2kMx3%_91A?$^ zH;j~IFV1f$8*tQsso<1d#bvs7+TdwuqpNIAnRAi*(#C?-AZ*q#TLMmyTjPuNe%te$RzgdA>Zo4PDWmb9`=zC8#8s{oPWjOiZ1uN$h^%RSw-@-(eAE@M^bY*{O3cw4E=Md%o;6+z)tlHvNz!WI8LJV2xmr%8tj1gn-?qE>uS#NTjvo)5VCQOiHaJ5xOGF)rKvOdTI9|H zh-=0H(VaUj!OdIKKHOj(oJtB&1Af%zWyI8L{VeWtnXuJp$2+^5b-(i4m!b0jX*#xD z2i}<&goO#gHF}zL3e;nKLNYzQ-lwmrjFdm%*VWyeDVJ&S?{{R*8ikH^!IFfB%2aZapYelzp#0!49cxMwZK!c*izivfaT7eN2ha$A1kHc$>7i07IY)mH?a`Zi)z;69UkT zqb94>{ZHdkf?O^?4vD?f8oUP&*};$jGm|;xQU0bgJ8S#L z?xXphdBr={Jl(0zVzu&deSo(A(VJl&W9|W>Ph%uyOCi8WgK$$(I-_3QFD>tpNV|I!a|ThsBYcE7qJR!*K~?Qz5B}+%idYt$3K0?*UT+e ze_L$m%Wy-lJ5oqY&!?_s?~(;}dQfvLSfDrxbN)}H#gq5BSJW1;V1K!2)ni*jwi%4i zs%qQ?HR9#k`eqJk*#MEo<65d(efWHf>+0TYY<*vNJ6`a2#3GYv_6AB(+t8j zVj*LY&%|8To|Z`8|DG-hps|S?-@G~|P7(FllTOHUS7_ zB!o5dHy%B(;#Mq0*!O!Dh0a6$g_Uf*PcsGII`3e^o}D_a`=PWetc$s}40GF{B8GiM1kZg0CyA~BerOf? z^og*?vNqe_5FNY1d~Z{pb3!IUk|LguY%eiSg8LoHD?ZRhwn2o7;aqF!v_V0n63k2& zv)LwZR4i>N)KQ7_E8oDj<5bVHG~ZZBStX2!v$S_K{bS%;*w+CsuD;`BM4FR-;Cf&5 zxqt4)HC>qb$lj2FPm9SM3D+ZyTW{43HsUwX=fduZQB%JknX#iBg@oCIq0G}OQn)$~ zr4}H)$Q8OTx2%UZ3q{N5ADeZ_apUWKx2$O395>L}I;DLF2VnC5Rj-P+9`x|MWXMNK z@4YEEI7Gq;vU`it{SBC|NjdKOUEPsy5UR_FZbR@#d(R#Tt^LYf>9^hf0FsCjEY&X8 zJES*AP3~v{v>5v`z1>h&5n~wVUK*Qo53Ra_YGxd;7mI$4nSN zwcNt~DOp@U0ubb5@@cZ{bVJ<)5Na2eyq7YKRa|tqAm~6Wn;25~&Ren+)5pBfBPeWN z;H#eC9aK^m4sC$3{Qm+KeaF>z9k-wD1HIe6avabJiL0UZxt&va)QFl^svRXgtuK0~ zmVQAnSRAR;p3ZOame?vuKW2a58ndV${ zeB+fQ0z469PXSR(M?8FFTpDVpOCd$Dl&fsqwbFqd)I%p}GmYk~*r@5?vzMB!QV<@z ziKD6u7F87?OtkX2)hKBcyZ^9-q{bbD?#(!adyqjmt8S|8LyU`&=$_XkzDnTa^{K(? zKcIxQ>A6y`IGkk~HG40gGo4E)_FA9o2M<4&w6xY&N^Mct?wGyw=Tiz~!-4fia*?b3 zc6i(QM-)#sjf4o|w z9-TU9%t<8!9kJ4c_oL6_aZ&En>8*uz%JvR zu(Wv9@>dNnzB0V~CD9Gpqyb}Qoij)wCvBRdg5Kvb{A}6=6mLC1SU>$2X5O{cu4+c( zZR>pz&0$GabExia`lz99;RW>gvcl*V`pU=#chlwH^P8}j{4}c8&65?tf&XXw+XLQ6 zw)iK-exnR~Or+JX@1{)l`Ee5Wo2N9BJ}0&KCpHYhBHfZWwbX6> zLxAhUOh9%#zV)`Q+GxD9+Tf=|!umc$QOPJK{V(VyR83yL$lA5dFy2cR!d&$xZHv1` z-BldxJ%u^vFYL?#laIU~?~rI>^wx5DI79O_b&`}NSIWw{<@Hl1Hwh%EFb^q0$f+83ho|J-D6{?X>K~nK|uHA)d&pFjs4Ly zxHqZG=6IKJO_7!q1>OgL$}32=wUfy+Nf+}Ay8d_-sf2gBxwF{Hz9oo*HSB236iZJL z$lI>0d;KwVYTzJet!Fd2tB8o-aSA!ybAPB-A@AZ7+ZBEfJKq?@qtP-8Y<<@H&&h%a$T?)7 zRJuI}7R{ zT-xJ1G?6ixuY$ZbcEE#{OnX7T1b1m~ls5=+AQiOrU4u^aJsWm-9Dz&6i=Hab35aSG zr3ylM{+dl2x9p}qebOmpkc+7i0!qLK5|3kER|5EI+#asN`*)I}-g#?u9Z%DY+%VQw z%PF|hRITO8`??tz<7CaQCvDs*2ieMsUN2g!29J{s@@Nd59M9Xo83kgg-?y|#kX4J3lK!NdX{+gGxWl8+q9r#() zOjm7ds2#_VYV~i$gVy<)a5Lpm@J+8Y0b^jE-N5$*Z)RzkIYW*UJ+2HRS4|@&BR^5n zvd|?@ae5%DX#I3MPwmKu(llLZ1Dw=Gv(A5$H`9`*iKgo36k9qnvrJ{x6+|_R!yBKG zzpS?`+=4lkcXkgphlrfQDW!L2D<$vEymRhpO{{v<-iVQaTIzITXVSh99SP!LRKV@% zbEi zvh`c5b5&>Jd0R7IsRI*xJ zSba=QnvxpylZK;ZDU3A5_~k9_huDFe5$ikb?h)zMd1XWE3p?`&LE52l|3F^}vud{e z{pr9l)Lq^AD}%%Rfv!juFYQ}=9J?utmO*G+EKQ1N*Ao3sIrdFWjW{QW(m|y&H=27Y z$O1|FAWl1*kC|9n|IUwyR%4g6fQ2uOP9%$rrl8=gai%*-uq1tS+n-boM)7<-x*LGH zsuU~<_LHAo7Xp-rfERtvvWwi0lI(JgL_9Ffqyx$D?(J_I>so!w71ZyXY_0UPp7TN7 z_si_*TpQ(ZB#X#6B|XTv7DMhgra5bOPnBd(9C&|`U|ZS+?`rNz>ALT#ah_4rfEQ^h zjm~2a=_ES7B~&5;lC@g>n5~J#qg)y|vaZ-$A_Ry}mIhA=LJO#CJ2;7`Q3$xL1I9z# zrEnar^M-K_*gi4YH=@qx75`FA6P;Im_vgT8aQCj50M^5cBA7k^Adc!!mN?}ws;{zj zX)(-Q#cSvUN83oU#*N2b#3PS1%cdvlQvS;PLg!S5gxa4dha|4WNDQHPozv>l|)~G42MAv{; zzqio!X4FqysM;%rC$2;r8R`sZ-sv4}UM{1CNRN{mY)Pb-Ure`&t_%(L+Me)sVKsmN4TN`ybZ=HEu&Vzg%#$Op7^>R5|ML^50GLm_j(X;FD(x~9@ zC3`F-t_*Ir67jElfn1GH0%nQgA;;Wd18o4i&Yh$iQ_U!|$22L{o)SN)2b>%V&R9B- zwwE%?8Mi#zQ^g;6)fpBm5YIBVEFC~*6xF`g9ULP!hxTQ3R{d=T-TQp3hTJ%LAPsIy zc%h=*^hvgj9ixI&%vY3xN@yDn!U^4^tz>?)N(Bfg(ZYX03J1GZ+GCQvc*b5GFo#5u zJ>M{fl*yq89#Tf9jrAPI+@jTsVu{EIzMBL7qTThk;xIlVST%w?lFLpSTgi>HtUDiOyF&79@kK6C zez)n>PD?Q;vD`31pH~|1&{|CW|F|+kDnT9(jkzV&uO-<(7T)W(xJO;>jhBAF1GNt| zDrZeJY~;nk&kLL9Q3HLV(jKPKu=5Xu&B(bKy0P4N-l;ie1bxEl;t+t0uQt^jh;*`_ zM&_q^Oy@aZpF3k>TGlLo7YZG#k z^GbHKjscv*kipm=OSk`kP&cnii<>^-akNxVg-CLbt_VI`VLcildB#Y4e9`4&TXNL4ZmOs|!a}_cGSDi#koubL_3&6*#B$*@y%!>ONA9}pzZ8TBCYN=YYMCrGV?g%Ltas zE=UNFrHiu4n>!kLwwsq6GOqGAxn=j@zuPAISv)MhzF4K(@~!AM3gF|ua3$N@Xkbv+ zvYpK?0VCQ@=i#9*TEl7Q1+7lEa`>~%2bz)Qy9SAo(JxbW9XLrch zck-&nFc3OPRd5O;!AJ?ERrliinw<4XqEr2?ver{MrDPk@W98v`b)z2Ci^Va)ZJl&{ z7obz*bA}PL{wCGIU9V)DrC)bkxu@frpz~vN&dGD|lx_|sDX(-j z0EjQEh2g&nu5orwn=BDS}ACDM7q{GB5y{ z0OD-x8Yl9fsy?9WYx*MDlyM2_(GB@Cv#PSN|0m*vbIr`(bkYWBJ&>jk7 zF{MNlz#MHxR(p{I7hrw9=Dgd7BWV`j+R9e%{;B|4X*!cueIk%N1HzZsYxcy~LM3k- z_5|E~f^zvHg%cte$E)S1=U@Vo!ciK=pxpvv#OYv{_o6*SyE4J?P1xZdGM+$9W4;?x z+&yLUI9^UqVlLPOafq z1zv}dP+mGm;PJ0X@l}86ygc_l_nJHI9QW}pc!*v^Y5(y|<)eeV2~%XT_8B1)2Nhk*MUHy6eyacdZ^0Gj5VrjhohKL8`xDDf&v$-T!QVwDKZ$ zKgv|i_#sZCVF4Nj!OrDCT*=J9C$022Cmld=PHWz5Pgs{=&tN&LhWdd|B!=AV zuf`fE=D~{>60h3E4>Vv5e~Ui$*K-dr?>KqROdfKs{Y!6fnuFT^k7gV5x{0f%NbMp< z<*ugPElRYP-Si1};t&^9bQ%;W+tSlQJw~BULt@oN};)WeTi`=0Zg(ab-Z-efn?rDK)l;a zkFf>hX{bZ>?Fl-;Il;*7jBF-iprl6}UHA?>!Td38M=SWJZqBo5wJV`Nnl?#k*qxrU zoZ8*bp^V%~)~I$9ZP{V0k49Ux@2l1_+zW{mhg>sj`^JiN1}>BMW2)=`i{mi)wf!Lg zxe=)Ok14dyQNH7r0yVw%FVC)C>Th^zrInF?Z0e%6hSS z`TXGRB}L5N1XjB_l9B%=u$f=a%D;AhBz&XHFX}j6AEKY|1g7sss=xEn_ z+f7q})MM!p44TGTgXp%DEQTOO#pYZ38KYID%!sq_iiRVjjlbD2KE4Z2JF}xzULfzE zL}4ek#dUigiL^*vbtVIdWY-RTxLB!I*UM;4QUt$VJTfI0G%l zdSi@zg0Rz|+<+vf9)D&hIT{i6-G4)9`|O5CKz@50e3k=fGGgwHUYA_tO!faH-Kq$E zX}Cr2bUwv~K8`b0`9oT}EVTVeP+|YOw$^qKfHQ&n#>h~f#7}x{V1-y4DM4N)g5kcC zs{d$bZO)7czx7qvhS&huO|T5LfmGGV0XxUr5`p5^oU4}7G zNjz6I$!VzikX5qal1NW-3#ihTp4$DiHW_cdi!rnsYG-Y2(r^5?h$^=)KON8`COwoE z;)kXd{ncY~Sm*iwmN)5U-o|p36?v6-C)G(cYxVJRd)@A;co^hR!rh{@V-9pN)n03+ zVkd2k6UGI^y+65szX>~R`DG=ErVjNN39Em?1h65iyZWr)hf5E<9=a%7G8><3?$5jy zUH7EnS}ZK^K4ry6BU0nmX_G0!(&C#Kicv)cdtiGpKI>QjvQj0)k3HRSAcAYy_s2FN zf&P3k`#2isb?)U0Kfz?XG{o3S|DL8U+2Qw&Vm;cCL1vOz4uuSkE-jRx`TJLWiY zBxg0W`bB(aZKdC>JC)bup9Cc|Wz<0dKRLHBv7R#_yw48Bof@e4`f@MjR9f9(fJXBq zY0*)~7_ZRWCi2E-`M&6rqWB|z)4FA%<&t1#!zw>juq4Cyw5)H{Kh!kadrlcwX}nc< zhcOW69%DB08wACTvC7=@ltq(>Qx`~6%BZ?r1gOlYeirRYGP6&hM4^LJfp^<|A)0NkB54F|4u@sXeE24qGZXw zj&Pz1lQu74|B57uE9AKyIOzf2;Kge>j3 zdWx&XUIz9NzbNw-&o`L;U=mb1hdrl0+$YD8hfdf*$vsU~tM`W{8_#wWs8Gd%2lUtJA$7C9aPEf6Pm0zp9QXw-VohOQM8SjXeixgVwNAFc6U%uAv_@)9gVRWjWt#;EZ zi8kJx*2=9-lkjWqRx$74Q+W2U+#6see9M7Kp$)ad&aIdBgN{;_8YAmNE@d5ksXESV zs&C^4AYU#jg6XSzLLp34zUgs^uN0tuXY4r)g@9{rRk_N`<=1ZX z$H+8uWYYVpZ!fgO2drzuLNCL*0hsur zjT7=ZN?Yi>DoLUa6GvocHfvQ^Qp)>htkNNTfC%)%&7H*1VpBsU(@GV0U+J%h>hoxV zHcWZU5fD�e;lNLLo(O+u8cw*e_btxUvOPn+`841!B znxN+STv!XnFp&T}Y%cQtJu=efvH#M%$V=#RO4S49CeOL~oI&=X-HokB3J&UczQ~lF zZ9+{nRCL!f5%_+DFaTU)U1Re$@x}c`jo#QJCLc~ylHx2(w4z<{{n4zlHa6#NS-~#D zP=f+GDUedNY@0+7x$s~QxY+A!hD@ZpL%GIR*D6>DKFrhg%tqDb?b;{o{3Ks?Tq4c})Dcs-oy1fjdxJ#R#fkj2iw@px+gZ`72&g<} zVMd&!RM9}i`{ch6!$c%WMyPm&t8K`tXIzhNk$qs5#SwgI>EVxhD@*r$@$t}16Y5JF zer<*{ol(7pDPn{Ck_*fh-~d*5-96Z!rNbU}mrIIP3xGF3viOIiv6hGf53RcgxJS%N z_kY&W(F^N@m;qcLGe#(adPK~4qE+_8G-c`OLwyoeaH+`@Znu;X+`R!H7qfz;#j5ND z4A0S&f@o~2{aCU=>|w}gU5y5?9WeEoO94y%1s*YDJX6t^y#^s#xRvqy@qeK_I52}b z9OdaPr=2*=Ogf!~`rARJc51XyE{)O|432qgit6!@Q%UcXMr6-&CLAgWPd~N!7;!B#PNunwa5AE%$FP4%xZk&Ep- z3qkGEaZQnuB~lh9QP%tq?45WVFX+qi&lwM!t%(BTdcgODt|#O4S17n=xbV4D-A`=% z3k#1UU7#*YyEdX}^tl~|H{Gk^vog5&LzWwYuQ8&*itm8wtJoIhn1*zU4bL_)Y{>-< zq!o=d%Db5(1){G63SL1b%_kP`D$E9{0E7dV--|QWlB)8PNo98S=*j@Sty^*hE_OWr zz?0u^VoA+!<%RThQKf;4&@kbRcu6tc=0Z!~DZK``M0#`jO)=P3rFXB94`x=?Vt&PW z3MftvA)3ysPOBjaW~tw|oap7uSLFxuM-(i&zZ}w5D;(Bzn_nFmIFH{qG%|R^zFcjh z(rN+|9Z9t5>9ubPwYBtx%SL8J#+?U?hGFQFeR3o(BKQ0p_)K#G#y=I|hI6n>HuKhm z@XgKr=rVoe`I#Kk)v5gVLS6oAedU{}LqYKX{6G0AyQ$71FDS9aCbz1Sg zpuXCoH;gFq=mj%qHr<&e;_n%*&o3AquUc|aR9=|F@742BPVl|9NtoI4QTkfHiScUa zc!neNthRbz78D_ucjdn9jDFhvJSwg&a^1Z~PH@8g$h=kEFb;Mr>$4Y7y|r{oW!#Vt z{C#AS(7}6Ir7D1R=o58558+CVG-HP)_XhYna@E$C`nsKms<>bs40@E`mu(~X3RfkN zLdCaJLYJ20afjDW%%;3rJYm5JAF+%eS73f6O0_W@DW=w`sm38n2D?u|k{;W*g-8vK z`R4i4&n4B%UXOK8nxD0{$8$p1^i8-oj=z%uoXgszq(12Yv?#kqFH5kB-){7osmL3o z+nmOh;czZ{5}Q$Fb2>|$BV5yLG)GS2J1Ka{WdhT1V=kJE<@IE8JYb)&Txw`E(xuh( zQq_eTU<2Lm)n@BuxXMG#%gRWT)YtA235^$!P4e*GdGRla?xUv2y&%Eq`t{R!KO2Wb zl%LCD|D~Rj@s{l>y(+8dqfnKTp$TQ!}vG!?Tfxhcb>rP9@-6UaR=iPMO~wL5Y4C`L-l>sP5=jiUmvj;IMVv z*%-E*4m+N4HuKMx_HrIE58u2sv0KatE|!YJM!FQ|$}Z+{-HeCaF4;?r`%QokbPAs+pt#fkjrPr42}M=^qYBe}J4 zJwscvK&(fBa@mpZp)KFAa^2?n3DP^|Y%3-_W1Yh9c-QE&WmYI}=Srt?eSQ3a>&Cuo zXsd>#aR(m7cpek+GF+QUqIM3MuR5!u-stcJ&m4gbwc${J4Gmrf#Re}iTwq_xY0+?o zjBfl^gtjoh=?Qh3Y2{M6_bq8lE0B}J)BIXzBcDda~u;?|UHUWo99Gvkhb?P0#Qg`Z!N*=c~@(&y^%=Q+pUM`mK4|H75X}MK2}4sRA>p z{0CgH88@x0VKGU`3?{Qv$0>T}H_``QRi-9)UJVSm^n06FE(kwE6QrG9o|jQM9T!?W zp(Q+zm^U?%n!WF*0W(5l2vTps+6Y~bp_2bPAqR@HHqaB-_Y zHAgyI?2v~*=`!n1KO05tp_6Hzee0xqljN$g^!~M%0+r!>SL3)s%hJ-(;!~N5p=_%L z9{G8l{HE&)=oI`*AkZkZCuap4o4Os=2HP!8n43}K_okH3(BC=KTf3;)}zJwBawuxw9ZQV@}45Qsy+tm=u>9yeX@kK zCn{Fn$Zy#SL@9g_Xp@oday?07OQ(nB+McEK6a_bl91V-Kx7Tq|Y(Oah^+4O))I`6K ze1M`;d~G+zE!TK^D|6R#4B<9b zPfSTimV1uEw$|v7B{sgfB}$gO=fuMsfrqOIOjX^+syK$<$UlGEq9yhvQ9!6(vJ8~| zz}rfjYwqlkrW~B+lWH*8fa*CKWU;>$x?=9FIr{E9=2>uMzG}pKy{jFGAC(4aPCWDK z1y!|ZO@yrN4XF_$`@Vlhs&|EPNqH?I%10yx4Q9CUA;#i?%Td&dK8rWFs)Bs`9^z62 zJq3qiS>S+az7ZOfF~Al6#6i^om-@al`k!YwC+aRe+NBdzX79v(URA6etxp)bvv?@qBq}|(eJ}#V96fxgD9P{>-nL&?jL9i zp%eDROsfB{MR~y#nG&4^=~1NaU~fP^uz(DZ7IW-R{0Of;N-Jqk>++XSX_da~593tT zjctD7DxVGv6Wt|j)#dB{!=9l$8+I95R{MGrMmOTUh+zB|A%HJBCC(o%KT}D#tS#X@ z#ff}w^tE<}&J-SCEY-||SDLXP`W7SR35#QJFerON9qOXBD}I22u+B@TqS;X$s+1no z3nIvp%;10q?H99A$zgm>iqp8gQTf}}!+$vqK#)Nc*tp^X^8%~yqip!vVMHxAg)tU_ z9W(31JOMqh!usZwsfxa&{lc$MOH5NrVtd_MZh+Oank6<${D-BYQ@nvJWA3}=E@tVk zFWem(rBA5Ru2Ft01D^61Qs2g+IqKHxPKNT|b2;W1>TJDe#5w(S9t)FZd(dfWQ}D$I zxi-JmJ!;7_pzDV>kj53$Yu_2j@Bu&RoB}AJ}rwD_KUN4t+~YT^BFcDJyynV z4L&7ZF;yiG~jdtmRC+@#rRo%z`Y0>p*dAiKJFMiJ&b16tCPR4wpKD*jU z-TSaI0iVN8d^+*7GsUVAttb{8Jv`p-S>3f!>xL!vt?a13RNPEX{D+mBL+wwjB2`=N zc8*si&!gznxbMr7znsr2CTYmM#N)?mpH^DYR;0eF8~n@SoByG@|H+~$$4Kz%@r@Ay zR1g9_&n3^fSt#`E)6GrXR^!%smWr8{Z%4cJ4?kZ=P+1;p32?k_|CqjGbh%gSzyq$U zt+v*!|H<)L>`Ov0wbQxJgb*3 zfMQL)Gq^Oa?HNi*z*S!=M12w8n#LBZ-G{NY3O@XKd4Z1#(+AvM*}dJA8skU-{%XE6 zm!>8lzsPO1epO7+nf$JpKsZIv3%Fj?_=P+}PaZ`nrTpt%MxcjMs3NukT9{THOa zljDJ2lNF#l_Hj4Ly$;8P)1KPQq=)U77A7%HQop3{j=UgzV~ggrwKAHIICksF%?JZa zXrU#8F14KPqsUlJ3pv*M%|qrhJ)?KRBC>8Usm@>{ay4jBffkW|eb66s`Zdv3Qx@=| z<)YP*EcH3}mAq`%`=>kV-(4Pw=;1{47^eaTK{#G<(M$!0frncq` z46A!}bh-Ncyt^}T&V((9Blu>QSabi4%XG zuMo@osX<`Q*qFTR?|!k-QH^h49L1-Y0fs%!>ArODCX2|4V5B%bcZ+Vdm6Kd>qxsp{ zB$MoiBLq?oR#2%l7|EahrS>9~IF^}O;JfrxB$B3{RN~L-n%;UtMS;Bn zHoNb#TkU%vN@pcu5t#B`yB2mG=?bwTjWxI&*w&x;ivO*ewaVK|C63G2a4En^Eo`=R zmwuP{5!lxM`Clr}fI}vDx<3#;(1B`7Geb`zZg=^yV^hA|Uvi~dwbn#tF562yx_P_s zPEw~ccF4e97Phe4c7KwiKEK%BP$-lDruHA=yn*+d?h&6o%3OJA3((O?7JF9L8!f5b zI)by0y8F!LXSTw>yPWaLy|Cf*O2`=M*mdMGc_qlK%S`Oc8+S|M-R7%CbDgyX1zV(f zI?bvVdQ&_{r!_0Z%6&@WWZ3$e&k)Vm?P)4Rnaq1O#oL`y2}}WQ-0Dj2N=Y1yRjl|; zY5~rvBJr0_q_JDOU1hTijFF^K{z0qK`N03Xl8WiXmj>xYg|}Ge1IdRE@4q*L{rGB& zVC}^>GLQG_^Q}ExjRap-SL5nLD%^nTkI-N!a&{j7K-NYM&+$aO?Fr?E&G)7%3P#WR5&ip9yn&cJ1*~01L;#OOO%7ptYD0cihMKFI zVbyIXem@#X2*aX-YQUxco9c;=IF0c#ldWCHYa}imc~;h6>IajgYHm|hJ_=qo_=LT|@rg2f8eXj%&Nh=I=13wXoky`WM3gnHiJ z?$b4iu{(O=Aq|UrW9lF0oAA9;lviL5d=9e8BcAPxX7Eyn_t<9J#9p-Y(F+| zovU{39TV8!>z9i+rr0cO+#51g;Fgh|qZ^aT_L^;M#dke;^Z8i?d`zady~+OF(W@NmzF1a)(V=3=@`{yV18gf-)&klV2UfAf$2|$Q7W~Qo-Cl@skp| z=jtZMP?#&)BfzTf)B};VJqTO=^xto#>{+=Xc z7X(V4W6!>K**u7LsRw_`Yg!ev85eUOiw%VHd1FI4=<(m@Y`meI#Dfa3P4Bcza{JZO z#oQKH)uq;=blltHNOf1LLwUBO*ld}~C9yh8?w>9D4A%SJc;DK!>z?$rKh$och$2S1 zwe)@|)frG}W-C zFF5+N0KH9BFse$hNJo7obBOP&661*W){$~EE%_FY6celUbCYH+NddE;GwV+LQa699 znjyDUpUY-VEJzyXgnsBkZg0dTX2%c2ro>KITSQ`aEzOd- zWv)}J6{)L&^2fn-dFo$&ul@`cOm=tFY3Mtvr(E^2NR;UxvAsCN6w+|k{KeIe-zktv zY>myW6|QV2pum+GIJmD`xS{)Fdx zUdout_=%l_H!em!oz(5=t7si|a2<@contlQYpP^CZv7P{64(Q+{2@SlkN6ssm}G&j_=xptFMgv~4no^H(!?kHs!|S?CGKTPW3|h=)pX z#P&~vgm7J{@8g@%)Oj_M1#aI98e+migAE=y1Y zl$$QRSOLX{)ne`O59cL0D322!t7~QtsG3-e+c z@$?2-R}x}i5(I&w8s6TMw}WEoVs9=I5}{tCL0{HDFk2?;>s%{{ff?6w!_$hI755;s z*{zx-jYdG#?T2yDh)j&gPKv?4Hv6(7+UD5R8SmyE;wFG(kbX$mxi)^OIzu*%3d3kE zE$ngP?f#K?>|dR+mh~WjIvPp2wjKt~*0Ui(T(V|Lk0wR#V7~D=;b>ZSw)xo;;r-Y8gHtia6-@PH=CYf8{C(TXZ^eM|M zXRvgsSi1L>*m3jXtYmdBLpsxvu^)zaBN=INQ&@W%RTWK`E%XuYY|gXQTcS092ei zf1c=jtno8<%(?di%dv-VMM}+k&S2s@zy@XkFWmN2+5CMl$`Tb}75{MK6cY`8-`7ft zL$O&aAa*gY`s{r08-y+j8Jl0fPijTkPo^4u-j)&Lr#X{!6r*|ss#914eObdSM$xbfxB^ZKl}uHW_8ZuT?|(WB zmdWuPDd#Qro>JSu4XA*lzWr#FX!8|WV(S|N@mR$)vUJn6us&-e(!8bWv<6o*o}q^n zWLc2DcHY*W?8RZenSroF-a9%WzXK6(@qEw`d2~}x=$3BlWsB32?iK4fY6OhK!4m!8JD>U0T zldS%R8Pc^^CgTlHsixtE1uM_Gr))kpvAVz;_=Ehn?}dCrYqI5N<0o1u|KFx$VQn(g z9a;QC@0#l#_uD*LEc-e57FShj3c9teaP5ND0^if`2Et)tJDOM;cXf{jC>`xoebm3= zbSa*-9za{Q(TX8Hp|j$=er`8Xz|8{VBPlavIb}`*GS~5wV|}0#LnpnOD`ZYL2T#8} zt02d+yl%AeXVMh=ip5_y2sKNjNPMkK&sx0rByZ`LaLgjgCk-1Wdw+Q?{BVy@W9eO1ttP3hfmxS; z=o1QRQErhXq-zuY!Lnl}x>MM!WOSD725WO(t>mycOHop~2f!i!I`0{9k%v^?m5vxx zgm|g099;==TS$b=wcFJe;m~NH7qjQe%N^4+!Fv`Y7pS;D-oO{{S9Gv{xWAIBe~#C0 zXCt)SS@GsX9P8lw2vPJs@IKEkJt1ygPyrMX(SNf5ldh2jpc{LMmsZ)AJYo1=17zeu zc|dPbYi}=hFikK4>ThnRIh5yV>k7ZJ;M}*Dz*3kT z(QlwzODM7jS=08kcuHFTs;c<+r9_a)KsOIl!CxxgFki{g2wS?*JTafx)k$R`n~+=5 z5m4Ic_K)2nNh2-JxTLkGv|q-@6Gq5b2$6ajuSw0w9 zb5(NH$aa|&@O8DA7pJu*!}hl`wPzXoE!AFZ721)fx_0dvC!p|)A3JwN?vkfw`+J91 zLMnAbT!%s<2zxH3H!8UCmFr#O;%0p?n#Vwp{o7cV%L7a!?XEZ9(z81_GM~&h%BWaq z&GVzo2l&Mckz-#36nMIBuAJ>-Ye_@=NrzM`4%hnli#QQsPC+8+PQJ%`;9#I%bv3xE zH@)ASCj71STs70nB94N~l9u-`9qy46?2|oq6>nC3j#gqP-Pi8!;6Jd$|Z`uCO7>HQvf1NhWA%p z-G_eEH!o@~49hICIH0-$da#)SNg)MDJUm{&Tmg;kvwOhivZS51VG`&|?gV?3ZaDk( zb=<+28NJpmDNk;vyq+~#+Sfv#_M)==+SA$SrQE*D(0IZ&TjRZHp`lvRdva(*rjGTY zz!U49)2TEMmn$%?nCi8H-6%KP^)5=L*Uz4<>9CM zC?Y3@{w9ZZvFnIe$R2yc4h>4ByOpI-%({!3Q)Cx}w=!Y-<=FQ&SFTffZWBcHm9`p#+S4FB+VSRip1*R{#S(OXKwqQ#G_;8|{ zCM?Jmh-+VbR===n)6jdC_ATvTRkymB&WBFOINzFec*}G1krZ1fZ*8ZzXw;I4)s`!> zFWvICLOS(XxXtA5zlAkyYJ0WTvq##q)5q&z9_f(Vy5(2rr~s^1foj&%Tu^a_?pyla zqfa^8Fgj zQgz55__>JM5OpcNJ7q@w5Qs}Yn`N|UGc0@Ptwt5b9wa5pPYB`~uJg#{?Y%N*X8{dS zgR~-F0~*06W2T>QeKh2c5_RydsuTq-(6#_J{^aoM&qfP{IrP^queWX?gI^?0W_Di} z=+w!~OJys-dJ4o-pRF58)ZT*UIGKYokca*}KX0iSh_@$saagG0d282Cp_k2ntK3N7 zQ-d{Roq@F;u=0rueVCHAb!SZ{^!gQ8`QVp!!We8h-l7fNbLz2Jy$lh=IhUVh#%O0@ zj-7q7;^ub$Bl{0EhodK54v-?-yOQ}=BDy2H_H`YH45yNh_C7&WcZ>!_*uw4lgc2dI z4nUvf>gKb$)Qk)R*@R}3@U*)zs-H1Mi4g7_{GHTn;m3nb|2*nac4SUgO(}1N`V7x| zR<|Y<9oj6Mh{&Ydcn<|0(aiQqj=QUJC$JQzNFz}L(LM)3x}K_|elvqMfNVIC^bJQO zQM#T|1P`JcR0h@E_Re?Gvu2k}({mpCF52#abCzrNtnqk-xbaxCv#?K&k&zHE!H+ir8Uqik4r{b{sv3zoJwwTf!Gc% zj$!c*PG8{snSo~A5N`&veqtXMmPM2lOBC5 zQblpY-tCY}8|JjFg7oa>Ms=5&b$Rmj-TA=@SZphdTQN4?cGQti5}CnyJYakYD|sQ7rUQkA<~iy( z_}z8C+v4a@C7Gkdx~i)+*Z)>QKS63%fR;eJb$h`rP!fEbrzb3PaNTEZlBWTnVF(RJ z?mQb{&C>(WV{Yq}cf~|uV#LHAskV%7UP_l6-mHTzAi%FAuZ zYQDgix^*i6db~BAe29}*EvdbfqoB8t?G@g@Ei}@)aN!~L;Zs}^PK5V|kUxH`0VT|* z1T+B~<{%4#zN#lYgG`}QKZXd`Xw-C&1(W1V4XmsB&yjQo0HR^v%?zZMDj}#8Cb{KH zy`yKBtD@khx-q(9@=}Pw;hIs_*9n}SXZLCzd&g(YS!w%)`pahh29)0Hn{T=ubjKaD zMYU24769m9ZeDzHvsEUKIM$_9?X-`Woo=(yr1-^Qux{-ucJ?*vUQWMKaS$S8#CDtO z#8cTNqPdG(Lc?Lsr9I@670=FB>>@6{VkmJ>a)buDSn!*Xi5Q6{4C?(X8@b4z%-X!S z%nPhA{$u*vIBxvu+>P4Lqm4)9R)#4*9Q7S$<%nz73kfzUAq##+C$S9trI<%I>x$Id!vz2$FB z!85U2?GtOi_IfaFwp_+;Bia=LVO{!4sE~2Kaep?1ZP}fRq@!kq_(Pyv2Nzzz{^%xb zsK1SmBw}=qaCEph26cidOkZamHPu)eu5WR^IDpis=t_SkrV{&Gc2?}@ukwXC-qZeT z;2{OLGFPT?P|1SkxyoWnH;?eT=tSoE$1DrEwpNPA9zSvd6|=C zR+Uwtg3gljbyOA^1x8!n9xSM0&cc_xzHTu#n^RDHulRnjVJcUnNMo^Cxh=gN@+Zg_ zTwZXq2i1dw>%?{9eAS?EcvEkr+Jl1R9+aBt`A-0)bVsz>a>_& zt3r3N*}?%S-AWjmaZgRM{X1AF^&bua&9Hg2@HTarxa{BXSy(uq&9*m9n^cU(E@rz5 zPf!F)l#(EsI_W5J(qpVhB!gEqg>p)HQ|66`?dm%PnSaTN@4_*zOMpte${eEKdQVGS zXM&Es8{$OM3OO;M%3_w1lqO*4;k8h>d^J?ksMb|MH_+xE!G$YCNNyy_yr?Wo3qHPR zpX`h7V=~=4eI==tTqBw&4zvM0y^)w>WUu2sl=PM8!myvIuNw>rt|~nuBv%)$!DZ=5 zO@OIYNb!SVK~$8LCqd&SHudI+UymL68ebdDpp$TZe0K4yF*_b5g%fH8$W9r#-{y_k zRW{xM&WZoc>Mb)Zk0~vP&AMp1XnG)P92>V*agdk!9%x|Y9?tWXFPq=S$i~~5G}rS{ zk1H28!1!&;tk(G#*8P9%90H}$J_w{DHLuG6qU`GCmoViEdqTA>*;nr)ENK4D42yZq zlRckQ(5)G-qiD z^>;(U%~9ld$atv^i;=9AB(SgV0*Pc3liwJsIE)TC+$#aG3Q*(zY zQTe6Qo+x6KucW$HZ0H?KiPCyFr;#E4KICRP-Uwc&QTC91o)f&{&SGQ%1O}G&CwWNu zhTj@Oz7I0fb!~T`H^IAlD#3cY7%A^udgXAEddg1vm2GHHy<9dpZ?=Lr3w9}jj0 zB2m_@cH-`QjTwYR_e;@=zSEDyQA$59Rjwjs1jr^ z=Da|%(Hg(rxqmnSs-x-DCihRMsJ;4yKzIYhCR)mtr{7%0Cq4 zVcyMfAna#Yyz$MW7s@$3KZHv9&eu8|l>k;rzP`=^T=p|1{kM4Zx)>nEnB8e5L>yVB z?@T=-iiy#&a$k3gupRV5BWUVT5;_6@bf9yvH6*J*#Gb4m=otXIqrk_kv$wfITqeM4 zXT**O>MtTMU+#A@L#|)WBT89{ztk;1Wj|$Z7DGwOj4g6^%mFZP%a48f*mewyb?8p} zg=Hp5kMFiiqM6|D;m)V9&GCm?P{Vr|RJH&Otwh#8D6)kjxn$|peT*OX(CnGRE+K2# zZ&knwM@gKY6!Tj6zbL=b#!W#~Rf)-8U+Ni5O`b$+)q1@l+uCnwV|<___bg8P<=5Th zsJQS6nxRW zy_icrG@_&}?&npwneS>}Pbgg;s`vO#yzw}wgX$!RKZZ5| zeG8PW@m8RkArpJq;zHD2J#M)IfA=fI^J}@bS3-tOlA0AByH@KA&+TsYADA4dy;;!@ zYyXgxrfbr0U^cSw;La#>)YryS`gI~DmysrBT!ILHJu6K*vvbX3x*b25RLUeZfN3Y^ zj%Z^amt`f}7xwi54mU%t`_SmlcHninq+7@)meM)h z9?#oCVhtWLo-o4MfBk1p@P6VjFkuH_3q!sS;Sxcb4-yyN8E7S3Rh}Wc-`Aox@|hmb z6o?{Z4@JcF=73#$=6i5ht#o2$%eNg4^9JZp8XhGwZ5jarBW3?_Uk)DR*cYr84W2N z0hi5dDWrFYp^<**?w$EpFk)Yzt4d)@bnl>~0a6R+hu2)m&>6Ier95%myj_U}9_RTL zxw{}dG1)BU@#N^{V+Mk{TFup(rm*R~a#%e(&Cr$c#HPyn^$=f0W7&mRm`+r1cTQeoFz?E^L;4lR=mM7~4sWmnxD#qYs_JCf`!Xz-ykmAVEvO3&`g&8vRcp-W zij`k&fBI^G*H;oScXoI7(*Ct^zXFy%P{n2A_IQklu$1E1723x+6(d6@R#Y1xjrL*0 z{0$*`=ne(tT%MBRuDkO>i@&2@%3st{ZVQ2Yub$1+^`Iq#^bTi;#@25Uo3A&&ms-f}$81SG$5vP7#9Y(6nYPrb`kO__ad zQd4-YJOf_=5gBSc^wnh!_qE^H3lg9nvgY|YBkE{ zv+BSpb&os5QpL;H<1h-X^*J>B?x-*kzg0Hu!wcC2CRU(Hc=f7=J4^R@DqAvW=XL|CWtGb9%AIH?K0_)1SI4sUGS<8R;1jJv=WP zPi3>&MxxiB&c%frRMNN!H#lz_t>{|}DfiL*N*BvNeCC>s(>4BI;Cq<06Z!BjEX)CY4+& zRV<*jnO3)-(*G5oTWHAIQXPG7Yu;Q7EQdMk@dGcWpd@aizN_MTPWqvEZ<;3SEsZ=i&uk<%0^G`P82zbjD(<&<|7|7X$5gQ5W#dy7 zF+~ozi%ZGLmYWwKyLwOGo2n;M%bVu|pP2}hk6kbpX#NaC1>POb1r1#8mg$QQ$}e6q zk932#DBC#)^*_|8waWZ;mTWx!=-{b`UsZ|9Q$>5i+om3#=#)bYzgC?ywqN^z$n_bT zcH;xh)k31u4k`%B*^E{q^x@KL@@7#y5dM)wRJDfZ>E|3)&m+XDF76gR%HuotJ9OzyLSWD9OoZ?mjRddl3+@B*o<16L z$&VZ<@eefeXsBT5_^ZK>=`x2XLHa`XkqLMSn=skl@&@s5+Ah2l@fXw=8*tP+PZ{Ta7@HyQ`n2@F0 zI|qvMDnC37hzagM&VWT9IU~;)VL^2-hEHejmLo(`UQJ8M;a%v?9-eLYAqZ;~yGdjA_PF;m zcin(7H^7gHDpnXd}Cu~DspdP2k2WI0DcaoKl>N8Z^uC>n?Z5!}P%@qa9 zEK8pJnlNerS+{s4G2F()dzqhcI_87v3h;Qs_X)?&n~2{qlpl+`^!HfW29mPq+e{mk)y=iL-Fgp4sM!*}&6^cJp=kYy0zj~{6uQ*tiq_z5&EOl6gYS#Y>z-iJj z;Wf7*O$+nw0p^hjrStb}7A4fR9J$)AL=A6`Dz^>lLK|%gpnH7>&t~_plWDuKOSrQJ z_#7m)G#oW#`{qD%MUhUN$#CD4xd|8@8~As#y`fUZ{2yBn*5bE72Dl4Zi{dXE`R&M@ ztALom&y;+TC_=O#+F#nQEEr+HuRN<5G%eG1G(O!JVnJS@b19VOTA6{(rn0EF2V*EE zBFLb`W+HyWT%NV%rF9P6n(tRS&k1gEi@*nb8a4^&Qs-LxXq-I*{nQU3lx6X)EbJDN7kDgL#D{NG*u&-XFkpP+gjwo zp8OJPE_1`>dKrp@4ly-TLko>^f9}2)McxG_e!LJQDX8RqO$Y6d&#`)xeSM}Q-#u^R zIA0&2jYqwqq6M|(2RjrPz!iPONZ{tgv_@p~uehm=VM@TE>EBwUqI=q_H7T9wy~K^j zB`NP)xdZ5ivLM=KsY;=VLf;cIXHxk*(M8lQCKI%;<)_i4LlY6b@lV{ZtyS9M7Sm<< zMg+GKVTO|0pelNbhuaoV1R>6}!1hk7DOd{hPj_9~a`IlA7wLzOu8lG&_06uZKYM%u ztajB>*4I<1+l>?cplF@sP@2QJ2JpA#% zfxQw#6_-+H?JKlQYV1Io9P}4Hjgy$n{ z7{9I<)rO{6UWzElU8%d2QhsljqgN#= z&%!@^nL34eb8puiB)aictk^|ubV0aIstLi#fMV8iP+B1|YRXDecx&G0hR0xtR`*tW z=GI2f^2<#exUs)nh0+!Br^Xx;e@w~ND%=~V(Ii&gIqLf3fhwL z+!EVI_8Isvx^^2PfG!vcoI>2{TA4yTxUdHHe#1xRd0`AJ1Vu#9D+Y=XD8?hq9c4u5 zDheg_F`;dJ{+`0@fW{Pju_}TfrIn z+(ddDc3g-Q`4^a4E`4Qou*v_!xzG?06*KpL);S& zrOR3jl*jP+J*YQQ@L45o>C9mb0&vYX&E@KZt+`&f*E$wYmwVkfiL~VT<3nQ&HKZpN za;!@F;T?!D+EKXRw&hl4N+X%=#^jbIh|&da+X`{IVAVqQAlkpe=dLKG$S$s_L=OfQ zh^$#xrbM~JD^uc|X#>d*8mY`@VoDo|GBQ*PJn}}#kNp`+9ML7n(twy4+g8TTglOcM=LTnQMs!_ znTzp+>UN)@Onm$n&**JT41TUGD^pcd>{%KQj z-X$+>;DA<)DY@5~J1B-;7a#1pX*zOMs3UKwya{v1^jDVyes>r3cYn)dca99%3-^a{ABc zlIlLzMxT)g2I*@mF&l3p7)q+{@CR{6yoizO+9yrkbbRX+-S_KJ7l<(22{D8LR)IscZQyw4U1({OWC` zKDm=cd6FgM_~a5usSVAN<;;Op$4Cb0`?Le8E491g&y=FdrcbO>eK+jSgmhh9!|!~y!VB2_G=F;C|R#vv1M5U zMHq&C*J|!4_02;s*8x{kA05Q#AOK%oa;n?|{A<&r|=&wEqgvswm9id4SV@sV1Ny&mF%hpit@46W=U}WYN>;tc*NkwSh z&)Bdph;IDC+%dMBRqI-M4{ZD;&J6gboJLoxJHVgUTDZT45E^Q0sjB(VmK$DDP214ywN5vH*lIXOe9xg3u?r_1WMoO(l7 zy!l=Lci?{1fmE)`gQkvc<5b^_kvG7FsKhuw|KFUv&-Q;d3EOkOFt?la(0aU%3`PMQ z@qayyrd_521o;E0*KTe6pZ2aiuBmHV$9mPiCl!77RkR>DKvfW^R%8%}TD^!CDDzCT z7Aa7O%t8Xe+JY@tkV%v&DwD_%6+(zeqH;A7geX%40s$ce2w_M_!XeY!Cph-?-P`+q z_xxbxu9*FYP-nMk=2X1sibsI;(0% zlDe8cidpmbfJP~H3~Fpc(Gk6te*{FLu+*kEsmob-r1w6X;pw!8yT~U+w;vQNg%Vl{ zrRJrjtX#^=dvEd2vlFDN(4&-)y|I5qW~ZI^3~!n^d2WC5&qd&_Z)I=re^YC2 z6&&c}dCYy*{m;Mfr8bx)ikppb;P>+$b7~1bf(V)&g7<|>-9S%b$_C7)6u%}56s)Ikjr|cJg}*1yZ7C~-ExHy$<;YgEgDKWjXO)5)P&Y{`{sJg^m66X@k zwDtT}N$@uMsYM}Yv1zVSfbb{yN8 z9Dme_x99*Xpr?Iu^yoy@n@t7Xi%y~>sl9{{Y_^~J;-Pu!HuY&t>%9gkEz#D2n0(aeiy^eWj%%oBXb3KrQS3VzYR_%dhblzh* z*l`j<9Ehjlm;VP$4PgJr?mCFTMX-}#-4@3Bd0B0r;@^8+HXb%$+S9q5?NnJ;pfs!4 zM89c`Kif(1%AIdqD1X5nJg8Xc8F|cIAPKEb`|J2534nL2`fJsVq*s`%Rmf)f%cu0+ z@)B4@HQI_<1gmTG*4V8;fOdO>S7*oqkQZkI$ZSf}-tf*+8s6QW08AHuc>_9?uh@{a^pktK0)cvV`27E&>iX^LE! zTw&U#{zd@0OMQ8|qRt)6KUYVCs3(D4B$nf<#FNeeDSd0!*GF_3xsi9AeTHyHsg1&Z5sDn;!eu|7phow#{g# zq$TTQ8cVEOex!`is7l-}$9PHqs_B=jj!#?{tO&93!#o&mTTeP~bjG(bWA8C5)|~g6 zYXXS>rJl%1M8IdGxl?l^d2k3^D3O~bt|csj=vrMH37rj!OrDd(hieS>+X{O>8#F~J z#6M`J7rS+ZPRdoKR7!+dy8wT=(;K-kQx+h-)sax!aZ28c@PfjhVbQ=#4hc|2O}y*) zQ`2*W0B&OdZZ6he26Llz11s#8tAiSMO|3~BH{GI5(LP+Gez_Knt5sil+1#78=H3H& z$Fve^VtHoKZHFw=w}6D@QRO7?nD#!ja;i5d*ppaSfVHzKXfVqFe4tWZdjF z6<i9q5pYfM&~V@jEl4Cvw?Z!xI|xLzKm|V zMIoP7a3)2^+t+8upW2vE^~sn$-~1+~syAm#mLzN1J;O^BqnvR71=k5mBEyl%S9`|v zg159tL8u#F&>yRT?TpU0sx0ch+`bFC#EC}gLSBvBr97YZ6l_|DHk7)z{h0$cblfh^ z<&30+udzZ^$SaDqHTlM0R}W3f{$j&5Lm&`?!~%d~zrg{FgLzAwi_qER=O|IP2q*6AZ>#@ zL#j~S{bV#ReOWCOgqm^=EjGY6lB(T-fYy*z3$ zAxj6uMJ6OZO70qKTV;Uib^^^tqx$?uz&u>L64=(i@2I1ZN4Dm);7`fAAw5b(gA&7= z@#LZNtv>0}`hxP;@pGwt@>Zi*DPQOQ)#;%w7FNIfh(Dq(`XJSX^67p_K>yj< zjh6^9bX0bF=W!yMAKKVWePUyZrwGTO8p&O-i%OsrrddlN(y_(uVx|-1%biws(Ya?J zUV*>&PVNQznWLdL8GA{09d=4DE5%6b29Z`I0q;O6$ceUda7v-f=K4X8YL|7237nU; z_i0#mMy(Aee=0=!a$ps983K`rG#^CtnqqmAkq@c)9#P@0pec|a?_qW-+7HKUcbaD7 zh6ftdt)DVKw>8v9?f52jJlx&n$30Ker@6q8L*$*6So;lymq4%4SJ~2J)th%2v~l2rA_*g(4)`Nv=AmgmIDcr-$U9YIUlP`W*^g&y0>q?Agg z&c}qKx{EZVOo@O<^@^oZHXLmCvy=9)G#b6os4Nfwgv-}#Eoo3=e99z|GVUFqSDr(E z?mpGzWzoM^Bu}0uhaGDl$VPu>*yQc2#xa@|9hiQM&dDww_-v@OT=1DN$|3t;!~LrV zGsKmwwRmYMa`Kc7vYMmM5z@*3X=~*!c4R{X=Zy&RE=uGf(6o?(g-RqbcvOc)vo?1uh1*|`wzP&wd)3+ zSIkLqirY-hYoq$pwAQkWIKm_@LfKUUS0AP#2(MgdsX4dSw)dVO=Og;XT(U#10Qf62 zDzVtl0F~7tBIgMFt*ggvC+@FPJ__rRZ~;4MYYwHfg9j%TMLay_L=#zKS3cMiYMtE~ z;g2wrcv~3|OxaBp*;_8{x!|_)Q25cq8Ql{)N(kj3%@r`0g(I{2h2R<8ftzNgn(&-` z;G~2;E`;J^+#+|4@#)Cy3@aO|Stl;hm_Oc_5r?jg=mO7rkeiw8d9jMR|<>2_rxf#9L~in}%`=jgMz`p7N)T7~=sv5x)8wJ@i(c*h61sh;OkX zBQ4HZjG5|w^aY9xb#Bfrb}KL%aiHB;9#NB3yiVU###N*=RORPbSFNHbXBwT2yH{k? z+DdfpBPX7FhJ%FQ(G!T1&fptg7!+40hXTrd?g6O>c+B86dkq;oex{A7A=Saoh>n<> z-nR83b)d{KcW}ESS3anq-}#;#c3mswGUH>~jf}dRYDjGSpC?jGrk7Dlq^_zCD{%hV zf)1iv_$op)nLF?)Zlh<0Us*%6-SplIZsLkI!qHxG!(IFe@HqIgIP=+|h>r5&RDILX zLWKpu(1R27*vrU;l*WwOP&R08S(3$(2*l*8xtz6XH*AAmjvMQ-a5D+e>W|22Fznu3 z*Oqg1~$Syczg^`kx=0SJT-|AjDMn)69{i2%<%wG5FM zHUb}fdpDr^G~yEkB6TNxOy}JL&zQiIocUUHj_mE=#EOjvmLn2Rsm@xx{VBqy74aDY zq2;VStO;(vxdww)J_n$%pB3s`b1C-;Q>1OybP*qwNp%76BM~RO1GuIZX0(%U9QsbtS2^}&p~~-xA;0%%)e#F7tWRKIpCAx* zQPBxS=OeVx&-U?T@-f;2WS2Ano!h{}v$f*(G(0J^ICyHqE)V2lxY z)Wyl2-%Rbt|LCX1*`vU_;#tqPrUWr@Le)8+GM~SxLS%Nocg4qxc;^ARX7(usLSZUB1}AJ046z{Vexk=0F+0|O;yKrqUcAk z@X*Aj3g5&p;As%IQ)`5p#w|2{^J3=k7tktcgO`;u4-Z8oyEhI&^a?xLX;FaQ?zh-4K zH9C}Z+PqaI((DrJ_B*e=L!-)N@sYyu{ZL#!25`w8*EAs#C)U+jUE}kzewVJwo+-p{ z=1-6{Z%2>vuIejESW5)rIhDr1ThWK5?GB-Z6nxsxp5epqy!jreVONUBM#nXvT#B_) zkfJWQgFqZ$(?$I?r=&=&VH_Y3?bGIc_4b-qUc1fay-b9C)>p)3474!!ie9vqO^*x% zlda|OI%nrcd)#AvQ2Hp#^t9xj@a6m8hV!=u3_DoIeu?U+u!>Vmo>atuFjDdr0#E<> zNlus?1F_Hjoqz3B&nH~7<9-`w=I|#3LUxB{szVjck80@TZ)&1CLA(GCp@@UiINfsb z2QRbHVO8YK)_>qWpVgexof-s=Ev2rKRlhI~)!6u-2)U>_BiIpJj-DJQ2~5zOqC5w- zIZkoPC1C(cAZ0Od#e&Aragnm%ukMiK@^p*=ik**Be3t4&VHkAMtOmi@*G`qucVjUx6MV-$dUFR>q#3C>Xc)t-gK_DlQr6n&TS3q z`J6dkjT^XsR;ezGdh{*%dO##L0lCVAP{2rhF?xHR(qR3xups7J?iYIaP>sY-Hh87lq}(9M;H+!j#Tvu zwYt*LlmQH8KSr@UdphcPqa5Q?V}<^eFqN$S+L=4?rUo40Y2pu=yjm`|b=+g&QSi$K z8&e1B%LwVv8v4a4f69^daBv3)>EyxH++-YzBC^nFAoT`I$3{D1U|b^*R&iJ%z&PtK zHA@;9w~-kr(#V1|S6y>duTWU}l*_&s-a0oc3`nDgH3XMUmPTJ% zc%{Q?!op=0FyuFF%eb*aaO~>N^x1iF`kI8Z@Quc^&|{>A@*W1_eOuJO*{iK1OY?e5 zYgL(Y+MW+ZEX;1l-@nShWznaN+0&N=P#PRn`4GE*nSpXZAP+5>v{C&~g8zo zqRZ{l8MtyQ9O?Eiy`-n9_0LshbTF?V^v8R#;;x?9A&u;aC(yjxEz_Wawv(ENV5lub z@Me0rQl%bD#~w$nPCh#_r2|sj(OMg}Ht~)XC3c~vM)=UUPuhn-J5&Dc3lwUu*z$8F z2EK2YMP2JAZO1!P{u7K(Oz)4bIk@pq&6w)Z8`$HT^>`#EGFp3H-SnW9+*1+b)gTfn zl!aMnb=-@lJ(t9Gjo8UoVy$ii)7v0-O0Wd)om2w&@|9Zd=FwbbQk(&scNus;BP6Uq zEW&|wbDzG9w-ilZ5fUurrR!Tc=giZu9zY@sBk!g*_KCP- z8^S+LNaf8$_#~ft8Z~cTy&bQFM>$zb(g7Xm(Jt{`g83}Uq;}^6II?MBJgFpj&f=#! z?yN1^w6)5U!mQGQR<>Cw<%MDc4Zo&!Fo}U^eCO>`=8HrbSt_^e*?jw0LuiVPRd-LA z_pY`=h=_$N}s=!UG6PJejSzu5CSa)5v$PEC9eQ1;2cO zq-BSH8(k1BGhZLTz+D5$_If!^?i#DzrrP`>J;_$M)YL7^A#VK|BrVD;$tM{<90#6u z;KSvNO>xa0*nLyBrM9i@BzrvM^kXm?=PB)TjJAPJY->7TDu`v%Tvu=3kU;TKS(wXz ziZ}j;E8qzI8S)JvGLx?&mr*l+mQ?V`A0q|Le*<>eSg#x9);rlhtL{ie(q6r0UQkZT z0YD~ZulQF@y*iR(2to$}vgw0>a6cRzu0~F+PDllPfIc@#Xd<3y;yO^|a8VAJE;<+! zo##mgQ<@9zG#Aq7HhvK!s#rSSHLUKa#v5xCD%bMsPwy9STdMnBIi^KLv(~57aFIu? zQQd(|T!-rZJi3?LVqr0ljTOv~f+86Onv(}7Wh0~GQjPV0YYpE6CziQ3bodH>_?Y?b z2K)UAEqIb|0Lf+nc7>Vne9DTvD4Nl|AG!;XHULC0!0^KsT3=N+F~Y1q3}FU9-kcy} z7xzaY@!~7E9>+!s=Tfi^m}m{sRYL%%>}@)Eld+Z95fd9gZNP1MeE=B?P`D~Jg6sZB z>hy41Qn-ewYncSN{arK8`Q@+M16Gf$G{0JJk5Oo)VYfbGgq7r9@h#hgOMToU)VT@# z2v=UPs?N!8AFk>DCBw1|vR;&ONQlE`Y0$*_$*AOlS%y zRgMDaE-*N+4GO&`f{4c83 B4#ofg literal 0 HcmV?d00001 diff --git a/docs/images/secrets_manager.png b/docs/images/secrets_manager.png new file mode 100644 index 0000000000000000000000000000000000000000..322315134d450e5cbe3802024133be4ef3c4bc15 GIT binary patch literal 275419 zcmeFYcU)7?wl|C@77*~KAkxH6@4W>PL8Z6QLlNnn5PFfWR9oo11PBli2qj1&AiW6~ z0)Y?_siAiW<&Ec_d+)jDectol^Z&E++1ZnsS+izl&8)pQMse*?P2faYDY!&{4F%~lA*!U_19-X zqbg5cJXyRJc%$gXWA)2|JJU}eJ~;Q}%H3;*D{mSjT$EKWFew|WGFd?Hxu`Nt7L;21 zDc}6d4kR$H8^9tHMF?4F@te*PcR*{-=cb=2?PDB-s9vceOtQ}LQ@`Wwg+`GB#a_<- zVr{(p`W#ap^^e!*Q&aETN5@>Germr$oKq2g{b-dlzQ^M1^el||A^J}2B`T&k&+AID zsc$!4Jhj^T_Q8TmH|Q_S=`V}T2Yz=nKi;9g7aaD%02c7-!$;UHdf3Z*?Gu+rslI+} zw0J>F_2A+!hu@p}?-U*|MpZry&cAFU+UA~~ZWlZbfT0z8>V3&;{%KNtDwm6t(DA6-tKgQ&JgXp&pf;`uVSK) z%MN(8p+~9%BEqqpO6|c2c16vD4E*EhG>tCA! z3nH!+uCC|OzEq7Sx62>>P>fo{*@w`qpYxp4(bUY!*`;Bl^7Q7U`nFIDn60JiE~oM= zj^c*?)*{2!u3x+sPMvqxgW4^RQS&uT^*M&GH2zc`KN+7qe(>fz-8sgh2+gAH4r^JH z^Kp-_j8pr*rq!k23s?EcBg0_!)yeam#YJ4J;P>;l!vP|fEyMLT&LyZ^i;C>N#;hOd zb4R6{qb5A<9s6&3nkO^59G@;1Kfd>zRxoz#$wOUU!*kfjkncm^c^9dDn3rR2KR)>` zvUBr@y3qQ%W+c-3zQ0g^l&L2b#}(n%20vY8xP+plTjx9lgD<$p2!F-R+-_tHrAf}G zQfE+owp1XXtI5R991-{IVc~;PXz5EsR`^ZqYiAWm!CKyt?)}msM}dqu`#iz#LXJv4 zOc}9*YE@4?o*L&d=4TFbF3K;4?(iJR$0Q7YOS8=q<Cx|LsBAfi~sR8GIq6sm;@1hOk&mn__MXZ5nz&+mrC^ z(ZhE|MOsCXMcYM}iu_)QO}trAPU2qpApM@y&C;XOll!}DD`kr#0Da7NsD5aFIJs5D ze3>?eRv_K?<&mYd0)FM;PeQzFwuoJ9vT4jNa&w9cEvs|T%sKKUdDmEz+xLcw<; zA_{Nmec=sOziY=echBy1T*0!zgyC(7AVg{RI^~<^%{SYoocKj}3A>q%~!PX^t+qo^nK4T`MPh#I``a8$y z$k-P4y36Vas#LN-3%B=OdvqERViaT&3!jDE|1p68YcD)hNpF4mN~D*SGeHle1yTZ) zxhJ}(t~KU-w)|unZdo{eBcuRepkx}>9NK(Z8lI&5uGKp-Ffumgf(pzAKBL{P-JY!0 zsV1sMN;FHbyj9KyPS{Q)C30oH)0)z%(Q?*W%Xq1k4qJjXYk8!%+V9zy*+cE62W-HX z!1;&n+iS9EvfALMVCRLY+B>Gz0$T#hf=7Z&Dd8zJDS|0g3vB&~xy=ywg{gI;JtI~l za^-DPgNl<%x{ApPB0ged_4wA9P%7f^BHqbh( z{OkKqkrl_EX^SRv{>d+FW5lGzs$^`k6tazEvwe?NR(@uYf~O93Sm;uHQrm@u=UInt z^iL{zd<70cNoKS7g-%ZmpGnf#0)jLMse**f=dZW!%ls7mCT3UsIjPz*$SgozAyYxA zCVPT^e4$0x5^dRG37TeF=UJy+F98GscmcbBLi8TGFL;P-b4-0)e?*vd^zzS=8!W{X zp3$BqQRzQ^`dIaA?c>_VFRab4as1}06I}GFwyEZ6e0U+s^GSWQ!WBt|0fv)@SJ`i} z8L{puOvwcY_&Z#Xe5vXjC{1Qr2PPe}ezTSBzMOyY3dg%25{y{Ckby|CxAAKoIKFs7N9}n}@hs}>tA7P$*X-%YvWi98JrO4fT zMaLiIF>*Wt9|gc-i?}p%yWjLU_J4DDWS?_g@99!OlE7-kLsP;_u-E%W;Yrz`XM3d& z9(&)p)NA@~G($t>Vj;W!jU_p!upDzsyXlgS;dmVZJ+pge-nL~EBlH@vTOnIvW-*qX z=3{6Jzr&2V6MhqZXQLOGi#u(*+!^aKfeA+Wg9m7 zJSiB5W$9sg5w}+9XKHnF{^-&SBZ%EqdIi7Hl4ccL`3+uF@tdSJ-RYuac4l%q`wjM6 z3zW$zwLTF+xQ8EU#)gpc^@}Nk3wKkV%xDm=XYmNb*bXO^+xgmI<=@H|%aeQ0_nG^# zuHb7(E~?I|I>iolworR)3_Q8{u-RjMb9_{{5(v^iv8(c2KVc(g%$pVBYeL3D0?0Y* z$Po0-LTg6K}zX3!Q`UL&+A;n?$~&OHYP7#^e3u+vHF}G!`iDiG{5W zZKH)IeuS~M6$Bl)%(iXT2Z<#ONUwNEoH(Dk7^JEgZ)l`7_H9&r|C0>W_t$AXpWlSser@}Pty0Z9h)P8Ex@sWR_?Qt)ymtLZ7J%2}cf4H{ z?t$WXy|v^)tme>0*b+JSrlvje{8`-@^`~o>s8C(ld5Za(VrTNgUQ3ILkCMJjMRV>t z)p<(l9OXlGj*W`uZ)qwj^>gh1mDWGU^Y=Q`R8+A}R2TkU$Bgp)bG@V76zab}&wq%a zxuqP}4tDhLkv8|Fr(|65d~OP+ zqPqF;&wcKN{(}uFD(VR*LlYkpEloLF4>uv3R~|3zg#6t+|FlD;;4eo>y4m^I-0^pF zbqCA&E8hEC4LM5sPqy&AJAbR< zKihd~2e$Qg^7L`?aKH1XU7MF45Ff>R_x>>Yuj@bhY3J|s-<;gRe;*cQfWm)Dghho! zg#S-uK2G-kA7p<@{)6mqME{uk&lD#AM~Z*U{bvdtZzsw`*!<}lK=kh% z{xR?G^%aEw2>%}z!+)%_zvWVv8h}lc4dJ<^9Kk%yq@Q+T#c?hhWy zViyOmi}YXJI$C4cpBh~V_?46#KpfhS;*|FbwUxMV?J?E4f9s1s{2cY=JFlt!ov+6* zs#bNxg@20=rSct(*VYeHss9~Lf4cSV;p6HL8t4AKVO_Y^ef^F}Pw~GuFbca@SFTn3 z*8g{B@j}go%SPV3|K>bWQJYd<;BR93cZC)%a4rIBLHlouErlXBA)5ayw*Q{*|0}kC zUb6ppxBasM{jc5T`Hfm5wNmC6q&mV@<25+cHCuS^=KoSH-GNZHY?-+zH}&NQf87!d z{Gxc;9}hFeZ{GbXs{|MnfA;o&r-3=DC>kRfCqCqLUzds+ZYJZcX`iQG6~#|Sg-ok@ zvXBP0?AN*89Q(g(?T+WuKh3>Kj{ZvqO_L$*@=|ar*&~X-KpJ|uQ^s;Lh>%+B_|(c-EPJlm48-Kc!^_J()Pd)~_&D%3iSh_9)Q%TV;LQgcK0XhTDo`Gcw{muJZ!s5`6eeo5vAtTZ;Po_^jQ>Vnv$pRgT+bD!;2ka* z&#(3C<4(-IsSR6meRED5NHXVr+exW%v*I|YK>CrNL%kc(-L5YMS!37xyD70yv|Y$y zdn||x-==C6T`sIw5Jm7I0LSVfeV$VdHeXMs-C`NTRtNR$s zCBQQM9(5=mbVQFF)L@3?gSnjfJE2&1j(LI0Ps*}~L8lAbi+v5_k)UfO3oSk9xVw|PY zb}}cj^*~4vZn|{C_ROR#;`u&WVQBBRj4NlRVf`dok`5;tbm$x8aAcO*>>cYi)uhA` zhB6;wb#orK1Cg4QsA3Ai9OGddESWg?sm#^Au7-=iKGd#ZL%epSgW&Q;EMWbY zRqW7&ql$e6-86$jF@j#9I4Sqj4y14J{NAKA%f(SPoPftZgEQ0zpmy`i*Hs}y7JB0& zL;;<=MNf;-#)8xY8*`rFJ25uIkB!ea5r#koV!i#VgVs-0O02S-YRQ?m`on&`<;D~I zuGR-az+u`QRl#ScC(00jQs~fhOXx;pC}CzWQAz0(DHG0fd8ePQYGS5}@lvy7o(C7{ z$4pTah(pmmLM!_;;2OusQySPZuG}Tn!aqmS*+j`EG*QN9@tszh!a!$2t|NKR?rbgJ z&K&7zzmPqOtGvG_XK-h8_Agu4lbFOAIhU~t_mIH7YD5Wyp-c5ry(_`lqecFQ5yJ9@ ztHCHA5bnsSo1IbON*Umqc{wOk47=(+uw*7Iag`;-eY>`xjVW^>&*X@~iWSY(E-Y5RDHeia5Gf!9%~#6!v_QMo%t8w-mOT0L?g$ zHlI`W*oQQ7z4}~l>q)47^H}I`8qOGm$8J9P+w2s&VCC`BF}U9 z!qm=?{X~9yY($HuZ|*a{u)#0Udp)J1^#R*si;F+S>()&bZIcu+Lr{8lX`0;OcmncQ zB(zu~wSG)6bAmb5^3|M0+El}_MQqnr$U<_a@xQca!l!8BAk|xuLt~Q_(8Ro1>;84MqO+XEkEB`^w~9mu*{WXeh{~ezmp%hCn(qt8>-1_Od8}oNlnV zA^B0#)u)`!hbsKj7H5%8eWKp)W$-7=29c@U)wej z?lHej-iUC;HPW}9QMZm>N#Dtzq!EO5Q)hJhuSoq+!YPnhvQUeBoj!{1G5mGS6BjJ} zVW`a`lxxk*mwGOc+PR7QPVl%y<#sqW&aUKn{(jc}>>+4(k5hi-(0IDKPZ<3b1(AK2^{fxG1ZU=^ zyGIJx+9G*OW*`+;j?aa(+r>@3Mx1%wcyvkGQ!%$d@c#WhK(cm_U$;o6Sctukp-ctY zZtDlDXlw7Wg7H`-@s@%^;XX{Nz@Z|iug|!mzS$kq!}Jo^Hw5t)Ao{f`Z!`YO_vGUo z>JBNBrXk?FVprUjJkQ znX&oWGF$U!KVM+Uq5?^5Zz9uOuF{bvPVA3TK3JGGexPXC4z=t3l%y;?%V)#sq6KAW zu&1&1UGHItyY14YmqwPiKfYjaN2mc77rB|Q4wOuc3APM9;WT(GicgJ zPn`Ath}%kiTh$>hhEMXeSvsW4Ou~aLyLg;|6s$VrRKpq4L-RY>z_CuN{ATNVCF7|70DfD=!w)3QgFepkC}BtJ{g zz6>0L1KXwC@YfM8DClpol-)xrpdn)E&~emGCwM1gyUbp}_7v>&Q^{&mts*mu|YwycndCVjGl{+L(k zOmCS>I2bkno z5M46Iw$rVOtj)ufw6DWWC*(BL^e$-Ti0}2N!yxTmrE9uaXzErlp;?&hM_t*lpYHHL z;6~V48Qq+t%SfZmj$2zbBD@{ZY!j_Kn;9y6JP@MvmWvb3CFbMr$#DF}eozLZH8Wwy zZ#0i;98BH+ks!7-TK=rMf1!2(@8Z$IB~&F+9#Mb(D2I9QhIT*O_oLI(^{%$zN{iG^ z=R?y+7B4c+Hytk2@zG4FrznV4Y~0G$QT`bl>Sv{UZX{XBbK~{N{%42wciGfs3%g2_ zIt-TkE0gSKT+6TX-ZRgofAXuVb(c1T^qFTIn%>nRI5fm ziF8R-Jo*iu5jSGy#CeRrN@N>j9Al|8G%eFtB@crdXofBW&5j#LYy{)i9HN0)goAAU zk83J&_knt*L$Fu5cCwY+4Gt}1Q1?m9*=u@mxIU4I4>LQ)t~ujHWExK}iX1!e$>m>u z1Ym=I**FGQEU*$HNy;{hP1`INGyj<2lXU^{Sh#6>bjB!#fo>bU4ft~Jf3ER=+5t?6 z$G@zK>HNsD?ph$P@@!&L(ypVa;$@>j&%539h!NZD=h0nj?imqKXRy&qwdJbwh4v$d z`f^w)%oE0U8{W6xzQ!02m?~8g)9zWm_{DfK1M%U7NVA|H^g)P=IpzbGCK(8n#u6IL zVmpCttFW4Ts|)gLjrKwWdn?4GU9o!3H6NDHCXzR~ZocPydalrv>nPz^LwcoN#r=>W zk>8wr5ekC#vnjt@Y*})Nw3R0pnT^#eKV%0uL=ITBjQ()js}gd%v6h<>Ht9y@Zy+$6 z@0rw^F;{>``FvHXI>U?i+@>N1>IXR|#c)s*zBC}ybzrPt$s1R0G>8BcDvMY$%Ub1B zz=jBG{8KwHQT zV)?b{)-s6`b?&&aP13&-#NQg2PKy0YpW97- za@neOLC7<|X27?jn8hsKUMq5mR_7`^K(6#cX?5Ha0f(Gv$+VOet^x5Li0aYOx3c+W zS_I{&Ch0cPZPwuGUXnc`Y9au5&U$9q^zns3$z(8YwG@>I_}ykrzl^O-5zLq<%a%96 z@=H0L6A^zoX+oxe;hBDs7hx?L8ejaINooh>uBTa~QP`zMZf< zQJ4vFBnsWy>&kax&#oM^s&`G#qy6=eC3~GO(Jo9Iy}K5xtgA|A8QMdmY-0C?#OJ#? zGKc8HI{S`7jA=-k`?-HCc^$Px`Ub07dx(7b0_)gn-3kIyNc!|L<2fOlkTa<+oG{vA zg|EUc7Cop`;&Cl)gc=Tz9)qw~yoP181prKBg9an4vrhG%lR8O=geySjV48+7^y(x= z3C3q1yXU5ruPzBhlOXnf1}q)U`01F$%u4Om45`pxpD1L*0fwdeTCD|rLTrvY3S|8a z%LP;1iy?6o&AP!Mx7liyen*_paoXWww(G>IyzfO)uDCF{QIa^TgSo|li4ku0&ztP3 zk+Q>Uek@0YO*aT{i(9HKtAofaiY3gw4(v{xXx<;pgp{?pFKfye*W>cG4=OSCfUsXB zs>JolTuuq>!Qvji&Yd+|l0#??{&AVx)Zm&lKKQw~Qr}bD$I0qJ1G!V$PAzc$RKPZ- zdY4`L;(`Y5Lk9IbMeX%pYn8sD7%=55ACk?}zn|4S6g>ANd!c!~@!{fa04jIbMJs=9 z3V~eo4xlFm%w(=58;+GbynliicG1Zdr!`GtBbQla)3iG7YgY{~*OoxmZUOEaW^WbM zSGEPon@#+v;(;!tJjoIVy$M7I`7YOfyF?GsBs6ESWnBtEbWpa4Y30TNik>~P8cE#` zamLle3(MdN@)vGQ2@jYVH%nDk7{us;(R*tLv*Zshy1 zOf(8hJ#%18wwyS1r(PlH`4QV4 zJnC51*9ty(>}58HmA4$QN`jP}1wlMot?D#ncYhyP?n8gzqE`W_{^XUPHW%4_AnukCw23f`%*6*orKWGHGeJFH#jbXaHjV&H~V?xU>7MbWSRGtusxl z+pXJy6p?Gi;OxeNx|Z!xrDJ;Is*o=TJ!F=ULE(qV8q1zi#C_sRqhUO zDJpS4x-8cLsy*7Yv96S6tI%A)kE8c>Z^;RTyu1?RYf-OJi=V4(;B2uj-fI?VhaR@z zETjfbml6An0IMnx!=w?*FQa#4aTdeVcHqRq!DMJvG}Ym)ZeEMSg-fB?$;i2uZi+Vm zMjPhLZ(QZo`aWAqeuT4}v05`7FgndCCSV^;TNkYGQnSBtksbIWj!}fyTGnOI*LaLH4$*>{zJ+L_i+ZSsR%pOzBE;Z=W|0A}!WPCrj(jOi-f2mCIxp@H5M z2EkhMRL={Stzb~ayUOeshDxG`iVdq|^p&&yAKNhJz+sqYrT~*Kc}{2jN;?$JG>^*{ zDW^^fl?Pm70qMZohcH`e{S~zJEhp2ulZ$N;aJBi&CwWzvlbjGhP!1RK7rr;;TtM#T z!=v&@ua6-Ay%t8Lq;!vR(vu*UPJztTw$RPiUPb`h?F*mkUh`F!_2Nh7_+O^rG7rGh zy)*{}S|DYzb+M~qVr3Q`qw`s?K`C(7+r^xqc+IVnqTBao>o~b8el#X#O3}3TR+={) znpObg$3qPKW$?d}AIb?%cuG7kRnKlhGOwL-uC>){YVFs0(3XZuxgh8YwYLh}j0xxA zRPfxOwJ%sUsZthg4XM0$wTuT&M-weWno{ODvvo-hR-uAfRUyq%%EfwN*|9gK9#dQ+ zk-ZtA_~$G&E)!o&uN90UNttbtT5Mf-vePM$lqM385$3W>!Xi-+=h*d+^uHa_4|aL- zvXU@^R@(Un1mPoAnY`R=EGgkYi-wum%72&M{IfGeL`%qz;9DzMntMV{x8h-|=eH8t zcNq|-?7}*^mvF3^yq{~X50>A^{&sBcV&o9Jv_o!?mO-g3-Y2mi93CtQ@}Lbmven#e z+C7?F?@};0KHBBDz0kI1;1F!Tf3^~P^Mr%_XtO)*Co*MNvd(@Lm3IW=b65^EHYnZL z#~cNSRD>0{w?5w&Nb+#0rJiG}T2P6f*P3;BaRkU-h%?I5E%QLd6okK^Ii9PeZE}YZ5thSRt8kf@&tjjXfp2tv4~&FEtF$ecqt;FVK3?BxQ0v#p z(VP73x^wAkCcwE`=jah-yEaKgxqI|-ffn@e2deSfO9Pf_@%=6x)^c+XF1W%FBrH@T z_fcz2A*lFSG#hi=55QEg(GBu|om-?kJD2}{yfw(7DK6LBp!^fCV{`bg^sY+2516Je zm6CA1L8c7QJfG&8pG~$8zGHCZAxqj+25@GxgvCB4^kx%nq^(7pgRKqLtsa z9P>(?_im(m6kN?@0>X;%9AF4~bueO`EiBjWSUnGftD$f)DS8H_`uhf{^Vo{O zj*&6Ac1Qn}XNSbLtH$#Smh7uJk^sX1ob14AuyKpw43Ng1n1LEo6CQuXB8YGSnH$j+ zCB+7g+$+4Zf!=*3G({BKy#LzIuCttN~7-)nFW`r<^h(ImK88BLl z{J~&!vow)a>Fy)Lvb;3-+e6)wq`43lZOt)YWkf2?gdwLEp^E$yHg>X9RHnQu33N21 zIEd7qli~^nz?d|IrP=?6*#esuMkzctIPu&PpCgw25+uQV%nY# zlZ4S?S=7%1qLT_H6Sx4LKdoidf$M6C*+19fZ&c*aQPnGzY3ULMhpurw+MX?}GLypl zD2@5xe%c#5Ndz(`-O@R%!i@=;m5H%~hBXm3>)8=1$pWB$93qLe@PTrg8hqR^)t{QS* z{ai|VNy86BdgYfV_z9qe`U@gfHWtboKiSAhj^1Fb{4Cy1FwV>3# z)TX#tXYrI*7x|l;s!i)O7UG0%9V`lFuPz7=&_#Hdty=+(`3_jW=huTsPg2m!cGU$I zr+Rn5l<1CfYJY~-U7-^RgykT@6L{+qDz6xovZpnp7A=ci!!#zAe@$mKGTbN9e$xt& z*k;_cLJ*jvS_~yO?O1#bN71}r(+Dry*+aiXB!#t{{?2ppQqr!XWr3Id`W+(leW_U! z)4RG5%<>%g&NGHCJ+#5YfW@bh^G1c?oNi*g6yzZS_O-Z5z^pwx)0e)sIWciCcd{B) zi>?g=2Q8kch9^Jqp_K!q11t4sp1IvGv9_!0EhB2rX3Rw(hOK;nA`lR#+_Bd8-TGVv zj@`oer{7c5ZI5}^A9IJJw&Ib=TOJmp(FPz52lnNAA#JJV5p(W-IdZp&zY9ew7-2`7 zOP1`RvMtk#@L~qv@Ns>wyOWCw&s-X-+n`I+E^?O9=2*m{B@qp_pO-D2U#sQHnrw?{ zTAKsrd)L$9_)G%6Ou3xv{_FS#7sBEf>Qo@XvzS^tkzMNY6B$}t$x%149I4%k2?$8>G7;J21)T$be6qe9`W00d^_Vq6E?U?&@+X@n?K$C z^z72Y(>3@h3>N21t{o%>aRqY>mW0y{$#(_rE#AJ6X;^G<*Nn*YGjIkfePYh?T235B zTJn4{_Bf{enAPp**OR&q;{wB<6>1QcgMsB=X4^@uxvPkM_)Mu#I5zQMA01??TPXrC zVZ~SyZVcBC(7X||c+8LgG2k0K8rb$-Z|d{6A@(ysAV#$u#P_>sd#u28^rxln>)J{Z ztvR!s($OnJ&#EJc;=v^OCCUo1g32)7)dgu#LOxry6JfW59$nQ@<^K^a{`4Zi4=7lO z4hiHo(n#pfna$(lRV#nZr<-LAY>yXKz%hiaq9sI6YOPzujvNn4J=tlW=S-fhY=qRD z1HMe0j+blLWCqTr_6><`lD-GgFpX|{{K!KS00)8PBvf6JZ(`+g5iK6Rbfj-06bN8` z`UCtBKOMNP66DbR%y;-JcqPFd)c!Mne)F6%J^w)|mt^$5{SfHqTK)^)u1e{sA%gWw z+A|KhtdkC|Y<{jJLms{TytM)Ls+JLa(;5ow9C%al%-a=8=o4IBxG5YLA(v}4(&UWJOj;OF|q zw{-*?8lglSWH0N&*>+Tfu2#TKunrD8;=>d}uN(jlHm`qKyu^(+90+JDa{8O^1ZN;0 z`*9=y;dnP1RtSvG4VVGCEc3N3n-=gDEVB`$!w3iaOO~;rvS((x``K1pRsR}eq{^?m z5&^Ypq>VzyFV}*kf1)9d7P2cw<{-Iekx+u!D`Tnj*@%xJItXS%*pC`?{CZL%e7vt7 z4{PjAIV!~2;4W1&)@Ki+P(;lGd>c?Ecr_NZ`f-ANC9%h)Z8;TRABym`X>YzL!Pp)< z6XA89mOGR=5PN#K3Q>sVEO49(^DK z4s|Cl0|nn(ja#EXwnkKGf&6~Up%3c6Pn7SHbopl*1M3ifUEoi3>z%ed-r8Iray4%^ zLfM`=js=#RBP&2t#g>|HBtlQWOy`o|SK!XYD>+`RoyrK3J0!ExHwXi3bwQo^c;cc> z?L~IqH9yi8U}b;(_M-ak65Z#2yUYPjcW*c3OUosD4d6Vd|2}DUK5?t=125(n7 zGrcGkLoq%Jk|6}S#nLH|GSPRbnaK$|CASBHAFt;OBh1&HXmr5lX}^@&%sgI1abU&9N!f7v~XKY>ypYgCTQU z23OXMxj16mo}{ZV~bXO;A6OPl5JcA4ETm0UI!H!FvbZeFGU8E=c>045Xlv4_Yc#n2#H?J|llKFh!j zK3$f30HgIm^AW-$Fa4qf54j{CiGMG7kFOFc@rg@E2$34>U!4N}5^rrOGeSD+t_qEw z?s|GtCM+_~QRZIkIhr!al&mDAuVR)oHuovZ{&O_qsC;bJyy|wzLcrRVnHuncK@-d9 zu5oeuE098i`^3GgM$0n4Swq~9Y~#bQl107kLHldcgwZmo=mjSC<4r=trTv(;_{|}E zj1Wyop)x=TFdU7NB%e3k1F|%yrnD z>|PC#sLq)TrX7^_z>m9elbhBTbbPgc#yI^C6cZ1CxZ+7OTrze1Y2L9q%j{L8|Zn=r)SneiC&ozp>x|VEdb4j4$W7|9tfH}Si%!P*ql`7=dr~j0R{@+E z?ws#&GPJfD@uKBqk~&Ol*V3Ft_7XA3*LS1;?OFn6Uc(M}Qz2&!S*n6+r{Iqo-rIJ@ z#v?tUg@(vF9y5swSe`}jcYz5&S^W2UH?tVRFyC?EviH%_93NYbQeG9QMq2#wtx6M9 z6vZn8VVAZyJ~!GOgNQJ_t64<+F(vRf~n?_=zB((1qWM%LzmZ@iFP%B1OVIB=VHV5K> zC=c4%;8_4i0RSIbSC%;~X7^I*k`MiIpn>#Ge5#Ni_BY^4B!o7h(xL_btNAD?rl>B| zihjtW+!@>Jp1$HtWaC=Zo)~I4d+ZA|!X)}lpYhy%u(Y7Go>kj!JtrI%m@FSQ7qRwD z5~K`QwGw9@t96uz)0&eI# zr!gSj3A6{H6v$xp*9yP@*)BPfECz~Jid5lzE2Glpf&!wA7Lo_Ox52X?qBBKcmm!(auH%g+y#Pw)}9o! zk#YleJ?y~Cq(vWS0JJllvEpp6{;RNkSM`#Q#~&|LbMrfw!>zfU$NZqVqYH>xM{%1ECDb{`MDziX(t=05k6w&vKbI2g@Io={q{Crf*S>|g7TY3dG&<-GBZ)Hw=#V_;Ca^Z~{%k+6Unx*|mqHIQWyB_7LwmQZB>F4^l8X*1?~LY}hBZ0t=Fo+flaa4r4Q z87Qf793`wSd2;-#z)0CzvSIF{7HOg$mTidnAZXG&%A^i#-d%wO_8?DO#(!Bi52pve zlaO0`9y2W7{=SZ!D@~sHc-RK0UXHo2DeUaer`g-mCRr{C+BNBdJR8ljZ?sP zHKRp-P`r%n2mnAPb+Eo2%F+55PR_+W`oZkar)86#MZHiakeeG&0OL;SKL$RUZt=13 zAM|iIJ6#cWb+icX9vmt$26pafwHBT!?tTelzY#owRB~Fr+PrvtPC2^W^O1BO!ak%! zHj&sQUcXgKoov_lEp#H!^kb(Dav+Jj0er5zMLD%Qv}IY}IK0v^{^Dne&;`T_ZERqb zr%`aD*138|gUb?Z-Th@XE{CAS3Ap@D>N(Q zcAcgV*S1;L8@&l-kAcZ%2Vcm@mz3R6EGVchBX8>TVE^o(M^u^6l@of`)2P~|XN1}2 zouGMp?{@*)K0yac$+09#z-gtZRUOD+(JZv>XFD)e*8W0hC-vA*0#kD= zFq@hfriHU2$SZC3YlseMM<4yF8ai0z;b5)A2dFg&!Fr?NDa(`iT~g$ooarv(Q(&pZ ze%#=|rT6ZYxC#*01^yGct-wUgvpOrmOlk1G=R-gAZ8{dK7GIFe%B3Av(Y?_Zr*58! zM5zNg7ApE@9al@^AtyY);jbI{tc|LS27nOGnTT(rkpa6E25CN%d;MpKP5$oHrefhE zh5ap;8I}vjVw(g@^5*c6x{^={j?ZgmC2L+o3at)Rujl2ju5yUvV=4z$nA}}FB@3VV zKd^As`kgT}1XkVerU+|<5OyhYIX^HIS7A!nY1$wu9m`H>AEQQF7}}Ye!Xv({7m)03 z{g1c(Kf_7$7B9pBtG$A@i9eP?6wPo(LBK#H=(p=}o&jG%_t zJ~heS*liy$l-F1r4B|pe*`Uop#E-SOzXsF#9ve3>0O7~|z)p_+4*O;z{rPy=&05iVE|G@)n!jg4x$mzmu$NTb|E#39gMZ5BBSPM6TN(!^PR~yNY1M zPw3zggdx-?RHM1lL!5n;55o7V?D6khrGwr!ylMp1h)m3~X?B+c|_Mq&O ziAE@#+VNKO37SU*I&3?zWLa(?+5BYc1d*}QV|sUGv1WLNvS;IO2l2I25KV%G%SEaa zY>h%X7_%CI@o2;5JJ|lf!JU=i0aVslk9~iZTVZDin-SdLt2*IggUcvi>8an@P}n=q zH%JTr`*;e@I7b&GBBzL*aa8?0mGS~|1~!j{@kU*DgR>cRLbln7+Md`b12-tYaUBIx zI_Tv~7By(I(l*w2&7`~|nPFO*f~U=A_X$IP6#S_YwTuef z`?BJ`9ASqE%^G1yoKkx&OZKS+fMQ5 z7DZmnagj3uCUJ=Ed`vs(CuwENAz#|R#c2%%m%p)4&3{cSbi(hwFSyY z`TK7u{>n}AlmShj<2Cc4p>-larebqD5R=t+?Ikz&V{^O$kO$!G zm8OEVdB|EwX2VZ9rCVRrN;)*(e0i}er#Xj?uSik;*ZxA=$9X0+{LCqa1`X3yC)MU7 zw8F{B7WTp@cX*dD{v|77`4uuQ{cf@&&+=QnzR2CI>6*ZPIXNlB^$RNiNceNBRo(D@ zpA7idmFd)pME^wEx92|kj3F1k&Uo&r3pthFR;zoP}8zlBs4RiMaPd_kYs-r zekzEoJQfym=d6939dv`gqd3UzTSfIdB2%hvvC_(`eX}~cy)q54t*b`2llL?B`$&?e zrCSWR6F)GH-d|6O=2399J}4Wm;lOoMHmgfqgIrmiNS#6n>c7N|os&On|`w6rZ9vg*!t@(VSItg03goP@2K_%4eaK_y&ug>NMg ziSKOzNF%|_hf!wC=(jO+3ym9@s9WwMGMn4AStNTIyjvp?X2~oUFBJgCo05GiZJ&I& z-<9MCoxooNY8zKtvftPlh0L07!xAY#uQnxGr=z%1@PhD8Elri6xdc6Rx|W6C0&PVZ z@2gUgTGTku4+GCx$V|drdc*XA1K?~S^5UF^n+9-uhdjWIAkRCJyq!yauIAAVCMIdi zRp`Q=Xl~xs1zyG?XEWP;H}gSCf~P=2%d_lDIg`>Azgfd_JA}*km%ZijM?2cL)pz!R zKGTaEV+n3eMlFeJg_tV!MxqYGQ+VNWz+De3C%vJ(;y&Y;OkT*#U+ed2y~&70Nn3&( zvJy>~urQ_%dISy9+c(=8-`c{3z$wQz$hx=l_uZzj+!Y}6qXyTW%WFy=C5KD}St3qm z{rBL%;V|1N%KspmVeF0DA2>aa@j$9vnSj84F*mb@tJ4jR(?51TnvY7c2!rfVEE-+W z-Q3M_b;Dx_H{T6i0;;^+pXif>-Y2l%7@H{}LE1Y9lx2v1Zfhl48FGp;fHU;EX*y;d zwmoIGgMEqd-+&8^0qsmH^`qmiw5o@=FPRoPB;o5=b0;YXAlNSPTx&$Y@hA!yzrk8E zgrX689QYx~5+2edBV{txIZ&RGOEHos*gIRFBdLx*%@PiX$CefND3r9 zv?Wk$7acFu{{Iub++^w2+-8nEnVN^+f>RgaUuz@5$F`PMEZ+>O_1*d-27FB$`uQFd z>j>C5G}FGZwb-Acy#&u5k*LowAgiS_n+BKaZ~Hi2mrw2#^j7{tK?Gl*K;`5~8Bq0R zC4n$ot4gAq3dndaer$cjl{cE&D)$RMdcW6%f-3;+_ItxlrqBy{A!|>f8N)uE#14&G znCPxPz|A$T*BlEY;Iomqx(3I~9_4f&g}}_WAOdz8sS*&q=^9@egNCu81dz?HMMq!G zpmLbQ^a7t4oUH&Qr(<*?K5qRxH@xHr(n&)+!u8Qm`|tjEtM-pwwX1e*S!=F2#~foU*i4o3_uoDXUzMd?-Zg@VaS3=Aw}~z~l1(#t zuSI(T@iGxmY>gh#wH}Q&Fe@{f<=4ma8oll;P{`w7I58N-ONxQ{aY9iA^`UGvOOEx836vBp_Y#BlT1j4CIote=a6sRctC zlTtct?JFCD(uM4!J@-7^R0BV?3y1Xjdv&`b1IRp>Ah+Z{Qa8iP&EigktNchej+ofn z4h0wK$b)^I>Q5C)RNvHoPWi7+K9l=wJUMr>?Mg|~3lyG9;54Aw@hg0^ ztDG$yV&MO(g)FysE)fFGkOmS;mU;DNgU$05<7*ifPY_Ai*PDWvo4pt*!G3T;0i#8= zr|5a!av7V%dyI}$qQv#CgwzvdEm@fJf`zByy8PVf)?BCf69G}f;anAQ>U)$1Z=FA< z8uckMrJ5{VzEISTo#H;;QJgc{&49PXoZtFYfZ1H^?oml29|99P2AoZHN>R6sbEWei z>{N|B+!&WY9*eO*q+=aAtqTy_xD(^(fKv_BTG|6bgz#8^@wg7CAAEAOjl5K5@aiNp zM!%)e^DD$TH*gFDuSZYXrhkxProZACRafo$Elhz!^ zdE!LZ*u~Q15Lzp^N^S&PVX;CZ*pj6i)`!cBp73F_@ETm#@QqZbgxJ**qjw2p3CV3p z!IeviGVHB;v&P&VCEVn7dP2^}bjXZjn^DEkD8WotB*bX1YWSVobCxp}TC8JAHs0}C zA+En?yl4!qNrTX8JsR$tbt3e9pDNu&$W>BIxI>G6NRXfwu7qtV4Lv^6rDT@-1 zEpK|;uyA2d55!25H3WPCF=!hXqph2V?qSUoOvu9_aFWc$6U|HSuB83Ofa`d{uWL9u zu}TN%{I@wMgS`=SeX<$XZk-IK(t+v^1NP>(qz5899qltmTt`)w4sl&l%M<+{7$c9C zhcEt_@LMKXL7*M&X~w(cTlanUa3Tg~U*b#Ixx6wqIuq8epe&N>`JGX>*sSIeMB1`? zx>%igXHS34ukn1a5gc;hxH6x9I%+l-uR%es3E%yyjZ+DnrSs8V)Csk+Wj!$(@v5UU zTBfG1!O4_(RYE$9C4}2Tuz%Kl3YioYoOGb&ZR zp7OLq4(%n>q5B}ACAO{eI>qYwU%^q_EvL2b!<6I4{EwK@FSzbe6F)DGNbLAvM_4Ue z5^kF&ozj3qC{0#qL*#+)G*KtLr32n}iAJJh*H`;5%yd6alL14zOz&e<{HY-zf2meB zj`h14<0r;$<33U@6ERI5W0IGH5|tR8H7!xf%%3|~l| ziff=T1LH4^V}HB%TIVR=ZPpcDaEH%U*59Ze8oDM>KW1CaI>wI^(2c9HlGwMo6J84d zDDQK7!8E~tS+E7>r}2iCYrsSOFp}Df^O0@OPzH`_Se4-yuO4gn4(p%}NI&Eaoq3yh z#k47=;nrDoa%R{i__AiLf42kEfB&#bsq*B^_547hU(4+n`5|zbB?H(G<$~!LH3^A% zokTU9f)yVpz<9S$^(79JS58HoT9`l{18BKl*PK#tlZ23Af&+^)s zEIkV;eN`nj>Dl^V$>sZHPVyy{hPL8KL;e_YET$@`wDWz`X-VIK7AoV<*Fo{FveBx8 z$Gn{@;~|>yZ`+hJzf)%{EiGOyuenh6i%)tiP_lJ_Di|e3DaE{UjdH?hJ@0NmHPRAV zGXOz4zqX=RG2bx%FYQ5=A4zN+IY62fHcW9btxE`tyFC&xvNNyTULT)Yb@O4aOb(#+ zG~_&`;ftm}YKFJTewPpalH{}oqQi=ReQrtF7!mpcDwG>2=4NkQk~9sh%jBLz$ra8J zNdrMC(1KzNq0;sGd|VJ$CDx+_V6TP9INM`w_h>QMV3Py?%p;j+T_|G137G-$LMF{6 zk)F}_KGx9D90RmS*{$$ouvbDYjY@@L{^q?|>iHYvZ`gUZ?uHXycBiJpildEorL9vo z3{Z`fWqAgPxFp9`jL$G+#HQ$wI!J$AH+~ArA^~Nw>x9TPg=%^okQk10Ey(YNMQ?e) zhA-Nj`W}ABuPU>_tPzTU*KzEGh%2)?Y#2nCwJ2@2%%>)c=(NyT_8t;tDJ9GoC7Cy4^R>2H@*z;d@(ak96Pkm#CNxjT?pyIze&_j@AWeNVWd!yB zR||5EQz!a8T8MW zXlubS{6E(%9;avJq%t5)QU#nWB(Ux2+GTd9Xibp56Exi@elo4GSi7&RsYDyo0(VlV z&rnQII>x}q-z>Ow)=1S)#7vgV2)anNxoCcS{27+Lqf@PDQzkD3?r_@PIL|;Mexhn| zeFSqC(nMm$HHSL5c?&;G6Usl3rf;Y zGshg;Q!6jM#1>Z|y*u2B{0^!Tx;@Yrjit5Oc3~1XD@Fu}33;TVK$xQ>*ZGeX}d~f!1ob&Cn8k{I8!8yY>{Xk{7W#ciqOn7s4=o!{7WTR@f|n86!wyMt3ulaG4b*J99|mDyDS_sr&Q7AIJ@xbplQUmAV9{hebQhekxbXn=W? zZ5vN|mO>ErT7VT^9ae!tfasDvp_Vw#z~Rl??l+n=RY7~-8()cgZ)Op}rz#gZ4D~-5 zJuiW4XytRPNeh5EbSLq?til&tF26dd)AE-xXy|bWFRgTj1^Jw!B}}!znvdAhyCqU7 z@4;Kmo8nnDdMNh3321HWw^$jC)p)n~)@Tqm=QrMfMCR*oa@eof$fedy`OAuNEmwF- ztl9R@CWUnct}l8odPniv45eD=#jk4M*9E^{$L|5P^c?MbYO@T`1MzH)11VbWqG%DX z-AYaf(SGHKu~8li5%v$}o#t)F-9};v`@9h(b#Iul=6*po)-CMe|h8hj6d^Op_jv-R2Afztg?pi=A0&50y+i zUHwrG;PsaOYyV>RBBbipL_=mLg^jtD>kaXCh8QYnR5ZkL?e6k;@)3>-XdNmJJ$CR) z{KfAE4=3S~ughM+75fLMWwC!GDgUmM|6;mchctA1xkP>&&xQNKzzP$o;{ioChN_e{ zYo|S`sSjq0jO(xSF^Qg5U9US&b8-0RMfG1-@z{SLSWMa>i8V}LBLvOL8XI`;HMUltjL;`pc{eTUx#5z9DbmO#C z61C`OeB$`C=a_Dv%(=Q3kN0u*Bp{1uj_?1v$v>W{`r~a9HlJnCp6(cMmHXY8rS5lI zr5;Xe8`L?r?asQ7{WXmkM*XT&Y@Di_*BW@ncW0YE1su{lw8i#=Zas|}{{{O$Qyu=* z{CFLTb3%z+`Dm8-FL$8-)mfI!Jq3zkt2ws+dM8>R*HJe|7esSN!)s z=0AV&-w(q74Ag%=z5X*7|LvUmPq_KFpXNV{#y_l;{|Pt${|Yy0y0UP~|8=g>ExX*p z)QPhP`B)3=9r;`-zjOcZ%7RNzRrB3mp%7JJM!cI>&tJSV>m5m7qL`bR`{&l&zXpnA zEa7X-2CH3RTK~=(?ZQuG&k@uD(f{}Q?@;2@ojGcgn)@dxO1=7@klziD{<%v2uVgZC zO;<9WjX;aOm-<%N-+$(XR=5gr>OT_k2(=^;0UE`Xs{M0M{(cc$jc{Q&fz(jr|M}SU z@CeCWj?4&nW95KxGTMz`=Zd7kIQk!TL~_Fy8jd<-*fkof5q{{=(n?fS2Ed=tMfq7K zGClViK=e%5qc6j656^FV%Q{HX@@ibWNVR=r&piRVA&4=++3c;d9MS(H$LPQ5gJ&~D zq@__J-L!&Em6%0Za=u!_2Dgx>r3>}0xwyi(zZ%iuz-JAzVgMey4l#4L?2wD>PHBAZ zIoLQOTTXcmLh4iA7j$0yOargglcWApqL%xf6ePY9{5X1GWDj1)jlX1RVWB%$X<4RS zrmvl^uzm+VgR8t9;kCQ9wntVXJ9h$vGoJE;4RCNap#v>Q4qk_L>8Iqo@5gSBf? z`0Xh!+-J~=YAq1`nt7+TH7k~U!b4fh=7J<<W+yjP3HJGKF-xN`i&S0K*He(@x6+EPYppF^l1NhN+%1#R=Z1&=W z_9q0QH(3DC&Ri5&P6GkJL?(rgH-%l6zkGipG$4+{_-TdQJSI+1=UxZh)I!js=+_H^ zp4%R@7vns%ynkdgOnF-Q?WTBUN3tTh%B_Y|x>dxt(UhTQy%IM-S@_m$MUV&yRzts+ zf!_NyOx03>o%MGz1vzN%oSM+(yA@0Q4KclcE>XND_t?pXmnGgghi=7ZoK4vjpMck* zzedRJS;1wcR!IT?;R(}?p||c*`E+p|D^Fk5a(T*}p0E^q_kNl=ok-fVs`@<)Hx*|D zjaQ!Y;iZz;#4bJ2;0+diQ|-KP6J3pa#y&{vc7&+T(EvMiZr&4hn8sa5W2Xr<6GV8l z#J^U1UZ_Xt;BO}3RkP;%$bVD3w>Lnz{e295>aniJXxhxWX46qL{1AI}ae;z54oume zUZ9+r{q+W%s~uBk0Iin}Eq_*}q!{5b$Qn~T3Q*=d*Gdrv4Rh^MYxfwwPq=@RDTtaW zt5XrDaboc2nc9%`eHM-r4I_kSYV4^+&A0xr(sOV?%r z{+qWaUGpb#mRk;Omx#Lp{#|{B)EcTBum1qE5OSHQ7{1Q95NkMjhEInxky|=guDZrGK@78BVhX zMEA2~KH6Jqj#gZGhiyLSfdinp*xq_EP~BRc#ck$)v&XP;ehxm$%M7?$TLLTrG4slT z#+fsKL*eK(VB^=O7w@A8M|>)8HMcgqy=)(lfi%`-z)2*oprXYmK9J>n(A1*;8s#Ll zj+=dm4>!ZGJz%mx8SnHm1SCJOl}0&ZZR3QDviU1XAZ zEhmggi1L_uY!81W{ZNAoIPUPmPK1a9Ur?%A3f#!=TtV#7i$K6&SsgrzhHp|ogiZNV zssI9eaHXZe-=mqzwv2G;Tn@HYWgBGwl|P{5Q=^vKGn>BDBm$lLTwsroI9pNKIX$nN z9}PH-`)k0VrqxygZQv@sPM!2WSi8Yy$~$aV+n!Fv#pF|ve>V}AKzr>i#AkLN)+kl} zD3(sfy+5_c`JdAjVM@Ze3iDnvEka@)KpF`}SCyoe7rbxndFD|)k_!Kwol z9Z{hU3%GYD)v)fkSAo40x%Y=vW4Bl0T5lc$5yyZ~txvK>ErAt`@dEy5eTyOFS~VTV#wU*hksZ*eVNhVM7G> z;1~QcV3h(|a1`Y78%stlwXwgDFxysnG;p7@E}zcgfL#N&g1KG=O$xn^Dj2X0nNHv~ z$S5y4eYn6^Ac^E3@`woiFA?!_ z!28ePD%$Cl9>pD~p8}Qaz1_>W^)x1O?GGc7ilmvSr+b;5hWx}L2x)ZrCytDuL{%p^ z=)RE+q7hIbz@=JaHT*Pnk4+z}kdG693bg2`t~v)`H9R~z%CA)ej+W8P2y4$Ozy9u^ zoxHetJ$P-I5#G>y-2Vo^ci7_oCTE^EV$<)Vo>2nm(#sD^$-t`~qa>g-54S|FLcPo? zU%0K&r<%j{fw`SIcZa``e_Wn{W$5PjU6Q$Ev5|5r&J-4nT1!D^4TRld*k~4uBJbs-NYz(ORNatAYeA zp=aw>Ob_rP&C+WDl#1}4d?I(0)v+=4Gfn+ZEWlBu# zpQr>}r;43-<*rH4ML%DJ@?llYQ_*GkCUU6G}R9!SH+MX+ku62o;N z@iXs?eymL`od`L*_VxY)uLrGoEeH#(qJdZE3#^;F8@1wiA8z(9m;MMSLM988lC2J; z!f{D;Dr70g0k^)6U6Ux1^ME$nC0-I^!P_Upf=f1ZB7o|@p?+gu>kTdet&u8vXZ6)D z_m(jTe!43{epLe*B6d58_~HKHCIM9$(;(y>J#@_Ujcxz%UcsNag*Z9n%fWjyYO=u>kWlhegRR|p<6 zzruEWZ@qOir4gf-Iy2WsYj+oCqU71uruC>be4@&l;?yN>~M~pn>Gt|w@enY!X{O@r~jDsx#huI&xG_PCuc?9pw-65jlsBXJDS=k{wf988MTo(tR zyI81F=?P}bEzvREPcCGrvrmjov`*GXOETcn^(bX zoiwZWkHfGw?|6mJe+S+@MF&Wb(@{QTuRinu*}ONps^Ms(7bgT@ z5z$WWV}1&b;wsJBJ{rXaoQ~Wzw96stG{=iCI0kLyWZ|<-q<&#!6YzZ?mGb57)>?iJJxU@iGO6}ORVm374^r8y?mY<;9z|Zhrc^{KqG{PH1G%WoJb7rv+watx#s^Qf z;FJlj_txl;ZYOiER zv%9#+1P(HXAGtalQ8~Un5E1?KDfP7a)fnLeM2u%X8-_I1T$A8M- z`aE!3{l``NWolO+nM|BcG6ylbP$u*tY@5~SLf~LKVm$*1e@Md{UIHQHERE`INDDWo zg6%RZ8`wmx5F8)$HrZ@}UUi|KZtDc-kr4d2^-sqYHG!&bvZOrX&jIJFZYF}@9t`B_ zXjI}oiA1Yl7vat0dm|ZGEsx##&O{);kKxYrk!#?7cJ@Ov>E0-sY)id1P|z2b9t%=e z@O>%COcvj7gIrBY2#V>81dPO3vyc=izulkma!1K0>cyY&$`I2fFdN%h`JECwQ*w@A za5`oq)tS7-&$CYFZYH}ikhA<*30`hElVhVUzn9u{lX>qan#E%}$IR_%KUKv@ov)eh z?JyJP$wnaDvF<*lq7a`>X+_Tw6Y z&LESWxh5U>{?yr<)p>j9^h8`7Dau`ltQSY~y_C)E8RmB&SqRA7TxyFcw1;TV%1Dbs zv*{ZY)0H5_pxR~E* z1fmHOp56rb*5Y^i4HxM3ErwI%ECv&l7kurDvy9OlJ2|!IF%s9L@Y(>BLa#VAmtkML zmA;fsC)$D`y@1{tDd0CpGD50_LvfZMy!$>1^nAhO+Qjq$PQT1wCCQ76NQjy`-2lR7 zS-ZuT2HK!`IxS0}%i*UcPt4EP&t%`Va_Cjg%6$d(tUkk^*X0%X9r>g=YbEw+uV(8Con@FNy6D}@>d70OwWq}OQls!jYhYQm0y4!Bf4J-yzriGyqR4v8}Tp{m` z<-UMm)@ayl#ad0+;x26)7TKTsn=J>=HDx(29Ls8YM&fl%w*1xj+1!Z*|PByL@iutTQ8V zLjMokUh?-KonepYsOp*XKF0Nslf~DcTd8f&{9K(;e}(N@2isqNwKhWOO4)d|g)r;C zU?RUtAsXxAwhkEAZ=A|q7V_c(4y~S@*^-(TudJ^y)k>ecfdpPKcInyTe_JdvyK4d` z(4yHZ!=XCnC}EGQE`mT5cBNCk^dQEKW}=W9Hi%LqV4dJHIF0^+$t?gxKNDiZeHR(j z;%Sj+rs~ajZg1%Y*~qCr>qOA4X8|}VH4!_NU`=*GJJF)K5j_l|mW19INnf8cf3wX` zL^)Zc%sk{Px?!|%IR)0@TLq3Ja(`qG@|m$n^3n>@Xn*yN@y5O# z2%*!BdiERm@*1$W@TztY%>%D>PF$(b&|7+N@R^`FLL0Z$MqHsb4_Gz3*)zRFud30S zsZysFAnxC$Nu0f|471@k$wO6$Cq6bC5>8&e&bO^fm?x5am+>O6Zro)Fo8~Fk_zY@q zlZX8bB4@n)&xc@OFom{&(?rL~7xSH@*o4>kB!Nst$vm!=RF&n9@R=NI60FoR4lZGO z|NUu+*t`4p@vR)jNu<&3?A_BkM!U=uR=bHNATlB#$ff)nx zleJs1fWo4s-*jM#45{}qGh%z${%%462i=LEFQWAB7=PTCoVM66E!>MqcV6vsUEQ0n z+0lZr+_Rf393_9uBDSkgr^7SipyEq<8-vCKJ0L-cuZKqL11@|X&3ay(H&~C-zwwy; zP+>di*JB5R_)RMGUXNt(50f81<-7k;)bF&^+pfdnO~7>rqtFOT?sx67l*nFTFVV~* zj&mbir4)XhVRW3v*H12p`+-t#9p@+F>7CYdVd*i~pA9UNU9ed{+w zO&_kD_YS-{JBw5K%w8(GcFG)au%q?b0bRKDI0{$8IeweqK}!ueRhqifLmu11GN|1p zEgIdX?NCpn8iU|!_R+wj;S+7D;E6kaiyN!x;;nBE&w$zl=qJ8^DwosE}OBhkKEWLxn`)((<3_B zvHBU)=*{{3xaQWk(Y}x~gVyG$LiDX{!ilPW>Od+n5fh7%G}b@YVA=rnjW-S|Yir&b zaK*jGd6Tvc#Gg~5^?-|hpt7X?h@sFyHqE_y@H+Po6J^3i5X^{Qb_sOX2>xcqrR7$f z>P9b6OLR1lA>c~w;j_20_m29uuAIK0mip8>@9nj9&`3A;PAqH9Way;rzI9&gYS@NX z`Z{HOmKa_C^{k5RWwXmfvmEWNAYM3Zg?K8)?@f)epI8P=wMiND^B?mMTy`QWzdW%S z(OpN;thCzhhQ0VMhi193C6WAka{qZ)7>b`af^C|&sLh}*BL|V&-mPaxBf5h_F3P;O zi$6-qvD?v9SA7laXyj+d1!sg&;m(prR3A%sQk6`M3|LD&f31#a8Of0!@(Lo@8$D61RwHR^=NI;M4=QeCNCYVgKc!d3`Jemmoxjo-!>2{pebKOg z`Qhu5`|Xte-Rm-o6YH8LrK5F#XWpat38me_TmyDvh{MGYD7bHT5JlZGA z?N*X`0uWKDAH^*VwlHOURHo58ZnpMq8X;Iog1~nP_hfx21F9m$3%d!|4niI;Ohgv- zf1;I5TDccH;>%bYnrJ`0%q05j+|z^->TY_p!MO_2$K0dT0$)a;KN3HE8_Ru|Y?7pY z)awT9eT2O(^VovR#&(35PdJp~2IkW$HV*$f2N)zs;6_^Ma_HB`)BYYZ@cS{pan`c3O`i~DZB8v0_LSVlm45ySoOO zFFhxiA0)~(Fvv4cJdHV_C}Y@VTby5xUiLBDX%8q&B-pA@?rb0xEEoNP&A@#iV?}$itL_D|I9ME6v<{~W-&Lbe#z@j{D zM=x(nsHcp>+koq;!)#+(6}cRt2clZfh2-8a_S85%>F z%<}U)2!?c^MVj2)4tl$?oF#?LrSbwc83lZyFIFwhYB!+l@(lQhw*Q0{!4E8+KY^J* znP1^-MkI20@nuQp1;}N>jrj8}M$(&P*9YQD?aG~J<);as=oa~;p+X3$JRtgmaLc4I z-IVS0p+EUN3A??yPWbH^zubT4ecMw-jn{s^;0XZFyvvQ#-l8D9*N_n4&$f|75 z?kzNwB=Orfe({ouTk%ig^J=w!+@-zWv7R`b!KYFJ_Bkq81>;D+xE#9NqMx_S`y06+ z(bcQQ72!6E{z&yKEpBF`ZbdO%6ET4)>cwN-_Q}l!A0k6w$61m@K=cQN0h9u!@y=)v zIRB%mnPtvM)Bc9F-=*habG|GA(#}*UmFW*A5Wkf@J7;IE%GQ188r?=Mi05+c& zknX5{dHvb%NI@~blLOsc5%^T`B;LKtSBfd;P42x`j=j<8`rX}5&1#BA>`XIAH-#v@ zc;e@#qBHBRyRGCfcrst%IfzaJ-s{^8$u6i(e*ZtG_tb=e>(FK{fz~ED)Lwp~@$*WH z5e~QY0VX?Gk(C_LG;cTS%2Z4t-nHpzA>tS}i@GCV+Il4qNa)D8o6jnrj1@MuBxk;K zX(xZjky}5vhW#BVL(s%v;(*m3GTKk82*BlSaqb^JsZ}h{O~eL5NO-6sq*kMZh%Ems zR%s7!+FPD;U@8Z>@R!2hWW~;E8E4EQL|`KLv(GCeuFqs1K6^K-dygcm1fi!z5q~FV zYU1(yHFhadtO=u={e)>|->x?%la#yVI3fYtdbvkNBC4wMXCQg<5D+-#&hqJsQS9?h zWwY!&Q+CZ)-u6GNdjq7#=$TSIYE4aoQJL;YYHGYgH!6%C+r63oc0R~` zgDcZ{28oHQRewYctg%DwhC}WaKD_v;^zGE0MigZFr+mzt$lyj#Kc!!s?qRP~&#;)K zZZ9`~<&3K+s?XjFX9TN@ekfg%nwo+5;18p>^Sy_($&4F6tVlmEe1;CdViRYZtTVkY zcZs$8)N96BH447@l1RLq$ma{om3wz-nxhad?!;!S^e1jjsIIvW%Qfoi{TP0+u8nHn z=d9+%&o^mTkI>aqUt@FZ8dlc1V8SXh`~Po=Lv@73<&s*lqg6rV;x zU&oxZY0lGoX%*EBH`or#x>zQe`}Sn?jw^TvVR0;S+nU9HhK;!T#cI+ycaU1e8ciFb z6kihGOn)8maT|GP^^TfsRYYem?fIG~O&NFD{+O?HbS$*(Lf>~HwZx|%*MzU}ZZ@Ef z6?D!po%a0{phsvqh2p>0hnwXGhGCgB=5MI80ul|~zHN?Wr*F&Fq&Sozl_!vs&iP?7;Vo|hyeoF* zj!}!Fhay4!pM6XyBi(PozNzK*+BMxNXz>M53ofWmU99~1)31?G@6pvao}#lM6?9(_ z4H-1#F0i5O;b}i6SAsCoE4gOSiF$l68Eaxz(=tIm__22d9K3sL z2v(Mm!|61~A`$HFygI9%#L8BJdTIAQeEA;^^|V`E24{RU!4aAL$TVn6#rtZ98P%zu zcLrsv>>;iq$ql^0d}X@F*cMKP2xMZbg_e<2MDMnQrXbbumGyR7-M-I3zcn&Ps@87t z!!HikI3zHv53pI}-uSchP{{8&kpp*LYpBSr@KPFwM^YEH&R!9o&W@y(7Qc!h>GQrI z2ss4tp|(&Zk&Cf3IBQ}pH~mA3sc|O0A!&yKvQ>IatxTUXRw4it`-}Udr0Cc3&)&Bj zX{C9dN2S`~ns!;<>b`M&1W%YkQw0OEy)U+k?cS_ih@c&&Cg9b!uY56XZMLRJdutG_-j z;u9(twJOysnpY*H^gG>TCas*Xct;Jwo}~R;YCxbb(mY>KIO71Yw2yakzNozjvwhB@ zQ^3RST@TftDNUZv`+?e5_~wHQKeX&*l?~eLcq>1DCz2!&z6CS(Gjf2}B3}Otf%S*c z`~D`pB+6Fe;rqr{NhABLeE`1oE==>Xe}!qd!5JXV8bi?K?;ukP-i9% zc-p)WU%w7eeitq}%MyIkyq-Xw<8#E!6yiq8BYu-666}`U(U{22A5+CWVp*N2LFlZQ zz(J$#ed~Zm^jND5kXTEC1BVoAar17BW@0VFjuh@gNnUIjS4Cga@Ow|=`?gm^0%xl2 zO8J`&5y1B6Z!5w82WJGe5$Jqs2!>OqwGwcpN(70Qi!|moabbJj3veHdblsfCEb*IDaR*x2N_&7`HVDTd(oF*-ORiD3z6<)wn-ZDQBStX z>7+d}SX7(_OPr53%8W2#q?MhKxLq2j)2F)}eU@6W`UVZxK!W@51P&wS)}JeDZNCDx zT{|02v;5~sxUqOgl3;Cm916H-u8okucUVM2e z11Vmb`ng`>Hj6ZB`LbM=;~63f7>}c@9!j8q=j(-t9A`s zcg_e(hI1#R?s59uV+2?GyuaA-hI&w0B!+0j%GMGULu1_@3WPB}^Ag|c%h?mFd0xgl zcg}!13)elJD49V|dZNqdR`tv(Q$OSNzcdA@Ck`o?t36wkyExtA+@2zk$f6Q&(nZ~A z{t*2{TvoB}@&4Fl#RwhexB?4}6<-<-wzl&wrypTFCSaE3B@hp4Y2gWImsWlkQVWCl z82uSUQk@n9E5&k(x4zZW6OHsERPg=YM?Wdk;#2Vbt}Yi3V8&-|1OSzeqQIfvHAku9 zFN7W_tz#8Z`Q5?C8Jes%o=?_DpWJW?6|cNs>4&(ky@x!QFT&3_ULOBcQ(^v|5Fa2- z(|lH(adib5ofDVF$BBdn|27FUZOL!h(a5|kBI%Ch_uTH2L1i2%AwiM2zAA{I`U(ZT zP^P8-?Ho_CQK*y*4v~LIapiS;ai3W!$pOoBEY$3gA}dvZl@f`apB^wUdQHOJTq}eb z{uJ3GlGz^zwPn~5xH@}_kbGeO_$$p-OOb0)Y4x|?KdA~Yg`xnW(~ zeRs!IkiCt1#xm|3eJkYm%tS*RLm2r*lvQEU3F6 z^CjN)+H-~o8Vg2h_=!jdt&xNtsBc71!KQ!aU~g8cwZKRj!@E z?QmiS{2awN-)ZDEO&OZDIRRa4a zs9i?n;n|5H|_VpL-TTOQjqqeA{$`6ME~+TDd}ugJ!apK|68bbobs!{E{9O!2Ie3dVEj zJ-3*~44<_znmaN5sJvSmf=3X94(iN*4(b#HfKlxBI#%(?7 zck-5i%+*1^)>oF33P86i6z=z4fkYLY+(k3K6Ju)(h>*HQl762DO1>WYFg*2W`*+2` z<%(|}P~&JV(mWzq5nmm|lEZCi&V60{RV7 zGd+!9htzi{ju#y%fi7qQN!JIB{TIEUg=$`GAKG4E1HZjv@>>fWAbnrgv_$PHj-G=;_#Yw@RCgjDN`!z_NdhF zh_kGq73gQneOi?4!VQhkQl@X6cB|0$T13q{dZ1<|jgPO+JAP7k|E;yst;d^}SM!;m zNVn#m(s}D(Aa0LN>QIczmDo*(`kSl(6SaJW{lxx`=|ZO%7{8`tBI?7Op$XkZN1~YRi|{GPjGV#WZkiq|7jWAU@Wdh2Zks;hZ;LZg^YE zP>*p&zs0HLY=3RE3#TycW>DuzR(aplSgfn2R$)jpSbU$*e}BAi6*0^ZZnU&ZC6OV{ z*=>Vt23QTI$Sr8)f{XNvzk1*{lX$fP%`Y4vvAjkD&;->dTS$|L+cNLcl7n z!|Z))(NRu4t{=TrB*v*sEfm2CwTC{y_g@Yb6I!014lZSmw^bj?0ldjtT0bzk>YRWB zud`Qd=7XQ?b+1DQ_J>7E_eYBV@Wn|_=*hbFgWbB_?x1i4Vsd9^|IvBDYM;xpSKTGf zrBs=q)BJZY(jP|Ai;qQw(tc!6T}m`)tKF`?F_T#G_sgyE#TZR@)72$b3O0zxe2{mf zwK%U^@)7(IU17rzId#~*2Wn};t2JBU)I-nL354H$Kw_{)J3dX?ji0>`IcTjKn*zJY z*(yOKI(zMqD<(oom->(P6HP|+kwd$Ob7t@vT${*KLm%4nHd$;* z-kK8j zlW}}6U1H7a(!JPT5|=#w22>wLy^$3<_Bl%;(54*AF!OixMFR)j_b?A0>6sI{cLP1` z^xU(nI2{6<`gsF|?wu?zjAn8}Js&OUHRSk*Ce9^eCF=a!@!30lX3Jw1n0HlJwX!vWG}6Bbicy?P z9nSSQ1Ki!IU$}CcKHB=?c%?hSc=Wb4mbD?Oyd7Vz!EXAgj-ZmW@XmbAVEhC27|*Rg z?{^9iEDi$fVQX$3U*qsEK7IrARl0SyhnmW63GAOBPg(t7+BTd7EV`J$Vt7Q3cfJDGF-u;;1tFI_#J zcIMV69ZEUW)+PduzAC<^`ix?&HEzs>XO*mfnyx@e96`Nr!|62b$Cl0bSvOD>X+%>a zYh_s>MASsy*^ynX=T@m#cbb+CyXZbPnEH@S_>SiwYlh48`C$`3Q+cdUMau}AMOWAL ziz%bbr5|naYx4VlJRWpIj+7Cw14|dDhgT-}Fn*~^)O`898gXMI$#Wjih+Sjk8$%Nu zf&69XtO^l4p$cJ>_}F&QsA82rms+g3T%*Qry}T*hzy7|n&&^#OV?z;PT$Pc(a`CWp z@R70XSLPL?(!G+>Xu17Slu)@dTD)u~f|AX~wjlUw;;8M&IH2%YH(4F9J;gezT=G@5 zhEaABc=3odjyamdH=}#aFdBx-0wg9pqXKJpg>|_F&Rka3 z&7Z@Sw}b1m)c9mLe`jG@)so z@SC^Gh13CfxJCV0GILM+qGZCau*&GA^xOLfv_t0{$K_X!tv7KmILEVV4weE)Lt0wx z$|TQF-^|1Cuwvs}MffN(I!Y- zooS#*zRHA800#PePC*_0q+KAJQGrW6pO?TSF=sW?w7C;Wmq-cSVgskzxEhsbVTsz! z+4*pwhp$?9)o-R3Js($!E-^Mc$msN?Z`m(;BlY>g-x7wK<(@=Uw|=Y-?1l> z+x1A}!-rx=B?2OQ8SI@|6r%$o0%hd&kQ$6?T&4^X2~VR&ThG)*`CL6D4Zo3|3b2Pq zsAOEIHP@|oN{(m#aUcAndtWYd%|C;>|A`bs)~ihsnV@q2aj2|yE7fZs^^1c zOMR|Q@cB}^JI}>Ji|)-oOr@D&*xIiLfO1VpJ*w7s-k5}t{%LV&c__$WYoZZu_3-rm|6%Vd!|K|yY!d=O6Atd4 zK!D)x9yCaB4<6jzLU4x!cXtgg2X}XOcR9GfovNbzt9c8c0+h;c=!o$ekQmg2GDzCm5iUTSIeKqx zdx94!8+r?b1I)&k_Pe*WVBBjrlY8vvmRY?lKgw|JAAwIp@fUlTTumN3npT9EBhNqH z?#sB2UaK}Q31zs1a&6+NIKx2y1kNjU=+9Cyxg3vB*HaVpeXSG`+iW)%tBz5pIhWql z^?|zZ@6ht&``CSna;$c97+2?BDSg0Ly>|8(OyE$wf7hI*KM*Ik)S_Ruq-C8FTx)#0 z>QD5Z&Zc5}01fo1fYoKdNe*ZpysS+uJ0GY|px0%Y2*C47Z@IAzhYk*3;WUS-7i~jr zORrs%376qQFut+)$SzfzH+-dF`~kjNGL*|5dWhMn7QHGdq3h4NUmXKMXB;fGH`1!bojo4P9{0{&e{V&B&QeYkQV*SYOz5aYS zq4tr^-MY@{5vY5)ADb<_iJ|jU{l)m2V|{b&EQMyU)T!dXtuwh&?s`ps74B$4=t?jh z-0BSr@EZ4L#OEj)B}8?nv#kAtU%K)gkCW~OCrs~iq#=k|4}ZPs3pR+fbmlsAy~%Ns z!0}jtGmNHE0$uT0rM{C*``VL8QDeW<%5}(l!($MM^aR%5Wh{QDFY zZp%TaH&totyXkB%f2s?0)owhVQ?(_ya7FOll6AeI>NYc46ZWXQFP4s?B-T=jqWc$C zC{3gq^9Mj7fF9DKL(NwoTLt<`aB;s(i5?cCkV(b>DGD|!X*9VtSw3CGU~wFfH40Bf zWppNS{DfKD41v@fEqgw-PYy9LZ3S_RldBTme8W7i)#*y|O~^w{*&sIjMn9-O6Z;+# zkDYP%+0$(P_JY;=e8;*!6Tk7vmvP(jNZUUlg2U*OOCQj`r12D%r&av3 z%Hr04Ih=xziMkBFc@=XY^^HgLFqv6taBP4i)I6CvnrvEjqN8(&de6K4Fyw?;*h;n6re3w7 zXzJJ&ZTfbsB!I1@;t5b=Q4-lKQ3lm3M}LL`#bP9QUPZ}pkv2!jU_4!o1x6eqNgt=f zLEL0>BO^LgBhq$X^myk$IByz2Db^@eoNQD@qZy1kISeC+=^3e{Q2@k}S3v;iQ~$HW zg|-Z@Jyz~V9x7e1RLZ@=3isjYx^=nPjpW$;GJYn#{^da()Y%cBJIp>IuhMiEPW9|N zK^xB*p6IJIpYM8`HqIy<2|!g9YWcX6$LQGFS_8+n6BcMXc8=oK9BnEsc!Z7No8Pr7 zt)6@t!pl9Sns~56b&h7=gM|PJ+c0P8!5z}XD`fW*VSiR)tMD#jyClBjdt^Klg4$A_ zZFQe#%H}I+BpFiiT*BXx_)rI|N|iE%Phv?e*{=?gRn9I0K58#M0jH8cnJahO*N7_paUt_{#T84>TPUemZ9IJ7ETM;|Cbhn_^{rr2PDO=SK{IhGbCb4yz0h8&SJ9FL&2~A_(w=zf=qOuzlJ2;;I;gjjX!a zU}r{sGF|38|23`9ZFX#}{B<}qM0XVr=V4Hw@InN8KEVURXD=8CGThnZNp0q7J-GH;w` zyKgKQ>gG&bRIsj?!E0HD?6CblUM3iP*W~ETcsNrMou`m~P)C4tN<=7n3TyeJ+KC=) zH^pqa2d$hBR9xF3CB_t_A-D3G{wiU0#8dl=o&jL-fs|$yDO@)0G7GhU9NtoQ#rgI} zyTgegTrP-J0HOQKKKez`A~O*BT=x^(&37)J=xQFT<;9HF_AB*5xZ{U`^SUX>6ex_8 z__fb9n`hIT8~j_;NIuG5s`ZQIB$(k|*@fuHL!F$d|(2-#%QQD7v``2Yi z8GZRby5P#ZDEd!-;jfFjwZf9F%5aD64_F<9^FikdIm1qFmfvY9Bz&Wp6?U=pwcXAOMu+P~5G% zxzg&b3mKQMvL(SZ&$p*lsTKQ(nk~7E2}vlxI3Xd?vVC5EJH&;@A`^X5&EkHGeq%W5 z9Bu<@TS+o|-^oh7!NG2`f&DR{!eKE{7bs}!@;~v)$*F)1i&@#yGwMG&z-fA; zT%z%o({4oMtJ;Tfc&AyorIe4P)&W(3RA8k%=UV^Fbx9;3cFKGXXE=YB5ucM=MAQUC z2$Wlu-$!c!hPsheRIlx(lnXX!GJMgu6ic-}UareMKdzRR2N!m)HT7B0VQxQb1SJgR z%1RwP#_?7dUTp1-DX`WVUm}MMxu^k#!{~~fXP>^^afx9i7(4uY(9_;+1n>j|H(lv5{3T@kl3wS ze@-Q2%;_UT>REW5W4x&ekeeQ8C+jdkXrZ>yHENZGH1 z0zS{bCSbMwS+kC<-<#BnP!U$iafT)NFd$%Ud6+Q8%i*~mk~4T1HZlY1bFf(EJb_{k z3;&V0NO6a@#yXj?>#gR$ynlkUcW$C`m7?bLCHLk#Bw(y2`upl3UwMLv7Mw)+aqGbG z?YAm#yDtL7OBKZvG;g!YY^uOi?UBjq9hR3v?(ZY`DCw8Rvc>UwkWp9~quS*2Ox#@@ zFhmeUp66i7ok3?C;Qk- z#GPXx#Wv93>(SCAQi%qygz2_eEp2nlp6rJ1bMgYAz-1;UT9xGF^e5tj?c0Ks(&l5eUZb`J6@>OU?(saXDG6r2*rM!;eCDHT z+f{oOQ6!ue4TnlJJcRH7uK|7B2>R+gE{T`_ezL%RK7bpEJeP;g;1pGMoII3yI68-Z zL~9Q*8dg`tsqX&%j80>AC7E^9CweDM`;4}v;&9F$1Tx8Iwcpd1M9R%^)$D$-@qT$x z)C}lL6q`gE0D%IyyPo1}th5vVAl0&)gP+T6lY4^_xNrIRj;f(mCHaNZ{+LX^?n%>; z(L?&4gkGH9sdrHCi|YIoR&zDuHi-=`w+*Y6ZXNkLv9a&AwB05HAI3acEM<0KT!PPu zi-uge91cSE)X;}b^Xlm|DE_#@5}eGx{t`Lx8w{k*;cR4;%C&6+ z<(7^)v27t5Rtq-pqrx-8Yn0?HPD79PWega^q*FC?Ru>L1<&v_?V_dD~@XbC6!wQkF zbt!u|Qk(2-^xaN9E^;;XZdo4ew2aCaRU-8c34#mG`M4eYM2m!k%%y0~*^k)q~-6U>|q>?56uybsQ)uD~)GUF27GU}Ak$;d8< zYSbcYUBP}Kibc?0HOD=4l0hnaXY`=DP=ShWN-|fi`uZZcSR3(PC#jVzpL2L_^HDMt zE4d663U4wqt#>|N8x{vDlhfWL7$C6*O`1-L$uRVHb`zz_ha}E@b(HjpaJ!s!R?8Do z%)&5RljG@4Bk<7$#|_F1^=|qESKspE>&ASc-I&&N)U;{HjBcJ-#nqU{-iH3+*yh$Z zsFM?N>-*%o3(u+s3?qNs5Z5;d>~i&LzOxhqsDB+zf}d9TIh-QhTp-Yql;a%FbtCtK zdqDl#Fx7ej;5r9$=At|-HT~WgnnE|k)y8KCmIMM5g$VQv;ZCn=)O%LskS-noeGp_Y z*mmg+;yZ1_5v%~Z(+G}7f-u9)fxeez;RW=N2z31%N#zbz#h%RP!-z>jp{3RD@{v@%rnE@N@`6MeDenf zVf35swxZs%TL6o#x)+4Lr|}hwsWB-vPKLg8qI6lMP;at;1;v%{p1%pEV8~!)p;qqU zb8V)CKNg=4jdHPK|CY(89(%qp7F?&zXl0=wD(ly}v@C-%BwW|WT>>(%Ur`ne#74at zdUR1roNk;*PU2R~rdNIi{|lp_$n8rrI34>+RU{0zoxoDq(06Swr5XL9cCEWHm?#%C zwXpGE2XOy0Zj&cT4-`)hKx*EWd00#!H7$2lxU)JJ%e^c2=*4|tQ4Q7PA6B2t78&bp z7i@2S&jyAweH?P4Rp3#|y>_j`uHkxZ5y+4h1Z~}{kX3dS>(ExUexdPNF+5d|Re@`@ zT1Tsts(HF_peg!Fa8w2042+(K8vG$~NNh!r}fp^z2UN0_G;H8JSFz9ap^%+ zVpX`cY<|ErvHh%0jyx1$GMQ)S+?h!4?6NYG1_f8a>EJFHg1s;dp~C%`DDD5zqbxiJ z`8hU&nrwFw6B2hqu?kQRk--JC`hx$ zGt2kuHKf_>DANrkqDNoWsJ&mI=#|#eQK@U{g+IL?Twud>-F6jh%nmGJ9&Kd$Z345! z&YsezrN$E3#@+E`$BKgixNxQdf+&i6&(`~uBn@eD9Z5;b`**U$o;HP-*=_)?1P{kZ zS_Sw^d{BF1_NXUn-&)#7=XjK)#^W^d1gJau@O*o6-!<>wZN_R>K9aP)VP-T`0FqX? zQhbmSCT-RR=9)Z*cAl+oOmAe_MSpQvm2EJfp+70)P4z`m5G3RscQUy{zMLsy4@R5JrO>8nHWxszxas*$V=O z_ii~((n6TIU(xn?TvKG0U4GNinuci-H^4SSWx+!4s(+!{nBs(Hi5zyZ3~1v z^?|TQ&BL1lC~LLtqG17mTTY-BxGgxmDk$2gg3+$^fa9fQV6plKJH61;YNt^*$~{F~ zxQaa_7^302XICf%i{$O~E-VAdfTkPtF`?QD!`iRK${eno(dfv{+!QDsz;LhJ8286C zXDPxyIxZ>-Ng_wDbaNocxBz_G(F8Aw=A&>&fX1zW5YpWI^f+HX-CpY{_>v7L4P=KfY;*+&=*3U7On(L3*A zGdHLM=WOm$-WINxkmNCE@Pp}iZ7zTVWyw>Wdw|1jyxB^uba-eg z6?{?74SSM_7#4jd!lhC15=rclMcf;0-KWj>{I2cARMnDeJNvLgs{=JwoT}{*JE#|hDor6@mO2jJtWgQsjq<+@gJBVTEr?AqZKFTD zSFq;)BUhOGhPy+5pRI8pRgTsCy6hcQ``sgzZ=}$N5GIV%sFz;x<~Z5wKN-kg&K8yo zQ)iD129s#q3>c-L61hX-oo*)CHjXQ{Q)~tFt3BGuM}MjcNlq9}Z&nSyS7n3=+b-9m zI9QYOyag}IId;g=H`r~gG6&3Bg_r}IdM)@1K&0?zY~DwljF~p)h;nx`T>Ek}Abw?m zBcXp#Rcv*m#%#U;w6FAm4&0YzbNv?Nvr2N7XHpGJuBsEsr&;*T;6t?NdF&hPUcwUFJ7 z4bA$>r?mpB!-Q(0?>a?_{mJt*NJCNLS1N&wwc*HrsxGq0q%zIgxMFq7@28V-S#uOCh@7x55&srAKPwco*^GUmP`9q*MM}a>`VXN?3<7(|5qPpbeZdpqhj$+7~7N^99+zZ6IM zJrM%)&BD^}6!Oxhc$~%$C(6MmF4BT=#cH3vH`B>G^TbYi2-hFk4}4H7O;~BcI^z1cEt?T475r+oU9o@H=_RtxHXz?KI8PKbsScPL zP35wnGk6Ha=Ms0j?Bp=wPxW-BRnucO|2FB^aHaOpa_nGPq(yO5pf!m4Q)HsflSyrwp5N~?&dW*Xw z=7T6*P8!ryVO-&~^VpMe@nJ@P-eXO8U$$s7cPUVC% zVXu#xXUgW(Ab5d5;~Nt_&sVjkdxOy`Nh6wbhayK9=hVYAHBlpicI~d)4aeq~KoJIR9;p##&8xvA zryM>!x`5~D9xY!2;QzW`@EHgS{++{Mrt9N(t~TIIiAV^O8djV~GfiPl!IzqjK{aeCXR^=a<}#CAgZeP~)P_(z z*quLdim?;F7DHLh46g*$M31FLlOkE{i#AB)vapGD6E(xBqXz&I8R|H`UK7}-lEIZQ z-Z`Tc+2^Z9VAx~C4F;M8s(JA3ULiEMMH?sv+p{yf0&9m5lu#Rn?lD>7oGW(dL>Tmi z6=bGqJ2<%(t*rdg=SL1JF`;)JVl_}K%TO}Emh4y+M?eVHQI;wG11;c zu}0X*0hUwg`E-;1>Gs-KC#{*E=Fc6bu0J2Y648s=5R!7`2#qdYCAEL;3*dNhQqMfh3 z?y^))%}@Q$^AHj_jMCrP_kWza!5YLiR(KL%a67+&i-5~d#+Mvo2+3J=NUm2`tADf0 z589^Rst2?Ja0an5-QS8>9w( zKH@RxhDbj1KXX{~DKD`R7Z>-khbu-=yO|Xkh8ZiPH|S%w7TulKv@ES)>rV>%R1=(U$SOksJ{Ic!v?WNfP{|>? zkQ&hPpdcc(0j`n5&7lUdl%HzLWQ9C+0i(2vPBfYG$_gC5Rhr}Y{P8ODt0i>`s?!Fg z$YJ<1toIWp9W#v1+>?wS;;go|nbZO`URpQD^!h^w6p|3j70b21H2I`4wa$SR7q z7l)&)G(J>KbGH}O{F>Dk&!OsywcYiyh05|`;L&9~$Uy4`$C{ z->P1n^-~VcK?dDz4#z6<+nFXFVz2-$`gFI;`HtVY7ZyI9sNL*tZ+Dd>!|E!B7^(00 zS0^2k5DA9^2G(SQJv5?yt%%}2F;wn}a z&hV1XKm)ugHPQ;(T>#pJZf`OPDlJvpSHH^S@f)>!w)9Ts!AT9D%cITSV%A<@1;03N zs$^a8$?mQgJaYBnk|^E#<2RpEnUCmj)A)TLQi}`Rr zOn{)TCAwo&K5{wp z=&Awh8!ubcDlP*j=+euiRs8N7N993Wt-_Ni%l??F&JxWdI_Y;a0G=eXsTWE4>)cdz zw~3dWj${dtV45CGbkpfSiF3|N4`CVzvx8cwS!raY~Vyp49= z3*q40bP~yXtt!IUY$fV)w?>O(yo16 z+uC~Rx4^tnXgUd#5lr+P6{niGlHd}S4!F;4dDw+8Mf11(Hh5}{4;P2Jxf!o`; z+s1R2iQv0EUd}6+^@I4pOwIMyIsz?}{srqqrrznzep>K=qBd~Uf#z@h0eD0S?eh?p zh2rqEAAKk_a~_U6CwV(lRkp;b;IFWJlcp1_F3?4Qsf$yFBXXp? zpN3L&`w8H8mYb@Myrxh-9zoL1BIA6*%BFiAk*1Ydpj4RejNUGEdUIxI48;jY6-(HXVS4PYV>Kna&vGl`tfDDkXocXpI>F;~maiL}P*W1;kF-FPD)J;Ui# zch32;!p(KX_U1!(3fNVI%sGW~*tB_H{%+F%EZ|K}8?I4XH&>U!hOD4nO8KQ}}e ztVTdA4R2Ys8lAlMv1j51tGsO=!?+}18}(ODJuo!L3*E9Yn#-#4rZZ8^i zTVvrR0GYr$!7%v}nv;N=1!Xrnt&$6tTOP8pH?=fwlQy5vNfHD`Q6$v0*tvJ|R+-PM z5t~)o9#vgo2)Gc`yAKJKeUSwN(AHxEkvw=5qnYYO$ z8|j}8Dy>#;h@8t%=wQGn_Z5r-UUwq+3q*p%ypt=6Ser}BKYJ5I%gpA3FiHanc~Z+t zFygdVPHPqN)tS@dlRW_!3*EMk+)!Pv0Xe)St=x-#TGL_bneLwk$7NgPP%sd@<5?13 z&BkkIhRyihxfwzC7cb94^V3)XS2&aTR|vfqNWW#dMCoiDPDKaX}qOc z`W@7(-9Cfge2x7^Tom4QqC3!jfm;^@SiVaSBr}aiW17HRu{thmPH#S6911_q1H15+ z5S(3Q_cT~GKc9O5mAo*WZnO}QFWWEUTeqj}HXXP;WE+9hyX_ZeLkma7!3JYAjP4Yp zg)oG#i%5-ghuyrgty2!(W|=TejSK%{w6qbGANwFX*wA$_W#r~W7lKS7(`z;ApT$(T zOoM{aVK!v+IOFwN(9I*$?6HZ*%}V>US=%G>^{3at_>6N33Cz)I(A6l4w2?adZUc?)o_I4VVsUtpQdnK zCok#@2RTRcZIzW1>c2e6&QaGsIo#Br!tR2u96_+CkWSeVyoCZ>x)h=Jm z9tuNnLgNrF^ol0(RJ-4Kv^XSbi;FvNUf+{gNt0<-sWRoN5i(BNZF6!*4aT9|Bce7| zV8(pYfn%?+Sj1(gNV5NogS^K8`;rMxikKPR5cKwmve~I6Q-Qv{5oR?~p1*L*T^S)p z9niUbd|f0|3-GePw0oC}YkUh?X@G=ckceP;A!KS?ZzbBcNyuA=*!sW>MUZ&2lUNQh z46Pcxk9&p3I)lmqJ8zLYp8@Ymkh;nSKYQtN`H~-d>zf*%9$^KJjZ>no2!LIM zpmk5=mXy*1kJ~9OW^+B9RT8E0=v1|The7A=(z281YEN+2+14l!vf1xa)cIt#+;4?Z zD@u=}hEB2Jz%4cYr0>=2cWqiA}BF z3gL4;jn#%8<*{+fE<5`6g?g)2d}m~P#j^KG^{Icur$<(QnGL!)znQrS#KQd!d8?Xk zNvy#`>)FzJ)wT#pYPlGw7Tc0;2zl7`FGIBllko)B7-x!7m(8~_Gy`J%sk+9)#6y8$ zmPYz-SfWyxrM4VedaN`3I>ex}f^&kA6m?Uyh#qZgrQ%uSlESSbxxI6G|o_S?}%H?*sIQVc2Jjp2v$BIy^3( zNY4VTNZ$HJM@nvyE!0Kz@m}|OjR}dhr;!q?qwk77owVEyvbDRWSImC{ZF=1;Y9V;@ zF!NEuM79=v2<0l4Z93V*9w>TPz%?u60*9P4qYr$$CNEe=);p(7YDa-C!;>crNd5yz#2gGsU*;@ zK6smHq)4OZ0}tW=#K;QItuH-$iA@N3Olo%?g!$Gj+L^MI+pFdZ^B{DTRw)d6F-k05 z38@(p%=DIzg2e=IJ^@cqOZ!_3JGT#_x}lk#s37df6_i&rauiBK1h~ zsWKXCwbo_K*;L*-osuO{EPOU7r%Uf}8?vdTBjhy`lM;y@x|Heih{n4!scT)1ZaI_tZxc%u_YDxy{dVf56I1e^PNTV`G_7su`KW*m?gaOCBo z+Cx`3CG~6FT3*q8XE2Sm_Hd~~t~^^8N#v-=6}3COqYeYi+EVY|{2^WEA3qf1fD+AK z_j}tvWLmw#4-@%4$>CyBIq>ed_)uyM0wYXZd%TGFg+fZRQ^@+)yLKt{^Y5k;4@Y+j zK&9>nSQdaBm%KztUB2R0bzJ0&2Z~TeqtX8W|sFR z3q|A?VKleAfHG*S%|B5U-;rccr5#MHZm`XABBYWHsLyh&eC_P?w_fv9ZMDc)X+t zv_hz$4If{f3vsyfWj=OU>@I9~ibqmJ-ij3o-g2$ytJpu?Z=#yo{<^3QhkBa)Vl^$Z zN*JC8%FFFoYcX@~l@Fq)p~Q~t)G24|I*TC+4=KmX;S|7X{?iPW{{$<*zEqswjQSZK)L$>#;a^Ty+a(d zN-{A22?rNXHwQTW*S6%y6hrY9yZ@@aAm-?b$_+wu8u@-n`JNU zT#W91I9*dyWeMUDA-z6f^!s-4qWhICTSsmy(mc?F$}BLG#IUsvE5DWIR+6rCB&f<{ zmb9qmQ?V@6+c!qEUncUrW`5of?AQ9Q9WQ9&n+~L7>w$Ph8KsqqwbqOJ)BtGQreh7Y z81=1AyPsney3V5O0)cOjdSQ>hPhp7!4bRUeV!*`fy}o(vrA!jL^!tePD8Qu#1%hv_ z6vgMsD|v$P{(Wh34dCimL|^#=_VP!%hj+7?-gfu4H}aCDCKs_Cpg=JdNDj z5`PWca@6?u>*0>4 z+?P}e?~FA4NhU(O5R0{ey`LL43F$Oh?=<5EC3s@>)oooTqVNNpHm7a%;gwAyYjM%B z8&CnbRA4FT++SAHb6x@8Lq@!)*8X<%0k(Cx4(nIvE{D*7sV%kS@g5zb&qw4dFz$_F z@IMpK^FxiI ztwwD`?ulbMHUYa;3qq^I{WUxw>0$sJW32nDOo#9}ieMQzY&RmjhhDFXoV)@p#aHDr0aFVNdb_x z$o+$uVE}dG93aA0J-9lWr3OjgN8no;zws;^CJlf7h#)DTm?MP)R*FBl@wh(~-CtP1V>S`9?(hIxOsHHa6P`?hl3(LMe4Xq&Zh zw#=X(R(INQIZ)3g<>oH6xfAHgL-|vGkkqD^BL{FrmVH?31}u zAzOoFkd0oNZ~8> zHkO9Gjd&|(mqdxibw7#reQ#0`2i8^Ue6=~B<5NJLl$MZ{j9cjWSeP@CXWeGin_T?D zKzd%fDCg<@({6?bpiaGZvPw2Z)O4&ejdEjysI}Ke%Tv7mHXm@bcPbu}=jA&p)OCM7 z!v%H9+qAsmfqJ#u&^%8joy=)4n6CPU%uTzGbl4kU!`#@U>eb){%Ph>BEj5aKB{-V2 zDyrynZTkk{Qf_h+hrF%M3OJ5D^yu3EB?j-j+9QCtA~eP7yzX$vJmRrF_U8ay)z-## zNpfp(AIv9Ri~kAEOy)He?tmeQHQ0ph7jnWPpC44>N$qCe z{nH)se~F{sus=tjM!SDj?)t0xbwczu;(J>kA}RW{r=5mXjrbpV!u>Jd^S@uYCiS(g zkNt&_?H||F{>o<__+NpNz#TexSPyXiwE_KCqXGUTps4_k(TZ8vAHzF;Jq}{)Uu_9$ zyZw0n%%%0O?72|`n1JWIj+8VQ`M)0he|^(``l~mzzuwT*OqtPdKTB(JejS4(uL_QT z?j`;|e=GI|YIi&v1JFCjWYLz>{r%>f6XYS8t;}eb6zGh%{>W*S=K5Gia(9I_fQ+ zJMPYCc&qm_Fn|A09nEkn&9)25?1S&ALrFIj*|`7eo%x|CWmW(dMPTT$1!k@%=MPA- z4)Wh$@#8r3NW45N~)?eYI|Cjaltvao@?`Pa+&zlW&*y#7=&@%{Du z`IFE``2h%b=t9GOza4T>LxEugItb4Y{m*s$Ki>SG{?iMc42Tm!=|=6pJ&eF#!w}{o zJ@~7RFaLWk{KrrDgHY1S7&}KQbbfmn!oP-*L4b1kCoJgyeDi<$7vj!e>q~cMmj1Ul zpNwC__;;9qdIJQ^e}{>`1(AP;iGKvY|KDN4>#4$#{6tO45}!{ELoFcci=0}XLf)73 z_acc1lq9M@Emg;;?xu9b-?$2rym^Zb~YMfUFNWz+UEYh2`R*-C~3L|TCQYLzaIrle%+!Z-KgWYL$Pz{GYsmpIXoSg zKMiw#vLXKG^)|n5Vf%`Q?6^%2CgeB2|H{W_emLopaLH{8-?=kY0uP&w^BHS?K41T11L42S?z|cWp4Iz| zP!7=aG6hA~!F)aa%Z4p~nn8R8rRioztVI5Ha=nZOti7gTDCmELtAF_+5d*WH@{Q9! zuVega9`+oy=jzw8Ij(s2{7*;uS7|BSb1EeSc*5UKCm}q*4Yuyy^FRBSNB@toZ>EBb~SIqqPQ~)N>zo){#r^0{4iGNRpzfA=%L7O%` z8z{sWOC{~cM(IKApW-yC%|hl&r!}VvdtXTl#?oQ)=AtDE6hJas6HDw?%$?*Ju<6 zb`9~RezN2HJn{jxln%vv^LHw1rS0OP1@l8Zw2$PTzm3Iis6r_eojbG4I~>Y6f*HAj zqx)>KgYwB;8jf)>BnlYcUa~c@nJpG$mds={jm-O$E;aVUqaeihpU13TIhK~brc#=z z8$$b!u>r}k(tGWa$E)V2{4rRfqSxFfEgF(bK>xG}?FPp}pi@OY>RX8oHBRjROnvz; zQLceD3={QLrXQg<`(l*=jqK8hPo>vuYIP+H8a3uS!UU3EI2J!E>h)Es=fv&B{v?S( zUtXIp$IJN8JRIi#NTN3oq13C*^5BJGu zLsgdt6mnUO3#3iwq)3``sKkON_=r4C1oBo+%t;8QwI->f_&A3Wp)+DU&4Trp?}X#a zSGtKNgD|Ln(xLh#IY8<3PdY9;cT@VG4pF{|kcN_75}1F{oyWKrZzScuoTF%3Md8aD z(!qD-&monIWt+>nU8F=#GaT+hoA1gQK(V5nyTG(#amIUu$IU(@G~pni zLF|0cy`->o3yu{QyUN*?JjZwK=V|_FHk`t3kTtkdJbD$${j|HN}8Ve_335&d0SikpkiHw@73hS_W*M?N3>S4M-1E{Z~+ zt9l;m;aq`^3^z&-5kVxs2U(fEwHYWqD5X)1T&}58U*`jO`D%#QM9wecLMWU!BdkD$ z!9?~v7ykaXpU&iS^P{Rt8h(kDK8(H8#a_YL&357Uw~}3Tt@`8pdRoB^endbAD0#&~ zMR~>W{2XbXLuSP+vB>up8*R00OR_&G+`pi&${7m1W?y+W2{|8EoPT{dX-uOQFrL+& zE6Q!KfUjMe(xzPi0p=9P#qidkx**K-`p*=TE~C^!p#7A@U^0{PBu|sYyC;iokD`8j zmpsnfoy^I)WX^)1XsSB!sbd11Fy+$>rZ}2g>Srz2O+}V6&!UBd`%?w^t!wtpO>SXg zv$}fYaq?XJp}}tc2fJ+A>BvX#N{qG0%oN2uGRjeSVRP37&ttI3k2VY+P0objRh#a&`3|gf|m#@_e38i;hFZWdDb$xA1E^?%w|mI;BBUT4|6j5s>a0 zj1G|)Nau!>NOwwiH=~(=w9-9b(%p=X-|qYVd>@bB->~=2>zwO6uj|B$4L6F89#6{8 zlp6N7X75;+j8YVQlCsLY*jdma<1m$oKmTy$d9bv)al;#__R8x@g@)HIu?F`)CB(9lilA2}4uTkGER!!Fzsmvrx@_0ek(IWSRoR$hd2RwC(!K~QaoOjk^E1-w) zzE+ii*jg)k$V0q)VWELef&}`jFtiq%OUa(2 zUKt#qcjSk%vlS=9WYz2^k(K;8n-T*Oo=?w7Ah*#s-CEUhX=)BBdeQd3H8@4Gi8IaR z#q^8A;t%1?VJ=54%Vk`iKY|D_WobFH+2)LWl6z8`2qiB|wMI|fe@BWc|J!BD(Vn`9 z7*^qF|HF>4{bj>X#u^ZQ+dp5Yu8i=zGVxf(7Z!o}5NAIdR)wAUYzfz$(9w&jO5WY? zh}eWSIm}+)ChC6Zb{#yiD4(r6rPT+7y_WbA_qrgtU?~Vi-+NT87zvbGvT)AH#1px0 z&U7xxY+WC-{>>;K)_Ygc7fD`W+ZfdQ!`3Q-LW?9J3YqB3@b%xncD*YV?(o<0U010` z^{Jrve}?arf!2Q)1=Z2!xruG?L(%FZe+|%s3qL~=wchM0cKt+FiIr*f9z<}Pg-|yg zK4+n>5sG|(7&SRnVJ!Q_zAI>sZ$c-rV|R88Rc?j(FYqJJB6;?zYzeU|0XM~_G>qWU zY6_3UT-QTyt*fI?b;NeQ4)@;g3_`p~?u@dCi%jtYBh|rJl~dqUhsLJceEG<7KIe|3 z^>+bgrs)=TG@GZ~RXdP>ftaruY9}vl9qQ2i)P4%<#1hb!=lWx_B)Y4#!S8p~5nZG! zwo@e)Y~S$>*aRI*osQkMyDq+no^ejD*iE;%^jvqP@%1ig46IFt5N)3S

-1ep!1k zC_3xsr%HVRh{M`ycD%7(e80WjP>`eZS3`2SsiObbs-u?OFuWwD z04%#8zBXyGj5O->No|d;EnwI0SzAbC%87}50e@+6_g*mv0-hlvd-r>Jz&dS?T*f6v z0+KYIV*RP}q{9$A3pKel$n=qGH8AZNZjCKg<+DR{a$G{LhA|fgh@VnNuk#`dTcx|?|<@sC;A7}Sv$_UxiwCMxh&#)6L zef`^HKin9rS2kJHAjf-KM4{&b;s$I#uRy^-MrEuJBnQFEpoD> zRu6yJ&~Z1ByRQbD1R)&Tq>>6Z8@>J*O)sooW!P!7ENPxwUeMfJ20XrA@;&GjTX9eA zbc{qBA<%*|0{k^Q04{p`>s#Y$K*7xkc-r`ShotTE)}b#oNs2s(vnDO@|WL0}lndH^m{ z4>zhg65tV_ptnZu2^Q1mL@EuQYayP-W%ph#r;4urCPC#aF#9G#=~yO@*dhAT|h^C^@1C$rhWlkYGP1^pV{16tq6_7hG{=4~ z^H@r8-Lm9<=+!q4#w2*JT*f2y6ts}SI#X!=^J3lJmODj6iz6v(vN1dX)KeUA`<9G@ z>Eme3e~R4(50gC*EqL9)%nNjeg_>2gnZIGDqu%@B5Jpg}OB)xz`S=H?rc6fQDP7T_ z%e+O{+vz~Yk{qA!ZENKmGe1hQwR^+x1VJgb$oxq7QHN|Md!5mXqCc38uCb0Xk%(|8 zq1TIAb*cM*FG(=DO)8t0M>$-TV(Cy-4+I@bl=_nbIy@V0C>Ef-)6ODpGF4+6yMIki zUZh1#QmWPPeY*vbEg2wAM<{agY+FKHy}saY4(;v|MUQcTS4(c(uda{ZY!pU2l~QO$ z2Yj7lu^(EUD7>!xqhJD+rm5_Pj3Z#qrC%)`rU~FO=>%%y1g3*{{>&MmEW9imsJ6w?*O5w18M{Yktcoohbhs#d$<-`ZKUV1w`7>LyhWpT`!6`_VwE}Bi|u)L z!rxRg|2)Wy%h5u^KnKhhxnCwQDmGFZh%Q+fB?&w)uR_eVA9oaN{dw%JH21e2v>HV_ z;K8LRH*lBwD0RPnh0trVis2)v*F1|mtbDbN(>XI^4LWt6{bPta^g?ETQ@?5d^l&wI zv#C0hx8Az7e1t;maNvv@v;O*(0H?JuMEG%MO$xVRgpNm2_Q|1(kA_=JfWi~bIGXVVSE$#e2Cpx zT+-|s=O+k(c=$g3!=EdJTa6IxNjjN*EZmPKAWae|VEmceWTGM!Dt6I%)6d%R5Obb2 zf3ykCo@q<2BNy4)G#~|VnsxwaU49eoRq9tw+ZY&ES8*Oq17oB01dv^GgR!q1o2Tz$ z;Is}@E#w#A9IP^lxF=E;%5}?7 zA#p-$b6RtNta7 zNRBfLxDovNirudUcKQkV`($-XQtjt$-Q(=&`$vk$`v%c`Jf0ea{JZ)O4dgPdc99!_ za)|e5YwxSj#K4PepLW;AdkF+Ld6G!(nH7CPoICSI6*PI}yGFR{xB|IHuB8rIG`l*^ z&PK$>{B6!yDh;|nQeY5iNNtkB%R~va>GQZh`S5#<8fO_8RCqYd?fUM&nvvmHh8~Vf zal;rpFpt|2A<_3v9N*U%E5|>Iw%rqLHfjIS>!*F}cAalv%9(Jv&-FZ9tg@f2EZdu@ zsYw@#Xn^1}%ZymJG_g1?a6lHwhnAsOD=*Jh&_IH(W-TVFUqybhShPQr+WY|>bZa}* zZ&9?EDRDNNI{M&ezp^CSkG&W*x9napgcyA398F&W$$ToXi_PyiD%&S%Y?h0I^)!0q zC+%CT$2I1G_+^@1AlDG6o%75Tc`(nhNAj)bmZ}b6_QD?L6b9Lq$oHGk{GtYZZ>$cFZIvnQK~7i zfqv`quyb9KNvpDrM^^PzZRyLiy6UM#=$Ji~+2X!|$+F6oJah+j60!{}jo3)sYg2>N zIR#iy*UwbwJB!q{7o#`M5v`8kL(YHi5VBU!3peq<8&|J>UL$ zDXX_kKA@i`J4q5Y zi*&=M{Y0|tTxDADoi@phuFabUzz*Rch46g7qljob{n5aZ+gHN>y|CC-F9` zl9=z&)8|gGK`#KB(015@FW;2<6pyq*EQ>c6n%iAdKp2Pz4w?8Y4BfyV<^-7vzpgRWv5qJGN@K-ZtVV+ngqXJ zCZ<9Me&ONr+=?>!oq^ERLBL5cw$U~4^;XLB zBtB_odU4yqqc;?u`}X}gE|Q8;J{PNDGckwa7mRR#&$9sNbrU=|B>HQivtEO~nxymB zK&pUGH<5j8!aGtXakTRJDYP;JxN)Ppd-T^~XjC~7t-9|PG6P!@t?KKU*tZ$LL!~xh zg@Vf-R&fwYXbw4QT(E+BOAq={(htOdJk2yFkEAfDyqX^hGh#O+Eh|r!)U!xE9n(&4 zY>OeE{2mHXKP|{Ns-v`;sd#7k`8Y+t2=-PPuPJ!{u=#B}J)<4&l=LfUi!EMWlveiP z$24`R3NP!^gBK!wKazsWbC1ET8%ek>a%6%Vv|)hFYJwWmt&9_DdN1EFgD?61bYR?v zhKnzse~{U)VF%|vxj*56T`nYf10wjg<<8k<_Oo(9Z|}1H8Q*Wt0t#uLQ28L~&f8hd zD?$jOVUe1fD|X06YjBDIu|hqxEaWHcK$ZAa>D&cDwlohSA7a`nPpj`5px5wG$-^$P zeD8;Bgt*qx?VTACiISN6H5_Il@WrPyxZ0=9{2q0X9Q2MC0_xR1Y45a4zpX!JIj5Ad z>_aQan+OdA-Mw`nfFj6bf91at#Er-FEm!-@JXNILY7qLg$M&@5Ig)%UF#u2oF=^EU z&0nUz1Dg}gY=z*I%k~zy!$Hz)#x;q8KRrb)O#D3YvqnAa7dvLey14p9*N!LZ%f>ASnJ(QVCf(|Ea6bwMUc9vUAveSz2etsU>YE?Va-SlBdv~MoT-( z!{5hajqh}Jj|E>ImqK%{u{!S&(5VJ4^wKt|n)39`axGtQsiQRyIvY)(H2t6Ihb3?R zKZqbH*3oszdK?eA`LeFN*fE09u69mZe5wxMW4a!(SM1r8aErZWKJO=8=3>Sps6N5q zy*B(^rh~;j_|V30w_A7c_fVpwK{e0yslv=-rcggVRJb=cIu)<$SZW5D?=)J)8vUBO zS@Y9A90qHZk{@t6)a#@XzQiW&;q^{YJfd=M_T3GokjUz|9_AReCJAY#|FC4h620F{k&$^DYz)?ZP zOAWDU2LYD9bv{q#Z?mK>Hm{BH{fdt1O1)@(ARv*dEC$!G?c?lXt70XszZMkf_SxDs z`}1QzX{GSyqt>g$Nu4JCO_U^^H)=mI$${gBpJK(TmVN+up^RLXnK-xvItga6)+la2 zHh$1Jpfx{ZI@??TEtcjW1>L*kA-9JH0@t|cfUhUS8xuqH8Xid;&aJDT1Pl*1$>-?2 zuips#3ghC~qfNC79X+H=p*@NI(6hzkPF&MrjGkIbwdr`g`{p5E|5wM=Q8z1s&SyIQ^IC7KUDkDS zRSHRiq`@}9c81E)88!vqE6*)Eu0LQ^sYqmrtwM}$ntz!0>41l7jPN*IN7fOBlDhlY zINNV+SohR{{euCBg;nP5b74O3$@`5;<(wAG zP4R-_UL9dkYc@k4n}pGst)kvR`Y;{HbGCV^vQc>Cu6vY?|hMl0fa;y1;HQ)XBTa z#VRFts&n5SODJ(xtHs~jkcW>PR^gM^X%^o=+A2s>2+OdJ#T>tk4DDFKyjPn6evKq^ z@M<}u1_pn!^Sc=Lpdl5^rMc+`uCuhXFp)ME)(D{FplC)8n)j86Uv|f8>6dke<7C@> zzhhN+_Nu$aBb+>`O*&NQPB_@={yj@6&MQq+l*+t~*CG!7$!i0wm>T2tA;jtMeykP=}TR+#T9yKabe?s{x%+m8`HRB_qfVatUv zFdoZ8{Af3qhb8ZBAi(HJ;u_zBsm1`IbM@w^j@p0h zy84aT-;A=_G?p(?f%R35vYlsWcVqC(_gMvp)0UV|4riIpy4y0w5NK{i>utT$uxuYC}Om~HN=p%eyRIgCRC$w z@rD_6WR>QFe~nM#CAJ;dGi@ew_aR~6)EKf3ZrRROz}7jQN7R}Daa>yZF1J&Krnwdb z$?XOZjXnal7E$6^m-l|8(pWsIJ~jhH-%G@o&+cZoVS0#rs7&|x^bgaz%i^VTv5!M1 zqXu0D)Xh(a9zaR2!=X<@#KMT2CS%F#m;iWlvcAwkfQ%yq@93^W0tkLQH=3#U6h*?z ztLztY(yg+ljzv|tOxsP6-e)QzdeP;{e7i!@#!pTT0hN2>JM42a*EyQ~Nwwv4khoj$ zU#K_c?VJV6r9o2+XIU{1;O8bCw}j7)Qu)e6n8?+uEn1#{npx2Dp>c!8sB~+7Tb>%% z@^*|#)6}>uM^V?w&~eQ9h(^t4Qt{psPl@x8|Hwm^mM=;!(kr_tNu8M)O6b^%7m{`A zHc!1%D#t2A>K1>gKmd(eoxEHPXF=4J%B2P@D<5+Y=Lkk(dOZ`Dw<*)U%|r+wmF*n4 z2ppI#qpscg#x*BTq_jrup zQy&UFS>Q*RZI5sQ`jicZ&PFm-y!SFoDW`w>q5^8oLqvFqLWe%o5rkd9vyRdcf80qq zx;Lim`1bJ+`AK_E{53D+Y**8)$~gebOD(G!$V;Ge`bjtTEaxigj8|A;toNFd0`?1F z!+(@zjg91q;5iP|{%V9q#o(;6zKVARy~UikFc(6hn98na8H9O*H7mdh<{heBlcl2- zJfl)jx}yBs)}Fo76QKbh;L>Yr%n-JX@%^`QhgXBr3v5U^_->-S@|j$d_D3c5IXzOK zSZML#PqjC=i4pm_*hRCCzAqk1BNWnQ?&^%_}+)K!kKR; zT;iK;aL~)M5_Xx6n&jYRed{>0H#?LV3lJjmQuB1;Np;}w;BWD$%>*MG=UZ>=6>8Sh zcK5?_%t4NHGOw4nmjXAG$FCi80r)B^fI}P`8TXaXkn`vs2K-9k$Dl5amQX#ZbM@2S zgm5D&#maP=pB8#pEBmrUSGe64drW}uL7_wTZN?SFmt^ZWiykiG_N)9^;_~k9XLY2?< zf@9a2l-x>l?qJp?P;s8$@O}tYEIE!`tbxp*WV?PYeTkeu?v)~3)NgpW&MGhtWu)aS z%vXIaX`f`s5OftQ4Ui1nlx}3n`z5_Gp`fNoiAT{l%nPCwr~P7u&NbKD{~R4dtNi!x zvBO16O)5~4SDooe5I-S_loR${Rw$Rj^6AaPccd3!sLZtUJJcFFqME|UT}U;%Gm#RC zZp&^j%bOkqt;Je&T_1=RkhYLCSk!k#?28yQFPz-JvP*0N&8>7Cl)PU1e^~%->@#n8 zax>3}lMG7tjk3VdAvVo^c_8+SB4yPbuL+#HFJ8Skw6|})uS$FQ0=bEcJ3#QRPUr!d z4mZ)$7ogPHc<(6MG2h}OEn3PaYkq1F^9e^4ybLjVtB-{3bFV+5{!e;9?XUaz!&_2bfYq*!+va+PuceF*5G0_Q9r!Om{0q!CE_z3aEFP1Z!mCM~+XB(3&Dl{tP-d@+U zsLv&1D(Dyuv4n2Iql?m;`4Q4*ER*4=NGjh|6PIPD;9ra-?0P*JRTmyBKToR5QpXK^ zlsO`=Xn7fmq`H2}#GR2tdM?$LPX~`>kujL;sSeYncDE~l_unP%ml_KGoLgBw5`eN^ z=hWEu@kn7R4T$!H#&GmN!?s(iKBP=%}%K~OZ zqS$f17YDjbFDg7Q^8r!tkGUto{9>w7-9ajLk(OR0e!>)u@Y7D&S_W(znY7yIfvAAN z;OpKN0H|~4>eov`UXU9+8sU>v{}Sml-WsX9pToPZBeRWXeIVqxusR_6$BVe>;44hJ zkcI8eVj0=P^G74k%)VJPo*RIbB;`r5e2M!`rhl2GQujPQB$#P&@C)W;*Ezw|Sa6Xk z6_dix=|YvcUf!5zBfUGvsA;LaAA!2Iazu&tV^Ugij;7zn*9jl=`QYNai}JLs7ygd3 zbg`Y63T(WKh!xgj<{1s1w@WzZ1!JAAOMOqDt9`%-7tcEXV6j)jex4~a0MDNlH{YH~ zsZYPn+TH>%Plm`>%Ix#{eCLJarxOv~W z1ai{PDvVm~N?upvYejdUlIGi@^i?HFx{3C7dR0o_h0&G{J2<4MG`em$2#}YF)(VwX z379UoeSfEu|HW9l_^%lVlB2o#O7G_6C7*u@yo+k_2Nic7-l7(;*b#EDx)&E5QJM~O z*3|H?9bd|-tWsgsscd8l2_38$mFV9IB%Pe)MU3n7mDukmYsMKjn>X86RGDX+mUM(~ zyLCG3HqbxVcW7j_FKShy{p@xg^+Jm!9Wj~uI;I>`s1^B$8sN8f@mPRGX z^L4JSPc5{?r)R>(T|$0_Z_}NchuK+NBKv=?%n&xzb}MpWi#DBuT{G`)=qhrps)4qq zN|RN)vaz>*{RCH9yc$lf@Jfnwrk0=76v4U-Gj@pV-TB; zBdL#{I4PHRkb_@~gCRV*w?skG0pr?*F!&a*8xgMTURq~@&#Edlxtki^OKaD;&{B-<4~>o`MyMnR$%#p`&LXyi3DHjqSi#I`Aw9EL`G5r@ zjawWNk{@Hz;%aG{Q^ebD<@urLNJB&Wz#gDgLOOp*Iv(x;Q)6S_YTJIcgyxXFBzAO7mIZ2Rp*x4GQUR4@b1URuo-D8F2 zevP`Vz{{Bg?<|&G|GQ64+L9Yg`fGeR{YIaPM^|8!|GRS_<=qx_OajK4GQMQ^n+j)z zJ?AYaNx*grkL_Rg%EC1|=qYKR@ERfQ#oKQHLHVw3dW>Cj7b19vk6N~G-^0K$U!QUfX!Um|LKq)i7Hb&BrXY2wxa`Sf4#N3P!^X`LO{ zD8Q2yVlO{}UTlh`L*JKLz)E@kcL1uET|sWskvN}q@?^nB8N{`%N&c~R6JSzxZ>ciR zzi=6Oo@-Nch*BRYqn8~2|DD0QWX{*M@XGNH> z%&I_z`$4`ht#m>$TD}!-Si?qjXFm|7&b23{Mn%KdRBRTohT2VgV{2@PKkrR%OPgxvI_GoiQ}R)A8jDdy)GePmn|i2!fz{N>O5hcJ{pBR!lo1AB&X+nky-0 zQ|o_}H{8s_i=0xVs4NRVV}_)@)6+JoA>;Ywau$}@&{&h3gzFHW@aeaKrt{&#Lr*m; ziX_utR8sWKK7wMB3dp5!1K*YGxq^mhlykrQ{5Zb-i=I?!9JcSi;-e0nIo)sxf@EHB z9HNstm6&caFA`}B%T7!|KZHWvY_i6F=eLJYKpiUpWeKMdS23YVnmAZY7O(~P+73MbFJbqU^$6!OCOP-c%MY3a*|}UfTaCHW7R~`N#{s(uEHP^&PY!*mfG}ld3;2ks z#VYt8VdOWty2)k25E$x7ukm)_qV-Tq>L4%TJom-mltAYIyhDBWjSoP(P&Z($+q2sV z_Bq~c)^*LV!H<||2$=u&RuGa$`KRcAk9+gVdYh|9*U7bKM%#V#N#?@VONXoC9QQvUoV$0Z%L zP5KlHVp51Eh)}5qFnyua>T>949xK+E!(A`2LtmN)Y}LT-_o8~=9PQ@#+xK(TwLHg_ z%0t7oo2t$d{a!|)>7?8aUb{OMwHn0wvXa@Ve%Ex4UgznTR%;U&q?Gh1tlj*OdqJX~ zpY)&g#-x^K2vrV_fbBDNtziP5QOit*K@s0~HenA=Q(D4|9k~y+oX6RR(7`86v;Drc<* z8MSUPcQbn9LaQ5){%^KQl#@8)iwHh0ZxjKjpvGg>b%d*5=!2muj?zbNZ{dggkaJz= z&s>)hD>`=N2Qnxjse1=kvhP3zmyG~YeC)7pFxMk3>oFIi{kA6mtZ|BJ>)xtLkzJpe ze#g`-nTw2C$Ih@hbFu4=9(fW%KjYu&Aq;)SqhFY7Z@jK~ZaWZI)q_jEr1971RNT!6 z<<4tB&12dd1*zG&G2C8phk{4V~l6b4KO%}`c$;J-ue&3R?6AI($ z9W60srU`vO?uCjArDNcS8-j$r_FyswBGn8GBKBe>F~_TOBs3w;ZL!gVHFpy-G6l?- zvR3Z;s*A|@x6oi4ixz)DDHI?RPZ)H?qnxb7g#GVX;CxY%yZR9f1Uy>4J@B|FE2K=B*`B;{it?m@q*@pxe%zmAX z4=sw7I11a`p%U+$N1Yk*Astj3>p);nib8%;0Aj- zkrsdE*p1FY8E?j=qQ_;_Kg`w|7H&J_Fp|n6oLVrgK%7lullOvDR6Cx0F@X{-MVU8z zgTl0Jc!Sr@1~sa32*Vj6#~fdPf5%|pWfQs|+O$igoN-MAm2(WU>Ui2EeoY<+EiT+P z`No96>bt(@k;!ol9$+^VvZ;KswWGJS`YG+0Q@QnZ>JKz&9BcO15hR5ahibD-U<@x^tR7;dBx!zAkb)CxMe!iU<2!kmNcda>Ax*%_Sh zS6+`Ot$ao_$YxIogT^Qb4%JYB!yW9)1!<9+GL&EHm46_X>cn5lTMdW1#iHX{l!{;02S!U zjN&tNmwP-#Z#f8BG02kwY)u*F`{F|lb$%_RrnyEQU-$eby1)R27U8S?d2FQg994$S zYY%OjpK@V3TwV_--N}T6rAGek$bI&kL64~CgUtl{{}}(hgM)p+Y-`-Zd?(GX>&G@z zQx0~XKI|$dz2WJsRA4AlE+hn_s8r&)`a3@bnz*gMKgEx4Wvj5>1%(n(o(CF#wV-fQ zz2Gsti63+x_p?|Wl<8GXZD&Ua_7^blnttned9$@&^M?r7PyoUTos(ajl$6^G$jph) zYorv)QS^H`TWuZ4)04RD!5hOFF>TTNNraJW>_;@u;PHV31}%@G!UG9PFFweWnXd1R zbaV1&+byLg*(CCk#{0y@+lB4pU|byd@;*B^dGbwd?yml|ps@cVI<1$6f|M&;_mRq~ z>E8@NS~heX@~@*Vma)B$6E{@yTUJ8q{yQAyVrIT91TRQj|N_XHpWbiD{P+X6mu>7*)LowkUEV`Rv_04e>0C z(K<Ig1alCw1?!E+a31ZQ<)E!dd{#bBP68v zL9EPUus?d(9p*Q)QzT*Y<6Q`B%Pt-SfAAuy_aVl0Zm=B_55} zu79=w)w^u@@V}BG@2+}jfcsoi=DUO>Rg}8DDV+7nH~Eq64lHTge>~X5W#U~kRxtMr8z`pF$gD^?c?R(&=`9N|HGv+8`OhDC6-NCl*Ng|^jE(UbKz$Ah*Kp~1jYSD+=M$5*qvm!H!rVC*!u*zRuw{Z(YyZ%p&gGy zD{Z*HU$fmn>jym3|5;SRmc4^-jWv?Y#Z7KT%{!ay8n#>_8cipLn+*nw+}Af}yPyE) zChj26PLOiinc^Ns2p7qw%=)QoST{X;LBziW3l^_Irr6i}0~9+TXV_2ifsQ8|mDF$n zk9=g-p!_PU4~r@|L;|0~>_4y~mtj4CwlEp3{L8*_{>D2OImv9q<_lyX^jQ@8%PTt$ zj^2w)U(IhjKAU7QGa7erY$H|$H4T203FQeij<2!skW}X%zT?g1{Q%yRMLy~f?c`Hqykssei zjBpFc2!U2qmy5`75a;ZE^E)kE^FM_%_ft30Dz;!k1}lIlGv zAWwKN-LosK#VhUc<3Vnw$%PoCTG~EFHd$o*xPn5?xlku)HCCFN_n72xuE8Bf20~ks zH9|$8?*aA)V(@+BamYq*A9$J;UC1PFYdzt5!!?$n!UtI)bn5isAzs%#pmopMtoJm}HU z>*QOB4K%Wvckk&H~@2IeRY-=tK*5H~bcDRD?dI~@_Ea=zo`OUycRhqCfcZgYsB(&U)U_bYB9V%_qp;~&DQy2iyEKk=0kj>x_Xqn?~KLJweQVP z_}M$dwxAWWI*Txu+pHDj`5&1&q0&@D&mv>dAbmwM3RB_I66qj_z^u|lAXnj+`5oDf_yDYiYLkjYm|A|P zVy!vgS$USu;SZ!76eypj(ae~bO9U6})T_7DFi@0%ljwJyFiuh%tExXjwfchv*2}|K zsry=AWU|5Zx`yO#Wf0O2+J1}F@z|Tz)7Y!Rtoulx7_Etdn32NMajU(gteu{YWA9=3 zk>(I>Rx6b)5U`nw&8b2L@_1i;ypmid7fII1qVl==d)>oy8F1i{YWLo{GqiDV&J0pC zOi$GCC%pT;1SZCM|L%~3BmBR_u?(8uNTj?`-mWnSsl{4JM8_KPTP!<-XFzvl*>gYZ zfZmluBAi|U?Pzu@jq`wtCFO((ab0LUqxIRx1Zpt^%>{I4>8mg8D=b+X@ z9;_}o0XHnR<5Z`pntCir)|BLtmzny-m3Kjaxjo>j^Qv^w!*cU??ZEf6GlFA6L~-S? zI{9}nJ#cx%+PP1e>=5X(okrPBc!rFlFfro`DCpxwFP{5^K$c)SS5V% zuz$Z9VDU?GV>m!|2aD-;dh<1piTmQv0Sq;8LR!kmu9M%qM~#^uEw+Mb zATkYQfJ>L6t<28LicuPu^SIO^6Mzeh@N))Wpg)h4VGNB#Gh?7Ec5GnljTL)$-9w~A z5hDX*YL6PM^5nct)2x(xqIvMEtDZTS-oi<2tsRfvhkdDVRT1!X{%}{;jg5bxFzU7~ z?)4es=V{1>o$O2sb6XQ{nqt@lrFE4R!uNk1Hq^kj7F&RpHatg`zvx48ZPZupODKwL zngp__H0Li}i^sm&`cy47>CmG(RIZT&@7`>ycrsEBtpN)Qs@v#!DauJh;Iov_NQ+*z z8Swwr!1_GE={)&&tsG$!gkRkC*i3td1fPG4T|2mBfRUHr4g6cLQLD*gQTshsf>cZ0 zK8yjhk-J(vVv=vD zS(pD8UvP~|rzz?y_AHvTheGABZ`QUw{zLRtw%1M3lY?}}0`A*yL27>r1*_F>Aw@mN z5%n7TB<|(xS1DL)^T5rP#ikit9$2M*jS+~|IFC6zJf$5IPxlzY%eQM~;edHBlV^R= zP!QGhnw_Teq9=0C6GTKp0=kawE@dEJ`Q6D*$D;NvHrSPFIJyNNm$P0kBKACq+v?Zr z#L3!ef%Wq--M*-qiL{QO%={eMU`xs<5}lK@=_WG2?^3sEQxqZXi-${$`;_H-ek zD>%xj?OwyNp;BZaV5Msb9CR` zNxmX8)i2qz`SQ8e;mL2WMMbRIrQz%9v_fkGs7s80TR>f)u(z40-Z5>5Onwrj5NEM~ zJiF?fIhzvOq^$gO@Fs0aw2NrjMr$U0{O?;_ilYunxa5BYB}#^`dLAS1P|&I?_graw zD>%w+!Xs$A{eGB(woe&vkxd8n>B+JGy+6G>t{x|Tsw~D7mY=a63@_HLGu7?69pAS{ylH>P;vw}g5W|R z znRi*aFxOBgzd_IXoe`Ejo?OVst`G1jXxl%EE^wzW>TdTKa(~t#(tk4(F{B=p0?I$w zP4!CbW4a3VSMa2=2#6)dh*?;U>GP~PlR`o7kVy2ZezqLPgo%6`TqKGNoc>b-o1J}S zMJ}5clAH*#|EVzU25=;mNe_|FggOFX-8boqf%7g&YvB)&qK;&!)p%E#0kOH(*(lse zxcP*pH^=`YZACH>L!`&e^4^8OAD^@U?drU&9}*dgJJ`dP0Q-9b>*&+ZF&bm23n*Kk;(9^8|!=o3I{K;&yd zf3zBZ-h7lid;T+LU}SWHhM3taoyy-Yw4%l|GAJFIt!T*B@ffvw$YDOGX`}T_3)dg# zMT1cl(C0y1DT$}&ve$fu2xowB#S6Bwys75VKzANi&x?lJI{C(Q{b=`(!mc7yPc5Q- z8PeG6bw!x_JrPy=JdHM%)V<z5t7!#50>_n^8*3#C#f4Y};#`5QQ zbFs~;*+QVBIYyaN(|6>6kKh;|8!{y|f6QcNuKzJp7@= z=_q~o`$viDWM0(f+`_r95W5q;kAF*DQ1BhSdWLnT-k)0YphH|CJC<&1#zfB@ni9*y zicG-?#^8~mHRy3~n+2t4g9pdD|5+j7-(NzI!419M{^&oFs*1Al1e1AI3T{aO4HqFS zXykjj#s-z%E)84->CdLO!BfLg)+VxWwL1krdn$}1w;T+`N; ziV_Xc9m!0$#{YE748-qm9K)VGO|*={1%rBn|y&>xuIAmWX!4fw5N4 z^f`4bJ;alg-^{NJLH*afJ+tmn@fxGE<5yBA-)`Oew+$bQ{S&CJ+NoX|RGVu*Qf-1Q zC$}H{js;y1OLzJ+j*Z%AJRVL{0H|9QK+R$_7g9?5m$cCs_0Vmjw3i@0xc=g_@eXAb8RGp;bKSw8mHB*wuFW<`o>dfr`blFd;R8{k($BGrksdk*DD}xT!jC zDE1Pw{&Z9>64i*Ic^U8HXAtTT3+z0FCzgE+6Ka5)LJ8e^c)7af%qMFgC#_8smkZl% zx941o11KR%$`xLqd?YEyCej$4SRaZKiYvWVdbv$j3FQT8xA`#v+MyNi2?CY0F;#xp zj^DNnOT6BGquDi)Dh84(m)L97Zj!|7-2Sd|$sAB*J^TuAF%TVtLWEAX}<%PEkwUfdIO~^RY{I_CyNs3KnPs zdsN%~>p}V}M#0hJhMc30*-W3(50r~TWG03lU6s&kyTk-jugFFVX^Ob0AFuzur!I1b z_LRL8K3Pg!|1y=+Z-asZb^lv$^(jg=oQrwoE>vW){`8u5YJUpK>rgOYEo;hvp_gc3 zXqWp|%~n!xlb66OZfF&wu(1-;l?uLDYcN%Z^C5fCD?65>i7=$&FT#DXdu`~-6{E|pJD+pau6j9hG4;UqTMoUv zxwbEHTrpeGB~d`sQOyb*dqJ>QbA)^Vu}-RI`yq|$L3@I8`K5)&7V-iv+FfaEW%m-x z86e35)0_YmL{Txt+R6)}i1C1|6j- zDh;H+4blhsc?i|*nCW#;e)lT>K68r)Y|hH(Sjb_Lg||G^u|k34k?oJlA6ee1F4*>x zbp9l%dyv|@-EOuIaoc`SEeHSNzaDVXE*_Mb&1q?D@ZM7&<@WupT=f`j0To5p=U4Ls zm}6T52Fg%`-M5{)Ji!6w;4~`TEVbU*D18m*4t6>tJ2`;h;tO-UKo(NVQ<20-4>? z(UY8raD)}|SwlEm{q&EIh@;^vM7JN|^a=TtoyWQ~?v+gz+GGeTk?_;$`HTKAS!inq@=OcdN#{f23Br9G~P05Zj?J+r+=-&<3D z)=hy1eQy7JzcuLK10vqaKtr5fcQ z5jo-=pMD2lIa&W$2vjLGLvX%<-iO(b8=eNa82XcgVgNrA{O3uiA9lFe{0L}TauuLKS=vW1H3 z5zq*fXa{o`D0>Qx_Y)rR`UGc?6+HPQ*~>qo*z=ox`JQ_`z8Oxp_`BFDE}|=t3L#2@ zD(2=jCyF4om?IucFb?(jzWsfm2-;QxRhIYUInPe@Q{!m*pEa)JHd7@lM+Kom2bOw* zxF!!eD1G{01%ZiK)IWS3?M~zfOt{h11TB6Ma1*nr0kIkX)wdM~{q7E#CSegksriT( zpQkj?n9T8q0QC{AVCnw7=mdly}ZKXm+%=FZ^7Ag!^aTn*Cp30+(N3 z9Rv68_;!4{*sbp-Z!{R6Cl9*pi{kbF`!YU^jDz3N70AJ3GD#uv*UfGXd5YEE#@mZv z!@O3uH3X#}IPmSyOZO@A5(zozGNkD16ev-N#2 zdHK{1+RYpx)kA;Ewk8-_BiiKRyAfI9`A{>id}&B-*j-368dZO|po)OG+hBK9$ADEZ zFp51mo%@Z&%)=AGyN7DMxLy_olpQA>_*CnX9M@Q+!?k5EmuvM~lEUx)l~U5Ac=S{z zEA7=LmFX1u>!jeYfwCE%lZSKz;`3co$;oz0uMXA3JKP)P%qSVGui~RbK3%*V)rQw~ z3=S@Wx-qJ_S>2~MS;~f^nkzTf^7Lt6>+RGLq{9~u%XF%&5;qnbu$d!Rw|@|wih~XU z_75kzVE!+~uk$ZFmGdrlYo~qnKP-o&`}9?Z$bP11M5>g@5A7`W9yeckuJ5mhrWP^u7 zVYZx{SOIIew(P<->+;;cf^0nICeYBhRYH68<RSC) zvkOtBJN_OfF4HU%qfUTU3@JnDjKhWKB4& z@Fax{0I*REonE?x$eg*#P9x4v>h=c_xJ8V{FFO?pi)*61m%L1B9-loh>%z*(+=B9d!GNYBz5yOqF`;^nfz-`fM;g>8ErZx_W2TBIIq?cTlr__}HI zIk-Je`e&=CuPD?rrX+{ZQc@5m9ml}FUOQ{;Wr#Vga?52SszeRXBXm|{hD>wlTTvPX){^uzD4S>Tuw`H zAV7BrM#A_e#1hZG5o&Dr@boM~sN{{^dX%pvuEo9XdKgcTew4^2f1D=|S=kd%Qakak zk9KC2zuw2pw0p?Tlspx9&~x;;*#a~xpz@Z07nfzhQ%5(mUdO>F0*;Bv@Z8eG(=YZf z3|!%l%$?Jih0!Pemff~vlOJeHPUlw+GPIja@b&1b9SJ9^q(+#+O}6h5@yL)tuIed@ z1^4r(nTmr9XaYl+lodma1F?;|8zZinZM|%C6DX(4GBrN+&(dw@Y&U0U>SdL$o#?J~ zB{%${oA>ZiX5SIJvZ#GK;_w{>WdEiTg0>Yr%hSxtl^x{;PxschQ>fq@KcWDNOxC46QGe0K6HyO`ql%I0kR8 zp(72y{W}NBjT@p6gFUq|gA-)gFMGOhEkonyMcEVKouvVs|5z{0kEj0LQNQj*|Yw zV?r*m>N%d!Ttv>s{r6X_ z76;CGOCy}a(zoCYi#0!HUh4)VaFNK{GH2z#up&Sx>SQ>DdUAI&oS{&v@GbIrmJ@0q zd0|^G`&}+GV+_$_e(W&Pe+{#;H*?qyDKmqFdS9lryBK;14Xp^3klUtIW z1}D8jwP`##g`YKCM?V+uo*z>|laevy5(Q9dGdy9RSxQc>%FlQjyF_+gz4^2UZr#=HX5HnN`AtVUPE87vSh=-iVO{In#dlh)UUY_|?gSc)XOW``p%p>C6mV*@l4qmuDRFIW%YLw;GHHq*oF5E5|;XwB~ns7EH=tD<7|v->KoVu z?8u@yS>#;aP;90?Bsv%LU6uCodl`EBt7$J8OrnnpAH^PyBp7!t`%8jeK?*~;C>{x! z{-Ow)OWej-f2CSx;MaXX{9y7I)qQ&s(*`*u9f=W16x|3>UfXZnGNCf$*s?vQ+O@m; zMa4dw9~2mtvnp@{1hFBY^0yG4*m6P&&i$9_c*-B$UJB6*ER!$<8XbIzg7|{4Sn8{7 z78mM+Hwv^0vVl9&hvpC+!o-7E;etCMe6@Nm^KObwo(5W6FNo-NNp0yUY!L-5g28U8 zIiXvU&5^~$ODZHIxH&qIXk9*b}6=5m%58cZ3Ouswr$)^cG)Vr(Yl*SSoh^D1S95A;N6u8Y*I9o%?@nTya;I=@u7(eZ;)@Na}4BcIO z$H4_|7mTWmW#|AATmTql2Hk*u+{1Qz{q#(Gx%-1SQy;G8X)cItb31^5Eqn4KhEFfE zK7M$ni>V!3qT2P!FVnql*9C)YDidt})vK0Yx+DbO( zfd#qOy~>C}$Y=a{5;nNa7xyD`M0QB|k#rOOSJbtA?x9HM-Uta&pl;;=J%Met{)Z}h zdv{~oQ)(2yFcB&&xL&C*Gb;Y(2F=~UW|31@H&W`|bjX2_RnurF%MY0xs2JLVoE?t@(4_Je&@b0+P|uLN=!=wyqY_!X@145#&EjOJ>qvB`R5g#r0zd5%xm z`-Q1kMAZlCuN!G(y;5J`klK;&C3C?{x(hMuWPOOdC@||PNtm^h>KvF0z5J+mIX;yU z$V@}fX0yIwWxao3Rxs8E z68YRR@eAw7SF5*UnRjwH?rBg6WNdp{P4ia)tbE1_4>l}nqBQ&4c*+D&rz&Wz^A819 z#@|#dbIQeAh8^}522Y^9r4tMf9R|nnJ~}@Epn2Iw z+Ec6rNBcnaHmF-<&Z-lh6^+Md@|eGy1n2yn<)TR0VO7NEUm3dgoAbK*{wtB|l@YLC z-H$c(<8$G`T&Py@B2FI&Xw!ZHF?fpTQo`!{nE-9=q1_7axs(~#qwz8Q-G*!ruq-8} z&eV4k;8Fx(krV>2;KrEO$ z^UhZ_LrVGBmx5Y77!-1ZD*Ig1h--_l8&=Bwp#U)yOY`{vs1L8zxj6}9EqL^yJH3J8 zn5$PePKr9iudCwHDxck!jMR-B#qD(xY#Zy5{G55ri^s0@;RpKE#R(Qax-|OhDcQ@R zp7d#+fv+rj1t-N7ie10 z;!|lQ^^QlNN4)jS5_s{H^;mwmfzw*FSY@RvZ&y0)=ahY4Q61&0_K3#(l<1h;ZnpcT z^6e+oe$Nrji-N5D&W2e>)3PGMN4%Q1QJQz?m6d7jPcrH&cc04rb z%A(nBRj=APzGk8Jwq%Ry^YF&%4D-OrA|zMV_U`qMcpSoWD4D(erAy92pn0weQ`?;# z6=`+s8rlxo<`_3v3XgfXIkv1?p_)t<;To;-u6E9R`&SW^U1m$UMEg!G7w#1*NN1b- z5{YkZyuK};_+W+p009L%M4m;xuo`l%tPwwvKy`_tyVt&zE&t-QUJl`AYtksMl<^LS zPGLCUI96>jJvh9ij$=PC;I5W?xB$k3qI&?QSCct`b;|2Y-60ru7wyM~k^~NwIv)g^ zIxNW~?RD$dZuomUXTIMEk8cYfyTj$CFGCdXLWG&K<3-EeG{-j}W8ti`-zzU4N_#T# zOxrK|ZBV#vD^y^Nzr+F`kw2=P- z`p`!VH--bFQNp#aCF6vvUgZ?REazgcTaS!swlj>7sTo3yK3X$hk0m}GphN8>WKciK zy@_Q#rQC=8(r#{XfZ8<-eqN`QBLcFzkZpmy2u3slg;#V%(MDI+AK0KDw`5jxiYQ@% zDomTwGgzHb3S@kn2iI>7cXkg{=a%1l+a|Las^Ai_W%se_557yxL}87+y6ihPH7l!= zTO*-C(g1gc&#zpMo@%^@=q!I4b>WlOrMHgQe19J{kuaddBjb5|T!9%Y@mCQoqvpKR z*;QAS{dBpwlB=dlXN-J*2LWX94Mcgi}(fB)x8MAFUX+% zfG^L%D$+~31Zx=VNQV3Fo3Q%kN7cVXY<*^!arK~0R$3%w3^A2HrTR(s z(x+3o*ywM;r}5jmHR`TM+A0}pBN{A0QGE~WsB;#Wv%0fmYd}Fl9wdA!E!!MRKJ`Fe zvZ;N)A;Efj%Fv}`Mtm(0i(L&NeELrFQOneU@k{`M%)IoznL^TEsY&rxLNc&>0)@K} zcms3+`k6X#G{~lG)cyRq_MK&7aOF0rYyP1Ilbdp7^{Zwoi2pm!N)uda+w+d~sU4CF z^wjmIyH!30lB1tW{{jRT`aSh}aFJx)Y!Vj#c7s7QXs~fzEoH}3m9^|sBIkoZsRuKR z$jz5&$GYxCkG(G(em+AZQeVSm%L9-YFJ=R`0U}1x8XX7D77)~M>!;+$qM#bHZa@9+ z51{#F3w3W{W$`S`6z*S`G-xv9v>u3ih2bRb-p~dE&A|9`hfI$}IVTOET2OALA9`nsf793pf9#4or z(hjG5DYC_iFNa6EKQ zNrp6s-=WhX8!xaSz}Y6b;ZrRY`5rr4$PDoeiCKN(H{rti>2&Cgje`&e;7=Vqlu#uPP=vrza@}??Nb|7-&AR-6LG| zF`Re3I;N`w*qYwd@$>6Dagh@MJrVfv;{Kk% zrL-j`@49v^yIC2d7xZ2mjsG?Ty$?f2$bV zJDorCc=`%CGueBMn@3BIn>PQ83t))3Sk2u=LyD*Hp)VF)Yq@7SaE_4=zbBBw21V$1 z+bRYWBU5;mOZU+*zJ`m9tq+U`e}Jd{DxdeWmxV(e-tx`4n*1v1aON(FNWB?}e=6;8 z_w0r@PP8mPwA0X58&ccbRPS;F|M@|SEWLX*aedLva@0Nl3yhWe-76f+3)(<%sE^?4e(0` z7U=}wuig0XKF`ydKwggPdunhX%{39rVsXnj)Nknj*&#*$f9jBO#Jki@sm&zz%~j&2 zEARpe=1y(q)^J4*(569Y>st;}Vb!3039xtuBco9IvKX-!_bxVt(119TcvOLbFgs0< z)eVJP0RO$4P%F{`F7m6G30L?Ip292fM-NdRwnfR>zSGJv?)cd3p^*JrVOcJMlg|3Z zNvX_>6s_zoN}sanhZQ;5M+Q>L0!`d#@U;cj9X8!veMIVFqmNSN%SG);#QN1xzloAC zX@>9Rht<}hppKuPsU?aum_u-Q=QwN|=iNbNekZv54px4wu-MH$52zmkUmCJCQe`pi z0&i~Th1%;HI!HHe2Z*J)HjzTTs1a6+7fY{% z>E}Mfvs1O$0!nwAD!B;#_F3#M>LoG&^L?51Jrs2Or(*BK9-}<*6Ex|{W+FGV3A6VA zBlo&!ea2^x^^@-0{nvN?V^uPchb)re%#Z(QaWCVAz`xg)jQ<}6HVYqZ0HLqnwo5wqf;Y?cE9H@^8Z>to6pCAaxPR5)Y`-2hak8}WqJ**^l^#?|7 z1RY(2Xdq`8{|~I(@V&tJ5b(V%`dg}a;B7wMm>)~ZkkDJ(g}e7chybZLB2*T=o$0xG zY2_Ed)T9m>UIgFD_Wbq34At+9%(61yo!|Pj+zH6OF>@)>SOEG$!j)Ep3256Z{7oY6*Bc;p-}v=zp-%mVgf;A$s@t56-j{H88ao z(Grq>xrMjdp#TXi;C!BAe9OGm*Zbf9%@{4qE7=^>^lv|pI{_a7v1TTy z`~%Ukvkfqzyh+lq*MBgzf41hIt@%GzYKE)Z<_c~rG-4DO zLZ?4hmU1->@WxuNAW_z8H~}dSEt^MWK^qjcSZJ_Tr2)NiN&~6#N=lIz3Us$}WxjX< z4!QG>pCe1zqM3xVwT300WQArZz4%ESAk|ZZJ|gtgXHK~zKJOm;3ULSBEwvR(kr;Ww z!D$X2aiN}u*v4bEr=bBWaED7_`)|PPvP8TP3b)eEVkPK5Hd`arw3(~fbfoX?BWj;1 znXqeVOSf7U{(-CZ(GXB+rsgG)%ozke`XMT~ce$zxwOGBw{z!6mEAA$GBA4 zSK43N9U_S*%zrfP9NuK7aa%9;i#uS4`<(Ra96_Eyaa>1!rXSJkDDuazBPj_J99r}& zr%LrL7hCjykC^nm*a0eD!<|cwTof>{DKDi?;eL3l`nz+YY5MFz@yM2|LC2Z3@Ss?S zrZWxCrXKfuQbn{;3~96N^_F)OJj_oD06Gd&_eu2E#ztNC1)Dk54pkmpVO- zRqC5gZQX?XH$K~G)?B=d#4)nFzC`WOXFFd~B%^KnPIr7>YVwH}%tcG++Fv|1j(Dpi zobFM;FR|8me*p_>J1^+a`1qFch|drqc9kkupOBv6d9dlYI?}Dqq(+*`<<>i{W3S?5 za2-tOPt;IawS)0pi&{v;{Bbf$n;_ZzR+*RJHB(pCUFRPBcK zuZWoMOgr`#LBUjipmi%)evk ze|6mcfu5Xrwpu%vx6oPPR<9^UyEiF#zdhY!k!pP~oj8hr=liflH!Qr+?}_A7z&lC) z{H7&S{&f+HHe}v>+i_C66?40+*4}co+UnGNwweRn{)6N96<)h8(BD@FVy%4;M|E}H z4{yP8!rZ2Mdv?(G%*|O4=zoi)sRx!hFNnodztx@R7g~VewTq!AGAO!|QgFB2ZrXoQ zxN5tm+40cMBNX168Lx3zCb)|sXy0mQIr`&kUkz;cT%8!dxS!MKaG=&@l8Al5ds|eZ z@3CgTeRN;CfE%VTWbS#I?*YaPY>m}7F~XPM_4hExYEfB7KPljpv)P1{>Nf`SOzo&G zFnU3WS#=)KDW*MYQ7nBpbf#*ZgtR9zFNsJL>qssFCJ-OAn)HCMiQYwN{z;|^7GU4>Nmnq0ccM(IrdF2Jg15TH>u6HKP_Qsd#1mlw zmZa9F#gnCWzpJ~RfN~-mXptk@qYH(4V->gYp+!XkUiL&(4+$ZSwaSe^C+n1c%bUXv znJwyrXQu3*syIOHU-uH_%4BP+mADi)(p@wL7dpdBG<6tLdp-p8GIfQ^>X)_Hp1ST4 z%dl;QGw~sQ-9ITgc&Ye}6!6Q*y8)uTjbc`Vw6x%L=b-ppTm}nC@`?QzId(jc1uu_e z=^H6`yv`iLazg2-l*L9fa69H%TJVA6?d#C?Q8vPf*jj#H(pb*0MNkUU**0D&&PYOb zo7L-(EsY(Ga9ngiZJ3elEqr%fY(t|WDQ!8Z+;IXnXeC;dbhjBEU|KyWK4W7_Hi>EcHA!b9z^)wcfAI^+s4a&s6G=31(c zpGmf03L<8j=akKa5Fbou_l3`Q3G2%oOxn_Blf*1q_=*>6$!4KUD`!q> zKih&t%l1_JoJA#DDW7C`pC{)&ppnxc??|d$bkYpjc$J@tT&_M6y+>Q7GJjlQ(j5Z6 zpwhGd#$_O?IB`8Fc)w6L{_r*z9x%;4_LkAsenGFzwaVH=uRT@XE>bsUrfpXk!Jx=? zgyZf^D=wJ_^h+f>! z0z1x2B5C%fUzdlK-Cb6V{s|}tvKg7eUt+NQh2WRY(Z%*;ea(AZJDyw^NnM|;++;cD zm3IAnFMIN>?(jw_>cp;1La)_9S;O5yGbAv8bT;Mrg`O4PZT`YYWUjw z%33mn{myH-+r5YlQcBquo4lTUjbH{~IIVj@?+33) zXjAKTF=lhWb+9Pi|8<23ErD#28e1L!^sCq#SDS(TrF&)mix00a^IfVsX0KP){Sz?N zyR6dvkBi1S8hWU{qV{mqNrvHI8Peylc9pMJ#+lizh@(;9d(+$<1IXU9)JP64MUkAv zmAy(#b1T#b4Q66B+ZLYq?N8bR-!if;R7iXGRATOiJch`hl+6^pwHz~#AO5D2 z!@+>DMCr2g!He1(e5`&38#HM8h*j2QGDms|Z~u|w>!{+9}s7gU~mOFPbb{5!)zW6EZF z_5c!rf9of8yIG=sGI0x8CQZGd`_3m^dNS$qepXgZJ4c=kG}K$;{Dk^_EulZdGFjKgkxkBh2*7e>pX-0 z#&<;~nieIv&zUHR#1a=q1oW$G7`#lLag({j9rbF48snY&qG=8ndpxOEr777;TiLNc zH(7B6WqnpJZc(ignr8URQj$X3xw@SZ!M@^Z0(D5y=QEE(d$L~Eb!E~Og`;WcrS0CmVd(o=KME^d&;$4WgQmpV z65U#y!`C(B+~)F6iqrU=R2Q6_)*`qS`>@mj^2{_Gps(1~1uU`Fqu!KcL91}As|icP zg*LBI4(O~n888_TexF-&!GYK6ZGgvFA-j@&RDdgZUOcnbW+t z*xLipj^vO(El$pE6J)TQzV|j?0jnc4y8pTDgiD{RSCQ%Ztfrwqw?5_3lJw>myMb7% zM((u_`I&uWR~4GktnKXnPR37uMg%n}r18HTDA=jk9()E~ejh{SFTgL{d@NhiE{cSB ze%$RpPB@{E9%w>lNmqqcThDOm`OSoE8ktnUERg%{J1u}aFR16S);V)L7sB6phSBpr z0qD3&{iC2oNoY-TW1a33JJ$R^Fn(F)>y!=O0=nA32a#~?`gQK0!9Xg z@uczuTNO4Cu{HZrV?QsDcAUx`yV(+r6D@jeT8C&wghh*~pfCI_Al4_qDShmF()1BPD0{(eF?)I%>s9(*k=kn@ZN4*Q{svE|W8Q->t z_}BAa{ZLUIlD}7<9%I#en+st;DC?dzm#T^V%nm(SevvL>_cIVY*DB{op7l|l216HS zBt?gkV+5lpz0MiwL*@6lqEu&EuB>NFfF7=Fq>NmUXK&A8V|+O3UB{*R0%0T%{OEhO zeh@@Qo~2j5?wzyjI0p2IP^o%R0;q&0JWi0yY>u*zuIJJEP|Kck1GzLzXr)**SQ2lG z*c-9+Sy7*|BcVoxNs!i4NRhEvY#_e{(?^s?=c2bqxl)?S&(w3PN4mphNa(ZTw!Q`` zd&{Y6gIDi3ZO34Oo1PbxYs@#AjIU+<8E3g>Y;J>HaS!B2mWx~hzrMG+tp4KA&9#Qq zA|oEWdp;yQ^W6@c7uVClsDN>mm`&#Zt(6H;Q*AP(?E`bXXho7Pzt}g6M=l`5roEvQ z9b-d6x|8|{&h^E=c)C2Qp#y*|C=}`(>~8MRjs?!8XBXbii>`oYl*?TskQ`z!tfz43mggo zA$`LVJ7^Qk$?O7Fiv`nQZWcy-=kX`eF1I7??)+|`kgx@*po6MT{*D9uk2j;sB~1DX zz;eCx=VzxVsWiR6()_}1_60VDK=Ep+jyAmNP;sgGu0x2=ZZrEFxH~=fUV6po;^n#r zXiDE*W_IGM#_X@`+g!ssSvkyifHI`fRan1or#j8Rugje z><-OraQf>d-``8fHJ-Jvgwc4d7cd72^RELorOhIGegnrdCe|iQd;Oi7dQKtu{;kV# z#||yW?se<4WbMFJ?&l6Jck2ZkHu))d+PWxX#*XM#M=a_);Gi1hroxcx&>N>=)CK76 zOlIDnmdvJVelYK?*M<-vTZ@K+?=hSj{qJIQw!<0fSAg{zXm0yam%9Ih@m^JG9_! z{+cag^XZmNS^R9>wfDAptzDh?HAgYu!cjDb|8?NbbuKFqh{zh>O|?JwNqWJE#FH!t zDy+*Au!~UVk$G*-qAh}44v$G?(qo^A@@#LtcJtAywp0n(Sf^Az5K!lgp0ZMXzC>B; z$9sBs8m}pG`Fo}5xXyVx3vFtaYFOUv@s%R4{T#n-EsS?53vCyNR{HJ$j*fZhM(Qmx zTVFuvs}GoOLJIsxU%+0O_fMeAc+0t(2`HR`fZN{4{(vRZcm2$EkE4;=;+eS?m)XrF z0LXN56+H%*jc|(c9rquyn{mIYvKYcBYq>T*dE$f#Pazj~sWDAhGKmtR(epX$oDo=V zx5&in(JkwV=b!NC*=#ZSrdnP}7hmL2GKx{ZrC(-{={F>d2-$Y1V=QiVpBgT*h#t=E z(|M-I(`)*RGJ(*s}UjICSIxOOc%~70QUn~JZq`n=t!^Q^0SW5)T z1%=04{I%19QP6S6(dL*Wyu>?%F7hypBr4L2o%A6WC7~R0Y7rezhvcD8Y6`w-jyB42#jV-Hg ze*YF3=RV4wHRn8(8lrR=ChM`H=#dQpMD+%nLI2*w+UVlyrpqn zA=a-TP=EB&Gdv;EUa4 zZM}8)wtWMwZ%jW8IU477gT@9v^!gf&YE8e)&R98hZD`|~m)v<=W`-%4sp^qb1(1~J zG9eLg)q0=V8z=0($m$AjkvSRmJDFjg`;4;WER9JH#E9@k*W%^Nxpqaj`C2if0a6u% zX^v24q<7C+uA=Da_xlNqTH5oxrOob%s&*d?5)GZy-7lg<=d;?4%!E$U7Lldn<6F_f zC$E5qBy24xr78M0n~skFF_T^m(gEZNBDHEe@$#5mX4)ll$J=}fv2n?%=W!LexmD-1 z!kt>Rh(*lW&!%af1@yDYZO5j8 zQs#6Yqv=!@*_67Kj=ij|G2>m7vGln+qkq>s7ny2x$EAeEweEsVFvP;p^JSyMLX+3h zJWXQ^qszwN01Msy#N(fWyiq#ZT*XPkbrB(iQNqu$$&XatyZzvDoqm55>tl&6wp-K9 zR-c++<<%C5`V0bJF@0Kp%BbDozDYj0HCM2@{=~2q2r7l5QG)y5#PhJ}USYA3`q!LK zSvzX}o+z@YyKbNbwWH(5P9z#Qs}wLMGlvt7E$}UP+C3>P+IguiT-sn~3nU=;&%Uk{ z>DVQAQ#t(rJ@fc6#D!OAWa0*=H@HT$UbJFbV`Q0eId78YXKHNKk$hueR@2`4E^E&Z ztA5MmwK|F?2#?+fj-m~fF*qkZxlKOnQVV6l+d}L_BZbF?h*!^le#d*aowwO%y)<;n zz@NDhyzC?$I;QlJ@rTt9xdiu~N3-=+Rb2%o(ZUDA!(U~RYKX!(S)5y+f>P3x4FuoKb071~Y)a z4qT1m7Jz%9Qcx@>^?0FrpKAV2ygXHl1y}a!IA9dc4%frnVYBNBcftFp{tRx4yP+iR zLWmv1{I~wml-#`X7v|pY+xiu4T;FWj#rRk@G+iDHB+i~-4GK1nzjTsZ&$x-3(J5sR zv?O2KX?d+p$_P_*F!j_*eEA!~`KY7m?68BchaLIb^haxnkFCl#^SD9}@MtM}7&b;M zy#fYs(ZYS3uZZPD({qZKZ*uASTiN_e<#X#p__GDg64BqloDNP}Hdl7KBEFnUlR+ z-iA$#{j#Yd$Vr=YRQF2cHa4T|UXJJQ-+4XX5c26#$xRNs&TY48ol6Oaa@)|ZW@1#y z4XV0uHeqE#uEQ64ww&LP3xp#qV!-_SJ+>BZ(*ABv}El+;LB%!!6PQz=m2&8QlP4kS*H=OT9WHZX>fq@3VSOFUb6( z$*iqrl^y2%Zn=qHcu{a?{WJG|QAdY~8aT=%UBhZ?R6=YBzVQU`tD0e}cP*}j>HsHp zE7oK2b~`qnB8HvIvudPM($>HcAb`*D*puREQQ$2F5qJhrpcNQ@yzW8b0CeOEt(Ol@dt<3?M6n> zeiq)was1bJw!#4Ez4BDlk-5Dnj^9Z9Kb!N<=KLc$|63$SAv`yE%%YzmAl)nSrq?KvHiDp7HhjHF1bd3aeFO-&p-q?8^&G) zv*NcO^hgiz9DYTM-TwnkYJ5{G^MA?f1oynnSN&hAe=+f!9qKJ}{sU8&bW@hIX=RD^ zpAXLz(`MLzaRL0-b}B0a8yt90l=k1phT#L(J%8_dbyr!&A9!1A-?dnfvFKDY+@PJ3 z_#6!8H4T)keNRW|$6Bhnk?=Y1(dEv8G(HFL>8~868yM2|*LjofNIXOAvj)X2Rg8aA zjR3$mg(z=!x%hY+)X{OwcU9HiWmhqy)LtP?p|j+Kv-XZ8?{bFSpOA<}i-dQI$1WGD3LKpe(diDp&^y*|&*T$`$QY- zzdjvn18r4X9rJ3PO$x$88j%-9({<1XOL3VLhFg?mqoFdf`Cn_vq^Z+|eH68vIv*Fh zUC3=?rE|IIoXpnu%|!k$5`|!(!ASg?P*?N$?vqJFk8~~sM88HM8S39pCVFuhev@de zuBu=4g8=A=G_TpA_WU4GJU{ndJpBZrNrC^x#2fH$fM}Ijy%PZ3+0O$W8;Wl+c*%xM z#>s_ECBpQ=O2>zqZ1O}Hmx_}KR%Qc~pVa89j~F8PEYb)Jyleb_w>Z^WhcT@Tu$8b^ zcN3+CcHl0E`Xc5%KyYCXc5gBqntv-y(c%THq4V6bnwW6yTya`6j)RL7wMrLbtbFSD z9+-WO^Zz}~FIuPzeh$hIt5#$yw?sE?k;N3B>}#)LxYaB#KpG{CuNO_Q~07h z>Isv?Px47cjar+n3z??=9j?!y3OwCfBxxIYGUWPXCkI!MqhBeH_i(e7JJ$W3Ki2W%#qDHBCdj4(TY&MPF{=;wty4qmnZi1V*7#HqL}i zaw`7bVX~~zJ#iJbG2fo*fcGYEh4N9J|Aig@$xq3#htI=&d01XpKWg91PkUsXZ(yG+ z>JP5lr>YH+3YYjjVRHE5Gzq$JgCj8TJgeal@{(-T9?Q#e+29#dY~%M+W^roxs%hXu zolNOxthy253I!SqJno91$Yk@_85X&LBD$VIpm5y9!KCC+m0GBIk*n@{Hz3#@{&0Vq z|H0l@M@8A~ZJQ`628c+5l!PGNB_dLT(%s!sBQ2mHQcCBHxEn`RY#i2{eT7*c-Vgu zWILu3H!`l~7p&AO%bJgC65#YYYi+9`(Z>fGc&>6sRed?@&)ca##v-_RfQszqbZ&k< z_uTO?H>9ld8Tng1+(tZvYV#oVRP+v>_x>v<=;ENz=xRUhj{I8pB|GTr!K(`s!Sd04UJr%W z6{k9~28%dakOjgj?533t38P9zoCeE~L#!ZpvfSaDFZGeZWZP!rsaSsLR+mvT!RU2z zyK0|tF%+%`Jr+XS)(-LFL#Ky&2T(?yvlX#lFYtKFD_rnNpKA){zAuTYQ4%}$G8ScV zSsUi0@ZFi8pCHk{2_-n;atEQm%?E8jt)6v2;&u?Dss@%DOvhuC*bG;S;#r7ML531< zRm-g36>4`8?`ObH-%+<7VR1p1stfGD@qU8j6<(%FM4#%_t!o=WGfuIs8AW?&@Rh(% z>Cb`$oso=i-x$Z1)GKB8E*GQsVd3*n9a@elI>3e&@V#GA}$4o;da5LIj&1sN%-@Vq`k+7vFI!6|1y1mjX zHBH?;sRtQF`W^bGo;}xS&QCzOACXM@Bd5%Ap$1-pW9&A6V@5hHi z1-h0=VUXmvQc*6J%2`UMe4a`rL|jAXAs7Xp7UxZQAu|)C%?%B9dD6#@FRIsSn=)Z- zo&qQF&4bJ1^PV&B;>>XsX&S=0cg!} zc$<6UuE=Yw`qA~NUI!!m^t7E3Tj7+v9=2Ot-<#(HGMdo-+kJf)9Hwrw8R#S>X;jdE z*!QSpX53(u)jda`@gYUPNBMPR$k(nj7dY(-KdyTimTUQG8){H^RhYwBlSNvvOxsR$G?A)C6_T*m-p7FoMnUDzZl;n zzR6*vz4gF7tHoz%KbRvyChA@{2Nd(+{Ad$mtEj%RWm}B=NZR8Bt|Y=J%02`m#ZfH^ zCJ^HEng?j{9erZo-o28^k%z=%ZXQR3cRojR=TEC1OU45TCfv5Si_kXAXL@gAF z_(V)u4)Jl*h(f(7+jav?<2dJiVF~QCcifI5s;H6b9_C~-!0Ps6w@ZCM?Y-P`;DP9J zSk+8#Ad60gE$PkGDvj0Z!!_CV34WueTYOGlQX*9?Ri77`0?#c@b^j3hVYe(WXuR=U z?_<5}$sp^o{AE@HpWUz>u5ON55!;#rB`1!AKo*m1&PHBpnf9Ztywv%w44X zwFXan(gpXDG7fq={h8QdqVB`>f~ZC{syLlOO^>^M)uJlKb%phNS+?0*9a6V$h@%=` z2`#K3PQ4!zC_W46^(mE|4DWGI*u0-R&0^Jlb87ddT_le3W9aC?_jIMKy2YufZo+&o zfHoA_*O4@6^Az6AexjmTv^blfC>sxCgrLJaXwZ2GPaloy$d&z2YYUQ=ZX-RJIErLNTE-`scq{_bg=eXAlI8GxL zO^B%%K1F};F#`HcgoWiy%yo`t1WD(AkaRweNGJu3u^aWoznVB_c4NaV>s@Dk1w}vz zzn-TSnPE?|#tb-lO&AoVQfgb}y19eK3J95P+z%TIWoQf*Uu|x67{yLl1=XWm7fu@X z#(CX6kNd0RV+AM`H}*s61lz*v_uX9U$M*4Dy;Q`B@{eQ(?sYoXv11Zcw0Ht~fXB_So!Ku-L2>3;k#TVP zD}9gUU6dB5f(J@k{z**9wh+ksZZ{kx!Z!sGI0ggMF?^u$mIKwu(Rd_;7BEo9?mYOF zqpy{?vC~SkAb#qqp{dl*vs2e%NO{E& zE^r^$yKr}!Qp`$K2}^M&|GAfAEPOfrBU1LU8#DAzys=(M5wKzKgCm zMY9daRzf-K+b0Z+gSp3AwvIxIvb=3x9jxKrCzeBGYt`z|teMlW*qlfXv$ z9;pE`cD_r~_*7>jE;JKiZ6~!c)%^&J*p_hHP1`>GSmiraP*%5fZy^NTB)%S6+{MC* zv@5dAWIueeSqttw*7f-T9r6rEYv(z`ZU=mZL0v(UJ*V^>i%{1U=FCK|_1VH+5S9w; zre)LXxX}rNwYQ$U__>7q+5R%wn4Rk`ta3lrr7VN4WQhrMQBPe9hzjKFX0oU7ChV@0 zuq(t_^u#ALrc!DgVn&(B-}X>x_C3MuOx6T#)U>ltjP%^)c_rnQB|2Q_!bjsq!$rPRiq?jE^Z>hGxtyh#qxx-rE-=e`nqU#RzzI`>cmN1i9f_0i7- zw&B7rg~F#i(_YOnMq{S*o#WKR@*CVCbmt%*E1LjQm;?U~2zp}Ywh}W<@^(=$jGP~2 zp%>f@Tq6--VAP=@HMF_E_-5(ya#w8W;Q{c&pCFCsQ600Xgc|)#eVwe3?ya;}D`W|q z3e=kA@96|$S;FM(@DrRDAYD62$EH#CDCvdOIaCOvP9w#ZTCHdx!x(Ck zL9cMNol*8pMQ&=>>)zVc>y%p~3yu8%`z($?%^brN{({uv!iVL&qPU|O)4ldhfi5%q z;IeyW&z5w*OU*iAe12g8Dp(C$x}3axo!fF~!__rY2A6`Y?3{`?_kzO5svm(as~`x4 zsTOrmKMIyfqEKJBQyPov_sl&|)lEyoT+1U90NVw)IOBCe;_K@kJL4r*YI&7bD!Ebu znALHkU0anlMwJ|g{#-M+hWdBFX_L`aHaSz&-bW}G-;K|q4x#N;r_S;iXF;HE*a@83 zo$%4REGy)+b2!5@r_1(dmz&M$cfUpWU_bra4;kuvGd^HLp=CGo;Whzz`6APu&T);q zI2hORLU$qa2vn`q*Rp5)RYG$!8D-p#vl+j-6K&tUC@VOTk~j&(2lK9;n|qhfzTWoO zxP}CG7d%~Nh0n>cOA6)7+?v*u#^!IyBeyAC;cQ^1F!aeAzbx9sjfGPefPsFmo|mY zQ2%%>gVD{inApDV7*lS7nOai(zS0{fpLPCJpkW$P$3Z$!$~ERNYWt(8#sBg)tMk5c zM1rWNTdlZrZ{(GBH*>j_@g5I5Z#d9Q;*}H{uC>*>ClKb5)e^qEB?kk^e=Fui>Faw} z{^C_aC2r)j4m?;?odnN#8xR_LaW;HUa%du7P#vf_Rw>Y~yzxkz&A_}h;nNj>R*Ty> zSx$=cw%vP^$<_mHqN(HWgQ#r1o9pR2>*Qr)-^PZLat}IpuNSede*Ph0~Kv#ttjaZ&`8zg^JEu&YhKHBQG*HHJ&D}A*10@2t%ZBae#B!4L4 zJT)j{;hBuc&X3!2j;K=jBT4%2c>IMX5D5$I!6`+Z7BV_{m2pZ@R+SD->oYE7=_d~L zlwc!jPRGH!?L@jqQ$)Qm(Vzcu+Jt`4K8{py4ZI9s>3JzctjW0|GL=A11aM*~4YX93_@-0BGTzV&XLgiNMr1Bkg@$hLY! zm2y+X2D_%^J58)}Ie4(7AP855DKE++i-V^xn@&}W@l)7;I()x0!t7};4(XAlLqz-@ zTD^Nl;)dkt)8LekQ#+U#{k2RDT+mstt~XN$x6@8_dc7#mn&93 z2)4Uo&swl1zd@XtN16lCs*N8;S_1;T%v!`?Ek9~bk zY$bsB58n4Unq0LYU`qA!f97=FeBrtVV5W;Cu-0I@N3pvAe~n@2DB9VhCdtHNp;CwA zrsPdZz6VFbq*h!*pXv<1`Y(n3;G9oF4Rwn))l+(6N?vzu?zbJZLvMm^g*a5lY5aqy zd6=~MRsgNQ_M`VZYhewu=W9$&7#VLDNb;_5%voLwJy+0S1fW^-A}~6PKL|BM5)nws z4>YT@&X;{P$iRVTUg2)9XQNB4uwl(w7LY`BBAIgnxcckO(bO|E0M(12ETxVg;iZ!k zzP$hJ;Ei9vw|wd>et3CBE+%2y>lgN+@T`xYipqDb=6k0F)WU!<-22HzJfGWrO{=B0 z%L$|g#!Y%fR5}?`Q1AKW@7AaMW$i8R1a`q2U~*x5uUhYPd-4-;PwaUr>D}E|M;U{j zo9GypdlHE*=U?WkO5VNn^ySN!#U`6!Sv1)XuRY9usF?Ab{irOo8u@SKTYu>=f1Cb+Y?M`d8$qt zzK^}4Hzw-fVq@O1Mf-ZOj|`UW!S@DnH3@ipyWDa}XBp9OAIR$k(<6&qtzOmnN$uI0 zX|cAJmag^98^o}*bV!JL)pUjM%!Hc|+@Nuvtz5DD-X7boJc6#>%if}IfcP+>$Y*BN z%c#LFZ>n$GdYtn7rP~tc{`}_)$pwYWkkGAmXt=z2$a}n<8TOSJL3sF^rK@mqSC$GZ` zj$J1=rfZzs(UYI`DHDViEpSFQMOUaQrpn1y-ojs=5@wcP5;wn&_nA)-cq&XXm1s z-s!Zw!*h1-Ob_^eV0a#L9treJhnS#F6w>{TAU+TjB~o^7h5E*F9T zR2Iu`;68(>FgmWa-!D5Qf>*E4@ShS|SF*PspE$^TZi|n3y9@8>c#4N<2@~aCq z5qO}X?V5=oYTuQA$OC~gW}MXgmKDrs(frRbq@UGd|1F}SLH_{w?)J2dR0v&A10BD!G~lGpm61m$jx4t#@g^iP?T76SQ;W90mil~85D#YV9$JJ9x|b0A zS=#?0{Bz&%hxyL)SsYr4=5CWlu&-OFr3jbDz@V#}yip%~m|ySX9J+XyyR7+fg0Vhg zcilJQy$h#An_N5>3DlO+V|XFl1m$HBR0a{BM0LDepVc{EYjWX>1JAyGY0r6H-cGyq zWz)v`TNd8C+I3lAnxYQ}wgn@0y$E=zi}-PxV=P;OE9XSk2bO^kDS4>;c84K}V(OJ{VC_fnWie=MMCdWkDjWN$PyP+$w z3=WX#QAXH-p-@ijJ#5CF3FV(v`5&4sVeI!^YNZTT?@r{OTE54Z zychdG`kHK3fB)Tx*IP@nxS9z`XR#WmmFNpA+r<|yZ!y(H1YU4Gv?gdK=1}L+gQmDs zsWzR}v-PjA4SUI|5ucarMgoK_IGHdX)`q(Py)6ii$sly)q>}$>*=*W3#pKS*? zNKWDB`OK}|zA8XQN(#$FG)MikolyQFXfgrJ z?~j-M^K9aj4S#GAE7w0a>P!)idwU627;ZY3S#R0)>^}g&fBpAJ_KjhtID(+>@~>a# zCrI(f6WMdleeII(g3tYWU4G$o{yBv?C1CZBQTC4Pzd6uR_Dl+teeh)dc!j@ww?BX2 zOGu-MQUV7!Oa9(KKY12Fjw83Y1%9DUzuuRBPH8{t+*di@TJq%Uzd2A>`MiHjTr~9S zo&N-K|NEPNfnK_*emI1f)BW?ze-_FAc+OnpwcGji8Amt5|F`-4S@!-h#}j&q;z1|| z59$A#1LIU__9Mf65^kNqYYDcB4mvH@hZ_~2fz8DK>&yQ6-K(zxa>V@}NL$4j`0@vM zwr}pCqpi5yk6=jG8*aa;2Y%O?zNpTTmWx2;Vjxo165G}`Mn-j}xIIdz{qOU6=)oHO z-+Dc9lF!D=mun@}Sk#_xe=2NyoEcE&I>ncxQkCj`xTjMjAK_Umob>wXpQrR+HhnJg zI?CjsBD01{_ae_h*b(D~2- zo*Q-LCPlOZOhJD4dCFv!Yy~`KnwF9AS)0=Sq`q+yUje-mL_}k0`6l^EYEOc&5@vl! zezKyWcJqMPJ)q{{-(REZG(efNe(W_K9oBX3O;b}rvJB14R3^AYRRWoW=gex24z`E^ zTtVfz2X;fbBRBYNPx(kI`(xpju82-7>S^b9VHt_+r#c;={WGvZ&p`VlCdOP=hTgk8eJ z>+0qpi2eMT20Pw#Qmboz!qYA0yYne1^F^vZhOgkU;6n4uy#rD3ECVsC`p56z1Gavw zDwz%}Fu2vIb`mP5KXa}5(MH}=-CG}yrg-?^!IQ>g`w!k8V5~hMg%>81-(kj!6xS-C zWs#)=Ph<$u_4QWstZxe=mrEGTOp$u-;!^H)(i&H4+F7)PJw5r<-+wztwIpo^gHQoh zW&(|@`973CQTn=5S*yvu;i$}!};Y)Bj~&}oN2-Ly-0G!o4E8k93X z4A!VzIXFz}EOneW)~fPpFzrrMTpP||fQ#ay8^*XT`XVQsSGp2;edSyf%A;8|)FJMN zvN;}h#KMphA)ljaAo=*h{8&V%GT!;x_3KdpTTd1tSLK2Ojcj*K-O%m=F?hB-O$iNo6{g%=M||yc~#YD zk)!^L$^hRVjp1vU0ZtR>hWeg70)m{4^-|Zo*umq%Lj59fq>yr56UI;LzgU3(VJ`gg z^l9cSO--jWmEUuv=F-VLptptVTN(NrpG=k;XR1^v|I13ia#h|7&v${)Q}0h)FjUmV zLjkKLgG9p$0^b8}i9S&AiBEK_z#Ro(XFu8N)s26dYd)qfTSp#=GzTsxgKG5y;wHr? zI8}w*s+%Y14Z@%g10Y^)Vg_~QnM?3ErNr4uxf8vrKJ;QuvDuJNXCiMNlBG`M$GYs+ zK9SPovOyeM@w~V<*ES5A35Md(hi{wkL`DrD9!{V23XJ-wuzQs%woDr^_^ijG8fs#j z3anzf#Oc0M(k>kkBU_<(ddv!(E*J&D&M=9?A#?x_KGOFDTVy*^+KO&8nR-SvbAuS} z4CaUEJygzk&!#V+w6L&{;niwGWbX#mC{&eQIo&EFXd2Dd8q?dXdC_nf#^rn%;Wokq z4UhTCQEv->8BpqRjIV>%=3U+oCfdTzp2}BuVyd>PG9!Uj!8*HdEe=b;eo72$$oziK zLhOuHcnG8_&^3Zm7-Q>1y*nBANRLKK;l8?#N4tR4lT0vnl|ep^-8llqw%YKjEm;`J z#7|E~PR@Gqim2UY@X*+HNdXp<>h@FZI?z?zKBB~e{&=Z5;pR`-QESt+k~*NG!v z8H9tSV$#J=`qec<-wUt+hYdy&WGSaxFvua}4+V@C#`bd5Lx(?nm@H>mQc)7OiA&m9MZI%ds*r%&@lgwP1ASaGTx!88Fi-&6ZS9i0;{zi*%DWV-#|g)E^g zu1q;*5YbZz*}f&uwVf;vc0molbh);bl9h`D2&WCX+-vuTvU-c9M)EW?SfV)`0wT2$ z&VX~ar%~0z6XTTNGV7xsg2AIn^u46Z(~uo6sk;|1Qbk3GQJ7<$FXUGx<;Fi!Y?ZMC zLc{V1pw<-VJ^W&!<5rN|M5&n>7K5nl%ETie;v*oju4qF-ytNB?i67pg7Go=F+{+?R zIjJhdIp>;yfrXpfJN|A{xtX_?%i5sk+x3b&ZtA+^umdWVF@fU*)TUcasmg?_K_;@i9K zX>iX?X9E&d=HP@Ko9Lta4ZJyb^>)4sJ^N7m$u05t)gIpJ?9`e&)Zyh{zhq}yMveDA z08n;6em&K)UlQ>zBQ5j%_=E7qDAnIcX{VW_50M8vPEW}qqi_3g#qY(D zV|WBv)|ppBstjBKnck<56wD+W|t3QC!@FCGxgR&O01-P*fn zF0{FCGn_N#O18T+>2F}}spx=MpP}NK`>~&!V-QBZP9=k-=2?AJ<&OdmlAV^au2%IG zNdlEo5mFdSMb`RERicCaW3;86CnIJ(!>B3lvQY|yD}sQNXsSFrc0yDA^a;AHhaTst ztGgx!zT=&qEOqsIIIL9^!O=uWt$;@4!9?~Ay)uV@yhJxEM-xpHqpyuYH><*nVSG;^ z93$8_1ugQcT-{$Gk#LF6WnUI!7(U0)rre{XG$Wacw~DMN(A}+j`t<4evVpIjJvFsY zHnhMeTe4j-iEqj^&&R-ydRHUlUN73IK%0L;hQMA7H+{VnJS&D1$uyYt;crEF;q0nv zy2&28k^ns@W$Fz>sO_>-QPcJXs zizG8S^}A^Qxk?@h3U=eInR%+1=W1=Ko&-XpC;UUDl16{5^Ephc)pW8mfqjWwO)vj_ zwb0!KkX(I_!3AyFSHLlNTnBZVX4_eh_N=>NA3d_@YYAc&t@O;7sF{9uhChck9^0Dr>NnsfKQ1+hZr&?+9{)&( zZ%TueS*T#EBA8Wpt$b|qiImjF;;7x!M*0bhUTt(;^2}ud_chh=$r-P8J)QHz+xPpb zfkoWYO<8cNDg<{$s921@nG4})u+HOi;~R>`a{DmI-Bo&JU|}NR|2eZvtU{(CR!RJL zT6f4JScHr@Q!Xyr*gWyaPUW28=3^N0#EQ}c+4mS+RSpRtN*}yx6xhI?o+zl6p4=4^6+8y!C)h3I2@+Iu-ULxnBz#Wjdu{ad)0X@pbaltGbh+7UOdZfZMU1`yR$W`w8B(FV_}&^4vc6 zr5-3*0ENjSW{I)^POdCTdO#OZqX*#O1$G$tYZ;lz$_86OQXa@;$Di$do|uruEBwX?+Ht!~OV2)q_GWYOh~^;9Bna+mkIjr9s&uW|5b zyNWM{g)s>+PHsQ$WcO6ZvT0Q2FZD&Sb~ZwYd80PI$o<;k{}LS1T=sKDW!)7jL4CW* zrd{8odR>ISVE2H^H6=$RJ5|K4pqFPBE+YDzX9>JE%$y+PS}P)CXqZM@4#i`&IN_1U zSdvi3+fHYvTAnMJ>2kHl1^V2JKYTdNWf!%8( zHXAiOR@2WD`Ro?;($AK#!GK*3XQGC{mz z;5~&Rxo{QVefELqX-NCvawLO%b)HM^7FVWx9ek+lHX)%gtL56x5EhH3JEq>d$(V)I zgm^nIb+8vT?Ujlg57Q*@=}Bd7j(^5pfr(gJMh72`Im}(0Ed$czEw* z-&&ru$s0%N^psB!kn!#w+=rZ>c$8H2Jm7FwSv1JF^+Sz!;7xCMpgn^4x1v0f=QQ6h zPzE(;NE-USu0C=;9}r`6delu>aVm9eo2{&|Iy`*&+Fi#gcXojxzn~!M=uhcwqc}$>o3@K|$fp>G+H>C~sYcwS6rw)^I`B=* zjN%2Agm1Ok39*Nrl1d#+=`xevCnq@Hw6D+MpO;FPn`+vX>?NB6KuMyWg=O)n?OR#j zGAe7Feea~WiHf3ulR%i=#@;OJAu!SJw&5v@gPGmR(@b>aRSvWBpeRJ0hSI=?aF5L$ znazWDmMBW8fcoWb1CyYW76m1r!yT)lAps})Z|gN;%*q+Xb@r(__Ht7HBl`GnxkC0p zAUPP4niy`Po})@j+0an8(&uf@VhXFx*z32BG6=2jCRZMkLRKOaxVoHx4`DBUowy2FkQ@dIJFT0ymU> zKHsO-R1|x)tjS`k+Nuo46P2J|KN-ef{k2z8Nz4TP6>WHLZ&RE`+ibffn8CWF@oMc-<6~RH7~TWUXImBPjeV3<=aqV|UY{vTC}U`6Ixu3t z!`(waf|PX854TxnvSw3-rcBx3*%3aJDRul z*4Ht(Wep;N^*d=02{V>x8E zl3kK4Y=&xMLMeqoJeoO1jR4e+vB^{Yw8+?k65w|jRc)leCe-N!-9#_Vj*V);wup-= z)&V9MlZ|@O$4a!&B+@$5hYU}*ZcnKWlotT(OuuN~JME4*4k)F3J1KVgwN|xdNp^}e zHAjm8DQUXS7<;Kvv+t-X96f&$Q3FfU*H+^-@?7}QzJy~I*Q`48!k)Qm(#_x8YE;IW zwzjShVjE}h!OMcb?#xcDCE!R%X?)=9RJ2+YG&>G|5EO^nng_ zN2?&}<5^#F^f+iARFwX?J$l)7Z8%o?`bzDHU6ITpI!`?dqhMFdYYP(Lt9+D*;u{ z>RwP6ujG=8c3SS5gl4o2&@Arb{}_5Ri)hgK0Dyi2sc7cQ%tYazW=>L5Q=P&R*blvu z)GZWHwM0|~00@qr0wNQxU7v$32ug7E!1A-QFS~l(ZIhPP*3P)aMb<)Vwcd;;F&-yt zfQ+(`tSbw!|9zd+%>>E|Lyn7ZaF@NsRo`2dLP+<oL#_>j(l3uC?+>G`w>tX--!J8(aB%`pH zk|1)Ta$tc7{BJs-=_e;hM0$eZ%vKTAu#8I8$4~e#{#XO3e4<2`*|l z7%^KFQC{C5t(>G8^wa+RFX?L@0FR?SH)#8RLea>U+5kZJsjubL4Ep|BHTljcrih+o zL3tpedVt%*#66I{F8|I^@6r4pX8~+2XC70cGdy<5RVGvH{`yybietY>-=WcTf2k?> z@WRy$#@iGWY++=4#o{@;X2O4epJ?V-{Ui(sS_FRMhySrOZ<>H=$_`ez<>2q{%|8di z&x&oKiGIITfVeI3WfmxT9O5V!j(&Hb1t5yv&w3?(bBc4Dz_{b%o3DI+cOW+)4`S)& zG{4sIU&bM4;P5*b7!4&$E`}S|_`PQb5*ECDpck4F?dNBg^Qj6gmztg91rZ6Y$z_{7X+sNP1=d*!gL_pD- z+Zyl5Z=m+G$@-E2<2J$Xw|@ujpACfK1L{P|d+~R*>HpO5uPpW4|Eb|$2=D)?;a^(j z|5L-ia0UP84Sxb)e;A(q|MP}_focA~yrF`h5IZ~QCbifDfR@0#V@&iHlKGzzz#rS9 z%Y5OhM%O#tj`jGHAquV94gQG|ZUtjwV{~eO|AkDa)@y?qFTHDOK)u%mDcXP6(TfA% z8}*6~c%12Kkcnw)?g*95A_=eI0ako{seisX&aT+$;KQuhH~v}K7&+n$gIP}^Jv!F^ z07U=g-|9&K^Lo@@h-KHA4`jJc!t(H}i=2R#O4v=e(tef}sHsJNo}-BnWiM*An*w*8 zT%3<&wdm_!ZxPh_OB46Y54_GA(k^-|Z`w>-DBbdU`r#h)hFFnpu82P7(b3%3?qfm$ z-(L>=%Nele0^su243OuVw4kM>RnBmvjd+y9!G5sIuT{OTF_8Na27<!>Q1zG|k?sOoY9oN#LHQE478NFH?dmARoSp)-305^0jcCtW*I3($(n&E7 zHpI!;?CCgC7>tgjrF%BD{Q0v43T&V>U<1lUBdQDDWuZ_mPbqE@PBGYMCvP>F-RLP|LHl4K zTOnCQn$K?LK^=A@W@Dn1v`X0tu9uSex+D$6PxX6EjgFTugg<-MRs;8{zfDYO_XK>0 z(EN!5(5((+SAv5)kI}Sz0@*qqyQ_?k5_x5(nZG7hR|~i!1MV==A87bL`k}L|Jnz5j#gjMlN#6qbZ=gHdk_Dqe$@U5fH1<4AKT?Rej60W&Z86aWjlZf_hj^FHHz{)M$5d^U zDKp5&(^z`#^BBz*rc6yaW|lSDL^Lu!CR-O#+}U5rgUi=&WuiUcoLftMW*5@#1Rt*N zTHfatFze4BtI1Ff8dwYgz z6bsqt$HA`j-u#1RjuBJk^&SwW+PTFvUV3TuQbk2E&|S*9u*742Du0z$WT_7Jm??DVuMiCBOA_py5(3NK-cvbi69@&SRd1DCur0Yb)d8+oo= z@j=k%^FzKTdJaW0QZZx?N7kZ+8r64_1#Jou8tr31JJE&JE6vX)USw+TZjQ-(NVpcm z>U%21=(U}4c8!?W;Xe0)<8v>=VN46h?^%yfz<5N&`QhE=eZSv1UbHbuDco$@lC5O6 z6ko!qps68L;Xrq=?e42HgU>%&;2kwRk{N*DIP25t2*4&tEL-bTyoAk-8ZHASvGj`q zNnwF?j2zc~0@H?*bra8h&C``heZ-89Z?$)!U$?~-QAVN6s!Ddsso+4tQ(j_n*GYRj zS8IeRHS(mi1CR9|mX{B>g&`9;_U7bPyvc|oc;G{nkaP`b*}Gqr@Vl+7p3Z?yR|4v5 zoc#V*DaQM??PYa!M>}6+mJf5)rjbBh6L!OEg#mX|spIg;a}%>>KlH;@+o?brV^~KTiXN@cVs(#DaR^T z$vU$G;fbyBY&zNd`1HICfvL6giW@e6P&41s2t2#P4kSA#P;IVFq-84|`GVW^H|Imi z|2HBYd1W*Ng?nsf$N=INt!gh?HK0z858nD%MU%SLdkIVvMfR;BG?CXvBM&;efF3fhuJ&}O$E8lK? z0I8*Xx<^RJ2DDR@4t=b$oOz1DOfu62)mY*zFDo*sPOMd~46f~&r_r_n_c?TDD>W9Y zv2je!t$gt?a6`|q3We=^IyAa)1}%*LRwhm(USf{eO_T)fT9sb&Q$dxzoQ1#j4%uzVC z3P0MM-6eGI>Cv-G1lcrL?`pfFDyk3=SDRVWxB!3u4D&E+H}}2z%cYi`TvZY5tHZOt zr)40w%?X>avnpgtrRQ3xR%H{>hv8QMf?#?1azMZRIi|CqmuyPW6N`>3S!7H+?t90u zd*35}mz>W74G_*`abCFalv0P;^L1WF`@t?(xEpRJwnPEfSB+P2a+c^1`JR^SaSYI` zw%RL_@jABq;*Re)t$wdz?i}$P!-(!d^f$KW_J3F zFj)P;%;Tyi%%Z}2!4=A_J{#ry)tatYj0FC@L_T|(A&b6y1nSn=&NKefZqwXZrCHnr z;F{9RxWlv8rbijIb-y5H~%Q{+v%Wfaq)yoAJ?I*rD9chi6IEhk;I-JRO|9`irVo?=z6 zZbSS2i*G6a>D#+$*V=zEF4e)_a@Rd>ZZ`f%n>M}>JIOO%W3eg5ubM;qZIajKHD#Jy z=CwgU-y+v-rDYM>-CCulduwqJrmvDeCZ@l9p#fKE^Q%Qw7HC()!GY*XD!>WSgWYPI z^`N7dD+cb}^|HTVF*`T6|05tkDp_r>1m1wi)QGSjRnvG&En@0DEUQzHlshHk^LuH` zIp*7rJX~CT&hI$l($mtHJ3d{-=TOJh4|gLK zQd5~RV1TtaaC`o%RFHxpC+uzqR0)7KP(Wd)rz<>*2u=ao;xKD*!Ujmzwm+w7H^osi8f26Wuu>s$R6 zs60ZEypm&S9vs|ea`q&nbiW8Wb)Wb-Zck{R)Vp)clRoD8wY%OA`LeLgn(_M6w@Bft z&f1hm-;g2BbegE^W^KQYp#6A&w6FpZQOd9I?ColnOYCaJTnCYX8kdDhf`7}117A)C za@_8H{tUlkwg4Yp-E~GJTjn^&PW^ix`%)h;84-)Gguh;#|LJ1>G!@-tAdo-UHFy+Yir6NV?0(q8T%;aN!QjpI>p-KdUgmky^Wml>lmbLpEV)cpMM5(zuwSLqOWLx@+_2L=aj z4tnvwllb_aa_+Q!3Oq_;pHVFk92WX9n{tZYqy1j+L|L~wjE8}lWBNV?{vX2dJm8H_ zDjmkL`nXg^Vcad4-S}G!L$}=X&OyR>y13_W5}qXg9lY_y3`j|Aan)*hX_k5!qb&ud^Y{;9(WTzw#1@U_H~qMV14mqT7OY<;Mo z)xG;)#m#Z~jK&v=v71Jz5LP%RB_AM_f)PZFuU=Y23gFJ+cSLJlaFOey5M-dS;lsb$ zOK+UDc;mCNDxrS)l&fNj8lov!(lDn%egj3z|_FXt;xTT_{GggF? zH;$l)?PnR2eI7ixcPy*jmU`>Iz8PR>;c3%vL(JBS_32*S#xrkx>r0{>44jRe}jG8$yWp>3| zOZWqZW<8&z2+0A7-a~%^B>F)KC+7U_bsA3Ls;&eTrd}}%`tlxL!jB9gbtykHEPi3E zj?~Uddo!dF+ktHks7$DeE`7&^Q@(Y0J+HhDm&SnO2wbaR@W(`ZVeqU$PmMvi?>uh$)VKoWv+ z++vQT+Jz!9tczy*VSh3fzqBHA?PsOj{gu@mE3=0wCpxTZ*3u98vkhY}_)F3EUt*Rj z%%P_RuJn4tpvJ5g_J?$e-Fa-VbhRr+$G;~|#J|@wGTZ+hgY}|NFt22H^=ft*%rFa& zf758EK|#VY`)%}z_%>Bw)n~C9@f&}G)%lV3{7I2p;J8n<~Ye-ru=Brt^{Hp5+eYFHFHyZr8ELi3b3py8xzp6S<+bWmH@y0ZgTT+s+!ECX{ zF*D(wh#MTVJ;NAr$sBIPVux%rMRtDqJ5Vu$Ug7}@wvD)DlsA_-eI0fApTd5x*MG;kD`+-M^kYg=IUOX|+0pJe!?*nt&BJ)DQY&FaNh+ zej|SEMah;3rb~RCucK*&DZM}i$JdD=^E|V*;}1$?=tK_Vt@y4Jhe6LohwEKd5JAYl z9yrH;VMX+V`bc=5Q$w=YD_vtZ^kdjP3niu5sa4P9xhK-}&u8Jk%trlt;s3Ri-_OdG zr1i8w``5uPn7bN$WIqc^U_8T?tM^}V4iGj7D;V!>a7`^pU7cipY{8CSlNAXV^kz8_#qLD9$cEO~MMz#MGn|{4KhMqt)eycU=6A z@>Fv_uFx?MXYEW2GI}+&P>oxtyQ}8)#K`!|N0+LxisB%fTj>|^x@LWkmB{$*9|k~u z84*Fku4~bzKrK@4EbG^!DL=gu8M;|l^>W#)=QyD}7_ELvrzyts^GczmNiz^I_tskF5s zTYLf@wDI!!F298at4vF26#1n0B%h??j^s22e5NmDg*q1|3l_cYo+l%`y4sWuockeP zs9Qs5D|=!E@bx;QnNn!O+k{9$P4dCwzy18OqR0`bh1tMorgY5 z9a1rxE5)}^-4yrCeYMvR-iXBSih@Ixpw54l(fohxy=PdH>DD$pDk_d3GLBS%QB;&F zUAlsRqJYwSq#GchbO<3L3PV>BkP;%j_s~lOq?gbkp+st=Mp{A$N#5IC=Go8p?sv~T zf4*POzZ@Rwec$U^YhA0I=lT~ltNZ!nNc#PTpI?jw_5fP8U4Iw6DUN6)KdAAr^8WDU zlH!dQTi(ey**mX(z9^}tIk51CRlt3=(ii|J>d}cQd*PJy;FSQ1-HfS0_I-Bqs>51` zvYYj+JfBA^%1F7#u650SXLn99VmvW#@J?jT!?oBz-hkKThmSEhQRcER)l)) zVM@T_fS&`l5)aVzh}FPJ%g zZxP3UIeCsUIyhiw5(Mu%E79`aZc;K!TL;+H+H}}NI<)+OkEsJjSZ!bQRf=C`{95>D-}U#q@}_2GtXhP~N*&lbiK4@wdvAJzt%)|Rf|*90GgiLzZ{ zPWmy?s~MHl4dnkAfM{IaN&+&CN~BUriFc%RQD}J@b$fTCUTS;YW9iHG1%o_2v4FLn zke>7!(xfZhk$#-&*Snez_u8wT0S0jgg{cSo^6`!%*&fXk0jf96@;^mW4g@jAz5$*6 z=2DPDmSm4k1>cRjB|ypcJm$SHs$zf~_ScZ_CO^>;)&P`u^2PhWU))}8E~1Z=_a)3e zlEn}CweWpk_*I{syU6HZhn3mmcR!Lt>h*r~`A?qsA2)fD7Qo5KGh5x8P1wVy z8w;@kRX4yFCa%2$%D(X~$SM1-t8xqFUpnqJ!cIszCVoCTdF_VwIX{G&=q0Jk@({(G z?d7pBR>tF%euNNtfA!iXE;m?TJkPaph!FUNNkzc_yRG~UV3a@jLh&BIBmLEzkbhH{hg5Eo55U&xg2rN*KW> z`=LOMhd*$0Jn8D~gBfIXypX;Q`m}&#YrcY>A2mNjk7jQB>Jun2*fJ$mu>OLV()^$l^*W`sa$Pa! zx0*oZgCRi@TH*`_#F%3d*nX1vG>1N`v$~%#zw{b1leD;8kcZs0C$6OLDOWgSz<&?)&S zw--uY!W9}j01&sGey>nSzD`~$y1x>?`5-IISKOSlVrWj8|7y8FQYX?Nk^5)JFld zNqr+!{*3G>yFNluV=kDWLRIt!DB>LshRCyC5Bu7Nv)<%HBQB*?M)9pSVB!Nh7HOoVj?rY;;l02k`2ImwIZo3 z0+J)F$QT|4s}xy?OCkHI?xT}Y*#ObyRAeAVmGP>?E$_6jab@LXdh@=_Q-IQK^+=k1OkR^}}=-MhgmjajGd`0Pi2S($wiat}SpbUirbJeX9)h zfH;+rns1lnRmx^Hqd2BRYtdOHD7Sz{Bbmig>5$Ko*NqA?oLJ{!0AB#FiQnKtdU`W3 zh2L`B9XxWcjV-Ki$W{RNw$#KLGFBckGrpU2s2(EbK*8tSF_si1fj`>&%{IX`<@gk$1Q!n2@gxaz< zvMa|`die#bk4v3l`*#2s@!`Cou7RbNO{m42y>x(?o+`BO`u(iLG`i~$&nPypygq(y zTXFY?*ZT%dsXMXVsnyBmGHpCx zM@WOy9(5teU#>;=X$yw+%&Ay40EwY1DI z%KMe==bzsLW$Em1xuZ9fN;IfS8+KZx7qKsH3RJh*#$S(V(z~07ntYlf$2zBbcvy7r zBIAngNwvJ{y6R+yzQj7uj4BnCIPQSWi9%z;L$#w%Rsi|L)?>w4)G5(**=Kf>U^7~a z>UJubsPP^gk@mtg-TL?2zX%i;8`OJdPCjUBISksG zIe@!19JNx3b;lsA=CRZxY0GOy7+7b2aw!zhF&=OIQt$x`h;n>)+u8QLPNenhldXtN z$Ox74F6)xN>D3>}^FPD>f2L#q+F<&@+msyA_|D??$nM*8!!T&6zPrNK-c7&AM|t{p zCft5``$#iiq7&vQVp|QKHE_Q*e%L~#pT6*nqT$Um`h#{PPt&HtGXcQD=?BvTV(+CE z$jizM=aHKS&qwh4q^wkcqT_v>e%>p-&gD(pH`dHsg3Q!q+|H;S0>Gwk-yXblYzw_T z`o0uYYm=FomA#@Xn;lr~;yDee&E?7-E_hOXm|T;W&U2&QGca5S4~74JNzvPkN3K}n z2XyjW5fvu0V^3L(tIjlJH7ziB;9^vE-DiE`os0b3Z_@CTYl=Rl(y}Ecd(#a*sk3OK zg7}v$RWnz)Cn?#(>qQ<)3}RZZwheI2G7u_Sk>J^FmI>`^QWaSdX@xdOsr>kzj${t*QV`iLt31yj<#j z7sxCtNcBI5u%W8a%>=9Z@gsou?Mb-GcAAA-&L6{TRnAI8ivWIo8LRF>A+PRi`xaY~y%+J6WC5%VDIV3&`?boxUbqNe+ zqFj6$8;j3|goJo{#6jK44H$#P`0q%g0;`@P38HnAr zrEQ0v5zuB;80%Ui(9`ysZK#HD8EM4vMEV^s8T2JcmXzJigST~I)EFbyWC`)#W2>?84kprK!aquPp$zlIbR3QJKj#0F{hu`|b2;e|PELT0aBop`8&Xu2OCji~!82 zyjj6`OW@4(^z6zdqpq>fi)?Yy2}!Q+;ohR_5*?{5oR zMA4&0cSQe3Ny8R|%y7}+Qwzi>4#Talk@MrW=6A^#E_j+l@+wROSEI5mMz6=r0>tGo zs;0=Jz_8M-XOq_pW`8N6dMs)+mOhBrdSJ5UI`k>M5%UB2ui`hTD?cV<_)f?z=V8(> ztg>sc@q)b3(b$yo>>7ZfH>Y7*?!r-E9mC#+Cd0I5^wrx2=tJ+v(&Sfwkt5edp&$qx zrHBZ-Yv{_eH=aA0d-q#(4dpCH!?CX6ELBg8e8Hk@b56u&(PdmnoSGA{YSd%77r$xe zdV#L@(6J2&{k?q?(p9#6lMF4oyH(S>9+trfO2kTAb&UPD=0HZMEy;QQNFm}?Cr-Zi z2!bZkPjBKmSc~Yl9X%@(4B}E&-&KPjOO(v3Hfji?M|N?#%a7%bHeV-swA9B=TerW} z>w9<4XToLN-CHj8=^B68(`6`;?IJ4%Do5kZXPmpPcjE>CX_OkB(N7XOrMism5XU4d zVe~pmj!m*@v-s4yUYraGO-}@}4A05cHUI*>01vjlj*RACbw7LNOa)wH<|5c^=uVX! zE04>YUQ~_73i>k6b6Jn(5kc}&AAPVtIT;ZqvhRV{+r@v$wg|KdeXv=^P~rYTH847R zeW0feHzvVH)c-|my>YBWqz?3(EH(pRAs!wPNd@18h) zKjhU(hrX4P%2p$e(elJmDaXh%qh#4sKiTSxcCEUM-XD=-k{%!AKs}Uyy4FMA^xGG1 zk?JmhmA&0}_~++>3}mxXNL67m<21dW<+prh@!yzv>WFa26EBeGy7QX;fC~9qNxu}; zc*P_oF@IsKYz!l!e!^|l0f$&$f3BOoM%*?Q_lbD5lKPc3 zN=xI8$lNY(SCCjyQ_WqM?pImtEVTK!!T#_ZmDMG~5o0vfr@pap(3pBrDYg*Fe%Oa$ zq*d)u^UX}Dhq(2!q$)mR;pl`H#9zh2PRBl7&M$5Qp{C$Q$f%!V^l9s>ziOZ)&__eX zIx`L6eYb-(+<6W$ssC-dp`UlyYBv<0ZziVD0FN+kGJ0B1k24QAX}P?Te{TkxER{YQ!7gY_8E zd_D~U?I@je_7ssCvT$bq8#i*&>^!CsI8Jz3>|yUaNnUu)CfP<6PSbY zCI!t3@~SJRUnp{Df7gZ2VZLOOra+^$hVS$a;0J^^IWSRZ8>n@FfR^Jt#@Sd5gh>an zPeiZfZ^yB0%}}>c6sOb`Dsioh*}c>2DsCu4!$5g`3;s3a=;MONcGsk}d|5Cz=68}< zVTo3w;903IwNt-GW`>?-(-A2{8AN{er#hP&<k+qL(zx=G6OzQ3 zy=m<|-~V&0^m_8eW_;sh{sgyJ*j((;6BL&sbk=9GCvVY|yY57RD?ZgjP1=-epI*3A8D!iGX_5-)R%tt+kQ$U^IOhGkS`*806kC zk>Z+t)9`v;6-GgA)`zS@DPO86F7z4??%>sWNdVf5gna^)ExKcl z!Wz35TiY<@+XUBFzqerOtiig6?>RVOTi#Hwaf04jcFKyVKYS=!agSO`33?rOC7+ur zs{TH!QpbN-u_)hULqZ*44UQMm9c7N=6V!~K zE1l&Rx&M5l?d3q?JXuWLLwX6E?0T zo>55aU`?EGkrnU!_%n7~Ok}*K$g4M!0%Tp(0n~S0Y!YMlzN|kOwjyo0qSg`AbdFEz zst<8Oh0Ub%XcvQid`d*0ZsYo0_4ok$udy8SgG5A-IyZCht+Ng_@LU3)$Wh>8%*1mC z@0d?34A^?zx!SdFUXNKaf@ksWAD0Cbzu@t^7}|@}r!GfgkpyoPvn8D7s!hPWX4X|b z>Mr-j(@I*`4mLEuN((D-mK2enR#4b}Z(>_UnRWwF? zHesqOR5ab>q^93~VW)WXyF`}*f8=aH-eCA@x}uMh&(8-o(lR60kc<(Y;wamtxTBFLt9femSJ~QEPAAX`XF(OkG*@<}n9CknJ~g_v zxw%c4F>#ZJ)1G|;yVPQRWXH&rv(6!deshB--by}#F~zef9+Z2N5w*FQDYo?MUKH16 z{eerJ$}EkT&co#-?Hqr`GxiBfhj*GQYkXNh+p+`*Y`%}elo{E|^~3#)T|0W2eE>EZ zlq z$kM0>f?t?fqzpHbGjE0&#uDz&h_K&jCZt101sLBO<;X5f7t#I)8Q|>>s?%Mp=C19R zMd@EKb<6{rj$N&xNe_UHCQxeans;!Y7=bp&7yqV^toHru5$wwSpf$3-`)+#0#!`GN zCiMM_bW68t2tO%CPjjkf>S;laMUg2$g`g_XrkJRmUqd454EyPoArHPZI40dR%v~C_ zuga)d7WqSZ^b=s0C9-7H-AF67ue}^P;&4(`7#_ zBu?~Y5abZf@Yu|RDjs|~QC0Xs7fbLN9up~2<<xxqG-lsbhqMXLDJ!eEoH_or~Bq zLwyB>&1y{WDxJzmH}&9UOjuGLV>Lhd_!2K1Yh1vIB8*LA2BYWb)ik!Y*ofTrHPCS5hWk(1_Ac z9^pB^`8+G-O%mfM(oKfiPAz;ckB}ildy>{?M-%S+g?d25M(g#0P}Is#0!d4J3)l{$EJKBtPn=Ut(*+ z?Q~&?-t@gGw}EQ4x%tv7b^cU{{K|TRiyAQHy_br&N^oynjFquF*exL2HIM3ul)g=; zkl~6!WoBHL2fD&&%~k?k9P|6k?VaDp(U?*wptLnS0cJ21)?P?Syae4*QV5q0k zJmVBR+qkVT?T0?m_Z!FvTLR z_+ksvFiNLFjkb!Zimbq7pYhPWFL`wEskqIZYSM^D_|BEE_;b)A7cKI&hJtl0QLEm@NZ`IpRAL)b{a49HdHy?{?1HWYIo>t5J%-tnZDMF zTzhXUhqn#Ktc28Z{c;$qMC?7Gtaf`-dzFAbFmBiwIoqe>srjjrpk8vUZ_3ZePQ>Dg zZP7=#8pyO)*jMY#=TW%7mg=vrX?{!t3qoP2IX`5xa5L>ogtW+j=9^w@b$+*L&VbYs zI3WhNUriG%6K+G-V0lZ#TmGFAgj}dDN#Kr5V*5D*1sZRORxjIs_w+ z-?-gm#_O_yG}efbdwR$9>x;J6wYb;9_Ot5P=DjyC@?dC!q}s+i?a@R_r;DV@=U^iQ zbhCQWZd-J-MD(ROD&&M^sD)&70LqSQ+YYwrYBU#R!c@7k9|+i_+!}k+N#6>LKs)b#{)%wL*N-Zk!tZ zo~p`~v!KqMH%72Nf5?1M;PE1%Kt5pTF`O$K5{LI8_r>wM>18NLWJb zQ=)UNhti`!2pYGl05M!nvxi$(#JPM>ayr&b(wO2jKI0l!R<(K?<1aV+d{LL;b(j&( ze^cW<0x}6OLwg_Co^}rDFx>fUccA_9Met1Hlao7NHO@(3RMZomSbO`5g=NJdndu$Q zenX$`2Hd(8RxJK1;e@j?+gvbo1s^*ooZ1QPp!t5A*RBbeCWO_7y_**8cXBBT*ZQrT zxB$cX^$?Vl;?BwEn{%~Ca+dfJ=N$7Z&1$f@sUH$P2|5JK_|ePEWTz)-q-h~G6RmLP z^knk~3M;1_=C|`#c;SnS6b{UQVhh72 zYC=hXA$!oHW26|Oa*Q=K*s!r4{Aa<-_h4pblNN!(DlEa;505;VgFAKAX%#mnChO21 zU-JmT?eq|Pt3wQ{uTi^IAiIkcxrGE zDIlPHQ>hE_*1f(!_TEJegbi#wfpROm<6NSpJJwDrhF|(RE1y($8XPTT_xo(V|3L{u zNshLUTOR@EF>bK!1uaf_=YDp@!VO^(NT87W#hKN;@u5 zsU+FVv*()2ijx{8kRwglV&1Z;b7wHEh$JF>wUd4YWyG{>*HS}Un?yg@_G;vVE)Eu0(k&-BGiaX&}Rbcc-tgOBZ-zu{< z((7^-vf$z@$+t4^=PY|M8@U+qbQxlv)00_(rU!O7P#QcqKB(-YMt8qIW%59b&f%X~w3E43>`_K9Mfbqr~sIJ-2~Vu=cbH0(TW(kZn5V+7ox{99(!68QjK>8wlT$e1)Xu~A^VI}!GI znp}j4y94{EdBbNcI-}opvdjA@1|(VZ!2(rxS|B)kU%H88;mQ%E1S<(-v+?f9p#(1| z`^`EM^vGCjZ{o(GBipu|^@5VVOIj_u8shsb?9bwwrqjpi4@uCMW0sg)`vqam@CT3lPtGgiSi1cMQwTJP$24SpNFAy2&nequEq-#*0OoZ~Uff zd(k{KPmLx^tX+&%%Fg_G_HZ304B|kSHXM>yML_PB0b3K(TQ?>-iB+y9`{J>e)nV+V z(QltZsG~^6dyLlk)luGJq<+`F1P(;^+!Sr?y}gpTc~H-{(-Y8aGcaH{Dk!a z63-;6A%leBiTBFas*tlS#cvPve03v9gGwHGEwUMCv$?Uck7|AkIL*hXEZ?3SH8J2l z$^6US&KHbplSdW&#)GHIwRhWp4#%B;#xguZpHWhxn{gtOnOn30?~|Od7j#z$ow;B? zeB~qeCauXYPd7EOg|u(q_j&&sClcw4+xF_X?7ix9bg;cl<3Z9E>d#-~jPl*Ym+C_| zwkdWs1FlBTqMobQ;lXc|+aYr}WvA`sW=9rura-HP__^pDJ71s5{tXX9R-oON#*? zMrUN(-=AP+*E}z3!JZ$n3MfA+$I0j@in3n$Qg@hv@SA&(WOW#SF5EZxdq()~XXlDI ze;5ht+=sog^h-i}*KtfPm%A~46-s}`=cLq@%4zKlZdlO=(i&#ky^FQa*mr=6iNw+<0Rgu? zY!_gBFl~&cN|xFhNyTuq@A=AYK<5fpOlR69n|xR>mNU~Y;yNGKgH#UJ3%K3`WaNIu z*uveO7MSxneJeKs%V>W(WiLu3czm@JJ|G<3Nl?PshVzYp@d_o%i`scU{%l{GpD@LT zJ0-~2(`TwM{eGO|kSO21$ynVd$11tjXg0oN6(pIEjjTt~pqLlh_{h70sx1IE>Wfinn9l!#iBm1eoIAcp5ABEl|9^-VIOa zQ*EUAE_*A3233f!jwn`4pW9`&nyZ3?+$r3Y4bt>V!Y_TSgj4Tk|Sgw6PB@(3=&=Mbqz|2Aj(viWD!-W*LDBz#i9Q#1NbR~O&x&F zQu12@IWmh`4LXCU6XoCA3T)?#N5<EM2f86H6p}0(Bk3Wzs z_A?qh!oZzQU31k}R);8U&R9SsYofl}UNU95cuA~K)V-p^Y598NR)g2!tOnml5*z$4tIUU?E_Du^^4L#m0pCOt=-TkM+2r3J^I|u0DtFAA64^nAj^%F zmnTRMpFF6j;e&2Wjy98LlR$Yiw%b?n*N?kaPaZURVRR(FxT88dJAchU*U2y9+^c5K zEvp!8$iK>?Vwep$`dR|Vl15a>GfClm=rmUQOKR0(rPK%^e$&Qhv7_zbYDgdv?001+ zdm0TFK`htKYLp254+O6-@3eCsN>I)DyCZ+DKvXkNTl>#n3rISM2An~^ zFaiM~+mxOq=ZpJ~8>98*=e)h>7rH8+m)SUW%gjl%)m0b7SP^ZZ%7}c&B=mz(RpOuqYqAt!Ftib}I=+#ug2f z<6gueeGmKZc+KPuyC6?jZ0wC%XiP2-{>`Gcz71#XK7CfPeo)+{uf6$tF|M!Bza~s` zk*INmh;a6N{X*NJwflBiCT*`W%DKS*XupgvA>3_I8SdR_PSM}Q$L?a3lwiTN);rEY z%J{N_<+4$P-zank1gR;Wy+ywXXM~^FU_lVj1KC)cFtPP4&O#7%n5y^dLCPEG6{&Rg;mGm;2$#~U1$=*cSvACctJRJwX>TJI+GLAw(eW8BTXWrp<<`K1 z2oXe8oC5+M^G<3oX+%t zA&I64N^1eWPbB2xeA<-_&%fmWhrLNVvwI((EK9udWdAjigO=%O#?BKpbe}yXVt?9w z)FMFSmHM_JN*^8=>OIL&mb?r4dDrdOj#7 z4^rzpU-KiyPaUloaHp|@lw~@GKEH8(F#~)GbYo8-2%e~Ge|u)yy}qLOGxzkb8NIjh zu8crkoWo)a&W$r8d)lM1qDfrS?53jTR|1nvJQo<8tMK)1H{BfFvK`60#O#MUPj`=Ix7|C;^icNWrv3oh0kPCtxnJ$7|u* zsh}$FePdIO#*fSU8Q}sqMbbKbe*e5l9dGb)P1!8P9L%%rxbhJM#M1dRr$iF@7_%OE zNC(0s{U9?E!fp_aF@9Y|7+Y~l9VB6msre1u1Vfbn+?RTOAX(#^TNeQN%{B?U45LZG z0B))6RUUFeE`RDrX}2x$jdPG{B*u6{s8Fy|x(1-b?Qj=q9^7oU1QX2jR%PK?=M)ZJ z9vv)t@sK^Y17d!%V;c3Fny;$bkZb!vl@Cp|{k&)s$$?}nSG{yXMM)@1uq||X`)lP( z(N&LDdPQ(RH(`IcZFLU1bwjPT0^^^{Nq%<8@Cj?3PgFgX5AJ%!$^zw|dl4`S*RrE= zi5;|Q$KgRxm)8x8J&{%BYJE!gR@{O31w7cr@-LeQ&s@r_jO9?pPb+Tz7+_#AFUf`* zAxGOg6d1GZ--f~A10chrepeCo1jJ^Zql;IH%tq^&@0XmpA;+brj zkP+!hmXsfrjCM=wtHdhoZ7LC5Z8{WUvs}>i3M+tMli8CeKehH{UlyR6g-Wk3D8sw##isgU)R-P^oIE&6ImfmYr;kS zp6GE>i4-4sy8E3(&ZG@oMb?241udzeI! zNNBWABBqy3Xe+ce^ptUfs=(ehkevW|#cI9VjkWaVz}y5As~52ZE=*PaTdwx-E*LN7 zJsn$>R{$o3jIXQ|fR`Q$?mAnr(3&>Bwg&vBQivUV2vysfjg8IopKE$=+-!BVNT=>_ ztti*V{Mx9nSUM(4tNH!)CY1~gycuJm+a&d1+CbKUhro~7o3w$66}8OBvvS>jnqG9P zMh(fOs*;Z17QJ-q>FSXO$QjUEXDvs3s7)W8e}8LMsZl<00Fzfmcxv=MNP$`$)3?=r z(bViRT0(JMpzF3g`6<;aHHiXV?8@n3n@vqYM(8w^fK+%ZKL?QYgB16Vz8n^0Sds&< z&5%FpsB4eD?#tsJJ#=Io=m`ExA@z^s{PQfE^2bxo3>ex2uUbH*nt2yDqn*qqH0=YHflEJ6<-DlGrPJgJh|=t|)y+0d_Pcwi0N!Uo=`V}{$N&Nnw|ZCD+AY3O*E{qnT2r^|!Uu4o;@^gv}@801l6tsASA_@}(D z<$pi1khsD-B))4cMPK|954H@B1mAt_7V+xxOWSCS{qvcJd%(w@+%9zJ8XGFHTx;2Q zJGNJGvCJr(nDhy&u|oLdl&7`+X~+GhA#UG@s~$1>0}`?K2QaD#Hiorj zfmBfkBIS^^yJfT(0k3_~Qr17&w>a=`tn6R&s!y)RUnN-YrVyK>F1K3dK6)S)r~hyi z1ea9`ily`D!6tff(?whCCcV_WNa967odVf3^CnDk4+8Yw!pHV>k1$!$Mh)ZqG z=7qiC&|%fZ=9uuUX*{pyyYjbZncX>AS@=P0G&eV~C*H8H@xtid8IK(B;#@ytxCzmHXkO*fh%RfS7N@ozeTZP~b24kF&sOelva6xh=c5mJnE6?&^S8E#QQIsy{nU;o=~lv`-ijt_hOUW#hgw90=zJLabF<8%=+^mhd{-;1rU-A|m(>(mU) zTgf@hE08#c3Hu4IQ0{iiM(xZG#Os?neE+`i#s=}sAg)n7K>-%!Oa zoVxvIKJ2T;wcpGr84Xs_=j6`bkRh$628vcXt<~&(mhl;T2wwY^RP}R$y@BdgXSqjt z|8!6v1&;slv%qN>+M{y}Ymb@ddnRuPycBK87Eahbf&b&h{=IBpex_al9@EUq^tm{vsFwi*JLL$aKh$TI~P{nAIj%YVO- z*YrPSNXp8{=8QE%UCi=LZ4i|iWIL=H$xK<+5wDq2se_Yb@@Ep0{WG8P-In7!s70;c z)T6UP`(?(>B9@D4Vuq=sd$st%;45YdlGTsWKUh>gb&M1S7Ml4yuh9$nyUHEhVY0hV z%-2gkEdq6F?R{gom}y?_IjmW=_F-1-t;SC7p9-IL{(NzenvvRPm{xg4frp8LFm?F< zA+!JHjQ{?3LQ2ob_?9%z{n=yw#kGeVUOZo1jCWn{{~tU?{AXqpU-n0SeW4FB8b$n@Fa3X5O+E;?4-cDb2BZJ_zxkF4;7mDNy@mekZU03+ z|Mo#^rgzFKgUd>!|9OY})9(I*3>$9zW`@gRQA~xtI zurXEz?_+3aZvh)O9!X5~crSOj7f4*5hUJs?2fswDHVV;x(?!m`=dh_WJ#6ji$_Wb# zJBOLiwItr3#QU#{t~UUn#YFBpZwttH!l;}jBt0c11-DoK^*u7jnW3Z%^4&{f)7JrI}Qb2O*c9>Q<2LN_Azwz3}- zm}1fqTU0}&S)P@^=#R$1UdbXF85ZY%x%vA-chinTi62%W^3JPVYD{tymca@ znkudPm$lbP=r=QS!3)RG&wz!a`X^3{T30y@#!KEKA^h-3nZiriJ@KP2bEr8n@-x3} zqS}26Dk@$i^4;s`w2f0qfAcd)N0N!+QdFE~0)i}~u-AE4XafACIOV#!g&mENbI952 zvkY>$A(L7cdfx;GN2-hrUG7_^2DyLPT}@GAh{gER-^lpR)S;Gsd6+G00+QXVC2xV> zX>trwzqHuVF6gT!VB&%(%ibhP(#oi=Zp`ZM8f@Jd1<+7WnWZ~g1T+mD)*L-X-AWb! ziPp(0kxOcE%Am;vP^w466aM08NLvZ4+!Nc{w{&-qD~wjz2TzEl;gT9Ep|HOkjNM5B zZerK&E04G}9OdQZ^HSZL1tGQj0HK0Xx*HhW6IQ9JRyJccEhwx+C#|`TsPV(45J5+b zgrd0sXFJ8sey>q@I;_-+P0~L4sP8;4}CZ=zPw|nRyOD35ebn{B}Xe;1yC-U=E~1qvLvO-fIVAU%*x>$ z?>FM#JWz6dkzPCd!f)0XklkL{`>i2L;Jz$su3_ zqt>K>}6Ha)sN8%UiE z=;&dcpgNcgSJ)R?R+Zbbg!4i2Fc4%7-l?zHbLl{th0FN5;Caf|_PE^rs?QE6u89U_ zV{x@TdvI#;$l?NwnmY{4a%sizAUM{B1&O9dJdBCg#X8Hcfhql8Y0&+(1mhel<>s_~ zG4%x3lKMc!XXs{wIMGW1P>#Z*MP%7S_Vl9xWB8+R{=GLSylP`!?e!)E{rLcB7pB?K zGwU~9;2(v0UN#uM9UIF4>a)NQiQg^+0PH~e2IPV9(I38>EsR90HEL;ED=Qbl?P!Gk z8V|7{&p-&?1Z#5684omKuF{m+QOzW4U}DO@eUD=8`{0v37qy4JiARp>@anWf!!$LJGn{*;r# z;g0P=`k3&qu}>Y1a+(Br#g#3LY?SHKT}z{0hx-YF=N_cGq3))-t0}KH1*slS!Yh!z z{i+eDJuP_liq=QzS8p}%?~Sg*g+YFR4_t2TJ@$~SKOO886=XgRl6RigiXu~|JVSR^ zZxbHENqs?zVP_-;)j&gArmr7mX)gCMC(c0`p#f%6i6yDPSt#-^_)vQxVM@J0bv2m%tob%nn94`Sk1h#c}DV zjCv3BV!CI5_635~b8sZmtEw0qiH&4BeW<)i*pY?Ex9MzZl|0c`sIRr$ z`6R3BgC+8?y~_E_ZLQy=Ey&y&rfB80gi6LI$5S6htr5Q$#&v94`Lz$2Ki-~@YrHX6 zTTxK}fHDviYG~Y2g1kLd))XY$yuC8zY3f>9;S#u0khlA3X%v7{mej2EE;ryJ;>2p* zRF!}kdzrxgBFf$miu!YNa3nChfS@m2rsfI8(Vc=X5kNbm-n|j{bO=b~&pz;v9Q^al zkAlIKNwKr{w5q%F3lI84%6dh_w8&Hj{qZ4kvu3c+SWmcitNB}IfoWO#a?s|NUXhZw zm=@_5cJ*}xbw09~lDCv3z+vtQVM*Y-jETj4KK9TLRoB<&-m*XFnMy>`7d;zj_gGG= zHa=bER=X`pM zq&>S*R}3Y)7dT_y?AUhKPCNDOy=hie>w>J*w5Qs4`P!7#)3)a}EsZjwg_GHo z51uP744tS{ot^f(N#Nz-8Tn!HEnW)+6gf^1DQa)i9&J%dbi2}4%)S#HnUqA|h(wJ< zmV}HC)>Op)A@o1{;jQ_pLIk1K3lq{$Hb|#un)~!Vqfy0-#i8Hcb@i@dby;|BdmRt~ z5k2>v6&54n%RqC)`3+ds&km-z4=XFZv&6dfmP(>|9x^TX1(s5EbjfGQHUPA)yhjBtHs0S@A%#NM?*$?7J;~7V$Ih)>B{t)e-{V@J<0cUU3 ztFdcd^P9E1vg}`>{!?lr5Au%6H|pn4A$#*uQ&L6(kw^Zju+b8~?8dEn z^u~n?l6&NMeHDaOvy>vJ<QBp-OVkqGELh^1VO0UVsglbU81fZJPt?LwF{#+=e3In25~$ zX?nYmHm{uA{nyTe+tqrumo$D4T$#}d*>x@34`PmwkSrb=b*zqY2P`_v#nRQ?#pyU( zbVz6v(#LF0tKuPG-YK2Iz}?CxQ?w?P;AQinhvH8I z1upJ7vsfW3x#<2}kE@4@a@0a<&-Kr5L@l{XIC25$0b(P@qw z{+~dDVG5jy?P3dsg`LDLGl9P^ZjXP7ZhipHG;)cIe6?&j?9wYQB|f#oZ(q|nmEV7D z3rN26lQ3vnI*^+0kJc4xQ0E3w*V@AYj|NZy4`vA$eDd3}d$nyM3v0JfpCkh}LD7xQ zIffD~fbUbWoT%gL)D6uUCa9McqHhXDKxA z`@M8`E%mEMs^iK#@Zf1d^Abhb7Smab@bp>DyZ0Pl*3%#}3 zrS*IVqWP^+NQNKn=_lXwZuu|{hdVEJ>&TXj^t*H*tgLb4M|t_57}&n$G(adGtFUKc|rn=x@!)&d|TpDgSx1R4*VBUk1<4*3^hei7!^jrnzBeu=W9#U6g?nE(5AOm+@P>)*Wq{-aR8F|U3^ z>R*PyFAMFLh4#yI{*TT6H_^FYKFu$m=9jbi%h~)D1vsMb@XK`mzu$EJWiJ1XoA9ro z=l|2n-yKbG80+0Wkf=QI!?>#G19*F3jq{lLKL`Sqv*x2BWaU4t%RjeXXrAmt*!4#c!46KW>G?l zNJNAWwH~KpqPU1645Te0Wp@&DbbKTAY2W1JshA+36#vR+P9uNuNA@+w&|DrRWKnH`h)+ygnff6a*>{{w=#1Dh>Pz{ZG_%31!d4aqmW9to6wX)cdn|K?YJv&RQdfsL^W&-vf~Mxg)Aa&-{! z{$+t5|K_W|u?eM#07o%u^b`HfzxnEKjE`T0`9+xjjT=*#xo=;~Xi)9#pY8;<^ugz>%0)lsQa(DC6;U`M4#ZSQM+KzPxn>la$6#0a?A&I03&J|hMe(soS+RIzy3fjZ@Xh+OLWfJbs7+9msEnva*)9>#9{=2NimNZ zscCO63rd$vGy5zDVh!9fjDYo*V$ElfWFilc$52dX zyRQP0BmDLHF(gM5fEJ5tRi{6WObZ7jr{eAQV+c;xE5OEXs@c3d#?BN0$tgf2^6wJW zBX|uFLBPhE?icwUL)i!b#%S-=N%3O{&YOoKov(-R7|P}sVSW+jf8)k*Si19}^O<;Z0U6w3-z< zNHhg^b4pJfLtGRcmLg|GK#q1Ghvt@aH~^WlUQ@Gva*Q=Lhe%S6B<64S|2L~UCV?e! z`xogiAAQXOJs?IfC_i@`-RS`=xh7Rl_^(bR-x!oX)ZT}i>DB}y9>uDA|I-lW?-wZ^ z0>GM-^Zs8ajm5yEtai(ZYCLY12Rz@cyOrIa1x(O3-X8YX6dyZ#^s~%uKUAcOJ!LZn zly@ry*7y{Mo;!S$>e>Wd`{}{_*E#fNKS`?T%Z8^ML$wCq1DYh><-cU;cclAt;-sR% z=v%8CijPvX;p9#oHC%`iq$D5n8XD&z>%Jou8jx)ucor=_QONUf9kMGzf0|AnpvC>Y z?wkY$$ymv%r`Q~bi%*Q0o#EG2g=#OAuaF_j5&cyp@pbb5dY>O!dAUj?tqEe>`%U(Rgu#K;iE1}R~s_N}wlC^cg zv;06f3>>@hRhC&NZ8z7L+n+7bn_a5JxG#H*9`AFv+Nh_Y(6S3r_mbIfM+6{huJc@H zN19qnZco%R#FG=JZns2nrI+(dR6lA8TUqwP1iZN->p$K0HsDs1iympeII#E{r*7eO zPQ7Arc(o7Kb=P&QAyozQoan+e|4=q%@+`d)a(cT;mD#=$yIE9;vat~AZ*J$mSs+#Y z;XpoE4rd{sG}Fu+FX837E8{X~WLLFy=RmK-R-=&lS+vxC6SB*6IE+)>Kqgvf*xSn8 zWru!lGbO?CcE1DGCUDs8XmT~DsNb_N)AhOo0M)hdC0iBy2GE`$;}6TJfBV7decIQ}3)eZojX1zN4lS zCp`DDnY?el{}mO-+5>PF==#D%Ehbxlk`}$0I$5BMC1DafYBX2zpybCDU6j>b>0HOQ z(%$)Op`jJ*N-YPd1>2xn8f^&7hmcYU2yV&QQDO94IHLLJJ4jM!hXy$>mOgeFp3e^I zVS#Qp#?^{ps+mosc?~NTUMCtUV)E$g7<2^U=DzVVrOWgTb18IZ z2qflrCy*wf5$1iZa%auT81Y=L$*YwDxID^O>!PU|`%xVB8U}9a_uHdIr*$;$lA-%t zB#-HIW=FA2T&_zeKJ^MY8BhZu)wv*cwI$xj`?JWdSlz4G610nv`_?W^ZG0I=hWXa~ zz!hr|duiJ8g?1K6Wj(J$Hn2cv>Z}(MPj)Y-fmji+pAk_7pQ?K|qNg&)zeN+xq1CM+}zNyrtY3t<4+5YUw8svKL^H zF!;Oc46%&d`wX~-7v3f2p^+IU8cp3s)}Vp; z3fvCj9C9e%K@)lL;~sVtY2NKADk+=?ZFHu$et&~^WX^DZ;+JjAnAC(VOQQI)t7=V&mRdTymW4`RwwwR~?nR%~CrO zA^n`3dgX=955cHno51W)v8BNx#q;BgT@lWB$ieOX0Vw`}eZ%RfKDPi-04lhNiCitGJsbSKDRU6)YO{4I!-U$OU1<1| z-fSoM8IQ+W1iyOhRDC{9lK#-5IMF6FWMBIsg-gFQ*8*RAHOZi#9N%p0k($5au7S!^ zUxr|pFEDxSzpQMTlG;%zU0C+2y_5o@CKrB)FZ48nbP^uXAeg_*GxxEH1s7pwBsxms zk?S~#I#eH0%@vDaN(jHiKzv<5obsAQd@h;JBTAS%R5UkvvU)d-}7_A!QQ%94* zm(8`zD&|}QX}FuVZ88~s=dIplC%Ea(!1g*7xC1gE`(5^}d2IfPRYDYpeTa8DKL_~1 z4l?JZzVMm1XXcW+Z!gF74vdd-XR-6e88AdMOD!y}BeujA&qFpB7C6M&7G}baXq&(^ z9&VgrrXC)DZW<~N(DtD|RjChl>&^^)ixQ~_`N-o3DycWCQLZR!gN;|b`j_Ou?p|fJ&#)R`E=EYU#R+f>W%X>S$TGf(dJas`fvCKPdWTwt+0Q5n z4KvtQEMbgmrVlta9FEHT8blkIJ~oD(dY?e0l6z6(hR}n}byH?m1znor(ob9Eosvo; z2f$DOQcNgQIH-j&G zk(bsb`I6b?aa$PA^nf{(uaakRZe=qE7PbFAd#6=7S()N+YS4nSQNj_^3b}VwTWtXK z$+0(JT4Ep*NS*P)0^lS=w)c0dun=MVIL430&{Kd+qu~~(PX5)_7?F(5RUme!-^a6+ zrD)Yv?ox`2*3vrrpkW~gKMX_UK(PUXLw8{U*K_Alm4wWy>?M$u&$6%l%O}WD0ewbZ zH^gzXGIK~~oW0D~T|@#km+o`O!5%deF@@9`?88C%qIGYT*A6Zz`Z>^*lSLmJXmuMX zcnSnTf$=ejrvxOgLI(cTjO&Ni>Ax*Cz;mlHrvfZI<*!`HP|=ST@Vw>yD{1Ow)&pxB zn}a2GH0`46g)0-xhIC32yF2nmWlkv}cYHgwr}B%rK--KM=s}SbQ2@h6{Rgc0`VdLJ zL6M)n%mIJ^B@#@|WCmo+hl+Y|S%vG8s&i&}0*e?%-`TS})eS)g$NE65%~VCVc8$3w zu|)$Gec1-W^IvLftK85k@3DFUoXUn{C(r!d?*Db;9z2uAS62mk4sF-e-oXOOn`Ml7OBl>1Gj@r(9; zNJ9y)$wq%T@9$ZzmoQY(7nu)kwcTnd?ObhQW4Zv@?c!L+)&-ZKbv8kF*cSO;NIP(K z5_&x9^1in|&Bac-2uyz=VPk+=uLb1ap%ru0FU1MLGdfaMYIM-ze05WGB&bL&1IFx% zW&G{vtM5c0`_B<-RK+RxW9dLU?e)feEHVgC1u0RL*EX?1xiuv)JDQfsee^T&f!7vi zwu#RBXQz&4?NMH*bf3&)Llhw4+V+onrY%$ADP5V%6<$zr=oLMV1bt*gO746yH3o_V zjSn{aDC~mVIa*y{)$M zY$BGK*e=wQyRJE+f)!JVoN-gGjn=7ejyCk*vW5?j@|d^B+pnW-Im(OeX8<`zs%7Y7 z1DU0P@7Yuv^fVk^>=8NYdG$wryZlN}= zSSlv7tIV4xfixz#1q3kTl>3Eu$3p?rK3I7k@Joa@t=IzMaNbTT=(6=`za2F-Acv^w zKA&dZ346QOkn~w-;FF%>aQqS5ib;bgp9MHgx3_JR2u&klu;m7DHXNJa1hlR_;FL1Z zCc7!6-588qDtB_<`KpmY+?XCYb?T+Y@Xcy9_@}Vx7>dRzgAwkG>jN1xW^;K7uKkjA z(qQZG@Za71FfgXf$v!}=CxE7W@Xtck9gEjw0A?jw9hR-!blp>{)(^~ z^^~;=9F0LDUQ4f27lpD$d5AMQn)@Q2#L)8rwzDM=2`@7(;FM zFI&2l7J^>w@l;l0Wph`eISuH{fFG_w#6?JlJsOKP>3Sr$;ng_w*c(}I{jE;6|WMO^G7b-;y0mhTu=?h}ULUbDh{e|%>0aAW&^d54>!9-UF z<%E<#xN%qWSQoU7HYGxX%h*eLLD=g6;Xs za7l7NI=t2_vj#MapJb7U{b#(l)cu$pl|cbQ5H}u;xoEJpI(cI(Tsb))w!n<7<&zt^ zgx~^`;5|ut1+nRjlmPg!`g-TI)tXNLE7c!f*5z{ZUFqOju8v`QW!-R3tCbPx{sEaw zITnaNT&e~Jx;%el7fK9NF_RcnI1@b!cgz7i)x?pRRaxfro&!Siq2KFZ6QN?ssrXWd ziNLLiwTZU30t%t^@1{Lw5*gbiX7r4mRg+!UCY$D@UQ=JgUw(nabfviMsX3n#I~v1M zYCk)fCu*ueMW;2B$IIO#KqQfE8#vZ(D3M|KxWY}4lU)QMj@s?_z1~mVk>>;!$6#_X(hEeGmd#224OyJ@(M8l+lkAE@qMtREWYaGm}f~ zNWX7Ze>A+us$FK=riCjGVDNsh0}BMTZrdC!dIkiPYe_bid#=QLuC0>cA1dpco^0#u zPZ)MDI=x)JUTnWrQhiQvaj>X!q2yAf%T5=w9Vz^vEk~v?gpp%u;_?w47{I#7^*qV0 znVpEDt9ab;&X)zJzmY(Kh!=4}9Gai4m-ud%*bd(Y#?>9l>E8Z=;iIEMBFcdP-W42S z-K&UnRl#whwIdftcTAqM~qlYn^FnSuW$#T zFy-9(z-*@godR>A-o6b(#RovjCJ1P#%*feuO9>KXe0pVk;0Rd4em#>}CM->cbDJ?pI zC5oP&WJm9QLYW!}u!lk6#xZb`Zwn7OD$(%SF}QFZXl$%Q!*%pdW54-c;{tkK{vyr) zuSrvA-T5(NV${EC?J@0YyO=TVDS=C+>h}$o-`yZ8wCe*|^I1HgEninswA606{R2zz z9~Y_nHXwCLZ}_vP`0QB zCPE`gw23QQSvAv#>_UhA*g5ct-=hTOolBaC)n;21MwGfz!xB)&xAu}yE0@g zdeSv&t6!uX!{#Ug$dE~;HY{2tAsHB&y(maa){{$!jf^9a9bjg;vH}a+0J1n7pNhS4gnx1ATux_ToR0w0FjU zX}$0js|>9Ys9YPQr&{g@KiiZcRc{BPfwMzZ6ygli?Flp?d(A9&8vC}Cy!$8`g2)oY z+=%II`dxx6+cO885Xul-#>R*dcHY5w^a-v)223e56o56#^~a z?OmB)uuC?FKzhLM4Jup-s^-m|hIWWp{5eb)y7Od$g?!etO1f|oUi=w(c0MlJ^vKK{ zHzS(mS~r6jR?LwQ7VkCyc3&`VZwz9jVe;5d+gEy4LU*wmS9C!pLo;j5)ZwEkkcg$( z8sJ+jJrEq*hE}r%(M$14K(WKy0ZYXLqIJztRv#1-w&ZqZCz=FC%56}Bmar1E2ls*X zNTr9xNada2zAUAHyoqa*(KbK;%)25#nD*>}b3^NfI$W}feL=N|;K{jv_X5B)MuGIA zqzddX{vKvk6d%r^b300uF^R!DidBC*eD0rInFQpvbtw37lYBtr>?O-*K4q~RK)l%H zGB4qEWvQvUl?m7Zd#h3IWrJ(`Y32cbwQ%nT5ZK-jt&lPJ3E#+i%oXyin>7P`I%ZdgK52JQ_>=75F_JpC1FhXJxC3er`Q6tF{ zn}sT~9HqL-skTRJmML8Y*qo5N4Ss>tR9q);N!-g?HmNtg^!0JrC)|sS%koi_p-Yi{ zhDN5Jn-TM`y_Souf-xm+y?XvT1=mnJ`HvHPup8N{ynYyTMx&X)R!%7S9pvHw4>B`! z+fZv+WfCRrRG!`Mu6#663t&hdPML2oi@AD30>~G#Xk14eD!k#z!S5>;YAqB)I9G!E2aDiDZG_hdz(Scx@6eHE{4zCR(PHx z;Hm~E>Ny+C15_z#@@Qvg;)XHmvz}ko_7K-$dSgj%$EyAn)tFzj5n0~vGXR9*&@GhF z-}Cs4@Utu#JRjWy#$nDFq!yubSa5S*5z^O777oog`&E! zcW9bBP-iCP)+*po)#FwwBhNa^Sm~06-#c z4zjH%M0Cc-0lhy&|FUsKXoUFVh>sNK{f3gMcU-^?7~!)Xf!on;b#ja?sbE+YGK45n z5}oxSip6ixLN`V{nqM~hNA;+S2loXrtsC!b*M|BLg-a4Uq-}ucfq)Y2!FaWoM(S_6 z!fqU4Rz{4tyDwU*?11QBF2>O7QO;}VG$xEeWNzo9%tCLy!eAqDYN#a6c@Y1lmYjSc z2Q313olJGBy%H)xbuFq&E2TZ*HY`!%c6{hgWoFnyfBvhaG`pKQIvkbTFB=&z4PHYR zW!CRj%;n(kxor=cTFk#q2!!?Q(rgtR6^b!`s0O>z>dTZR6W(kOW@3|fU2OzKowd2G z<4@m6x#rv4pR9~`4nEBxwP)eziI=Q;Y}o1f=seDAb2IYuXWH~Yo7M4pxz~$kn@I&IdkoE*{kmn{p0I62r6N0m&QnLyTIt{6b^xid&rm0-~te0m|*f5$i&9J{@9RB zRZormf{mLWs~ja?aiWAK=pfMzgnFT&U4W_a#bPcrLvt|Y+n-lPW+`ry-Z5kOO8c&A zHCeCI-gN9>+)Wf$hc)p0>cQf#Vv5b>d_9y=Bg7PH223mWYMjWc=QW!dzqzTC5e!vq zX*1tmllu#U?c0w&HzRi#wJRUVK>~_xv^4r!D0*|h0!pZ|G3=?=)EOyY+#sLXA=Q)s#d<*trZUY7h%< z8#){rz&>$)GA|vR>FUuaL2)&bQTEgJP$s8EwA8zyyQFQ3*hik8&L*mge45@vP&6`t z3kd8H5>4dM-V36l#BMD|5?(MZYSQ*7@b=pI%GM>r+e(*lPqSy7uVBT@%oQ(#m*e=O z!OEn6ZOG1B;?ep+%K{Xp`8o*Wx-n)%E@lf?j1dPvF5SZ0-sf;?AdXrc&KI1UXu9*c z*k_5ME9KbDt0OQDy)z3gVvI;M4SJ+gl&}9apn3WUXp5d5SLnGlUj^YgDA{O`+ zK*L1aHX1p^F7~sNAd}dLA@%HjI)S$;){!_&M-Jy@x>KI;gIc4`F4$F#bEfWjMz9eU zLXMOuKi&c>w)^oHCFM^B=k;7PPYLeg1WL7&!k7TZ@S~7m0TRdkkQ2L@;KrTsoC3w7)vN z;ZEuX!Rnb$wm=%?Uq>5wD0+ej^$Q+?$A;>$M$XGZflv0LQ8xkw61n+9`ifQYIjWZlNeZY>`2^DBq(6*h%$esS+%dbz znO3!WH)C0&N5Dk_XS}B5$K`*H1S+V+e#(ri+N-$E&3KecuULd|uo@3w5g&jnZNDP! z3``jxv?p{f(ekvVUpdSWeRu#~2xToLbPCKXi zrJ0RBp?zM7kvy3Io_A1q;huRkS+8>v`DFeF*WNEj%w;Ad6M32EH zkJOu6FIjqMJ%h7&N@Lm#GK2Q2u1eF_MhXb zF9-|X2X41im-4(@5bmoxb)UjadiS=LV{QC1RUhIZK5O#615KrwF1_V$=&Qp)EziuC z`ma#52zDX0n|KLlO)@yeqZ6<1L`sNNo5QO)WWopL5Y1uq5d?$jcPQU@SPw92P6Z4bhTJ;N`o|uC06UIbS}McSXcGI)T{E$Qb*K*R;#jC+u-#q>olq zj&@=q+M*V;TNG=gFIWk92fM3p1wA+WISrmlfGiV>yqMju4+lA&i*^a+YIoTmY24~D z4Q*|t+orkp9@Uy+pIyNI)^e&TpT~AlDmzp6@epW{d0Q(}`wb|EsRRoQ>|K~=&N;ID z`e#K?kudWqhfs;#`-AJaGx%^#(4tE2h7-8tMT>ycZtMDPnt|I0FFG3;OcbuE5wJK2 ze)ibTKwB5e{p0ECHxw!r~YvduL1?$Pc#0B4+x-oT*P49Z3IlEpQw-R)*X8%wXegOJJa; z?0DE{o{5=tBjZ72NB*5aXY8hsY%XiKim${5a^4w)AYEBF)Ai?AHt|C8>%Jy zgkjBkxEJPO5{+y}bh6WdMgy5jDN!>fFP0BIm?XIvZo)m=oe87b8*EGopc4iIT>gMr zyVHWUZBed&9EkOXYn~MRjj=HHUdLm90^(;LG-^pYwZs*vn*H6#<~g z+QZQeWhq5ws%U=@I{$%zxS^!DR<)f8mXgSQ&c6%ij%6pD;4BjAbT0RWi#=9Gwly>>Wr`Ys|fa zhZwJDK0|0eE54T=qnSw_t6>~O#blbgmUxCq3C4(qehER*RLSlp#LD%w?F_#HU`&FX zP|>>iV4c7d?ftK&v)`Sx^vw4+$^*PH-pn%h)$x^3v1Pe!(>omqw**PkyPlPeW^tOi zT;3^&cdN4DDWCc_ZV095Jh-X3XC3?8lmrz(z%rB#HJnGq>zplis(bKZ} zn4lLkB*Ng4@`Bc;MJ2=Z%y8twpy;Ci4wffy47R15U;1&J7+KjHpFY((IQhv-3%y=d7)Q3lD3;pBTkc|U;+6Kh$3`wnD zPAKgqL+`1gjSZrvn-c;>2v(HTj=gpDMYl>2A#(x7a50*In`9=Nhf=qzV0@QT`%(!^ zF-kD>L|4Dk!Mwwq`IZ%AAb)u(`cf#4LVVw1kSk#!pE%k@lAA& zr@$OMjw(Ql>moIctgRcmHARM zGGtwBDSU1W2v#YEQrt_|KeP`jl{M(|UYTZIr9+Qpm7tqoLRMSxE8D2$)|s(*J3ujf zuwNc8a(Tu=!v4PQf z?gySz)yg^oUx7SaN=c~i1TdOB@j1H|VbsLuHo@Vm5;V}BdVKX6W+Doyy+{3yqfhJs z6EAuD1Q4b7HP2F(Zrc_8=25j>ik zj&eh}f9&8U`i@RdbXPsIqbA z<%RWO#H$y2HX=M^{0$F>{P5Uk9lxjDq%9GWYY;c>&2;vdLtHk4ggesvu{37n9KiW! zX-);{1hSOnFsSNh-ArtW8fxFGZ+`EmAzUyK>0@SGr+tZ6&(Irdb0%Qeby$SRx%&Lw zAO@;L4_tljjBSO#f$JcP_)14}dXQA*-XLYPq+M6J;tLS3GaU+;MNcj2viMqx-Jf(q z-+XEELP)!y)xP-t>t_fqxi35;V!(k}QCkPoK$q%F1Ebh;Y?mKu)Bfq>gk1hRx&0 zu^Z~|?dD?)DV0P4H2R9K(HAtxpAZ_Yo*guny=ReUVq(p^qNNttVrHI|3)M8vwPU5a z#zw8*RUo^)xOP|`F!{cYHYjkcyp(hsuW#>aF=9QXm95Nrt8JeUOwa2L6gubCKQI7n zT;odGHL>-=aJ8=d{X)LaJwyx zURC`BABjc-FGOG$w3NS2ekXdyDf+pHRtgp93}jHQaVFVsThs#Y;}nf3tDZzSttE|+ z$Ydpmy56r%9@w`A;-5f)L+eJAOxU}})MmlxSaBD;a5N*HOBW0{O=oKBT?rmbqm7B% zS)Jr@o?-0kwfclSn8M&GtJmA?y0K!MiVZQe0cK73@%+vK$3{Pj@)_TNaPTYG7mCe= zE-?dYasSHR9_nc7&=#4-`6mEYC;ALZ(_GwP7jtO!_;%6y2l|#%H{}mT7E#H8Yo!i0 zfyniWP*>Ls%*U+1(g@vL-iykkeapZUdEb_iQzc18+A!6O zl)}O}4kWubOdLEmwT+!e_IE9Xc|f-k38<{fT@~Yv63RlLAQSt1mxWi6>QeGJ4<0t& zC3KGRi*_~gXW->5WEUDPqlMtOq8?(62J^Za8&XEWsA5qkgW>J++;nrB z25ovgZG4dL&{|f$sm3N3H0y}{SKcPql*bNQJ#}(;l<(|LswKI(nCt9}31+%5Lc8kP zZy8_{H)^rqcCRIDJ_ZTjkuTjwQv@95D}+K7{4hn09eX|0DvlBE5sTy za_B&2D((DT!3ugg4O|94P0W4|O|p6bR5+21_ipy)Axwb1Y$IC6A})lSOV4B-6`$LSDZl(WBg8Sl|_sThm04`Xpx1($B{^)uI6hx}Pu4x;|+2~UP@k&tuo6q!4 zo0EDZy0^X=`^p9*mu2v@?>AY8SgpH=$Nel#`+aWg@u7kv`Q*QxkL@s^+k3OHv2OBY zwSp$G>w07EdI-vI=i|}DEdVGlXX)@Bc2~4JYCQ0e@3q$f;E2^o|AnI-5|9IR`2(O2 zW9;>uV>~GHu(DUcZjtC{(&>;sHKG7=q%7oqMBgzwH1<{k`H8neTc^Ld)PM784;g_p zxW4SQW~*aVYFhyXKaOqmUMG)elmdIm4f#h6uR0*f5v@7}y>Ben-+p%*HE*e3K$R)+ z)zUu&*!&}DZCzb*iU0Z`LIDw(w0R)(U7q|wnluoigtNVX8om1|_aw1)y@gihcY2}~F{_mvnAyFbOSnva#I2pyFyaXzaE^&VI^{2|c z=w9pTbwu36;a7LOIJA#eC*6-emQ4B|;2ip1RM!vo{u80r*Gfv-MK>q@Oabe zkzweEAbgN;gC@3d_<)AAve6u2bQQM z8kipA^yUxyp|OFETFZI}A51=E?FjR}{$pGR(L=!8O9k^|u-uJ9mYW(75In{jrITC> z-Fn|W<-zz#EdwWmn2oQEX$YWzjM>C<@{UhkiNv2@oVb~6SUZ3JQ6pG=WLhU!BG zl8oa%>&;*tCI*dg?Bdv=-2HwnWpNM#F0yvbhyG7I(2;u*S~dkUuKS|0D+Bl3S1|^n zYcp6s`e-8$#TYR+L(f!jOVn61v;KKq{v4DE`C%6dpi*2O!)w{u`~*D4XZ;uLZ8A{+ zClajF;OqMpxU1rsWBJULsu_iBcTrhmG<`UBsbZ|HOfAb9=nZtqtv}g!WZWGeWw%$p zm?}?GK&H!RfOwcvjPQ+0DbM>OId(8Z7jlhh8q|MFjQ{zKMLzK8qWD4cL?4j%b{J-= z>I~2gW@x8k;h$JK!EafjqvPbN6z)~zCfsL4WNhCK*3}VecM(Zn-qJp%4Bhp@fe!mL zWNPRA&TrMrDMby8>fGG?aNx5&SYUxB|Eacq*L|94A2~7h9xtA!TPtag_d(pkVk&g| z1h)d`i$`=!ncL_*;oGuM%68$2xZPo)#X*4~$92W`YAH&)d2947(cFg}Iyj*HlHWdK zUhy&z_M&gFpUR~%%q;QBQ4o3z)LPM2_PpDVjONriFGwG zwL>23Yl%=S3MKj zo6Hr);-hQ6J6N>vLCqJ%CF=@(d5ORvDnOK!Y}@y)bG+lb+AV(S9wwML*AGIM;7Rc}iem?L4zHbKgHZ*X^}mn(L! zi*q2~CLmtSZNwTVu+P58r7k_+m-RV_$X1v0@{`|Ap8fGZHQ|(BVnA7oV(znVl#-}8 z@EO4mr(_ZrxfZyKM%>pKMLaiR3i?7XG{|d0q2>e23{nvNxBON&&OEDp1XQO}ALv$_ zB<=HW%F0Dtf0JnhztwJ3`jA}0XRlB%*AZQPaC2ftXUj6lef5J9jQmfVct~PVB(IzW zd6s}+Kg*TPQp#rK(UrnXP}r312OaV z#Bic;NLZU*iNcH$roxsu4_dRAV2`OjW#*L`!#ljy#r}3nu!O7^k=AAY$tx%4&Z&3V zOF%QEo6xcIUss{S6?(aIZNLol(4QU)@WFE}>Do8gyQc{`1S~G8K2+sUFZbthLE|5r zvabY)4}>sEg^|$Z%>Pqqe zP47wzzw=AQwzXyzRwrY2*Cw5#mO=>m!mr73rl}_9YQ-WGG+FPH=}5K-dQS=in;=|( z{_#mJp|k80A$K$gKdh7d?5|!|oajWtiB^GoX`kf|IybY8wmh+KJ%bh&jkosj&1|2W z1H|Pj(mySKxYe|`x!^J6wa_aC{`!Hnz1V1apHnJ`0W{HgaM`ZVb}rMXz%^m6FG~%j zlafHiajG_=B`U|hSR-TaRpo}NxOwcK+2GyDTPeR$q~Cm4<916+f~EzmK;=|{42~;) zJLR>#tkdO$aW1B6h4t;p+WB4(cE+Vvd82ZogO~;W*z*}Ms9xMnb3T|nWe#167xrkj z*_8t=4i+eHRkT7@1{xWY8qJyIa+VX4wBI~!Pg=aukU-^3DgE1t(?9vgm+kV3ykGvf zu8%5*+Oia-cD*Y1`-R11>^v`i>Td4MAZ4v*;S0SsE2Z1n!(Q>5MB|Oo7GFQa&cR)X zS9W^yhZijoYPvnj@)2j_U2U7f(5;}p9Q11{j*}d(yEABnZ4!LQCC`1cfze&+vzEm6 zT2xuOm!b~zLwC713iiySXup0GE6KN&sUbb>m6=wCKiEzzsJ@?8gKl&N3oewNUNv$p zwqjFj*syI8vcpXj?_Z@MXA)hE2R-gi{a_?&QwpgMr0*MWUF*J-qI~A3uM2$O9(FQY zgJZKY`&KhSV05_w`)su>J^l)bFRLi-iqOVYyNO}9k+Ao*cZE}|zvdTl>Iy6K)6NZ& zGfR$hK8|d86`3K@!s0?F^!PGdDrO5C?Ljh$LY06I{A)(d7HJG$tFkIQcNSjw(>se? zbnm}7dP}4*9sK5ZzfbqZZr>6*Fps`+=hao#S2R)eaDvv;?;D`=4iOsj#HWY!3N5ry=8;WDvnC!$0If(=!3G!>chpv~|eS$-#2ex)IpzFbk!9Mj15t#A{EpS0@Brs!*v3RQa= z4N~cDvuJEL$RGP0FSu|ZuAu6dwYx1MA*IS-sfA%6vmlhHlT(O(SJPatCCGQd# zZ-m~skIlRA?U#Npz*nxHOiVuQMy4T2q4or2tDafNdV9xu)01SNY@K`8at~=13N*)Q z!7fR?#spC0rN`{Vx&VFd97EdQNW|Tb75}W`x-@%n%r($fL(a0h)HjGhWH3{=*t(2U zx3X@8(`BL8aqqj^lBJoZ<{gkSp!U>lu>&L?Akl?Q&VxuDDjfZC=YgTdq20hqOdw5y z7rViSn6AF|waAR&+Y!O^-ETN!Z@y)Zs=|^xql79+wwDQ%q;R>W;jD^_){xz#=*gBu zm}pCOLaNFx)kx1X$-j7UagP&O_sZ<*SVGw#Ov%5M*u}q!EUuH0^z!*C!_Q+`awjnA z9^URG{wbH@+wQGv1J$M}3?h!|<8?1DEOOipqHTu^rWxgA7l=D{(;lifovm%;?>Ywu z2{zxoZNeZ{W$+`@_VvECNK^d`&EmtolpE;?H zk1Rje%)gyfR;x)oFFq@f7=5E=37b6R$F=$z8N+MZocg9VNq@JwoqrTf#&k{Rrg;>d zK)T$j$sJaW^av%MeEA~X&P<&PP1YJBWeyYmizukHD`t=@l3nBVHmb-WJAzfgtSOQs zWq)@@&^*DFP9PIg+i^$HFXq8cD%yabyBe35%k>H_gJ(hBFB zu)sT9J{ix>9F5DR1YN*szt4tSf9{_fMha~5xOLpaVWaI z#U4HCFnG#kj*PmqCAGs$RIZX?V%8q>`80=<*>*G)96!e3G=@OuoAl6`52&%}7Fu+c zgViqa^REmp2-)V{PShK6h5KMbP&Y|_V#fVLv)6Q;=jnoQlM7=HUwo-aeYE&_05Vl& z$SH+@crtpV%CmfF;KLNXX3rZA)nw-zIy}%2BAxQ3m4~-Dbf?=RIr@{+H4Gi}wDL?m zL#re3=^gmfV(~J^FEhiEdX#cfR{a1 z#3a-ZTi<0p-RrBCBdK0;4JjT;GqXc`H0Gib z?iNcJICnEm6;}9tb3b?GLv|y7R|eF#dKXZNiJ8(TGgLo8{8H+35n;UNJ<0E1E5bP> zKqTb7cwMcV!bB!MGBor4)n)*(Bn_nKE=ZGNZkQnxIhdiH^+f7}jU|@rN~P&B{f(;kEnK@DD6Qu=LK<}2wI6gvN%PFy5E)F61nW^>@qh=-hH!6;*1)JPn=*6H6h!!^b8=5U z4e;_fpMW7@;9rwP+T!GC4w(xkV#j>2xDc=o7AM;l{QF<2w(s|Q`N^*b{_MPd9qCV5 z_5TZ|QMnCNHlnzVs^+s492k!&o}_C&K0%)5xKO#D-*_Vb{GTr8H*Vq2{Fjxe-_(4) z6y7czK?HpJCr^+hl$jg5vUR_Grx5<6-+!>18a?1TSFyIa{M{dZx8s@_g0q@?`&Ue! z{P#`&DK!s2809+gG;$YWfzx~R8+Wh}_ z71ztbK;t|foj&_F>-4AT|F8cozkNTqTeDm1XO8pVEw7sn7${2Y#);QIU9rE8eE9rz zH3Azn`>>atCb-O{>=I$u`&wV|9<2*D~Y=Z2D%jZ`p6;g zD$n9$zd~I8w+;Vl`QLuJ4JC*iGr#u&_{lc?_m30wZNU+v}AF3Q? zxV+2Z#3IxgNL}y-*@ce)!I9323Bx_jpHHh6(qdAx< z(GV3X`<9w*x@btJufjFZZTsm(*RBo!9es=D526*ycXZ`ITlkU8wO#@ExW7#FJ#~k< zVK#uAe>_S`A+>2wxTU$88Fbsu7}`~yR=&O1YD>hhO$?Pd5rPm(JB--(SHu)RCr8WK znRb3n=@3=s9mcs&Q4bILp5L5-iEorw9T9ckzg)z1wFL(w zddK_-6vGG-(^cRSmD4*uw`9Vr0dz~mT003tirLijm3;#*L0_hcpP;xPCMKpmQ@FJ@ z*9vO*$9hnu0+`juEHs~ZhuCZW7FQm#?OVqxss>^r2VgKK@rnoYDt7pBJMhRPU^ zR$XI7$i;AB(bX(9QaPd|?7jy*SUj=&8}5DNDUrAL2k+S!j;wR$KObdC)6Qs2j2?*) zVt`F4FV0l&8V`nLzWpG$vbufzlq_$n?l{}sBQ5AEj!&SuqDy)4b8*rLsZV>mTR9fP z`6}+Q0@8ezxEr9+%E!SHyOsg#iti4CYd1YUSPh9eVtCDQYWXH81}3GXT#_iP1mdlj z{ba7`O6zM2S60%Bz*i^FyTC7P?)Jw^RebT)4x|-fNK;H+-cap>Fg?y;W07`T>D zf4(uVk{_{D*x6P((Rbyx_6d)I*6od|(&H?sSdocW%rM*>-D7f)z~d^5?J(Iy$j1fb z=E=nE7L*i0P7f72XPi{;i00KCw#G8lHrD$b+&B0}`1Ne2y$wJ{-?6U4K3epf9Y@H; zhH{&ro@}o#B}6cG+=Pvb;mw91{j$coADN~&b4=}3h!6Kqd>+}}q7#n#dRSNml@ zx5Gw3Urs}8HjuPXSA;GN3mJcs>k)RDzGuEe`-X};1;9k&ixVhDqn6;HLTGn5JOvfb zG}x{q&1ScTx=Ec%W}p#$FV`vMCo8%bgT+_1v3334uBWtuE!K zy?1riXyaOA${dqjvFt&@&Rlkpc-5@X;}~SV@d|&>EsATa6(H|b6U}Ie>s3r}vLROD zLsJzJ1;fZ&;ilp9`yfN9{nIqH_;LY^DEmIPlSM=rml6Saza^B-BXVYH{Xx^}cm%;N z#!MErGf^~SJKm<=D)y#)XZ(s{g^P;GRmUt>^-_zH?bQLUCI98&9G!|Am$?i-_^uG2 zzNbMCrqmS8@oE-jc7IVgY8OrGv0Hn5qqB6DffzYZJon+r#~V)rXX8MAZdT09aaPSC zG+wSwyGVxc%sbI#oAeq!475;f*(ASWH2>jwcPUKzY0$kqI|_OjXzO#ErehoS{l-%4 zms$S#fw|}gARi(ONnONbX?7=?aM)G)lIw(krjPd~Faamd@muuWVhUmmbHu}2`%@k$ z#H715wBTh;d5|i{6+KSyT+k>{JicMjuF($;N>(WL~L)69VA8h)|4wWRG_$|j{`iD+GQ&j;IlKh3dWB&B|@8(Qr^lnWuwXs{2W#Z zKgQdm62!`IX6SS#Lgp`1pXYqPCN(Q1YY(ioaXUB^39goHs9Q1?HC;I80eLL_Xw)XpfO^FGeI)U z`ow82_)e&R5(8ys?`O?KhW7Rg-K&p9{M>zdUEGH?AMf04?9W_FiyAAZLh@2L~ym(vP|D|oE4r32ZB0MGA#3E_%PoeT6oGKn|2&> zv2HSNJX}>L%}}&%F>7bbGTElbb8R9grmXftX0PKDaU@PE^vdPh27Ln~tn*FK=XOU%Z>`z2*3(@)M0BGRmqr zCy~f=EUiXr=kiu=PZPtu>0Cx!24v^lJaUubvVeYS!BfP2Y|0$^^_-*t5vh@Co@?7R z0ur6JM$+%((AhODHzfmF8fBxBJ*h}wmf3U0PsE~Dk$aowVRkv$6Zh_pe2y-hUE2CC zuBF-|dC-gcmm?heN9qGir;cq#WUQP|rk8*vO-uLvq@p~?olN;TRI*i!MvDID6WKiF zmxjpr%rtkJXqM9OJln9z`R92VaY8I5@xv&y-7xf}jvb~Mdnxldu^ z$EciQq3O9d#y&rM$?2fk$*B8Pg$agP8oaj@YG0+88N}smM)a88?>z%)e0{D?Ik(sI zc_?edtwa^%{PxBY*9_t^Ln?w^Fw2;rF{UV=?>HyAl-x8{^e{Tlpeghb#;z@lBk*Kk zdPAGK-Afdq zQ881I-?=P(HHj=0B7{x}F*ndqF|sp68L##@>NomF)VvH?{j$tm=%{ft39zS%(xH4s z?%Ca6%IR9o*?L8N_WO3yiu^#`uSgby6Ll@{qorz)+hR(z=jrzfwbtObjT z3o0>nszYHsz0hJzmPRDB6Q*8g3=n%H{~L&&R=H{AVDU@m2ME_9M~%`Ss>OtyrSWTq zvM1eT_8m9Dox%X7$>qM-**Z~tov26jJvlNe)^F1Z^eW^wW?QK}q*iEBUY?Ba3Nh}R zeR-oDoJ@+h95aklukh5TDy0yEQMf{~6a=3`+Y@fIL#L&nWtp!qLT;z|m@RKGLKdM} z+=SgmGFbH}k%~xmj)9Z=Ud9>C8d3SIhYifJ5NUjlOB8fu=Di6jrl2gSCDL8!Mx^g+ zB=oE*A{U$TTnR4caIDaxzZ;|R5elhR@XoxG%rhE3&!>?_y2w%^WFw&Q|O4 zWijbBEA2<#C9xW&bM^y#b1jINy@{*oYw*d==LD>Wr@G@*FLa4kP^k0Zfw32Y{p?1X z?su^lM}#Jwmd0i6_?;Jj*gjNq&{IV46m4mUC=AS1<#5Gqf(B4{nX2846`9X>ZAKn3 z{7 zY%#&UH7pbAkG1YI#q@izYOhcC$hQf`D6X$StfeYRB#b&8#eV=kkMYi^+W^wM*v_dX zm??U{9*f+V*1r8{t{Cc%%fs&DK%|6i0?Z?-e4EL$# z{Z>X5E*`gGQ@kG@N=SvHD1_jwg6Q=`o~+u`Iq#x4lMY)s&Vk5$4bA@igCSTc}&e!5tp`pq;Zx@5WNzln4@gUbou%b!->yl1y^lu zOJCqu3XT(T?I1fIM@c@2t3fkCc-t8J6Eu4Id;SI$`Uhm<`pB_xvTd&l$Xv$rI3&WIsW2rlKR>XGlL5Ogci|V%ropO%Z z#wrz>%S4VvqqrQS{zWR|ys5=&JJ3bC%6 zz0mh|6CF(W)0YfqW#_772UaomeM*L3zgbJvg$3dgBq**niO^-#JASKvkhUzviwH^@ zPCTKrw{9?#IGinz?Yv~npqxSV6y~xz*_9ZTRs%Em)cC#@ZiOYZijzS~W0et_92P2u zGS7W9V5f0B^BL&JFxFL97vNVEv=88yP4uUJ(2bSVh#M`3=Yh70qrEv;O+Nk}3%}&Z z6!Vq#WkUDU@~{z?@(>V4J8R8BlXulWhwvc#4HgUIAeq9TO4*c3gXXVj(O;p%f1$p@ zTO`VvZu6%Ra#6D&ie;Xg@vsW&VGR5_JS3E)-s8!XsZHltS?(PD7RI8QZJTn0L#I5o zKP!P(q_{{dvw944l9R1^?!9SD^P*t>Thxg`26-BeDE{n^Ab}l$r1{zl{YZz{*fOy> zBj(7yUO3S4m?B1l*ZgbCn6%+Stuu&SWefaHoR)k~Gx~fkH%HJ;@I|Bv`R0Zqv8OnW zGClg9yZ_a}Drvcxdlu=UW@F8gmKscob>2AY?b1$V5_DyD#1czbg?$c zPd*Mtxaf$NJ1niCEJ_7MoFDnHBm!4#cqc0g`wlnJ8rJ0hltpa{1yR!gQV%ghC(cYW zE{%6AuA`?`s5{)_VTFnrLp=3Ugw|ovi3e1Qt`YM8V5Wa_xHvfgFkaNj0mzy2iIA69 zY;_C--F;3{aFwy+-FYx|dh&fJl)M=x)e1xG?VyqA2^CVkFHwFT(_4e%sW+CtsFO9t zVjP381~Lqv0tMmMZ%Ur#jY4V+6S%z|Jd$q`wutcvt=1c>^^vA6GJic_`{OISxZi26 zkfSh!?sz+e4L;W*oM`J7bn8u>?Q86+dI7^{E~5srvE*_pCx0rI&_^I?{>lWom&yjR zvvNjKx_lKN z5Y+71JaK{ssW=MY7#Ftym5gJ@ZUa=zs>mGnFsl-grPftDu2dW&=23HOSqpIlOSI_w z@|0b-M1QrQYG%NrdRA)L^oWuPv2gG*mr)3Z%Zg2r59VnEmyc3>E;bBqxH9FL*0SCxX*@4EJ_-0(tWv zlM|yxdEK^_+WJ#;t8|9WqMQfFR))UV)VV=dx&a=-7yCYn$1$KQJ)Is2(7|^*$#W5q zmhGe^la5&xZIVjB>!T$9WVW>rCTLBl&y@)dR>C#2b*tEcf*}7HnpJelbA_@QM`vAw z1~RRx7hU??DreNsnl*=t zWDv~NHtOGeO7U2k;w!A;Y%YW zr>NVkQ|vLFp+$Q zZD!$wh%ru{`v=h-AC4Amw@+7QGMd4`;W( z*{9M7LZ8^ZtD4$3wJNt(uXK?i=#h#>%&!WYWoC48tSpOX0NpTDa}Lkd6HMG1PG8Zq z8kq6P*<3!Kr5`B@7hKZfUG9%JU|d3O<%r1|sb<|PF>F>ei0BtXOghQO3KN7qwzO6! z5SZXKb8Hs>yQ%a1a#xE9-FP@-Zh|pdRp(>8xMVndiRzAi+(XD-Wt%_2J7C7B5yjn( z)UjSkxonW)fBDDy0%Zrv21Tnq*3PdX(B#`2!3X#4PolDTcj3&hPhD}v;KF8DP9Ipt z_2;{|Tg3(#T|2}!PXX)_I^nQx$eqOk_PBfUPcu%LeVtwjZBGUfddy1pwX7i39IN{c zg4(*7rh0wSVXa{-iF7F?kdwVs0C(s9E<0m>U$)LvGT!L#e2>9{%08$Ju@}g zDBq>p^XWW7ns}aGJ~+;BLXal4HzxtY+wN><(qATkzPU8kIx16>NiTlw(`?T7{Mn(> z@X_VZ4}Hi4o2Z!-zY@wEDzETVD-(KM3%sKl?2Aofo6^wQf#kTrF-3aL$)XRTur>ez zyrHoOyQ6RvBN0eF)Q{QS;bX8*Ww9^c+}_)mpxemDPK-O>6B5-&fOERzBU>b?GQ=M8 zs=I4K4cv&fT4U?~Zvm5(GK>5T zQ{V9>JxY1&wRHf>;=Onj?OwygQ2SPLtC?k-lJ~n+p5ani{7uWDQiqT9-c`JCtTo^$ z+LKh#+|kZkbSw}6us)aBj~A5eMQf-}jA17i(*1@CtyNoOg73s<=06M#$+9!+ag;}y z_$BgQFq0p$q?;osW!M9M6lKvJXI(~?g@6Nw{K&SJOcdWx5BqnWi|9?e2CGez)8vQ1 z`B=^pTF@D56|T+I8AEv~0Nnc*!%WKeZ0D)L0ig;|R}%&OU{LQ*f0^4b_n}ISx3j$M zt&8khcYA2ejp{-6K`N3b?UwuYx>Z;wG=|qcjq27-$uk1?Cmf!AI8J_Q>cTLgCmH$D zH1DMaOt+WJ10fd|nxUF4^^heql--iX`MZzj=Y$G`AmIXjb@^MV`;XMFMRhE#ahMY0 znW)?$sJX@p@DZg?WVFN+0S4&oHlx&(fuZS^j$uaMbS16GA#fW@MHS7oPr+Rsd|9qv zS=N$wRR=g%TG2|(^0H{DjxPQv+*&(Ij=s_arBgD$hBp@6RAy2tRWXMRscyN5@QQ&* zY%o7S)=Fg*Oy+yabu|1XA6#xh*Il4KPM%znR@h#xBSyreB5~o?)9zad^iK}s@d=Tz zU^72mfUGj=lz)MI6q%!9x~aA?U4BzkOi>=>z3B=so=EK}2`fsOz_h&4c)uLA3$J*g z!tQm@6cYG5;Q^9!RGG^|2OA; zfd6um2U+s9%#v=qTQ4R$uBAQ8dpmHA-?IBj{^nL$mcfyOo7vg>)%$tnP0W&0isUCi z(RBvc@EiShBRVFVC^mrvb&{ZSg5I7^?{I`&N z%+{)K*<;eZS>FSqXH|CXQr0HXQVjPq7B=XTn!#fs* ztd}0cW*;kH^oM2u{JQT)N$Gk#^rtw?yn#`aGXU;@d9T*5hkVXW8!TUr7=5GPAq;8X zEOaOVcE)SQ{_2p=RkDMDV&l$^9s&mV%{|H4CppmYUOaH__ur9#?mo$ZDF1rlu%yM` zbFPPdE@z)>w8B`wen>N_Hs9wOJ#P0o>~q+CuF)o?zT06rL%bmQs*^bW@UYJj_qj$p zCpkqA?l=BM?wXGT)}5nZM}OGoU|^t?yRR& z=QW{u9RldGC%$plNJ+eY^7>a-60J*z-C&PB)2iX)3U|*Q@}*y!f|owGbL`7cdEkEo zA*}oF6Q!IloIZBQq2AB{HRO-Pj%5F|F7R*e1ksydPn*ylKYDPS^|zsUy{5jdcDYO5 zlX&xQ-s5k6=yyZ)M1f?{a)e~f{X_1R>j_}5JYJ^!w)y*49q{=2#=URz|69htGpYYA z<4=yI|37!*{a2vy!%ZENg})8}qW8I+Uv$<%sb7LYsmER=(JXFiD>6d<``t_bKGU31 zj{lLW=AJU=Q}gpJEgXA4xJf8F5pZt2OqA~bg>iP{$78uz;eF8e7Lnf~80cCH7<~PB zvrIW#SwVxxnt5Tg$q^%I*reKaqubN`-@jGuq57?KB~WV@hio1EHlta*SH|BG^Yi=r z6*H(XP`=?XA6iY|Hc3(;7TM(<2vl(f0 zw!P@q#=Y^f-(Z-;@8=W$hg0=zIsomSz3HpbBmp($E12XjXGk7@cH78L&^^~B7k!V3 z^b9Rem=)lkxPcs|$t7q{(wkfx0q>IOHvm*0Nm~k=Q83|6-@SUqWu57Q}9HmM}bessz4O^yBMC z?cXZ(ENknZrjTfZa@6E@*ST;@kZ20&GH6mKt~~+O@3&R6uLg;Eh=Q7zVAC&B1Iw4W zjked{EKX&>lGS?}jbq#g0Q=_jWkD@qvCM!I7;MqMecPk5d_M)xq;|ckAkLw1acGir z)Nm^xCf{Svy*XOo(*-6iH9!-4tmDR6G*DTZ3o>>QA`=(;k*>wjqOiw{Jpwy<3hEQWG1h&SNn@g-?m zqFV@yYA}edBMnL&h)j-i!y!eM!yn&;v8y|XX<+dTKuevR@diq7G;m#QOlM(67^?^h&ba*juq}Nk1ZtI)SXzw znakFrP$}#+d=fTX8G?paR-7MKO-w!^^NaNL|MqQ$LfN zD@-BsZA~S^sOF^)MkoX=XmWI8rr0RozTZ~B zBP_;aCg_g4LZ%~oVsO5@4$mV~d|Bmy%iPDClA*LiVs;p!03=7}rVAZzSwuGa-bVtl z7EHa1tiIW-%_nvm$E4j;B!UVss4QKO6G<+1$OTT+ z0UssD@au<~P3szmahXlL;!@TgM!S5SUmfX!G+bHZ-;0@=i)$DSsoiva-Q=zQ^O~-C z8L~&EwkuORuW2@}v1~gKx{UHI3WH-w6`6g@AO`M*!*xWH89aGG7y0|GHm_ zeNUBLcZ5278td_SnMik*b{}{7X3~q!U(>Ow1z~Y0ZHCeq` zBz0DFT0qP-T6=2taP#9&?LZCS=GSlZN9apFZ%yXYWWd5urLC!SjZQcTfXaP)rS<8S zwB>5oJbt)hOL#UX9t*g1&V$B*_~A>TYY)BQI4$j#VD{UfX+y63=<0?_oKE*PGNq$* zUQ3)pW1jdBy0ID6v5+0pm#2GoP8~3knW1oUABuic11!g>D$6-^piYzk-|7 zxx?9bo2P-Skov6rT=Hy^heDQtW|>umoxeH4w5yiOrT16LPPCp;RMC+Tnu|M|?|!sJ z)b*=ii4KKtHdun#oZgX=dyAoYDwUtQ)gb>8}?XH=lV?8&eFrWMx`vrzB8m^_u59A zKDh;W?ClhnFJQ{X1wS!phz%G?M^)}vZoCcY&Q;(pSnnx(3izCyfySkEmGG@(^c8E@ z?TDVOE!gf=yV!Yu{MBmy-$R<~S4mbqD5pH|?{jz01r04%oil0Qe!5KevNv-leM3@r zl}|p7C6tY?YKu^myGuJl5YGI0EaoKa6=IHg`ZnolW~PGH8=3}J*sTi3DZ)}A@i8Zra^a1n z>~|nRr;cBGH$1N7{ZX8hBG{hL9YN+#bE_Pxl2bSUj-?pD2dmn^8yP@!O3&Z&z6M=Akc3}X)( zN{>ukv-V@=wNFP2?cCUkxQmUgaJ}ubGWe1Y**UL|G*kJFL&n^$3g3zt;!##lH#`Y7 zRuO8`Q@Mdof4eEnqb9V_)XZ?nERG{{&ZnYkCoR5(x;^SCRfY>fM|Vz}CDJTvwa30# z&&Vm;X0(wUI*{!x5Lmjlksr3MS<_K~QJ$hn*xB#45Jluys^RuW)ves)?d8ZC`6T2h z_vV^V(TYE%MhLk`RhUaA#2zUgGFP!x1S(U9q8BG33Jm+^KQ1=WnaiFnHVMpD98UjX zT1*9jNeii^JurmRO{Y-tXnTifJWz_-JznC=tR1CO2EcZRQClM@K%iN&;4ROX+q{}V zM)cf;%iil>3IDM9-Pu>fW!3g!h(?w&i?B|W`%wCFNiEj~L*MN}lI&}hXtV77@`hr( zi?~jfDt2Ro!lm<*dw_-y<_x?ec1t=}FWCj!BWCheJ>-SB*=9Me65n-F#q2}8Q(i(! zLe_~V$Qx-zlGi+*V2wn6cl^%=d0tEJeY>^ksysrv*PdE+l;GhC?eRDbK~AwikSnhF zHgyaHF+IIpj|;1Js{CH@FkpV}rwI#zfKxjb-AV7Ia&ZPNkZ)3uQXgx+yC{q3#H>n< zNy+&%kYjYK2|UF(dz=Bb$YI8XQ7tWA(2_>Kn~=ewwLY*RUFHi}c|=ZU*7G48vTSE* zXN>yrK8o)t*gm%vlb#s&bX@a@kdLt~d-Bn92bOL))P#f!ndYkZ>J3&O*}2u?-8&m) zU6|id(toTSvRm1565>GIE$P?wR+gqlg@t1-w8SGFEb#>-Q8N;Vs-h?ejqr>4&+1o& zT#~5NWQ{kGW|$9vpwJ?@M`Q)bcg`B_3dbEm=fxyIt(#9b?;&)|U`kb_xh2ZjiMm0d z9J-j{AFCV9O)+f%!`M=+bX~D&23j%Ak%O{Qb zO!W&geatOGDoxHc`@1@pI@a9uMR#_l;BR@8UOVVBdA!fk1jn(AU;*>h!MkD#H{TB(xlD9Fr*o}v)xJ-wE&&i6Cn2PbjH`o z>8%H=(DRG?E_bZ@!D=^8!vtN)HO#lxJ?J7mli)f#5&qA8BEh(!hreiL~fy zv%G4Y+{zEnnenW}!mEOfWv>WnB3qJ&Xic_P1=jylQdWE88Sn%z^UPmaqNtwU0klNc z(M%6kgzVmfcaZersNLZ(Kub)+e|}TZ;x;AbR-mcoL6NsMLHT!)|9?LF)=%~8otvxE z0eF_1#ohr9x4(j-3;~Y^CZr6=^HD?C`*B71tm=dzYL4A@dt#La>eUtAV^G!P-nZdE z@ApF1=6D+PQUP%I_j8^mcEJ0W@o4FV8ow2CwdgoQAqa>K+!c|$83OTAu5{#<&;oJy z&5Q3HE-k*tppP9r)@_odM>*qiw=x04a0hTjbZ(1|^Fq}z-@rDvKH zJK|k+i!2AMIDFR$G*5bBc!I z=hSh{wOp#$?7UX81!&KF2E^ht?uNvfU-6~c9?=sDY5K>pN&@?Kls!}yGb0DTK0WucAF}031Jb0mr*u( zyAGFoc^Qzm`yzc-E>H3FIb;AIeF!FcQ(|#j(z4uX;Rhn^)1#x&8V}G`8t4LvR{kWp zp%cbtFxQk%i7=n?5#} z{P)Pslho@5#>3GZ=7=q7O0TynevA>bI)$6|s2?xgRdA=U5sCdd{8(MUbat%&>T1tr zB*Zj|2b#WJWD#*y&`FI)IixGyqFCq&>;d^0Izv-(zlbWm7q+o%&=2C~lk`*|xo)3s z9W$%J(g#&r1e1^=6(3Mq%FBiv65U#+RLYV=G`LrwqZsZWLcVKM4BzNYdwT_h87etj z4a%y$%%23&xxRdO=PlWNVo1p=9Zf`bPs-?q)%>%b;;McX3WNIB&msG~hhalmw%A63 znAF6#8qXGX!4MZ;8Fg`CiC$9$@xk#@dT7wClyv_{bEBs_Eipo2rs!}%q`7EeWGvA+ z;n9MfwmngDVQG8xEM~2C#*m)%(W&q5b$0J>`UQp;Ac|58FQ8$x_wC;ELhGIc2 zmR?!1)a85QHzfljXQ*08U%i4oM^fF%T$H-K9*y9qe49{?v~ zia`m@Imz?Q*xS!qA<=h6Wa))zu1aidJe;G{4urbi*OqdrHZQJ&bBIq@V?in74mmAX z+tq}gNDm>?*OR>?xY$O!HV~;!#%a=6#0Z!NqIq2gQBEMcX^Qj_% zcs5(1Ge3+a=z4I*HyO36hVQs~^s6@d$6Ut;Ub+Dq-V`{JucjR-2x$#_5|>k1lu}G< z{xBx7$)CID?%GyqAP>kfYOyRqkxfaRynOfT7h(alr>Fv?Jtcfk??RS2MB?mE&ABez!BWieZqvRJ z7f*jN1wAc4>g-h7u|njJMrSM44Y0tZEXw-lG(m}%Eb=jBxOSdmO9&eqz#n+a#!z8c zGDs|EO-l$Qyhvinc#)X%u8l7SGOVf*e8Ru`6U=ZFej5R1QmX*o1?TFU>5# zPE&F=m-zbXB&8afA*W?RcRBPVC1c5uI3O9e_1X$bEP!4`(a>tp=*nz0!&EjfD`a9f zH+{N4M1h7cmCizN78F5!{qb~k>__t_u6=)!C)KO1BhDeD;nYNlHuvO9-*6Yuo=S9A zmob7{^=KqqqG{nJc#!R|$M0!w#=$n~M>zuvxXR}m617;$v0r0Y z5GQHPcooSPN_;mTmhSer&_2is1JSDqx@2j>+eaG}BQ#;*NWKXvPC1Iz8!O*9mE@4+ zS#226o!n->-0+Tyvng{M9&%OCtuG>5G>NGt=9E+3CpJwz705LMh{s-2sSAz=`h%Bc zdR+zYK5nuJZhMB@ox<2e$VtmBz4|IPZD#k6N14mau9sOvaK#V56JgJ)+{!hcTT9y0 za_Zyl|4*qxAIa{n`gAsEmWWB`iEUFqlQlZCzm63D?{)lvaNRVSnBM0$dZW{W<|>zp zPO413y@#>?wlLCg%HgKFySrk+V_1QE5tUglQx0;hBc#0W zd3pRY$BO9GGU$SK?yh$62~znufl(+{kI19fpJXGhUTL3K&`vAQkddEU)bP&Z6Ck+> z4T!+B5O-sRtSb@PwdL%xk)F`c{FcM4Agpu@4=ixB&nklE*zL3d*!J`_t|vOy{ezji zW1LMy7b~p06aEy|pbiK28z?e0mdjEqA@;TdHhL&F`vl|^vRGtxDHlbFGnrEMs%Zgk z7PZCNZFVA$p$WgM;0y8-`(=mfSv{WSJySV=I>N1@PI`K~Ba=m=F!z>R^w(whcTf=M z^+1Yz^=?E;*3;3)fbHG6 zvAt2N9V{ezrVuHPep zzfEL$I_@)2=iN8P!er&^%uKXM-fO^YcDHp!L_^Y5NL~g>hq3byAg7|PJ!CdMUR6lo zBYy`SHd*5z}+L?NaDTAlOe4PeHIF2F?!#I##z|Y*H!Lkcq7ToDX$O z^>B^2U+vYPLUDvk+>DTYK67m}|3sIypwG(pI>|>YXG@D%Be;d$y$d^b?7==uihJCk zDIh8jH`;Y=Mc9>YumCdQMl+)@{BAzrW;yl_q%id)%@hn*MAS>C>Cnx6)+oQOzzj(@ zPO(2D=qu?=`v7&$zQ4ycLdcQbymZy`MV_2e)l!aj$MXTl>EKG;HU8GpK!`aq%Jc_2pqs2@GRX7SW(HnkTzPW%{!B`0{$r?w49u@~mf@qxE@;l_MX^VH(iK>$&s-7h?jH(EIZ{lDo+FAfTrYw4P;*OE$SGO#lS9m_aY%yD z&{iwpu*>`+H0kc06(>+8LYOd(Qx)T#Ojimw@6(9d71-~7&_gk!3CQX{dOG$#=~Ps4 zp-Mnm)Htf~5~u#Xn#F4ad{NiMo%XbToxxfBhn`f+d=}JTMclOlxU2T?wxj)!>Xpbn z<1TRA6JExe10w5azU;fp6M4G6{Fg7^S2xqFWS1-VtV{ zztb@1)pD%#zUHcR-N=qgb}QlPuti@7r{&qFbx}B;!c?joGtZ1hACqSizT$ZX3Q3GN z7L8=9^t`t9{jk$hPMa4!1tHjHMtknMZ+4U8`N&IUqc#%@&9`FJF+05FDN66nd#Y8z zUX<0Xf{sbHMErr1vq;PF191gQx(a3IYHEKwI$p_xHL`%g|3Tc!A|A^<`-fYy`h! zXaQme?=L^Kc6OrvPaQjdfADvki9PA{@6LcXD-2{g;QN@rm5LRMdeXB;uYiXCvdb9t@cfhOCkd}UbUq9jF5@|O{MfN0$C+MsUkDB$KYmOh zDP8ZuTaveL?H}$%V^Fd|q2`3N$B|2|Yq_&3P}%rzWQR3k-gM=K2EAwD}9uQ=sbI=txnwU3YgqxRTxh z$v(DV35|TA_6|^vKVQDJUD{uuOuieU;|fZ%n-ZfKyb1A#x7wY&|@&vPiGI_WN8$*X~X9_o%{W!K4`Yc3CAr@4kx-s_ zVjZZ1Asei>_^Ub)vOTD z{_sz|;(E~IEE73zGy|i0U;W}`B>wHoXw}7Q`RcIlZX7YYK&~*;^fE{Jy#Ds~%Tr5N zw5-2XTR6{eNSkw9aU3d~8)?bNexs@bXX6{x+i|(FT66E8Cd9Nu-{?mK@*OXUt-Ma3KJWcMaN&igOt88{#b$d%} z@102;oc(dY)sVQNRh)T4;}z=*lJ3NLQ;_+Emvvj6I~naUERZ)As#*W}0Yy`4SK>$= z6J3MnksX5}7`C}7Ni|33-K110{Xf6qe{>kG-`BGtD-0L3#F@NXB0;Wz!oKMB`MN;; zcPL` z7cUJk`{rXdAO8CN|MZEe98i;JhZc&k{85PEj}j7por-4}fS;BneC806VeLa7XYI>rEZ%!^AglXr8hIFj zc+WTwE;i(!X7vw7^6#%rRRI$Kq5a9Z@#i6XjRRSj{^-X81&5etB+&c8w2WRq_+oZO zA3Mep)nn=kImA3ezyxSGUp<7LV&uM*jvb99>Yt=g|HkBcnSm}2OQ83kXXc+@?!Fxm zjj@nRoKgSh^ZC!;1~!cb+Qr_6Zksg$pn6^DDiVW>IUbbj&7dh< zz|OcWicziPmM#hQ#y{c8k>jL{B)|i!rM4Ib~`btC?n3}0}R@v9-Yx;+n zYg2a;wkZ5fSN(%qujl=Cu;qEnQV($!MaBd3<-TekD0A>*q8Dg1sTaKalcwg+R`>Je zeYvi>2WwydY@|Oi`TxDl|5oOIW_H*;lVz5zV~boGZ+{2Q_r`LRsHW{j*zJQKB6<rRrdZ%CR8ZrCDC_*Vmmwx9(R*l&K*LU@xC4Plm6OZPMLpSJc|YEtmEx57YmHr zb%IdS8iyDf7yE~NA0~tFd|&B&R?Y#|7!mtmc2mi_Y1wc#Lf=_(r z!67d4QsBuD&)Y^H{9ZHV+xLErQ$_Cl^8x$kZ+jL7t^)0c0skm5_Sd&;2g+Uf{il(n zhq!U3fG3kF{nh5+Ci%G^=tA>F#jk$;>j?holl$6W0$?Wvm-0H;QrPz*Cl6f819# z{2b^osXc;))kxgzEP_d7c4gHi5G(`;61lblm+urGP_f!;OhRv@H^OE|TzoV(tf|32 z;$cW@>le03QK7=D*A-Qr+yTQ#k4#+N%*#mL2$z}`2JT?mR|lMRY29x=^hzUbnmX^9 zxQ*F%qHIXtJ-Y5=VC`XSf7%89P|JSuabCZt3iZ>fRx?JnF!U8W-G8!@KmTN|+sUK| zW*_FT98UAELn*lyGI*q0l1)g8)6HeFqfw0;Z96B}TUuF_;1PMY5j1D`#Sdn&USq1?z}!+< zi~2AJ_9LsF87UZU3_gkP;|YKYpGvlmJ_VB{DCOoey-zVYSk&)Xt$6+t-}A?9;R3}@ zD?Ccc-S)?%nz-NF(afc2fKY1cs|))9H!bS}uZV&PKjt1Iw!MmD3t`pC=>aC_1s#&& z+Zrs;u(`KD@)Z@hO-XQ4Y+J3w{bs&qn-*fRv{Fie#C7X_miL#VB>LLkZFSy-m zLDSR5xIG8yq&%J8?^1K9#f67#9gcb%XJ6-DSYPB)oc;7? zh_v%n>WMKWJ-+ugG(-vQao2-4XvnVA|#H=h_}I5VamI zcbd*)9C^==_XkAbhSV+teV-!B1VCr&s&Fmtb6aZHUux%jzhB1lnH1exT3xlfG8fL{ zY`ee*S}iiEsrTkSIM{-FjWYpfr|t{l{+Pr?-SasWyN}5wTQjmtHs7utK6-xWQ+hAE)0%fP9qYOtrRd^J zV&FSJI_JXmR~%LA7JwjK^2OTwARF+vzhMmo&cN+NKI7@W6F$t+a+VHJITfoe{oE+P z__O$l9PA%v#w(eA9wZPN+9C?{eW-AdvTc@}igT)ayYda2OQ_xF%d_Z2FsAzk$7aik zmFswswFv}7S-C!>s^kvPe2bV9TWPbisgo^k%v3KJz2fJ_<}l#w*Qix1Aib|keQZ11 zqNpX^sLZnXO^=)qFGk0_J=GM=EE>&qdzem)UdLr&%xQ{%FlY#YWV%Rw!pDgkJO=cl zl4dak=|Q%+n&>ed*U_vmb6$Q1pt%L7O?T41Sa6}$kl^O>?ByNE+!a!~`4Bf=jJ)Uu zPm0^R!a}^_na5Cfl8ZXF&ap=_h|R@=ZlCT=e>h4sqo#9TR_J#Psjcu?+#*`P4iwwH zh2QDXwGN1J>|BDieJqUS=%Kj9a z={!6;hQkzOYXS`>JL4CIztR7e&cIr)s2RL>&%>F)sqLlI;hRCS;deQG4dF>kWiUuTk zfVxbFy0d%aNyrQ?>nxi_;T_tX(ggw{uCd&CY0oohbY`G91ILQz*nZA*RR$FroA+$I zE#lKXH&2O$GYGAT? zk;13fnNR|CU7hadbgTb*N!aOyKk8wri0krK{F~jKtuPT)^wRV}{OsUUNm^|%j}j)@ zy{f5_xZti!d~Sxj1wE?+KWbVQ3ubs#y@H3B$ots8f|kn*rv#PfHs!7fQQN67JyYjZ zgkd%=))%r~3~k}?aFMg0{-Rj1g?X_6oXOC>lw4gj7jz^kU(X0VdI~2GT|LFIsWSMY zPL`K%1MKG}d3QG*`?=w)#!;r}bz-YKW$~b`d2g^k-W(+|a`EE!ty3Bf@46D3>K%lp z6{k(2vWnko?%5~_Z%y0TbTx!E+M%jG&Sf-F`$WZGWihE^V#rl5@Wgjh%0|rlp>Ug&R|^W(s^!#}!Sj@?y8?-C+bHBXpf_ zxe~Q!`JNZ)h)`3U8fHBH!CHfc`I$Qz(ntEPSeM`K5SVK+TJeeTI{JUud(Wt*^KE_n zjE*`3D&r`iATa7EN)>5JRT)L4DZNKQh;$<*Ku9u-gD41C=q(~8(jf^Q5?VlNC{jX6 z1Pm=eAe0c&{$I|$=e)V=-eF$+*ZRFU?^t22l>ObG{n`83&wlnujFA%G&AWc>c0_^O zwEuSNDTqLx(VpCa`mL@~wEUK!w|xBeWYQ~`|MCALH2>GXuCI$-Wq`%!u$CHr2h0f7 z--{8u-^n5wqt!f+AVw`@906jRlOOwBI;rz`esy{o;EGjM`?xLuI9cL0n*6JP(Sg3_ zdDisWCa!w58Py)T|4`!4NaZ>O_I#%7TKsI&XuU3tNkhS*J!1ue}Z!9!(q3-47eU4OADsZkU3%3bqlQuKdD1LSbGCgWiQS^ z*(C@d*{56xQz<-Nq;RhMuk&4n1L2V}@Q?PNp0S*uQBqj)CD_)yG_caVI|*irJzA1j z95y!kuGv>qblt|LxDZ90#Fx;uDVM`boV41B;_0B7yBvA)Z2KIJ#;A zL87qSnKmE}EMq_Q+(d(X)wh<-IIn(88Ncytsb&OUPMl36W&!)KVJkH-jY-dTj7F}u z$HIzguMXP&BETt=9$ExAL8p^=v(U9cRJzU5+1xjDAuBP-5zGUJPtP7P$`iYWIekiX zOYx-d?X@K5T151JHazVt4G=4uZn(iqDuz?brw-DShK9g%aU;BIc>jrV;q)^&J-C8# znis(T^UUhR6>){+i+)#kt;b~;_ds5<{Dcje(f|z&SN}gCy7}SHg zKu`EGKxXhoxX zUjyRxh5~i#xWExRd3^PHtev~t&~$`F&>ZEEbkq$IeQDRW*cbqvqVYs5Mc9i!rOpWVJJh#jGZ zY3onOcfHAYy7ZQ<{fzotqE$^>;BTjS%jeGZJhiLfGLTU5B#P4MI^M8@OJQ;4%M+>G z_TsAckU0VF=|%p=9HA|aq>sKz^b-1Nm9c>FN>YL>=F1XO$pZua*h`Nhk4lOeyf_?l zV%Xc*V@X#!`0ID&A!3)|U&9X-_MBk9mqAGu#&aKlAjC1jXpa7!Nbs4?jrs^?<8u+( z?TGVr7W2%0!!B@p#t z>Ll0H2~3l<`zaGXZdfx_1X~ZNo%Bq^EO~q9Or&@mIz^rerRngDpJLK|ua8jWCfc z#c#RSC%HA4r|7VscalW(UZ(L8Fuc=_7qF#*I2otUt_DJB2ar!DCZo%!CPUf|CclO*Fkp4vxtGtX8Cv~`Geyv1tkVLMkIv&N# zVhk06bJRjpn=rT>yCX6Z0U$AZ#~Ry)nb>jhDskM~#4gI55v;vYp(Ar&N10;)HQFLrXL&B&o~aR3wl{1HGX^ew>^Lb3L4=mu2f|@Y~6%#zmhtd zA)o~M*?q#C?XoPwFgwXnISJv_Ul_V9k*FTc$?B`eX9JP=as|s2_X2M~Q!CNol+0kB znX>zD12s@Cs|0i3EpBDfWyt$k`OT}!JNckcvLyF3&m?I(cw> zs$$i5HWi1de1>+{&4f!{i8ryAzKyS%qn?_;$JDr;y`NA(87qob6Q)fHI8a9@4^+@| z#WvRip<~hxBj<{Xi!|_hwTa8Pejt!3DA?+`(Hq0*i9Mdz0A*Ai+iL(F2;)E4+aZfA zRj{-xZrUe@uP0H;0iK$o_85?1h9MuVloz!`Ox!){VaFJ8MrMx=o{Q79K5VVGv6@ZX z!M$ycbgBzdEG+avn=vSEO`T-BUjjVhAGN$latg{mqWMzXIk>z?>429}*Gma^6GdH0 z^0G}N@?<+Vi|NE&k@jj!7SVep(9zEuwX)aXa`%tK#c+yG3qsuk90h%4)8)AG<&cCf z45Q3+WV`2W+HXRZ&Vf|e8cVhd9K1{|HsEr<9&yQ_NOkpA{q@!Qlda`G;3ib0%N;l& zUYSEar$rhTOwRr;C#6nA@A@rCL zB9agFBX=hd2-5?%-G~KSe#og^PRQjYV45}^;80;`c!DUD5@IvKWI1#-BXiLcLF4*B zp@q=Zpn4B(Zw#7s{SlTwS*pYi^jMduatPzM`vWVMhhj_9dal-7>}saWe5_CUGLn@t z>2=;Hhzh0dhwy8_bE@7He^!HAlJ@r3{asswrl~HhM1tU)Gi-S?SWj3!FXi^&>og?8gu$L@?4NyPqjwydUg=acTmi3`k=p}WCM>_&Axo=y zq2Xh%?488!e(urs`6k(q+OU4#ZOrVuy5h=Fh0G3XSCjKS=E>G?OhV$1jL4j107?=g zXj(lIvgSAK#erWNb^;ea;jn*uvhdJ;s1hf@g|WY$NjMG)bcFElWnXGdY7Q-Shz_EC z>S`=iqvX1>5|kMU0Mb{S3%Pg0DA(i1?X96JneyPlZD~mBBet2)0&jtYj3EeSDm}r6 zB{uF$7o~HXxR;QH>IJzU%eq~*Ert0fU0%?B zy>@hyNOmw$DZSbIcSVb)P&j0iPP^2oi~8+)J{ ztkzs7WlnY}P-H;x+)>QI&Cye;L5_BXi1S_7(fa{rpu=J7Jl?DK7YwVc>e`gFePl#* zcY;-dS)E>fzwO*@H`QI!E}#8f-F*F1Z5aDJp+>H>bioGLU*K6_U3Kz%YuhZJ)9`PP zhC(U9Et}DSj5uY`N*%)!9@XxxWp|M`}l{@c1PRWW+4L8#LDREuB5?TSlc!KAV zE=xvP%NARv19QA!sc0C@j2>3!xY}35zYs2z_Uh(0Q(Rq3?8dKMs;{Nm5PlZ$Nyz9P zX`pII2G9rK8RY!#MIT-lxHSRNBCb@p$VFk0n5nH-vAXNd#=?-hh~jC`0E&kps~Q<# z7x)9uzE&i}XpWUtwg|($m!;*2S>u~MoQ3y_-#PzaoflODbOiOB#%@)a`gE1NPy9hS zUXZA8hEF_F*M4KXC{ac$H}KZ!kRB|1>ztoSH{b2{W5Jc|r-^2N4VgB6JT^asHMBE~ zNRjE1ldM+t8eYPv+FM!1GpbTiPInIh8{iUT%$hp7lzDEBTXkM8yP1Ul1>^J+V8OOH zq`BO1cB%_^A{c(J^RuO8O%S|yFb}e?@G(0#qmo)V{Jsz`89|%$((P!X*#l@!cngc> z{eoD~)OpQ+?pp({BX4Cnh1aiiq+bfw{h++7S9^#q2e&Caj84!%%*0eJ!VwE0!eh>( zFvt4@VGCqm_@Vd%@`rRc?igoiRTOpcSe$!gg#AvP=ln*2JVFv+zd+aY6%K_h)7K`} z*TIgCmPX;EPX4)(0;@U53O>5zZ!%|QOOkg@Lhv2vXcz@Wy_zs?0e9NX7W2rMBEovpdL@s*ct$nuSuFJ{JP z>UM&gjGI1((@UI|{F?t{+Nl_oCb*;P=jY~#b&Mmgv>AAUw|f_o8e%40v}BblC`7;@ zIpm)U6B89BGijg3B6+vu`}{ULf9w`&$jhaUNLHIZ8UY_av8t$W>WhkNd)pxy<4gJZ zc=o(&oK>Ntc3ODZ{b46GSJ(gd_B#tZdt?4C{rYKehPE_+Y8Ae8IQKU0VdK+&#G2(m--v(l#D|R zeQ+lqxEJIcyheQ2@EPo;Q1}TmSV~=VQ`ek$>iU|*uT~=E28eZroHr^$ijhww#I%IXt!#gU1gT-wygN;^)K(w5Qh!qAnPnm&#j;3#GFi_j z6jB8(WiItLi0H)AZpvYQLLszNrQy>ZF5?N-jw%lDiqIGC%M}M(J<#bt8A?O$lrLAa z+6_~SF^dXmaeDm6Ifw#&z!NGyxFp8S;DZ^%*-i7=NQ20UB!t#>M@*6{`(bG1X(k`s-|H;=n?{N9-CZX9bG+w%+J6 zzT><5B)v8Y&irHNJ<9o~QUc$7qnH2EI92Tu9TMfBteGDFS1ss5I^nnt2<~GtDNY~YtVM&I9Vg6KwG11PmlmdaDjJjDglh&l zGwtnfmf$DTbz8okF_``X#rqY=SMGL=-lmpFML{=qKE+M{UM!b{MM9Tw01P^haoI## zJ=oi!d%KUyAJ%04;wEI4_pUiEi91^mR%anrpRNlw4NG^^F~7F$1&Z0vqH0>()##9( zZOZV|N%ul_@~JULrN-tS^`KG3j%NZt_f0`|VZkx4qn}IP?vq7T``g7uk&;45Qiy%QeVm- z*bdecJU7|&)?L%bcwyLQ2s5Zu|BY#@oOWKlq0UeW@}!7Tb>+Rq@aNv20m?*CcnGj` z=PhEn_@oezI~}<2?n}f@Gx&^c%9a_YDId}Kwr9rP}LVvz!`Tw2M6#@lEJaH!!}?jwO*m4QdhUpx}j}WL;PgqO>VwwX1*Jc~sjLuSAw+Q4YnxN8M^Nd?d}_2GH(4y-3x(}4m@u(B?(mm2q}GVv}CVF&c)_rn-RN>qUQ z?Rn938daw#ZxK`LQ%R8%@k+F^Cg+oEWds?nuIP-QPtRtVb#*lR4A;5vLNS@IP*%M- znzH(=UeDdLe5JKvSk8C+e;{W6ldG+8G`vTHd=Y^p=9YKGj?+|its8C&Jt!GQ+i0wV z+!Db+$EYn|RvHya7V;T1pNM$ZoN5E&7mflco3ND|3bu^*;_iGz(NvAajxJ#ax7>K5 zi-Q$}N@~)~o9A1~mTt!pfwBL*E$!sIvdUKKN z?u3ZijTHAAy7Rx6##<{sty`39@JRfkYNmY&MZ<06sLgn`C(II(a@)O?PkpCqop_Z| zIj*Gg?Axc{)utO2FV+X14T8C=xKTK3vXg&DtkzyWjSubH&uX=@5g@{`m-8w;I@Wls zLVoU;&xq6XTDwdX$i2&u>Q92JQ;bqC`S(;D{FdbX-sHGr1DG9W;#9YEd91Z<+IO)(`3Lkq%pl>&kre-b6!5?bSy6QfeVWTsDmHO$TSE z^TwxWG|Pbdm4j}r!UqPQ_FwwZ&8QK*kY;4W*;=0VL-H)REP@~!=N-E6^S9h(a}4QoEG3rPGN71fDce$(qme#Q@i@5nEs^R@_A1G2YgKAc%gGK@@;qI`h1Uu86I zW<%$K+%|*uP@Y8_d;o9(NHfHcrteX+qB4USGDVXGzEgEvPVK1yJnJG#(n3aru!;roqBQNWwfh8x|9i0rw?(iXPYuCcXZ^73Jau(Dxj=smCzRE| zav5mt*ljp&|H3(!>i%wNu+C=Vp1v+@m?JU@ByFxsqva|{<)-YjcW5O+{|Co{~e3be^E+Ub3ZJpp=16eU|GR2 zZERSx!FlL$^PfMe07GFX-yR4VcW)ZCvT;(k?&0?V7viQwDQJ`H=7Ahe4^atawy$** z)%2r{IP+idI+nExlZCLqhRwuGzm{d2zI5=b_np#$Y&|>kbakq|)dY#pyTRHCsvKLG zveC29nPUq>m3`4i7-py1uMjK-waeIcA}1J}w&PV%f!MpFV&ITPws`jLIL$K+)hBfC zclGD35+@Q8zZ_TmgPvn2G$NU7QkBM|HYZva%Q4-W=vc>%KS~lJS1?~Er+1Ba$u@c4 ziv_SpLg0wWqs~AHI2)%H8mF)fa=45A!?(6WoQWD68)Dhoo9gnsfiB3Vu3L)FNS;;K zJazI*OV`prYE=HZ;@a)IOZ<8nd2IV&MxM%F*A)Nmw0~IG9d&6?+5GJ)CwO9UC;aX*ET~& zuS?nLKBz`s8FdVG(gG>yz( zcUhd|<>x*I%m2~>KwO4flkpiehYyRv)=~@_XQ7kfT!xuwk>2YmRlE5x##id2!8m)W z6RE3Rd#vHAo1N%IDUw>RM}3;-u_Et+bK~Em=*3Vmy|5i1jL5kWr<1AA z0`3g)iO+9y&#rQ#OTW3QhP8gmeFhib1BY0_Yaa}m1zt-mfj_+C$m;9+q&4`cJUoVW z^OqQqM7vsMgt=C4L~Y&%x!{s+ce7rXS1CbMxq)eKrzt8b+F$H2VvGE$)n5pX!?;Gn z=7>q47^)N8$-BC#@#^xo<6jBn zYP>D1_&ecA>h$8*Qcb?@Y;Q(V!y)>ucAyY$AjL1pL|1&3WnF`d_#AlQ(nLfzbwlAu|a!pih+t5{xi$0|~r-T%litYMd3m_`vxX{#mOg;c^KNq%6Jc6W|CMjjC=Msb? zgT@ePS7#QO(@BzAs zRdl%B9xG4$4m1f4?-?wLcE!N%O?9nITE`@kuL)ZK5k$Q$4s{Yp6JvV|i_94%10lOO z$u8EjQ!*?|K#iI5m#`#Yr&-6^nk=eq5zbL4^LQqu=VBS8EZ;6iCVf;&^T9xJP^tHv zTKnW}*z15w#T9F(3i`ezX}_1G?j>E`Wnpn> z*N#{JN8&z)W`lTsd}Tge>j=+RadlewYF{4|_TA){!rBsWv5l<69^51GSojINwm%`9 zO#(WRF03zx4r^o0WErAff`L9Oa5%+n__H5_c`;SfV|0Eh$u@*Lidlv`Xe@YH{WyDJHVOIg(W-->Gb+(3}`mcuYu>w z-73&;-B?hK^0D}|vSDHRQm+9fN-yx8;4~UQ#`Oh~ml|#CH7HMb+Y|^@=>>lU&uXe( zkP*Cw6L5xnZ9fWukGJk{9-mC2k@JAGp2(}gSwG9a9Dk?=d(d8~pgmj9K zI!J7C2>2T|Ix*9qxiI$|Mw_4PM?5<2BLx)WOWO}SR`k+9M-)*Mqs1XRG-%qhgvPD+R)t9$F05kCL?^ z-3*|uRZXFEF&Wi}v%*=OCYt1n!vgLol2NOPB40VsVUK%q%4fW?gLIbz4`p>D zLjxF@Bf0mjS1ogblE%@f|jc6X^Fk`edts!AzBSK z`^P;YL~o|5HY)eZq~W6uCLm;R&bMYccG|;V4;c$!>G~^pMw7y7^=+}s6FLJtG@Y`+ zLW+&&#hkbRUq~2X*7j&}Zc5)a#!BZkKJ+=?<5?3*9b#UHfLy}Ks5}c;c2xJ{Hyf3TnMRLXi9YetgqE8m&(QTT>vo@2m|(r2ix^wE z<=*NNBOgYuulIE1ti}c`j+Phs2%+;%o!DiG&J)@e+2vJ~5arC?=IRJ@6f3*0auF{I4_NviW4F|usBj`RCp^984M_#F? z<)w#qgq#4vK~D2;#C^+Zk47MTcQXbEtzyJ*t~X<5TDaG&ry${kCwB$t9AQU?Dsuq1 z0S1*WSpwQn!y_R?8bP^w9>YaQce#^v0I=paA#5&Lbg%+S^+9t(QIAOp?z+ag_gQF3 z-(D7L)MsvccnU!tGFZk8G(f_&tvDORl2p7Qe&;JnTZZ9d|$lCgv z5kuzNfVRpDOL`T~g`o@W0)OKYWKplOW3T2^7j0ylSsuJ+aUbhcCwkB9lJ5xAxN6+J ztC|<9Jrf}g>Ts8xRMi*IY(UCe>*gH*nY7{ENNL0H?-;xD!ZCxd-!Ej`QPs%1JRdaf zD@x_hW<|8Pp(3T26{7&I7e$J9SA_E;l4b;%p&Glq=z1SGH4YPt&A=Uop6L$ViZgwc zsVn!Kkh{D{f8U&etYcSlzcg%(svp(=);O)3v}H3&dDsxnUP_Pf8fIy2@_a>0u)X$P z!yH(DAGGdi%nQUY%T98vbZc)_rJ8f&>jd@D+}tqa(>6Anbc?`ul6Exe*%EXnojovR zez(gK{VuV=wClY1y+=RJv#2P-h~pSn@$dZyQ1808`GleR&0lZx=7#; zr?q{<5cOpN{%7td%L%JWmh_kU;f*1w>VDfVAB1p}-A9z;qY@QevyTjupzU}N88l_P z03N#Urd7H2B4IAK?D5b*Hmu6!(-kSBt{C(w35yiH>}RK#XAEAI!SUkxq!;+{BMosk zIYf3*gxB^SYph56+>45u~?Z@?@fNkJxsuF2U9tQ15GeWWTkO)*e=B3mSc5 zg{k+?@_i5{wl7U{BEYNi&#h&ml5p4kDo?AoBg>e>6kTi?WsDuPQ0hzeejSbV#;hIeuP{pTOd5UCvdOI7ZAqd` zR3pA+hV76?A$2~}4c>MPwdk+I4nEGy^-j*{)Vz68w_2cRjrVS=u zS~gO9yHKJH0TRH`5geCg5U2N+bSJo_r;2u?A>bYf$dFVIZGg_j>P)}U3bhM}9AuJ# zmRJYaU?Q|@@w<)z`Q-+VFMH{^M_#AedsjK_$KQ1gqx_)DTKdT$U-_IwMGxmOGm~-G z_6E>lE9bDL5W7a44aIx6t;Z)Rmn_7G4i%?_7?m{#tfddJ*dO@Bu$WDBEEca zD$UfLu4|VPZ9g4iD|Wg;mJb_g2<H z5~CRdx&GyX80_zEwN!xboCtF13RT!o0hV0U`xs=FFY?g57xgmg8K6%_Mzsv=i1_;C zMkbuwA-jo~gd8P^8A=(-P~G1$0>d8))5S`8j|Y9Yv}dxF

^-_^c<~tUi-x$dJ zU?=n`89J;n+?KpM@~hyg;g!?IIDe|bcXeOw+5g&vn00lR&1t!8!H=0 z7|Mp%1%;g4TtacL3{c}luy!Vcqhj~Y{KJU~mePOZ;s~1rtq)ox4Xy1FPIR$k871vkitq*ueIGL<0c{l6%Z!fdz!`Hu15Bq z3;Fzv`{&)aH(eJ()e{o51G~XYW30we85KE^1F_Po8nK@0nRo} z0Oc;5@hFgxm&zGQ%};g#f=V2;6v(Hgm{|MapF8CP(%c;;)hJ;)WgCjH$GH<9Fk{u3x*t zuU0>7Dt>Z;FQQFQ(ykacybVA`)GPef478y8IKQM-Tvnttc#bHAd??Xly&22NZ3E^~ zhd%f(4zeb^$r~GClbBO_7FVC$O?>fs;bVQN+EE!dtYqF#E6s^*c$rK0ubmMdzQ7uA zqZl#JXY@QO+tge=85CWwjC>4E&>Zx<1p5QQA%Z@_n&f|bZ&ui2oZ5D!XJ1-#$)yd) z5f-)tY|;+yNtKe)2YJ>%joaH1P_qh0XChU09>4!7PsfVx{YT4rD?s@#9!LM5ZU6uE zl}#~Q`=(B|*AF8cYxTY5y8rcz{>j+PyH=7J_1Bojzrc+re*$USxxVzhJ@0?M?|(k# zKStZ-2LH#?{&Q~r6KwtyI{*K?Z^8v&hF;^+MLI8B5Tx0_%KRzR@5hGdvlr!}Tx?E= ziasdki9mhX^b5-T>9zRO!0miJyv=UP61W?M3?Fzmu!tvw&QdT#?ou z*a81a$Fx2I7BH;$>P^}E<9Q+qT!+?=hA!<5;Mx7reSmDay!Nz{fA8NgK_MWSQz=wv zy0>y{w+kO0dl9g}F-EHYg@0vyf8Ct7zXdpsm2Kc2`r!Y1vw+_K3&aMGq^tf76UYIM zQ`}r&@i+YD93XKJ)LJ*2{x?iuy(^mc|MtU@m<*xxWg7cf9xS)VWcH~jP{AnZ)O;g>%6caEwv za8zj~n}0*6JK#QGfuo@_=^B5-1Wdqj6!$7H_D?f?c)oj7`y}UZf5QZc;`0Mcr$q=% zxZ55lCm|uhY}s1rKYwszrLw`SX>HH9bmP%8fGwN+X1;{TPvc6dj*diGP=#4Nt$K|Z z=4ImeZ2e31^vXgAYkz29Gzu?R9oC9RINW$RU=Y_Tf@DU2oD=R9{PtQ}{bMq9_?7lb zy*9$X1LXoNpkABR#A`T*HJ6W%MJ(^}m-Q(Dx1DD75fNj%(^SsfapHhkW+ik~L zQLvKUIsruaHVm)|VpUvk6aRdE^ks`k#{Kf10;@vTwRgEhj3`Oh##j?PEvqjuDRQil zqi%{5`0(_nOZ^WlEGE-Smi92;{m&aj131hRzau+3DR8iXu0IBjTG zhWT=o>hm-`;QqQiFJZ@{7wCN$aB01pR_6x!vMbs;2U*J$;KK%Q99UdjblFO;Nz>(Y z0CFwmK*trUL9@eaqUSk&qX5HtFLxb?Gnm6ad1vfD=}81UlO*E8Z%ugsdKQ9eD(w zP6M01Eb*~SVGzs|UPj0di_Q6uJ#vlmIR1U-0rN&Cn6TrN&cQU@MfX2^w5xUy}g@|Rc{*M7yWkg>T;rK^^a1;_7!rO2w)1tO{m;+Z&71u8#rPn z_3ak3B`@RnJ9rm*6TFrf*Q=+nv$bTeF#hx-KI_a`4q>{=5(HxnZ!0Nu3xV1nz zA4~Ciq9V8{yNLBnCg&TP$Y;PTNXk|;Z@T}J#hS{u7_y$V8ngjgpivC%IZPpCBQ$?rYIDM9q@WBAlJ~ zC{#!eG0S@Yv9d&u>Q2Zw*s5(hdOoiQsl?~?rB`qEhpa9AF&A|&+4bON)QHqI4QCZd zz~SYpwN0@@a%t6^{0PW`4@u03KNrX${!W=>vKNG{+n|EA;PRD;q~&8X*iKY#BIc8z z8tTqxJ)BMI9=vwCob&bST)gh#K<7WkI>8c5&aHMSDGOAFn4or6pEx|2M|uh0qF|G$ z6RjCgs(2Lz0oF;ds&&K!czn?n)W1Hdr(hbg@CpJ9%vc|mM=ZG6w6?^R5K6Oe$G&6{ z=A=SKEb>gFL64_;zYIM6<`+Eav6dt+I3?)0iCUi}kvLL1PadWR&N@u@y*fl2pM1LR zv-Z^>?i*k!bHT{uQ-3|!t~A!MNRw`~#Xr^;ksujC4M4rR=4DL*l{)LXq8hedLka7O zDo?&PhSf2g10V{v)fZ7KfJk5%Gkfm#ND1AbKMAzP3jW%(nee0#tI};@MH&alB>L@P zk#hp}SQQ?$syk7SjEJWuT=ar5(8|!~G?hLQC9d02eIz*mW9`4 zw45W3`pFCH3Szc*-HVPQf%DW}MA(#ga;eW<_W!l0**}BC(og$_v|Fuk)3?I52JS+r zUx>tGe8%RX*0(U<(*eekIdbu|tj^;sDe3maBP6(=SYEw`@Naop#nh)8rngY}7&oEo ziDOb`3KxMNudMs@H)2?7%~G!i5d*)?ikrj~B`qHYlD&{7Wn*<>z`HPvzfkERn$`K^%%QgYLz>o1;~{xuaL+gEYg@5n z9tHKbls4a=a0;NR`~@{**5_j_u4ss>ytV$uXIB-dFAZy1-sJ8+@DnY6b9vA<7l&H_ z4se=T&~h!U9%{0=BOve4tpuNbu*&mHy>#8qGrx0|gsi~Z&%Tm9?eHLf-A_<`L0^D! zKhtY2dG!NQ!*WLwLoOKjs2HZ^OpKgJuV*aWN}HJJu#36TZn;qIkhGYb zu4sgO-YKVVnnpk*ul7F=B|dO72%~OrS4ZSWzT5(s7zw0E#V(N@7Uog&ATvo?4HFjl zT4q?=yrSJ)ep3@kUJMSH9T=Dnrk#m7(?5B8Bc|LS6mWXngOMWpsWWv)!Zu!e^t-dO-Hqdoz0DSZYc%pFFRjVK_J!3H1&EwM&LRa#6WUgpwZ^47a z7ncb^154XWr#QrAH-p!49le4^%&Oa%@+Qn*Y&CsjY5LAc8NEzTMN{~SZ=44FMm9)` zLKdf1kX!PiUfT~I*kREn=N^m7i0GAF`COeVZT`#JJ0s<2LmAlFJW{f#$DP&i{q~ji zt|mP@p7{=1aXrOp*St)L1;PaQ17aB4I52Q#o%wMl?p2y^!#P69fX4GfM_y|Z_!|R7 zd(bo44a8bCzdxi|OaGp|b^2$6ouIf_$bNxD51ZOJyBUCI*p<;->c<;Rf z_q5&z!*c$%_mi~~nF>~(z($90l%ovJSTgqvzV3_Ki{=501NN({2S*J#mK9?qI~bPV z@K|sR(v&MQi}m2hVy9aCLhy3#_Q^X+wBr_8jU)lPX`Ak(darH{Wk&KkeWAwXmV9?k z;}Z+}f`j%JV)0&`dKn&RmdBVcTQ1BdO#p+MCsji&51-Qc)R7=J7;BWM6tk|pZBD#A z9cY)(cSQbSWv-WmQ2iyvBS`$C-~H#mwoUa|$P`+Gt?pwB5+!{{;`u&%D|i}XW&4s3 zPpp*`6HDe5+hgKn-4&zd8Fn%{#^EgjHZNy;Hs$z7%OlEGzbjPiUOLfKsI5okwCa&# z&Ym7S8%3CJe!iLSlxt~gY>2DIL~wqC%k=!f)7BQ+X$~3wtjqck9a%4LG0B%rc|&fX2^DV`r7>ndQ~cd#<8A1A603 zJL;cjG7Uu*?fPkf;^`-KYkeL2%f304m#5tP<;W{Ipou8H-jh;HM$0=2|6sRxWh(TvRiBAz z>NEr^#hfDdeT8Gs)M|3+_#3um_0!+{u)ot@-=ashQd}QXM_nxm9|dYEK;)`kC=VfG zMr0}m#R@g?n4(l#TuFxG5;Q=ge*0y3%#Ai!rn7C4(eXLFH)#~=C>Vtq3+nB`#Lk}X zBIi1GR7M=h)_SSJeKJqpB35EzK1qX5dhV}@F-oLa-HbLhsec$Q+9g@|o&uxhd?aMF z#l+ZThCW-Wr1zFn^qOGGQTcJR4w~Nb)vUhPEAZ z<&vm7D{)c0&bYVDi6Z(t!R1OO0py3Dm?>Dv=N+Pwse5EnMgDxh9P_FQYgm=K-K#Cz zwjfS%JWS*b3Us9E;^rk~!9y}4RM$H>1qrzizey7O9qOk(L(1u^_;NYP3t^oTqHB+> zPcd(Cj>KWj#)_{l`r7^eOi<37$yzW1g4py%OPh5!It59wIi;i>*xV+n*ab~3>uNmN zPcZDZtE~-#)YmFJO|j1LlJ~QjP}kk+xS5~{KGW+Zo$iD$NS6MB#%O&#ghZI7zd7QQ zSpYjaKUqAgWD+*TjC2{m5!aps#X$9}PE9NLj4BJ8WF}gTDp(!hb&AHdI*}`n2T3PK z8lroVN*BP0hT4%<5eoc?hbF4$#L254RDMmb-JT*6x(m$_+PQig^m0ht>5S?Thl??u?+uz%iW}bWcF|(hp{_q~>c(3{~A@L4Oh`=*OSRM2gHG z6L-tPt18!KkJ8^K>HOq+kku=%lPO4r&!nTMPDOPau^z+#kLgdk^7~yq*ryDa0R1Kz z1)q0F{Kkj3qU#=N%LFbowA_2T_qmI=T|&3ZE%I-HR#xe6ttz;DLgs&?0OMd=08ctP z`S9u*P{`;NS(o=8R6PU^Z)XPCSZ`urBa1q=H6zKL_tJ!Iief;NRb%#SS~~x07we_q zaZ5s}twma?fYjoDmX}a<;^vTZ_4R_^Qko-jKRgyXO$j8yL)r~bYp6(vZuf_26$^%0 z5`{YW)pMG~k!nROC2htDl5t4o=p*JJ9hC)f9XS+5LX3>hJeT2FLXMc3BD4lTA(B^u z@9S|!kH4R(rTZyaH*5`+zRog;Y~@h=-5s}=qnWghuOms05`bvKR+wJI#k!zn31FvM z*WBP-PNZ}PI!VDvLObH2TkMp~o&ap^bL29fRtN$Ey92SgMUq`Q&sl$rqs1*E%c zhK_-uYsl}$=W*+P-o4%K_s92rKc4-=<38AM-&d?S*SgMYt;eowA8eLH16%0jR4mqy zq;gEE5W^TG`K~Qq5%sr|qLn@Fj8~N0oAvHu3e3KeNWTk4O_8X6WKfBej^}!=G@{u+ zPaO!)dNLPnackAO8Z{~Qp>5N#e^qF@#&Ccg8m_()hINO3)32r#6eQn;3tVYArnlxQ z($k9Nv>5tiv*aSGdNo_Swx`>JcRELwlswajKmas=y|+Y2v#MiSmW|@-D?ygHl`sw^ zyz*a2IIQJ)tTxJwlb$dtPD4h{%ykmoJ3YPCT#p;TyJwOI6sr3qHKkXhi>Ygl(zzbvi2olq#8qfnI{`6L9m^l4Iy^IN0hel1$ljMZ+$5C-CZNA zFL_=C8i+I+t3GN25k}mG+0DOp?!m_R%xtJkd8(v>v9-%w^T^fu`s;Be#8`<%BXZQ4 zj>PJ)YQ=6(9t?7;odXXJfEr#In(N6StcsssWY=;-GGnni5%V2AtHv1RT-Bx{^cB4qglXgJcO-qaYFwq;<9WH~JL1UC zlC^@~*k76%UaD(Nu#RjfeXvDuE&%)ST>Vzr(x;wYH2T-*Ub>B!Y~QBkIZP!@#kFq5)d>eH4sW`!${7Ky&I|!JQm8WkOcqa#^Cs z@Gv28$Lz{lU#eu9U;J3FSxK_~?R#KFOMx{jn`Z3#_ts`mX~yNAd}>FM9?S$D)U7oEh)*y4_RxTNLSlB@8n8&ZZJUPC9Z2F5v@+|9V zX&+QrYpvpbH}^@Ep0s5narJT|RHT9_LV4H9*~F@mBa;*|7p&g+y@@mBqia30~N^Z?(bR=?t%VO`-M$=XxQ{-BNW#+G4Zukms{(V9vjkM{KKc4RQ z7Hyp6Y}0Q~*0$O7x<4}v_7T2~=~mB?rn4vJdHdG__p?Rnh5$>DzYHCL?;%VDR$zUC zaaz_`zy9|{$5=TPr*}#J!8ssBHy?1MHMRh@QTerP`g#CQ0-QcObU7`2s|8Sw0TKEK z;H>oBF;7}_N*(}9rnXt3)H_V6L%UAfL?Ra(7O2# zw)PH?4W7>$`GqUH-{O(syMUlOHIE@vel33aYC7ftLFW+d;QMvmsJjNVx2Y0>s}TJI z;eK>>&xg}&_t%1huS(-62CM+-W;x`+FX5lB6G-L+>`RAyDekW?bdeBncDou}F(CY_ zk_JdY#~IBcFc$m|7MfH6Xhh^&ozL`72+M(hNwDkx)#J;vNv{M0E5JQ#=^+2>JNmy< zoyA_VLbHafgwYvOP8!Urx_I@j&~Fr(zf%q`QYC@LR)C!WVfgjU1&}~aB%=oJpKgE~#cW#^m>Ma&%l_P$e7+Vw5s1h#Zotw?K zc+URo64b4J{tTgTR4EC0Ra}DplXiuuGuj$2oM7SUKkyUp0HKI0;{FE>E4#_gT;PnB zjm$p~inucZ)_Dte{uiboSyCfO2@D4J4-S5LCG0BDZL~j5&P;9VN z;^?XoPxue)JmJ5FL~CBjs}YAyPm*$1HgvEccOr3UMeQFLR&FAoE3;BQt07K>v3Z~F z+-|j8(?0;97cHa#Bw_w!@E;Hk6VBQX_l=to{R5ioe?Rm8YSFsyc%`>Rfs8?a7i0+h zmwYPlzapP@r+X*vIdY;P5QtjQ3wfYTCcwK~BVuP~ADgR0?NI2{u0vVu23L-@cM(o& z&Io9iMPVkg`WxKmt`-my5@OIUp&ZQ5?La6)oz`mWb?h{>CxvkN3HeXZh5m~B?KEBf z^7ln=Zc%^xvp=;F!!} zLOLI^8Lw8Wl^B?MWCLgXi&vvoZhs>ep=2iEhcu1kr|!b-vAmhn;}9UBe7IKO6z_p4L_;2Zp1R%RVwF0au?h|{oGMb$X-0;ChWH*&M;Ey?x|BNHX&hjc!haec#K2^?8 zTH3*WZIBlzX{}st*pvty)hamKH~JBf9_q#O{@bo6hg}@ES>TPks=T|@=awq5Od2!0 z(L_VEmXnj_G|Rm-{%!q!AMy_m_L@KlTH@y9wrl9%a`<_HkAQpa5mQc1&OPPQcouyX zsW?8iFYk$!Yez)-92^_~vT140CaO$VvdP-So1V)EtRgEt9 z!!oYj!P%I`59~m2_i+!daN2D-4FK|@WKl6Cr3JW6B~|N6XK05t3jAX9eask2vlTZS z9%gQCejg_r9%*ULXX#=UDE$*Zm|O}Vcs|d}A%jmXkKFaL14!Ap9Eo9yrW|Lrxp1>9 z&lm@7tu$mVEARHV0G{WP`a0{IhkZmP`XWK^D~yFK*NVrO=Hll2a#afh+Y0wZc}`|$ zquGqL?U&(rkGlfSTDvypjg+Pq6!5w3tPs1Q%G~02%0Z2FUgtJZR*;=Q=fx?}t)*Um z&y!`u^g*0ehq2CXFaAuC5Ouf;JDLs5d0G!#{Y{*=fgkP9T6`DDj=ugGLD%PT%$DFetQ@d%xRDCYrsnLwbrA3tm$ga3>=v%fGf zq?{*pw_|$_wE(k!?mp|i<}XBjM=j6OcC*iBs)8Bl8758ND>t)ephKAnyIF9DQ_q>_ zXmO_a#Z-zrj9+_qh~Xw$ZR5>KYs9k9+vSoRuG1*+$WeQ^vHywW@r2WJK5kxxoi+sxh=sa4dKuAjE+XAKC07a-8&>m~@pm@{!C!=bVf=<@yaiLI{fKuuTC zafOJEQ5-lGV$)|xgsZE+*A2~nT6;H1<}@7cQdqU>v#&vTexisfZVV`yb`nK59CbQu zR&Ob}1t=_SCmW+iWzoh3(Iru_AcM7?bd{6TTuYZIX4KkGJF1 zXk~T!dom<{D5q#%KarxIZ zl#nCS%w_l?=>5!7P~oEU7^&0TS`5jvG`~qA!-z&nelm$Qx9rgAml((X(u#9i>ZJ=e zxA+eSs7QbUtlX=SZ~{f;woN(1>{3e?^6}Bb7dfp}Rgtd}=NOegFqHX{x#T^H@ytNR zl9cm-T}2OUSUj2s)3`1P_ks73S&bWgqYEc``}Q>wGy`J9WPYc$>`+SY5}9nOhFD zPdS-$FNW`)4zUjbey)q)@DA%nvh%4MJOr0L@pF_ZRB)u*FV4)=WCLKeC*huh17spK zsH3GOdhZLfTVJrZar{Y+`_N6tBOAg+Db$qcplUOE2^U7tB@=h!jOmBo-0nJrgN+*H zUN`ztOYv;XDhivhSti!LI7M{1SKr#S(XhD2r3-UEee~Yd%n1&*w$a{$^V8}?o`~x# zlCw@F>%q@|bG@Y()7B@YE5<`qRhVJ(NY;TfgGj!jrggNF*xUH8P~iQYS*+vPT(i2xHkp6fs%ZW_}1a25}BnVUEa8( z{HMt3HcmJf9*M0^Ut`Fw{c!^m0V0!;^p*z!|!U3+$Y1$XRcj?l--TpfJ$ckwp zfLIAw=O?w!qua#k1I0~bP(q#08E=46wv4sSG6e1lr$NTg8x$mUtdhcj4(vL!83IP5 zMv9Ee-RL7@e)VEHQm7L6LH@AIk<5lY2c^Cl_;9y{zmK0bFPhHKDqqjASO}k*&_L*| z=Nt)wzFcZ(Ge#Cn*-L~>FVE*-_UN%02}YcDI(e>7iKg+Rxy7t=Z>Q@0bm!U^=v5+pCYVrLwJTa>N5>zldkszFdKdO;d-i7%dP^+9ru7wIh7>=%QNn5CmClzO&eXuIb92MzcQ z%jI=4r?ggWErsN6`SpmrF~oEvuVhU^vH5r>pf$PcJl%# zU!sSr*-0m?Y^u3!5B#Ce63uk_q-)~j2W0!7!1}zSJpgq(#;25G78pn5{H$G%&8N$` zSN)PsHYC!uR`bw;c8|wOaD|=q`SJ`h z?j0Rha*NgCUJn4d`Gwr~A>wbX+B*>^SgUJEtv;CNFRWr>LeI<*_%h%=SIIMZ6SKR` zgt#1)DfzR|hxFOx8>&OD?Q{@owlAusi46Qy%5^cMa;DSGFCmgqBhk}FgQ1xkzPHNu z6>8`xN$ssp&?k{a;&4Xi?4@y7pS(IMtvY?*?qkhhjp*>vS?K}K6fImqKdG)h-CWvE z-|kIs+q_HDw+R4ixA%at3w&&$S36RNvFx3e4vy6eD+hY-;?MXJow6cOoeXMK&Mlz| zL@op=dSAX7*p~uKMNL-F1`?e; zxrJRmN~h*5u&sR?n*-BKkyDT3lFN~xS^hja6%PHBf?BIwx3W3tk&0|5_RnOCt4d%7 z6p(P|p4JI|Sd!mDqDECn17vhGdVBIdL7QUHL!6jspKHuz%hnKfg_kA3{VbB>2p`ou zyk-WbTRgfhJ3z761HB4P%h~2B0%-aa1;}9qXnI087U5YHPuMxETiK*npD&e$3|a8p ztoF;VJxxt&?CX;1h+=P|Mmg_)z`v(FEX9b0xmsndz?X2sIaQhJ4_tZsS6uGZN&V3B z;C)`~-n6v#E^wzoqqzEJF!1rG#Yc$@CefoAaH78JGuZ)T6Z-|R^PYQ6ZF&Pa1E#id z8g_^axw$0t`CZZKoR83hGSkDUfe$!h`1FnV?l_x%k{2a=7TfM~lBl4RDtiTC|HWMI zv*3l;Vo`+su5(0ut(G2cMG!AN-UVlk5O+zZtfUzf^eM zGTn#Wye$<$bpc3TTp?ugGtQJQ+@EI0x&QdZlV7!X)Jqoi%fBMCazzlP#u54W4q5rQzd}62A}C!_2Ufbq!^fI zh7$z1D0Iu$z_Z46w;l1Wj}I_To+lM+d~SwortBfF0++xX%EZ(P+s*Y1}^`60w%Tk49VT74kX-1;ro27l#V1O-qlq0BhU2ChiLJTzS_*uq?sW zaR$|w{|2g`-B*3R7D^>~|JX7o-7kpzq|VJxnHk)2>C9g<)E-Ie$eqq0J&Bej@o{i) z(6g1r`qOFnK|!9zI`GJ62T!V%1RpSJKpp#(EhWaHJZqQRK~1732xI?AWGCaUxE7+ijDWzKyvoI1Tk+x5lMs*)4IuGO{xI||r8h+=wc zSw>5GINNStuRA9`!urhv3h06bHe*(f&FxU$Yo4k%?n$jBGV@Ih?{@`M%*JIpmG#=A zPaGVUeG68BrU2Coc@oT+ba; zjgvhDE|db@vb0Y+4LR+eY zQz|Jv^YAT+m1?Z)hn6+%{d6(q*Bk@AMWdp3xQg`#eEDBEzDJl^G?v_~WWXU-FHW(@ zIC7V$7tR=1Yo@yZKrWfa$Sb9ENeJ{O*%Z#N8sk!BbAWlczL3jAaDnAp7{6$Md119; zO(fz*+oj&a;f2mq=Q}pTcjx?P@>YBwuemH}fDRM6-G{qZc#AfUcY!oZ0}XCybg%+@w|*(zhd47p z)DcSjkv}D1beCW%w*i--btH-n4=oj}>4BV->Bz$|T%IGf>KSR{N2W=G@CV9~QUo@H zjL-0ZTN54ULh4JH<3x>gI5Iy}SM(#1%UjQ3#$7RSxQz)uEO%JkP3*gB z^|qnSfgU@~rQz{NA1A2=K5O`^Bgtv6bJzwLjn7@`Y!tx-okt7IYSB1jybpSd-sO*! zH&Rb{KbqCIl|p6RzZQU7y_Yx0!wdd)F2g}zWRKolL{!*jEp%8_ld7bV7q_>;rwEzV z@f^w=SS*HvEwWagvm|@M7|D2R^ckOhd~DPno1iL2{^*5n8u`xlG8DbnH99(alwdJ{ zWFO(4smr6Ad6|`yGdgX}AJ6%{Y zOVPk}hUlJDj>A<=By@I|?aFhj{c8#ECPhzr)qFoC#z#0h@c#1rwM}W%kmFB%cu8I1 z$@;=$6IhM@cx7=0)*&73hiyO4;Xi29KAKxass-1DSOSy(6Ou$@LPXu^?p zUiurGR*5MABi_cP7fve2L@Et(w={M zLq{*x{_V9tO|Aoc6ao6nN)>tt2z9rCmygduz>^45=WV-A596@IqPxF*_~-lqlTM{p zPVlheEl?ExSnuEO7Tt0C8tL7|9sG z!oGIrI{9Jup~ms!Yv0&he@~?;r__D0&bXxZ56(jE>40y_I6$=+etG5;MO47w{P>yf zCE!vQYHSJTx1aApG8@pK%rOIsdiGO$`iF^nF#>EXtB@v%UtUIm|9R^v42PL^@KqWMpX(P*E)iUrqReZBPuHTk*rj%os@ zWF6LC-yG53naHzwjQR^ei7!{zynKxNUG+$nlRr3W^%tsz95ed+M9`-`??9TURWPO0 zavYj3W-x zC$D`sV98Wiw~=P49wWV38V{L~gpBVG(*0APyIfY`i@HFsKQU^OmFsVkW!+Mb%w@;Q z$w|%0piVKbSn!UhNzJh)%v<4qXoigw7<;!q1)_6mL2}AD6k8#P_;D-#V<-u#bs(FB zJvh|%+qAu|F?7qtVbKvWzaLd+OL6RM&r0G4-Hv2zc@nPfAd#8N8XB%K+6EyNpm<|MLde{FuFQcgF<>-A zz0!7^smEb_KWlZ2KZTCuiRMom{!L;5CpfjbPe{L;?_oa7Yzf1O>XBl{%^7*nPPY5S z7hbI>eMD_wZ}1ya)u*UF+4%^GWx~!NE9e>ldp(dM9jUbnFZ~Ih_kR}P^6I4OE;4e+ zi{oP-lguaXlF2>A$iycAsa zj^K5h`_!7lpk^AqC{g0b8wKRy9D0GrFQxE8%IT2SPJQ_H*++(mlAo@ zRMm@%=yDEsf?`=_Qrm_TfW&E5*3ua0-j!!&q-qqoOwR_&%uk4F4xdUBMxtV|XqO|I zyIw_W}Ir5@A8*^$@lscdMg!{H1X)a{vZES+$JF7#oTUsLTwRJ{{)XepK z37d1&Rg5v(tlUsU1Lv>{JoysA)FhbhJ6ll+yr7X68|LIL4|Cjh0-5eN-NN?p^`Owa z^G#U(r!EVapK)bgOSoeC7)!vz7 z#mS+#^XbA3F`+k3q`XYIQX{;BgZ)oYY+)qz5hGg){BEwhM_1n?`M{-S8Rxig-_!rB zv|~3WX6+kGjHg=Pwc147%l+cIsbZ=XQn9DV%Cg7d_6c{PQp}Tx5xMRs5m?d-@y$=l zmNVnAWZ}i;2{x=-;tdKk=H@vl~l)3HhGwZ z>BvUO-DKaOXZ%M_IZ81&m-26jbqVHZ#`?UG?GoM9z4>4X-IA2L;?nywJ-u!M0nStU z@-4)FA4KxNR|nxZ_&zI+myKIR$fg?Uah$rm>Lwa>BUL$vK}l*BGuzg1S2JzlJ}*r` z{$0<&-mUON`rnffzrX5-2d|8?R=OQ6Kim*1_ZQGMe9_r%qK4L-*~l?ZF>2pmb=6P~(^GrCW@9`Uyy z{N}}h_tn`gbae!3tK^rQ)-AF+X5!@BDDSz%WdS7+8=%`-pmfu|ts!*6lfEGFQ`??w zim4S_9+UsWvYJ?W`HVWqSC~A1#Gs+zn3a=7%*T32LLjfKT<*Rc25>Z<^28pqXC~Mj z{3-GB9I;1B;@=Fei3N84wOT@wb!El z?G)*vJ*L+I0euQ!3<2lOSWuqh7L-NC%3yY|%NWUSINjx0Mb`^(r$+belF(0ApnHiO zsLvjj6v1caAZ;Pzc}LFC)w3Hg1e<0t_`3!AVW$6f?OZQkeyHQFleYEy z{kIZ?l06zrOw?-gruA|UaGF2A@V=L0P8VrynNbx%*LG<6j<5BQt%me`$pR%W^HLS9 z^-`5YSJZdQ@@G3acvgc062ka>1b_~FMM-mZ1Wh@sW6ZsXE2d)#4y-ujwfU%gYfodI z^}4kEq%LeRYHbs6<#~wS^g5It4zf6IgCeo-htnNEyo1xr{EL-5A=IU=`D*!Lb#BvZUqz`CL*oF=(eBmP8s>@+d1-2gQ5 zn(}q<>ovYEBcMsR>6#2{X$;%Ky_dgXUX0g%S=ZV}(u0X{{<^?#U;puvy0MfjX0P_Ttry)09h_{{;&y8DI(K2NVIyp5l+UPD4TD#EyK;lk zrim~qsPIz#MT)bx|K&fFGy=MYwygd4zyDTn3no14!3{9_rfh*`N?{)Xj?Xp<;&yuC zy~@CUvh9y}WiK052`9T{J|b|c6oUFlJl0-H3os>i;IjcwQw@>0R}Omq4DU1xFo_Tib{wKWHBs&9LilDf)iiD4GN~!@t}eo zpZKm!l&YHbXE8--4N6(T^2?lg$TDLNPwIpCTSm*4R}LJwf%j0uP7a_))r&;xkZtm8 zwc=MXuqyjXXhOom`cyruORK75rQ||jD9{B6y@x1cHD2XGZ)7H=%cuI-ZUulOX1)+X zmc@9AtR`I5_v?d7EXN$*v49TzZ_+ZnxlB+pHniDFpJvo?+Xx0~Ia(tUi)f9QL*^ES zTEh~k@Tp}&NvtYmxExKGKYaM$$eke_$J7z4MYlIGHeuzz2H9qd=5;HWD9_iZ5MN?V zPu~zG@++OFwImk#m*`=fw@rIFL_Zy{Gsf;FeQOfZT@hlPA%Qsfc-6RpwYP+CG*KAC zu9_0f^r0z&>=!mA|2MCQji)p+@!==u5=-@^nJw`i7TFF<*3Z>>c`M{7iNoqztG4DP zhphIfKWP_DUeIvr3m9snN#&Pd1p}vgwx}J@m?0Pb>HZco+WqJ$P)WdguEq%w%Hy*6 zIBezcJu#bQT?)3$V7{X0GlYk)$@LUPdk>rydrbPhHGT?jZRZ}DLEVl${(Uu(>H|oh zCL!~Qv`FBQTx~p$JkU0Cb#VFR(6}?|bOmTyI^1=H1dGC54sl4-(1n+F`*%KCf&KHe zDr9`Fkyyo<3K&(D7#ezCdJKNPE?2?SV9@O{8**Vn82C?efoX48SGJ<}>f%XY()yeC zhxQ+pa_qgT;!!Sp-`vOp(ZD+)SXVrQ*Ni$s6lr8fE?9FpAt^q6 z`h=lML`+OuYSeWDoNT-X2Z!=|dK^BK1$y_QUStM3(ZpCc`bBKcsrDHh?xISZ5PY=e z1)RBYzOgw<+4nj+ym`3DvMdm_^_sGtcY)$-p)*ZElHLb9b0T&%9;RWEnCwo=+Ys0J z_O;ohxi-VCj1Gk=3BznfXk-oHpl_BR0sVZr1NJpC9uu5$ixD&O?q1)p?Yrs0!PoZ$ zX)_tu{@SYi%iIJzoWGdIQ{VNZl!0$^amJCh(Vr*`F1s6wje~3}o@p|eYaN&`Q=n7I z3N~Q8aYHm+abcAst3)b>m38*b!b%51hmbikO539m{_=Qb>(XZ3vG_R-hv%+a`vtqC zmU4z$^U`w#+-t%7(sJoW@1zQ+UQkv^3l&k^O4yKO3~Rc@d~1~Ng;g`#`hx(DTMA>R##UL&9UIKl(vdOL-i8UI zWmF8R(MMZdtm+Vp7--Dxx{(S*sg>NEuD*@U%$E|&Lk^dNm=j0hF5KJqX1;u}gmT|M z_kCf+&p*nt?S7dV)_)-iC@Gi2 zj`};$^j1)HUv}m5qHQoakH*ZuWoBF#btpwXW?5F+OwVLJb(Px1bI_nkv&JZ(r7ld? z2n^Dah@vwbGl?3H?GZUgsYARGYrj0IZadc+VcuJ4RABI-sMZq~zxnaa$=H zlwl0!u0QVF2kuc*55gM; z<2G_t3R%>-%(+W90)Kai!Hwr1Nmgx5cCrtB44s#bYbBb0CQDu(!|&-Ob?E9d?jlO! zlnbO;*NBv|aR~+rb-Ii~`vs&DXl#0xrD?Jh$mf^Ft5W-O)P)>ZN2zjE@ZKVAt3UHm&T*G&6CwJJJv5Y4MI11?Q+NY%&QB^D#L znDkmW*uO)aJer3GVX`O@98Z_5@xFY2($(SO8qM*vDsZrI|00W(ZaOygtAs~$-)aFk z!uC84ivqF9Jy@Q{qg2L5a>wVVQUtsrYGY^-&fwQ>`FZLy){lq>&k=O6B0eaBxW&Ei z(Ri}JaeS)#HDSyLbE-YQ@8Rytq-cX}(ban&CAZ+vk5XPY{gqb#ydlrxh#ey zH66ByvVzP}v(TE~`INMWsVQG{bHSC<~~xNc{$J%G03z=0{b z>Z^JafF+kTtRp4kH1Ac}E$rqy`tE$OtM|F&70xACfuN<4jsNI9N}38+8%)uP%cROu zu=YcEjO9DRlP4(-3)DHStI#6cckbM=KqQdgZphYRH5-9C>EK<-A40P?+efuLc`EqL z^IvZs#T;cU$5+bMcvku1dDvXBH&7k%!AQ|_Z|DZ1{iqXFdl)dJvvDQIo&@VwmU3=} z#vwq(ZL7mLPE#w^v(ifTDx=oVumc~C+jT(%BSuvU9jwj4{-|r?RZI?%EDlI}kmO;s zEZ-*ZhS5bg6O+$FIY15Cp_)O@1r+G$6&-lt`K>=-y6<@L_otEqfzPCMdC&lLk2Y-& z)2wi29hvPf1=zot8Igib1t!^K_aezApy-L}0bPmA_9Mqgwp;63-Z zYE1JBXC-oTpHau$ym^!8C<{MDni{AoIVwr|0m`c?V<#%OQ%8F~}yYXC55h$&IJ$%5lRkaqW1ewI-&KYWL3M374 zM{l;Ap%krD5gcLYq>N?N;%AW*Tw==!h%~ha%SbK60mXn?g(xyXvgGT0Uqv#Y$Fz>( zIk!R$K983e<|Y)3Ic?60?~M*raSSXUaFv-u+r+E{*i<|BsjXnHe7j;LUePTbvb=wT z!Y>-&U|`apbHDb^`}E^GIORZGo|m6dRu5Cn8m!P)3T>O?&I=n@w$9|=o)pP(}<2K>zgB;`qQyBG9$$9_o0=}#2 zAD+|&DbQ~#@`@Z{Dsif8sq9Bc2}lzRI)I+J4%VU6F}HL+#5jE%69OM^Ea+^Gnp?L9 z@gG|NJh6i~P53nHm;&38*z^f)V>M z?{Cs6H5;Aw#0`dogs68;OYH`@d|MT-70M#RWk+Hji`RM2N;&F5Zd;LzjxmO<;Wp$P zes3>UIK-lPYSK;*F+w6 za-8V6z${-~$<5>Bs3{^|@!41aip8v2kf)(opvgI=<>Kr-UJk(zB_4+HPhn6cfaEqT z@lCiKzRUKXKfPGR!aMNd+Z(f$si0tBxLdT@efKo3GWLxvV7M_VnB^QLEr(}A{SBvI z+gR;+mKt|CEDWte%=@#fnrNh=DOonOUO;g=Hv|AS^#tSo@gD#9bJA{-p#xh9`G~!2tBR{(fkGz79;#=PH<196aq;V%XMtW+BogPl9pzorfH66j;Jt54AS5 zR@0@KY>Wp4WWYtV-MJpeu6Q@YClS@^irfh6`Plu*PkqJ~U2|J66`sC4J}^TLmFRxL zT`i9<`x*@;rZg!BbJjliHom`-vKP<1UPFB{En~MxOoqIk@g13jcO+&Bdh36AAC?%z zPmA7KxNu-=VMzOw{`7RGS+rS_SHNA z>sQE4h$B=re)U3vY0QQ;REE)s9SD2mccYnb*yGY5+b)o#B;lt|dr78N+q3U1_HS50 z+b5t-l2KN?v&|v*J?zXXkX_fD;V5K}^}YMwrXV1LcNUp1Ax8@vp85|}cM1am!aQ-I z+5U`r)lmu!0L_U(J4IOx}1O_0)K0JJ() z+RR*;m=X_z+4{%TNuKmf3BV6{hevTf6iF!2P}fHai^>|W10yK<}E zh7GG-ag7_NLe_6P6WLT(&4%QWAPWY|H4EmTJtSiS)G^Au5ZY4So7~PlTE3AWJv#0Y zch$MPF#iyUEEJ|*<=7fSul1g+b~^t`?82*(xng8lGcNFHtfZw4%tjhStO7U>`^3Y=zs* zXTw;pgezKC>cXm za^exTiin6XBn}89T#xsW=GMcIg$sQ2wHSdige?U0Dy@sMd}X+_`C3pJE_>uXSDa_# z7D18cE*!B5J0fj^z>6ZK&!~YC$=jtG=@W0b(}CvcKx1H0ZZ79$IkfA+RhVyzOd=0$ zY`S)#AXu{FHv6p4a$%`5x%+;x3x!#h4t2ZYd}+^boj@d8WORUV+X|y+TFG=gBHsUHg6iM@Lx2K9A#y*9=V<+0 ziNhENG54w+r|WifLW-6v?ww)88ug2}EtIq2xf)tjK-bRF2@<3;WGMNM_Sma7>_^ub#R+Yn?Rk^1a^ zM43aBcsy1r-MMzzoCu9|ko^Ug*0;K%u+HEsH!me6Q>lX5OVkw{afr6lhmCU`QXv1C zFM*M@$Jl;G1^sc|GCgr!uJ@~V@~hLR}br#bTS=z13$*PQ7kN(Zu{rq0Fc1 z6UI1C`|DcSXm5*gP7e&F17K?R_K5nRmQy)F&EPI$5bti$``f%iiZ=}Z~JIE3)o8X>M9_dQYbScz<;f-S#ANJ))qpR+0Xdnl_(+I znPJ;0EAY}LY)-!I7qZ0r<5zmK_3FG7P@;xPX3o;`Wp0FCu+)ppl+rlGz(dn%&JWFWKb|i53aYWU%N~IbJf3sD9aZY2nzJ++siEg_0P8-^5x!4jR`kBd; zsfvVy@RDB}-m1)d^2bA75uLkFMMPRXPf0@-7az1lF(;j&p_uR$XlJR}fY}&(g;DT! zM^@sBl+ovnnWheJX{Z6B_Sm-7-c1W)PfM#>Zjm!s<#~!RQfZU=G{)BzNLZPX&C@cE z2J9{Q8I>WbT}l^^0J$hpA7{5SOit1IU=CU^Y>kYhi=e+?X6uO5)1RF!p~6Ei==Hrh zy5vN9mwj1$m70;V^2Lpcz(309|6G_7NL|(CJRUH4hq_iEO6dD9Q21UvAG0zi_{Q%o z&Eu!lEIp2e)tNF9D_&qc{2O;ay}5j0ypM}|Y&ItHy_$%cnp&My2(4vYr`^<>00lF= z7ti3;F6ls|zDrOfcsU}Ll#iEqdTXJJX0*fE%n#d)OPxcpk1us}(I%zIpA00^Gb0{E z&-)9I!xiv~ver+p{E$Cq6|Td_qx&T6FK++o^E9tJg-3$+yAkMEwWIh8!7z;88SxTE zU@>RAL|by$&BLT5E#EMChjw69yXLKwH2J?BnjjA1Ox&*Qo$-J5bD#VhW+o9u(dM?u z#~%cXqVN1G|ETa}ymZRlb-~ik%E`*%`@U4Jhbot7l?M&TuEv)sfPyERr4FM@X8rW) zr9mt6k9%gQJ~*#zq%{#>{oM{J&|D9P7=3*5eQSR6YQKJwRh?EyA_`v??tUrPKOiKU zRD;rN%xFVIn5v)cwLtYtG9p*^MVou`&NhBzqOLqkHp1US;~z%<<6HYLT~~|YqIq`r zdkhgwi#ByOMhI0xrO&r-BsaYwBX^Cb zycxtBxb56KWMCPqh<^IoX2R3$zO2M{hQoBg zJ3{LTA3Oy}{H5Bf9UoD8!s}>+An=!DyC6jMHOTHPL=5q(T;yN~f{^#}3! zE=a#W#h=CPT|RVePrr*E#kuqGOrL5(LZ-C{?-yU#jY8mqnA}Dv-m}vu zV-Y-BFO9Qhg9Cmp`^_Sl=T(eSas8!*e;?H2)AKx4wvuXdNXMpB6^4lDW4CduPwZJt z97p``j-B2#tiYdR(zgxQK_)*7OA~ctHHOg?Is@oJwy0`_#_stpr?Zrb#Mr=Lw&FCe zji%oH&s6g;A&w#rqcy8B-s)%pNthnw>y9dApP9hFJrNX30uG;+?DUy_G=0)_VKhOn zmGkc=7Cn5YStg|?eLWpS$NK!3x|wNr9b=2jq--r%6y0MIr_%)Dz1PathY`J zY2&NWvh++3)JdRLCx9PI|CYbkFJ3xlLo5k)`h*uy?22VSg!8qAIzCoJ7M?L*B>Hs#DgzIzSpb}(JQyQ+D-7W#oihD+IcT281UO{ zZusgt8CRkUU{?r3b?r3IMEVm|+riXaT&$4}?^$tZi`=uf zt8mUo-{115Pt6p7#xt)EtQ=w(m5l2i%@PNSusv<+_;_@P-f z>hLKOCv`)*<<4#tBQQ#H%xANEQjIr8aSWPSWqvH0R ze^kjdY{1wb1>%y>3nF7@#>wMhf-BNAnq$%nm#Vqe#FR_tEndZvQc>tx3Fjzct+RysLFoR( z0)JI$3NWVNQd~gQpYH6Re)M0Kz$^ZYTF`kYHFE!NG~hqqES7nuudnqv{^8#>y8x4& zukH%x{n6$B)x3VUR|3Cz*ZF{(Y`q@f4E* zfuX~xq8;>_)lEVEfQbSi&btPYxF`_K%Duy{a|`al6eJ5tzP|C=$B#zUYGbwo5U?w; zsvaA!UmIUXUh@Y%IY%Ef zQYZ1w@20iX`?nyDIV=`}vyo07-CRHaj^?o%x$?7ow;zm`7S2h1Ygc&Kl$m}=v@GBNvxdI zOyit(otKYY3IDgcD$wgx!oZr>c787DZYw@#SLd_^o%Zo_+2%rZ#?^r&0>2pmZce|JrI) z5weW3(tx-`)hGb>ZT?@XGB8fSdfy6f{Qf117v<;AVw(P4#xtDRunNBm&uacHck}I; z6qyX=V_o*6vF6)&J%`6KQSREzKv?Hb_f?wFKn23#bv-uFydAU&M~ zhq0(H4>3dypI(zxo503<_92vaE&1(VMioF>5&*$8;MkQbzssmVAi;X#3F4{LGSF|?I4DdbuZB=J$)q^5t2MjMOFEtr?Re<$Hh`Nz3IG4uVF4fvHsU>+rR|W zm+jtIT`PW*@Hu+@6K+ZXQHi(1C-B^6i^MG6x21a>vy6cxXIt=%62&g%YH9)Glgd8g zzg#&13g{IeFqq&MEdQ>W6iru5zC6Uqd9S$}g=4$XMK&Lj{OS#5r90K7>=#~_@)+np zVO@R;pqzi3p=`W|!~wh?KI~GVHzkWMb>p&og|pnaL0x1U_0$?c$HHA6Z4n{bJ}u=a z$w*ztZ-lVgVDi6Gc{TT$cYA~l>(LKR=LeH_CJ+GoQDy!mZiv?R2{cz>#tKS(#mljr z?KmbZLW#k0msq{RKMa^lnl!d@)P?4SbMC3>b^%7)ON!tj#sLt}0>gsivMj`Ag{D)P z9p8S(?iC4N%-WY`(ejS73rkGpdHx*lS#~TZXrnMg>NsAF`1dXQkNvGvzcC4$Fn$y9 z<|`-eUz#3_ftg{h(t%A_Wu~sVhmeVUSZX4xW_77H+3)p$<%7HFZHD5`2mv89 zsnU@E0YVZGrH9@_0O>76dI{xQIM1ki_MUlWzrViYJzjq;Fl4QDUw666d0yu)dtVee z3HHQx1t{`4^13uKnQh90?vpPw_W49WE{IOLWB(U(KEVzt4> zNAq(>yCSpZ@wO^C7;9LclWm8>jOA33PKW;Hh*kT4eYebD5jKM(r|=z49CP4<3pm56 zCx0)0ATFwVx=Cw3@7C`p*gR=sRd-VOdJ+IreL7J-%PSc+U-kO0&rliAMPTDV1iCwl z{IEN)ag@-ZHDV+`7Om1mOeTU zto*y_ZDzCQPa(b+H=?GG3mRrgiX?bw-CG&_{1DDbLw{*S~qSE7E5JCb7j@~6piK{Mm$OfNp1HU=( z*uugJTY-PeuExlroi`;qdPOId`b2+`G5go^=iiF!@^Yw`KBeK)QNDMt9fzjdT*7ey zpv9;b2=l^;x^r3>7KvEzqwAUtD(8(kd%3C|9g8DenECZoE3( zI;$$)6Othp*$jwQt0CTfl0B8GF4MoeK|l4Oxm~B$(ggr4*_SS2OUyGKyfZ5U8W<>6 zxo7)ro#EZ}@fTb6*xAGq+BUDo5SQ`1_f7rlj9bUA-M0cTOj%A)tX0$aEN&MjS@L+A zQ@_HoYHxo_L)3TaUGE1I6;9nEZWZ1tJ)j65)Q~?gEhm>Xf_H^*Lb4vczh_fcq?x1I zywK;Mig*n?S+aW6`=T7XH7-_8&Tbdu>DKu8p)pn_!TqkrjA=Z0bPXye_Z%&u>|C|e zaAPBcGd&~23V=O=G!ja!GCgxOLK2%#hlaI$VhUV`_GkEs(A`N(-4ED;Mty49#EVY> z4GjS}(%oEOWKQwKs174-BK;*6s6A>r-X4Kp`#80y;$=_A2rJ7)klP*X3|!cmj6_e3 z1sy_wmWsoZEFA>x>7l_c`=8<;LV>z8Y%0XKmV}d9V*I zq-5mLElS#<*Z9Qy7)Vqfl_#1Z;_?^kRC;csI4TLjYz0 zF;~wIl$>KI7j@VZib8^s#B~8&T;qxSfNuxl?nEcLfs0kveTbcYY)pZOn=Dos-rTe` zs%n(HumYfYV`RfGVfT$-_WEyYxr`rKT4s*8_7n<_uVm8~$E!UIid~paEqYHLBH6R0 zPcJx+t$6(96e@%5!`cTVO6oCbQMbXmfC1bYNh6Rz!RO+ppJzP~u#9yHR^EH;Uc0%! zyBTewwyw<2Q@FU$`7s<Fy|QZ5Y)lL5d!W6tyb(<(7tGv{$6&3{~-(A z>clN{b@j%=c7!;K^nQ)}Sq8BiLJqxAK&NcczGhTdn4El=s<9=Yk>CtXVDr{g%Gcqs zT5n|9KEW7h_XHAlmcA&)s-viIQ*tFTjB(j6DCj`M{~Z9D6kVCpilFj8I6(x@0O&de zLQYD_n(Zw-f`D`h1LFs|@7}!&+U^2yo~c1`&0A|WN;t9d>8?iKsvsLRcPd{qnlb8?3UZPUCs)8BvwEdd1}F4(7>TH#-OjB|YBeXspqmM;4!iy(FtU8-PC zi&|DGz0*{T!uPtVjS^CvdK_P|m;@LD5C$z@Yqbp^Wp*jbp~!B!VxaA9;*e^%%l;Qy z5fC=1Ie2*>Qu<&C?r7s9yTYThdGELhlNE*0O~irT|>~bbf9RDS4XxWLZ(` z(B{OKa0LKhm8^~iV^-s%WnuYjXN~%%!;Xh-pTK3=Bqx@8^*paMvq%nFjV;bJJq*b) z)=C{k9wB7ButIjj*Ui$hu*|i!H9ljAaslhMSn#N?vHOW_`piZ5SJuf+WA9@m$#Ybp zyg8=}dM!4ZN7WGM@OF2NwW0(k)2o}MudnXBcLFMRp(#u^3yZ2X+-KVvT+bJy58@=x z3Po*s0`HMIQq?Ny{K%@Kkumx?C4EzBHv5Tvzj6Ra(w${Uwe$FsjZG{>aQt~ncDLwr zq5D~yNok%8W7SSjs1LaQIb{XV%_S>2J2y~GsY21%wstMHxx&7~F4u&M^5?nur=#;+ zli1O|k=*fw=a+o0%nde!n%lPzF0jeBT9|Nr=Xo3)@jRT@n1Xh{xFm|#*^Kj2`zIvG zlEo(qqem#WyUoPeZ{Es)XH?I-@2J=FO3f{KUR-l8^~L(g1(Cp8HT4uP1e zrACt|ZJ9nLPr&(&g%*v$_EV!9{n(E8@4(wfK6a(Pb_?Z{i`;$WjG8A0lNp%!JhO#& z-F_JfhRg1fi-9T)dzl4VPKOGPwQctdgF2oL>Ocd_%WFZ&^ z>hCSuZ3zepJ}5%YT=Bcgwu~A9>x=Cjq4=LX5IUzLz?EHL8>htnVYS+!I66}L3f--5 z0_CkrBdVbahqvy=8XN)rs}|cUKzay`0hwVEvXesv(WfsRFjpV6abIkShv#FfJmL|< z0JgWXK2fyHJxj3y;YwNAuaPN#o+xFps|(;89Ky)<-`!d{jYT4?Y0uK!x@yaq)1H!X zAvxzC_*JolcI!sT$IxF4*wjwSCa+p^5W>e8*_cTtP;B{%T-!dod8&m^_9sVz#rzQ5L->2)JOm+tf;ybJPcI~#$ zk&D%VdmKeXOT38@Y|-jj`dwqyt=wKs$UD3*H8aUskroXxc5n5t7EJ&Hi zYk{c_xwp;d7(YBIMV~q!0s(MC<k$QVK{>xgie-;kab{ylBJ^ z@9CF)>-WT+j4%!0>L1(>fAi)NlH-Dv^S9BiiU?#~zKGvUJCx63rY#2WdE}wO@GNhE z`SH5YRa}86fDF^2prV4~uopQr20@hB`tBFTUUVy;2cY^ci1XMghxn&V6!D4>E`{6_^-0VsWl+)!w-~yh9U=oLA1gV4 zYGL#1`%j*MR<1k+H-DjR1zf+_1OYT8{`pxcrxILh5YNXoVP}8!S5R+!xvo-o(0KmIX@7QhaS6{sSNb%4bfBaU0Ks_c z)Oh@lNbg?*furcJofbG|C#C0K{D!=j7q`8^ofJ6k`N# zQ8$O>^rbzsMZxNiG&*^8VC=+`Dxt?ZTkpWzSNCtUJXmx%v)3mPlc9PiIq@ z9LX+utqH#Hn(}k8N#NPHwl)$O->ousWbEvzRmAY-*FE3uG;x;=-P3t@al{mcX(pDc@jW(dIPi$kSK;b76@5N_-)=b5e+5#Cm?i+)O{&Bf&Pl1v8&;Bl$&J&t7Jbc^5=ON za+M9J%>+|<_7_y~15h)3th2E=7FtS(@E;p3>7{29fzsEiT2nf$FBYS#00{p@eE?|Y zxG9e@y6rsTjiwi9Utm*BngULwOYfl0)puJG90eEqU7`R2NptBmS7vbY?wsK|`65fC zlyknI>&LAaKhZPbWzY9uTp&_#-Irfz}g8O%Lq84 z*@TV-z-N~)D(u~NnYsf!wRVE_y%WEav-Y`S=%C-p zS%^ykwjX9E)rK(xX&<j%56D=+yFvf zbTo_fx?vf4#b#tj?7aBb?(F!=5Qr+g(`%u(G+`r9grxX%(6+)Q?!7vbMR;XFl~K@s zxkj}X2l)KFaXcc}k>9m;oqRkNK$PDJo!v9`lXEQ7K3m9<&>67Yb**?CMVDQnT|0Uy23q0>JepavQOY#N-}|f)S*6(P^h- zof>bqoR?z=7i1to&E@6Gmu`nTAHepc+)9l$1-)JivsuP)hb~6pB<8_=BGuq1PZ`R8 z$9*@>vFl7SmE=f|YLM4wS0ehgCA|R2Ur)j{c_6!bj0s?xh%RF1v$2a0D`b0=_@afu zpS?`CzR+rB2B9mVeTl~D0QsgO!urMb_&#`q{-r?`K)xX%;|e0~tBFUF%cE9yf5RGA z>ex0!OjXlk%j{s#h-`vDKqf%11<~!YJYtK;)6O5BAC`n`mgV#3v~62w1M%-5=;8;G zWP`j!=cY&|Y2L)Uvfrb#rFUIy7P2GnyVtwfG!QyGN31gB*KCoeWKPA_C%WtgjQt|~ zx9boUt!}tCG9i%GI3BReRGEN2uPL3BGT`qQ=EJQHo}Bm-JE)R0H9)HFtXhiTD3UQn z$ghb0@{Dj>T8In@WcQppA;(vNI`xdd({NcuoksQWkjKnWFi*fh`aokYX4KY3{%e>C zoX>z}YdqE^ev+f@f@}9ji^fdDE#in3a&zG@Q?n5Puz3wCVkcz7hukPH_i+=e$8go2 zAnYA7R;3%3*`ECKc2UMbJ>s=Fsce>&y=~7ERUV=JR8lvy_8HS#T|2$i8VdvZErZBmw#m(ouqI_6$U`+!3)63hXAA;t+hN^#^(+4POE z;3|3`Cz&dB0hXyH6nQXX2*R%4`G&cZOMSoo9!?f7RQJlj)AZA)Pb0o#A=hP3Au@=Y z%N}7pVx7cX_O?T+Q^P52NoGquC-io$vv4rKV){FIhmo#(1AD|`U^<(NLTlJN0WgZbX`TuqW`8eQuLdRG0N~orEmf8<`>`@PVQUoI+Tei8Mu<bdM5iL4md84H-j+!)y6F%YB;uoE>W{U}(Xfrd(~HicI3Rxzp4w%s?q z;*1usyEQXTn*tll2av}00wxQg_VDs5%}asOx{9$kod;r4ymp*Jt$TWPCp7xk&qZ}v zZ6sC_)L+K?4KO%S>+S&B@Duzy^I%N}u*76-82v)M zcgU;8$>+^WSSP0D(Uj2Ass@avm+ z>QaLR!lVnEgFVbTKHGcgp{y*{CxB^Fsirh4>S<8cRSN01-tKvgLQs6qj5vJr+qabu zYEv5`qpI5EO0z-K!?>;0X)Z^Ztb+qV)ZBGwgvZ8$5J36`AsDP$;}k%C&kqUOL}}81 zaZQ-E#-F3^U+VyOnQxj$U6UJMNr`OX$wm-9XBq5KW;$UfoFC0m(qeW$$O@#+VP5pc z89G-rJLMVA3869*kS{0b%jSh&Ff{>SCFtFI2phy+OTN=glc>k6f~BS9#LVUlgq+L1 zYx)4l)q?Z{^lcwy$2~h86#L=BO{lge*|pHnPzVTfIvS*S@2R7eAr)_#eknrTU~wHtcAB1nI)8)iep(}2 z+OUQfDZn^(g_OU%AlF)`f23Pc({HUeP|Htwws*YVG|=Q`b>M8Z@XCZ|V%(STpcv^x zgU4fDdx`mm^H9?+=Sm@>opFW5*Z#=cs(_*$}Ve3!mh78Ga?O*Y)wf-E7R= z0yw(1RF@5O5;w8%MympDLta;zj|Wb>Qx*A8nCr#p-UiRcVqba2aKv`H>4dY6uuH#kk%)+3 zd0T>jT9Qncfsn&sH3kYF+=?w7y)$Iuc}T@1<%lI7bkgStO~%jmIz(ml&nv+aY=_Ex zU;;yz``yBRDUdgblHPtCJj%W|&jvbIUg3f~>tGmg zOHoPQ_FjL@ySdAT@o`MUc$id4mMl|EwPx!5TGzB0h#O} zwxENm&vw2Ige!A1{)BG_&(nW{nG9-g)lB#oK>vh(63lC^*lkfGo4q73`z#M zFEtj@b75+pK8nt^>dMIAR)SQi{g<(sy81>(>ak-=vxmo3T`rxz#9ijJ(EGA=e16aL z@qD+{gyj~uc_7n;_`yLvI>BvO!vLZakj1AjQX6^d_BWBH9}sEwxc*k459_bs)yysn z7&ybH$^ld;1m?Duu?;Ry=(^5Co2sVVgrT9=61Bf@03N5hfl-&@42C$G>ppfLgXsY> z@3B@&hp}JzsLFA3^AC{oyL)NZx;Ni!UZ9R~)$F5qGh$Zys6E2eB$Rw(YC(s`OBk9w zvn72{Rn4p9&lhMnn)9Hh>ir-J_3Fi$6+i6F2k3H zPu1Ojp5;5*E66?DvjNI@PD$FXA$EX(P~W;#avqX!{T5cjb2hdvG;D~w@W`V@5peJU z)$TJdiCavriL5?MVvd#mn>)ve%;W3D=vZTM;nr?ebn`P>Va0CY!i&4cdXYgq^P;1g z2oyj|s8k7neX537n+>!-Et*k+aN4okQBkY91NAu3Ifm}% z@cnY?{7>A+0t9=URAhKxhppvGD7&sv*Qa&}7x)t<>czJgHFkdomge&JulG>DPW#m1SO$8df;R*VR94%G(Zmso|Jpn@+tHYt;F*?!Fscd-7t( z1DMV116u5{V>jL?Jh-dXtd4wm=s$8fVFT~!M_EX}1CZYo3&kk$#AueBpzYZ=6>tPG zn{F0hkuLi^HMAoKEW*YWe~91Ooh3*+QYW*o2r__+(8(uJWh<-O%pBqtoI$picH&Ka zyFeX5U5BS{?Ke93dIYFWO*d#3mBd^{^Bd!qeTrS%3{Og~R2qV>goKO7t5!d#;J0O$!e78YsczGdKjloo6Vp7=}w z9;EBs5DSUg^<(<5MNKqy_g2H9<=r4p7fe~&OD81XEs|l8=2K=I zqr@BclDeU4NZh(ZwQ@(3=YTw`hXH$0O2or(%oo z**31+d9(xMF&w>kdSt;Mu0%UNyWna1?(MhMtHX;f3W_9gzJ+^$h?YX+GR|@^JQPEw zN?}ZA^E8xPZ}h@gz?QD5iqgRK`}gim?MJ&{2{hHgKvNpo2DR<$Lsl1gjRsY*mZjj7 zBHMvk)fK$;aIW|TM&86iQziVcn=zeu&$=Yf;%YJ<;tY_8QmAmkrmzZc6{F(@P0o2* zNCE96c6=A6Zt(5%7Ffk~Y^ea;)Ja=^;fD;AG!K@r!pM4&G4G6Iua$|hZh#Jh80s$# zXjCPpj8I{|&Fz_}yt~z0EcaV7J11w$zLY&4&?cq8j|uH+flGm`H1?DwCoLRir1m)U+Sq(9uz!xkpIq2bn(NizEk z9`hR`zh|!-n8;8XnjjY*gPd)Ob`>v@R!tUTr8OQ=7G#;O3q6VRW#}AN7(2tY4;~UhdCPtfO6)fHToNJ{_UMLC4p3#ruaA*WMffxR(g@i1;TgCSwt@GdKuZU7E1>#PuJPp{ z;bm%Qp9yUzLd|qbK&hs7VPyy}v^HAV(Lhw`AHNlFr;P)MA!#u$a;&xwO}v=qy4@&M z5nHH}UY&t9r+QU<4f?HUX%6oT0Vf%w`_Qw z0PhuVxJ=i%sMik~b|8)9J&o9gS-_Ey?J0Y)C z65ig|Dn_s9K)ryq(2e|>hS+RaWN`#rqYyiv(n5|(tA>5M72^Kv%|~oiGIrC;5?U3G zxCPaoaRt1!A?)^o5@NbY9hr#lb{Q(YIN=G~|8{>Xe00k575UW#7487L+U#~+l)sNC zAc;je(+j$i=`FX1(PkLnemAV+k~CK)CY4}T<{+G78~g!uemORTY`3|XEi}`47Vm^r z01yU>FDF@?%TG9$CR?xEB1zbtzF{{y zB7Hv~hK&}x6n8~tM|sS~>eFY1bo~|Kg0Y)d^oDZ4d?LiG?#0y$pvx<(#g%vu=?nMG+|AZ}oHZN-$qKHNXWDZbElBp=_8h13NDuYl! zkQkjEFATJ5>zz}>?S7n;iU$%vm6JL2odjD{W1$p{$SM-9CIXe{hs6hoQql%WH)3eS zoD7U))_Fw6rj%7z1M4XVhB^${=jsE2x|q{j;bG_#M*3DjUE}sUJs8s7%zYxg@hJf{ z|8bvKERDddU;6~YFUK~=pksk7Zy6dKQc<5=XCrg?{Pm7!f#fBZ%G~lDKXBDlYrJmU z0c?bEO_NQ{H3$qKS9pPv7n~?=zka!AhRJR)Eo9G*->*pTV>hq1K&cqXTZ8v?5gnUB z4b}mDwV3>3w}cpt?SkG065}65LX)_uRauZb0&`U) zY=hm0GYb2@8;-Poy2gDPWrhMda}~Dz%*bd>xCukfFv?-zu{3uQR{-&BiGJ8oqcqil zBE~V_HSHC=&Pc-L3vWyObCx{`fY%>eA9fgXh+NIXYLSViF0aKJH)07lM!enWe@BuY z)r_aKLdMUnymJtC@w{i2^}XMP#5D@4PnPS;@i*0tmhG`(#^HSqjq|2K9Qa{y=|K4v z<@w`U3#3>$TFK-pf0N5l*X`RRp`80yzC>OXAc;b;a&tSKP0=FHY&*BW z*uNrxMaMRG5wRK+l$59M4DBF0opH$o^zOcJRrf^c%yQ;4={=fTC9CP-yk#MfAZYDm z>?>;(Wfiw4E&*668^$)`GD3gza=`jWcFThi{fTwdIF@&%M2cn`*EU~4`x_?zPpmg#o~a#x6`c4MP@)EKeVbg)lk z{XFtuppDx1zMMAj!egm#1?cDXRA4q1)v`G`Zqha>s%$5netu`_$=63ozE>6&|7XNEEV_ zldtWH#iS2$oTT*LRla0C3&1wQxJ3rOh=Z1*e7zPG0c4c2PNlz1jnSp3Qkk(pvJn|c zN=t@=?(p1Q#+X$N&6K=4w|w10F1b&U@;)(iY61)Fx`Ht{0NkN`Yx07q&uVOMp`je$ zXE~MX&ZszFLhqIpw7N7{KHLPFY;MpCt6JNSFE|`%LDW(Mo;b!US02Nz z*q^ggy*d14C;a{-f0VNxe76AKT~?gaS|2Il9A8Xz@6DnAYrNO>a;{#&R{#fcKE|Sp zTr3U<*oX9i2B0>fu3A0M+NC%mZ~Fvfqnl>`G3EvtvbK$J#ySmtGEI$ z%j0tDwig}JOLTHsg*@N3K_1ipHVy!ihFA&|W|k#gmwojD^}s%-x6LJS)W7HT)!gQm zuOb#=a)M1T0KYb$B)$Q=2xQI8F17XYg~a`_oyu&|ew%9H*BZio!OL9Len z*))KCnh$>qa4(Gc07o8VEMeD8vvWW^!S5;~T?IhhV4FSwTvSf5#~)|`5Nnq$HRc$Q zo6unw6XzwmmbuOt$E9olN3mwHDP;SU8BU(zOmzDe2X$#n%d(32vNVLyWlP|#E|2BZ zUnp?af?{1_nlz(@J@TwmYf9WSv6FQG9D`jbPZy4SkXc5u%V6Z^FRuc?qccbRdnh$3 zA6=`OEJ9d)i+T?l-IX$SW;c1`QIoy7#j>(Dttu-$(4A}01iN` zEP9Xg{0t#x({((S*SI|}k|r^s{K3l$t0QZnN9Fg;$^i>B(Bz5Vr5)a$Z8?Yl=@&2d z)=mRGfE1RiVTEOmK3TCsNV(p8UA0p*za^>PsTXDr=W7yG+i}iLXJEf3t)BAocSeSpJ@c#e*kL_Os_-fF>n(*3?Vw zF~c`{Gz{Ojrdhg#q@^(*p-M9Aad@k}r+iaDPskV`M^K)?4ckijxS_8tL*@-8j5>*^ z`2~IeLgNu^1{CO9iB%q&0%|BN7j?^`T&x4R)|3YpTH^|%0O)mcxfhz>{~b+Js_DZB zMixy}lD%nlX>&|N>KKym-4S1B-Duiy-6(rj@NbxqL+U{Bc3X|-#tp3^{vo!qDa`$c z&%7^<{u~B=edea)_~REjuLF$`RvI2)%l*`nV+YBIH`uPONu!NY{@*T0_bAv<5=Pyexka_rjk=N7vFx8$cuGyd9&3f(HwRGdqMWxmu ziBXT~7FGb4e%HBrg?uNl?%ojGCH3k7K^m*#J%JZXZP@r7t1l|sVeZS@<8kG$v+5yB zHvz9^FDDxZQc1eSD<1g#7nXy}*$dy^oeX>ueko?|$+Ith+cJA8KCA#4eQlVv?!@Vr z-V&m=kwXv|Pg;l#&GGi&hF99%p+z5>oyb zmPOjXu`KkNE4>vcIMrL09^X4=wG>@{0U3}FuyC525$&k&v^+}|5=r(Uj~G!oR-lnY z*#8Ly=GVp;#LM(70JBWKw*oT}@k;T7&2QhQaEJ$U+U#{nc7Qh0CfdT`yWIVM!cEa5 zQFDFqG?s@CV3H>UtT!9j@rTO(PiG9~xWTK4!==kd*+7{~w6|uNC28kHo26q)8&eSL zSF>mN|87nmH5gyoZT^V+W5Wd)DhA9SanUf@Bx%99BXuboWlA6^16x38)38A z@AI`ZEm(AGPE@`_)>oCEodwL|)L-ba3Blm;_(!hBsOuo(1 zk1qWJJe^txSCGU&tw>P%-b}t0&C>QZVb@jq4Qg9(VfE&M>7f*Pv8m$M*00Kj@4oAC zDC?#%Mq($?P(_GJEqW+i)gVp|zLK`xE|2^5^J&t_CNLbEz%1(24w^ z!%(|)+ESl}w&HQ@r_WlwF(f!^ajyP5L9Ykyzs+7f=!qP|Dq_qW>q za=g21tZ!28HfqJ{wKOqP@_-ly;biGH@jBQj)7>w^!9Gc?hj$T~{}31Y<8H^kU%X2R zHk)2w+E5Pu{by#GarP4_3=}3zj1TwC>H0R2>uu9h)b=58t@li9G%m9PTC|kX~-gpJ5tPJRCd?lbqYG;$HQjeY}m8{`{?! zr8cOyTl%L!$gcxan@fGJK*CGOy7q@X*4UzWxEtp1i}$a2f;A*EouMNjCpqvknPdeSNJJ~ z_0BHD(T?LG+E=8s>*m?R6>}|)2l|mzsU4yxO!AWP>%N`O4NEsLlV;Paiu47qX$sno zbEW!KU6%xOKwnUxX^WN`R15MjV%?dF?2#3|DvR=}k~}~ZYH?`o z+-Ds4F(&_Vaf=KP#1SZYkqvy|@0PvAM5-cG^0m()I;UjnYfkEeosC)QH&!azjb~FH z1{~UHZMk%ueEnSCRn0nXgx9xIS{Bi%;Kr&&Zf&0tn40V4# zf{At-Mah|p(bxV~JPotFpSvRXy3dcp(^W4vuxVfP>pPH8`~F}W5iLy`AJBuUoA@Gn3{j%;$;ho)0>#I0G zIzwwTVsozFGb#UfsSFcsW-jvRLYIeu2anH~sJ(9y(I`1AhvjLZI16TfYQ_9|-?S}Y z43VbS$$p9+-_lRZHPO#3Q3{-K%wq-#wc!2KrTowJWh8$9Gr_gFp%!%(5^t)xHSf0C zub!;>E&;#B6Ez)uQTDUz<)Kd+hROVfhHBRi2GZsIl%qLsh{y$t-2I`%{=-=RbI}$W zZ2EcD9D<4dV-=cZpGZtoispPFRJ?0@wQp-IN0+)_Bz)IQdV!|kb@nSO<|D0+ zTBTEha=s#c99XmI$ES37wwB(%4oU35799a z(nHqH<7TfgTISqH!9RxmUw4Zit95&abf+We^B)4%fAOgwA3wSX89Fj4#!HCnfBEiT z{%V}{c(xynH$$|I4^60q)b^U`#KC60cPX6KN+0=IOXA)ilm5>G`m1?=|4fo~NP3fn zl@AARlJtP}Y3OV7%mVXxr@XoriH^tSZrAz;`X>sN;vahiNN!S{P0u^dh1k0=7ygGm z{?{9=-%Y#uO3z5X>Qi6e<;X^-hLYwhprP!m1#K4Qg0CWIKGX!_lP|r`Tlla@!-wyG zujCQ%mr5)DZZqoRr8JC=Ph#u8-l_nDhF_bf zCciAsf3f&~cmtWk?G&YrgP{`Xh?tKZ0gfmMprUwrwGO>%CoD%i}bgSP40KYFI`b0%aN5Jy75 z`lYrQogToUkir-B^}nzu4p4gn*%Y$>^I=Y#1zum$l)3(I#h3oo$ko7ky3}r< z_E$st?;|PG0XQXoD4FL!1rh)CEC0htda^U?4JDVS{D=Sg_htC|Ag2KGf1CaxXCnXo z3I6IgbE?3M5qFUMF9ul>PzYPvA*EydFKn3%%ouRL@6q}E5C6)S7kK@(6Z{hYg)PN_ z8M9ol@!%id-mln-O*-Sa_vJtsfzo3U@ENJW$uWQ%bp{}-a6xYIPU zjIB!HZU-Ynm8&yZ!WNe~90skR_9grsFg+uq7XnbIde*J!hFxEv{r>}P3LVf6YbU@$ z`G-qlE>uRH=3`08IR`E-r;3v1%fkBgyoQ_JVE82W?Am;v7w-AZ#>tGE`TPxXa`OQU znEko_uRCc*|HUlTJl~|@T|%L8_GIYI)$7me?;4i#w^joQg7U{!0$sq~UX$2Q&Y4q6 zBldUNdw-g*yVpCdqE-Q3wUFMF#~iW57QJS=9$c_spLB Ef08E*@Bjb+ literal 0 HcmV?d00001 diff --git a/docs/images/service_authentication.png b/docs/images/service_authentication.png new file mode 100644 index 0000000000000000000000000000000000000000..fe3ec701758904943cc02742f4bf5b0295fbffa6 GIT binary patch literal 156475 zcmeFa2~^Ts8#iioN-I-OlUe3ar?O0~ObrLfJdKuGrskZPTB4HTgrMlLvW`=wNsd^i zrKXhTfFjhfG$%++Nl~Z}Nf8N9k@?bTIDPN;p7pJD?|1KA_pVy472;<9pZ(j<_}lxT z>rM`bS1en@`1oGul)!b*#|s`rt+d^ApiiH)z;}u5;x*To{d%yVz{yz&XEeAp{9W@b*xfS3&ul?7gU3|+Y}G~ z`R6ABKN0x<1Ol;FNXYRA31baZ`4y0~#Wz;4>Q;uJ5P}!?dRSr05-F#kj|ZXE;YY;- zs(Y2+@0LvZint(mmNb9&pCDW7BFWe@OT84Hvn zSbVF#l4b&S9Tat#Ew(5(ADQ%>GNB?xRUG8pwEa=cl=K0bY;p!Wmt)q2*}}U$&|Bd$H+a}m&K=3dhl{t7W$F& zrkCKBPv17$r~9C=QyYQd+}{ex5w^F%>UZoEKYjY$@`(VQ;G@2OY4sTbFTH<-Ci4Wb^G?Pc>N4|}7Ui-ob}Z5E zZq?4N{=AHdKEvbWCX#s3QHrzyDN5BHJRzhKK5uoUa|H3H{l8Z~=|qnwC3q_DW+mOA$>%VLGp*R_EgL!N1OZ!J^EkF`2Qp7N ztaY%>(?;dg29;{9QnCvHGDtT8tM44_+R4oOg_`pX(4vrRaAQULWf_wo959iSI0$Bk z2o;I*I1Em)U#bbyDC&3P~0YB+Ic0tfb$`X?;ZuuyFqHY{MZwXGmYp%lcy>OI#aaQk7P}ic+L5Gj|$$c>Cb0$GHwy9jE?OJ`} ztPU7c;I1A!Cd!E{3|=(dfv$ziCzx3Cqy|5=V-N+v4dsIqjbUK*7lv1kGF>ojC_;(l z(~i>-yWVV6vyjYf6cLh#^%)f18;eB9e@v{$oBjRqZfWSVa`^7W(d zw$<<1@!X*Yz8lDXRrV$ib{6_d@wtR#QFH082X%|`eRdy@%bz@YK(`8n(Ov=}YG;e~ zD8G*$OX`t}GG(GHGouNSjj*3t^s#*>Ua*{#a882iuPiu8#xHNe)k&PKXD3y$ zu3HM7i{4=D{IG|T5`-@nlVmwmV|9ZAAgI%1m-c1KO=S38*=lI@#iL|Qk(0Rhk)+!& zW%qUK%RD%N+vO-*oD=CVoBFmId%dgLy-M~I zICzC@>EHp=;rk6>_U%^dVikyDC%*{p(KEYq0>``E8q5Ka4RF{I1V7?dA0>xSz*xVS zc>BT3#sfF0)gsC>x(K>%)%e);<)bSm40JWW!mp3w3K!GY&jj}$f3Cl}ya9J3LS->^uu)dwRdS1HL_S-6vKZZCQQqJI zRgCKE{8Zm7-wqy`6l1a;CP4PQx+*s#pM6#BNq9P&ng^es_d7bcK1jN;PPMD z+6QjNK~)yVrL!=dW;-TEB36vAUo09zWX07Am$dwx`X?YiHRPws{Nr|h`jG$d!#@G} z3CPc|`!iYinLYhXC;vC(*DfFtQzp?Bpph(J5UiQlrN8>4Sv6q?`D4qRGfi>@gr~{d z2@=O5oOfL1w`9E;<0T&TF{c%y00y&xYJW+z55T4-n<8+;?gqHFNb#fJvCIS&22x6l z!Amsd5_G(R)qn+xkb8YH}Cy%3$J*TRle=epx zM-Y{)hP){FfTR-qyh&Eh`U{s1@2R7)1NbZAMn7odt^_a1gbMroF#t*?ahek^CIdx{ z2(hc#=JrhSC`UG)C2*&5H0AF>^Phmi#t0WVj*6eH|CUvt@rT1EEqnJvFFS6fzqm`{0X@wT-Myr#(>KL^Jwr6h)?2T5`dL;d9IwK_3VfMbT1Uh8|RVf9fINj+h z(K#^GbmZakqBzQ+VaW)q@cfGFr6r`_UPmd)w=dOI97f3St<47SA{)HsthJ!|M5qLm zS1+ZBl3E%HI_Lt?Ank!qPLIXMs8r~sxyjc-MA~NPMZ}|ewd-RPa%X!?W`dU#_!x2A z#=#n2rDL^`26QD4!!c>6d^3{`NQ$ai2)G=9D_Cwa@o^`-(s<(m_o7Iyt0OM<#ox%q zs%&v2l1=2Zq(L>`H-+@!MR!off8H+vTwd7HHtWV%-$K?t(7ThdzT0fsO!Ld02JZUm zKp%Wd1-L2hQy6$vc~QX)UFe~x9$}8@P!#*yh8MJO<01=MQGt++OWdgqMJtLRq&6*a zL1yKO8m>R@b{{YCsFYKc>mf%-nkwxvqI;QN3Q%oGfwE_9Nrkkt1w7c28P8Hk+^bl^ zU)efbjbn<>^dtQoIeA}K>ri0X7=lg2_2dXW! zrc)-P`E2mOdlZ+>JDXbnUB1O6tWMWZ~8(Z7Ac&3Px#poBnBeOPD{l@X2OPtAY6%H@ZD2qakXHRXGW*9v!^d zhCX5QR$PGYX<=wAn^{lxy$zo6p;%r%C16LLbbc^Z*@OXF`d2jRVpcRa^@!#fKztY< z(BN!j8mLgrW>TR=SM8EXe-^kLQ;yGJQi*TDPcb!aIdC+G+;SKc##!SQ zT%YD^HyV~8@tCbMQTCf;#ib@!3vPY0a8*D=6(9$5?G}VoJ==Jp=W#g5M3>n!bVnC7 zZ9nau>CN)^^ea^5%66L%`q|tuaVZLhI2x6b_kdE{^!6=W&zSSLeR*kxOt9}#hHOP+ z6{=Ai0*8DWVD=D7n@-c9D^etPo~&PsN-&?DYxy4$?oy_=DZdzO+H1l}Xr=~n%yTH% z$oEc~dtfKcT+t(x863bPX%@c zE;_#tPTw54J87p4GfxZy8bw7k(^Tu&1X#0wvoHyih_ z23QCJtE;oVB8kb>7oK5K{T~VOL%r<>`D@O!<*+IW(qS8f`y%mD5Aq+G3L%eA{HlI; zY|$xr%o|eG^bNtZ0p9`2O2SA)JbxCk-uRC;N+;!2TWVFX_9ag_qWtQ!($>xPp2?Nw zA2VbjlhXPGb3u-s!E3M=(xti=9x7oF#yf6`=kw6u{KKT&Uk9kkf6~cO<%nIEBymMh zE4bz^l8{x=mA!*reKlt=eP^ZkJp-Moe5j(O{g-wv5cQC2 z?Kv1BK(^EL94Gt@Lb8{TBk_Rxutd4ZyA=L8!-9CDuBEYsmv@Ps$H~h~)xnNexm)XO zt>Q(`sonKb=v(hMeZ!UbIJ7dwHVt*Ho1&P_xEH5KbH^9lsY)&4#^+dx825c$8ekLm z3@BDl_fQ?w@QAbFu*cQ-2Nn2s#Jk`FuS#h~1glW?X$jC8(&Az4z1$Flbj2ZQbuWn*XL}Z6~R`wL;l4Yvu0Pot_!e%OkT4)9;$Wn&vHNoM78L2R4omFFJR)%W9;~YI+A}j7&8l)H5LW1L?^jFm6sd zCqHI}&g^`SBJFzHbYuhJ0pgjd?v$svs8Ted@B%+-uaSwzWCEORTWfu-vHqq7J|66B z0Adcawd0qLhnKwx*#M#qFYX&AJIh0Gi5;!E!r7@FLO6b$ou<6Mvfzn5U>lz;@cNz% z!P)xR!8l(c>j7?#5~s0~xgXy$4BsENT^$kDlZ8-%gf7W|VCv09!PDvFKrlI6O-KLn7K`PTMGc|*ZgF^wB z^hyM}1xy8dE$`G{y><4Q!U7TdjVi5}P5f@>7*9r_c<@Sh-~8FJ;f>?5p75AY^yHi1 ze3*!}O9t|~wf^6twy(qXlKwT6;XEqO7YtekzJ)JFX{f{`M_%c!4B+EnW1^(f+`w1cjQM zCM+Hw-1-5kGqZv7g3lUhl2+iEbt|4rhNec_?5Xm>?_7KwCY>N5r*$=CGG4y0M-CAp zU8r9dW=7j5EA9}s6k5tw1s5fQ!){VlGCJY;p}IS)m=MuOWyyy-ry z@Lt3zIPhwIIwtTGgCeMgVZx0J6zTGt&AJENE0+J+quhiml&vmGuWoQ%-=^{ze$ zM)FNMWl(3Iw$+|9#x_}JSzs*!W(R2c2;Fqipz)`{VNu-l?thZ~;eA&1#$Ii0!q|(( zE?v)GJh4X})6@M_Ik{;o4T9nNlgGX5qmGy=0zxA>2b3QyLBMRIN&kTpZ7|9;N5F>3 z@#g(=Iyah6CsYTsl3tWDyYubIRp5bDTX^73+5(Cm&BC(lb9>$`;6DNEaX9v67iyNBQuXae#frZ(_sJQYzE=L%8S`_rPY zm;p44DAc-%`2-BiYcB@Fqu1DruPO8j)3WxB+n0*k9W(tdCwV&0;Se`>Tzb zaV&JDTMxmv)U<$yxj-N&4DpvORSpt#XnGnscAlxe*^YV8G_!5xO!&7->-fG?-m3HNGVRUxX6q$0 zvWcQ_dI+0DOgBxCG?rlg;@uiFe_O9pGSJ^`dk1Z2(7qwawx=d93(UZK_@o8^AZQ9$ zN3&%{hN_17LX93`6z*vI=VB1C^gY)BsjU)q*gfVBX}j{PLFQ1fL;@2b5r^XN){Ih8 z%nW0XV7>Bdv;Q$nvinTrLsT)-5dB6xh$|O!xC>fw>zX3vKALOH`gzZro^X?%BVJ!( zaVo;hbmFvq10Ho^*cY(2?$F0!&3FOs!g`tsvh9aRSt;&i0B5(PI7O(9#YYp%N(7w0 zQ8Q-uWR3i`fd*mE8OPfU4T_nxrI_HkLGc(zN#Ubh5;7hsN*^%G_SHyschDpwjc{6L zPoB|Nn>)_fIt-;WWfED00OK^%AlCIz`jj_ty3g>0ZwXhBQVVRi`ND_*sQa4ds@sEs z>0~?l^NzX*WBhn{Z+MQY5L;uh;}I4(=7$UT|uqsF*)?YsZzg7_qqJ3 z757THwhi1(fh=^8C)&h9l~2!zyr^WONL2P?!lf?QL!3G;O1_!&Y`E#nE5MUkJ=(BX zCl_LGmQ421-=cmb146Nkh20-H)779Gic7BxdLP=tDP3Lz-|;=_rIYnc6vZsD1((sO zESQ_F<*$zjoeS-G`-E%mW2NxkoE~xVb_AsqKJFr%mDVq+UU zRKpVs$B5d`3e*z6li5GtlHn^TRbIe%T*{ziW`k0=f((fzIf2+v@ReQ3iEs{v1ZFVe zWrI^2m|eVm?BRk}Z4_T%nDy(LhHy7uduiCEu?}tb1YdzUhS>R)T455C5H8(Sxo5l; zk*&ZDH6G(*$E27jywMIqQHz%R;osy1Tca~}8)71a`;s?m1nCI84&5znX7)ld<4f_=f|Kn--WD;*?m($rx(N$4J*dF490Qp z!(xw$0xaDNHvK-YrOnN|W5uf{1;{Re8Sq^m=^lx9j=e?me1pe7$?1fCw)M^@(Q+H0 zN~2(EY6pi#4y2VTkF{|aeaWHNp@wKUonjI%g}n=8MbC|&@0qpUpU0`i`O0c{qHTdd zB`X=fjw8t`dJxP67px24J& z?Wra9F`v2)+IwqM*_>?gi1{K(m-c9L;SOEBZi*JIKF0PGv;ycBPZde^Xfe2|ICRzW zdsWIS8)UHhxk+QN=6S(C=vl?Bs68!s2_twj>P|+@xIBySaRKw^`jUu}rurhUOOZum zo*{1=__J(wFNfg`@+E5{fOvX6fE+mK15<&r@Not4^qpt&vHtY54M8r%<`9G=2Jq|_r*?1;yp6M+c9`|GfNJPY zn*12jy=Wbn40G`@VfQ?=SETulL`r@-fTKwBtLzNOO>46iMgL^4+TBMsyWC=mVaisn zkS-L?1FmPv32B(#%YXi=E_p4TlBsrYhx%VT<4404hBp^Vx~EJdk0 zgpYnT_Da%)H6s!vEqci4F7ZxX5S2L0(fSc#1*ulOg5?o{xD*<~P9StDE0L?~Cec-+ z1k7ll4|x3U4P1^#{VS&q`gFbRrn z;YRabPYzS~U=PIwIB$K7cTo3N%D@iRavMT;(;MWMi4H1Q1aPbkC#LH*%))YbmoCJI zj4H~d4M>wS9&qb3-;lN-{();7Hq=%3ZoXRiS$lodt9z;tUXj~r5SB(~UG-uGahDbM z)XrdFaHIcd?_i0|o zj*msa0pJ`~A491FI^MB|)h6hH-D=44CGRohgFDf738P(Uk1}*tcLc>>m3L#84sF=i%C^~3p| z1EuH_E+BN%tFFwRAPlAsp-ZoQ+s-rpA$CQdH?MLrop?3ge{<+@Hy)vJ=_0nO&W+VA z7|Q$Azsq_kuJ2`pCmmEtY1s=GRQI&?Jg;k`=?(%(Jf-uaGH5kPU~bA{;^(A6v%teL zLXrNL4CrhOAjLNhnQt1&&YLOCyy6P$X%w6ZjgF+I4Tv!|SzhAr)XNq7%%gz---f`> zIvvf?rh4s4>1%|<6cWVJI2P3detwv!zq)MZVTx1EByqPRJD_U)7WeA`4io-=!)f}fRwy_W-n|E9e_mup-{%LkLMdd5&qCbqPWt!-)(M5R+28QKSu zeCVReh;(4^ti9Bp`3?+>uFC5e0GsTc1jn&MceX@Ed-K7KsP9LEBXvQvQewe240aSn zY_FSydnG8xvPpAQayd5o?<2#9%%|NLF!9A<(%&-gL6V!U;@U#JCi4{Zu_6`zd86>> zJ;zA&B%=03EdXZr7hfh4H(l3D`TD;fDohyl4Pn$tSA$2YFP3g>9D2@{|@=@yX% zlCcS*UffgRlFz+qf9ulhi{bD>*P@TxTD)bE8=XZTY8?sYveb#o_hzE2Lh$j1WP?l9 zie}dii?*mUCj30GOCJDGs^0M4iiQxB&^@XmY!t$IAwM_AeHI!ki%4GxotKFnLAvB% zoAE4`dmlj9A9Z|!j~15ecKD7>miF>}&mJY4C@1$=#KMJ%A0YB7bVAMNW$|7uhbLA$eK!xY|@~)8-={E{UuLa3Zu5Wa|XpP2P41 zsOXC8P&5Lb%$yjbTg!gSj7<29tnk9`rT}IuPg2n z&1t|Mdt7BLpv84+;+1~0)o{I2GL7*E0?m|SUcpZjaW!pQTJUkZ zuRl?1o=|%!M_O z{Ab^6MNld*9>7pn-x=ft8&m_0Ck=-#HMfWG&R3tHsE6+DeyuZ}@0Vzt41G zl{tv3Lz`Tplo&MG2w8r*`tZBZfrF>;=f_U91l!p>KEoPXoE3>{GN?%2HhZ>p^2*6s zSwBe%ux#8oTT|^g$PM!KHXY>P%nWUA+Q#|J?(5=6+e|P(KfeyctIxH&Z6_2LvM%`! zs)ZU4(CudTo$NV=*>AKFGxu9C@*JypJcX**Kd;PP=@|2OgX;H=G$qu%XRiizm#AH? zDjY;bI;frdD|C1`F)Px+oO;$+(HCB?m=7L28fG)(*f(3*67R_KkMnKu8texh)thJ< zpzWUB7JC+`cK#UTjXIJR8U9N{*OG#nB`xw9sG~B&2)MSXkS0iY zKk7IpN-iHTiLEi&a+_DP?vmo*W;z<)0Uh>(rF2_dqq2=5lZU@WOAO z(m(V4ocKEe-(UP!jQ?-_UI=++OY`+7zghLSTBlNH4}7|}+jHTEKa|`zKs*-)dwX1b zzaq(9RaIlu<=}<4-Ro;dU5u7(UcT$2?wXXqdcUK~ZG(?&UV3XqnqRY#^B;k#{Wp%T z8GTfL|7M`xvkUHtXFZWR7!TpW!1IOT!fVjYHGB9}Yp(S(+o%8u8on8StO)gg?dx9> zH_r_nCgBY{ebkg}oRt?8pQ!rfY}XrGr3=o63mzJ%DZbXmQbj2=c#D!}ncBkr`5sI6 z9}HLeKH}}3C=I3IH^-EA{JH4+h-W$F$x5%wTo*c>)K>aFqW<{CUlPshRwn-WLFxO5 z#{rXiN>9sgE1h1gtn__^(N{r=@9k6iKH|F|YhEr${5ImdAU{R@e-2f~x<6Z6QXGNC z3Z=1W5_}p97q-ZGCP;o2&SCzguO*C6EfMIvu=I@=jInw@1U->Ww?KLOAe7osSu+(Z zpR{tM8jH?M})I-rZ3s!1wLF?Qfta(6JHT3xNS*UQ5N05x9V&YrNFm>);g2 z+Canha+c#&j)OLH>Q2m-UAqb(+!lGK6@gb8T&RM+FZTDc7$%Z*!wjFz)}?Gy-0RhO zUVuYJl=!{91fE=OWekg{%`_I4ti4H0NLtbWg!mD5$xuky<-b19#1kdIc@(I%&N6iWAY!YeuIb&GwyK?`~MNWda6^Ewm>0TBd zuH&qKb=?cy*5B-C_uT;z8Xv6nK2ejqqWs5G&xy;Op54u+C6lEi55|-n0A1}ae`pA! zfKLcD5EOA!1k3f8u(q`VCt3B2*{YU?bJD_3BonVE9FyTUHW8i~chwd?+pX{*->rW~ zyOTEW?0FyJ=wpb6IO;Ez*2|yAJ^(mh9C%yh z&}ydC5-lzmv7nPuw9fP~b(8MwZiE7xyW#4*7&DpAwA^9cLIX|Ay&az1ru=#0@t&}i zAj23lv#evnrULyL=gSp;O08)_j(BCd#5nN9cF$?~6UL?PP{37%S8G51qp#Dp3xBof zCY{v2fX-jgC(zlcRh;&`FG4AL-H{V=h}3;|?eD7R+PUW_F-5qR$R(HkTvKa9V=}CE zH@_^{M~tO{iNd<-h8sbQ3*IqUA6WX!XERLayEiJY{(5!6C+oBE^_&iT;krAz3zwL( zGNf*Eqf>Pcat|AmHy{)0*#tf(p02Jc?!KE_D`m<$rLBi_JwX>H`z?DzO|lIWgqC-@PNc7Tc$O106pt<2TTy|bgzE0&*jo0)bz z6amXvJ>pK&*0c(l4VWQhNXJ;lCkmYr>b$sy_v;iMTiaCO$G`dD;t183`s%+sEM96% z=?>A*#AH2`>B{|61E7nZwkFPuaEkC@CG(~DqxP(9r7hE27VBmHjKvNYJ5Ef&);@R)oG=< z99g3rtJFq}A*dXG5!BM0ndLY>_p88lgbes)C9m!Ut&8EOLL7r8M9K=S2=$|+CnM$@ z5K*5PP(gSAEJ5fV0^5}QMU3A&Bd!dxj~cnok?S2e%54FO!;X)Vgn17Jx3du$Os1Ju z0`}s6_iM0SW+`eF=DVHTR{$NKhF{tT$yat@4$su5+s@oOvG~CFk|&ksyY+Bm1@t)R z{5gk&^rIp9 z!g$2Vp=!FIiy)qhH&wWH@4c10#yQlh!BT)VU$f~b?Rue>P1$sLdHmE(jN-;2k2i9U z!;2|tiI@IaT$qDT6>4d8VIZjB-9u4=gEa-x`rnSLS@Q%h52kMiB>##r8_HwrSbzeV=1Kks9uXA@9?E?d&8 znZL}fU{;_pd1oF!H6wn3#SOO))fLV5pa|R^(7s0~LW3rn^q7#!N3+mFWNtR54vUoS zC_<>wu|*uv;;TA^NO?QC>6kkmw43E*?ig5inw%O{5pdDG z7%|Ea>@|Vc$@#gUPUwXW0YvTY81UNK_S$+$1gHmG0Kzv@|R_^#h1cQ2pbtSlV%%V9$zCqefP>< z!{>N>cLc3|$$jSWE6aG6;IZ625d@~YxgyY6qEwW}ILBY1X{V2z^_7psk1+;>tM#)b z?kku#@Mz&Yoi}NfUEjmJjWOcH&|vDclGQtRa55z}U1&dS$Qj_TA07@50f;@zR(g={ za99_t$gw(+6@kTAFWK^0S&IMacpN7eCEkZzQu$JVU#8BkpRZQ;tGMo7cu0urR5~?O z_D8f3ia+r$rtugWyuWV!8*lFLRh&G+oeEJ+8@J^Hs-#zUs9Xvs!Zd&$QQdd0Gal)7 z*4N_nIaVfU=PT-`61S+!I93m=^}N053tfDxR0fWh6EB|IZ-X(F;Ve-flUGlzW88Rt z+Lu8elXZw+byf1WA25JXE->o#>rDv0Fgdg$H}+5Z)jG1-fCa2DLf1+^tDMscE55f3 zaJ+8!nVYQ!!g&T@JiwXhG}~JetrD;!@ur<012FdN$TYoj-L!nmf}&J@p=g8`M5tyH zW1;!~7XHTGBnIm|?O8|@ciKE8zrj|46m`R-SgzXGyuEP${)e*zMeto$9vJhPL6zb-km) zimEoITcP{~;Pis0hZXlU-vA>%R!%WT+M#|A4X-PCS!-@9+TvpG_v|2LEP7DjT)T9% z%>QAs(xq-i?*Bb+FUeNk@?fFXK=;CziBr4Y4T|@Pzv5MOIl5jV~#yOs`|E_1eKfQ!t@0}YMXc7Rwih& znNwDKXDbRTIOk}q(9T0`wsR6}I+~d+0UW>b%iOFZ^{@}s60LpePToa-hdSC}rfvCK zxyHL!n2@8=$DAe}FPv6oonKY2%`$l>*Pa^~FB>c6qHhuFf{AjyZsz=09hSK4)xU z<~Jx54fQHnX1`>lJ(RdeZChr$n=%9Hv9e6dC7!k~bBlg5!WfI>0eQSZp_kcxjjhvl zq^==j9*hx>X{k1=eLBYK?4n!KW5d(RHBOZ;yO%8`&r5hU2NFR1Q{&+m7B7Svy zd5+DnJnm6Mej}(;c0GVziOR#Y<*MAvX5u-u>cZg?v&^MmR`vLh&W(cgH+quu>6QbD zf$KGh$%DO}j1ugE5&aiVVZPltHw4XrdS)C8^+DIA#m@J~g zadg3EKnHVoox{^X zUODG5i@ySkPRY$1|I3ew*+_wnr;#!cj;iF^b07wm3GJi}ounSdn}1ndq9H{qO?%02 zj==58CYvv5)b5^A4f9bAaa%+Z-UbXLiYm1h@eE_jmi)n&d18vzEnM;P9s9BTFve$~ zfBmZr{?0}EFdAw>(qvr!l*%fyXHox1Ld^YK4_;!p+M4c;_Ph-@s+Umc1z9_GX|Sh) zP-1H#HIb-FOf|D81w?`(S|UYaGiiQ-tH zCD_~V@0OGAr6r|{tY&sxz9r^J8ZpyYr}!m`FN`xp-(xuS2GG24#utOP=JRToI*T_J zZCQmW&TYyVl)4+|1Boxe`5)kSIP6sOFaktg5|8Gbetlsci1y~Z^=-8bB9%(K*WoiY z!{5-Sns)KrYnLEQM6t=CSAY#(!4o& zz$%%ITJ*@7qL%#V*O`6bi@SizOUss=O7VXgvLZ;lJ#&M+#Z<%R>PBAuL|zx2xFWHk zxe3JXJUSST-b>nA+!@^ydZGGobPs9&d8p1fosjG%)337NRg<|CW@MR}(;Tpl?_f zDE005o)@>0Pql{AtvqmRFK+7AV5yP|IKp%Fd4>KCh?o@dHcpH{yW)oH)5fAf!xY{V z4{--*gC|ysm!`y{A$O+Q7aNf@`f)`mcIztfLHA0B+;~AKLT#xe?YjSop6*}18p$!U z$Jn5=W~96u%BC^HFZCwg=z&A>l}9{7gZG=MZza`Pf3yl|{`6KD$KTI!pg>z-l=A1C zUGOkd45oZZx8_qb{p?G-EA67Zp+-xHeARXI1P{NYuAJ&ROVV|x{THX#L6eFl(oR|x z4$+~gQBe0@!p0L%`vg5GWJ813W^m`TY|B&4eOezAZ;@*51Z>eY6|`UIFk|Kf2|5(} zoh7B+wY=v1dHel3m>YQbxjKopR=2gON0o>w`Af!$ytwC#IW+yta+Fd_lY0Eh(#y{t zRXsEQ{KGC)htH+cAkqh)v&lraAv3A(j73IaCO{`9_(p8x6X{5OD{D8;yd;&MHyR!M ztTC#EUVKUCapqbODfvY$*=)D7{Znl2vWf-##i5}p0jnuJv+hs3NZ?J05fc(o1?O#J zyjt<)No#@X9a4OKgVuqizh1i|+Swk;OK25VR!rt5b|#envGyg`UtI1#?*CH8vqTvM z25kqnTG!gM_!~JB!D#Fn)BfxTn≈O*F*X!pEEWDYuB=x>dJwB)UU}O2GSBqY&LS zFL@*KAq^m9)uD@{zG8g8`|QR)L)Vk+zxsogbHx!Mu(liPZtV1(?TwVnHawYTsh(>~ zoVnB;(I$*D_OIDPpd6`Q^U}S~_lkTJo<9$K!8|=>C4c~@=L_$6 z;^z=o=__nA`1s)Xxe~tn2`cRYi`60c{snQi_$Vk84 zJYBL5)^ciET+Scb9UcnsI%(|rRDK)HxxjR#8~gQ)0J0^eKzjx*3R-dx+-)s%Ie!ELcDN&+mug?4=X$t z?v-ijxA&jD>mo>c8p;A~w*R#aoxfo5*Iy(a#EXbo4VyzEIPW{?`q?YlA7-s#-rqj< zzx>xyP{N@iH_KI(>JNM+G`|{s($SLEom_0y_=)6al4UjKhw)xOr+vKCGFQotckX z^lb1)hVC-~Yu90Rp?dVZ-WFZMf0^s`t+h$nBnMEeB#T3kyHaT`V^StV>2cJLjG2N< ze&-ai!ei6{jgKAOe~cQW;GsPqxGwxo`+g>d)wYm}$-$aQ*=VV#7B1Xp1OveUN+E?m z(q0Oxd0)0ya&={kb^M$#NH_k|`&)|n%>PZg6HoWt;CV>8~G&DE#F= z@W$@DkXLrmL%^OH;-hqJ;y-z3zSFArCqD<5>(M5RqTqYhaPagzicPS|; zWC{I&D!*iaUE&=Chl!^6*mp;_Ls0*+aUY{78rH&($?C{C7HOK{-}AXFT5y*2V=Did zq`y11KJs?-ZN*d^lYfKpL$qk-WzYj%YgvcljN6a{t-^6|+Di2fKT>OoV+8GE)wVs+ z>CdxH0UiEri$}gIpI6MM``MYf|02J^@H%T4w<^GqWjekhg|6d+l{4agm|E2+#-oF$$P!Yo3eq|F!bb^F8GsHy4&rB`< zY*YPvL-8*OxgTf_=+DN**9D42j*bL=sRXj~@8>6;nD33@5V%7V%9$Xmc+n>HiqEE^ z_{;LVd@A8@l|{yUi4Bp4OAdF(-uwK^yl7K4W1`=2)2Dp-iqHQagObwg+a#dqU8}Xz zmjPwokX65b`CQW+ujGL`PpRW=0>>iZ(@VLOE`Ohj5}G(r0navI!Va+Db|;;^EOSBW(6~qt0p#cYWp9U z@QPm%5L{0ejs5*Ge~)2IMSXmxFM;;-r+}D6=@|gOB2Z8u6dKqXVcg;nO~h^0U#e zivRgc@1vvY7>YC}=M$v-fp>(mjdrUPPfbV&8sU772U9cs6aAX7jY`v7|2gv8kL1 zAG`hrRWUI-frqM0LY}b7*?M{5C5eRCcwB8^sK-HXDg9+Q)DCI(Y$p;m6D%t8eF+iTII7 z6$Uy%6l0RSvNu5zBYO~BIC9x3$3lO#{^~@3dQ2N*=0BfMW@iAJPeq1ryIk|z&faBr z(-e6>2P+j4=G?A=Wus`B$v}-t-xez7iWX#9Wy-O?#rj<{Cw)`z5)9`ul>AAK!J3OCeM`DzURn$(ZbqR8V3Y( zt@5nbK5$*j=>wr_==29pZ<&wXs`scfYum3!`8V&2mRMsp7|rdTHjycOg1qqk8Vjx< zJRj%KJ-(9lqAs1hy6b}%U)H|1>l~8%=RK}R8@sI9-hG?F_uv zA=dURKvJVao{To4pQzK{hEsbjV7?7Q{|?!*yV<7bY}*WOkn`QtC+W{qcZZyuHf&J& zBaL$KmA~qh?mCr{u}g=h{JnJaQ_H0&){F4AOKqp~m)-mQ<7N!Xv%nL3!pEl`M||tX zm@=&b7I~V8nxaB`BQ7w^^EH+|x7u8!KOG*e_YE1Rs*x7x!+`!HkDRX_Y-4wldD+bMNRw7$z?)O`JVd*bgT%eazJL;o z+ZT;}q$(c?{A%4^4!#R!+G{s{JH_Ac8@B24O24aEz2AS?+ZGUzcs~Si`4&>g2;xkv zS-Bw9nsQVUkJ#u0jMmz9-F$Yq2ni}J&~V_^I-l>izzvvbI$lN6-d z`*h*fD$<;J-oIkMNaZyEG&)ZIoUN6wd`F{nl+UoKtqWK=pQwBjF?&Ouz71MK> z_MTYImiISVXSU_Ehqr4TF7v>TS6+6yckoW2mn#u}ir93D_`9=C(8YW)0#dW|u97y0 zU~2pTqa>masr`KcLy>kDn~*mi*zS9@_CDj&?@y@*40gj`?GqmXrYN*FTOs9&yV-ul zdpUsc{Q06g|(lGF^R>e}io2{QV&(ZcU@C0l= zTy*j?3?Nav{0*a~{KnzR+su{B9Ms|b<#%?v2U$0$Tp0^(GY>;y0CT2wqTAh z5F_okfYkl38XfTC@l5juZ(#IH$GT(J=P*cS(13{Ey}h?gbTP!4LUsN3eKov%YRUEw zv!*cNX+yhT8Qt3U2Mho=e$`J6cfV{?_Qy(k+O}U4wl~l;XRevA+0_vmR=7LF)U5UY zVDHW2q1@m9adl25Nwy?eQiN=&$Ua4zU38K`Q+8R0EE8i?6CtJ|Bip1%vSlCZbc87* zQ^a5_HDeNkvBY4^%=e~q-k;v*IOp^E{(hg|_w)Nc9_RkU<6-Xme(kU8bzRTvd0qF} zLc0!%u&TNY!mzu9S~g&})LZJiGz@F-gdIq)*Y97vnjPjwJTEhR?eD8T>AX3yKH|m0 zk{Bgp(IDC6!*W6=l6XCn@dt^r?(=u%sp6%Vc89%XHH-r=O7Czqff@j;pwpeyy3eb3ydv15Sq0ESXEk}1{Sa{NgGdGwJ@8ykfn z!ZoWTogbwoZ1KwEfl|Mxe?6l@MzQt=`%(pc{eT=ZVssQav1BB6_c01%#^VxB zzh^*KgLOtl8FEYHNN97F%llj(p?Y!Vv19ROuz`X?5q!d&gz@20%asO401LUPqCqfI zkwHjrcsSz$;}%7VJ2E8BcQBF z%B;Hug^WH_kUeo+JrIi`vr+?EN}6RI1ayH2K+*WqdB~gX8Jc~HhZc&UvTzu#)V|dR zXUlcfM|Z+Ey_X?|{EKM?2g*%s03KyVQn%=FId>LT6=%>AhviRW9Oa35h#|prO1}O< zWX21|g|u7nZ2C0ymN-$LVfRPP;uP;Gy`BS68v~BfMnf)jDF5*s+J}51Gl0H*1#Z5&KwvWN)QF&t2*Czmw5Qh;MKxdSEa64*;%>Y`K$ z!5Zq{y*60eK;Bbbeg#0QUk2A`eW9(jj3+b>7>YZh8!T4~EM%Sl@$bd^46UIOD@S;y)MS%`ztacNfHeDx z`i(ufle>TSaR}17=iHhK{%5V@pIblbVE_Lg4L@b%Y&`DT>=(OXgQe?!5ZI_)V=~FW zJt%m(fT0fy$380u5$3}Kmugh8t(Oe_d3w?d9)A3zbfQ%OYKI|~`StCtnp1~lOB|Nh zc!c4oq3~&dzDHyjM9j`K0Q3UCvJ5>$x>9`985Og739dFF2;A_k9uvru2`PnbWyov>+y?JTB zKveZg7R_6IXFa<5?F4E^9$B~g0`~LrF+1h_Kk2Hnz~Mh&E#Ynm1BwwyKN;YrmRfc# z1w}t(x20Op=uyy8pH?Dt$sRc6uK5>Vu=$g%=E9eKlE+QKbrxVyUQ%!@WY+UP8L`6; zB-iL-X@aKp(q6+Fz+S9!S@-3w*(dMh@IQ{A?HR5`lloRWrg!Ao(T#$oeiQy-Y+@hA z7C)@ep~MtQ)@)F|NPG15YTgOP+l3Ie`FoH0G6O z6gVEMj%W-5ZFvle^!T%YNR&qkXWxUuvQAMCwox;;DC{c?6cVlR6ykfNe<97yEj2rL zktM@%v1(joaKCNQ3x1ig-8D2iW$=)xqX+DHfX23V+B`;v;e(i8G9;3x=En8?_9ABi zUjQLUg{YTe;j4_?_9J#z&!F@62jy?+R~ z*K3%2x60udJrbA^ad_wT-t7%J$4?1~#j=wLO%SdX2n*Qz z{g^PsVdUZ9_F0M06bvqURR7z9jf%N;^g=pjCRMMz;3!yUzZoaPo#pdoH21Cdmd9r6 z)~SvRoW(kZ*tYdqx+4sQcw-Hh$-~^so^DbqK=RyYNgvK%bkWLq&|DDqtRoadaJiIC zBaQ_=0?vo+>y{^rJX{~>&VM+EM6ECG4Q=-n{v1>G@JM7b9R=ERiF)Kpu|T41a?NBD z%{w^mWot)4SVyq|X0$g2>G&*}l;mOX=&HNXhEKuox=pYCQEdt2mrZ^t_vU4*pwDh& znQ(B;VB=hB!7a4x{YR5cA9eL)lW+UJ;C`8?%PQ2zL}b*!-?8hD7VigU7*_)}vG}8w zl6U|aC?xLnPOj{HdxTB2);>w7ba5Etgk-ojdf#IkzdChm4ZAIQ8xQoYm93q3(Zi~) z&0Mi)?jW$er)$4lmDl{EI;WE&*akSI^!-&aN9wPRW-9ojLGh%1$0@oGU?E@I%?qp8 zW3(G`=E$z-M+LWRHzfI7%^ZAWJrr(TjF3`e4r-S?0EV{2`!9BXGGRaO1GH7_?i2e| z9sop*zC?iUi{-b}e_^DEzLI*e#8K=CinG83iT9%r)88tM6~}5ZXgVZ@K=;Y8GvVD7 zMWU^T{#-Ot%+AP^b3gKy5PI@nPFSv`&Yrdc>*lu#v;$8E`_6d3=`!&e;70IMCb?n+St z42#39*2b5Pxr20AOVpW4on3STHIfnpZyT)@9fZB8)sZ5sx&W)00SMuuNAe>Kkq26L zpX=bPbnn0g!6HHI&vYX4@JhY*aO!q>$Q+D^);$~8XIQfA$*DKBl2$LUsPMTB-!wK1FCf$b5gsuUkdl1Zn!>@|g-=Yeyg3j^n~b1C0@?R(+f| z)rer;#}U_;uYIrjU2rsM+s+e@2Bfnh$`*dn|J=PGg3kzeC}`R)m&DSIvG@`xa2&Co zT_Wkmn=42^y;rVjo6DXm%vOvmn%vqhDMD^;Y)wI*`nuoUd^c*(mG~N6ae}jqUde(< zN?}sTu|!btkXZt$N7vm8`=u1r33Xr{td39l=?I_*k~RMQnB?Kf)LRhbg99pKR2p|? z=bBdeHBOMP`UIe7Uj3J5inPXV2mY}J^u@JDY6I^Gn)V@umq+F{N3nmTNWj?B%DwLE0_cvzy=V`VV#bkNU$uw|+#v{~3*cM&ozG^Z%-y!o#Dhux3hg z@OEp0>%Yq=|8Emj|2s&)e_N%!`u`Ur1}0C>X#fBUkIBgs=htE*|1W_)-UeHDRlKf> zKy8c}HFWxuX9z$g{?9ydZp-JF1GfTJ2J#4hG`r&k+jPhGN~VMhCSq9E{-j0;8QGta zLcR{%(KHi;`Lp}PNRj^hR=~xn6WWneU4Qbzo?1JI1qcSbcp|)Z9VoZ(sX)_}nk}Cf zYpl@g3mI({=3Yqz4zJ18DL|xt(nlzI77eo6`r~lm<_&+n#Jnwa6ML((46mzpF zYYf838MNh)BqtESSH6Q>4lDY;t-)RDqvvoq16gzS_y}bID2K57 zeDMdsK#hoOj(@*_pt=g#>Ly_j(`cfywQB#?a{YW(E;$z>t;!#8N`Vp)Q0TA%DeRP z!A?D2t)V@`+ZqH-`5Id0lfFGn#`^g|2kX+{N^1-)Aivm^FQQ zGm$C>-$!@uisa?9zYx;D)E#CUOzLs#JHBD+5LrDtWaIL8wA9j;yR;zn>wpI-9q^9EaQD<~R zc3v>Cxl9WXXc3PbV9vjb$6go4ADP_m#EqDImcoR2nu##+ugrTP;PY(wuixY|24|Y! z(|!`em!_WuO@-EIo!jZ!yQM6Vd3@Y|z}n%$YQmnN53r14pr z^?tyL-I5Xt1(`_V$0TH$8>09cebLsQL92OZ!xCHF*JHlvu z&vnkzT0}K7X#7lNT-{*fo)?^>;2JJR&to|4O2S~}gx?+`hy0cq z$1c*Wj@1iV_Cx0TiBVEYzX8T+O)g*+0dc2PbD7soD_ct8ICXXm1F?i$PPIaY8u688 z0?-Y7t8=8`HreE`iQdl0Hfn~=Bm#$ecOtom`c0TnBmyP4F3uTkVBkr(LHzi7(NC+InGV*ih_YluTT4_~pEvn{T8>G&g zaV2qggkQVR7H0fwT1q{O$=FC5TnOC~;uy*uuw!1Kr%sqI-QC11TKTr#vVQq=dI%|P&x|D_RlD_gRMr32J? z_>{qidimp>e4)wgK2&%5E@+@moC`S7VdZA)#PuBCJ)?&*sZ#@8u5jr(?HNb-{Qk{{ zFTG>LU$vKA0HL7Z5Z-et(OEX0`+UOr&o!&hnvX_qnaQ$DV!`b7BUc`r6(gC!-@1e? zDxv#yQkcOmWE8VEq_!#_)72ov$oy?#oIeo@P={XYdet4RD&=w){kdA)+m6l*=~>I`9+f4Q&(8ZWs{;h=Pnr3&8cg=OJt7+42v?V zu=)$K3+k0C6Pj7EeKjo_{!Zl=&VIpi!zNl6)&_4{4!~5b-qsi?dO7P_Z2Xdf+x$MQ z!aS*_0iMaPj4U~mkrr0CFr11_5J`nnB0}!kvEKFt!o-+KVE*0BCLHZ-xM`YpBHptK zeN5)r*8bCPWQ+HZVj+==#*$EdTkiy~ZeqY7CFfc&1nDw@t8R1^M&YoGF!fw^bP$R> zM2qK}kwBk#s>$-doj}o1OYrw5i(h*&)%Ci{yHzXpMDlEZ3mosEq_b1|4*U-DG+p-# zX2c}kYLc6bg)fiJ);=U6bcV*@XpR`>elELp?`dJYe+VOkH#>)J*BFymirG}x&omdt zER_v61h*OHu+jKL#w^yircgS4IjtoqeG)VvvIPEZB>^C^zP!h_>_XqVNs67Wv$ed1 z%CoI+%W_SI$?$dsKPrdd)-`(sX$}7MhTN3GLS=*H;Ha$tL>XqV2YoxGwOW5vyDxn~ z2w#`xqjvK!RNrAVwfVR)|5Wqd*Zo`Ry<9K*{hnPmzIF6)eda+q;i=n6<8P;7mz6dv zN{~PcS9I|Yr^XW>MZ(&SNY_a!PJMNV#D*apgs7A zZq02h6g<9QO;>r9w0E`3XufRo6L%JGC*8tMrBz|!E|kLym6~1>3YV$PFktLqnyuqan6SdpfbPQh>~aaX)VCL$UO$h=oV`AMu+YN1tZ0x zQPl+RnvOnWMU454Buee%Ygrl)JK4%IWE@L;mv+Gr0%i5osp!lbYFAz2m5-=VjAz|} z_i}T(zwInc+E5cn*8XBf^5L#j;L3J742Z4GY}U`Kl2FHiSKgxe8BU5E@t}eKL^7D` z&Q7~9ui`EbG$sVk+Bd zLDrCw*WV*(Izi1Bt6t*}L@5C9YM5!qPNVz-#(BX_t`ROa8nGfVMHp&q(aP=^Tl^gn zbdmazWKh0Fk;s9|E;0nS-0_PEu>+b(Ma=FDe#4&)C^P9Gya;$nJ}zw1VKnSK`&&DQ zATg5{28Pt$VG|Ml-*C%uZ4a=%<5v2lUNGE2*m!G!!y@HuFk7tgY-b?Gw;-yssj6GM z5i9_%m_lJKBQ~cjIK{EFJ$U6~kd%2<);&a=LM-ttCww9ZtUlyl`j813FjOTH9*i$r z;IXhw=FZ`uP`+#=8x6lhpw!8$saF@J#CVJ0BXO29E3KEw1q<-+ln^_s)&5E!LE2ax zwDje)#K>_9jl3ZS_I&%>?p*7VK46DsQ-xM7RtKlle z1$NfSZ#I~Pf+3h#@qY9$+OZB z&Z9@uu|34(GMvn{pgM_-gZ6|8JW?y@n(NCvDsu`1bM-3rib!EM`jx5(AI|e z3PT04v!@R!#llt4Eqjlz)LPUF(8TdTrn=0LsMChb9^zTmST?xU&}8Sut)HKVu_>By z#0xOuP%yct{Jm~W*pB2Iw_E28+4Y06NMY9dZQ17V-o1XH@DNI{Ud60oES!Mw-=r~H zwxnCfbfR+NnZXeYmV*c=OlN8)Bd;+t3~hy~4)Zi%b|tf7P)_Q8!m4i9Da9(aLNl zyffr1U(7k}Hu8dRkgJ40r-pQ1A2(i6%CVclS5yZtEny0?Ui{Cu!D<=5-);XE*Q9x>;o9SsCI>okeH;_A%rtsdPL=9E??VX9_ zsg9CLU)XlaVonMMKPLHlF-Po{{>=4JY971U&9?6KoEYm|v^AyoS=EB>ff;ZLGt7Iq zd)FB;K%}`XIVGn^HMx{OKFb&lqXeT!Y7Kj?lT}-8`K-pPx{X87CL!=3ch%sqxbq!|E z?JRoL5;;hYojkhRK@}sTymGf?!DL3xQn-4f1oWn!bV1(E#*5uX0eL$GOpE5L7jGwO zj*6>V2wNqMY@^gdVHt%GpB-US2HiTXRITQqRD)ft$YNdmxWoX0d|f34>~i--=^a(W z^3bp$ir!QHY&o-0NT$DW#A&M5{9^kp|5ATi8J00H4(~7)H&K3mpDb$R{qxH#TR}vO4#le-)@-ZIRJ_dr84` zA!*8u`vnqu2M$Px#H5PMApPLN$~2dqttys@cFzvIO5de)CrP0M-Ky>ol&EU^#*?Of zz?)S|xraM@5qW+l|2AY`yzxQmYIN~&SnUjvQ5Mi=tSu|su2 zCQL$loO@|g)Vc3@=%Pw_vwZ-d&keTu^D@kmbmRgLb;fT?l;QW>b%(@clYKv)z^V}U zI)aE}*IW56>kk3MejsRZHQ!w;0Q4p3@}gSoKfGG2ip*i36CI*7#n>6c52-%;+@(mraMH86n^29SEXx5&Ayq zv;0l-a~Z`Rg*>g)K>;2(5K#$`!!N5CDUtzn(?072HZrSg{_f6KVf8>1i&fEDz{_0# z-P{u_s75%#OCkozLsW@- zU$(D5K|ybI7cmIV>k^yk5g?~jbJC~2Y+Wsm+iieaf@;B37(f(osbo{b~O9wT=7rK}b1e410M4Q_YTe!3MQ4D9EEn~48b<)*&E5+Wt2aL{f$i;W-oHc7%I0snDpiPhF4uX>DL{< z)3c{@c(WZ_jW^jis`G@^Iy<3$V^n7W>8A*FR;x8cI}1{~HO~Do(I%9xQSe+Q9Q^EH2nU?K@>U%m!(l6`i}<7alA0Z{(0eK+$=l2pkv0 z<>WCTIL;XRn2ghE^}q8;vU#)heGyC4IVOT8sIsvQp~6r3b9>v zVdjTQDl2-4tCd8Hu>cL^-zssr1IPaM^NtS`4W6*;e>kPpq`6@5#OP{cjN{>Jjrpw- zRn>*L)k?BkfFMJC&JUF=iaW~`|Ms(SMHoL%)*lpyN5A#h^81osEn{soelKHnG%RJf z*XHckMrf_^YrhSl!n0xJheFVpA0PhkmESv1aszcN+sT6lTXssMjyHqY}Xrjttms*_2HI|_s=D~*i z>v$+u1t_uBk*wJ-qu)*?da*}|Ad3xg-{zAlIwJd^4Jfq06a9yRZE5Q09E^S(dA_($ zewB!v4E$NUjBB0=woPnPRBHdQHKqA+b6P-)juV`h_8zD7GN`E>eXN8@9*ErTHkRfD zgvs()t+KdRuS3b+TeHm}+Bzx_k>sJ&rU9Wdq8) zXUvDs5yTg>mqT#~z;)rwD=!_&ckSr%#k5vW-5$f0`>eDo2i6hYbJAUb5nb5kdDCjh zBiNktSQ>4{Gr?utTgN?yJ|~;t#^|+`*+I^k&zlTkJxVMUJPYJI_@wkZ9W**nRW^CJ zu^wi(`2b~Bekt!dWw>j&4Kv|Y)nRAW_WpEtjM#P&OzjoSO6=c{ylm_gnH zmNkR;^j&zvXB_pjvg!5jCUAJcw$F^2ZAbGuo>rEKf_0*UQ~H}K|6E_a%57CjSzRi( zg7}Vpt$l2pR2|oFM_xVb16ivm{icBJUKg%gk{4MtO%Z4L;3w&pS$4=+Jrl1Vt>PS& zD^On#yI-XjxjXk_)qK1ntnMRvmY@M`m=NE59X6L8`mT*F&Bf}KtT3-Nj)mppSQyLe zbNf)gUR!bIPXuw3`llj-UMixNCYMMgQ-GDZgVq()b~2eT)#L3@rNzi zKMwunvg<-Fifr9Hqr86``QfNI?wif#^OQ1ILqj&^TWliB;>vvr{ZJ8RXPS|2OAWAE zd~jQ6y_E|XJbXBYT&kCapn~Py4jo7=`1i$7ur2#qH z0N3$7bng3;H9ij-7w&IVQ1`!tzH$FBvXk!tvIHrKc;MmtN{(5;+?kZ(f)TiKf5q*7 z*^X*@BkVqj=#t9Sxm1oFc3n7y-cHik;?jxG!q)?;(2w1$ylw3cV$9x)yKH)uMmp2h zohTcZkR5#(DU9p6U)i{LZu7CU&kt|SDtM>d)KrB!5=s-36L{G&-mj9HlOlC2HL@&&*MOmScGIwPJoQhUtYo2gsVR zw*L?~X1uxl3582r(N9Iqc|RlVU%FHe+v3yNZ0umwA#>%+!j(NrtTayeI6YsCSe-Wz z${~v`^18rTwkM92%w1orE_uNKzMDoUX;d}_xxLSom-3cC4{E+4o8zypINtyFH30~S z_M7|13U(3m^F%=UF9_Toi$sUFiL(~*J9`i$YaAAPTQ*CmHr??9UWjB0;*eQ2= zXG&v=2D_awp%Ch4nEY$ZN=rfoDzMIV{LJDbbRc;)?`jAc7ylW>rOv+t$q=c4^h@Cm z0gW-ECqvx465kmv&O-SDd=^d3A29d4-q(dT@goNDMK{k(Ih9|+Xq^Y!D$C>;V^@%z~-gyP#g zCVU5)OFWU702n&OY6IGs*Oe=uL{UCiH&1{|zTOuTZ2SJR;3XIvAP#UCtLWOh@lQ6d zaw;k;R}Pzjvo@;P_PUQVCv}*u#Xvi5TX&XGw(T#9I>Sh-Tu5JboL~%!UhSJal8LV< zZ$vOAh z^665yl!1fk)%*qbNVsmEgX6O3IQBgI*e_BUO}ms_%UHy~W4X3;bC6xo zSAs^={f_x*`4lWif<;wDks>38Iq&t`~)%Yro}q+Q2qCt5aQ(#yfq{?En@ZK+YTadS39d<4?b8p|A@Q-cl<9O4x zfcE1kQyKUtjIajaQ1k&}3ElKlzCq>jINdN9ZizBEy2OF4>OX)KB%NAES634@QUdb{ zHwTwI0^V?&&hdd700!zhPf7!kpP{RU0_XavzKE^2i`vw)lU0kiymEW~@K1my!R5B~ zY2a%Bz%v9C3 zT)j$LAC`aP627_zN?U@}+{TFo)d<2Q2?FFx!Ut#7&aT+R6KpJM;AAWuNz9gVhX zOG&|7NcRJpy-c(~Hc}(fl#SVx41`u4{_DXo0U?fT%K~&&1J)=|d9!cgYFV2O270sG z&25T<_%Dz6Qmr3q-if~0Bp&SxYTaw*s8AJFI8^hjQFT*t6#g?J;yWg|irtYsxNdjt zFMe`b4quTlr5Efn;rGPx@;AQhJOO1K`ew_9M2+-4=3}y$M)o z)GDA3pRL(BmkEaNg*NinAv!>#fQHkp8>0nJ$f;C`XrN8g9@s|#UlFv>9mN*%4>kw2 z(=EA6G`ryzUt7YJ#Feh2-FCJiWLi)=K9=LQ3kQBlzUpH?d6$ZRa-MqLHUl# z_T`7hXWw4)4PgloKwlz9qpatHOk=24RIw&?x8qyF9RH;|BdtFzHwzjq9nqqd6hf!?7o0+O&9P$t`WT9pM9X7a`oN93f0=@- z6CuA@y{+W3+>EkV(e$gddq#&HM!SDPT1(*bdz2y{D5!a75^TOc)5Y7(VTvC0Y=!(3 zdnHj5kHUXdjX!~sLuAWEUZEvp8G-h}Q$xXzkGwXfz@#2R}UOYZk3KwSK$E-Y-&7x;0uotziA}m8y}dxqPw}8#fa%2nnXGTB9v*t`MbH)W~a-pAiAF$38d_^AVq_>hOV^ zJLv#1QmWQ-(#=l-L?C-;Zl+qlO}wKyH|?0~(9(b?>nA>D3`wtLOLrU{-IAWoPmUSVB$@Afu- z?`bVyq5+y4brf0UBZE78WLvsqr z7H$JcS2}tA=ZA?W&=o_)zFT=V>;Ph)*E+q5^gG5JJSu1;e@^|)y^6+bf&AByxX}xK z!^>%=d|o*(jRa0M8~Sh0mNY)_S$oM_UE{26WPT2x^8i4pxuwNo57b-YJF*k8^#h#u zTzi?WCCO#!pVUAy#(NV=hRo^s_of#kC5KxVbk05?<+pm^P?)@+p-dN@sq)4RC;&|O zk7f)_csK~CM)p0C->lu{3zmHVOK;*WKWO+yz#HZbqkYCtH$HUZiCx;YW-eOfAoBy?cn#R z%~mt6zr5MY9x<)apJH~;cq?{Y*LY*?m!7ltr1G8Fd$P%{GFVSUcJ74#7?51!tqrfc zFR#44MBc~F#=IZ_h=h)h?Ur+Km~SSsk9w=?*&L7XagBIty3t{%%&B3+6bO2Q^zXsJ ztKJuEy{Im*o(6g%Hp!dNAChU)MwK0mNUqOveu|*>9lR=9$^gLTz$r}<`492WtNd4T z%qCnI1GBaHC3sAV*F;d@S3AZ)Qeb8-AU-X!GmoBjlOg$FET~X%x)-E@<55S0`GmWa zyGoRdJG`IR69D}|jQo$ecpS?yjojrr%n*XT4C1cDKw8{T>uLRKY=jM1_f@B6 zjN{YD2<{|NDR~ycotZ4h4(a6oS)u>VP~agI0{Pu0HGWc>>4oZ4|IrluPBn<~t`ap; zB8#4daVP6=jojCx-+d2;Q_9ln>w6pl%QxU%57PR@!mAs}SS~ihVSReVE6qAUsQEB( za3+;GT)(*L$fY!r;#hYHHE!$DB6u9jf#n=mMJC16{cJ;tqy+k{Prl$GO~@K6x{-y? z#*$lU1BcgTfAAFd0d(l{1x`9@&AX1^EbYL>;jJjke=`~jin7UNnj4j%nPrIf^(rqF zxC&&l?bob4vjecGHrcFB;Ue>**}7e7)_uO3_m=cgO~T0Dvos~}NAK+KRFhaBpbyBo zTb%E77+I#b5VOiOIJFX9nETiLasf8|48Sj-V*CsV@H_NmwoAtke&63q2J$#z-BH3u zf0)~uBy6N(hw8e-m7hPQWvU_r_l4QS{q4va-?m;`h#)w3K9oBzGi>Mp`2JhqEq^l` zz;Wm{EjJY!j~)J-MMIVZ+WQW_wk;ZgT-5rf|E8@)eA$vW6#zOlXyu?ESCBIEH%rDx z30cNs#RP4(GX2{PaUt4zmAb*e!DeQxj$vBnJ51KGuz%l`W8MmA-mK)m!Tf4>{z0}B-Ee_HIFc|>-!Epu|m|Sk;JD0ka35f}?Bj^0eDjt+lLYP^eD0Xl} z(S=Lwua1FR=iLQ}E?R*0KF5MBF#&1OhCwP45Ow9{uv)!)WJQqvA#CfRu8#V`-5KlRxV$jBW ze*=Xkl9$sa`&WHMB<0ECdHU7#BLj5>#u^?0Q-Y?o7f515u)AO#zI9H`FNML=O8`a5 z)vdareknlpO6);oAn@g{(p>ed^Hh?z-O(zC=D9lr%*~_O(!~9hqJnYs*_SrQsSCS% zrRCyD69I#fiS&mlO(D<*mLelx$#vlkC7hl8dY{)_qJ|$6+5^@RU$0)D-~hhI6^)#L zCr&08_eEQ)X?&;~nckF4mGkxM8ey*XMd6M=K7=Kw&#eCDcK74dY_LF&86>@i$d)M~ z<#)s&QgpH6$6<36ZCIUy0{ds8 zXc{lw$=OD;_KRSfk2Cu{IO!D-_1SC{y3+Zs@vaaieib8G*3ak*0|DWSW3`o8?*=Hf z%yUDw=&)m%N07q94$!6CjNA(XZR;p7I%lNrCfyk;kTQb^oCVYIC4k#oytl{>zQHw( z9}ZB7tKIrJw0Cq}!Rarjlv7JZjZA)hG-x;^#VRG^^G!ZglvKQnFp6LfhmLmbLCZty z#SjNQk40CrBUr}c#&cmxf)#o(uXVeYyAUC*A$)?lw3w8IbnuYXRT_dZsoaMmMj*x* z<&zM#7~booV?$;~LbaKy6!^8T)VdX7S3_gxx7&B7`E%g8-a@2=sd`_Rh}qs}lU*PW`#AmMZ8+8704(p{B$LX!Ez!7Pv3`6J#%a0}Aa&zYG_ z+hQE9__Lv2A;?!`Dx1}VEb2I?d}cibTR%)n<<^dvkb^nUmB6+ufrl+UEt4M6p>9BQ3DK2AEid$^Yqu(E&_vXl((4|TcOm{&*e)PUP@%F%yoL32Uf>R~cQvlIqmyVYwLBfP z`#?OwC7zKgUq0DXdG~YWxIr)_UV5xnJ=3ZNMO}v0OBCssgl$jr9c$AAWJ>U)*U!<*x?*AGUrpIp-N_r_EQrn7flX)|ocRcUP7)i8jN z%^zrVtmZ3}tnwN}EWw_)7JQh6RTe{*M|&z!E<(mOw1pz>Q2&`)840o-UX77%%jlhz zzFJJK1xaXrE|#vnkl4P?mVzA0Pem=bh31|V-E*RdH=%n z(~y;B;zU2j(E;0@X-`+yaua`CI*AYWsgof)fp#&t9d_E%a>&4o3cjI>`KhqyvQDp? z^4TTl{1Cj^lEb^b?zRPwx-5J-C3!1w@ajrjqXpIB=YyTSXyzIHlAhkyd#C&H-yAc; z7^=SM!%jeEJWbp}DT1Z}Cd`KP<Q zrE|o&-@|Vv&#Y6<1y+Ap#o8hz8lh|$neaGc!q+0D6+y-wd*on|tko)O`AvP35SZdh zw;`hdu&W4;FOAQBIIf@`H&akN_i;SRq?>q1Ai<^m=FcaN+*(ID9U1^ItBdTzlu$6i6jfg^_vCQ1Cl?4*h*{@aAr|ZC=3YtD|RRF?nS*Q~a zKT>qffVkV>scq!e@W=duEpA1RPX=cIpArc3mzx<z%pWcvk6Hg3z zOxS@zL*esvG%X&nYX1b^Z&7ei zaD6Xi* zxGSy^KZ!O{wCx>fX6>!+(<-M{mB9P`YcBC$9|;Yq$2+L{?LngnW!KaP{*&1)xZK(# zM*(}yUVkTdH6y_1wn|fRU619rj>L23qIi>jP2Vx`(EH2764eoR!y>&Mh7cK-8S@Rg zJx#>M91|LLvU8>YE=I8Q@~wN;!v0qHD58YCVkQHgiz;9|v) zfthObNy==XeIO|<0J6hL`HcHIuv5lUf!3`}nn_Vz%|6R-(+=57aV?k?j0(&CQCZK@ z#UM%Mqq~krKBTuNu0{pQ1yD!BoZ}%)*pkK6fQN`zQ0N{ z5!RQ++Fva4(+)G1S_?dxls`Uf^!SO#m}J}NiwWb#>ZIQ46=rYAH=pM4qVAL`l*=Bp zOd@ne*eV!KX#53Y8}q!*u>kE_r$K-s|*TUc$#z)2j@A-u)tW z;5A9_Nnqwj#tKt=LuPBvz*Mn761JqP#v-X`+lCt|(L!y89UY8cSfiFH&2#Z0pFeyY zb!KbtcCs8oI|HH2-Urh2yz9JS4|E~J*x?v{o|d4&&NgpBO#H_-s$BjsK1koZDGxX7 zK^`CS_epOKe;m<4E$d;+V2F!Z7rSB>i|u;74kZw%L8~hq>|)o0bbserziWyjSs8f# z2Mm+v)hDF2T8XBRwuRBL#`78$2U{^}I_6?{o>Tme=ea$RsR4JdL}?2Rr3M&S_O!Yc zZJp>rdR`J^4W+dY%240MyYM{LFg!=kpvryw;D;E)X3O9;fcR)vXn!NWV)BMq?GFvT zF}K33npb^efUa4FMfJuEX+GbmGBfI|I~r*!NxC|GI}G&QtRT zy4qg_70@_oGvqL1nAzHh#W~>b5HC7jQUmgTwgufK2GDow=MFU1<0uWmzz3u)XLi3u zSiP8Zwtf=CZJB$~sv6B`3KGJkm-!dbfjk6ZfCG|^f~ODV)2d1tUgQA(78(t1o4{&K zdqtfFHGX#j0r3?z0^K9a1#G$LNDAv+e1*Pck4%rw<`ZC%CtXO&m77|YWqB7Yu~k(> zkxACH*`o04VhD_UwX6d8Mg+atWNLgRg!M+`$=ISBmoR6T+s~+Ah>p~3uP_(+)V-7& z5}pV(IyQer0=H6mPtYdSqRAf!O8uqxxhM3AUOfFFfwE{dDM&d>plCl#`Y_`ynAg!D zS)J9Jr@d9CWv?yZgw(cT>mzSdkm2A9kssWkd6%u9UL76-kPPksCj!FX9_F;;b1CfA3*I{|;VPAZ z6V!&xth#Fu6{qTtZL9;uwnN8ChpQ*2BY;ouNX&KU>1{5#PHc~HAO*V2PzU(A%r3sy75)CNM-ZAH>Hs=2DOMImx!8TuO9vKd z%Kx&^FCpmcs1(V2N-vA-WTXfUTv-TRp8+5Q#fBuv3S*=w?4S4;vCP2*&^^g#Fue%NNcPyb@G@aeerHG0myPO zUwzeQ&k58(ptT~W;p*ppbLutij?VA`Qd?;(tGJ&qme>3u>QbbK9Ti-7WRm;w2;#|s zfXE-5C&gwNcbu+zJ$bpTlUf1yH~MyHY!7byUO)8kb(!d~&F4BxsU!3GQE&T$ZKj{- zlb$rUQv2qa`nHT-tF%LjH>b4X zG&jIWL5x^ZZSa6%q8tB_iIVx)<95sT4^D%KjgtlBPsRg{*9|4`8QjUw#){p&(*0>H z%`smQ<6majJ6{9JlWX^4G$#FR%8*wLs=;F)vmBf!&h2H|lU3uX;6w{LJRX!3(UTSB$s{qFbu_8%JEduGQi~Yh1aA#H_2HSdUWHU`>y$V z9$|O$B9|MHalY8sztZd#TU(M-m~2F zykTzJN53E~8->UfOH~bwj<-}u4v+X(IZQY_sB(O8Z=#I_fn7H&4t{W?SY1Q6THbpO zWcyxmG04#kaB!RqJiF|$;5gVD{8!fafB$987$^P&#Mj0|KTdxUBiA)Fv|gHpqrr*IXMN&{Ov4~ij;dc=aw2=k(}531hM*`V7)UcZ%2kFIm|OwGf6(xk z#3wgBL9DXO_ovTNVpbBNO5dnE~_zo$(`*s^__XfuQy zUr!)SejNHhUnq32hK&u{-}R`iSu?H956j_zToiTB;8Y7rdDf5{{FcPzw=H#-^| z+wY&@JMU(S`M|H(e$C)f$Nk8&6YmdFr6JBm7oCtwzv3ZHaB#2Xeg^dy0x64F4mg>@ z`JZNg>a+jnPy&Ih%LTgr44UD>Z&6q#=pSyo5W@1Eu>}xy%8WpiL71P{b95k(j6>>p z!}74teAN1x4Yp6R~8n|Lk2zX98}A+Nz(g6lrLBC#a0I(`KiV zkl*OIdDiPVSRcDlVC4ddq*Zc@x$*|Q5DnYk$})M8DxV6u*Hi6fbiidT6x3B0JvDXQ zI$d{8D6h8+889#?Y>oKL-;cEgx@XS`!+3&Q#P9b*Z-Z)BqG#mkgz$mE*}Xu0tyrOd z;P#jNZ!b(x6D|EfqpE47UItHnx0GX2>??l(d$!(uWKP}O11@mV@( zUee9pc-FO;T5lzxG((}jSL5<1`iET6_;<6WLKNy&&J6vJf7}}KBJ_r<3)ezMF3uQM zC?xzO*bOhTs?>g6IrQOe{tF|M(=N;yx`$qa8~-$4BWXW30A{!*>wiA|9}N6!44heu zo}8|t|LKB_PYpe(;IN!Ud_40^ri;WCmB@gR!X~n(7?(NK8c(H|!@v12JbDTEFuvhm zo?npem#*g_)kHEf^Jpc5Mi~B+5IMB6fL_AumHlAP99I9`u_4trCht-IoA6Me+_%=xJj4F&3s%*mO2;GH) zILs7IFhH+*6_sHu>~*hXCrT}bbkz&p62VP9jZM4X+ty*cWL59D01t4n3TN_+^LKqM z;UAZAG;Y`{?xYisW=volj28kYf5b@;a-(tsNoWO3 z7Kh=Q0Z03Oqr}qq0y$JQ&rl#K6kMtbjLJ{|AfI{mt<7flrFD+XGs?gRhWOYEQYM7F zT%j33b`w1YAO<{YNRhv_%v@2jr@0j9&Rd&^QHilD0!aXH@VrRGgX*2I#!_ISZq2a? zRK(2Tu`uIS;dP7j-9-x@2;@}ro&1IV)BbMYx50IDMVs^WKfUY)+x)=G;P)<2ta}xU zEHCJk7gR_xFvA8_C=R=t`vF|faz|1)#K*DGe*QKy%fnkcW)@fmg=fW~6a^gbm7_6A zz|x??v9@SdV@Md+X{SwOjE8GKsqrhQ>j1VOk(r0@MKL>J;f!bg7)E$iVnaq(IOoHJ zgB{a2#iGlri%n$cnt=rz`1H+8!;xAkC|2>-+3Ywi%#;~y>howRIxM0tVJvu@J?>yQ zo@B_G3~<0!GN4k9yFZQD&9sGBnv4EEs*tRRA5gi4n$CBxRu3EKr0v-aO>yj_GDj^l z%OphrK_G{tMX0W^%qWktb#vG%<){~*yF0cwj`s zpBkg`cy>xPS~DmP?rVi&rxs^EiqguRpJ?ZncH+K_tzZ1B1FIaONv{;7vXk*D_rTa0 z!^4r3ACaNwDGqfPgOZXJdQbZGEmri5+3K&spkFBMEf-L5E}I(~_F^lIX7K?Tvz(oi zrISevp+?DE)&|~CnwFjykOIhf&$c zxc?fMCMo>5aN))HN`C4d@w;7)E~9t5-28?YD*}`vVK!TpViipty_Bj=PJPVBw5**) z){#4+h4jOfxvF@qXI$CN13hR95xtkew-IF%%@qTw=9zbphqAM*aS9(L<+!r}mOe8G1Tt(bVzsw1*>FXiV5mL3 zGrqxJI8yZvimmijq>c8XhjSNpem6{w6IS?iMMLMD!#zsoioJp!_A-hblB?O^j=vGR zB}557(5Zrl)aY_BehP@F`ERpp@;4zADL5&t!FBNlPtAdzMo9o`6^=O> zkm14J;pJ|=4^Yl;>Mw@fW6a4W$YRaVTrb9ipLUYV$ru8sp;W0<_(7h3t8|9^>hZrE zbx4ZR>CgXi>vKT5tr=-C#X2FoGG381FzOkY2gMY}|24crQt-Q~L3{e(+f4T+W|TFj zV1yM5VcZ+?!aqVP_9N5r#}A~H*}_9A@K52$N<_iEM<)QL-$(xnjM6>g(8ZgGTbZ8- zX#O+F9<=wvt5TRXofHCdt;*H2YdeH5NUXvoNk;}dY4LjV`Zck;s?ZWsbEze10~>@{j~rC;?AsPlK=88(nZH(N54r z=;8D?aAWv!5uR2&6e%L*Z`(u76ZG$xhcTMWRDz`p* zMgHxxG2E+MIh9*yV8os6ih$GF?7ghuke_XBxa6#J-D=?T6?a@i+v#lU6p)vHgt2J(FMiYdESc( zjNy#-qaljzkPl3ek5~1nxV_W(dY{xlOQ1UUmTBZ;>d6gFzbMvT;Lh~K-xfYniYv_ zC7`?9yUs~--X+e_0crFa0ATM=BI&Me`#cz#RAJs|&|32uClFtJ%~3OrP~Cx1vy;fC9fn0T`kFldb3z?q7WZuq2v(6i*xQ z%LrKC{g-$fL$R*`HJ}5y#?CoM8Gw~0e`YHse1;A}LUEJO2e8v$VX#m7DQbQ4vDsDR zuSS_j{m*jp2SEf(ZS-}8IpYlO5x)pcoeh=_+nG4Uf4AWLffPW>JpOw)2xR@;*?_g` zfmxeBYvm%LN+P#!Bx=?NQ@}&M-<5E{SB>{sj_g)o1nq=RG;3MT&yqq@}or z3J@9?jAEf$FKGv@pP!ClGcaAU1FM+B%Kp8HJd(x@e~IP4;*iYZDCRpZE)00F7(MLU z$&p|jl5=s2u1;3Jp8^w>8iNzjoBiF*IidY!ItB|F-Qfj>LMlcep)r{La04eOsnq`f zx;LevRBTatW)kGgf}ixB{{tyXub_+X9`7nno2Fi=`=n4BQQAetGU<(hjU5#7W118k zYZ5}imli51h%yz=9QH(fOs;NK=v*} z9_(amn#JUzng>SlDtWC}l%4If8WEXR@0q{u*<1;~r*CK-r^FO%?Z@!vS7D}5Ay?ZS z^OXdG)br1ZHk;Fs>h6-r&O@2p)c(c0Y2MrXt53icYh;}>0BY2KM$Ir3`)H93H!V?$ zGHO(Dz9ES8`8X#@iRQS?0nEQEgMJ^C#hif>rZ3b;BBWLF6M-lod;-9{i9gT#K?vp)nmMMO|3_70Jm)2e$-Mpsrha=JFB9HYR0X1T&5&X&X9t;aI!nyWjkL% zqspq8GB^QC+N~1VGFF|2Ia$A(c#CP6B6g?p!QdxB_2<3`B#GwuqL#HD=6tdR?T2V; z=VF*)WoS8Am~T^6HM1CXk1m`p3?aX+DmW=?ez5XTRuv{|#J`10e;*WB%b7pvdHT>? z(OUOM-{+0FV!K3JUE9V%lv-1l6eXzPcG)ZPQDbghd(IeRnj-JPMKbBG0XaNYsEY^U zx5aA~Iz~1inNx$RO!<5ix^MVwf$(AFy@ngDW4hAO(TTAOP1hxI5YtyxPJyS-m_G zYTAqKzAoabRY|t1Y(0I4|H4HcMN*K-nxD+JtBE-D%JPNTR~4h}o0RaieVF2pHiHOu zFQ7P1*$ntbDnjJLDCU=dHSU+Rv-Bp1^B-iqIF|N4=kf|V_Z`l$g>T=mNd$Gn-YXaK z3oWt(QEkivaHnO&Hq8{ekMcZnSH(e!CKO8~yiAu(KC^QnqfvoS^+}3XWl(a94 z*Hz>pXnIX}rT^AV7L#?MYA-*&;I>rhhMhTnuuEoV4LH1HM~qTwTfv^!5fLw*^oKHK z%KKq@)p>^#{a=r=KKV+@BiKnA?evg8EVf&t%G8gqDvhD5p>^VjT;((-@oL0#oV)OI z0y)FKz1xw!dRG-)e==$D-fpy{Kl{s$b;w|!c6LapMV()kAC;CKdJX+0$R@y|T`bSu zHm$=dq@|zG%}SsiOJN>1=Zu3W!=_(5H|p6@i9*!{5WreEzl)JZgsTW<1 z;P3CTVwWvLj|*BZTo|=kETbI$rQo!tby?Z93(T4tghAhX!@C|hOp`8^dg^!jCkOwm%-3bTs2kQjz1EsrTm5dtBR}&l z=F&e82JQGm+b))Vu8wbsUgF_+GgT$!_rQcrO=^mT(_N!7e*L3faz2#kE>cfDkr!L?k&{tW|MHVyDFC+EpA>c3HZ{ zbtmVv9w(?x1%DOgYo*wm>%lf)qvmo4L-zf*C*f)<4jmwrHb~I$hfEGg2;2Jh*E?z| zm2Oa_NV*u^#jz@`-%1LD)X8WDBCZ1UUsoxTM=fF$}*%XZNzfd8Wh+* zP`n|r%I;$FCPW-Z1~KXAM`c{J9MvHk4<2by!9ByX-RSR2LPD29ez|l^Ib?z?j}Wv+ z4_y30B)@2&#Rh(;3WhoLSgGS>eazjt+IK4-QCcIc(wtAFIhUs);^?cEQ^_l<|CiL&-5*1CrT-!g(IA9cEs^H4{Y^Q>})^1@77cB(4Q(#r?MMinKNwl z^uy{SaaKLOK`UrQ?x+VPy?P5h9QUUI<)6j#aSFbfUYQPX7JltocaGz4H}R8Q8(2MH znQK}1OI~l4qL@kWbv@7bo!%ImY<;DFEtjRqne5hQBv}^_n#Kq8ymHYFS2Q`pN8(!Q z+wV6avjE|;)|h1ZRSUR1{RMP?L3g!qypn3UYWwNE2`)a15phIzIq&1!{)|26lqO$# zej@beMHszIy>QzmY^;DfY}T36V*t!=-Y*$R+S!D&p1*f;tfWl}jxwTL^-x^eZ6;t9 z=AXwh(OLXg{LE*dL!&`EilYwkVDuF^L>66NEQ%R)rt@~QY&)5GLP#`BjE`v1q_+=D zI5_NUdgo4z7zxr0PS@vBm$e|LZ{|9uSdV>P2l;HUWhPJagBPq$i~@m-=c^U^sHcH~ zC%^clhLv_C>z%X#C0JDPdzd9WmO={Q?f5$l(i*mb0&O)s&}LJUKAD3W82zAg5noYH z#>T7oYm^32JjUGOJqBIW?sgeZmdjKfMDeW)egF6k+vfJV*!NwY+dRlGV-MLW)_p3T z6s^5oX21^wex%;vDNA=^VjD>dy80-|#;-B(!$vtrWRI{#TKKZa*R(Fqu93c}#e>wG z$}C(G;oF=+M_SG~HiS;Tj$<$v@EiNCB{-s_gKGYSQ+~(3lH+)R!^}OF$KJdm~DG zADvm@c}{_@ctxX~>|QZ?`9go5p|t7khqlJasAZBkI@dqBb0;zKH~aHx<+zb)G_K2? zS6n$n4*D?oi8CF9URE?kWEwZ}oAd{nm2a*bAkN=jUVS_q)n)~R(hsPzg^oAYqSbeD zQkmmm?cn`O`W;ckN4YTnP)nw(_*{)R*zjbofXW-~) z{+y0jZ0DdX>j^RjCm-rp-mf1@GK(92FL>_eUgyi?07=~Bw(`?Nd&QMlsl^W${3=vJ zNRooPy(mym&dtZ4b*#TEwQGd_Y4wg}jf*^D*~GJFT%$Q%{FE%Wh<<@Nm7=-Q(IjSo zxo?$4ANBUpmz}+4WTQj3@*3*m@V9HRF4KRwYTh+a2(WDItm{|tXOC1$i(Ph$*{n70 zvebx9{QPo*-AMm5&yAt5I&Hxf89Q=@ghqR*@FSWTQOnQiBTqQEP})&wpF+ZLyGwu% zZ4%EmC(L)~vSOE07?<$vV1f5A+E9h{H7oJGsr1f{k}8N@MmrwvS;(6{y^(nKx8!qL zPqo|Kui5olIj(7l_dd1kxg+n(;+0$0a>J7E+1IR9X>YRWq`vjgQ$73zM;N}_{@jMz zR^LxlFKX&G+v?h#txZo2uS+<0*3oEfmphU0CCTbpDUrh}WH-L&FQGN`%cPVob8L}{la4()4DUZK+x7tGxMR3)dT57- zSXz9+k{g&Duq3{J%m?^|azFcpYRT4b0{LyKR#IYDDt!y4-VwQ}J7!jO1_dtf%T^)c zj7r)UuW}0E4&(AxTkShbwPQP&A#g>nGCa`1uu{Vo+fqWsn8I1^%`ms*Rcs*A7HKaWCz z82<32{lT0XSDJom={%S3gMeRq;G}}Q;|cUkM$*uE&ifK(1_*_#e;=hTJtR)^$BYRo z#;LA-`TERJ=h8a;)c6CSVO;Fy#gN=YFN>aKXAXQHIR%SIebHh%2mm=V#K4r|ZOEC$ zNDyU)qR#1wd{tL^tejn@AH&>MH=#yJzQklV#=HCYfmGJkyViCW|+qs=u3AR%`!y;Hh zelJG!dBeZ>e1Mn-zRdd63|7l*3w;Q3W;2i1F%G7NDUzgHure6Wu7H`euSk}W8 zu~=&nX&N&`jUhEXe@1_xP|=REeytGE_#lJ%Eqr5gKzuJ4txQ&1ceM>jov3^Z5aI7e zfdK+t;xcDO7)kgR4YIa15$)|z2Z&4d=GYLsi{ODVYkgqK+{@fzuYm0L~ zzsOCU8RPNSJQmhkQ3)?XV~X7j#vw<5jEIs;|CzWFJqNHQm&0 zh7H>KR3Au(*BZzV?i>he7K!wV(vP#HszQE<^#4bomx~0NwUs(xSTyGp&I$7Pmulq) zB)>2&g8ZC(_}>X}2aKvYG=texyjMeKqi;ZGWrSbOnAx7>Mp4S|T{y#$!3*%OsL%V# zOn-x3XYFc!5xYPdRne7Qo4{Tz%ynnBTJWZ8saf$t#@8QeV%l_0SosLB|~AL@;0~9NQ&(whv|`Ppr2JFXAtbR$+f@b z$c8uRv#TdEy%zvalGzpk1P_!Bq3B7!xJbgJ3n)r`L8Ity<7d*#uW? zq|fB2>4P`ir{N48&)cEaJ;nur3I5txMYXO$3?u<4xk$)?J-hAcgI(^cwllrYs@hzZ z=^*>sCad%@Sd;s)>J%=ua|>s}$-K+T@Qof03Co3NQ1!-`EDzQ3uo#w;N`oT4p7<}2 zXh1w_?W|ak?Q&JXWME25`6Ugp3}m>fTS!`X+eN%ZH#Ki1^qgJthU6yemq+h?Mx+PY zq19UWM3=sL!Usi;*{y-IQ4G65C5Jdhd8R`uw03-Q|jWy z$_T}Px~oj%oPx4f*{WfCUgEoS>{Bmyntj^jmTS}Ukz~1zV#g^#V#p`+q~L;~^!gX$ zAu$N#6}D#vfoE8!e}%P{kThlZsl}^u0n@jC$}%YFZn7b#!D(!E$u+!vp z>=Z&OwwHE1qz9ccP{*$1+v~UU_fWVU)8`R_n^>l7TR}lW^%1X;#WJpeYfq0+>ol>Y z@k~=C9=UBYC04dn>12@8y{N=edgnf+t0}!)KJ&tI*TV2vZ?bh?nLQO90$1R{Z&;Uar)133fB=+DciU}F$6 z@!BoJFSvKY{r8-9%!=`)we!xpi`kPFp2mrrvRC3@;~g?#m}aDZ9hK~nAF&MtM1#n- zS?z_?D7=TfxsQB@8L4+a4|6abAfx37DkLby+>@x>@a$a{kI&S@xRg~9$e00KbOjqkHI>nNc5#NnL$FU~s zGur8gqpv7>WM9r3*zDMY?!?l6AAxV=+*8-@X1NQT&=G^&G**_JK~{YRjxegwyG@j9 z@t|^*?MOM%ZXvXYfe1;yh2uaYSr?mkzNzD%Evqk-lkfN(zR8pMG?e&0y?Pr|N+P{b zZ(VE}@`H{5dFq&9uUU_Au+Wv+CSIqZWIIgE6^VKp`7{sch-SATK6$kdi5D zz=jGQIzw6WDpY=0(=jE_^WM<}iRGM#t}1C}_%?U(>`ELH@khnI7cac*PJAp!a%Xn^sV^D+GjWGcwg2vpJ zq95BpJi3BQkr)a{M`c~QB2#*RqZjycD@=i-l1jl!jGI#Z@4D2EwRm&7u4UfgWekj( zmVS!66Wo;BbO_9wNt7{2&a3tQ4M**0Z*Dp`YLvjxu9mCl95AVWfmCLAjR?xAIZPc> zLN_WKho?qO6)`KxT;<+v@{Yz?9)7QBsZ#Ka()z=AMO9P6?2U+W{$$>a`vp-dQ~5=GO?t>WfA0S4S=BwsM-RznHFtX!(#) zH^8i1vf7%0g~oOCXQWqtggs7mQNJIr=4M9mSnnLEAx&uH-kc^9v-41^uc-$V^zq2U zCqE*0?j5XLKy@%lL#QIOf{iQkZ`6h#{kX%6x|o3JLy70Y(JY7D4so8uH>F# zO3&|d<66{1<0_48!+GScoJNqa*)QO!-!R|qL5JDO^;-vcN&E}uRzoz3f%s?inr$AN z!cL!qX~@b~RCOhrE7D3jHhXUsy7Q3XTjk8U$gOk3M^iT=*4&8K2R1Y(&R^NC?iL8U zyE;cw$;s{#<5Ul>64g#X-0yV$Ue%#39(6HV0m6Wax9vdEw;`^`)0Oc}NH_Y)k1B@) z`#3R)W*OAH_7kHowvp{Da~zaeybUjcEqA3 z9(nphNJ~UZbL(oq@&T4}1+_y!(XvyQ!BP(hZsPSFy&GaWYrTU$dOHX9=>!Nv)b9A? zMcMXHl@`wpF!lf&SRW+ou|24EfKp>ys+R@kw0Np-X#*L(AOo-?PKmAk#VyZBfRDJ^ zJwu}oIy)o33`=b0GQ0i_d5A8**+-@VBy=auJ-%BPzMyd9k&{Cdu^BZR7!Wc<56oFZ zXsji91n8i*!LkB1_2unS^2F%8B;$beJnY^`moIwT$Sw`HP_o4rN0{CS<|xH>7nq+! z2Zv7Szwg>`Om%!+92eZ)UAVdK#aw}=67}U<(qQFeT!fKiHcIY!9IYgVjSMmFM>DzQ zjc?nDSF0454tt_|tUQ@W3iLA5#j47WNn%c-It!^~cBpN8D5BY#bM!7{4F|dx=Pyd) z#<2Gby4F%!JzNd`*;!S~QC%9=OHX zmkaAA3YVxowN%riU+nVGeoQ4QHOkm*yWB5tE`TTF19#u8ylFxzx8zLAOmqCg1w^Lo zpvoUzI-vA6v61kuVgzFjq?jB?*)wPB;$_75+V%pOaH|2bt4ih4ZsTep1z{AlOf<1E z9nSbcsJz{Yk?|BIHVC$>+r=Y>Ld&sr*`0Sw7{&kW({>&g>C60MzzXaWR13EhPRU~A zVyC->JHTb+TNqxaHtv8h3;! zy^&216|m^L)o+MM*Dt56oYYWCC0xr3+~@0#3`h5D?)K`+gMr?RpZjT_^)a29-2i>` z?Lhu|-%bBau?HvbpR!Hf5xrPBp)z#6M4E?0rX4N5l2BRIb*P8jN~H~4?5nJDsfkBu zA0owE-7v$UOv)xx@+14eO&`H9NmwQG4X#evs*_ifHd8v!(orqmp9>nOyVVaiH3M6~ ziO~5{?xN-SK{2rx=D~>JmF32T4^7(9u6B?pzQn^0KpVQdC&w#kO-?mpxiS?8Q}Xg1 z4sNhY@n~t!{^u2MNgFm+NbB=JdR{5)+eL)zbdX9t5=l^-Z$|MoPqJpt4I34XQDa}5 zN>tiOw2j7U~jL0%KDo(WR zu`oyotjUkBZy;?nWL8` zdo#Jr35Sa5J%+j6)VOXxRnE|Aur;tj4BMFzt3KWp%w4B)tId|X^HxXrZNtet`X={g zg=(RtgNahCb+HO$FO!uXuLMk$D}`-tjPYc8hkOjM1k`aU(H}${%l{XuP@i_*PxWf@ z-iu@RR+%bEtHnF1UK{9aU2~olL91)+xE+$_a=3wQmvsp!zd*d6mi!#Fxj=t)9)Mftk-|(!I2S3I4l7mCvQe);cv^H`6Y(}Y#RINo+8}nW17U!zoWe;g zaAgJrV_?M(U9)1D^wY7z1YTv`D1DUzlZY#yKB$JcGLNGN-04>CEsILy{-6{In}m+x zQ_38f<3dx$#f-9p>cB1&`g8&UdegH64x`U6al7 z?Z-8Wbyt4QWaM`xOWUy=Yia|?bA#D!CIMW(1U-$!_Q{p>yDFz^(S3{x)+&q|)rl8j zT<}PC<)?zCklLM&ZbVC=TubL~-ZswMDV;BK^hEp<{$%#kYP;iaQOYo01M{ugK(EZ2Gg)^ zczesZwfL44i_OJSaI~Pm@GK*(3|Gb&Lo->KxQfnXYo;&4Mro|Nf-sg^PT!2#R!d@X zx8vH!P|0MR`@8_Ta_SqNzCCFfv(SvfA3$Jl5Td2n>)CA)YnB?d2Y?;nEo=UTMG0db z_ui@@MPCvjR%cyKNNbQFC-{BXu2DJ2RW4nsmNQt_jXxWEub8{`hz0di!Q%vTF(i&d ziuPL>b8)E9_KCHhomRa>lL$3Tk9A?{foU5P3BPG3G!}*6y09L$*w6j%ENtk3dqEm|U0yqo>r>VWF9q&S)@9q-CJNdS;+mANc~_>VOw*E zS@GZ0IYg9+0$XAY@KGj88lf|xas7k0mn0AtZ?@ewv-E_Bk~v>@+Gbb2Pm%`l?h}UH zN&Cw4@3$6!BTlYOt^}#AzJK?%jmf7g&;%>Y#BdeidJHCxkgeqJsFGigo()VvL}@lK z1lXW^(bnzrOyu2`T3XGna$5l{hFm@MG%ZyrUZkvL_&s+y}VHf-u`;tK;E7e^1(|_ zzvFgoHr5tybg(WI&}BuAHe|7D`}bE4xAka@NwC ziPsX5-kYPI%6)-DcHW%#|04iJXbHM{#b|xxaIQ3@eb1tcMjw+PXSXkmM42cesXixj|f3Zdx^Y%W>|Dm$DG1IDSC?xct@5yI`a|5BtBs z{vFA=H9G;46Fyz2*|Eapm}D3fvY~m-M%;3^T*Pw7n@>rQs}}O}e$2z$fOxB`We=j3+Eio zbQ7m_p|2SkN}jxPT{;$^6m zJBrQG?W00Mj{v6mvKw+Z*KsbWwz~XJA$u)2cgH?sS&aZlS0^2JjW(*WALg0f#4;%iF_8U14G4A4(}Q-O{}gf@^xg zr8|H`ED!et7>E>!mepz#&JzM@Vjm}VG^LmO@wI&Q)Ik2*c_L{PDKya^`a7<*S51Aa zs+y|=G}R_Ia==c=yjMV?jP@?d=HXV4hmgMedg$`R%Ul{pG1db`Fabhb>#b|K@aQg} zi%3SMikL6n@@Uq{2pqYW{htxwdHsjhzV2i`P@EZ{^xFWVt4)+J2VA)wnV4xDe}W(+ zU_N)c3+v>0S+-V3gmlwc_yw7@llem4>{iPjRjvjHj%yQGJlI4WgdK)6={0@v!$uc~O(|3p6 zF~NV=%ZZ? zyS1=S5={u7BDAgmwaEU{I7cvC0-N66!U8JiPqWsk6{W>?Fzh*hI}QjYge)y|S&=)h zW(QD-7BJp~Rgd8YUCuzh9@X?a8|UA+9PZK%<8rIpjHVoi6hVEwGbjN#ZVgo8MrTz2 zc>a8|?^Lbyg)Ic;MiNTbrvlVs3>pBX;Ps3#;NUmV$=634rE#cWtzc$Vd~Y1f1^)eP zqOAo3x-bqg*cCIru)6&hW62Jy2shA)*zXK_fl(CmlJH|Sf4X|QN*Ffnm62naFPobX zmjr47k8{AbbCJIH3Ak^y=;EE1U%ddg+~t&N-fQ`ug-|%3C8XibvTDNw!_}OLbgFTx zU~O*RYi089cRhZbsqFAdlMko98gx>-63Dx}u(=?Wjpi~0e!5ooidWTn;aCC*47~$3^=9`5g7>+E)V@vO~PSko9 z5Czj1CeD)U@>DUP8f4-Q1W z6uxb?%fEl8K%?M}dg*p5j`sm})A$bRP)3Qpr>kdri<%>hFowu1&8!xLbhj|6dQ{sw z&(3?~O1Wo`aOUJ`r5|{_MDLA4)YF&WSejtED4Rc&Atk2-PEDr3(6WONvHRS0iYrS<} zT{}k5B0N_2RO@>aaYHOF>9YynNj#v|^K{*ExVRk_<3CT9R&8GFKDzS4rl73p1<7Sb z#T_s9uJ2RaA#L(IT?v1+Oh6>8KOJxOF8-10coBu#2{BL0U0RF95V-dAyw^k2jx!A% znr@5pv9~O`T0)nkJTWz#H(@86<;;gO!wt;yWPVEvZ!|NY+D7J(inm&7knfOewvsMpTM~xj zxV%(A$~9@7DLTK|#U0=y!%_5Pl{Pv0RRV3r_iExNNqK3iIOnQ+~Ni7o8ksojh6e#`gLNKi9&J zb&BJcg6jeZ&?0SwdLryAkeXuIh48xIrkuSRT5y=}9YS_e*}YA+4XY7*NAhvf1q zqjceVcYRDB5J!~(H1ND^f~m4YyhAv;gLSAn?o`1W($0@cKj`D17~O0c{_*asQh}E@ zMca<1+Ya`$j)Q*qob2LNCTS93KAKjX#Tn}ahx5y*@k{ZK-Hlq&#g<$LL*LXKeug;^ zp-BBdRq&6BY0D++q4j#|52Ttd4~Hf#hda4*qZ6`^Oz+Gh-XiC>yk1}ePttvYMK&51 z4+X?>d2g4)xhHP~yAL~`>I?9P(O-EeM$N5}{R?$r190T51OH=l^qLN3caAOnn!CSU z4pmHLh-zL(Er8+DgA0@cNN35bHywqdiHfsZKhd;1gjo{LT7S>(dwd7jiC>uj$ot4R8I#{HtTI0q zd)OSGWNxAe?RsgM@2+ik55+&oyKhU=rl6o#U#er&KiZsDKPu(zmo-_2|9aOUWp~@*7JV zlYjTboW7hRFqF$bGU~Xr?FjeYU7e41_vD`G)JmBeS~&p)0iMRb!?OiKy*8*ty^2=t z_*@I!!CsJ*4alc+<48c3RQai1#3#Dv^Hu>*Xau_5u zzR^94E%m_)v%)*~83X$ZB`ZF;&ZHKXVjd5>bO_8R#}kq8{W(5%OB0$Lx`jkg zBM@h>EZ|*n|BFLL+o0ENOGVE5PJ5z9BAo`IYkLUpw9L{qV&}5Yc^OHTg5r_pN>2Z2OWGB6|q_ zQ_pau(7vq2tGFL@T|?C3s$M zwa`H5xnzlAu_x%yrF4pG^wsBnH}kdGov%@X(X}R=ercS5S1l-l2{tcSi0!xyz$$R( zZIJ)!vHs-Lf$p(F!4paJ=jYYappD^zMcA;UX*#HqD)i-~{B zP|;y_k@AyoVYO&)RSzKjndUwQ|JzdGM-5o&wTR{*IKFf4chQbVzWO3>>HDD4cae(| zoq-}R_s`|Qk1Ox`5}HUuNnJnV3KbH|8I`-Xqcvp#< zh*AD3*5czV;+XFvX5Yt6-j#@0=dZ#$|1)8%;r~$-CberuF<Un0Uzj8;W7AWsphOVpj#gc`Y+66Qye zUx7v6kBsM!T~4v$Kh=m}4Q!gw5HQmNvT}o$MtlyE#CN$#Gr&;^hOto9%}N)>9cm6C zu|6eC4x_otK#_L_xj6ixLrJyzYk|umvC9Q`$GJ5gV151*-?PgvS*u69b$L2})O1K{ z=VewCF^v&Bb*pkZ%^&mm!6n1c_>!>;gmNSAoL$eG0u;&BD7QQuIP~6o`E|Ui+sgbP zZGRWzXZ%T*-xp=On3}i0CJu8otED6RJIld{!+XGr;70{O0!6+3t0wj>wQ03JkT-R` z0#Ve}b%6=M$5oe3TJtgEN0IQc%*L}uGwZ}Nwrm2(wwNe^u@a!(U7KTRJHtjoPIYJB-pmtET(6Gg8A z#wCFp#7)wf4Tpqge*7;)>Y6N~2}TtFIVyP}5fC>JJW)drNuxidduB~OPP+qbfTV=0a-ubP|tOMwRT&(#2H?gT*zmoE+U+ zEV7r=k~`k~8$Hf6Ew}sml#>I$a^2=KXS$c?J3arG1w}meX!_x?QjS1IJ)-C4qpV=} zzAyR{*K|YLUp(%8@JZ!Fj&D}MwTcLo0Qs&bv|tc>)SSQgW}qA;(42dy^v(j!oX8iW zT5LMg#rkA9=BD?c-#cnfP{I7bWS_MrdF?LYXpJh8{4~I`5l9ryMkoGcR0w3*#}43O zS3)DL(ZS4<*tCU{xs6ff;Zxmw)X8uP-Qr1P8V8>AJEGGa9W2F5&6_+X%Z*O_*D$R&}MLrycEp1Lj-i^rT&8VQTrOFu=8bRy@H_Cc!$MM1j zQ+6;>>hLL(4MD`|;2XuGN4q%9D7)m^|;Xj*J&F0x;%2Y;eSA;NB&-GJF`H()YQ!&67Swm@qO?ly>cv zXawFDB))XUNCJ;&W5G@km2vj(f|bQdvZS9XJ($EtWE^V!9UygJ)O*%6%dq6drb#243f*?gjL}@aLf>K0LijXMG=m-c17CKlE zkrE(uQgmo43XUj9jgA63NKs0NG?9{_Mu`$3ArS&Z2nmEhLP+~=n3-pE#(Cc7`~S86 z|NGu|)?zIn<=p%1bI#uTT>IMRI14yfMy-pRG9Ytw?vncj{#qT{t#!95d4lO~l%a7M zasYsU;`Ap&*0XA4H-tkOHPg40=o-C545o$Vn70~Y-?(}V*t$n%72I}E?Y)FCTWNgJ zdPmR|?IisSJp|?aJyEvRMiWLJ2}d~e)?fN(xr9ncS#bOoO?cxZy*;#q;r?NYYkn!- zaOcAZ*bqYAmJl~{7R(;ZSyxpFAb)^Bzf}F9PP2sGI{in2%Xfy!Bx4O#;2giJF`>t< zJX(2TY`Of~0yOqQ5FgmEU%o#?CQ{z{lFECIZM~?q=lLu)z~1Uun(2`=b{NDf$#Ed0 zqqhq4*fp4&Z7>Gr^wQoZ#SK?#FGas0c}vj*FkMwzs*)V-HEtTN+&tj;ntZ0gVo@8s zUbonfUI8*)WW@XSPKVg>JIS*I;)X%Blv z;$@~3Mf>}=?>nW2m^r3D;{eGhBcW$o747&_+!Cdrd*#+bw>+4__*5TJ%7K;E-Fbdp zCMra_Ai;BD;mqsxt(_)?lbTk#UMyboYfV_8NwzVruutg-wzh4IJ4MF25#UFn>QBQ2 zrkFhXWflWDW^oafQTntXPH+eR*GX~CYF&jD(p-I=!h^Z0`S8~;o*-fi)P{+WySbLOfE#0+nlwZMM)b|$(?gL^**>YrC)JC@~4J?#Xbr6n@B zVpBPD;6!;W^FFCD{dP|lZG-0vGTEXCx_F&^w5a<%8H{(Wjm*&VbY{LBpvAQN>FLV? zy0Yk5iY$S@;%nLfY{*eZf!c{OJS7MLgUP`}g1FAjt#q&f23;QWB;CZ#nBf)oy*K5O z5yq~#PS@9;U-0VCbEVZ;aVvhweHkdYm{t%`ZII<>zxI5~ctvny+b7O?k2M0975d)$ zVdxskvkYkYx-Cy&6+ooiDG0bcPH7m~myxl!$I|dy3Wforci7{+ z^yqfAkS3B^#`0y0K+MCmnjYJd`pt_drr8It^E?zEQB}m-fA~ zbRXUM7nMDI+MF(b>K)klTGILHd&B3%tHNx!#jj9CL4^H55t;2DZ^-1o}yNAB# z?^{bRP1nv``Rz|<);!c>3VL4vN_<5NT->YxR&~#{0NIC?O-bv!E*0sof#PaVwk`gk zq4=px{AI`#I3dJY`=n#x`((jRh3=eDTa^b1Rs&4E&c29@px|aXLS^lh*Ofg7_H5wR zi|SrlM)dEvGX0&W-ARn+B2H&^ zRp`_mFJzr@r3d-Y$Lf;DeFelHzVYo3V-<}~EmtNOL0>B~v3jrBSv{TMfx$iO&VY}` zA#a1B0#0AA#ZLP3cir5~AcOsh=U7}UoLj)Nf9u7FOLV*uNutepKKpeJlmD2*g^D)P z>F~FDVW(BipB%oEj!7{-mFXY9y=owNdQkPq*w1yVwwcD*wmEetD2`PZX`m0(^}Zie z1rO8v5LuS;K-{Lh8Y}ybETw<3_}R{cgMEFj!04D2;~qaPaBQ0l^}p;^7_;J7NhIG? z|Fn=S@ZU#objzh5fWsouB*%B!`MVNcL?Si?EO|49&%Bv#LYPGP#?0xIWbpUU3`@RE z{*6Jy*$_xv~>ijiuX9`JU!0s*5*O)>PiNKoh>4nGqN~(#W>8`wCEZR)q{;xS}W;QHLH<}7gxNh{=;B1G^}Dcc~kI(eNz?^tdoXC zvrC7i_mpI&_Ru2Q1FEk0)ul~uZ(St-DLH{}U+W5+fpR`kBJ(Vt;Bv?`gjJI{GRvhu@eA zf7--MMXY`3A^Q&`@DB#^8(rle(B}(&$v-I97j&A>U_H>QWlJbJ2=w+}?n-efLjn5f zb3+N(IMBDB8_C5NuKmkECMYff#vsKdAY#$EOD{$GpsfRo;N#Nv@Yl@1p~`>7{!1V- z=*p#kMOD%d7u)#1Q4oipemCF%jqM+V^dCt0H;&@xKK?6w!#{a(fHnHx5Ch-IJzQ`y zxHV4c7dm*=65HpmNrmeON8NkwY>ibjSchNpzJEvvaxcPS3657zEcuaFFFyAgHvz5#@RW?t-Ga}_B~MTu__^JGw3HRU;`_OW zQ31GG{~w5Wx%l@4z#_HKq)-ygC^11UkWizBt-Bx!DeM~^p;M`x?2upKDHfU#h`0c+`e!wB)Wl-%(X!e6P@B2>QpZx`*6{V}f7Ak7 zXj&#XrJk}t78tzT0ZnC#_R11nUGdnM7sA=aOi7%Vl=j-HYVkHtDTR$wkK73Lm|-!` z>4_<|_=BJ>zk(N|J{olp6r%UVsGf?I_Km$iFXYrToOugQsOL)Ev&A9ChhXsN24iae z@Bygk_JR}JCAUui#ql2TxcTm7#V}6b@P#UEH<4g{xDbP<%1W*J*F~2ub%&ga9CV7Y#=Gfub8e}A~W9(C?%^W<<&*PjM)HH(^QK26yo}Y$~*Em3fYDk$Z zmyEgmH3#jWAb(7WT6!%^851+^7V`@hb(3q3l}j;(>SLc`89&uP(A{-x^MfW17=Vbe zKohkx_s@t)0rfA`8c6_4&MR0f8hfb+O}&)%KHRG)=+aod;8{Tsqx5|(LKl)kXK67S zN5Fa=es*Z;GtQlWhn`XOn+mCx1UjX(n1$>0GrZ1wdrZHs-`{*SlYJ@UI!BpMZQ!wi z5EEoEQga4F^f!@A#@zCn6PF4OHf?reBHgEo*JQOavx<}RiL9vRyedJQxx8ObK$PCt#E*@n6x-BRCr4@1(h_l< z%(TnW`ubBU9b5fU3U3*Gvm>6Co_uXcVxLARk~D}QLk^7{MKSk3SYBFN1XVQtny3VMo=bvL7QU zSXx8)@pl4~V7$kB+QG!S*Oj%Lfx$|0y&TzxvXWl z%J=9q%QOQ1m?ytgm;hdrc$((}FIUmDptwg9jtEfoILt}AvscXPkwNVpetFdp+BQdv%PP^H$bXwNoA?X^xSs*S8_ z^Lm8{_pH$}bMX1@h>FGt&9Tzfut92>aOc?6Ti~kqdc@e~-t zG?+PbKJQH(dwYZSrI(N`q4k++ymZc%Qd|w(;-YW=8Ehj7ufw=bmx4mLh{M2_H-AZr-QDqDxOQBSrGEUu%Qe9kNTX-NH38=h40T<6c&^jLr{z4RQXCAqnEGCulN*fdV#_Fu zNhs9$Ph#*bo>SeC&Xy$FnxWL&m3pmUj%3#fBr9wwyCQ`hGY{`9GOsNet1 z4tqx5y0QYlOsQAHewm^G{QG03+u`>8ZPDfNzp?2X4E1KrL8v6`C+FI%{g4 zn-$FWLjZ*2$!HYrwylSxxB3*lPZOiB;r_9vdV#a+)%mZ6gaZ>AHx=$0mgbBO$G6Rg z)LVT2Oo0%PXYp(;bk8*gwCFhDj0W-yU1KaCek6-xAsyU0*AkS6E~1WUhk8%oY32+r zF1dw?Y>m)QJUh&PD$pPz07gA9NAXtD+V*iDv5nsfFQ-O}TE}4uKhqj|@+x4QmT}+4 z;f6NF4yrIflR_t|F5N%lZ$QnnWRWc)ICAJUTxhU2zMF8o@j-*=3~CgZ zDa-D;_)PO?(AYTdW(OcdD)?1?J+^6{Z&_NcIT%@+jY*lRGW!4 z?ibfgYNNf8n;?<@i8dS*zUjoX7_&_mq3k+Yrik0T^Q(!@2Dw(DSU&s?D7-{ z`>=CL?5kYz0mJKpu)X?VVkEc3}drv4bC5;c~o_JRf-cCKH18B zmb}`Zt}$F{^GTyW*W}p};Y#=*5&6KkPF9MeeoXlOXOUa%T#@l_zkBa-CX~;rp(YXR z8^r-7r~B$>Pn}}tR^lqv(4D13WdHDmg)U3p8$|~XNQj5KC}!iw=Sv%lKQX<+f+7@3 zEu-OP4$%QkUDho>#W|XC?&&=rD6=!;ZDyaHAm)Pw zoRir?(o`TZ}1)}1s*Cxmjn=#B_b@Y4Yc+Xq~0-$14 zp5`6&9X+nY3_C^cDZpPJW@D+1Ik0soFG;S;qy6DVYur3ufO+_=E0p+pX7zZ6|>#8}lBze!D=m=*HQ4N<>(E+9FBkIpYJ!- zI4IVfEh6+hL$M@WC?L4Ymd4m`?4darYRQnv2p>_|#ZQt0auWk)mh69aG5e$4TY0 zM;`l$s!Y2#U>?eS_v{+I+7is>*_Lo`X|rJrJpBh1W>~Az-k1EkSP@1L!K%UGZw>v7 zT<8pndoQTXQD!9v$5sTsw@+y#)gly#T^@UOFKX)F2Y5OcR8H#1dq{e|Zsgkq(^A92nzCU5Ll3@L2y6}qNhQfIBY^2-n-~jl2?{L9E&MU+* z3sz{X5vCDFavsYuGa;O5dAH}=Tn$WBmu4oKVi1af3x!V1s$TUJKZS$5fZ=Lfvf%B2 z5T-Cfi#UKWG#XLl6~V_uBvYHMTDjClo(VXcMPOZxHB}(^CHs@1!6OG8Meb~HfTS&}d?`$X zHY}U@uN;z3sbv>aBO!y|+{~|OaDpl5(j>=GwUguVy_uW_xTE(EhJ&*Nyc=SJb#7x` z-wlO}H0$@@fZwE|t9ED?l&JR3vVW{$qv39P#m`heA1G)#{{f5sqqaJoa>G7am~1{b?qEWU%`35g6bwZ z)^o~_tp$TSZqD>Csyg>%8`#*O2ho?kXolisfv_J~gTVf(X|~rabtoY{mdB4{*F`d7 z5@C&x-KiaC*eBURYQAXFxUIqn>HJHj$Cv0?V0u?G2Q9egJ}~+vB?F)TtE9dKN>=*>=sO`Hqz|`x5xv^ zwD8my=6~urHkc%!HNd;yakgNlM(P?~i`1Kag6@rWSil-{80KSz$4^=7$nr)`Mjd_t z_ybMbMuyvCxYt{9vAx@24{cpnO=mOFA^!#pE7pBYcs3yt}7kmFMyixtz+ z4nrwfbHtdAS^xYT{8MlJP}Q}UFjK~rikSMmzHE(``TaQ9;(X$n*6+83%aJTGmaU$9 z&bjfz0}E+j^-laSv8M|wdFB@db-J(NK{eQv*4|q+^8p6g$>R0;9U+KI^`ZnD?FmM^ zpj)#_D^xCA+k_)4hm*vp&|urBb3^h&HBbk)xcXv-XiaOJ$)pLYF!?B@O-VxWH%|NjpMga1*) zUrH4I-_D5qN3%_a4FaJmL`=a!C7)W8sW%88v(-m6R%ZNtMqsbtqo!yenX1>6p2HDg zIjv9jP96TZ_wQ33MXY%3=$X-!G>TxR73bZ8k8DsmQ71JV{*~Ov667B?*t5zZ*YJq) z)K#Fg1Oz(rIUHPyS3rr*C{pH&s4Q7{pkLKAxe*(vBK}g?*WZVE*K(A9eCsc(w#03<2MV&T{PB3Cw zPIPPXF!0IZXy~6m+3{TZvCh3SY~;#6i$IH=ICO)vm=rnm2MadA(M!Q$-S?plz{{W~ zpFOdIQMA$tInO}X@ke>!g;^Y+&s|B!G~9a@SxcbzpCxKyL_r(B)Oe&(j1?(JbXpfr%dbw$8YL2kY4vg_MH!a+l{#SO@cEBOW` zz~xT}C#kCxH|}Ef(dw%8S2njUdjQe8i+pz&^u!ss$9ivs;-?Z{Z=fhDz;XAo`zO>u z3mdG)kE*Y{Vh(&--}#>}|D&+~ny{t)Q%w!ReT&w>aPc|(5|=u)WW=e=4K2x#PULG(jwGv5t2P?BpD zei!IZsu5ha((%ZSP6Lj33A{ZFdV^N%i2bc|gefF{;PWwGJlZwhSR_k6=28efzxotpOho7%wu{7EKO#q5au?P2MS`zBkM)HA>t zBfTwg#=u!U@k&xx#C>ZYl1DWQ-5)Go7w@*_RmRi!Lr{GI5X`v51OMJ!lGp|^u@&_0 z={-75FkVril#JlmMu57eUse7(POR3Y6(-ya;xY0R9@a^k7|s-@ z+Y~jU%|Q9v+&4YWcQV|!L~BS<14t$Qo>GL55>IZ?j#YbY=tG|J4(ue6sr8y`|u zXSvhmd0`IXWv-&l+Cz)-hpZ#JSK@8&P_@hl0@2G!ZVJNy8% zG^)=Im#p;JA(1_L8L&@`IHI*qk-R;wiN%1RHqdo-@)7rDgYd}-$ z{~BqKfJ{z<+321J@a-q})agFjYnuOBCTjEjU{5I=CYBtD${3*=+Q)4gU3S;4<^qHo zatjv|hsvjiXnJ3g9^FyLneopx+=6bknBG9gD$&GM$m%OJHzH6_nfc@|7J{m5rNj4$ zTHp+o=-95{JLFqzsb)`3eAkfo&S{TU)hso+iNlynBiKT(eBYF493-s7nNr`H*HF{W z_RqRLP|DB&vf83!k@OJW^*rEkBfqqip&Q%iTHSj!+=JYc=O!_ksps#bnl9vJ4OxuP zr? zGe{(}22zLai|WG=J;U$~L_u_ocZI_@tud*C?zDOcMfGTzU)V70-tN4pk4UwWd!Xqn zf3=0wc!h_L6%R`*jy$~KG=FaI6Akw*d+@8f&*x0ygCB^dcij3Q9)qA}nVJ;1d09NM zv!ID3lv|h1oty{)e?U%%*Pc!6sB7l8ucoEtB^%=nTJ});bXKWlq;3;gtkN3Z%QsJs zxIhf3Ryg{4#oLkNraM>51ox0SiwXqVp0o}l|((wi$2<6>%*iHt6~W-i}jv@OQI-tS7J zFlXJ@qR_@<4Xb1E6Ui~WtI21#iZ6bQIpAWMB)?;Y@cjICx%&#tiy-)YC`7d9TD|N8 zwG2GHU8)Hs97;~!+EF92(D`xfxK{FP#kkm`Ufo(ofG}Svdqc3VYZKQjXy?lHz13~} z3QowrOK70?4*CguWz*Dpyw@t&#Vhd5Ij|qO5gIQ|w;BJq>Q1lGJu3}*$5a{HO^&#m zgewSQT5nH=)z${5GfZX2FA(ILGKWw!GyS^j+k>GW`l2m4zPq7uy6tG(EWO!CDZk{c zse^f{iuo3OOL{t;7ox@yT#jVfBT8l3#;tThB>$%So2Bj(Bx4Xwsb|SoUj0ze#6A(^ z6TANLFUz;Jvx1aNR*Xr6QJM}DKFS97Ct-J1_f^bktmboIPGt0C_lD3|w*#8j(xCCb z@b*h$UMN|$$1nFE49$z#`i)n7J61K7^FEXRk^{T_!^-}jPVvob7&i&{YS}Ft%if0w z?_o+O@%*8A&bWVn0pmw>rm=%qH%kWIgXTX<9NzskMK^`ojw+{rQASraive^mv-q$DCpCa zRS6_Dr2uYwLYaiU4*>e~vHxtozrQ^~IheVpLS!8O@ezLUywgvBc2MQd; za{26!7j%t{#d`S_Z@1h1cpMK&-@qH)8s}`c_UXG3oSB+!b$&0$jGR&{QYmHj!m4L; z9hP563_x?WO7^KsqJtf<+*+7;#(x}XS*=&D@o&2G^9qrxoNo-N*O$~!10&XR!F$XaEY~U{sf#{&~T9y%ujrx_2j#uvK?Z{kRmxM(wQcdVXs?;AZ&idgJobD=0X@*a9x!(tuy8U~HB{U*y;d(b z+3yTAS>$0l7TPc$2x4%cM?lqf>MLUd7Gt;9Ti)4#E-psG8keQDQO>V*^&6gRxo%O@ zyhRv(72ZH*>C5%!7`@<9aGJ=2)hNCI7>i>Mub=hoC+TKzc`nl0nsCk46Um16e=Ew5Gh5f(^sHBj=H)mpWZ{LA#i|T>x-%^D0Tj7F6?OR^% zJF)eR`%)a)_u%yMJ&%BW4^PorX9#ARqIKJ|6KuT!EP7#V3U=FazX#(TcfQp%V!A#3 zsJ~>Ui3>*sXx(jBJ>)e1({y$6z)W+Do2dd&dYi-4Pu9NE3%6x-eFR}e8~pH*}r%wX5yR1fKm%u+vY zb!I_;M=jmlwV%I6z!jtyQ~db!hjS2cNNFLt;w+3o!-QLO|pK$w3C`E zqjyuE?a9hGhW^NBmVw1ws$`sCt!}Zl4;OK+O>lM2G})59Sn^otf5LU78%8z+$R!}ZaD5>B}t(lWR& z%1hdJX3c{R*mF`@rbAjHCaj9i4!Ko^G0Vrz@5q2z>5Q8u@zMGygG*u01aID#cj@OB zzpeTA)80*5TW+uB>YKJ#Q+^mH8FfHMbmYKkgrvg^8`Eua_i>2!w4wSmh{d}mi~A>H z1CBM2FQ8wTz*g>KK{w7#F4*&(v_E{GUMAC7M&>3-cs82T z(rXSY>Z-V~{=?=}-UPEeHB{2(fLjd4kD2;$&GN%c{c6y`l$EdzN8D<5u!WQHhRv$q zCc)D6qbl(9M8_nwpCD)XCU)KNss7ROBPZiDcJe4<7tVOQnbuu|&t+cZy+jAwQ93fW zK`DBRKKM*rmH(@kf9u|rt=fN(tMK{0`vSIp`g$rfsfiir1F1VfV{Q+;W2MEP9W-wk zkW%HMbzL`SNroi~3Q~YGnm&HxoZ!eXYEwtQUW-a)m_Vna?4k#ch#(ahX8KfAIUuK5CC;gNG}cf#I6 zwAstxp@Bk(!*av%Y!6AGM?(m*;RerctsVIpL#Sv2FYYvTsN2+w=8UF3wM;vPoZ5(| z0o|TzG09uYfY&NG7tl;|B`PZIJldF-h1f&ema(#r{&%kCv0}$|rQ32`^fwAC?c%qa ztax``HS-v!^{}XY>zu*0y=%6N=+`gv6)NE$%d;rlkbNPV?pwkQ>$)FSLTLPB5_dPh zEtQ(Yja0W#(+sNz7uTAq$;RL1>QW=e(|6(evU2z0PvCkuNKIRM?Cl=gXm?`k;L~pdxfgzAQR*h#u~HhxH{*vvvqnTtT4&+hNO~JuvoEh5u zdHTl%(>53oADBC2(bdMIdy(p;Z-KpLO?BFdY)E6Zw!doYxPVh3dtR;4fX_EH^UXi& z%@yQUyXNqoO!n(~rNCpGM%>0yOLzwbz68~jUQQ@NuSnyl8{G^K6eG;SY)V#MNw)cl z6LOLs^?W4%y7sX2s)ZB(21HJXiU-2p9S!)XvKKT&-OsLmDtPqH! z*l>)r!zcr$Z|GfTPp{nngHEXGUsXUkUI6NtrcdtMXbb(`-{?u>s^*=yWax%f;bNMw zGM!qh&ms;~d2FkEHP{khOjf9Hn7NB;ETG1RBBC~8fU~wi7AHSP4?hm3gZ0<1(D6T1 zt#T7U+urW+QI+y9LxJrb;-}BsGBh?Fm#CvMYze(ZPHk^Gd8nBR9DVJlB9S`9aS_3B z!}mtouwG2+Ml$d{Q;VHLrFOo1Jg5HpFj0W$5mRFOMODW;)k@#ap;LJ6UfCH`g=E3@ zeUwcFaXZ?Jj#o$2m$H$^1jeK^wpU$4+Ay}1i8nf4HY!$05(J~bG`*A_j{}f2TTWl; znL2xZB|HD;lBgO#dy$e;4Y5~ZP$E!DXK>(VI>zvex?cDW;j!!t3B^X@nFG1bNFyAj znc<0+wfJQqiq@a{z4|$4+1q1J9*@KhY_FV|oM4)MdZ}vKv)Tn+zpz(+ps48`JVJN7 zV_e0z*{4+u0dty@y~b-{;E- z)6g$nTu^Fn$}pJ@oFMJyE5g8rnBD3G&kV~m$W#I-Y{8W*HVyF(N93QsUGT0q@?tz8 z%ClNITDlW=m>12Y&2E>k#&InBdsr2^@8d46_32`@S^1;AxJos}1Ne~Y>Jzf@4QvS$vew2AdU`WBWt~)61)kQ@G@#=3p}zIJ zWJd;LbOy6?aq6~~9|3PwFKRXE++Ki>Z^687QG7K&mel)#T_RuQOJ6ZTU=}jAWa9Cs z>W~G3t*h4#SKSYmyjP4hO*k3}y?lKr<(T5whXwpP>boB`@g=3cGV2ofNwj`y9KS(1 zQ!XPzy>PU%P_+ArXIZpHaz;L`Qc`PDsbqbOCelD-Rany2*0vMG+)=oP+VaE+!OZfiz(o4^YF)|j;F*AJu>xH zQ=xPNa5UHf9HK5&6+pTH*dy05=r8vh{I@5am07_EePdQ-x)_f?zeS%h=xjSI>3wlb zEd(#cq+LObZ^0pM617;?Yj?K5a^1jtP=TVI2RUv%+|bbrw3p5VEBQbnx5quwXMfXW+m?oyG>NXy|SSvx76G4mMevV%Nomu{Y1`$+nbj2|;Ea;)GqU?{4$p)-B3`iQqk^Z(!KT$>=c<~FcD>5< zZgiik%s00Hxx>XXRnHcOf@W^hXgf?#RVHfU2a%$R)BVWqz`>$Q#vD#$h`6z{r^47< zEC@OfWGHS>MQL`sHNc~tWr2(PmSB+OAaaV(Q0*z;-+*Hl3N#}WYf4PFx@|dWc`9_e zYODOGOtGfqQBA`*X+t4!s(Up6sn|ky*DzmH#JtGBn{=sy%_?PO?WFFWzw%AK#C3XW zlIAYfi$LLQ*W$!e;H&N(z7mt7Xaf#9NwW8lKv8q-lFPp2wxCkqJ6!$2DR#|FMxg>- zYh?wuGs$6lUiIXK2ES3zQH!>L7`;J-vydH7o6UuW&mc*L_WlKPhSxha0>-h|8Q%{h z`?y-Au!Xn)bLJR*r_laJ(2(2myYnX7{tS@(8WfZJ0)1)}KirQ2GEd{Tl#Z!w2aKv! z$U`+N-8wC;U=vY{akJl$LV&w9WQOWyavXOA4QZ^F(M#@Ea?D_NcmiSoDzXISY! z{?X9nMm)9|PDiE|ZS97v%_wT>FDE~58gS0cQ&^rU)oQzfR8*;=c)x_6z}WY)^Mz4( zd1YWwL$pCkQ{py`U7x59E~1%V9=c9SaJ)!owr-YJ@!p6A0dZV56R zY;6wbEcNAS5bC}c);^R}K$XI5Bznr+Z$YSXA(PhQYWj(!VK_#lhBuXaunK@=|BR_E z?HsO>cFEl@lpICoLY1U!oI9!c>x)J^$A;krSBFfeJ-2-Da&qC0EE}xVJ7^;?H*4cT zqVxLPFNacuL52m4bm-2k$*GDn-l@y3_Ewq4^iL)dbQ=TKQ>8aZw6)PnPN&$-=FvKP3KK;)phMR^}lG5}#lsW-o#5)au_;ZXKCQdD8F z)+k|pDN31IqZq#`)RJH6p?2FI)g$GR3~H??#@LcihI4q=);~YWPKSsdnA66Zg9|x6Rtm8dDame_sDunU>av6e#YpR7dcV9toxz` zKeW}26_U_caFEhefm`%29x~5&t(qYRY{q1wr_K({HKfw@kZ!xK^MvzufIqkpSz1O{ zC;nJUm;}doLDJaf+M)dZ*^Y=Cjq$zWG2XzC`QwNSXP-K^h;}79-if~Xw3VZlrj>_- zA)#^%Y0@u6-KEyi@dT}pFCYr+3R}>AarfU)0HU0vw~Yjay2*qjIGk>YneoT=x|?$u za3j@E2!Qa0hxo4>>z8}c2seL*QOw9%8*Qjxt61r}rP3=*@8o)QS@RZ?-D+HZ?7@n| zjPjC$`tB-s9R#OiX}C8sXY-;BqBx%Q>L{QlC*-il0rY_z#C?rkY;qx&Lu^z5cfvX% zEO~Bi7}pWvUaypJc>Lb(jr-)WGz>0IaX4Qw~EpR{&9=3QG{5UNp~t1pUL zoBXb2&cKT|IMo!bu~Vz67b&lwc**MaMKW>zK)R^|xMVgi6ysosW}*9q7G2=YD;;Tn zI~~q6`yhm<=`(KrA^Wd$TF0@b<(>iTicS6~+5^6m;B0KM)gxbrbwr?)etW*4#%>_3 z2KrpzE8XhJ&gxpdT5oaj@J!-WK0JpVq-#W0%xo{ZH4JXM-K6JIUS4uXnYdR{cZy6b z$f#Cbu{z3?>+&YB#{M2h1^vDko5ILFUiJ)fo#b-43ZHndWt0{PV~gKu&4 zs(KsRVlEPP*;l1j`kl7p-rStT@=hSYMn(EXswazV z@z&9dPDHZf9nn;LKe(`3z~`gU*BQD&CYe1)$-zR)J!DLxVBt+^8W6>=Ukr_Vi%MUJ zTH+h4Y!KfAZtf1$Re>Bc67v4o38c2e-k(d*;+JIRhi)Bw8xn z5?x(c&!(7lIlnwwhT=lK;WNxep{P_OfFNQkPg8hRYEuGJ{2k+|Xng+5$!I&;91x0G zPzEZa^X|Z7{k`p9+Q&6>x%iQx54$+TE-vFk?CUvqbINuIx=2j9!AK>*#&ZX`Su3sq z2JvhqQusY@&eIwk;0HG^>Dpa3BL*@P;SdHCjszw(`C*Gt*j z21!4z<46r?;?vSAv!7?>U0c1p@-Wr~Bm}x6J(~ zPr(O6!2)4gBY$@MOk=}Bum|tyusJRKN)?cVNNGHi=y++7N%BWr0Ga^6y4dUS1yTM) zMr>TpAsY{eT>0{90PA4$epZyx|0_M~kYQ+f<*9=^Z?Dh1MOfAc(6|i6UK_0*uKFu? z^^>-IMrkhvzVMz11;?-jhTsJ+GIG%x{0HBo$XvZ^>d=4!@g9CnKP~1@{Id&x{qa1K z5?{a@aN0U*g04%2q)7@_x&V2thWWTt(uvByXXb#xyB^_4Fh2h4Pwh=*DO-SIh;m;3 z^%3~%6Z%UrBJQGc{e>|?6YW<604J%HT5P3L`Fr~8*XR%w0Ssh)OH*%^`+%2BK75W* zJe4X?q_^`FK7s*K(Z3yu;!0o|ijz$=MW3P?;WIkHkn5cPWax9Mwl$@DcpR{o`g-3_ zNc}N!N!-P`&Y1&7MWiX2@25HcuoGKTYO3xN1i&A|Q>V0)+`d9K_8RsXH`7*mrr)WGvv(+wz1yPid_l7Y?u)+t+W~X` zW2t=q+nhpj3RN`I{%C$5h?V(=e*a7b9YGC!uMed)5M*U~xveEI9! z)+NLAkHUUU#Q!r%{+T3;ME}Jk=hqen$Ybjw!5ReG`UOS~ym07$o1T58^Pc3OJE0P( z56*Fa^Eo~X+(s4FdNt%YVWDz9F!=E2IUxWs?%XK#djD|-VYmXj>hr_|AcVmgHEE)8 zi9-s0O!+sWGU#_g`Tg}){-iG{<$JUfdaJ)AmHXI87X&R97X3jhe|1;UhV&(|{EDvD z-ReJ4%bkIn+7`+EfEd4%%L@}62Nr9XfR}#fx!bLISjqg7>Hcp8tJx%8F9lRK{LA?+ zItN6|YSOQ@QFz_2t=rkr&4G(ueZ9q^=xdb(Z!-PLmpU0Ro%<`r>B|wf^3HEs>fW;^ zn9SD-75?W409#6pYAohUKLAvbaen2y8UM*>`>z$9JuEwo_gT9omvBx;YazX{W`Pwf zIs*_i^BWhq3yoCqBDWo2=))KCb~R8ve5C) z3kw;kJQQM%BblO?q1entToQx8kRz!ky38vz2#Aev^u^X;G`=>n4E5m{k7#*(}#ZSfX`LM|mnD zq@dTy=YoY)(d=9vtPTQ?oO?fP6nx0y4BMlHbI*aHyDHPbmzt4J2&eMoe*wK|cM1i4 z6ia_mtMcYdvEQE6ay|Y=cW*z&I6j^}l8YJ02U5d_?+%ijWH`zLjR$9?Dbr^EA}?6%dQB3wfdP+`n3}sDpYZ(jcvS$ z|B}1xF7)+6!?CM(LbGP6q4^IBOn#cYXSGsSdM|QdXOag+FyEXG#PMu-M!mSdOgy$p z0$otT11zMFmxBmfk{xan5#!5NYaOq@%R-yt5xSN|~~Ol87D9$b*ya^CwTSg{)ijy^SVGBDd&$ z4s{p#aDPu)y=(o^AHwb15Z^QJGO{L1o0<7iSENebdk=$ZEdQ#AHpe4t;kmmS2DPdt zwnoVqjl{EwB=r@`YEAO%7QzDk6)n7tkv-diJ9F&E87a6NaV|1H+0n@samQ%#4jyeQ zP^b3n_3wB0`pGy*nbPhiqoKD-J_+XH-Y~uSq3faZC<+IC3s)0fdV_%tZr$2jGwJl; zJf>^7C^ML|I(xXmH%YL|ZuelL^=|mC%OUW_#$!z>!h9R(T#D(Bb08 z;oUY+oh?M8HA5=}82RoDl3{JMC--dTu{RfcWq8`J3M&_E)j*g(n?qp1m|jAV6g%`1 zPOR~|nPlRWaHU;$*!?7H#w;IT`H3u6%k@5hH#7`&Z{~*@Rw-SSwmEzK-0s}YM=L~v z46ccSY*)2e65<7V@IXRXAnM}byEd1!p=^~@U8Xy@KD;hed@K&An(+pkz3gfbai|D* zO;OL9hq*7s^TMu--SCE8P=B`up^x-6eJP(8zJA1la8^o?E_p@ysuI9KykdS?Dz>=% zLco_0wTd=s7fS2T4jI_QlWB(}x&VX`otEfmqm>RvR4fxO<^#B)E(QsE&q;6d=1!l! z0azv`)x&5_V~a2CWpWIKiul=AdFwA$dH{rf$v=-ih>GK6-1OG1_UW778D^ukdBmCC?Wy^h9Zzy2oX`@1|&deCO|eN zV1h}25c1tY_kQ%*x}Wo&>pSQA%F7>IO76@(Yi7+_Yu4{KYh+&sL*>KTm97E>O_;Ll z$K@bfbTT;+xB%Pp1FX?}xJ(ZlD2g%=6t%VE)~8H9%Unr*36n;~=&oPF?jAo;W zV4UHjF9n!OfnjvTiKx~3gb<^uPadw}l~(JM8WYJMIG7VgReXRnSgSf2^~qKfl=Wdu z3kvGZ{WoWbja-?&vILC91u{E*a?P90fKP8g~U9K%hrc#xVbq=T16V^ z5&7DBw9;5{deh5!hVFU3dAQF&(T2y z{jdfG@pcw9Jw(a9fmQ=>0Xtd+G}D`E_?{G1fA;m9`KDbrGn76(dJ0ojNvcX8aHVl* z75O2en9MelWuFIA1u|d zCfdJuqGEb0$re0$w`Sse-~wm+l~rZGGRLheOYCL;KvP{e z*=?)0yUu6&K6C&n0&EZW-hwhMxvBC^*7GpSz!wPMg10RF6Dcn1Z?6yfSOdAN?JVjl zx9`?fOpoF1gcbXOfl-egKe_gPmQOz_U38x_c-XWN=UB#t@vn^5( znGn~?P*c3c>ipmd#q--*gD#OFB4+vm0$z$+fSqGPBO8|s(3n@3o_03*J2>iTR& z;f95XcFW2>G@2*W&<<|47J>m21NFFsg$nh`+Y?xoBHR(MUvNc68CHTz57qI7nlBX;N$y1;JT;$ac zbI)JGv%0sV;iK35rPc*U6Iw(Uo^fV%ZC;4>I-Th4c5*9KZmedJ?#iy)+vr2Y9Lf*T zwL=jh&&FxRH!eA}6q3v!qwlwLBNAFfrt^6!u(#)|gkI(Hn)~bN3z4(0v8wei6<0oK z?z*_Y8f~uI@JJRLAJDK9aLT83Bf{y%8I8T zx%v~x*kyy9f58?)67L_yA9bWxQAmMMc;%^=su~-H=sRLx{l+U#Te=H~gZnt)-ihAF zddcIM4U{d*RAQ=-?T1}7>unWEOf__tUtGH*M><7i+o82pHcLf$X{(MU)wn@4q^hC& zqW1!X4lQf${vLeu+`7{bnc&80$F))FLced~Q5k+Axu={sOdQWi@U2;Snj)Y97;c0e z4X%ANplN)c@#XUi6R^f{q)`^&n^F`{N`rq$ij#qSy|FKkM~q@M}v+Pjg@=C zg0Q!Cq~18OTGXb$!omNB4-E{RQ^_s%TkR8GNnkCcl!gSqZAeNpp~r8jgh%!3MOWZQ zKIxbbb3~B5-zN-hxsKUE=Xm~D1ODv$2=$!mOR|;TT5bZzky!epjy7B)ojSyuyM1Ky zi|g&ba_6*DyjqRYpnWjWg1yov>#2C)K!Zcg_SPtCf8cIuAf#q91T3er1>GA@VMG8C-6^T1kw@!@?X&in*t;f$=euv{-y9mx%}Jhjo0zP%nkn)D+${Z6o8)B4 z@8!IT889foq8Q(}v!0Dsz~D=a11a z1)r__&Oa3Zo-d!qUtBo}<5qMXwpEjl{hb8e8)^=R$4fSJ96G=7r8$=g&Z!H)_4RB= zf;k3oani>#NDc!ca-g|N;`ILpDT03$7ARPMq58j)U-_$=!2fEApZ{XV5@z{Q@^Gz%^>TavmYPag z4__(78rfO)_@1%tU`i@bD}=oe^kadA7k`*8Fe{0kf{|o05;onfzw%S}UM}*-%-5B` z;uZER$@J?n@Av~hrp``9*=@)j(kNXf_t&=uJ?1CVfm8=($wmD4_O|oU_3AakXGQ*c zw)5%1lI4Tj=sJ3$RhknLgQ;tCKKq8qu{I7FoCmvrn zxu$%#fZ+l=SpAi__|qJlGi@iIT)+GOTD=M!u$Z59zHYSQZ&}1{_whk#%h@^M421So z5duLXe;&L1Nl!W}HZBNNiT~;SA=Bsn+Z9Wt!n**ZSy&$`bnV~g3p;j7&T^KPMZ(2W zim)}BgQx#IlB)XkNb2|MI9a@LfoO{0%!~t|>|6?f_e=g`<8q;&owqBtiu{v!C#Q@I zzDU*24iNyDpZ}N)0l~kWd29g6SV&p^#X|hLWtvDD8=S(={1LSfFG6V-=E862x;X$V z!c1l3ykMg5WkTP=XOVYoii(FHx}s>d>eHwYB7yU(u@-y>h1+C{f`G z8F!3+B?mmcHVLTU6?bIr4gjRvmM%YahPC|zC5<#Ee*ftz;OT2aKvf=v6vWVe(7EK@ zz^y^x)nBTHD?&vglgc`puk{7(9UGw(03KAvvBndlQ*d#ahBlq9R(WeU+HIm%v>1v}m|9gbiK|oBM8c?gGkSh~NLRQ{>g_6s1$Z+s8s7`%lIP zEqr+mpBta$fs3~C(i9{(jqJ1Mlj^zUy@k~4=1fQE0z&Zm;UNqm)ZgJ#$1%$fDsHtJ zdgq=@@2Gl{8pRF_4%tZO_>*TK@z+H*6W@#LV}hU!ZgT;T9u zM$j#L(ll7xU$_VS#J5Ms&@lpvV1BRdB(a%{wH)VU{8rK(<-peT8W?dlz8rTXt+Q#! z&|=FdL!z3}E9>Z%YjeX%xpVf&<@c$hxxK|fRz@);P)-qYo4u?~$g>3R!1}-lks&fR zte-1snp`z$j@U@sdrJNC`|F^~*q=oJa%r%=k(-O8KV<>+kKl^-Zeh1OqbG?K+`KXO zMqGnwHCunLidjU^(df+&*m{{KBiFsI4OgO1&_=WT2-Bn8_{aSqCaYwqYyRG?ce=u+? zWV5v?YdcsL+IBH+-zWFk=gDKw2j)j(YWj!H^7cWE@wPhxqeh)(@)-1U5_S8OkGDG| zo_rPZ_)6~iI_2<1Ol-Go9^tIq+zIF}R z=>0fS*4J6qQ__Eh4Ymw%cPB?n3LV7&zb69B#?zt8;fyYKnEHC1pm=|>V5I+TtVR&R~gk9@~> z&uMJvzMOqv0|gSFl?`OgPN<<#-nS7o)`F(kjld^IOciZU1!b0 z5X*D({HwwOLX1)D-8|O=Z+4%@yyxtu%glV4$=Uoz;7>Jf{cs)vUZHz;K}|3|g@0^& zP0~Uw)iN0ky{2bnib}?RTrJiHbqKvH?x~t+c}Hnvnvr}--9PyO$~kJfC9bQw2S3gB zzVn+Kq+!PcXaLG`g&C8vHs-^M=YWWaEwXDCSYsE7o47 zUXA`oQ1kWGaq1(F;zv{D9hX?U=^yOT!>3bO(zEPyl4|uqg7@H!)S1VGS_>6o)W{e9 z-3Jc6l9V#I+%R-B+$BIJPR?sH;nVxw5y*5hSdN!ThifYdzYU?9IHTsD_s?D786%pq zbq+cV(f4??C{&Ci!;KI7obbCZbsm{7?sh%?ylmNjoj zW*9Vkh%awscq0=i0tA>eJd1R|-QQ7~UTV+Suuhd40dcCAn>LIiEWw&R>Ogm;&&uXo z5_L4R@RPpfc7D4((5e^a5)pDlpB~86A;9hg*G(Za@xgfp11I;tF9KFfeOon|SpHPD zk_b(#D#2prBq?a}cF7fu!>R?^(rAWWTF`-53W<`Z=jUw*+)&SRWCfzUHxkaENUvzM zZ>mXX_;9@wv9V~}#dvBr!=8+ti2xU-D!dr2FZD=f={(?MM#ws%{F8dJsx$Epg;jmx z)4n60rXQZ8XY8bsrqa+?CjVg|z1p6#s;(VwT+_L)Hk_w)<%`tZ>1)B|fiTK}86%WI z?Ol6IDI(M@*M6*NO>2GPF1xt`gjSpkwQ+O>U6m6!cQU-?5JJ6NYj!!*O;1B)g*Fta z%JPn-pYGwhsRW0k%$S{M*izg%(`?j?9?IY)JmIaY>IG$%H?IgkTUC3)G?@xJ(HVO~ z6pDnpjnLI_D-FM+cvR(+5lvc&%s?j&W{XP2hrISZf5D z`-dV~_d--Fzt4z{B7HV(oPGwbIv;V)*i%oV>~?G?#Y?lc{{^3R88{jEQ-ikWn3Akk zWczO)0oR)!+bIrhGqE)o;rSz1G_$nkMZ_Kr2=*TGr#{n**g|dw3MUoYt|uu2 zqIAocNG8`#@4D=tWK@+ZOeN1cZ*$VxD`7-&1!1BN`|LkX;A$9{v&jhmw*W0siL*MD`?kP){ zZNesSU%Lpr{Ip=i8p;X4JBUpgMn_6<2zFfc5QyE;Z$=^ zXgp1$Z`{Adp`*#wt*|pDVt_fl13(}I#HwkZT9H8cnP>lCp`Z`2dTZwQC)`k(mRT`! z3z?5Je(9XK2Y-fD4o;{r*lD*gLfop{QHVIZLQC}o4`DVzsqb?^Qc2Tms0RCG2Ht9; z#@`1vRyj5XCU=%M`AoZlU)8#ZzdU1$QJj33{m27ndz#^*&O4dFpu(a<{gUUH&a~QA z%8X!PYI?Y;+i3J|UbV{*uO(-U@`{OQnZg=OIt*nsa{OsANU<$~~n%$ILT{*doDuBJL}`Vnuhk zWO9@5f#NIMrGS&3k0r$>JduLq6TXoBvdUM;{cAUKGdVhZFl@tz9(DrV`zS0i2zj=# zy6st`)xthicbiwl>WgQB-+Hd z8+ruXZoWNTH{t$?p{yq1NR&V~t&8uBTM_4<+Lu+r@rA0B=V}Y8+)D<}L~InXkbvS# zNRN}D=QqDy>%{|LJx+wSguk0|fO7$vt)Z#wt~_c3bEx1H0R;UYH9=T<6rm zCybqO@D}Cc-Y>1xYHpEt4cIf&uB4h})R1PKQOyG`r(eszoxU^WTh7mfHXjIvwKN-+ z>s^oXa(^rb*N;7e-Qai{+ie4>x7{>W7p~7-Jxw~=w5YC=gpO{{?uq_wzO@W zS$e>=DqYnmr}7|X4VBe{r-#y(e{nG-ch;Rsiqu|{JEfeE9uB@N!G&MwXkvKfye-c) zk}v;lhXrol;rx0#a4i`xa^U||x8zG8PT*iHWZ(_PN zh3s*E_{hPgLrpdVk2|w2Rr?rBf+Wk_AS2kiHaE$_bhoFiDCrObrisP|^C!34)zCe6 zUwRxg?CdP($?VKhrbq%6fpfHqa|F9M_d`kK)={y@Mf)-lFhI^dQxceBEMhqPRfN%sfKp7&FR0H;uTz77yS6i!$f!9+4 zfm*+AIe-+?^&``Fo@c@&p?KdvV7HYtV$e(Cky{%ARE& zbg@UnEVe=tFbFBh_^E1i3w7w+-fg_{8AYsodRZ(S)so!P7|d{1qt9>+tYpYmceuJ9 zh8k!>HUomY6t7Z>yVI}w+oC}TKgLM{LcbK}IZ{}kLwyPlyGw%|{JzSL~ts5cR zCQ;s}J8T7X-X{*iFgs>|7GX!lz9k)>aP`|+e@8(Q-JrEJb6wS|@;*(0IhN1mjvo#1 zhT_w_nYP-JE#(z8WiAYomyA?=VL;tH0!`QyGPFVpif^H2awxx1Gv1gU-c5%eU45c= z*~!ywhGgCT0ioiuLjCCZvs>KGn`)9slp^mkto-yQplre7wpCbYdsEyIP}T2h*DS?K zp{xIho*;+^v_0l{8#Rtw+ z7PL(k>Dx5I31;Z7{!7{V#9&I{+YH;lg3yuXX|G<{&WMn3|CaY~v9+Qj5OV)mVy8XB zHn86V3q zr+uKQ#yY~1a*_8B^1+&_okjI0cb19~0t@_;Pi{kZV@++YrH`vCjgWhQx&zm;{Pw@_ zO9`?r>f7CpNPxTM)F6Xv68ya*FW{@xgG>{yJMXIKMCiW4TG?SSjXdQ9LfY_x_wOg` zo~lpka{>c<8*h12YXaHN1EKDY+SY+5&v~CzNkg;6xSaBgd};F3y7ad`jOx88AL0q3|(w%5bB_S|@uNIqg}MJ>^|;Iac9TeLQweC&eWSLNOiRsEh4Y^(_w*{DMv$-^pWFkoJKnkqJ6aP)|Ztjsa}~qx*0nq z))FA(xr_C7z!i+`v+mtUTX1d<#GeWsq6G(nN5~7|nsKySJX2iB{m9mhft`4xN9>hx zhHd3UMiMsa^dzN6<`4@S8E#Aro(<&bx41BfOy}Lp4MIsn3=3$T3y*%Apo>Bri))qS zZS>@ca$Uz=i%)qQmF@QSni}tUj(4O0u|`PGTmW!&+UL#(7J>^T(p#sM@9D_E`n-ja zAeA_NSq>6(#qkF<;M`GKE0X-Iog5FgO-8F0#J=HSKwp zrWmEebUu>Lcf!6(KQlQc`;nax*m`uFtgcbVM+s;P#eA^&gsU5F(_BrY`l0rSY}COD zL{(L7DkpUQ@%`{XZ;UG=f4ChBLF8M;b3n;XMqZi|QhK2(Yu&2OxiIyrh`VzRGGs#S`{O+rG(9`SI4dDg z^WqzvhZ0BkvK=q|HbG@zvLhn4g^KWpXQ`KtfATQ$w>j1t1+J>|AQSjG?&R$)Raf?KJc%V_g4>p%2;RL?~b20l+4H$`}&T`?}SaU9~cm@SS^>!as``E)|wm0 zix>QKe{A^~4@qrgR(%~}HpETy+w)$%xA2ZjCw`KoDP#@0 zB?gDsdJsdotN-(8qz}E+H+6?Ea6Y1lQIdK8d5&g3fHT%Q^t+oP=O*U}SzS%;uh>fm zaj~^(nyaqF*vKu9{JR(=$%xNENCby)VudQ8P+Z%0$DxKG@GsDhs@CgBK}(C4aEM-0 z#?$e{D$<(&EJ@VJ%i8V04o%`ezX5VkZk|m%gyDzrCyFlv>Y2bpeTrOiaiGynB7NBl z^PdCDbZb=RSGEj;EsPox4z}i+jT^6v!i3v)ny*w)^!exN|swI z3X1&s;~}1`Q)-r0WVHrGMNQytsma5o%dg1&TpizB2Ypa-TDs>K3eMUNde)o@y8ZLH z_!TJkSK5E+Z&_|@Ui@Mu{P(MWvgH218gRS`>WFZmZ6$v)`JVI85XGL4nGXR_YHs{D zKp?0^Aq6iO9!|esLWXYZPyT`AaAT)y)e4<&NZUY~g-Q_O`5YKgRfr+54Q|ne3-|Xw z6(;I3pK7~ccq#qW=I^Kv)jpf8lll=A=cWKN0o}IodzOSaW=lU?*qNxV;M;&Vk%`40 z>Bp{CgzE>KBRR2z4(NsQP#?PmNOYflw0JGfCReHZ^Fl-ahLY9uMQ`z#=FF~n;cA?L zY4O!dFRuZ1@W2+R>-lO$Ra_E%Zg}c4-$FvzRu_5E`#4`=3C&MUfBsiI-V3de(nC2? zQ03VWK0l5|Lr~*DkP8Cw>xGN(GMR*FqDQDYoVIooH~@PEz|)l<+HB2|N5W@`Gwa6h z17{)%JAS9!N9F0~ z=J{S4jc}jaSuvv?bogtRnA#|z#Got8#n?rdKoI`-l>OI_?|;2ts4Mx0_=c1Bb*dJh z0bMcq+KKyyWiWjm;=A0 z1idhS@QsD=cY`;$C{+dMef0}p$0}JyLsQJnn2D@c|W;9{` zFSgYSb5Yaw{`pG)+Pz9sf(S%xFRlQC%-eyGD}0qwvyp_V3 zMSxg$p?<~&hgjHG`kM2-euysy1L-6=&-&Q$7ct+MUfkC~WD<^r8YC)<{N=F*?}tb6 zsp-R&#B@_)=%BffY_iw`_$vQ-8$0CvO=NFZW;Sscw8!WxL+pilB93E>$c>nMbAs9h zxO3^mA<#u+eFK7NB(On5@mbts*`j1`TE*Gl2ezy5n$}QzdT_A7Hj5Y8cq^ix=vm#p{z#s$`Y%MAZ|ClB3Ce2q5_PR(RU*S(OnGLkDUQb-Y|)&GqH(;yhVB8-l#2^zHHC-<|Ts& zE4)fm*>Lktjk;J*hw`_`dG@e8p-&-qpvDa_5Yi??)_{fC83R^{o=NeFJSz>UW?7OX zXqA>V#RjcFP|bu9(_hpBu9JSbvkew)u$o`}zF191w zGyJWiLeu=e=Fgy9)O7ntI@1@lXYIcaW)k_O8@TMrbm4r0VBS-}lY*w2%ITTj1AcH1iA37MT_g16+NQz3BWK^RlYaUSH z{k(w09@am=^-e$!P=*N>Tl2b9yY~8e^hz@SKuvx~( z_St#{nLI8ZseTzs<_$Tjm^Gu;P%A>7B&4EYPtvVd z$QONh_{U{Q;CEPS+<2rjm)n_jmWsXAk_^jvHU;Z`M*472qfI+U?N)O>f~eQJWgQmx zj3Yy|V$=&WTEGwHk-^pQ*1VmVwE2>?>2@2S%Nf8IS$Q*L}!8o3u+JK7~?(zo96Frgwxfb%wqBiC_EjqLsRwnx8!0i=1_p z)6DrCFV>WPF#8$4xc&&W&AS#AgTOQ@MAyvAGJD8t-6!KuEP3npL=1_zJ+C2O@*okb z&u*-uv0jq_K2b|k1kBZHj{7AP4A23=NL_ok!jI|Q_v2a84%yEWnBgPNb%&_FZ;AEj z#XKeGN)BO7BR2N+-F@W%h-7c;aPU0;Szm54I%Ht-IeN5ft7pj_PRJ-TsJpu3p#Qa6 z-TUwagVWhfhuxH|;0AWrw3J^sbz*w6$+O^Wql8_O*4ZKIsF1#zgu>ooNNr^nLZ8^h z1ow~5ROr700(^UGi*4PU^RkV{{UA-g`|mqkNt$yNx5=N5)EQwZl+vD82hCdYThleX zd?twH;^{;v#FHGZRrm-Fpd$?<;Ty=BoT(0(_&7FNJO1k1jN2Ghd3Mj@UJeA}#fjZ| zUxqNSdu*3{E7hvE^9=P^-e*8H-$qYPolmONYnJ1sA*#AAXAjvX7oFbAhYyr_kmsb( zP@@HJV-&7{QMqQ|S%2^>7vG^29TfPn+B9$4A(z;35Fq_kVZ-r-q0m<~2K4>lCKqk9 zF?vsyR2!7wb>)Fb>Kn4Dp!hals2g@Q(I~KzC7CoT?Sz9UC0y^Yd!9C{-5BV%F=)fd z$!gB5PO(JjJ8mR+!Ca6IU;kc$4%Q^0b@0dn?+v`i?&CwB4QKgZu=b;PSE3ZfR**nb zyO4|`R^GB+a+qP%6#7-quGk;T{tbLQ+9B)3`-gg}k=g26I0XgtGq7EXBz#?R{_GH^ z{OSE#bZtCLo+(|}OiuN>)3Gq$gsz#;!!<G*JLS9X~EJ{7>v82HhEHc4M-J=E$)?xyKfnw8eL6eo88FAdx zCHx+eceYXM3DcmR#+{ur?iWJXMz}4?3D;?^){^w?o=98m1+^QZzu)f~9veLdOUj{y z&qpwum;=?^A@$tp5!OU60lqEGvmt>z=Kx$F!61-&PF!`L2m<4oAq_PNU$>?}38qiC z#2%C=q`-o;?e_IwKt4{SK4pA47}M2s>}jIyqb3|-4Si2-gF3iomis9XG@N%CQoD_p zKJ~C`0E#IY##+(Cv#a67;&r`6LH7OjGj>5ik8D=k(^a>bt6XyyQ@(8<=p^fyF{srO z6`WmzCQmiZ=0T`Urw7+*Dsd>sk(q6*%0Mn&uTAG64ZRO1)c%N^kJOxW` zXygn?-S6#{Kiz$w|2iU`8?p~w8O|?&Y@=B6EXSK(-3;i%_!BSsO>|T>lRd?%YtP6Y zU_S4h8XwMbr_Q#fE6zd*P)Q!dB79w&;zo2Spf)h z8};>X%6tRC!+Z@=XcP+~cNpwhq&16G>9-7NlG$?>I#6yfn9@}pF6Ygw=GSf6jnzlU zqNi+)3dSg&ugVD=S}h7FLeUBxoAC>}V1<#W#;h1+$UvXmKy;=J^oxvwbF{1cJxfB; z^478+@A5!nW7#T`b)8{{>+Pn`@YSm@P2<54vj;IJv>jzv zmGi?VH+Ru3xasS`H3d(a=M8??vdg zxn4~&R`Qam^F3AF!KsJ$VAHw)Ed)*>8d^7%0>UQUZVxNrb@$3Sq z2N>d-kFah-uK};4ubwzh0sb&CVJCW~;8q01PyTgY;KGUP=IZO9)I2}LMnF*Q%`iZ4 z>X{%MT$C3!8XeTTFfkK0+mv-7tRMw!ND8Cb~-L zaI80qK^#xCAG4R!z(W)*a0XTK=sGOJ&~BUO1X8^sQ-Yv((wJWLyTk6=sBt$1xyy(? zD%@m1gy~WrR03{-oz%o0=S@61Xk?#imJ+Vn#;dn)C9n z6AU>GHQQ&0&{Eog=}@-tmYF`|pB>jN-NkjJa_EgcGGa-uoruw|vatq7A8ke}YMLs0$pDNwe{ZO5 zgoeE=C04(`k&zr8fbtPe;8sd5?U=x8zZop+gE|hrQ+^t%E@>g=tCoOuxCbo_@13nt zLFX?V*PU`*7c^GnM!RdS-Fz9{Zs@LIT_pZlf;>cd?KC^InNlo~Rw74wOBN-JOA{5o z%Jq2-O6(Ri*u=9cfgmlY{bR8TinriOcpQ6QJ=x{Lg` zP|!rl>N19@9L1|Umg7pv-3fSM=EpfqV;LiJtyBWl+0CDp5{_>SfyRdSmfJIH3fVFk zWmHs=gF$e@gPI|$hMLI-QA}y(Oj0Ma(LZfYvW)58YWh`(i=@UijRwuq$~&fgD!ZCo zHd{dM!xFGz54{>vy;ARX5e*`8#ThY(#@Nnz*?yl_ylk8zDm3?*@>Q*Fq-b>+`~Dxk zJ@&&}#XYg2b0L17g{9_hazvJUFP1@-bq4@kUeAIQ!?f1ZLZz^j@dWGPcEWfST_tYc ziT<}qhl93e#_2h1wg{V~LWvNL{qLIwMH%-V9_8Wb!3c_=+h)KvzN#eHCp$YK`4Lofucsa= za40zr%9{z@SnWyLOZeFCvxFE~S6kx&zL{oV<(4IjW)Kn2l!&w{SFXm%C(}a*He2T# zHu1?qQu+LhL!?lRa3<*In4R875Z5 zhsi^!)q1g!kL636nKe&(7Pif$sdq-SX_^_*OGIkDc&U(M%44sw2`$stGK!>CWe@c_ z)o+A8DbPPO)KXZj7j2d?8eS2y4fUWiyN9b-hVhx+-WQiAJu(Bn7+ett&bQwJ7MGfSUvYS9~Mh=A9v)}^b_kn=4D$b zmR>UFVP)|HUG!0pj2rr;dCvaIu|XGNF*{HpwXE4qq|0(pSvRj@Aax{?`h9jNFm*R= z=v4NBc(I!RDK=my=Gg7zXO6P?HU+y2c0q^U#I1B;X!Zs;X5F(DdlRF-`icDmNq(`- zgWR!0A;I&<2B_q-XKu*QzX<1km$-c6(wrD`snQ#R=g;_kTDI<3jz3A^zAw050LTRu~g{{PBJ1)VdT|KNAlh(d16-)BbmTb zP6x(iTF*TzE3{SPpkXmGbsSbXfGG^z-QuNvvL3;#923Pp$nZuY?BVwOxR#OOh?fV! zlUN7=N7pW^G+32t_WYyXg-+WR2OEBZg-%RpKmMqaxc^5^DvIv+TuTR4e!OtiK+M{hCv&dYcLjHnMxrwB|LeTfJ(tvILFA4i|J@?+GjKb1Uh3u=VsS zT{{J`(ouW%PP>i75b5-?rd3}wVi`j%kAtKQ4}uf!KA74KoLus{`DLm$F;90h{2Xsj zrW_K2A3<7x1ta8&Ph9bJzpE-{v>ZFdTMn zDt~viG5cVmbU7Lt(8!x`D3YcnEp*I@qoc6)sb0?vM~+JpcJ2;RcWJOIS&iB4bLTB9 zq+01hGM?~9wnEC8k|}1k$FG#&(qBsOP_M|jK7Q9hpEh=OSjc&=OMwscE!4obJdHOi z-|7STYWOBeBuC)sK4@f|GnRF{gqvKECXOTfApV0 zP>RXeaWSG7L)Ohtt<8wmQ@~7-@_0vuR?i))zd9s6%^D_=*O?~}bc$)l=pxf@x^;<) z212Q`Q2~ExLs0rKJ!ts3vcH8TRQ(rHw@0773)BFzTRqa!spRY}?l9FNB={+j~75prHUQ^Z?cSI7( zr@j~B6ao(2*RzpPEy~^U6@B<2Eq;YJ_Cz5C3^11#X-GnDi5%rQss{572>2lf-s>bK zb^i>|4Z^sPkHlWYZ5bYFRoi~vvL+x{4M2lYvy5e6c2`OL^eMkeg%oc9z?tRMIgyYv zJWmhA7Vbw;O6*r~=ZDPx3ph4(^IHXBZ-tbjMQp2PK;?qW&s!${yJWn?Mxd6@B6_l? zB4gF}c&}N?k8-(2;qID7tvGc=2pOOvj(msP?r4ntCY33g-Db3UJ3k&J#o{J8D_&c)01 z=U<<6i4JZSeqQ(U&owp8YF`7NQxV^gs2^~ei=H`-(G?$spF{o}>mMaLjye(+NwGRS zVg41I`VoDZEUsNW>|M{uv-sX&eXAdF(X&Cw4?wf4k|n6EscArkdPu;GS+Aiwr6?f6{r~^vZH9~SWX*ms>io4q<9kNKTwyu z%Hv7twEsXzE6erxcyYtmedxc$KSjjxQ%OiQ!uopnWOJKsxOJ{8qSoNk%3Re?Z*V{ALb7dOv-T;w`f9Sq6>U zuHZyp<%#^_QYt?oW_Moi}lqT#K@3Jec{=VxsfrWB5YT_lh z06)VIihZL{doV%!)>6tFY+CiQ7x03w!hblj5%ewqZIVI!;)G<~xuqU_K7Rf>SCe18 zU%V!w`*4IYsMj}g6KL*|B51=f=*2ru*YyaS+9g_hqteD{T7teQ=>u2eeYA!dpo^IA z2WwHd;g$7oCYsr&g`ICm`RQv@WIiiY`Ub**W*BGwsTo5oWc`B|dKKxcFi;KY%XZM0 zQESlFw@a>MGRjv?X9O?vIK%nU8S{_bZr0ozRq7(Y^622%Uw66g&4i(^us>PJzv^?= zxI!hpS18wogB*vS&Y9zdC#ZM1<4;7ct9%~&Wv3n8&v4u>3t#5+%a_TF0Wb3rN*4a> z3CRQ`^9U0*l>Y06MuCQoFAfoIBLC;Q(tAKE)1>UVaH!e8o{r~lCTe4a;LjGa$hql(1H*Pr^9Qf);{Wha#c^RvPXIgdx1}P~*$UfW#&A#c$&)gmcYj-vs`_s&&SVYsv|!g% zR_K9#uo#Og+VMgP>WyAAHr-$BtWV&-%*ekMZLf;doxmi2Ewa+Pw>`j0{`(p{s;NNP zMfNDQ%}B*AdGYS=E8?Nsfhw!g2Dhv|yZx74`N5QZU7ZJOZv`Z~Mb+w^KGC`IFZ%`p zg=q=~(`1If$@ne9b;Vdw|5eCeZGJPU7Ym0DhW|^LZ-1Rk>0M2V58m9ZRLcnt{Dz3V z$VrmnRE?KA)KMEgZox`L)UJ{4xxY$^9HEwIwBcN{f28SUA zS5Y?u+L~xN^7v);R;AieQeF}le_?F8m$$`1sJ}nXEljKEbc|6uA^5{!_y}sNT+!9* z*8HhCtnBSa_hTAF6a!MXK5O0)ABjYKl3#fEI?>9#tzaRjPivssx=#x;odNXOT*(Qp zRJihJ8n>7@G7L{J+_-sI+i8qlYD9bcW^qCMFvGJR4$D>GFMd2? z9khBlyg57M=9V;)WAn>c*@QxM&QL&VaPPeLHb(yUfPj8%UB!w^XFTNZTIL(Y-p zSbe-x)3-xLw#WRReF`^&wnZz=T%n=k%B!N6G5wp~vJCw`D9G2@Z1fr$Jh1V8wo$Hi zj>(yb0YI76EU8ZBf<>YPoauVpjOQ(yOr!<08kXtKS`;a@8k0Oso2K^|wUF{|+D2lUi}t6~ zPt_LDCpK(js0!ESFWu7U&xzNP5XO(WyC z!S{B=nA>f*KeXKvq8ak>!`tHZ_v_!CG)Xh%_I!T-2v7uHwUY}l|Md5OPPYt2g;IRs z5vl*|%Lmv)7cDocW^Xks$~InowE6U{dI8Yv5Q9E+8A-3!G9k9CuK=v)fs=BSGX6-= zJ}%I9rmSB?rVjD8K(X`@<`sFq`JI+K<;M>fK_TL^3>9}{WpPt=88>=`N zs+v>J$VlIEv34wYe*<@~<3Q}NPXy=ENV>;=(5FNr$0lgvkk3t3zgtv;d!H-JRU%xK zNKJRHi&dLMJ2ZPgpL}YWYn#8o3#Sw#lv-Zi!*ac6pU--f=HEP%hOQl({*Nk~IK0OK za85?A#SK5)dA$Z$_FJ6|`@=qV>!$fqon^A6wWA%T9CLRJ^>Q`Q_j7$CB=5>ztZh}i zSo-{cgHJ>hF1@f~UcD^JX6Jv<)|e+74rJ?`I>N2>Gsx4APVyxigj(H|ed8RJv)NoF zb$I;57=K3SLVJTU=M1OeEySViR(+<(5$qGV(rj<)FoO;bQjED!8i_fi{EuN3OzWh~ zmq$CUZ_RMtsM@jJY=iETKGPT*H9$6_=|dZBI(*KJvB#<+b7dR2$>I7T!=)_u-9w>RLOVRsT)v zBHOwcAdpv^)q(xT7WbcjMw3&j{^la|k&dV4L96pC!bTEoHh6SAC9=qX?e5t0R$KS> z9U|P$Zo@sD+@NIK1u7?ZWGs~s1xtkl6$Js=pG#Y&-+j-0 zzwhxL$MZb*@gDU@9KyAn=l6Slx6k);otI7uxK=sF%mUZb?AR0Z|FB$Amh3t1+}xPo zzIY$jZJv)&&ardz&wyW_->>TmyJZ=7D7@mw@%j7m2scaZvQD2npGzR4;~YcPcKJ3E zVh7$%rH9E03H$!@at}D_W^NyRsCHTMlHf;yF-x)^8OU}Q`jgXGi2lzu`@gAxIlE@|w4kzj^OjRhpK6eQAA`6 z2m*M}M<_K3{XbjxeJp%G)EfWYMe6^F!TLXgm(AGtFS4Kg^*_NCe=YKF6E`*f4dC*(5bghKEceTS{}Jl`A|60IAKc7;;m6aPu6j|7r;sxJ zsm%v~@DrRlF%jcVvPt?3mH*Vun1UfcAdVl~9#eMq0Sf(c;3q)#f2(+2w<1w47saKH z^l|1Xy_&CfCN*lh5l}f5uI`o!DTY?f)3g7gr#QS{Xs=TG3OLp9kUr5n7pkHXl~k2k zO*)$wt&s~QV+jE`nFq;CS{GviGV+er%ScW2$+h^K37B*agrq)b3v4JXsbO)l>Gg7b z2fAIU`^g*xz0MOpJ{Gf$f*%v|oLxp#Vap)gJ}ef?%@53}J>}EM$C}r8@w1MyUJyR? zxjuu&6(NlUl+)cZzsXZS%usgat+=-k zkCeK2N274-dbqYyDa9Bgpp6<>vZHx) zMf6SJeVP~<=jRrfY%C}zlDDao6;f?<|Uoqaqr7&7J?&r3>d5Ock{T3weQe}gPBQC9_%KK*gRJDy1 z4**yo6?(Ajg=RGP-CNbqbz}I7=WlcglASswI5qKvxgq?xb)17O-rJ|*f*|XZXr8q- zgr#i}X|OdLNaFsVJ6{PyXI1@x@M^1Oe6e}l*D>YjWr9B&^!ZF-=23;r0`%wV&1K=Ku?r*P%E?( zs+0t%lbp9KiGR)1sh*)w+4JjfMoUEK7L84ZhN$fp(d7^`Xp#%^K#!#T{DEa?qv9>3 z4jI>0mkAX9q_c7Gbq^sk>e~LLNj&5idXf?n4_fBHH&wFUTyqOJm!OOHD>A36h zW%sYuQ z)~%dq)}^bZ+i!@CbJ}k`?K;1W?oAIcD(q+B7FB?Kgq!Wcq9w}KKNIUKUFv{EdJzOG z7#K9Pl2-7Q(fTTbROgHHOf4^uS(nOKIJ|f#AsPo!jN<*wfbEC2f=Z;c6V%9V3`y*} zG`-P`Cvh~dDOF^xXNGNveUbvM>1__rNcT~;f7f(n4VY82srppX)n67CxaCVD;TRl3<#CuNuq z*hSKGzTsRpJxISFSSM83cm$gVulv_DZpe?Ch(CC4{tAa`af>liM{Y6(-t;Hj+QfF6 z_w!{Q62_J_e@`P0Y}+^QQh%5&Kgp$eud&M=!O*hF!59s1soi>AGaJj`_^BD%c~Xt3>9v0l?L!1ZgZJok*zyQ9DYxN zy3r*xAz<6tjx2nT=n2y8Kq_3GwuD}Bfsrg>t`)i%Zd_Emy4IM2H_BY%n&-JH!zF3c z@6i5ECZT7Ax3(L(^y51nXg-cCE9)s?7g~`6vK|0; zn;TJ?oxJ^y2V%*f83Gb2M^wBm*)lmA`^zN`dv22qzQ&&Esi9aje$Ohna{}Wb_-IQL zD@BCxUAo7~2Q5f*1d()BjH5`Xr@kdFkeqzUM&b5%Hobygwt$2T%~pzHESV?6t+;t@)sdu3OJ!2P77-(m{MDI_rF^0B3B}4>Zxz9Lvmh3>v}5 z`&nUI7uMxp%1XWzlM2Ax)IWd=V@ONQcl>k{f9CwVJKEM_R|gUl5R(dG_A+}wxQ5v3 zL|*~{D}%SYGp#Q3Y6L(E@%xNJ$v$AWx!jk3jG1@ zog^2EtXkJmo&2RPa-BcH-L5&1EI^ECT?)k^1Hq0TQI+-K3vnS0y=UbmD}huKi6M1R zQAMYRBSiDQ!!Y(KhZZ&0jP=$=>uAO~F3_acS+o$a_9`O&$R1s`s!4sCYM(9^= zYa%qSPHjc}xsp|Mw2Gu$q3eUz2j0zfoJcyMG6Q;lkmQ;_{*0jKTJbeaU5F1I>uDL) zBeN7;R)?gU;sTQwW~d`}Uo8!ci9sNkXJ;Ljwk%O~+xH$yz=fryElgl?u}ih8B`UiV zvuO=)uA|#!WL-;hJ1(X68+W0ZaLhhn-Y@N=&8EZ=np$4SOG0NGGL<=w@7i<+wSTCi zMkccTBed)=QHirET~*Wgkul#m=2ynIc)6K4-lNZ!SAigX zcFUlWVt!JImLR9cxi(A2s7lo!0(*lrwcj3agOjGl2n&pCm`x(3_33IZyu3zj0(SL; ze5^lPhB@>11$-kIW+Nx=x3-MEmAYKtdUW>3pKq|~6KKi6y~ait8VX|m@oQtz&}yiz zE~cLOXX7T6%fz3Hr*`d`{CTSf>{sDbC6OuxDi432$;XpEeEwXFH@s~o757sof+l}Ds8;wu4EYJRJXN<>jCJg%;Z^i+y(k@fk*h>M?ay5Fet$&Z z_`9!7==yi13DAp5n%TO_(0MsiHvsj|De`Cu zQW7obyB@_?PrQB8XSTfZ8gSKK2Uz*+=_efkqTr_-Bz(>)6exkA?tSHFoNWVK>1Xa8 z*GZn+5I~pvR2gQji(BG?kv^+sll)z@8zs~;z);R-l*9pKrn_0d%fLR8dv4goP0cRE zB>U>st3y_tq-h(SVPF517oRY;w6wId#(g_2=yM|C%H}tH*W(g0;0qTlNL%$UXCVhh zCkjm(hejbx>zWjH*^_3LR=fZq7gz1#~s2#%iAr0$KQIsQ%Ki&_(z z-Z2ZC6^)_u(8s$2NS{BNd}uf?qaNRS+W`}YaR zcwJ&k_j(k>2eB6uKK9PNp6xh!?2?X{Y3F_3eSUk7_cAMv4eBe!c#4 z#ZA%_|H+k4@i#wEJ^#}1mjgd1)BTr==c7OQFa8{%0{(Bjar5Uq-cOEcvQPE}(VL`x z|F;32r@?FHObfcb?9uG$y(L3?0avoWWQKhCH2)OW{PmaoWRw0}r@Ia!D&qJT$7gbU zN*1ldSS(Jph}N|sOC!S%Opo%ApDY&o_icu7E@98Z^NrhMHpZcd12R&9T;CrPM-du8 zx1Ka+wjWpuJ$zfwR=xCIS(b;UI9Nxz1JzP zH%;KN>_L`nR?>BMXaS$tbv34XJ8)R=`0{Q~`(VY`i)vJdeh(S90Fzdu$tI51XC14x z){m|#f!!qDYbu>R4%?(8>&M+^<7ESno)Ye~sg&nC9se4cgqm1f`e{xazZu5#9;C+D^m!3r%)c8TIA z|I`&SdPhO8cZOQqFAAAqtk?w%E&v$Z0amQN&MhhtcxU>c^ZIY9qqgGvn@lI}8nm8z zy){w)2CC}^5e$Bo;k)%*hDu1%a!@)^;BY?{oA{8ixVdyrd{_tLv<74t@-Y@Wv8%2Y zJtXiio-tX{aM^i)!+Cztkb4EHu4nYJ;w{+?fI{S&7JtwB*FVST{*1A7TE=4+pOpL=zW-fIv-^>3_+a%+og4ITo6 zzKyt5yK5);$*&%=rxzd2+9U?;&`YZg>c_EY*!2dL3J%qdyfN8dS+~xXIU}kz|3<9}gXYs@I{au;lKwyvuNLsf*Zw0h`TWd* z^r8sgTI*b=U3*LHyED{54%#hK=C|Ja`qaDaiQEM9%hh=fbTo6xwgnu>FsGJ>2eGZ^J#lD+ zv*9hECs(_prNL`ffA>b=s_K0sZjLxEemQt&SDB}dU`I3&RpmYQM9#=)U9>vfIiI-d z!cRIddQrEN>zd8B*!d$j&0cG%e04|Af$I&-hn3@%#CP=pQyKSTZMf6iUmJ$=Xh9iY z@2UvFtj%_Eb|ZTM^lWfG+%2$j_oXqZh3y2JZ&_|i%$d^%7*AMR%=xJP?@dKVS}Gsx z>K7a}+*2I!A@sHc4gowv?F$L9Q1uniN6zP8-N5Egnsbx=H^Gxx70Q+!m^EV0E&#aY zHCtfC_5Qg}FIvEAWR(NHa!}XKP!JMfEHnM}d^MoWig(*9oWqL+*dG#yZzGHgX$Jq? z^WtzBb8ywJP)Ah;6*##pd>?=Q; zj)_n5skS!klUd0t*lQmz10?Byov#3aV8Wt6%kqpaE}Xm_kr8A%FXw9f0sZ!-`QLPt z2h@fAOTJGG`TQdG<^C}Ti|3VlnEVCa8vgKxn*h8=jj#GR(F+$Z%|LBTG5>BcVA>kQoL#4b=jA;1h&{Bku5SJ}@umL6WdB^tl8|sC z!IGJERMqOu4i5a2HXlaF0_5>}(T>2>$${Ni@!cY1rG8!I?p>$3{YzTxzllf44xA1S zrawE5J#-rItwW?0-z7fTbosgM;vEYXFLhh9u`^uf6@KH_hO$QcyU6bru>=_nuU|*U zOd8nhciUe>-;etWZ1ekxoGkjASwB(DIt8qhCv7p0i66#Yefs@Go*r+O`!w3Gv*fO3 zpClhX>5_p0oL*L$}{g}dgy*uHmus=fZb1*(UHF|-2UB))u&0ZU2`7fSpGIYap#Ts zGfj5(f%|v4?R37qe9w1q+*mx#uJ*M7(OT)e{ujqWV6|wAiLRtc;lQsRPg2Jx6O7W2BGK7 z43f)z29_jW2$>3~vS9jNDknPTgy7zm4DcK=`u+V=`se?;B?Aa|g%rj*_M`jA=E-Px z7l@AOOu^EY&9n13E!&Ti-rxW6s<=b-&i`ugNCkOQWPT~9e+cdtP>Pc@n(TjX| zFFR!_0Rf`!mJFuj-807fsA(~eA@A=WxcB{3zoM$uh2b~$Rh3PJIE(}TJ_iWtHt0j? zUqroR<`+?aS=C=0$iH(SkJLF(Lm#o5sFo9Tjob*>C;!UoO3<~ibYn6-RQrNB-pI{U zuKVC{%Y{v){Jt}vd+0j}Fqn@*+!9@_`I9XKJiGc`+#$VELNJ&ZI8dE6apEYk52b%& zVwf=HU;M2|-woFz;k4muhMEOcy+$|J@xu7Wk-rwl-s@tv!QGT@Ro5}L~`yzEMd-4a6`1uung zH99TdfP>RKc|K$jgUwBV1eCvz7Ts{thH^CrK5>OY_CwCnD-EM!l1t}0@a4^b!?zh+ zX|W^Ux|$Ya?XF8>jHZSL%y&Jf(_C07#ea$}_)e{q;?*=2Gn7{|Q1)CYcEmdg1bK8L zzseYwu=KhP7dfn4G#Pjjw$8T5sj>D`!en@C#NGQ0qRt@0D+-Ki*e!IYtuLXr`~W*= z3yn7-?!<-6sSq`w4|k}!k8RV^&_k~1IcEU>fBdC8(51hSc*xX6UY5&6wqI2? zg15TFTOD`kef(%cFhK_2y!TNdp+codcU$8ZabSYysNkVjDUrtLNv{5PhPg8XQl^Z0(k#W_}}Psr#1^Kdq9~$tawud|)AQwg4I9>@E(EEArjm#|8nLYRY~-<0I3|*b zRXmaO6uYgddM`|u%eNU5Y{vFNVTZw(fmug8PG6jx){~zp1~k zcV+)d@*~<$;9C0iy5b9cN9sQ)*oSN}kE36=hjai3`nJ1?aW7ol(XLZo(wiP`h19!} z9x{r}9r<*hWrRVC)Y*QY)U39-*eE~V`T$2p^Vi265}@Z?vBLl1wno?9>-vyiURJwa zzDeowjJ@la?n-i1FR&A;p*%Yt1$%dlOL`!3d!!d)2~_wDD;>Ji5Y39`kn_~?_F`6f#5k>^K2#>PXCv$_G?HmvI+i;zV*F7^ zq*C(4T$#sk50+IK;sew;=DJUEWzmLr5p+M-ao)uH5pz~Gi+MQc$PkF!9y|zla}6bE z1LUQs*?}T4HX(-0y8Xd?)blEZzSLCW0xNzttpned9*Bp6Br-v8OM*lLJpXqJ6|rGr z!6#|=Yl@+=iFDD|_MYX4h$mr@D{V=SHCK*!84Qr~BRa?4oBBV_5QnJGd`OOl4IRbm zY~7xWvOnOMT!e1# z>rVe3>`cXG`Z-#Zi+&Nl!xd8Go!aI~8k<8pPZ0d&1WD6Dz_Zl@+wV{pUyQ`JLk+wG z^k_z~L`=AjdC8BeUT`;|t=fLQ7}v~jNbg`hqAREz7^+$>E0X9sgW#^M#gvEU2no@; za5A-aeQV}lioH3)l5yh)iI<#A@TYb3x14w~tHXktt(2%L3Wzr_EPJ7V)6&5`J(bT^ zGFWLVFcjI4Ig*Zwl;GR6b8TqDRqGI^AiH^St>ui4(q8x072ln#P$^Rw zsV+O-C;R4MvSGAw&M~mNLcsSR@nxH&z((^`tWfIQq@v z+*(qE5k`EgwUg!u^JxGwf9xONigWms4%w)Juep>c8p=LN8q;kmN&lX!36UW(79f;| zW%{288&su&nocg_gPb643dP&jCggJ(l3rc|!m{j9%(sNQzcjl4&CJC`2aIb@b0&V43=UiBWt`+vN4x>P{K|Lfc-V3l@pVz#a(P>cg7&&*X+PUCD+2-WBBS>Mqm_hjjK|+0Cp9 zNontE=c3)tq86?bo@HKvB#DTvN3~#TL8i4F-=PVSR7b4|muL#qO1=<|hs&XSwW_~} zN2udQb8+!hHz(HdsdA^ry*pad4LkG&SG-d=(h2w347wMNqq-Ea)<$4G%xdAIN# z%Sb}SaTRW7gxCpt<)h>8M0f-&RHWUuqo%TtyR-UqV`ZFI25wuuT+GdNvjwh-<79YX zGd@Hnwy>UuXHvuU{oKNu-MC?V8x8rVUfyZOWJQceWG&l)VV3stN(bG60&{B3wl6#e zY4ny~u8eXU;z_@bl3c59vR2WQ%@p9>rbnoRqzxcmiJq?7$%pzF)1$9EYun{($d<+; zctc!GcA>hv{GV*!bc4Kx7WK-;#BwC0UtVqz^38y-8<&YQ`~yu|YtK~+xz*dcG*}Ts zKKHImW*VHu(TZjE77s0^6^GY_4rI2JL(!itWs{s^It-XXl6Fbntv=p*DH<0M=@z=) zB-)&rRCB4^afXIln0tesj?;AoOR!XiZb%p{t}12q)5=jD#0ic;e!6n@Y79b*Uy7skQlw(@+%k5J&Gv`rh4wjbOILH`G4rP`rJXE8b0mOqHrl zIyooo0<7GJCu=xE46I*oY1Jr1Nf6+(GEVxYk%`llxs@j4mV zR8>^uf;$-jI^j`NA;}Yua(CQV=m&4MOP#8!B?}z+WC#%dB;29qa=FxL6XGl&Pco5S zo^Guh?%));Xprf0T08p~+!GJOk&u!wg08fcw36H42PUh@cIWP|u=05e5hV{bSo7-AB8NFQTV z&FgA%W0{x?Sy@OkZD$PN+i=QpX;?utiHhXu!^$D7w$giMI|2_|$mj3#^5o$jjw=eR zyRrP->#^9kVhK^vAJEfvRg7}3ZoKPgpWv_n9{!2~y(VO1#wWb+EZovxR8%1Tuxkvt zK!W}rk5CuMfjqo!fQ!Ry8tZ~9P_7JN;R}|4e^{q+a^70f0sp!O^otZple6NNXu+d;Q7t{JV1jqZEOR{H zi8X~9g%j}(?GZuD{9xyI#4V?8lEe5S`dRuTSIL_o9VP9UN&yI~yyAyDK;|w2GIvhF z++VRj7FsK!pL3Cty^s0FntiSgC!4}Cb|s7uNnM~M`&qa+`5*3Z4+FhGTY(c%=Dn_d z$`!v8W9t5@M@k{iH*Ni~cnB}uqa$+TlPEFi+lHkCFW4Xbnye0JB#L*&J#LE(*_fc| zmLiVIS*fO{S^l5=B<{M~8oXi|3~@%)oz0Tq?1qP8yNji0FL%dp%L6u}LSf}2UZ6V- zl(od!4GE1gkGSkeagfkkpP3Ng^0Hcv_FelSOFt(EpN~Y1@=Un{(M`3N@pd){9}*aW z!Zk`vEcV!Bi99TFM@w0(qe2VU5Td5lt%!G zIsj)W3au-KPd4$O+$7Il)hf+P>2JcJkQ31UCsETLn8fEo?W4z4QcY7r^~31+)JU<0 zIR2S%aK;MYM@zUb<8>1!nIz8ZQ2Hhi z#j*XJZLEpK?_svdk_i zc>8F0*J7@HxB*+>XW01*J?&#{wYvK#Y+=WKuye2>MY#*Eep};n9?VL7eWTz6qnOTzUxKI?&CcjPc5DRBHXpn@D4y`6h_c zX*K1E^nnk})zClcI?SX~7jvO}KPDg*8pYZfXHXmXxaAL0Nx21*C%|UA^@aTDBH=AZ zI69Q^JB{>e-^a9h9p#nCmlDK3j5ju;-6e~Nusp*nSA1Wvgp?(=qZ7Mn#47{#!y%8C z_2hOue2*}WP*}gDpRu=AHsMQaerOKo(SK)Eg0Ny83MM18mfoXJCVKtzn{)%D`6Hfc z{POmNXIum6_sy2OlZ21-D%m)ZxC^VtH2IMvJZLJ$+hQAPjEVsm+#hgLQmG$9i$F+7 zMAdy>x!`~+QMoi0v+06ZMYCOZ?!f@FDuA)+uA@vEMm9LEK^k|S zVk@&v59oAKgtq0c!VGKPlYJD9o?|8420;jetCT7{N|D8UT};K?&N!{pDa<9E?4)Hh zqTcz97n6r2X_wtINOGH4i5>OqQ_FfTw;X7U&I@Rr@Ecf>+ff3*v*uyO2g1pWvo;q2k(Qn0sSHz9yGI>?aKZ|?KG7SJ6}HH z=_~K|GhJAo-K!LNM&e)D!q=u+C|{~i^=Kj#l#uF%D&<$AA(_0KCV2ZUZ-zK`;4fPP zVwr@KDYkpSx~BJ>(SPZd4dP5|2Ce{n$JAU`_al+(VS7#?BK6tJK=5Szg&DtN8)F5Z zMKg$S{yzGT&L-#jU7T^>dk4$~Y|hWIU%IJPus2jO?8+-HSB696l2T$%dFWRHsMQ@5 z8NLj4`U1NKgI z-YBs_1;*N{W6Q#BX^;I^_sk%w1q;aCevHpgD(4OFCCY@FUPJzF;ICpt?(Q1MHmXJQ!BxdshSscZP?rSjo3cvS%{BdXWhxqs?>$2#%+5QmQX z0eci(;@$cpmDkq-#4WGg+9hOSwP8yU(GUlFzKe2 zR;XlPY;rf})UkigR2f)U;NlVC~# z4TBSJLl9u@Alr(l?0)uz@rz#2^GO*P-6jQnq_}1lMLNu7;}u)IT2=Zof~#*r)Rw41 zHU9w3Q)hk%noCu}R(wbkz8SFZZ9ba5zlxn!}7&!gjZ{I5#P{b{J38; zRLacOyAEj1LO(dK5cIvOCtA3H)J;M>kk?e`wxKHCkW>q@6mouMg zm-P-!8|1OjxElRd%-IOZu*yC}!Y2AOAlctf_UH)Z{of@hS0>RtVfcJBgGK9)HTmNHZ}vBD{GfJ=L*=JRo}wFd1PM*MO>$B~kxV z#09z5b=cpEt!uI07KvgxJflYS>)g55&Hf=DlW&z@EIpi>P#(3gL?n^j-hL-0aQ*B( zkz(1vOmAJ02uYFTo0N*)36r21!<$4%LL*DS`AptwbU0DpBRJ{m$bPYhl!{|XFcswylI7HLS?3xd}}4RjM+Fm7Ty`m z&f`wMo!XKV(kWLmF}D+v;B1HWGGr6UjnKo5FG`Rw+}aI(d^bn{4F$uE=v>O{3rKv$ zMU~xa4gWAfBHx7Iv)i^Oe+<_LQ)ll9z`I>)caw5R%D;R%2CJz^e)`etH?We@fyv}$?&2qu(oYaCu%ATm9GX$$YE%*L5FTSW%zXzlMZ-6 zNmUKa2}~b~q!e$V^BST>w;|^w+wZV2&!U&E}^p>Dm2J%PH zYb&hv4I9E2%w%#6&OEJSee4o$hCef zmd^4FZsr&#_>rg*FTvnZ#vL{sUR1^t)p2=*8LWTERS;nBA^Ne12el~F8{`-XZ83HW zTP!@9fOaSsq5I*<9Ebza;t@%vpmW#1k&R^+f9jcdvnaYH!Xm6W1rsLO|GF!iDoH!a z9dgDJ__(5I61z320P1bvAqgR}%@)-`0h39(Pe;8Vx=3_NhVW&_b2TF{Q?>z0G%hzs zQ?R7rsI2ICHKv0d#_B8j2pLonP@5^r0AG@ydqxNbbU`xnD_jU=4nsbH2%(CDsT7{R zZ6u0*=3^fNE$q~F(#|~ywje5gQvuP>7k-MjusF@f5R#E0->TCz)xT5b$d;TJ10EZC zZb}1$IcF%?BgGl9?w&l#pnYxs0_=5(c!POg;-^N3?okIwPRWWP$)4ak_LCvX9l7)e zEPQ-1yOmt7U6TEwmE^z=Rd!M(-af5KEKE1MwVo!zbrWV!bd!d028povJ+FawKZHOV z*sp!}-o`p5#pD(Ix0^!cDFFOw^@Yyyh0gJXIrD|2^o6AKg%9?HdiRCp2s~!-h2{8# zQ2K?t`-Qvvf1f5j3^nwSbam&?&zZ^d`4=WOS7MOzRdq$bt7b|5j&v>-Q`E_fiCUs1 zd+qrw{}_WLieYGUO1^Nwpp4S@SfeMODVuV3jO?#J62MdA4vDUmSEg9O*oFy5hV;gX zL4ZWr;I@W1+5=bj8!lSGjsnc6NiO?LvOESn(Tq3Jvn0A^&(4DT$nbp@=5C>MT`Ey4 zBNZX`vgH;A1zcBG^Z6L%&%5Xc*Mr8Bcp$@tWghBcNwmgYZ3uMASwn+6XP_9F$nPpT zQAD91l*10xrLp}BZ<8C>;xEqQ8`408N0g3rZ0db+lROnTZj$AmA_lS7JdWk-rCh!k zSvsQX$EI93pdWNf8K*I%r-+-0iG|P`*@oFRgTu|wPRfjUaNZ$p7DIlNROGdneTV4H znfYyzxSXzit5jp}z_kHn&t5FR(4T~Q`^p*G&IE;A1d7`$IjZZ(>3a1} z%z_)8TCDP1Fj0OWPt09955V1b!{d^d{`yj`BM}Wq{_!Z=TPH(QskPmQ?(iOJt>>KE zAW;8X#ApK*779H~ZQP(toXqr3vS=)rH}ksXD*pgMFDyl205z(46JR-vy6huL+m-cF9%ODPOp)wzB* zy4Wi~X9O(OL3PXai^1|#p6t&cFHn=50@{N*N_$Gt`@ZH)zvDC~Mf`2bp{3JET8p75 zx*qYh$Z!uiqbDeHyyRR@`%iq@f${?5ds;3-zmT|&y>gT;vRrF8-S4gIh^=~ZT+Er7 zbb%Og_}FYuQBdv3mBVsC!a`DRO#NYEr#vY_n?<247Dw^YlLH!-(~7ECQog5{W z-|a=gLoPbMFcCkR5r}&zw}K_b+#S7p)1h}2Ea`^h@$29CO*aLX6weHGK z=Dy2z=dU=tbXLTg7msfR91r=?(DrPhspsg$GVp|a-i574u|L5LXL3-w`!Uv|H6n@z zAHkf6Db;rrUATG_djfjg4z44svQUPrjFhhv>do#z?9lTemnra3WwC`W7gwbJrgZ!{ yUGFOMgNl0pi}$nrFWzb6%h3KmOW0VG_~OZn?A>*6Cwa%oU;Y>D#t$+U?*l)#Bjr<>aYT?7vyU`}LlK!zqVtn>Oq@2^;KsN{%C8 zMakbu9v$X`Uvp1g7D)~@csHDkU0i(Yc=hpnQ@{B<&fv5A$+T%#cYKq&Y0d9|ZC`$J z_tGy9YaYj3IP~>5pSS<~^NfX)9%qitP8?L>hYCVM2__bV>POEQO$Ty^N=k-sRFr%V zuuBiIEVnP<6V)*HPZn2ZmVC3YqW5%?aSWC zNwS^fWRj_fYDD=;uO-N^GbwwVzEd33u#rS%KG!7hA=+?K^B?*pv3FHOt(F^FlM4u* zO&3)Jtya|o2*h&yoFaZZt2yR+UE(9#a1tmr1cD9uiqEp_6qmWz)_M+1 zw={S2GM7*LX?R5NjH1{)05o+#s$jp(JsL99dMEYX8*BgRW56GH(ccZPZaaf;F5V57 zTI338qU&$u2Fy-*6Xq)({kyMM8n+SzPDl~L-xv3!8aq$nymI^(DPv0Tu&wC8gJruC zcP<`S)XTI!snMLF?rgsmzD-5d%*O+GXIe5E?1R*$xc23tjp7K_DKq5 zBsuFgz;$bf3T|a{HD^$VfV@UbN1@vgV{Ec!$a42=X79KpQS7OX@~2YC#r!FG9u?N6 zWa}HfO=`0+mkgxnNj4snbnFv;cgUe==e{oNozgxX+|~^@S-Cd0)OfID2@nRHk^Bz- zRABRA1BCRl>^s8I<8P$aR=Dk;ZV6DrHFZhNPZ8^@Jc&eYIkooIr<`o4D5bpYHFlTL zeDsR$yZwqsF_y<^+1pNHaLXvz-S=Hr^*L;7*@RZ}y4&;|qcK^1athv8`*R@g5U}px zzP(tRj(4WKjEedk@B26Bizrof2HGJv&lB5KQ1_QgckAA3XJ>1(wj{bD-jow-eP!V- zvd{*)FOqbEJ;qG*cynKn2c7YA{0r9bwbAAd!d($q^I5d~w8oFD?YTy6xo$K*N804e zWE;38-}S9`+79=YZCFobI|CG(Z)GF5sX{DYC3{TF!Wxxhcgbn#^_t@`mRY5~S;LRz z;ee9KJG1h>BQ7Si$;08+mlsV%Nb?Oq$s~(Byi9hcKccbW){RjPK@G`X@APb{Y(wl) z`}i3V-g{#hl-4>{`Y1<$%xSDCuwI-s_V{S?eA&xqd!BvU*ZZP~`sz9-k~B<%C%OK1z%EAn=*MPoHPfVH8bz^D zscy+YsC>G6FMUEtv?gv@q7AiW5Bia`H`mz*47UF3?0vUwF+bSi<;HCa0A~_AvU)qp zzFB~sksfwNo>vhx2r!#hc;9WHL082cD+Qn6jAqSv-SEof9F_=LqSc<4S_N*IVDRE+ zOU5ov+ZIzyyk99rxkG1^!Xy*J?mN39TLm2oqo44Om~v^jh(1;pYinUbmG1C zm6l`M(us?6%C)aTdq<}C-&lKd?T-b_aq`>Yy#2ff_auo^P+Lx8-V#6gG7#Jnmrkr$ z90%a~cs>h~`*3WL7eWML(C;#EyS)Tyj67N5E-!0ZV5FB}JoLTX}q)-fgGIo3| z+vV=|MSk<{totc%iB~;uA+O82@8(h0LcUkZaIGpFXYcr0mT1%Mi~Qooy*um8n771@4@Va@9UeFz_;_^DKryYR z__k8Y5I7YCQR)|qxaD_ee_KqLx_(d#K%bQV?h2fApg(239TiW|FEeoZWf63 znOg=j1H^nMV=EN#SwzM^Nn3vr!&Pq+!wo7BrfT&5czX7kJqPhk0OkwJLpg-IR5J^H zj6%BeP6&F>o}8Em;U)#R;`J*d*UFTR^$;X2Oxsi2Xbsa6O?opITyfJtwzk>^9c@)s zlL~Kg!>d>0EG;Ap-15>=WXn-$wrUMRaeU7-1o}VO96A&> zbx>h5*s&X{Z47MIlgzRT0@>DWGjqqf!J+`0RZ?g*t5w@M{1fk_v7>?_O`q=j{Xl8F zfJA4Kt}jFSCzeqECwVj$(rO5vQ;t3!=fQqSk-McwQ^*hFb4!>^N(i_f9o+?y8ANq0 zPIl$eJnDc!ibMp3*K7O?rWML|=eO!3sB+-x!ZrakW*$n~`Jq-+yFGmaMe zRfuYkfgpXMzUa_-V?{NMrv2rJ!hPC0^w+iGIz6V0tr9O1d_KVT=vRY!#Nc1h)S_Il zs!py7wGbM?OsGIAWm+*q1Pas49*TP>1Lhn>UwP%f#Wj@t?a>83NX1~zNThB1M4mp8 zcEZcG6*eJa`T+2)6xkgu5SR=IrTB=LgzL^z+%45%=|p>mO(lo8s{uyrF>Nj4C?DVx zDHD*5*zOfE_QclM9|*=d^8EVyOu*gjR}AJ0mMdPvjTazyvb4W+NooYbBOK|j@*Szn zUA-n?1ZS!~POBvjU3>r{Lhl-Wa4rcDSh_e?@=21yN8gD(w%f+GHmbQupy|mk7FaQX z_be*lU2%O|)ZI<%j(0(ji5iGY5fYfb9uea&;zs-fMl^@V1DRd8HGAYM#}NQ~E-pLY zpy|W9Ya2C5Is1$l+FRXp%f;q+^IwFrgCps{a3*Xm$e7`&Bc9%fR`_;fZPnAYa{n`_0vK9yisE@0n(_Z(70)!#p;dkdk^t4BllIkZ53@^$_j!oODj zBRYe;yi{8qrDRjW1SGNP@=rMWMiJ{cfr=esCM4rH%mjo=+Z#jL^&8034x_XLz>NEx zo#angt~;pvwicX;cP(~f9ceekTG>jTT{A5J){YZxMvTw~ma3YCpQQ&N^Mkh-w8FX{ zrK(VuYr^}hCtZ>dNUE}6<$)B5u60J@&t8US zi7U;)xmhIDzr3UGN+IhZ&mWDKl%ynBzUiegq!my%sEngb8j9j8LuF@`ezZa{;oz?1 zc>fxj2#ez`AG^hnGN3@5KTcGMG*rS0CafFfKDAq@xQpi`0Aq?pa4}2WU#Uj%4g>^( z(OG<0ZeI;ul&B?16N5WBo~q*%I+HZ?J=Cqq{PQiTe)tKP<8B_+wF^7v?Ks!?T}(uj$ST`F?Kl z>QV|ot`twh1wbhX1^C-*fj$NfIZWS8W0rdO_Uem*e=#u3%Adsgej#D6)YeRDNVK4& z{=P!#*+^c!+*GYUc$@=gB>!15?TNXv6l=HV9TTBs$U3XSJts8u1Ksq z&TE$FkKcV)E06YKl&R86U7R@j3LqbV^*GrBuw>aZQj$?odp5t4s+DSR*W8$)vghXf zW}!S@&)bCts|ZL}Ox)PNSy-qn$B*ddLRDEdb+b|b3UldJMZpDz<)q8Tj-;sTZu&t> z0Xz~~ZAvVVXZSHcTmZ82T@8&{o|d;-V9htwDVZaqpMc7}hYuAUEN z-m=AMBM2OvOr|xcp}o_Ja9#d=Vt zJB)z~<(=1%;cz?XdXHQ=TFN}RlNR_DdER2tnWHzHcdB-ISc<8dROc393dL_*vEE0j zZ+0cjOrYncy{Wtuifp)lT`pbZN~v+GcDD&~s0lj2Ji7!IhiuLgpdyjI1m`+C?V zT0+!4iJyqxgi2^>b$d4He`J=5tP+7JY4lmoBBrJ>`b-QFs}21pd>QK3B^nN^vLAA6xSZ#%hU#{j2Cr=_ z?`-yZgXIpP6_^G;2ngkG$R3{k7Hw_JkWrzs44zP=mzXdIT_&92g>heTHD#?L?RTcf zP6p>+bV$Q}sy6=(*#ldseNmzOyitqb>q%t+u;0W*9z>xENx2{t)0pv6snNz%3YE*g zM0TCW1p@YQ_On2#w~$4u0|W_{T1aVZS{9*sMwft93K~hW!j@2?f|7=`zM5agQhUpw zE?ufCLgy5XPbjeJn10Foe#H7)_aZL(b*dU4R@06(m*%v}ZGE#UaOBm(?vrdAO*3jF zlIOJ|-9PU&tOa{G6XnDfih({KtQA_3_Y1tgWbW zkro+knpfGLhrCwGwLM%2kSAi&$C#g+od|Z#HjIyz)l3jh7T{DFqIqnYZ06hPAfIZeqQ=gA!BC4P& zE?Wxa9Z)FaRB&0A(pbcc#<+y{q9bpJQWVNIu_9XSQ`x6U6`SnV0t9;nf>3074g=3i zssf8meS`v?YjXDTK(M_Gz{g{Np|T7%YGXLM1j=6y|5FRJ*ozkS<4`e*DzhI4r$154 zmq4B5QJxOHEf5P+TgS|Go-87FQF@>%6vvj^yE&9&2{Sy4pj=QV6+xZB29823OcCHn z9t!;$>c8-#K5vSh(Ku3mp_U`@Gss@NX%<-<6FXoE_1+uK8W)=LAdad+ar5*E?*?zb zV4m(3JX#Hp#4{rCEHqRReeXv;&Y*+VDDW-o;71}GG`lz#Dmm_8Z}@PdsVaFc#)=um zrE#|%Q*D!lk5_2k7C**?)bS&|nIXSPLd2dx5KJ^h*-;>MFbZ5Eip3$NIBsQ=HXZ}& zsN#m^z$q*+ZW=8V^m#TjO+>*lchUIdHf66E&icngTuJcEIGK?UY<)w`x0va8g|&?Yr6PG^U+7-}hO`)<{<@x1m zi?qnkQ>M9Ms zlGOkrV1vD4ef>19R>4A71q6nVGe42lFZ|rovsS&i&bXGg%vV7iv_!T0ReC}dVvV9i zy{$c$A5MdCT%)c^epI1|N>vo+DqA1(7&L+(jj`Q-@9acSo(tuGT{Sg+j&a~-svEUe z*%fiL-7n&0<9%vww6=M-vI7fhSO(BUmUG6CVdkVtcFGlmtE9TIth7N&R|q=7Y;`R>Vw<(98$U)H<>Ca z)v88l&LkCZ_3-_7OKkK=mo!b?OQ^t5#6vM%TLD#zv1O-jdAfp(pU5TC9zg>dUSUci zr0I~tK4po(a8LzE9!<-{0ZnWG?mZtdB=r~eX`f3TSyQj@d<4dy51qn z$vYr0VpKUYGV!OLb_5GRDnT~LXhVcieJ6O;?M0WtM&)5PP2niv;7YPKwl z?=jF*E)UBIps-xn$O+TK7}eDNxdE+OHl--ii0Qd2b62`s_9$kNagKWJ<}!532{zxb znw+HAq&b5Ay0hwLqZrsh9Op3IIgUx(-ksW85{LV99aI$v+ZwKySZk%MK}o!;ww6Go zQw*P{YgNiz($c7R>XFSW_SEqGz-^c~AZRF5c7?6!D}{hcrnMM)Vk!PQS5jPW_dRwr ziL*D0nL$Mo#LW-_sKdBd-hcc}mySQDYon=8jH>&=2I`r18KJe%z~=*)XuUPTuEelfkl4=O8=hsZ7REWg zvVR%sF>@stUH(pKnI7SyVs5?-aBe%kmLH=}KRa}TY7&Zd5vp#KQc&K+OPu$ zOq@yFBasx1SIgfPq6q?F_uwMYD}_l~nLrm~`mi2gPNfzhR(LDsB`Hwh7!Z!31u$Vg zAoW5STkiKTLDpO|jSowv{Ey9!9&Hx80;$z9-{J`R)1e%hhSdUPrct}Y6!E?KMIm0Zuj`qZpqA%SASaRk6ET$fnnf7SNrsl;>Z>ntu?TO=`vC-%h6dL|`3DT;Am|4e zTcgj_(=}URaKLWjl|mj1JsoobhwcjD`}dS1DSQfzhY`mEjSH1*If&Cc=Y%Rk7dlb! z?_=9@OFdYn?KkuQ`3D4RMaLC{VhPqCI?mGELPQHrW-y}aoWrCh+=;xu_!+12sqJH# zn&pvYoS`IzSFrZrUtA-8~Ph zl}P0+F`E&y@3fyBCJbp+8?D0IW>n!2o4~$GbKanNW`W_D z7`hgBRZ7+WXlojb$*LZXdIxAQrU`4lFhE-pFZ%M`^btq|P(S28GFVQuY9G}b=gQO| z6@hbP*M5CAc5t)Enf!;Bbmx3XDD zlcnV<3IOK?rap}P0iLJ5btp#*3PZAUXt}DIh#W_S0ubR)iH?U7co=Kk+f0WCwWeL8 zYCMni_!|2=^Yr6w8>73@iJ;_>+Z|O7^_$1@z= z5zLx8Cbv8$L7%FRqV`9@cQ!6Ng<4%$KaG()t+v|pt!iQy;1n3gY_Cbq#RM@?P^fEUqmCJM?;e}F**G#A~K=t z{ECeC4!w1ejHb1S5Z3@c5_^WOUgn`u1_;Wx6H3@_-?vMa(cQ`RbXJJ!hSKM1uw(ru zGevKSdp9spXxp00U*f2a6c#8-6&>n?e+9%W zDBVR5OD5)N8NBLESjKo0kK3Vv820UxeP{1P{$9%zJ>F{ll)&M$h4ANLZd7L%J2)WF z&BBT;P?bhvLL!UQ@#Lh@g`Kj|MkUC|QEYB!cvXQ4aEfQcx0Ymg^4NNU6o->+;jnYf zt`Z|`UODI%j1(^VtPsD(aLds}Wq2Z^z3ZF8i+DD4c5(EGWQ}|m1_0-;MH0R&3nxWAU*#Hq{F=Brj_vmyS znj;FdMWXDir1H~6d-97Iw+MMx_ zYSBtdPueebPXtguGK4tt=k+M+%FX2+hG!zSJ!|~D%GfDZb{S)Qg!~&wTp6Fevr@2@ zY3er(xsMIHe{x8nXH!=3m{P3tsER)z5o?wOCv?&E352Jm^;}Xw?<}#_Mu&Vag=YH8 zQ6SxW_L9DbbDN<*+5G@Nk^oGXeXVGohSOt5JF|L!<hSmPv_jSd;k{y$NSfZJy6W*s*lQBGY@)cqa<_{b*Rg|wln`q9* z;J~*oJx-y?W?je9%};NjS<9&Tji}^w*)yDquAcyuW~LK`_s`igH8Qqm1I}Zpv+78D zl@jWfY|k5_c0^?C(;W$;6)+TX0-TWzs3*}HT@PfaSsks zU4rClV>GqWa+>ltn7$M?XpdbZJQxCff2wnq!j#GFNU~I5O~!jqa7(?e+Bp>%tV95jjr6Wszjw0X;~X3;CWd z6{AyqxIO{QT>^cNP~Z3M|1_0xjw+6`I;y5fBKXS;2NkqvQhG|MpmJ-3?3|KuB_Y3F z6DHvq8M)5iF{Mj)!b9wp296@$r7IuGKig?k?elmQrgsgf-aTPj?TvFaE?tu5pM!K1 z*~0+(8?~m7&?s{um#ip)azDSrLx{!dN1M`RFSNK!&uUl8&ibV3a4M4%K!%w}c4T?H zv#7M!t7k2p(ChSuF0v>3w`81^a5xWDVtj0GTMM!mH$Hm;CC+)1>Zmk;#FJPvT9^{B z^I7>*t7L;g(gL{wCL}9}VG2`^*wq~ZGU%8(yQ$D{3~86dHqwbTylEY5l_e<=ZoAS| z*`@ug9cyEQ73RzY3!zE+5T#mZfEmiew7?=$X);)0(I9xH%(Wxw(_U$DNuvjo!r#S} z1ohp0Nq8Oiu2>8er+Rh1Jm z)Kz0wljzfhL#@W@W1wYODS!a|a?-1%e7<4*e$`0e4cn)&65g%H6J39ec1az@0o|p^ zMZ7G7Ujk*a8c>;&p~liceBsW?>p0=UF{o@k&XH z9Br>ZW9nFB|BfDtni_9UtJ4af&Q{2IzH!2A+)9kkRKNhj=!a<>VoBzs#n)bX65m-aisuKsNQ3% zn*ooh(sC8}Th1*4iGG=zEM67Pe3Zp1^z@tNWlc@m+V;waJ=F=fi0mWCvp7=w&D zQs-9qs^lr7n?OMb6>O-ineFyzogxbd5AW)u$v#&b6RY^46p`Fs5JZhu%;)3KRLzSP zB}hiVmcMJe&<75y{FXN$1WY?jps&(nR9!VtJ3@XOP10nCDRa1L4iXOS`XkBTuy?%WF9gFOOyFVc~n)={a zt@M2L?Jk4~CYx0uz;1}p`>39W*{dISbq{h6J!0;0`a$PfZ*)6CJU3c{zfCOdU2N3uD+wye&rLAZ@flEhRYFv90x;3djh$X(I&s2+ zQLTR7(Tw46h63m^4Zr8oTjqkc@ByOAFgMib2DH|LXTK@gby$i>n!{Tw16RvJsd4l2lP4 zf|@=_?;@fi?LIo?S3NHmil#CZ=IXu<;=_e1F^yrm4v)5|aD3l3y`Cnj)bkqX zJ15{+l^~s{W3S@Z1ax6@N)n2A;o&%ndeL}hnHgy` zY!#fb#LVb3-W1fC`nR?6mfEasBFm4?x%{$sbL+jpr(?Bgm-y>2#DPMdKy_S#eW7Yv zI}r*`)Vk>%vUyUerUE9*R92f=q6;bvTPqabsuo%vybYLP@dL6;Y?<#M8%tL_RRU}* zrWU4`Ejs*mwPS*E87^{#Jo;ld_jpUd$EN#_P4^R}nTd-OAMZwdyuvbZapvO{mbdqt zJ~rKdY`Xv0bpNsG{$tbq$EN#_P4^$0?*Fst{{Oej%J#oVSHjDA z`?W~h0G+g^=oU=g zTRr~B#P}N_GF!BY2rCI}#odW{S?cPTKYRW9V=bf&OT9{NwVs+hb8%GYuVIpN>jZ+s zcjx;~y)ke1XU!M0XKk2y<=Lc1f-kT9I%!++)e{9L_werJO#Suu^}nmw)EFQdC?(Kw zbc^+si6}8?PJ2dai_1kSHa)_`!7A}c6!BSowY%K(3H4b%3Y||wHKYC zBsuDHXZ+sjA)jBpgVsFX5eU^#{%}jxr|H(wif>E-yaB0~aUuXC!9A89n}upM1wSX} zg@4zE>wpB}{v-$RF4nSJGrz)pCJrIKwyKXS-IX?0i*=*Fv|*w8@a(n?5T8^2AR zq_zzw+p!Q+tZKlf5ZjD{7LSFo8rI`_Lpqa3*pHORp8#AO;Ms!pMUu{`5d5`Ms3zCFnEb{=fZ_5KiW>FXOfuY zkes6RaheV$rpy|md(Dv9P^iGUqj9QUozyAe@a8K4F27}LbomCO-{tt`c`M>td@RHg zJK2jChBcCF(Xpy5?}RikVPC5i>Ln#VQI_TJ?lUC@nvh*W2eG8Vl`}sPpfue`;=bab z>hyvTj#XWR2S3}5C1=f=dCNV1{|o2pRpjPV`4_59-}nE+67JJRUfu^ms(8NMI>hPA70!_8}cKP2Wp zI5T{gFfLax4xUo$A2fGx^f$MgDW=V-;(M0DT^!r~SY$i)wD=}kEe|i!nuIF!2 z!=C^;92yHS6&jpip}Nn$*F!t)Qh>B=7<*Wzf1Gc%FR$z{6;9NYk~Kib#yee}jB}qh zffuU0#g@D0!oOb+#A>yq9~eFj1BV+kG8QK00`QYYU+`^mGRM4&=sih;I74yrc?>p% z!25rXbVGjy^G5INQQn>L>^$8<4TjRpLkdqW_Cdy!4Vz20&n?1Otg*JPf#oNM9|O$P z&785p5#oq*j0!n(cHf(O-%D?%J6?O%zw zkNy0~7msxXB!`tjyFNXIDfny1)l%gr4;N~k9KJX^)1mMFmdOv-puckX1J9iH#)9QOC%jmcFG#ak_tPyKx0;8zRFkx)7pl8TW?f$@%_vw9U`g zQWxN6xy|-u=xe|>PfHP3Vl|I4Ys&PyIinlH^aTHHKdGSXvv*;Ppk{m{-)Z8NoS60T_%()P-ts5 zEAo`j$t1l@!B$FslOHAyj zI(9U!pr&Nq-LmMMn!}#71I40$U87S6UQsY?Oa32Bp7jNX=#RbD(X1B^uq|~(e6==+ zhx>spEn=gN1%8-yv;o=V#5;!hG2Ae3Y~*%Ca79cvpA5oiQ{ti6phbq!v~0@dW%+rR zYx3`9!@whuoq{}iw$7t%+5GZu^}07&uf1ebYMDreUZZ(L=$o$7w;i0-VWl=DFVEr2 zOEEL@qCEA0KmP0F&xgmZUoFiywe=uM9*KuFV`)L{^GkbSO`qoHH(giuds!l{nbu*q zH|$V&Tw=tm)&j$j z7Ni8SmSr_2a+I+kWv0IivlTapkHQ4?jVfhNk0yba4UM&vRCcRW`o5>rmoz`mqmn_! z4T$+iCN~%sUjfE*lrc9Lr>%%gP=|t?@Ompz5DvQO2#%a9mS*E;zYWEX}18 zTCSk>>5qw%`v`k&`stI|OLO+N9LV2td9Sdbd68bDmsDD_!?dZB|B8 z2z8U@>UmTMy<2j;n8e?5i8d)3`bW}`p0P||Aakght%wfOLzi5U4azL}?q^UgWBjrXwA?+3Nt`IY9(iA)wU? zWZv-wzL1$K%<@=jN9(WkW#{qM<0}s%bNE+~9{IsV!Iux@^c6K9CsK!^?7>9RdnQ{U z@iHEG$o_VIZgzI`<$)5{#y{uy@YmSikC#G0%O_Q7UP3A?X2}4>TzG19JS)kw0 zi5V0XoS7OOGWV+7JB(ao8N`DulQcEDcfz(~or^`4shI6cDt8w~;>k{z_Z8a-P88lP|h~Q4nQ`l}#(Sx|c`VN^)sW zJ;_l+fx+OWR$SrEhVIn_D^q5I<(CuUNeFR^zl5DvUOg0n6%Fo9wkMC zIMu}+?1Ry}(nOmGbAn-1TtmfT{SvaW-LxdF)zSV(y~!n-Y#5xRvx0|V(#$q><&c*} zTVh+3=<5sYHDj`oy&pDc=bJvGRvTAl{TO_4(ojO~=D8>Mr}YrN;|)H{gw2VkSZAH2 zfV~!H1-LS_ciI;__G)5XVibhE$%vCjP1z8JLH8#Du2L9uL*Pe?4z+G5(cEjDceQDu zpuHOTIt~tM^jQBjRI zb=@9DZxOyL#ABT$t|m9i2NM^3kzbunky#^RM2c?jaumZfE82y1DI0dEJDk!0txUFu z=I!r=LUf#{pE&Ceh;=mfwjq~HTy^x*S}M)={+Cx{W<4qGJ9h+hWU>^}>RKM}+tfNm z)9{1a!I9P0AlwkmZs16>)AGUrR|mLGrAPuYYQtcaOj2x9j3t zt>pFo`ewj!T4~;;lXrJn<95gAtrw@C7uoKLj-@IFc(WQRvBv!_IZI1oz!^6#uPA@> z=OBP&G{^e3kEJ!OGj#aTeEqK+4@QaAbBGLSj;IffPj6L#ZR_c(qbK5UO$Yc_ED91x zd~R|OxP1AKkveaChHm6SXI`8GOL#xN9&y)|E5RtDikcq8+V7i86DJ&&+3h9Fq&_}=u!^Hru?FKl#bhZZZRf7)_^Xu#ck+^fqm;7pj8vQ`W{&{5A_3Gzcyp?+f?Pr zv}3|iOu64l@tr@@6R})YQ-+ zF$TWfm&dcT+Q0Iw>iHQ{YJ7bAtG(uwJsq0oK$^G1DtI2U@vd)P zsoDEAr9pKcbh*3uxa=p%=2m{yD`{%nx>q`1GK9WuL9ch;=pyyN#`4c&?lB25qK>C= zbbcN+E~#Kk&>}nUietd!85{MSruDWc8GuXI=7(Pc!*-a(J!huvk?}E^p4TpP16x;VtTs1^PQ7ON0Je zf9EdmU$Q9`&8e5Ci03EIxP+YCBvu4N^bcACf>yZ^M$feFC(OOc>$}y8;F7**ZpS)8 z2;0KrL)Jr8`N&6H7lUS-m&uxqQ^sm$N8+P&&-wQZd$Vyfzg)>U%VD$NStK z-;>!4W6z}WBVl{n9Fd#wJ z5vL{yuE5z=Y^xZfj1p<_veifG2n_@6FH;+iH2LvM3eGERMK$`~aDL`-IX1U$30<5Y zuZX0xrspf?tLfGIzR2ke(w_%w;=i=G0r1k&1i;Yf$yvU^aK-okYqyZ8jq& z|8tpHqcfm=GsALt$Xm!NYa-|`fiF#Oay<0am^eSbt7lZ*c5Pli2^)p{$-G($ZeC3K zLLu<%K#0A|ZB3^K@DbaSUFf!?j{GBE)-IcrLo3)MU`@$=;YX(!)IXK zH6ebGOR?&@O|#D#)H|6_RDn8Inio7 z&}@>q=_Scxg}SrXs!KOnya51r#Ylv&n5<)VoVZp~Qi4!fn$uTD*mTCF%r|jxVtn=V zWoIlvcQF6CzLnzjswb^lj?YIOH?p4R==WB06R|mA%5`eO4b7yt99s2gUM+I6!1w!k zlb`b`dmsBaz%xWHZ3$QkXU++Y|uFUX;a2URoL&gqfhm^q^GwoaSG`Dp> z$s@OktNHY5+y&oj@m+?FgtblGv-Tv;e!eO9#nQQnx@(ZII&Csjvr9h@a5yVQr8=Jv zKk~(Zu&L*tT{3)w!&PxWSQn2u^uks6w%IL zGGe4fP3E;)la3D8X`Nc2yn;8hwW?LL)YTMTn#LXgC+CbZroY|NscnZ^A#wDX!- zU5DFErZ)qQnLh^y{gT_QtKQK0yT@C@Ahte7>DU$%?tWZltGJ zew=Djr8X)K>E^0E+{8nE9U+%pso&|$Dpme~?BFq4ulJxwx5yQoQo64ot=Y6f)-|B&Vly6>Zb5ToER%V zfB19__2khr2K%E*luUw0F*BAPuaHuHRgZQ|?qKvFa800rARW^he{x5+7FQF8>ag9k z?Pj252)^!qG_I+%n=tH$QCE=j4*{%Y5r`=rP+L}9jQ?RVqx=w+p=xd)nVOMDEy?mD zJe0;82e$c=YYHuzemtcbCK<52Bt9-d0sBU3wMfyZ4)zKvZDjx{XVN8)fL@HUEjJ;q z#KIN%)a5e$z&rql5f4SWWFf97y^%Sx;^V6`iC0$IY5@afTsm3%oI|wvmL(73o=rEd0GRv8o z`+t9a;!;l48k-<60@}EZp6O;A;zOf%^8Q)T-*o@>?~?}Y|AKhu&>KF{mh09d9ok^e zIsOB?KjuU-XjPU!Jh@hNxRjvzt3c7r&OG%&_+I}qlcMhdH$yX;xQ~r~*I<^(kRCUCmu%RK=;na8zo%RlX zTyZ|Rc{HST&M9jjnQK;Z$DUKI*b>A&k45>D9L6zlM z5cRHecrsqR*!E8GqVqW}-dMnT>99xE^zW0_`?)V%sD9e_Xi`7j+TY-&mG7sK9iE&i z&VP?xD->lHF4TTu=oP`O@+u@}3}b-`w>rEwQsescbwQpus5?`F>2x5Vi(SZc%l zR|3P;QsA2y(?z!jBk#}WCz;q{?6c7d~{wYV4h8*!rra=h`uCl{V+URaEqUDr!s+n0y&T(wW>W z^JO^ce>oYH9u$2Gb^C{o+5bKzvVSvb|DXTo>lcQhEKgh5rcFH?YbUG{Y2-ZEqAf=M zwG_APd8@viITKUYJoZ=0xpIMH;O0%6VAyrmziF!H{V+~*(cot7(Nir|f4JHIPfyN2 zBF7T_9FBp<%aB=*X7m9^ZF;V`+whJG-&mlRST>ki6?+J&!zyDouYQKbDrMiQf zAG&GNLES<3BKxFI0=}EVr3_0-245)g+>ZH zB5%a;RK`NYKD$=l|EFfwwAWGN>gTxIzU{;O2kEiqNw1gGMx?h++Q0mtqS#vD)9UlQ z(|cylOl?OMjMMzL`!^3a>uKzxst=KQw zD03*Vb8?WCH!;h1)aDUZ`Xq#$4I8CQ_% zq6z-s>OLrnNjt|yq47Z6va93Jf)DcgHVkZ{vq*#@kSi*r}GPIV(SOI4JhRQM9Gi$$@!I|3NMf+c&k(E0gF@ zaiiMvL+WL33As>P*gQJ<39X0l!Q%k1^DgXio|{9$64eLK-RtEG7d}3^&f;)v1qS}1 z(=rKS7g1>Lfa57>o#}(e@}ym1isuA@9Xhv5GCrgUPeSaPAQ)#w*#B9q7`Lr4>W1EV z|43@W+MbGyHO`zlb0EMj+lil5?m=K?QxVwM&9yY=gME9!h8o*I`)KH6mow=$t*1>~ zI^gN<_6%e3w58YvU#QLu$~NNoT|e4o|JR7@(LAb6LozpnJb#f+(nu|OJ7l%o?PpYN zRqc7|()&QmkM@R6u%S8&DCVq9|QNq(+2L41om8 zfQ2H0AT5zWhzJ3sBm@Ykh?D@KNq__*LJ}Z`NJ0o9BzZ47<2Zh2e(U|?ecoq1>-n-+ zDCDkt_t|HkefHj;&pwygMGL(erp-0gw*XA&+gC@(h$YxQ^Judv#=t*keDIiuA~69h z*OY(g0I^E6?C%`4@V-<(QtVdIGTGA8Rq3B|%dM+~+uza?hjlB3P44SQ&?GLrGJGdS zmF!u}>Y_PNoUL*NmCr@=y@0KMd&+6f4t;4S>oH2qkOial)akBgD)f*(9ESImOBo|r zP}nXk>79yUfwn2M8XxAfe2<~2b*kMcqCju1qoCi|-+`m_n}2T}QFw?dNa_GcMk5Qq z-S}yj#r5f&<+`{zFAk}zcsksq=2)IUST5V6EA0$x^3*-JWudW3$~3P2~;Kj4))R;6ZVOq(Kn4VOmnv@uX#)m0ux!XI3d6E0!Bo>>5cm2@C zXaU%ONintkdfn}K7h@3@C1+9O4YkbD5_mqGQ4&an(Vd(zGadQkp_a`-d80}hqkerc zHIo$ceC+Ae{ua0zBh5Dfx~bQXo}W(QRJX`AX!OLML=s6Jn^sd^HEr!37)GMxv<3Ni zvOQ=#uCzUd9p_p`Ku=Pj$uvVxvPn@T;;(gqOX{7l-gE%3ai_Pka5<9AIY@0{EXX0i zX<$)en+5cCeKrQ)Txz?sV^Ywr5T-aSI%sEwkRD=mO~gTbb38eXSYoH!=PWe_soK5w zKrf9DwAWtgNEK_C!|@Mk1`8d82aO7ddF7_Ww5B$yub_0n15%g|yO7|k$K7yUK;Uf0 zx&ubxSi$wh5ufJ=7aYiDw);VelOetB`DBvoE4P49f#Pj=`HE3V1knJ17Q}dhH(IZNGk9w$pw!f?d9nI!D|a{utucK)vQ4 zZiJ;yY~1IsOo~c5Haa=x=AAdpJfYN(I2nJ8^hW5T=3%)tGa^z;c$0ZBgqS^og}O`c zKR;VE$CDiAT9L)|RZF#KUXdwCq4_tk z^i`(bR;D+>!6;vg>IBiErt!{ZHaHdAYYW}y7xb~b3+~UT7!*|jlVuV_DHGNQZ{C?JkhAEZ^0`k~FbHRd{CUk;zHXArvo173yf7*dZf8>w-@A9-z2=$WFp@ zq5ac35G~q)?n&QNFgu49-@KB0sYK{2>FkP&o-clfnVv|2+7mFRygbQdx2uD1CUwqJ z(Nrg$c=2-ubegBz`-8EULCDW>em*|upqZSxT1OF6pOmR3Y&Z) zder?bUdAOAYVC5v=cz zE@wb(g;PFt+9EB64l&Jvf^V8uCOC44z9dSS@{exAXS(6qtu&{F1?J6)T1g8Ey(d$U zcn7bUdbr&rx~k(Go1>+@>E0yr{Vo)LC)*ofoqi}1y-Vu4cZN-dQrwsvLMKp!q6U8E zUbOe^!}f-EK3={SvHTbD^R%>ne=fWk-doNw0`T%gpPdbZskDmVP`gpd=2%K%Ig}Jp zc-ryWn7f6kCW6|U*mi*CKM~Rx@r301*wPvv%ISE(Z!kg#n6FIBn=?6t>@j;@uVHzW z5u}REFZ--o9aK5W_T_E(ApG3i(cX2IT`^%BRsihS-z+&>*q(y)e^y3qI=iq?;JH1y zJWpj2r7|`f(`Lk}>{;`u&ZQ(RvG@6-=y^T5tqY_Ap*{cPPGY}Z7M?*wfzc65SOhs{;&Z#*P47o9^1!fDoN)qlmkck=cY56XL6!UOhV}Lm@`|7f*GtV4jmiLp=6#D6SKDSSn{X?W|%32=0v-R4n#NV~V z@1Bxa_lzI~1DPyGeJNmL_Ri#f|Nia5#d{5htAq3Kop6}Czbyb@9vt;607wk_A@L=w z1Yie(7)7^NEQm=fZZk6NvVCP~X%$(J_f@Mp&9brW?5Rv#O2Rm)lZI4SxhC1y~l1 zKUdA{3T^Lt61@>YD`M6gZfb^kij&*oFOH5AJGaNNw^AJm@Cm^MqA6h7#^!ZC7GuY( zd>aCprN~{x%9J1nI~c_YX5}qw;EdECa@V=WgwtXiy<8CG`9khc}8Zg=Oj z_e2gY0URB4HMO|yT7Y8|Xkko#ftzobxwEs55i8R(`MdD{mZ_y}>3Qlmg1zT8s$|5! zzeX#NhyWk!d`xTI)C4-%9d;G16?hmx&_7!uXm9x53#FV&c+>2pSZ`X%H=t^wRV+cu zS=1XvI|u}7sNYapG)vi%lcl!{Dqs^ytV(v(2T$RMDM?hD=<}>mV0tQyC)`*NqmtAH znn;XaZou2d9RW^>_pgZYfkB^_2dHs`t@izK!qQIoXdqgm6H@Jy!#)I#{n3{GH6t`U z#y`29s(X7#NsnKelyVz?^@n+gTJR259kZ;H$MooUooM8Hs6oZC%R^asa(AXieD9-n z^u1!~@e9xw^_tA9{Ke;pT3Y5UJs!YOGg!9(%b5K8O~VeIW{=wrF?8!&|Z*JFJ;E$1vnO%56%QB%-53^2U*t$kIB=fCR5?*iIyhGKC2tu zR1FL4|6INQntH+_IyLTjV}{}&F%5ILMu$zk>gzEEqsy;R-Q0@Je9`>}z0Br)>RHx` zcznt-wV&lHX+!hRVO60UyU($k=g1vwtiVN4ZAfZoM0)S%ILpn5cRYFeb6+he19B zDXFADc=Du{aD!S8E3>W?&Fe1@;gG$rkv-7UP8-7%@tvZJJnVoO@3$sBs(=JU8ULPr z_Zu6Qp_lJ5KN!+}3UmOgw`}NHi0?;|{!_<=74`tvjFPn=+hX1)q9Y0F)qs6`)%y6M zFcqzBn@U40SHT@S;UR2YXNC-~=j7n^x;~=7NvST&EYgUCE1*tw z$ZQDAc0-kc?&+BTMCsFyF3HlP|~~wkt4V!IBby*GhR@7AAZPfMXMsh1Fr5>ZH6(ft=t@^Gb^;d@$0ZxL;Vi-Dyg>X_|%2kh9B zqTaFtUL`Li6WKhH&+44z*5azXy3#6hLD@t;7EkXF<=*6~GJMdU4c@_$y&jz2#CXBP zMrVIVVl$Da1vMq&xTxa$9tiDD&NlEuyzqm-9xKYnkwo;MWx!f4qV5kGA)T=&OD)b%|oLvbn>AuNYC(c>div8RIK7XQQ|9tBVxH4?#&L& z@!}*pPwSg9)I8O?&rujzZY5WXEwyRp#~Mxm`;EfM<44XD8>o{hyARUh9VS_QiGf^r zUxk(6BnaWzyoMC!W$16|1K5Nxq{nzt+)qP{Hpg{_-y__ZgJKx-l0ZudB~S`h32Ml98piS3g`u-S z=)aeZM5n#qccU-0wM%TXGCl8nq5(JAAvTl7`+^X z=)*_#D;@QU$@8_K$?(p^6*Pq~UXF%69@_u716UIzRsx<|nvp4m^)a@QJv?dY5VmIz znqEx3+1j2+^Um|&G-XF}r%KHpa_{RTB?>jzrBL1>UucAU(2q3*2;b{vE1N6d%m2kOJpGoX}VTmOwVcI1QFjK~C6#K75LG}aBJ6zw6q5a2V zbPrX&i%MB*mMl!`cdh6xZR2Ox@w1pvQE@tk`;)#GOK+^<{nzwK`StwY-U zQTYB|==)dg|FM|^7!%N(|;9TEjnWF z-8%vPE0_LYO zKi_{_8^3lI|6gqt-yF^Vwx4n^B3J;U1u`NX=e6jrJNV)C&iR*SmUhk!Zi+d$_T!N= zuQ&7DE=QK<;T|Pjcv$X{QFS*cFL$fwqxrAGH)}n>7Y-y?E!JIhW=_$C(dd|g=kX;0 zcJoh$YxtReE}k^x&>1prsi=n%hGwI~CZ|Kge|hX)U7e0WldA0g@Uj2H(94P;)soMG zZa(0U`~im)GTY~S5a4MI&r-u~0kjJm&{5v112jJ-!U;2m>60v>1ze&!B%r@aDzJER71hgJg2 zi9$z!_hCBQ+nx+CxF%*fRfhpy1{dfn9-i$hCRfsad1ej}z~%!K3Ll_@{V)X}`dnfG zv?x=67PWb{gT3Pa29cT77xgSF9LN;S!sX}-KPh{!ob=MOmuZIt-GY9}`&s8=-UZ8! zeN?_+vCkd%wLhtzj4JR-2_hz9AeT3phyF4;jqt zQhhyFb=RLu_J-TtKTvoe;A&j-C(Nzz`pK$4@ezgaJ=^{SrWF(}nhk$n_4!SX$G|Ao zdNgu;kFSiM1UxDxKy)`lXe4KEp30&BiVb|DGu1 zeYgQdj%!yUsT{#el5DDvSIg1+j0%F86o8S_lNZ&&((M%c-eEM+*4e2Nq0cTz!}9lb zBA&z1@!mHR&8V^lZngHloKW>T-bX%9T!C*=N^+rHugU~f3U#b86n%!YH-%lqbVKt( z(>gE1_1o)d4?4OG z2(pR?Z*nXmyd%8DUHYJ#((#U1zTu|cW_Fg6__5@YR^aA>#nK`8r^>A8Sj4dmjH|mW zYwU@C6>QNK!s_Q6(Q)r(rW3^h>iqGc5&J|6uO|rRo8)FkSrx1^?Swkn!TTMn&V;|@ zOC8b8Dp#YZ<@0ay{oBr@S}d<8N7#7H^s*&B#{H=Hz`mK_9;-B}>5^~aFArWWEtzY= zHd?poNCt#&LWnco2z#`d=loT-j0>Nyk}MXEJEn1lqj3T6`*%DKyvUTH89NEGMH@Q1$Xj_|efO)Uf*qXlSs$gRmFFD1|QaPdKbD(uf%3 zmz4U4W5p!IhSEIMPM^~EFx!Mc2+Pp}XLJK2au)O2LN`sTE%+*5cypQeF!pKG%s8O6 zdcpAy#m3DB6^_x(hq3jU^M~Yh z$S20*{+f)|xLG5t=j>5^CT4?Q(%YWi*?f%c>EUO$7H=H2cmIrFyn|p579~)@JJWOZ zG3>a-5%MZqUq#R|)mQqG$82>Yzes7?g0qSPsU=POvaTMNiN^#^RgzG(W!&X>VQARk?{H}iKJx6ve)u*g zY|$7CUtKs8cAzJSh>7K>gN$+VKAu+Jyk=hN4Mvp6g(dT@XZ!}27l%5Mi7kRP+F{@< zZ(EV)nBDt8Ez4ZK5M7b2E$OpG*Sc)V(5RIh(6$HOgqlkHfX;&cm9)hg$-##~7h7 zQO7inncs9U&t+P@(LN0<%AJ}8+pPA)yoqjrq$UJSg{lNKaI`hjlcMq6hAH-+_nHQj zSegBLkLwWWYf-h1ZRGI~cn@5&F#Ybv2t^rF(ArB;dAXZb&t|hx<4H1ZWj=jW+$`BI zg6DpS+i8Z;Zy|5lkkI0MUFXfyhT?XQabi9D_YYr%=*%f0(NIMSnDZU+0vVCZy_;;n^oN?3uaaMp4xO&W4!piR9{nF zPIR;1RyhQ>qk;%5(wEiLgGlpzfFj57V^}7KA+uUSZgIl)zCV(s!#LocZ>~pLc+M31 znKsm2ys?|u6M2wF4C$=Qc0b((W8I|oq1e1XRwM9!-QSQJx6;iFum?ikxYwLe2ABn( zCfzd?TLHs11`GIpcKz7ih?chXaHI+NK*(RB!mC6P*7E zeZB7?&ihO+)QDoAF39RTwBb?g4sb3rlnG7fG9r}LG6mD@u3)cdUXBUH!>%flkHRJv zpyCRIepMZ&`;(Cx2CJBZV8Z7i`h;Roa3x&UC3wtkplyIXM>;1utBvrbWzuH#ZPpnHMDl;aV?xxzX=68Bzyu}ZT|Wxn!SEo z-jExFJ3gTKxUmv8=V{kC+87I0g->5aovRCULJ`$DMs~NJO{omIKc}nLOuXNDQrz9b z4dysSrB5;)VzMbw$2-qW9w?~5`=8D#t`fq`Z9x$?qi_gP8fL&iJsmj)Em~p0DUe)j zsTqK$fhZlk9I=o9yl4$0sk-M9Wpgh(t)gf}jjZ(cLHFBAZ9`M*6HWVbcb#5q1}bMt z&&RlW_7ve@RR4*-AeP}i{y4e8F>E?axx(s?5f!9?Oo^U-)( z@M&|m>K3lMNi37WVdKJ*Io-|dZ5YZYJX;rn`3&h!vhi?j-vWm1JGIDV#3?yo2)p?W zQHuU-Kd8bwb5gN#Z^J+ZF{rFXpMo^f{uNN2ls`@wW12ub{X(4N`+@W7WNM9~)~jLz ztv>tau+vAXH(af!?USn}L7O|uV_^L8B=0yLv8bvcxc619#KoVq>CI!J#M56Jl#Hw{ zVG${<5OmkHRf=S+Nn~s2Z20Aztm3n^tg>E$#$t4OdGGlhuJ)+drsSwD{f<#V-}G3$ zB#L2HVulN7l4RlG!ijQ6gZ<3W2>J!q-we!1xJU!4nXTZ?sz*bAbnWE9csO3^1c#ySF9-k zWuZaN_u28~@v)Tnz|t{nK%NkpvX^EM(N!8Has^$)A@qDT(Ucj|rEI2@BIx9$pVUJ5 z8<+>GVpX5UiA*72O=vJ*H9oc?5b10dRs|!a`?`-MKf$HZR3@VNGjOACx(eWcj)7~R z7YnB3bWGG}>xRIADVVx?{^B+7VyLt3tzA%L(P8HjUn#R$$Y~XuF0MLFyUJ(@@L`X5 z+c}wAFL8O2=uV8*qwXab9W~1pfD5V{sar9Wt(f9a5Z{PD(IC6aNl$|Q25K=3cv(=E zKLR4tS|sW7mU-JLGU;YSWDUqv4G6bnx@SBsz=CxJ&WhVh^PzE6bu3dzsB+KV)?FDo zj4h2dtX#`(VDECSxiTU%cK4sz(|couzS*S)s;i^%-NPD^0|IM*xcDZBPrROZ<11l6jLxTGt-Y7?iojOP)UfZxam-JZ~kY2>Bd*u<bT6fDJ$X6vK@ zS*S4lzK&rhQ@2uh&3w@@o5kNHm-AX7ilR=dHkA|g11Sd?=jyIp7puF;T5=4RmKNV(w9f4GJ$^YQuyS96q%iw~YqM%ME>7zuU_b`JRsujX zmEiFZwxq07YP-WDFm?0M?&~>E*pm_)4hV10l`FfU_@++?aj`DDo*y9i!liz_?bEqg z9Q(aEFweDW!LLs8;SC+-)V&yy?@5qsAS5A75$Yek@y&~^>YNmtSUqi8x#F+=Nq)nu z8DdM_CPF-wlpS4V9Ld&`o_Ee%&bT;Ip~FL@1+}DbFy>o#*QKzDzIA8DCek7fU#wE| z9;+rIw(Vvc?2E@1`^s$Qhi|TWO)N+0V3o$9eh(;LCW zc;mTbR8kA2mp{=xCk+TIG_R!D^!9pQa6)~)3k_V7BnHl>X*)P7zWHj#zb**vgkMjw z$Ymb>kXAVs+HZFXd($w&(Mn@7|*tTq?o z6y)h#ta5LY-BiQ#tiU9;pkM}z@+gP;;}r zqRW(wci5{+{X)i$H>ozkd$K%nRt);BO~wadnlj=U$k_bm4w$^>{CP1|_zg=%lK zx8ag%%cJXDDwtxE_0tV?r2%Tbt_G|@3UxWPdR6a3e~%sL%*xpDX{IMmikZ=+#xIXR zwu9b>)sqR6z9S$5Anu|Ui4nPhmel-Qw<4cyul0zEki=tP9PGjvjtJjKp^-v^)zFdS zRZQM36H_buZCue%?;67|0b|ocM)s4$P#_b6L~yk_Z@m|UZFKYS?{lB@43U?zbIk-G zqEtLoK0=%Sw}M!ba3$sAa~=KQ@NC6e`u(TI3Yr}lx+@Udg0c^vQ!HPm_1W1eSnbtj z2&FEO(tP#ZJ(Jz$nXr<(%NqTeY0KDd88t!A;XV+s*DshxcVawzco=kj&%(8hm2g!z zb#n>4v)uXZm2F}>!rS?P;x3yxnWL-9z|n0dHK-=e9fQ)R^OnGe9ygFS;O)^AmFWf% zTru@s%T$L+%`4J|-#nX1kEyiY$%X;+MpgI9^?YJ1$J3OZ2}4{G84Q29ipaoZh1DNP zm|C{Bj_ng5%`>@7P66ARQma#JT5SoLwo@JQw~lMXeA0o4NKn z^J|g+slzjX4hN^Z?OYz&EcD`rYo*_dzkF(RbCYT`QDCHPj6NjINp%sYLe)`?ULh(O z+hD7Y?o7{et7e3Xym4-kR3Gj)8@Br%_`@2h_AbMiGr^yU!G_>-_G(K!dXVZ2b0vrkm}@O9k{r%iQ!sqTUP z1xbg}2*LdxRtSH`42;d|-&LpsbW7Ck8y-t3#}Wyo5+84b;TL`4*Z|UKL4uj6!&A%> zbpf>nQ3!IK*F)O%Fl>TUIiJzQ&*b#cBLf-f;xh9&q#`--`tvU?RgkLQ7YGYJl46R* zc^iC|j3@8v5WMPye=@RXj5CYbkj#tjZ3GQT?~yU~D8I337BnV1ok(~9lN5fcxIQUirB!lk-RwnvRZhWW z7!8qsCR6y185x)czL>f46o?ux7{5Yn2tGG6mS#K_D&-Uz<`o5~*NIs}gDJVG#}r1I z482MnG@WE(waC+&Y)OpB`9MzG(#(~wAk&BD{8-a|>t@=i)4jw!L9xojS#PBKA=lu+ z(cEqL09|&>d-`~4(*2GHT_F%$l+^*{ERBHEikTqYM8s;N$D7hq1Jwl{%CFM#|pj2aeZLo3h5vJJq|I%07)JeMz^^Gko9P2r3=x`CaIv zh4=SOhgVVhQ1OGI2TAM15)i~)J^`KkBL;Do98&LoW4KZ~{a#(ys7mxHbI)Y#{B038 zj*oO&s)lC87dBbb3Qu!^V+K#Ar}*_cXb!FXOzi3Rqty(X)W|>~6TLY)6P@Q4e$MQm zz?Y}TN200(W-8K*m=ot|J3Y=B)p3X$jZUq|tVqjNSDhRjp<%_NmA<4YWt{P@y0b>m zSeikg-3p1|Q|M4_QN}i85k_AQD#o}|d}{`<-inf&mDkj}0x>{;5d8eZ(CVR)ToF5< z>OK4AXA8yEzY3j<(`l)$_a%>bPl~FA%F+gb2rMs<4f-mw1vfDG0#sPy^$K5a-2&gr z7X1#sA&yU^P`obGgw_-X6ju!(KHlV|$FRFU`FnSv#-?MidS+FI#WFoXg6poj^95&T ztTs$)r+1W0;U6u?ZcJy59qABO&|ns53v>bCV!1!JB0nr25H3NtX?@ppE>Lnx;TccN2? z&zjLp_bm%=58wF-m->nlP{|d2gD2Fng~yf|shDq8mO7kI*56wN54@UU6mnARu0nh+ z)TU@0yeR|Q%6N$?7IvMONc3Gs+bU1Q};RZOn^7+A>1gUqladqK2F(|y$n|uVUqw! zbAJH3zQHD>N*Zq4z|a?q>pPa6y?q!i_P(Lg>^{+9iL+r5%g=OZF}>3P_TAk#W}?~{ z)TkDja_=m1`h&$kirL@K-M7HCk)rY&=3TkXj*`Fr^F zPHt=ROjbyTak4qDxBh^~eMM^u$iWq{Y9t#o(LJay*!O&lruv}TTubjKap`7tEyt_O z8x6^V&&@+s!^6p!Uy^|_!G6}(f6<$NKq~(~gre+o?x4PK7&Gly3Iie0q*RMbO_opk z?4fMl|DRaf=f{DC3&KEQGMQ$eI&wPQ-I*eIgLdRA&+i)l5A+rBA+T`m#C^-*$o|Sv z_myQNhg<*&?*2P)TkyLgdg=5#jfrEvPPICV=$82xfIRy1-vHv`$d`8ri@#l@HmW>- z4DwGGN%HQ1LuI+n$mC}bpQGRjjea?NW8re54HM{k{yWq=X15SEv5Dd&pQzx4eJN&B zKxCAp>a@~yhW@yW(h&}=FWn7U82)!8c=BN2m#RCUSBs^ssW;_p&)0{B?4AJK&wq!U z?d=z;9~@RnZCydSFG8Ug_#FEuS+k6$Uf%xaTg}!GF0xi1QMc?+)B?wTD=8=_6weRS zg>KRUr~dhehx1XoT)q}K>CZppE>`gDb+bdR`=hl15OK);3O<{sYhOi;|`p%U&G2YVjFt^f zWT0!~zXXB*|7jR^)IstO+Q9jvBm!!3 zM#^J;dghsu{kQMlNg4$WmiXMH$Y*+hQ$kvb3*=u-mk3q}m(~YvhAg~X*C_A)x~R{{ z7S;c9q(j&8Z{H;x-yQSM%VMjEu?pdwq-ud6Kq2Vm_8Hi!)}OA_g%)s0D?qZYOsYR> zjskTLipm~Q_3cq3ZKmHBpswzcFH%qCR+tw(KLd zTAanVb^=SrB)*~3Gg1g2z6&=W#rIcmz|N>*u=5JH0jrzGovD?ZqqtO%oXwD9!14~T ztZn<<49|k{Cm$)X7}S@g<7#WC=RD)r?fGW?wnz~W3wSM302Z1p2;5&W_wz9slF~7! z`#z*fI`L3!Ay=2;B0%CU|41;G4;~+07~ZH}@CTR2$TX=` z7W;;&`I;Z9;E*)ahXzJ8PaVZ+^M+5g@Z+5feKI`lJpez`H2$aP$yO9WV@21^n8sl+ zTumYW;q=1RTl`egIJqi{FTkQ^GEa6N?ZCGJ^oFN{u^0a!9;Kt%rDl?GC1(Yy7OG%& ziVj=xL(QA_eI6v6T_>ynTr0fouYKD4v*jeDR!rE2} zz^PE}m4Bhh2d}0~{w`Gq&oHdmFJ}&U|>`W#>+CxS~nGFm`^h*Z!;$)c6XN zL9(WP1}4yQ82CJV{XahGOKS!OEK#4)%xtBkY^KmF^@jKp`c*o%*C*@XWJmNoQDG-=}$zP@OhF>3xKq9B5z&WH}I=?`~?r3cSv6aG*kQm&96V?=S zS>^vE_SIoFRW^!(Etw9L^W@stFQ*pIW5Qiimr7@tjA`81QSi8CCBH-s*meI!Wna!@ zVE8a=y*$3YyrNnsbaJ@Qy#|%E{|p+8SDD^*D`WLU4mk;xDBs70Ao+J1g2AHvgdy9RGZ-0<22whX&7h2^U2<(%WW4K_Ul z$hp||2lYoSVs?*pNRC`0eYfhysQZo?>zZw1Y{eC_AmPlZWn~F%zKy6P8}qLF+m=4D znQIn^E<$fu(728EZWVMCNo~99wK==R8e0cV5Y|y(JF`E#s`Oxes@1HQF%saTlZ^-6 zLYAHSFqpIDrOmKr#6!C|*zz$Wh+&dYprX5*Oob+%MSd!=h@Sd`W%OnLtXv-(O^y#^ z?>ez=YvT5wxgOY~vg{>>8h8E5!-1z=5c?#6dK7%%@|t<3uWB!!p*sN>kUAWJgU#%oT~@%?>zb87loGy2urdR) zK`m$7c;`A4Xm{*AYx{I$YAYoD(E5N~S`ofi3N^=kmEoG&N$iFUbnhn*(73?pC1g2k zXx%Xb@l)ST)4RBI%8S~z-$sS^GqSP{Q`$?z)>?j}Nquyg2L4iuGwvC>-02Kum)3r0bR1CeJZEk z4FpuZn3nL!Qnu?A{p(G!CDYc|;6s@PFVCoW?z-*{CDTIxNnGju+)}Mbhf}GkHsES} zD`YWsNB{tbP0se-)u#|Wt&nBTwU;j}cVJ>RBa&MwbV{-5e+Z`o2p4Bd^PhTNVx+b3 z@+jLP19K23^XWSG@W@kQp_NZ?GB&2%IyNV2S_vy}fFSoHnzT1f-{<6kZP%fCbMM|} z;jOcof)8G}vngujfCHWVGFb-rX@#GTw{^SVlig)L!CN+MiTQGC)aTv{yA6$yy$$#i(f1rEfM^mWV_7AjFM;eX0?|K7?r2@(?faHb~O4uif=IuGS(EgOJC7hwjBEh?7mSR!mY0m=+Ph!RUGB9Oa zf4biM&Lw8GakuO;wLc`*94+_{q1R5|fAeG-c8+bgJR@OU&2|8CpB85ZV=UhqGc|Kq ziMhDD4;v>|x7;Ud|KjcC{Y!|yce7HBE^bu-AM!i%ur-|!>O}bsd8N?H)3mf!>WkA} z5NTJ(|JkZx>KT~T3w9kz1AfSxI@os0D&IY`;uN=E*_m~E&zppe>mEqX*eT<(^Qup4 zgVk;3fpJ36)nRPO#)Msxi)M^nlJj_55#coDR_ex657;kMtflahgIovTiV*rZedzUh zs9#uM^{C-qd6dLpy-LXNA3^<}>ldIeX)dsCyk`ubc6fLseJcK3prc`$5-R_t9%M1@ z-3^P}QnMHE;Z}%uwfCMkDgJ8yAG2eol*~Ezai{H-rW>{`E{y?GP-7}A4u3aIE~u74 zh8~?=foPw>_P2 zt2~a?YqV6Y&0YYt)4Hw?vDbkZ;t!JUrZys2BamG~rfXRi#=sE|gI=Fzn zk5D8lqdOSv#QQI|FnH1Adk2Hs3`^}cU;%MJNAj|Gg_yu;~N2^BSU z$3IqPJ!_>vm!U*+_A-DtXs<#^W(36Z}wwa$evpm@U(aJp(PR( z`Nx^zL0{7lEk?)eT@>i(uU=X?Lmf)C{P;C_`}pCT1KT!{2`ybbqi|!>E1Mxtg~H%j zDm0n5K@gz$=jI#U8jG*h_%iP`RQzXnv$xv4slyPsL-%aFHt#67w=3l}a6Vnl_XtJo z=!$N+)w<$!)eDq@>dNUheCK?m!cAM*&0oIJt;xJiKRx5g>@ys{hfsT~VLv@%-Rv`h znSVxPMKk>eAne0`MkkA;9!b~d0*7ra{2p2{gJa=F3jt>*`CT?A;4q-Xt4dRIK34tk z4Af80$eMkIsNt`1s9yd1IQF#x<0$j}VH{ijK90$kslY8(y!q=Ejz8X_J_Cc2-C;;J zN9yWwt7f0JqV}&#frj|Mv<6(tkT?5E=@{9dI_hc7#*`o`UCfGm`M1waN>#N(0qyjK|J--9O8#-&>vfliGHCRhw28Jn3s;h?=dn{=JE#J$2S<7X6^@pdYk- zSW%iFKZ{`x{7lYw{2sF|lICH5BLDvtC*4JMS^vb;rvlvNKaHBR>!(ft4zMAAp3N5K zWMG6pR2pYH4f?(ZtKqGbke}KD#*F?lLU+?2%AB)p2f^PX^UV{*=%3meDq{XxL$;8g zdJz6Q%zp0w>)HJ33B&(%gkOIHe20QUe$=;+P606bA2{lNy2o#n!*7uo{6Yq%pi)eB zmWc^yq$vR`SPH3r$|fb0L)@GNCAdB8SEX_orl#~EW0w%I9aUY%o2{l@HvJZJ6aZnl z5yKh9A7c}n1M5-D_42ozf@)#(3MbUenCMil>Qn(3&W<+Wh2;P{Xgn5Z*p3B2eo0y; zz=z*7R$2#P>=X6O(%Ww=dO#0NbT{Q(b3EYVpL962unRtJoQ2Muk$$S0b@1Urz9Y#$r(kP7v-%fL+aeVUma)obn_;py>VO-OD;T-cQ_ zpA6noR%VwaPkyL_fR!Pr=^&>%N8l+RQ;u%cQ-S43Rpx>RKt^{FjrY#Em0-+P4zr5& z-e5w3#HmG)2M`tn=YR*)i)VEnPMhr_2;Wl-#D@T*<-;muBbbfc=sC43du5(S;AC~4 zx8h<4>l4o-D)zm?9Qa~=)DUPOkj*6VO@x}&X4|Yxk-_7!w3{+A-% zR<8NBb(T4Qi-Ga0r|)-=Pwa<>tYNDL4ks19PpzI|wzG~NtEHRZ0u#@i=)tUB*C3$m z5 zhjzB5VDq$*Xw=-%&UJ6M))?7=SA6JpT7ylxd`!hfqh&qCr58(J$AmSrnGEtc3xhSv zmt=Mk_eH>TVU=!<@PyQx(J*pG^Z*vWQLvng^9^0ecHD!eR+0>B47I^J7sncsIZhyo zWF6||^|2YP^L1}pO)%=(CeJfQW15Q6L6{P zLJZ_v3^tbZbr~k(?jk=;wC6Bpda`s{e%bM|%fzo|N^p8d!lRn~%xajy?|aqnEO$e@ znC>dsKY!2TLL32R@JSc4^5pmFN+9Y3J-M1&mG5^7qoN{R!+!%jTHPUqv z+qK(D%u7vVZCZFgMiAA~e01ui+nP@y4Xv$dHd90Uue1*oXCeHosz82r4#B3ekqBsL zzyC@NCrpi0C#_>e9XoJF=NcPLyW)v9;1vN}$OOLqNp0MNh*cIWfUQ!o zL&dtwuUFR0&n!H)7^gB%8@I}t72`c77z{GctWhy{SH7*x#0Ukuuj|Ntx_1u89o_z` zH|phvmIms_{g2O?bTKiv9)1E@=2KLg)3HPf^=ZZRUzdejqT^~v{3{iD8`hd{+kGqN zs!9vo&xvA60PNXt!yzM{`&j%`hZhrMkbWn*?EzosLK>b{Mwzv&@Lk{hl>K7q8UZ** zI3{Z3<6@*9yLPTBWi@Ph%EDi}t(58JZWecc&b@-{Hsq%udx_)G4Hg{_E21W>dz((| z!QMEj6AJuqJi=A#bKQ<}>FDJw!)c4NvBEc+X;Og_O?{jCkzL^Zv_?A9KiXS?kM^p<9&x3=*gFX{!SVF&HI$J&Q&0giLXtal8D|KVTOP2Z0= zd;ZkxEdgV(c1ui}epyu1Ws(`^yAgcyLh0MR2kx$BH($BrIwAI~=)gGc?wW7Inq8i5 zat^zVUUYVGYy#(ecAbrRW<#A_6HdqZPGw8sn0;)o5=Gkknrvv1sei%G83HaXecMjd zrm6n+DMB)suHT}1(PUu_U!NMbC`aq_#hyt|x%)f#C#f=Cc(N+u70DoGy~xD`KW!Vd zZ|1_!7VJOlKGc>;9o=~td-(8ZtMigm$8qqkyO$r>v_4xq-|Iem^8#HbAA;(QOT{vx zYc-eM)^38uOudv;wSMxir5l;gdGrK2=AKzpHfD2p$n9NVB1)Un3=KWatBj)_a37(s z_q&Si_IjPYR?#@(H!GLC5_%-=?8{Fww&w)_{r%aPE_{eQ(vAK0{I9TzBk5g6s9EcL zo$$?RJW6#<9Nv!;Kmz%14Z!b`Ictx*u2)~y9L@Y33<@GXVw^`(Es7C0A zCF5&qC@=cx-p$g2H>sI=6ey>v1+1A^U|*s7Hpm;r!j<;Duu3&Wy&g+2N(avicX|N? z#;0)(-y=^4pv1Ih$xe>3%%m;l*>Q)Uee-qn%TE}BePy-I@K=4AL=3l)#q#Dt)*MrX zfopYxKNF-TDXE%HWTKn7Bn{iVcN2l2+uKe)u_fWdK(AaxHNd!0WtLAg~^KX5LTE2pgxJwK6`KlSG=!F<=CEZ{S;&xespF|#Y(y8GKirG&k{(_p7L6Gt$ERw13UMxzkNS* z;jhe@nF_{~2r_VQ8g7E0Dt5G8b~Os*`x&wZ)tWH>*3KbabO5 z=6Pw$m1e!NhZ~OD86RyOMlL1;70AP9@T{sPKzQ4co~ISgMQxPdetTwFNnm%aH4l3r zcqcUojw$M>GD+?SU#MJRFR{V)0pee5{+=Tlnf?`{r!JD-4L`PcW!ln3QDzz^w>+>` zaM93ReP=Fg%hPr{$(a^Ny3<>*P_V|vGvv&9PvTvm$uj{8O&0~T2yJ9c98X|hW= zP-=b?x#9fIj%wK+ZDcQ}TCUx{DYi?=47rP@{9DBJNn8i<#vk1J7b2(jH0j?+;+Kd|d-kLwed z9fO-Ybxq=%(t9m8A z_N@&Q_cCLf?q2?cZ{#0PIM-V(u;3wO@oZjf%(ln~D_Xf{4JfV4w2$2-yPA2X&98bC z^7{uNzDsAlTC!wzq>+yr#mecKsbLQW63Pqo_8%-yWHNjwrE5k{fFZ*FhrRa>YclKB zhq0oF!YD!%1esA05dozO1Ys$weIbR#CT$zc2irg zWm>PhcF*#Xb5%M`Ctq3E^c5_xKe7&%-g+3B1`PV=6^;f2nqeMIkgV@9oMZW&(3o=Y}L=aI!CC~mj?U7dWOcEzU z&GC3oqdTHYNolZfgcn<~uNrrV!|R;G47ciNb(t4=PejRNH|6zF-<5NoA8mfPH+(pS z{5UPv-`oakjYO9Zi=j#n8`$(rwCLPgQakGleVd9|!WsGJs^OKt9c1<1v{}~0EoSlw zRlVC`y~8M2b<2!;j2n%9sX-4zk87p5uwkrr;v?<4^0fd5UZPVJxt0~@>1V}s@<#Q_ zH22Kh=7e;I+-fd~@jKs8uJQ)HZb@<7POzsK$H)8(lU9{@rLCt}TJgXWZwS_f+}bpx zr;)*@%*63FLq*?a-*@E|0wGJ)_c#7Y!hPu zx0L_R8}O|IPcR-8Wz43$M}1AolyXN=)P z$vpRG#R}uA?~n zA1vnIg{&iMStNWFBj0!r_vfa#EZeR`Y7^lOp%sWj^Od4E*v9hG~Al?(yhju=3<(?8xRK*S}v z3t^ra^+Q6Jl4OCCks+YFsq7V4G~K`P1;G^zvT>Erc)K70&H!M@2`;r2oU67BAaP_B z_dOo8B;#x#kU57Jkm^kO3QnoZQM?5xJ#h0cLPch=zScR;GjR)!_S zX?dtGML^vn2SgQWfCObAHlfT0vK(%}Ke^lyYTKg^u>DX3Y(IXL0t2(;Ab;6tXd6U7 z`X`|-^kIM?CofC9i9A2JAil!9 zfx3PmaREJ!UQnc=?l%XQq2J?ARqa{gaZBLl_kb2)+7A&RgX5<9A>Y0r6dDQSGL$TY zbboJ2FRe|iaN~l;clxaH2L^AzL-Q7ZeCaOX;47KHq@Gv&@HEgTz-pO1|f zbpVoQD=&x!eCfB4tof+$2a$#IL+$hVF?GcV{Nm)IG5p)Q^uC!HrvekoQ2xAo1}p5s z+6=zGEz9;0wie;OzZLSEHCBy(e~;auUR`U%`TpkpU(o#fxsm-UwdtqQYPR?LbHw2K zhyqGK42db3ne?q?&E|RzbLI(f@-Ts@7w0+OCs&g&5o?Lk%}wJH#-}qCh^Q0k0hOI((#E7;dE9Oz!OfT z!A(Vd(kx+T-ORe*_ER+)#nagyTImqQ<@C<|a>4A*s8irTYC|)#y{rJ1uUD@+av7C$ z{iNa;JypdXz7f|zv3UbEdxA;vGQvrIS7mo>;oAj(KrBFw69; z@n?N3ifLz(KF}`{yHut~ewA_JAZNl2?YU1|>2yN&3>CM7WjRexu z)Yb+oSg;w{GL1R#VFg|zWhuCpn_lO1udl9$6FrEM*b_w`?{PmR+tIv=`}o|2D1!#s3v|qBmN3&sEb7U#0q)EUv+FKU2;w{f=z$<3}uB zY+d=Q1)8}9b@KkMJ%~4GBQQ*#Qp|aZ_z4S&ZGOi%j#sDN){1s5+ZZwAPtmUegpjY4(Kf;b#{}{-y~9i0E21A=`nz9p73L zSI#C?tRx-#1p4%-d^Peh<9t-)9%;{sr0W{6UKmp1?#^(B7}pVU#7J6~M_w6H!gc4$ zbCQiZ20A&alOcd(4?sfoPCwydZD9JOxLYw;J!{$1xA2ZF;XxzzDjjo0nRNuy1NX~t z&UFWv?K3PoK~B!SV5Djjs)){`gJwTM_QU0#I!-A>z#EU-m-TI4!xeSfy&H9^!k5^8 zk7L+6uc2Y>>)t?%cTMrj``ayHmcSaN{PgF&U4YGLUvlo9rUBgCJY8($bI zZvDx#6$_Nj`gY6JX$Wh5a#D3{${FvxO-*(M*$y^sqs)}WIA+LKPtL`eo@ww&ThAl` zOJ|8@9uJfYc(7wUx2(2(FP@5jK-9xOZE7vA8}Av%xNLE$DQXEDUPC^ZhGAqqwyQ9} z<4$h5%De~7a!AB<91Dc!zyE)0XNZ>#T} z^~Iat?B3ED*BJC0@fg1h$?+M7XFrmVdChbPZZ}KO>TfI*6B*2O3C#1~olWw2Otd^j z42+;%#6BqkJF1Rck-=hj=l_D#f{CiVu=;?BgwO(f=kWFveVL;wM+nYp4EicsNMoT{ z@a^{YVzug6fA|jAei&j0W|opefk_99Vi?=fwIe{S$(_)^tCqa_^f^XGS)U~-hC{oL za1ttcQGM)N%X&e7H%gOOE#q_b54@fBN9c^`xqkGotDaI%07)LvqLH&3q}e7i(D4t% z3OA*g%pzoP;QFxDW|`p@k1{Sw144VkR&5)s2>Ht2>4@UW6Xwct{hmE!m?-RyiRitd zmk((sx-8HvxhKs#gg1kVXoIYx07P*i68W+7Awz>%ppzyWnfRgiyrVIVSBYiVg^?(j zD}_IaP>@Eu_gIU#G|XVAy48|UaNy4tbF1^cuxER;20f2boV$cd-h5|FvORO_v`R^F z5MPa+^9WX-xaI>^@^9GPL7yUmuFAal5NSwknUxoU$%(#Ry0k&zM%sGMS;9%t6*74k z3CA;mu?}(#GYaU?!v;WZ^W(6AQyi$XI;|bN4(RM6hQxw~nZ>GYKRg&dmd(u> zPuyi-ebHRTw(F$qjt9AOvc$mlS~{gkXY#2!uN@+D3{RXTH?A*@i#ZkSiN1|h&sUg; z-4>%b5f=uNSh`gqsQ^^>&Y&47q0fe5wUu z;9WGuNc?B6gn6**!6)UIB)#(=LCYUV<6j0!E>+X87EzC{f7-D}s^f{mO7+A(Cl|Rb zD^B-?02DGs>6CmjJRzfalB9iJR(KFND;8MyxB zpv&n<(xY5TwQP0lD|p)1y@s6J<&J25$EhmdZU`Xa?{|uE)AqqbZOPwL?a>r}ul-tj zI!>arU?6q-(rMp86G?@nmJ;bOA$006jqI~-shR?O$0s${#*+^(>K}d?9^M9_n1ByA z*D5i*Tt!XhT`C6qRqSh$YEO!g;*SzWyZbp4@Ufg{3aeU@TS?w6Lx2Q6d0QQO|Do4! zg>nj*S?8;+C}fIkDJ%!Yyp2_|=6PMlbcVS0xbdQwd|1lVT=I>-dxKi>UIXNL2beEnH|?$WlMe|g*l`B~OnG1l*`H^)ax_c^H!4m7eSvS*zVtNn`RD@hwp z60dS*P-QNtPw8R?=_PW6RF%qY5fZJB^@_ZH&bVKH?&Zs%s&4FIYAqCE=V$-%Q?3Nl z>B8`&V!lEI_`dc;86>9l7Du%~VpO|0c(6?DT9Gz%?~Uwf_Y2MS0ZBsyO8@-8oC~-z zkTy+cdF|KhcyuM?*yQ#V_uE;)WicUzmuP7sj)i0J-IK#h5-qVa?-~AY*8wLng#{vV z-WHHvJ>@wvtuo4LI3nOo$t1AusoPXjgp&wZ*srx86sr81)9=Ku-6a&gp1l}OdF6BV z)8;!`dGyrjhE$$cg8r?co(pD~QG*HzBJ>F=mn_U*HyF;Sj|bh^c~Zn`2x6j>2{L+= zXBGkP(_Xhj##%o9t_t*FQB0SO$dUS~!@!<-i`>BE48NZ~%-NS4Tw@}daHm@rPVBfp z*EoSFoHP_(X3Z&2NA#f$6K-ml2~iJc+V-8jROpAuOU* zEcbk@2WPn!(&NwRD0O|chNL@UtVE&6Q5r++JWPNz1Z$~v+->v&57aJ+Lt~p!&x-iw z9cW`P6CC2>ZT>z2e!o1!DosT(+^AI_db@wz94J5mVGs0f>9!bfzCSxSw>3qC#FO7_78nE>ANWEaB>zGd zy*C&XfY!f8Qz+SU;-|~_x6-?$yToi}J$5U4t1e$Qk$6jMmJU@j;s$#_ci9UYMbU7_&8wC?(ab%E7W(C7UKRQ~sR}ghwl@Jh^KAQf- z6;-7c0c%&2`7}{xPVd+QP7`A`W4Ic3Fax75x-{pKUAy6>L5N_wSFo-YxzYZ9r1EOO``AH_p<+Jz)$(6@qJbi^k78iiS^R-fa-a7Wxv|`2 zr=(Q4huhqyGXK7C?oUjPw|lzosXZ*MmFLz-a^!@%zeWxPsK%=bqNR64+v{Wi+)(J1 zd(E^|1nTg{+x`V+TzL4xF-W=z#N`&aHesnDjJNswz~hy(`3K6L&=k_1q3D4_mhkm| zkImQt2~On9YpD9ahiH-#Ug>*Q`_DYIqL8cl0s)s6LGnZJsjwQax$i=muYAf^W`_KI zS1+Ny55C$Zxruj?ze05vQrl!(qb2@VV`PGW&i_x?PL}G4m>MM126Nv9L2Gz(QPBCR zI8Q94@WQtMpDb~bHx^e~GanUeaO?nTzH&vTTp)leeuXDybV@K-!&FGkn_7rCI}>0O z{2C=3nV;j}`kt(24{ZlH3#RE{^JQh*7lD?cb|UQg`I*Rm_VkPbs=*L)Oh6bgKOc)1 z`U)8xczOU;bpt+n49>&42$cdwu|h%s5(=qithf}sR_Icg0RYm=b_v(cVO45pn``Ih zSSnD&e1PbLUiR;=8A{7`DFrRY(;HOONC4Y@paA~&HJ7tf8jS-|H374huf6t?@t8GC z_m{td=Etn$=DX#B=VpK=7=0;=dS)o?Sa2J^2>?|873@bFXs-yV3FgwIX!Iu*uGMb} zj%94g@A%7*!pE0n>jQG=d>a~jdDno=Uk3piaJi;ARO>2(Yno*z|2n`BAU98AqN)WB zH=No`Km|*JvAfWn1^yvR-LK^Rb*N*6Jy5*Vuy$@xp}!Ri6mv@kS*Nug`K#DQE+q`I zNx(CZq4D%o1Le+NMI)YjaR$1UYz44nn+@OnP|#($`ARTnC{Kk?dRsl}0PDfO20_j~6SMzWK!{-I_WfCRn|T?zG8E|9rDNY;Pet~C&VSg)PX_+G z{-f3iV_}v;qs;_4gj)0gpia2+d&;ZRbg>BGpoqCV?X^PrP2bm&|HO3uiO&6Zg&@Bl zxY`i`x5?G+D{dGsJr29$7S-*ECTbHTOZ!b5VEM`(wc)p&>}-4BN*l4|C1qU6T`@Gp zdbOgjA2n)F6Fi!5oAmXgFn1Uy&q{{eMVz&Lq}_-S$F_a_=$eh#GT^Hxcg1*p{ivWj z7O*rycQT0}l#z_F+jc>`DtZH3N20X<>#zLTxBt!tzwVo|l?+KRj2!LOulx4(R0WH` zMDr2^;Wu^jQS$K~_}5=qG#OuiMKHpzAN@}>_|2nVug%{sBao#iB-EyziK>=E@IR)) zIKZbCR%_8P*+jY8d7Fii2qZwTR>yb-F?Jgse)&iKtrLI9$M3&>o+%9$NBiorJ74}$ zzT?oJ;s7)t`1ST@aT}T>J?e1#Sw#?lyksZJogbS4&&_BrRH6$Nx>I-y$t*qM3o%on z&$%K;==1U~?OYY2<*yrcmnJ*#QA8XE1r5}<5 zxL2P|i+?f;{%6uBrmQkio;CF8ZqI7Yr&CXBXtQ$jfoXoz(zP586oR)z^JDNT?wc() zyQL)-^?>jOyP^>jKI^z$lU4Iw-ucxu0FHs_KFRbBshJ^m#1i|P7&dm2+MTYkD?>3E zKzhit#M*9mAYlJFui}z2Bkq-yOJ9F5Z8}QZ^Km7iHc$|FB{$odRTUt}7%l6hrN&Ap+=Xa5=MgI6buyB;nXP#gtvPM!=;`q~2dnV*d@ zAhtRLu`{8|-3UbL2ki?#XfY=*X8c}n3A(erg_$+n=)X&^?Y`o#SEFH#FCe-oi$~77 zgm$=0Ylpb{evM9v{5PHDwtO9k$eV^X$YaaQ)Z(Q-<7>2wx%YeLRP?g*w0(N>eU3Wh z+Kj&wnvxL6Q0KH?rScyMIzTdT<}3zwX#{rHzQU1lh#l zxA_rHZ!K1#=8jgcvIawig#kv8hfHQROjSOfTSOwAC`DXe*be!3^zeinOP)cGhW z23y!U5xA)nz#Q72M*DI;!9@=@GWW@Z=^at`OPgf+`P$)Gnz9AjlWFrG8eE#DZe&rk zCmZ?GbcR7v4Bfvkx;cxfT7{~d5uN-c&CiQqn12yTF>#`G?MbJWqp7|RO0HaHa)B1H$M-#MtMvYg+9wr!%akr-;Ii|^X(KL8F2uhFG}#y= z{y@=6WOdfSiNtDjb~v(#}1Mx7sXFtDD; z7&Az#wWx-&`siRtm6mecY{N@<4b)?mZ_i{Li8KY^ zNl4K8O^LbjDwWB=@;HryuN%-~@{43NfW z29)-b8=ant#SLSBw&ncxQ4NDx*9%E)t)v8&BZyWsg_a0Id(F;XP8mW3V$kW5T<*5D zR2`scDJ{x#0QZ19ln`>Pt98#l*7Tk&{dkpDCZhuOI(qGAIRX2XAU&>!@#GK3+h#Ra zR6caBD4F7Xr9IAK7jpi&H_6~s3PwV+DanL44XG(jMIvYSRm1s=dyYpO_A<92VO{V_ zbm;4sAAm6YiQwOkq!>uaKIm4UaU0dPH>fsChcl%wT#FfW0l#e5q>CSx97$2prTXGS; zXr$N9w1-|x?uA{rI0Qbd$&62%xS3P6u&OpD{% zK^{q|fMd0|WRIT1=m4Un&NNHGgmr zUK2vreIlf#8Y#T-s#kMs@^!h{0aeC%t_+nELo34p8@N^~;(}iP*D}Ws2sg z=VDwL14Tt}E3K?$#jn{c5>@!wz?+@`i^>A8=iRc)j#grNvZl;hU`++ZMe}wKcAWCE zZ)u4GpLKBw#dm@RP3D>;XrMU zqvRJ{%L@_1&j%X4!}P^oeqKVE8}N%rz5BDcem+BPtOV>HwCC-HVa`@D@v)NqUQV?a zxn7gp9)cHUWYf|$eom>^mAy75rP`7Q@fSb2?m7C?FsH^h*>VIK6SsfWPV41XJIn~p zb`P>Z;>oM&@nd~vCG)PCD6MtqJRq3T%*%SZhML>-qJrlJx{K9l9kA*ik?=?ilkK~-u97om8 z$4!oVOhDvsrlfM3?555Kx=%F1TiE1A#00hcV?g6T1I_Y5JKntgG%~}ymmW{{HA8h7aam3$ z^pYYj*u(9+My9qE0>_?GcuNF#y-|<`=bQ)9D;D;+{TbfvU5~E<+DYW?g3c}eAWTYX z<`0AC6D(Y_i8Ff>2E^>lt7?eehXChgAvJfP(+F%*lkXje2;{zB%Q!zzDI^6v)eE^wMa-zw~rbr*{>*Tc`i{5VDo#@U;wJM84ALX;N;bS%$K;{kvahMsuhkOfn$VhT+0Kzp zEDr*+g0@`W!K9ilNdwKlRsw^GK}fGpfhN-#&8n@*p|3sC_K|1K?U0F=i_>ef$aU?0 zH}{BgKN%<`5Hk7ofYr8~Udv!0SQS6{TyM9!pDfu_{_)_D zfbenikr>6}BXt0iqT5rkMwKL|*9R1f3;e6+$$ZlDFvJ?(3sM7h_ac?Szi-JsMVTV?&Xl$fc2_Q#7}RLHuR75p)2!}ZI!V7UIf7b~vRzmns1l5zKlbmT z3t97cbkg1Yy5M9x#a|Ou_WSjYkfI57s^92Lod}tD3(l^yDuB*BL(^TXGbMpjq30O$ zzC_xG7HK0*{IO|^7xED&fRVzwhM?TISYJGUF4mx@Hdaq&FVpMPKFIn_m;^vuLYA3K zs;m@Uw{-oQ$=nfv{3>dzRm)=cj*-SzE95vHaSE)K2yIG=#`@k5KYe>i%yw3JT;~QX zcvBzeCFD>wKR87a-gjAZ)&1Pn9>aiC#|2kcG9{P(e3%q{AXOrFY8OfId^iP_9`eOZ~1SIDz3og6HYZXRizc8v$1TU9rw^Vz!^-$GQ)X-oG ztPjXz)#_(Dgod2Ev}1W(tV0*iL1?I>0L~`M$yLS9bJzN4bpl&mbh(V4L$>M&iS{e2 z46oZ>MS1`j&6A~NNDF^QiePpE9t?VPqtL9zkofSBb;v%(bhX}`*A>wT=A^{Un=hYG zKv@JlKYM(**_`?$p=2XKnA%>3=cKkiEdx7!*bbI*yz6AnvqCatiHyw-FHQK@@Yi~ z{pv_c)n?wI^PJr^v0+rY$CkPPzd1h#&0x!l61*?QEy!l}+!H48X>xuy$17mAB7GJ2 zML@8CNlJP4<=pU9QJtOW*<$bNRlFA$>c8GNtGU~RA=`AURqVN!R>>_FhWxZT!5&v9 z1r!L&7p^xl2;h41@sZeQwH521p*|^EiwMOx>K#+*WuWShTb-U1Z`_$j22Lq6`rGIW z510mbyu_CV`tiLJ+u^#P?n&;Ttr=DB@$~Bb2S3KSo1a`|J4A-0`M%L{$V{PLxH|P~ zax$zJ1&$odIIbAH!C1+}rMx}B?wNXadw{qS($9?W(h5D*@)D->7R>Z>IPT{zM%6w& z5j{*p_Do0{fv@cOVo0gN%Vmt$ndXF~SJ(q;kw)~9T%;D2fy?lWZ_4YzF07Kxk{)0} zKHh8|n(!<_l-L@CE8ABEdy3eIQpk@n+|T4_gEc9&ks;c8nUs#$ zX&0wLS35r!Zrz596G`1GwzmgQ-hr4lkwYHIpZ5jFgq=IoHS#tvt4zTbm0S0&LN0OWiml-32uo+>rSeDV17r_O(Dk zWq{x$!L_LsWyE(8j0LJi8&cJ}*b3MTTq^hl0V=iL{7Yd;FFs^?J^R|OMQ;}_ye$~z zBdLPt+UfUxhj#oQw?RahLy)=h1_iFr6J! zRzNNO=UZsOPsfw07JmBXE#QOh)q6sK^%W9ZK*YZQpJhd6k)Zgls}0l((d*}zxGn}h z_b9Ji=lJCWeqy~4=ZhiiG6YIK7DB25l=X^>+GX*D4G4T759p5hR|ByTm9D=VX5k8@ z1)j+TYECQ{BdJM}bt~0|GU9D&dCiD9rA)bj-HYSBW*gWiKCywmrkQ=!pb^;gEWq>= z>a{>C^SMq&Xb-@)n?nUcvRC#jDn@w$umkV(;R4-i{c6nWnLxx8;5m9x{#Ac=Fdn|2 z0UFa@VBz@!;|{dnfX7$BfyT(c&$gus++h=DnGoS2P(-!h>xgctTVfRWnax-jZJ)R3FFVnl0J8ldDnxOS#k07$>&uopblfx# z7)_xR$KpHj*DrhEj$pEHz|X17q8Ev<_@Xo=fj@)FbOHfp7ck@(_G4y?JetL+BLb@w zY>ZXCZs7{d@3ra=NsG4B;#8q8YQkYT`n_N=gPy7^I@T9gqx~_FuDxsmVg@nssg{RD zZ8_#y+`a?@lLdO9nLiKVGY2vG(}r*RIg$KJANp!JrTmdg$>pXF3F`S) zF6nrPBbNo{lcScTc5O9hyX4JdN)ktu1qow{TN7dx%nS7G`Qu=2ZvpRP?YvaoJkCDk z>J`y;_!Iq=tibkXz+YekhXvd#xcXO%6;~l3dipTd#>E5E6zPw))!w3}pE&i1*i(w(Iu)@ha?_sv% z5lm5@*RFgObFfbpkz=Z%ud%ZQ1k%>QX-qku*51w1iH?i zrEoDQq15ao_{H7UGHzW3Fr?d$>9-;ajM28@1aLC>Jx+f(Gp-#EpB{MA{$QHrsJdP3 z;n0CJvz2g*hJj`cW3YxpPR_K#(gvryy!}uh-Pq6)t(K*RzT4J5n{WMtJ61XTNNbMX zw)Lor4N3+ZcZ$8KM`3J4(y{_DsJz=wDtX}WGt(KzMHCudyer>mtVNkhKCDH;etA0xP(J8gKnN`w`_nN-@+TytLV~H|FcP)g-agovbVOJ$Nh)8?Z6-Z5s z*>YffcUz5JT|!_%W>_V}^>;Y~){o~Es)!Xt+>Kt>DF71xfg{Bx2Mw%Xy2#^rSC7g7 z@$J0x1RY?1M0-ZRfIOb-ld~|RMs=rld*)0JTO4r?T-t6oOufy~6@wm2xNhiDO>wSr zy?$01$fEgyQ>n$i1tDT~xKm^N48yS z2=|3Cauat!J;oI#v$&EdUYwCNtmcRJ7qC)ZyTlM#1LkS6N(hUivd2vzQB8zmi8m$? zq=}Px!mGWkDwgi_R&$#j{j*Nj4+3ZaIVBTS%M|0k^RVGDvWj<2G#7ETam7Do+Xw`) zNhd+r++3fw9gzYE-}B?FibUk;xa-RJV8!735Fq6#Oxq=$#lTig{;5mQqy&EOnI1W` zDM#K~^dzvieK0fVa}c{d`A#lX1i+~K0W;_lI#IBmvb-bL;y^>myLh{;*pxhN+`_SP z?yOq;-aG}wo1>zehY!R9%2e!i*5d%(6TpyvSEo>2d&P`6l}aEx9@N={1p+{fe%QyV z>CjFmR7%mIA3Wa@B9F8qAmAixOPZo;fY7!TS1k&+p%hk_O&gj#E{m}Oz!4z4cO-5E zl9^G41eKgg(RBX>dbrEpWjAJ5gtuw8?t*Nifk-FlqA9<1*=ZN93xAlSm9Mb!x`k@4 z_ij=NG0X@)}k49#kgm^NCRZwLf zezU!(e4s4{W}d*0Km8bus^4WTO4;q6o4s(5WTJA2oL$x;v+;0UWhl0t2T8bo2Gi-) z@`K7^*9td_wjudq3C0odikT=B@BFIlEL5Z^Kb3cO!|bhuM3X_J#A}l!aV}@gx(l{A zr)gQI)mXXok}p%O8fF?OEZSq1&NFqW$m9@b50{e$Gsmhaql^yYaWB#4BY#D}8f%x*7HdHO+=&6Z{~J!$|H)2UPGb8Jvlsu!GX^}lFYfBO zf(HAKKmVSQ0eDjX_>c>cjenC5`HwUHN0jTo=8XTpIFU*V;1FZCz1ZJ^AOFLT{X_Hf zpX4$UoRfc(yE(vjp5z56o3wI-JPSWI-mq99a_MfW_F3T#I0e;JJC7S(ao%~_zO~B+ z=6B%5>Ln{1EkYwgHynJsMdw54@qxE@)s{9KOCQJHh0N%LU|PF7d_MIAO;mTB#VwQA z*2n8V+dFAa5DO9doLKq=ru^KUb6+Koe)!Dj^CewW^D`mP|N7T3y_Nk{tew2ILZe~2 zYhS#6e?aJwrBXKl9}Dh*PzCr)d|3ge%I3mCNPsZ%^Y3(z(&#UjHY^ioy8zcu7}mbO zBy=cy-BQDJze;xij1^pJ1_DsQ{lHZaZ1kaJs(XFJg+5hvy9;uHfGfOS0J*qb!0i)l zDjJ(Z@8yIE9VhpCNCU^J-~zXmTN!wBhvlL0oOeQZjskaW=uY~6)g$2Y35Hqp%5&#| zyIkG}ly(Diy>Nlsl2zOy;J%9tC_p#)i>2_AjMmCtO~6bNumFn!`ZFE4dxC56a0w_` zca@M&-*|~2u@Jc6^fhQUZtR%U6Z2Ab_xu{X&%NcUCkm5E}|wU`6{M|Iqj}eQ5hSA;!Va zN=;9Nxs`$YzV5;`>#yQ|UkksYUllXre_z>7RrQ3mfxoX){~u_+K#n^`hrk(>RMdPd zl;2y6o<;Bno8>1vSbA^AalGl4!!RUJb9xRs?aaOjoDi$NJ|X<=V*|u^Qy4yr6bt4y z5aepv^Gx!13l3kT4etKQ7zCdG*gqeTrjV5HXMk`;(14`yFl{J=sFv7;EdU1vP(H{x zRzU56D{s9xn10^$iHVNB26~}yt1S={QCDX+Rgx_NPj1O4+hpuCrKc;S^!u}eew)5y z#*yQ+yY6Syb%reckUF1i;0PSF*S|h!kp!onFc(7(wxBNcLJy`DXwg7!E zAEME6wfbAhFy&P=kmD*RWrpRLnDnaoZ8VT=mjtieLA4GSw57rAX(z!g6XghfQsk`+ zkjIs&C@at2;@p5wbRC+I3$=ZXqWsbc4we7=oJe0DEbg=X_) z9H0`gtT1p3dHUXy?p9t#UWa?y4og^imqn`&v7xHab?#72IX^kC`0#K(nb*cYxgx{z z+YM7%AuI)*GP#DjtuADMSWB8qh|&V9tgvg(VA9MsJG2FPxJ=b(kHR$#dE<=II!&UK zwmJTkaGT}Mhh=Z6GbsM8Wo)mTKl8gk&VxDgaSg2IlAo3>ft`(#Y~`w*FXnaJE#pbT zLRh-D<--&19`q0imUwl}uX`2vUeR1&^BbSEnwtA9QneM&vVHHI=$U-)Os8O-Y-?A# z@GSVT%~=Du;DT)UMy3kSU0KHRSs+4&IeC^s-3trC>*)5x(t^`EY1}T}5H75&x4qof z7NW>_etI&z1~gePZ_~)VNzh4ZC3_!RM^=tN5;a{zluWvH_D8J2oeHf6rmo6q6iAOErSSSU%|I%tH`rG+DiA$$%n2O{{oIfo( zDpjJ73u;j7TVX?FODV5eo)zL|!w=v3t3;ic*QHGFC(6`4GntOfog0@axH%yGx2UYx zebEhj`dQfy`S_m*)|b)n;De*ix~<|Rw?e#*QCYD}lb%S5o>fe-cXa1c@W;LVrLw1h z+B;G~?dcn_rh|_!jjuUOF}Oo@qx7E`Qz@=VsAsu3{1U3)1dN9z7|)Ks7|*&RIA~|U zBT(lN>ak@sOG5|R_Io&cq;invxP;7uPFeta8ath<>o8ytv1!EpC_-!*U+s0Fwp_R- zu5#`=)@47s7Plm)NX$h#ili-L%nsrmO!G&!2V#a}p;EeQY~qd9xj7a(^?CG={mRb5;7&pE~`Vfp`Gr~-%1jc#9R_un<+L80KLA_gs}!At~j9j7@_D2 z4?m5Et8j2k)^C8Yzl*etB0SQDc6kgp8@pjQ8iQ+jo(N7Yj=(8Y8F~`_Fq^Y$#cv|e zElRg=H*NY&i8HsL)k{C*0)l>5Am~p2BIsqpB%xVj;m$aULQbo2hZGo{AiTakWA0;7 zFv7gKKLkD05G6)3z^WRH+SVUn0lDxPGSu)E71`wgb^4Gc@j!dcSiQ>odQ_OzQEGm*JObkITkE>vVW|d2;n$n~a^Fsthg3d-cp2Ow-`1zt^8tyoCjE zUR;JDq0WS#(@14}wO`j49O#Jzaujk<1v@|ei$U5=9NHU$9K1g9Ih!Dwgn$bdMsI`HER_w8B?q;?COhLBIywG>RgD7Hct2>X={LJ z7?6Fgj8fLT>ft7vXwXL<@4wRnvOwx8nE#P^k!<)5i)R8xQ6 z!>0laW^TdJ?;%dmXwF^c^LB&XF|bXSD=Oi|E`D^0lAk#2-4SpeiOe774>vaijoQZ? z$Ui8Kc^|_iT{-qjDwJ3qVja{WYq#t}#osNv)UprZq2|vXsFYk*-QT)@EmFnU$Qj!6 zy6$J-7Kp7TI&a07>08=f4%)OTnIO%qzHpZZx;!^FeCE-%%fGCYBr-rZZsIZYjWO~O zCmqi@wK(=-5{;y3o=KhMr%wfdah*XW!E@{1cAav~HZ&pORJKQPT`##vqiYhgxTcv8 z=Qpdc-%zhyc97c>4xheI;H$0Wk`CiL%9Ts7n>w`>dm;3q23kRn5{&ghz|Xg#ma$gf%o`o-Q{5ir7A@$&Q25aZmH5Ob)H&3w_RVcmF%*r%N$;K4)*1o3hE^aYZ^dtmhn zhKg($A5C*noat&gf*L>MY40nk^7}SZJEe@l{5h)1D@arVbMmFdxldCvyTh|4W?AhJ zA^S_{niYk9e>;*Z2W3N>&t@Z&Dq$k^*>*-n7eL%8MeiZSc0EP!Jw&CtM+awNmoJb zPc49fNrbT0)(#h2ngY=#*8QY*;{~~Sh7=S7mts1f)Rn^XYizN5MdMZEn3E8%el9M!yx7@NeZ}Qn2Z|pXO)1OT>P>jB zB|cX}GK&o*ULc2YjL7-YT|!$ndemBw_u8>!NCx@2zCf3j!pv`&YPSQ{=_hhl#`3%81Q7^Y_a-DYg~)t|e7;!ew)J ztPGBU5&~-bItvf)nK-4_C`mE6NtUnGG9@cQ4JPUUY)oYE{`1h2%2)6eV$Sp`dojRr zIwJD!#;_9<1(bho2A|#?l!Mq(lGNJdZEx<77JQZ6Pubj9i&9*H*o7;#=-)My{z-F* z?@mNEm{DuJWHkO;GdB;&@HZUpMWY^`x#9Ng01ZUEdEkZ_@mxR}vfl8ZL56Hn?Zv|C z3x?oZ4pE>(kHS~R;0a8=HdpVxm8eyZWsfffL<)E?qIBb>O{dShpFvmq5EIW^ZO2Xx z)@ZNsNN7D_pg&QUXABN6@J?TWlVpy*?~BCRFy-@|ctN8239rsXxmO7^r6MD)mBliU zMQ%?hn5$>ub#%i0TPHBANf_(Qco&vh(^*QKLA63IqzVPaf$?(e{>MVz03q*UJPJp> z$Q+^%5dyqq&N6t2h9V_1sl0%PyNmZi_3?^=kv_3>FUB`ZbtxCcp+&6Mr2Q5>BW zd-^7wt0bR;p1lTSN3iZOPcJ@&e1xc{!`aj^CEc8KWuOZ6sWBKo``kdBbJdjtfw`@rHM&ylH>DajO4Xj3vPppVF;@u`nk%Z`r&Dp=b%Tg z!*1@DFEmQ|2PFJjP%Mv@~td-;Wt@hm6QvfbgswUF*NrKju& z4&@dv9NfWX#K2QYXIF1ygnKl!z2@Wcs3(^d!IJJ&Y;v+}YZOu+#j}CfbIAeMse^&xftkX}@52(rO z@>0}`Gv%<^-jmsGY*!JSG9W~B7y_^YTT^WmF9Dtcpo1g@+BEWCv}uS~=gLo~x^r;| z=;nHR&U(|!F37p?6m5usyQJ`x)7`BrqdINoQ%=ZaL8aSNLK;X}~fl9w8?Djr%OZV@mY8raj8`uTMMJMAChXKr$) zK!8$#I;GasTdh(=kC#pu+i9XsQn6T{Y!%mZVJ~8}uI(D`wxpPSC63Vjytk*eZ?p2C zVK~GZD^91Hw$$}A1a6P~i<5w&vE>4aCjF;x6iwirpeyVqWP*xg{Wa>`_ULf+*Y>Mq zhNwGNL=b~vf$N!1CAK{ZKhfTA7B)i=9mSkG0pote8KS3NcCkCJo6s3U#F--pq8m{& zDGf6nz^LFWT*npg#9-FE)a*VFh4gN-<|pN|AVONr(PF*)u_`P|JLpXtPSLJ(?o4hD z0(ULPXlm$WCh9zF{-c2mr(rlqBL^Vgj0zbmYoSEh7sI{SOFMo(S8}P~&9z21{ukdfm}cFksUb=}Dz-MO&~<1(G~ zUZo{1b_V?3rxNwtCtECwRvidG_fBKN>y8HAM|TUPD#FCYmTr($2m$;x&M+rPgAv8C zZ{8m{)53jJl>eas1J;}{Ho)~hJ7GhhRA6g16&$3@Z%;A;mlq+QJL3oW(B9IGl(c$s zcd#6RZKju09Ni_q$YT>38|oKOyM!NTmq1q;6; zmlMG4tsmA1^3H#c<&=SeyAxCd$>qPtdIoqv%KHDg50#<)Y6Ive=B3AyzX3vD7;~HZ z5i>NuTFx*55y3nIsGGuxOqwdl)PY$yrVqXcL1_TkfQN^$ydw$qw3R26N9vc0YWU} zSP)RUl*9&zlt@cxAy^<%qXY;LNR$>sfCwQ8Nl5bD%#8EQ`#dwx`>k)SZ~cDjeIHi- zF*%<5KKq<~_Bs2y_TCHZ^QXxuOtWa?*ITjGe~H^=P~IRV(_0`5Gt>G=$uL!)-i#yy z9WVUbj;qbHmLDR`!n}T4Fm!oPbWpidGgAq0qyK>&{&5@BjrcYkOpBX8_iNU*n2k^% z#oSWxP2)=>=)Zu7k%2pNR~(|_#gjP;!NYDqhzIE3wB|khZB>0s4kj#&W&F3D7n^6v zU6%lLCD@~cTW&eP&W6ADw=*7FV!oh{l=c$o;+ae@uN}W8zBBpzG1{M%!>j@U!~dA` z_baZj?3Q$qsvrMtnCc~2tjBpZCP>$&0H& z`AsAhdi<<)t}KYu`uDr*f3VO0Z3y;1I27Lv*>4%Iz8kvVQfhrSg#Tl>4*wx9{D+_M zzk`BOQwJ>p(VPp_m{!9B&5(O4__LCF!6Dezc?Q(u}?>nWOO| zf|*i6!Qi4jK|J0wBb2dx9!+}i&9ZJ{+xnplz?u6OOdiz9?FYr5NMPyMs6BF)o9u-b zOq@hF3R-*CBdNmcm(7!sy_NvYrKiKH9l!dx@{3I%KycU{h?t}jJZ_0toaE3Mj2D}R ze!A6m$6I8K4n~<&R}xf!H&St(RJkJwnNqm}Lrm^*gw$>rgQrPijusgc!9OyX1Lf>^ z-W&oVnHnGF=vne@_$$TtNJUH+cZ1tMPlz~YI1{3|YzAM%kj_cUZYN!qy3ONTB$<7W zRA8^Dp~{~_7l5nkzmkQ%_~pML9sIgYZq{401XA)9!Pkt|bzCKeu}7E0cJOt~HTHx&SpzxAMYP=@FU z41ZTiqZsqL?0A3Ce)*7CN$Kjpu-4H>(k~MIW4RMlXyY#*Z<&6G!7Q72XFy!mXREtz zJ+ap^omqT3ef0DSDpCKOlG|GJdsw8>T1fn--RthE5SGu!3+DN80>;6eR6hbbW`iXP zXRDh>X|A=W=vm-M1IacHfsz5bm{Qa!+6u_Nn)3Bmr^BeQhOqc}d!dn8-|PAf_Cl#G zS8Le2`n7#PzR0i@U0kY5BjBcx262xk;ozOoN`Le6=FDQbgu~6741e0pRc~FkKATKrfr3S zC-1}u^T<73t2yr@xB)Dqm`^xN5H&`^^%u6eM|zIVD<*8P+m%+WxX^m@K{F#N8-<)L zj6|vsjKi;ui$tP0r1GHj^67ijxHezq2mUO8qNbelFXtAz@ytVk ztF?wX(Z2F#zR-!$h6$jOy;k)gX+|ydVk5JG_L9&7Q#`t&ashU%$Roloj9+t7uQpsy z+4VVQn$59tFwf-wh#|W^nciw6nDS{Tq)ZTCbV-^%|3MeZnldGoBZ~B`nt3Cj z5Le>x7N-gVX4=-;-MG5@5Iex!`I5wRgVpV@0?g4|k_j8eG=I-65NFHYmZ$iD84w{8 zDU?s(-ZsX>PO~=5vh$7QmUl@S4MVJMha`DDa9!JA4_Sp(*q4==Kn3g8e_fN$+T;e7 zHk=y5kcISN22{`QwN;64#5Y7XfBt-FRcS-=dv7f+g}JzC=8<1c5%M-GOMeFiT{g~y z?xpK=om_48Gc?VgGhlg197<*OPjHFj{*X19WuXm)Y+r26cFzHW}xeQ0RJ zvK1k6WV)g7xo+|5735~81!lS_Y4<4wS3l{E7Wy&vxY7r`okznLA7`3C z&~MLP`o`T9e?ex&<%C;P37nL!DAO6*5lG?36XFZNMjiR%ec_Wp$XwHh%c}T~Gfweq zO?8eaCiI1r!kQ5^VLPqe?Wch1?q|%gA#sAaP;vf4j|+5{{hGZKfFsh%v%Z_+)I~Mi zu#wTp-13zm%upCbBkKOYN%FLHg>h{vba*o7isNPoB_y=mgCrl31|FXm}RAR$!obORfl=+ch2Tv0C&ke!88D=1u3o(cSaW>*io- z{xElmcrX(I^@n})8%K4JPOjar#2*(sU%l`35UApzizQS{m1A^}75n99-05f(;|+SDF_tscthmH(ZWgr) zLN@S-LSm*Vu2SvZ(ediNn2j~-0C?jsc*>TgrcI4~1vgmE!STv+2i6?UsKi`UBWLcc zfX^MCt;w5nUfabe()HTD!D>f162JC-iPpNiM0nYcK(IQxy;UxqGu@1MJlIB28hH}N zj2^unyLQd{i1*9{ajWcOTf{yuGtcB zLqPgWQ+$t?eqN3uInxBJyO`!ubo-3$5OGo1?3e$rb);AY1Gs)yU%ESJS!7Jz% zMgiaaKat{B1RURfF1JzdQKMbC!tyr4?$=u_Zm#c5zShN-G zOs+50J*r8`x@n76ey0LOs7godEq?)|!Eva=TDv2`rC5o}v{0j(t52GpTWrR>??J7a z-L8?z!)PcYZME~Bt9d487-OKJ=#scvZ9OFQqrG687u1(Z__l}^iV6$Sk!wa8iA*D1 z3c&~EW*X!x+*THj#Kf)KD}vXF<_Sl(8sBe!&jdm!yuSO~ub1Ax#ewC>g^o4_+7_?- zMxf8dhCU3}{h^Ylj;dK41jSn`z1LmmiMvl6?Cwjdp7%*`X`gLjDZX1Cx-(Q5hOGE# zzjk@a&)aOe1s-c!Hc>bJ9B;#5)4C~VZ4M_)DK&eW%KPQArGt&lTn5>nh3+j2c5p)u z5u?|o)JO&oJoOROAdO}h$W|yx1}>V8DTOFQZF7>1WPh=t?7GK48V?@f*)sMi2RG(5 zhZbP3= z%C0hCC*>xPZ7yB!wm&jX9yPZSKaWJD4hr?TrNHW@->HdX+8$1b4?C`sK=g7oo}q^; z-4;dEmhmK;GIc%f^du{a&aM)_KV%n*YOB@L1yK5WW|kr)xOP~rE7QLI$|vF)%Km$Y zvoc0)`8`VSwT6kz;CupIYl!ZL;EY8N+ls)5Kz%eLqEa7{F1Ipnzz@aL99u66x#s5vL)LAoaE(9ywGK$6 z4UhvcMd&Ll#AJgd@@sA|wjp?Ci%<(OTh!xADsb+DBvAIF3V##KjCZ4asKDXjgahQ| zJt6@cFqM!G9jq%$sR__(s;*i8>rO#2L;`h26?XyYhrNqyW)_t0ict2@ANvqnUbQyI z8+JO^>f2t*nLh;)kBtwAJzg1A_7gDc#A>%C&cpl~`ag>zbpOHXYW-F3-%xudKHF-I zDadI!Htkw>(e6uaB}+S^BqayBhTr(Po%;wMom$=TF@i zp;6L-1Aa7O)l|41nX7mE_S?+@vr%&cr4c zW`eCF0a#4h)CQJGsTi~1c;_}~sKh4^*fk)3>>4y3SuS1Pt}#b0y6_Ec|9%TnDn`32 zRdydh{UhPsx1LL4bx|x5Sdca1O|sSGMe^+Co2QG?kE}OJhj9^uPJS092gQr+YscSw zj$$gE{&Hh$S(|J(a6aDFqkDT*H$1zG>WB1a9K5%Jyd=hZ?eyuRgScpq3ZE_QJB7Bc z8e%I{eeL++do^*c8oFKIZISrqd;QEc`vrnl|R@F+m1_h>k!2ZNK!)MLeiNv_Rw-k$!+GKHc^df^LGUf>?$Ms7fF1gP`5TnMV0*|k5t@(%xGVd-Y zFls+a``!lvyH=2P9@VlYH3>65aAwjT$h@WFSfA1AzjeH4#CW7u?~cqGU6~9;#Eb3` zGh2Vs+qg!f^5mYzO=&abHHoga467M7p3VNY`2}!x<`SaCg|Kb!BU+$qL7;gckqZd4 za~ZmJM3>gqbpG!HNO5f(BAC4 z(XP7zoxJ40XkaoMM;I9{q_6cOHAC(rQqB*v8$ zinV_}loGubaAkBG)l-S&h+NFOe3-cxv6@MlB2^)xH&u01Zr|mgm976#&SAq@G_2qDFsHb(=>{(YQ689Mi zHIrv+)BcNZSN1_t!%!76|N5E3i~BCDo_`OwDS#pBPy(yRu5n$xI!PuLzO(Ti!-djL z#@^tljb6FP0o~h)6~}=ifgJ!Kf|d%`gFv{Hx2v=)&#Vs7S#F?x_z^8%)!95_>sOnC z*UeT(A#P*^;kNUZCc4YA@h(Gawlqe|0P7PdLiOAF1l8Q$`nC1edS-%Z0$O?Sf@;Ag z*E-R1Tj8tLd2VjV`Z;~{)Ty=D_sl)EUOfY0UWD5VsXmmr(jPzo{QgI%RFkd}(wJ#E zAI2vinPuN`5<1wiFF)M1^06JnBZ9{#S4BY~`BieWbuG;235aL&++uuoe77M%MRu*# zGEftc!tDECOqQ-F%y#1hec^i^;0F#i0zGPUa#(B99GT_I_A>raSd`%POZJhAdrU3m zMh;wL^Ou7_Q~!wg3bFOO4nc@DWG^{<-6d_s=;kcn2?V(8NDghkQ2<>fc2{KIvXTx_ zb$%H+VR{wVuYjbq|6p?b0dV=o(!>*;Cy~P8OnvdKHB01>>u$d$I|PU!1Hb5exgPKq;lfTEjp8qc~ukyMNaI1x5x|I88qI`-fH9jBH;H zYLBW9H9rYR^m~jh&@WRP0^t91!z1i}^vOG=D{)f#h_N^XWJm9tb z&>u|)VYo$lIjHGT%)p=Hf}vUu?016hQ{}FoE&3Y~Qxsd4XfmJB@%-`jcV-e}z1U(! z+$zxXznxo$tt#4}O}G_*-z4b#)=JRFfm(un0!#L{xxQA*DEeRxhC{_HE#H}&bEWH-X-NpiknW5Rh~jluKfO4<|Ha@kAr~NRh8s zqx2oQF&U{xZ8PASwKayC_Acxl_Y&tIMVhtk&;_zSP1-P%GshTWWK1PGd(Yl#-j3)b z6}}1@r^7hagF6x`(Gr1I9B*N0F|w8|!n9$VeUsIb$Bl=nFur;kqe~rT$)G$!k6WUb zaDl)^>drk(xzCM2tn~Ur-6YdBqtoqAdR&`QHnV96;lMiz8olvS{D;reX-b@$>B;3& zyH-H)p=T7%DYk;kF~<@jkivxE_`V$~33H})p4zMSG6bb^Xnsp^c{Fb!PDqg82$E5P z)C(yfqNTlFM&2`Kq(Z|J9LxL%va`P9**;1c$FgWcdn2@|`bAW?{v8R!h|Bav%Vb|I zv~TfvIik>a__jAE|B979VusgpdIq+p3mLVS6F1Ah<44PU@g-66SQ1}-?bbND-HelU z4z+6_315w^iUKF-O&=&r{rf?l)4$kyKjj-|T*N+*Rpr_h{2s2&b<+rQ+vq;^;MRoh zW`+Y;pNcX2^lbguIF^zzUEyqV^9*X#d)$)1Jv2d!?ldM8lwU|QX=sQU_GAjqQSf@1 z52(E|Z_~qCYrWp}alC_d6pQ)h1a)07X_VfP)>9Yn6|9c-jU6{@4cs$%C53jthy`c5 z2eY0uJ$z2^6hKy)Hat+Yj?YCA$$>{0+#0C48n zY7GJLn}u>App^I)m#x8GviW6NucJDDS?+>2+E0q>x9WR*NhG!<8D zAW|SDH)K-2awum|v-Vu&DY^HO63H89r3PzxqUI zmO`C-+|P0jO8)z$*yDOJc>S}^WselDn5~o{NaEJ_mBG8p$X_{9Hnj7tPk@RJ%3xw6@@VfXOBmsK`jR;uG`PpCnt4a0ALueD%ng{I zW^%}2ym<$;y|&=k&&Olqe|P{!IH}OhPGZ0uGyg)>A*Sb+@!87W$i=bnA+57tj(QY4 z`7(-*4Lmm-t47N$qgWKgMf%rAmP|C(k4)R-mkiS{D`yDLTSMFsj_te>9I%xvf6Op& zp21Xoio?W0(ha#@RnrF>ZE{eg9O5Q3aGUSAt4a%Wh%yRS6kFkUGR4mJhs9sX!jBD3 zR*IEYjL`inUlK}EPEUvi_OC=2N4^y4i|PhVCPtX0_Hg;;bCfxbF>FT%16jftT+AlU zxW`MJkzAsbFI|X0CeDauE)*(PHrr2I=EghuhE8=^`Y}d?Bw-p4%44g)>x6VV^4|#t zYK=2sacQJ59b-nxV4<>!8EPVQ@e9XCWXDKAWD+qrBzwSR(xTTVe`f--#!m_HvYnhe zZ7GNDA~>)ofNTWkC1%y*U0KmdGn|0qSR@7k>8SJ(r3v{85l(}?{v?Nq+Q;17uJb4; zBch;+IaG#cEiDm-rg$DjC5tnBCs%T=DBmh<6o0hCGtP1v?#2cTYEBw(ZP^QCda)v> zB1*g)IjAinNEVswt-TUA?*!@>0F%6!!;U2WBwSXb4O}ct@POQIWvFDG1|k!FC7feq@$7qb7{vO-oVT;%+A!gnsYm_ z(1i0e6&l7}LX`Qvv^UmN%Z^2!BWF+m7eQ#iWeZcHFVgfSh-dSjp#b zC*n0u}Yvrc*^K=>;3zvCKD&MIGjC1^5lVP=LuimI8RE1@qXp_ z4?L|H?`K+O$gtQn;lO}LR7FY0Q$`!M-=^b3t%tCd2JW#xE4><<24C-ERR|4yP#hP; zn{*0RF`65ivEo#g4XeF@F-wQxoiT2ohPi6ub_mM zo>I=DZQnqguqsogTEET`R*I*nh2D`f_#jeO)>LwOmP%|)M8lPa%}aX7>YV zRmAd{2*|jRjYVV6_Pk{aW{))(5lJ~NevAh65JLeE&O+x2;IhITM1@BoHi%Sd%1F+d zubf+CCE-rJm>fRI?r-Mo$NInrah36`YnZQ;cOS`u&F|deEZgCXn_?~80#;hI3 z>Toz3tbvXjdwoQX!(e9e(-_fRnps~(3 zKZ(>Wda6mZMI?56<|iAPX&CY8%$(hrv%%1bceU#sRqLye7*xc=c=Z~H+}n1@77jiw zT6t_C`qevlNf*O^Cd!<`EOd6Ff9SEq^${=g7xOJ?>?&R2$kCjGDSX$N=MNG*#dG~b zw0UG+ zFXZwP#gm*(ozeHpYjF7fx)bbeCe^c}re>Ju2@LW`E!|ooY?P z_F?LcGAa<0vyT~%yNq!5;EhqjYUevNfjx}RA{CAv7?`>=Z~~s_C%Tfdh3o13i@lYNdOq>hk0 z44R=A0l#MyWApg}jqHEZ*DA>W^ziO&lM0Wo9ZV!Dkv_@CdY7Bd)>3(Z8po>J!}W~4O3H?X$NNv4RRrfmEQIQug8CMsIhy=Qc*8Yx z^bDh>D;7HW&DxFR5SBY3JVV)qG1!T`VcEzZ>N4-+Jn&9cXeP^_Dq-e)67nKKA&MIt-(iX zPnRo3(<>r|{Y0L4Z&B`Dr_AGGlfhcnaJ@Y#_;~-KU#2_*86YafS%nJ=K5%-dyb1Ux z_d@fNefY&%aHLa92;OU$G++;Hb*%LYE}0s(M?F{GI4tV8QcnZl%J$ZO32f?A!MbA+ zt?yq7l;AU-RI8JzcQ?J^#%bH=*Py)jutf@iI|$N7zvnMGu$If^{p_bZp6P#xbPzXh_3|fMz)KPlH&@Fg~0ZxEUsRfp{f>~Su$t0>Vf311+ zLM2HJuq0Wn*Ux1rERt|?9fte!e7OB_m2IxCuc=4VWO7clwHY~JDMXo{!C2I3die6N z%7Ee_T2DS%*(LL;$Od_eI?^9QeMsH`Yixtg+n_9P6lx6hqz%fuN9!juu_YPzSf+gM z>_(l0z`RDSIVCPu2?w=a4^J|C^dyik*_|9{(!}9Lnd2$(h6Yt>wyCiNzFo|9e)YjhRFtL#-^jt7FHs^frCMhVQbhNQ z66L6cU_Ca$Qxqp7V@*=$^{&h460(bI z?8J2+{WHc6Bl8}CszqM7A3JML*hJu`>PtVLlVyj+lCS28+UgEc4;;F%@*$^ximf|t zS$}V{Hbplq7GGKmB=$g$dRwj>Gb#JjQ%*K%9-M9ddZ8885m?KEx3PL60$WaMUUz@s z4#k|#hMs5i19u^A^k9h4I%oEM?wZLyD%fE{(s2mxDKd+>r@2RcqfS^rN#dIy;bl)N zj1(=r12Pz`zzN6?*aIRHC;Gd%xLo>vUWu(los6;!)qDngNM2GU9$H?zC5=ob`M7lbC!Y(rFGQ=&tL`%!R)@8R>H~7dtc`ZujF zgUX^#QtLmAl`$74HEY6RQ5MOiI4+hSPt&#qZrI$EpC(vU2y)}&0=V~)A>X9*88>-z z*rXACzOpaLM|o-*mpN1sQHr&qmV4^(;0qs7!^ds_J!Kywu9V{~8;{1~T* z);GjH)QYR|L8r%;;V^KU!Iv}751?|;{I-e(0WlB!avU+v3!AFYvuHKQo5jW?CYqV; zM%Ry%B67xfbvt>J!vPQ#g7YNI(wQvHGpnH5bL_!vzPs9+v<(GLJ#cSb1SOW>Q*oyS7%B? z%QMJjH%wW6-XwZmwyBU{K=OuYhoZN-O&#l&`0C^JmH zOsUUr>fD-u2rHQv;C9v-d~`OG?HhbPfZ?2Yf*1L9o%JZLCE2-c zNY19&&_Y;aj`wl7m4I2cUgtjnxn(@eYGKdI_d9Ju2% zG+yq;6F$j^=$dxPY+&Q3oBNEy?6{Mz6E1lrHQ2@;SP?}fvn$n7qD~pmHPhp@MB5*j zQOO9t&|HH*F&<)F?aKn< z;Z2SItoR?AJXg)-Dy%j?oa*`Ph|D^4Y(P-^=a7vT=w^+XrVkHy4>cBu3X*A7@nQbA zO4>)JHFxm$!%HZxR+Vh*O~-8w?dZB|HxpJYqg@r9xW1p2eQzxu6fV$Vogb_K>)|rH zAEfuA5P960>QPsffY$4bw5-=*0s4N0GtZTdc3MSF9L3|wl1^%6m^(!@Haq+|RP%7L z@`{13&I=IeOn&Ocw7{Iv2$pMS7V`o3ayjYUZl>>nRioW?Mu-94J9#eevT{QHnEOm( zel^3<%$VpTj%#}ohtab)C(WN)-inh=7jq=Ory*8x*NTl_(z{p!!R*0c?E$%3JT@v1 zFiJ+@(AZDz&mB@=!v5zbe1MWhH%^0cZ%Pa?9R$9D3<8P>k&Nri`OH-9d>byEcv@JZQgk|!zF zy1RKPGF?k2m9{g7U^C=A8HBhp)!aloOdwKt__D3z-goTjt*H4*Zs zbB^ym4!G!K_Gfah-MRx$JbwLk>W2NjPi1b{Qx*AwaQz+k)bjJ32BUx6M4BG3+ZLDG zVl%){dJ?oeGfyoIWyux{LDGcjv014KZPgWl1x<*26P1E;Ct<0Hq6#)Oz939u{UQvl zO+^ou_ZYDj!sE=OMf%y(_L~>3_{N>f1_fy`$}7yJQ3}vWXyOCzZp`dFoYxGu%oRQ> zrP3;Oar_CJ$13(WSpA+7t6PJ^2D7;gM;dEo@Q`WxPsWo&RAvKxv8*RB`#>_|YoG3f z2f42|+A`2fIzX_D4AfC{p~uBfB^Cloa#{4wF03^?$q|yv7=KoZRd`+y8ir!Sy}0F^ zS{!zZ0Pvf_TO%S*d-BZ~os3gOv9%0lV@_z?z8un{e$NLzFesX4Q~SDyUk{btn^(7=6tccK&MTzv$r_5uU5hd_iE=cl_3=07brK; zL2uuxa}n+qCvnNUt@VLZjXieK>p{|ROlLc+kKtCyi^@H9&bC$>1b-8{7St37I7UGr zlM~(YCsW>}ue}yd|NKci@6ZRLl3Tz^ox($Xc84bCogQ*wX@)DUPo|o7YkeM&{~@ZZ zQgJ^-?yJSJnpfdV^4=Cu9H_o5ZTj@Z*JMrns3J8=IGQU%Uf0p9ek(l3dO0J~Z&Ld0 zi?EpJ%s0h9Qk_KSSJ7Qng0|H%gxlfL%4&&rK3_Ih*sr85C@9r|MttDR+Z6d~=x%l) zT#Y-2ZDEB=rr1lu9s~|Glu}%2?=;gD|Kgp%93PkmeNe^i%O%VU(!`JMog`O=9m1Xt z?wW65xemlcW`t%?pf-g_&LEs!jb{*P(Suaav09kun%4y4V6awkyV<=e94T&baBB&1 zxENEp(*@HBe|_n|E}tND7e~Zg=)%^4_i%>>3%6N3S0{dMveX(a1{VMZ!i|d##KO!p z`f{2tusbqQo(dOh8AJNx2K7F#!649(%0H}w<3*fIB+5p_(N*6yQbiYGvOm*C(S_GL zZ4R-$lk!rIy+X%4mH<2EiwgK^4y@ zTu%`Bc);xS;(Y3{!Y7|8Xv%cT=uk3Hr32P*IzO@USOi*~AH`&l|r@Gwr ziny1^j>^HZK*!d5>q~;*&-UX>hc~h3Oet#iIWw(j~i_Pp-y7; z88L(L*uFj=x+kd7cUlm>9l|0d=GsF=`L;=-*Tz*OJX1NUW#mPb4_}Ezp>0>O;$*?i zrHk%mSj67;*(x0VLQpWev=XjN0m^$N0QQSJl}mGX8Z@Gg`#s3(!f(A(ILqn0GnPz5 zvbnZ=0k%9I@gNR0E_T0MMA-_TCjsGrrT}dHzms6%?PY zlR7<;UHu4NabD``SJ)lNRocfOVNtwNX<4+yqU~;sl6?eIO*J1o&9k9mfwS$c?`K

xf82#zLUuU?;v^0u3aSGP~4w%O8S3`7YghhG^b=h^CHvm-XUb#3`wD@7wp}xbQ z{tReD5JOEGw1nkhUA|*^dqD2`(1W1hT`RnY=k}<9T;!HrbSop(=A|yyCj$OU>eWB| zm!J@Q$tO_5?X?f4Gn{Qe6~LVz>z)d;&=f@N07i-H`~zuP_BqDo`LgIW+qTxfY`D1m z41zW!3t9+@Iwu(hcC4nrO35;%>o3ruiYGudo_*Iqv?H=DC=amVvX@|IV4QI{i+%s* zJ@p-yhAmy>13vIyrPM&n7B2iZPdH7VO#{esAnRj?&jC;Kth1Dui1>R}9pW0)t^<7= zo_YCi#*4o?U;}!^Zw~}rXGfkKrw1;|LMuI98XZlV|Uws>Z)@8@+NM@i51@z4fpe2jn~uT+%$zflj5)) zpwIQgXaCLQ#m>$R2RDif+3|u(P z5~xc6NZ=m;$PXY&J5UqD?L$+)6P$Sro&9Umx_{sFf@7nI3%t;bvlpI+gu4Bz51;16KKk&;RL1mdh$q?MPObAvCs6Q%3Mj>r?jXwlNq3Su{`2cUc9Q=o(g6G`z~7;6puG9e5{$p}cl}S6 z3Hay#H^Tw~J^Y6q1A0;Y?o(WP!v8f7Z0VgoXA>j`q9p<9vZoTTH2+El_+6R)^XsqF zi2q3A&qR^`tCno=iB=pqaHoVtM9M)4XyMvF zA1fZY$bAV!Oeu97OX$6F|0l!RaQcu>J34+=!a!Taafr2P5C)j?tcva{?}hZ7G)?!4 z<5V(+IQeY?ma%ZEJvhE<>@LM&=4oSL-MV1EQ}Ye2QS}UXw0}JYf*!22d9l6kF$t4? z#aL6kh?EK_$VDPS)T<(8As1QF6bh<+lEZkc$YGX`@%FSC(|15>QKyKYJ3I}R3J9Y2 zo6YzZr?TTG!Bhfaae8;Zc!4ogxc3cp?S1J$CY#VHzMpdObw9tIPiKJLPAFJTnh>T| zKJz+iJp*r$s#KhQhLG&<6>pxT%-?x|HsQOr?#*0aqNUBgKAu5|ofYDgD-Qxh9JBZj zV$Zj^^Bkn)4k2g~@2X7fROeS}kaDQ>ZcD7E_JIFsY^#$+rtjq$0u}{${!T7kdw`1% z2NBS1FY8aaDae$O9C-A#TPCr{PJP+fuM?9}vtQwE{5mv3ASn(==yXUyd792LLaZSx zyhn8NXba)5`1zw^!0k!Xy|ro^bk#A;qw8}eFVHY8u8y@myz4A?p{_u1F69GihI6va z89O^ziM8O#61MQ)Gm8H*BXalQGzP?_%(ydGhJH=eq8EFcHlPrv5c9< zM-Ls_E{oQDP=)Dl7)>OKG^m?qEf|Q&{t-DClrQVdP}-y0Zdr_ z_X)!v>$cZeccuGC2twD{Icg!WoW491EvL>nRZp2kcaQa!Ha8|mbf_h3Fxh(&HN-uJ z21Pw^TE=L>{K=$Gg`6IW1(F7(SF05TV|>Cc$IJmcFpXjPmosXx6sZ zyD_y{siad2K$2p3Vl~gJ;Ya2d;}il2G;?$5d-K^oy_9w|pvMf5hsZzQeqJ zlUq{}7tJw`4i8q3p{hwa4wU@VW8K>7A>#0k>sl^P%o}BAw5%rkcRcGLpt1jmC1_@R%Y-?M@z*3B!(g;_@0 z`VpHA@(`~a=B%PXc zg-WLiGwps_0lIkmPvdSq6tBgdF#j5}IzT_=x*}w@GQH+3(le?3Gut(cL}oBde8xfx zaW8UHJW*x6a1n9dW#ge4&Fdwtb)AgHgG~*+c9ji%PTlsy8tQOWmTCGAZTuAVg1LUw z=^ggyV9jW5nFZY$1EfzfLN}M=p@Hh+wC>{eien>(80$>QXp4K^+-lOO9$k(5j>(Y^ zPMyR?z+qjZwR3d?_HNlitI@#2P&=6TT`eQFm85@KZD20<1^SfTzG<`I_E7SUEu2Ou z+GLd;zAhZ~)Si@1?)NXtnT|G(;;v;Smy)w|tlbztHy7gW>yi#6mqzE<70&Fai1)EG zo<7_5A#1v$oLngqJHyctRvZ@-^_92d_BdL}0&Bu&$#Vm^egvLsOhzhCcNLck&A2g& zfskZ=>5uxcCl8`ONm?R$FP6zn+g^-XpW^$Z(fV7zbylltXpy4_@svW1+SzA2E_&s% z7G=}()SlpD_hJWkvCGpO@pi2`jw;PY1&5-=vWbx*d3$dB5GM0sMf%+XUfy+5qPPIj z&aHbRkzZv1g%njslwLjczT8m&u*uzoQ2%0$B2`*H*;=8Pg|m!&Z2AcCC_=lUbc?lu z`lT0xC~;N3S+K?dD`(LOw93Tk0p-j_U1&S7b|gBfzOS&Ip|Hlx@vTXP~-@1!g zAHXW<^QrfK$a|ky=T#u{5F$+=wZUy$u^+ryfiCei_Av{s z%}wRpIUKn3_(N_(u*T|xHwK!q!IG>uY!}(d1NU~XXn6efA=S1ietiu|o!<(YFN

z^JYxws+A7eYBz4Mf~$|Fu6-SrgpDr*x5n$LC+k+MkLW&JIlYaMHBREB%^6rj2584M z?vB+I`P{TdLHNV3+=9@lZ!$&=Qf6c~9?+{Tv>mHyEl;=JUn{P4N{v5ZtM+89X29lK zJFJ(Q?dztNp3X^ff1Z_ceX@LWpa=g_Qr^{>E6e-d`7QbkSQ3A+r3RLV7Ci0S1qW%+ZJ_^WjNor zr!>sRc#l#THOH)@vr?8TvmvSbCma-(O}@Wd;*Dq=aI&~!*yQ@`u!e63;{yz%zI-fV zvMverd>~l;@Dsb-z4r3G-NIJPM@lcN=h6+w8J;^B(!3@vt1=2Upm zsiuA2b#@MBny++H(&kWT*7KD3wwgBda9cUI@t&>Oq1+LyU*x_i8L1`%xG#?0($^s@BHiCddb)~r^JK(=racD%gY+z#CT^e%h64(x(uNZ5wpEgL`PwTUBVIikwy&Xi+!Yo2;A7Iv3FiE9u?EZi)&! zNS$gGMXd-{1wX={APpF z-Y}Un@xXCwT@+XA=wx;X9BQi#-V~RMtI&-=Y(6NBJy0`TglOkNH zvUc7;KbzoUlVJ|p&%5Y8tO{TY^ii)}f2>G-7(%|Po#~Ui=;i#eN|BCxE`xDX8e()DL+^NX zfh_sq%Pv&K_*H`pI&!56f7gyTh~7ox#H13EWwLg{F$k#zt9|QLVME^mn+$^)o`ujF zf9xx{=p6H6&j8K?(+I6KC@@|}>1UiB7!ybmk{zSG&BR+cw8p^U_~b1@QO1dhe8f;1 z_ITUtGs-=$^|+QrO%J^BEwq!N#6y9-`*q|Sgr>Opgac-|p%~chY)f5jMpJhDkU1r0 z@S6<2*07aF@c~TT@U%yptIjtjG+|-vg6>)R zZ+$bpWwN;b$bngAm9f}9+*<=Bjl&0V2c)RvSfZ5cMLy_}+iGF;!Y@vGk#tJ|_QxIEWpqpY8z zv-nlk<2no@)w?FsRa@xO`W@1onw(kFx@q?rwk=8n5)%^I7uv6FBV;uQb_k#OKfQ{{ zE-a?^%>`GffF4rcgJK{MO+0c8a((l(o8==Va=pXW#3DA5fXKc4Zgp?qO+@@?o6$YY z6|g+ ztY4gb?f#)$j_=mB16^?IO|pvK+98SrNH-FOtnV3He=NYOv;sIY8GZk6^Q|NIzd36g z#5z~|HHg3Ki;V)?1_fMT9#WB=`Q}=9*GrclnfaTIU1l^={C;cm>DYf` zdu&v?!`;nguBzWdkDWPXbO7S};CkM5#0_?0bE;?#=za<@IyaIOQXc6Lm5ASlnTR{# zjfaQQ;B5h0psDbdt=zP#}ce-UWzi+{Ua%kjW{H!Z2Bg&TZ)S0O3D zwAXK{uvR*pFpu@&(-XWMeLLzaw~KC+VhknyrdLWt6FTyS^4cl(!3PRWN-zpw6# zM5;OE}BbKPVcUDeE-JKYyZ2KFkQ@&$W`$W)YmgFU4=b zW*Bslxl>NGSH-s5!l7d=&$zQwyiBqR=+#ajS5dqcRV&}*3wp)#EL~*r9{xZ(Np`L}`9yPP8Y(j6VK^RE&%cu?g!O z%HY79C^r4U7url-!!mY+q^j#D<&t%p@^@1Ju83- z4cWCorNXz=9?!cBvY(#)`Xk`_Fs{ijGsVT++2vI|v}f%7jbcP@XhS`;!z@3efI=y} zd7am13VQ15__%!UxZpb zHH6^`;>j#HO8IVI{m9h=w`Xj`Z7uWjW%m5RVBt_GrPeIsF5*Cc;??ndD+|RXG^csv zqJ*0XHVDV z=Ed5*Il!aa+bs5DT?ejSeeym@=MRqRJ(!e#<$^q2Iy^OAXc3Bg6%7FAyf8yxBVLaZhAViOUWScqM(!c3CKh?i!(zb2 z0qD~^EMtD>S73CZ&bA~_3b)b^s zqr5C5olI54>7%=XrD;X+g&m!b7iLbjumy!yMW#a0KMmLYfFU9yJ=I zPJCAz+2UQ56b!4{----+3^($xuna-(9!0l zt4bMb$D-4_ymnHLu5Zge+6%7F4x6Ev4o$=~4QLSL*sHtb+5UMIboa6h1BA8ZFOfsN zqp0$|(9)ZO$KgF)(5f3}@zukwxQQF%89k^(%y!(F8e^^B`V`Ux|`ammQcb8YJxFAW?t z7iGtDB;6f}yigOL1J)Ayo5oE6tqIaV>su z%UGUw88u`7SOes5=6|H`ax?hW8AEpH7Per927f4H=vn}mgyCk^Y!Xy&AsQ^AOA>{O ztQk{F06n)^wxv{n6g1VaHh`cK0=5w;V0evPn!h+HL5@Krf7furRuw*b~DF|hH}N(vaZ9NH$8>4U3ag7m9N3Zn5OuWNeiuqZm|0J z!)Kv5tvfy@sIi1!71AFRL_*uBAdt`%ia}AQ;u~fPJL>$&ic>Bxi@Wm5*KcE?a%7vp zT@#tWGbuwMOq8L3(_<>1emPD)Kyik>ofrRHwnn9&6W58Obh>I*sAFjLWk9_5WKP6^ z3`{(x&cXx-@@Kyf{e6UltAmriYbCO-Mb z8g1FjDHaX9#k+LWaU1t@CbQ!!3a{Wg8PO90zSgZfx;HgB1FO=zR;+TpDV+xH{T!9F zT?HRI8%L72{A?Y};^oRbd3<=8EH-!a^p}>LYG;PWRP(V(3p4>UBd{WuXWhx6^NX5> zo&;;l_t7VxW%xCTY>a4W77xlivaD);%ZHuBWJf=fJ16@J5&9hODTs*Ep4}>a zo{x!8X!eiI_gDASlgxN&btT`gx39Ifvt}J0<7m;6)Q>nO8x!a;r7$L{xt|<-!^SV2 zpc$!*o=Tk0VX7F~-Tme@#^7qFvBPRAns(As+&*4=rQnGD&vXlw|1qMLSlxMTm=rStGEr+kWC zR@(g&H(tqqS-li}DRinQmPiM-Z#%O5#uOEdG7TE7PBc8__YTb6PmS>D%7Vd8*wy&F z{949=n{lY{iuN}(kyY_sRh_i!cQ6$mlF5A{vV!=mtggB*josyaaj>P#^}8cI?nU@p z{+J5wZ9i3b6zgQ|REyH*#JeFIO8xvWUoHnME1~d8*p^p& z0={%Z-(+k!9iqS~aS$U6#J5y6Eny`&T0xt4$ZO|9asp*vz0L8xIa~9Eq`+wF@J`2Rvi)RI(Q!9vzH?%w$E3^4H`cv#Pf*76EX2U{dSms zu1h_`twS(Z9p*S(uCUyO7Aq7o3A1>;hWS_^oOOj(OA_8kcD=C)s6bc0K-l;kPujt# zs_cmeYCJr2<1^|zrIvdks%PVv0-GKLezeSPrR!cTXd=Ul3WC)%cH2- z$(<_okQE`-W`=2cE4D+4- z*YvMk?y))fs(R^w8sj&lmM484s=&Huu6d97$F;XUil?oKa)bIcfm~G z4JKT944{3knr_&sCnQ+yu*t1&PztRp*h9;G668I#cj>kVqKnH{OnAr(#aW{g7ZN|Z zw7ULn77z2yJ$wMlf#;%fH344pwKMojYGQ}tZRgKGDzk&n)1U6B>!7velezIzQ)#bv za2^qzP2DweNAH`PC(!N}Gxu+zJ+XXrch>_qnG@aj*u$rm!s6rsZJ}r=mnXc)%L%kg zukMrx?<*_xv0(ym`v_Q|!?41{v}y@V>6fhs0woUA1X`SnzcM#7v;nwCaF(OUqjDW! z7XqFIG&^x;mvIjk%Q+i?YA6k>WN-q)MIn~r~6;19hS#a zHg%G|w=R&yo?B8D%rL!cvCPVL%2Z`T0qp?YVB)7_7sF%Hf$k=x#B`t!_$cQ2Q=N}d!!8TH@hH^@YJ3dVO72$0@-gMeN&isoen(^ zjERMSpgofgd(3c)NRO&5e7@6dunD7J`6_u<0aA%esZW!JV0fnV~5dXRmwHD6Bj-6g!GqK%Y_3gyc?FE-kO=dkJnmr|~w_xoS zf+M}PFFYGe@LJBeu`rfbf*-wMRyVPSoJg=uo2;qP_pbcb3AU8GEzWk`TF5$c{oBzx zZeUZuUNd|~wiV?@ok+2pSDvNfo zzrNfptoEk!LN)jF(c~fRpdirz+^QV6oXhBug~iz28#ub-Y0Z9}T8Q=*5U$NO{q^c9 zTFsXPgqsmTA0;Y%X)oP!z5P@$yn=oFUu2M_^;l^>H{{S9sa^Hr}cBQGCd-$91}|y+sJ4 znv_ut9RH-kq5L)35HI4=XQ0idvu?4+Aqv#5hb#y(gm}V3oVNOf$w+Y5>)3d zI;x0!oszp9+E4I^r--V&{TDmX zl*g60jT+HNfWL*`DPEGl+0_nV34_{S3|T*932W5h zqo%}C!8q~&M90G);5Q4R%i5ltADD~7g`lla5;%$E>4T~b3&m^#SJ@wU#+Xqjap^My z9%C2l<)>K8tc9I((O(b};Lzr?{Fb5f-lyh^{SSs3<>7Olne5k;?)4oEh11!q zQM9Wb$C?bMhd!qR&EH$Knhy)6K!JF~&%<4=;E@jN~l>Jz{z+bbn zU6x@i-UsCxd+@X9MGzVR&1=-574R})_hOn;x#7K)PGe>4{c7B|4~3f|)or@+t&Z@w zM2APpsXWloCozOWrzc(qsIE@Y&fBzTns`_P>ad8N1M=#J;Au0KaYhN^6Z^z2btn6G zUde5pU<8i5WFiU9fL1n|fBPo3_VDs|3ki%(?CH+B(YbaQi>Jk{2x2}1l3?rL!o@RD z-#I22E#%-ed&JB7={HzX6SN;@BQU-Nv-ce`J3vvoM&Jb#B&4m=> zd~PGv0@in2ob0IG69DN$3>2WT`o&FPqUvfd^Q})wzvnX@L@ov+~^7{(Fd;(8Ei555dDZmf12RhMf#J zCFZ{~rr*vK4pkf>m%aXB%kD14v*6B|reO!Wyg|WaqGqS_ras{_?wEz)4YTq#TO;H1 zmJ~v>2{_PDvx^)a`i$*)k9%@tiPk`1XhOZWE|$qgmLyDQ>Gy`Wwg;nUVjYZVni4mcOUrMDcfwR0XvGECabX1}#Y)=ou@IHgycXmdhIFwCH&y0W7h zjGUS45|wfe1vO8pTR?*0^ZlVFbzWIRb(2|EWE=6t^k}3_AHp9w)ow$5Q|GgmgBT-o zD^*;#`n%9m)ICy->G`mMm^fa%caIsHxtxC4DtuVyPf618e$i3KtK?`H)Gs3Suu**$M^-A=+QKMe+N} z9|R3o4YXmq;0MG%zHvP*pZ*$trrYlR+}cw7?eD*``Eh7x{GtJp$+GhDOK>J-!*14# zbgB@)oE>{ZNM;lbYERVkX=2xK1Q|Xt!B!hOC7j^1(34mjq`hCld5&eWe%q{%l5_{N zgArQpuSCb~jZf58&z4-1&Dss%Y{H!DPl^IuS$PKra)tF)Vghm)oGKR#E9=8$}3=0d_=cqr6rp9ktm=UJf$FATkiiV+6 zGJKj#x9F9^0fJHd+vhjJ+lAf7Aj6;;f)#I{93$ec05p)a`k)%YISljrvhbp4?VltCGPc zrU9$tq#gOiZ(=JTQ+1bovMUR&E6HnhnJ@GAfh-2qdH&XE1%V1YK-88{@!DP zyG-|4X|=8%JhHNA4BT9g*b@*I)%MsGC8|HkrdcLuKB3*XDlx_EWJDRlWjJ7nA$`X6 zokB+UR%Pe39*3XXb)z95{24n6ewB(W!xz=#dCcstJgQ(U3a%eWN+mjl(cl%iCQi4J zaUp!Ewfqi;DxJ&~et!FL#}8oUm^xR+q87J?th^TWqcniUtV?Ti9`95C380I(!V zt45v|Q_L`2q|?59%EO`3o%G?YYg>DP1>hVt=f9F^RL`Ea&euO7-6PhW(ddXu0{F}r zXUI2w+OHD{%C?+7i6pkN()dK@Eeqg^5z_a!77aLii5)D<@f*SP$b{)3a9krx2nHBy zswhvSeCLqQ=kKe^rDgX_cS@+S803T=rF+EdfCZ{U6tC!|mDhwL6fR>(E7G=5x zDB-~QU|dpagj*MD(nE@pdx=BC<_Xc4(K+)HUc_9l4G^yS7P zyZP8VbH_0fT< zn6DVt`$S#W1qLkE+ZnR%!Swq^K>pTHqwcx~^ZSMY&c;v`84r0K&Hr;k*T0xIUN+`u z$yd+iQo)eT@3H6)E4`~$rT&D0RFKw875|0aiZ_}_? z;^B|DG2b3vOvGkmBHDSTzn8)sY6PO%fQonzoYb%V&Z#W~71H+WNaq#6j$Y(kE~UXE}8-&Ghg-R_&FC_+@Cp(Lz%mHT1ZYM$dGa^Nm$?;#*B z-8DlwwETkoLhSIra$G5*_gQ-~IZHVKBybLgE3U1uqUi#4WNyUIbIdMz@Ax1a$)XtT z^w}4szuvF*~5M}(kKoszVo92ypXGIZ8J2TTSY+ifP2g8H z3Jb;Z#8;1QB;4x)N8P*ET;&RNT9oDhWJ+3cq8Yp8pxHx;MXL{vmlmB~dWq=2541B2 zC~4kB7&fzmfDqSFpe4tpK{}fkZ8zGo=HXM5u~)Qa|oKE7U;sgza$=z!YLf-(lVq_x+R~!aCwLiRMZ%rC_GsKpXdD&Q- z1_+~+&l_z(y>&_~qOcvZks#>~C20B0*&e68ix2vle0}M9z_UklTP$-|ry0kc9hcvm zvkf2N{%udI{ZFU0o649tK<-`Su8-ti@WSZ^#Xjj;OJEMgUJ1>66c0Utw}MW?7Cu3j zVBUJ`Hp3!2Z;8uC)~4AmI90R5?=z1q>TR_a1C4^>78-5-s8O))LL&#R?BukHv~(d$ zcq=gf!1L6-gOeX_hARl|?|&-!@F#|&-O{!^L6;*7ko36`7D$14xq0Ce^y+2UsU3UU z3d6$$$dmJzZFCnl0&Rc>0RJe_1?w*xk6FPP3lh#A`A9-W?iXpsVo1z_hzFq`iP&Vn zAV@Qu{=V7A9cy~u%$yRt&`k5AW(N*0G=sn^7Mg`%7J?W<(%y$MUI?M=0ebBOp(HL0 zNd3n`K3fp-0iY43TUs?=F8-)!X^&XI_NLIs;&$fRun@>%m zl1I%vumrB$yL5xYRQXXjod8^)XK#rwY9!vCg%6#O{?C>6lD;e2BFq)2HY@iAin8vD zDFWn!p^+WV@i{fl`H=Z62)Ukw5Svo}k!pLD7)A`0Jb=?>_%4K6(3GW^fUBN0-4q>W z!qyoai5EMP46v9d|Lj>~Ksm=IW^>e3?eAT?ip4a{zjO_^ALqRLCkyvrE+IIGQzce1 zniT_KBdpOO>`{R^O4t*OI=~(ZfQDOo>&l1Tod3@H>OWa#{`pP0(Hb^!_3=t+;GMB% z`MeH9(W$^;fJ`|HRX$?=*yWhAFF+oU5FuwbQ_VVNVlfEUdT$Mnd};MO zQ&axpgs4tEDV`+jCxoZ_N+sGxnM~X571T5o=kDla$&!?l z9ie08kFw>b8f%_+M~`_mhI&z4%68{Qof7R=gN<08((xV#hD2(HZ8_QRn(pltgQzPu zVOvn5vXg(tND2DX5jY~N+h1A(uaG zF=_9HRfX3+Xtwv*a4#I*gCK>zE_EmY@CgkryOI(%KCLMoXfP3ya~U{a!nn^r)8@04 zEiX*W4djzeJM49ndhw}{f~dPkU7?Zy=b9(M^6C*Gn9H*Xw%xlFYs8YG)(Uh#{@T8?g0xT-}wB zfHUJ9v)XXPGL0M#amD__Wx{9CCPUP7ALCm)}wKb`i1&Ao}!%ZbH^6C zT#6l$i#o~jdzwAua+>;$2Am+iW4a8t%gyfKG}*jpPQ3-NRT)uV=a>)+6^K}AR$Ie@5ucMo7kw8=CQMj{NC)yEe6(^>Ysr0anJ zyWP-LrE1HNUxz@C`3C`7oV@IgZ7bI0L4LURl!uX?$F(wi?M2~laTD@N98mfJ7aDsqa{EDeH%oV%R1s9xpwGlRc=3seyt!>R0E;Ev zb1dM@t?V4Y}U2J&@@LEcU8*i=|G$b($Bpz(S0&MQa0z4D{KjE75W3`xtAIr z9e(QFq`Izl8|;5Bwsl>(CBj$Oi}&4=+`I7d{77uRr{A7het59fbr<(!@qqbsMBOBp z*ev9Ixs8f#cbDoe!+5rN6<{BG>Ix^lDP;QF!Ht)@z;=-PK-WQ_`^F2Opoi6=m4Iy7 z26p4HvR$gBKJpT_PT7P^Kj-@iLhyL0gZ=oOkihYkkcg3-%Olx5ee05bgn=sVylcwA zX|v$0g~sZP*!>s_c0(J-!pVy=I34aw0|ST6`i~Es2D!+we3VVuhU0d(e%p}Pp)5j8 zlw&7Noe6TQq!cskeN&cM7>rpOH-Z?=j>_qFA}Q^;q4|-`GcWDGE!}WpEUJ~!3C}`Y z#aE(MmIri<1`WGYd%50&=y)KPmnNys89k}lRG?NcLH|K_M<|+<(mOm;B>-A2TE6|F>n-r zC|Wp<|NBs00x&Rt5zBF$vKfE@81JEge*ppo-5JLJZv=giFkM8!QJNQlz)yqT<2*U< zJMEuotY_--Ur10>>|+x{6;Ria{{n0Nb4LBoA^$xr_@6`mXAk-RK}kLh-2R`1na;t| zBAD0VDLBgCfofY}X@c}Z*F@{Kzd^tTH^T~J-V}~-jsFhsYuh|Z+{xJh&G-yB7x@*a zAB<-JCjBo!V7~g&OTe8B^`Ao7wSnTOMewFjz_t7Z@oxVXOX_|35M-Is`CF#RTlRDAb?){H-iWK?}PIeP?z@uf(!&Y{sGPO z-`z}l97Q&7D-0Zwtv_x5frK~LRwtfLBPf&k_LmI)#Yh4DxMb5Z1CVA49kS7)dVpB^ zH}ePza~@ZD`}2nef2g>7?ekTCbQBW}k&2$sM_8as>TllD)ffEiAlEPzAs>>^!idQA zDxk>UE$QR9xV7IQKkJ)b6NxI{Kt9WcU+`mIxrX_y_p&hJfBTg78NU3@_CmCH`~H_p0tX|hz;yk2_6b#+?88hr z7WHeHaWkp$BQv&V%0{(S=~3qc3WP9gip}>)UA$bntL`JKSeZOS!zzB}iAsh>v$sg5 zj>}=Z>JDDXzsIqqe1Y#4IZwC>}Pc3@e?xI-qe9H$hAr4HMT`cXsvBaKt%J#zEusA_0L9C2k&_q1a0Hbs-h z^*n_PnH~b_=8tZL4to4JU~a#xR94fp@&!?ImDasjt-GG-$$a!M3|Dn_A0%)KipeEI z^+49il1=C(&lmkwfX%CxlZX89$IrwX%k_I+>;9b4Kz2=~h5I0%)^*cvQ!p)*x^O_6 zdxkfM&db+olA~ETp%fv_VkKDS_&tW#94HBIR-Vw!*Eckh#h2(QCPlnR&0IT3Qj6F= zu5jAykOXuRPx1%7P*nu74#}2g_wv-O7E+%DjBXe zU|&1$J1wc?_w2|;o)YWqk;Sm5-AnZ59AxC#p=aWDm;Shoe_z8_CWXe`51nZ*~F79p>#ZXG;X9rq?&xW!%jH!geCVAZ4 zJN{%Y)JoGsB<6`B@shl9hS9cE37>6~K#z!ENC=XCJWJUZnS;R~mE-5fb!;fX6tWqg zHv4tMy!pA;WCL7IEM{N|d1TIf`ArovW9df`ISVT^U8q5nwu-(hyX`YQ@?tawx502C zZuU)50`9v=s;tdu2%WOu0I$oyp?>2G`b>HgsoyvY_Sto`$TTA>07Tze!eEn|f0b>G3`=-sBM)CgRc~fy= zDH3aGhVq4q$CPVvZJms_($phdd8X`U?OZ&;N7+sLu~nE$@m07t|3a1)08DoS*+L*4 z5m+|cjIhvW%Y0msBjxHiPwBwMYoZD`vXYL+@HF^?z`eKEC&&?~+!8;fuHx#Vx0m^5 zi$03|`9mK@(Y@8ZFJ`o2^Rar~Ln87tRgOL5=o3S9)IF-7^Fvi_vWy!1fv=f)o?> zydxQqd{pGUM6jQc9<&Oodu-@6xq9z?w`;#byC{s7DB_U9t%@*n2%&$t0{mduJ;GWr zDGGhvv5U=**p~Y9FTgB1?>VVTk2q?TPT3=W=Bn|ed-N`KAKSBa^yHMO62UBuEszk( z{NNsVctqh?R5l|g)Q_Ni%-z8}J8pNfZbqRG@s0{;;_GipxnYp))q!;U`Hq;G#<*v1 zOSglp60lM4t~NIv$eji^&GDtN8>h{TFsU=99xCZ^1Gu@uRzP`dc$8Mz=z>C4%0~DC zB#*>z6^+6@&l;|-BfF=}z044XuRgdo5x?T2NVq?&-sa}{D*J8I_5#lfv0mF>B33Bh zBndY$VhG{$CM3mg2sJvCrLDHLW79j2s@(PVs+$-Igvm<{!^80%3XQxuEXs$*ZuC<) zyl{!QY4gjpoe{fUXckR5eamW}QTRqoszhSBZ~C5Igmsg=vbYvIx-Qk&Lp&;ltI^j% z%_B6=Tn>7j=SNDRJt>FqPHH^KVXx|t!K-KCD$@~dHTJ}m?!g2YQhi$J)xv8T^-{Mi zNy?>!_F^$uz3~>ruk6A&xxGi&JzN7|mNw86&NYulSdBFsgRI{TYkw5;_J?mdJ%5I% zh&3m&vL3~%nfn>JPK=9UjWl}eOg-t2pI{%-*RIG> z%e7l(z_8e5v#Cz_5G)HXIs=s&Hlu@EL-Ya`I0bC&+ zhfCP{uJBkygU;c!GxIP4rcpadz9MsUqJ+BQ=|kZ(OQ|`zrG2d`)xI8QoWd@ws;T!5PNt zw;L2^%3hr?(i3~#&}+rrFX~UGm{tV_p+*I2;qZX1_7v{HbvvhQhbSY1miIRgk(DsE4$^ANtKveDsw_z3J*ERREY2}B6K2P>rS(5e7$IP-;@O8u3Te3Lat*Po%eFqKUZPhhJ{_Md^poJ zY!9(#1ih#!Zg8H?^BJJ2<{(p~DK>E3u|asmv@})hZPI)M#VZgZwxTA=d{zX%KJV!v zz8yM7iRVS=t5XJUeYk*P1F%@2&M5WQ8vNQ|#>pKT7=C zwuM<>)D7pDmaL~yra4!l#lD2h)<-gT25?6u)`&Vvuh+(|Era8bmc-hrp>@PoK zY*HAzRm0&&6N|%Uq<8Bobf&_sv|msA$>J)nh{Ind4dl>0bYtBP6=3P3HiCp%mLhd6 zlqX~NYGv$D^I$)G*r$tX$f%Y(3A(rnz zz6Q2|*nog-M!1VJ?_LMf$rp@V5#!|JYI8djh22CH{KR%cmQGm0cy--5FXu#cAxz&x zZPoR;8nv|T;3+xp4 zRaB0U;&K|%989_C5E~NFJQ}Q3wUew&VJNmPd49!GIVDw=FTR%jLG<$n1;A@KO81Ays%X|Awba z!;4;Q(UN63JJeQHS+%9Y5<}%^ZZfy3^b{hib@Zi$5SGGCW@qe}im}qB`>CP>QV7o@ z-YQnnWL4MH!aXMKT!r=bWG#%UGFB-{G0gRl#ep+4P&LZBZB^$Vyi?rJwAbC0Ll^W# z5%;K7l1qN{)NdL>$8Z-@Z*hdrXXXlh0kzl1iNCSwk|K!je41n9PTp)FQ&&K4sqs;~ zx|)WnnebpsM&u}34hj2Gx9ak_9^(;FCJ{{s2R>V(Se>rGt#-|Pm|=!!@J{iY z6Rdrh&FZ*eg?>Zy{-QZk@0cjbd_QhlQb!19p|hhVi$V}dlaC;g2kp6rlU5cAF-MeBygVx zv-1F(3VNvhd!+kA-nR1DCHkozF9vcBTO`lO56Z&_T^4Y$qwmo%(0g1g9k_DDfnaAp zFR63^rQkWSA0Ta@SE6j>tA-NHg?q>@>Ph4jzybU_5CF7*p{di!-5HN*;~xf=Kji7k zA4cRv(yknFMtYXa7t*f)eSAx8p1x|-%7{q(kcPRCUu>UqVuVyva zvrA`w9;m0O7!Z_VvXxuWwlou>%H_||X3^>Di3?E-DCztaa~qUma+FpKk^RP0!D=3c zr;E2=F#Qas84U%`)$*+q-bn;&Sq2`0WXyH$3F!|&F%XTVVMb?9emazYpe*v8QM2q3 z+D7)M$DG=iI1)Hgx6rIKe(hq4YVDp+Gl!F&;JMr3ki^iK{TR)}xfdK@GxsaziZ>7~ z_M#W3Y*_vDo6o+{H}bwuXKD7u5y|ByAa><;8B`gu<(loYdmr$fBgd?<82P{Q4F((+ zns9nJn#2=TV}b!eAhdQtd6^V>LA;C!jEHG)=S0+Ea4hbVTxT>}Fd-;48sT`rp2;2m{txc~ z;W2?lbBd*r@BBWULpAmaiWFZlLMY~+#B99u9!GZuw$Oc_%+BhMd>6<{5WNyCOhX_I zgIEWl7oSHeFQ-(K+95j5|7q=}Hd4#wChUtOhP zATkSNzx6_@&Nau6rtHJ58yV)_o>Xo7!H_;GK9Cf{}_>95~@&_rKVEcom5p0pr{Ya=vGK7I@E?ZR9BX!5~ZK6u{3%WPT@ zPZ!J;=vrYn?PP>(i}uuLSt~CvzX4OKhQ|bqAd628A%97h#h#Cld1+5^7JkfY$Pj-s zW&77}KWOql*n1DCCeyB6IJUux6;MHNY)DrT>BKUMQWa2oq9P#D1f&E~a2!PiL8VIx zmVhV_F;oMI4nl+gQBWcTh!7xRAdv(J>E{XRyi=U_y#Ke(Ip105pDdTG^_08rd*A!s z*R}VPaZLmRUinjbrv|P16KaBmfw{puMBW5odKvQfYs$N%1obCcC$6i zHtKgR?nvZVAT2|{4PS;@J_u=Ik;z1U*2^zF8?xMa?GF>ORc7Vzbuzdd#>=?VtG@L8 zHvi?8-=^$aIbUCGCZ?p8aIVG5O|Ff#ZbB_$w`!<7(h>xkEQN!=@L+%_*x4)Jtgwp5 zDbCq7Y9JF0dBpBNi~m1b{Qp__^FM?69}MOPf(;l7V^t%EABTdavAIy`6hOqK<&))L zA>-+$h#eV>nhKdnsz`DoRvQw~L}6E|aSIT$XS}_C`TMexb<05feL#TvvsPx*Z$aD7 z5%R+!YZe_fNj#XAupFubeTy1@!${GPW1+i-QI4z_PTNz9{^7MFh#uGZuhf!;P4vfQ z1fpSg`aOL};PQT??7pCK`UBv=k3M)ShtS@_s?tvF#eh;P591ynLk$RM%Fr;;P=yj8 z;2>l_G>YcX(v9xV`C#=5AgN^vdP9B-UpKKH^@r}f2Y6-(GXO*heQ7Yls&$hNt{MJ0 zRyHW_BwL3+CK8#pxoVg-M!bKtCa#6GolsTQ*2pTa6gw{tm_l&E>u|~e8E5*anUqG~ z(IS1P@fPn)GD8wS-g4&+=)8tp+{o|{|KuVy?=L*wwW;lPiAeZKkYfX`%s{2Yk2in64G**=7VsI5;~6uj>FLHmb406-)19(CV!Wr0SuxO@X)k zj&vcsu#n?@>SLAbeX|p{{GwYM zB6zZHe2%(lvbp1PtIvhF52nH$3iI|*;$G`MH{`1>-0_64b};c&%6qkCZ7OHWBiu@M zyvOW5zvMmdli7R5&kCnfBHk1%$QCaYukBARY4IB(Zo=KmX)Ak}#GEsCk2zG^@bOa= zy98~RX_dIOk>XhB=Shletxsr(tM6-{$kl37875Y(k>JDTa6x#*(cn(fQZFggtgGc2Nnj61zU zk+m>oV@{Gtb2(#I^H3y?k=AsE@Y(HA*n`u}y#%V*Lc*^grkc}|dU6(jqx}V`C<0Fr8RC*S5k^-yi{z4Qs0?OB|;WNU#?Vrz^va z4&K??ut!gga{eX3qXc0za&GQ&`c z&zI9jM{Fr(fPulDtX=Oun;^=9c-77=#8hzC~*UWD7_#I zda98+Op5G{o7|*yXq)ey{c{FRd))mPzS9ws8}mf#on6bS?md)oYA=OHwHK}DM;ASu zzy%yR#}hJXPrK`<9A4Nl-SsvbIn!Iw{;_JtjmcqsBD=+#E=yn< z0{^()6t_)@9& zia3)pvRMCEK)&10T9zH!eSQA9`RY6)Y2Aqau1@Q{_O=UC5qcI@0kJ9%`bLjHZf4Q2 zwdkT_vGb23Ntxo9pvCKQ%%8SyV20JYoW7HD!Xv7VM?RXCtp)eS*rjHs>3iOD-&N0O zovd%BS0m7UXUh)b9HpkVzF8)S-KOoH13P_F@!TZt)3zCDT2-Xepw1d(6eN&cPsn2S znXc~ghKpUL-8Yz?PCQ_~tiC^AF2W;McG(QVeQU&mn{_95RYN1dXd1n)wc>(>E%$a?dqsAn zLyMZ>aPby{3#}Vc&Q7=g#0hwcF0Z-WcQ>Fo-q}gJ16bjQC-kjq#fHbVIWPHsY02K= zBvNo+|JHL6()Km687)q=9n6P*=9(BFgy`cHFl5e0Ihos+Fj)dn>YnIxmlw2TjzkLC2CF)dB!Gbf^ZCh}CK?H9+uCMWQbC+BM5#*5$ zi(;=`bwnCo_TW}#)!?oORuX659mx9Py@u_so>z;t9K5@RLW~TzV#JXK&U;!YndG3* z@opKIwl;;tU_3ysL{@I6_^d~{tzSht}X~4 z)m(4$qx-ef+t>B#sJL^{))?5i40{q2CGJd3q^d7bz~FDCwWcfSPZu3^ID8Js2`kBz zz(NA@gMVZVwjZ?J4Asx}^hd(akvjT%)c?U}}iAWzXsbd)kyj zZg&WI5jy>C{znL9%^RNivAL-)c{P4sQRehu5*wBt8j<^hngObA?rTGUg-wQ!x&xtQ zC%uO>_9`S7Pa59o6=*6gsmid?uI;dRM^;wXJMP?a#O7e)&}rxhTiLl>T02f0qeMjT z>;T}tX}Zi}l)WP$`&4bVb@opu2c^AS{AMo`uPC9jOr*$=Uv>ZLz)9xvHU*e=ybVxqE9dWRUewU2m z+dzo1*lj7vOb3zPm2TjChwz|c{LRptz{@;=8A?M=dVTIOd%C$5aCb75FzFc0IXryz z(cI^G=G9I35CkA%6BAdj~#OB@8xGT0AOfBE$d*`)qK;d`gs zHV2JFCRzpF_jYGm(F5um_5^3@1PAso#cDU0jSqGkMU=H?uest^We8UMGMGnag9elB zmSE6zCC=Ile@ZoP`{mc?2fNP{?!KLQ3}|9NtCDHI(xR3Wr5yZ$Hm8aE@)j!U@}j$% z*(JMhP$MvU*bFJcF+0PoaakJcpGKt3IoA)by$vwK@?P0L>%>&fqZaAsGDZ0HoE z;9(#34w^YKlAUJZmmCJ^zczda?&(wR?{vNgsmL8o#hbRRan5+@lb-A=MFu5L3HF@f z`1fRrC9Twz)u9fMjd#rZYil>z-*Ah$Mm7jWSuE%IGN(@kcp78!#)bQv1L;xveap6k zRTu(gTmL^!f_(dM%I!`bAWL{?N5T-wIGE|Mt$fYyG{>jE+C%nd>AV=?rC>Fv>&V&x zg1V2plHyVz4}x2(>nqwYOltP|v*X_Rl*l+sr2(z{p7G-;wiM7%6@O~Av=riv~xvrH*S=WWyZoo_$sR|2u z$!88m>`ZR+ANDm-iL!Oh8P8Qu;0d@>%S3q_L;%%Nw{Doj>y2vSKdZ>YFjA*Er)!&$ z+Orvv_AZlqCrozfr6Zm8oy;;wvl=`MWpmP&>@tszsGZ@Wc-spm=(bz4^6;1IJV{5- z!uaPnOQY|)_fBV9M<`Vlok0@!V6Jq;4kE`za!ohM$qRpVDY&@!^ZTORP5cs zTZ@`a==7L`B63eiL;E!I{-o)W6tT9I$GP@i?}s*n*O4iLqExO&KPv-Ocv&D zJWg-m!TuLs1KWBmemI8{AAR!b`n&*3bCwwzB7_O~el#%AQ+s#X1F8ef+&!eQ=4Kis z+JV5HM2C4scNyZKI56dSt6`Aiz*=U<(}}f7U{4R331w#8+ODv^Dp3{+_!x|4b9Gz@ z%Kx|;<(P$)sHs=jAxiDfxr0dLQhJ<@6pv&rrIkM^Z7{2%!LlRtp!&gqknQWCIF}W) zItR(u^>Ojb`Z!?=25DTUTg%tX6WiIY06@ZPRbq<#%E`>xr`7>jl`-;*^3wk@WeM9Q zLySzcWI`nj63^PhH{aeq>vOCJ7`mYN&A?ted6FG{G#6NeK=w?G+^u6hQut-aKzs3D zRJ2?V%7609=g-Km$$wue`1~I6CVj=f!lCYSPW!=EAam39&q0HUpy|2MAu~v zCcRggny-Igp8M{Q{~vnFP(R5-**-rh>rwh zuM5Z>cmc>An16D9d=!vQ4=~>cp5$J7ZAFdx&4LHA?O6f{&p410a1tOwo-$RqizplK z0)QqrAY-7MoE-~f4D11Ni2+vUFAd>}`$b-~(%%eE8}JkW{Z#dku)W` zN(lXtBPmmN)QQz$>R&CYe^uiu6o^B#?+^LJ=)RMrx`y=+gh7{`Et`x$mJC{isdjGe z9JF|?^LuT6K2qb+q@n0xG0?eji(fxUn;T4MAK?8i3(e3nU+wCo%}UU7oFK#Ab}5ON#JUjNKCM5S2~d`K%r^u3nd*Dr@#kBnS+%`egaXoE4vHe z%`z-7kp~=qzrj3z*B3L&>^*v=+gW&IK}KHq(X|+-_OqVKcf75Xf(CsWr-4HSO>&NI zc75}BXq8vnF5)x(N9Z7B(9LY*^}Ij!z!)Ob>K!e*P@S7+-qV_NK@*+l>tpI4@(ano zk!ueT9@%;?&-cK9Khwd|c5|GrE4;7csPLlXkL^J`?4Zn;Jcd6o?-dKB&E01RN9&GU zu?|=2s@7Y2+4^L?4rM7BIZc9&>Bd=6KEEn;=`}^w!##lHQbD@(Bp}O%9~_W#`f<+$-}szoO;Xv@t?{#Tsr z?>^kM#?$G@$Z0zbnG!YKQ77&CHnKA3y`h6n8nVOtD%X59Mg}1mzNxU=ot75Ggk@1u ztBlZ)SP49K{4aB>pexD6tg@@~akw!P^CWQ*U_W2SI>!#Zi}BA*G#?6T+;2bH{u5?u zt2x#)X3T9gWUpXyMu^$(*!GvAG)g8@*>J;JPfFBF!5*FiyUDO7g4uQS{5rO9HT&M` zCO0+h^mF>o+Sf1NF&WH*9U5&1hxHG#*jif~sRl~1=SD6<{wUz0qZo9p`C!m>12nyj zX&=pQ*5Fkl9&}Ca^j_ivFLeThC{pL;e*1tln?0GZz8a_v_}fA9i-l$dPM7vK3K^ajL7bA%mu>!%4Tzy{A*b@011fH9WrWV zF*D%=mtMg;{}k}LOxw#jCYGpDOu+p~+yJw?@A7T8hwG}e`m)dZc}5svJ$tI*s)MY| z#g<0Az1Tkr(S}Ept2rYPB4DYEGAG_Zt2yYpmQ33P1sLk}=oKwX4jie|ag?4d@7~`g zn5?Ov)kf`9)gorJ{`y9QD#YASB+SfJ_-dR1)C9RcDq|l27TXKoy88}RR|d(zy2c1P zW1X_M$zZW{T{G*8pF79)o`5{RhAD6JYrjqF!e7YDw_mi~6EJX#8Vdjy zD`^xHnfASQBWgM*TMs?UaXe9QZ8&R^Q#Xcl7Mnt?42WxN51RX;1MY6`c753GZVl<_ z?p=1a=w=#n507^wV0$-TSoynAcq@{UM-R>i6>JEfwed_!E@dLwU@1EkB@(3oAFt$p zY;1?C@In{wFFp@wJ#x`h`t?0wFRd?(>%4t1#V*+#SK&6!DumgjfNAogpIH6bhU^qU zUd{nNH2rl)W<6_v;TDvwdO&Lg(DF|17#H}u2TqRgrEWsbXuBDsFKkbA7tFL5;cp(* z6$a@27-~V=Gj)_}?D(DiZ4N(brQZyv?RP2`EdjUyH3x~kx`9sGg( z$X{HMzqh6}b}2Z&VNO+3*aR!Yw6@gS!Z;22u`R(u;Ua70-@Zl7yF^F9m|c!Vj#k&G zOV1?$Evscmtf)cmd^~tz&$lzfM#yt#VfJqaN^fh$amv!Qaa=J z0A#DqZh%bsm!m?rXlQnXB_p&iqo*ok*ME|COTYv>%VXVG$cu9bNriVorbCv`-a#!SC!wl+TgpVdQ-*r9}g zphRPA0bPV0q?cbg1)o_-aV%KY{_eY{utXGg{gtqqfAAci7Pz*l zEhz>$H~4(ncTZmKS_(uN7f_ZUZk9nqP4_Ky&R+A}$KO5URT(Hy2xfwha?$8_ne%a0 zXnTJEnLPN@K+0(;lEVuMjEfvK2&RZAWdjhD3QT4^;@IH^6`L;ZFSpJ~v061J`lcZaJH5a~6%;fGK zx$*ENea+WH#g`-v-&*)zaPrK$j=to_`JYr*oT*W?d+-A2!}%}AdeD>BzdiE*bMJfF zLH?bDf5z;44ugNj<^L^t`EONJa%anbQ7^hBh&gc$I}{BEVT;boKezEs`9C)UlFyu4 zYYhI+ZoD-YeHywyV+bl(COp3AlNCR(WO#`iR115L?|5$ zTgTi$$H_j6NHQi4jF_OJB+Q})dFB|Ckj!QaPE{eu(Vn`#;(dch!$e8scW`vvdn zQym#QA8$x7sR~maoJ3st`OqooxkFym1Z8^8B*%nepM$Rwm3@Ay*EU3AOPe20@_e?> zX$&?%G= zupq{sm!qPWP9$HTs>qosNh#Y}S4S}6ru0lWVZu^0NVZ1tWdx*S~l9oEjD7z{boyMt3vntj+ob(qym(yFazwxS`_L zzSAAA$U8=fB)&Yg4X>@dIhj;%ZJ;r>mIc$;&Wgb;@83l)!2^p1FZwK^f6Pys?5e6a4dC z;BIhSlu#WLcK{C~>9ohM zi|)I8I5Nn&ZPKx`-8M2T&So=ImN2tn-jg4IDEq&-ngG4AmiQnUliZQXSMmL&c}5&U z=oRUzX6h&f4rcPg^4$irR7aPH$Z#zpCo-^cYD`D-0e7z#iQsGF`%6tSVlZwcSfg?< zb~-o?sgj!)aH=&uZUhNgA3%tyvq2~3jYDcY9d~(&q&!?6HAg3G_zD$W>)h(q9q9iH z#a>tPV3&O_2cRj_@RN3I<=w`oCp48S{H)Cm(HLsg0RLeM^^m?36!-yeAFl{N;=czE zyCU;0O)U9T_jcuyxv&?$aVqHMK4Y%AUmfLX`HrL7T`vuo3=8w&d*!*e)cME5H1C>D zL^=yLjk5?ViIa49O4I|!?UwoFS8p|)+0fuaj>YLs-6?Di<5#w{K3gs2$#XOS_%>H2c4c0n3bvMEdS!BTtf$pKLO+1W0SQX>Nw~W=x zLyz7%-Z=%4B3>;!nDvBE{`sj^b6TQFb9-2C@&K<2Ve!sD%99Y+jU+bS8^c+Zg|aI< z!n)&HNu<-hodD^p3^kKPr&+Am)z2xsK{Kizd*Ypg=h^j>%6~a7az8R?wvFiXYdOC4 z-%0YQ3a#_!y}BbW%>$C4bw#%byD7F>99)q2DZzzs6*|L&J|dBnFjK>1Mcx_gEfu@z zYgkY7!AvP;YKVk%cDMsp3)&^d?tFgo~mui#C4G}RkhkYABCYXj-yDR5_x7Ovp-{? zzy{zzs8NK503WqakUOf~nzm*yh$CKH>_jj8kT=#T`)6-o$==0 z1*DWNTgRSsem_mVN^`?$FetVM?{sjRfquNCUSstbTM`aIgx5N4n6F~|^TXbXkw=`~ z?0`nY9rf{j7@yV5Yb=nPA&^?+FVK7$ODz{Zv4N1)UyD1kr=!oNW5Z8_8{mh4S<UBD(u{vq%vq9F| zLaJH-q+kFrgUnSrq)2k=DlVIv=} zs8Pd}{+im_;TH08eit^%}kv`EP+rg^z>nn`Tbwy+&bT{1J!e-9!W`q$mCy|-x zZHZ=xv&FX5aq(V&9>&eypfQlHUY()m>A80u;-K+dPXa2e$LG;-$#Vz0v${PY9- zlV8m9hJ0$`jtsPGy1MT{x99B>LB|aowAKeduS2UvNW!&<#e# zE~T9jDA<5SRX<(>h^Od*7=?lhDup#(%`wSHVWSGC3NcU_k;CWk@Dp_{R6{v??Ik5b zjp2jMuyTI$FUijW5*l$1jE1;H42q1B#`w?M^J4p}CnIhUeL!9Eye@wt_{8Kk zF^d48h@amV11Vj0O!qe53kOE}p_b|pASc6}tYI=CrH0*6_3oiN#cAK>3}qW~=Jn-_ ziVC)y&Gz)wgJJz5LDn%`K7w@Sslnx^E&anfRX=tkcK0!(dDiycBNJW>Q{i$0=}u25 zOr+V7clqf(uUMkR!@v zCsE7t%5z<-`C96!Pl*14iZdK;n5r_n%P^ZS=4C<*MA4Bid@QVGl?YWnj5Kno%)a%EN}lizgi&h z{RzC6T>}q)_wQCiszF(2CXHq=9LJv*OiKE@z z;w|MkY5DvxDOzC0-QQ?s4xI)}@6&aiuLwK)i!l}XZby$~EM9Nk`Kwi-Og&}adQKNa zGee_8q|6Tt86xd2)3m2R{GM>KULv|(UtT41lz)m!Tz@|g-+E>6A@4I!1L> zn(F8Hn5B6ER-i6|z(d^NAY#!xyyWFmJIKxJWPSBZ=Pf!}FJaU5-@1<(PM~k4QDS;C zPl>8J2jeUSeQTB^Fk%hE1Tncb#QS9|`MeGZ_yn1!Qv4yg8yH{(zw@T5XiX%t#I}My z{HdkU7O+~qZFY;d!pcvEbPtfHulpvFNh^yI42FHOPm0V!JEuubjlSwBE*_y%uc~&I zX)3$ib~^_o1LSYMF^TJ-kZu`3eTpuGUAx6`_HxukZ2_W%da(l$090F#CliK!-UO{3 zjo9rBzlQD%lbS#)?N^?O&Wk(Lo3cfnvb&0d5W=B#hlCv1kpQ~CwhH+GBk+Omh`Nz7 zoeBtVoU$$0oEBHU3{TYHGF)_nFZ&KMwGhcoP?nBcE< zI0{dLkuXc+!OR{&Njr%<5OSId#vE;jQf^t2^K;`QK+%)$M$O@IX@rkh^(B`tI+gnr zeO@tL?$VM~f;$R-m5E(xtD3ov3S>s=G-#Txc{v&;=;(8Ax`gUf?99@NhZWHToDHeosXMrE~=sX@~Q{Zrc|an26cFjs2CRu~^w z^D_LT^Bw=S>CwU?Hon<;zrN~f_aB3MP4jm7Z!gW$NF9Xj9P4CoY)ISJUq3P-p|hPw zdmjnx>>os!)I|sM8AleO-#qENOgSxtQ}Rd+qG+jT6Ih{xb5DFMK!vDL<-^<=poC7p zTj17Tr6WlOXqoqCgKR+{*Jy7HnrsvO{4n(Sa%ex4OCEcyZ=L}kq!{RwGM-`)yW9Bz zm7){j1T;sK{XV*GFc0Z;YD;^BcNqf*3kyMP3{dSfRYM^+bnxd1I2CTfX76FQdQMm| zqW*D^DnLfsD#s9jG&s)yHbH>`hGbqJ8ukk;b5_)seG>_1;YC)ujpb;F6~@|V9I;fH z^My+b5K!eWd*yX3_rgN^%mo*U#&EC_DvggwTTA|(>kC*kK*E}N@mkD|HjiW!)Tn;`*R(jz}b{9 z-(ZL`AQsJSHiz@SXk0enZ@m6*L>r(jU9)*%0K)2T9eM%~(tiVm0Le;2##jD*lhCnp z0P=)*9q9EBreA4)9m^{mPyE46CkP8)sQ~KP^xw@otW3KkN3p5`mrNF7B35kwJMyAp z-lZIag=j(yLMRUIxk3~R1Vv%$Zny*JOV5#iL#OQiG5m7^77Z7VOpZ1H;A;CIoooZ1 z99hBKc;566aP03XoKenSz{}#-&f3BuIqj|YEr2Y0|1GkNc%^1{5KX09;YGs9?#DCH z6TNbbRD-KFzs&k?-|~)DM9PNqJi&QZf-Mlkha2QAdq&y!LD=|v%=co<93Vx=Z~W4z z4W=f_i2htF)H<28e(XQNVmYa^BRriG`gQcgc>W`Kw}#L%lVxXtTr+=zn0xP00RQwx zQv+z&Hkp_duvZnxLNXczpog=OX}@Ptlx$N#%?O)Gp$=#(c!Y3FSBi-1`%mg<8~)Jk zs;SZE@}JeCOL^fk36qTD@JtkkcpXJre`R98+5&uWkBRGd3Aeh^`g3cW1`hqZM<_3T z14?I%O8~F9;hN+p_@5PQ zuqWln?+Vt^v|2L63Fw}qeA1vRo3e&@Npb#6tIhQAT6@uUA5#4qcsI$REB z|C^pFW?w1>rP){k!q=Ko*8!2d^~t<|<*xw4PS zouv(e+`h5~29&skd=~~if7U2V zJ+D2d5e8U_SKxA0+BqWS5v8A}Qd1c4FVDo*%gGb6vJa%te0nkuxOfAG5RSc@3<0Z8 zESP zan@P^xnbM*^9BMyY%b7D66QiR+GRes6*6148+x*SuNXWZPnMIdi>XBv0!^a9XEG+c z-Gv%58B&-+JkS49j)~PM+fu$6%q}5w`aCZ&`XajiIvJ?a`h&=T(|boxy7tPcKmIH4 zxwRNP8u#-|AMn`upE^p-8M61rOB;6l;h#?)W0s^ME(4ln;xu{;!WR1cv7l3HS!!5E zG|^tB`9TBV{Dg^Ev(06+mosARaV%SUP9#p?^hW$l-QxQ0x{NXyfKThUn;nEN`PgH&^~E z1OlWR5v&rg4q!U37XB-40+dl(wPbI~kOt_?|MSfiqo&!K*2$a6tIzAzbb5Sr@4Bb5 zz=b#e&cQO+{5i|)LKm-UZn|(xt6;&-MdOvH7d;$W^l6pX#~(C(ZfcNa=fr*9rw-1Vmt?nLe!LYWYR=kQLIu#pUl)RC7~sQ#yCPSB zgch^~Cx7~+0h+&fGbku?J&>E{?LN>)UXV)s%3>5~#r7o76Yq1t2Thz6<`htH-k?Jd zfN3t+G52{?vHW{b{}lZHVJK$R&;K?5J>S@0S2LqmRi_53vHWL>|9hqVm*{BOfPf)d zPLy~C%Ybc20D}~5M^htZ;{yU77>SVj3dAW;gy>)|L2Mbiq*1CK8;4C3X<-}MCjPQm zRWXVgI}R@L9P7dIfox%(0eCR+*<#PM6;0jU^>rJJ&lq>1WCSE@0F+1pB(1%4Xb`&AXwiP<-yFHr5!2cjfMh*8Ax=yR_S~ z!kk#AXiWNxS{N&%zSw2nbi82bu+GJT%A3!LVv)cltX;1 zJybv!w8hl2hzI1LR>zL>ab%T=sc zyL7%`N0}e^D(dyd7kf{i*G`VC-6q=c`hs51z>PyISUy+zP5Ajgo<950`C0Td{YJF} znHhm{eS8<)C$D^%^VvQrTCrq!*m!&!&~@1NyI!j}0y-jygA|>u|GBvJgA;P0!QG1o zV;Jw|t3K;i8nnrIRy`K>BQ5-hr zs7%3B#3YT1$;c>DNPSlke2*S|Dl}L|8hZZnZOc-t0KZ&q%Imj_Pb+o8HZ&pEHynt6 z7^&XaWAb)gT+3Q9whvuYZhtY4%ZDR)kre&`WTn@rPp`G9-(#>nzPyFxX-;`~g;p4$ z&2Jg7@E|>sG}H6CYN4qd(~8Ye?%#3LLd0+=qj7Oz%IhS{HsLjQ(sv4yjmj+ z_~nP|>z%HGg$Bqop%uad(NewagTT@Su8v*4kTs8-)zClp}+T z=~O-=!uzP~gcCZf@f6uK?!>FX&v%}YV4|LuwI$vu@Q}n4Wd~*)hNKl9y|MvykN(X% zBJe?J|4T{r+&#GSCpKr{++^<&sRXb!*7sRvN-6zQ=N4JcPV*)K`JhSp#0InBSQ6(= zB$oeXiarpF(*EmC&JN!Y^uyK`ou3`V$IKLd@(4B>y5)au5%{%+WT39xzH(*&g&98i zV$ds!@p?(19g7*UcwBq!g`dTr3Ib$!-Yb@GWEDmXdsA0cnlV@HMp#Vlyp1`FC1dlz zyyq_W(<5H_^sMLm;YaG-sg_fay7uU@t3JlwIp<3~`F&$n4*Y}a6zBHPa{~m^SUs#M z5@Xb0YhA`06y1>`wo}dNGafN0|}k_z&{}L8;%%ISS2q=k7m^W45BQ z=z2Qf_ZpDkXrF{V%qzxe)+44odqe2hj!&^|5>C^^6Arx8kB;t=lFeMP%C_Wb zQGNoFyVHh7JP~S&JGShqH#3&Waw6fQ!F^l5qYUd6tB?z!6$wm(qNBgI1Z@#02-I4) zbC(Z3W??|bM(N>s(_F2WyU`1VkHbry*$2b}mgt6egyqcM#fQ^1xXuNql&`-sB$qUc z^hM1qFVd!@R4C)PAL$yop+v7VY&(@`bpNQLXT{G;>vw{EVOEFg{5=qD*a;7>)CMVk zU-IZXw<)CnoNN44vZvZOf6cZsrNGXtCPLA=g#QS%@*D#}!4i#Z?-8 z!FRe&P-H_>T>KunBhrrtcP{T4PLQsVjxJdANPJ)5@nkEOy10EPlFK#Px_t+@s2W_y zjM%QHaG1+gD{K~p-Z)^ZsP^*7ulQGt)Om|Vk^SvntFQ+H)jVh_we-@dymEKw4O$sP?sGz{i(E?TAPa^5OA+4 zw<3D5hUf{uDqVPfX5PJMF}$}cS_dU7<5_xKsTiS63!|>X!4*PT@n5ZP)nY{l!*)2Z ziQS)5FnKA);PBC5jW$o#8Uab-?4kH$`jhs_&2fwNr!mw$tg!DB;EJ8d)W+%2bUTi) zK|1*U#^;vEA)X25U9bvb5&0>cP`dFa0vnd+L+0%q%o@2#+ASg*jYBU_553sE+P213 znLl83U?WVRrN{BH?~fMfwksb$;3bM!!t$<9=8XFXScvGNLyu|7^}ffJowlcjN+n*1 z1th*ySlhF`zvG1VWUZnN}QZkM}>!%B;qT90cq z(Y>_#xE1}xicKl*5a!qUp{0^U8;Le$w6b+`o5_v=rS7F3TtdYdTMW`@MLL!f zWTA>M>+-`su_1qAx<(rqHoeeTTLLS4sc zWaX-l`@hoSzm`I>`8p{FAo-%aOh-{jQd|&hjre_Z;;Ty_>R46F#9mb(|l4Z;LP$xy^>pG5kMJZkeN zf!)Qs3CtAonB6eXLa`QY`L%1gaL8|R=UY$kGaWkCwBt%mEMHV1K1}3Eu@MGpsVUxI z^a9V0dI;wR9N~W#4R^S)*WIyq&valgj6jO`td|@R>Ry>OtmB1)Tau-pveal%L~$$? z4_ClOfcw5POVO2zBO0~5ln?HTD_?4iMcmvd%Yv$j-qd+WO^{L(Y^RgZipD;6=UUOk z;!?fKNM(`%Eqbn_z-?IQ-4>H36hI_rfw>XA{uIi#Rmb^|RY)Jba9U??>9UI&>T4I? zdJs<@L=ycLZsD7U%B;BMEM_U^x%7P~^mrzzL`7KJj&L4gH2Df@OxNI08@k~llfv3i zU%$L(L6LboMobrGa^Ce&4ZrPmX~ph>{-*xpa%wq__JEwxbWQtOY*I zo0rt7iuOYvUfds5LpzeX^XSq$mar!aAEXg}x%p!7_#yn157hSgrsPw`&)=<0&_;(E zUWho;Di_LEKF=09UufUjp9#Z1UhygfW;OD5|M|jKlJ?NQ)&=Wamo%f+?!1Ia6nx-D6eu2IEGp_@Lu*|6al zB$`O<^IuNUU}{i(-eV>j#B1yhqljij5;WRkJM(tKic*c?2qM>XNP{1-cQ|XrB)?-l z?#JOU?cnu^eMS`Wr=|NEwHQZ-<4<@KD=OU+xLF%KkwJD5N4HM@h-L^qxLIu(M(sN7AJVa*>Xb&)%&O@=^KiYQa*H5Z zPqZLTiX0i964eU(&h}DV^&p8&HM`6BVmjWNh-EXHrYB;J_aEsbTGmT4%Q6V8PuAIetl&08F1_Y8?!WSMjHqE62?O`8+~9XFKz38Zb1{DRyp0oC&WC*k48*9d z;(?dX_ePGXg|FD6pzW};?dsEA8EqMUTZ(Py;jaq%Moy(VHx1bML}7Y9y;oBOgxqmm z=UO%Qz+t4>dY42}cb{!(cfh9!Px85(4UDwF?wAb_M|E6{EL#E`-i_r7>?-c*au)#*72u(hY?(|2#z=_Z&fPh-Iz^Fe-yfU^YY zx#%&I%|{;_Bx($)p33Zs3KM9}Nq07)Y_3=}l2xz&2$M9>5}8*OI>|{3yV^C^L&I>= zIc>sY+2gUM0;Bsj>xc(Wo;4nsSX`mD~Z^)}8eR9G^fdV=5_$jura#<6bw z93~L%A>mN;5+wh+1w>?}#=hI|xQr`tD%-bo)riQde|0Hp^{41lD|?Rc*#ohFfxang z&Ga$hn`g<9f*#54xG4w|DSQj7TJrqrTQF$hnnR%X`bNNKK5m>)ATMWz9@ycio~BXa zdGVT&Z{IUXWW&v|3nwWiYh$RGrUxjPEC!5r;vWcHrBuqcjKueLRSr0-kd^A`@9UPGnhPqwA^E zvgrDD&NG=~x<4M2bXf8QeE6@qsXojT4i_bgut*D;E=uuR89{GZ4+SM4 zCnjG|z`1>7*0%>hs!j*MxG30!SR<2;_z^V!+YQyXOC_y6d`gSXb8ghPi_i5;)rH;F z)Jzp(2I#fSO9~LptiIihPx<)vHKoMc3Nbap6_HRfax|JLkuz6jf5u~Z`@veENeU4H z7knb|C|ts~d-1BD`|qM(M~Pwu!p2U8xqH970eJ8)S)KXl-=%MmFJo}=21x0^7{qGZ zx4WO!Lv$xs(}o*)P~@{3bjq@CH|j2>tO7oHCT}JIHX$*bv+>KF52?3MGjDg>cUI_C zq^uKWSCWgc{a#4f3j(Q`nw0*84!o_Z*#fTPacDGccOp{MjR zazAZqK$Z?VT6Pz7J`?7*7_?8S(fFGik1QiT3ILw;8wQ0k3e?7~p>C46-sHpr%vE9Kwts z0T(BjIoQ9=Kp`Fv2u}RoQ}g4;o$k+Bn{Br6c}Cw)AB$Q?c(X&zC&KwKD~N5s)%Tx8 z+-Dtw@t&{{0g3)Pyif zH$0YG&J73EB>rKg6<-1cxf@SLz$WT|2F{8>l!lX4$oDJE0bD^rR+)6LK29(+6>|IQ zGWk<)B|NMOR4Nyckk~zF^}lRc|9IQ~0UrJrVldyd%>T82>#ETx6MQC+*{^C}9^jz; zv=KB}oIbn3#D8c@Or)PCljp?K?*9Ws{U62TtZHz$xG&Cs8c|9@A@f}?(h9$W>A6QP z3=vPTcm{#12eWh-D;o4Fho_#_Ap>Mw4ih~*Wp#WQ&IZ02RQ-7RGmSVL`Jw822#Ruh zJ3Bp|LbSAyMJo3m4z3oz(;y0`6YB)&J7~6o2nbvyZHKLTW=HIt{HMBDsK+{99b0tu z;)A-e!oHY~{_$~%IYr-TUACz?UXGZM)eetVVTrJeXy>tMUQJnq>WkErQ+kt~OAhp* zCWrPxP(35_5|B3AAG6I3@N(zEF6=nbL{>epuF?TSh|@Ta{MgvcLXHN3IKVZY_2DPjY}}}1myJHJJXM!pVMKgHXKZp4k`a??7V%OLFgD!NgQxvs-!V& zd+AD{X%E$!x3igwe^-W=t(u!i+oAjiXh^PkU{$tnm)clZpt=_$E9?xr$EM2{{*w0D zraO8es@1Q)nKeRD*E_H?amC^LoX9@4{nn4OXZ-rd$z@Ey^NJmAjd!j*5Y&AD;#BlC&FBDft^Xf~#k5ZGc?E=zPhX5{zLJ(Uu1=h${JA}V*q zh2o0^H6cqSLsoji-2H}$&yTvD@bEe@G+u;I^E1`<$;H~|`W8o~*pUoaYLM>qOv-++ zD3G|2{njTfE~uQdkt3^!V?B{co(iN`Q~c`agzu=Tt>jZV@1{SChu37Ct&{2`oC@D@ zUrFs6`LUX!>GZQAcFW810I#dSg6zN3WtGTWm3ly9u<9|(Ay}~fk;xvT zpIq9iy_16%tw=A|Ch6)CHkG_$Dv^u~0&n;$b`8CzTo~)KJeopZqLhyC4))AIuMl=8 z6y{sJ$KqA-HL}%gh3}4KK(=2GEJkXQ5aLn#%NefD?eHC26bv(7BnnvQM+alJwEl|g zwT@l(ZePE(AZ}UC+YC`$(6;;9p~eVhsGgE=jX%1Wv9dbvGBW&$Uvz&hMbPs$n1|#& z%~(J8QE;s9iT4CmVZi*`8Pq}qLNnoJ`@3@9=~&g>sZ6;=K(hYc;TSTKq!5-6n9fMl#9SF)l@xEBxJ5XvMPNC zGZN6NhsdQ!_dyTW&oSb2zzA*Lc`s@Gu1RonuTW3VaG7Em*>+opUNa(}xw@v0od-6T z&o)h zxLc(8Ll=b0IFFVI^E~GJgmt*Qu6E1V#uvJXv;LfY@+R^ONuwd+HCLmaKT)41oyq?U z2NvG?Uf}vpz3T0=i-^EKDx}>_PoM4Cfb$Ezte=&<9P6S0Cc)_lcjCLqZfmnps$j(z zD+bp=6>{RAjOgw4#dMKo?#rbbO_W4a`P>`);=A8HQ$qgCZ`uajF$32VP%^9R*Vb~W z$F$E;=kntj2R2Z>On^klU-d3XsRvyA`e>CI^ZI9|^pDvm z&&`76eRJDkD)?S8X4hL;D8Hh$dw_T3tvu0`MbKEomDOX;N4+iZoERrDn9(+^p_DQ6 zQXMghopyGh@yEI8?Sn;3!#SS=N7o)Y^o^iSA%IM|M(ZjTmQ}{+Y%_fOVxXtV^Q6x0 zFZ8um?YVUw#Q)Tv0k0}*$*G^yPJ8b=alM45-`V}^)|j~5nWEJRCB1W(3JorBM8C#wi>}qB2OGzAw`M8l(1v zg;SWKU zbhs~ZKsz0w*Kj_(JwbU@eT^1Y!%DJ_;3_lh#{T^V0JGR@p=XDTnm1yv5!i(vFh{So zerWK-^mpq{k@jVe{S^QwtR^_ei53e5hR6lD9I7A20 zI0Va^-sDjdnErk{P{)T}90i7Qk<>XtTb!YD&e&hyzkHBeKD>ALa{#;QKZGY@)r#yn z5~yhe@vCwk``~TxR^rZr#og7X6VU2u`Xj9s#Kmt0SX)$s?UG zW6LOZzkK_TL(hAuZOVg~VL2ScY4Cizp$!0tQ0`oE4qSFwoWi%;v--dIEVduJagFx) zC}b3XbYa%FcgsFs=hbVp%Ol_r1OSKT{`sFCk*`*<65q;CjTEr{Hw7Ym2DQ^F41?Vk z`RAKhy<||EH&P&4_W1&b&X6DjM=QI`kbkw8!LuHRM za*hY&UoG>3*;czMnoJOu1er-Dye9(T$m_Jxt{dem&EjX2O z>)7UKLU!r+6#%UBL>VwSsUyy1>D3hz=$cGs+hZ-2Nkr9VC28&k_WyA>fkueh+d19y zme&u0t(T~AexGeAave1Pa_gb^uVln0t+AEguDm}tl>-eA87%Tn*PG@$x;YpP;ZXhMt862)2?XvOLrS! z8vus-*pcon+sStc-MoY*oBeoo#gNWRsDVhD2d@<0Q6bNIL6)bKcciL=9$X*qHR6X` z>JS#|cJ%H}@Evri>EL9ut4g_|U&bMuis(JwF1~{ae;!^{(nMjIzcoa}?rSN_{w3SN z|E-)o!mt0eVPmi5eAMq_7Jj=D4sGZ5)1!dry&e*Rtao$b@U zkBmvYKV-PVfS__WMtJEFrIII*5`Fi>b|Mtp1mpgxUrUS>x0UyCq=`RF{1zr=b$L8r z-e-MGqCYue7sigm<}Mj%%5;z^mkZ#v=Xuwsrv|scPPqpg z+uDYXge~~~B6OL;lfqcBtl>o&So&;b^46D}Q`=hBdUy^$n+$kvWjP(3YQ#K~N7hVU z|Cf-HcXqqxu1MHreN$cxtVYH!8x(oPG0<5;&6OVFy?2k77U;NFQk%QLUjwX-m`0?wI3 z&x9*~P8oQ*H@9Ufn1NXbJsVtGTtXe^l`s3%pVNQfU7uh1Tlkgbg`R=~WRn#{-Nu71 zAFNnyI}U<}Slurp!%P>cZe@Y}{C1*KKVQo`&=4-ZLE3m^&(ZSjel4*qMYUEY2WcVk zYa^apb{tG?J9|>(ryjyTn_Sau`a!bj02EUbZ7Gvne&S7;rjG{eS4x8n=xINt zZum^}j>_%vS19r(N~!r6*F2Jt?@hzX=L*uJyS*DtgEw$fXKjU6(_NRjP5k=LC)16p zZ;fDb4pn}2bNT9)8^o74P2qP}6xVq=Wk2aT*05y!y;b9yuG8YSZn^!l5+sZj;V>4#a`bv+KHy~I!u|k~Dh!}fCsefkmL||I?872W6Zy^3BjZc9{IZ}dkdE(Kb@s161AkwG z%#f1USy!(6PAs(xjarn3?)RTszu!R6Y6v+k`tG+HLE>^3?swalMu$N_rGk6u;={f3 z6T?X*l0sA|fFJNSeI^2HFlySv9MP8H>z?asYu+vEm%p5DEjZ=yC*d66eG_+ujac6m zpuoVe2~?JO_W?;t*pA@vshxwhKY@^^5B^DLnCt3&*d_JE?#N3#)1}~bKc&P3u(}MK zuyn-YBd0^QU*`4RoIQ4jp-ZJ(s9FSq59TkA-AGO3q!@+^(h_%9E|IT}OpY&E$Cnha zRIyw~{p)8fUm;R|`|JYx{kui?f?pLpU2`%p995ZaPPQ%Cd*(-%1@3$~{>c674he?N zyTZ~vO*LO#`&Zak`;O%935du*G=(|Rok)L3yV}W@Oi4N{>AM$`V*Caxa==BQr!uxr zz1D5f_n(f|aJC;&hr4ln6cy8CmTp-=M8yq$2q&enwRB!ZZ^_b!IZvv}m;^TjKae{| zPTZGbnwtu2z#|&f#}Ol4uv6cKk2&#eM`o1Yi{Wd~vm5Ji&!?MnhaMt~hZ}~znIqRK zC-~t^g}}vsL`D?+JCn#Uy|;O9#Q|m5Hk`bvoqVr_>)W-cbJj8dG(}!c-dPZp47jlK z7A?~sot7v&(fp#IwyLqcea7=a{Vd_$7WqcLDIOceMo>Nm14-_5u zRTcY)Gc%S}nZmyUaA_t8*1KUIT*_D6JD3O7 z&13N^E7VCz*1Km~G^>Hzs*(2v#7icCr#bg(&2Kf^$+I8k40zu!+puS`&F3Oj9+!z~ zf1B6_Ia`tWxtKsaIP{tE2li8stb3&M@Kb@?bHMrGo9{;gLn)W2y5XyY+W&*mUPi#~Z|R-Bcoc&}Tj~ z(+y=dU8H2&zTUh2bL&+$W9u@z9kLK@_lymbAl)vVQbo<5VVQgM^0{}Ou1RibaIcy! zQ#~*7LLl_B)IhWp)>NgxRb@vGz_(mujU)!w-vB=-edJDciXd*DounP^r@GG0?M8 z-`I09*L!#0`oBdkuhAzcYJc6raly&Yn_$LyR9bvvn!9Rnk&1gx{4QeG;@g7#&66{m zV{R#$fH;yS!9MJ?39{${a`Zk4U&q(K`EQoc!+T@xf~@7-dw@gyKJsgx?%?7d4>kV0 za>AIkv?~gyw76jv9lU=g<${T7a*;)M%hpd@+CAgZ6<@{XqtC0l%O|@{ESxR=DU!=j z|LH~v0lm7Qhs%hy2e1v(c}FF)dV>%ZzwUUM@J;_$$`{BT3}fOJ*!X*zP(SZ;O2{ww zGIuVH#pjw9tB~Y#8oyRDZMNmm$m~%D7lELIQmjHdx4KaB{7&P$@E&{|nG6JFJPvGB zKCWV}Js7x*_mXkH#EiuR7p(cLkh}iXwQubH6}~qmZ1`G(Km-K1Jex=FIow#it9^;$ z(kk}kW%HrV3uvmC)1*IpTp=67`&FCAP-;DkOUHX^G6`>+0xl#kZ4B=JW3Z?w9);l@ znoMAsJa4xg^b1F6TQNm5Az@`csM0%i7{Ol8roZxwAi{=P05O+i=sK_CzK*PHJW0nSHHNL zxVqjNw6E7`pG1Rv{5OPf;@!J*blkw?fV=I zKmo|z5x7=A0u(0^!?CaD+1c&7v-!6*yA6XVa1(mVtkE=GBQ>3%T%Abliiq+R{*b3w zb?tpd1K|1nHKPOh&}q-JiCv73dSst4YYpw?zdQ44-0&v@xV+BWrTRnp2OG@h$ACG{ z!S2r2NQ|+WBBv2ct_B=k3$-I`MFIilF9VmoMBn_?N8>~ ztr)v}()`eAYk!;VIUX#X5x;NlFN^2?^6k1bS;<_8hxZE~E=1pfE>^*WetH7r!JL@| zMa4zMCNL@&Pb;z}qLP@n%H^;wQU-e!pmr zlU?2g?R2||(>B;8MZh5i(BZcX8yK|tqI16Qf-xsph~rUXk4+Om?dGnYJLXkfY3?&V zRI6)k_mVWABQD-V#Q3_5IRRP?8nb$V+{JFH(>c3=`$IX;B(|1pI$>xinNBtiJx0l^ zNGj5BJBkFBKq=6wv?r!LWx6hdh^E&nnRp!a z?%=ow$Sc@sV;^`t#a9x*cE0}}ag^d*8Bn*g|dkLu6`7$rzW9sKTv&+c>o>yXl&|Qys>zD@*fYcTg zzQflKvcUFZ_GEu4{)ICCyG1avvHt(@L1V`< zP(9|I@IV8MyNUuBoc_(|;4j7hhfrpX^SNmo?UI}XhwKCmU?6derex&YnTQ<%+fEc{ z*i5c5Wpp4I|Sbyo2t|GPwyg0sqvg< zSRPTp<<(n$?6}PdEqUBiK>^Oi(IaWj>dm;)(KDf0x0oLIAi4;2ABs0U6a!zc7lDNr zW9fo5DR+)J3D)#-!1k{V1dStCqt%^iM4%)D4@8t`im_Lm>lrxv#4C04qde34-aO*K z1=ITbS69ip=Fi)Fq`v_Em3Yn*Y~xtxb;LO3nV>7;0^l^MM9*-hqIX=$M$bs2&z|XO z+@vi+b(P5z;)hOjSC5?6W(#CrD&L zPkSVdo3@2c1?s3v&lMqu9&RM{P4}HRg)UMA!I8#7Xik?L8jO+FDmHSp3aCMBdz(ns zplrP^n?x_H=60?vovfQ~69ibFNG$EDh!j#n5*aupHQo~kZ`-HGZ{S&Fz(oa#JrN>V zAF|)uUZGIs6f6u#dL%tIZHvAU{FP9yCD-pikU{NJ({Qef>Gl^}OkTEO7Xm4`MVti= z@YgkV&L&@#FkJ5KsL1hf?~U)Dvv(a)%}f}0@!-YRVmL{&5o)km=|GQ)^(yjkr*QfJ z3lg*{;hH3WkvB5d)(JHM{gcv&w%n?Wdt9S;2ly)rAH28`Xq~5j5|BaGJ8nZhE0{gU z`WR}HCLV-~tk%AbWTOGSx;TKuvAj}%(;q0Rj&no(r}WRs*VB6r#f+)s43)SfT=bX} zfKt9Hv=8c=QtR~n=Dyq0RIKg9p`phC8r(!y9`5==`CaGzcU@gOxeWB3j3Ko9NwL)F zQWQx3y;F!^Lb?{lhvdDz)DLrODs{7lUOerrOWzRhjC{@D)Pdz8B2y5b4n{%Qa5Fo{ zKj{dgHzRomEH0MylV5o8^g$znb9Ec>wXY!B?|yg9%6zQlNuq5a7u`fDJ`Dj@90r(S zb&22Wuz>n*f`4^@Zd*syaP;QcxNcFgY5n0?#_l|LVheP6cEzNCV$xsI)pm@-M_z9f z-3W#nHU9Sc5wT7&?-#h`Uqj{}t7mKD4=(IvCR+cP1>8yw%%2~yphJ(e?#XGzZCxY} z7ZHnT-dXShm*{Z&D;96C&8- zRwmB@N~+ArA4cRV`K&xq8&oMPFmJ*QcHCdfH80v`K0dBj2i#u{m0x`^vb=w=9i|%v ziX6mdG)_)itxi|J3X(yULC}-St4c$9QkH=j-;~i=7R3p z?~Jm>V%5t_QFN$nNabUHEepM)54hc&H}F_O(( z1-Hgo`;elXok`w?`ExQzKh3{pW)>=ZO0~v`4YHn~ks2&H$-Cf!HLK4EA=Xzn;)2~Q zo9OKnl3dI^4&20SKj7VBJ$*SRV6)bkqO!iG_6WWHI5wFhT`T&gSas8?xu%rJPKkT| zqb_s7FP7cDy_jOufHUHbwfSsL;47uNxLocSaB`J$EKu0cnWO^(; z91Bhc-*^x)@_n%<19&ufuwrn54iL6+p~efiiowTA!i*P=zo{YqUnQoM*Dd-@b2J(-rK3-vZZv?CjIi z-TS_u1^at9igr5EBZHzOCq5p?CnF@iC&91N-}iI%!Y@?|McjD44n0fJ^x<|7bbKPvz6# zHo7fah+3UtrP;K26-(f6?1viQq@hZ#k=aEcd1z^7x$TMER$~PcznTKN44z0!KUps! z^-7Cvx%7$x99i04sKE>k$)Us2#IBZbu1;_5l6xJ~RoxfMF?F*}YK>&uI}_AEvlZCX z2yz-&b& z-&U-O()&5w7K|#JBw^)XI;FTP+|TOGVXL`si@w<>7e&#d4wo{E9G@ zX@#*}g}umB%GV%NA|cJNQ!wOlu=i{rZZMxlSW$@U-L)-fj^3!_UlcO>bVpjRks>*z z`Rap*dKXSviTSF#y-wWP-X@O;zP@*`-KjOMtZy zsmrG?Olx~4Fd{|}fp15(=D{#WVI^|*OGke~nZ`>9%9 zBtNWmE$hR+!Sz>F59X*_xPJUB;Zzy7V|E&%8FX+*;NNjv5U)cbJ!wOb;O zYWK0_w+<+44B|>3UiLM$rF+G*V5!N$W+SlKsZ(6>lI`<17)+&)m%>$Hjy6&xZY=YL z5x>%!^+HnaM|RgKG%8CM$h8))xQ$1J2QJ%-tFsnl(Iw`sn_nsojh__qvwx%o zLWH=p%jIM%C|?-sHW@wlJ(d^*`odydT9j;>m%-$w-llGRs|IIDf`1-%!di?tD{iL zMH3_<&GUp}m_*RV?)N9bg}X-x4`|WC1SxSRB+4t#L241l2gi1XaD)z(jKM&Zwgvyf ztdp`MED~zYAAGsYSx&ID8AJQ@yItB#QSxW+k+4CpJcP~(mRCUyC)MNq0$`|UGsfVA z$xCk??&xY8d!gsR$gc4spB51u>Ruv+rk5iMe+E4Qg@xV*4J+!Zt6$PP8_u2G$R=R- zp^$v^QFFoC_}-u4i6~thYfyR4f4jj@w9XZt0iA!y;1p?`TPv2BP+@80e&pF`OXO2o zNeM)VoIYEwIDoWI?6m7q`4m%CmbGto8T5OV(N)1f>W7+8+6_OiGN~Nb3K4+AO}+`A z>@YBFnbJ^*WL6RyFCgl>D)tD$mI7P54X0Htn3LBhEwSa%(#;rujB^h(byYB^CSgM} z53591$dQi`OF!mNdJU%kg$}PU5|lpk=(*qcV^X;Zl##v16EOiO6ki^c8 zPy1q;OYj;p(i;I{Q9a?9i@zzcwT8Eai; z?nL-=BDAAy-zO5by;j7~sp1Yl31MfXH?j|x%P)k*5T8GFL&-%@ zJWHPKQ>*DZUP3~_0=D*JeVBxpWBf!q#D4_U9zlNFW7zBnPMFWES}|AbP${<@qzVju z8ThJF{3Errx+S0IrpRH*l-<#ffQ@woS$+=BgHi?5tW=?@(-gNqX7nKZ3s};=PoHF| z*F5p}TI^3(OP|O0BFwSFrP+B$2rFW-c4#wOu297Y(~lvW8->G$#^ghU8r@x)7G|^E z?W`u8eVtEv-8M5IBOo+w`u-k%A39XUj4CLyM{7^Eu++t3Aw?&GsxFhgc;Zs19!JA^ zun=J7E|`n{TSOwOpU5_$q_fgIn)jUoUtym&3~qBpgj*y8yF?}OoZ35z zPVUWdhNFa@7SY8Wc{GC}{&fK)%}8uk6-EWqxat_Oq9k=X(MqJjX0Ky?vOs}K8y+YaOPWR&EsuiaJr)V&D2+!vorBV>s zPIG7xgYJ{|UNkM>vS>xx1InYBLAe-dmS&z%)r%VChBqQ%3&0JeZ)pBYT9bCtbmMop zTY${HE`)a6ieqL5Kbauq<{1g>8o+BbGUz^%Yc!}gW`xD8noVB;4uPrmc zy(`?E6M=(C#hZfi@CJ>)SV3r7Njv1k*Dj|0HXokBT}2ycpd>0|x(yY2bUJkNG36Th zr?L>85!7|Vt=ZEi61^1-Yy9Fd+#y57wCdZ45uTi=E}pEt`ZzRH z=7;Ed+~dXUrUO-*tAA9T1QC68l3HH2R_Ww6x)lkdFG+sd+3Zk7@L12WvWw7Q7h#UU zIvATlTAjZ!!sq}xgM=pdpvJp*4(ygHN;?T1HyHUe^&bVSoniA(t7`4#wG=S9u}gCh z1m^^I4X1Kx{-{J`?^1yJVeWGxy$3XBTxpj|pwDsVD}Z1z?lOOv3m+J}nHXZY`mV)P zTx$>^wI&jjUt7XKLMA;ds(1L~KxUk&m7-51kr+Rm;17?HRuv^}o1PX0#7ghvo zM{In4ZK8m#84<>@1Yx?j4#{I;4jX!ijws)Z>=SCDe49`-Y$qAU&xQ7wJ@M_hnXx4h z0j|^R{>a}Yk<(c!Jj{vZ5QG7#4lX}M;g9JvYAFYl2bFDntsbqs%F*d6%sQmYb3aF$ zGaRSUw~ZS|@BGLNX>4fr1iMUS@6Lr|1d+xoJuM5Ll}>0NXpX67-9`rd&Dr}{X#s(Dz!%nOa2 zr$X?=!qd&A_**iPStR}n?OJ-cfMH9jxvBcguerc^loG+hQTPt_gppW1Do9uzPG)$-PK#qTB z_04pBkv}G_Lz8e^GOBD;4pt!4SF4BSCkMG(-c|KtHzWO_&BG6*ZBK}VnK2zd&L1Um z&GDvprPCfVvg-&nuy(qk+MrRNQHl}|zYFWH&#>QKp^mO|?Copg>&?0RGInF>5TQZe zm!aC@VC(9)cw{wyL|@#QK4X}CU2e2g7gy@-(;{euxe%P@+|)jN?(5USv4+;u(_6|c zhW#-dHi0bVS8^0+lvKP62A|_D(`$7ddIg z-Fzw~M%lrBQR*U3+K@^+tKKYNP;^ATa9iFJJY)zls@A+6Au(tP{TU48s4CEKP)CKt z$b{ah#j#bCc5iL%>8nUoLA~}UA;MdwEi(GOGqBwOaY`6JFsz2-I*ebvw-r0ny+dkg zx30*yRLYmPEfvzsaZtR#sS`Nq0d>I5(s4KGyw^&qdyZ7my{&;=eQ(f%bat(~Q)<9< zS>m>HE@%#&9W#F=teJOL_uvqxlVEV8XM=>WLQ}uhq0t2CBP}E+h zk1JHi$m9#iZ9-9!KpxHaH~2m(jUifH-ph+ZKs$cbM=BO%GEAkV_^0{iTbE^B2?QT1 z=bPQ{Wk!)mIQ*ALGeH+D9rrtxGwcj{feZ-lyrCYO=k*hxmznadG1-KtU5g+el|7bRl$ypQbVx+kgdyg-9)Q{EirDo&{%LiMsG;OnAFK`&B; zG84IjQ~44_sjMAe`3dsjT_ZPgbVf{Cx8+HmhPWHk)8g0N(q3%J!*%?iB5HkW7~a|p zCPTlu4cW{azKCyP;9C*zeGEnxYK09;XUpsSgm?NfO!w8%B~iwNj9TVp8l|XzGd)+U zlV1!d=`#Jp^}M6XMNfNL*-Y=0T6w3tAFmJ`W_*3g`EV~nm8gq6qI~1yE^es4o#wS1 zyKV)?ralvGX7?oiaE@CrLcQ!Pg2BH=rtHUd#ywkRYfV%C9IO1JcBxJ9g0|l8WS9yM zEKjKCVp~oT66Au~uh`tgisQDlwX<4=!B2%kc0Jj{)Z&dI@IG?YuxyixCmRAq@qd7Y z6l5w2>5CUs%jyJxA1FNW4-D_Zy6|<_OmLnFGTA%LH-ld7A+agtqRG4D5 zE-GGveepNC#u`LZ6v~!%M`3!YsnGXvA4Z$gw$ug9J`jd5&n>2Ma`Q`tywKcaov9<- zuKG9%#ukFf_ug-1`TF>ID zI|#k$c~W_ghB=LJ zzK(F5BvbzwMw8=7?>3I&Ux4ugQB%tF>I#VIoYHA>x-YXH2dJh#APp#PHx5%Z`U}uf z`7S<~Hsx3BM2Ys_%QKdh7=iCH081Fty-;*xR7<}E2wi91WGp%pzvM@F6#qxV{6T{^ z07p!PS&XdSmjGsxp=yFbIBH;>SY!u+I7a~;>k&JE$?9a&eY!5W!78N5)zsLjsIW(M z$_^w=&!EcNpHhX3p=YU(Ik42}x5Sd>xRXm=wsK@CX?W6Wt>_cAuvh@3MQULr#W-M! zS$PzBgFkm-_%cZVhfu11*sLxXmkQncJ$I;8Ypq3V^Pw?u5u0!lVWY>WtI|KJp#`ZQ zgNaI`L-WYe^pj%2A8KcBVKzHeuR{VVA`gqiQZNef)F5|o3_Fz-K%`MDhyK|$sNOQ?=)2-r$CS?zqSrz>GtQeGAe*jnb5!~WKK)> zcM-E4X#*u1l_c2kAi-jjj;j@C^i<+#a6J7Jnl7d7fSGX7#RN?(D?>h0(J~7!Zo>~9 zta^n${LSKa92pxMYuSB2Vn?JEPx@L9p=BdRC7=(`DxD8Q{B~I`Pnyq_)iDV(LGY;N zc22_fqn6{>)I?Tywp(p2lYx<}&bxt`&LR+hasMq6fBiV2)9mMm|5$E?WgP6so?##F zT?DQ5MbmSi;hhnzp;a2|aTba@IKICE@gBj9A>?>achN6P?yqpycS|o}6A;+hQFvnK zdw|c?a?by2D(AN3h;WXw>ONWtpp`LjBSxG-s(o@ZE(`cCNNVB({Edp&$Uw>rW{n=h zTX)ZD<_X0u$xo%p*)TfQWg}zgfdbHu$gA+yGB-DS95F|?AH^Y{s$K>IXi>l_vD}k< zPdTjUlSz}u;=R(T8flw$d1uYXCw=QYZpLkeylY_tL!lnlz~}{-vKJ;gou={Sdw|Hw z{Mzgm@9DMn5lq1y;B-=rtCh+VBDx!ejVdXzjVtl{e}#20=aZD@8A{~{dyE>D5N5~dNA~9zAaDo zdkjXY_}6=-{qLQD$=H$Jsh!%6pH5YIL2C&eaSG1e>cR9GeG#yz47mS(ta}>mIpGaP zk-aMeKaAt*z-@Sy?O*R@D;yvH6v%5yqH9PigdA5IT;LHhDi2@)sP*dy{v5}> zz(g3l`4g(#Mbs$hoYQ?N7DkE&(BPJGP5mNXSSmdo)DClo7&O!bemh%+(fT-0ZDhqS z0>?In&=P;2Lgu-%JJpj~aTW$tVfKqOnyx_i%G z_rwHqPK;ls-zQR6YrUc;p2$6(7s5!oD3&q+sr^j+QQzq;vniUKdN{c-;yxftmr5iI zJr(-;2QnOUM&>}Jqm?p$>^j~CIzrO+Ba%2RgQ6$81cHxz%mJmRue>7)?hta- z1Wv-O2-94xFP}c4$e3BnJFQ*b8qwWq%+zGZXb1xOxE2nnP(%B^k%|6WjbO{FLfwP~ zGKG6{RhCfN<8WU7Hr`!k31`#Pj(alnG*#d~(=zTPmGiP|Dd-i|xf_Om6H{o#cjk0o z7w(Gc;0?K2x>ac9hC_!5Y(i^SncpP6C>C48WW|z587;9psG5^6iXe2I9B!{1Muefr zfP@BBdGF_CH~OAZ2w9|U)-YM}a~-MA(wv^ETh%hnVtxtV1@oZtmL6)TEcv=~8!KN-rgo)VP&Kg|3rVH-wg1#&d2ZR*mQDWqIc@(k1 zu)kNcT+SOj`tgxadpe6@y6LJ4g5%Dl(i4@IDAQa}C%>6qOz{%lJEAn#Q-}t3b9-pl zc9Pqjq0mDlW%&?z9<)n_JWuf1_};Ac9Nx9g-A$P9Cblv>_A917J@7)U(>ggw77T$F6F3D1!h?`>;MjGE+S5S@{h!dJ3Inh_!a5YlZ0(d3U zOz7sr+uTt43~_0#Fo2;~t($)bIenm|{b_c^$RV$gVHV40CG&YXNjIBEw;FX}As?-e04QX||O~_<;EKK|?RDz6FxQ^5*;VwWqPpC`>Q58VAEf zpbmdTFu!P>oixwh0ad6a zWCi6m>sK@L)M)f5w*TJU8=)kYsr0NeaactTUxlY62~DMd5+T5MZv0!BJL(VJ_%09e zl3gvfyowiaRqfScp7!q(&zW1TXYttAodLV?7q{>)9{i(L($OG>e|%fMc<_G-w)hek z^Y6%?FL5znLYPL6)-NGU|9Ik#Vo`s`(|w6H`w|%VKEm-!VBnV+&M)D%U-YW~F_F=_ z5U4Rw{{2b-!~tJkIg*PY`9C7JmrzO8MySDLFztSJ$&_ z8W3}hl&$GP$$|K8WX{7rs96goA%Yh+)-^60L{Hm71kwu3g^VQ8;DzZLZ;2Eca5@kt zjwZ;(93vV`)@^GTIdFH|ik__|>&ESf-wuTAkEYeY4!@vm7K{P13)CmGn&=tITJT`N zDImc`cF0?~(e_nyRF$Tro|)?N7Ie~)jl7aFJ4C8if@bt!r6gD9HR*V?hK_* z1JV@qV(KS^Nq(6`Uq){0*B6y&xUPUXVZg>sqWXfUub!2zlM>`15N_v-UfK zXEFJW{}s4pPkLNGkb%#H%G8{7(C`E-#V5-WT|Sy^B_9F7gfJ(`8tU#`f>bnEcy_aW& zn+^jN{^bIV-@Yr6aq51;9@7$N6Nnsv50X^vf*+E*`s2cY4%1@o8gr6G=A7hXN0Crv z!9gPkYPgZu6Di^stp^AVWF)B%GxYHC22MHa0w#~<ix&{g01+uz@Q#beRee{>>=P7IUNt{9N`)WefC+c zj~BIXv+#<{XnfdMat{iy&RO)1(X15^r2pL@%L^Lr`Ypj0sAXey>6L6;*Uz?Iez`H+ zQ~phopDu6-+MU{m>jI{n}?%k@EA75o%8*nY>f zfBodQ705VNJ=G^0JsJ0_ z3t==d+Loy76TFZB94T%AkWmf$Ye=;pK+J6P4jeZpdBEJ4ya9oGj~@P z;>vmow1MzMa|vD0)cNJ~Z;D=IcRBnkp*fKa5Ssi;_qqtc{AR740N zAcPi@s0bMh5DQ5llqe9QsX|Ob5|aELEHlpge)GL|-SxX`-9KcxvL4Sm&wlpaXZN%B z#eI9X&z!z+x{;C5%$+-aJ78q=o!H3e`*Yua2dt#VUb|ytbjoPwZ<`M#LBxIS#7Mtn zo_2k2TrS99gqdW?mDY>Oa|{19yU5u%z~_lirkzLQg*{Vi<{rIvhCd^HXl3lO@BX!Y z*Sp{yEW1*R$s0Fc`gOxk8_u7w{6H-oM z(#GZk2z>kd#({4f_@6l7+T{oyd4{0ItA1DQawa;W1@5%GxTz6YZY$kv5kD%6he6ge zmRdRpzVEU}>`O^<+Wu$~>1e;ctqPhfkgDlCb(?(tb*t{aD#sJ){o_M&6+drMEyL=j z{Y|&;58}Jgf^|gn2MJjKZgezU?NXX&Pab+>i!1ck%r_gT3eb+kyIYqh1Vt--{ z#(5Eu|9VHmuZhh5B#|^jCFq@0+hldqIn4CQT;ZbTH}^V=aqTR;wPII%U6As2rvu_g zw6rfYP9-#s+p$#fmW3VuVRA@!>dOsP#z*kNjHxCoi}b8K7WOFfr>QLujf+G_O&`MI zcO(m0Q+euCEM@Gm56I?STkQFVx11d0=X(yD?#glqUkSX85YBt(#P9=|?Qrf@>E9>H z+MhGXFOMwiosHPn5CP!3j~Ux>`oW1~=y8$*ZLFB4X}N6Bao{^selxspfi{xQ#!~ww z0F&aZPK&CHi_qPvYtr1)ZYs`ZT2qwp{(J=vscJ`HCtcs`gJF;34DUR7`Nesa&Sf7$ z9v^l^>=S0WeScNMu!#Hd#HJH3hTiW;L6VScGf&;7b9o-GQ^cF!Id`X41jX;TUKPN) z;cu~bR~CM_#6%y*c6~hU3#|yScGh7BLoeTXM`gr4kWQYcXHc>boF9fGCUcIM?&7pt zosINIEYt7|d>>hR-91Kig0GrD#x^>Jy3NR3i1A}f^P1-e~Y%((Nt4mc zL&M)C#ZS620fPy^@I!b#=27+Gs<42U{L&Rz{+vMJ`OO_Gp5xqB27wXR`ceeaZgYuY zL?n$jxp0r60_*z(c9wOMl(*L}NBme5B5AdQT(nmZ(XI#=1mt&sKfwu=IYYT?sYa6#|H{`RKK!;eH2rvERi3_)PpRQ`m*C37>oa&FupV zzlJ!pcxT7MdsO}p!&fGwCVqDb13C_OtlZtSxoG`H%A#0**7UbR~}ia^T5YP$qzL(z(6 zd(SH+%&J;2?8C~B(R3vz^_d69Dg_j_*7Yl7qPpIBKl~hptIc4l-V)IJHv$Kc;+#X{ zm{J6#sglDOGs%&E#mJ?DB(k7a#BA{M(bo5|6tYoWY_UNDH}q3fPQ_5&RbI+Fc^>!o z_&xd7ab=pg^Yf3pQa^^@EfCYy4nbNYq;%aH6I7#lg7z7Z2aq^!Z_npPE&IY^c%|z~ zms;l^8a0+q1eXoNVoU2%p*j(|wQE zfXYcX`YL+DCIatIuEiPB|N2>Nt=mvoP==PA@|O34D}8g&UB=0Zd{ z7}F^@&Z|YcaWwMg-4jysWW6$FU-G-r&CWb@sd5m2>I38=WfbXVNAXFUFQGp2vfI!? zya`Jf?Evq$bS@*GR78x!Bu5>^HGW@7L85dfx#4%kwcL0wZE_ZtVC|J7ODt0k?v?z} zI4QBi>3s-jn?u$_V)Lp?w3%N7vp#7pA3Vs#g5%fLcY<8j^Ae&+AB0+hl_qwi41`vr zT@Mb8f96ebRF@smbyIvywYTI{sC6~**dHpFT8&jEbEGSXg!E*nZop|_3}O))12afb zaPH?c1;BlHAxyG8IA3e4D|V$?_q3+@D??BeVXs@V_aEunqnZOH z>D9-Lv(#O*a5(cT=5qPb(k)4E>6}!AT^*7wcu5DTv@)yThUuXsF?U)vYm0Nuk3GxC zu0Jn@I-}omZfhr!H)VsdD5e3`TaNKD_EWdfinwcwO`ZvV6?b9H@Ey9#H6n!5hxthy z6a0*lgScWUkL2S~jT0Jy#U1sp3fvJ zMfq_iSWs= z;CWX1z`$JP$@SdII9s6vgk+)~5RS~^#_D28s<9CZ9y6qhe| zvus!tNFH-#yW4BR{`j1Y^8?CI5vaF{oe)QY+eYw*5jXgc{5O1mHOe|AxZNMdi$nKm zkT6bMcV$ox=KdyjWnT~tEYSPiq2k8J=*WT)PDicxSK^=LLPYg&L2f6P*L$P;`CLN6 zW-8p9gJaO`iJ1Xb`Rak1j|=t~k~u|sLcyH2`*L4dtrX}#hX zXELnXYg`#I>cDzeeB*<%(aCVXLkb*lsFW?94gw$-=ZdV_nnkaN#z=(TB&h`87D}vi%Ntv2k?{9gag#zD2bmzku1Mmt~`peW?)w_ zWP<0-zWo;>5~Fqcp>urh9`d+bAjEPX?k+&3g+igM-Y)r^&{CVZbT&zJ_aF&tfFYI; zA7|o{9*QsYZcwPXeYN60dgm}U__IL!mlHXAB{xn);;M1Qx(#eqC6bzgYjjHL=pbOq zRRQRwZ@D%y)4m88&A|7MSGy`i3|=v*sdrr7K8kX{!6X+eV6^gpuZ=6ivSwUc++T(t zmDfN;oq`j*#BO5-2HK-zaW}xISbONiIqd%E<;qdF(QVDIE3t4)W^7QPMM}Ioc@4Xu zz6-L(%K3*f3c=2FQ`0R2^=Nb~zDkAGQ$PPkZS-`W)%yD#VtCjy@ zXNOPRI1D*zk;3mifLMIP^W_7}gXF_bi`ts1+;J;R?c@mOgvx`^D&>AudO|UOoz7Fz z9^$f*hI6NtkKdBWn4`aC^EoK-XP}2TX(W>>;E-2uv7u@8yNqRErD*lL} zO8|#2;hPX*c|$#T?q+QF3K-{vTJ%hp1+7K#kOy|5%K4ncx622(f>s_;xvjSZe4~?7 zCRE+-YgcQN#Ht4;47+26D0tz7C;wEivUEuF)R7zgvN&miOkC}WL|LKeSpwXaT&zok zxtv_Z^y?80vXwUrJ}T}PfjQi985`%U98pI+r3db=W-fBAiO%FUXQrL6KPtbo$CUBe z8|@QI?%X$K(3NN`x9promZPmf@6z{-2sAtbG$ zt56W}mmeizWyx3L_ewmSORO4hWOC^$lI1P34Nw0ZP?0~Y z9n^~a5gQIClz@8z@qZ^%pFKziDSadYUwshS$E5H32wEB+)j>H@i@ch!-3n0mpa9S? zbBPB0wJ$Orpt~AbYsVT-;Z5vv-Sbnt!xO}Je#sJtI0P!HKKt7GfLPU0$uuVS4X>W0 zU8(ZOnC}{YSKPU$wq|_4pIT`PpIzhFW7Xh-^Otgv+On_dD=Aj?`q$f7Kg4p=g95zN z@uLz`JNWwH9_t1;cg3~g8&1{-w7V`fj$~=;N>e-20%0|t)lLF!Tkcu4GT@^#_#9C& z`r;nY0}}~unYG|)p_0}t^}z#~DET$>1P_wu3E2=y?5}XL)=p(o{uWapt>e}v2?u-J zn~=AOMTx@4R9&|JB1H`Sgv0&V&HU@_#G*9*7yJ46VA?gcUac%@IO09ukL1FgahnuN zJCvMMbBK&Lk?y5TUxW+7X(I_rQMF5*PL*6SmMugO0cR-ByIem$=J%yqtTuD`Foup2 zKvbPl{{&tMaIk%e()6GdA*eMd2hQBv7hNX2UDZ!ah?lZSY^9Kkw<~SfNZ|1fV!k^@ zle!a=@#DyU^C$7iNGSU0Nv%xo)m7~L!M9(U(bykJbm>`<>^gitC_vJrv4{@}gkmJO zl58-ELc&D7_|M=f=@TPFr^la9(H*dB@ZSV8)u^ea1YMvYu;Sg9z{=Fk!d0PHC|$># zS%sDdjAQ90i(vEFkAom5y^^O zXlq!cDxX{F5ucxU5jFZ;RDVzgMQFR?h5l*E6FO}O=DP>AENz+Yr`Lr%_e`9O{dH_L zdOk?ITBu<*X1Xe#oUL)k@+CGM@(hFo6p8zBw9`BR#v(4mpt3Z*h}D0^3mni}&J^De*uU}l-v(-Nm!-Yi3X=p`?&%buYhwEW~tTp zh}sTfWD#07x1&V1jLF>qM@f_-5<*+Z84CEA`+e4N7gBC1a>+4C#z9UAtCHCx74eyq zCD^7m)C8O9}^q~^Q;OC9ztduNyMjW|z`7S9vsN&t5&vCOn z`hDl-FvR{FnB$3L%;=dFh(Bz^CK-sTf>v6iByYy!xCzmKatgV*IcjYtA3t|g@^8n> zjf+&@tsiaK$D&gD++q1C4|hq2kO;*!RP2fQ1t|!&v{=dU=iHVEoZ{biQDq_JJ4KkR z#^ap+m5~@M8;z@ld=(icN~NtU9^`S8CrAWM3hzE5q5h#mcg!Sfvbo9XNVW6vn~s|*4g%q4v3%svZ)w(f19?9ad7@c)7F_}#>7p`MDz!oVvdGYXf4RV3A(U$ zttyn*q;(2exx}8<5@LTRlbd_9xZuh`8b%>1;qn+tgp(2xNV|_5*h6Lh-DV5=D;Pl5 zX7zxNm!DM|j{u}4Gamvm z_@965^^o2er=FN^rHLPYd{kS5 zd@1Bo3HkXPikA-UAiJThLj`2IIMTwjv=CGW&;!7iC8G=e9_shqfHPwqEf8fOAW^v$ z-#x1yi$CZnjy1LHDU@)SqBo>E&?`bU$;ep5mCi){8&Q3)Rk-ABsPnHNO+$@!|Bq;6rFX zm){tvbs7srrNZe%xGjR%?_fGdB(km@>a1;%h9&4EWB4OuVZIm}OyXrtcw89ZD6WT~w+F3TsHH7FWo zO0?CiL0w@k(#xvR4%=Oi7mm0k@*cu^=qjaz5zmb!c*B{f12{}1?oj<;9BxR_JIZ9B z0}?_Z=EHdN(e0@$Fo#Ict$RAE)C5Y1g%qRuEz#W0>y|8pGN0UEB3 zXAujj-r8h#K}FoY+oZq5^Mv|^zxolXEX5EqKQ;dS*fnOd_%zM_Q0#sS;q%cGS>i%|k^GC!9)Uo9 zAjH4*f-5T3)b5A5qtWo=-KohBl1oV|G7qH{yr8iQeL6@qDoN&qSG6+Z-nP1SkBWS? z1u)sLYW=}4m)g8wby7-HyyZ=-pqqQc{h_iULV^O=)##Kdi)%$)=ftVc=8#Nu1$kAq zSzz$coP(K}P#$;E+rso9IUBdCLrp2IIq8=B=Usd0pc@cZWw?}D8RV@C1<3y1&1oG+ zm_XqtzskTa%}+XpdG{63B?Hel4+6Qt5FB6RHQ%Ye?qQ0yaK;n9_F1@R z4SyPh8uTTFs7qLUz#x4-=eHB^GRsa9PWC*#l-Uir*$EbG_D4KEWI#rE+TrBSw|WOi z%EtXY1k(0Wsvv}S5S8yv1JjjJD7eICDyQJy;CajF853;^YBL7C*PR7=K<`g!ME$YY z-woKWe94tE+`0h|?WQMEn1#9irrj$ffV?bi58>RR>;2D{Ql*7KxsDp4#t{yw!QuN0 zc!}OPd8c77L*|7h6lu_awf~!9BE&PvBy2nGM648uPqs)-A$wkO<3|gH%t`ce$DT|d zvOw@${a3EhE}Yb8^*+nmFSg_H>q_CkJ&>o}xfAL}Y<<@sGD+t-tUc~yYepckZ>G8? z1c($mwN?m(gv5_yQ3KG8e^g?fI!Eid*84}ZDSj*tQFdItKOZPElV}Be#2>0wRXYY8 z@s*mEVamDDugX94WXrzggTgGL0n&e3?Y^V%8 z+H7|cPSh#m*nNyJK6YD_qH4v=ghV@ou9B0VQa=%)eQVM9)IIa<9{1Zl?zel~Z{1hl z+StDJ1AglV{1SM4Ypnd%q57@W_y5D5X`QAuk%v64Fa3PSb8x5bp>g-TiEikRQv}t~ zz^z66-&>f828DzJy+x~)6;LvPK5C$^dk}ajqgDz@#{5T5y8H%{mlZetL&)duZ>|$T zuXZu;`&~VRufUBX^ON_fn}M%804>^CZhw>`<#ULQE3)=d+SVJpAHY!!MV^%P7+!<+ z4@BJF)9BA_*G(?KK*q6f1srOqLdb1PJk^7DdG!dz$EJ;sE%?{^T8rc=jGBc=UHop8 zweBIre-mzGUG|Zwz=v)Cwb%W|KTFE=Sd2=ISZ4EY-0!~}XmT&5*(^0+p-tDOEO{5Jdj&-e zHYe&|hd8wN_280~Hcq%-G0NK~bwK}e0di}@in<*-hR?i4luAs>+wg_OdqdZDq@*Z*ek8R#pg;K?O_OUqR`hv$3UDp7M=_YjttX5xI9>u( zK`!cF^*12+I;Y%6@xTB;e3fxGiR3fCbMqyi1v|1N*8O9b5otFwaI_yLTGHcz9w4&t zehRhWwx)+;5cijPq#zYfGm%>#lhrR?thoscNvxQdWyvQCtZ9zlg9+c=Gw~UZ2zwX9 z!k_#o8`?|xc|@E-xc&1y2?&@c!NU7cLljl`SU7PvaSFrva4X$tXEDCJ_e`o?`d!8m9`UAN?!?foUI-&#cDA=mN^{_EV1|D~yX6;igZJ!tJy8 zw&C&7IauTCY?tw~nV~+;_s#|c17k5j>;D{~Ux(9z>&_>Ec^k_EPb9$HgiWaFld$|a z-&OD4vE~F=d|CviY@RSF**g}IhC3l!N)t&&`yFMCdPeE7K%4#d$-41 z`sz>mphx<}9?rCshh2Sm>kqpocbNghD*Kd+Tm$V2Q?^w{6(dZez;?XtgAb1$wpYHE zWVk%HY9s&>QH->G-WBV~&8YS1_^~3=X>ehH^jE}t<+GnAca;Th@}im=wXIIP?e@Kq z1HZw=aPYMyIm6vy8;uKOid5Gt(ef4me6ib(5mJ`xZPiekdD% zOoxn1M3@BG@O5Ver53F$`_WNsRCl{qrcN+=%}3?Hr=03;uQnEKKg^!l&}ddZA3vm> z+`N}?m%--wMuBH0>_U5^vFN)# z4^DF;5xs_I{CfEi&|-MxrsMA^AMVytM+RhiQLR)5+_#*!G|E!GJlA@5g4ln3Bo;tu z!n1Sqntm!m**x*7=&R-lpITkznDOlnXy9mM&00M_%}4uu1z0yQ(I6|;FE99rGTA4r zacuG_j|#v(ROP4+7huRojC;$Fj~W0ZFyqo(S^on@ZX8|nC=Ev&!y4Z3c-lY;p6KWJ zgJ?LID!EmE#Q0GW2@%>d!PBW9d75lGtgbarc+~#PxXh!k0&fnbY0PQyvh#sn1}bE~ z4{K%v65$0W591}7!~j4LBROpooF??ytb-sYJzCZU*tqUC#2O~8uVPA+H|TKC!1*AZ z?qu?manZ)#&x?2?HH5?3OLyMRiSbw6U%zNNFmEtWtHF zM*j^eV6~gvpPix zbPLk`*tyoXH3m>)sosjBydOk$iv!f)r|N$^v0|VV!u+IUCK0){$NiZ#AqUL< z1zzr@SlytchwI-G;EjkIf3j;3FN@0EkfAziWhiyl1A%>oEQl_Q9wwk|R~P+>feT%(_~mJRjJsg2+Kb->f(db0mkJi8^7@hOa zssS)sJ8o@w;o;ZB?MkXr*;R9)xQ#}n29(3FY*2_$D^V1|+XD>ZcsZlqEh$;TvOFxGg^gr#uhIAU-080W?P+ z|7V(KJBmvij%PVO=^#WY2|7xAq(sZPO5x)~ETn>mS8j)Sr=eZLQG{`;%uy8LzhM{O z6jg#g#OLBACSKrz(LA3zlJ!CG#wv(Y77j0Y-ri73h4l9ZJX8HQQ_=7NIL4@(teK<~ zRzTl182mNs>O)PU;^(!dI#fK2%iaK*`D)8N!U-|5zU|5q|Un;Yakdul-2-f85#ETQ+4P>U{h2pMD5bLEMOJkpEn0?|9TbrW!3ZRRnIT0K3}a$M?b@jM*XQ| z08bdhVU`nLd$izhtNhQaoBp;s^m*0y&s7ne`k_@OXkX!G>nNIlW7NX<(=5uy@mTb` z6&M}cRKEOX2czA2V#BGPYoF+aNhXPKR4rR8-*$7aU;^}eLsg<95l9!$bj4j;cXjKY z8G%zy&&6yGzEIc--n=jM)`hmDRe>4mGuw*VervgL{?6n5p{u94ZCKcq+Twm==AG^L zSFnDo-*s!D>yE(^w=5n=Rxn>%R>h>FR8(z$pGcK@^%tp{D;Si{tISl^8yPiP5XKV& zjbCrQFog}w^Jp-3I33h5g3-hEJi{Ocm>{A7Q3K{>O^-omZOAgLG84}IL}r0!8^)$< zl7qKJMYViG^C!v#bL70~36Cz%Gq#nu?x{4HAoq20^LXtU%lE;}lRR7~t3DmMD=pjL zT`>hx)^bXL$=r-DHk)xGM(vavY-!}M=SpgflhK;1SusBueJB@f>iXm3hYp^f@89L z;$+m!i_ffP%)XlhPONQOH(N!2b%{ApBC$}dQLeJ5Z7aIwhdoWnw{~D`0CXcMDtMVu zj>5v&A;<9DrdELH$u~io%T+LS9S5LRaDFeje<^$qKAHz7w=+xH&$_sxs;R;Y2G6&YJ0AG4)jBzvE0f zmm4x80jv{CR)pqOW}vci{0H%KRZCZkP>m^Z+Gb{dFV#l-02AP_njsu);qOOXspAn) zc6K&`vFHwWvhL0YG9-M@sv->Ml+}o1Xi+cx*HODRotVw`CAJ|0wE|ptCqis zpZ5&M5R9Y{SBWxVo220pP4RVPs~Fvbc;d4JQ>|aub|cx^39@bLL!+5<1 zlUXomWn;#y(QI6(NlGfPDi`&sXR6*x8#$LAj%3FqM>d`h320F9ldYt2>W)LIx(J%0 z49nz>A+O@Ff(5w8MW9Y)fwgN(!KUwxy8m6u&i|%Mf6{)Gk}(v&^9nu3w=#ndKbu6Xu&|x;kKP zq3)!mKhqN>%S_iU81Y3ETyDbe^~=ZFE)fVaK*B$CoynR{1YK zciNz#p|r(@Q7n{sX0Oe0@LbuJ!jN%Svqws^S=(UEL;{M%2#yJ_eBHI$8`){kzRIz; z3ja)ADje}Xs|NSvA_@uHlsOQO{kTU$0!cLkL~-L*z5d2 zFbV7s(R_lYO}s%ckndVN-DUKP$jJoqi(zK;bq^C?#0*FB^o00X{3vK;(l3qD^3~rX zm9>U2vy)q1h=O|Q`<6by&Y5n6xb!`VG{9j~g`uW8s)*So7}=0sxnLHvV(B?AV+I>U$eNFH4sn(A7r*XXt*QM_tTq{B(CMlP%+Zdo-$PzV&MwdEwsK&4k zMw^WP-CXrQ*|YmRov)&~#nZ}`z6+W3dh^Qhak!yLhhNLM<9qYcv@`o{r*<}9BrMr- zviwZYagU3JI-K7m8?yj2$SX&i>YMRC)7Qb2{i-+Aj_}nKXalVhI}&Jp)+Z>_kdE)9 z2O;hcv~|=qKFBiF`Pcbu)$MM(6ra%)H?}YDieRBkgbJ`fS+K+kCaHg*?QM|W9do

F88!cDe*B^PD?^Ze;1!88?grJLni-& z{mK3T%MjgZ_5c0u%AFcbe0Iq5i~mv=P2RIsO#A%`)NaZ8ysE>s2_1@*%J;LTAFRsp zCyhOO(j}k_=z3p0bGwMb-amJ($6;X9zmYnE&f@cvitOgCH4beFAmP}k?*)~mfw*3<}{PSYan+0*c3k`y5>@T@df&cpwuOEn|*NIOVBG;F#LJgpD)EX zuVtdw`hk1tW4j%KQiElv{;H25Aie&J^X%}duvrcyg6cIt!|Y-}v!Hh!Ka?yr(8f=~ zM~HsE`Nou=>GQ5Ev^7*nKR9y)jb5D>QI}BtHgluU3(DQ^?g?x2BCwcUwFlZ(;|QdN zx>wxrLp7_kb|QA9=+8i#z}sNJGaF{(xnJsYu3pDf7!JAVajl4 zd*dTBBB#<$3O@vbuC}Q07u|}mv(6CMNM+gHG8YJzG+1y#R>=-~VCTn$yM~Punh3I# zwcYxzngbP=8F#u=b;#=Qk7-JJ+!wDb*%K>U)isYFe=+pCSN^B@=xrRye2*&lc~q|* zuZynrJ{=BUf<9Surfy|e+>I6F9ILFznSBn8DhbDa;2=>jV2PjROAHSXmJi; zY>(dzvz>1JN;r9#Esxs^XpCUfsvS{{E%DXWyrj0K4K`JW!EFzN5H(Lk8ySgC5GKJ} zRz9B0i2>hIx!GGw{^NLW^xjZd{oZI5-oIz|2S@t6yl0?b@U9+B5MgWK;U6zs1Ze$x zCXiI1*=Q)?0_xJ%%M`YzD)c3<^z9sN&3f2ztX2@pi@zwUkv6kOU##LRyTtj~9$cJM zRumVgwQIhgA=}{^whEnvc(JZXXk>=)5nA3xi*GF?%*J zN?ATF^-Z=mOx-yE4`p4{XJ3HYENt!$uKZ(`%FDrqU2~OPE?-+!5RBtoS_}gaT5d*P zPKU0NTG*H+`alT_rvFA5jIy(4aYB=d2LE;br~3*g*FwO_=MR3MdO}xq&sLEe${Mzh zAgG73iQ#o1rJt3hd^b}=J{&T?*Yd6PJHZ<-t*m5X?PA3g*?y$S zfFi%qWNl-4b?7^YC$Tlfu$=j7j}`(bLo%}33Nr<*}6qf2mLHva1ZR+?lzHn@{oU!4?xtK84lZaa{ zhH6_)w&rg#KVEWeU7ZUgXu+ke_!MyECgmb=$XnGpz#P(I*u5|7>99^N2XMOx!d#E# zs`3|{6q@_#@WQ$SS2(q0KGPi)4ON23Bj6EWuvv|tC*lXFPQ<30bHef@$+Y(4bhoWY zZ%#Te1hb(Jv)zh)mFe#qMk(9m>cEn9w_kn{V-3?4Aj4%+2DhpsEZ_A~UA}v@mol#Wu>EU?zSx>f2T4 zGw`MW}`{?dqdbpE4Y+lZ#5UkdB#IMhpJ%or}XDDcv!`iK`(62DIkMutc zM%QCTau&#VZ*p?nj0xdznXk84s!ji&#LP7&Ic7(r=XKF#!dmzHD=&V?ZiGhIY`q(! zWF0WS?Bq~%*k}EWAZv}b$#<^vaGeJb8uXpt!fZ^MBSD*)6{H3;tJXknc)uvFj)5w| z5k$Yd&9zpD%W;(F;9n8JdPNYwUSHk^~kp+H8VPHl;xbj!MDimIodlk2O)BFqr< zhrw{3>SOKgQH=eUjE}NYn#NgT&8qC088A7@9@U4t^hMLC{2{)9cfg&WLO1hgj(pzPPM`ByTC2zDTn`+-U1+Bbq zHjzWwm6JbM))@-Uc31NovLbiIBou*Ptv#U^w)=}c13{%U*nfB)yRMO6I@hJ{+WfP< zamV(@6Yrs&uGD>~s>MB3BrhRCF|L7zhLyE1pGA=CX1rcc?C(YI$DW>^0DQnmkod*P zw}(Y}MUJ_VR*dRp((v^C$vVy8rdLsHV7K80bi5s3w<@~9_Z~hVaQ@z9CX*j+9Qk`a z!8>QGW6u8A!k-cp>I}22aBoPeU%77IZrwN@&M;(#d0V;?x_=;-Hpjm?^dG7JFF*Ls z28ticC*Xb#{C^td{kr1Ydg?bme3G;O+k9}a+piACBx~>DkV*~)R5L25Gl>p`(DZeB z2)&sjcF+s6zy*0def2HzN!<{CpmvnC<5Pv<@cD7a=NEsN!uIeur2ioA!O-eRr!hQ+410fb8krt=w@&Y*eTDx=xYH9XC)C;pD9~J(cD69T@-S!hiC*hL zrMAvq;1#w}sxIFeo4O1L9TGT)lUh7pNS}8&AwI0-tSl!Uu9Xxu1BJhfpNkS< ze_*EM|FPyUrTVv`GeOq3s)WLXmNR{LCQXx2V{mr~A30m!u!uYsWOuGdSTH_el5S$H z4_8RlRu+CGWNSneWXHtWc9gW-Z8dcww`mc6tII>FFdm zSc6*ikB3?_Jz?2mq=8%CBeTxz)2R-ezP+GE4Hz;}@ZRH1I2j1)@e7YOEMs^EY`q`b zMhN!puGwFa0!=5AB++7W9AU=d5FBT=Y*4*dLzW}&;>HKy5EgOFhO@YQ-9o7kNjgT3 zF%@8vw!SWVAASE!P!3^(n;=#Kc3r`DZi&1FNMTYJXPipu8MkZ9h@^KPz5GmE70Vm$ zp*r9)5VIUtS*0f)BMkO}Jy?`~H8a=`-+=ls@KPV&4yb&rBIqtNM)#)RkmxFoS#a@0 z_lp(|u|xZz>7}A%CMtQItEeeyzrMDYHlnF5X8{B7*(0ESuy{b4!Ai8bCB@wgb zDj61Uu*9X8H0j7>RTIg7)soCmcb;gZt~xerYdL$I4W+ZgB@VFJ(m8x zG%hMywmRgo{ql@(iJVBis@=5o=8AI--j}yt2wsWYz`jZ#Nl-5i`>(k`_<*mMY?nXT zhTky5)TJX)Qn&8Syz@nNk>*&J@{;2FSGe zQgp{FeLtGFI#}GJlm?pjWTKlzoD+PDLFEYI>4IZ8s{@&rsjoH$SP?_UIyi#<2G6E!_NI>KPm+|` zu(`4$wq4Dj4Lwg}U};L2ITPVJd<1+0;Z4LG|7Y@pYxkNsEV~r4r6K1>_`H`3cfRYk zB{h}(?z>=h>u~nXsIql!(&O_i25ShQEJ?@#ahZ~t*uoD-1}tYym(WS<^pvbs}cPQgnK9{!=|wtcxo+LaK>p~VMyi?qVox5E%SG-F*u2+;0e%d$k(*-SDQJ8HN z63XVck8I5?>^c+)h0;fLPIG&TRTZ~loG|Cl%g2Mqq#41GK~P)y;I7lQ{lzb(+PFl^ zXZmnn;qlG-wVb!v`llm{3S>k6&9ME@v^RnG>4X{Bk-DM`(LRua?y_OUR3M~!{mT&T zH2%n=hDPsT$MRR%-HLtJe!5Oe)Gi3HUD7-ilfN>(RqK1w<{3^jb?jJX5`5gsE68Y- z!3|Bl^*#7P^NmVqfWZ95+W=x(S@V|ddGi)%J5%~zAM;K+mN!^A5K*KV8-dhJpG+8t za!u=&C#^i+(IL1H89=|v^qYlajS6D?dK2-!8$}_u>(7Cn`t2ulhbx>~bhVlvnIygR zsl)@nv5);0Dks;E>MrrHY*hlaO3fdbSYIQ#LAYH6|`SXr5^`1y*loQhs> zdBCX!J#mN51a3m>7JgU8$X%9TelFj4>VoTZ50ihrt!y4b1sy%seiD&A?ZEV)#hZgJ z?;MTIYq;j^ZyRkF)w6P;IN_-}Dkm~v9%aDo!Q~(9s*a)usa7Eg#3y26T_cM&R>nHV zvn!4;pV3j&9Dgb4isn{xC}E43y#b3lHgCh=x`6q91Ns1_cV3AfCT&33H2U-US~zlh z$ViQSCS87cnrsO~)EytV>RNMT0JBw`{6NWbrO$-va&*=+Oz1WOiubRVdBraW#@L%U z&6DHCsgu8^2evdJw;7-9TF~}=vfKFHSLEbh(EY)`FJ4X#mqe)xp0pHfT>gj0Y?{82 zWbj&%C%fgle_pJmZ-}Y`-XoYXG}$|n*KC2^!)Cfn@rdF4Zy7C&!(%Y zAk^_{F}!5aMzxN7t=d6rM-POVZcVL-w6!H1&xfz-ydp5qa>$om_j^1X#jEmjo-wVM zYx{QAoEB_vh_zBVuS zNZw|4DX~eO(6tfL^w2gvoUqXf_MZf1H`)h})>X&&*_JmyjRtO6vK*Y+dUNN}gp)V# z=F0luYaPnkF5g_X6RJ$cps3>~^ZvEIJL=f0U>;l1^@~k zk(`TK|C5}w?kjCCc_W6K6{DEzT_K!L2e|jI1N08A`~9ZX^zh1Gf2@tPBhH~OdjXl< z8FD&w99ixCI!8g?e{G@4t>Y9POsuu+2*1nYSCRC#kv=$%4nNYbm%8W9pMJUF@S5>N zukZbDvF5g4vbic+*ML(1{oNy~>fl+w*b|$>mlcHc`q-{+4&IH@4b)Uxd-T*u16-rl zI@F=wB1AdetGBhltg<)&#TM-82_t?NrrjQEXsy#7ur}LpX$N2sM=W+tk{Tk0bN|4{eRed@3^M2 z?q4{LBaR|6D!p2<&_ud4l|jaWh=pDRq!|K4qzNI8CC!K zB!K{dL_ka+2228kB=-ctGBeNfzQ51s-uK?$eV_cHoMfMU_FjAKwb%Nt@7~8P?WvJm z9=BIFI>KVIgWGD``s|{RwYRdxL1g-;mQ4R0k|yNnamf{r?;KzIigL$QyS2sXgwC*O z<*s})GU{+r8t)pfG^2y#A)SSC&zDOxlUciVMcnwBynyxm&M`&t6-e9rPLw7VbFg5p}$3-t64mnlaTkx!7m0NVVI2HEE-@ zx0(1CVHzb`TXACn4EkFx!EBeNJ3bw(7kyBHg6s|Zh5qKYYF~(uIcKD_<+EqttQCBRbn||1lK$nc-zh&d0mHW zj(Uc@(~sdzA3t-h?Rc$4i^jOB_-=G+!!t-x$lG&JvTtKSkocI(`q}B91@(81uesV) zL$S<~y0NRmd(!_1nXuxzqtrFsQD-VY>&=>TQkdI)f%e_2$Ohu|>LsU#95r?*_su)! zRG)Fs$Z0CR_AV0T+d)}3;kn(qKQ3QCH={(y7iGH8GZVZSF(27Jh*{AID#w+j{qi`k~Po=jxsVzt2uQm8{sGiJd^5 zs?4e$55}c<30*X0%nl~V@1MYED^=^aj^~$T2ah-99%y_VC23EDU%os*pH=^r#t*(L zt#7I0SrcC}T||CSYtBY-xh4GKbozQGxM~31Td_{u#xo1RL0Rrf8fMIq>AK*OpV}C+ zCIvk_`PHvYa;xoC#YSqKYa~bZw$I6z(O&EK^@TI{TGc-~QX(DH^xF}CM6O1X?%jLrXq+8X3gdeXH}&Ykb% zTatpyYN|v2-g7<|LK(CGNAPx#Ct>cd>k=S?7X7@qasAvu%J{SJ8~)?&?;dru49sRQ zUuwtBdi1QwBvh*X*acy$O5<$r@II_Y1Efh+lnSRH|JfA_=>C942o&`G!GRyR$UwQxfOgEPc*YHkz$s5p*8}Ap0E8fB+EXR)ISTI;iDXD z5EE@=%EYYAfrUB%lmM7bGW*t!RDT>T!`8!XMr|#kd52t8fuD!^Ucr|;G+kP8y~AU^ zM;q?y+byB{vHqtGz;7S^6ty1!)Ud*ovwEPY#5hp7P5lC6VhPW%hs8d`jey?jLVpFJ z7HJ}Ht_#KX-tc^W^YPCc|C@Y2R6EZ?d%#%LF$=E zL`1M60cPRbh=TPX)MurYy1=?{?5te*)?LdYwM6ud=*v_$(}S*SL7#H~_N*q5OkXn_ zd~buim`37ZP;P7I3Upo0lSo;vV#ab1Z2PWdXO8^HK^!}OqOmk+yA+d(p`HibWB#@c z6gY0Yb_tLCdS7wGPPx?w>sT6X0{@G>nG>@_-m1hkI=NSxFas`QGuAKOU)H;|SP1fbjkMf@`X=aB*?#7vs5bVRlm}RvN!dTy$|sWzlYmF7~B;apFY5 zA?TjlH?J+59mj7R3wg0=UF8^uge=l#~f8BU_ zKL3k}xZVOJy@l^9u!3nMzt>|>u%q<+gn(KWJ4>5WYBk0K!SY7&B@<#)=(zjhA*=gc z86uXr9%_LwUejI`%^sa#ehgJAwE%&(Zd)=~W1lMwtC{r6oo|7B>^fpJfUK9#2fGrE zGzLN9hmL5G(go&H&}E>ZpO%c*kn7Y4ETAk4`QW{K2gQc|s9^_6Sr6cknLC(N^oX6ib9o@d&EsY8#-BhTu&-TEQmY`xb4Cg+qC z^PvEr8*;82LSB*ckm85P!yCw;GFPC9WfodO6ZPGV&+@UQX4ng>@vSr1MCSQ7@|Vb}8<}x{%1K(J>F0${Ld39wR@;Mmo~aDe z3+}5a0}#1p`Czj`?tRx=UDc6pAkdkVC4--BsX_hoMcabk&3Bp&?GKU?H-<*7Ls%TK zdP)KS2PEYdAye8&>Q6$NAp;F9y%h$GnksLDi`(wxRxg)2nG&G8gDJ3gCC1UrQVZmB z;<+$8O^zSo>1DUx(%k)|b0afJKz^R_b^N!hTNMY`jqqQLF<;!4^zu~G()MDFS>Aa1 z=H%aY6<$c6CvVq_?*+OpZc*WNsv+&%D8b*p99^ruT4F^50QPxC@h`sI z0}esef3%!s)A}LlW$LS<12ELH2sUz``0}3^-V(zfb=h8ym~^izx|ki$vg6 z`aH$FdV?9!*(+qLOERQc@<~>;Gm4QV^2s33uS@Io^Cw<69t)H!9Iqu-pbomM$l0ti zrUbB29h0okbsuChs@(6&i~q^4x`r?H%aC}H+*|`=2$3t$q-uixQ@`5u&Ha(E!xpbG zuXUJZmUm#Xsfyy~ZqWwcFoXLsY?F)ma&yOz{tUXbZOID=N$M>w*{vREe<-VT3dc1SZ)G8OuGeXeU?&is^6R=BwcoMHBgsR@zfYf z(Zp!!av!sz2bG$49sYXC5Z2} z(lE-&KVul>lOOp|28bl7QRpSAWicn_VDqF4>sIUFVu?oFX`*v~v? zi#OI_@B9J+9rkX|>`WZs^0!4();f_KE9)_v@SEDo!$F>UW6pZt_WKe{?RuYv!- zoshZH(Kp8?$*sq@SxEq!g5qnqdnXu08F(*}$mV;PtNKpjd<>@x zY&ACC-t6h*m)#~S?v8x?&Ut(LI|OVeTnnazk{~|#EZiv`{xID;qXSQU-^Z~k68hwH zd39C_N*Zh2oD8HsdgV`e&VH^-2d_)zm0}E8vvORW&%#NC_SLAA%PQFie&jfa0+YLm zai-}``Hyx@Y9v}^4I94QRdLy+C*EiHPKwvN${{_JC2NOFy~@e*Ea?#$=W!+hY(e+A zue_pqR9~UP2h8i8)vV0FSEthi?RwoHf!E^6A?{Yl-*}$MKPHbC z_uu6<11lf8<~Q$iO~d>PFjqsiQ5F07VzqLZ6QC1g|c%q%I18?GB#v$RNBR7( z-k)euoA&~+OQ1u)?LYNjewO>Qso*ZSAR*Wt*P(6mk7@;~KP#L|qs-3>C>R-!Sek(t=i)7Om z;ei#>BCrDL9jaRc%vB830PFx-!gg@*`fm+61Yk)fQq0#_7!3(#8!YZ){ffs38)Y(< z@9S6)+;(l!=?O_dbWN&o9z9q%tBQ$|=Gm3WW-Qys{0`Y*sRjUk-Di!K{Wc<$W)z3M z=#=~r^cMXcJTsr*BoZD1dR$bbG61bT2%8E0TPeKb_oXBu*#Qo48SkA7du_k9asNUa zy_DXGssi3VUq-=Go)u*fp;DkdAHMH*_P2fmJBPFK@Q&=QB~s%U9$WT{bQzX*z~-sH zcITX^J4cm%9@-Y&b$Q_6jZ*vIzxNsPwU9|f)&06{^*bQ> z<$u0k0M!2@hcAhR|H$EgmK^>q!uv8mm7Dp<%mYEO0pODHr3l5ix!{jS0Uh1c2q4)O zxpy&M+_x6#e=neKx^iX!poZn9E+PomEj1MUGdZT3v4+b)mkJm2f&iAHETZ#AnlDA0 z&%5o)mw!#60~Y50^a4N_b9?J5QNZx2K4#_c-kIDVPtUmdv*=WfNOw$Jh;oeW57utm zp`S!Px2ZN|f6ZD<;lfD>UsEz$mx*A!+zjSM*Oio$3mc-B+@V7^LD%mZ{nF7I@oQ-u zbLYZ=1YfP>ArLStu8fVC{6cKxN-dm!u#~{LxmC2^;KlTm@)i0}^y-BTtxJiHL+e3% zHmn?unqB)M?339F(XR5P%+%NJ?SZcpGPHx?pBGMbz}pLyh_&``mIHPk3JX#Nz%8h2 z0{uLLTM6WIbdM)?V8)hT%9tb>McRn?fudyKp6!P~`+(N5-%%PJjV>O-{qgnC2t5%U zz5RZFj)&=(w@d#Ba^bLux&C%!N5)3?LT~4OVioX4C1;AT>!S~=mpMEKdRy&H8`6KZ zn6AC}5g3O0vw%Fyw)59w0H_T($3XC__{xQY4xl}Sdt|_ehj(istPr8njMprxu_~Er zp4J0y)cRI^UAO?Kdt?@L&ja7m2)?<*P=5f(CvsRcj<&PP8dqx__2l}p$V^(DZGJt6 z*`z~h7bveo$gB?6_NYIGudFEphcdVqCgu~EzEKC)mYjYob}8fi_marnbLc0Kb`CI# z^qtr^5!$CEBheC`NI^u0O^*~x;!l9;j5Wwltu& zcegGBa_}O7o}x6qVxYPXEE{*lA@zOKJYe%RF-2z_e3f%TN9~HP%MzV*1u8?i6i_me z_wMpQ6Vmn+2YMK3;EoOb{AA=^ta;1K9AReGeG@=bbae_u<4x7- zaLaraK!?`kX9WVsZy;VZstyBLzu~=vtN5qs^2tZ6u0I6pCY7mcV)f<3%~`o-l~cVh z*w^rydFlK=F$AoiqkyM_^^xPP?*NyDOg2>*adb6!`7tWhWdm6E^A~gCLmQ$~Z%=j% zvFT~8VcBNj9!{8@MyzcshQ?Omgw+^A^JuY2GYldT%E>lol(94h`B5w-CcNoW+uzR|j*NJOF_jewB2?^tYP-KfQh?vhD5 z72URali|d)!Wvxm_^f7?k#6}la;fy$!|S#UA{=YZp-voMO@+3`(l6Tty5P$FQT#0k zQ>cX{tEdxuF{&S*KZKgE@7Iu>UrY3{e~c&@#0YYO+=%CcseWu0tpdx5>8Es$M^pzr zRP8BcLfo<}JF5i@BzOHKrCchrNZV>@TgJ(4hd@IL*8m%oOEr;0s6L!IX`a`hR$=!^ z9^l`)x;InbS~ix(3}&+QVg#HB+M80x%4@oRc&Q%#!>8+yEnj-E%XvixH2lPTeWjz6 zGw`;=1GX9malH`_)4`{m`%zNoKSF3w8thJ0y5GHRK|<1I+x`wm)2uv7KF(``&p^)B zMT}8)HQV@V4+fjK_|0gzV|g9$9prbEZbDcCyk#set>h!0(d(g3>VZLWLwjR6^EL>m zWC=7@k{9{D;pdGBp+XpY+t&%5BvLc+1vQIV>HQ27%l33TF1LD}xYr&F01TdjmwY%* zC^1lOF2L0cmgfPec#viquEhJz+=XuQvKsf=V@(=$P4sm~SleYL58FK)w4UzMTWwWA zJYlff?pD}~H&04vYeh_bO_=)!E>-t!S0C5$s4F;&XUr(drW|)%JGQPv*Idyj%B?a} z+O_D#SulA{AtPFvd9pWlK2E`D? zvx2f}j@1W&@esC|Ola!PcSkv}-^hKoJGTavoRkIAjGOPq(*nDO(Vu+pgmKG-j*N5C zQVA5vHF#C*eW8FNn0P-;&`;$)uB;j~UZB-*-`?szgZgC*8ZRsy~*+ zQ$z*3tpv&COapVpW@)a}-U24Kjc9U@3D&lF9oxAEciA>O=Tyh@Xp(Kt8;>0~HKk7_ zIqLaOY?0A)t{CGm{K|SUL8Dh6YQCP{6(N3bzTbtfHZkcC+NROEV5{ zdZrY5A2LzsbbWQlRHRlk)B8v$xnKwbeU{skp|)g+`bGMoCen|J*p-S{II0jwoRGd1CX;joN+3CR z=AYKPcJ-?Luzv?2+X?z3w-1SQ4e33;Sm~M*M&K&KYzz2VVNV5{3Uz^{;r-d(hfKr4 z!supx^N1B=?3Oe`ruj1IL}SpnLb0;ncz=?Us%-9TWEsALhT#TbFQ|ZyXHNjaJH8}5 zCz0@c7KAsy_Vx?%Ry%C9{_67p1{p&)?B_@+dwJ%cHtMU$Yw+dO1!NPgrw^Phy64n< z8SmUUiMhTPHsCX>AwW6Ss~st8cU_-G-u0r{yRwvb^CJ2opSg~^Aww3KCy7628qM0P z70?y~4k8=10K^~trXaeLi)nS50$Iy+n&qCBhbK~RzwmAt*dfDJjRwNVVOO{ZEOE)x zXcsMw;4Of+vv(|_Tq@#GqF{t5-EtPD;e3=6stfn=)L7koMVMP)so`9?+B%w3K@9XT zoH$^oai!9|$Eg|CGp5Sb(L$6(C68?=qn|+fyy}92qk)DVqR4Wv*8R4CQ3an?Rd0{Y zV$)(#VSIj#XvXrtERVqtlR zMtt$sdGF49QnFs18)Y=TRFi7*fGxu+6|eyfsU$Dt!#DeqVZm>Fi_5rP!^Nz=uDUbt z>e5&wA3pMz)3OCgIGR1jmAefYTq2Tp_eFbR`!;hdRL#p2KUbT`%P}R>_D=J$B6}b@ z6RC@v|Ja#w|0>hEisvLGU`&p5%u@x570VL}s3iO|Q<+ptRnW%0c#4C^(?w^pICNn( z5_!b!Y~^g(yM2cQorI&My@JVG0!qdKOAVu{^@5TYCwo!Fx-x!Vodtl#xYU!pQDs@- zjiskgsl&DS>beqsEAsL^x}EHyIfsw|f^%;UHEx$V+2Wl+x1V$wsCN9t&1BNQBh2GO zuwiAoQ#P`vOeTdFzz&^ob?$I*!WN%Q-N2-r+s_yksI0mAmIv8h!Hu6_-cF%(0(caC z94bl9fJk!vP_O_R3lS-4&#V6QrfkB(-14CWzb^V1ttx=M3{((04`V-kz3BPubr2c5 z8zN)pN@+CO5;Pt`Jclelj^#Xa`t=F<_~W}Ox@z;ZDP+ou0>?^!=~Rx4Hs{U+-8cUX z*DhLY-~_^|!mEUI0c+}-^>oOglz+l*8)`O|nC8N$ojgKi0nBzNb+&4*HcV?I6X&hx z;w?7Np`be?Lms|cge}Y><9X4cy_el)weVoq>Sr3ULK=I;r9NXoe@=YWA9a!b{4Ua; zROZlby1E+Ea@i9f`%k}IO(AIH==54Bg^n1uBpE3N1`>~#tKXjUs6J6+%n3`iD$=gF z9B}``$!dGMaC!|cmyX%W8NOq$>St@gE#A=KLzv`r)>+_2QHI^-wwS_^s+;26v0>gi za}N_vt#~-@MCW8a+@w?+lzfa2EONIOz2~r0(L$~+TF8wtaR57hHAu3=?q$HvtH~u3 z@eY2sU$`Ecr0|*L?fG(YfJI17#>=6w;1MkT#i@SG>D{DmJYY@cVyyE&PP(@0&_m@) zn-0LOX$Ib4H($&3%*I#4Lf7(%Z(S-w$U+$4rGVBI79CtsMvF`HmQ^ zTsXFDM&&bJA?6q{X4C<-ipO-*1ChNQEovx+SM`At(3AG79DQ(rulRexiz`)#&8t9f z(oKI!7>W3G)H4-ZShBy`zd5D2CZ&j}#{iMerbdOhNPnd4TQ9AqVYME#>(=qUkdZ#FDT8XD}5cHvKr=(qF}eIL5B@R2k(&_hp8& zkQq8!EfzJZ9^# znH%540ipA**6fw)@34PtJqi%yLZSirfQCYV>)zd-%RtX3Iz@Oxlbuk^x9JLi!d6>1 z0mmAwwdO0{k=Ov>5B(~@!OI{cC3f%`ga0Eccy1muJ5HDe4T8EJO#4afLSUCel|Y~xvyYVLfq)9Q$HYw8&&z{OL2sFo z+<8;ege=jGT7-K}PVD;X+P0T7eiEQj;KjSpHK1qTNeg*g4!>+;1!QVSR&@Yf zQ8wzai;i+&x4J~!wyUm*sXCXPKd5(D-6 zw8t%4qGHD#$u!XQUda2#EIp=Z3@^=+!%Ba?Wc+Gzh5{qK*ml_a#xir02A)X6-E(td z71Lz5d}$xK9XL$+%{NnEuOZa}1-%TUM1?$EY#zltbQ?%1>rGVoqQR6FzY1vK9+R^w zO5nxTMLc$01;TIq)=f4sLuVZHTn&G7WkwsC(+~j&b?t=Qd7!4l-z2v8_5t9F%cj48 zy5ArEW?F!TuTBS@QUl(3qF1~A2TKK%2kawgw@vBK_nv)g(!=Ac_W4Y01RcGl{-ge$ z`sw)H|5X3~y>LXU0r0tgW6=tVF7}*QS{8uh+(D5EyYqz#{qpyv^#Ld){{+6g!t=!f zHFD#YrG*0c;p~G&lMMWQDS2th0WSVGJ>>q2D{P!Kcd{8szez9Xp7syA$0iati)QhE z)bc-b_W#kKMe&EMu>!t1btZ5C9Z`ra^_Wlhh&Bm&2CjIWzOu%`A)QmP>iWClsUhjF z4&AP0fdBV%%^z>&j8UU62UezG=vz`f9MCP10}hEEGb6XEspe$`6W$|zgYXM~Pu6Yb+?oLU7EI##KaufBQ5m5{qig>k6 zsjGQ`o*>4>yNKR0Y0Yy-*9_R$hoQWamB;FCQ=oEij5^Vn@`NjUsSWiiF7))0ul@LE zk*_^;ajpjf={XsAuWIy2Oxub1Ni?#BQ1|Fm%!H!`SBEogb#jLuq3^y~SszG#1J@+n zt%0yFpa^e2=@W5`?v9-ttPf`n<}@CzoN;`KYKvAiM*#1E;?4@Fe1GF9xZv}v*T!1y zOsZp3dhkScDQS&zeKo6Y?*vA3k~^zkNo0?iM8PrK(ZK{T9O3JaD<){C!PXXqlk`k2R+Trh-+F#_sGdeYsG#luO^Bw_E&fyPeqp@qpM*@!Vr$`f99DVWBt zK4|an3kf7ub)2prgC)CK_CHcpWWbAA1pM#aL4j4&!^!o*P*qU$QfPM-a6xXZ zTvn=8deqq<+-t*`fh{v$mR`lks?zaiuA2<~Ycw)7(qj7z{p?#*T}xHy0(tN5r_UkH zkJ?CK`rect)HMX%*=>K-%vDTBa?OlXf=YDSJwd~1Ux9k#%Z!y z9BJ;d=ZbfQ?O)@wMV(3NyDuc@iN~vx%xfsv3kz~}IcbwYavfLPRaWg}oPlV0MRm-e z^vYz(dbgDnT^rL2ceCj)<#P{P`k!UHQI5Js1dFM^bH1-#tdPt#58B}1tC>bV|NfpQ zcZkaO2+|E7q?<3NH*>eD&2Dv_#A&k&YuaiwdQOP)iv9Yk; zdDmJ=mI;SS=OG~+RXnffI?F5&Ip431r_JI*L1#{nVs*bp4U48MleFfV&6D(l&oiwz zx5QiaTUR_8?`nQTGyvq2jT~)zbnxw;k;hn(Z6qD*4zrj9XE@)R>-$ziIe?(gQu5vs zfNXpDMKN%pss<7X6xHfiBN43<4)UouU>Ycz2$8%BB}5)Yh7ZnaY>3%CP>$eU{3N)F z_gd>tkspA+%}iD&Ur56x7ir)J;~HmEl$QUq5;yl)v+S-Soqol_OXLl<#ut?v=(}a^ zrv(&`SDjC0jh=E10Jda6aG?r-l9tjNBkylDxNUF0CmvRbj8yjKHYAd(T5L=@%)Oe5 z8%jrBBIDiq;ilC{2ny++nFGHqHfAETh00&scr~GyrD7Ivt&C1lW2|Sz(EDCJN z_@a9<*awi<&VGXW)W3-?rZ? z~Ig-Q)8j15bn*i3r&w7AenoGnhX}DBUe@f zZ=IPv3MMUcwOLZQ1+P=9*?L=$B63r;jiuKoWf$Zy((2^qTx+FZRBs20ifJiTH`t6< z$ZWf}sXIqVB2n!g49|G0W2tn4+1}7MLp9Ys<>(0Jv6y!slWsg3cw`+PbdHqb-t>FL z=cf{Ao3Xdee6F|Q0DN948DnnH++++op0MN!Um8xz#;txpkdsR(|7lkY-ZAj^&qeod zi}9{Wq-iQZ)XU(z2d|TSEyzhc1<0Sx2alMP-AE5%sj!I_B>V{J%xPlWFuR%8hiNTV zrJNmr-j7@hjd@e>#{~>_ve_)g{%GAw$nmX)-Hq zDsD)hodu`-=Gp-2feezq1k6f~CSC z2kq@3MPjZ=PHN+2$JPzvWh%~*t}+h=a-UiVIn0vA+Hob&W6Pxo;CcBgy&h7ML?P+V zB%VuPw}SMRwwqSX@z(yPRbs!H6bkC8=5-lZnKZ*Nx2$GBah)?s*PWVY!7jQ_QgG4T z0yO-$_m6zre00_IyboBOdryMoA$;v?%J}+$ra{{$EmF%iFg+0A6D9IQa|;A7JT|t8 z4rYxi6t?Te8fd3YZ+4GX4F$#$gU=u*572x*^H$zlyA+1(3)`Yjb+?EO$swFsRp#WR zS@p#D*)<~-1r=8ITqG=6--3w~YcW>{Z;R{>Fr~&C=!0cwOz%$CmM#4i`MWJz9i)6 zy?X)WA>9~QdGKpCxl|Cy?tB7z2ly!qpcv?Jss5U|4~oHA8mitkoG|X>fRo;K=g{}2 zeOP?UOS)Wut3IOT2>56vOhZ8`SS3ZS0}UVOdT;E$zn^H(h8^+V?cvch0&{e=_Ww<@ zDm1&!Fb>kkPT;%gSpgWWDw@wD2{IeaiGhYjlVOz|2cv_@hmj+-VPlcqyoz^&_eTu) z(W(ynQZb`@S_a3Sgpw|#g(HQ;cBY++T@9&Y)*^!&m=$jX(g$FvFTv!c80U%$#qtKI zy?Q}=WGCk4)Mn^;c>Lvaq-B3TTRQp*-08a|H>6eZwQUgwDz^yt5EA&B^ZKcH z=CYr^DFWy^o)m$uV$Qg5b1vU6`jqM#cvvg*I>I_H*EEetY$2GrOI@1(I^FhdZe<=* z3TVH2kbuB(F>S|rsdZrzFViE1owj(DyQ}soe+`E>=7rgmps2voE7i(ct9&N0@!soGf|`6 zB8t}mpg1W}^Sfx*=t_|R!=B0*M~HC1$$}^%(=fHoZ4vZSSE~>qWs5-0(62%7fVRZ9 zp<_Lufs?xcsci)yAe}#O01^d6IF|wd*eIdABHm3_yW>#{CeOQ;2+p@sW58ZWTby77W3MZ1YmIh{lc*+#*b8NjlUt2`E%qhYEIj0T|&2 z7g0REuh#2_YF!IGxl@eKWH-I>i{AiYb+xJ=nu&stfOJWoMHHvUuP}mU9=_=t%82_} z7Jz1TqkaWFdX)}RdhsZJ0Al!KWxyMfzEd=|8eFG7zZhl^` zrVJwe_EqKlNy?885x>KN{{u^kk^=vILDm1Cz>*8*yaRM^^}@`^_#s0xM+c7E`Zj5P zNZx!2!xrpq`nODj#$sSBvNS)WZt?+a{{4Q?9W{p^Q-)tc(uFzspX&cF6V8?F*x?M@ z!MVn?SU#`SU#MJtw`c*YL}O7*0J_{Bw48kN%c}IFuAF!G+TiQve}-WlsH8c`zcDi$ zy`4D-`}6_rQz=X(ySC2ysk={~-ZDA$bP^-{P{^;E@XC9)?VoZ$BlXQ{Z_Wa^(7dV2 zAmQUv%pY?2T{924wwM&|e1gTr&&T>FQ5sAbfFB`eoO(|;l`3m5R6YGvk3rhDxLo|G znq%7xJb~AgIM$^c?3#_Wa8lWl>O-9LtMAC*&fTh+fcUp{5%Dl#=b50SJZT9Nx$Xb5 zVW+(Vw-JD&*CGlj5lZc)!S*dA{FXyZ^O+$5-TNE~X7TSN^vG;#PppL_0yPJ&%>OJx zFwIvwR|Fv9Pr7=_;M3ZUsfsIPrX#G=O8e=OllTlq-)o(+?s78K43mUB=-%)98pZ5{ z=rK@c95pm)CGTH1)A9ZzSw%%UO4wK?Xc;gdz_*iUu~>f_Y|XCV&c|pH$Eu%em2DbG zt|B(f_GaZ-7m!qsH|Ho$5uRCOEE*8qEF1cZ5U`@QXCW=!fFUp z=hFDMfH#IU*bwWb%3!nR^#Z4ec^n%DRt1wZ6;j5=2K9Mb?YvQm7P=lormQwnwaIUM ze!iVj7$#93$wzut&nIhnvy4|UXGzEmE)v!<2g&F&X7eBxE~c5E=NpokaMSIn8UL8u zn_i!_yY*4yUZ}Jy`1j(#5C9Cdnl7UFUE^d5cucXeUujd>ViMWD9fK$8Q!&N_^DXKUeJh)+8(X4v6}Cu>M)tQ-^3uK8>(W}G|6*c@ zrNk$;bbDDH$HF4F`UYm!J3WzBWz9TV)>BgM0y$Oh9(AGfgPdLnAscMk{@T(1`WgqX z6hlT|c-*u&@<~4Gm6uh|N917fl#6k-XOrK~+#^cC)GBNcDW%>bc(9tS&UiG5fA{qH zPL`Sfx@xDSJhVVb%p!WX>;CG=!DRinUQOBtNbS_<*a?ug` zVJ&zam1uJ(%%*&Fs`G|=8$w_QN3tsAml1k_ch~B>>$7ZNCkumjpx{goB4SJdpA|Ww&a|l?yb*0O zQ|y|1(uBeptUl z)s&Hs^;KyGDfkA`Xs4}g9`45U;Ai=v$d~_=F*epluIer;{^>b_f^-A>+=R$GaiI#v?z)a__afhsBb$NB^SER7fFDmnBnO)?cZ8smVH4^Yr&^#udimvQ@eaLn6YiUh^SlPIanE8eenRi5OGbj0;O;^QR{dMrwG*a8{H9oUS)|bvC zIg-?Zy2@RmRfgr%y^*s>UsaYP-M#~|mtf$fTbN^O60Qonzq9nPtFv+14PTcHWw4bJ z=>1I>viO1E^0JjQuAu>S4qwTkvbju{l45fvU9SI@rdKzV$9>;sFnr?)*t`OWQb7ri z7GiUR_Xfqa-s)GpEYG?%Z8T6tA=pJJb1*~XAG#M+CZh2#bmoR5lf&9_B8$T$vKna` zWjhAR5U;?iJ+BP_O)OPF2Q&pS1i=8VD8XT$nHRJ`S~A_+9xbTyxl;X8W}j0Z1(7U$Xej#PjcQ8H`P?YjEh+|_{=VaU>2KvFi;7{A{|!-pY;tO z;kXwVb~!fv4sbqHwKY8>j=Lk~(MoRE`)Iy_yi&yb>6*5`2?2QI9)jt(s$XxVF!!8$ zrI@veFK?{CxKlq@tPSz0<~89;(pY)dkP(G=4>>dRyJGkj^+B&&C5HY=SEE(SObo)} z%P4?Kg5z5{4x1j_z^$0XK)e^UA>!==WnO;@1Dur}G+~yQra8fMAzSw|&lgi34HTiK z${NDEpLQWTXa-!-3vhm~Qu&j{XODEAb^i4-Vg9^%3akrb4LqJ$^ow)~=<<&MBxhK~`kdZ{V;!I?yf(nQ{~y0-APC-nYl-_GZmkpl&_ z(*hjKDR6oyj@QalPBRIg;OodpJf7y&2X4j@wN-f}G6&GWnzC^o89v!JRw(RG$zgUG z}a#=vO1OUqq zV7UP2N{NV+VLazslOtoc%sdKtY*I(`)AQIbGoVg+0fq~XjhUN#c4$mxx#&kmhG>|j z)rz&v>ms%b7zUMU14R|vB>|QrY+crcUZxHR5B31u;L)R)A81t4ioVc!H5qO&Ld}g6 zz2-S9DQZV5kiVJTle%nQ_&1COOuYK~M?x95!RBl|9;8%uCjr2OuA`5y0-gNEDkEsE zPB(;fv2U8gb_-)R+N$i3`anI7GB=`PPP7@pRDcZQr0D zh|6O})&-V6IyspucZnuFeH>t2o|gqqI{l7c)_3Z0j7X*;R-h1-bpiHo+GwwFN-OKa z7;(-tbz)1OS*pbb0Dt31>)8GT`s=fC2S)NOn~nh}-=;02hd>)6^4EhNo&AoP_c$hu z^BFhf7rjQp1OW09lJ9I^cBvl-qwn1OM)GS}oxU)3B7jt-Aga)F`;}j**Vj#N{k!;1 z<)5dtq5n-s>kj8n;qcpo8|LT7`O~~lrkEgye=BUwQ-k&ZN6}1dC=zEXh5vi&!tEaS z`~3S7Zjb8&{%wh%isMl^0A2E5kK#np@mk2gtz)g-<9X`+=m?B?^n80!MYk=Lr90>i zN_BW+34n<&-GI|?cYae$`rE6oN%gIfY0He<6WRf3m9&aUgqmv;ZvlEAh&p_e&VDh;+VSt6ozO9l55-WRTKT5fL}N z;d%yt4s>S2cd4W1TB0~r|qqP9&*Em`=tu;E=q&;ZLN7?v70S-Fwxf3_T4=b5eu3l!ew@96F z3^uE_@O{PS1#Gy89s^h2E#8Fp%8liUasyQ0L_OdWQmmzNb@p>qaRgR`o!4kS@05?u z4MvC(DXP^AM~__c?#2iLiray9Juj}54vR|+)VXU0>r{w<$U|c!7OGJ?T;x(6?^@(7 zd5#RRd)?a&gv%gn?bvl=j+H{o;h3AeCts2cizx-@Jvmd(o`d8^W^P)9#$~>q6Ng2% zW${>PP$NL-eeS;Fdk`8(gOJ33Kq&#zWpw`cq+lSA zbVmCJy#azR#?|ln#Q$l`msFdGVEs4AoQW4O7{M@j&^qySs4I}3dZ{#Z56~?gs6pKu%#yHg^X z{5@(lM&qk~&}F=WDAUIu#TPQq^)IU+0{OyMKb8nh%0OifZs)#za<<+3qN%TKcj_Ak66v1O@fad!rp0Z%nY@C z^Q#No!Hh>gg`CtW!$U!5M3n-3e@m4>4_0N6&S7vLZem%gJ$MZ+ks+MXhEJn~JU=1r zUhUSPoq~BfLa6>AS`yeqQ}g5wg$6iI_W{R=n7&gIWqk%E<~ENGaVcJ3y~5})((YYm znEks63jq$!&J*4ez}}WGA9_UfI3aSkih#Qu(lsSZ!F^SyBcU#r?(ad>0h_?OwZ+=D zLU}B>fCv{_aF}s`EjE-6jR9PxDd}CyhIZ{4Z6stzM}^Np;1JQEZ4X)*a*A336H>YG z=(oSG=Ox1VX@bVXcBh-xUdsA7efSYJX4!KsAlY{6w!TPeQz0YFX3^Fa!15k;RS66m z7(M_Lb#s|*J@iaew)EwfvazBhCXJFvrtP7HgRHk4bB430%fwQ)BJ+TroFRJUrU6dj zATS>Tw}h&Q{3k0oOa-w@se}WUYChl|xH*x36=**2c^=e^_ljLecp8AL^YyRHt!m{G zl?_CDk$_M5efXr(>hn~UK*QO7LV5(2mjM4XK$$^f*#iK(_8{$jg({qDEgXQmU=j;OyM#cX zaz&(|#B-%miIL~TGfyrPF6b$+lg$dvq7L5gW(o=|1k9DZx(R=LphOeFHQAd7c!Z++ zE)85`2TPa?`QuiB9VF0%nK?R~$6TXuUbC-*oCF;3x?dLWQi+6>qFhv}^(Uw#b4$_2 zBVa`{^y0e!i&-ui!Pn4BFqxO~t*H_`a03f75f07F3cJ2eGHT93N48BQut~y>hq>_3itUKP# zWoJZpyh~tTikU*iM1*`R3#Cw2LIqoZc{6R4*#v}de;xCo3kGB1&f|`BkgJ-B{o($k zg-rmAgT-)wfMui{)>ZN{y5x4=v{zp#Nl)Lm$!!L+K=7m#*xSjjRgo=O7-U=DjPKJksiwIwVpOV!3O4qYGGg-*n$XY@{NdX;rg^frffH)&qmvg5TV;p%)jiv=?uSi(miMj4j zQ>p%&xlukeYDG8MkK1+zc2lQMJ8=9y7!x_=4^vq@Gl z006WD^gW`_`eGs2)n$t!-e>+zd7gS!Bbab9%F{5cnB)H@mNye=v#2UDUq?LCyGbiG zW$A9s@9&Oac8;H!-_@z&Qu}0QbwHrT+yr^c9-hwM>HxYk86o^6X|Lc71L ze($Epf=k22K*cw|Y=1~z(lWZ51bRlUl_Gd$D@G1fg!6-iIYeH7Pz4_hJgkTfOxKsi z9qO8Z0V~hcrhVA~)$;vdBQUc))V)Ov>c_g8&81cr<~?%rTnizv1@F?cx%!(dZ4Xen z_@aaVRTcx4z=Xd53uOe)4^W)--cZBo1rU>}x>756a&+3Ul{8q4Xs+~{o4cO`Dthy8 zE24gp)Y+18RNG-RYN|w^GDmFb32FUM9nhJ19-8GdKgyhMB9g1%X*5_<(7CF?1;s@Z z#?q7Fvp-#OyZ$A*_$n2!Xzm@>G8lBOJm?<%KiGTku%@!EZ9M9r4%kL1Ds7w@6{Lws zZ(~76QBaWb# z^WgitzCYgYd*ADMxcCFk*=L`<_gQ=GweP*wx(6;$YarqwxNLfqO((X(4_St)aB8`%mTYB+ib?;h=9vBPcI%dp&D2FE0 zj^fIDqF6YmnIw{LF?%wDyxVeW{+8b5XR3wZ7c2p#>_M;FkQx92)q^w*Kka{Kb=%6jp}t zkNAb|hewIum)DI`Hv;18|D33{O*|z5s{ZlMbLOpI#1lB^^8dMId&ssCl(-8qdsHaM zKDVa+BsY8~&8-gPF1Hj^=J{D;z9}+xUZ99seB4b7+r_H)i~+F;p!b>pd&s?x@GtFG zUtitSj1%O!6-e8pOn%x8aJGS*Ejl#5-gAEW3fn^jNkA7C9bdLkwLlfmAGm!Df;fmt zMXM6+GK%&yXXVp^K?7wEJim2c4!F-e)S*X4ld}Gl65OzcKA*A6Vy!07f`7%c=oBTtw9oN)r-~0qWEq7mk@qY2m%4MHtxCuqx zh#%6eM=pJ;<`#eXVm(yEtN_8)!in_svYSIbRe8%0aQ6CVlM+rkh==KJxGnOhJ&g7< zKn6#&wE$PMFTjr{ms7F6{`Ac)qX(9AvvjEv`|X`5w7uJ`0c(u&LK9*JK=XkX-ev;Iclvm_qtu=!W{ zft+ugN9y@ph;w)vPpe+HSng!UwXe#(`|Z;-u>ykJ|F)I-3th4NdKdO}jQH0ZxUYkO z|FKQ~N1(;u{7J3@vDU!P|AfH4Pm$~Y9U+Qe5ZQI0=YK5vNJRbRPt$C+yFj@vbc($g z$0d){lP#y-2f&Z!Nk4RkSdg@u_Y9Y%yzqgHQzn$_1}nIO1%rKrg%?_}Y38lx>;c$h z-%{x7fVWWo-H}AoL|`;)AsBL7-70S zgv>+YrXWxr;1%r_A%0I0iL%5zq&{u;MmbbUWVqP+p(lCh+FX{4{+|(9LN|g3A_bMQ zZaw&p!FVEWtBf6?fc|10^WblzyE0!;51JiFckBwLu{XBTzbrv zm@(94_D_OKct0j89;^-()(+_P3km}QwgPMTlj3~dUZc?rLcan~13*ZakU_r{PbT=Y_G|=l2rd~Ef&#=Uz%5{RLFx#G%NpzLXb3uIZvX#q|f@(|F%=|~u` zN=~#C0$9ZPB`=@~;=F!+0yC(w|H%(M=3{<+mnn8QF!LuMW(Qse)T>9wNePUsx|Ja| zp1!C;;Di-i>Ai9P-o(xwL-Om5!#tP&(%mxQm*@P$*|X`E_N87P7OwcnGj3 zCWA+~TomgW!^s!dsZBJ;whM}CLIdss3=e@RD51y{F6^Va^CPQFcyQn1wo(Dp*C=*q z#H6g!Y%UAf#Q7fj)A+cI;zFb4`{>tuGJQgVBvz@i!#G7&EL7>Zyu z;rLIov6}r1(*DdRT{tT7;tHJU)U?=};~%oqu<+37p!(F7>v>9HKmIzhWz*`24#Db` zCKHD@_4)PwlwRiZLVll#p~2PP4@sWdVnE9=o?)(Bqp%jfVw=Xx_dic)UkN?W8c?j< zw-5WASNJ@$xNhUxn=X90)cf1=BQ-4Sbg%6#OBadvO5fH?)KL*Um)wkGd1cy7`joj| zM6ay()27E(uxG-EI6p;>G}NX@Z5LJC!s%Tvai^Epn^?g+K6!zWc5f8TFie9d#g14H z93Ajd`Orf=mb0GVqS{X)C`x(`^OT(kFek1Vxe)(!;E)qN^kS@IiN;YG<_-FX&VV*u zh|J0)epWj?xg~KfGnoh`8#AF?CA%V;bZ`b|QrQhOv1ut?wCg_c`pa4=3Pp)~4%g~f zpV!*i0O3N5@7u|RA1`KO#C55g#AWxdyQMjn^oVn5R1K)ik8R%B?t42fgAJ|J_noEG zWl5u-!&)F)$+t9QLA&U6uiGXQQ+Jg7BC8K3?~9|T%dVFz9Q1HfZEP0Ibn3AVUaEPL zlL{gENtQ%NO<_QIja-|q-=IFkVzxJV z_6H8pz_qk1zohhP{#C`iQ$?%3q&(J26|b&HvE1O`B!Mxu&Z=>e`-OCelymG%t+eAF zb3q;=?U#n#_{UR5HBF3lyDc*88hrA_cUgyS``BH-*zsNs8?%d{uC%*=H#zOiEqM5b zckDIP#I*^GIyxDA7yan4`iIiE>x48Jec5^2d}6t@`N-61rnmY_MX$n`t9^~7`JC6; zzd3TT5w;&6Z|Y8~wN-{X;})Qm-fdEE|g z636fr{Hk+yuNb+F4l2Lx-y(*??N3>LO35Y2;jfbrU}b!9rpOKjQwQcP8;Z8Ic;z3D@df+$Qr_Qu9DG_%`}i5y z8D<5aBc9`Fi575T0&X1(2N#Tbyh`o3=Q9J%7Y8F~zWJ>$T72`2v*&t^torI^a!Ya_ zBYr@B2XL0WrN2G~LwMU=PL(;G_=5oEt0s|ADtN4UqlB_L3UE#0WPdZQtWF%e&k)z5yY)V2)PFG7<2~BoNV7-(o8Tm!k>oC8 zHo~X&^^ExZUYI{ERC@p+HBx0sum$FsWC*~V`6rveyPeZi5HGNG1tkBS%t=?9$_Zm< z{Q24=cf`GiNA1LA$yz)6JXgZ=PwhA5@BvbPd{;02tJmo(Mq z{l-u@a<1&{rQ&=CwfYPXh7z^e?sDELg)U8}qK0bB0;t>OVSb)S0fr|-^vmB`Ia`}BF491+%GtW+Ya+xi%I(Sb6QhlX(OEm*9uHKuISUXU zxyJC5w8VVPb9H^&1^wfQTG+8yNhqkFoMI_FH6|#C-M#HB1I_Nf2;o20g1!a|2KK4> z`!YQpa9MaeFpc-ogKFhtDM1_VwTx-9gG8YSvdocS!&3YsEA@*#?MnS%^COcBBU8zx zk360ADwWj8;rscnLyvkeA2Kp2Ehl*OVjtxgm8O5#Zg(8eWliZ8OlczW>cDY^F^ z2kV|n*;(p%wL!@}ty7NGnGLo$S44o)A%X}(g{%7J5>lVDnZ|=UO_*_R>1^fb1GrXdhe5nV z#(dhKIubT`iCfo(VhGoh$K+73S5=rN5|u5y@WTO5ZjyJ-La{L`dx{CLwZ&9`y9d=% zQIl&HTYB}qOTO2k;DvCqq9b90K(@GSk2k#NfNx$E|3fK@!JfvZ*3;Ol7 z&VlvMw{)Nz@ppUx8*w9n$RH1B>?~khwNWJrKlY>`4|wMzoZ6`~0pRn`y^m2SV*xmw^B7a zDQS^yor4}N<~ZS>jXXHmp5`!ck(+-((0?*6)7)3aD)y(#o|(P4T#tYskWY%O@!I&* z(?SJbm>Az58qgNN$*)@tA*5wc+ck)!OCBd%CR2+97^)Sb$zP@JY)q=rGo>w~ zPC_?Ih~2LcX{;Bvcst>iM7qP)t&%69l53z|Y8nbyGx`g7{;!*n>kqwtR_tm*z#k;t z=$rJPbuyDL{MZ@L9;zn_ci^3>&&*)FsXPH!o(Q1^WIELQ$t3O)R8%SzZ?&7(omHLn zE5mG&d{n&FVRmrO{vLud*i&!F?f_#)4;>d#(8TY-GShhAs10CV{}?~Uv$T%hr{h>i z`$2e%daNdoaX~{e#AH8^3BPyOpQJ|bbq+v@R)^*t+!;f~QHX+ln2s`c{6U15ViQkral0D%Xyr%tl{cPq~nZ;{LG!#HD+pRDq_8;Nb;ce4Ic&=MV~Bt1t_TOv(TQ+Z3Hc_TWltav?z* z5Xv*Wj}JUMz1C`$l)@Av;dki~7pKKre$6ng>fMfYK!#ZpMgfJk@#HtG)x^_Y^$K3) zQM1*aci)cIh^85Ub+@=46UD?lv4H|YCF4G9zgN?}_X}YeQ#jAYC>8jiQuX}@2rLsz zE%myvKFcJ$d`1wm>n-EVJr%KwnS6O=`nJ%>g$ks{gY^a-Ytv;TZ$LIn?mtxQp0WO| z0iELL9m|NQMv?e37Y2*Po(&gO3hw#&&tt=ecB=?f2wRXDrZd1&+kZfO z+59XIf2zb$O#A#CzO$wxR^&i^QF4JA<&WPMkr@x;$0+?$z7a7_AVOLrfRyZZrResWs*_-lV(b3Wc%xtXgR zcX($}=!N(KLPxsxOzBlc!sf3Spugz<^EX^B(oYyzo?RIkik`e{wp^Rlx;AMyZFpxu z-fsT!n!#ESJTJ4eBFUn?;DQJQRFt zSeq);hEe(n$rZRadPui&`eq7D5E$1Kyuc)Ssv!~?CaXD!g+9(Wd;|Fwc3H7*Ye(X* z*`$3ZI^Z%B-`=GvdsdG^AmS9`4jq-wgD(KI_2TX%6e76Wl{l+YmShI2ywXLOWqFCs z?+JZn`?rtO-3SRv45$UG8g!L~&rk5C!p!eAUT~I08A=#m`otXdPyWL2@Zzw`$M4pg ztHhuu)0!{PrKR=|%Fg_vCQ(^|du{}C%-ZT3;Pm5+Y^c)IM0(eoVWu>sURNFzN zDOXJbj>78xwLB4<`#Yp935 zB}ooxI!e4?j<)wtCNhFknprJ&^9p2*kbqXf5?Iv7SstQV&%oLW7|LA~Uyz zITd|Mi>E&~im@vxhICYUi( z+r;1?REwvd3-S#o5KYrnM`#ioNiZ2s>-@k7_HE4(6N9f-jxT&VPitx%OfJf#mF-6c z?5I?hGAQ19HZC+k8Efa7(yP*}5U0qHD0#tg0CL7Po5@Yi*PLwdSGl3<^|%K;qb0ky zyxGiGCe%yk!*jEiX?3BGE2GUpeGjDtA}0V~i(N4#O~vUt?;nL}a)sSh$=w3T{5Y`} zw>a3^Sim_#F|D*v;{fWUf)mfQ`fgE=ky?^AttkewV_d`9+%Epf`DIB%W7krSvYl~4h=F(SMcmLtBK zdZ~D8iQR9IOq&6O`Yt@|ZF`)<);PMdRAzt}GEyv8UR!x%(&Tu$td?i?*hy`UUo#*& zey<~B=x?fCpRZ1*;U5j0ADkbmsYH$N&L{_kpr1c-E)Fqo5n8cFov=c4Q+GWOV4(}4Lme6M1cTYgVfa@@#NH(`2FpiNQ(*ixPcYWt zZ5m5fJfQL&9!7BV!mhN?jl5)L>{BJK@Kb%4(C%^ik?kKh$-A>c2aeVyY}W2^@nWo29lsoMMy?7#D*G*Wi^Ew#u2tk^^I0FUnst5W=wb?H06As z`17(0Op3mxNVyN-?0vgubv#-#xo0E-*fpFaRcc%vD1W*Mc^vIWE2f1LfKdmxTkh}* z@y~v`jaPiWjPtV-UkPZe>@zTVL>fvdw>uEjdcK+x>9H?oDn#!B%sNq`VXl@$mlsIm zFcp3-_agJJy5zjmbE9{{chMcdVM4kJd=0JEm_h5FHRZkHeMk7=8v-Bm`;KGgT^(Sb zN&VtWxgR!5t!(Njo)2aCm&UD0XO-2z?$=`@PO4ulk=#5v4_NZ~-XV$6J~-yd-`v zR+%^@QJojt=m4Qqh;={dKf_XYIYHD0rPn9_kuO)c35HsE}fieF@Z z0b|=n7;8KOcCvF^NnqEqBw&p%roZav`DX5Izw}@|sTZ+uvOFN9|9MlWuu9=)(P}W0 zG8j4=JuW2kSnp+WvM(BDMb>c0>}PYrlKwE}6xC9=9cX4zB7tpZQHN2B^j>VsijL(xej9;J&F>c>frDlqiA#^PXpGG-o=+J#$q zrvVD?Bnp*qTHr5pDoH&?N2MuQZI=qULBR?-uLWEU06<4Y2RkDch_= z68vFMh`>ks9H%Q^7L_n5h!?o->9Q&}Wf@J(eq)MzOg^-AHy{<93dCX@)?VtIh>MBo zJ5ip_EiUGK^A0}H-=JxO98mpC)tp|h4HGENPk~$=oVt|89?FyfXVL)QBv5o43-m5#5B76CwJy@7SP^~mOc37pD7in zGwW^&wt2t6dp19^#TrZic2E0kF8-0TOPG($E`Y!pbQ+xDVkfr?OiAX(imqSn9xT?E z3>hWTieqKcbOtss6eM?JM=XQN&RUv;Fr74Hv%wZwUT#pbhH!fw!BHFH+wEb+bW&ey zdcAeB$<%gULEs>^a;@3T5a}YW6;~IPuOJ+VzRwOuw2RA^}YCn4i$e8+ojw zv3)tyq8Jv{N4APwj_7Ca-e~=8lgqEk>iDpa-OF1N88#_eC4jl;2-WwkKIMKBZMzN` zliNGOy=8%PxSUU^uo@tofylnLYpx^I^>|4> zY96OmXEiR#=%o`(#;UhEsXFM^-R&)R*c7?;F8q3=X4hQ2#7G#GIBy^KDuJPE>Lq~t zc5Q{t7fDo~%S?|9Wn~%p@)js#p$lDs<^(gvZtHJa`>N~WTlwWacd66B*1gf;wB&c( zh}?IZ09tSxN$I9_s3tL71|eUVI~1bw=)PF^p*zKivH_oYCZlq&km;!&crPe*#!xmS zZn7u2X*O2WvhuVxn{l~-A{s22G-~0NcNBW(LrYsid*(MBiG5^mh@lh5Ii3|ylr<1U z3nrz%3JM9-OyGpE<|gZs+K+ZdK9BNFp!GcAy)9y$TF_`8DR!bd)o^5!LPI%bzf1>_myEva~3Z}eYuozrYOCIc4(4qjWH9y zy%|J`EYpkCgT(y#=>9J)P%3b@FQ<$QGTh9?r%jZAhb92N zr%z~r0SYV4d>(=oLvez!_Kh-&FLk&2QX|0nveb4}KGa=*-+Bk_;%7c-PkiY9DL@zc zKld3iH$TnuFaa1rqt*9~;(pI;-|yaeClx4|7BUtBSjU6@$WWZP=WeK{?_!~>3vGy1 z#wkAaX*>7o0;Jrm4pzT}F{Tx`_apWM@GAP^t8Oj5imcMB`UY?Wu0QYuXm$_)Vi=$- zff4%n_r?MzH*r@MN93>eUz20H*3KQjz34%m2#}I~!b!U52P8uB>CCWf0 zu-!ngsO4X@>z0o;M?+KtxYhPr@HtVsmaAwI*bd^(-Y)zG#Ngcir+D_|E^F58T%b8wLg-mGGP#A^{?E`+8ZvVg$&A~PQMG7$oN;eCxFU$QL9KQOTvdOYk(}nFiYX!@-^VYS?E?Eb9*ASOwnr2L`YcyMKa7KP~PVwF} z`=735zTE4+MA`k{@YU1?b>@JbJ`iPTzA)M=8i$J6wH3$FuKJph%<($&^J4MhDZ$er zC~!a!8=Eq2C=vaTZt!4v1kXAbdC`ZR-hNE)C>g`82C2R0Z1nNJIX5U577z3w!^?6yFq!=mQc2rUvGhRI8oJi)R_bJpeB12WwxIw_E!l^9y#af=o9e7$=OwF73f{SXImXa zpZ-yzI&{0mla`Ls(~f$Mp`$WsxfS}-9hwfWs=c!FZU2y$4B+yq3%qm5lq-YhygW-? z2Z)2S8v2yXDf#PA^bC|$UE^q1H$6A`oKlA>rGh}-KYc#4>!N1^oj&5CqEws6h#z6> zrTNyJb4zIK8Sc5qI_SQDE^qQCqV5x8?VX22qJcNi-cB=U2?{O^kRYR~HkS4oDrsA4 zxi-Bax#~MgI$_D7c9@oU!Siy(`$9t9P-!4q9$$*47NxUkmtnC~i2_`Ay10;t&Jdh5 zuLFaX6kYwmbyUaKQ{3z@6NH5dsNVC-dE%$GS*S0Rcpb-+&$Upi)202A!Kt_9B##xl z>#Nmk$c!a_YRt@nI6>kCsi3gMP*YY5GC7dc$1Zy}Ys;thru2#<9DhJW7WLdPyAFYY z8w#c0n(_CtLw!f92n^fuK!0xC8hyY|;!w3}{|ZnNYH4EvnE0{ky`8SXeGk@`msw$> zuV8DWuY3INW%rAuM76>6rQ*Gz0{*!cQm0uX{01!%l~PBrN9e^JgwQLzs;Jz)V8Ts7 zy1K7)?G1Bc7j#H`S2BbK&lj&3h{~iTyixXk`R)$$CQ%{X#0rev>#d-7+P6Qi?eytC zB&zo{smXed7$GI@A6nt_!uL#3m7}ZN@CXy@aM4&njHTYU*GR-xv_)7-RJYdIB@?}_ zDF!44j8X3NialL(DtED=FVv-FEVcb=j!Y`hN)sip=&OUT{M|6y%F)RPr^0SlzIGnI z@3QiVWCBM^UF-w7p#-Y``76QLAr)eg(Pt-@@3G^lW=N-$&-6ius8SChCA8SxK29&d z%TC+8%Ll*<_-%$tHYLvc`ZSq50Q2u@Zwm$hhnx7+ix5i7BZ^mpX2&a}L}ysSh$zvoFxkF-p-(b^KoA$-xoEb_PJ3 z+l&9{^+mf0ADQ=h$%MMXOi%S)=u~!)XwOTV&e`(!V+O%1FeMIW^O5ew56f(ekUA2y zP#N!r`v;llm4}UQ>P)o2?!lWqSAa}HzM7j=?)o)VfoFWfbs{hMd4bheDs}@Xl4Z<` zSe0IMZHRUjP1T~@;g@RYq)(tyuGWFdBa;s-(QM0w!ZOK_$?d*=IIbd|9NwZArLWI; z;IjtA{QWQaS)j>Km83_*e`mRjMq!k;;@TSM6eQ-3x7EWPFkSy~!Vtf=r1r(z%A}F(sPo}JI@(=jO6@#UcAy}cQAFgrge5}2(m1}t4C7OD3MfeY7bjp3RGReT)1Yr^`SfBl~ z?7+yR6Xos5>|}MCOZSB0K;4EC!}iPlW4!N|gbctT7#RRLco-9~_zHu}uI0|z#pwha zhqQFhMFz)`e^u)5pUr)Fr6a%#c1fCCmP`g?QVI}9*>%SQE}4{vY22toD?kF3luMBj zjFW0a0wqbJXfpJDi>#Et6CnX`6jPd3lxd34Z@)nuFrG5&!v>k=fr{4r zg;Nv+?K%c}SG;A-Fkr9pbRu^?p`M_f_@=!rqVhpG);c_k2(8O zQ}oVbK=|1I220&E*ND4H3c-dKm=j^tN}(IgsG*ZpMF>XE?Z_l!z=HVozc zW?!x(E?fZ_(b<%;Drvc`TnNfwZk|j;%na(g!5u{KO}yzcGyw;xPn%oUJi7dTGjscz z{GSHP11PZe@uu&2)ARpVw+6o9%wvJ5M~(<|bd*uiW$2WIAV=#? zZoApO{Pq?ZFtOdDs><{|XV|A->6^P?pjiLO2CMd=5gkdB4a@9>9pkT2Vbi0rDZnXA z?i2UC3((1J63c!KU)2qDfTOuG;1Ew&juMaK?E^A{$`%K@Uer^(M{`y55LaQ14gjcI zo!?sI@o2B+n&>RWEo%_s{M{Va=V4^v(}8+%Mt1lMpjXvdw9i%1CN%P`#V$-ie2H?r(HT{9iJm`O|1VrkjC93Q)9h+n-LxR&zSt~2O? z#f6Fr7t!q8&#M)i@#$!R_eDk}s(Ke(7EcT;Kii}xkI^HUI0#VFWz{A7DLTkUhVzeN z&W#Q=YPd+bl*RfDKi3aD_1BIF_~*mz&qfmP&;LdD!NoO=i$RH1{)0~`{5#`r|86+r z|M>p?FLD^(Y7#!hPC`s>L>QLg<|(*Ht->>E?S$a=vH*V0l@Y_0Ai?4>-Y0+PcTwYy z?0gWD`b2~@IrV#s-0UAiR*V{O%!N#1D2ql+6PrbeKkil*&CuwWBuAceTd;=k6Y3R0 zUi2q*vZ(MR{s8)L?X$WB_Q>KKYd0&Y!$e#H<8baKTc}N(C$P*IJbA#Sp~O?dRwFe= zR?{m&x@TviGNsc9eUPqAuL#XmiL(DN*xqpzWU%GS*#fP7it!@KBqq}B3p** zu%zSK%)-tjdE|wr6V>U&wsqwd>_h1?l*EfbOnhyUXIB7c{HK8Yi{FD%zi4*@%-sA- zhr`eBd$_6_`N_;_ejIa#KNZ+X-U-OWhE2U63}X%x%khnGykfd2$$rU>uuN$n)6wE7 zX~McyUmXg(n{QJuJaut?PoYj6rpY-nW^8V}$x`;Qhc@#JzL~_VvMVks9RmM;r9@h- zJ-()t+HBl27#ebQK6Df9g-X{46R&hjHCV(;h-AGGuo#ri15Nydj-FllN2XkLUug2J zyQCa^T3u63s7blU+0|8|z|;44l4qyR31XpTk&4Ls)3h!pN9f0e98y_md!ulFjaNw> zs&U@pqnn9%axSU(>DoU|62)Hs(9`b%Zd#N%T;6uC(MtW^S&2*o8%$qYe9fuv;v|yK z{Fv?^B)&T6SL}7>4>`8HRd`{w&+blowYLJu?=%^R;3j2F9epdHwcAUXfjq zyr||>n3|tTziz?oa3O4JxB_nCpMRg5++}{rFS5KKz`O_F86nJ`2y3oXuqlyv7ZoAW z_XLjbU)@@_DjA5GT0GKCYAX1Rq@srp9{1=fcy*?qKt$T4*8kzhO3m~o^*SzlW1uQJxg*j600bAzwl+ipOcap$s%aTOXVkTjp(C4b*QVw+^;yU+V+<57CW&$CP^P(M6oxpnl(*L)z{Ly|C41OLiJrd zZgfkaj$(BdtY)tpn0bgp;Cg0+8(OeEy8Q#6 z8vl>r0TU(cBe1P+YVDpEU|FPklkbzHEOCMVWN6R$$jgHI7Zcmt!ZPf%y=Y?e^`V`|p&PSG;fVXspTN($>?7-Z_mL&q21ga@i8)TyDSTn78 z)Pf0RC|GLm_UCOHsce~cSdesiOv@Ii*5{ptB*8jN^eQ& zntVK6;fE$aSa}(~jO-G20^X6TAsull!=de7?bhlcelh_^rfD5WLm>4EfcNS1j^7Rp z8IrPS@+^UCvAP;L0}05KuHxpGKq7z%`4B0xAv+T7POiFPF+i9LR}a}Bz{ELVM|qmP zoy35$uI`UK1wql-A|$Mm7`mZ8oVx&R`N~IRF@Q)3b?m^$F`Va$U+VS*=10HSDQo5N zgZF-8tDN2|zUJfhQOVoRPbyfR)9}ZhSDA$^jNMNeMUdk{u+vZH4V~;{m_X3lsiOQc zd3>X%&ql|hbQ$?3&H~;(uSE!jk+C9Mf)bt_(GoloTIo=P#Bih9sp{XoTUbujSgYTB zi{r~m?ai5sXqX$XKXjVG$DT1!MQhG4jtkbqDo5+?s5Kp*b^4=Q?a*T}5S+TN5I5d> zH(HfUy|*6W0<^^?}ifw2Ktv%%&LvMvX#59_H}nlg@#O2C2m)b z5E>z?Ja3=Bm^%@S#bp0>R>pB;U5P_;<>7|H2hu+=XgECQUZ)piuI~W%l%zO2+4!k1Cln#-OXeA!E;UZPaAlc5TNe<;o)Ab-+1JdXiH{(2t%P3^|zM=H;2hbP1KwiM?4KtBP% zG0}~0YvBau*aF$>_s)LSy5V0Ivjcdl-Xl#3x zWuA{HFSLuh#tld&siCar--elbGlQJXUO$kjxWc@9j~p#pNa3W=aE4-vUJZNl?#7fv z?3F~cgP|*ZQYMi`FMePv$4s78_H!XnsCOdu;N_FLk0uQ!hqg&Jj)KpUAG^BVBeL1q z>A~Zk&5=)r*zBr-vfPyuhgHjx&48>B-Z*1vl+a(X-t$%5wc3}!IiL{`gm&lYC;te* z9}Az+>iay2g6&kgwpGn?g|EtCyvLbTn5@@LyvH^W^JM%r)7F1HWT_TYNa8$J)ZM~3 z-eSPVBIfgsp%{G^a>bM7gKg^?Bg{cXNB>pzfHW`63jBiAaJbo<2?0~$1tP*{1{Q@r zPpjFEN&7Ck_T#^f=w(%;MD>{hBqllP{J2B7fZ~6bI)p^4yUoLlK)vZ%;?B=!!#hs{ zZf$^rdCF#~kWudKCbgZ);l+gy@NH90!BW`q*+45GvAClG^S6H(8=oUOKjR~xjgZCb z@3tTJpIvfLtYUYt{z6gyUP>e=*Mf)0T?3r+#=-cn!4??YbhRSL;d6)sRcB3d1=;u@U=sY zb5kwg>{;y%6te%iQ1ssmU6WxxpB>DXGmjE?%4vz`(&ab=n#Qy8r1n|OCBsQ=HTv(Z z08WJb39_7VzmXTU?Mvbn_xqkj3~R}!@7?w;m!f>ishUUtiZrjCU${mUkGEC_n~!tH ziIIOSc?8H@vjKb&O_2eoy7vQ)m!E#eM_h#A3;Lr&7nTfmyu0+`pe{PNd@fUxD=R)( z`K8~rYk-fmh4v6|@Lc*`&jOHG9D<9-&SU4GZC^D~WwDWq-Y}nw?({FWs4|Zd@*~j* zeUdnfd0F3JfTII-k4yLiia=(7{3|MAbqQ2;nLYWiCP8}OC=gxl;^E#+z||M{c{erm#GSYJja1$!T7UhVqEnIlpK$UbXa^ry!}#0FzztTn+2_9O z%|M`v8b{zoOGERi(*Z6+iJy0r0LIrYFA4aqdhh(aYXvSTeLe~VTJnDrxdU*~@o6=U zuY~Gr_pz_1@W1(Wv3VqK`chviJGORB8rLB#VvUk>g$v^MUAlHhvh>2-SDv)od9Awo zyqksX@z{62e%N%X{NvA;?;N-(pW)8@ZrzSJ^mn`ekg{^K&#~JnM_-fm^1FkZr}060ZH0eu?4fFN{U zu3x#R8{H2B(&A zH~w2+^YmOl$KtWu3%wPfXf7b1pW3eb{>`t4=YN500o?nOmKt~JkmmZskFEbI2nZ~9 zM9vzA0+NQ?ez^83B}UQr8vO4w=Eg6JGv=V%rA=iAGXFmLc6`4$`Cg@LzwUP`@9)## zx0Q?2U?z9R`#gP0s(k>MuR=zhwaLLneqqd>&QYq%6K~ z-kT>3b)|clz!yj}l_EZFCWYFS@0_7wM)w>kEqQNCD)Y*OlgT7Aic>j)3m*+0Iy}U& zAgh4#!Pt$nc1y}Kf9j9#Kr;tEKv>%sa+DEsUCOn*nb>ZVw|m9amx!aU?{38PdGiJ| z&pO$iKrwQ7<~4I-ml8ZZsv`$*y1XnXH4*-Z32N`W3gzj{4iU|K#Jr7&nY%}+7luo` zGKV7kFn3b4d{C^JS?G(I^tuil&2Wh(4NV=gN@S+PbnKvOR1MK6TP&IlF|-s z231@ECTywK`mslzX`HE^=+K_7!bsr*dADAdM`aahb%=2OTCZe_Shv=&OOEAk9-}Dg z`4E0+GdQ^a{d8MG7tE{T@aQL+t z7XcVIXfGI?_RSKql%^mnh}kf&@+?6kqig4JSJAHiRL4-*!cKu;UXynhGx@HdBK3lc z@hV?-gr8xGTZ&;dsOC0`kYZ0{+vZi1#pBv?#E^9Uc>hQI#!0iR7dWwv<$_68Mg$eK zwR=0ltycQ;dQaMZ2UIT$s63!eVGL&3ZnF30lXCKwt9Uk2*K3_uvgOW)Q##<<`sGCw zSOP85TyTEgHmSO19&00oEPL2`p~H+tOv*fVACoQYV~4Y-`RNv(k$&ZDec3{g~FeoG;s%uRpEodlG*pnJ=Ztb7!cC;(1g9r^J**ckZ!r-i8>nJ$kz3@HkJu$rf znS`UrtR{J(uR>%pMom%{mEvYQ5&ZTfZ$@_C;Osn??lHkoX2RtLhEsjkpt|oeP)(Io z0$CKv=8jHhiaOp4Ip)Ml0n|J;h(~=-yeM*BxwlMLR2QMTXUU*J>;AGLTI1E4Y)t8; z%SJb$?N?{LD+dg8FXMEZ5rJ7TgIvzA(Tj?z$_3Jviy__)om%$${LbCcCsLFahH%E3 zxT)gAUH&QFnu_f+*fx69AI4_%v3EKKcPcGT50wdd+%w}7v-$x2r3e*R1G^YYSO?oPJYUx&jJeu1h#i2Y|}hAXLZo)Vz+w=>e5!~`hho5Df)!u z@2bsF{Io`fxp+cf5M!YUdV;)j&7z|dH5jq7nqcH?!eo21)iJwcEpJ4vUsGO5n}Ue@ z_Yv3}5^Kb8D1(265zt{<|rdSJ$TWYGDUm-(|D%kf?QdTVUS% ztKt6V(s_tW-^1k4c2j2bp`=;g+e(mAHn8SG-nwfRKk=S9A?Fih8C$FH zjy~E6Oa3mXN$5Ps#FV?q4rCMuL$de6;+;>FF=Yb8PDW+j2nzgVb#)h|rbX&X}a&aZTU9eXhaRW0KX zuh&2)AUfUz#YlflZPm%h_(8JD&@Y^yiTzcpqMg8EzDjt$N%cco4av^BMj2lumCZ zUw>Ljp9SAY%t*5~E3b))a10tZq(>r{T!jI``+zAkuM}M6OQR`+pbc;J)mbV^a)HbM8G&D?o+`Se|>o6gbu^VqxPT>iiI-aM?S ztLq!a+Ll_ZRBc785XFI31yqX47*P=w1t&xV5)m<#FenjX2uZYPwW3C#fXEPA9GJr# zLkMxWm6?b@0trd95Tb-6l8}T9CwWgC>HYNU^UwQz&vSp5`Qu!dvWK zG|mL9X8oN^e3NvrM{(`C8!B2FRkVyu`z?tem%oev7m@TTe}T)?SI<0`5!2PF%vf0; z>OkD+i93G4bUyojf00EtmR^<_H|Cu6@~MMhP=)fKGwDf;JEZ>m%rOsSWlLgfTh3nM z)O&q4qp}jK!gr=C89WXTg@f*mcoFhdqs0w&c2Ki0UM{B!pW(7TrJlYPd^)$D6k^lP zYiuER=E59hgMFX;*`w&o(OrBTZgFo})=nDvx7^%CnM`{)+>`Z2%k{-w4@qa15pLgZ zyGcvJcZAv?I`igi#q8&%J{s&1-{O>r{h%_vOG^a!Nsb{R1D89SOgTp3(xGGXI(e#R zsKmIT+WZMjbDK0cr6b4ve7N$Hd#7whK%@Jf@=Yenk#8tpb^ayo+%8>p_E69UjWf=r zfq7p)(7#n3I%^=}xk)QZ97Hw+EsvPvmmVZBo7g7bSZ+AjU+;JfGJ_Z*Z46 zI+9?l+{8}vtd4<37p08|d?oeD984Z2BV1mc?Y8%XRCHXLh?R)kp?3i0CIcpTzhA7* z5f~-&6La zo>+ApI;Lxw(YfQg-m{b^)Lkfl zQ%YNd@t8+D-6x2M0&5LPgULFQCii-Sv7v$577scyoAfy4o&eKfVTwynE8Tk@I57SM zRjHuvS~d({afwRx3tlpmy;V1Gu&_NhsMh%91Hg8O<}i9a`LlMZt3R|a593_DuU);A zjEef<W1N6MI~qCBDtRu?GqrpW+XQ4cCc4hZ0PJkC?w;$GID zG*+`Q;EMbmGAuKXuahG%+9WP2l7xZPG4wrwSL?Wve1ZdoLD$E33`L`%$?HfcEL7pL zgTNB;3vzT5dadaBE71zEGlYBP7Yv~C*-p?_^7>F;PWlqdG zmO{%`Co#@;K%to-b;4+_(3iXvnxdZ<5+0TXhjQ?16|QC#-tT~bdxrsaMkhOU z;yVe#p`9wyqjuS2F0@HZUY3X9p+ozeqgP{xrdQ!Os9Y>u8fQdPJ6Aiw7h{lJ8CP%t z$fN4S!_RBG`6*PjLc5mTR+PO|WKcvw&trma<1#gUC|Os?P6oaqJ0hu3>O3dGyeVbk z%K)>!U1>E*&|v_oiX1~PVSM$jyWgE#!ai)-q@LQE?igK<c*@4D&C=RmU zI3VSBw=g$0s!=MYCUIJw9y27AIAMT*Oj=VT9*VXo&-T_xZzB!%+oJF(~66#A7{Jgm(6zWd91lXpwzAiAsT{gUjLiCf4I-4ilx%%a{yHx)J( zZtE8{&Z+^7C`3_ZxxTd{9Px6>y*cmkAaP|yay;qP#z(xwOCTOPEl-yvA6aMSk?fe+iM zvSO;)Y5Zg&rT{gjdft_AHD_cKz%xNG<5dgGlY~j?Q0j zZ}|ORnrd{9_L&T?)OWQpJq<&`UWLD6&D{Q5JqwRt|C`yx{pM=ldUAO_!9y-^e)e0w z^A`hof78wl0nz^{A_}zfkpeU)=%nWEVz5l!ujRYuwli&iM>|WJj1GFb)9FvssHJBb z7TlfwH++e@>^Wfq;f%cqCO?`G+pL4PUI1&%_f~x_k9)S}Z=Jm2%CwX;LBhlIMnoM3rrXKjGZ2>Cm# zE+NbFt|~3&`b@CY{LYcDhJ^Pb{tgFhnk$UNCy!$1y^e%-g7 z_5JaAe*+^1sqXVDE7C_=zWdDK@6@Wzb3)kbBLi1sIA+jL4~N)Z!TzmYVXzryi)l!Ro=47yx;Duu^Fbb&MG0yGg%M_} z>OZ6)N*8=HEHqnHweDpy(m}RG4_3o-*GU2}^UN;Ae8>x|Fh7TJF}pNMQ{5LB(3X=RCeU@3>;r~j@0^F-dj`?6}keN@%W(j$qsLT%OSker$<1Ld? zCULv2Wlg=;+{rVy1IHfS=o*{}a?*{_cY)Jf*-|DPG)^@nzMyw0AWJ0OM^cEm>Y z#8@x}f+b80GUVo%9BPd?ubvdnk=S@>UebtsUB4ZX52B{_WDaq$&$=? ze<<{>p~w`?$z%L5gChMA%3a-$GD{O34jJ#d`WEtj9vv1hV|3`BmgXH>>#@lp3oem2 zka?tzfk0hx+e<|x+`~n8SAtJ~|Ed{J?r%f0U8>A-S1WSiLnzPqU*Hb*ruQE`+w;cL z_jWe7D9k3;M{y3vP?orz07CG!-s~X<7!q!Wskoa1Q;&f@vRoxVG0Qy23Acki$&bjK zhE%5J1v|1a(NBUA4d%KQkUh==vSy@33spqu=@^s{(EJv*Vx(TusLnRz(-UX_0Dk0~ zi>rwkGN{$HT)xOYC)m<|!da=`MFFz$RZc2Py zkyG{79EZDcn)s+N_JR;~fGVrj+ZR?>v+}wpIU#c(l$q2fI&m@#9ga>AJU}+UVr-x* zWIf@d`OH)&b2P%(vGNOY*50w)qn;&fBH>T9tX3VZUhhQV3e*FLRA!j^J7UtUmz6?f zw~et6%Z_1ZR{LbdvdNl57&j^~#x*6yzd7_K4(T1*GuUSvAv-=rAqfl`mLp@bYqKo! zGl2+mi-PQ>0g;G9_W8fAT})CGMI20LGueGGcBOa!Q{;85|8N>}>{$Yh?A*b8nJ_%( zx_Mjk>=v#FbrBv9GLAcX_&R>@fmbL3cc)7mh8nAZgj0*#yR*B0fpOozlqeazEv~mTBWllsv8XT2P zdSpOuCNt}4Kzymj#oE0o5b6&OaS%2fZBnLUFpUV76o7R7n&x|RIB~bS8;zRh99jh` zSJq++T2A#7d820^JfHc4m7C=cBt>OJ=fKlaA?v{!LQ`mdNBl%@9!cuhdX7B~^z{qs z>=_9b6|q+5%qeutXgX8UB2mYy6xZCPA3L=5NV3jPQ*_We_Z_IVDt&9~aNmPysR#31 zAnFxtC(Jm2YSuNgPa#jR@Pg0*JmpElLw4Zsnz;HeaJalvQdG(@aQ4$(@3tCs3DuYL zM?}o?RNqwEGON89O=#xY*pZ$2D7WMlBoyjZFHu*0e_6||pj=_XD;<|Zs{L#qwjrEB zij4_ctIiiHxQt)=xy0?gY|&*f@e?}y~Byk#FRja$}N>D{sEt_&5^;?$&)V+2dP*$J<(!0^+| zz{;rWL75%+E#_q9@QNQSjY)=*9f}gWU{%Wfq!}QT{7f}l;yIj|*&V`Yg5uEiSKTLo zcy#l?gKxnp51o7ybMM~iu!ghdroEr4g*-nhJGjc3I?-4Dge`$&4l zIi8;`vOSP=|LLDGTBlSCng&b;h{~aR!RgHwzkvuqjhvZgag!H6!^#%U#0mclwSxM} z!FMpPURw)wiza-|sw5M4Xbzwdunyd}L!-K$OfO0~dcti~I@+tFVF$t)YFRI$iZOD( zYP1E@I18mlRWMe{2AdIttfqdh{UvbgzG~zfvYVN&`Zk(Ye&a2;QMk-%5h|syPVcgQ z@L1IE$mCf#Zj~nwlffy>a`dbD4I=<1I`MeoHBBp0SP{)n_jX+RG^#)nhGgFad z;oEwgVwbv4w^3JJr%8*>b>gfC0^3Y!-TJMOMgon0-*&`?m_tNGg{`A)ZqRIRp;I62 z&VRWMIQW>CeQ2F8MeOu4fuK@KSJ*42Qx9DC%i4o#D@}lOH|6W}x3eG(=cD`AV`fNJ z&nO46s@K$9Wri6=G__Q#Wc)-%#e`k+?FJMiU6dSwG8&`;HB|@VG-h+bM2V?%XkT^B zi)*dqqwUr0CX0RyWrsp2ak{&3$V%d}EbEmtzh+SqXy}LHgXKW0`ll>4UbQWFYpr)z zWz%&H2L#=sRd9=JGFt1_HzPAbz;9yHMDFU`KdW2Fv;hI0@*>5%zaxU;sY@0eAF5{R z`i&R|H!?|~l({y*h94m>R9h(kF7!MbzT!KAC*2;TZG#Cy2MeA+jdh8e;v8S`TfaTD z(W7nT(C9RPvATFC4NlEwE`keSe5Tj}MyH^GQbbl2iqx^=XspRI*mcF_XZ z>jx^X#|k%w$D}$rqnCB#w}FN#+&4$(dRIVgNQC(^aejPt%Q>F<=$ySylzyD|V0+Lp zayLJVdaFzM^kw(C2yRNqcAKQ7LnS&!keSWO3Jy*rxf9d*sk?SU(x^as<|M0ypzf&A z$2B^C=rt@~SJQSIVa0!%iFbmMy1Ds@lAhm9HG{xkYX)zV$x9vYWY+zZeKaBUN9BmT zp<^8V>rSKo_pHS_U93eF?l#f5Ozt8OHp-O{Y#vQ#=<>IbkdV5IP2udFlDg>C&bYEW zF<7LFv&+<2bmpHWO*}?mdQNT)mSjgHjKoX-#e7sL9>!*6F<8=AIbV{$DYqBh(}ALj zu|6JuUuO6?9g!{+-lP0|xOE8x3#ER4Tj==U)XLFk(*LX7{+d z8f^kRyg-x%N&O8B=Cl5-jGy=Kp1*;w&keT(U!U9Z0dip#c?qc?eD+V&WhA%S_|_leU~>t}Y;EJpkB~n7uhcEr zr@C@3@4|)g9V#&MH|n+2Y~{QUHL$H-!nP6-$wuElFFef7*485(H_L1;cGomB-$`-R z@aGwDy?!hh6!f?sk^H!(V)o3`{1(q?W|us`_X01S1pT1r?aNoFIhX%|sqq3YAs(Za zkMyTBNH!h$C)Uc=6zV08&_taH(R3e@$NW>{^WW|B?D^*=&Yx#E;>X5yaGYwC7bs(k zFh<{bWB;H=5>Sn@(2M^`7g4*Ya6a9HPkKsU>-GxWE)Zb+FPx!IW+I3tCK0FH4WWYu zAnMnDD{#(QRoGD5fXx5_LRQ=~utM1(@84SdN0dN+@&8@0 zKH)lh%H1!h6Q3J8wsSrCbqsA5oK`JUT}EN7Pp6~`2Dvj1gBc*xukT_q++4^N zp7v$W*n@c{cQn0L1^n+~y=%KlU}~-~seZ68Ezk&<;M5HE>j6*us&sIuF)aV4oCfzG z{KlSocfI6LhIxgm_gW^HO#**Wj|QsB^KPVpe>z}Vm@9gr&XmZI*T4Sr@oAi2?V_*n z{5HB=JHcp;C1|?1nE9tudhuDjz(6LWGdZYD$^`py4Dk;FNgh}VaD`U31nvuSu(e$i zH|{laW~%T-hOO-$mtaY0z_nh7tX`J=EkFoLVneTu78#&v)&y2r! zo3~PePd8ux{tq)#ef@J{DY3t`^{>0Ptad8Ll)_nJnPB_jXO#is<1o{?p{sAtjh{OG zcY7(vs~nKl1L#jEgx@PNhR(P-TFsm}&qaIV!iDCz@$EBb7UkNj@7LWxI*DJOC#dqT z?wxD#iZG%1@9znK`w0;?xqu(M5%6r~Uw|R-u0ifO&a6~UT}QQ zUp5(drglDFImf^f zm$~mRrTlN>&wrj8$L%T_GuyRIwE;XWW7<56z$-?t|1tN06_lW7kzl|Wq&Z^gd_P~9 zk9HYyTHi9dL&m+<{}EjWhk0OAy%*bBUJb16z3$JlKJEgJ@@;|TgReOY zg+c^`5Vvd4R=zpfKNgH$54OGl>NcQ|*{tBGKJ$h?)t$POvz!HFG2Nv2kbsO;6V6#9^qZZ9bG<=Vo z`C=2~8%*Dex1GcUV(|NhM=O#Un!eE~9N61$@=RI9i}588OQ=-i`UqN=A1iUtrT^xedXwV!x6V@$Q^7$+!PYXJ8W!P3vqR2aZwb!Q&}II^3g+^k?&Q@G zfLw1|Tg$8jmfu=ygw+NJNT>#sVOn5l#+cn)KP($)d%OtmsA5%7NW^L11dvTAs7dc<6SrzOQh2H$MQrQth~Qs!XlAkh@NT z{N}cEU*wv%Q@`$B;}=|&>3xJ=wz%+J({P~b;XvuE9lE*%2@nAKut=Gj{s&-$5O{ z84K>!Ulybtu}^8PZ~3krTvGd2 zQExQr2qLKK-4F*Sljrwuu43_wf&U^Ub%KJpAbeBRAx~J6R_-ZVR6%r({V??rky0+)L|fc+Sxa`wY%We8Kf&M09z6R2Ze>gZrP+O_e>6mbcYsjt<(ZJqpTrXns?X zO@C(}6TBmij!H$3#5cb*wSTbcwSc;lWjH@cK8=1Zw9FK)1n6#@%M025E)0PmzKtul z|JOlT&TZVe03BP}^h=}!{(>ZqqN&_Fd(-Vl>#|Mp&Kuu9&Q%@M$3q0M(*T;Vkx>xO zIiHny#BFzYB3-2)ZoF7+{}nf$J5P@Rj10O?lp5_TbIrdx(@pf%#J5+!Rvi3d+T0HM zoM|)t9&f2%ylCb^i)pjAEyCkNK&d(+%lZ5IekePD>u(zmJ^;S&*s^*cr7hemSdmH zPDsoc^}73u`;wL*{39FcSh7KUCEmz zgY{W>qw9EqRjRU98A%*@p|c6F7zgiSxeec##Y$v*+*O|qo9+wkAIqX)hVq zA!~^4jj@s;x~CRUyq^GJ8g%l=^Gg5E^8r_&KKFj^ z?z@-K9)(E>K-@&L_q}W~Ifc{}T%+^eW3|Y~YE8T@n4!8=e5*1ZQjBk@3p_it!duk{ z6ENRMp~B{lu1TUr#Q*-3@qj_L5fN3sp*tj!q69ZY{zJ%GFwkRq{q0}?5>N`9? zJg>06jDw-dIFbc`4k;FkvBE{i`JHZ3f9%)gi!8UrWx^{Bt5vB@Z1+{AbqRr7XN?9| z>$XJzwRH3mvh#R$SnRR!v!T3U7Qc)ndm%H6|K638ig61jTq&!IrQjR2*zG)afo`vH zzLZBQfEEOvQ0Mmpk7+jhJZXmeu8zf>C&!i4J{89;DQPI7F4K=NUx~e@K(7ld zAbAZg*!SR|tlnHPjb?aoq=cSwyX*NdESR#_YIU&rFF`my>r5!m(9d;ATq7T4)+v$Q z@;?=YWdN4_L5;OdEFZG}$h1O(m}~K^&IXsn4AhdSYsE5kfgtuINuguSSP;sL2zD!X zRVd3icfjEZo(NTRZTtm}l-bYirzPNPC+R#~+F%H$3RLB8K0-;I_#Qp4yI9Or)k@eu z)fpRWky>%P%K18c(mL@j?un~U4T}{LmV}L|A)GnZn0)Bue9WQ%N{~f0a6PSS#XO($ zzW`}vx~Fpj0EB(@Na`c4)TQujEkE9Jcy@whi~+mQm9Rr{*%0`1O%u>iww$z}gj@pb z(cOq~gf=RV1RDXZM=#zx5KtTHMhwHzJ(6Khq~oe0Qb~-Rr8@;*o>WyXxUVE(+zL|a z2f8GUJ<)8!75&?p%74TIbHdMO$r0HXAtL6PC?cT%&hg- zqOaA$Awjw&GGvJ$gUPW2lp&14NOMYPkowrTLKv+y&y%P|RN}QGSR((c^&DP+Q4~N> zNfJhwHxkf%){BGAM*QAdMtTi{I|NW$(-T~hT?+1nn4X+i@iZDpV&X}JNTR~l+Nc!@ zomSVY^3ur)khJCGRA$5MQ21o7l7m+Izy*wYCr7zfyVS|`3yI@;3ao4og$I9e8TLb( zZ{2sHD_@4pSRPh}<|P+QE$i|M$sp>e&=CfSnwLb`D5Z_OSXho@7!+5)TQ%_nxnhgj z&Ju~DT#2!h`4iwi*xF)%OMvl?;yXjD&7XfKzq$mW`PMD*5_Gxcke1l%`2t!OUznv! zsNu>{^1(8MBz+*bmv!bSA^HF%2g00ny^s2ifg&bd zD&@|Tr~^%#=>1lb77^AaR>h3p#qHzAF!t8LmOLFHt4G9IvImV@QlD2Z3+%HCv^RB$ z84R^tP6{Re7(hPd||K^9iwt zqsxyMaA-_%IM(V0aa89PVfny$XwkM#`3e^F7m+h7TV8+1c)+t!#={$jc1fQsSHtm1 z<3Qt4(h$?R-oGsA@ES%eE*eMV$b$WC_xt!aEB*D>K;BKpump`VxD4Yuw2bsi`CD;+ z-E8??>G2TUN@;8XP>ol|gf=PJ*l6`Q?MTh0U`!_`kP@J)#OD_%0`nXvv*li{6$HW2 zX+t8hR{MgLDUq?yYqWvOhD&zK4MRY0_`A*ZJFDwaSJ!hvzZOXIzbXvlv)nkURuWSD zXK9AjL7+*?!<;`JM^Go;pueEUgebqrX{Ua5I-*$2I+gpdT0JQ)bpjQO~6 z>@Xf#j!)XPQ+tytI~FSiPNW@exLktI`tB}fo`+brmK0zz5UT>gXQ8T%m+sFBz!*-| z8P;;3Vs$I4Hilu&fw}6=h6d=W31dyL_+YAT{D5hz9G@>s+@%@Snm;FoOqb$tuzLZu zQ8v^=qn2BlAx9*k`-anSL--eMZ*3=vG9+!$TI4&OKU6S+9k)74g%>wGD`FCcrd8m5 zF5}|^GyP|&1mZ59#<^E5ahzMC&!rumB;4CJ66$WvSzcGlhAqND-A`(vUndc|2ghiD zwJ}|^r&vbUHsXTYEahR~5>{5l#D(;dxQhwHfJJoY08=km2Q@?rrw?EH1Z8?gG6pefI_Ku3xt?nZ&^O)V+@17v=Rr`)dQF zS^Q7&3?cKnf0~k=2c)=r%Fl-Gr*tL6H!iF#=H;k;noOK} z5Zxg55>|^Lr=W4GPmL?%*He`n1jWSOPZn6$4~skx5`qy9eJ4HNuH47coahOKyAW=d zS?@8A!(7PheZ>9=p6{}fhkQIcp*9N|$B-vTuX}vKzIuL%OB?xs@tP}Vo{!Rh;pP0k z;)itwxQxpQg03sk9!QdVq6d0hqdY6jwws}=Q$+#_I>Wz5U1SX1!fqh)&##P?^|sDy zpZD3Y>Di0doDDVl)ps$N(ih&};ev@m0N+8N?_&7tWXel+qg9+Bjlx4*Cn%ci9VJUy zkDB&l&Lo^%9h7nt22`TG(#Sn8pb5jhzXTD2eXOG1i*>+5GZrON_{c7n0K0U57}2x< ztn69m$b;b*kCtPe_cB}+qi&;Gt#yOCgx0xVw_Y8OJ+l*_DhX>fG1`W*e^cnt@XI6W z4Tg)422ujJI4n_Cz{{d!K**7Hp0C$VQELj&k9yT)@=MuX!zJ(_02XMR)IzsaS|i;v zuEQ;H)~k$vTR+}iJ+N4|kxS#%%^!j4WG3%Np~Gdk$&hX6SyEtl?q7YMKNnhB5{ma4d&ZB?18a{>NNH0h!C{Q`{jh}jZa$$}qoUFV`5)eumuL^PdNI7spF?}r6 zdJnBq6=77C8NN+r4(tZh+85GxYts1?oR3xIBqc5-?BH>C7K~i2FlrOsWzc+CBNuD8 z!ALFO)lkBNnFDq}lcN4a4?jjib|U7FkI1?gV`~kRLK5L*2baLW$3hc#;?GTTfCODJ z#c>eUprI>1vKCDP)X}thK@pXB6x>%(0bgJ}9x>TYr6ecCKL$PieCna^GRT{Yv?)&! z3ta2|vc$^cC$IK1QXGu8cz|T+%u!Xd+h|>D;4&4%Z>i;v3M8aRfQD$YNP&Q%1C2PM zaX6=+m~O;ezkK3Q1Vo=i+g8>X(oF&3XH`M<7F}U#x-GJz@ zb5_r=5i`lg0b)q{u+bsF_^${f;zup2F>#VZA{&*q2>5$IhatI|&XovuvJ(z49OdVh zA;1U%2vj>UR6771(Cm;TniSy(|Ln&;3WvjTqwSNOK$pl;4|xCC^%;M6eg!t>tw5{Pth6>>=!W?2Vb}eHx@d1}&#sSb<^uwy*y^y0Sb%adzxzb5!5i3Xi zb?+vsrqKpg2iO!U&l7t2vja4sK(lBopfDvw!0kt2An4yzpLZLs~gDWSh+T8{O8N=6P$@XJ`hDVTPg0wmIbrJ-JD5(A*O^X4KE+)W>SX|B@@TOR*>KmAsF3 zjvtS08VU(8eM|fo1@PUr3X-beF zTeo!7V?Tr!1FNpHP9+6edw@r5LCl?mZdNT)XTa>FE79iBS?`etr|<03RnI~#<+ZsZ zP{q$>I6v6kT6w@yp>|1RYR}>IihCrhpOqdu?lCplnA^2xG;5UgbGPQ5TVq!P z^zuVPA!O^Tx`^?c`)&T!8{NZZ;fp-FV`!d^mYk76CAD^wg7>U8d_>m^jaA=C*d^t3 z(X?{ZNCJo1t2%0QDM+bYPUcs#peb4gwN*{Xx<%gWHpqH5Lm;J%Bqc>9B`9Du`|gD_Xp+Z}2%eA(fb zD%a@?=y9tAV{40N@JEn}X%+k3uD07ru6#$YxLGXAFuxoe4TJ#9b@j~t7YTK+_VikY z`K1{|q-+>hzgM*|WRp$W&`QQ(&8ft?`WdZFim34;0sA4b;9<*@Km?R>HAj@ovy)7# zpySfmC`5vcb^oa6JeOknwIAWvo<>qK&KF^ogu4D0l>Vpyf>fg75e7$QjWM zc^zh0iU)xbxlb?PUcE`Ya5W>a1PJlLR!7oMCrKOwPpc>b1E>W*2?d{RaeO*<*80_# zZ$ihmrh&4N%DZ%nXt7yr4?o3O;hn7{i1J4v0w1EWfQfnR`I0Q+%svr+HCs(CMm{d^ z*e5`rjCSD=0Jod?@-D+Dl7<}52|L;NUN!XXBU2h|UIoLkyLVaH#k)z^Wi{Lm zrdxNlEXT$aHbz)pDM^0BvG6fJ+`kxm%d-xx1EPByk&Mnr*;;iZbg#1cOcYD?%EyqT zh2|8Hf$O?cx8Cm?wGAc-sy#)^(~An2E(*YgXNQPgCsq%30c0kRE0V~}B-bfGWV^nh z+Cwf<7Jo3f+kx_99`(t!Zz6$TlD8j=2E}8K-E}bMog14rocSK8TYfCY#E9ebXDq)} zYYOm2y^ck{(?s9v!5`G;CiRVny}s}_mI-aFGQU;(4m(`=W|TL$#M|L1&u{EGXga{! zY<^?C3y!MZjPfR~+5TqufsaIf0M768~p7AC>j#_>Urdk;L$m>>3ol)gz7*o%=lDvH)M0KNP?K`Mu zX@{6#)IlfsdO%N$#ixNiBP_RztIRPgj8YmzFEkjR8x>Fu4L<$cO-ygQ(rKbv0I1fX z{LWzBIq}dty(EL2*mw=G4W%U+ht-N3a>x*vR_ITDT0iQ=Z-p2-E%A%9{OBD&ns0iV zYnV{uby$TumZ6(Z_(Al|wWhbed(Vn&T@U~vykas;W68w@VIE*ek>%0M)jR@kQq&j; z+C-KsIEJDm@QAWHP?+?I0-WSJ7}8vUC#fGYSj-WE)`uWU$eRayrq< zABr~6Ju0qve21gB&w7p*2XI#8VCLb+1I;yh}agACXK|$7^%iZ}5)tCHK zWJ=!kk|86aIyv&@EevkVZybU>VNrU-ayu!YrLs&E825lN8KAOKC=tLbN}SCZCc<(%s>=Mi=N8A~MI*mX z7!71YkyZUxNU0$|$T4!B^{)L&zj2a5!Z28&mYrdO3IsL}d&Y$QAeRv17FM}N6+QIb zri-@EmN_n9VCTWkd3^7&4*RvV2>Nwa6qaU=+;&I$YgbsF~vfBj@b-yUoa;5_#HTzcz%>58nLT z_Wb6jv$aw#1QYQ^!&>aF>(@NKpzJzt2OF~OC^C3>K#gPT2+pDzr>s>sessisy;eVh zb|R=H#03YpLu7&EdaV()&)=+vJkaJc6_y1G5vN)>5Nv&b<#v=%yMmz`zN4AD@MVbP z_*1uO&kl}yy)?1aEB@3EFGF0Q_msk1Uyg&w{FG( google.protobuf.Timestamp + 33, // 1: baseca.v1.CertificateParameter.issued_date:type_name -> google.protobuf.Timestamp + 33, // 2: baseca.v1.CertificateParameter.revoke_date:type_name -> google.protobuf.Timestamp + 1, // 3: baseca.v1.CertificatesParameter.certificates:type_name -> baseca.v1.CertificateParameter + 1, // 4: baseca.v1.SignedCertificate.metadata:type_name -> baseca.v1.CertificateParameter + 33, // 5: baseca.v1.RevokeCertificateResponse.revocation_date:type_name -> google.protobuf.Timestamp + 3, // 6: baseca.v1.OperationsSignRequest.certificate_authority:type_name -> baseca.v1.CertificateAuthorityParameter + 33, // 7: baseca.v1.User.credential_changed_at:type_name -> google.protobuf.Timestamp + 33, // 8: baseca.v1.User.created_at:type_name -> google.protobuf.Timestamp + 11, // 9: baseca.v1.Users.users:type_name -> baseca.v1.User + 11, // 10: baseca.v1.LoginUserResponse.user:type_name -> baseca.v1.User + 24, // 11: baseca.v1.CreateServiceAccountRequest.node_attestation:type_name -> baseca.v1.NodeAttestation + 24, // 12: baseca.v1.CreateServiceAccountResponse.node_attestation:type_name -> baseca.v1.NodeAttestation + 33, // 13: baseca.v1.CreateServiceAccountResponse.created_at:type_name -> google.protobuf.Timestamp + 24, // 14: baseca.v1.ServiceAccount.node_attestation:type_name -> baseca.v1.NodeAttestation + 33, // 15: baseca.v1.ServiceAccount.created_at:type_name -> google.protobuf.Timestamp + 22, // 16: baseca.v1.ServiceAccounts.service_accounts:type_name -> baseca.v1.ServiceAccount + 25, // 17: baseca.v1.NodeAttestation.aws_iid:type_name -> baseca.v1.AWSInstanceIdentityDocument + 32, // 18: baseca.v1.AWSInstanceIdentityDocument.instance_tags:type_name -> baseca.v1.AWSInstanceIdentityDocument.InstanceTagsEntry + 20, // 19: baseca.v1.ProvisionServiceAccountRequest.account:type_name -> baseca.v1.CreateServiceAccountRequest + 21, // 20: baseca.v1.ProvisionServiceAccountResponse.account:type_name -> baseca.v1.CreateServiceAccountResponse + 0, // 21: baseca.v1.HealthCheckResponse.status:type_name -> baseca.v1.HealthCheckResponse.ServingStatus + 4, // 22: baseca.v1.Certificate.SignCSR:input_type -> baseca.v1.CertificateSigningRequest + 6, // 23: baseca.v1.Certificate.GetCertificate:input_type -> baseca.v1.CertificateSerialNumber + 7, // 24: baseca.v1.Certificate.ListCertificates:input_type -> baseca.v1.ListCertificatesRequest + 8, // 25: baseca.v1.Certificate.RevokeCertificate:input_type -> baseca.v1.RevokeCertificateRequest + 10, // 26: baseca.v1.Certificate.OperationsSignCSR:input_type -> baseca.v1.OperationsSignRequest + 13, // 27: baseca.v1.Account.LoginUser:input_type -> baseca.v1.LoginUserRequest + 15, // 28: baseca.v1.Account.DeleteUser:input_type -> baseca.v1.UsernameRequest + 15, // 29: baseca.v1.Account.GetUser:input_type -> baseca.v1.UsernameRequest + 16, // 30: baseca.v1.Account.ListUsers:input_type -> baseca.v1.QueryParameter + 17, // 31: baseca.v1.Account.CreateUser:input_type -> baseca.v1.CreateUserRequest + 18, // 32: baseca.v1.Account.UpdateUserCredentials:input_type -> baseca.v1.UpdateCredentialsRequest + 19, // 33: baseca.v1.Account.UpdateUserPermissions:input_type -> baseca.v1.UpdatePermissionsRequest + 20, // 34: baseca.v1.Service.CreateServiceAccount:input_type -> baseca.v1.CreateServiceAccountRequest + 28, // 35: baseca.v1.Service.ProvisionServiceAccount:input_type -> baseca.v1.ProvisionServiceAccountRequest + 16, // 36: baseca.v1.Service.ListServiceAccounts:input_type -> baseca.v1.QueryParameter + 26, // 37: baseca.v1.Service.GetServiceAccountUuid:input_type -> baseca.v1.ServiceAccountId + 27, // 38: baseca.v1.Service.GetServiceAccountName:input_type -> baseca.v1.ServiceAccountName + 26, // 39: baseca.v1.Service.DeleteServiceAccount:input_type -> baseca.v1.ServiceAccountId + 30, // 40: baseca.v1.Health.Check:input_type -> baseca.v1.HealthCheckRequest + 5, // 41: baseca.v1.Certificate.SignCSR:output_type -> baseca.v1.SignedCertificate + 1, // 42: baseca.v1.Certificate.GetCertificate:output_type -> baseca.v1.CertificateParameter + 2, // 43: baseca.v1.Certificate.ListCertificates:output_type -> baseca.v1.CertificatesParameter + 9, // 44: baseca.v1.Certificate.RevokeCertificate:output_type -> baseca.v1.RevokeCertificateResponse + 5, // 45: baseca.v1.Certificate.OperationsSignCSR:output_type -> baseca.v1.SignedCertificate + 14, // 46: baseca.v1.Account.LoginUser:output_type -> baseca.v1.LoginUserResponse + 34, // 47: baseca.v1.Account.DeleteUser:output_type -> google.protobuf.Empty + 11, // 48: baseca.v1.Account.GetUser:output_type -> baseca.v1.User + 12, // 49: baseca.v1.Account.ListUsers:output_type -> baseca.v1.Users + 11, // 50: baseca.v1.Account.CreateUser:output_type -> baseca.v1.User + 11, // 51: baseca.v1.Account.UpdateUserCredentials:output_type -> baseca.v1.User + 11, // 52: baseca.v1.Account.UpdateUserPermissions:output_type -> baseca.v1.User + 21, // 53: baseca.v1.Service.CreateServiceAccount:output_type -> baseca.v1.CreateServiceAccountResponse + 29, // 54: baseca.v1.Service.ProvisionServiceAccount:output_type -> baseca.v1.ProvisionServiceAccountResponse + 23, // 55: baseca.v1.Service.ListServiceAccounts:output_type -> baseca.v1.ServiceAccounts + 22, // 56: baseca.v1.Service.GetServiceAccountUuid:output_type -> baseca.v1.ServiceAccount + 23, // 57: baseca.v1.Service.GetServiceAccountName:output_type -> baseca.v1.ServiceAccounts + 34, // 58: baseca.v1.Service.DeleteServiceAccount:output_type -> google.protobuf.Empty + 31, // 59: baseca.v1.Health.Check:output_type -> baseca.v1.HealthCheckResponse + 41, // [41:60] is the sub-list for method output_type + 22, // [22:41] is the sub-list for method input_type + 22, // [22:22] is the sub-list for extension type_name + 22, // [22:22] is the sub-list for extension extendee + 0, // [0:22] is the sub-list for field type_name +} + +func init() { file_baseca_v1_api_proto_init() } +func file_baseca_v1_api_proto_init() { + if File_baseca_v1_api_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_baseca_v1_api_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CertificateParameter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CertificatesParameter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CertificateAuthorityParameter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CertificateSigningRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*SignedCertificate); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CertificateSerialNumber); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ListCertificatesRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RevokeCertificateRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*RevokeCertificateResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*OperationsSignRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*User); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Users); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*LoginUserRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*LoginUserResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UsernameRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*QueryParameter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateUserRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UpdateCredentialsRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UpdatePermissionsRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateServiceAccountRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateServiceAccountResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ServiceAccount); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ServiceAccounts); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*NodeAttestation); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*AWSInstanceIdentityDocument); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ServiceAccountId); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ServiceAccountName); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ProvisionServiceAccountRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[28].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*ProvisionServiceAccountResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[29].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*HealthCheckRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_baseca_v1_api_proto_msgTypes[30].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*HealthCheckResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + file_baseca_v1_api_proto_msgTypes[19].OneofWrappers = []interface{}{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_baseca_v1_api_proto_rawDesc, + NumEnums: 1, + NumMessages: 32, + NumExtensions: 0, + NumServices: 4, + }, + GoTypes: file_baseca_v1_api_proto_goTypes, + DependencyIndexes: file_baseca_v1_api_proto_depIdxs, + EnumInfos: file_baseca_v1_api_proto_enumTypes, + MessageInfos: file_baseca_v1_api_proto_msgTypes, + }.Build() + File_baseca_v1_api_proto = out.File + file_baseca_v1_api_proto_rawDesc = nil + file_baseca_v1_api_proto_goTypes = nil + file_baseca_v1_api_proto_depIdxs = nil +} diff --git a/gen/go/baseca/v1/api_grpc.pb.go b/gen/go/baseca/v1/api_grpc.pb.go new file mode 100644 index 0000000..8308499 --- /dev/null +++ b/gen/go/baseca/v1/api_grpc.pb.go @@ -0,0 +1,904 @@ +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.2.0 +// - protoc (unknown) +// source: baseca/v1/api.proto + +package apiv1 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" + emptypb "google.golang.org/protobuf/types/known/emptypb" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.32.0 or later. +const _ = grpc.SupportPackageIsVersion7 + +// CertificateClient is the client API for Certificate service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type CertificateClient interface { + SignCSR(ctx context.Context, in *CertificateSigningRequest, opts ...grpc.CallOption) (*SignedCertificate, error) + GetCertificate(ctx context.Context, in *CertificateSerialNumber, opts ...grpc.CallOption) (*CertificateParameter, error) + ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*CertificatesParameter, error) + RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*RevokeCertificateResponse, error) + OperationsSignCSR(ctx context.Context, in *OperationsSignRequest, opts ...grpc.CallOption) (*SignedCertificate, error) +} + +type certificateClient struct { + cc grpc.ClientConnInterface +} + +func NewCertificateClient(cc grpc.ClientConnInterface) CertificateClient { + return &certificateClient{cc} +} + +func (c *certificateClient) SignCSR(ctx context.Context, in *CertificateSigningRequest, opts ...grpc.CallOption) (*SignedCertificate, error) { + out := new(SignedCertificate) + err := c.cc.Invoke(ctx, "/baseca.v1.Certificate/SignCSR", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *certificateClient) GetCertificate(ctx context.Context, in *CertificateSerialNumber, opts ...grpc.CallOption) (*CertificateParameter, error) { + out := new(CertificateParameter) + err := c.cc.Invoke(ctx, "/baseca.v1.Certificate/GetCertificate", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *certificateClient) ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*CertificatesParameter, error) { + out := new(CertificatesParameter) + err := c.cc.Invoke(ctx, "/baseca.v1.Certificate/ListCertificates", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *certificateClient) RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*RevokeCertificateResponse, error) { + out := new(RevokeCertificateResponse) + err := c.cc.Invoke(ctx, "/baseca.v1.Certificate/RevokeCertificate", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *certificateClient) OperationsSignCSR(ctx context.Context, in *OperationsSignRequest, opts ...grpc.CallOption) (*SignedCertificate, error) { + out := new(SignedCertificate) + err := c.cc.Invoke(ctx, "/baseca.v1.Certificate/OperationsSignCSR", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// CertificateServer is the server API for Certificate service. +// All implementations must embed UnimplementedCertificateServer +// for forward compatibility +type CertificateServer interface { + SignCSR(context.Context, *CertificateSigningRequest) (*SignedCertificate, error) + GetCertificate(context.Context, *CertificateSerialNumber) (*CertificateParameter, error) + ListCertificates(context.Context, *ListCertificatesRequest) (*CertificatesParameter, error) + RevokeCertificate(context.Context, *RevokeCertificateRequest) (*RevokeCertificateResponse, error) + OperationsSignCSR(context.Context, *OperationsSignRequest) (*SignedCertificate, error) + mustEmbedUnimplementedCertificateServer() +} + +// UnimplementedCertificateServer must be embedded to have forward compatible implementations. +type UnimplementedCertificateServer struct { +} + +func (UnimplementedCertificateServer) SignCSR(context.Context, *CertificateSigningRequest) (*SignedCertificate, error) { + return nil, status.Errorf(codes.Unimplemented, "method SignCSR not implemented") +} +func (UnimplementedCertificateServer) GetCertificate(context.Context, *CertificateSerialNumber) (*CertificateParameter, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetCertificate not implemented") +} +func (UnimplementedCertificateServer) ListCertificates(context.Context, *ListCertificatesRequest) (*CertificatesParameter, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListCertificates not implemented") +} +func (UnimplementedCertificateServer) RevokeCertificate(context.Context, *RevokeCertificateRequest) (*RevokeCertificateResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method RevokeCertificate not implemented") +} +func (UnimplementedCertificateServer) OperationsSignCSR(context.Context, *OperationsSignRequest) (*SignedCertificate, error) { + return nil, status.Errorf(codes.Unimplemented, "method OperationsSignCSR not implemented") +} +func (UnimplementedCertificateServer) mustEmbedUnimplementedCertificateServer() {} + +// UnsafeCertificateServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to CertificateServer will +// result in compilation errors. +type UnsafeCertificateServer interface { + mustEmbedUnimplementedCertificateServer() +} + +func RegisterCertificateServer(s grpc.ServiceRegistrar, srv CertificateServer) { + s.RegisterService(&Certificate_ServiceDesc, srv) +} + +func _Certificate_SignCSR_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CertificateSigningRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(CertificateServer).SignCSR(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Certificate/SignCSR", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(CertificateServer).SignCSR(ctx, req.(*CertificateSigningRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Certificate_GetCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CertificateSerialNumber) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(CertificateServer).GetCertificate(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Certificate/GetCertificate", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(CertificateServer).GetCertificate(ctx, req.(*CertificateSerialNumber)) + } + return interceptor(ctx, in, info, handler) +} + +func _Certificate_ListCertificates_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ListCertificatesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(CertificateServer).ListCertificates(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Certificate/ListCertificates", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(CertificateServer).ListCertificates(ctx, req.(*ListCertificatesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Certificate_RevokeCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(RevokeCertificateRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(CertificateServer).RevokeCertificate(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Certificate/RevokeCertificate", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(CertificateServer).RevokeCertificate(ctx, req.(*RevokeCertificateRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Certificate_OperationsSignCSR_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(OperationsSignRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(CertificateServer).OperationsSignCSR(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Certificate/OperationsSignCSR", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(CertificateServer).OperationsSignCSR(ctx, req.(*OperationsSignRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// Certificate_ServiceDesc is the grpc.ServiceDesc for Certificate service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Certificate_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "baseca.v1.Certificate", + HandlerType: (*CertificateServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "SignCSR", + Handler: _Certificate_SignCSR_Handler, + }, + { + MethodName: "GetCertificate", + Handler: _Certificate_GetCertificate_Handler, + }, + { + MethodName: "ListCertificates", + Handler: _Certificate_ListCertificates_Handler, + }, + { + MethodName: "RevokeCertificate", + Handler: _Certificate_RevokeCertificate_Handler, + }, + { + MethodName: "OperationsSignCSR", + Handler: _Certificate_OperationsSignCSR_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "baseca/v1/api.proto", +} + +// AccountClient is the client API for Account service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type AccountClient interface { + LoginUser(ctx context.Context, in *LoginUserRequest, opts ...grpc.CallOption) (*LoginUserResponse, error) + DeleteUser(ctx context.Context, in *UsernameRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) + GetUser(ctx context.Context, in *UsernameRequest, opts ...grpc.CallOption) (*User, error) + ListUsers(ctx context.Context, in *QueryParameter, opts ...grpc.CallOption) (*Users, error) + CreateUser(ctx context.Context, in *CreateUserRequest, opts ...grpc.CallOption) (*User, error) + UpdateUserCredentials(ctx context.Context, in *UpdateCredentialsRequest, opts ...grpc.CallOption) (*User, error) + UpdateUserPermissions(ctx context.Context, in *UpdatePermissionsRequest, opts ...grpc.CallOption) (*User, error) +} + +type accountClient struct { + cc grpc.ClientConnInterface +} + +func NewAccountClient(cc grpc.ClientConnInterface) AccountClient { + return &accountClient{cc} +} + +func (c *accountClient) LoginUser(ctx context.Context, in *LoginUserRequest, opts ...grpc.CallOption) (*LoginUserResponse, error) { + out := new(LoginUserResponse) + err := c.cc.Invoke(ctx, "/baseca.v1.Account/LoginUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *accountClient) DeleteUser(ctx context.Context, in *UsernameRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) { + out := new(emptypb.Empty) + err := c.cc.Invoke(ctx, "/baseca.v1.Account/DeleteUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *accountClient) GetUser(ctx context.Context, in *UsernameRequest, opts ...grpc.CallOption) (*User, error) { + out := new(User) + err := c.cc.Invoke(ctx, "/baseca.v1.Account/GetUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *accountClient) ListUsers(ctx context.Context, in *QueryParameter, opts ...grpc.CallOption) (*Users, error) { + out := new(Users) + err := c.cc.Invoke(ctx, "/baseca.v1.Account/ListUsers", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *accountClient) CreateUser(ctx context.Context, in *CreateUserRequest, opts ...grpc.CallOption) (*User, error) { + out := new(User) + err := c.cc.Invoke(ctx, "/baseca.v1.Account/CreateUser", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *accountClient) UpdateUserCredentials(ctx context.Context, in *UpdateCredentialsRequest, opts ...grpc.CallOption) (*User, error) { + out := new(User) + err := c.cc.Invoke(ctx, "/baseca.v1.Account/UpdateUserCredentials", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *accountClient) UpdateUserPermissions(ctx context.Context, in *UpdatePermissionsRequest, opts ...grpc.CallOption) (*User, error) { + out := new(User) + err := c.cc.Invoke(ctx, "/baseca.v1.Account/UpdateUserPermissions", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// AccountServer is the server API for Account service. +// All implementations must embed UnimplementedAccountServer +// for forward compatibility +type AccountServer interface { + LoginUser(context.Context, *LoginUserRequest) (*LoginUserResponse, error) + DeleteUser(context.Context, *UsernameRequest) (*emptypb.Empty, error) + GetUser(context.Context, *UsernameRequest) (*User, error) + ListUsers(context.Context, *QueryParameter) (*Users, error) + CreateUser(context.Context, *CreateUserRequest) (*User, error) + UpdateUserCredentials(context.Context, *UpdateCredentialsRequest) (*User, error) + UpdateUserPermissions(context.Context, *UpdatePermissionsRequest) (*User, error) + mustEmbedUnimplementedAccountServer() +} + +// UnimplementedAccountServer must be embedded to have forward compatible implementations. +type UnimplementedAccountServer struct { +} + +func (UnimplementedAccountServer) LoginUser(context.Context, *LoginUserRequest) (*LoginUserResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method LoginUser not implemented") +} +func (UnimplementedAccountServer) DeleteUser(context.Context, *UsernameRequest) (*emptypb.Empty, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteUser not implemented") +} +func (UnimplementedAccountServer) GetUser(context.Context, *UsernameRequest) (*User, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetUser not implemented") +} +func (UnimplementedAccountServer) ListUsers(context.Context, *QueryParameter) (*Users, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListUsers not implemented") +} +func (UnimplementedAccountServer) CreateUser(context.Context, *CreateUserRequest) (*User, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateUser not implemented") +} +func (UnimplementedAccountServer) UpdateUserCredentials(context.Context, *UpdateCredentialsRequest) (*User, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateUserCredentials not implemented") +} +func (UnimplementedAccountServer) UpdateUserPermissions(context.Context, *UpdatePermissionsRequest) (*User, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateUserPermissions not implemented") +} +func (UnimplementedAccountServer) mustEmbedUnimplementedAccountServer() {} + +// UnsafeAccountServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to AccountServer will +// result in compilation errors. +type UnsafeAccountServer interface { + mustEmbedUnimplementedAccountServer() +} + +func RegisterAccountServer(s grpc.ServiceRegistrar, srv AccountServer) { + s.RegisterService(&Account_ServiceDesc, srv) +} + +func _Account_LoginUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(LoginUserRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AccountServer).LoginUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Account/LoginUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AccountServer).LoginUser(ctx, req.(*LoginUserRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Account_DeleteUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UsernameRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AccountServer).DeleteUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Account/DeleteUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AccountServer).DeleteUser(ctx, req.(*UsernameRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Account_GetUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UsernameRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AccountServer).GetUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Account/GetUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AccountServer).GetUser(ctx, req.(*UsernameRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Account_ListUsers_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(QueryParameter) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AccountServer).ListUsers(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Account/ListUsers", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AccountServer).ListUsers(ctx, req.(*QueryParameter)) + } + return interceptor(ctx, in, info, handler) +} + +func _Account_CreateUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateUserRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AccountServer).CreateUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Account/CreateUser", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AccountServer).CreateUser(ctx, req.(*CreateUserRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Account_UpdateUserCredentials_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateCredentialsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AccountServer).UpdateUserCredentials(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Account/UpdateUserCredentials", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AccountServer).UpdateUserCredentials(ctx, req.(*UpdateCredentialsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Account_UpdateUserPermissions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdatePermissionsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AccountServer).UpdateUserPermissions(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Account/UpdateUserPermissions", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AccountServer).UpdateUserPermissions(ctx, req.(*UpdatePermissionsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// Account_ServiceDesc is the grpc.ServiceDesc for Account service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Account_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "baseca.v1.Account", + HandlerType: (*AccountServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "LoginUser", + Handler: _Account_LoginUser_Handler, + }, + { + MethodName: "DeleteUser", + Handler: _Account_DeleteUser_Handler, + }, + { + MethodName: "GetUser", + Handler: _Account_GetUser_Handler, + }, + { + MethodName: "ListUsers", + Handler: _Account_ListUsers_Handler, + }, + { + MethodName: "CreateUser", + Handler: _Account_CreateUser_Handler, + }, + { + MethodName: "UpdateUserCredentials", + Handler: _Account_UpdateUserCredentials_Handler, + }, + { + MethodName: "UpdateUserPermissions", + Handler: _Account_UpdateUserPermissions_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "baseca/v1/api.proto", +} + +// ServiceClient is the client API for Service service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type ServiceClient interface { + CreateServiceAccount(ctx context.Context, in *CreateServiceAccountRequest, opts ...grpc.CallOption) (*CreateServiceAccountResponse, error) + ProvisionServiceAccount(ctx context.Context, in *ProvisionServiceAccountRequest, opts ...grpc.CallOption) (*ProvisionServiceAccountResponse, error) + ListServiceAccounts(ctx context.Context, in *QueryParameter, opts ...grpc.CallOption) (*ServiceAccounts, error) + GetServiceAccountUuid(ctx context.Context, in *ServiceAccountId, opts ...grpc.CallOption) (*ServiceAccount, error) + GetServiceAccountName(ctx context.Context, in *ServiceAccountName, opts ...grpc.CallOption) (*ServiceAccounts, error) + DeleteServiceAccount(ctx context.Context, in *ServiceAccountId, opts ...grpc.CallOption) (*emptypb.Empty, error) +} + +type serviceClient struct { + cc grpc.ClientConnInterface +} + +func NewServiceClient(cc grpc.ClientConnInterface) ServiceClient { + return &serviceClient{cc} +} + +func (c *serviceClient) CreateServiceAccount(ctx context.Context, in *CreateServiceAccountRequest, opts ...grpc.CallOption) (*CreateServiceAccountResponse, error) { + out := new(CreateServiceAccountResponse) + err := c.cc.Invoke(ctx, "/baseca.v1.Service/CreateServiceAccount", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *serviceClient) ProvisionServiceAccount(ctx context.Context, in *ProvisionServiceAccountRequest, opts ...grpc.CallOption) (*ProvisionServiceAccountResponse, error) { + out := new(ProvisionServiceAccountResponse) + err := c.cc.Invoke(ctx, "/baseca.v1.Service/ProvisionServiceAccount", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *serviceClient) ListServiceAccounts(ctx context.Context, in *QueryParameter, opts ...grpc.CallOption) (*ServiceAccounts, error) { + out := new(ServiceAccounts) + err := c.cc.Invoke(ctx, "/baseca.v1.Service/ListServiceAccounts", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *serviceClient) GetServiceAccountUuid(ctx context.Context, in *ServiceAccountId, opts ...grpc.CallOption) (*ServiceAccount, error) { + out := new(ServiceAccount) + err := c.cc.Invoke(ctx, "/baseca.v1.Service/GetServiceAccountUuid", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *serviceClient) GetServiceAccountName(ctx context.Context, in *ServiceAccountName, opts ...grpc.CallOption) (*ServiceAccounts, error) { + out := new(ServiceAccounts) + err := c.cc.Invoke(ctx, "/baseca.v1.Service/GetServiceAccountName", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *serviceClient) DeleteServiceAccount(ctx context.Context, in *ServiceAccountId, opts ...grpc.CallOption) (*emptypb.Empty, error) { + out := new(emptypb.Empty) + err := c.cc.Invoke(ctx, "/baseca.v1.Service/DeleteServiceAccount", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// ServiceServer is the server API for Service service. +// All implementations must embed UnimplementedServiceServer +// for forward compatibility +type ServiceServer interface { + CreateServiceAccount(context.Context, *CreateServiceAccountRequest) (*CreateServiceAccountResponse, error) + ProvisionServiceAccount(context.Context, *ProvisionServiceAccountRequest) (*ProvisionServiceAccountResponse, error) + ListServiceAccounts(context.Context, *QueryParameter) (*ServiceAccounts, error) + GetServiceAccountUuid(context.Context, *ServiceAccountId) (*ServiceAccount, error) + GetServiceAccountName(context.Context, *ServiceAccountName) (*ServiceAccounts, error) + DeleteServiceAccount(context.Context, *ServiceAccountId) (*emptypb.Empty, error) + mustEmbedUnimplementedServiceServer() +} + +// UnimplementedServiceServer must be embedded to have forward compatible implementations. +type UnimplementedServiceServer struct { +} + +func (UnimplementedServiceServer) CreateServiceAccount(context.Context, *CreateServiceAccountRequest) (*CreateServiceAccountResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateServiceAccount not implemented") +} +func (UnimplementedServiceServer) ProvisionServiceAccount(context.Context, *ProvisionServiceAccountRequest) (*ProvisionServiceAccountResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ProvisionServiceAccount not implemented") +} +func (UnimplementedServiceServer) ListServiceAccounts(context.Context, *QueryParameter) (*ServiceAccounts, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListServiceAccounts not implemented") +} +func (UnimplementedServiceServer) GetServiceAccountUuid(context.Context, *ServiceAccountId) (*ServiceAccount, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetServiceAccountUuid not implemented") +} +func (UnimplementedServiceServer) GetServiceAccountName(context.Context, *ServiceAccountName) (*ServiceAccounts, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetServiceAccountName not implemented") +} +func (UnimplementedServiceServer) DeleteServiceAccount(context.Context, *ServiceAccountId) (*emptypb.Empty, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteServiceAccount not implemented") +} +func (UnimplementedServiceServer) mustEmbedUnimplementedServiceServer() {} + +// UnsafeServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to ServiceServer will +// result in compilation errors. +type UnsafeServiceServer interface { + mustEmbedUnimplementedServiceServer() +} + +func RegisterServiceServer(s grpc.ServiceRegistrar, srv ServiceServer) { + s.RegisterService(&Service_ServiceDesc, srv) +} + +func _Service_CreateServiceAccount_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateServiceAccountRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ServiceServer).CreateServiceAccount(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Service/CreateServiceAccount", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ServiceServer).CreateServiceAccount(ctx, req.(*CreateServiceAccountRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Service_ProvisionServiceAccount_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ProvisionServiceAccountRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ServiceServer).ProvisionServiceAccount(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Service/ProvisionServiceAccount", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ServiceServer).ProvisionServiceAccount(ctx, req.(*ProvisionServiceAccountRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _Service_ListServiceAccounts_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(QueryParameter) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ServiceServer).ListServiceAccounts(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Service/ListServiceAccounts", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ServiceServer).ListServiceAccounts(ctx, req.(*QueryParameter)) + } + return interceptor(ctx, in, info, handler) +} + +func _Service_GetServiceAccountUuid_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ServiceAccountId) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ServiceServer).GetServiceAccountUuid(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Service/GetServiceAccountUuid", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ServiceServer).GetServiceAccountUuid(ctx, req.(*ServiceAccountId)) + } + return interceptor(ctx, in, info, handler) +} + +func _Service_GetServiceAccountName_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ServiceAccountName) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ServiceServer).GetServiceAccountName(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Service/GetServiceAccountName", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ServiceServer).GetServiceAccountName(ctx, req.(*ServiceAccountName)) + } + return interceptor(ctx, in, info, handler) +} + +func _Service_DeleteServiceAccount_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ServiceAccountId) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ServiceServer).DeleteServiceAccount(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Service/DeleteServiceAccount", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ServiceServer).DeleteServiceAccount(ctx, req.(*ServiceAccountId)) + } + return interceptor(ctx, in, info, handler) +} + +// Service_ServiceDesc is the grpc.ServiceDesc for Service service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Service_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "baseca.v1.Service", + HandlerType: (*ServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "CreateServiceAccount", + Handler: _Service_CreateServiceAccount_Handler, + }, + { + MethodName: "ProvisionServiceAccount", + Handler: _Service_ProvisionServiceAccount_Handler, + }, + { + MethodName: "ListServiceAccounts", + Handler: _Service_ListServiceAccounts_Handler, + }, + { + MethodName: "GetServiceAccountUuid", + Handler: _Service_GetServiceAccountUuid_Handler, + }, + { + MethodName: "GetServiceAccountName", + Handler: _Service_GetServiceAccountName_Handler, + }, + { + MethodName: "DeleteServiceAccount", + Handler: _Service_DeleteServiceAccount_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "baseca/v1/api.proto", +} + +// HealthClient is the client API for Health service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type HealthClient interface { + Check(ctx context.Context, in *HealthCheckRequest, opts ...grpc.CallOption) (*HealthCheckResponse, error) +} + +type healthClient struct { + cc grpc.ClientConnInterface +} + +func NewHealthClient(cc grpc.ClientConnInterface) HealthClient { + return &healthClient{cc} +} + +func (c *healthClient) Check(ctx context.Context, in *HealthCheckRequest, opts ...grpc.CallOption) (*HealthCheckResponse, error) { + out := new(HealthCheckResponse) + err := c.cc.Invoke(ctx, "/baseca.v1.Health/Check", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// HealthServer is the server API for Health service. +// All implementations must embed UnimplementedHealthServer +// for forward compatibility +type HealthServer interface { + Check(context.Context, *HealthCheckRequest) (*HealthCheckResponse, error) + mustEmbedUnimplementedHealthServer() +} + +// UnimplementedHealthServer must be embedded to have forward compatible implementations. +type UnimplementedHealthServer struct { +} + +func (UnimplementedHealthServer) Check(context.Context, *HealthCheckRequest) (*HealthCheckResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Check not implemented") +} +func (UnimplementedHealthServer) mustEmbedUnimplementedHealthServer() {} + +// UnsafeHealthServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to HealthServer will +// result in compilation errors. +type UnsafeHealthServer interface { + mustEmbedUnimplementedHealthServer() +} + +func RegisterHealthServer(s grpc.ServiceRegistrar, srv HealthServer) { + s.RegisterService(&Health_ServiceDesc, srv) +} + +func _Health_Check_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(HealthCheckRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(HealthServer).Check(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/baseca.v1.Health/Check", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(HealthServer).Check(ctx, req.(*HealthCheckRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// Health_ServiceDesc is the grpc.ServiceDesc for Health service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var Health_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "baseca.v1.Health", + HandlerType: (*HealthServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "Check", + Handler: _Health_Check_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "baseca/v1/api.proto", +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..32bff04 --- /dev/null +++ b/go.mod @@ -0,0 +1,77 @@ +module github.com/coinbase/baseca + +go 1.19 + +require ( + github.com/allegro/bigcache/v3 v3.1.0 + github.com/aws/aws-sdk-go v1.44.262 + github.com/aws/aws-sdk-go-v2 v1.18.0 + github.com/aws/aws-sdk-go-v2/config v1.18.25 + github.com/aws/aws-sdk-go-v2/credentials v1.13.24 + github.com/aws/aws-sdk-go-v2/service/acmpca v1.21.12 + github.com/aws/aws-sdk-go-v2/service/ec2 v1.97.0 + github.com/aws/aws-sdk-go-v2/service/firehose v1.16.12 + github.com/aws/aws-sdk-go-v2/service/kms v1.21.1 + github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.19.7 + github.com/aws/aws-sdk-go-v2/service/sts v1.19.0 + github.com/bazelbuild/rules_go v0.39.1 + github.com/casbin/casbin/v2 v2.69.0 + github.com/go-redis/redis/v8 v8.11.5 + github.com/gogo/status v1.1.1 + github.com/golang/mock v1.6.0 + github.com/google/uuid v1.3.0 + github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 + github.com/lib/pq v1.10.9 + github.com/mitchellh/mapstructure v1.5.0 + github.com/rs/zerolog v1.29.1 + github.com/spf13/viper v1.15.0 + github.com/stretchr/testify v1.8.2 + github.com/tabbed/pqtype v0.1.1 + github.com/wagslane/go-password-validator v0.3.0 + go.uber.org/fx v1.19.3 + go.uber.org/zap v1.24.0 + golang.org/x/crypto v0.9.0 + golang.org/x/net v0.10.0 + google.golang.org/grpc v1.55.0 + google.golang.org/protobuf v1.30.0 +) + +require ( + github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.12.10 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10 // indirect + github.com/aws/smithy-go v1.13.5 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect + github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/gogo/googleapis v0.0.0-20180223154316-0cd9801be74a // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang/protobuf v1.5.3 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/magiconair/properties v1.8.7 // indirect + github.com/mattn/go-colorable v0.1.12 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect + github.com/pelletier/go-toml/v2 v2.0.6 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/spf13/afero v1.9.3 // indirect + github.com/spf13/cast v1.5.0 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect + github.com/stretchr/objx v0.5.0 // indirect + github.com/subosito/gotenv v1.4.2 // indirect + go.uber.org/atomic v1.9.0 // indirect + go.uber.org/dig v1.16.1 // indirect + go.uber.org/multierr v1.8.0 // indirect + golang.org/x/sys v0.8.0 // indirect + golang.org/x/text v0.9.0 // indirect + google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..32cd129 --- /dev/null +++ b/go.sum @@ -0,0 +1,645 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= +cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= +cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= +cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= +cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= +cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible h1:1G1pk05UrOh0NlF1oeaaix1x8XzrfjIDK47TY0Zehcw= +github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= +github.com/allegro/bigcache/v3 v3.1.0 h1:H2Vp8VOvxcrB91o86fUSVJFqeuz8kpyyB02eH3bSzwk= +github.com/allegro/bigcache/v3 v3.1.0/go.mod h1:aPyh7jEvrog9zAwx5N7+JUQX5dZTSGpxF1LAR4dr35I= +github.com/aws/aws-sdk-go v1.44.262 h1:gyXpcJptWoNkK+DiAiaBltlreoWKQXjAIh6FRh60F+I= +github.com/aws/aws-sdk-go v1.44.262/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go-v2 v1.18.0 h1:882kkTpSFhdgYRKVZ/VCgf7sd0ru57p2JCxz4/oN5RY= +github.com/aws/aws-sdk-go-v2 v1.18.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= +github.com/aws/aws-sdk-go-v2/config v1.18.25 h1:JuYyZcnMPBiFqn87L2cRppo+rNwgah6YwD3VuyvaW6Q= +github.com/aws/aws-sdk-go-v2/config v1.18.25/go.mod h1:dZnYpD5wTW/dQF0rRNLVypB396zWCcPiBIvdvSWHEg4= +github.com/aws/aws-sdk-go-v2/credentials v1.13.24 h1:PjiYyls3QdCrzqUN35jMWtUK1vqVZ+zLfdOa/UPFDp0= +github.com/aws/aws-sdk-go-v2/credentials v1.13.24/go.mod h1:jYPYi99wUOPIFi0rhiOvXeSEReVOzBqFNOX5bXYoG2o= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3 h1:jJPgroehGvjrde3XufFIJUZVK5A2L9a3KwSFgKy9n8w= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3/go.mod h1:4Q0UFP0YJf0NrsEuEYHpM9fTSEVnD16Z3uyEF7J9JGM= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33 h1:kG5eQilShqmJbv11XL1VpyDbaEJzWxd4zRiCG30GSn4= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33/go.mod h1:7i0PF1ME/2eUPFcjkVIwq+DOygHEoK92t5cDqNgYbIw= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27 h1:vFQlirhuM8lLlpI7imKOMsjdQLuN9CPi+k44F/OFVsk= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27/go.mod h1:UrHnn3QV/d0pBZ6QBAEQcqFLf8FAzLmoUfPVIueOvoM= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34 h1:gGLG7yKaXG02/jBlg210R7VgQIotiQntNhsCFejawx8= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34/go.mod h1:Etz2dj6UHYuw+Xw830KfzCfWGMzqvUTCjUj5b76GVDc= +github.com/aws/aws-sdk-go-v2/service/acmpca v1.21.12 h1:iUAlpULRDJHja32KoQtQWLITvdFJKJqMxkNp8t8NUSw= +github.com/aws/aws-sdk-go-v2/service/acmpca v1.21.12/go.mod h1:4alRqgcU10Ku81DeRIRbed8Yd5EuPWVsH/Zi1WX3ans= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.97.0 h1:glGFVlA0MVrOpDF+KsVZZA/QCwykYPanYMW0DoIJN34= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.97.0/go.mod h1:L3ZT0N/vBsw77mOAawXmRnREpEjcHd2v5Hzf7AkIH8M= +github.com/aws/aws-sdk-go-v2/service/firehose v1.16.12 h1:uofvnacgx7oPy5dAbtmyLBaHSwsHJDT9nv6fvEs9qLc= +github.com/aws/aws-sdk-go-v2/service/firehose v1.16.12/go.mod h1:D43fmAh+MPDwmsTohHRToEn1A9FRCEAeEifg5RwTS1Y= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27 h1:0iKliEXAcCa2qVtRs7Ot5hItA2MsufrphbRFlz1Owxo= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27/go.mod h1:EOwBD4J4S5qYszS5/3DpkejfuK+Z5/1uzICfPaZLtqw= +github.com/aws/aws-sdk-go-v2/service/kms v1.21.1 h1:Q03Jqh1enA8keCiGZpLetpk58Ll9iGejE5bOErxyGAU= +github.com/aws/aws-sdk-go-v2/service/kms v1.21.1/go.mod h1:EEfb4gfSphdVpRo5sGf2W3KvJbelYUno5VaXR5MJ3z4= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.19.7 h1:W88E2kZGo+NHOsyvQbsOZYqxXJdLIqRzKadeVlv5J7k= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.19.7/go.mod h1:3ARttS6G6U3auEdKfaN4GlnfS9UxYE9nqub1+0YGycA= +github.com/aws/aws-sdk-go-v2/service/sso v1.12.10 h1:UBQjaMTCKwyUYwiVnUt6toEJwGXsLBI6al083tpjJzY= +github.com/aws/aws-sdk-go-v2/service/sso v1.12.10/go.mod h1:ouy2P4z6sJN70fR3ka3wD3Ro3KezSxU6eKGQI2+2fjI= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10 h1:PkHIIJs8qvq0e5QybnZoG1K/9QTrLr9OsqCIo59jOBA= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10/go.mod h1:AFvkxc8xfBe8XA+5St5XIHHrQQtkxqrRincx4hmMHOk= +github.com/aws/aws-sdk-go-v2/service/sts v1.19.0 h1:2DQLAKDteoEDI8zpCzqBMaZlJuoE9iTYD0gFmXVax9E= +github.com/aws/aws-sdk-go-v2/service/sts v1.19.0/go.mod h1:BgQOMsg8av8jset59jelyPW7NoZcZXLVpDsXunGDrk8= +github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8= +github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/bazelbuild/rules_go v0.39.1 h1:wkJLUDx59dntWMghuL8++GteoU1To6sRoKJXuyFtmf8= +github.com/bazelbuild/rules_go v0.39.1/go.mod h1:TMHmtfpvyfsxaqfL9WnahCsXMWDMICTw7XeK9yVb+YU= +github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= +github.com/casbin/casbin/v2 v2.69.0 h1:hF9iUqqVJNqaG9U3SEmVRDe1eRmLUZZjO2MMGd2Pcuk= +github.com/casbin/casbin/v2 v2.69.0/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= +github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI= +github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/gogo/googleapis v0.0.0-20180223154316-0cd9801be74a h1:dR8+Q0uO5S2ZBcs2IH6VBKYwSxPo2vYCYq0ot0mu7xA= +github.com/gogo/googleapis v0.0.0-20180223154316-0cd9801be74a/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/gogo/status v1.1.1 h1:DuHXlSFHNKqTQ+/ACf5Vs6r4X/dH2EgIzR9Vr+H65kg= +github.com/gogo/status v1.1.1/go.mod h1:jpG3dM5QPcqu19Hg8lkUhBFBa3TcLs1DG7+2Jqci7oU= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= +github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= +github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI= +github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= +github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= +github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= +github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= +github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= +github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= +github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/gomega v1.18.1 h1:M1GfJqGRrBrrGGsbxzV5dqM2U2ApXefZCQpkukxYRLE= +github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= +github.com/pelletier/go-toml/v2 v2.0.6 h1:nrzqCb7j9cDFj2coyLNLaZuJTLjWjlaz6nvTvIwycIU= +github.com/pelletier/go-toml/v2 v2.0.6/go.mod h1:eumQOmlWiOPt5WriQQqoM5y18pDHwha2N+QD+EUNTek= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= +github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= +github.com/rs/zerolog v1.29.1 h1:cO+d60CHkknCbvzEWxP0S9K6KqyTjrCNUy1LdQLCGPc= +github.com/rs/zerolog v1.29.1/go.mod h1:Le6ESbR7hc+DP6Lt1THiV8CQSdkkNrd3R0XbEgp3ZBU= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/spf13/afero v1.9.3 h1:41FoI0fD7OR7mGcKE/aOiLkGreyf8ifIOQmJANWogMk= +github.com/spf13/afero v1.9.3/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= +github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= +github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= +github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= +github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.15.0 h1:js3yy885G8xwJa6iOISGFwd+qlUo5AvyXb7CiihdtiU= +github.com/spf13/viper v1.15.0/go.mod h1:fFcTBJxvhhzSJiZy8n+PeW6t8l+KeT/uTARa0jHOQLA= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= +github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= +github.com/tabbed/pqtype v0.1.1 h1:PhEcb9JZ8jr7SUjJDFjRPxny0M8fkXZrxn/a9yQfoZg= +github.com/tabbed/pqtype v0.1.1/go.mod h1:HLt2kLJPcUhODQkYn3mJkMHXVsuv3Z2n5NZEeKXL0Uk= +github.com/wagslane/go-password-validator v0.3.0 h1:vfxOPzGHkz5S146HDpavl0cw1DSVP061Ry2PX0/ON6I= +github.com/wagslane/go-password-validator v0.3.0/go.mod h1:TI1XJ6T5fRdRnHqHt14pvy1tNVnrwe7m3/f1f2fDphQ= +github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= +go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/dig v1.16.1 h1:+alNIBsl0qfY0j6epRubp/9obgtrObRAc5aD+6jbWY8= +go.uber.org/dig v1.16.1/go.mod h1:557JTAUZT5bUK0SvCwikmLPPtdQhfvLYtO5tJgQSbnk= +go.uber.org/fx v1.19.3 h1:YqMRE4+2IepTYCMOvXqQpRa+QAVdiSTnsHU4XNWBceA= +go.uber.org/fx v1.19.3/go.mod h1:w2HrQg26ql9fLK7hlBiZ6JsRUKV+Lj/atT1KCjT8YhM= +go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= +go.uber.org/goleak v1.1.11 h1:wy28qYRKZgnJTxGxvye5/wgWr1EKjmUDGYox5mGlRlI= +go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8= +go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= +go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= +go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= +golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/genproto v0.0.0-20180518175338-11a468237815/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 h1:DdoeryqhaXp1LtT/emMP1BRJPHHKFi5akj/nbx/zNTA= +google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s= +google.golang.org/grpc v1.12.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= +google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.55.0 h1:3Oj82/tFSCeUrRTg/5E/7d/W5A1tj6Ky1ABAuZuv5ag= +google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/internal/attestor/aws_iid/certificate/ec2.amazonaws.com.crt b/internal/attestor/aws_iid/certificate/ec2.amazonaws.com.crt new file mode 100644 index 0000000..7e3885b --- /dev/null +++ b/internal/attestor/aws_iid/certificate/ec2.amazonaws.com.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDIjCCAougAwIBAgIJAKnL4UEDMN/FMA0GCSqGSIb3DQEBBQUAMGoxCzAJBgNV +BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMRgw +FgYDVQQKEw9BbWF6b24uY29tIEluYy4xGjAYBgNVBAMTEWVjMi5hbWF6b25hd3Mu +Y29tMB4XDTE0MDYwNTE0MjgwMloXDTI0MDYwNTE0MjgwMlowajELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxGDAWBgNV +BAoTD0FtYXpvbi5jb20gSW5jLjEaMBgGA1UEAxMRZWMyLmFtYXpvbmF3cy5jb20w +gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIe9GN//SRK2knbjySG0ho3yqQM3 +e2TDhWO8D2e8+XZqck754gFSo99AbT2RmXClambI7xsYHZFapbELC4H91ycihvrD +jbST1ZjkLQgga0NE1q43eS68ZeTDccScXQSNivSlzJZS8HJZjgqzBlXjZftjtdJL +XeE4hwvo0sD4f3j9AgMBAAGjgc8wgcwwHQYDVR0OBBYEFCXWzAgVyrbwnFncFFIs +77VBdlE4MIGcBgNVHSMEgZQwgZGAFCXWzAgVyrbwnFncFFIs77VBdlE4oW6kbDBq +MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2Vh +dHRsZTEYMBYGA1UEChMPQW1hem9uLmNvbSBJbmMuMRowGAYDVQQDExFlYzIuYW1h +em9uYXdzLmNvbYIJAKnL4UEDMN/FMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF +BQADgYEAFYcz1OgEhQBXIwIdsgCOS8vEtiJYF+j9uO6jz7VOmJqO+pRlAbRlvY8T +C1haGgSI/A1uZUKs/Zfnph0oEI0/hu1IIJ/SKBDtN5lvmZ/IzbOPIJWirlsllQIQ +7zvWbGd9c9+Rm3p04oTvhup99la7kZqevJK0QRdD/6NpCKsqP/0= +-----END CERTIFICATE----- \ No newline at end of file diff --git a/internal/attestor/aws_iid/certificate/rds.global.bundle.pem b/internal/attestor/aws_iid/certificate/rds.global.bundle.pem new file mode 100644 index 0000000..dd5f955 --- /dev/null +++ b/internal/attestor/aws_iid/certificate/rds.global.bundle.pem @@ -0,0 +1,2876 @@ +-----BEGIN CERTIFICATE----- +MIIEEjCCAvqgAwIBAgIJAM2ZN/+nPi27MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYD +VQQGEwJVUzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEi +MCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1h +em9uIFJEUzEmMCQGA1UEAwwdQW1hem9uIFJEUyBhZi1zb3V0aC0xIFJvb3QgQ0Ew +HhcNMTkxMDI4MTgwNTU4WhcNMjQxMDI2MTgwNTU4WjCBlTELMAkGA1UEBhMCVVMx +EDAOBgNVBAcMB1NlYXR0bGUxEzARBgNVBAgMCldhc2hpbmd0b24xIjAgBgNVBAoM +GUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMx +JjAkBgNVBAMMHUFtYXpvbiBSRFMgYWYtc291dGgtMSBSb290IENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR2351uPMZaJk2gMGT+1sk8HE9MQh2rc +/sCnbxGn2p1c7Oi9aBbd/GiFijeJb2BXvHU+TOq3d3Jjqepq8tapXVt4ojbTJNyC +J5E7r7KjTktKdLxtBE1MK25aY+IRJjtdU6vG3KiPKUT1naO3xs3yt0F76WVuFivd +9OHv2a+KHvPkRUWIxpmAHuMY9SIIMmEZtVE7YZGx5ah0iO4JzItHcbVR0y0PBH55 +arpFBddpIVHCacp1FUPxSEWkOpI7q0AaU4xfX0fe1BV5HZYRKpBOIp1TtZWvJD+X +jGUtL1BEsT5vN5g9MkqdtYrC+3SNpAk4VtpvJrdjraI/hhvfeXNnAwIDAQABo2Mw +YTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUEEi/ +WWMcBJsoGXg+EZwkQ0MscZQwHwYDVR0jBBgwFoAUEEi/WWMcBJsoGXg+EZwkQ0Ms +cZQwDQYJKoZIhvcNAQELBQADggEBAGDZ5js5Pc/gC58LJrwMPXFhJDBS8QuDm23C +FFUdlqucskwOS3907ErK1ZkmVJCIqFLArHqskFXMAkRZ2PNR7RjWLqBs+0znG5yH +hRKb4DXzhUFQ18UBRcvT6V6zN97HTRsEEaNhM/7k8YLe7P8vfNZ28VIoJIGGgv9D +wQBBvkxQ71oOmAG0AwaGD0ORGUfbYry9Dz4a4IcUsZyRWRMADixgrFv6VuETp26s +/+z+iqNaGWlELBKh3iQCT6Y/1UnkPLO42bxrCSyOvshdkYN58Q2gMTE1SVTqyo8G +Lw8lLAz9bnvUSgHzB3jRrSx6ggF/WRMRYlR++y6LXP4SAsSAaC0= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEEjCCAvqgAwIBAgIJAJYM4LxvTZA6MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYD +VQQGEwJVUzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEi +MCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1h +em9uIFJEUzEmMCQGA1UEAwwdQW1hem9uIFJEUyBldS1zb3V0aC0xIFJvb3QgQ0Ew +HhcNMTkxMDMwMjAyMDM2WhcNMjQxMDI4MjAyMDM2WjCBlTELMAkGA1UEBhMCVVMx +EDAOBgNVBAcMB1NlYXR0bGUxEzARBgNVBAgMCldhc2hpbmd0b24xIjAgBgNVBAoM +GUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMx +JjAkBgNVBAMMHUFtYXpvbiBSRFMgZXUtc291dGgtMSBSb290IENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM921jXCXeqpRNCS9CBPOe5N7gMaEt+D +s5uR3riZbqzRlHGiF1jZihkXfHAIQewDwy+Yz+Oec1aEZCQMhUHxZJPusuX0cJfj +b+UluFqHIijL2TfXJ3D0PVLLoNTQJZ8+GAPECyojAaNuoHbdVqxhOcznMsXIXVFq +yVLKDGvyKkJjai/iSPDrQMXufg3kWt0ISjNLvsG5IFXgP4gttsM8i0yvRd4QcHoo +DjvH7V3cS+CQqW5SnDrGnHToB0RLskE1ET+oNOfeN9PWOxQprMOX/zmJhnJQlTqD +QP7jcf7SddxrKFjuziFiouskJJyNDsMjt1Lf60+oHZhed2ogTeifGwIDAQABo2Mw +YTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUFBAF +cgJe/BBuZiGeZ8STfpkgRYQwHwYDVR0jBBgwFoAUFBAFcgJe/BBuZiGeZ8STfpkg +RYQwDQYJKoZIhvcNAQELBQADggEBAKAYUtlvDuX2UpZW9i1QgsjFuy/ErbW0dLHU +e/IcFtju2z6RLZ+uF+5A8Kme7IKG1hgt8s+w9TRVQS/7ukQzoK3TaN6XKXRosjtc +o9Rm4gYWM8bmglzY1TPNaiI4HC7546hSwJhubjN0bXCuj/0sHD6w2DkiGuwKNAef +yTu5vZhPkeNyXLykxkzz7bNp2/PtMBnzIp+WpS7uUDmWyScGPohKMq5PqvL59z+L +ZI3CYeMZrJ5VpXUg3fNNIz/83N3G0sk7wr0ohs/kHTP7xPOYB0zD7Ku4HA0Q9Swf +WX0qr6UQgTPMjfYDLffI7aEId0gxKw1eGYc6Cq5JAZ3ipi/cBFc= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEEjCCAvqgAwIBAgIJANew34ehz5l8MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYD +VQQGEwJVUzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEi +MCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1h +em9uIFJEUzEmMCQGA1UEAwwdQW1hem9uIFJEUyBtZS1zb3V0aC0xIFJvb3QgQ0Ew +HhcNMTkwNTEwMjE0ODI3WhcNMjQwNTA4MjE0ODI3WjCBlTELMAkGA1UEBhMCVVMx +EDAOBgNVBAcMB1NlYXR0bGUxEzARBgNVBAgMCldhc2hpbmd0b24xIjAgBgNVBAoM +GUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMx +JjAkBgNVBAMMHUFtYXpvbiBSRFMgbWUtc291dGgtMSBSb290IENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7BYV88MukcY+rq0r79+C8UzkT30fEfT +aPXbx1d6M7uheGN4FMaoYmL+JE1NZPaMRIPTHhFtLSdPccInvenRDIatcXX+jgOk +UA6lnHQ98pwN0pfDUyz/Vph4jBR9LcVkBbe0zdoKKp+HGbMPRU0N2yNrog9gM5O8 +gkU/3O2csJ/OFQNnj4c2NQloGMUpEmedwJMOyQQfcUyt9CvZDfIPNnheUS29jGSw +ERpJe/AENu8Pxyc72jaXQuD+FEi2Ck6lBkSlWYQFhTottAeGvVFNCzKszCntrtqd +rdYUwurYsLTXDHv9nW2hfDUQa0mhXf9gNDOBIVAZugR9NqNRNyYLHQIDAQABo2Mw +YTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU54cf +DjgwBx4ycBH8+/r8WXdaiqYwHwYDVR0jBBgwFoAU54cfDjgwBx4ycBH8+/r8WXda +iqYwDQYJKoZIhvcNAQELBQADggEBAIIMTSPx/dR7jlcxggr+O6OyY49Rlap2laKA +eC/XI4ySP3vQkIFlP822U9Kh8a9s46eR0uiwV4AGLabcu0iKYfXjPkIprVCqeXV7 +ny9oDtrbflyj7NcGdZLvuzSwgl9SYTJp7PVCZtZutsPYlbJrBPHwFABvAkMvRtDB +hitIg4AESDGPoCl94sYHpfDfjpUDMSrAMDUyO6DyBdZH5ryRMAs3lGtsmkkNUrso +aTW6R05681Z0mvkRdb+cdXtKOSuDZPoe2wJJIaz3IlNQNSrB5TImMYgmt6iAsFhv +3vfTSTKrZDNTJn4ybG6pq1zWExoXsktZPylJly6R3RBwV6nwqBM= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBjCCAu6gAwIBAgIJAMc0ZzaSUK51MA0GCSqGSIb3DQEBCwUAMIGPMQswCQYD +VQQGEwJVUzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEi +MCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1h +em9uIFJEUzEgMB4GA1UEAwwXQW1hem9uIFJEUyBSb290IDIwMTkgQ0EwHhcNMTkw +ODIyMTcwODUwWhcNMjQwODIyMTcwODUwWjCBjzELMAkGA1UEBhMCVVMxEDAOBgNV +BAcMB1NlYXR0bGUxEzARBgNVBAgMCldhc2hpbmd0b24xIjAgBgNVBAoMGUFtYXpv +biBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxIDAeBgNV +BAMMF0FtYXpvbiBSRFMgUm9vdCAyMDE5IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEArXnF/E6/Qh+ku3hQTSKPMhQQlCpoWvnIthzX6MK3p5a0eXKZ +oWIjYcNNG6UwJjp4fUXl6glp53Jobn+tWNX88dNH2n8DVbppSwScVE2LpuL+94vY +0EYE/XxN7svKea8YvlrqkUBKyxLxTjh+U/KrGOaHxz9v0l6ZNlDbuaZw3qIWdD/I +6aNbGeRUVtpM6P+bWIoxVl/caQylQS6CEYUk+CpVyJSkopwJlzXT07tMoDL5WgX9 +O08KVgDNz9qP/IGtAcRduRcNioH3E9v981QO1zt/Gpb2f8NqAjUUCUZzOnij6mx9 +McZ+9cWX88CRzR0vQODWuZscgI08NvM69Fn2SQIDAQABo2MwYTAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUc19g2LzLA5j0Kxc0LjZa +pmD/vB8wHwYDVR0jBBgwFoAUc19g2LzLA5j0Kxc0LjZapmD/vB8wDQYJKoZIhvcN +AQELBQADggEBAHAG7WTmyjzPRIM85rVj+fWHsLIvqpw6DObIjMWokpliCeMINZFV +ynfgBKsf1ExwbvJNzYFXW6dihnguDG9VMPpi2up/ctQTN8tm9nDKOy08uNZoofMc +NUZxKCEkVKZv+IL4oHoeayt8egtv3ujJM6V14AstMQ6SwvwvA93EP/Ug2e4WAXHu +cbI1NAbUgVDqp+DRdfvZkgYKryjTWd/0+1fS8X1bBZVWzl7eirNVnHbSH2ZDpNuY +0SBd8dj5F6ld3t58ydZbrTHze7JJOd8ijySAp4/kiu9UfZWuTPABzDa/DSdz9Dk/ +zPW4CXXvhLmE02TA9/HeCw3KEHIwicNuEfw= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEEDCCAvigAwIBAgIJAKFMXyltvuRdMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEi +MCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1h +em9uIFJEUzElMCMGA1UEAwwcQW1hem9uIFJEUyBCZXRhIFJvb3QgMjAxOSBDQTAe +Fw0xOTA4MTkxNzM4MjZaFw0yNDA4MTkxNzM4MjZaMIGUMQswCQYDVQQGEwJVUzEQ +MA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEiMCAGA1UECgwZ +QW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEl +MCMGA1UEAwwcQW1hem9uIFJEUyBCZXRhIFJvb3QgMjAxOSBDQTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAMkZdnIH9ndatGAcFo+DppGJ1HUt4x+zeO+0 +ZZ29m0sfGetVulmTlv2d5b66e+QXZFWpcPQMouSxxYTW08TbrQiZngKr40JNXftA +atvzBqIImD4II0ZX5UEVj2h98qe/ypW5xaDN7fEa5e8FkYB1TEemPaWIbNXqchcL +tV7IJPr3Cd7Z5gZJlmujIVDPpMuSiNaal9/6nT9oqN+JSM1fx5SzrU5ssg1Vp1vv +5Xab64uOg7wCJRB9R2GC9XD04odX6VcxUAGrZo6LR64ZSifupo3l+R5sVOc5i8NH +skdboTzU9H7+oSdqoAyhIU717PcqeDum23DYlPE2nGBWckE+eT8CAwEAAaNjMGEw +DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFK2hDBWl +sbHzt/EHd0QYOooqcFPhMB8GA1UdIwQYMBaAFK2hDBWlsbHzt/EHd0QYOooqcFPh +MA0GCSqGSIb3DQEBCwUAA4IBAQAO/718k8EnOqJDx6wweUscGTGL/QdKXUzTVRAx +JUsjNUv49mH2HQVEW7oxszfH6cPCaupNAddMhQc4C/af6GHX8HnqfPDk27/yBQI+ +yBBvIanGgxv9c9wBbmcIaCEWJcsLp3HzXSYHmjiqkViXwCpYfkoV3Ns2m8bp+KCO +y9XmcCKRaXkt237qmoxoh2sGmBHk2UlQtOsMC0aUQ4d7teAJG0q6pbyZEiPyKZY1 +XR/UVxMJL0Q4iVpcRS1kaNCMfqS2smbLJeNdsan8pkw1dvPhcaVTb7CvjhJtjztF +YfDzAI5794qMlWxwilKMmUvDlPPOTen8NNHkLwWvyFCH7Doh +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEFjCCAv6gAwIBAgIJAMzYZJ+R9NBVMA0GCSqGSIb3DQEBCwUAMIGXMQswCQYD +VQQGEwJVUzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEi +MCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1h +em9uIFJEUzEoMCYGA1UEAwwfQW1hem9uIFJEUyBQcmV2aWV3IFJvb3QgMjAxOSBD +QTAeFw0xOTA4MjEyMjI5NDlaFw0yNDA4MjEyMjI5NDlaMIGXMQswCQYDVQQGEwJV +UzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEiMCAGA1UE +CgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJE +UzEoMCYGA1UEAwwfQW1hem9uIFJEUyBQcmV2aWV3IFJvb3QgMjAxOSBDQTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM7kkS6vjgKKQTPynC2NjdN5aPPV +O71G0JJS/2ARVBVJd93JLiGovVJilfWYfwZCs4gTRSSjrUD4D4HyqCd6A+eEEtJq +M0DEC7i0dC+9WNTsPszuB206Jy2IUmxZMIKJAA1NHSbIMjB+b6/JhbSUi7nKdbR/ +brj83bF+RoSA+ogrgX7mQbxhmFcoZN9OGaJgYKsKWUt5Wqv627KkGodUK8mDepgD +S3ZfoRQRx3iceETpcmHJvaIge6+vyDX3d9Z22jmvQ4AKv3py2CmU2UwuhOltFDwB +0ddtb39vgwrJxaGfiMRHpEP1DfNLWHAnA69/pgZPwIggidS+iBPUhgucMp8CAwEA +AaNjMGEwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FGnTGpQuQ2H/DZlXMQijZEhjs7TdMB8GA1UdIwQYMBaAFGnTGpQuQ2H/DZlXMQij +ZEhjs7TdMA0GCSqGSIb3DQEBCwUAA4IBAQC3xz1vQvcXAfpcZlngiRWeqU8zQAMQ +LZPCFNv7PVk4pmqX+ZiIRo4f9Zy7TrOVcboCnqmP/b/mNq0gVF4O+88jwXJZD+f8 +/RnABMZcnGU+vK0YmxsAtYU6TIb1uhRFmbF8K80HHbj9vSjBGIQdPCbvmR2zY6VJ +BYM+w9U9hp6H4DVMLKXPc1bFlKA5OBTgUtgkDibWJKFOEPW3UOYwp9uq6pFoN0AO +xMTldqWFsOF3bJIlvOY0c/1EFZXu3Ns6/oCP//Ap9vumldYMUZWmbK+gK33FPOXV +8BQ6jNC29icv7lLDpRPwjibJBXX+peDR5UK4FdYcswWEB1Tix5X8dYu6 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZUxCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSYwJAYDVQQDDB1BbWF6b24gUkRTIGFmLXNvdXRoLTEgUm9vdCBDQTAeFw0xOTEw +MjgxODA2NTNaFw0yNDEwMjgxODA2NTNaMIGQMQswCQYDVQQGEwJVUzETMBEGA1UE +CAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9u +IFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEhMB8GA1UE +AwwYQW1hem9uIFJEUyBhZi1zb3V0aC0xIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAvtV1OqmFa8zCVQSKOvPUJERLVFtd4rZmDpImc5rIoeBk7w/P +9lcKUJjO8R/w1a2lJXx3oQ81tiY0Piw6TpT62YWVRMWrOw8+Vxq1dNaDSFp9I8d0 +UHillSSbOk6FOrPDp+R6AwbGFqUDebbN5LFFoDKbhNmH1BVS0a6YNKpGigLRqhka +cClPslWtPqtjbaP3Jbxl26zWzLo7OtZl98dR225pq8aApNBwmtgA7Gh60HK/cX0t +32W94n8D+GKSg6R4MKredVFqRTi9hCCNUu0sxYPoELuM+mHiqB5NPjtm92EzCWs+ ++vgWhMc6GxG+82QSWx1Vj8sgLqtE/vLrWddf5QIDAQABo2YwZDAOBgNVHQ8BAf8E +BAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUuLB4gYVJrSKJj/Gz +pqc6yeA+RcAwHwYDVR0jBBgwFoAUEEi/WWMcBJsoGXg+EZwkQ0MscZQwDQYJKoZI +hvcNAQELBQADggEBABauYOZxUhe9/RhzGJ8MsWCz8eKcyDVd4FCnY6Qh+9wcmYNT +LtnD88LACtJKb/b81qYzcB0Em6+zVJ3Z9jznfr6buItE6es9wAoja22Xgv44BTHL +rimbgMwpTt3uEMXDffaS0Ww6YWb3pSE0XYI2ISMWz+xRERRf+QqktSaL39zuiaW5 +tfZMre+YhohRa/F0ZQl3RCd6yFcLx4UoSPqQsUl97WhYzwAxZZfwvLJXOc4ATt3u +VlCUylNDkaZztDJc/yN5XQoK9W5nOt2cLu513MGYKbuarQr8f+gYU8S+qOyuSRSP +NRITzwCRVnsJE+2JmcRInn/NcanB7uOGqTvJ9+c= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZUxCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSYwJAYDVQQDDB1BbWF6b24gUkRTIGV1LXNvdXRoLTEgUm9vdCBDQTAeFw0xOTEw +MzAyMDIxMzBaFw0yNDEwMzAyMDIxMzBaMIGQMQswCQYDVQQGEwJVUzETMBEGA1UE +CAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9u +IFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEhMB8GA1UE +AwwYQW1hem9uIFJEUyBldS1zb3V0aC0xIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAtEyjYcajx6xImJn8Vz1zjdmL4ANPgQXwF7+tF7xccmNAZETb +bzb3I9i5fZlmrRaVznX+9biXVaGxYzIUIR3huQ3Q283KsDYnVuGa3mk690vhvJbB +QIPgKa5mVwJppnuJm78KqaSpi0vxyCPe3h8h6LLFawVyWrYNZ4okli1/U582eef8 +RzJp/Ear3KgHOLIiCdPDF0rjOdCG1MOlDLixVnPn9IYOciqO+VivXBg+jtfc5J+L +AaPm0/Yx4uELt1tkbWkm4BvTU/gBOODnYziITZM0l6Fgwvbwgq5duAtKW+h031lC +37rEvrclqcp4wrsUYcLAWX79ZyKIlRxcAdvEhQIDAQABo2YwZDAOBgNVHQ8BAf8E +BAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU7zPyc0azQxnBCe7D +b9KAadH1QSEwHwYDVR0jBBgwFoAUFBAFcgJe/BBuZiGeZ8STfpkgRYQwDQYJKoZI +hvcNAQELBQADggEBAFGaNiYxg7yC/xauXPlaqLCtwbm2dKyK9nIFbF/7be8mk7Q3 +MOA0of1vGHPLVQLr6bJJpD9MAbUcm4cPAwWaxwcNpxOjYOFDaq10PCK4eRAxZWwF +NJRIRmGsl8NEsMNTMCy8X+Kyw5EzH4vWFl5Uf2bGKOeFg0zt43jWQVOX6C+aL3Cd +pRS5MhmYpxMG8irrNOxf4NVFE2zpJOCm3bn0STLhkDcV/ww4zMzObTJhiIb5wSWn +EXKKWhUXuRt7A2y1KJtXpTbSRHQxE++69Go1tWhXtRiULCJtf7wF2Ksm0RR/AdXT +1uR1vKyH5KBJPX3ppYkQDukoHTFR0CpB+G84NLo= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZUxCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSYwJAYDVQQDDB1BbWF6b24gUkRTIG1lLXNvdXRoLTEgUm9vdCBDQTAeFw0xOTA1 +MTAyMTU4NDNaFw0yNTA2MDExMjAwMDBaMIGQMQswCQYDVQQGEwJVUzETMBEGA1UE +CAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9u +IFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEhMB8GA1UE +AwwYQW1hem9uIFJEUyBtZS1zb3V0aC0xIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAudOYPZH+ihJAo6hNYMB5izPVBe3TYhnZm8+X3IoaaYiKtsp1 +JJhkTT0CEejYIQ58Fh4QrMUyWvU8qsdK3diNyQRoYLbctsBPgxBR1u07eUJDv38/ +C1JlqgHmMnMi4y68Iy7ymv50QgAMuaBqgEBRI1R6Lfbyrb2YvH5txjJyTVMwuCfd +YPAtZVouRz0JxmnfsHyxjE+So56uOKTDuw++Ho4HhZ7Qveej7XB8b+PIPuroknd3 +FQB5RVbXRvt5ZcVD4F2fbEdBniF7FAF4dEiofVCQGQ2nynT7dZdEIPfPdH3n7ZmE +lAOmwHQ6G83OsiHRBLnbp+QZRgOsjkHJxT20bQIDAQABo2YwZDAOBgNVHQ8BAf8E +BAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUOEVDM7VomRH4HVdA +QvIMNq2tXOcwHwYDVR0jBBgwFoAU54cfDjgwBx4ycBH8+/r8WXdaiqYwDQYJKoZI +hvcNAQELBQADggEBAHhvMssj+Th8IpNePU6RH0BiL6o9c437R3Q4IEJeFdYL+nZz +PW/rELDPvLRUNMfKM+KzduLZ+l29HahxefejYPXtvXBlq/E/9czFDD4fWXg+zVou +uDXhyrV4kNmP4S0eqsAP/jQHPOZAMFA4yVwO9hlqmePhyDnszCh9c1PfJSBh49+b +4w7i/L3VBOMt8j3EKYvqz0gVfpeqhJwL4Hey8UbVfJRFJMJzfNHpePqtDRAY7yjV +PYquRaV2ab/E+/7VFkWMM4tazYz/qsYA2jSH+4xDHvYk8LnsbcrF9iuidQmEc5sb +FgcWaSKG4DJjcI5k7AJLWcXyTDt21Ci43LE+I9Q= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECDCCAvCgAwIBAgICVIYwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MDQxNzEz +MDRaFw0yNDA4MjIxNzA4NTBaMIGVMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEmMCQGA1UEAwwdQW1h +em9uIFJEUyBhcC1zb3V0aC0xIDIwMTkgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDUYOz1hGL42yUCrcsMSOoU8AeD/3KgZ4q7gP+vAz1WnY9K/kim +eWN/2Qqzlo3+mxSFQFyD4MyV3+CnCPnBl9Sh1G/F6kThNiJ7dEWSWBQGAB6HMDbC +BaAsmUc1UIz8sLTL3fO+S9wYhA63Wun0Fbm/Rn2yk/4WnJAaMZcEtYf6e0KNa0LM +p/kN/70/8cD3iz3dDR8zOZFpHoCtf0ek80QqTich0A9n3JLxR6g6tpwoYviVg89e +qCjQ4axxOkWWeusLeTJCcY6CkVyFvDAKvcUl1ytM5AiaUkXblE7zDFXRM4qMMRdt +lPm8d3pFxh0fRYk8bIKnpmtOpz3RIctDrZZxAgMBAAGjZjBkMA4GA1UdDwEB/wQE +AwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBT99wKJftD3jb4sHoHG +i3uGlH6W6TAfBgNVHSMEGDAWgBRzX2DYvMsDmPQrFzQuNlqmYP+8HzANBgkqhkiG +9w0BAQsFAAOCAQEAZ17hhr3dII3hUfuHQ1hPWGrpJOX/G9dLzkprEIcCidkmRYl+ +hu1Pe3caRMh/17+qsoEErmnVq5jNY9X1GZL04IZH8YbHc7iRHw3HcWAdhN8633+K +jYEB2LbJ3vluCGnCejq9djDb6alOugdLMJzxOkHDhMZ6/gYbECOot+ph1tQuZXzD +tZ7prRsrcuPBChHlPjmGy8M9z8u+kF196iNSUGC4lM8vLkHM7ycc1/ZOwRq9aaTe +iOghbQQyAEe03MWCyDGtSmDfr0qEk+CHN+6hPiaL8qKt4s+V9P7DeK4iW08ny8Ox +AVS7u0OK/5+jKMAMrKwpYrBydOjTUTHScocyNw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBzCCAu+gAwIBAgICQ2QwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MDUxODQ2 +MjlaFw0yNDA4MjIxNzA4NTBaMIGUMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzElMCMGA1UEAwwcQW1h +em9uIFJEUyBzYS1lYXN0LTEgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAMMvR+ReRnOzqJzoaPipNTt1Z2VA968jlN1+SYKUrYM3No+Vpz0H +M6Tn0oYB66ByVsXiGc28ulsqX1HbHsxqDPwvQTKvO7SrmDokoAkjJgLocOLUAeld +5AwvUjxGRP6yY90NV7X786MpnYb2Il9DIIaV9HjCmPt+rjy2CZjS0UjPjCKNfB8J +bFjgW6GGscjeyGb/zFwcom5p4j0rLydbNaOr9wOyQrtt3ZQWLYGY9Zees/b8pmcc +Jt+7jstZ2UMV32OO/kIsJ4rMUn2r/uxccPwAc1IDeRSSxOrnFKhW3Cu69iB3bHp7 +JbawY12g7zshE4I14sHjv3QoXASoXjx4xgMCAwEAAaNmMGQwDgYDVR0PAQH/BAQD +AgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFI1Fc/Ql2jx+oJPgBVYq +ccgP0pQ8MB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqGSIb3 +DQEBCwUAA4IBAQB4VVVabVp70myuYuZ3vltQIWqSUMhkaTzehMgGcHjMf9iLoZ/I +93KiFUSGnek5cRePyS9wcpp0fcBT3FvkjpUdCjVtdttJgZFhBxgTd8y26ImdDDMR +4+BUuhI5msvjL08f+Vkkpu1GQcGmyFVPFOy/UY8iefu+QyUuiBUnUuEDd49Hw0Fn +/kIPII6Vj82a2mWV/Q8e+rgN8dIRksRjKI03DEoP8lhPlsOkhdwU6Uz9Vu6NOB2Q +Ls1kbcxAc7cFSyRVJEhh12Sz9d0q/CQSTFsVJKOjSNQBQfVnLz1GwO/IieUEAr4C +jkTntH0r1LX5b/GwN4R887LvjAEdTbg1his7 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECDCCAvCgAwIBAgIDAIkHMA0GCSqGSIb3DQEBCwUAMIGPMQswCQYDVQQGEwJV +UzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEiMCAGA1UE +CgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJE +UzEgMB4GA1UEAwwXQW1hem9uIFJEUyBSb290IDIwMTkgQ0EwHhcNMTkwOTA2MTc0 +MDIxWhcNMjQwODIyMTcwODUwWjCBlDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldh +c2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIjAgBgNVBAoMGUFtYXpvbiBXZWIg +U2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxJTAjBgNVBAMMHEFt +YXpvbiBSRFMgdXMtd2VzdC0xIDIwMTkgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDD2yzbbAl77OofTghDMEf624OvU0eS9O+lsdO0QlbfUfWa1Kd6 +0WkgjkLZGfSRxEHMCnrv4UPBSK/Qwn6FTjkDLgemhqBtAnplN4VsoDL+BkRX4Wwq +/dSQJE2b+0hm9w9UMVGFDEq1TMotGGTD2B71eh9HEKzKhGzqiNeGsiX4VV+LJzdH +uM23eGisNqmd4iJV0zcAZ+Gbh2zK6fqTOCvXtm7Idccv8vZZnyk1FiWl3NR4WAgK +AkvWTIoFU3Mt7dIXKKClVmvssG8WHCkd3Xcb4FHy/G756UZcq67gMMTX/9fOFM/v +l5C0+CHl33Yig1vIDZd+fXV1KZD84dEJfEvHAgMBAAGjZjBkMA4GA1UdDwEB/wQE +AwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBR+ap20kO/6A7pPxo3+ +T3CfqZpQWjAfBgNVHSMEGDAWgBRzX2DYvMsDmPQrFzQuNlqmYP+8HzANBgkqhkiG +9w0BAQsFAAOCAQEAHCJky2tPjPttlDM/RIqExupBkNrnSYnOK4kr9xJ3sl8UF2DA +PAnYsjXp3rfcjN/k/FVOhxwzi3cXJF/2Tjj39Bm/OEfYTOJDNYtBwB0VVH4ffa/6 +tZl87jaIkrxJcreeeHqYMnIxeN0b/kliyA+a5L2Yb0VPjt9INq34QDc1v74FNZ17 +4z8nr1nzg4xsOWu0Dbjo966lm4nOYIGBRGOKEkHZRZ4mEiMgr3YLkv8gSmeitx57 +Z6dVemNtUic/LVo5Iqw4n3TBS0iF2C1Q1xT/s3h+0SXZlfOWttzSluDvoMv5PvCd +pFjNn+aXLAALoihL1MJSsxydtsLjOBro5eK0Vw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEDDCCAvSgAwIBAgICOFAwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTAxNzQ2 +MjFaFw0yNDA4MjIxNzA4NTBaMIGZMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEqMCgGA1UEAwwhQW1h +em9uIFJEUyBhcC1ub3J0aGVhc3QtMiAyMDE5IENBMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAzU72e6XbaJbi4HjJoRNjKxzUEuChKQIt7k3CWzNnmjc5 +8I1MjCpa2W1iw1BYVysXSNSsLOtUsfvBZxi/1uyMn5ZCaf9aeoA9UsSkFSZBjOCN +DpKPCmfV1zcEOvJz26+1m8WDg+8Oa60QV0ou2AU1tYcw98fOQjcAES0JXXB80P2s +3UfkNcnDz+l4k7j4SllhFPhH6BQ4lD2NiFAP4HwoG6FeJUn45EPjzrydxjq6v5Fc +cQ8rGuHADVXotDbEhaYhNjIrsPL+puhjWfhJjheEw8c4whRZNp6gJ/b6WEes/ZhZ +h32DwsDsZw0BfRDUMgUn8TdecNexHUw8vQWeC181hwIDAQABo2YwZDAOBgNVHQ8B +Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUwW9bWgkWkr0U +lrOsq2kvIdrECDgwHwYDVR0jBBgwFoAUc19g2LzLA5j0Kxc0LjZapmD/vB8wDQYJ +KoZIhvcNAQELBQADggEBAEugF0Gj7HVhX0ehPZoGRYRt3PBuI2YjfrrJRTZ9X5wc +9T8oHmw07mHmNy1qqWvooNJg09bDGfB0k5goC2emDiIiGfc/kvMLI7u+eQOoMKj6 +mkfCncyRN3ty08Po45vTLBFZGUvtQmjM6yKewc4sXiASSBmQUpsMbiHRCL72M5qV +obcJOjGcIdDTmV1BHdWT+XcjynsGjUqOvQWWhhLPrn4jWe6Xuxll75qlrpn3IrIx +CRBv/5r7qbcQJPOgwQsyK4kv9Ly8g7YT1/vYBlR3cRsYQjccw5ceWUj2DrMVWhJ4 +prf+E3Aa4vYmLLOUUvKnDQ1k3RGNu56V0tonsQbfsaM= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECjCCAvKgAwIBAgICEzUwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTAyMDUy +MjVaFw0yNDA4MjIxNzA4NTBaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEoMCYGA1UEAwwfQW1h +em9uIFJEUyBjYS1jZW50cmFsLTEgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAOxHqdcPSA2uBjsCP4DLSlqSoPuQ/X1kkJLusVRKiQE2zayB +viuCBt4VB9Qsh2rW3iYGM+usDjltGnI1iUWA5KHcvHszSMkWAOYWLiMNKTlg6LCp +XnE89tvj5dIH6U8WlDvXLdjB/h30gW9JEX7S8supsBSci2GxEzb5mRdKaDuuF/0O +qvz4YE04pua3iZ9QwmMFuTAOYzD1M72aOpj+7Ac+YLMM61qOtU+AU6MndnQkKoQi +qmUN2A9IFaqHFzRlSdXwKCKUA4otzmz+/N3vFwjb5F4DSsbsrMfjeHMo6o/nb6Nh +YDb0VJxxPee6TxSuN7CQJ2FxMlFUezcoXqwqXD0CAwEAAaNmMGQwDgYDVR0PAQH/ +BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFDGGpon9WfIpsggE +CxHq8hZ7E2ESMB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqG +SIb3DQEBCwUAA4IBAQAvpeQYEGZvoTVLgV9rd2+StPYykMsmFjWQcyn3dBTZRXC2 +lKq7QhQczMAOhEaaN29ZprjQzsA2X/UauKzLR2Uyqc2qOeO9/YOl0H3qauo8C/W9 +r8xqPbOCDLEXlOQ19fidXyyEPHEq5WFp8j+fTh+s8WOx2M7IuC0ANEetIZURYhSp +xl9XOPRCJxOhj7JdelhpweX0BJDNHeUFi0ClnFOws8oKQ7sQEv66d5ddxqqZ3NVv +RbCvCtEutQMOUMIuaygDlMn1anSM8N7Wndx8G6+Uy67AnhjGx7jw/0YPPxopEj6x +JXP8j0sJbcT9K/9/fPVLNT25RvQ/93T2+IQL4Ca2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBzCCAu+gAwIBAgICYpgwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTExNzMx +NDhaFw0yNDA4MjIxNzA4NTBaMIGUMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzElMCMGA1UEAwwcQW1h +em9uIFJEUyBldS13ZXN0LTEgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAMk3YdSZ64iAYp6MyyKtYJtNzv7zFSnnNf6vv0FB4VnfITTMmOyZ +LXqKAT2ahZ00hXi34ewqJElgU6eUZT/QlzdIu359TEZyLVPwURflL6SWgdG01Q5X +O++7fSGcBRyIeuQWs9FJNIIqK8daF6qw0Rl5TXfu7P9dBc3zkgDXZm2DHmxGDD69 +7liQUiXzoE1q2Z9cA8+jirDioJxN9av8hQt12pskLQumhlArsMIhjhHRgF03HOh5 +tvi+RCfihVOxELyIRTRpTNiIwAqfZxxTWFTgfn+gijTmd0/1DseAe82aYic8JbuS +EMbrDduAWsqrnJ4GPzxHKLXX0JasCUcWyMECAwEAAaNmMGQwDgYDVR0PAQH/BAQD +AgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFPLtsq1NrwJXO13C9eHt +sLY11AGwMB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqGSIb3 +DQEBCwUAA4IBAQAnWBKj5xV1A1mYd0kIgDdkjCwQkiKF5bjIbGkT3YEFFbXoJlSP +0lZZ/hDaOHI8wbLT44SzOvPEEmWF9EE7SJzkvSdQrUAWR9FwDLaU427ALI3ngNHy +lGJ2hse1fvSRNbmg8Sc9GBv8oqNIBPVuw+AJzHTacZ1OkyLZrz1c1QvwvwN2a+Jd +vH0V0YIhv66llKcYDMUQJAQi4+8nbRxXWv6Gq3pvrFoorzsnkr42V3JpbhnYiK+9 +nRKd4uWl62KRZjGkfMbmsqZpj2fdSWMY1UGyN1k+kDmCSWYdrTRDP0xjtIocwg+A +J116n4hV/5mbA0BaPiS2krtv17YAeHABZcvz +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECjCCAvKgAwIBAgICV2YwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTExOTM2 +MjBaFw0yNDA4MjIxNzA4NTBaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEoMCYGA1UEAwwfQW1h +em9uIFJEUyBldS1jZW50cmFsLTEgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAMEx54X2pHVv86APA0RWqxxRNmdkhAyp2R1cFWumKQRofoFv +n+SPXdkpIINpMuEIGJANozdiEz7SPsrAf8WHyD93j/ZxrdQftRcIGH41xasetKGl +I67uans8d+pgJgBKGb/Z+B5m+UsIuEVekpvgpwKtmmaLFC/NCGuSsJoFsRqoa6Gh +m34W6yJoY87UatddCqLY4IIXaBFsgK9Q/wYzYLbnWM6ZZvhJ52VMtdhcdzeTHNW0 +5LGuXJOF7Ahb4JkEhoo6TS2c0NxB4l4MBfBPgti+O7WjR3FfZHpt18A6Zkq6A2u6 +D/oTSL6c9/3sAaFTFgMyL3wHb2YlW0BPiljZIqECAwEAAaNmMGQwDgYDVR0PAQH/ +BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFOcAToAc6skWffJa +TnreaswAfrbcMB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqG +SIb3DQEBCwUAA4IBAQA1d0Whc1QtspK496mFWfFEQNegLh0a9GWYlJm+Htcj5Nxt +DAIGXb+8xrtOZFHmYP7VLCT5Zd2C+XytqseK/+s07iAr0/EPF+O2qcyQWMN5KhgE +cXw2SwuP9FPV3i+YAm11PBVeenrmzuk9NrdHQ7TxU4v7VGhcsd2C++0EisrmquWH +mgIfmVDGxphwoES52cY6t3fbnXmTkvENvR+h3rj+fUiSz0aSo+XZUGHPgvuEKM/W +CBD9Smc9CBoBgvy7BgHRgRUmwtABZHFUIEjHI5rIr7ZvYn+6A0O6sogRfvVYtWFc +qpyrW1YX8mD0VlJ8fGKM3G+aCOsiiPKDV/Uafrm+ +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECDCCAvCgAwIBAgICGAcwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTIxODE5 +NDRaFw0yNDA4MjIxNzA4NTBaMIGVMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEmMCQGA1UEAwwdQW1h +em9uIFJEUyBldS1ub3J0aC0xIDIwMTkgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQCiIYnhe4UNBbdBb/nQxl5giM0XoVHWNrYV5nB0YukA98+TPn9v +Aoj1RGYmtryjhrf01Kuv8SWO+Eom95L3zquoTFcE2gmxCfk7bp6qJJ3eHOJB+QUO +XsNRh76fwDzEF1yTeZWH49oeL2xO13EAx4PbZuZpZBttBM5zAxgZkqu4uWQczFEs +JXfla7z2fvWmGcTagX10O5C18XaFroV0ubvSyIi75ue9ykg/nlFAeB7O0Wxae88e +uhiBEFAuLYdqWnsg3459NfV8Yi1GnaitTym6VI3tHKIFiUvkSiy0DAlAGV2iiyJE +q+DsVEO4/hSINJEtII4TMtysOsYPpINqeEzRAgMBAAGjZjBkMA4GA1UdDwEB/wQE +AwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRR0UpnbQyjnHChgmOc +hnlc0PogzTAfBgNVHSMEGDAWgBRzX2DYvMsDmPQrFzQuNlqmYP+8HzANBgkqhkiG +9w0BAQsFAAOCAQEAKJD4xVzSf4zSGTBJrmamo86jl1NHQxXUApAZuBZEc8tqC6TI +T5CeoSr9CMuVC8grYyBjXblC4OsM5NMvmsrXl/u5C9dEwtBFjo8mm53rOOIm1fxl +I1oYB/9mtO9ANWjkykuLzWeBlqDT/i7ckaKwalhLODsRDO73vRhYNjsIUGloNsKe +pxw3dzHwAZx4upSdEVG4RGCZ1D0LJ4Gw40OfD69hfkDfRVVxKGrbEzqxXRvovmDc +tKLdYZO/6REoca36v4BlgIs1CbUXJGLSXUwtg7YXGLSVBJ/U0+22iGJmBSNcoyUN +cjPFD9JQEhDDIYYKSGzIYpvslvGc4T5ISXFiuQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBzCCAu+gAwIBAgICZIEwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTIyMTMy +MzJaFw0yNDA4MjIxNzA4NTBaMIGUMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzElMCMGA1UEAwwcQW1h +em9uIFJEUyBldS13ZXN0LTIgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBALGiwqjiF7xIjT0Sx7zB3764K2T2a1DHnAxEOr+/EIftWKxWzT3u +PFwS2eEZcnKqSdRQ+vRzonLBeNLO4z8aLjQnNbkizZMBuXGm4BqRm1Kgq3nlLDQn +7YqdijOq54SpShvR/8zsO4sgMDMmHIYAJJOJqBdaus2smRt0NobIKc0liy7759KB +6kmQ47Gg+kfIwxrQA5zlvPLeQImxSoPi9LdbRoKvu7Iot7SOa+jGhVBh3VdqndJX +7tm/saj4NE375csmMETFLAOXjat7zViMRwVorX4V6AzEg1vkzxXpA9N7qywWIT5Y +fYaq5M8i6vvLg0CzrH9fHORtnkdjdu1y+0MCAwEAAaNmMGQwDgYDVR0PAQH/BAQD +AgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFFOhOx1yt3Z7mvGB9jBv +2ymdZwiOMB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqGSIb3 +DQEBCwUAA4IBAQBehqY36UGDvPVU9+vtaYGr38dBbp+LzkjZzHwKT1XJSSUc2wqM +hnCIQKilonrTIvP1vmkQi8qHPvDRtBZKqvz/AErW/ZwQdZzqYNFd+BmOXaeZWV0Q +oHtDzXmcwtP8aUQpxN0e1xkWb1E80qoy+0uuRqb/50b/R4Q5qqSfJhkn6z8nwB10 +7RjLtJPrK8igxdpr3tGUzfAOyiPrIDncY7UJaL84GFp7WWAkH0WG3H8Y8DRcRXOU +mqDxDLUP3rNuow3jnGxiUY+gGX5OqaZg4f4P6QzOSmeQYs6nLpH0PiN00+oS1BbD +bpWdZEttILPI+vAYkU4QuBKKDjJL6HbSd+cn +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECDCCAvCgAwIBAgIDAIVCMA0GCSqGSIb3DQEBCwUAMIGPMQswCQYDVQQGEwJV +UzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEiMCAGA1UE +CgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJE +UzEgMB4GA1UEAwwXQW1hem9uIFJEUyBSb290IDIwMTkgQ0EwHhcNMTkwOTEzMTcw +NjQxWhcNMjQwODIyMTcwODUwWjCBlDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldh +c2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIjAgBgNVBAoMGUFtYXpvbiBXZWIg +U2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxJTAjBgNVBAMMHEFt +YXpvbiBSRFMgdXMtZWFzdC0yIDIwMTkgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDE+T2xYjUbxOp+pv+gRA3FO24+1zCWgXTDF1DHrh1lsPg5k7ht +2KPYzNc+Vg4E+jgPiW0BQnA6jStX5EqVh8BU60zELlxMNvpg4KumniMCZ3krtMUC +au1NF9rM7HBh+O+DYMBLK5eSIVt6lZosOb7bCi3V6wMLA8YqWSWqabkxwN4w0vXI +8lu5uXXFRemHnlNf+yA/4YtN4uaAyd0ami9+klwdkZfkrDOaiy59haOeBGL8EB/c +dbJJlguHH5CpCscs3RKtOOjEonXnKXldxarFdkMzi+aIIjQ8GyUOSAXHtQHb3gZ4 +nS6Ey0CMlwkB8vUObZU9fnjKJcL5QCQqOfwvAgMBAAGjZjBkMA4GA1UdDwEB/wQE +AwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQUPuRHohPxx4VjykmH +6usGrLL1ETAfBgNVHSMEGDAWgBRzX2DYvMsDmPQrFzQuNlqmYP+8HzANBgkqhkiG +9w0BAQsFAAOCAQEAUdR9Vb3y33Yj6X6KGtuthZ08SwjImVQPtknzpajNE5jOJAh8 +quvQnU9nlnMO85fVDU1Dz3lLHGJ/YG1pt1Cqq2QQ200JcWCvBRgdvH6MjHoDQpqZ +HvQ3vLgOGqCLNQKFuet9BdpsHzsctKvCVaeBqbGpeCtt3Hh/26tgx0rorPLw90A2 +V8QSkZJjlcKkLa58N5CMM8Xz8KLWg3MZeT4DmlUXVCukqK2RGuP2L+aME8dOxqNv +OnOz1zrL5mR2iJoDpk8+VE/eBDmJX40IJk6jBjWoxAO/RXq+vBozuF5YHN1ujE92 +tO8HItgTp37XT8bJBAiAnt5mxw+NLSqtxk2QdQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEDDCCAvSgAwIBAgICY4kwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTMyMDEx +NDJaFw0yNDA4MjIxNzA4NTBaMIGZMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEqMCgGA1UEAwwhQW1h +em9uIFJEUyBhcC1zb3V0aGVhc3QtMSAyMDE5IENBMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAr5u9OuLL/OF/fBNUX2kINJLzFl4DnmrhnLuSeSnBPgbb +qddjf5EFFJBfv7IYiIWEFPDbDG5hoBwgMup5bZDbas+ZTJTotnnxVJTQ6wlhTmns +eHECcg2pqGIKGrxZfbQhlj08/4nNAPvyYCTS0bEcmQ1emuDPyvJBYDDLDU6AbCB5 +6Z7YKFQPTiCBblvvNzchjLWF9IpkqiTsPHiEt21sAdABxj9ityStV3ja/W9BfgxH +wzABSTAQT6FbDwmQMo7dcFOPRX+hewQSic2Rn1XYjmNYzgEHisdUsH7eeXREAcTw +61TRvaLH8AiOWBnTEJXPAe6wYfrcSd1pD0MXpoB62wIDAQABo2YwZDAOBgNVHQ8B +Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUytwMiomQOgX5 +Ichd+2lDWRUhkikwHwYDVR0jBBgwFoAUc19g2LzLA5j0Kxc0LjZapmD/vB8wDQYJ +KoZIhvcNAQELBQADggEBACf6lRDpfCD7BFRqiWM45hqIzffIaysmVfr+Jr+fBTjP +uYe/ba1omSrNGG23bOcT9LJ8hkQJ9d+FxUwYyICQNWOy6ejicm4z0C3VhphbTPqj +yjpt9nG56IAcV8BcRJh4o/2IfLNzC/dVuYJV8wj7XzwlvjysenwdrJCoLadkTr1h +eIdG6Le07sB9IxrGJL9e04afk37h7c8ESGSE4E+oS4JQEi3ATq8ne1B9DQ9SasXi +IRmhNAaISDzOPdyLXi9N9V9Lwe/DHcja7hgLGYx3UqfjhLhOKwp8HtoZORixAmOI +HfILgNmwyugAbuZoCazSKKBhQ0wgO0WZ66ZKTMG8Oho= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBzCCAu+gAwIBAgICUYkwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTYxODIx +MTVaFw0yNDA4MjIxNzA4NTBaMIGUMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzElMCMGA1UEAwwcQW1h +em9uIFJEUyB1cy13ZXN0LTIgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANCEZBZyu6yJQFZBJmSUZfSZd3Ui2gitczMKC4FLr0QzkbxY+cLa +uVONIOrPt4Rwi+3h/UdnUg917xao3S53XDf1TDMFEYp4U8EFPXqCn/GXBIWlU86P +PvBN+gzw3nS+aco7WXb+woTouvFVkk8FGU7J532llW8o/9ydQyDIMtdIkKTuMfho +OiNHSaNc+QXQ32TgvM9A/6q7ksUoNXGCP8hDOkSZ/YOLiI5TcdLh/aWj00ziL5bj +pvytiMZkilnc9dLY9QhRNr0vGqL0xjmWdoEXz9/OwjmCihHqJq+20MJPsvFm7D6a +2NKybR9U+ddrjb8/iyLOjURUZnj5O+2+OPcCAwEAAaNmMGQwDgYDVR0PAQH/BAQD +AgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFEBxMBdv81xuzqcK5TVu +pHj+Aor8MB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqGSIb3 +DQEBCwUAA4IBAQBZkfiVqGoJjBI37aTlLOSjLcjI75L5wBrwO39q+B4cwcmpj58P +3sivv+jhYfAGEbQnGRzjuFoyPzWnZ1DesRExX+wrmHsLLQbF2kVjLZhEJMHF9eB7 +GZlTPdTzHErcnuXkwA/OqyXMpj9aghcQFuhCNguEfnROY9sAoK2PTfnTz9NJHL+Q +UpDLEJEUfc0GZMVWYhahc0x38ZnSY2SKacIPECQrTI0KpqZv/P+ijCEcMD9xmYEb +jL4en+XKS1uJpw5fIU5Sj0MxhdGstH6S84iAE5J3GM3XHklGSFwwqPYvuTXvANH6 +uboynxRgSae59jIlAK6Jrr6GWMwQRbgcaAlW +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEDDCCAvSgAwIBAgICEkYwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTYxOTUz +NDdaFw0yNDA4MjIxNzA4NTBaMIGZMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEqMCgGA1UEAwwhQW1h +em9uIFJEUyBhcC1zb3V0aGVhc3QtMiAyMDE5IENBMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAufodI2Flker8q7PXZG0P0vmFSlhQDw907A6eJuF/WeMo +GHnll3b4S6nC3oRS3nGeRMHbyU2KKXDwXNb3Mheu+ox+n5eb/BJ17eoj9HbQR1cd +gEkIciiAltf8gpMMQH4anP7TD+HNFlZnP7ii3geEJB2GGXSxgSWvUzH4etL67Zmn +TpGDWQMB0T8lK2ziLCMF4XAC/8xDELN/buHCNuhDpxpPebhct0T+f6Arzsiswt2j +7OeNeLLZwIZvVwAKF7zUFjC6m7/VmTQC8nidVY559D6l0UhhU0Co/txgq3HVsMOH +PbxmQUwJEKAzQXoIi+4uZzHFZrvov/nDTNJUhC6DqwIDAQABo2YwZDAOBgNVHQ8B +Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUwaZpaCme+EiV +M5gcjeHZSTgOn4owHwYDVR0jBBgwFoAUc19g2LzLA5j0Kxc0LjZapmD/vB8wDQYJ +KoZIhvcNAQELBQADggEBAAR6a2meCZuXO2TF9bGqKGtZmaah4pH2ETcEVUjkvXVz +sl+ZKbYjrun+VkcMGGKLUjS812e7eDF726ptoku9/PZZIxlJB0isC/0OyixI8N4M +NsEyvp52XN9QundTjkl362bomPnHAApeU0mRbMDRR2JdT70u6yAzGLGsUwMkoNnw +1VR4XKhXHYGWo7KMvFrZ1KcjWhubxLHxZWXRulPVtGmyWg/MvE6KF+2XMLhojhUL ++9jB3Fpn53s6KMx5tVq1x8PukHmowcZuAF8k+W4gk8Y68wIwynrdZrKRyRv6CVtR +FZ8DeJgoNZT3y/GT254VqMxxfuy2Ccb/RInd16tEvVk= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEDDCCAvSgAwIBAgICOYIwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTcyMDA1 +MjlaFw0yNDA4MjIxNzA4NTBaMIGZMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEqMCgGA1UEAwwhQW1h +em9uIFJEUyBhcC1ub3J0aGVhc3QtMyAyMDE5IENBMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA4dMak8W+XW8y/2F6nRiytFiA4XLwePadqWebGtlIgyCS +kbug8Jv5w7nlMkuxOxoUeD4WhI6A9EkAn3r0REM/2f0aYnd2KPxeqS2MrtdxxHw1 +xoOxk2x0piNSlOz6yog1idsKR5Wurf94fvM9FdTrMYPPrDabbGqiBMsZZmoHLvA3 +Z+57HEV2tU0Ei3vWeGIqnNjIekS+E06KhASxrkNU5vi611UsnYZlSi0VtJsH4UGV +LhnHl53aZL0YFO5mn/fzuNG/51qgk/6EFMMhaWInXX49Dia9FnnuWXwVwi6uX1Wn +7kjoHi5VtmC8ZlGEHroxX2DxEr6bhJTEpcLMnoQMqwIDAQABo2YwZDAOBgNVHQ8B +Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUsUI5Cb3SWB8+ +gv1YLN/ABPMdxSAwHwYDVR0jBBgwFoAUc19g2LzLA5j0Kxc0LjZapmD/vB8wDQYJ +KoZIhvcNAQELBQADggEBAJAF3E9PM1uzVL8YNdzb6fwJrxxqI2shvaMVmC1mXS+w +G0zh4v2hBZOf91l1EO0rwFD7+fxoI6hzQfMxIczh875T6vUXePKVOCOKI5wCrDad +zQbVqbFbdhsBjF4aUilOdtw2qjjs9JwPuB0VXN4/jY7m21oKEOcnpe36+7OiSPjN +xngYewCXKrSRqoj3mw+0w/+exYj3Wsush7uFssX18av78G+ehKPIVDXptOCP/N7W +8iKVNeQ2QGTnu2fzWsGUSvMGyM7yqT+h1ILaT//yQS8er511aHMLc142bD4D9VSy +DgactwPDTShK/PXqhvNey9v/sKXm4XatZvwcc8KYlW4= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEDDCCAvSgAwIBAgICcEUwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTgxNjU2 +MjBaFw0yNDA4MjIxNzA4NTBaMIGZMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzEqMCgGA1UEAwwhQW1h +em9uIFJEUyBhcC1ub3J0aGVhc3QtMSAyMDE5IENBMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAndtkldmHtk4TVQAyqhAvtEHSMb6pLhyKrIFved1WO3S7 ++I+bWwv9b2W/ljJxLq9kdT43bhvzonNtI4a1LAohS6bqyirmk8sFfsWT3akb+4Sx +1sjc8Ovc9eqIWJCrUiSvv7+cS7ZTA9AgM1PxvHcsqrcUXiK3Jd/Dax9jdZE1e15s +BEhb2OEPE+tClFZ+soj8h8Pl2Clo5OAppEzYI4LmFKtp1X/BOf62k4jviXuCSst3 +UnRJzE/CXtjmN6oZySVWSe0rQYuyqRl6//9nK40cfGKyxVnimB8XrrcxUN743Vud +QQVU0Esm8OVTX013mXWQXJHP2c0aKkog8LOga0vobQIDAQABo2YwZDAOBgNVHQ8B +Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQULmoOS1mFSjj+ +snUPx4DgS3SkLFYwHwYDVR0jBBgwFoAUc19g2LzLA5j0Kxc0LjZapmD/vB8wDQYJ +KoZIhvcNAQELBQADggEBAAkVL2P1M2/G9GM3DANVAqYOwmX0Xk58YBHQu6iiQg4j +b4Ky/qsZIsgT7YBsZA4AOcPKQFgGTWhe9pvhmXqoN3RYltN8Vn7TbUm/ZVDoMsrM +gwv0+TKxW1/u7s8cXYfHPiTzVSJuOogHx99kBW6b2f99GbP7O1Sv3sLq4j6lVvBX +Fiacf5LAWC925nvlTzLlBgIc3O9xDtFeAGtZcEtxZJ4fnGXiqEnN4539+nqzIyYq +nvlgCzyvcfRAxwltrJHuuRu6Maw5AGcd2Y0saMhqOVq9KYKFKuD/927BTrbd2JVf +2sGWyuPZPCk3gq+5pCjbD0c6DkhcMGI6WwxvM5V/zSM= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBzCCAu+gAwIBAgICJDQwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTgxNzAz +MTVaFw0yNDA4MjIxNzA4NTBaMIGUMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzElMCMGA1UEAwwcQW1h +em9uIFJEUyBldS13ZXN0LTMgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAL9bL7KE0n02DLVtlZ2PL+g/BuHpMYFq2JnE2RgompGurDIZdjmh +1pxfL3nT+QIVMubuAOy8InRfkRxfpxyjKYdfLJTPJG+jDVL+wDcPpACFVqoV7Prg +pVYEV0lc5aoYw4bSeYFhdzgim6F8iyjoPnObjll9mo4XsHzSoqJLCd0QC+VG9Fw2 +q+GDRZrLRmVM2oNGDRbGpGIFg77aRxRapFZa8SnUgs2AqzuzKiprVH5i0S0M6dWr +i+kk5epmTtkiDHceX+dP/0R1NcnkCPoQ9TglyXyPdUdTPPRfKCq12dftqll+u4mV +ARdN6WFjovxax8EAP2OAUTi1afY+1JFMj+sCAwEAAaNmMGQwDgYDVR0PAQH/BAQD +AgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFLfhrbrO5exkCVgxW0x3 +Y2mAi8lNMB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqGSIb3 +DQEBCwUAA4IBAQAigQ5VBNGyw+OZFXwxeJEAUYaXVoP/qrhTOJ6mCE2DXUVEoJeV +SxScy/TlFA9tJXqmit8JH8VQ/xDL4ubBfeMFAIAo4WzNWDVoeVMqphVEcDWBHsI1 +AETWzfsapRS9yQekOMmxg63d/nV8xewIl8aNVTHdHYXMqhhik47VrmaVEok1UQb3 +O971RadLXIEbVd9tjY5bMEHm89JsZDnDEw1hQXBb67Elu64OOxoKaHBgUH8AZn/2 +zFsL1ynNUjOhCSAA15pgd1vjwc0YsBbAEBPcHBWYBEyME6NLNarjOzBl4FMtATSF +wWCKRGkvqN8oxYhwR2jf2rR5Mu4DWkK5Q8Ep +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBzCCAu+gAwIBAgICJVUwDQYJKoZIhvcNAQELBQAwgY8xCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSAwHgYDVQQDDBdBbWF6b24gUkRTIFJvb3QgMjAxOSBDQTAeFw0xOTA5MTkxODE2 +NTNaFw0yNDA4MjIxNzA4NTBaMIGUMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2Fz +aGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEiMCAGA1UECgwZQW1hem9uIFdlYiBT +ZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzElMCMGA1UEAwwcQW1h +em9uIFJEUyB1cy1lYXN0LTEgMjAxOSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAM3i/k2u6cqbMdcISGRvh+m+L0yaSIoOXjtpNEoIftAipTUYoMhL +InXGlQBVA4shkekxp1N7HXe1Y/iMaPEyb3n+16pf3vdjKl7kaSkIhjdUz3oVUEYt +i8Z/XeJJ9H2aEGuiZh3kHixQcZczn8cg3dA9aeeyLSEnTkl/npzLf//669Ammyhs +XcAo58yvT0D4E0D/EEHf2N7HRX7j/TlyWvw/39SW0usiCrHPKDLxByLojxLdHzso +QIp/S04m+eWn6rmD+uUiRteN1hI5ncQiA3wo4G37mHnUEKo6TtTUh+sd/ku6a8HK +glMBcgqudDI90s1OpuIAWmuWpY//8xEG2YECAwEAAaNmMGQwDgYDVR0PAQH/BAQD +AgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFPqhoWZcrVY9mU7tuemR +RBnQIj1jMB8GA1UdIwQYMBaAFHNfYNi8ywOY9CsXNC42WqZg/7wfMA0GCSqGSIb3 +DQEBCwUAA4IBAQB6zOLZ+YINEs72heHIWlPZ8c6WY8MDU+Be5w1M+BK2kpcVhCUK +PJO4nMXpgamEX8DIiaO7emsunwJzMSvavSPRnxXXTKIc0i/g1EbiDjnYX9d85DkC +E1LaAUCmCZBVi9fIe0H2r9whIh4uLWZA41oMnJx/MOmo3XyMfQoWcqaSFlMqfZM4 +0rNoB/tdHLNuV4eIdaw2mlHxdWDtF4oH+HFm+2cVBUVC1jXKrFv/euRVtsTT+A6i +h2XBHKxQ1Y4HgAn0jACP2QSPEmuoQEIa57bEKEcZsBR8SDY6ZdTd2HLRIApcCOSF +MRM8CKLeF658I0XgF8D5EsYoKPsA+74Z+jDH +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEETCCAvmgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSUwIwYDVQQDDBxBbWF6b24gUkRTIEJldGEgUm9vdCAyMDE5IENBMB4XDTE5MDgy +MDE3MTAwN1oXDTI0MDgxOTE3MzgyNlowgZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQI +DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMSIwIAYDVQQKDBlBbWF6b24g +V2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMSowKAYDVQQD +DCFBbWF6b24gUkRTIEJldGEgdXMtZWFzdC0xIDIwMTkgQ0EwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDTNCOlotQcLP8TP82U2+nk0bExVuuMVOgFeVMx +vbUHZQeIj9ikjk+jm6eTDnnkhoZcmJiJgRy+5Jt69QcRbb3y3SAU7VoHgtraVbxF +QDh7JEHI9tqEEVOA5OvRrDRcyeEYBoTDgh76ROco2lR+/9uCvGtHVrMCtG7BP7ZB +sSVNAr1IIRZZqKLv2skKT/7mzZR2ivcw9UeBBTUf8xsfiYVBvMGoEsXEycjYdf6w +WV+7XS7teNOc9UgsFNN+9AhIBc1jvee5E//72/4F8pAttAg/+mmPUyIKtekNJ4gj +OAR2VAzGx1ybzWPwIgOudZFHXFduxvq4f1hIRPH0KbQ/gkRrAgMBAAGjZjBkMA4G +A1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTkvpCD +6C43rar9TtJoXr7q8dkrrjAfBgNVHSMEGDAWgBStoQwVpbGx87fxB3dEGDqKKnBT +4TANBgkqhkiG9w0BAQsFAAOCAQEAJd9fOSkwB3uVdsS+puj6gCER8jqmhd3g/J5V +Zjk9cKS8H0e8pq/tMxeJ8kpurPAzUk5RkCspGt2l0BSwmf3ahr8aJRviMX6AuW3/ +g8aKplTvq/WMNGKLXONa3Sq8591J+ce8gtOX/1rDKmFI4wQ/gUzOSYiT991m7QKS +Fr6HMgFuz7RNJbb3Fy5cnurh8eYWA7mMv7laiLwTNsaro5qsqErD5uXuot6o9beT +a+GiKinEur35tNxAr47ax4IRubuIzyfCrezjfKc5raVV2NURJDyKP0m0CCaffAxE +qn2dNfYc3v1D8ypg3XjHlOzRo32RB04o8ALHMD9LSwsYDLpMag== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEFzCCAv+gAwIBAgICFSUwDQYJKoZIhvcNAQELBQAwgZcxCzAJBgNVBAYTAlVT +MRAwDgYDVQQHDAdTZWF0dGxlMRMwEQYDVQQIDApXYXNoaW5ndG9uMSIwIAYDVQQK +DBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRT +MSgwJgYDVQQDDB9BbWF6b24gUkRTIFByZXZpZXcgUm9vdCAyMDE5IENBMB4XDTE5 +MDgyMTIyMzk0N1oXDTI0MDgyMTIyMjk0OVowgZwxCzAJBgNVBAYTAlVTMRMwEQYD +VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMSIwIAYDVQQKDBlBbWF6 +b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMS0wKwYD +VQQDDCRBbWF6b24gUkRTIFByZXZpZXcgdXMtZWFzdC0yIDIwMTkgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0dB/U7qRnSf05wOi7m10Pa2uPMTJv +r6U/3Y17a5prq5Zr4++CnSUYarG51YuIf355dKs+7Lpzs782PIwCmLpzAHKWzix6 +pOaTQ+WZ0+vUMTxyqgqWbsBgSCyP7pVBiyqnmLC/L4az9XnscrbAX4pNaoJxsuQe +mzBo6yofjQaAzCX69DuqxFkVTRQnVy7LCFkVaZtjNAftnAHJjVgQw7lIhdGZp9q9 +IafRt2gteihYfpn+EAQ/t/E4MnhrYs4CPLfS7BaYXBycEKC5Muj1l4GijNNQ0Efo +xG8LSZz7SNgUvfVwiNTaqfLP3AtEAWiqxyMyh3VO+1HpCjT7uNBFtmF3AgMBAAGj +ZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQW +BBQtinkdrj+0B2+qdXngV2tgHnPIujAfBgNVHSMEGDAWgBRp0xqULkNh/w2ZVzEI +o2RIY7O03TANBgkqhkiG9w0BAQsFAAOCAQEAtJdqbCxDeMc8VN1/RzCabw9BIL/z +73Auh8eFTww/sup26yn8NWUkfbckeDYr1BrXa+rPyLfHpg06kwR8rBKyrs5mHwJx +bvOzXD/5WTdgreB+2Fb7mXNvWhenYuji1MF+q1R2DXV3I05zWHteKX6Dajmx+Uuq +Yq78oaCBSV48hMxWlp8fm40ANCL1+gzQ122xweMFN09FmNYFhwuW+Ao+Vv90ZfQG +PYwTvN4n/gegw2TYcifGZC2PNX74q3DH03DXe5fvNgRW5plgz/7f+9mS+YHd5qa9 +tYTPUvoRbi169ou6jicsMKUKPORHWhiTpSCWR1FMMIbsAcsyrvtIsuaGCQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIQdOCSuA9psBpQd8EI368/0DANBgkqhkiG9w0BAQsFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIHNhLWVhc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTE5MTgwNjI2WhgPMjA2MTA1MTkxOTA2MjZaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgc2EtZWFzdC0xIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6ftL6w8v3dB2yW +LjCxSP1D7ZsOTeLZOSCz1Zv0Gkd0XLhil5MdHOHBvwH/DrXqFU2oGzCRuAy+aZis +DardJU6ChyIQIciXCO37f0K23edhtpXuruTLLwUwzeEPdcnLPCX+sWEn9Y5FPnVm +pCd6J8edH2IfSGoa9LdErkpuESXdidLym/w0tWG/O2By4TabkNSmpdrCL00cqI+c +prA8Bx1jX8/9sY0gpAovtuFaRN+Ivg3PAnWuhqiSYyQ5nC2qDparOWuDiOhpY56E +EgmTvjwqMMjNtExfYx6Rv2Ndu50TriiNKEZBzEtkekwXInTupmYTvc7U83P/959V +UiQ+WSMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU4uYHdH0+ +bUeh81Eq2l5/RJbW+vswDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IB +AQBhxcExJ+w74bvDknrPZDRgTeMLYgbVJjx2ExH7/Ac5FZZWcpUpFwWMIJJxtewI +AnhryzM3tQYYd4CG9O+Iu0+h/VVfW7e4O3joWVkxNMb820kQSEwvZfA78aItGwOY +WSaFNVRyloVicZRNJSyb1UL9EiJ9ldhxm4LTT0ax+4ontI7zTx6n6h8Sr6r/UOvX +d9T5aUUENWeo6M9jGupHNn3BobtL7BZm2oS8wX8IVYj4tl0q5T89zDi2x0MxbsIV +5ZjwqBQ5JWKv7ASGPb+z286RjPA9R2knF4lJVZrYuNV90rHvI/ECyt/JrDqeljGL +BLl1W/UsvZo6ldLIpoMbbrb5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBDCCAuygAwIBAgIQUfVbqapkLYpUqcLajpTJWzANBgkqhkiG9w0BAQsFADCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIG1lLWNlbnRyYWwtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNV +BAcMB1NlYXR0bGUwIBcNMjIwNTA2MjMyMDA5WhgPMjA2MjA1MDcwMDIwMDlaMIGa +MQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5j +LjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMzAxBgNVBAMMKkFt +YXpvbiBSRFMgbWUtY2VudHJhbC0xIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UE +BwwHU2VhdHRsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJIeovu3 +ewI9FVitXMQzvkh34aQ6WyI4NO3YepfJaePiv3cnyFGYHN2S1cR3UQcLWgypP5va +j6bfroqwGbCbZZcb+6cyOB4ceKO9Ws1UkcaGHnNDcy5gXR7aCW2OGTUfinUuhd2d +5bOGgV7JsPbpw0bwJ156+MwfOK40OLCWVbzy8B1kITs4RUPNa/ZJnvIbiMu9rdj4 +8y7GSFJLnKCjlOFUkNI5LcaYvI1+ybuNgphT3nuu5ZirvTswGakGUT/Q0J3dxP0J +pDfg5Sj/2G4gXiaM0LppVOoU5yEwVewhQ250l0eQAqSrwPqAkdTg9ng360zqCFPE +JPPcgI1tdGUgneECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +/2AJVxWdZxc8eJgdpbwpW7b0f7IwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB +CwUAA4IBAQBYm63jTu2qYKJ94gKnqc+oUgqmb1mTXmgmp/lXDbxonjszJDOXFbri +3CCO7xB2sg9bd5YWY8sGKHaWmENj3FZpCmoefbUx++8D7Mny95Cz8R32rNcwsPTl +ebpd9A/Oaw5ug6M0x/cNr0qzF8Wk9Dx+nFEimp8RYQdKvLDfNFZHjPa1itnTiD8M +TorAqj+VwnUGHOYBsT/0NY12tnwXdD+ATWfpEHdOXV+kTMqFFwDyhfgRVNpTc+os +ygr8SwhnSCpJPB/EYl2S7r+tgAbJOkuwUvGT4pTqrzDQEhwE7swgepnHC87zhf6l +qN6mVpSnQKQLm6Ob5TeCEFgcyElsF5bH +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjSgAwIBAgIRAOxu0I1QuMAhIeszB3fJIlkwCgYIKoZIzj0EAwMwgZYx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1h +em9uIFJEUyB1cy13ZXN0LTIgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTI0MjIwNjU5WhgPMjEyMTA1MjQyMzA2NTlaMIGWMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExLzAtBgNVBAMMJkFtYXpvbiBS +RFMgdXMtd2VzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdTZWF0dGxl +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEz4bylRcGqqDWdP7gQIIoTHdBK6FNtKH1 +4SkEIXRXkYDmRvL9Bci1MuGrwuvrka5TDj4b7e+csY0llEzHpKfq6nJPFljoYYP9 +uqHFkv77nOpJJ633KOr8IxmeHW5RXgrZo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBQQikVz8wmjd9eDFRXzBIU8OseiGzAOBgNVHQ8BAf8EBAMCAYYwCgYI +KoZIzj0EAwMDaAAwZQIwf06Mcrpw1O0EBLBBrp84m37NYtOkE/0Z0O+C7D41wnXi +EQdn6PXUVgdD23Gj82SrAjEAklhKs+liO1PtN15yeZR1Io98nFve+lLptaLakZcH ++hfFuUtCqMbaI8CdvJlKnPqT +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCTCCA/GgAwIBAgIRALyWMTyCebLZOGcZZQmkmfcwDQYJKoZIhvcNAQEMBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1ub3J0aGVhc3QtMyBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTI0MjAyODAzWhgPMjEyMTA1MjQyMTI4MDNa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtbm9ydGhlYXN0LTMgUm9vdCBDQSBSU0E0MDk2IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +wGFiyDyCrGqgdn4fXG12cxKAAfVvhMea1mw5h9CVRoavkPqhzQpAitSOuMB9DeiP +wQyqcsiGl/cTEau4L+AUBG8b9v26RlY48exUYBXj8CieYntOT9iNw5WtdYJa3kF/ +JxgI+HDMzE9cmHDs5DOO3S0uwZVyra/xE1ymfSlpOeUIOTpHRJv97CBUEpaZMUW5 +Sr6GruuOwFVpO5FX3A/jQlcS+UN4GjSRgDUJuqg6RRQldEZGCVCCmodbByvI2fGm +reGpsPJD54KkmAX08nOR8e5hkGoHxq0m2DLD4SrOFmt65vG47qnuwplWJjtk9B3Z +9wDoopwZLBOtlkPIkUllWm1P8EuHC1IKOA+wSP6XdT7cy8S77wgyHzR0ynxv7q/l +vlZtH30wnNqFI0y9FeogD0TGMCHcnGqfBSicJXPy9T4fU6f0r1HwqKwPp2GArwe7 +dnqLTj2D7M9MyVtFjEs6gfGWXmu1y5uDrf+CszurE8Cycoma+OfjjuVQgWOCy7Nd +jJswPxAroTzVfpgoxXza4ShUY10woZu0/J+HmNmqK7lh4NS75q1tz75in8uTZDkV +be7GK+SEusTrRgcf3tlgPjSTWG3veNzFDF2Vn1GLJXmuZfhdlVQDBNXW4MNREExS +dG57kJjICpT+r8X+si+5j51gRzkSnMYs7VHulpxfcwECAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQU4JWOpDBmUBuWKvGPZelw87ezhL8wDgYDVR0P +AQH/BAQDAgGGMA0GCSqGSIb3DQEBDAUAA4ICAQBRNLMql7itvXSEFQRAnyOjivHz +l5IlWVQjAbOUr6ogZcwvK6YpxNAFW5zQr8F+fdkiypLz1kk5irx9TIpff0BWC9hQ +/odMPO8Gxn8+COlSvc+dLsF2Dax3Hvz0zLeKMo+cYisJOzpdR/eKd0/AmFdkvQoM +AOK9n0yYvVJU2IrSgeJBiiCarpKSeAktEVQ4rvyacQGr+QAPkkjRwm+5LHZKK43W +nNnggRli9N/27qYtc5bgr3AaQEhEXMI4RxPRXCLsod0ehMGWyRRK728a+6PMMJAJ +WHOU0x7LCEMPP/bvpLj3BdvSGqNor4ZtyXEbwREry1uzsgODeRRns5acPwTM6ff+ +CmxO2NZ0OktIUSYRmf6H/ZFlZrIhV8uWaIwEJDz71qvj7buhQ+RFDZ9CNL64C0X6 +mf0zJGEpddjANHaaVky+F4gYMtEy2K2Lcm4JGTdyIzUoIe+atzCnRp0QeIcuWtF+ +s8AjDYCVFNypcMmqbRmNpITSnOoCHSRuVkY3gutVoYyMLbp8Jm9SJnCIlEWTA6Rm +wADOMGZJVn5/XRTRuetVOB3KlQDjs9OO01XN5NzGSZO2KT9ngAUfh9Eqhf1iRWSP +nZlRbQ2NRCuY/oJ5N59mLGxnNJSE7giEKEBRhTQ/XEPIUYAUPD5fca0arKRJwbol +l9Se1Hsq0ZU5f+OZKQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGATCCA+mgAwIBAgIRAK7vlRrGVEePJpW1VHMXdlIwDQYJKoZIhvcNAQEMBQAw +gZgxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwo +QW1hem9uIFJEUyBhZi1zb3V0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMTA1MTkxOTI4NDNaGA8yMTIxMDUxOTIwMjg0M1owgZgx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwoQW1h +em9uIFJEUyBhZi1zb3V0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwH +U2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMZiHOQC6x4o +eC7vVOMCGiN5EuLqPYHdceFPm4h5k/ZejXTf7kryk6aoKZKsDIYihkaZwXVS7Y/y +7Ig1F1ABi2jD+CYprj7WxXbhpysmN+CKG7YC3uE4jSvfvUnpzionkQbjJsRJcrPO +cZJM4FVaVp3mlHHtvnM+K3T+ni4a38nAd8xrv1na4+B8ZzZwWZXarfg8lJoGskSn +ou+3rbGQ0r+XlUP03zWujHoNlVK85qUIQvDfTB7n3O4s1XNGvkfv3GNBhYRWJYlB +4p8T+PFN8wG+UOByp1gV7BD64RnpuZ8V3dRAlO6YVAmINyG5UGrPzkIbLtErUNHO +4iSp4UqYvztDqJWWHR/rA84ef+I9RVwwZ8FQbjKq96OTnPrsr63A5mXTC9dXKtbw +XNJPQY//FEdyM3K8sqM0IdCzxCA1MXZ8+QapWVjwyTjUwFvL69HYky9H8eAER59K +5I7u/CWWeCy2R1SYUBINc3xxLr0CGGukcWPEZW2aPo5ibW5kepU1P/pzdMTaTfao +F42jSFXbc7gplLcSqUgWwzBnn35HLTbiZOFBPKf6vRRu8aRX9atgHw/EjCebi2xP +xIYr5Ub8u0QVHIqcnF1/hVzO/Xz0chj3E6VF/yTXnsakm+W1aM2QkZbFGpga+LMy +mFCtdPrELjea2CfxgibaJX1Q4rdEpc8DAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFDSaycEyuspo/NOuzlzblui8KotFMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQwFAAOCAgEAbosemjeTRsL9o4v0KadBUNS3V7gdAH+X4vH2 +Ee1Jc91VOGLdd/s1L9UX6bhe37b9WjUD69ur657wDW0RzxMYgQdZ27SUl0tEgGGp +cCmVs1ky3zEN+Hwnhkz+OTmIg1ufq0W2hJgJiluAx2r1ib1GB+YI3Mo3rXSaBYUk +bgQuujYPctf0PA153RkeICE5GI3OaJ7u6j0caYEixBS3PDHt2MJWexITvXGwHWwc +CcrC05RIrTUNOJaetQw8smVKYOfRImEzLLPZ5kf/H3Cbj8BNAFNsa10wgvlPuGOW +XLXqzNXzrG4V3sjQU5YtisDMagwYaN3a6bBf1wFwFIHQoAPIgt8q5zaQ9WI+SBns +Il6rd4zfvjq/BPmt0uI7rVg/cgbaEg/JDL2neuM9CJAzmKxYxLQuHSX2i3Fy4Y1B +cnxnRQETCRZNPGd00ADyxPKVoYBC45/t+yVusArFt+2SVLEGiFBr23eG2CEZu+HS +nDEgIfQ4V3YOTUNa86wvbAss1gbbnT/v1XCnNGClEWCWNCSRjwV2ZmQ/IVTmNHPo +7axTTBBJbKJbKzFndCnuxnDXyytdYRgFU7Ly3sa27WS2KFyFEDebLFRHQEfoYqCu +IupSqBSbXsR3U10OTjc9z6EPo1nuV6bdz+gEDthmxKa1NI+Qb1kvyliXQHL2lfhr +5zT5+Bs= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/zCCA+egAwIBAgIRAOLV6zZcL4IV2xmEneN1GwswDQYJKoZIhvcNAQEMBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyB1cy13ZXN0LTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUxOTE5MDg1OFoYDzIxMjEwNTE5MjAwODU4WjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIHVzLXdlc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC7koAKGXXlLixN +fVjhuqvz0WxDeTQfhthPK60ekRpftkfE5QtnYGzeovaUAiS58MYVzqnnTACDwcJs +IGTFE6Wd7sB6r8eI/3CwI1pyJfxepubiQNVAQG0zJETOVkoYKe/5KnteKtnEER3X +tCBRdV/rfbxEDG9ZAsYfMl6zzhEWKF88G6xhs2+VZpDqwJNNALvQuzmTx8BNbl5W +RUWGq9CQ9GK9GPF570YPCuURW7kl35skofudE9bhURNz51pNoNtk2Z3aEeRx3ouT +ifFJlzh+xGJRHqBG7nt5NhX8xbg+vw4xHCeq1aAe6aVFJ3Uf9E2HzLB4SfIT9bRp +P7c9c0ySGt+3n+KLSHFf/iQ3E4nft75JdPjeSt0dnyChi1sEKDi0tnWGiXaIg+J+ +r1ZtcHiyYpCB7l29QYMAdD0TjfDwwPayLmq//c20cPmnSzw271VwqjUT0jYdrNAm +gV+JfW9t4ixtE3xF2jaUh/NzL3bAmN5v8+9k/aqPXlU1BgE3uPwMCjrfn7V0I7I1 +WLpHyd9jF3U/Ysci6H6i8YKgaPiOfySimQiDu1idmPld659qerutUSemQWmPD3bE +dcjZolmzS9U0Ujq/jDF1YayN3G3xvry1qWkTci0qMRMu2dZu30Herugh9vsdTYkf +00EqngPbqtIVLDrDjEQLqPcb8QvWFQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBQBqg8Za/L0YMHURGExHfvPyfLbOTAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQEMBQADggIBACAGPMa1QL7P/FIO7jEtMelJ0hQlQepKnGtbKz4r +Xq1bUX1jnLvnAieR9KZmeQVuKi3g3CDU6b0mDgygS+FL1KDDcGRCSPh238Ou8KcG +HIxtt3CMwMHMa9gmdcMlR5fJF9vhR0C56KM2zvyelUY51B/HJqHwGvWuexryXUKa +wq1/iK2/d9mNeOcjDvEIj0RCMI8dFQCJv3PRCTC36XS36Tzr6F47TcTw1c3mgKcs +xpcwt7ezrXMUunzHS4qWAA5OGdzhYlcv+P5GW7iAA7TDNrBF+3W4a/6s9v2nQAnX +UvXd9ul0ob71377UhZbJ6SOMY56+I9cJOOfF5QvaL83Sz29Ij1EKYw/s8TYdVqAq ++dCyQZBkMSnDFLVe3J1KH2SUSfm3O98jdPORQrUlORQVYCHPls19l2F6lCmU7ICK +hRt8EVSpXm4sAIA7zcnR2nU00UH8YmMQLnx5ok9YGhuh3Ehk6QlTQLJux6LYLskd +9YHOLGW/t6knVtV78DgPqDeEx/Wu/5A8R0q7HunpWxr8LCPBK6hksZnOoUhhb8IP +vl46Ve5Tv/FlkyYr1RTVjETmg7lb16a8J0At14iLtpZWmwmuv4agss/1iBVMXfFk ++ZGtx5vytWU5XJmsfKA51KLsMQnhrLxb3X3zC+JRCyJoyc8++F3YEcRi2pkRYE3q +Hing +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIRANxgyBbnxgTEOpDul2ZnC0UwDQYJKoZIhvcNAQELBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtMyBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNjEwMTgxOTA3WhgPMjA2MTA2MTAxOTE5MDda +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtc291dGhlYXN0LTMgUm9vdCBDQSBSU0EyMDQ4IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +xnwSDAChrMkfk5TA4Dk8hKzStDlSlONzmd3fTG0Wqr5+x3EmFT6Ksiu/WIwEl9J2 +K98UI7vYyuZfCxUKb1iMPeBdVGqk0zb92GpURd+Iz/+K1ps9ZLeGBkzR8mBmAi1S +OfpwKiTBzIv6E8twhEn4IUpHsdcuX/2Y78uESpJyM8O5CpkG0JaV9FNEbDkJeBUQ +Ao2qqNcH4R0Qcr5pyeqA9Zto1RswgL06BQMI9dTpfwSP5VvkvcNUaLl7Zv5WzLQE +JzORWePvdPzzvWEkY/3FPjxBypuYwssKaERW0fkPDmPtykktP9W/oJolKUFI6pXp +y+Y6p6/AVdnQD2zZjW5FhQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBT+jEKs96LC+/X4BZkUYUkzPfXdqTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggEBAIGQqgqcQ6XSGkmNebzR6DhadTbfDmbYeN5N0Vuzv+Tdmufb +tMGjdjnYMg4B+IVnTKQb+Ox3pL9gbX6KglGK8HupobmIRtwKVth+gYYz3m0SL/Nk +haWPYzOm0x3tJm8jSdufJcEob4/ATce9JwseLl76pSWdl5A4lLjnhPPKudUDfH+1 +BLNUi3lxpp6GkC8aWUPtupnhZuXddolTLOuA3GwTZySI44NfaFRm+o83N1jp+EwD +6e94M4cTRzjUv6J3MZmSbdtQP/Tk1uz2K4bQZGP0PZC3bVpqiesdE/xr+wbu8uHr +cM1JXH0AmXf1yIkTgyWzmvt0k1/vgcw5ixAqvvE= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCAumgAwIBAgIRAMhw98EQU18mIji+unM2YH8wDQYJKoZIhvcNAQELBQAw +gZgxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwo +QW1hem9uIFJEUyBhcC1zb3V0aC0yIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMjA2MDYyMTQyMjJaGA8yMDYyMDYwNjIyNDIyMlowgZgx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwoQW1h +em9uIFJEUyBhcC1zb3V0aC0yIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UEBwwH +U2VhdHRsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIeeRoLfTm+7 +vqm7ZlFSx+1/CGYHyYrOOryM4/Z3dqYVHFMgWTR7V3ziO8RZ6yUanrRcWVX3PZbF +AfX0KFE8OgLsXEZIX8odSrq86+/Th5eZOchB2fDBsUB7GuN2rvFBbM8lTI9ivVOU +lbuTnYyb55nOXN7TpmH2bK+z5c1y9RVC5iQsNAl6IJNvSN8VCqXh31eK5MlKB4DT ++Y3OivCrSGsjM+UR59uZmwuFB1h+icE+U0p9Ct3Mjq3MzSX5tQb6ElTNGlfmyGpW +Kh7GQ5XU1KaKNZXoJ37H53woNSlq56bpVrKI4uv7ATpdpFubOnSLtpsKlpLdR3sy +Ws245200pC8CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUp0ki +6+eWvsnBjQhMxwMW5pwn7DgwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUA +A4IBAQB2V8lv0aqbYQpj/bmVv/83QfE4vOxKCJAHv7DQ35cJsTyBdF+8pBczzi3t +3VNL5IUgW6WkyuUOWnE0eqAFOUVj0yTS1jSAtfl3vOOzGJZmWBbqm9BKEdu1D8O6 +sB8bnomwiab2tNDHPmUslpdDqdabbkWwNWzLJ97oGFZ7KNODMEPXWKWNxg33iHfS +/nlmnrTVI3XgaNK9qLZiUrxu9Yz5gxi/1K+sG9/Dajd32ZxjRwDipOLiZbiXQrsd +qzIMY4GcWf3g1gHL5mCTfk7dG22h/rhPyGV0svaDnsb+hOt6sv1McMN6Y3Ou0mtM +/UaAXojREmJmTSCNvs2aBny3/2sy +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjSgAwIBAgIRAMnRxsKLYscJV8Qv5pWbL7swCgYIKoZIzj0EAwMwgZYx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1h +em9uIFJEUyBzYS1lYXN0LTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTE5MTgxNjAxWhgPMjEyMTA1MTkxOTE2MDFaMIGWMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExLzAtBgNVBAMMJkFtYXpvbiBS +RFMgc2EtZWFzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdTZWF0dGxl +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEjFOCZgTNVKxLKhUxffiDEvTLFhrmIqdO +dKqVdgDoELEzIHWDdC+19aDPitbCYtBVHl65ITu/9pn6mMUl5hhUNtfZuc6A+Iw1 +sBe0v0qI3y9Q9HdQYrGgeHDh8M5P7E2ho0IwQDAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBS5L7/8M0TzoBZk39Ps7BkfTB4yJTAOBgNVHQ8BAf8EBAMCAYYwCgYI +KoZIzj0EAwMDaAAwZQIwI43O0NtWKTgnVv9z0LO5UMZYgSve7GvGTwqktZYCMObE +rUI4QerXM9D6JwLy09mqAjEAypfkdLyVWtaElVDUyHFkihAS1I1oUxaaDrynLNQK +Ou/Ay+ns+J+GyvyDUjBpVVW1 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/jCCA+agAwIBAgIQR71Z8lTO5Sj+as2jB7IWXzANBgkqhkiG9w0BAQwFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIHVzLXdlc3QtMiBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTI0MjIwMzIwWhgPMjEyMTA1MjQyMzAzMjBaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgdXMtd2VzdC0yIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM977bHIs1WJijrS +XQMfUOhmlJjr2v0K0UjPl52sE1TJ76H8umo1yR4T7Whkd9IwBHNGKXCJtJmMr9zp +fB38eLTu+5ydUAXdFuZpRMKBWwPVe37AdJRKqn5beS8HQjd3JXAgGKUNNuE92iqF +qi2fIqFMpnJXWo0FIW6s2Dl2zkORd7tH0DygcRi7lgVxCsw1BJQhFJon3y+IV8/F +bnbUXSNSDUnDW2EhvWSD8L+t4eiXYsozhDAzhBvojpxhPH9OB7vqFYw5qxFx+G0t +lSLX5iWi1jzzc3XyGnB6WInZDVbvnvJ4BGZ+dTRpOCvsoMIn9bz4EQTvu243c7aU +HbS/kvnCASNt+zk7C6lbmaq0AGNztwNj85Opn2enFciWZVnnJ/4OeefUWQxD0EPp +SjEd9Cn2IHzkBZrHCg+lWZJQBKbUVS0lLIMSsLQQ6WvR38jY7D2nxM1A93xWxwpt +ZtQnYRCVXH6zt2OwDAFePInWwxUjR5t/wu3XxPgpSfrmTi3WYtr1wFypAJ811e/P +yBtswWUQ6BNJQvy+KnOEeGfOwmtdDFYR+GOCfvCihzrKJrxOtHIieehR5Iw3cbXG +sm4pDzfMUVvDDz6C2M6PRlJhhClbatHCjik9hxFYEsAlqtVVK9pxaz9i8hOqSFQq +kJSQsgWw+oM/B2CyjcSqkSQEu8RLAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8w +HQYDVR0OBBYEFPmrdxpRRgu3IcaB5BTqlprcKdTsMA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQwFAAOCAgEAVdlxWjPvVKky3kn8ZizeM4D+EsLw9dWLau2UD/ls +zwDCFoT6euagVeCknrn+YEl7g20CRYT9iaonGoMUPuMR/cdtPL1W/Rf40PSrGf9q +QuxavWiHLEXOQTCtCaVZMokkvjuuLNDXyZnstgECuiZECTwhexUF4oiuhyGk9o01 +QMaiz4HX4lgk0ozALUvEzaNd9gWEwD2qe+rq9cQMTVq3IArUkvTIftZUaVUMzr0O +ed1+zAsNa9nJhURJ/6anJPJjbQgb5qA1asFcp9UaMT1ku36U3gnR1T/BdgG2jX3X +Um0UcaGNVPrH1ukInWW743pxWQb7/2sumEEMVh+jWbB18SAyLI4WIh4lkurdifzS +IuTFp8TEx+MouISFhz/vJDWZ84tqoLVjkEcP6oDypq9lFoEzHDJv3V1CYcIgOusT +k1jm9P7BXdTG7TYzUaTb9USb6bkqkD9EwJAOSs7DI94aE6rsSws2yAHavjAMfuMZ +sDAZvkqS2Qg2Z2+CI6wUZn7mzkJXbZoqRjDvChDXEB1mIhzVXhiNW/CR5WKVDvlj +9v1sdGByh2pbxcLQtVaq/5coM4ANgphoNz3pOYUPWHS+JUrIivBZ+JobjXcxr3SN +9iDzcu5/FVVNbq7+KN/nvPMngT+gduEN5m+EBjm8GukJymFG0m6BENRA0QSDqZ7k +zDY= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIRAK5EYG3iHserxMqgg+0EFjgwDQYJKoZIhvcNAQELBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1ub3J0aGVhc3QtMyBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTI0MjAyMzE2WhgPMjA2MTA1MjQyMTIzMTZa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtbm9ydGhlYXN0LTMgUm9vdCBDQSBSU0EyMDQ4IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +s1L6TtB84LGraLHVC+rGPhLBW2P0oN/91Rq3AnYwqDOuTom7agANwEjvLq7dSRG/ +sIfZsSV/ABTgArZ5sCmLjHFZAo8Kd45yA9byx20RcYtAG8IZl+q1Cri+s0XefzyO +U6mlfXZkVe6lzjlfXBkrlE/+5ifVbJK4dqOS1t9cWIpgKqv5fbE6Qbq4LVT+5/WM +Vd2BOljuBMGMzdZubqFKFq4mzTuIYfnBm7SmHlZfTdfBYPP1ScNuhpjuzw4n3NCR +EdU6dQv04Q6th4r7eiOCwbWI9LkmVbvBe3ylhH63lApC7MiiPYLlB13xBubVHVhV +q1NHoNTi+zA3MN9HWicRxQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBSuxoqm0/wjNiZLvqv+JlQwsDvTPDAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggEBAFfTK/j5kv90uIbM8VaFdVbr/6weKTwehafT0pAk1bfLVX+7 +uf8oHgYiyKTTl0DFQicXejghXTeyzwoEkWSR8c6XkhD5vYG3oESqmt/RGvvoxz11 +rHHy7yHYu7RIUc3VQG60c4qxXv/1mWySGwVwJrnuyNT9KZXPevu3jVaWOVHEILaK +HvzQ2YEcWBPmde/zEseO2QeeGF8FL45Q1d66wqIP4nNUd2pCjeTS5SpB0MMx7yi9 +ki1OH1pv8tOuIdimtZ7wkdB8+JSZoaJ81b8sRrydRwJyvB88rftuI3YB4WwGuONT +ZezUPsmaoK69B0RChB0ofDpAaviF9V3xOWvVZfo= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGDzCCA/egAwIBAgIRAI0sMNG2XhaBMRN3zD7ZyoEwDQYJKoZIhvcNAQEMBQAw +gZ8xCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE4MDYGA1UEAwwv +QW1hem9uIFJEUyBQcmV2aWV3IHVzLWVhc3QtMiBSb290IENBIFJTQTQwOTYgRzEx +EDAOBgNVBAcMB1NlYXR0bGUwIBcNMjEwNTE4MjA1NzUwWhgPMjEyMTA1MTgyMTU3 +NTBaMIGfMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNl +cywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExODA2BgNV +BAMML0FtYXpvbiBSRFMgUHJldmlldyB1cy1lYXN0LTIgUm9vdCBDQSBSU0E0MDk2 +IEcxMRAwDgYDVQQHDAdTZWF0dGxlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAh/otSiCu4Uw3hu7OJm0PKgLsLRqBmUS6jihcrkxfN2SHmp2zuRflkweU +BhMkebzL+xnNvC8okzbgPWtUxSmDnIRhE8J7bvSKFlqs/tmEdiI/LMqe/YIKcdsI +20UYmvyLIjtDaJIh598SHHlF9P8DB5jD8snJfhxWY+9AZRN+YVTltgQAAgayxkWp +M1BbvxpOnz4CC00rE0eqkguXIUSuobb1vKqdKIenlYBNxm2AmtgvQfpsBIQ0SB+8 +8Zip8Ef5rtjSw5J3s2Rq0aYvZPfCVIsKYepIboVwXtD7E9J31UkB5onLBQlaHaA6 +XlH4srsMmrew5d2XejQGy/lGZ1nVWNsKO0x/Az2QzY5Kjd6AlXZ8kq6H68hscA5i +OMbNlXzeEQsZH0YkId3+UsEns35AAjZv4qfFoLOu8vDotWhgVNT5DfdbIWZW3ZL8 +qbmra3JnCHuaTwXMnc25QeKgVq7/rG00YB69tCIDwcf1P+tFJWxvaGtV0g2NthtB +a+Xo09eC0L53gfZZ3hZw1pa3SIF5dIZ6RFRUQ+lFOux3Q/I3u+rYstYw7Zxc4Zeo +Y8JiedpQXEAnbw2ECHix/L6mVWgiWCiDzBnNLLdbmXjJRnafNSndSfFtHCnY1SiP +aCrNpzwZIJejoV1zDlWAMO+gyS28EqzuIq3WJK/TFE7acHkdKIcCAwEAAaNCMEAw +DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUrmV1YASnuudfmqAZP4sKGTvScaEw +DgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBDAUAA4ICAQBGpEKeQoPvE85tN/25 +qHFkys9oHDl93DZ62EnOqAUKLd6v0JpCyEiop4nlrJe+4KrBYVBPyKOJDcIqE2Sp +3cvgJXLhY4i46VM3Qxe8yuYF1ElqBpg3jJVj/sCQnYz9dwoAMWIJFaDWOvmU2E7M +MRaKx+sPXFkIjiDA6Bv0m+VHef7aedSYIY7IDltEQHuXoqNacGrYo3I50R+fZs88 +/mB3e/V7967e99D6565yf9Lcjw4oQf2Hy7kl/6P9AuMz0LODnGITwh2TKk/Zo3RU +Vgq25RDrT4xJK6nFHyjUF6+4cOBxVpimmFw/VP1zaXT8DN5r4HyJ9p4YuSK8ha5N +2pJc/exvU8Nv2+vS/efcDZWyuEdZ7eh1IJWQZlOZKIAONfRDRTpeQHJ3zzv3QVYy +t78pYp/eWBHyVIfEE8p2lFKD4279WYe+Uvdb8c4Jm4TJwqkSJV8ifID7Ub80Lsir +lPAU3OCVTBeVRFPXT2zpC4PB4W6KBSuj6OOcEu2y/HgWcoi7Cnjvp0vFTUhDFdus +Wz3ucmJjfVsrkEO6avDKu4SwdbVHsk30TVAwPd6srIdi9U6MOeOQSOSE4EsrrS7l +SVmu2QIDUVFpm8QAHYplkyWIyGkupyl3ashH9mokQhixIU/Pzir0byePxHLHrwLu +1axqeKpI0F5SBUPsaVNYY2uNFg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECDCCAvCgAwIBAgIQCREfzzVyDTMcNME+gWnTCTANBgkqhkiG9w0BAQsFADCB +nDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTUwMwYDVQQDDCxB +bWF6b24gUkRTIGFwLXNvdXRoZWFzdC0yIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4G +A1UEBwwHU2VhdHRsZTAgFw0yMTA1MjQyMDQyMzNaGA8yMDYxMDUyNDIxNDIzM1ow +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtMiBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL +1MT6br3L/4Pq87DPXtcjlXN3cnbNk2YqRAZHJayStTz8VtsFcGPJOpk14geRVeVk +e9uKFHRbcyr/RM4owrJTj5X4qcEuATYZbo6ou/rW2kYzuWFZpFp7lqm0vasV4Z9F +fChlhwkNks0UbM3G+psCSMNSoF19ERunj7w2c4E62LwujkeYLvKGNepjnaH10TJL +2krpERd+ZQ4jIpObtRcMH++bTrvklc+ei8W9lqrVOJL+89v2piN3Ecdd389uphst +qQdb1BBVXbhUrtuGHgVf7zKqN1SkCoktoWxVuOprVWhSvr7akaWeq0UmlvbEsujU +vADqxGMcJFyCzxx3CkJjAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O +BBYEFFk8UJmlhoxFT3PP12PvhvazHjT4MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG +9w0BAQsFAAOCAQEAfFtr2lGoWVXmWAsIo2NYre7kzL8Xb9Tx7desKxCCz5HOOvIr +8JMB1YK6A7IOvQsLJQ/f1UnKRh3X3mJZjKIywfrMSh0FiDf+rjcEzXxw2dGtUem4 +A+WMvIA3jwxnJ90OQj5rQ8bg3iPtE6eojzo9vWQGw/Vu48Dtw1DJo9210Lq/6hze +hPhNkFh8fMXNT7Q1Wz/TJqJElyAQGNOXhyGpHKeb0jHMMhsy5UNoW5hLeMS5ffao +TBFWEJ1gVfxIU9QRxSh+62m46JIg+dwDlWv8Aww14KgepspRbMqDuaM2cinoejv6 +t3dyOyHHrsOyv3ffZUKtQhQbQr+sUcL89lARsg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/zCCAuegAwIBAgIRAIJLTMpzGNxqHZ4t+c1MlCIwDQYJKoZIhvcNAQELBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyBhcC1lYXN0LTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyNTIxMzAzM1oYDzIwNjEwNTI1MjIzMDMzWjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGFwLWVhc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtdHut0ZhJ9Nn2 +MpVafFcwHdoEzx06okmmhjJsNy4l9QYVeh0UUoek0SufRNMRF4d5ibzpgZol0Y92 +/qKWNe0jNxhEj6sXyHsHPeYtNBPuDMzThfbvsLK8z7pBP7vVyGPGuppqW/6m4ZBB +lcc9fsf7xpZ689iSgoyjiT6J5wlVgmCx8hFYc/uvcRtfd8jAHvheug7QJ3zZmIye +V4htOW+fRVWnBjf40Q+7uTv790UAqs0Zboj4Yil+hER0ibG62y1g71XcCyvcVpto +2/XW7Y9NCgMNqQ7fGN3wR1gjtSYPd7DO32LTzYhutyvfbpAZjsAHnoObmoljcgXI +QjfBcCFpAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJI3aWLg +CS5xqU5WYVaeT5s8lpO0MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOC +AQEAUwATpJOcGVOs3hZAgJwznWOoTzOVJKfrqBum7lvkVH1vBwxBl9CahaKj3ZOt +YYp2qJzhDUWludL164DL4ZjS6eRedLRviyy5cRy0581l1MxPWTThs27z+lCC14RL +PJZNVYYdl7Jy9Q5NsQ0RBINUKYlRY6OqGDySWyuMPgno2GPbE8aynMdKP+f6G/uE +YHOf08gFDqTsbyfa70ztgVEJaRooVf5JJq4UQtpDvVswW2reT96qi6tXPKHN5qp3 +3wI0I1Mp4ePmiBKku2dwYzPfrJK/pQlvu0Gu5lKOQ65QdotwLAAoaFqrf9za1yYs +INUkHLWIxDds+4OHNYcerGp5Dw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCTCCA/GgAwIBAgIRAIO6ldra1KZvNWJ0TA1ihXEwDQYJKoZIhvcNAQEMBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTIxMjE0NTA1WhgPMjEyMTA1MjEyMjQ1MDVa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtc291dGhlYXN0LTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +sDN52Si9pFSyZ1ruh3xAN0nVqEs960o2IK5CPu/ZfshFmzAwnx/MM8EHt/jMeZtj +SM58LADAsNDL01ELpFZATjgZQ6xNAyXRXE7RiTRUvNkK7O3o2qAGbLnJq/UqF7Sw +LRnB8V6hYOv+2EjVnohtGCn9SUFGZtYDjWXsLd4ML4Zpxv0a5LK7oEC7AHzbUR7R +jsjkrXqSv7GE7bvhSOhMkmgxgj1F3J0b0jdQdtyyj109aO0ATUmIvf+Bzadg5AI2 +A9UA+TUcGeebhpHu8AP1Hf56XIlzPpaQv3ZJ4vzoLaVNUC7XKzAl1dlvCl7Klg/C +84qmbD/tjZ6GHtzpLKgg7kQEV7mRoXq8X4wDX2AFPPQl2fv+Kbe+JODqm5ZjGegm +uskABBi8IFv1hYx9jEulZPxC6uD/09W2+niFm3pirnlWS83BwVDTUBzF+CooUIMT +jhWkIIZGDDgMJTzouBHfoSJtS1KpUZi99m2WyVs21MNKHeWAbs+zmI6TO5iiMC+T +uB8spaOiHFO1573Fmeer4sy3YA6qVoqVl6jjTQqOdy3frAMbCkwH22/crV8YA+08 +hLeHXrMK+6XUvU+EtHAM3VzcrLbuYJUI2XJbzTj5g0Eb8I8JWsHvWHR5K7Z7gceR +78AzxQmoGEfV6KABNWKsgoCQnfb1BidDJIe3BsI0A6UCAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUABp0MlB14MSHgAcuNSOhs3MOlUcwDgYDVR0P +AQH/BAQDAgGGMA0GCSqGSIb3DQEBDAUAA4ICAQCv4CIOBSQi/QR9NxdRgVAG/pAh +tFJhV7OWb/wqwsNKFDtg6tTxwaahdCfWpGWId15OUe7G9LoPiKiwM9C92n0ZeHRz +4ewbrQVo7Eu1JI1wf0rnZJISL72hVYKmlvaWaacHhWxvsbKLrB7vt6Cknxa+S993 +Kf8i2Psw8j5886gaxhiUtzMTBwoDWak8ZaK7m3Y6C6hXQk08+3pnIornVSFJ9dlS +PAqt5UPwWmrEfF+0uIDORlT+cvrAwgSp7nUF1q8iasledycZ/BxFgQqzNwnkBDwQ +Z/aM52ArGsTzfMhkZRz9HIEhz1/0mJw8gZtDVQroD8778h8zsx2SrIz7eWQ6uWsD +QEeSWXpcheiUtEfzkDImjr2DLbwbA23c9LoexUD10nwohhoiQQg77LmvBVxeu7WU +E63JqaYUlOLOzEmNJp85zekIgR8UTkO7Gc+5BD7P4noYscI7pPOL5rP7YLg15ZFi +ega+G53NTckRXz4metsd8XFWloDjZJJq4FfD60VuxgXzoMNT9wpFTNSH42PR2s9L +I1vcl3w8yNccs9se2utM2nLsItZ3J0m/+QSRiw9hbrTYTcM9sXki0DtH2kyIOwYf +lOrGJDiYOIrXSQK36H0gQ+8omlrUTvUj4msvkXuQjlfgx6sgp2duOAfnGxE7uHnc +UhnJzzoe6M+LfGHkVQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICuDCCAj2gAwIBAgIQSAG6j2WHtWUUuLGJTPb1nTAKBggqhkjOPQQDAzCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLW5vcnRoZWFzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyMDE2MzgyNloYDzIxMjEwNTIwMTczODI2WjCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLW5vcnRoZWFzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE2eqwU4FOzW8RV1W381Bd +olhDOrqoMqzWli21oDUt7y8OnXM/lmAuOS6sr8Nt61BLVbONdbr+jgCYw75KabrK +ZGg3siqvMOgabIKkKuXO14wtrGyGDt7dnKXg5ERGYOZlo0IwQDAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBS1Acp2WYxOcblv5ikZ3ZIbRCCW+zAOBgNVHQ8BAf8E +BAMCAYYwCgYIKoZIzj0EAwMDaQAwZgIxAJL84J08PBprxmsAKPTotBuVI3MyW1r8 +xQ0i8lgCQUf8GcmYjQ0jI4oZyv+TuYJAcwIxAP9Xpzq0Docxb+4N1qVhpiOfWt1O +FnemFiy9m1l+wv6p3riQMPV7mBVpklmijkIv3Q== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIRALZLcqCVIJ25maDPE3sbPCIwDQYJKoZIhvcNAQELBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTIxMjEzOTM5WhgPMjA2MTA1MjEyMjM5Mzla +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtc291dGhlYXN0LTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +ypKc+6FfGx6Gl6fQ78WYS29QoKgQiur58oxR3zltWeg5fqh9Z85K5S3UbRSTqWWu +Xcfnkz0/FS07qHX+nWAGU27JiQb4YYqhjZNOAq8q0+ptFHJ6V7lyOqXBq5xOzO8f ++0DlbJSsy7GEtJp7d7QCM3M5KVY9dENVZUKeJwa8PC5StvwPx4jcLeZRJC2rAVDG +SW7NAInbATvr9ssSh03JqjXb+HDyywiqoQ7EVLtmtXWimX+0b3/2vhqcH5jgcKC9 +IGFydrjPbv4kwMrKnm6XlPZ9L0/3FMzanXPGd64LQVy51SI4d5Xymn0Mw2kMX8s6 +Nf05OsWcDzJ1n6/Q1qHSxQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBRmaIc8eNwGP7i6P7AJrNQuK6OpFzAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggEBAIBeHfGwz3S2zwIUIpqEEI5/sMySDeS+3nJR+woWAHeO0C8i +BJdDh+kzzkP0JkWpr/4NWz84/IdYo1lqASd1Kopz9aT1+iROXaWr43CtbzjXb7/X +Zv7eZZFC8/lS5SROq42pPWl4ekbR0w8XGQElmHYcWS41LBfKeHCUwv83ATF0XQ6I +4t+9YSqZHzj4vvedrvcRInzmwWJaal9s7Z6GuwTGmnMsN3LkhZ+/GD6oW3pU/Pyh +EtWqffjsLhfcdCs3gG8x9BbkcJPH5aPAVkPn4wc8wuXg6xxb9YGsQuY930GWTYRf +schbgjsuqznW4HHakq4WNhs1UdTSTKkRdZz7FUQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIRAM2zAbhyckaqRim63b+Tib8wDQYJKoZIhvcNAQELBQAw +gZ8xCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE4MDYGA1UEAwwv +QW1hem9uIFJEUyBQcmV2aWV3IHVzLWVhc3QtMiBSb290IENBIFJTQTIwNDggRzEx +EDAOBgNVBAcMB1NlYXR0bGUwIBcNMjEwNTE4MjA0OTQ1WhgPMjA2MTA1MTgyMTQ5 +NDVaMIGfMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNl +cywgSW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExODA2BgNV +BAMML0FtYXpvbiBSRFMgUHJldmlldyB1cy1lYXN0LTIgUm9vdCBDQSBSU0EyMDQ4 +IEcxMRAwDgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEA1ybjQMH1MkbvfKsWJaCTXeCSN1SG5UYid+Twe+TjuSqaXWonyp4WRR5z +tlkqq+L2MWUeQQAX3S17ivo/t84mpZ3Rla0cx39SJtP3BiA2BwfUKRjhPwOjmk7j +3zrcJjV5k1vSeLNOfFFSlwyDiVyLAE61lO6onBx+cRjelu0egMGq6WyFVidTdCmT +Q9Zw3W6LTrnPvPmEyjHy2yCHzH3E50KSd/5k4MliV4QTujnxYexI2eR8F8YQC4m3 +DYjXt/MicbqA366SOoJA50JbgpuVv62+LSBu56FpzY12wubmDZsdn4lsfYKiWxUy +uc83a2fRXsJZ1d3whxrl20VFtLFHFQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBRC0ytKmDYbfz0Bz0Psd4lRQV3aNTAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQELBQADggEBAGv8qZu4uaeoF6zsbumauz6ea6tdcWt+hGFuwGrb +tRbI85ucAmVSX06x59DJClsb4MPhL1XmqO3RxVMIVVfRwRHWOsZQPnXm8OYQ2sny +rYuFln1COOz1U/KflZjgJmxbn8x4lYiTPZRLarG0V/OsCmnLkQLPtEl/spMu8Un7 +r3K8SkbWN80gg17Q8EV5mnFwycUx9xsTAaFItuG0en9bGsMgMmy+ZsDmTRbL+lcX +Fq8r4LT4QjrFz0shrzCwuuM4GmcYtBSxlacl+HxYEtAs5k10tmzRf6OYlY33tGf6 +1tkYvKryxDPF/EDgGp/LiBwx6ixYMBfISoYASt4V/ylAlHA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtTCCAjqgAwIBAgIRAK9BSZU6nIe6jqfODmuVctYwCgYIKoZIzj0EAwMwgZkx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEyMDAGA1UEAwwpQW1h +em9uIFJEUyBjYS1jZW50cmFsLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTIxMjIxMzA5WhgPMjEyMTA1MjEyMzEzMDlaMIGZMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMjAwBgNVBAMMKUFtYXpv +biBSRFMgY2EtY2VudHJhbC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEUkEERcgxneT5H+P+fERcbGmf +bVx+M7rNWtgWUr6w+OBENebQA9ozTkeSg4c4M+qdYSObFqjxITdYxT1z/nHz1gyx +OKAhLjWu+nkbRefqy3RwXaWT680uUaAP6ccnkZOMo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSN6fxlg0s5Wny08uRBYZcQ3TUoyzAOBgNVHQ8BAf8EBAMC +AYYwCgYIKoZIzj0EAwMDaQAwZgIxAORaz+MBVoFBTmZ93j2G2vYTwA6T5hWzBWrx +CrI54pKn5g6At56DBrkjrwZF5T1enAIxAJe/LZ9xpDkAdxDgGJFN8gZYLRWc0NRy +Rb4hihy5vj9L+w9uKc9VfEBIFuhT7Z3ljg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIQB/57HSuaqUkLaasdjxUdPjANBgkqhkiG9w0BAQsFADCB +mDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChB +bWF6b24gUkRTIGFwLXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUxOTE3NDAzNFoYDzIwNjEwNTE5MTg0MDM0WjCBmDEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChBbWF6 +b24gUkRTIGFwLXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbkaoVsUS76o +TgLFmcnaB8cswBk1M3Bf4IVRcwWT3a1HeJSnaJUqWHCJ+u3ip/zGVOYl0gN1MgBb +MuQRIJiB95zGVcIa6HZtx00VezDTr3jgGWRHmRjNVCCHGmxOZWvJjsIE1xavT/1j +QYV/ph4EZEIZ/qPq7e3rHohJaHDe23Z7QM9kbyqp2hANG2JtU/iUhCxqgqUHNozV +Zd0l5K6KnltZQoBhhekKgyiHqdTrH8fWajYl5seD71bs0Axowb+Oh0rwmrws3Db2 +Dh+oc2PwREnjHeca9/1C6J2vhY+V0LGaJmnnIuOANrslx2+bgMlyhf9j0Bv8AwSi +dSWsobOhNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQb7vJT +VciLN72yJGhaRKLn6Krn2TAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD +ggEBAAxEj8N9GslReAQnNOBpGl8SLgCMTejQ6AW/bapQvzxrZrfVOZOYwp/5oV0f +9S1jcGysDM+DrmfUJNzWxq2Y586R94WtpH4UpJDGqZp+FuOVJL313te4609kopzO +lDdmd+8z61+0Au93wB1rMiEfnIMkOEyt7D2eTFJfJRKNmnPrd8RjimRDlFgcLWJA +3E8wca67Lz/G0eAeLhRHIXv429y8RRXDtKNNz0wA2RwURWIxyPjn1fHjA9SPDkeW +E1Bq7gZj+tBnrqz+ra3yjZ2blss6Ds3/uRY6NYqseFTZWmQWT7FolZEnT9vMUitW +I0VynUbShVpGf6946e0vgaaKw20= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIQGyUVTaVjYJvWhroVEiHPpDANBgkqhkiG9w0BAQsFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIHVzLXdlc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTE5MTkwNDA2WhgPMjA2MTA1MTkyMDA0MDZaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgdXMtd2VzdC0xIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANhyXpJ0t4nigRDZ +EwNtFOem1rM1k8k5XmziHKDvDk831p7QsX9ZOxl/BT59Pu/P+6W6SvasIyKls1sW +FJIjFF+6xRQcpoE5L5evMgN/JXahpKGeQJPOX9UEXVW5B8yi+/dyUitFT7YK5LZA +MqWBN/LtHVPa8UmE88RCDLiKkqiv229tmwZtWT7nlMTTCqiAHMFcryZHx0pf9VPh +x/iPV8p2gBJnuPwcz7z1kRKNmJ8/cWaY+9w4q7AYlAMaq/rzEqDaN2XXevdpsYAK +TMMj2kji4x1oZO50+VPNfBl5ZgJc92qz1ocF95SAwMfOUsP8AIRZkf0CILJYlgzk +/6u6qZECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm5jfcS9o ++LwL517HpB6hG+PmpBswDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IB +AQAcQ6lsqxi63MtpGk9XK8mCxGRLCad51+MF6gcNz6i6PAqhPOoKCoFqdj4cEQTF +F8dCfa3pvfJhxV6RIh+t5FCk/y6bWT8Ls/fYKVo6FhHj57bcemWsw/Z0XnROdVfK +Yqbc7zvjCPmwPHEqYBhjU34NcY4UF9yPmlLOL8uO1JKXa3CAR0htIoW4Pbmo6sA4 +6P0co/clW+3zzsQ92yUCjYmRNeSbdXbPfz3K/RtFfZ8jMtriRGuO7KNxp8MqrUho +HK8O0mlSUxGXBZMNicfo7qY8FD21GIPH9w5fp5oiAl7lqFzt3E3sCLD3IiVJmxbf +fUwpGd1XZBBSdIxysRLM6j48 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrTCCAjOgAwIBAgIQU+PAILXGkpoTcpF200VD/jAKBggqhkjOPQQDAzCBljEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMS8wLQYDVQQDDCZBbWF6 +b24gUkRTIGFwLWVhc3QtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTAgFw0yMTA1MjUyMTQ1MTFaGA8yMTIxMDUyNTIyNDUxMVowgZYxCzAJBgNV +BAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYD +VQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1hem9uIFJE +UyBhcC1lYXN0LTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1NlYXR0bGUw +djAQBgcqhkjOPQIBBgUrgQQAIgNiAAT3tFKE8Kw1sGQAvNLlLhd8OcGhlc7MiW/s +NXm3pOiCT4vZpawKvHBzD76Kcv+ZZzHRxQEmG1/muDzZGlKR32h8AAj+NNO2Wy3d +CKTtYMiVF6Z2zjtuSkZQdjuQbe4eQ7qjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFAiSQOp16Vv0Ohpvqcbd2j5RmhYNMA4GA1UdDwEB/wQEAwIBhjAKBggq +hkjOPQQDAwNoADBlAjBVsi+5Ape0kOhMt/WFkANkslD4qXA5uqhrfAtH29Xzz2NV +tR7akiA771OaIGB/6xsCMQCZt2egCtbX7J0WkuZ2KivTh66jecJr5DHvAP4X2xtS +F/5pS+AUhcKTEGjI9jDH3ew= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICuDCCAj2gAwIBAgIQT5mGlavQzFHsB7hV6Mmy6TAKBggqhkjOPQQDAzCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLXNvdXRoZWFzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyNDIwNTAxNVoYDzIxMjEwNTI0MjE1MDE1WjCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLXNvdXRoZWFzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEcm4BBBjYK7clwm0HJRWS +flt3iYwoJbIXiXn9c1y3E+Vb7bmuyKhS4eO8mwO4GefUcXObRfoHY2TZLhMJLVBQ +7MN2xDc0RtZNj07BbGD3VAIFRTDX0mH9UNYd0JQM3t/Oo0IwQDAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBRrd5ITedfAwrGo4FA9UaDaGFK3rjAOBgNVHQ8BAf8E +BAMCAYYwCgYIKoZIzj0EAwMDaQAwZgIxAPBNqmVv1IIA3EZyQ6XuVf4gj79/DMO8 +bkicNS1EcBpUqbSuU4Zwt2BYc8c/t7KVOQIxAOHoWkoKZPiKyCxfMtJpCZySUG+n +sXgB/LOyWE5BJcXUfm+T1ckeNoWeUUMOLmnJjg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIRAJcDeinvdNrDQBeJ8+t38WQwDQYJKoZIhvcNAQELBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtNCBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjIwNTI1MTY0OTE2WhgPMjA2MjA1MjUxNzQ5MTZa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtc291dGhlYXN0LTQgUm9vdCBDQSBSU0EyMDQ4IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +k8DBNkr9tMoIM0NHoFiO7cQfSX0cOMhEuk/CHt0fFx95IBytx7GHCnNzpM27O5z6 +x6iRhfNnx+B6CrGyCzOjxvPizneY+h+9zfvNz9jj7L1I2uYMuiNyOKR6FkHR46CT +1CiArfVLLPaTqgD/rQjS0GL2sLHS/0dmYipzynnZcs613XT0rAWdYDYgxDq7r/Yi +Xge5AkWQFkMUq3nOYDLCyGGfQqWKkwv6lZUHLCDKf+Y0Uvsrj8YGCI1O8mF0qPCQ +lmlfaDvbuBu1AV+aabmkvyFj3b8KRIlNLEtQ4N8KGYR2Jdb82S4YUGIOAt4wuuFt +1B7AUDLk3V/u+HTWiwfoLQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBSNpcjz6ArWBtAA+Gz6kyyZxrrgdDAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggEBAGJEd7UgOzHYIcQRSF7nSYyjLROyalaIV9AX4WXW/Cqlul1c +MblP5etDZm7A/thliZIWAuyqv2bNicmS3xKvNy6/QYi1YgxZyy/qwJ3NdFl067W0 +t8nGo29B+EVK94IPjzFHWShuoktIgp+dmpijB7wkTIk8SmIoe9yuY4+hzgqk+bo4 +ms2SOXSN1DoQ75Xv+YmztbnZM8MuWhL1T7hA4AMorzTQLJ9Pof8SpSdMHeDsHp0R +01jogNFkwy25nw7cL62nufSuH2fPYGWXyNDg+y42wKsKWYXLRgUQuDVEJ2OmTFMB +T0Vf7VuNijfIA9hkN2d3K53m/9z5WjGPSdOjGhg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIQRiwspKyrO0xoxDgSkqLZczANBgkqhkiG9w0BAQsFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIHVzLXdlc3QtMiBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTI0MjE1OTAwWhgPMjA2MTA1MjQyMjU5MDBaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgdXMtd2VzdC0yIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL53Jk3GsKiu+4bx +jDfsevWbwPCNJ3H08Zp7GWhvI3Tgi39opfHYv2ku2BKFjK8N2L6RvNPSR8yplv5j +Y0tK0U+XVNl8o0ibhqRDhbTuh6KL8CFINWYzAajuxFS+CF0U6c1Q3tXLBdALxA7l +FlXJ71QrP06W31kRe7kvgrvO7qWU3/OzUf9qYw4LSiR1/VkvvRCTqcVNw09clw/M +Jbw6FSgweN65M9j7zPbjGAXSHkXyxH1Erin2fa+B9PE4ZDgX9cp2C1DHewYJQL/g +SepwwcudVNRN1ibKH7kpMrgPnaNIVNx5sXVsTjk6q2ZqYw3SVHegltJpLy/cZReP +mlivF2kCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUmTcQd6o1 +CuS65MjBrMwQ9JJjmBwwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IB +AQAKSDSIzl956wVddPThf2VAzI8syw9ngSwsEHZvxVGHBvu5gg618rDyguVCYX9L +4Kw/xJrk6S3qxOS2ZDyBcOpsrBskgahDFIunzoRP3a18ARQVq55LVgfwSDQiunch +Bd05cnFGLoiLkR5rrkgYaP2ftn3gRBRaf0y0S3JXZ2XB3sMZxGxavYq9mfiEcwB0 +LMTMQ1NYzahIeG6Jm3LqRqR8HkzP/Ztq4dT2AtSLvFebbNMiWqeqT7OcYp94HTYT +zqrtaVdUg9bwyAUCDgy0GV9RHDIdNAOInU/4LEETovrtuBU7Z1q4tcHXvN6Hd1H8 +gMb0mCG5I393qW5hFsA/diFb +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIRAPQAvihfjBg/JDbj6U64K98wDQYJKoZIhvcNAQELBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1ub3J0aGVhc3QtMiBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTIwMTYyODQxWhgPMjA2MTA1MjAxNzI4NDFa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtbm9ydGhlYXN0LTIgUm9vdCBDQSBSU0EyMDQ4IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +vJ9lgyksCxkBlY40qOzI1TCj/Q0FVGuPL/Z1Mw2YN0l+41BDv0FHApjTUkIKOeIP +nwDwpXTa3NjYbk3cOZ/fpH2rYJ++Fte6PNDGPgKppVCUh6x3jiVZ1L7wOgnTdK1Q +Trw8440IDS5eLykRHvz8OmwvYDl0iIrt832V0QyOlHTGt6ZJ/aTQKl12Fy3QBLv7 +stClPzvHTrgWqVU6uidSYoDtzHbU7Vda7YH0wD9IUoMBf7Tu0rqcE4uH47s2XYkc +SdLEoOg/Ngs7Y9B1y1GCyj3Ux7hnyvCoRTw014QyNB7dTatFMDvYlrRDGG14KeiU +UL7Vo/+EejWI31eXNLw84wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBQkgTWFsNg6wA3HbbihDQ4vpt1E2zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggEBAGz1Asiw7hn5WYUj8RpOCzpE0h/oBZcnxP8wulzZ5Xd0YxWO +0jYUcUk3tTQy1QvoY+Q5aCjg6vFv+oFBAxkib/SmZzp4xLisZIGlzpJQuAgRkwWA +6BVMgRS+AaOMQ6wKPgz1x4v6T0cIELZEPq3piGxvvqkcLZKdCaeC3wCS6sxuafzZ +4qA3zMwWuLOzRftgX2hQto7d/2YkRXga7jSvQl3id/EI+xrYoH6zIWgjdU1AUaNq +NGT7DIo47vVMfnd9HFZNhREsd4GJE83I+JhTqIxiKPNxrKgESzyADmNPt0gXDnHo +tbV1pMZz5HpJtjnP/qVZhEK5oB0tqlKPv9yx074= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICuTCCAj6gAwIBAgIRAKp1Rn3aL/g/6oiHVIXtCq8wCgYIKoZIzj0EAwMwgZsx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE0MDIGA1UEAwwrQW1h +em9uIFJEUyBhcC1ub3J0aGVhc3QtMyBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMTA1MjQyMDMyMTdaGA8yMTIxMDUyNDIxMzIxN1owgZsx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE0MDIGA1UEAwwrQW1h +em9uIFJEUyBhcC1ub3J0aGVhc3QtMyBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UE +BwwHU2VhdHRsZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABGTYWPILeBJXfcL3Dz4z +EWMUq78xB1HpjBwHoTURYfcMd5r96BTVG6yaUBWnAVCMeeD6yTG9a1eVGNhG14Hk +ZAEjgLiNB7RRbEG5JZ/XV7W/vODh09WCst2y9SLKsdgeAaNCMEAwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUoE0qZHmDCDB+Bnm8GUa/evpfPwgwDgYDVR0PAQH/ +BAQDAgGGMAoGCCqGSM49BAMDA2kAMGYCMQCnil5MMwhY3qoXv0xvcKZGxGPaBV15 +0CCssCKn0oVtdJQfJQ3Jrf3RSaEyijXIJsoCMQC35iJi4cWoNX3N/qfgnHohW52O +B5dg0DYMqy5cNZ40+UcAanRMyqNQ6P7fy3umGco= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtzCCAj2gAwIBAgIQPXnDTPegvJrI98qz8WxrMjAKBggqhkjOPQQDAzCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIEJldGEgdXMtZWFzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUxODIxNDAxMloYDzIxMjEwNTE4MjI0MDEyWjCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIEJldGEgdXMtZWFzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEI0sR7gwutK5AB46hM761 +gcLTGBIYlURSEoM1jcBwy56CL+3CJKZwLLyJ7qoOKfWbu5GsVLUTWS8MV6Nw33cx +2KQD2svb694wi+Px2f4n9+XHkEFQw8BbiodDD7RZA70fo0IwQDAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBTQSioOvnVLEMXwNSDg+zgln/vAkjAOBgNVHQ8BAf8E +BAMCAYYwCgYIKoZIzj0EAwMDaAAwZQIxAMwu1hqm5Bc98uE/E0B5iMYbBQ4kpMxO +tP8FTfz5UR37HUn26nXE0puj6S/Ffj4oJgIwXI7s2c26tFQeqzq6u3lrNJHp5jC9 +Uxlo/hEJOLoDj5jnpxo8dMAtCNoQPaHdfL0P +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjWgAwIBAgIQGKVv+5VuzEZEBzJ+bVfx2zAKBggqhkjOPQQDAzCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGFwLXNvdXRoLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTE5MTc1MDU5WhgPMjEyMTA1MTkxODUwNTlaMIGXMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpvbiBS +RFMgYXAtc291dGgtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2VhdHRs +ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMqdLJ0tZF/DGFZTKZDrGRJZID8ivC2I +JRCYTWweZKCKSCAzoiuGGHzJhr5RlLHQf/QgmFcgXsdmO2n3CggzhA4tOD9Ip7Lk +P05eHd2UPInyPCHRgmGjGb0Z+RdQ6zkitKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUC1yhRgVqU5bR8cGzOUCIxRpl4EYwDgYDVR0PAQH/BAQDAgGGMAoG +CCqGSM49BAMDA2cAMGQCMG0c/zLGECRPzGKJvYCkpFTCUvdP4J74YP0v/dPvKojL +t/BrR1Tg4xlfhaib7hPc7wIwFvgqHes20CubQnZmswbTKLUrgSUW4/lcKFpouFd2 +t2/ewfi/0VhkeUW+IiHhOMdU +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCTCCA/GgAwIBAgIRAOXxJuyXVkbfhZCkS/dOpfEwDQYJKoZIhvcNAQEMBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1ub3J0aGVhc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTI1MjE1OTEwWhgPMjEyMTA1MjUyMjU5MTBa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtbm9ydGhlYXN0LTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +xiP4RDYm4tIS12hGgn1csfO8onQDmK5SZDswUpl0HIKXOUVVWkHNlINkVxbdqpqH +FhbyZmNN6F/EWopotMDKe1B+NLrjNQf4zefv2vyKvPHJXhxoKmfyuTd5Wk8k1F7I +lNwLQzznB+ElhrLIDJl9Ro8t31YBBNFRGAGEnxyACFGcdkjlsa52UwfYrwreEg2l +gW5AzqHgjFfj9QRLydeU/n4bHm0F1adMsV7P3rVwilcUlqsENDwXnWyPEyv3sw6F +wNemLEs1129mB77fwvySb+lLNGsnzr8w4wdioZ74co+T9z2ca+eUiP+EQccVw1Is +D4Fh57IjPa6Wuc4mwiUYKkKY63+38aCfEWb0Qoi+zW+mE9nek6MOQ914cN12u5LX +dBoYopphRO5YmubSN4xcBy405nIdSdbrAVWwxXnVVyjqjknmNeqQsPZaxAhdoKhV +AqxNr8AUAdOAO6Sz3MslmcLlDXFihrEEOeUbpg/m1mSUUHGbu966ajTG1FuEHHwS +7WB52yxoJo/tHvt9nAWnh3uH5BHmS8zn6s6CGweWKbX5yICnZ1QFR1e4pogxX39v +XD6YcNOO+Vn+HY4nXmjgSYVC7l+eeP8eduMg1xJujzjrbmrXU+d+cBObgdTOAlpa +JFHaGwYw1osAwPCo9cZ2f04yitBfj9aPFia8ASKldakCAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUqKS+ltlior0SyZKYAkJ/efv55towDgYDVR0P +AQH/BAQDAgGGMA0GCSqGSIb3DQEBDAUAA4ICAQAdElvp8bW4B+Cv+1WSN87dg6TN +wGyIjJ14/QYURgyrZiYpUmZpj+/pJmprSWXu4KNyqHftmaidu7cdjL5nCAvAfnY5 +/6eDDbX4j8Gt9fb/6H9y0O0dn3mUPSEKG0crR+JRFAtPhn/2FNvst2P82yguWLv0 +pHjHVUVcq+HqDMtUIJsTPYjSh9Iy77Q6TOZKln9dyDOWJpCSkiUWQtMAKbCSlvzd +zTs/ahqpT+zLfGR1SR+T3snZHgQnbnemmz/XtlKl52NxccARwfcEEKaCRQyGq/pR +0PVZasyJS9JY4JfQs4YOdeOt4UMZ8BmW1+BQWGSkkb0QIRl8CszoKofucAlqdPcO +IT/ZaMVhI580LFGWiQIizWFskX6lqbCyHqJB3LDl8gJISB5vNTHOHpvpMOMs5PYt +cRl5Mrksx5MKMqG7y5R734nMlZxQIHjL5FOoOxTBp9KeWIL/Ib89T2QDaLw1SQ+w +ihqWBJ4ZdrIMWYpP3WqM+MXWk7WAem+xsFJdR+MDgOOuobVQTy5dGBlPks/6gpjm +rO9TjfQ36ppJ3b7LdKUPeRfnYmlR5RU4oyYJ//uLbClI443RZAgxaCXX/nyc12lr +eVLUMNF2abLX4/VF63m2/Z9ACgMRfqGshPssn1NN33OonrotQoj4S3N9ZrjvzKt8 +iHcaqd60QKpfiH2A3A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICuDCCAj2gAwIBAgIQPaVGRuu86nh/ylZVCLB0MzAKBggqhkjOPQQDAzCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLW5vcnRoZWFzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyNTIyMDMxNloYDzIxMjEwNTI1MjMwMzE2WjCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLW5vcnRoZWFzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEexNURoB9KE93MEtEAlJG +obz4LS/pD2hc8Gczix1WhVvpJ8bN5zCDXaKdnDMCebetyRQsmQ2LYlfmCwpZwSDu +0zowB11Pt3I5Avu2EEcuKTlKIDMBeZ1WWuOd3Tf7MEAMo0IwQDAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBSaYbZPBvFLikSAjpa8mRJvyArMxzAOBgNVHQ8BAf8E +BAMCAYYwCgYIKoZIzj0EAwMDaQAwZgIxAOEJkuh3Zjb7Ih/zuNRd1RBqmIYcnyw0 +nwUZczKXry+9XebYj3VQxSRNadrarPWVqgIxAMg1dyGoDAYjY/L/9YElyMnvHltO +PwpJShmqHvCLc/mXMgjjYb/akK7yGthvW6j/uQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCDCCA/CgAwIBAgIQChu3v5W1Doil3v6pgRIcVzANBgkqhkiG9w0BAQwFADCB +nDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTUwMwYDVQQDDCxB +bWF6b24gUkRTIEJldGEgdXMtZWFzdC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4G +A1UEBwwHU2VhdHRsZTAgFw0yMTA1MTgyMTM0MTVaGA8yMTIxMDUxODIyMzQxNVow +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBCZXRhIHVzLWVhc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC1 +FUGQ5tf3OwpDR6hGBxhUcrkwKZhaXP+1St1lSOQvjG8wXT3RkKzRGMvb7Ee0kzqI +mzKKe4ASIhtV3UUWdlNmP0EA3XKnif6N79MismTeGkDj75Yzp5A6tSvqByCgxIjK +JqpJrch3Dszoyn8+XhwDxMZtkUa5nQVdJgPzJ6ltsQ8E4SWLyLtTu0S63jJDkqYY +S7cQblk7y7fel+Vn+LS5dGTdRRhMvSzEnb6mkVBaVzRyVX90FNUED06e8q+gU8Ob +htvQlf9/kRzHwRAdls2YBhH40ZeyhpUC7vdtPwlmIyvW5CZ/QiG0yglixnL6xahL +pbmTuTSA/Oqz4UGQZv2WzHe1lD2gRHhtFX2poQZeNQX8wO9IcUhrH5XurW/G9Xwl +Sat9CMPERQn4KC3HSkat4ir2xaEUrjfg6c4XsGyh2Pk/LZ0gLKum0dyWYpWP4JmM +RQNjrInXPbMhzQObozCyFT7jYegS/3cppdyy+K1K7434wzQGLU1gYXDKFnXwkX8R +bRKgx2pHNbH5lUddjnNt75+e8m83ygSq/ZNBUz2Ur6W2s0pl6aBjwaDES4VfWYlI +jokcmrGvJNDfQWygb1k00eF2bzNeNCHwgWsuo3HSxVgc/WGsbcGrTlDKfz+g3ich +bXUeUidPhRiv5UQIVCLIHpHuin3bj9lQO/0t6p+tAQIDAQABo0IwQDAPBgNVHRMB +Af8EBTADAQH/MB0GA1UdDgQWBBSFmMBgm5IsRv3hLrvDPIhcPweXYTAOBgNVHQ8B +Af8EBAMCAYYwDQYJKoZIhvcNAQEMBQADggIBAAa2EuozymOsQDJlEi7TqnyA2OhT +GXPfYqCyMJVkfrqNgcnsNpCAiNEiZbb+8sIPXnT8Ay8hrwJYEObJ5b7MHXpLuyft +z0Pu1oFLKnQxKjNxrIsCvaB4CRRdYjm1q7EqGhMGv76se9stOxkOqO9it31w/LoU +ENDk7GLsSqsV1OzYLhaH8t+MaNP6rZTSNuPrHwbV3CtBFl2TAZ7iKgKOhdFz1Hh9 +Pez0lG+oKi4mHZ7ajov6PD0W7njn5KqzCAkJR6OYmlNVPjir+c/vUtEs0j+owsMl +g7KE5g4ZpTRShyh5BjCFRK2tv0tkqafzNtxrKC5XNpEkqqVTCnLcKG+OplIEadtr +C7UWf4HyhCiR+xIyxFyR05p3uY/QQU/5uza7GlK0J+U1sBUytx7BZ+Fo8KQfPPqV +CqDCaYUksoJcnJE/KeoksyqNQys7sDGJhkd0NeUGDrFLKHSLhIwAMbEWnqGxvhli +E7sP2E5rI/I9Y9zTbLIiI8pfeZlFF8DBdoP/Hzg8pqsiE/yiXSFTKByDwKzGwNqz +F0VoFdIZcIbLdDbzlQitgGpJtvEL7HseB0WH7B2PMMD8KPJlYvPveO3/6OLzCsav ++CAkvk47NQViKMsUTKOA0JDCW+u981YRozxa3K081snhSiSe83zIPBz1ikldXxO9 +6YYLNPRrj3mi9T/f +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjSgAwIBAgIRAMkvdFnVDb0mWWFiXqnKH68wCgYIKoZIzj0EAwMwgZYx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1h +em9uIFJEUyB1cy13ZXN0LTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTE5MTkxMzI0WhgPMjEyMTA1MTkyMDEzMjRaMIGWMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExLzAtBgNVBAMMJkFtYXpvbiBS +RFMgdXMtd2VzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdTZWF0dGxl +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEy86DB+9th/0A5VcWqMSWDxIUblWTt/R0 +ao6Z2l3vf2YDF2wt1A2NIOGpfQ5+WAOJO/IQmnV9LhYo+kacB8sOnXdQa6biZZkR +IyouUfikVQAKWEJnh1Cuo5YMM4E2sUt5o0IwQDAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBQ8u3OnecANmG8OoT7KLWDuFzZwBTAOBgNVHQ8BAf8EBAMCAYYwCgYI +KoZIzj0EAwMDaAAwZQIwQ817qkb7mWJFnieRAN+m9W3E0FLVKaV3zC5aYJUk2fcZ +TaUx3oLp3jPLGvY5+wgeAjEA6wAicAki4ZiDfxvAIuYiIe1OS/7H5RA++R8BH6qG +iRzUBM/FItFpnkus7u/eTkvo +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrzCCAjWgAwIBAgIQS/+Ryfgb/IOVEa1pWoe8oTAKBggqhkjOPQQDAzCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGFwLXNvdXRoLTIgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjIwNjA2MjE1NDQyWhgPMjEyMjA2MDYyMjU0NDJaMIGXMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpvbiBS +RFMgYXAtc291dGgtMiBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2VhdHRs +ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDsX6fhdUWBQpYTdseBD/P3s96Dtw2Iw +OrXKNToCnmX5nMkUGdRn9qKNiz1pw3EPzaPxShbYwQ7LYP09ENK/JN4QQjxMihxC +jLFxS85nhBQQQGRCWikDAe38mD8fSvREQKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUIh1xZiseQYFjPYKJmGbruAgRH+AwDgYDVR0PAQH/BAQDAgGGMAoG +CCqGSM49BAMDA2gAMGUCMFudS4zLy+UUGrtgNLtRMcu/DZ9BUzV4NdHxo0bkG44O +thnjl4+wTKI6VbyAbj2rkgIxAOHps8NMITU5DpyiMnKTxV8ubb/WGHrLl0BjB8Lw +ETVJk5DNuZvsIIcm7ykk6iL4Tw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGBDCCA+ygAwIBAgIQDcEmNIAVrDpUw5cH5ynutDANBgkqhkiG9w0BAQwFADCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIG1lLWNlbnRyYWwtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNV +BAcMB1NlYXR0bGUwIBcNMjIwNTA3MDA0MDIzWhgPMjEyMjA1MDcwMTQwMjNaMIGa +MQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5j +LjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMzAxBgNVBAMMKkFt +YXpvbiBSRFMgbWUtY2VudHJhbC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKvADk8t +Fl9bFlU5sajLPPDSOUpPAkKs6iPlz+27o1GJC88THcOvf3x0nVAcu9WYe9Qaas+4 +j4a0vv51agqyODRD/SNi2HnqW7DbtLPAm6KBHe4twl28ItB/JD5g7u1oPAHFoXMS +cH1CZEAs5RtlZGzJhcBXLFsHNv/7+SCLyZ7+2XFh9OrtgU4wMzkHoRNndhfwV5bu +17bPTwuH+VxH37zXf1mQ/KjhuJos0C9dL0FpjYBAuyZTAWhZKs8dpSe4DI544z4w +gkwUB4bC2nA1TBzsywEAHyNuZ/xRjNpWvx0ToWAA2iFJqC3VO3iKcnBplMvaUuMt +jwzVSNBnKcoabXCZL2XDLt4YTZR8FSwz05IvsmwcPB7uNTBXq3T9sjejW8QQK3vT +tzyfLq4jKmQE7PoS6cqYm+hEPm2hDaC/WP9bp3FdEJxZlPH26fq1b7BWYWhQ9pBA +Nv9zTnzdR1xohTyOJBUFQ81ybEzabqXqVXUIANqIOaNcTB09/sLJ7+zuMhp3mwBu +LtjfJv8PLuT1r63bU3seROhKA98b5KfzjvbvPSg3vws78JQyoYGbqNyDfyjVjg3U +v//AdVuPie6PNtdrW3upZY4Qti5IjP9e3kimaJ+KAtTgMRG56W0WxD3SP7+YGGbG +KhntDOkKsN39hLpn9UOafTIqFu7kIaueEy/NAgMBAAGjQjBAMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFHAems86dTwdZbLe8AaPy3kfIUVoMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQwFAAOCAgEAOBHpp0ICx81kmeoBcZTrMdJs2gnhcd85 +FoSCjXx9H5XE5rmN/lQcxxOgj8hr3uPuLdLHu+i6THAyzjrl2NA1FWiqpfeECGmy +0jm7iZsYORgGQYp/VKnDrwnKNSqlZvOuRr0kfUexwFlr34Y4VmupvEOK/RdGsd3S ++3hiemcHse9ST/sJLHx962AWMkN86UHPscJEe4+eT3f2Wyzg6La8ARwdWZSNS+WH +ZfybrncMmuiXuUdHv9XspPsqhKgtHhcYeXOGUtrwQPLe3+VJZ0LVxhlTWr9951GZ +GfmWwTV/9VsyKVaCFIXeQ6L+gjcKyEzYF8wpMtQlSc7FFqwgC4bKxvMBSaRy88Nr +lV2+tJD/fr8zGUeBK44Emon0HKDBWGX+/Hq1ZIv0Da0S+j6LbA4fusWxtGfuGha+ +luhHgVInCpALIOamiBEdGhILkoTtx7JrYppt3/Raqg9gUNCOOYlCvGhqX7DXeEfL +DGabooiY2FNWot6h04JE9nqGj5QqT8D6t/TL1nzxhRPzbcSDIHUd/b5R+a0bAA+7 +YTU6JqzEVCWKEIEynYmqikgLMGB/OzWsgyEL6822QW6hJAQ78XpbNeCzrICF4+GC +7KShLnwuWoWpAb26268lvOEvCTFM47VC6jNQl97md+2SA9Ma81C9wflid2M83Wle +cuLMVcQZceE= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIQAhAteLRCvizAElaWORFU2zANBgkqhkiG9w0BAQsFADCB +mDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChB +bWF6b24gUkRTIG1lLXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyMDE3MDkxNloYDzIwNjEwNTIwMTgwOTE2WjCBmDEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChBbWF6 +b24gUkRTIG1lLXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+qg7JAcOVKjh +N83SACnBFZPyB63EusfDr/0V9ZdL8lKcmZX9sv/CqoBo3N0EvBqHQqUUX6JvFb7F +XrMUZ740kr28gSRALfXTFgNODjXeDsCtEkKRTkac/UM8xXHn+hR7UFRPHS3e0GzI +iLiwQWDkr0Op74W8aM0CfaVKvh2bp4BI1jJbdDnQ9OKXpOxNHGUf0ZGb7TkNPkgI +b2CBAc8J5o3H9lfw4uiyvl6Fz5JoP+A+zPELAioYBXDrbE7wJeqQDJrETWqR9VEK +BXURCkVnHeaJy123MpAX2ozf4pqk0V0LOEOZRS29I+USF5DcWr7QIXR/w2I8ws1Q +7ys+qbE+kQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQFJ16n +1EcCMOIhoZs/F9sR+Jy++zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD +ggEBAOc5nXbT3XTDEZsxX2iD15YrQvmL5m13B3ImZWpx/pqmObsgx3/dg75rF2nQ +qS+Vl+f/HLh516pj2BPP/yWCq12TRYigGav8UH0qdT3CAClYy2o+zAzUJHm84oiB +ud+6pFVGkbqpsY+QMpJUbZWu52KViBpJMYsUEy+9cnPSFRVuRAHjYynSiLk2ZEjb +Wkdc4x0nOZR5tP0FgrX0Ve2KcjFwVQJVZLgOUqmFYQ/G0TIIGTNh9tcmR7yp+xJR +A2tbPV2Z6m9Yxx4E8lLEPNuoeouJ/GR4CkMEmF8cLwM310t174o3lKKUXJ4Vs2HO +Wj2uN6R9oI+jGLMSswTzCNV1vgc= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICuDCCAj6gAwIBAgIRAOocLeZWjYkG/EbHmscuy8gwCgYIKoZIzj0EAwMwgZsx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE0MDIGA1UEAwwrQW1h +em9uIFJEUyBhcC1zb3V0aGVhc3QtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMTA1MjEyMTUwMDFaGA8yMTIxMDUyMTIyNTAwMVowgZsx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE0MDIGA1UEAwwrQW1h +em9uIFJEUyBhcC1zb3V0aGVhc3QtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UE +BwwHU2VhdHRsZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABCEr3jq1KtRncnZfK5cq +btY0nW6ZG3FMbh7XwBIR6Ca0f8llGZ4vJEC1pXgiM/4Dh045B9ZIzNrR54rYOIfa +2NcYZ7mk06DjIQML64hbAxbQzOAuNzLPx268MrlL2uW2XaNCMEAwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUln75pChychwN4RfHl+tOinMrfVowDgYDVR0PAQH/ +BAQDAgGGMAoGCCqGSM49BAMDA2gAMGUCMGiyPINRU1mwZ4Crw01vpuPvxZxb2IOr +yX3RNlOIu4We1H+5dQk5tIvH8KGYFbWEpAIxAO9NZ6/j9osMhLgZ0yj0WVjb+uZx +YlZR9fyFisY/jNfX7QhSk+nrc3SFLRUNtpXrng== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBTCCAu2gAwIBAgIRAKiaRZatN8eiz9p0s0lu0rQwDQYJKoZIhvcNAQELBQAw +gZoxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEzMDEGA1UEAwwq +QW1hem9uIFJEUyBjYS1jZW50cmFsLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYD +VQQHDAdTZWF0dGxlMCAXDTIxMDUyMTIyMDIzNVoYDzIwNjEwNTIxMjMwMjM1WjCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIGNhLWNlbnRyYWwtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNV +BAcMB1NlYXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCygVMf +qB865IR9qYRBRFHn4eAqGJOCFx+UbraQZmjr/mnRqSkY+nhbM7Pn/DWOrRnxoh+w +q5F9ZxdZ5D5T1v6kljVwxyfFgHItyyyIL0YS7e2h7cRRscCM+75kMedAP7icb4YN +LfWBqfKHbHIOqvvQK8T6+Emu/QlG2B5LvuErrop9K0KinhITekpVIO4HCN61cuOe +CADBKF/5uUJHwS9pWw3uUbpGUwsLBuhJzCY/OpJlDqC8Y9aToi2Ivl5u3/Q/sKjr +6AZb9lx4q3J2z7tJDrm5MHYwV74elGSXoeoG8nODUqjgklIWAPrt6lQ3WJpO2kug +8RhCdSbWkcXHfX95AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FOIxhqTPkKVqKBZvMWtKewKWDvDBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0B +AQsFAAOCAQEAqoItII89lOl4TKvg0I1EinxafZLXIheLcdGCxpjRxlZ9QMQUN3yb +y/8uFKBL0otbQgJEoGhxm4h0tp54g28M6TN1U0332dwkjYxUNwvzrMaV5Na55I2Z +1hq4GB3NMXW+PvdtsgVOZbEN+zOyOZ5MvJHEQVkT3YRnf6avsdntltcRzHJ16pJc +Y8rR7yWwPXh1lPaPkxddrCtwayyGxNbNmRybjR48uHRhwu7v2WuAMdChL8H8bp89 +TQLMrMHgSbZfee9hKhO4Zebelf1/cslRSrhkG0ESq6G5MUINj6lMg2g6F0F7Xz2v +ncD/vuRN5P+vT8th/oZ0Q2Gc68Pun0cn/g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/zCCAuegAwIBAgIRAJYlnmkGRj4ju/2jBQsnXJYwDQYJKoZIhvcNAQELBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyB1cy1lYXN0LTIgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyMTIzMDQ0NFoYDzIwNjEwNTIyMDAwNDQ0WjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIHVzLWVhc3QtMiBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC74V3eigv+pCj5 +nqDBqplY0Jp16pTeNB06IKbzb4MOTvNde6QjsZxrE1xUmprT8LxQqN9tI3aDYEYk +b9v4F99WtQVgCv3Y34tYKX9NwWQgwS1vQwnIR8zOFBYqsAsHEkeJuSqAB12AYUSd +Zv2RVFjiFmYJho2X30IrSLQfS/IE3KV7fCyMMm154+/K1Z2IJlcissydEAwgsUHw +edrE6CxJVkkJ3EvIgG4ugK/suxd8eEMztaQYJwSdN8TdfT59LFuSPl7zmF3fIBdJ +//WexcQmGabaJ7Xnx+6o2HTfkP8Zzzzaq8fvjAcvA7gyFH5EP26G2ZqMG+0y4pTx +SPVTrQEXAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIWWuNEF +sUMOC82XlfJeqazzrkPDMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOC +AQEAgClmxcJaQTGpEZmjElL8G2Zc8lGc+ylGjiNlSIw8X25/bcLRptbDA90nuP+q +zXAMhEf0ccbdpwxG/P5a8JipmHgqQLHfpkvaXx+0CuP++3k+chAJ3Gk5XtY587jX ++MJfrPgjFt7vmMaKmynndf+NaIJAYczjhJj6xjPWmGrjM3MlTa9XesmelMwP3jep +bApIWAvCYVjGndbK9byyMq1nyj0TUzB8oJZQooaR3MMjHTmADuVBylWzkRMxbKPl +4Nlsk4Ef1JvIWBCzsMt+X17nuKfEatRfp3c9tbpGlAE/DSP0W2/Lnayxr4RpE9ds +ICF35uSis/7ZlsftODUe8wtpkQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/zCCA+egAwIBAgIRAPvvd+MCcp8E36lHziv0xhMwDQYJKoZIhvcNAQEMBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyB1cy1lYXN0LTIgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyMTIzMTEwNloYDzIxMjEwNTIyMDAxMTA2WjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIHVzLWVhc3QtMiBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDbvwekKIKGcV/s +lDU96a71ZdN2pTYkev1X2e2/ICb765fw/i1jP9MwCzs8/xHBEQBJSxdfO4hPeNx3 +ENi0zbM+TrMKliS1kFVe1trTTEaHYjF8BMK9yTY0VgSpWiGxGwg4tshezIA5lpu8 +sF6XMRxosCEVCxD/44CFqGZTzZaREIvvFPDTXKJ6yOYnuEkhH3OcoOajHN2GEMMQ +ShuyRFDQvYkqOC/Q5icqFbKg7eGwfl4PmimdV7gOVsxSlw2s/0EeeIILXtHx22z3 +8QBhX25Lrq2rMuaGcD3IOMBeBo2d//YuEtd9J+LGXL9AeOXHAwpvInywJKAtXTMq +Wsy3LjhuANFrzMlzjR2YdjkGVzeQVx3dKUzJ2//Qf7IXPSPaEGmcgbxuatxjnvfT +H85oeKr3udKnXm0Kh7CLXeqJB5ITsvxI+Qq2iXtYCc+goHNR01QJwtGDSzuIMj3K +f+YMrqBXZgYBwU2J/kCNTH31nfw96WTbOfNGwLwmVRDgguzFa+QzmQsJW4FTDMwc +7cIjwdElQQVA+Gqa67uWmyDKAnoTkudmgAP+OTBkhnmc6NJuZDcy6f/iWUdl0X0u +/tsfgXXR6ZovnHonM13ANiN7VmEVqFlEMa0VVmc09m+2FYjjlk8F9sC7Rc4wt214 +7u5YvCiCsFZwx44baP5viyRZgkJVpQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBQgCZCsc34nVTRbWsniXBPjnUTQ2DAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQEMBQADggIBAAQas3x1G6OpsIvQeMS9BbiHG3+kU9P/ba6Rrg+E +lUz8TmL04Bcd+I+R0IyMBww4NznT+K60cFdk+1iSmT8Q55bpqRekyhcdWda1Qu0r +JiTi7zz+3w2v66akofOnGevDpo/ilXGvCUJiLOBnHIF0izUqzvfczaMZGJT6xzKq +PcEVRyAN1IHHf5KnGzUlVFv9SGy47xJ9I1vTk24JU0LWkSLzMMoxiUudVmHSqJtN +u0h+n/x3Q6XguZi1/C1KOntH56ewRh8n5AF7c+9LJJSRM9wunb0Dzl7BEy21Xe9q +03xRYjf5wn8eDELB8FZPa1PrNKXIOLYM9egdctbKEcpSsse060+tkyBrl507+SJT +04lvJ4tcKjZFqxn+bUkDQvXYj0D3WK+iJ7a8kZJPRvz8BDHfIqancY8Tgw+69SUn +WqIb+HNZqFuRs16WFSzlMksqzXv6wcDSyI7aZOmCGGEcYW9NHk8EuOnOQ+1UMT9C +Qb1GJcipjRzry3M4KN/t5vN3hIetB+/PhmgTO4gKhBETTEyPC3HC1QbdVfRndB6e +U/NF2U/t8U2GvD26TTFLK4pScW7gyw4FQyXWs8g8FS8f+R2yWajhtS9++VDJQKom +fAUISoCH+PlPRJpu/nHd1Zrddeiiis53rBaLbXu2J1Q3VqjWOmtj0HjxJJxWnYmz +Pqj2 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGATCCA+mgAwIBAgIRAI/U4z6+GF8/znpHM8Dq8G0wDQYJKoZIhvcNAQEMBQAw +gZgxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwo +QW1hem9uIFJEUyBhcC1zb3V0aC0yIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMjA2MDYyMTQ4MThaGA8yMTIyMDYwNjIyNDgxOFowgZgx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwoQW1h +em9uIFJEUyBhcC1zb3V0aC0yIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwH +U2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK5WqMvyq888 +3uuOtEj1FcP6iZhqO5kJurdJF59Otp2WCg+zv6I+QwaAspEWHQsKD405XfFsTGKV +SKTCwoMxwBniuChSmyhlagQGKSnRY9+znOWq0v7hgmJRwp6FqclTbubmr+K6lzPy +hs86mEp68O5TcOTYWUlPZDqfKwfNTbtCl5YDRr8Gxb5buHmkp6gUSgDkRsXiZ5VV +b3GBmXRqbnwo5ZRNAzQeM6ylXCn4jKs310lQGUrFbrJqlyxUdfxzqdlaIRn2X+HY +xRSYbHox3LVNPpJxYSBRvpQVFSy9xbX8d1v6OM8+xluB31cbLBtm08KqPFuqx+cO +I2H5F0CYqYzhyOSKJsiOEJT6/uH4ewryskZzncx9ae62SC+bB5n3aJLmOSTkKLFY +YS5IsmDT2m3iMgzsJNUKVoCx2zihAzgBanFFBsG+Xmoq0aKseZUI6vd2qpd5tUST +/wS1sNk0Ph7teWB2ACgbFE6etnJ6stwjHFZOj/iTYhlnR2zDRU8akunFdGb6CB4/ +hMxGJxaqXSJeGtHm7FpadlUTf+2ESbYcVW+ui/F8sdBJseQdKZf3VdZZMgM0bcaX +NE47cauDTy72WdU9YJX/YXKYMLDE0iFHTnGpfVGsuWGPYhlwZ3dFIO07mWnCRM6X +u5JXRB1oy5n5HRluMsmpSN/R92MeBxKFAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFNtH0F0xfijSLHEyIkRGD9gW6NazMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQwFAAOCAgEACo+5jFeY3ygxoDDzL3xpfe5M0U1WxdKk+az4 +/OfjZvkoma7WfChi3IIMtwtKLYC2/seKWA4KjlB3rlTsCVNPnK6D+gAnybcfTKk/ +IRSPk92zagwQkSUWtAk80HpVfWJzpkSU16ejiajhedzOBRtg6BwsbSqLCDXb8hXr +eXWC1S9ZceGc+LcKRHewGWPu31JDhHE9bNcl9BFSAS0lYVZqxIRWxivZ+45j5uQv +wPrC8ggqsdU3K8quV6dblUQzzA8gKbXJpCzXZihkPrYpQHTH0szvXvgebh+CNUAG +rUxm8+yTS0NFI3U+RLbcLFVzSvjMOnEwCX0SPj5XZRYYXs5ajtQCoZhTUkkwpDV8 +RxXk8qGKiXwUxDO8GRvmvM82IOiXz5w2jy/h7b7soyIgdYiUydMq4Ja4ogB/xPZa +gf4y0o+bremO15HFf1MkaU2UxPK5FFVUds05pKvpSIaQWbF5lw4LHHj4ZtVup7zF +CLjPWs4Hs/oUkxLMqQDw0FBwlqa4uot8ItT8uq5BFpz196ZZ+4WXw5PVzfSxZibI +C/nwcj0AS6qharXOs8yPnPFLPSZ7BbmWzFDgo3tpglRqo3LbSPsiZR+sLeivqydr +0w4RK1btRda5Ws88uZMmW7+2aufposMKcbAdrApDEAVzHijbB/nolS5nsnFPHZoA +KDPtFEk= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtzCCAj2gAwIBAgIQVZ5Y/KqjR4XLou8MCD5pOjAKBggqhkjOPQQDAzCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLXNvdXRoZWFzdC00IFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIyMDUyNTE2NTgzM1oYDzIxMjIwNTI1MTc1ODMzWjCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLXNvdXRoZWFzdC00IFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEbo473OmpD5vkckdJajXg +brhmNFyoSa0WCY1njuZC2zMFp3zP6rX4I1r3imrYnJd9pFH/aSiV/r6L5ACE5RPx +4qdg5SQ7JJUaZc3DWsTOiOed7BCZSzM+KTYK/2QzDMApo0IwQDAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBTmogc06+1knsej1ltKUOdWFvwgsjAOBgNVHQ8BAf8E +BAMCAYYwCgYIKoZIzj0EAwMDaAAwZQIxAIs7TlLMbGTWNXpGiKf9DxaM07d/iDHe +F/Vv/wyWSTGdobxBL6iArQNVXz0Gr4dvPAIwd0rsoa6R0x5mtvhdRPtM37FYrbHJ +pbV+OMusQqcSLseunLBoCHenvJW0QOCQ8EDY +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICvTCCAkOgAwIBAgIQCIY7E/bFvFN2lK9Kckb0dTAKBggqhkjOPQQDAzCBnjEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTcwNQYDVQQDDC5BbWF6 +b24gUkRTIFByZXZpZXcgdXMtZWFzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYD +VQQHDAdTZWF0dGxlMCAXDTIxMDUxODIxMDUxMFoYDzIxMjEwNTE4MjIwNTEwWjCB +njELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTcwNQYDVQQDDC5B +bWF6b24gUkRTIFByZXZpZXcgdXMtZWFzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMI0hzf1JCEOI +Eue4+DmcNnSs2i2UaJxHMrNGGfU7b42a7vwP53F7045ffHPBGP4jb9q02/bStZzd +VHqfcgqkSRI7beBKjD2mfz82hF/wJSITTgCLs+NRpS6zKMFOFHUNo0IwQDAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBS8uF/6hk5mPLH4qaWv9NVZaMmyTjAOBgNV +HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaAAwZQIxAO7Pu9wzLyM0X7Q08uLIL+vL +qaxe3UFuzFTWjM16MLJHbzLf1i9IDFKz+Q4hXCSiJwIwClMBsqT49BPUxVsJnjGr +EbyEk6aOOVfY1p2yQL649zh3M4h8okLnwf+bYIb1YpeU +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIQY+JhwFEQTe36qyRlUlF8ozANBgkqhkiG9w0BAQsFADCB +mDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChB +bWF6b24gUkRTIGFmLXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUxOTE5MjQxNloYDzIwNjEwNTE5MjAyNDE2WjCBmDEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChBbWF6 +b24gUkRTIGFmLXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIye77j6ev40 +8wRPyN2OdKFSUfI9jB20Or2RLO+RDoL43+USXdrze0Wv4HMRLqaen9BcmCfaKMp0 +E4SFo47bXK/O17r6G8eyq1sqnHE+v288mWtYH9lAlSamNFRF6YwA7zncmE/iKL8J +0vePHMHP/B6svw8LULZCk+nZk3tgxQn2+r0B4FOz+RmpkoVddfqqUPMbKUxhM2wf +fO7F6bJaUXDNMBPhCn/3ayKCjYr49ErmnpYV2ZVs1i34S+LFq39J7kyv6zAgbHv9 ++/MtRMoRB1CjpqW0jIOZkHBdYcd1o9p1zFn591Do1wPkmMsWdjIYj+6e7UXcHvOB +2+ScIRAcnwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQGtq2W +YSyMMxpdQ3IZvcGE+nyZqTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD +ggEBAEgoP3ixJsKSD5FN8dQ01RNHERl/IFbA7TRXfwC+L1yFocKnQh4Mp/msPRSV ++OeHIvemPW/wtZDJzLTOFJ6eTolGekHK1GRTQ6ZqsWiU2fmiOP8ks4oSpI+tQ9Lw +VrfZqTiEcS5wEIqyfUAZZfKDo7W1xp+dQWzfczSBuZJZwI5iaha7+ILM0r8Ckden +TVTapc5pLSoO15v0ziRuQ2bT3V3nwu/U0MRK44z+VWOJdSiKxdnOYDs8hFNnKhfe +klbTZF7kW7WbiNYB43OaAQBJ6BALZsIskEaqfeZT8FD71uN928TcEQyBDXdZpRN+ +iGQZDGhht0r0URGMDSs9waJtTfA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/jCCA+agAwIBAgIQXY/dmS+72lZPranO2JM9jjANBgkqhkiG9w0BAQwFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIGFwLWVhc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTI1MjEzNDUxWhgPMjEyMTA1MjUyMjM0NTFaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgYXAtZWFzdC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMyW9kBJjD/hx8e8 +b5E1sF42bp8TXsz1htSYE3Tl3T1Aq379DfEhB+xa/ASDZxt7/vwa81BkNo4M6HYq +okYIXeE7cu5SnSgjWXqcERhgPevtAwgmhdE3yREe8oz2DyOi2qKKZqah+1gpPaIQ +fK0uAqoeQlyHosye3KZZKkDHBatjBsQ5kf8lhuf7wVulEZVRHY2bP2X7N98PfbpL +QdH7mWXzDtJJ0LiwFwds47BrkgK1pkHx2p1mTo+HMkfX0P6Fq1atkVC2RHHtbB/X +iYyH7paaHBzviFrhr679zNqwXIOKlbf74w3mS11P76rFn9rS1BAH2Qm6eY5S/Fxe +HEKXm4kjPN63Zy0p3yE5EjPt54yPkvumOnT+RqDGJ2HCI9k8Ehcbve0ogfdRKNqQ +VHWYTy8V33ndQRHZlx/CuU1yN61TH4WSoMly1+q1ihTX9sApmlQ14B2pJi/9DnKW +cwECrPy1jAowC2UJ45RtC8UC05CbP9yrIy/7Noj8gQDiDOepm+6w1g6aNlWoiuQS +kyI6nzz1983GcnOHya73ga7otXo0Qfg9jPghlYiMomrgshlSLDHZG0Ib/3hb8cnR +1OcN9FpzNmVK2Ll1SmTMLrIhuCkyNYX9O/bOknbcf706XeESxGduSkHEjIw/k1+2 +Atteoq5dT6cwjnJ9hyhiueVlVkiDAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8w +HQYDVR0OBBYEFLUI+DD7RJs+0nRnjcwIVWzzYSsFMA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQwFAAOCAgEAb1mcCHv4qMQetLGTBH9IxsB2YUUhr5dda0D2BcHr +UtDbfd0VQs4tux6h/6iKwHPx0Ew8fuuYj99WknG0ffgJfNc5/fMspxR/pc1jpdyU +5zMQ+B9wi0lOZPO9uH7/pr+d2odcNEy8zAwqdv/ihsTwLmGP54is9fVbsgzNW1cm +HKAVL2t/Ope+3QnRiRilKCN1lzhav4HHdLlN401TcWRWKbEuxF/FgxSO2Hmx86pj +e726lweCTMmnq/cTsPOVY0WMjs0or3eHDVlyLgVeV5ldyN+ptg3Oit60T05SRa58 +AJPTaVKIcGQ/gKkKZConpu7GDofT67P/ox0YNY57LRbhsx9r5UY4ROgz7WMQ1yoS +Y+19xizm+mBm2PyjMUbfwZUyCxsdKMwVdOq5/UmTmdms+TR8+m1uBHPOTQ2vKR0s +Pd/THSzPuu+d3dbzRyDSLQbHFFneG760CUlD/ZmzFlQjJ89/HmAmz8IyENq+Sjhx +Jgzy+FjVZb8aRUoYLlnffpUpej1n87Ynlr1GrvC4GsRpNpOHlwuf6WD4W0qUTsC/ +C9JO+fBzUj/aWlJzNcLEW6pte1SB+EdkR2sZvWH+F88TxemeDrV0jKJw5R89CDf8 +ZQNfkxJYjhns+YeV0moYjqQdc7tq4i04uggEQEtVzEhRLU5PE83nlh/K2NZZm8Kj +dIA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/zCCAuegAwIBAgIRAPVSMfFitmM5PhmbaOFoGfUwDQYJKoZIhvcNAQELBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyB1cy1lYXN0LTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyNTIyMzQ1N1oYDzIwNjEwNTI1MjMzNDU3WjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIHVzLWVhc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu9H7TBeGoDzMr +dxN6H8COntJX4IR6dbyhnj5qMD4xl/IWvp50lt0VpmMd+z2PNZzx8RazeGC5IniV +5nrLg0AKWRQ2A/lGGXbUrGXCSe09brMQCxWBSIYe1WZZ1iU1IJ/6Bp4D2YEHpXrW +bPkOq5x3YPcsoitgm1Xh8ygz6vb7PsvJvPbvRMnkDg5IqEThapPjmKb8ZJWyEFEE +QRrkCIRueB1EqQtJw0fvP4PKDlCJAKBEs/y049FoOqYpT3pRy0WKqPhWve+hScMd +6obq8kxTFy1IHACjHc51nrGII5Bt76/MpTWhnJIJrCnq1/Uc3Qs8IVeb+sLaFC8K +DI69Sw6bAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE7PCopt +lyOgtXX0Y1lObBUxuKaCMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOC +AQEAFj+bX8gLmMNefr5jRJfHjrL3iuZCjf7YEZgn89pS4z8408mjj9z6Q5D1H7yS +jNETVV8QaJip1qyhh5gRzRaArgGAYvi2/r0zPsy+Tgf7v1KGL5Lh8NT8iCEGGXwF +g3Ir+Nl3e+9XUp0eyyzBIjHtjLBm6yy8rGk9p6OtFDQnKF5OxwbAgip42CD75r/q +p421maEDDvvRFR4D+99JZxgAYDBGqRRceUoe16qDzbMvlz0A9paCZFclxeftAxv6 +QlR5rItMz/XdzpBJUpYhdzM0gCzAzdQuVO5tjJxmXhkSMcDP+8Q+Uv6FA9k2VpUV +E/O5jgpqUJJ2Hc/5rs9VkAPXeA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrzCCAjWgAwIBAgIQW0yuFCle3uj4vWiGU0SaGzAKBggqhkjOPQQDAzCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGFmLXNvdXRoLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTE5MTkzNTE2WhgPMjEyMTA1MTkyMDM1MTZaMIGXMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpvbiBS +RFMgYWYtc291dGgtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2VhdHRs +ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDPiKNZSaXs3Un/J/v+LTsFDANHpi7en +oL2qh0u0DoqNzEBTbBjvO23bLN3k599zh6CY3HKW0r2k1yaIdbWqt4upMCRCcUFi +I4iedAmubgzh56wJdoMZztjXZRwDthTkJKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUWbYkcrvVSnAWPR5PJhIzppcAnZIwDgYDVR0PAQH/BAQDAgGGMAoG +CCqGSM49BAMDA2gAMGUCMCESGqpat93CjrSEjE7z+Hbvz0psZTHwqaxuiH64GKUm +mYynIiwpKHyBrzjKBmeDoQIxANGrjIo6/b8Jl6sdIZQI18V0pAyLfLiZjlHVOnhM +MOTVgr82ZuPoEHTX78MxeMnYlw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIRAIbsx8XOl0sgTNiCN4O+18QwDQYJKoZIhvcNAQELBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1ub3J0aGVhc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTI1MjE1NDU4WhgPMjA2MTA1MjUyMjU0NTha +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtbm9ydGhlYXN0LTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +tROxwXWCgn5R9gI/2Ivjzaxc0g95ysBjoJsnhPdJEHQb7w3y2kWrVWU3Y9fOitgb +CEsnEC3PrhRnzNVW0fPsK6kbvOeCmjvY30rdbxbc8h+bjXfGmIOgAkmoULEr6Hc7 +G1Q/+tvv4lEwIs7bEaf+abSZxRJbZ0MBxhbHn7UHHDiMZYvzK+SV1MGCxx7JVhrm +xWu3GC1zZCsGDhB9YqY9eR6PmjbqA5wy8vqbC57dZZa1QVtWIQn3JaRXn+faIzHx +nLMN5CEWihsdmHBXhnRboXprE/OS4MFv1UrQF/XM/h5RBeCywpHePpC+Oe1T3LNC +iP8KzRFrjC1MX/WXJnmOVQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBS33XbXAUMs1znyZo4B0+B3D68WFTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggEBADuadd2EmlpueY2VlrIIPC30QkoA1EOSoCmZgN6124apkoY1 +HiV4r+QNPljN4WP8gmcARnNkS7ZeR4fvWi8xPh5AxQCpiaBMw4gcbTMCuKDV68Pw +P2dZCTMspvR3CDfM35oXCufdtFnxyU6PAyINUqF/wyTHguO3owRFPz64+sk3r2pT +WHmJjG9E7V+KOh0s6REgD17Gqn6C5ijLchSrPUHB0wOIkeLJZndHxN/76h7+zhMt +fFeNxPWHY2MfpcaLjz4UREzZPSB2U9k+y3pW1omCIcl6MQU9itGx/LpQE+H3ZeX2 +M2bdYd5L+ow+bdbGtsVKOuN+R9Dm17YpswF+vyQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGATCCA+mgAwIBAgIRAKlQ+3JX9yHXyjP/Ja6kZhkwDQYJKoZIhvcNAQEMBQAw +gZgxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwo +QW1hem9uIFJEUyBhcC1zb3V0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMTA1MTkxNzQ1MjBaGA8yMTIxMDUxOTE4NDUyMFowgZgx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwoQW1h +em9uIFJEUyBhcC1zb3V0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwH +U2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKtahBrpUjQ6 +H2mni05BAKU6Z5USPZeSKmBBJN3YgD17rJ93ikJxSgzJ+CupGy5rvYQ0xznJyiV0 +91QeQN4P+G2MjGQR0RGeUuZcfcZitJro7iAg3UBvw8WIGkcDUg+MGVpRv/B7ry88 +7E4OxKb8CPNoa+a9j6ABjOaaxaI22Bb7j3OJ+JyMICs6CU2bgkJaj3VUV9FCNUOc +h9PxD4jzT9yyGYm/sK9BAT1WOTPG8XQUkpcFqy/IerZDfiQkf1koiSd4s5VhBkUn +aQHOdri/stldT7a+HJFVyz2AXDGPDj+UBMOuLq0K6GAT6ThpkXCb2RIf4mdTy7ox +N5BaJ+ih+Ro3ZwPkok60egnt/RN98jgbm+WstgjJWuLqSNInnMUgkuqjyBWwePqX +Kib+wdpyx/LOzhKPEFpeMIvHQ3A0sjlulIjnh+j+itezD+dp0UNxMERlW4Bn/IlS +sYQVNfYutWkRPRLErXOZXtlxxkI98JWQtLjvGzQr+jywxTiw644FSLWdhKa6DtfU +2JWBHqQPJicMElfZpmfaHZjtXuCZNdZQXWg7onZYohe281ZrdFPOqC4rUq7gYamL +T+ZB+2P+YCPOLJ60bj/XSvcB7mesAdg8P0DNddPhHUFWx2dFqOs1HxIVB4FZVA9U +Ppbv4a484yxjTgG7zFZNqXHKTqze6rBBAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFCEAqjighncv/UnWzBjqu1Ka2Yb4MA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQwFAAOCAgEAYyvumblckIXlohzi3QiShkZhqFzZultbFIu9 +GhA5CDar1IFMhJ9vJpO9nUK/camKs1VQRs8ZsBbXa0GFUM2p8y2cgUfLwFULAiC/ +sWETyW5lcX/xc4Pyf6dONhqFJt/ovVBxNZtcmMEWv/1D6Tf0nLeEb0P2i/pnSRR4 +Oq99LVFjossXtyvtaq06OSiUUZ1zLPvV6AQINg8dWeBOWRcQYhYcEcC2wQ06KShZ +0ahuu7ar5Gym3vuLK6nH+eQrkUievVomN/LpASrYhK32joQ5ypIJej3sICIgJUEP +UoeswJ+Z16f3ECoL1OSnq4A0riiLj1ZGmVHNhM6m/gotKaHNMxsK9zsbqmuU6IT/ +P6cR0S+vdigQG8ZNFf5vEyVNXhl8KcaJn6lMD/gMB2rY0qpaeTg4gPfU5wcg8S4Y +C9V//tw3hv0f2n+8kGNmqZrylOQDQWSSo8j8M2SRSXiwOHDoTASd1fyBEIqBAwzn +LvXVg8wQd1WlmM3b0Vrsbzltyh6y4SuKSkmgufYYvC07NknQO5vqvZcNoYbLNea3 +76NkFaMHUekSbwVejZgG5HGwbaYBgNdJEdpbWlA3X4yGRVxknQSUyt4dZRnw/HrX +k8x6/wvtw7wht0/DOqz1li7baSsMazqxx+jDdSr1h9xML416Q4loFCLgqQhil8Jq +Em4Hy3A= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGBTCCA+2gAwIBAgIRAJfKe4Zh4aWNt3bv6ZjQwogwDQYJKoZIhvcNAQEMBQAw +gZoxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEzMDEGA1UEAwwq +QW1hem9uIFJEUyBjYS1jZW50cmFsLTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYD +VQQHDAdTZWF0dGxlMCAXDTIxMDUyMTIyMDg1M1oYDzIxMjEwNTIxMjMwODUzWjCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIGNhLWNlbnRyYWwtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNV +BAcMB1NlYXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCpgUH6 +Crzd8cOw9prAh2rkQqAOx2vtuI7xX4tmBG4I/um28eBjyVmgwQ1fpq0Zg2nCKS54 +Nn0pCmT7f3h6Bvopxn0J45AzXEtajFqXf92NQ3iPth95GVfAJSD7gk2LWMhpmID9 +JGQyoGuDPg+hYyr292X6d0madzEktVVGO4mKTF989qEg+tY8+oN0U2fRTrqa2tZp +iYsmg350ynNopvntsJAfpCO/srwpsqHHLNFZ9jvhTU8uW90wgaKO9i31j/mHggCE ++CAOaJCM3g+L8DPl/2QKsb6UkBgaaIwKyRgKSj1IlgrK+OdCBCOgM9jjId4Tqo2j +ZIrrPBGl6fbn1+etZX+2/tf6tegz+yV0HHQRAcKCpaH8AXF44bny9andslBoNjGx +H6R/3ib4FhPrnBMElzZ5i4+eM/cuPC2huZMBXb/jKgRC/QN1Wm3/nah5FWq+yn+N +tiAF10Ga0BYzVhHDEwZzN7gn38bcY5yi/CjDUNpY0OzEe2+dpaBKPlXTaFfn9Nba +CBmXPRF0lLGGtPeTAgjcju+NEcVa82Ht1pqxyu2sDtbu3J5bxp4RKtj+ShwN8nut +Tkf5Ea9rSmHEY13fzgibZlQhXaiFSKA2ASUwgJP19Putm0XKlBCNSGCoECemewxL ++7Y8FszS4Uu4eaIwvXVqUEE2yf+4ex0hqQ1acQIDAQABo0IwQDAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBSeUnXIRxNbYsZLtKomIz4Y1nOZEzAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQEMBQADggIBAIpRvxVS0dzoosBh/qw65ghPUGSbP2D4 +dm6oYCv5g/zJr4fR7NzEbHOXX5aOQnHbQL4M/7veuOCLNPOW1uXwywMg6gY+dbKe +YtPVA1as8G9sUyadeXyGh2uXGsziMFXyaESwiAXZyiYyKChS3+g26/7jwECFo5vC +XGhWpIO7Hp35Yglp8AnwnEAo/PnuXgyt2nvyTSrxlEYa0jus6GZEZd77pa82U1JH +qFhIgmKPWWdvELA3+ra1nKnvpWM/xX0pnMznMej5B3RT3Y+k61+kWghJE81Ix78T ++tG4jSotgbaL53BhtQWBD1yzbbilqsGE1/DXPXzHVf9yD73fwh2tGWSaVInKYinr +a4tcrB3KDN/PFq0/w5/21lpZjVFyu/eiPj6DmWDuHW73XnRwZpHo/2OFkei5R7cT +rn/YdDD6c1dYtSw5YNnS6hdCQ3sOiB/xbPRN9VWJa6se79uZ9NLz6RMOr73DNnb2 +bhIR9Gf7XAA5lYKqQk+A+stoKbIT0F65RnkxrXi/6vSiXfCh/bV6B41cf7MY/6YW +ehserSdjhQamv35rTFdM+foJwUKz1QN9n9KZhPxeRmwqPitAV79PloksOnX25ElN +SlyxdndIoA1wia1HRd26EFm2pqfZ2vtD2EjU3wD42CXX4H8fKVDna30nNFSYF0yn +jGKc3k6UNxpg +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/jCCA+agAwIBAgIQaRHaEqqacXN20e8zZJtmDDANBgkqhkiG9w0BAQwFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIHVzLWVhc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTI1MjIzODM1WhgPMjEyMTA1MjUyMzM4MzVaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgdXMtZWFzdC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAInfBCaHuvj6Rb5c +L5Wmn1jv2PHtEGMHm+7Z8dYosdwouG8VG2A+BCYCZfij9lIGszrTXkY4O7vnXgru +JUNdxh0Q3M83p4X+bg+gODUs3jf+Z3Oeq7nTOk/2UYvQLcxP4FEXILxDInbQFcIx +yen1ESHggGrjEodgn6nbKQNRfIhjhW+TKYaewfsVWH7EF2pfj+cjbJ6njjgZ0/M9 +VZifJFBgat6XUTOf3jwHwkCBh7T6rDpgy19A61laImJCQhdTnHKvzTpxcxiLRh69 +ZObypR7W04OAUmFS88V7IotlPmCL8xf7kwxG+gQfvx31+A9IDMsiTqJ1Cc4fYEKg +bL+Vo+2Ii4W2esCTGVYmHm73drznfeKwL+kmIC/Bq+DrZ+veTqKFYwSkpHRyJCEe +U4Zym6POqQ/4LBSKwDUhWLJIlq99bjKX+hNTJykB+Lbcx0ScOP4IAZQoxmDxGWxN +S+lQj+Cx2pwU3S/7+OxlRndZAX/FKgk7xSMkg88HykUZaZ/ozIiqJqSnGpgXCtED +oQ4OJw5ozAr+/wudOawaMwUWQl5asD8fuy/hl5S1nv9XxIc842QJOtJFxhyeMIXt +LVECVw/dPekhMjS3Zo3wwRgYbnKG7YXXT5WMxJEnHu8+cYpMiRClzq2BEP6/MtI2 +AZQQUFu2yFjRGL2OZA6IYjxnXYiRAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8w +HQYDVR0OBBYEFADCcQCPX2HmkqQcmuHfiQ2jjqnrMA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQwFAAOCAgEASXkGQ2eUmudIKPeOIF7RBryCoPmMOsqP0+1qxF8l +pGkwmrgNDGpmd9s0ArfIVBTc1jmpgB3oiRW9c6n2OmwBKL4UPuQ8O3KwSP0iD2sZ +KMXoMEyphCEzW1I2GRvYDugL3Z9MWrnHkoaoH2l8YyTYvszTvdgxBPpM2x4pSkp+ +76d4/eRpJ5mVuQ93nC+YG0wXCxSq63hX4kyZgPxgCdAA+qgFfKIGyNqUIqWgeyTP +n5OgKaboYk2141Rf2hGMD3/hsGm0rrJh7g3C0ZirPws3eeJfulvAOIy2IZzqHUSY +jkFzraz6LEH3IlArT3jUPvWKqvh2lJWnnp56aqxBR7qHH5voD49UpJWY1K0BjGnS +OHcurpp0Yt/BIs4VZeWdCZwI7JaSeDcPMaMDBvND3Ia5Fga0thgYQTG6dE+N5fgF +z+hRaujXO2nb0LmddVyvE8prYlWRMuYFv+Co8hcMdJ0lEZlfVNu0jbm9/GmwAZ+l +9umeYO9yz/uC7edC8XJBglMAKUmVK9wNtOckUWAcCfnPWYLbYa/PqtXBYcxrso5j +iaS/A7iEW51uteHBGrViCy1afGG+hiUWwFlesli+Rq4dNstX3h6h2baWABaAxEVJ +y1RnTQSz6mROT1VmZSgSVO37rgIyY0Hf0872ogcTS+FfvXgBxCxsNWEbiQ/XXva4 +0Ws= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtDCCAjqgAwIBAgIRAMyaTlVLN0ndGp4ffwKAfoMwCgYIKoZIzj0EAwMwgZkx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEyMDAGA1UEAwwpQW1h +em9uIFJEUyBtZS1jZW50cmFsLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjIwNTA3MDA0NDM3WhgPMjEyMjA1MDcwMTQ0MzdaMIGZMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMjAwBgNVBAMMKUFtYXpv +biBSRFMgbWUtY2VudHJhbC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE19nCV1nsI6CohSor13+B25cr +zg+IHdi9Y3L7ziQnHWI6yjBazvnKD+oC71aRRlR8b5YXsYGUQxWzPLHN7EGPcSGv +bzA9SLG1KQYCJaQ0m9Eg/iGrwKWOgylbhVw0bCxoo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBS4KsknsJXM9+QPEkBdZxUPaLr11zAOBgNVHQ8BAf8EBAMC +AYYwCgYIKoZIzj0EAwMDaAAwZQIxAJaRgrYIEfXQMZQQDxMTYS0azpyWSseQooXo +L3nYq4OHGBgYyQ9gVjvRYWU85PXbfgIwdi82DtANQFkCu+j+BU0JBY/uRKPEeYzo +JG92igKIcXPqCoxIJ7lJbbzmuf73gQu5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGATCCA+mgAwIBAgIRAJwCobx0Os8F7ihbJngxrR8wDQYJKoZIhvcNAQEMBQAw +gZgxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwo +QW1hem9uIFJEUyBtZS1zb3V0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMTA1MjAxNzE1MzNaGA8yMTIxMDUyMDE4MTUzM1owgZgx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwoQW1h +em9uIFJEUyBtZS1zb3V0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwH +U2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANukKwlm+ZaI +Y5MkWGbEVLApEyLmlrHLEg8PfiiEa9ts7jssQcin3bzEPdTqGr5jo91ONoZ3ccWq +xJgg1W3bLu5CAO2CqIOXTXHRyCO/u0Ch1FGgWB8xETPSi3UHt/Vn1ltdO6DYdbDU +mYgwzYrvLBdRCwxsb9o+BuYQHVFzUYonqk/y9ujz3gotzFq7r55UwDTA1ita3vb4 +eDKjIb4b1M4Wr81M23WHonpje+9qkkrAkdQcHrkgvSCV046xsq/6NctzwCUUNsgF +7Q1a8ut5qJEYpz5ta8vI1rqFqAMBqCbFjRYlmAoTTpFPOmzAVxV+YoqTrW5A16su +/2SXlMYfJ/n/ad/QfBNPPAAQMpyOr2RCL/YiL/PFZPs7NxYjnZHNWxMLSPgFyI+/ +t2klnn5jR76KJK2qimmaXedB90EtFsMRUU1e4NxH9gDuyrihKPJ3aVnZ35mSipvR +/1KB8t8gtFXp/VQaz2sg8+uxPMKB81O37fL4zz6Mg5K8+aq3ejBiyHucpFGnsnVB +3kQWeD36ONkybngmgWoyPceuSWm1hQ0Z7VRAQX+KlxxSaHmSaIk1XxZu9h9riQHx +fMuev6KXjRn/CjCoUTn+7eFrt0dT5GryQEIZP+nA0oq0LKxogigHNZlwAT4flrqb +JUfZJrqgoce5HjZSXl10APbtPjJi0fW9AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFEfV+LztI29OVDRm0tqClP3NrmEWMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQwFAAOCAgEAvSNe+0wuk53KhWlRlRf2x/97H2Q76X3anzF0 +5fOSVm022ldALzXMzqOfdnoKIhAu2oVKiHHKs7mMas+T6TL+Mkphx0CYEVxFE3PG +061q3CqJU+wMm9W9xsB79oB2XG47r1fIEywZZ3GaRsatAbjcNOT8uBaATPQAfJFN +zjFe4XyN+rA4cFrYNvfHTeu5ftrYmvks7JlRaJgEGWsz+qXux7uvaEEVPqEumd2H +uYeaRNOZ2V23R009X5lbgBFx9tq5VDTnKhQiTQ2SeT0rc1W3Dz5ik6SbQQNP3nSR +0Ywy7r/sZ3fcDyfFiqnrVY4Ympfvb4YW2PZ6OsQJbzH6xjdnTG2HtzEU30ngxdp1 +WUEF4zt6rjJCp7QBUqXgdlHvJqYu6949qtWjEPiFN9uSsRV2i1YDjJqN52dLjAPn +AipJKo8x1PHTwUzuITqnB9BdP+5TlTl8biJfkEf/+08eWDTLlDHr2VrZLOLompTh +bS5OrhDmqA2Q+O+EWrTIhMflwwlCpR9QYM/Xwvlbad9H0FUHbJsCVNaru3wGOgWo +tt3dNSK9Lqnv/Ej9K9v6CRr36in4ylJKivhJ5B9E7ABHg7EpBJ1xi7O5eNDkNoJG ++pFyphJq3AkBR2U4ni2tUaTAtSW2tks7IaiDV+UMtqZyGabT5ISQfWLLtLHSWn2F +Tspdjbg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIRAJZFh4s9aZGzKaTMLrSb4acwDQYJKoZIhvcNAQELBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBCZXRhIHVzLWVhc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTE4MjEyODQxWhgPMjA2MTA1MTgyMjI4NDFa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgQmV0YSB1cy1lYXN0LTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +17i2yoU6diep+WrqxIn2CrDEO2NdJVwWTSckx4WMZlLpkQDoymSmkNHjq9ADIApD +A31Cx+843apL7wub8QkFZD0Tk7/ThdHWJOzcAM3ov98QBPQfOC1W5zYIIRP2F+vQ +TRETHQnLcW3rLv0NMk5oQvIKpJoC9ett6aeVrzu+4cU4DZVWYlJUoC/ljWzCluau +8blfW0Vwin6OB7s0HCG5/wijQWJBU5SrP/KAIPeQi1GqG5efbqAXDr/ple0Ipwyo +Xjjl73LenGUgqpANlC9EAT4i7FkJcllLPeK3NcOHjuUG0AccLv1lGsHAxZLgjk/x +z9ZcnVV9UFWZiyJTKxeKPwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud +DgQWBBRWyMuZUo4gxCR3Luf9/bd2AqZ7CjAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI +hvcNAQELBQADggEBAIqN2DlIKlvDFPO0QUZQVFbsi/tLdYM98/vvzBpttlTGVMyD +gJuQeHVz+MnhGIwoCGOlGU3OOUoIlLAut0+WG74qYczn43oA2gbMd7HoD7oL/IGg +njorBwJVcuuLv2G//SqM3nxGcLRtkRnQ+lvqPxMz9+0fKFUn6QcIDuF0QSfthLs2 +WSiGEPKO9c9RSXdRQ4pXA7c3hXng8P4A2ZmdciPne5Nu4I4qLDGZYRrRLRkNTrOi +TyS6r2HNGUfgF7eOSeKt3NWL+mNChcYj71/Vycf5edeczpUgfnWy9WbPrK1svKyl +aAs2xg+X6O8qB+Mnj2dNBzm+lZIS3sIlm+nO9sg= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjSgAwIBAgIRAPAlEk8VJPmEzVRRaWvTh2AwCgYIKoZIzj0EAwMwgZYx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1h +em9uIFJEUyB1cy1lYXN0LTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTI1MjI0MTU1WhgPMjEyMTA1MjUyMzQxNTVaMIGWMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExLzAtBgNVBAMMJkFtYXpvbiBS +RFMgdXMtZWFzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdTZWF0dGxl +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEx5xjrup8II4HOJw15NTnS3H5yMrQGlbj +EDA5MMGnE9DmHp5dACIxmPXPMe/99nO7wNdl7G71OYPCgEvWm0FhdvVUeTb3LVnV +BnaXt32Ek7/oxGk1T+Df03C+W0vmuJ+wo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBTGXmqBWN/1tkSea4pNw0oHrjk2UDAOBgNVHQ8BAf8EBAMCAYYwCgYI +KoZIzj0EAwMDaAAwZQIxAIqqZWCSrIkZ7zsv/FygtAusW6yvlL935YAWYPVXU30m +jkMFLM+/RJ9GMvnO8jHfCgIwB+whlkcItzE9CRQ6CsMo/d5cEHDUu/QW6jSIh9BR +OGh9pTYPVkUbBiKPA7lVVhre +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/zCCA+egAwIBAgIRAJGY9kZITwfSRaAS/bSBOw8wDQYJKoZIhvcNAQEMBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyBzYS1lYXN0LTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUxOTE4MTEyMFoYDzIxMjEwNTE5MTkxMTIwWjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIHNhLWVhc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDe2vlDp6Eo4WQi +Wi32YJOgdXHhxTFrLjB9SRy22DYoMaWfginJIwJcSR8yse8ZDQuoNhERB9LRggAE +eng23mhrfvtL1yQkMlZfBu4vG1nOb22XiPFzk7X2wqz/WigdYNBCqa1kK3jrLqPx +YUy7jk2oZle4GLVRTNGuMfcid6S2hs3UCdXfkJuM2z2wc3WUlvHoVNk37v2/jzR/ +hSCHZv5YHAtzL/kLb/e64QkqxKll5QmKhyI6d7vt6Lr1C0zb+DmwxUoJhseAS0hI +dRk5DklMb4Aqpj6KN0ss0HAYqYERGRIQM7KKA4+hxDMUkJmt8KqWKZkAlCZgflzl +m8NZ31o2cvBzf6g+VFHx+6iVrSkohVQydkCxx7NJ743iPKsh8BytSM4qU7xx4OnD +H2yNXcypu+D5bZnVZr4Pywq0w0WqbTM2bpYthG9IC4JeVUvZ2mDc01lqOlbMeyfT +og5BRPLDXdZK8lapo7se2teh64cIfXtCmM2lDSwm1wnH2iSK+AWZVIM3iE45WSGc +vZ+drHfVgjJJ5u1YrMCWNL5C2utFbyF9Obw9ZAwm61MSbPQL9JwznhNlCh7F2ANW +ZHWQPNcOAJqzE4uVcJB1ZeVl28ORYY1668lx+s9yYeMXk3QQdj4xmdnvoBFggqRB +ZR6Z0D7ZohADXe024RzEo1TukrQgKQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBT7Vs4Y5uG/9aXnYGNMEs6ycPUT3jAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQEMBQADggIBACN4Htp2PvGcQA0/sAS+qUVWWJoAXSsu8Pgc6Gar +7tKVlNJ/4W/a6pUV2Xo/Tz3msg4yiE8sMESp2k+USosD5n9Alai5s5qpWDQjrqrh +76AGyF2nzve4kIN19GArYhm4Mz/EKEG1QHYvBDGgXi3kNvL/a2Zbybp+3LevG+q7 +xtx4Sz9yIyMzuT/6Y7ijtiMZ9XbuxGf5wab8UtwT3Xq1UradJy0KCkzRJAz/Wy/X +HbTkEvKSaYKExH6sLo0jqdIjV/d2Io31gt4e0Ly1ER2wPyFa+pc/swu7HCzrN+iz +A2ZM4+KX9nBvFyfkHLix4rALg+WTYJa/dIsObXkdZ3z8qPf5A9PXlULiaa1mcP4+ +rokw74IyLEYooQ8iSOjxumXhnkTS69MAdGzXYE5gnHokABtGD+BB5qLhtLt4fqAp +8AyHpQWMyV42M9SJLzQ+iOz7kAgJOBOaVtJI3FV/iAg/eqWVm3yLuUTWDxSHrKuL +N19+pSjF6TNvUSFXwEa2LJkfDqIOCE32iOuy85QY//3NsgrSQF6UkSPa95eJrSGI +3hTRYYh3Up2GhBGl1KUy7/o0k3KRZTk4s38fylY8bZ3TakUOH5iIGoHyFVVcp361 +Pyy25SzFSmNalWoQd9wZVc/Cps2ldxhcttM+WLkFNzprd0VJa8qTz8vYtHP0ouDN +nWS0 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCTCCA/GgAwIBAgIRAOY7gfcBZgR2tqfBzMbFQCUwDQYJKoZIhvcNAQEMBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtNCBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjIwNTI1MTY1NDU5WhgPMjEyMjA1MjUxNzU0NTla +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtc291dGhlYXN0LTQgUm9vdCBDQSBSU0E0MDk2IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +lfxER43FuLRdL08bddF0YhbCP+XXKj1A/TFMXmd2My8XDei8rPXFYyyjMig9+xZw +uAsIxLwz8uiA26CKA8bCZKg5VG2kTeOJAfvBJaLv1CZefs3Z4Uf1Sjvm6MF2yqEj +GoORfyfL9HiZFTDuF/hcjWoKYCfMuG6M/wO8IbdICrX3n+BiYQJu/pFO660Mg3h/ +8YBBWYDbHoCiH/vkqqJugQ5BM3OI5nsElW51P1icEEqti4AZ7JmtSv9t7fIFBVyR +oaEyOgpp0sm193F/cDJQdssvjoOnaubsSYm1ep3awZAUyGN/X8MBrPY95d0hLhfH +Ehc5Icyg+hsosBljlAyksmt4hFQ9iBnWIz/ZTfGMck+6p3HVL9RDgvluez+rWv59 +8q7omUGsiPApy5PDdwI/Wt/KtC34/2sjslIJfvgifdAtkRPkhff1WEwER00ADrN9 +eGGInaCpJfb1Rq8cV2n00jxg7DcEd65VR3dmIRb0bL+jWK62ni/WdEyomAOMfmGj +aWf78S/4rasHllWJ+QwnaUYY3u6N8Cgio0/ep4i34FxMXqMV3V0/qXdfhyabi/LM +wCxNo1Dwt+s6OtPJbwO92JL+829QAxydfmaMTeHBsgMPkG7RwAekeuatKGHNsc2Z +x2Q4C2wVvOGAhcHwxfM8JfZs3nDSZJndtVVnFlUY0UECAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUpnG7mWazy6k97/tb5iduRB3RXgQwDgYDVR0P +AQH/BAQDAgGGMA0GCSqGSIb3DQEBDAUAA4ICAQCDLqq1Wwa9Tkuv7vxBnIeVvvFF +ecTn+P+wJxl9Qa2ortzqTHZsBDyJO62d04AgBwiDXkJ9a+bthgG0H1J7Xee8xqv1 +xyX2yKj24ygHjspLotKP4eDMdDi5TYq+gdkbPmm9Q69B1+W6e049JVGXvWG8/7kU +igxeuCYwtCCdUPRLf6D8y+1XMGgVv3/DSOHWvTg3MJ1wJ3n3+eve3rjGdRYWZeJu +k21HLSZYzVrCtUsh2YAeLnUbSxVuT2Xr4JehYe9zW5HEQ8Je/OUfnCy9vzoN/ITw +osAH+EBJQey7RxEDqMwCaRefH0yeHFcnOll0OXg/urnQmwbEYzQ1uutJaBPsjU0J +Qf06sMxI7GiB5nPE+CnI2sM6A9AW9kvwexGXpNJiLxF8dvPQthpOKGcYu6BFvRmt +6ctfXd9b7JJoVqMWuf5cCY6ihpk1e9JTlAqu4Eb/7JNyGiGCR40iSLvV28un9wiE +plrdYxwcNYq851BEu3r3AyYWw/UW1AKJ5tM+/Gtok+AphMC9ywT66o/Kfu44mOWm +L3nSLSWEcgfUVgrikpnyGbUnGtgCmHiMlUtNVexcE7OtCIZoVAlCGKNu7tyuJf10 +Qlk8oIIzfSIlcbHpOYoN79FkLoDNc2er4Gd+7w1oPQmdAB0jBJnA6t0OUBPKdDdE +Ufff2jrbfbzECn1ELg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCDCCA/CgAwIBAgIQIuO1A8LOnmc7zZ/vMm3TrDANBgkqhkiG9w0BAQwFADCB +nDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTUwMwYDVQQDDCxB +bWF6b24gUkRTIGFwLXNvdXRoZWFzdC0yIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4G +A1UEBwwHU2VhdHRsZTAgFw0yMTA1MjQyMDQ2MThaGA8yMTIxMDUyNDIxNDYxOFow +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtMiBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDq +qRHKbG8ZK6/GkGm2cenznEF06yHwI1gD5sdsHjTgekDZ2Dl9RwtDmUH2zFuIQwGj +SeC7E2iKwrJRA5wYzL9/Vk8NOILEKQOP8OIKUHbc7q8rEtjs401KcU6pFBBEdO9G +CTiRhogq+8mhC13AM/UriZJbKhwgM2UaDOzAneGMhQAGjH8z83NsNcPxpYVE7tqM +sch5yLtIJLkJRusrmQQTeHUev16YNqyUa+LuFclFL0FzFCimkcxUhXlbfEKXbssS +yPzjiv8wokGyo7+gA0SueceMO2UjfGfute3HlXZDcNvBbkSY+ver41jPydyRD6Qq +oEkh0tyIbPoa3oU74kwipJtz6KBEA3u3iq61OUR0ENhR2NeP7CSKrC24SnQJZ/92 +qxusrbyV/0w+U4m62ug/o4hWNK1lUcc2AqiBOvCSJ7qpdteTFxcEIzDwYfERDx6a +d9+3IPvzMb0ZCxBIIUFMxLTF7yAxI9s6KZBBXSZ6tDcCCYIgEysEPRWMRAcG+ye/ +fZVn9Vnzsj4/2wchC2eQrYpb1QvG4eMXA4M5tFHKi+/8cOPiUzJRgwS222J8YuDj +yEBval874OzXk8H8Mj0JXJ/jH66WuxcBbh5K7Rp5oJn7yju9yqX6qubY8gVeMZ1i +u4oXCopefDqa35JplQNUXbWwSebi0qJ4EK0V8F9Q+QIDAQABo0IwQDAPBgNVHRMB +Af8EBTADAQH/MB0GA1UdDgQWBBT4ysqCxaPe7y+g1KUIAenqu8PAgzAOBgNVHQ8B +Af8EBAMCAYYwDQYJKoZIhvcNAQEMBQADggIBALU8WN35KAjPZEX65tobtCDQFkIO +uJjv0alD7qLB0i9eY80C+kD87HKqdMDJv50a5fZdqOta8BrHutgFtDm+xo5F/1M3 +u5/Vva5lV4xy5DqPajcF4Mw52czYBmeiLRTnyPJsU93EQIC2Bp4Egvb6LI4cMOgm +4pY2hL8DojOC5PXt4B1/7c1DNcJX3CMzHDm4SMwiv2MAxSuC/cbHXcWMk+qXdrVx ++ayLUSh8acaAOy3KLs1MVExJ6j9iFIGsDVsO4vr4ZNsYQiyHjp+L8ops6YVBO5AT +k/pI+axHIVsO5qiD4cFWvkGqmZ0gsVtgGUchZaacboyFsVmo6QPrl28l6LwxkIEv +GGJYvIBW8sfqtGRspjfX5TlNy5IgW/VOwGBdHHsvg/xpRo31PR3HOFw7uPBi7cAr +FiZRLJut7af98EB2UvovZnOh7uIEGPeecQWeOTQfJeWet2FqTzFYd0NUMgqPuJx1 +vLKferP+ajAZLJvVnW1J7Vccx/pm0rMiUJEf0LRb/6XFxx7T2RGjJTi0EzXODTYI +gnLfBBjnolQqw+emf4pJ4pAtly0Gq1KoxTG2QN+wTd4lsCMjnelklFDjejwnl7Uy +vtxzRBAu/hi/AqDkDFf94m6j+edIrjbi9/JDFtQ9EDlyeqPgw0qwi2fwtJyMD45V +fejbXelUSJSzDIdY +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCTCCA/GgAwIBAgIRAN7Y9G9i4I+ZaslPobE7VL4wDQYJKoZIhvcNAQEMBQAw +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1ub3J0aGVhc3QtMiBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwIBcNMjEwNTIwMTYzMzIzWhgPMjEyMTA1MjAxNzMzMjNa +MIGcMQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywg +SW5jLjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExNTAzBgNVBAMM +LEFtYXpvbiBSRFMgYXAtbm9ydGhlYXN0LTIgUm9vdCBDQSBSU0E0MDk2IEcxMRAw +DgYDVQQHDAdTZWF0dGxlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +4BEPCiIfiK66Q/qa8k+eqf1Q3qsa6Xuu/fPkpuStXVBShhtXd3eqrM0iT4Xxs420 +Va0vSB3oZ7l86P9zYfa60n6PzRxdYFckYX330aI7L/oFIdaodB/C9szvROI0oLG+ +6RwmIF2zcprH0cTby8MiM7G3v9ykpq27g4WhDC1if2j8giOQL3oHpUaByekZNIHF +dIllsI3RkXmR3xmmxoOxJM1B9MZi7e1CvuVtTGOnSGpNCQiqofehTGwxCN2wFSK8 +xysaWlw48G0VzZs7cbxoXMH9QbMpb4tpk0d+T8JfAPu6uWO9UwCLWWydf0CkmA/+ +D50/xd1t33X9P4FEaPSg5lYbHXzSLWn7oLbrN2UqMLaQrkoEBg/VGvzmfN0mbflw ++T87bJ/VEOVNlG+gepyCTf89qIQVWOjuYMox4sK0PjzZGsYEuYiq1+OUT3vk/e5K +ag1fCcq2Isy4/iwB2xcXrsQ6ljwdk1fc+EmOnjGKrhuOHJY3S+RFv4ToQBsVyYhC +XGaC3EkqIX0xaCpDimxYhFjWhpDXAjG/zJ+hRLDAMCMhl/LPGRk/D1kzSbPmdjpl +lEMK5695PeBvEBTQdBQdOiYgOU3vWU6tzwwHfiM2/wgvess/q0FDAHfJhppbgbb9 +3vgsIUcsvoC5o29JvMsUxsDRvsAfEmMSDGkJoA/X6GECAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUgEWm1mZCbGD6ytbwk2UU1aLaOUUwDgYDVR0P +AQH/BAQDAgGGMA0GCSqGSIb3DQEBDAUAA4ICAQBb4+ABTGBGwxK1U/q4g8JDqTQM +1Wh8Oz8yAk4XtPJMAmCctxbd81cRnSnePWw/hxViLVtkZ/GsemvXfqAQyOn1coN7 +QeYSw+ZOlu0j2jEJVynmgsR7nIRqE7QkCyZAU+d2FTJUfmee+IiBiGyFGgxz9n7A +JhBZ/eahBbiuoOik/APW2JWLh0xp0W0GznfJ8lAlaQTyDa8iDXmVtbJg9P9qzkvl +FgPXQttzEOyooF8Pb2LCZO4kUz+1sbU7tHdr2YE+SXxt6D3SBv+Yf0FlvyWLiqVk +GDEOlPPTDSjAWgKnqST8UJ0RDcZK/v1ixs7ayqQJU0GUQm1I7LGTErWXHMnCuHKe +UKYuiSZwmTcJ06NgdhcCnGZgPq13ryMDqxPeltQc3n5eO7f1cL9ERYLDLOzm6A9P +oQ3MfcVOsbHgGHZWaPSeNrQRN9xefqBXH0ZPasgcH9WJdsLlEjVUXoultaHOKx3b +UCCb+d3EfqF6pRT488ippOL6bk7zNubwhRa/+y4wjZtwe3kAX78ACJVcjPobH9jZ +ErySads5zdQeaoee5wRKdp3TOfvuCe4bwLRdhOLCHWzEcXzY3g/6+ppLvNom8o+h +Bh5X26G6KSfr9tqhQ3O9IcbARjnuPbvtJnoPY0gz3EHHGPhy0RNW8i2gl3nUp0ah +PtjwbKW0hYAhIttT0Q== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtzCCAj2gAwIBAgIQQRBQTs6Y3H1DDbpHGta3lzAKBggqhkjOPQQDAzCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLXNvdXRoZWFzdC0zIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDYxMTAwMTI0M1oYDzIxMjEwNjExMDExMjQzWjCBmzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTQwMgYDVQQDDCtBbWF6 +b24gUkRTIGFwLXNvdXRoZWFzdC0zIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEs0942Xj4m/gKA+WA6F5h +AHYuek9eGpzTRoLJddM4rEV1T3eSueytMVKOSlS3Ub9IhyQrH2D8EHsLYk9ktnGR +pATk0kCYTqFbB7onNo070lmMJmGT/Q7NgwC8cySChFxbo0IwQDAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBQ20iKBKiNkcbIZRu0y1uoF1yJTEzAOBgNVHQ8BAf8E +BAMCAYYwCgYIKoZIzj0EAwMDaAAwZQIwYv0wTSrpQTaPaarfLN8Xcqrqu3hzl07n +FrESIoRw6Cx77ZscFi2/MV6AFyjCV/TlAjEAhpwJ3tpzPXpThRML8DMJYZ3YgMh3 +CMuLqhPpla3cL0PhybrD27hJWl29C4el6aMO +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrDCCAjOgAwIBAgIQGcztRyV40pyMKbNeSN+vXTAKBggqhkjOPQQDAzCBljEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMS8wLQYDVQQDDCZBbWF6 +b24gUkRTIHVzLWVhc3QtMiBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTAgFw0yMTA1MjEyMzE1NTZaGA8yMTIxMDUyMjAwMTU1NlowgZYxCzAJBgNV +BAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYD +VQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1hem9uIFJE +UyB1cy1lYXN0LTIgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1NlYXR0bGUw +djAQBgcqhkjOPQIBBgUrgQQAIgNiAAQfDcv+GGRESD9wT+I5YIPRsD3L+/jsiIis +Tr7t9RSbFl+gYpO7ZbDXvNbV5UGOC5lMJo/SnqFRTC6vL06NF7qOHfig3XO8QnQz +6T5uhhrhnX2RSY3/10d2kTyHq3ZZg3+jQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFLDyD3PRyNXpvKHPYYxjHXWOgfPnMA4GA1UdDwEB/wQEAwIBhjAKBggq +hkjOPQQDAwNnADBkAjB20HQp6YL7CqYD82KaLGzgw305aUKw2aMrdkBR29J183jY +6Ocj9+Wcif9xnRMS+7oCMAvrt03rbh4SU9BohpRUcQ2Pjkh7RoY0jDR4Xq4qzjNr +5UFr3BXpFvACxXF51BksGQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjWgAwIBAgIQeKbS5zvtqDvRtwr5H48cAjAKBggqhkjOPQQDAzCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIG1lLXNvdXRoLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTIwMTcxOTU1WhgPMjEyMTA1MjAxODE5NTVaMIGXMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpvbiBS +RFMgbWUtc291dGgtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2VhdHRs +ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABEKjgUaAPmUlRMEQdBC7BScAGosJ1zRV +LDd38qTBjzgmwBfQJ5ZfGIvyEK5unB09MB4e/3qqK5I/L6Qn5Px/n5g4dq0c7MQZ +u7G9GBYm90U3WRJBf7lQrPStXaRnS4A/O6NCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUNKcAbGEIn03/vkwd8g6jNyiRdD4wDgYDVR0PAQH/BAQDAgGGMAoG +CCqGSM49BAMDA2cAMGQCMHIeTrjenCSYuGC6txuBt/0ZwnM/ciO9kHGWVCoK8QLs +jGghb5/YSFGZbmQ6qpGlSAIwVOQgdFfTpEfe5i+Vs9frLJ4QKAfc27cTNYzRIM0I +E+AJgK4C4+DiyyMzOpiCfmvq +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGCDCCA/CgAwIBAgIQSFkEUzu9FYgC5dW+5lnTgjANBgkqhkiG9w0BAQwFADCB +nDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTUwMwYDVQQDDCxB +bWF6b24gUkRTIGFwLXNvdXRoZWFzdC0zIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4G +A1UEBwwHU2VhdHRsZTAgFw0yMTA2MTEwMDA4MzZaGA8yMTIxMDYxMTAxMDgzNlow +gZwxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTE1MDMGA1UEAwws +QW1hem9uIFJEUyBhcC1zb3V0aGVhc3QtMyBSb290IENBIFJTQTQwOTYgRzExEDAO +BgNVBAcMB1NlYXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDx +my5Qmd8zdwaI/KOKV9Xar9oNbhJP5ED0JCiigkuvCkg5qM36klszE8JhsUj40xpp +vQw9wkYW4y+C8twBpzKGBvakqMnoaVUV7lOCKx0RofrnNwkZCboTBB4X/GCZ3fIl +YTybS7Ehi1UuiaZspIT5A2jidoA8HiBPk+mTg1UUkoWS9h+MEAPa8L4DY6fGf4pO +J1Gk2cdePuNzzIrpm2yPto+I8MRROwZ3ha7ooyymOXKtz2c7jEHHJ314boCXAv9G +cdo27WiebewZkHHH7Zx9iTIVuuk2abyVSzvLVeGv7Nuy4lmSqa5clWYqWsGXxvZ2 +0fZC5Gd+BDUMW1eSpW7QDTk3top6x/coNoWuLSfXiC5ZrJkIKimSp9iguULgpK7G +abMMN4PR+O+vhcB8E879hcwmS2yd3IwcPTl3QXxufqeSV58/h2ibkqb/W4Bvggf6 +5JMHQPlPHOqMCVFIHP1IffIo+Of7clb30g9FD2j3F4qgV3OLwEDNg/zuO1DiAvH1 +L+OnmGHkfbtYz+AVApkAZrxMWwoYrwpauyBusvSzwRE24vLTd2i80ZDH422QBLXG +rN7Zas8rwIiBKacJLYtBYETw8mfsNt8gb72aIQX6cZOsphqp6hUtKaiMTVgGazl7 +tBXqbB+sIv3S9X6bM4cZJKkMJOXbnyCCLZFYv8TurwIDAQABo0IwQDAPBgNVHRMB +Af8EBTADAQH/MB0GA1UdDgQWBBTOVtaS1b/lz6yJDvNk65vEastbQTAOBgNVHQ8B +Af8EBAMCAYYwDQYJKoZIhvcNAQEMBQADggIBABEONg+TmMZM/PrYGNAfB4S41zp1 +3CVjslZswh/pC4kgXSf8cPJiUOzMwUevuFQj7tCqxQtJEygJM2IFg4ViInIah2kh +xlRakEGGw2dEVlxZAmmLWxlL1s1lN1565t5kgVwM0GVfwYM2xEvUaby6KDVJIkD3 +aM6sFDBshvVA70qOggM6kU6mwTbivOROzfoIQDnVaT+LQjHqY/T+ok6IN0YXXCWl +Favai8RDjzLDFwXSRvgIK+1c49vlFFY4W9Efp7Z9tPSZU1TvWUcKdAtV8P2fPHAS +vAZ+g9JuNfeawhEibjXkwg6Z/yFUueQCQOs9TRXYogzp5CMMkfdNJF8byKYqHscs +UosIcETnHwqwban99u35sWcoDZPr6aBIrz7LGKTJrL8Nis8qHqnqQBXu/fsQEN8u +zJ2LBi8sievnzd0qI0kaWmg8GzZmYH1JCt1GXSqOFkI8FMy2bahP7TUQR1LBUKQ3 +hrOSqldkhN+cSAOnvbQcFzLr+iEYEk34+NhcMIFVE+51KJ1n6+zISOinr6mI3ckX +6p2tmiCD4Shk2Xx/VTY/KGvQWKFcQApWezBSvDNlGe0yV71LtLf3dr1pr4ofo7cE +rYucCJ40bfxEU/fmzYdBF32xP7AOD9U0FbOR3Mcthc6Z6w20WFC+zru8FGY08gPf +WT1QcNdw7ntUJP/w +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrzCCAjWgAwIBAgIQARky6+5PNFRkFVOp3Ob1CTAKBggqhkjOPQQDAzCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGV1LXNvdXRoLTIgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjIwNTIzMTg0MTI4WhgPMjEyMjA1MjMxOTQxMjdaMIGXMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpvbiBS +RFMgZXUtc291dGgtMiBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2VhdHRs +ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABNVGL5oF7cfIBxKyWd2PVK/S5yQfaJY3 +QFHWvEdt6951n9JhiiPrHzfVHsxZp1CBjILRMzjgRbYWmc8qRoLkgGE7htGdwudJ +Fa/WuKzO574Prv4iZXUnVGTboC7JdvKbh6NCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUgDeIIEKynwUbNXApdIPnmRWieZwwDgYDVR0PAQH/BAQDAgGGMAoG +CCqGSM49BAMDA2gAMGUCMEOOJfucrST+FxuqJkMZyCM3gWGZaB+/w6+XUAJC6hFM +uSTY0F44/bERkA4XhH+YGAIxAIpJQBakCA1/mXjsTnQ+0El9ty+LODp8ibkn031c +8DKDS7pR9UK7ZYdR6zFg3ZCjQw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjOgAwIBAgIQJvkWUcYLbnxtuwnyjMmntDAKBggqhkjOPQQDAzCBljEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMS8wLQYDVQQDDCZBbWF6 +b24gUkRTIGV1LXdlc3QtMyBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTAgFw0yMTA1MjUyMjI2MTJaGA8yMTIxMDUyNTIzMjYxMlowgZYxCzAJBgNV +BAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMwEQYD +VQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1hem9uIFJE +UyBldS13ZXN0LTMgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1NlYXR0bGUw +djAQBgcqhkjOPQIBBgUrgQQAIgNiAARENn8uHCyjn1dFax4OeXxvbV861qsXFD9G +DshumTmFzWWHN/69WN/AOsxy9XN5S7Cgad4gQgeYYYgZ5taw+tFo/jQvCLY//uR5 +uihcLuLJ78opvRPvD9kbWZ6oXfBtFkWjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFKiK3LpoF+gDnqPldGSwChBPCYciMA4GA1UdDwEB/wQEAwIBhjAKBggq +hkjOPQQDAwNpADBmAjEA+7qfvRlnvF1Aosyp9HzxxCbN7VKu+QXXPhLEBWa5oeWW +UOcifunf/IVLC4/FGCsLAjEAte1AYp+iJyOHDB8UYkhBE/1sxnFaTiEPbvQBU0wZ +SuwWVLhu2wWDuSW+K7tTuL8p +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/zCCAuegAwIBAgIRAKeDpqX5WFCGNo94M4v69sUwDQYJKoZIhvcNAQELBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyBldS13ZXN0LTMgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyNTIyMTgzM1oYDzIwNjEwNTI1MjMxODMzWjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGV1LXdlc3QtMyBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcKOTEMTfzvs4H +WtJR8gI7GXN6xesulWtZPv21oT+fLGwJ+9Bv8ADCGDDrDxfeH/HxJmzG9hgVAzVn +4g97Bn7q07tGZM5pVi96/aNp11velZT7spOJKfJDZTlGns6DPdHmx48whpdO+dOb +6+eR0VwCIv+Vl1fWXgoACXYCoKjhxJs+R+fwY//0JJ1YG8yjZ+ghLCJmvlkOJmE1 +TCPUyIENaEONd6T+FHGLVYRRxC2cPO65Jc4yQjsXvvQypoGgx7FwD5voNJnFMdyY +754JGPOOe/SZdepN7Tz7UEq8kn7NQSbhmCsgA/Hkjkchz96qN/YJ+H/okiQUTNB0 +eG9ogiVFAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFjayw9Y +MjbxfF14XAhMM2VPl0PfMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOC +AQEAAtmx6d9+9CWlMoU0JCirtp4dSS41bBfb9Oor6GQ8WIr2LdfZLL6uES/ubJPE +1Sh5Vu/Zon5/MbqLMVrfniv3UpQIof37jKXsjZJFE1JVD/qQfRzG8AlBkYgHNEiS +VtD4lFxERmaCkY1tjKB4Dbd5hfhdrDy29618ZjbSP7NwAfnwb96jobCmMKgxVGiH +UqsLSiEBZ33b2hI7PJ6iTJnYBWGuiDnsWzKRmheA4nxwbmcQSfjbrNwa93w3caL2 +v/4u54Kcasvcu3yFsUwJygt8z43jsGAemNZsS7GWESxVVlW93MJRn6M+MMakkl9L +tWaXdHZ+KUV7LhfYLb0ajvb40w== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBDCCAuygAwIBAgIQJ5oxPEjefCsaESSwrxk68DANBgkqhkiG9w0BAQsFADCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIGV1LWNlbnRyYWwtMiBSb290IENBIFJTQTIwNDggRzExEDAOBgNV +BAcMB1NlYXR0bGUwIBcNMjIwNjA2MjExNzA1WhgPMjA2MjA2MDYyMjE3MDVaMIGa +MQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5j +LjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMzAxBgNVBAMMKkFt +YXpvbiBSRFMgZXUtY2VudHJhbC0yIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UE +BwwHU2VhdHRsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALTQt5eX +g+VP3BjO9VBkWJhE0GfLrU/QIk32I6WvrnejayTrlup9H1z4QWlXF7GNJrqScRMY +KhJHlcP05aPsx1lYco6pdFOf42ybXyWHHJdShj4A5glU81GTT+VrXGzHSarLmtua +eozkQgPpDsSlPt0RefyTyel7r3Cq+5K/4vyjCTcIqbfgaGwTU36ffjM1LaPCuE4O +nINMeD6YuImt2hU/mFl20FZ+IZQUIFZZU7pxGLqTRz/PWcH8tDDxnkYg7tNuXOeN +JbTpXrw7St50/E9ZQ0llGS+MxJD8jGRAa/oL4G/cwnV8P2OEPVVkgN9xDDQeieo0 +3xkzolkDkmeKOnUCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +bwu8635iQGQMRanekesORM8Hkm4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB +CwUAA4IBAQAgN6LE9mUgjsj6xGCX1afYE69fnmCjjb0rC6eEe1mb/QZNcyw4XBIW +6+zTXo4mjZ4ffoxb//R0/+vdTE7IvaLgfAZgFsLKJCtYDDstXZj8ujQnGR9Pig3R +W+LpNacvOOSJSawNQq0Xrlcu55AU4buyD5VjcICnfF1dqBMnGTnh27m/scd/ZMx/ +kapHZ/fMoK2mAgSX/NvUKF3UkhT85vSSM2BTtET33DzCPDQTZQYxFBa4rFRmFi4c +BLlmIReiCGyh3eJhuUUuYAbK6wLaRyPsyEcIOLMQmZe1+gAFm1+1/q5Ke9ugBmjf +PbTWjsi/lfZ5CdVAhc5lmZj/l5aKqwaS +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjSgAwIBAgIRAKKPTYKln9L4NTx9dpZGUjowCgYIKoZIzj0EAwMwgZYx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1h +em9uIFJEUyBldS13ZXN0LTIgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTIxMjI1NTIxWhgPMjEyMTA1MjEyMzU1MjFaMIGWMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExLzAtBgNVBAMMJkFtYXpvbiBS +RFMgZXUtd2VzdC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdTZWF0dGxl +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/owTReDvaRqdmbtTzXbyRmEpKCETNj6O +hZMKH0F8oU9Tmn8RU7kQQj6xUKEyjLPrFBN7c+26TvrVO1KmJAvbc8bVliiJZMbc +C0yV5PtJTalvlMZA1NnciZuhxaxrzlK1o0IwQDAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBT4i5HaoHtrs7Mi8auLhMbKM1XevDAOBgNVHQ8BAf8EBAMCAYYwCgYI +KoZIzj0EAwMDaAAwZQIxAK9A+8/lFdX4XJKgfP+ZLy5ySXC2E0Spoy12Gv2GdUEZ +p1G7c1KbWVlyb1d6subzkQIwKyH0Naf/3usWfftkmq8SzagicKz5cGcEUaULq4tO +GzA/AMpr63IDBAqkZbMDTCmH +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrzCCAjWgAwIBAgIQTgIvwTDuNWQo0Oe1sOPQEzAKBggqhkjOPQQDAzCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGV1LW5vcnRoLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTI0MjEwNjM4WhgPMjEyMTA1MjQyMjA2MzhaMIGXMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpvbiBS +RFMgZXUtbm9ydGgtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwHU2VhdHRs +ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJuzXLU8q6WwSKXBvx8BbdIi3mPhb7Xo +rNJBfuMW1XRj5BcKH1ZoGaDGw+BIIwyBJg8qNmCK8kqIb4cH8/Hbo3Y+xBJyoXq/ +cuk8aPrxiNoRsKWwiDHCsVxaK9L7GhHHAqNCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUYgcsdU4fm5xtuqLNppkfTHM2QMYwDgYDVR0PAQH/BAQDAgGGMAoG +CCqGSM49BAMDA2gAMGUCMQDz/Rm89+QJOWJecYAmYcBWCcETASyoK1kbr4vw7Hsg +7Ew3LpLeq4IRmTyuiTMl0gMCMAa0QSjfAnxBKGhAnYxcNJSntUyyMpaXzur43ec0 +3D8npJghwC4DuICtKEkQiI5cSg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGATCCA+mgAwIBAgIRAORIGqQXLTcbbYT2upIsSnQwDQYJKoZIhvcNAQEMBQAw +gZgxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwo +QW1hem9uIFJEUyBldS1zb3V0aC0yIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMjA1MjMxODM0MjJaGA8yMTIyMDUyMzE5MzQyMlowgZgx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwoQW1h +em9uIFJEUyBldS1zb3V0aC0yIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwH +U2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPKukwsW2s/h +1k+Hf65pOP0knVBnOnMQyT1mopp2XHGdXznj9xS49S30jYoUnWccyXgD983A1bzu +w4fuJRHg4MFdz/NWTgXvy+zy0Roe83OPIJjUmXnnzwUHQcBa9vl6XUO65iQ3pbSi +fQfNDFXD8cvuXbkezeADoy+iFAlzhXTzV9MD44GTuo9Z3qAXNGHQCrgRSCL7uRYt +t1nfwboCbsVRnElopn2cTigyVXE62HzBUmAw1GTbAZeFAqCn5giBWYAfHwTUldRL +6eEa6atfsS2oPNus4ZENa1iQxXq7ft+pMdNt0qKXTCZiiCZjmLkY0V9kWwHTRRF8 +r+75oSL//3di43QnuSCgjwMRIeWNtMud5jf3eQzSBci+9njb6DrrSUbx7blP0srg +94/C/fYOp/0/EHH34w99Th14VVuGWgDgKahT9/COychLOubXUT6vD1As47S9KxTv +yYleVKwJnF9cVjepODN72fNlEf74BwzgSIhUmhksmZSeJBabrjSUj3pdyo/iRZN/ +CiYz9YPQ29eXHPQjBZVIUqWbOVfdwsx0/Xu5T1e7yyXByQ3/oDulahtcoKPAFQ3J +ee6NJK655MdS7pM9hJnU2Rzu3qZ/GkM6YK7xTlMXVouPUZov/VbiaCKbqYDs8Dg+ +UKdeNXAT6+BMleGQzly1X7vjhgeA8ugVAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFJdaPwpCf78UolFTEn6GO85/QwUIMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQwFAAOCAgEAWkxHIT3mers5YnZRSVjmpxCLivGj1jMB9VYC +iKqTAeIvD0940L0YaZgivQll5pue8UUcQ6M2uCdVVAsNJdmQ5XHIYiGOknYPtxzO +aO+bnZp7VIZw/vJ49hvH6RreA2bbxYMZO/ossYdcWsWbOKHFrRmAw0AhtK/my51g +obV7eQg+WmlE5Iqc75ycUsoZdc3NimkjBi7LQoNP1HMvlLHlF71UZhQDdq+/WdV7 +0zmg+epkki1LjgMmuPyb+xWuYkFKT1/faX+Xs62hIm5BY+aI4if4RuQ+J//0pOSs +UajrjTo+jLGB8A96jAe8HaFQenbwMjlaHRDAF0wvbkYrMr5a6EbneAB37V05QD0Y +Rh4L4RrSs9DX2hbSmS6iLDuPEjanHKzglF5ePEvnItbRvGGkynqDVlwF+Bqfnw8l +0i8Hr1f1/LP1c075UjkvsHlUnGgPbLqA0rDdcxF8Fdlv1BunUjX0pVlz10Ha5M6P +AdyWUOneOfaA5G7jjv7i9qg3r99JNs1/Lmyg/tV++gnWTAsSPFSSEte81kmPhlK3 +2UtAO47nOdTtk+q4VIRAwY1MaOR7wTFZPfer1mWs4RhKNu/odp8urEY87iIzbMWT +QYO/4I6BGj9rEWNGncvR5XTowwIthMCj2KWKM3Z/JxvjVFylSf+s+FFfO1bNIm6h +u3UBpZI= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtDCCAjmgAwIBAgIQenQbcP/Zbj9JxvZ+jXbRnTAKBggqhkjOPQQDAzCBmTEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTIwMAYDVQQDDClBbWF6 +b24gUkRTIGV1LWNlbnRyYWwtMSBSb290IENBIEVDQzM4NCBHMTEQMA4GA1UEBwwH +U2VhdHRsZTAgFw0yMTA1MjEyMjMzMjRaGA8yMTIxMDUyMTIzMzMyNFowgZkxCzAJ +BgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMRMw +EQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEyMDAGA1UEAwwpQW1hem9u +IFJEUyBldS1jZW50cmFsLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATlBHiEM9LoEb1Hdnd5j2VpCDOU +5nGuFoBD8ROUCkFLFh5mHrHfPXwBc63heW9WrP3qnDEm+UZEUvW7ROvtWCTPZdLz +Z4XaqgAlSqeE2VfUyZOZzBSgUUJk7OlznXfkCMOjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFDT/ThjQZl42Nv/4Z/7JYaPNMly2MA4GA1UdDwEB/wQEAwIB +hjAKBggqhkjOPQQDAwNpADBmAjEAnZWmSgpEbmq+oiCa13l5aGmxSlfp9h12Orvw +Dq/W5cENJz891QD0ufOsic5oGq1JAjEAp5kSJj0MxJBTHQze1Aa9gG4sjHBxXn98 +4MP1VGsQuhfndNHQb4V0Au7OWnOeiobq +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/zCCAuegAwIBAgIRAMgnyikWz46xY6yRgiYwZ3swDQYJKoZIhvcNAQELBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyBldS13ZXN0LTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyMDE2NDkxMloYDzIwNjEwNTIwMTc0OTEyWjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGV1LXdlc3QtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi8JYOc9cYSgZH +gYPxLk6Xcc7HqzamvsnjYU98Dcb98y6iDqS46Ra2Ne02MITtU5MDL+qjxb8WGDZV +RUA9ZS69tkTO3gldW8QdiSh3J6hVNJQW81F0M7ZWgV0gB3n76WCmfT4IWos0AXHM +5v7M/M4tqVmCPViQnZb2kdVlM3/Xc9GInfSMCgNfwHPTXl+PXX+xCdNBePaP/A5C +5S0oK3HiXaKGQAy3K7VnaQaYdiv32XUatlM4K2WS4AMKt+2cw3hTCjlmqKRHvYFQ +veWCXAuc+U5PQDJ9SuxB1buFJZhT4VP3JagOuZbh5NWpIbOTxlAJOb5pGEDuJTKi +1gQQQVEFAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNXm+N87 +OFxK9Af/bjSxDCiulGUzMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOC +AQEAkqIbkgZ45spvrgRQ6n9VKzDLvNg+WciLtmVrqyohwwJbj4pYvWwnKQCkVc7c +hUOSBmlSBa5REAPbH5o8bdt00FPRrD6BdXLXhaECKgjsHe1WW08nsequRKD8xVmc +8bEX6sw/utBeBV3mB+3Zv7ejYAbDFM4vnRsWtO+XqgReOgrl+cwdA6SNQT9oW3e5 +rSQ+VaXgJtl9NhkiIysq9BeYigxqS/A13pHQp0COMwS8nz+kBPHhJTsajHCDc8F4 +HfLi6cgs9G0gaRhT8FCH66OdGSqn196sE7Y3bPFFFs/3U+vxvmQgoZC6jegQXAg5 +Prxd+VNXtNI/azitTysQPumH7A== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEBTCCAu2gAwIBAgIRAO8bekN7rUReuNPG8pSTKtEwDQYJKoZIhvcNAQELBQAw +gZoxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEzMDEGA1UEAwwq +QW1hem9uIFJEUyBldS1jZW50cmFsLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYD +VQQHDAdTZWF0dGxlMCAXDTIxMDUyMTIyMjM0N1oYDzIwNjEwNTIxMjMyMzQ3WjCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIGV1LWNlbnRyYWwtMSBSb290IENBIFJTQTIwNDggRzExEDAOBgNV +BAcMB1NlYXR0bGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTTYds +Tray+Q9VA5j5jTh5TunHKFQzn68ZbOzdqaoi/Rq4ohfC0xdLrxCpfqn2TGDHN6Zi +2qGK1tWJZEd1H0trhzd9d1CtGK+3cjabUmz/TjSW/qBar7e9MA67/iJ74Gc+Ww43 +A0xPNIWcL4aLrHaLm7sHgAO2UCKsrBUpxErOAACERScVYwPAfu79xeFcX7DmcX+e +lIqY16pQAvK2RIzrekSYfLFxwFq2hnlgKHaVgZ3keKP+nmXcXmRSHQYUUr72oYNZ +HcNYl2+gxCc9ccPEHM7xncVEKmb5cWEWvVoaysgQ+osi5f5aQdzgC2X2g2daKbyA +XL/z5FM9GHpS5BJjAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FBDAiJ7Py9/A9etNa/ebOnx5l5MGMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0B +AQsFAAOCAQEALMh/+81fFPdJV/RrJUeoUvFCGMp8iaANu97NpeJyKitNOv7RoeVP +WjivS0KcCqZaDBs+p6IZ0sLI5ZH098LDzzytcfZg0PsGqUAb8a0MiU/LfgDCI9Ee +jsOiwaFB8k0tfUJK32NPcIoQYApTMT2e26lPzYORSkfuntme2PTHUnuC7ikiQrZk +P+SZjWgRuMcp09JfRXyAYWIuix4Gy0eZ4rpRuaTK6mjAb1/LYoNK/iZ/gTeIqrNt +l70OWRsWW8jEmSyNTIubGK/gGGyfuZGSyqoRX6OKHESkP6SSulbIZHyJ5VZkgtXo +2XvyRyJ7w5pFyoofrL3Wv0UF8yt/GDszmg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/zCCA+egAwIBAgIRAMDk/F+rrhdn42SfE+ghPC8wDQYJKoZIhvcNAQEMBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyBldS13ZXN0LTIgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyMTIyNTEyMloYDzIxMjEwNTIxMjM1MTIyWjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGV1LXdlc3QtMiBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2twMALVg9vRVu +VNqsr6N8thmp3Dy8jEGTsm3GCQ+C5P2YcGlD/T/5icfWW84uF7Sx3ezcGlvsqFMf +Ukj9sQyqtz7qfFFugyy7pa/eH9f48kWFHLbQYm9GEgbYBIrWMp1cy3vyxuMCwQN4 +DCncqU+yNpy0CprQJEha3PzY+3yJOjDQtc3zr99lyECCFJTDUucxHzyQvX89eL74 +uh8la0lKH3v9wPpnEoftbrwmm5jHNFdzj7uXUHUJ41N7af7z7QUfghIRhlBDiKtx +5lYZemPCXajTc3ryDKUZC/b+B6ViXZmAeMdmQoPE0jwyEp/uaUcdp+FlUQwCfsBk +ayPFEApTWgPiku2isjdeTVmEgL8bJTDUZ6FYFR7ZHcYAsDzcwHgIu3GGEMVRS3Uf +ILmioiyly9vcK4Sa01ondARmsi/I0s7pWpKflaekyv5boJKD/xqwz9lGejmJHelf +8Od2TyqJScMpB7Q8c2ROxBwqwB72jMCEvYigB+Wnbb8RipliqNflIGx938FRCzKL +UQUBmNAznR/yRRL0wHf9UAE/8v9a09uZABeiznzOFAl/frHpgdAbC00LkFlnwwgX +g8YfEFlkp4fLx5B7LtoO6uVNFVimLxtwirpyKoj3G4M/kvSTux8bTw0heBCmWmKR +57MS6k7ODzbv+Kpeht2hqVZCNFMxoQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBRuMnDhJjoj7DcKALj+HbxEqj3r6jAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQEMBQADggIBALSnXfx72C3ldhBP5kY4Mo2DDaGQ8FGpTOOiD95d +0rf7I9LrsBGVqu/Nir+kqqP80PB70+Jy9fHFFigXwcPBX3MpKGxK8Cel7kVf8t1B +4YD6A6bqlzP+OUL0uGWfZpdpDxwMDI2Flt4NEldHgXWPjvN1VblEKs0+kPnKowyg +jhRMgBbD/y+8yg0fIcjXUDTAw/+INcp21gWaMukKQr/8HswqC1yoqW9in2ijQkpK +2RB9vcQ0/gXR0oJUbZQx0jn0OH8Agt7yfMAnJAdnHO4M3gjvlJLzIC5/4aGrRXZl +JoZKfJ2fZRnrFMi0nhAYDeInoS+Rwx+QzaBk6fX5VPyCj8foZ0nmqvuYoydzD8W5 +mMlycgxFqS+DUmO+liWllQC4/MnVBlHGB1Cu3wTj5kgOvNs/k+FW3GXGzD3+rpv0 +QTLuwSbMr+MbEThxrSZRSXTCQzKfehyC+WZejgLb+8ylLJUA10e62o7H9PvCrwj+ +ZDVmN7qj6amzvndCP98sZfX7CFZPLfcBd4wVIjHsFjSNEwWHOiFyLPPG7cdolGKA +lOFvonvo4A1uRc13/zFeP0Xi5n5OZ2go8aOOeGYdI2vB2sgH9R2IASH/jHmr0gvY +0dfBCcfXNgrS0toq0LX/y+5KkKOxh52vEYsJLdhqrveuZhQnsFEm/mFwjRXkyO7c +2jpC +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGADCCA+igAwIBAgIQYe0HgSuFFP9ivYM2vONTrTANBgkqhkiG9w0BAQwFADCB +mDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChB +bWF6b24gUkRTIGV1LXNvdXRoLTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUxOTE4MzMyMVoYDzIxMjEwNTE5MTkzMzIxWjCBmDEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChBbWF6 +b24gUkRTIGV1LXNvdXRoLTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuO7QPKfPMTo2 +POQWvzDLwi5f++X98hGjORI1zkN9kotCYH5pAzSBwBPoMNaIfedgmsIxGHj2fq5G +4oXagNhNuGP79Zl6uKW5H7S74W7aWM8C0s8zuxMOI4GZy5h2IfQk3m/3AzZEX5w8 +UtNPkzo2feDVOkerHT+j+vjXgAxZ4wHnuMDcRT+K4r9EXlAH6X9b/RO0JlfEwmNz +xlqqGxocq9qRC66N6W0HF2fNEAKP84n8H80xcZBOBthQORRi8HSmKcPdmrvwCuPz +M+L+j18q6RAVaA0ABbD0jMWcTf0UvjUfBStn5mvu/wGlLjmmRkZsppUTRukfwqXK +yltUsTq0tOIgCIpne5zA4v+MebbR5JBnsvd4gdh5BI01QH470yB7BkUefZ9bobOm +OseAAVXcYFJKe4DAA6uLDrqOfFSxV+CzVvEp3IhLRaik4G5MwI/h2c/jEYDqkg2J +HMflxc2gcSMdk7E5ByLz5f6QrFfSDFk02ZJTs4ssbbUEYohht9znPMQEaWVqATWE +3n0VspqZyoBNkH/agE5GiGZ/k/QyeqzMNj+c9kr43Upu8DpLrz8v2uAp5xNj3YVg +ihaeD6GW8+PQoEjZ3mrCmH7uGLmHxh7Am59LfEyNrDn+8Rq95WvkmbyHSVxZnBmo +h/6O3Jk+0/QhIXZ2hryMflPcYWeRGH0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQU2eFK7+R3x/me8roIBNxBrplkM6EwDgYDVR0PAQH/BAQDAgGG +MA0GCSqGSIb3DQEBDAUAA4ICAQB5gWFe5s7ObQFj1fTO9L6gYgtFhnwdmxU0q8Ke +HWCrdFmyXdC39qdAFOwM5/7fa9zKmiMrZvy9HNvCXEp4Z7z9mHhBmuqPZQx0qPgU +uLdP8wGRuWryzp3g2oqkX9t31Z0JnkbIdp7kfRT6ME4I4VQsaY5Y3mh+hIHOUvcy +p+98i3UuEIcwJnVAV9wTTzrWusZl9iaQ1nSYbmkX9bBssJ2GmtW+T+VS/1hJ/Q4f +AlE3dOQkLFoPPb3YRWBHr2n1LPIqMVwDNAuWavRA2dSfaLl+kzbn/dua7HTQU5D4 +b2Fu2vLhGirwRJe+V7zdef+tI7sngXqjgObyOeG5O2BY3s+um6D4fS0Th3QchMO7 +0+GwcIgSgcjIjlrt6/xJwJLE8cRkUUieYKq1C4McpZWTF30WnzOPUzRzLHkcNzNA +0A7sKMK6QoYWo5Rmo8zewUxUqzc9oQSrYADP7PEwGncLtFe+dlRFx+PA1a+lcIgo +1ZGfXigYtQ3VKkcknyYlJ+hN4eCMBHtD81xDy9iP2MLE41JhLnoB2rVEtewO5diF +7o95Mwl84VMkLhhHPeGKSKzEbBtYYBifHNct+Bst8dru8UumTltgfX6urH3DN+/8 +JF+5h3U8oR2LL5y76cyeb+GWDXXy9zoQe2QvTyTy88LwZq1JzujYi2k8QiLLhFIf +FEv9Bg== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICsDCCAjagAwIBAgIRAMgApnfGYPpK/fD0dbN2U4YwCgYIKoZIzj0EAwMwgZcx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwnQW1h +em9uIFJEUyBldS1zb3V0aC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMCAXDTIxMDUxOTE4MzgxMVoYDzIxMjEwNTE5MTkzODExWjCBlzELMAkG +A1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzAR +BgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6b24g +UkRTIGV1LXNvdXRoLTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1NlYXR0 +bGUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQfEWl6d4qSuIoECdZPp+39LaKsfsX7 +THs3/RrtT0+h/jl3bjZ7Qc68k16x+HGcHbaayHfqD0LPdzH/kKtNSfQKqemdxDQh +Z4pwkixJu8T1VpXZ5zzCvBXCl75UqgEFS92jQjBAMA8GA1UdEwEB/wQFMAMBAf8w +HQYDVR0OBBYEFFPrSNtWS5JU+Tvi6ABV231XbjbEMA4GA1UdDwEB/wQEAwIBhjAK +BggqhkjOPQQDAwNoADBlAjEA+a7hF1IrNkBd2N/l7IQYAQw8chnRZDzh4wiGsZsC +6A83maaKFWUKIb3qZYXFSi02AjAbp3wxH3myAmF8WekDHhKcC2zDvyOiKLkg9Y6v +ZVmyMR043dscQbcsVoacOYv198c= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICtDCCAjqgAwIBAgIRAPhVkIsQ51JFhD2kjFK5uAkwCgYIKoZIzj0EAwMwgZkx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEyMDAGA1UEAwwpQW1h +em9uIFJEUyBldS1jZW50cmFsLTIgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjIwNjA2MjEyOTE3WhgPMjEyMjA2MDYyMjI5MTdaMIGZMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMjAwBgNVBAMMKUFtYXpv +biBSRFMgZXUtY2VudHJhbC0yIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEA5xnIEBtG5b2nmbj49UEwQza +yX0844fXjccYzZ8xCDUe9dS2XOUi0aZlGblgSe/3lwjg8fMcKXLObGGQfgIx1+5h +AIBjORis/dlyN5q/yH4U5sjS8tcR0GDGVHrsRUZCo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBRK+lSGutXf4DkTjR3WNfv4+KeNFTAOBgNVHQ8BAf8EBAMC +AYYwCgYIKoZIzj0EAwMDaAAwZQIxAJ4NxQ1Gerqr70ZrnUqc62Vl8NNqTzInamCG +Kce3FTsMWbS9qkgrjZkO9QqOcGIw/gIwSLrwUT+PKr9+H9eHyGvpq9/3AIYSnFkb +Cf3dyWPiLKoAtLFwjzB/CkJlsAS1c8dS +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/jCCA+agAwIBAgIQGZH12Q7x41qIh9vDu9ikTjANBgkqhkiG9w0BAQwFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIGV1LXdlc3QtMyBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTI1MjIyMjMzWhgPMjEyMTA1MjUyMzIyMzNaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgZXUtd2VzdC0zIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMqE47sHXWzdpuqj +JHb+6jM9tDbQLDFnYjDWpq4VpLPZhb7xPNh9gnYYTPKG4avG421EblAHqzy9D2pN +1z90yKbIfUb/Sy2MhQbmZomsObhONEra06fJ0Dydyjswf1iYRp2kwpx5AgkVoNo7 +3dlws73zFjD7ImKvUx2C7B75bhnw2pJWkFnGcswl8fZt9B5Yt95sFOKEz2MSJE91 +kZlHtya19OUxZ/cSGci4MlOySzqzbGwUqGxEIDlY8I39VMwXaYQ8uXUN4G780VcL +u46FeyRGxZGz2n3hMc805WAA1V5uir87vuirTvoSVREET97HVRGVVNJJ/FM6GXr1 +VKtptybbo81nefYJg9KBysxAa2Ao2x2ry/2ZxwhS6VZ6v1+90bpZA1BIYFEDXXn/ +dW07HSCFnYSlgPtSc+Muh15mdr94LspYeDqNIierK9i4tB6ep7llJAnq0BU91fM2 +JPeqyoTtc3m06QhLf68ccSxO4l8Hmq9kLSHO7UXgtdjfRVaffngopTNk8qK7bIb7 +LrgkqhiQw/PRCZjUdyXL153/fUcsj9nFNe25gM4vcFYwH6c5trd2tUl31NTi1MfG +Mgp3d2dqxQBIYANkEjtBDMy3SqQLIo9EymqmVP8xx2A/gCBgaxvMAsI6FSWRoC7+ +hqJ8XH4mFnXSHKtYMe6WPY+/XZgtAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8w +HQYDVR0OBBYEFIkXqTnllT/VJnI2NqipA4XV8rh1MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQwFAAOCAgEAKjSle8eenGeHgT8pltWCw/HzWyQruVKhfYIBfKJd +MhV4EnH5BK7LxBIvpXGsFUrb0ThzSw0fn0zoA9jBs3i/Sj6KyeZ9qUF6b8ycDXd+ +wHonmJiQ7nk7UuMefaYAfs06vosgl1rI7eBHC0itexIQmKh0aX+821l4GEgEoSMf +loMFTLXv2w36fPHHCsZ67ODldgcZbKNnpCTX0YrCwEYO3Pz/L398btiRcWGrewrK +jdxAAyietra8DRno1Zl87685tfqc6HsL9v8rVw58clAo9XAQvT+fmSOFw/PogRZ7 +OMHUat3gu/uQ1M5S64nkLLFsKu7jzudBuoNmcJysPlzIbqJ7vYc82OUGe9ucF3wi +3tbKQ983hdJiTExVRBLX/fYjPsGbG3JtPTv89eg2tjWHlPhCDMMxyRKl6isu2RTq +6VT489Z2zQrC33MYF8ZqO1NKjtyMAMIZwxVu4cGLkVsqFmEV2ScDHa5RadDyD3Ok +m+mqybhvEVm5tPgY6p0ILPMN3yvJsMSPSvuBXhO/X5ppNnpw9gnxpwbjQKNhkFaG +M5pkADZ14uRguOLM4VthSwUSEAr5VQYCFZhEwK+UOyJAGiB/nJz6IxL5XBNUXmRM +Hl8Xvz4riq48LMQbjcVQj0XvH941yPh+P8xOi00SGaQRaWp55Vyr4YKGbV0mEDz1 +r1o= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF/zCCA+egAwIBAgIRAKwYju1QWxUZpn6D1gOtwgQwDQYJKoZIhvcNAQEMBQAw +gZcxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEwMC4GA1UEAwwn +QW1hem9uIFJEUyBldS13ZXN0LTEgUm9vdCBDQSBSU0E0MDk2IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyMDE2NTM1NFoYDzIxMjEwNTIwMTc1MzU0WjCBlzEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdBbWF6 +b24gUkRTIGV1LXdlc3QtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCKdBP1U4lqWWkc +Cb25/BKRTsvNVnISiKocva8GAzJyKfcGRa85gmgu41U+Hz6+39K+XkRfM0YS4BvQ +F1XxWT0bNyypuvwCvmYShSTjN1TY0ltncDddahTajE/4MdSOZb/c98u0yt03cH+G +hVwRyT50h0v/UEol50VfwcVAEZEgcQQYhf1IFUFlIvKpmDOqLuFakOnc7c9akK+i +ivST+JO1tgowbnNkn2iLlSSgUWgb1gjaOsNfysagv1RXdlyPw3EyfwkFifAQvF2P +Q0ayYZfYS640cccv7efM1MSVyFHR9PrrDsF/zr2S2sGPbeHr7R/HwLl+S5J/l9N9 +y0rk6IHAWV4dEkOvgpnuJKURwA48iu1Hhi9e4moNS6eqoK2KmY3VFpuiyWcA73nH +GSmyaH+YuMrF7Fnuu7GEHZL/o6+F5cL3mj2SJJhL7sz0ryf5Cs5R4yN9BIEj/f49 +wh84pM6nexoI0Q4wiSFCxWiBpjSmOK6h7z6+2utaB5p20XDZHhxAlmlx4vMuWtjh +XckgRFxc+ZpVMU3cAHUpVEoO49e/+qKEpPzp8Xg4cToKw2+AfTk3cmyyXQfGwXMQ +ZUHNZ3w9ILMWihGCM2aGUsLcGDRennvNmnmin/SENsOQ8Ku0/a3teEzwV9cmmdYz +5iYs1YtgPvKFobY6+T2RXXh+A5kprwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/ +MB0GA1UdDgQWBBSyUrsQVnKmA8z6/2Ech0rCvqpNmTAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQEMBQADggIBAFlj3IFmgiFz5lvTzFTRizhVofhTJsGr14Yfkuc7 +UrXPuXOwJomd4uot2d/VIeGJpfnuS84qGdmQyGewGTJ9inatHsGZgHl9NHNWRwKZ +lTKTbBiq7aqgtUSFa06v202wpzU+1kadxJJePrbABxiXVfOmIW/a1a4hPNcT3syH +FIEg1+CGsp71UNjBuwg3JTKWna0sLSKcxLOSOvX1fzxK5djzVpEsvQMB4PSAzXca +vENgg2ErTwgTA+4s6rRtiBF9pAusN1QVuBahYP3ftrY6f3ycS4K65GnqscyfvKt5 +YgjtEKO3ZeeX8NpubMbzC+0Z6tVKfPFk/9TXuJtwvVeqow0YMrLLyRiYvK7EzJ97 +rrkxoKnHYQSZ+rH2tZ5SE392/rfk1PJL0cdHnkpDkUDO+8cKsFjjYKAQSNC52sKX +74AVh6wMwxYwVZZJf2/2XxkjMWWhKNejsZhUkTISSmiLs+qPe3L67IM7GyKm9/m6 +R3r8x6NGjhTsKH64iYJg7AeKeax4b2e4hBb6GXFftyOs7unpEOIVkJJgM6gh3mwn +R7v4gwFbLKADKt1vHuerSZMiTuNTGhSfCeDM53XI/mjZl2HeuCKP1mCDLlaO+gZR +Q/G+E0sBKgEX4xTkAc3kgkuQGfExdGtnN2U2ehF80lBHB8+2y2E+xWWXih/ZyIcW +wOx+ +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGBDCCA+ygAwIBAgIQM4C8g5iFRucSWdC8EdqHeDANBgkqhkiG9w0BAQwFADCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIGV1LWNlbnRyYWwtMSBSb290IENBIFJTQTQwOTYgRzExEDAOBgNV +BAcMB1NlYXR0bGUwIBcNMjEwNTIxMjIyODI2WhgPMjEyMTA1MjEyMzI4MjZaMIGa +MQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5j +LjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMzAxBgNVBAMMKkFt +YXpvbiBSRFMgZXUtY2VudHJhbC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANeTsD/u +6saPiY4Sg0GlJlMXMBltnrcGAEkwq34OKQ0bCXqcoNJ2rcAMmuFC5x9Ho1Y3YzB7 +NO2GpIh6bZaO76GzSv4cnimcv9n/sQSYXsGbPD+bAtnN/RvNW1avt4C0q0/ghgF1 +VFS8JihIrgPYIArAmDtGNEdl5PUrdi9y6QGggbRfidMDdxlRdZBe1C18ZdgERSEv +UgSTPRlVczONG5qcQkUGCH83MMqL5MKQiby/Br5ZyPq6rxQMwRnQ7tROuElzyYzL +7d6kke+PNzG1mYy4cbYdjebwANCtZ2qYRSUHAQsOgybRcSoarv2xqcjO9cEsDiRU +l97ToadGYa4VVERuTaNZxQwrld4mvzpyKuirqZltOqg0eoy8VUsaRPL3dc5aChR0 +dSrBgRYmSAClcR2/2ZCWpXemikwgt031Dsc0A/+TmVurrsqszwbr0e5xqMow9LzO +MI/JtLd0VFtoOkL/7GG2tN8a+7gnLFxpv+AQ0DH5n4k/BY/IyS+H1erqSJhOTQ11 +vDOFTM5YplB9hWV9fp5PRs54ILlHTlZLpWGs3I2BrJwzRtg/rOlvsosqcge9ryai +AKm2j+JBg5wJ19R8oxRy8cfrNTftZePpISaLTyV2B16w/GsSjqixjTQe9LRN2DHk +cC+HPqYyzW2a3pUVyTGHhW6a7YsPBs9yzt6hAgMBAAGjQjBAMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFIqA8QkOs2cSirOpCuKuOh9VDfJfMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQwFAAOCAgEAOUI90mEIsa+vNJku0iUwdBMnHiO4gm7E +5JloP7JG0xUr7d0hypDorMM3zVDAL+aZRHsq8n934Cywj7qEp1304UF6538ByGdz +tkfacJsUSYfdlNJE9KbA4T+U+7SNhj9jvePpVjdQbhgzxITE9f8CxY/eM40yluJJ +PhbaWvOiRagzo74wttlcDerzLT6Y/JrVpWhnB7IY8HvzK+BwAdaCsBUPC3HF+kth +CIqLq7J3YArTToejWZAp5OOI6DLPM1MEudyoejL02w0jq0CChmZ5i55ElEMnapRX +7GQTARHmjgAOqa95FjbHEZzRPqZ72AtZAWKFcYFNk+grXSeWiDgPFOsq6mDg8DDB +0kfbYwKLFFCC9YFmYzR2YrWw2NxAScccUc2chOWAoSNHiqBbHR8ofrlJSWrtmKqd +YRCXzn8wqXnTS3NNHNccqJ6dN+iMr9NGnytw8zwwSchiev53Fpc1mGrJ7BKTWH0t +ZrA6m32wzpMymtKozlOPYoE5mtZEzrzHEXfa44Rns7XIHxVQSXVWyBHLtIsZOrvW +U5F41rQaFEpEeUQ7sQvqUoISfTUVRNDn6GK6YaccEhCji14APLFIvhRQUDyYMIiM +4vll0F/xgVRHTgDVQ8b8sxdhSYlqB4Wc2Ym41YRz+X2yPqk3typEZBpc4P5Tt1/N +89cEIGdbjsA= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIQYjbPSg4+RNRD3zNxO1fuKDANBgkqhkiG9w0BAQsFADCB +mDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChB +bWF6b24gUkRTIGV1LW5vcnRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUyNDIwNTkyMVoYDzIwNjEwNTI0MjE1OTIxWjCBmDEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChBbWF6 +b24gUkRTIGV1LW5vcnRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA179eQHxcV0YL +XMkqEmhSBazHhnRVd8yICbMq82PitE3BZcnv1Z5Zs/oOgNmMkOKae4tCXO/41JCX +wAgbs/eWWi+nnCfpQ/FqbLPg0h3dqzAgeszQyNl9IzTzX4Nd7JFRBVJXPIIKzlRf ++GmFsAhi3rYgDgO27pz3ciahVSN+CuACIRYnA0K0s9lhYdddmrW/SYeWyoB7jPa2 +LmWpAs7bDOgS4LlP2H3eFepBPgNufRytSQUVA8f58lsE5w25vNiUSnrdlvDrIU5n +Qwzc7NIZCx4qJpRbSKWrUtbyJriWfAkGU7i0IoainHLn0eHp9bWkwb9D+C/tMk1X +ERZw2PDGkwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSFmR7s +dAblusFN+xhf1ae0KUqhWTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD +ggEBAHsXOpjPMyH9lDhPM61zYdja1ebcMVgfUvsDvt+w0xKMKPhBzYDMs/cFOi1N +Q8LV79VNNfI2NuvFmGygcvTIR+4h0pqqZ+wjWl3Kk5jVxCrbHg3RBX02QLumKd/i +kwGcEtTUvTssn3SM8bgM0/1BDXgImZPC567ciLvWDo0s/Fe9dJJC3E0G7d/4s09n +OMdextcxFuWBZrBm/KK3QF0ByA8MG3//VXaGO9OIeeOJCpWn1G1PjT1UklYhkg61 +EbsTiZVA2DLd1BGzfU4o4M5mo68l0msse/ndR1nEY6IywwpgIFue7+rEleDh6b9d +PYkG1rHVw2I0XDG4o17aOn5E94I= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIQC6W4HFghUkkgyQw14a6JljANBgkqhkiG9w0BAQsFADCB +mDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChB +bWF6b24gUkRTIGV1LXNvdXRoLTIgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIyMDUyMzE4MTYzMloYDzIwNjIwNTIzMTkxNjMyWjCBmDEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChBbWF6 +b24gUkRTIGV1LXNvdXRoLTIgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM/t4FV2R9Nx +UQG203UY83jInTa/6TMq0SPyg617FqYZxvz2kkx09x3dmxepUg9ttGMlPgjsRZM5 +LCFEi1FWk+hxHzt7vAdhHES5tdjwds3aIkgNEillmRDVrUsbrDwufLaa+MMDO2E1 +wQ/JYFXw16WBCCi2g1EtyQ2Xp+tZDX5IWOTnvhZpW8vVDptZ2AcJ5rMhfOYO3OsK +5EF0GGA5ldzuezP+BkrBYGJ4wVKGxeaq9+5AT8iVZrypjwRkD7Y5CurywK3+aBwm +s9Q5Nd8t45JCOUzYp92rFKsCriD86n/JnEvgDfdP6Hvtm0/DkwXK40Wz2q0Zrd0k +mjP054NRPwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRR7yqd +SfKcX2Q8GzhcVucReIpewTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD +ggEBAEszBRDwXcZyNm07VcFwI1Im94oKwKccuKYeJEsizTBsVon8VpEiMwDs+yGu +3p8kBhvkLwWybkD/vv6McH7T5b9jDX2DoOudqYnnaYeypsPH/00Vh3LvKagqzQza +orWLx+0tLo8xW4BtU+Wrn3JId8LvAhxyYXTn9bm+EwPcStp8xGLwu53OPD1RXYuy +uu+3ps/2piP7GVfou7H6PRaqbFHNfiGg6Y+WA0HGHiJzn8uLmrRJ5YRdIOOG9/xi +qTmAZloUNM7VNuurcMM2hWF494tQpsQ6ysg2qPjbBqzlGoOt3GfBTOZmqmwmqtam +K7juWM/mdMQAJ3SMlE5wI8nVdx4= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIICrjCCAjSgAwIBAgIRAL9SdzVPcpq7GOpvdGoM80IwCgYIKoZIzj0EAwMwgZYx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTEvMC0GA1UEAwwmQW1h +em9uIFJEUyBldS13ZXN0LTEgUm9vdCBDQSBFQ0MzODQgRzExEDAOBgNVBAcMB1Nl +YXR0bGUwIBcNMjEwNTIwMTY1ODA3WhgPMjEyMTA1MjAxNzU4MDdaMIGWMQswCQYD +VQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEG +A1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExLzAtBgNVBAMMJkFtYXpvbiBS +RFMgZXUtd2VzdC0xIFJvb3QgQ0EgRUNDMzg0IEcxMRAwDgYDVQQHDAdTZWF0dGxl +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEJWDgXebvwjR+Ce+hxKOLbnsfN5W5dOlP +Zn8kwWnD+SLkU81Eac/BDJsXGrMk6jFD1vg16PEkoSevsuYWlC8xR6FmT6F6pmeh +fsMGOyJpfK4fyoEPhKeQoT23lFIc5Orjo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBSVNAN1CHAz0eZ77qz2adeqjm31TzAOBgNVHQ8BAf8EBAMCAYYwCgYI +KoZIzj0EAwMDaAAwZQIxAMlQeHbcjor49jqmcJ9gRLWdEWpXG8thIf6zfYQ/OEAg +d7GDh4fR/OUk0VfjsBUN/gIwZB0bGdXvK38s6AAE/9IT051cz/wMe9GIrX1MnL1T +1F5OqnXJdiwfZRRTHsRQ/L00 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGBDCCA+ygAwIBAgIQalr16vDfX4Rsr+gfQ4iVFDANBgkqhkiG9w0BAQwFADCB +mjELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTMwMQYDVQQDDCpB +bWF6b24gUkRTIGV1LWNlbnRyYWwtMiBSb290IENBIFJTQTQwOTYgRzExEDAOBgNV +BAcMB1NlYXR0bGUwIBcNMjIwNjA2MjEyNTIzWhgPMjEyMjA2MDYyMjI1MjNaMIGa +MQswCQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5j +LjETMBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMzAxBgNVBAMMKkFt +YXpvbiBSRFMgZXUtY2VudHJhbC0yIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANbHbFg7 +2VhZor1YNtez0VlNFaobS3PwOMcEn45BE3y7HONnElIIWXGQa0811M8V2FnyqnE8 +Z5aO1EuvijvWf/3D8DPZkdmAkIfh5hlZYY6Aatr65kEOckwIAm7ZZzrwFogYuaFC +z/q0CW+8gxNK+98H/zeFx+IxiVoPPPX6UlrLvn+R6XYNERyHMLNgoZbbS5gGHk43 +KhENVv3AWCCcCc85O4rVd+DGb2vMVt6IzXdTQt6Kih28+RGph+WDwYmf+3txTYr8 +xMcCBt1+whyCPlMbC+Yn/ivtCO4LRf0MPZDRQrqTTrFf0h/V0BGEUmMGwuKgmzf5 +Kl9ILdWv6S956ioZin2WgAxhcn7+z//sN++zkqLreSf90Vgv+A7xPRqIpTdJ/nWG +JaAOUofBfsDsk4X4SUFE7xJa1FZAiu2lqB/E+y7jnWOvFRalzxVJ2Y+D/ZfUfrnK +4pfKtyD1C6ni1celrZrAwLrJ3PoXPSg4aJKh8+CHex477SRsGj8KP19FG8r0P5AG +8lS1V+enFCNvT5KqEBpDZ/Y5SQAhAYFUX+zH4/n4ql0l/emS+x23kSRrF+yMkB9q +lhC/fMk6Pi3tICBjrDQ8XAxv56hfud9w6+/ljYB2uQ1iUYtlE3JdIiuE+3ws26O8 +i7PLMD9zQmo+sVi12pLHfBHQ6RRHtdVRXbXRAgMBAAGjQjBAMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFBFot08ipEL9ZUXCG4lagmF53C0/MA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQwFAAOCAgEAi2mcZi6cpaeqJ10xzMY0F3L2eOKYnlEQ +h6QyhmNKCUF05q5u+cok5KtznzqMwy7TFOZtbVHl8uUX+xvgq/MQCxqFAnuStBXm +gr2dg1h509ZwvTdk7TDxGdftvPCfnPNJBFbMSq4CZtNcOFBg9Rj8c3Yj+Qvwd56V +zWs65BUkDNJrXmxdvhJZjUkMa9vi/oFN+M84xXeZTaC5YDYNZZeW9706QqDbAVES +5ulvKLavB8waLI/lhRBK5/k0YykCMl0A8Togt8D1QsQ0eWWbIM8/HYJMPVFhJ8Wj +vT1p/YVeDA3Bo1iKDOttgC5vILf5Rw1ZEeDxjf/r8A7VS13D3OLjBmc31zxRTs3n +XvHKP9MieQHn9GE44tEYPjK3/yC6BDFzCBlvccYHmqGb+jvDEXEBXKzimdC9mcDl +f4BBQWGJBH5jkbU9p6iti19L/zHhz7qU6UJWbxY40w92L9jS9Utljh4A0LCTjlnR +NQUgjnGC6K+jkw8hj0LTC5Ip87oqoT9w7Av5EJ3VJ4hcnmNMXJJ1DkWYdnytcGpO +DMVITQzzDZRwhbitCVPHagTN2wdi9TEuYE33J0VmFeTc6FSI50wP2aOAZ0Q1/8Aj +bxeM5jS25eaHc2CQAuhrc/7GLnxOcPwdWQb2XWT8eHudhMnoRikVv/KSK3mf6om4 +1YfpdH2jp30= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIQTDc+UgTRtYO7ZGTQ8UWKDDANBgkqhkiG9w0BAQsFADCB +lzELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTAwLgYDVQQDDCdB +bWF6b24gUkRTIGV1LXdlc3QtMiBSb290IENBIFJTQTIwNDggRzExEDAOBgNVBAcM +B1NlYXR0bGUwIBcNMjEwNTIxMjI0NjI0WhgPMjA2MTA1MjEyMzQ2MjRaMIGXMQsw +CQYDVQQGEwJVUzEiMCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjET +MBEGA1UECwwKQW1hem9uIFJEUzELMAkGA1UECAwCV0ExMDAuBgNVBAMMJ0FtYXpv +biBSRFMgZXUtd2VzdC0yIFJvb3QgQ0EgUlNBMjA0OCBHMTEQMA4GA1UEBwwHU2Vh +dHRsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM1oGtthQ1YiVIC2 +i4u4swMAGxAjc/BZp0yq0eP5ZQFaxnxs7zFAPabEWsrjeDzrRhdVO0h7zskrertP +gblGhfD20JfjvCHdP1RUhy/nzG+T+hn6Takan/GIgs8grlBMRHMgBYHW7tklhjaH +3F7LujhceAHhhgp6IOrpb6YTaTTaJbF3GTmkqxSJ3l1LtEoWz8Al/nL/Ftzxrtez +Vs6ebpvd7sw37sxmXBWX2OlvUrPCTmladw9OrllGXtCFw4YyLe3zozBlZ3cHzQ0q +lINhpRcajTMfZrsiGCkQtoJT+AqVJPS2sHjqsEH8yiySW9Jbq4zyMbM1yqQ2vnnx +MJgoYMcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUaQG88UnV +JPTI+Pcti1P+q3H7pGYwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IB +AQBAkgr75V0sEJimC6QRiTVWEuj2Khy7unjSfudbM6zumhXEU2/sUaVLiYy6cA/x +3v0laDle6T07x9g64j5YastE/4jbzrGgIINFlY0JnaYmR3KZEjgi1s1fkRRf3llL +PJm9u4Q1mbwAMQK/ZjLuuRcL3uRIHJek18nRqT5h43GB26qXyvJqeYYpYfIjL9+/ +YiZAbSRRZG+Li23cmPWrbA1CJY121SB+WybCbysbOXzhD3Sl2KSZRwSw4p2HrFtV +1Prk0dOBtZxCG9luf87ultuDZpfS0w6oNBAMXocgswk24ylcADkkFxBWW+7BETn1 +EpK+t1Lm37mU4sxtuha00XAi +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIQcY44/8NUvBwr6LlHfRy7KjANBgkqhkiG9w0BAQsFADCB +mDELMAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIElu +Yy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChB +bWF6b24gUkRTIGV1LXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQH +DAdTZWF0dGxlMCAXDTIxMDUxOTE4MjcxOFoYDzIwNjEwNTE5MTkyNzE4WjCBmDEL +MAkGA1UEBhMCVVMxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4x +EzARBgNVBAsMCkFtYXpvbiBSRFMxCzAJBgNVBAgMAldBMTEwLwYDVQQDDChBbWF6 +b24gUkRTIGV1LXNvdXRoLTEgUm9vdCBDQSBSU0EyMDQ4IEcxMRAwDgYDVQQHDAdT +ZWF0dGxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UaBeC+Usalu +EtXnV7+PnH+gi7/71tI/jkKVGKuhD2JDVvqLVoqbMHRh3+wGMvqKCjbHPcC2XMWv +566fpAj4UZ9CLB5fVzss+QVNTl+FH2XhEzigopp+872ajsNzcZxrMkifxGb4i0U+ +t0Zi+UrbL5tsfP2JonKR1crOrbS6/DlzHBjIiJazGOQcMsJjNuTOItLbMohLpraA +/nApa3kOvI7Ufool1/34MG0+wL3UUA4YkZ6oBJVxjZvvs6tI7Lzz/SnhK2widGdc +snbLqBpHNIZQSorVoiwcFaRBGYX/uzYkiw44Yfa4cK2V/B5zgu1Fbr0gbI2am4eh +yVYyg4jPawIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS9gM1m +IIjyh9O5H/7Vj0R/akI7UzAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD +ggEBAF0Sm9HC2AUyedBVnwgkVXMibnYChOzz7T+0Y+fOLXYAEXex2s8oqGeZdGYX +JHkjBn7JXu7LM+TpTbPbFFDoc1sgMguD/ls+8XsqAl1CssW+amryIL+jfcfbgQ+P +ICwEUD9hGdjBgJ5WcuS+qqxHsEIlFNci3HxcxfBa9VsWs5TjI7Vsl4meL5lf7ZyL +wDV7dHRuU+cImqG1MIvPRIlvPnT7EghrCYi2VCPhP2pM/UvShuwVnkz4MJ29ebIk +WR9kpblFxFdE92D5UUvMCjC2kmtgzNiErvTcwIvOO9YCbBHzRB1fFiWrXUHhJWq9 +IkaxR5icb/IpAV0A1lYZEWMVsfQ= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGATCCA+mgAwIBAgIRAMa0TPL+QgbWfUPpYXQkf8wwDQYJKoZIhvcNAQEMBQAw +gZgxCzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJ +bmMuMRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwo +QW1hem9uIFJEUyBldS1ub3J0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UE +BwwHU2VhdHRsZTAgFw0yMTA1MjQyMTAzMjBaGA8yMTIxMDUyNDIyMDMyMFowgZgx +CzAJBgNVBAYTAlVTMSIwIAYDVQQKDBlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMu +MRMwEQYDVQQLDApBbWF6b24gUkRTMQswCQYDVQQIDAJXQTExMC8GA1UEAwwoQW1h +em9uIFJEUyBldS1ub3J0aC0xIFJvb3QgQ0EgUlNBNDA5NiBHMTEQMA4GA1UEBwwH +U2VhdHRsZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANhS9LJVJyWp +6Rudy9t47y6kzvgnFYDrvJVtgEK0vFn5ifdlHE7xqMz4LZqWBFTnS+3oidwVRqo7 +tqsuuElsouStO8m315/YUzKZEPmkw8h5ufWt/lg3NTCoUZNkB4p4skr7TspyMUwE +VdlKQuWTCOLtofwmWT+BnFF3To6xTh3XPlT3ssancw27Gob8kJegD7E0TSMVsecP +B8je65+3b8CGwcD3QB3kCTGLy87tXuS2+07pncHvjMRMBdDQQQqhXWsRSeUNg0IP +xdHTWcuwMldYPWK5zus9M4dCNBDlmZjKdcZZVUOKeBBAm7Uo7CbJCk8r/Fvfr6mw +nXXDtuWhqn/WhJiI/y0QU27M+Hy5CQMxBwFsfAjJkByBpdXmyYxUgTmMpLf43p7H +oWfH1xN0cT0OQEVmAQjMakauow4AQLNkilV+X6uAAu3STQVFRSrpvMen9Xx3EPC3 +G9flHueTa71bU65Xe8ZmEmFhGeFYHY0GrNPAFhq9RThPRY0IPyCZe0Th8uGejkek +jQjm0FHPOqs5jc8CD8eJs4jSEFt9lasFLVDcAhx0FkacLKQjGHvKAnnbRwhN/dF3 +xt4oL8Z4JGPCLau056gKnYaEyviN7PgO+IFIVOVIdKEBu2ASGE8/+QJB5bcHefNj +04hEkDW0UYJbSfPpVbGAR0gFI/QpycKnAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFFMXvvjoaGGUcul8GA3FT05DLbZcMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQwFAAOCAgEAQLwFhd2JKn4K/6salLyIA4mP58qbA/9BTB/r +D9l0bEwDlVPSdY7R3gZCe6v7SWLfA9RjE5tdWDrQMi5IU6W2OVrVsZS/yGJfwnwe +a/9iUAYprA5QYKDg37h12XhVsDKlYCekHdC+qa5WwB1SL3YUprDLPWeaIQdg+Uh2 ++LxvpZGoxoEbca0fc7flwq9ke/3sXt/3V4wJDyY6AL2YNdjFzC+FtYjHHx8rYxHs +aesP7yunuN17KcfOZBBnSFRrx96k+Xm95VReTEEpwiBqAECqEpMbd+R0mFAayMb1 +cE77GaK5yeC2f67NLYGpkpIoPbO9p9rzoXLE5GpSizMjimnz6QCbXPFAFBDfSzim +u6azp40kEUO6kWd7rBhqRwLc43D3TtNWQYxMve5mTRG4Od+eMKwYZmQz89BQCeqm +aZiJP9y9uwJw4p/A5V3lYHTDQqzmbOyhGUk6OdpdE8HXs/1ep1xTT20QDYOx3Ekt +r4mmNYfH/8v9nHNRlYJOqFhmoh1i85IUl5IHhg6OT5ZTTwsGTSxvgQQXrmmHVrgZ +rZIqyBKllCgVeB9sMEsntn4bGLig7CS/N1y2mYdW/745yCLZv2gj0NXhPqgEIdVV +f9DhFD4ohE1C63XP0kOQee+LYg/MY5vH8swpCSWxQgX5icv5jVDz8YTdCKgUc5u8 +rM2p0kk= +-----END CERTIFICATE----- diff --git a/internal/attestor/aws_iid/iid.go b/internal/attestor/aws_iid/iid.go new file mode 100644 index 0000000..d8a502e --- /dev/null +++ b/internal/attestor/aws_iid/iid.go @@ -0,0 +1,220 @@ +package aws_iid + +import ( + "context" + "crypto/sha256" + "crypto/x509" + "encoding/base64" + "encoding/hex" + "encoding/json" + "encoding/pem" + "fmt" + "os" + "path/filepath" + "regexp" + + "github.com/allegro/bigcache/v3" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/credentials/stscreds" + "github.com/aws/aws-sdk-go-v2/service/ec2" + ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types" + "github.com/aws/aws-sdk-go-v2/service/sts" + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/types" + "github.com/gogo/status" + "github.com/google/uuid" + "google.golang.org/grpc/codes" +) + +const ( + // https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/verify-signature.html (Other AWS Regions) + aws_certificate_path = "internal/attestor/aws_iid/certificate/ec2.amazonaws.com.crt" +) + +type InstanceIdentityDocument struct { + AccountId string `json:"accountId"` + Architecture string `json:"architecture"` + AvailabilityZone string `json:"availabilityZone"` + ImageId string `json:"imageId"` + InstanceId string `json:"instanceId"` + InstanceType string `json:"instanceType"` + PrivateIp string `json:"privateIp"` + Region string `json:"region"` + Version string `json:"version"` +} + +var ( + instanceFilters = []ec2types.Filter{ + { + Name: aws.String("instance-state-name"), + Values: []string{ + "pending", + "running", + }, + }, + } +) + +func buildEC2Client(region string, roleARN string) (*ec2.Client, error) { + cfg, err := config.LoadDefaultConfig( + context.TODO(), + config.WithRegion(region), + ) + if err != nil { + return nil, err + } + + if isValidRoleArn(roleARN) { + stsSvc := sts.NewFromConfig(cfg) + cfg.Credentials = stscreds.NewAssumeRoleProvider(stsSvc, roleARN) + } + + svc := ec2.NewFromConfig(cfg) + return svc, nil +} + +func isValidRoleArn(arn string) bool { + pattern := `^arn:aws:iam::[0-9]{12}:role\/[a-zA-Z0-9+=,.@_-]{1,64}$` + re := regexp.MustCompile(pattern) + return re.MatchString(arn) +} + +func validateMetadataSignature(iid types.EC2InstanceMetadata) error { + certificate, err := os.ReadFile(filepath.Clean(aws_certificate_path)) + if err != nil { + return fmt.Errorf("error reading aws certificate for signature validation") + } + + rsa_certificate_pem, _ := pem.Decode([]byte(certificate)) + rsa_certificate, _ := x509.ParseCertificate(rsa_certificate_pem.Bytes) + signature, _ := base64.StdEncoding.DecodeString(string(iid.InstanceIdentitySignature)) + + err = rsa_certificate.CheckSignature(x509.SHA256WithRSA, iid.InstanceIdentityDocument, signature) + if err != nil { + return fmt.Errorf("invalid aws_iid signature") + } + + return nil +} + +func GetInstanceIdentityDocument(ctx context.Context, db_reader db.Store, client_id uuid.UUID) (*db.AwsAttestation, error) { + node_attestation, err := db_reader.GetInstanceIdentityDocument(ctx, client_id) + if err != nil { + return nil, fmt.Errorf("error retrieving aws_attestation from db, %s", err) + } + return node_attestation, nil +} + +func AWSIidNodeAttestation(client_uuid uuid.UUID, header_metadata string, iid db.AwsAttestation, cache *bigcache.BigCache) error { + var client *ec2.Client + var instance ec2types.Instance + var err error + + request_metadata_byte := []byte(header_metadata) + instance_metadata := types.EC2InstanceMetadata{} + instance_identity_document := InstanceIdentityDocument{} + + err = json.Unmarshal(request_metadata_byte, &instance_metadata) + if err != nil { + return fmt.Errorf("error unmarshal aws_instance metadata") + } + + err = validateMetadataSignature(instance_metadata) + if err != nil { + return err + } + + err = json.Unmarshal(instance_metadata.InstanceIdentityDocument, &instance_identity_document) + if err != nil { + return fmt.Errorf("error unmarshal aws_iid metadata") + } + + // Query Instance Metadata in Cache + hash := sha256.Sum256(instance_metadata.InstanceIdentityDocument) + hash_key := hex.EncodeToString(hash[:]) + + if value, cached := cache.Get(hash_key); cached != nil { + client, err = buildEC2Client(instance_identity_document.Region, iid.AssumeRole.String) + if err != nil { + return fmt.Errorf("error building ec2 client, %s", err) + } + + instancesDesc, err := client.DescribeInstances(context.Background(), &ec2.DescribeInstancesInput{ + InstanceIds: []string{instance_identity_document.InstanceId}, + Filters: instanceFilters, + }) + if err != nil { + return fmt.Errorf("ec2 describe instances failed, %s", err) + } + + instance, err = getEC2Instance(instancesDesc) + if err != nil { + return fmt.Errorf("error querying ec2 instance, %s", err) + } + + // IAM Role Arn Attestation + if iid.RoleArn.Valid { + if *instance.IamInstanceProfile.Arn != iid.RoleArn.String { + return fmt.Errorf("aws_iid role arn attestation error [client_id %s] [instance_identity_document %s]", client_uuid, instance_identity_document) + } + } + + data, err := json.Marshal(iid) + if err != nil { + return fmt.Errorf("error marshalling cached_service_account, %s", err) + } + err = cache.Set(hash_key, data) + if err != nil { + return fmt.Errorf("error setting hashed aws_iid in cache, %s", err) + } + } else { + // SHA-256 Instance Identity Document [Key], Client ID [Value]. Multiple Instances Map to Single Client ID. + err = json.Unmarshal(value, &iid) + if err != nil { + return fmt.Errorf("error unmarshal hashed iid in cached, %s", err) + } + attested_client_id := iid.ClientID + if attested_client_id != client_uuid { + return fmt.Errorf("request client id does not match attested node in cache") + } + } + return nil +} + +func getEC2Instance(instancesDesc *ec2.DescribeInstancesOutput) (ec2types.Instance, error) { + if len(instancesDesc.Reservations) < 1 { + return ec2types.Instance{}, status.Error(codes.Internal, "failed to query AWS via describe-instances: returned no reservations") + } + + if len(instancesDesc.Reservations[0].Instances) < 1 { + return ec2types.Instance{}, status.Error(codes.Internal, "failed to query AWS via describe-instances: returned no instances") + } + + return instancesDesc.Reservations[0].Instances[0], nil +} + +func isEmptyAWSIID(iid types.AWSInstanceIdentityDocument) bool { + return iid.RoleArn == "" && iid.AssumeRole == "" && len(iid.SecurityGroups) == 0 && + iid.Region == "" && iid.InstanceID == "" && iid.ImageID == "" && + len(iid.InstanceTags) == 0 +} + +func GetNodeAttestation(node_attestation *apiv1.NodeAttestation) []string { + var valid_attestation []string + var iid = node_attestation.AwsIid + + // AWS Node Attestation + if iid != nil { + attestation := iid.RoleArn == "" && iid.AssumeRole == "" && len(iid.SecurityGroups) == 0 && + iid.Region == "" && iid.InstanceId == "" && iid.ImageId == "" && + len(iid.InstanceTags) == 0 + + if !attestation { + valid_attestation = append(valid_attestation, types.Attestation.AWS_IID) + } + } + + return valid_attestation +} diff --git a/internal/authentication/authentication.go b/internal/authentication/authentication.go new file mode 100644 index 0000000..c42f964 --- /dev/null +++ b/internal/authentication/authentication.go @@ -0,0 +1,35 @@ +package authentication + +import ( + "crypto/rand" + "fmt" + "math/big" + + "golang.org/x/crypto/bcrypt" +) + +func HashPassword(password string) (string, error) { + hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) + if err != nil { + return "", fmt.Errorf("failed to hash password %w", err) + } + return string(hashedPassword), nil +} + +func CheckPassword(password string, hashedPassword string) error { + return bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(password)) +} + +func GenerateClientToken(n int) (string, error) { + const letters = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz~!@#$%^&*()_+`-={}|[]:<>?,./" + ret := make([]byte, n) + for i := 0; i < n; i++ { + num, err := rand.Int(rand.Reader, big.NewInt(int64(len(letters)))) + if err != nil { + return "", err + } + ret[i] = letters[num.Int64()] + } + + return string(ret), nil +} diff --git a/internal/authentication/issuer.go b/internal/authentication/issuer.go new file mode 100644 index 0000000..1f9e37e --- /dev/null +++ b/internal/authentication/issuer.go @@ -0,0 +1,230 @@ +package authentication + +import ( + "context" + "encoding/base64" + "encoding/json" + "fmt" + "strings" + "time" + + config_v2 "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/service/kms" + "github.com/aws/aws-sdk-go-v2/service/kms/types" + "github.com/coinbase/baseca/internal/config" + "github.com/google/uuid" +) + +type KmsClientIface interface { + Sign(ctx context.Context, params *kms.SignInput, optFns ...func(*kms.Options)) (*kms.SignOutput, error) + Verify(ctx context.Context, params *kms.VerifyInput, optFns ...func(*kms.Options)) (*kms.VerifyOutput, error) +} + +type signer struct { + sign func(ctx context.Context, message string) ([]byte, error) + verifySignature func(ctx context.Context, message string, signature string) (bool, error) + algorithm func(ctx context.Context) string + keyId string + time func() time.Time +} + +type ClaimProps struct { + Subject uuid.UUID + Permission string + ValidForMinutes int64 +} + +type Client struct { + KmsClient KmsClientIface + KeyId string + SigningAlgorithm string +} + +type Header struct { + Algorithm string + Type string + KeyId string +} + +type Claims struct { + Permission string `json:"permission"` + Subject uuid.UUID `json:"sub"` + IssuedAt time.Time `json:"iss"` + ExpiresAt time.Time `json:"exp"` + NotBefore time.Time `json:"not_before"` +} + +type Auth interface { + Issue(context.Context, ClaimProps) (*string, error) + Verify(context.Context, string) (*Claims, error) +} + +var signingAlgorithms = map[string]types.SigningAlgorithmSpec{ + "RSASSA_PSS_SHA_256": types.SigningAlgorithmSpecRsassaPssSha256, + "RSASSA_PSS_SHA_384": types.SigningAlgorithmSpecRsassaPssSha384, + "RSASSA_PSS_SHA_512": types.SigningAlgorithmSpecRsassaPssSha512, + "RSASSA_PKCS1_V1_5_SHA_256": types.SigningAlgorithmSpecRsassaPkcs1V15Sha256, + "RSASSA_PKCS1_V1_5_SHA_384": types.SigningAlgorithmSpecRsassaPkcs1V15Sha384, + "RSASSA_PKCS1_V1_5_SHA_512": types.SigningAlgorithmSpecEcdsaSha512, +} + +func BuildSigningClient(config *config.Config) (*Client, error) { + cfg, err := config_v2.LoadDefaultConfig(context.TODO(), + config_v2.WithRegion(config.KMS.Region), + ) + if err != nil { + return nil, fmt.Errorf("could not load kms configuration: %s", err) + } + + return &Client{ + KmsClient: kms.NewFromConfig(cfg), + KeyId: config.KMS.KeyId, + SigningAlgorithm: config.KMS.SigningAlgorithm, + }, nil +} + +func NewAuthSigningMetadata(c *Client) (Auth, error) { + s := &signer{ + sign: func(ctx context.Context, message string) ([]byte, error) { + algorithm, ok := signingAlgorithms[c.SigningAlgorithm] + if !ok { + return nil, fmt.Errorf("signing algorithm mapping not supported: %s", c.SigningAlgorithm) + } + signInput := kms.SignInput{ + KeyId: &c.KeyId, + Message: []byte(message), + SigningAlgorithm: algorithm, + } + + signOutput, err := c.KmsClient.Sign(ctx, &signInput) + if err != nil { + return nil, err + } + return signOutput.Signature, nil + }, + verifySignature: func(ctx context.Context, b64Message string, b64Signature string) (bool, error) { + decodedSignature, err := base64.RawURLEncoding.DecodeString(b64Signature) + if err != nil { + return false, fmt.Errorf("error decoding base64 signature: %s, error: %w", b64Signature, err) + } + + algorithm, ok := signingAlgorithms[c.SigningAlgorithm] + if !ok { + return false, fmt.Errorf("signing algorithm mapping not supported: %s", c.SigningAlgorithm) + } + verifyInput := &kms.VerifyInput{ + KeyId: &c.KeyId, + Message: []byte(b64Message), + Signature: decodedSignature, + SigningAlgorithm: algorithm, + } + + verifyOutput, err := c.KmsClient.Verify(ctx, verifyInput) + if err != nil { + return false, err + } + return verifyOutput.SignatureValid, nil + }, + algorithm: func(ctx context.Context) string { + return c.SigningAlgorithm + }, + keyId: c.KeyId, + time: time.Now().UTC, + } + return s, nil +} + +func (s *signer) Issue(ctx context.Context, p ClaimProps) (*string, error) { + header := Header{ + Algorithm: s.algorithm(ctx), + Type: "JWT", + KeyId: s.keyId, + } + + tokenJson, err := json.Marshal(header) + if err != nil { + return nil, fmt.Errorf("could not marshal token to json: %s", err) + } + + headerStr := base64.RawURLEncoding.EncodeToString([]byte(tokenJson)) + claims := Claims{ + Permission: p.Permission, + Subject: p.Subject, + IssuedAt: time.Now().UTC(), + NotBefore: time.Now().UTC(), + ExpiresAt: time.Now().Add(time.Duration(p.ValidForMinutes * int64(time.Minute))).UTC(), + } + claimsJson, err := json.Marshal(claims) + if err != nil { + return nil, fmt.Errorf("could not marshal token claims to json: %s", err) + } + claimsStr := base64.RawURLEncoding.EncodeToString([]byte(claimsJson)) + + message := fmt.Sprintf("%s.%s", headerStr, claimsStr) + signatureBytes, err := s.sign(ctx, message) + if err != nil { + return nil, fmt.Errorf("token signing error: %s", err) + } + + signatureStr := base64.RawURLEncoding.EncodeToString(signatureBytes) + tokenStr := fmt.Sprintf("%s.%s.%s", headerStr, claimsStr, signatureStr) + return &tokenStr, nil +} + +func (s *signer) Verify(ctx context.Context, jwt string) (*Claims, error) { + x := strings.Split(jwt, ".") + if len(x) != 3 { + return nil, fmt.Errorf("invalid jwt format") + } + + headerB64 := x[0] + claimsB64 := x[1] + signatureB64 := x[2] + + headerJson, err := base64.RawURLEncoding.DecodeString(headerB64) + if err != nil { + return nil, fmt.Errorf("base64 decoding header failed: %w", err) + } + + header := &Header{} + err = json.Unmarshal(headerJson, header) + if err != nil { + return nil, fmt.Errorf("json unmarshalling header failed: %v", err) + } + + claimsJson, err := base64.RawURLEncoding.DecodeString(claimsB64) + if err != nil { + return nil, fmt.Errorf("base64 decoding claims failed: %v", err) + } + + claims := &Claims{} + err = json.Unmarshal(claimsJson, claims) + if err != nil { + return nil, fmt.Errorf("json unmarshalling claims failed: %v", err) + } + + err = claims.Valid() + if err != nil { + return nil, err + } + isVerified, err := s.verifySignature(ctx, fmt.Sprintf("%s.%s", x[0], x[1]), signatureB64) + if err != nil { + return nil, fmt.Errorf("error verifying signature: %v", err) + } + + if !isVerified { + return nil, err + } + return claims, nil +} + +func (c *Claims) Valid() error { + if time.Now().UTC().After(c.ExpiresAt) { + return ErrExpiredToken + } + + if time.Now().UTC().Before(c.NotBefore) { + return ErrInvalidToken + } + return nil +} diff --git a/internal/authentication/payload.go b/internal/authentication/payload.go new file mode 100644 index 0000000..b5de257 --- /dev/null +++ b/internal/authentication/payload.go @@ -0,0 +1,28 @@ +package authentication + +import ( + "errors" + + "github.com/google/uuid" +) + +var ( + ErrExpiredToken = errors.New("token has expired") + ErrInvalidToken = errors.New("token is invalid") +) + +type ServicePayload struct { + ServiceID uuid.UUID `json:"service_id"` + ServiceAccount string `json:"service_account"` + Environment string `json:"environment"` + ValidSubjectAlternateName []string `json:"subject_alternate_name"` + ValidCertificateAuthorities []string `json:"certificate_authorities"` + CertificateValidity int16 `json:"certificate_validity"` + SubordinateCa string `json:"subordinate_ca"` + ExtendedKey string `json:"certificate_request_extension"` + SANRegularExpression string `json:"regular_expression"` +} + +type EnrollmentPayload struct { + SerialNumber string `json:"serial_number"` +} diff --git a/internal/authorization/casbin/model.conf b/internal/authorization/casbin/model.conf new file mode 100644 index 0000000..ed9fb1e --- /dev/null +++ b/internal/authorization/casbin/model.conf @@ -0,0 +1,11 @@ +[request_definition] +r = sub, obj + +[policy_definition] +p = sub, obj + +[policy_effect] +e = some(where (p.eft == allow)) + +[matchers] +m = r.sub == p.sub && keyMatch(r.obj, p.obj) diff --git a/internal/authorization/casbin/policy.csv b/internal/authorization/casbin/policy.csv new file mode 100644 index 0000000..24363e4 --- /dev/null +++ b/internal/authorization/casbin/policy.csv @@ -0,0 +1,3 @@ +p, ADMIN, /baseca.v1.Account/* +p, ADMIN, /baseca.v1.Service/* +p, ADMIN, /baseca.v1.Certificate/* \ No newline at end of file diff --git a/internal/authorization/permission.go b/internal/authorization/permission.go new file mode 100644 index 0000000..e517628 --- /dev/null +++ b/internal/authorization/permission.go @@ -0,0 +1,16 @@ +package authorization + +const ( + ADMIN = "ADMIN" + PRIVILEGED = "PRIVILEGED" + READ = "READ" +) + +func IsSupportedPermission(permission string) bool { + switch permission { + case ADMIN, PRIVILEGED, READ: + return true + } + + return false +} diff --git a/internal/client/acmpca/client.go b/internal/client/acmpca/client.go new file mode 100644 index 0000000..23fbbe9 --- /dev/null +++ b/internal/client/acmpca/client.go @@ -0,0 +1,38 @@ +package acm_pca + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/credentials/stscreds" + "github.com/aws/aws-sdk-go-v2/service/acmpca" + "github.com/aws/aws-sdk-go-v2/service/sts" + "github.com/coinbase/baseca/internal/types" +) + +type PrivateCaClientIface interface { + IssueCertificate(ctx context.Context, params *acmpca.IssueCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.IssueCertificateOutput, error) + GetCertificate(ctx context.Context, params *acmpca.GetCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.GetCertificateOutput, error) + RevokeCertificate(ctx context.Context, params *acmpca.RevokeCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.RevokeCertificateOutput, error) + GetCertificateAuthorityCertificate(ctx context.Context, params *acmpca.GetCertificateAuthorityCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.GetCertificateAuthorityCertificateOutput, error) +} + +type PrivateCaClient struct { + Client PrivateCaClientIface + waiter *acmpca.CertificateIssuedWaiter +} + +func NewPrivateCaClient(parameters types.CertificateParameters) (*PrivateCaClient, error) { + cfg, _ := config.LoadDefaultConfig(context.TODO()) + stsclient := sts.NewFromConfig(cfg) + + if parameters.AssumeRole { + cfg.Credentials = stscreds.NewAssumeRoleProvider(stsclient, parameters.RoleArn) + cfg.Region = parameters.Region + } + + client := acmpca.NewFromConfig(cfg) + return &PrivateCaClient{ + Client: client, + }, nil +} diff --git a/internal/client/acmpca/issue.go b/internal/client/acmpca/issue.go new file mode 100644 index 0000000..940e8d2 --- /dev/null +++ b/internal/client/acmpca/issue.go @@ -0,0 +1,141 @@ +package acm_pca + +import ( + "context" + "crypto/rand" + "crypto/x509" + "encoding/hex" + "encoding/pem" + "fmt" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/acmpca" + pca_types "github.com/aws/aws-sdk-go-v2/service/acmpca/types" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/types" +) + +const ( + _subordinateCACertificate_PathLen0_V1 = "arn:aws:acm-pca:::template/SubordinateCACertificate_PathLen0/V1" + _codeSigningCertifiate_V1 = "arn:aws:acm-pca:::template/CodeSigningCertifiate/V1" + _endEntityServerAuthCertificate_V1 = "arn:aws:acm-pca:::template/EndEntityServerAuthCertificate/V1" + _endEntityClientAuthCertificate_V1 = "arn:aws:acm-pca:::template/EndEntityClientAuthCertificate/V1" +) + +func (c *PrivateCaClient) IssueCertificateFromTemplate(parameters *apiv1.CertificateAuthorityParameter, csr []byte, template string) (*x509.Certificate, error) { + idempotencyToken, err := generateIdempotencyToken() + if err != nil { + return nil, err + } + + signingAlgorithm, ok := types.ValidSignatures[parameters.SignAlgorithm] + if !ok { + return nil, fmt.Errorf("signature algorithm %s invalid", parameters.SignAlgorithm) + } + + certReq := acmpca.IssueCertificateInput{ + CertificateAuthorityArn: aws.String(parameters.CaArn), + Csr: csr, + TemplateArn: aws.String(template), + SigningAlgorithm: signingAlgorithm.PCA, + Validity: &pca_types.Validity{ + Value: aws.Int64(int64(parameters.Validity)), + Type: pca_types.ValidityPeriodTypeDays, + }, + IdempotencyToken: aws.String(*idempotencyToken), + } + + certificateOutput, err := c.Client.IssueCertificate(context.Background(), &certReq) + if err != nil { + return nil, err + } + + certificateInput := acmpca.GetCertificateInput{ + CertificateArn: certificateOutput.CertificateArn, + CertificateAuthorityArn: ¶meters.CaArn, + } + + certificate, err := c.waitUntilCertificateIssued(certificateInput) + if err != nil { + return nil, err + } + + return certificate, nil +} + +func (c *PrivateCaClient) IssueSubordinateCertificate(parameters types.CertificateParameters, algorithm string, csr []byte) (*x509.Certificate, error) { + idempotencyToken, err := generateIdempotencyToken() + if err != nil { + return nil, err + } + + signingAlgorithm, ok := types.ValidSignatures[algorithm] + if !ok { + return nil, fmt.Errorf("signature algorithm %s invalid", algorithm) + } + + certReq := acmpca.IssueCertificateInput{ + CertificateAuthorityArn: aws.String(parameters.CaArn), + Csr: csr, + TemplateArn: aws.String(_subordinateCACertificate_PathLen0_V1), + SigningAlgorithm: signingAlgorithm.PCA, + Validity: &pca_types.Validity{ + Value: aws.Int64(int64(parameters.Validity)), + Type: pca_types.ValidityPeriodTypeDays, + }, + IdempotencyToken: aws.String(*idempotencyToken), + } + + certificateOutput, err := c.Client.IssueCertificate(context.Background(), &certReq) + if err != nil { + return nil, err + } + + certificateInput := acmpca.GetCertificateInput{ + CertificateArn: certificateOutput.CertificateArn, + CertificateAuthorityArn: ¶meters.CaArn, + } + + certificate, err := c.waitUntilCertificateIssued(certificateInput) + if err != nil { + return nil, err + } + + return certificate, nil +} + +func generateIdempotencyToken() (*string, error) { + idempotency := make([]byte, 16) + _, err := rand.Read(idempotency) + if err != nil { + return nil, fmt.Errorf("error generating idempotency token: %s", err) + } + + encoded := hex.EncodeToString(idempotency) + return &encoded, nil +} + +// AWS Removed WaitUntilCertificateIssued(input *GetCertificateInput) in the v2 SDK +func (c *PrivateCaClient) waitUntilCertificateIssued(request acmpca.GetCertificateInput) (*x509.Certificate, error) { + c.waiter = acmpca.NewCertificateIssuedWaiter(c.Client) + err := c.waiter.Wait(context.Background(), &request, time.Duration(30*time.Second)) + if err != nil { + return nil, err + } + certificatePem, err := c.Client.GetCertificate(context.Background(), &request) + if err != nil { + return nil, err + } + certPemBlock, _ := pem.Decode([]byte(*certificatePem.Certificate)) + if certPemBlock == nil { + return nil, err + } + + certificate, err := x509.ParseCertificate(certPemBlock.Bytes) + if err != nil { + return nil, err + } + + return certificate, nil +} diff --git a/internal/client/acmpca/query.go b/internal/client/acmpca/query.go new file mode 100644 index 0000000..7ea2770 --- /dev/null +++ b/internal/client/acmpca/query.go @@ -0,0 +1,19 @@ +package acm_pca + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/service/acmpca" +) + +func (c *PrivateCaClient) GetSubordinateCAChain(certificate_authority_arn string) (*acmpca.GetCertificateAuthorityCertificateOutput, error) { + input := acmpca.GetCertificateAuthorityCertificateInput{ + CertificateAuthorityArn: &certificate_authority_arn, + } + response, err := c.Client.GetCertificateAuthorityCertificate(context.Background(), &input) + if err != nil { + return nil, err + } + + return response, nil +} diff --git a/internal/client/acmpca/revoke.go b/internal/client/acmpca/revoke.go new file mode 100644 index 0000000..62898f2 --- /dev/null +++ b/internal/client/acmpca/revoke.go @@ -0,0 +1,18 @@ +package acm_pca + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/acmpca" + "github.com/aws/aws-sdk-go-v2/service/acmpca/types" +) + +func (c *PrivateCaClient) RevokeCertificate(certificate_authority_arn string, serial_number string, revocation_reason string) (*acmpca.RevokeCertificateOutput, error) { + revokeCertificateInput := &acmpca.RevokeCertificateInput{ + CertificateAuthorityArn: aws.String(certificate_authority_arn), + CertificateSerial: aws.String(serial_number), + RevocationReason: types.RevocationReason(revocation_reason), + } + return c.Client.RevokeCertificate(context.Background(), revokeCertificateInput) +} diff --git a/internal/client/firehose/client.go b/internal/client/firehose/client.go new file mode 100644 index 0000000..fa9c88e --- /dev/null +++ b/internal/client/firehose/client.go @@ -0,0 +1,33 @@ +package firehose + +import ( + "context" + "fmt" + + config_v2 "github.com/aws/aws-sdk-go-v2/config" + firehose_v2 "github.com/aws/aws-sdk-go-v2/service/firehose" + "github.com/coinbase/baseca/internal/config" +) + +type FirehoseClientIface interface { + PutRecord(ctx context.Context, params *firehose_v2.PutRecordInput, optFns ...func(*firehose_v2.Options)) (*firehose_v2.PutRecordOutput, error) +} + +type FirehoseClient struct { + DataStream string + Service FirehoseClientIface +} + +func NewFirehoseClient(config *config.Config) (*FirehoseClient, error) { + cfg, err := config_v2.LoadDefaultConfig(context.TODO(), + config_v2.WithRegion(config.Firehose.Region), + ) + if err != nil { + return nil, fmt.Errorf("unable to create new session: %s", err) + } + + return &FirehoseClient{ + DataStream: config.Firehose.Stream, + Service: firehose_v2.NewFromConfig(cfg), + }, nil +} diff --git a/internal/client/firehose/stream.go b/internal/client/firehose/stream.go new file mode 100644 index 0000000..b452055 --- /dev/null +++ b/internal/client/firehose/stream.go @@ -0,0 +1,45 @@ +package firehose + +import ( + "context" + "encoding/json" + "fmt" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + firehose_v2 "github.com/aws/aws-sdk-go-v2/service/firehose" + "github.com/aws/aws-sdk-go-v2/service/firehose/types" +) + +type ForwardedEventUploadEvent struct { + SerialNumber string `json:"serial_number"` + Metadata Metadata `json:"metadata"` +} + +type Metadata struct { + CommonName string `json:"common_name"` + SubjectAlternateName []string `json:"subject_alternate_name"` + CertificateExpiration time.Time `json:"certificate_expiration"` + IssuedDate time.Time `json:"issued_date"` + CaSerialNumber string `json:"ca_serial_number"` + CertificateAuthorityArn string `json:"certificate_authority_arn"` +} + +func (c FirehoseClient) Stream(ctx context.Context, event ForwardedEventUploadEvent) (response *firehose_v2.PutRecordOutput, err error) { + batch, err := json.Marshal(event) + if err != nil { + return nil, fmt.Errorf("error marshalling firehose event: %s", err) + } + input := &firehose_v2.PutRecordInput{ + DeliveryStreamName: aws.String(c.DataStream), + Record: &types.Record{ + Data: append(batch, '\n'), + }, + } + + record, err := c.Service.PutRecord(ctx, input) + if err != nil { + return nil, fmt.Errorf("error putting firehose record: %s", err) + } + return record, nil +} diff --git a/internal/client/redis/client.go b/internal/client/redis/client.go new file mode 100644 index 0000000..13e2f02 --- /dev/null +++ b/internal/client/redis/client.go @@ -0,0 +1,63 @@ +package redis + +import ( + "context" + "fmt" + "time" + + "github.com/coinbase/baseca/internal/config" + "github.com/go-redis/redis/v8" +) + +const ( + // Redis Cache (Maximum Certificates Issued Within Default Time) 5 Minutes + _default_rate_limit = 0 + _default_window = 1 + _default_period = 5 +) + +type RedisIface interface { + HIncrBy(ctx context.Context, key, field string, incr int64) *redis.IntCmd + HGetAll(ctx context.Context, key string) *redis.StringStringMapCmd + HDel(ctx context.Context, key string, fields ...string) *redis.IntCmd + Expire(ctx context.Context, key string, expiration time.Duration) *redis.BoolCmd +} +type RedisClient struct { + Client RedisIface + Config *config.RedisConfig + + // Sliding Window + Limit int + Period time.Duration + Window time.Duration +} + +func NewRedisClient(config *config.Config) (*RedisClient, error) { + redisConfig := &config.Redis + endpoint := fmt.Sprintf("%s:%s", redisConfig.Endpoint, redisConfig.Port) + client := redis.NewClient(&redis.Options{Addr: endpoint}) + + if redisConfig.Period == 0 { + redisConfig.Period = _default_period + } + + if redisConfig.Duration == 0 { + redisConfig.Duration = _default_window + } + + if redisConfig.RateLimit == 0 { + redisConfig.RateLimit = _default_rate_limit + } + + if redisConfig.Duration > redisConfig.Period { + return nil, fmt.Errorf("redis window duration [%d] must be greater than window period [%d]", redisConfig.Duration, redisConfig.Period) + } + + return &RedisClient{ + Client: client, + Config: redisConfig, + Limit: redisConfig.RateLimit, + Period: time.Duration(redisConfig.Period) * time.Minute, + Window: time.Duration(redisConfig.Duration) * time.Minute, + }, nil +} diff --git a/internal/client/redis/increment.go b/internal/client/redis/increment.go new file mode 100644 index 0000000..6f31a82 --- /dev/null +++ b/internal/client/redis/increment.go @@ -0,0 +1,47 @@ +package redis + +import ( + "context" + "fmt" + "strconv" + "time" +) + +func (r *RedisClient) Increment(ctx context.Context, key string, increment int) error { + utc := time.Now().UTC() + timestamp := fmt.Sprint(utc.Truncate(r.Window).Unix()) + + value, err := r.Client.HIncrBy(ctx, key, timestamp, int64(increment)).Result() + if err != nil { + return err + } + + if value == 1 { + r.Client.Expire(ctx, key, r.Period) + } else if value >= int64(r.Limit) { + return fmt.Errorf("rate limit [%d], time period [%v], reset time: [%v], current limit: [%d]", r.Limit, r.Period, utc.Add(r.Period), value) + } + + values, err := r.Client.HGetAll(ctx, key).Result() + if err != nil { + return err + } + + threshold := fmt.Sprint(utc.Add(-r.Period).Unix()) + + aggregate := 0 + for time, count := range values { + if time > threshold { + i, _ := strconv.Atoi(count) + aggregate += i + } else { + r.Client.HDel(ctx, key, time) + } + } + + if aggregate >= r.Limit { + return fmt.Errorf("rate limit [%d], time period [%v], reset time: [%v], current aggregate: [%d]", r.Limit, r.Period, utc.Add(r.Period), aggregate) + } + + return nil +} diff --git a/internal/client/secretsmanager/client.go b/internal/client/secretsmanager/client.go new file mode 100644 index 0000000..c67b8c7 --- /dev/null +++ b/internal/client/secretsmanager/client.go @@ -0,0 +1,31 @@ +package secretsmanager + +import ( + "context" + "fmt" + + config_v2 "github.com/aws/aws-sdk-go-v2/config" + secretsmanager_v2 "github.com/aws/aws-sdk-go-v2/service/secretsmanager" + "github.com/coinbase/baseca/internal/config" +) + +type SecretsManagerClientIface interface { + GetSecretValue(ctx context.Context, params *secretsmanager_v2.GetSecretValueInput, optFns ...func(*secretsmanager_v2.Options)) (*secretsmanager_v2.GetSecretValueOutput, error) +} + +type SecretsManagerClient struct { + Client SecretsManagerClientIface +} + +func NewSecretsManagerClient(config *config.Config) (*SecretsManagerClient, error) { + cfg, err := config_v2.LoadDefaultConfig(context.TODO(), + config_v2.WithRegion(config.SecretsManager.Region), + ) + if err != nil { + return nil, fmt.Errorf("unable to create new session: %s", err) + } + + return &SecretsManagerClient{ + Client: secretsmanager_v2.NewFromConfig(cfg), + }, nil +} diff --git a/internal/client/secretsmanager/query.go b/internal/client/secretsmanager/query.go new file mode 100644 index 0000000..6ef7db2 --- /dev/null +++ b/internal/client/secretsmanager/query.go @@ -0,0 +1,45 @@ +package secretsmanager + +import ( + "context" + "encoding/json" + "fmt" + "os" + + secretsmanager_v2 "github.com/aws/aws-sdk-go-v2/service/secretsmanager" +) + +const ( + DATABASE_CREDENTIALS = "password" + AUTH_PRIVATE_KEY = "auth_private_key" + AUTH_PUBLIC_KEY = "auth_public_key" +) + +func (s *SecretsManagerClient) GetSecretValue(id string, key string) (*string, error) { + envValue, exists := os.LookupEnv(key) + if exists { + return &envValue, nil + } + + input := &secretsmanager_v2.GetSecretValueInput{ + SecretId: &id, + } + + result, err := s.Client.GetSecretValue(context.Background(), input) + if err != nil { + return nil, err + } + + var data map[string]string + err = json.Unmarshal([]byte(*result.SecretString), &data) + if err != nil { + return nil, fmt.Errorf("error unmarshal secrets manager data %s", id) + } + + value, ok := data[key] + if !ok { + return nil, fmt.Errorf("key %s not found in secrets manager %s", key, id) + } + + return &value, nil +} diff --git a/internal/config/config.go b/internal/config/config.go new file mode 100644 index 0000000..5657a45 --- /dev/null +++ b/internal/config/config.go @@ -0,0 +1,83 @@ +package config + +type SubordinateCertificate struct { + Region string `mapstructure:"region"` + CaArn string `mapstructure:"ca_arn"` + CaActiveDay int `mapstructure:"ca_active_day"` + AssumeRole bool `mapstructure:"assume_role"` + RoleArn string `mapstructure:"role_arn"` + RootCa bool `mapstructure:"root_ca"` +} + +type SubordinateCertificateAuthority struct { + BaseDirectory string `mapstructure:"directory"` + Country string `mapstructure:"country"` + Province string `mapstructure:"province"` + Locality string `mapstructure:"locality"` + Organization string `mapstructure:"organization"` + OrganizationUnit string `mapstructure:"organization_unit"` + Email string `mapstructure:"email"` + SigningAlgorithm string `mapstructure:"signing_algorithm"` + KeyAlgorithm string `mapstructure:"key_algorithm"` + KeySize int `mapstructure:"key_size"` +} + +type DatabaseConfig struct { + Driver string `mapstructure:"database_driver"` + Table string `mapstructure:"database_table"` + Endpoint string `mapstructure:"database_endpoint"` + ReaderEndpoint string `mapstructure:"database_reader_endpoint"` + User string `mapstructure:"database_user"` + Port int `mapstructure:"database_port"` + Region string `mapstructure:"region"` + SSLMode string `mapstructure:"ssl_mode"` +} + +type RedisConfig struct { + Endpoint string `mapstructure:"cluster_endpoint"` + Port string `mapstructure:"port"` + Duration int `mapstructure:"duration"` + Period int `mapstructure:"period"` + RateLimit int `mapstructure:"rate_limit"` +} + +type FirehoseConfig struct { + Stream string `mapstructure:"stream"` + Region string `mapstructure:"region"` +} + +type KMSConfig struct { + KeyId string `mapstructure:"key_id"` + SigningAlgorithm string `mapstructure:"signing_algorithm"` + Region string `mapstructure:"region"` + AuthValidity int `mapstructure:"auth_validity"` +} + +type SecretsManagerConfig struct { + SecretId string `mapstructure:"secret_id"` + Region string `mapstructure:"region"` +} + +type Environment struct { + Local []string `mapstructure:"local"` + Sandbox []string `mapstructure:"sandbox"` + Development []string `mapstructure:"development"` + Staging []string `mapstructure:"staging"` + PreProduction []string `mapstructure:"pre_production"` + Production []string `mapstructure:"production"` + Corporate []string `mapstructure:"corporate"` +} + +type Config struct { + GRPCServerAddress string `mapstructure:"grpc_server_address"` + OCSPServer []string `mapstructure:"ocsp_server"` + Database DatabaseConfig `mapstructure:"database"` + Redis RedisConfig `mapstructure:"redis"` + KMS KMSConfig `mapstructure:"kms"` + Firehose FirehoseConfig `mapstructure:"firehose"` + Domains []string `mapstructure:"domains"` + ACMPCA map[string]SubordinateCertificate `mapstructure:"acm_pca"` + SecretsManager SecretsManagerConfig `mapstructure:"secrets_manager"` + SubordinateMetadata SubordinateCertificateAuthority `mapstructure:"subordinate_ca_metadata"` + Environment Environment `mapstructure:"certificate_authority"` +} diff --git a/internal/config/fx.go b/internal/config/fx.go new file mode 100644 index 0000000..a0e55a2 --- /dev/null +++ b/internal/config/fx.go @@ -0,0 +1,63 @@ +package config + +import ( + "github.com/coinbase/baseca/internal/environment" + "github.com/coinbase/baseca/internal/logger" + "go.uber.org/fx" +) + +var Module = fx.Options( + fx.Provide( + ProvideConfigPathResolver, + ProvideConfig, + ), +) + +var Configuration *Config + +type Parameter struct { + fx.In + + Environment environment.Environment + PathResolver ConfigFilePathResolver +} + +type Result struct { + fx.Out + + RawConfig *Config + ConfigProvider ConfigProvider +} + +type ConfigProvider interface { + Get(path string, cfg interface{}) error + Exists(path string) bool +} + +func ProvideConfig(p Parameter) (Result, error) { + var result Result + ctxLogger := logger.ContextLogger{Logger: logger.DefaultLogger} + + _, resolver := p.Environment, p.PathResolver + path, err := resolver.Resolve() + if err != nil { + ctxLogger.Error(err.Error()) + } + ctxLogger.Info("Load Config From File, Config Path: " + path) + v, err := BuildViper(path) + if err != nil { + ctxLogger.Error(err.Error()) + } + + config, err := LoadConfig(v) + if err != nil { + return result, err + } + + Configuration = config // Set Globally + + result.RawConfig = config + result.ConfigProvider = NewConfigProviderFromViper(v) + + return result, nil +} diff --git a/internal/config/load.go b/internal/config/load.go new file mode 100644 index 0000000..6758225 --- /dev/null +++ b/internal/config/load.go @@ -0,0 +1,72 @@ +package config + +import ( + "errors" + "fmt" + + "github.com/coinbase/baseca/internal/logger" + "github.com/mitchellh/mapstructure" + "github.com/spf13/viper" + "go.uber.org/zap" +) + +type configProvider struct { + v *viper.Viper +} + +var _ ConfigProvider = (*configProvider)(nil) + +func BuildViper(path string) (*viper.Viper, error) { + ctxLogger := logger.ContextLogger{Logger: logger.DefaultLogger} + ctxLogger.Info("Setting up Viper to load configuration", zap.String("config-path", path)) + + v := viper.New() + v.SetConfigFile(path) + v.AutomaticEnv() + + if err := v.ReadInConfig(); err != nil { + return nil, err + } + + return v, nil +} + +func LoadConfig(viper *viper.Viper) (*Config, error) { + if viper == nil { + return nil, errors.New("Failed to load config.") + } + + c := Config{} + if err := viper.Unmarshal(&c); err != nil { + return nil, errors.New("Failed to read configuration file.") + } + return &c, nil +} + +func NewConfigProviderFromViper(v *viper.Viper) ConfigProvider { + return &configProvider{v: v} +} + +func (cp *configProvider) Get(path string, cfg interface{}) error { + if !cp.Exists(path) { + return fmt.Errorf("Path %s is not found in configuration.", path) + } + + if err := cp.v.UnmarshalKey(path, cfg, func(setting *mapstructure.DecoderConfig) { + setting.ErrorUnused = true + setting.ZeroFields = true + }); err != nil { + return err + } + + if u, ok := cfg.(interface{ Validate() error }); ok { + if err := u.Validate(); err != nil { + return err + } + } + return nil +} + +func (cp *configProvider) Exists(path string) bool { + return cp.v.Get(path) != nil +} diff --git a/internal/config/path.go b/internal/config/path.go new file mode 100644 index 0000000..5f66ea0 --- /dev/null +++ b/internal/config/path.go @@ -0,0 +1,38 @@ +package config + +import ( + "fmt" + + "github.com/bazelbuild/rules_go/go/tools/bazel" + "github.com/coinbase/baseca/internal/environment" +) + +const ( + _template = "config/config.%s.yml" +) + +type ConfigFilePathResolver interface { + Resolve() (string, error) +} + +type Resolver struct { + Environment environment.Environment + Template string +} + +func ProvideConfigPathResolver(e environment.Environment) ConfigFilePathResolver { + return &Resolver{Environment: e, Template: _template} +} + +var _ ConfigFilePathResolver = (*Resolver)(nil) + +func (r Resolver) Resolve() (string, error) { + configurationFileName := configurationFileName(r.Environment) + location := fmt.Sprintf(r.Template, configurationFileName) + path, _ := bazel.Runfile(location) + return path, nil +} + +func configurationFileName(e environment.Environment) string { + return fmt.Sprintf("%s.%s.%s", e.Configuration, e.Stage, e.Provider) +} diff --git a/internal/environment/environment.go b/internal/environment/environment.go new file mode 100644 index 0000000..bba1fd9 --- /dev/null +++ b/internal/environment/environment.go @@ -0,0 +1,51 @@ +package environment + +import ( + "os" +) + +const ( + _Configuration = "CONFIGURATION" + _Environment = "ENVIRONMENT" + _AWSProvider = "aws" + _LocalProvider = "sandbox" + _LocalStage = "local" + _PrimaryConfiguration = "primary" +) + +type Environment struct { + Provider string + Stage string + Configuration string +} + +func ProvideEnvironment() Environment { + result := Environment{ + Provider: getProvider(), + Stage: getStage(), + Configuration: getConfiguration(), + } + return result +} + +func getProvider() string { + if os.Getenv(_Environment) != "" { + return _AWSProvider + } + return _LocalProvider +} + +func getStage() string { + configStage := os.Getenv(_Configuration) + if len(configStage) != 0 { + return configStage + } + return _LocalStage +} + +func getConfiguration() string { + switch os.Getenv(_Configuration) { + default: + return _PrimaryConfiguration + } +} diff --git a/internal/environment/fx.go b/internal/environment/fx.go new file mode 100644 index 0000000..73f0a6c --- /dev/null +++ b/internal/environment/fx.go @@ -0,0 +1,11 @@ +package environment + +import ( + "go.uber.org/fx" +) + +var Module = fx.Options( + fx.Provide( + ProvideEnvironment, + ), +) diff --git a/internal/gateway/grpc/fx.go b/internal/gateway/grpc/fx.go new file mode 100644 index 0000000..a3c01a5 --- /dev/null +++ b/internal/gateway/grpc/fx.go @@ -0,0 +1,163 @@ +package grpc + +import ( + "context" + "database/sql" + "fmt" + "log" + "net" + + "github.com/casbin/casbin/v2" + apiservice "github.com/coinbase/baseca/cmd/server/baseca" + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/client/secretsmanager" + "github.com/coinbase/baseca/internal/config" + "github.com/coinbase/baseca/internal/logger" + "github.com/coinbase/baseca/internal/v1/certificate" + "github.com/coinbase/baseca/internal/v1/health" + grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware" + "go.uber.org/fx" + "go.uber.org/zap" + "google.golang.org/grpc" + "google.golang.org/grpc/codes" + healthpb "google.golang.org/grpc/health/grpc_health_v1" + "google.golang.org/grpc/reflection" +) + +const ( + authorization_path = "internal/authorization/casbin" +) + +var Module = fx.Options( + fx.Invoke(StartRPC), +) + +func StartRPC(lc fx.Lifecycle, cfg *config.Config) error { + client, err := secretsmanager.NewSecretsManagerClient(cfg) + if err != nil { + log.Fatalf("error instantiating secrets manager client") + } + + credentials, err := client.GetSecretValue(cfg.SecretsManager.SecretId, secretsmanager.DATABASE_CREDENTIALS) + if err != nil { + log.Fatalf("error getting database credentials: %s", err) + } + + caError := certificate.ValidateSubordinateParameters(cfg.SubordinateMetadata) + if caError != nil { + log.Fatalf("error in subordinate ca configuration: %s", caError) + } + + database_endpoint, err := GetPgConn(cfg.Database, cfg.Database.Endpoint, *credentials) + if err != nil { + log.Fatalf("error building database writer endpoint: %s", err.Error()) + } + database_reader_endpoint, err := GetPgConn(cfg.Database, cfg.Database.ReaderEndpoint, *credentials) + if err != nil { + log.Fatalf("error building database reader endpoint: %s", err.Error()) + } + + if err != nil { + log.Fatalf("cannot connect to the database: %s", err) + } + + authorization_model := fmt.Sprintf("%s/model.conf", authorization_path) + authorization_policy := fmt.Sprintf("%s/policy.csv", authorization_path) + enforcer, _ := casbin.NewEnforcer(authorization_model, authorization_policy) + + writer_endpoint := db.BuildDatastore(database_endpoint) + reader_endpoint := db.BuildDatastore(database_reader_endpoint) + db := db.DatabaseEndpoints{Writer: writer_endpoint, Reader: reader_endpoint} + + // RPC Server + server, err := apiservice.BuildServer(db, cfg, enforcer) + if err != nil { + log.Fatal("cannot Start grpc server", err) + } + + extractor := func(resp interface{}, err error, code codes.Code) string { + if err != nil { + if customErr, ok := err.(*logger.Error); ok { + return customErr.InternalError.Error() + } + return err.Error() + } + return "success" + } + + term := make(chan error) + var grpcServer *grpc.Server + + lc.Append(fx.Hook{ + OnStart: func(ctx context.Context) error { + + // RPC Middleware Logger + logInterceptor := logger.RpcLogger(extractor) + interceptors := grpc_middleware.ChainUnaryServer(logInterceptor, server.Middleware.ServerAuthenticationInterceptor) + grpcServer = grpc.NewServer(grpc.UnaryInterceptor(interceptors)) + + // Service Registration + apiv1.RegisterAccountServer(grpcServer, server.User) + apiv1.RegisterServiceServer(grpcServer, server.Service) + apiv1.RegisterCertificateServer(grpcServer, server.Certificate) + + hs := health.NewHealthServer() + healthpb.RegisterHealthServer(grpcServer, hs) + reflection.Register(grpcServer) + + listener, err := net.Listen("tcp", config.Configuration.GRPCServerAddress) + if err != nil { + log.Fatal("cannot create rpc listener") + } + + go func() { + term <- grpcServer.Serve(listener) + }() + + return nil + }, + OnStop: func(ctx context.Context) error { + if grpcServer == nil { + return nil + } + + grpcServer.Stop() + var err error + select { + case err = <-term: + case <-ctx.Done(): + err = fmt.Errorf("context deadline: %w", err) + } + + logger.DefaultLogger.Info("server exited:", zap.Error(err)) + return nil + }, + }) + + return nil +} + +func GetPgConn(conf config.DatabaseConfig, endpoint, credentials string) (*sql.DB, error) { + dataSource := fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s", endpoint, conf.Port, conf.User, credentials, conf.Table) + + if conf.SSLMode == "disable" { + dataSource = fmt.Sprintf("%s sslmode=disable", dataSource) + } else { + dataSource = fmt.Sprintf("%s sslmode=verify-full sslrootcert=internal/attestor/aws_iid/certificate/rds.global.bundle.pem", dataSource) + } + + // Open Database Connection + sqlClient, err := sql.Open("postgres", dataSource) + if err != nil { + return nil, fmt.Errorf("error: The data source arguments are not valid: %v", err) + } + + // Validate Connection + err = sqlClient.Ping() + if err != nil { + return nil, fmt.Errorf("error: Could not establish a connection with the database: %v", err) + } + + return sqlClient, nil +} diff --git a/internal/lib/crypto/chain.go b/internal/lib/crypto/chain.go new file mode 100644 index 0000000..5ada06a --- /dev/null +++ b/internal/lib/crypto/chain.go @@ -0,0 +1,127 @@ +package crypto + +import ( + "bytes" + "crypto/x509" + "encoding/pem" + "fmt" + "os" + "path/filepath" + "strings" + + "github.com/coinbase/baseca/internal/types" +) + +const ( + _subordinatePrivateKey = "/ca-subordinate.key" + _subordinateCertificate = "/ca-subordinate.crt" + _subordinateSerialNumber = "/serial.txt" + _intermediateCertificate = "/ca-intermediate.crt" + _certificateAuthorityArn = "/acm-pca.txt" + _rootCertificate = "/ca-root.crt" +) + +func BuildCertificateChain(intermediateCa string, certificate []byte, caCertificate []byte) (*bytes.Buffer, *bytes.Buffer, error) { + var err error + leaf_certificate := new(bytes.Buffer) + chained_certificate := new(bytes.Buffer) + + intermediate_ca, root_ca, err := getCertificateChain(intermediateCa) + if err != nil { + return nil, nil, err + } + + // Leaf Certificate + err = pem.Encode(leaf_certificate, &pem.Block{Type: "CERTIFICATE", Bytes: certificate}) + if err != nil { + return nil, nil, err + } + + // Certificate Chain + err = pem.Encode(chained_certificate, &pem.Block{Type: "CERTIFICATE", Bytes: certificate}) + if err != nil { + return nil, nil, err + } + + // Build the chain based on the existence of intermediate_ca + var chain [][]byte + if intermediate_ca != nil { + chain = [][]byte{caCertificate, intermediate_ca, root_ca} + } else { + chain = [][]byte{caCertificate, root_ca} + } + + for _, certificate := range chain { + err = pem.Encode(chained_certificate, &pem.Block{Type: "CERTIFICATE", Bytes: certificate}) + if err != nil { + return nil, nil, err + } + } + + return leaf_certificate, chained_certificate, nil +} + +func GetSubordinateCaPath(service string) (*string, *string, error) { + directoryPath := filepath.Join(types.SubordinatePath, service) + + caPath := filepath.Join(directoryPath, _subordinateCertificate) + if !strings.HasPrefix(caPath, types.SubordinatePath) { + return nil, nil, fmt.Errorf("unsafe file input, read ca subordinate certificate") + } + + keyPath := filepath.Join(directoryPath, _subordinatePrivateKey) + if !strings.HasPrefix(caPath, types.SubordinatePath) { + return nil, nil, fmt.Errorf("unsafe file input, read ca subordinate private key") + } + + return &caPath, &keyPath, nil +} + +func getCertificateChain(service string) ([]byte, []byte, error) { + intermediatePath := filepath.Join(types.SubordinatePath, service+_intermediateCertificate) + rootPath := filepath.Join(types.SubordinatePath, service+_rootCertificate) + + if !strings.HasPrefix(intermediatePath, types.SubordinatePath) || !strings.HasPrefix(rootPath, types.SubordinatePath) { + return nil, nil, fmt.Errorf("unsafe file input") + } + + var x509_intermediate_ca *x509.Certificate + if _, err := os.Stat(intermediatePath); !os.IsNotExist(err) { + intermediate_ca, err := os.ReadFile(intermediatePath) + if err != nil { + return nil, nil, err + } + x509_intermediate_ca, err = parseCertificate(intermediate_ca) + if err != nil { + return nil, nil, err + } + } + + root_ca, err := os.ReadFile(rootPath) + if err != nil { + return nil, nil, err + } + + x509_root_ca, err := parseCertificate(root_ca) + if err != nil { + return nil, nil, err + } + + var intermediateRaw []byte + if x509_intermediate_ca != nil { + intermediateRaw = x509_intermediate_ca.Raw + } + return intermediateRaw, x509_root_ca.Raw, nil +} + +func parseCertificate(ca []byte) (*x509.Certificate, error) { + pemBlock, _ := pem.Decode(ca) + if pemBlock == nil { + return nil, fmt.Errorf("failed to parse certificate PEM") + } + cert, err := x509.ParseCertificate(pemBlock.Bytes) + if err != nil { + return nil, err + } + return cert, nil +} diff --git a/internal/lib/crypto/pk.go b/internal/lib/crypto/pk.go new file mode 100644 index 0000000..15be4a6 --- /dev/null +++ b/internal/lib/crypto/pk.go @@ -0,0 +1,258 @@ +package crypto + +import ( + "bytes" + "crypto" + "crypto/ecdsa" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "crypto/x509/pkix" + "encoding/pem" + "errors" + "fmt" + "os" + "path/filepath" + "strings" + + "github.com/coinbase/baseca/internal/types" +) + +type RSA struct { + PublicKey *rsa.PublicKey + PrivateKey *rsa.PrivateKey +} + +type ECDSA struct { + PublicKey *ecdsa.PublicKey + PrivateKey *ecdsa.PrivateKey +} + +func (key *RSA) KeyPair() interface{} { + return key +} + +func (key *RSA) Sign(data []byte) ([]byte, error) { + h := crypto.SHA256.New() + h.Write(data) + hashed := h.Sum(nil) + return rsa.SignPKCS1v15(rand.Reader, key.PrivateKey, crypto.SHA256, hashed) +} + +func (key *ECDSA) KeyPair() interface{} { + return key +} + +func (key *ECDSA) Sign(data []byte) ([]byte, error) { + h := crypto.SHA256.New() + h.Write(data) + hashed := h.Sum(nil) + r, s, err := ecdsa.Sign(rand.Reader, key.PrivateKey, hashed) + if err != nil { + return nil, err + } + signature := append(r.Bytes(), s.Bytes()...) + return signature, nil +} + +func ReturnPrivateKey(key types.AsymmetricKey) (interface{}, error) { + switch k := key.KeyPair().(type) { + case *RSA: + return k.PrivateKey, nil + case *ECDSA: + return k.PrivateKey, nil + default: + return nil, fmt.Errorf("unsupported key type") + } +} + +func GenerateCSR(csr types.CertificateRequest) (*types.SigningRequest, error) { + switch csr.PublicKeyAlgorithm { + case x509.RSA: + if csr.KeySize < 2048 { + return nil, errors.New("invalid key size, rsa minimum valid bits 2048]") + } + // TODO: ECDSA + } + + subject := pkix.Name{ + CommonName: csr.CommonName, + Country: csr.DistinguishedName.Country, + Province: csr.DistinguishedName.Province, + Locality: csr.DistinguishedName.Locality, + Organization: csr.DistinguishedName.Organization, + OrganizationalUnit: csr.DistinguishedName.OrganizationalUnit, + } + + template := x509.CertificateRequest{ + Subject: subject, + SignatureAlgorithm: csr.SigningAlgorithm, + DNSNames: csr.SubjectAlternateNames, + } + + switch csr.SigningAlgorithm { + case x509.SHA256WithRSA, x509.SHA384WithRSA, x509.SHA512WithRSA: + pk, err := rsa.GenerateKey(rand.Reader, csr.KeySize) + if err != nil { + return nil, errors.New("error generating rsa key pair") + } + + csrBytes, err := x509.CreateCertificateRequest(rand.Reader, &template, pk) + if err != nil { + return nil, err + } + + certificatePem := new(bytes.Buffer) + err = pem.Encode(certificatePem, &pem.Block{ + Type: "CERTIFICATE REQUEST", + Bytes: csrBytes, + }) + + if err != nil { + return nil, errors.New("error encoding certificate request (csr)") + } + + if len(csr.Output.CertificateSigningRequest) != 0 { + if err := os.WriteFile(csr.Output.CertificateSigningRequest, certificatePem.Bytes(), os.ModePerm); err != nil { + return nil, fmt.Errorf("error writing certificate signing request (csr) to [%s]", csr.Output.CertificateSigningRequest) + } + } + + pkBlock := &pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: x509.MarshalPKCS1PrivateKey(pk), + } + + if len(csr.Output.PrivateKey) != 0 { + if err := os.WriteFile(csr.Output.PrivateKey, pem.EncodeToMemory(pkBlock), os.ModePerm); err != nil { + return nil, fmt.Errorf("error writing private key to [%s]", csr.Output.PrivateKey) + } + } + + return &types.SigningRequest{ + CSR: certificatePem, + PrivateKey: pkBlock, + }, nil + default: + return nil, errors.New("unsupported signing algorithm") + } +} + +func GetSubordinateCaParameters(service string) (*types.CertificateAuthority, error) { + subordinatePath := filepath.Join(types.SubordinatePath, service+_subordinateCertificate) + subordinate, err := readFileFromSystem(subordinatePath) + if err != nil { + return nil, fmt.Errorf("error reading subordinate ca from %s: %w", subordinatePath, err) + } + + subordinatePem, _ := pem.Decode(*subordinate) + if subordinatePem == nil { + return nil, fmt.Errorf("error decoding subordinate PEM") + } + + subordinateCertificate, err := x509.ParseCertificate(subordinatePem.Bytes) + if err != nil { + return nil, fmt.Errorf("error parsing subordinate certificate: %w", err) + } + + privateKeyPath := filepath.Join(types.SubordinatePath, service+_subordinatePrivateKey) + pk, err := readFileFromSystem(privateKeyPath) + if err != nil { + return nil, fmt.Errorf("error reading subordinate ca key from %s: %w", privateKeyPath, err) + } + + pkPem, _ := pem.Decode(*pk) + if pkPem == nil { + return nil, fmt.Errorf("error decoding private key") + } + + subordinatePrivateKey, err := formatAsymmetricKey(pkPem) + if err != nil { + return nil, fmt.Errorf("error formatting private key: %w", err) + } + + serialNumberPath := filepath.Join(types.SubordinatePath, service+_subordinateSerialNumber) + caSerialNumber, err := readFileFromSystem(serialNumberPath) + if err != nil { + return nil, fmt.Errorf("error reading subordinate ca serial number from %s: %w", serialNumberPath, err) + } + + caArnPath := filepath.Join(types.SubordinatePath, service+_certificateAuthorityArn) + caArn, err := readFileFromSystem(caArnPath) + if err != nil { + return nil, fmt.Errorf("error reading subordinate ca arn from %s: %w", caArnPath, err) + } + + return &types.CertificateAuthority{ + Certificate: subordinateCertificate, + AsymmetricKey: &subordinatePrivateKey, + SerialNumber: string(*caSerialNumber), + CertificateAuthorityArn: string(*caArn), + }, nil +} + +func readFileFromSystem(path string) (*[]byte, error) { + if !strings.HasPrefix(path, types.SubordinatePath) { + return nil, fmt.Errorf("unsafe file input path") + } + + file, err := os.ReadFile(filepath.Clean(path)) + if err != nil { + return nil, err + } + return &file, err +} + +func writeFileToSystem(path string, data []byte) error { + if !strings.HasPrefix(path, types.SubordinatePath) { + return fmt.Errorf("unsafe file input, write private key") + } + + if err := os.WriteFile(path, data, os.ModePerm); err != nil { + return err + } + return nil +} + +func formatAsymmetricKey(block *pem.Block) (types.AsymmetricKey, error) { + switch block.Type { + case "RSA PRIVATE KEY": + rsaKey, err := parseRSAPrivateKey(block.Bytes) + if err != nil { + return nil, err + } + return rsaKey, nil + case "EC PRIVATE KEY": + ecdsaKey, err := parseECDSAPrivateKey(block.Bytes) + if err != nil { + return nil, err + } + return ecdsaKey, nil + default: + return nil, errors.New("unsupported key type") + } +} + +func parseRSAPrivateKey(keyBytes []byte) (*RSA, error) { + key, err := x509.ParsePKCS1PrivateKey(keyBytes) + if err != nil { + return nil, err + } + rsaPrivateKey := &RSA{ + PublicKey: &key.PublicKey, + PrivateKey: key, + } + return rsaPrivateKey, nil +} + +func parseECDSAPrivateKey(keyBytes []byte) (*ECDSA, error) { + key, err := x509.ParseECPrivateKey(keyBytes) + if err != nil { + return nil, err + } + ecdsaPrivateKey := &ECDSA{ + PublicKey: &key.PublicKey, + PrivateKey: key, + } + return ecdsaPrivateKey, nil +} diff --git a/internal/lib/crypto/store.go b/internal/lib/crypto/store.go new file mode 100644 index 0000000..809ff01 --- /dev/null +++ b/internal/lib/crypto/store.go @@ -0,0 +1,134 @@ +package crypto + +import ( + "crypto/x509" + "encoding/pem" + "fmt" + "io/ioutil" + "os" + "path/filepath" + "strings" + + "github.com/aws/aws-sdk-go-v2/service/acmpca" + "github.com/coinbase/baseca/internal/types" +) + +func WriteKeyToFile(service string, privateKey types.AsymmetricKey) error { + var pemBlock *pem.Block + directoryPath := filepath.Join(types.SubordinatePath, service) + filePath := filepath.Join(directoryPath, _subordinatePrivateKey) + + if !strings.HasPrefix(filePath, types.SubordinatePath) { + return fmt.Errorf("unsafe file input, write private key") + } + + switch k := privateKey.KeyPair().(type) { + case *RSA: + pkBytes := x509.MarshalPKCS1PrivateKey(k.PrivateKey) + pemBlock = &pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: pkBytes, + } + case *ECDSA: + pkBytes, err := x509.MarshalECPrivateKey(k.PrivateKey) + if err != nil { + return err + } + pemBlock = &pem.Block{ + Type: "EC PRIVATE KEY", + Bytes: pkBytes, + } + default: + return fmt.Errorf("private key format not supported") + } + + if err := ioutil.WriteFile(filePath, pem.EncodeToMemory(pemBlock), os.ModePerm); err != nil { + return err + } + + return nil +} + +func WriteSubordinateCaParameters(service string, caCertificate *x509.Certificate, ca types.CertificateParameters, pca *acmpca.GetCertificateAuthorityCertificateOutput) error { + var err error + + directoryPath := filepath.Join(types.SubordinatePath, service) + + // Subordinate CA + filePath := filepath.Join(directoryPath, _subordinateCertificate) + pemBlock := encodeCertificateFromx509(caCertificate) + if err := os.WriteFile(filePath, *pemBlock, os.ModePerm); err != nil { + return err + } + + if !ca.RootCa { + filePath = filepath.Join(directoryPath, _intermediateCertificate) + pemBlock, err = encodeCertificateFromString(pca.Certificate) + if err != nil { + return fmt.Errorf("error encoding intermediate ca") + } + if err := os.WriteFile(filePath, *pemBlock, os.ModePerm); err != nil { + return fmt.Errorf("error writing intermediate ca to filesystem") + } + + filePath = filepath.Join(directoryPath, _rootCertificate) + pemBlock, err = encodeCertificateFromString(pca.CertificateChain) + if err != nil { + return fmt.Errorf("error encoding root ca") + } + if err := os.WriteFile(filePath, *pemBlock, os.ModePerm); err != nil { + return fmt.Errorf("error writing root ca to filesystem") + } + } else { + filePath = filepath.Join(directoryPath, _rootCertificate) + pemBlock, err = encodeCertificateFromString(pca.Certificate) + if err != nil { + return fmt.Errorf("error encoding root ca") + } + if err := os.WriteFile(filePath, *pemBlock, os.ModePerm); err != nil { + return fmt.Errorf("error writing root ca to filesystem") + } + } + + // Certificate Authority Serial Number + ca_serial_number := fmt.Sprintf("%x", caCertificate.SerialNumber) + filePath = filepath.Join(directoryPath, _subordinateSerialNumber) + err = writeFileToSystem(filePath, []byte(ca_serial_number)) + if err != nil { + return fmt.Errorf("error writing serial number to filesystem") + } + + // Intermediate ACM Private CA ARN + filePath = filepath.Join(directoryPath, _certificateAuthorityArn) + err = writeFileToSystem(filePath, []byte(ca.CaArn)) + if err != nil { + return fmt.Errorf("error writing ca arn to filesystem") + } + return nil +} + +func encodeCertificateFromString(certificate *string) (*[]byte, error) { + c := []byte(*certificate) + block, _ := pem.Decode(c) + x509Certificate, err := x509.ParseCertificate(block.Bytes) + if err != nil { + return nil, fmt.Errorf("invalid x509 certificate format") + } + pemBlock := pem.EncodeToMemory( + &pem.Block{ + Type: "CERTIFICATE", + Bytes: x509Certificate.Raw, + }, + ) + return &pemBlock, nil +} + +func encodeCertificateFromx509(certificate *x509.Certificate) *[]byte { + pemBlock := pem.EncodeToMemory( + &pem.Block{ + Type: "CERTIFICATE", + Bytes: certificate.Raw, + }, + ) + return &pemBlock +} diff --git a/internal/lib/util/backoff.go b/internal/lib/util/backoff.go new file mode 100644 index 0000000..c1cc344 --- /dev/null +++ b/internal/lib/util/backoff.go @@ -0,0 +1,54 @@ +package util + +import ( + "errors" + "fmt" + "os" + "path/filepath" + "time" + + "github.com/coinbase/baseca/internal/types" +) + +var backoffSchedule = []time.Duration{ + 1 * time.Second, + 2 * time.Second, + 4 * time.Second, + 8 * time.Second, + 16 * time.Second, +} + +func LockfileBackoff(lockfilePath string) error { + _, err := os.OpenFile(filepath.Clean(lockfilePath), os.O_RDONLY, 0400) + if err == nil { + // Backoff Until Lock File Removed + for _, backoff := range backoffSchedule { + _, err = os.OpenFile(filepath.Clean(lockfilePath), os.O_RDONLY, 0400) + if errors.Is(err, os.ErrNotExist) { + return nil + } + time.Sleep(backoff) + } + return errors.New(ERROR_LOCKFILE_PRESENT) + } + return nil +} + +func GenerateLockfile(service string) error { + // Lock Subordinate CA SSL + lockfilePath := fmt.Sprintf("%s/%s/%s.lock", types.SubordinatePath, service, service) + _, err := os.Create(filepath.Clean(lockfilePath)) + if err != nil { + return fmt.Errorf("error generating lockfile [%s]", service) + } + return nil +} + +func RemoveLockfile(service string) error { + lockfilePath := fmt.Sprintf("%s/%s/%s.lock", types.SubordinatePath, service, service) + err := os.Remove(filepath.Clean(lockfilePath)) + if err != nil { + return fmt.Errorf("error removing lock file [%s]", service) + } + return nil +} diff --git a/internal/lib/util/errors.go b/internal/lib/util/errors.go new file mode 100644 index 0000000..3fbd746 --- /dev/null +++ b/internal/lib/util/errors.go @@ -0,0 +1,11 @@ +package util + +const ( + ERROR_HASHING_CREDENTIALS = "error hashing user credentials" // #nosec G101 False Positive + ERROR_CREATE_TOKEN = "error creating auth token" + ERROR_LOCKFILE_PRESENT = "subordinate ca lockfile present" + INVALID_SERIAL_NUMBER = "invalid serial number for enrollment" + ERROR_ENROLLING_DEVICE = "error enrolling device serial number" + MALFORMATTED_REQUEST = "malformatted request parameters" + UNAUTHORIZED_REQUEST = "unauthorized request" +) diff --git a/internal/lib/util/random.go b/internal/lib/util/random.go new file mode 100644 index 0000000..77363aa --- /dev/null +++ b/internal/lib/util/random.go @@ -0,0 +1,98 @@ +package util + +import ( + "crypto/rand" + "encoding/base64" + "encoding/hex" + "fmt" + "testing" + "time" + + db "github.com/coinbase/baseca/db/sqlc" + "github.com/coinbase/baseca/internal/authentication" + "github.com/google/uuid" +) + +func GenerateTestUser(t *testing.T, permissions string, length int) (db.User, string) { + client_id, _ := uuid.NewRandom() + credentials := generateRandomCredentials(length) + hashed_credentials, _ := authentication.HashPassword(credentials) + email := generateRandomEmail() + username := generateRandomUsername() + full_name := generateRandomName() + + return db.User{ + Uuid: client_id, + Username: username, + HashedCredential: hashed_credentials, + FullName: full_name, + Email: email, + Permissions: permissions, + CredentialChangedAt: time.Now().UTC(), + CreatedAt: time.Now().UTC(), + }, credentials +} + +func generateRandomEmail() string { + randBytes := make([]byte, 8) + _, err := rand.Read(randBytes) + if err != nil { + panic(err) + } + + // Encode the random bytes using base64 encoding to get an ASCII string + randStr := base64.URLEncoding.EncodeToString(randBytes) + + // Use the first 10 characters of the base64-encoded string as the email username + return fmt.Sprintf("%s@coinbase.com", randStr[:10]) +} + +func generateRandomName() string { + // Generate random bytes for the first and last name + firstNameBytes := make([]byte, 6) + _, err := rand.Read(firstNameBytes) + if err != nil { + panic(err) + } + lastNameBytes := make([]byte, 6) + _, err = rand.Read(lastNameBytes) + if err != nil { + panic(err) + } + + // Convert the random bytes to hexadecimal strings + firstNameHex := hex.EncodeToString(firstNameBytes)[:10] + lastNameHex := hex.EncodeToString(lastNameBytes)[:10] + + return fmt.Sprintf("%s %s", firstNameHex, lastNameHex) +} + +func generateRandomUsername() string { + // Generate random bytes for the username + usernameBytes := make([]byte, 8) + _, err := rand.Read(usernameBytes) + if err != nil { + panic(err) + } + + // Encode the random bytes using base64 encoding to get an ASCII string + usernameStr := base64.URLEncoding.EncodeToString(usernameBytes) + + // Use the first 10 characters of the base64-encoded string as the username + return usernameStr[:10] +} + +func generateRandomCredentials(length int) string { + // Generate random bytes for the credentials + credentialsBytes := make([]byte, length) + _, err := rand.Read(credentialsBytes) + if err != nil { + panic(err) + } + + // Encode the random bytes using base64 encoding to get an ASCII string + credentialsStr := base64.URLEncoding.EncodeToString(credentialsBytes) + + // Return the first `length` characters of the base64-encoded string + return credentialsStr[:length] +} diff --git a/internal/logger/logger.go b/internal/logger/logger.go new file mode 100644 index 0000000..f049867 --- /dev/null +++ b/internal/logger/logger.go @@ -0,0 +1,205 @@ +package logger + +import ( + "context" + "time" + + "github.com/gogo/status" + "github.com/rs/zerolog/log" + "go.uber.org/zap" + "go.uber.org/zap/zapcore" + "google.golang.org/grpc" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/peer" +) + +const ( + AuthorizationPayloadKey = "authorization_payload" + LoggingContextKey = "request_header_context" + ClientAuthorizationPayload = "client_authorization_payload" + + UserUuid = "user_uuid" + ServiceUuid = "service_uuid" + ErrorMessage = "error_message" +) + +type Extractor func(resp interface{}, err error, code codes.Code) string + +type Error struct { + UserError error + InternalError error +} + +func (e *Error) Error() string { + return e.UserError.Error() +} + +func RpcError(user, internal error) *Error { + return &Error{ + UserError: user, + InternalError: internal, + } +} + +func RpcLogger( + extractor Extractor, +) grpc.UnaryServerInterceptor { + return func( + ctx context.Context, + req interface{}, + info *grpc.UnaryServerInfo, + handler grpc.UnaryHandler, + ) (resp interface{}, err error) { + currentTime := time.Now().UTC() + result, err := handler(ctx, req) + duration := time.Since(currentTime) + + statusCode := codes.Unknown + if st, ok := status.FromError(err); ok { + statusCode = st.Code() + } else if customErr, ok := err.(*Error); ok { + statusCode = status.Code(customErr.UserError) + } + + logger := log.Info() + if err != nil { + logger = log.Error().Err(err) + } + + var clientIP string + if p, ok := peer.FromContext(ctx); ok { + clientIP = p.Addr.String() + } + + // TODO: Validate Request Identifier (Context Post-Authentication) + + logger.Str("protocol", "grpc"). + Str("method", info.FullMethod). + Int("status_code", int(statusCode)). + Str("ip_address", clientIP). + Dur("duration", duration). + Msg(extractor(result, err, statusCode)) + + return result, err + } +} + +type Logger interface { + AddFields(fields ...zap.Field) + + Panic(msg string, fields ...zap.Field) + Fatal(msg string, fields ...zap.Field) + Error(msg string, fields ...zap.Field) + Warn(msg string, fields ...zap.Field) + Info(msg string, fields ...zap.Field) + Debug(msg string, fields ...zap.Field) +} + +var DefaultLogger = NewLogger( + zap.NewExample().WithOptions(zap.Development()).With(zap.Bool("default", true)), +) + +func NewLogger(logger *zap.Logger, logFields ...zap.Field) *ContextLogger { + logger = logger.WithOptions( + zap.AddCallerSkip(1), + zap.AddCaller(), + zap.Fields(append(logFields, + zap.String("logger", "observability.ContextLogger"), + )..., + ), + ) + return NewContextLogger(logWrapper{logger}) +} + +type logKey struct{} + +type ContextLogger struct { + Logger Logger + Fields []zap.Field +} + +func NewContextLogger(logger Logger, fields ...zap.Field) *ContextLogger { + if ctxLogger, ok := logger.(*ContextLogger); ok { + return NewContextLogger(ctxLogger.Logger, append(fields, ctxLogger.Fields...)...) + } + return &ContextLogger{ + Logger: logger, + Fields: fields, + } +} + +func WithLogger(ctx context.Context, logger Logger) context.Context { + return context.WithValue(ctx, logKey{}, NewContextLogger(logger)) +} + +func Log(ctx context.Context) Logger { + if l := extractLogger(ctx); l != nil { + return l + } + l := NewContextLogger(DefaultLogger) + l.AddFields(zap.Any("context", ctx)) + l.Warn("Log called but context not set up.") + return l +} + +func AddLogFields(ctx context.Context, fields ...zap.Field) { + if logger := extractLogger(ctx); logger != nil { + logger.AddFields(fields...) + } else { + Log(ctx).Warn("AddLogFields called but context not set up.", fields...) + } +} + +func extractLogger(ctx context.Context) Logger { + logger := ctx.Value(logKey{}) + if logger == nil { + return nil + } + return logger.(Logger) +} + +func (ctxLogger *ContextLogger) AddFields(fields ...zap.Field) { + ctxLogger.Fields = append(ctxLogger.Fields, fields...) +} + +func (ctxLogger *ContextLogger) fields(fields []zap.Field) []zap.Field { + return append(fields, ctxLogger.Fields...) +} + +func (ctxLogger *ContextLogger) stackFields(fields []zap.Field) []zap.Field { + return append(ctxLogger.fields(fields)) +} + +func (ctxLogger *ContextLogger) Panic(msg string, fields ...zap.Field) { + ctxLogger.Logger.Panic(msg, ctxLogger.stackFields(fields)...) +} +func (ctxLogger *ContextLogger) Fatal(msg string, fields ...zap.Field) { + ctxLogger.Logger.Fatal(msg, ctxLogger.stackFields(fields)...) +} +func (ctxLogger *ContextLogger) Error(msg string, fields ...zap.Field) { + ctxLogger.Logger.Error(msg, ctxLogger.stackFields(fields)...) +} +func (ctxLogger *ContextLogger) Warn(msg string, fields ...zap.Field) { + ctxLogger.Logger.Warn(msg, ctxLogger.fields(fields)...) +} +func (ctxLogger *ContextLogger) Info(msg string, fields ...zap.Field) { + ctxLogger.Logger.Info(msg, ctxLogger.fields(fields)...) +} +func (ctxLogger *ContextLogger) Debug(msg string, fields ...zap.Field) { + ctxLogger.Logger.Debug(msg, ctxLogger.fields(fields)...) +} + +// logWrapper adds a nop AddFields to a zap Logger client to implement the Logger interface +type logWrapper struct { + *zap.Logger +} + +func (logWrapper) AddFields(_ ...zap.Field) {} + +func AppendField(zapFields []zapcore.Field, key string, value string) []zapcore.Field { + return append(zapFields, zap.String(key, value)) +} + +func AppendZapField(zapFields []zapcore.Field, field zapcore.Field) []zapcore.Field { + return append(zapFields, field) +} diff --git a/internal/types/account.go b/internal/types/account.go new file mode 100644 index 0000000..1fc3cef --- /dev/null +++ b/internal/types/account.go @@ -0,0 +1,24 @@ +package types + +import ( + "time" + + "github.com/google/uuid" +) + +type ServiceAccount struct { + ClientID uuid.UUID `json:"client_id"` + ApiToken string `json:"api_token,omitempty" ` + ServiceAccount string `json:"service_account"` + Environment string `json:"environment,omitempty"` + Team string `json:"team"` + Email string `json:"email"` + SANRegularExpression string `json:"regular_expression,omitempty"` + ValidSubjectAlternateName []string `json:"valid_subject_alternate_name"` + ValidCertificateAuthorities []string `json:"valid_certificate_authorities"` + CertificateValidity int16 `json:"certificate_validity"` + ExtendedKey string `json:"extended_key"` + NodeAttestation NodeAttestation `json:"node_attestation"` + CreatedAt time.Time `json:"created_at"` + CreatedBy uuid.UUID `json:"created_by"` +} diff --git a/internal/types/attestation.go b/internal/types/attestation.go new file mode 100644 index 0000000..93b9cc1 --- /dev/null +++ b/internal/types/attestation.go @@ -0,0 +1,23 @@ +package types + +type NodeAttestation struct { + AWSInstanceIdentityDocument AWSInstanceIdentityDocument `json:"aws_iid"` +} + +type AWSInstanceIdentityDocument struct { + RoleArn string `json:"instance_profile_arn,omitempty"` + AssumeRole string `json:"assume_role,omitempty"` + SecurityGroups []string `json:"security_groups,omitempty"` + Region string `json:"region,omitempty"` + InstanceID string `json:"instance_id,omitempty"` + ImageID string `json:"image_id,omitempty"` + InstanceTags map[string]string `json:"instance_tags,omitempty"` +} + +type Node struct { + AWS_IID string +} + +var Attestation = Node{ + AWS_IID: "AWS_IID", +} diff --git a/internal/types/certificate.go b/internal/types/certificate.go new file mode 100644 index 0000000..6de9263 --- /dev/null +++ b/internal/types/certificate.go @@ -0,0 +1,177 @@ +package types + +import ( + "bytes" + "crypto/x509" + "encoding/pem" + "time" + + "github.com/aws/aws-sdk-go-v2/service/acmpca/types" +) + +var SubordinatePath string + +type CertificateParameters struct { + Region string + CaArn string + AssumeRole bool + RoleArn string + Validity int + RootCa bool +} + +type Extensions struct { + KeyUsage x509.KeyUsage + ExtendedKeyUsage []x509.ExtKeyUsage + TemplateArn string +} + +type Algorithm struct { + Algorithm x509.PublicKeyAlgorithm + KeySize map[int]bool + Signature map[string]bool +} + +type SignatureAlgorithm struct { + Common x509.SignatureAlgorithm + PCA types.SigningAlgorithm +} + +type CertificateMetadata struct { + SerialNumber string + CommonName string + SubjectAlternativeName []string + ExpirationDate time.Time + IssuedDate time.Time + CaSerialNumber string + CertificateAuthorityArn string + Revoked bool + RevokedBy string + RevokeDate time.Time +} + +type CertificateRequest struct { + CommonName string + SubjectAlternateNames []string + DistinguishedName DistinguishedName + SigningAlgorithm x509.SignatureAlgorithm + PublicKeyAlgorithm x509.PublicKeyAlgorithm + KeySize int + Output Output +} + +type Output struct { + CertificateSigningRequest string + Certificate string + CertificateChain string + PrivateKey string +} + +type DistinguishedName struct { + Country []string + Province []string + Locality []string + Organization []string + OrganizationalUnit []string +} + +type EC2InstanceMetadata struct { + InstanceIdentityDocument []byte `json:"instance_identity_document"` + InstanceIdentitySignature []byte `json:"instance_identity_signature"` +} + +type CertificateAuthority struct { + Certificate *x509.Certificate + AsymmetricKey *AsymmetricKey + SerialNumber string + CertificateAuthorityArn string +} + +type SigningRequest struct { + CSR *bytes.Buffer + PrivateKey *pem.Block +} + +type AsymmetricKey interface { + KeyPair() interface{} + Sign(data []byte) ([]byte, error) +} + +var ValidSignatures = map[string]SignatureAlgorithm{ + "SHA256WITHECDSA": { + Common: x509.ECDSAWithSHA256, + PCA: types.SigningAlgorithmSha256withecdsa, + }, + "SHA384WITHECDSA": { + Common: x509.ECDSAWithSHA384, + PCA: types.SigningAlgorithmSha384withecdsa, + }, + "SHA512WITHECDSA": { + Common: x509.ECDSAWithSHA512, + PCA: types.SigningAlgorithmSha512withecdsa, + }, + "SHA256WITHRSA": { + Common: x509.SHA256WithRSA, + PCA: types.SigningAlgorithmSha256withrsa, + }, + "SHA384WITHRSA": { + Common: x509.SHA384WithRSA, + PCA: types.SigningAlgorithmSha384withrsa, + }, + "SHA512WITHRSA": { + Common: x509.SHA512WithRSA, + PCA: types.SigningAlgorithmSha512withrsa, + }, + // TODO: Support Probabilistic Element to the Signature Scheme [SHA256WithRSAPSS] +} + +var ValidAlgorithms = map[string]Algorithm{ + "RSA": { + Algorithm: x509.RSA, + KeySize: map[int]bool{ + 2048: true, + 4096: true, + }, + Signature: map[string]bool{ + "SHA256WITHRSA": true, + "SHA384WITHRSA": true, + "SHA512WITHRSA": true, + }, + }, + "ECDSA": { + Algorithm: x509.ECDSA, + KeySize: map[int]bool{ + 256: true, + 384: true, + 521: true, + }, + Signature: map[string]bool{ + "SHA256WITHECDSA": true, + "SHA384WITHECDSA": true, + "SHA512WITHECDSA": true, + }, + }, +} + +var CertificateRequestExtension = map[string]Extensions{ + "EndEntityClientAuthCertificate": { + KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment, + ExtendedKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, + TemplateArn: "arn:aws:acm-pca:::template/EndEntityClientAuthCertificate/V1", + }, + "EndEntityServerAuthCertificate": { + KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment, + ExtendedKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, + TemplateArn: "arn:aws:acm-pca:::template/EndEntityServerAuthCertificate/V1", + }, + "CodeSigningCertificate": { + KeyUsage: x509.KeyUsageDigitalSignature, + ExtendedKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageCodeSigning}, + TemplateArn: "arn:aws:acm-pca:::template/CodeSigningCertificate/V1", + }, +} + +var ValidNodeAttestation = map[string]bool{ + "None": false, + "AWS": true, +} diff --git a/internal/types/constants.go b/internal/types/constants.go new file mode 100644 index 0000000..7f8bc76 --- /dev/null +++ b/internal/types/constants.go @@ -0,0 +1,9 @@ +package types + +const ( + // Context Metadata + AuthorizationPayloadKey = "authorization_payload" + LoggingContextKey = "request_header_context" + ClientAuthorizationPayload = "client_authorization_payload" + EnrollmentAuthorizationPayload = "enrollment_authorization_payload" +) diff --git a/internal/types/enrollment.go b/internal/types/enrollment.go new file mode 100644 index 0000000..6d1eec2 --- /dev/null +++ b/internal/types/enrollment.go @@ -0,0 +1,14 @@ +package types + +type DeviceEnrollmentRequest struct { + SerialNumber string `json:"serial_number" binding:"required"` + Environment string `json:"environment" binding:"required,ca_environment"` +} + +type DeviceEnrollmentResponse struct { + SerialNumber string `json:"serial_number"` + Credentials string `json:"credentials"` +} + +type EndpointCertificateIssueRequest struct { +} diff --git a/internal/v1/accounts/accounts.go b/internal/v1/accounts/accounts.go new file mode 100644 index 0000000..aef6313 --- /dev/null +++ b/internal/v1/accounts/accounts.go @@ -0,0 +1,22 @@ +package accounts + +import ( + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/config" +) + +type Service struct { + apiv1.ServiceServer + store db.DatabaseEndpoints + acmConfig map[string]config.SubordinateCertificate + environment config.Environment +} + +func New(cfg *config.Config, endpoints db.DatabaseEndpoints) *Service { + return &Service{ + store: endpoints, + acmConfig: cfg.ACMPCA, + environment: cfg.Environment, + } +} diff --git a/internal/v1/accounts/accounts_test.go b/internal/v1/accounts/accounts_test.go new file mode 100644 index 0000000..6332ef5 --- /dev/null +++ b/internal/v1/accounts/accounts_test.go @@ -0,0 +1,25 @@ +package accounts + +import ( + mock_store "github.com/coinbase/baseca/db/mock" + db "github.com/coinbase/baseca/db/sqlc" + "github.com/coinbase/baseca/internal/validator" + "github.com/coinbase/baseca/test" +) + +func buildAccountsConfig(store *mock_store.MockStore) (*Service, error) { + config, err := test.GetTestConfigurationPath() + if err != nil { + return nil, err + } + + endpoints := db.DatabaseEndpoints{Writer: store, Reader: store} + validator.SupportedConfig(config) + validator.SupportedEnvironments(config) + + return &Service{ + store: endpoints, + acmConfig: config.ACMPCA, + environment: config.Environment, + }, nil +} diff --git a/internal/v1/accounts/operation_test.go b/internal/v1/accounts/operation_test.go new file mode 100644 index 0000000..b39a61c --- /dev/null +++ b/internal/v1/accounts/operation_test.go @@ -0,0 +1,83 @@ +package accounts + +import ( + "context" + "fmt" + "testing" + + "github.com/coinbase/baseca/db/mock" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/golang/mock/gomock" + "github.com/google/uuid" + "github.com/stretchr/testify/require" + "google.golang.org/protobuf/types/known/emptypb" +) + +func TestDeleteServiceAccount(t *testing.T) { + service_account_id := "030984ac-e8b3-4f6e-83b2-03ecc81c0477" + client_id, err := uuid.Parse(service_account_id) + require.NoError(t, err) + + cases := []struct { + name string + req *apiv1.ServiceAccountId + build func(store *mock.MockStore) + check func(t *testing.T, res *emptypb.Empty, err error) + }{ + { + name: "OK", + req: &apiv1.ServiceAccountId{ + Uuid: service_account_id, + }, + build: func(store *mock.MockStore) { + store.EXPECT().TxDeleteServiceAccount(gomock.Any(), client_id).Times(1).Return(nil) + }, + check: func(t *testing.T, res *emptypb.Empty, err error) { + require.NoError(t, err) + }, + }, + { + name: "INVALID_UUID", + req: &apiv1.ServiceAccountId{ + Uuid: "random_string", + }, + build: func(store *mock.MockStore) {}, + check: func(t *testing.T, res *emptypb.Empty, err error) { + require.Error(t, err) + require.EqualError(t, err, "rpc error: code = InvalidArgument desc = invalid uuid parameter") + }, + }, + { + name: "DB_ERROR", + req: &apiv1.ServiceAccountId{ + Uuid: service_account_id, + }, + build: func(store *mock.MockStore) { + store.EXPECT().TxDeleteServiceAccount(gomock.Any(), client_id).Times(1).Return(fmt.Errorf("internal server error")) + }, + check: func(t *testing.T, res *emptypb.Empty, err error) { + require.Error(t, err) + require.EqualError(t, err, "rpc error: code = Internal desc = internal server error") + }, + }, + } + + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + tc.build(store) + + c, err := buildAccountsConfig(store) + require.NoError(t, err) + + res, err := c.DeleteServiceAccount(context.Background(), tc.req) + tc.check(t, res, err) + }) + } +} diff --git a/internal/v1/accounts/operations.go b/internal/v1/accounts/operations.go new file mode 100644 index 0000000..78d742a --- /dev/null +++ b/internal/v1/accounts/operations.go @@ -0,0 +1,26 @@ +package accounts + +import ( + "context" + + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/logger" + "github.com/gogo/status" + "github.com/google/uuid" + "google.golang.org/grpc/codes" + "google.golang.org/protobuf/types/known/emptypb" +) + +func (s *Service) DeleteServiceAccount(ctx context.Context, req *apiv1.ServiceAccountId) (*emptypb.Empty, error) { + client_id, err := uuid.Parse(req.Uuid) + if err != nil { + return &emptypb.Empty{}, logger.RpcError(status.Error(codes.InvalidArgument, "invalid uuid parameter"), err) + } + + err = s.store.Writer.TxDeleteServiceAccount(ctx, client_id) + if err != nil { + return &emptypb.Empty{}, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return &emptypb.Empty{}, nil +} diff --git a/internal/v1/accounts/query.go b/internal/v1/accounts/query.go new file mode 100644 index 0000000..e90b453 --- /dev/null +++ b/internal/v1/accounts/query.go @@ -0,0 +1,145 @@ +package accounts + +import ( + "context" + "database/sql" + "fmt" + + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/logger" + "github.com/coinbase/baseca/internal/types" + "github.com/coinbase/baseca/internal/validator" + "github.com/gogo/status" + "github.com/google/uuid" + "google.golang.org/grpc/codes" + "google.golang.org/protobuf/types/known/timestamppb" +) + +func (s *Service) ListServiceAccounts(ctx context.Context, req *apiv1.QueryParameter) (*apiv1.ServiceAccounts, error) { + var accounts apiv1.ServiceAccounts + + if req.PageId <= 0 || req.PageSize <= 0 { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid request parameters"), fmt.Errorf("invalid page_id or page_size")) + } + + arg := db.ListServiceAccountsParams{ + Limit: req.PageSize, + Offset: (req.PageId - 1) * req.PageSize, + } + + services, err := s.store.Reader.ListServiceAccounts(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + for _, service := range services { + account, err := s.accountQuery(ctx, service) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + accounts.ServiceAccounts = append(accounts.ServiceAccounts, account) + } + + return &accounts, nil +} + +func (s *Service) GetServiceAccountUuid(ctx context.Context, req *apiv1.ServiceAccountId) (*apiv1.ServiceAccount, error) { + id, err := uuid.Parse(req.Uuid) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid uuid parameter"), err) + } + + service, err := s.store.Reader.GetServiceUUID(ctx, id) + if err != nil { + if err == sql.ErrNoRows { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), fmt.Errorf("service account uuid %s does not exist", id)) + } + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + account, err := s.accountQuery(ctx, service) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return account, nil +} + +func (s *Service) accountQuery(ctx context.Context, account *db.Account) (*apiv1.ServiceAccount, error) { + var attestation types.NodeAttestation + + if validator.Contains(account.NodeAttestation, types.Attestation.AWS_IID) { + iid, err := s.store.Reader.GetInstanceIdentityDocument(ctx, account.ClientID) + if err != nil { + return nil, err + } + + instance_tag_map, err := validator.ConvertNullRawMessageToMap(iid.InstanceTags) + if err != nil { + return nil, err + } + + // TODO: Update awsIid {} Response + attestation = types.NodeAttestation{ + AWSInstanceIdentityDocument: types.AWSInstanceIdentityDocument{ + RoleArn: iid.RoleArn.String, + AssumeRole: iid.AssumeRole.String, + SecurityGroups: iid.SecurityGroupID, + Region: iid.Region.String, + InstanceID: iid.InstanceID.String, + ImageID: iid.ImageID.String, + InstanceTags: instance_tag_map, + }, + } + } + + return &apiv1.ServiceAccount{ + ClientId: account.ClientID.String(), + ServiceAccount: account.ServiceAccount, + Environment: account.Environment, + RegularExpression: account.RegularExpression.String, + SubjectAlternativeNames: account.ValidSubjectAlternateName, + CertificateAuthorities: account.ValidCertificateAuthorities, + ExtendedKey: account.ExtendedKey, + CertificateValidity: int32(account.CertificateValidity), + Team: account.Team, + Email: account.Email, + CreatedAt: timestamppb.New(account.CreatedAt), + CreatedBy: account.CreatedBy.String(), + NodeAttestation: &apiv1.NodeAttestation{ + AwsIid: &apiv1.AWSInstanceIdentityDocument{ + RoleArn: attestation.AWSInstanceIdentityDocument.RoleArn, + AssumeRole: attestation.AWSInstanceIdentityDocument.AssumeRole, + SecurityGroups: attestation.AWSInstanceIdentityDocument.SecurityGroups, + Region: attestation.AWSInstanceIdentityDocument.Region, + InstanceId: attestation.AWSInstanceIdentityDocument.InstanceID, + InstanceTags: attestation.AWSInstanceIdentityDocument.InstanceTags, + }, + }, + }, nil +} + +func (s *Service) GetServiceAccountName(ctx context.Context, req *apiv1.ServiceAccountName) (*apiv1.ServiceAccounts, error) { + var accounts apiv1.ServiceAccounts + account_name := req.ServiceAccount + + if len(req.ServiceAccount) == 0 { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid service_account parameter"), fmt.Errorf("invalid service_account parameter")) + } + + service_accounts, err := s.store.Reader.GetServiceAccounts(ctx, account_name) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + for _, service_account := range service_accounts { + account, err := s.accountQuery(ctx, service_account) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + accounts.ServiceAccounts = append(accounts.ServiceAccounts, account) + } + + return &accounts, nil +} diff --git a/internal/v1/accounts/query_test.go b/internal/v1/accounts/query_test.go new file mode 100644 index 0000000..ebb5089 --- /dev/null +++ b/internal/v1/accounts/query_test.go @@ -0,0 +1,340 @@ +package accounts + +import ( + "context" + "fmt" + "testing" + + "github.com/coinbase/baseca/db/mock" + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/golang/mock/gomock" + "github.com/google/uuid" + "github.com/stretchr/testify/require" +) + +func TestListServiceAccounts(t *testing.T) { + const ( + pageId = 1 + pageSize = 5 + ) + + param := db.ListServiceAccountsParams{ + Limit: pageSize, + Offset: (pageId - 1) * pageSize, + } + + clientId, err := uuid.NewRandom() + require.NoError(t, err) + + cases := []struct { + name string + req *apiv1.QueryParameter + build func(store *mock.MockStore) + check func(t *testing.T, res *apiv1.ServiceAccounts, err error) + }{ + { + name: "OK_NO_SERVICE_ACCOUNT", + req: &apiv1.QueryParameter{ + PageId: 1, + PageSize: 5, + }, + build: func(store *mock.MockStore) { + store.EXPECT().ListServiceAccounts(gomock.Any(), param).Times(1).Return([]*db.Account{}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.NoError(t, err) + }, + }, + { + name: "OK_NO_NODE_ATTESTATION", + req: &apiv1.QueryParameter{ + PageId: 1, + PageSize: 5, + }, + build: func(store *mock.MockStore) { + account := db.Account{ + ClientID: clientId, + NodeAttestation: []string{}, + } + store.EXPECT().ListServiceAccounts(gomock.Any(), param).Times(1).Return([]*db.Account{&account}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.NoError(t, err) + }, + }, + { + name: "OK", + req: &apiv1.QueryParameter{ + PageId: 1, + PageSize: 5, + }, + build: func(store *mock.MockStore) { + account := db.Account{ + ClientID: clientId, + NodeAttestation: []string{"AWS_IID"}, + } + store.EXPECT().ListServiceAccounts(gomock.Any(), param).Times(1).Return([]*db.Account{&account}, nil) + store.EXPECT().GetInstanceIdentityDocument(gomock.Any(), clientId).Times(1).Return(&db.AwsAttestation{}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.NoError(t, err) + }, + }, + { + name: "DB_ERROR_LIST_SERVICE_ACCOUNT", + req: &apiv1.QueryParameter{ + PageId: 1, + PageSize: 5, + }, + build: func(store *mock.MockStore) { + store.EXPECT().ListServiceAccounts(gomock.Any(), param).Times(1).Return(nil, fmt.Errorf("list service account error")) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.Error(t, err) + require.Empty(t, res) + require.EqualError(t, err, "rpc error: code = Internal desc = internal server error") + }, + }, + { + name: "DB_ERROR_GET_INSTANCE_IDENTITY_DOCUMENT", + req: &apiv1.QueryParameter{ + PageId: 1, + PageSize: 5, + }, + build: func(store *mock.MockStore) { + account := db.Account{ + ClientID: clientId, + NodeAttestation: []string{"AWS_IID"}, + } + store.EXPECT().ListServiceAccounts(gomock.Any(), param).Times(1).Return([]*db.Account{&account}, nil) + store.EXPECT().GetInstanceIdentityDocument(gomock.Any(), clientId).Times(1).Return(nil, fmt.Errorf("get instance identity document error")) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.Error(t, err) + require.Empty(t, res) + require.EqualError(t, err, "rpc error: code = Internal desc = internal server error") + }, + }, + } + + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + tc.build(store) + + c, err := buildAccountsConfig(store) + require.NoError(t, err) + + res, err := c.ListServiceAccounts(context.Background(), tc.req) + tc.check(t, res, err) + }) + } +} + +func TestGetServiceAccount(t *testing.T) { + clientId, err := uuid.NewRandom() + require.NoError(t, err) + + cases := []struct { + name string + req *apiv1.ServiceAccountId + build func(store *mock.MockStore) + check func(t *testing.T, res *apiv1.ServiceAccount, err error) + }{ + { + name: "OK_NO_ATTESTATION", + req: &apiv1.ServiceAccountId{ + Uuid: clientId.String(), + }, + build: func(store *mock.MockStore) { + store.EXPECT().GetServiceUUID(gomock.Any(), clientId).Times(1).Return(&db.Account{}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccount, err error) { + require.NoError(t, err) + }, + }, + { + name: "OK", + req: &apiv1.ServiceAccountId{ + Uuid: clientId.String(), + }, + build: func(store *mock.MockStore) { + account := db.Account{ + ClientID: clientId, + NodeAttestation: []string{"AWS_IID"}, + } + + store.EXPECT().GetServiceUUID(gomock.Any(), clientId).Times(1).Return(&account, nil) + store.EXPECT().GetInstanceIdentityDocument(gomock.Any(), clientId).Times(1).Return(&db.AwsAttestation{}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccount, err error) { + require.NoError(t, err) + require.NotEmpty(t, res) + }, + }, + { + name: "DB_ERROR_GET_SERVICE_UUID", + req: &apiv1.ServiceAccountId{ + Uuid: clientId.String(), + }, + build: func(store *mock.MockStore) { + store.EXPECT().GetServiceUUID(gomock.Any(), clientId).Times(1).Return(nil, fmt.Errorf("get service uuid error")) + }, + check: func(t *testing.T, res *apiv1.ServiceAccount, err error) { + require.Error(t, err) + require.EqualError(t, err, "rpc error: code = Internal desc = internal server error") + require.Empty(t, res) + }, + }, + { + name: "DB_ERROR_GET_INSTANCE_IDENTITY_DOCUMENT", + req: &apiv1.ServiceAccountId{ + Uuid: clientId.String(), + }, + build: func(store *mock.MockStore) { + account := db.Account{ + ClientID: clientId, + NodeAttestation: []string{"AWS_IID"}, + } + store.EXPECT().GetServiceUUID(gomock.Any(), clientId).Times(1).Return(&account, nil) + store.EXPECT().GetInstanceIdentityDocument(gomock.Any(), clientId).Times(1).Return(nil, fmt.Errorf("get instance identity document")) + }, + check: func(t *testing.T, res *apiv1.ServiceAccount, err error) { + require.Error(t, err) + require.EqualError(t, err, "rpc error: code = Internal desc = internal server error") + require.Empty(t, res) + }, + }, + } + + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + tc.build(store) + + c, err := buildAccountsConfig(store) + require.NoError(t, err) + + res, err := c.GetServiceAccountUuid(context.Background(), tc.req) + tc.check(t, res, err) + }) + } +} + +func TestGetServiceAccountByName(t *testing.T) { + account_name := "example" + request := &apiv1.ServiceAccountName{ + ServiceAccount: account_name, + } + clientId, err := uuid.NewRandom() + require.NoError(t, err) + + cases := []struct { + name string + req *apiv1.ServiceAccountName + build func(store *mock.MockStore) + check func(t *testing.T, res *apiv1.ServiceAccounts, err error) + }{ + { + name: "OK_NO_SERVICE_ACCOUNT", + req: request, + build: func(store *mock.MockStore) { + store.EXPECT().GetServiceAccounts(gomock.Any(), account_name).Times(1).Return([]*db.Account{}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.NoError(t, err) + }, + }, + { + name: "OK_NO_ATTESTATION", + req: request, + build: func(store *mock.MockStore) { + account := db.Account{ + ServiceAccount: account_name, + ClientID: clientId, + } + store.EXPECT().GetServiceAccounts(gomock.Any(), account_name).Times(1).Return([]*db.Account{&account}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.NoError(t, err) + }, + }, + { + name: "OK", + req: request, + build: func(store *mock.MockStore) { + account := db.Account{ + ServiceAccount: account_name, + ClientID: clientId, + NodeAttestation: []string{"AWS_IID"}, + } + store.EXPECT().GetServiceAccounts(gomock.Any(), account_name).Times(1).Return([]*db.Account{&account}, nil) + store.EXPECT().GetInstanceIdentityDocument(gomock.Any(), clientId).Times(1).Return(&db.AwsAttestation{}, nil) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.NoError(t, err) + }, + }, + { + name: "DB_ERROR_GET_SERVICE_ACCOUNTS", + req: request, + build: func(store *mock.MockStore) { + store.EXPECT().GetServiceAccounts(gomock.Any(), account_name).Times(1).Return(nil, fmt.Errorf("get service accounts error")) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.Error(t, err) + require.EqualError(t, err, "rpc error: code = Internal desc = internal server error") + require.Empty(t, res) + }, + }, + { + name: "DB_ERROR_GET_INSTANCE_IDENTITY_DOCUMENT", + req: request, + build: func(store *mock.MockStore) { + account := db.Account{ + ServiceAccount: account_name, + ClientID: clientId, + NodeAttestation: []string{"AWS_IID"}, + } + store.EXPECT().GetServiceAccounts(gomock.Any(), account_name).Times(1).Return([]*db.Account{&account}, nil) + store.EXPECT().GetInstanceIdentityDocument(gomock.Any(), clientId).Times(1).Return(nil, fmt.Errorf("get instance identity document err")) + }, + check: func(t *testing.T, res *apiv1.ServiceAccounts, err error) { + require.Error(t, err) + require.EqualError(t, err, "rpc error: code = Internal desc = internal server error") + }, + }, + } + + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + tc.build(store) + + c, err := buildAccountsConfig(store) + require.NoError(t, err) + + res, err := c.GetServiceAccountName(context.Background(), tc.req) + tc.check(t, res, err) + }) + } +} diff --git a/internal/v1/accounts/service.go b/internal/v1/accounts/service.go new file mode 100644 index 0000000..59983b7 --- /dev/null +++ b/internal/v1/accounts/service.go @@ -0,0 +1,173 @@ +package accounts + +import ( + "context" + "database/sql" + "fmt" + "time" + + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/attestor/aws_iid" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/logger" + "github.com/coinbase/baseca/internal/types" + "github.com/coinbase/baseca/internal/validator" + "github.com/gogo/status" + "github.com/google/uuid" + "google.golang.org/grpc/codes" + "google.golang.org/protobuf/types/known/timestamppb" +) + +func (s *Service) CreateServiceAccount(ctx context.Context, req *apiv1.CreateServiceAccountRequest) (*apiv1.CreateServiceAccountResponse, error) { + var service *db.Account + nodeAttestation := []string{} + + subject_alternative_names := validator.SanitizeInput(req.SubjectAlternativeNames) + certificate_authorities := validator.SanitizeInput(req.CertificateAuthorities) + + err := s.validateCertificateParameters(req.CertificateAuthorities, req.Environment, int16(req.CertificateValidity), req.SubordinateCa) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, err.Error()), err) + } + + // Validate Subject Alternate Name and Regular Expression + err = s.validateSanInput(ctx, req.ServiceAccount, req.Environment, req.SubjectAlternativeNames, req.RegularExpression) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, err.Error()), err) + } + + if _, ok := types.CertificateRequestExtension[req.ExtendedKey]; !ok { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid extended key"), fmt.Errorf("invalid key extension [%s]", req.ExtendedKey)) + } + + if ok := validator.ValidateEmail(req.Email); !ok { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid email"), fmt.Errorf("invalid email [%s]", req.Email)) + } + + if len(req.Team) == 0 { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid team parameter"), fmt.Errorf("invalid team [%s]", req.Team)) + } + + client_id, err := uuid.NewRandom() + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + clientToken, err := authentication.GenerateClientToken(32) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + hashedClientToken, err := authentication.HashPassword(clientToken) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + payload, ok := ctx.Value(types.AuthorizationPayloadKey).(*authentication.Claims) + if !ok { + logger.RpcError(status.Error(codes.Internal, "internal server error"), fmt.Errorf("service auth context missing")) + } + + // Production Service Accounts Require Attestation + if req.Environment == "production" { + if err = validateNodeAttestation(req.NodeAttestation); err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, err.Error()), err) + } + } + + if req.NodeAttestation != nil { + nodeAttestation = aws_iid.GetNodeAttestation(req.NodeAttestation) + + account_arg := db.CreateServiceAccountParams{ + ClientID: client_id, + ApiToken: hashedClientToken, + ServiceAccount: req.ServiceAccount, + Environment: req.Environment, + NodeAttestation: nodeAttestation, + Team: req.Team, + Email: req.Email, + ValidSubjectAlternateName: subject_alternative_names, + ValidCertificateAuthorities: certificate_authorities, + ExtendedKey: req.ExtendedKey, + CertificateValidity: int16(req.CertificateValidity), + SubordinateCa: req.SubordinateCa, + CreatedBy: payload.Subject, + CreatedAt: time.Now().UTC(), + } + + if req.RegularExpression != nil { + account_arg.RegularExpression = sql.NullString{String: *req.RegularExpression, Valid: len(*req.RegularExpression) != 0} + } + + raw_message, err := validator.MapToNullRawMessage(req.NodeAttestation.AwsIid.InstanceTags) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + iid_arg := db.StoreInstanceIdentityDocumentParams{ + ClientID: client_id, + RoleArn: sql.NullString{String: req.NodeAttestation.AwsIid.RoleArn, Valid: len(req.NodeAttestation.AwsIid.RoleArn) != 0}, + AssumeRole: sql.NullString{String: req.NodeAttestation.AwsIid.AssumeRole, Valid: len(req.NodeAttestation.AwsIid.AssumeRole) != 0}, + Region: sql.NullString{String: req.NodeAttestation.AwsIid.Region, Valid: len(req.NodeAttestation.AwsIid.Region) != 0}, + InstanceID: sql.NullString{String: req.NodeAttestation.AwsIid.InstanceId, Valid: len(req.NodeAttestation.AwsIid.InstanceId) != 0}, + ImageID: sql.NullString{String: req.NodeAttestation.AwsIid.ImageId, Valid: len(req.NodeAttestation.AwsIid.ImageId) != 0}, + SecurityGroupID: req.NodeAttestation.AwsIid.SecurityGroups, + InstanceTags: raw_message, + } + + service, err = s.store.Writer.TxCreateServiceAccount(ctx, account_arg, iid_arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "error creating account"), err) + } + } else { + account_arg := db.CreateServiceAccountParams{ + ClientID: client_id, + ApiToken: hashedClientToken, + ServiceAccount: req.ServiceAccount, + Environment: req.Environment, + NodeAttestation: nodeAttestation, + Team: req.Team, + Email: req.Email, + ValidSubjectAlternateName: subject_alternative_names, + ValidCertificateAuthorities: certificate_authorities, + ExtendedKey: req.ExtendedKey, + CertificateValidity: int16(req.CertificateValidity), + SubordinateCa: req.SubordinateCa, + CreatedBy: payload.Subject, + CreatedAt: time.Now().UTC(), + } + + if req.RegularExpression != nil { + account_arg.RegularExpression = sql.NullString{String: *req.RegularExpression, Valid: len(*req.RegularExpression) != 0} + } + + service, err = s.store.Writer.CreateServiceAccount(ctx, account_arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "error creating account"), err) + } + } + + account := apiv1.CreateServiceAccountResponse{ + ClientId: service.ClientID.String(), + ClientToken: clientToken, + ServiceAccount: service.ServiceAccount, + Environment: service.Environment, + NodeAttestation: req.NodeAttestation, + SubjectAlternativeNames: service.ValidSubjectAlternateName, + ExtendedKey: service.ExtendedKey, + CertificateAuthorities: service.ValidCertificateAuthorities, + CertificateValidity: int32(service.CertificateValidity), + SubordinateCa: service.SubordinateCa, + Team: service.Team, + Email: service.Email, + CreatedAt: timestamppb.New(service.CreatedAt), + CreatedBy: service.CreatedBy.String(), + } + + if service.RegularExpression.Valid { + account.RegularExpression = service.RegularExpression.String + } + + return &account, nil +} diff --git a/internal/v1/accounts/service_test.go b/internal/v1/accounts/service_test.go new file mode 100644 index 0000000..35fed5a --- /dev/null +++ b/internal/v1/accounts/service_test.go @@ -0,0 +1,207 @@ +package accounts + +import ( + "context" + "database/sql" + "fmt" + "reflect" + "testing" + "time" + + "github.com/coinbase/baseca/db/mock" + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/types" + "github.com/golang/mock/gomock" + "github.com/google/uuid" + "github.com/stretchr/testify/require" +) + +func TestCreateServiceAccount(t *testing.T) { + id, err := uuid.NewRandom() + require.NoError(t, err) + + authClaim := &authentication.Claims{ + Permission: "ADMIN", + Subject: id, + IssuedAt: time.Now(), + ExpiresAt: time.Now().AddDate(0, 0, 1), + NotBefore: time.Now(), + } + + attestation := apiv1.AWSInstanceIdentityDocument{ + RoleArn: "arn:aws:iam::123456789012:role/role", + AssumeRole: "arn:aws:iam::123456789012:role/assumed-role", + SecurityGroups: []string{"sg-0123456789abcdef0"}, + Region: "us-east-1", + } + + accountParam := db.CreateServiceAccountParams{ + ServiceAccount: "example", + Environment: "sandbox", + ValidSubjectAlternateName: []string{"development.example.com"}, + ExtendedKey: "EndEntityServerAuthCertificate", + NodeAttestation: []string{"AWS_IID"}, + CertificateValidity: 30, + ValidCertificateAuthorities: []string{"sandbox_use1"}, + SubordinateCa: "infrastructure", + Team: "Infrastructure Security", + Email: "security@example.com", + CreatedBy: id, + } + + attestationParam := db.StoreInstanceIdentityDocumentParams{ + RoleArn: sql.NullString{String: attestation.RoleArn, Valid: true}, + AssumeRole: sql.NullString{String: attestation.AssumeRole, Valid: true}, + SecurityGroupID: attestation.SecurityGroups, + Region: sql.NullString{String: attestation.Region, Valid: true}, + } + + request := apiv1.CreateServiceAccountRequest{ + ServiceAccount: "example", + Environment: "sandbox", + SubjectAlternativeNames: []string{"development.example.com"}, + ExtendedKey: "EndEntityServerAuthCertificate", + NodeAttestation: &apiv1.NodeAttestation{ + AwsIid: &attestation, + }, + CertificateAuthorities: []string{"sandbox_use1"}, + SubordinateCa: "infrastructure", + CertificateValidity: 30, + Team: "Infrastructure Security", + Email: "security@example.com", + } + + cases := []struct { + name string + req *apiv1.CreateServiceAccountRequest + build func(store *mock.MockStore) + ctx context.Context + check func(t *testing.T, res *apiv1.CreateServiceAccountResponse, err error) + }{ + { + name: "OK", + req: &request, + build: func(store *mock.MockStore) { + store.EXPECT().ListServiceAccounts(gomock.Any(), gomock.Any()).Times(1).Return([]*db.Account{}, nil) + store.EXPECT().TxCreateServiceAccount( + gomock.Any(), + EqCreateServiceAccountParams(accountParam, "account arg matcher"), + EqStoreInstanceIdentityDocumentParams(attestationParam, "iid arg matcher"), + ).Times(1).Return(&db.Account{}, nil) + }, + ctx: context.WithValue(context.Background(), types.AuthorizationPayloadKey, authClaim), + check: func(t *testing.T, res *apiv1.CreateServiceAccountResponse, err error) { + require.NoError(t, err) + }, + }, + { + name: "OK_NO_ATTESTATION", + req: &apiv1.CreateServiceAccountRequest{ + ServiceAccount: "example", + Environment: "sandbox", + SubjectAlternativeNames: []string{"development.example.com"}, + ExtendedKey: "EndEntityServerAuthCertificate", + CertificateAuthorities: []string{"sandbox_use1"}, + SubordinateCa: "infrastructure", + CertificateValidity: 30, + Team: "Infrastructure Security", + Email: "security@example.com", + }, + build: func(store *mock.MockStore) { + account_arg := db.CreateServiceAccountParams{ + ServiceAccount: "example", + Environment: "sandbox", + ValidSubjectAlternateName: []string{"development.example.com"}, + ExtendedKey: "EndEntityServerAuthCertificate", + CertificateValidity: 30, + ValidCertificateAuthorities: []string{"sandbox_use1"}, + SubordinateCa: "infrastructure", + Team: "Infrastructure Security", + Email: "security@example.com", + CreatedBy: authClaim.Subject, + NodeAttestation: []string{}, + } + store.EXPECT().ListServiceAccounts(gomock.Any(), gomock.Any()).Times(1).Return([]*db.Account{}, nil) + store.EXPECT().CreateServiceAccount( + gomock.Any(), + EqCreateServiceAccountParams(account_arg, "account arg matcher"), + ).Times(1).Return(&db.Account{}, nil) + }, + ctx: context.WithValue(context.Background(), types.AuthorizationPayloadKey, authClaim), + check: func(t *testing.T, res *apiv1.CreateServiceAccountResponse, err error) { + require.NoError(t, err) + }, + }, + } + + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + tc.build(store) + c, err := buildAccountsConfig(store) + require.NoError(t, err) + + res, err := c.CreateServiceAccount(tc.ctx, tc.req) + tc.check(t, res, err) + }) + } +} + +type eqCreateServiceAccountParamsMatcher struct { + arg db.CreateServiceAccountParams + password string +} + +func (e eqCreateServiceAccountParamsMatcher) Matches(x interface{}) bool { + arg, ok := x.(db.CreateServiceAccountParams) + if !ok { + return false + } + + e.arg.ClientID = arg.ClientID + e.arg.ApiToken = arg.ApiToken + e.arg.CreatedAt = arg.CreatedAt + return reflect.DeepEqual(e.arg, arg) +} + +func (e eqCreateServiceAccountParamsMatcher) String() string { + return fmt.Sprintf("%v", e.arg) +} + +func EqCreateServiceAccountParams(arg db.CreateServiceAccountParams, password string) gomock.Matcher { + return eqCreateServiceAccountParamsMatcher{arg, password} +} + +type eqStoreInstanceIdentityDocumentParamsMatcher struct { + arg db.StoreInstanceIdentityDocumentParams + password string +} + +func (e eqStoreInstanceIdentityDocumentParamsMatcher) Matches(x interface{}) bool { + arg, ok := x.(db.StoreInstanceIdentityDocumentParams) + if !ok { + return false + } + + e.arg.ClientID = arg.ClientID + e.arg.InstanceID = arg.InstanceID + e.arg.ImageID = arg.ImageID + e.arg.InstanceTags = arg.InstanceTags + return reflect.DeepEqual(e.arg, arg) +} + +func (e eqStoreInstanceIdentityDocumentParamsMatcher) String() string { + return fmt.Sprintf("%v", e.arg) +} + +func EqStoreInstanceIdentityDocumentParams(arg db.StoreInstanceIdentityDocumentParams, password string) gomock.Matcher { + return eqStoreInstanceIdentityDocumentParamsMatcher{arg, password} +} diff --git a/internal/v1/accounts/validate.go b/internal/v1/accounts/validate.go new file mode 100644 index 0000000..f5cc82e --- /dev/null +++ b/internal/v1/accounts/validate.go @@ -0,0 +1,215 @@ +package accounts + +import ( + "context" + "fmt" + "regexp" + + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/validator" +) + +const ( + _role_regex_pattern = `^arn:aws:iam::\d{12}:role\/[a-zA-Z_0-9+=,.@-]+$` + _sg_regex_pattern = `^sg-[a-zA-Z0-9]+$` + _instance_id_pattern = `^i-[a-fA-F0-9]{8,17}$` +) + +// Create Service Account: Check if Same SAN Exists within Other Service Account +func (s *Service) validateSanInput(ctx context.Context, service_account string, environment string, request_san []string, pattern *string) error { + var page_id = int32(1) + var page_size = int32(25) + var sans [][]string + + if len(service_account) == 0 { + return fmt.Errorf("invalid service_account parameter") + } + + if pattern == nil && len(request_san) == 0 { + return fmt.Errorf("subject_alternative_names and regular_expression cannot both be empty") + } + + if pattern != nil { + _, err := regexp.Compile(*pattern) + if err != nil { + return fmt.Errorf("invalid regular_expressing pattern") + } + } + + for _, fqdn := range request_san { + if !validator.IsValidateDomain(fqdn) { + return fmt.Errorf("invalid domain [%s]", fqdn) + } + } + + for { + arg := db.ListServiceAccountsParams{ + Limit: page_size, + Offset: (page_id - 1) * page_size, + } + services, err := s.store.Reader.ListServiceAccounts(ctx, arg) + if err != nil { + return fmt.Errorf("error listing service accounts during san validation") + } + if len(services) == 0 { + break + } + for _, elem := range services { + // Do Not Include Service Account with Same Name and Environment + if service_account == elem.ServiceAccount && environment == elem.Environment { + continue + } + sans = append(sans, elem.ValidSubjectAlternateName) + } + page_id += 1 + } + + for _, san := range sans { + for _, elem := range san { + if validator.Contains(request_san, elem) { + return fmt.Errorf("subject alternative name (san) %s exists in another service account", request_san) + } + } + } + + return nil +} + +func (s *Service) validateCertificateParameters(certificateAuthorities []string, environment string, certificateValidity int16, subordinateCa string) error { + if _, ok := validator.CertificateAuthorityEnvironments[environment]; !ok { + return fmt.Errorf("invalid environment [%s]", environment) + } + + // Determine Allowed CA within Environment (Service Account Cannot Access CA from Multiple Environments) + if output := validator.ValidateCertificateAuthorityEnvironment(s.environment, environment, certificateAuthorities); !output { + return fmt.Errorf("invalid certificate authorities input %s", certificateAuthorities) + } + + if len(subordinateCa) == 0 { + return fmt.Errorf("invalid subordinate_ca parameter") + } + + // Determine Certificate Validity Greater than CA Validity + if certificateValidity <= 0 { + return fmt.Errorf("invalid certificate_validity parameter") + } + + for _, certificateAuthority := range certificateAuthorities { + caValidity := s.acmConfig[certificateAuthority].CaActiveDay + if caValidity <= int(certificateValidity) { + return fmt.Errorf("certificate expiration [%d] exceeds certificate authority [%s] validity [%d]", certificateValidity, certificateAuthority, caValidity) + } + } + + return nil +} + +func validateNodeAttestation(attestation *apiv1.NodeAttestation) error { + if attestation == nil { + return fmt.Errorf("node_attestation cannot be empty") + } + + if attestation.AwsIid == nil { + return fmt.Errorf("aws_iid cannot be empty") + } + + if err := validateAwsIidMetadata(attestation.AwsIid); err != nil { + return err + } + + return nil +} + +func validateAwsIidMetadata(iid *apiv1.AWSInstanceIdentityDocument) error { + var err bool + var validAttestation = false + + if iid.RoleArn != "" { + err = validateRegularExpression(iid.RoleArn, _role_regex_pattern) + if err { + return fmt.Errorf("invalid aws_iid instance role arn [%s]", iid.RoleArn) + } + validAttestation = true + } + + if iid.AssumeRole != "" { + err = validateRegularExpression(iid.AssumeRole, _role_regex_pattern) + if err { + return fmt.Errorf("invalid aws_iid assume role arn [%s]", iid.AssumeRole) + } + validAttestation = true + } + + if len(iid.SecurityGroups) != 0 { + for _, sg := range iid.SecurityGroups { + err = validateRegularExpression(sg, _sg_regex_pattern) + if err { + return fmt.Errorf("invalid aws_iid security group id [%s]", sg) + } + } + validAttestation = true + } + + if iid.Region != "" { + validRegion := validAWSRegion(iid.Region) + if !validRegion { + return fmt.Errorf("invalid aws_iid region [%s]", iid.Region) + } + validAttestation = true + } + + if iid.InstanceId != "" { + err = validateRegularExpression(iid.InstanceId, _instance_id_pattern) + if err { + return fmt.Errorf("invalid aws_iid instance id [%s]", iid.InstanceId) + } + validAttestation = true + } + + if !validAttestation { + return fmt.Errorf("aws_iid attestation empty") + } + + return nil +} + +func validateRegularExpression(input string, pattern string) bool { + regex, err := regexp.Compile(pattern) + if err != nil { + return true + } + + if regex.MatchString(input) { + return false + } + return true +} + +func validAWSRegion(region string) bool { + validRegions := map[string]bool{ + "us-east-1": true, + "us-east-2": true, + "us-west-1": true, + "us-west-2": true, + "af-south-1": true, + "ap-east-1": true, + "ap-south-1": true, + "ap-northeast-3": true, + "ap-northeast-2": true, + "ap-southeast-1": true, + "ap-southeast-2": true, + "ap-northeast-1": true, + "ca-central-1": true, + "eu-central-1": true, + "eu-west-1": true, + "eu-west-2": true, + "eu-south-1": true, + "eu-west-3": true, + "eu-north-1": true, + "me-south-1": true, + "sa-east-1": true, + } + _, isValid := validRegions[region] + return isValid +} diff --git a/internal/v1/certificate/certificate.go b/internal/v1/certificate/certificate.go new file mode 100644 index 0000000..8f92321 --- /dev/null +++ b/internal/v1/certificate/certificate.go @@ -0,0 +1,45 @@ +package certificate + +import ( + "fmt" + + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + acm_pca "github.com/coinbase/baseca/internal/client/acmpca" + "github.com/coinbase/baseca/internal/client/firehose" + "github.com/coinbase/baseca/internal/client/redis" + "github.com/coinbase/baseca/internal/config" +) + +type Certificate struct { + apiv1.CertificateServer + store db.DatabaseEndpoints + acmConfig map[string]config.SubordinateCertificate + ca config.SubordinateCertificateAuthority + ocsp []string + environment config.Environment + redis *redis.RedisClient + firehose *firehose.FirehoseClient + pca *acm_pca.PrivateCaClient +} + +func New(cfg *config.Config, endpoints db.DatabaseEndpoints) (*Certificate, error) { + redisClient, err := redis.NewRedisClient(cfg) + if err != nil { + return nil, err + } + firehoseClient, err := firehose.NewFirehoseClient(cfg) + if err != nil { + return nil, fmt.Errorf("error instantiating firehose client [%s]", err) + } + + return &Certificate{ + store: endpoints, + acmConfig: cfg.ACMPCA, + ca: cfg.SubordinateMetadata, + ocsp: cfg.OCSPServer, + environment: cfg.Environment, + redis: redisClient, + firehose: firehoseClient, + }, nil +} diff --git a/internal/v1/certificate/certificate_test.go b/internal/v1/certificate/certificate_test.go new file mode 100644 index 0000000..d260ca5 --- /dev/null +++ b/internal/v1/certificate/certificate_test.go @@ -0,0 +1,205 @@ +package certificate + +import ( + "context" + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "crypto/x509" + "crypto/x509/pkix" + "encoding/pem" + "math/big" + "time" + + "github.com/aws/aws-sdk-go-v2/service/acmpca" + firehose_v2 "github.com/aws/aws-sdk-go-v2/service/firehose" + "github.com/aws/aws-sdk-go/aws" + mock_store "github.com/coinbase/baseca/db/mock" + db "github.com/coinbase/baseca/db/sqlc" + acm_pca "github.com/coinbase/baseca/internal/client/acmpca" + "github.com/coinbase/baseca/internal/client/firehose" + redis_client "github.com/coinbase/baseca/internal/client/redis" + "github.com/coinbase/baseca/internal/validator" + "github.com/coinbase/baseca/test" + "github.com/go-redis/redis/v8" + "github.com/stretchr/testify/mock" +) + +var csr *acmpca.IssueCertificateInput +var rootCrt string + +var pk *ecdsa.PrivateKey +var root []byte +var template *x509.Certificate + +type mockedRedisClient struct { + mock.Mock +} + +func (m *mockedRedisClient) HIncrBy(ctx context.Context, key, field string, incr int64) *redis.IntCmd { + ret := m.Called(ctx, key, field, incr) + return ret.Get(0).(*redis.IntCmd) +} + +func (m *mockedRedisClient) HGetAll(ctx context.Context, key string) *redis.StringStringMapCmd { + ret := m.Called(ctx, key) + return ret.Get(0).(*redis.StringStringMapCmd) +} + +func (m *mockedRedisClient) HDel(ctx context.Context, key string, fields ...string) *redis.IntCmd { + ret := m.Called(ctx, key, fields) + return ret.Get(0).(*redis.IntCmd) +} + +func (m *mockedRedisClient) Expire(ctx context.Context, key string, expiration time.Duration) *redis.BoolCmd { + ret := m.Called(ctx, key, expiration) + return ret.Get(0).(*redis.BoolCmd) +} + +type mockedFirehoseClient struct { + mock.Mock +} + +func (m *mockedFirehoseClient) PutRecord(ctx context.Context, params *firehose_v2.PutRecordInput, optFns ...func(*firehose_v2.Options)) (*firehose_v2.PutRecordOutput, error) { + ret := m.Called(ctx, params) + return ret.Get(0).(*firehose_v2.PutRecordOutput), ret.Error(1) +} + +type mockedPrivateCaClient struct { + mock.Mock +} + +func (m *mockedPrivateCaClient) IssueCertificate(ctx context.Context, params *acmpca.IssueCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.IssueCertificateOutput, error) { + ret := m.Called(ctx, params, optFns) + return ret.Get(0).(*acmpca.IssueCertificateOutput), ret.Error(1) +} + +func (m *mockedPrivateCaClient) GetCertificate(ctx context.Context, params *acmpca.GetCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.GetCertificateOutput, error) { + certificate, _ := convertX509toString(root) + rootCrt = certificate.String() + + block, _ := pem.Decode(csr.Csr) + req, _ := x509.ParseCertificateRequest(block.Bytes) + + certTemplate := x509.Certificate{ + SerialNumber: big.NewInt(2), + Subject: req.Subject, + NotBefore: time.Now(), + NotAfter: time.Now().Add(60 * 24 * time.Hour), + KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment, + } + + certDER, _ := x509.CreateCertificate(rand.Reader, &certTemplate, template, req.PublicKey, pk) + cert, _ := convertX509toString(certDER) + c := cert.String() + crtOutput := &c + + certOutput := &acmpca.GetCertificateOutput{ + Certificate: crtOutput, + CertificateChain: crtOutput, + } + + return certOutput, nil +} + +func (m *mockedPrivateCaClient) RevokeCertificate(ctx context.Context, params *acmpca.RevokeCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.RevokeCertificateOutput, error) { + ret := m.Called(ctx, params, optFns) + return ret.Get(0).(*acmpca.RevokeCertificateOutput), ret.Error(1) +} + +func (m *mockedPrivateCaClient) GetCertificateAuthorityCertificate(ctx context.Context, params *acmpca.GetCertificateAuthorityCertificateInput, optFns ...func(*acmpca.Options)) (*acmpca.GetCertificateAuthorityCertificateOutput, error) { + ret := m.Called(ctx, params, optFns) + return ret.Get(0).(*acmpca.GetCertificateAuthorityCertificateOutput), ret.Error(1) +} + +func buildCertificateConfig(store *mock_store.MockStore) (*Certificate, error) { + config, err := test.GetTestConfigurationPath() + if err != nil { + return nil, err + } + + validator.SetBaseDirectory(config) + endpoints := db.DatabaseEndpoints{Writer: store, Reader: store} + + redisConfig := &config.Redis + mockRedis := &mockedRedisClient{} + + mockRedis.On("HIncrBy", mock.Anything, mock.Anything, mock.Anything, mock.Anything). + Return(redis.NewIntCmd(context.Background(), "example.coinbase.com", time.Now().UTC(), int64(10))) + + mockRedis.On("HGetAll", mock.Anything, mock.Anything). + Return(redis.NewStringStringMapCmd(context.Background(), map[string]string{"example.coinbase.com": time.Now().UTC().String()})) + + mockRedis.On("Expire") + mockRedis.On("HDel") + + redisClient := redis_client.RedisClient{ + Client: mockRedis, + Config: redisConfig, + Limit: redisConfig.RateLimit, + Period: time.Duration(redisConfig.Period) * time.Minute, + Window: time.Duration(redisConfig.Duration) * time.Minute, + } + + mockFirehose := &mockedFirehoseClient{} + mockFirehose.On("PutRecord", mock.Anything, mock.Anything, mock.Anything). + Return(&firehose_v2.PutRecordOutput{ + RecordId: aws.String(mock.Anything), + Encrypted: aws.Bool(true), + }, nil) + + firehoseClient := firehose.FirehoseClient{ + DataStream: config.Firehose.Stream, + Service: mockFirehose, + } + + mockPrivateCa := &mockedPrivateCaClient{} + mockPrivateCa.On("IssueCertificate", mock.Anything, mock.Anything, mock.Anything).Run(func(args mock.Arguments) { + certificateInput := args.Get(1) + csr, _ = certificateInput.(*acmpca.IssueCertificateInput) + }).Return(&acmpca.IssueCertificateOutput{ + CertificateArn: aws.String(mock.Anything), + }, nil) + + mockPrivateCa.On("GetCertificate", mock.Anything, mock.Anything, mock.Anything).Return(nil) + + mockPrivateCa.On("GetCertificateAuthorityCertificate", mock.Anything, mock.Anything, mock.Anything). + Return(&acmpca.GetCertificateAuthorityCertificateOutput{ + Certificate: &rootCrt, + CertificateChain: &rootCrt, + }, nil) + + privateCaClient := acm_pca.PrivateCaClient{ + Client: mockPrivateCa, + } + + pk, template, root = mockRootCertificateAuthority() + + return &Certificate{ + store: endpoints, + acmConfig: config.ACMPCA, + ca: config.SubordinateMetadata, + environment: config.Environment, + redis: &redisClient, + firehose: &firehoseClient, + pca: &privateCaClient, + }, nil +} + +func mockRootCertificateAuthority() (*ecdsa.PrivateKey, *x509.Certificate, []byte) { + rootKey, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + rootTemplate := x509.Certificate{ + SerialNumber: big.NewInt(1), + Subject: pkix.Name{ + Organization: []string{"Unit Test Root CA"}, + }, + NotBefore: time.Now(), + NotAfter: time.Now().Add(365 * 24 * time.Hour), + KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageCRLSign, + BasicConstraintsValid: true, + IsCA: true, + } + + rootCertDER, _ := x509.CreateCertificate(rand.Reader, &rootTemplate, &rootTemplate, &rootKey.PublicKey, rootKey) + return rootKey, &rootTemplate, rootCertDER +} diff --git a/internal/v1/certificate/operations.go b/internal/v1/certificate/operations.go new file mode 100644 index 0000000..ec1018a --- /dev/null +++ b/internal/v1/certificate/operations.go @@ -0,0 +1,178 @@ +package certificate + +import ( + "context" + "database/sql" + "errors" + "fmt" + "time" + + pca_types "github.com/aws/aws-sdk-go-v2/service/acmpca/types" + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + acm_pca "github.com/coinbase/baseca/internal/client/acmpca" + "github.com/coinbase/baseca/internal/logger" + "github.com/coinbase/baseca/internal/types" + "github.com/coinbase/baseca/internal/validator" + "github.com/gogo/status" + "google.golang.org/grpc/codes" + "google.golang.org/protobuf/types/known/timestamppb" +) + +var ( + _revocationReason = []string{ + "AFFILIATION_CHANGED", + "CESSATION_OF_OPERATION", + "A_A_COMPROMISE", + "PRIVILEGE_WITHDRAWN", + "SUPERSEDED", + "UNSPECIFIED", + "KEY_COMPROMISE", + "CERTIFICATE_AUTHORITY_COMPROMISE", + } + + _validTemplates = []string{ + "arn:aws:acm-pca:::template/CodeSigningCertificate/V1", + "arn:aws:acm-pca:::template/EndEntityClientAuthCertificate/V1", + "arn:aws:acm-pca:::template/EndEntityServerAuthCertificate/V1", + } +) + +func (c *Certificate) RevokeCertificate(ctx context.Context, req *apiv1.RevokeCertificateRequest) (*apiv1.RevokeCertificateResponse, error) { + var parameters types.CertificateParameters + var processed *pca_types.RequestAlreadyProcessedException + + if _, ok := ctx.Value(types.AuthorizationPayloadKey).(*authentication.Claims); !ok { + return nil, status.Error(codes.InvalidArgument, "authentication error") + } + uuid := ctx.Value(types.AuthorizationPayloadKey).(*authentication.Claims).Subject + + certificate, err := c.store.Reader.GetCertificate(ctx, req.SerialNumber) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + for _, ca := range c.acmConfig { + if ca.CaArn == certificate.CertificateAuthorityArn.String { + parameters = types.CertificateParameters{ + Region: ca.Region, + CaArn: ca.CaArn, + AssumeRole: ca.AssumeRole, + RoleArn: ca.RoleArn, + Validity: ca.CaActiveDay, + } + } + } + + // c.pca Mock Private CA + if c.pca == nil { + client, err := acm_pca.NewPrivateCaClient(parameters) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "acm pca client error"), err) + } + c.pca = client + } + + if !validator.Contains(_revocationReason, req.RevocationReason) { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid revocation"), fmt.Errorf("%s invalid revocation parameter", req.RevocationReason)) + } + _, err = c.pca.RevokeCertificate(certificate.CertificateAuthorityArn.String, certificate.SerialNumber, req.RevocationReason) + if err != nil { + if errors.As(err, &processed) { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "certificate already revoked"), err) + } + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + arg := db.RevokeIssuedCertificateSerialNumberParams{ + SerialNumber: req.SerialNumber, + RevokeDate: sql.NullTime{Time: time.Now().UTC(), Valid: true}, + RevokedBy: sql.NullString{String: uuid.String(), Valid: true}, + } + + err = c.store.Writer.RevokeIssuedCertificateSerialNumber(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return &apiv1.RevokeCertificateResponse{ + SerialNumber: req.SerialNumber, + RevocationDate: timestamppb.New(arg.RevokeDate.Time), + Status: req.RevocationReason, + }, nil +} + +func (c *Certificate) OperationsSignCSR(ctx context.Context, req *apiv1.OperationsSignRequest) (*apiv1.SignedCertificate, error) { + if err := c.validateCsrParameters(req); err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid certificate signing request (csr)"), err) + } + + if _, ok := types.CertificateRequestExtension[req.ExtendedKey]; !ok { + return nil, status.Error(codes.InvalidArgument, "invalid certificate extended key") + } + + parameters := types.CertificateParameters{ + Region: req.CertificateAuthority.Region, + CaArn: req.CertificateAuthority.CaArn, + AssumeRole: req.CertificateAuthority.AssumeRole, + RoleArn: req.CertificateAuthority.RoleArn, + Validity: int(req.CertificateAuthority.Validity), + } + + // c.pca Mock Private CA + if c.pca == nil { + client, err := acm_pca.NewPrivateCaClient(parameters) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid parameters for acm pca client"), err) + } + c.pca = client + } + + certificate, err := c.pca.IssueCertificateFromTemplate(req.CertificateAuthority, []byte(req.CertificateSigningRequest), types.CertificateRequestExtension[req.ExtendedKey].TemplateArn) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "error issuing certificate"), err) + } + + // Only Common Name (CN) Exists in CSR + if len(certificate.DNSNames) == 0 { + certificate.DNSNames = append(certificate.DNSNames, certificate.Subject.CommonName) + } + + arg := db.LogCertificateParams{ + SerialNumber: certificate.SerialNumber.Text(16), + Account: req.ServiceAccount, + Environment: req.Environment, + ExtendedKey: req.ExtendedKey, + CommonName: certificate.Subject.CommonName, + SubjectAlternativeName: certificate.DNSNames, + ExpirationDate: time.Now().UTC().AddDate(0, 0, int(req.CertificateAuthority.Validity)).UTC(), + IssuedDate: time.Now().UTC(), + CertificateAuthorityArn: sql.NullString{String: req.CertificateAuthority.CaArn, Valid: len(req.CertificateAuthority.CaArn) != 0}, + } + + metadata, err := c.store.Writer.LogCertificate(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + signedCertificate, err := convertX509toString(certificate.Raw) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return &apiv1.SignedCertificate{ + Certificate: signedCertificate.String(), + Metadata: &apiv1.CertificateParameter{ + SerialNumber: metadata.SerialNumber, + Account: metadata.Account, + Environment: metadata.Environment, + ExtendedKey: metadata.ExtendedKey, + CommonName: metadata.CommonName, + SubjectAlternativeName: metadata.SubjectAlternativeName, + ExpirationDate: timestamppb.New(metadata.ExpirationDate), + IssuedDate: timestamppb.New(metadata.IssuedDate), + CertificateAuthorityArn: metadata.CertificateAuthorityArn.String, + }, + }, nil +} diff --git a/internal/v1/certificate/operations_test.go b/internal/v1/certificate/operations_test.go new file mode 100644 index 0000000..ae01438 --- /dev/null +++ b/internal/v1/certificate/operations_test.go @@ -0,0 +1,69 @@ +package certificate + +import ( + "context" + "database/sql" + "testing" + "time" + + "github.com/coinbase/baseca/db/mock" + db "github.com/coinbase/baseca/db/sqlc" + "github.com/golang/mock/gomock" + "github.com/stretchr/testify/require" + + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" +) + +func TestGetCertificate(t *testing.T) { + serial_number := "4ff0501e-55b2-41e0-b5b2-1f1ff6224998" + cases := []struct { + name string + req *apiv1.CertificateSerialNumber + build func(store *mock.MockStore) + check func(t *testing.T, res *apiv1.CertificateParameter, err error) + }{ + { + name: "OK", + req: &apiv1.CertificateSerialNumber{ + SerialNumber: serial_number, + }, + build: func(store *mock.MockStore) { + resp := db.Certificate{ + SerialNumber: serial_number, + CommonName: "example.coinbase.com", + Account: "example", + Environment: "development", + ExtendedKey: "EndEntityServerAuthCertificate", + SubjectAlternativeName: []string{"example.coinbase.com"}, + ExpirationDate: time.Now(), + IssuedDate: time.Now().Add(24 * time.Hour), + Revoked: false, + CertificateAuthorityArn: sql.NullString{String: "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", Valid: true}, + } + + store.EXPECT().GetCertificate(gomock.Any(), serial_number).Times(1).Return(&resp, nil) + }, + check: func(t *testing.T, res *apiv1.CertificateParameter, err error) { + require.NoError(t, err) + }, + }, + } + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + tc.build(store) + + c, err := buildCertificateConfig(store) + require.NoError(t, err) + + res, err := c.GetCertificate(context.Background(), tc.req) + tc.check(t, res, err) + }) + } +} diff --git a/internal/v1/certificate/pca.go b/internal/v1/certificate/pca.go new file mode 100644 index 0000000..d1c93aa --- /dev/null +++ b/internal/v1/certificate/pca.go @@ -0,0 +1,120 @@ +package certificate + +import ( + "context" + "crypto/rand" + "crypto/x509" + "encoding/binary" + "fmt" + "math/big" + math_rand "math/rand" + "time" + + db "github.com/coinbase/baseca/db/sqlc" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/client/firehose" + "github.com/coinbase/baseca/internal/lib/crypto" + "github.com/coinbase/baseca/internal/types" +) + +func (c *Certificate) buildCertificateAuthorityParameters(certificate_authority string) types.CertificateParameters { + return types.CertificateParameters{ + Region: c.acmConfig[certificate_authority].Region, + CaArn: c.acmConfig[certificate_authority].CaArn, + AssumeRole: c.acmConfig[certificate_authority].AssumeRole, + RoleArn: c.acmConfig[certificate_authority].RoleArn, + Validity: c.acmConfig[certificate_authority].CaActiveDay, + RootCa: c.acmConfig[certificate_authority].RootCa, + } +} + +func (c *Certificate) issueEndEntityCertificate(auth *authentication.ServicePayload, ca_certificate *types.CertificateAuthority, request_csr *x509.CertificateRequest) (*db.CertificateResponseData, error) { + block := make([]byte, 20) + _, err := rand.Read(block[:]) + if err != nil { + return nil, err + } + math_rand.Seed(int64(binary.LittleEndian.Uint64(block[:]))) + + output := big.NewInt(0).SetBytes(block) + issuedDate := time.Now().UTC() + + expirationDate := time.Now().UTC().AddDate(0, 0, int(auth.CertificateValidity)).UTC() + if expirationDate.Before(time.Now().UTC().Add(time.Minute).UTC()) { + return nil, err + } + + certificateTemplate := x509.Certificate{ + DNSNames: request_csr.DNSNames, + Signature: request_csr.Signature, + SignatureAlgorithm: request_csr.SignatureAlgorithm, + PublicKeyAlgorithm: request_csr.PublicKeyAlgorithm, + PublicKey: request_csr.PublicKey, + SerialNumber: output, + Issuer: ca_certificate.Certificate.Subject, + Subject: request_csr.Subject, + NotBefore: issuedDate, + NotAfter: expirationDate, + KeyUsage: types.CertificateRequestExtension[auth.ExtendedKey].KeyUsage, + ExtKeyUsage: types.CertificateRequestExtension[auth.ExtendedKey].ExtendedKeyUsage, + } + + if len(c.ocsp) != 0 { + certificateTemplate.OCSPServer = c.ocsp + } + + certificateAuthorityRaw := ca_certificate.Certificate.Raw + pk, err := crypto.ReturnPrivateKey(*ca_certificate.AsymmetricKey) + if err != nil { + return nil, err + } + certificateRaw, err := x509.CreateCertificate(rand.Reader, &certificateTemplate, ca_certificate.Certificate, request_csr.PublicKey, pk) + if err != nil { + return nil, err + } + + leafCertificate, err := x509.ParseCertificate(certificateRaw) + if err != nil { + return nil, fmt.Errorf("error parsing leaf certificate data") + } + + intermediate_ca := fmt.Sprintf("%s_%s", auth.SubordinateCa, auth.Environment) + certificate, chained_certificate, err := crypto.BuildCertificateChain(intermediate_ca, certificateRaw, certificateAuthorityRaw) + if err != nil { + return nil, err + } + + certificate_data := types.CertificateMetadata{ + // Serial Number: Convert Base 10 *bit.Int output to Base 16: + SerialNumber: leafCertificate.SerialNumber.Text(16), + CommonName: request_csr.Subject.CommonName, + SubjectAlternativeName: request_csr.DNSNames, + ExpirationDate: expirationDate, + IssuedDate: issuedDate, + CaSerialNumber: ca_certificate.SerialNumber, + CertificateAuthorityArn: ca_certificate.CertificateAuthorityArn, + } + + event := firehose.ForwardedEventUploadEvent{ + SerialNumber: leafCertificate.SerialNumber.Text(16), + Metadata: firehose.Metadata{ + CommonName: certificate_data.CommonName, + SubjectAlternateName: certificate_data.SubjectAlternativeName, + CertificateExpiration: certificate_data.ExpirationDate, + IssuedDate: certificate_data.IssuedDate, + CaSerialNumber: certificate_data.CaSerialNumber, + CertificateAuthorityArn: certificate_data.CertificateAuthorityArn, + }, + } + + _, err = c.firehose.Stream(context.Background(), event) + if err != nil { + return nil, err + } + + return &db.CertificateResponseData{ + Certificate: certificate.String(), + CertificateChain: chained_certificate.String(), + Metadata: certificate_data, + }, nil +} diff --git a/internal/v1/certificate/query.go b/internal/v1/certificate/query.go new file mode 100644 index 0000000..9c89b32 --- /dev/null +++ b/internal/v1/certificate/query.go @@ -0,0 +1,69 @@ +package certificate + +import ( + "context" + + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/logger" + "github.com/gogo/status" + "google.golang.org/grpc/codes" + "google.golang.org/protobuf/types/known/timestamppb" +) + +func (c *Certificate) GetCertificate(ctx context.Context, req *apiv1.CertificateSerialNumber) (*apiv1.CertificateParameter, error) { + certificate, err := c.store.Reader.GetCertificate(ctx, req.SerialNumber) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "certificate not found"), err) + } + return &apiv1.CertificateParameter{ + SerialNumber: certificate.SerialNumber, + Account: certificate.Account, + Environment: certificate.Environment, + ExtendedKey: certificate.ExtendedKey, + CommonName: certificate.CommonName, + SubjectAlternativeName: certificate.SubjectAlternativeName, + ExpirationDate: timestamppb.New(certificate.ExpirationDate), + IssuedDate: timestamppb.New(certificate.IssuedDate), + Revoked: certificate.Revoked, + RevokedBy: certificate.RevokedBy.String, + RevokeDate: timestamppb.New(certificate.RevokeDate.Time), + CertificateAuthorityArn: certificate.CertificateAuthorityArn.String, + }, nil +} + +func (c *Certificate) ListCertificates(ctx context.Context, req *apiv1.ListCertificatesRequest) (*apiv1.CertificatesParameter, error) { + var pbCertificates apiv1.CertificatesParameter + + if len(req.CommonName) == 0 { + return nil, status.Error(codes.InvalidArgument, "missing common name (cn)") + } + + arg := db.ListCertificateSubjectAlternativeNameParams{ + CommonName: req.CommonName, + Limit: req.PageSize, + Offset: (req.PageId - 1) * req.PageSize, + } + + certificates, err := c.store.Reader.ListCertificateSubjectAlternativeName(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + for _, certificate := range certificates { + pbCertificates.Certificates = append(pbCertificates.Certificates, &apiv1.CertificateParameter{ + SerialNumber: certificate.SerialNumber, + Account: certificate.Account, + Environment: certificate.Environment, + ExtendedKey: certificate.ExtendedKey, + CommonName: certificate.CommonName, + SubjectAlternativeName: certificate.SubjectAlternativeName, + ExpirationDate: timestamppb.New(certificate.ExpirationDate), + IssuedDate: timestamppb.New(certificate.IssuedDate), + Revoked: certificate.Revoked, + RevokedBy: certificate.RevokedBy.String, + RevokeDate: timestamppb.New(certificate.RevokeDate.Time), + CertificateAuthorityArn: certificate.CertificateAuthorityArn.String}) + } + return &pbCertificates, nil +} diff --git a/internal/v1/certificate/sign.go b/internal/v1/certificate/sign.go new file mode 100644 index 0000000..572c610 --- /dev/null +++ b/internal/v1/certificate/sign.go @@ -0,0 +1,249 @@ +package certificate + +import ( + "bytes" + "context" + "crypto/x509" + "encoding/pem" + "errors" + "fmt" + + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + acm_pca "github.com/coinbase/baseca/internal/client/acmpca" + "github.com/coinbase/baseca/internal/config" + "github.com/coinbase/baseca/internal/lib/crypto" + "github.com/coinbase/baseca/internal/lib/util" + "github.com/coinbase/baseca/internal/logger" + "github.com/coinbase/baseca/internal/types" + "github.com/coinbase/baseca/internal/validator" + "github.com/gogo/status" + "google.golang.org/grpc/codes" + "google.golang.org/protobuf/types/known/timestamppb" +) + +func (c *Certificate) SignCSR(ctx context.Context, req *apiv1.CertificateSigningRequest) (*apiv1.SignedCertificate, error) { + var service *authentication.ServicePayload + var ok bool + + if service, ok = ctx.Value(types.ClientAuthorizationPayload).(*authentication.ServicePayload); !ok { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), fmt.Errorf("service payload malformatted: %+v", service)) + } + + csrPem, _ := pem.Decode([]byte(req.CertificateSigningRequest)) + if csrPem == nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "certificate signing request (csr) invalid format"), fmt.Errorf("error decoding certificate signing request (csr): %+v", service)) + } + + csr, err := x509.ParseCertificateRequest(csrPem.Bytes) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "certificate signing request (csr) invalid format"), err) + } + + if c.redis.Limit != 0 { + err = c.rateLimit(ctx, csr) + if err != nil { + return nil, logger.RpcError(status.Error(codes.ResourceExhausted, "rate limit exceeded"), err) + } + } + + err = c.validateCertificateRequestParameters(csr, *service) + if err != nil { + return nil, err + } + + certificate, err := c.requestCertificate(ctx, service, csr) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, fmt.Sprintf("error signing certificate request %s", err.Error())), err) + } + + return &apiv1.SignedCertificate{ + Certificate: certificate.Certificate, + CertificateChain: certificate.CertificateChain, + Metadata: &apiv1.CertificateParameter{ + SerialNumber: certificate.Metadata.SerialNumber, + CommonName: certificate.Metadata.CommonName, + SubjectAlternativeName: certificate.Metadata.SubjectAlternativeName, + ExpirationDate: timestamppb.New(certificate.Metadata.ExpirationDate), + IssuedDate: timestamppb.New(certificate.Metadata.IssuedDate), + Revoked: certificate.Metadata.Revoked, + RevokedBy: certificate.Metadata.RevokedBy, + RevokeDate: timestamppb.New(certificate.Metadata.RevokeDate), + CertificateAuthorityArn: certificate.Metadata.CertificateAuthorityArn, + }, + }, nil +} + +func (c *Certificate) requestCertificate(ctx context.Context, authPayload *authentication.ServicePayload, certificateRequest *x509.CertificateRequest) (*db.CertificateResponseData, error) { + var subordinate *types.CertificateAuthority + var parameters types.CertificateRequest + var csr *bytes.Buffer + var err error + + intermediateCa := fmt.Sprintf("%s_%s", authPayload.SubordinateCa, authPayload.Environment) + + err = checkLockfile(intermediateCa) + if err != nil { + return nil, err + } + + subordinate, err = loadSubordinateCaParameters(intermediateCa, authPayload) + if err != nil { + err = createServiceDirectory(intermediateCa) + if err != nil { + return nil, err + } + + err = util.GenerateLockfile(intermediateCa) + if err != nil { + return nil, err + } + + signingAlgorithm, ok := types.ValidSignatures[c.ca.SigningAlgorithm] + if !ok { + return nil, fmt.Errorf("invalid signing algorithm: %s", c.ca.SigningAlgorithm) + } + + parameters = types.CertificateRequest{ + CommonName: intermediateCa, + SubjectAlternateNames: []string{intermediateCa}, + SigningAlgorithm: signingAlgorithm.Common, + PublicKeyAlgorithm: types.ValidAlgorithms[c.ca.KeyAlgorithm].Algorithm, + KeySize: c.ca.KeySize, + DistinguishedName: types.DistinguishedName{ + Country: []string{c.ca.Country}, + Province: []string{c.ca.Province}, + Locality: []string{c.ca.Locality}, + Organization: []string{c.ca.Organization}, + OrganizationalUnit: []string{c.ca.OrganizationUnit}, + }, + } + + signingRequest, err := crypto.GenerateCSR(parameters) + if err != nil { + return nil, err + } + + key, err := x509.ParsePKCS1PrivateKey(signingRequest.PrivateKey.Bytes) + if err != nil { + return nil, errors.New("error parsing pkcs1 rsa private key") + } + + pk := crypto.RSA{PrivateKey: key, PublicKey: &key.PublicKey} + err = crypto.WriteKeyToFile(intermediateCa, &pk) + if err != nil { + return nil, err + } + + csr = signingRequest.CSR + + // Issue Subordinate CA + err = c.issueSubordinate(authPayload, csr, intermediateCa) + if err != nil { + return nil, fmt.Errorf("error generating subordinate ca [%s]: %s", intermediateCa, err) + } + err = util.RemoveLockfile(intermediateCa) + if err != nil { + return nil, err + } + + subordinate, err = loadSubordinateCaParameters(intermediateCa, authPayload) + if err != nil { + return nil, err + } + + certificate, err := c.issueEndEntityCertificate(authPayload, subordinate, certificateRequest) + if err != nil { + return nil, fmt.Errorf("error issuing end entity certificate: %s", err) + } else { + return certificate, nil + } + } else { + // Issue End Entity Certificate + certificate, err := c.issueEndEntityCertificate(authPayload, subordinate, certificateRequest) + if err != nil { + return nil, fmt.Errorf("error issuing end entity certificate: %s", err) + } else { + return certificate, nil + } + } +} + +func (c *Certificate) validateCertificateRequestParameters(csr *x509.CertificateRequest, auth authentication.ServicePayload) error { + if err := csr.CheckSignature(); err != nil { + return logger.RpcError(status.Error(codes.InvalidArgument, "invalid signature for certificate signing request (csr)"), err) + } + + if len(csr.Subject.CommonName) == 0 { + return logger.RpcError(status.Error(codes.InvalidArgument, "common name (cn) missing from certificate signing request (csr)"), fmt.Errorf("%s", csr.Subject)) + } + + subjectAlternativeNames := append(csr.DNSNames, csr.Subject.CommonName) + err := validator.ValidateSubjectAlternateNames(subjectAlternativeNames, auth.ValidSubjectAlternateName, auth.SANRegularExpression) + if err != nil { + return logger.RpcError(status.Error(codes.InvalidArgument, "invalid subject alternative name(s) in certificate signing request (csr)"), err) + } + + for _, certificate_authority := range auth.ValidCertificateAuthorities { + if (c.acmConfig[certificate_authority] == config.SubordinateCertificate{}) { + return logger.RpcError(status.Error(codes.InvalidArgument, "invalid certificate authority (ca)"), fmt.Errorf("certificate authority: %s", certificate_authority)) + } + } + return nil +} + +func (c *Certificate) rateLimit(ctx context.Context, certificateRequest *x509.CertificateRequest) error { + mapping := make(map[string]bool) + mapping[certificateRequest.Subject.CommonName] = true + for _, fqdn := range certificateRequest.DNSNames { + mapping[fqdn] = true + } + + for domain := range mapping { + err := c.redis.Increment(ctx, domain, 1) + if err != nil { + return err + } + } + return nil +} + +func (c *Certificate) issueSubordinate(auth *authentication.ServicePayload, certificate_signing_request *bytes.Buffer, service_name string) error { + var ca_certificate *x509.Certificate + var err error + + // Handle Multi-Region Failover + for _, ca := range auth.ValidCertificateAuthorities { + ca_parameters := c.buildCertificateAuthorityParameters(ca) + + // c.pca Mock Private CA + if c.pca == nil { + client, err := acm_pca.NewPrivateCaClient(ca_parameters) + if err != nil { + return err + } + c.pca = client + } + + ca_certificate, err = c.pca.IssueSubordinateCertificate(ca_parameters, c.ca.SigningAlgorithm, certificate_signing_request.Bytes()) + if err != nil { + logger.DefaultLogger.Error(err.Error()) + + // Build ACM Client for Other Regions + continue + } + + certificate_chain, err := c.pca.GetSubordinateCAChain(ca_parameters.CaArn) + if err != nil { + return err + } + + err = crypto.WriteSubordinateCaParameters(service_name, ca_certificate, ca_parameters, certificate_chain) + if err != nil { + return err + } + return nil + } + return nil +} diff --git a/internal/v1/certificate/sign_test.go b/internal/v1/certificate/sign_test.go new file mode 100644 index 0000000..96a0882 --- /dev/null +++ b/internal/v1/certificate/sign_test.go @@ -0,0 +1,80 @@ +package certificate + +import ( + "context" + "crypto/x509" + "fmt" + "testing" + + "github.com/coinbase/baseca/db/mock" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + baseca "github.com/coinbase/baseca/pkg/client" + "github.com/golang/mock/gomock" + "github.com/google/uuid" + "github.com/stretchr/testify/require" +) + +const ( + _client_header = "client_authorization_payload" +) + +func TestSignCSR(t *testing.T) { + cases := []struct { + name string + req func() *apiv1.CertificateSigningRequest + build func(store *mock.MockStore) + check func(t *testing.T, res *apiv1.SignedCertificate, err error) + }{ + { + name: "OK", + req: func() *apiv1.CertificateSigningRequest { + req := baseca.CertificateRequest{ + CommonName: "example.coinbase.com", + SubjectAlternateNames: []string{"example.coinbase.com"}, + SigningAlgorithm: x509.SHA512WithRSA, + PublicKeyAlgorithm: x509.RSA, + KeySize: 4096, + } + + csr, _ := baseca.GenerateCSR(req) + return &apiv1.CertificateSigningRequest{ + CertificateSigningRequest: csr.CSR.String(), + } + }, + build: func(store *mock.MockStore) {}, + check: func(t *testing.T, res *apiv1.SignedCertificate, err error) { + require.NoError(t, err) + }}, + } + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + tc.build(store) + + c, err := buildCertificateConfig(store) + require.NoError(t, err) + + ctx := context.WithValue(context.Background(), _client_header, &authentication.ServicePayload{ + ServiceID: uuid.New(), + ServiceAccount: "example", + Environment: "development", + ValidSubjectAlternateName: []string{"example.coinbase.com"}, + ValidCertificateAuthorities: []string{"sandbox_use1"}, + CertificateValidity: int16(30), + ExtendedKey: "EndEntityServerAuthCertificate", + }) + + req := tc.req() + res, err := c.SignCSR(ctx, req) + fmt.Println(err) + tc.check(t, res, err) + }) + } +} diff --git a/internal/v1/certificate/validate.go b/internal/v1/certificate/validate.go new file mode 100644 index 0000000..fef3a82 --- /dev/null +++ b/internal/v1/certificate/validate.go @@ -0,0 +1,145 @@ +package certificate + +import ( + "bytes" + "crypto/tls" + "crypto/x509" + "encoding/pem" + "errors" + "fmt" + "os" + "path/filepath" + "time" + + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/config" + "github.com/coinbase/baseca/internal/lib/crypto" + "github.com/coinbase/baseca/internal/lib/util" + "github.com/coinbase/baseca/internal/types" + "github.com/coinbase/baseca/internal/validator" +) + +const ( + _lockfile_duration = 30 * time.Second +) + +func createServiceDirectory(serviceId string) error { + directoryPath := filepath.Join(types.SubordinatePath, serviceId) + + if _, err := os.Stat(directoryPath); os.IsNotExist(err) { + err := os.MkdirAll(directoryPath, os.ModePerm) + if err != nil { + return fmt.Errorf("error creating service directory [%s], %s", serviceId, err) + } + } + return nil +} + +func checkLockfile(serviceId string) error { + lockfilePath := fmt.Sprintf("%s/%s/%s.lock", types.SubordinatePath, serviceId, serviceId) + + // Clean Stuck Lockfile + if _, err := os.OpenFile(filepath.Clean(lockfilePath), os.O_RDONLY, 0400); err == nil { + lockfile_stats, _ := os.Stat(lockfilePath) + lockfile_creation := lockfile_stats.ModTime().UTC() + if lockfile_creation.Add(_lockfile_duration).UTC().Before(time.Now().UTC()) { + err = os.Remove(filepath.Clean(lockfilePath)) + if err != nil { + return fmt.Errorf("error during lockfile creation %s", err) + } + } + } + + err := util.LockfileBackoff(lockfilePath) + if err != nil { + return fmt.Errorf("error during lockfile backoff %s", err) + } + return nil +} + +// Check if Subordinate Certificate Exists for Service +func loadSubordinateCaParameters(service string, auth *authentication.ServicePayload) (*types.CertificateAuthority, error) { + x509_metadata, err := crypto.GetSubordinateCaParameters(service) + if err != nil { + return nil, err + } + + if !validateSubordinateExpiration(auth.CertificateValidity, x509_metadata) { + return nil, errors.New("certificate expiration exceeds subordinate ca expiration") + } + + certificate_path, key_path, err := crypto.GetSubordinateCaPath(service) + if err != nil { + return nil, err + } + + // Validate Non-Mismatch Between Private Key and Certificate + _, err = tls.LoadX509KeyPair(*certificate_path, *key_path) + if err != nil { + return nil, err + } + return x509_metadata, nil +} + +func validateSubordinateExpiration(certificate_validity int16, x509_metadata *types.CertificateAuthority) bool { + certificate_expiration := x509_metadata.Certificate.NotAfter + // Subordinate CA Expires Before End-Entity Certificate (Requires Re-Issuance of Subordinate) + return !certificate_expiration.Before(time.Now().UTC().AddDate(0, 0, int(certificate_validity)).UTC()) +} + +func (c *Certificate) validateCsrParameters(parameters *apiv1.OperationsSignRequest) error { + csrBlock, _ := pem.Decode([]byte(parameters.CertificateSigningRequest)) + if csrBlock == nil { + return fmt.Errorf("certificate signing request (csr) could not be decoded") + } + + request, err := x509.ParseCertificateRequest(csrBlock.Bytes) + if err != nil { + return fmt.Errorf("certificate signing request (csr) invalid format") + } + + dns := request.DNSNames + for _, domain := range dns { + if !validator.IsValidateDomain(domain) { + return fmt.Errorf("%s is not a supported domain", domain) + } + } + + expirationDate := time.Now().UTC().AddDate(0, 0, int(parameters.CertificateAuthority.Validity)).UTC() + if expirationDate.Before(time.Now().UTC().Add(time.Minute).UTC()) { + return fmt.Errorf("certificate expiration before current time utc") + } + return nil +} + +func convertX509toString(certificate []byte) (*bytes.Buffer, error) { + buffer := new(bytes.Buffer) + err := pem.Encode(buffer, &pem.Block{Type: "CERTIFICATE", Bytes: certificate}) + if err != nil { + return nil, fmt.Errorf("error encoding x509 certificate: %s", err) + } + return buffer, nil +} + +func ValidateSubordinateParameters(parameter config.SubordinateCertificateAuthority) error { + switch parameter.KeyAlgorithm { + case "RSA": + if _, ok := types.ValidAlgorithms[parameter.KeyAlgorithm].KeySize[parameter.KeySize]; !ok { + return fmt.Errorf("invalid rsa key size: %d", parameter.KeySize) + } + if _, ok := types.ValidAlgorithms[parameter.KeyAlgorithm].Signature[parameter.SigningAlgorithm]; !ok { + return fmt.Errorf("invalid rsa signing algorithm: %s", parameter.SigningAlgorithm) + } + case "ECDSA": + if _, ok := types.ValidAlgorithms[parameter.KeyAlgorithm].KeySize[parameter.KeySize]; !ok { + return fmt.Errorf("invalid ecdsa key size: %d", parameter.KeySize) + } + if _, ok := types.ValidAlgorithms[parameter.KeyAlgorithm].Signature[parameter.SigningAlgorithm]; !ok { + return fmt.Errorf("invalid ecdsa signing algorithm: %s", parameter.SigningAlgorithm) + } + default: + return fmt.Errorf("public key algorithm not supported: %s", parameter.KeyAlgorithm) + } + return nil +} diff --git a/internal/v1/health/health.go b/internal/v1/health/health.go new file mode 100644 index 0000000..677b356 --- /dev/null +++ b/internal/v1/health/health.go @@ -0,0 +1,48 @@ +package health + +import ( + "sync" + + "github.com/gogo/status" + "golang.org/x/net/context" + "google.golang.org/grpc/codes" + healthpb "google.golang.org/grpc/health/grpc_health_v1" +) + +type HealthServer struct { + healthpb.HealthServer + mu sync.Mutex + // statusMap stores the serving status of the services this HealthServer monitors. + statusMap map[string]healthpb.HealthCheckResponse_ServingStatus +} + +func NewHealthServer() *HealthServer { + return &HealthServer{ + statusMap: make(map[string]healthpb.HealthCheckResponse_ServingStatus), + } +} + +func (s *HealthServer) Check(ctx context.Context, in *healthpb.HealthCheckRequest) (*healthpb.HealthCheckResponse, error) { + s.mu.Lock() + defer s.mu.Unlock() + if in.Service == "" { + // check the server overall health status. + return &healthpb.HealthCheckResponse{ + Status: healthpb.HealthCheckResponse_SERVING, + }, nil + } + if status, ok := s.statusMap[in.Service]; ok { + return &healthpb.HealthCheckResponse{ + Status: status, + }, nil + } + return nil, status.Errorf(codes.NotFound, "unknown service") +} + +// SetServingStatus is called when need to reset the serving status of a service +// or insert a new service entry into the statusMap. +func (s *HealthServer) SetServingStatus(service string, status healthpb.HealthCheckResponse_ServingStatus) { + s.mu.Lock() + s.statusMap[service] = status + s.mu.Unlock() +} diff --git a/internal/v1/middleware/authentication.go b/internal/v1/middleware/authentication.go new file mode 100644 index 0000000..82db5c9 --- /dev/null +++ b/internal/v1/middleware/authentication.go @@ -0,0 +1,201 @@ +package middleware + +import ( + "context" + "encoding/json" + "fmt" + "strings" + + db "github.com/coinbase/baseca/db/sqlc" + "github.com/coinbase/baseca/internal/attestor/aws_iid" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/logger" + "github.com/coinbase/baseca/internal/types" + "github.com/coinbase/baseca/internal/validator" + "github.com/gogo/status" + "github.com/google/uuid" + "google.golang.org/grpc" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/metadata" +) + +const ( + _pass_auth = "pass_authentication" + _service_auth = "service_authentication" + _provisioner_auth = "provisioner_authentication" +) + +func (m *Middleware) ServerAuthenticationInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) { + var auth string + var ok bool + + methods := map[string]string{ + "/grpc.health.v1.Health/Check": _pass_auth, + "/baseca.v1.Account/LoginUser": _pass_auth, + "/baseca.v1.Account/UpdateUserCredentials": _pass_auth, + "/baseca.v1.Certificate/SignCSR": _service_auth, + "/baseca.v1.Certificate/OperationsSignCSR": _provisioner_auth, + "/baseca.v1.Service/ProvisionServiceAccount": _provisioner_auth, + "/baseca.v1.Accounts/CreateUser": _pass_auth, // Temporarily Bypass Authentication + } + + if auth, ok = methods[info.FullMethod]; !ok { + md, ok := metadata.FromIncomingContext(ctx) + if !ok { + return nil, status.Errorf(codes.Internal, "failed to retrieve metadata from context") + } + + authorizationHeader, ok := md[authorizationHeaderKey] + if !ok || len(authorizationHeader) == 0 { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), fmt.Errorf("request header empty: %s", authorizationHeaderKey)) + } + + if len(authorizationHeader) != 0 { + fields := strings.Fields(authorizationHeader[0]) + if len(fields) < 2 { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), fmt.Errorf("authorization header not provided")) + } + + authorizationType := strings.ToLower(fields[0]) + if authorizationType != authorizationTypeBearer { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), fmt.Errorf("authorization header not provided")) + } + + accessToken := fields[1] + payload, err := m.auth.Verify(ctx, accessToken) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), err) + } + + userPermission := payload.Permission + ok, err := m.enforcer.Enforce(userPermission, info.FullMethod) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), err) + } + if !ok { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), fmt.Errorf("invalid permission error %s", userPermission)) + } + + ctx = context.WithValue(ctx, types.AuthorizationPayloadKey, payload) + } + } else if auth == _service_auth { + service, err := m.AuthenticateServiceAccount(ctx) + if err != nil { + return nil, err + } + + ctx = context.WithValue(ctx, types.ClientAuthorizationPayload, service) + } else if auth == _provisioner_auth { + service, err := m.AuthenticateServiceAccount(ctx) + if err != nil { + return nil, err + } + + ctx = context.WithValue(ctx, types.ClientAuthorizationPayload, service) + } + return handler(ctx, req) +} + +func (m *Middleware) AuthenticateServiceAccount(ctx context.Context) (*authentication.ServicePayload, error) { + md, ok := metadata.FromIncomingContext(ctx) + if !ok { + return nil, status.Errorf(codes.Internal, "failed to retrieve metadata from context") + } + + clientIdAuthorizationHeader, ok := md[clientIdAuthorizationHeaderKey] + if !ok { + return nil, status.Errorf(codes.InvalidArgument, "authorization header not provided") + } + + clientTokenAuthorizationHeader, ok := md[clientTokenAuthorizationHeaderKey] + if !ok { + return nil, status.Errorf(codes.InvalidArgument, "authorization header not provided") + } + + client_uuid, err := uuid.Parse(clientIdAuthorizationHeader[0]) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, "invalid authorization header") + } + + cachedServiceAccount, err := m.authenticationCache(ctx, client_uuid) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + account := cachedServiceAccount.ServiceAccount + if err := authentication.CheckPassword(clientTokenAuthorizationHeader[0], account.ApiToken); err != nil { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication error"), err) + } + + for _, node_attestation := range account.NodeAttestation { + clientIdentityDocumentHeader, ok := md[clientIdentityDocumentHeaderKey] + if !ok { + return nil, status.Errorf(codes.InvalidArgument, "authorization header not provided") + } + + switch node_attestation { + case "AWS_IID": + // Compare Signed Node Data with Attestation Table in Database + attestation_err := aws_iid.AWSIidNodeAttestation(client_uuid, clientIdentityDocumentHeader[0], cachedServiceAccount.AwsIid, m.cache) + if attestation_err != nil { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "aws_iid attestation error"), err) + } + } + } + + service := &authentication.ServicePayload{ + ServiceID: account.ClientID, + ServiceAccount: account.ServiceAccount, + Environment: account.Environment, + ValidSubjectAlternateName: account.ValidSubjectAlternateName, + ValidCertificateAuthorities: account.ValidCertificateAuthorities, + CertificateValidity: account.CertificateValidity, + SubordinateCa: account.SubordinateCa, + ExtendedKey: account.ExtendedKey, + SANRegularExpression: validator.NullStringToString(&account.RegularExpression), + } + + return service, nil +} + +func (m *Middleware) authenticationCache(ctx context.Context, client_uuid uuid.UUID) (*db.CachedServiceAccount, error) { + var service_account *db.Account + var instance_identity_document *db.AwsAttestation + var cached_service_account db.CachedServiceAccount + var err error + + db_reader := m.store.Reader + uuid := client_uuid.String() + if value, cached := m.cache.Get(uuid); cached == nil { + err = json.Unmarshal(value, &cached_service_account) + if err != nil { + return &cached_service_account, fmt.Errorf("error unmarshal cached service account account, %s", err) + } + } else { + service_account, err = db_reader.GetServiceUUID(ctx, client_uuid) + if err != nil { + return &cached_service_account, fmt.Errorf("service authentication failed: %s", err) + } + cached_service_account.ServiceAccount = *service_account + for _, node_attestation := range service_account.NodeAttestation { + switch node_attestation { + case types.Attestation.AWS_IID: + instance_identity_document, err = aws_iid.GetInstanceIdentityDocument(ctx, db_reader, client_uuid) + if err != nil { + return &cached_service_account, fmt.Errorf("aws_iid node attestation failed: %s", err) + } + cached_service_account.AwsIid = *instance_identity_document + } + } + + data, err := json.Marshal(cached_service_account) + if err != nil { + return &cached_service_account, fmt.Errorf("error marshalling cached_service_account, %s", err) + } + err = m.cache.Set(uuid, data) + if err != nil { + return &cached_service_account, fmt.Errorf("error setting middleware cache, %s", err) + } + } + return &cached_service_account, nil +} diff --git a/internal/v1/middleware/middleware.go b/internal/v1/middleware/middleware.go new file mode 100644 index 0000000..4328730 --- /dev/null +++ b/internal/v1/middleware/middleware.go @@ -0,0 +1,39 @@ +package middleware + +import ( + "github.com/allegro/bigcache/v3" + "github.com/casbin/casbin/v2" + db "github.com/coinbase/baseca/db/sqlc" + "github.com/coinbase/baseca/internal/authentication" +) + +const ( + // User Authorization + authorizationHeaderKey = "authorization" + authorizationTypeBearer = "bearer" + + // Service Authorization + clientIdAuthorizationHeaderKey = "x-baseca-client-id" // #nosec G101 False Positive + clientTokenAuthorizationHeaderKey = "x-baseca-client-token" // #nosec G101 False Positive + clientIdentityDocumentHeaderKey = "x-baseca-instance-metadata" + + // Enrollment Authorization + enrollmentIdAuthorizationHeaderKey = "x-baseca-enrollment-id" + enrollmentAuthorizationHeaderToken = "x-baseca-enrollment-token" // #nosec G101 False Positive +) + +type Middleware struct { + auth authentication.Auth + store db.DatabaseEndpoints + enforcer *casbin.Enforcer + cache *bigcache.BigCache +} + +func New(auth authentication.Auth, endpoints db.DatabaseEndpoints, enforcer *casbin.Enforcer, cache *bigcache.BigCache) *Middleware { + return &Middleware{ + auth: auth, + store: endpoints, + enforcer: enforcer, + cache: cache, + } +} diff --git a/internal/v1/users/operations.go b/internal/v1/users/operations.go new file mode 100644 index 0000000..1a4cbe6 --- /dev/null +++ b/internal/v1/users/operations.go @@ -0,0 +1,252 @@ +package users + +import ( + "context" + "database/sql" + "fmt" + + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/authorization" + "github.com/coinbase/baseca/internal/logger" + "github.com/coinbase/baseca/internal/validator" + "github.com/gogo/status" + "github.com/google/uuid" + passwordvalidator "github.com/wagslane/go-password-validator" + "google.golang.org/grpc/codes" + "google.golang.org/protobuf/types/known/emptypb" + "google.golang.org/protobuf/types/known/timestamppb" +) + +const ( + MIN_ENTROPY_BITS = 60 + _default_authentication_duration = 15 +) + +func (u *User) LoginUser(ctx context.Context, req *apiv1.LoginUserRequest) (*apiv1.LoginUserResponse, error) { + user, err := u.store.Reader.GetUser(ctx, req.Username) + if err != nil { + if err == sql.ErrNoRows { + return nil, logger.RpcError(status.Error(codes.NotFound, "user not found"), err) + } + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), err) + } + + if err := authentication.CheckPassword(req.Password, user.HashedCredential); err != nil { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), err) + } + + validity := func() int64 { + if u.validity == 0 { + return _default_authentication_duration + } + return int64(u.validity) + }() + + accessToken, err := u.auth.Issue(ctx, authentication.ClaimProps{ + Subject: user.Uuid, + Permission: user.Permissions, + ValidForMinutes: validity, + }) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication failed"), err) + } + + response := apiv1.LoginUserResponse{ + AccessToken: *accessToken, + User: &apiv1.User{ + Uuid: user.Uuid.String(), + Username: user.Username, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + CredentialChangedAt: timestamppb.New(user.CredentialChangedAt), + CreatedAt: timestamppb.New(user.CreatedAt)}, + } + return &response, nil +} + +func (u *User) CreateUser(ctx context.Context, req *apiv1.CreateUserRequest) (*apiv1.User, error) { + if !authorization.IsSupportedPermission(req.Permissions) { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid permission field"), fmt.Errorf("invalid permission %s", req.Permissions)) + } + + err := passwordvalidator.Validate(req.Password, MIN_ENTROPY_BITS) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "minimum password strength requirement not met"), err) + } + + hashedCredential, err := authentication.HashPassword(req.Password) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Unauthenticated, "authentication error"), err) + } + + if !validator.ValidateEmail(req.Email) { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid email"), fmt.Errorf("invalid email %s", req.Email)) + } + + if len(req.Username) == 0 { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid username"), fmt.Errorf("invalid username [%s]", req.Username)) + } + + if _, err = u.store.Reader.GetUser(ctx, req.Username); err != sql.ErrNoRows { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid username"), fmt.Errorf("user exists %s", req.Username)) + } + + user_uuid, err := uuid.NewRandom() + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + arg := db.CreateUserParams{ + Uuid: user_uuid, + Username: req.Username, + HashedCredential: hashedCredential, + FullName: req.FullName, + Email: req.Email, + Permissions: req.Permissions, + } + + user, err := u.store.Writer.CreateUser(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return &apiv1.User{ + Uuid: user.Uuid.String(), + Username: user.Username, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + CredentialChangedAt: timestamppb.New(user.CredentialChangedAt), + CreatedAt: timestamppb.New(user.CreatedAt)}, nil +} + +func (u *User) DeleteUser(ctx context.Context, req *apiv1.UsernameRequest) (*emptypb.Empty, error) { + if len(req.Username) == 0 { + return &emptypb.Empty{}, logger.RpcError(status.Error(codes.InvalidArgument, "invalid argument"), fmt.Errorf("v1.Accounts/DeleteUser invalid argument")) + } + + err := u.store.Writer.DeleteUser(ctx, req.Username) + if err != nil { + return &emptypb.Empty{}, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + return &emptypb.Empty{}, nil +} + +func (u *User) GetUser(ctx context.Context, req *apiv1.UsernameRequest) (*apiv1.User, error) { + if len(req.Username) == 0 { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), fmt.Errorf("v1.Accounts/GetUser invalid argument")) + } + + user, err := u.store.Reader.GetUser(ctx, req.Username) + if err != nil { + if err == sql.ErrNoRows { + return nil, logger.RpcError(status.Error(codes.NotFound, "user not found"), err) + } + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return &apiv1.User{ + Uuid: user.Uuid.String(), + Username: user.Username, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + CredentialChangedAt: timestamppb.New(user.CredentialChangedAt), + CreatedAt: timestamppb.New(user.CreatedAt)}, nil +} + +func (u *User) ListUsers(ctx context.Context, req *apiv1.QueryParameter) (*apiv1.Users, error) { + var userData apiv1.Users + + if req.PageId <= 0 || req.PageSize <= 0 { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid request parameters"), fmt.Errorf("invalid page_id or page_size")) + } + + arg := db.ListUsersParams{ + Limit: req.PageSize, + Offset: (req.PageId - 1) * req.PageSize, + } + users, err := u.store.Reader.ListUsers(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid request"), err) + } + + for _, user := range users { + userData.Users = append(userData.Users, &apiv1.User{ + Uuid: user.Uuid.String(), + Username: user.Username, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + CredentialChangedAt: timestamppb.New(user.CredentialChangedAt), + CreatedAt: timestamppb.New(user.CreatedAt)}) + } + return &userData, nil +} + +func (u *User) UpdateUserPermissions(ctx context.Context, req *apiv1.UpdatePermissionsRequest) (*apiv1.User, error) { + if !authorization.IsSupportedPermission(req.Permissions) { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "invalid permission field"), fmt.Errorf("invalid permission %s", req.Permissions)) + } + + arg := db.UpdateUserPermissionParams{ + Username: req.Username, + Permissions: req.Permissions, + } + + user, err := u.store.Writer.UpdateUserPermission(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return &apiv1.User{ + Uuid: user.Uuid.String(), + Username: user.Username, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + CredentialChangedAt: timestamppb.New(user.CredentialChangedAt), + CreatedAt: timestamppb.New(user.CreatedAt)}, nil +} + +func (u *User) UpdateUserCredentials(ctx context.Context, req *apiv1.UpdateCredentialsRequest) (*apiv1.User, error) { + user, err := u.store.Reader.GetUser(ctx, req.Username) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + if err := authentication.CheckPassword(req.Password, user.HashedCredential); err != nil { + return nil, logger.RpcError(status.Error(codes.PermissionDenied, "authentication failed"), err) + } + + err = passwordvalidator.Validate(req.UpdatedPassword, MIN_ENTROPY_BITS) + if err != nil { + return nil, logger.RpcError(status.Error(codes.InvalidArgument, "minimum password strength requirement not met"), err) + } + + hashedCredential, err := authentication.HashPassword(req.UpdatedPassword) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + arg := db.UpdateUserAuthenticationParams{ + Username: req.Username, + HashedCredential: hashedCredential, + } + + user, err = u.store.Writer.UpdateUserAuthentication(ctx, arg) + if err != nil { + return nil, logger.RpcError(status.Error(codes.Internal, "internal server error"), err) + } + + return &apiv1.User{ + Username: user.Username, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + CredentialChangedAt: timestamppb.New(user.CredentialChangedAt), + CreatedAt: timestamppb.New(user.CreatedAt)}, nil +} diff --git a/internal/v1/users/operations_test.go b/internal/v1/users/operations_test.go new file mode 100644 index 0000000..a130120 --- /dev/null +++ b/internal/v1/users/operations_test.go @@ -0,0 +1,147 @@ +package users + +import ( + "context" + "database/sql" + "fmt" + "reflect" + "testing" + + "github.com/coinbase/baseca/db/mock" + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/lib/util" + "github.com/golang/mock/gomock" + "github.com/stretchr/testify/require" +) + +const ( + _read = "READ" +) + +func TestCreateUser(t *testing.T) { + user, user_credentials := util.GenerateTestUser(t, _read, 20) + + cases := []struct { + name string + req *apiv1.CreateUserRequest + build func(store *mock.MockStore) + check func(t *testing.T, res *apiv1.User, err error) + }{ + { + name: "OK", + req: &apiv1.CreateUserRequest{ + Username: user.Username, + Password: user_credentials, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + }, + build: func(store *mock.MockStore) { + arg := db.CreateUserParams{ + Uuid: user.Uuid, + Username: user.Username, + FullName: user.FullName, + Email: user.Email, + Permissions: user.Permissions, + } + store.EXPECT().GetUser(gomock.Any(), arg.Username).Times(1).Return(nil, sql.ErrNoRows) + store.EXPECT().CreateUser(gomock.Any(), EqCreateUserParams(arg, user_credentials)).Times(1).Return(&user, nil) + }, + check: func(t *testing.T, res *apiv1.User, err error) { + require.NoError(t, err) + }, + }, + } + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + tc.build(store) + + user, err := buildUsersConfig(store) + require.NoError(t, err) + + res, err := user.CreateUser(context.Background(), tc.req) + tc.check(t, res, err) + }) + } +} + +func TestLoginUser(t *testing.T) { + user, user_credentials := util.GenerateTestUser(t, _read, 20) + + cases := []struct { + name string + req *apiv1.LoginUserRequest + build func(store *mock.MockStore) + check func(t *testing.T, res *apiv1.LoginUserResponse, err error) + }{ + { + name: "OK", + req: &apiv1.LoginUserRequest{ + Username: user.Username, + Password: user_credentials, + }, + build: func(store *mock.MockStore) { + store.EXPECT().GetUser(gomock.Any(), user.Username).Times(1).Return(&user, nil) + }, + check: func(t *testing.T, res *apiv1.LoginUserResponse, err error) { + require.NoError(t, err) + }, + }, + } + + for elem := range cases { + tc := cases[elem] + + t.Run(tc.name, func(t *testing.T) { + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + store := mock.NewMockStore(ctrl) + tc.build(store) + + user, err := buildUsersConfig(store) + require.NoError(t, err) + + res, err := user.LoginUser(context.Background(), tc.req) + tc.check(t, res, err) + }) + } +} + +type eqCreateUserParamsMatcher struct { + arg db.CreateUserParams + password string +} + +func (e eqCreateUserParamsMatcher) Matches(x interface{}) bool { + arg, ok := x.(db.CreateUserParams) + if !ok { + return false + } + + err := authentication.CheckPassword(e.password, arg.HashedCredential) + if err != nil { + return false + } + + e.arg.Uuid = arg.Uuid + e.arg.HashedCredential = arg.HashedCredential + return reflect.DeepEqual(e.arg, arg) +} + +func (e eqCreateUserParamsMatcher) String() string { + return fmt.Sprintf("%v", e.arg) +} + +func EqCreateUserParams(arg db.CreateUserParams, password string) gomock.Matcher { + return eqCreateUserParamsMatcher{arg, password} +} diff --git a/internal/v1/users/users.go b/internal/v1/users/users.go new file mode 100644 index 0000000..8263ea9 --- /dev/null +++ b/internal/v1/users/users.go @@ -0,0 +1,23 @@ +package users + +import ( + db "github.com/coinbase/baseca/db/sqlc" + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/internal/config" +) + +type User struct { + apiv1.AccountServer + store db.DatabaseEndpoints + auth authentication.Auth + validity int +} + +func New(cfg *config.Config, endpoints db.DatabaseEndpoints, auth authentication.Auth) *User { + return &User{ + store: endpoints, + auth: auth, + validity: cfg.KMS.AuthValidity, + } +} diff --git a/internal/v1/users/users_test.go b/internal/v1/users/users_test.go new file mode 100644 index 0000000..5503662 --- /dev/null +++ b/internal/v1/users/users_test.go @@ -0,0 +1,59 @@ +package users + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/service/kms" + mock_store "github.com/coinbase/baseca/db/mock" + db "github.com/coinbase/baseca/db/sqlc" + "github.com/coinbase/baseca/internal/authentication" + "github.com/coinbase/baseca/test" + "github.com/stretchr/testify/mock" +) + +type mockedKmsClient struct { + mock.Mock +} + +func (m *mockedKmsClient) Sign(ctx context.Context, signInput *kms.SignInput, opts ...func(*kms.Options)) (*kms.SignOutput, error) { + ret := m.Called(ctx, signInput, opts) + return ret.Get(0).(*kms.SignOutput), ret.Error(1) +} + +func (m *mockedKmsClient) Verify(ctx context.Context, params *kms.VerifyInput, optFns ...func(*kms.Options)) (*kms.VerifyOutput, error) { + ret := m.Called(ctx, params, optFns) + return ret.Get(0).(*kms.VerifyOutput), ret.Error(1) +} + +func buildUsersConfig(store *mock_store.MockStore) (*User, error) { + config, err := test.GetTestConfigurationPath() + if err != nil { + return nil, err + } + + mockKms := &mockedKmsClient{} + mockKms.On("Sign", mock.Anything, mock.Anything, mock.Anything).Return( + &kms.SignOutput{ + Signature: []byte("signature"), + }, nil, + ) + + signer := &authentication.Client{ + KmsClient: mockKms, + KeyId: config.KMS.KeyId, + SigningAlgorithm: config.KMS.SigningAlgorithm, + } + + auth, err := authentication.NewAuthSigningMetadata(signer) + if err != nil { + return nil, err + } + + endpoints := db.DatabaseEndpoints{Writer: store, Reader: store} + + return &User{ + store: endpoints, + auth: auth, + validity: config.KMS.AuthValidity, + }, nil +} diff --git a/internal/validator/domain.go b/internal/validator/domain.go new file mode 100644 index 0000000..8c08a28 --- /dev/null +++ b/internal/validator/domain.go @@ -0,0 +1,70 @@ +package validator + +import ( + "net" + "strings" + + "github.com/coinbase/baseca/internal/config" +) + +var valid_domains []string +var valid_certificate_authorities []string + +func IsValidateDomain(fully_qualified_domain_name string) bool { + + arr := strings.Split(fully_qualified_domain_name, ".") + + if len(arr) < 2 { + return false + } + + domain_slice := arr[len(arr)-2:] + domain := strings.Join(domain_slice, ".") + + for _, valid_domain := range valid_domains { + if domain == valid_domain { + return true + } + } + + // Fallback Check IP Address for CN/SAN + return net.ParseIP(fully_qualified_domain_name) != nil +} + +func IsSupportedCertificateAuthority(certificate_authority string) bool { + for _, ca := range valid_certificate_authorities { + if ca == certificate_authority { + return true + } + } + return false +} + +func SupportedConfig(cfg *config.Config) { + valid_domains = cfg.Domains + + for certificate_authority := range cfg.ACMPCA { + valid_certificate_authorities = append(valid_certificate_authorities, certificate_authority) + } +} + +func Contains(s []string, str string) bool { + for _, v := range s { + if v == str { + return true + } + } + return false +} + +func SanitizeInput(input []string) []string { + allKeys := make(map[string]bool) + list := []string{} + for _, item := range input { + if _, value := allKeys[item]; !value { + allKeys[item] = true + list = append(list, item) + } + } + return list +} diff --git a/internal/validator/environment.go b/internal/validator/environment.go new file mode 100644 index 0000000..8972890 --- /dev/null +++ b/internal/validator/environment.go @@ -0,0 +1,32 @@ +package validator + +import ( + "github.com/coinbase/baseca/internal/config" + "github.com/coinbase/baseca/internal/types" +) + +const ( + BaseDirectory = "/tmp/baseca/ssl" +) + +var CertificateAuthorityEnvironments map[string][]string + +func SupportedEnvironments(cfg *config.Config) { + CertificateAuthorityEnvironments = map[string][]string{ + "local": cfg.Environment.Local, + "sandbox": cfg.Environment.Sandbox, + "development": cfg.Environment.Development, + "staging": cfg.Environment.Staging, + "pre_production": cfg.Environment.PreProduction, + "production": cfg.Environment.Production, + "corporate": cfg.Environment.Corporate, + } +} + +func SetBaseDirectory(cfg *config.Config) { + if len(cfg.SubordinateMetadata.BaseDirectory) != 0 { + types.SubordinatePath = cfg.SubordinateMetadata.BaseDirectory + } else { + types.SubordinatePath = BaseDirectory + } +} diff --git a/internal/validator/fx.go b/internal/validator/fx.go new file mode 100644 index 0000000..e37829c --- /dev/null +++ b/internal/validator/fx.go @@ -0,0 +1,11 @@ +package validator + +import "go.uber.org/fx" + +var Module = fx.Options( + fx.Invoke( + SupportedConfig, + SupportedEnvironments, + SetBaseDirectory, + ), +) diff --git a/internal/validator/validate.go b/internal/validator/validate.go new file mode 100644 index 0000000..6d5fce1 --- /dev/null +++ b/internal/validator/validate.go @@ -0,0 +1,104 @@ +package validator + +import ( + "database/sql" + "encoding/json" + "fmt" + "regexp" + + "github.com/coinbase/baseca/internal/config" + "github.com/tabbed/pqtype" +) + +type NullString sql.NullString + +func ValidateCertificateAuthorityEnvironment(config config.Environment, environment string, certificate_authorities []string) bool { + if len(certificate_authorities) == 0 { + return false + } + + for _, certificate_authority := range certificate_authorities { + if output := Contains(CertificateAuthorityEnvironments[environment], certificate_authority); !output { + return false + } + } + return true +} + +func ValidateSubjectAlternateNames(request_san []string, valid_san []string, regular_expression string) error { + mapping := make(map[string]bool) + for _, elem := range valid_san { + mapping[elem] = true + } + + // Non-Regex Check + if len(regular_expression) == 0 { + for _, san := range request_san { + if !mapping[san] { + return fmt.Errorf("invalid subject alternative name [%s]", san) + } + } + } else { // Regex Check + for _, san := range request_san { + if !mapping[san] { + compile, err := regexp.Compile(regular_expression) + if err != nil { + return fmt.Errorf("regular expression compile error: %s", err) + } + match := compile.MatchString(san) + if !match { + return fmt.Errorf("invalid subject alternative name [%s] from regular expression validation", san) + } + } + } + } + return nil +} + +func ValidateEmail(email string) bool { + pattern := `^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$` + regex := regexp.MustCompile(pattern) + return regex.MatchString(email) +} + +func NullStringToString(x *sql.NullString) string { + if x.Valid { + return x.String + } + return "" +} + +func MapToNullRawMessage(m map[string]string) (pqtype.NullRawMessage, error) { + jsonBytes, err := json.Marshal(m) + if err != nil { + return pqtype.NullRawMessage{}, err + } + + nullRawMessage := pqtype.NullRawMessage{} + err = nullRawMessage.Scan(jsonBytes) + if err != nil { + return pqtype.NullRawMessage{}, err + } + + return nullRawMessage, nil +} + +func ConvertNullRawMessageToMap(nrm pqtype.NullRawMessage) (map[string]string, error) { + if !nrm.Valid { + return nil, nil + } + + var m map[string]interface{} + err := json.Unmarshal(nrm.RawMessage, &m) + if err != nil { + return nil, err + } + + result := make(map[string]string, len(m)) + for k, v := range m { + if s, ok := v.(string); ok { + result[k] = s + } + } + return result, nil +} diff --git a/internal/validator/validate_test.go b/internal/validator/validate_test.go new file mode 100644 index 0000000..25d9d90 --- /dev/null +++ b/internal/validator/validate_test.go @@ -0,0 +1,63 @@ +package validator + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +type TestValidate struct { + RegularExpression string + ValidSAN []string + RequestSAN []string +} + +func Test_ValidateSubjectAlternateNames_Regex_Error(t *testing.T) { + test_validator := []TestValidate{ + { + RegularExpression: `^[a-zA-Z]+((!coinbase.com)\w)*$`, + ValidSAN: []string{}, + RequestSAN: []string{"example.coinbase.com"}, + }, + { + RegularExpression: `^[a-zA-Z]+((!coinbase.com)\w)*$`, + ValidSAN: []string{""}, + RequestSAN: []string{"12345"}, + }, + } + + for _, elem := range test_validator { + err := ValidateSubjectAlternateNames(elem.RequestSAN, elem.ValidSAN, elem.RegularExpression) + assert.Error(t, err) + } +} + +func Test_ValidateSubjectAlternateNames_Success(t *testing.T) { + test_validator := []TestValidate{ + { + RegularExpression: `^[a-zA-Z]+((!coinbase.com)\w)*$`, + ValidSAN: []string{}, + RequestSAN: []string{"baseca"}, + }, + } + + for _, elem := range test_validator { + err := ValidateSubjectAlternateNames(elem.RequestSAN, elem.ValidSAN, elem.RegularExpression) + assert.NoError(t, err) + } +} + +func Test_ValidateSubjectAlternateNames_ValidSAN_Regex_Success(t *testing.T) { + test_validator := []TestValidate{ + { + RegularExpression: `^[a-zA-Z]+((!coinbase.com)\w)*$`, + ValidSAN: []string{"10.0.0.1"}, + RequestSAN: []string{"10.0.0.1"}, + }, + } + + for _, elem := range test_validator { + err := ValidateSubjectAlternateNames(elem.RequestSAN, elem.ValidSAN, elem.RegularExpression) + assert.NoError(t, err) + } +} diff --git a/pkg/attestor/aws_iid/iid.go b/pkg/attestor/aws_iid/iid.go new file mode 100644 index 0000000..49007b9 --- /dev/null +++ b/pkg/attestor/aws_iid/iid.go @@ -0,0 +1,57 @@ +package aws_iid + +import ( + "bytes" + "encoding/json" + "io/ioutil" + "net/http" +) + +const ( + instance_identity_metadata = "http://169.254.169.254/latest/dynamic/instance-identity/document" + instance_identity_signature = "http://169.254.169.254/latest/dynamic/instance-identity/signature" +) + +type EC2InstanceMetadata struct { + InstanceIdentityDocument []byte `json:"instance_identity_document"` + InstanceIdentitySignature []byte `json:"instance_identity_signature"` +} + +func BuildInstanceMetadata() (*string, error) { + instance_metadata, err := httpGetRequest(instance_identity_metadata) + if err != nil { + return nil, err + } + + rsa_signature, err := httpGetRequest(instance_identity_signature) + if err != nil { + return nil, err + } + + metadata := EC2InstanceMetadata{ + InstanceIdentityDocument: instance_metadata, + InstanceIdentitySignature: rsa_signature, + } + + metadata_json, err := json.Marshal(metadata) + if err != nil { + return nil, err + } + + output := bytes.NewBuffer(metadata_json).String() + return &output, err +} + +func httpGetRequest(uri string) ([]byte, error) { + response, err := http.Get(uri) // #nosec G107 False Positive + if err != nil { + return nil, err + } else { + defer response.Body.Close() // #nosec G307 False Positive + response, err := ioutil.ReadAll(response.Body) + if err != nil { + return nil, err + } + return response, nil + } +} diff --git a/pkg/certificate/pk.go b/pkg/certificate/pk.go new file mode 100644 index 0000000..8779734 --- /dev/null +++ b/pkg/certificate/pk.go @@ -0,0 +1,70 @@ +package certificate + +import ( + "crypto" + "crypto/ecdsa" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "fmt" +) + +type CertificateAuthority struct { + Certificate *x509.Certificate + AsymmetricKey *AsymmetricKey + SerialNumber string + CertificateAuthorityArn string +} + +type AsymmetricKey interface { + KeyPair() interface{} + Sign(data []byte) ([]byte, error) +} + +type RSA struct { + PublicKey *rsa.PublicKey + PrivateKey *rsa.PrivateKey +} + +type ECDSA struct { + PublicKey *ecdsa.PublicKey + PrivateKey *ecdsa.PrivateKey +} + +func (key *RSA) KeyPair() interface{} { + return key +} + +func (key *RSA) Sign(data []byte) ([]byte, error) { + h := crypto.SHA256.New() + h.Write(data) + hashed := h.Sum(nil) + return rsa.SignPKCS1v15(rand.Reader, key.PrivateKey, crypto.SHA256, hashed) +} + +func (key *ECDSA) KeyPair() interface{} { + return key +} + +func (key *ECDSA) Sign(data []byte) ([]byte, error) { + h := crypto.SHA256.New() + h.Write(data) + hashed := h.Sum(nil) + r, s, err := ecdsa.Sign(rand.Reader, key.PrivateKey, hashed) + if err != nil { + return nil, err + } + signature := append(r.Bytes(), s.Bytes()...) + return signature, nil +} + +func ReturnPrivateKey(key AsymmetricKey) (interface{}, error) { + switch k := key.KeyPair().(type) { + case *RSA: + return k.PrivateKey, nil + case *ECDSA: + return k.PrivateKey, nil + default: + return nil, fmt.Errorf("unsupported key type") + } +} diff --git a/pkg/client/certificate.go b/pkg/client/certificate.go new file mode 100644 index 0000000..a00b71e --- /dev/null +++ b/pkg/client/certificate.go @@ -0,0 +1,84 @@ +package baseca + +import ( + "context" + "fmt" + "os" + + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" +) + +func (c *client) IssueCertificate(certificateRequest CertificateRequest) (*apiv1.SignedCertificate, error) { + signingRequest, err := GenerateCSR(certificateRequest) + if err != nil { + return nil, err + } + + req := apiv1.CertificateSigningRequest{ + CertificateSigningRequest: signingRequest.CSR.String(), + } + + signedCertificate, err := c.Certificate.SignCSR(context.Background(), &req) + if err != nil { + return nil, err + } + + err = parseCertificateFormat(signedCertificate, SignedCertificate{ + CertificatePath: certificateRequest.Output.Certificate, + CertificateChainPath: certificateRequest.Output.CertificateChain}) + + if err != nil { + return nil, err + } + + return signedCertificate, nil +} + +func (c *client) ProvisionIssueCertificate(certificateRequest CertificateRequest, ca *apiv1.CertificateAuthorityParameter, service, environment, extendedKey string) (*apiv1.SignedCertificate, error) { + signingRequest, err := GenerateCSR(certificateRequest) + if err != nil { + return nil, err + } + + req := apiv1.OperationsSignRequest{ + CertificateSigningRequest: signingRequest.CSR.String(), + CertificateAuthority: ca, + ServiceAccount: service, + Environment: environment, + ExtendedKey: extendedKey, + } + + signedCertificate, err := c.Certificate.OperationsSignCSR(context.Background(), &req) + if err != nil { + return nil, err + } + + err = parseCertificateFormat(signedCertificate, SignedCertificate{ + CertificatePath: certificateRequest.Output.Certificate, + CertificateChainPath: certificateRequest.Output.CertificateChain}) + + if err != nil { + return nil, err + } + + return signedCertificate, nil +} + +func parseCertificateFormat(certificate *apiv1.SignedCertificate, parameter SignedCertificate) error { + // Leaf Certificate Path + if len(parameter.CertificatePath) != 0 { + certificate := []byte(certificate.Certificate) + if err := os.WriteFile(parameter.CertificatePath, certificate, os.ModePerm); err != nil { + return fmt.Errorf("error writing certificate to [%s]", parameter.CertificatePath) + } + } + + // Certificate Chain Path + if len(parameter.CertificateChainPath) != 0 { + certificate := []byte(certificate.CertificateChain) + if err := os.WriteFile(parameter.CertificateChainPath, certificate, os.ModePerm); err != nil { + return fmt.Errorf("error writing certificate chain to [%s]", parameter.CertificateChainPath) + } + } + return nil +} diff --git a/pkg/client/client.go b/pkg/client/client.go new file mode 100644 index 0000000..450a0a5 --- /dev/null +++ b/pkg/client/client.go @@ -0,0 +1,178 @@ +package baseca + +import ( + "context" + "crypto/tls" + "crypto/x509" + "fmt" + "strings" + "sync" + + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" + "github.com/coinbase/baseca/pkg/attestor/aws_iid" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "google.golang.org/grpc/credentials/insecure" + "google.golang.org/grpc/metadata" +) + +// var Endpoints Environment + +var Attestation Provider = Provider{ + Local: "NONE", + AWS: "AWS", +} + +var Env = Environment{ + Local: "Local", + Sandbox: "Sandbox", + Development: "Development", + Staging: "Staging", + PreProduction: "PreProduction", + Production: "Production", +} + +type Environment struct { + Local string + Sandbox string + Development string + Staging string + PreProduction string + Production string +} + +type Configuration struct { + URL string + Environment string +} + +type Provider struct { + Local string + AWS string +} + +type Output struct { + CertificateSigningRequest string + Certificate string + CertificateChain string + PrivateKey string +} +type CertificateRequest struct { + CommonName string + SubjectAlternateNames []string + DistinguishedName DistinguishedName + SigningAlgorithm x509.SignatureAlgorithm + PublicKeyAlgorithm x509.PublicKeyAlgorithm + KeySize int + Output Output +} + +type DistinguishedName struct { + Country []string + Province []string + Locality []string + Organization []string + OrganizationalUnit []string +} + +type Authentication struct { + ClientId string + ClientToken string +} + +type client struct { + endpoint string + authentication Authentication + attestation string + Certificate apiv1.CertificateClient +} + +const ( + _client_id_header = "X-BASECA-CLIENT-ID" + _client_token_header = "X-BASECA-CLIENT-TOKEN" // #nosec G101 False Positive + _aws_iid_metadata = "X-BASECA-INSTANCE-METADATA" +) + +type CertificateClient interface { + SignCSR(ctx context.Context, in *apiv1.CertificateSigningRequest, opts ...grpc.CallOption) (*apiv1.SignedCertificate, error) +} + +func LoadDefaultConfiguration(configuration Configuration, client_id, client_token, attestation string) (*client, error) { + c := client{ + endpoint: configuration.URL, + authentication: Authentication{client_id, client_token}, + attestation: attestation, + } + + if configuration.Environment == Env.Local { + conn, err := grpc.Dial(configuration.URL, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithUnaryInterceptor(c.methodInterceptor())) + if err != nil { + return nil, fmt.Errorf("failed to initialize grpc client") + } + c.Certificate = apiv1.NewCertificateClient(conn) + return &c, nil + } else { + conn, err := grpc.Dial(configuration.URL, grpc.WithTransportCredentials( + credentials.NewTLS(&tls.Config{ + MinVersion: tls.VersionTLS12, + }), + ), grpc.WithUnaryInterceptor(c.methodInterceptor())) + if err != nil { + return nil, fmt.Errorf("failed to initialize grpc client") + } + c.Certificate = apiv1.NewCertificateClient(conn) + return &c, nil + } +} + +func (c *client) methodInterceptor() grpc.UnaryClientInterceptor { + methodOptions := map[string]grpc.UnaryClientInterceptor{ + "/baseca.v1.Certificate/SignCSR": c.clientAuthUnaryInterceptor, + "/baseca.v1.Certificate/OperationsSignCSR": c.clientAuthUnaryInterceptor, + "/baseca.v1.Service/ProvisionServiceAccount": c.clientAuthUnaryInterceptor, + } + return mapMethodInterceptor(methodOptions) +} + +func mapMethodInterceptor(chain map[string]grpc.UnaryClientInterceptor) grpc.UnaryClientInterceptor { + var chainMap sync.Map + for k, v := range chain { + chainMap.Store(k, v) + } + return func(parentCtx context.Context, method string, req, reply interface{}, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error { + if next, ok := returnMethodInterceptor(chainMap, method); ok { + return next(parentCtx, method, req, reply, cc, invoker, opts...) + } + return invoker(parentCtx, method, req, reply, cc, opts...) + } +} + +func returnMethodInterceptor(chainMap sync.Map, method string) (grpc.UnaryClientInterceptor, bool) { + if m, ok := chainMap.Load(method); ok { + return m.(grpc.UnaryClientInterceptor), true + } + i := strings.LastIndex(method, "/") + if m, ok := chainMap.Load(method[:i+1]); ok { + return m.(grpc.UnaryClientInterceptor), true + } + if m, ok := chainMap.Load(""); ok { + return m.(grpc.UnaryClientInterceptor), true + } + return nil, false +} + +func (c *client) clientAuthUnaryInterceptor(ctx context.Context, method string, req, reply interface{}, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error { + ctx = metadata.AppendToOutgoingContext(ctx, _client_id_header, c.authentication.ClientId) + ctx = metadata.AppendToOutgoingContext(ctx, _client_token_header, c.authentication.ClientToken) + + if c.attestation == Attestation.AWS { + instance_metadata, err := aws_iid.BuildInstanceMetadata() + if err != nil { + return fmt.Errorf("error generating aws_iid node attestation") + } + ctx = metadata.AppendToOutgoingContext(ctx, _aws_iid_metadata, *instance_metadata) + } + + err := invoker(ctx, method, req, reply, cc, opts...) + return err +} diff --git a/pkg/client/csr.go b/pkg/client/csr.go new file mode 100644 index 0000000..b76b77a --- /dev/null +++ b/pkg/client/csr.go @@ -0,0 +1,95 @@ +package baseca + +import ( + "bytes" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "crypto/x509/pkix" + "encoding/pem" + "errors" + "fmt" + "os" +) + +type SigningRequest struct { + CSR *bytes.Buffer + PrivateKey *pem.Block +} + +type SignedCertificate struct { + CertificatePath string + CertificateChainPath string +} + +func GenerateCSR(csr CertificateRequest) (*SigningRequest, error) { + switch csr.PublicKeyAlgorithm { + case x509.RSA: + if csr.KeySize < 2048 { + return nil, errors.New("invalid key size, rsa minimum valid bits 2048]") + } + // TODO: ECDSA + } + + subject := pkix.Name{ + CommonName: csr.CommonName, + Country: csr.DistinguishedName.Country, + Province: csr.DistinguishedName.Province, + Locality: csr.DistinguishedName.Locality, + Organization: csr.DistinguishedName.Organization, + OrganizationalUnit: csr.DistinguishedName.OrganizationalUnit, + } + + template := x509.CertificateRequest{ + Subject: subject, + SignatureAlgorithm: csr.SigningAlgorithm, + DNSNames: csr.SubjectAlternateNames, + } + + switch csr.SigningAlgorithm { + case x509.SHA256WithRSA, x509.SHA384WithRSA, x509.SHA512WithRSA: + pk, err := rsa.GenerateKey(rand.Reader, csr.KeySize) + if err != nil { + return nil, errors.New("error generating rsa key pair") + } + + csrBytes, err := x509.CreateCertificateRequest(rand.Reader, &template, pk) + if err != nil { + return nil, err + } + + certificatePem := new(bytes.Buffer) + err = pem.Encode(certificatePem, &pem.Block{ + Type: "CERTIFICATE REQUEST", + Bytes: csrBytes, + }) + + if err != nil { + return nil, errors.New("error encoding certificate request (csr)") + } + + if len(csr.Output.CertificateSigningRequest) != 0 { + if err := os.WriteFile(csr.Output.CertificateSigningRequest, certificatePem.Bytes(), os.ModePerm); err != nil { + return nil, fmt.Errorf("error writing certificate signing request (csr) to [%s]", csr.Output.CertificateSigningRequest) + } + } + + pkBlock := &pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: x509.MarshalPKCS1PrivateKey(pk), + } + + if len(csr.Output.PrivateKey) != 0 { + if err := os.WriteFile(csr.Output.PrivateKey, pem.EncodeToMemory(pkBlock), os.ModePerm); err != nil { + return nil, fmt.Errorf("error writing private key to [%s]", csr.Output.PrivateKey) + } + } + + return &SigningRequest{ + CSR: certificatePem, + PrivateKey: pkBlock, + }, nil + default: + return nil, errors.New("unsupported signing algorithm") + } +} diff --git a/pkg/client/sign.go b/pkg/client/sign.go new file mode 100644 index 0000000..852ec0b --- /dev/null +++ b/pkg/client/sign.go @@ -0,0 +1,154 @@ +package baseca + +import ( + "context" + "crypto" + "crypto/rand" + "crypto/rsa" + "crypto/sha256" + "crypto/x509" + "encoding/pem" + "errors" + "fmt" + "os" + "path/filepath" + + apiv1 "github.com/coinbase/baseca/gen/go/baseca/v1" +) + +func (c *client) GenerateSignature(csr CertificateRequest, element []byte) (*[]byte, []*x509.Certificate, error) { + var certificatePem []*pem.Block + var certificateChain []*x509.Certificate + + signingRequest, err := GenerateCSR(csr) + if err != nil { + return nil, nil, err + } + + req := apiv1.CertificateSigningRequest{ + CertificateSigningRequest: signingRequest.CSR.String(), + } + + signedCertificate, err := c.Certificate.SignCSR(context.Background(), &req) + if err != nil { + return nil, nil, err + } + + err = parseCertificateFormat(signedCertificate, SignedCertificate{ + CertificatePath: csr.Output.Certificate, + CertificateChainPath: csr.Output.CertificateChain}) + + if err != nil { + return nil, nil, err + } + + hashedOutput := sha256.Sum256(element) + pk, err := x509.ParsePKCS1PrivateKey(signingRequest.PrivateKey.Bytes) + if err != nil { + return nil, nil, errors.New("error parsing pkcs1 private key") + } + + signature, err := rsa.SignPKCS1v15(rand.Reader, pk, crypto.SHA256, hashedOutput[:]) + if err != nil { + return nil, nil, fmt.Errorf("error calculating signature of hash using pkcs1: %s", err) + } + + fullChain, err := os.ReadFile(filepath.Clean(csr.Output.CertificateChain)) + if err != nil { + return nil, nil, fmt.Errorf("error retrieving full chain certificate: %s", err) + } + + // Build *pem.Block for Each Certificate in Chain + for { + block, remainder := pem.Decode(fullChain) + if block == nil { + break + } + certificatePem = append(certificatePem, block) + fullChain = remainder + } + + // Build *x509.Certificate for Each Certificate in Chain + for _, block := range certificatePem { + certificate, err := x509.ParseCertificate(block.Bytes) + if err != nil { + return nil, nil, fmt.Errorf("error parsing code signing certificate: %s", err) + } + certificateChain = append(certificateChain, certificate) + } + + return &signature, certificateChain, nil +} + +func (c *client) ValidateSignature(certificates []*x509.Certificate, signature []byte, element []byte, cn string, ca string) error { + err := certificates[0].CheckSignature(x509.SHA256WithRSA, element, signature) + if err != nil { + return fmt.Errorf("signature verification failed: %s", err) + } + + // Validate Entire Certificate Chain Valid + for i := range certificates[:len(certificates)-1] { + err = certificates[i].CheckSignatureFrom(certificates[i+1]) + if err != nil { + return fmt.Errorf("certificate chain invalid: %s", err) + } + } + + if certificates[0].Subject.CommonName != cn { + return fmt.Errorf("invalid common name (cn) from code signing certificate") + } + + validSubjectAlternativeName := false + if len(certificates[0].DNSNames) > 0 { + for _, san := range certificates[0].DNSNames { + if san == cn { + validSubjectAlternativeName = true + } + } + } + + if !validSubjectAlternativeName { + return fmt.Errorf("invalid subject alternative name (san) from code signing certificate") + } + + rootCertificatePool, err := c.generateCertificatePool(ca) + if err != nil { + return err + } + + opts := x509.VerifyOptions{ + Roots: rootCertificatePool, + KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageCodeSigning}, + } + _, err = certificates[1].Verify(opts) + if err != nil { + return fmt.Errorf("error validating code signing certificate validity: %s", err) + } + return nil +} + +func (c *client) generateCertificatePool(ca string) (*x509.CertPool, error) { + certPool := x509.NewCertPool() + + files, err := os.ReadDir(ca) + if err != nil { + return nil, errors.New("invalid certificate authority directory") + } + + for _, certFile := range files { // #nosec G304 User Only Has Predefined Environment Parameters + data, err := os.ReadFile(filepath.Join(ca, certFile.Name())) + if err != nil { + return nil, errors.New("invalid certificate file") + } + pemBlock, _ := pem.Decode(data) + if pemBlock == nil || pemBlock.Type != "CERTIFICATE" { + return nil, errors.New("invalid input file") + } + cert, err := x509.ParseCertificate(pemBlock.Bytes) + if err != nil { + return nil, errors.New("error parsing x.509 certificate") + } + certPool.AddCert(cert) + } + return certPool, nil +} diff --git a/protos/baseca/v1/api.proto b/protos/baseca/v1/api.proto new file mode 100644 index 0000000..35b9ba1 --- /dev/null +++ b/protos/baseca/v1/api.proto @@ -0,0 +1,252 @@ +syntax = "proto3"; + +package baseca.v1; + +import "google/protobuf/timestamp.proto"; +import "google/protobuf/empty.proto"; + +option go_package = "github.com/coinbase/baseca/protos/baseca/v1;apiv1"; + +message CertificateParameter { + string serial_number = 1; + string common_name = 2; + repeated string subject_alternative_name = 3; + google.protobuf.Timestamp expiration_date = 4; + google.protobuf.Timestamp issued_date = 5; + bool revoked = 6; + string revoked_by = 7; + google.protobuf.Timestamp revoke_date = 8; + string certificate_authority_arn = 9; + string account = 10; + string environment = 11; + string extended_key = 12; +} + +message CertificatesParameter { + repeated CertificateParameter certificates = 1; +} + +message CertificateAuthorityParameter { + string region = 1; + string ca_arn = 2; + string sign_algorithm = 3; + bool assume_role = 4; + string role_arn = 5; + int32 validity = 6; +} + +message CertificateSigningRequest { + string certificate_signing_request = 1; +} + +message SignedCertificate { + string certificate = 1; + string certificate_chain = 2; + CertificateParameter metadata = 3; +} + +message CertificateSerialNumber { + string serial_number = 1; +} + +message ListCertificatesRequest { + string common_name = 1; + int32 page_id = 3; + int32 page_size = 4; +} + +message RevokeCertificateRequest { + string serial_number = 1; + string revocation_reason = 2; +} + +message RevokeCertificateResponse { + string serial_number = 1; + google.protobuf.Timestamp revocation_date = 2; + string status = 3; +} + +message OperationsSignRequest { + string certificate_signing_request = 1; + CertificateAuthorityParameter certificate_authority = 2; + string service_account = 3; + string environment = 4; + string extended_key = 5;} + +service Certificate { + rpc SignCSR (CertificateSigningRequest) returns (SignedCertificate); + rpc GetCertificate (CertificateSerialNumber) returns (CertificateParameter); + rpc ListCertificates (ListCertificatesRequest) returns (CertificatesParameter); + rpc RevokeCertificate (RevokeCertificateRequest) returns (RevokeCertificateResponse); + rpc OperationsSignCSR (OperationsSignRequest) returns (SignedCertificate); +} + +message User { + string uuid = 1; + string username = 2; + string full_name = 3; + string email = 4; + string permissions = 5; + google.protobuf.Timestamp credential_changed_at = 6; + google.protobuf.Timestamp created_at = 7; +} + +message Users { + repeated User users = 1; +} + +message LoginUserRequest { + string username = 1; + string password = 2; +} + +message LoginUserResponse { + string access_token = 1; + User user = 2; +} + +message UsernameRequest { + string username = 1; +} + +message QueryParameter { + int32 page_id = 2; + int32 page_size = 3; +} + +message CreateUserRequest { + string username = 1; + string password = 2; + string full_name = 3; + string email = 4; + string permissions = 5; +} + +message UpdateCredentialsRequest { + string username = 1; + string password = 2; + string updated_password = 3; +} + +message UpdatePermissionsRequest { + string username = 1; + string permissions = 2; +} + +service Account { + rpc LoginUser (LoginUserRequest) returns (LoginUserResponse); + rpc DeleteUser (UsernameRequest) returns (google.protobuf.Empty); + rpc GetUser (UsernameRequest) returns (User); + rpc ListUsers (QueryParameter) returns (Users); + rpc CreateUser (CreateUserRequest) returns (User); + rpc UpdateUserCredentials (UpdateCredentialsRequest) returns (User); + rpc UpdateUserPermissions (UpdatePermissionsRequest) returns (User); +} + +message CreateServiceAccountRequest { + string service_account = 1; + string environment = 2; + optional string regular_expression = 3; + repeated string subject_alternative_names = 4; + repeated string certificate_authorities = 5; + string extended_key = 6; + int32 certificate_validity = 7; + string subordinate_ca = 8; + optional NodeAttestation node_attestation = 9; + string team = 10; + string email = 11; +} + +message CreateServiceAccountResponse { + string client_id = 1; + string client_token = 2; + string service_account = 3; + string environment = 4; + string regular_expression = 5; + repeated string subject_alternative_names = 6; + repeated string certificate_authorities = 7; + string extended_key = 8; + NodeAttestation node_attestation = 9; + int32 certificate_validity = 10; + string subordinate_ca = 11; + string team = 12; + string email = 13; + google.protobuf.Timestamp created_at = 14; + string created_by = 15; +} + +message ServiceAccount { + string client_id = 1; + string service_account = 2; + string environment = 3; + string regular_expression = 4; + repeated string subject_alternative_names = 5; + repeated string certificate_authorities = 6; + string extended_key = 7; + NodeAttestation node_attestation = 8; + int32 certificate_validity = 9; + string team = 10; + string email = 11; + google.protobuf.Timestamp created_at = 12; + string created_by = 13; +} + +message ServiceAccounts { + repeated ServiceAccount service_accounts = 1; +} + +message NodeAttestation { + AWSInstanceIdentityDocument aws_iid = 1; +} + +message AWSInstanceIdentityDocument { + string role_arn = 1; + string assume_role = 2; + repeated string security_groups = 3; + string region = 4; + string instance_id = 5; + string image_id = 6; + map instance_tags = 7; +} + +message ServiceAccountId { + string uuid = 1; +} + +message ServiceAccountName{ + string service_account = 1; +} + +message ProvisionServiceAccountRequest { + CreateServiceAccountRequest account = 1; +} + +message ProvisionServiceAccountResponse { + CreateServiceAccountResponse account = 1; +} + +service Service { + rpc CreateServiceAccount (CreateServiceAccountRequest) returns (CreateServiceAccountResponse); + rpc ProvisionServiceAccount (ProvisionServiceAccountRequest) returns (ProvisionServiceAccountResponse); + rpc ListServiceAccounts (QueryParameter) returns (ServiceAccounts); + rpc GetServiceAccountUuid (ServiceAccountId) returns (ServiceAccount); + rpc GetServiceAccountName (ServiceAccountName) returns (ServiceAccounts); + rpc DeleteServiceAccount (ServiceAccountId) returns (google.protobuf.Empty); +} + +message HealthCheckRequest { + string service = 1; +} + +message HealthCheckResponse { + enum ServingStatus { + UNKNOWN = 0; + SERVING = 1; + NOT_SERVING = 2; + } + ServingStatus status = 1; +} + +service Health{ + rpc Check(HealthCheckRequest) returns (HealthCheckResponse); +} \ No newline at end of file diff --git a/protos/buf.gen.yaml b/protos/buf.gen.yaml new file mode 100644 index 0000000..44df641 --- /dev/null +++ b/protos/buf.gen.yaml @@ -0,0 +1,10 @@ +version: v1 +plugins: + - name: go + out: ./gen/go + opt: + - paths=source_relative + - name: go-grpc + out: ./gen/go + opt: + - paths=source_relative \ No newline at end of file diff --git a/terraform/README.md b/terraform/README.md new file mode 100644 index 0000000..50e00d4 --- /dev/null +++ b/terraform/README.md @@ -0,0 +1,117 @@ +# `baseca` Infrastructure + +## Local Deployment Resources + +| Variable | Description | Type | Optional | Default | Example | +| ------------- | -------------------------------------- | ------ | -------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------ | +| `service` | Terraform Resource Prefix | string | true | baseca | coinbase | +| `environment` | Service Environment | string | false | | development | +| `region` | AWS Region to Deploy | string | false | | us-east-1 | +| `key_spec` | KMS Customer Managed Key Spec | string | true | RSA_4096 | [`customer_master_key_spec`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#customer_master_key_spec) | +| `bucket` | S3 Bucket Name (Kinesis Data Firehose) | string | false | | baseca-firehose-development | + +Example Local Deployment for `development/baseca` Module + +```sh +# baseca/terraform/development/baseca.tf + +module "baseca" { + source = "./baseca" + service = "baseca" + environment = "development" + region = "us-east-1" + key_spec = "RSA_4096" + bucket = "baseca-firehose-example" +} +``` + +## Production Deployment Resources + +| Variable | Description | Type | Optional | Default | Example | +| ----------------- | ---------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `service` | Terraform Resource Prefix | string | true | baseca | coinbase | +| `environment` | Service Environment | string | false | | production | +| `region` | AWS Region to Deploy | string | false | | us-east-1 | +| `key_spec` | KMS Customer Managed Key Spec | string | true | RSA_4096 | [`customer_master_key_spec`](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key#customer_master_key_spec) | +| `bucket` | S3 Bucket Name | string | false | | baseca-firehose-production | +| `acm_pca_arns` | List of Private CA ARNs in Account | list(string) | false | | ["arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"]

_**NOTE:** These are upstream Intermediate CA(s) from AWS Private CA `baseca` will be issuing Subordinate CAs from._ | +| `db_ingress_cidr` | IP CIDR Blocks for Ingress to RDS and Redis | list(string) | Requires `db_ingress_sg` if Not Used | | ["10.0.0.1/24", "10.0.0.2/24"] | +| `db_ingress_sg` | Security Groups for Ingress to RDS and Redis | list(string) | Requires `db_ingress_cidr` if Not Used | | ["10.0.0.1/24", "10.0.0.2/24"] | +| `db_subnet_ids` | Private Subnets to Deploy RDS Cluster

_**NOTE:** Minimum of two subnets in different availability zones._ | list(string) | false | | ["subnet-01234567", "subnet-09876543"] | +| `vpc_id` | VPC ID for Security Groups

_**NOTE:** `db_subnet_ids` must be within this VPC._ | string | false | | vpc-12345678 | + +Example Production Deployment for `production/baseca` Resource Module + +```sh +# baseca/terraform/production/baseca.tf + +module "baseca" { + source = "./baseca" + service = "baseca" + environment = "production" + region = "us-east-1" + key_spec = "RSA_4096" + bucket = "baseca-firehose-example" + + vpc_id = "vpc-xxxxxxxx" + db_ingress_cidr = ["10.0.0.0/8"] + db_subnet_ids = [ + "subnet-09876543", + "subnet-12345678" + ] + + acm_pca_arns = [ + "arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "arn:aws:acm-pca:us-east-1:987654321098:certificate-authority/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy" + ] +} +``` + +## Production Compute Deployment + +**DISCLAIMER:** The compute deployment is a sample of how `baseca` can run within an environment; this is not intended to be run as is and will require your organization to design the deployment pipeline for your use case. + +| Variable | Description | Type | Optional | Default | Example | +| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------- | ------- | ------------------------------------------------------------------------------------------------ | +| `service` | Terraform Resource Prefix | string | true | baseca | coinbase | +| `environment` | Service Environment | string | false | | production | +| `configuration` | Determines which Configuration File `baseca` Reads

_**NOTE:** For example, a value of `production` will read the `config.primary.production.aws.yml` file._ | string | false | | production | +| `region` | AWS Region to Deploy | string | false | | us-east-1 | +| `vpc_id` | VPC ID to Deploy ECS Service

_**NOTE:** `subnet_ids` and `db_subnet_ids` must be within this VPC._ | string | false | | vpc-12345678 | +| `subnet_ids` | VPC Subnets to Deploy ECS Service

_**NOTE:** Multiple subnets must be in different availability zones. Subnets also must be routable to Private Subnets from `db_subnet_ids`._ | list(string) | false | | ["subnet-0123456789abcdef", "subnet-9876543210fedcba"] | +| `public_ip` | Assign Public IP for ECS Service

_**NOTE:** If `public_ip` is set to `true` the `subnet_ids` must be Public Subnets._ | bool | true | false | false | +| `network_ingress` | IP CIDR Blocks to Ingress to `baseca` ECS Service Service | list(string) | false | | ["10.0.0.1/24", "10.0.0.0.24"] | +| `host_port` | Port for `baseca` ECS Service Service | int | true | 9090 | 9090 | +| `min_instance_count` | Minimum Instances for ECS Services | int | true | 1 | 2 | +| `max_instance_count` | Maximum Instances for ECS Services | int | true | 2 | 4 | +| `cpu` | Maximum CPU for ECS Task | int | true | 2048 | [cpu](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html) | +| `memory` | Maximum Memory for ECS Task | int | true | 4096 | [memory](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html) | +| `baseca_iam_role` | Task Role for `baseca` ECS Service | string | false | | `module.baseca.baseca_iam_role` | +| `ecr_repository` | `baseca` ECR Repository URL | string | false | | `module.baseca.ecr_repository` | + +Example Production Deployment for `production/baseca` Compute Module + +```sh +# baseca/terraform/production/baseca.tf + +module "compute" { + source = "./compute" + service = "baseca" + region = "us-east-1" + environment = "production" + configuration = "production" + + vpc_id = "vpc-xxxxxxxx" + subnet_ids = ["subnet-0123456789abcdef", "subnet-9876543210fedcba"] + + host_port = 9090 + network_ingress = ["10.0.0.0/8"] + public_ip = false + + baseca_iam_role = module.baseca.baseca_iam_role + ecr_repository = module.baseca.ecr_repository + depends_on = [ + module.baseca + ] +} +``` diff --git a/terraform/development/baseca/firehose.tf b/terraform/development/baseca/firehose.tf new file mode 100644 index 0000000..f171476 --- /dev/null +++ b/terraform/development/baseca/firehose.tf @@ -0,0 +1,64 @@ +resource "aws_kinesis_firehose_delivery_stream" "certificate_stream" { + name = "${var.service}-${var.environment}" + destination = "extended_s3" + + extended_s3_configuration { + role_arn = aws_iam_role.certificate_stream.arn + bucket_arn = aws_s3_bucket.certificate_metadata.arn + } +} + +resource "aws_s3_bucket" "certificate_metadata" { + bucket = var.bucket +} + +resource "aws_s3_bucket_policy" "certificate_stream" { + bucket = aws_s3_bucket.certificate_metadata.id + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Principal = { + AWS = aws_iam_role.certificate_stream.arn + }, + Action = [ + "s3:AbortMultipartUpload", + "s3:GetBucketLocation", + "s3:GetObject", + "s3:ListBucket", + "s3:ListBucketMultipartUploads", + "s3:PutObject" + ], + Resource = [ + "${aws_s3_bucket.certificate_metadata.arn}", + "${aws_s3_bucket.certificate_metadata.arn}/*" + ], + Condition = { + "Bool": { + "aws:SecureTransport": "true" + } + } + } + ] + }) +} + +data "aws_iam_policy_document" "certificate_stream" { + statement { + effect = "Allow" + + principals { + type = "Service" + identifiers = ["firehose.amazonaws.com"] + } + + actions = ["sts:AssumeRole"] + } +} + +resource "aws_iam_role" "certificate_stream" { + name = "${var.service}-${var.environment}-stream" + assume_role_policy = data.aws_iam_policy_document.certificate_stream.json +} diff --git a/terraform/development/baseca/kms.tf b/terraform/development/baseca/kms.tf new file mode 100644 index 0000000..a33ba1f --- /dev/null +++ b/terraform/development/baseca/kms.tf @@ -0,0 +1,31 @@ +resource "aws_kms_key" "signing" { + customer_master_key_spec = var.key_spec + description = "Authentication Signing" + key_usage = "SIGN_VERIFY" + deletion_window_in_days = 10 + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Principal = { + AWS = "arn:aws:iam::${data.aws_caller_identity.account.account_id}:root" + }, + Action = "kms:*" + Resource = "*" + } + ] + }) + + tags = { + Name = "${var.service}-${var.environment}" + } +} + +resource "aws_kms_alias" "baseca" { + name = "alias/${var.service}-${var.environment}" + target_key_id = aws_kms_key.signing.key_id +} + +data "aws_caller_identity" "account" {} diff --git a/terraform/development/baseca/output.tf b/terraform/development/baseca/output.tf new file mode 100644 index 0000000..828e760 --- /dev/null +++ b/terraform/development/baseca/output.tf @@ -0,0 +1,9 @@ +output "kinesis_firehose_stream" { + description = "baseca Kinesis Firehose Delivery Stream" + value = aws_kinesis_firehose_delivery_stream.certificate_stream.name +} + +output "kms_key_id" { + description = "baseca KMS Key for Signing User Auth Token" + value = aws_kms_key.signing.key_id +} \ No newline at end of file diff --git a/terraform/development/baseca/variables.tf b/terraform/development/baseca/variables.tf new file mode 100644 index 0000000..48eef22 --- /dev/null +++ b/terraform/development/baseca/variables.tf @@ -0,0 +1,31 @@ +variable "service" { + description = "Resource Prefix" + type = string + default = "baseca" +} + +variable "environment" { + description = "Service Environment" + type = string +} + +variable "region" { + description = "AWS Region" + type = string +} + +variable "key_spec" { + description = "KMS Key Spec: [SYMMETRIC_DEFAULT, RSA_2048, RSA_3072, RSA_4096, HMAC_256, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, ECC_SECG_P256K1]" + type = string + default = "RSA_4096" +} + +variable "bucket" { + description = "Bucket Name to Store Certificate Streaming Data from Firehose" + type = string +} + +variable "acm_pca_arns" { + description = "List of Supported ACM Private CA ARNs" + type = list(string) +} \ No newline at end of file diff --git a/terraform/development/output.tf b/terraform/development/output.tf new file mode 100644 index 0000000..632355c --- /dev/null +++ b/terraform/development/output.tf @@ -0,0 +1,9 @@ +output "kinesis_firehose_stream" { + description = "baseca Kinesis Firehose Delivery Stream" + value = module.baseca.kinesis_firehose_stream +} + +output "kms_key_id" { + description = "baseca KMS Key for Signing User Auth Token" + value = module.baseca.kms_key_id +} diff --git a/terraform/development/provider.tf b/terraform/development/provider.tf new file mode 100644 index 0000000..808dcf3 --- /dev/null +++ b/terraform/development/provider.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + random = { + source = "hashicorp/random" + version = "3.4.3" + } + aws = { + source = "hashicorp/aws" + version = "5.1.0" + } + } +} diff --git a/terraform/production/baseca/ecr.tf b/terraform/production/baseca/ecr.tf new file mode 100644 index 0000000..afb0b98 --- /dev/null +++ b/terraform/production/baseca/ecr.tf @@ -0,0 +1,8 @@ +resource "aws_ecr_repository" "baseca" { + name = "baseca" + image_tag_mutability = "MUTABLE" + + image_scanning_configuration { + scan_on_push = true + } +} \ No newline at end of file diff --git a/terraform/production/baseca/elasticache.tf b/terraform/production/baseca/elasticache.tf new file mode 100644 index 0000000..918cf66 --- /dev/null +++ b/terraform/production/baseca/elasticache.tf @@ -0,0 +1,47 @@ +resource "aws_elasticache_cluster" "baseca" { + cluster_id = "${var.service}-${var.environment}" + engine = "redis" + node_type = "cache.t3.small" + num_cache_nodes = 1 + parameter_group_name = aws_elasticache_parameter_group.baseca.name + engine_version = "6.2" + port = 6379 + security_group_ids = [aws_security_group.redis.id] + + snapshot_retention_limit = 7 + snapshot_window = "05:00-09:00" +} + +resource "aws_elasticache_parameter_group" "baseca" { + name = "${var.service}-${var.environment}-pg" + family = "redis6.x" +} + +resource "aws_security_group" "redis" { + name = "${var.service}-${var.environment}-redis" + description = "baseca Redis Security Group" + + dynamic "ingress" { + for_each = length(var.db_ingress_cidr) > 0 ? [1] : [] + content { + from_port = 6379 + to_port = 6379 + protocol = "tcp" + cidr_blocks = var.db_ingress_cidr + } + } + + dynamic "ingress" { + for_each = length(var.db_ingress_sg) > 0 ? [1] : [] + content { + from_port = 6379 + to_port = 6379 + protocol = "tcp" + security_groups = var.db_ingress_sg + } + } + + tags = { + Name = "${var.service}-${var.environment}-redis" + } +} \ No newline at end of file diff --git a/terraform/production/baseca/firehose.tf b/terraform/production/baseca/firehose.tf new file mode 100644 index 0000000..f171476 --- /dev/null +++ b/terraform/production/baseca/firehose.tf @@ -0,0 +1,64 @@ +resource "aws_kinesis_firehose_delivery_stream" "certificate_stream" { + name = "${var.service}-${var.environment}" + destination = "extended_s3" + + extended_s3_configuration { + role_arn = aws_iam_role.certificate_stream.arn + bucket_arn = aws_s3_bucket.certificate_metadata.arn + } +} + +resource "aws_s3_bucket" "certificate_metadata" { + bucket = var.bucket +} + +resource "aws_s3_bucket_policy" "certificate_stream" { + bucket = aws_s3_bucket.certificate_metadata.id + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Principal = { + AWS = aws_iam_role.certificate_stream.arn + }, + Action = [ + "s3:AbortMultipartUpload", + "s3:GetBucketLocation", + "s3:GetObject", + "s3:ListBucket", + "s3:ListBucketMultipartUploads", + "s3:PutObject" + ], + Resource = [ + "${aws_s3_bucket.certificate_metadata.arn}", + "${aws_s3_bucket.certificate_metadata.arn}/*" + ], + Condition = { + "Bool": { + "aws:SecureTransport": "true" + } + } + } + ] + }) +} + +data "aws_iam_policy_document" "certificate_stream" { + statement { + effect = "Allow" + + principals { + type = "Service" + identifiers = ["firehose.amazonaws.com"] + } + + actions = ["sts:AssumeRole"] + } +} + +resource "aws_iam_role" "certificate_stream" { + name = "${var.service}-${var.environment}-stream" + assume_role_policy = data.aws_iam_policy_document.certificate_stream.json +} diff --git a/terraform/production/baseca/iam.tf b/terraform/production/baseca/iam.tf new file mode 100644 index 0000000..e3f9cab --- /dev/null +++ b/terraform/production/baseca/iam.tf @@ -0,0 +1,85 @@ +resource "aws_iam_role" "compute" { + name = "${var.service}-${var.environment}" + + assume_role_policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Action = "sts:AssumeRole", + Effect = "Allow", + Principal = { + Service = ["ec2.amazonaws.com", "ecs-tasks.amazonaws.com"] + } + } + ] + }) +} + +resource "aws_iam_policy" "compute" { + name = "${var.service}-${var.environment}" + description = "baseca Control Plane Permissions" + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Action = [ + "acm-pca:WaitUntilCertificateIssued", + "acm-pca:GetCertificate", + "acm-pca:GetCertificateAuthorityCertificate", + "acm-pca:RevokeCertificate" + ] + Resource = var.acm_pca_arns + }, + { + Effect = "Allow", + Action = "acm-pca:IssueCertificate", + Resource = var.acm_pca_arns, + Condition = { + StringEquals = { + "acm-pca:TemplateArn": [ + "arn:aws:acm-pca:::template/SubordinateCACertificate_PathLen0/V1", + "arn:aws:acm-pca:::template/EndEntityClientAuthCertificate/V1", + "arn:aws:acm-pca:::template/EndEntityServerAuthCertificate/V1", + "arn:aws:acm-pca:::template/CodeSigningCertificate/V1" + ] + } + } + }, + { + Effect = "Allow", + Action = "sts:AssumeRole" + Resource = "arn:aws:iam::*:role/baseca-node-attestation" + }, + { + Effect = "Allow", + Action = [ + "firehose:PutRecord", + "firehose:PutRecordBatch" + ] + Resource = aws_kinesis_firehose_delivery_stream.certificate_stream.arn + }, + { + Effect = "Allow", + Action = [ + "secretsmanager:GetSecretValue" + ] + Resource = aws_rds_cluster.aurora_cluster.master_user_secret[0].secret_arn + }, + { + Effect = "Allow", + Action = [ + "ec2:DescribeInstances", + "iam:GetInstanceProfile" + ] + Resource = "*" + } + ] + }) +} + +resource "aws_iam_role_policy_attachment" "compute_policy_attachment" { + policy_arn = aws_iam_policy.compute.arn + role = aws_iam_role.compute.name +} diff --git a/terraform/production/baseca/kms.tf b/terraform/production/baseca/kms.tf new file mode 100644 index 0000000..1b2c40e --- /dev/null +++ b/terraform/production/baseca/kms.tf @@ -0,0 +1,44 @@ +resource "aws_kms_key" "signing" { + customer_master_key_spec = var.key_spec + description = "Authentication Signing" + key_usage = "SIGN_VERIFY" + deletion_window_in_days = 10 + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Principal = { + AWS = aws_iam_role.compute.arn + }, + Action = [ + "kms:DescribeKey", + "kms:GetPublicKey", + "kms:Verify", + "kms:Sign" + ], + Resource = "*" + }, + { + Effect = "Allow", + Principal = { + AWS = "arn:aws:iam::${data.aws_caller_identity.account.account_id}:root" + }, + Action = "kms:*" + Resource = "*" + } + ] + }) + + tags = { + Name = "${var.service}-${var.environment}" + } +} + +resource "aws_kms_alias" "baseca" { + name = "alias/${var.service}-${var.environment}" + target_key_id = aws_kms_key.signing.key_id +} + +data "aws_caller_identity" "account" {} diff --git a/terraform/production/baseca/output.tf b/terraform/production/baseca/output.tf new file mode 100644 index 0000000..42571dd --- /dev/null +++ b/terraform/production/baseca/output.tf @@ -0,0 +1,34 @@ +output "kinesis_firehose_stream" { + description = "baseca Kinesis Firehose Delivery Stream" + value = aws_kinesis_firehose_delivery_stream.certificate_stream.name +} + +output "kms_key_id" { + description = "baseca KMS Key for Signing User Auth Token" + value = aws_kms_key.signing.key_id +} + +output "rds_writer_endpoint" { + description = "baseca RDS Writer Endpoint DNS Address" + value = aws_rds_cluster.aurora_cluster.endpoint +} + +output "rds_reader_endpoint" { + description = "baseca RDS Reader Endpoint DNS Address" + value = aws_rds_cluster.aurora_cluster.reader_endpoint +} + +output "redis_endpoint" { + description = "baseca Elasticache Redis DNS Address" + value = aws_elasticache_cluster.baseca.cache_nodes.0.address +} + +output "baseca_iam_role" { + description = "baseca Control Plane IAM Role ARN" + value = aws_iam_role.compute.arn +} + +output "ecr_repository" { + description = "baseca Elastic Container Registry (ECR) ARN" + value = aws_ecr_repository.baseca.repository_url +} diff --git a/terraform/production/baseca/rds.tf b/terraform/production/baseca/rds.tf new file mode 100644 index 0000000..ac1818c --- /dev/null +++ b/terraform/production/baseca/rds.tf @@ -0,0 +1,65 @@ +resource "aws_rds_cluster" "aurora_cluster" { + cluster_identifier = "${var.service}-${var.environment}-cluster" + engine = "aurora-postgresql" + engine_version = "14" + backup_retention_period = 3 + skip_final_snapshot = true + apply_immediately = true + storage_encrypted = true + vpc_security_group_ids = [aws_security_group.baseca.id] + db_subnet_group_name = aws_db_subnet_group.baseca.name + + database_name = "baseca" + master_username = "baseca" + manage_master_user_password = true +} + +resource "aws_rds_cluster_instance" "cluster_instances" { + count = 2 + identifier = "aurora-cluster-instance-${count.index}" + cluster_identifier = aws_rds_cluster.aurora_cluster.id + instance_class = "db.t4g.medium" + engine = "aurora-postgresql" + engine_version = "14" + auto_minor_version_upgrade = true + publicly_accessible = false +} + +resource "aws_security_group" "baseca" { + name = "${var.service}-${var.environment}-db" + description = "baseca Database Security Group" + vpc_id = var.vpc_id + + dynamic "ingress" { + for_each = length(var.db_ingress_cidr) > 0 ? [1] : [] + content { + from_port = 5432 + to_port = 5432 + protocol = "tcp" + cidr_blocks = var.db_ingress_cidr + } + } + + dynamic "ingress" { + for_each = length(var.db_ingress_sg) > 0 ? [1] : [] + content { + from_port = 5432 + to_port = 5432 + protocol = "tcp" + security_groups = var.db_ingress_sg + } + } + + tags = { + Name = "${var.service}-${var.environment}-db" + } +} + +resource "aws_db_subnet_group" "baseca" { + name = "${var.service}-${var.environment}" + subnet_ids = var.db_subnet_ids + + tags = { + Name = "${var.service}-${var.environment}" + } +} \ No newline at end of file diff --git a/terraform/production/baseca/secretsmanager.tf b/terraform/production/baseca/secretsmanager.tf new file mode 100644 index 0000000..0b50939 --- /dev/null +++ b/terraform/production/baseca/secretsmanager.tf @@ -0,0 +1,4 @@ +resource "random_password" "temporary"{ + length = 16 + special = true +} \ No newline at end of file diff --git a/terraform/production/baseca/variables.tf b/terraform/production/baseca/variables.tf new file mode 100644 index 0000000..3ad5254 --- /dev/null +++ b/terraform/production/baseca/variables.tf @@ -0,0 +1,53 @@ +variable "service" { + description = "Resource Prefix" + type = string + default = "baseca" +} + +variable "environment" { + description = "Service Environment" + type = string +} + +variable "db_ingress_cidr" { + description = "List of IP CIDR Blocks for Ingress to Database" + type = list(string) +} + +variable "db_ingress_sg" { + description = "List of Security Groups for Ingress to Database" + type = list(string) + default = [] +} + +variable "db_subnet_ids" { + description = "List of Subnets for RDS Database" + type = list(string) + default = [] +} + +variable "region" { + description = "AWS Region" + type = string +} + +variable "key_spec" { + description = "KMS Key Spec: [SYMMETRIC_DEFAULT, RSA_2048, RSA_3072, RSA_4096, HMAC_256, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, ECC_SECG_P256K1]" + type = string + default = "RSA_4096" +} + +variable "bucket" { + description = "Bucket Name to Store Certificate Streaming Data from Firehose" + type = string +} + +variable "acm_pca_arns" { + description = "List of Supported ACM Private CA ARNs" + type = list(string) +} + +variable "vpc_id" { + description = "AWS VPC ID" + type = string +} \ No newline at end of file diff --git a/terraform/production/compute/ecs.tf b/terraform/production/compute/ecs.tf new file mode 100644 index 0000000..6da02f8 --- /dev/null +++ b/terraform/production/compute/ecs.tf @@ -0,0 +1,142 @@ +resource "aws_ecs_cluster" "baseca" { + name = "${var.service}-${var.environment}" +} + +resource "aws_ecs_service" "baseca" { + name = "${var.service}-${var.environment}" + cluster = aws_ecs_cluster.baseca.id + task_definition = aws_ecs_task_definition.baseca.arn + desired_count = var.min_instance_count + launch_type = "FARGATE" + + network_configuration { + subnets = var.subnet_ids + security_groups = [aws_security_group.baseca.id] + assign_public_ip = var.public_ip ? true : false + } + + lifecycle { + ignore_changes = [ + desired_count + ] + } +} + +resource "aws_ecs_task_definition" "baseca" { + family = "${var.service}-${var.environment}" + network_mode = "awsvpc" + requires_compatibilities = ["FARGATE"] + cpu = var.cpu + memory = var.memory + execution_role_arn = aws_iam_role.ecs_task_execution_role.arn + task_role_arn = var.baseca_iam_role + + container_definitions = jsonencode([{ + name = "baseca" + image = "${var.ecr_repository}:latest" + essential = true + portMappings = [{ + containerPort = var.host_port + hostPort = var.host_port + protocol = "tcp" + }] + + environment = [ + { + "name": "ENVIRONMENT", + "value": var.environment + }, + { + "name": "CONFIGURATION", + "value": var.configuration + } + ] + + mountPoints = [{ + sourceVolume = "efs" + containerPath = "/tmp/baseca/ssl" + }] + + logConfiguration = { + logDriver = "awslogs" + options = { + awslogs-group = var.service + awslogs-region = var.region + awslogs-stream-prefix = var.environment + } + } + }]) + + volume { + name = "efs" + + efs_volume_configuration { + file_system_id = aws_efs_file_system.efs.id + root_directory = "/" + transit_encryption = "ENABLED" + transit_encryption_port = 2049 + authorization_config { + access_point_id = aws_efs_access_point.access_point.id + iam = "ENABLED" + } + } + } +} + +resource "aws_security_group" "baseca" { + name = "${var.service}-${var.environment}-compute" + description = "baseca Instance Control Plane" + vpc_id = var.vpc_id + + ingress { + from_port = var.host_port + to_port = var.host_port + protocol = "tcp" + cidr_blocks = var.network_ingress + } + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = var.network_ingress + } + + egress { + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 2049 + to_port = 2049 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 5432 + to_port = 5432 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 6379 + to_port = 6379 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = var.service + Environment = var.environment + } +} + +resource "aws_cloudwatch_log_group" "baseca" { + name = var.service + retention_in_days = 14 +} diff --git a/terraform/production/compute/efs.tf b/terraform/production/compute/efs.tf new file mode 100644 index 0000000..d67e578 --- /dev/null +++ b/terraform/production/compute/efs.tf @@ -0,0 +1,121 @@ +resource "aws_efs_file_system" "efs" { + creation_token = "${var.service}-${var.environment}" + + encrypted = true + kms_key_id = aws_kms_key.baseca_efs.arn + + tags = { + Name = var.service + Environment = var.environment + } +} + +resource "aws_efs_mount_target" "efs_mount_target" { + count = length(var.subnet_ids) + file_system_id = aws_efs_file_system.efs.id + subnet_id = var.subnet_ids[count.index] + security_groups = [aws_security_group.efs.id] +} + +resource "aws_efs_access_point" "access_point" { + file_system_id = aws_efs_file_system.efs.id + + posix_user { + gid = 1000 + uid = 1000 + } + + root_directory { + path = "/baseca" + creation_info { + owner_gid = 1000 + owner_uid = 1000 + permissions = "755" + } + } +} + +resource "aws_efs_file_system_policy" "efs_policy" { + file_system_id = aws_efs_file_system.efs.id + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Principal = { + AWS = var.baseca_iam_role + }, + Action = [ + "elasticfilesystem:ClientMount", + "elasticfilesystem:ClientWrite" + ], + Resource = [ + "arn:aws:elasticfilesystem:${var.region}:${data.aws_caller_identity.account.account_id}:file-system/${aws_efs_file_system.efs.id}" + ], + Condition = { + "Bool": { + "aws:SecureTransport": "true" + } + } + } + ] + }) +} + +resource "aws_iam_policy" "efs_write_access" { + name = "${var.service}-${var.environment}-efs" + description = "baseca Write Access to EFS" + + policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Effect = "Allow", + Action = [ + "elasticfilesystem:ClientWrite", + "elasticfilesystem:ClientMount" + ], + Resource = [ + "arn:aws:elasticfilesystem:${var.region}:${data.aws_caller_identity.account.account_id}:file-system/${aws_efs_file_system.efs.id}" + ], + Condition = { + "Bool": { + "aws:SecureTransport": "true" + } + } + } + ] + }) +} + +resource "aws_iam_role_policy_attachment" "baseca_efs" { + role = "${var.service}-${var.environment}" + policy_arn = aws_iam_policy.efs_write_access.arn +} + +resource "aws_security_group" "efs" { + name = "${var.service}-${var.environment}-efs" + description = "baseca EFS Volume Security Group" + vpc_id = var.vpc_id + + ingress { + from_port = 2049 + to_port = 2049 + protocol = "tcp" + security_groups = [aws_security_group.baseca.id] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_kms_key" "baseca_efs" { + description = "baseca EFS Encryption Key" +} + +data "aws_caller_identity" "account" {} diff --git a/terraform/production/compute/iam.tf b/terraform/production/compute/iam.tf new file mode 100644 index 0000000..729ddc8 --- /dev/null +++ b/terraform/production/compute/iam.tf @@ -0,0 +1,21 @@ +resource "aws_iam_role" "ecs_task_execution_role" { + name = "${var.service}-${var.environment}-ecs" + + assume_role_policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Action = "sts:AssumeRole", + Effect = "Allow", + Principal = { + Service = ["ecs-tasks.amazonaws.com"] + } + } + ] + }) +} + +resource "aws_iam_role_policy_attachment" "ecs_task_execution_role_policy_attachment" { + role = aws_iam_role.ecs_task_execution_role.name + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" +} diff --git a/terraform/production/compute/variables.tf b/terraform/production/compute/variables.tf new file mode 100644 index 0000000..ffa2b0f --- /dev/null +++ b/terraform/production/compute/variables.tf @@ -0,0 +1,86 @@ +variable "service" { + description = "Resource Prefix" + type = string + default = "baseca" +} + +variable "environment" { + description = "Service Environment" + type = string +} + +variable "region" { + description = "AWS Region" + type = string +} + +variable "configuration" { + description = "baseca Deployment Configuration" + type = string +} + +variable "vpc_id" { + description = "AWS VPC ID" + type = string +} + +variable "public_ip" { + description = "ECS Assign Public IP" + type = bool + default = false +} + +variable "subnet_ids" { + type = list(string) +} + +variable "network_ingress" { + description = "List of IP CIDR Blocks for Ingress to Service" + type = list(string) +} + +variable "host_port" { + description = "EC2 Instance Service" + type = number + default = 9090 +} + +variable "lb_port" { + description = "Application Load Balancer Port" + type = number + default = 9090 +} + +variable "min_instance_count" { + description = "Minimum Instances in Target Group" + type = number + default = 1 +} + +variable "max_instance_count" { + description = "Maximum Instance in Target Group" + type = number + default = 2 +} + +variable "cpu" { + description = "CPU Allocated for ECS Service" + type = number + default = 2048 +} + +variable "memory" { + description = "RAM Allocated for ECS Service" + type = number + default = 4096 +} + +variable "baseca_iam_role" { + description = "baseca Control Plane IAM Role ARN" + type = string +} + +variable "ecr_repository" { + description = "baseca ECR Registry ARN" + type = string +} \ No newline at end of file diff --git a/terraform/production/output.tf b/terraform/production/output.tf new file mode 100644 index 0000000..65d0eab --- /dev/null +++ b/terraform/production/output.tf @@ -0,0 +1,29 @@ +output "kinesis_firehose_stream" { + description = "baseca Kinesis Firehose Delivery Stream" + value = module.baseca.kinesis_firehose_stream +} + +output "kms_key_id" { + description = "baseca KMS Key for Signing User Auth Token" + value = module.baseca.kms_key_id +} + +output "rds_writer_endpoint" { + description = "baseca RDS Writer Endpoint DNS Address" + value = module.baseca.rds_writer_endpoint +} + +output "rds_reader_endpoint" { + description = "baseca RDS Reader Endpoint DNS Address" + value = module.baseca.rds_reader_endpoint +} + +output "redis_endpoint" { + description = "baseca Elasticache Redis DNS Address" + value = module.baseca.redis_endpoint +} + +output "ecr_repository" { + description = "baseca Elastic Container Registry (ECR) ARN" + value = module.baseca.ecr_repository +} \ No newline at end of file diff --git a/terraform/production/provider.tf b/terraform/production/provider.tf new file mode 100644 index 0000000..808dcf3 --- /dev/null +++ b/terraform/production/provider.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + random = { + source = "hashicorp/random" + version = "3.4.3" + } + aws = { + source = "hashicorp/aws" + version = "5.1.0" + } + } +} diff --git a/test/config.go b/test/config.go new file mode 100644 index 0000000..e767b22 --- /dev/null +++ b/test/config.go @@ -0,0 +1,62 @@ +package test + +import ( + "fmt" + "os" + "path/filepath" + "runtime" + + "github.com/coinbase/baseca/internal/config" + "github.com/coinbase/baseca/internal/logger" +) + +const ( + configuration = "config.test.local.sandbox.yml" +) + +func GetTestConfigurationPath() (*config.Config, error) { + _, filename, _, ok := runtime.Caller(0) + if !ok { + fmt.Println("Error: Unable to get current file path") + } + + baseDir := filepath.Dir(filename) + for { + if _, err := os.Stat(filepath.Join(baseDir, "go.mod")); err == nil { + break + } + + parentDir := filepath.Dir(baseDir) + if parentDir == baseDir { + fmt.Println("Error: Unable to find base directory") + break + } + + baseDir = parentDir + } + + path := fmt.Sprintf("%s/test/config/%s", baseDir, configuration) + config, err := provideConfig(path) + if err != nil { + return nil, err + } + return config, nil +} + +func provideConfig(path string) (*config.Config, error) { + ctxLogger := logger.ContextLogger{Logger: logger.DefaultLogger} + + v, err := config.BuildViper(path) + if err != nil { + ctxLogger.Error(err.Error()) + } + + config, err := config.LoadConfig(v) + if err != nil { + return nil, err + } + + return config, err +} + +// diff --git a/test/config/config.test.local.sandbox.yml b/test/config/config.test.local.sandbox.yml new file mode 100644 index 0000000..beeb2d4 --- /dev/null +++ b/test/config/config.test.local.sandbox.yml @@ -0,0 +1,59 @@ +grpc_server_address: 0.0.0.0:9090 + +ocsp_server: + - sandbox.ocsp.example.com + +database: + database_driver: postgres + database_table: baseca + database_endpoint: localhost + database_reader_endpoint: localhost + database_user: root + database_port: 5432 + region: us-east-1 + ssl_mode: disable + +redis: + cluster_endpoint: xxxxxx.xxxxxx.000000.0001.use1.cache.amazonaws.com + port: 6379 + rate_limit: 20 + +domains: + - example.com + +acm_pca: + sandbox_use1: + region: us-east-1 + ca_arn: arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + ca_active_day: 90 + assume_role: false + root_ca: false + +firehose: + stream: baseca-test + region: us-east-1 + +kms: + key_id: 12345678-1234-1234-1234-123456789012 + signing_algorithm: RSASSA_PSS_SHA_512 + region: us-east-1 + auth_validity: 720 + +secrets_manager: + secret_id: baseca-xxxxxxxxxxxx + region: us-east-1 + +subordinate_ca_metadata: + country: "US" + province: "CA" + locality: "San Francisco" + organization: "Example" + organization_unit: "Security" + email: "example@example.com" + signing_algorithm: SHA512WITHRSA + key_algorithm: "RSA" + key_size: 4096 + +certificate_authority: + sandbox: + - sandbox_use1 \ No newline at end of file