From f92853bedb0b7196502cdd227f5afc3c7c95e72a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Sun, 16 Aug 2015 18:09:06 +0300 Subject: [PATCH] Added diagrams and improved docs --- README.rst | 21 +++++++++++++-------- certidude/api.py | 28 ++++++++++++++++++++++------ doc/usecase-diagram.dia | Bin 0 -> 2289 bytes doc/usecase-diagram.png | Bin 0 -> 38464 bytes 4 files changed, 35 insertions(+), 14 deletions(-) create mode 100644 doc/usecase-diagram.dia create mode 100644 doc/usecase-diagram.png diff --git a/README.rst b/README.rst index 9043bf5..f062394 100644 --- a/README.rst +++ b/README.rst @@ -5,9 +5,10 @@ Introduction ------------ Certidude is a novel X.509 Certificate Authority management tool -with privilege isolation mechanism aiming to +with privilege isolation mechanism and Kerberos authentication aiming to eventually support PKCS#11 and in far future WebCrypto. +.. figure:: doc/usecase-diagram.png Features -------- @@ -106,19 +107,19 @@ Use web interface or following to sign a certificate on Certidude server: Production deployment --------------------- -Install uWSGI: +Install ``nginx`` and ``uwsgi``: .. code:: bash apt-get install nginx uwsgi uwsgi-plugin-python3 -To set up ``nginx`` and ``uwsgi`` is suggested: +For easy setup following is reccommended: .. code:: bash certidude setup production -Otherwise manually configure uUWSGI application in ``/etc/uwsgi/apps-available/certidude.ini``: +Otherwise manually configure ``uwsgi`` application in ``/etc/uwsgi/apps-available/certidude.ini``: .. code:: ini @@ -136,8 +137,12 @@ Otherwise manually configure uUWSGI application in ``/etc/uwsgi/apps-available/c callable = app chmod-socket = 660 chown-socket = certidude:www-data + buffer-size = 32768 env = PUSH_PUBLISH=http://localhost/event/publish/%(channel)s env = PUSH_SUBSCRIBE=http://localhost/event/subscribe/%(channel)s + env = LANG=C.UTF-8 + env = LC_ALL=C.UTF-8 + env = KRB5_KTNAME=/etc/certidude.keytab Also enable the application: @@ -272,11 +277,11 @@ to generate user whitelist via LDAP: .. code:: bash - ldapsearch -H ldap://dc1.id.stipit.com -s sub -x -LLL \ - -D 'cn=certidude,cn=Users,dc=id,dc=stipit,dc=com' \ + ldapsearch -H ldap://dc1.example.com -s sub -x -LLL \ + -D 'cn=certidude,cn=Users,dc=example,dc=com' \ -w 'certidudepass' \ - -b 'ou=sso,dc=id,dc=stipit,dc=com' \ - '(objectClass=user)' sAMAccountName userPrincipalName givenName sn \ + -b 'dc=example,dc=com' \ + '(&(objectClass=user)(memberOf=cn=Domain Admins,cn=Users,dc=example,dc=com))' sAMAccountName userPrincipalName givenName sn \ | python3 -c "import ldif3; import sys; [sys.stdout.write('%s:%s:%s:%s\n' % (a.pop('sAMAccountName')[0], a.pop('userPrincipalName')[0], a.pop('givenName')[0], a.pop('sn')[0])) for _, a in ldif3.LDIFParser(sys.stdin.buffer).parse()]" \ > /run/certidude/user.whitelist diff --git a/certidude/api.py b/certidude/api.py index 62843c9..702d698 100644 --- a/certidude/api.py +++ b/certidude/api.py @@ -1,5 +1,6 @@ import re import falcon +import ipaddress import os import json import types @@ -23,9 +24,25 @@ def omit(**kwargs): def authorize_admin(func): def wrapped(self, req, resp, *args, **kwargs): + authority = kwargs.get("ca") + + # Parse remote IPv4/IPv6 address + remote_addr = ipaddress.ip_network(req.env["REMOTE_ADDR"]) + + # Check for administration subnet whitelist + print("Comparing:", authority.admin_subnets, "To:", remote_addr) + for subnet in authority.admin_subnets: + if subnet.overlaps(remote_addr): + break + else: + raise falcon.HTTPForbidden("Forbidden", "Remote address %s not whitelisted" % remote_addr) + + # Check for username whitelist kerberos_username, kerberos_realm = kwargs.get("user") - if kerberos_username not in kwargs.get("ca").admin_users: - raise falcon.HTTPForbidden("User %s not whitelisted" % kerberos_username) + if kerberos_username not in authority.admin_users: + raise falcon.HTTPForbidden("Forbidden", "User %s not whitelisted" % kerberos_username) + + # Retain username, TODO: Better abstraction with username, e-mail, sn, gn? kwargs["user"] = kerberos_username return func(self, req, resp, *args, **kwargs) return wrapped @@ -34,7 +51,6 @@ def authorize_admin(func): def pop_certificate_authority(func): def wrapped(self, req, resp, *args, **kwargs): kwargs["ca"] = self.config.instantiate_authority(kwargs["ca"]) - print(func) return func(self, req, resp, *args, **kwargs) return wrapped @@ -86,7 +102,6 @@ def templatize(path): def wrapper(func): def wrapped(instance, req, resp, *args, **kwargs): assert not req.get_param("unicode") or req.get_param("unicode") == u"✓", "Unicode sanity check failed" - print("templatize would call", func, "with", args, kwargs) r = func(instance, req, resp, *args, **kwargs) r.pop("self") if not resp.body: @@ -212,7 +227,7 @@ class RequestListResource(CertificateAuthorityBase): Submit certificate signing request (CSR) in PEM format """ # Parse remote IPv4/IPv6 address - remote_addr = ipaddress.ip_address(req.env["REMOTE_ADDR"]) + remote_addr = ipaddress.ip_network(req.env["REMOTE_ADDR"]) # Check for CSR submission whitelist if ca.request_subnets: @@ -220,7 +235,7 @@ class RequestListResource(CertificateAuthorityBase): if subnet.overlaps(remote_addr): break else: - raise falcon.HTTPForbidden("IP address %s not whitelisted" % remote_addr) + raise falcon.HTTPForbidden("Forbidden", "IP address %s not whitelisted" % remote_addr) if req.get_header("Content-Type") != "application/pkcs10": raise falcon.HTTPUnsupportedMediaType( @@ -308,6 +323,7 @@ class CertificateAuthorityResource(CertificateAuthorityBase): class IndexResource(CertificateAuthorityBase): @login_required @pop_certificate_authority + @authorize_admin @templatize("index.html") def on_get(self, req, resp, ca, user): return locals() diff --git a/doc/usecase-diagram.dia b/doc/usecase-diagram.dia new file mode 100644 index 0000000000000000000000000000000000000000..e3db94928e289c6d76186474015831e5e3d4b3a5 GIT binary patch literal 2289 zcmV1y*VcuWL<+Lyg{tNv8tf*Tjf2yT2K@aG-zKqhud+N!ldB%~P|s1x zFdaq7_^S8E@Bcpcdp}&CeLsrA@8Hik3nvcTk>vW@Rqw7Srr%v$%;$42UgTksW?mf4 zyj)%U9ma8Z0gWzt*JqCNRKO@KLVc~i8Wu$s4Q7RMl5nD~dV_HIb)2QMWYnu#)$N99 zoMz5_7+>|?-Ikx;MJ?uHNzOB}r{P!)G8KMp7LDK&1Z_l5RkkX2GEMUcniPxaT9XDj z`tK)g>Q*^4O2*gk-m`brBh?okWo>%UMkU20%*Ii&t_N%rSB4;-PY3~H@W2m{WD-Bv zWPf#oF>yV$XG}LoaTlqDZ$q z|7{rOyL6zs{J+t*@5miz(dhYsyVRmV$~+nscl~dM%vDKW7?OS;<@mDS?^^*BvC^$V^M#|ei;bpP<}iA~bMpK4gto&6By!_+xv;{1U3xP4@s(U^Fgqz<3Y@ zlwrn#4!Z7CG`=gEl`(h|R5HwcA9H~T744M4M5wlP40#wWe{ct78gpjZx+^RbRfO89 zxQ*g?2NlaSdp{NVT{`b?;PTsv%HFohi$$zf6{uu3sb9<*RBoI!_p)CcP5XCg7X6hb zMHoNZxfK?(w;I63A{v@glFtU3>Zx99BUKkGbZ>(D8$ixcn2iAOe^=j%4RDV;!@Y1Z zHHr7kV?+>*?}7-b@t#X6L8(V2Z3&r$HpUjfUuo0y9?OVusohHO_(6NpXf{#}G2}DE ztI0vZ{WodU*PYvN62%L6urSGcPB}>RV61QbS;hBCJNDDjx&ITa%>Wyb*lNX@WL4uDGANhs-x zN`$)DASe-1kx*2UP%18os8}cm>cawYx-_)C;VcccG}O{iOG8`HP}&*rxhu>9KBkxg zz5@v*{E|q|7ryTbO+qDq{VepybP`61GX$5-(l}O`WuvCqsCG$BMhUlU^rYD+>kLjV zHpxbDNk+MgD>{0~OD+oE`Dv#_+nddDQOiXw7qwip6&K}Q;hwqJC>QluKuUCHhy&Pj zq_JNoAjk<2(N9yA{P**3XXCI?^KfBlsA(Fy?2VRy9+ZI6qYzNhoq&>K@XvZl{(*mr zlTU`WHJjz1mVa9QY58X>{wcfjPid5XA|C_)lp5!;#(m%8>=bgKH$|2v9zj0mR4_q- zY!cqGWDAVY53?+tKa-Ou9YyzJm5iS!n7pfstrT`g4carn0b#V{Ym?Z+Pnm6+=>}2~bPhp@i%kxEQbnIGX4N7H zf#?%qQ0jYxx2;fo6+viw!|f7=GJ{bk1=AxbxnzjRfCCWQsMAKBHtKwph2Whx{t)Kk zz$C&WPjW#uqU(hZB0a(=0Df>HD<5Sc_$~Mn-1B}`X#Xu1XW?iPB|zXZy^q_*qsEJJ zmYvi_qpxl`WNS2vad)KhSP%qy(UeQdjEAG536jm<>l?EF2A%BT9dtXcQTVMt5K<-FJv!7ZaoLsEe^j^p-V>JSOx8 zHYuq*fiyWlyz6A@KK%-Pi9%KnOLGfP$A>5K7B@VQ z|2ueM2Y@G|hXNo^qZ4^VCweOA^arpgXMP8QV~CT0X2Ep@opMrm4bI0O-+#71bp)WI z7N|}Ms2VasolEs;nf0J9>#_>J6J!BEF~BOViDGuC^DRDNI^V)5B8C$|jop0VL=c9~ z`wVf(1tN^ow&%InJkSC1K%z@og7HL90|JOcApoYPOOpTrIFaSRqS7xBK(g|{8pOnr z0AQ_`FAV^8yua9ZXRms^H-#phtD~{u-PqFe%Rye9R;HDm%0XpcK0bycHV83(SQ)7n z2;N#Um%Pp6AsQ9_>$`Fc>&g{1!IP@V9gyhv@)>s z{ygGI!hA_E6GBSrw_VBHj|yTIAdE%ZI=EfvjZN^qT!IfG)Ap5};$;&01fLk10cw@C zoitz?%%qg01T!lASBPevRyp=SGsXa21fxFZ3<0iLG_z>-l4!BTq&_t26`|QtmngYM{eY4{V;K-M$t?(+C??X!X!#~l@HJx zR_d?#M0TuvxcTDbv%w_Fwc*d6ZnU)vnnz10A?-iD%_qH{d{Xtj{QaTVXG_0e^!n@{ LIN#c2gnR%1W{_R8 literal 0 HcmV?d00001 diff --git a/doc/usecase-diagram.png b/doc/usecase-diagram.png new file mode 100644 index 0000000000000000000000000000000000000000..c01efe51ea58b569fb4cebfd609e88df75cb7e34 GIT binary patch literal 38464 zcmaI82RxPk-#>mxk(807B#~4`wv4P3Ws``^L`ewQTiI!lkgO<~$=<89WMpLTQAkFT zWd5J0@9%g2@8A6&=ka~iw>~-NI`8ZKe!ZUSb%knaoZU&ipPE1*>{M1#&?XSby9fj_ z8!B@AO~`g~cKo)*k*KUgMMc#&qB)E|Znsyu=!oC{y~w^_VR}v=93m(y$m_Vp{}^yT z^=NuicHa6ua|5$sK)yl>sjfzbmVt#;>!*y<58F~KvVPp;u0L)i zVaq`u#Sr1$*totrw&67~As`aaH}50UJa+1RqqFIs>4QRcUEV`oif;sH$nde=hWg#1 zNwU5ws;awLpR-=Se*NJ?h6^uyuU`?3n&f3wV3#Can_O;q_+grDbss;5Odguix^RJs z&DT&vgQ)Z9j8pXe!@F5Y|LBnRrKhxUO=1E9ha{Dxyw+DlPpvKZkui{ylPg&MpQs#om#Ty1RO>5*zB3=~$mf%I_gvHEmDzKwe5p{?kKA`2N4fK0IJQ%^0fD`u8a{ z7O^E*fcah|mpa|vG_0X_b3%oZQ@{zbUxB1m@nhEd|M`98guDCS>}=iuEpzj+6veO? zYO&gehN}%Pk1?uvdwX}KSyS5C*=_T`CA-n&rd~m$QdUv9prhkt^K0qGj+H~{M68yv zt?kQ~FZqbaxVX;f=oHSp=Vi*;QZduRv$DQ^{hF1P^>Z680B`sE*Dw63 zATN)ej;_?>H#hOvp+kp6L<&<<-qh7Sn{m5w<3?FonS_MIbk{4>vYV+{S=Q}2<6pnN z%+98!rsh0ygiXdP#(jwzW_7l)_sJ@(&gpcA3tp5<>j$2x5PF1{QiE$-kv5(<%p!J=}~_E&lW%3cab#-5{Z9_wYu!zXo z(u^V2-1=v8lI+~@@cjC!>&~6`_)V*+cI-GgL(R^4{P;yJt=g*v!Mj*JW_pVp#@^@k z{J@RBc(Et?Cmm7!A{MTxY_Z-OF#5?6Tj^^&XaZR8XXhk_!L`p zadGdTxvla1pA#z5lV4w{{@dFdROWc{$rA%7?f0|W%-Q`OC@QS!YH3}vwN-ZtcS(Qs zO4fBYJ6B+jO8CLc-@jzEwzkHdw7a0It4MXl!s1bMbk47+$%0_51Yn*y-a1mY-d2-oz5Ih}r1hxG~#XWQ{_CJ=V`_ zc=_^WB_*oJdJ6&O8Of2`AI|IP#Y9J+IB~+~&#bZa&-wG`u*tNwwXv7KfB$YI<+VJY zTwJ_V>M%w}v=F*@;X?EuHzQgjRn@RRRe$!cuN0YYfBfQz68|<`s$o67oMqqDrJb8a zANjFs`HiTihLSY6>gpE~-_+Mzjem?_Vq(h3$iN#j2W6zEb8>PP+Vs3Xa+tN7T6Xo> z^XH4-JF*H33&+PTEG;Ln&9H|nU;mo;EG;c9EG&$bI4JE=Xi?7)Ko>|fE9i;WFj)OD zLBoxs!xh>P%pQ=3;TdgpsuDCva4-Z zR8-X769FIVLw8UUe-9Pd^q01FbU3dq|HLQ0c<~}IF!0>DbIYolNittolzo?eTnx}s zR#rALicd{F!f&{bg+BrZG7^-C4ChZIzXXoFalVl6@vop@8t^EDlI<@#`Zpg7W zCMKq#zP|qB$3p>c-n^MViuYapJsp#j^nkA1bJV+`Zdh?re>3?BhNCqo<(ky>)B=zS-Xaf;ScE{xq8Ux}VR`S^FbXv%K(CRYxb_ z_HByTwHk(icMLy&ORL&&6IQs$Uumqf+BBg>y!Z zbQ%!|%e1KYL*gzrF}H8ue)42Ly5q<|Mf{g9oLjdlKW3%yJ4jxayO)1(en9;?IeFEu zU*)a`_e@?9py{jfbXHfN`S5^k#1eoq*Uu^|Ua0 z^e>dskozr1(AvBRb-ACDYBU~S(r^l2QdX}*QKCLVMUbYBYsz`KuADsIBO1}sp-c6% zr---GkDFqiOemK3klbvS<{k9O)2Z5YqXk1w=#UA+FXTzxkZ#Mrru%>XE*FC`aWq0{ zsK$5V)U)*T$FZ?JsZyz0$A16*-IR!Xo}Hd9N9FG6xp`AvT*JKCKiX|7t%{{MPioLv z<>;x0F)^P%eY(DM_u<2b<>lomDIC=w*(Or4JPr;&19$AbY5OWU86BlXIxqD1jA2ie z=L7e(SLU+jUX(c+TM3I!yiBTca!>2x(w;wWnQ{sUFDd!+LOsqc{@CpTUDcW&X+^b0 zC*QJ^KgT|xqM>Qmb{)$rC^$`Z?ieFl z2+rj6)KpnT#aJBWwry9hUQLv8MfY(%9Yhlv8k$#BB<-?}QzjEpQfIeE{X zJqHgSTqgf>;lhQjTeniu9?br4tv9o>@>EyC&0)jPJ9orXr@w#i&1P%nQs1H(FP?XC zqDf3gN5{s)X?Yes*YL%{!U8upx1{4Y8e)2Kvi!Mof>KhRbAwg5aI-x9J9qB9e*HRr ztEqvCnp%IEqvh$-{*NB%$jSLtSIczmQdLoLTVq;dh*e7zwroaYM;rUeJ&uz!J3FiQ z%B0He=P2&RlcKK9&VwS?TKY=tJiYf^w#lyXUd?>+MABqG?SW%m9qu0FI2y}=C3ZVx zyp|hPRkv*M78I=i{{6;&hKchyPNp?J-hiaU^vcQu>^eB-latKFEN(!q%Pc4Lc1FvUcg97Ik!W;ogXItCNh4Ff-(wy7HoeMW<*={ z1yO#>`xSlmgL9pr`TM&EB!sxRKMf9UU<)+F@SmkR!o?L75Fik%w#~ow{Z@+D*w~eo zm467cr@&H5LITjx%F0S~I@frJ{Gda$3eH-#zrVkqU+wbGF&-WsHfax$>tBworAjz{ z1Ih^t4aGLbPdMA0^?L=_Udt~KdvDJk(@>4qz5xLNZ{NME@!dRe_^?0S8-X9If97u9 zya^9?s-fZH;?msQ{9Zs!QSk^nd-9c|DJdy@Nrn0O*tKhahJ5*WdC}E@L(vzk zMD}lRTh99vlLcZMJ4cK1+FuyFh>Enfjz2)#Xg9Pj6;n@g;9Veva_xBY{x<>A7;`+WI8&!=es zN$A4NtYFjf{+lii)z% z9#|A25yMIDjg1Yg|C1+AsMtkCi&#$H2(KSMX*XyyP#)EEwV>w*eujmGC9;0}{|NxZ z%8LpMdAYf7Iy#=Fx@c%P*H`l31NYmWo*sa01qIF%CvMdGkyZXEywV%JUf7Sje#d%3 z{p9$Q+@hTsI+;~f>-CXG3knM8iT?u&SdE1PtMD6_7dlO~y?=j3GU4F9eagvN1}@#b zK7C@&-*rG2)*Q688HgV{JEK)n#Y9AynVA(76)zeXXv7L#`8oP7UR_65H<*?U#rA%Z z9=YFJ31><<&Eo4FYEn{$Dd!6{ofi4H_dIJaqq$a~&rw}%Ss}|nxU|0Fo|)+{o;JU% zc=_@|u9*>c^Z$*sJyV*=%-PXRSHjE7S3Z8^WC;CyLg`Q>OXz>v_S&s_3noS{PD#bp zFI^|Y>*qCT{1O$_)V}n%$CkQ%PB?r&%W>ia18cHs?JK2PHjs%cR}2$kGAy-qbl&G~ z3)mmBi(GCl*sL23jB?k3^ykmN)cE?Qj1f$5td>uEd-L6UZz-FDc5ORTPDhZN;D}HX z+27RPU-{z28GU_y0LqJ`*FN9czp_KdyV|CI_PlZ?apA1(ySdOZ)MJHG!97lrUL{xJ zeAZWXvWQ*#p&vQ>fUWFZLz37d8an^*_1N*iY?)--zs)BFb zdR^uD=ShyxM?r_tw>)||;q^wHOaz5n!b13Aj|U$=ew?45M=iVh`2nkx7&o_yl2S;x zPU*zwp`d{NS^+WsdkOK;nOQup&YW-lk$k_oj?T`Yz(7{im7_-~*`Md+B*w&iaCd$i zLSJ%Y;QRa&@dQQfhZ|oTN|I!=+^r7mi5efx&(AtczYEvoGt!d$6mP!Jc5_%x!u5|c z1A~_sEg8YS0r+VayURh8>qQOPF{qF^oj{8{EQV_(h*T&KJ?KXJcZ(1hIXg0&GxohP=nwm33K_F^%nkYe{t`qasj_V}+gH_XDJ%fXTuS{#0=;$5;k^trJ z+_}@x+VuSS$VZQ!XJqswu**}*{nJ<`F6ZgToG=D=-$Zpj&iHBJYlG`-e@1e0>(T`f zgMH%mm;P{4)cglQO4A3Kk$4|Arn|dDteQ!cM^Q|S9?P#3v5qs_wM~cYr?hE?Ub-4z zyqKK)+LFg(;r8e1ow%-*+bG6poD<{YRNJ?|G%RTbfK^t`IPbv~Sr4wR!(DXVV_Hm9 zRQ7*?;I)zIuKe9cn|CLqcyn|69OG80ds0p)1a7$l{Q*)~An_u!h~VI}mK|*3+`9H} zD0VwI$W%N-rwda!JIMh3XG88;XnJ}&1Kt7`iq1!Lq9!b#f%=6nIoDrynj@mvre}0y zg#E}7MWZ$nN8??QEAV5N3q!;Oky zWMssN)XUbtWwyy8JlXXs37{lDKfld4ujkZD;&#IDUgjWHNvCU@8|y_yML1DMHRAQl zZeC%#cq(YnqXArd&cAFn=eb%v^nu;*#wYm1| zbI?wf#8d9XXRS+UPPTnw^bv!;^t#^Or*(CAKDf8~J96!7iZCxz*qO-oF1EjYtyEid zsSXY1Uui&@V&XG+Yat}z&v5_{L`_-w=Rz-0Nel&OWof4GKC2Y*^l5rx7!#kQ+x(@W zSQB31Up=q=Z=Djun!nDz*l80D zd~W#k>BaNsH2XzDo*GfH>u6~i85=jKstO9W%KI}`NYWC#sFMO4J35Mh=+RRkL!rMO zk<=*xCIk8>Ub!O5fA8Jf-b_Ay-eNyL(np;;XK*z2@HWyKF$cZ-@WHgyegwLOIwetw z^C390w)Vs5Xr@~bVSG2-r@l5AnHaQ96`l?*&Prd5lKnv#9*8`u*_mS;7Zn9Q>I|&` z@C*_%9cyOA_U-4oa*UT(*K_r4$jFpWmYiNQxlK|9Z$U2s{C1xoevOVD5T2JO7^PC> zI(Lv5qQC)6|Ng^=>FMd+th>ufvsIKzKbV`-(~q3kxrH#4@$%(BrMsiOy#SGfQE>1g z@WGOdZ03307Wn~jeeCh z^ik(BzC3=+3~Zee$q^8qoxM2vPB;|%*i;3G%gJdCKN-$`I>)poCo4_UzAXii(O<>||uOpt7ky z7P!@tOYj?7fKG|Ng@X{QlIr2+R$5kuQb*5vrzTI|hC#W%>E)kChp2GprT4S2yfP{q zotXGD`ff)+cv;!sC!*F&y!tIa#Qs14eON!<(xPQ(Xn6Y}IYClhORI&=ckP_9@k@|N zR#s`JNv)LKKc#8v<{1>!vj5k6b^yO=B*}RH=*}A*z3gQ>Yh2;tU>pZFRhg4B3zW8F zugjYbLjr+FQoc-UWH>l(pLvFk=Xq00mWP)H`s0#A;PraXPxV$cALS{F=;nopJ-6lg5#0H(J9p09 zKj4n*d^533=0)+INbuFtemImL_*tV<;p|X~cJe36s*3=bfS^zUL+E-7EFT01Q_AiV zCXoL}nLj)Tt=E3!&DjSBccSz0@-}vNKb}VWf>S5iVtO`XzuP2nhc6*cNzh3B7HkOeS!qPF$|ZUIm|Bcsi1!=5p7ze8d&YpSUoA#XiDGSBct+xH8d3kvb_`ZpWi3%Ucs_3AjJ;}<*_&fGM zwy~*cbN$bd?8fr5($empp0dx;hZ4y7<&BIguUz>W(o9a!)aUJ7`8^HofbYbK#3xTa z?L88L1Ngtyq0vXj&ugDQFXg=#e*+aHVbE3>Acba||DUCJoq^r29I>-DWVs^Yh5UqO ze?ZE`W^u9=z3V|z5*tnJ1{Y1;ewILd-s+#2qmnxar;hXUquz~zp@18jR(Xi}thu2! zKojBS=bwXF1iqUj?df7JvePkavGlxi*ZRbc$rFZ_7pL0O&pn&%FC$e1?Cqtw&%P6M^%e`b zJH^1M)6-$Hk&ho=yL3qaHA+|*nt397z%j;8$)|&ZXxVbIvk&avJvKHbY||}(`p``E z3FUP0_itP~q*58*jk~f|SFY&l>IT})j*OVWe!6zeZHYG~>Ntc2@vDu@tfW^0?xlTG zZ4sNEURQa!B&ZoEIN%d?;OO`7l8{f=^h;gZ+VJJUKH-kw1AbPGtzPfdr6ubMB%UzYDBBX==87eFN)$@$uxXp@iXjoZWAYu_WIO zfbAe84~5aOP+K)MHIg4g#|`D7@Y=cS*E16nO@L8h{Xl9aDrsrWzYE*zi|tZq)xL{O zW(@}uN&w_zY3~(Ab{I!T`1v2uQSaL2;_6DfeY;g>&5IY`0H^^$bCQ!shKCQKp15aJ zR(f@2U&MCAcRmo;bb^Ox>fub)4yX5>oRtRxAnLiF7r=mDGeWA6#d~s zm)XUL7&av*4uTuQ{{7`%e{agmzYg2WFDWig$2#F^*1dV5u(`4E3z}|w`)R7CMCrcz zdhAGAb~q410pX#c%IfMnCme3vI8m+p-#ikdS8cgPMT%6=@RgL6_w3yZ=grZ?UzT?h&a za-Qz|JznE^pS424iNeHtW6iy{&9&+c-Mt2&kc978u6;-F;N! z?t=$x5;rZ*oukJFyS5|j-IJ4ci7?vA%RSDVIm3TU9z_H{wZ66n1V~SWf`O9g`FG(6 zaS|&6lJM2-v@j$ps7N@cRLKzFmbT$MHPzPxbdeFM>R_wpyIi5$yZ2Rgw$0yD4-&v< z;S!xuR2(st@m?u3cI|f(X5K;e^jGV(LR4Ws!{X)DRYyx{uEW&=bE=Y0J)ngJdnmDDDspM_i}a z#O?hi#h=c>@b{b5GBH8@T6^>e7nlGN37Si4Y{o!y#d&!M3P=G8K}^O4u84>q-XiB3 z9v!Wrq@-VPwJA&Q)i&CL{ZqSDx70qndzZ%1@fY+oAV3t|5zw)xalqUtvESYV?f}>Y zUi&pa?-!xe(gb7*|Gmd%=^o3;(&k%aawq+{pYP>9aiTakx7JRVQo3pMU0Bj7_muSX z$*CzTYwOjq540(}Z&h;~KVIM2$yApMi0oCZL4XmUWQWq7o|T2KJpgGnrGPM7SX2Z= zDQVUA9M;voef#z>GScBo`M}46*_@`GQDQfgC}PFX>Ofcqqw}EM=05_5(cHZ5k^uRZ zEg*hpoH$xCA+n6LKlwT_0m%;@0R!IR>d71Zk7a#jqEytCmG{Z|oFcu&=J3H-la$=t zmQSD1z3f_^%K!ZNv+B~WZ!#S0>}C+OAp0bVT3^uDXKw5vNE)lDHDXmDd7-7KtE-2S z?tQJklAZnPk}Z61G~QIzm})45Ds(bJ?hE6%`EVi5Dk|<{W3gO=boC$zYWdFTMt*744Q&Yhmq5m)S_Zxv*`1<-X zCsQPh0+6BE;f!ghsN9aaEBBeg(qg$A-pJk)Mvvp;vtPVmVqwX8wk7Q2uaf7_pF?Ku z`tk*8C|b6zfx#1?#s{e{UTDOL-D|pB*1nI_1w+53N(Rz9y`9`cD4n>ht*`$$I=U0O3XTvH zD=Qy6yF6})1c)~Ph(?0sZ>SNWyN`OfyXW=Tq?{&``Gpn_`#V=Z8(RR{ER?qvCh@~{ zmfbd_a=gC24k8F||L$hl7LO#*0mU$;D(_Vizvtz(0k$Sx3Q{w6U((OX`fgOB7GUv6 zcZR=KpDJme==Dc6H8t?QNdoQF?Kjs~e&f1P|FhE5)#AnJecSr_;$B~J>YFXcp&TL6 z&sV0K@GfybA-cVJO0}GdS`LLzS4RhUO@2H1@|JDODq33MFJI2UE)LyAybBu+sgIT4 z)--jv>>=OHd$O9(S|LUl6k7_#8s}BaE<#m@aeX*IOoj8Jooho|lpE&3=s zfK}z~JUW?zn_oXoPF|Bt&~T!=4D*4Cni^X2;Q)|lL_vrj|8enV)aN&EQl3AjAO$Z_ zu_v11CZ?z3{u>MuZnimqAWL0c9l%~o%RCIGEDao^(W>3)wB`wD{1xyuWLI9a$>IB0wBbJbui~2nz`T=D;E& z^XGV)ig$%)UhVPwQ%{fkL~{awte>Sqj69)mOW3>of`Z712sn6Ba0{U#{G5op7l;Bw zv2ELBX6)k<99I|~GGuOI}0JprYC`P`6VSJfI9;TW>^;6ot>Q>HVL*1&#_~*rMm3+ zct{%W-)n$;|5`($XRy-U|73c0_S+Y5Tx{&U0}|Srnhzq=dS)eEhLJNu7~vpMNkL&8 zF(Nm`t$t7|i61|G%1lnaHOWgTq>YatTRV$2X>Aqc;2@qodlcr9HA~Kp{BR}CX7m3A z6x6s1j4KNMKOCLj|D-Vvb8xh^x8sOG9+Aqe5W|NA1qTmRx}R54x&|tS4Jzn*8$=G$w4$M{WlCjwaNN2C#Si{ z65JNu7-nlg3yfr_2ff`1P}!1_l9H3zLlyFINayEkEw3Eo=Z6c3EhA5b4{>ht^g|nq zPD-k=>B+}Y#CqLaU7Ep98W-}n)E(jE1fYOa2$^T>C?q6)ATt?9)GSav04&YN0J%buq~+vjC@4^{KZ=is((z{RQ7LAc_r_1$z+u*nV*5BDq!|9cl!&&Ovee+Sb;HN#3V10s;a`nwqi> zqXF>R($XesZ*9ST9_hE{508v2aQk_A|2?MNyAN}5bq+R-SP~ZH?2V}+u&}sb;05d< z7+#Cb%vEOs70!nlJ_CISCk&y8i12VfP3NuU!H*x4{36PY zC*x<4%*x5hfd}wLzy^Lgq=(kFHV#OSC~x|@x*Z=Q4u}3H;$&u)EF^T($7dq6nH+Fq z-@eNtVqz!sa}RNFTt*!OmnmGzw6;F!CP%0)`5d3cnASb~ej@LmMD+gr)> ze@6SBa+$M3iNGBPsE2BR03b+?hNdQ{H;4sNKr~cTrCxvY(T&klkkdm2Me3w2zwXW* zY6Sh_;}2L_O+mPshQk6CilT<~Whpoq{seGygo7g=fj?aSzm)GCyS3jjC!XZH?hA7n{XHh?!CS=d?ci-%-zW70M_$}u&^WU{4(dhUAuNI z^QKcJgN%Uo!`@%}-DQe8WLvBY_Jm7;lFFr-Sc%OhnUIK%^grSQKyd%!18Qq2ccNKg z$Tr8Fh!bq>dgw?6^E{21^*XXmjmvtV`>0Y`OKv1;msAUB$#)+Mbh4u6RwA7R6ruai(Ci$6!5gHr+SY z{z9rJ?SO$otKBlx#AL1cgC4xlk*_pF10Z{PdJ4xjqWgZVuSZlei_~MTNq6O$S6E!R z^4FT9)OGGA1H+Bu$CMt{4|wn4BUA$KuL>~VEpwcJ8tIE51yYW=gsT&y<;QMVhxOm= z9L5&=UoLzSZ1Cg$ujOV;MO{CJv*TDbMDz8PI+&NRF3dgEI))Pf@9y`)0u2A33k%v> zTFcX~YPxO2T3bDsXzF&c4Q8NYWM-;3MY|vxqiA4|kIeI*p^sbSD&+RGsYBHU_}RSv(tp{kL=-!KaLkjjJG}&PvY?!JX;v z??;X%*KSCLrVi!<4}`4g=^b4;qXKtlrl*B0KGFe$rW6#`L6h11d(_y(gn^r`<=5+u zjDcJ4F7p`_9y@i)>rKFRI0ON^1&sr`6&+A|xj8w{% zqX2341x8)$*U$B%w!+xD6B>&4H^2J91vMR%T_f>S{Uw2Po$t|nhWJv*aD+4~5}-Q4 zfyW{t?5nBPIJ2=n_2!My)p37ribXlCK&LXCKXBBJ?rw2}@p_nL2-4@lZh&x;l1v>O z@=#g*{p$eKR)>u&p&=I*6dZxwZd84MoktaKGQXqr#PbG-RW~4#fW`ze;IH=IE5;53 zA4!sO)lgUG1j5=s z^IY@GmoG5Nun$~+bickNa7tPlR2eXE1*DUnbtj?r73eOZ&>s@yt52oLX&{55UN2*7#3zs*@9H!12Ef9XhJzgv53YYOh`|kceUvWY?!`(cDD^l;i4S( ztgom2)WG9rm63g__U+rJS-%J^ilonSiig{bfT)s^5|ZJ!wonrPz0f=JJ$`>bq8dGX ze!zd%$IqKa2A|rw{TCMe0|VcEpU$d~WFQ!mecOR|*hN!!0_}Uc^CdVFSLE?y$Hbk# ze*yIb!9pB4eA0x)_om_N|pkGn`iLsMB*<>=@b+Dt__ z1c$LEwXpEfBo$$PC-BGC9ZU*m&!S}h!vA0uqp#V!x`Oe3X={6GkBwN{V}2{R>A*&u#;pc%Vkv@#Rb7W5F>HOa=x91xqqNQ<#pBEb&62L`y|) zMF-uwjr2myn1?3|bevy5*YC_TdIn7*QAJrfD%{xh@xwODbLSW$FP?RxBe;>9v$NhZ z>;95)9%2LN4;vkwoYMh<2Q5t4Yg@(mXx@^Qy zBO+dxwd$Fe_&`V?UA2@;c1FhWz&GoA6A+q0K|rU1XYk|u_j1&ZA&GZe2$KZn9ah08 zPNo$uO+7t-fvR!)32T%=X1Le~2cFHFP+R!pYM84G4`W3L>1q|-h4>b;f|7i>tRIf-p&~6*xZ*Wdv0mB?OZFHCv~>gciq^DF`%aBsF_eNLF?eGBGp{ zoPLaqbl`($2dnyS@-T%Jq3$D|-qO;7_i(iv-((h5DJd-th>1ROWXNYDI|yy!xcK2; z)=<<=3J5GiP5@904c!hIj!+ZUbXC@C88c3@;^L33C5Wloc)RtHx-leZoqQ{Y$Sf@g zzPDtjeVbmtPKFcK)wNfJj^IHl6l-(!Di=HZ&-szl3{#t%fd`s?IX^d;)5q=h zGoj54H=Y0a6X7G|8+)t0rCKkd0=|IfHr192BkUJVsKS0AecWW!4wB$V++1@EEA=BR zZr2Jd419gb&D|Z6mvNOxlmZ8~C85O%850TDrCmshj6fk};$_D0R$c~S()ua2)s83? zSaHowO*37u*#3RiH|!8Z%a{@9g4OLZP zLBU&s8ibIoq~IgL^?ceBF|lGh_x*3y*DmJd$Y?31`ZmN2AKcfn1xTDgus?d@#Eax) zWv4q!?hBlTYH9(KjD&e=q@W1H;G3v`;ggIr=e5E$pE;OvF#8=0`Miwwi%s zAo~CLdu>Ms{_|L+`!9^Z+>ePyI}5T6sGvBm6w-y*8y=*EZ9%{$BrH2rdQaxI@hMlkk09)Wh_|sj#b`1o-vAKB=KL_36zfX@zPTRUeB}buSiMu2edv7yP_Pnlc z-$kjd1pAJzEEq2_5b$A-LtUm%*y=iQ=Xh9(zwu4?d!!rRAEf+rCA6;A6zB!9O8*GGM+DZjy|b+uXRqy!QgSIdc$@7z7yu zL&LZjb!fozl(@M-5!RjAuWK;y^7rpwzF;2l8Hv&xFl`@496k%@si&_G*z*SP1c|%7 z4G*V7ZMY=BOmilfw%`cl24CMzBsJF;5 zDnr~CsSSF1{k70dlyE5a3^oN*-VU+_tcA z0z~^y>H?wb*%(%Mc6K&|Isx=e#9I#bITjX^LUBN!@9*x5Oh{m5VOd3G#7=5#RNJ>N z7Hh-@d>hl#YmEsW5?L>IvQkl@4qe>T+lwI*PKM*WylMspYsUVP~C~CPxS0gRO&Na34R8 z%sz>0>=Qn7_H1zbRfuL_rml{TJ9h2*R%MCl0Ni$D`z{t-We-S{@y>kq40A7#G9cXd ziP!Y>1_@tnM8?t|@D8O8auUYZzG9ZZ!h()yW@g6fyQ7yAXcfskv<^{L>(>H}0|Nkf z2iV_Q{&7sKtrBoU(0m+mmlm{}2;T3`~X7ty6`l znS?;Bz*~@O&3$T%JCyefLfgIb2AFtTzTvZ7xoo-{6+-wsE;M zZ0b}_`nUn5erpu<1cZE%BZTq~hMfQhl%xZma=T=0-DmTH2?=;4M_|FFq`1U^7K29? zwbs6V&CbIUR?9GsAP%ak9$x3p#Ud2A0qNL6QE}_Jh|-jQ170;f%3Z8o{A1248yc-8 z?}<>(ohDn5gH1(t4t2Y5OHdxa=`PrOQl3lFs4vOcKZ0-HejZNu=+M9nL?H|gz?T4; z1++#G(AmZ1#uzOvHXm-vV&L{~sP>=ZC4?cuM)PCM=3dooT$gyK>I#F_1QW_oTc5pr zdC#mH$ZdY2;_}L-7!${&n6%49{~KcrGrUCQJK}ws!*pZCw$S!%Y`n6YhqV%7=bjO^hL7o{Jzgy)Ucd!)W z1GxjYZ|6Y2jg5)+r{v)`u;4k?-5HTj3cO~>ZghwFx)7&M#7Oka*RO$eh`u6TuCAd`TvUW#A%2aPbCO%upo{_%;zJPt zF|sSO>mm3$0(U@=k7IRa5kzJUBF!CB4_ycXB!G25TEPVDZ^R1+dND&WbZ}Fqc|DQpllDxfZ4{jdZyZht+OL9q5 zRdokDq*hV8!AiK6C7p)t+zRK;<$V>}s$P_5aSQebW{9wnu&05ehsVd?UJ}4(!dM_t zuU?;@BRl_VfV?=HSSnUK6yJHjyoed404^qq1m=a_?&uL448QtJ!8?^&0!$eWW9Li5 zG*S$iiBLOtStu4pgrxnjoQVmXM~pT=3WoAxx7wyE12ug#ipQO`XwM$o-CeadXOP1r6iEO9SiY3n(M%Eim%!V(w)|hV@ZWQMtZyy?4Rk#(t~IKe-be+Y&Ba7 z>*6pOhX;-SWQ}h2?FC(;blZc1$HGs+=4S{{VWST1dl@y+i%abySBy)Vz~@CX?_sh+kt7f zfS8yM@B?lHJrU>pxpqeUt!P+%fG{1OK79w&d-=Olrywz|da>cij_j8&5#XZPxl@_* zA&wES0alCU>@7M;&m~?W=9(}X*4);Xe?7y@k!0qpK}_#OmPYfu8w0Sx1VlS z2w#H)rv7RW9m%BVdIw4lmRbfm9zaF()D)>#2GS_y5Kcktjx*lDlqYhE;{3nohGYc< z>;YNP(ROpGg+F|F-TX)czVk`xEA0#q!nVVdHUa7dS;v_~08dCLf9l;C$P~zFA$IIV zB$9UxKDplMc)rFczZPFGJ^f=-(@u5^TiYrq`fFn~MbG4@kT%(}#UJGkP4uL(o+$)X4Ko-T9U4FS7Sox&356^ zU+EbB1X=G=%CfVTtvyV|E}^c{NZ>JCdu zReaUC3QS>K>E?jPFJQ701sP97*k1E$4?FT>!CeVhU(7ordT0GI7CsalGV5mwPbVgK zWBzUJ{y>H1Dfc(+&bKj}N4d+!Ou*xck{ zg0|85Bs3%hQgFJI|E*pAd33dGRBKs_eI?ZU)e~c)M@OC5lUI6sxz|*gcTD+#n2}_0 z3@4SAGP5f@YrO#WWd32-)~$iFw1~FQfWFNR&CNkviVhE7T98DCeLcoyt9cGpz8d5e z{E;EF5XYXM|CLy?KcU40@?b6h;v9b{on{>i?*(sLTfGlc34_(%o_H7wK5RI~8P!ZE-&htU^1C)a& zgc|kx&mUUk8+Po7lXU)WcXTU(oix%#;qiCjih{yhfT*8;?^94v0J4_AF+x;nn5U6` zdikd+73M=1a2x^MR^axdrgBL#3Ia=DPe355s;Wv;j}rqFL#rAsupyh58vexEau{}? zuAbiR1ahZHB-bz$2mu|C7;l8qiHtXNrXqxl;V7XMNhedtQz52~r_6wG;Ek~LZdSP` z&pp-7fK`q@E+8ma1{ezM6HQpt=~(R_m<-b7fkZ(eA%yz*TIJ>RUJLN@@!4W|aAg?M zhZ^=57Yu?nKZ-tb84`+udgMFZn>X_l69?h)`>rkDl5PKxMHdez7xfVutf8)M5hAwM z*3+aC>U(#{=w9^nrz)%f_&-EjNU4Ba@kg<>#D$Z=&PRkD>Osd4&)rB`Ty!Em^XC~N zr)c+R*!S-@!}S5bncumOCMYXw`l&p|`UsPoM+Q+U0^tPfTSr`Snypsh{l(4k?JMFf{Z?%&VJ$SAw{ zRYj9WhK`6%2xbbPIEvduM~qipPNseh6anLNd}2Z~RtR9^3W%#^bNtjd7FHiiQ3J29 zgBYqrr0@1^axZmJBS0eP9FUyx$RKo}x#m)!m*L^z==J_;?~3J3%%W^#AD^5={w?~+ zlNIPdP@G|o$2#)oJ$q&j!3QrOb#!?o6lmFG`t#N%Ym(M$URl}Ac$@oL8XnMLe|i=- zmWzuENw#=F^PrNFll|rIx&&xEQC%Rc;<+c_)EL{bUte+Nj`}`2igBt7z?5hc`-HFB zUmcj0;NCR#{IielU56-P`9^X{>MI>9?y5{G1tyA&rJQRDKSY@tt+xv@iJZH;)%^Bl z_t)K8WKkTK_u?4^3UYMvcSMf2#SA3OeHicip}LzQ)>!;A|6^EoKZ1rwn)@BUf5*-S z!v0C#S1B6|OoG(M+ram(Xz-|Q>$rLOJwKp$z>GlTZ_$DDkR;`LU!Ep}sKBnUlfl^b zGc!NNFlTS?C?0hs0mag97Zovx(7@o@OYd* z-FfC!)*HC}cy`0;_Co=X zA(?4{VA(;7$HQ65SF(GX-mhN*Ny7u9&~Hi0(JmF#)lo*3+}*7YZD7lmEsz0D?U`Qu zPL-&!l@-_r?liJO0Fz%3s}vQ5WyGtW`?SRHNLFU%!^lX;&LC3Y%6A+09_+OgU`7u0 zz%ENzb5m1O*pwrDQy)hz)z?p%{_+W_v&dIa2-0#0gX4xRinfKFINDK!wh9p&8U-8x z!1K^uxl%S_t2k&FM#WP_CYQOPbi?TOqdY>mkgYF>_z!NCqJjeM#(`6A_E5^!D_&-p z*L1q{ihh9_?x^?D)nUMOR*?$Fqsn(PvCpXywlaheq!}lSMdhi$I%4CLkAlFycme$~ zJu}ngZtj>WsuUmyR5?82px=L>u;XhHOf|3`WZ)ckGt$(7ibci5SelvLDq);0Ott;+ zSp`q?8naoRIAz;gh{BH4P-5K(5K%_^yrlGAcFa)p75M^q`7D#hG!;}L3ho~ zoyR^vG!F<2zyg>zA?GymS%1WKD1&V{u9kG(M&K_&1B@JUC2RqbCx}2fJ}ocrwe=QZ zW}4Yyd>&9(Kya|5@9(gXknZ05)9Wlpw2cQQ4&L~=#|XFsYE0OJ2fh%sFJI>H(UO-Z z8=64C*JAKy*V+$23b$uVZ#IL|4!d<-tQ6hbD!7mVR2Uc>j0bmJ!Ls55Dq-#dmEuxY zt$n~8UDgfyth%&F<9o(MgYTT%%Scln*a6sXq^tnT#3;(Hl*^B9^tpxR-TU_S=TMB=h`3DZJ^j6*HjJd4{Js;-5x%?{fZmzJWd`YH_`)F+F$JP($Ld$MV_tS z4r+erkj7|^z-gwoDtM;2TYv_TUcoN0n>^j!f4eYnM|~QxFC7})`~pl}GToJ#o!#hp z;nn`{H=TRS5E9OAe@j$VwSIkjD?WGTDiL9KRA0;_W}=Z?zs|(SNTQ7rH!0ZR(2=Sv zrWr+xe7`p#KGAYbWYEMrp}1paam!T5s>Pltm3OkYatwNX1}r;t-K5_dv*3_pOG=;( zq80+X3yO%m-L%^WM+uE1ac1c-;`y6v6SAxiV$kC71QaGF2pG|i9)V2aSznmI#jB77 z+5*bS8r-^9#udfB=3AX0pq~#sJCyQ>PQKJc#8=iA0Ie7ONf2UGv*c+ z>ZquELR7e;LzIi_8;;XVez*(RgtwO$+B?PprEIGV_4SwW)HQ?!8A8A0Iojz#smXZt zYN&~}4EqBL2Kpq#&#=wH;gdpiL=+}W87wR34y?7L;jrh;_?Ka zLsaZYPT}9V{E>HaFziJTeJ4Af1Jm0yw2jpgW(kRG;Pm5Je?ex;Y>^2r>oXz@i1XXo z&A|+3*|)FATA{!7(BGG29*CFR>)x3Ms*D#B@s*UAY{uwZpR_`d8FSb>)Pjaffml3cQ$@d-*S9GrQ9Rl+UC z*g;51d<>;0HhByx;a@m5bDO@i@dQ@DD)_jZ957IU;;krqTfZUH6-$ zMK}$GlqSe`{9k>&30RGL`2M@1Ns?ts#ztk9If-hOgoF&4Qjs}{25lNttHCBR&qImK zA(Wy)QsxFKN`nj)8Wf`Gd|vzaJLmde=Q^irU+leUwbuK--)Fd=`@Wy4y6CwdK9v62 z`zSRmeR&U6)vAgLaX(9Y0yNnduO!7b)#Pq_{ANbyaus?hKMGWE1UT0j{wPM%)kkP> z$WL?U&g}-dp=(#Kry^l?&QUKc+#|^1ehmT=yF+CMJC;@~X*&aQXjzOg>gi;~{Z6Ko zx*DL|g8;3!|M60K!_+{9^mK*lJg3e}YTEhgd)*YPgsgCKYGBY$f9Bu3N!^R4lW0xp z%+&V8sFl;vUu1Xrf#CXbDG2c}^!?*rZ7<3${KflJeGntBi11w}p zj6m#02+nmGJrq(#BsV|UaKDe5+M4CdN9pIw**n%2?Y#?WhE8tJo|k8=fRbtF;;5!E z&8fS;PN%Cti+lI(WJT5=yo4&4f(bTEtNOnyGSxA+v9VaWQm?7~M4Q>+{YD4-`IX#Q zIMk>N8xJpt%|OWiJnf;@s~5Ki*+E#piFuD6oo`ZE9oTjM;}cA@NbhUb46NC$Pe)6K zal7ytT8%r@UyQiM9Y=Bj(TUtqxPP?$^%tmxM-Cd)FbNNkZ zz+#q#?cV+9a0ay(#5v(`mX-OBn4mO9cmK3=HZVe;CayhI^6=4Q-=9~e4oR3d_+yGp z$(*xE%~6G-fy0LRw6*$BBEVrF9n7_{ne5w~>2pvL0i+51$lMkg8DtF_MzPv3MVkk+#f&qk<$&IGSrT=AFv*#L*C5$@-LF@Xwq27Dq&#btykdKF+ce$07a*`X- z*p(F0c=}S{+6_yYFX0zpKDAD+&p7Xz(%K+}_wjh8B^h0?cT`(|!ywE#ybd61;M0K~ z`0Ja|#U3hMci;k2iOv*K>zXxd_?72V)^=h-7gbdOKVX8?-`MwF`Q>jmw+N_!AOg?a zD8<0hckRuFdL!j245yd z@dX?K_QpFvOS{H)iV5v>X6715we+9}OVp9(K>Sbsv94?g-$rvq>B9(r(%o}NH=bHw zcJf?&-G=drX4KWIRG+@maKJSueS`mHU?ef zk&$OXM!6gJK8{M3M9U4Sb3W6QzJs0u`>lK9&g|LKd1K41Q@g%?O7IRc*Sd-+8Dmh` z17vr4`gr$Bn_25TwwpTZJ83osJ2PO2Y+pG9d&<*(t#7!7z-8tc?UJqr1lWMJ@^%TF zwEyFo;*I?~|8u7WA+1rJaUZ~4xieIrNSadJx9uKCe@v`dnCSTpcG)&BrDaO7)F5^b z^5>^cmuB@mywL0E^!MYRCR{rHW|PzS{EudYdqOh9Y{pVokN|P=y*3W>kFY3>1+d%4 zgUZNAW%ub7Ac>J?qW1oeozvE9()=@n6bi;6L(oP*Q>6N^oH2vpD__&5O#`Cs((kK- zCt3}NL!=9EmWJk`TuIo)!MN=a?4?5VqWUWykmU{Qru6PC)!Np z;el}*zuj_K6|KE(vt1I}y-lB<^}>7#$tzGfp{Xf0*Ir<8LZ6m-Tq^LEUTrFA7${8Uzd*PW$F+P0Q<-4{&Vfhx#6a5Et^_hYb%q1-DCG*0DpUPAv_U`w{I&X#_5t`TR3(dE$OkYQ~K9 zd88j?9V<4ul9#stVgV%`rp6{plA(hSZY@obA&1ZeQl2#a`BPmO*ZJoQ<$mq%sRlS6 zK}=00ziHFRl0z!8Epmh71AWIZr9d;|Lo8s@rfsNNyNBq(k>E5jFQ=ZlJ!C;g`5`jZ z(|;gdqELHzbaY7Pxnk9wWSi}dv9A*J4G(6c0|qN$_fUjC@lg>R4IfHNWC*wK0R7_z`?+qUwcs8ojm z7ZzDEH90u_+xZ8jqNkaeYD92&uvGSOaa$;S5rF=#UC>2jmPexw{}|CTwcdEV1tQaA z-Z|>4A#S{N{kp-H>J#|73L5P${u`&vjuq4BQ6j=XifnJn+ysuo=&@r7N_7BtN*y~g z=RJ!Bnfp@Fc0X!4?%+KJnA{d-u9}8@YgbYvAqhaWPooug^XAs(#*xBHOSW$@WA3ti z{Ws7UT7YUml%%BMXV1QZA%ehb==ZM;!v~`E_2m<%cFnU@zw=M*o~RFp3nTpfrH)4^ zceqr16uLMUKEWge7n`v*KpLU$+nAb~S_ZVpmDDpFnDtWDprd9UV?vS{es$oRfc%Y) z^X0v@FI{R#+_J49-go87A0eI3$;&5{80usV0n<_G(4iNn8=NR~w_L+pPWkg^&(2$) zOrWDC1OpTEsk-#*UNJsAs9`a)FT`Q3txX$2j!FF(4R{XIOwky3YucW5qD9$dPZStm|Ku1px)bAq&&a)>^pnM1-A>OgE?2o(RNJt+v$E_qhej0M& z--r@4WuHAuAx@#LD~4|;c7PLt$Mv&)v@5vwW_MYW5-UIbl-Y#klCzv z8%f$5&_wWaf7aDa@TlruG@)M+We9F8+mK5GU{I!|wa*N&O!2)MsEJoFeAtx1IiEh< z3f*Cve9J#=)#?=WPyfpWh$RKUJ6nMZ%$YM9mZtK8dW^ylb;RijZWfTzm}p*KYf@^W z+D0+n9PHtGo`H$Ja{c%3oEzq}IB06`FY~MqH^F-(Fc5r)C}xBR zim4LSu<&rnHLCXz>8m-vy(L_HMlm$6!BtLX&pR78V?8iMcR%eR-@8Lap`jfYPUQb9 zca||I0wqob@p|@rw>6tLZMwUq<`g{|FVVTLfr-1pnP?3N{EBx3_~Tuo?UE%ECr_sE zIaT2*a-`+PI0YBL+n|w98|eumwcFW`dlef_=vG%3GAN z8k(@iQIyTi%VS^&+4(h1Aj5}8t73QTR`m9FFgm%8Ieum3o0?&Fku#h;aRRZ(`RM34 z43WG}baDqWxpepLIX&(4hvt>;K_gUFjM{s3n2||-XFNxe9Mj~HB;oi9(#enUHk~%D z5=aO@U65S?F_9Gp>FG^%pM7RVyYL{IF3ilUs(!k~H9%EhOy09c53D+bmM}bE`!%4( zs^`b=o!S+Z9p&5NaTyBX_!UR2#<-j)e08zDX;4DM7tR9Gg200c(#ZqgWSUJxH^V{sq*;j4{%m>yoJm%OaL~`dwKPNB?`y`<)Y8~Z zXMbH?@@v~D>LXN=9;3HEHqXnumK(k8$J{k$`MenYc3`wdORJuenk;BmYg0)Zg^Pl$ zEd4G%t_p^|zw60lN^p<`p#M}|U2NYCK7VU%T4zc`vI<5UUt`v$I-EOi0qnP|5q1Mpki<=iSGR#9p?>~cZOsSZW?Ny0Pgu|%p@_Xx0yd*5OjuxJ*PKCAihII=~hNf zoaXoXdT?smy{2;^eS;m7o4-Hhr~}hcP%92nRMWT8g{J=g%A%5P{X$bFA`OM+%_N>V z5#h@I7ELdL8_?%4b>mimEl&R1@?S$gP+cox$sGO5XRz-6yG*qhVWFxWg+&AN(;ByS zS>3F3Z{9qnzdmnyWcw~&jJli4Le!xt2(CC#%y|j|QZq92w6r46olAfIeAwW@|5muB zw3YrEs$*od)Y3AO6$X3i5%t57vx|341@s;{a?Z?|DTez*sjuJuyJ)fDi=(m93KQ8= zF)=lqT)=URU?ZZVr@9-MgcA>iOm3w+3&#Ks4{y9RJ^y9UfxotJ*q@m$Sa4@VJwPsh z6EKG!k^z9+^dSK(ERR6URZZKZPNm2z3T+ z4_fm-0{@jGi(i-(&VOc0mwJDC*28@2NY_Tgj*LH3^qt`n`W%gljC`M1lSJ_P#_|fz z{>6DozE95#VKA3}ZAw>)E$=_`R;(WHSbXoCxq?=KzVZ@`dH}_fl6=t=I^UJGf6myR zdVneKe_ril^k?thvnTG(9bLm~ehzB1*!LrTrf79YYmEC$Z}FKZ+)+u1jw0D5m~?~j z6_)zogFjIk%N*k>3_8vH(W2mK3O9~>YfSRp-<{EqF zQ;gkcp4hv0YsNd*Y8!_8rzJ09hd@;J8m=F>t^N4+!H(Snr++gPo8#dx)ayC13x1w@a-YoJgiHFDQy7DDK(#DnkMx#f^+_+&q8u+KEDKRG%3Qb zx@dxCMD^gDcC|hJPE?E}T>tEXg5rk{15zA@FKyhPa=F`1zu0iBfIwGT|8Y?i>FZPL zam*M3GudmxR|B_TVsGFHrhiCz{ACc0boKIBURRlWjFy&g%VCe2J&-0$q-H=pLVo9H z6hKm^bK&ecxR&SM4rdx94d1!5W46CYB>w^=0=73CW|W?BYqGUCL?UlD?*vuGXaS@J zhk-NBkeBmk*1+olrlbJRV;ON&F9ZkqjQ1fLKeT) z6$Ou){9GcIxEr3V5N}U`AWrV?Guayh>^~G4ZH?u7e2>y$wh*iDP3109I|hnzu%x-7 zdF1Y6bD6SdSMRa^rY|qkX2S^HNq+|HO2raRuI&UEwPyv7_?8ZM;n4hvNGrA)k<1ww6zf)~#6K1`!%l9%cq~;I7e-UeD7>MMZreiK2rFQb(#)!}Jtt$AqknHm7&v@5K4EEls6+uCfg_riRChbe?~0nr zX#};2KJN2CcH081bjw$V^&UH&A`bQem(4j&+*MU|)ykExUF5+kQTIWtiYqBDE@ffR zM8DQ%pej%#h$)=mqZOedk$Klw6Gs&n7n7Qq1NO6ja9Unu7J`zKk^tQxK!I2SJWP-P zl$;n>>q6%#sbGdgZx0WIfh9N<4{C}%bc~gwj=p=AjFSx92W~{k)2Em9>b@4;t>+FG zB^qsq;LQ?-!G?x!Ia37Q@BplKZ>i>h!uqwTN|Z`xSYAJPaOH?)%Fed$?=xk3v}=lT z@RyVjSw(l^6CepsrE(f=1}8ar)$`ufmjR5iltz?9RArj07{M(NOtOCe-ek}h;D_;! zi!SBiPv~|yPSC#O?|1lbybupgF*)g?=_isuSAd6_<5-foWyFD13L*`urCPAhJJzXu z`SiS)J61Hs`9WD*r{&E1N>dZY0M8;o%053J6AIOp#Qq zq+CRSM@LC(R#lOGN7iC%hta8&7HHden2Ly>D zfoLBx*}{Vf^aEf!s5`P>YvZqb!H^E`v#Dq@@~QjncJ7esJa2{VdrrXFP7ChT*ppzP zYuHyLGOh|4Dor!}lGpO;*FS%jmn4Nflt&K5YvtljMG8B2>C)E9oB_lrqP(bfkm=Q) z?L?)s0R6boI8w#N#U*e3fl^0Hz!w^O8ue@!tOb}{yq$ zlBKCg^p23FJcXVuk%mh?u#R?sZ446Yyno!qbRwvK_kT)R*$p_AX8-F92=QRu9TP)#f4A^T)xv3aI1IK*tVr~am zTOZ2H12eJ;3OKi8UMWQ{OZ40T_(>_S39at4XSZ$-xY^K7WU`&^NFH_Szw{TRT)0SV z!9j&pp1~(!gAh`zk>CgLHZ`Pp79$SC#Hj`IOvdNCTRa#LAx7;YVOYY6;n&7|YisM1 z)&Q0{Ac|F0>!h;*3btu06Dfz=xzeh)Du{ zR!m5Hf9DyU7?1eSo#`-A`_()kaJYYsS-*OSUv z7K)?r^w}%qNm4W-u&ZMa1Ik?X_fRduorF}4E?rod^4BDX@@}&N9;QsE=HNy%c<`m% z)&v3|K$w^PQYvGR61kU>gkzv?-oH1~bs}Eu{I#h+t}z=BF%}@(WjzS`A`EK&LJUgV zlh*NPE-qU7B9)Lp@yDm-^4eVF(lWd;8For%V+HE%&4whFc+f``$p|y9Iq6wztZx9g76|NXbEd4BzEpK7@tPMQw2jo;!*1S3AJy}%4@ z^mZx*9?%&Oy;03goNPbJ0BSk+@pn@b3!pe20wdsMtw>E4)SfD#BKWY?swH-IV}HHu zGho1k=AFlmeVTuHm9ne;!vGF`|Nj}68P(>`x3SrZZB&Z=76)3B;Y;oe9X*;tZS=r_ zYru;sBTS4No9~VrF=A($W4C^a62+CPdum9lswR(An`^OqjE><68M#I1;oX=>0|nuR zVxkBrEqLS38{GUz6le-n0AzcN+oz#)^(YMDZXG7ETui}hg)<~v%oXHJ+W2HY zYs>s>!g*UoMK)$;GnH1J*|}ieg1pTJ1z+C~!2DV~P^_^%!QcAu{zKEJoCF-cAW#pudO5%%Gr;?fY8HoxAhg$IuCGt!n-|hSK zG1FRLTE#{;*a{Zm0UA;Po`IynX&c8P5i4CLfLo~;#=H$*qADL)`1z$rNaval=QXJR zv@I^+vaPz_1)cB2{+EHr*Fqq%t{zr0I#;f=%Cc1rQhzGH(ZW21kHe_ zWb)A|j%@q8a3S;Rvin_3l^(ReDHa7^zyXJ8R1#b(>uBsA9SBUW9p#lL|M+p58Ttfh zA1+Fx)*Uz&5%KBp%dfTv4|;@!4U1jfmZ)U2r0`6X&gh48#j?Vin2qLzgu%!jECc1h z^?&MD4U}ysk5$`C8JUT?R!8s;!r!T(sYZsCgD+35?Ch$>KDUd5TK$wZFSW6`a_0_c z^rzC)A?^EiP!F)5BvRHSO29}`?9?g!uW6CLzo1XxzNd`O{`=AHg@wr+f8MK9|I+0z zNP@g<#Muc67IJcyrmZrYy@{qvJ*a9@1Rjx zKI<=EsuF84XHaTL9+Vkj79P+nTp#%fy8EdZDr#!lDsu(a8T?CtRN)~hnQdm)5@A+Y z*IhR4`p%v&l{(D%UjI~nGR`uZ-aT{%D%ymdTaroI*j? ztzS=3iFl(@fEZL}^5pdi#*F4hAKg$>@)>U6>wG^rJIJ`wf-jOZG^9T!MV&cQ-nDCZ zfV+zD)~IO_M>aP%(@Qc;Wl;VH7riHsA9oR6cfpGCwkVBBME8=U=PnyIuyd(f&z>2b zp-b*jpJ9K`^7^g5xfx9cyjqO{*ziAQGvw%LiTxk;V-= z%fab(HPGRn!ribvxkrDO+1c#wJ*I{~K5+iLu5RpnC|YbQ zfog1Fah||3Vv%B$hW)F~iy+D>N!qu(syjaZpNkjU@=hEb|FTtdp7I#Y-wE{DGVq4OY*v z3=e3K-LYj#gsnl}7vDeT9yrjrCM@pSwXHc(7+~dws>p8lr(MAD><-RwqmH8V5=0av zEa9%UkGgTAtTc6l{ow$>9(*#e&rsb7dot7Mj?G00n21F3fNg$Ho;1XC>|hh#|Id@5 z()4xYidgD-snk37z%h(5f{Whw60grD3^7-?vJ=`QpId1lDQ-jl&|8Cld>j{+@ zI}EY8lt^TaKE8eR3Zv6;8;fnES#M(X9y@i_bQGE3(bB7TZ-#csn6e*|M1VVeqoKlR z!aPGRWqZ{Mo;k<}aW{K2z{@Wvu+-X%BcINIbND{8n1z)zwpNOREMpqB4wL@jBtVmRT3;om2YL?5+|ezW1+ljC zUU{D_O?Xh|0I*-wU23lN@k948wFnh}$RbK%ICZGtTPa%sY9Y>Sd~-9%y6s6*o=DM< zlMc_REUibV$_IN?2-mKy8a$XQIro011n=S2mL*=crrmq2<&}r3HWjAl&vA2GZ)S#B zl=0@d;fTaC_Kfa7`PmxhW?#H$!MNJ@>MUxnp{-rc%u47N*RN**6v+~P(ZMT2ofX=f zy^EgpTF1t?yXuz_I$Z<0N7-)OI#qs_>7(8Kp1NrV57*7xIq6MHWJJWd`1pNWdPpBT z<7+c+bUoQN^Ti7bMR>qW-I@Bz?C!MP7t95W`yW{6^hO#|IB{%|nMzKHNs?1Z(a0?- zYIr?yQnH+K8YR(=-IDNzfgMxlhSN_|fpNrBQXoo>ZQnL<;Qq%s*}d*KJzm#!2d&_= z=1{2=EHA%KM$n`4ngE5tj*AyBrj=QC)2YL&ow5NJPy-kkG=gC;$V2pvq^X2^37WoR zcSjn}+{3ZZey9kJ9uJU8Pk=J?Z=6s5Jro(~x4_hJrfEDdwjXdF-R|h4R>&g=nH*}2 zw4JxNmoNRo=oLqqMsQYo-+6;QkWv`8G~^1aR{s8glAbrk#oeW8WzD~mO}+O8+`4@O zHLc-!4WsBW)b%aUOb7^ynj~$ec36?v^H7$)mp_xi2Vsm4S^dX_3j?L$(EjmCJ2c#G z@PHp$fOf=jN2f16BDs_A+-zwjioiuy9psri;a;|u|avGounWA^UeqoO2!Ln%G z*xW(^{`*^dg)>t@&6p+%j#o~jSfB$>Pf(wI{rb%KIID0`bi0EGoTivd8<-kf6W@e2$#3hUWBf&@W7*8VLGL+i9s5(E z=DK?=DO?DG2<<59)bcuqc@ka3l9qh|wakf>J9GeUb7vKh1ifBWh`R3)qknE9H7n6m zI5U?y8fN3h#Bi|KE)tMM%D4uc-E3^M49AEbnMCIbvTj>=7!)Y& z+qLtGK9^fLZ!jpo-z2|QZyc3SU=RbkNXTk!zhC-+RKpp9lkLCp+lM5!SmgqT!Io|& zk==`>fd!vqm!r0n;E(KwTnwu|>7C!r)*r@;6hqSLew7qm?k=nO>g^Nnrg2XT3J#cS zu@OW?!7Mb8H6qWgXKY)$c0$64x|7CjdLi{!ZG3|_(ZIVB^!Me-pgQAr4%QJxu$J?Kl%Mn+QX<4?g; z)b!yoQN9Pn7eE49ya<(!%0+!tsl^z=aaGI|vD8pb!%wS|vNGDWQFNdxA@!7+c!MB8 zxhEsRvW=MqjNhjdSKG?e${#&>@*BEQ&K=VwIJ!W_TaE?cbK}0W;{?~z6pZ+QHc+)d zn&+m|^8RNX4(?ZtXY>C3_-Fi6GU8XK?=R5tT#k;$`Bqy`?-zH4DyW7}Uh>u0wyi1d zyV|LMg^L&eyz}gEXegNXpdIGxTwJWJeNoUqd-e#gytxCr`&)9Bff5C^?Q2#EmSDO? zp5TT;GGU_jg@j6W<|$eC1l{cWG{rpSh@7;gnNFjMTSkr>hXyH@T~>tSqt8w$qO!w9FQb0?HwKM+p_)&6^5WieewhybK1mkE2wrrI;0S{80EqcNaQ4a6E`_FshER(mgQ| zvXX+*8UNip%7i|2ovok^Qt`p*L=U^`4yn*arBeAnH(W%rp_uYU(Z_!LG<*C#h0(d8VZyz8&D<%H z4ZR7E=ytf5Yz*Z|W5Q?HTC`m=D1AAWE|3xzAPguf@`m-v(2H+K04XDbVH1dqf%%mC zEQA`c?=Wb1_;et%e!&?PKGpxC>CN>`#xMuUlPkEQT*FCs|7E=ajVXMYE)sBQ2>uBP zh)@;@^PTR!d%xZEVuZZ7S1Cl%x)9CsRA}`c~7o^tx5aH-%9Z7KbOVcC;=#@uf@b`JsrZ@cg z`SYuy-8|Jz2uaK(?v_A9M0N*cIRQa6hmniHe6PrEw7oK`zU%lql#M=Ua1R`KMeUP# zH>7aW9q2Q-b|@~tJSbW*+*2F*ZDgxA%7Z6Y?)7_R+(Kip#?~%}VyF(@NUVN7D%pALde&E%;bH?T>|;y``RY z<9_0tzoZJ8a&j|8 z23HUn%-RhbhWQdc3aN%50HUo4Sny0FsvYK@KeuOt9Skv&g*pxdJRB!Z>{4em4bBY5 zu@7TGI!%E>(`mEflb0_A3ER4LRb=wo_d6Ol;g`t!A&gHnFktS{tq}VQs8X^;~#dH{o3K(=?+zXi&!SIGF0cn{9D~un(gC6XeJMaK32Rtb$ z*Qg)5c*cwL*TA#Bb!*H$!*##n$4=YUv~FYKlTPP{ySK>Q6fZBGHJJuPT;oqjd*H)5 zn+k{)qZxm&H5VZjcd00;a@b$lprE4TmQrXw%*d#BX&~}phuwels$DRyd3$B$at^br z{!x9fAuzwtcH+0e^lpjAE`7GENI2>g?!PbRA)Glv0bh-AJfhq~7=T;3#$1;FXjvKk zCg4Pg2_&--`f%z9vt>CdA!%$6qMZ}I&?fz;n(yg3Zv1`fWlA+}I#}Ph(W9HH6Kl2> z&g>&f2{HT`X{Lx}N-N`cViTl~qP^Him6RBR`w{&ABThlTkx*I@Sb*fVi(za$u$_p5 zF94O$Eo|Nl3W^+UWOqxwS4Xx`yjSCT&=%YPY6CC!(F%<+u=wz7r>w zV#^rph{j$~(_1-6G68ePU`G^xhr`3U8pis{JDItX{a1(Y-AlQiIu#EV2Q~axD6?xz z`Zr#tj-}6SY-A)?W{){3E1$~kd9GmKyF4iGXAc{Kba3cUuwwz5T-L_am6Uzc?WI(@ zdzZt7t5=02^W+J#d^1ofng^cE#5PZq=LAJKh!kVAru-52l94}QGT^pnfMbD>(Pzxq z*=7%}&cE|avSp{(!6|=)I}c$d8Jeh#Dz&E2^sA z$K>VbL!2xo4Kt`gJ*=L#EhLBLH1HfSqSVgLSb>JI-f8T*d5P14+r?{Z zt3i7aApQN_ektxu-^!+HJ_1xrB5-|uJ%jMtsUs#%5-dW=yHF3UqZxzbtQkY60{0Q} z4TTuI^WI@UuMTl!rqA`^qVZMLX8Yea@hhA~zPL#UNb8nj!-<^5#pT+$b7N6L@Mw|5 zNYNLHWm3ei=8rI}4m?d&`0K8c_mp174_Xp(mpR-UU8^$N)|S~Ms1f|AB7&8Dk~e?dcz30sEt`U#uW~c!%gJ^c#pG$>&;=Yg zPCH+8?gVN#;*wvOkmeC@Yry<$yW0Kmk#JWi}cH`q)>X#~>wC>5z1Z&@G$>?JV=1sOQ3+kWG znUvqM%BA)jpN}nD`fcirc4OZ(zE{|yob-Jf-qJsi?{Wo&FLs$Ye88Bru_XC%J}Hvc z71B5lQ!izUjB~9rxh|*2{1p$o%z84d)5%VG?O~tD?(4v}lvp-h?FQJuq2{6fKV|sM zzn4kF_w3n2T}mHx{P>c!YX|x2j~ZpeMSJxMx09=ldx~7MY>7S4&&Fi-hA} zd~5Ao+x^fZ=&l9+Dt^h|k~}tV1_G!V9ObFkj-PCzU)skL=mgheePuXCz_{Bua<+*_ zx5ZDHXl!h6X4XFKdP<53IvoPlae{GofdRr_~KIA=CNxQ zDt(^IW7(4DMVE)Y{7-{qAEDqj0-iif==q$9-PB+{eOQoMZGc|^kN*A`VHs>Vc3 zPVy7pl=$5KPETNVAyQcii6P_Nv-@u&|7)=svwKRzV`J-)V+Qa!Hbk{*0p=Ar2&=A@ zduL6BJ$Zi{8gXLsr_ks@xegFVT+!sqgjtD8lR)z@>NVFy& zvBnSUGU^PB&fq_My*y(2IU7VRTeqo(SzN|kNi~q$q&U#)n&dk2H^>s0=~&L6e=vQy z9V@>8S1I36TL51OJ%c_&>8V9^vI{c5Im#5ps44TTn4~Ta6=8~!$Yh-j?Q{*2(COz` z<$(v?8Okd19FL3OiHAvW;mOP;nulqpK~S^!3$!ZiPt$}|ky1FsMsOhL5F|EquL!3T zg;d5S-Z1qDn~TXUKaW$2!?Z+h2TL0}Y_cPuL!FG5Own%JN-ya|H4nRC`7d7zkT&Gm;r=?#EnPz%WZ2o?XErigX)-^I!oL7`UOuv4$CjB?#d68m2=W;XZ3$K+yF`vMPRr8X}P%s z0LNYfj*$D9eY1G4{#54G@Tc3Zf1WT zf)Im%6{DJ$E2_N??w%SS7_oRb$I7L4X{f_Qa1)?ttaGW3V5XrS0Sn=%fX^o&R>X^K z@WBMw?J#{k_1^c`Oin_wRHx0W(jb0f=BBcm6(t~TiV-}^aCbOp;A}iIn`eD?HK2ax zHUM~Gto8MulzuUr@g&@xpKf}4DF?aejOSpkfGAXEi<9uXiE<_uP5=MDH`>|Sxg}@f zcpvvdEpEmJMt+Ryz^QSL+t}}V%#qkV2}iHmZ>^H7SOz!D?fTrqCERKjbi5z-rS{rg zuPt%aFUeITO;FGxPxt>1M7l2TbEDQ@Kzds!6c)Mp+eY=7e5B8YnBlKf!Yr`8!AHaA zsH_Mcb^G<2-d8VQ!zPAVgnXbtwPthmx3^=xjSfzK2W|;0L%HbY7K>ARU@Gh3%-TxM z{RCp?#?}4!u@diM`4v2|jU4bDSd>EBRPV#H-@(r@(E1q|c!U6(HVg7cQje z3xC#l1jt8Fw!S-ICzrCbkCkoUKiVI{PW0Ijtw%wOQxwhK3N=r}HVAm%N4qN@X*xu> zt<}2_GAx`Q$Owz!kH6oL0Rs-QVka^(Kzt0_+>NVe;Bk(Yn1zm#P%B+ZSuLr6Ap_7Z zzj4HBRYvsqgbv$#_P2_W_p2MsHKR>SLKlJ65ZNl$>2cTQ*VXMw94R3h9n01iUAx=Z zuNOEpm@!6$hNrZK4=?`p1ymQWq0cNdTYd>`yxTM~Sr+7&_kLT>q!>9S)rgHhoLj^p{zU}{whh?{woVoaa@WVV$#Ole^ zz9^|I9br-MddJ-JR@2~e!I^_ZMdlYv?Bqx)+fSRSKBy6-lf)YNz=%ti@ZrHeVm+lI z#W{zSPYgm2`0rA9CoHY()8DMlQ==w literal 0 HcmV?d00001