From 6eb182ba9c93f87342d6bbc9b077f144eedcf365 Mon Sep 17 00:00:00 2001
From: "Mohammad J. Zamani" <mohammadjavad.zamani-pozveh@t-systems.com>
Date: Mon, 16 Sep 2024 13:28:35 +0000
Subject: [PATCH 1/2] feat: transformed

---
 .../overview.md                               |  33 ++++
 .../planning-networks-and-resources.md        | 134 ++++++++++++++
 .../procedure.md                              | 164 ++++++++++++++++++
 sidebars.ts                                   |  30 +++-
 .../en-us_image_0000001592878805.png          | Bin 0 -> 47792 bytes
 5 files changed, 355 insertions(+), 6 deletions(-)
 create mode 100644 docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md
 create mode 100644 docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md
 create mode 100644 docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md
 create mode 100644 static/img/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/en-us_image_0000001592878805.png
diff --git a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md
new file mode 100644
index 000000000..3c3aa9631
--- /dev/null
+++ b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md
@@ -0,0 +1,33 @@
+---
+id: overview
+title: Overview
+tags: [vpn]
+---
+
+
+# Overview
+
+### Scenario
+
+To meet service requirements, enterprise A needs to implement communication between its two on-premises data centers.
+
+### Networking
+
+[Figure 1](#figure-1) shows the networking where the VPN service is used to connect the two on-premises data centers.
+
+<a id="figure-1"></a>
+
+**Figure 1** Networking diagram  
+![](/img/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/en-us_image_0000001592878805.png)
+
+### Solution Advantages
+
+*   A VPN gateway on the cloud can function as a VPN hub to enable communication between on-premises branch sites. This eliminates the need to configure VPN connections between every two sites.
+*   A VPN gateway provides two IP addresses to establish dual independent VPN connections with each customer gateway. If one VPN connection fails, traffic can be quickly switched to the other VPN connection, ensuring reliability.
+
+### Limitations and Constraints
+
+*   The local and customer subnets of the VPN gateway cannot be the same. That is, the VPC subnet and the data center subnet to be interconnected cannot be the same.
+*   The IKE policy, IPsec policy, and PSK of the VPN gateway must be the same as those of the customer gateway.
+*   The local and remote interface address configurations on the VPN gateway and customer gateway are reversed.
+*   The security groups associated with ECSs in the VPC permit access from and to the on-premises data center.
diff --git a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md
new file mode 100644
index 000000000..17f26e201
--- /dev/null
+++ b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md
@@ -0,0 +1,134 @@
+---
+id: planning-networks-and-resources
+title: Planning Networks and Resources
+tags: [vpn]
+---
+
+# Planning Networks and Resources
+
+### Data Plan
+
+**Table 1: Data Plan**
+
+<!-- INFO: Because some cells are merged together and MDX doesn't support it, HTML table is used -->
+
+<table>
+  <thead>
+    <tr>
+      <th>Category</th>
+      <th>Item</th>
+      <th>Data</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td>VPC</td>
+      <td>Subnet that needs to access the on-premises data centers</td>
+      <td>
+        • 192.168.0.0/24<br/>
+        • 192.168.1.0/24
+      </td>
+    </tr>
+    <tr>
+      <td rowspan="3">VPN gateway</td>
+      <td>Interconnection subnet</td>
+      <td>
+        This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses.<br/><br/>
+        192.168.2.0/24
+      </td>
+    </tr>
+    <tr>
+      <td>HA Mode</td>
+      <td>Active-active</td>
+    </tr>
+    <tr>
+      <td>EIP</td>
+      <td>
+        EIPs are automatically generated when you create them. By default, a VPN gateway uses two EIPs. In this example, the EIPs are as follows:<br/><br/>
+        • Active EIP: 1.1.1.2<br/>
+        • Active EIP 2: 2.2.2.2
+      </td>
+    </tr>
+    <tr>
+      <td>VPN connection</td>
+      <td>Tunnel interface address</td>
+      <td>
+        This address is used by a VPN gateway to establish an IPsec tunnel with a customer gateway. At the two ends of the IPsec tunnel, the configured local and remote tunnel interface addresses must be reversed.<br/><br/>
+        VPN connections set up with on-premises data center 1:<br/>
+        • VPN connection 1: 169.254.70.1/30<br/>
+        • VPN connection 2: 169.254.71.1/30<br/><br/>
+        VPN connections set up with on-premises data center 2:<br/>
+        • VPN connection 3: 169.254.72.1/30<br/>
+        • VPN connection 4: 169.254.73.1/30
+      </td>
+    </tr>
+    <tr>
+      <td>On-premises data center 1</td>
+      <td>Subnet that needs to access the VPC</td>
+      <td>172.16.0.0/16</td>
+    </tr>
+    <tr>
+      <td rowspan="2">Customer gateway in on-premises data center 1</td>
+      <td>Public IP address</td>
+      <td>
+        This public IP address is assigned by a carrier. In this example, the public IP address is:<br/><br/>
+        1.1.1.1
+      </td>
+    </tr>
+    <tr>
+      <td>Tunnel interface address</td>
+      <td>
+        • VPN connection 1: 169.254.70.2/30<br/>
+        • VPN connection 2: 169.254.71.2/30
+      </td>
+    </tr>
+    <tr>
+      <td>On-premises data center 2</td>
+      <td>Subnet that needs to access the VPC</td>
+      <td>10.10.0.0/16</td>
+    </tr>
+    <tr>
+      <td rowspan="2">Customer gateway in on-premises data center 2</td>
+      <td>Public IP address</td>
+      <td>
+        This public IP address is assigned by a carrier. In this example, the public IP address is:<br/><br/>
+        2.2.2.1
+      </td>
+    </tr>
+    <tr>
+      <td>Tunnel interface address</td>
+      <td>
+        • VPN connection 3: 169.254.72.2/30<br/>
+        • VPN connection 4: 169.254.73.2/30
+      </td>
+    </tr>
+    <tr>
+      <td rowspan="3">IKE and IPsec policies</td>
+      <td>PSK</td>
+      <td>Test@123</td>
+    </tr>
+    <tr>
+      <td>IKE policy</td>
+      <td>
+        • Authentication algorithm: SHA2-256<br/>
+        • Encryption algorithm: AES-128<br/>
+        • DH algorithm: Group 15<br/>
+        • Version: v2<br/>
+        • Lifetime (s): 86400<br/>
+        • Local ID: IP address<br/>
+        • Peer ID: IP address
+      </td>
+    </tr>
+    <tr>
+      <td>IPsec policy</td>
+      <td>
+        • Authentication algorithm: SHA2-256<br/>
+        • Encryption algorithm: AES-128<br/>
+        • PFS: DH Group15<br/>
+        • Transfer protocol: ESP<br/>
+        • Lifetime (s): 3600
+      </td>
+    </tr>
+  </tbody>
+</table>
+
diff --git a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md
new file mode 100644
index 000000000..a43d26a35
--- /dev/null
+++ b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md
@@ -0,0 +1,164 @@
+---
+id: procedure
+title: Procedure
+tags: [vpn]
+---
+
+# Procedure
+
+### Prerequisites
+
+*   Cloud side
+    *   A VPC has been created. For details about how to create a VPC, see [Creating a VPC](https://docs.otc.t-systems.com/virtual-private-cloud/umn/vpc_and_subnet/vpc/creating_a_vpc.html).
+    *   Security group rules have been configured for the VPC, and ECSs can communicate with other devices on the cloud. For details about how to configure security group rules, see [Security Group Rules](https://docs.otc.t-systems.com/virtual-private-cloud/umn/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.html).
+*   Data center side
+    *   IPsec has been configured on the VPN devices in the two on-premises data centers. For details, see [Administrator Guide](https://docs.otc.t-systems.com/virtual-private-network/umn/administrator_guide/index.html).
+    *   The remote subnets of the VPN device in on-premises data center 1 must contain the local subnet of the Open Telekom Cloud VPC and the subnet to be interconnected in on-premises data center 2. The remote subnets of the VPN device in on-premises data center 2 must contain the local subnet of the Open Telekom Cloud VPC and the subnet to be interconnected in on-premises data center 1.
+
+### Procedure
+
+Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and policy-based mode. The following uses the static routing mode as an example.
+
+1.  Configure a VPN gateway.
+    1.  Choose **Virtual Private Network** > **Enterprise – VPN Gateways**, and click **Create VPN Gateway**.
+    2.  Set parameters as prompted.
+        
+        [Table 1](#table-1) only describes the key parameters for creating a VPN gateway.
+        
+        <a id="table-1"></a>
+
+        **Table 1** Description of VPN gateway parameters        
+        | Parameter              | Description                                                                                                                                                      | Value                         |
+        | ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- |
+        | Name                   | Name of a VPN gateway.                                                                                                                                           | vpngw-001                     |
+        | Network Type           | Select **Public network**.                                                                                                                                       | Public network                |
+        | Associate With         | Select **VPC**. If the VPN gateway is associated with an enterprise router, select **Enterprise Router**.                                                        | VPC                           |
+        | VPC                    | Open Telekom Cloud VPC that the on-premises data centers need to access.                                                                                               | vpc-001(192.168.0.0/16)       |
+        | Local Subnet           | VPC subnets that the on-premises data centers need to access.                                                                                                    | 192.168.0.0/24,192.168.1.0/24 |
+        | Interconnection Subnet | This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses. | 192.168.2.0/24                |
+        | BGP ASN                | BGP AS number.                                                                                                                                                   | 64512                         |
+        | HA Mode                | Select **Active-active**.                                                                                                                                        | Active-active                 |
+        | Active EIP             | EIP 1 used by the VPN gateway to access the on-premises data center.                                                                                             | 1.1.1.2                       |
+        | Active EIP 2           | EIP 2 used by the VPN gateway to access the on-premises data center.                                                                                             | 2.2.2.2                       |
+
+        
+2.  Configure customer gateways.
+    1.  Choose **Virtual Private Network** > **Enterprise – Customer Gateways**, and click **Create Customer Gateway**.
+    2.  Set parameters as prompted.
+        
+        [Table 2](#table-2) only describes the key parameters for creating a customer gateway.
+        
+        <a id="table-2"></a>
+        
+        **Table 2** Description of customer gateway parameters
+
+        | Parameter          | Description                                                                                                                                                                                                                        | Value   |
+        | ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+        | Name               | Name of a customer gateway.                                                                                                                                                                                                        | cgw-fw1 |
+        | Routing Mode       | Select **Static**.                                                                                                                                                                                                                 | Static  |
+        | Gateway IP Address | IP address used by the customer gateway in on-premises data center 1 to communicate with the Open Telekom Cloud VPN gateway. <br/> Ensure that UDP port 4500 is permitted on the customer gateway device in the on-premises data center. | 1.1.1.1 |
+
+
+        
+    3.  Repeat the preceding operations to configure the customer gateway (2.2.2.1) in on-premises data center 2.
+3.  Configure VPN connections between the cloud side and on-premises data center 1.
+    1.  Choose **Virtual Private Network** > **Enterprise – VPN Connections**, and click **Create VPN Connection**.
+    2.  Set parameters for VPN connection 1 and click **Submit**.
+        
+        [Table 3](#table-3) only describes the key parameters for creating a VPN connection.
+        
+        <a id="table-3"></a>
+        
+        **Table 3** Description of VPN connection parameters
+
+        | Parameter                         | Description                                                                                                                                                                                                                                                                                                     | Value            |
+        | --------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
+        | Name                              | Name of a VPN connection.                                                                                                                                                                                                                                                                                       | vpn-001          |
+        | VPN Gateway                       | VPN gateway for which the VPN connection is created.                                                                                                                                                                                                                                                            | vpngw-001        |
+        | Gateway IP Address                | Active EIP bound to the VPN gateway.                                                                                                                                                                                                                                                                            | 1.1.1.2          |
+        | VPN Type                          | Select **Static routing**.                                                                                                                                                                                                                                                                                      | Static routing   |
+        | Customer Gateway                  | Name of a customer gateway.                                                                                                                                                                                                                                                                                     | cgw-fw1          |
+        | Customer Subnet                   | Subnet in on-premises data center 1 that needs to access the VPC on Open Telekom Cloud.  A customer subnet cannot be included in any local subnet or any subnet of the VPC to which the VPN gateway is attached.   Reserved VPC CIDR blocks such as 100.64.0.0/10 and 214.0.0.0/8 cannot be used as customer subnets. | 172.16.0.0/16    |
+        | Interface IP Address Assignment   | Manually specify In this example, select **Manually specify**. Automatically assign                                                                                                                                                                                                                             | Manually specify |
+        | Local Tunnel Interface Address    | Tunnel interface IP address configured on the VPN gateway.                                                                                                                                                                                                                                                      | 169.254.70.1     |
+        | Customer Tunnel Interface Address | Tunnel interface IP address configured on the customer gateway device.                                                                                                                                                                                                                                          | 169.254.70.2     |
+        | Link Detection                    | Whether to enable route reachability detection in multi-link scenarios. When NQA is enabled, ICMP packets are sent for detection and your device needs to respond to these ICMP packets.                                                                                                                        | **NQA** enabled  |
+        | PSK, Confirm PSK                  | The value must be the same as the PSK configured on the customer gateway device.                                                                                                                                                                                                                                | Test@123         |
+        | Policy Settings                   | The policy settings must be the same as those on the customer gateway device.                                                                                                                                                                                                                                   | Default          |
+
+
+        
+    3.  Create VPN connection 2.
+        
+        :::note
+        For VPN connection 2, you are advised to use the same parameter settings as VPN connection 1, except the parameters listed in the following table.
+        :::
+        
+        <a id="table-4"></a>
+
+        **Table 4** Parameter settings for VPN connection 2
+
+        | Parameter                         | Description                                | Value        |
+        | --------------------------------- | ------------------------------------------ | ------------ |
+        | Name                              | Name of a VPN connection.                  | vpn-002      |
+        | Gateway IP Address                | Active EIP 2 bound to the VPN gateway.     | 2.2.2.2      |
+        | Local Tunnel Interface Address    | Tunnel IP address of the VPN gateway.      | 169.254.71.1 |
+        | Customer Tunnel Interface Address | Tunnel IP address of the customer gateway. | 169.254.71.2 |
+        
+4.  Configure VPN connections between the cloud side and on-premises data center 2.
+    1.  Choose **Virtual Private Network** > **Enterprise – VPN Connections**, and click **Create VPN Connection**.
+    2.  Set parameters for VPN connection 1 as prompted and click **Submit**.
+        
+        [Table 5](#table-5) only describes the key parameters for creating a VPN connection.
+
+        <a id="table-5"></a>
+
+        **Table 5** Description of VPN connection parameters
+        
+        | Parameter                         | Description                                                                                                                                                                                                                                                                                                     | Value            |
+        | --------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
+        | Name                              | Name of a VPN connection.                                                                                                                                                                                                                                                                                       | vpn-003          |
+        | VPN Gateway                       | VPN gateway for which the VPN connection is created.                                                                                                                                                                                                                                                            | vpngw-001        |
+        | Gateway IP Address                | Active EIP bound to the VPN gateway.                                                                                                                                                                                                                                                                            | 1.1.1.2          |
+        | Customer Gateway                  | Name of a customer gateway.                                                                                                                                                                                                                                                                                     | cgw-fw2          |
+        | VPN Type                          | Select **Static routing**.                                                                                                                                                                                                                                                                                      | Static routing   |
+        | Customer Subnet                   | Subnet in on-premises data center 2 that needs to access the VPC on Open Telekom Cloud.  A customer subnet cannot be included in any local subnet or any subnet of the VPC to which the VPN gateway is attached.   Reserved VPC CIDR blocks such as 100.64.0.0/10 and 214.0.0.0/8 cannot be used as customer subnets. | 10.10.0.0/16     |
+        | Interface IP Address Assignment   | **Manually specify** In this example, select Manually specify. Automatically assign                                                                                                                                                                                                                             | Manually specify |
+        | Local Tunnel Interface Address    | Tunnel interface IP address configured on the VPN gateway.                                                                                                                                                                                                                                                      | 169.254.72.1     |
+        | Customer Tunnel Interface Address | Tunnel interface IP address configured on the customer gateway device.                                                                                                                                                                                                                                          | 169.254.72.2     |
+        | Link Detection                    | Whether to enable route reachability detection in multi-link scenarios. When NQA is enabled, ICMP packets are sent for detection and your device needs to respond to these ICMP packets.                                                                                                                        | **NQA** enabled  |
+        | PSK, Confirm PSK                  | The value must be the same as the PSK configured on the customer gateway device in on-premises data center 2.                                                                                                                                                                                                   | Test@123         |
+        | Policy Settings                   | The policy settings must be the same as those configured on the customer gateway device in on-premises data center 2.                                                                                                                                                                                           | Default          |
+
+
+        
+    3.  Create VPN connection 2.
+        
+        :::note 
+        For VPN connection 2, you are advised to use the same parameter settings as VPN connection 1, except the parameters listed in the following table.
+        :::
+        
+        <a id="table-6"></a>
+
+        **Table 6** Parameter settings for VPN connection 2
+
+        | Parameter                         | Description                                                             | Value        |
+        | --------------------------------- | ----------------------------------------------------------------------- | ------------ |
+        | Name                              | Name of a VPN connection.                                               | vpn-004      |
+        | Gateway IP Address                | Active EIP 2 bound to the VPN gateway.                                  | 2.2.2.2      |
+        | Local Tunnel Interface Address    | Tunnel IP address of the VPN gateway.                                   | 169.254.73.1 |
+        | Customer Tunnel Interface Address | Tunnel IP address of the customer gateway in on-premises data center 2. | 169.254.73.2 |
+
+        
+5.  Configure customer gateway devices in on-premises data centers 1 and 2.
+    
+    The configuration procedures may vary according to the type of the customer gateway device. For details, see [Administrator Guide](https://docs.otc.t-systems.com/virtual-private-network/umn/administrator_guide/index.html).
+    
+
+### Verification
+
+*   About 5 minutes later, check states of the VPN connections.
+    
+    Choose **Virtual Private Network** > **Enterprise – VPN Connections**. The states of the four VPN connections are all **Normal**.
+    
+*   Verify that servers in on-premises data center 1 and servers in on-premises data center 2 can ping each other.
diff --git a/sidebars.ts b/sidebars.ts
index 96712ce9d..ba2ec9e55 100644
--- a/sidebars.ts
+++ b/sidebars.ts
@@ -276,7 +276,7 @@ const sidebars: SidebarsConfig = {
               type: 'category',
               label: 'Migrating Clusters from Other Clouds to CCE',
               link: {
-                type: 'doc', 
+                type: 'doc',
                 id: 'best-practices/containers/cloud-container-engine/migrating-from-other_clouds-to-cce'
               },
               items: [
@@ -291,11 +291,11 @@ const sidebars: SidebarsConfig = {
                 {
                   type: 'doc',
                   id: 'best-practices/containers/cloud-container-engine/updating-resources',
-                },   
+                },
                 {
                   type: 'doc',
                   id: 'best-practices/containers/cloud-container-engine/debugging-and-starting-the-application',
-                },   
+                },
               ],
             },
             {
@@ -452,7 +452,7 @@ const sidebars: SidebarsConfig = {
           type: 'category',
           label: 'Cloud Create 🔥',
           link: {
-            type: 'doc', 
+            type: 'doc',
             id: 'best-practices/management-and-deployment/cloud-create/cloud-create'
           },
           items: [
@@ -460,7 +460,7 @@ const sidebars: SidebarsConfig = {
               type: 'category',
               label: 'Google Cloud',
               link: {
-                type: 'doc', 
+                type: 'doc',
                 id: 'best-practices/management-and-deployment/cloud-create/google-cloud/google',
               },
               items: [
@@ -488,7 +488,7 @@ const sidebars: SidebarsConfig = {
               //   keywords: ['cloud-create'],
               // },
               link: {
-                type: 'doc', 
+                type: 'doc',
                 id: 'best-practices/management-and-deployment/cloud-create/service-catalogs/service-catalogs'
               },
               items: [
@@ -718,6 +718,24 @@ const sidebars: SidebarsConfig = {
               label: '📚 Go to Help Center',
               href: 'https://docs.otc.t-systems.com/virtual-private-network/index.html',
             },
+            {
+              type: 'category',
+              label: 'Connecting Multiple On-premises Branch Networks Through a VPN Hub',
+              items: [
+                {
+                  type: 'doc',
+                  id: 'best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview',
+                },
+                {
+                  type: 'doc',
+                  id: 'best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources',
+                },
+                {
+                  type: 'doc',
+                  id: 'best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure',
+                }
+              ],
+            },
           ],
         },
       ],
diff --git a/static/img/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/en-us_image_0000001592878805.png b/static/img/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/en-us_image_0000001592878805.png
new file mode 100644
index 0000000000000000000000000000000000000000..0df4d74c14c6f32323bf644f5eaef0969ed60045
GIT binary patch
literal 47792
zcmbrmWn7fq*ES5I1IW;*L&MNr0z(Uoz#t)|c!2@}BGTR6N~g4xgi0wOAPtg&h?KMp
z-3`LPvj?yH|2+5e-tU+9{cw5xICIb5d#!b>V;$>^xUZp1e4XYx4h{}6N(HHngM&wm
zgM<5%00NG<Yqs-)|KU1mD=XlX_S3C^KdxHHtIOlyRKyUSnOp;ZGnuMrtK;B!vg6?R
z2jk%U0f+pTad2D&ad1|Rad0GG<KWz~Rq1}6yZRUSFv;E=Rp|HHk(sp^k|Q%8+L
z%Ims6*~ldNqUZGIqKSEwpJhQC8M03*RFJK$TAS=}D%$;7Q&qh-`W~|adYXxnu=X}Z
zn_vRFZkMrk+V?VrNLF2)_|rER9)1I!u2y9qk7T{JJ|0PUWn(-BtiC-tsyf`%U-M`j
zSn|k{r0qFAYP#5<5w~4$Jl&K!8h&VG`D8C`)Vq7Yu6q2LZ7*MqvjPEgu)Xcje6*A;
zdgkKXZS<3+PT1b|V!B<OQWVX<m-pK>o-A&5+%j@L-K@9UE}{Z=sisSQeD>{Ev)a+-
z6y`c}FsDo7@oyq=hu=uI^OGfft6(yP@E>pce^psE3~j$MI%_Q>!@dg~6-+0KwxCcT
z&?1Qol{=dwZHdR85u01+Vg;wM*F?lhqb{!{h@<FE2quFEqEX-kQaYZ45c>!MW^K5~
z<z3($8}=abD)u^saCcTsis9CWMm`I&nEfGRuBPwZN2T?f*OM>rLh6m1HDL~&)N;!u
z*4}@d%<|e?(Ll@vk68%GTTC%4hF-mQvH)huC4obeBso5aWpA^73vy2sUqhp`S?FUE
zd7Mm_=rHj=U~FUIXw=<1qot2A9FWZfP1zMWTG1C&21Zb|*McoGUd#@i^lqOyvfSbN
zB@z%4I#{0`amE|lsk+(+AO5*!g{)S|!v5HH77y)!y)KrRW6j7-L0&&Fa}^s%c$UXv
z>KNx9nDF&cjv!3z_N=?01Mh6CJ%4|%2dtJP=E<IA-d?rcvGn`;^FM3z$pJoU!tJ#-
zQk}GuBBRC)Q>4LVGIrBnjBTV{H4f7e4o}OgCu0{8^;sDHj4;gWbt$3WcB4;?PHiY#
z&gV{rSM+kXVwc@2w_5%jO?wSwxA_un2KgW~kB=&5Vy(($R2w`G&Z_<#tlfG~j$NQG
za$U`*6d|aKbBws5+muU-w)C9M<2vV^p_ey!#NHb<`L;25tyh?APS*Mwz{g}=*Y)KF
ze0jr`1nQRIP0);^xiH4VJvyheoz7E_L%vhWmziN+b7O_szP|*VNH)pGo*nhbPO{iH
zkxh$x%h6FbrXc&$M0pOU0!;PAl6fEfmfLWvSlE`Kc8%VaVGXn~yv2P=GB^`4u#E{R
zYpc~?gb`fO?sbcu)~G0%AMs<?K8`D%;|9VUVk`JCE}72&;<Uh2IA&Rxc^1A$BDFsI
zRx^8ZRHVd42i7a}e5SEsW~N%iZ||G<sfSW&#B*MQ>ON(%kq-t-(;iFoO~gHsGh-gn
zh~ET$>q4D$^C{Fj8qOE%K~FNAoSN=0KL2b}Gc{tw;yvTF)lf5&{NiV}jWWH9?z*8C
ztYXP<l4w+e4fUIDZieemI_~Ja^i;juQE!qDKEZ_sK7;$43w25p3jXLNX+fJ`w=W1g
z8NA+0EhOp$vc(C2%?+micbs%_a|`TzHi$H^z+I4?R?Hg4%eGXvR=THDN4=U_?u+?j
zY|CPi;h-d#LjTcX;E-fsP??dQqlvIh^q(5r4f@!f`A#oWnt8cFOrhiZF-9&@C4`Q!
zDZScnvr~3Fd~W)6DYGjY)FcrtTU5!kbBUL>s4HHQr911qIXT{Nw%dE7CrLOk3ODj*
zqp;v-p`WROUnpB@S4Ybjd2RA7hu)s=Rrd0~N-w#-<PK&L<0hi~#%*ibVU+3VmB{5i
z`hKY`X>sc@!6tsS1a|en+Lz^W(J7fC*0IX9i)mJ8%at4Hk&EBb@ttm<4(We%^wY~K
zyXa+7&}tp90{e$EbSGS=gFa*B((Pa-ylD|Ikf0&i{n%q63B@L{awnI6$@CK=^?i6)
z;2xv*cFVMci4l9kH?vnhF{vUJf6Pl?Dc-rkT+dMtLA9v8PnYv+T>G9AWW=~Q=`?Ua
z_>Jz~Cnnw{6F<19YrlPd04MQjC2?oS%<RFa(NS+VoXKB0e9vC?aN+b$<yI_7M$o*P
zC$dsxX|}#F{#nEs)1_Y`A9#!Tb3l7C<u+40<vPKq&vrekjZ|)O<KuwrCgy0y?OqDM
z%Z%SeLp|njVoDyLo@#w=vS!A2&GT@5MQp}<Z%nxMdiVL`tuK2TjCW_f*PYfr)ciRh
zrnzk|huKe98>`4Og0L#Qdsya5bc=ugloB)hdbzPU`DD^O<?)$=-ItwExzU~^9?TI_
zYm03CX5G7ilv$d{&s+6djhkVNzT4W&BUM(T{BuQ8OP@^V0*UzT4eT1K<TxDjV&u-p
zj7SULXlBb+oEo26Wcw^G_Ghm7y_=7bo0cLrv}*Rpl?^06S8ub=^24kd`OfgwO#aB`
z8Fy3Juiv(Nej^sK_@QRnG2OZ{Vy4h;rqMUm$$l%0-u3l_ZT-e?-!@(3fPiqA1^l8B
zosHdCt+kT68c##*zi`sWFW_HpH3IUxyI`Ti|DDX35{@L!m%^8)!ky#(|HKBY_aals
zM`9n3jUz}^tWAXz{0%HSf4wreMkV4h;(%+y6E6>v|Ht<JTV%R?9@piN;Qw*y|1C0I
zzUFVZLjDbF;mZI0?f=J+{_~6fueW1g^LI$(@|QPbP2lp$!DN5mj{W2ROR)TZPRMFs
zw%m*q@##iQwh?nXc2kO3Z~NU;NTf@*tt-B;GydHkv3a&PKso}VK3Rc!=A)0#Jl4v+
zjy8Qm$bh{CoNoDD(DD*${bSv5Fj5Mfks}Ru9?9Z4BCdB?k`+KT+W70&DR{A={EDs&
zm``|-Cw9)r!9xEZ@x90&jmk~@yWB+}+=2`K#~-hIXO~s0=kM(6Uasu_JdNC7J8_!-
zT}SRq{O~_7$PKVeiNb$(#Et*ArIkqF@Bz_!GftUdCp)Ra^WeqkX9v^KcMk;sCXlMx
zsGfirAerw^?dA(Ko&CU=9$Fv$?t5f=P@=c_;TqB8(TpFX^^{5wgxGMc;m}b%UDPSF
zo(}Cv=UFuI^c7#=2L&|bFQR$*GZlC!H=4r<JGmyff$irx$kFdt0+4&DEkvF(K1VL6
z>mOq>!mqrk%LwI4;HZCSbP|?+(n{2l=59{_Vyl;arF(@NZ*Do}P3hw)W*M)~rZIA|
z`aH<tX3HX@rbd7ca-}ZL_JXRg=3uE~G4lS=wB_=2L%mTPUy7k)gcoo<Us|$XB-)Nw
znkV(-luSe%AJ4~30c00c&^PzQit@yj#-75K#wW;Nr<<dNX6c_#)+;2-V}n(4Z-Um2
z<u2x{ttJs;mE?3`ZoPEj;)`GA=p)KMRy<4>v;7`BbFv&nrYElv1U7(HTt;_7pCw|w
zyloO}qElm=yBcyBX91I^P16lt_1B1Qeg^w-f{$P1O4Fa!cgAJzu45+nqdAIUUl8Ov
zg&Hny(;gP(iS&~Lj2Fk9|4=e_rwsY8FTY(=KGkH>-d^*?Ooo|{N>z?(Q7aRjfAp+6
z?M=|EQ)ciS8^DY1^k{1OuFM(S^<NW@R?A9^8X}vrTlrCNPKO}(e(MN_P1Qs!SXZ2u
za*Izn>wJhnpxZ3n(JlBs&bWP#mgQ!78MR<SXTqa7^SF=hMRxhko{_439#CdMT-;zO
zD{<}qVX-FevgS9&s!!3;`XJrLUP}B-NMAc&9&6yp{sokt15NJPn$d-0TPX1!$v0(2
zpF~}SPasO15+KDif~VZxJ@_y=Zjnv@UY#@}!)vp)bD-B!1q#7@Gw;80LgWu!`D$Rd
z;|R|y(Fl_NH1~yB(KIenr{{cxpIWwW;2}Pd?8GFWQO%=r)|Vk0)#u~%pL^X};xiz?
z7UAUS#<34Yd+y)xJ)Xlq0w(U|p`DoN`m5XTd{Ml~Ax8F3Q9ZziQxZ!V^Yqc>rsa+c
zs(#TRa12Yasr7y2&wQa#{!MJ6JtNwggN`_kP6>0G?dsWQf+%sbJK9Do&(nn(D*XK2
z7{;(aiknLsgb!8Ik3fa%GL0s-F##80o&PnxzG45zy-fkXlUD;gh{e~YlQ$k3&h0@d
z0{UM|6TqoRlc|FdknaWeQV_(#(F$-5c;>1G-My7D-Jy47jWp|g+71imDV<7~I3jYB
zH`Xs?<<r_-!i8}P3~Nc5h2_6ZVLg$%Sn<lDEo=oq^o;to()!8l^L>t)dXt_+t|xzV
zsP{enaq%F>oL2`4&}vvjW@Pu8QvT7Hkm=W}R+K?bI{*pb--}4SZK<uX%k)B|W=4$t
z!PN2>A_04!(}TUe;cJzwbT?i<SPZ6c!N!<ivT?2X-F(4=)nTVhDYwHPc|~*m%jdvz
ztT>Tnd9D@*pAhQ`z{Tf-DK)lxS(GB}A3pIYkUBq}e?0V79aDF(HhMZ>_L|bEhpUh^
z^Pg(#l_ScC7L_KuGk3XxaKDQHJdC$XP~OvMJk%JHK3E0+-&E*@VOAo4S;Jvk3fsZP
z#3-Lp<0NL&t?AXh5p}cnguZY}g}{&0IB5RxGkM|4?tm`7qJAVAIg8MbZoAPYz*BM-
zN*xnJy!iX%yuNHoE^7)V@u+cs!?;v%_B?*-^oQG%SM^5<mw}oLo<)<wVbY#(RXwQ6
z`Hc}?_jk15dxIK&{k6&E!8{+?tGl`0V(gT~wOiAK(}EmsIdAD9^Skd#_fbC(w~tb$
zj9f$<_V0*$+KbCY(VsV=h*vqCp2;%wb$nb+Ae}rLA2>b%e%0BOe|_V@hvQ~}LcCGZ
znV_lkshL)Z0epkXpwoM<TNh7m3%G7!C!CW3{Py4s0<L&Ag`<_BPGw?Yo6=7wi|O@R
zc}lenhrf9GahXpf5^M)_@74jp`31^79-PqT3ulPj?F>>yEj@9UZ!PT?l^+YJy_ohg
zjhZcaRn~YGBXy8lVSD^JWzsSwat|WPvRV74rFx?N9eclvdRjGf#0>xFtMkw9TeTJp
zup96B9{-COiiJFW49H!q%XKR<d8EqX4@mDtdi{>z@HWqX?q<GApc4DF_Dvvp^xdgC
zm!J={EgphhM#gf{r@-Y0RTax$xvMR9lwb{CspBSIc)^1vCNqDN|H6es_929VZS&PB
z3yrppF?#gkuBqH_4QGE&<m+W&Z3d+aox3<$Urt{dmu7I83Uo`p`2J!`<6I;T9kCpI
zR~_MosB1ZYZ#rSb9tj;u7TN0HFr8>6Cx~8pGTtwi%dX~1EW1JDO2QtEs*c_|9gP@0
zIVt%Uk7-7ACp;gy$!9L<wmF%vm!R_O>zf&mrA&-)cMmbG*#4gXM}O%Eic(fx+9(>)
zU6M|>85`?qR!349>i7Rpgi2tje`G#Mm6_-brLgH;XqUM%7@O8-qkqxyqQ)ToaP!oz
z$u*nbfZ{zLM;%mA`C^>jZA66;x49^qLKdP}|ERZG_C>RUjTFO8YZR%|O;_8hm<y;=
zbB@mxbzA4D)7H!ZO#Gl_mt<ypn@`avG0<l6ojh`(Y9+xtIK+nD>r8S?`_N7M5R<}x
zR%o!Zb=Q}cWLQz0*!9#|@`u3I;O3h#(JZfZSMk}BuroKw%5}-^5t~{UnVJJJ+H4~1
z_Ua;b87Y0dCZ#|bU3R_8wd5B$&G<l?sFk<!(_8|Ch^}fb4TZUG9B&8<Sw`3%c`8B7
znG@qAsaC+<S2s^=SnnG7o-EubwK`IFDPWNCylOQRw5HQ@<MRWXI9~H1@;@t;ejJig
zB56iCwNOpDgIgCK>pPt%14u)u-4{nD<43e^TkdZ6M@w6NO~$@wxy>?H?(^}1?E=R=
zjKxfjxCb7+DJ|Z(aqv`f+g`IrACtvxMpJ5QIl7ni{HHFHLJ{TOp;=7~t8x;)g^M3B
z(j;AT99c`h+yu(*-0V=s8}Z(hy*QS!`{cx@bmjnE_idedMbPXjbvx$qD=Ps{r{tLw
zOzTWgQERZ(K%^6IxSBmfqg2xbGY9k~s)FJ}Zzz&JM<huZ3k|C>152`yvR8(qIjuaw
zcK`GI$|tMQem{x`Ciu>nY0OE)Tl?6OLcAqrJ9u0o7gUBZw?L04-Tn?z;^VWv{p_&)
z^%Y6yb$u3{p=aOD5}&85FLIt?#x2i3)-5}?cbD#I75*W2qYL%+7s}=fJCy0vge`Z|
zLFoLOH0wI}JoeZa=>;40tKhHS5ol=Fk$HqaCAk`Xtsh?_1QiEHdgEWr|I__|Rp|uf
z{}vw)^*!<|p@!_)yARd7dB?C7*c#%BNnxOtgA=Pg_cQ#1V`?D|npi@l*t&1L`lKm)
z_iz<`zU&CzTx?eAU8|CGh8E1XG@&-X2e+iwE5lOGm|BE#DVS7~-d=e$bkl%MfO_(c
z)}e>k<UKelUY-hvi=2d13lEL@nmqB7bdg)Tti`p(aA6GNbiQpS=r{M;0^_4!s+j9?
zx#wg=pU4mv2FP9qxM*goJ%X}9$6qaiD^k==F*<lq)@Ajl@jZ{=RyxAyEt*JnEWg(n
zPZ8a|R@SsRs`nM-ooketwb^Er9u!13c?qJ)>{2i{5hRhjESlVAhnA!L4|U*8b04mp
zh_jAUZ(QV=@)L|$2e&^lla9=1VHTz)Awm9B`O0j<c(?#FQ>+!v->91;J^Is{7!{3?
zZ_qe8GM!=h@?ov4f1iRSdfqpdoh|6pZurp8`w8S|z)YLF|J&}VUBhY$7{Zz(xy${(
ziF{UIEXSh`7K+yqoZssKDdfAo2DRD@HN)w|vDE&o*@j0dJ)0R+u3PM}x7b*QcbY&M
zM>4p^ex*3UQ{Ea4Xt$kgzJDHkShsK~@3?93dBj|U{XHo~-X3w@u6i2VxlKRKj{oWA
z+CgL557e#5h@rg%gY9wUdtd0n(a+*z1HzkIn*Mz7Ix<=q%-j}QZ)>CrvVQ*RgV@b$
zf-0@ggj+ic0WU^-hGDH6-9AE?d@mXkD-oi1TD)=od8_f!mWK4wqJCoF3@cp)4xF0x
zj?;zO+^JdW9<<ii^xE6yI{Ngjl_o#EzZpz;;nxLJssj9W^tEi0HhPPI0|Y70L)-U)
z3DJ~HC0|$d-kouHFn8RUXIDR4T79uP+N^SR(||qshLEJKFx??xuR|AKxlINOw6~hy
z8(KacP1KtMg?jLOxIQ?a&?4kIz1$Gmgg*+k%L}CJoxF8A?&Cy~PD<J6S3iK9;Tn`Y
z)O6MWMya411wyqvKh&!~VCee?192=XeB!eIj7ct#YpM&UpFj(md$XI}kuBGURW-G&
zk$dzv*dmak{A)b2sH|olRoedzFM@Mov=}vRvy(Favm0AktdiJgZ^1~BuOn{<>DTNJ
zlAuU(=$BY>_t53`JXl>A;OVJQX>*Ml()9d*davW+;ud<dBj{gdSCn6~^*EZHM()pY
z-VLSQ;>1q_vb68&p^UQ9{hv7)TPgC>ukKRzS9qT|%7xH27Ub%^dmxJsAO2bIw)MGx
z=n`fr{Csv@AuEvthH(xNYm<@u;kS_V@DIc)k|gcyYQOZJnw;K9A+C>?eqdt1S=1Dc
z1wKcCMyBLlxlE8ZwA84Q_L3hDtX>=sD0IT1Hyy~}FaI5!%i=)xmXyN7VTbbmo)y>N
zXUHa<!l>@o5yyYl%6w+7_ET>jTaO*`Kdw8bNP}pz?venMM*T`~tj>%+$3ekfQaE59
z!2lw};%3u@ubk2P`j@?a*{6yHInJK}igP=)F`cY1*O;oxD<d6wAUFSYdO;4Kl>WC|
zg2T#|fa6e4BjZtz%+gEnw1D`$k6CpS4@u$F2=aYPchA;gUs*l8&xTp=exB@vZB1p{
z(ykspe=q|gZ%<hs%WXW;ME~S@EWA$CG2LZ_{wYUu44QqLcwcN#xq%0PZbO>XK^nTd
zb`n|o4q74*vd2TAj*uN(w2kby8!OLwpeE3;ul<VzPuEQ}w?untIBQvI`)g#Uk3bOe
zaZJEDq~`JWUbp)i!*?Z8mMHptPCB@2W~){<BRI0`o6Zl)<{^yW-2@eJz|_BGN{z<+
znn1=oQRPyaSbl#c&<L~U3NuBBO%^iKBDR7^W%Zc{;L_wtvsrf~kdJ2DNUt}s2&gY7
zUyZ_B6MsG{x2L`}6xQL%%NnGevrqGUuU9cpG@^T<HrOeudIkW6KX-l4H)>`Mr)E7u
z|K($J=7$ryh~9W=k1>Cq4J6`5ki7475DX{KcM@0nY}at`VCyy@{$y-BUhZnAB|fTh
zdU+<FVh*R|kv(bWd-91>-{AH4hO|MmI)yC**O_5?VM47$q|A+6^sZrU#=Hjgs)pnW
ztK0?1$!b}m5v?+3+ifM6<bH6`&MFFVMJ1|r7oLAl>xA?)#9S4P(BHb20a-g!qw?2&
z=RZ%b{`zJue%KsH&M{~2sYNgrIl>~Jn-o0{_p=q6^&UQ6C<wbVkOETNI#H{U_AEBA
z(~-pqA|4c#q)ZaE_n8Q3isjjlf<=VQdlL17;e$v8m)!Ps?ZwzEnX@JEz{yDorx#}M
zA1&AbdhuFjVrD6>A$m7k0VY1}p0`GWXj&UBa~pl)^+5_9tLVLt%|tm}9JOU4RHalR
zp)~n}y-ef}WV%aWCc&ouAFc1lb>$MSYwic|f7`cwvl_o3ZV2GaCYC$>kq-#(QDxd#
zPI{0*ZYCSp?sN`n2KbU7`4M*J!wF*oS{ip@{irrX^v6{coq<6v4dU*K>vyr(v;B3?
zayJHpPu8hg@j|1D{E1ubXw55yfn8lZPUopwm2Q&xC0SSV@ZFpWpWGhVn0#T{6vrvT
zz_@m^L86zK9<yYu{?yT<RNJEdgP$w@rZ$7t?AB|FZ-5+imfHA~aJoOFITbCnx%}=E
zz58r{FC*}Txm3j>RwKMyx1G19r^>oQWqtm%yBIzT&VIof5iUs_BXjsVMOn*txF<J$
z>CVixep3y+cw9J+zevDfbV9Q$MT$gn_?5L=0#DYXPRg0>Aim}ritJsM;hn0fo5OFT
z(szF*wEXI!{+A7q;PXohZ|uyTb>i3HI!&)NJ1#f2+3fmh`KD*kqIcQ_|3Gp|KoPE(
z?ef^y<?Y1N-l%WTk1{DmDr1&7SuFd(kE*Rx-ON64kG&Q$O{C)k!#C@WkR}Y0RdbfO
zfz2vePLU)}+~=+}MRVejhX^7FV2f%nOgC^7&=Kb-%>=3t+6uPZl5bPURJ;ez!bLn|
zOk~Y>(Z)6={vvHY4t^N?j2rJiJaK(7{mZ6eSgDPX<syOfCgk3Nb*;KjjnBv9CQQtX
zU$0N?GgES$u0z9I$7N1ApFhq<@)1j|=cij+qdIQ_f>+Y|a4EqSeep7*D<PJhSxXpJ
zAO#qzpaS>YxKQ2yFdH&AV;hjlO&@A$N3Evns;qt%X_Xg92fk5JbTy;3^iNlsnPu?U
zmKPBB{4-u`>GHVWEg!eLyQ0DKRO5S47|DlECkEBJH!aCRP`7^=f14_8{PV)?Xv*!>
zY?)G1dQgf20Y!><Y;JR5-QIPH;w&Ty-d7p&E3yd^P?IkD*^cz*S7+YZ4_t#2WyncC
zauSz~duZ}$^k!Rwz6n+Kpf}WoE?i-@?p@gq2_8wGofT&f)61C0Zd1c@c{tQ;cvso|
zkQ%70BrIjcjehS*p(GXR&0b6Hs#aMHn0;S4)$;h6*q5}npIe%K#*ymRKDg)Gh%Ib5
zO4>sqfVKGg_PMD<1vzxjs<f$pfQ7KcvJ*Fz>IgSa$tZgdZJ{Mqv1prUQosQ<bR9Qu
zY}Ib^#hl$CBG+KOhc$n$`=;Nfs;68H<O+zinIio%a9A}E_$GwJNlDl^8%oN^ASDp3
zG}GwQ;LP<n_K^uItK&`UR(bMn3BbgR`pw>vi_u+a+$olVEfLX$YO$0Z?x79z1qhkB
z@d}&M>N6d_Qa8rnG3nF+F2+ZD9~kn=k=COJz-S8YXrNKSYeK)Nljai^oIMVPANq9b
zW(0uR>9Lcb&@aZ2aJ*<-2|_g4Pk=4PwEMBZbHF?f@~MmUQBCigJpp0P{>&HJg=0Mu
zTdhQfF^Z%Idw@WB`-?I!!v1xeKc!*^D|4kex+`wlV>UG~!JpL;5R#2_JaNkL1x9|D
z17ka^?H<Nadi(&?!aS=yZ(*-hS;NhD3P`zY3g;>bxx$5yUB^2%K!~+H*<F~HV4@+5
zzJ0%<*r3LCI;UI(uRAhBAR+i}bk$_ISpo&q5MJt!#(=g^T+P;xqPTsxGO~Y^Arbz|
zf!zhcDz_3iLgrH2{2@WS2$K4Z>U3<mXlv$9et-+jeeCiZ04t1mp<<HTTio0Qkog4z
zZHL?mI-$Wt1FuT3E70ANMJHEN@$_(G9!`wFM-n2cx%)sERF=_JkLM`Bzmd4<wJbkc
zV<gvfwy&dEt8<!(mOY!rYs#=vaozO$wNgO`$t9ZKq%V_(#0i;rXv3^_zl!V?<wfuI
zU&CWWz>v)Ed3pA*+rkFUvCHbo863f1c!g!k@dm6TPm6AEK<3D>Tv<Z*d2R%4^fh{e
zgaga)K)j$llflSrzw>cFc038n)55fyy!vG8eB5|Jn3r)6JJN~=d2l;TCdcZ%LkbM<
zI0t+o>?vu~JG5&PEu;7Gc|!9!;zy`-C@A!uaN@D$P`_`MXX=~-MaBb-c64`wk4u4?
zSsHdsIXV^_zp5HF@dWCv<>PO=ZyRrU+h-9{va^10rP>(sZ@cpZFP<@ajxvHwo8^z7
zzVb4X{A#}`eNKd$@wNcBh-zy5%BzV_mh(p25R&WBI7>^Csm%^_q}`hpuwvEhP+jBi
zGtQXj7lcT-hU~`en*6@clKB=fk*BxG9v%OO+-<|9m#W+I^)pessh8<}ph$m&iAleD
zFIRueIwAXU8z08>yJ9v39b3%w!{5}OH^LDAU3qYxKT8Y8fWnA@<#X(gd)<w45?2{L
z?$57Hm$+sUlreejN!PypY=?Rqn<KNmATXWa@M|OyCP(V{tImJ!1<x^T)-Ex~2^2E>
zJZszz)YN_QzuECUQc1e+Emb_H25LX4qPyDb%`Xn^`aIgCXfis--t|$_-A21rpskoI
zJJRaaGY}ODPZVKrVziK;zJec3@50kmc`7&w*)%(FZ&W-k&%UKCWQMB!;bDa{YP8)G
zXh0iPe|deemwj=p63Av)7^rfMB?Nh+ddAmFF1znd4PdVwX@tXGs+KkG#vtb9pu#M0
z2!bFYU(LF6u!~)l87ch3g~s3eeL0fri<|`cNN2zj&k31c#4<Lm7exUVaQ{YOKo_ow
zFE@)&j8n60QUEKV1f|xM3_RH(%d59SRRUamK3oS}v0XuY=+m6K3<zG>EaOLu`db$L
zj_)3R*xfBa>LtgDRPmo4+5UQ;x;DAM#He>a{$rQuN>@VbtYNIhHR*e;j;uWu@vv`u
zQPKpv3@Z6I!H#+vmC>6ZI3_fi5Ri}0MXu4~I$^VvGK6apT!Kn`%of;uZ%XyugKG&=
zde>fA|GZf;VW|?@9S0IzjsAclG2w{YFkRieihMTJFqRq+Bv`sWK9wSmkPm`fGYA3H
z@NXuI-F%+X&#ey?O1P0E&tC^SHA{a*^amEnUhl9Z%VqESYKfDtq7n}y%h@q-XM&ti
zXoMs=uz7e+es-9Sz|y@h13(cYT=@IF9AV!-D;xrH3L5Q5-9W-l9FMpn5A^MDZFU`C
z#`!9&cUbPWI?RedCt`)?kh8i>7B4qhuqz4&#ifW}K^YLO9uN$1GH}xx<9eG#ZgetB
zGARzTWe_Eq-vF*h4Gp#;81wF;9g@@@*7|LxwLFUd2jaT4*SH06pe<O3oh#U#DvkQd
zKm`hKYI<lCM8=Hs#y5_B`O51y$#;mI+iOaHTpDTxp@1kmxM6_|w>*Ernn^Q&TNQ!h
zchYP06ho8y{rDTJ+P?Rg-v!1e7+fFBc^i<M66TA2shc1VKg_H-$pCzKIhzwu3Z)xs
zg#Qj&wL`*UdFTAe^i-}Ut=;7N2Yo6o=s#4f!-0*|_?Oe&iY?s*STCS1Dbe+c&PhNc
zE=jtsFB3DByr6gL6KY{tQ5=#%00@C8BpbfVk4Bk<-;S-pVU^Lb6(vW@lEn#z1w0|y
zcfNlapF)~13-74>fN27SJE<%yzMx2F%;nP$yr3QWlg-44z<hYM?bNS<`KxD57e^O{
zfOEwNlZS&!{geP@=4Vj2o0Qu6G9Oc{QyA?91S(UYjPB#{M9Ov;l<t6(XxE&_4;&t=
zUFu7nmpwsK)|hou_%Uo|Kl4WjnRZ4;@zKt$ZPYGh*{0i6?`TDF>AXEI9m2Bu_;mLE
zMgpp&=Obd)W3y35hR$}?(<0ci)li|P8@;6Sw%@6i*o3u++y0=kmnG%tAk_A2B=zQZ
zMbhCn(O{uzK;bx!QgD)1+&1IW;u%(TBnz?)<L+8er5_QXjQYIul@?R<Vr#m=r^Y_g
zMaeU@&UxjxvabV7Lt=r-&c8x{JPH(XyR)s%&rYVl`)xHGor(2FNxuMM1>cjLFoxYD
zd;||zoou6-_m4j6qtrJ;Ft#8?a$7AftYcSCJ3dfAUpb#Hty|@0RA*X^<+ck@xjLM5
zY)9A`AdRp3`O-ghvnO8Y#6Yz41Sj8J>AymL-Ao-ph~<S7?()UD?5~dx-OJPuQ_9fN
z53*579dq4o!LM&Pnx0tFE$<Vnm!k{9Lb!p68BA*k5rzZ1BhDF+mTg_WZ)Iq>gDOi9
zS4Vo8^>DABi=CubRle7Ks(rciq7fw=5gFw}8dBGsQd^#{7Nk5`wQa(<+M&aUj|Bng
zwXG3s5{EM(_k~Z@nO5s1V8*63jfGj^YzjD`o_Zx5Y^K158$YdLB@grgx>`@@Zc!9R
z+;0X1$wnSk?MvuT%gniyN@2R6x??LL$7fAB%x(Q1dT%?{7+?|Hmy1($TnS3S0xUg=
zfZ25)zhCyG;c2LMB9PKubK22og;Rpcx3Hf~dOWHmxJz_y(GEH?i$JC~-DPei<DW@;
zRr%f`(<M0tDrPr5=>nuSz1ctpbIba}qiLU`$6Ktyb4?f4`0NxWqn`ns^o~vhyP^je
z_zEa~y^Q+jMq5`>7hmKV3!cIclM_4y87m83-tn_#<DxKPDyQ3rW2U4Rma$iDVlB3J
zdj&cV8-Bm!@vd}yYahe<`5%c<vp8a{UueZFvsuLVbX<$!I;Dq@K|-|ZqV;UPh1L45
z_1ot-8h9QGiQbulCV^G}UzUgMX<TL59vt+Ew3($FwD2ymiM5vL-03g3xH3R`E@hE=
zbREhdJ?2N_8u@srXq_Pvh{(K(^($2$V5ck|q_F}y5tJMt%@CmH9?JK$4~vNA9lrX7
z)q^}@{WCiLo_8aTHVZ|ZP~A<CXw?YS*%9`9FVtidAZkSze~LLEl{+g3@|LwT*K-CH
z4W&wC70WL4&(Rj+#4RxA3vz42@0K`NhJ}w*0!8CF`xWt@&=G7F03IHsfV*s(!uG1I
z>QjIk>NCFQXfLc1%U+ze+>YYNL`SXkz;9?3nI)GbI$%|PPF}!KlmZA@VS!MR9?m?r
za{}e?bLm?~-VOy5f@cyO6pHNAL=bXPnn~Ord>K@SC!m1pbFH}6Y3YxR_d^zM=)l!v
z=3yBm^NTojE&wSw%~ul}K6__Fl+sJCkXlE!kAJklx9S<)DZiMQIlt+pRUVzvLat0l
zPCH(S5uAnLs#e(vuXlV^sSK%bFodBN*`BV!B7UEF%kH#Oo}1fDtX~@{Giv(0HeO4e
zB=TAO(1aFZb9`5S-E5*zKKvI>#IbZ3>}vPJPc2M8?)=1Q%bpBzPRNW%9vljo=OlWC
z=9;P;mwx9y!tVK2*j@n{)P=VVrAOGm@q6;i>6g-8TW@joxYGd;h8||aPE_6l)tsOm
zdO`@&sWiiO*!S!@W02x*uhIFBCexzi<aLJl7AEo^W!qICps})-4JWvBX>~*9>D=!a
zsAQ%DMy<}n#+LR5<hGU)HfTd`1x7s;szWBxH)|2ZB=79vDZL$2s?}IM`WQ9H*Z<LZ
zMO)5+@k^w3RP2uM?*)sc8wx)ecDXdKw|yL~Q%YFQu;qB3OFUQk-sab*?(UD_7Ph^~
zd_e_KL8xc$Tjgye=OX0Y)ee5ZU_bf!3NwqKYx}&IhfgTTWkLzyy@%6X``%zX{@~ae
zPG}WiV&#q$+d(bQpw)OMmSUL|pYBB*Mk%~byI;T2+uln#PLyZPYXrn*n}ARth~|t@
zDvvUC@4jD`kV37V@){AELN4H-v@;e%h|g(g8MH07L?}fGkOjvKr~#vSn7-knl~|<;
z@ksEsaG_qCDfz3;o2icNsf&ta9>v$uB(v^g?IL0+fbRhC4la&v@TAbb6_j!<Z!dEH
zq1elm%|_<~^F+QrVDhV?6=IbkB(iFsdU?oSB3WsfMe-wV02dwkg6D%ORf2`4q`qx1
z{VTKL%F6f7woA1)qtwVAnd5xjCGeN0fIKMCt|h3oIL?50s7n{t+SV~~5Hki{jWCA<
zf>lGOeCbJWFE@Rz^Mmwzu5i54aCDDSyYRR;dF0y=<!Xec7}_gXjX=v?H$|EYdIC*G
ztL=&Nz+*}1UiC$svTMs{AuH!2)FvH!`5IqI?%snugHd?^U+**h0B9JVu0^PPm!DD@
z=8_o~%k4~5t8&_nXloS(w2OXrg7I41OSn}Bx$$^>264tMc;}fcT~JU*rG)6Xv*W-b
z3|P<IOPvx2mXr-=FWcGPny4wmQVA*B#`a;9W3ZOoo@l<kD;_|8*uYy<>C?9TTM!jz
z(%A%Z+KLoH66n(6-C)Y6D1Y9)E5F@$*}I(Xyu507YegF#7IdoaELVlgrtnJptt4d*
zrF=fH7Vm33-_rP1)Fra6TJ5rS?L5tIf>l^l0|(s7R5+XfI}jqUq+BI=NY~n2BYCP4
zOc0koXEOmiXi?FuvV)DpO<L=dTp_^`@PU(LbkgDVdz~z#bY_H>549}cN>V_C9!yHH
zJWfnlXhaNDjXqiP<B=e)4f|1;_*h+!L_6GDXGkOHE{!{b&}-9zM?)d=aXZ08s7MBx
zUsB|7Dc`dl<)c<2fn$wntO_@KtLdU~QMAnCTT0&<P%v+<zJFXlB1N3~C2==IDfxPk
zp(JsnH#;p?lx?0ge?P;wncRFyP4m}#T-1Ro_!$sSkDsh)*4ORfNXvKSiG+Gwz1+X&
zW`e>cJYcs=(Bca|1s>n5p6nF}HUT!i22c)@-3iDI=35$gnQ!9Uc9ikYDjr!rrm4<x
zc=GXCl#!;TVcI)lm|(L2Wk*h^RK()#=Wv0qcm8>1?qc~9;v5FCI{Yf!y#uO0?jdnc
z=_vY9HI@^MVZqBfaErT%45IXwg2(mwaEfe|$mI{QT&%h*51)P_2*d4U{)a$8mqb84
zZF}xE$Tf=t&`EAu)9*MUegwt&&_SS7(4FVIh_y{1qP##2Q)b{mMGxD$jcG~n{NAVx
zkHxG21?^!iAG#;j>gjihKT+b-1j#)q4zO_Eu?jUoi+(x*8KNyY^ByV?0P2lV;jR8%
zG#A9=*OXo$e=_OVlVLF}TM~i<DNxD9tF=nD5ciQSm{X5{m(Fd{;p9UWt7^hhmRCRR
z1>#CXb8&Nc4Y?o95*wT@)foQUU(sKv<3xf~<Iby_eBRDiJSd|fuc;!;OWTlCL3M}L
zrhd81%?E@2L?%Cx2l>ctYcWfTufAdsxtWkJ1fIWe`teUJXn0i_;lv~Px<HLj3@4^q
z?(%XH*YeyBRELDh5-#di!7JVhZy*5iMUW1Vt7H>{GVapVw(O#-j&A|H^;8ZDzuK1}
zG1MFVnIr*K;E!2>)4B);<3LvxsN*<PjpL=E=W4VcsaX}nSZ)>fRK9e_qSKnaekpvw
zLusV}g56Q$6FHUWC^1?Iwk6}aZ*MbEO+3Q>>;iLibfaW!fc;+RSFJl`>gXJRjD1tX
zaR<Y(9QjsIKro(3XQ+u^zq;c*s1(57-^dkYE;Q+TE##Y31pD*Hn(52gFRL=FR-;!6
ziXd5WeZzk#-NOp=BEAI3ld!VRI1i~ie9P(LxWgW77{1Y!5DA$7X}ft?^*of!@=jWN
z<p=y~ll_GI^r7?LDwxvzDO-e=GMu7~ZY}!bk!;rzyEZAnLf{~ZV3>q*)2{8pTRX=6
z+x*o?m4k6vC<;Dyr*N`iB^-&u?3&sKAW<<)GGyy){=D5vWGZo8CGkP2;R+AC$t(-G
zuwu4HY14r0X*;Xp++HvXWc^j1NiAi@5dfLdnM7k@F6*5K&4-<-1P`?+u3Rth)D{lE
zZEvTm2!BC#?lnNgs^1nydK66{%*lPbnAhqqRu!q$qkoW}A?ik16=sMaX62+L#(`gj
zE$QCnrsAy$eCFett#BttiWqi`#20)TK{JaWqwc<$Wd4CJt$yc}vrHa5fJzta2N=55
z@{T965jXaep-SF~O42g9JbzF=3VvNfQC-~a9n|dZzP<52K3?{!ir&g`q<rMOKVFN6
zN*X^htoZHh5x*{nHUaalI`0o4{|Jxg0Rra^l^kUn=vsYqP)6w>&?pgAn~~NMKM;MH
zfnOq~*Fjy(hpoMEn)g{=)_FM<VkyW?m{cR>rQEk?jqe@a&x!Z~NivU89tI-Tf=E5h
zcxjaGoj8#1QU!rn5)aQ;MN1mG4C~oq)7a$o7Ogv_?HpSWILQ}5)f?FQV}Tm)kLC*@
zpcduCXQ{ZKR<8$PnPnAd!(#QQiIS&;BLEHPKH}E<IjOEI4vOOrWnXqx%M<C~fj|Q7
zRjvy=15&6x9a+xyEd$ldO3_^s3E~maI&P3glbPHpF;ic_YAqQDIXjL*(5Mc4h<K=*
zdrx(`XEj+>%(S9Ax2yYRaFeE_Ml`2}T2}s|Ezqap2Gx$`a{}dkXbMMwo<h&HGZM5$
ztl|z3Z2r;MsFif9c(Z8Rajjn-c$BI2@sCrX#I$Fh0KA!@ildkvz6)TB>FCmv=H%3u
z)U+F<evH0OT2dg8I*DU{G+aTbJE1jpz<=+KZ=04febPq@DIf1;__ya$ORT@`FSBYZ
zInd{DEAfn7bp(jyjMZy#2kHPL^i#lqiis{Ryyr>m*q9i5TXcs+g-v9gh3c{UTV0le
zIW3ItE?xC_1CoV)&I|pEH>`<et+h#6I3iBs$zb?1VP#I51H$Z-lkLhWk!+>oG4tN!
zYgTvFF9ktA;jvsM&~3xc&xN<G_{(3YBN^;fi$;Q}UY`7l1~Z5Em0c?YsV-&ncns0m
zT^;8rh<CH?7-Yz=Z0bS6Iv;7v<kwXV^yX8vQ!A}9WGAyvB(hYHm2sXxqdx*v0Sp$;
zX(t&c1Q$=}|EYShK+h(H)zHUCMSH!?lb#rhIjxupIt5)$h6>8h03mTMxzfBdSVX#{
zF8;gC?e`<o&a@$pl3RM36ev)6!3yYg%2|<?S~a$hN6SsxjEfO1v7IJ&l-k>-RX;9X
zk7RLzA><;)V2o8a=mhmNxk>s|I-1q4<_*Kj)zifeltjM@X%WnBrEy;SD#~(ro2>wb
z^P0T>oJ{7XX~qSFzZOl=M91c7^z6&UPK@7vHd*7_DUQMTZRy|v^P|3s$yb@Ad35u#
zbi@RHP2gZtwhsr?HG|-k7&>yaJjk-*M(kIEoDuQ18{A03^beli91hacgrmO%0HHKe
z0{S+RT7+GnTjQ9-YoqGc&7RQ8l(SH~CXCovJgvLk*hw#4Jn^MT{*)a7>A>7hCnISx
zl3C}O;b~L1u%d|mNAi*J>g_Kr73NAM*#LbHa*bC6;gcTf2(LFn4~er!-vZI;Pdke&
zQ)}75tLt{X*gByRexLFdhc_vm#mo%~pF-fo;hPysl?O`4HM1ghcE`Wwe3-o%#TeN=
zXL3DfJuZIgXxdz=-Cr;xZ!S|ry$>gEsJ!J=&L&P~@`jg(*=m{@eIK2xjAVv;Xzv*3
z?Kmy=?PQziKYV8YRp~<>uTi7)Yo5ZsI|q3ub6|Yq&3*}kd&<fOQNlq@t&NbG;=bm?
zAM{GUiIq0mwlQNhC1mC>IbZK`U5UX-?p+FA0hUYx^L?-I)lM|(vKmYNvcgjv?#?`q
z*!GDXMc0j9S-P8c+jIYUlUg=GM%XVgvVv7qM+d+F%LgYWrj#hswb+YbArB~%7d1$N
zz(g&0@1)P1eYH9r5(;<V&po2QW&z>oY;?<(_2EW83T`seyOSK8Kykj&Ocx+{D06}#
z&Y(5Z{QkwmscDKJJ7Ft0!3i|n9h*1an$gsiyBrj%d71C)Dk{SGK7ncApra=rdfp2V
zCA`Vv^14Bl@4uM6AObx%hQ>d4#ba75_1t)=#U<khifT842CXE0WKoAzHq|l@$;cz7
zS#;nWt^4P5m@c01R=2j6*$mjEw^5|E6eNuK5re{8vK1yRX>ZL4ntQ*F&_^{G{c1ma
z*%-v{@G&tbc4%pUPKy{A7wRXSOAo`o?AN;}89)VAiR>hiE7KORNZu)u7!}0n5LIdZ
zipmk1d?Oze_@Sd0w2CahyWj0lBx9Um8Z7)Y>t1&pSrzqPS7j5&5n_TIFhjx)Z@=gj
z?aB#9%yQ~KdhqtCKrc6lA^$4-<L{>fN-viDQTDYur6olLWH7D-E(ZR(kdSV{=+%h~
z3$~x82+MOOQmKT7OKwkgI&`H7#fYV@sv;R<dE%C0W0sX%-mIdkNLf+KyKL$dxsLZ)
zi!bkBx@pN|=>a6LyI*}8r*RP+w*y%|5kGwFqBofIY(Wb9*j!yuYWv$k7}@@dQ&Siw
zQ5Z;=r~K-cz#$2;ahC*CSNgBqPfl99p%ZL??Y+3%)~XaDi*cmPv^{PZr(B{Dk-#Fw
zLXFIqZ+YJV$w;`i(q)r|><@q3fmw3BnAWJ|UEDaEd#zt#945bBRNvx06T`mqZ!Cio
z!Xm03Wl@D@K;SqJR>C3nCqRTQLG>Uxi9k6g#XJey@N!)(%X##%+ll8`?xK9@_GMq9
zLijJ}4_Ze$<Kyi)LaF*i3OXt{joRXSFj~lq5NyXpxb{~x%EM~Y74TKZ)pKe<FK+P<
zgp>YW3hyHd-i6Q})w7CBFSPH_!Vpjzp6)fYmeXbSORn)YZGez<*z0Ood8+Cnm(f<e
zliJl%>7(t#an5Hgb+ijw7OxtJIbxd}0i$zzQZk)D)&X(+rk#+xtsrPg!E&Mdphp}@
z`y66n{s`1>bXG*_+3!1vgW@HK@OIy(!eO^x{OtOcB{QK3D~1&gfBWLGHyKXO5?JsO
zurVUOUTY&Crb_hQ1y&W$EewKM;*78C^%)WA7OujK-*Ppe_}R4C&5`Xq-x=eEhflJ<
z)|OwFjivNHfK=xqE5j6sxl5lkc(#l<x{qUfK`Ul5{qUk+DFkucZqEoC?64}WWd}V8
zrA>e^)H}%v=2TKeWl=#`vbdE`tj}+Tke{9GE!A&M)t}B}hAZY^4lg%J78(TxMzqM?
z8vcp;XS0g8d+H#&(t8KtR*1l<N%OB|1k0q7J6g{B9O%mXu^l45k8=n2O`|2g(te3Z
ztG9<PMFnd0o$%b7Z1bNn38O!IMTVsWF9@soRZC9g`RzBVMj`k5Y4^3>YGkfP%N&jw
z7f+hVzoT0KA|(gKQ0UIy#zf80QACjWw!tIL#*!ldwD^l0k)~pFVXLcXHM6krpd|AK
zpme!j^6zeBFWY6MIr##*_NKqbgr*7UkCquR@=6FOUl-U5Y*q2WrpPT;Uu93Hy!XDz
zzHAXw`uXiUc#9oqX&C=l$cPH-6=<5IZI29`2=}WaLkW6lh%s$R{4ML-`+hES7Ft@U
zp0M2`xuKIwaE0U+IdRZwr{#4@SCUq>Y+0GtJZ|m~D2$AkjeW|CA{WMW7t}w@RFxS#
z%&gH(b&+m#$%R>-+@-uc!<jE={=&N_3#dqhX|srA6cj&5_ObQVY;sIqv}6w-XvGx3
zW47x5CKhQ6eOwx3(&r2NfRwOTE4fahTCGhBeX+@$n%7#}#<HJO@wDUm#W?84*}6Zc
zCe&j`o@5vl^dL3keccu+eDx|zE!6@F!m<Y2f^zQoHairRt|~=7V}AJi7Xo^^)zmcL
z_6~)`|KZXPH5KAbmCPEIa@w@62YvTcZ(a7%XQv7!_kfdiv#Lfs|MjW(;x<Qn#@pqt
zhnF3VQAie=?pzM6G9w#F-DOl1>AVFneFl)%#|!7FovhQ)cl1;WhqsGz^}aMKev9=g
zT0LmJEUE&<Fp^E6gxcOq?Q%rCHE9cN(SF+J-XTw@DN6XGm`LD@p#HCL323Tn0q;X5
z$(J+0a*Rvq@*f>a;W-u*;Te+$+c!euXeLM{^d*l{Hf0F4A`|PRyUPuO=-nm<AL;-V
zmrFp7Mh=9hR~3z4tF4}R>0&P5j?@i6n(yzya=IS$k(uAlNWq!t@(6#iDdaq^w0XsY
zJh?m_8aWC^H+Jt0BDy=5=Ishc7*m>o7IiX99GCYD;PIuN>Cz&g#=_j}n-N=<=8tq7
zfC{hf9CO+kjq9tkIfynodvNy5dP!==_jF@3{vQ9%#OF|YW!6w>vQzQdqmQR|(-Li|
zSjWM**TJ~Cpn2ybXHgas9{9r%N#-36a~OZah=JA1MlaC04*JWYSkHQ2F+apMx%;wu
z&9#QecFwvroj&d(lL6Fd!?Yi0;E^4_$q`7t`%Qdia_P>Oi}O?83DASJ74;-x$Q!h}
zRbZ@Bd*mj?Z}>had$Lj1S)pR1-vl~0Yt_ZZ+d&(f!Ffo6n(H3$k|zWzoze6`qW#%R
zpfD5lSU?r1=gwr(M2zh}fYVb(6UK=zzNLxU0w#-KB(d$Jwn<%l>h|WZh)oM@yH*sf
z_+hB*XamTiF%32q9XB^YV`cP|GJp|hL@o<GN#|}$;#UqWC#pYOJRVCiMR8hq0CkKn
zBOO@=#CL!*brN`5k^!XB16CAQ*b)c%yxhgf0Jcz6v9Nk2C=)l@?|d)&9OD39cEYLR
zf;rvJSoD-W3L(q=Ih)!9gkH6hR->g;&DR;ib3ZXlVg;0uyFgG>fENcTna7Rz@!aqo
zts^b(b!0zY+?sb&Q@Hfb6x$<8g+w?sH%GPSl{AWqLsualwCtc!-FJQ=0Em*)baZs-
z4K@b(dj-h5^h%;D-~aWOfQ|XBa6$me6mLjLJRmBcIbS`d^q~s3zyCPGUShP<fe9sG
zgl+%JO{`c&Vebj<f~l52ElRj$UhwE0E!{1&_DCo030YjYAr=e#7i?hi&|bJtazlb;
zi<B-rEnMH=(F3|`U_-Oi8U7nFv6f2^cMY}zlDax<h2@H|`6Dje%(cHmQ@z9~3cA#A
z;>gWClqieRxz%+z6d{0s!u}wcx|)i(i_xgWi|O)~CZ!Ng2~KLw6*sMVArI|L5ExDi
zA2-%35HTYwVtZ7mZp?)Q&Npu*mwgFT3r{xpnGL}ILK(-m|0{<@%*Q_Wd&ou81;!4W
zbX0(?R1f4SZ2A;cN%|Up)vqO2f;3c;c*|x(X>AFre?k#_NNGpCWIX^PkX)AlC_F<!
zlnpKKKiJRdryiKsjM?s%iVjy4BVN(In}sdyM#6~;0<hhaND4s;JsB=1!7lYQB$qC$
zj3}WG-SSei&yL+oJR$GnZDXrHm)(|^|Af=EK9?q*Ey_oZK36JwK>>%V6!xXcOPZhD
zTETWm{yW>qX&{Wq4-+nmJRC*t)o>=7cEsiMP#gsXbJJVk;46ZGf`&?M%gc0-6_-V8
zH@`&4b`s%+j#Ku;lNpM`c*~2_fobzn4me^sa=FY@6E1(*W$FzlWm+*|%`O*%`~hjL
zo+&m3KY2q=r-ip^u|3-&%N@Tu{g;UOyFsLoG@KqU=kK6RetoiRNlpuMe7`8DKR$*O
z<_6J2B@&G)2*65r<AT)|P~iInDcG+hV1jKM@6Vm{gU?hLbBTNZSt+d8>fa*kP&%Z3
zots9X<e75^rN7HpRM~#d0q|Fv`a7uqz`YVANZ1=R8l9H<OMw*qlKHRxDZSVSn>4C-
z-3Tn0{9a>c1hPp*w{~*n<C(elAN#LYTL%w%(czoPMvleMNeGW=?~$1hq?q4Ty3rta
z8RWn?0gZN7Fcu4E+&~n@x8lYktK$J34T%oF%g<QIfmpqj<-Lm<t+p}9&L=9a#$`E;
z7{Swu4k5Z#*G3}MhpjbN6kTCi1ra+YvmRicbISGClp2VZjZZ@wzK_k1$U=SEmgeiW
z8c%J@sYpR%!@`}sDv^Ff+rX{siKbPuBr3)4-+cmuVO84A{{c$!pchf0ZZ|*0$anm)
z`&<b4yaTKs$qXbyvxVhC>bI}VdvwJzgO6Fb*v>WwY^GXd6+6>Hd~0l{&O9^7p*}%Y
z711`JKQf_d<VV3h%x$0&w3~F=v}a}YhAxTXbATckAt3c`7dMl2KEg3m6`eZcyN+RN
z)#gU4e&J=q+U;cy!2@caOL8{OvezNYKwi6%N2V58^0EIpVEGw4n$|0O&#KF{vaBZn
zY@7s5=)Xrb!M8WCj&)k%PH4N(`;RsVE^Jwya;^2N3^ImV&i6|_D4Pa;DBcpF26LV+
z1uCLJ1?~2w?@H@>28MD@us!~JAqt;(c~Fzs(jpc@$6vO%6<vX?fxOt6*OTm89=!)q
zB~x?vn+n*eK^87VqFhZc2UPD0C%;PM*%O<IAR+58mcd$o^IYhlDdJ-0{80R;ol^67
z0eKV)&80e;bkgkcX}!Oi$UykTOYjF#&WQnxoBOeS%e4wGI!WiEdH~gYd=+0Kck^9l
zh8=jCrg?$Ch*C1ZtXEI`DKswr1U><A`!W%UkBye@h90k$g51-8-XuYStu_~g#1_Lp
zW~+k!qJHx=Z@Xy<9uW~{;BAsi48KjcUB%MYTOyf93xBr6UA9U~-xVioST#<u9;e*Q
z{dD=z%B#i1@j1wU&ar`hi2??DlZ0~PHU)Bl!-i|QvCGn+@5`7g3w%KU;<Uq*2}*y4
zmY~C5g}X*IR02A_Z}dhWu-iY}lj?VUxZgaM1INO)d&ON&oao9rV3$^ES)T|+)Iia#
zM?N~fNLzynEd{G*C1*LRh#<hJy#iaPwgoYi>m9GC<qy`^@4{``$~)~ByjkV<P=O+Z
zy<|^F69fJiQSTi{_51(-TbYN<9IH6Cl4Box9edBn-U-<xdpolCR(6umt7MdM#6b}a
zWan5BB71$Wqxa|c`=|eMc%J9;d0p52alha0Vc-!ylh*c?s9pXFP6`vk2u|=~v2A<}
zLv5yQX<qMLDT~+)2L_hoRSM(3cL(gmZn&b4x!C6fVjD&caXCshQLtk4K20C&Bj-TM
zFC3lbb)J6shRa)zxTWJf^GkM6o|{elzE?Adv(D{`IlBe8yg$}fe+3ihty@-Md*8z4
z^oTTPEInW6*h=KSocbtu=&@_3`Bh@y<J7jLKTzNm#h@D>rGpgZ<%_FUQzKff4jG$}
zn6RhCN8j^l#+x}Y)%#^~$AU)s7Wll^m*OUjY;7<Lxj8Qf4#R{cJnn0M2WoF8ikYkO
zvqu#r=}(J>!4p$;N~Fan3L|ob!esKnc<~f?`+>p*PzFd_ih+BA48RV=7gWf%*3P5x
zbvk7g13Z$;;k!k1Z^3YA_U!zi^T3dF`R3wFx|e>A2^U^KInkaA7R>kC9D03oCZ8gt
z-SnnB>35S9R0T=fXiWPD-AKnC3C@li2l9)5n!0npo-R(3oC!bMUy+$SGB%uSJ=A?G
zSyY|;j%xxIi@8!%3RpIrn%^CrQu4T{V*d@Jc202?Z0$$^a?3LVj-&_*0e#^|b3mqK
z-dboJ;3+x`x&QfzQe!o1F<BkII5-~4Q2U=Rzw$e<dGI@;g=)VJlXZ~nZRyeadg?*{
za>M9;&U*J&>o5B8y;adO5SH;=lx7R|o%Cs4GdLT3MK^;|@$!AA|L&_Tx*>++;=B77
zt9}*zze5XW`}ZRfPljSM8rB|!RCPoYSBRHIY=oa~9W)H+30e)kVT%!DxlFyX<*}{=
zPCb8Tc{DIKu~$*)*AO98xW2#c`=89;@s-1qaL2wy5HE7K+LiM?nfnuH`K4xI1w5X>
zYueyG(P-bu6*((-BjU74h?=IfR_{*zwqB*3Y6+z?(K?v0CPqhU5bCk^9Rsh;{jX8l
zIZ$vg_J-c>*j7FOXWO^d2lrOagD{j07LVU_+prWI{LI??J$}Bqzvf?Qc|5${;8nnJ
zJ%0306~)EcuZ!{~8SJ6bgN5Ri8HKX4jeV(Yjh28j+ru-a90kY2hn-$0oBi!(AwfI+
z&08cFlKp4Dl83_l9ez|=P9F=IwVQcf)bs>E)UatX?v+!m-{iXseG|pzp%At+*G|@%
zv?Ym7+1}r8-Pb3?v+PgyPxn6C>8ie+MYli#(Eab|>os+xS43{XGKSw5JVCCe@X@q&
z)bHU2{45V|+jLBvZKJPt=O)=bY;pV2$M$IT>3adoCTi_is$87yE*dxak-vi%a|Xx)
z2SW9Qunbv#EwHjqgCM_p3ohH0HfuRQ8+_Jkr!9+sSVsi76f{Ld2T}FRL&V%Czq1TO
z*Fhq5IpwTR*YY86H{?P;Pw-FKhRoK7np0VL^Q?c1guE7fslk30BgrY7BfGkrHn*!L
zW8BuvTbwcT<G&!w2i7B=?{w``#c(Od&VGmGDX-1|+$6Q^9O$@*0yaY6d-0e7az~7u
zYJiH^0`A01tLl`4%aCX#;Cl=39V-@W0I^-nEuutO6-P8kjE-d#4yHmt#3xS$t>pNb
zObn#=z8Z(=sSL^ecpH<pcEe+mv`?0}Q<XRoFJIVeit1NDo2_0#m^2&1%0qA2Va(La
z9LXP+JImTlyN-&yjvqQ1kHQLO&+hCr%p$KRK7juidABQ<?<<#CMuCZ_9k*+r@UqsK
zhot*!U8NU5rLf6-*9S7)+aTui{g%!T-$$)7QJ!9%FNltQ%>%V0@c-l!ns~myos&Ux
zVb;JrW(}M@XR^lh#gLN&G(Nvm;@{(6n%&JfyR(5^y|E#R@fxQ;f=Yb!RPe4G{~&IT
zu~t*I`TlfAd+wIk#+m-x7jIA_5s`VN@5dwVDhm@|6c?nO1lTqlO-HyW$9T2`$%uRX
z=GNDN?rhJDufOXUn0Sz|{NSRYpGcd*o+VzvSfHlr3k`4kusTThw>w!GwHkADc?n1C
zi^@wI-=a3`;^>O(WqPuXpyYT87P|-FwSPcK?^9l2?xM`A|6ddz(I+N11Pc9>6dBGg
z8O4V`8VyH~<A@3)WanoOI{v6h`mY)UEf=^R2lHr&+X5y1{hAB3oN~hwW0(NOZgv(p
ziz5Q#Hh)D|L~N#UjoEspGLu*M*AT^x1bn7%;F!A(Fg=g$+-0{;ccmn;$Nle|Fg(d2
zJ6D;-25)O-PLp!!>tH3jgbKy>%9cq@mLZixRP7rJe$3ux<P5Cw<JI~}OAhqXSab*Q
zBh2Rax^+$PHl43lr0p9L?>w65o5R7WuK6*WyEv5HeAzK}@%uLbJZ%<vz5fG@Bjm#g
zqA*{=Bkj{=1QqcxL8n5hGT44igZV6-ho(*f6<dd+M$kp$Ze%?wVnsRc=71aS+xt8Z
zk7cQ&ye^BFFp}fS;++XQm;uxA;oVHGO7aTzG^#fyM2^=;IPQCk4l10yyxLn%jETSq
z+Ff{u<NLDEmQ=8-E9cVZ$~95dB6?fBwGg%<&>ZzXCu1IO+k#w)rI5IxR-Tw$-*c1L
zkq<$kn@v+Q4KE@J_70xu$sezBdQC6VJ8p2=<CLR!G+N~zZQlaDMd0TA*Snh7WCH&V
zlj;%1*E(sNCTQ?Vks{gb!It<S<4SRyUWrIvR|b*iaLk#^BBJqj2KHGs$kbPJ^4|gn
zS7mxQI8+A$j8+hkUUq0m>{_MSleTLV&iIFY=D!91`M`J*T*o6!;1+sx#<RKmQi3vf
z(4yV9)&0x+kT}|^<k^>&XU~K<+HA*dTZPPCdY1`>jE5b3dNkg#cmBRtV99hqrWUwC
zg>D?9TWtGtSgW`^+G8HI|1Nq>{v9#iFf_XP<tk(AMd-2Nq?AHH$mZNPPveLwyLGkm
z6Le66-sDA(_om>Rh82m^Q{#Fo{*&LMo9r!<E=4EKi=A^3mVsxw#<}846D2`&y!$hf
z&)b7HWLT`WYA(*HTT<s7`j<oc&Rm`i?=4(>@{!r-Xn)>*lpD?hVmW8gw_1~mS8=}0
z3@{t+Jek?*`0s^g7Ekx}$);~+maSp?ll^%F%UgjU2l1YUgWYvdyvo2gXEY)?`0<ag
z&+m-P0CUc{WP<=eGrb6s=KH48Km<?YRHCmiP%Q2ByTg44yqxJNlS?zF@VK<fKrAF&
zz6{=m2{`$?wwQ<Vr*@9S*-6>_bVA>E?F1CHUMc&)GG4xK@GbK>awwg;8<4HA>fXZd
z{jSjR!Wf~Y2wtl+451Va=EOJn#Sa_b9N#)De4FgF8p~_$&whtJ7?x>2#tX8vmMh27
zlMdW>7%uNyG5B4r3J&JZQ9P;?Z+SHXG|2ARU`;g2T?sR*a3RBR|HGBCMfDOoRc7Sx
zrvgC8V9h|JErbJN#zUsD>Z0X+uO;B{4WQ%E@dmH;cNbd~0qfr%0IA4^N);Ow&|3aR
zof&5q71AXrCqP1X>@jrj*ncX9Q+&9NGjW%x_)OR*TnYJl>-)5>6eZZVCM5yScq{JQ
z&}pTK=S+XAjN0wt;X=aMYaablR(FKDavk+rv=RoR5HFEJz;rZ1g2@U$nVLHubVOp(
z6*9IIHwmkve5{a5cK_{qxfF-)3<R?stxRX%6XzR9GI>V*FCnc;q2ybsiJ(eg_0_N`
z>a?&9gupYKeV_vCQ|w4+a=^_mnhce||9^B8s`U4F`QzKZ02!7lx$h0tXjapUT~v-i
zWH9g4Kz1lr+ta-sfpicjv)a=$nSbwtZ1Y{o!uJaZY{e1FFln2gJlV)1+&~kV=+DtV
z4>DZ`yIfmzWVKY@^ofX%MUo>jg2_&tFA24-MC=UkhTC|=;uFx81;6P4ES~NkI}Rk@
z@M$sL|3!r~KKPQ$XH93m$Hfgal32dGiDFN#@PrOO2H)NhaciU>OtZ({&MDu}vJ%XG
z;OS1xYN*ezi*)Fo3jSd#pf-KuTaZ{xg%y!KoR6_7M^+$MiPai)-<UAmSAmK3A*76e
z)562*DsfCG;o!p0jX#>LUqhAGOwaXb15nE?^59hWZr8#>Kheqo_4yJ$MK6wo@<m{@
zQ!s=g>2=an*^HH1bSpeeG;*TWWfd4VJ~<H|X5iU>9Mwsqb}anEogjGu9Fq<)ga<ux
zK3-=h2QQ7V75OE^#aGn+tUZo=S_*+B=Rznk2^u^rL5rfdcn28}z@{>=`8Y9FE^o)@
zjPLSuzcN33O5=05@oFTrfv`{UO?taxY!sgwh;xPJxfUlNt)DK5WnV8qP+~IEbLT%U
zw-4Tto{&qQf9#hMi)t8~R8vU$=GJA%u0K%tI*y|-vZ5>2Pc=rinDCsfAU!0mgmi}u
z5#JjqFT9Fw6zVjT$iRoyu#WV;uAsiM5PXO2=o)(s$a5lJM2^CTJfB#)*HL{McvAce
zoY>b^o{fnCi6%n+yYU|$Em+OMN!hQrFW=u8wDWXcZ&PT0@yqOi^e7~m>Qm$&&BfQs
z(HHWGis|e#)w)G?o-Xu7U%D`I*2NXpc_@Oj<MGb@iUa$Kve9r>eChWI3$oBZ{!@J@
z^EQ7s5bF~eeIFKbG4T2@MR;=!ZII*Jf&|H1>;pq4hLtLO>#z0$3`xMi6<Zq+TR{Xp
zg`ThZqA4X04evaueEwQENg{|M3vj~-z-WI_2IZLUn9s<3sw*0>F)?}uxI|>%UDSl7
zD1m54so^gHU-lu*+*4s^j`EBAQ$`MX<Of4Ul!p?*Xmd(<tuftp?3}Fp-I`3|_f2ek
z*?>U>%%s4%ix|s@Nh}RNcDr!kmMYA1b55szG!rm>6kMshP#Y~C<c>R-xN!O>rAP$P
z5x9KJUjQ>D;~?<BpCFHckUV$imX_&ynSeT&4(&E`KtAI%!o_kr&QH39VyJ;658Lls
zK#d_|>1!GR`!VQ=49|{IKq-z5wzoQpemRuwaDOwtl_e0G$o_ez71*e{3zO#W!J9`E
zk#&ZlZx&=}><_=a3}0GO=6dqdya_f@AzPU7eD*e&=+y-IUy9a*AL;fm>S#q^83Jql
zO{GQmu}T~m@lJ#072ir6X;nVBFy5T?M*L{UC7BdVN)zSnD`U8sIq#55QfL#U5}!md
z9U*!~-Ed(CkZn&>ZJh|hiP;00+~Hy}hJPQ2^*EdPIC<-7B=*rf`y>nGDjzCB-|OX6
zIovdh=8EN^(I)dAu@#h7yyK%h!zhR-E4LC)&hvX}Ais2f6F6GS&3cBi??nZqQ1RYo
z_NY*%wGW4pam8mIvO2%|B%z&8B#0Ej8LKFRl6{AqyCzx;7o6ZCpThe94d=$ntqJ6(
z&~qMipZxl>R1oS_II2~VHovXnxj7lxedEE`T-5oEXIGnHet2J^?p-~i(8$HOF^Re)
z=RK>U`}2|bkwz>V$<Fn1DVA2{%l-LXG9mZmo3sT!RG+cT^_*_Zx{_3cx>K2&B#DZ(
zg#TfPxD+D4*v-qb8)~{dc~zQOzs95UO2{ypPa|dZxR}a}Kw>obJ_VK=dU_7wbIOG4
z{Ko;PZc-4;HI$RVsG#kzGL-fWdR)mt^FPizVAZ-@JMIf&QtrjZq7{4bU890oi603A
zS?58xiG*pMD{xX)=hIyO6ypY@O(TBl^$bWAg&_(Vb|YPd!#2rmLNiuMd>Q*yg3sc9
zPKq}@94o3zU)_0SrFP?htJ#i<FeCYw_ch3S7DLJ`OP{M^&;Q3csokUIRt$_a?s~ih
zEO^^`M7!UWnEN>Z1O=tT(TUfSL9D2pEik5-w+zQ3o*1U-VK>q@3TsUS1_s1rLKjmc
zqs0fBPF|h7@QiiV<l=QTUgIz6h_3}t^H|+vG#bdCb0CKT!Y){`A9(-XefMwKMj6@+
z+Lhnz_fgD5nx+o|amk5-$`uMDTS$@yIi7iwSdROV9=D}4+7&;%beb3I0O6r-BR6Fy
zc2?&nS5+j~-5j)X$H8BP8WCTDLji_1>9K@?E<fX?Y+UZdP9t4EH49Sb??f}GaDPfu
zN9?@@5K`!?H`NfCNJI6mzz1lb3Og8g%X2y0$$jYA%ylgIRiY;Yzf##n$5o}dgIH~6
zZOe$1ig2DaE~^|>xlDl59+k6+00Vgc2m*CZ9;1~~{MkJu&juvuf=q#KD4CJi%P3iv
z@0N3MR*EBdF!yJ03#0PsM2Cc8?wGl90qQ^9lN2lB^YC=eC{aUFsu-H{h6RyVt&0C{
zxgoF<`5hu|V3SkF51cx?1EY!uu7fYk;<1`A<6HRBh7EXzk@v{#GXGeVY1dApgX#7>
z;OUKup8m`|#NnotkF@VorA>=&8{DHJq-J>fMSOefacEuLze{4KLNd`ELvj*4`0_4V
z(k6VdFJ*Vvqh{m20PeSU*x@LSuN|EQ^K>tdvDK7B!U$XlsMNMh`z=YETFrevS3O;m
zYo;uuG9IQGJosc^p+9rSy{9}|j^<u}W+mo44WpB406(S@z@<sQgJBKz>uAvt*)Qre
ziL~?V$aYyUMB>u=Uc+HAX<AGSX$PTtB6o?MZju|7tOE>H6nX*`GyVjrW>OAvIT`TP
zTDw>@wP1^u3cUO(H~~PubMa2TFD^ToX9f(^loRm6W0*?loEo~_{xJgfYJlg5H;A)V
z&S*5Wbqg<s?6y<e*9+jL|E&~IZ1OB)9U70z#geKIxOkw?@p1$alp3qp%aui(T}3&y
zw>Ce=k~@uqY1zs^mEYp%8&GCO!5-O_Y?m42@|@=HiLm*9R<bbN>~3OLl45gw-yAln
z7k*`wWGW%U_xz-*wpz-(+5q;(b)>Z0Xu%ikyv<rwM2HdbZ=<YGtIkg|-D|qjzW^Pt
z+)Qy%0yvPx%Sn=No8>-^%mU%pe)Ec!d#2pOj~#u0FMz~d0#>8M6*H&`%}oyc^6>fR
zw@bN}(>qH;GayI%n{wUb5J)EP{A?1F0m<XeGgxP=hK?zh7KG2r?~{19QE*N<;3Z3&
z3&`FQAn@-Uu2xWms^UPKUzy<>Ydar@C>Q6L+o}iw6|REyaaNQGzXz#iDOd9q6*|;s
zaJF2=DWk;h?$>?!HLzD$nca7C`H_-!_tTdt%6Y%nEC9o>FHmj&?oKLJadD;QBJ}9Q
z%d_LiGXzU573IyUtsB9<33sTxIqw{g?&596he2`zf>WbUN&BPx*j>rpp8zF)QhC5w
ztu=$lzL+iy?)Z)xV<zoP-~2^!I4Xzr9q`dE9y2--QW35!p4=6$QYPXrT=HI$hJgzM
zb}gelq!VBqw3PA)Mu8+7^Zaq`N<x%g8&dG$n*4SbVfZ_M2Ngg%D<WScJ}~_7oac%0
zUzMwJ*bwD;j8hh#C-@jRU}8)}pt){kZCH~7Z<S@G(!V1Ox6u2;@-+B7oSIEBsQ3jM
z56P=j7@MUyU<URBh735g^MzE{@n7>D_|6j?wQKJiS;gn?HL)jkNoa#rYAG=day17N
za<C~D0+K24ky9=Eg1{zt9#lyxUL&E21b^4ZM^@li7)RE<xRUi>&tL9;TFAfSCz&DW
zPgji<pm_#R>Lcn*dUAUv2SD`V-GG(|X^>YV1rC%Ls;my;_{0(;%{w8i!~%8S0uw{;
ze&edt#JLG}O;s-`hV<M>d~YcHJuxLSR$b3;0S-k90?qd`(eu`#T5>LB$F5BJlm)$?
z!oJ+g1Aetshg-4hoc!fML_3u~^vnq)+{P-+VSb)*)qcc!_NH`CD6yId>wlYNN-@V*
zb=)|c)W^3Y;#e{7a0CEQhdSN@!F(JVD_)vd=7<tOfxN*-BWvG7bkNdyCg{~FT$~5?
z=}&y<-==vy=VoBRy{(t5s6FR{UcUJJxTj8)#u=j?!29n=Kz{q}Ji$SN!fE$N)@oku
zkY5AGSR@j4ckAMGMd7B2u4XRjS(%pv<ucOK@!xjT#Z@|E$Qw-NLU`%X?;<YF&%G#~
z(PmazrJZM?yY>#T(+K|7TW5DMsLyKu^%L}oaT~kSA!1D)H+Q6fsO03;KrHj+@=MO_
zqygOmJ8lk+SGB`~q8JUF)rPK0SaJ2bCzl^{_3cUNe7e^uax53)zniT04Wnu~M&?AS
z^!+GJGt<8<JW1aU{chpf3V0AefoDnTcEf{Z`*%tB8b-f1m}f$g+*=>&>LRv&f|9_J
z?_EA4+w*Yqeis4GjLPYEAqRHudyOC^==Jp-xCa;p+rWrGuI`r@p5_3eGxtBOfZKIU
z8DiF^n2at(kTzz$0uW~=S_0Q<qG%pM);~OEBylf}X!tDEn!hktAWQrho-V1v*>1HY
z0{!>(i7nh7!LiHM0)vOS#e&fGhjSNawqE|}e4Y%sSa9BG^=5`7zh|_0$YG}H2DGyv
zocMA?RRBFYr5pzE-%t6%XmvPVOlf9O_QOwi#{8NPl!~-swCX2ecEDAzCw1L)?V2^+
zwzb9v55aw$jvzyQbb3&09JoN~gbZ36`v6i|UN!$hBJv}Ih+8T&-zX~XCKLUHn_tB0
zw9BrL1Ikx&ue84La!v-Aj#R1NE+L-ZB5}M}%Ck+?e#@&Ix%;`^LbObS62X9^MZ~)@
zY_~dmNSbIukRtmMttNbq%JYkfarmWoCIix{EZIC&qJbPikBC{X*R?L(GWW-Sy9Jyx
zAGAI$7n)Z--B9X?B7s?xlMz;+?oYpM`Ztf*kp0wA>!K{BZ+HeT)Ymk%F+yGg#~ZT>
zD%J=(OvNz}Ic!T2R2`CQ)M0>Q1&)crzQ4tw8oBB8f)>qOJeGq*#gNS6g1YB!mQ7NW
zeVl2sKh=L#cmPhsY}CEca@Foop>lGFUb_AsaN&};OOCY%c?rE5bf!|t&i?|BI1d%l
zuS2DSVg!1aJ*T0GkbMQ93OFg6uI&_4r1R3mH8*@d^`ySiJ<tJynzUy88D9)S0MeG4
zSe<^QfNJdKod$ov60EY-H;L+0sq}$v;QYy^`ItCNkO>FP2XIRfBWQX-8-lpGu@(D^
za$1uBHT4czR6$`lAMh?br52}E-J_Q1%OF^4bF+MtFN?xN3kUBw*}kX6rG6EDFjkAy
z*#BIOY5-t2{}=n4K;|z4FiD@e`iq_t;n2`Vo)8?5Q!a4jL${GsNh)IU^;URv=P<wl
z`T`<medFA@b(#-g+sK(Gx%MqO&Xh~KwmzbK<2UvDzvn04nDR(0GhcZR?>_i$9CYG1
zAFEVh1?1s_UE%}yUN_6>=^fkiezt%eRkDaq|Aw;7R$4<gJ(VVdk9slPeCIf{2)Fh^
zXo51)qz7<cc1V-fJZ($N;%zE#du|98kf)g#je1IIC5{E(nvy{B@AOosv)QH}?4Mi^
zgh9#UoHBSHsim8@;-(8tj{R*Q<U?#}BtyAt6FT-zA}n+2y~WM(pjF-OAJ}<2)*lC~
zEq>2;2Bo1Lk;1m7VD2_`=G>zZG;P5dBYr!uqzQd7{?b*dZSMJ(>-%M+Co8iqa=|S!
z%^ykoSNs1=)Y+i5*ht<x0({lc*55SO8~(el3XAcn=YEZ^S%<&9S+ozodpzv^V9**p
zoxXk}&F}WuyKw0ht@z^jl&{1!91tp^VZtMV8{vmfFT6Udo09H=$#!j1F~#MioU8zo
z^|@~h!B-p^Ph3Xxv@m{4DH@Bbx5(pff9vvz`2d9UkC&{x&-TVowx%jI=?(yb|1A)f
zMHZ`-#q`nkc$r6PY1e<RP{f&J)Ohc<klYCU%-f(WP=il+6j|CCI3f!lq`cA66ew%g
zH5~GXUm;DYed+sNhf@2&1?%RU+3Kh3N9#|+Z`}KQkK|yp)1^P<(9t_+b+q5JX-Ojd
z?|BMS+R5ntgMKQFd(=gu)Z(8xGQQZIG@SxO=gsMe>}?<D-<x?tdvni4)UIxtt+k>L
z@{&#Fgm6P8te8jT8!1Ydc#%O$d9?rtqaZn=xt6;KuR?M&fmd|oEe?a6r&}x+@}>+J
zW8X)6L+8Pyar;wAG9Zm$zuHIQ;^h%u!y&+c-5X$|n~=e&-p3jbfWGv_Xgq}N!kq9&
zT-ipI=DlH{o&OSFeRk;kTT3XR+xr1v7<OcM*<tmI{2#l|ojn{ssx>~7W{o-Syth%f
z`MvM;xwB;F=G^1uBb4D$-o>L%Taw};XIA3j$I}U<sujP30<X@PoU^PX1za56%Gds+
zu08vghM}u_LB=dz)kwhcjPd!|R#wvXo^i%-D@czeiW#^C(7EK}&LCNX8W2Aqf`?QH
z-#TbA46~!ZK0r>lOZ+J)ACY^e51LEtw10WptxNIhJ?@rW-^d5vl;DA@bVGlc8vR%n
z921qHIWsExz<tV-@AqEJi6^}`2oQThcqyffo(^``R_6$GemF1jf#Tem+IMw(we{!L
z13k~Q71I17A^lw#Nl!V>S;RFSr62Zra<r+@TVFd~=gD+Wz0}=JC7qW|FTx9yQ=6fS
z>el&-u69zBIq?znB~Hv_4gVS3o!c9FF*ANHk9mv-gRNnjFye^AJDrrdv}n0)YvTb_
z`MAEC^a`yqqJ@m?vsUyq<-`;d7p@+#sr{9;+@t0Pg=qe5O77vDvlr>N2VRp+AOIY2
zeueIuC}_H}sL3uJn5UJV1Icq|-8S@(>Q<Ldfe809>wjKzvn#}Knk!w0E7LltRD3@w
zqZt+01WCa)HHDqZL3XdGSXWkNu&?6sDT~u`&fxWB)`(Xt?Cq3FMW-o*-tb6SDT$C@
zQSZz^Q=1-cU(6;Bq`(JTCInvbF${dgs^d{<Oeng@jj{4fI6UvQc0f6$n|K=6S)qi?
zUTl}SrabK8)vozD`&@rFRh6fe5zFjheZi=iRgd2vhg=zCO}~7RfpC<D{SyQT7J<|d
z2U{?0E5WnIUK_;*f8hUp)Zg8u@rHojpHtVBMK`RLGZi04+UiVABp{XvqrCMqL$BQL
zFSJq{%LRS5DKv<ivf|7+D|v#J%L?GAAvMnZ^;0Cn>;APyD@-L_Fi`ivA$hNpxATK1
z<32DZ5fSEK@O}grwcUt#Q*<`Ik@X&>HSdwXNF$LhrEoXANJMy+F3L|y?~1YWN)Lat
zfX-Sp8t)n8VYo{1Q-5E2f%fpW725Kzmt;%eK*_*p$W!}hkQ53owH4op4+A1tm}sqz
zW*|gQqZ+~_(yK0*ST}#m0t+J_=>2QQKG<!?K&2u~zo5apLj=aE(P`yfgG);@kI)@w
zKjvoSOH%)ea2D16+FfhrmcN0IN;c&t_|Amn%><{Yfw62Qar1+oY?*gRl1$Ak$eSsr
zekTfInM^(|(?GqhCbAXp*lv6CqXDC`A)5DT+rrSJ5xKzjJnu<)o+@Prr-PE=J>wE^
zTnO34`OB+P8cXZMv3kN@bZ1JCscV}&lw#Md-g<-CJ@Ol{*(A<8KQL~J%Ao#kyFypV
zWFHpDABAsO9|4FuZE7&ht^utWBVE)^bziyaW8bl#HwHd~3XW?<i4OA!cFV!oRpI5+
ze9>&d(JfEALj&7lC4oWW;X?7}eS;(};O485@>_n`%Ah%OS{*vVG2Smz;_{h?`KZt0
z@bKN0CYrz@!H0`+{NYFGizLBoH0$16Z>Fo?mn9QkRTxmm2R;Ck#=c-2`X(*4wd+QL
zXeNdUK9D((pT9hOt22l;(Nm^ujf>tfnNTma<m$>5dCUEV6KqV9TK&s9lV!N#p?q%V
zh1s+)!a7vn$@<NR<;BDAUMFuo=7h#WOZP9YlA=6R(5P#Uq2!k?WprpdX@x42&$S*T
zcdUsP9gHzwR`b(L5*|eHzn*NdN<AU**bJJ_hqZM=hrb8}CE&~jUJt!tRd!!R84w~|
zw|Kr(-eEkIXg##{9z<O2ql~BE95|(lGa9JL*Jx>F;rs;*R{zNW&EL^k4Xo$C#DDwy
zEzJ>H&_=joZzSJPnAHy7SV|qey3jdkGUc5(ApS&)MzbG!b)$c7rz?suOdh}Oc-%H(
zChh!{f-VLV!9Hd`N|)NLxeA(lHlU@#nD~j@U)OuQQ{RW3w1M5jR9Vc4COy#C=ciAr
zJ3_soNoyrp^<E^Y)SWUrw-o!tLl3>n=wGCMew`PZZS_G3D(ry#$bkpDf@?F0P%nt-
zig51&AdSuqfJVWt45%ny8}E#W7_U&j+BpIY92*xb4}gu=c9=w<^)B-^WF?q4*oa1P
z-0(Vmvhp_Gd=}%o0M3-m0X{zgH`Tu%%6@f>?jrMqOMBvlr|7I@3hFs#wz4-4k>eEs
zq2_2$E*W(g?aZCJMY<Uh={+QfY?pf`|8V&FN2WsGm8&4L2<A8TqO^CF{o)$Vy?znm
zaDTj^#CGKI^@Q&8;g9x_!zD5&19tC0JyX+>)08)nHxzNBPjz?s)7hipp`!s_yD%^!
zKYO&_Z{F_{x!pQCYb@|Rb%DuIPq{9H6fJd_y0ETxA>nf`oofM}-X6*IY=Zb%c?NGW
zX)z%yH!JZDlX>;?TU0UB1!GN)>KCY8yX`rnW~CQE@19U_hn!CVuFmc>PMfKxfgRMg
zT1KHY7C@R!AXYFck50%JLfDi0;_mAm&SbT^jKE}OHFe$bkE>#RJZjqk<JK$Bs~S@V
z1wus#2<|lt-+h?gB*f`e{mg}B7;=y#A==^f5KFt3Zk@MEcH*cZ>fi<(C!d|Ly<LjJ
z=$kr+#a4_cqB(^}Hg@k)J`&Jo0W=?ngowukXpiC=^S+lqM@Ac#;M7US`DI!%;4DL8
zyU1~4s<xrKRe0E3pC~HA@nptGi72MhLX=4LcwVe>YFd{op;wAnvVLgyt<Pe|*P01Z
z_0q&2cKJ<^>=f<=wtfy^$p!a~cu@OVby28^FYs{7M@Lp>1kZ<|MK5px<dUSQFm~3s
zc~<WM?mWIRcHh)GP*H_|Xk^kx8Qx!_6CM-h6HfeO(FNDLA|$>4LDBiYDYY*Ch{UHO
z63M2??l#%CL<^ZDDup9|%R+l(JG}kPUB1Sohtn(9@dUupjQu1ei2(~I_W$K=4Lqs_
z1Vm!lAG%W{i@o#bo^o{C?cUe-9e-Z;aGKbE6{10Oph|f2gi6PXcQPn)dn=aH`D$=+
zEQp_==LmNZnx`&-HfpF(_JqSII>Q1q-p0)eNtv-{rCdhnIpJYA6``JJ>x~bqa6CP(
zK9-C)ira75uZefpa&n0Of|F)YBA(zXiOP8IGo*;%06;Pekc|Q~^%YnA0waV22hvn2
zqY@;zAUC(}u|LLBtMvqs4|92<!XUNf7qL!xx2+wn-c%cy3)zyp7~^e@!hekK;ayyk
zz$jp+NT_zF{5~}j0gv~&4Z&X1;Co9v6?xLV`r*(SDPKSri(m4wi2&kraz5RDb{jR%
zyy4nhirnFB=s!qZCg(b#qCPMAT%HhthV!5nSalFLt|{Rcvz~+*cW(s%9@QgP4JW-e
zfL(&pMhi#I*FA68DJgx-082+w`}{3X2lj|Ooe!B9!6ZT$M)sAb!2p*wF)dd)aSr8Q
z5j*wGEb3OZZ=kD6J5-NIgyD<W3Y}UHN^Am25NK+LWGkRCq=z^XO6eXlLnmbwg^xAi
zTt72v35;R=y><~;U9)PcML8y`vf8-cMUcmvT(Hp~3_aEeK>4xS1(9gHflAYIU+~Ct
z3G`^lT9-zx5>O$9m1ha&xQkmNcUAnKem>Dk{2ABlN?Z-K8oE|Yxx+?F`3Q9yO=-6^
z4~Jyl-PMtA^2~3Hg4RMDr+$mJy#o=g7Fg7%v|3|DpGcoz#W%AiZiaizo?0fF35KS_
z-~My^V)sey<Ek^uu7oKAR*9!+p*vnUEmw3>{B00cABEL>HmKXIP;tICElERJF22z(
zm8E2KuUtdPd5(h(A$c*o;J5u*gE7Q>As@8?JYIh39Dh1`Mwbp$mZ7=i*XTkMaAQ~f
z`Bu2cL?bzfhhxN%N5a?i<@UbX=}OUC+G!!nJu%tdkB(%neIv=)O}A55it`4bz2jhF
zX(kgVMfz6Zz$AWtZ&>=%CQ25RzDxrTSj06HlcI@BeN$vLwh>2Mp%&k0B4izg6AV+b
zxeGSp7!|6RCiD0+7)!|Z<=)EMLFt0o^}9AvVR$Q;?|(|@m^fG;cY9qAM~I+<(`jNy
zfZu*W!7LTc@930()ZLc@KI`ar0@3K07`wR`eP71Ru!O;Rt7*x8p9e5XiDSDJEs}k1
zfv95CV!_xu5}GuuW<eBM@toj7j;3|FQ%bEWi86Ce5TLXO=b|c&Gqq7~$qm`kKkG#M
zK+8!CTQf5}EX#KjPkY#JZ25aI5~9nZ`jAou6V@AP9zRk!6hw45a&+(PRl;Db_mfi{
zcGa1#XSfusDmE)f?2FgL9RD75tf-i(e-*F0;Lh9jpxk+=YCb%(gaSR~i}yCj&tW4Z
zVO+Jz@ppUd7P_JTj|a(#H9~S~L&2r}+5yAaZ9|W_?XA2G8RW=^ru`YIc&y~#(Kl%&
zEFPWPUipdJTlbL{o~n<wEuTL!dSqv1Y?RYogUcDoKtAltbKJpKkBab{KhJ<o`f-@f
zrCyak>^eK>WVpF@x>BSYBV{->(Y87A;Cb7uzd*2w+%p*T0!gN$+Z}m5-zgtot~`JL
z!3vvh22-j^Qc82VfuUauZJdHpvJMAQb<A_q?APaw1PyLANs&8+Zy2(sb0Qpfgf@ZA
zy)*fX%FlfeQ$20YsBdKfqFyZD6|5K+G0S6l1cWty1-}Nr9wJkwkz_Hl`yX`)F>&12
z=@+p|1e}-YfgE&53@MPMId^wgMueCX@TC~uS){|jsu!a)OrSYzn1G)R6^g|WVTb9X
z+3(<o+^ow~lvZn?m!iy#(YVeQLmiil>nyt_L8okjRCBoh(cTVAMs}4Z-XS<G{bRx_
zMH1H`%PtG3+#~<7ttY(?IgmUCmGP@wnH9*^IN6wV-nbGJXgoUMx}ODOr2Ur_PS40^
z^}i^Q4oG5}#=_}i&~~X*WK#&44kDkx+8vWg8G{U7@N>-N>Gc$)O>ajz_Jq}AJh5MV
zVfSfE%PxNg8Tc7cwc+|9(VUO)w?2*JOgq=o@eML*pWy{lm}si#IScI%8ela|cyXKz
z%gar05`%#4*gYXF;91Db4QP=!`x{dzAJ%qJne6@)q;7GgT;H+;lwV&JfZz}G#LfOk
z*&iSB9_0GNOo&$Ek;^zg<RV5x0zAu+xcWWRawHfi?^cEIr%40E%GTSlJd#f`%t3Z%
zz{Vf?B3xQ=>KIs<j^Z1Tiu&?LP6r^e^%k&U5O3J{v`g<5Wd6in4+8)`{<IbOXTy2*
z|GC4mNv-c*PQPfl^pi-=I;9}VV;~zr{mIhKDJ`7h+0Heir<g1ZakBTLmCuco?~ZX}
z0=6sjUP-Hrr~~Nk9V?$WThI$S)!vuFazZ<eW9Y0;xM&`SHYYdfJ%Aa>bWPe7fCedh
z-9Ek#pZ28AK^kFCkEs8Z+%)1ENzppRzrH$+=;Yp%V$j|BevCSm{+lALDWd>A6vaK)
zvvbY+)F$M&_*@pTg%Pg%vl%}DKbV~J01W!~h9gIT_io}CH>*GRh0oIK`K>NzPVK<%
zP1Du+$cgtz&h$pSK82xWBH;P{23mxMM(8Z&t#s}!1AuFA=Q&6gB!AkSqd2Hha>^k8
zX95?YU2K<Kgr|3=*K&q%MEa9fkON>2J_)`$egX$04X0`;Qlj4G-49PNbH~Ly4zRc3
zRlklqL8H^ffV>W9*$Sz*uQ8p%hq-|`;$B&!T{pp{+aXxGaO!oU8gMN4z3j(t3fIj(
z7voh)<okDz@&$0xXkKNIB~=%#jr|h_;y=We6eO%Hl}3Vh|MSL8R4*Q2E$t8-nu82U
zvM4L%zmataOcc(8nEk2a;~INSH%}@)j0C}hd2;B5HvsB-Qcgw0+{SukcoEdBXnMhm
z;4XZU-hE-*XI>`EXtgFaoW7QhRhlq6D3T>SrKWJ6=d$A)9c5bS2A3V?eccxY(}%IZ
zF{p?5t;EnnRAX3AzI9(j3?@GD8Z@^B&nkwG-H;GhI@WQk&bmD?TnaLrq{;(HMMrf{
zb`4O&E}KG-u}0#wqvD)@y6u|eiMgDv(dM>9vXYVT-U+67h8t|7YYi(x2Xvg25DU3q
zB7KGv6>>Tz;ujuda<0yGcIunEu*A!oc4_2Fpfb3PW27j|{v=*VJOKrX=UKlI<E%lS
z#K#Z)UU^LTAXt>S&{)mOjv4KSK_6fv_BG0xsDClf2f!qSPE;x!?-&mco<!5p5O*m-
zMO}3CoHYjKB{^DRGG7>)_?lKykPUF%D0*s33O7)kG}W#hrq8hwq<pBb-SV&Yj!!(8
zR*wIpJ$q18#)&dmWr8WD@5qD4gd;c;L+pEnFHNhH=;pJ#d|=P`WX}gG;-t}NmiYBD
zhL7xW<I7ooz}3RB*Nv!=rVWGome8dO0_$+ghz0u~UUtX_drTgLp9#1<n&ZOBcn&yy
zS`D7Gvb0i@u=yM0BrWib8T{{Y)lw~u#m37+BL5P%>T^V%v+!rCc7r_P=GKd9;ubKl
zh6(#JYZ3mFIIGz8m3JJe2um_4y6xwykY1#fMjd%jd}p!j)1<=Wcx@bX|MHf&a=%^H
z4dljbjtTvP8`i2lld;CHN(F>5m4KsV5ub6UoUR38=D4Id2!`u}{^2TI^^!F>{lst^
zPW`L=`)U?UODr{d#XYu<FI-pB^JaEOoC)v%gNU6cKt19jQl8no3vl+cCUPVg<3Be{
zi0X&~T#`9;Id3S&^2xa@Y9bB`2PKBeq)%~l7{jO^E?go;dS7_C?m)3vQoG7=qPW7A
zbaI?wCtF0e$Zhit+0~7@>?siA_@U-0LMuG>Vn}r4(IfcRSfA8IWmVu^Fj&s%7NBip
z1Q{M%wK$z;d%wZ$0q;<F_~7#Ir@8+)1M{kc<_wI9Le%k(^mQS$8S}}nx_HxB6#d?S
zkqCp1exk|c+wy<cDkcLrMhQs(+mBY@A+I~JNMo%7g9P~=K)F6)Z&nN*cX+gg`yc<x
z6BD`U+cOfIQqhr5hhs{Mqkf5vp*&avz8Z!*gyT>PsBxW-j4Zex{x4z)Bm3aNWyDPH
zSaM(UuWgro?QOF3B|&QIE}w2gjygsEr`6i+W>+pv7r4t>tJuVh!a~gRTpzK0e*2<L
zBe%tX<q^xj&;LKp&QoYnJLL`e=^1Y{Wq7F#iJ0bdDpCtSPbUpUWYns%@L+nT64B+H
zw2C~53wM1JiRg=DQDBEm$oUf#+1-1MfOJS=ik_?}dtxj#E_FC?^MiVnC+5k>ook?g
zi@taTaYO;gs1$FONnmh)pXwq}>k_wXcUb;CDE}9Z%rt=PaB+zuAlYV1M<rXSg9twC
z&FP1WDd#_+W0-*3pwRB_#W^ll^}muzO+No%S}MvhcGmb`t2;Wg1PmD%>#j(bUKECa
ztwh_t>;KOk3K(G2U=?y;(cg)YLy!YwYK{u^u;qMPpq!II)z>-Pjfmt2(Vxpdku>f;
zmqTxsHlR+N*>|lh9+mKUMJ4HgJxmZVM_=6+U;{KH@LOzea{RQa*{E9dW7hhk%1-+#
z@b}#V;HA2vt(<)g_+kS<qc9(WQs&bbuG&KADr^C9Lw5??(&S$NVavuByzsi*<`1?2
zwzg3Xu*U#0j`;ciYD15{qLY691i3LVsojc*;pWhK4BB9Sc!HVO6=yEJQrXEo)7Q60
zj_&>F6JK4{$;KyDHD=JvSpB&%1%~IXm*9*<1C5<ZpyN-eL%pHUy^+^wMG<i+S}Q{I
zTa(?(mlU}6!oiuBdDmEFVOsT6)-^whNG;Xm(-m@7A}}!}W+eeHe+?~hFAfH<G$oY)
zW&A_6|64$1I5nZG3`w)6W!nXzh2y=;RHO^%z9rX>YuuA(-X7(Cm2D58?Fl9m;s{q5
z4u)~@o<PR7Zrv>K-QcAwH_?Dp4L00^V@<6HFDFp4EU!E#r=cj$0B4tnnzV*FI9qTS
z@CMo(a|syLqW&mXs^EZ6I28j|G+mJcRI0E>ZYiLX?ix3AHNMzrOOxG6oB}l@XLf3B
z2DMRJxKc|*OuirZIzC0Lfb@LG;t$e`>mJ&Hw$C;bcK_%svxdrp;YYY!|KHzJl5gZg
ztqDmYcXv*!x`+<45<#=d#N3UQpY0RkJ+~~Hd%uBV(idB?bkMVsu@7~;0FP1|>C24d
zSJ6Z3$^15P1bo&<JB%NnsPkk$*Bct`xYDK$4A6t@nH9?q%FVkKv0H)r8<X9If8iCl
zX6M}%TuHWVYNm&!f0*=v4-PL9_4x7aw%RenM}!rp*~WT4z?b8Xd(t)vp-UiUlBTL_
zaSp(y%L+bX9&*I8#KGn3-0e45V|dF#$Mg*m5r5^&SC&f$irRq(>`a6hSE%y4Gr|4<
zha7!WgO?C>hVHy^&;&Ljo$s5sdfPzdz*|rPbi`9Ka4wf+kNSN1K8r2P<h3szqr+b;
zjbins@Lhl-cdtRkYdBbiB&8rZAal%T25PFe<S$PByu{SH`KZz~L~q!*;L*ffb1c&r
zRhCLM+}@TztDRe<btg9s?Pfb~#yAQG(nZnCf=!Q|8z*a)j)1s*Pi&>{;P$a&nw-SG
z&efN$k$g-8n;_}9=>z_0C`*$j0<N@{h*^TvF<ig+3L1ys2=D59@=BpEA|F^14;_7=
z^I$adr_&a?=><xa!@*w#Jb}&~b^jLWS~5<WgebN9CY~^Sri7<;nNYQOZ{?m~3IsU<
zk~vigj*;M-@$R>C!4}YLHtu%S`Z>d!KgHU+(`u$xh_!nX7GJUJEz9uuE;=^Chlm$i
zher$hqd9-Ac?0xhNI!@1Mrq`UF3~V)d^nF?#~f&^pOsQ3@2xp&C{D}#R_~a;3<!LC
z>o?J?l#YOP+ifL_fDvC%ot~(n!g;f}xqnDn<K8D6nFcdzus*qzuZhQnzz--gfnWzT
zyCA?~{lg#xe%}R}+Zos6GND393A?vA{AT#|6^==bi0sQA_F*=kUK$_0c!qm$o3K4o
zug~uRHoj>U4Ne0B$*Hb{MujFcQAjJmTb+$skk9{ouD%d1yq%>gY!pT3s7JSz1hNaC
zUb-T0Xnp}{mKBB81f*eUU9?K}DjUO@o>fup6_HnUUG17U)Eo@|n;X~8DR)ogVq}Hl
zUU?k^Yf#SM8f74MM1vqhP;e<M$|imU>p#5=bVef>UY#+HeT>t<)EPWr%@%ajpA@B?
z4AX#|+z!BP#FmoF=H3wn(p*TLhkeXgUTXgN;!FGeXQpo}yTBBrmw!SXr=gdBS!Mpm
z{5C<VEr?g0b!4o{Ec62Y4Ihsj8l`g1oZ90QeK`qw+Lny85nBf8s$wk1)QYeWemO%j
zo`4re3t0c|Q-J<&(q#c=keT3$sgs4yK7+@+0UZqCv(<&M>!PH{>rtA;AK&&p#Vnsc
zyk_^1<@7;4X9U+ED4zOR%+QrFe;@|z4a=alk@Z&2mshU(Uh{riiVrjp3egx%L>k9r
zki&Lj5J3ivXLuAqQ-tme68+nHeY5AvYzJh-?8JL`rnvaQEw3oQf)34KidGPgHmtYv
zfQ@kY6ri*eLkZe~>Y{}SQk2+ow(UMPr<_d+v4zQJvT_+nG<$NZ`*6Xdr5M*mqe6!M
zLL1!2d!%4JJ*zUlY`&Cl8M6$9|H#-stf@Fr-~14nW*sv}dBofQlX~K;nN5??@M`WS
zw}l|=0oHsUn3ps^;?J{AlN@N>CO;T%I&Gia8rg3o%=;zdBkwo+v4C9*FaXzZM#Wby
zpLV$KpszpX^8|b2Y>{j$=U%=tZV4$#XH$D%>wa$*R6Xy3Td>2O$e3uU`f=d!Eeny#
z>F6(!S>rYOWp*jl9|+Z!k{E8D%Jzkrr^dv(;(+PzQnHJbP(Jr#)n7{Scv!vq_$RQq
zgs!|_5X2qXyu0xExs|LWA6Xrqq7ttY)-TG#8`0ww5klxx-N4dS>Be1T3-|H4tjeJz
z>BR$7YMRZ^FvEEedQ!2FK1B?v=|55|6nb?n`b!s{DULW1Qu9<mGpIa}qedxP1VMSv
zWY?LC_BM|u6SM?2&Tb4==RZYzmR*15tui^55^$N*zT-eJDu<Snn!T=T`?smZYL~{o
z0(RQbI2|@(Rwm`4+?Fm4I@Fh9Z7P+2TNFNnf@f|2-`W}qMY)y+SEq^0r>FZV`m<Y;
zu2pzCJCsIU_hqlUTWDIDfLnvf<2<mct;#r*e_=Lnn0esui+Y>iD~#DvuM|$VZSQo3
z%eCAwn5}nv<q}Q{v&G&m1vE<3U~yUpA#1#UyKGiVBm~uQ#b8$X(<MP7TZ$48O7`?r
z-Z-B_2G0ynBrV3@@g+}FpVuJg0pw*Jl;Y&sJ+5`D`{H&8<}Wh}E+c_L!^KOuo{bZb
zTZs`Ic<M9_x~_9|<))Ra+uH=+Ou!~!$Zy?l><hOT)nIB0qxb@z+sU7}L?SC9(OpvP
zhO^3bME%OqCzWPW;^<xc6<!OtEvNS>3szLvCQ%vv>+rdTp1lfP3)m;gE#B8C0MQaq
z)9}u~WxHw}j>jnp_>xKOfITn+%7a5&`IHZEV1Mv6_%!C#zPM%cAIAFl<gry=>cyf$
zP0m?+5xUW<J#aHJm2HOK`GNy-UHYs3Ezt$``FpZwUyV0UpRV+#@+xy68!&OQD3V*w
z20qYqx{Q$YRJ2_%1*4UBl%!eKlHlj*gt7Sg8kdJ4u^EPXryMyaWCi;JMl6ZX-AmmM
zH$iaaYOXJCrO1E!gNjO=Tj5BjhERm9w7?f71w%clOUog5E~j^En>e7jL+wzyI}t<`
z)SY^M9RyjrNvC+pS6=Pzx~-7f=8ZVbv`o(JYZLeX2x|sW6Z+EU2*_F}@AoD_!>THO
z9D^R9e0)F_HrE}<7wcc288^Oxbx_{{I33VM$<hK=b>0B6bP|w-k#F!>>^uKpZeg6^
zv9Pp%x;xVTvh!TpJWC3xm4Bb&C|Ruj5KD(^#p}qjqn28Y%<}&6?EIC8HzN0z&Bpbz
z)BF(k?r1yDf`!j7Z3|+Adp+;$OL8LLV3kXqq(~7|vX*56e!e$vBD#eU<W`LPKiol&
z)Zcq^2E61~L0d9Oo8(-m=n|=M-Oi&9Y7Rqx*yJ0N{%u$@ZNx`W0b7f>G><JIh>&)d
z)X*JO8eqt8>WOf~u^*;i5wzDdXSn$tuiY=E5D4Lc&yRvV!GtK$Vji(;jw-Kkwc!g{
zaHO<3cI$stdM?R2@|r0>e61?)bT@X(Wp1dn$}pyQZWT}ls<v{vTG3NdF1?9hMy>ic
z2-_x`l`6HIKOqHnLG5Gf`0csZuMULMm8R^Mc>e`~6Pj`B!jrD1Ctrf3=TIRr9z{Qt
zhOwH<VyvJ7ee<C6A`D#aSi^gY_9rx^^9Y;#&}KoJj@~tg1kUau`V}t5=|}4?X5DH9
zaHT9SGR&8T+`24q&E<|Xan}>B|01S5Dk=K=8SOmWgTFZeLfGIPO^QA{(A&-+VW<5w
zg-_VA%Z`*VF)c-6zZbswBeM7*^ViW}K>Zv+qmW3YiBbNbO>M`2@N&u!&56fTHfFM3
zZjX?=PfeyGGZfs<k)p7W;6G!^h4+C=;{)i!mHkxl_702}AnmL-@;x?%X!ge{3rz%K
zDsevcBnHv^3SzG9IWbzFkW_P`Xy;@D;s7uP`ZXK8!Z!CGWRV_0Rgr(eGZAl}LIXjZ
zu#P-BKT%hT{xjs)^<B7ZqtlIZ<G<~WuKA_H0aBKUH>~Hwqg%{8ZC?3Eu!jV(@XAFo
zXsG(^RaB|va(*m$5$jE>z{o88ZBHnVf(HBCFs-uumT-{3h$8%BSD-Y|E32paFczg?
z6OP2{oK}buJjBU0G_vQlueb}cGWiQMUTINck!SicGc%Im9YN4^Cf(p)ng<C@L4CBv
zuc`pqb@RvQ_{na@T-Q;53fp>>w$+_Pk9qsD6j>BsloW(ZCJUVo6d9#LMgij2QV?hr
zuzJ~7_3;bMIdR(ymk0CgG}}A;Cm1SU8VsHEXa`>LpOAB>sgL=Megxy)it|z)Lh?MN
zQ=w&SffL;_Wcv<Pq5>vM=jGc*ujg);U0&2=m2=BpJ8b7WIAR$bJt%UE%dQG7PVCOT
zXDWj}>+*q?d2mK|YsmJA!|fuKJ_$oSAS@CeUv`3>>rGiYqi)eEz`qGERdS>!D{vUq
znrB_ua)JLE33DbGnY%)9?Qo8MaXOswiTkU78J-{DEFr;_6+gKJIhEn^g_h5eO);^E
z=X}YzU9_$I{C+k^-nObBc{c?E4odN`A10eQqFr($hf(WxF)3EHV_US~LEBpO{Jjha
z3_mPQq5GY%YpN}e{sL%^uWx=u9k-j(9@HTNI>b&zG{3o)gvaNpkY(^sLQ(g$pJm3P
zz5AG45A$rA$<@EM_gOq~jgf)^(6+B*U-Gk^-TXXXVDpNu+A&mt_=H65B)>M~!Qw4M
zWjRe9J^-1l<_JxZKVw#)a<B7RzX?wOsd3H;1zNj+Kg-=!`#o4z4cX=+%Rq8q*5+sD
zT;oCkd9n>l$A^p-4bJ)cS1A|ghhBleJvwVR-+8B$GP&Hba<?8sUrbY8;6hF3i4o%{
zS|y=^97GwWIcAX--+-KX%m;}l3=*3)YNM*z)hX4T{3yqDd8X3BYpfs*?5|V>EEhk`
zr1RQuC;;R8gU#vIO`wRA0>Ds_98l^zh!VHyN?C+fE*;672YRu!(%9?8Keo8M-im4|
zIxS=_ELBh)m0xs4$?t&D;Pu5ulf1?4^9TvQmk}LR)v%&-uW!rUo%3oU;<Rg@bx4a=
z@j2aPM`-QGxJzwgA7$MAX$2Q9yWLTV-YJDkl;4Q^rEH3?p2&EWZe#(RStS=R*3Q_U
z=MU{2i0sns=;y!M)#q1oj61Oe)0P|9`QPBoTe<t*DG+tevfP?MhEzG+YOU)FobXnY
zPotx`LPG8;V4Ogdn9hvL8ytM}BOADOkji#{j)QqYGXb~J_WLstNxtu0ev%r_OKf&1
z*}ov_nt?A+>Q>Oz{+zwA-F|hK0MyMlbaEu0f$}EU(_OsSd{T=)74!6XLN7s`jPPbv
z5e7BiF_b5CbzcKw&wAcvq>EMJYF99%dUs6+7K?^2bfe@Go=USzM%NOKFCE8_K<ckO
z8ymlv={;Lv(fuG1b~M9td5MH+*M5EEW2NS250)Yirr3z7&UJ;1674T7lsp)Ths$0(
z)Z~7&Eh?>Hli9r&34iovdu*Y&qtU}5HpA7YSwm68*C%4*@uDvd6om?voaOwu0u)Z9
zC%)tOc~J^ga%HB)ZoLCmmLWTg7)H3jZw+r~n)H6)iytpKz7pKcP8j&azAr%9=oue2
zD3-+Ya0a^9@AgxQz8Z+-7L*N7-jXR;3YOb@pRK;*J=P<-(pZEd686!nG=+@0s-z5M
zX}tZQy{MfELM84^4{0)?Y{Z-;LIta7g^UxpT&Q{%VpeNQ9Q4mb5UgMy4$@USfX#LT
zSjW$CrPnHN6dv*`+H`X>p3kOji~hXm7a^1%_pKa!LQa=To-&`VVVG;0=&w1hfo)Y0
zy29Q@&DKq^B1oNrx39?y#2DFxhYMLw>Z>I*fi}?4olGZ_f$zquG1HNCiVlH?#i0%x
zyGG00sQ7}tP}u)#?yRGtYTtJ+f=D;gohBd%Go<K{A|)tFN{C2EcZYz|L#G11q)5Di
zNS8wnCEewaLy1Fko{j##zjM|)f1GvJI%^&O9%nOqKl|DDzVGY$T%yhHvrDal3~Mcm
ztEbHrWDTD`bzKH7FVm2Ii=)kia7<L>shK9tk~znzeuS#KJ$CGkVH@X7{C^AXmITZ9
zIQcKE*J?KS`kblF8i;FB5rzg>Z_O~FMhPYxI{XGg%&Mb&{IFew{O*qfJMwLe$(*ot
zw;82h^u6)=d9+nihR&2rk6tThdn$lgJgtuIG%>~oc`5vC6-g(p`3+GMj!I=#8~KjZ
z$x_pHzqjr(qeKRm-*zCyZ+d-*Y_-aN<)#I!V3*}}c^(+45cCstrj7gRsF}82Ga$DD
zURGI@|K55us_h%Z@2kIknNTX0*jKEQc2&Y~4Z<`*zH>i0-su>Y=S!Lgl(T0i4QCh%
z$z{$4GS`{o7=uvjnEOp9rMLPKJ<hdCB~}SZuteK0c<I?-Dg@W-OlMIv#AFKXzI?tu
zwctJPbnQh?@?7MRfz*}Au2b3HQ=c=^fNhu1hjmrQQ%H9XP!U{=eT^M{JfjoWADNnU
zwc9r<T|BM`iDk-s*AcgAPY5|x&a`L84o1ow%C-crY}p(_hSaR9>l%oF6XE@$!`hG*
zO1Vj6B+(iaI^lb=W{m2rfVd-j2N#Ml3a{Y=jJsgA<^b$uhBhe};jDs6Ep{nyG>A%S
zHHs;=WTUMH-atm8h{H$E(p+jUv|!LbPqnFKZjDeC91mul@}lJF*p923W`wk57iZ@R
zt=YP!Ljgtd6PQ$fkkItVjFIZ}YdNku00t@#4;%>Yn%eZm)g*uD5J?Zk1m4`0o`uEP
zUM=c{!xPVZpZ5BtrP-8+R~;-%&<-uo8a5uxyej$>cxQ=*4I6s|DYxVR4tNRk)C?EQ
z7B)`c6?<l<m3jfc-Fmp#!E3!N)L5KC=9i}Ne3o?z9z`uaBN6%Mg_^Be4<O+@e%<0<
z1?QEX*pKq|<0b?1v>La6Kr|Z5>#Q9gGAwnCNNv<igx8$c`}cFcFouRII2-K7Fe4KH
z>}Iw-&pvZq3FHo6R?K)>@!}w^D8-XaYpZ<!!;Nq_Q-54ht@A;@o;Zv_=<#rc95IR!
zb9{Fl#eqk|rMT}tr|A%Gy<3i<j2FCwnS~u`jiJ9SpN#oba2!qSX~QoVq@9d~E^v8&
zGQEtsHW62psC0ps4{4^!#Ph~D(WPU^`F;1=!<^S!T9k!1v>dK-+}O8qs`8$C(G(|m
z1+d2~-DYpiTzas?_r#+Qkg-(eZy%7--ES;2$-QNxwqwHAG^RMn_(A@y&X8qsKHUB4
z?k1ZH89+~dYYON{2)=G;&+OeXl$t0Yk{x;<VC*GclI?dge-gPCBEc$d15aEKo-c~q
z3dM!EMjt7Qi_k;|abI)983Kwrf;>N7hsd7eaa4j4^*tTM+n|MxAKuLv6XB_)Jp{yO
zSM2#;+J(0?zGQY(=0-X)zCF(=54i^;uK6aIys8q6T;3;(uwRg#r9xZ}*SVtlTnb}K
z@&t3&(uT)(<!*Qhl%Y1GR8IU<`>XkT!O+`zYW8jIMaS*FAE<7%sfy)F9-t~HzcEEe
z?+w;641OjO@w7kiW6*+(01sK~L;_omldPW*K1itel`(Q`K3XRdGGa-JOIn|<R@|Q^
zO+bJ~{*B;ZCWpC$;FiW9x)th<J}?yBdTti=F_0#R5>P}*qOP=&#S%gjT)K<=LPhHC
zn_ShO02cH5<KnHH-_j8xzhZf`9@D2#3QguC{mtYb%gjB`CWbLS-_YmI3k<uE6N2Cz
zh?M0to@dv7IGMGi85XG*A5a^>QGYhwlOZbbiTGrpLGIYC*|s{h{@M|)DxJ8dch&TC
z-EvaGIO&Oo9)L=zkguxkuXddgIH7HUaJi(Za^muXgxyVr-DC6almmBR%;b85Y>Zou
ztoLS!>JQ~bCKUoOSysZkc|GVR)I?L}b6{r-Z+iMZQ2U{xy@H+A9+>Lbm!JVp*+(5;
zsJYOj8m~V+KrnIeE;nJgV>hxfpuacxL$4rvIUku*mq@8Mp3zSjnT@4iC34WeHGHii
zD$e%@W=Y}H?+oX63X9XxOS+L4kjqi%ZhjH>oL;LL2QsdZgLkvHp?u)w=K78COV&k6
z8iBrKyn6gCsog!E7L^kv4rX#$*W;GNBG^tFuwN?_zh&re(CSY&tchUX8|58odFWHl
zS){)sMM<wsd(=r6)cW9d45)t}08W_Q^0FK%u?54qy7k+7a5Aa~_s0w~MU->Ww>xtG
zL|}wT7Rx6`c_Zu2Jl;sIRof(G$(O~RB!e|$*LOAiqm{;DR;!s_>%YG`(KPMbjMdon
zbS`0Y_+Ed<`V76LJa!5DzU4Lgt?G2Ucmns{$N^`fl`1pt5)M}hAKpF@b;zb!65H|?
zA(x6(wH{ZzE&5TmBkdbNJeykJ;;S@k4uHL=?pQ4<2+TzaL_BDo{$d<s+%^x})vgS~
z-{H;1_XFgS<9Zmu;*Gw1@}R^GwdXL3mW&&&T~`EXnwB{~R%SCTa#tna2%p50lpSeB
zaNl{9Z7cqCFPEw5WSEz6jB-ZX?kh|Gk`l^bwqEZ`vyz~_I1RNdA<yB5G(s?`G1@$R
zja93%SNCxFY~WuZ|AWB(S@(fIWEB!ps~+tAyzf?f{O%|dH~;7~^K^Gb3E)CD&qgyC
zj@k*)1orB~cv-IG=q8VYn?|08)46M-XB{<NMdmt}kOFfsVWNN*|EPHRi-$M244R&U
zHqkj~6#P^Nz>zNG5*hC`U(#?8i~_@k1~$~i(2J-*<%@HEj--MuB;M4D_;6Vgt#<%6
zYYxygcLu|+%$AmNobVyw6))n?^jQZgLeFmKNV;7Ws<OuE8+xB^d-)QiQ}68=7rP!g
zOI{m|OGVydT;RFr6FR*Z-O{IiiRU=a@HU!bw@CDso2`^xv1%d-x{C<(^-qk&)EO;G
zopw|fTg@M`RyohfO)<5gj%*QHWc8cBd!8K}Sx(%lL7m~++$5j(3Hlk$rsJ1*wr_gP
z!zEB9O}^<PSgtY2pViTYfw9VTG@*E7{ZKn8{BEW|r@o*J#6S(Z_!6r~HwWxH5qwO$
z*@}*>52VO?rn;}bFTNIg=~W26q^V@!MQUOs+1A0RS@gj|{>L;5G1G4Vd2EJ5zRV`$
z`QoGiclPtOZn`L!)hkO>-S|x#iP2;;%#H+9svT;74OzYAk8&%WmX)K9X(nh7Gg<nd
zn&#X+B4Mn;<qf)ZZ$wr!>71^Gk(D+C#0!qqQKtZWSLDMhIriyOLbwLcwoq&(si#Ny
zk6`QGUu$z)w7t93^d&t$y!uJkv0oP`gzjG?ys`ZGeQn5q!g&CUT9b|jce%*`H~$W8
zm>B1MlKYP&(n-lYo!ejx&-*w<4|_?c*|FZ-KG{uF)if*qB6lNQYO)ZtBjK*aw=9a8
zsl&gESzR|@?r)UQ_T8I$bu3|S&Tf`Y?Z(nJV_FnRA^)(YPGl_1hg*1Fio>OlqXPp(
z@PHGyZxFUcu;?VLk=vXej#zWVL*uc<1eENMA>LbJJnpsen#bKa=%yP2{WCz)|L6Up
z%8I{}JX|Nj)%iPuJ^!28EJ9ez^iFE)JL#+AKAMXZM{ey;2LClM3m=#psJ#;ar=0P7
zGM&V$3xBLQ7rTH!Mz@Ss8pJ=0H03#PC67yq1l&0s?geMt?eXIsDqL1?(xnHt9xGg<
zcE#GWzc~>n+~FZoy3)KhDmRgjAH|DL2)vqEz10_=?I5e}{s?%h0@lRCKWidJz=E`z
zT+3dt{UOnVP)5Gon^o-`*JYp1$-Uzno6P3YwYr#0yvJ<A(5;)RJ8|ZKGxB+Mqd<ae
zfNhwkLH<n;>t$xK@g|lP<&f;s-uRj~2WBwwC*gfC7({C8?Jy7Tx*Nh@A8N~EHPQIq
z7@{GHgK1>{%s-nkER&*?5j(hE1UJmS*e9><3}f#n7d~9KGje(I$K}^sD047$uO>!N
z&jKFjZ*tafm^T=W-WgC+q65eVNF{(27<yXc`bntznJy|o%h&Ppz|HDcN3l+KEocg3
z8Go6*2bd?G>(#1Q{Bq7H{4SqaR^?RSPaGcg)iKKM?11pEprg0&xeCSZ<&Mwk>E}9=
zp0?0o)wptZAf61Zl)%rc!Ai;61%HK~l4!toXXllK#g4gz`*L4-!C_hy<HGmpCAsT0
zm%rVck?{3KZ%RDv(A65X+1q8n9y)neFLg;s-fL$Ts{5rq)BTWWT8mad{nvpF5OlnH
zubi!+1-(<f`mRhV!2Bpd@L5W}&(ZH`5zefDa5H9c8%CR{WI;CHZTv3AMqc56@aeVC
zfL)Yj8EbRc!f~qkVbS_(i{MQ$+u<L6S0t}|d`A7th3aFMo3Y=@E!c{mX>X*s?YR3C
ze-MRG-M?kM!GgBu*PGb}`*_T^(f5j#ve?_#6X9a^wu!NHefb-p8;(PT%&{XCm>v5k
zBl8u%p;fr<|F}A7TXS2Htf5;5YA)B33fZ5C9+Nw%e2XRg4bW-D4NtJ}CqS3u?R~h}
zhE3e1z$wnrKQWlIQ0@oHl|S(taPm7hHB=S&)$!?*$gn|2#2l7uJ4<3>FZ&v0PTf5o
z9+>6<-5xfC!DwqLW01>O(fyy?HL=C64&Yi%=hRs3e_<9ycRp_B<<V*de6b3451LpH
z!q9eyzFJ_&J<v|Jq#}Q%mKof{mdMMO8bf@+gQTExm&vI2lu8yo%-51y^Kr1Wr?ch_
zPT_@uMZ&o7oF3@CH@bog@bt-u{he&*vR4|BUFkerl_evb$rE9!HgAQ=3b$?O!0j7+
zEf7ZeMKM!nNE!dAOpfLf*&D=A3faz8<wE}Gzy+=`nJYXg{P#4{B!{3*y|-D_5xb|b
zp8iQLixq6C)wiB$>cj#!&K26TOlKvi{<jupu?T_Ia4;2p!S+u(9nNonFI>BAOIvqE
zxV;79VmTaXE(wx-qzM<)jJ!%4Btb$UZ_zU)>AXCPqg~STBP4Tp@b;F@@<rRJqM{<|
zjD$;HR=U2>*B}RT0&cahcVQw>C_?>t6^y~%&xDl~4ehK6qjUg2Heay4sscd_IEF}{
z2&786m2hlO?1J9<VR>;SrD9Eo8U);fqKV}OH0bF>mkU}n7_8E1V&#fy#VA@P;ZA{H
zLOQ_Q<agFEljMxakIliAc0H6uYKDvlj=pI)(!1<cNR54WMg7F>ET<Q;Mjuq3e#2x-
zwEU}5^%a2c9F2VrvP?d;pAQJ{g}J|~t!9y-hdS-Aw<ZwL!7p<IEF`5uaU%66zxA_9
z+Yd{D6|Vt^tR7s~kk^U4Wmt3A`&9JBVeh@Ap(m$va?$HUU4B2)2q)||$KB+(^c+j}
zglhQ27Oes++Y*=j2E7MHH;!H})Nti_l~l4(?y9%BN{LYphpB0WKLlr=J2PEJqxpT_
z4%Lui{yk^#g2~rI9QIR;^J;US<=9<cgjm2{;$Wk1af?W)&**n}2?zt@uz~^o#ECBu
zRKC08mXmfpidc&zssNOh-yMhP#hDO_%R`O0S@&7JnkrL)!E{2-=B<fAb+?H-cI$`3
znmB`ZpzHA{`B&e4qinII0s)_3-lSaQ;MPd^$U(1hhC}t4S}ShGXTz@MeG-f8Etf3+
zPIO4CRexGVEk0KqQZNtbW`W5w%-xY&qgiG45-G$QHAdfoQR&=m&PQn~1)A3pq)NQT
z@;xjzu5~XHVj|gF8^J{p_KXjN_^9}+-H|z5&T*h7*RsoB5I(ltTTLbqG=$#r6XQ>6
zbm_5N2`!C2K%n-Z^Giz%MORY&#`FQk3A^Q6P}3<ZGxutw4D}h%uXDX_#j^cb#M_Ix
zo-}N!IVJ`I+{{*u)F!6!nbdwJQalF;;Tr=c>Oqk|2V=)7pFEZ!#`mwsM{rzwCuSaK
zcv)3u;6il#iPWUnA>pR9^mbC-v8806#E1JR{K+yD2S;&-42%@@dvzlt)mq6oE6Muf
zTQQTxv%mJ~DfFk`#KVuxJ4bgK^6Kv+&u;$XbxVPH;QpWU)7hc2$7@vj9W(;x6R!uQ
z<MW$eNL-9)p^~|*9?*g8h6xm25Vb`AD$fO(h5%FwW0<_0Ra|wVEw6p&=*4XZ-?CU^
z+#16>alM1Vdvn;D)8)-~ME7Mgkcc0_Eu4jKpb2I$)wYc%P^(5Ep6Sq|0?eRnZ>7^%
z0+GXM$nsz<EoRDt^3Q$2oNWu5(slqs6JeNT8$t5O)MdKXLnJ7x|240QK`8ZUmhWN5
z2^eT$6P_430K&otIR?xaP=bIrpV$yU3_NJRh-<EUzBu7RK1@9Z7y%*CcatB*p<7+L
z9cCrJD3l|Z416clxIE|zMrX1zeqO2Hjgrc@ep1yEB}J%@1lc)RaUUqVPF+jbMVilg
z3`BMc^}<IDb`PGUeG_V!;nlkqN}^2r8aA<^{bJUy;*=BzsFB-`DjwScD6rR$I@uEq
zSqG-j=PS*A-(-HTuufQR6fOY_vaR=+&hN7qC*%L3ElO?o^3Gh@C}l+ScxcL8rpWCu
zZ{$EG&Cn<Pk)eV|sFM{9zc`4FeUAWIFFvI1P2Bx+$feFk;;^Vmp=bXJj;<O2ox>DR
zlwdF-?cuje(b?3Dr#gltL1rd20{Hl_4CSD9av2Jl9~%=T8CeaB%`->+C#k`=OEHu(
zD8B*ksG}nFdV}5SUX8HFx3ljJKyO?<&nox2Y@&aP9A|H<pE@N?;atd>H)4KQM?m=A
zBR3g-J(`qrMLHKk8eWhYPu!pWMyE7uNldt$62W3m;2-PLWySfe=~Tydz7{C1T>%*3
z3%EA8<M!ui;<m@K3E-pA_(+nHE_nQ4Ofr3z_q@7nnXwv$7-$ZcfUDOu{B}_^FF<|B
zxtKprWTmXb3iH%FNb(+oz`6YSo{l;?wdSVbw;xH@mPA>UAAcvZ<d(p@%t>aLt@4!}
z3{@n4<f*05SdPxaV!noLv!g?2z2nUuGGJ%0JY$HD{IRTLztUdU3_-CVcH7ws)ApaS
z>ix=-gp`cSY=qbaO0&)Gq883q41W&Silp_R=|DlDK%hft4mX4mTKZq(gW;<IvEn1=
zWDo^#Kwx#<OA;teIOK(4QM+4Ku|%rn^N2namtmCL>Hg@QxQFou^aUS&t+cg-9(br`
zoR)O^qhdZ&ggK|X95R&+e3qE@d=MG0N8k1iQmFhnwLp-aYf_Sq;_#DBE=mV;5P`%z
zVAuh9(4racrrtaJJjZ~E*AOi>%gXB1Eh1|*{=T6ZV4@cC)Cwi|0$IaeI&(=Y<ZyC}
zh<ViT+Otk4i=vXGeZU(@L%L9y4QJ#$k_dlEw@4~lp6*Xl+Pzk!D0tbUi5m<Fe!)uU
zNX~rc)nepMl96YJ-y5!I|MURh>GaGC3|_OX9OEBd_14WbH_R6e5bQX>WO2On<W03V
zKzOD*9<JC;)-8a$5l)d8&-4oy$-!aMbMq0uhHKt$sSe}NwJBU*(2$Xl?hgv6&;k$I
zj&NyW6^-O&$7?s91O&ezbBv3jT@srWPIhXNUQ)jv6l|1!VNt#PJtu31G6C^my4(=L
zm^fB8-pI#&Cr5S!&#u8XLaH3|0lSiyxznX<flY^(Y;FsD)#Ca5yP8%x_8;jz^WwKi
zs+4op7ZJ4vx=?_e71jq4^G8-VvP^m5&t$?ES3nDK;)~7LKtpc0xTb1CKHiZ+kw8e<
z1|+qD8j=78@+-VsN9_>U<b&$w<tbdCK#2#dL>Xa)k2O>Y2~WT<*B;64DVR9p&m*rh
z8<rF0eA0FLW+3Eca|DBtpwvi9Jte+<ru=<hOj<YB!$LdY$AO)9Z>X{zSG!a1bV-o|
z9Vza5IiKNz)T&r6_bNaG4c|1bpTs%u19b7^H<z`*I%JSDF-WuRCl*MjvLqVysmSo^
zB*3<%)^u1YbFdOhipj}(I2!2kMV$JKf7zuD++co<VN(e*1GD}4)04SSS>q<wOO5jT
z8~%9M#X<EwO#anHF*<?pbiz~}^>kSO19||ZCDQsS)(ucKQsf}KC(AhYX0<c3GU7#i
zv~~f4TiK@at#U!*)(miBd*@z6nShwG;=T*F-cGsc#tz275u`>bG7~+iB7;vPJ99z4
z8(w)H+K|FA^w;{+9CTp5;jGwJ_Xlle-6^og5yjs3&=yz6SLqS6Zc(-{^^x>pcmJ@!
z8sq2hWTG-Kb~o2QJyb2OD#u<33>Q_d_hvKZ--37@fV|aD@V;|^l1m`lH|0^Er2Pe)
zZPjNt#^81^#5k`RJHV7V$t0LZOWx>TU_Uw1=yIbv$l(VZDUv^e=&-koAomTxFm+zG
zClVt_7|T#_&cH@*-J_df>wq-&H^k=rV+b^!`h5$&hXL1=3_b(XhS9TDUXsgj^1m4_
z!THKSFOdBk5J8~~-9N`yf#{d{56=sHBI;g#pwdk<1Iu0uov3fOLLt4?Xach5f~nGu
z*No2`&+{4%0Lp3-jMS)aKwkkwKe3ON`+<Z{>8leOF7P{r{G8kd1PN?6h_&j#+!=hR
z6<M(g4jp654Qfx2Dzc&&$xL7DFum2Qc<Krsru)5+8{3aW%kVsvhDZxiU8w7Qd6keR
zV)mv6Bz=Icd@|rAa<Rg{0u+vE*Od&|!6I@hR|PrQ96~w;_)aT%TMkeea8xRUVgXK(
zC`Ws_b)?`pbv-+Vprq-vS9&*M=KFTG^SKf#I1EUqV`(8z&d68L8B|RR0}cj>l28;F
ztS%=xP(eHeNUKYJ2I85fzt~O;XV^Cr`+fropSlGRU|a$p$5lg6O<!YS%M19M5QW(y
z$adn+h`|CR8g8fs*p*E(e}(&c(LqiNkrIb{lU*#YYv-;A8Ld}=Sc}%r3?IY)?x|ou
zcZA3n%-t4*Y>kj+W=S~$E8rw4d<YzKv&kaS1SCqWjZMp=WjR^E23vPx?l;0}iBl5G
z1&^guPe^=Z9J+83CX-~~7@o!OG4gL!1J1u=Gf+frMxLoP5xavDXA<n%>+0~Ocs&Fs
zNo+VGxhd-=j0JR}i4uba&y5XK-0aZlFV*rjM}(Wu$uWV1YYMxX4RJT1*0^N7&{S#+
zqEkzCGVkLlr`*28L`ys@&iBqPY~Va71**k6kTGwaH^%RXe-Q8k^zEQeZTLJ9+){7I
znC2BD80U5Y?4IgQY48$Q2Gu}V^W(E+h6119r%vBuf%z{$KYO?bigG7t5O1szx8s4y
zz<gAw+yp!MW)4A$<G5Acffp}c>aJb_KUeeL6;`nltHchE8wk{OVHI9K1^E_7h@o;P
z&zwylA9np*e^@B>GubS#E-t8y@ss1DDFeTgJ#5z5ah{u}Y6=K4`F1`vQ_TX}&Lcms
zTm(qs-KAj6IRsucCjc^YJf|eifRLX}g!Af;j_92QgK}T6!@7Y-P=VYCq)KCZ2kp^H
zw6Mz<{--HEBFp){1e4eKZja@aTcEr0rbySSU!NNJfw5kLVZ1n`vxjnt{SF7S7Gcm$
zhUfCLH*51qY#n@!uR<jRT#i0PXUa(FJ)%H2?r$&DZHGC8(TccX4Ip*6o`*W`Rq)Xo
zsf7qp1IW1_=2GrM+f=_ik9RqQIA{;tsICu^Ztd|5EH4FEm#M)u6hY?U5mK<rC15QB
zFmtA3cmtc;;r0~umuF2%DQCt?p6Y`j-XN+kc&uZ#Ra3*1fxlJ;1@x|iTR2|a<8!7n
z<cMD25Of)<cCvJXRKzWG#I&O?+4r_7rPhVzvTSAq+jV2oO!_DRV_t7<62kX2Frawk
zMe<B{7CU@%Sug~la}cv7N*+ik4T~OsI&SqzZn6K>uY^hu1lp|cg<ERSCU0oZ{R-K_
z`6q2NI4lmgsuD5E#5lq@2E`u|%BH%QjLAM6%mhbNeqRD&!bj^_Ehz%)ejV+tG2|IG
z?9aceLpIe*t(OLQ0or06va#;=*a--qH4t#T!vB-QeHO2Q90WYS(IdD|q~-O8w#}Vc
z3zGhf%uTv^$W8AJBi}mXpkm%9o|EjE%ditGZT}_bwKrB%k@mWo!VeN}Y$G#5J-F%K
zz+u3!6Y}?#0~vmZ%oe~pSU^kfstK)qcp#MF)gi$7T#_keJ&lOWi<@Zi$*34mkb@{L
zO%l44NBh!=IL_ew|7?~{9yC!GX=4K+L!coLKG)xS7!MS4mjKe|D}qmhcEg&JiR3kE
zj#E-Tmuph+#-t34eo=#QQ97o^1m$R#VBRAXZ$h8_&)=O+z;cHdNt6<A*%WvQ3&gE&
ztxg?Sg_~8_zvo+?04~f%6&~>*E9!UWZ*ntg0_5#jr^am^8}6B=Vf{f7bJgc?+Ae-L
zH+LXGcw7;Tby2#H<2^**V?{7MF4mjFJ#>}h_F7I8Hfi)XQ3*@E51DwtCIE%Z?eRSs
zqJPF%eXUw`2fia_&K@y2;KO9!4sC(5r~76NJ%=}A+|`*3SpS8LQ*J5zJHoE(dJRGe
zU+foOb}P<%{!8kTy#(4y)ewYn2@Hz&uX;+`e|GiD{`bS;HGIlnpJUJ8MB<TPfn<w`
zD4767?<sPU&I~NC61UB1-wE(&VL`@%nXC~cJ1hZrM42*0>}8sfF<cpnefMbIU;22f
z#aF6tA*h3>7ymXqJp^pi{eVQ#DMdEt0~0_;QUNsUdF>1C0bW%~mKDpzOgnV{_W&4O
zu_d=aNL<z3XfhL-oVuTCqub62-yJx|O+5HvcyD?JRmQW4TyLfmvc^F%NUzN}z9r+2
zRGo6(JNJcwa@ylHmR~g*2z)O)h0DKj2AsM5aH3Wq*$%w99pfJ5pn<dH&!&MUg%kD{
z?A7fr+VhWpvBp48uFaRMKxXXAQMxAVaO;8jCdlecyKV6{3x(H2P2K!=Nke=2mq0Cz
zxML6?x+1W{5El?Zgz>K>NCUg?Qq`PbEx1*tV`1PN_$0mNCWO&kv4EbjlOUFqrsfLf
zwz4NiHe3A-)wwj62y(A;V`hnj3pMWWx`W&H#FB0i(XT$ks<b0Yi@wmsdy9qtsws=2
zT%ShJOD5`fAU&Gr`Hu^hflf@U_)r#`)LL=HaqWLjY1%aKaPc@W6QM})z>;y11ICQf
zc=&`(MWm3K7wC8&y}XbRBfJF=06NC=R}KaqX~--+*f|B{ZwJ7A3h9N9f*i>@hiIFy
zl4%&>x&{XYTGV!2jKjx-ZDdv&5EehL^?e9xz=9|;AF%+ZCfTF)g;OAXI9%9Qj~{>{
zPftX)0Ft*FxQ$zre$Y4P10~Uf>xAuz2^8%Z_yxN1R*x))i=WmnzQSRrPDr>MbsdKq
zsR0irI8D~av-BU~yY)YSv|jI{0GB_nw`X<VXza8I_<zv$wMa}8z2eh|@OZ?$Ku@x$
zI4cbGza1G7_x`?NXaVGCfB}NJ{YfKe3Oxqo8&fzz$c0!+>;rlvg8STK5u6X=e6ufB
zCkha2sr`B6>6|BEhW*!NNv#3SM1phnH`hG)O0M8AkTrk4YN2Wm@n4;~^Zqf>-+s^e
zHv!l5`J2ukiTK~=DdhXP2x%)ON}JA}5@|WwfX0Wf_Bk!xl;@n}O%0OtNdFx0-v8!{
zjsey5&tbT9WIz?k{in8r77%0_|Fcbi)d@C>bMphZ7yfVl(DM{Q1Z1xRzxcd<`Ohi&
zpAVE-+lhqY<no|0PY;<|ftI|!;p5Z+imuclmjk=-(oI7qU3lh^1qW7!z5v|@FKIYE
zG$}~eIV%6ef9eyQZ};~!jhTb!I48Agg8NYE>I?wOPQcjg3Z&K=uOi+&EjJI>2b!Z&
z9T&!%5zK8`qY!M_FM8!X*l*KqKt<q^b!XXTkK4~0H&7yt()0qa)^e50avvAgO$E1q
z?%di0&)t(cInbYMN{j@lQ=sA-aluZG^$HxR`-@6|S8YETSz1Glu<_RawNSSMtCS_#
zu>)Ams-WjAN#Z~r*zs6?qBGVoU93cBDL~b&>MYZhF3MzskxkLwU|0gzX=V%fU|)lA
zp$sUr<C%6GX40Hw!H&>0pg0;mlfKY`OGj@*Dg;yl{E2VMk+SpVO8Rwg1K`6Fv7yb5
z=Nz#H0Zzb33)b5Xx5lf{(hvF&`yZqYj?MM&fiOZYyOdZ5#Wp4t%d{qGo^>0kv*X<b
zMYQc==3aVMtbI1w4G<WHIn`4f$bkrM&~0f4+PLJyHo?2R$a!f{?Uw*C4ETeLd=D%@
zC}IP^jh_bs>y>iqjkgCA(;9$#Gw35YUB>__Gzqz`R)>l(Nzw41jAv{)I<B|s^+7&N
z;K#+8mH+s(lEhTvN&empiwc=y=IvBx;d6#5(k}r4zsUeT*#**#P6(iV>&(0X)QR71
zTb}wu8uIhf{{*Vac>J|`B!O0T9!hQ8OuJPz>G-bUtZ)aoYA-vDQOo%LF;A_uH#B2B
z!H-->FE^i!nFQT25v8c!&K<#ELD#=)t3!W}m&}E1zuF1&59^m`8egrPgY#m0adNgP
zD5%=;+#+?O;Xf8Bny6Y!5}y4pOx%(ylG-qapT*moPT;&<(htth_<O@?7!?U{H8pv_
z09ngtz_uQ`%-%Xp|A5L{41`j0k`|KmFQiGlX76qb`cZg$-5>=)67~c1J^A$<jXHIQ
zmcyw+qW<dv7%QMaj3F}#expK9Qtt{THX9v=cv#JXC8{yf_F(SbCrRS3Etc=;u
zl<_*8iHOzY^y4{9yI1Hm*B-LVrY&zC0N4OcmpPOxxn9Zq_qjJG?phSpEP-5^u2AQ6
z=KDLwtJD+Osh%`WS1DhiVo@<s!9OEJ(OVyt;OMAJti)tC*wDQc|J-XC(gDIC*!EKz
z%ptph9oL8}3&uF3lhE5z8~-AqkVl^%{+rJI3JeDe{uW0MA7#8VUv=JL@;|2HCQT1=
z(z=2JU>}l75-q8}B~u=xR*?{{02|-|eRUu!;aW8n+kwPF%HBGII*fv4cy1y4s4U`<
ziEeP5Ve}pdi+8=uYVR-cl{O%t6mV)ua9U4WxyNMZHZ6I_tFECYa7z-Un+fY)clY&J
zB_Hrd$8~^sWBs{?k02O!vqU3Hwuu>3P1*kz+?R2Dv6C>uNkXdHs~xZcyq2WHL|oa>
zW{L%s%p)U^Dn>-D8Om?g&AZCN`HCar{WE7pqS$0G3~KH=iqR&4s;}N5Bw~&$R6eZp
zPyYsbqx+xsS&#@1k{H_F{`X5_FxCI|De!-|x&E);{{L_n|Nr4Y;xb?>SAsI_Hoh)I
zVL@c58&ro(fGDLqp8@l@-W($_W=<<%(Mjh9f`AF5RnM>Nm^m=VJAwv_eyLzE)y2!%
jUO4RehN-m*!=2#?{ub4AHVIw40RE{cs3S`5nFRh1HiZcV

literal 0
HcmV?d00001


From 32dc368ff2dc5d708bbe63053a389bf4247bd947 Mon Sep 17 00:00:00 2001
From: Kyriakos Akriotis <akriotis.kyriakos@gmail.com>
Date: Tue, 17 Sep 2024 05:09:38 +0000
Subject: [PATCH 2/2] consolidate everything in one article #66

---
 ...ises-branch-networks-through-a-vpn-hub.md} | 215 +++++++++++++++---
 .../overview.md                               |  33 ---
 .../planning-networks-and-resources.md        | 134 -----------
 sidebars.ts                                   |  22 +-
 4 files changed, 188 insertions(+), 216 deletions(-)
 rename docs/best-practices/networking/virtual-private-network/{connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md => connecting-multiple-on-premises-branch-networks-through-a-vpn-hub.md} (68%)
 delete mode 100644 docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md
 delete mode 100644 docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md

diff --git a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub.md
similarity index 68%
rename from docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md
rename to docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub.md
index a43d26a35..bdb26b5ed 100644
--- a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure.md
+++ b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub.md
@@ -1,27 +1,179 @@
 ---
-id: procedure
-title: Procedure
-tags: [vpn]
+id: connecting-multiple-on-premises-branch-networks-through-a-vpn-hub
+title: Connecting Multiple On-Premises Branch Networks Through a VPN Hub
+tags: [vpn, hybrid, networking]
 ---
 
-# Procedure
+# Connecting Multiple On-Premises Branch Networks Through a VPN Hub
 
-### Prerequisites
+To meet service requirements, enterprise A needs to implement communication between its two on-premises data centers.
 
-*   Cloud side
-    *   A VPC has been created. For details about how to create a VPC, see [Creating a VPC](https://docs.otc.t-systems.com/virtual-private-cloud/umn/vpc_and_subnet/vpc/creating_a_vpc.html).
-    *   Security group rules have been configured for the VPC, and ECSs can communicate with other devices on the cloud. For details about how to configure security group rules, see [Security Group Rules](https://docs.otc.t-systems.com/virtual-private-cloud/umn/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.html).
-*   Data center side
-    *   IPsec has been configured on the VPN devices in the two on-premises data centers. For details, see [Administrator Guide](https://docs.otc.t-systems.com/virtual-private-network/umn/administrator_guide/index.html).
-    *   The remote subnets of the VPN device in on-premises data center 1 must contain the local subnet of the Open Telekom Cloud VPC and the subnet to be interconnected in on-premises data center 2. The remote subnets of the VPN device in on-premises data center 2 must contain the local subnet of the Open Telekom Cloud VPC and the subnet to be interconnected in on-premises data center 1.
+## Solution Design
 
-### Procedure
+[Figure 1](#figure-1) shows the networking where the VPN service is used to connect the two on-premises data centers.
+
+<a id="figure-1"></a>
+
+![](/img/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/en-us_image_0000001592878805.png)
+
+**Figure 1**: Networking diagram  
+
+### Advantages
+
+* A VPN gateway on the cloud can function as a VPN hub to enable communication between on-premises branch sites. This eliminates the need to configure VPN connections between every two sites.
+* A VPN gateway provides two IP addresses to establish dual independent VPN connections with each customer gateway. If one VPN connection fails, traffic can be quickly switched to the other VPN connection, ensuring reliability.
+
+### Limitations and Constraints
+
+* The local and customer subnets of the VPN gateway cannot be the same. That is, the VPC subnet and the data center subnet to be interconnected cannot be the same.
+* The IKE policy, IPsec policy, and PSK of the VPN gateway must be the same as those of the customer gateway.
+* The local and remote interface address configurations on the VPN gateway and customer gateway are reversed.
+* The security groups associated with ECSs in the VPC permit access from and to the on-premises data center.
+
+## Planning Networks and Resources
+
+### Data Plan
+
+<!-- INFO: Because some cells are merged together and MDX doesn't support it, HTML table is used -->
+
+<table>
+  <thead>
+    <tr>
+      <th>Category</th>
+      <th>Item</th>
+      <th>Data</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td>VPC</td>
+      <td>Subnet that needs to access the on-premises data centers</td>
+      <td>
+        • `192.168.0.0/24`<br/>
+        • `192.168.1.0/24`
+      </td>
+    </tr>
+    <tr>
+      <td rowspan="3">VPN gateway</td>
+      <td>Interconnection subnet</td>
+      <td>
+        This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses.<br/><br/>
+        `192.168.2.0/24`
+      </td>
+    </tr>
+    <tr>
+      <td>HA Mode</td>
+      <td>**Active-active**</td>
+    </tr>
+    <tr>
+      <td>EIP</td>
+      <td>
+        EIPs are automatically generated when you create them. By default, a VPN gateway uses two EIPs. In this example, the EIPs are as follows:<br/><br/>
+        • Active EIP: `1.1.1.2`<br/>
+        • Active EIP 2: `2.2.2.2`
+      </td>
+    </tr>
+    <tr>
+      <td>VPN connection</td>
+      <td>Tunnel interface address</td>
+      <td>
+        This address is used by a VPN gateway to establish an IPsec tunnel with a customer gateway. At the two ends of the IPsec tunnel, the configured local and remote tunnel interface addresses must be reversed.<br/><br/>
+        VPN connections set up with on-premises data center 1:<br/>
+        • VPN connection 1: `169.254.70.1/30`<br/>
+        • VPN connection 2: `169.254.71.1/30`<br/><br/>
+        VPN connections set up with on-premises data center 2:<br/>
+        • VPN connection 3: `169.254.72.1/30`<br/>
+        • VPN connection 4: `169.254.73.1/30`
+      </td>
+    </tr>
+    <tr>
+      <td>On-premises data center 1</td>
+      <td>Subnet that needs to access the VPC</td>
+      <td>`172.16.0.0/16`</td>
+    </tr>
+    <tr>
+      <td rowspan="2">Customer gateway in on-premises data center 1</td>
+      <td>Public IP address</td>
+      <td>
+        This public IP address is assigned by a carrier. In this example, the public IP address is:<br/><br/>
+        `1.1.1.1`
+      </td>
+    </tr>
+    <tr>
+      <td>Tunnel interface address</td>
+      <td>
+        • VPN connection 1: `169.254.70.2/30`<br/>
+        • VPN connection 2: `169.254.71.2/30`
+      </td>
+    </tr>
+    <tr>
+      <td>On-premises data center 2</td>
+      <td>Subnet that needs to access the VPC</td>
+      <td>`10.10.0.0/16`</td>
+    </tr>
+    <tr>
+      <td rowspan="2">Customer gateway in on-premises data center 2</td>
+      <td>Public IP address</td>
+      <td>
+        This public IP address is assigned by a carrier. In this example, the public IP address is:<br/><br/>
+        `2.2.2.1`
+      </td>
+    </tr>
+    <tr>
+      <td>Tunnel interface address</td>
+      <td>
+        • VPN connection 3: `169.254.72.2/30`<br/>
+        • VPN connection 4: `169.254.73.2/30`
+      </td>
+    </tr>
+    <tr>
+      <td rowspan="3">IKE and IPsec policies</td>
+      <td>PSK</td>
+      <td>Test@123</td>
+    </tr>
+    <tr>
+      <td>IKE policy</td>
+      <td>
+        • Authentication algorithm: `SHA2-256`<br/>
+        • Encryption algorithm: `AES-128`<br/>
+        • DH algorithm: `Group 15`<br/>
+        • Version: `v2`<br/>
+        • Lifetime (s): `86400`<br/>
+        • Local ID: *IP address*<br/>
+        • Peer ID: *IP address*
+      </td>
+    </tr>
+    <tr>
+      <td>IPsec policy</td>
+      <td>
+        • Authentication algorithm: `SHA2-256`<br/>
+        • Encryption algorithm: `AES-128`<br/>
+        • PFS: DH `Group15`<br/>
+        • Transfer protocol: `ESP`<br/>
+        • Lifetime (s): `3600`
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+**Table 1**: Data Plan
+
+## Prerequisites
+
+* Cloud side
+  * A VPC has been created. For details about how to create a VPC, see [Creating a VPC](https://docs.otc.t-systems.com/virtual-private-cloud/umn/vpc_and_subnet/vpc/creating_a_vpc.html).
+  * Security group rules have been configured for the VPC, and ECSs can communicate with other devices on the cloud. For details about how to configure security group rules, see [Security Group Rules](https://docs.otc.t-systems.com/virtual-private-cloud/umn/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.html).
+* Data center side
+  * IPsec has been configured on the VPN devices in the two on-premises data centers. For details, see [Administrator Guide](https://docs.otc.t-systems.com/virtual-private-network/umn/administrator_guide/index.html).
+  * The remote subnets of the VPN device in on-premises data center 1 must contain the local subnet of the Open Telekom Cloud VPC and the subnet to be interconnected in on-premises data center 2. The remote subnets of the VPN device in on-premises data center 2 must contain the local subnet of the Open Telekom Cloud VPC and the subnet to be interconnected in on-premises data center 1.
+
+### Configuration
 
 Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and policy-based mode. The following uses the static routing mode as an example.
 
-1.  Configure a VPN gateway.
-    1.  Choose **Virtual Private Network** > **Enterprise – VPN Gateways**, and click **Create VPN Gateway**.
-    2.  Set parameters as prompted.
+1. Configure a VPN gateway.
+    1. Choose *Virtual Private Network* -> *Enterprise – VPN Gateways*, and click *Create VPN Gateway*.
+    2. Set parameters as prompted.
         
         [Table 1](#table-1) only describes the key parameters for creating a VPN gateway.
         
@@ -42,9 +194,9 @@ Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and polic
         | Active EIP 2           | EIP 2 used by the VPN gateway to access the on-premises data center.                                                                                             | 2.2.2.2                       |
 
         
-2.  Configure customer gateways.
-    1.  Choose **Virtual Private Network** > **Enterprise – Customer Gateways**, and click **Create Customer Gateway**.
-    2.  Set parameters as prompted.
+2. Configure customer gateways.
+    1. Choose *Virtual Private Network* -> *Enterprise – Customer Gateways*, and click *Create Customer Gateway*.
+    2. Set parameters as prompted.
         
         [Table 2](#table-2) only describes the key parameters for creating a customer gateway.
         
@@ -60,10 +212,10 @@ Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and polic
 
 
         
-    3.  Repeat the preceding operations to configure the customer gateway (2.2.2.1) in on-premises data center 2.
-3.  Configure VPN connections between the cloud side and on-premises data center 1.
-    1.  Choose **Virtual Private Network** > **Enterprise – VPN Connections**, and click **Create VPN Connection**.
-    2.  Set parameters for VPN connection 1 and click **Submit**.
+    3. Repeat the preceding operations to configure the customer gateway (2.2.2.1) in on-premises data center 2.
+3. Configure VPN connections between the cloud side and on-premises data center 1.
+    1. Choose *Virtual Private Network* -> *Enterprise – VPN Connections*, and click *Create VPN Connection*.
+    2. Set parameters for VPN connection 1 and click *Submit*.
         
         [Table 3](#table-3) only describes the key parameters for creating a VPN connection.
         
@@ -88,7 +240,7 @@ Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and polic
 
 
         
-    3.  Create VPN connection 2.
+    3. Create VPN connection 2.
         
         :::note
         For VPN connection 2, you are advised to use the same parameter settings as VPN connection 1, except the parameters listed in the following table.
@@ -105,9 +257,9 @@ Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and polic
         | Local Tunnel Interface Address    | Tunnel IP address of the VPN gateway.      | 169.254.71.1 |
         | Customer Tunnel Interface Address | Tunnel IP address of the customer gateway. | 169.254.71.2 |
         
-4.  Configure VPN connections between the cloud side and on-premises data center 2.
-    1.  Choose **Virtual Private Network** > **Enterprise – VPN Connections**, and click **Create VPN Connection**.
-    2.  Set parameters for VPN connection 1 as prompted and click **Submit**.
+4. Configure VPN connections between the cloud side and on-premises data center 2.
+    1. Choose *Virtual Private Network* -> *Enterprise – VPN Connections*, and click *Create VPN Connection*.
+    2. Set parameters for VPN connection 1 as prompted and click *Submit*.
         
         [Table 5](#table-5) only describes the key parameters for creating a VPN connection.
 
@@ -132,7 +284,7 @@ Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and polic
 
 
         
-    3.  Create VPN connection 2.
+    3. Create VPN connection 2.
         
         :::note 
         For VPN connection 2, you are advised to use the same parameter settings as VPN connection 1, except the parameters listed in the following table.
@@ -150,15 +302,16 @@ Open Telekom Cloud VPNs support static routing mode, BGP routing mode, and polic
         | Customer Tunnel Interface Address | Tunnel IP address of the customer gateway in on-premises data center 2. | 169.254.73.2 |
 
         
-5.  Configure customer gateway devices in on-premises data centers 1 and 2.
+5. Configure customer gateway devices in on-premises data centers 1 and 2.
     
     The configuration procedures may vary according to the type of the customer gateway device. For details, see [Administrator Guide](https://docs.otc.t-systems.com/virtual-private-network/umn/administrator_guide/index.html).
     
 
 ### Verification
 
-*   About 5 minutes later, check states of the VPN connections.
+* About 5 minutes later, check states of the VPN connections.
     
-    Choose **Virtual Private Network** > **Enterprise – VPN Connections**. The states of the four VPN connections are all **Normal**.
+    Choose *Virtual Private Network* -> *Enterprise – VPN Connections*. The states of the four VPN connections are all *Normal*.
     
-*   Verify that servers in on-premises data center 1 and servers in on-premises data center 2 can ping each other.
+* Verify that servers in on-premises data center 1 and servers in on-premises data center 2 can ping each other.
+
diff --git a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md
deleted file mode 100644
index 3c3aa9631..000000000
--- a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview.md
+++ /dev/null
@@ -1,33 +0,0 @@
----
-id: overview
-title: Overview
-tags: [vpn]
----
-
-
-# Overview
-
-### Scenario
-
-To meet service requirements, enterprise A needs to implement communication between its two on-premises data centers.
-
-### Networking
-
-[Figure 1](#figure-1) shows the networking where the VPN service is used to connect the two on-premises data centers.
-
-<a id="figure-1"></a>
-
-**Figure 1** Networking diagram  
-![](/img/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/en-us_image_0000001592878805.png)
-
-### Solution Advantages
-
-*   A VPN gateway on the cloud can function as a VPN hub to enable communication between on-premises branch sites. This eliminates the need to configure VPN connections between every two sites.
-*   A VPN gateway provides two IP addresses to establish dual independent VPN connections with each customer gateway. If one VPN connection fails, traffic can be quickly switched to the other VPN connection, ensuring reliability.
-
-### Limitations and Constraints
-
-*   The local and customer subnets of the VPN gateway cannot be the same. That is, the VPC subnet and the data center subnet to be interconnected cannot be the same.
-*   The IKE policy, IPsec policy, and PSK of the VPN gateway must be the same as those of the customer gateway.
-*   The local and remote interface address configurations on the VPN gateway and customer gateway are reversed.
-*   The security groups associated with ECSs in the VPC permit access from and to the on-premises data center.
diff --git a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md b/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md
deleted file mode 100644
index 17f26e201..000000000
--- a/docs/best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources.md
+++ /dev/null
@@ -1,134 +0,0 @@
----
-id: planning-networks-and-resources
-title: Planning Networks and Resources
-tags: [vpn]
----
-
-# Planning Networks and Resources
-
-### Data Plan
-
-**Table 1: Data Plan**
-
-<!-- INFO: Because some cells are merged together and MDX doesn't support it, HTML table is used -->
-
-<table>
-  <thead>
-    <tr>
-      <th>Category</th>
-      <th>Item</th>
-      <th>Data</th>
-    </tr>
-  </thead>
-  <tbody>
-    <tr>
-      <td>VPC</td>
-      <td>Subnet that needs to access the on-premises data centers</td>
-      <td>
-        • 192.168.0.0/24<br/>
-        • 192.168.1.0/24
-      </td>
-    </tr>
-    <tr>
-      <td rowspan="3">VPN gateway</td>
-      <td>Interconnection subnet</td>
-      <td>
-        This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses.<br/><br/>
-        192.168.2.0/24
-      </td>
-    </tr>
-    <tr>
-      <td>HA Mode</td>
-      <td>Active-active</td>
-    </tr>
-    <tr>
-      <td>EIP</td>
-      <td>
-        EIPs are automatically generated when you create them. By default, a VPN gateway uses two EIPs. In this example, the EIPs are as follows:<br/><br/>
-        • Active EIP: 1.1.1.2<br/>
-        • Active EIP 2: 2.2.2.2
-      </td>
-    </tr>
-    <tr>
-      <td>VPN connection</td>
-      <td>Tunnel interface address</td>
-      <td>
-        This address is used by a VPN gateway to establish an IPsec tunnel with a customer gateway. At the two ends of the IPsec tunnel, the configured local and remote tunnel interface addresses must be reversed.<br/><br/>
-        VPN connections set up with on-premises data center 1:<br/>
-        • VPN connection 1: 169.254.70.1/30<br/>
-        • VPN connection 2: 169.254.71.1/30<br/><br/>
-        VPN connections set up with on-premises data center 2:<br/>
-        • VPN connection 3: 169.254.72.1/30<br/>
-        • VPN connection 4: 169.254.73.1/30
-      </td>
-    </tr>
-    <tr>
-      <td>On-premises data center 1</td>
-      <td>Subnet that needs to access the VPC</td>
-      <td>172.16.0.0/16</td>
-    </tr>
-    <tr>
-      <td rowspan="2">Customer gateway in on-premises data center 1</td>
-      <td>Public IP address</td>
-      <td>
-        This public IP address is assigned by a carrier. In this example, the public IP address is:<br/><br/>
-        1.1.1.1
-      </td>
-    </tr>
-    <tr>
-      <td>Tunnel interface address</td>
-      <td>
-        • VPN connection 1: 169.254.70.2/30<br/>
-        • VPN connection 2: 169.254.71.2/30
-      </td>
-    </tr>
-    <tr>
-      <td>On-premises data center 2</td>
-      <td>Subnet that needs to access the VPC</td>
-      <td>10.10.0.0/16</td>
-    </tr>
-    <tr>
-      <td rowspan="2">Customer gateway in on-premises data center 2</td>
-      <td>Public IP address</td>
-      <td>
-        This public IP address is assigned by a carrier. In this example, the public IP address is:<br/><br/>
-        2.2.2.1
-      </td>
-    </tr>
-    <tr>
-      <td>Tunnel interface address</td>
-      <td>
-        • VPN connection 3: 169.254.72.2/30<br/>
-        • VPN connection 4: 169.254.73.2/30
-      </td>
-    </tr>
-    <tr>
-      <td rowspan="3">IKE and IPsec policies</td>
-      <td>PSK</td>
-      <td>Test@123</td>
-    </tr>
-    <tr>
-      <td>IKE policy</td>
-      <td>
-        • Authentication algorithm: SHA2-256<br/>
-        • Encryption algorithm: AES-128<br/>
-        • DH algorithm: Group 15<br/>
-        • Version: v2<br/>
-        • Lifetime (s): 86400<br/>
-        • Local ID: IP address<br/>
-        • Peer ID: IP address
-      </td>
-    </tr>
-    <tr>
-      <td>IPsec policy</td>
-      <td>
-        • Authentication algorithm: SHA2-256<br/>
-        • Encryption algorithm: AES-128<br/>
-        • PFS: DH Group15<br/>
-        • Transfer protocol: ESP<br/>
-        • Lifetime (s): 3600
-      </td>
-    </tr>
-  </tbody>
-</table>
-
diff --git a/sidebars.ts b/sidebars.ts
index ba2ec9e55..6c7269a95 100644
--- a/sidebars.ts
+++ b/sidebars.ts
@@ -713,29 +713,15 @@ const sidebars: SidebarsConfig = {
           type: 'category',
           label: 'Virtual Private Network',
           items: [
+            {
+              type: 'doc',
+              id: 'best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub',
+            },
             {
               type: 'link',
               label: '📚 Go to Help Center',
               href: 'https://docs.otc.t-systems.com/virtual-private-network/index.html',
             },
-            {
-              type: 'category',
-              label: 'Connecting Multiple On-premises Branch Networks Through a VPN Hub',
-              items: [
-                {
-                  type: 'doc',
-                  id: 'best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/overview',
-                },
-                {
-                  type: 'doc',
-                  id: 'best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/planning-networks-and-resources',
-                },
-                {
-                  type: 'doc',
-                  id: 'best-practices/networking/virtual-private-network/connecting-multiple-on-premises-branch-networks-through-a-vpn-hub/procedure',
-                }
-              ],
-            },
           ],
         },
       ],

Category	Item	Data
VPC	Subnet that needs to access the on-premises data centers	+ • 192.168.0.0/24 + • 192.168.1.0/24 +
VPN gateway	Interconnection subnet	+ This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses. + 192.168.2.0/24 +
	HA Mode	Active-active
	EIP	+ EIPs are automatically generated when you create them. By default, a VPN gateway uses two EIPs. In this example, the EIPs are as follows: + • Active EIP: 1.1.1.2 + • Active EIP 2: 2.2.2.2 +
VPN connection	Tunnel interface address	+ This address is used by a VPN gateway to establish an IPsec tunnel with a customer gateway. At the two ends of the IPsec tunnel, the configured local and remote tunnel interface addresses must be reversed. + VPN connections set up with on-premises data center 1: + • VPN connection 1: 169.254.70.1/30 + • VPN connection 2: 169.254.71.1/30 + VPN connections set up with on-premises data center 2: + • VPN connection 3: 169.254.72.1/30 + • VPN connection 4: 169.254.73.1/30 +
On-premises data center 1	Subnet that needs to access the VPC	172.16.0.0/16
Customer gateway in on-premises data center 1	Public IP address	+ This public IP address is assigned by a carrier. In this example, the public IP address is: + 1.1.1.1 +
Customer gateway in on-premises data center 1	Tunnel interface address	+ • VPN connection 1: 169.254.70.2/30 + • VPN connection 2: 169.254.71.2/30 +
On-premises data center 2	Subnet that needs to access the VPC	10.10.0.0/16
Customer gateway in on-premises data center 2	Public IP address	+ This public IP address is assigned by a carrier. In this example, the public IP address is: + 2.2.2.1 +
Customer gateway in on-premises data center 2	Tunnel interface address	+ • VPN connection 3: 169.254.72.2/30 + • VPN connection 4: 169.254.73.2/30 +
IKE and IPsec policies	PSK	Test@123
	IKE policy	+ • Authentication algorithm: SHA2-256 + • Encryption algorithm: AES-128 + • DH algorithm: Group 15 + • Version: v2 + • Lifetime (s): 86400 + • Local ID: IP address + • Peer ID: IP address +
	IPsec policy	+ • Authentication algorithm: SHA2-256 + • Encryption algorithm: AES-128 + • PFS: DH Group15 + • Transfer protocol: ESP + • Lifetime (s): 3600 +
Category	Item	Data
VPC	Subnet that needs to access the on-premises data centers	+ • `192.168.0.0/24` + • `192.168.1.0/24` +
VPN gateway	Interconnection subnet	+ This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses. + `192.168.2.0/24` +
	HA Mode	Active-active
	EIP	+ EIPs are automatically generated when you create them. By default, a VPN gateway uses two EIPs. In this example, the EIPs are as follows: + • Active EIP: `1.1.1.2` + • Active EIP 2: `2.2.2.2` +
VPN connection	Tunnel interface address	+ This address is used by a VPN gateway to establish an IPsec tunnel with a customer gateway. At the two ends of the IPsec tunnel, the configured local and remote tunnel interface addresses must be reversed. + VPN connections set up with on-premises data center 1: + • VPN connection 1: `169.254.70.1/30` + • VPN connection 2: `169.254.71.1/30` + VPN connections set up with on-premises data center 2: + • VPN connection 3: `169.254.72.1/30` + • VPN connection 4: `169.254.73.1/30` +
On-premises data center 1	Subnet that needs to access the VPC	`172.16.0.0/16`
Customer gateway in on-premises data center 1	Public IP address	+ This public IP address is assigned by a carrier. In this example, the public IP address is: + `1.1.1.1` +
Customer gateway in on-premises data center 1	Tunnel interface address	+ • VPN connection 1: `169.254.70.2/30` + • VPN connection 2: `169.254.71.2/30` +
On-premises data center 2	Subnet that needs to access the VPC	`10.10.0.0/16`
Customer gateway in on-premises data center 2	Public IP address	+ This public IP address is assigned by a carrier. In this example, the public IP address is: + `2.2.2.1` +
Customer gateway in on-premises data center 2	Tunnel interface address	+ • VPN connection 3: `169.254.72.2/30` + • VPN connection 4: `169.254.73.2/30` +
IKE and IPsec policies	PSK	Test@123
	IKE policy	+ • Authentication algorithm: `SHA2-256` + • Encryption algorithm: `AES-128` + • DH algorithm: `Group 15` + • Version: `v2` + • Lifetime (s): `86400` + • Local ID: IP address + • Peer ID: IP address +
	IPsec policy	+ • Authentication algorithm: `SHA2-256` + • Encryption algorithm: `AES-128` + • PFS: DH `Group15` + • Transfer protocol: `ESP` + • Lifetime (s): `3600` +
Category	Item	Data
VPC	Subnet that needs to access the on-premises data centers	- • 192.168.0.0/24 - • 192.168.1.0/24 -
VPN gateway	Interconnection subnet	- This subnet is used for communication between the VPN gateway and VPC. Ensure that the selected interconnection subnet has four or more assignable IP addresses. - 192.168.2.0/24 -
	HA Mode	Active-active
	EIP	- EIPs are automatically generated when you create them. By default, a VPN gateway uses two EIPs. In this example, the EIPs are as follows: - • Active EIP: 1.1.1.2 - • Active EIP 2: 2.2.2.2 -
VPN connection	Tunnel interface address	- This address is used by a VPN gateway to establish an IPsec tunnel with a customer gateway. At the two ends of the IPsec tunnel, the configured local and remote tunnel interface addresses must be reversed. - VPN connections set up with on-premises data center 1: - • VPN connection 1: 169.254.70.1/30 - • VPN connection 2: 169.254.71.1/30 - VPN connections set up with on-premises data center 2: - • VPN connection 3: 169.254.72.1/30 - • VPN connection 4: 169.254.73.1/30 -
On-premises data center 1	Subnet that needs to access the VPC	172.16.0.0/16
Customer gateway in on-premises data center 1	Public IP address	- This public IP address is assigned by a carrier. In this example, the public IP address is: - 1.1.1.1 -
Customer gateway in on-premises data center 1	Tunnel interface address	- • VPN connection 1: 169.254.70.2/30 - • VPN connection 2: 169.254.71.2/30 -
On-premises data center 2	Subnet that needs to access the VPC	10.10.0.0/16
Customer gateway in on-premises data center 2	Public IP address	- This public IP address is assigned by a carrier. In this example, the public IP address is: - 2.2.2.1 -
Customer gateway in on-premises data center 2	Tunnel interface address	- • VPN connection 3: 169.254.72.2/30 - • VPN connection 4: 169.254.73.2/30 -
IKE and IPsec policies	PSK	Test@123
	IKE policy	- • Authentication algorithm: SHA2-256 - • Encryption algorithm: AES-128 - • DH algorithm: Group 15 - • Version: v2 - • Lifetime (s): 86400 - • Local ID: IP address - • Peer ID: IP address -
	IPsec policy	- • Authentication algorithm: SHA2-256 - • Encryption algorithm: AES-128 - • PFS: DH Group15 - • Transfer protocol: ESP - • Lifetime (s): 3600 -