From 9373268a71cbc189b0252b323fa4c01d4227199c Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Fri, 31 Jul 2020 14:11:02 +0800 Subject: [PATCH 01/17] Support creating a MHSM pool. --- .../KeyVault.Test/KeyVault.Test.csproj | 2 +- .../KeyVault/Commands/NewAzureKeyVault.cs | 107 ++++++++---- .../KeyVault/Commands/RemoveAzureKeyVault.cs | 35 +++- src/KeyVault/KeyVault/KeyVault.csproj | 2 +- src/KeyVault/KeyVault/KeyVault.format.ps1xml | 58 +++++++ .../Models/KeyVaultManagementCmdletBase.cs | 13 +- .../KeyVault/Models/ModelExtensions.cs | 2 + src/KeyVault/KeyVault/Models/PSKeyVault.cs | 2 +- src/KeyVault/KeyVault/Models/PSManagedHsm.cs | 109 +++++++++++++ .../Models/VaultCreationParameters.cs | 4 +- .../KeyVault/Models/VaultManagementClient.cs | 152 +++++++++++++++++- 11 files changed, 430 insertions(+), 56 deletions(-) create mode 100644 src/KeyVault/KeyVault/Models/PSManagedHsm.cs diff --git a/src/KeyVault/KeyVault.Test/KeyVault.Test.csproj b/src/KeyVault/KeyVault.Test/KeyVault.Test.csproj index b22910daa6a8..d6fe7801ee8c 100644 --- a/src/KeyVault/KeyVault.Test/KeyVault.Test.csproj +++ b/src/KeyVault/KeyVault.Test/KeyVault.Test.csproj @@ -13,7 +13,7 @@ - + diff --git a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs index 945961dab667..69db7c7ef2a3 100644 --- a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs @@ -20,6 +20,7 @@ using Microsoft.WindowsAzure.Commands.Utilities.Common; using System; using System.Collections; +using System.Collections.Generic; using System.Linq; using System.Management.Automation; @@ -32,8 +33,12 @@ namespace Microsoft.Azure.Commands.KeyVault [OutputType(typeof(PSKeyVault))] public class NewAzureKeyVault : KeyVaultManagementCmdletBase { + private const string KeyVaultParameterSet = "KeyVaultParameterSet"; + private const string ManagedHsmParameterSet = "ManagedHsmParameterSet"; + #region Input Parameter Definitions + #region Common Parameter Definitions /// /// Vault name /// @@ -69,55 +74,78 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase [ValidateNotNullOrEmpty()] public string Location { get; set; } + [Parameter(Mandatory = false, + HelpMessage = "If specified, protection against immediate deletion is enabled for this vault; requires soft delete to be enabled as well. Enabling 'purge protection' on a key vault is an irreversible action. Once enabled, it cannot be changed or removed.")] + public SwitchParameter EnablePurgeProtection { get; set; } + + [Parameter(Mandatory = false, HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] + [ValidateRange(Constants.MinSoftDeleteRetentionDays, Constants.MaxSoftDeleteRetentionDays)] + [ValidateNotNullOrEmpty] + public int SoftDeleteRetentionInDays { get; set; } + + [Parameter(Mandatory = false, + ValueFromPipelineByPropertyName = true, + HelpMessage = "Specifies the SKU of the key vault instance. For information about which features are available for each SKU, see the Azure Key Vault Pricing website (http://go.microsoft.com/fwlink/?linkid=512521).")] + public string Sku { get; set; } + [Parameter(Mandatory = false, + ValueFromPipelineByPropertyName = true, + HelpMessage = "A hash table which represents resource tags.")] + [Alias(Constants.TagsAlias)] + public Hashtable Tag { get; set; } + + [Parameter(Mandatory = false, HelpMessage = "Specifies the network rule set of the vault. It governs the accessibility of the key vault from specific network locations. Created by `New-AzKeyVaultNetworkRuleSetObject`.")] + public PSKeyVaultNetworkRuleSet NetworkRuleSet { get; set; } + + #endregion + + #region Keyvault-specified Parameter Definitions + + [Parameter(Mandatory = false, + ParameterSetName = KeyVaultParameterSet, ValueFromPipelineByPropertyName = true, HelpMessage = "If specified, enables secrets to be retrieved from this key vault by the Microsoft.Compute resource provider when referenced in resource creation.")] public SwitchParameter EnabledForDeployment { get; set; } [Parameter(Mandatory = false, + ParameterSetName = KeyVaultParameterSet, ValueFromPipelineByPropertyName = true, HelpMessage = "If specified, enables secrets to be retrieved from this key vault by Azure Resource Manager when referenced in templates.")] public SwitchParameter EnabledForTemplateDeployment { get; set; } [Parameter(Mandatory = false, + ParameterSetName = KeyVaultParameterSet, ValueFromPipelineByPropertyName = true, HelpMessage = "If specified, enables secrets to be retrieved from this key vault by Azure Disk Encryption.")] public SwitchParameter EnabledForDiskEncryption { get; set; } [Parameter(Mandatory = false, + ParameterSetName = KeyVaultParameterSet, HelpMessage = "If specified, 'soft delete' functionality is disabled for this key vault.")] public SwitchParameter DisableSoftDelete { get; set; } + #endregion - [Parameter(Mandatory = false, - HelpMessage = "If specified, protection against immediate deletion is enabled for this vault; requires soft delete to be enabled as well. Enabling 'purge protection' on a key vault is an irreversible action. Once enabled, it cannot be changed or removed.")] - public SwitchParameter EnablePurgeProtection { get; set; } - - [Parameter(Mandatory = false, HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] - [ValidateRange(Constants.MinSoftDeleteRetentionDays, Constants.MaxSoftDeleteRetentionDays)] - [ValidateNotNullOrEmpty] - public int SoftDeleteRetentionInDays { get; set; } + #region MHSM-specified Parameter Definitions - [Parameter(Mandatory = false, - ValueFromPipelineByPropertyName = true, - HelpMessage = "Specifies the SKU of the key vault instance. For information about which features are available for each SKU, see the Azure Key Vault Pricing website (http://go.microsoft.com/fwlink/?linkid=512521).")] - public SkuName Sku { get; set; } + [Parameter(Mandatory = true, + ParameterSetName = ManagedHsmParameterSet, + HelpMessage = "Array of initial administrators object ids for this managed hsm pool.")] + public List Administrator { get; set; } - [Parameter(Mandatory = false, - ValueFromPipelineByPropertyName = true, - HelpMessage = "A hash table which represents resource tags.")] - [Alias(Constants.TagsAlias)] - public Hashtable Tag { get; set; } + [Parameter(Mandatory = true, + ParameterSetName = ManagedHsmParameterSet, + HelpMessage = "Specifies the type of this vault as MHSM.")] + public SwitchParameter Hsm { get; set; } - [Parameter(Mandatory = false, HelpMessage = "Specifies the network rule set of the vault. It governs the accessibility of the key vault from specific network locations. Created by `New-AzKeyVaultNetworkRuleSetObject`.")] - public PSKeyVaultNetworkRuleSet NetworkRuleSet { get; set; } + #endregion #endregion - public override void ExecuteCmdlet() + public override void ExecuteCmdlet() { if (ShouldProcess(Name, Properties.Resources.CreateKeyVault)) { - if (VaultExistsInCurrentSubscription(Name)) + if (VaultExistsInCurrentSubscription(Name, Hsm.IsPresent)) { throw new ArgumentException(Resources.VaultAlreadyExists); } @@ -152,15 +180,13 @@ public override void ExecuteCmdlet() }; } - var newVault = KeyVaultManagementClient.CreateNewVault(new VaultCreationParameters() + // Set common parameters + var vaultCreationParameter = new VaultCreationParameters() { VaultName = this.Name, ResourceGroupName = this.ResourceGroupName, Location = this.Location, - EnabledForDeployment = this.EnabledForDeployment.IsPresent, - EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent, - EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent, - EnableSoftDelete = !DisableSoftDelete.IsPresent, + SkuName = this.Sku, EnablePurgeProtection = EnablePurgeProtection.IsPresent ? true : (bool?)null, // false is not accepted /* * If soft delete is enabled, but retention days is not specified, use the default value, @@ -172,17 +198,34 @@ public override void ExecuteCmdlet() : (this.IsParameterBound(c => c.SoftDeleteRetentionInDays) ? SoftDeleteRetentionInDays : Constants.DefaultSoftDeleteRetentionDays), - SkuFamilyName = DefaultSkuFamily, - SkuName = this.Sku, + TenantId = GetTenantId(), AccessPolicy = accessPolicy, NetworkAcls = new NetworkRuleSet(), // New key-vault takes in default network rule set Tags = this.Tag - }, - ActiveDirectoryClient, - NetworkRuleSet); + }; + + switch (ParameterSetName) + { + case KeyVaultParameterSet: + vaultCreationParameter.EnabledForDeployment = this.EnabledForDeployment.IsPresent; + vaultCreationParameter.EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent; + vaultCreationParameter.EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent; + vaultCreationParameter.EnableSoftDelete = !DisableSoftDelete.IsPresent; + vaultCreationParameter.SkuFamilyName = DefaultSkuFamily; + this.WriteObject(KeyVaultManagementClient.CreateNewVault(vaultCreationParameter, ActiveDirectoryClient, NetworkRuleSet)); + break; + + case ManagedHsmParameterSet: + vaultCreationParameter.Administrator = this.Administrator; + vaultCreationParameter.SkuFamilyName = DefaultManagedHsmSkuFamily; + this.WriteObject(KeyVaultManagementClient.CreateNewManagedHsm(vaultCreationParameter, ActiveDirectoryClient, NetworkRuleSet)); + break; + default: + throw new ArgumentException(Resources.BadParameterSetName); + } - this.WriteObject(newVault); + if (accessPolicy == null) { diff --git a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs index c0f8a744f636..c43c9b1ad908 100644 --- a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs @@ -71,7 +71,7 @@ public class RemoveAzureKeyVault : KeyVaultManagementCmdletBase ValueFromPipeline = true, HelpMessage = "Key Vault object to be deleted.")] [ValidateNotNullOrEmpty] - public PSKeyVault InputObject { get; set; } + public PSKeyVaultIdentityItem InputObject { get; set; } /// /// Vault object @@ -134,6 +134,10 @@ public class RemoveAzureKeyVault : KeyVaultManagementCmdletBase HelpMessage = "Remove the previously deleted vault permanently.")] public SwitchParameter InRemovedState { get; set; } + [Parameter(Mandatory = false, + HelpMessage = "Specifies the type of this vault as MHSM.")] + public SwitchParameter Hsm { get; set; } + /// /// If present, do not ask for confirmation /// @@ -180,9 +184,16 @@ public override void ExecuteCmdlet() VaultName, () => { - KeyVaultManagementClient.PurgeVault( - vaultName: VaultName, - location: Location); + if (Hsm) + { + //PurgeManagedHsm(); + } + else + { + KeyVaultManagementClient.PurgeVault( + vaultName: VaultName, + location: Location); + } if (PassThru) { @@ -192,7 +203,8 @@ public override void ExecuteCmdlet() } else { - ResourceGroupName = string.IsNullOrWhiteSpace(ResourceGroupName) ? GetResourceGroupName(VaultName) : ResourceGroupName; + // Get resource group name for keyvault or ManagedHsm + ResourceGroupName = string.IsNullOrWhiteSpace(ResourceGroupName) ? GetResourceGroupName(VaultName,Hsm.IsPresent) : ResourceGroupName; if (string.IsNullOrWhiteSpace(ResourceGroupName)) throw new ArgumentException(string.Format(Resources.VaultNotFound, VaultName, ResourceGroupName)); ConfirmAction( @@ -208,9 +220,16 @@ public override void ExecuteCmdlet() VaultName, () => { - KeyVaultManagementClient.DeleteVault( - vaultName: VaultName, - resourceGroupName: this.ResourceGroupName); + if (Hsm) + { + // DeleteManagedHsm(); + } + else + { + KeyVaultManagementClient.DeleteVault( + vaultName: VaultName, + resourceGroupName: this.ResourceGroupName); + } if (PassThru) { diff --git a/src/KeyVault/KeyVault/KeyVault.csproj b/src/KeyVault/KeyVault/KeyVault.csproj index 1655fdfab699..d3d0cf9205ba 100644 --- a/src/KeyVault/KeyVault/KeyVault.csproj +++ b/src/KeyVault/KeyVault/KeyVault.csproj @@ -14,7 +14,7 @@ - + diff --git a/src/KeyVault/KeyVault/KeyVault.format.ps1xml b/src/KeyVault/KeyVault/KeyVault.format.ps1xml index 6eb262d4d899..4bbdc4f73d8a 100644 --- a/src/KeyVault/KeyVault/KeyVault.format.ps1xml +++ b/src/KeyVault/KeyVault/KeyVault.format.ps1xml @@ -391,6 +391,64 @@ + + Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm + + Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm + + + + + + + + VaultName + + + + ResourceGroupName + + + + Location + + + + ResourceId + + + + HsmPoolUri + + + + TenantName + + + + SecurityDomainName + + + + Sku + + + + EnableSoftDelete + + + + SoftDeleteRetentionInDays + + + + TagsTable + + + + + + Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultAccessPolicy diff --git a/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs b/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs index 47a400674ff6..821d43239a3f 100644 --- a/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs +++ b/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs @@ -177,17 +177,17 @@ private IEnumerable ListByResourceGroup( return new GenericPageEnumerable(() => armClient.ResourceGroups.ListResources(resourceGroupName, filter), armClient.ResourceGroups.ListResourcesNext, first, skip).Select(r => new PSKeyVaultIdentityItem(r)); } - protected string GetResourceGroupName(string vaultName) + protected string GetResourceGroupName(string name, bool isHsm=false) { var resourcesByName = ResourceClient.FilterResources(new FilterResourcesOptions { - ResourceType = KeyVaultManagementClient.VaultsResourceType + ResourceType = isHsm? KeyVaultManagementClient.ManagedHsmResourceType:KeyVaultManagementClient.VaultsResourceType }); string rg = null; if (resourcesByName != null && resourcesByName.Count > 0) { - var vault = resourcesByName.FirstOrDefault(r => r.Name.Equals(vaultName, StringComparison.OrdinalIgnoreCase)); + var vault = resourcesByName.FirstOrDefault(r => r.Name.Equals(name, StringComparison.OrdinalIgnoreCase)); if (vault != null) { rg = new ResourceIdentifier(vault.Id).ResourceGroupName; @@ -207,9 +207,9 @@ protected string GetResourceGroupName(string vaultName) // // An alternate implementation that checks for the vault name globally would be to construct a vault // URL with the given name and attempt checking DNS entries for it. - protected bool VaultExistsInCurrentSubscription(string name) + protected bool VaultExistsInCurrentSubscription(string name, bool isHsm=false) { - return GetResourceGroupName(name) != null; + return GetResourceGroupName(name, isHsm) != null; } protected Guid GetTenantId() @@ -459,5 +459,8 @@ protected bool IsValidObjectIdSyntax(string objectId) protected readonly string DefaultSkuFamily = "A"; protected readonly string DefaultSkuName = "Standard"; + + protected readonly string DefaultManagedHsmSkuFamily = "b"; + protected readonly string DefaultManagedHsmSkuName = "Standard_B1"; } } diff --git a/src/KeyVault/KeyVault/Models/ModelExtensions.cs b/src/KeyVault/KeyVault/Models/ModelExtensions.cs index 5dcfa7d94f0d..1f2934db9ad1 100644 --- a/src/KeyVault/KeyVault/Models/ModelExtensions.cs +++ b/src/KeyVault/KeyVault/Models/ModelExtensions.cs @@ -172,6 +172,8 @@ public static string GetDisplayNameForADObject(string objectId, ActiveDirectoryC public static string GetDisplayNameForTenant(Guid id, ActiveDirectoryClient adClient) { + if (id == null) + return string.Empty; return id.ToString(); } } diff --git a/src/KeyVault/KeyVault/Models/PSKeyVault.cs b/src/KeyVault/KeyVault/Models/PSKeyVault.cs index 16d8a6cd1026..52b72beffcad 100644 --- a/src/KeyVault/KeyVault/Models/PSKeyVault.cs +++ b/src/KeyVault/KeyVault/Models/PSKeyVault.cs @@ -89,7 +89,7 @@ public PSKeyVault(Vault vault, ActiveDirectoryClient adClient) private static PSKeyVaultNetworkRuleSet InitNetworkRuleSet(VaultProperties properties) { - // The service will return NULL when NetworkAcls is never set before or set with default property values + // The service will return NULL when NetworkAcls is never set before or set with default proper values // The default constructor will set default property values in SDK's NetworkRuleSet class if (properties?.NetworkAcls == null) { diff --git a/src/KeyVault/KeyVault/Models/PSManagedHsm.cs b/src/KeyVault/KeyVault/Models/PSManagedHsm.cs new file mode 100644 index 000000000000..994868a47ac3 --- /dev/null +++ b/src/KeyVault/KeyVault/Models/PSManagedHsm.cs @@ -0,0 +1,109 @@ +#if NETSTANDARD +using Microsoft.Azure.Graph.RBAC.Version1_6.ActiveDirectory; +#else +using Microsoft.Azure.ActiveDirectory.GraphClient; +#endif +using System; +using System.Collections.Generic; +using Microsoft.Azure.Management.KeyVault.Models; +using Microsoft.Azure.Commands.ResourceManager.Common.Tags; +using Microsoft.Azure.Management.Internal.Resources.Utilities.Models; + +namespace Microsoft.Azure.Commands.KeyVault.Models +{ + public class PSManagedHsm:PSKeyVaultIdentityItem + { + public PSManagedHsm() + { + } + + public PSManagedHsm(ManagedHsm managedHsm, ActiveDirectoryClient adClient) + { + // PSKeyVaultIdentityItem's properties + ResourceId = managedHsm.Id; + VaultName = managedHsm.Name; + ResourceGroupName = (new ResourceIdentifier(managedHsm.Id)).ResourceGroupName; + Location = managedHsm.Location; + Tags = TagsConversionHelper.CreateTagHashtable(managedHsm.Tags); + + // PSManagedHsm's properties + Sku = managedHsm.Sku.Name.ToString(); + TenantId = managedHsm.Properties.TenantId.Value; + TenantName = ModelExtensions.GetDisplayNameForTenant(TenantId, adClient); + SecurityDomainId = managedHsm.Properties.SecurityDomainId.Value; + SecurityDomainName = ModelExtensions.GetDisplayNameForTenant(SecurityDomainId,adClient) ; + InitialAdminObjectIds = managedHsm.Properties.InitialAdminObjectIds; + HsmPoolUri = managedHsm.Properties.HsmPoolUri; + EnablePurgeProtection = managedHsm.Properties.EnablePurgeProtection; + EnableSoftDelete = managedHsm.Properties.EnableSoftDelete; + SoftDeleteRetentionInDays = managedHsm.Properties.SoftDeleteRetentionInDays; + // AccessPolicies = vault.Properties.AccessPolicies.Select(s => new PSKeyVaultAccessPolicy(s, adClient)).ToArray(); + // NetworkAcls = InitNetworkRuleSet(managedHsm.Properties); + OriginalManagedHsm = managedHsm; + } + + public string Sku { get; private set; } + public Guid TenantId { get; private set; } + public string TenantName { get; private set; } + public Guid SecurityDomainId { get; private set; } + public string SecurityDomainName { get; private set; } + public IList InitialAdminObjectIds { get; private set; } + public string HsmPoolUri { get; private set; } + public bool? EnableSoftDelete { get; private set; } + public int? SoftDeleteRetentionInDays { get; private set; } + public bool? EnablePurgeProtection { get; private set; } + public ManagedHsm OriginalManagedHsm { get; private set; } + + /* Comments temporarily + * + * public PSKeyVaultAccessPolicy[] AccessPolicies { get; private set; } + + public string AccessPoliciesText { get { return ModelExtensions.ConstructAccessPoliciesList(AccessPolicies); } } + + public PSKeyVaultNetworkRuleSet NetworkAcls { get; private set; } + + public string NetworkAclsText { get { return ModelExtensions.ConstructNetworkRuleSet(NetworkAcls); } } + + //If we got this vault from the server, save the over-the-wire version, to + //allow easy updates + + private static PSKeyVaultNetworkRuleSet InitNetworkRuleSet(VaultProperties properties) + { + // The service will return NULL when NetworkAcls is never set before or set with default property values + // The default constructor will set default property values in SDK's NetworkRuleSet class + if (properties?.NetworkAcls == null) + { + return new PSKeyVaultNetworkRuleSet(); + } + + var networkAcls = properties.NetworkAcls; + + PSKeyVaultNetworkRuleDefaultActionEnum defaultAct; + if (!Enum.TryParse(networkAcls.DefaultAction, true, out defaultAct)) + { + defaultAct = PSKeyVaultNetworkRuleDefaultActionEnum.Allow; + } + + PSKeyVaultNetworkRuleBypassEnum bypass; + if (!Enum.TryParse(networkAcls.Bypass, true, out bypass)) + { + bypass = PSKeyVaultNetworkRuleBypassEnum.AzureServices; + } + + IList allowedIpAddresses = null; + if (networkAcls.IpRules != null && networkAcls.IpRules.Count > 0) + { + allowedIpAddresses = networkAcls.IpRules.Select(item => item.Value).ToList(); + } + + IList allowedVirtualNetworkResourceIds = null; + if (networkAcls.VirtualNetworkRules != null && networkAcls.VirtualNetworkRules.Count > 0) + { + allowedVirtualNetworkResourceIds = networkAcls.VirtualNetworkRules.Select(item => item.Id).ToList(); + } + + return new PSKeyVaultNetworkRuleSet(defaultAct, bypass, allowedIpAddresses, allowedVirtualNetworkResourceIds); + } + */ + } +} diff --git a/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs b/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs index 440f58f1abde..47939075de00 100644 --- a/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs +++ b/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs @@ -15,6 +15,7 @@ using Microsoft.Azure.Management.KeyVault.Models; using System; using System.Collections; +using System.Collections.Generic; namespace Microsoft.Azure.Commands.KeyVault.Models { @@ -24,7 +25,7 @@ public class VaultCreationParameters public string ResourceGroupName { get; set; } public string Location { get; set; } public Hashtable Tags { get; set; } - public SkuName SkuName { get; set; } + public string SkuName { get; set; } public string SkuFamilyName { get; set; } public bool EnabledForDeployment { get; set; } public bool EnabledForTemplateDeployment { get; set; } @@ -36,5 +37,6 @@ public class VaultCreationParameters public AccessPolicyEntry AccessPolicy { get; set; } public NetworkRuleSet NetworkAcls { get; set; } public CreateMode? CreateMode { get; set; } + public List Administrator { get; set; } } } diff --git a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs index 2b5432eeb3cc..d547282843af 100644 --- a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs +++ b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs @@ -29,11 +29,15 @@ using Microsoft.Azure.Management.KeyVault.Models; using Microsoft.Azure.Commands.Common.Authentication.Abstractions; using Microsoft.Rest.Azure; +using System.ComponentModel; namespace Microsoft.Azure.Commands.KeyVault.Models { public class VaultManagementClient { + public readonly string VaultsResourceType = "Microsoft.KeyVault/vaults"; + public readonly string ManagedHsmResourceType = "Microsoft.KeyVault/managedHSMs"; + public VaultManagementClient(IAzureContext context) { KeyVaultManagementClient = AzureSession.Instance.ClientFactory.CreateArmClient(context, AzureEnvironment.Endpoint.ResourceManager); @@ -51,6 +55,7 @@ private IKeyVaultManagementClient KeyVaultManagementClient set; } + #region Vault-related METHODS /// /// Create a new vault /// @@ -76,11 +81,17 @@ public PSKeyVault CreateNewVault(VaultCreationParameters parameters, ActiveDirec throw new ArgumentNullException("parameters.SkuFamilyName"); if (parameters.TenantId == Guid.Empty) throw new ArgumentException("parameters.TenantId"); - - properties.Sku = new Sku + if (!string.IsNullOrWhiteSpace(parameters.SkuName)) { - Name = parameters.SkuName, - }; + if (Enum.TryParse(parameters.SkuName, out SkuName skuName)) + { + properties.Sku = new Sku(skuName); + } + else + { + throw new InvalidEnumArgumentException("parameters.SkuName"); + } + } properties.EnabledForDeployment = parameters.EnabledForDeployment; properties.EnabledForTemplateDeployment = parameters.EnabledForTemplateDeployment; properties.EnabledForDiskEncryption = parameters.EnabledForDiskEncryption; @@ -101,10 +112,10 @@ public PSKeyVault CreateNewVault(VaultCreationParameters parameters, ActiveDirec { properties.CreateMode = CreateMode.Recover; } + var response = KeyVaultManagementClient.Vaults.CreateOrUpdate( resourceGroupName: parameters.ResourceGroupName, vaultName: parameters.VaultName, - parameters: new VaultCreateOrUpdateParameters { Location = parameters.Location, @@ -252,7 +263,7 @@ public void DeleteVault(string vaultName, string resourceGroupName) /// Purge a deleted vault. Throws if vault is not found. /// /// - /// + /// public void PurgeVault(string vaultName, string location) { if (string.IsNullOrWhiteSpace(vaultName)) @@ -329,8 +340,135 @@ public List ListDeletedVaults() return deletedVaults; } - public readonly string VaultsResourceType = "Microsoft.KeyVault/vaults"; + #endregion + + #region Managedhsm-related METHOD + + /// + /// Create a MHSM pool + /// + /// vault creation parameters + /// the active directory client + /// + public PSManagedHsm CreateNewManagedHsm(VaultCreationParameters parameters, ActiveDirectoryClient adClient = null, PSKeyVaultNetworkRuleSet networkRuleSet = null) + { + if (parameters == null) + throw new ArgumentNullException("parameters"); + if (string.IsNullOrWhiteSpace(parameters.VaultName)) + throw new ArgumentNullException("parameters.VaultName"); + if (string.IsNullOrWhiteSpace(parameters.ResourceGroupName)) + throw new ArgumentNullException("parameters.ResourceGroupName"); + if (string.IsNullOrWhiteSpace(parameters.Location)) + throw new ArgumentNullException("parameters.Location"); + if(parameters.Administrator.Count==0) + throw new ArgumentNullException("parameters.Administrator"); + + var properties = new ManagedHsmProperties(); + var managedHsmSku = new ManagedHsmSku(); + + if (parameters.CreateMode != CreateMode.Recover) + { + if (string.IsNullOrWhiteSpace(parameters.SkuFamilyName)) + throw new ArgumentNullException("parameters.SkuFamilyName"); + if (parameters.TenantId == Guid.Empty) + throw new ArgumentException("parameters.TenantId"); + if (!string.IsNullOrWhiteSpace(parameters.SkuName)) + { + if (Enum.TryParse(parameters.SkuName, out ManagedHsmSkuName skuName)) + { + managedHsmSku.Name = skuName; + } + else + { + throw new InvalidEnumArgumentException("parameters.SkuName"); + } + } + properties.TenantId = parameters.TenantId; + properties.InitialAdminObjectIds = parameters.Administrator; + properties.HsmPoolUri = ""; + properties.EnableSoftDelete = parameters.EnableSoftDelete; + properties.SoftDeleteRetentionInDays = parameters.SoftDeleteRetentionInDays; + properties.EnablePurgeProtection = parameters.EnablePurgeProtection; + + // No sdk available to update this parapmeter + // properties.AccessPolicies = (parameters.AccessPolicy != null) ? new[] { parameters.AccessPolicy } : new AccessPolicyEntry[] { }; + + // properties.NetworkAcls = parameters.NetworkAcls; + /* + if (networkRuleSet != null) + { + UpdateVaultNetworkRuleSetProperties(properties, networkRuleSet); + } + */ + } + else + { + properties.CreateMode = CreateMode.Recover; + } + + var response = KeyVaultManagementClient.ManagedHsms.CreateOrUpdate( + resourceGroupName: parameters.ResourceGroupName, + name: parameters.VaultName, + parameters: new ManagedHsm + { + Location = parameters.Location, + Sku = managedHsmSku, + Tags = TagsConversionHelper.CreateTagDictionary(parameters.Tags, validate: true), + Properties = properties + }); + return new PSManagedHsm(response, adClient); + } + + /// + /// Delete an existing vault. Throws if vault is not found. + /// + /// + /// + public void DeleteManagedHsm(string vaultName, string resourceGroupName) + { + if (string.IsNullOrWhiteSpace(vaultName)) + throw new ArgumentNullException("vaultName"); + if (string.IsNullOrWhiteSpace(resourceGroupName)) + throw new ArgumentNullException("resourceGroupName"); + + try + { + KeyVaultManagementClient.Vaults.Delete(resourceGroupName, vaultName); + } + catch (CloudException ce) + { + if (ce.Response.StatusCode == HttpStatusCode.NoContent || ce.Response.StatusCode == HttpStatusCode.NotFound) + throw new ArgumentException(string.Format(PSKeyVaultProperties.Resources.VaultNotFound, vaultName, resourceGroupName)); + throw; + } + } + + /// + /// Purge a deleted MHSM. Throws if MHSM is not found. + /// + /// + /// + public void PurgeManagedHsm(string managedHsmName, string location) + { + if (string.IsNullOrWhiteSpace(managedHsmName)) + throw new ArgumentNullException(nameof(managedHsmName)); + if (string.IsNullOrWhiteSpace(location)) + throw new ArgumentNullException(nameof(location)); + + try + { + KeyVaultManagementClient.Vaults.PurgeDeleted(managedHsmName, location); + } + catch (CloudException ce) + { + if (ce.Response.StatusCode == HttpStatusCode.NoContent || ce.Response.StatusCode == HttpStatusCode.NotFound) + throw new ArgumentException(string.Format(PSKeyVaultProperties.Resources.DeletedVaultNotFound, managedHsmName, location)); + throw; + } + } + + #endregion #region HELP_METHODS /// From 00f5e6e4d5e8daed3566f2a8f04ab42eb314118c Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Fri, 31 Jul 2020 16:15:20 +0800 Subject: [PATCH 02/17] Supporting querying MHSM objects --- .../KeyVault/Commands/GetAzureKeyVault.cs | 56 ++++++++++++++++--- .../Models/KeyVaultManagementCmdletBase.cs | 20 ++++++- src/KeyVault/KeyVault/Models/PSManagedHsm.cs | 55 +----------------- .../KeyVault/Models/VaultManagementClient.cs | 37 ++++++++++++ 4 files changed, 105 insertions(+), 63 deletions(-) diff --git a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs index f1b44ddff4bc..574c2cd698d3 100644 --- a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs @@ -85,6 +85,11 @@ public class GetAzureKeyVault : KeyVaultManagementCmdletBase HelpMessage = "Specifies whether to show the previously deleted vaults in the output.")] public SwitchParameter InRemovedState { get; set; } + [Parameter(Mandatory = false, + HelpMessage = "Specifies the type of vault to be shown.")] + [Alias("Type")] + public ResourceTypeName? ResourceType { get; set; } + /// /// Tag value /// @@ -102,19 +107,56 @@ public override void ExecuteCmdlet() { case GetVaultParameterSet: ResourceGroupName = string.IsNullOrWhiteSpace(ResourceGroupName) ? GetResourceGroupName(VaultName) : ResourceGroupName; - PSKeyVault vault = null; + ResourceGroupName = string.IsNullOrWhiteSpace(ResourceGroupName) ? GetResourceGroupName(VaultName, true) : ResourceGroupName; + + PSKeyVaultIdentityItem vault = null; if (ShouldGetByName(ResourceGroupName, VaultName)) { - vault = KeyVaultManagementClient.GetVault( - VaultName, - ResourceGroupName, - ActiveDirectoryClient); - WriteObject(FilterByTag(vault, Tag)); + switch (ResourceType) + { + case ResourceTypeName.Hsm: + vault = KeyVaultManagementClient.GetManagedHsmName( + VaultName, + ResourceGroupName, + ActiveDirectoryClient); + WriteObject(FilterByTag((PSManagedHsm)vault, Tag)); + break; + case ResourceTypeName.Vault: + vault = KeyVaultManagementClient.GetVault( + VaultName, + ResourceGroupName, + ActiveDirectoryClient); + WriteObject(FilterByTag((PSKeyVault)vault, Tag)); + break; + default: + // Search from both Vaults and ManagedHsms + vault = KeyVaultManagementClient.GetVault( + VaultName, + ResourceGroupName, + ActiveDirectoryClient); + if (vault == null) + { + vault = KeyVaultManagementClient.GetManagedHsmName( + VaultName, + ResourceGroupName, + ActiveDirectoryClient); + WriteObject(FilterByTag((PSManagedHsm)vault, Tag)); + } + else + { + WriteObject(FilterByTag((PSKeyVault)vault, Tag)); + } + break; + } } else { - WriteObject(TopLevelWildcardFilter(ResourceGroupName, VaultName, ListVaults(ResourceGroupName, Tag)), true); + WriteObject( + TopLevelWildcardFilter( + ResourceGroupName, VaultName, + ListVaults(ResourceGroupName, Tag, ResourceType)), + true); } break; diff --git a/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs b/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs index 821d43239a3f..9eec82a93e23 100644 --- a/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs +++ b/src/KeyVault/KeyVault/Models/KeyVaultManagementCmdletBase.cs @@ -131,10 +131,25 @@ protected PSKeyVault FilterByTag(PSKeyVault keyVault, Hashtable tag) return (PSKeyVault) FilterByTag(new List { keyVault }, tag).FirstOrDefault(); } - protected List ListVaults(string resourceGroupName, Hashtable tag) + protected PSManagedHsm FilterByTag(PSManagedHsm managedHsm, Hashtable tag) { + return (PSManagedHsm)FilterByTag(new List { managedHsm }, tag).FirstOrDefault(); + } + + protected List ListVaults(string resourceGroupName, Hashtable tag, ResourceTypeName? resourceTypeName= ResourceTypeName.Vault) + { + var vaults = new List(); + + // List all kinds of vault resources + if (resourceTypeName == null) { + vaults.AddRange(ListVaults(resourceGroupName, tag, ResourceTypeName.Vault)); + vaults.AddRange(ListVaults(resourceGroupName, tag, ResourceTypeName.Hsm)); + return vaults; + } + IEnumerable listResult; - var resourceType = KeyVaultManagementClient.VaultsResourceType; + var resourceType = resourceTypeName.Equals(ResourceTypeName.Hsm)? + KeyVaultManagementClient.ManagedHsmResourceType: KeyVaultManagementClient.VaultsResourceType; if (ShouldListByResourceGroup(resourceGroupName, null)) { listResult = ListByResourceGroup(resourceGroupName, @@ -148,7 +163,6 @@ protected List ListVaults(string resourceGroupName, Hash r => r.ResourceType == resourceType)); } - var vaults = new List(); if (listResult != null) { vaults.AddRange(listResult); diff --git a/src/KeyVault/KeyVault/Models/PSManagedHsm.cs b/src/KeyVault/KeyVault/Models/PSManagedHsm.cs index 994868a47ac3..7d153a0eaf03 100644 --- a/src/KeyVault/KeyVault/Models/PSManagedHsm.cs +++ b/src/KeyVault/KeyVault/Models/PSManagedHsm.cs @@ -11,7 +11,7 @@ namespace Microsoft.Azure.Commands.KeyVault.Models { - public class PSManagedHsm:PSKeyVaultIdentityItem + public class PSManagedHsm : PSKeyVaultIdentityItem { public PSManagedHsm() { @@ -31,7 +31,7 @@ public PSManagedHsm(ManagedHsm managedHsm, ActiveDirectoryClient adClient) TenantId = managedHsm.Properties.TenantId.Value; TenantName = ModelExtensions.GetDisplayNameForTenant(TenantId, adClient); SecurityDomainId = managedHsm.Properties.SecurityDomainId.Value; - SecurityDomainName = ModelExtensions.GetDisplayNameForTenant(SecurityDomainId,adClient) ; + SecurityDomainName = ModelExtensions.GetDisplayNameForTenant(SecurityDomainId, adClient); InitialAdminObjectIds = managedHsm.Properties.InitialAdminObjectIds; HsmPoolUri = managedHsm.Properties.HsmPoolUri; EnablePurgeProtection = managedHsm.Properties.EnablePurgeProtection; @@ -54,56 +54,5 @@ public PSManagedHsm(ManagedHsm managedHsm, ActiveDirectoryClient adClient) public bool? EnablePurgeProtection { get; private set; } public ManagedHsm OriginalManagedHsm { get; private set; } - /* Comments temporarily - * - * public PSKeyVaultAccessPolicy[] AccessPolicies { get; private set; } - - public string AccessPoliciesText { get { return ModelExtensions.ConstructAccessPoliciesList(AccessPolicies); } } - - public PSKeyVaultNetworkRuleSet NetworkAcls { get; private set; } - - public string NetworkAclsText { get { return ModelExtensions.ConstructNetworkRuleSet(NetworkAcls); } } - - //If we got this vault from the server, save the over-the-wire version, to - //allow easy updates - - private static PSKeyVaultNetworkRuleSet InitNetworkRuleSet(VaultProperties properties) - { - // The service will return NULL when NetworkAcls is never set before or set with default property values - // The default constructor will set default property values in SDK's NetworkRuleSet class - if (properties?.NetworkAcls == null) - { - return new PSKeyVaultNetworkRuleSet(); - } - - var networkAcls = properties.NetworkAcls; - - PSKeyVaultNetworkRuleDefaultActionEnum defaultAct; - if (!Enum.TryParse(networkAcls.DefaultAction, true, out defaultAct)) - { - defaultAct = PSKeyVaultNetworkRuleDefaultActionEnum.Allow; - } - - PSKeyVaultNetworkRuleBypassEnum bypass; - if (!Enum.TryParse(networkAcls.Bypass, true, out bypass)) - { - bypass = PSKeyVaultNetworkRuleBypassEnum.AzureServices; - } - - IList allowedIpAddresses = null; - if (networkAcls.IpRules != null && networkAcls.IpRules.Count > 0) - { - allowedIpAddresses = networkAcls.IpRules.Select(item => item.Value).ToList(); - } - - IList allowedVirtualNetworkResourceIds = null; - if (networkAcls.VirtualNetworkRules != null && networkAcls.VirtualNetworkRules.Count > 0) - { - allowedVirtualNetworkResourceIds = networkAcls.VirtualNetworkRules.Select(item => item.Id).ToList(); - } - - return new PSKeyVaultNetworkRuleSet(defaultAct, bypass, allowedIpAddresses, allowedVirtualNetworkResourceIds); - } - */ } } diff --git a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs index d547282843af..3fee24b76699 100644 --- a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs +++ b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs @@ -33,6 +33,12 @@ namespace Microsoft.Azure.Commands.KeyVault.Models { + public enum ResourceTypeName + { + Vault = 0, + Hsm = 1 + } + public class VaultManagementClient { public readonly string VaultsResourceType = "Microsoft.KeyVault/vaults"; @@ -420,6 +426,37 @@ public PSManagedHsm CreateNewManagedHsm(VaultCreationParameters parameters, Acti return new PSManagedHsm(response, adClient); } + + /// + /// Get an existing MHSM. Returns null if vault is not found. + /// + /// managed hsm name + /// resource group name + /// the active directory client + /// the retrieved MHSM + public PSManagedHsm GetManagedHsmName(string managedHsmName, string resourceGroupName, ActiveDirectoryClient adClient = null) + { + if (string.IsNullOrWhiteSpace(managedHsmName)) + throw new ArgumentNullException("vaultName"); + if (string.IsNullOrWhiteSpace(resourceGroupName)) + throw new ArgumentNullException("resourceGroupName"); + + try + { + var response = KeyVaultManagementClient.ManagedHsms.Get(resourceGroupName, managedHsmName); + + return new PSManagedHsm(response, adClient); + } + catch (CloudException ce) + { + if (ce.Response.StatusCode == HttpStatusCode.NotFound) + { + return null; + } + throw; + } + } + /// /// Delete an existing vault. Throws if vault is not found. /// From f26a536e9bdf6ef5b5eeb5252aac442a79bd8c0d Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Fri, 31 Jul 2020 16:45:38 +0800 Subject: [PATCH 03/17] Support deleting MHSM --- .../KeyVault/Commands/RemoveAzureKeyVault.cs | 12 +++++++----- .../KeyVault/Models/VaultManagementClient.cs | 10 +++++----- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs index c43c9b1ad908..ef410ad61c6f 100644 --- a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs @@ -135,7 +135,7 @@ public class RemoveAzureKeyVault : KeyVaultManagementCmdletBase public SwitchParameter InRemovedState { get; set; } [Parameter(Mandatory = false, - HelpMessage = "Specifies the type of this vault as MHSM.")] + HelpMessage = "Specifies the type of vault as MHSM.")] public SwitchParameter Hsm { get; set; } /// @@ -184,7 +184,7 @@ public override void ExecuteCmdlet() VaultName, () => { - if (Hsm) + if (Hsm.IsPresent) { //PurgeManagedHsm(); } @@ -220,15 +220,17 @@ public override void ExecuteCmdlet() VaultName, () => { - if (Hsm) + if (Hsm.IsPresent) { - // DeleteManagedHsm(); + KeyVaultManagementClient.DeleteManagedHsm( + managedHsm:VaultName, + resourceGroupName: ResourceGroupName); } else { KeyVaultManagementClient.DeleteVault( vaultName: VaultName, - resourceGroupName: this.ResourceGroupName); + resourceGroupName: ResourceGroupName); } if (PassThru) diff --git a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs index 3fee24b76699..7c5dc2a6837c 100644 --- a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs +++ b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs @@ -458,25 +458,25 @@ public PSManagedHsm GetManagedHsmName(string managedHsmName, string resourceGrou } /// - /// Delete an existing vault. Throws if vault is not found. + /// Delete an existing MHSM. Throws if vault is not found. /// /// /// - public void DeleteManagedHsm(string vaultName, string resourceGroupName) + public void DeleteManagedHsm(string managedHsm, string resourceGroupName) { - if (string.IsNullOrWhiteSpace(vaultName)) + if (string.IsNullOrWhiteSpace(managedHsm)) throw new ArgumentNullException("vaultName"); if (string.IsNullOrWhiteSpace(resourceGroupName)) throw new ArgumentNullException("resourceGroupName"); try { - KeyVaultManagementClient.Vaults.Delete(resourceGroupName, vaultName); + KeyVaultManagementClient.ManagedHsms.Delete(resourceGroupName, managedHsm); } catch (CloudException ce) { if (ce.Response.StatusCode == HttpStatusCode.NoContent || ce.Response.StatusCode == HttpStatusCode.NotFound) - throw new ArgumentException(string.Format(PSKeyVaultProperties.Resources.VaultNotFound, vaultName, resourceGroupName)); + throw new ArgumentException(string.Format(PSKeyVaultProperties.Resources.VaultNotFound, managedHsm, resourceGroupName)); throw; } } From afb9ea62e1765c3ecb151cf45031b074a36dfdee Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Fri, 31 Jul 2020 19:18:30 +0800 Subject: [PATCH 04/17] Support updating mhsm --- .../KeyVault/Commands/GetAzureKeyVault.cs | 4 +- .../KeyVault/Commands/UpdateAzureKeyVault.cs | 84 +++++++++++++------ .../KeyVault/Models/VaultManagementClient.cs | 77 ++++++++++++++++- 3 files changed, 136 insertions(+), 29 deletions(-) diff --git a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs index 574c2cd698d3..7d3220fae37b 100644 --- a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs @@ -116,7 +116,7 @@ public override void ExecuteCmdlet() switch (ResourceType) { case ResourceTypeName.Hsm: - vault = KeyVaultManagementClient.GetManagedHsmName( + vault = KeyVaultManagementClient.GetManagedHsm( VaultName, ResourceGroupName, ActiveDirectoryClient); @@ -137,7 +137,7 @@ public override void ExecuteCmdlet() ActiveDirectoryClient); if (vault == null) { - vault = KeyVaultManagementClient.GetManagedHsmName( + vault = KeyVaultManagementClient.GetManagedHsm( VaultName, ResourceGroupName, ActiveDirectoryClient); diff --git a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs index 9c1718e2e0c6..38cd4feaa4d5 100644 --- a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs @@ -23,29 +23,35 @@ namespace Microsoft.Azure.Commands.KeyVault { - [Cmdlet(VerbsData.Update, ResourceManager.Common.AzureRMConstants.AzurePrefix + "KeyVault", DefaultParameterSetName = UpdateByNameParameterSet, SupportsShouldProcess = true), OutputType(typeof(PSKeyVault))] + [Cmdlet(VerbsData.Update, ResourceManager.Common.AzureRMConstants.AzurePrefix + "KeyVault", DefaultParameterSetName = UpdateKeyVault + ByNameParameterSet, SupportsShouldProcess = true), OutputType(typeof(PSKeyVault))] public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase { - private const string UpdateByNameParameterSet = "UpdateByNameParameterSet"; - private const string UpdateByInputObjectParameterSet = "UpdateByInputObjectParameterSet"; - private const string UpdateByResourceIdParameterSet = "UpdateByResourceIdParameterSet"; + private const string UpdateKeyVault = "UpdateKeyVault"; + private const string UpdateManagedHsm = "UpdateManagedHsm"; + private const string ByNameParameterSet = "ByNameParameterSet"; + private const string ByInputObjectParameterSet = "ByInputObjectParameterSet"; + private const string ByResourceIdParameterSet = "UByResourceIdParameterSet"; - [Parameter(Mandatory = true, ParameterSetName = UpdateByNameParameterSet, HelpMessage = "Name of the resource group.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateKeyVault + ByNameParameterSet, HelpMessage = "Name of the resource group.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Name of the resource group.")] [ResourceGroupCompleter] [ValidateNotNullOrEmpty] public string ResourceGroupName { get; set; } - [Parameter(Mandatory = true, ParameterSetName = UpdateByNameParameterSet, HelpMessage = "Name of the key vault.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateKeyVault + ByNameParameterSet, HelpMessage = "Name of the key vault.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Name of the key vault.")] [ResourceNameCompleter("Microsoft.KeyVault/vaults", nameof(ResourceGroupName))] [ValidateNotNullOrEmpty] [Alias("Name")] public string VaultName { get; set; } - [Parameter(Mandatory = true, ValueFromPipeline = true, ParameterSetName = UpdateByInputObjectParameterSet, HelpMessage = "Key vault object.")] + [Parameter(Mandatory = true, ValueFromPipeline = true, ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, HelpMessage = "Key vault object.")] + [Parameter(Mandatory = true, ValueFromPipeline = true, ParameterSetName = UpdateManagedHsm + ByInputObjectParameterSet, HelpMessage = "Key vault object.")] [ValidateNotNull] - public PSKeyVault InputObject { get; set; } + public PSKeyVaultIdentityItem InputObject { get; set; } - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = UpdateByResourceIdParameterSet, HelpMessage = "Resource ID of the key vault.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, HelpMessage = "Resource ID of the key vault.")] + [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = UpdateManagedHsm + ByResourceIdParameterSet, HelpMessage = "Resource ID of the key vault.")] [ValidateNotNullOrEmpty] public string ResourceId { get; set; } @@ -60,6 +66,11 @@ public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase [ValidateNotNullOrEmpty] public int SoftDeleteRetentionInDays { get; set; } + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Specifies the type of this vault as MHSM.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByInputObjectParameterSet, HelpMessage = "Specifies the type of this vault as MHSM.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByResourceIdParameterSet, HelpMessage = "Specifies the type of this vault as MHSM.")] + public SwitchParameter Hsm { get; set; } + public override void ExecuteCmdlet() { if (this.IsParameterBound(c => c.InputObject)) @@ -75,10 +86,11 @@ public override void ExecuteCmdlet() this.VaultName = resourceIdentifier.ResourceName; } - PSKeyVault existingResource = null; + PSKeyVaultIdentityItem existingResource = null; try { - existingResource = KeyVaultManagementClient.GetVault(this.VaultName, this.ResourceGroupName); + if (Hsm.IsPresent) existingResource = KeyVaultManagementClient.GetManagedHsm(VaultName, ResourceGroupName); + else existingResource = KeyVaultManagementClient.GetVault(this.VaultName, this.ResourceGroupName); } catch { @@ -87,24 +99,46 @@ public override void ExecuteCmdlet() if (existingResource == null) { - throw new Exception(string.Format("A key vault with name '{0}' in resource group '{1}' does not exist. Please use New-AzKeyVault to create a key vault with these properties.", this.VaultName, this.ResourceGroupName)); + if(Hsm.IsPresent) + throw new Exception(string.Format("A managed hsm with name '{0}' in resource group '{1}' does not exist. Please use New-AzKeyVault to create a managed hsm with these properties.", this.VaultName, this.ResourceGroupName)); + else + throw new Exception(string.Format("A key vault with name '{0}' in resource group '{1}' does not exist. Please use New-AzKeyVault to create a key vault with these properties.", this.VaultName, this.ResourceGroupName)); + } if (this.ShouldProcess(this.VaultName, string.Format("Updating key vault '{0}' in resource group '{1}'.", this.VaultName, this.ResourceGroupName))) { - var result = KeyVaultManagementClient.UpdateVault(existingResource, - existingResource.AccessPolicies, - existingResource.EnabledForDeployment, - existingResource.EnabledForTemplateDeployment, - existingResource.EnabledForDiskEncryption, - EnableSoftDelete.IsPresent ? (true as bool?) : null, - EnablePurgeProtection.IsPresent ? (true as bool?) : null, - this.IsParameterBound(c => c.SoftDeleteRetentionInDays) - ? (SoftDeleteRetentionInDays as int?) - : (existingResource.SoftDeleteRetentionInDays ?? Constants.DefaultSoftDeleteRetentionDays), - existingResource.NetworkAcls - ); - WriteObject(result); + if (Hsm.IsPresent) + { + var existingManagedHsmResource = (PSManagedHsm)existingResource; + var result = KeyVaultManagementClient.UpdateManagedHsm(existingManagedHsmResource, + existingManagedHsmResource.EnableSoftDelete, + EnablePurgeProtection.IsPresent ? (true as bool?) : null, + this.IsParameterBound(c => c.SoftDeleteRetentionInDays) + ? (SoftDeleteRetentionInDays as int?) + : (existingManagedHsmResource.SoftDeleteRetentionInDays ?? Constants.DefaultSoftDeleteRetentionDays) + ); + WriteObject(result); + } + else + { + var existingKeyVaultResource = (PSKeyVault)existingResource; + var result = KeyVaultManagementClient.UpdateVault(existingKeyVaultResource, + existingKeyVaultResource.AccessPolicies, + existingKeyVaultResource.EnabledForDeployment, + existingKeyVaultResource.EnabledForTemplateDeployment, + existingKeyVaultResource.EnabledForDiskEncryption, + EnableSoftDelete.IsPresent ? (true as bool?) : null, + EnablePurgeProtection.IsPresent ? (true as bool?) : null, + this.IsParameterBound(c => c.SoftDeleteRetentionInDays) + ? (SoftDeleteRetentionInDays as int?) + : (existingKeyVaultResource.SoftDeleteRetentionInDays ?? Constants.DefaultSoftDeleteRetentionDays), + existingKeyVaultResource.NetworkAcls + ); + WriteObject(result); + } + + } } } diff --git a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs index 7c5dc2a6837c..dd555883aa61 100644 --- a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs +++ b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs @@ -426,7 +426,6 @@ public PSManagedHsm CreateNewManagedHsm(VaultCreationParameters parameters, Acti return new PSManagedHsm(response, adClient); } - /// /// Get an existing MHSM. Returns null if vault is not found. /// @@ -434,7 +433,7 @@ public PSManagedHsm CreateNewManagedHsm(VaultCreationParameters parameters, Acti /// resource group name /// the active directory client /// the retrieved MHSM - public PSManagedHsm GetManagedHsmName(string managedHsmName, string resourceGroupName, ActiveDirectoryClient adClient = null) + public PSManagedHsm GetManagedHsm(string managedHsmName, string resourceGroupName, ActiveDirectoryClient adClient = null) { if (string.IsNullOrWhiteSpace(managedHsmName)) throw new ArgumentNullException("vaultName"); @@ -457,6 +456,80 @@ public PSManagedHsm GetManagedHsmName(string managedHsmName, string resourceGrou } } + /// + /// Update an existing MHSM. Only EnablePurgeProtection can be updated currently. + /// + /// the existing MHSM + /// enable purge protection + /// the active directory client + /// the updated MHSM + public PSManagedHsm UpdateManagedHsm( + PSManagedHsm existingManagedHsm, +// PSKeyVaultAccessPolicy[] updatedPolicies, + bool? updatedSoftDeleteSwitch, + bool? updatedPurgeProtectionSwitch, + int? softDeleteRetentionInDays, +// PSKeyVaultNetworkRuleSet updatedNetworkAcls, + ActiveDirectoryClient adClient = null) + { + if (existingManagedHsm == null) + throw new ArgumentNullException("existingManagedHsm"); + if (existingManagedHsm.OriginalManagedHsm == null) + throw new ArgumentNullException("existingManagedHsm.OriginalManagedHsm"); + + //Update the vault properties in the object received from server + //Only access policies and EnabledForDeployment can be changed + var properties = existingManagedHsm.OriginalManagedHsm.Properties; + properties.SoftDeleteRetentionInDays = softDeleteRetentionInDays; + + // soft delete flags can only be applied if they enable their respective behaviors + // and if different from the current corresponding properties on the vault. + if (!(properties.EnableSoftDelete.HasValue && properties.EnableSoftDelete.Value) + && updatedSoftDeleteSwitch.HasValue + && updatedSoftDeleteSwitch.Value) + properties.EnableSoftDelete = updatedSoftDeleteSwitch; + + if (!(properties.EnablePurgeProtection.HasValue && properties.EnablePurgeProtection.Value) + && updatedPurgeProtectionSwitch.HasValue + && updatedPurgeProtectionSwitch.Value) + properties.EnablePurgeProtection = updatedPurgeProtectionSwitch; + + /* properties.AccessPolicies = (updatedPolicies == null) ? + new List() : + updatedPolicies.Select(a => new AccessPolicyEntry + { + TenantId = a.TenantId, + ObjectId = a.ObjectId, + ApplicationId = a.ApplicationId, + Permissions = new Permissions + { + Keys = a.PermissionsToKeys.ToArray(), + Secrets = a.PermissionsToSecrets.ToArray(), + Certificates = a.PermissionsToCertificates.ToArray(), + Storage = a.PermissionsToStorage.ToArray(), + } + }).ToList(); + + UpdateVaultNetworkRuleSetProperties(properties, updatedNetworkAcls);*/ + + + var response = KeyVaultManagementClient.ManagedHsms.CreateOrUpdate( + resourceGroupName: existingManagedHsm.ResourceGroupName, + name: existingManagedHsm.VaultName, + parameters: new ManagedHsm + { + Location = existingManagedHsm.Location, + Sku = new ManagedHsmSku + { + Name = (ManagedHsmSkuName)Enum.Parse(typeof(ManagedHsmSkuName), existingManagedHsm.Sku) + }, + Tags = TagsConversionHelper.CreateTagDictionary(existingManagedHsm.Tags, validate: true), + Properties = properties + }); + + return new PSManagedHsm(response, adClient); + } + /// /// Delete an existing MHSM. Throws if vault is not found. /// From c2bea72bf6939fedafc0ded188d37d954eb72ca1 Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Mon, 3 Aug 2020 14:54:01 +0800 Subject: [PATCH 05/17] Add test cases --- .../ScenarioTests/KeyVaultManagementTests.cs | 13 ++++ .../ControlPlane/KeyVaultManagementTests.ps1 | 61 +++++++++++++++++++ src/KeyVault/KeyVault/KeyVault.format.ps1xml | 14 ++++- 3 files changed, 87 insertions(+), 1 deletion(-) diff --git a/src/KeyVault/KeyVault.Test/ScenarioTests/KeyVaultManagementTests.cs b/src/KeyVault/KeyVault.Test/ScenarioTests/KeyVaultManagementTests.cs index 073cc1531683..b092f15f568e 100644 --- a/src/KeyVault/KeyVault.Test/ScenarioTests/KeyVaultManagementTests.cs +++ b/src/KeyVault/KeyVault.Test/ScenarioTests/KeyVaultManagementTests.cs @@ -71,6 +71,19 @@ public void TestCreateNewVault() ); } + [Fact] + [Trait(Category.AcceptanceType, Category.CheckIn)] + public void TestManagedHsmCRUD() + { + KeyVaultManagementController.NewInstance.RunPsTestWorkflow( + _logger, + () => { return new[] { "Test-ManagedHsmCRUD" }; }, + null, + MethodBase.GetCurrentMethod().ReflectedType?.ToString(), + MethodBase.GetCurrentMethod().Name + ); + } + #endregion #region Get-AzureRmKeyVault diff --git a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index c0b706d6d8d6..d4d3b29de3e0 100644 --- a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -156,6 +156,67 @@ function Test-CreateNewVault { } } +<# +.SYNOPSIS +Tests CRUD for Managed Hsm. +#> +function Test-ManagedHsmCRUD { + $rgName = getAssetName + $rgLocation = Get-Location "Microsoft.Resources" "resourceGroups" "West US" + $hsmName = getAssetName + $hsmLocation = Get-Location "Microsoft.KeyVault" "managedHSMs" "East US 2" + $administrator = "c1be1392-39b8-4521-aafc-819a47008545" + New-AzResourceGroup -Name $rgName -Location $rgLocation + + try { + # Test default MHSM + $actual = New-AzKeyVault -Name $hsmName -ResourceGroupName $rgName -Location $hsmLocation -Administrator $administrator -Hsm + Assert-AreEqual $hsmName $actual.VaultName + Assert-AreEqual $rgName $actual.ResourceGroupName + Assert-AreEqual $hsmLocation $actual.Location + Assert-AreEqual 1 $hsm.InitialAdminObjectIds.Count + Assert-True $hsm.InitialAdminObjectIds.Contains($administrator) + Assert-AreEqual "StandardB1" $actual.Sku + + # Default Access Policy is not set by Service Principal + # Assert-AreEqual 0 @($actual.AccessPolicies).Count + + # Soft delete and purge protection defaults to true + # Assert-True { $actual.EnableSoftDelete } "By default EnableSoftDelete should be true" + Assert-Null $actual.EnablePurgeProtection "By default EnablePurgeProtection should be null" + + # Default retention days + Assert-AreEqual 90 $actual.SoftDeleteRetentionInDays "By default SoftDeleteRetentionInDays should be 90" + + Remove-AzKeyVault -Name $hsmName + + # Test CustomB32 vault + $actual = New-AzKeyVault -Name $hsmName -ResourceGroupName $rgName -Location $hsmLocation -Administrator $administrator -Sku CustomB32 -Hsm + Assert-AreEqual "CustomB32" $actual.Sku + Remove-AzKeyVault -Name $hsmName + + # Test enable purge protection & customize retention days + $actual = New-AzKeyVault -Name $hsmName -ResourceGroupName $rgName -Location $hsmLocation -EnablePurgeProtection -SoftDeleteRetentionInDays 10 + Assert-True { $actual.EnableSoftDelete } "By default EnableSoftDelete should be true" + Assert-True { $actual.EnablePurgeProtection } "If -EnablePurgeProtection, EnablePurgeProtection should be null" + Assert-AreEqual 10 $actual.SoftDeleteRetentionInDays "SoftDeleteRetentionInDays should be the same value as set" + + # Test positional parameters + $actual = New-AzKeyVault (getAssetName) $rgName $hsmLocation + Assert-NotNull $actual + + # Test throws for existing vault + Assert-Throws { New-AzKeyVault -VaultName $vault1Name -ResourceGroupName $rgname -Location $vaultLocation } + + # Test throws for resourcegroup nonexistent + Assert-Throws { New-AzKeyVault -VaultName $vault5Name -ResourceGroupName $unknownRGName -Location $vaultLocation } + } + + finally { + Remove-AzResourceGroup -Name $rgName -Force + } +} + #------------------------------------------------------------------------------------- #------------------------------Soft-delete-------------------------------------- diff --git a/src/KeyVault/KeyVault/KeyVault.format.ps1xml b/src/KeyVault/KeyVault/KeyVault.format.ps1xml index 4bbdc4f73d8a..5b5d22479e59 100644 --- a/src/KeyVault/KeyVault/KeyVault.format.ps1xml +++ b/src/KeyVault/KeyVault/KeyVault.format.ps1xml @@ -370,7 +370,11 @@ EnableSoftDelete - + + + EnablePurgeProtection + + SoftDeleteRetentionInDays @@ -428,6 +432,10 @@ SecurityDomainName + + + InitialAdminObjectIds + Sku @@ -436,6 +444,10 @@ EnableSoftDelete + + + EnablePurgeProtection + SoftDeleteRetentionInDays From d7e523d2b93c25fd62ab9933a6ad085ec068e83d Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Tue, 4 Aug 2020 12:25:26 +0800 Subject: [PATCH 06/17] Hide unavailable services --- .../KeyVault/Commands/GetAzureKeyVault.cs | 36 ++++++++++++++----- .../KeyVault/Commands/NewAzureKeyVault.cs | 22 ++++++++---- .../KeyVault/Commands/UpdateAzureKeyVault.cs | 30 ++++++++++++++-- 3 files changed, 69 insertions(+), 19 deletions(-) diff --git a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs index 7d3220fae37b..d5c3245ca53f 100644 --- a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs @@ -115,22 +115,24 @@ public override void ExecuteCmdlet() { switch (ResourceType) { - case ResourceTypeName.Hsm: - vault = KeyVaultManagementClient.GetManagedHsm( + case ResourceTypeName.Vault: + vault = KeyVaultManagementClient.GetVault( VaultName, ResourceGroupName, ActiveDirectoryClient); - WriteObject(FilterByTag((PSManagedHsm)vault, Tag)); + WriteObject(FilterByTag((PSKeyVault)vault, Tag)); break; - case ResourceTypeName.Vault: - vault = KeyVaultManagementClient.GetVault( + + case ResourceTypeName.Hsm: + vault = KeyVaultManagementClient.GetManagedHsm( VaultName, ResourceGroupName, ActiveDirectoryClient); - WriteObject(FilterByTag((PSKeyVault)vault, Tag)); + WriteObject(FilterByTag((PSManagedHsm)vault, Tag)); break; + default: - // Search from both Vaults and ManagedHsms + // Search both Vaults and ManagedHsms vault = KeyVaultManagementClient.GetVault( VaultName, ResourceGroupName, @@ -162,11 +164,27 @@ public override void ExecuteCmdlet() break; case GetDeletedVaultParameterSet: - WriteObject(KeyVaultManagementClient.GetDeletedVault(VaultName, Location)); + switch (ResourceType) + { + case ResourceTypeName.Vault: + WriteObject(KeyVaultManagementClient.GetDeletedVault(VaultName, Location)); + break; + case ResourceTypeName.Hsm: + default: + break; + } break; case ListDeletedVaultsParameterSet: - WriteObject(KeyVaultManagementClient.ListDeletedVaults(), true); + switch (ResourceType) + { + case ResourceTypeName.Vault: + WriteObject(KeyVaultManagementClient.ListDeletedVaults(), true); + break; + case ResourceTypeName.Hsm: + default: + break; + } break; default: diff --git a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs index 69db7c7ef2a3..bf9cc0f27218 100644 --- a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs @@ -74,11 +74,20 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase [ValidateNotNullOrEmpty()] public string Location { get; set; } + [Parameter(Mandatory = false, + // Hide out until available + ParameterSetName = KeyVaultParameterSet, + HelpMessage = "If specified, 'soft delete' functionality is disabled for this key vault.")] + public SwitchParameter DisableSoftDelete { get; set; } + [Parameter(Mandatory = false, HelpMessage = "If specified, protection against immediate deletion is enabled for this vault; requires soft delete to be enabled as well. Enabling 'purge protection' on a key vault is an irreversible action. Once enabled, it cannot be changed or removed.")] public SwitchParameter EnablePurgeProtection { get; set; } - [Parameter(Mandatory = false, HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] + [Parameter(Mandatory = false, + // Hide out until available + ParameterSetName = KeyVaultParameterSet, + HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] [ValidateRange(Constants.MinSoftDeleteRetentionDays, Constants.MaxSoftDeleteRetentionDays)] [ValidateNotNullOrEmpty] public int SoftDeleteRetentionInDays { get; set; } @@ -94,7 +103,10 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase [Alias(Constants.TagsAlias)] public Hashtable Tag { get; set; } - [Parameter(Mandatory = false, HelpMessage = "Specifies the network rule set of the vault. It governs the accessibility of the key vault from specific network locations. Created by `New-AzKeyVaultNetworkRuleSetObject`.")] + [Parameter(Mandatory = false, + // Hide out until available + ParameterSetName = KeyVaultParameterSet, + HelpMessage = "Specifies the network rule set of the vault. It governs the accessibility of the key vault from specific network locations. Created by `New-AzKeyVaultNetworkRuleSetObject`.")] public PSKeyVaultNetworkRuleSet NetworkRuleSet { get; set; } #endregion @@ -119,10 +131,6 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase HelpMessage = "If specified, enables secrets to be retrieved from this key vault by Azure Disk Encryption.")] public SwitchParameter EnabledForDiskEncryption { get; set; } - [Parameter(Mandatory = false, - ParameterSetName = KeyVaultParameterSet, - HelpMessage = "If specified, 'soft delete' functionality is disabled for this key vault.")] - public SwitchParameter DisableSoftDelete { get; set; } #endregion #region MHSM-specified Parameter Definitions @@ -187,6 +195,7 @@ public override void ExecuteCmdlet() ResourceGroupName = this.ResourceGroupName, Location = this.Location, SkuName = this.Sku, + EnableSoftDelete = !this.DisableSoftDelete.IsPresent, EnablePurgeProtection = EnablePurgeProtection.IsPresent ? true : (bool?)null, // false is not accepted /* * If soft delete is enabled, but retention days is not specified, use the default value, @@ -211,7 +220,6 @@ public override void ExecuteCmdlet() vaultCreationParameter.EnabledForDeployment = this.EnabledForDeployment.IsPresent; vaultCreationParameter.EnabledForTemplateDeployment = EnabledForTemplateDeployment.IsPresent; vaultCreationParameter.EnabledForDiskEncryption = EnabledForDiskEncryption.IsPresent; - vaultCreationParameter.EnableSoftDelete = !DisableSoftDelete.IsPresent; vaultCreationParameter.SkuFamilyName = DefaultSkuFamily; this.WriteObject(KeyVaultManagementClient.CreateNewVault(vaultCreationParameter, ActiveDirectoryClient, NetworkRuleSet)); break; diff --git a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs index 38cd4feaa4d5..0bc51a4266ba 100644 --- a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs @@ -55,13 +55,37 @@ public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase [ValidateNotNullOrEmpty] public string ResourceId { get; set; } - [Parameter(Mandatory = false, HelpMessage = "Enable the soft-delete functionality for this key vault. Once enabled it cannot be disabled.")] + [Parameter(Mandatory = false, + ParameterSetName = UpdateKeyVault + ByNameParameterSet, + HelpMessage = "Enable the soft-delete functionality for this key vault. Once enabled it cannot be disabled.")] + [Parameter(Mandatory = false, + ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, + HelpMessage = "Enable the soft-delete functionality for this key vault. Once enabled it cannot be disabled.")] + [Parameter(Mandatory = false, + ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, + HelpMessage = "Enable the soft-delete functionality for this key vault. Once enabled it cannot be disabled.")] public SwitchParameter EnableSoftDelete { get; set; } - [Parameter(Mandatory = false, HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] + [Parameter(Mandatory = false, + //ParameterSetName = UpdateKeyVault + ByNameParameterSet, + HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] + /* [Parameter(Mandatory = false, + //ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, + HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] + [Parameter(Mandatory = false, + //ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, + HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")]*/ public SwitchParameter EnablePurgeProtection { get; set; } - [Parameter(Mandatory = false, HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] + [Parameter(Mandatory = false, + //ParameterSetName = UpdateKeyVault + ByNameParameterSet, + HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] + /* [Parameter(Mandatory = false, + //ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, + HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] + [Parameter(Mandatory = false, + //ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, + HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")]*/ [ValidateRange(Constants.MinSoftDeleteRetentionDays, Constants.MaxSoftDeleteRetentionDays)] [ValidateNotNullOrEmpty] public int SoftDeleteRetentionInDays { get; set; } From 81f59c19122dc6bb5364019fd575281524aa200b Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Wed, 5 Aug 2020 09:58:11 +0800 Subject: [PATCH 07/17] Add test cases --- .../ControlPlane/KeyVaultManagementTests.ps1 | 35 ++++++++++--------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index d4d3b29de3e0..535c9281791b 100644 --- a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -169,7 +169,7 @@ function Test-ManagedHsmCRUD { New-AzResourceGroup -Name $rgName -Location $rgLocation try { - # Test default MHSM + # Test create a default MHSM $actual = New-AzKeyVault -Name $hsmName -ResourceGroupName $rgName -Location $hsmLocation -Administrator $administrator -Hsm Assert-AreEqual $hsmName $actual.VaultName Assert-AreEqual $rgName $actual.ResourceGroupName @@ -188,28 +188,29 @@ function Test-ManagedHsmCRUD { # Default retention days Assert-AreEqual 90 $actual.SoftDeleteRetentionInDays "By default SoftDeleteRetentionInDays should be 90" - Remove-AzKeyVault -Name $hsmName - - # Test CustomB32 vault - $actual = New-AzKeyVault -Name $hsmName -ResourceGroupName $rgName -Location $hsmLocation -Administrator $administrator -Sku CustomB32 -Hsm - Assert-AreEqual "CustomB32" $actual.Sku - Remove-AzKeyVault -Name $hsmName + # Test get MHSM + $got = Get-AzKeyVault -Name $hsmName -ResourceType Hsm + Assert-NotNull $got + Assert-AreEqual $hsmName $got.VaultName + Assert-AreEqual $rgName $got.ResourceGroupName + Assert-AreEqual $hsmLocation $got.Location - # Test enable purge protection & customize retention days - $actual = New-AzKeyVault -Name $hsmName -ResourceGroupName $rgName -Location $hsmLocation -EnablePurgeProtection -SoftDeleteRetentionInDays 10 - Assert-True { $actual.EnableSoftDelete } "By default EnableSoftDelete should be true" - Assert-True { $actual.EnablePurgeProtection } "If -EnablePurgeProtection, EnablePurgeProtection should be null" - Assert-AreEqual 10 $actual.SoftDeleteRetentionInDays "SoftDeleteRetentionInDays should be the same value as set" + # Test update purge protection & customize retention days + $updatedMhsm = Update-AzKeyVault -InputObject $got -EnablePurgeProtection -SoftDeleteRetentionInDays 10 -Hsm + # Assert-True { $updatedMhsm.EnableSoftDelete } "By default EnableSoftDelete should be true" + Assert-True { $updatedMhsm.EnablePurgeProtection } "If -EnablePurgeProtection, EnablePurgeProtection should be true" + # Assert-AreEqual 10 $updatedMhsm.SoftDeleteRetentionInDays "SoftDeleteRetentionInDays should be the same value as set" - # Test positional parameters - $actual = New-AzKeyVault (getAssetName) $rgName $hsmLocation - Assert-NotNull $actual + # Test remove MHSM + Remove-AzKeyVault -VaultName $got -Hsm -Force + $deletedMhsm = Get-AzKeyVault -VaultName $vaultName -ResourceGroupName $rgName + Assert-Null $deletedMhsm # Test throws for existing vault - Assert-Throws { New-AzKeyVault -VaultName $vault1Name -ResourceGroupName $rgname -Location $vaultLocation } + Assert-Throws { New-AzKeyVault -VaultName $hsmName -ResourceGroupName $rgname -Location $vaultLocation -Administrator $administrator -Hsm} # Test throws for resourcegroup nonexistent - Assert-Throws { New-AzKeyVault -VaultName $vault5Name -ResourceGroupName $unknownRGName -Location $vaultLocation } + Assert-Throws { New-AzKeyVault -VaultName (getAssetName) -ResourceGroupName (getAssetName) -Location $vaultLocation -Administrator $administrator -Hsm} } finally { From 5b60c7af1b9be2cc79d0eb5bc6195c46db04da50 Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Wed, 5 Aug 2020 10:05:02 +0800 Subject: [PATCH 08/17] expose EnablePurgeProtection for MHSM --- .../KeyVault/Commands/UpdateAzureKeyVault.cs | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs index 0bc51a4266ba..47d1f9454bf9 100644 --- a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs @@ -67,25 +67,18 @@ public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase public SwitchParameter EnableSoftDelete { get; set; } [Parameter(Mandatory = false, - //ParameterSetName = UpdateKeyVault + ByNameParameterSet, HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] - /* [Parameter(Mandatory = false, - //ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, - HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] - [Parameter(Mandatory = false, - //ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, - HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")]*/ public SwitchParameter EnablePurgeProtection { get; set; } [Parameter(Mandatory = false, - //ParameterSetName = UpdateKeyVault + ByNameParameterSet, + ParameterSetName = UpdateKeyVault + ByNameParameterSet, HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] - /* [Parameter(Mandatory = false, - //ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, + [Parameter(Mandatory = false, + ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] [Parameter(Mandatory = false, - //ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, - HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")]*/ + ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, + HelpMessage = "Specifies how long deleted resources are retained, and how long until a vault or an object in the deleted state can be purged. The default is " + Constants.DefaultSoftDeleteRetentionDaysString + " days.")] [ValidateRange(Constants.MinSoftDeleteRetentionDays, Constants.MaxSoftDeleteRetentionDays)] [ValidateNotNullOrEmpty] public int SoftDeleteRetentionInDays { get; set; } From 491b8548e76f134ca3ceaf964120d64b781d3c53 Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Wed, 5 Aug 2020 10:39:18 +0800 Subject: [PATCH 09/17] correct indent of ps1xml --- src/KeyVault/KeyVault/KeyVault.format.ps1xml | 142 +++++++++---------- 1 file changed, 71 insertions(+), 71 deletions(-) diff --git a/src/KeyVault/KeyVault/KeyVault.format.ps1xml b/src/KeyVault/KeyVault/KeyVault.format.ps1xml index 5b5d22479e59..f6d8c7b4843e 100644 --- a/src/KeyVault/KeyVault/KeyVault.format.ps1xml +++ b/src/KeyVault/KeyVault/KeyVault.format.ps1xml @@ -370,11 +370,11 @@ EnableSoftDelete - - - EnablePurgeProtection - - + + + EnablePurgeProtection + + SoftDeleteRetentionInDays @@ -395,72 +395,72 @@ - - Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm - - Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm - - - - - - - - VaultName - - - - ResourceGroupName - - - - Location - - - - ResourceId - - - - HsmPoolUri - - - - TenantName - - - - SecurityDomainName - - - - InitialAdminObjectIds - - - - Sku - - - - EnableSoftDelete - - - - EnablePurgeProtection - - - - SoftDeleteRetentionInDays - - - - TagsTable - - - - - - + + Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm + + Microsoft.Azure.Commands.KeyVault.Models.PSManagedHsm + + + + + + + + VaultName + + + + ResourceGroupName + + + + Location + + + + ResourceId + + + + HsmPoolUri + + + + TenantName + + + + SecurityDomainName + + + + InitialAdminObjectIds + + + + Sku + + + + EnableSoftDelete + + + + EnablePurgeProtection + + + + SoftDeleteRetentionInDays + + + + TagsTable + + + + + + Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultAccessPolicy From fbcfde8ddc315a5ddd177099ba8ff7fa09c28f53 Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Wed, 5 Aug 2020 10:46:32 +0800 Subject: [PATCH 10/17] upload localfeed --- ...osoft.azure.management.keyvault.3.0.1.nupkg | Bin 0 -> 290850 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 tools/LocalFeed/microsoft.azure.management.keyvault.3.0.1.nupkg diff --git a/tools/LocalFeed/microsoft.azure.management.keyvault.3.0.1.nupkg b/tools/LocalFeed/microsoft.azure.management.keyvault.3.0.1.nupkg new file mode 100644 index 0000000000000000000000000000000000000000..68ee0f7bc3235328dd426a723fb18850cfd7956b GIT binary patch literal 290850 zcmb4pbx@p5@FudrVnG)7;1D#y-Q6WfaDoPRcM0z9!6mr6YjAgWhsEvo`&C`l-G6sg zJNwSgJN-`Y^z_r+&#sazEC34%3JM6N#rddo$(Ef<2@M5>0Rshv3>npTFtKuEX8P|v zF>cJVj|E-)A^1ITN+6zSHB5IWh)H&YI_QFCW(g;XM9RVZ`3{?n5wUQJDKyQoIYrBQ z<6m4Ri`co9Br-Lv@RzI^m!qS^XDw0A)0ejSPcgAK@EEfu>(RbL!O!dcGR6Ys2H}=A=3ukpDZbtwq;iXn`*G zj0}tC4}w;ee7Yxe_sW5(Wn3ca&6PjHpJZks2Gyy8Y3bZmh}Y?+lVy4x^dcI|QiKpc zezp519l(QVrMe4|xo$ttezu6z*zP*|yC}nOK|HI5EkZxPLcvwsK;!adxybF+S5+jb7zI_uhbd zLJ(0zt)@2d1i2wEN1R{aNY}9jSk0seV6kz>YswakMl?*2-Vr`4r#L~}sm9}xth9OQ z1_hY@t0~gqvV0QXkvue>SDW52>RV}XZ(>EAIDjLf*bzt2l&2X9(Bb-3gheDClP_iM z)+NZ8N`o0ba;&Kb#=D0doeDj@_i2jvg9< zh%^oBZSNP*IVgJyt_k==75Ft>Ud~QTy_dB30sI$hr~Y7qW*T5{8!JExKSJN!%Lt|ZvrP`z&%m~Y{MT8ps6VHqUe$R<$^>r zjC22U@knA+SeD#vfU`_VFAwfOJY+mU;UN@FK|!I?5Fxl!8!Z7d=Zhp#L(STS^aQbe ziwwUM0KEspb_#~a_eP>zZF^?@&QV5h*NMRE8?$6=13gl${{*ph6tyz$8#WiH!mslA zOvwY|>8#sPcTp`Ag^!)%G=iAu#n|`$cYF$*9YQ~J{V_>&;&96ZOG8CrK3i(}%%k>A zh(dZbYm2CJqvo&Op1;(461VdHFXk4B%?JK=jMCT)@Iur4;n5dA>xTC0=f&V7B%LVZ ztEVKa!aajFB(aKCekASt+})y4j8{hfjXeKKl`?GkYxg%?#Wk^%+{e+fsC#zQCq3p> z&j`3>3P$hoA1^nIjfuC?kzL0uu4h;p!M%sW)P~m8{tcsC`=~g|)#8f-0%v<-LBz5h zFpM?QM$iwATp3y*`W^0@^RD{#pp~WbuYXQ67W=Lu1@dMqq3`uz7qV$vBBL46$A)KZ zII9Bg%Yu%U3cJ##xw8g}3y!_7DbAK2{s1wPr*Va`Z@?MIdqj3-zR zz^{p!Z-uG9N;;;kr>Zii^PyCO3UAT+^RAh=V@f(l@r%zqBN&dfbO0d+Y^lxGe5IN;SM4kn)#){4q-V{8+5ZaFwH6 z|8(Gfm@L0^Bnay>>_Vzot`EV(|J%7WAxOD{I6*`LacUw+6NWS^3nOM56DKzIugw21 ze(vCG<78oNVr*+;YGKA?>1bCr{}=yhW%W-NA$3k|al+Ka%oRa%35h`p0m0>X27skh9f72x z#*j;{32#=z8fnxcqDsdh#GqMipwYkK34MlS)VHx}*7s4r7C-WDg2`u-87*TkoAROk zFmo@P^TE{Nf%}M@W{*pO>GkccX}7|k{hg5fRPMvHM_>80L40C8n7KhWq3%J}T9Wiz zVbOTKo0Y@s@7+~7o}D0&(d?=mUzz-C0cb^zJ8!&_Lb8Edz-3Q)oq#>uDVFD+@Pf

P4afa!m&8wNT8Rx z%OJovG;&SsI^V=J(AMbtcMXu4zFL??C^G{O)KT0DC)-05As@a2w2%+q0^G@go&nXs z8-C$VAQGRjKM;vuI1fmkO-3F7pPlOuB=86bAvfPcBnZnL22Bkr*wAvWjM|gifR%vq zDa7ka^$koj7aXna-Q!UtK*GFQ^B=L_Ie!O66wTKMp5xmcK=GO8Wn|zItBwgPdSW|U zqcd|nT%d?>wt^VS32#=SdXCj~vxh9VVJc7Qj8B}xcN6dJvO4y)?QUnZGft~8$6@kk z7Iao9_Rh*r7)Rw#|L`nEruI!hJM^^Kj5ky>x8jm)E&Llg_jdEdw~5(1ceL~L-4GyZ zlH7J_|3)8D#MrBSJ&}d89?ZeqEpL9-YjgUYo%lL-y?Uy?2xN2VzskPaXF60=Lt9C2 zl+^-&vR4l-H?6VMnRf~{sUWm=DW+mej?+}s0r#H3$Jg-oeqA6OW#`?>7I6Dq8*N?Y z#iA}io9iIDvw?y+qO;RHA}Fl6 z6BO?|&BNJ}wBSC{Wucpx5kz56!JH;ai03DDgSPS``;~ZM8<0$pxYw;<{<};jGmTbA zU%ZtoTR;Q6ugo~LHpRo4rg+-^6S{mv9>?REJfu@+g-J2QfLOsG>@HZ76bZ!}!9GIa zIb2NNczRI`jP3a>qlxOq6>mjpNf4hdAtTRJE)1==ohxxXg3UiJrWkx=LGMA&&p(dp zI4Z7)e@v(0aigi&!XbG)0^-jSS5yN#VerpqXVWjhHknYibQ~Rvc{FNx^j09iP3LK& zt+}ScOHW4sG0Q!|XYhc>pGS*5c~QNCRl9rAd4tOLa3;!NacVPY?dx+Y_CNmKOgG3 zr(ir-@OhrBU>z`Xak8?S^TcV`s==~Olez#bdcjB9>zBGA@ps@9ZjltW_@|`g*P?AS zs7df#lbN_f5?rWR%}1$8g2NC4OqN7#;-l3hA!9(JXOPDm3k>;zm5eEvtcpIi5nw`! zEL&>eu2RiMrJ0SxFv)_GD;&263fQ;ry$R}7`KPIbzOHD9$o&@!2X((*jW!65=rR#8 z85b}X5wK4M+jkqV&E0#|-mBD$m)*o#(B=ZNs9JaEsa9aAz(pbKC#`Z{yf~GJ)x%b* zLNC$4E>VHMv;6*``jxQ=sR!I>;33J<@g;TRmc^QlrGqMUgHq0xPR=Cq_^;JP@wb^x zMR~Ycgn(nw9&nt&^HOsT2Xf*A;;1QHVP>9H<7M&I>A^pgMfq<%H)#e>I@Ml=I-EI3 zA&f!Ws=;{ytX}Ek4W2IWDC2N_oB`WEdaknkw}16qVH-Yb8=8;eb$-X2nO<-VZsfQ& z|6)yxk`%B_({mMJ@R-Ibv_w8a3fG4gv@IE&hi@zdEuf+KR2e)+=+d&Gqwz@h_cq?W zvQkiNbzd6yKWA)yKhP0Gs(5Y+be09zx!e*t-J09q`VZE`(p}{-via;|Zed`~gqMyHa)2a?JUFFeD22O= zOf@*57il4C-?$Kv7iD1n1#d-~VWn*b$7wIB{U?G1C&_dJj?-VD?yulVs(evluz_<9 zDZ=y0@6L@swg}UUlHj{L@ZBvKbt}rQR`81e0Q&)RfM434xzLUGdnC+R{%D;GCHoI`@4^yeF*;u(SH3bAXz@pgCxA>|Ep~;467t~t%1f4&Di&;fx~&;3wP*Lj{4JjEcEmKz(YQJ^Zp}v7 zlSTMY#Yo+B0J}1nrDSM@d8pZ!vzvN>Q_7_xPWyj7TRhld;x(!7L61;k_vB# zn(-3@aZ#ZKt2J|~DN<2^0godj(9H*kyXB?MchoVshMD%O?}O&Vt}y~ zSR@OWEetsR+T+A6>VH5NuS2ec14^Vql93Dv2slD48%N_!k@D3WdqVHPA^x&6b<4r% zgT_?7TLGV4Prm46HM*1HwPVWgK1^dXVRST5-Jis;F+gL3u_;KSP85vXNN)OyTlJI z#%CKW@5P8tLa|MH#m({T&I}aq#jwt#f=ix4W_q-oMuB#Tw(w2_@lEaN2friFrP+tr z@)y(#T=rj5<8LzZX5Ry0e0|k9r*Gqr+=apIv>tlb;C8Fj+x8>(XfR(D*eMPH(>i*z zbX|P%<&RnZ(K4lnz!li){`Da)MOEK4x|1e-lWP2uZd|rv&!MOQ_alQf$?or9?z6*@S-|~4O0T;7V3KGz`3d+%f zgP22pGl#UFv?1xE9G_sLo$lKUm3EcR>G#}CkTKETC98Cplx^7b!qse~Npu|LY^Yq` ztJq4GHYIFb5Mh3ZX<_iyh{qF)DSN8S3DccSge&@k7OkNZ3OHuA-|QO)<0y5JA>&Cv3k^De>acjChLvBG!R!uKx)?_-hA z%yG{tN^dD8&o2&dDS&xFrIRk{lP=|xF0B)NleJJzskcSdH%`cH`!~+VOVJA7*trkC zIp40ikKDPgg=U*YskaB^w_j>+Z!Pca_s(OP)^Fam#Kr=a=o{~aDca)hF-f=AZ=H#oxXKZNmzm6T#VrYr;!!CT`>0WwJ4BaUZh=ebd&9!!$oY4 zVAMy&wc12(Bn7O-1f0`I)S}0E(MWYtQEt*v^0H!LiQ&FHYv4tM+^ErGB`rzAid(Rc;X~@u))D83W z8_n^%>@i7itFoVB!Gd#Js36W{-u)M`7nLtKp5YftOs5lt&Ng3}HQYdd^RE6yx;HMp_~sv2NY^oJ7F`dJ2<~6Q{lCuhtLNbazgadUajW*W`IY9=Ybfq z5nzY_E2`Kt703cs!*el1;SXdvJLtP|5u!LS#AC#JMh<}vFdWiZPrd`8cq57m1{-WI)nq{-M+w9Z;m7YYaGt#1x540SMSKyqiC3X* zP1CP?M%Qqkjh@yB3_!*mLs@Bgf@J`md%!Dvls$D)FvwduVj-DPd7r zN8{D%>p%`0|EMEHU{S>w`-Pp?6Sn?RzlN+K8;KDpv}e*ncZX#SD2vya4v!%7Dfng4 z-#^x<$%7{4Q^W>RgR}MV%(PC4-7zH-TPb~2iB{Bw#b~){d+!(u!4Qt&erL18rtMj$ z;F7g(*s6!SKrSje_#V(9UL8o2i(3E0F?p~$ebBXhAi8epCSCbMSiSF&^rsPQik#TX zR?7gs?7g$S1@n*TrNY2wB~5iTWk-Yzr%<~q}#D; zzH838!Xc^u%HnpY`&v5OX!bJ;Un^y7Jr=zu`J9$|8>B@huqfG8idwa~n)(R`MU zTLSim4)X4I8!%I%yXC&#{RY1VSxD^<7sDo$6j?LQ7N`4M_Vz(~>I>1+fFmhwT#1Kb zXG$I!xwNhAKd9(LCy1Z0dknL;STKk#5I^DeU}SFrG33AikT}Z-NDi|nE_+J~gJ>Ty z8nb5_qAp)?g@z5@m<`^f4VUH`i}0FVYV$Ub)v;EC(AsYcPth(CSmYK!N1l3uSQNgc zsc2ULjJ^fb+e5XVqOOz?Uh#0SKN6%z?$}(P*W{&>A4NaV|A`u%RWyLBGe=EfVvBP1 zw5E)V7yC1`|F}9#Z$-S@wq(7>RTb6WQ5Ll}U_)`a&vBzy6}84KPv}n0+a5yf6VLUE z#k&1-5&*F)UG^3hM&=2k0(OrDL|YYXYE8psR=sj|ZEUEx$ z#aOH!?-F!4$lkI;CM&qsDAEU1MeXu5;si@Ym%D+;1kE>UN~!-DgK(-5al;Ui2ZFRn zNFd9kWpBx0WbPwQVD>Ekw@g)~Y{7|R`>r`fgLOxMKclgM#;8_ZN1Zt=;Lsz$QQR(@ zhKsp*<5%-WlFsFw%H`9B7GzOmz8*O8)Lq1b)VpZqyN&+44RUO~GhzioGR-4I9QYhx z-W=cJ%&uYHOb(&yB@jdM?KW|vUCNjCObl<~l?2a1EnSN76YbI~hf6PrQrOvBNEi%v z0NFr_hw8cdf4nwY)uE(jve`e;1R2d3A0{B?);UJ3#OgtU9O9({zCCt2G~vKYx}UCZW!dXk-xIfXnqQ@U$K}TcbItF;I3D8 zf7Z6>Ts%2=QJ!3!62}koN!&Tb-aF;>>J%8hy+fK^bY1H7$@G3}K0GztJLQM7M{P&M zitddtHB91l%+IOm>O%MRrFwstU~+KNWkM->Cp+jkN|Pica~lD*QwF5)_l!X}Y*0IS zfChh0Ik_eT;9x6%U!rP1rv3?L7|IMkUD9Ns-v2rp^*(z4N`3$O`Tljl<(1K;;z13< zRdKilppv_dgW9PB7WsQl$=&)uQ}AR<>G1d8{i9Ct+B0y);I^;@VD5`F=&ZNee9(Q5 z`t1DpaN3mJbQMe8W|jPJPW0NNg)bc_Rpu#)JTco~Zp!4^e6H>4IPImCPC zmD~uBE}iWiwvxngH^|Iecsq+?y4G(+BgpD)?C}D#aja=sHg61OB=(PO$4uTE(O*Ph zX(DGl`Zqc;x08CRr_-_9u(;i{&{zE(roqw0VH`qNl{9V|fJ=9nmF^c4je&#=JT8wf zL^fD@{3s~cqpWJpja4jJf?L+29x|AIg#339+sS7eBq;UZsL)j!zm3ZTFOnV~-dSsj zd)@=vxuq7rUWv6P^Um@R!BI;hmVEh({Ab-l7cbcL`S;>Ok#nFqsWxZiJ*fZE6AI!~ z8T>t_7+zb50_Z)V*;}F*UVDfFm_0+;TgDh(JBR`pJvfTh;(#2F07dbuG@3^_K#pg? zr1(`ZO>Ptpzr)dkpO_9{0s0YJgo;;Dz|K3sX80Db;#C%~^8v6Kv4x;`6$tbJ0|djjXcVs! zfIjyC!H6wf#j6OQ&mEvEd`l4G=*^6L+5?`|_GqFxsjZ<1W6ms^`Ut#Z&ee|IRe@Pq z$q2>2NYRp&UJvr#<{IH<51Hm;A@h?= zFHV0!M<>uDg(Re759z!}Ksq-4i%-4Stav;Ti3dr0;yD9RYw~1&n)e+@<^X}paS~6D=~m5CDyV&e z>K5vkdmQ5>9}5662;@J^sQE<|~@{1YF zQ`hI0uHSEhh_4?6FQmTkr_@)H)iyA`FvwN^{yYuEAL`%z(?3k>((~-hOVyWQAq;z> zXgHJ|fNkE;?kqlp=0mge7{6)HBPh|Q{A+pdZ*RPzc)YgXv~3Jx;(j8tRWmHdw?_w`(Ai*J3`<$~ zNDF+j??I=R`sH^nF4H$)*xOHQEYw3zCd?K&ncyXY`KooxM?_D-8o46GE%>Q#d$xO^ zdx1Ovjo{u6Wmvhum?)&Vc)$-wy!Bw#MO}|bBB6NOO+CnGk2Dne$bwxcf}Ay1Bu*mu zTF{Z7j|&DT%)58zlRF8m>>6@^$d5>G_8&(#Ux~EW8@V_Iv~yVg@qR`^p~r+>z@nRo zg4PIE16MFHL@I`g8tb#Tt-)Uv_lDyPv~V3^_t=+8Q8d913sbfbw{>E-kRV^D+5JSl z3X(eeaf641JaVz*x}wjbK)}REOVi<5ew9FJ<&!a zbi?mNiL${IF*~d;Dl6S3`31sQnDRmD9LP)C8uSjD!kuCLWQCGE!UM6x6uMPwYM7Nr z8zq#r4KOR)IC3oAtADS_e`Y=kheJ=H9yEWuR*ABiXDYH)k0tMnH1<_h1!!@rtdtZe zV_`ZL)Ei3o(e9~LVfSaOGTNkCNy@{&MU%ENZx;raMO}q}xS(7UIh@RPJbrPv_oRyc z#mGir7bYZ)<3-m->LkU0ijEam!Pt2qW(ba!J5a3&rdqeDc*UVKB%AC#eU@^<{d z3cz?HG*RXze8yrsN32Mee`?&?qenaE%|XwPc5Ww)c@!Ad?wI;IoF+_q4f;2oqXmy;Ftsj}uX zKN&)2sg}aRK9gVT8D4H&m=hPf!ejz{I*RDwdC4&wKF4}w@c;_l4|0Vr6|(|oI9S;1 zzN@3OlPu4*)$`Sz?jZQN>xkOBqgJrAtq2Pdb7|8Hh{Y@UTjk27Dd`waePg^oO8W+u z^06R;dB7GBl@D|d<7?aLx`@5ZQ=E54Sa=M8UYh{3XX^TYsSmyTsrkUMH_ZM$@T|ux z;#cA-AM++%KogchJvu`VnkUrzMEb98UhfI@>SHUve`lh$;P-s~<0HHB&Nk$$4YndbQhbfxYcRDP7Y zQ!+r;IQ&sG-13;0OIu$TS9DwKPeuGiyXgl>peN6cG2Vx$z)V)(LSXL#|L+*5O&o!l z4j-=qPZrYauwVkGs;C&XUjiywAu&#hLy{^kk4X!mF<_KE3Uz<4AQ&+XUk^cXd`8w^-O9Iqe@4u$(^pnpu{yjMZY zRh$3^>G9qnh1bZ6rl+~UOy3>_5*JsOMzU8y)d2vu8vHrMZ>uJG?XuKubxa9L!Qs|?& zpSCg zRo%Fxk{M7R@Ah$6_KAeFhuI(cotT}}9f(B?PpIFwc{=q_Gv01YqhP?BFj=kS{X56? z%V~u|Iw}bWVZ>{ud7`7itz>e6&Kr+0~c7XjynTQZ(>zGl)p&x(CZsVecX| zTMd%U)Cj;VE~(kDZ4sJ~Ri{5)(lkd!L4$s_)1T87P>>2h@VyL201B&2qC5f6l*)Ky9)I zE9(<0evblff zj9HJ|F^DWOF!=m#=`U|1QAoo%ETKArD#P#ajoxn!>ZvqpEfR^EQ=sN5Qn?{6*5$$F|FJPU59-zJfKP^R6iE2z@Ou zOZ`LtN}-Sh@DE>AV~6$Rt5Lq=Y-~@#VulIRh*Bo;M4=QY=zK_#I*Sa7&6PsiaRl-h zs_x@(N<|lkBnqgZF#qee^O~3Ny0-^4!#3~yyXJ82z0IXAQg9j)Z5w*{pq0;(fLEb` z%@fXwWyNr&r>FZ`3Zh_;At}JXnMMGYb6ki6?Ga-0(-4;D!q9P8oh|opIO7R>2YIxW zX*Q@Y5{X31u-t%`nmh#ia(QH4(TO=jH+JHsnkU8T2*0%1d1wQTcZyK-R8)*+=s7wm z-G6g*_79+~s#~w6xKUjA5%J%m^9CkdQ)TuuXzFG2VipJid?WUIDj+Oi0B%tw9j{_>BK;e7AX zsM$UHOlgt_C2CD$W9^EeLDR3UnV-FtGrZSo+*4b26AUwW@97OL+zkB3iN}z%HmX>X zRI@+Tx(DMFug#Kt8*{c%%Eav2|KviP$Gtx=^?Vl+6?OGMWH*`-rb?0=qDqntX-t_n zSH6C#3MhMt%jm=TELbKZ`E-$zaG1mSu)sY-I>5~p77RCQu#mzHhExT&;6}w&moOO` zGIea|M+V~F&rgG_SSSqro>(gYhnq(9;gLIv*n~jD0!0QL8wYE^jg&lDjGQPLO)*6* z9q+5msVG@-Y!i(Kz`+RJf6thfFN{tY;NY+h+$#`*8M#v&jTcfthjHg)FA7ES=hFcV z?*?~!3 zVqM)Mz!%31HhNr$%$N@F^`K2p9%kevTDc(|Fymq`2O1tpCnchI-NKV6Gluu)i&og* z|0z$VWfw^uI|Kkp?KXn}D&nd~^Q_LFWAS170JS#$+z?|6z@&|Mi&RB701H|LPAv^h zOp()s-e+-=&200?WA6)HG9mJ50Ed9DJ>;?46&v2T?_64syRriBcsTEFp)rDuIPYBl zhDaTQ1YLkzF+%}oY#D+iCx&Sd%+h!Njv&HZgvA>H}*ef!Ijjh z8}c8Vvu*fi&w&5Z=xG5DP73~xK*N7f9-%5R8{@!SSD|3beAjOQ$61ODa=#?3!53Ka zmkP?@O6aLJc)3dg0%xe2nj_uOPhBc;eWSUqs8$|}-IAB4CoW@T1~dqmERe`DNDVFe zJz+O0fB=AEYxR?+Sk+j}(ShCJ`t)9%kWe{fh*-$LG}{Km0;!LTU?g10>M^|pC#C>r zdqOa#WNbi9dudh>3lSVU5Rbwto==p*YG;QAf)6CJ#(~ZG^eejz0`8u1iMFc z`n4PjK_stosew6=Btg&u#YaT22zFJh^?v&t_ZJ~nR^f;SIW25*N}?ltzdu)?SIxG` z$hU@V6B{rs8&PqI69la=Z~uKeN0ACiv4>|EfaYWCmZuCH){wSGjAstg)G>-@PIQY) zKc>)cXU?-^A4xgi&`S3jpK4+M+`^tWf=j}c4_{WisIg~GsjDev-kSs@)3Kgs75-VC z(XV^D1U}w2_(97oQVzyML(r)9Q+FbBXL=75B4Q z7pU>ZdhNrrET(sZSDfn?akqd*mufvURt_L3B=?GHUnlczVk{Pf?2UipWmCkQ%VLn{ zQSlL#hg`uKQVm}@>!W4f$V|GU^>m#Ud}5OK$XJakeS)LwpO)T8xBSoW%RxN0W57mz zS{Xh3=YSDgeXOZ^Y_e^_;Gih<;;`=`3&ykje6WpRokq{WM zMJW#3l}swz6&)$gh2@)~@#$yz4CH-CJOAmJ{8WUh`_C@os*qoj=0AZ!q11s4j>u~J z8}cZ0$buD{^(|5x^)15+9A;0O_1m%wgFG5E87-!@%H2Irw^2V6=t^}e5=Pfr+b#Ow zlc{knVYdsTjlmfl$oqxS!7eJ?V;?FAFwUUcZ|xS2_M;gbwAbWcCsWkiHg(j?)6}du z^&rwjS!xF|Drw~jqXUBw$s;wriD^YJLuxtb-`W<9$8Pi4M*Rp6?f5r@;2h^uoJ2VP zyz35&gc0YP3f@hRg@(XtA;Hs~BAG%nI#30tb^Vg(?4ai)HRa{9oc*~@_$`_-(|YW$ z!!OfwUjc?}cd&XYq2}_YM;Z8nL2GX#Z+70DDVR zblmrt`q2Y*H@h*#V>Pnx(?o5Fe>Ek(GoX&v$Tm?8G5yt#)+NX^_BN7smHjnVlX6Vt zsg+LD#-;ZrYCma#@Ew@cjDp3xfZSHX#zh;t%B7rkKb zDOI$PEwQ~gyE_1<|7~g;V&=e_{1(xH4U8E}s3BZt7vFdIjReK%Ed;qMRkkP@kyom8 z;kimfc^ktU)35Od+-NOass{5##%lnXyqFWy7hX0uBsG!EJi6aKgiUeq8I7R_&DFU) zI^FWDY^Yl;No6W{y_?G1Y7w{ju+y!X$w!kd3fo2waIa&o$$GnNxPn`8c}KZqf@^IK zI5C0NwBj@Dc;Qb$9Y=a$Di~=G;?i%+=w4n~?l-DqEt(e1vq4w!(sq$V*Wv`2c>oYl^M zg_3+??Y+qrjiOhdZCEiDyDNG}!!Nv~?zPcH_GMEik5%LtR0l{Ebbv;7E@wP4f6L(IHx%;6^W-psCJ8OunDp$D+HS*> z^P2oeOv1)c`l98Vqt)A3(2;x1yI9S;N#nc8>hoc3!#lTnsYwS;#GTa(zQXp?$~`i( za-*Q_s!gM7Rmr^#@p5N&GNJhs!OONYSk&aNYwwq{P)^`#`A%r_<2LGjAK`u0l}saK zxJ>0#VQS}WrA=eD>BW{_uwA~fOLWZD;)&$Nkm5N{{I8E&!drD%bqAGC35KARk)T!W z+m&gfkDIEx<&$tk-EH5G;9n5B`fF%r1qz&_m!+YchA&Tx0} zJ!gI?D5f8rdS4%-vaWf#cbjqrN;hA=4_9j3;u^wC{{c{YsEKxc`oo-;1{sO{jw9moFPz3TA*n8W!*_o zCTEWB@r>VZBX5n~Tjj?&lMkmtEdH&UKo7$zg952>d-4;2G}jZ4!J2OJ{`x znF|FAqriZ<|M*=n)sMKN@!(iR9dL-ACM`>`q&!CH^tQZRz=BJ1kf^nJg7Zw!np=O8*v!`4;B$e#tIkzw1Tcn0{`|jg4DV1(dS++$=C>dUjjXI3PP_So( zwZLn(J90O?{LJ>n?4>_mz}iA+V!~B@VsJb+^Y6*k;aMWFPvPCjGU|G6X4ImvYnd@e$o!@XQqojt;Vl@1{{;iM{e29s&C_~VQORD9hVklTz9SU0>3 z$uergB!Jw!rH&jI-I-CpD9k`2-^^|y^n`fYp4FNf_YY`0CGgaN?11m^` z)B1xN1pnrgRVP~@%v?k0^mWQ=3Zo>W+k}IgaJw~ZCoyx}AsR!^)pX*(8#R&Sn_0qm z>4;KJ{AaUOVY&tGj0*wi5J6MgVz?1%p z@2J#VMk1+YP1QaGtd@)ALH{4h0-4nyDC+=xP?M9|R8=mc56%u3O@eLUA}!9H^PVZ@ z4mLaP3`b^C@y2$uqV;HASL}1)bnNg+mq9W`ZtSGe-Yoilno)DNit*>b=#8Pqhquv( zclFtHS$k7X-BPP+z{s2Njcxp`aZ_`PD`DjRI|N9~^W9gns~?fxO`$m3i7T^Sj{;Bx z`K9Zf1AX^qCSpl3YxW;^&2@%~#k~Zh2PvdS1*2U+=TVlGO7p;?NN>rkDQT0DbGiae zr7qv^0L+IcLD{thve@4tab;-O2?gFrBWGI_X_|GmH-T`@7xo?$n2&ct*q=@hSzdSX z#caboIlyw&{hn;#GvM?3zW_g`zi=N>On+&IO1=%y5{Sj*`*^gI#gZ@s3x=jEj;~=7 zNF)P~Yalhxd@=#MJGeQ&Xoz@rYS)~{BeS-zs$KxxjNCwo>;-NPq|W&dhst>gJ=SE7 z>@_TNw2}D*RA+Z9MPk}kz|Be0F~{G7lf!J+N{WVjg5+XQgS4iMC6>6Bp>*0b;tH!1o;mj8SskM?Cu0L|940Rtgbb)dy!7!T8YeW3gOB5>;1d4CKkZWp?1Y2 z9Ilr8hYG+s`7M>TtT+-19nNX~V3N8_~5I30(;iz7(^w8ql#mDg4FpmLj{?oh<+3o zPGaVeHML70L9!}b0+C)R82X!tC=?T;@+tvA5lM<)*Uk2=w!;;}#x`ERFFCs_U*Vhc zAy=vRXxQaQm>JDo3p#LnU;avm#^_gtV<(is9! z|Av>LcJ~lRKbJ(RKYisZU*-a&R`(8&R^R-vRbl@P%b5xj8k`t|{b>b9g}ub5z*32& z^d>BL6QwLl4Rxx(Qiwo>otC&%=D&oRRHXsrPFQ95yntc@w0irCFA&n3(0!h0JB}Uz z-b}w%ZG87nj5@u{p)xt8OSGnCZ|MlC^*1Z$*g^Qd-mjErC2BpoFk4{7D`PxqJwPVE z{EVQ&0pYU~qab|tr&*wXZB_(OSATc|pc1`l?EYF(se7@y|6g<3U(#zTZiOA2Y>1MjKM}G{+=d%ucYG@|oiE2rIh)N|4BIOuu zcrr|3x$RT*ezoho>Ra`Gy)veC4R&U|>go~L0PaRku)Pqn{-(m>XB|raa6!5r+^$AG zTN%Hb^ljr!>qKCDDA?DlUn9(_`Rzfx%l#GGGHUUSOP6y^lT{(O70ul^XiPOvFW1a) zfS4->P}!7Bx~r?=Ml$E*@M*la)z8e3U2QV&$#%BnKudGBe6Z=$uf=jxL*hz$C=u5( zq-q>oF~zYFqxT zF=ehF2Y6r=EeD2R8##lIgC!`3PG2N$L9*b?7@54Cd~Y?PU&&}tZ;GXl?>%a-eg^ac zCm$K%F}rwC#dwCF_uGVa8-v4R%1No?8j2ANHX+)7^nx&ua`UwoPe~}nLo6Wmy z|1%!~GqENRm~k(W0RD6*A+Mke3PsWqn4=zhc^>)tUygH~&Je>nQVU6O1eeIhIPo^& zv@N}GX+dEEatTM*&Y!2P+$?VFthrb!p3=ognNUvcG7Qg8%{0yZGPt;8F{A9(`wi(R z)Axzm0=+09#@6tV!{ir8%{o#28f(t08ES#auK;Se7MUCTh3So#a0Ezq{ORa6o2HM)Z{1jE4pwX+<5*b>*A###p6?6ITa{_R0jxg!#EXw+HP6?dSaU-{I3Ek{%$L$oTR-mWpo|#urWBGu#LS!shVnyRpnBQ};`;g00FqXri9d}9mFF2PWgTg?7lN25UD#J&?2F#syA zp;4&IF@w~Edwbga7#d01*^n}(G9n%9lbZL+l3=AcbK|6)-Q$xQ>~o}4PHI|BIzefL zc-<#*-IsP2`psJK-|zz3H?_iK(t0jlK}svZJ)VR-Vs8H~v``;A(BY98zZ-O43;rf& zNaGiYNsqB_{HNmzw-v57>1G{{`&yT4R@rxAu7hT+$W!asaBP(#Jf&A=V_gt3ESEegAKDK;Q(kRsx?hwaUw!QLN zmi<%$p(EKCAavw>jHOS|Yl$h@zk_m*AP9$L6opPQk8`S_%#}W(qb$jb;(w)ZLaQDm}xi#6<9o4gXqImD3y|qvG_~hb$`DI}< z?=A&?uQLc)m1IP7f;IiplXBPlHj(5u&Pwm9E?R)9k0OmYG59&osJDYOVuaZN+G1^43^PSH6hiHv-(3vE7kvan30kWImz#4#kC z?!{U8-_eH?2O-}%V%nV8g6Tk8>WRpAoX?5PWF8oTG$U=auzTDV!I#{}O704l+nx#@ zatFPyTn0@4=(kv4&kjGU;fL#4`ASks@R`+|dQ0wMemz#v)*F<&bO4J>8hIe|7d1(x zZWxV&alXyA1^oL#E_bP7=%K+f+c&>(lhB^KO{X+M^$*M>KMBSum+?Q=Ez&6+c$yxo zdyWQ@5Qgg+#+1uZkTQsqHizxg?b2(+fBQalL$9qTKlY2|!Zlt$*&~o}j1PfvG0eCW z#YRWgJY{5S(8NP$UmJh3`)=VzmH%?fU1=7{$=Sz=DyAH-jJeo8iLK0ChpNMpNTXD@ ziaA) z|C@w@C_Lf%F(Kr6w^(ju`Q~`u==> zfAH+yvvZzvcb*f^c|EUtSZFgE>i$U)u*G-HZY0AyAuiQs_;{!0fz4J~lDGXT?&B41 z!zP8VP>!K@{j`aB@4p@oT(U>(c6=K$gb2Cj0kJ*1t+L4=dxVJl79VI`7$PU#3e=W1 z6zDA^dKeY{5UrcX6_<)BOOczA!sZ3H<_b$)`e2FJn zN7Rxn6tNc1spOlkatpPLaK+fRNr&8FdZ$Jn9>fJa(XZ6(s2%lp|2EOiax`-rt?!2& zt}OVbkJ%{D%+aYg96V;oB;R~DUz$b!+Q~W~{WcoCFZ!+hRQ*!O$A|b_J-=oXMVhK# z5@+i1B&%krRu%b>$$IvY>&B7Ieyc)z>ZaZ|_sl}RMR13e%y^%gYA2(hyQc5N|D-le zOqv_scp>Ocs z&u0kX+|MHPhH{ny6+|UM%vt87caTC0x18GdsJMy{Gs~G!*8x*g+KJ6djcye-vgI6x zC_9O3yLY_IjdyiC<>+*=i(Sz3=BC?l$vrxnmpu+6-w)#B1gzzccTRhIO-(QEnVB-F z)3Y5(j(_i)IfzTxV7uv$U9H~t`U#63O!oJ>qlI)85Qr8~pi`#@oDA2v$>;QJQ(ku@ zLsu7dy^pYq|J>fJ=BCV1{uHG@tT!Hd-M!xuQ=1xn6A0AEYUx0{ItC#gW>J*5m(~dHMa`#Ojc#Hgg zP^a;SEJvE2{;$W;=lx=9$^JzJ;Bo|y{rNFWkWY6I3(51Z%?OT;Du?PNL@_T`Ydn&1E=wJUHV&*51qeHK~H|EQe27ruNT~wN`|y$Zr_nwIBXiTp>FC6 zP5lgPcS35f?#FPs$E}^7HZ5cO#6!BT4x`%sIJ!wx_KAaUzJFfp2M?dr>VDHxrR%U~ zlDB9#ybAv=l1{&TWU{)q&V81yczp?JLY(7gsNzQpi86TVV)*iB!~nXMH#PA1u zM)S8#_~vgf963Eb>K9{EToX85=4Defeza71crB*moV@0P{P{`S{B%5?nK8uIBC4@% zux$k@PdJdRa~!m^xwanwtYVlC%~7%7ronz9bBbxo02=1sq=0W0k6=YVItauoH(VN zuG6<8y=XCQi3X4Rp|kgfvL%kci>4WI9re9TLq`5yhkc?gNAt&dcc!0X1`rMI9~9xY z-N;WIJCj`)Y|*+MN)7zqHV3)s9@N1l2nV0-E!f~d`WM%De!EBuFq8zPz~SabAVEox zQr7GU-_7iCPzrShtxNnMSlw@2I#C?*jK`TV*b+a^t{&RPyTDm(iK-+hL{0O2>*{@U z-xt~@15|GFd}PQR66g~5nE<9mQ2Cv%`)F_fc$^bZaCX%Pe?p2nim0j%dP7kIEdi?J zHn<@dc6d|f1cJGb#)gDCKRVb$xQXG3bpoNz&VjFXK`wGJ8m5(`C`3|ql$(q0c15uB zd&;8+gGv%%8(fH2fZkr;>*;NAhtQJ!uWk5oOJ%rLe7mL#JV`kfeW9yb8q# z;ae{cAAbRQ2i-8yXd6fZTLz^vtj2m(v`B;z?O0Yjn7cU~QvzHHfH7)U8DeYWNT5`OX)4ws~S7^DX*ekjC3|8El0k^-KOc`txtIWofKlpp~>sBCk-j$zVh{ zdB=+V7BAur&U>wh8C?Mmuw^oCl-O9iPly&95s zvB5wGX)h=PTo!4&*f@j!MDe?+S+$$v-6Zb{%5q+B1gwp>{`^|gn*@|!h{UcvcFJ#G z4q&+aR&VO)_CTUIqZJ+0|8HE@E%x@w{%Z!ksU{J-*kK}Bj<{W{EBNl~L_Z*DHBr1m z*e*7GB~hGR-cG~pWdASgPV*%L8H<7>P$tY)At64Ay8nrj0*%Pp2p@4DfG9fQZUc;8 zATir5wZNl5J9y=%62-sezsmXo9$@5s^!6k0_?q)Z*N0nkn^{=N=3K?o_UJPP)MV5O z%5ke0VYh3uzmOe3|Fs6v()w>jG>r(aZisX{1~IAkxl$+znbG{$?k2RIVzz| zBiGD2@ifbRWXLAE{gtP3y>`NBd}b0iQ(xTw~n4{5*PFjb95PrOnc zfcuw#lINm#t>1V?3;(+#M~Uu*4W;@iixft-JPJ!Yx-&2&$7m%1q}tlE#@;UKFYg_a zV^2-xwjCLw*&P|mW4awqYqtQTg{D3FB?VM5nCd4cp3_nTRR3_i!SO1)Te*b&>gTp_ zC&+AaeDExt2zd%hn+6!c?rZ6(FRuU8_~q>|Jd_9P^)CY|{wBItq$e^wWOMzx){gxu z`P!PDvPir7OW>zzCp-XHQC`VILwS>i|1fVB@&134yOI5BvEGMhU~zUnS@qm;@Nn?#1je*)#77ltC5%;)gO;206VJK z$;`(8^Qh}`?C!f1k>yhY3$IXZ4kcWf$zfN8>T+D!U4dwk?43W*j}o>3$Qyy_53FZzrcru z5$U-lO6*Oych%3LCFgkdjx`Q;BDlJk{7JVX81BnrRw;`_@0z9Cv|B)L>_iZTm>Q_; z-gdOuJUTMV*Ng}R_bW<#8V?_Lpgq2Kvlwq^Xe<|M!Kj>Qen^^Y73dTBa-#29Rp#kY zIVZa3S>`t6P7o#8j**I#VWNNbdA-|_e(gr+S}iJMGoetI=EIz;H^Y8M$3cK|r7({u|^nIe>8E&&1K9R&Vbto6<6*rct% zU)pg%@({eyUchXl%M_RZmv7BJdFgcMxLOmMU(d2xH?@#8b-O72PbMcssmV3h_XfmD zy00ibu6Y|#p&Hk3+Crjt1*%H2YEAlA$)wDgPtrcxKs04x$dvUd#D5ep*wj$?bu)3u ztE;sy?7vdMg;FZKtposr4FP-ktvmPr1l;-4{jnJ^m{7_V9i%#RR7Es}l?wu{RKK*k z`@vcOnD?Oj!AC*jZz!Iz?Y&jY6utXNA?d9e+baLrhemy^8I_?Wt5!00tn0U$9~cxWlw7$lcETNKQWn(Z0G%c`c|&S)W&H4M z)lPa_U?Ek{s@U$CCE*O2CW;_eQlOOBWnTzAkTMb)j>g=2TBOsKJ(NoFS{RECkLs&f z7U$E?dH|yeHq?N*8Gb*$@$u$j`L9i7F5l}SWD-5B*LXh|b_+j=%bxcaQU7Pbu`M$xAkkWJ| z&b-v!V?ua1pO4`4QHC{Zqw!}ibBE|7Av4dlXCg>x3z#OWW)71MOpB5GlrD+YkE zd%`}uS~zkY*|S!VFO5Fwas(K09Eg=v{8{e8{g{|4spgdDMw`#^(_wdfJ8x!)9@da^ zu=Ck>&0GtP8kq+8JYifh9CxjTBmqK?Z{JNB#c-ijBKgunn$RaQYZ_Wk+99rO!+jDf z+pB{KM8~Ux^M6b~IKQXhbCA%9=s*BGAM3;WT}CFRAH%9A?#BR*|1atu zppTvGL$2cH386QZ+((T5%%-e0HFWYbeTg~Rpy;Ep{?Pt9da=TDqv~o7Pqqf zMy7FZymO92bcp-2&}w>^@PA+xSB&?~9oCSLpi3bN-@~fG_S586`Mj;gFYe*)Z|0D5 zxIVx*M)X)$iR3gH?}MM+1Hud^6yuVU(@BD`owsZbWpv1+<~ULFN3b2_CFBv4CuO>5 z?wIzz@%(hXBJ%g(UZAiW%3?2>P3b3fpf9P{r$R)<+1S1}j$5NQt_@m$!%Qb;CDd8fUB+InT?^2Lq=mw1D5h7#Ouh2m8Cw){ z$bYwb$E=ExUh`zUY9&GAd8ezlUqwv$&$WP;kTjM2|MH$|3jGZ(*@zc1IQhJP{7dT4 zG&#ePMy&Afvi~-kf=`3BgffivOQd+Aw7&mKcNgTqGM-%tFmoV~4=}GfP{ zd%jdG0LWPoJkknnPb&ucz&`Yv3D^McWBcD?f~4+go~NdnU%*Pd9lcaXi~o?eQ+r1w7Rs}>*3QPt(?rlUrWyXc?jOC`51=r8}X zIyU-J-Nf!NO95DL1zk2W;%QUZGjoPSt>|z~c zoswa(fVW3~**(33%$>Pd_ZNFx-}ui*k{x7ERuToTWKU>~X-+(hovc2A46MxlxwOvpt<4NJJ=SMCu-`A2?CX8QuJ=PRk%PT0^-~10~qrbdP zw@Py*6i3|j;W{MO>1N!gzx@9pHvRpqhAO#$o3ym`g7q|FwDRBbb0Y!XCEg5Neb`=V zvTEldfVuj%yH90DR{w`eKi3{`%$MYgR4#5zjKAT|=K#j&Gxs6LUx(QGP zHg4ws@*UJXmxO#z-8^~N9AvLu$Z})jY}f^Gl_zRr=^dD;EE6FN|?FV z-bWqH8UMUS%$$OmB#0zkRy=-K=iMI>NA(0`?rDm$N@!jA%GscT4^~g zC?x$qKn+%mnkx=*{<}q&Y-9icwbZ|W+DZQTDnMg#bIk(RN-H}CLDB_{nVfWeOF4&K z#ji8Nf}cNHNk@-NPkr}Ews+HaYrxFe+YEkjaIzVk`=fV~j&8cz(F|?K*#BX)myRZz z)qvd@*a9wqNqh{@JSc5mNStB9s{z&xP$Le6sePTbR91OegpSwXJOdAb|=6O*JF@q=#s~wqM zvSoTAyv)oUw)gOABoHrRJZ6}ApJ9h}*HcWnBFydX=u{zI7cTCefgq29O4E)E#EtOj ztAKVumQ2+1{4G~R+gNXJGiPr56 z0UUUfUuwE-Ziq1(uHxfwuT%m4&?}UZael&tTt@z?+LyG-goy`B(-?ZddxsUa-ZK)i z;4Tvrie0K99{5hNyJkxFoNk*n-nIY;M3~ABAX>_b5UgWG;O?8|vmre6;H!{C@~O&> z`WfOuBP;2ReyP#B7<^Oiu55*tCvHwoa%coq+Fd+?Qe3KS$*6T8249pz2-HYaio*aZ z#eM*#CXMFjNa3R#LJeN=B)}g_6GbeLz5nr)Q7Pwn(gD&S4^HE1xknCym}FRcTaa{s zpF5He#R(OtiHo`hX5Y1x0+l_%k2Ck$$A`F~t4^9RyI#ulu=XV@7GiJE?i zMD!w2YC|v$deONDfndRDX<|($%;o;j0|!xHZF3S={(&0VfI-WbH=S^>_MWWTW8iI6 z^I`}g$sYNaDPw4tT5GrtgW8#SN&seP(_|u}Jh>_3V8Km!;_VZP=)q)jXiIt+B>$sv zB|Vl-Ut!LpMZkuM75e@|Ksk4ji9*{SC?D#%lH?o3|J9aBKPDu;uG1~8vBBT;-! zy4cNsMi@jHPH{RokO^ZqTf&dlJD(6eeYmDyArS)uD4*LEQ_{pYq7H&OTt?EM=nJeg z@k=&r7~|ZW2_a|z)U{aPj~|9}vG89DFBCusF8{T#uWf2A{--ptp=J3mQO>VY;x^-ciZ>Er$haSX zBRTUA4*m3GzK6wl)fqqywqEt4_^|ipw+2ydcnNr4nv$#(1HcOy&UX0+8H`Rvk(OqY ze*wz(9hnYf0K9O+4cPD%nL-g7b%2qtkm3n4^Yn?h4MA3bKHw=R>hO@qsixf0=@riM zjdiqPvOvl4A=ET4P1y+CvHHYx;DW~i^XtO=#_Hy^l})0QgJS$+2Tayu2gM%LmX&9} zN{BS^_d6IgSQTl$F^KvfJrM@IP)w_3v*Kmt(LM_|PA(Ycqh{W{|6`!3w3D7UKS@{93vCEr=UdSL_PeKCF zgd;|igl)wD}ng@ zU7x|hhv1cebpgb$zr4iLro*GC;@3PYv&cN{Sy5 znFlTNbY4AbVdjwfF#D>kpI;rJY_AY$Mc#bG5?7+p*F>J!MHFb7H3=%Amjk#K#+Q@C z_&$_}8iZ<~Rrbt{v{?jx6|kf+ZqL`2j4ihP@n6y9N5;86+3+;URm94KNB7fi3u27@ zW5-QT-@S;)t-OBx+h7HFp_)iyf_OeSjiPePW@`Yb_?0zm3lE()dZ?IssN8_-y0h&! z08`uG|Crh`XevLXynD~X-EPokq_FEEOU;>?38Ig6<^$`8FQnTE{FJ{Zbxy6-LccJd zTi%qtRO-H$kWMy%b~O1EZDE~*ug|_~ZiBH6uDGrhqPh*?ug(}PD~KJfXw;_-|Cym< z`bI5JWm#bW+$E7I-v{QASUlJEDr(sAqun?}^;WwsUai?uF$wCC2#S&LsSqE)LlPC) z`O-NDD%BDde?JPgesO%}oOg;SnfO>kr+Wq^Y{^IK<TJV#Hy5Tm0=ujC68)k>wF}H+A;CAK$ z$M-2pjU;!!`DRif=-E!Qq3^ukQSJ7Vx(X0~vFs=*5HA5tB6@#?PQC0eSu>=Hg@*tT zc{gx7dN+g)`yzOFy`>M(d~t21?Y*fW_SugUk~-%f3XWk4f6PJ1Zl3#C+B;=krbs`$ zDpKX~vYaV{G?f zIJ<)XkV&qRrQG?*Mg9BmVV51V74Vxa7E>b&pKu0ygf$k#x!V{#etP6aYXz7?+0?1M zap#A&SYN%fVzjfMVS^+mI=vb<{F9Jr+q&@)_oSzvU}}gmM>ZHzXWpoW=FOP*H!J}( zCc8`=(1WOb`U!!O<+zm+-KzG^1Lx_*Q%5VhhNaIrjy;sW>iIq8&0ASe3m=oq!KjF{ zQM$9y($~G?@6Sd*Rn^~Bbf#9Uvr+stU@7-j^>s{Pc*%sdoC%Dj@;k@)_AFtY75}oq zH+O}wdHL&Ht!rG*`QnK)zPsVD+6Di)948O3q;Mv%44izZv%}Vy zA!;GZnXR({|DoZqJn7rM9h#InGsv14X-$060L>n@+)gaJr*2_T{N1w7=$<-1&@v>! z!h5s#?TDJTM5HtEc3rzgxu45zv_j%G1sz(E8XZ}KQ^B=KJVLigyfk>TBF>K#sHBwG zo2}9bxHb5@g0+zSG^0(Wk#*kx@XtKtlIkvO$M6E{!$Ivul}A zZc+YEbbI?1ThdRSt4dgY2|=8%tUJ}8S>I%(W5pLw{AN6=qsA_-&Fe_pfGozdZ+||^ z97l&hbY%Cx%0yRR+&F9`OW%pv zs-fJ92u_f#Hn4K=XTd(NG zcI{1W-9K(=$jgrSi7Szb$Ow43+vDRT`wUj1=_E@lEqEx`UedERu`wND#l2pEyX&*s zj3Jb{-|}%XiOh)2fq$;rD~ul0lHuRb{ym3kDew*-2hPZn8dMf9SAz-8Tadn%%3*Ob zF_dY=ADJ7>G&k~F2eq8dY9=B5Ch-OaGAZ5E?gR^TagX2CPgJrjCV3UFZPz9R1eg+* zQLmfi?>_XEUOC$S9XNA+rLQrd3e+Rr0>2sRm~yugC)O`b3U1z`W)HLjey-%`P7*SO zA5+TXnd~FYvQL=1bx;960r`Gk>CwaxC}fEShg;^q#Wo{eZ%$t4$7x7J>}gN4Rhcc{ z^_5~-XPBtB>3HDKNGMd1cMI(^k#0u^vr@`V*L87VuHrb61p*zn_&lZzmv$A5UQ1yb zpNzDjD^#!#uwF8U1vth-a#@>}-@C?R-nVBAmSLDX^-*WIg(zwjE!7H7mlUkpR)Sr7>!uK4q=!uC^t)a?za>|gi~?%U?@)p&95?5?4=TitXpqSiSGP>RrdwU1w0ih zth8vb<}-~wUJzRsLa#0j_S)M_Etxq-q zAY>Ww*0HZLr-w=~zmVw32{RJd8iLalCH@J8uW5J5RC3#Ls})NgLn0tNNwY0RGV{{W zsw=iX`LI`b%*1c2VWpyHe8z;(&55dmod{0kG4jTkZ!iPB+wtHIn6kKm2{hy$dSKI4<0fi%zkb-G9D@cj2o3Z%5xSPDO=YUzUW#uHU9);_@x zGhXYjtJepvQDl!vdQF}It*G+Ojyh(s%rnTBOB;MY23zK-EFGx>zLGy;pxF)MDAG6n z0Iz|)(jN#X*d>iW#y;W^zvNX4JC{x<-e*lB{76;iJY}8caZpB9>(5e&9P?m%U`xee z9Vw>Q4b^}{O!dGz$S8gPTk7U3Wkba|V|!i;{LXzOsKm;JcKbxfgKiy zeOOcntCCAe$fw?yRar}di5Atx?6;>vxRSOw(3lbFbXBY_KgiQwZ%w~z*8u6KKl@}h z_($_QRnaxM=?pc_w=ogA#j;td7S!wZTjBa?TG)C|L3{j|pZxr@h|0)TwW58FB!agf zoH{<}5zB9LipHT@r>~5&NMhDFK0pdy79F(fj^G>l%g5H&)i-@uI zZ=E&0W_CSi(ueju2L(+X8w;v%mi|^ubE6J>@{ zwsJD6r{C3l-%$E6JX5%$%t2*@!EmZHhn^xBLF?b&RI@1(RBTmkIp~(q3Nnu$-I@eTJ_V^jTo`6%NsFo9*;n?RIi7@ zpKX!qpQOJ5XA$otx#pU*EC(rbE_ao}SevtS*KU-+-L|m$R~WCum6|QO<}XxHxsIPi zi&5|@n95*l8h`kT?|0wsQu@3>55Jd>1=LK+E*Knn z63))tr9+eHe|k#r$K|c$)SYJY3M`?2@0RkIZY?kh5Ai)K%_=*(oXpb6#QKG*<^1xX zD9P#NUHEb}e7Q6Q?B_7vp@g_;>_P5VV`f|g`BYnfH-#wXL^jw67Mvm{Nbr;Pr-@9o zX2vUO4UUs6?W&v5xyB6+g3)zpIQj0Xw6pATq4GWV1*Jhe89GBFJ(NJ*wGFc4H3~AF zWli3p(=lSzeXr9LYc1RcHjEE^{oE%h$DxF0XZD_62pW^TAJQILyvpvSUg9vr)Y@>b z?6j)R%Lr?YJ*As%q{32c$k|U7vztnA1>oU!FPegShfcJ3&9FywtxA-kMM&^UKsO=4 z>zTYVqCI2z)t9*4)H;M)h}chY zYW&Dz@sJKrCO4_zI<}}9@(3z^GE&vvc6P-%F4fzK)HL%-3s70V6oTB!{8-2H%^=DF*+IJeb+gxEzE{VCW4;fCIWfB zd$b6CN(ZS&&Q5uE*{wqd#P_^qeYY>F54qgU42~}@nz8SI|9n-D`+gBAK*q!PA?*-Ywv1`Tn38=7Q(P2xnIy2M^U#&mnu z$k`>fi8TD_1qQRUbC4s%v#F!lWr}{qpqBz3108iQ4q?yKcXZEYwgidUhSd6jS_q$vyGnm4D;ZVG=msa9&8kd&1$S|&6YLiw>;n93@C2-E)A>9R*w`v`Vy016iL3lSh zEIuAii4y4 z@=~IQOLJf+o3X)^B$FsQEjG2roGeGB4G zDuR4qeG8mIOqeK+$gtsY!)*sFIVhb!RPeQ2I_l{7zM82L&2Kx;3f7f0EKl~ISQnXk z14%IPezhP|wRUd?^)SgHP&87YKY;XnNA>{0HEs97#i2z>Zj*L+YfoWO)qvTquqFRhNw1a+Q(LdIG?H>lN&uh1x)ADGi5>F% zUKY1IrLbV_-!M|jKe68Q!qp-mv2>c(5SEpD{x&WvfD-59bXxYi-39asqH@zi4srOalBCMsA>TpexeDnTGR#+4jsChYF~K>2|><9ZHl zulcVWGnmwXN`M&q_*5YDJ(s_u(&&|W6R*)Pf3zEYR7Pk2+;VjRYrE_pyYh?vdFk~P zMD+dD^M}h96@>FoIX|~Ts(8EcPlr7E-_cL>(N58e+ z?qwq~?|Sg3`9DA3EB3j1I+cgYem7hC`Tmv1^v6y2a_D-cL+35w@v(i18FuF60*6k` z-}$eX8hI4BT?-#I2Kpd95Jw+*SnC7*SLYsOHi*eXT<;1RrDaODes==&BVBhY;A^Rn1jnks zUr`qp$>S>>ki(0zrEU0xy(L$=i@HF6*7*mvVQXqyCbxZ~$?^$p9hnC8x$P?;77()` zZx>%yrcJ=p{1s4^5o_a%ryvFSC0E*4$@t^26_3V`cP6GXgDHELT�J>0GY#khxiA zk4U4%DS_BlHD_-prp2vZ>8Iu8kqsPM<~z-xR?e-UpY?@mX!^tWA3jcTz48yXJe@{* zS?(&FjKp|M`55Gf2yX028*3d!-l7ckxl=Fx;rRI+JFG?&y@zAR_sDZr;=Y z+Bolk$4)tXjdmsMD{5q7|Ko0ylq1;x*|8~X+ zh)QivVC=WU+Luh0Zw_C;J`pwUf=n<^vff%T*VYBY!+MGL6hX6b-^><4OroS|vxiqn zdq^3b_+2zD-voZ}7#l+{$J1btWGgJ-!h0-6cQN0LY{4r zhJd#@neJ5kbWn*u@0mSQ7`jK}bVwB9K<_j7w`+=T)rhs5#|fP_!SHvl>iYH-GDRi7 zruH;EeQ8q;mrpr)dirSTvRVNDa`=%ja3-Ibf5A`D1pz2b`2Jt{`5vB8jX`)RwmrE3 zPlkGK^xkQrJSx@Ixke27;;Rcx)BONL+&O;Up;U2Be25sGu?ANcEB4C9%BX=@7ZbFt zdpKKqdx$$p&oki%l&24anmu~PRDXk90-eC}ze|M+xKW063q>z$D*xQDvHJpjW_Zs@ zBP$1Qz!W1`jJsbK9g;7=o0Vs)Y}6oh_PFx|KvmoSfzi4Ij2<3H{A!W zTZJW1;(A$8C@bbVG3Z6>w?8S?BNLz)e&E4_8yOTqX^4w?a3ZD0FgmCDkP&YJ+{-)W zQ;3U0FJvv9tAR2B6Gy1A{WCl{NAOpteK}TQosI+eExwBNaT*0+JGIpFtMr01RHmkF2$J8ei1cf|}a%P;gcCT@o;;iUv zb2sqiM}j)6)paj)%xhwpZQdLfY_W=|+k<9R*oh>RDZa+Dnnz>HAOT9mXOVSfJy3?f zo0Acv%o`_;ndQ)3dGcQw^o%R4OGKeb`TSl8kpKX$X>EFYW_q%@|CP0UOk z9AEJBD+-8sv;=mKCHH+-4#=9F+Vkz9P=m2|928+Gj%z`!mk_S0_ATc*2{aCa3&|2v zULo2pPNlgGc`Q{=6zqPz-zN2gNOECEw+{YidTq26op62v`ePm#cHMx zo#toNqBQ+R#~Q-hGv9tboy@bBqLE#Iw`VmO5k$p1wCgO3WAcEhk(}R%C(=kEuhqgm zRlPCr^1RBkRAz_cpisABnDw#A0U52@iu2%M&}LuMN=@gO=J%jm^!z`5K*RD zd8^v`B=Y3CU<%L`77QPk3sBJjOuaJ3KJVf9-MSKu)ET87)r={A#XSs++45ps?=_pPjudKU$uVo zS$VJ91An;5b32s$YYv*)P1e%S-TW4quU4;827e~IxvMkQMH&0}IW2oN(%mTkkt8rC z__o~C8ocva>fmvT9V*W|V{Y;Dpp0KTh$*2?Q{ju<;VQ{-B7ALO?tWHd9emp*vC_nZ zGLUISHkokE5mD`LLZ8BRt^K7(5JHY&p ziCcm^_e`^M!qqtwlQ9YD9@Rt0epNnBB*P>&E6lAGXigJ&G8ZmhkFVTpy_X=n?5u_! z&Eo+V@>SKb$T!qs9!K-LENmyen(kLs1Btbf%)W_hF%_I{uGe;)ZmJ)-;?r-&D(sdR zFh3iS&jcTNDmrqW1EFzCQTp2r@6>%to?_V;W2s4pQ+Bm@MQ+-FE59?Vx9Ig6%@%+4 zckE9lymssO)w+B=nc#uf_DErN0`qb_$UE!@o`d?%b(dtgU141u0wlv%{t(Vv7tJ?( z?=}N8j<2z<;%aVod0kyeRZ0S3P&~OoVw2x7oezh(w{kdun|O0NyC{8N?w7EFX5OL? z%xat8ou^~v*-ALns6%fC9T$O!PGe`g(NP4|{ST)>x$V^Q542j>qjrvq_ET+vS0JGJ zBw96wxqY^MuYfFHHx>HL#cvHLBo`RQhKfv$Eohxdta+q5gW2HcWc)5)+C}8p`%Kcz z88YJ&xKW~8ubM4^RX}Tix{&}HOYl5+NM!YW>00M0+(M*Kc-UxS^5hWnZ^874)37v2JdwopidN73DL$ZfDU* zC)s3fZ->Sm!-lHG<}*k7rIV+;->(0{+I@x}uqaTQM8U&<&40h?nF{yrZH=a1wo4}H zV}`y74)F5fMxfkE=tZ5Byj}lB3Fx-YaU!j#%z)q#?J*2a8GD1a@`oWmZn`4qTjc<- z-mtwMH(ZHKPL4%DHG=HHke`i}{cij?%+=HP7AcA#lk||BMQ`x-%5>p*HT3j7CjJ~~ z{jrmDAC#LcZHswt}J=Iy5wNM+HOKK3!kqBt6{*b`o$K0eYG) z`NKX=$Zu`~Z}j$BIaVykWIaRS^I5u7E~W7HuYp2qX3c|R3#t{7KBe&bXvMGlnQiDX z|L@Z(0W)K)w`9NWBLc_9GRaFLeR}c)fQXN8&PiH^A=b<*iz=c9Fn` zFEpwLiAMI#_1>Y1$(nJy3Q21614MoEMV$qQT~FXX!O$=9uz7A(X94Tk_`-iz1z(_vwoxq{C0 z5?afu8Qq;v(x-BXS_$CYvK*_d85ldKGo-@l#_ehj9=PHTz7?+A;c_#ad3F=AfylMg0h)VEt zE3lxoV$noLLCb5z2nn%BQ(6Fr4}}`Q;PN8dDc{QVpM5f`oq7WY?Y(j>-x{cPcoOe_ zzc2H$()tc_KrF@UgJiAB&)?SJ%*0HZ-19^m3`BXt!gKS^*mJ1!@je+i4>44Y=gnCs z9W4C&AsOf2V1O7mH6boHl!O)^KjS96bS>=S6tp{wZb%;^xjOoNB87+@CSw zs+K+~FM1q!kn>_#rnIBA9=41u!F#o?1QgAz`3xRvKOV;=QyGH)$y7kbX(tq-`Pp(j z0g2HYZWNo}m7iSvn^l)Kxd4PnF|h;V`vhKo(s$y=={pP84UglT@a36bT`hFn4$45K zFSp7OJ59Nl*SX_(8MAvRh#yIKIv5DFl=?0XGlqBJG9y)$k5ms}Ru(#SjF!jyw9iVF zlJRFVY6&(ILTa+Kt#q?R3_j&HlVktnjYb~>&$3xdc&ogRgC`8Y&l`m6%yBG^HY8Nq6XG< z%yUgvrrspbOje}&v_34APcA@n8qdp*Z>`-u7*%gA)SE~U#bvVQ-WsV3@c$sQs&k@E zD={blE&Ax?bjVF*pyGhy%rE&|yGgA(`Bp7Jkx;z+`%MWvT{#;8J@Hpp2A35rI;;^5blhU0O zeQisxsHx%E803xl8|tLb^0Ez9XGb3DO_Z1tQ*A$*qySme4bmY%{^B^(;Ze?@}$X#aoY`7YboGri- z&H&l;Zd8tK6l>plT?CW%5lAYDnI*S@luR)KR7Sxj5Fr@o6Tnpcx&;!2k1uAc91JExpZXE1#@H44UPll=)Rsss7;i3H{hx3!5KJE z@hvkO;_DKd=^2Cp&$mJsaGzQrfMeE_-J+)Xem(8O2~1@x4B zXAy5!ASt-g*DPB#Q1NvLl|}3cs@u2u#4`)mYMQa&K%6Ra!#6;k5}W!6;a5i4H% zwmSoo)S>}8T@=yif)QUw1ClQ3;u8*?JFrj<1sN=pqZdv|B5R?N#gy{S7>)H4)&{&iEoy`?Uq($tAwc@(FkI_1+CCJ*WYX#buGHYOiZh0_ z-mVCT&U+I%ivUf|P@sKF(^9R7u6kC+4R{IKBs(IZL}lCsWA5$Tf@?KP8m@;nmaaE9 z;BV13cM|4vsOe`AvXcOEg2`Cl<7~hS)E5sB=HWhuCTx z)2vIO#ogUXaWC$!#ogWA-QC@-XmNKdesFh(0~9X@_j~$%_rL#rp3G*mJ3Bl3&P*-D~l*jh`=+jTu{g z@5?jO*L$8-m%zonW8h*U1>@zl9_WRM=9WvL)Rw6`zMl=tt3BZhKW|$uNmCoQ?)a*n zbPb=0)Tq^0dLU_>g3oyh&^T6lBvc;6*Y6{u)-9fiR9|bFeB&!pXl=KRX@1kJ-)F#e zj@=Qe_+{H{3%S01UB7Pwt=c>jsS~oV_fV#^t=;kc5Uy?Ul?VG8|0`o7ZXw2zqn4SE z`zvGbCKOH1B?97Y-|_B@f__daue-g)&%({4s=FD5$mH@o@GcljD*8$H;H^jN`^9`y z$}pBLI{i4-em0kR-NxN!cls#^ZkN1t$g(zW{sb8~leFw@ZJtxlHg#xAJ6f3Jzad4aY z-U71P8C9IyShz!8O?_4OSc6W2f%kXKqtdDk*=X=%WoX-bvsq?ey65i`yYJPMlOqAh za<)=&B2A>rP`=#bots3N@2urnT4$(l&&DUTUf7ga*;>5DS&duDZ@oo?UpbPpm)a?6 zttawdYktgktO4(VFYoV!BaNFb1jK23n|>`SJwMkoyWMi%DaZM=Y3!>vZ{lXYg_mOS zn92Cwzh8{MdtZ!Cj)+{V4w(wf|9&Db*COKb=PgBcH|n8Z8ac4#?|q|GbG4_J841Q6p?b+uIS(CmJ_P6Bd?7nm{EF(P$1mSd0yS+ z_EVoxpNJIj*1QirZYolcrw|{>;p?eM#n9Gl-G7~Ge(SL7**j9<%RU?o4{LGLPmIg= z9d?>@n@=&?{y-=Yyv)-QJEcE#^76i=edN!BSD3nzQg|&dEGyuMUo)kD)4%vBB6;^{ z%iaI1V~UN#+257noY$(2fwrNR;WWF)Jj&lNB`!beRCNzxs+kCK`nCi7;-}c+*O>wt zYWF_59uki;&k6`~z-2Ab!tXSrvls513|c39ln5#}^6A4Ts; z>}ZGDyy26VL*5(3jQ}C?5zD0+Mc%W=%mNSJD4K4kqi!Li%nP4!?Sao!-rd0p>!Rin zNoFrdi`aLu!`&sP)XiD^)U#M2szw!UIHs0LIKBxjA8E0>+`KhkBXDs&-b>llM3) zGE2Ws;*I#--U5PJ9A4l}{=Ek4jqC%dB-9>QS`YgDqvhC^4%2 zU<3*(B)vES$KDTQ37k+SJVQF+ul-PtwHXmiu%!5gEd3ZE1z5;{?hkR8!B7(-@Z=6d$66LE!{whw{TSg~(E}j*bH9=7hLMOMq|< zVJ~7|5D?MdK3`ML_dyt8^?sXR>7B^d8+Gb~Aj@k=){(ABVBy|LJqIPt!W{Hi=Fx zOOQvmP}^3GIJ6e`%v@j^lUBb4Y!O9Lnxqz)Wn>{mR2r2Qnx#}RMPizYmXf7Zi7AGb zU)6;0_;ecA&EZV8h&@qv=ndAqwyZsKcj`?|p*wxI^|7wZBKSi#{C_;oFn*v!B|G9L`(Ka5+ zBvQy0pXAi~tO`xU4}Jp89^p4(3PlT&W<1x=W zWl#7J?v!=sgWxk;s=1SrK55qCgf`f%V0gUe6wD)?@#J!G2A#Hh4HoGOi*;WqEsNEK z+*2dUVRWRTh1!*P?VBj6{t-9UUQg{irYX@!{CO>r2oFf=K1V z2of|oEBz!H@Op^KI%*<4@gEV0K+6eKEpv3YW@9PrwyM7Qnzo>oWr>U<)KczY70Z=a&IrRUfWBHf%bIoQF%tra4EA|mcWa`4q0hsgNwS<4Dsi)bLPp1eHTG(+`{0w$8hT0 zcZgx$Um4Ii*C@u~EM{Mf`G3|BJ!p)0HS>4X>?_{Jr(pAlm)j@vUwA}VA~TCPamFvvarT_`l*l-NQ6@C3pi4^~YH-SMCc36J;UAhf;=HCd<2RJn-*-H8 z&Uqv-=TDVwjw)YbS=1U97;Vbd82g&mkh|=c#Fb-$M435YcUYIsb!LuKmgy#Ny*lM2 z&$?(?%5B?1uS{rEK`x6qsOS<>9>f_H#1yp@O%hjVTs6wP1f*XohTJDEd*wW*r08_m#XIYf@Z9nLWPniEE^vS^DL!sBkhutl zHR^AY$UK0<8pBME3(lecO_Xu}QvuGU{yhw5-ZonQ=j;=g86R)AuE^hE+vwx6j>YPi zhU}eI9+g>~uZ+pEh%DQj_RqLWY0N65OSOhnIy0>>l^-8||IKhH zpR>ywuq=KpU7J#Y&amQ9b~UJglywa#N6I+b%dlcpJ~yv0mTk^2C(As+Q6@C5Fg~=T zDCHhh0RvymHJ3q?ST4u1C{@Zms&X!BUtj9ZGn-E!j0C<&!2;==kTgZPM=5|x4N*D} zPrKz3jaoJzmZK)SMgHhG(|6$;BKM88!h_7lvl9Cs>So4-=JgAAxDS;kd^pJzV>-5=s=C{HxZ!Gk_d>k%TT$JK%E#kD_kmiV* zVf(u>d*Vr!JX(@cQ>=z$IT3#}8^8zT2kC)?K&T)`5cQ1wf?`dX&)|$Lh~V_P@QVDz zVS?!?EMhq}pvOXFZJWhQ#4o#CE+Idm3{VTW1n2{{0S4u(X=mc%39mv;*)c+Svnl%~ z;NM`UC>ux>Qix#*5(#sus`Y1owKkA4M=AniY%)BW$U!nC+m1YuEFbU~K}=SmC>^0e ztN)pUDgQgwry`6;+q0@jIg+(Ub%Ec3=U~h*K|Cxg;e0Y*6OVxwP9M2qbHr-C-Y3W>+Jn*APJAcv zCr8vz6BbVp0qg=zobdko6(-Qi3HcH3k#Myh^Hf$mIkPyJj;s=Z3FLMnZx7xO+mhjz zYEeNG1!{V zfFl698MR+l?&y|@KTF=fPEFPjwjpUp;hyjePzNXj?M<}(59N_a!;`^kvn0DD;g3!N z)&9=|FhPhQTM!=z5=0DS1T&9(&|_SUjrqDi`o#%`D@T@6A{iazzJ z+f#j_swnfx=Swd2_Q|Fz&`Q)jZ|4%duU69$6-6ymrUnc(by}xjfXPiqt zCHI+VH;}Jp{zau*3i`j{`(OQV0`Gs}dyVXT?=bUrw2_SYO|$jcJCgWU;2wuVf+Q{; zd06D4L0B6a0b@&m@(}%w%@vb|;Iokd`R`B7O7C-Wm^w}emCx2fEQ@>A8NC1E=ATKc!* zE41dza}D7e(BpTjt|_OZMRlCc_*D5M@_itH&F)A?;;sqQ>bQJ*hB#O5#GiT71F#f1 zflc_u6l*|iT^D<28i*etFi}(FgW+`F^?9s}1bG_$%?9zEa_FVYVeFOEepIF?2lg?t z%V$guaCxAryan^P+@&?vn)qx0J6&Dmlfero<75YU5I?G1XL1zvAi;e+2EzvVR+4ptdB!38!G2!qblIYw|P z+HsI>0wjKLXf( zn}VDyVTj9j5A|0M$yB~&7$aZFcaoUo_T3b609cik<;m|wIdWzRnRVOD90I?^nSC;X z(>~6@dVAQhow*}a{xC&sN4+yYTI%28c15QDJHB^2JHoSQrBh2TS)x!rLp{i|>9V|n z1F)vosC^t!gS+BPr}9tGr#}6Ly{;Zm^xc5BI?4%|;O_GX7cCZm>6yGM=wY89H<^Hq!{dCNcv2eU<3-qnogn8i;A~A* zOUeOu9Bmm-WKaBdpZB+InIZ`>#_D1-|@g zsS^0tB1fg9Z{$UDzrUC91y6)<@Nj?;(#okjo2(Z1Ve81cV{5Vx+4R4&O}Q6xJ6uxa zmnAA`4FrtUDq55Tty;Ftp6 zAyCHmJCXE4Jo0kgL4oD9uak1u@e|&#g}JvWA^;G|N(AWo6Jf=9a(4c7ogmS{gI>Tf z>&;^`Z`#MQtQg+3&Jr)|M^*~~lFy_(=KD0B#yfi@&g`1wFQI$n0Jx8j{{7J4;V*6? zL0Bem#>hEmaF3sl^ekX*(vOyxjV!b3At9lw#s<6}Sys>+S81*@F**NHf&@C(yiJLp zS^pqY2}@~#dbCNEgWlgqjz0IRE%I>(5xr7~%ktcF0?}!;nEOw#6rzFnoz$8b<#RsXk{{pB%YQ%-@Hi)p*Arrk3BQ0eh*ljuwm_=M}k-=!}% z{kI)rdw3NkJ^;NKX8s$%fh9Wjx;4`$f}|^1$ zhu4$=D^VCFFjr_0Ll*~w(@@mP5#W)k3|1kb-V@ALd3l=Hs z4R`*(h?t1Lc^kqkyES;h>?gQ_)e2+zPhUz1#sm#%e|1b8Ybwv#G+|p6?8KRB`U}Iq zN(x4y#>kf@{%yukkS%JKx&MW|NjJChTbIog+nl^ej@h2<&ue`5C2~c$G>X)3qt1B)lHJ? zKJk)eAIOo%OA3Wp6W_9pRRj@M*&m zzSj22Q~i>C%Ug$QfWAQQtY6~`)?+oOv+t6*7u~P=rSm!dP9NAi{BHK{{knZ6aK24V zLTVuUt0{m2;`E~%bQjK_<$(N;;!tMLho2eX2~e9@f13bi*`I~eoB1~G%3AcBo~@rN zkaBtQPCPa}vE4cXE_B>gXhufIRlBpTmM{fy5PATdH%)e;wHkjfBWoerlP4)$%t0SA?J~HqfN?9}CT9~c&vIcim#2GwY7=@I3eyc3sOuS8i&JQ^8aA%;o zV&;w{V%*WU7t?gDDbX|Bw7=)o&lBh9ReA^czCr$(jwlZX331U?#tgAH3KwqNyxXD%_Pzv?q1Kiu|=TRto_u}_nvy^b--N7EI0f}=wg`2v-i>m zKwj9y8=>w3?Q9{S;H*MC35|wDIyFGuVR!k}`Yv{vm!Q;g>4%#J7w}KSfryT)wcVrp zf|@(xcTdOzfyVed%HxfmxOo?GJ-9g8dTS@T8`))Rz2neGe9zeR&1LVyhy6V}PLUi( z$L2poQQZTZc8Pp0d6Ui#qsVRE*Wn8io0bFN$35eCKRsQ3Gq_K4Kdrx7-&L)SU!x%* zI>zcv`v|XK(;t`}8XvCmw$4i3E~TEZ$&gAaK&BDG8f9K2hbRh82ds5>VuEr* zC*}sXC!ai_)C3_bHS7VF8lMmok))Z?$|ex1VqZz)`?;+QT=8K%5!56hX?4B<>oq7G zr3q6sj`m37p(&O+gc2wNlw=1hEF+`}Fjh7A5SejPjNnd84JHXct_FJH8u3#NaW9Oc zoC-xQUVj8E2cVfx%#m&*NITM=P&f|Te4}d(R`Q9!!!3kJ*@Ln&iHH}Z<`<7e$blt9 zenejYpyUTBy&$r&3}P2x=ogBAo{IS%_QD3{vlpc98QT2yi@L$`>GEn20ni(u^n&gV zBk}?#or9l?_{f3cYc&yg23aT{>zSY(sMN$x@Z|RieDra%jO1ySYVH-LkT^CpK}6`L zXg6d7NmKwYn$-P6$!`m~Kp!G1N3UuOCv5PGreP(3VZoqO3mjlmh?*>h2EZpo{e*)p zase-$W2+6(EaQWXl?SJZGY`uU1I9$U>d`^Nf1pD0o z?2OZixC$`lWARC+Ka^xxZa{frQHj+!!UIKiP@Gbs(i3+poR=*$M_%7t2U$AxqlEJU)ZIDnw0+^8qV`sB4&! zM7BOk*Drb?fxruu@Wfz~Ttbzsm=c8gKvE6G4v#0e2WJQk(|UalL_31j5B8y@8nPY6 zPq+_K+OX?_eMAC(#I(DfaQV5UZNvi_IwRg6mm>{kdKH8Q3ANzLVoBeoRbfHz*ZsZEw(p^M?QrpWW>jmD|}#YppuW_3qB|v+>_)BWzXm0hhc?;-cJ;AVo$;wn}Ha>T7rOE|#?qseqaQs_X9T~kVctx(mU z23Fu*0S2LoI)G593bp|s$Uw3LwF>EkLnYQ06F>kVJ*#{dv;m(&rnL7n;y0oZc-dmo z`%m@!fVYI_U=3oRAOKP*QaN`vp-89-lLgC(j>@s0mB@*gN-T%~$`ggk@sJhP35{yV zAQOQL9H1ElAGt77jM@l3dqPnSeRARiepA?^`~4|FB1p*u-~uQTjGX_0n=lffq(dbk zLIf|JNX;0+ikz;jszf=D|NuU7$gvPj~u`{CR^Pm9fG-?^?H0FB{uR6?j zpvPKb&#MqI;IR-B=(7vGO8Sw6M-&D4NCpM+L4|7*4ax`sXBdhJjA+bYa!kOEh5|&3kpYdEah&QU1G_{K zLc2tZg&9!ENzx;}0ZNR%0F{{GoHB7B+ht=yyHsL=yHres7_iYv)1z$wm_~3wxJ1Zy zCE0KtYBS*)wDyEbQ6iwJ5d+Yaj2JXz#1D)XBLyB9L4XMrh`C1wpcQ2X%80^(2^W}J zNC1*ng!N3-_zWf_&*nBLkX1b#sANwGkRD|PNRJ#R)&IIAT!VE=sveD)U_F=$rmukX z=t@$3h896R@|w^tahvciwX={eH63Kn+%^ahcRfDH%aIj$TZje1+*1RnM|3A}MDUQ< zqqqxgQC);}DV~MXG3j`V>flTVIGmyQBz0x-@wqJR3Qo9<8pv0V~A_ zf!2eK3ALyaB=)G&B3op7Azi9nP@a{XpC7fZXn@v3rwOf*0zz9~w}QHKUvNQgR}8>7 zA8z8<%I)HJEUA|W-F|NJ?{bM0Ad$yV1O?=B;?$eSKbfbETSr3q_C9_f*el&L@6=27 z?M`3f``5+Rg2hrb`{t+S#hoQ*ZFkV=F2{;}(Y9J|=ZoHr_xPoEFU~vZ+x#o-tNN4u zmH*m1#k=yGAB62kGRQnQ56YeF59AIGJ1f6F1yTgILKDIHusWzI_{|g+6znkfsY7iO zyjVC0N_HmHkfMt?37dtV!Ej+Yd1mX{?yZ$HXK!3|+}$@{F8r_$PeE!hwitOO+&;$f z+$y+cnZlp3)F^9^tK_ylyYVYi&hk-xzk7$BK%^=c25`F^FJ6g$y}9)9{BsR#ZGE3g^jskQzb_U)am^NkpI>pv}_ zH})QHd~E1V56ZiEQfF&0y|>8P?o1qkW@p@2={;=0Da{Qi%Z`LeMrlC(N-isu5tR_k zglNd!j}VgS@i{9rU_eJ>`eR+(CxchGUmchMw=^G4RRZ)%>KHy5@WBmoV?^9i!ko&X zEM*&1vG!@`2i4a=8S}yRaiay@l0%(}!z@L!Yf#?k&$kYA%pjc#@l-)RT^g?$ZnX~h z*oS-8yepLw9=h^O9JytTa6(2oQ1_d{EW)tCq?1?mB`<4*xWb&G)(EZy)S>Q5hg71l zliG;4;qBsu(8Fk>)`+cy)e#E4r&F>+=|rGa)?L^3zj;&K^{TFb?Txr< z*N?gK6r~%69na;zEhO6IoHB9)4K3S;z@wBt^#tCYGVU2}qwm%B*u!%O5z} zU*2l_U|6w@#7x{f{?dVq{B+9};;+B&^X_5X^Uk#I^-j1a_dYuu|CSu{GvH2K3;e|- zbwO=C%5Fn|hq3uDi~XK}=-7u}gu~c@oiRj0JTX5Dcw$*z-snBTQE?jvGKlB2^$1vG zdm^@pg!T`**!K^}LQHMF#w)M9q5EH9V{VBe~u7pt&tSK<)51qudvk9suSvf52QqmBY7!*HD+lXFm}=l9{`DjOr!dp&1ipi@e#2TZNvJ} zvab)sC+tm7o_-eB^WDO3a4lmrp%T8A^G}q@O<9ZF@$XSug%LY)SE5Ai5q`LR*=qQH z6lf)Nw0lxL)fppy#nV0Rz=jO|PG$=d=g4NZ;SAOG(vR2U|fe z9ACHPq_ARh`=NgyhEebxrB{G7!md$OlB2BSqal3%PMcNPyogcUtxs7t+#C{XiOMDljiqfEF9KKwOfL^3T4PSi83tt4~*;n@7 zzsP<+X;wPCe-i6nr=2l(01~+x0;RcVL3LUIbu=JbS6d+C$&{qr*h1j}dD7uzbUb>w z=2X;JB5kSKWGxkydzvb@jEos4Ep}{m6PJzR!xtlt9=Xm!vfF+#oY)p%?DKT{^@2?oD3^eovng?_YbTq9- zjht3B(yD1n*;*<+6PgC;dJsjX<5X@~sVXOuPf^$S_r~L|xdw=3jfh21ti7zr5m1SW zs*0K&CO{I=eD(UDO%-iSWgChL#bri8t9P*UYzD&ch#4fq*gv$RE2A0+r<{If7UkH8 zNj$r08J5<#qS@YW_d{s1 zG@b8aH~WZAQ%&pF=``I!>}Ty{nIMYJG4j++#ys}TxnNN_RopN-Tsu; zHRepvJDD5ix>TRN<#;;9M`KGhouAvcKsr}^65X4}f2Jybx~QnBnxtSgxHp$G|_2;E1iK+8Sv54QDeEE`k#Mdem{(|=%_J* zS1^+Lo~|}K_e7b6WXoIv2$U^VOXHEjT08J)caBQS>h^r?W-l1I^|;Ts-QV*}HIHyW z8V@z6ZPH11Ug7b!PR3$qw>m{9vq2{u+#x$5u6!hSN=^ogihil@v5g%}}s z&0&`FfMa153KN9jhuU}2`w&mOPkwM?>k`ie3h?2AFNHB!<#+4WPY@c(0AO9 zDXV23P-$u$EMC?_VYcqr*$oxY)4EmtxtP#YJRCal6Snq)_!J#=^SNq<;K2fq@zaT8 zyxgCQA*J34O$ZLz4z4co-NA9EG&;BLU}kedrRIdeoIlDk*cy#f>jeXD_3fU;MTHhx z?TzimHbY5gb8|+u{7441MBPNE90na1dZnW6=+VSU_+f zeli~m4~By*o;$O)Z*N;JOaoC7C~L)$_IkKT2|Y$(85v3F?M_bBN4AD;DXFB@O6mu= zhwF{eGcw*9O${c{+s__Vxo}6#!>4n~=$x7i;Zg=!Z-UUqjeGZQ4o6gfc++-2mGX?! zRuT-MN7FDe(ChPlVqKRho@l@#s4-=4Z7P;X*Oe(pTeNC7w9T5N0=vxh`1sRSPNqk}jZxkXRUZN4Alhzqd-Pa3C+&^N-QEO^ z?ux}%??|KGU^_>_7zS!OTGup{wedY%Zgb(;q(=>%u8A{D(>S==Nqq%9m1Enw-?%!n zbGnn!o81J)Prs3VA$@cY#nda@``*+Vx4-!&%gR>#hw4Yj);wkL#$|3lcY^1&TXVaKWRC#ozR+qf@aoL=8b*5QYBb2wh`uWde!n()UkZowX+1pT=uWF=US6dZMwZ2%yz?EhGQ2F-T?dUsGI*ID%HN3Zcw7Br)>f3}B(ERN!s3mH z;P|h13TdcX|F9wDgI@|TW^EH~U^=EVj%jJ7{HC|R*{P=Y5iTCg8!)NE^j>J2=-`c~ zr;EN_faf#W{2*-4b31{Kp7ZIT1XCl}XeK(9d8r7JD6fe%`I+eADXYS}^hDWB4zxK*FL#gFc(cFDJI8D1q}NuQ(MwvyDhfayHQ-XWKjzKbcZCd*ffEGhCXV&1Y>}<#_V&o!qbp8>yS%a=Gs;5N z+_zQ-k3@6pv=W9D6FsZfP~#SMwpUB5ycK>6b~eoL+~dlTs()6EH0KWxn3W_3r}xt_ zPWL9gsc2_!xWY}@S@)Pb>V}OxFfk8!4)qwim5*_qtT`xWy=n zT~}f;EO4#0+(g0I&_+2%SK8Rvv6OceQ@LYc(K{N99Jn2DGU?Hbq!`~h(JmDO3qkc$ z!ZtfL&%X~c%sPUz%mqHDTk^@UxtpcYQPJ!7qh3i<)hWe;7?u66mjIYs$oZ3P=MD-BjG zR4!bPeq;|_O0nH?L287XMmCh#v#yxFZ=BJPkB!uKzY+K83sh-^b@Nd4HA>-LSN|DgdgJ<4YB#Q%M9j1`0C$OnkfJB*)~IPJcu57&@0ekSpKX(Q){&Lm zHA5SC_G`urZ&jLNfkm>lsYut)33gwUccjZc)wpUgEq||cXf&wE#6-V|cGWR84E6J! z#%kKKW~!0NvwwBkX6`L)!r?oZJ6|T0-TT4NAa>8Aul}vIVPf9O)?J61cRMlz@!XQ? zO2s31NPKWVZ)9CPrk!zy=N^YhOURNrbZF?Ky^M@BtpwI_kF{sya=fFOdqj@Y5nB8t zH5w+pqZ<7#9p=81G&XiB%(Q!5X-Pq*X@#?4SSweTiJK6W!`&@zi%9MZRMm{triHaS5)~!pZP_>~Xgo|N(cUc}fp~7)uGTiR6m-9zwenGYDw|_liML1M z)IK-baPGc8w2L0JWi7_i3dtbjX<4p)2ci=wBFIo*{+Z3EeNf%ACg0ZhhAEAc`#V^d#Nb()sb1wqrjC zJ3pdURcAXTIx;@FeJ`Hj{VN(s2`?HxvJs37VEkj9^6t->@3sC+t+(++zf>l3B)ACS zWgN`9U)I`-F1_X;x$-9 zx)y>Bma!+BK*00Ibm-LpF>&ElE}1m*W44u6${eIcLv!-RxYc^&R8Mc21%1W!xCrC* z(LmH8Yt5Jxkk07*&Uk04XLH9lu&_FM$brzPO}}dSnswbZT83~h*HW)ad}d>_J1!Mp zOK_NT{SCu|1}Do0z=VE+OmevXgRZL07y0QDK3|?E_aD0@`t0e?7qyH_MS<1n9)KedZ^1}UDt+&I zhVS>tT95O1_CsquWZl{z4{G(k>_Bf0-QDvcx6oJLVe&!=Grd=O|F$c<&6l~o#i3IU z{H1}D6G~oLLsCr*)w5q%WeAsg-#Lz2UUkQEHi$ZIr8nk*%t81=z!6e;__b|ivE0pu zN1Yj9boy<;%!1a&M3SYx|NaORD?BpW^~CEJmTtFro>g3LF%$N4gy+n{{_)8%=i9ra z`XjuH$<4j-8@TD*o}J%OMSIscYW=ifhvV3U9kYot8Al zp)TaMJb%aNlxpmwSopoPv$KO8lLFc~GUrzF$^7BVn8z`AOd5L^Mr$J*7k{h0 zYcH4?a-~dq_D$4IcZ;Pl%gUv0o|IQ)N$&hfEx@(kgq1B$KiKUmz9JQne8j^>Lcw>TDRQeQU>Al2|2s^Y7D8|y`*HL)S&3voN^K#PLzK5rCo`dPDH?G$VEeBN; zQ?IrRU*YLN-xBE=betVe5IN0(VFn0e!j}3RkK=HMqcHK3i6rsgW z#MgwmIqn3>Cf!%(x(Gk*KAX>Ci%QPJkYOiQxaud0%Sq|Nxl0l?rE3#za`AFEc9NVA zlz+x73e-Zkb`qaH-GNR1*ykSf#ZpsG`xBWMoz1R}tG`|`1ipI>{l}Wo*3W%;0oG`` z*H1ns%|IQKmbkKcwT#xllVDM1;}qtSl7(BAj+&v(d>A<pMmD1D=oEROFN zG<$CuF$7Qc3hePUSPxTn80s~Bt%{Fr;9MUt_&B{11<^Ket^E*N#~g4|Pbz8djwFom zg4FL`fBQ!Ofx3=;90}sE?w4J_gR)Hy)sB?Dl%%0Gd!2Y#uh&EKOfzf^b-&j~&cW5> z2`UM=TM{u2R+`TN=E5^3yWu2IQ6JX!KR^SbCk<>{N--_SZyjk4kO09YmjO5@7~{l64akb4ibf7HZXsjBS#(yREb$#4 z4W=9Rbrbu)byF?MitBjR;%{1_oJW{qbVvvv5djN_a#4o-O$S0Coz~5zBOw>q_7@&UXW43^q0 z%*1XSGndeuX*3XAB{n)_DOf~q5bR#b^q$B%$mocNz9<(4w}rP4?YR^364xjMpN3xe zb*>w|KQn0hkN!!+wKREL~JeB?AQe=x_<*3KZP>Q6jvd6b^E zJ13uCjEd5VA}JpxVl|883P!6f6YJ13>%d<6 zYPBBd`-GOKz^{jcW_@31Rz?eYI9tm^Pe?Y~36=T>>aGp+CNe+L8qP=GTteetPFXXi zwLe(8XkyinVwTd~8(OP`0xR$7u2YA~jYr`d?wIc=0+xagw0ECi5MeG%;)CcWtB^Wk zuy(WuV#YAoZgonGgE+Lk1wxP#d+jg@KbM||{2@wU`?@!={>kyDvUVMk(Q-K2I-4P% zO99n0OlS6scY?={k=R*@>5&4JTN_qZwUrlwoAFM;C!&NOgxsR|WwBXm42+c)!Cu|D zCwJ__cEfn?P)Z#kazKTkYQ~91_lTD&v~^OVv~Rx%Pv9M)qs21^!*)-D=yMhj8~c+Q zhOFB+1GNaZxx29!j-L89%dLr8G<6!D{TkOlx&i}VoG_`6^-tTd%IS6LckF0y=IZF9 zi{TgbSmT0EVp5ZAwI$0~sD@K@?q^D>6e^=w@&RfuckSak=y(#*_u2dybfR1$r79K_gARn# z*Y5&kHKJu7_~cldt?%J87FG8?>Y}g1kk^0J${WZ~bVRWrMWRPhy*p0(;zn=FCdOE8 zNTYAP=RBfzG6!9-oaALy;zYuLg!CsbKxgKI`P);nQ&eDoDBWogtSpC|x?O7-8s}bM ztQv~@^W%YhQGSt5!>=P%( z{i!$zX=>tec&LqoCW*33+PI@WkVYj5Xrn&K+j{*?Hnb%Cc687r;sZgR>$P6Np3MtIa6< zcINg(l%7AxK5|rQ!WcS#*u6*LWjVuim+lB}*ho)4=#dU-)pSrHE)L!JAZ$ktbhFjs zVP44_FyQIyblTDVVjWLojGVY#Nzt1==hbZ4ElC3*B_M*bVn9rdni5)YFhQ9d^}QuW zmE;Fxj{PBLX}5tQw_qeQG~J=t$?n8-U*FD&NKBu@VLHW3ejldd=TSy~q0DfC%y8i} z3*kK{4EYd9tB=Rj6mS+4+NfmdWX1Ia4>PkqbAGg_C=QRpQcKx<6k13lu$#H^c@m-q$H=0e&tg>P!HXg zE_ktvNtP9Y=fVFP;rkG8!a(Od1bh4Khu?ap%T}mYo+YeeFtQM1PrA}MF2BCQx(!3{h}10;)GbTmnx}%~E5|av7B^Pd%nP?zQm=nY^c6{< z_ye!D#8KzU8Wq%Mkf{mPY}a1DfsSOz14DmhWzqKg@E#v67MR%}1_;COY#=4$7Lz=3 z+By1p>mgyww?(>e&GqvL)=wxLKI#$;;sX%hbVH$S9ViSF^}7{9YO9 z^8|5d9SkQx;eg7={IBN_*u0X;5gCpQQv%&yfg2!mhoWIILc9VYAZSE}VU%3Oh&|vx z16dWe3GWJ9KLVI}lQ63NG)o9)-U2#riyRRAk<6UA7|#4SlDWj$&>aNGT#95)Al|El z{R(=+zkrxUjCtVa2Oq*|4>CYs!49>86&t~7pqjl6pfEA=1i`tWD=o!oO-HbpfeV5o z0;GgkQ))F(^7%1DHV>9E?0tiL%JL1I=tMeb^7Ks_(!K=*0M~DqzMKsCwg*KhSIWrY zKeFJmz&Ok{V5a2}3?T@k<4ERmH~~yS7akf)U-bDwX%}G*0#h+8{pFzP;UkVqge-<1 zmwZxTKB>V9X|v2FJNqS~`X&|SJ6=9jLOsB>lqB4EN{ z%bUdT`nq~lDcHUmN@yCvRYg+iZ4Mo_DLQE@R|KQ+8Z<{V9l^o~xFpl=Ak(gpY1dSl z>rgr>AZfQ6+&7Yan>Vc4x4D0RhivrYQU>9R!sji=+wKs4yCVE{iPGgj=~7U-2B>_I zVas-+#aP1fy)MP*afs2Qh|wca_Bv4ZDkys;O0NT@S3&8m^_KbyYWZ`T+ygm~SkznW z%V~bqc6Kl)&(LNNK=_v8eio7)e?^T0-DR@BP?jznIH4RO3UfL6hMBhxI+i2oksQd= zYRNKMGRL&goWkKb+su;+L6>eOT_&8&H8U+bIB?u%p3K$xB(5arpwClV)gqP!Zip35 zIdpVN(a|Z<+2FLDRseV(GL`gJk&JRl;(CgyN_yHM>1jpM(|%hTAGWZN?UEM*mm{4% zSh|EET=p^*;{y0k_UCdj1s7M1yKtyxm*>0^;s#QpuP9LvEy$fgU4cfMeQ_faz3YMapBm?OIP8DBp+T=ox)o6)L#c)~eLXOogz+#u1 z>-@f=GyWMJ@HJ`#?h(sjH>43b>oD$F#kglhBY7yR)XZsLZPrAl?^%A@MR1uO<@B|9x5A%W~pt+F{29m1SfggLJY z6TKl8yWkM!f+EZXVKH2RqXju`x9G4Xqgd0qAxeAKA?Le_obTFWr)E#!ldM zg3NmkGVdv5-Wzh3D|JJPHSLgRT9IekZ;MhUO9cy!R-saZwzJ$AVXruZy`l(vrId?- zk9c88lRPCwi$(3)#Ugb~|3T7wv#R*aEG(bgh~msRiZi1WXGR&0&)UQBS#>x*tEfMA zL*)I?A@7HZydQG)$58z-q5hc6HtWbXt7My%C?7jeK2}gZmMB*pC|4Dfs{&<$sVEc7 zMwws|rPzT|te_OTnicSZ8=%t(pF<#@B9M>90)=$a?(TOYkOK)R4i67W+{sm(S5!2( zN@7&u6?F~>=sBB}rVa>P45IM-#F`lL0?D9bs-_f7#B(Nw{F$8tCzptO3Wy~%wa}Ut zDOSpE?3`#RC%=?E&{d!QsTgvgE93THR6^kKObsfWm?{hvX2eK5{gKZOWlFh{A*5;= z2-m5GZnUT4vx;LorJ=Yw)t=3rj??o;2abC>KASu7o`okqRLmG}9Besbc41({*d%=eRTFZEHhGDz?G^*t|XPQGb!kNUDj`JTMOVT)VSdfi$G}nZCDHi@m)SFH15(I zV?kuCM4zPH&ndCzE`smMIzc|%XL$&~0nRo7oAiz{zx`UU54XyV0BmLc*NA;PNQH40 z!S{pso^Ae$cZ`MX*Qs##;UN~XH@FLcy%~=K0uPAojF`Wwjr26&c)J4=g7|VW?&TI# z@O@Uf1(6uzn+NiBW}?L3~mPe0V*!vOW6kaXgkcY+hKu- z8s!8_xmT>jWHjK2wF^B?ufrZ?0gf>WK(M^@EglVU|KpK}>Ps9{R2u1kUnl%_mC}P; zAHR73QVqW-{Hov=f?oiBrg(N6dAdvlvW>;1Ff;%-J)M24xHOVE>nZgWm4^39;0#0t zA@`U7WLFUxc-9vL=n>3v5-!Ie%VB!yPC~g3zp$ax4{X zCZPbf!=6$P=DUoSOURV)P_~P}OALB2@i{CXje2axa+6%C62Yu*Qq~t_^p}>beAV3+ zNrgDJs6lz^RI-yO!v8wxOyZNoaATY&fVw`VV4t^2 zIOWhV=c6u|Ib@m!neLG?O2oj7WiD5gbaTGXvw znDv&bV>4HB3X3VjfNAfCLQkg=jN4qZs;MwyZ*W3Uszt__EO0htg`$p9@tCy{#BE`c z+};pk=~_xF-J6Ro2V4%Xna%N)Z?No3;voR#M=8cu|m$AS^)Cd{fJ z3cP@V7mT=YfMYq6^(_(#Bkn#WZs&%WGdBXl2|t!49T+dC=3-?iHyK~IpdqP zY>3dqbfikr1I5CLWsL8+ksFIq%dj+1O_fh-*#e-Pc6yCFy+&A}+Oh(KICqXBx${^! z5d_I$<)d0u$fyuq0oj(KJUN!Kp|+(EmSZUkh`JQjAW}_PziP`3GhG!Jv=I7mSQyTQEk= z!q`d^M(-RyyGq{pm|s%QuCl0SS8;VD`h6YEXC)Q`N;R3m7qz-KFCFbJjNHUYVXMF>Qx1fo#bEOiM) zOiyv9bc4wYnd~%}6Sp+N212RQ%xT!j1uLni(fv69b|HdRVXgzet3>Mzr*(!RS9#>B zm+M|?4L8$5Un}Iyz51~^&%6P1CNAF_oXi^(xxyn?uu~vC1aC2YL|qigLCSW}%zKvK zLeMJH3@_7+Ri>F>ki5d8r;s>ilQ_oTJu60KWs5C(*ZHLl01hCM;_EXX7XRiF}tYh`OGdo9miyTuGh4}uw_$Zq+J?m`|F z9;A4ri-<8!jG=D>1j1cyX3$A9I43=igQ%Rs+Il>vsP|lPEsnh5(utQ{MYSyGt>vR{ zaray z6=T8?!aj*tsJM8oC&&q(U=YLrZ-EeginyIF^06Sr&(QU%6l^)8_#1S+VhITzY6XuW z1#mRvRY%tY1-ctHMb}F(|zfqjI|kTi#WAn)I1D%=%gca*hU@b zOYyHICII7LGHtpzH82)1n76s1v7xDLbMF%^4I3LafUbg3D^WQ_ zF-lCW6qB(11}h<<85=a%KtW$%*L`ODj(eORV#YIoloLHh=>(83#P;vs$k+jceQ6Pl z=3%gD(G2*4OIATP(Zz*lbuDHuHF0Q!`^}gAFgOW8n93^RsMW>~Vt)Eva|R z%@JCMeuF)_V2<`-3GN2T=E2w_2HUeFEL^0Umyk4f2esM!qQQ1A328jCNNLOt8LWRv z=xY2+ZD^L5kLpy8I=`rXOy#3#Y#h~bQQb@qBR7MMOU=OLQB7d_A%h*dUZ%&2ZZiY> zA2!&*>tufiuMOY>-3HrH2rqYAHP^7E(E8`5IcJNvi3W7-*GAW^47F|BWw7mwqvlX% zbKy=>$T=%>k9{^SHM6eqIW?a&*q4`%+5E%CF@q(Sj$a|8hRubKO|I?mB4;nsbp6) zSg60|<5buL75uf&V7&`xB+f0FbFx_Is7`D3c^NbpK7-0-K!^9v%c7<5X^vh?bI$(? z9VTiT4Bg=-`FU+xjQ?KKLc}#pvhr{$%rMumc2rP}oO`Z*XW^r@LTcrl%r-z15I5L? zMc2%^xj_AY%wYQ#&Sh@$8wy`J%zrlITnig}4A!++>bYwgOF=bve6`zPor|UFTFF>w z+pQ_S(gCU+-ag-#r;$wJ#KM|IbAYc`kWrSZzS7P~fVT$;L-)0NpA7STms%R1DCI}4ww zUR(Wgu9|@9_Z#eyC9Gpk`ppZUJj}h^1C|ca^VVPq9bjG57mGzzfHxh72Z{sn4sP- zI!2zrgTPm+=@pI>Oe@tS->Bf_6e|SjvFj9k^f-V27Xi{9!+ln>r5AZohcv4 zZh{A^@Ly+cg(8D}?j4DbkEQ#D>ddb3e&|}jMm@>H@sWF*8~b7{2jiRiH}q}li^pS( ziSh)*`RVikx0E09dYdMxBBq{Nc#8(ZE6zb*t4Uj~IbXe6gXaU!=^GjAh-nj(bb4w> zOe+Jv#A zsrYJ5g5N&iUMmCbDafO{p(NLhsYwjPumym`HfWPSt3im24h+U)V6+%-TLDckc;BH> zZNfk@rY}(f*0R#^bUK;7S(97>HE%qwHKsWH62sae^$#Wc+s1i|q$N#EYcwgL(fGi4 z8hXIC4RDu9pi#X_xY1JoVkiTBzX!4Fp!(~LD5j4*iQ6A7$R&}iX_%<&Z(tfJAw z_J^d<8VwrV< zyWU0PR^MF#Ta8Ab8^l#k#&Amvc{XF(+Jc8nYn38S)z&)v02Z6dnWuGtjxG&mY|x~w zRMh4=>GwVjdR;C$7EF6Ycf3(UpxQye%7S@$p1D9_x$`_d}mNUtuNsBgv6Crj2U-n^(KfXp(|`q}bhp zjJ8S+B@a1#J|7`#{t1F<)uuacx=w>wr649o4~v7KfwNW{bDfEOhbF@co?&-?-$3j5 z*dWyXr}9_15k9_X9T?INFQ|uvmN<`D^F3#w-G86>-}v9|`+H_|cHw5kKZW1ehaNWe zPkd`4{^5qe3J2g>SS97h^$clGx5 zHuaA7_F;Ll`#oirS~(!88drIkpWAbwXdxhDQgI>3F;$HZ&xY z|8EVDajWJN{xe9RD#kKyINGOC1INF1`0Zsy>?FM*&;L#q!&*9fn02%LaNWjsL#Tu8 zWIG_<0oMm0jDJ5U{_kINI=c+?RnyOL?^xrub!L3j~6pZmNeXRkFYVB{VF`{(gpeamRv{+-wO^`>H9p8Z0oUy9St8zERTl}VS6pop5d9j$wko zW+-hV{F>;_K+;;kN4xQZl#s)aQgYqlKdR<*Qso{G)Bsk+j}gGL0X()7q{f%(krQe> z1-PiSLk!Q4XBwCZQVy_nc`S+eY4MQ=)muMDb@6aWAK2mn_%_)vCbqI%gp z008x41OPGs003-hVlQrGbTlVP|D+Wo~pXOJ#Xh zVRdYDE_iKh?S1=?+{V%1?+4ufK*&HO0jrfCxi9xQjz6rlvbBgM4R&P*xWnNKcZR#m zh(k{JSZNaYf4{2k=Br80bo1Hdl#$pwGh}sFcXhqH>WBaOvh}P-Cyd;{|I3qa&cA;0 zUqAlO|M9~nSi^rT_~!>Zik$7Ow-=w;cfP%KethSy!ypRo;`57tC82Zv&i3tlXY2U! z`Cpy=Z+7CvKfGj53P>*{P(N(p6AWF1%)hemwZA<1_`Sjy=kJ1z<3;E1o%nMQe!5OP z=f;Vj6o4|oQL^3IVG#@b=faAd*b45f5MGO{`v8{0cl~=SesCYjhKj)PEfjjwz+c5To77hq`vW}hwBk7C{k>P1zqw(Y*j@pz-=9ytW$gQ%9ok#5MYsDMy!qtEkB;X>*5?O1w&KvfyK~pp z+V(B}b9NlqQIUrE_~1tTS;u+^rU$9Mw z<$xtlr(?74U~L>9Fkow7-G#xn49(r)Uch$w8}_U9SlRx_+S>8@;hZlS{4emmy_H0; z7WQ52gk^xZ%VPO=VX$*TU_cLc1j`KbaBvyy*x9JBjOPWPaYZg2f3LD40wKN@9?(9L z-qp&oH=7W6qM!u@Ks5_d1}Yv%sjLjDX_!Ho&+8>JINWP+_YD9<8-OwN2m8?x zwt*D~4AW1}UYG_J5N!Iq%P6_3>eyju@2xF}13WkkKm_;z1NCh`wyrKMI3gvmPow_2MZhLyI1Q#M_{FXOaT+Ac$2>X5`;a4k{g({EU>LX&jjTyi*+)>_c`0+bx*d zp)H=%GC=)9TR5i@FVH)*`8l0_7YZk@-Bzfa-Rg0b)~|GSr(cu;J8ZKgJ0)&fWT0hW zC2l&sg7X__5F40_;!>oK7Y?baI^ld-J3B^5urhaL)%_aiC!GpB@g{v#p4G>PF!&7G zI9L?f!`7YcdKI5ZHrgoG#IHMCl)t*Z>L~-$-t|Fo6V@)$O+CEPjilE(ed?c-8no)+ zjgQuYv;OoR-n)1NaAD3Jt>AURVJKKwjPouE4z0k2Y zd+th%?N9J;7zKTjK9dd-JhWtNAHB!I2vxCVLbjvakmP^!MG$ddKAAOB+d1T_>ds9+ zP8ycuG0Mr@rl2Dvp%3~!h_u4ade!w{D{#4?|d9@r~tt*?G2`1hNp54>PUZVHT=-FaN5z?k686IRt{hpn9gZzIDj&-A3BZl0W@h7 z-lZp9<5Xzy1epztuKvNg#}0nzpvh)1MxXvAP%4DU*mueZuvf&%aD9wGb0zh&8$ZBa zf%{_vzw-?lUr{Tf)U%3O1U-=&TE$K!mq|aUP#kB)yzSZFDJTYJXuYRIaC*+Z zSb1m07FZ>uP;lv@RZkt0qVbW@UCZ66r_f39$?3h7H?{t>OetTr5vrc}^yEyFD_oDv zfHJnQ0Mkob8DkZ>EBk^jLC^c>Zu5lTqYu<(3}3qJ8^HYE2PV;Dz`x_BR8uz*P#QL`m%FW`|Skq#<8$-vd&v111iaCg!iUVaeKo2~*OT0b}&$W7X; zlJMTi;bh-iJN!W%U~J!Gwk!Nw8Li=Xb>V2R&mGi+Dh(JQiwgMtl984kf=7tZ5bQ2X zgsz8S=|~uY&rQv-)5EI%fEt1x9)B%_n%TwJiqRW%@Mr|cFhv7KVt%2~)c`ixp7k6C zb0W2-fX_iKMi=DsiB_i~9oNhshjhaoiTL?kCoGY_D!x*A+x0;|6NHTb*k=yr45r|N zKMZm^Z0@fVHx1U3@ukWadWPdTn^=rmKmD$t1D?3Jjg z=e^Nl>HMyv@&#RXQKWo3w&_+ZzfWT4Sh~A1wDg(-hNpH`X#4%_?>l|;dzKO$=tN?o zh*4QiJf8}|8cPzwC@hS8wR-$xe%}R20AoY1uP(1KX2+Co$ev5q50))o=lbT`Kc4@u z|2Y5C|33fEZ=PDuB6qukIpx=9p0lfB`BPuN{PvIVob5>ls(2ibY2RH_=Ux`>D0o{mSDjEyxBcU+1F;PKDY++l>1UZ7#gimH!kHS$E9Z(k^`PdddQe*B-^xhrR8JZd`kL=1GXD{ zh^(I$``MWD!!O@ur-FkH>k>}Nz_xr2*4vwRkaHQ-WezK*1+{^6Bs-`8vJ6BOemV3R zCA(b^VpN8&Ru+YV%wqU>bZrW^tJf?^Q7N}Q`jkBR@#e3;ru;}boSAJVe(ancRX}EF z4Wqy&`c7MEq=-?OADO(}<-Bgli@S2O`-T(Bz9HgY67A!}Z?YNtD{gJsRv4KX=$YRZ_etxk8ablvg#*^&vzD9S*PSHV@mi4*}wva%T&OIy2w_#sn8hW8}S{Yn% zwxG!YlB~wE9osxlDaP`(MV^CG!}+rX~R#|u{a6ZTpB z4k;Ay0Gthocm!coTYJpi@OXM@$~tp_XOW}+8oGQPf4#nvxo!#$2a>jom#@avD^#uq zL4}pBR7MBNf&+I0M~x>)XI?;{xs z?x}QSu3+i0oGPm$?Zj-y{XI`xc!tFoP-|wF{h#w{$;_pS*f)|zI?@?H27}S_koW{_ z2Jv>E)?q%kKHxd$KbE2KLJ$BUuhkGbU|^#?0)Tk^0hObZE%Y_~-)Gg|{7ZWe#FziX z4?>tePzJYwhtI7mEEpUge2tUBfLf2F?{=e{Ac)4mUs#A#i9+zhreN(ko89rbSvfUal46+}$~xzq7$z z2%_dkh*cQzq99$ubL$QMkuHvesC?RRI;>v}mM2l5fpwwq0#2EKhHTgkgb#wOh)VP6 z&#xR|(Qurl2yuuaC;U6HMo17m2UT2isfTr_jE;bW)jGtHRVkDM;yX^FEa5qekle8E zE%AfmUGhg4^Q8bSe4BI2>?=&Mi`C1J+$3;<9SAxjK1DeA`6r0_@LyQHIrgo@dihNw z{y0+^aOLsCO-Vju{XWQVuDs5_$M?r`XcjNt%%N=S5ymy9x2bp~tD=9kTf)N{TTw}? z992z?t*FV==$uBZ>Q%i?sK2!KVJ)&waXg~Y8nHfa3wmlhdOM=o7L-{@)2?c^My$x2 zitenxF1y3pc3HtbBL9!;U9y5LDY-h@cCCV4hNq!z*C^OB&ylrlBS_$;S)bRZg+>dY zM(MY=yFW9sU-iEIqfq zT3kX68>}}Yuv%5^Lv_q{$1TZv<59BfR4mCx<57auU`bj9~>kh?TiHrVe41F`Z@h_j42WhkZ|3+?2&VoG8nVs($q;^{WI&67;7N23wM6OLmv63V7=pB#4L|b#m!+=!*;n!wC3b#%SKti`ZSBgbWy8yrd z<%e#6bXWM*3A$eze%E@sgK75wdve7-!|z$!*HO?upLlf|E-E4gHAy_>0542$1Ae*x ze)SF7%)E2`f4}|Iy;+frtBAK z+}UZ@njnsj+J`hsuZRo0Z}HwG*Kck>o4Z2_s2tP}@z`t4CX5)mvzx;PJS`Np;iiA(+M0~%CF#uzkj3Y?Xaz# z&FiQ0@N8Q9MVXW1Mi;r$$DH*cfivi7+N}$MDEi@L_R3&;%$EW@LSJJ1^B33uq}>q< z-bt@2`2dGuGP?8^h`_Ag_{kP2OIgFYW=*|$yXx#+(ZW5(Ppo)-7$oPFfAVAL90ZK&)hdSIv8cQ*zE`=cUN}z`FvTC0E`+nwSDg+2 z9xqu1iC;IZo;831#lmmxs@+!iV{B!$h{jF2(Va07q%kEjuS+!78KWYVPP#`a`FGzV z>A;L`O@!>;${T;P3tV5dpr&{Wv_bw_dLcV696i45DkIXjY%W8eNp#CQ#f2W39)6K)t&-m-W_q8q%S5EsngU~Bd z?|MOM*pr`+V+Ie9@qX4G)S3RP=y4I={Cpzp+U8L4i0<1_6PS=hV6}GVVLm0Q4l7kZ zI=G`m1T(FWQHQSbrgGnd}czx=D-C;l6r-3JxE^+EXV9 zX_X_`bn4{uRdWQTQ)i40a|KeS2R#O37UsxuL~1NO2FEG`Gfc6`7vp4=oA!Iez9(&m zw4Gi~;c03-Mbt^_$rpq)pGh^Jwi{4$14exebDUQZuk-g7GL4*2_x8^Ne~Te6>IF`h z;i`yYzY1ZkYJ6-8rm2Q?3-nB>k4Dd`+pw!ylj|CX`-?kBwn@9Vu7mBCw_k=V7hGm+ zEe+rL8y05zY|E8JZylh0NY1f6QGJjXmlY}O00(l#Sb|hq$b%ml{qC;_6=tx5kUcwY zFw-5cqgV#PYmATW>u;o`>%tQ2YdNv%riguzlzZJxF-BFA7O`tpnP%Ea$;BLTv`XUc zvIu|}DTs39rjbJV_{NDKd1;K6KP}erpzwK?v!=B4ZQ%xT0MqpYN$}vUFd&Z&9M2e)NT=8I(RaNr$Z-6temui?*r7#HH#VP}zJ3jDm7n~0 zC7PZ^rLJd%>{PrVf9p6>#FU=^XM^Qd@R;xxXrZ&kFR@Kz*;WZY1NYB!^~%noqEsPdT|N`cpUz%n^}eyf#F)lQ!^zQdAC^Rkt4fMF_0?^W z9w{Cv0)Lbg`_E19c|SVV9*P@}N8v=6hxLVY09zQf*ah3{j!ZwDfjS~s{H6Lqh~!?T0}%0KN1IRL^_J*^CJYrdPRoMo@IqH2}e^^J+^BcLGDKSh!~l)epig z2-hSsf|J&@kL`#mCNtnBGF<|*9M}jDpT{B4ZGdA)rbcf%M#uHYy5@FVgS1OD!&Nki zW^x7}y0zDzlHKS^!8KFy+G_&*{RyV670J(=R!kMdA1HD^ak$=`7=3?^7z&l2M5w%9 z!?a}!-aGY#is=HKtsCs(SSI43+f=uXW9ursxT1dT z+8S-E0%`(eT6a77aJ<2Z7u*lf(BxfL1bbH6>V}v|fosOL*I529!F_3n9@Vu@i&>+% zlqU*j^_L1wRtjW|*BYaCzvR_z6@;lCy=hwx%%W>_|GlE8>kxg@rZ05w-JpBw0nJoT zEOpB$dS41G<|+aBWb87yNOTBJV}|Igf(($Yn{4@4%DskDNEj&;5C-ob-B;IWolWSO zzjf>oZRWmDv5ML~rSEu8X&i0})@kKnZL*9>NRDm@*I_!gT2OZ&3 zaDD8{#kE$}_|W+h^E;tJr5Rlh;2-+cYPj!x8oj1~kB(-;KIBz-&lcg^*4u}=O1@$_ z>IxP!IjP{erJH0Y=N{)D7U&!2A7<_t=O32h73UwiQ~@&9H7+(v(=VQ7bdKjAZ-G@V zPx`6wS;Ifa(lyAG>7+tmKptlltpd+o?^h_6AnQx{=4k!`GYeQ!Tv{u|W`MD{2SCPJ zDfWa^Qjg^jdUyRuWl$5U=7$#IStnqfmG|f7ZiJ?8ULt)(9bFW<5q9dP7L~T|VS$jLz_O0u=vA&}RZM9wQ>;VE}KFu`(=hRn#UY3?P z@o5O^2d_w8?FB#6Gr`;-{OH#Uyo;b0oA7CA(b^Vx1}}?FX`y;iE8q%HX(Ai5`N) z+h9Whc95KnV&C;1vb97a5efv%A7GZ@XBX@}m`qJFLCx&PF_jx>xNAQswOy-YWz}7q zMlWbunbwIUs>C4n-z=<`lW5Y2BB?%|RG*a{uOAkt@km$=q3B3MOsUe;V*9L*W+3fm zlCh2FW-NJEIp4tAhfzuf5DzkaELs-I$Sy|&%9xSl>p}AM6qTNkAO;OUOG8XAQ zax>7M6L+H}zHUAxXTwIU&l;xsDhNEs_Kp3$+*dXGRbwraHNOkkc6fEERt zu>i9Zp@7zOO;jcuVIhh_jR~bH@QX`ssNe|C0X5SvI3k&n)H=fR2{*`hM6 zv}OWFCcCN3xlVW#n=-I2TX6#{kN0*zxCPafdy33b)C+!U-6cM^>{uoMOkb=IV;iht zYvF8tK&A(3u5^Cj42B7Wz}(nc+dejw1>O?^*32;oKi}D2q;xTp4}N`XuP=aO1)=*d z;hoGeL`wn!t8o~3k@XOKE<*!Xf-P#}^7CQ~IN)Ej{sufyOtpNwi&-X^g>wx;r3~f-hDjI(C*L>5+@!5I>0mDv;%5|KxhS`_mc70ig#Y_h;;!n0h4 z_w2JBVlm$D`DS794y?`b=z^TO11Snr`dnbnc0od2BJOk@v}egM#e)82fZ{fhU_!7! z4aX+MQJ{EkUENte7XOv|jUaJl6XCe9ItN*M;jD%l1Bs9G)&xqzEIU%y@PCjXfq&&+ z+ItXE`A>XX z-rB+sc&yUaAoU!o5OsI>F=VH59l*Kd-9TVKx=Q{E;qBmG|QeVEmeHL@zkwb>X1%re0zt zvlil<;5m;$Z3EYZQIygpD6W`atUc5RVLelOiltb9x*l2gxG=1ZK}Dc(M&;HevoQgi z7H+e|Fjrqrn+gXEZK-dtaR0oR9WZBg4P?7hOK9vsXD}( z*4VSH7S%B6@up%i_q%wAa>=Zg%=|VscG0XZgF9qn8?@XtR(zLLm+k(FsV^yo+ID}* z)Gq^TW%nPx8?SHo=cc~wQD|ZJmrVUSbz0Z%uf1N`#qLL|LW0)H?l%xIn?^5+A@5pGc$O~ zxw13K*E#mKY56?8?xpCZ{>IA)G8qm7McnySpKuP?7s`qCXO#H)kJieK|r4W>32>cqlJOusg z^_3J_1N{ovFc#>qXsB6ZB#?+cbEq=qTet}+fr=8SPBeiE+*>X%g_@iee(=$e#w@RA z%;3ek5onY>$I1Blttpfw8PuwSIQ6O(yvWuq7=PR!QSV~Ty~<@+t((lEW(UW!GdTVrx_|IdKN!8PE&(LsBp|e+4f_25Yy>a}Fss zL-<}PO|9i}%{4=9*yOYtqg=AXt2TAV(wUMAM%yUQ?eH?BmPYyE6o8UZJ~aXSmRbDm z!mmes1T}7fYE(M)5lp=nlrcEo0#mYJUrR}Og5B0|9w~ytizGRYo@)}k0 z7!O_cA0d~q)ABT?;ApLu*WiU!alFbJbx-%1I%T|3a%b!0PJT19kTj-9M;Gj<9Xn~F zdMQ6vc7CuP`LOa$12&2Asj0FCeW!_52AC>Sv;otBnxu3=ytcpWPpD2y4M~B-fN-oR zxrP6n!GG5ez`CU56d2$(T8A#X6dU0uck?m@^m7;_yXa+j|IJHqRy=}hJ&a!Ft14#y zQqZjU7`=?0D1L!sBRKdE0}KEC=IQWJsp>wqtDJB*lLa;4ppcBwmN8f9U-^%(Jy-pn zc3$eQVAfu&t}H=S$ab#Z+cJ*lpj&vO7-SOIn}Ey>q?x09V7jxo#nwuz|3?IFm#7FWy+0P2faj$X^@=G_ zwz0T^w}yqD!E#i@ukZ%DOq%)cQ5is(tO*}CJn&CGD+5ryDTp{_@mhQdy?GhxpC4Qh zq>1nTGjZ^iBl`hjA=w-`;*y)N08P}qD#C|2K8BGY$YO_#{iOkCTwn|}$XCzB)y=i- zc_ysz#m@Z=Z)YlBy5;X#@SY`JGy)CgP5H(4?-TezryFJH+&Lk-l|Autb~Hej+JRkta$?_uf+q&5WphBv^#aV#;Am5l@` z&zIZ@UK7kipZRxRo3KdiRuyz z+)gRGE&cHUFxB1f;&UXj%)o!r#)ITx>c}27b$eXUq z!xY+3p%EzWMlYkUAtgH4z6DaLnE>jf5Bw*oAJb-&-nHbKj{dkZQPz!Jd=}SX@2yFIr%5cPK7p zaCdhrZl$;scXucQ#odbx?(Po79g4fVyF)qi{_nldx#!#YkZ0E3Pj-@(l}vs~mP}06 ztxOvo2FFHlm?M@dSZjNUIYTejg9C0GDUMkSU6+idfLMssShCbnU$8tEy1R~9S*U)R z63XdxjW4E@9p~enkZm36CHCS{PP`^@UP>J|Z8_`kh(xp9oV0y8$M)QyA&TlPOtHx1-O5H;ki)&=_UD&SG zu{eHZ_xUXBT5=ZgxtN)jnKO*o)BIsz_LjbmG|8!PsVQcgZyLb3TDHL03+kxa+E&su z;D}ID+ul~*XODG-!kA-Mkr}lj(c0-6wjSux9d0IIg{|}c#C;?Tg5PAHwFEZa1IfrzhZiTGw--D zFS2SkCeP3vLO$W2Yf@IHU12%Pby`JhBuYRbW%tCR>|TlZS*!hlwAwSCvTGq_8#Wa? zczBz~)xS3XjJ1x%H!PzZ*_!SAPS~Ub^Xlx%>0nQCSM53GvbC#%pCeT_QOH^}YkTD~ z!x-KhAGssx%3v>e`UXli(t!oHZ=hS3;=}Jqe9YhTtTg#!j-M&|heS3?{2(VJUT+WW z_+&;P-Rd8@^RO<|P53HqEdUT^;Ww`Y(K=sS^Io+CpO3A4<(_<8Q1_|#@;2{TIT!Rf z7ZhR$3c76W$-ixoX&#UYlzeD8&;@o_cmSZC4J{*Z6Z{FK5|TyFPdHcS*&c{+odIJ} zWoEH$P^&Z1wB04EShzsSaxQkg9rQE4_Mggza7#TiEfn?3_8`J#m1&xdBm( z*=T>7OaViFo&w{|y_$l;uK-3m&J^baQfN~N`1}r|35-gZ?0+d}swQzbk0v&9V3D$a zxm604SXVjO2t0axIVR6F^5k&B6Zowabsj| zt}gB^J0de&@6&7nANDFS%U_AJxFw2OiM~16__}%pVP0o>PBvZ>$Nnu8Q^&DATl1nD z3>a!SSro@QoyTLcXNPJb{C|}_>Ym&;+%QJ^6;&1b1cGfuvL;QHr#w7lmsnE~#706M z3l@hdxU?R%Eb!)INfait^M4J7GW#5tSRrPC-LdR1zjOI-q@#T7C8m?k=E+=G=ZD!|e{n50PrHSt{vWs@C_8E@ zvUXl+8$o=@-jHz87voJQ@8}lJ&>GE((a%d(MRxGJqw)g{Wc(%4l zj$BW(F)t~XskbHcwZjq`&ju%}d+DDaw1}nSISKE27RIh8*pp8H-zu9J=I`tO0FF)g zhs0&pMJ3`3kv3g;4KLJSiaaD7!rRBct(bg{XFQk^L_@XxqFOyVb<9};DTkv-4T1mE zLSEMw;VLjWs{eqt$*L&?k*BfEQm&if;U5G6LLn~jr(=+_ z^lyrH$81)RO;>c5nvJe0D|6##+ejPr?%w0tIs512U2`1Lx5)prlVWAJ*ZrNm7g39= z7o0H6Jx(*9h&x@*4BrCh)F1vk(b0N{(0{fc_u0y=JQ2tatQ4ojd|FaVuC$WQAq(=T zh@Lv7$Y}6&qmqGlv%{c~qxRXrxryarrlpNfgehOcfC{`4(p~~vgj-16DwsDoRQQ7M z=tpzn^41)8MI-8Xh~CgAQFti1uH7#t1DUGm5zWt3lpx4*(!49w7^9$s zcw=yfCfx4_BNR`3z(H((?s=aWvaa4OKZ!SV^ZFVhykGdw!R<~pH{Nu`&!}>aCNM0$ zuK;`;mgOlrwq~J1<`~47uVekrmDs}H=I6c_Q2v8h6bL_3X*ybs4V~zm&3Gx324Im! zQrvuB`70gIzkJ*HAgD`=#no2qNb!;-2TW?{Ru@iyEkBXO>2b1SNL1o~W;FL~!vnr5 zJ-)>k2r0^CWY^&hvEQSHdU8>?XBq5FSR?*z+_sm(vEH1h{uV{RRgJzfW)JmlcOE;m zP_5~+o5x+{7tQB`7DG>o4k|=~*3}y~o)6@0xOw~TjgUuG>43eipzuVMayABJtv@yL zjb^PE!c>eKAc^^Z5Fj+ZQQ`IVRcB0O^v|(*4No&o6%`XAPh_7Q-c6G6Z-%9Kd_A@)4)?u*F6p?fX-nbdv}8)H8|P9oW7UdLH$zE!i2)q0<;k@^n|rt4`X zN8qQQx|?)6%Exte4qtTX^qh;Zs*wNSp!vY79@J^>F`u$$FyBN_uXjeFhe0hHpHJ$U z$KVAn&3rwWhMOPdQml;%$`TCnc)<6__ydEOZMM{vLj7_VF`!)HWLB+a-z3C1B1wrIUI6=BR-L;uAK@i48mu0Z zlXypcEH{%_U?Jt5FefQ2UrJpJmKTRk08k^!V#VP?$?<6>sdH&4;Ubc_{6ZT@Q=+W} zt=AD#|Dotc8f1LGWySxORa83sv zIg_JMPW`TNr!<8bLrhn9wJo?+OC(u(oi1gWbamE@m;HmHXKdO=#St~kr#Bac6f-@Y zUgJ4|)o;KiQyV%fK*h(y^4tjUQY~og>K~{B0H*h#3GEaoDD!&*lcY?;187I=8W_`$ zCpYqTuak}!i19=UhXu{rxY&XSk&Wb=`1YyneA{%lJ(+X{XV?l%W%(QmP2`fE+!H)1 z%u}DV$d`W?$f`W7uF3gWU5tmA$aj)_p(42*Q;0}w;2&(*<41YT*6j!%_72`L{%Z8- zOqXxw;MUIn4@W{xufmB}iAd1zneQCoD{4H3OB>;4Fr2UJNM&Q&d zgD-qDwE8d)E}Py{W!FAVfZCMLdL<7FYA8{}VTaYvr{-UBwx!8R!4zcVK5E&CTY{ix zwPVLtrVySuo|?tT`D9WKzVnyXiYrE7;i5sDZON<kBksiw}bj;!n5v3ufF7^=j0|X+ka>t35%E9M0YR4GV=<+Y~tfpx{Hd!&Qa$= zCx;W_N~-9{A+bbZ7^qNYnE^FdD(?(Tu2Mv6x8l{ zWkQ-Wf7~ClPWc_wmPz%%n4;sikji307UD0RlQp*8*a^>XpZBf4kKBKg8Bw7LuQZ{} z|LdRj&H5k>rO+`kvjxcsw+?3bU3z4rAc92`_mahaUA-_@}*S@M-EY!!@dJYseMTmxF#;y0?={LM-m0(BwYR z6N{$almZ%leW+-$n!)lQr}^IoW)!4R%rwkQhjbR~W7+&%v)Q=hy@}n?lJIP%DKPcR zRz)@eS9i(W2}kfOIxZr;Hg|DI`P*SVh6^I*6VoK)QsR#wFef0%G4|1^Ng)>~p7|np zVdZrJB_Te>{b*yGf}J^yWQ#OAw%M0fZgE{C#cEF0DD=1jIubmecJNRo4;Es+T|m72 zP6$OxLiMqpcUDa_y(iiU0fY76dg?Q|rDp60K`Vy+!>BA9Ssz=KKtNhVKZD4>i`7jF z8duep)QxYB;5X%tEOTEj3@B+2XyP)+~S`}wXx8C%7;;Oi)! z?00MQR%nT#!_NP`A4|a5)1$ag&t%xsvjXC1AqEpEOEOjvtF-xPqdTx@mt?9B5|)_- z)G;-&qN)|3xO>KfGG6kiW*6gG{Gw!1hvzyo_NLBA1E~TIcndL?n)jxt18AN(R&nt? z9T&1yjtm7?mB!1RsTn;DIiC2Sobe}p<^q<}}H)fVKj<<<6 zDpQ=ScPk(=IEXIFFS1SaC1=DEOs$aNjY<)!|~J2vRU2Jwx2XLB4vy;Be=(rRK@Hh1#qje;tS2BG1A#o0K;9U3aFOgFL@Ehmbik zR;Zxm!iOrjqkTghEj8EgeUNfI7chacB7p@JyPD?Q#7L|LQ?$F;*RV;oLY8y(hc?Ml zxQ`}+OKP1Jh$E1`u4k#iQ~4}tc_`GUyAki2Ywjb#xtalrB-jckDhxmLC9=h8rm*J# zG=GnC)^K5JQBKj?d_3l?y1{xRtPz^02IhN&2edG)Fk)pK1DJ|B566FLUt2pjOIWwf zrKfVHw*qJrG|{1rpcu1<9lXxe*S73rRzo%lNTT`8K<9Tcsz%=@0 zntmM|h}#BnPNpxo!L4By&q!Ij$`nSvl%=qb$Z?QkW}e^^`o;@7_sWp}`B&|(`kr?k zE6n#|QHDMF2bLcSF|j!y@L&o>)=#YIn}kKDFpjv3vvBI~0}-q0=n>j_53opNg<0Mf z=8M#1X873pdCEXvI1kZKh8ajeaX}&2tBkSvFR#6Vfe(8#zLIDUQ(Rp5TB58SikdEg zF7;He^8@{V8%k?K45fDvCy7ZR2GYck zB=-L^l;&ppzcQ3|cC&Z2vNJPvus64|V77K~urEK@S5r};r=MUL8CSe#p&c2YV$iBn zE2-MwFN6K`e^zeUSF$Cv0;zQk`v0)f{=cmJhpp|nKD;N6<|25UCgVq-C_P3T8Z))4 z6*LmE_S>Kj!EdR$ z)e|cp`wLXcX&UR+))m$!XK9JLioE8dNo7`*gJg^J?k7oFiA4=7E>B@vz;7fzdZ}=z zl;;I8K_UE;|GrZk&c(h69nH57Sk0ChXz>g!Z}BUUjum};TCH?Mp5~9XTs2#JVmZqa zq?L3QzB&5tN&9cnrZF$zJa=Q;`R>uc?4VnVqFA`9%OfkE@JTYeIA^w7koM9psa-+f zBFd@;+-h(puDf19A9I0K9;5ivZV=Bz!mt@VSR3^OOW>k_p0}pUsHkm2k>5Uy>_Gdj zyl+VlI8+)Smr{Rp#0VVoSexH$#koxX*XX$GXzgAM@wOmFMD8dQ$N-81B7~E#V*iLF zAHv=XBR@mzr5wHov{DY=0=y`P9|6ylVVXk@Avyv8mzs$ zlB)(PywI-ZT&qFF-?erDg!Lo)nu>}kn`R`X>Z3boEo6L0J7q%6a&_Y3mW?O|K(ZwsL2})}jy=VpsHTIMyFC7Un|VL6J6b&QhFf`ckl*zC)u(1}QhTyLt7DEn zybjs1tMIoE(=9^K&88%(Y@BwO3lSa{b4R2NUTpT_rugoE6alvR{brG6r>qIaAxD8u?TpJn`g{ug)q4A$o{SxpbUyFVu{iM8#$b!EV$ za*rON&MWaBBmx@GqGi6KqWd8=&A{Lcnicp(Hl7vy1y436?p+R27R#3U&)yz*c3W=2 z=cK`fHN#HW0ic>;#4rEy+}uqBDqXMwX4}XGpk#KWl_(>*SwF@1lQlGRUJF$8IWf*N zjDoWMVrb&|$mTsl53kz$Hh=)R3SwLbw(1_G7Xp7SpqV zcV`uM!Qau5@`4&kTP|5q6TtdX$^p|HDt9QXWtYJD$HJ4>(i4}~7k}yd6aL}k7xcK7 z$HbS%)ED%-Gv48Lv=E}0)o+{^5}zM6Ki_IoA^9%qgO3EH??}G9#Nheu3i%Crzt9l8 z#Nhbt%5KKX8w#Haus^qr;rkUwbXiaHDBfjV91BdeT$tn?;HY7%TT@oh9JF7sDq&8$ z1Rn7j-s#bLn-e9+mWe298pf83OpyUAy1{b+t#jSlC*9&Fh9+~}vL}YJ_bh7n zi-#}x%lC&EOhJCX;s#tG4jl^j{}TVo*IXKeijDX)veYEQ?V7{*$AEL2~fSiCd(uWA@(w!&g_mN|bCYD`rBfqFr42S?6b+&b2f~hF2k*=MDvYbmA@`2!#d6l6 zW&Aw)dqf2RnRkN@laU1}B^59>1{Z=4=(`QxhW(Wr#@1nED(iMWsBX|+2r}+8S|TUl zju0_;tXk)ZBJZThG5DfVO{X$|a?%)eQ7kF1UA9;i@>XW;yfj|XK{khsw#s9 zwC~b$^ULUYro~;Fbdl@1={}BbA@dBvqlO_1TlmRu}>LE0(aaG%Yd5$RGFeU$@rAob*)!(Z&>iVu zw51^FyGVzEjs+l=$Hq8pz zS`fsQ!Ky`(Ycj~%5vVop*K4Gu6!kaM8>LgEVS$brdt94Bt%?HanA3`|i&}c;QrHG? zi!@M2k*riAI^ceB3o5AgxON$(e@SD;P{8*}WB#FleVi-Dn)NkpQax>DL;~9+{fA3r zjK94TYMWJE%dupnt}B+pSHSE(=oqQT^@~K{0bPPNqY55o(g2dYPY4Kfgfo8-n)PKS zd(oFvvikdL9l>3PV)S|>@)>V=2(WUv@tmms$t=4CF;e6qJfn`ln~l+lFY@s!JYxWD zQXWrc8&oMv*mwFRWWWH$s;?cLq2F)}qR`N9$S`2|&4;aHupPbH48501kGfVtuq8>b zMZwF_;(;9Ls%O-afkA3hG4B#?+9Ur+_x!khVAi8P_tJa1IpR*g`c7(pdv+mo(b8i2 zG44ng_(F=~7wh>#>h9Lv1CwXYRO%&KdOU2cvUOQ~Lg{UQC&Ur~PL-T02ZO(%xENpv zO(lZylfX(hqInale2wKt&!Ts>SV9?6Q=wom6Zk{;!TCg{f>7FtGW=2M)~Ddvudo%w zl~3-SzWmP>yHg~5gG}mjD(~@|@+C_JEGZFHIGN`R;oxqUs|7{ktss7bR>z3-6an z)*W`mIgP}0EBOiL3UeJ%y_axsq~sKA-l55~ORiJEc*4n4@rgz0iI3BL{o5n_LU;LG zK;eIjSwQk!z%SJgtkM9s`EJSi&5Tn+ERBGG(hu{}51P^sywZS1C$bIN`%TgN&61PL zzWdFiZuHuJP--7RY9BCa9};RG{JU-X4ELML_tl#BkNYo+D~n7nO@VTm=TOvC_y~lp ze{DHDuo+npQt)BNzJm76F4H}KiRlODfbmtPFiQ?`OZ-ugV4sp~Zias-phKo(yU_}H z8aGnWBJ3;?X%P>q!YS;mO|VsGZv%s=j)SrMG})cw$-f*i(6N5c9oWd*kkt<9_+O3( zV00C*PXb#gA|WQG_HiOAk|LA1mS2PN@KOXAlL76U_S}STr!ax`VS4MNj0ws8)I)UV zTxQ~a9u^E?P7()lEcz?0^qpp72^u1RSzxEW8FX|#tkgOXYzv;WVg>6WZd)L2iypU% z2d9R;pOp)}cX?y==+kd8*ZXp5)Vz}~`QzA%AU0(ajzCM^bdo>E#Q9dooej#WVCe6i z8X7|u$k`DU4FfV7?SE9-O^7L*s3_ftA%=*34oH0$QQJI3Fpn(fW{)gFkr;T$!C$)m z6?Ve*x%XW0oQ4c-$?mXBzXOl|eLW`aZ&UrLT(IEQ9xH-3mH$vK`Krc%_Zo4b!hJef z1VMK|T~F-F{3|6<>g^eKD@x>rZQc}uF{42cwC_!Q4fXmIOHo($BQ_&ukD7AL96lpz z-Tiwei}nq|*REdnV91JI8US(h<^~n3vt5=9y>I>6#w%KbgOozqqc%>kCC8p%Nlow> zD?}Qpk2DGjcKXzp0PW7$6PK+53uSSYAOtyN5R@Bk1PKskFN$IY%1vTTqC@dvhr^L{ zC}YE~R9?Oyqb6|2LSX_(d<~Z?x3!Ydu{edRYW-;~os-U>B0-3QWNrJ%Q`Dt|hNo~2 zs}A1-`Gb!5yeKCSIFpjopso^vsEO95^maZ(WVI420r*;Ibj+yT_T%&+U!2vI5(O8j z&j8Xct|nuL!X8#});kOoA=o}J6x1^ zKws5z8`CKjfj4%DFjAi|qzGwUJm0CV)B~`P2J0COfjd4*P?V2*juC+<0USNbD|<-b z3HW?sozmWw;~{8`u~5Yox!e36v&uOydkbk}W<~xIX*${_GCIrPeFgYIq6H+yaz?^7{wWCFqZ->$l%UQo#-A{7& z6LZNp?;CL<6?<8OJg#}of3(bCmRfMR^F*l95|kF(B(C?r`5I#zGX0wN3{ymb6Df9& z=y9ZCG+wf%C#L1YxiEx>6GvJfUDxAh^d_2HXl?x}XKhT&FVj_=KCvOQ6loAV?^%=BYeo-&+_&hJmHZu5l}xN)0TXd zpqJVa@lq=?-0#i&JM5vyC6Xik>~wF&peZl+E4&j$cV14#ixT&-(p1ViqwZbdr%Q`m zrmIQ(73ga3XYp?*l$`GX-EA@28p_K2KrU=FJCw!XYE6oYL)Qlz9YVx>!- zS)S+5Z^(8(jdFklw4imt9(&5Ab?h@{kQn$UcS4``q-;7z0$!e14P>MB(>-7?8Z7f(l~wfd9-1D!wr_At>3TB0nrwecj6WYA=4Y=%D!o*x7GC+(L#xax56BmS zvJ>s3x}Lj!t5Jzl$A}@7_n(Y*Pv#%;w1|r5*eWb{{HfSJd~Mpf3z1u>7pPCtu?5Jh z2axfEUin#e*;^*iaz(??(TX=%d3Ll;dpkGUdDiJuC5mF+eAZ)6NS``s;Cy^0VdELC zsUY}s!E1WEVKSCf;Z)W&IE{U>Pl||~cLtl74wNt0qe{uUf=$c>G8OD$qa?UQ9E>yq z0n^Aqrb0cnl)RJJ#6Zw4q`96-%QFca1>y9lg#+fbKv`&3&CI^z$+z_r1!CL@K zg&RPkB$-m6(U!Tc6)vXM6Es% z+&4Jxo?HTN8ct8gCcRc*M2K8xg?f%DdHb+4DL@>M)>1P>)%OAz1a)!1R7k}>7PD{& zJ798V5Fywo1OW?7P62vVr9iTT0oXt?XYQM1YXA(1hTP`)aVYt!wiJK9#d!_UWU!_x zrcKf4(bF(uV4Hh;Lb4xvf?OmWtAM=U0Eb@CE3#c}DYEm2K10*e&a2+IFuH?(w1&Ue zchp0&;(LOSB^`5tEvzjYHmw_)dY7nbmr@(wA&rd`>KUL+J4ZCnxQ|i0-x$B&pvN^h zAWcuV52&5h@F&$H_cYjEXA&gJjJN_Fp(| zI&>e!QL3c^!PL2es6rap!M^bC-gcwf)ry2RO>`EkcBA=gMS>@dbU~HeQnNX!%W2=1 z)9#%EY?GwlP}wf<(E06tZfPkymLu5T0-D2(qJi2}pjDxs^PY6dP8&;H}LT&}9pd1Sz6?=R0UO4-%ux4xY-clTLM)!9ad zBHPd22+!VzVtS|!(7*Dp@*rXCC(n)!&n{U8HVq@YyOSe{4N{SVN<|{PSiB%w0tf~V z0G7xtT;;0>1cQ4(b;K5z@>M#*f)8Y#Fzmnw;R#n+QjD<`@3dKS5+u43n#ly1`ZR?L z1%wF&)RF{5k`M_dLnIOnHp)jZcmz~OZlNk)g&=I)0UDqXnu>pR>KpC0A#F?`=Rsc~ zkwN*4l_zmu>5GJk+!^zVk|M9uc2pH>beNThdYPdcd=tBLrdFG#)w{=WhuzZ(aVhr? zhA(x*y}Os@59s2~1fyJF(@Is@r)uP!^pk&QlFx_Sv^9jq}}YtO&@~*KP)Z)clj6C=bX|W+^b#6(0P7yw3ZNnQdqA zdMNt7H#xC4`c*>xaIekj?RP%W5E&nY2!{}xJP^W(s%sLTxg3;RFYBbFs&vPXnpaywy^=qz7`)^(PLor2G z0$i)O$m)@hTc&x|H}!b6dwcuchBBVmaY={w3B|}h`>}I9OidM8Q?>YsFHO8GFG!6A zLAi(X@o3ZDTe_al=m9W4FXPPa4H^%%_UAqQTYQt8aY$ zG@(5IDeikQP4+pl>|hjKZnL{b*lq6iJU{T+QUI3USIkaf+ZcvE3rP(DrjdME3zPpi&9O|NXjf1t9D8tT>glJJ~nhQ5h3qo2*XJ5s~E*FiY%IYi@57F&g%*Q@juHp|GR zd1Q}5KmaIkN#@y|o$BD@puKk5oj#iQr$AyV4< zw5F=JnH2~bU{?^g9gWhSq;mi}U&#wmOS&h2$xpoEcyiKVn;tb7;$Hy>6yeelM7UfL z;-t|yJdD<164qfgwc<;x(^^!vM?04b^xWqX2u?Ci5*~0>&8eh2jj6#k#yHL<1ucJ= z7~{S!3`VdMH%DHXWt^W-`JVRgP_b$tizH5 zypxDL$Idx(u$7JlWl)3&UJPn_Y8qI-Tyg1`ndt}P1vzWN*=u;G4T!YQq;(J~4a$ue&$suVvajmr5PHnsWGhh_VIs{EgNAYIKOK_u#o&gnEs&n?&H z&(3nx)9Fh4U$W+t(2Sw7)T>}%UMOoxjW0Ls9Y~5jpfeHtJB#v=+$E{4gUIjs8xiDZ z@5BN(vUT7K-Ha@^DkA8wynnb%?abU&MUp@tIHCS3oUiFUvxbLq+p;Wu!jKautP8|4 z6F2@XHr23{Z!x)L`dk=@u=ecgFusqfNXkR9N#+UwaoB&QV}?(eVLL^%rje z+jxC8j%raGrY_W(sY=!QwnMM@(}vp5Y4I9>$Qjg=fOQqr-XE+&y~L>Xq#%}M z%xg5qxIhVx&cBKu?fFAqHPWaM?{Y06rfO+H6@91(`*kI?(YC$=>Ebvn*7yzmS@s*6 zE)SCKBDwI4o6M8!V%v3mRgZ5!5YPH=BaN_H>9edElJE={#2v=U_BS1T;TfU0SPj4p zCK87J`|qoGv|gF5dBheP4?JOZ`P+E?;Mg;h+juk@vfOrj9qg{uc57iZ%wZXnV8Sa* zX~?krN(B&R*SU>1=#}wa_ALm?j=lO~V|rfnEX$J^OA8r)q=Yx|8|ksG<)~!FFp=1P z4S{hlgOl@6~=uR%Op={c-qrTQw~a3OGm z)(mBN5wQg>Sy%C-cx1Iff7Nf}!8ByYISQYIp?@1Zh2b4aQCz0^7DQgfO9>0Ji$4v! zlacX>Jq>4m60U=SsP+qk_$8it(}rXWChwmR{1H*EF3X;W`*MzGm!9DMZT#$tB{?8z zcYJjO|I(9@h&JOpa4F^sqY8UVb)gBaR6;6qV$~qzw1-^W|9`}>S z3>rlY=8*HVS;`#s=d?|Si}kqn0#n9?OKAAnRA$2i=^(E)Tq&(W4XyN#`r}0T*~sIR zRDK?@PX#O8;qpUO3-xj>D;14h3DYBNn&W86i=3?6#Ihi=v zk^iWo;>=poWnbKIKR7v^(nG-6pi+_mKFH@`(_T}u_sal1H;pvQ<$$(47ljapvasR5 zDiK#4_Zz@vEhQ@L?~^M6wOO?xWkML^W#-^#YvFdKR8&b*nq#K*feRUw0nW549rcsq zWz_`L6c=Ipq`T%-v-jj->r@;C?_h7Xj6;GbJW0l1g@^k2npkXOzrtOGkBK(T9ALlO z3df&UjCl}yJ`*bRT>65b;90XjaZS>1VfGpA`aJoNop=FW#Mhqu=?2vw(213ez4j+N zViYHX=Ah9d;wK9&puX%<$?2euSA}Nm-KBXJqygA8U%e{$AP}mYw()0#HRni)Vc%yr2@%cCkOB;ca6*%qDGL zX7M~T{|LBUnm|AsltqHWGpXKR-ZPi9b`G-T{JoYlN5w-0J&YQcojyDfX5_q!jXXu5 zirva5o0t)V(>en0oH(^79rdFMt9C?j2CZ8yzHgMA=b5{8z+JpD*r({`9B1M8iRtUTruqvP>mY>3u z@QKtgN+QkT6F>dx0-9b?pAUq~C(7A@?U7?m9;5{Cj- zdS}L&H1?*u<_0Zqcn7ItUum%`YT1|;Oiek`1e8*{N|=N%mN>`Pu1jksNPPC#JOnwX z4r0DMGhQZUkJC*-FR%GVs$bZ|{x%cfp;rpubcSz_na;dnw|w{R9i(~kA?4j?>Zgm9 z@1cuTf+Rd8uRD=HbVKmYqY4OnP6QDN{nt2yyU>Vx*HD0)5^88KSFAwdY)Nw969V-@ zCXr3T$0m843@r9={>KEsnG${%@ZZ2&zp;bnbCN;W>uQWnFHTemjXX{>T@BJA*V(YpVhl@Vy-2AxU~3nGgCmSbB>kk0}_5PzIQyQmp?`U2RqUV{y? zEHP!>{1z5^Z|?Be1K*077$?@mrO3~}o>N1>dAI5S0d`x75j|3@^l0Dhc5`Pp>Xv%4MjN`}WE z3&f-JdfBn+2j>#SF>-E^cImz=`Wdr}19y9jX&krrTjj7`6-Jj;NbvExm9Tf{{oWuP zdFR-B@v*)eYiGuTLy^bq^1YL@5S|H@-<`d;wKsfU8q^(HA!%m@sp#cTq zZ0)p#yY!>=80TT<)d%5{PBZu5Wq_1F}TbP zMHL*K_LHlBTD|LsU4@g-6Cn@02(F`}e=osXu)hL)Q@AV1pH-H5PFjBT#A;6!I7TLV zh?X6U6Wp^&-&d?d%f7E`M^2W!N~*_$PVm$RgojInaVRX?DB4jlo|Zp}lmYS8dA*d> zh6uGa!_p8v3#YWHBMlX>?(9xSqL%F(ocv`lt24fN8 za9p%Sr`!}YtVQPci`z*1Dgl}1xVJ|BZ!s;p1ZY7de#YcEd~WNVPbBnZeVs; z8Any%u7^%Ug$=8USJ-Ia`?k^08f;&2yQi43d!NCbIt)omBL{l7ibQQ`+j!eweVUa1 z`ye`yHHgRVKj2XKnWDprL$%w=rL+T*vTP^syRG_CE27Rk0vhz2+rJS_B@J*X?-u~XTR`ccJF zdey~Oro~aZWZwb#dYQj;JidTk2ADhs@#u6gTiTIXnSJz~RR);G*Q0zl==2-HnUhL- z5jv8{=>jwDEsVsj&n!*W>E3q_@O_01ym6QR!hmA3{FEk*w!?~L?PF2&BUn*(qyG2a zN-NGG*`Qt<+v;Q?Oy8S=k1OxxbGc3cH0f=Cf3r1@rKc

lPa~PwHQ%HYrlF>4>4Ej#^`^}H1#u) z^Z05rTKnyY*heaYxSdloM)5z0ol4v;$U4M~I9>~xWYX*-wa8zF3=}=qC`W1&U1K_R zoX_UnWArT#wEtfzlup)ug?6ccNP&0^frzGR8i8U+X@T$I^GNOD5}$jn$j}W0Ve1#U zoIwmf=^+Rkm+)Z8#w|u)D}#6p4i8v03n%X4pEp^%DCgpzwVugx$8(4<7hNrzXj-i} zS__#Ib!(}nUYqQi<-bkscnr#2&eXDKQ{?irAw@Py$LPxy-#9}W!T8^E-4?M8aq9Q~ zDLjLQHq+DwKPfpd_j-THwJMRgy?3=f)v^`tiO$D)DY38ZmIx{q{c=Z=-a+rV%dO^cJNcLR@K7`4 zwuLUF2uiS7UK2^;shvL5+R45_L??Bg_?>TP#89&8XF%)Zj7?V24!j^c4hhCysBSWu zv=tqG(gz{r6Bx4sth6?(e?{f%{`gz_v_&U z6Wz}w)R)1#&Fy~&Z_Ndw2c*}OHzyu!eZ>Y|#G0HMh=#nj)_EtPF9*rYh@6m~$_BZl zpT%Nsc7yjR!kv>PpPeAIdlK0==O}uad?l?-tt25zA@7v)&EY98i$T%OTb#(`QIP2f zyfQ7>*4wQ;u|>AW?oUw&0Y}2_njc2x+QoYb2>7?9%0WIM(nLh%)72KtLO!hsfBLwFawNJWlYH3^r>NOWq`2yY4*2dodug(?Wv~h^F6}?yY3(V zi>I%Si|UEm2T?*wL_z5i1WD;G1?iLy$)#%vi3Mqql#ZoDy1ToimX0N*yO$-F_+7v6 z`+NVmpS?48X721g=boAKoM-NYRoy*VaIbFl{#@&^KY+xqS^P9K3nz5Uq8_wuAvUrQ zZ;_ibA{OuIA#|*wUamO~(&la@Hu{{P=Mg{xnptj5Y+CYDxL&2Kx--;klO4K*6Q+$3 zj@Tf&^$$Wvf)4FZrE9NDxKSq6hoSZFFS_-M)Q1T5pefYL%1cLnS@U;<1ITErYcB7< z#0ZJ=R3P23^bjv$|I^(swFZ^x()>^elzX-alr7?1fUqge9ywMnK+b(vijFQv2bwtM znmERr(rsE+>Ro)=>0V^Y`KTmZ`SzaP4YsY+TY9xS0$sgqCIPv(`z1D&qV(YRZ18)^ zg?rKYv@_W9Oo-7@h0pc234UdIJJ_3pf2VPYmV|gb)#J6 zYOFkVoBg>{HogC}eOtf$T|p9_<&ze3&i(e&*iJt8zT=Gudr64;!YxF-`Vs24f20hT*%!Op?>=+jRV=AGc^I1WugfocPGi;&1#%E#nIF+ zduaO6=hR|?=^_UqXP=*T#IzeHM48!&8W)aV$W^gvUIMPbnLb`VUUcvYwVQ;f`vxsC zSH?i`SE%zzOTj}$9Z z2tfTt_KT5N<+O+uuGmg8^#bOw%D{rg)ejnmxhxA&Z@_34cd~c&yWKgym&kIUNLq8) zyGlN~kgE;SJ}UYqh!Q9iNH%v~4AU>L^#}6N;m8|5N7k zIX73QjweC+p9p99mXyw$T_~o^Bi~Q+s3#?U+rS6L)c=yM=7@VSSw(-xR({X@Ht>^+I>t4eiDXHbWe`4bB#+b|I8J)CGuD=!0l8q>vsA$}0G@a^$N*Z;8-za<5NP*L z(}l5538w80@_?%Sd&B7LX?S)(yHG<0e6OENS#kcBfl(4m0Lm}`$DWNOW!$t&1V@}S zafA7ei}Ml5f@yZj${{!LJc0`Z^4T!B>#WmSCkyAP>St&*ZY0!DBL56nN(dc!B$O{g zskq)S?Bd=>>yRqe1Fg0tT?^=tK)JXJ&C0>@-sx}J31b&X1COByddNat0xj(w5ENc& zc(HY$0$EoFGl0r*{=nP+I?^3LBjqEZlrB`xpQw}7BLsyF8Z*f`+zRu5;fapLda?9< z6@6)zo4>}nq~X6Usq)e6eNoS5#*gaU{71QC8vcNh?f;tH1sGZShI~_ly^J5GpP3Pw z6onK8y^R7-a*yJ~CI`f|FFzaj6z&ywm`RW49Qu;gHHYnAOvY<)rd3{yjNfSS>a7Ho zu7o|~eYp?%aUooJAq=14ADFsf1WcV58_B-yPQLYC{av0&f6Ax2dWnUlukS`Ck-@#Q zC;XHRtCUWM8#3GZ*Sm5pwdA+-Nqix<-@min{6zf@P6n)lZctw%)=3aI*!{4a5 zyF$X)$!N#c!MvhJbclvEG1=?qBS~76bZpn&qa@P$i1M9J&MtQ zdJc9-WJXIwe?|zT?*~z7>mcR`q;m866BtDuvK7(1e4uOmfE5v?(hcvA)PP7^S`dKO z>3!PK-8cC=4k7L6GO@1D|Kx4!F23TO=vk#w(ffHUaMC9@H=gdPt}+t0{H=F4iyzAs zIa>Ua=`c2c=|a9U&I?CnFX6Syo*`Doi(@mWt22b!Z$1GG_IpZ0ax)?wee+iH0qtq6 z!t>z0gb&$XZlJBWsJFcO z4-1QHlFJ^;_=`au79&>fx56=(HXww<)y;LMT={3@iPl3*&{K1&Y% z!s)idCnVmUPzjDX6H-+PSR>I||CmvZ4;cEyOiLPP*BS0&$48_8X57aav=-704nENg zgLR?DEWFI*$K(ZwZd;Iey3AQaGC{}q__G)vp5zDOIdbNyMa4lO`X|IDpJxM zQcpBgJ0-FlcV8}kYE+&6=$TzHY!>R?f@SS4@M+G(?6?0?Lj6;6+2R+%Q)?|dnp-x@ z{H6{seCKEu05WjbFroPQX}4z=;ql37w@TLH>zUw=2h5wV^by=b8i$TOG>NK+cvjo{ z1-Tyb&@T20TaH=rhr?y_8?l}#einPw9(}{&ytf_ufWSa^o>Xp zc9meS%8cNb9)EqFH!K@@1$f8-K;xvfE)VX$Pe$;xs%Y9)yHa*4$V91>Y(=O&l2 zt)K`Ed+9Yx$3GqBeiwM{csi!)+O&1}@>%A<#sdcY0qf1BBRksBy}`&`8dm<_!_eQr zfekGBRd{Nc<;rmLR_Ry&Ovs1o)!wk2+SQJVE$ioy8qSg&`w+LROp|PMhuaf8Ii4=J zb=fyRtrEcp1m{1kmie`Ix#SRYU)+mSU*k2UMz=DQ~b4V1tS6! zu;1$WNI+%khx~7zAH0&eV?QD0=3{nvXf2-`Hb0{#dSyi&ro1ggJ07~gpogMK{vciX zizWM$tKJjEUjVc??%onT#&Clj_kp^guOkhrT_Pzm;AF_8g+{X0MYM1set%rJkR+bE%5OWj;SO zyV!mwYs=LFiS0ZNKKY}Hcr;4b2uqvOR`N~m@lF2Qr^2wH@@sRT1}Zhgg6z{o$dI4) z1!wTHKX)`JY2^xQb$&_s&Wzc` zBq|1s83J*l&Utqt|J>XB>7B4-pw%G2H89l7M|QhzhQ2oU4oC!zpV=Y16%o?SWOtnD zcTNN*;o;OI->G3H;!rb`iC3O)av4kQZB}o}HLU}Rb|D4(@Xw2TF^Zec$jtK0i@#6s zwn=ReMRZu5#qGqq$2V5VKtrhHywh^lo;f1T`FdnNN(%luf zs{z#o3#q1K-LDd6Hr4E@mXJe`XdBW!EZW-em!}rcaqWu@wL^6qBUqelZSc+Kc!f?s#*{yMb5`sUer@!MM5(>MP9MgbDr#j;fZ zv?5z|JyZPF{TciCs9Zx~`*^y`wC$w$EK&La$dkE|3%4BFBFL^DplTtmb_gUHq!3{I_$$iy}{hH?=kt+J(C1 zWZJq#ENBiMwNJkRf!gu`bAu;@_#exs4N#=7v;~9PO?vO!2k@c7#asqM3sy%Z zw?@jR*&g88nJGzT7`&u zkOWk1!RF71weW6-h|FGluFa>|$7EImk zY8xj1A0pUTeMI9}j$8(H;ro}afY!|3iku1uEQ9po?jd=f#g_f5EvIdgw8f8x%#T>@ zlAMl8ybDU3mp2=$%euCj#UU*u9)A~gFXvjQM>W8p@&5_J*zz1-(wi?k(hPq&Vg;fw z4chdqPB{uhs|g760O5aa*e|PKk2F^Qo6h_iP7?+`S$I?;ESKnUME-8{@#QY)k$T+jqOP5f+M2Ju&rfp0kUox_P^v|L;#W(K#4_)fp&j4x zJ92}h#EF3(ohXj|`N}BK065k(d>J@L=Z2kI+~~*6hPzyuI1Yr23xE?g`q;hWXma$i zEl*{u;rGMCo0Pv|zKq`_K0fyVKwpELOdK7jW?#ln=;ucWPVMo=z4@5!fQarz9!Rn$ zBj7q;A9Z}`CYJg*eQ|4`8oLZRGx)~4lhQCXZKRJoG^zhbMeLy_I5$PVAj9WC;n3l3 z16+T-Q7xZ>rXrTgW>eWuk{+?O)&cb# zx%}rO#GiUVqrDdu(d?$8jg^ZbeFg>(uM7=H6-lXY`6qk(;TI|~`_zP9+gqnouH(?~ zp+qlNA{Ce&J9{|07?mO^;LA8f&we1K9(N@IlxFRp(yaZj(llgDu_a0FP!TY={tMS| zr-b7=+L;ThXn+ylhQQ9H9U<-lT$qdgU}sT#Vj&Tgk=~CUG&RqC#Kp>Rmb(3eU=qol z1_luoYHP0}D*#c3VP~&C0b;k?YhHbfu0dna@bG_@k+_Ne5~rG88z2UVTexmm-eina zr*^2droh^J`w|&4Ci@Z_#*4@2`rlTs6F~j;1%;1)R&L$uW6wv5zx?pm>7I?o=_95; zF!TMV1=tirf<`Jg*c8X!QoCF@i^QG7pE6@ZI^gJDTEq?gZoa-!XXnJJ9jpFZc1Er> z{AshqsWnd|bKouNU3)nuykB$%sy$0TpH^9(Pnf2R;JWzWpL<^XydTNL*g9wV=CinX zzx;T{eq?)^R6v5)4>uW%9P(`**%TX%fCx%UlSCuqNKMUL#7g<$`Vn{n9|gdF&4l(r)tY#MkS z8|MiIg@v>o#~QtIHufTgwA;;G>stPW00NKfOgd%K>oq!fq78v+KpYg+E-5x4GNavC5AGfH8j^^?n{bjS|Gk+@74W(X_R@WS`~4On_Jmfs?_gp8A} zj@kNyT{SIpure>DRFOZUC9}I0buL4Mc~tqDOlSh028?s`v ze5q@X37@3E*+Tz1lc)~q`YO`4Opie!22?W_oQ!gw30$J)Ew=AN= zX*&jP_Slz00>es^p($8!8`7=vM}ZLf07GCiy@^JZhLxllnzW{QTU!%PFWi)+`$>{S zONVUJdSos#!Lr^scFu`FP=56Jwn+;k)A|XRr@_lnGV0&LwUPR@p zw>D$D;X5Rf+q(Z& zanxVBK_IM=@w|0&X`*?ITGz$J`6bR8in{B0sa1XLKv-5;V`c{v2CeGrFESq_`!US% z8o6tNA)zs&T6__R*j+LQ$_~c!@*Q`dBjR}{jLupk&{~*neXuPC$s#!e#Y6#!;X=!XYpp@q#!^c5HCOj)+hKa@CO8CzAou%%#8g5yKM(kzfAmAk>j_B zeECA8H?2x0-=QR6%W!;=fbg+HJ?4KX_nY)L8Z!l)-WoHHyLqB;13bOY;(1d-{!M9z z;(2SIo*Mi6w>|M+⪙8n)TF}(JARCc(iwtSHh)Bm?Fi9w%@2xNyP>WU$#K*x)H&u z|IFs|OWh#Iu9x36soWrzadswcpS0wLFXe}lNsl-4)?4Q_MB=tRM!;!%?Wr(7%69hg zpUfuu3O5B(Fmm*8&yVp&0W`c=%Nm>%ijda|%5P&TJ5EYOOY!5uW**x|&&*PEUR`;^ zYNj5aUKfUS-5%#MjzJW;&sBLUVnn!Atgs4jG7PY6eyLQ0wkms<83eP*3gjFGy~8`&g-XKyp7Yz|D}QsQaq)$hDB&o zCZ!EuNGaW7TUb&>a>fC<@42I8u%|Zo%q%lvhKGr(KwCK1psjKI?_EFMI|6x7vs)nzD+s9h#1H8%lnOEHBpO(971??67h}+|)1Pv(`-~b+e17c)2Ct#=V zw5i&1OHJ8KbY@s2`)`Wp6!Wg-R%Jjy{#WkvAOzw)ZHf`&Z_pN3fgF1Jpn{Ns<<|J# z&}1i1)KEmK`G3ZpmHT{(rRND?+|}Y-%g!ygaCEuPbtEMymw~?mwxj~+FiJH#1z|U> zOo$i6{I6Hn89#O@8C^v3XRs`8{6KR!L;uruIx<9D)gZ^`oHqH@h-!;5H#IE+{bPIg z%170&47Y?%ag0#>wAdlwnUAv{ovYO7Z_(3!RdhI5=%S>fUHvs58}mSG{}v?6OD~&% zH6C(CnT@~cmV>|9S<}gsh-YL(Y;RR!ExrDtCR^mC{ipwEtn*_cF~I&f6PUojo18Kh zVw#Q5wp+(RH1E`$htC$wS5spxT`5Pt4( zYO)i?LbUko-y$b5|It%Mc%!OK9JkfY{U!m+FQ{J z=0>J#{J0Z*;@@c2iE0Ng@;kX18NlWnlw zW*Li0wVoeKwZ_0het6CX_=btL^Bn<}seHe`!RbVYQL$Fi)$?N^0NygM+Wf2@8xLWK zjqv?Q4sa%|x|K=nD+0%)CPPRV?cZuKqS@;dTLl6x67^q-qtlS^ApVZIU%liGao4wu zsISuWtN5ZAU%Opn49(9mr(XXk8>(6^7fb&tt-pmY96Hfryd?JGmR%i7x~*o1n!JCv zXSX`QCn9*`viKcqMkfb8t$aBOW1Lg0S(;&QolZx^;h^ppjK{7b^A|{O8~YH@f1O zvyV$`NumE55+L51&`MVDu<@M70XOP%CmnSeG%XD0mJS%~5CkO#9QVtQ82s`d?v+SJ z2b%zHy(o{=7xqi5tqJL51;Vt(nhS2ye-caQ1@GFuCj}(7!YjQsp~0O5t2JT&M`}xXkCB*08Uy}i?y$xRsM%C+zrj~yP;S3DdwL+Vzt|gm zaAn}XMdg%xfNOHve6EZGUO1(yJUY1wRb1;A1p0fDiJ4u{4iD{RkmCIJH5Qg43d zfs2QLU?Yfn4FG{9D`FM6n)y7N#KbOTYB?!>J^^1KA-%YdCdeYg*eLB9%T30k z$#d~io^K_Glxr&Qmde}rf`pxTFo5Mdmltc_fyFynD_2Ev**Ew$1sVlgP8hJ+%d+|^OIqC&Q(&$it#W2@?ovSRqfz?nzcJ6_&?kxynRN}F2_~DI zd@aoW=7x_EPzQrSc<=j$y51Y{6-2FD1j7@QvSNQKUi+ZBq)3`c=yqycxk`5F7}U1H zr3LM}-`YtBUeP_p1qa~Jw_&F%zEayG>dQtCB3kAy3*#ifXN(Z5bgIwhCF-M10oEwPLUp^a(Rr+N+^Vjph8=^$q(8WWypWI;qLXTul1 zYL3rjWOS0}ROnes4H$1bA~5XuBry}; zr@ieoUZGdzZ}WI&!phDn)1_ngOa_?vJL8xFwV-A-Nzt5VZ6@;3azKmRTo8G(E-NgH zf9>1Ma4YJJaw@&L1a)08q*fCGv%Bn6&Z;lTj1kOVj^e1cfPE3cN?pm$-_!C4xrqDb zgTH2WNQi%z$h7R56KLHJ;+#lWnxl_!e})_nBI5t)$RlaWrJABT$8Zxt7Xcvmki^}z zz5T(Lu&-6o+*(gTw_W|OIf!6iwb4L}AqL%B5d}OiAj+3+lo8;oGZEuqeS(>mO(xZv zS1U{C>1KuH`&lm_hFD>fPKMJG4~%6;O9u3U9#r!8y#RyGkAF5BeaQgpjhhYSS`N=w zEr)}dSjxRAuZ3Sc4^<9DY6nf@8$zr-&vW?>U)9ntY3A(BDDko+yIu82p~+152+3H@ zaM69_pDxf`(v%avmEWIG;tgq0x%AJeOqXM8i`sgn_W!kxgd@6Fz=T;ZHL2@LxxEgu0aGHMD_ig18F zb&`Tvl%atSWN~&GL!-(s#@DUP35d7vRwLGZT=|~pBZ3hCH{tDwwGO8qIQ0c5p#tG~?{DRb2x$Ob`JOU4#oiP8 z1oKAi@lEXBV})&@RUWfaWlmx2P-|syG91S}>pi+qr;!#^Cj9(Y`IW%P=`x%3_YaN7+6K>b^@DfuBH zI{TzY1&_`&&PKK;3YWq3pTsx9(dIN)Nzsc6Xhns3j30kh^dmy^_zPs%(S>Xmay%NN zBs`>Ad5Gg75@wJ2{u-P6iVlsQ^^@W>b~b9?`R?Pl!ihWHX-3nav0FMcK)#a7f#f8{%=}q_YUQ82K!h`vbZ-{~yGriO8(0-~r>ld|As;%bfZ{nX7O|ZSe8Fx3=B^+OVy z69qgeaR*iw`ye-I3&Ssoaxa7Jee3Z~;VX+`-Tf~sGZyE9bA=Hjhx+muD{R8NS4&ls z_ag?*n9X96Wtl`%)}dWOeqeyU(#>BFdJO)UsbjSek=n49lKO7Va*V(JGv&Rb!+-ph zA^!T&iIK$4Ef}^r_&-SPdW&y)?vtCPx;_tE&&r~&I?#~EU!a|NJAzS-mBl>aXL>ko z)F3N94;h*??q`-KBliEu&QSo_IZ`aQy)jbwByC}P&MxX%>dN94upBRSY{>?vT3-o3 z(=sXLZ?=%Qyl$20#c=ZJv|avs_*`s{=ltAr{+pWnExw};;7Nd(MBmTcZt(@UuY*G0 zqqg||N4Sk6E>W|(V#q$!bNT3j<>#F>|6sIMIJ%H_b^U80K_&)4CLZr@j1fnN$?;|W zdg9bd07Y|j$Pb#9?Y8Nth;45)EM2pJfc3*4^nr)lRO;y9F?!*Fa1=@Yjh*GNF|3>_?Qk*f^Fq>NcV%>oPPlMg)%As zy>k}v*1li5nm9R4)V}SI4VY8x_`Jqyif|~^eNTXhpu%cW?DJ=@CZ4(85_o1f>=b^I z8;RBe_r)Mi1h5fj8o(E>l%NlC&H`Nsj6HgdrT2xY8$SD>G*vqNAtCH+7@M<#^ddB|V+GVI6ySli{1)`f9TznVuYD{6F7_SSkiK`N z{r*z#33vuBh06+VqxL85g!xBt&cVo3r!z2;S8FE=>I3R; zoNfX$$^|2T%x~BMn|e66@;w8riW{uWhzzlR2z)uFT~ap7;dT!X{7>bJV_o=$1ZCbq z1k)}{RlSCxt#ksf_cSIp?1bL}T{i+YihU|4@(wt&0D1;Y$k}HF)1ClnW%Nk__G)PB zFFrwGrSF0uKm@aoG3S%2CmWSrkkeYQxP<`- zoIigE&YwF3uXm|yjszA8e1WyG(STOsHx$?i=*JxlZPPd2*LlK{3_FGlD3p z0r=&dAPUnD_Rqd}HN)WbY5zUol@t?LoA&m>f^A&&KU5epFJU!iJT8b5vmQIHCP$Fp z;tK(4?qQi+O;kqS&d&_0hMKvCa)8d;768Nt^YE{E0f6`f*8PY0Na{0Dl>{(;0`6$E z4rcZk{}-GA^WpA5&s>24<2}k?@UV6OZY?z|*z8W*_KtI`Z8R6agE#D&sxB5Mw4NPJ z2%^}zK`U8`6=F%hdiTK055-VO&Vx5|a`k$A_3<|J?n@K&P69YMLCvy%-VkDK9mqa% zL1M@WdZ%-M)^!^zA@s~Z8qj6m_|mTtC0}{og2bEX1ySQon+LLi;5rr7-ShEO7o@Zh zNIaenB%bxkHY_173xVr6c;z>-CqIiuOWh{*Xh;N z#Y!+sU|H*^4Mw)4aXA=SJ&`4D%fEApB6kIrJY@di1koGt-z%!aECKZ0*%-D3iDnkH zg!!`mpEi%~K<^5aMWW@_JQcSOKoKhtF#vu)Q%kSbJxPYanZJyp#2qyjq};D*u#*Zcj;a8Xa$CS zAVztwKl7*wj6gdIyv`A$#xZgBMz0M|;j8rNON1QOiLvg>mcq`JZ5>Q<{2x-|o3A?2 zr<6^V9DLV4zd!fHQ~1++{8jURsQAksozp-7x8?6Dv+96+!EaxqX)m4Wg%)m}<7>}^ zRS}2z>_YSv(R>!R;V=hP_UX079hn;TV!<15R9yRa1M~-%^xRn?rC!3X=5KGjVyKNY zeCH(U9Di@_*Z2h9oiN^*Y?IxckfB!Dy6TK>E7WdJNPzPN;B$g|p|hH~iPSX$+~Otm zcQNaWxUz~g;w>Y-uQvNu-Yl%-Y@!bQm3I8!dZLNL)v1jrdpYW+-VLr1)>U9sJmu%F zOp#~}%(G~`dP8z!ge$+wiyT32>j8w3$Ktc)=6A9j{cv8i(S z)-T37UR*UnPi@9D?ENcw=Zwvb(OGAs7R6rAaLR21ETdn}&o=@~4+3!F zL*-W2yr^|@ge=opKY51u@(aI~+`GzzyHhrkTgBVcysLG6Bvx5nlF`96hKj%ZvWZ_y z+B~)X=iI;1m+|5?0{k~^yU|0?+u|DWvPQXUjA;Ci{P5Wx-HqtuDc(~I-3NL$KU3=4 z2(bbhYCELQiT~A?aAc>)L7*}A?B!ZueGgVUuneHK)wOIJL*xm|^>@gLvkkRRKFbqo zpI<&%y^Z54+)a!pbE>YzzP{e_*MGH?C_TGOyA4dtK**(PBuZ%`If{Gtx ziiP8*Gd;EZ*tPt!OYh@KF^zCP-9Im0Au3jTsvvB+HgMGdmWj@1H(F|+ zxEvpHaUs7*W{rC6%|L5!D8FMTJo-}KXMp#}Sao##dQpA-{CXEKrT+-i1}I zT=3-}d&eJj9!v{{+ICoU%5|XTL8N+JEA%8j>@ckd3789j<57NM*AI}GDirFro0#o6 zJ|_emdX|BjNw#Iqxhp86@jlW!pq1Mv9-hvp|3Q+}*vSoP9fZ#8gi`Uo&#*iQfU8PUuoSsz~;{>ny`5-?l$`SPoGRVxOYhb3W$nU?$K(bS{U zI-h6{2Gzq2st1Xq(?{%+O zH@oi6Ri0(M zXDfgm;sede#$*1|X?*_W+Th5~<;%BzIH`HZ9mSs*S6`~zL$-y#4p;n@82T^WEo*n- zyayC;k|godstakuAL(yCbwL;T99{8*E$p2=pV&Xh40*^^eM_t#tD+v5t*1igjj+=g z7du!~h-LE7o26aTbk&*7?(ob->Aw7^97@%GK`5-|VHjG$J$qN?odRyqUwVIF_mnL% zC|%spz<1t6xB2~cS>iO?5LBz8epr{J$U%3*XY+oheHiCZZ>ee#?mc_?t_ub!B{~N- zm2i9O!CvCi{%f)EdE&R~<0gWSurw#1IqTWyZnZQD<<8FV7>3c>j>Arx#s%iyP{QpT z<+tLEBhrR+u+tI4S0D7%8_K#LZ~Oe-gbf9qOs9LfFMaAy5;o@bYyZ`uJHN|1wg6$8 zYL41-guhN&7xtMIJ)qEpSKFp&wBzbk8Z*_@Fu`BJBn|yK-2FA?j#vvo65B|~Q)uga z#*>Q{3@Y1IgdOT5&w;_hqi7%M8dAYD;k%jkKXBEsA(V;k*6kRc=($mvJ0&i(dS@}s z!)ET?LBw9b(DtWUlP}u-U^VY4_2@*En7&J^YYf(KXugmc{*Z8}iKiSWp5k#V9q2i0 zH%zJ^e>i2jvB`oQbg0~z@DWzz@ZE&vFS^1)`M&BFbdva|!5qOGrU18182Jb%UH^q| zp>`v8MB?OI8Sa~Q!VAaU=nL_cv-8qoGLVPsW9gQ2sz)Xw6=^S-*g|KTi5eXpFH> z??DMyNjh2zR(PW+q$bZ+h=`5X)3C0LpV!!xWp?}4E(5z(1-+`f>B^9SK`I<8C!Za` zz~2;kj>2+fU@zwDBaxl2YmOP_wRish(WT$E08WN;AP_5KqNVdl=$o4IKe{rgwnP71 z(`_3NW4uxE--%k+4HZ}ON-!m*r^vMWTFDzI{!RKahQhJNZl}Kvi-(xU7d%*F8+=z( zzFJQ}TrGXcy$@oa6;$gp9;eVg;Yp~bbr$>|6FFm6OtVyi_E7-bvf(U zOyVnGK)p2Q>v0n?g(C|QaAlqON$Zs0n;-6-6RP=?heJ`OyQ<8hldA|SZ2>c=JPU80 zUZ2oXVNKoSuIN07atrZG9b|E!Khh>kr~07J>GjdPZDniS7KN6E??*gp2Rz%+t^5p&W9% zlvR#_=iCW5YCJ0eKaHkNa1Xu7LlT(@G`(h-vnDh&=QnurCj6RAcQNvxBnYXq84KPO zAlMAu7NA@X*cFQ3)S%O_W0(NTMd&GXTKVn%Tb9T`MB{v6rW;LkkC(gEJ;S=Lujnq`-GFr*y2^2!e0~Q zntI7@PZKh*;*@WrX=|%8`nnJs6to5 z1k4bsFAF$u|7@&61PiS&3xYFYi@0iUEJsr)C?=iS3o0LnGqg4qXGdhxNQ>Y}aAN;6 z4ZF(*MZVi_96RqzxX|1A*q!MZYQ$GoLMTf%!ANq1BUjL#E8;AvMvIePNd;#ulcCf12}vi7^6^cBq#EDG2ZKR3)JP@=*xDvID-1Rzh zQfqpi;c*zk{hs2RTie)+B*>uCwZ?k>YO*$2`=cTHAIl*Y{dDo=9E*<^O4A%7L%OT! zjX%nc7>w=c>-di2CFR$3Zz9_+Kgf(6Ja&sp_4KwiFdBQBv~t-^{In zejJLk@?>BWKZqEbQ*O9zdX(f{{{fHt$M|0Upl^_c@JUGMMmNl_XLY>Qfxiq@^0bcyi&Pc61w!r)gEUg2=V1scT;5xlzG{t*=E*nv0z^#*99^s!OQH|E+nUU|PL$|Kb*8tx3$IOc?7Y^Xl;GkAxzRsxIf1_>3yLtR;2 z*=_P5s82I7Q8|_wL|qorRhMFVb)oy9so{s3F}EoDI?^f5Z+lR^CULuV744~xT$K4sqV(2zhB;y~(j;xBhT%7d<3b z6EW$6KkyJ>k$7(V+AHL6^N`fUdun)Le)Y_CjMrvswC^+$``kwAbEax3n;=DE@80roEInT z$foMrFxcacHOf-T7X&dLqFXP~%8ULyJZuj$#3)nmQ2HT46qpE7mFKnBNoH;c$wZJcum8DI^>}8S_6-dL`sMi5lMb9jxI#92Nw1QDG-*K_>PoK7{vLQPCXJU4Gkcdn#I_4PBR~-gOdenf1`= zPNl}STCyWx_l)yq$2)GBPDlP!_S#tKIc-m@66BC#uL6Y%atsTeZS@MHnzRH*eSC)X zc;nJiqEkSVi&`En15Fbozc|-$Slrc6kMB2;qdckc4ISTq z^Ly{Daqw+suGflfQOK#dgXRyAB6n$&b>91)ggx97XX+(J1xWi$v3z)Yps2o$LP_Qp zuCF*3C@0fj7=n8e5$b_Hr?)!3{l@dSS+3Rf-V$cX{18cWw!-lSqe|tB8`3gj z>Ue%x-$%XA+g6`)Bnoo$RJMCDnIS2(1@&Dv<)hyAQ^B39twpt7zq1ijem$G`4t1CD z*#Z*BRb4ue%xwGqy_@dCWbWdhcaVvk*`u>P`#FLPXM!q9BiHi16mxwK)I*(6y9>IT zFN)%ga-{HGv)9J(lXz4#IDX+|dH&Z!aPH0F#lhIa?Ztur1SFRFXwo1|D0JtZlw`$0 zCEe!aN#5BEK|8N6--gN>7{wp)u%K@Tdr~v^Xy&j|#tl4eQz%GZBiW|W;h-fLP*CnqIo7`-TuqBkFeor~l!|!nsx$d1d zv>Xb``%W85o#X2lZTuDg(B1Z`WVO{kEgG!B?JS~ybz!*%{r+A> zr1h1LtV*WUIcw|;)n4I)*Ldzo_+@mWgFOhN^rO`GP_2bQj=32s`V%5 zheM7rx+Oj84ft&72=+az(0u7f$#Agk@#EU>a;~=f0rY0EqICoc*h<|-gVsmYRzrwF1PlLm_%B03x?Ld{DGNje$wrSDQ{QKYf+v5S^ zy$%Sg&P-GO#@fVA%C)j{tImyv{oWp@QpjF8sDps3djf$sM@x~I2kKB>{jIfL&mzX; zkpH&c$4hLH2H0gFy2B$-$Ltz$(4b~ucFivTC$d@14!Bx&@Z6hKX*9ubO<7?QyvgX? zo^a&9eD#Bc3b?p+Kr*VAnjzTSs{k|%qdE=A-A$>MZ2?((Z7s6yu_=v0(|TXqaNO*t zfWxm~EXT*p*Ut6d{q)2{qa9wp??PBGj79@{oT__|8;=(0jnABwMzKW|zcfiy8Le!k zn>Z^~VToRN_lqqv!?`}peCX1&>#Sj+N7crbqm5ww)SYX&ROzM154eMUU4sIvvu#rU z5`A4$Exz;R8pW@f8R-QgkM^s@(j~IXtewTB+{1A14~nj~(fy)~N6xmR{gf}nZbl=V zXWT#k_UG6?7tmF?2_<+MSoeLNtjFiw(KBUu$|0~ALA+O#zAQ&;U0eKw&5A!&OuGE- z=+pL$ygcoAdeg?-UEPbSf_k3TUlgP{-YKa@YRfMOb^rYkWw$CRmB00SKAi{@C0^54 zn0z-V$CVRZxchRG*m-OM@#CzqAsH8@>}-7%*1*x@q=1VfLVOuH=V-0naoPHHbb>wL znCa*8=oD3i0QqI{+q#-%f3edp0SD^`dHl#rF5jve>Hy*1dLByze{K8aF)6iGNo~#l zqwB51+G>Kn;k)H7F2&u8lTxg>7bx!TRvd~uv}o~Q!J)Xj7YHpHoZP1S{oB zdq3YRf4tX~{hhOCW@mS1XZM_wY<5;YI$kgiJF46_Tc`(9GpGBN=3Bq9)Cv}}DJsh- zc}bf92kj+)@qRsJ3=O{NPn0wj@QW*aIyERyWx`!Ya&_WN)7*MmX`fC=X5(~SQ5ToY zuV4aYW~AOBPB2zk#j!8`ETmW0y_-$R>( z(7#yfzhpR;KN}>&`$SY2=(z+nQ27~VOF|1){qK7Q$<2ebgQGr;ZJa~^ zh%6T=*E3hy(z?qiiN&H|n(C|?{M^D3W@LQ!RbxAoS`ko30$v#I04>sjscej!L*$PW z<81Ha>iP6pR}H)~nihXj-kG<3yGezr^9KGH!pcpE$H;>AMRc>7+H(sD_U%Rx5w%n1 zYoDNygTohVHBsfyIdzGSDgRYh7VWT%%G`BdZh~YLQnhzs+1l~$w_o=~TG`?K=DNa) z^imHkNl@QK!Jqtq!V!ZGiWzN~>`$4I#6oVh&Bp>h1V*>QbXwCil@ChIu$aVifj?X& z|8dz2Yy7#|K*=B7xp%M8Qbeq#a^7cRLjLMVqh4n?ki3U^DZeqDp=!Ha9u z8}<_eHt!UBK%IrLn|0&~|C*o#>W4QsiZ0b;2!CjOw5X?eOnxZh%m-uLCCid@E{|C?vIat2_7l?CZwv6$k(>u z7(=88p#nU}@-%y$F= zgCt#ZKX2hm7dQn>?oF-TI`31}He4M$uCH*WQV5KpHX$DPMs%&MXdZQ`quS+cBs!KxN+Oym%bF=7? z>M>+Cj)m5R8EhDa(9Ndlv9wG>=!Cvk>br3*P)Zxh8FI?7CYL<))YLh|;0vz;_Jd=1614=-5WePyW(IiSU7@t~s_l58v!)YbL zIC0ber*d1uSbI>d0;}Dsgg$eOA$Wr~BCR2vnS1j?mbb%B3mmZsadZQa7^iTVm0Fw| zcMZ;NGkYBAyc};=JQnR5V$SqID0IB$3&;=VUOk<}Lr|*B^>)dC9UN7*R@p5&TB&Yc zk4YIpbsTPMb`?QLPUGKBw_S<>OAz;UXeZ3M^ig<;Ju5S~*TvP*-kMzY_zhgX$hlX| zm)?HASqutzILQuJq5OKyUKM` z!}6QI&iZ<<&iYnxx3_l5>9cM!Z~v7 z@ZCuoxjE+F%gdNJI_g<9u%2Z)bGy1Oi_N??g7)!_on@|8E!?yXdmTL>-i>#Ntnu7D z38>iZmJrt!XP~EW?^uaIcyu5$VHmsQJMfGH-rMU7r1H-!@#AW?;r*Ri`|!g#n`;kB z@o(m_1wc64GS_$F=Hq{Z7KGV@P`6+~{4qn7dj|L_jLj~tEF=$!*7_3*Id-0oYI~ra zzp{Fc<#cDo?k_APsRTe}4caiOF}^^2612wH^?hvU;E4YRaLvi_iCLJMbJolUUy%FoPGjTE{+)XM33sUFz!}@}(sbF%K~dreVIQzo7bSat`66gIA6UVe^IGq!9*mS=yCoj1`) zuDm=;pYU})M$b!CPew>)s7Q?6>zeOrZP+7}QTenb|McswHB^4zGg&df9!Bd1-*{pV z)6t*cDS;}4F&1{TS`>@Q1^G1h76)@|7PvI9TZ|FY1%$F_1i@}IepM(IY`zs4n!2Q> zbZ{JkT$-#b&Mq=dyW1_3h)ti_mYRsY`XMH=7c~ zc1640Y`3pkSwLs`oe`sb5L7Rt9(5ctgVO!<>;0VF@rAkk40(eT3n*dX9#&ijPK;1X}pKoCp#Z zQ(FVI)1YmmsLSn7D#}{((WWyI#v=j|qy*a=)J}VJjCJ!I;}wc;xvuPzLM*WKHcce| z9Qp$1TiOu$N3+oKR(-hYB#&s7i83|mJI8D#*P<)$5rH=*r0~VNvQ|Au9k`gLm>^Wy z-aAplv4YjuSb8aR=AC-mnKWGQx9&auyg4AxY4hVt?fCL9P*Ij$rnccaJe9-GNJD66 zy%7g_O|rPtqSnJ?-EOJ3Zg0g3U{h^Ky~PBatDOI?Be+w!@DGmVpfEB=VAAatGeZo8 zr%tG6FVI;%nFfkArn*sJ9U(D~GCYHCsB)>XGin-+FLEt-XAz`vH7{@<7g)W&ZY-~? zag{hidZi;3XsRW}Qod?1Z*i;E(NNjvB(V-IW?%655+biveeZoASF9&BUeUmAj9P9% zV9lcus}%u&tDYD;3{W`8cQR(d;$d9*!2BU)hRr>%eeFEoB*_ zWe70N+nJyoS3BYzl%=%FiXToiJO5{zL}sTmI>nXc$4Wc}xR;ytYqrgoL>4(^m;|xd zRo;1)Km2;75F#}f8cIXQK^1B&Y3?&Uy79E)aTJ>eS@`sBON-t4+BMmbb8loIM! z?X8X9v}U%s>%tx(2N#?RvkKSA;UFtVKis&4g3ry|@F*Fr8PQT0(4etrmEll&aN%uy?LeUoXciY{gj#_4sb(&RNuA6pF3!zi! zi#9~p2vV=c_j(yjb=4Kqpzr|O>edeFnns#cO`W!cIL~)nL&1W|Yxehx)jVgY3kyaB zo1#|_p{pJ0w`=bAi#09RtKcingD0zg8P#E5k!EG!t8-UPHoDdj>iJ9pC^+$`H^yaC z;p$ed{mkiVLuS>l?e5oSc(;OUbxX)nrG!trdzx|3GSXFhm0%S-S$!9<+F|4xuz@tI zISp7qAwJmYzFz0*3<^G;??54d^HHPSJ)ZME4Zd2ApBH%skj=oxp3@NSvJ z-^0lDO8ijgdpBL4Fz0*Us_%WvU^Ay-p7t|VAJ8LF^kKKsGmZiHY90Q+Q1JSZ!)N$v z3DUy$9$6_zz5>o&h<0l~d*@>#wCWchcVctzrll0(vRTK;Glg8Qj@xmusB;pUK`vB7 zKDN6zKvDl1hU>LOxNN#Qd6&bx)g~dWAssc1E~|dsabxWvewA`_E}OJRHv+4E6`Z*? z_ouoGUM`zvoStBKw+hQ-M~Gj|HE0>!y|Az1vMJ%DlL7BmgjY3(-0R*st#)XrnY!Me z>XqRm)il)kHN3n8fa>C=8@CFqe44|;=V;eJo2C35V#SyDZ% z*M6pz5tsoN`^+S?3`XO0jDQEJM!C0!Bv*ANwx4+{>^rSqcPjTnkrGAW^-Uofm5t6W zn=-o{qexm^a`)yC4bH;J_A{jgw-$Jia;&rKrVi&%WFfMLId zN5tyn=l*#1sXvmZ^0bYi1_K_n2o}fcYYvrcyse8>rsd=J` zqr-Q>@69f+!P#D{j&NuG9XEq8;?YF<30^ySx{$LN!B9PZ~_vQ$PFh8?A`lldP z^#{wLq-}?aV9fnPsxfE{_c#ky`%=1(+t}D-t3T>%cQe(vR$ z;a|6BRHAh?YN0AqkB^%k;;U*S7gih_@O_ot_%HdZ&P%sp&1;ush(&1P8D^rFgG-am z>m|R(Gw`pzeejyMxPY0SDbg#kelxB5Hs$i(=I%Y)-l|K8=|=hGahSE8iK(Ej)doG0kmT%5;6$t^nz3K%iW#@ zMJT^{ad=Z>VsYZG#FzZg# zzf69Tw(Lw>ETUP7!r#y9#1iuECpS2=4Cybz-xT81_0{J#+;FH(m#=_N_RBG z?YrJ}J1RFd6ebmp9@DNX?>AWc{0=*=y6hvy`!4IEyl~6LTwd5oYp~A~_~Yp5;NdyW zS@))&8F@}_SKk+)FP-F@OwtvT%qz7suOWKUGSn}Nff@dvyy{FIaeC_`9C$g7c*WA+ z%AVbPG8mXz$8Y~NW0~(uVQe1Yx`mTS{MI^9n^0JlZ=YbRB@9?JY+BE%N_Sqsc zL%)moj~TgqbjzyCqq!YMO*JysTWb5`j^#)Yo{1nN_8;KE1-S;_D}gq=~G;oO@o*JRzMG z3ygn-!$@HDx}PSp3-cBeKQaLG8DCNVi&=K@n0qQ`?uzFslKt_>YSSr(B!bS^7i+>IX7!4yw#<`P7Dx4@rXaXsc{w>cs&>N0fg2{^Lh65M zCWC1MU$}p-Oy|awf|xP%`)m^Em2tlVRtZZg=&do6V{9=?9EjaG)j_G4B^D%LJnNuT zVkc}I+B%^yKAkG^b8jYB&Yi9|>L=NpiK;tqZ^qC1Vn0By^P!o_8Eat2TzAZd#Lv^B zYy7{h-9YdZ#+-BIaUd<`xxvzqIN^C2FAsu! zSEcm00r1m4%`u{-T&t#H2)yHW>E@Q9d zcTeDaRd}g7X=LzXyl-o3Nf|A`DuI$?1h;_28MfD2@`QRw@g|j?WdL20ChNt$B0Y|3 znvF3%9)v8m?wIk|`J^&cHWY7y%>C+^G9A#4Z<;Jpxdhr$&6v~`QOy|8716Jr0WQe= zcdklW>^x1X&{?f4-hD)fvb8>w;k#nr|^(frBL$vO`uo z8B;h`SZ8`vc`v-VSg_WWV-n{^^}bOjy4D$>+gHv@3Vxnqlhcz&;=NQjHlsI{eC3KAw$IcxK3>RNRNIts+0UJ;|J9s7}44*BXgZ9-q+#WnwL zRUgi_7q&#kHa-y5_hxS+sfb%dV2wrh*H(ysR>z8UZa50ME~mOLa!?-x=H&z`S@+gDpn}cUfv#oaPlkCn{2_^m!MI%ZwK9w8@JA38{2E+(Dj@+<0 zNXgtgj@Qq%+dzF)sfV*H`1UdrZY6A@dEZg|ffqIfb`vcLhdU)U3Vf&>3P^0wZ{H`w zN^II~CfJ7)tWlt9J@IN7*9K(?)Y*$aAn?Bk0>i2{sO*H*gx_-e-wDWOZ>MC{w=>yo z)rEe&eJG(2K2Ts+ZC%d!uG*SkqkPP!S{9|MZj|bkgif7Zb(?A%s46bI`mYh_%8iF~ zB_%}{=*po3xPs*WFy6~){e^C8Yjkeb%T>d4Z3dz6VQ4XEfO;Pp9 zt4cy;E?bFoXsuB;_kq$ls%8x8R%9Ou=;XhveqCH)IMZV#&UP{SpfeoVEgs^ZvW>!gcUflgLEFa z8@Y#dq+yXgnF!kLvmX-u4F;Htb#A@T12%R;IwBWAykhX0PIwbBrAF-XaE zsnEig^TCt{@7D;oDF z*faVS(YW=XyO(MaAbF=gXhpllI0WwCuH#>%r{S(Yts3TiH7Q&g^bzU3^BO{#9z*@* zcS&NMWqT85p2I;+?%NJ()&HSwa?~f>dI90@ z^ax!lPkcSmLSLsSx*(@Ix}cxY91`u_n)n8Dg#6m1;UT)uJdag^(yOCs@F)Qa_>78w zU4lp?BTq?mlm+J09KELM#^RSEl;)RukLs{9h$TIeJ6rV~kQw3u)AeNS%2`v9lmp9$ z%7!Zbj`)=!5Nw1^Df7p-(jZl~goiH-fHf$4JHz~J@5yTUDb?Pk;5UD&WikLBLlR;5 zp5y^ix36wr+~Njg1*1Ymffc~=V3h)tvHO@GWqzyvR;B`UiKcwBCFcuIVBH!02z&1N zZ??QTQ$=cv5=K|jnj%=bKtSbU?&K}<#eM1pOxhDOTb?XM5T@YC)fIsvD-v6$TR zhj}uHL{2cE6f8|!d+Wy9k$Rm*kd~aHk=l^ro^qCYmPViY$PmUF#fZ|FhyZup9#>Jj5 z{6q=KQZh-uY}Q zS6^huvpWDIG*;JsU0R+BC6W<|@CH6>MUD11bcBce>e`a>-9?6?*)s1qX-8zbqz{D! z)2~z67HX^qy$AO7cwGbk?ezaLx9@myl#uwNf*<)Ylt1}n3jg$n75QM>(GLm!{2$}|OE+M=dj&{Xeiy;dNr~-yd&4A|B!~oB`QBZJzp?5V{JZSP z2~L2Pn*z=v2*hppdQa5BLl(^65sgrQOz)qfY3$OuT~v2k-|<48w5ZE&NIsxej(sc} z;r^ZqP`c}w_ra{7kwHeWxay1U;_~5uj9L&JVvumqopOF-#h(70wp_hqRYM^2iC&A7 z9-F-aNWG z^^8LOh`n0lv3rI`8-3bc8({bDf{r9wfJ4E#z4MI}02|TIaUIno$dm6$2CKM4)z26P zG*Am*hP4E=rMt6TeCHsIVUmFaI+C(<5q3u>Y3Uj%_LfGXtC+TGZy&!_ z43)1CrUwB-tg3SJW&TLm9azC1dsa#e3Y)4g>WN;%93S#RYJ>CF$Zw+F=6hu!2oV(A z%=>wz!Exddx@mh9GPMMU^pPHXY+JPfs_wdOHR zzoIAXF?oT<8*UUfD`mJ(jDPPc$K-H`>M;oqH_?;2n0GU&O7Fgz3k%UBcjahXNr39h zOH*~x4<$u{t+k9oe4&7oG@cceag-63uczv8_5$CIqck{an5a|yRgyVB7Ziu&ZwwPM zh zNm^(4sP7Us+ed1zU$efwm+(H2+2IVOk&vanD4ep@Hr1%nBC{}A7d(JC^qDc27B%r$ zFX@d2p=P&bjLCZW>Qt+?pQmLHzMd9b=H&3dwb-~_y}cT4{GVFp;+9CqjZfmSlpS97YN;p@s~VCo^|dR~u^FcBI`~ z7N(=T?o~jf_^|N;bJ*h+o1=()fmK)Wl^btR=l2`~nY)fqV{s7uM$T158O91Za(>Nw zFwDhYw3o8gKGo=4eQdI#_X8Olx8I&VGnh(C?VbuM)KB;7*cUYvc*g2Vf+NKh+$DB( zV3fmzuDwAVA<+`Pw&;LtTe6en-Ti^kWJ_y&i*>WW(GdXLe1FpP|BZBU zkVSHE0bNKcO5WQ3bGTul?;X{^DxB=0x!>^+Cw>d^)P_d=y@R=r80c9SLjwpw3vWMc zw#+`Rl!Lk&jW9^%8xY)%)Xx1Z_-N-`;LvBHO1ZOXz9d3}h_GRT_HjyP(XE(|9OB%M zCwVVF48QyOd-~9*@eOQmKpV9?jCrOW-fcvaVEPiD9)LT0CCITVBG?{jHKur27gILW znb!I#-WO-T^Zofjr}rzjU`hYE8z)V5!yrPh2-DX^_`lxEN@R*8Wc_T4e^HT*Hw za9E?~h-6eybJf`Gx%HE>vc?E?6Sc1Lftuon1Y`dSwdyiE9_|PGd9C`GkjK)%v2E+g z^LW4bFb(XAJoUYS?W{bFuAJJa-Kf#F^kYb%;hkz#1-B?)VN&-Hlw&J>ZZz0XGAH#9 z&tavrIZlwVIskxbcS&%Tr$mp5*O8-$QvAW->qFEh5g5Y&ycmgPFt2WHh= zAg&ZwKaq{g#tgyb>*H$3@f6&p8bb{RZAn#>JfXe6Q@m)lhJIR`t(j1gkanb(X%s)c zk;-DqRp}?oDO=J1P7kJpQPuus%crcs*a6^Rex9JRA}q zHEvF-Ws`T`lP*syCII~ZC25T`;=l1x5f-S&EaWU7!nlh%A)p=C3xq!rDB2AU;a@47Lv2}1xb}`k*R)T{l z3oTn6by_Zw;>%a~my=IC)&mlZvKq@V?7@>|{{UzAChhy0-^b0m=vJD?O7)mAP2j~M$O(e^*0&VNMMjJkfBPidC27)qfO zYbrR(6%^wRTTzXq<#_i$M5Vt(rp*5YaQ`PD;D31LPy#A0qC_XN+|svU+cG<9J6=2F zB@wFWx1MclobDMKqf5IQ&GE|mMo#UV`pye%uY`X2nIsOM|3oz2g?c7zgdkWHM4es7u0-*i6 zyGcCHJ?xlq&)8H8)ws$3>AbbM5El6;`zZLk<7V^hk?pbNH||Ej zb)BGM?m?cs$MG!g@@V~Y)Q+ytzf*6$M-H#(ihB5Y}9Hcj4qrYSj5I913}`fCsV`0%e|TQ zzP)qv90C^ZH+hOWKI|XHyzd-^Na6Go~XKVf|)A#Mt!vL<35vYj9Qnj`kS8SRR1P+T+4r!tdqF@mUOp9R=}#xj*< zCk=j7BmIgdL3*{#9z z5T}Xg6SQKD#4e!82klk?n!C_vsNB=_3WmGy?6VJ;#q^2KfO0ZFOSU4{(BDW=#WQxG zl{vU`e+(vM_Xw;b@nqACn;O=JSbZK;YR86{$#5_wa6;B)I07j%Wl!;x^IT1ybn&pu zOWCl%et#z69d>%?NdHU{J4^~pljcZGq=KMHb7&_B0(E3K(5a3Y2%hqKCe-|dJV6~2 z17RO1L~aTaQqZhn6uDP_FCPC#tNTkEel6iCoj_v~Lnp$ZkmM2Z_t2!0Orsg+IP3|@j&RY86B&l1A`oc9sQqMpKWI+~oksWklWtwqM9@r} zUOdrBfY8>A^V|uAkbWk~7>)qeNOOQF3FN>e>DzoeS`aQ74t>gG8FM^kkFJYzE57SpH{{?gSg)A12ox>;QsKl(s$P_RrZp3eNE$9UryV+-5Z#Jwfd+~(en0n%fX`S;&oB4jkTy|OZm?kcG8{=1g))-Z%6SIjXt(m3+dbRlKnt`o|MeSe1oh`ZtYLSCzGuo8 z7&~GR_Xwg2%18WLGtIc`gfQt)RE2Uoijc4;P5Km4$8As3xA}L-A#Clbbij&bAs6gV3!wLq4W%T?i_yd zw2SzYpp0(>4Z1SnOJ)Ye58B?D5)9Y>lzmDU=41*CH>9_9hxDReWSek1CfP!7VeBy&RO}a2`4pzVm_91qWrw9klIBpSa1chc?6CaM} zYt;5}-rTSY)Od#pLx^Q!)5?e$G|0{21$mc88o zw2$Lq+>dKOC3nVYqOb^Ym0$u9jbHzu(!T-iH*Bz#ZEl#zwgqq>b8D4eLu|H#=KxK_ zqV+=_&o2hCH~-kiV1|opL`oO1$ug3EdJV*RBL<1uW45Yy=Y_T0qLDh#tci(&pT$4CL`ofbsI2Fc$0QFcu~} z&sYlVt~aG}FG&X&GUK*@Y-4GK|BV71%NI*IMM%Kgy8l+Ftu$DNbaBvBzH&$C=@RTY#^PM1?$ht zfYrqbZbdyv5M&ojFu=AQ#AJvI*b%n_Y#?ut1Dp3?1?1kK!Cbd#A*)05jPB%TGH%lq zmxP^nYIp7_g9OVgwfwWYwnj`+sTPobu0Gw#C>3HBibx)Z&>?S!_Z17DZw`T%Zrm<= zm#&pIErM~3U7Rk|<1LJF9YiYZF#6m=(SE(YbG_;wIkW5Y`}O;jd`D^~EGMk&QTY+@ zd-|?#J8XE9=d+%)?N|OMVc0jUUomN(3yZ!FwN(0%|1sw2CVn1eI(_Rac6NW;bG>gJ z|4Px(JfCGP^@7|0^MFQ-VzNmwrYlYcHJz^yU0K_@ir{FjVy(yPFWd56=%Jxu_fl=i zJ?t076Y+OG6l+Db1J(G{V!<<8sxgIPttZRioysH~(LKN5&pSG_7Dt`MI%*ZatK+prE~S2}G^dF8Z@+(#`hNUa5Zfau{rI|7V(78&ooMZ&c|uR# zBmKzi08#-KVs_QwWSP5M=Mj1)UvRM5n!q2D1GUcbr73Xxf2?u<*fafjMZVbbPp!=p z!@j4DZqF=xvA>Fvem3B!Re55V{Im)Gne_u!{}aVaX=q20dvnHLh(W*STfW#QRR904XOd>-4hM*7mXI~ zayO`WZpdVzy<39UZa+5}Pm%OizkW!4`-JV_T#9k>ocL)VHO}*T%uhnT=n1drFgxcz z5v*AS6LyXtkhKnc!v3<#K5%9c;YX3eD3%bwD6w0{7_mEk11A&EpK=w{fBD96vAUv% ztj~{8{L{H=4XuLA0e%U^7GLBQ<`Ux?O<)J%+MU}DQzT^3#*U_6I#LT$=Q-jzS(`bh zyS#trmGUiJsFY(!V&2joRaeiXb^t)uH8%r6creY_v$}_lS^$dYNhfQxTHs0A4+j=1 z2*;hrv}-_WeKjCm@FYm`b4kUUA~Oxjncsje!mYqaC^8J>-u5V~-gQ770GGFbfM~(M zB1|)}Uq-Bcnoextk3-68Z`i+dMu;Y!llJqFU#HiJA`MhT@wLvp*X)AhHXZY$E4wgN zM6c2deS21KzRax;Cu4&1V=7TTL|A_&u6`Sps8dJyCF&|Y)~aP*4pW1v=idkBU%x-0 zA}DAxn&lmFMglN9ybn3(k3FlDj{>Wx!e6yJYlu`FuMgkVAEzI+t3PA(K3dda^xP_gO_C;U^SI46LV_9%rliV%_2kOk^-aC7+p22WLm?#BA#A)HA(Z`6!X3xFO0+(Yy>0+YX;0TRLNTy=Y)nZELBlm^X7k z%Q3F^@9eUnA^B&}DzEQ)vjraV88|99F?u5LIPqh3%iKvhHQE_v^W`KNJYHnWWd>gz zR`}xcg(x(UQ&WS9e8n(f%Hkq_tM3% z<9_O@qBhPd>Oxm_D1SmcxXk43?4kGlO-u`o)8czJlkZyKr#T%fmIh)MYiWR#l7pVa zbcYOU1#$bHi75GJ@grg&5<6}$Vcyofp{X%aUmTX#+2+X3829=XTO-FO4N^6lLR2n^ zFR?(edURDMp%<-(AaxQEJv)kKRW0!6gPzQ6n9rezeI~P-zS8bLrFq@Ye~-$m)WmUe z`b^eM)XKvD9mPX8Me9!53|1QL3#jtRT$ng``xd$AKYHrSi}4vuu{?p}p%}6I)ZmA0 zQj=Gggns>{yjbSu@r*Or1O12S_~h??YlGM!ISY>3{jP#1G#~ao3;l{Heu%(NsLBMg z-l@UK1IN9Fu4%4(D+a_mif6Tq^iqtBAsY)I&zcU2oZ{@GufYXA3}surqb5E%4Z+nY z{}S&N_k~l$tLSWdxpn!|Yg6h^N0114Zx6{VEs6LZcQKlwKkY z(l}DzTVHo^C0sYA#m4@TYiNAJ?GTFaPlO-R8Wyn&}Xn83-&!Rbeac~+t?ki%7c@g)u*9m^tUZY=M0T<9R)Is{|F;LFxF zI^{O9%-q?X;>dAEmS0^%KhQ1htcQUUu8r~n*6$-?1_TgM$pGOHPahcwGP*`cJClokiM=uyO7C%SLO=}<_vNPqOO2*(mXvX> zwyvfg{^R*93%-5q?xnSh?Tixt*qCNzn~L3+Xfj1KwTc;^X~Z%#NATPM!{8QAO_a=} z-?JO`tlnaob;2alZa(gZzOq?(Qoo1g(EHKxS_}9z2d77RCsSvJvPR9qdcEl36_uH# zq}Ph%ViTo>f>lwLc9bL+CpVwhXf=gaaUloJ&|B|JyNMqF88)x&l{uHSXjVlzy`apZ z9$D@mcR7r>e%t0c+SZ(Ei?+$TOJ3>NlHTfos`nE-Ihv_PUrHwgas}J2@}hRjGT%*3 zd#96-Y^|*5k(-uImDJYucvCv-X&UQkS79*Ut!tfdlkCL5q}7Ys6cAtGE)es}DzW4} z6=2SnA8Hgtg*37eps+UQb9m*Mb5~b1H@`*2rzWwe>3H-WkC3O#|16ltVD2+XfjJ>C#9bb7rLua zlTDPL{Zt$ukN!2W@f;4jp<$_zWz^nR#W{Zt&Ez2Oa6cZlp|iT(JOr47Wo+fc5m%4kXDe0Gv*&6qpmY(J@Epc!qVs;iWgxayB_stlm^YE7O zJ1-TLxSx01EXw6Cvv(GAg+`h__a6flcMRnmm9^|xOi9f#2BPE#smwohqZbEy7-tq} z{g}*-!cgYf^GG6^xRB*0+{o#!432G))p*Ak&VaY;pBR0)&vu8nkKE$nhSK-c)(s%DFkt6nd%k0JJ1mb8S;4M zsl+MQ^ps{bcUG_5w`PWN0)AT49vW_QyEzpeus1lI|7#;Tm*4}kJUgwX73@WO-IsEH z|AFNT__@_wJd}hamV0Sz0I$Y`_xcpHZI@4kr18idlkl2d1?DF^V3ci79n=OobN)sH%Grp05&<&DR!eYtK3-{`}_ z_Hr=Hw@N~?iiLVXf_Q}ln=ZxaFeWxG1xNxp9n>n!>%=$Z0)uwhRWnwE0tzfC)#@fU zL~|7ulA(BjcQX3{oK4u07TnHX@|YE%GdEqoQmxH;0toC_sHFBACs-B46@&y1I&l4o zwNC>RUQSdF9v=kgy-(z+uIBb5>Auda_Zdmz?Qt+)2!AH3xC+wJ`sgap>*kSxH<`$q zkx8DPlGY6vJ3H?Fn1fG$}rWHgc^Oq%X6h~qM1|m)0{g|+~%vZuPUFa zO}#DKRT18%9a6JS{Ko&p$v}H6XNr%V=zN zid_zUWQCmXYcaRRoA#KCKWkP|;3(5; zrNjI_q#MZ;xYB8XYn>L%b<--`ESPFm#W?+99amXcpbo1uno^DRb0 zoB0*N^)|`+gy2@q&l64GCt05;ygIxX8$ZM{U)LKb=H*t3T|y3CpA_<|Bc6z?`@Acu zdmCalqFdv|G<`>9UX>TS!;8)R%wx_9kC$2I)bKRS^Hdtm-Uja^^egvDEX;a*>h-UY zx6y{Jq0_#LH+gI3aWik~GwGF8pX6?E>Erks<*R>YSx4xV=Kb1V{ z-{@_fN9`MX%(^$WW)_!L6^>Z0A9l2wQN93=DEPF2scc*Ap<>$_G^lOXJz;B3zJ7D7 z_FUpCInT^0ZAJH&tu_6sXtk}an=NbWg&wlqQcd4UdNh_7r`cX!9F4}E{^DfbI`N&B z2J^8%uM5^nOp&{JOD=brDzWpxJ0XyAc%TF)I=Tx`L^8wxEF&oqM;@4_Ww~BXUF44H{eg zN{Uxli5oi$u-7W*Y;y0{%(h^O=E$XFSEKRtGCyv*Ux1sR$8FV|n-q&kkJGr`j`4WB z%D|DHN{`4f1t$4pKI~LDDs$AS`^S#TCqSoQSsGTy4PH;>b+ z)qI;e!QA`n8FQFs<>CPj52M}d9!Bf4x0#?(2A;bi4nHQUV z&oFg%viS|e>{d&5TEFHzZ}cg{y_0Qd)dxEpTKIC(<12?b=R6Gso(hI0A2Q5@`U8mh zHc1PW8rCMQ>4y#1F3pR_x-B)EsySc7N$xhM4NaOmw{oGgqRAswj9%cZYqr0txZcRR z^#+e;o({a5b<5_nf&1%=^=M%0B_8sHJP+uxZ)MBxHfCQ_;wxVJqmB8R*F)En(v0Y(*pYe$3k(pP2^B-=!MmN8-cy;mm&4%@`y7~zZQ&>nAR24h0#VNzP zSJTb8ZGV?CC%1=gy%P5{d5qu&G5K-G(}MQ*R8eQQY(5t>`r>6hAT+iXH?d^d*Wd6l z!OX%#%{q5Ki7c<(<4$(YUJ+T1JHvjasPJ;L@?5>WWbCVQV99(LV9B1FD3`7IOEK>Qu6PCf`xVceJZ0;}dBcLZ zB|CpPI2q`Qw9wq`S@WmiJ7d1`LWRm3+{+pn8{D57`Me$i^oUeui;Z{0?j4%7a@wl3 zKXa+(IK}j-(wfGTncX+LZ{O`8zUY-36h)fft)(9E=;g`QVSEl8-F^fk zD&=LE@)pc(DeW3J*5Egyk?%b*C!4=CZwXSxSIR_y5{K~uLcrj{_}Ur!6CS)-)5*BV z+Yd_#=}n3R*g)wuYL5hy*wX+C`^6_)7(>E>HC)udNZm+V$it1@pGfmvwlr@?LHPbz z^aYX941&l-lxp2ql#x@?BZWI8Puk0^j>kE?I!&}1JxIa zV#X+Q%1Ehu%IF>~?&pc%1XB@kM_N|E#c{erzf8jwcBv|pO4c!wN~Yarww^ecR#trJ zdkL9F-@|R&A_|y)kAw&c7C>_C{bpS-Q>BD{|98Hv-`1{gHEiM|(cuX`=D^*t`pU-O z&#{CiW_rWJ$;V;Nd?sYzKO2T}cE=Fp!0#Y^CtDByN1z1OX4xUY91+-! zkbi>Hqx~jt|`KL3^>HuKwTfoDR{WZ?%P z1&RRL695Ou$}WXBY;ysbMo`A8oj?_~CO`>Fo&+3#ZtA9%Jw{M?Z3oa8;3WZu^tTZn zEY5+vO09LyTAhS_nC*r%M2ghLK}xdj5aXB?i|tT=%p4z>=(L8{ohsm#mGj7O*y3+X}Ri`UJId z2h_pVcR&txitUe4+lQ&;C^5JtJ3?(CO%}C6o5x%{*$VDA*yaiJt}3)sQrI2sM|xY$ zxnmk47br)5gR-=xi*i^GZF!J9*KN1;B&TK9GT8za?u0snijOgG4|v7|V$6Ce+^OWKxg%7@(p^alWrtx7;mDI1pvrG=MW zfQ{Z{OWq6D!$gC5AAmbpy=XoD+)m~fV|fUUfnxp?uKC$L1sM5N!0RupBBX+*M)yQl z;c8gV3Nzh^Yk=s1dYrRV{8NnGR+t>D!cps%g<8*U?kCeVh>j(VcMouHf^ws1E2#O? zr1I@x0@iQ@aB%=@0E)Iz8%VlGsRLp+XdpcpK%Kib@@*hL)sbunphKu1(T@YLk9K5 zxji9Dhv?4jkP;q-4-e+Wnkldn4!ubKKCtoby!K+53!g-nW#L*mTU zz_u`BrOnSlzq}iy?*$p!;elx5w9(MY4HNG|D74gs+RXa8eg$g(YQ+SEc;`wH|!y^j^@A>j!tGt~zY9 zxMcVJevbueJ8j-?f~~7sS9H1wW@OTvkaJ6XK(rB zD{VbZEAvgVuvUIGVwAiCZGU4x0nyFpAU%;%c3K!^_ z*(Qj@nrV3sb4JBMpoKWJKvdPQTawtdyxkPNw3exSt%=X=+vt%#2v04kr&ekQ;$m=s z_XN~}0XXwFAD2@M7A|C2H%wr9aJq7)j>oAu+9HKTxe z;4Af=_ea0F{fB$MyrJ^j-XT_GGNafu3||Rc!c~|ImR3cM8WFR^WRXnPTNTNC3v#7U z63Kj<-(JA7Y%3r>YE&{r`7Pc}50qs+Ucgx$$^5yW@_&g*FY|aJ9gz-ylVKQ0ehn-3 zBaf=^9?rXxQQCtH!r3l<+r@8t_-!A*Jwh^M*02&kaM|cXQu_c*^|z>12w_VA;dc`}GU63? zD!QAh+?!M7-YSH*S#VSzl!e>?LT)4Ec5PWZG3d-;&`I#_9C$a$+N;XgOXT-z$?v7I zK5bbal1f0)FA)Sb*hfkPWg)1N`D9VC$tqa|5<0;7W{zXoa~7ooR2Xx>VqT;k&io1- z46Z)J7z$^8Qv%O3xFX6B`Q@*v^01@waL5u(NL-HMiF80MAU&l-1Fd2!L*!C~G@b(= zC)P(Ctd9`vNeApnl0GBl&Jej{IpmHJ{CE!hI2qxD%Lr3$XPF}86NLPXw(J?VTBa1W zOsQ&_B2i8%qEPX34ss_6>De6kvjjh-_};YI&!!3KR1}d;3;2Ww;E~Mv6|Ov?o+i}q zI*ZP^P|p$ScM0`*UD5NZyG{#tot92IO=kPPFdKm>K~=v`g;NgL6v1A0z+NWUs}9(! zq>M94`)5>T%n;HURkj%++l-WLhRD7y$P)NDtLp1Gx*0{mV6eZ890y?} zUIPOc-TZz-qLDn)wg}mfB2P9%M5hVqY!3V^jUI2SqsQBXdM*d`9Kp{k@TkfsN=WC) zS>JIwYc}NaY(eoILVj0U_Ac3d##xqSX>Y2+?+Z?g}NM-#IvA&{h_Z2LgWV*6RhB}!n*609$ zSme_QKj~9^F&pB(m<T}0F)^mI4Ld9Rf7UgF-Cqs}&hx97myNq?Pg zolz_^*_|VIx2H5%0+D49;#3G2!+Rlw_4vF7&y+x*DNBYVbOEQNxUrI9B%`LbL&_gA2JwXhugW&`y98h`8|5^@#Evu*(7!l?1nEFqkE6X?7pYC!U*vU27^IPmy;pi@}LOiN*g)+rxsi`7{hD>W?CM>5RwobM>3bf31AAk@K7jy!RH61U4S_V zOvSMEmx88;M;sRkS%e=KeNtgQslf_qv&==i`bDDp1~uh-UOrVqJ;1e;E4Y+vyIj-` zLS0|T@T_6MNEi9l2|i!E6y*1dK|vaNDYrcLyG#6r3?tcB%E14roxuQvJ65Dq!^XG-5PM;NcJs0ux8)l{{20&(a%a5q%R1cw;Zq2A$+GI ze5XX|cA#`CDBXk9zQ~AWJ27G`WBXo{V)Q!1=vBn%l_+~1D0>x@y%MF*fzqd-^woJw zeFcsDIYaJ&97rtcE%xOMzv?(Ulv8JT3kV>5OL0F7$)6luHuVQcP9S(+){bE0Uh} z+tT=OgoSDsy_mQZ>GHwSC4_L;6K@4$;A|0Ts7{*P|a@7IVHsnq-0-GvLITJ zJA=9cqhhRZ5r|qgmk?N>SsU_*P;&wzfHejNn>?k)eV_zh!=?Rm*Gv1)JGB42qW$On zj)f(-Dmp&L2lQ#-O3H{etqkbX&QP9K$E-3nYM*wFdeg8J)hroE4{)mZywfJ4)&XCoLEvt&9Clp>fin){o>7c@MhpVDwnj^Bd=Qx7 zW}Oj*ib-Y^)6F=|O6z=9nQGPwrq$rE}1P)h`2y^I_uE*Sw-V#xyErRiFBO}QGnOJtO1@|I!ms%9df;`$n~~H zN!Qpd&pCuSrwDUS6()LJEOy=@%y~ta^TJ}d0!IsS+-}hkOGdG#b6u47jzi9O6gl6q zW2bD$ik+~FSg{j$ognkBgUq`MnRkbs?MhvjX3aR{nNj4K@!O)5$yUKaqt&R?knJqj zN7%~_VJ|DfUM}Tg;45BO(j-qw(PB}%cCko}>EBO!Z&VeZnS(QK9M{{PC=FBSL z_?#V%&#B?~oTC2Nb&>Z2hrAys@_xY8A4B!Wg!*H$+MJ`>oKkI0qI~2)`A9+eNTOVE zpj=T!1;x4Y{yrN>jRSKgDuc$L1p!aN6nHmtd7)0Uyi8V3g4U$R6R847^$mdK9`8zuY zPA(Dm6cAfzYN53orC2F@uydlNocvODpsT+9Q!!+qEAw_RDk1QCrWO@WOcjO-Gh!s( z{>XQSvZP$85K=V_gzHs9H`&wiImNM^(okNVYR~0P$Lal}1IIlbpUa(i&%qlXYG#ZN z4z`>zyD>3GGwJ=MEK!;nb2KvsFNJbk_-?h~_iC-(riHfa?9-`jPPgxePxL)>;5l?FZl1woMyF*6=xVb3EQ7a@eF&&@9t@B z#`EV5`2Wh4Xa3#uO@|%6Jf35z`_V?xvf9Cec126m}e*1?%@s&LC zJrDx~H1LAbmEumWapoHqTe$-2p0EJ_x|r{t4kTa?7=9pt8~y_m%D(Cv^&2Am3JpIX zz}?2UlPt;^@NZrx#8$Q&Bs(WK%0KOK0#~ULxr$WA&Z406b6LN=Z7qPGP~(O_YyzS2 zuVFD2#Bceq(YQ-je35pXDI{2RPdVY|=Z*{Pt(TKHMrd z3b0lAKO^?-AQi@01iugBd$#!}-Z2)kKc~Xohlg0m-rz0(_GUZ|2;48WGh+SfHqz6e zIK7>Hv$!;p zIpZny6_tkfO5iMHhM@Mi0AyDa8F<$h1n3d0auP1tb$DsO>&Kc&V1s_hPONFQ|fU3;%3Isk)yJ%4(7R@pAsY zlENKmOM=j>m2zwqZ6=`vj>Dc(57xVcmy5`h@KCl3z)J)@SojRKkD?x%vD_qAs${V0 z8&vfi>5=eNG@a{!D-Z% z1h_HI5kOs^Qn1fiEu3~}nDbE=%p5Y!fJ}EwnPw~+GY%R&XKe+7D(z^0Q$@;#5L7Ej z!A=~tN)*eYvMlP>F3fsM)!58coWf?xG+^5Mq0rMQf^nN`PBj%~> ztW?y|DxR}8g19YAlG__XEL}@!rF(O+Wx(a|nzgUf2Z6+r1<^H#<;XLfOo+URMTtgEuoMiAva3TkCq zMY&nlw-)>7QO}ICOjS6nJi(i2bN=Gme3Y?REi?&NZ(|mKwzJ(na`%QY^OSevlthY=5Yv|oGY7#@Es;@fG{Gv z=vqV9C|#@R8lr2UjCRuC_W=ReR1oP99}5t87f%6r7k*O^5Gg_^=h%c2G>a)Miiog@ zz0nM?Vti>Gpne!(VH(*r-QQ!p>ykNwI102hl>~E1!7;*P0dAl~`oV5`UPWZ7^(-CmpU`V!| zXCYKzB{Bo|O2#*9*$|Ve)_1O0OaM-VyN!X&Y3VFI9k@N#5GZMMYL1-Pf3CJxh zLLe$75T(LqsY@VYdWtip8%$ovWT(NLxTO&`5K5J1PQyknSV=vN?#}_R3lX#ma~=4* zLbP7yv|gsn6`r}`<+_(z!_BnttQB(RUi~ilQ_n|Ju60KWs5C(*1k&AYX3$A9I4?bqgQ%Rs+Il>zsP}Af9Y)@8 z>B7sdqB<7z*74|D+&x%OgO?~?s__!SO8_tC3ZL^~R0g%gpe0k;rjj}wlCVe&Ku{A# z9+{s-O5-vMot|oeP5afhUFbHCTk3a}NMchso`B;$hFVppk6s(d_ z{&l)uwuA%^wUWn>0yrA-s;6tU)vR91*U^=sc-?lrvp$3Q=r;-1;Id|~=LY<3#2w1v zA9R%Zm;rdW(8$=G2HRx)f~846PHH|FKWfsih??^EAx-=DM9t2`K)OGDl(9C0Z55|h zjG2d_4xMylj@YP!{VD!yi3z|sm`s~4PK}HO4CZZVY-((7Y+|egS3p_NU}Y8}gPqMR z$mMF>vAx&qX?u{dI)mM6o!w>D4X#rtZ%d|ANpVsQ^Fll0aPKl$4OX{KQmYpS|J?J~ z#>UN!&7iAb)GAaCQH&B(tHdO1zrjjKXvT&NHdxRvu@|KVPg8TZqku6T?A&D}vAHa~B$ z-OEB6k1SFKvqJ_OSQfe(|568)K!C((9j>p1t$;H!Ncs$r^u%5-yUSI}UXsDG>A?hI# z^UWO#?Txv7u4a;o^TtB`H6N$KCaB=A{RZn>JR@;#$-I-rLZdpZ)fZ&YQuquimjNB# zyC92=g->(zTAFwMS7?~188CE*o8;%Uc`5#TRSOYUG0DoqsW8J_#oAFpJ#zlJ`W=Nw zYlZa6d6{j1As}wB1556i^K*gz|3!oCTRfNf$!{op@isPQmN;zX)FiT z-1us@!Mc`8)wPnb*s)vFeB}YCKJXSB%@n#!f={5u4&Q|?k+dv6sByCpoyswOFZR*k zvTF`$uy3EiKEG7b>PYGs%X$sAb2)V47)=&CW;wdM?y+WbX;~hxoNuvf!=~lwTRD$1 zo5K5PxlYko81!w@N5Ai^(GI;NAGEA z>W^(a7~edwp?`CKJRW0AG$7U{L16swO>qfyy@|NinBw$HOlzAoFq|A{ zo8Uu|mNYS~)s%$B;)4@ucm%d3NBR@sOzSjARSABqZEI{KG0Kni?TC$On>aK!(w$5W z?@1@L-1w=k_VL6G8l)TZo>8oojgur(0eqaV7HVZ1q~|dnd9Upe{B&h8&seL$2!lsH zmcT9rqZS^?9ABxyDjGXHq3urx>0D8*FAMu>t0iGCOJcM|Q*^W4LmJ2Ual?+|;I&i1p^dVMZBHcWd)cf3hMpvFPKx03ON9XuITa@{q&l^AWNppdgr5ZMyTO>othg3SwgHus8`CIBT^r z-=WyIYbvbd6?PBw54KK>4?*95B7c_~iEmBBf4CvA68>(3zu!UG@02q97jn_t-P6_+dVJ@5UGEt? zzw^td50o`LKY=vb?(FODYwjEC>&F2F9B!-+0OP_s>6=+Vz72&-Fju^&7iEhcIpG6}3;ngJ}|Ma%>wO z?t(`-8yOo+rsMI(*zm9{{=c=Mhrg7_I>0COTi6VBWZUrzc+DBB+PW%tQ+&m5Do5d%IY;hc8+2{Q z!*B-3TKIbb=x07fCf6}c@UI10+XR2jbY~!G9pIzg_(4j@VOVLo?(iQ~b2_PVj|XZ5 ztKyFlz`FrFwiBerkLr;VYCHwFsI@~3&yQysm=ZoFtFeaE0gud4X zH1S^(E6u6zwz_R|#CupoDl@Cigvk9sc*ne_9Q|^Ev>xCsDC~{Kx*#{{25t zO9KQH0000809ZHpPDlcx`O$efy8x#?j#K2i*Ta$Ur0ktCb(QFZVf) zKdiK}wTLARc4Y^+!{G~ehP%s%Lr(ZuX%hHzJu_U(IT>-h2cU!DDLcH+f9ykt)bNG~N&KWyO>3|)lGzq0VPzdZT) zy}}sh?}ClvMd$CG_;V0`x=uXj#)+R4fHJ^QvfbKY5exk1!it>O3ht~BUW=^z0G7gc z{d+5Za4ergwCwfTi6Zyb_1t)m58Kuw8(A9SW&Icv4gJGQzLt%v`>y@!o`1EDgHUme zuY5OlZO{D|U}*zppDovqV%uLkh!A3125zlAAQU4oe0H;sVrP4P6Nj)fXSJVR2cGAw zV>mz2`Ol8;gzozM>K8YP|E)3j)e6V`y;qpOxnZ2xUIDM)pHIDI?E9S^+FP+jxBDHu z`Q*osj^{Z<;DpgT{t&Stsu0X zz7Kro={ewZXZb;FMLTEh-nq^O(I`XOICr>y7QmALom;B_kD=$l@$(W`71v*T$;SD< z3_*JBOpN}+ONR2Hbr54;uuX^MfF(|+W3%sIZ5$skU~6FAg~7HA&E4T%z;^i?_N(<+ z+5X7d+VT3~oG%&tFYvv+l|-->_Fe3RWq`QLV)=JruyaCSKo52V%M9~ya2f2_*{H9K z=LMf}MJ^qGud*TnA-)zK&_0sh)ylFrn-F-Spalg$H49M&DjrCwtPHAYm_eD(>m-VU zEuKPEIp)Kp6>D&jjB%9VwcsKJ#&M7xG@q3w#xe0mT$Y(qi~UewV-?O- zhNsWQ3Y@D9sudf{IG41wjEzmaKUXP>Y_~IwOm$+ks)|cz6eSklAD&t!$_3NrSAplQ z_iy|-+-q?64FE(NfHCw3`_U1$ffWY~(@)M`mjIMl zv7Z8YpLm`POz+=?0eUnN+AnKGiQ}|)wc(l@!xg~CE}Vl)Hw0TL0O&dO;wdRZiynf+ z+n{)7k^=N0%T8dDa7xxT(|$tdpTPLz;)#+(5nD|KjWf9Y2h1p)EdPYFV)i=>AD#h+ zVxk^o5(pZ1XM1IEjEAk05KsJl7$iG!ijQE9SXIut;0oobu%nNQ;k$r!`eMc}Id74~ zC+;IK6qOa&<+S$X#{%K8K{8&3au`R3m5wC&3fPCp#8D|&gU|+L3${sZaC^6dnKA_z z_rSWyKZ{+!S*$%5rUAOdC)j*R=jW6FiUlmugYDh%oy+#Bg*CA1#s)rSb5oIHwXX&^xsGIh}qN3Ma4KR;Zla>T#9U zuXJ{&Uz7qnY_lXgC2m?|pk-hsZaTe!^BZUo8<>mYQlyU;4ymd-;e1&;J4Q&bGIwRw z{Tk>eoeDhhCVf<%)yIc0_zc=OSQOdA)}8Ho6`x5q+9=kYtPvwCdrFkJf{;{`4N+yLbe0v3W!X$POM+#0?d=S}3_c4_INe z1MHm95B34{dbZULj3hC-Nldt-3-PSM_Iecro@4u23@H0uWAJOoj)EKnw-KM4yYv;+ z-Oqu0AQCRDTfQp%Kyxh>m=c#>=u3oY)x<3j40;Cb6cpnG`yfG86?D0C^y9{1;+z#9 zms}+2yX@gR+lz`%qp-ET(6Kjr?n;d9Pw;OT1$~k}lMWI*v}9}_y~n}`Rk3A4wxisT zhI#lg zLb>7#P;r`G@D+RW1vJ)3B?z=+R@pMSoJhk z4qzFW&S`8ofHJWkI*sxHG-(swr6*nERA}%7nGKAt{=vG(4u0sM$!0J{pZ+CKDul_{ zcghH`SH#J1eT+bJCH1o#Kfqpr`(p#Y^9>naQ7fXQy;RUk@ZTIHWBFpTS|H;6&XHz?U$ug@ z%T^w|?b+WcCAjUV zwf?kBDPOe_s-F1tk8`+_b(&->_Z^Mv4|57cH1U%KoY z!2I6_CedTSzvHGxI@ZQPcWZzpm{6QUHY~N$HEBsp-t>Jie;b^eW9n^#> z4HzJc3i$n!k(M5UM~Ki6>@G`$u7_diNEm|8P0g{>!>ay(8iF1ke=UTX*~Qq3(HnH| zXavYGMFU1+excFT05;j4^&AFsBDJP~&p|Cl7v%GaR;MBz*UTS>bi*Bq`1xEXERnw| zzEXMH^+7)qgpB~$XAb5Jrr?7=401bc?ynR#4c3z5_|SCwP zr*>9o`~B?iJAL$fmJ%H3L}H?dQCUtrp9;YmOA^8;ER1}$di-O4-vvnkV?(d6F0V0W z$CPi#o=esbmMvfB`sUj|p8v1^IRDfCKL5{eo?6c$ce{f*<=1DPv#VnHQ(wRQ_K)zK z?MVizcpQ-BX}7T*#yl#Lz59G{zAkp{H@-0Xo-=zsOF7Yjpwz~;A_6}5lKWSNGrFYv zCAhy4qDaRX0Iy{tEOQ2AIew#4vy4U0qDuxpkr1oLQaxz;eEJ1xh*DzQ3SoOPSt+?R z-3W3j_B{4=$v<>BF6Ac2rDqwE1D;5F z$e3v)+q8D2Cp%wtNoO+naZga~afS z4lAYwwSjabJE#D%3`7-vIrJGNyIl}sREDos7KMV$V)%G;Z3?%m*DOgv;W z^vUIWF(x)$+^g-XR9GV;9w7vZq0{j=Az#o|p^mC1E{OsIK!O97(sx;5DaQ zOt*}wNu52ksC8{fWywV!OIs-DqAj+jr4a5RYhJc$r#r5LWzE+OF*$Q;%9yXMPIs_$ z-SPU_lE+Ia8^5tKgZO;q$KQS1_-h|^9rBx>4O1SDhxd`jKSA-nMt8_g(Lt7$^|}nU zkU*8rJuAw$VP9h!dZBV!8C-F;pveJ}tj4k(+dNMx#`3jAo`X}v`Livlcep)(M^qI9 zQ4soKvvvKn92zjk3s(9Q_F4Q6DHQMkoDGP01YuNLd(7SNczS8dI&*<%k)!?^x_ljf zy}pvUZVCs)et&hV52<(fO!1@ zm7|j_^fmn7XVu^QOM4H*m;b~MLYO{K2DgES&#fyg8jYGnWc}ej{_|h{#0p9L!Gk~l z^K12eXF2__;W3v8h0PZ`k4sxyN@kb6WZCzaMj7+${x-XQBWkR(XR}Jw>Hc7G>_=A1 zqiM`Cw8l}{61lKqnE8pNC0_8#5(TDS<%wxs!!0ld&J|#PZ0o@eH$V>|aA-`wWOXRg zD^9$oMOrvst`+0l-8r1Uv%y^mqUJ}4RT%N2AYH<9>ka;qE{=q#eA;k2tX~b5CsCk* zb)oPAPMLp(Y}gHi4}z?SO7rQ@uN+~~aGa$Gafl)({5!EmNDw>+Ra|qahjploj(~*K zI>eDxDU<`^J5Hi3;W>+t+_3L0@q^-B@<$i*r2s8_n{&(TD@?JA)yt6FByfTq2s$G^ zML78RCy4s+Us%04_N~Nv`AsAKI8zyL+?ySEqyTjUcS;0Oc|BvfkvVtusxjNc*t%6;Kr=e}v zDA+R3k+p3jNZ_VfpVy~_Mhl=u>9@DLKQqO@43Aj>_?xf<3_2$jTcg8asahwB#(~-? zIcShb3x3o(Ic$(f(>rRN95hHIU`p0WgFzx0ohsHzg&|d^lUXN5(4}_axr#(nu$YQQ zlI#T2wU}}vN%Gh0SWHGNJ-5ADTtW>StT!XDT2<{sbQtv4@3k8P-Y-dBsI8GSQTZrVH$(lOHUImAN^l4q=rson`j-a})N5eNS23l*K)q zD9etje)TE!s{}_9^rsW#8TMVPSynDJ7=Tl6r7cZFu1!U;k|Xr!9go9ATXV<5fK>tE z*JeQqw@wT|LbpCwibYPl0Kfp{hi-p#SNPQlx?dW8*Lu2xY4-qoa>YKw?^)Z|QP4i0 zcy$^sDk23nNj&8MFHCO(e!2gC^$pt0ymS43zxwXmHWAlOo1{U7=(oV$@L(r_w-aAv zirYY>w`z}7+k5&tJDY8$>=$X=*=g70CwuF9s<#kuA@~dCW%(j9BrpQK_uu*C0~?H6=2y_B&vrAJ}Dp4t1QGAdZgOhcrsBhzq=L@!loZZ*D$X z7ptp6vqlJ3u;A7NcXl&8dRE>txDzRE5?+!cwhbUrFsHqv_J+qYOGRp)Pq^R>x?m0n zKTEp6zggU71$C02Ho0vdgZO6wJK#nZh`{U^P$n zQc(;5E=Gcb+09k9|S?SbNkgEf$5N`**L2DshPKt$Qav1LwKDITJ}oXRQX=IMF(E#m(o- z{6o21>uB;mrOQ>ejrwdgI=t~>uO|~9DTui%Hjf1~N`u&tfV>!g-+7 z!ac@MtayDGB=?*Zt+OO9)vf1k!=oQB>c&{Zcj+xBOyA{0HjVhh%M{qaE6KH?uL>D! zUtNi%h0w%Tw9wtzkah+A!W+Dm%m%M!fPwX3b3ZIzOFF|VbwDKW#~M?DnKgwBOwRMi z(sJt$| zSGlWRI8PNY#UGU}gtOCEoelpUFIfeNUpK9uHGl%e!f)-W-B$NwY-P2G#!b4>oiP!l zF(opuOElLRqau|~x<@Jbci$uFz>IE9gzVnR8-KG4Twk@Irg#gqLH=5LAv-S|J-+NJ zBht5QE<>M6KG)$mRH4PTDA!)H_$l!`q43?gfP88;N_13)l3mpsT#88Rs+YTer-ob8 z&BM{p`0K#;wJs1>PWw88&?{2!dO>Q~lb?@c1`m+&e%2n;nf|NjaS`79d?M`H=1}p7 z?%Poln23kkr7K2&l_S`6>g4lPa|ESRXN(SW1yZI5JqBYI=E!nHYAihl z$0`FeOtHxq<7Aba_It#>CvAtconB7iX=*%0)Jf~f7lbsQNj0Cg8&GotMtux(oL3RA z^Y<1qjhs;T_Rj-l%mq zi#tfRNxQhNgYA~LUxq9fTxM)74d4137H0Zv%auiM9iV+k&apjFeUKNI6)Efh2Xe(& zf>c__gC80F?ym?HX0U^hJv(kN(;cs)SO&psjF0W>Z=|K`!V>FiIkD=dh<%Whd)-Yj zMpcp)v1?VCX4*-~#T;?8O5*Oa2!I$Vh;rnnkwW?S#)%+#X^fUXE!Od%@OhTArnK~J z;RbR5)Aa*M@ZhcF=)sEi{u+`*{UC|F{c~$TDaQ8p#RU$S-xO02V>Z55eoX=4GC-`u z-Hfm<)ZkBrHagKXFIiobV}Vmu zAFe@Qm^e*wglSctDz2>y5cg0=SOcP2`Qsh7wK1b^Z~ZfYQMtIOB%nbeGq42MQ01(; zhT7fEt3l3fdE8NR17DH_ZFn2LXZ)PvAR9CB+dh-``mO!a@q!n7DKm zTcwt*kENiNcpKXmz0}Y9BRkn^dSqt=uVv~`M>JHSBQvor(5AjZ8y=-*m6K$EnuWp* z{)UH?6)q26Y24z`i^3knX?PthA4{_TOi|6`#W;R-uiJRT>PB6cyCSKWZB%GaT~E{# zh@HZ|{l@3mp69RP;ivbC*j4k;*#Sy0Add|k&lr_Rr`Pn+cfBsiaQv%& zJi~a{p+!+QHlLfmehqDvpZs_wnw~|au4jepRJo`)xl%D`+gXLE6nD7>8p|iy= zu}x&zRtY`>_s?_n%dje0!z=KHrp>LyIJ|2WA4xYS|8RLD?#HtuK%9M3kY+*C=Co~_ z)0k=7wr#v^+qUhVwr$(CZQJJd_ib$av3DDLapKfPR-HVBtgNiee3BYbWn!Egt!SdF z&bm!xi_8gcyybM%i|ZRkanHA0OezU1zww=Z^28)<#48NuDG?cJ^Po&*Pw5ywcGdO` zqz*~;kIvc?BnyR=ON6sOE?ULmQ{qzs`y`^iPfK6B@p3HThvUSE?h2)bJO(-b(xhOK z5M|*mtTW)>ABnCeeoSp=U@A!n)Vo3jf8?MQf+k?k#n49 z{?%J?Z!QVz0xVde)?xy?h|ot3xlGF7pRm*za~b-FjB$sIK^wRpcLfqLdzfg(%GW@w zNW_LiWcYEU?Z{axph1$UUzsV)*dCmqt#LU!e)B}4ms#<4%>wx26RM~ZZFD+aMG9?z zfWn^Fu4O9&)5|9s6FMndsH8);zrhG*i}Nw?Cp~dyCC9pfZk0G>W9uD& zfF~6kP`ED0qH+LcaQ>&GCC~eE4cn?5*c{kU!-ezJwxc%;V*_Dk=0IB&)I(+MEI3un z&tj-)S?!Cq*UKyvf3Z;}LOs7FksR9OF$G#$1==ub89U#(`(V)uEwB{7(@Yb7BG1C{ zyECu&9MNmOh}Q9XGsoi$Xi`a*%4wX!T^E|_=nv3~;RQpBm?NZ&LGVe1KWuDey5+0t zSZA=J7$zkuBKS4Irs}e3ru50bZl?=GtD`R2+VC~*!fRJqGhA!vB|)ovPO&lT$viOM zTVbwh!L1l0B|l~kj*9?$2)tbdTd#}p!A6y(mzh`Od(K>eLM&~B9fG$-^OkEb?9L+J zm}ujEo&#mKY4qLorS*_Di7tKiGiY>1_R^i!!gNFOWBg+R^b?$80^=*pV}j&8v}1xc zB_M_+W*QcWdD<)^$LM1M8$V?l*|*Xg^?u&rIp&eX(*glqK713@O5kbjYgLM5!gI;j zBhxQnMi?~(Esei}#=f;J5PU-#luv<53NeR>?k=BVMsg@+Mg0gTr03%!>%byw z9bzwGJZ;oABJuE%BMA~GoBIqUa%YbUd!-cw`j+5~l{38XBL%qE9s{06Re(fOvXFOG&x7K#$Ls&Ix zUtItJ8}Ljr10OG_`sySnv)!6OouHZXxaX5!lx!n+DW53o7vr|vNRCFSThoEG0r9_foXkIz zmk@P{yZLn9V>>N!VgI>u00;s($7V$7Z$IMKH3|_UL4!^Z0Frl2FfO=LrKB17CohKS zlW@#hEO;pzwaX2R7PZqwXiYW#ErpSm4G=zUQ&prSn9hX~m-1vPWhdcP6QCF0imAcn zo`?xbmCh~bzgNT<6J8p}*G3&1Q@N?KZ}+T)$V-4DA~1MSX`qjd(1?PLrN$kc^WQz9 zCS}DEg2VAi3QEx)V&_fRGtOkAxa9xtvgY}1(l1gmja~Hi2a;>}DeALxLzVem*?_v` zDw-f#RsiI}gZv9OFuMw6y47y)*cj1Uc^ROmJ)tAy6_CDIQB-80-9|K{j(7!Q_hNp- z+gzc(5rdW_1;|45MF&f-{Z)^W>$~JAtwe^SM-(m)1y%UxCPLD>WCwB@xYF7ix=+&N z7|eroSgLS+d83!Me=q$j9cL))QvLek5u|sW!4j4c zKs;s!EP(Vk2K9Ch09v>C?zwh@k6Y%>^IXfPsk;{W+rji2 zFW z^EXfPg&Nr}DcuSL1Dpyyi(N}Ez9IsLfD(6D6T{plXGT*Wq0S#v%Sar$a>>@A#|0DUMytOq*YWDz;4Rn{}0{{iUVhcA@6D%Y_i#Kbwm^KJI`9eER*&&|&C z_lJfN@din>h9nUdup#32)>Y+P0-_tu49N*_nyeU*eiM3grFvUDUnX(bM4hpf9Gu#83k2o5cr00ED zz(<<35G~uj({9dvk&gcFdi1@F9rhT0E0E*;~g(XHzT=+tA&WOOkndK1@k2^hh;GexCGNk=Mu8JOS_0Pe+F zUB&>b=1TWP-N*JTQ#tE9rt`0&C47s^%}V8l^e7f_XuQUqXiO`oqBgT~s?|`z3dhA* zCH3Pm|0SIG;7XIsQjUSNrIq?h^hLVU+ai7X=XTdn`_YQzi4PVQ=h+IH08T>#oQ4f% z70(pql*_O1Qd-KOHD{mE1zHdbqi2FHoNAlrQ0^2!7I^n z0sp13E7m=s4JHrthiRdF+PtApfQ^ffF->UM;g~lH4-^SHWz3sno8im_d1;#n>2Z8; zcEJ=g@vFKbZx}yU>t5JtPh5G|kB|#LIF`HL#I;?f;0PO=L1?iUyIJsL4cTBu-sU)J zXFsbd)q8>PVinzFR*u%aZm0Km+{Wk>d;_&0cqUiY5>w9ZOyeC5<%0OJ0wy0Zp2KGA zC3sAXoSTWA_M+l5GP;hn)-jGQvp+SNy>fM46`mA+4Q*clFUQ=AoT<_YZ9i8~Sd_$6 zQTg&$JD?!UcNsiGTQ(J)2-iee^qX zb^YrsL`*b*{J?JG0{uLHOhVNF`Gj7fLqDlDEm1chjSb~-C}B9%Y=NTm3r8-IVe*6C z(4?UYO3Og^zL||1qN+BT*cog?GEL+j9({SOq)a5mS||%(dn`li7+Ipm^w}Vgzt*4X z95Yg@oNI{`FUa*|7$cvbCKtQ~KUUe0Jjyh=!LajXn64j)SUIiP3SbQP&~5tXu0AF9 zzyo530gP(t%Rm*$D3^!%J6t|*#ZRc#0!(zvug{Y@zW>ji(Xt_#zJ(GUyB+u*)(p&x zpaLDM4;ZZoxJC1X13V>*;EN8WbmgJ_B(tE^%0UBmzE)j-Ig8Wq+`o7jk#&mc%NvG* zWRcfhRNr`c9%i7AWc82BzG_iVP-bgCb0v;PB&kmHM0&O@V8uFsuB5n||K^e{KBa$O z1Sxy;K?A^xHvWJup0qv-V>ER`NTP3!6F9NymCr0apvbDMZP|QPMDiK?xkP%>kD}jB zOglavhq86{<6vm(4qN#S6G8ilfGDMQ{*I|=$Fwqec_&EOu44?_N%r|4hf#;Ty~+83 zj5lL_EK`w~D8@wz9;aEJJ0-7*vv&>tYt5ZB2us*)X=xp}S8u8R+ zp-mMARkOA$tCK~yiS0u{?8E0xXT4-vIhwBdn1;wJ>An+i1^@Cr0d4gygG&Xc+nrd78n}dV0dhL}4s&ByCrP5xn<+1ouE1(Eixo%{6{({JL zQiie_-D-G3b-H1lWfN#27KB}YG1}cEle`1z6RqO1@5QIr{E}Yi_|q4{#uFSzG@>68 z`B?~Lq6L6u9#NehT%2sYbR(;{8JzlrvoZOj+je-Zev|cEhY1+&Ncwf~=^EvQzZl2p zWP_ckEs6Wq-kFInWzEmnXn_Ca_sw-R3c+Ltf>{&r0bR&@%+(SUGM-)ZzjH+BgKNDr z=mHkduVB`m9y==f*rX^>%ITC1C>@ju!R%KT-Sir<3l%h1$(LaZ9d@aIRv*$rLRP&* z6|}TXvoKQxx}gk)w0ykN5wD9`>&cPM8B2kPmgWz7?_cEut);Le))=>Ssl!sDxfH z(wk>h2on0*KZy%XvzMZ)LxnHfgDkslJ<;LD)vg{NS?OH2hikzZT#L}=R}=l_Sm^>&DE;^AtN`JIyp&+xIAN>t zAT9c|b23NPTWdQ|53x&JZ!`oPUhU?eQ{{mup@DVD z5IK=^x&MLlG6Wp5^889P3KeNXT;vLYj&c1WKL}{^fq+7qY2O^a?Xf*;xFSR8TYBaV zRJqLLRNdMv;5aZQoY5GnRLWer!{u zDIG0|uK||0M%To0a@lD<`WeB_u~tGK8u8?NBGa|-Y159q1_#D?hxtHXbe;7b7S%t8 zxM=`WS2)+@;#XVAk?GB9KQpUIpNqWDp0YH9M7OBQ#an7xZ+DFi{hD^M_Grqdh5eNz z7J(YvFP~DjLdDBk*qG9I$r-JE0QvMz=I7uh*$rP`308y}CsMGja1a-OW#A>oUP}Mt zfXaIEC1TVX;+4nFU0Y^5*bF71AQand_{bGchyA%q)(mq{JBKM!w1wxGTp<7%NqoX zT_}##F{oZ;kNLC=D&i(_xkwqN8FN%9vmBvW3@!Z~sY25e!qYSss!HUswe)^5SEP}( zwXOK6ND`Usl_R0?J0~Pq=>-t0TrkaU zV(zgIwlegvi!-i5w7(XA8P3fpDvF|IX^drY{}YIyRDGnI<%T;1_`h3Y1dhng>*yRT zlKAn5sgW;5@XG^6w1-ju#eS?Y3FOW(SPkg2UI@B%d_=!}tRosR82En)+6VLfxuJdn zH}1GIE;4J^BTUyEhB@O{Xp&W=SfjnjwOfa8#EFN+XK+O)?p_P`tyTMmUhkbq-Zv4p z44sY{I=;_i9@toXMczba9}$&}XwA0&#A=cOdAE0Dva!Z{sCFH9*x8rE$PuoaETk)% zx4dzfqYCSbi`Wx#{A z%^q|-vdk!^4QPEXilVz@9T|a)Iu zcouKjS8kP5CGt&9HYBSSdyf8V4dIrKEj+u8?>*A^m!YPmp2UP=xNzi%xV*6UY~1o` z%_7eb3HLmJ+ktXbTGZmLI|NH#`#iB+>-E-U`-_LMi`moEpG$`sHqsqY&ORQ?^6K%& zX)Q3k53G9r+TD61HoL$}z5)KhQZWpZB@ag&f7GxH^@0SW1T$z*8cu)w$##I7V<~=w zeioCAdJI4v&cHYf@UAGp+{`Y1zjx0_xSCcZp@|2POaM8kB6a!Q`d7Ace%F7#B4rg| zyEVG7P#61=9i9=U^=rO>9c3Mtc1G|bc7>=`uzx`;uC88+hs|DsiJnd0c3=nAz;^t= z(zxgj5rh<64A!AoY5K1=(k;=6W7t|j$wE!mpQlp8jH@*6;w6wvfhO| zUp_CV>iv{al#4FzSzcx)PD9 z5y*GYXlb6RYyTbI3#Uz7y)m6Sv-egS?Ds)J8vcBq=#_bXsO9Z%$8zJ;dtlQ4svBHl zV+On%mz9>`xYrB~@n`+f?vxU?PGNsrqv#L^*a)g9?|`&)k7uEtDgROgXs>6P^Z@H# zY-|(4)RS#33W;ZE?QlzWm;$3)pk{Wje0c%$n%Z9Cv2A7|?z?8WvU6gXW#fX(y#H6> z*oJsYSfyK*!M);b(}YlRg9{|egGR-=f1YVYVz<3uMH0jrt{vc0>D8#C$>dBv9)oW1 z`%(yg-&_W-Kw_-!@!ut=CgOsbMKMagZH9n&;sWIkc7Qk^kFa|1uOGr7f_MTBm`32= zv#QVx{S3QhIeuY4LFi!{m)l1q!~^+PWdXr|jM(m`x1IYk zTygc19ip+zdBzKFr^AKrhu?zY(|;^FDo^3suhtVDJGqr-oY{Vr0>nr!D+)=KW+FKR z0WK9$)8|C#4W3RUq7Y72h-BiV9$Tn)F|0Hc6mbb4rz^Ah(q;JfnNv_b;ZFV#&&MJL*I)Tfe7-jm>Tr{Pbbn8q z?(HU2pq700RKTzACy$T`j!Ee9h1ap-d>~B0vJx}jI$ursQCIzeGQN6C1h}dE&v!&xBBW?X3PL$Z)(;8N0Tj zlfTP6f5a7VON*yx*P#zHJi>*zG7~vx>g-LLL(MeqS_`9^Z%E1ASUu z#tbi2D|_tcu~d0Qv3tNr{~<>3FN6lx)SA#+^kZwd`%rg>%p<9^LD`g&dLc=^7$>Kz zKL>b5(baP!NyiT2MgMON5Euhcczb)(866SjJHDvoYNRYDr;phl?P33bz?Drb zCiX5OvXQUMNgmCDFOD%w*G2|pas{|NVYsCCfI#Kzrov1FpsDC1LsDi3;zM09E%1d&aRxO$gCuT28HJk1V5N6 zLs9F$MuC;dL!Un-IWRYAbecFSDh~JKGhjZ!h2D{aOxnwV z9M@2iFXV;~a^xmuf8n~6C~jhNbtrV=nk9j~1Pc?6`qC3Qcomw&d%{FZA#b>l&}cd; zL4K1spY|@bnAVJV$W8*1d3QQ~5c_~r%r{-Kz)=E76TBtQJ1ZTNnM_~(z8FApc=J1B zn)N%eCxj)Q{#WBnYydJ2m8R%uS#YnAfVc8KTS`0SXs;Y6)&r}hXV6B%7&*eOwGas% zJv*CL<2s2vphGWO8#2#H!p=(j+6d|V!dCik?yA?{&zH4&^Y(TVq)1n+)aDm=A;W2oVP1NJ>zvmn?Me5H%0;nTmM}y1ed*54mCY+Jc4rA6Hc-C%L07#SCgH zrd^*X2G8B_`qN@o+3bNlgW734(6&V8J7H)*Ly0sh1DJL`DaVSvC0S-N5*HQANy}dB z%8&M}aBAC19n2cbTC*Inn1s*Be)-l~aYIF3xU3UvSu)R!X2`oK^Nf6~WxV=G??$QI z@Ow%oX}UD?{Q%9vgI1AK*lJD0Bq1$;(PvXgo?ZiBb}~70bFch4!I*G8FAM^Qpv0sQ z;?9+4fw;$X0)Ud=4H%dU%Y4AU`JI=Rlbf(={jGe$BT#Y|)x8Qv!^R1+je%b2%*O|| zK$;7j6o!Q+B&Q(`O&f`*BS)NR1d5+17qn{evH%^WW5qin|K(SB#=^~Rwi&I znss$Mx|*WLQ}<|{Tk@D*0(WnoIwqexq~lQ?JHDnDsg1&oFW52o)sRUdoE{w%R*FN? z_^oZ&ATF*|6+gA7un(=jpJ+_x@LDN~+>T}^sL!elHxn7DUA&|RR)CPVz3b)uPsNsx zgz%p%7TJY2n&G@%eg~;(Vm*0u(dkEUWib{l?(fd28q02!_}35YLo@Z!M^({LIkK=y zeTw`U?^IRuqg2>J+k}i3XgjnzkdaT3(XE1TT4l6rTI)^4x}5k}mOoO^1)&QHj`qDUprE4H<^U#bbx>wv}gLjNnus~$;T@-e&B?P=y;~7@nMJH zX(}<$aFME}IbmAp%KAA_;yP~G+-n@OZe$o_bs1qw)%P`o(rK#!L8i{_ghEI?^^x%6 zzy9FzrQDT*HUxdksn8jLvBIQ!-}|K(q!P_F%*_UO791j5_-qlz#(l-e>;A!b7fg0gTLT-y2<;+9o$v&C$!#1Bf9d8l2$ z6?9D_T)h#UAAl=4oV)t@5Im|y*JAP;BAh}{G1|xK9S8c4R2(ka@RBZu%k85W+=l$; za?5xe{pAl5BW42DMXY}C-mis$n6Wa2u*TO#C(}|m7b;IC6iVf6{E1|s{~`er0j`Mn)lO-<9&i^ynjAl1P7)USeqM}RZ!_wd z3vV+F%YAmUH1g?Y>+KNxgR2v(Y~ymH_Du=I@1rPFYx_He2&-(kye@yrb&IsUK!WX zFkEeyvgLlz9oA?HR9dodSPOK`myt?9xYwn`gQW-B%a8uSNKpgp!cWf%K)`S~`>)h- z5ly}KG8JA2&W%<{=)cHsC^ldoN&~7k( zOt!%URF-63a<%dMFV?L#F18N@Ao?HYYRlQ=s(ab>5+Q{m4$ugzwV~8a zzB7{LPMxVT(vhV$_zQg0(!>>O`nO@8>e#20c|Nf>Gio+;Vgeoj{=8DKWf0D;XF$LZ z)zp}f(XiUIpWojy04nW~_tcgt+euHXe70$#FwezN$7r?8x^zn~tj6-togr=`!C}nE zZ484P!ezSjEuYoVz9j&klI!(3L_CoTItjZbhzu07o@(Djg{uHkw7=couuZZ?kaN*P zk!Z@(PZrKByh%rn%9*yQWvawl`O0N_%-yfK73Y|1>>JQ1XJYi{2x zXx_Gvmco?Q3Q7^Li~tM(qRJkzal265*s&5_58f)ki#m*I6Xw3jdDRZjl5wAWRy(dd zgbkH{UU{(M&`7muZ>2A_60tMQlju()oJw9rFF%kOwwAUiVgXU%4q&m~SEzoyNdLj_ zQR*Vp^IgJrBRu>hMKJs;K%Bk*kpYfc$1bwkXmzV`H<6`zhqVr41HRTk32k+W?y_3| z(&&|8AUQM`yX((1mA2#rzJXLcCv5I0S{U(Gmdr3J&Pa%qafX5A8OLScCra4!RqZVQ znRgq*!~SMchBDOy#sLJC(Cp)PGz}}}#oweVXwu1pD&Szxlk)F~*Q`2fl%n1xi#MXe zC~pVpO?WCJY<%-Fd9Xi>6=yiz$e&YsNh;8-jH-Et&00#wgP|EihOd`8Ha2V{LCgwP zK@(GxbTeV)2$Iy8xSP~!o)F5qmshc7@xcHz+sCyPYUyVC8{z*Bl-`4y!o~jykjDLa z#Q!Hy+QCuJ+ECBlke-I=|0!VF-pSh0%*x2X#@g7-gvQ*##=89IP(e=a&!5S^qZ87P zv=pNg(|=X!6iTWN56i%Q{ohQqCkYI?t^Is`3-}ku|34FkmX;IR5UC4F%TvbACN3du zXlk+W@E3C)ihRO@{?H0aR5=Q$5H7X!k@~#?ij*up;b1T;gIgYgHM#yPHP26e;ooMh zzZ3ptYJYU;;BKepu85uAeb$_MJlouBuvRB8FW>Jt<&eQ27y14P^|XVT<$yC= zH`;ia*5nKjBt0g9nC=z4?bazr`yBUo7af`9Es==yp%#?UR{OjQIFB6bA%Ein%ltaz zcO%H(a2v8Kp7wo2Iv=EISd=c?JDEySPD0U3ul2LiQ|q)MfUL#dXuWGeF|Y+__ewc= z#X4@t@lNQRsD{+G%0w$Z?@^iD(W}cOU$teT~a zR$N$gdP=eAofJ2-YU-9?f{Bz+caUF>b;$WiQ{XItvDjiffa?q&2eai=Ztd$e`+4)L z*&N84pl5yD&I8mYJ7gW={%N*_8@c%}XO6z<8gT{M^~UKex9L6cM&J<5Mbi%^6FkBy z4opr5g~c{%)G;s_hRpEJRL&cI50% zneS|>H~1|hHF+Q=`wI+9e?avKkSD%GEUkv&HB51wdme-S!D!xD zoEY@n7FV)@cHm78aKag>={TpV`@oFo1t+ZQS6m&t=o>;3=AKtXQ(9WQU|5fhx`PI9 zo|t7hJFoVT7@j4PS3EI4KR{P3^njX>g>+&(^Xx4z17DFE+hTr-HBX!mmPwZ#0E(Bau(Z zg0DfPZ)9a3?JA!zZ6Ekqh85Lc>RiP$tMUrqlk#lX{VedVN}w`BP26*{_h#I^_6dMi z^_mT0H5E6W&LsZJupDbtxxY{gQP4`<;6eT;bkoJ9beS2*ie9}98g!LNQZCR%?OakW zIH^~NQq3quoTx=_k*Dx5icKJq!)86HOa*@e8=CpnM72F27{AG+o?(h0K<71j9|#5g zGBCwA$mOnnQ#?~rz+pl|)2T{MU`lH9CM(8oUCX0fO_Xi## z1r-t*xDD7w^eLPS+hgmm>ek=_^eB<3rXiC}z{VZ?58Z}f z^B^dxh>BbL@^UlcV1sIW_cQf-@9F?LNbFhB!+u`)B#`k2T0w>@zC*VdIzd!nN=L~Jx$dvR+&_z-Hr`){{U4XZq{)W+> zhbn-32wi769U5bi3u9~cl!O;AGqMx`R8b7rJh}g=;=cD9u^bO6g(hkua&X;XSGIq3 zdi}f>YZTZxhX0{t?_HAJrY8+%6LRo0TCl>d-H}2vTo!SYD*yY_#B^NFcBm zExp6`A_be3L-%^^-Qu66dC=1Kg=m#Rs-+gPueSG=Zu?15bG8k(G&wW9Ht8@snLjWY zf;}vdHLwpQ83v#<+PpDD7e|e_BA(N(a7?MSMim-<)8ClD*nb5YFqOhgqkxsh5=8ll@QS2O#>8-?FM=Cf)qo66_RmcMm{Ql8?n`LSME}SIE38d6 zp=E&?W^zYr)HdTtc(B?2MK5pS6AQ{W_t37ayy}#b^UKro{nPVdoLwPZl^;iiE1K~3 zxVU9xG%&mL#M(P(Mdl{hnO|_QPQLuBNw&w zEd8I2`Ad?B=1+n@=cGX;7q6V2b{N&L_cwr4@_mm-49#$R+=wxcpg_dE})m zycb$zpKg=rd=F_&e=7sCnopCScY!&l%67#6+IzK&P$6m1dH zZ*{fBa+Ae<@G1gyP ziBLT&lXs0Y`y6}Xq4vOibn3CN_z8{>p4M1!#9vqhQqJ$!-Cb7ygJ1a2LFKN4#9i&- zuERLtCjQVN=B}gQ&M^iO#v*#SK$CYYI9o6NV2RF6;O5@s`t?3AUP@4Jj5!!a%7Zw0 zop6MZcx1m6>3>pc{64Sz@I~eBgWTC2y0y*K*{-J2 zuG!m>EbL?D!ZS;`Gdxv#>38MtkUPf{c;q z9#OKTuWVzo>#ufAm9O(4i%{yKTH2hsu&!h40vYC$R{@!|LLAnVR{}?AUXJRdCrr_E zOmWX~PU-#@n$?w8oPBb7eTs!Rx9nguJ0J1zpyJ+EhmZR5-s>KgwJAIem}OLYfZaXQ z3#E=M^#l8}~FVI(1>`4pNC$~*R)b%;A@?P=jX5_>$Be{@iK>}+{s z|9S^GzovcErF_(-dDQ*=sH?Z&^KYR$@vK{FaXbCIo2ujsNa4Fu;hS3F+e+d4&puCw z`dN3_S-1M)cF1}6stQr~SdhItFY%}zMEjav! zY)0;zM(g9Ba|nW@{mBTR>hb3F$mHKH)T3?wYEIkxln;0pulb}}@zx`aKpaKzKkyK^ z3lONoA>rqD46F7Dsx_sUCKHr*^GXH0#sF5y)S7TGy)j_Bk%G6;f;X}HuUWvabl29e zblvfZsL&u&Uf)ulkYG7M`?o7_@B>J~x`m#z3*Ko9J?PFwfOz6GmM^=$)H*`fs*x|p zE7V{yHghePGNsQigk+j-$TUQEGkwMS3NPb@&@1|X{Hv0QBEi634ovjK+p=|Kym+t4 z)rkEIqXDIV)y|C0-`RC*4v>;PgN!H)`1uvSufDp@f$aA?8Ym>|%3tS@x9C;c}Z`f8Mz)(!NLh_F$hf(E@af%F@Jm=a)u zP!5ld` ztM+c9M<@FlfH`^U8cdNknBqc<%o=ne3us}bKZ8_>{fyI|4eyr3yf-ef+8Xi z&1Ql_|6CG13RTP}V_1rkCO8jrxZpVd+;+eT5vDsfW*by+RbXy5Ksz5ar<< z3&0e^1gC`U$Lc3^ntnR6Mq+Kldgr%JQlMxH(yf2PRArx)wF9#;vnq56I+u%(}3u-~=J~L;m+QTdp5UCtTB?v)-Z08l+FKUR0NktxXtR??DWf z+eHP;sE`$tyOT1>fiT8FbfU7%M;3&XaIojE<3_E`0r;zT=ghkp=za=J!E@y#a05rR>n8 zteA$zsp}JvSCcx=FfFCPKUoyOA;dg@0uKYQ%GRVqIzNN9M*wPmPNWBP$@KBYkp-=$ z_c^t0my1W|)E+gO zPw|o_Hm#0Nh0Gm8f5`Cp&O1&ZHI79QikwI}6r`}Ock|#7aZjP5QG4aHb|{c=FQKB* zd+D=wFp;EgKv9I~W>KV2duy|H)R1tGp`uZGZ-2hZRa~KJjoELFIc&|QwLzz|VVl^p zi%IVguZm;k3#cPcrShlD0)#^rx%-zAv-P565c;EV16kn$U%Ll1g>!U7OT%>qljXKJ z99FH!Nh3MVcZ8efUrZ#Z^;&B57s5#Ick19k<&(ypgsFeA)ZuClk8xkH*jFrz?CC6u zTLiLw0x` zkU?V6<8CN~y!u(rVQi?ni9`P#sry=%_aZ0X_EczZbUkBX1#W**b6CO47QPR=5t@QvYEkf~!}U zIQ1OrDD5#?<#B85af=2`=L}BUguA`_f@Qj}X}l$+pH4BT93_wS+2BmQDI#EmN`Ym8pJtQ~lyiYL%=;hG_o z3Ml7qk=e#2PHU?hyY$xAV7s-`S!(;KfGze0dFLa+IZxh#^lNf1T|o>Z(l_z=>S`k0 z?Zf*=y{zhLdM~e(%k$!uWm&f_e2Ff6n$Yqc=^R^B9VVFajemHb{-2*oFYh?F&o1_H z{pa?2bdTip*J#sRKSNTUwWEyGarEN|+ z{!|$l^rRMyQ*gdVnl8&Djfn<8>oMNk_z|7M|^rl0zJ zH6&mcc)&Qz^scP5q0l{lJwY$@IvDWw1}L$Cdv(Ui=vqbx{>{0;Mddj;G3@;tLDRuMV@cpCP2kgh z9D>eon)z1`*4@3Ks>gFVKpe-!@@GavEY6NEf+&V6933wbxGw`MjCtp%0cRUL8N z4|(<>t2m5>@1~2~RTq@N6?m=Z-AHyY0SBASodVYyRfiiE7Hy1Psimo!E|Yi1O3+;b z**Bf*@n^nFW&!HudW#e&s|>s*C4!a-&W|4})r4`LAUoK_mKkn@+LAeEIB>zpM4?Jh zD(~~OO*09CT;4*LpL3itO=&fjqn?lk2;6^}fq-gq^`awr9zgLR_YP<67$AA>LGd8< z7H91!B6%J`@u2jo$kr%>W_$Qg3*Q8hzX*Wpy8F`#-z5DA(<1HqlV@K~n+9~&eGc$y ze!*--%~tBQrI)7IcYW33ReVp~5=ji5CwNg8K~;qd;}-+gSc7JqVe6U!>yiO$*|1Hz zuuUH1_Fd%m&)?1v5*P6CD|iCu?z8d@RRnm{wI6E^kUxR}NA@NPvg;9aJA8*z_9hdu z>lt)AVh2L@CIHg=0hBjS>DfBCy3n8f$RXa zAqjEz!E+UG-hAlp4BfhfA+bjDT34V{r6OB1{Yv8?Uyj!%Qd zbL-S)YX%!UMJ&u7#6F8*OVUn<6H-r{8QfBMN&FBX+Dyo~yQluZIoxN-3Y|H0m`>=$ zX^rcG+DoH#P2q=sS!5lS0m0l0P%6-&=_13KYF6sMk#&<;Y;TR4E8F7wgVO25%1Q~{ zPVH_YqNXE`vLc>OE7sc9RY6FSAlf&`-M~b zhWBe_{)zYNV*ZCwo*#}6ehSyzKZO-Wjz;%ygTWI}Ul72lN$yS{NaOc;D8bo^ch7zN zhfT@U51^KE{&)Fu`3Hdln%dX$9_(jK2=>>sUC#L!mh4yc_*eDxS2pCAPr_#mZ-CSO z3yIoKfB6Ne8qa>9jNG4d-EZGa=vH&JO(Yxk~c=dLlQ z43g33!3&QMe%s6&ofkJKSKWbsU^sEO!>^Q)U46Px9+N9#n^QwLSa9=;H<{m&WU|AzWssjE-N@iM#i~Hm;RC+V!e@u7U;i$5dy#$u9~jY_CvW-G_pS(8 zHuNvb*CbL>c4xv>z*dv;AD{#~QSy3ni0J{+asC&WwuNG5&EX#(V_3GP7k|NH)_;9D zs?FvR;y`o~v(ccH9;*Pchmtz$Ewhp@8|2!fe z%zFavu%Yf+D&k^_G2i@03`uvWw!4(lzXF%COjV5*I*eUGskz1))xK;QdT;U)eL=dR zh%CT+7-2KzW=`Oh%(Wj1*OxQ=tgYU*GaqydFp;+e`7_0GqGCqyAgRH&V<3Ntju4MR z-oC@53z&xeA|jm?lke{fmLJKF%L5OBvlW9wVo`v^Azd>Kgwy)i)OaoOf+D)2FyEQ# zdyI}3?0AYtWC<0Ji9}s=fjJxhZDAmc6}>L($_TCwm1YIP#@79trJ9|ZD2M}uj-)l| z{B~>PAA-%T@vOEoGa{y89yRW9AdU-<+?l@$8*;fQxWHC8DjEj5D3P{scsO)~Ehz$= zWd$siM8iBddaHa*zURE*$N!@1E92t$p|x?>LUD&;ZE<&(qD2a{xI4w&DHNwbi!E-& z9g0hFS**z7x_EJ2r%#WGjXz!9PB!gG7$xsWmjjh+p&q%yP zYn$cYEBef7Qz1Z|v5{YCSN9y+qQbkcS(n`4DN3=_2Af()NtQ^C*U#r$ffLMb3xm;? zbZ)SCDQCZ&9Y#I1NOVMqY43>YZepT*7M`B_e1%jwfijz9y!<p@eupp< zQ9$;OF`mx*m=jFKb9e{M4BcedSL6>rK6(3l6@TqhT9+`zuiy;*Y(;BN@g-gh3m(PU zpwc1=6itm0B_&L5Q*SJ!J5^aPd+?I;S24X<_^J37y@7ze0gJss$c;iu<~qHB?SOm> z(m8&%?oY{-{TqcZQ2LiFz`wNo7;GYpY#eSBnk2+Ds0QVkCEPBpdgK={se^Tx*3y@> zZw9T$UMsLzcQyiV|#|b7~9TEy_c6{tD{(I0NjoFA?3)w5Z%=>^qBMu zLwd zJ^iNRDk>IYgn)Sez)S5-NJxoH4xA$XY2vzOy3LGV)wnfjyjtBkEZg(Y@f63B6fs1v zUxIq1OVjoB@z65Mj~dRo0WPi_0z`z}-k?D7Op?(_5~)cN3K=GpW2{UPePJO^fmGF- z-b4thjyw~JjSwd@awZ8VN|oX0f~pV)2BdHDxD}>+pUX8VLqw=aB(?*@GTb!=4mgx1`G5$9^I3 zs2tgFyx@0h_`i)eQEy;y``%c0QcE`hEd82SxD;w8-hGvAm7sLg5@aeu`pkD=q<8)D ziS-z%db|d&94R_=_lJnLAud>Cm1Z~nzKn-ZV{mbVI$Di7KCuS@TLCq_tTlCA1}KDL zPg@d}HorBfF!mUZ^d24O8^t) zv?@pHhQ)z^TBFf^d6>@P+VB|+-aY@46V$2?j zB^lCxWtx;xKp9X-7x7)v@yx*`>6o5BBC%-?N_un_p8Yt?Nth+zxXG?Ur+rfWGO}B` z8kLl)k&e?VIZCS|+Ed^nNXB$x2v4y{l^&slU{1V8J~M$6-@OzOG?t?}uhop~{$led zZ6WT<-_94+Cn7&1O9+-vC;py3h-+vT;|Kp4lCV~1GFO(# z+$WypFCm~W&lXUoFIS_UU|+4LrtPJah_j@$)MS#<%`VXtZOX}7!sDBLA0>3k=Um)t ztx?z|?KLnl$!vvzyzW|X|Ki8BMsiePz(@CAMcVlxTmp=a!)sr@d||9G-NYo2x8B4w zxUV+2Ekcas-@qB1tc$DW79cemByH<@%Z!KEk2F~tj*R{718r|eIAev-l4pB*ebjZV zMnii2u*d0o`iIy*OUB6sY46iNP&&qt#TIIM3u;WW62(l_+iG!CaK$O{+M3H~{?zUd zwn-G@xVD%P;V?t|Z5BuIve+|Q{dIY6&V2rd{k!s#FBW@m&ChPsKItYle~A)VNLkQT zp&CfvayGIE;pHpp^Rc%laveyUB5vp#pv(wM6BZ+AY&N?VfyPBZAxkv^+1vhSNrKyH zG#S}W&co|hsd|mBbsNbyZ#}CINXA&$zsy#l+S`Y85(jIp$brs&5`xZlfy;V5S^fzT zLMCGL8Awi&hMY2s&)&gKb`Tr^k_(&~R# z)$<{_V0in6$kQ+(;VX!R_Yh>ikfC9kiIGsnVo1<`>cv9e@}fdq-fwnc7E}=?* zAUMXDu&IKe=qbYE;`gLBh2&yN6U>8WDM3SO^3bbDMvFIS#uF@}h_c%}l{gc=3}(sP3<#^5dgB<%{u;CcfJAXOq1HR%hr@+=aUCEg&xo|d8N z6jCB`5^pewLYXFZQ-eU^rAn?&lARRIG*URa`51z$sj-(I5?3ZH%rMg!U%}mf_D@gk z1rb;9eev5jLrYS!G)GEDGAcA`JiupLgvin~=(fYy?wu1)26X)IIp5r$vQY=x)80G( zj2E{=540!mqE>^0kn#nJOpQ~Y2N8$VbxD8eL{g3=1mBCAGFKG zhfY$P{>F*$4~?;x8NIMz5*dAZQdw5CQ4{;BRy>!;UpNHr1LcgMb#HY70*)5M-0y2J z=ORYqVw4vgh`Ewo7#NtTLF>#vCA&yWe)sB;nMf0h=NfhFA(4^yQp#d4>sdjNV(|FP z5oY1!)ov3TYWgqNtd=P5wYs`*(alZ>?l>vu8K>OgoH{j@b9U`jIyNLps|%{bxM^^D zNw=c0*;PRm*z6wp1G(!0vW4UWlnJR;nGRMGTy3e`#`rjEx$ur6_%aA#ufT2Mu z$uGAz`p+Bc+YNtb?J~s<`)ly*mR%9J!g;8|S*7EoD@|Knw7r8)o_?=KN}r(83vS)E zFb38>{f(Blu)TC*i-C@DQBmeQK37PT zw|U=E4!;BR?`Q^}tKD_c*wUK$CV^6`cvFkHYp^OGae>#grDG|-!*eUoLRB(ugNH0t zjcaq^CV3NwGWd1|Gx&(7W8Ev;Y+Ty{rlF?Zz$FX;nRVDm6LT-o`Pq!m{7b-zXL(YD zO>dv@ONKs--+^(D-+}ELaMdJ@2|n^W+yE^Ho*uHyO0y^Y{P_`q9#WvhnzCQORmJGE zP#r8ADZ3!yRbo~fFm3s*?N801D(lXT(Y{2Eqn~6tphd-J8s(Lt3>21#ahy?X%bOH+ z)UV{Okye&8ETYJI?xxZF2lx)!%;AydyT~l$bGMK*;(HkyEd0;1TUx87yg)Tu@kqTo%O=`8q9l9YeylL^D__GnJelO-2jJ zYmfAWm`BI!SEWG| ztvoCPhR~53uMdvfnk6oWQ-M4KY-X>2B)uF7aXGBb9I6?yO)*PB-qFq0om#HlcR741 zG+_9RZh%ecyIIn6Q!oxxqK($1AVYNl|BXIvYrZehtg2AhF>-631rU8Lc=b_ufQ`@f zjlt;W=##>B<(>Hv1lRIlj!=pbAnvQ2Mxz~2oe{he8mgIt2zu0r51auWwn3%qp$qo_ zE8t<5agWx_9Zg$;+x8#PuCR=2SoUfM*NnL3>9R$dHiK*C$OW&+gubVYxW!p?yJVWBpzi2y{u*^T zJWJo2=aF2e_*9ppPe4Lu6sNKS6iDZj;4DrLFYp;=(D}Y$q}Kzsr%wU{Y&EX-^LnVT zoMI}h?#My<^{7)viXBeRO@ZiU@&UooWdX1;&TkBXK<{#rHm2;nZrs$hV(a~v;WtV= zh$RNU)0ggh9n2ZVT&Y}~i@MInl9mPD<;L&x!Gw9dFtnsrbBCh4$(z0jWq5vp3W!(H zfd*7Kd9c@-zn5x|^c+`Fl=d}G!dn}B;J(-qVG2ZVMtIy78maV5|4Mx_sP1N*K<%g# z(A7K*6a)0P-+9H2KY$npzoQ)gUF#rX5rTV-*C^bJJKc+WT}}PB=Hat%QNS+)ZQEPP zXzughl#SFbAlTa1$gK!p2yQ;0V-C>K=)vFdLo`UUVc^{m;*AZcg=6JBTv@8xP#CW4 zvnv5EK6Cn{=ty50&0ebj^Ownuh{N%XH5PUB03s$7_856S{?Z7K<+9Sj_#W8iw=vm9 z9wFTo^Z_T&+}ItkJ6UAxuk4PDBgjo+)a7scO%ndN^R8BB5b{c_IGAsP@T5j=M()-m z?kou)QboEb=iM{N-zo|Z<64nzM`#y*NN&*0!wS~`?Figrx`R^KbescvsjV)$Yqmm* zlW{*kdh^HCjklie%%cii`jvCu8e9Lk0nRYI>dw*|Mpdi9HKfs3i^eUA#x*piUbB@S z!q37zA^d5sOLS{|{71~|oi>KpJg_HbwCicv4(SbCJhp7a!A`VQGOnRHHN_!N!M^;D z7@y*kRtD0w>>i@+AMC<*U)4OC*F5qzKJqT!5py>@%4(Nbv=c>N+QalzAHOVIMYC%* zcA76bHhNZ-UH!$b^%s51KXImV_50IqM6K;{*c=4ciJ;MaBjVlZ@5RH2rX%6?OJ(4- zcHwMhPG4Gs=Yd8O?3h{Ho?&q{e;ZbRAM{X-{xDJhQM~PUz`XMO%1d#rNNT=1YQDt) zFD6a#wtUuxdm!QM`tqNn$B5G9r?2);sXwx-QN?6&dCDr6pAr@y#?k%|*<4#Gv_6qG z!LlKMT=%mqM&0tt#Hz#nLDHN++-+?>wWnwod zCz-w&Qw1OF11o^0`fDtPzzY0K_o!+MFq?pD8e#(5RMg_NYb8wiUuu2!yatJa+|bIDeBCsA0M}v1fM$jdKNRQNUdz_X^g)s>eAQCl+87#QCHcUsueiOl zDZVATV9q<~OO03>>eG&+cevLYlm!ndOYQ|~=!Zf=0&568ngtPd8Gnl)Y|A{0?zqHM zXrlTNIf8+cC2dPZzQ1&<4X!^I2H8*$Be|Mu;Lcs8Uwke^=e+(r^QJct8AT{gLcWBm z(ycOys#3gyicJ_TaF438bCimW>x*&_Ri(7{)GPp{Td!LiQqQ67ZMKZh4e%n8rOKNu zk6o+w3r`I+h~~uGp>18^UmZ8RXHmi1-hOgqeQI4(<)Ar4iKD;FcUrYDThLCP5@F40gY%pj#{&m%O=P4mUnrK|!U+87K4d-fU9=zcCL-FZfFVD7NS0j=e}T zk>ICn%WZqWtQEh-9)vVk4nuyCCf8|GK7um;MGbE%uDb1}uKmapO2AUC=^726cFIxLEb< zR>iKFTlOur+Tg~}ARz{;&7xsQC0F+_;Xf5 z{uzYO?r=t21hdGd*8P47Yd(FE;=}rG67lWNV$K; z0VN++bqvv$zZTxR#1ONJAhQaF__FpF|1DwG_%5Z^_iZ@%BPd!^eP3*k8+7mLX4EH} z^0Na&gpW{k;cu}?D|xG-xC$w99m}UxtO_T+ipyBYodMc=f|`Iv-A>F;ozV{do5~eV z<*W_mbEY*N=>h4C0gFyUt{_EoUsqrlY5F7LAn>LmxHGK_`#8*wiNA$oOigX0Vrh-K zxt?!JUdCSVQGjgj`!szAwfyEchHYy3)>A$?UY!zKB+Z46{Hxu9jowN^jW<76#a|;t z!tS$QIa=T;$oy8AiHK61VvICzy!@tI4&lG;?jgGtXs1NK_sPMCxO63XJjKdu>RsOV zVbtC5Kk)HDdT_Kfkw}^Cd6G-{kZkrR*pv`EZ{WSSs3D0$JTc1Drgi^?SFU1we)q*Z z6H$?^Qf#`2&ywo&rU%QeGtWy=)rEDPkK{f}-xgxOi1{piNK$Kvet9~Ri7x8McJYg# zLG5iARd&UmGgIzBroGS7Qo(>*nbb%xzoXW)nYdKZ05JUQasn>!ZaF@JsF?ipCRi$7 zc=6&_b2ioaGrXCz=Zu;}_1rtpu=bpZRpN#Jgi+N2&Tr*{#G2}ktaKIMZ2S?8mbH(*$t zLZT`XWK<-YJYOzdU};lPXGa*P%^AnT%`EGW^m##(u`}837A|MjgCIX{4xDN3D#FFjcqweO9CgtoX00j)jG4uR99tB# zq|y#CjV~=Oud7O6os8O|p^Dm7#u_uQrwlFZtuE}mE)&{4voDCA;ab?`lqF;&%B6m$ z>->mi^x6+RCHpBMTG-06rT-$EaIGV`m43U_4&G35ginEX;qkdAz0SgWpSZ(lE}Jax zlPjEPEH>|8mI{y-bPIAR6-Uop`!&d!%1y8~znBd3B3?$VJ2%UxK%2wn3X-3|Z$)C* zl4dlhma_*XGM9{2z407BR|zcw!-Cvav(YhNxSu~P);*!fK2&+QC}Hv&w)oM1lNB+S9aud*Gnqwe6N=;ZEla=22sw(ZuFXBUl)+>*P z^VPr7MaN1b>-9_VKVbRXM4DA*7C)4~eB5>y2Tx%0e~8h{rIJ`7fu3poB;M20bw&j< z1s_npN@`ca0Or9|$MW=aiO=4YhwnG@JUL*@h+x{;&fLtJT>8wsDfcbG2%5;OL?{RP zFn29i>Jt$zwyc%yiXqNv+Pg>bgoi+NmnSIQ+Fy39)lTov7%Kq^!1eXyN}6l)h~93w zQ;@7(3q&HFOHMi8DaaTEq6W!;aTV!y=#zflFjK!ANZ&@3c+zAI_{{NAoFO$T{{E?G z!%R?alUYtz;f`%$J~Ma2%uc><07cU|TUYmVe*fo9Zh91TdPr2fifrG%@Gd-xy68Ml z5?IraXaNLx%V`PQh+p2s7o*sQC2V`oL&c=D+}aYhPx4HmxDSI z>c5#xl_V37X<2-i%)_vNGy6VWCVoc70fg7!oGwG%#~>63rH};B`*Oy~HzdW1ZWzGs zNfCmtBW2>t&?8j|Oc^J6F;DS>gRj2rx>XXq@c*Tf*MJ+M$U`_{hAx{o&1(EYlnptu zannBxC`~HEoy7KAn#puCo0<*X8NXr}{GM6n`sRd1PcG`Mz{OBcZWUMwIrJ_MIE@&C@+Efv9RoaPZT)=}r+!<{z_5`Hv_N&n>sugVWe9V#=A@Ma6^2z7*-b5HDCywH0n_5ZjSrJIX zQ+?^APY2wz2bWR4nih3>&Sc59ol{oZ)>}Hdk9@_KJVoeM$0ktUGx}^mYmwT|K$$*J ztMtGWMK2KJty&0*y9B!R=lG@(!4I}uK4-@HUoXO!Hs7i#*fSpuP=&fyOtp~Vuf zia#7gzSAz*Mt=)FZ29@_C?ahbw+>kK_IA8rTkkLevK!Gjb7#T`Tet5aA{Kx1LL4*} zAh3A#dsO*>L-T)QROzKF=|*n!g>OkWu+O`w`~g`3v!TQspv4n^GwW8FR z;keIEvDd7yQPw4Rd`nNwt=PY)6)p2UC{-!nNLv$`H3<=(_Y%&`vRt4n0{)X zb=4fVo1n(SQDoxX+kY_qLOy+iqC2Xd5G>uYP|bWm5-F{?aS|yVGn*S{nj6RTd1;aL z^xi>sEq@`ZOTNLIRJ^o;gL(#vEM9usd-lg1u-k3&4Vaht3txcb&_W+ArDw~XA>V-P zwpeu{T56C(9rheSq&UkN%_PY;DE;&n)S;RoI?#E~_D!BwKf`E-n|fv!CoKHS@qqW; z`?2^0>KUxCG(YWlJU#{eQv9C$g%=O3!-Z!*!|l$?d>-X_pWVxIAVL%-!VfQ)dj^X~gz5VB35_%TF+M--)9_6xM?8vgO?=W~17iNn92QvDq3Tb2|rQc;GWhFOrh-0T>)=>y3i^IIp zw8QgK7FO{i@yGQxd{*(BW0YG!KXf>zTVME3#-*;%#qYf(Dr%D9Zhtj;QAv0H17o^X zKXpZW^x|_v{uUv-HGs3YkaD+=XaW+Y8pb|4%sRHtju*o*9rPgs;dwfcP1fll)R75P zM?cxAU&Aw7F?QD8Z{JqsZ(ovJw+^w7v~|aBXN7*)?X6Kp;di8|AF=qni6L6)5*p*Q z<|99}m*ojeGwqSN0jqjn#g~zkRuwpZCoJ{Wf7M`1p;Ka5MW&-y#0ux=S%DD*n5wD~ zbA4oB@UNQFhv@(`=d@0fzQ@i!Y>;pnzW&If_22Rg4fXvDz&FnLqOl4hEi_E~ds(FI zc(SDTx-9eEy2pi<^9BwEHBsUYxX1soxo$$&$?y$y-8x*v+mZY}!Vc%?Y zex$~L?8s*i<`~N-+s6IwI_<-q*HcBhcA0_U!!P!v=DKQwp60s0g^hpZQh-uoWE{g^ zoPJyicC}izI}Z?18_SgaZw{tvwrw>&!MhW{4V&vofJqpCG82FP7A$;2MK#7>h(OwL z=tI~9NI2RFjr{d+8$jR40A5CGv7F$owC-6ab3b(k3r&>V)BPYOceTp>^Q8Q_Gk}qX zHw~QG*H6qyHPKJpGP!Mi@8YxDO(_sOiO6TdusMbvGY_Z#j`@Nc9-N6hj)Wa+g%Ebo z?~HD`nYI?N`qEyE;G~21UHq+bHDjv%f##G5!90AckvKv5Y_CTw-XiZEAQr$FBq96a zdZMIFzakr5w^~k|pdiRw%_sHsp1!-opsQrRiDRPJs0e}1SdX8YarHWSu80S{I58nG zT_-|pjP1k7=H4*(Zx-h)Xjbi6vsyRKLrUM$%P+?x1>GpcN{v2{Ob~VIv~thSj>n0xDtWh&Z)ZYGa`iQXhggS& z7lvE7mWzveHc{WpMSyTCAXFs)EJLQk9CCGD7kkpz|2mc79gWVgQMa?<^GBYzCTnSU z38i0O|B1xF4_JsLcJEXatyX)GO*bb_dI26wD%r~uBu;sIxl5M?g6QiL8TfIfvH>%6 zOIhV{Y+^-wbdD%veTDlc<9*-%Mcb~7^7Po^$2Pr4NJZ>-!BY=w?q*HmjvkHe(0~Jdx(p^G{#fXU!qS?T@)VzU6Ba zI1S-zoR2k(?iZ6xqx4+6|HMA;9UsHHvnn;=c%Mdt5OMAVAN-mJjRJ6ee<9UKuIYkL zeHP@`yjC^e#Vf95VOYumz6TN*XW~4)OSI(tTr)8{dkP5$m&fWnFTWkqmNixI7L9BS z`u)WRYV0zq-|w=<>?)#Ccr#LnM(hm}Hp|k+%i=Gb9$#=|>-Y~2j2#}U7%$KI8Ttn! zYMnL(30ifQ4%oGWD1%#2r9~a@w+X#r-=9=h3-PD8_Te;6*50`P<90tGgIfuI+!hVDt4_pd4brPjEVTX}ob#Va!h$pWUNl?2XZdb=^#OmV( zZ8+?!{t3tPy^iQ~Kx0S6p7GPt|}0++^EI(=%zv zYrl#<-X$*2B^*$Y274MsHnoknZA*(@HBf%6->&Awx)ZhBId$q?x+x-DvT&vGG!cyR zcX&kY?`TAd^RJR}7N`e=(Vdt`U-uEK&T0 z{0S}cJUgQ2S4Ie1licG)JlWJg4WsPFIiuiC6!d#j*8=5Km> zuNS;XGJYxI*7~!X5v(p2toc99BaxqIhlkpu&BX?$@C;sM9%Jx%Qy;_h_c*;*ce=yg z0hq)!1Rkb(-cga>=EqiY;yMQFFkA8DPCw@bCg&>BuWQzTR~lXSLZYLec7bsk?RrFD z6zCvns1REsXcc0pKX-^hAqo(ws{LBknWf2SS+KJ;(euGfTYj7-`eE*vYua>Gc-3Ip zWR!7ukI&TI*jtRb2hs7IQhalEbx*z8>93yRy*FB+25>uA99)-CRv2R zo7qW4Mqn;$3Xj2Ug2QO^9&%nBSUVxj<{>)T5W6e-|ywWYL%Nk`k1FIO74W<{%QVXDrL?Gdk5eCe{w_@&0jhcOmyK+faJd zSN2*dd!;`}to=vVC!s}upP!tB?eeY}MNx~t)|4c&DK(a$@73K1?fozV9d?`Yg@;Ve zq(t(u4K{Uu3eefeWh4xlq}FVOA&_EXjW0|uNC-BaWi4fzzDdGB2pmuQkxnBf&ig*~ zsr?U9OT3LGRTK(Qq7@YV2#L2l$xc$`!scpJq;Wojfk_LScL;kg&0C7a5{h1!o;J`4 zuw_1QpNEC~L^m8B`V)pAlj1E0Jeylm+44x!7BM!F|9i?x5am`I1f?-CxcdBzmiie< zojW?3k8jDvt)^fJokR;xUosgTB}fER19{Otjf%9uzt?>a9UCR!`WcB32PokJrO9g& zl)l~sWVjrn`S8wWZOtsHhCcn`D|SG?Eq0(y`kaQ&EBVWjBBdkETMKVlz|eDcRAktu zd>}oIiBN<)Ug*{GsK^KP6GA7;tb{B>MuzE;u!~U<6y6fG;OcrlzGx+Gvf6@})!fnt=Wd6(1V;5=&(8QTn*pRMHY_#7SDY34!Vu5x5SX~Ypg_s9oIGK#h6NeNZ!$jCoLfr<`d#l z0jJe(#x1Tl3~Ke!uzP}|A9o69R7sz14Z2moC44qfQ5<|q;7hK_PfyGr4zZSofG5I% zZQa9bjThDklu+2q;`n%`>T};?EU5p8;`@&x>0nKyK>iNV1`+uy+o-a&^tXv{BDY0i zOb6Y38)?j3?6>v{>gH1@EkGhI8htJ1IBR!oyfdc%TCO?v+32w8gkbhKCwQ<-8VJxMg%PFm|uPHHLtdh^1=j<05#zFPM`=gSMWG6Pd8VUY;_c+^VI`u z2t!4`$+!X&5Ekit)j1_a*eu3;YPjc*3=0$WjPa)6%^s$hg~+q%>`Hb`FS2-=HEJ{TEX@TF5b^bDQ z@babPXrZZ9s*>yxaB;YvMt+ge(i+egvW8C4BDN*X#P&7GpkYrvh? zLwDUXHx0~(C!G2&P!zhC`AF}`U_KzeO=IM;A#Juk=u!T0oZT%E^vL0q#KAuxmLoe&;^gG0%g%#Sz z`YA+Ui|t>C^4tI`-~1P`ya=u>!b87KCf1D8d+AIm-oP1_2HX2mO#oQc$@F;!R(G>c zY-;Y%vo8&ptV<}Z(Un&>yZfEaTrv&uGPnn?L+7ts?Z7uUNViz?gI~OGr#6kdd8*D- zX{0V$&!aN;j9a*#&J@K6By}i-`u~*Sl)e3?#$G6zjP`XhTLyf(^ zzx<3fLCeC4NU>oSq-*E6jVquiYgj?LHes3sKUH?bqG#|PXS(HcfGqu5q0$5n^%qww zY`*@H9xg+^Uq3c2kRdN)a}(by-}=FNq=;GxX?E+~ILr6w7~VspeVymS-_KuRY(z7^ z8ANA{xuJ98GLb2fC%ML;i8;w~b`Nu|GVa+W!1P=!6Y3GrBIwVJ;+RG5(M>@&6V1n= zF(ool1~4a97hTe@no1RtgFCd%mEbUE1sanAv`KBJ7jot%dMmFdQA~P;$svC}+p>FL zp1z*6<2C7}ym@!=IfG;4nGh$};-8zgmf_8=LK1=WLJlCrk(|CA*FPq{L@_ZBLymml z=|SMX%VCW9g=n}7YRFb0K{tUX=m!`tejSz$<-d7MD2mX`D&Z+Wow$Y*&5B{1b7~~l zb79W9cp1!Z-&pVkcjob<(Ua>Y3P_OaZpcwjh2eX`A*Z?rjWG^(y|5(cyE*U$rkbwN z>0)G&Wfe%Gv3kCK2G(Op+T+Oqz5D74Uv7n8d5;r)v)Y)kNKH|i?iH3Y3|xDg0IO<=%p$#l|mGF5R~=tU%Dsn3p}I zofppi(OX0=~;ozo+kVaP&X+$M8=8Fe}wWn-I5Z%?ep}M*b&%25Mq`! znv>k%(I42~TkW0c$gm^a0ZR{c>i#6zJcbJKMm3i+AR!sVBlQPT4skfh~h*t(TEmOc}% z8}^FGlvavhaDiXL$rZ(AHqDqtoR?JZXvt^??<1@ukX*GaI!a*dAbomEw#~_&x({S&s^D)0SG+}qLN4BAB>%IR&EIM*RsF;hg|T2wn0eqB zYt6^1ll!wh^Nld#z`Kdhl&{B5gb|YjuGNb0OlfcH7JrRDeS@!GeH?`QXc?#y^jX)4 zKmaUXQ4L^rpUxi1vzO(<;Ef1UPn@XOK|S56@1F5FVt94k19pV9p@ti}u4H36C;=u@ zx&|e_upt5G64o7EQ0ea{*`R-|eoNPdzI9|KO6OsZhyUE>rvxEi=abX%Yc>%gN#^2V zT(@*^eA+j%K_t8d@)0-DaB91NW}JIEiBU#VudF*dxc?>0%Mv^%Nd<5?b_9-|yU0B< zTDL&al1?-ZgO<*sMVT19bR(oS@}B-EuH$I9Ut>l{0^k0Da5io{!(;3S>VkXGaLkuU z^+~*n^t@>S_(8Gk%38LYn9IAGcR&KfKm`LEtIu33_q4p^K_ki?XhF}v^CNZy&|zzc zN@72(h*gwPF@tP0;DW_QA)T@sP?V9E)~}`bQIl8kH)1=xWTp(z526@t-lUc)e#A)a zcPdi0Y$$MJDWupEnR^&hVuP~s0k?5HBTc#KtLMB&8{wDl-a`D&65a0&jBozXhf4H`RFKYN#Qq+BvuYRBv z$pSdq;TX<@V0!!5)Q}+UkYFx^oXR@DH6!k-qd9XT27uB0U4>tji;;a04gY>WcEtLU z{UBrU<2~S^^UXT=yS9F+ycWJb7qBw=IWWW*WI8CQingPOg0tQ~&VR;TjVwF@-YyED zLN;|=o0t``v&IB?%Kii|U@olx(Uh?rv{!Hz6LuZvUZ(Cj6u+4DYcz$|;}qZB{&6eJ zJYb-yl7HK{EmA3ApS)s;~p+NOAee~fE`O@6UKpa z(ME;(kzrFJ`Y_BrE0E$V;JqIpWLAIH9KW(-D36W}`_88Lc2?0=Ql&q5zALZyg#!)N zi?*DB;2(oD-7ka{Gk2&N0D|)U2G&3@UM0B^hzF9d#*IzuG0OTg#>|*8WfQO2{m8#B50d_ELu z0>FlpssZ4~m)SE%Akl#*m{Vq5iVL`d%K+RVVgNSmhd2s0o9h{a4XG09*wuz1IyWwS zK+D`}m4f_l#nbC_s$c3Py?h6 zU2fR}D*>HD<%3t3f7MDExsis&4G+NTB~a{%j3Ki8EHvvO8Y7+Lw5vV1keI|KoEGJ>s^v>j|5 z6CEI+4HE0B8UO`h2X5dFfFY*z9sL7%cH_w#-0_Cl>YV?R;|9pzt_9?;1YE*at-^z^ znoyyK!U!%`Zxsc7zq4Cy>NS7IRMOl!{PZ{pYEQ4wmHtqUGYl#7WVEWPGyu;QLtH(9 z6f-m1hl@ZSZ)L%TnXFb!|9Fw$4sH&sO?NzwRz6uv?QlUD;}GO}Le#Tv>re-fm3O%k z^#FGajY8ZwH_Pky^AbQu^2~L1cK=tyRnIl7omqGM9pqmHRP@=-Kdzje8yKKp+XG=w zpbnr^EVFLz4};Y+8wvJImFp~Wy?U6+S#{#y<-h$`!^gw_YB<110}L<&c2$kQP=C8* zDm#>;HS?cpiu|FCF9}8ZG9*7SQI&@jv(oj7JFzai#`Ox(5?u7(z(PGI2+QpPIna#KSaAcOfEBOQAOz?o0Uunh>O8;! zUD4M*D)ccN3>jAneQaCK5npqf0BHAt ztiM6ApO<{38JVrrbm9K(Ub8mXp02z;o5qMqFH`EEcXWuz&xH=a5jZ=?}(?*0^)D|Qttk1a;+bJX0t~{b+earf0 z9lLLCg6XI`u#nSBGqiKOhJp{E;^)2Q2th2#?0x3qADBaw~qD7`8jKk_foyICSr%Lr1r-I0)s03XFfjm|BsJ< zF-9X^t{I@K*65V84V)Sj{cyr}XEJB|P#yPhf@9(WfNI%2-q7nIT}L(}-MXT!y(RA{@BHm; zEY1%Ya~bWT*I)hOZ}VSa(v!3c{V7`I;^yQ7zfR)^0r>D1ees56VLo?(IdJg(V@$RE zH|EY)z)k*r8s#=FckEe2smAN!k8j?iNV9-lLHA#Tz)C4)0!}rXpo1hJy> zld*x4vw?~uRo1t>Z#zu_{h}Xt6&}4t&IcAZ;yvrd8*9Zo=wq^@#aD;|{RSSpfZC51 z34ErZ$XyNimORvGYhyfm8Qn@pyXI4;KK}YM)cFp!+43n_{A6C;Ey-U6r1*GaXh0yI zcqu-4W_8ugz8mUt1{|b=N*#sUXie=mE_U<%^8<~Tm%QJ}YZ#o4@H?olSeIr_Vmt&j zyWpz(x>Vz&yLcG&BZ&OrO}-rhK=NyMrStqlDru@s7GasMGKRuz+ z-Wik!>Xbi)Ry_S~d~8y#cv8`})vM|=6gOeAKzv7y%ks`wCE8#35G? zOE)-;cTV*!1bPq6R+q%4mnjST;t<=lhM+C>8lQaKSdD5jplEDY<^4d>sv!GL8lP0$ zH4BX|n}%)Qf@1@$`tPxro+uoyWmA}2Pv_Myd|@rwDjrrAzH_1?`O>3xHfc#JVraiv zXVd&nLU%%``%uMgsEsMtLiNvrGseWc)cg`g#Gb2H_TM6hE#j;0suKT%LRMtz`y#&_ zpd+txxBPw9EG{X?&b~O}jbGb=^Y)+?cRv@mMJwgJ8e`D=68%E}-%i{0tDRgz7plq_ zP((4(R-1_Sm$dVG9s}_22RZPjFU-ESMzYb%El*L+l@QI^d= zj&>4`UJYN#nfsbGwxchs#M*lr)KGpEfMgx9E-KAmarJ1jHafjn9GUmfKVoj~siRa2 ze%HeW$vP;iZhu=Z#HLGKy=j#T;MIxu?8)rcQ!; z=6nm-+F;xkc#d--mU_>2x=eR^)N|VR{afd0a?F{hymra=&IWxyb_y%HU!(l@Orov?4M-pse2l6Yt9$Cl+PC=fa1;73)Hpo4UXDL%i~a| z_Zf()8r%psSnX71`nnxWR#3ll0TGzoBF0qI2WM=ck?5ttQ?5A3fq#NrrV3a^OqYq{ zT&-9JaVYmj!#kYp4HpjmcRMB;j`b0?J>!GVCJ4+33ZBqg@@xC+e|4ye(Jf}p{0??~ zFMN?Iq*VQcaaY(89BMo`AV@Zx5JGX!i~D1I{gDaPSm3uL%F_Q(^%h`lH9_0((^90x zN@;PYEe^%q3lxGwi$igT;za_bSaA>T1b27ZVgZVK0;GlD1PKzHFMXc({lD+OuAG_O z%dC*1i{`?r>$;*G4A85*P1_Dfg@lC6yo(FNgHMm~<@-t&`*#K?wv;3DN}pyl<| z_}z+L3b`0ZXCB|1{kJQzNI=fzLDPZt_@9F&vauYs0)@oQ@w|h=cjd|5d)CgQ*)Stj zN3G4K&~EE-%>P-Cg<&48V#6BEZoJlToPzq++|zHEZ;gNWb{Q!|4Qutzt-UDfYHlO} znQx^8Qp3o_T>FmAOD*yHCn-3&ylOm-FPi zilIA9$WEV#r+E!-;1}=3#BJY)AvFOHxXc)0>8DUW`eb5DIrZUcInW=dGj-PX;u$*H zCpquy2*jfca{0EF)MpGmedhP4dkQBnn>Z}mD2_sNhLJ)oJRWxk!SBXhqLWC!cg&A- zsPQu8ozks#HlGl19fB#G>5p({gAg)R_d8^z1Ww3bq1|EQ1mE-uJh0~4eFg^4yK@FY zRQ%3;=v+GQ^XJEfKYehtrJZZ^F_H)jh}XfH_c=!{bQku_6!1e)de;YEkUf)Zlh}k@ z-jC8g6Pw}g5nt6FmI5UG+{)8c%+3+o`0Rvf!0IyHmtb$*Om6V`(ZZw~ZdF9(%h4Tt ze=0FabGUZtgXJ7stPFi97Jx7(*$!^sR9oOdhrEtDe<32`K0mn>k4fO$!GTS+2?v+q z>byt}PtZ&csl8dEM>RjS3OvnY$4?ApCDs6G501M@iR1L1e>U!W8;Fbp6PL}p3UmHw zUjI&!-PpBLy8>v)6qnY?VfG#XRu_aetL_ei;oDtOxAn8MfKRIfV@F-4<3wV$QR92~ zuOv{i(+lKrebb>e`c&Jq1=Gvp`c!KIh0~iRbxox+O!#Lea#!c>(CHo_Elyf?@C5W8 zdi%t-N=FvVt2-)EN}am8bK!{gHi!`IF7y0nhx%||5e)j`QO-Y18J3?j98xDRmho*e zdunVdJl#W%4EiSCsVwxFMSCMwntI`Mi>ZF*gI85226EmNDF=mOwqm6^<*CtN{v408 zrgY9sr14wuCRV*?ZezNNxlH%-+(Mqx>AsI}?Jc=2s%ak$0Oy#8O9>F)-*QKr?N$*y zFiz`H5IN`!wRgI7eFe9qG#m-DJogn zin_aiE#S65>GX4UAo8?m+SYT<*<-MS@jD-hqT2^iSkAF7)j#W^mD!r}TDnwu5#SDk zA1$nAdTRc&Q*rs7v#Q3jrtH)1WG|sqItG~ZFR?V0EgdeS#!bx~&z~r@ zd2C&%3^Zt@U?~4jr+g@{9wk0QlmclPxrIxgzNG@L6o{_QgiKIGM9&gFFfTdg@ zwT_cea*T`wlqENz{dnuE@rJ}xzty$|Q@n0FV}m_89_qUQ;nNB?YaoSRj>=F1(n#J_ zbBAOa4Yb2b%~v8;=?z;geAdN_1(udS)Z8&_VC3*;PQ4=8?b=6|3q;llKvw$~DCe}3 zZW&Wicz~Jx__9;sx#`!}r0gpy&7QyRVpJeudZH$c(xubybpeO_Jmt^9hB!7sgg*Bk z10F>NwcTW>IvIZ5wr?CYT1zGQa7Y5SZJ-~=89)o- z!q>W!`;k?*(l%UTCn6z?a`QahkERO58Rb%QqjZcOHMl*9jmZU$${5!;gpDq7x%oa* z9?wTg0o^Y1q}r-9V2p-=3Q5FvOBMXwrTbq;#a^`0Kp*nzz9^U@P78cITJoEaSh;ds z`Uk2uP&zn(#Mg=Ba@WAH#^ID2a-IAFACjyV)f$3WU@|^f5}9QjHBj=eSFdZ;GD)an zQ|!hiK>_V9#V;IA_j~OrS6-yWdiR0t1!4Z-=7QI!h>L=P=MmK-;z`vQ2+P= ztpvx-Gnu)kX{D`w)-fR48I)qu{lihtEtvKx0c;ee@#B0ObK4aBF1Ti@u~#T=;?=K( zXBAHi40QtVIGL@XQKL_q&s)M3N&A#AZ}N15AKowelO9z>UEc?dt3F(Md`-rX_~lVj zLe8USs(1|MW_#HhaDfn@({?_leFEKMb19Chxc|d3~Qrpx`HHEiNO6l=){0hn&(;xqfXdX}y%0OD_)Y3?govrc}tW=V?w@--h% zO!IS!bgy>Ly}W@W&VO*Rk+R9H_NY8)AM2R*wvg?|)koAuuEv(m{R{>EX84unZ6WSE zT8C@y%e1lZu{AnRz9JXp3%NI~Sm-Kopu1lo1AiVAnAuIYVVAFZPya>ZVq3`I;F<&x za&QAEl-xJJUW{GBjZ-f;g zLA@!u5XWR<0+dj6_ZU2n8nauwSheXuXLoP-+DE6K6HN2k5}lJZB1P`~4Zqh^uN*p? zX~En;pPUUuFVd>m9SvhM)T#%6C4FGlNjuBq-oP>4VW#W$&eC%|@ji+Zi6)#{S)1H@Cw7iL)&*OeGH&JT~NjO<(BwuZ=RqF}T zGx=~FV=yK!K&!d_yRP1|`2e;to$sZuAbGbH}9eZC1rqk>G z+H43f{Lo4O6Di)HSe#}`wGH5pFbYS~p+*m93At)UpJt7_m7a5=;hj3I+ymEhw>P;C zZC`Ss3yJ`#$5P>~PkXy0iA`kudwz4TaH7)=*x@~2IOeQx(Ew2-_r})NeJef${>}Sr z79o2-zK9no6=blf6F&}b>~G2Q>rlAwEUeaMSV z_#ynH`i&pA033fu`;MCbpx10E0h~3|Y+msy+W2zOvS1AKw8&|7ck| zbYbpkuXLq^!;H^!8(Sr|{9^4_#eZFY<9Ki0l;hwVtvi2@q`A&3F|i*+tyh zoy$M^;^bpf>-jO+Oe4_LuIPj7XT*7;QoCQb`@kjNRT}ytY+=%+b#sDh71n~O3jMae z^pmHFWGmM0q<<#*hZ4@sx8uX^#ebpPjJJ5q?WEuGnwm za3lW%i{6hL^9|RZ9U8BG3o5lvH2dQHTu6>&RMKJX|rf($rEdGlG#dv6n;}8Buw9s1mn= zC{I;Y(~YjhQTto-t6#}>=C2qhSX+f&U1;#~x>QRyiL{=pOlt5(x;T4%I$X4h?;wa* z^Kzue9*Y}0DmzQ9U!vPEp%fplmVD~zxc@TVF^I`KbEvuZg?Qys^TY}3A#5?s1v&qF zvLK9(i$r>MXX+V$1gN7KD_D=9`jaCJ%ZH%a(=jzzftN#~<~*@LucLV@1as)jV3B0r zw`wm(@VnL@McBPmhKEyM%?MZa=kF+=Kl2Gu!dDzxVJ!)FL|O((VtIcP1(n!-C;C$- zfXO^zX%_1Z>eu)NV`Jya%Ow_$=HN0j{u$bqH6S)xYCFWWCN|nCX>Pd8Wzo4Y<6)h) zXld_Pv;PdOpP9?i8iiZ!S!)_oTekKXQ+V9vI2*i^(P-3VW$(ASPtw~eAn9@b&4*KM zA{+KL86)z@5|KwL1W9_hki+#ixHNKTeL629HfBz?i5Qtx;jT$rLo19A%e%L0ZQqA% zJ6-0|8d5AU{N&8bwe(jg-Z)YA9z?$21!+vQi7Pa0Q0M5=`IJ&9I|Jk4mJ+M4UUxQU ztkLnptH;REQQEB^NPT)2H|J~O{ADC$kyLhB>vYfa+M09Rh@)4@+nd7M%%aO(kU!dn z25w!DB^bm)#h{GR*3zzqxI zH0(aJaPR0H{?jN__7U|*2R{W-rW%Y-D^1DNKqY!9>lVv0Ix`$2j%y?U49j9VwfLKb z70yqeM!9PTINM`tyxJt-6YMSwcu8cKX{sefBH8wP|M_Si{M)r^Op5^gdr4bue;~l< zF}!t+7Jwgq=$|OMID4*eBY41~WnmA*3W^~ebORXW%uB5fU93*`;2luFSJV0XXT=nh z`f;iDxVVJh@JjWIINJxyzwYZ~K1P{6 z%&LMvpBWb&j4T=q+5l#JLVX999_iiZeB*h8^QzECed)y2@3#}bbPjxbz5>$NO0906@s!T$1bj<6! zUJ(Fmp>_eePR#(rh|n>`_~$y;{+}j7sbe@)#|{tsik`Xf`4Kh(+J-5FesP<3x(&bS z3`GvMnb%}oz1=5T&j;^Z!>b4Lb^S|L&7GPBfcKrFnCP6|9!eE4jS0H0M@ZRqS=wLS zq017*mS-{Ff5G6!u*d8EfEjdeY3x^$nyC}W8?${F~cq;gxMQX+P#2OMxS~Tu@RANmt1J@subr--1Ax+j%4~b`Fc{M>^)=_Yx zgZ+=-Xi_O5Do$s!{*lm$n03&+a2@v_0JGSPAgJZ#O+4=qrYH4?{&5|Y1zbB10v}6L zN?OaE$4+Hee4{uVGQP z?1DL$i9ltaRl~?|E6zSL$C_1GPJCeMi&o@{RT#K=uZ^!DZQ0Vkm#7S|%{*ZUz1^94 z#*E0Hs>$eJt?#XBZdzj2drg#b&4oNk@QMs6o}kd-ko6}@bOXJf%$48Z0@>tuz4V=( zrhDt#XNAz$p-ytsS;G^Zn?4T{cxeN<=BmaI$Uvz9U=QJ}l)&=x+w?pAH44$8=^DIC zwKXt`1k(XU5=BgNo0`bw?@~mx2ID8r@dICB zPb9P&LBHr`TP33npeI^^KiW~|0Dt}`TPhnER|(aaOsg*0*)vH!hw=g(zwPA+0CMY^ zLfo(lZWEy`bgl!hUygyy{AWE{ZdR+o-xpYhRLSYYxb1UkKHBpZBo_=ALa!HXH%6ZW zuAg651^7mS)sS!a?R&arr^&qZ@tiBbuU?senq*>Yqv(h?*=xxQaXxb!!^Pl+AJw$#?js?f7PftG z@hBpmPOvXy@i8~@?KGb#WcCJHggt6agP9heHhpYYZ47{03L7#ua^_75>*_*|K^kW# z_@>;YMm_m~1s3huwwHbbx4h-rWQK;i%XtND=eDbwM)2I=PZF{q(-N1*AZ|{14pEb-*hreB$Ej8wyqN}Dx ze26y|f*36uDxz>MFWzdV8FFp#%=Z*`8($TNVy zbP?aBje)a0y{+*B=U62ZmqhAiL)IqhWvJOh?_m=CwRh&f8uB|Lm3TW z07O4F!K?%2{ zU+!NbZryXh)ldAfp*DbPamC9JckyO1X=#a4DOT6UfQ9gDZ0VPW^#QG65m6Bc`DCP! zzrNI;`Bjxb{Xn55(@46spd6>#xACKm$;kTa(9;ZytJ6iG9F9i4ULlM10^7ODY4N`J zfTEIVu0S~x5qPqDcxP}ZeO(}ChGbM}s2bArfqksw% z5Wd!PXB5Bt*z;>TpLg>{?E&zuA%whp7MK#)8|KZ?oD&FCqGFpE>9!H;Elcc~JoimO zXWz^{Ul5~DKxIqp&UcjDC}L(6dtje7m342q_ZZP=^a^xls0Zqxp4AK?{aZI5!=>bET3=+_2Fy zv^d2QWx%o7Z`b=&FdT2)dYOF;pr^ATlLwym$CxY!eO=Sfi;zjW#wOgKbn16S0fW=Ic;a}- zG9{DMobKl7^>VD#SxuuY&Dw#2&9bIn`WqV7o^nlc zH#F7uwU%Zlg>Y3H^;b_mD}{0N;kt){cT)dgiTZVztVXyO8X4uF3OxN%(DlX#TB}1S zm3Y)0(*h<>?wh0Jn+M5~7`c9XaLjrb(*>(Ws);h^wOA+)J?am5o!8n#!kd%d&9{Qt znx(m_w(6x!Y$(S|^d^)_qHg5w`j{tbi?hwQE>j7bn)VX578)ACD`677AankGiQdFS z7o;8=9P;?XFWadgX$U2MRSxsjA#R52r5IQu`-a%S>Jq1fCiH{DWyeR(TUJL-=Qo4X z@hJ9q)cA&NWD-9TkYJWUI7Vg(K z?frY{rzVT-BLDk}8UFnY_BnD;3;ne$_|C?@_eY>+dC>T$>VP1XW33er6KKYBvlq7Z zu0$9VITa(#j`OC~?vBzWO?v1pC_lqH$t1^#FAQh8HQkChm3<(M+Qc8bt?lQMEN{DW z9pN5wv;OVpcsu!0O#yzPo|<`EP;{#1S@p)uUzV&SDb5bh;O6?MuQWF>dlQ&C>#Wc6 z!p1%#`C&fcry+s2wlCJ_nZmt3?C>MSHOVoDJfnemvV9$8iV^=($gQ}|E={hQ$wRh?K z1)&zLEllruwcmJ4Evuo40Ia8wLU0ka!x5zw398jI9;?$A{5f5?_Cc0f5>|7j*&NVf zvRB{$HZl@-DuddAukE%$=57v^mAUc@a@2n>*ky`L*`dnCJrTib60X%d_&wk%A%4Z0PV^Z=vZIUY>lXQCxMPXW@;II zbM~F4vs7oUc56{Gry@7Q6788O#y51ZBjB}Mboz(gsmA2$(~F(?16mcgc`-M zX23f=QqF3<spYcg@R1p@|O7M&c4q#a96}w>NK0f#M5+ffTiY z4Nanyio1_CvTPl&DUk(Xh^1~(Ew9l=e~-dlTYE2Nzadp^awBLp^ObybW7DxbCjX%v z)ME86$j$)dO){;fB?By}0rFU&gdBxxK+<){6lV+dY{Ff2| z9N(EHbQrII4zI4ZL%oA~RxDH5{r;uH)nRg@xvsUH?;XB^cf49vHpW{$%0IlARi_N5 zG;}ol=umn!D1Yr2jI7kc#%`%qeE)p0=f!Su-+8rWp12cy!(rLF< zZc-ps-UQ^B%YWbE3RW?(zOK=&6khD%nA;?5aZMHT3_%)! zMJ=l?*YjoJFlYGtU6{WU{Qbz5Da@x?%)b`dX^6dId+m@qaobY+!K)p9K3A?G5#Y7! zPYgFayOe^pe#pVd=gVv9>wtSH7pX|2TB-ZLblmSksLT}&>meN3l7;!iie2X;I~B1d zt*&d{s}V2tILdbO**{pWL)8g%u*tXXkfXZY*0VNAsw=(62) zjgCK+Gu)>6t_}&SYN2ld8tEcWT3n-{S6#?X)0O)u45bYiIA6)nTx|dfm({`>fJX0s zz*<}@D?Y={oplmRo!~;Lo+IZgWrfmpK;ep0Vkfv7`>j08Cpq(?012y6%xeL{-XGY* zTIJPlAm>QUOZugr9QGXmtW_uWZu)$sO1l@My3);TsmEycN3AoQYj*=fxdjiDV6A|$ z%c=8~ig8qLsQH!4d)bjs*WQ&_!7Z+>VpMk5=ViAmPH;M}vMgk$n)ANxwTn*cX(O<; z5+d7j=$(przIUYnweAF`t#~Yl!Z`Lv1&jGnJl$4xW<(PdHCEr)dPJHMZ=R5Fpndi>u{Tflts{7Prf zS4ySWnt|xbF~OF@z~)lSkL)@bj!tkXL9bY(zf5fB$hlun=_=jx=d_xM)Xwk+sZCSok~Kf~oZ;*2 zHLK^61vt(PK#j6lwU$HW7oHf4+F>TP*F@~SV=agIyY)-wlHh=r#hy~#G_ICI`&Tus zK#j^tOl|(%stAqyv?YQ+{l3{PqGh#rJiX4iFUEbs!>@jyezGg$8CNlF6Bf{&I`A;{ zw=3%(*44l;+2~@0+bZ`U(`t5{7EW-x!ou6phOrBq@je3=8MDKUjxM>2Z?taE%Jrse zY|*BTvsGx{#1hrkNlWTh`-opvYmZ`%?Wki{f~m_AR7@k%qmK)4YJ--t@pOhA)Xp!g zeu&(nW+8VFMR#3WO9b=tYv14qymh^kXUO{_k=}$rf6A?Cuj(FYkjVPzuV%1SQnjoa zjk&Fi>x{OU;stX0yJpW{2JJ<*^45`+w!9oFSn~sK0gSx;t?q2Ko0}GyZ?=YJ^-gKk zIa``Acl&L-OK*ad#C3lcmvgmNc^H{4q)XqM$d`IG4^IqV-rtMI*>>)TNO2By-UgHh zXtjFyBgO7nMkUSIU8`46ag%%zATn_qBOvI0mvrGoSV>1g zk-D{1G$FEdRPgYj^S~iV#d?-UP(WK8{Ke^u!-2fsD*vCJP?ECJXVexG^kxexQL$C9 z_z>=q^~f3So(KK`qDO1?<7ql#tZ7%)P;inB&V_sh!G9%hUHOu z761#B^u&+J1{M8zY0x~M$+>bFbc&#pL4il@H3N6 zHTP7Eizy{Pw35ovDdulyUp6Jc_p*v16tZr@JjZSA01mtq2t*io=N4|cA|G7 zp1c3Ji?kd52iKtSWB=wUR*OL%SVwns4qzHAx6U9sJ53%6;`8>27Z{}$U z^Dh~QLVDyId~>0nG@#m zqfb?ys*sF49U)*(|M*U zdHwjh2Y;wS9Z7_kW|^Jj+K9~gf0Bjnk+{e#M%5AiQ4Gy`+QNK+pBsk-RL~e9`S|4< zuDk+OhQemT45Ym{#4~AhIMs^wGUT(>=kz1tbm&au69TrN?)DG!_>9eI7>83!qKx1+UEr>_{~r7C=!?nk zDG1KdE#&%pucB1w$+As$tpy$VPRuBmoF-&Ym6x!Ri$(@7ctDXz<==aJUD>sFCRv{D)$W{lKa1-lQaMlHOD zNyB-1_;UFi`VP}d36PT3Rg|A)YHXlqs+}43!u&{^k`?t)Z^M?EhKS=so15FygHj*q zZd^N2nb8M^L{skHK=MsA;0;zTC413v3Aj}*%Z{Y-p|YRGjC&?%rYT_j0?v15;5RYt z4>F~1LY(wSLvXKY(1btF*qOgAP>1dzojnV{_*^D-kBeT#fZiA~*+&+?N&?v#7TQOa zyov<9G)%HnE`5~)@-$Q|+87#+w7c}>OItPe^Vk_HZT+_T%nz{5RnVHbI(J%A>Lb~` zx3i*p=CY%Lag3ev-??E7%IFGU3N7-OBXSeOnS>jdi zG?Mu&2nPNoRxaJ-5z=VL3FS>hXwmg>ean;Cb=8h>i_GK(%-261g6oX=>Lf&zw?C*n>qsS{j@EYgx)-ZP ztA}k{z7(=6lcND*kB@o6ExWfuVH`W}&+xhVhTSsPIJO0t%WL-4q;=~tZ*|cfI^=a& z7u`*bn#+gYfN4d?f)N)L-C5v2)5riwf@kzLg zABdU-Z(E*5bQHi>Aii27wQ>!*CO1Wl(vaR#Nm6$ioAs(I#!I(BL6Nz$>&4cDiQp#b zu(yq=n-%u zQPgxD`0h5_=0*1XB9mQ%3T!%Z=yIJ~oA878w^thxJ&vnvq2s-oujrBvi#93^R0IL# zHf)&D=EVvG|2ybBfBV&RyEd$-V?K>5Lj0{WPTlLjJorzRe@O`QPatDX2o=@KL@c*^ z<8KBpL@b@RTnTQ;{oxc>t|vXbo-0ze;sN8{7a(L^PP?F#khoN9+;XIqeCt zb_Wr>f#^EJL0SiCTY(ibgY9hnjay}lzQpqmm*V6fOS+H0C+3JlP;6-Oe*JZHjNi< z1>2m?0=U*>#K*h9rldNYS+2HQxXf=NrS>sL+?iKAD`Dq7v8o6tVYk4v_I+&cAV^wXL{SeKD*%l(8$KLo2Mo!8^xTg7HV`SR&>*P*tzYa&`VW`;y(4INvyM zJ)db=QDw+(CL}}J5djV9o=ISYdqcSKHEy~xSoWr`p zP#@~?m$?tHT}k4D{ogWowNAkpOvAd;P%CRXM}fyYpL(~2>XHLTzTSMJczCHbg4@3s z%(#~S={xEa-B*}-f^M)I(#XPPKDeH6tw|&t_mkSbi;##f^ShmVt2{xsTewTa=Mm*_mtfr@ z5>;WknQj^Xl6ri1vW=4%vkYajWOYpYlwBD1hGCFygcM2^ zrG;`sv7rnmH3YP!R4>a4UiYcIB(cw{y9;VSxvR6*^O_*UV9ko8P8R7UiY(ZoR zQAP+14yVGN+QvEkbFxwN@xfZeH^Y=?O!K2#KVpB`@~iw{Rk))7qa=^WE?>1Nozoy# z4isGi*8+W;=}a2vB-mSbL5Wi#lYH9o$c5sAW?}F_vk!(RH(2E7U1Zw#T0;*r&N*kE zfORg*wq+^oRTkzob}0X7h`xKpw516?*(qc{UDT;OT`a;J2T;Ef;og=Rlb+~6C-TlD ze7Vpr{zIC4TyP8-Ge3maibymvTXFp5R+4%{in08Bq7lRy!Hp6^(Ye!KvR@KX?)T-s zN*?BPC%}|b9)Gov;6H3TOo~uK2qWN-ymx(R-~^JtT}z$WHff+Z*;u)T5uH?<1Wz!5 z)sI^dWXOv_EdDnTv>45Q!+;3_>doat-eH_}AHt z>%#(kAvE%TH&z*lfN5D526Q4%Lg_E<8v*|$EC?%Kt}3PpG!5xh%zMMm2%^7;eZy}e z_qQi*{#O0PG?XA(oQyfqBmoA&9ab718ZL$CVZa+9IuX|x`1FuGNX>&T(*|Nn`N8Dj zzs;~o#Kg~vtv$PnQ7_36BIb@|py9&UnmCaZF-#8mw+~MXCs=+VcrE@fgzy*^mc+mK zj2lw^tHOm4a>w;0ZjTSh4u}c}mQd_b$z^~u!C%2yG!o$n(h1Uuicet~F$}l~T2=(2 z;r}}nl@FL)nbAq;gu^6T2+v<^@0in(%2&xhtdtr!mXi176%(-D;Toul4QsoL8pzkY zTuAUj;56heKUDlJc{GP*as1k(u~8(6jKeQ_{bSHErO4X={MS(heU<}wT7)*yVxPXY zk!3S_e?95P`pAeJ?Wg{j`kC1Hl~^pq;*O{xZW%!LS|c&MfD+?`rSO{g5O>=4I8b*A zak7$~sKQc0riugL(FW(VEZKBmI*P>iZRmuk!lgWvaA10vlh0^JglHs8WvINUD@_7y zN`hrWEmiw1Wr^f>=#qM#ZGY|NYzWWz5^f;h7R5F{nt(!5?{atf2AD@8>T!L&yIjb? zlbeO*lD+rnFt2kQO}Mznc<+56byU=@6aWv|ps->-Bv@pg=w0DwlBx|7r{#Zwy6CF% zuHxbntrIz+X%b;{g;W+96JL&Z0e>fU^&w43@NMZsZtPdtAajkfq+#h&n`LYeBmv zB7m7M)*u6Z^mUMY?2IZM$;vo40eF2H~ZM1K96zfw4XhszaKOzO>COLp$4 zI6Ku4R~2zvgH2d>Z{2Tdc)*1Iad-7qad8MtU$TMcOK?7ppY^d<`1Uy$25EXc-YQpz z6~&J#=^gs2lgAN2XT?Wc7`%((JikJ3vtl?68-{5Xm3TP60LS0`Yv;T$thw&q#)_6} z58^lI`bF|jQg_p`!a+#4i@D{S1$o1`grSc?AI(YE;6P>4Zu;p!oO4oq1-ymf1iiPn zPA`65MMyBemHiBHnUdnqUd8)-n7xv>%KBO9*J!b17KlcF4gbm0AT65*$gn1H^ZUR+ zF0MVh@(61SSu6{wtROKnge43dY!Cw6quQ&>`%tEWJR>UfsOs{OzXpgZXzhYvMp|nf78OhUh7`C z!70v^s0d!|Zh|Wu?0w%Wy#3e8ujIdxfDo9+ z;9L-WOFmy3-7|Q^-Kij>F2bc%m(31&AWx%S=Njlt4#E}{$Bft&6PIbs>$D<^NbD=! z<78KJ;Eyhm*)ylP!PdS#+Z{$PrqwvM9Q_cCkT`^h_c5@nv2~S4F1JE5QdU_hqx39l1C4L(AXmp5FV~VK*NhX^7 z^G7F(_1A)A{O=qr3t#C~P2sWavbkblk^pZN(#4=%d#HlXIQ&2?@93b7T$Ql&)mM<} zh(QYeZ|6)y8Gx2gP7BE01g+N(w-NrH#aA5+>aKe$WefZ)Ga^Nj)XXS0Hs zG0549QP}i%uhsr|b)#LaDZ5bN)FSKeN6u_3eCC-f05koLU?0V$8^}b5fDA{xQmB7- zJKJD!`PIZeS;m)VqYtC+)Y9cYeb`o9OEN;|>z|nwM26mr ztS1m!F)zK1!rN4}N%}7tO%d_yB|gNkA=pV^{nVDG;Y-ykYKS7AM3Ngsu_5v~*7hs@ z;fD>0PJCQg87vrONovJy>7of4#T0MxF`LzdW-F|vcS4CwQOCoo|5F)LErc@fuiC#F zTI73X9ER=U)pTCk9Mx_{TK|86AglFb0_vXii@KwGDE5 z!*$&BKhPg-%KU|1WUo=2!-;VfrX+!e#s7t!;Rg9zgGu4ZdP2s3&@3qaOWHwo>{dP$cC475h*f3OJkP%~6o4_{L>a~H)d=g!z%;O7rDoT_QG{0hMo4v4^5qwE3Qx=l)DZ1`C1vt0d;li?YvD!!tL&@um9Fq5o5 zBVprnD`cX!g|RT66J(p`vRQlzWFjkN3155UN3;5KXnofAp?Vg}pA=s{^>pIC9h7c% z;k&+a6hU@T+oRGU{$rOw0rj}}A8g0DJaNJCqxjL75@`(%{catdgj>ChDgBsqiR+`Zh~1!J@ar?OqjxCh-+u~xzNWFj zapM5X#CO7|eZDoV+MA&xmSuO{it&>iR<*nf@*nbUwZX>)hrwnIrvtR=!NRYAI4;{o zqd*^s@JFUS54EyQLZBcndS>}Knwdi7I$buC@{gSZQizVH zOZ~6*Hw`#Ws?Cn>FHemZ98Gudm7BW;_m&s@4=%FST5_1jOWLyjNQ$2d`E(K2*Q(d-ezvnmkhL+xFHk_EOvT@>M$?8x_% zPYv>)7kwJ}^&Luq?JF>^g;fc|yehd~j!OTJ1w(uvd!){8e!mzwvF}6H`uSIKxsOzM zDJx4DOTK8U4(!^0v(JA%qs4>e=t5AGOB0-+Q zG|`5IlF*C_u;f8p=0C@e>15z}1ZI765WN2nSl?+G*Y`2&fVO4c-Ke5w)RT3+gtQQC zT`FR^nup*rA-Zr(XzG7{evaD6f38OrFKddeQV;!1gQC)ms*GV_G$T~ea+JVsCrYuX z4sI>Apk;OQJ~Mz&%dpk(2V(j1vks80zd`KDvbns8lUaSDQa|?j0V+2Cxp+((!{H+m=qgU!IxnFMtSltwlimBD!CtvQ{FF7?b=L$qHuy9Af(Vr-Q}tqy*smIcBl?)xYQKOnk2mn^4IAr#?O-oM z5RpoDaQ}UO+Lz~Mluu9#`TgbZ%pmtzD#t!Wl88f0-Ee6HJ%%YVAn0W=>MA$>BIrvt$7-;I&J77l)$JLI^OyzF_?8s0w1x#~9I%IY^baL$ebZo=c#$WU%OMq! z&C(N!xxythZio@SYetaEwZnvy0d&GvbdXFg&$yf^!`)-w;HN$EM@`JYA{lxJb|Ed| z;UC;3#)k~zZ=WI*m>!{+NS?H7dVV!#?U3Pqw!%OjNtY0S}U9d5eHe*`Up9Fw{7=n-Y znR^B#)R4DFf>n$YJf)Am>`@%gnov2*}Ay-58e*jTHuD`P& zSBp82YeXL88j%lqg;)T2g(!f0xmX1Ga!~~N3b7dS6=EsmmEtnUD@6(9D@7UPD@6t5 zRiYB|Dp3u2wO9dpwYUQE8gV7$HDWd7tHf21uM)M8uNG?|UoF-{t`*lnt`!?0*NIJ# z>%?ZrYsK}D*NUx>*NGb;uM^uLuNONZuNSvK-XLy;yg}@Ne2usr@-?CX^0nel$k&Ry zA#W7-Lf$Cuhg>fnfLt&3L*67Fg1kvQ0{J@eYslA$1CTe1Cm?SY2O)0}Pea}!4ne+N zJO}xD(Fpkl@jT=k#8Jpw#fy-)ikBg86TgMLO&o`Oqxc=<8^vpoZxXLVzDc|ZdAs-n z$f-oiaO3>vVJHhdOufa&ec`F0yNA z*Zp1J?i$%Gv0HYx!QDr6ujszIdwusmc0beohwklrcI|m-&lx=ndOp7Fn3T-mFx z*O0KZus6a!4SS%^Z~DycTiADCzl?r===VXt-$c9;@lHhCMVS{(yXeS8uV3`RMbZ6- z_0R5qZ~rIyztq2TWZ%fakv_HhzY%2qPyd%>--&!3PaOJRqIdn9@6Sfw*;oI%{&jlO zb`$?y;s6iZi;=hS-#C^Yw%Q3v5`)p(>{|#Q%EZ+Ejt>bOszk%z6dKqrpk3(9= z+cluI?XmdQX|IcKeH{a%Tc_=s)Y|rNr2d_Rr>e;aQxK*iOhcHCFaseMVJ5;XgxLsl zka{ix4v}FU4Z!*tfORtf>tz7e$pEa60eW@BdKiFpFc9lsAlAJgtam|J=Yp}m1!G+c z#(EZvbu0wyR|wXv5Uf`rSf@H*ebRr$-wEqcC#*xAu>R=3%jtymrW4kgPFP>`U+8qg zdeTXs{lxl#v!@7GAzY16i%^HK7GWKp_|_wAK)43sT7-=V^$42~u0z<2um$0Igc}gH zB5Xsr5#c6;?FjmR`C?VX-@($5m-64kJgl9IwY_&ryhJF>oPIZqsg79bcu!!|}Sd8^~Tr9)M z&YeDo#bJb#I0M?<_Z2Y&;Sz)yz9+D5z9$~@Jth9+`;qW#_mK#1w@M`9cS5_*L`A!A z#BB&qwfjz-ZugUD-+qUXgr{4X|o_{STI{6`qK`0o(+`HwOF?mxwd4(M!T2J8@10xmX|AY2^~ zZ|n>hV>}daxe*_@!}u(4m(ee1hY=lgpHYF|PlIF%lPdVG(j%x zFhMRwSkYmCydJ;zB0P-nY=<32VdxH{1mQ}AYY=WgxGnTPBe>&zMmL1WjuT`YLK?!Q z2s04!5iaYvT;753XvbCZ9sGXO@jAJv({=KSPRr%>2o0T9$zMbN4Z>TUZkBU9-z*m) zRCFF7S0mg7`5A3 z?JIeGx6fqz?w`p}gudP1lgZtc+KJ%bL#e3<#XY*K(+FQ6{MciF?9g+FD(#t}-t4){ z_!z&ldS$4E2&KIS$d7y8XMEY~KI1zC-`*K&6~cOi8+%VueqobTM}&T117u>@JoN~| zQwT3X|1*BSLlAxDsgOQSbuGeHgxmWJkdODdTqX6rTxB3k=sQ3z=zE`WP2UYl_1mC= z5PJ0+AQSrCq#i>!gz#JF@Au14pCbGf!3anDBXmQE44{R_ z8evQL2Gu@dg9=6H8?jf-Kq!t_B`?SC`iMu>M-fNVqKl5GD=vCV{m(^zQB(S_k_G*L zQ1A2)^ht@_t1gXPCFe#SQHv2)N4}+QjQl~}$8}4j7hf?ldEvtNIFUZlSyer1<&2s| zRfUz#ifU(h*=%R^(s9+*6_bjqsvJv-tFo$AmKBaH@{B&cxT?ISvatBl%JQ0u3yANT z{p8{+s@qJG;5CVzW4zZIH1m%tUg9jvt}J#`7f-32Sy6=Fwrd#w^BTa4KDxN1xVpIL z+*e}7ZDnZP8b2pWV!W79?I^LS5%~5T5KnBXFJPLQ_{-psgJDDKRHuz zDFyLja!pBzV^N6~bHY%ae5_tWzowQ&%0m zR8d}5r5(DFyxDaII{)nQl9J*=?bNyGDrwK8;_9X4MWbq*B}K)RR%{kW%~h%Da%wY* zD_1xR?b54Yv~1ZW&f>Ca9Z6qtLGylWyT22x;dH)Xlwjs}?g5b?vTLfU%S%TkBKpFr zrR6mxMY)xZ!eTuY6U??xXsZDe+GxN8F`*dUT2fOy)#0p!nlswTR&-RZgywBF*ws!v z_hd`tC^~N=C0eDJ5ziSfdueguvdNCp;;a=8Cx(`@#96)4ZlT0h)5{+B@GW$fttc<# z_2(4nMuV-zCBZVa#v_&8FP=8t(upFsrUFBjDJqu~pZ7A8ye>WG>~f^ZDXUIF%7she zpI*GYrnstF*WAj?D%4Jp+-$%#v+MY6mz4aoms)pOZH$hDWN(d^?7kLr0P2f@&AbqI zG*~Wh1y1G|JD1yIjdDekp&F@X# zs?&DmQ^k_v>V-3N$EKRK!l2NVN%daGRM$o)^}?2@)N>C;xV<(SK6U>5rJ?OKKPyf` zTC;{ob6v6br0!(i-EGzu(XG{?un@kfi-? z%a+*Xc)4MUwpzP&{k^uE$MtykpKrh7d6nmgZ~?1?XDhT_mkZc3dux+6FaBIPw7vK< zf_G0_%dlrlwmC(;T;loSUfA4c^^{7pH9R+$&EnJ` z%2Y>n;ZmE-!UB%PgN4V+(^$npIJOLaogy(>1p^nrS+Pu6vHhj@GP!M?1L6Z*J1D*bvTdDT6THWoclU}dU1?Hoc z?PDF=@MRShi5WHMv*My+GnbsIF=hHuvPg_YcUi_P-V$^&CmuP?#%*qLG*`8E11ZskB;?J(ge3Q7ZVXIkT+FvAB3jS$278g=scxYU{a6E6Xp>S)A=C zD=fw%v#Tz+NS#MTMP>O4)~c|)rmR{IM)bR*#91UJ7his94Sv({K(lP&!cmUGWw_If zbrzSv)^gyrj?rw0dC8#J$Z74jhE8jTYsj?rSVN_?!!<;_l;XYfy>@?JN|t8WJ08DNcU?XVV4Zz=SyxJ|cSc`B+WI?9&Rc=dZMK_zXtTU#+`D@q(I zy*qPPR(P?xAIw@`K;hD2z3(bA2R@p{OM!aaqZ7P)vDB|{R>2LEZVs+DbZO~zt*xEeGQB^#%(%ITEuBvoud3lLf9|y2kk6w@Ui!WVw zFH@q@i8aI96m-riuGEdgdxIu~2>v~{eB)*Zl0nXdb-mtys6BHqT%5ouIO z`J&M^ZF$XhpT5XZm{o(fY?aO{+lV;2criB(h3CqLg9-zr+U#p@xwzM&w(=+%TV9DF zzidodVdcs;Vq!;L<;~8qiI;@lQdC#2%vy|BhF;38tSt9p&cTqaY}4ngb~;M3ib|bj zu645NoD;#dZh492v0rg|^W&<}z13cQvz(RHHI9cojloeH!JIku=W$_%H zGpV?A5f&FOGkax)qsnXZ7giQmdmAiz23NIpSMy?bFUOcZx&yF-z+GXbm#BCF?XBZ@ zw?EfR&n?FG2`w_ZxT2(dW$AfhpDR|2ruE*Q`pv7CJ}p}^y{1gx&^#V)uwLXkON+~E zyrh`1tftNTw3mJ=FY;m?>nL@Ww6;%mR8}>6f-#?ICOFHmcX!o}n%)7MpGNpuz!F^_ zhOp^HZ3>G;j%(%NhSjZ@dv{CmvQ7zmj<`*go;m657IUG%#}@Z1LsrN`WqkKW%uHpg zykrj@qt`9kd2_2~J`1^I>sR}&Et%CQrffcqnmZwv&90|siWZh;n#VJ(%T(%-S@SKQ z^;pu(#G9h|u;;n`W7OuBvSymc*EW0$^HA`02NzXExs8u-_jn^d+o@-s>wO@mX0=u)ISVVx ztFR=+qEoA5ttSb~nZs=mHNXuBoncl(@H;uBFG0F}iqB&5|WLN86TFRfU~J3GQ;$&CM+)l9v>fj-ujH z2R2=9SFQu&rFv{7CNOtnElMt~9Oo>;9?rIpxdKy5cTnr>$Ko=r$EnuNoU+B`m8Bf< zj*?cf#^bR7wJWP~M{1peYsqZG?eU1>QCqCO=02=>S;%VzHprf4v!ARfS>m|D+zK{N zWTE?4#dt+GvAn#ZnMY?dmczzv_FPw5+>TMV}59r4|tNlc7rL)vy6N^N}rOujCPGvDZ zw|rS~necp9Yg!6hS!Otwl$r0-`SQnnn{JBebNw?Ol@Q*y?7A@bN@v~j^v1Tiz160v zx!Zi((cET!ZE(GHvOYDqRr51O>-SF9rwp$SFUFP+yUf@1riyvFl@gbbi`Ohg{5pvz zCu=j{O6uOLn2qSxcrmTtWtmsy#qRK8b3YrIv%=%0mpL^&4U0UL7Sp=fy9@nlz8b5y z9-n%VY~gLOt84DGZ}qL-u6f+?Tl>r#e`~wP9^QNjXYI^9UdvfqGfzuVGtG6a#fz;k z>}^jakNUTGtLIVsmL9Y2Ev?xlM0)U?=C$W%Zt-&FE5T3<4%8> zGVibWo=b!I?4Z{LYbB=0Ex#pKx=hvBp5XF}mg%jNs4lN?4Fim*Sp5hg^b3fZ3U41; zT~V=UFK;y&Xv|*fsI)insG+@g*9!OHTJV0F6Z_=qg$oy1ihFok`&hSRc50>do`VnH z`lIPGnDkwA32&&pYg>`bO@+%+Szhjzy}T5dU5W3qZkOkizRP2_w(AYD)#7dyFWX$A zm&b8f_1AYx9D^rHTqyShdPR3{AaQpuPfdx7*IStx*u2?}=KI-ZyH0Cr>4Dzdj+3-y zcqAyqmp0t~VRS#wHZ$szEmO)$R$7T$It#I5tK@WZ@A}NPV2S3?res&6<@__hlDgld zo8Q@O)ttN(i%E~uyxz_OdAt+B*`R8V$gzbc`C~pZRXM73)9W8he*L3IIMr5LEUTVg z-s)Rb_U3VVwVJPGr-}0H&cC>g*wH@Z;76zBzWtbT> z|GeOSL*-#|G*_+JY<+WZ&1aX&JsD4eco^+o_b^)D&&>oaGVt6kdHAqgxJ2$jTYud! zx1(O{E4tgltXtkLAamV#y*sV8vMD%pv6|q}3A3fY3fvhJFTQBpFFXVAU z&m1dTem*is3MIa2w!a;jZ<{@Iy@uk&U=?pA?#+6YxA*H+_GcoGh#r}F^|$@~$ZK@- zgO67iuitD~53A=>_VnTuf3&ogw6f&b*Wdgp#LU7&%{g~Ji5#!p<4$(YUJ*GhJHvitsq%8G z^IZGAWbAnd@aAswoqm<)gM{a;s`=_?eROQL_PK1XmCvQO*iOb;J5}>_gC+A_gC%=z z!CbbsFU7ozxZ)M^uV*}S@|3L?_W!57r-6;?ICI|G-d(TP%kHuc4l(4VF^y?#V`HEs zO$rXCu^R&hn-o$f#P%+Di|yU4?F4#>Zr9~>RL8Yk54EX8b)2rLQmKiYQz9i5)e+T^ zh%S|=3Q~x2mATTpwCCQXcaAP6(d&KRH#6_edpm0{wjtLaTl?P3H{X2UH{X0S^Ub_@ zZ`vJ<$f28`4{T7BNQ2y06z#{kZcWQ>AW+6J61sqn(an{n-HWIorR|{G;kNuc(R12S z;oZq7w^L|7;~3)_lrb1~WDq)P8AQ)WhG_y#mcggaJlM}~oHXpB8v|cajxzMTS?-e* zVScw(lElExgRMh24jkQn1pP7PnVj-4&RtX5b#~0bZ$zWe<7!T}aB9I6q>4|ri2wx- z;{}9(&V}(cJN8-b`dPEpgoxXNrG)gPL;&hQX*Ft#getKo5j1HKFN~oF3XA4&QQaza zKW{OE8~aQ$!#DfVvH%LgxACGah>)feL@pv#YrZ0ljFN^FZjd}^FZnu#b9iKD4?)@o zWQ{6DBlRZM)Q%n-!c#5&SHlE2?VcrL-4=}}iQ^u5@Qa8%zh8FjDA~=D=3g$?w7BI8rcW9RxxWZ;x zWlG9AhSRBxyPB;L2gAyOGQGAT!)SZBdt7({b8poUPQg4#t}WFl0Ch=J8X z_+GXS{)Zt27Jk_wz#JCXjS&AL8z%~Qx>*WR*qZgMiQ%sSejDi84A(SaJqa8V>?vkc zAcY2yqMI3&1HdyWXtKyd5CSy-?QwtuWW^4JH|(_mnTAous$D=8_D4VpN}d87fNt!f zl08XKcyI{NIN+rKhV-`)9<2Ox>|DR)91EPV&WP^Vb_IF)^fN{$kPQL-ac7Sd!%E0lTE#gi@L zc7tUeN9(G>dP<3U$ND3^t>WA<41NowBfkNe+OmUUm=EjnAX%=v-qw+vR=t+X60k@o z9%G*eXam%ID_kEThu|LeD9F;n>S4&( z0DNniQI)2yo~v|B@Md>C0HH%><6=D3{paye_zgQ#v;*A}L$E zmfHiUHSn#~TR}s<9egT%-EN!3CAa@~yDv~Z59F7xNJ;;C{aU29aK(bTta^RORSr88EHR-SPXcv~@JCEHuf&T!qz$Uh+KY*?;`~Q6bCz*+=D#ImEC! zK-JvAsI!0lQHd9K2;x{ti43{t*;Raw>K6XeMX&Mnn1lj9OAptyB)gMdtwTNyr5qaQ5#$Dx(-EUdZw;n80-7bmdNaDuEskY|?_b z+s?22KH53TB@4`M*Y{7>jDoRq$L{_wPwR@E6P;VX^Uha}KE_H+W|W$S;V*+rqzZ!} zZ&mcD5jD$97R}~-RnhD>A?AgYX!cwD_5!BmS^@D1V>v^V-{9T!Kw8e@1DsXS>|X{b z{#O|EF^?zO5$y;x8HR!6SF_Rp@~DdJ<-C_O3VV=2B)5a#cJtd_e%sG)kCF_z1h7rO zJy`+Ks%WkZ!vT}YpdSL`7>M{hk=%x=NcK5EdlV!(9#kXc&@wR!@}qF!)vPQ4TsHWT z)P4X{{>^F@Lf9Nc_tQECelQewkEivgNE22|dpF zW{+dqa~7q?DKYMV#eGOUlKll37+n2`F&N4Ix(voMxFX6R+2yY&^N=I+P}mYpNL+#9 ziEvO&AU&l;0j*>!LgdnfG?oV+Bi2V8td9`vX$S0Sl0GZt&Jwv}dE|}}{CFPxI90+4 zS0zlkjb)OMPZ07+ZQ4nOsZ;`BvDQ&qEPa44sxdm>DfH^vjjh_*xr=d&ZY?I zbPSQs2>7@M;L+^GWv)1(o*~q4JCiQBP%jYbw+Z!mUDETaxlRdlosvd6Mb-8_QEddK z0A>9iB~ChElLUL&0ehKXuR36_k}}RJ<)2oSF-=HkRoSM6Y|~PV-Vi3k1KYz+)<(7$IFGV}09cthunuvIWJr3He=Z+PhTm)6TTCG!Ypm)M;!4 zxvRD;=?W!GC|9YN@2SOnkC@N6n$@hk4bBqs46%6MCL32+#0lknQqOFj+GdIMhbrq2 ziS;#Yxvyc`1k@VJHB8j=@)7VknX8_Z z*d&$MP2`xLQnUR zoLi-wTZwyHo;uqI-kt|+$;x9w`Gy zQ>F|`=pcHgp=kCsA4Rig%0)u<4EnCGqTAvnzi~N3Peu)GhfpAF$SxJUR&;nN^NdAi zhC_0t5|S$g?NaV&Pqc?S$aE)2qtEA$)(Qtr-Xhso3_JXi41?67nkgDE4N6_kJV6zW zJ7BK>Jg8C%GWuV&F__`NFH=Lw-}9f~AD;eg70{@3yd zY+gy_hz>`GDS>V;!3~hPL6KXG5T8H@3L4R2@RF+;u?PHTAgjVQ>04pzM*y?06Glyd zW(kq(8$jnxkpqH1l9{uYBH15DvzIv=x`P1O%hBu!#CwIXUqWm6ClIrQF%SF#U_&_V zK?Z0mIG|RtQX^CYRC9L#6edQV5EvH>rCyxYbc9M7m>?J;K+1?UrPcr?e*i;N=OHh{ z(Kp1WEZ@Y5PPBt2Pv0V!_6;BaxBi~ zIu+%+K0Z}KJ;2q=73}5Ot`NCHkk=nJJgZqKx`XWM1fMTn3Gw^okRT1Ml-E4ByDR*L z45PVM%EA7roS`7NJC>(Y5->vO61_~-4;NC;{Ks&Lq{CgEP+P>b?H-Pb?~O(V3b zL@K?_p~E&sCv6pqVC1hscSO?>ER29lGVKmB?FyN8O_R9+rK19pc5A?Vqq#SE$C`VS z+xK^=j(+TA5WXaA-ZH#Shwz<>@SPH+%Yo9RpmYsT`J%&C-H9G!3Cs7I6r;x>Mvo#! zk3`w$K-s6D?2{}n?V3!TZ;Kv zNOt@sH4b!_$?-y2x^Uox^N1+S<>VV?-a6=5o}fqaAWy3$%WBCS(?X9^H&Cxkj+d+( z_(0PQNGmwuu!0kc6`Y_>@B`kv@mp>!zcnbG!ld0POsbv2q~vhY!QrIB;iO&7lL|qX zZYEt-IGJC~wCLc#aaZ$XzRo9cB|!&$minpn03So9 zQod@EQ7%c`NHJAO&p0GKqeyxtU`yl29u~4)_F>>kbcY|7F2RM%U7=!J1pCSTLN2D@ z;;L~kx@vZLE+`>hK}z%`B?_X2xG|_JFe=6}7lD{n=Mn-7G;6{h;cAY92e8^eXOo9i zzYmnabGWpB;bv+7d589&SG50pz_G9dS4GDcc!xeEOiAgnrj!nS%IV6}>X?V#k^XhB{mhqRcjaXYV9H{cDcFEZ!5aWe_027l{$g@#B$h8 z=>*O?D)+2Xxo1TufNN{C)W$o3Xoz+U~d{&xTt<%nGorYCBnh3Uw zl^}VuP$(=&<-!g&d>O+^Q`o?ghsp+`IqKVTVbZu{wlpr{Jk9C6L*wTaji2Wl$E76F zbuLT}Ui*?dcy8$|x!!Wf^_C*nTN)+ZV6(j75axm+%mr1L*iEUiiw?apEjDb)DAsgtiqhV8$oaM+=i9dLlnYzF6E+dccLJ*uWZrdFx?vS%w>6=ol zX@@-1iagT+Tabc;)NwmvXnF}7PV^^i&UTf zy_D}(Rq@$bSU$NK#hGywXGST`jN*>Z+V1$Q>WW|+PdEa-)`@SOY`&|8TRDWEk zKQ6P)I>N1xMBGzAETO4|)^3nurR~nniI#TqOWTgF`t(o5 zkdCg5+s>$jz~h-(R5&qJ7%I$&k$CzepB>7S3ME5W)ie;US1Y>7o{rBdhV7Jw;_6g; zHh(%!&mSE)?&BPCsRiGv zt?f1~v|U#}o!a7b`6ss=_|wRxz`g#a7k2&2-+$-DU-_H=Ve`W;Y}&aodxq6AR+?q( z6zqEPdf)=_J>9L%c;vkS|F2v-`LCWoJ@n_RpSt&}KmGFN^Q$g;zMpu_T=n?=Pk(*t zYl+pzPrtq;R`qYMZ24ZK`NfK#w7l`}kKb{q;TzSzY<~X5A5@<4ty}Ze$C)_rLh&2VehE>Ko_(`@ycCf1@}4&((jk{im~sKXG^T z!54m*xch@2`pX{uE{FjF8hAnJytsjDjQNMe4z8fO6)ebKD(0J}gGt!>h3^I6KL6mj zvYom{eRT+5KEwA0aFa1^Ad7JZ{8iU+v4iav$<7Im@i%&$z?G^*t|XPQGb!YJOEzHd zRtw^r)40zMi$G}nC0GoF@D)BRG;YouV+>LC!V_ zd-IO6fc-YGA9u)&0BmL9w}<^ZNred(#n*!PR&D-fcbtXox2SN_;UN~b_q7Xvy$6p2 zf}at)7%_i!8|i7l@lppSgz%kY+`=uW;A^aM=OHo17Y^iG%tVR5z>8wbJ*7Nr6nEE; zDX%QV*(b1w15{kTg|ZFsvFGsPp@=+osQkZUUS zf=2*wdMNuwsW+NE>+$+aypeqpI0KPE$UP)l&K%jMd=_a;EyTE%Ym{a3C&s{$5PQA5(;4V>+yOp-xa)EMy7;^vRwjR!q>sXlUP1- zc5KFSZ=6?&VAj_u>vJ;tYfDzX*lvrYLL58Opgi>|*+~@Pe;jls^XN=EbTS1rHpmi9 zg=Lalze0jjs4WR_V_YDBx-6w&U$9Cz<!*a4u|xVvbVrn6>}IUBe`~y${6FwUkzxHy2y_Sq`h2&9jkGqL6AOIc-@E{uO17Oh@UaIjD#!GNDY-6@}XyB9QaQ_xzw~f?KJC|HOi#oe9SCy;pCyL&O>onOQOxIvJZJ@!|0)nuYAlf0`5g_nx9s=-ge3c+5LWEGk zu?Zz)mQq+G5n&TsqZwqS_^die?J&y76l?%&bYVaRA{B`DD-1=F<*Y=YEE9W@cnr3p zvl99AJIHH#1;=nfBgruHSTF+Jf>{+rffrQpLQxkEaI9dmy+y+j#NDsN?c5M^=0-py z8NgCaMZt7KVOe$_1y_NU$q3w+GrmX5h6p`ON2?V*P%M&M#`snnxt|!d3@ZXP)cB;9 zEda`Cr`NjEYeg;8ShWBl&Yh!3?mQMrhCp&y@Td_DGA2Y|CnEU%_4 zAnH;ygJ=z9k$XR*HSnksWQ71|LWoKc#R_IMv@IZ()dQ`w2HNK`jv!)o4U@!b4HE$E zgQp`yDzhzCNU;xK<+Kk3M3OORH`t|+<1F1~x#uzZG;A+4te||Arb&6jrU`b-84(}? z{x#UlS>bBaZm>7#{haI@v=@=UM9#thbiUi+Y&q*mVx1X~`jI!9YJ@Bm z_-$njhM;u3PC#x^BLt#U0#PVpdR+n$)6<+O-C*)URdxod6L&JgzCo$d>>1d<1q-NW z(EK?7HXnjkVXgzeYeeg1PU~fgT;q{zKCXMIHQYlBW37-g{~EyVJbMo2OkBQmoXk0j zT;-9gI4F=FLbsWIqArT$AY~h9_Fcr^D$`6TL{?$ZQ%D@MNgU&^oRy-o za-|l%Tq)5bhya98>oB=fNK%E@^DRB~0bmEyK1?QfHHTN*Ew0CEhCLy)EXX7XRiYAv zY31rDdmYbSx5W%f3xXM>$Zpw;?m`w78Kii$i-<8!jG=7<1j1cyX2?l1G$%cegQ%Rs z+Il>%sP}wn9eUny*@2hcC3P(1tK;6cxO*_61}`zZRO2O#mmpruWq#*iR1UdBrzJzV zrm{Nhk}yehK#&u99vPoON@Fq#jh=F%iZS5`VV}Y)G+ewk5afhkFbH9Q_dp0gP2A3u z_*sbJFVpp!6l^)8_&K^>wS)uB5=Tw?bf_sm3TfIO5j8uL z{h7YZQO4Q~wndzTF=`%$Jal@JIc%d2^riVH5|e;&FqJV~oEjMm8qC+y*wonE*u+>F zu7I+T!OAT}1{<1Lh|ATub9;~3-S!Y;bq2fBIyB6z8(6DQ-j>RwQ{wa+=7Vx3;J(RV zw_$injZeZ*QgAFaIbe@W`U!vmY9!fRE{>ksBui?qv>oM&2dq~OdcaQgN;kg zz-3X*Q1wFwJ9ML}9viyN4C?=|!4BS_`gibJ4>r(ku${&5a`#npxh=)EKR3-edpz(~ zb{MSv`sliqq4sUN4c56hY7S+#6mKNOoT4(f@3V2KnRSiNsri(_zOZ!6=64&%43=6t ze#LkVn~V2NuJ33f=P1&AYZ!So}t?$scZu^;EBylddoR zc2?{lS?tMI4#uio3>fUOVi>tkSGt}F<>w9d@WOb^KbKrM?fLtIeFp1Z80~pxkj1)M zg%qM55i!@?vDns_&*yq3sW@*e)?N#7DsF-b_S$E#-i0#~r;^M$SuED8)7JXD3|fkx zLFF@`lYi%Bv7z{Bj$TW1&i{&a6Ez)%?&y-jyf!Vyey?jG;yNZ-1vnK~G1swnR8)(c zd#-*@@!nc7t#VFg>!Axs80_&yx6HY@K>L5pVEY%&Wp488i(fe`eDdR53mbb4*0osb z`D+?WK{emM+GDUCi>2yX$yjLLttq}T0ICDtLcN({mq~C0T4?uO>=H@K!krp73(=?? z{r5tL23Ni2k%s#1HQ47COIqzo9er7k!FDZ$P8_|-Li;R7bJq=PHkX#AvC6p?yVh@9 znzofUl-V2>F+^U^I@J1mil3=oU;A>dnn2YbFxVqY*v6dnTNXZfn0vVgYC230RzqcU zxOGWiJRVa4zDxoh9u6dyt3YoiF`Rlb;YOtM=bgYfKRd5l1y;ysmIoeaUZExg_|cgM z9%xyAy9$p&_l##3Vx#C7c@hr^U#X^7I?gApQj`3nf|paQG!!5?KAios!LnZ}d~9nY zKZp^Jt+#;nrVGE`l#gDUo8ZYR{MVb?pv+J~_m3pT$1;6G^=8+2Ka4F1!4kkABukYK`mq^4J69o#2!`10&t(TwSdWR;dGOivF5K5!WWB=y24IxK_TtbQ%gwCfE_bU4v1foEWX8Fk*LsLkX>VpwdSR6n>aH zW4CD1Jjr;q23(5#vr{V0EunTDSupp z5FH&DOvItm;=FSOG`-+`heovt1F5*aL`hi8$|N$GROVJqav3ze@r1TA#o3k^))uLM zDAnIK&buTnX<}NdNePc82F5cm1h%Dy`;uTxYc)t!Nq%T;YkW94!Vm53h>vQEI5;}o zl}Zim%_Ozl_?fNt;lm9Yq+1J~K&+LGlccHw_!wU;)XFwM<1rp+uWb?h>|`;|Sfjy+ zfJHu;#3lv379O~qSfRlx89h9%ZBGa3)KIN0i~7}OOTng<2|w?G>-DagdK;y zYnuj@A)d%+6Ek9{U!_Sbw+?96n`pusyenZ-(Flx#xXj6DPYhW$W7^h&XGm+6A`Z>g z8vFnjo61?BcYu*D1J&55Nn5F?&2^CPRtI|tT^h&-vD_4GH>Zeo2wl65_`=hqMti~WDrRohy9b7-zR^T4RD*PbVRK+n)4FuLpLMsluHU$c z388-Rb0HKIyyBs;&z}0(FNZ(*xjQ%e*Z!wnux%JN^$Odl;K6hWb~UyQ4efv-oehr; zq%w&_V|-{xCjWK~ka4T%kAMH~HDFMsRWp`#!_k(TG;sWDhu=O{!cNg=1Nh&mQh4sb z9%kL_09?1TJrL?(yVy>Mcfj>C5XQeBl>W#6aylh~9=~r9bdaR8v;C`L6)NQTFTW!?|!7GD(snZ~R)$nz;(Ae<)ae*^1B9k6HFR)FJ~ zhr`yX-`K0!FT3;83r+Fnxv3nEV`|S<$Ky)z0|Dw8Lj0&TlVr)jJ^wf#liA+~fUV0Q zU%-+JY2haXtYb6bFP{Q_fnpQnk!8ov0%*>g)#g>Xo8r?3rgAKhnRomkmO)o`JQ%2- zY70N2fOh6rWO5xz1%EA2+9vol)185&b%2lc#t)T34ns=Gbq67-n$t;@e^gQ<)GB_V z0iL7a5vCwDerW(Xp~lmIi&{Ix21&2^FcYL4U~3E1B;sepmorpr{RFi=n-{lgv@f)y z3|N>wo*p4R>=HcDsxgPu{{9b8O9KQH z0000809ZHpPDlcx`O$efy8x#?j#K2i*Ta$Ur0ktCb(Q zFZVf)KdiK}wTLARc4Y^+!{G~ehP%s%Lr(ZuX%hHzJu_U(IT>-h2cU!DDLcH+f9ykt)bNG~N&KWyO>3|)lGzq0VP zzdZT)y}}sh?}ClvMd$CG_;V0`x=uXj#)+R4fHJ^QvfbKY5exk1!it>O3ht~BUW=^z z0G7gc{d+5Za4ergwCwfTi6Zyb_1t)m58Kuw8(A9SW&Icv4gJGQzLt%v`>y@!o`1ED zgHUmeuY5OlZO{D|U}*zppDovqV%uLkh!A3125zlAAQU4oe0H;sVrP4P6Nj)fXSJVR z2cGAwV>mz2`Ol8;gzozM>K8YP|E)3j)e6V`y;qpOxnZ2xUIDM)pHIDI?E9S^+FP+j zxBDHu`Q*osj^{Z<;DpgT{t&S ztsu0Xz7Kro={ewZXZb;FMLTEh-nq^O(I`XOICr>y7QmALom;B_kD=$l@$(W`71v*T z$;SD<3_*JBOpN}+ONR2Hbr54;uuX^MfF(|+W3%sIZ5$skU~6FAg~7HA&E4T%z;^i? z_N(<++5X7d+VT3~oG%&tFYvv+l|-->_Fe3RWq`QLV)=JruyaCSKo52V%M9~ya2f2_ z*{H9K=LMf}MJ^qGud*TnA-)zK&_0sh)ylFrn-F-Spalg$H49M&DjrCwtPHAYm_eD( z>m-VUEuKPEIp)Kp6>D&jjB%9VwcsKJ#&M7xG@q3w#xe0mT$Y(qi~Uew zV-?O-hNsWQ3Y@D9sudf{IG41wjEzmaKUXP>Y_~IwOm$+ks)|cz6eSklAD&t!$_3Nr zSAplQ_iy|-+-q?64FE(NfHCw3`_U1$ffWY~(@)M`mjIMlv7Z8YpLm`POz+=?0eUnN+AnKGiQ}|)wc(l@!xg~CE}Vl)Hw0TL0O&dO;wdRZ ziynf++n{)7k^=N0%T8dDa7xxT(|$tdpTPLz;)#+(5nD|KjWf9Y2h1p)EdPYFV)i=> zAD#h+Vxk^o5(pZ1XM1IEjEAk05KsJl7$iG!ijQE9SXIut;0oobu%nNQ;k$r!`eMc} zId74~C+;IK6qOa&<+S$X#{%K8K{8&3au`R3m5wC&3fPCp#8D|&gU|+L3${sZaC^6d znKA_z_rSWyKZ{+!S*$%5rUAOdC)j*R=jW6FiUlmugYDh%oy+#Bg*CA1#s)rSb5oIHwXX&^xsGIh}qN3Ma4KR;Zla z>T#9UuXJ{&Uz7qnY_lXgC2m?|pk-hsZaTe!^BZUo8<>mYQlyU;4ymd-;e1&;J4Q&b zGIwRw{Tk>eoeDhhCVf<%)yIc0_zc=OSQOdA)}8Ho6`x5q+9=kYtPvwCdrFkJf{;{`4N+yLbe0v3W!X$POM+#0?d=S}3_c z4_INe1MHm95B34{dbZULj3hC-Nldt-3-PSM_Iecro@4u23@H0uWAJOoj)EKnw-KM4 zyYv;+-Oqu0AQCRDTfQp%Kyxh>m=c#>=u3oY)x<3j40;Cb6cpnG`yfG86?D0C^y9{1 z;+z#9ms}+2yX@gR+lz`%qp-ET(6Kjr?n;d9Pw;OT1$~k}lMWI*v}9}_y~n}`Rk3A4 zwxisT zhI#lgLb>7#P;r`G@D+RW1vJ)3B?z=+R@pM zSoJhk4qzFW&S`8ofHJWkI*sxHG-(swr6*nERA}%7nGKAt{=vG(4u0sM$!0J{pZ+CK zDul_{cghH`SH#J1eT+bJCH1o#Kfqpr`(p#Y^9>naQ7fXQy;RUk@ZTIHWBFpTS|H;6&XHz? zU$ug@%T^w|?b+WcCs_FmEnl)?ia36BzQ{o{{p4hQ>L?}3%6{^bPCKcW#%UX^&eJ-%nMqs{#(h-+Z8W86ahsf}5^=i$0%Q8$ab z_=gG>gCGj(^(!$U6)#9Ud=BA~PWn$xnBkcOM$oM6bp66$#diQ!5FVaC?VrrG;nm1_ zY?oULkTC{PU@;@Vg88LiY-_nsIAG31&47SeL0U2N!-oj9QX<@yDf}>(LEMPfHyv`C zgkGv1CC`l~L4M>vF~3&L;f`SdyTSZ0PTV%vwJ7Yc%ZUfCb1ol8l-Uq^mELsBxfSWppw6gg==f+ zY8lN&lkLZHrI+DTY4uP3CH3&<{?z_({4D(N{mk0uYRwY4cLsAFt(fOFRvNu2>-T;> z$K7UMNrF{);KUzUw$|g0@K7aofA~1`(79c)_b|NYGJEq$bIu3mFOIYj0r9;geyE2s zcNBk+w)G+wN{nLusx>8|aRxKt^ea+sj24|Olm_EZK&Tv5;;N16|PT( z1${wWz|g{|C@5)Ts67S3nI64Yi6nVewum zjJaqEM-2dN4s;>mF8kF0BZBJ3`G`r{sf%Ew5?ZT<77{dN^y=Ya3)Nb=LL;e2*~LYuX)3z)QSIofA=-N8!vKx!)bZYzvMV{y( z+}B5X96$1ABxBRvth}mF(I6(qBLs;oSh(XL)Spu;i0ujP)`hb{gnN zs&U)M&3q;+SJNRKoFa&d@-;tQ3sB|gJx;rKZE3QoTWu9YdN7bj0kuYVg}S&JjjMcY z>6J{s&%pv(`nG#`4!)=~XtdW>IzZc2?QP(v_?bb(Qqedv--IY9HRM$(t9c;8k!&5? zWi8c_X^k$I%;9Y+bG4N)9T&xy)}}Zuq-_C|AY2n#>$O;wa@Pc#POrc+ayna0q}Nu< zx!1XD-Mz0Rj!IKv_trB7zxo`F?)YxJTI0Lo-e={(D&xh5y(EnA3*PmJxsS=s3#O(% zb-=X53#82OQctuR>KkKu6*y^O>NvLKkN-}r8fn1Y;E|^sxo;ND4OSj}YoslAZ{rOR zS3w0<%m*LoQ*iCy?JEFy#I`Oa*1C zA%7Pi+4WSqth?`Q&n3+l{Iomw#W>&6~qSY&Mj}*kgt_*m-B=_wct(&;TK`;5(1ZjK@l%d zfXCPGl%gcsN7m0B^QE0nX>a(Uw4Wh(p>#e4u-3q^*=lMUte8v@ldnC#?+5+wAt=eu z{$T!}2kR$abIz~2J;pSMkZE-8IB9KdDYLY0leL$0G0ca{Z?;Z9Vymh~^G2z~vu^{( zOL4WyBFibJrV+(8r1m@%|$;Py8t|)gN015 zi7UllYPl|es1}D_4eG(>7H4*EW4|s$;jwtQD#l$Qf$o6w1?+bMUF@GSpLGYWDt*{g za>e{W*MeIhxeWhMn^o99@Ih7KQV(adwK#_J4%sCTj^RY)pWO9g5(qrtsyfc)VXkG- zu>pUUxP}r`DU*Tsx#bFJ_Bf;BH|uU_?}GPr@5Rv{N`BG$WI0b>Qp?mwEltL6k~jq6 zLU0lDiE_NYk%zzE>T7g!K35NUy~z@Pb0}jv9Ni7dO7a6+;seHnGOK%?KD zDzLdg9AO2tmV1y^7Wy}94-8^yD@s=4sLIAvmyIu;W{Xvwt9Hwk^)@{l(l*FB@)XWv z)$`dyds%UNaTl(kC2LA9)L6BMRgGmuURU+fbq=n(Y4-CG{ls19HU!a9wsWn!RR`&Y zmKNBqP^>b|CN$d;OY8zP^Hxej#Gv!V&RSbL`I(1%Vd6A@zh>2ez;KbHY8MR}mTQqm zjs&h#a$3YoK>ICnaoWU7EO1-p;IK%L7)UKk1`85l=1?t5h7hWjCTWt3&6T+AwMU95 z*QG~_C0>FoG^aZeOWv6 zC6?9j*ZTk+}$wtV^J?KI3cc%!+o zqBzHw=i!P)M@0n6D#>&7i(bYa*suM^?+JE&s>}JyzxVxmgAH*-E~{8DyY78xGxNf45D# zVsFQ%g*Q>c{cJQaS_tV|VWgrie@~1{mlB$-d8FVA0vdc;{4oWT*16KeIRfUhwreeEEIx=}tMkVaUf@}L`9Wy4MbjOP)Mzb?FjrJkIlPxk z`^-jLSesdyH{KXjt3YBB{O|>^UAMi z&hty%`2pS$`6`cprQ%CAYIP$C-BR_5?O+i;{rQN-p!*puxy;UyFk8&);3UdwAN6>1 zK`j)fwZ3jdNyyxgdehw2TD%+R*8p}`$`n|wSwP^Efipjio;24WwW|Qh?I@OVPzGxV zjLgi#=;4}VtX09je{ZUUqc4C_h^md(TJvrw`6N%igY)vEa83ls|K9iv2PFD@i7Irr zzO0L`N4>pLk3$}nVHiJ!?oZ=_dJgOl9=#@Lgg$$9E^7eL@PPeQ#g^KOv5jeS_=s%B zd=4XGG2_4QSej)8vxq1~u0x#i&3%XXtS{P5_Rr<^1h#)8w2pprKEMOIN$^|Ci;$Zh zhqvdFiuiA<4V`eF6yM4ohf2Y43&o0F!z<+-Pr>b0dw`D>o0N-6Xrk^CwoatPMMYYt ze`%=p!t~($?CV9}OEVpUy4(j>@Eo<$jhCR+YEoXDF&KROo!>IvV#asnsUza{rw`HP z`mw@Y`1OV&a(cXoL9^S5As=Z49JMMxSA&hbU)O4Z`{wiOmukAezwMuG$~`4-czc3g zQbT$^iVE4neLPhc7k$M%t7Zv+ZeOC_UqUSwhA)l=7XrK@=g#%lvWST7z0z`vemyK) z!=KP5)Cs#huk)-DMwFk&(exVbW!qR9Q_YVo+N8t3$}tYu$V85 zbGABS?ZXQiQ%ttP%kwO-e-t78IjCIPUPZW3FO*@mm5&V+pghzS`cbAlPHeVfqpngj z=>jY4BZ^z1MY6N4Cip6~RX>ylUB}FZ7Ix+89yi}tVy2!~@t*%&w|%fO6#dc^DKfeFsGu!I-T_-B0%S z9+N=T;8t`Uoi{SnRbq=B8A))Yw2Qm)A#7apEcBYX z$;N@os`xd62I(BKj(;pwbE#^op%Gpb#5I5mHQx?!Tbdb*?Cigo0~Oob%1QDCiJ0p^ zRuzt_IzsnxHO>lvRG{JXK&dw;Y0-pj!5Q2cC62^C25~F(g1~{lW6<}vyz_P(toTnp z7$n@%wO*OO32ikJI-B#D*>;?S%^zZMz0$v%Uk9k_0?U5xzU6nhB}j)6>34QCeg=e~ z*3#QtP_;`^tK&-YQ$4UZ(7G3AKZv>4ti4RkL26CU6~tLo3W%BOY3BevLfCjEW+_P~ z0hu8Ku-~C!$*6SjdX}5}^HBqMLzW)6H2BgDKQfBbhr=9xuC*H;gXdzpX`Mvn>9#5s z^1AYi$l*ByJzpays|C9I2I9@MA7{w~UVEi4k*lf?b8Ek)7zpBEab_`6BuZBv=iR&M z#vDE?{dfjFRtrQG+1c{4di-E*Q}RANNHcRqOKQwRE>*e+{VzC_hLZDsnFk-K-KO87 zSrjx5)7Q(Itf@ir0l&;TKTXzAX%14~h61Lmhd8>dQSl|&$$uO?iLXZ+i3L)cQRL#> znr-P~YtDPko=nAG5MIp8QKQfm}oy zp8)7sgaR#cLx|uY<}`P@e>AP%m-t(d>>i%7urP?;RhS^_ukJ@Em09nxwP;8PfO@-^ zn1ag!>#zQ*2Pb$m8U zO$K!cpTddXv28mW!`D9+11cp?q^wJSu*np9oBQccC`+@Y>Ih_~AM zd1$&sp!G=0ipDp6zprID-cqw%lx9&|GC7p_QyP@48k9-Q3RaO@@8Oay>YsAFZcA;r zsX}X)pYFoa3k2T<0KLo2R=)T7?`aiz8rMk*FMTMQW2)b;CYMZY5-t#O#-XQGK``;v zSvGI#6WyW85*U;y2w*q(Tk0zoIkKl2y{?xCw#Pm4^^xnmB{v@OmN<4$%fhxr+!7OZ z(}kb`ccMJC!rO7CDuJwAT$jO4;JABA4!)O@!_8{TuXArm58MSpC78PKyZG-*R&6)F zSlxhtxLC76zC%^dS+u>4<&CfosU9QFb0{=s&hp*%k}MPQ6TB0Av{UR8e6wqe6a3VD z)D!#;mETOutaNNr3-r0BF0m*0_JOK&^6%xhnuGkKe_6+p&x(cg1@O#Ks)1&8Z`3JL z2`;4HjxD}{n4vY4bhN04%>wG%zy(IMD4+kRD8(Hic)5Q`m?|Jw9EYLpYmyt}q`aIQ z+x-F9=@I#g;_9MwAiA9c(2~6b!;qQ^fr??{(A`eq_1axbs?*7y?{uIEcNV zT&o)Lk|2J-9$l8sHDX9)gcQ}!atR}CS?*qM1z8ZMd!AO10A!G6f9*aN>|8AY{by!a z^@q5eVQS`$2~#TOB_XG*r2vjOY<{>G-;an7ozu*yznBhU-{^jNiu=|say}3EmW^)3 zZZsnbq0a{VW-?08rrFx)n%*+c9TbMs;;Uqe(d@Ppx2rjFXuNJd8*$Z@(zhwe{d_U^ z_~dgRPDWHdTT0ujqiLOHA(OvY|Lb%MN7pK8ol>JH@;qhIo-%g8bb zPG62PreIsPS@Tmg>sA_@F6m~8(OYO`EJu)33=ur<&{U-*S^NzrD(A~l$xFel#YZc> zlhA-IIF%5VDgV1@^idUOMsQ`8SRZp@M&qf@xzo2ErYHr50MF!0qlGpxMkfw3k)H6+ z8u|VSB_%hW01Q?@T3Cku2&-_)iFqy$*}aIg$BvKGd{C@v77OrB1;I1=9P`z^sm}VL zYE0X99g80;F9dw)P5zDZC$9#1w%u|6#0`eYj6+S4F~~&-Km*OH|J8_G5U}hbt3rltNEj&;16e|K8zpU5whJ)}RBh)6 zH6U$%0_sgNDpRttve{2RxS#c%g*_5+rFnDt1l&1qJ(%{(;9}&|;WxqR>x!!Z>#~GP z6a;8+Y__ua~#o{Id+5R`uF{Y(9(0I%G=&xMYEOK&~W zkF&)MLY4%4LfnkoNq;2nS|L+alNpdWS!elFyPO9~7E>Lawj(f2+>0B38|YGscjT1P zBD9~?7Aarrr3TqA8T~4FW9%wJ>pdG^0RXsFjf>wdOeo}^zRgvw4L-JH&~0R(b-AX=+~`v)Uvj$Qqx zZ!jJOnP#8PC{42T5NBAS5}4bR7@lNk^9xq|6)(51^ZloX=ti>#5j3^zeoQ2blrs8Cb#DZvH+i4n!N=bjp8=4X>O3bd;8PdyFL!xA_v9@c z{9WoGs}#t~Q87C&Nhf<+6>l2cAgWRoA;~~1a@rP; zC(@LlY>?J|aRW3ec&zZsV7g)8-IqdS#oRy^4Z3%ETO9WuGAAqtu`WHYm{gJ6=D;4_2v=7`IVlZ;gdFtNZU z8F-cI^q3jgwpM#B=|6Q|TPWDwvs`=wmhr5wwyIT|vSQdIp>UgbV=-)90Uef=G;86) zRW3{MDw-z~LCe^Qq1EO&Cmrjpxr}3)PsZTaGxA`i%U~Us* z?50gtHJ>!qw5#vPa(c>;bvOU<#eaVJrZ4zC*tPaACxD(yMGM21G?_0hSFM%n+HSqI z;cM|qp`hi7YxaGSO%`vo$61jg`ofVf1ABLWGrI7KqX|D`K1gCT%D8uz4wJb{^70O` zf01~hdBroVL~okP{1JjY?fVgDeF>F4|9*0jhbIaTTR09Y6kHJ#bMS4}6Ss>#>|vX% zNIP7|ot)=2<%X}|zU<;#tg5m4H=T?@E<5Pm!tWr~_%GzDIufdR-I@I3;XL5~Sisa{ z<_nlS!zAyiu?tIyvwjpjW@e9x_6Fwh70%}t%Qv3x>yp!w?~$ELpq01>v2%3>k)4++ z3hT1Cs)E|yuc9?i;Z3X`Z@kSfZ&7+Qzr0@P>H8aVRBIe(thtVVLzaL11SCHLDqhUd zWj+VpczQCrOAwNcAwID>ctE}`o>EY>fWM$t8PHB^Ey^^FN#eu#oXePwwA&yl10#{j zp4Yx+hFEs{gh{OBNUSFinsz%#sV=ft{#rN+0K#-=aGPFwHg&MXjFIZ3i<)dh54j zcxlc^Jn{iMq64AW1TfJ=Gb?~)7Tchh zy}D&8P8ECGLkUP!)OP_eikx0^*i$0#dDIzuSmm4U#}u(~lrNK$hLsE)3UH{RXb<_x?)P7T@9QW&M8Vi)(+Z>OM8V!8cYk04eRRek z={z;{_?eb=P~!=*=8e`nuB0;iQJSlI#psUCq3{bdCgymB2ZsLnIzGEqEI;RKsmyj@ zPXcA#&5w_sPi0g;(|?Pr*q)uS^%5+n z+dy@}32&(~u9a7H1Us7<4qY4KGVo z{)mIvrIkU@cJrfU1e}y0KSfe1wA8l+wT6b|_B*Kz)!u@2%4ELXC}IkvS3%;l^W4hw zQ3ESBMKut{!55l9 zIA#c6jCs*4~^-zvJje^EQ`Mj|B+!SoUrB`3Ct_ zuoT<$bd!^?BZc?Q$&E!IZ9UM;bV%@(^!BC}8GpJ9-m(SgkRj|N?s^##3D+?;;{pNd z@W${Qs+bMrJCwbz&yj{PJ|zZ(ayD%fQV)4bIPc9}KdVmSQVrEZ`gPP=k5eYY_ET0w z#I~QXik`k@9(o2}Kb*;gUVwjg5@RRoPJ|NvE&oLFdQ`ydB3-Zw?G)wZU9%Z_6pW8- zd$t8^XLMd>74o?{^>G;3eORA5KIeDYDg`QwGeESP^`xhc6LH%hjA&NEvF3!cODG-m^N z6f^GN4@-7+kBj_Fpq`>l;A2@elY=Ph3I&K1H)8ZfwS=Txt39Af|bbTPif=d^{oO<%d32mmhr}O3gbawt2BJ@Zaj)#H4Y20SGRv(HJ z7~7SNkQ2I91|7PsfWsoGF095P(~vYJM6crOnKdp60)w<33Mpk;4E)7&IB{Z+RAwrF z&&s)ltdyIcX;_~(IQbJ7$!rE$E@P$PDd+^W(wOW2&`fy7P~x&`C`yh5NrEIn5>1Na zvE18p#z0RTV2mlL)ibq{T5(o{c8Pq+hBK( zNt5B6Fl)fl6UlS6^xaW*Y;n6b$jWX$;I8PuuPVzV)hn)c`JSHH-&<$TxUO5OJD&Ds z?Q|`TiLU|s%fFnXMER;7CayeDdQRuSfP8j0=WBS2>{ei)3^PiD8!^;DG=#^1ZRj=5 zNyg~&kj8HMHEP@r{Eg4iOIL0u)Dk(VI2_Az^w{`|mBRN!% zE+xrbmAOE$9b$Q8^{UAy% z89We-918BcT8V0dpjTHZO)=O#v~#bgQU&Y%D~w1=BY~o7EpTNnAuDCD6s3uqvPEnS z3mNPx{KQReoZwj!{V?2jM#NmT3%$k{)8`y}7b%IqOl(%fQS3G$1gp@&ZauDL@-OH^ zq^-uE9Q8j7TCUGulKO~dVMz-M*7Oo=#RR$Os&tIerssji4G0b45e1YDFby8y3TrA8 z+LR5js0s^Zo>Ht`9hlp*% zu1TWn>)Y|t$;WwHIu3UWvD~+0N@CAkpex)&l%ik&T;-w(h*CM6)nnm_yQjpMS;gRM zJkYJ45?=9-4swhzOLHC~^uLyVnf#qoRu)Ii)tboV%@B&BRDWWa=Y>5o2>P%?|1&1P zpr?1ZL>wp>p+UYJC8%gHraOv~5&yZ)B2@5~$#%$y{ZiPo>ofNKa|6MY$vEg+*eO(i z>X!By%&hC)3}D%5NRXvH3VqJC*dnh?u}*(k;J5+TjGYLB$K-)V)Vm%TP_OX=wb4J7 zdSEVU6FwU^a`I5fI<&d;hO~vmIVLV2)t=|{h1ntp{Nd!nVsD50SnDzAynCR4o-f)k zUBUoZu(@^qOA|4W5VbGjLT$%$@fnn2paq)Sxeaesjt;&r{Im4LzTV=8ICUxO7aG+p zY(jvEv(*{a^~)4Ptlckc|9OkI7xP2NiW`KFp3AH{h{Ea4isQEJ&(-9*G~3L}va)xh zr^xjP7ulfFeHYN8*eXkv=M)j7+? z65}&AsuRd$bcJbL$M225F%-RJ8%U_+M3tr}H*l_5*g=ZQQSDU9rI9v=6^!9$cM^+c zkWV=Nc4m6mv8EG4>EgxIMTIgn_fJYPG9msnlq{)EiFiQ9!r(<+2Ga=Dz4uIA!+<4h-#^)9LDmKAA+9*e0uoYrU;*FbBpj;B8mtlkq%fcE>K06HY zaxEv0G0tO<(M}l9Mlvyv8u(QeV{GM>emr<(Ctc4f6VoLEOD6#z){wZ9wo}VjFYE;^ zRHdyMIBbtEE;ht}=0#>l==@qJ=0x7Wp`R1Jj9(?J7am-cNN8x3;p1?UVqxSkav0i$ zF?N_dv@rwRBLI_tNx(QXXuX`_zuDLFqJLNSD|@irvjH3ER@GGLV(@feOBl6OU$C>| z-yqFK;u!F{FPopFqEfim(}SB$CKDPhEY0bSW)C{7GDzy_^u{s0SIS*DeNV(@>kF$J z``YcnUaVYH(hO!0+y9~?h5s9aJW8NXgv-kb;iyi0fsZ&ATLuB!YrYF3@bEXnOB7{n zT}6dZ-4ysIWW2mk-DB_`_m$f|q0x*%lhtoK6XxeIDHCs@Q2g4eDBR|b)TPoa{Q-#N zzu*Rs#Dp>b=2f*#B+d;}Q{wqxtQVz}gKGqJdkh1@5C?t@<^69R{gZjf7fNc1VBL*e z^FAQ`%gr4E=ti>bB@xMNon2n(E(;(uYm}Vc)o))QehY^yT#l_AgaeOU4^D1$%RC(5 zxsU$>96R98Nox!%ayZxg9opb3p0Ixi3!zXjA719#5jh<$*%5`YN9%_K)cUm==yJGI zPbQ$60>70)KekrDst}oL`-1lHYYBOv=aEfQ?^?mZpLsxdL!H4dCZlX0gBnNB3BjL% zf@k3c_id}R!@nZ#*iK%Vkm36{CKV142ylTjYAoRr$PpfhJYK~y%Z!2Hk#A18fo~2h zz-&NTn_X++)ny;g7%l%5T`@UI*4oAlbj?^cQP#@6184P%c5f*MW+-@{QU94vij&ye z@^kcBfi10Fc0@39zsP>Y>2|)<{|sDIe*O=mqxKxB`(`)gy<1Ry&Yc%nEkuO)x~h~? zZ7G(IAM9QgGkZap)#T$!EDr8!i$Eqx;=PS>AIDBdL6MLIT)BzxJMflQV>Q=2!d&!0 z#;nP{$|neoY9c?raMPZxjw9N9cD6cCAWKg0fHe)p2lkYTXdxaUwDCG{>g%JGK#!OF zv-fA#Vt+5G3Z?9;uL^GCAa#sPctT2FAhLlS`xAZ!hMkD@&h2_8khX>j((F<}?jN$8 zG3yC4L?|x9*&f*^i|{p}`OTi-e;hYda5X3ht*!IGh3f^>y0r-j?i&#>ve&KT%8@CH z1uN-b1WZ5h0fLS~zcx$B*veZ%7Yi9HJvro5jm)RMw5VB3^exd3%=bd9>R>rJdaiZ( z*Ha$P9|~R^-_e#jNsjA{ z#>}Gwjr>FIgO$)NM{j@H3UaP_&rTG@YG=AuJsN|x7Jhxw z?)R7NRov)ut*ZAyAzO`a45v3-EEN%aPze-}w$7B{QXogu{imiEL?LmtJ@S@}%qwx~ z;ngxJPtbD4VShN_KH-Uki1j z{{e%UI%+AA=$RL8M!gPF@jcyR*F9SOSNseL1SZU6KWMchTCM$Nvv$;GI}pl^PB2u! zuoY8F$^A?J!X8nc!J%Z(cQE9fFXmM?QOtyQvX;iVZDAwrHQ2F;LAX6r73 zc+ZZ>RgTS1dL%iM{F_v4F6x!ID8eUIPEwjHB?OcRLINp)6p#8_l2bKVnN>v&6%yAu z1a3H8j-ozjodPq5kFjV*dg$-8=~?o)xFqbqnE|UQ9#10Ral{D-a!#RfM`SEITq)nK zHzaPqV#P;d?|vZvcVPl764_1G0|+Z6L6DL}f~OdP887*Fh7LVJy~&app$UIfNVKke zB$9qEq=crjA`wqK;A2l2r%R9JWJz=T>m!jojVXalJh&Ld)5pAPLk4_d8}zl_Dk5}fuW zMv}>|Zi((yW@)c#1Zx?^5(>{7o08s^*HfWJQr)Ww(oOh2~Y|#UT9dip(-1m1(2HdZmikJGk9upxXE1{ zDCSVoF&qcP(fRI2H=dVrE9MUsnKaH4fA2`;d=P{OH~$+qODTBFoLBGdRkt+cB`bRIHf0OEs3!bdaxX|HI%aE6 zjGmOLO{6n&DYNA{ABU*c-t@}cqPFW|=1G~s%>G*3!=cV z@G2}yVO~6i)(HD7rv{LUd%;70BXS<`Zb=I>^9z#J?0!^F`Gm^uV|v#>={UH7chJ$Q z-2?MHI9oq3EL#^c0A4OhNFH6++gmUl-wgGb4Jd0d}jg^vOrzDMD#w z8Wlp<;uyfJTx~0p8pvCZoJA1x< z8EOs!!~_}gm}HlJs3r@JMO`Eo$&KW(fV0og>QYR49MbNYI-6eP#J5kZBTLQkCw1|0 z1+s{0BZ{IqzjSr0<8+u3hotN_C`Z%=;IS{U@$KSBdR5dLdb=&HrV|fDp^388utMKd@hBus4;}7(7&_77zd&s^+_$OGe z#AZTMCPDEBCNO4Pw#BnFVW4IN2*gBUEWe4h+N4U96}+%s!Yv(D_k~L*!T>x4(hiAp zl4Sa&nB<;&Lb{!*Ad+s0m!;Xdyl;%8cXE+jAxvrH+s#Ovbp*oeoCU6DfnWs6Xt);X zi4jL&nQC!Ru+i!k`4Kv3sz&*cl6szbyz5-^o@D4`4cQSYwGVX!vYBhaAr@|(1R{ui zjnQzDzo>8o((cPannHdQ)EG=b*`d?@9s;w9(+U4J{hbf(E1WM6Suf%<6eVHWkXMS6+gfh@uyOF<<>(E+PD}Kqh-;O)K@nqiE_Yy|LCAv?24UkizH$gE!KtX><%ru}O&pe~ z@YcA5E$*3xzkVmYI0RF1zVHb2$A8j@t;Y~Ffj8hg=9bwc+A9?zGe#2TWxP@7{;$QMxQPm-h~~E?SBr93cN!lSWJ=XMys1>n-Lbsb z+zHpS?`$-@H!zAT{`YAUS3?Q4~68)7JsVc zqJ%+M-^mw9wJL%rUCR?lGq<63{c~c>L-*6-woPuXW}O@NtRDC0tnKY7&(*xWyCT6K zUb=^6$Qw<}-*~vhKU;;Dwb=8A0^R?>U}J70$))6KEAlgsCH2usbdI%zw~ay|NP6TD zHUIbZ#*R6ei(*^K#+cTNg+d1(iMQ<=`m=5P5a(pfxm{pN0h%e(1H`T|>bNc)8khST zE;zU6UGtCP}UBltdwBsFo!iZ~+tg0M33ChWGq-dF;#6!OuDVYL+ry)!zM9X)NJbKdozw5C?ltUfDr_5~XLmf+U6g9{{*zzJYRX7SAz8diM^crQ^ z$|IN+rv44IEexs-NaUA397D$|Anr_F@rF%5)hZE`9DtqKz&B|t?b0IhjxR_N;gBljk;2ta?MV!Qv zn7w?=StPM4#QU?+(D!_UY@nFKQ?AVvCvwkYie6^WbFfgE9TlfP^b+8`8-il`1~y&k z=r@@^r#qm7tIKk(csc}wmKxTYmpX@n5rR$%bQSc#jpk8^3yM*Y2z<9*3Evp?RI(3& zhG)u?1*4MhtknJ}u#VTAe$mY_fewtd28S;omy*lLXK!~o{JLK=ZFt@D6(fNp3f79K zx2M!ky*HKTO`oeV)sv?+rUp80YvGBvpl({AIq@%NT}bZFiJ1?dnu0R`ds!{sHjd;p zG{$F&X=zT%Zdz+OC>m@V0+IDDeD27R?`9-YJ>N1{THxVoV76UhU%q1$)nI$<&6c#6 z;xc3AHG@V9^# zZG+TGXvYlFsu}O3;!N8npQ^U=a>i0~kMx3B$Gb#AUgRF(-$uJmgOqg!LJR0VnF`Uk zvvO(`w(3~SOk>Gx2cbw*g$FYDO_Mif?|G@bxoa!F5xQNB8*>!XA(qB9&=el9>Q8`y3t9CxORlK%AiO zyVgzdtMD$4kMrHU0(qtnlhNF$JN9UnX%M&UvdkaP3YykA4m%k=Z>CmsIe~uK`1pv; zBnev>C2b6ClC7lGV+ay6qFxf)1p-LBetzY;rAK3sJb#aN$mQFepZ`lRy$?BqgZED; zjq~r2{C@@0OmqzYEy1*ttDTFbt*NoSotdRMot3k_UFGqSl7a#i)im|^lpenAq4%`GRLJs=TwfxkpfxI=v+i}jxa0a~Fe)_luk z+uf`-x3Cb&331rei11yWUM1?+);eOGDij9G1 z7!K!Oc#VD2(^0V%d-*5bksZrX=vm(Gzy;V_sHv(?o>wEgj}vtChRqJYSDupeRZNOGRJur=$LrhMjdA6{fD>JSO%u zEH&5R8z1{_uH>tia~x>Hs-jiQX}<_+s2rC_)IuuHYwDt1i>9xe{){joT|`9bX>18F zxuI)}cnP>xh8gxV|%zZ`Jgi@pqF&=-uD`H*jeLb)po z+|B2~^u$-M1vMh2aoFGR5mGq{4)vR6WbH~__3rJp(2vOWBsRySkLSR^2ogV&o>R$x z0$e!)OT0)q>yWVuCy>m^pyt&7iEc_~QGGpCpjp`eU3|R2MX%Xs<&+eX+Y??upVl&& zM5qyltYPF!xEux~ytB7inAAfwzoPKSisU<-+k>PAj2BCS9iI7K3_Jsw8n&J>bUd3A*6QpwAcUIcD1 zC0>$vaV6%;Ny(=_~=_?x=qdsyj5Rp|#+>?^AH zJ4EG&NY&rB#y>&VA8(#%RUJl?r*>#fZyP4F$blu)7U#AMB0JjFyEy7(0W9bUt>3BA zpk21E>ek1LJ9r&gaEm5C6}c=6wG0df3UuBuSAM~eiD#%XT<%F^#<=E48B&I^4cI1VIZbaK}s_UEvqlex311| zp%;J%gEyTzA3}{DmYOWvAVX@yRRDtuL#XYVPUnef-<%4A4>d*)GRzJ(Mh_y4K60o% zO6W-R9(D*Ju5Gt~g*9|#v(2dYD%n3O3GpvTpbLy(WP?kMD zNP+je7VdIMI^@u_0leCba%TaUze*wc#z7n+fmTC*%gz5<__#c8;=7<&1wgkbgKk&` zUAe$-V1gA}1)`8kEI}!0hpO1V(cl6|Eg4;rWSBvfl^AkJ(`TL;rkNN>K^9;Jk`>a| z83BI=l4}Ip)v%J0Y6S~m;gwYwa_G~|paIYz3!-=cXv_r?FAF4@6C}U`3gG#E?oT?| z#%5t-p7v&dT_%wo*Ze-3F319E(3w=fONv29W`V#1iX#!6(c;6TFj(9DE28d_q3-xJJp5uA*DBP@;g_dJz1hVPJi7S|Dvaa$!p{5 z73qrZ7#H3k&cBqMdJinTv{in<;-RrtN=^?-$(pML1Nr-_vd=$MoO)_Lb`g2$y*zgP z>-!|0YD#pkg)(1*G_MTR}ybL21XXq?yXdYL1jCwobk zZ!@Xdv+o6I+{hH^J<8jcw^diV z=3LQuy+`DJ7n%p0t_?3RGZfdJ^c0rDpPf}cJ{s^++`a@qA@X)c` z_O9;j0dBrCeAc^R*1K@lJ95@L@yk1w^1FWNJEE$$PUU-8&NH0MTa)Zt)8{v5>9?m7xo`vl8&;6+UjU!WF7Hu*@`=n_nx3 z$iK1(q+!ok`8mq5OZb33L8G@g&uiFNZNoI0mBAuK=)P!Y;gtZarIxONBX`b z-#5M_YYW4N!}MTv{4Ml^?se+Eu#1pLhZkS$$t;-uqEKc9DR zA^!656ZT8!xf0{ac;QcLRwgwUP(}Wwf-uF=w390<-24`F67GmnKQL^r>#7S@Czy&m zvmbEiF}jr%t7mcOQS9&DG-=ck;bn7sYWWOAL}cF2Av#VVi5q%qPN0YH?tj|l=+a`- zQ~DJquyn;6QY=X`vr`~PVg?D|LLugHJuwsR_FnSpt25$SH?kn(AV7d1U^nNMf-Wwv*gsguvV00t5YV)qvUHr^kkBMACK~>>UNMsgYM$n86S<2&Uo-2Iz zCr3%ipskbi?WcW+?lDOUFJh5`AFa72^%;x|pWn2$2p*LR&mr$s6WGScR0tJ|Ue&L# zO!p|MY$aNzdoqw&g$~)B4Hk2DG01AvM=wD4kP_DoDJT;KSpY^1t!MJ9-eNGzEpktF z6IyQ@L}W^^UV-i*6D}-#ke2;Vjd?}pTT0|N%pgxZD8z_H`o}C!pLZ4#@8#;0&CS~9tZ*j{7D2AX>kLVvK@3mX#GvGT;! zTC8uy77r&mR5vJ?$3QDATd2hNDI#iq&6k>%jAc! z;=hpW3~FuV719jUOlbr_B1YA9Y-+ER~6TH(s zbiFU<#@><#*YYdZibsM54AaohPru5+@9}cw2XUdMVE!iV{Gkp;#xtW&_^poUIEbIZ z=}Is3;?J)vm*#3EbPzASu$Lh(JaQQ>OL4R?F8y$pW;ev-2uN@@5nw}faTKe=;bGk% zmoG8b%P_HPdL+xM#W9nnc$t2XhQYZuOv1v$y8CsLEzW^X>HOCCyRFG^w-HRqIU>ez zKO;#_E3>2Bjpw1DpPnN);dB#c>7v!GYpMLUDl8KCy<@uL!nI5#rSr<{a-j8EGRVtP zJ04N4e9Sjm7R@QlJPeBX*lnsPOrUfj&Hocph#qqfD=-6t+L@GyUaJ(K%I z)+cnaB?k9ujr%xR6Pp&t`$CTPemW{*=@Y+0+aEZRXt_Trctz##4z>W?3HK19K6X!K zZJJ_4JV5VA*hWxuOG1PAyP+}UZlOUEw&m2^-=GIv{dUA{+o^L)aiyK|BRB;4Jg3=+SgEZti8A{ReeGVUo*28~}lz-5Gp7jFKIrEcv} z@(3M4RJqL>?I2E-c$l>zZHfA+)AEvXUF?dj>A<2Zud2v^FLBbh1%%!N-$N@5JkZ)A z33nP|o7Ea(-50HP{Z}Og4;y0J3eCtB^@7#vdKIyPvl*!}_EUuc1lB+qjDBqV-FRf& zGoVSy(jMqfa{T6g9UL^nsh7gM@7s zbx!1L*$HCFv&RMZvb2>(m7cCF-eQCOyyXQwKsA`GO-KyQLj*?T$_L3xXPyQ3@LBg* zXKX8_dM5YJSVia`xOK2p&iO%$iPPK8JLm~wN67^jK z?4hSiRE_2l4(;)f4*Ihp|LO9|B;z}bl1uXo58z20S)2G6^jFZbe&i1Uv-Pul)@Ieg z3)PepwZYlRbxE#3PyoL24tgPMlNaE-#RC3w4q8Rs_-lQcc-EveOk6Z-1+C~Q2CI;&5R}W40vArkuddzoHEEiZ4{6O!^vNlyQ+V_D>;O>*G&7TBm&{Z1bcc&zb&~QBytlYFM-V`t1;H+FVE!M1m1!UvmCIV;3ro7^15&Zf! zv`y%y74W8fblve6S710R4KA&<(Xo8g9^n@ytCW|!oZm?PP6ls%aHV(3ziiD?u9;Hu zy)M;mj}p1Cr%+y^A#}%XgS;;5d8z?#iO>=HcdSb^Bo7aMnpo zYtTB1qC3}a#KKAHt?h9Av#=|em^ZF;rzPv^))PlwwMg#+VHI!-??QfiQuciE*URVl z7!pa=q($y4#N177eFkeLr7Sz**%thTq`xL0Y~-EeW~5)6LXTIuNV zdUve^-6l|c;Bq|%XqPU~ZJg^jR;a8w@SL8ASS2(+ak5e!=5&hT;t*45v>EEi;9T^R z8&NLmqmtSW9Pzf9R%XPDTa2m;`4hJ(!TL(@8Fh%z?T2Yt_(m5$2C~ONkOzfdv_SU& z*<&BbgUnA+pu3ptaTMf1SsmvxC-)M^kd@h#vyy028QSjG0&~La0l0N zSh^jN|3XggM9J?}>@y2bjX}?;A+s8|4V>fYz~tY(Q(9Arm~BUY7g4qs&xUIV$ZA%! z^qY$NtW)}|!J%tjAKRcPoZvp6q9!d8$(+DW#nv;1Ma8Lm?ePR~3STx*KmLH;aPhMd zzpS8s{06<@>USZ2`J4Jt8(PT44=jF}PyP4>TFBKeTl}()`tdt-r;DGC_+=UOqbhW# ztKWwBr8gjRn;H1E|F~D%p^0Uuv?iI@==4Rd#%U6chdB}*e{&3(L?d3?UM&bWnYtj9wO^xg z#8G|T2mWt3i_L^IWkW6tqkZa0IL zxAPmT_3WpO%i~yIVE(XEVJ&GIha=@xeUatGbkim}La%`92uyyzi<^8cv5kT}Az&IW#bUpwDgNeh0w6|!ie9#9}pTg`wKM?Bl-zsXa zUnVaQ6S7yGxx7g4#cGj%tG-uVdrPb8KIw$l-3k$#KMGCwR(>)eeCiZ@=?r-j!gzhB zdI5XGo={y%Ra--PLn2j;<~>oz9W1!+cW$M2YP)xIr0B>n6NEhVHXO+QfofjY?#MoX z;72oeo4Ib!#s8&4QDJ`X;Wl^ply*lqv7m zV+UAq>4|m2E{bd;x#r>uuKTXXed~a7(-Xsl%2NEA@L+)X8PS{al*54BkuTlUa!^st z-ihF^wM>KO!J{)Oi_^MM{c0C6`OvYKT?&LZ%`}Y z2|?k#0ij>|ef%VZ{Y-JQsh=V!9_#j7xK$+eaT|Q?y$FMPi+#g=D4ROJ~AM>E!g+fNO z=b?MGRq8)Fb1vcT!ysNtr`*?tM@ICfoKIDW-+#U712I{=cWI3LOQL{XnWvG$FJC=& z+D(#(@-8pNl&rk=a~Eo-a%?Z+wLAqZt-v$}U645Ok=xmRoUOzIEM@E&)+8#Ii66we zbs!GuP9K^wvX3?MKxSyNxnr9Xi)Wc1=9LlQOL`jF;Bf3TEG0@_ObU77o$Rp`X|Y=c z$@;3b-J79?IqRYG>!c?F6N8GiA6G^fM00+92Onr*Wn>GbpU^z=lK&UN@?*%V@1*kO zTgV670Q$Hv^v(-i(tsp*bkUEI37m9hn1THGv{vfV=)tq-dIo{jdbOF7i<5sgDpakP zlhL=Mri0GqG;NrKW-XWy^m=J_`=rfcH8d%b%OkOjxUF%v#&8WOO&d`*H(%!$+xHuS zFprV@B6j;1c7Dfl;jC|u<+hc&p)(H}x^s^sa2+|t%)(UIQq21x2ebq4{1a`sXlqzP zQc}XUG%^07IG%diX$}hg&wO2}y&}-1h7celejJbY-Q8dJ(nHDS$GDLdQd-*~K>P$X zV><7sab5zs^G6kB6Op>1!agegP2668T$QZh_`=dd1u(dII z(WDG;U?!{eBG#1=LC^Z;7jBDDAYcu`4ksY|!GaZ-(T~pJ5sThSh9$Gr*9~7!KMwMyQ&H8{DS~D$Q8{&YYZIwdWeuWX^qz)h{_4K#lLAJ2;fMS{ zT?DU1s7vR0O{n!Fhsxkc>zq2sV>{54aAi$zM&2jtM(bT!dKLLQhcIi13^H@(5DOZ~ zN0|5)pT-t>dOFWO$WJ5D8@TJF`d7-_G3w$LVx6BC9brsbmM+!G3v@ z99$Tzf9+xz9XL>g+%MUqCH7FqiUcbYCMn#PJ2o{Nc>b79awDUfKc_vfwmZOtcE@H3lNO*4xr$Y*dfb<{UyZ6(0f^ukdMbyhqBZ z@kv@LK6-KusRChRWQ_w{g1k!(+e7~dPi~oVnvVeq#;bUe25*sjS_)22O-Mb)HPqZs zdK3f?NnzUBdR5UsN$ZSBxy=SeSNj$Yc`XY|dm6BVkElzkvNNA~pTB}31G(B+FJn7s zJ)kMI#oeAC;V({d%{iVz&iXsjq8%4LHw0765vN7p8VN#9k`Ju|?9gT**yH!_68t`S zznzFj!B<4^(H8>2I8vHXDRZ2Jb>Cdyn&n}2m8)2}N|506$TqnXx|@aI^vW(dQ6fT@ z6v+${cxu~^W|t^F+7TpJJ2)UE2@hU6-yx@l2d9F%q~`rC!^fnQOyG5JZypEBo`}KS zOui6*wb;R~gqTDq1RGuNO*t0^!L9?98C_1~*?PIh(n1%DW7|Zdtgx_k5h8*~zQy|k z7b6>_Nmte#(MEM48h6k%+g(og@<%Q<|Da*fG^ajQSZV(`SKrD~*uEaobj&`u-ztO|m@o zbGoCSwTvn9BQ{aqQD2TQuO7*$p8|7F(2yQJ>0~H5dnPUwuyz4Z@#P3wrI=7MCf=<&emEo&!nkh=H zv@K!i49?v26jQCB%B)^%{@2n`fsl^J?pG1Woxo9FkvB0}j6GAgTS=Ze2zCZxr}^}- zZ*qAu6j?-%_e)#ODIP99ICF59Hy7lt?%0Fcla;1$YBnAEcNjWc!L%k16sG90!wCHtT9rYj;>KZ#e~NayZ!jZEkwdL4j}xnrK7f7vBLMdQK} zZ1ldPiB!n7N*#*4JS-1!^#7Ci?NzcY-#2U0q5h5;aFKK4lGEak+PPAjv*is;)qSh=-%z8#?E5Nqq29Xrs9J8Wd9X@wmfN;aBS1jKHlDSQ1;(p7R)SY>m4R}vboD@tk7<;YB)UNMlu$cgs{Gi zZazXcVKSCO!;k{y;w|6V&=c@^zQSNi2=5%!xUmwoW$Eg++fdDH%ye+rRv;d3RMl$0 zgrGH~^9QvIp7|mL7vkBz+0b(r(}%~u;M|g#OW|Wf682vpR;oM&2}%j7pZWn3L%ke5 zWY0ccdqr;uq~{;(*>7yqc`*w_)wY7S*Nbj{8=C{hRZp6Cu&Ih~%a6GiWgb zCStE;)z@Xe&?P;a&0(Z{i$osYOlhX|PfkcksSk@}`b=CB$z*rc>y(&|O12)tM!xfqBck#!3ed&roK#u0I zS4mp(6s@QZ+GdUZQF2n(h|M`-Ng6-kz1(ws%Am44)iK*|dJSwU9Q{HEDz9N-m^UzB zOXVAn>G;JUc)rL!x_Y%#Jx1h?#q7*q-nAcP6i9!emNHB`0lBm)8vga%Bsz7Ew~0<6 zbi*F5Eov&`+TQfdt+$`*u@jqnkEo9}TA`PApm-}`C-7_3I~@03fUrU;iZ4H^*q0>! ztR5Fl5?_8nA7SE5QIdgT^g#q#X#2cqVSRx2r~=03m2l?5VpWWW$ zU2z)PUZ2F59o<-j1W)gaeW@fo^fj(LNim{thB;`^&I@vgDsUWi)+G?*enqL}y9mFF`^8ao4MkI)T0&CMv_ zt1^Y@_EXdf-Y}?(*|%IvR{;?@I$GG+K6|nZ!~j`RIkEg>k-jcaj^y18X{4@62}Alt zneQ`bFkTMmcd9OiG{d)x4kYgkiq|Vuus1T2cl*EqSOdX(b!`Cb5Fpfuwi!+BcPf`I zM7(zp4bz3x{au$tVH(OfbNH3Tuzh0<`!PTLmqIT=@w@Z-nV>&Uf9mc%+o*G!9Z4ko zMrzpQ9?k*MR@pa0MjiMKN3ovUb9V6WUbpKV|Csf?_nF&D-jsFucdnT>ywhjs7Gk8U zSV1=~a)ICedZQoQf|aA!$KZ3Eg#*p=oZ0-2G8O6NEF|S`&mHA26x41ji6`6KwFg|t~A<->{`N#|?|9&b6v2XD^k$(8l$TpUS)FxjH z#2xH8Y_Cr46VvgPf(D3$b&a!(K+J%Dqz@_SOj7^RLuh;w`m|mc(wKxDUfu393y7Hz zh65g#+%kb*gWPg=oBH+>SEjUqKVbjH^4(ab`(X4)%5~vyAJYC)Kmo+Baw-1Vh}_&l zX2@QmLPbz3;;pE=XKLp7n3;t`YGgD}Ny!NguzkMV{vI`3MnewuTSnHm-0XzKzZ^l$ zP#Hk3Rvvst(^fS&?un`O<98I~UU zW)Dmyv`d=5;>QBbfEyHR>72BDuQDgsMPsX7hHQMyOG-Y6_(S{h=?;7H>9R-tyo&4f zJldUR4khitk!d;3u~DBJj%SV0QO`6rWbC9{%YtrvRfGcAcI|TH0bEv8M_g8n@xW0R zKi2Y>%j%zbHxAT{O0@*cyTAP8ONKIZ$tMM@#hf`MQJ^LN`^e4c^ zW13RDrBBHRjb?08y8$M|di@YDjXWD%VD?W7oP;Oe+^gSa@k2ka%lRhU<{SK(b%ai~ zi)0E90NKoCRln#y)9*e(MRBnt=X9nSc7tZXxE5n^Fx{=^RYU|<@GSa`Wr()ObIHL}M^2FcI|>e=ekYjJ7zr>eXI+KE&HjGvPYzB)Z7&QlIBB8}FlLGP;r zql|oMcQG)|psJY9I(Bz)2&l@$bMMACz{u`EuQh5Lep&ci{9y4Dq(iwcb2#A$JOP!> zBs}SW!W7Rv>`)EYB9Bw9(7-jNg@IP7!>Kac03G1qS=5cza2*r2)pPPBq0q~(7oY^} zzlvuX*u?F>Qnm5u9NLUy{7P@;6pQ-JLOGDv7e2_U6Se0lt6E_k)v)H0KVBp2n5Rw` zs$Vi*!-dat&kLAuvW`(k-O8B;$*>3Nz`M6UonGEuL>Ad1)M(4m#KFbai5lDG9jaOQ z!84EA^AqTX$^K&CF!ZMZ^Q(960mfPf%f;_-FFD1;$lalX*3 z(KYCCUDRGgZg1CeL?P_M5A7=rp_JS=doFTlPwoaeFo-cvQk~@}Z_$ zGq4XQcoeqC>|tK__++ge)55@)gG!D{G2m}>LYu2c){rI&08Tco>CM4!J`P0#!xp!_ zGWWfn0cQ$Vy+hluyPlST z?#!Q4eXE1BExlKVas40^`4!ynz8>=#e%=C37t7k~8Us>-t@WUp8${uW16RoW<2B^% zJ0U*|UH8Ox-)7*|;C?^KWaW!0R^S&GZ~oer*(Ax}LB6fWGsgO>cG--6ee(0-3uAZA zjspERnicM4`Az;y0C`_$kYa5lH;hNQUE~+9g#1@_Jy*Fr!gv~?u`gcBQP=rPl22b$ zOR$U>l4$&MF%Om$wmgUq{>Z9kfNuuyJZ+T=--J}5Fe>;P!s_(duJj=}@=c|lPbjZb-Lhp)0?y73; zs+Q)f#^#?JN|i_47_d*4?&~sp!t2kHwR0`KhZ@%`FSOOp)(8w=+j+h4G8KFx;dK@l^My7KTy#S1vW=ZmBM)Xz z5HEV5=UmrFuf;*HMY+Xw3?Y?pFlQZ@bH!^hr2@?P|LN;O?b-I8YyKcawjxxtM}6w6 zI0eOE4xH~gy|Y0!NG!h{O`m)BpZzs)YJ1nS1?raeSUxnce{JjhWBoAp;#t)=YnzJ05#?8*$n`4(;D?%ey3s>(|3XsaI4}mTAiW{1l+;< zz+rqVd$Z#4hf@Pz&S3zpd`?egOIIXwb)0 zwzTI(QPFtX*(#r0_84JpBynxmpczFx&>K5eW&hYmO=XuRn{z*fJiO)J+A_^`FMF40 zNj)cYRpyI9GLrC1xHWq%tg(AbbB%#pgOShzh%3dWGCB`cwEtGRH>+O;pKr-P&2Tfq z?}sE1R|=WW^d^$_t@f(6p}%9{9zsJBmAEytwkWtY|24R?T@rbeeXxBqy0?v`HH5si zB`S(*#KsYqLXf(7ZVr+KFF?F!7Zq zoe@axe4Lj25LfpG&tpOWUk9vX3WPOdCEDP_lznyiS>&hw<7<16s1!%z{IhB-LZ#MXra^qT&j zQTJW=fPDlSAXi&P=FgCHV^o%d)8)Ws8s^E4jLe~*adk(--*{F~A&-I87t`rX+5l~5 zVqs@KKF-b<$n(Os(L75yv{VLZf6w%o4$o(juS{+doIy=E4Of()KaQ$)c0o0)bzJgG z7_B}pD~v^3@sIjZ3Ag5h%BJh&*Qt~UI)|3xZOfw)VcJ`jO>=kP6Q5szuG^J9FTqXj zD9%$+MHIl2qJ=ZJ6I2i>c`2B1M4XuO#KO@5mRS5Jaog7vd!4xKetV@EV~*}ydLq?# z{EVFE(mQb`6PN$<{9XS|!SYR^@lL+Bp(C_(wpKg*&olnBS=zHzXGNDCRqPqVloQv~ zkDK~8-7AjQY>3rM>t?6x{2R8{TZ*ZEVDAK34KXjnzNDS#d^@6S?5j6!{Adc=cR&}_ zvz4|;s*s#B_c*{7vi|X*{32C1^r7Nn3FEdc^$9}j$IUx|){ieyUrfTj zu!j&!z1_NakqBggrK9t|&+I%=2}Hrp7-XxblrnIbUmx1R$w%`QzHXB z+ToaU?Y|t_xyuXAF@Eb)bLPBlE}Yz{oE2>N=;jesG@uno?A&lZON(``P&cHwROqYbeebkhXZbJ|_H=fx^@^TvmV(bldMFW}gZsk7yH=pVX2G%$P z&NT_#Mq!hv+)bf;`7(=-?9jFp1T4>IrzbMe0p2WZ<|7x7Y_`sGM-(vT8Tb_*O?=Za zE))GZnh)+q!BYm-%@VG#t!UuO*cC6*z)AU$opaFuXflHiu*CqBzE1+(WoIs9?afFL zjpkbjA~u0%nb`r@la6`vfPB&bOJE!brwt@x3pDyG6&~3oeva0l1NjhxiytEaDH1I; zziqeUxDnIB7~OIe+p+PX?V4Z{75FFr%!^>ihDdK6fp4~L8%?dHamany&$Boc@2YGw z7QgQI=O~8@%@LLUS1k2eMiBMg=ic~dc*Wy*BE@43xU7UjlMF{YPq6oLpu>$YA_+F^ zs95wf&1}~P#0Ce%z~gw)+-LlcDr35q%5xi1rAlgEudUDT7Rn6{%q7Plxzgvq?^LS( z+_wI-w(8PP>RUNPq^kbMlBKXP@pRehk7GG$(sLi=OJNIu%hR!?|A`$^)wZ~%EBqpx zvCW{a`Hi$K0~&sWRfVT{WK!w(3OpgB6R`AB^WVSUl^e4}mx7ezS7d1jTpH~`Ub=Jg z$XLUivqhEy^23ec?DwnRkf#$Wyh)7MfY`+nu3qo%IX&3-YJ2qD%LeT7^_bJD&cD#PPK#sQaSN3CIa!sKdkn)aiDE>dPnq{#kc| z6>Az>01&VukzZ10R{z?_&KztQ#6uZai&BYVG=i@00#i0mO8gPm6l^pC5Ztm2FJX+u z6J6j77q`m8XVXK8U%GU3xX8B*b$%MOIHj#LOqgmer;||+=wqnC@O+jL?A68B-|Tiw zNgt-RO`(+r;u&;PH#6G=VC<{vLkP%EkX=v!Y1?u+5;|8a)Ce2ehMip zpm2SQ_?k;By^gzot?~=!$CNq^A z`tl>y9gSd)6Vr{7m-zPP5dCC2E^sJzbMKwkL0{>wVGYULyng&tG2hQo>Ar1HWLS>mY+3-{;SX7@puqDn8MJNkVC0Akba_@^MNHV zZzq60x^C!Ngz9^d2G$R%4!Z%<|LOyBhGYbgGuJec=!4gq;)@aJ#FU0lH0ku}^IHCSiV+}6@(%A$zhUlyV;Xv;l_N*-Y$~5OFdrmdw^cZFwQQ@ae#0J0%!F*w zK30u-%|;J|LkMFjLjjqyeTexH(1>eWf*;3T`soCyLWv1R74B&9r0a>w^EpC^^Fx=_ zNzDy7LIu-4J3@}}!~qP5E1&nB`CI%UJ9G3XvV$>VD6s~?$4t^bxjYM;ZE`56GxDia zO=^l~_;hg#Fm${r&A0xzFmV%=E($kG{Et=xFVgaP(d?gZMTRwm^Ed{k_5akEKPo(k zO%L#{4dkXH1QVa`OcuijcQleDih0A;cAj=DY;gwfY#?Py6Q1KPy!@UNXT4MZK`b@0 zqZgXJC7#_tI`5G*pgtiPhSYmncdP!!!vD=15>H5^|ClMU<{9KtPOP>vqIh3P3^-Oi zIIb2Vr|q`}cLTp<^veHw?3pqIH7V9U{zfOp3)9|wBHeH$cqtu1i(f(mt@VW(zI?9d zPfhx2hG$?SCuUPmX`^}Qx?%{NBsN;pUk6Tj|=Cfr+W=vgq-M5i%#rfXY z1G9c%E6Ocoh15}xQ#j6ThmQOKnbcB`*JqpjQ~CAy0vKwEKe8sbPbg0ostHI->mIzn9kXOAtr@;=ELZgH8XlyElN#J^JJ|PNApT%0gxx85i@mxdmEq@(U;wUG`0P^sGE)O zvNnz3gu1n2_PCL zaG9T`NUtdW&xvqXX_FQz)k*-G16zSK{3qmHRnn!J-dH#Cmjj}<$7W5vAU}CHaw{c+IHAHW;E$`xFkqi}knVrkrxVyGUs~NXA@Y<7 zl49kfLAoVhB9wnQKs*D!A{)ZKBwx~GKTrk~xx+0v9@74?R4qF*(-^XY_AvSPc~a{% zp1xN)nKMxjGu@mj;hdW}^6yj&L*z>yC#sly@X5yq6sxlvhhM3>%4m|0ZEk7pL~dEV z6ylt}zz#Z0|Liy@$lv8DX}RDzGD}6enel01{^Z+>T%8@PWJKfE@{q>dw&8SZ2ej;eMH4 zYKtO0#ZnSJhwJDo>e#3qo9Q{dYOwct`G4G<%6DRYeUEtINwtc;`0Pm~7}OKr%y;Nn zq?)>6^5cBxt;ynBg_G;uPKV|Gc#jjp!FX%-a%;L)7T*cJWe42!fCZpMGkFXeSXsa%wVKrv~S2jluXvTCACg`_Ph>z!Gkl~{#{EqEB>UMQdVo9-=$b3J%bW{D z&TIsi4K11ICplX+=B4>!Ll>%QsQVl*D)qw9Gc8fei|Gkyv}-m9Xu7!eXh8AMy~%a? zwcWCb;HNwo1+`?1t1blb;}{a{7p3-&vf0fsjy}M^5@ey%8F1Y=hZSy;wf`=o=DP%9P!`J=o(j4RWSa$x~ zDPiKYSaoADl5FvVM9OTk0Rz&XjEn$7g(H1&W3yrL75BK;)Qo;PB%6;1PuQ4_{<({u z`Xl9cw4MKM-1^Ag=7rMo_bA8NI!i$jXRM{!vP25!YWH-1yY_HjW>iGQfO`bI13Gnlc?1F zK76)}l?Rrh!3QNR&4;J~-~28HiaB!K`C}&W;OkPt!!bBz1gkJO?eiB%MNM5GNYA@k znzNb^h)CHFwzmP%*edC~Tgk#_j|GUvI!P((#*3x)90bC-^s`qDOUv)q5>}R}1iy(R zJ;PY}&bywPwCit(@hrwW19R5;>O`PX4>lkn)%4N10YPbtpzq&Rld*Fb5#4pw!2$R? zz>Z{W)I2Q8^V=3VD=Aff}ZP~aJp6{$xRC;0v{~)&hENhSE!RPTRV!{-&)64 zs*3S^w6d)~aQ^3T!s>1ykFHd~>|6btQCmXps!W7fjGXOhr+}*FIs}TWAKIqIS1iUL z)LWr)3pZcveghzY>Oi~;s`{TDNEC?xU5_pq1XCIrhRyBVb&)j-F8l*nsv8L}y7tTv_*r*k_ElPo6C}rH#}aXS)e70Z)Q}9FC(PmyzS3YX8f|^Pn#I zKT7k!{EIa_Ly|ST%_|4lt6^Gnwj++$bwhMEeazJY9Av-FJ5+6mz~AS%wS|}qLM&fr zozSNCiS|7)f%`kSdQ(|F1KeBpQM%2Ikd{z+v*wX~;qxAQ!k6V&vix2yYz^QsJMNTBhpyW00gkPV^-|mz$QF{_Z`T!p7K^VaIAxknrOA24E~lnE34<8 zz;ZcXhY(jwE$3FxcZ97?NJjNzA~CQjJE!3FV$O^O2Ja(*h6WC84{!dK9zcRc6P~~2 z$}GtWPJxVX@TJ#hDeo=dIb^mmD1~0@4;A~KE9Pv2{r$-loiqKti+v1kF=u>u>5t=7 zFc&WaREs`Lb%cgufP1i#Akt{#sa8Go;-Hg=i0i_@=%tBX!0racfN+;#K$ z=x#k!Bb`2feps-A`>@a}$z^&MUHG>Z48?PS`Y`gge=W|uYXIcl$*00o<>;JC-4vf; zwq@63!qktQjkoA%ZbY!S#P-=BUnm`{azsLwQ2Lb;p*fn6otkRE%giZl`f}}R6d6kJ zawxunYlk;@EWMQ$t7CYL#-eVI-n5$p1w7LPj3OECjiXCKRsS9z(^{;uf1PhWDk{Ia z05UCR5;$6Y*^0}rYUomHgUD`VlRVuPKTIZY%$mQEc)B&=0d-l8BFA1X`2jHX$sSDP zA8dy4!J?_PlH{X#iqROHa(^o@M6=fs4Tka6ippzT!KC#?oiJz=as&4r9wVBgSk zySj{8s)FM368UUm0`;^}1X`%v-UBCt;k1}hlaIB^WO$}yCZbet)FXld|D^O$dTr1y zA$j|GIjx2123RJV!$_XlY`WMmt+pQ#F>71?d;V9hZz4C9rq;o5kWCta`>ztk*Ky-< zv=%BUziBP}^za8@y4yef98R+oTV;0$F&a+$5%^fuCA{G)eDSTEI{u`c)`EWC01o1( z%h&mo@?beqkk8#}zIrs^*I#hF+_oYdeBV8pAt3d1i}bj_5}@&PyMVntYJgpz9y^~A zi_AUrOj}`BTkVI@fqY(#+2)M)&&$`_A$Z(~^5SdtCoCfAV_Tl&hzcwv|7u*1kV+VY zC#y{pQ`2=>E>MAzaI^EUcY$t@szUhaJ{~a(ef3ll+Vgr*NHysx$9AK{4$zQI(G>0% zLY5|+d7fgO$$rhBbqXFJ2mG^_^u#DghK)^;W^I)J@4v8jS}HZBxcsHELLn6}Ro7)$& zuqjF#?;|X+-2}X{-5kP->q(??u_+GbP$6=UkAjBnjfv&ue^r*7>>~`-GXN=h8f6iw zt`s&~%NdQ7yV;F_ay>?zv(Q_u2%68v`(H#HK`v|G*=}fxYltn3vy?7J`HvHT&Z&!Z ze{Ba4a&t?Kkz)c)v)$m%7KAA5QD#!I-I(5uv39dZjYOpx5^WcyiqW&(%+mEq`1;;| ziI=Oq0nh^=s*4B{t^d~@Vk18Z`FizVq0hgmZ!tk!cw0MEls)p=50PA1bgR3iAFQuQ z2Rp9DMnJXApBe4aXI!+2_o?>M(jy=wyu04Rb1uan!JAa_+ytDI$$%lArv=zercFIk zqL(SJk4=C0#6^238z@QN#g-={h~_c~=jcN?*;g=@C(EttbH6iN0XdTXTxFr0?DO@x zcKFMa^h8$w%aL53B#Yrxfu4p1^lr-1WRP+$O2uI#6KL5sxd^2qfU~~VOswQH!J(J$ zOTtB#aoT@%0i|2-3k<2od3ayW)e18)3!s(NveI!e%D>1q%_WYcA!(N5T?E65(M?lB+twT zw$WUg6zvfG*bM8o#iIvYe+CHf5o`{Lx(JMYPRY`_a>kWzV+l{*j%Px->J8Q>X%n{I zj!|}3Z3#cd575_GjhMD_)Y(+wmhIVYW> zo>FEt!+gYrtL_NTwI zC6Ak>$g1-0$Ni@&M+-Gb9717PasIQEn3J7)G~JX(X0%gAJkwfkG54ouj2X}5_CnwK!IwIOqWu5}ySWX@x*e>d1K9yi?=M4?gc7VmUxGK4}yNm@-E?jNa};Uz8h6WCn3|P@d|Uu#0bOTgB2X?+Qr|v zA|?gldh$4=p{zQq;k}#@J&kJUI^ueE+RS==IJsXD$Ylh2n$ON68}o&09;Le)4CYZ$dEe1naHx#W16yP()yo zwjRs(gwWFuxKl2ZM7Wrcr!Pk@hii$w%G{dEeEgj)k9)=cD-?lztz%N|a;!a> zDnblcbJ%y1B;qm2q~jsn&7YaIXM6WAzFrN1r#eV-6@tlee075=BA_}2!GQdgQc$Ok zb6ziv8TD%b%f<&F9~+M8@D;Ns<$^i_&a{V{K15z6L4`TJOJ|B8AQpvQk@y!1y>ouF zX-^2B59BESq%p`)m!~e2_4Q5w5JNA}82!`R$`lcWuzKRn){x00obco$Jd*A&@Z=W+ zMYkydcIwQanPNkd2qz`f$pAa1F}EOu6TBjX9SAwxY!Qe1!mq9^KriTVix3R(Q(laN zp6EaJd&Dyv|ED8H18ST|*SVM{qsb-@QkXf%PkBir9F4f{;q!?CJUR6G0Q9uzvL`1suCLkguR1pCs6zLtL_uixgEGQsVN@xK@q<09RNf7BRNT^AG zC>p3V}zw&5PsWK$enQX*)sTA$j5}qR}q%y9|Qn@x-lHsJe;i zK%Z=6_1hlT=0vF<9kCT*GSg2{xzQgZ>z+$t@gsqzk7TAhg>ucKj|H#irE}VtAyjkC ziKb~QHdESCAFO1uEu-JPte-7rFAVyU<7PP5TBc6XK$~xRTH^|N?4MouCHnI8 zN~P8r$4y{t*XxA2`rc=*yE#p#))!eZvGnk(Hymy6mp#_$paMK?#%ENROF$!nxtSW^ zMCK~ci0sNk@d8lvc-dFBBGC0~>h3zJlq_bZRp|dFy#2GW@BVCmd!!uu$VM;s z1rXqeIaN+xb)x#^GvZ1sBi~7@&;LkZrsBi+-@BI-XGw@oFHsl*bK?B7yn1NB$B6 zdYe6MF__Y)y%5hVD}C!E_q9DAfWBY_hR2MXjjL^u-C-i@uGy#Kbrh?&ix1g#-dxp>3=@iCDn1z%S*?^>;U-s?pT#4 z9)5(F8Q<4W;sK3g!s##M2%m62if2LZaGh~~GdPaB(0r-m%8iEDJ9#C@E02N|;9&q9 zdg{q$^CNDjyTc1{7vgILLE1b~TQwyIOc#rRfyu+182ZP1aTorM;Ph4?^cR|r;w}h$ z6sF+#9`=Ae!4EiPsB^@9LGzTCa7!EgR2yM)`2`St^YsjmWwk2oxbjMVJ9@%b{%z{c z3SAlIf~C`*+J(PPylW)=&s%s#kCcb=GHUA*&#-APNQJrskI%u)Tt1#nDq3f9WNzPjyG$ zuwT`C7eaTTL;Kw><|1&E!hwjv&#LpfB3rDkw|y%gR|QfKHA%`+j6<{orANBWa#I8C|%7la8){2|js6r>Ap+MM_qJfuUG@$bpn zJmzhQaC%oZd+Vf0isdQQEoOcS#$5P@g0<&inAJX-;9EZ$!E_6?xNE)o7Y07}VSKe&Q##7l~T4Hg+B zxSWF%pPc9ks&?`=^hV%ko$QBFR$c9fX4m|Wb8vt$wLtQ6_xnxva&T9$+A#LPEg&(i z{Syt;JOr|KKAK@Af&mXD3`{xB4TRB1PE>1_BlAuhOR%&h*u>^_x`!Pt+8SZ_Ssl0D z+m{oNExEUim9JM^?9x1432OY1aWLX3dgcxBXZ?*pw#-T5$+_esSc5ov(Sh}m#1fl8 z)E@7pXdecqJ4ehjZ*m>Qe-%g2QY@r=E2siZ{kT2#E%2D1m$YoCAfl|)@cg=GkI8pw z-q!Ti|0LT9&%b9684vS_tWdVkJ_y!O&sv%COmp?}`Mw*=7d%`gWNTH)FxBG<94}^d z)cm`&DMPRL==Ig#-@iqvUHt6Mo8$Xw&yj7-ueH%>NcP8GD3D~PYMs?FUCmj16d=(h z`aMJXzilV-buClC5$t{acfS6=gd4rDt$!>&y5_*<@;bK`b(nN%2XF;*OBil@ZD1l2 zq5{i4);{1Xdnfm7q+&$&1~4AB1Q4<+Z8f#uds@? zJEr$_1u7rjPgtxc9|Zs3yw0{&+YOuBcUFuI zHkWi30ete`4a1nBKok-o4a)foRIdDs<8sVx@P<;JI<=|TYYvMCS9*HZ`t;J}?10UY=dqbuHcwrK1P` z37E+A)rI~;%2Db20XG%(V6vYyu?@Ul=k$YC=lwAdG;p!_8#G{s2QG99yS#A#%HLPY z@Dm3f8Afu>4X;qH(5uD1mO=U87N8+{)fkZTv{?5cB_;N-B~7b36{c;1$g{vwe{Yv_ z#=Ea2EgWmX&RACLABWVqsC}3OlIK14lwDS#i`s5KR zLYB{2d0`0ifA~b$>9%rqL%xGZ9=Avy%^*g1>nSRt-U~z?_z5F0fRDrLi(#jkC`?k( z07kcX2=fnxn$nO@JB&%XyyEdc*!^ZSud_1vaMo=AQ}Y{kTDi38On{vxXEm(by|;)G zCkO>ek$w~21sD{f5O&Xhn=SV6*f#nVF-5m6@}5A_p+9xJkXfTUVhsTNv?+(I2Kwrpm%t~H8({YPaB=57WXWGtqB0|l z=5GKV!Jf7Xw5>0YSHioaP~=bA>m@4X7Z`*beF5zGrRM+a8GW`j4sZ^%_5Vyd>)WH8 z4)VRxO}PP#dnL@1>K8N6TM2)X>fmJnxfz^q4m)leJ@-Rdd!BDeZa%{O{O0caVlXbV zq04A-wj1m)F$52P2d(*jbN+ewbqJdN#DxB>jMN`88`!o`<(XhB4UcRL_F3hCs1{Pk zsk)~&%JL*pV|j&P_Oj+L2-9C6c-J)!00?eLl|CUJ(|)lcG)G=#&)W1kqu9@4_H35z zxwvxl!q>IXWqnaplGmf(e&(N)S7qPD^)qf~5bw2&xe7;o<53-xd3#c;b7ZTCLB581 zqjyC~UAVPq9jRkmcCsyxZJ6pwt;$L5$J5#|Qdg_TX|0Zt+Ytcq-s@sTaPGpWe#XQu zMF-E&70z~tIgrWllUIthR~2vY(ft&#*yyS#{L=#kUPyb=c{}KW@vjvD8HUo}F*qAj zNB3jAyNb})UL@ws@*2R!&sB4~w$Ek>te>oirNY#OZ3WH$VEB-<@fc49;?0t}nHaL_ zSOK;-!?04>fmNd|HmScg$@SMrPv7G(KoUTU<5%rECy$$vOq?FKI8VMSeVZihw&c*z*mIuWk)?m!f zEB*&N4Mm)Klx%Z*l8a0Paghz4bRgYt^v zZQ@8ROhVuL&v?xA>AiY+f$6rbU(D=wdElY1mb)r^8j&Hs9sUYHKqxoRMLZ+EWit}`^V4Mc5@5(@(8<6gpyqR?v^{FS zb{G@a@84tfO5{%$k3WTJgXk(=!AzdiQu~8e+r>e2Mag?Uj!Oy(e0NtFONEDFB}G|& z99uGe9C+Mna>8~0_OQ0hN)g-Nnq#dT4s%57sPp72=Vd&z$vl?of-KLXl#{Py_(u5x zn4>!9zZcs{5B+?e()a5|MK^wR7)3S8DpUJb?acQA*Ad%v{i$VryCr5m)5H5aLPiZ2 zmO`i&L0qC2!1-G_hJkSN@!N(mgq&`YlZQOOqRlcU5n$0a!(%jf9BW-IOo6**IT{4; zc-zTV9>7Vd&t9;`DNHXm$^-adSIh@!6^7392VJ|HgTe@qx@vK4r^{(a)q-@Xnx^+{ zi9^rJY+#8(Z($E+$6VpT^%~ETtsPp2Fb(q{JGyW7#$J`d+J`UYk$v(Er6j+kNWsIG z&cGks;mfw4VPA90zkls(d^oN+ue8RodNQYGwQA&GWrCAafY|+CLj)9;K(=f^6bbO zc43@|_9V}+Bo9wwfpDY8^uneGk=a4sKLa^PI&&ajKtPz_?cNDA#o{=nf+1~rTXhz?>h?R>Wyrjop54vT_{_E&k>(EZg#qA zA}gAA7&E_;jVh&*9Z=jn1+DQSwDbGniZEH?GQ``}!WK^t~g1VT@J9 zaA9BbuKAnJt}dDt+^ZsoxYv9r&P&^W=7KQKnS-`G-ez)oM>pmgy-OK#Ir2OYle-P_ z?%J^}F%X%x(1FhXT&R!Y6>sV$6x?kYElZ-~M73ExkMO{eTi@jlh(-`OgH{;vaLM%?@**X);#pb}U=Q41+ zL$R2zGMGCkRjbJFLESZSHXq^v=^krZ~B6)0uU&7x>}k?Ci}Zie>=DO6TjMq{+n8~4?}86uul0W+V~Kp)N_(-58--zi9tR$Zezq8D z9zi?Ay*gHH+V#0QQjG^iVWn3u^YjC3ruLQzwP_qVlcq7tZ{DEZ3azNqe(HAA}D3sN3zF$c<%)Jf-Mqmqyhu=N`? z+yW|ri1P0&8+3Vi*6JeC=yhuOzD_e+XPa{8QPRs3oR6p)OzM=!h~D|yi$q!Pz<5JO z5M30KJ!bk4LvOjD7=Ede4(E7&u@&y;ES9e4`XZ=G4Fu>fr;6!;0vq`z_HoE3Dn zRFcNx)K-^gRcEGY#`Q|@D(Dgahfw>nkCN#mh%T80v^tKAh1bk7xnD@c^Y7+}{S|ag!2FycSo~gR2-y5*2n0q5 zm_G}!juia$v3;%o%!dt{P5OquTf&k4KBx=*yhI`$IeQfxCRgS6+~ya`6g%XqOFsJ| zN0*9TWG^AL4l*wq>XpT~G5_BGg0`|MCT%49H;+eawtVr1HHf5_Us$zsPLaH+BF}mK zJ9+^1Bx*&=C04o{#^C?see4%;TE1>SJ!diPBK@y)&|=lAzb$X~pk4Jh9-qN}!BmQ* z#h@rZRFOWU-UaF}kzUOfQ?!@+&Je4`;v{dP@5%*;v!%Z!aer=(1?&&AaJ7lBxo0I- zbSEA7h7bCqHrd{_&YzRu{@>Kurln{R#jWTfRH32UEG2jdCb0gs@yoB!Rf^qi#q_mU z+^48K*$f3=s;#$s$0<}qAM4M15rysxUaOwiLrV6RY|X?y#*jnXRmJi>-rcQ2RG;DM zK)@0MAXMuj^E@A=LUVowl*t!(;-&@hM5~D7)=0vAbQ}w^7()E^<3Z1BO(ICmFf>gw z2i9wNTrCe(3NY6%lbYO3mwctE{KM$5O|tj8?X2xB=XZP2l8Ks^Y!#f}F${vTH5aLC z4V72#2uq1{>zkpT2roY-*MDEn^k+-oxY)|5a}IlEc>GF}yrNZnGa||Tout_66Jd55 zp^$g}ny3N8?|5+as|r5#qNY;#{ncB-RTQZvvP1smW&1aCn;xth3bQ{hC60n}HJuqy z8vdv+Xy+(@ZJjroLsy2dFy8b}cxKI-RhV{B(HC!f6v!|%#^e0{s)Df9qehRBEbSu6 zD?`&DCVkgSuICb~cETfH_AG;G(|<~^XclcL2t(9>foz7pD@X1$x*gUIUOfn4VnNOi zS!osJmj)z<@uk1oS6#nz=tdHo1YxY~UUF}V6{7FUdA|>1Pd7#*{pVOqFSENoH(#1} z=!V3GHP9a}Z&gu3C%341w%q6BODA#`&X8dO=|Nn?2;#gN-<`K=x=~vN`Z3{FEUihJ z+ux{*f(ocg4WHx@8A4+;4-H&>)@%{E$?UfPP1G>d7pf*1xGHf~&?-JFQoV{fDkv#? z_^$RItzy@0dZ@+YQN63HZ!CW)+zRb%uD7PClB%u@EXcSXiDU?!Y_3Z0*D0x$bG^ zN&P%BS32;<-@VzS(tVjpwAdko@SIL#z`$v|X8$`ASw+7ly>*uIBJV9G!~a+)id0%` zI_J*AF??fetK0m0wjs2l-rn^WptujjXcKXgc;9l2zU6J{j{lYfGVZ-yPSVck@(Ufu zy#UqiXqqOvhRWPK_wZBJ%&yXD+x-1-BO>xk&EELk%DwgC=1t?*L*lH;lzj@*e?X>* zf+6hCD)93&yPcfcIbce_MK=7|(&AdF8I#O04b(=aZ}}O)_XvDW<|%Y)d@ZLj(pq#~ zEVatF#q+M1ZXuzK{A>4?x%JbbEI91xP?yV*j)`SnD}$JFS@*J6)eY4^A@ft09;R9k z+WGC|uj2Oo*g75_9NL*mW4MSAMh$77{!3xVZsatSoFd z6_~*_D?Qy3R&95`dNdA)N#DtE{()YP8X9uJ!Ltd9BemJ5pQ`Rx?fJ~B4|zs;sx7L2 zYEQl&j;~~c5;LUVE-$TAy#Rf_TF!Z&{HCz#DBSb?bnk1%=Jv)f)TAvf zsl!5heZ{W%J2T;{s65WwX|!vWo3J@cGAR~zF}HK$hFF&aF&FM}aeB1WED|vh$T1sk zQd%H02`USxo0)%PGVyi^XYouamvYDoaWyab!CzqZ!ZC^~?Rk1mJ%Lmx$9Kt1B zbO!qjrs2Cdvy{6vkEPDmtDzlu{P?a@$~nyt+iDK=J`HXN=l&vWqH>ww3t|jN$UaE- z4Og;7<~@IRWzxzq`uhX4mW8ic?3A^a%R`CqCnE86U{@SHA7b{$TZ0dyg zuV%xQ`JUC-AHx~)`Air?b9MR2`T4B>BTSDK1LLjWAeBd*-`Ec+WV)AlK1JNTXr^Vr z;P*@u3>F=y#)%GPS5{Wu_w=pjFUfYR|6b3JBkM>`x=40Rhs=?WX6d$7sxZKLXIE#dBQEM5H*I>yL>^r}Xc}^x#v4J+201A=*T@!w z8*}FigU7^-h4zDCrPe<;+m5e4L3!8DPM@+i@fsJNOD!XJIGIKBio$=bwiA2zr;c(! zIYlQj>iv-&X}9{F8R+&8q~qF0@HVWGnbUvfomvlJ?aQE6J*_ax^~`Z{SR5uCcCIM; zVtQ)paHXd7NcLI_qH^ur!Z>|WyLY$|*uL}g7-Ssei!D=Huk&!U2j!S}cLi<7H{=tx zE5nR9)q;GQ&TA_6e#MpU5l0Oc{xly(8YE5FJZZ7XEt!3PIAtUDV6vvhx&PI*>Ajm@ z6O?jZM&egACqPeVo16axg>4vKWy%_~kUzox>7qY(I7z#BeewMGc1{GnXb|&nM2+5@ zWuy6$@8pnaMPP#4q+H12t6uvT{)L8lJ0oo70z{T=9C4yCp?c`Xbl$2C!ECD|xWvo+ z!(j#aK+!0SUa_$$3mSeioW`3gA}oxfHHH*EX4Pu8N48XWv*B@;q`ZbE1?R8?*LnG2a*T*kL|U$!YoX!w{D7&K34nsCwq(VK z1djPrubS0izaE7<%T`1|JRlgeEA0j-J zP*Y9|FA>{uBi$jAg9cN}5SXzJgNR7O?IV|o6_ndj~5@xhYoBHg&9JcBp>h|iC_4Q-E&`%Z?jI(_F1BGI5 z?e%A|B`T8kXhk=Oioyl2Td7@*q^yp-i@2V9;Bm-Dg3m&YCqE#d zHQdt5)y7d~N{W4?n5RQca%0R*8c!^g6c@K{J%bW4Q7O&xJN_s2UuHGU{aLd=X z!y-(0>(lmFq*HtYV)-K_vT}6QL2()H=W_=>R92-nY_dQb>s|_3iBvc^Xm;+oK2d%; z{|rKb6)hh9Au{Oyy(XhrTLctH%bc8^*#EFwChOuFs&-@Ox6@KEMA!dn+#%lX_mo z{CQ-bTjWSZ8&4;pV}TVo?dxfhcpRdENaB8^4(1r4}3rN-UeH|3MEO>nwdLKNDf|!lW1%kA6#6Fmw+NEwZg^qFEv=QNb}W@SFw7gePDT zniigj%sLdBwn&jh`TNUmv^8~zSVY<{R_}~F$NiWlFsJ)|(qGEk+t!Qznd#d*2Q4OE zNlmD|JYCxM!0CP60D7O@HqlqCb23t3VJ{we$?7!t0rK07ooo9zGBKDX5NdqWPZ~KB z0}e=tW!PaSy4i^nP0B-X^FT8%M(h_q4+tY>o8#+RZ}nZ; zUaQ`{Sc$%24$$TCS#ZUeOix}}@EwbL+W7OW2NCrTA?IzQg4%&2xIZ(|@xh|NVGb#M z%A9QEIs1KtDX>$tJ#hev9>PD$bW4SD#6nP|4L~V*kEoKYzqzFTU6rq3`hxrKO$|E719^NvbJHnx5nbCr`-2zr~X z`R*^t!YTAtg6YTYBHvkbD}}K@xcw8y=3ewl)VYL{8Fso;M&M)wV5DoD2>yflGmD<5 z4&nZl-&?6=K(_lqa=E%aEfL`oXg85O9xdEAu9O|g${qJ-d!lUJ>lLEyNjIS=kX zCb9p@F59Cbr5Qm<>c<~mw=XM!$-)kVZ%DNBmom^;-X#ZE(N(x}<<}lGOA3V!RI8PDSB#^{=KolVHu47;1WN|gvr zGQ}3a87}n=rb0>j{n3~DhWyU+z5!N{ zh!RK+Fo)DbGi=rA$(x4d2rzD1+|Xg@EtK@aGOl~Q9)-?}zxFO@812*>_zcFSYij;@JYemKiv*N(k!055ms|vS z4Kc3%I)UbI%FdHDNkqVps#a8TJY4Cne^uCd02)H)v71tls1W#gbt!$rn~rWSWymv>O_ zzE|=LO#OUN@6lI~A5b%-^1CAn@iY@NWKx&U2VHB)DWePl2Brb?rXbldAv$wxVr>S4 zc!sm0+k45nMN4cf@Y(j7vZKZ)*P#8fZj%vQE}b{C+>XLqk0>$*wT75xMGeyi>!7*; zhu5ryOU#wdw+igaVD?8k-DjXWtrZJ%$fm}R53@y!6FHSW?)m)CA;oG1)zdc_L+!?S zDh0Adf|1TgZ;p>CYLay=kSK_14|PcQ?g2H^Gm}9RQT(Uv3ohPf$niNfv}Oo;H-Bo{03 zrk6|g*7FNf=+vp9zCK)gi=L9ZYpaaRV8*?w|Bx(4twmLDYt)hUu1TMlYtlK*u-9CU z+?Q85maPOj{M~s{s#DJxEDK)*p%dyGizfR}Z-cHjW<*s3@8;;cET56%5ZMHU1*B>< zq9Lrg$#88a{R$EpB*%<39XcFJrg(;1HU#hKR=BoVq3YmLb8#s_{o!ET1O$v@ukS}Y zeaYaPyC-tb)B4!Yr9yGTFV2!U^|)Z}=hWHFT7#|qm=^FnVQPw(kfOveqR^#UA~4VM z_MWI*00*1|o#Ob7Zm+K>I_PT+sM+*%74O;9ZPo2HHHQqVxC}r^ZsHw3$;(Ah(yDdA zLIkK6J;>eqgqWTxO304M`{87PT}yklM)jo&O>KaE)HaKb*qG)!1{UeLdLAD}A<$@O zbbB&fw>of{nIsI?hVt*gj+1BAtFSffc?O&*O=ifzUlE;jLt*#uRlf=rY>&2|w2hF4 z1ZJ_gXXND!215Fp@6mKDNprthL1v7jP4{X3vtr$(IRS@l-Y~vUeMG)P%@f^0uhdPW z#ZN%@Lnmbg?L`Ssur?`qDM0tFvC}^u@MA=}#{J@p*3*Bvf*ey67xO+|q{rztH9U)6G6rAUB3*)8lo7VuKy!EYD`)MC_u3@qn6TDKyLqW} zI(}7q7vJWkYRs9FRYr$Wq0&tjGoR!zkb0|zuKFa4-;!&!Y|0p~Q6@)3(K;zy57h{l zUcW@u&U;O?$|6)4ZU^4$X^YEPegMAqZ_fgj{~=)iLu8i)99A_d=whL;;imKeSY`c&UJjODKZ&v zhQ*V~6dhcV_3+!59`~@Ke-71*o`fBet|@VymKl-x4rv($99Y4)tRMW_NxL_}Z6dbE zpOgploaF37v`l~I_{laJ^m=^#7-o=|V`qcU@iV{VnP@S@x?f!RK&k_$PZDV7kuk@% z3sDt#Ho{j^4+Yvqg3YlN15^cbuC8Z0JyccbKMg9t* zRKsdMqi@b!5Pn!PBf0hE#NmVDqRwEA0vd8R(#O4m5^~oB`iCN|=W6Pg*Z-^xgX+jVSquAz>9OcOKRG7e+eh*QSbkDtgX4wALR4g`sk zAw?P?ksnRM(hiwIay3HohjJ7K$(CCrL1O$@Tor*iKwZhR=Y&`I?lJi2P0^{YA*)M` zPNPX$%~Fm5fpJ+R1kE#Av+SCr&;dQ)?%%TzD#3(Ah+GmC1dCw6C3Q5;?BrsI)%oBV4BmzhT+EWX+D7W=zF!{!MyBIi0<8XmL}!(%1Sug zz?Z7PYFTd{)Y4hiuCNB1_3GKYeYEn)X2}z{^Xxjh9EN@&mxRw$6$zXgAl-Tlg(5oN zhmNBk>py;1prg~^Ty9uWf{`>TuMzd+B)!!<9YN>yMLaKy)bXzh=cL`$V{fp+W~m^B zQE1ZjKVHwT8RdCSR~DJCPoZet%C<%k&X1Bqd2x9cRW`~z!V+kVqeb(rdEQPE8wg=K zF~{}@$mmr)qBD-?OZsv5?m9hM6O!(UH+eis2i5(%6X!Vas0uG>gTGpuD$gxDQsWPL z>Q(sto~Mu91-SKA=6jcl&vWKa{4CO?=a82g4eToel;)24n+#G#MVl=y!!hFo`R8Hj zGJj8+#1-R$KhbXNu2&-xpKX1bYHgfYN_1-~(%yo8oP7pa(rZ9%M9yNHmr&)SG;Pam z6*J61L%}9OlABOE6Xt)^44_HR4V-2~ISc#%idP+JdN{YMII#d^Jv3Z~7F!@o%pF|? z>{j_T$^oyDGl$M|kA{p5D=TrHF_{3j|C|!j-6}#JG=DzZ&`1*5sOi=sf1niX$RaUb ze_rK`HMvzJHwv#2)I7*^wb6rbcpvREs#Uy(5}$ZD`o*)@xgOMs6eMK2PRkjK=KiHs zKJF$0edP(pt#frbsf!c0!8pz^Dfk>mOLxU5vmmjZ@?48+@232rim020oA=0W42JbZ z>lND1nJ0pNx+SPw0%Az))l*E^FJ?g@v4iV+)}PInr@VA@4CS3Mgp^8>X|`8}!@;+E zZ6yX1L??`5?&rKL$HRbfxd%gA>xO}|h5Mbt9tf-B7mVvuTiP6zl%ojnQ-dxi9N(8R zUuY0F>5*S+wiD2AUDcsn&y4$qq6dPur9d0B0(3?;BZz#?-f~VS+$f#>q>DB;C$6gLdtz z=r}rvYmPVF(KVX#FiKjgFJddR($8;mHE}=~kJjJzkWdpvz&9fl3yhX#MtKb;%h||T z4&~xfynrz%hmQ;>Dx+I8x)uZsIctx7GsH9zWd<^gTSH2uw}nVdEoevkw^8MNSu-1 zKdN3mx2xu+^^a;+&)I_~HZ9xwpruDGK{dB3hWrWELdMHLI;}MQ9}WCV%eDVe0(1(r zUY}O9fv}vO))0V`{Rtc*273Q!te5C5>~;&O)uOuBEZaJG$cSVqpFwS;Nl2>`({?|| z$iha?Efhe4vj`Q2At8tw{qz+K(sAQU7fIB>2IPTfbQ@kq5UHhp`{9}_+bx{P(2CI^ z4?Oi`a1p_xK;IaP6qzhPKoB(>UE2v3WwdiI$j0T1GBZdc;SDETlV;JJ2idqnvF1_>e!+<*8&(y!ydp1kR*z9@0&kEFI;ngG`qP168IO*8 zL~9qqI~5x=L-I5>5}!eixD8!H5JLmcEB?}LBV6#?@<<$M?h`T$NAlDQAY^$-iA1z=jg@Wb&8X|5Elgn-DD!F4_G+HNNT2=5#gUo6Sf08`?L50W}Fz%^Md zN4SxLO1r&1@U&73thnF?&7&#OTxD;#JK0N*s-pqYRBD23fXGi~HXyu9vIBvW<)|H- z@An~1<#!#MA#K2madAyx_Umv++a!_};oT%R(Mg&smJVuyG?iJj;*dBa2OC^)o93oF zdFy$LFM>#Gbjz9SX4GbgGpXP<@WgX8I@S_!g>F zR}*A{MYapuHxh6a{51#&U8#f#21zwhS>b_y>$b~+JNz_gVNWKNbqnK~bQ4PJA#`PF zZn(o_76VT*hp~M%P^7}l1cy9zJ2A&K*(_H#LXt`)etY0~+@|Dkhoyt2-eeA=)M*?N zUq;XBfhQW00I+%HMpyzNOsmM!o=jWXpMW5~(wuc6bC~>+LJ)l!P3*~e&mlF95Z%%= zcTaq(@ETCl7wR??iQO6%Ii(>(G(Ky=H3ay;?lnwH+=JmUhO73T>MUH(}H zhNkYqs&BTloy@6t$K)I8Re4oah)<~O!wDv5KJj^0mU5TFmQRWg4Hq2BOB5eYd{RSy zjxcKJs5Z6_l@Ti{P@8@-RFC=Ngeo-kiuRfx3Jf{u2$NCL2@8bX?%;}E`8sbAHW6a6 z_;`M0SHZ?CDR6AMbk8Fk_^|p=f`!GZkgr#>Z|wZ$d|!OE=ice$J~l^W=kel_o#<+Q za7Ti@uai18q@0pW0Xy!Tqh9U&!l(RxFW|Z(!3gU3{0%|MF*m2)Pg3-6I2k^dqt>@y zw~5Q_I=9fxPJG=UOXdU7GER#q+GIE2c=nW2%j^HviBf!WPGb+;>0WM$BKzS#vcjab!Hyrqe@ z#(e?R?$I;3vlrIHqN;$i^O&)t{Pm(eJbS^OP0r`Nq{mvyzT(v= zoBiHNikQPLaU?MU7ii_-wQ{y$hYfk!DpmpJw3>2;pqL_EZs9IZS9C*Q?(CG7n}Gz4 zxMw@GPSH0n{g78$IH=ugdMk>Tc~YXSHY8Fb8eZoc@8VAr)`Xupv?D)Gs=mG88J_@M zsN+?njM#q=96+1rM``it(&{>=>iOJ`kHnsr-$G9km3I4h>bR$zEl-)$pF${t<) z?rIaGXpLKF{&(okTsx`hNiR5NdL_ZF{5DZ3nDeHZh#O3=d zylRk7mQ;K?totX}sp&8s-=M_R{Ps`1v8ZVUv@)I3eYrfT+TyM|W4Ad)p>aV0mz@(j zvfe8%VC2b&_YBW@(zy)$)h(WPoaZ%>Cf6eAU)|vSZ--UT=K)Pe=jU9PcX;E^sV;Bv z(%f46w|CUzuh2{UuzS)QJ5>BEB-h9=vTNc-`}U>qU(HppOcHT;6lL-+l${HN2y)Wi5jB6&2x+Eo{FHl zpo*ZH>4)d+l{XDjo<`;F;@)eOA)lW=gYpHFez8hU}zfpdpoW5G!G_ID`R`EM! zl=}^7?uomWaX#$d`J+azO!LgXs->_M`JQk^hRZ{Bn@NG4>i7dHjpy5i*WxX**OE1z zQp}ca`AM(e&0W&>qcGDxyLWt@mf?(YPe8Ks%uc%F;jnbaaE|qWU*{QjUVW;iW_9wA zFSlu5C-dVah1W10RL=pMwhb==-KG%^GpCM&76PBN`ZzoA8!Kc?YNbDMUeej#={Mg# z=qG<0|46r}(8Rntzt*S5ve=;k&Mv(=35wTLqUIOq;L;gWdP5=#QSE4wcg%a^CVvgy z5!a!)N?CHaW#=%Sq79Z7ZGkVLQ^4TYYxIihw__{xSNo|$Mb@f59V!-T?CXSlZ>F}n ztIJ%`Ma(FnAt*X(5h0JN?XZDbZLzL05(NI@IrSlFbHrGE&JNM(1hT(X7|hvD9~qhn!-)|~LA zYe?mxl2(qx>)#KAd19tnqka?Y;Dtr(q6C+#g?#bQ`{vxPv0wO7pn~R~U1C4;eS|(S zzv=p{kS_uH&|Lk~a$o^3)2n&z(6}|x&rNUUjrOYxgW21EugyIn zN{0rIx8=;w?aylyl|t!$guR--w9oPRP_VskT~UYV8;bvY$lG4BuBc6P4ZYr2aQON{ zWFyzgz^j^g%twt*uaEu??tu?aFFPpOM0`4>!bX1Li(9nZ6Ti5+rl>&#g+jiZnY8{N zQCjB|+Rr-6Uv^$^w;l6Ko+x|sMTapeTskHQ{*N`=cxEBV=;4o(epcAAS1daM;R8u2 zo(7!PwbB$nCs7m+3{PoX>Ww?A`pxy*eY27>>g1-Z^;dL<$&Z(H5`mXiK3Q9+-=BP0 zJm^&JQ9OvyZ=^9}Pa84BXr+%B(r-A;25?VIR)xPImu1P?K!@B%)1?YLZIcqWZhkdV zxD@6dXkQcY^L5%CQ|WGA%0tP3lPWvI8m`*NNj{$DSFRQn&icKoQzGiG!~OaVU)q3w zxQ6X#b+WN_Mz@4^7ur1Tv0e1ZP^%5tw7Lls3=rX?p3{s@I7}6O>mKiJQA2|=tbzN6yZn#Fi>YMsJ!VNB^R9l`3=3?!}sMV86G|nod7+ zL39E}wfEJE6f*yzP(aObEqVWkqHtxH*IL+0?&Gx+5z_@O&?QluPJLlhO$so`(WORp zT}08*g(zgtGwn}+#1Vp02tnBdL~Kj0({Fa?yqwHc{*{*45HEWeQNr(W53}kyWa+T? z>wX0;!h5Y_hCKfxGUu?p;5Ug8_e%uPMduOiIqb>mkL#U9)zKqXYlE z4xH&TBxkyD8nC~B1-Xc*!VTok?-%VUf6Ju0vv#^muuU4(L_arAVf zaxqdfqzICB3`PqO=p+bS#fshVSj}nCgh1BLR(3}(o-}tc@eLn9Iu9oGidjbMdmAb} zR$xQn)S0^Ud!T{v51G1|=;@a!M=%E^fh=7LgDSi7K&{5a9bHKRKeRr!$YZfF--)&) ztIKtzHU~62!bXya_Sb4lI`Xh@S6@PFjU(^bOl_lnsq-Sp2Fkp8qA76QDU;d<6Zp5%8YvZ9oBYk^!dOJ2I z!a+Do$LS+OKW53YJ~^ondwrhLYg_+vHf1=R`vxU0hU$@{dl?i zBQLcM|06K>>hx!&Y20Z&vyV^s`LgSxj`aSdwk@PM_1%}$N?w!X-vcbW(tdO;8R0SE zY2mQ&58=1>83NPj43yl~q(eR)g!KGj36%9Zxs0^E1NreD-r*Rf5|LA;^D#fgxxZ$B zIFLVJ)BmCjlf9{_o_zWUp0oK*p-`xAAWg|dB8viiQ&i{ym7nnP!~g~|&i02(7u<^1UrN#w##4EJ#J_5DTt!AK zcrC36Y-PCbucb)+)N4^|ijUujgMJM4=->*hY3Bnrk-(bVw4(OY?qDtQrSY?F_-dxH zVD6xX+Ck4#gH}X@=IE8kK^3>VezZn%`9bA|Ns5j7Ns6IeX&g8!q3DX(80NB-SCGl& z{whv_-UfC5Sn`;igB&Pjm|Gy(pnrYI1N}^l%OrJj$;nToCG~5<*XUU=QawVKl3eRN z!22MT?U~NqlGKKQ$t8|mv)#)_LPv^6GP_LZZAT%8%UPPmsX!$TTkhZgo*Ji0Eg1u~ zXM`sxsGdDWketu{*?J1kz&-S{spOo2swLH>!llI}1E6bHcRhC%cQ5UFFO4pV1L%Hh zaiBT=MSx47Imv;KOPBqwwxs>-bH#w0pQ4$n7k^XAXiD?|(}4Zo;%J#<`&Tsl7OCz1 z5e^TTbpgR7j}Ks$Zq}z*s#NpKq*@FRmK2w)cYSw-cGY(89I=GF3C{^nI(em_7NL8l zb@rG=#l!i*n@u$mPvOAFFR7M~#rQ-97?*VZT51U05l6`TlkAhMlXnl_VDi2wGixFE zajCfj)ee_2aRJGIVgJ7ZZuQxgx&V8fSH4nNkBd-xqor^kc*-O`$H~%?ZrQxK)J^yE z5xu;uIt@MJPanPOi44=P#=B{K5?@{zE`ij&WVpvfd@G`s!<99RS20cv>+f0;Lf?PL z)34>%T=0AGlcjcbkt5x5*Al(Cj-K?F;uP#n6;NtG@)4Y~IQ$6*{jUZcy|btw)w%${ zK&k`SsFuTv77Y#NRrB;~K3Gd$&o}A$lturuIZG$sx%+K{+qVoS0)=vZAkBUjgfc$6 zDm>8Z3^^K8iBW_EdY#@C&&;Lpf)Oqg^V_EmwP)P#o=1?Zx5qIW;rQs~I}SXnG&4ed z9X*oVN+r(M*c&*P>OfhdrWWS)FML;IU3?!~=No9ZQ10e}!a8|C(H38YS4I>lkK$kk z$s$e>-{HAE0i2 zo?ytNRIP5l0eFbRPyAlG|ArtZe^TcI>5@D^tu*)KSFR{eCC~`)^ymG5Ouch>JLjC=d++;4J>4@^{i*7zn*Po_(@#}E z`ykR-*1pqMeGL+G*pt8WT}l#d*_FWuNqkMIk75D73d9GdfKM*aN_^m^OZZpaflquk zL7rTfuRvK>4q8jmt+X7eRru$V4f-)Ifa2kjN_XrAVr-JC)H9qnQn~`)ed<^8>0XQi zN(kO$=})lD#GO>%6w5t@&Eow7MC*KPbUTV2Z^PXG1TP? z9|-F`d;B)UBf46gsBu3zo&>LYG!jTKwnP?L^~(G!_KE4+^69yR+}BD|4uZ*M5*s!zJO8)XO$bz?JbpYzbIC6t|Fe ziXWQI2l3YAD3K)M{J76=}T9*f#`x!8q2if;?;>citdl6~PCq`oG zaR0q2P)n$*%<3~ta6V=kd+ZG1z&+{XXJ_?{K82eXZx?#wBh_p8ZM)TUu{m!R^y^Bl zV6l#nV4?x+1t{JIlx5ksAPt}#1Enh9A9p2AmlyeE3WC6^PLn>fcFL@t!vqIhB+m3H z{KICmHAP=q0wnFG5gjLA=I2t*VSUSTkp{PgDMGj8)*@51uZNHJXY& z((wFOsU9SsjR(^K=-AfU-{2pM95t=Ao34-&?ikK31i>xyeG^zJ%j+J#_UQN~qQT4b zZp4?C0Ug1cYt*vw+k+AD_Ig8S%(JCKIsk-?Ls}-WMjlq^4A!g z6{VdCg#*kf4^GzF#lZu@T+zwY3#qI~=IL7uQ0{gErphr0DL>fMOtwqRXBtLf>d z{$_8%)EQd3Fjo(o-mC4NdS<-MS(0CWT#UbEo$+KP!+U_lj+#DE?wwiz)X}=k(vfXT zsEizP)DbeD&3bm*qDCkUSDhleGx845AvvJ0Z*QpfW;!=sZE8IKS(0#TJa&K0JPC>o z7Sk?9^C-1litNnt>Q3XgnPkv2#f79(y!2>x_eV*L3)g{;mt&3r=-kx-ow=oYs5Mt{ zJ~|4s6z#Pe%#1DL%*vdUx#@5^?6j6DQ=yMfae_KTjcWfqz08EXW3Y^~Vel0s0r+NL zvZVNd^!3@5)Q>kFzdj$!KNB)bG^V@p z|E@F>qI+Qz&Jz9KV$ia$dms%Y{~(xv{XY#Lxk9{xO3E{7ba{a++)4G2N@@wDe>G?% zHJK4>I}S&i6V=C5Ql9~RR0i1;*+VBNL7|(+P(;+01sPHN-3Y}D1~koj2yRUAHpBks z-JR(FXEqHRN|uxcNDyz3_g}$()>sg+hk_vGd=W1Gw^cKL1YhzrTLJB~F9c0G8I!5{D1riME9X3q)FT5s^KsqRgpw>p|>l3gr zt!XNN{3>#Vd6g7r-`TP}{$*nQ$5j0vv*=%DlDq(Dvq>iW7a+e%#o#xlsGAYfS9#`DBY$AfAv^C=yUF1l27 ziVHItW_%s3rk6G^Z~OhdO0{E=?Y`XRAmx~2%d&jhp&-Lw_yN6J-+#|v>SgMo3v@bN z;co+Qx^#=1Gv`dSV>@&Nw|8T4`j`fE6|A(^TujIHnF{QlEyf*nV4m*p2~T*|K|fIF zdvxFP{|X!|_xI#{e*cvCuzh!Y3f4Y7ULt;QkLd&6QVbls6dG<1Zlft~=v2r@O z7%BXz@BJw%5TX!CWZT5!rhP_P6=?Tvo`brs(R{Y?A@`ai5O?VnIO333eZEk2mpx_Z z-u;lgr0;OW&Ul_&UE`s@aZ&1E+Hr++MOsI>I}&x~+j!nqe8eL}tx*5E15C)(CC!=JE0dpnuNCt^svSCck1>5Q>Y#x(||Ccrd%=_#0$X_N8eLHr(<_2G~u0U zRunn6<{c2!|F-w`4M{<9a2LvlXsdr@Z^0WvA%|u+)f+=0lV;D&8$m(2cvsDve@a;| zW_}Ofi{~o@&4|=)DyaTkK3;qSrs*}aFd|Lg$nL@*Z*B@6%iph14@Na(Smf1FJs5sb z=LNMeeyxlAPL8CL(E40uCH7Dm5vQNY<2<7+LDteO!Q-Y^P(8ApsDin*sBez@ZQj>K z2HL_;@GX9p^;36A0ol`oUBz9_jzKp+ug>1IUqUp>dVdVE^i}D*wv&isB1$O5`8=)WqZ0;WMAbc-A{Qd{2(f#G$Q2hZf;Y_k4L*r_skY-@Ea~ z$PH@&lv#fszaWdvKTMbTd5hDRh7FdJ2Kh)pi-}!V8tb* zYPpsKqVH=ES8#0e2l*F?*;GYG)24gZaKZVID++=aD`@tAYJr1FA9j&h8ewyO`$9X! zn#;~n%l!~42yyl+c+o!SBgdu^0He`r^^QBGMeQs@oT_!SOP&Zxz0@8Ipb1iu8~kk@ zCH(^{rOt=I1c7!)ZDG7OI|pGk*azQ4n0Cl#VH}N6Bzo~q^2NOR;4t2q>BpRL~#Eaax7&^zORJ#ZpBO90zR8KYy!Lxp<5%ACG!NM zR;Wo6>4r)zjIG0R!J~Cft|D^bQHp^p!f-)VirE^*2D}DgSgvb`T*AuCZfn7NgV9RF z)e*Qb(hiB3BJY1wilHhZxFu7HF*9Y_$5M(>Gwu5Dl|Z8$X_ZVQ0u8@rDPaeJeUD~w z|GZkMltPJ0GTr#`?_jt150A}Z?%$#LED6$NACKq1LEs(;UXp2i9wLaDYLf0uxWD=X zi*J}1a1^AnPvA>74PDYY(TaF0s1zf(M*>7qih&;X2jGUNFtR_0d4#B>5}=A1Ajl|N z2tu_Hr55(DptfP8nq=M3?lXwcRdbSrc7k4}-SF-&{=m}2R}?dVlu72X=@~knM2^g^EPqg#`xr(a;X*55ogJL5X163IA-MwA;9|4j=_9@tX01 zy%ko9c^~!#kb+Yykawd#d;S>I9z-Sk3NCX~e1pCp`eX29P!&)BLp?Ufu z1~3FG;Wc@KzExJ*?cBu&vIJusVfTc+5zr2u4KD*e!DMoc-f(W=m14dUY>NkArt(fc zX#yQXRXT0okZ*lKNr?AV>;r93$M~&s89^zg2hWn+6czb7?gnw6MTD-K^8@;sL1`C> z>Vu{my!dHJ3D5&ctswCt_CX2~CS)T2gfppPeIx%w0u2!41<-XGczu9C@RFypS%ljj zkxIgPE;CZJvrs!kKCr=TmUVFyh`Rpq1b}X+){eO)&|Z{oZIl_X9;$_DrU}dl0u7!( z;~!W%><}(cv=XSRm@bM+G2f$$C<<|-?nNJhH(&=}$X-P+VNLu2kYuQ!ly#RBPk^b@ z0BQm2ehk7-djW5LV8OeP?FauD%$lYGfA@~-!SzQwxn1*#4@167C40A(>eWQv%9VS@6V(0saY z@Gi|>xVLUMmcaQTX&}d7B)~Gt2gorr0LGwxZL4pX@ zJK>2G=sJiBa2?tvKZ+?Jo5ubO64cBM^~-vq*&nYR!VfAVK3PZo8=Om{BLeCX1|X&Y zs~3k7&1VrKo5uYKxRW3RJ{J=2L(GD^1Rq1SDd|D9DTRp|khO!TpPU6th>Qg*34j~D z1)^?1Ug1}>vZxThwy0nbg?4IDi5M_qkmE*+0%E@*>{FYt?o(4ByVT(!v}u`%FryEU zWkjI^WQS;hB_>GwB_@m@65MBJLwCu_L~7HM3)f?=C)bR^2QUmW0@Em9T}puAopO3G z-dVs4P}2+BLWmFN~h8R}U^83{xP-X*l5ohoV~2Gr@IAQCrVst)Va zsSNQ;Yel$KFGRQ{aOT?QG9liluLE~UTY+oS(L-$0u?z8QY9+Z{G(p^N+LZ*_4sip| z22nu71XzyMC9lElAa_J-5#J)SAvdJF4D*X`CA^h%X4#M54FGcOf&;lsNcU}r1^_kK zi6Y$!Zz#9!yI}kByYRrAK~Z4N&^&-ARvb`+J1yF6uprtk+6ndyOB`Hu#E2Yx-Mw0&uH<3g zSJP(vnrt`*b}w-6N$pSJ$9%W?=kC{Zi}2T%uqWn+uBpc_+pvBGw?bz*+a{{9EjqdO zY`+f7nFLD}%1g+PVw#^)8FWwBCLQo8>2$2PHCJ^gT6XzskTC(ksPzaP_oj-YQd%?$zbV z=I6ru-sQAZC&7)wH@(C-5>+3flbaC|(#NRNtPNMMX$d&&-phs3|-bDxrc z=dbT9quqpjD2hbYpZQ%M+YL$g`hOjRA}>mSG9Qm|LVNGzw>u6mnq0NH9gu?7~jqKph4tCd8y0(4C$T&J@9x^1v#2z_lzPYP+F~^xT5&?c@lGM8U!w%3hFTKeAX zL%l0L^GlEqtqCWlxid3fSajEnNSbFYzp!07SzzwahjGEF!!5#TQdSP7%<+fa!+~m) zi>`o5I6E=*yTj$6aZ~CgIzjg1gjK=uP;7+NB8z^qXxbs+#bYqksn!ezcvC-Aq^(G4 zm>O!t3#pVm3H6WEej@wWYRCJYxbGr_o$Y(vum%_=c}69iqM*m7Bn_Zj{Jt;&|676P z@ymA*JuGn{0DZ5)Fz(h{k8wB}NGu#VWE_^lE3i8IsLlqqqY`G_O;fwo$wG1`L@oUH zUG1sqNiD2Jiw=teGfh~`*naR0b)I9rI_cw%tM_(;fV)?LUJLPMBK&URRPp2Cnz4w;)*iE9r^ zcC!w)uf-Xi6lPI=&^?=>!=v6+!=n;#<2v`r%X^OoVefF$&1(+(kq$gDpo=FfK_I`{ z|9r&ntGeRgC;Qe+LbHdaf-Xr3y5u6!+Ig?y4clK-r8(w#^J;x|w*SVxJbGZCK6Zv~ zvtF6n6Z#?8zi#i4-mt#Kctn}nd_k>Az5)G=A65hxX!lw?Ve?p=yL=h-2DjrH*3)uE z4Y^hT-~xqkp*hen-|Dj@cWFo0+dq=Ud_2K$OexHPcsoOyIBhNX&$e{=C|r0R|L=J? zL(1HX1=;3PK@p~t-0H2<&iN;#9u8({%{#Poy*b%{rDx&29N9~bfN$3q$<-PZmEx^+ z<4^~<+@ejA$0SR#C`dU)B%)pjJLbovJC9OOv+fB9C#P!5WOkyhUA8RGUds$>CM^tV z{Qa#CUHj&nmmJ(~x;1K#_w;Z($(LPbVvjisrf`vH0jTexmnWx)VLcRhJ63^VC~!$T zu4+VL^!-+0)^Kfb8Ib~u?4U%>8Cb4JM?X`i6>EtSvLO&N9+dHh4p^2D{4E^MTX^`$ zTbTanrTea!*z-$TNOP<+|7(S(FU$*4%tn!^Z(#M}`)nBKkT86lS;A{Rk% z^xUCFL9un#cNUtB)&@rj*Z3(*n=6ZYWKs4gDGot3TwrF~_J&yyu!_bpd~3l`$5HU$ z9sgkw?^KUXY|ik*I|tdL2{u2l9(kX(-G~yoQHG5&pJ(e@BK$d)hCdz4g4vaqtua?( zDhAsF5!sHt>)aW2ThQ{RKH1M8P$SrZbA>=3gE56cNM-eX*Lt2wNXbky-2})kvD)8{ zXkbyeTyoT@pTMa-gdGZS*`jzV!(pysWUQItYGH3cXu_o8!gE4C=MT7}rhY#yS<=_w zD54}E)!n0Rs~I8+dNDELU>PJvPLI_KPT?J%I(pD*W5&Ah3#bvVc^<|OJ7eT{MU2&l z#zFNjsWtfH1LF*qKkeTaZUQ)JY_Lt;Fv{j?GCXIR#@=>aSkFVb>bymek}!Y1PKJ1> zZcf$ix|qe9RD(T4tb`mzzLMYiJ@0p*I@sSI<2~OXRg&4%|6?Xi`o>@cYgv-!U^o3& z>K&?NYZo_xF#5+!$zz^7p5MvR?bD#TPjj-cOqpUh}cc%>P zq~kT!W;g0-2okN>nr4FKO4U>OVsY0FyxNRo4s|-L-@BS~M(({H4Xt{1z0;1OozN@7 zEEzZrGh$cReQi@LSU&vtID4KrLOc~+$7?NRxdkM;^mfB{4K_9`_Yb>p`Nju_wkO@z zxvgbeEM26%hl<%7xCD7JkayK6#>}K7J}7F~zGS2wuO-y+@On63=3lSf9@(DUHQNoO z+f^S-&8w8kZp+jod~16yYO)T0PBXtwq}ASa!qF9G8J2{}<7{Ze3fIX|Ew#0B=A3au z(0^o1B(BniO!RO{+ny;lt)pgaku^Ae3Adkn8?TGgLEn&xmYq@NMXAJN_RhMmcwY@4 zN-)ucYEjv-Zfajwr|B{%LY$CdS|8!(-WzA6MVqIewG4+2w_w&jpp3mQG7H8FzpRhT z>ZCq4QxJ5?j$fbIxB6vs#h$7e1g&St5r#f>`nSi>Gu6l@FCW>To_m`gEd zn80xpyfgKrecOjlqvy-6{kdRL1a{g4sq$*>vfX3(9r1Hkn%B6-VP}0-6eR+#(>x%s z+mH7bs|fu>_d|NDFOv;(Vu&)eIo@ro6wXmbmDQIo9{UGd=R`SP(#K2^600#2&|c=p zB^&ki7%Yd3NUQZ0{!<8LMYIh@(G4q23h4!&6s=24EOmkp3<{0`df4qP{S}T84V8s+ z%A9qzyD`c2L#k{IUEjv&?T2@CEL>$`5bs}hsmGl3*+;5)9Ggvz+m^`_hwCEd8vA1q zTF1IjB4T5sxH`c+k-y#VHZluwZ0B$wqNW;5U=j^w?m=r&baHtbuVPrXauGHk`5TjAXBFf0-4q-pkd*x4MDYcpjKlh={PF_7sM_;t`MNDP%{=%3&%|C>+xW|DC>e23*sxMk{;W&r zK1Y+qU#HW_#=Nfkr?=pSQ5VpInU1miZ?ehS?wG~ZyunL(ac``9s%dn?uX6wTqRP%b z%(!Pcjw$W9u8szkTyXKP^ z4}Q)$V}h=8x-5rc!HKMw%aN72kz-Gn@>yA98s5(&{F3#$jdzF5lYY!Dqf0dpy6YSj z!E&p9>|CA_%sKjs(^&D0$ef8sx*68dQWnT9flHJ!keH5u!_a~w4S+JCP7I+HiQ(3@ z{)Bj628o^;-+_fNa7Q-Z;6q|wH@t)5@>asy6%nh;9GRrQDO@o&b;UIkuh}G#AVWLj zs4maEF5f3OvXW5bnCVx3xJd{{Ph~ODnKF`39mTLuTyJQqhlMlhVBP_g)CYy7Gr7T= zI_Hf0*Y>pN*3GQxmKC9#>1LfjDD(F92IQ(WGgePjr4`C59v?A7PN7S@G1iS=$Y6_Y zA+pC7`rpKk>cv_v-%Wo!DhBrxp=iKnQg)6eY!e+COvuZhvnGy!H;f1(L+2yt%#>>~ zOg{p)4EPXK%^&3RX|yC&Z5vvqN|o=6Jj7$QXQ1E}$if`)0_Ur8tK6CP?{ba`FHz}Lj07(!VWJJs_0b-!_P*Rnj1#Ry=#4o&CIbP?BAxu8#LN4z|ux()#0e zjO~IXoP?F0C7I_ISG1w_WDhI5hSB+kv80MQ$0L~h6II0Mce^myjs!vde8lLJUs2!< zqn23kc%r-F3@VdpZ6BQr-(P9$^tE38CMQv2ZSt+rcosT3`#-bz@w-aSIYP@An(lhB zZCqQ8BYJPz4Yz($mCnnr zOJgP@M}!hvYVcfHet2H8308#6nIOc(Ky9VtWT+uAEch?KVbqZBRbHa4nom)a5UNno z>+M$R^=s1)TVyaYGvef58Oh5AV2*Ph^_$!Y@fn_GI*!Vt>sJI07h?3kYUtq}8Vpu; zWNj65H}b54ak=Fj@E#_Nx)KiB0zulyK{xu!0ytL#8tzqbAr7rqRhCvY|iR| z+l%I>VVkCr@zS1ZO<;UyJhvTk-h+PUs4hohj<;%ox1yuX<4R%<%W|cB#>g4B?ec*& zoz;)F>L#b)`-9Hs@_pq`Nyjrmo9z|TrLH=6FVJ_=KH$L%xKu@!IpU30h$3O;So0zY zeRGv)=$geQX7l0x8BdGNGxvsN1?EDDEJnA_IYtfYv4+l{IQvD$K4_SrMaAp}tM0{Tq47%;G@OR9~7(6NgO zP{IQ0l(bJTAb&H^<6M-;e}Rl2z~vh|f9JEYavX2!XKKdjESMX_X*JpEd`{oJ5z+}f z(?d$>#%12OPkJ<9NNyu`(jJqM*{IJrddxC^%02b)7EbLDv@mTqc+){X)woHRp!V^0 ziBJ#ZY#B`Q!ePWb%+qICxvU~}*rKKj-QB&9Fe7NzZ!X$VXzUA^&F1qV;%VFivt#4F zdwvp$=m7miM>7i}=}%^^;yjDM;B0Cs{Gel=D}VW(y^6y)OVpNnZo`>xa5y6Wi0E{8 z*IJeBnqoqJ;taRE&PI~BjLSQxx`WR5Wt%E+A~MfKs?EXYJ+!SV@Gn@Y&7olbiI!Fz z2jbM5OGUnc!LY9S!=bZJQ?{cjO_pzx!UPbI`54S*4~g75C-6T>AR-Eqa2zJI0N^n*&z<58RlXW4*3C`#S?R ze=ypH>|T`nH|%}tSnf<3uJB8z6u5hgGdFEU70#A(kK%>RTRrQMt6l^x#Ssm^`}iHO z9_5yiZ>#pr?2AWaDFuSDZIfC56dPD8=6bK)Su63r(P}BNP~|$ZpuCQiM_0=)w1>HW@0}0vCd)DkJ~BGzm5dij@a?X=IxLm>T#W;`S=yL zg`w)Mt^R9K{Ikun_;LlA!C2az#h)$t3}4?YeTTq;o2cWYEX}|>Qio1So}NZ8_nVi= zi2K_17kE@vt?xJ*IDEB3bVIKi^OJ4%ff?*HEs+jgFpr$xaerXgo}Gd7ArFsg%9bs5 z!nm9-yXHb|ig>oO zjk%j7<*+3(tmt)^cF)*}G*||gkmU~CtnsPTt)a8PIeG1kNgBUT7~6x)9LcB|7CN{m zZc#A)U`;&i#>`pezOr8`a$PJ)%>oY}BKQS`gKOL^fN458ne*ygKQnicQ!<{cZvuY| znW(+TM>$LVU<%gqzGP@~B1C1N1({D+^f|vZ-z({@$G5$#+qLl z9u|?#PUX!U*03|FwI+9$iSz8!wY##gr{-{N#o_DWtH+Xoo%jMNpvUoWGUsut^UmNN{6iBpJVZJpJ&37H<1%Y&V%owkTR#luFfW47-brPq9N!1D2L6Z9KmUYq%v{QYH0 zM}R}cE=3Ml?b$QV6zco_gOqe7A&FCOH3rfyD83GAeZc5pYGq8cbzofgiO_rx4Bu!# zY07~#gou~8_{xaz&nH}JZ$F~|R3;@v2mEb;G3GaL#XT8Oc-@X9E{-?bupW6g`(WGb zS`u&+_y<}JdVm<^_u28dG0{I+Se)AX!ry~&f*zoH!RzaFcaVMcL`u<9>s|tWAo!yH zfTC6eM-kz9R2nBCr|oQjv?97z0TX{&hey>o6fr1S^0BO9?iZf$5GUyWX0u0DqFus- zzpt|~=VAM|QQv-B-adWGN7`p0`iK53Oy)rEmGaEM`#IQaBcK6utykj#?E~)5z}-yx zCJ$JNQa6Nk>CX?aS<|#kQt(PCR;iLuii}{vwYMKt2MBfptovXs`y_vs5S8p?iK_8i zFD)N~sI~7sdV}$qwF!-@jO?46k*z52;cX5SeuY+Dg%O=%t&^5DqpFT8n_NqKgsq8X zGg^moC$@RjV{bUtPGTPGFIttQ)(Wg8{%y{79pMaPQc8G(F}JqmIjALByCw6kUUwk; zt}tGGP!G*G2kj1nO={Y0a2*FfJO-q1vCtECVR6m|!)GEmC}LlPQ%s>Iiv}X z6_pU4NL~l`tv!`%|2TN>ZWY(V5o*X6Wr8w|T@hSZxFvRLrG}0oX}?+$537`R7Mm@z zv#|5CpdO|wjc(sZKr;%Md}Z`Nh_u=@dFadThA^c}i++qxD5rR)1A zN$t&L$b-o$&j*%%y2R=CaO-jZ6&-c*@E4)+0B`G4t%r!pSFBem5yHM(dnf-Oh>-Qw zP%>Et+aRgoFMo7L;!Zh{@AXRdLU?pNQHxQMdK_?3kr+Ej=X^z$T7evfsQW(^?FWRT z5`|M&F5wCPfXCD))+Yi2QPElcwmQEU-#S~VQ?8H2rE!0SeUBjlbfcOb2f-G`&nt*C zWMrr}i}zd>c7w`r6V{Co2Pc#K#Kf1WMIQ2gP*5&V-{T#ePljm~H)Xptnx)NHLF-^% z>!;Jt#7;_OGEjejT=2QBTJ{w+?I!i3@?SL08KQ2vO7vw^qD0-#sQE7aX|tzO-0U?J z(owY_JJ8IO#O&rPPXxP(FF?Isml-(*h+=5F+)1iexu75OqtJXlI%2+)w<4n4BK4)! zigR%SYQS9Q+`_iLe%D8ntx-=aDlqS@kq+lE3tAW{`2)Gi-e^|jC`@STsK@D4 z9!!or5-e4w^oF*(uInB?#i;$NvZv+oYr(B}M1O?fn~cDwKK5P@utJ9rwYMNKGYxX9 zH*6HCS$Bi=H2|Kk&m~_azDl*3g|1G%+>B-`vp%HsUGnri#SS<3ysA7!TwTb$VKT5~ zDccZ4^dK=O*~mq7F3uK7E--RvbLQNsOEqi<<>JZ|t~%bXb7-a8LJmg8(?`(ujC7m? z*XNGF@>UeB_P{HBFl7E^OQc!Dzd+(7j0oOeuAKwB{grUO(^-L6A_OE$K09pDe`}81 zez;i=r4nZbx5IQ&)DUUr&t@2K>osFPi5!IbLLsb3)l$x%?2j-*0u`MAyC}!^S8gKY zjaJVKnE??jLq3423AI-(utFystr-SAfTpjAQrNkyP@sHl(_8(rTGFcnTIya@dj*+n z-$U$jCfyw^v|12GAL?o}^bt_$|2xkATR=_vn*sgVa{4`GITcn{I9Y9+W&RLdhXj6DH zCT_5WkWPn^(op6);Tw-#Fsg?6g#Zd>(uH<3##0N^>C~B2sm7!wu;>HEL@%kxg|c7+ zlmC=qZRcpbu5yy+#gNZggBM(b31$oR^rz7*%!j=&Sl*Ko*jHTFlt zqmMy0O@&qUiT4a99S#~r=o zn5u7dL(igFz(0p-8*gSjL7KWzA$Q5E(r@ZNYSJ4B;B(c+s67hq^I>{!W`Gl zJIX}YoBHFoC_R#ZkulNh7gLk-oH%ruc*qjT13XM3(`3pTWd<9xOboTAC9cAQ{)ebx z;&pnFaK-EgBlFj;D)tn>>FpnPhFrTj@K{9eM5rRplzR_Qg%`%jWz7|PdEfGK>jGdQ z!52cWSGcFt%0&?wyL1^lkHkIKF<#-aggw^e7aB()pR83V>HRqpH>glq~;A};}W6|oWs>DCM&xot#vWRR7Is8BJ^n7 z`v3%G2AEDY?15_|dcwk8+PjmbDQ`vv$nl(W5)5vu{CP9FxuwBk}?iN=0pq zEyiHvLS-s4X?_*nfSp4J!K%vyTO`7YuU!*RVqE{CM%&rK;Fh62;bMH@?a`Ei6(mQh z5>KL{B~tR9_*5YYuB!M&Jezb3hdpz_*9y+=NsADRzKaPbDoV)@q3nW8`4IHUtERs4 z#h=0c9nRyIcp_Skl7nBw(MULdBs)d}EpAgcK`8!+?klf|p`+#Mrs# zx~ByduEEitODq9vxWsjKG?H=V zcH6Qlal(;!{xNu<+nzO$<~1SpnuUJ_lwPn?KYR+74Htj~Jp00_u+bxaB_EwTn#7io zx2H&s(BNT?beERotItOZf;0N$1-N5#;gB@BQs0c3X|`GKmPAMHpoEfPz2)q+HDnJn zaeQ(kf?>>EI_(B}JF<;MeEQ%cadVYA|3D#!T;0ybZ@Zj5S1IFTm7a?l%MfFgQbp1b z5#=lK3L58l%a9+>O{R{AsXkkjO2EPk@oTs8zZMLB-4{+zila4?|=2 zjLvo@d82t`Xv++Vtr#Z8`@MR>S618_oO#65CZ~{({_La z-9|wKs&=^7D5Y$n6*aZjwzV0lpfckc4r(T;hI04tJhW5a`e7kym}eC&0v}KgrMVqFA~&5!+5H^f3P}sXi6ZA zuLjQ5KnqFpkCkY`Iup0aDD9G4b?n@h8}PZ5;wZ=CJQY#54$}jj!2_ZO(~OxPsHXJ5IA)#Mh8;I6*&|rQUzTCqPu7I&i}$@qTkgaV3D_y{)|O zA6fA=;WQEPe#E?qPpXNpWG(lb_jK@We#mY9x3*o8w!$BJ=(H(v5?N;4V^k@$B`B#X z&?O68l|i_Auz3nE#1PNe!EacISa$%AuK_fn-hkTO>+9q}eZ2wip~0XEtYItzHcJta zt5r}1L^3C~sJ>TBTN5B5RZ2p6_8e={bPnFFrw2-|AH^jdS@X<-*crEU-Q0uG(KlIv z=aLH%P5;+26QGFZ;f0Z!*q?hjV*1=ndL(R%!S9{#NmnT5(%~xPl{N%$Jij6wn#=ZF zV@w4~es=ON=8qR7%)d&(CiwCTXMDZM59JYFnBXNPvg6zHFx^eCn0uAgF6896w6Y*F zKsac-&a)Y~TGHvzN4%I>Et6f(CHXunsCpSlBnWID-+r5T?|Is4DR__XIVflec*|lE z;IUL};2*xueMzZ38;zBk5)bfn)J0?%Lj8;M0QxEtaPnLs9@up_E71Mcz+xxV@zQzp z8l5q*hyZ*z_4zz*b`v9?n%ist?^cTzxe5QoGu=3So55iURLlfdSJaB z(c~!n@xEZo5YTfad-Q34cTl~qc)oJ!`+7vm_t3YZKi&Osxh$OV^0NBb)^b!;^EmR^ zb$I3ZW_NiV=@7g1I)RGW()B7HxEi_*&L$!P$wHfl%i|Q!@maglhppBU0{tvCtB;Jejq}7*?5fUetKP$JD$gaf7K% z158|JKn3Rou6{9g+)~D=?SXmNLupeEs-l0puMMOrXYDI|(nj0a;e6eMhKZ-__Q|!Eg&UMw-p-uEl&MXkZSm;FZeAci}nW9 zOWCfiELAgp_wvR0ASIml6^+{&kUid_)C?)ShGKi}p+)xFf=`s?F-Bc04u+_SyMX4H zVWo%>$TkcHm!8o*)F65pD2S=<9~~;wIjit=7SW?`;1hUu#Dgkgv%>-t$aRey(L?r@ zwVP)Dx6UOA$d%zkP65W-mFnNLKscFyLq1@28{@`8QGXdN~#AKtwk=%z_DET499>Pwn({?xHvDDX3Q|pg)z7lt^#aoly_q#@EvCQnjGriKUZWBj3oY$jN)R#c5UX`~0lmA%m zU^dI;*o?r+E}1DC)LyGCARMYpSr_BaFs~GtyS7Z9uw|3e+E3#tDSaAOASWdICY^b9 zoz(=d)pc$YB;0SeAMf(mbhwgAd1TOpP7CyGjIpEjnYtaUtM|XjvnqJwCsVC^8(Tzw zmZ|>PG*0fH? zLZ^b^8sO}LU!ZP=$q$kQ+hR9`_c@T+_Dj${g1wBh>+S0vNgJHbh2ya ze28o2w^TA(l`y5gI(TZcbQK*ebYo24B7C!wr)vK1@2q1$Y&$SJH)9cKcI>D}LOF@# zgUW9|D$#tCy-=D98!(<91b|Fk$)>G8lFTx_8S#Q0dVeDn_9D`I{rrUp%d5etPS%v!x_UMlz}>E&9{`v(`>vTI^Tvm>JBadfe4)J-HYv$1H&aYHBQ%CTsVi zKcY`lxf66t<42~)iI#Fkq+*HgB+Dtd* zbYFWcVl7=vE5C%1>{P`q)QU+x$@gnf)Aer*vv4RYu_zh*A;d$@Mkcc6MaZrOoR=en z1TvTAaA}jpekhU8KL-#a9Dk{J@H$`lxfMkNvJ3hKV)H7$*{FX!gKW(VVYO^3kfRLqy|>7yeki0RTST&{Q!A9fd{dC zOL61ly}ymvJ3c@PZd=Tprc+eqcXI7O+WoSJ@WMS_oVfW~*6y*e-vzszXJ*7xx~^D-kRAX#Af&%Faf$+VIpcWWHJ(RHL_$TJ~136gmMNzv$DS2))e#y zWSKMz#eokdEfJyk%W3f1XS7BHSK_A*vBvzP#{9Ag?EJRfz4i>90ink0N^F-yLrC6S zOT!30%#15@g+uc(y~C{WCnYkWFbDScZ~C00qGKL2=Mv+NCw$nMuCMXow2s5eoyWrd`i!c0ILnPCdI+*j2N&zCt0?1 zALvH&!BN8qqgRISZ*sX;>&n-x*|vZwf$c+5QETy&^dwJ=K~ff86CcE*8J=kYhd9ai z;Mgz5&(6pn5mi$#win7*U+`^iB%yR{b=x!7lompKKK1^~bV&sAFpMOuprhU^zSW#Ys%MTv7(xPl^=@{pEOSgqnNHb1igA-qdJ z3tkv&pA=bG0fj@E>>J~^=c5xJ2?UKH+D~?U7G1HBNS#sB@8Cqp-dr{NYzSc(C4b!fWA0)d92fe8L!u}Irf_heF=P04}%>hkw#iUeRSF%K0 zCmG`M&pCk7cfvvo&07%*GS}2Pk5GF|8uhrW$e$>A4rU1}zd|9cKMlrw1GwkI257ClZ=B0HfwD~)93a*iFH1qn>KmN=1Zv6nzW9J z=5ut;{K$8r0+>$QCbfih?Sd^0qPh33%anvU*`mrnGu^AReN;?(jm)WtO~qjd8BdQE z-Ftreujfq}Y7avOr0($#AA2Px4nJOPPppW;yzXP*G4&daC;uM+W)HOeLT9DiA%fwCn#npn$TA%}r8Z5a4ZkjV73$p{C zK4`FkrLtRy&Bo+Oj|Y1V*1I^`3(O#k4Ydj>L_Hy5zPV$uy)mE9)l5=x-dL=^7UERg1Qq;s zz+nB0XCw|KnRl{SY*eSU`hpBvi=RQ|GoX`s7i6)i_-T$_OY_eEiVYJr1BUM8lES>U zEX9AXY9Zn(CRqhI6=#^MSUW1JN6tT2zrFZqt(aapFSCs>1SAah(2{%R{9K^_f68F{ z7SCmV@*9g^IV^ne<9rJndkogIRO?3za!?Avd!Pb`(RI+8lZvOa^|zZ^Po zj3$d6vmD)B_gJ&Jv@VZV&bQdLar5%@t-ME>&0z_T$g5e0+IV~MGu5l>U(Qt%F#Udm zJ+O>@%t^m>@so%7mwUj{VS2F|Dx=e>O9tZcmXC#Skq(e| z0^|JXyc!i)A>Ucqz{JPN}z9$ko?qI2{SJmq_pT3+cmp0rvm z@{b8#PO;L^faJtT_6r8fey;GTtxfzKMm%@k0ydZ~{039LdTnWjH>>c!!Q2jQ1_RwS znwS{R3=B7zJrf7u*#buDOC3&(-qqSX5Z`n#vE{(Vfh_}xM4U0vprAM%o!-`Z`4O(S zXo@Q1>Y0Q$X)t`^l=F3(vMSB#>9ra>Ke*1o=y+#bTbQD=Q9I*W`3BNyXfU~8XZ&Uj zMul=LXwCVw)j}>VA2oJ_?(3E+S@fr=d6!~cj#*d~GYcvG``}lgT477Wo zfbNDAv!iVl!$}T;(TxgG`-*hhsLx8gQ>W_MM+r9$|N$G zROUuaaT#>IiG=;CKNub&27vUQ-yO*rkzT5Gzd44s(iFhcLA3j4z}u z*GcyaHCCcOkQz;3*_hV9dAIw3rYJN(irp>9XuITa>X5_d3lXv=pdgr5ZMwsx8#IVD z3Sx5XusG%!IBT^r--*|^X)3Jb6?PvO7;KvuAA-LBnZjLel*bosgTwmpf}W5t5*ILQ zp%*Q*&+q;I_tvjJ{|qy_dvMp`SK;ry-+I`4KjwQ7@gMH|tAf9E@b|@cJnW1AYM0@^ zu#4XA-uB-A`hE4}(SKOmm0R1?oO4qiy5nEldb?@f9HyHvB73J@?kSyJEk*XZ)qlU4X{P zfB%hXvw*@BJeV%QuEzG^;cj@OvyrjER3?#ViVqLV;y?VR>DrwXZZZz$x>LyXCG(1Y(HFgu-%aAWcRb3kne=+#~_XWeo*?`|KoH@ z1U-J=Cg>nZrzeAt5(XaVk^wsWD{wr^`5;SCc^%d2qwlHlfEe|ZVg7HbbPhkg0GY;EQp0Cm8gWOoA`&k!83PSM6u!v1)ip9W}(FS$+Suo+W(RyiL3i67jn zXY%l)%S@6b1NZ#naZF}^Zx366LB4<`7t+E{@~vYi;a@%l{6&W?P)D{MKeN}I->R*v zayP|K1(?b)J7(T-e%JZ zCgd=zv|M+vkg7SIRQX2_HGx&}7Z2dQ1Re}FZb$)#3uEQV-?&9-{eS z#Xr1cPYOscB~U+X;S&s9gv`IP@U_1@`S`uU80YVTjpIe<@16K_5PrH&Jm*H zz)`Z@+F=n3{O7`ooY)HPtPoy{tos0#!gu|9D}Hb+pF_0l_1cLd_ty2?c#jX;)*~BP z8scUB7!wWs!%M!FjjQ{v{py~7wT^>OagDEhH+F5${TEE09lZJE$B&NZMb_sBJGSD`zPoeR*4p+h{&RL5 z*in&&`S{>Q{8`6($`<9u2_IcJH&3k~w4S~XeCO#o;B;sCL2N}kXYJm(&IZvaL)tiZ zxPBJElK`Dts{oIo=fLsv5?B@2Uwg^M`MwN6dhJY%{=-X#@}YGQV_&dMhvk4JPN!qD z?_g~lA248RVBLkmwhYbP;aEsy}gx0uom`R?1W{2 zxXWVscVVz|LSR4-b_B}|^Kft(?AY0;uZ-sfpK(Pl9e=N~A_5`479P+(lHS$IvNxL$ zc%q;M1wb_mQ3fg=NU5w0s%e-(na}Gaii0hlLRC5D!@7$zYcq1$I`Kn*L=GnkHt#M7 zw{T1tTnl%TJr%(kd~#3_#VC0M#YH`^-c<+eUkRR|g!#`-41^pa4v`gWaFL90l;O4D zA_c~AkR3Fil_th9@kU&hnNo}WP+(&f&Q*q|&&CRzs|>0Y8_PJCw6%DT{2k zGmT7jVzjD?OJ@`%7T+J9S|-W`)8quH^auOV5w?L92Mp6s z&R&=X77%Ruyvr!Ls_NKbXz#5phyy%03_t|<00Z@HKenzeEjS`2uur4>$I*53%EI+* zfK=d5WP>!|nVKO#C+-8h2-VWpIp#t&{CyZCJ8_DS zV2)T-&br_V<*BfvkBi~EfOYy}#xFT4*1hseZHDOiKh24xGjNo{a@w}Y871sC_gy2w9^UBFqaJr||{y2K~gd`ai$lmLna zEYXAQ-SM5v_Ns+7uBii{etGj~5Q9syg9(SvxyMNU$<@W!3!}=qH^DJn<%dRG!txhcNgI+BjGg*~8YI z?RpiTNjBOj*2J$nT$I1MzUnCh)86$#aTC@q(oH?Q(T$|nIeqG%lp3_^;f;^hgR}nh z9^Sin1ah%?LV0rYyd)eej#F}g`ixT6d4tikqr z6$GAR`&kSq`(0!3YsZd)90a!!pPRe%71iC(fqNhlF05O=D*QlmEfts&mtN>gglW~p zEf5TP2JI9S;{^L4K~)uWxpVa6#$n=|6(5&eBH+$|%jO|bG zZx{uAl0K6T5qpd^F7KTaB!<1xy~ z+@_!-B%u%bJ&3fz&U)4LU@LIYPr8PA_%TAc;tNo5nqKe~d-DY})<`7?v;~O-#151I zQx8K}Uh$3PeA#)nn+41TdTdf&93*4;VzOEw;{DE%W`$q1g0;(59=z?@-zg{tW@x>qL~we}zF2u@#uiv5 zq)>3_qE$~FlcMpF(Ot{ksi)9M@yY4El{dBiv`i^qwGpbG`1IsVlPg@0%z!esumICb zTNz^&xhwmEE>I%R-v=hqW5B=Trc_fm5l|XO&zKNclw!Of zbnjhX4(ce2O)ub)C6Nv)KFPq<;jv=}5O8C(* zTRZ$g9bjzVW40^&TN$n4cy-}uu+JUTgenafAd3q4{gRQE9)d@R&=Bk{ON6e6Vd+R1 zg3nFOvD3q<{(u^S9v*)!gqqpK*ox5`bns{d$S_3%Mq+-U(bWJp*`DT$bo=EgoCsd4doDAcSeWG4jF3;dg-P9Oy)1qKHvhPCTCq z!5T{v!YC|^e6@P~V}9QSNdRL*udgnzF=oeQ2C8@*kmYH&u^q-dDw4hXd~m)lcI`L5 zF#4V|dp=7!(Se}U#xWg;wd24p#Yqf@htMbDy3 z20xJytH)A3X!?Bm1!;&m#8swlPsbNo-+T%mg`@jNz*iN$I0_dzc8v zmLdG7&D&_Jh|G27A~!DOCdZ{`8Il8@NP5VaX(ZdUcBSQG-h4{>hy%78e2A={7W>(l z^TRLSWv7CJ4(k$5%D}dK4%XY7caU=#)MXAUrUkWubR;{d0J0236@EGN86~@25Moq@ zuT~a?g3Mz0cyw(Fx2xAINl_`cJ^GY9`SIqjzoz_1Ih>hoCVuRk9#ueQXbq#lCi+fW zX{3lznIDRXD%qm-2PC zv}mx{w?Pu~U{4eUYZrA2>+Q#ntMs#Jb1Z(CC17T#6AvOg&Q z&Jh|^SmkHj2&pAuJyfW!^CBEcx5(f%r(8_8jHyYTJ+!EGZAfLwMITFBDCnXswx*>J z?jdVlwrZz4u7hRG*9|c_b85<%udPmZuyoz=`q`4lODP+_u`+}BeC5aAecSkJA9Wq_ zo1YC+9*&3ik;Xqk@xDfP$WGBgmX`Ip47QL!mCijY%C})(V;Xv)a#|T&akikz0g|l7 zvK`wzPbtRowMCwTQ^WbQEva|7J%C446$4Qa`eL(n{j?k!Fvkm4`V;n9{0=D;@Bo|* zh4TKMZtcXhU>CdkmVbO4$ zr3i6|A}9Piu|`M`JO@==bE$`QsEm$)gw;C4kyR;_1L8YQqAcM#i;&!~?=A6z;$8Ab z7xSe6Eqt4E%j_#mv5VEqklZA2f*lAtBR)kq`1vP@`tV;^y*c)+#CrKnBmOv38F1zC z!%ay(WBoqJZ?3$~zsL8-b7&SX-prwF>k-B^rnjkhC99%;wOhi&8e36Gs~lBLjjgE3 z)aaZ>tm;+0PN=`M_F*luPH{Y<(HgNnZwq>AJ9;~!*%p*pNz<-swnnVTn~LtNzb?DO z+ICsNJ|h2*>s_*fEh)J=+IFpiU52NjZPzH+GS88HrdgD>D>r^bsM&nU})nG|l1>>=Yg>MS=^MxJ)9`Zj;en3DfO!aM-ud>6XY58U8`AEE;Sf{ zQ*Wg$O+>CuMX{12^ynRr!$ezi$HRbC0pZtXK?=7{3_wD+K39rGPP+iW0Of~ne{@&) z)d{*^8h+P$x`S!=0DE%9KEv->+t*RhKA(7X8ZIg#1vN=L7k5$`y`Z_zCZKmuOY24Xq*W@RA z>w2oU5O5**3+83{A~Ga0dl8u$=cJ}gPzBWJm&ppf?$J@HtmW4rQvo$4GOzYKV4@$` zWq=NKoSGnxj@pMbO0S3uyl?T|CD(6mK3W&6t3tCz2v)G*)&zHUGdy}$-ZHooDQ*&8 zk|VYaAW<-y1>6#+-Bp1zrXxl@*+$*Ce8IJ zL=YVC<@!N&!}qH!z?%IXjq_FHwYC5|5iLAP`J)gFQA zkg4N_t!T9IEK0|(3`07Llc^7SbgRNKCoB*tV>OgckuJl;sznLQwxQnV(=Shb=0C7` za14q3tMr@it!$xCr7gqYtEAM+IL&3qLTD`f;I1VK#v~z;CoA8eaN@O+5|HcZ7!)dT zi0`d?Cq4t`xxG0PNk?a`2H7~#I&{U&=ga&3nb9HCYUUDF91TgtEChrfTL>Fuzsoz3f~^YCn1 z`$d_P<3<;`)5o0kA%QdKY1*v|f++goW%kNod(4*tJVIY${PP#r|D@d!3*JeuD)|71 zVKTb(7l^>D-uTHDDN9+yxn@nhdAsWDUD3il#!swxeHbM7oE5FJBresh=WWBIA1~_0 zSi^VeEhkLheVWS;IXK@F1}Z}t6n%y6)?pgl`e#{(^s7h{~j+{1&Lob zt)4Z20>#2_?W)~Y_hW2jwTQ+|y3w665u`CCGOtTC*BPTCl}@@xDfxHbBk915ZcT*j z-pU()vkP2bwV?$MDw`?v$pGrR0;W$*G#kMHdUb6Tp@jRjM z-MN5#YBoxARECmW)f-%jNb9PXyML#KThqE!P-+N32Buh*mUaT z^Hp;MrBi2&4s!)krUyL+V;1Jfaztt@JqE`r12asq$rs~fm7Df^#J(qOhqRquPT^^4 zJVn$=>&X{{G@nT|pSBxNa|1?w40D`U5wG+27BY>TQ1|xF1AmJlFX{zOm*J|2V!sMu zt!jL13Z|)sbqn-NsgFj_s@t%uS(ED;hx>~=NVZA4xUPfkmbYJqEEim6Y%LAn`WqHz z`fSUUMQ;MOH#aMz=TF8SR8U60B2o+|qgOEKtZZOjwucKH7 z!E20uWi&>ZXW&kd%AfO)*AQk`}RRRheemNy)_=akNU}?y?Ag7%7Ny zoyziuV2*l0^L=iM;)D zYd|T+_V&dE4w&B*QxIb|zE^%t0pT)0ti#=mur7NO4cmF=R<`kO#DHKWW2_RM4*_hn z{H|U2aY7+mI4#{ItPB`wt8PlYx*(KIhvU6f;iQ&k_XL136TO>u;2Rh}xYtqTzMP)Aq;qFMRl z9k#VGqi%2gGl5aLxTz$dK_WA-1lUmJth$Ec9a!n10#pkQUIi=M%Pkf|Z3i%SF-YY` z`@QF~CRG}j?u`ST1zCs%wrDm0rWPqB5!VUh0hm;jA4_;~9;?ax39>i&Q9V{P9vj0p` z&E&;6es!{F352FtA0Ggc-WyuQ8zZ9o4$SxZIz$=cqN*iMWwE1 zh3r(kA%E*QQpA*>0B3{cR`8hc7HFZf#V@fW|cC~FTj;`vzXHTYTAn<-rURkHJw8I zpOW3^O2IW#@!D$w{QU{0trf}7n^sH}#2+YfKXJI;oEUw7ju;A+pG2s`o124JPzLpE0A1!L4$Pu!bpO4gr|S@X)21(U@7H*DEPb_uID0*KC zEaoZ!_+;!dxJYyePGg4Xtbz=Xt($E5SIWJHQ%D#o6c7gQAKh2iXq`>ynZI@H5N+nZ zPqB*HJ*Dq>PiY)(3f4nyqdQ2-Zq1?vfbm5Nx&)-^6RO4Bc%Wps|`A8&zGE>HTY@L9t@ z$I>;(l)+WUX4mVU}Su4lsapY&au&3U#cqpOXmx2K02*>R62=OhQpt>7F5qZ8Y)t@If>Y z&A#>55~d~zX3}o^({6QXroriE8nNUZIfqtfvyseHXQhScHK(RH&>KGv_kH_``&{Un zi_#fzM*bImUQyy}bWVKpA8E68q;@REP=@wkKW0o)_GO$~7g>8u_PQux%}3ZKQH(cj z%JA5oP8L0OeA|z$t4r{el)*lY@*gMA`*LC`eBDys*vFTZ2W_=o?(6{qV?NC_0_W6MfL@lCIPqx+>ImvX z);U)he@eNjv@`?togQ$d4tPTf#5i^}p-WP_o0P_;tX>?VdwrP%c!zTXQ6|5GA`^5MrGwDeVWcl;NW=e#+puP>CLb#M@v)0d|m_ zjbh*R9AHh$5*zom8Kd9j_l2r}0Qw4WZ~rLrkgC)MERrk7gk4W|Fau=VmN< zS2^Fn+J{j}1`rQ2eJolQ%E&H91j?9^)S{+k=diS1eM z?DYe?(QCt(0ATCJ=x_lb*!b6VU^UiAbgVXsoP#3DX#zqKD~}ZM%9`ax)5FM(KE3hR z;a*fv*Tf26xAOO~+(11}@_g%Df40A|6902(?+}|v50Q_~cIUy09oeEXth8nVM<%P)xOayNg*Sn1yod*Q5x8Uu-s^VS4P!Yn&d*YJOkAc247U)p;RQu$AO zgTwRznf!nWSyw#gbO+4q5BKq(|MDlcIDhcq&;R^dWg^@oj#^7083JSw|K8fd4|uH7 z)*$s9st|Q|_%URsavi|A?O;-w^8r1b_lGNQ3)mms-3vh=E|2+3TzVD06V5wsyu2Qs0_Uf4|mmtO-6PE z)L^~fJ+^V-^P0+O!y4>)?J`vocF+bTCX^esxS?2N#EUa%tS!d!4S?zLRvUo#-5t&p zWJ=o68;Mh*Lr$v54ZJ8wm+BnkF8q-$PL=oL3}F14ZbUCQ<8|Sn^QK;6C9@XdoZvZ+ zL2U!qg;A8!B`B_#U#vaU2Vp%^dy1u4fVv)8_qZ^ujX_1AaYp6VC9^RBn-*@f#4uTq zs!m@R%)yk~p&v5^znw=-$t1|FfHE`G7swG55Q8h;qrSmdyM%Hg?ghE`vK{V;i*GHCB9=RhRAlim5Lth1zz1$``c8_m@olI(1st?ytRG*~RWht3ra-%I-JfMBFrc7WB_Vqc5Vy{a|l* ze`YR-s^!Xl6Fvze7AcSVbh>2F>?f(ZMkMEwhM%O)H6r<0Q$LA8Jh|eD>A;bzzMDob zisa`|^W7Y9*C;xP%FqwEYs&D{d^d;OH4@)C=DRuSuBl=82Yok3-8EH?U+=pyf^^>( zy+is0YajO~Ra{6_pS_wt$%s4$O7rQK<}>RIpJ9`G%*g9$Na?{89y2p|%DJ*L$=5md zwrTl1z3!#xrT)g>>;l)1^G51dFht+?tSD=!kF24uzx|`xc|+V9|9c+X{d+|(7Ji?< z3(fNHXBBH4a~jaP#dr;ben3h5fU5Ur7fk%ac09hBy`>P8V+i~jx;zB^>-CisS_AzG z*f198uV|=QVK69ut9GBpKAIgE;l76}-sSEf{~?A5rgO&b`WISgq2yj7g-Sd@{->)6XYE@doEs z+)L)2XYdzsfHKds#EaPJu-=0+ihEzSnR;2yNc27faTfvj5AQ87$u5PqS%2% zv1cxR$I_XS3r5>0&+YIsq?Shc;S_+9Q9d;R{FYh#?ZU4|d;~Ra zfofDb^$|?H7L+kK-U3syU|&l~d4k>6a2_dw!iyw1j^wmpeJ_&aIFcl@o)^iO+(b&k z(mMi_w)sG5n}eops=C)|*+xtE8uzG8&4DPxaY$W~k{cC;me=5gRdKw^8g)QF3SN`$mpOASeZ#DH+DD7l6IoWXzB z55T&lm2ya8^8mYdwr!=Bp}Z|5DJb_!zy6 zohW{RV0kMeuRT}&o_1d9uVB_* ztgb9URmgU(-`sozDrP=6Al}c;ZF)heF54A!9Ei58W3JI~*xAjd@szv9g*nITw(7wq zT%cQcqZnio*qeaN4WyZ)d|xW(2=tN%v?ZkMPCExkV$nSke|6ZMKIP`0tSg13f+ zp22cd#INuMyG)w-?@<{*n5+pOH$3o9J}U!Iy(x$|W${{k3B7q4>YpE65TuFk{xfm# zmLvNCVjEU%KV*S@51EUNiy?=1uv<_U{w;L8lvK=-fFWx|Kcga&|O8m)e15WyC@FCGhXB z6CcgI4{5dnW(kM7n95*=}lnd=Y={bLN(F@KWUx+efFF-%f%NXB_@kA*P z`Jm@X?#Do8>zF~T7U&fB`dPIL#|Azo-p{rM-^bBR*a`Nnmh{B~cg0^Tkevaj^yBVh z=rw~f66If9|5F-bYmICPh*@anv(ZM*EJXMho43(cACtnn{UW7kpVp4Ah(+zYg>1g@ zd=?GMSnl=pH!yhL#_{eQIB4PF=px$tYpG9T>#mLY1PF9Y3@sGhL$5(Y>@-@mDZlSQ`u7-{E_U4_n3IZ?9ugxnym6URQPv+B- zn+)60K9!!v?^10(bI#r4(|N@&Ea}1?D9(2W^VM#!^wd8x1$jlZ2gsYQ%fl4fP@xeh z??x}9uOTHm*uDi)shI%kq!0WjsUOp3lis!DnvVXsGEvrzU3>^egQwI6a=xI+A#BV$ z&7ei}_V{WL%Cn0vLg5-AB2MrQc)7Xv^EF`p%jMyJu zX0z2n0|d9^LQL1|eT$92T zBF+1hH19>}w%~GFIv2~lYQ(~hvTpJjESYnW&tNpZiahPr{<^5GoeAb7|p_haxtdQ)T3OC!)r<&m*R3z zdR||~1SMopLIx#doF=bbdf@QA^F=2~gTjLoh6jDvs}*bzUa+f6D8s$P-|}8mtPOhr zhayT?ktnR$f!ENHo0Y?-6tp`jwno_+69(;w=XOrXAofWYVadj5VDAgp((NqvUmqj*;L9~DY6X}P}8V+N;SN?+;v;Z&9?)M4eAW~GQ7O0 z*yI-{nx}G9w`8xqSGe%oVT{I3zsC^Q+#l7x6LhbS6n(1oqc1X6NoSFv5u9k8(kv6v zI*6V!xWl}dM9<7c&n|0MR40(JF@cZnB#g1KxgMA&$vw8ZLwUUXj{5xD5M?rBg8oBthCnLtE%pXxyz*wIX}e({n_I^V>N?c6Pg5w`FYKXl z+YYrGk_;X)corhR+KPa&SpN#!!OWK9XGLs?&yU9E^P)Ax+|~IK-4Z#-M^B5npK|>f zwoU{4a&$CrZXNWmc*}F(<4_l%MY7GMFs9RN@N?2EiNcYK;zV>SZanM!f|X!e1)jU! z4{E6w2jWBj)%7>pwtf-J>`i`#i?u^!AQ>FpyNA30Wf(@eeuv`r-95h<`$B3v1U@f1 zX03uKa`9?7@VJES%i2pe&iB?+d$W0ZX2II+JbUdtJu8EQ@3+CD^R!2|#YKTc_PFL- zC%k8O1OjqjXo?k*ei=oQl|b$4G~3lN_8S#)1j~%7WskZ6+tQ6Fzo^?16(=IAWfboY zb(5Vk^@VV1LUqGcO|(iPp#A8g43***@L+p^) zA+bZl)JT!CvrIlXa!NEYIAUoUdNon zaM&vI0ej+|dZS7Uu{;SKB8>#HoonImriE+r4rjT6TpUm_hnIS6rA zBkLa#$d0H84ZmmL3_$bJiF!p8$l6p?Ay;Js|Aon^qE~ps@*Vg)Z;`WRFj+Nz-kJ>m z^BiZ8^^K4Kvuz8vM!xFmgmX}w1NIohWp*u2CNY?ufT%gAFm-i3(*s0 zmhra-2lhM!J%)1!>&uI6^n$a-7a<4s0)x*FLE>$!TZsLM@iyo9G7}HLILlDu5Fi}` znXYLLktY!IB6#>m8K`3e4-@a_I|J|IXa;Nqx3zVz4_8g}=`m^UN2`sUQfpgdFfO$k zY>R7CzryLU)Nc8e<7N~d{EN-oXseG%;oW|5de;r7uhwx8W_RnH_#C}+>|gwW)Km5< z2t3DD_KIEkZp?e&p{?pWpMkAHA`$r5QkAV~MxY;qcdU)i>mi%8e03v72X$=_CP^fF z-W2kWH!dhBk&^?f+z`+d~Vu#LVzK3BDq^KO;#^NT4ePk>FH<5qlkHn$v z!$AvMT=O~|dIGoI+zAJLiGar8y;5~JnoSxFNpNBVFT(o-7Zfkq&nYptJ*6&=364w4 z#B!|@K3CP$S)?NVNWlX>_ajwsY0JmzTI|w!Pab~~9*ZIJS=!J>kviG)we~z)C=xZg zr*I+qok=H@w7*k6k_D^kL=?esZ7Y*bI{7SSc)AuR`%d@#k)%CMNt>Ut7RNI64TpF& zA$FZ!;>~Ia(6!-iMHFh^&97IC7&WgC+RJVM{cY`!$JVb^d*h-uu6>O;dk&5&A`gP4 z3IbbP%wg4mIJENoS$YVfBdu=}-AqjQBbMyTCor??V0?`*vpo?_ki{L2jrI2CowWiN zV5RZ#@V$69JiF5MK|xARhNk5>KDutnd5VGx>JR+Wkun(KCAzi>*BzP-rq zzFNWUKQK@rWHToJ7O%!yx4~x5ZYyTr2vf6i3@QT+s?61t!PO8rC)mweDW8NM3B5*Ep7_Xaxb=}19pS#gl&{XV(s{$A zNazhE^oqq#sBvYlQf{_AEXhP76N#h+nMhMMy`u>FoQ(Rg_aTR8AEM9dm^a#h6Ygv4Ywt8J#{cqs~jj(#>V* zl*va)4bur6YRo)&A_K`0$_OVpLdkIx8ZI45eZ2V+JAR~5^do!00)P5LAQ~i1+%@9} zYEnT2rIH}^jX=(NPx>&rUO`^VrOraie-#N9yr2>!!8#I=w5X#*c^(7ic}#Nbc-E9j zXK(K1MCf>)N*dM-3yKu@z>LN2h?PI+G%qMoWYm+jXvs<^@RZY<`%KlEw-DtyBLkiC z>C5Dh^c$x@Tos9>5y@h76{sme~xo7w;D#1nJ+f$B8Tf#`A|3?k2&uy!J21Ir1T zQ*>;k^HP%?*!$6`FV1vwRgp-*3|wJjx+61;$T?ipj0%p?(VDP$%@V|3F-Nh7(>o(M zH!u0M1bI=UwZ6o~vIGRts!hw`UV~Kw#$!)YOn(5BoqT}(D>DC+;Kc&b# zWx6#ngBc58O13%WBW--TTj6*uTE@~bq+>`qZ>3^Ml=ya%cdTZY_*NjhGI&+9VH_j^UF+%n6x^^wB$Mr`=499iO70{;$cf*_i`ztWpjJt;%0JjnF@)C z6SdBiIjdC#%Flu#o6KJ*D30Tm`YDtb`f42qp^}(L|HyxP?YZ!8Rnc(eyD@J*32ff- zozEZ?q8RrqHQoxVvi3j{wBhe-HYb@puAMt4bZ{up6qp!s!bcZA^2giu)t;)+5>88N}c;4h=a7KO%yT(U85vA*m7(pot6!4;*i*nw#!oKaJempH;^~5*NfGa z9y2-Z`njy|EGMPcUXX04(>)brKiy9E66aiI+4V7bDOI#3&Q6ujsh#`e6>EDhQ#(a% z+D2!Snu9Zc-9%9_T3~7D&Cu}kRsGB}lkd|-0}T&UG*X9pJfdq5;xy=B2~pvL#L|hK z^d9gfqMD$gli6rKsPc`!*##~*I|JVr7Oi$bKn2t!p#qhO85KlOT1g5oj1XQ> zBAsOf9+Xgp*=zXJ4t<)5zpbWj*p4rh<%pF+m#A2(LheVN?(xalmtj7#^=_f4^_!>- z^Jsog+n?j)jS-8zZ&&piH&qSLjEr5U)?o#t52D}UeSVo%a6ls%45e_BoVW^c z6|w`!{YJ^&q>3+974I)@-BYrll8`nkOxLD?lnPuGi=}gSsp+hSrL+v8z@BbkZ?dzg zkssFY0bOc{oX#-$9F}AI7nlWv5+~skeZ(K<8u%k-Ld;}>kmFJfTZ)lF&&eU#A%-dEr7`yHx~9c9QI;oLxQn zF(vU%iaLcdmnYt}5;?FSL)tl^b?JcyAX63{Xqb|TcDo=%5x}#I4oLti96*=ysRXoz|4>#iWd%12 zn11tto1~Z_(zMdihP|Za5^I3mYu@iT@{i(HLwL6)q+@-bQ43<8uf9k0K8iQjaMud^ zx4tt)er*!>i989T943_&A{WUBE|LmKEW;^MMGK@&?0g7$5~98*L?f4yeJGE&O79d# zGjpkMG%OIG2}1-nJ7eu|f~6d)u01%9-q@1GOsacW>YZ>FlrR5h8ZCR5eqb^?RDWG+~%wN>D`>;0fktm3U*cT^MU z9t|NhL7Ef=L`oi@Kqw*7dtU?sB6UHtNq`_pARt9R6kG)~D@Bl{1VKb}MG=8eq<0oU zmQJWk6+!78dBc0phxqoq)jc~olgv4D=H7GfeBaD3fBf#J6Fgl}^3jNP*cJj0A|9=& z>lamoB_1CUPP;=5mNM-b)K0*4nq0V9Ikf}HImc-TD_nsTsH2=-tj3a;%2qmuJSh~1 zTtD?T7xnEn{QR`WTszU47U%79|x(Q(ZkS)v6E!f)`e;-hO-eVeCj-keLAN}&tYo(vAdAk0%tPAo{A&ItVU7O3>3 z7cG487BnHY)w=aBGEaq&B_Z}4L^=EHl(Y56o?t`sWDDgFTW7NQ1;m6UZ)S*h^u)-8+%~?~*jbi5 z-Zm?IO+0i`=}i876Texx{bF6L-05G+Eibudx89~O ztEQ{LZLnc^op0Hfa4ZHSqd55GU^gXGfhWdQDSZ5+Az_|};1TifU9FlaGvo(rt^BD1 zyl`);*IO}^9<`^DT|f{PZkwwM7vApcgReIK1Ouh ztx6@gN3^uCUtnD8%^X5UsiM#)6v>4JaVhzIg<}tDifSR|K^dzhsg`95V&`TC-K;w_ z)bil?9_8)@1w;GO%M~f6#P8Hx;hL_j+&4AcyLYW9uS$pX*zcu>?9_|3q(fe__3Lxf z-JvCt3T1?>>9fX$Yx0N1`%m1Tt(3a!u2mxug)khHm*i1T8vNefMmc9g!+lD##%U{21(kf@ z9~oLC+b_eN{1zgcRW{Y~qy2&hiK_2W(wTHmDXADD6?={Ye1T3Tt&tcwdv;(1Z%n%} zlzE&yK`t@WoWH-}97VCX{CdrPDrbT%!fLH|8L#G;NGvT@c#JplcF*{(CP}0DRw6X0JMxH!Xqdp)& zz;UsK;zQj1d_2@T44`1Vlw>F<7 zC^nhGMYvLC_>Tq0XppLnMJhi&_p{o`Sh%C5y6N`hNNXj78XZd{Y&s-0D zB13(nLOA0Rq)6qr(5aG*j*c9NGr_Z2I~{d`4#xFPGDBU(Dxmld5f(y~_SxL7Wi%u$ zG@zKJdwzJAW4~eA0ce;uvn=c!1{$T2U=ZjC@av>cB=`co(C2Ley|6ycd!5iJvAPyD z@|=ciCIeNAeE(pV;nXuN1raJ4WZYsC)y87ntmA2La|cl?WJ34WuC`p(VA>?+C!~t& z>}<%OJ^fMA3GdliG5r*;@OH@T$UY-jJ1Te znct`5gq<6uu39$**32X+%t^CdG5ul4A_}$$j?4)xzTQ^edO3q9oPXkd#16;V75w9Z zV%LDET7QAu`kg1Dlr0^afhd1=wv;UQsAU(E+bgkVU7cquTbWC=ckezF_IRVh<|}^e z&SA>i0u=A=(t{5AA+WAvtO}eFg@8a-fFE8c^hKaOT+Rne^24FAK5}@hFA9V5MaiLw zB&@6#iRgtT`Qm^Ra5zR)-c5Wqc1_`&JlIEd1t>4WgS}{tf_^%DF z4f>aFuRi=O*KjHx5eG%%!0wr{cOA@QCGOS$i+o=8rkK6+dhbbwNiFM0jS&y2ns$qJ zDyQ_2J6cM3<)Fr7-lUPhdPRzF0iE;2FhlJbyN%z^*%i>{dI>!5U>!

h_6;{wtO zHuX#>sIb-X>V|wbXcsao{~32x1A9TV;EU?Qjzqho2BKjjbC{YELD_U1-J;%*$xShP z<Q$%C!k?I(^z5ZM9A#6zg6vs2uH-adWk5ueZ(eu|<_K8F+B}w8S)Oma zpgWq!f`2t#FmN&l70IO1^n+^Eo3KL^x|1<2;-B&P952 zu50|2`0ZuKb@>OZp8kQjD;7L0Ru7MC1mxQ(={DEX7fA|Ot19$D zB$q*xudSs`5ApehyDBy(OiXWj$V9cTANlE7`S|vUQzc6Q?2q)*J~Dh7r*vQ*(7&S& z_Gaz}CCYs$9SFn)j8;})q#oSPldzsXayCeqm;^{%4S~d{q)Pbwa0l2S; zM<87C@xr1%$KA_b_?@LyNEpBq0(RX4xTgRK|4Cv{LMVP!0t4w1!54?eqKO1ooEyx; zhX^bcwJ&3j&LXp7vObJ{ z%eK%5hyo_-L3ycvo%Wk-oRormY2(+*`@+UQDx3Ci7r!gykBX?zXa63+mvzQIfTSDb Y@2@(LW( Date: Wed, 5 Aug 2020 10:58:02 +0800 Subject: [PATCH 11/17] Hide enablePurgeProtection --- .../Scripts/ControlPlane/KeyVaultManagementTests.ps1 | 5 +++-- src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs | 2 ++ src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs | 9 ++++++++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index 535c9281791b..9911cde97828 100644 --- a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -196,9 +196,10 @@ function Test-ManagedHsmCRUD { Assert-AreEqual $hsmLocation $got.Location # Test update purge protection & customize retention days - $updatedMhsm = Update-AzKeyVault -InputObject $got -EnablePurgeProtection -SoftDeleteRetentionInDays 10 -Hsm + # nothing can be updated now + # $updatedMhsm = Update-AzKeyVault -InputObject $got -EnablePurgeProtection -SoftDeleteRetentionInDays 10 -Hsm # Assert-True { $updatedMhsm.EnableSoftDelete } "By default EnableSoftDelete should be true" - Assert-True { $updatedMhsm.EnablePurgeProtection } "If -EnablePurgeProtection, EnablePurgeProtection should be true" + # Assert-True { $updatedMhsm.EnablePurgeProtection } "If -EnablePurgeProtection, EnablePurgeProtection should be true" # Assert-AreEqual 10 $updatedMhsm.SoftDeleteRetentionInDays "SoftDeleteRetentionInDays should be the same value as set" # Test remove MHSM diff --git a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs index bf9cc0f27218..d610f70e0f38 100644 --- a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs @@ -81,6 +81,8 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase public SwitchParameter DisableSoftDelete { get; set; } [Parameter(Mandatory = false, + // Hide out until available + ParameterSetName = KeyVaultParameterSet, HelpMessage = "If specified, protection against immediate deletion is enabled for this vault; requires soft delete to be enabled as well. Enabling 'purge protection' on a key vault is an irreversible action. Once enabled, it cannot be changed or removed.")] public SwitchParameter EnablePurgeProtection { get; set; } diff --git a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs index 47d1f9454bf9..1607ea4b8f19 100644 --- a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs @@ -66,7 +66,14 @@ public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase HelpMessage = "Enable the soft-delete functionality for this key vault. Once enabled it cannot be disabled.")] public SwitchParameter EnableSoftDelete { get; set; } - [Parameter(Mandatory = false, + [Parameter(Mandatory = false, + ParameterSetName = UpdateKeyVault + ByNameParameterSet, + HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] + [Parameter(Mandatory = false, + ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, + HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] + [Parameter(Mandatory = false, + ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, HelpMessage = "Enable the purge protection functionality for this key vault. Once enabled it cannot be disabled. It requires soft-delete to be turned on.")] public SwitchParameter EnablePurgeProtection { get; set; } From 8fdd5124c1ea951717153beed85ac09b41b0fddf Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Wed, 5 Aug 2020 11:14:22 +0800 Subject: [PATCH 12/17] Update ChangeLog.md and help.md --- src/KeyVault/KeyVault/ChangeLog.md | 1 + src/KeyVault/KeyVault/help/Get-AzKeyVault.md | 25 ++++++-- src/KeyVault/KeyVault/help/New-AzKeyVault.md | 63 +++++++++++++++---- .../KeyVault/help/Remove-AzKeyVault.md | 35 ++++++++--- .../KeyVault/help/Update-AzKeyVault.md | 55 ++++++++++++---- 5 files changed, 141 insertions(+), 38 deletions(-) diff --git a/src/KeyVault/KeyVault/ChangeLog.md b/src/KeyVault/KeyVault/ChangeLog.md index c785fe748ba4..a59c5b77d036 100644 --- a/src/KeyVault/KeyVault/ChangeLog.md +++ b/src/KeyVault/KeyVault/ChangeLog.md @@ -18,6 +18,7 @@ - Additional information about change #1 --> ## Upcoming Release +* Enabled MHSM Management via *-AzKeyVault ## Version 2.0.0 * Removed two aliases: `New-AzKeyVaultCertificateAdministratorDetails` and `New-AzKeyVaultCertificateOrganizationDetails` diff --git a/src/KeyVault/KeyVault/help/Get-AzKeyVault.md b/src/KeyVault/KeyVault/help/Get-AzKeyVault.md index 663f7be76cfb..cd3e1e8ff3bf 100644 --- a/src/KeyVault/KeyVault/help/Get-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/Get-AzKeyVault.md @@ -15,19 +15,20 @@ Gets key vaults. ### GetVaultByName (Default) ``` -Get-AzKeyVault [[-VaultName] ] [[-ResourceGroupName] ] [-Tag ] - [-DefaultProfile ] [] +Get-AzKeyVault [[-VaultName] ] [[-ResourceGroupName] ] [-ResourceType ] + [-Tag ] [-DefaultProfile ] [] ``` ### ByDeletedVault ``` -Get-AzKeyVault [-VaultName] [-Location] [-InRemovedState] +Get-AzKeyVault [-VaultName] [-Location] [-InRemovedState] [-ResourceType ] [-DefaultProfile ] [] ``` ### ListAllDeletedVaultsInSubscription ``` -Get-AzKeyVault [-InRemovedState] [-DefaultProfile ] [] +Get-AzKeyVault [-InRemovedState] [-ResourceType ] [-DefaultProfile ] + [] ``` ## DESCRIPTION @@ -243,6 +244,22 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -ResourceType +Specifies the type of vault to be shown. + +```yaml +Type: System.Nullable`1[Microsoft.Azure.Commands.KeyVault.Models.ResourceTypeName] +Parameter Sets: (All) +Aliases: Type +Accepted values: Vault, Hsm + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -Tag Key-value pairs in the form of a hash table. For example: @{key0="value0";key1=$null;key2="value2"} diff --git a/src/KeyVault/KeyVault/help/New-AzKeyVault.md b/src/KeyVault/KeyVault/help/New-AzKeyVault.md index b8c0d1d65612..a945f1386661 100644 --- a/src/KeyVault/KeyVault/help/New-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/New-AzKeyVault.md @@ -13,14 +13,22 @@ Creates a key vault. ## SYNTAX +### KeyVaultParameterSet ``` -New-AzKeyVault [-Name] [-ResourceGroupName] [-Location] [-EnabledForDeployment] - [-EnabledForTemplateDeployment] [-EnabledForDiskEncryption] [-DisableSoftDelete] [-EnablePurgeProtection] - [-SoftDeleteRetentionInDays ] [-Sku ] [-Tag ] - [-NetworkRuleSet ] [-DefaultProfile ] [-WhatIf] [-Confirm] +New-AzKeyVault [-Name] [-ResourceGroupName] [-Location] [-DisableSoftDelete] + [-EnablePurgeProtection] [-SoftDeleteRetentionInDays ] [-Sku ] [-Tag ] + [-NetworkRuleSet ] [-EnabledForDeployment] [-EnabledForTemplateDeployment] + [-EnabledForDiskEncryption] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` +### ManagedHsmParameterSet +``` +New-AzKeyVault [-Name] [-ResourceGroupName] [-Location] [-Sku ] + [-Tag ] -Administrator [-Hsm] + [-DefaultProfile ] [-WhatIf] [-Confirm] [] +``` + ## DESCRIPTION The **New-AzKeyVault** cmdlet creates a key vault in the specified resource group. This cmdlet also grants permissions to the currently logged on user to add, remove, or list keys and secrets in @@ -120,6 +128,21 @@ Creating a key vault and specifies network rules to allow access to the specifie ## PARAMETERS +### -Administrator +Array of initial administrators object ids for this managed hsm pool. + +```yaml +Type: System.Collections.Generic.List`1[System.String] +Parameter Sets: ManagedHsmParameterSet +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -DefaultProfile The credentials, account, tenant, and subscription used for communication with azure @@ -140,7 +163,7 @@ If specified, 'soft delete' functionality is disabled for this key vault. ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: KeyVaultParameterSet Aliases: Required: False @@ -156,7 +179,7 @@ key vault is referenced in resource creation, for example when creating a virtua ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: KeyVaultParameterSet Aliases: Required: False @@ -171,7 +194,7 @@ Enables the Azure disk encryption service to get secrets and unwrap keys from th ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: KeyVaultParameterSet Aliases: Required: False @@ -186,7 +209,7 @@ Enables Azure Resource Manager to get secrets from this key vault when this key ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: KeyVaultParameterSet Aliases: Required: False @@ -201,7 +224,7 @@ If specified, protection against immediate deletion is enabled for this vault; r ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: KeyVaultParameterSet Aliases: Required: False @@ -211,6 +234,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -Hsm +Specifies the type of this vault as MHSM. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: ManagedHsmParameterSet +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -Location Specifies the Azure region in which to create the key vault. Use the command [Get-AzLocation](https://docs.microsoft.com/powershell/module/Azure/Get-AzLocation) to see your choices. @@ -246,7 +284,7 @@ Specifies the network rule set of the vault. It governs the accessibility of the ```yaml Type: Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultNetworkRuleSet -Parameter Sets: (All) +Parameter Sets: KeyVaultParameterSet Aliases: Required: False @@ -275,10 +313,9 @@ Accept wildcard characters: False Specifies the SKU of the key vault instance. For information about which features are available for each SKU, see the Azure Key Vault Pricing website (https://go.microsoft.com/fwlink/?linkid=512521). ```yaml -Type: Microsoft.Azure.Management.KeyVault.Models.SkuName +Type: System.String Parameter Sets: (All) Aliases: -Accepted values: Standard, Premium Required: False Position: Named @@ -292,7 +329,7 @@ Specifies how long deleted resources are retained, and how long until a vault or ```yaml Type: System.Int32 -Parameter Sets: (All) +Parameter Sets: KeyVaultParameterSet Aliases: Required: False diff --git a/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md b/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md index 45acf6bc7803..1d06ad192e0b 100644 --- a/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md @@ -15,38 +15,38 @@ Deletes a key vault. ### ByAvailableVault (Default) ``` -Remove-AzKeyVault [-VaultName] [[-ResourceGroupName] ] [[-Location] ] [-Force] +Remove-AzKeyVault [-VaultName] [[-ResourceGroupName] ] [[-Location] ] [-Hsm] [-Force] [-AsJob] [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ### ByDeletedVault ``` -Remove-AzKeyVault [-VaultName] [-Location] [-InRemovedState] [-Force] [-AsJob] [-PassThru] - [-DefaultProfile ] [-WhatIf] [-Confirm] [] +Remove-AzKeyVault [-VaultName] [-Location] [-InRemovedState] [-Hsm] [-Force] [-AsJob] + [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ### InputObjectByAvailableVault ``` -Remove-AzKeyVault [-InputObject] [-Force] [-AsJob] [-PassThru] +Remove-AzKeyVault [-InputObject] [-Hsm] [-Force] [-AsJob] [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ### InputObjectByDeletedVault ``` -Remove-AzKeyVault [-InputObject] [-InRemovedState] [-Force] [-AsJob] [-PassThru] - [-DefaultProfile ] [-WhatIf] [-Confirm] [] +Remove-AzKeyVault [-InputObject] [-InRemovedState] [-Hsm] [-Force] [-AsJob] + [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ### ResourceIdByAvailableVault ``` -Remove-AzKeyVault [-ResourceId] [[-Location] ] [-Force] [-AsJob] [-PassThru] +Remove-AzKeyVault [-ResourceId] [[-Location] ] [-Hsm] [-Force] [-AsJob] [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ### ResourceIdByDeletedVault ``` -Remove-AzKeyVault [-ResourceId] [-Location] [-InRemovedState] [-Force] [-AsJob] [-PassThru] - [-DefaultProfile ] [-WhatIf] [-Confirm] [] +Remove-AzKeyVault [-ResourceId] [-Location] [-InRemovedState] [-Hsm] [-Force] [-AsJob] + [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ## DESCRIPTION @@ -123,11 +123,26 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -Hsm +Specifies the type of vault as MHSM. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -InputObject Key Vault object to be deleted. ```yaml -Type: Microsoft.Azure.Commands.KeyVault.Models.PSKeyVault +Type: Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultIdentityItem Parameter Sets: InputObjectByAvailableVault, InputObjectByDeletedVault Aliases: diff --git a/src/KeyVault/KeyVault/help/Update-AzKeyVault.md b/src/KeyVault/KeyVault/help/Update-AzKeyVault.md index 903820f6f2fc..de25b954588c 100644 --- a/src/KeyVault/KeyVault/help/Update-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/Update-AzKeyVault.md @@ -12,27 +12,45 @@ Update the state of an Azure key vault. ## SYNTAX -### UpdateByNameParameterSet (Default) +### UpdateKeyVaultByNameParameterSet (Default) ``` Update-AzKeyVault -ResourceGroupName -VaultName [-EnableSoftDelete] [-EnablePurgeProtection] [-SoftDeleteRetentionInDays ] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` -### UpdateByInputObjectParameterSet +### UpdateManagedHsmByNameParameterSet ``` -Update-AzKeyVault -InputObject [-EnableSoftDelete] [-EnablePurgeProtection] +Update-AzKeyVault -ResourceGroupName -VaultName [-SoftDeleteRetentionInDays ] [-Hsm] + [-DefaultProfile ] [-WhatIf] [-Confirm] [] +``` + +### UpdateKeyVaultByInputObjectParameterSet +``` +Update-AzKeyVault -InputObject [-EnableSoftDelete] [-EnablePurgeProtection] [-SoftDeleteRetentionInDays ] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` -### UpdateByResourceIdParameterSet +### UpdateManagedHsmByInputObjectParameterSet +``` +Update-AzKeyVault -InputObject [-SoftDeleteRetentionInDays ] [-Hsm] + [-DefaultProfile ] [-WhatIf] [-Confirm] [] +``` + +### UpdateKeyVaultUByResourceIdParameterSet ``` Update-AzKeyVault -ResourceId [-EnableSoftDelete] [-EnablePurgeProtection] [-SoftDeleteRetentionInDays ] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` +### UpdateManagedHsmUByResourceIdParameterSet +``` +Update-AzKeyVault -ResourceId [-SoftDeleteRetentionInDays ] [-Hsm] + [-DefaultProfile ] [-WhatIf] [-Confirm] [] +``` + ## DESCRIPTION This cmdlet updates the state of an Azure key vault. Please note updating some of the properties is an irreversible action, for example once soft delete has been enabled, it cannot be disabled anymore. @@ -77,7 +95,7 @@ It requires soft-delete to be turned on. ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateKeyVaultByInputObjectParameterSet, UpdateKeyVaultUByResourceIdParameterSet Aliases: Required: False @@ -93,7 +111,7 @@ Once enabled it cannot be disabled. ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateKeyVaultByInputObjectParameterSet, UpdateKeyVaultUByResourceIdParameterSet Aliases: Required: False @@ -103,12 +121,27 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -Hsm +Specifies the type of this vault as MHSM. + +```yaml +Type: System.Management.Automation.SwitchParameter +Parameter Sets: UpdateManagedHsmByNameParameterSet, UpdateManagedHsmByInputObjectParameterSet, UpdateManagedHsmUByResourceIdParameterSet +Aliases: + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -InputObject Key vault object. ```yaml -Type: Microsoft.Azure.Commands.KeyVault.Models.PSKeyVault -Parameter Sets: UpdateByInputObjectParameterSet +Type: Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultIdentityItem +Parameter Sets: UpdateKeyVaultByInputObjectParameterSet, UpdateManagedHsmByInputObjectParameterSet Aliases: Required: True @@ -123,7 +156,7 @@ Name of the resource group. ```yaml Type: System.String -Parameter Sets: UpdateByNameParameterSet +Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateManagedHsmByNameParameterSet Aliases: Required: True @@ -138,7 +171,7 @@ Resource ID of the key vault. ```yaml Type: System.String -Parameter Sets: UpdateByResourceIdParameterSet +Parameter Sets: UpdateKeyVaultUByResourceIdParameterSet, UpdateManagedHsmUByResourceIdParameterSet Aliases: Required: True @@ -168,7 +201,7 @@ Name of the key vault. ```yaml Type: System.String -Parameter Sets: UpdateByNameParameterSet +Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateManagedHsmByNameParameterSet Aliases: Name Required: True From c984d6a34af4d454ca552cbf7bd26593ed07917c Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Wed, 5 Aug 2020 18:40:46 +0800 Subject: [PATCH 13/17] Modify codes according to comments --- .../ControlPlane/KeyVaultManagementTests.ps1 | 6 +++--- src/KeyVault/KeyVault/ChangeLog.md | 2 +- .../KeyVault/Commands/GetAzureKeyVault.cs | 2 +- .../KeyVault/Commands/NewAzureKeyVault.cs | 6 +++--- .../KeyVault/Commands/RemoveAzureKeyVault.cs | 2 +- .../KeyVault/Commands/UpdateAzureKeyVault.cs | 8 ++++---- src/KeyVault/KeyVault/Models/PSKeyVault.cs | 2 +- .../KeyVault/Models/VaultCreationParameters.cs | 2 +- .../KeyVault/Models/VaultManagementClient.cs | 18 +++++++++--------- 9 files changed, 24 insertions(+), 24 deletions(-) diff --git a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index 9911cde97828..cf3eda04051a 100644 --- a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -169,7 +169,7 @@ function Test-ManagedHsmCRUD { New-AzResourceGroup -Name $rgName -Location $rgLocation try { - # Test create a default MHSM + # Test create a default Managed HSM $actual = New-AzKeyVault -Name $hsmName -ResourceGroupName $rgName -Location $hsmLocation -Administrator $administrator -Hsm Assert-AreEqual $hsmName $actual.VaultName Assert-AreEqual $rgName $actual.ResourceGroupName @@ -188,7 +188,7 @@ function Test-ManagedHsmCRUD { # Default retention days Assert-AreEqual 90 $actual.SoftDeleteRetentionInDays "By default SoftDeleteRetentionInDays should be 90" - # Test get MHSM + # Test get Managed HSM $got = Get-AzKeyVault -Name $hsmName -ResourceType Hsm Assert-NotNull $got Assert-AreEqual $hsmName $got.VaultName @@ -202,7 +202,7 @@ function Test-ManagedHsmCRUD { # Assert-True { $updatedMhsm.EnablePurgeProtection } "If -EnablePurgeProtection, EnablePurgeProtection should be true" # Assert-AreEqual 10 $updatedMhsm.SoftDeleteRetentionInDays "SoftDeleteRetentionInDays should be the same value as set" - # Test remove MHSM + # Test remove Managed HSM Remove-AzKeyVault -VaultName $got -Hsm -Force $deletedMhsm = Get-AzKeyVault -VaultName $vaultName -ResourceGroupName $rgName Assert-Null $deletedMhsm diff --git a/src/KeyVault/KeyVault/ChangeLog.md b/src/KeyVault/KeyVault/ChangeLog.md index a59c5b77d036..c2951ba399eb 100644 --- a/src/KeyVault/KeyVault/ChangeLog.md +++ b/src/KeyVault/KeyVault/ChangeLog.md @@ -18,7 +18,7 @@ - Additional information about change #1 --> ## Upcoming Release -* Enabled MHSM Management via *-AzKeyVault +* Enabled Managed HSM Management via *-AzKeyVault ## Version 2.0.0 * Removed two aliases: `New-AzKeyVaultCertificateAdministratorDetails` and `New-AzKeyVaultCertificateOrganizationDetails` diff --git a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs index d5c3245ca53f..aa19bbb03660 100644 --- a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs @@ -86,7 +86,7 @@ public class GetAzureKeyVault : KeyVaultManagementCmdletBase public SwitchParameter InRemovedState { get; set; } [Parameter(Mandatory = false, - HelpMessage = "Specifies the type of vault to be shown.")] + HelpMessage = "Specifies the type of Vault / HSM to be shown.If omitted, both will be listed.")] [Alias("Type")] public ResourceTypeName? ResourceType { get; set; } diff --git a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs index d610f70e0f38..e9059c48c216 100644 --- a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs @@ -135,16 +135,16 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase #endregion - #region MHSM-specified Parameter Definitions + #region Managed HSM-specified Parameter Definitions [Parameter(Mandatory = true, ParameterSetName = ManagedHsmParameterSet, HelpMessage = "Array of initial administrators object ids for this managed hsm pool.")] - public List Administrator { get; set; } + public string[] Administrator { get; set; } [Parameter(Mandatory = true, ParameterSetName = ManagedHsmParameterSet, - HelpMessage = "Specifies the type of this vault as MHSM.")] + HelpMessage = "Specifies the type of this vault as Managed HSM.")] public SwitchParameter Hsm { get; set; } #endregion diff --git a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs index ef410ad61c6f..c80eba9f5336 100644 --- a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs @@ -135,7 +135,7 @@ public class RemoveAzureKeyVault : KeyVaultManagementCmdletBase public SwitchParameter InRemovedState { get; set; } [Parameter(Mandatory = false, - HelpMessage = "Specifies the type of vault as MHSM.")] + HelpMessage = "Specifies the type of vault as Managed HSM.")] public SwitchParameter Hsm { get; set; } /// diff --git a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs index 1607ea4b8f19..e7695a7a3b25 100644 --- a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs @@ -30,7 +30,7 @@ public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase private const string UpdateManagedHsm = "UpdateManagedHsm"; private const string ByNameParameterSet = "ByNameParameterSet"; private const string ByInputObjectParameterSet = "ByInputObjectParameterSet"; - private const string ByResourceIdParameterSet = "UByResourceIdParameterSet"; + private const string ByResourceIdParameterSet = "ByResourceIdParameterSet"; [Parameter(Mandatory = true, ParameterSetName = UpdateKeyVault + ByNameParameterSet, HelpMessage = "Name of the resource group.")] [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Name of the resource group.")] @@ -90,9 +90,9 @@ public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase [ValidateNotNullOrEmpty] public int SoftDeleteRetentionInDays { get; set; } - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Specifies the type of this vault as MHSM.")] - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByInputObjectParameterSet, HelpMessage = "Specifies the type of this vault as MHSM.")] - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByResourceIdParameterSet, HelpMessage = "Specifies the type of this vault as MHSM.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Specifies the type of this vault as Managed HSM.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByInputObjectParameterSet, HelpMessage = "Specifies the type of this vault as Managed HSM.")] + [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByResourceIdParameterSet, HelpMessage = "Specifies the type of this vault as Managed HSM.")] public SwitchParameter Hsm { get; set; } public override void ExecuteCmdlet() diff --git a/src/KeyVault/KeyVault/Models/PSKeyVault.cs b/src/KeyVault/KeyVault/Models/PSKeyVault.cs index 52b72beffcad..3513c5722750 100644 --- a/src/KeyVault/KeyVault/Models/PSKeyVault.cs +++ b/src/KeyVault/KeyVault/Models/PSKeyVault.cs @@ -89,7 +89,7 @@ public PSKeyVault(Vault vault, ActiveDirectoryClient adClient) private static PSKeyVaultNetworkRuleSet InitNetworkRuleSet(VaultProperties properties) { - // The service will return NULL when NetworkAcls is never set before or set with default proper values + // The service will return NULL when NetworkAcls is never set before or set with default values // The default constructor will set default property values in SDK's NetworkRuleSet class if (properties?.NetworkAcls == null) { diff --git a/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs b/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs index 47939075de00..abf83b697c59 100644 --- a/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs +++ b/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs @@ -37,6 +37,6 @@ public class VaultCreationParameters public AccessPolicyEntry AccessPolicy { get; set; } public NetworkRuleSet NetworkAcls { get; set; } public CreateMode? CreateMode { get; set; } - public List Administrator { get; set; } + public string[] Administrator { get; set; } } } diff --git a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs index dd555883aa61..9cac614ad63f 100644 --- a/src/KeyVault/KeyVault/Models/VaultManagementClient.cs +++ b/src/KeyVault/KeyVault/Models/VaultManagementClient.cs @@ -351,7 +351,7 @@ public List ListDeletedVaults() #region Managedhsm-related METHOD /// - /// Create a MHSM pool + /// Create a Managed HSM pool /// /// vault creation parameters /// the active directory client @@ -366,7 +366,7 @@ public PSManagedHsm CreateNewManagedHsm(VaultCreationParameters parameters, Acti throw new ArgumentNullException("parameters.ResourceGroupName"); if (string.IsNullOrWhiteSpace(parameters.Location)) throw new ArgumentNullException("parameters.Location"); - if(parameters.Administrator.Count==0) + if(parameters.Administrator.Length == 0) throw new ArgumentNullException("parameters.Administrator"); var properties = new ManagedHsmProperties(); @@ -427,12 +427,12 @@ public PSManagedHsm CreateNewManagedHsm(VaultCreationParameters parameters, Acti } /// - /// Get an existing MHSM. Returns null if vault is not found. + /// Get an existing Managed HSM. Returns null if vault is not found. /// /// managed hsm name /// resource group name /// the active directory client - /// the retrieved MHSM + /// the retrieved Managed HSM public PSManagedHsm GetManagedHsm(string managedHsmName, string resourceGroupName, ActiveDirectoryClient adClient = null) { if (string.IsNullOrWhiteSpace(managedHsmName)) @@ -457,12 +457,12 @@ public PSManagedHsm GetManagedHsm(string managedHsmName, string resourceGroupNam } /// - /// Update an existing MHSM. Only EnablePurgeProtection can be updated currently. + /// Update an existing Managed HSM. Only EnablePurgeProtection can be updated currently. /// - /// the existing MHSM + /// the existing Managed HSM /// enable purge protection /// the active directory client - /// the updated MHSM + /// the updated Managed HSM public PSManagedHsm UpdateManagedHsm( PSManagedHsm existingManagedHsm, // PSKeyVaultAccessPolicy[] updatedPolicies, @@ -531,7 +531,7 @@ public PSManagedHsm UpdateManagedHsm( } /// - /// Delete an existing MHSM. Throws if vault is not found. + /// Delete an existing Managed HSM. Throws if vault is not found. /// /// /// @@ -555,7 +555,7 @@ public void DeleteManagedHsm(string managedHsm, string resourceGroupName) } /// - /// Purge a deleted MHSM. Throws if MHSM is not found. + /// Purge a deleted Managed HSM. Throws if Managed HSM is not found. /// /// /// From 09b09af19bda218bfe1d19005affb7f19ef707cc Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Thu, 6 Aug 2020 12:51:52 +0800 Subject: [PATCH 14/17] Update help.md --- .../ControlPlane/KeyVaultManagementTests.ps1 | 16 +---- .../KeyVault/Commands/GetAzureKeyVault.cs | 35 ++++------ .../KeyVault/Commands/NewAzureKeyVault.cs | 6 +- .../KeyVault/Commands/RemoveAzureKeyVault.cs | 22 +++---- .../KeyVault/Commands/UpdateAzureKeyVault.cs | 64 +++++-------------- src/KeyVault/KeyVault/help/Get-AzKeyVault.md | 31 +++++++-- src/KeyVault/KeyVault/help/New-AzKeyVault.md | 30 ++++++++- .../KeyVault/help/Remove-AzKeyVault.md | 22 +++++-- .../KeyVault/help/Update-AzKeyVault.md | 47 ++------------ 9 files changed, 117 insertions(+), 156 deletions(-) diff --git a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index cf3eda04051a..2ffd7e345814 100644 --- a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -177,13 +177,6 @@ function Test-ManagedHsmCRUD { Assert-AreEqual 1 $hsm.InitialAdminObjectIds.Count Assert-True $hsm.InitialAdminObjectIds.Contains($administrator) Assert-AreEqual "StandardB1" $actual.Sku - - # Default Access Policy is not set by Service Principal - # Assert-AreEqual 0 @($actual.AccessPolicies).Count - - # Soft delete and purge protection defaults to true - # Assert-True { $actual.EnableSoftDelete } "By default EnableSoftDelete should be true" - Assert-Null $actual.EnablePurgeProtection "By default EnablePurgeProtection should be null" # Default retention days Assert-AreEqual 90 $actual.SoftDeleteRetentionInDays "By default SoftDeleteRetentionInDays should be 90" @@ -195,15 +188,8 @@ function Test-ManagedHsmCRUD { Assert-AreEqual $rgName $got.ResourceGroupName Assert-AreEqual $hsmLocation $got.Location - # Test update purge protection & customize retention days - # nothing can be updated now - # $updatedMhsm = Update-AzKeyVault -InputObject $got -EnablePurgeProtection -SoftDeleteRetentionInDays 10 -Hsm - # Assert-True { $updatedMhsm.EnableSoftDelete } "By default EnableSoftDelete should be true" - # Assert-True { $updatedMhsm.EnablePurgeProtection } "If -EnablePurgeProtection, EnablePurgeProtection should be true" - # Assert-AreEqual 10 $updatedMhsm.SoftDeleteRetentionInDays "SoftDeleteRetentionInDays should be the same value as set" - # Test remove Managed HSM - Remove-AzKeyVault -VaultName $got -Hsm -Force + Remove-AzKeyVault -InputObject $got -Hsm -Force $deletedMhsm = Get-AzKeyVault -VaultName $vaultName -ResourceGroupName $rgName Assert-Null $deletedMhsm diff --git a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs index aa19bbb03660..56c30558bacf 100644 --- a/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/GetAzureKeyVault.cs @@ -86,9 +86,10 @@ public class GetAzureKeyVault : KeyVaultManagementCmdletBase public SwitchParameter InRemovedState { get; set; } [Parameter(Mandatory = false, - HelpMessage = "Specifies the type of Vault / HSM to be shown.If omitted, both will be listed.")] + ParameterSetName = GetVaultParameterSet, + HelpMessage = "Specifies the type of Vault / HSM to be shown. If omitted, both will be listed.")] [Alias("Type")] - public ResourceTypeName? ResourceType { get; set; } + public ResourceTypeName ResourceType { get; set; } /// /// Tag value @@ -103,6 +104,12 @@ public class GetAzureKeyVault : KeyVaultManagementCmdletBase #endregion public override void ExecuteCmdlet() { + ResourceTypeName? resourceTypeName = null; + if (MyInvocation.BoundParameters.ContainsKey(nameof(ResourceType))) + { + resourceTypeName = this.ResourceType; + } + switch (ParameterSetName) { case GetVaultParameterSet: @@ -113,7 +120,7 @@ public override void ExecuteCmdlet() if (ShouldGetByName(ResourceGroupName, VaultName)) { - switch (ResourceType) + switch (resourceTypeName) { case ResourceTypeName.Vault: vault = KeyVaultManagementClient.GetVault( @@ -157,34 +164,18 @@ public override void ExecuteCmdlet() WriteObject( TopLevelWildcardFilter( ResourceGroupName, VaultName, - ListVaults(ResourceGroupName, Tag, ResourceType)), + ListVaults(ResourceGroupName, Tag, resourceTypeName)), true); } break; case GetDeletedVaultParameterSet: - switch (ResourceType) - { - case ResourceTypeName.Vault: - WriteObject(KeyVaultManagementClient.GetDeletedVault(VaultName, Location)); - break; - case ResourceTypeName.Hsm: - default: - break; - } + WriteObject(KeyVaultManagementClient.GetDeletedVault(VaultName, Location)); break; case ListDeletedVaultsParameterSet: - switch (ResourceType) - { - case ResourceTypeName.Vault: - WriteObject(KeyVaultManagementClient.ListDeletedVaults(), true); - break; - case ResourceTypeName.Hsm: - default: - break; - } + WriteObject(KeyVaultManagementClient.ListDeletedVaults(), true); break; default: diff --git a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs index e9059c48c216..a14590a2d745 100644 --- a/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/NewAzureKeyVault.cs @@ -36,8 +36,6 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase private const string KeyVaultParameterSet = "KeyVaultParameterSet"; private const string ManagedHsmParameterSet = "ManagedHsmParameterSet"; - #region Input Parameter Definitions - #region Common Parameter Definitions /// /// Vault name @@ -149,9 +147,7 @@ public class NewAzureKeyVault : KeyVaultManagementCmdletBase #endregion - #endregion - - public override void ExecuteCmdlet() + public override void ExecuteCmdlet() { if (ShouldProcess(Name, Properties.Resources.CreateKeyVault)) { diff --git a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs index c80eba9f5336..c4bfdd0ec616 100644 --- a/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/RemoveAzureKeyVault.cs @@ -134,7 +134,14 @@ public class RemoveAzureKeyVault : KeyVaultManagementCmdletBase HelpMessage = "Remove the previously deleted vault permanently.")] public SwitchParameter InRemovedState { get; set; } - [Parameter(Mandatory = false, + [Parameter(Mandatory = false, + ParameterSetName = RemoveVaultParameterSet, + HelpMessage = "Specifies the type of vault as Managed HSM.")] + [Parameter(Mandatory = false, + ParameterSetName = InputObjectRemoveVaultParameterSet, + HelpMessage = "Specifies the type of vault as Managed HSM.")] + [Parameter(Mandatory = false, + ParameterSetName = ResourceIdRemoveVaultParameterSet, HelpMessage = "Specifies the type of vault as Managed HSM.")] public SwitchParameter Hsm { get; set; } @@ -184,16 +191,9 @@ public override void ExecuteCmdlet() VaultName, () => { - if (Hsm.IsPresent) - { - //PurgeManagedHsm(); - } - else - { - KeyVaultManagementClient.PurgeVault( - vaultName: VaultName, - location: Location); - } + KeyVaultManagementClient.PurgeVault( + vaultName: VaultName, + location: Location); if (PassThru) { diff --git a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs index e7695a7a3b25..67fc13dfef90 100644 --- a/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs +++ b/src/KeyVault/KeyVault/Commands/UpdateAzureKeyVault.cs @@ -27,31 +27,26 @@ namespace Microsoft.Azure.Commands.KeyVault public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase { private const string UpdateKeyVault = "UpdateKeyVault"; - private const string UpdateManagedHsm = "UpdateManagedHsm"; private const string ByNameParameterSet = "ByNameParameterSet"; private const string ByInputObjectParameterSet = "ByInputObjectParameterSet"; private const string ByResourceIdParameterSet = "ByResourceIdParameterSet"; [Parameter(Mandatory = true, ParameterSetName = UpdateKeyVault + ByNameParameterSet, HelpMessage = "Name of the resource group.")] - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Name of the resource group.")] [ResourceGroupCompleter] [ValidateNotNullOrEmpty] public string ResourceGroupName { get; set; } [Parameter(Mandatory = true, ParameterSetName = UpdateKeyVault + ByNameParameterSet, HelpMessage = "Name of the key vault.")] - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Name of the key vault.")] [ResourceNameCompleter("Microsoft.KeyVault/vaults", nameof(ResourceGroupName))] [ValidateNotNullOrEmpty] [Alias("Name")] public string VaultName { get; set; } [Parameter(Mandatory = true, ValueFromPipeline = true, ParameterSetName = UpdateKeyVault + ByInputObjectParameterSet, HelpMessage = "Key vault object.")] - [Parameter(Mandatory = true, ValueFromPipeline = true, ParameterSetName = UpdateManagedHsm + ByInputObjectParameterSet, HelpMessage = "Key vault object.")] [ValidateNotNull] public PSKeyVaultIdentityItem InputObject { get; set; } [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = UpdateKeyVault + ByResourceIdParameterSet, HelpMessage = "Resource ID of the key vault.")] - [Parameter(Mandatory = true, ValueFromPipelineByPropertyName = true, ParameterSetName = UpdateManagedHsm + ByResourceIdParameterSet, HelpMessage = "Resource ID of the key vault.")] [ValidateNotNullOrEmpty] public string ResourceId { get; set; } @@ -90,11 +85,6 @@ public class UpdateTopLevelResourceCommand : KeyVaultManagementCmdletBase [ValidateNotNullOrEmpty] public int SoftDeleteRetentionInDays { get; set; } - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByNameParameterSet, HelpMessage = "Specifies the type of this vault as Managed HSM.")] - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByInputObjectParameterSet, HelpMessage = "Specifies the type of this vault as Managed HSM.")] - [Parameter(Mandatory = true, ParameterSetName = UpdateManagedHsm + ByResourceIdParameterSet, HelpMessage = "Specifies the type of this vault as Managed HSM.")] - public SwitchParameter Hsm { get; set; } - public override void ExecuteCmdlet() { if (this.IsParameterBound(c => c.InputObject)) @@ -113,8 +103,7 @@ public override void ExecuteCmdlet() PSKeyVaultIdentityItem existingResource = null; try { - if (Hsm.IsPresent) existingResource = KeyVaultManagementClient.GetManagedHsm(VaultName, ResourceGroupName); - else existingResource = KeyVaultManagementClient.GetVault(this.VaultName, this.ResourceGroupName); + existingResource = KeyVaultManagementClient.GetVault(this.VaultName, this.ResourceGroupName); } catch { @@ -123,46 +112,25 @@ public override void ExecuteCmdlet() if (existingResource == null) { - if(Hsm.IsPresent) - throw new Exception(string.Format("A managed hsm with name '{0}' in resource group '{1}' does not exist. Please use New-AzKeyVault to create a managed hsm with these properties.", this.VaultName, this.ResourceGroupName)); - else - throw new Exception(string.Format("A key vault with name '{0}' in resource group '{1}' does not exist. Please use New-AzKeyVault to create a key vault with these properties.", this.VaultName, this.ResourceGroupName)); - + new Exception(string.Format("A key vault with name '{0}' in resource group '{1}' does not exist. Please use New-AzKeyVault to create a key vault with these properties.", this.VaultName, this.ResourceGroupName)); } if (this.ShouldProcess(this.VaultName, string.Format("Updating key vault '{0}' in resource group '{1}'.", this.VaultName, this.ResourceGroupName))) { - if (Hsm.IsPresent) - { - var existingManagedHsmResource = (PSManagedHsm)existingResource; - var result = KeyVaultManagementClient.UpdateManagedHsm(existingManagedHsmResource, - existingManagedHsmResource.EnableSoftDelete, - EnablePurgeProtection.IsPresent ? (true as bool?) : null, - this.IsParameterBound(c => c.SoftDeleteRetentionInDays) - ? (SoftDeleteRetentionInDays as int?) - : (existingManagedHsmResource.SoftDeleteRetentionInDays ?? Constants.DefaultSoftDeleteRetentionDays) - ); - WriteObject(result); - } - else - { - var existingKeyVaultResource = (PSKeyVault)existingResource; - var result = KeyVaultManagementClient.UpdateVault(existingKeyVaultResource, - existingKeyVaultResource.AccessPolicies, - existingKeyVaultResource.EnabledForDeployment, - existingKeyVaultResource.EnabledForTemplateDeployment, - existingKeyVaultResource.EnabledForDiskEncryption, - EnableSoftDelete.IsPresent ? (true as bool?) : null, - EnablePurgeProtection.IsPresent ? (true as bool?) : null, - this.IsParameterBound(c => c.SoftDeleteRetentionInDays) - ? (SoftDeleteRetentionInDays as int?) - : (existingKeyVaultResource.SoftDeleteRetentionInDays ?? Constants.DefaultSoftDeleteRetentionDays), - existingKeyVaultResource.NetworkAcls - ); - WriteObject(result); - } - - + var existingKeyVaultResource = (PSKeyVault)existingResource; + var result = KeyVaultManagementClient.UpdateVault(existingKeyVaultResource, + existingKeyVaultResource.AccessPolicies, + existingKeyVaultResource.EnabledForDeployment, + existingKeyVaultResource.EnabledForTemplateDeployment, + existingKeyVaultResource.EnabledForDiskEncryption, + EnableSoftDelete.IsPresent ? (true as bool?) : null, + EnablePurgeProtection.IsPresent ? (true as bool?) : null, + this.IsParameterBound(c => c.SoftDeleteRetentionInDays) + ? (SoftDeleteRetentionInDays as int?) + : (existingKeyVaultResource.SoftDeleteRetentionInDays ?? Constants.DefaultSoftDeleteRetentionDays), + existingKeyVaultResource.NetworkAcls + ); + WriteObject(result); } } } diff --git a/src/KeyVault/KeyVault/help/Get-AzKeyVault.md b/src/KeyVault/KeyVault/help/Get-AzKeyVault.md index cd3e1e8ff3bf..252c3bf95d7c 100644 --- a/src/KeyVault/KeyVault/help/Get-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/Get-AzKeyVault.md @@ -21,14 +21,13 @@ Get-AzKeyVault [[-VaultName] ] [[-ResourceGroupName] ] [-Resourc ### ByDeletedVault ``` -Get-AzKeyVault [-VaultName] [-Location] [-InRemovedState] [-ResourceType ] +Get-AzKeyVault [-VaultName] [-Location] [-InRemovedState] [-DefaultProfile ] [] ``` ### ListAllDeletedVaultsInSubscription ``` -Get-AzKeyVault [-InRemovedState] [-ResourceType ] [-DefaultProfile ] - [] +Get-AzKeyVault [-InRemovedState] [-DefaultProfile ] [] ``` ## DESCRIPTION @@ -182,6 +181,28 @@ Tags : This command gets all the key vaults in the subscription that start with "myvault". +### Example 7: Get a specific managed hsm +```powershell +PS C:\> Get-AzKeyVault -Name 'TestManagedHsm' -ResourceType Hsm + +ManagedHsm Name : TestManagedHsm +Resource Group Name : testGroup9 +Location : eastus2 +Resource ID : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/testGroup9/pro + viders/Microsoft.KeyVault/managedHSMs/TestManagedHsm +Hsm Pool URI : +Tenant ID : xxxxxxxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx +Security Domain ID : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx +Initial Admin Object Ids : {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} +SKU : StandardB1 +Soft Delete Enabled? : True +Enabled Purge Protection? : +Soft Delete Retention Period (days) : 90 +Tags : +``` + +This command gets the managed hsm named TestManagedHsm in your current subscription. + ## PARAMETERS ### -DefaultProfile @@ -248,8 +269,8 @@ Accept wildcard characters: False Specifies the type of vault to be shown. ```yaml -Type: System.Nullable`1[Microsoft.Azure.Commands.KeyVault.Models.ResourceTypeName] -Parameter Sets: (All) +Type: Microsoft.Azure.Commands.KeyVault.Models.ResourceTypeName +Parameter Sets: GetVaultByName Aliases: Type Accepted values: Vault, Hsm diff --git a/src/KeyVault/KeyVault/help/New-AzKeyVault.md b/src/KeyVault/KeyVault/help/New-AzKeyVault.md index a945f1386661..8637e145efea 100644 --- a/src/KeyVault/KeyVault/help/New-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/New-AzKeyVault.md @@ -25,8 +25,8 @@ New-AzKeyVault [-Name] [-ResourceGroupName] [-Location] [-ResourceGroupName] [-Location] [-Sku ] - [-Tag ] -Administrator [-Hsm] - [-DefaultProfile ] [-WhatIf] [-Confirm] [] + [-Tag ] -Administrator [-Hsm] [-DefaultProfile ] [-WhatIf] + [-Confirm] [] ``` ## DESCRIPTION @@ -126,13 +126,37 @@ PS C:\> New-AzKeyVault -ResourceGroupName "myRg" -VaultName "myVault" -NetworkRu Creating a key vault and specifies network rules to allow access to the specified IP address from the virtual network identified by $myNetworkResId. See `New-AzKeyVaultNetworkRuleSetObject` for more information. +### Example 4: Create a StandardB1 managed hsm +```powershell +PS C:\> New-AzKeyVault -Name 'TestManagedHsm' -ResourceGroupName 'testGroup9' -Location 'eastus2' -Administrator "xxxxxxxxxxxxxxxxxx-xxxx-xxxxxxxxxxxx" -Hsm + +ManagedHsm Name : TestManagedHsm +Resource Group Name : testGroup9 +Location : eastus2 +Resource ID : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/testGroup9/pro + viders/Microsoft.KeyVault/managedHSMs/TestManagedHsm +Hsm Pool URI : +Tenant ID : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx +Security Domain ID : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx +Initial Admin Object Ids : {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} +SKU : StandardB1 +Soft Delete Enabled? : True +Enabled Purge Protection? : +Soft Delete Retention Period (days) : 90 +Tags +``` + +This command creates a managed hsm named TestManagedHsm, in the Azure region East US 2. The command +adds the managed hsm to the resource group named testGroup9. Because the command does not specify a +value for the *SKU* parameter, it creates a StandardB1 key vault. + ## PARAMETERS ### -Administrator Array of initial administrators object ids for this managed hsm pool. ```yaml -Type: System.Collections.Generic.List`1[System.String] +Type: System.String[] Parameter Sets: ManagedHsmParameterSet Aliases: diff --git a/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md b/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md index 1d06ad192e0b..cb4129ed21cc 100644 --- a/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/Remove-AzKeyVault.md @@ -21,8 +21,8 @@ Remove-AzKeyVault [-VaultName] [[-ResourceGroupName] ] [[-Locat ### ByDeletedVault ``` -Remove-AzKeyVault [-VaultName] [-Location] [-InRemovedState] [-Hsm] [-Force] [-AsJob] - [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] +Remove-AzKeyVault [-VaultName] [-Location] [-InRemovedState] [-Force] [-AsJob] [-PassThru] + [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ### InputObjectByAvailableVault @@ -33,8 +33,8 @@ Remove-AzKeyVault [-InputObject] [-Hsm] [-Force] [-AsJo ### InputObjectByDeletedVault ``` -Remove-AzKeyVault [-InputObject] [-InRemovedState] [-Hsm] [-Force] [-AsJob] - [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] +Remove-AzKeyVault [-InputObject] [-InRemovedState] [-Force] [-AsJob] [-PassThru] + [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ### ResourceIdByAvailableVault @@ -45,8 +45,8 @@ Remove-AzKeyVault [-ResourceId] [[-Location] ] [-Hsm] [-Force] ### ResourceIdByDeletedVault ``` -Remove-AzKeyVault [-ResourceId] [-Location] [-InRemovedState] [-Hsm] [-Force] [-AsJob] - [-PassThru] [-DefaultProfile ] [-WhatIf] [-Confirm] [] +Remove-AzKeyVault [-ResourceId] [-Location] [-InRemovedState] [-Force] [-AsJob] [-PassThru] + [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` ## DESCRIPTION @@ -75,6 +75,14 @@ True This command removes the key vault named Contoso03Vault from the named resource group. If you do not specify the resource group name, the cmdlet searches for the named key vault to delete in your current subscription. +### Example 3: Remove a managed hsm +```powershell +PS C:\> Remove-AzKeyVault -Name "testManagedHsm" -Hsm -PassThru + +True +``` +This command removes the managed hsm named testManagedHsm from your current subscription. + ## PARAMETERS ### -AsJob @@ -128,7 +136,7 @@ Specifies the type of vault as MHSM. ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: (All) +Parameter Sets: ByAvailableVault, InputObjectByAvailableVault, ResourceIdByAvailableVault Aliases: Required: False diff --git a/src/KeyVault/KeyVault/help/Update-AzKeyVault.md b/src/KeyVault/KeyVault/help/Update-AzKeyVault.md index de25b954588c..2b564f5fceaf 100644 --- a/src/KeyVault/KeyVault/help/Update-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/Update-AzKeyVault.md @@ -19,12 +19,6 @@ Update-AzKeyVault -ResourceGroupName -VaultName [-EnableSoftDe [] ``` -### UpdateManagedHsmByNameParameterSet -``` -Update-AzKeyVault -ResourceGroupName -VaultName [-SoftDeleteRetentionInDays ] [-Hsm] - [-DefaultProfile ] [-WhatIf] [-Confirm] [] -``` - ### UpdateKeyVaultByInputObjectParameterSet ``` Update-AzKeyVault -InputObject [-EnableSoftDelete] [-EnablePurgeProtection] @@ -32,25 +26,13 @@ Update-AzKeyVault -InputObject [-EnableSoftDelete] [-En [] ``` -### UpdateManagedHsmByInputObjectParameterSet -``` -Update-AzKeyVault -InputObject [-SoftDeleteRetentionInDays ] [-Hsm] - [-DefaultProfile ] [-WhatIf] [-Confirm] [] -``` - -### UpdateKeyVaultUByResourceIdParameterSet +### UpdateKeyVaultByResourceIdParameterSet ``` Update-AzKeyVault -ResourceId [-EnableSoftDelete] [-EnablePurgeProtection] [-SoftDeleteRetentionInDays ] [-DefaultProfile ] [-WhatIf] [-Confirm] [] ``` -### UpdateManagedHsmUByResourceIdParameterSet -``` -Update-AzKeyVault -ResourceId [-SoftDeleteRetentionInDays ] [-Hsm] - [-DefaultProfile ] [-WhatIf] [-Confirm] [] -``` - ## DESCRIPTION This cmdlet updates the state of an Azure key vault. Please note updating some of the properties is an irreversible action, for example once soft delete has been enabled, it cannot be disabled anymore. @@ -95,7 +77,7 @@ It requires soft-delete to be turned on. ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateKeyVaultByInputObjectParameterSet, UpdateKeyVaultUByResourceIdParameterSet +Parameter Sets: (All) Aliases: Required: False @@ -111,7 +93,7 @@ Once enabled it cannot be disabled. ```yaml Type: System.Management.Automation.SwitchParameter -Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateKeyVaultByInputObjectParameterSet, UpdateKeyVaultUByResourceIdParameterSet +Parameter Sets: (All) Aliases: Required: False @@ -121,27 +103,12 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -Hsm -Specifies the type of this vault as MHSM. - -```yaml -Type: System.Management.Automation.SwitchParameter -Parameter Sets: UpdateManagedHsmByNameParameterSet, UpdateManagedHsmByInputObjectParameterSet, UpdateManagedHsmUByResourceIdParameterSet -Aliases: - -Required: True -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -InputObject Key vault object. ```yaml Type: Microsoft.Azure.Commands.KeyVault.Models.PSKeyVaultIdentityItem -Parameter Sets: UpdateKeyVaultByInputObjectParameterSet, UpdateManagedHsmByInputObjectParameterSet +Parameter Sets: UpdateKeyVaultByInputObjectParameterSet Aliases: Required: True @@ -156,7 +123,7 @@ Name of the resource group. ```yaml Type: System.String -Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateManagedHsmByNameParameterSet +Parameter Sets: UpdateKeyVaultByNameParameterSet Aliases: Required: True @@ -171,7 +138,7 @@ Resource ID of the key vault. ```yaml Type: System.String -Parameter Sets: UpdateKeyVaultUByResourceIdParameterSet, UpdateManagedHsmUByResourceIdParameterSet +Parameter Sets: UpdateKeyVaultByResourceIdParameterSet Aliases: Required: True @@ -201,7 +168,7 @@ Name of the key vault. ```yaml Type: System.String -Parameter Sets: UpdateKeyVaultByNameParameterSet, UpdateManagedHsmByNameParameterSet +Parameter Sets: UpdateKeyVaultByNameParameterSet Aliases: Name Required: True From 73eca0155602227c9e72b337a2c095f388fa5e5c Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Thu, 6 Aug 2020 12:57:48 +0800 Subject: [PATCH 15/17] Update VaultCreationParameters.cs --- src/KeyVault/KeyVault/Models/VaultCreationParameters.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs b/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs index abf83b697c59..05b853dd8d9e 100644 --- a/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs +++ b/src/KeyVault/KeyVault/Models/VaultCreationParameters.cs @@ -15,7 +15,6 @@ using Microsoft.Azure.Management.KeyVault.Models; using System; using System.Collections; -using System.Collections.Generic; namespace Microsoft.Azure.Commands.KeyVault.Models { From b3ee6e49f01a8f7c5302346d519fe466f8c3b1db Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Thu, 6 Aug 2020 13:05:48 +0800 Subject: [PATCH 16/17] Update get-azkeyvault.md --- src/KeyVault/KeyVault/help/Get-AzKeyVault.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/KeyVault/KeyVault/help/Get-AzKeyVault.md b/src/KeyVault/KeyVault/help/Get-AzKeyVault.md index 252c3bf95d7c..2bd2cdd46b76 100644 --- a/src/KeyVault/KeyVault/help/Get-AzKeyVault.md +++ b/src/KeyVault/KeyVault/help/Get-AzKeyVault.md @@ -266,7 +266,7 @@ Accept wildcard characters: False ``` ### -ResourceType -Specifies the type of vault to be shown. +Specifies the type of Vault / HSM to be shown. If omitted, both will be listed. ```yaml Type: Microsoft.Azure.Commands.KeyVault.Models.ResourceTypeName From 67f22fa27c7ad54a75f6a38a886e5418ac13fd17 Mon Sep 17 00:00:00 2001 From: Beisi Zhou Date: Thu, 6 Aug 2020 13:34:51 +0800 Subject: [PATCH 17/17] Update KeyVaultManagementTests.ps1 --- .../Scripts/ControlPlane/KeyVaultManagementTests.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 index 2ffd7e345814..3ffdf669ad28 100644 --- a/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 +++ b/src/KeyVault/KeyVault.Test/Scripts/ControlPlane/KeyVaultManagementTests.ps1 @@ -187,15 +187,15 @@ function Test-ManagedHsmCRUD { Assert-AreEqual $hsmName $got.VaultName Assert-AreEqual $rgName $got.ResourceGroupName Assert-AreEqual $hsmLocation $got.Location + + # Test throws for existing vault + Assert-Throws { New-AzKeyVault -VaultName $hsmName -ResourceGroupName $rgname -Location $vaultLocation -Administrator $administrator -Hsm} # Test remove Managed HSM Remove-AzKeyVault -InputObject $got -Hsm -Force $deletedMhsm = Get-AzKeyVault -VaultName $vaultName -ResourceGroupName $rgName Assert-Null $deletedMhsm - # Test throws for existing vault - Assert-Throws { New-AzKeyVault -VaultName $hsmName -ResourceGroupName $rgname -Location $vaultLocation -Administrator $administrator -Hsm} - # Test throws for resourcegroup nonexistent Assert-Throws { New-AzKeyVault -VaultName (getAssetName) -ResourceGroupName (getAssetName) -Location $vaultLocation -Administrator $administrator -Hsm} } @@ -851,4 +851,4 @@ function Test-UpdateKeyVault { finally { $rg | Remove-AzResourceGroup -Force } -} \ No newline at end of file +}