From 6e9229bb348a879baff424cbc0ff45418631a753 Mon Sep 17 00:00:00 2001 From: Saad Karim Date: Thu, 2 Mar 2017 15:31:55 -0500 Subject: [PATCH] Updating read the docs for fabric-ca Documentation for fabric-ca updated to reflect the new command line that was added for server and client. Also, documents new YAML configuration files that are now being used. https://jira.hyperledger.org/browse/FAB-2610 Change-Id: I8a8668efa5dd25aecc805a377deb527bfe1829f3 Signed-off-by: Saad Karim Signed-off-by: Keith Smith --- docs/source/Setup/ca-setup.rst | 1199 +++++++++++++++++++++--------- docs/source/images/fabric-ca.png | Bin 0 -> 116620 bytes 2 files changed, 858 insertions(+), 341 deletions(-) create mode 100644 docs/source/images/fabric-ca.png diff --git a/docs/source/Setup/ca-setup.rst b/docs/source/Setup/ca-setup.rst index 1d41abdf402..40ba87c8ad1 100644 --- a/docs/source/Setup/ca-setup.rst +++ b/docs/source/Setup/ca-setup.rst @@ -19,11 +19,72 @@ For developers interested in contributing to Fabric CA, see the `Fabric CA repository `__ for more information. + +.. _Back to Top: + +Table of Contents +----------------- + +1. `Overview`_ +2. `Getting Started`_ + + 1. `Prerequisites`_ + 2. `Install`_ + 3. `Explore the Fabric CA CLI`_ + +3. `File Formats`_ + + 1. `Fabric CA server's configuration file format`_ + 2. `Fabric CA client's configuration file format`_ + +4. `Configuration Settings Precedence`_ + +5. `Fabric CA Server`_ + + 1. `Initializing the server`_ + 2. `Starting the server`_ + 3. `Configuring the database`_ + 4. `Configuring LDAP`_ + 5. `Setting up a cluster`_ + +6. `Fabric CA Client`_ + + 1. `Enrolling the bootstrap user`_ + 2. `Registering a new identity`_ + 3. `Enrolling a peer identity`_ + 4. `Reenrolling an identity`_ + 5. `Revoking a certificate or identity`_ + 6. `Enabling TLS`_ + +7. `Appendix`_ + +Overview +-------- + +The diagram below illustrates how the Fabric CA server fits into the +overall Hyperledger Fabric architecture. + +.. image:: ../images/fabric-ca.png + +There are two ways of interacting with a Fabric CA server: +via the Fabric CA client or through one of the Fabric SDKs. +All communication to the Fabric CA server is via REST APIs. +See `fabric-ca/swagger/swagger-fabric-ca.json` for the swagger documentation +for these REST APIs. + +The Fabric CA client or SDK may connect to a server in a cluster of Fabric CA +servers. This is illustrated in the top right section of the diagram. +The client routes to an HA Proxy endpoint which load balances traffic to one +of the fabric-ca-server cluster members. +All Fabric CA servers in a cluster share the same database for +keeping track of users and certificates. If LDAP is configured, the user +information is kept in LDAP rather than the database. + Getting Started --------------- Prerequisites -~~~~~~~~~~~~~ +~~~~~~~~~~~~~~~ - Go 1.7+ installation or later - **GOPATH** environment variable is set correctly @@ -31,122 +92,504 @@ Prerequisites Install ~~~~~~~ -To install the fabric-ca command: +The following installs both the `fabric-ca-server` and `fabric-ca-client` commands. :: - # go get github.com/hyperledger/fabric-ca + # go get -u github.com/hyperledger/fabric-ca/cmd/... -The Fabric CA CLI -~~~~~~~~~~~~~~~~~ +Start Server Natively +~~~~~~~~~~~~~~~~~~~~~ -The following shows the fabric-ca CLI usage: +The following starts the `fabric-ca-server` with default settings. :: - # fabric-ca - fabric-ca client - client related commands - fabric-ca server - server related commands - fabric-ca cfssl - all cfssl commands + # fabric-ca-server start -b admin:adminpw + +The `-b` option provides the enrollment ID and secret for a bootstrap +administrator. A default configuration file named `fabric-ca-server-config.yaml` +is created in the local directory which can be customized. + +Start Server via Docker +~~~~~~~~~~~~~~~~~~~~~~~ + +The hyperledger/fabric-ca docker image is not currently being published, but +you can build and start the server via docker-compose as shown below. + +:: - For help, type "fabric-ca client", "fabric-ca server", or "fabric-ca cfssl". + # cd $GOPATH/src/github.com/hyperledger/fabric-ca + # make docker + # cd docker/server + # docker-compose up -d -The ``fabric-ca server`` and ``fabric-ca client`` commands are discussed -below. +The hyperledger/fabric-ca docker image contains both the fabric-ca-server and +the fabric-ca-client. -If you would like to enable debug-level logging (for server or client), -set the ``FABRIC_CA_DEBUG`` environment variable to ``true``. +Explore the Fabric CA CLI +~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Since fabric-ca is built on top of -`CFSSL `__, the ``fabric-ca cfssl`` -commands are available but are not discussed in this document. See -`CFSSL `__ for more information. +The following shows the Fabric CA server usage message: + +:: + + Hyperledger Fabric Certificate Authority Server + + Usage: + fabric-ca-server [command] + + Available Commands: + init Initialize the fabric-ca server + start Start the fabric-ca server + + Flags: + --address string Listening address of fabric-ca-server (default "0.0.0.0") + -b, --boot string The user:pass for bootstrap admin which is required to build default config file + --ca.certfile string PEM-encoded CA certificate file (default "ca-cert.pem") + --ca.keyfile string PEM-encoded CA key file (default "ca-key.pem") + -c, --config string Configuration file (default "fabric-ca-server-config.yaml") + --csr.cn string The common name field of the certificate signing request to a parent fabric-ca-server + --csr.serialnumber string The serial number in a certificate signing request to a parent fabric-ca-server + --db.datasource string Data source which is database specific (default "fabric-ca-server.db") + --db.tls.certfiles string PEM-encoded comma separated list of trusted certificate files (e.g. root1.pem, root2.pem) + --db.tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled + --db.tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled + --db.tls.enabled Enable TLS for client connection + --db.type string Type of database; one of: sqlite3, postgres, mysql (default "sqlite3") + -d, --debug Enable debug level logging + --ldap.enabled Enable the LDAP client for authentication and attributes + --ldap.groupfilter string The LDAP group filter for a single affiliation group (default "(memberUid=%s)") + --ldap.url string LDAP client URL of form ldap://adminDN:adminPassword@host[:port]/base + --ldap.userfilter string The LDAP user filter to use when searching for users (default "(uid=%s)") + -p, --port int Listening port of fabric-ca-server (default 7054) + --registry.maxenrollments int Maximum number of enrollments; valid if LDAP not enabled + --tls.certfile string PEM-encoded TLS certificate file for server's listening port (default "ca-cert.pem") + --tls.enabled Enable TLS on the listening port + --tls.keyfile string PEM-encoded TLS key for server's listening port (default "ca-key.pem") + -u, --url string URL of the parent fabric-ca-server + + Use "fabric-ca-server [command] --help" for more information about a command. + +The following shows the Fabric CA client usage message: + +:: + + # fabric-ca-client + Hyperledger Fabric Certificate Authority Client + + Usage: + fabric-ca-client [command] + + Available Commands: + enroll Enroll user + reenroll Reenroll user + register Register user + revoke Revoke user + + Flags: + -c, --config string Configuration file (default "/Users/saadkarim/.fabric-ca-client/fabric-ca-client-config.yaml") + --csr.cn string The common name field of the certificate signing request to a parent fabric-ca-server + --csr.serialnumber string The serial number in a certificate signing request to a parent fabric-ca-server + -d, --debug Enable debug logging + --enrollment.hosts string Comma-separated host list + --enrollment.label string Label to use in HSM operations + --enrollment.profile string Name of the signing profile to use in issuing the certificate + --id.affiliation string Name associated with the identity + --id.attr string Attributes associated with this identity (e.g. hf.revoker=true) + --id.maxenrollments int MaxEnrollments is the maximum number of times the secret can be reused to enroll. + --id.name string Unique name of the identity + --id.secret string Secret is an optional password. If not specified, a random secret is generated. + --id.type string Type of identity being registered (e.g. 'peer, app, user') + -m, --myhost string Hostname to include in the certificate signing request during enrollment (default "saads-mbp.raleigh.ibm.com") + --tls.certfiles string PEM-encoded comma separated list of trusted certificate files (e.g. root1.pem, root2.pem) + --tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled + --tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled + --tls.enabled Enable TLS for client connection + -u, --url string URL of fabric-ca-server (default "http://localhost:7054") + + Use "fabric-ca-client [command] --help" for more information about a command. + +`Back to Top`_ + +File Formats +------------ + +Fabric CA server's configuration file format +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If no configuration file is provided to the server or no file exists, +the server will generate a default configuration file like the one +below. The location of the default configuration will depend on whether the +``-c`` or ``--config`` option was used or not. If the config option was used +and the file did not exist it will be created in the specified +location. However, if no config option was used, it will be create in +the server home directory (see `Fabric CA Server <#server>`__ section +more info). + +:: + + # Server's listening port (default: 7054) + port: 7054 + + # Enables debug logging (default: false) + debug: false + + ############################################################################# + # TLS section for the server's listening port + ############################################################################# + tls: + # Enable TLS (default: false) + enabled: false + # TLS for the server's listening port (default: false) + certfile: ca-cert.pem + keyfile: ca-key.pem + + ############################################################################# + # The CA section contains the key and certificate files used when + # issuing enrollment certificates (ECerts) and transaction + # certificates (TCerts). + ############################################################################# + ca: + # Certificate file (default: ca-cert.pem) + certfile: ca-cert.pem + # Key file (default: ca-key.pem) + keyfile: ca-key.pem + + ############################################################################# + # The registry section controls how the fabric-ca-server does two things: + # 1) authenticates enrollment requests which contain a username and password + # (also known as an enrollment ID and secret). + # 2) once authenticated, retrieves the identity's attribute names and + # values which the fabric-ca-server optionally puts into TCerts + # which it issues for transacting on the Hyperledger Fabric blockchain. + # These attributes are useful for making access control decisions in + # chaincode. + # There are two main configuration options: + # 1) The fabric-ca-server is the registry + # 2) An LDAP server is the registry, in which case the fabric-ca-server + # calls the LDAP server to perform these tasks. + ############################################################################# + registry: + # Maximum number of times a password/secret can be reused for enrollment + # (default: 0, which means there is no limit) + maxEnrollments: 0 + + # Contains user information which is used when LDAP is disabled + identities: + - name: <<>> + pass: <<>> + type: client + affiliation: "" + attrs: + hf.Registrar.Roles: "client,user,peer,validator,auditor,ca" + hf.Registrar.DelegateRoles: "client,user,validator,auditor" + hf.Revoker: true + hf.IntermediateCA: true + + ############################################################################# + # Database section + # Supported types are: "sqlite3", "postgres", and "mysql". + # The datasource value depends on the type. + # If the type is "sqlite3", the datasource value is a file name to use + # as the database store. Since "sqlite3" is an embedded database, it + # may not be used if you want to run the fabric-ca-server in a cluster. + # To run the fabric-ca-server in a cluster, you must choose "postgres" + # or "mysql". + ############################################################################# + database: + type: sqlite3 + datasource: fabric-ca-server.db + tls: + enabled: false + certfiles: db-server-cert.pem + client: + certfile: db-client-cert.pem + keyfile: db-client-key.pem + + ############################################################################# + # LDAP section + # If LDAP is enabled, the fabric-ca-server calls LDAP to: + # 1) authenticate enrollment ID and secret (i.e. username and password) + # for enrollment requests; + # 2) To retrieve identity attributes + ############################################################################# + ldap: + # Enables or disables the LDAP client (default: false) + enabled: false + # The URL of the LDAP server + url: ldap://:@:/ + tls: + certfiles: ldap-server-cert.pem + client: + certfile: ldap-client-cert.pem + keyfile: ldap-client-key.pem + + ############################################################################# + # Affiliation section + ############################################################################# + affiliations: + org1: + - department1 + - department2 + org2: + - department1 + + ############################################################################# + # Signing section + ############################################################################# + signing: + profiles: + ca: + usage: + - cert sign + expiry: 8000h + caconstraint: + isca: true + default: + usage: + - cert sign + expiry: 8000h + + ########################################################################### + # Certificate Signing Request section for generating the CA certificate + ########################################################################### + csr: + cn: fabric-ca-server + names: + - C: US + ST: "North Carolina" + L: + O: Hyperledger + OU: Fabric + hosts: + - <<>> + ca: + pathlen: + pathlenzero: + expiry: + + ############################################################################# + # Crypto section configures the crypto primitives used for all + ############################################################################# + crypto: + software: + hash_family: SHA2 + security_level: 256 + ephemeral: false + key_store_dir: keys + +Fabric CA client's configuration file format +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If no configuration file is provided to the client, it will generate a +default configuration file like the one below. The location of the default +configuration file will depend on whether or not the ``-c`` or ``--config`` option +was used. If the config option was used and the file did not exist, it +will be created in the specified location. However, if no config option +was used, it will be created in the in the Fabric CA client home +directory (see `Fabric CA Client <#client>`__ section for more info) + +:: + + ############################################################################# + # Client Configuration + ############################################################################# + + # URL of the fabric-ca-server (default: http://localhost:7054) + URL: http://localhost:7054 + + ############################################################################# + # TLS section for the client's listenting port + ############################################################################# + tls: + # Enable TLS (default: false) + enabled: false + + # TLS for the client's listenting port (default: false) + certfiles: # Comma Separated (e.g. root.pem, root2.pem) + client: + certfile: + keyfile: + + ############################################################################# + # Certificate Signing Request section for generating the CSR for + # an enrollment certificate (ECert) + ############################################################################# + csr: + cn: <<>> + names: + - C: US + ST: "North Carolina" + L: + O: Hyperledger + OU: Fabric + hosts: + - <<>> + ca: + pathlen: + pathlenzero: + expiry: + + ############################################################################# + # Registration section used to register a new user with fabric-ca server + ############################################################################# + id: + name: + type: + affiliation: + attributes: + - name: + value: + + ############################################################################# + # Enrollment section used to enroll a user with fabric-ca server + ############################################################################# + enrollment: + hosts: + profile: + label: + +`Back to Top`_ + +Configuration Settings Precedence +--------------------------------- + +The Fabric CA provides 3 way to configure settings on the fabric-ca-server +and fabric-ca-client. The precedence order is defined below: + +1. CLI flags +2. Environment variables +3. Configuration file + +In the remainder of this document, we refer to making changes to +configuration files. However, configuration file changes can be +overridden through environment variables or CLI flags. + +For example, if we have the following in the client configuration file: + +:: + + tls: + # Enable TLS (default: false) + enabled: false + + # TLS for the client's listenting port (default: false) + certfiles: # Comma Separated (e.g. root.pem, root2.pem) + client: + certfile: cert.pem + keyfile: + +The following environment variable may be used to override the ``cert.pem`` +setting in the configuration file: + +``export FABRIC_CA_CLIENT_TLS_CLIENT_CERTFILE=cert2.pem`` + +If we wanted to override both the environment variable and configuration +file, we can use a command line flag. + +``fabric-ca-client enroll --tls.client.certfile cert3.pem`` + +The same approach applies to fabric-ca-server, except instead of using +``FABIRC_CA_CLIENT`` as the prefix to environment variables, +``FABRIC_CA_SERVER`` is used. Fabric CA Server ---------------- -This section describes the fabric-ca server. +This section describes the Fabric CA server. -You must initialize the Fabric CA server before starting it. +You may initialize the Fabric CA server before starting it if you prefer. +This provides an opportunity for you to generate a default configuration +file but to review and customize its settings before starting it. -| The fabric-ca server's home directory is determined as follows: -| - if the ``FABRIC_CA_HOME`` environment variable is set, use its - value; -| - otherwise, if the ``HOME`` environment variable is set, use - ``$HOME/fabric-ca``; -| - otherwise, use \`/var/hyperledger/fabric/dev/fabric-ca'. +| The fabric-ca-server's home directory is determined as follows: +| - if the ``FABRIC_CA_SERVER_HOME`` environment variable is set, use + its value; +| - otherwise, if ``FABRIC_CA_HOME`` environment variable is set, use + its value; +| - otherwise, if the ``CA_CFG_PATH`` environment variable is set, use + its value; +| - otherwise, use current working directory. For the remainder of this server section, we assume that you have set the ``FABRIC_CA_HOME`` environment variable to ``$HOME/fabric-ca/server``. +The instructions below assume that the server configuration file exists +in the server's home directory. + +.. _initialize: + Initializing the server -^^^^^^^^^^^^^^^^^^^^^^^ +~~~~~~~~~~~~~~~~~~~~~~~ Initialize the Fabric CA server as follows: :: - # fabric-ca server init CSR-JSON-FILE + # fabric-ca-server init -b admin:adminpw -The following is a sample ``CSR-JSON-FILE`` which you can customize as -desired. The "CSR" stands for "Certificate Signing Request". +The ``-b`` (bootstrap user) option is required for initialization. At +least one bootstrap user is required to start the fabric-ca-server. The +server configuration file contains a Certificate Signing Request (CSR) +section that can be configured. The following is a sample CSR. -If you are going to connect to the fabric-ca server remotely over TLS, -replace "localhost" in the CSR-JSON-FILE below with the hostname where -you will be running your fabric-ca server. +If you are going to connect to the fabric-ca-server remotely over TLS, +replace "localhost" in the CSR section below with the hostname where you +will be running your fabric-ca-server. :: - { - "CN": "localhost", - "key": { "algo": "ecdsa", "size": 256 }, - "names": [ - { - "O": "Hyperledger Fabric", - "OU": "Fabric CA", - "L": "Raleigh", - "ST": "North Carolina", - "C": "US" - } - ] - } - -All of the fields above pertain to the X.509 certificate which is -generated by the ``fabric server init`` command as follows: - -CSR fields -^^^^^^^^^^ - -- **CN** is the Common Name -- **keys** specifies the algorithm and key size as described below + cn: localhost + key: + algo: ecdsa + size: 256 + names: + - C: US + ST: "North Carolina" + L: + O: Hyperledger + OU: Fabric + +All of the fields above pertain to the X.509 signing key and certificate which +is generated by the ``fabric-ca-server init``. This corresponds to the +``ca.certfile`` and ``ca.keyfile`` files in the server's configuration file. +The fields are as follows: + +- **cn** is the Common Name +- **key** specifies the algorithm and key size as described below - **O** is the organization name -- **OU** is the organization unit +- **OU** is the organizational unit - **L** is the location or city - **ST** is the state - **C** is the country -The ``fabric-ca server init`` command generates a self-signed X.509 -certificate. It stores the certificate in the ``server-cert.pem`` file -and the key in the ``server-key.pem`` file in the Fabric CA server's -home directory. +If custom values for the CSR are required, you may customize the configuration +file, delete the files specified by the ``ca.certfile`` and ``ca-keyfile`` +configuration items, and then run the ``fabric-ca-server init -b admin:adminpw`` +command again. + +The ``fabric-ca-server init`` command generates a self-signed CA certificate +unless the ``-u `` option is specified. +If the ``-u`` is specified, the server's CA certificate is signed by the +parent fabric-ca-server. The ``fabric-ca-server init`` command also +generates a default configuration file named **fabric-ca-server-config.yaml** +in the server's home directory. Algorithms and key sizes -^^^^^^^^^^^^^^^^^^^^^^^^ - -The CSR-JSON-FILE can be customized to generate X.509 certificates and -keys that support both RSA and Elliptic Curve (ECDSA). The following -setting is an example of the implementation of Elliptic Curve Digital -Signature Algorithm (ECDSA) with curve ``prime256v1`` and signature -algorithm ``ecdsa-with-SHA256``: +The CSR can be customized to generate X.509 certificates and keys that +support both RSA and Elliptic Curve (ECDSA). The following setting is an +example of the implementation of Elliptic Curve Digital Signature +Algorithm (ECDSA) with curve ``prime256v1`` and signature algorithm +``ecdsa-with-SHA256``: :: - "key": { - "algo": "ecdsa" - "size": 256 - } + key: + algo: ecdsa + size: 256 The choice of algorithm and key size are based on security needs. @@ -173,177 +616,182 @@ RSA offers the following key size options: +--------+------------------+---------------------------+ Starting the server -^^^^^^^^^^^^^^^^^^^ +~~~~~~~~~~~~~~~~~~~ -Create a file named ``server-config.json`` as shown below in your -fabric-ca server's home directory (e.g. *$HOME/fabric-ca/server*). +Start the Fabric CA server as follows: :: - { - "tls_disable": false, - "ca_cert": "server-cert.pem", - "ca_key": "server-key.pem", - "driver":"sqlite3", - "data_source":"fabric-ca.db", - "user_registry": { "max_enrollments": 0 }, - "tls": { - "tls_cert": "server-cert.pem", - "tls_key": "server-key.pem" - }, - "users": { - "admin": { - "pass": "adminpw", - "type": "client", - "group": "bank_a", - "attrs": [ - {"name":"hf.Registrar.Roles","value":"client,peer,validator,auditor"}, - {"name":"hf.Registrar.DelegateRoles", "value": "client"} - ] - } - }, - "groups": { - "banks_and_institutions": { - "banks": ["bank_a", "bank_b", "bank_c"], - "institutions": ["institution_a"] - } - }, - "signing": { - "default": { - "usages": ["cert sign"], - "expiry": "8000h", - "ca_constraint": {"is_ca": true} - } - } - } - -Now you may start the Fabric CA server as follows: + # fabric-ca-server start -b : + +If the server has not been previously initialized, it will initialize +itself as it starts for the first time. During this initialization, the +server will generate the ca-cert.pem and ca-key.pem files if they don't +yet exist and will also create a default configuration file if it does +not exist. See the `Initialize the Fabric CA server <#initialize>`__ section. + +Unless the fabric-ca-server is configured to use LDAP, it must be +configured with at least one pre-registered bootstrap user to enable you +to register and enroll other identities. The ``-b`` option specifies the +name and password for a bootstrap user. + +A different configuration file may be specified with the ``-c`` option +as shown below. :: - # cd $FABRIC_CA_HOME - # fabric-ca server start -address '0.0.0.0' -config server-config.json + # fabric-ca-server start -c -b : -To cause the fabric-ca server to listen on ``http`` rather than -``https``, set ``tls_disable`` to ``true`` in the ``server-config.json`` -file. +To cause the fabric-ca-server to listen on ``http`` rather than +``https``, set ``tls.enabled`` to ``true``. To limit the number of times that the same secret (or password) can be -used for enrollment, set the ``max_enrollments`` in the -``server-config.json`` file to the appropriate value. If you set the -value to 1, the fabric-ca server allows passwords to only be used once -for a particular enrollment ID. If you set the value to 0, the fabric-ca -server places no limit on the number of times that a secret can be -reused for enrollment. The default value is 0. +used for enrollment, set the ``registry.maxEnrollments`` in the configuration +file to the appropriate value. If you set the value to 1, the fabric-ca +server allows passwords to only be used once for a particular enrollment +ID. If you set the value to 0, the fabric-ca-server places no limit on +the number of times that a secret can be reused for enrollment. The +default value is 0. -The fabric-ca server should now be listening on port 7054. +The fabric-ca-server should now be listening on port 7054. You may skip to the `Fabric CA Client <#fabric-ca-client>`__ section if -you do not want to configure the fabric-ca server to run in a cluster or +you do not want to configure the fabric-ca-server to run in a cluster or to use LDAP. -Server database configuration -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Configuring the database +~~~~~~~~~~~~~~~~~~~~~~~~ -This section describes how to configure the fabric-ca server to connect +This section describes how to configure the fabric-ca-server to connect to Postgres or MySQL databases. The default database is SQLite and the -default database file is ``fabric-ca.db`` in the Fabric CA's home -directory. +default database file is ``fabric-ca-server.db`` in the Fabric CA +server's home directory. -If you don't care about running the fabric-ca server in a cluster, you +If you don't care about running the fabric-ca-server in a cluster, you may skip this section; otherwise, you must configure either Postgres or MySQL as described below. Postgres -^^^^^^^^ - +^^^^^^^^^^ -The following sample may be added to the ``server-config.json`` file in +The following sample may be added to the server's configuration file in order to connect to a Postgres database. Be sure to customize the various values appropriately. :: - "driver":"postgres", - "data_source":"host=localhost port=5432 user=Username password=Password dbname=fabric-ca sslmode=verify-full", - -Specifying *sslmode* enables SSL, and a value of *verify-full* means to -verify that the certificate presented by the postgres server was signed -by a trusted CA and that the postgres server's host name matches the one -in the certificate. - -We also need to set the TLS configuration in the fabric-ca server-config -file. If the database server requires client authentication, then a -client cert and key file needs to be provided. The following should be -present in the fabric-ca server config: + db: + type: postgres + datasource: host=localhost port=5432 user=Username password=Password dbname=fabric-ca-server sslmode=verify-full + +Specifying *sslmode* configures the type of SSL authentication. Valid +values for sslmode are: + ++----------------+----------------+ +| Mode | Description | ++================+================+ +| disable | No SSL | ++----------------+----------------+ +| require | Always SSL | +| | (skip | +| | verification) | ++----------------+----------------+ +| verify-ca | Always SSL | +| | (verify that | +| | the | +| | certificate | +| | presented by | +| | the server was | +| | signed by a | +| | trusted CA) | ++----------------+----------------+ +| verify-full | Same as | +| | verify-ca AND | +| | verify that | +| | the | +| | certification | +| | presented by | +| | the server was | +| | signed by a | +| | trusted CA and | +| | the server | +| | host name | +| | matches the | +| | one in the | +| | certificate | ++----------------+----------------+ + +If TLS would like to be used, we also need configure the TLS section in +the fabric-ca-server config file. If the database server requires client +authentication, then a client cert and key file needs to be provided. +The following should be present in the fabric-ca-server config: :: - "tls":{ + db: ... - "db_client":{ - "ca_certfiles":["CA.pem"], - "client":[{"keyfile":"client-key.pem","certfile":"client-cert.pem"}] - } - }, - -**ca\_certfiles** - The names of the trusted root certificate files. - -**certfile** - Client certificate file. + tls: + enabled: false + certfiles: db-server-cert.pem + client: + certfile: db-client-cert.pem + keyfile: db-client-key.pem -**keyfile** - Client key file. +| **certfiles** - PEM-encoded trusted root certificate files. +| **certfile** - PEM-encoded client certificate file. +| **keyfile** - PEM-encoded client key file containing private key associated with client certificate file. MySQL -^^^^^ - +^^^^^^^ -The following sample may be added to the ``server-config.json`` file in +The following sample may be added to the fabric-ca-server config file in order to connect to a MySQL database. Be sure to customize the various values appropriately. :: - ... - "driver":"mysql", - "data_source":"root:rootpw@tcp(localhost:3306)/fabric-ca?parseTime=true&tls=custom", - ... + db: + type: mysql + datasource: root:rootpw@tcp(localhost:3306)/fabric-ca?parseTime=true&tls=custom -If connecting over TLS to the MySQL server, the ``tls.db_client`` +If connecting over TLS to the MySQL server, the ``db.tls.client`` section is also required as described in the **Postgres** section above. -LDAP -^^^^ +Configuring LDAP +~~~~~~~~~~~~~~~~ -The fabric-ca server can be configured to read from an LDAP server. +The fabric-ca-server can be configured to read from an LDAP server. -In particular, the fabric-ca server may connect to an LDAP server to do +In particular, the fabric-ca-server may connect to an LDAP server to do the following: - authenticate a user prior to enrollment, and - retrieve a user's attribute values which are used for authorization. -In order to configure the fabric-ca server to connect to an LDAP server, -add a section of the following form to your fabric-ca server's -configuration file: +Modify the LDAP section of the server's configuration file to configure the +fabric-ca-server to connect to an LDAP server. :: - { - "ldap": { - "url": "scheme://adminDN:pass@host[:port][/base]" - "userfilter": "filter" - } - -| where: \* ``scheme`` is one of *ldap* or *ldaps*; \* ``adminDN`` is - the distinquished name of the admin user; \* ``pass`` is the password - of the admin user; -| \* ``host`` is the hostname or IP address of the LDAP server; \* - ``port`` is the optional port number, where default 389 for *ldap* and - 636 for *ldaps*; \* ``base`` is the optional root of the LDAP tree to - use for searches; \* ``filter`` is a filter to use when searching to - convert a login user name to a distinquished name. For example, a - value of ``(uid=%s)`` searches for LDAP entries with the value of a - ``uid`` attribute whose value is the login user name. Similarly, + ldap: + # Enables or disables the LDAP client (default: false) + enabled: false + # The URL of the LDAP server + url: scheme://:@:/ + userfilter: filter + +| where: +| \* ``scheme`` is one of *ldap* or *ldaps*; +| \* ``adminDN`` is the distinquished name of the admin user; +| \* ``pass`` is the password of the admin user; +| \* ``host`` is the hostname or IP address of the LDAP server; +| \* ``port`` is the optional port number, where default 389 for *ldap* + and 636 for *ldaps*; +| \* ``base`` is the optional root of the LDAP tree to use for searches; +| \* ``filter`` is a filter to use when searching to convert a login + user name to a distinquished name. For example, a value of + ``(uid=%s)`` searches for LDAP entries with the value of a ``uid`` + attribute whose value is the login user name. Similarly, ``(email=%s)`` may be used to login with an email address. The following is a sample configuration section for the default settings @@ -352,48 +800,47 @@ for the OpenLDAP server whose docker image is at :: - "ldap": { - "url": "ldap://cn=admin,dc=example,dc=org:admin@localhost:10389/dc=example,dc=org", - "userfilter": "(uid=%s)" - }, + ldap: + enabled: true + url: ldap://cn=admin,dc=example,dc=org:admin@localhost:10389/dc=example,dc=org + userfilter: (uid=%s) -See ``FABRIC_CA/testdata/testconfig-ldap.json`` for the complete -configuration file with this section. Also see -``FABRIC_CA/scripts/run-ldap-tests`` for a script which starts an +See ``FABRIC_CA/scripts/run-ldap-tests`` for a script which starts an OpenLDAP docker image, configures it, runs the LDAP tests in -FABRIC\_CA/cli/server/ldap/ldap\_test.go, and stops the OpenLDAP server. +``FABRIC_CA/cli/server/ldap/ldap_test.go``, and stops the OpenLDAP +server. When LDAP is configured, enrollment works as follows: - -- A fabric-ca client or client SDK sends an enrollment request with a + +- The fabric-ca-client or client SDK sends an enrollment request with a basic authorization header. -- The fabric-ca server receives the enrollment request, decodes the - user/pass in the authorization header, looks up the DN (Distinquished - Name) associated with the user using the "userfilter" from the +- The fabric-ca-server receives the enrollment request, decodes the + user name and password in the authorization header, looks up the DN (Distinquished + Name) associated with the user name using the "userfilter" from the configuration file, and then attempts an LDAP bind with the user's - password. If successful, the enrollment processing is authorized and - can proceed. + password. If the LDAP bind is successful, the enrollment processing is + authorized and can proceed. When LDAP is configured, attribute retrieval works as follows: - + - A client SDK sends a request for a batch of tcerts **with one or more - attributes** to the fabric-ca server. -- The fabric-ca server receives the tcert request and does as follows: + attributes** to the fabric-ca-server. +- The fabric-ca-server receives the tcert request and does as follows: - extracts the enrollment ID from the token in the authorization header (after validating the token); - does an LDAP search/query to the LDAP server, requesting all of the attribute names received in the tcert request; - - the attribute values are placed in the tcert as normal + - the attribute values are placed in the tcert as normal. -Setting up a cluster of fabric-ca servers -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Setting up a cluster +~~~~~~~~~~~~~~~~~~~~ You may use any IP sprayer to load balance to a cluster of fabric-ca servers. This section provides an example of how to set up Haproxy to -route to a fabric-ca server cluster. Be sure to change hostname and port +route to a fabric-ca-server cluster. Be sure to change hostname and port to reflect the settings of your fabric-ca servers. haproxy.conf @@ -418,74 +865,68 @@ haproxy.conf server server2 hostname2:port server server3 hostname3:port +`Back to Top`_ + Fabric CA Client ---------------- -This section describes how to use the fabric-ca client. - -The default fabric-ca client's home directory is ``$HOME/fabric-ca``, -but this can be changed by setting the ``FABRIC_CA_HOME`` environment -variable. - -You must create a file named **client-config.json** in the fabric-ca -client's home directory. The following is a sample client-config.json -file: +This section describes how to use the fabric-ca-client command. -:: - - { - "ca_certfiles":["server-cert.pem"], - "signing": { - "default": { - "usages": ["cert sign"], - "expiry": "8000h" - } - } - } +| The fabric-ca-client's home directory is determined as follows: +| - if the ``FABRIC_CA_CLIENT_HOME`` environment variable is set, use + its value; +| - otherwise, if the ``FABRIC_CA_HOME`` environment variable is set, + use its value; +| - otherwise, if the ``CA_CFG_PATH`` environment variable is set, use + its value; +| - otherwise, use ``$HOME/.fabric-ca-client``. -You must also copy the server's certificate into the client's home -directory. In the examples in this document, the server's certificate is -at ``$HOME/fabric-ca/server/server-cert.pem``. The file name must match -the name in the *client-config.json* file. +The default fabric-ca-client's home directory is +``$HOME/.fabric-ca-client``, but this can be changed by setting the +``FABRIC_CA_HOME`` or ``FABRIC_CA_CLIENT_HOME`` environment variable. -Enroll the bootstrap user -^^^^^^^^^^^^^^^^^^^^^^^^^ +The instructions below assume that the client configuration file exists +in the client's home directory. -Unless the fabric-ca server is configured to use LDAP, it must be -configured with at least one pre-registered bootstrap user. In the -previous server-config.json in this document, that user has an -enrollment ID of *admin* with an enrollment secret of *adminpw*. +Enrolling the bootstrap user +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - First, create a CSR (Certificate Signing Request) JSON file similar to -the following. Customize it as desired. +First, if desired, customize the CSR (Certificate Signing Request) in the client +configuration file. If custom values for the CSR are required, you +must create the client config file before triggering the ``enroll`` +command and place it in the client's home directory. If no client +configuration file is provided, default values will be used for CSR. :: - { - "key": { "algo": "ecdsa", "size": 256 }, - "names": [ - { - "O": "Hyperledger Fabric", - "OU": "Fabric CA", - "L": "Raleigh", - "ST": "North Carolina", - "C": "US" - } - ] - } + csr: + key: + algo: ecdsa + size: 256 + names: + - C: US + ST: North Carolina + L: Raleigh + O: Hyperledger Fabric + OU: Fabric CA + hosts: + - hostname + ca: + pathlen: + pathlenzero: + expiry: See `CSR fields <#csr-fields>`__ for a description of the fields in this file. When enrolling, the CN (Common Name) field is automatically set to -the enrollment ID which is *admin* in this example, so it can be omitted -from the csr.json file. +the enrollment ID which is *admin* in this example. The following command enrolls the admin user and stores an enrollment -certificate (ECert) in the fabric-ca client's home directory. +certificate (ECert) in the fabric-ca-client's home directory. :: - # export FABRIC_CA_HOME=$HOME/fabric-ca/clients/admin - # fabric-ca client enroll -config client-config.json admin adminpw http://localhost:7054 csr.json + # export FABRIC_CA_CLIENT_HOME=$HOME/fabric-ca/clients/admin + # fabric-ca-client enroll -u http://admin:adminpw@localhost:7054 You should see a message similar to ``[INFO] enrollment information was successfully stored in`` which @@ -500,77 +941,89 @@ The enrollment key is stored at ``$FABRIC_CA_ENROLLMENT_DIR/key.pem`` by default, but a different path can be specified by setting the ``FABRIC_CA_KEY_FILE`` environment variable. -If ``FABRIC_CA_ENROLLMENT_DIR`` is not set, the value of the -``FABRIC_CA_HOME`` environment variable is used in its place. +If ``FABRIC_CA_ENROLLMENT_DIR`` is not set, the value of the fabric +client home directory is used in its place. -Register a new identity -^^^^^^^^^^^^^^^^^^^^^^^ +Registering a new identity +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The user performing the register request must be currently enrolled, and must also have the proper authority to register the type of user being registered. -In particular, the invoker's identity must have been registered with the -attribute "hf.Registrar.Roles". This attribute specifies the types of -identities that the registrar is allowed to register. - -For example, the attributes for a registrar might be as follows, -indicating that this registrar identity can register peer, application, -and user identities. +In particular, two authorization checks are made by the fabric-ca-server +during registration as follows. -:: + 1. The invoker's identity must have the "hf.Registrar.Roles" attribute with a + comma-separated list of values where one of the value equals the type of + identity being registered; for example, if the invoker's identity has the + "hf.Registrar.Roles" attribute with a value of "peer,app,user", the invoker + can register identities of type peer, app, and user, but not orderer. - "attrs": [{"name":"hf.Registrar.Roles", "value":"peer,app,user"}] + 2. The affiliation of the invoker's identity must be equal to or a prefix of + the affiliation of the identity being registered. For example, an invoker + with an affiliation of "a.b" may register an identity with an affiliation + of "a.b.c" but may not register an identity with an affiliation of "a.c". -To register a new identity, you must first create a JSON file similar to -the one below which defines information for the identity being -registered. This is a sample of registration information for a peer. +To register a new identity, you must first edit the ``id`` section in +the client configuration file similar to the one below. This information +describes the identity being registered. :: - { - "id": "peer1", - "type": "peer", - "group": "bank_a", - "attrs": [{"name":"SomeAttrName","value":"SomeAttrValue"}] - } + id: + name: MyPeer1 + type: peer + affiliation: org1.department1 + attributes: + - name: SomeAttrName + value: SomeAttrValue + - name: foo + value: bar The **id** field is the enrollment ID of the identity. The **type** field is the type of the identity: orderer, peer, app, or user. -The **group** field must be a valid group name as found in the -*server-config.json* file. +The **affiliation** field must be a valid group name as found in the +server configuration file. -The **attrs** field is optional and is not required for a peer, but is -shown here as example of how you associate attributes with any identity. +The **attributes** field is optional and is not required for a peer, but +is shown here as example of how you associate attributes with any +identity. Note that attribute names beginning with "hf." are reserved +for Hyperledger Fabric usage (e.g. "hf.Revoker") -Assuming you store the information above in a file named -**register.json**, the following command uses the **admin** user's -credentials to register the **peer1** identity. +The following command uses the **admin** user's credentials to register +the **peer1** identity. :: - # export FABRIC_CA_HOME=$HOME/fabric-ca/clients/admin - # cd $FABRIC_CA_HOME - # fabric-ca client register -config client-config.json register.json http://localhost:7054 + # export FABRIC_CA_CLIENT_HOME=$HOME/fabric-ca/clients/admin + # fabric-ca-client register -The output of a successful *fabric-ca client register* command is a -password similar to ``One time password: gHIexUckKpHz``. Make a note of -your password to use in the following section to enroll a peer. +The output of a successful *fabric-ca-client register* command is a +password similar to ``Password: gHIexUckKpHz``. Make a note of your +password to use in the following section to enroll a peer. -Enrolling a peer identity -^^^^^^^^^^^^^^^^^^^^^^^^^ +Suppose further than you wanted to register another peer and also want to +provide your own password (or secret). You may do so as follows: + +:: + + # export FABRIC_CA_CLIENT_HOME=$HOME/fabric-ca/clients/admin + # fabric-ca-client register --id.name MyPeer2 --id.secret mypassword + +Enrolling a Peer Identity +~~~~~~~~~~~~~~~~~~~~~~~~~ Now that you have successfully registered a peer identity, you may now enroll the peer given the enrollment ID and secret (i.e. the *password* from the previous section). -First, create a CSR (Certificate Signing Request) JSON file similar to -the one described in the `Enrolling the bootstrap -user <#EnrollBootstrap>`__ section. Name the file *csr.json* for the -following example. +First, create a CSR (Certificate Signing Request) request file similar +to the one described in the `Enrolling the bootstrap +user <#EnrollBootstrap>`__ section. This is similar to enrolling the bootstrap user except that we also demonstrate how to use environment variables to place the key and @@ -578,64 +1031,107 @@ certificate files in a specific location. The following example shows how to place them into a Hyperledger Fabric MSP (Membership Service Provider) directory structure. The *MSP\_DIR* environment variable refers to the root directory of MSP in Hyperledger Fabric and the -$MSP\_DIR/signcerts and $MSP\_DIR/keystore directories must exist. - -Also note that you must replace ** with the secret which was -returned from the registration in the previous section. +``$MSP_DIR/signcerts`` and ``$MSP_DIR/keystore`` directories must exist. :: # export FABRIC_CA_CERT_FILE=$MSP_DIR/signcerts/peer.pem # export FABRIC_CA_KEY_FILE=$MSP_DIR/keystore/key.pem - # fabric-ca client enroll -config client-config.json peer1 https://localhost:7054 csr.json + # fabric-ca client enroll -u http://peer1:@localhost:7054 -The peer.pem and key.pem files should now exist at the locations +The cert.pem and key.pem files should now exist at the locations specified by the environment variables. -Revoke a certificate or user -^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Reenrolling an Identity +~~~~~~~~~~~~~~~~~~~~~~~ + +Suppose your enrollment certificate is about to expire. You can issue +the reenroll command to renew your enrollment certificate as follows. +Note that this is identical to the enroll command except that no username or +password is required. Instead, your previously stored private key is +used to authenticate to the Fabric CA server. + +:: + + # export FABRIC_CA_CLIENT_HOME=$HOME/fabric-ca/clients/admin + # cd $FABRIC_CA_HOME + # fabric-ca-client reenroll + +The enrollment certificate and enrollment key are stored in the same +location as described in the previous section for the ``enroll`` +command. + +Revoking a certificate or identity +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In order to revoke a certificate or user, the calling identity must have -the ``hf.Revoker`` attribute. +the ``hf.Revoker`` attribute. The revoking identity can only revoke a +certificate or user that has an affiliation that is equal to or prefixed +by the revoking identity's affiliation. + +For example, a revoker with affiliation bank.bank\_1 can revoke user +with bank.bank1.dep1 but can't revoke bank.bank2. You may revoke a specific certificate by specifying its AKI (Authority -Key Identifier) and its serial number, as shown below. +Key Identifier) and its serial number as follows: :: - fabric-ca client revoke -config client-config.json -aki xxx -serial yyy -reason "you're bad" https://localhost:7054 + fabric-ca-client revoke -a xxx -s yyy -r The following command disables a user's identity and also revokes all of the certificates associated with the identity. All future requests -received by the fabric-ca server from this identity will be rejected. +received by the fabric-ca-server from this identity will be rejected. :: - fabric-ca client revoke -config client-config.json https://localhost:7054 ENROLLMENT-ID -reason "you're really bad" + fabric-ca-client revoke -e -r + +The following are the supported reasons for revoking that can be +specified using ``-r`` flag. + +| **Reasons:** +| - unspecified +| - keycompromise +| - cacompromise +| - affiliationchange +| - superseded +| - cessationofoperation +| - certificatehold +| - removefromcrl +| - privilegewithdrawn +| - aacompromise -Enabling TLS for a fabric-ca client -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +Enabling TLS +~~~~~~~~~~~~ This section describes in more detail how to configure TLS for a -fabric-ca client. +fabric-ca-client. -The following sections may be configured in the ``client-config.json``. +The following sections may be configured in the ``fabric-ca-client-config.yaml``. :: - { - "ca_certfiles":["CA_root_cert.pem"], - "client":[{"keyfile":"client-key.pem","certfile":"client-cert.pem"}] - } + tls: + # Enable TLS (default: false) + enabled: true -The **ca\_certfiles** option is the set of root certificates trusted by -the client. This will typically just be the root fabric-ca server's -certificate found in the server's home directory in the -**server-cert.pem** file. + # TLS for the client's listenting port (default: false) + certfiles: root.pem # Comma Separated (e.g. root.pem,root2.pem) + client: + certfile: tls_client-cert.pem + keyfile: tls_client-key.pem + +The **certfiles** option is the set of root certificates trusted by the +client. This will typically just be the root fabric-ca-server's +certificate found in the server's home directory in the **ca-cert.pem** +file. The **client** option is required only if mutual TLS is configured on the server. +`Back to Top`_ + Appendix -------- @@ -665,35 +1161,54 @@ https://www.postgresql.org/docs/9.4/static/libpq-ssl.html MySQL SSL Configuration ~~~~~~~~~~~~~~~~~~~~~~~ +On MySQL 5.7, strict mode affects whether the server permits '0000-00-00' as a valid date: +If strict mode is not enabled, '0000-00-00' is permitted and inserts +produce no warning. If strict mode is enabled, '0000-00-00' is not permitted +and inserts produce an error. + +**Disabling STRICT_TRANS_TABLES mode** + +However to allow the format 0000-00-00 00:00:00, you have to disable +STRICT_TRANS_TABLES mode in mysql config file or by command + +**Command:** SET sql_mode = ''; + +**File:** Go to /etc/mysql/my.cnf and comment out STRICT_TRANS_TABLES + **Basic instructions for configuring SSL on MySQL server:** 1. Open or create my.cnf file for the server. Add or un-comment the lines below in [mysqld] section. These should point to the key and certificates for the server, and the root CA cert. -Instruction on creating server and client side certs: -http://dev.mysql.com/doc/refman/5.7/en/creating-ssl-files-using-openssl.html + Instruction on creating server and client side certs: + http://dev.mysql.com/doc/refman/5.7/en/creating-ssl-files-using-openssl.html -[mysqld] ssl-ca=ca-cert.pem ssl-cert=server-cert.pem -ssl-key=server-key.pem + [mysqld] ssl-ca=ca-cert.pem ssl-cert=server-cert.pem ssl-key=server-key.pem -Can run the following query to confirm SSL has been enabled. + Can run the following query to confirm SSL has been enabled. -mysql> SHOW GLOBAL VARIABLES LIKE 'have\_%ssl'; + mysql> SHOW GLOBAL VARIABLES LIKE 'have\_%ssl'; -Should see: + Should see: -``+---------------+-------+ | Variable_name | Value | +---------------+-------+ | have_openssl | YES | | have_ssl | YES | +---------------+-------+`` + +----------------+----------------+ + | Variable_name | Value | + +================+================+ + | have_openssl | YES | + +----------------+----------------+ + | have_ssl | YES | + +----------------+----------------+ 2. After the server-side SSL configuration is finished, the next step is to create a user who has a privilege to access the MySQL server over SSL. For that, log in to the MySQL server, and type: -mysql> GRANT ALL PRIVILEGES ON *.* TO 'ssluser'@'%' IDENTIFIED BY -'password' REQUIRE SSL; mysql> FLUSH PRIVILEGES; + mysql> GRANT ALL PRIVILEGES ON *.* TO 'ssluser'@'%' IDENTIFIED BY + 'password' REQUIRE SSL; mysql> FLUSH PRIVILEGES; -If you want to give a specific ip address from which the user will -access the server change the '%' to the specific ip address. + If you want to give a specific ip address from which the user will + access the server change the '%' to the specific ip address. **MySQL Server - Require Client Certificates** Options for secure connections are similar to those used on the server side. @@ -708,11 +1223,13 @@ Suppose that you want to connect using an account that has no special encryption requirements or was created using a GRANT statement that includes the REQUIRE SSL option. As a recommended set of secure-connection options, start the MySQL server with at least ---ssl-cert and --ssl-key, and invoke the fabric-ca server with -**ca\_certfiles** option set in the fabric-ca server file. +--ssl-cert and --ssl-key, and invoke the fabric-ca-server with +**ca\_certfiles** option set in the fabric-ca-server file. To require that a client certificate also be specified, create the account using the REQUIRE X509 option. Then the client must also specify the proper client key and certificate files or the MySQL server will reject the connection. CA cert, client cert, and client key are all -required for the fabric-ca server. +required for the fabric-ca-server. + +`Back to Top`_ diff --git a/docs/source/images/fabric-ca.png b/docs/source/images/fabric-ca.png new file mode 100644 index 0000000000000000000000000000000000000000..6b31f23764650d1325029c4bb9eab021288263ed GIT binary patch literal 116620 zcmaI71yoe)8!yZZ-AE(d-Q6WfcSwiQAzczPqzVGkB_Yx+Qc?qoNRNPYN`r)SbN6`u z=jdJQ`>ty**SN?1?k9gw&I=u_hqzexv5=6Ea8*?v=piAY3LznZFEP-7I~aP?50H?s zUk4dH@^K4z=w;*KsQL7XohuTOrg1M`l~ht_7UvMx`b$N7RlJxSn=uAjuXydn;yVf_ zQiugldhDU`7Jm1sv59{VE&0q|*?ELVn6(&hyaX~6xz1U`qs?;i#;~*xzsg#9E|9UO ztT4Fl($k)t)V|u;$M1%;NVzJZcR+9!qLD4>17zTxG6$WBcW8=1SsxkLMxVB~>k<6m z4et!^NUA6cvnGve{TM<*7+Xob$o=yv#nq3sFLw%IHdxAcNhtY}s+n9Tcgcqw!Ndcm z37=%Qe}pY}Zpt1r)HHcs#02MVEC#C%cb=T{FkI6{4(+@%O``F@Q@!hq=1VR=&l{2D zicEMn?V8^WVl6JHeLn64N9m<0YPBex4|V*}wBqUV&5)eizV=1%YO;g(i%D>_Jk6ZR z`OK1;G%q;+$Wn5gHsb}`_R_e^*HMDxw^Kt8oD}@y(W#zWyvRgSwGKF%kK(;nhIzlE zQ&|0!e1BpQxnH(0A?9=So3rsS3T@rX2(_1<~a?JDkuhkEOt>%lcDhtX+HLEH1unoKt9R*CE2 zGI#w-pYd$nir9P|vHHN5801-xYH7u4`P@ZGe1athxs2+6eE`A8-3bXtE`qv$IJsoG zpc?)XTuX~HXmJZ?AR+|GVblj5cn;1IxTk}_r*$&eE3f9bI-hQljeO$LlKt9u&la0V zD0UH*FIO0?W&TCi#aM~bec@FdY$dOW4kS{PGZ6@tGF+!aFZAS*)4{IMbf7?{5@#2= zGtGv6W&g;G!jG9F70?rgow6<*CFp|q|YPQwOsP9r0()jwr4k8>YbK-EINq+TLR ze#-8Xv42?yPoK)Bav|bx6Ui#`&M~lwZBJx(?qy=5s}{Fwjl%1ka5#f|^~o#JdW`o=WbR zF0%FP4til+PUnctG2{+9NR;ehtbD3Do!P$(c{ZMgnT+>2*wq`U{ON);_vw}U!;y5W z*C@k1PaGrbued#@-sVmEs-g*Uc4_glG;>Hh^v|YuCRB=wTSq_M0@b}xb)0Hb*!gk; z8vLA`BQhD^JVc_zv>C6Ro?!Qe(UmhgN%CCO`X%y|J!Wp;^LHZcF5W^R9&MbHKYlh5 zHYbDz#|s6u!?nV#X0R7!8T}V#bXI#_h~AFs!7x$ehr)MGjXn7#($!sejebyBD6hFI z$SfySm--hCaWpRUSmjtAV8M851!h8apS;i>r=)cq3#T}Lt~!0$E>$#}{oqHn%%_3K zq~|Zxy6hh;S1`FBvKHSLW`AaIVUrT#^~qEW-u{` zgp}={FF8qlyMM^mJsmy> zP-og((Fw-&j4l84;XQGkqD2*kw4VDBogLQb78{bUfM)2&q8ln=WFCeopIJ$%4j#OE zEQ$58{Eqe54@rJ??b#zEAGbJ1q=ZgPsTfspbm5~U3p)~-e6=;N8Mu*9yWSETw^8Dj zo*<`!^+T_MCb`YBZ z?M}|fddt2_uaGvk>KnYFhll-&X1oe^YWeTLf>(lmkC5XXgD{KudGs#JgOlVbhCC^h zaU_&JRa*;2E`6l`^e7^PV^g3Q^dg9`%&&%hDqZrM0YyUORtnW+e)6Z4aZaPaS{~QP zb!X2Pcpw?n1s)^Z;Ab)QBAb9N1)+yUsr9coH{G0l zBo|^V=q>Sob)1yP6B;FI_RL2GVq1`K_=`MXeBpzObMzrZ@s}AlpRdL9&&OX{3x6EQ zg)Lz9n$e?E7jARgrD$?eQ$C}>xFmX~tLhC74tQE*^ZBhP%cV7rThI`3B#&wqQ+6`l zybf>6PU>O#rM~ef-8NP;oI%Z}&B4=bVmcScSjm0}^@*(aKI#2KQ0(q! ziOiaP*~q6j%dcMM#)PlfE_kH8(H^wEVHjXAjJM+b#mh(E`*Y5m*-^IfYpFf4aeP9L z!_U`IX_upGHt?C_WmgVq4ZK%I1Hq|*9)|hFXYrC7Kftd}4a>-*le_4phb8-`GNl*m z+;hsFhd{XYpa2g;WyYZ~*p|E25(G)dX z8^yZ|$7n2E9hE%K(v}bUBiI%+(_3^?C^sHu!)#I;H@}d!lxri_zw6$&8+bKPYHvl+ z`=08tVl1^rO^%MiD1RA^Ha*b;`b+wIV$d~gjEMdSV#8hZ#lqTeO-wuRwd(g;t9dao z3mA_BbuBaTnLb5Ovf3LBsz2F#B|=xZhV!BMEFi3e*(wID@W*FXzE~y|EXcz&@yCW! zO{dG-uzsB^r#90vJVp}3oltd@Bp(@{=gpEbCKL17!Db5I#=u&ebUcUyYV-AR^-SX9N*Sv73@mhAyZ0RnkP?5P1Z@s*ok&iSCkyuD{^ z@Pb0(eJGYhQdH<@`JnH;>@io(u)Fq+=cJUE)Er+NAL=RyPCGEhU-HvE-ZEY>-^Zy_ z?OJTi#v}#`v#T8^CqoIALUp!QKwTFb67g2>lspl3*cR?zx|*wBKLWpe_UfJMYg27E1@mFBCg?}^lr$tLt4oMHOQ0b9ZiU0exa`B; zM_Hu_5wghn^Q85vM6_G;0cv<}m(7Y=05bbtlVNz3$+2&Sk0*ngqUfHRPMp{FqmUBX zaoxx zmMSlc2@)1{u3g>!98X&Me19k)UdvVGL^k%otu|uiIXQp2>#JvNp5MsFs$}x_yEv^M$&}o9Q^VAp3Bkl#XTtbGAfios zaFG3EI>V*c6Z7-;PlTF|QFHl#4b_%JdYK*kd;UL%hYU!f9Cp-qWmWG;7u`3PPqt3TrS@8by4a#4(sIxsXqT1Z-_5n<10-c^Z!h#tj3I!eXK#fZi3 zoy#0VivNDRm9RE{x|-FYRr4=#Z>uh0!;GP0(EUsK&Rj?7bl^SM_uyor50Ub~9eCII zQLgpu2x@is0b!C9dOiG?e?SmWJf?i-H9|hasSQpTHFfjDr+o-Ts$se!1taUo(_`k8 z$M5~--c1qUewHc~SNK2qfrv^4q5F|@UNOj>l}B^A!-z*`pssBKSJ4uTT>!`a~ec2h2D%h zg{Bj5(F^6=;ji03SOOG}G5@SD54jgv_GfK-pd|1-^#g!Ybn4iuke!vSnrO z=iE;Sek5{W7)uOGval}d4&$c)i}|>Kb+~>~tnWiG@$VHun3y3>O^$qx|Hux0Z||Sm zI%-R!OW)mf$0nlzZL8k{%tEi%<}tzt{=K#z$SJJP%kk#-x4Q!xr~n^IWz*gc;)G=n z!%&pbwN5?uhB?=~mh5568}os;3k{ebm;iBe2Xcw@|2ah?Um47Cd!%cv9+Nq#@?J2y zljxi|e-1J&f-XjIP6AI4Tz<5qBe#-Loo_ZPLI3l72qp~se84QTnfpSi$xG>i*D=vAC%Gb{Wc@ItpM?xu4 zJObUzZ`d&2WP?RTFuD)u2;)&jK)G&ki3W{l617$ta&a=|4A&C^O}&j|pb&}!QEP#N zt5bpbi7Ws=7yy>u1e7oQr4JuoP+-yx@)S|?`)B+C8&DWJ5~infdeje=vzWV1&=l>t z<@uew{MYfYlIV_C#6syP?%*`!h4Jukdt&pRrFLi@Z{;3KEv`p_bb9L*!@-_rz99yn zxYXoY>i@I`d}tszNAbY(Fbr6dsY~mVYGlNS!!q1kGcnqRX3j57LLP^U?%#oU$5r9x z48(=on6c82l4|r%RfE&>%Y12h6+;58*_TL`ROz_K931TzQjw}k6dpx1WM~`Qj9cYa zOc(R5?0`a4Ydyafh)v~$wjW_?fKHJb_pYmgVu06IX#iHtnHTRS__x1C!c1T?^g`zy z1f*ttVrN^f;8t)LhQfR_?9+{_f9euDJH23ZXnK$%$E&V=B+QKs`}No9YqC%h^)@bl zFb}(lcK9lfJX2hwUF)?(WIJbiiK_(B6wjFaitn3&F`-7sNh8=EqkInxUof1)E6CBg#n*+ob zS`sVLz0<%1)do8th2hZH5pHw1-C$--*ZK?@^0;1e!`y7>4P%V(wAKnznu@YM8wToa zH@GHO<>5uermP5x+?e+S*vd1m)uo)5k)jU$lp+*jJx<=yvt4H_sFxB*hFS{f;jgBEL{vv%1oG@Ya839dd6-e&gX0uzQfqVq=jSx& z2%rD3_!e$onOMD}N0UB+9$|#mh!ZHikGJrq$kq|(#39l+Dn-SI^j54dpgX+Ww@;DXxwnYDUnpDNM2%fx2|`tt!V}SrezgAvV`4SH>I$0M zGybOH4MrTuKC;##u-%R3bC!hWzLNw*j+m50AtWgEs;oz`UPyNR0#;ODohrrnn3I)U z?Q@%;&$$4fWI%Q~d1CJT>RK6TMa@I`BkQFU`O{LhZGX^NWbIiX^UX>+3jYUlE5eik zd{bsM|9xvPCCY0Hg=-?}HtnZF0HmTKAhk=ePW5l|BDt4XdO>21k#C;m&XUNSe;wM1 z)8otJTt21M!eaA_YUx!0Tf&20Qxr|<$Gf;W7WVvsmK~C-C0wkI%Gv0Ws+i}86LI18 z%$B7)DE#%E<{6&V8Qwk_s6$=xT{SUOUp_YBiQ*!{0b3GaG7L`7xc{#>MED3d@my$O zLH^|P48OM$REy!q9Vp?fUNFk)j?+Lfy*Kmax&fo(0?Lyk>o0ap9|pWN7g7#G4Juqi-2eER1oBXk zzAWbc$0Sx!M6AOB(6EE*Z}6Q-g&a0+9sS&x^+j%MEkJoM&PWnp1!gI-%;ISDzE`Wy z7AeU7{5jxoMaw&sAW>vOa+1+11!*j7D-s=HuNzqr5^Y_KrqBINX!7rc-bn`OI?LRc z(Qnjkncf*;kWE?|U{u`4ANu}@e5lFjT!2opi6f^1ZZubjIuvc0OD%kX4=PeRS9rMF zpUn>#u@l0GF9Te2{xTn=e7F~;Sg*Zf910Ecs;)x~ofXT?J)P78+88nt@NE&D%=SY< zDQ5Ffwzdvo58reDvV4kmGLrQhnxz&#%NG7MXeNnJ>a1@pf#2;>oXu=>PE9!-&$5r0 zN65imumb_5p~>|OT|mFSURcm4s;emTd{gzw_VP?)M#t^x{g<_k9A)Zlao^#xNTttp zjedT}-?}Q-10SXt?@f}ZKe$%wZOubaYoG~O{`ap^|Hfa0l=H2@WYGi`YvL&wg)C5g zh0$KD#-4!&GEks(uA$ePuZ4QH^Vx!C>_hSt*jPP3B)_%lDX#hkQq&sT2Oob7CjI&{ z;-lXk;i3H(7h%!^-FUUAbQj!)edLEovnb2@vdIDL@Ex zoAO|A1BwabwqaP~zGm>STX-Q|?SiqHxe);iwDaTAeVVXDk{M$1<88M?>a(N91BFU( z?rsxnt>Hn60eQ;<*{Tw(wMDM_h1U>0<_9$c31GtT@%JsbNfAHXkIkjW{AGaSAuT8wYjNl{d8wuT~48GFZ)$18Pwk$NL>-BiPGq) z>ECYronTXY&>*0?J7!H7$k0;>b?(uuHJabw#AIk0C1E?WD%!<`y@$;a9NzRJA(M>q z$m@lqGAwt6wo%z7iik;3b=D25;Wrn(0aItx=uVp1P2;G zd_#}-Q~$0T%2_?wYI!{5P86lPe-o46g%S#$L(YLO`AW3|holn$q^^-cnx6h))lGQ` zyd=7;ot^3KjW{fS1v8ico+m9CTC$K2Jfn}04o4{O-_k*1vs$NzslvP?2m*1Ygbad3 zq<&KmonWZN@<6WDbIG)G0i+@E3P4LON!|V4KeCyLg?t{|g3Us_At7jdVO2W2!QW43 z-c})s5NI{S0R|taxwFD=cL-qn|1QyFbOj;g ziC|u&JI<*uo-mbsvH;Y8w@WAOIhYT?=}0BWWE3wDZY}f@AWHf5N!uT7TZ1F+iE#!z zk-@LDlyAPc2iO=HdiGQenXS;~c1uA}u3iW1sK2eW)@=7;1~f5#PK#^?s)wq=1`KDK@eZV|6Ouf&!RS#(ufJ~D zgOw09AkM-3The0*fR6cx0MwklY4LacqnIkWCGsT~$Y+f}`vpCyZV6}-`Es^O7^98$ z+yb>&B{BHf0ZnE8RXC3<7!OBW|7oRXXZp<$;wIyPFBNcIddlGHS&$Xv&b>XlH(Gudx0iGhFlmx+vUvPNasifJ`BBL z^LW-uK8Nb3EPpiFg{^bJ$mw=yYtG>lDzW-zF#c8edNhoh{$WuYLu%gPFM(KJ z+vr4Xy&hGx_o}HG4`cYVyz{B5rIyOI^ zf^(~o-aZ%zLyx9JnsI5|GTB$KZlc3chj6?7!b$PgcS(Ot(t-yv!YlZd>eXLe@{2Q4 zs_>A>P{qqhpH>)iMICvj&n6jPc4^HoYL5dL zZ6W|%mYa1q1c3toTyj@LIM~qDMZEC$xZxtmLymAVzxh=l(Ih zGJ>~|iN!KD(WUh6EJD$ZlQGYSOYdu~s#1sOIchYEbQ1k{L|{eG7gB1526nY9%SY9< z+S3H>iuEgg;0_uom9XSM`M3GQ)~$mhpI!2-pI+Au%WZJrkLX7S~qV zlz6H4XRF($nocD1V`aU5?xp1H`jZo+j~c-wqbx6|&Wn}Bft7-5k?!H=ORxddVzK2q zJle_)Ptj}|I+Njo8aRpLT6jxJq>^3MjCHHUtwtcTX9DaxQbECw4cIVN6v z%#X+o4eBq&UR->Rn>t^%j#y`tM!wOY|HTpcPUq|sgh(Lv6~>RZpPfl0KCFsCswYkBUPW?S(-X$Eed2LtY3&__k58&fetueNeglB5rp7w6T zq|4JpVzMjK(^gadMjv)~Mc1v3qZNLn>KlaT>?N2*$g!aj-tK6cf;*uPxn5f+uIZeX}Dl-Z?k;P+%iuICj{1Y9s#-bn?N_D_&+ z-|@(i?5>Eby-VpWk`i2F=X`1w_{;fDLh)DZ7FLQDUG$QR8)n51dfquk$bRH6E1c|9 zptpD9N@3&6cN^MXhvM_5&&9-H^>>iQrMH%^r+*|}_D4n;a&&Zc_7Z$(i6uGRx<^85 z6UmN0Mrr~#h21rn4TnjRDm^?gP0IV*{V`g|8o zEMTwE2z0aecC|;<3=Fg+Xycb9ky2P`BOGA#87x~D{&>0S_l^gdC>^D+C91gj#&}Rx4@|5Bg}HS$5l6ntyl^F%g^&F#i;#^R(%=> zmOO9zfFP%1|6|t4v=ETX3N}R83NWHXu$wrnPL00z^ zns53tI+?;-jD)y&IR{i1xNR;7V~MbEEw!G(a-f7q6SEu*PP9_w5lC`_;!t+v&1y zS^hY4RG(1ssct!(9$wtZ5xjX)9U1k&hV5IU83+Z1u8D((DSozGhPDR^EBV6({zw9xs-;Dw^)Dt*j(`Sp!1 zK`s0ah69z;92k>Pml?_NHf4cxy|B8xxa1d^qj#C$?sQl<=# z>+vzrZTqnK3WY1mEBy%0HRQ{F^jPVDe2>c85s$@DZ7!B%c&todi<=3~#ld%#&lBu|O|3x!k!!gS_Ut(0O`C(Qwrlzn4Y+_*f@J zB~b5sKW0|lc|tX1UD`tjSFD=JjEtE2P6aLBwpD4vD3t3^3wkz07R7k$Qp0qG>jJ3@I7#6Bfd1czzABZzhZ2&ju*<~Yl z=3a|7m}<$5WhyTV&}tkF3cDIv?=ql$B`q8vynQ!Q2sGeK?XgLeK-K2I-ZmS}#ok(F zwFkOEA)SF( zb9Y^8iGYZqQu;Z|Yi-R7dgk1%k6*E}iu_VudL80iKO~?QPOwbpW4WiNX){hOqA|?p#%@^CXOI{wl9CDUg^+Y0xd$Yy#yCc<31h z-Dr51jfRNq%H^ye)4N*SrL$e8CyMH$rjCC$n2a#nAprQ^$%*3ThsHAjfs8TXdp4rN z|K|ekEupVYNKTwZJCAju$w;W+X`0CLtbPl2vF9ZGZqQ@u9U@HRR~;O8S*SLZCCN#Z z7DUET^P|1suradRm1l%JmnKS(oBNxFLT=>ysZ~r4d{}Hbtdc4lXreq*%l<6ceyS5d zPwC!)%jX91ecvL=yvLDe7v{D>mzaiCwq2v+f%(Zl1t*vMFd;4ewOj`GeS>(5GU|xw zatE!zuyQ$_#;rNScPfS(-x+A5s$52<;a)@ZHpkg^bX1rs=dW^$4XN^4MG_&4HIx{W z`an9*g;VA6cTbxSYKrlb$ZJoPsjMOCLeB3T)RLy}TvbQNYKXEPrQ^sN#Gz)bZ<94@ z{(PG=K}Fc`B=oJ;tO+x5u`b33tlMMbIfvS{)f1ot)Avd5LX?))RfpPYGK(XQDZ#iQ zUBRXhy7!RZki_qXyUQSut*22}GcE;PeS19K8l3WxB-Ji3`EE6!Jpg{7a?0n zFL404V*^r>vGmA4_?#hU2{z$BqLRzadgU4_=gwp?0-SFRK0!pU%erF?;Ikb9(d_<4 zw8R*Qf|((;X&4#3eZR6S-G(@O0?=pUgZ{ugzxf!jZut%6Bci~qmT-Rx4153WNNg)3 zib+^i0p#I43yn1cfD-c4E(mv$+eJW%q~ZwB``|-DFemljQ^1Eq!oQ%)5ZCjQ4J!^c)3@~pS_)Hj)x{wOB?tN{y`S(-+@|5Iy!d_x= z?~lj{in=@mSd_6N^!=`AUBt8Q*4XE@V}ls-pc&V_iF?*Dj#!aQ8bVM zSz-Jwt4l^cPzH_V9GO^aU+FbuZWa09kmZq{3eLZ~0PqK3N#t21N@N%00nn!`M{P-N zY5WY-IrKRcb4>HmC0u}!E{JqHrjH~d$qz*hxcet%LHw9|lG2Yc zi!~L>>mcB~??7Q`g3EpO7u$RE9=2bz1M%`}kBl4vi;U8*#l0aEb380SSCnY{^*pIW zJ2R-e@0C?a87CE9FtQl#xhDaCwzEzQH;?C$oORd|C(P4#A#br}2WNZ?&@mSV5i0SFm8YGNs&VB7{?6zAFLDo=qF^0-V2J;71Rblb?7QPrdiys-nMo z@(*l#X7*O?H$mOB5*TM$1qV|-uy52KYW$}9MWGhZdFb6lmo;!A=xqsLzMFXvR86b@ zYwWkH02siom!5_FhCD!RGE?8=%LTuz;@(_=lh2P|S~kh=^a<)KeN9<^yRbZhE6}o1 zY?yJ!3VGpsFn)aH+iO9ykcjz#6wqjuFHPf@KTes2Fy~yCi611@JLs!e@-1d{fPYLx zHMI#mt#`1ucr+pKLP~h?ew(lhu#hs@06%&JIJ!L0kfS1gE%_%F%JmZIbVwKqFCquj zM)?Crk;>$_iwuR^50&taz}z5b6H>{nrRY#uV4Y!;edlZ^C?^szD&I^;@JjW^#NhKN z#MR|G)4$ur+;N}qzj6nQ&AVoy4rOVDT^uO&+w&k95cLM(85QL3K)*v-y|sRx?c^*; z4FZTD0Qf8C%BtmG$Gt!?=rLc&bUqwzEA0{80tl1McNeZPfKy5Muu-}y&K~UZe4&y@}eNig!^){GxXb^|s-C5`4`cDFRppG#E`%mJg zv6iDlParNxf$(*w(9U7SAp}ZrumH$lYq0m%Y6rEF9JsiAng%OpibWCt`fMtLrc5V! z!Lt|pI8V5&g3SCgkv5yc zGn*YG`6EMX6uuhfnxqOV%hU_+N$3;lq$eRNM#yQ5nh!x7S%Q^Vtqr}cs!7u@E)`k^ z&HeCW_h`J%^r|#dgQ{xVA83BxZ!J;MzSc!A)_BVu5dZ}CV~*d>HXJt0js208M!q-- z@o{^p9J zD}8{LBw_$#8WvaI2YO-u>a72s81@u;0FBN)Iv^%#Y2**1sG$zMW=yx~o-nKb@sg9z ze{U|!m{KNKEJ5}bMX>tgOL1?@0Jjdj1Gp>ox1IhC(ZZ4q_=BT_N}^;hOQ4+B-W)1+g9#35sd(r2-gJ+$Zy;;Nbrx}*J41m z2n8GX0fYxXRRynkIpSH_Vy2PHv$L+}<7CrV@=`W}UuP~F-+6(a{ha{C2&gR=z4rjJJ0SYaYfubp$ zy1B{a->L~Nj8crm8aeMizMh-;3l4;B;q<4^+&<*wi-%qZe0gOSZ=>jvV3aEwMx!k) z9Q%;g;)7p2>d^h_WQwh%cf1-bYt|~p?1E#Dnfh=OEqkt4gQD9n>4?4zSK9O_#S8}o zk*ssqNhppD(M@Lw%@aRz`gM_<$&{nd@0gDf_7b2v?HxBxd)M64Z;<(HpQ^?+)=^T2jv3`&{y&M<29NgFA5jZ zA5UE3Wy)Ly>z#5veLRv9F0FFZvA<4jY?YRaSTT4EMA)BGg(qMBbFh!kVdQelYfV1q zxqt$e(dVjX>+>_OR$q3OlnljRL=BL?X;bJH%@jK{`z?_z?|6o_&BH(;GL2BKWMwCO zrH0==tb28c827j#+BMm<`9p{q{_kru2uvtg0?bToV`8&H<@PQI+J!-n;DaGNJ&R+= zSXpe*zYO(;i$uj^+|n;3RT(HLXGeu>E_2QjnXcqMQnIV#)aIiOeaVe>0FHDd0z&cZ zYQAgnzd#BBW}XB+gH50&FcD-!BE#UZ5+A5pm2C6hyP$chA4hc+~7D^=Q@yW1zEHCM3iK{FGI-kx6qA99LoO4(uPwd65C& zILrz}r=yW6NnkqpKc39NWZ+h0d=R0qq{-koJ1K9d&tAjIo9{6&QWzP2meiV+YEp2O zjJ}b~z~Y_XiIV7|&lny(>yzajV|S-c>DbN^PBNi-<$+;Im88r>DY=<5D?R&f$sHQJ zBgrfy{H_Zc(Y#m3E)nZ8f@y)DjObN+`69m^GpoO@rBWTqN~{J|s%5z+Miih9QNg7U zqk|*F=%7vTB>sdu)A}i$tYU3+Kgq`IZxm5n_kT=0t!_}cu1;GV>C`kx|i5o^GhicLOmecB;{jhsDEaA#PAB@JAY6WSQCS@Z!@tXKXTDj@w*7 zrn~cR&f*T^D<)*l0N>fvLzJDzOYLs|$`;y4Psi^aRO`pM)YVwmb{h?}Q*Sk-AKRfU zfXp$2QJTd9q-iipb>PC>JdR(eJ9sg&s|@}}uATAqPWvGOZokiL+#=!+Vw)fs>-7RP0;9wz~vf&l+n#dMX3wd%8+{-=R$4+OF%uS_)=aV6xDAFitlH$9^9Y zTs@4-64Q5%I={|7pbk0jpZrFahSL_H_bZoJZ!w$ZLZk$_?RkPU{yD1< z$AH;8DpMO7jiXJG5-aOhK1&SWu|3JZGSOR_2B;!^hl$RK%Uqa#32v)BRlIp zkK5Fzyankg#?T@T+LVfoI*t3n`Mn<1CRem6zZt2&K zUcD}^z-?}Nx8ZzwIn1z36Etf4X-b+-I$!<=02n!B*)c#(?Sm*J-}vTwiWWjrA(qx` z2gCW2+fi=QJYGJe0Zztr#?dNI`G7NFYP&C$BRQ~W| zf6FV}zPnF@swntvY@^eNW;p$Z+()(PA@xCxptHx_n^&Z?k{ecAB_cva{o2d^Jh667t8-1o` zCkK4axet_<3P2OV$Oodp7HkcqBlUX>j_7}G_JvTVW6-QS?@RUgLOmI8=m$|=Gb?Hk zrfD9Y?K;tSoLxD2L3b++CRZBt;D-AwB&XcBxjd|nrze_EX88sCXQbRtMWKcL9TUkv zyCPqcrH1StitpR21ZhT5m2cV0*WWkY1Cl;?9g2h|{Q91UHEPMp#esTDcs2INIHYQH zU?CVq%4`b;{BU|h#5(i-276OmQs7SdK~^T&Q?v!k(TjQ5;#HlMjj&p1b#ab3CEEUQ z&g==_fAnKvlqR*b<)v_X7wSa53%9YDE(-Wn$jR@&RxC>sDH-T+TVe{P=5oYR;<|qv z)@62-bJw=dX~NyX`0q(Qj{qRO?B*{?WgF-2D{G&j|6 zQQ|5Xc{T0i>xbo}-vHkJjBry(-kZaN&jahAp1|EANC2xV6eq)^=XGEGVIJ(IFxG3+ zt7JLagCl}&-6)D1zgOWq*^2lfbdt0>3On@6%bTL|KT~u}v{Jq|c+l6H*^@A%b>`Ec z1>yb2)q5afX`vfjZy@@V?l(kime&VPKFH8Fpb(?9jEe**$~_NxL56Sj&^F;U-+(7? zUZNq)n@Gs_G+EhVc7IwsPde47%iF&AM8kemfb~pLIov*r3bQX@>E5W&J3f_Tjb_q! z*(tQygG?p|m6wCzKOQ)J3{>UO!p;hG*F*F+H^snjI2`xzb1ZwDRFBO-WKL_OnJ- zkP@%OJ((lRG=FRh21hJyuKVvcxL;&7kRlLnn9I@Bgw-ivT}VyG605I&eV)Kc|Ihr&~P1rO7kZPAWcXz_liC++17Z+#Re z+jM=K;&=}Z`0wm?$wa-8HOEvrL-dt@U!^aBHKY)lW~{F=l}5s< z>ApOc*P8+`i^h3e2k2`13n-Q=gF~+>olPom;zEnfJ6C!!o6c5 z6`CibUoA*mI_%rdMJ|I*%$vvGPFh^rvAjwn`?=$GnPc_3n0EO3bGSXXXhkn#*B=ML zIp+y{4%prqhjJ{gT0!vb4|SBazf?Ms<6A9H_cIcC8{N_o&wty|g%4V?5eoU^*lxi7 z42b_a4hXyE(0+Hgq*6K{vX*rn@|C14kCQ8;Q)lR^l|uXLW>qP^*d?>H6h;)`IWd;Z zy=LCXoB_teS>}Z}6M6mI#BzyhxX;=!*H8}yHigrICbU;^PdiYb2DenArQ`M3l$YiO z-#(VO>me!E=ts41ZpxGx{qAy(w*xEssFAC}0y=Bw5E02&Z(qIM=P~k<}*}CjgS8 zQ6voERGVz?NrunB3-^-D)IH)fF}rxtZShpsL|zlH%h!)%>(!_pC$o{avlr%@aG<4; zlIi6Rg~c5BGDmf=KmNplo%E1bFxzvOP=^qcUE87SPbxQ7d zaaA;e)iGv`zU95?##DhD;AxO-zsOA`BydR2No*5J-CK|1Fx6nB{TU{cZxTYE>C`{ZDJ@~#7@vv0JH4cpj)0>*4O{XGf zX8ymFStGw1sF=--b1cL&563DFir;?Np75JlOn1@!l8? zp%`7^Z9N{X5%H84=Vc1;oMR$W!XvA?dWZ=PIaN)_nPN%t{Pp z^em|u3pH%s%&#Cna4x*Ng6JVf>hzAA4W4F^q}ih(me*p&N|^=*D0UDhcT95&e?T#!leSN^f+aaLve}1oH1@2D| zR6o~W%xraO1l)e_$Lv`H3VKaqKUDBi~#!F@0YWC^zb#;zFw;pL$r?Jl?L#^_3A-O z|ED;qV|Qc#c&}u-;im;W#amS^t2YvRsUZKP#>;2h;S#mY?7UUzE*@p-X(Xy)oyGFL z`~QRjjEL?fW|X}Ro_5;9?-Z`pf4z@r-iF>K#9&*_xN`H}t4Uv7N$z6+}C#rSOW zJout=-M=9tHIpLda;?!=*%OZlpbz{(z9Re|&^8fFs0k246|ltx;*JC=N(ML&My{k?HrD;NK`&w0+7xo75{ z`wV%8O|s+G0rF!KlsIFKa4cANgG403FE)hz0y25X>>O2+vMS829$Sz7d2uO}M%nO= z)`yE~ix2S&5`+O#Vc@Zw?_>N6Ix03P-HnBXcbfI4P{SAYQw{CM13Xl(l6s^S9S~On z6|NyowduUpKE!L^72=}lo|*n^KjF=VPeVgKql5G)oM7CbYqI1UcYQ20Dv|toOfmu{ zie*Tlg=Ixl3bMX$>4IL)GHz}|qQC6FHfmbZIg`@Qjn*~`dIgcxkl zLiw#YW}RKLO8)KEWd{?Sl5EB-8>KODtqTu1Ch6#G(o_9g3CJa|6Yz!4z!+`o$mYZeN$mkLCX)OdHOC#*WZ0 zqh$z=z;RE7AK*A92TPNT_mA0rnCL%Gyf&v?dHP~dqioB27l(*upu2hzJRFa1L6_;H%8Pz6w+qa z0qzB-`=Qz=rsp?CTvkgh<$oYkI| zIb%E-)naSh!KW6NNfz?Y-6oTEv6Qe^QWRufZBgei=*Dc#Eo7o7mFh++h)5iHJcQ%o z){CGd>+*t7pJhneC6>X-q%Oz&CANN|;;+3phQ%$Gzi@*tge`-j>@kof2Y;FVY*qJLV7dai3wxjGX!3)5*-d(FmbyWpPlXYa%J6?w<1&~a_vHQGu9tT zbTD(FCyqb2*9Az)F#2IrU!&9y8u0S3iOV9oR`B2A-DqXZ;(>@g-OgM`hfbNZnq8u) z9{TkNY$hH4M5qI@&E)uGsC|a37}&4gZXbmL|F<=Itqh}5kt)A zdFU5r6o90=|IVz676VBcbWx(lf7sBpjRwu$Zs#&#wP2a84Ld z6JWQ7T1{EtpQ|-q{P;fLx>`R&UkaMehQFducs@Bqur+{IZ|?|Ub_fVf?O;9vLx(?5lg~Kw|4YQM#Q2A#l)rC? z{2v)Qc@Cei@pY{49S1mEecJ$b$L0Bpx${dWpBjW2Zny2f0*2|xe+d{cH2^XR##f3b z{NIVMM3kqM*FMibbo3|6t8h+XcPlS#T@32N(`{HH^joc2J&_Z%uK_P*W?D+TaZKYo zMO@vtoK(4nSc+8qG^f9Bv=n*l0rz=^vjMB*x?79`sVHqW==F}aq7QKQ5&cyOV7yqg z^lk*_#w)#rWqS{|Vs$r0TZsW)G$7G(_ph*_npSqy0FZh7ViPOT>^cP+9RCByHeBqx z7S%f58sRxuL|lt>!TcO^!@TX79IZQR+1Sv6A5;FK-%E4YD(Ux~`upN)fCkWI7)4qa zIS7HS=>iij`xj1(fX+GYpF=49PntA61qtYYajU+!5_<3$0gsn#It-~9?V9ra3>A9N z6`;rGxUs^5dXH$J|iSMqrP{8x!*k|7ifk*hMUqc|4XX`$cE7i47 zgqGGX3PMc7q4&J0kLK|kz_NE`U=Q^2m*3R}`I#D@A3a!nz9_o%o(s9y{6OReg$HMf zpw=d$>ht<~@US=+!#Ey?6S!P^+`Np{-1MRtcvBBgK>BW4dn6AN^7>$E#O;vVAugl6nUswXNyX zkuP+s&|&=XecQeAsgD=jle#FEQMoScZdoDU9FkHM9F9|{dRl{KK@3`=XaJUBJ0`c@ zxU$OI+v|%+ftH@c{m29k=y}V&+B-p@-_~}rzbUacsL<;hzV>i#g?dv`hE&^reywr8 z!KI5cp)3y8r6Pt;p)!fZzozk8%}_dR{{V84FJQ)WN8-s`i8yJK2dN6vbuNfDxK>76; z_0AW`3tb));cP9ioG0%7?qr$h!W;W7cnl#J{B$BCe_KZx!T;-F;r#b_gdpw z=nv%?Op42odLJE34?VYCVRz8<7)&O<=#i5%T)WdbCn-%&z~2vDpM1Ov#Wk(>7$ga% zjHUB3lo%4U;QUqQOFVSn|81K&wuM=uR60K5z^wpS95e}UjYK!`Y;y46;H`vCl38!b zv;9{tG6j->N_QK$P{T#dB~HI8iB=^sF&CzSXSz9v@~d^BLZd^<{o*llSvcyh9uhcX z?U9M!yU~5mSA-`cKdSi=b-O9f4y{v2gXK4ipWe)NRfN7A}5+UBn0pF?tACg z08;|>$p?D_GVfpEJe|Z4>I=>U=#}CpB6crAh~Ak^UXA~OaRNC&O22ikAx%K_j6$^U z>jq3qAN&nNVJ!R&=M991o}l_YC%XFZSN{nbk0d8KRsv2r8rg-Unaj)vk9*Q2F0tMM z9CNS+d&TSfegmrJNfc}kB+}=Q1~`4y@=LdObWZH(rBr~5+oiWA>;3lAMoE(~(IB+L zyq><};)DIC8-`+SzzBzcNy4onY-K#6Ebc5cEJ^vV;DDSR#v(nIBs$VtOkiqF3tiTc+yGCW2>fcAyMC7;|HZRVdAnNKU*(s?SZB~smKxCF>^c>-vP zhKcXO{R0bWCX39N1Cmw!7-#D0&QGdXnTBRh(7yzyO2_0Bc4!7CW7|<3SO36cw|*I0trRQF(qYt7xP&2Bcd2tJgU{8d>V`S?{b51aT5PH& z1YpComxEoR#;8$8N1p@CCfaQ$<>MvX;)DxsfcXc@ldP!i#Nvc%QRxjfIDT2_`PPG{ zt*UOB>20saOa4T0VFOeke2M7UOK{jZ8pIv%5aJym*!rdOeMxG5I=Q|WJLE8>tB_7D z>OVZ16+To|)!Z!T>b5FcW@6XvVyUG|2EekLWYkbZjw_4Vr&v1T=$u@3)6XNmoE57c z3j_Sc32vu90fVr72{?tUpKqaj`1krLx`Gaz_d(XZsQGeu43!lOrPK%Sdw8GysMWeK zxb53V4DWkboVuGz_>fS8CA`-RX@Do~#WLai4UsUf*5?WiF4W+1<?Q8$Xh`98F93FlRHOKoZ5Gn}ID^a8Kq_A8X~WBY{`PCMhBR^ky=B(y=yvn6 zOg92B{YJ0i_&Te|*) z`Nj4fl)34+M8Cn1ka~D0_S}Pezt(7favK&eP+>Nrig?+V0rf#@K_RMk5OuEdFL~vcPDv)flBJgb8TpzH9bAN{e@Z9mn8@u_!cZ-inWmsjU2({Ne)3RXa5(!E z8u1jeCw3M0#Au>HsU`kYQX=CQ8tWu0DSd3%uY8M3l!HFB;-!HPHAV#BijFvjhkO6Z z-yh2p0(Fk6U!f&GCE>?@%Ncqynkgi zZ&Ot1Gy@Fs8UBW7cDMU8c|c4=!Pm%3d2n33!*yl+soV=x-y>Ts7H5c5ZC`b~xFSVL z!C(TLkK zIUavQEHJsX$8k|!74RQ2Mw0!ch~(hn%kV|}PBpJdfN}M0{#kK^v-W%e+B9rx!?r2* zQ5f(p$ycp~e=chZ*Wd!~u%33Y{$echd;esgOU*@dA0g6Dr?e&#?$?wz+oP$jTh9jh zuC!EnORxufjT6rLADm!l27Jcc*wzeBO;wguR&^gxPIREym#346bv-qa!U=VG8bcm5afeWF_?efyN^(=#yZ$a;)zzR@ zU1VG^r_$S#-VR${s&M($v3|4~b?fmr*lN=`z58f>s;LS=b%1tYr?Z;(PZBho0n30g zkjbjEhn9QamJD?lF&!{Dq5(uzcVyr5x7$VPHXVfV{Hi3GX6Eey*z1Q~X?lQjuo;KB zKP2LEGnwe*oZK)SDt?t1O8*u^l08f*f54wfd?eSaWlth%SoG&H!O5U+YTa`$B1n7c z+m*nEX`Ub~nmU=M&hqzaFSPm8I6!l6q6(kFWWr#))$9z{qu^u;ogo!oRhFKfrF9`vs&%8Y%WhZQt#y7xT=p|{n!spdKgtb+ zl!-9qF;)aRJwbe(xQF=>_Ek@%jOpT<Jg<}Gz%m#nz;z5 z-*njC1gUqQBfQ4OAau-s%T$Hl6F&gMq+UhnAy8mtdB>fmU>F_fdP3o1BkMb5Cd2f{Mt2p53 zzec9#9`=fmv=5xRegzkMFa;*^h9+wvd7U39&b!;}9#%>pP{ zF5QM`e;1}2AA|`w3m#)>3b*7-DD(uEo2MPk36OvBqp+!7E~SeQ_8{R`aOc zAFFUW%;k9fa7?kn`Q(QEl%CG~CNN#{Ru%ac=PZhx7F)`%yUUqKS+<2cu#|y8X)7bY?8p3@w_N-s zwm}Rh5VY1q&Y-;MOpzn_n2RJr-kD9;@}l1^0Sv!LO~CioY+vZLT>IyRqbJ$3ZR_EA z@Ge~DB@-cofXFV*dw+9w1C1;mRx~nN80d5ZKHY>`Sr}jh$zz;#wU3v0J6do(r>lt? z0m{!Q-D&7kdNOH_MjWo&X5{z7XGb~bJ!%YEq$&#`;iN0ys z{O2T5Hx1eyS+_VICTx{|$|e&h_)A|q%0(!Z(fr6B*%tg2AaYX=XncXgA%`BRY}vq1 zjMVF4-<)fg#b}{-pQx37a-jz7?CkL{ATxJMOD_7WWXtpOZk7p!&k+DK8%?~Zs4epp zW(jl1QXPp~11|qLt(AS!`TFCy;iOSnpRsSnRlSKWNox&GtrQySdT-QN5y7Vz|G_37kr<Q&6w9v5fg8dCn*Q3{ZXFU9Vi>yq+Q?gMJ0DeVW-LIkJdE7fy3VCdn(D90TK9=oJ^hLF`KJTS+%HT-8i`Awz^`CdF5yWw2W>w6+Y zcE0#ekqhAc>KBW@+JE6HL^^$dQlv=imCHG3UN1=bexn)e4M6`E4+FcA>Y}Phf4}z2 z?93R_NmG(VgI3&DGM@_!PRc3L+Ug$ab+pwXu4%Fk*&AkD^ zsbB~RUt?xt{3jxC1>JfxpI2vgfF&Or@!TawFKnB}yUd1QnbRRa6**qxx_$VKPLGFU z5Sfe|*UA8mebbDr{Np5I4WHQGH*dXJ&p- zaUVrTahu~_BA)2j+FaH7rHD~~=7zPTO_JMUsd$2CCWA?nZo41C1w7VwyY@@H=&L!? ze-%Wb$PfgetA#xSp}3@_Jae(XHqQ zrRHUx*L4X;m}wge7lxl%4rsmVN3#mNAjM0W)!u8QgJXFdiTNBMq!l=qhv~D4=o%sD ziR#y6hTjJq*nb&S99ePQq*AoBQ|E%xH1(%BODwfT>?Rthpg({WzL&?}%f2^v{OS#Q zn9wN_pgtW1IR938kL6L}P!r6Gi1gKicJ~xhg}Vf((yFiOHP7fab0wzT#tj1ort}AJ z@!#+`p@_cL+}hZ_omeAoWoYBDV>npmnhyCc<)Xi3jT(=~UcykOO|w?k>LmJlcv8oT zR)nL0-fzfQbTn%{=az+G-$-$P^N{~hW@8?os)p{cQt^kCiqWA}9{e9c-m;Ceq3U>he0nfa@H1xDP6r58~~$juox zt@>kax)q#s_o5`CH_%DETcMK_9-OmCy}ZOK#Ub z4^(309oznrKGHz8Q79RIL1yq4dIcqmKw{4g2O$6?SMDoc_FnxsY_JYNUa2@!JI8;vbC)688M-B1_pTe~wstIX@-B-= zgd^1=>b*mv?PcHuy7(P#Da}DMQ9YV+;}fEbNXxR;A&=AQvUa2area$c?yOd*JnH1` z2a{`*QqBW+l0CnL(dC*ncMQp+syCWHWrt;!ro4bP(&*%zHW#=5R#rZ+Y#)V*aY$k7 zbj+OpXB?qDF&yD-WIXQ!9^|RqhUx`}2Fq#WmC-XTcTZCy?iu!Wnw#PzyKRp3&3wsYCP@?LuamZGR z(v%l`-j>ttBs&hGvDkVeQbAx@*O-L-@im%k8W24!TqC~io1!NwFW}z0NCD;v2*^bC zfQ#K6U3HWKhP``VdXUiHRMj|2OO8O~1P{N5Xw1lH{xg$O89!n>iD93?X^ql*t}wL? z;b)|9p8%C^xRKM*x5}GFEX3{)9^_elj4?NQ5Cn=G4yeLc2q#XU$t}vQ&AVH z>t-^FXT9v#W=HZY?rkrRWg`L;XXUac3#vxRIdC1=;&ASx(E|1haQzW~PfA0}s)`sYtXo%F0t!f^J?gve-Hn5Ov65 zmoH+F1ze6YW^z%z@@>@=8=gGlmjNz_>L!_eB>t1h`ds1%qM`vgY?@`^pjz!kB$7=h z#r9cbPKk%-AX;oVL@2y)&%*}S$`38Eq2yR&uQ%ouc7xfr!>c?Lbkv>%x*k($%G06k zE$2Ku{bEF=lht6pLH;Qvh41ceon(r2q)GF@`fU*@A9xZ4gCz5HNjH#`z#DrJ#-}%L zUoOG4-38Wh_eekfz!gX_g`EIxxB6wO+#h5&)xW#U~8();6Q3&UBJ${$>uslwFQ-MRbC zXKbiFla(n0laFlL&HAtu1zW`s2MqnsOOG{QHB~Qy-dfTQVLIAupeJUy1}+{6sZ zf!Qiybo3C%ge>c?XMI+y5T$siwU2VFuEG0vmz2(jF)k&{)ngkr9R4i4FOW8gDskHbY=0VazisE1I@g`jNm=MB zxjlQ{b*Eq|`gXrabv>PY(x`{tzj4BN?^@6k8r~IAT6buc#bcYx$-A7Gpyhb=b@CE8 zpW9H_P{VY7*d@`UT^&3{#5&v9yxg=c$nyF>q6^=G@W30~qjPa)waa z=9|+9hWvTGW^^F6E%Tb4mlSS!PJZ81Wv6`zZ-s=Xl#}#XhW+D~C4Ihj~HviEA zOoRYB-%8k>f8|uY|Kap-oXMV(%Nr8981;&d7B!#}(0D50+0KhmBo?R?Ocgz^GmB*;6(L$ zC1Q8l%D_;V+T-1Xbk9b1fX$do&GGc^q{dgzFdof6WlGT*x_Z*x+lM!eO^ZOt{I}Z zxUS1NIQ^y_TkvF+E;zmmnO#wYaiT(^s zr$_*M!S7Zg6;gV8|D?Q76p5D#&QN9|j$^o;VFkZH%Clju_ot8GcHk_~`+IC4mUu5^ z2%&W>0HUtO=Q8{69Hge?eytoqy9#^6yHzAcB49k2Oh)N-Qnr5w9g4dx&f_F2eNBCC z&j}2K!WxLvO&N-N-4Oi2aVC&({<$wR7L?wjy{rFXPjElEwD0jUbOOogXvUm!DT&e* z9iQt_S6;S%Q}rw)d|=5tZSFf|^NCfe%aXF=?cgupHM#S7?`H7oXGY5E^l5MOennWu z$8v9wyTZO}M}4eAMoCsLtgWqMDkdg8x+AEyyxKnrKv$v-pOgm}S-L}hBHpGoaro32 zG%j3ltk2TV48+KCiQp0xX`Absp`z-WR%I)hD&V0O)UpYMk8zeaUy#JLJzNj;-AX+Ai6QhQ$K^rNAyS<&RWkDS$!%WF#x z`PZ@>v3}Qb34(!1>d~@n^^A2$3_p@=tom{6uZ+9Fwyh6WdU2Tkdf~DG4jNYMGf*os z%#KFCqKBtf0esthM2Q2C?e{%$6K#zhmbFJq*z_j;&KddUxHvvLxDn}_c5>3Fi3YFs z{ZpKNN$+g*0r%KL@||YY?e$O-f9wamB7noix&NT}3Df-&|Ad}+1y?&2n9%n*d9Uy6 zaT~UFpEdhLykdiOYzk>sXXx}G!_-|lTuv#)!?s=`wb*ep%_*nLv3%^8&vn#9U)stw zJlW^=&lx@YfqpJNSY8UfFy}`a;P5J+c69SHrcZX8F@IRIEx}}F+J%+tQAJpYvGqwa zd;t%;kq;U8-EUlF=YwLg8%d4e4K)^7)tVRfPuErJ=F1;1EUGm)Qa$$3XE_b5a?_!? zca7m!x>q}W&lvk$)Z$Vv3E^-h_~B3!1)WMir`K)gX}6~F^j2;<`3Q9cBM$I5zBCB- zMhU$Cd=#d_JIwM&8c2aVz=WQI?Bi_QjwRnlq1cskVfL(*xNRA5Oj<`)vxXb;}h2B&iE!CO?*VCR!1_&*!&>9=h-kicm1WQdD`^QWi*;2 zvaqkE;rwyCN)?lR=bXTjKlgBnst53@-;j0nZhtwBt;Ug$x2TN>9)E0s)I>SG;Cg@A zM;yw>JiEKO1KFTJvLtSc0)Ipa6edEE7(S^B!2^51D?0o+->2cNBB1zdaWO=``iwyiU?-LG~RD);`|hPAzhPkrC4Uy-yE&*?42JgVgIiC0;^AF%f7`?aUp z@}8s0jEe~)z63t$Zt$uJ--U?b;c>8)NowaOCz;Af4s=QEGV zdt%z}bh~{{-SmxVofd8u-Frf(k+R8=bD--|rJf9In&n-N8F0lGQhYVsp4NlMnZftsw*v)$X_)ORkVHE%bM$twIn7tZ?&vfphtU2Sbx(08IoNg1^@5o4oSZKnS{b zrwiIeA`a{a@2gtY3ba2U(%=exBLLs*scQx_$(&d)+H+Zctr(6U$`DWSb07RRat5!q zex}+Y+{Uu_0lF)8gVywO23^^JYfNWh(uI|`fC0}C{ zu_d(nTdmoXII$aA|B^a5{#e#|E!1+X;(_}#8aPmUPDI%=n@+i!Zxh=^A8$R}sszsm z8~qPeAB>*Uo5Z>}jExx;UG7q>Q`y+L`qC_lkTZ2By=5#f*Hefc_8{W>C}5-Y z;-sN*Hy0@ZTOq;;_xnw6!guq$&qX_YekP`_vqU*Mo#b=!PuR}2sv^>vTsD#dKM-@a zV9^Ko$S1d=fhe8}1t;Yfe$j$ix;h?M+Pev_6$OMbD_(Py6sid&U$yez3KAwn0RUHe z_^U~-@1DZ2BcZIyC%|LO0=yAr)7*+4CJOrG*Z+Y$ds*+ywRLzpctPO*2p7YN9Mgje z5uDo%Kk?3V3FZ}`D22fGa0GE+t+{DWSAh*&=zy6|34{?+df0|_GWONU=@qctukn7R z4B z%YNY3fTtr41Us_A@KN>0yKyxDP8{zsX7WGq5wxM<3HBaE5=CU7!|8#mdxa<~KBh(3 z`VchmYHD`i`l?)d(Y@@ON1yxg;qsF`Q_YlL@4s}EvpM#DmaKWjXX1byvXUB`uKptj zX)Y^$mm%>hX^1z<7#1udooleH|JzxBRN*e3d85NUg^MT-l!Bedpl>?w_TI58x8^Cr z5$1$V29U*=;dpP_MF>-3VXbW2GTX201? zEna|8D?VeCn=8=Nj6-dCuv5`EsV{mrP9a)s6JlHZL#iTKmDc~UUdr=jU+qB_<7UDM z)ca%L(dGnzD39>|7%HRSp?@v0>UAqF2T5T#OA+fBA5KvV4SeLI2z+W24PG^ePr}*= z@(ZOqEp`sV;$%BvD(Ou{$1PBPw;uP#X~Bn>5Yo4&8cX@9pBxYZz^lgko0+Z+hHvGV zw5L8!bljj>N?%1cV_uyIJ`u7@G=EZ$$C<)F2KSzcTb$HpG^n92J(GMu!T>eVhnqdh z?I(Z3QiBYS-?`7#`6eE?NYPlUw2#Cm|H}NKeYkJ+F*pA>%#hS!Z(!x2h0Q3KTc>r3 z(O6gX4r<1DZ?8C%K0Te|TKY!rZV^?Hw7gUS^d^pK4r(LjD5P#D!X5^+N0^^VpQ@2A zu}=zov1@rMpIL=*6?A-yL3cx7v9EPF3ddsJZXs!c3{0?QJZD$mnHz zD7qt5wrV!3Z5G}Py?=y4#R`l)mjP__t%QRp9^UnQ~4eLNbm8;`;Zt}f*{s^yK}Yfe*fx3;!Q z=Uun;ze_P@G&ME-f>yL(8x4N%V{Iwd@*;5_1d?c$D!6uW+1l>v-K;1U6AdC3&&_Lv zWrpVXYbTt0OAr#R0&>|r$$Lw110dxC=0w*Z|88LQL~(~$T6>IgQ*#D|(}EqVj&p`H zd@qK;#^(-^7+8jJ|6!M-ibAjjQs9{2#6hvz;yzb9gE&pTxzTl_T`6FVDx`vs#23Lz8hUzuAK+&oR5_}3r9pzTvAp1~oYolfCT+?#y`(va; z-t!oe_3%qEr)`wYeUbC0CJhm>8CC#Tm%kGB%^4zRrZ?FWGy*&RJaiLu`}+FSZLbNt zMy@H##2D3UI3EiH%OL*52Xxr3N&|C7K3~_T#nsDQ!wJSHr=h=4>RDJX6wA7+gP_6 zc4T8w76mZtOOP;4v%m=A*Z+?+Itrm2ae&pSI59J4^jQb<69c}xlyy9AO4OyqpfA#O z$;2J~6^}c%$Kh5$_780;^lrWIL7m%D{R#G`X<6%ik@9-Dx2C&vn^rg&fw8=GD?JK;}lR*yV2OaGpIfL}W-`Ritp zjn+Gn&Yi8$h@th!K83!*uLNjF_V)7FTFqZpc)cEYTgTTH2zXV4)KI+HRCQlRrElgm z^xno%=))0kb06Ab%MMo_gc`20G#$om-&K_}<`fitfGt>cyr+-@R)pQBP1Zo#lw^IY zeSLtu5MU@4GG1+Yy?yDm3<#5+)+c@z*tnQQ{gV(%puhzuoFh!Nq9o?hztc&4#f5sm zdT3S16AOh=lJ{S5xlQYOE<(a;C4G(yTO&~$t3y(7RVdit5shM?OB57G5lK{p@_?ui5$u2N7dSLdz(V5fMOg?nB-#ih0ZZPn-Ym-*G{ zrfu~xLl6;jr@RhUs$R?ZaT z$yQa#)S+p8hb`HIp}tSX&Lu7Fw}=tE^2+aSN``}4W7SAyxv3AY-)&C_|MtKP{93eDIksZo9SF3vnNlGS%LsfADgpdVoo)RJA#fz=5o)?IAl-p3G147)WSAfi!E(APPt3 zYdX-fOruP&H$iR+UJpdON)}W)5za~$ulaVk$^qiWA!uS;W;rui=jyknlXONla+N-V zJ>zV}xlZ&(_doHZbrRWnf{5}R1P}Z{UXkp+{PV%UOE-t+zv^FsJN3gTR*;sW@R7jk z1`DW21u zi^BOpgh{RSAi7UV#vgsbR$c$i_b=X()T7M$^~Bed_yM-);qlXTA1l>NRH{GZTam+{ zS(=kcRtNDV6(4M0%VX0w@#71ATgbZ@(42@%Up9sVA!Y0+uwlu;q+k&X9Fl!pUSAZBI_cX96(u_HMG}P4;?^T&m(yHJ#*`ee6hIj8fp?pCJD2 zG}c0AC-k|+)N>3{FwUt%UvZk0l%^XQaGg9PT=3GQ&gumbm>f5HZ$)Njxi(rzsYgS= zk`}1{cosBv81A#-kkBe4z^g&9tmEV3e=mrD($r@QH}J&UeO1T&T5nX@m9qS@wKJa_ zY1=PJH`z%~Gr%LSB3TJFk?1zM;xI1tiI9i(X*Gf*0q0zw0T0HLe4LKgP7@~#`XKht z1i)Vy<>wWX0X8#{CMU_`%elQWcatL@I?Ut7vDAx{fRvmDW*NVt|IIRBRE_W{%6C`c z+ie|lqD84&1*zecs5!6oJM8w=Mt*cz^of|#uYGPeYdud2YB2jwKieyeChXJ~*Cvqx zF;OKso_eSaB03HGJ}yZ73Jk zLjWPe#mD<~m|*5V#@U90CN?$mrjzdq)mUCXYBdYfGi`H)7S%EDLvHr;>v_G@X$ZmR zS_W=v6GlX((-CWza5G^$HetE=vmbv|V@mPH48x4gABYp-Zs ziwWKtKSCd%vMii^Y?+x;;cm2JGdlv^7l^Bc1_u1d0;#|Wn@@Vod4+6;E^_!kE>b#Y z7edftW6L69qc>53uA$d8q^C8A%=k4va$p6(@^|grh-d!SBYZY-XLoQiR@xZ+2mBEQtdr1w5gVezJg|@iR zd+)-5 zRqc>h7D#MCia@-A5iEEI!3hMKg2be_feFI;*xhma5Zi36w#z!h>42YH{*lo$tF!QX zNed%3cPSi1*Moh})6;qJTUT-GW8xZ4)p0mes>1AplCCk_$y$3s@p>ERpc2p&o;Ud< zNd~$I0D4&V9p7bw1A!S5vklKkPVcjoxKL$tB47i8p1`b&sN=Nsmt7(rm=P}L&$iIL zuL??%?2`#fsDB*wf{GA%rSMGSn2PKI>Pg1!1&^+Xu5z_2`vfAiUOqQTsusuEpZ{{W zl1bp*Ol{_QkK7&PS<;(#6zV|TwE78j@W|U0G_V%u-g8XkZ5d7~wB+1Z{`!-voR;qz zAB)qG2=EU%Gc|hX@Qsb!m6qZ}0Wz#YE$@`u#)ZR034)oI9{s;@5T^9P=(3%CD?{j} z+8@_ac;WK}semCA8br57>SwDEIahz1N2BuPbY>H9&S;?Jb{R78MV=qbbv9LMT%uFh{%RpCEX@DxtXfM` zGim(C53HH$$i8)jxDruO(GS|Hx(ksdg_`g)sTC$mzHxCZ+PyE8YT%qXk+|*d(-I^J zuo!UoboYl({2w$5j7fpO7JfwpW*#oOMk{PyKGNwDI#)P-{%S%|<>kOR=!EmvDjsMb z&Q7wWFABjVe&h;cuaDTq z%>j2!(E6J*%@TEp>j~4z&bZse`tjO)?Yo{R4p9H6ojoS6^n1^W5#ksJi1|Fz`!u8l zIG)5*d^s8hN*QUe=%-DX^OXfw7y7`gr{U3Ld+?Ac ziz);GaDFCT%Rjs=P~M1AaUiesbrsh+43=a2eL^4?8GTUPL+j--6rJWw$FDh27sV8q zNMA!&%<T$HA+&;f^cPaY%U;@MQq1&NUz+7hT@B2xYTxqp8VGZiY1QOzn7_Ux0^_-apj*e|snv95A$w8zfYel5L*-j6NN~R*HL&b5|xf z5il4!6BS3%lkLg7)U&WK@^Jn`r>UKW8KnvJz@j_*CCcZ^e#U4Y0*X(vaw)tHE^z`F zCVsO8G&-sN_&^_q@xBkkQXD{-Hu^bT9rbw?(4E2Y`AH=l(!UP(6-`**$a2SpNF^V^ zmdKIq0~_ZuAFaeNhNmc)`@Eqf-})HKIQjGm26^?HgD@I1mv#r$<-r;2QdM1p0SKkb zLGuhPX>9xN0Pro_^eOPwV0>5rIREbekcSB$4fhChQ4BQm%+biw!u0{{nGd*rFi|VU z{(jR3&D4Y18M=4NER8E^YBmSMttl_(4s<7Ve8ef6YnF?+Z#9XRrtS|i=Sy1X&%di%o{sYK{*7T;VP9Da`gVwFsov_NcigdxD5-hFHZLJXeXA4Us+ zw+JP8KB^}U#=b+0_?f@?93Pg(hU#h0xRlodtI0~Ke#V{$EMb>WPpO3f?0>WXCZ_6q zh^;%qh}WEGuuLeWWjenau#*8iiPZq-HAdw1W{mrcW{Q`c=_En zbtJdM25JXUV3f>t>frh|T8q#*p7{+XxAg8D__mbt?HcmFN9DVo%q3hVn*X6Gb#I7k zw&NTCbJTM*{+r+e=ocz}M0?@EK^<4sC^MMj!O(!VCD*R5(c{JvJHu&TFuy6Oxc>Tu zz|nA1xEJ{N=BfMI2N><0KSwO91$==9Y_EVx9dA3;bgs-6u_NkznmDzsa0di(5^7i= zf7SV4fjoj4o`9o-UHT__EAzBQs*0ik>>Y0XbKm^-T8?4Nw|BtgkRP)pUg@2ZCic@E z#s)vf$o5T5O{aN%p}#HIm);Zw*kPvMQEd6YQkZTmI1Q^=>sY(z-h~wv;G!?DP&d4_ z$jH+8e#6s%F!#rsxRyCzTt+Wi`Q=)&)nne|s|Ng?+*J3KTj=q+7wiA$gC6)`hQ`;y zd$+))XXgZ?d`S@=MmX98y@o5r_D-tzE`8w54X1^*_#Wg(bIOGXWF2y#NAP+D*y;R< zWxTJ-j$%o!bSOQH>dXpW!Yl+2j4%g(=Au~K+08jAB5Giej`ho8tb#3k;nAJ+)wrsW zz;o;QMsk{X>3gD)MlH%8$k@8!@1cY39y+v&T^~@`GpINJhVLT0c#B^~QvF}Y8L5)C zv0R07c+R9j;&6*z#Ei6Xjc|*OAdI15g)bxOAWutA-2$Dm+jFFYefH{AeY<@ke5F2< z)O?0~To~BATjUkmfN1yl%|A22qF~3kxx#+Ql2-DiL}KP_MWkcxeq7J2Jk z@5gPFM7f6{rZsweD6KC+3)~)Tc8AM`XGy1K`8a>z&mQW8mRML^&)|Ay@ed z7&r_LUNrRX`&na8AmV>Wxz0ctq5xlLw zmn78-2FRb%ApRl%pM%~P8o$nF5^NfELLAtJyUq*L(=d*5{KWN(k(pEd;>z)Ofj}7= zdH@G1e}CJY=%S<7UT4#?+@iZEYRp z^%2Ss$-yhW=7;iJO&bFp6cR4?Q&?GHa-aOj{U!7THk8V*YiEvr7}$Z5;HOYpFF_L= zL=>SJVue@~u0n{2|e^NGSuoQ=ZzIbX-_UNEi6h;mar z($g7!mfbMO+75jF8}KimjFe;lFv#uC+k_=)Eu%gx7~ zt#|z_ja9sjf=G)bAXZTP53x)ip0xrt7~3rB?Mtc~m`4{5V*X!jeRWur(YNjZL!)#l zp-6XkH_{!_9RgC4!T^Fa%FqoGA`L@IjKm;PLw87bh?La*@ORF+=RVKnZ=U(SZ|%L- zdiPrIyY@jRIwU$%5Tz!=zhA*>2L*J2;>YhluCX2m?BaxhD;^N@0x25__PvX>V*t96 z67sW=GJdSN;);#bf?>?$V#*;qe_7#zyZp=Q{GG$BLb|P19!TII?d3Nqw3&X`Ry98A zn@1pfiC+SWCr~aO5sRvDmm=kXE{C+@s`pAkC}INw%+MG!yP19J&*+ZU3PT>mOm5Mr zG&_fMU(S~~#F{peS+=AM4uW6ob3M2!Ng4zClNJmN3YqbpipmCR)mQVQ+BF{&`yaJ; zNaDvP9E&`?3OZS91%OrKKLlDQ`%qfXNd{^PMhAMOy@*55HX{NJgij%!ERJRAabSsj z3E0G%PP!nJuJ@csz-A8RzFUW2erlgm;mdPGVZv0Pd6WHpyF-(L)=4)Z|G;zI!LZ+0 zFDS-Xy+X#Z6=XZw#L?hocHa951uD2N`|PsSovg0d4Dr;J=zZAvjXzk^D*zV>q4iVDIVx@x$j| z{NM$el%aOtL?gm)K{s$C^CcjzC$58LOFmBmjcR!XNOXv!2ZADj#LyADDoGO6Ta(rX z%obzpece9XMy0y!+?C~_b@G`=1}dBPf=1_k$#&l=Rx%$-g-r#GYGvC3`sq7{PYef_rABb&U@sO@uGh_&)}n2!)Ch*qo!{y z)1G{7Ih>1LtMWttFW<_#Vq8nLK#Lg$gR!IRe z=PMHsf9z1TL;Qml5%IB@@gYxC(GlPEfTJ@(=ojo}bev#8GwL%i zzd18Foju{hEp1k~McBk$*sF?(EX0R*FxB)m%=V@s-TULhS%*7A-_mzJ4iTVR3tGZx#qDCctI{+fbpAm z-{AUv>HL*1N}GwTcoSqdXjpivj6?*gMa1Bo@PyA^tlaW`0OQL`o?N#XyHGph%EpLy zrJ6ZEk)$f@ZNW|zz9AmI>88iC zZ~~|Af7qDoGz*<~Yq4sPL>#u$cHDQPX<1l^=azzp=*EXD@2JP(u3Elw3RwC z(0-q)ZEMPeSB-{9@xJEpG!qH4=GmtC_=Q)U*+tSzf(iLM>Jw{!CMN@^WX7{1771lV zG-}tS+%7y3KZ`D~BTQnnzoDkn+%wcH;3Yj+t{&4<4a3+GI|u4|R%|QK40ut z2!-5jHSdo=PjZHux`L%dYqmuJ6kB)ufcXEb##Z!D2^h1;nIiYzDth{iHq-y(4fE~5 z7!Gg}=ashPg?vWIe!K$1t58y9R<}&|uYFsD?cR0EWxtW;lOWTZSOu08;%X8of|5k# zQdU#`ikQlQ4SSPE;;i6~c-DpZrjdM^St89M-V=F8s_NOZ6*zpBMnjn7QgAJ@wNGL% zT?*ObOxX4pfdDr_O+$?(oTiNm<%f#CNBc{%WgKG%vB+tA8NWQS!`>g}n>IuSwk8$p z>m$WCdTe+$MhpubxFQuXUe6=ePw%5PH%Z?d7btnRe(Ahl`gXaN!DO?1`xwq4Wd7l_ z)HE_O(k>E!A4*j%f*no7%arVFnv!=|Ro9&^ZGa9JO$5u-a&?>skr;y|uL4QMLo=PV&3NN%l}wB@ie{2#Q*X&&3eNf}Dw7Lg zLe2lEFl}ps-)a_FE^34-hRYfZCgsmjTT%OQst#Im2(<^r$*HLF`O@WBZ?o1S|Cq$< zL=}DG-0F?na;-uMd`j*wIUw90u|UUUHe|tbxVbcwy>I`;-+!QU(Pd$OL|{Y#yNzD7 zlwO;!OsxL3`I?#^Moi|P0{bpCreVhiBas@KA+v){NOKOiHT+j=KkytRyz!){+hG}C>vdonI zx(BpuoBL3hdBqM?jcfksTcE(*;~UUzUgvBOLC2ahy@%8BTZOXF^vg(*&US3j;)aD3 z(db9pPktPu$gDwXX&Iv|#d%DQQ$2aueccWNV2=48?{4YhGgQ)2jSs;DOU_T93~dqDlY1+x#O(k(Ifq* z-%}VH3+gctbL$u8NwM-nwug`N9NuEQc?4M-^!a&A8MI`N9iVAgH-|(Y>Z1*$@YVcA zU7GD7X!6QLRACURd5vaZ?9-ruQm>iENcDz5ZUNQM%tNL0a)%Rkc(Z5><@Uo`<_c>6 zAzPnx@Nnu4t@w8uV|plyrdI8GQ;Ky*>D~Bhw3g&$%(il>Vw|imznb)lS8>joWa|_>_&F&Jdl%)QPhtMyp^XX0UMe3Sz9)~l4 z??FI|V&ciy%>%_cv4~Xc_rzum*4i(`Z4@dg%1W7T5A?Bl*Dnf8HBVt+U&|I%F{b!% zdcY|N=WuK#zDb^|)>(d~q3GGz+1Cs`4g9qHf?Z>9;5o?LyJaX*h>obUGh1FUZuDoG zw}#cc*wDQP?q`+GMtWyPhYtokC(c*m>Kh3(Ol=?h?$$%ZJQTy1##1Wzy=6{+eYgt` zJZh~UmpyH`?+6>$xSRAmrRKJ@EEN-}6lHlMSdGNDIiGpzTItG6B8sdI30Xf4a@TKD zMpoEfKOE7Hqo%zi|;q%$}flG&Y^*F z>X&}6xjCP4&^R3!u`?F)McOdzFuiJqeu*N3s)5$e*e|1NgS@K4IX7UeKIRG9+x8WU z86d~+Qqy{yA}g<<$5A1lV@2odnmbjuIS13Tomhwj)|OcixursQ93SqtGas7`IhFZ0 z@A(2q?4<#vGE#hRA+{q9x`Q_iBqWMV4b=R2!6g!#i`iZAC^{d+=^Jg_z z>l-54b^Q*F72CC{zUh)6kU?}F9fXe|k|MwN2jW zOUQ=YI6{o9cj7I`AEc(Qg3^%urRVakw~7P!f&sL|HO{bju-X^S5b^ftMx=>4p5gKR zxAfkR#D+ud2|8pd8+H2ae%Q!^lxb3quk_A{Z{#YpIV#~4M<1W29S9ttvsB z6zATDvG(c(Cmvt#a-81k_R~|Po#%q4Fpo7Da(a;lh4y&Jp^tdsGHjM6b{c1D;Zt2f zf|*Bu-%(w_++|MFJwE)3^62w!jnS>K-I-sAo0>`;22kYPNf5t)z~|y(^rpod_crl0 z^lZMJk({%~*RzQpzw+*43c6G6#2v1-maDt6HSKL~csdUU9XVzAI&ckMJaAjm9?Tf% z+oP>?q?&~PHx73mFmazsd@7I1T+_;AH6rvB8pGe;ZPyK4HAOD$VF zdf>n*v-ffW?^SR`I+R~vIldOvyVMzZjs({k9RN*`_f#gdu%wA4De((3%v*Apy` ztpl5{UdPkkT*8OtrPLmK-*(<5crlrU1?48%4g8#UZx5{x_Qgq8+olcaBr31$z<9fm zp}4R?YV4TWr_ul*jym;+^VKbN`}JYx4MNC3YNU?6qgF%C_;Tug=?UM#`8=&!x9y9} zwUM}Vg*0)ROT8q8XHgN1PyytV=m^f)peTDX%hC!vc?l(?cXhg35D9OFQE0@SWP(B{ zbo;wm-c*8b*4@Gh%OW;8#p!Rt7xXn85neIdw8_#38tdH@Ij5+vV_(F0inp?iSx@@^ zJ$E^HV(BM<9SZ3gB*>rAN(-{;OK**%?jLDoPZsV;WPiiv`^a0}p+d7YufFK^n_QuN zi;Rr35v+7T`6n<(>l(-&B)+lEG0i%s3njo7?_4kNZ+*gPM#iPDSGp04`Wx=2Z!J{*Pu|1UGzq!{sRM|@I`FL0tr{dgz z)6}L<$(<0;$1?&2eLqRgK)bdJQg6NG!Jyod8_+OmMtT;M%aUJ)fWFX2C)#MQ^*F2< zT~L-wnpE@3wZ06%Lbj$)bK_Qq~VQGL(V0@>1A;BZJ zaDL{L*+tDfkLh^5332C}9uLUD`+97TgQ-$-%?xktD755xfxNPvGuiUN@&VWNujG9I znRk3y@gINjW=Nyqp;Mju4|8+^rYh~Od%HVXK0PM+?k~TQLDk+LFUjjFdmoH!^X50& zd#k;;I}F~vf5eV#)hbOm@l3iuR2YLC3s|P-*UcXRLZ=D#9K5YIOsDw%w|L^3&qrBc zT^mQ)6iIGrUe%=Z^&Y%`AoH1Hg!~!oKWjmD%S&p_Fg3pkdQ(f@7fn9JP?o9r55BG% z=dW-INi5r=XQ+>ttBs62;jkpg|{ z8&Px38*ycqQ52DdoV8eC#JVkpvm~Egu{@n~LLT=C#ymn&Tc)0ULD=p$eeg)1KJynh zbcp2i9}R4s)#g%Q`^=a9#?{|L6?M~5*C6G$sA2k$JRzvQVN zvWS$qQr_6{;3`*zp!Sn7X2`t+2o|8Pf{%h2Ot!NRIA`18v!fI5nE1RA;Op@Y+Dbo-7c2{+GlBN+n@l_7Paodax?cZ@Emb>b6v6XayBzE$5dC8+ zQjLSw>jALs|1^0#5U#{R>UCX#-^&E(@qF;9qsDo+zPZ#hv3Ud?w4Y0wt3c>#p$^$y zcK|(VI~_iiqvgmz)9P6dC##oO&KhKKHc-I29P-pCSL+M-{Tc*&ll=%X+k3$$3mj;@ zt<_pNSayE{RVfMAbPB|hZpfxFEPR@ytQ{@hci2yQljC#2~nSsF!B~NH7 z*W1AX6x@o{VQ(Ef_9W}J1(!pP(gLcMeh`#UCI0ZDj5RMHAz9?Y#n#u1gh`Kos4S#- z53!JF*8@~{oJQD>b-u<^*@m&j#D5FvKK)NqaA#jS2cUZaRp~H$c;&LsG|%;%e?_!x zfive;qU6mne%AF_paVeII|67(QC)J!)*JJcVYhQICtY`}C6%wQcu!F3*$?$))bjMu zluy=gaWXY{bF8O6X+%0!=c}+OyH}_($q64xFm>3sgfT)17lCrVB3|*E9TJRzPCQUI zb+(SRg(t$qd4%(?M<%b!3H=L=DtGJbQIk{q@xv^TiNqTJQ$t@yUF!-C`!GWlG8B{B z`k>qjCnrHlM)(_&n}ros&ETox;%!KFYR=1Z@p4XQdsF1PFNsAkH#QymP-1y=yT`(K z899GQ;406#*NEi1`_1>9Ll}n ztFp~-IZp%XVYT#UkyDP}(EKE_pHH|%fx~bz5BFEIX)5`gc=}guDSTha@P54YP`uf* zV;57(O4q6w`B3ADu8tF#5JA8AeT4VGDPCpI(nR^tiZ?w?cB@gac>5*pV46A_g0NUi zbJ~-Psh>cqkL9Hn7DvjbDPvUz;|aNi^UT9c%--uqC>`&u)Obk=qr%`On_fFar-k$} zJZ#i*nCmaGzqZTee=W2J)NZbE>HP$xYK=w*M12xD0WzoW*ATNKlBW~x0Bv)&W$vj? zQRlxlI#_j#;Ne^iNM-n1zA5AK;AADhuNqYs+N!%&=KIZjHuyfT$hnB)$k>(u)xdUj z&nzF)T6WdSE)G=Q?oBhr!J?>bP7)Fp(N^ehWYTX!(9@^Bu2UAo@T`*O_+p*xy!gI& z>Nr~7&mBxfnKbq!Kuajndun7RZex>yDwOlzPlT&!g9bHUYv$jckEdlLu zHpi*SNvrm=sotm*1KGg9z+Nx=5Zb})=roI9yOulIgaZE}>}C1#!4SQ+s8#A756v_N z$3_^eprPSWrRzb?ATIjTL7V~Wd1=W!xp(iVclUOYNI0z`S4;^N-y!#PSt-pHAJ>Su zRoXw>{jZK8pTyJt!GVP4{`a5!q2r!yevhYi~A}q;#N|BS<9vk+}!CUlm1ujiuwPffrF}Z4W za-(C>z5UWx=Du!>%lR8cdE7+HJSt+$y8#25pqp_4MviZkxQT<8L`CJgP_c7+k*UH( zp6TUsIXHGKAlT`qQ68*#YQgE?ZL93(-82e3^2*%45Flkn$V;FUouT z&oFdckN)B`tIZFz!LtrgVVlJuL4MB7Lx;~_EBm}j`XpSzLz6uDQaP_XSOGev5zLW= zjMHR+#kR2_g-KC&aDUV&u|%>R`AtaTw437tZGh#k4N9(KuUBFA&0i+J0j0q(fUTf* zyqTQ-Brk4ZDl0q=uHpfeWkSy~VIxWM!}`3vhh@}&$e)@X=n)Qo^xl}$Dk?QTsO|<8 zu7gj{xM$UjX%aDJUE5YVHCD9KF&voGA8Y~&GWm{(1FiHJ*oJs3oL3cu9ZvGwqq^}x zQ!}`F#AzQ{%!4U(p(BJrBI)bOdsM132Ls@#<#1cI_%MM|@t)9u>kY>$WYgtxTPKbp=n^-Rq|q zQ8Qk=5dblIC#7e!RH`3@ITi<(wlLDFZnLfuND;-zj(_D1jgcRUYtH7o6Yd>^qL>=l zb(r}8xNPx1?Y2MLqfzL%?&FjWR-~+&F74kDt__ z{{2&yfGesnEs__!w1aVft(*8MpAu10rU{r-570Vid_BP7H*Osl?P9#Q>mu$G$RW!% zV<5ohH^Pfg588MRazJo5M*f%JIh38~k^^KfxWp0~8!LCC{0u{#MIJR&e#km(^XCgi z%N01vkBv)Vb7K|~QQ&s#Qos9f{M5ZKIANPH2v+C`e8*a{sV?KM8}&bXpVPvzWPXt` zKHi<5_;$+l1y>YGJalhONXBmZJ|V%*Y93H!e{G3HZ#7^pk|5xoHff|CzjSs)v^)XJ#1y=qmuZK?(D{6;=dUd{t z-?8O>{e@9Q!)9hp_QVY7vwVhMd+u$aPu*M5>m5e!>Pm6Y)t`tVdv5?I_(Z4_y_TDx zhV+I^O>T^Su0@duBhh|_7z{X z*QxtZjk{tDnn(4ki*YeD1U`_C00U58Xo%MVaxhAS@UAZSt2$%^1s`>W0?syhC~g@d z`V13XY9ES~%;6k>K2%a7Ipa3(%47S(66ivKpDZkXsjVffw;w{F;Y$MEM;3fl3L?wI z+g2%8i!3ON6^W-@We329?;{hBALkC5e_e!~e#n)Gto1r@?@*QC!?i&5vNQ>c{|K7@ zn-O6=(|bIHoVIE2Unf1h%sPq?^6t+S`7n>7mf#fh=%31MgJ@-ou@~TPkwm7Cnks~l*l_Pr zGqIr6-pT$tA(;@^s>zv_CG~b0xa;EF*80LbC0dCFDR_VCA5;>>I_&X}f@$`&a26;} z^#C#^``6pLBF94F*pU?O;~Z~-&sv4sHgaAs4E99|y$>J@)g#K+d_@e3j5fkqDF?kO zGu2>ZJRsw<;I}R@9p#&dyIEiw8%aoES_ou}IL(qe0Ow1MzYP+Nh7&>5AgJr_ zjmc^7(0c}SQA|*t`?mF+a#thIaNysB*1vzv5^m2jt{OV7D&JdO{q^P)KjI(sJ83zW zEwCw%>UR5g1Sjew&&&tDh8G~Is39b6t;ilJE_f5+jb@JLNaWzZOGynxS-^wfC$rvR z@8d#bmUpT&PX^q(m}nfAQQ+$YQkWn0WhQ>f^L(71n*-h9Lc(s(vDXlOafdUFxS%#{ z%NNrd9ug2*%=D&vHZ_hmFf%02US7TZ{pi`Jx2Q^)M~^$GV(YgdR7~&U527-Ohc1qY zK!1$yG-aWvqhZM>ygLdCJYK=5P27ipe;Z9Xh3p4sXib1(s8pz5s`}3QTB2i~#9lW* zH%u@?5hpm2|3~d2SIK_PT9srdMdeXj(SZ;{UTV2?R|=3N~CdNclH&{(>PrZNDd?dS5!Sm zRvlFK+3UB&=_HQHgnT<0-LE%QI8>TTL-GbTG$=%a?5@)-@;)6+yGvUeEqZo0G@qV_ zoMzlEo}a%(NXOIlr1{?d)9dscPs;;QG6^W6+1Fh#sn)+5Ar3jUON1N$j86*#RSqNM z_su^s+?lExhB4Cqm>;sf&Jd2nJMSsd96q{o_`BL>`@R+!&E{oPiIra({YyD*%ldjZ zt`F-9Ms?YRC3z#Uclt&;cKP{cCnfG!h7uPj+Xf$mN2f3lWgX#@J`r=koSXKNYmOE) zJ-~c@8mCHTHcX8>q%(~&E$z$KxMg(MB6`rews{y%mYSF1|4SRT{!V^r5A_m0o{)D0 zb6g^Z3xmi5@5~RI%?=DR#&7DLT)5>EjZhy|p*a8P%oL+y5xRC9%=HdSgnpDuqw?MgUsQqb+w?Lm( zv@rhS_ti}fH8u5KW&IL{@a2}04P07s3ZZ+L`xdukDZp$#sW%omI?96%_c$3W@|yUE z!sApYkw83mq5~3^`nQzI7PmbjVWIP=EH1y)fDXcD=AU1{Oj?B%948!)wx?m$eEhm6FHdSm+HDAX(mOnvVhJxdGAogd2eVS0MuUn)_Vz|2Z> zM8rSM9ro7(<)+JS_OBf1-q2PoL2&Pv(W1v^;bToudCT7xTo7gRwEpX9YC}KI72I$U z1=e^$1IoA@pPap;jf7XPJAeElu&Lc`Ajz*8xNKQ4Tw06sANWl?vUK80PU-tv30|yx zTcjf1RfC}sS3QIxPIyyis0sijR^pZR0dna+gO+8_)`5%>4~foHIaMDZ%`GY33~%77 zb$s+O?>Y(GzXr-7HSu=Fr3Qh>!@s9knem&maU*u#Jig*Wt$U2aolNR~=9;Ri4)@Q` z&nF`v(Q40FmGZPuzb#Z(xZD_T$y-6}-9>KYy((C zS3gj+l(A7H2uf@}^GX8Dkl>Mx!lk|xi5vq57>02%?svvD$FHqzI$Dbt!T;NkzDo6((&r zMwxI0BXn&^I5hoq69+6&@R|wK@b!8FZ#UH?^V?zGFjfV7vO4P-)R^z=Z5_;dUbg^C zp##I{!!@NZQ4-Po@kZWu@DJgPC34;km_9Y3GBJvY#;M6xyYVg`YlVQe+Ufwbh`|xp zrF~aO1bitj{pll@ouS|oS{s>D!PSiR8dDoteZC5=PKV>>fIQQ>n&-9;aLZkcdC=62 zjbz@|z-enix8ls6JIpvZ%heZ=|2?ikKj-%#G;yWBkG5;?{$1HSK(*il{LwZwHJ!H1 z_`m%+ES+)&)Il!&4~%#X1<@J+tvx{~9ROl?>y+tGaBSng_0z_Hz0pd9d+6mz3R*q+ zG*(TL_)8CgqLLp>t7t_@b>Le(w}PtlVWmc2`0i)8q%n#%yEZhk% z6qM{sN*y=IehAZ4V)zrRbSJ!U)cH|l$5i?3l3Qg!oy=s%;}MLaIBJKgXquO9)(XTa zaIlb?<(*jC+%NknzA&#ltaHr=acO8ez-3l7+Y44_ddrND2h%CCRAE!wvK%_QpZ)W_ z8ysR0_tb2aWlTHHc7MPtev&Xm(<50H1ziK@bMfPYxaf^{D-4}Git9xwrSlvUN6o$G zvDoMoiLrq_CyP_eu-A47pO`*Vsos}NPNRpMC~0n&alJ|?SC$~dK(M+w8%Y;S6%$Wr z=tak-sQ;r{Zfz(Lh+zk+>4hB*lA6CV8yX4yf-6P4efUjyH&h@Os~Jmpm9e`O`GnVZ z;u3qShuM)=?ckdHMW<8?{tbRRLNPQzMTbHLcI(04`2V zO3mtu6@{=Pw}DZCRKVF`xGCp{si|V4<6iR1{rZ-4zH6JHo0AXeXQOI^xo1|t0LLUr zWj8iW8`zllYFYSpaNru$aTkuALb5UUlalQR%_tIL6`uK%QrZW|PV&#NfCHe+mojxd zFtfdOc7cBOyh2V_C{*V5iUReGn{dt~^~xjXv~8-sWT=j2BLx&q~>-h=y%Xar)Yo zhS+D894q1~$2eS2`1&->w>2&6gl*!3kgnH>xtN-*hlutz_%(G?`K{;Fj?wXNhVVdq$_~gy$#`x79G_`qbwe8ueG$bg8}ViXH6B&(j7f^9HsI zBV4PsY7S^>4uT4_j&rLIOgSB1rB2!#wf9+n6Fz?>baj2pbMDD=@b>^_qVpao!PpkF3H|xUm?D!&xg&~aX!AGwU>YR+zhWb z-un8Ur=~`)A4X-Xt$VewEirN!=SW!HNW>Jv{N5OegfU)ZPJ^H#4DA)p3wI3mjPFYM zJGrrtbXj=?n31FY(UMMfot@b3geS-+8sJt&0xz9sh@Tqelb!^%YH8LmaM(U!CoKij z($kmBa~UrDK$KDgG$9!~2kK|5%xa^H$*ULu0}5yPZwtDHNsLI<&P~%o+-O;({^mNM z&hO<7_=YZL;*v_V*_stb>@qrEIzG%{D$03y^UAPuYkA=vkDINpiuVjcMOq#gquOtG zu$W2)YS1l|V&u&t1I3R>KpMt8U1X&cYh=S!$NB2LR`AAXkRwoi?eEYr3hcZ{Sy>xe z^?M^>elobW-R5k!IY*bjq<5Exu}s%J?T4wexJeoBCTpcf3s>9LB7niB4YETV@N`Wa zI~?!gy*Qt|0v9sE(+FTm3#_X~nRo*-U><-I9ji)pEa}K9SP;=DEvN36&P$#IxY`j(S9f4M@ z!vX*zaQC}fSwg7kk370xGLn7301TZUpY!|ZrPQi=uH!CfBlJvO@~wjuED+?MEr-F% zBpf+i0-`R(xK1o5qGcECYnYx~l!9>Ta{jW@$u{}?Ik2O;2CkiZU6XU-+F>Hs`*f`M z+8}_H&ja`n#!}2PYvYyg6Wj!$&jRI-xB?!v5SwE>F^zu+a`|k4fqY!)KY`5LSRTJa zgDa70AXPZ!KS8ZyU%2V46dmiS7Mp~Xh((szG^l)!yFX}-fwD;{<%$FqR1Hg|~4Hj4O<&;yPyp(g1%R#W9U34e92`z+PHsNw@7?}*gBMlf0pZrq18us!GVaWPoOi~ z1Mpy~>3;U3!T9NPsCI6rmtPWJbp~Y#9bea2YYHlCtq|aV4CG0gyh_F9=H#&;;4M-h zi8zVQxUp3u33tLHWCn;KL!K({Drw|YPyEMj!-U^BI2-w(28F60F-B6J=x%3pd%-z^ zpOjVolTSQQ4)HlA<6}Vhim>wl?sXI=r>%rel_oo;K+y;dMrglI8PIXXQXqFM-M2A~ z$%&i3k%%aldV1l76V2}JWgo^w=3e-`w7RN?o$2u!oX&%^-8w5UI8Lg+`)pTnVO=-` z{TO$xYv?Zh&Ch#H%Db z7W|MU{5UPaL75{mO5GvGX6;Km{3L@a%FA|@p|lyweMR|@5dYfgP?;==1|F$zc7L#p z40uz89@8M+%&kI*ON_yNjmIw7Egck6!Tcpk+ zGZwc9mJKeiq{T$URA2(UA1(9Mf~~C?M=lqi; zCRLl-4(6Ig6Z+3|97>dXV;nl)D#1Bdqs||v;yS&sYhlhs=%ud+ZWBC2d|!M{q3^Rw z^}+GesC(+kiHH|>>iy~W=1^AK&ljpyn(dNc@G?6qO=5n`b631RM8hH&ap2s!@a}fV zRH|a2Id`dRT|teEf9Vv{WQ+#SveBiQ5(ggmD7pJtj3|u4LCyT`3y{&-H6a)1a<=lM z<$rB#o@=W5lM*U}0fZIW6guKxs(5)t=vOE(_i^O1G>cnxgKlLYC?-EB_&3q?eh6!^i1yng@>!|tQFpP@z*iSZDK#PU`FY8@-F;gNVjj9L}Fa4b1j zW%tkDH;eUK&<-4Axkl?%{tc3neJC^Y!*+$Aq2N%%hKp*Fi)6p|17)n$G_ku9a02~7 z>LwlPhfwH@r57qJo;GcH` zl!;L6yKIO^5N>L^zuv7kF4=C{H=S(`IGMz4vI5UhfzUA$)0|i!u#4wgVgP_R4W?j9 zt4+uV6_5G-1VW4ACmHjdAF#9%U}@j?FYj_{8z~Q?BOkH$KZmF3;n{c>CbEofhkKl{ zME(b1egU2v8Dp4pO%H!|uU67E*yqFXFszb7 z?sOCjD$PA5xW=DX7*F_5eQ!L^QoV6xnMap=5-D3iPQ#k7m2bL(uBFwJIc_R zXdau4o)4IKjKbEa&rLKYvfeA)9Ip5bG@ZvW4HPK{&1|Sf>~{h<*T9`gW9=-gvXGLl`;()OjoXa1#V*G{5ODKt;b`go?%Y&0a~0U2}mD zR3TjsV*eSzv<#T!uVM+tbHe-x1zONxa^{)r$rPXl3;EWoj#$+r4CThwN?*VM^+MDK zRo~NqEJFXv2#9cF2}l-0HYua@4@GCr~K4ZJNzSBc_tg8VOiTyUr7e{$A2Syn|?8EH`+S+>Z8 zSvbq0q>I6V=ry>I9MEew`QE;GHo{&-oOCNvoNQQI$y3U{lJuXoM<{Q|A*J0YP6V&7)mT zFeSPSc~RTA|7T-uKWwZ7BeZ0h{Ks%2&`{k%7b~#JFo0u7QCOTEgOw}?Axj_RZb@tD zysU%J(V?Fvc#2|`J+}F&v!CDm@+90N)lHBxcFkKe(>Ce8jbN;GvJz_o6~)ALMCigN z5RB`_JGH)t>cqxA6fiJx%rh&WZ2gL>)E_9z zhD)CscUndwt z<3Uu9R|vd7%@}Yw7Wvvo5VWE0KNcvaI4dn5r@yOhiu2bZGgAznvjV>H9oy8_`ox@| z4cCIhiBw*-&w z%~$vs$Alo0>7OPYZ>yOqO~G`)gcCl`^(Qr0C?>X}q^SnRtQ*8D-QhMZ{UNTJH|mVu z+WmqkCPJFr{qHzYj>(}tOb6xmNd*=l;VydOLUcO{vVNcuPljz+N}avQg^K+QKI4MN zLTG2IikKS!hVVenTyO*)*2?keNKtrO)74mNYNjt*K7(-YkVx+PhyrywH0p7$54C?; ztjE~g96+$abzIxX#j^DU___E8q_V=lltTBAQg|nxd;z1hcK=>EEo9c0x1J|H_=YNwW$sQCCPPfggB??d zSGI^O^mw!7^&-Oh=0Oxb2HwjR5r}H3NXzP-W$kJE=XrKp7SR8U5)3cDlI(}Y63L=gm3G>buG$YDC z%Z1A1xLYr-+RwPP&85D$tGUD2~!#bW5+(E2Es0FXV*BGL{QH(XR?2Nc|IGz>sXs96Dq{EZ zDp9|f&xa264x8IR%;ttKw-(4VKtOm{gQ8{uBSKVfAIsGw_ZW>Y;J*QNrQ@PQITB_k zZnC`=DZ`22V@zVh-`=3u@-dfIQ7eoMUG+936m-L4Ha`7YA>SU0yM&MUokGr!HI~!D zEm{FN6I^vXfa^}pXSI#|jwvK?cKcQjYEtv&`*^+N&E>+*_|Zx|3{df?TZTaOJnFw- zPWe5gYUzg)8+DJmB|9V!W#+|U^u)|1-rRu(x4esx(#m>gtaF@FQkv>$-pMbDtSGXW z5hnjS!XZ~V5KL>smx35Wo+DEprUr~yC}Vi@6vAesT-STl5Q3VIYx|MCy$ro7x=+(` zVtbU_xaRS}=;uD7fx5pD5}#!Yv>ctBj8SLE)xNDI=yuU)0=?xAAihz)p1#C*@^sL{ zRA1?JAo3|Dn4$$>aRc9#%v&4%G6*bqMo(dlO4g@f=B9RXFdz(Ep~6F7+9MR-lOVp- zL$I-h#m80-*qJ^YWHUDQJ1?59kTYnumK8#)AW?%TcSZf5+3RT$+Saf8Y6egT>P%d5 zuQl>S&q8Z3b?@m`o*##RmIS!w(E(vNplbz=D12o5PbL%~A9C>Hn4fd^KZ7?r0ALZe z>HW%`clP7UW^g9R6vL7k@;QvLMc8_^XL1*3%DmCcG9;QUHRTmDx8A+OcC6@LpIgMl z+6-^S2J`{N2&rHp1RVMAa7p8eOMtc5AY4&RC*-lG4j}*?`7>Ozx_9c8zXU7BKS=80 zHcTALbkfXxZC<@&H_}wg5FXVBB$ z7&2slnZE*s8haIQCW_3gL8sEU27_a&hU)gY;*#5}2=#Psvc_KN1C{&iCac*%3x5CK z95U0+b2(^`Sxw5Wuvx*y4OZyo2Qr(dpv$(d+6iDlL_UA$t(qsz-BTswzM#kZcIH2N zc`)Ny9v*K@4}bqT$f{>+(y+c+x>5xwd`f_mf|2U@DntCtq1W+~$)x{H04i1a-w3 zgo*klDNNXUGYC3rN|vb)s^pZ{%XSpN-+xUYX(085GF7>iVp73 zpmddvEuH#3dhUt3;=d8BLvsrk^pydT(O$(xG%9nXAzr_}PpWXkYWo6oSGBL$L(o^S zKqLaRT%EJiE(x?!9uD(eW+{INeO?V9ICV?ZTEF3}xw-WWs)CT2Gts~LQSjmZG< zK=hntpgxEeP6o2K_x~gS6SP0`cF;Upi|#CY#~IAS9gWVB5e$M{$Sc_0yvOdFY3v=` zE@MfxqZPCJy^i~p|5pmig7d<_?8bM5XZ_2?@~6O~+^{OZ5bO;f!V=KUDDvf&fy$R<(r24dtu6e;H$^E7J9^x@OiJ(g`d{}?q&3 zZ_WH!+s+NuD*EJD5cl`RZF)6DuZLM;p~-~JXmBw`ZM&Z(RXY!woD3jjvmd#MPBoH9 zTYxHe(yQ!^pNAebuey&VL3#9Yz;a9SoTQIaVm8T9DV&mKNxljIQ;jW>1~b-Qx}#bu zYCHf1M=XBOC8~6yV9E<6d7oiNkG*S;DN&F9XWkxwI%>Ls0fJ3_9|>_ zPX3t{IO+0Muxp5;)tl;C-u(Om zApHJ`oXqHwLM6=71s=3^FR_)Czb5C; z8NPg0hMD_vy7)YW*k~DQ8AbW^Dm8tT(QIK`6`iBLhKhkg=3ZfUzrwRhaMIoF zu8U+U6d({R7nh&F#pP?2!L^M`&A9IY*B3i$n zMqyujq#^ib0C`7E{FjmYZwneNs6i%39DM~J5zhp>0+e3S=S(0C)EY_%dVy=0D9~tA z9=N!sMWK4VfV69`+yk_A`DED0z^JMXn5k4P8H(c&@SGibAk61nrxqKRZor`oo5rRC znKYrN5{c*zs;FeQ_#j$TVaffLWFme;QxApLjXR9n+m@Ge+b<>a`gAp=!ZjtYinjCr z+Z`16KYM|=?f32o<4dg`9#^z;ox}Ab{fjFjWEs`3m`q5`k2kskOzwL{lF-a&9}!0v78%W%h7_S*Z`Jpc z$$((3|@L??5FC-~w{n`W_IM;raQk`p%VSB?10 zA?WZAQc`vtHV5^D5M}FkKrPjmx&il+SSdsBmh-sOD0)T~s%uF#wFRocT{#o>b5tYz zAsh+|?ySaInP%ic(1XZP@+Uk0ZK0wZI4cN|H6p|)FZNX0V>$zv^K|+!K^+@-2N&xs z;`Sdf8b6{(`cO6%OFPZ;KU}6{+1?FTZLw2NL4HJVS5U`MIM3erlaIC0bSy;t1BjrC z+RVkz`($64fsf-1g@tsUu1F2j_cc?(^*6s2E}WI;KI}632#`eTrEIV!6fd63c}er< zIzRruqU{4P)ADpS>wWScejV8!uzO|+BTxlN1ga$=ZF=ASg6lk2$|NbzC@@2_`vSbEHE)JoKye^= zKwM>`ZgkvkJZK5^*an2J)I!04{#zl?1#}OtiTpo|y#-JdT-YeQEFhuMCEbXmG}0o? zf`W94bW0^aYQI?ur`^5NGs z1LDt#Wx9QO-UvCkB3ZO?2XYAUfWUK@U&nG{AkP;X0g0osH#2G5J&qrx0aHVS{%!Lq z@n3#kD8>z9`fG9TPB=p(NpM9Mi}hUlrHo?%3{1|U-Kg58zHV2xOkON<+b}+RcS-*v z50E}5L#clLGoJK-Sal0oK+0&81~_D)H0{;t%_3;ls&FSZ#B%$SM@rQX!)b4ctvpP^ zzUtJ?K&>cZiB+F##yF5*0UfBn@ zudpw=^^QC*IUqKuGk&|fLD?T640rEG&UAAB%0=Iu)X0oFovSkV_BzfQp)qC|x95lhF(s4ZT5VC`Aq4+zaoQ?9| zB7_h_&I*6B(Tkx>+2coZM|GYPL{6mt#N>Pz?O8^Kd(GEZ@>iDI+; zA0R$VWoOCe;6MIm$tMt)LVvV)dT}dIj65fdsgFo1s_9y|qB^Uj(}8Y_>&9rMkz0Eb(dr8b7GpF7z57$%M4kV6#ugbV zH&r+#Na0dvv#Y_#2|2~yp8huF`=yI?B^s}Kc|FPF7yh6 zF&cPhvPQ}yT9Zsh<2wP{H!vzcD~zUajK8-@Y~X~yT|ZRSkzyThSU0&EM|2bB$Mc=$ z_n9DAXv+RzP6$3~(1V4WDJ@R+gl+-*8*^qt7?(YZn_?AE{z#L$ShZj(h zFT|=>X+x2eUYr%*Ah>|XvZzONGiTcyp+rE7^6SH$2zk!BNO#{4EiKc;q{PcXS3%~3UCRilUuIO16a3Vg~MWELL9w{;`ZGvB9Q}<9a||i z&4(Q|n<>xd8~u7A9C3dsF^6>@p?t=GcL$>4aaR?EYAaMSsY|n6OteC)?1mxsL+(3` zul1o!CJ5}|L`#3PAI!9Krdp8FVYP0On*cYZ=pEjl+VAds-EP9Oww3;keL#j-QWWeI z&qpRqG+2(U^9=eaIPvgB$ilTRSE1|tau%*wDUVJy^)7?cURyP~`z>AjCZfD3(-O&O z91%CCZvZueJ*nUfP}3BzDaN<+ly&T_zQyBp>S4#m@+`1zTkK~4S_m58!hb#l@&NPD zID74{X{%R)j&|3kvPt@s}dB0q-%vL&aAK z*^cG?38`sj`(2FD?rj|rNUB3t;7?1y*gsk~xbi$`&cw{jtmK@$<}NR~F|YqYb*T31 zt;YrEgl||?!sTyTOfKCCsmPzPbbso>K{{$WT>DwUNP! z{x>Vo1_X?ls`GbJ(^l&pICz>*>W4$^e!uJy* zD;LGkH}BeJ^QocAZZKBL+&nLY8f`0xM%1#>7+U{H;r3FsWHN_J_|Z+MnH}ji5v6h$ zg_C!TXW$L$zf2vZ08smCZ?qO~CMcv=iW2jyP6Qi@G7sG=aM={0st~nYH2d|>-C7;_ zv&j~j5#d?FB$5^oCxKfLerTrExoP;UMQMxEZpRKBdSzF2q>_Eu>O$ixd`{`G<1d)_ zA1BW@ZibGc{N0Z+38<%qrK$L@!n3!T2=_i-52)pB9kvyeeQ&Lol;yd0TTc2S=z*cf zHq+Nk{m*dX6ls*u`#$%{is>f`LSH)BxYr1=k`C&xypUwQn~NE*2FQH@3+R6z5Ij#^zv+w>O$dqXePr~bv)4M2W_U!Lb1s(%J09m{Jfe_tnlQy981`2`NFjL{ z&FtU-DT<26k@vlH_$74YisXer_BSR=@>ydXmTSa(ez=nHM#my==vz%|W^T^q>c3J? zo%#MSi|DlG$SNX^Ahr0-0?B4pMOvh>bBo#pm&<3cH9nlOCIZmvgxmRt0o1n2z3u zn2gPXAVe~rW{;?^@kp}h$&A11VojpcWK}woE3~3xZFv(47L}t_aC!0f*x8CeULW$3 z(zFQAhN*JSlec$5?v1=0PtEMYU(kXaU~E;hLT*|oWB>S9^w?+_SGdt6A45dI zfDV(bCdy47R!r=a4D*k5XHUtgqF(s>f%BcVB_=BTR`l|;+rV>RzQD(%0#tP^$RhUN zW-ht7dLD+=hBErpo7(?j{^@ndEfiZ6L~>yMX|837L)~f5_@cMsKse^e=X_xqKY7~! z2io3>B>AAcN1KU0$`yV2!Ub)sll_rWPbbk6XMX?liXat+zHttZ8FRViX!tWn z8Cj;h5C577%oL!*vcf7`Qh=PlHA0+;`1^Xh+-0K8u1L!pL1K-EP&$y2?kV@_b)~bFBB4Etxmi3 zdc?kFy$&>g2Yv`mWR?eYS0D)V-Pisl2(3s#pxjv7_kyNv0dk)2a`RV~oT))7=qt^2 z&}P~o_tyBb9XsnStiH$9_xT$2viIX*F@`|e4i^?uUcCIvuro-nEjo>Ah!zP<_Zz>P z`KWc`mEi-S+DMKH{s=k4^~cZ9$)zKZ#{taL-pmQ4){dY8QE_flB2x^cf+Dg_rq@V0l_$B(+(FBjf)vIFtn($8ljT zHZVWO!ap#dLI3r`3nR!l;L~mB%mr$Ddan@v8cb7 zlh8N>t_iu0@-P|i8ahn1;yzjy6o^PdhITGKfjkKks~v(l|H7&y601alBArse8^KP= z_v3zws*Pz3lN}*=RJla5Pz&y@HLk(>a38V9cvTt&G?~z<7WZLdfom`Uffv*8|K$uC zBMBUwLN$2z=UNYr9M1^hF%UkCGAj5|S2#>>glN`=$zOpPO2X%pSQG|)r$39;?FV+3GjC*;cZ8#jdia^4ZJ9r?i7krMm0a>%E* zS;E&qz>$#Tw4w^58#plHL`aFN-&23dv*^&rC-6oQ$f9*aM^ z8TvHawkrQS&H)9Hg9~{sIur-LA(W!9b4D4t(|-A;qY)!lra61dek4^Nk|D zw*T@}81G{ME#fWO`cnmWXJtyYpm)20C@~%4eZ$4Ep9Z}<@J%g7*{#YuyG4QQW%yXJ zl1NynMR8YEDMp=?G#V(v)zV#bH`6sOZIWS+sno2iHQ#EynP`4Lu09~>fuMr@^)Vz( zfys?jE;L!a$s$U`_sqBMoP>`lqkYJQ@Cb(Z@BqR73e4`RLEdqWKq-K31_<50#xAk= z)kj_CgchChO+YhZL`!;e9lqdl-8&Y#v`RF!adK1@Ls?~}@mGXGiNKj&C~C2%=Vd7X z3BnM;lv3|8)#UeQ zat8jrVXM=7Oh*(0~o*us6z`(pC?11 zH3`Hrf{?mgamx=E`jZ9fBFrvc-X}kdPt6?ub&?DSI_&V8)d#Addo*|jrq$x8A&53J zuFz&D>k|>lzs^b)G_Qxqe_D#$vHuVbzIqI#56AfU%?nbt?_N94Nz|G;8&uNW+~s{L z_5MPCGZg5`z_RieA^+fLc0NAoZ5DdBID`aB2AMg3FY2Nb7HDn=IfcH$oe6=6w-=$a z0Vh?6F82Gj&)^#duL6w|fs!Zh2`wKDYG8Abtj@8CDEq9;mw6kv{ObTg-~cRD+QYce zu#Bw*l!y0{T2Q|y$r)(2$4DXq^F8*9x{|E|Y{d$)l82ws7MWk7&Zv40nlk}N3(yEe znz?Aic9s=aTkfEn-}A}iTD!A2cpA0!T;*SqK?Rs;XB#tB(u76SGY~AqauZ{)6_4+8 zlN^dSj&T~Q(bYmlsY*jzLKNV%4Lr4}fC5UqMk5ezPKx1d!XPIl#qJJu!}eRbV>Tuu zdvurOH>WmLjI{sm1wfO}A^}S5*fI!4`+|@f1HlSxeS*bc8F(EQGIeF^lBdXi*Jap~ zA3MdBM+5`zfI^8jBeLu=8i*!Os|pRHnC_HIy0}VivC!W3-CFT2t3iHzx_MQcOY|S9 z=mQ5~zH=^%mRW}tBmD!oBhb#Ar`mz}bpk~2RERH{u?lrF3FxgbFBu7jyh51)lhIcL zJ7s?oUH;pVp}6%zCJI%NMwH@Pj0R=aM%wA1%74Y|Xvmm7wrW(16B?GXMYIJp3Ol$f z2G&Z%_qn0<2R_^z^3sb0NWC%UCtq(P{)Q@tgfCtnX0Fwe zmVEQKSMMMRT1EF_`Rk}|0&epf46luq=VC2(#YVNheGS)FGrYD(E&S#m8FfQMQDzt*S{{~3`GC2181PoN zo4j3Cq7d!6`z7%yBW8-pl*z6CN|e4P1abINY=TY6Vir+qQ=rK(@N8ajTRqQTAB%$E zU^w3KC$^UsKd75G3R063uqpH_-|$27UcWbdV6V1ey`Lxl_M-@lHSX$=_HQW! z^79bTTKaQukIZKXe7WpEE+8=fkcN;D9Tujh$zphIrT}8zh;=$LA9G2Sb@8TJ6MN)c z0D<5E)KV|+^*fK1V~fp$tkTyIYVuxG{e#%K&-8tXLv27}R<^qT(UifrAc?QBpjd}jTA2~blT0N1(H0@%{zH(Jqu9dg+JoO3^F5DcS&BZOS1!t z*sp0rW9S8M+8tNsE)aO~=N=f>-buV3_^90C%Y znI`$by7b@eIYUUzdl>DojK%zmc<&Z;a*iNjK=}s-rKGz#A*eXzMTPOYQ)Y@fha>1; z{QuB`UIyrp+-~mXGR>dj`Gzy>-lqIp@R`Z*;V>8$VyeR zUXMl}PQnmP%T{ZpI(8V>z)}drwCE%W!U;t{;f3s8JJB!ndg>Ji&`kxH0-%_m?1AX} zn6kPw6hlbLZPfCfJd9z9B>QTt@4KEdJlmbHP5`O;fTv1Au`G-#ED(6Yc zG75-zj{^+a@$$tFEjVy!fxe0Mr6dGg($1(~6X*9Tto*ULYyJdL3#os0*P)h055Xi$ zFgqCm)+0QDN zRe-o38wbJQE68Ah`LWGVu@t!JqOT%Pf1!&Wjeyp2EQ}gWvZklg`kt^fPfrmJS5F$< z2{p14wR_j9l+_Z(GmD_sa>psK_!6H&>-=jxoYZemY zX58s2IaO6e7?h5XjrRki=j;wm`y}G0YrJVszTBw!uG#&7<%#WR1v;sL3;xA+jGuAK z`N7B2&6b#K`qMY?*172#I|>|;HSWE&Q9|%M-#DdfC*3GEnosS$k7h$GC+eO& zqVgE|u~LxvrJW@+(tX;8^!#N1WA(71&GCE3*}HlZC7Vqo)x3PG+3q*}*&v~C*6bxC zNbw<_yLSEo#E}ky&np9ePX$lKNe3ASJhGxV|2DKV5QVsJmedpH$Z~!|oD!S3eo5J{ zb38cxKBcVEJ<{Z2GlXX0w&_o^&Q#j`ohYyDO=r9n`t2~4_`N?F7x+WyKI{y(pX&QL z#D4%wm0wEzQ*j%O--LSkI=KG*OY`Z5O_)c^Ndl!_T_w9wGv#EXdkCgAONNKZ)Qyqy z#~8AaWRJpvNfL$-S@6T}LERee@_fB}buBv3JYZ%d@(-(QcC(8gj07{m zY8=?U?d)cje)#PCL&ADzA|svq^)znmnCAxr#&AQe!MgFi74*umd$BHml4@{yXy0*E zyS%qc2P#yBMYIvE+o9#01cTZG9KyhLP=mT|rwL03eKc2LKY<8WY!B~U{Svv7=p;Du z>bgT;w#?DYGhD~brbCmHy%nMJy@Bmszl+MTA9AJeZc?FX6KWBCgD6BwaBy< z@3&?6&byUVhf`s?jC+<;7u3948PGtE)5mkP7rN6#q7qugP)yy}2Ki z)=`pqrBqSxV}Zms^_8-rJS9*HgPJ-MI4S^Tv{4~)nZiY3Fjgxs9o=;E%}C%-IpUbA4I4E2iUD$U9QGT;h)F5yf~ley4xMoEb&!>7=+?fW6*L!l(NE8;(2G-p5Hz;|&BkY1dPl(szat zmn+j46>7YVwiC^$scvhMFVseI9-+pYQe9OaC@9g;ILgoNAFJ=nmb#rnvgykhwWpP) zgMO<q4n=wV+cNjPe!MMUf3U_PaoqmSna+&A0Mkb8UT7T05Iv=$=Tfo-dms03 zqVuUf41c<6Xy`^XeZ!>V$Lozkq1qmwiM3{qmosbc$>X2hVq+_}8emrPh+prk*R(Wm zqibEc-A4KNGhN_XjPG8K!NsKC<@xuKa)xM;4WS}cVF~q5gO{f*mmd+YrAsRLWU?k~ zN}JrO%WK=lmsN1cxZ!iRy$)<`Z0a!^E3nm>#pzYdOA*EOllpTnE`nBG$WdF_J!n~B zuFpaDmW_^sDwQ*CvVs8^@3mgUm^1ET7S?~$QG zMDS~nN|g84jZyrGJ#|=%)kq=PrZi}hCl?R$9q_e`2z(m3EB9-%vvj!VHEB_dumA`6 zxPFOxQY)A?9=P=N!0yQ5YvSS#rF z(wuwBKk3#-h6U!Y3WlZS(Pn2C&%}2I-LthtGsgG-%ro7MnPvoy6^nIhN7O=UOlyM1 zalWo;+qUmm2)}pX0$z8h|0tFJL_d?#t3_LWeAuEBjZOfoN#V#&BS`P3a<9ipP9lx| zmmPK*jXTuvpu1GX?$6D2=OYD|9&a>UZ$yLP^Y(i9h)Lg{?tasR6`?ysj5V~96J9csa5Os`RtRR8 zMQ}!&Imbt2JgT%9#srqSQ!ThMH#yq+aJ2rQxjd4yq42G>pG1J0 zc!@|i_3h{amy9k?v~0}gJ(trhCcjP9*y-_EGu|2MQ3|krhlpQas@PErf&rOd>$ue+ zIPE=fNBW_*5)D0%V#{0%W~oVm&G5THPST3r^C}q=y?F20=cL8NZ`IZ`Qu%vV<9$tC zi|o`j6P=#tFK0>%6S-wZVzQc;E=LNn(wnVDTC&dNg}yql(Cld>dZcDPK5hC*6<$7Qh1drfEl@o&EG=J8_5Il49=6nV@TI-TDNiU{l=V(ps-^Skt!6 zCo^&LjU6g1-FgvL3cX85cwY~UVtFDZ16Sy}k3#L+ z(y3HcgQ35&jlu}^a^jLxNU(05=z(Aj3KjqlWS!>2dfH+6ffgebltcW_{( z^B|>Y#AiG(|J#f8{fa^H#;-N*kLcO>nauIs7mF1eN1$&$(Plpa>-n6zt**wY+-WCZ zv$1FDT}&!oSetISv~PX$t=i`ut7Z6ow(*&~5#chepfMlYiMl@Bbn8s1lTU=IAQiR{ zw`4$ZLvX>_=IQG!tEa)=jV6#vG-|QjHjUGL_(36`itjoV z`&b>8dNA&%nVOP9SD$gYPRG;i-eS9XiIpjo`RQ{aTn>XUo5RiL5vN~^Hcxqc_V1*L z>>7+LyC*tKS=$MdzTV4wf$_Lkmg#x0S+zP`!60A7>q`PYvWoIsdqRIE>c~?)K(rVn z*NHAfAK0Gw1b;qv#N?H&QesKB(@=IXeLOG6Iz`z!$1=Tc2fA=Y`Zy;cvvL{d82)VK z5;m+JBG=OyKbTcf_#iyAke)W2_Hd_@OD_r19yQPZT~uS(c;{?yK(%BrK8_hyQIpzvU@uI_ zr-vYVr0E^knXqsQC~gbfpGPHKL|4=n=xIl-xqKGyM5zDx#%yUGQNdsPa{Tt_S>4@% zfnEawkiApBn|LFq{il}tQnB|9|CF>S8yDM^TMtO#48PL2ER#^Fg+=5@W7K{Qhe)Ag zzs;ucc5Uhtx0vW5lAZOH^vCuJinAH29pxswnl@f1!eSz`DV`Bqn~O%;dYxP=1Fl+= zS6H9luo==Tl33prv6E77zUV|WH>Q7F;rl|>@WVetRrwNOB{K9k9>VP$%2um_JYM$8Gb%#DzSCAwfUi21Ef|}JDolKfjZdXtW>$@NOOivwI z9Y!~P>TR&5`Bp=G;W`3Q!b~7esh+GeG|C*6NE+{-)^BOvf3>n{@7N#h`nQS*zY1dd zrYw01drW}J?@FBYXrK))(ce51-)ee}WBjGrV18OAE9q3R4ug9Nyy5Foab-`1rfmnw zlTrKguM9ET^ac7Z3~a=U-pax@JbK=QboYB|x=6^@jn}XG#Pk%(cc`a zO^cAc={poT-^tZ-F9e5*ov`A0lUAuAnTT7lt6Sa?Thjcu2`76$4!u<~rF#A7y&pxT zb3hzwH4QsR)~|BCM*u~7PimHSIjUnc$%#6zSbKe-AckqHV^P!zD@OmR3vgL=$Gg|* z1*1C)VUJj9Oh4xqLleYh@Dh|FO^X`rFbIUiQEx!f}_f5M4gXeHb8UUVm+wz!f@CTI!(+{WOH?DNsUA*dk+ePErpHEMC#B4p|AIJ{ z9v-&Enw@5_@Wnx=DOoYESjqjKJTi~L@j?Bhy_rf>A>txosNY{Pf-Yie+p60uaHy0-+WJdVglHyy-91&0FezRpO5;iMp!OY;$ z3s+H)ssv9vb&WkhMC#nVp|XICtD>%NB}$34?OXLZxwH(GV35w`4iKj}r5L=Ij$?+ZRPkoSwOOod52cwFef!MLNc=i54W{9vfgk)We@u(ZmWbW74b2 z`#R)|57n!(d=!@GBo#gJ2E3m4WAevS{8&ix21~wU) zuf;kGk=>vLv}f$@RQY2$o5h>~dT*_F`c}6SoW*(Rv(({SD0O7Yn3BVqJzkA)Wx?j`vTY)_8Jvt0jiZc>?@&DrMmqt1a&4D}xRN=te;IFKe9v%*sh`|B=XJ5MpBts2x4Z_n%8*t|*5uXct8ut#X-5Naq_Rc`x zPT1WEKPL2rbVlZ*+g7^zL06x;2k3uiDB{ga>nlOECojWQQ+y=%(__{%DTu!eF|7v{jb(^fdhH&|7v`AgKfQgQ5<$^*Bwv6h zKsbG?j)1Qh?4D>0wNy;osZc&NENvs^@7 z`y2vJd9={~OdfQXKwdD*!_kqs--vf-c6U7Q$53RcC)L_ayg5U-t)HBXk8cbun(qLM zUaXPiC17n?QdL}1JgOP6PnMKfL+-={TivV%4Q^W{IhZ#tHp3GlYFAw-EPVz?Je6poV^>`g{#0n0k#&GJM&;l~ z+yNuX9^NMGY*H6ES(&N_ah8dJ<~$WDQoJ`j&EuB{Lc5Q|tsG-MC>9v@>k3kgfU+5N zcWSjDY2#%E$7Ge&{#mt6Dnxr+zgm1IyWY9>XqwIIPj^3Uzz^Vf?1X`uwk@-$cmU{( z6Vt{{nd0T|qeq7kR^H8gd5>0e{xmnBX$oTx<$6T8X2!RA=VeBw3iIOLV(sd}yISpv zgGui)8W-vqD~;Fw;As}%=?1me!TUJLVz4q}0w|>2XSICV`|Vx?5g)7z+eeWgKs#!) z_S)L9KePwqzVI8n@x{qh{?+tc)3I{S(~ZWw-Jz1r#N!j($IBe`x5FsOcz-8+B#!{p z!I{r;z3_^#VsP7$U_bo7fX#vGm64rAjp~v!_wYw0p@{1b!!$)E)=YVur~<8$v)qbX zlX582d0Ddh!Vc|c_oR%={=okQSp-wQMX)N51mE<<{|)?+sLeQxef@m?1|@<+OYMrX zDxVMk321I6BqeW@cb4^b6>=$HT~ zuzzCegdA!JK7t2VTz>Zg+-BQjRX{TlY*wY7*yT+Bl9$Y=N!@Q>iYvlr?_^ByvcYLL z|8V-`sh#_EzS@N@qK)R0^t>b{I=3(KzggCp8K@=mB_;*K&-ShJPj-N)TmvP&L&@va zpxY7g2~h&>u$w#*e_~vUA_Gq)*R?;AReZb1;l`C`t`@Wd-ZzW?5O9eAhI= z{N&_~)GtJmF%^{~Z{B$Hg{6zEQ!E#Y?;aOEAHU_kHfC5#bm6=|k!SHq*!;_%0=%&} zIKk5L%?;`=PObBg`oRe>c^`-C^)y*nXUkxxFq=OYX9|;KZ#&e(U7J!Z2sa-s;$wQv zp{PhgHThbaU8Xy!s(nq2*N54mUR z5)%(TR{IfM?wq8LUm$b?v~T{?yDG^CJgrFcsksGLTToJE0tpy7+R84+=lO@quqr@? zPsNA=Mr4uN_cYYLq)>pkyPtee(`=*f&1^@1)3|%I^h+bX^Tm$p@mqzTvx!LT93Fap zb>-FcCJZ6Ff%<2gD&#h97jrW{Keqv`p>ni9=5YHRfy`Z3#hZ)}3($@MOuNTEh|LAD zj7@LXWV$XPQXzf1@u1sY*CyU)+wAyD$NCOVH)n$4{7BI|+A;7~rPv9&|rgPCpul5Jc^IX5GCm+vZ1Z>yxtEU)3T1tVD zbg3oF!6Wry{2lOyaskHL?zVeKuki<1(#D@%C% z1F-OL3CiX}!}SyrK}!ph9YIZdBaz45Dg1i3icTO6mVz|IOY4Y+y)n;Dft2qOK7abz zYdP-iXS8*;Uu+KYHL zR+UgLR<+a9P)$=j^1i-l$TFw8N0{`c-g&oHsds&I_N^#q$b0;h%C%R&clAfJ2EE>K zF|s3QFZpI!gZRTaEMITCOe^@)wq-T zI>o!m7LB5Jz(f;$<=x(|vD2=5B7Hn&M{LK3Agabpo{NM|-I{u*+I;rROb+6K2QNiA zW5Sag#rn-V5Ud4c|4~MkcDEo@0dxpqgWT5Z1#1U6ppf#JkqXH~^Sk;>OvXpvE!c2v zhy}_k&h{n;L>BY(qj^Gq@j}i%#8W(?TZ(EjM%4}zN2$@U)U|=~Cvm}s;#X*EeoED|CNSAs<+Bf_#K zJNhuWES==vde-5AsZdO z$)zEaB$BA5wias-q1H`mCw7+mhegXAo)eExO`?~rPap}*e|(uAU>E}6sCbqupibH2 zEc+f1v5NmilrQe}?Pq0OixQ2KrW{gDaW9=JvIQ*lqt2{!yI!K_SN6!+X2tnZ6E+O_u^Qh$ZCN51dc7Ox>Qjzi znuz@d9Ay}p-jkI_<;1!N_?KtxeX2U5i$Y_H7&MSX-RcMb$lmdB5x;_#E!5oD&@P&l zmdtKBhUxLnToMU{;(HOXh)TT#HCQpb|DNA^zR?1lKW*VAW=fzx zpw<~JLiCrIGp2)hDOUnzwvDD5OBL}6m>$)%|LULqqm6Ock~pI%82St9apw2&fLQ+N zJNVP4gO`V;N>+?qApO4!bR1ESz?P_)Box5{UC#VsilTo<*d79YiBr8df|kuQixmO- z>NeZe0av~a0|qeV74bwnnR|LwdNkv&gLQ5NeHz=(`Z=wxia5cw}5QkB{lqI^S^&AqUJr>OswRB`Z zZF*q=5&V4ZBnl$%g_~0Z2ISNnm;K}K@=yyq|e`yjYoSu>q8l>|e52d7d&nOYkObIa`d&hLbmJ~?&n0zyelGhF~ za()#80-gf@y_giA?MRt65=%9mt~-s_BC@{@W;5BbJi=gR$O=r0&lGsQJR>|FOo=E- z@y=m&4fudD_dpYVf~_z~#JpFUJx@VaeH^5BaBtU0rvsnuAz&FbkpN~3S!}!0qtKG2r@oNl6Vjv{tEt9_lS;@0e5A5)q#b3*4Fic4*0d1PYZo8olr9G)q@4|U4de(3gbYoX7?&RTI_Qlc-7`Wo8JjPC$b;NDZ z0s|?87JiKP)BTO+y$FzW)441NTecqR4dwskFVGGF5&3eb=>=v_DOOC*j74_}uatC5 z>8L!)=5-2zsuqUFw~Iub57HKewX9?hooKOBZhOhvV1aH%o}I3n-AprWNa67%@&CLO zyisH!2pz$kVK(v#3x1MObR$Z%@Ap*?ThBoNZ&cR*1{Lb7>_O?$QfX}$$ed*;VLB3v zAASAHn-5(&&iSZMk2Xw78y=06(Gk*<-9qoiWG;au0kJ`PIB;pGVf3a#BM=)tz{e^f z%hpeiUgxp?*4qR~z1^WH>a*|Es?JS^ol>2Xlclru_;c_q0T3uozXKJhVbrF=`*vWI zDtmEz2VK5IRR3}{{!a3=f|L&%CJ`S937`6pjDV-1ex;L8xV{|b{^Zv(RqWnD_DBl7 zUkOo3Mr2@YI%cw1MM_9LEP2xs^tYem_4!)??4~5*pTzM&?b{9+r;*IQrFs>7IgLv1 zm${J41>}u<*kH0!JdPE^av%BSy#=Xk{5bG?K30l7rZBXL$W4V7B-o9r*8teS>-r5g z0oXy79#-zw-yPJ(%Z&v4=>d0NEGu&7mslq+9zvf-Z@zDTzrhlm1YJA~L%I%6OgMfc zjU6EE1LRy(fRV|8W7Jk>{&e2Q zza1}bTnmubrt+d0zSWH+TL`FYP369pO9=WJZTg)9|?A@d5Pw5+X^T`O^f*7nIm__y87{ z1HjL&tcHzDM$t+J9mnrP%y;CmGXg(}+@B6&!IMOy(>@-H^2th{fNwaQh2ElA8i`mX4#Vo*nUO( zIN7^6RSnUF)^P?l4=kR6g}X9|ZC?7*pgBbWLQjZUfdui5F%pk=`R?piVZU_N@2TRl zD`5R#34(v}HAPVX^WqeYc$@(#^Nl`n$Bhuq>%-OZhbmG7<9plsFbB_m@?S_slLg2$ zelz-j1Duik!V)m2s1$fZnK=`MfICj|07;*wPJCcowaxVamt8pK{hr6$LT)pS=y%Kj zUtPkwRcuYf_mRHW*MI;dc9I}qa6q4+tj&GObc4V&3Mjy)#bmoE;9LHkjE6e|bco3* zKEna$b-`r+4u*=JG51`EB6FP#v0w%RogjAmys!(lWP##QA}M0437k=wUnVA?50{bd z?^1X#kg2_EOxKB#7perz1X_d3bHG(AZOF@XKt|D-aVFM3a?=?l^i}=HBR$Phl71$ys;Hh0SGEB4Lq6LtkLc8tdX(J>LU`s7f z_%v^mpD1u-daF1ifLo$HwHEb@s5{JXBfy29!^J^1e1%ZEvPWVgX| zvCipZFiN!+gL%po3t|K4hw>X(LX3`P9D>Odx0^*GnXm_0ErU~;fUWqcp8pYoMnI&6 zkHFqBFoOwE@CWBo#+MnuDOwR$BWDbl#8kfGsQu3pZQK@sl~ix_4qlVM*!w+~>7gx> z8G!f)1Tg%$rwXOo0#_EmO2hi8fhvGEx4&m(Fkfo;2Q>;gSyr+DHTgF@vq=Ae0E-!1 zet@OYO!t}sc?@t@MQktXi*VpsK&};;IMR)GpRYRa`+M)5J9qAk|1snF?7i1sd&ToS>mk*< z)1oMwrb6Z=Oo?KJ=jG=LEVXsbivK5h78#)LE3B5^=%=uN-+BD$sMH!zLgUyLD>%2U zBsYXqo>|uaEjYeo1*UWP46qGC;Zh3d=|+AJXFImRmGg{Fyw^rub(2VQF8^pZF!vO~ z=mOzBn;P>Hs1ngbqAc*gd>+)$A}qX5bKe%DJbjPe8Th7g)>d+q;jX#Mxu?HCigZPB z$aTN=4{td33HT|zWCx@#g}Ii7DxdV$*tUZiLJy{ZkD$-NG(jzUcG-_r@=jRNI&yN1 z+S}a#{|+!mfVX>X54G7|OpX>jLLKA)=-4NMYl3aq4da?u7|@=-7wY}LA=`Nw`| z=1~O=$YHCw=WtQv6Ke2OSK6Ohi!Tg>Q{y~k=VTFg$x+x(9os+LEj>PAS;-gzB?Gj{ zFTg_!z2B`V4j7q={N~kd-pZ}`->JmDg>TLs@_Wh-oPe!a$BwqU{`dVy7wJ}IkTYuW+M{UdA z?$@vIGeMHpsZ#(X|ItPHnCL%0i^*00w*~aSiBf@S%*Q_*XO^dYVXl2xge12*#J>Q58!Om z2xK zjoB1{fOpIQAge6Ck~)g6(?WN~-P&=@_Y_c7@r~mdWJi&&Il^JFANa#4?tc6c4aRZz z>vIoFG6V=1X<(Z?HS<1yLXRh>443IS@U8+ljJ)62ya3CsHBuJktt=zI`?T<9ZU6l) z$e)zvfARXF(tqiK-Ldo+?xNQl&lT&@_u4k~`P^BS}_- zqS@q}!6Q@vQ(mFWe75$EfKFoD>&*x%mvEa@WN6f1hIcCH89>uKq~kRu<=xp^x6+e` zU4Ed6#>6J2OUsB;R6`Nu(gY8oA1h_@bJL_gnJ58v^n-W{ZB#&}>_bX5OgGTK_~0+% zn)ZC(lf%Z;hKQ%#i%4@83gXQygp}K3p*38pjK5MRqQT&y5=J+|d*akZvoNZvL};;t z1qtVht%q3P@>Wq@Y09WumPZtD6si^8BPfh*zf8`s_hk*e^En6%fR6fOassWVSn=+j zsH1O%<}cS_j$sU%WHQB^fa)#uQ#n!+(5`w2pv2&b8F!oGTcKe``1DT*NHL6)!SQFoZ)<)V2k2sZ9X z3xL^~7QubOu0oY0fV(5J-ZqPpOhfgT$L#*F^xJyN{lg&B0C;AgcQ$w)D(i2f@V6Pw z0}mW%aCm{nK-Y-q(G{T3M`o&y$w_7-g*o+njN{^Y%gPSxN1D~qD^ehhmukBz0Wt|O zN=70eH705p(>WBv^+ezK+f*F_{~G{H(GX!V2;#_TcLUvT;zQ)EU15}AL9uG>C1hZ= z%cz(h_OwvOLVDLU71yXifByCs z0v0FUFIRLLND`|vqGk0^sq;ilCX3L~h=L=D;U5+t0i^WVHlTmlUsI`EL8RU+iWGJe z!-jI|n^J6gs|(?^@^-@sv6Kge)Z{qNo9|xTQ(m;jbI_JQA(I$9$ELMCON#L4#LEUX zt252w{F&P6^3;-fG{!>SowrlpL&%)^TW~hT#klgroOeKbGNki$+w*rv%7rP2jV#}E z6PsK25(mkv`w(ys{?I0;U{idAP^~G?QrLlRpDfmd*P{qou4Fqrp_yI+*zB z0OjcuGjEPDKh+H2UU;~gkmcK@R*!^m^K2&mq%QAr!6W=2{n<5_%2+0k^>hr+WP+UH z9Wwq26QFT=G5;p$odoSZIc9Gc(5bF;U$<@bK8Y(F+x_G&m1gi(okZ%?-FTkma;icj z0{#FVS-cSA!hS`s_T6janzhkACN);(>Q7o>$Ouo&=;_7mh&jKf@mP-_V+sk2E$W4o z{7w93f&=(KFzvo&bn;4!>%kAsUFV*iI5*33(?O55h=40qa7;l}PmH}|j1WN)i?-N1 z#yf|R5Ed8uCd2N}w!QzG51aoNTF2pVCoxMk|L7CTGT`?*`^hp+(y;0IhRNb6&<3t# z7R=E9<~%uuSr6*}qCq=@EZt;9*M^YC*xQY)>Jk%_7jkF@U$#qqLY8;y(-fy&e+%Rl zfZoLuYR*rE#fyd?!KT9TRd%&6RQz^aqlJ*7Ppk3wCdIE zZ!?bar}&}@YztW3*Tcb3G{yJG^4DKqSBNj3R9hH|>%nWKs5#I!Dv%^%grn6~1962Q z63-6gV14U;86)Ksrisj_oba=z0B21F&iZF|0pbb`PCu{SpL75<0wi2j{WS&|{y2Eq ze9Ni)B_E&h1X+H~@z;2ED)ll%IL!~k#Of&7*+k`gDGfYsB~@IHh!Ltcl1|uPSR>AA z`FPS?(z^szbnEI3JzUb8l&pv5TE5Y4cMFHb&Eu(cdUgM@nfTL$f=^8XV$H(W1n|?S zXg{0hWFU9D*;rd!6G~0KLQ_*$FZVdQ+#YG#?+&oN6t82XT#hF!8Vd1-UfpP;HOqW-auYr3p2sAfg# z+)UmneP_B1ZRF=Ng2+6J=WjP?;*}#%^!V-42|x%)ud(1dSrC@U67QHvg*N~5S42#2 za{hcA4qT;V&GW@I%-@%LP@DHnZqxxe@=0Xh~{mC_g3iI=h z;6jxjn&1W{YzwadGt926!6^aQgkNtCg;cx((A{H*vTd9HBn9NX|ko~w=6ai@^>+O*iUIv(qcrcED`tj21S zx;5*uVl>fv1lt>3aa{}iy84VUkPMKLy@orOReLqCliY%;U?0<{ieNZjYUI!VylP!= z(KWfNpE{^ST;GWW4(3bq96n52bWTnxh%%|YSZ|ibvyW$MP-X?eZYs~QH!xX!1zoRN z?@1g&7Dk5Bhoz^M80idetwLI`uD;u`JaMy#!Z2%#(bTN$`F#RI(kf2VcFE>$i(HjC4swchCNdq`+LgDlCWh_(1bZH!#w-C~+(HVuhW$^b3dqSJ~o zIqS^BUhg5j2BVZ*CgUyQ%F#Zrm7kLZ(ff^r%q8Q~%nD3AqYIfg-<~cu?QrdxUpH7q z1MKVSZjynPft%$#5l6J(tadptr@4w|9PSu)FYAduQa*M5RkrJ0JR#rbhMNUeABGN+ z!{tB*uCRlm9Ij8|;ZXCUCH&ayO-RM_+-To#V2}&{bE*I=rZR!(pag7YH0+ah(Tb)Q^E&xE`)X$Sbg$d3s;vb z!KW`Rud_%|g_j%A%-fnEd(8DFnzVbWbNH z?XIG%d8om`do(4n#&gl>AX0O+j*@ZzTQqq0stGSB&;1w<`u-g1Xd;nLyombEJOvh`VtEA)PAveSK>n;Dot#3f}SG{N>@jog4iRwe) zGQV-+J+tx(?#7wAFJFR?)xwy1ivYBIY2`+S1es{w)ZeGtwrIa^hzpr(W-*3t9C@N` z|4-rtu0CLyEqu04u8)#&&>tNks&*sYlhScj`(7}!{CUluZ~Z3)c{$t0!o*WnL^`G* zFJY#>@L`?u{oU=8pYN@=*t$AW{ETebItmnL^jt^_@XgA!?91si(kj$&>#5to#rvXOk0j2T|e#ba={W^LUA7+zXwTEk2(;i?1A zYgFyTS6Upu=$TtgyR3V*GkII}gkL7@o~!{(+#T%-Z(4-)g%=db&_kmTXu5r@DmfI2 z&+vW+i>n&%_x;nzqZak=0CAi&r(0Zr*$|$Mp*wJ7ax%zz`MJct
(3@hn$#_g&x z)_$=VT?m=VHOl}qf1oTw>D;fsFEh_)xA@I6Q~{72ZMXV5uIlSHZ_;S)eXzG~s=B&9 z+6bR=x7xJITq(uCvTnG4SG9^K_{nCff^@uQZy-nvkC445)YaBOzj7oSOfa%ry1E>y zY@dhX>$h4RjLVWg0XpCR!%SLK-46f1nF&|s`=}x9uuGTZP^N9;W_EyQZ$xcUa)w?}z0wB(Hr&^coO8Ku2rtZYRG7I;>K#m2*Ai z@YqAz%g^b<5_))DYh!kMGg$uUnRzdwEYa;tKCoqb9kc0pfzW@nBdz14 z0n6XP+YK@(2INt(41<)DfJZ8B0hQ*s7iZFcD$O_`m7t0LNYwHbO))aT+QI^CzPw!b zBG`Q0uIRzgRHr6IkL1wHxEc1v=O526Ez4od3g0tSo8RuQPWsm8rokixsU@*Ie1oUd zC&0@%)`GF|f>JAsX*1G}++o7sCsqYrV4TFfm2(AGpfGZGZf-u=_xIYP=@}=jG3Ubj zc@lwZRsm-1?Hl3e9V{B`%M}y0xu@y?wd^yCfENwJGUWdV(C!FjPf9={B;W#)x+g0A z!hcN%F6b(b`^bb32x2=rVPZxFK=Z=FQgr~@P&W0(&Ui(Ro$#7<2$wVEVutO>|DDV6 zb$G`kWk#d&OKKWytzcxoY$}=h#g?ju?Od?IkSBHouU(18?U7H*`nXSX9xYv8zyYgH zX^F#ei0t8NeA3j90rb(YfoCrlf}Lh?s=OyO9{5=jD8Qx>_{@>Nd3%4YsChd9ojRVW zuthYqb)LHNkJuVnTI;;m=XSq}Osz0?7otI={u@3eL|-DQ{m{+s1+FLTeKZwy8)I|8 zy#tgP8CBNOGF#id`RS#O@Wy6q3CHT6^N&z4W--tZj3m^WUnS_jh{N42SU&b^|0>sr zCT-W@W_I9}-6z#Av@Ni5nbpKKlmYXmgwdE5hj>ti^$|EJ{K>#F9-{soZrS4wN+0o|_+MX$>WZ%4>LPrcP)&%hH%QFR zrublaYFY5~vO3>b=*K5V?Gg%0Ev75Ua9WIN9~tmtb$WTUrI?F z$o;$8qeyHmHA^*$##raPCZS(K_}J%i7N%eK1fH|bQN7T95;b~mXo0ev0%kXttxYGK z$KjsfG{$t>V)JwU*M{&v1&Lkl9R>f=m)9M?UWtXp08J*OGXaPn!YZaQ5=HVA7Q_?s z8mGJQNUvuk3o-(ExJ%}El$A2jKEeD;kr`<)olxz2OC;grZ8As*B$I)G>dR|u!C=5) z3%mk)B{0_}U2LoLvr14g5+)92YQZkdC7#Ec<{%8aY>EkO5&;k&@>8`OtQ4y;C?Yf4 z+~&NuQK`m$yic^Zlq;{b_AztNs8juKmDfM_%Me2J#_p{&z4R{MS@Mp^v=`4vGm2ZlaDe1_RMAdM)ZB1}r8 z@KqT|NWUFRgZQF;QMk-2hIF5)3sd$#&p@yMg=`?ot<7wOTV6A_9r)^+=<}wARd|3I zY9i=QIhm=bjO)lStyt7Wv8Pxs4yAE*V16!G3ITbt_x+5k(A1Yc$U~!%29d~iOp-zj zXZuysOtlHSBn8m20gL6eS|WMdFw6FZ8uQO1CVlskpM5BAG5;Do^7t9S-nJJi`@9n> z&`z@;$5U$w_UfYHb|>zU$idQ#0zzF+_Ey)i z8^=83XuY9MSq|*;mHEsaKDX^B=hhhU4PoPiC1}Q<>v0ImB3u-c{6!q^fKjFfY;BvtBXNUM=jA669 z{g6w%%I+?hEiJ=@Q+@jB>*B)=930Z4CwAAM~ z89#ZK{uF;g;lja(xg-2OXx&#qefZpT_6vmw6ik$mRTnflmIfExtP3jtz}``Lv12Ak zwo}(ihNQ1dO{KVD1(*0s96`FGLME&`^3JwRC&vNVQ`!$5m87_qmr4*E#TcZ<(Nxv$ z;Vv2WFGi4d-f0$4_(XlIoPj~tCjbfSy&gBD#wj$I-T4G`Ma^r1vB*8^1~)ymnbgz6 z4JSV;H>aj0(>J?H4~~w`NDO0(uqO0~<@>^h2L?O`C1=DLD^$i<^XNOqo?u+Rg;4eN zOLW&x2<3I%`ZX)|?fR2g`lco)wr+KuXcPrIRnM9ZZ3{SQY(64LqNtqV_I5a5i;8#S zPlR6)M&Wr!pfFFmPXePk!WgYOpy8djZI=1-;==*|Ci0obNemD72q{#@ZaSao>#1`W zTrgkK4O_K@L@mY_AzidpKU{ew34nStj41eT%H}kY<-)Y%*OS4@1_Ai6kTDka%|$u( z&Ya9N<<9BtqTmRVpWoy|4VISX4KMb!@u^@vVoDh16`I@AE|TWCwckn+)y3td$O?-^8RqEruiQ%2iR(sH2dM?pc^VXejYSIS)0+apu= zG0rAxjkZ2cIlUG*xu8!&>xX7Q?J z^&RBzQJ=_&$2io01WM~OyN4hJS`Aro;&={*?Lz%j&``~&u)wO&BQe$Y@;J{5Ez_Zi zDwIHX;VaM2+GL9WGs>J-a?&wI;i>V^uIl|_Ve%qNB{MrCpR7|=RX$A1Q6FXsmVyoq6dFdx9#SYI*s12_9kG`B zqJa4Gj(~5hvP0j{5>wn0C*-z#-R$;&EfSG$Nz%O};)bk#8+u!W2op1s6782Q8}CQ^ zf~y{XE9jCJA4hy?lk{=e9wBpEb)!FL*xgq_46pOo_b*HOmFK2~iKuIyq{7~f>}I?+ zvrm5B#u3Wnr1_QOiFkivzcUx^#5v(}BLhm; zr%$TgLLLBO3fXPg4cZrHel;{TH4#S;a#WN(Q-6~M#wjtNrN8tB57PJo zKIhBfEF$tX$J*!B_SZ8>!Eiu#De z>oUd=D4Ib#CAFE%MjmPkAHu_ToP_=tZ2a7$#Ol7Aul3b&(&GhGUrY@lJ_i+C^vrf& zHG(`X<+p|S8?QKzG-VKIii7Ry-+<9NsXdY6V~HQ~14}~-Zaz4c>2+)1Fwz|zk3zD! zhy-oRmQudu09pB6JxF%l=cJ6P0O-QLuhvAZqYP6M?^uB}o?idk7P?{Uw>lac$?P@< zb2J8Yw?v+CDnFvi%2;tm_Gf>xTV%s%jO`9_IQM_ahBfMP;9bAHkW5+>8RV9qz{*r9 zI!Hb^-Af{v2#*LvP-wndeOFkDO_qpgh{;U!6qZd#s;F(^4;^%aTa7rMEnj2+bie-R z`!B$1+>dvj|Fs$rxYaHu(`LQ|5hAy5(EX4PuCnl_Fy*PMew{hW|>qrDq`75D0Yli(hE$hFB8hWf~;&Kplmjrvpf z@-5^}o&7hoDuG&jGXu5lHU^V%#L5K9t!X8(Ob{kFurlFE%tcic1W{$?P#7bkr);x&^s0+$+r6Th%{BQHFaY-+T-edOAbgTkU*#Aaj@(hJYT{?(w9D zf%w{B{Z-SA-ZbM{iMaL^0rL-gGOfyw?r|Q~>DF-_5q?hHO9O01$iv3~8FB)eSm%i< zpE^8Axh-PZ-$0A{Dzm==EjLqSj6)j>%Qj z@U*A$U^|k(lbcF`>Km~`?eL(_M#IgTJ!uiWX6klN#W@aSFg$l8>X#4g{DRo^pO}~z zjwkKS*nT);a@)1eVxe!P_O$YWsRxe3Q-4n|O@mJ~+I&#?C4V$qU-K}%1b2Z-^QAG1 z2kYiVJqT>ZSYgph+j#%503onAXB_T5$i?zQ@}7Ecc7B*#oK=BxX5R|k;}>OQ354Iq zZK%~`#G&>Hi{ay=nR~A5L|2%b(HR*g8y82qfbr^%-f3{lkGnmJ_hRgA%M!Jcf#Iiv z$>Id|H$ae*YUBb)Q~`0_A6;8lr+cTAR_XLBQ5;XXxC$AgrZUt~Bj9}j&s5X!e-QFJD{1z&DJJ_z`yN?V1Fyzro5a>@4_-* zQYwPI|CaI_cbQ{xexyK(&89PbuB?C7pS}|{ymwB^I4=1N89aD29_#HVUrn{tvE;Qh zO=x1EFj+7tnYuBw{7|@W1cpTQTL^J=z^UuI2&CVS+CgRyRa7l=1`P7s*$eRy)C-4{ zKe>{vP{2{z2%50LMPu$86G1aZqV3yS3g*}h`ReF&Ipm#}B(sJ4jm~-$Le=%kbeQiP z8rq^lK36jQ?LQZ$J5ehDtkUnJRt=Q>4G^K+*_yVY^t-8Mx1kX7RC80B;BNAzH#IZ6 z%i$54Zum5Guka*46fP|Yuq{JIMr>)FQSgB66*~bR|NNUaE~d=p_T?L zg;FrhMQ-^fe-lg<)pHjh2r0kLeak|8TF=LUU5Z69+swhyk%wrNkNa5lcLjn7J>ka) z*oDVL9mEda$VI_%dJ5m|CR-0Ku-hFH>d)Qp`=dd6g_etM`LJ4IZmeMCdFOv@*A*^} zU?;F8=(m5=MWY;b6z|o|SWDw8o3JBUJjp8Y&O75IDfE@42ZZ`Grd2~SFI(*kHq$(w zOu|RSn%r3N*8}#GZXw3~!6sx(7FeXbHt$ueKB>qY75~@=@|M#*LjaPd@($nK7;Q#V#T%`0Nt?UmKe$tMub8V@ri8m@L~;~puJR{l?dW?9vx`Y z^`-AH?DD%lD|aNiFM^oZ!u(Ci?d40~aF*Sft*O%A)1SFV!hnE=c7&fFzP9V zt_HJP*Ika=dgSwz>U_e2HTo;EQ=YF)tCwyx(eE=u>`C&s?&CO&u!CJ<<$=-z9uB^n zID^;M3zVF6Z#qv=+P zm%&9U!br;!aI0TBsL*TCAmksiIQSP@?=nKPwUcGAL=qwV>*W`5<6hI~}7RVLjTK>E}4(J$W$|H14;%)nWMz zu~5iwG#=BhGPh>KFWag>$)mTUn%V2uB?Wz_Ot9)$B-V_Dc9O~F(I6r}0?oHE2A+^5 zsr;|;^?yk&xrqSIrvKoOzLPN99VWUqZ0{vDvF~b-kd$VpBPV*@AQBG$azf$ z4FQqlnX{JX<|AZ!vx`m6MNI_KGr#OKG^Tk7v~8wIO1ESYvd+A&n~dMOuxq_?fi(= zx`NtbEIhoeSVD#lsbm%-Dc}D``ipc#+GgQj^!%5(zG~@L$3hXj($U)k=>_6x_g4KR zN#Z-V85a^p&y~Ka3jx^k+eXR3l7jMwoX7l-7)_qAF9$T=)}&kh+zDDGIFgb zL$TG3>Ts)}EqC|OJ(;3G16GW2*9 ze#7T(xd=@qe}JPJ9q)&;&BHK$;)d9`($9DEG4A&T4P-_g<$Ibic`u6v9}6QB^_w)P z}8^3D-?Y3Mgu|LYoTP>&fyZv|l5POY96bIbN2!=o&L9bsJi zyUd*b`g)z;L9^(&cc5*RASk68CXj9A+oB8uz;rDr@p*D0I4h>}+J*}pG$H}8a@bei z^3hugjQWm{ce^PcR09Y0^2Eo}^jchZ^S6G^)yNKmnjn}3GDUF(Zm_GkQw5ccg!UNz zyZOj&e9ocB?jiIp2G^(u2y+Yi5Ly!VEXPcPySBH?{_=Ow)Y(dt<|AetEDi*!%kXtz zxsXIRl0?t7?81zf#fHMfqV_K*AGiwUz`o4^9O}34B$lNNn}ZL`5P{hRXg$CFN6hL3 z3%VB>PX0mMpF>a?QMM)tx2inXvZ8R4+mJ zlyBos>3Nk&AlF-?8po*m&%_w{=aa>%E}Rp4LXOSa6SZYSLvsARgrfv#VybEus@;hL z^3YIzzHAKH)uzJSX&uQpZXB-RHG68~aEH4V!&yN$$qQgeP+g5wOEt&Z}#bA zQ8Te0xc8Cl<2+9*2YD;7ou{u~l=+Wrd!??j5Ci$9=ejheQ}*DT=$*!VXj4sVIR1+> z!L$g#t2Gl%on;C~zUab}Xyn#=jKBbos_KsUw=)9)?JsdF?QN4Tk)ZpNgBHb;kp9{i z_QC`FcdCbMYAeGbLdwXRuT}C_&gb$^Dt_%zf zl~q-}c%wlco1}yyk7f;gj>o-0Whb1c9T*lGuHgh=G%Of5gzkUT_eqhHIV(r$IPhd` zw|!sA(m^i|e*}`KCS6HTfabS^fxxCYG5Lbgc3?@C*L%laG&Uzh1tDwnoa*uYS)h~V zpSw23w(6ahcd_Mv{fcpLi|9{^iu>_D$3gbL90v?p%o)?4-8{>Mpf`px=6uDE68CFr zil)j=GtinN;xc#O?q)eniK~11&>ONwoqo8Fo95dFyXT%yQSxP{kn|~ zM!T6GB%{Wi-z#Jb63@-ex#Dw6u;SqyQ$zYdg|C!(Xf1_bKs>S&6S84ZCvMtK$yu62 zG%kTAPl{YQEo)hl<;yDc3w;+l^%8<*HCF$*Fd1kRFV(nDoG@Nf*r2=>Uinb-7Bam~MkC<>h>W+4wh7LH5x0?m*d#G+gp!6Fx_%cnfji!5q$2^QrlONPFc}DXZGSR7kFzKEEa}qkTFw-A${yC4na%Eow?ee3(~U( zqLYlpP_KLbQ-{lu$Z0ER0b8Ro#dh#%5+7ocg~(eR*Cq94Ge!J-cU^(Vl$J>F@+Z?l z=7tNUI|?Dit&%q9u6BF{Ywv7!n`vp=wVCA5RBE&Ek4*B&ayU;V#!hT`A99bL<8bm_ zlQC?&Ex^tg`POY?MjGoJtdKRID>S=gw zK>J|g-rsu`3&x>?9vqi(%nt6W0zwKL?i5Jujinys=H9A0WCkI&)${STIfg@oxF9*U z=!t?88*5j1T@})#x-?S$TO-H3NeKG-p@x1Gd=L8JozM3^wt? znjY)=l2P&?szge64{;!fvwydlT&ycI@_RIfw|hx3C=Z&Rvhzu!kEXoSre9OH{nK)@ z2CzuW{aa~d818P6lv)8L0ymHa(9TCl6qab`4%l zs1smX#!QTn=2SZnEe8*BjX5@j_b;(fRBib6d2D^|Q;Lz+L7qZA^3C$Jv|%!6m_14X zKWw?fPlUpK6~Shn7Ny`F$ifT=xj^=%RE#Gau$7UPmbRY14hZ2)lK5L92(|a9@~X^S zj%Dq;+HIQ^Dg*S+}<`^6l`5{uFc@ZY+$WaTem^8(J!ml(C&@fKt;JOQ?@ z{~Jz!T8MlhedM4_+0g<)Jm!>+uZkXwjiRHaa@aza4>6UZY*u9U0E z7+oH1?#$H`;ZJ_MrewRobgplWbh$QhW2!A(xsRk1B~hatAB@e&&Ms+YMn7L`iKG?L zK_DeolRT>I6xN-{b$N7qL(;i^ceAyf{P-7@zX-|sXOHB=fxBom4TL4jQMb~c_&~An zKz#AowAbx2GwZ*H*&n$KKH<;hj9OX9aR4L6JB9Y@@Y0Di&612M3aPniGYiYz;mLBI*0biNOa2w@7N;bgWQ+Rekq61krrI0-)>?&==LaLMLX( zM-%YrChph|sj+R5)4@PT#YMAskW<>yNw}d%xw8xZRm*iO0YY6$Ocnq1Gh7zL)XLdi zYlhq?CnbhIPBjjU6e?24`gL=>$@BKNK;300Zf(T`xpak<=XTecAnW`kXZxtf%I{Sw zuiCN+brHMe=7X?7?(+*Q?vMH|@AAW;VefL80#cX^u}*QGh?I)nq!2zU-%7%>~2 zti@I;xP_LIHdzO%-csR8uL@24KtUvq+E^yxCf$I@k3eTGn31UoY2_sB0>AJT^1uU# zilu6FmoH@X9Abw=)x@>g!ahLgY=NlokeiUX@T$&!g@U6E-`jt6I&kptGAwC0+7qvxlrLJ$>C8H&#Y$ix9>_L*N@^(iM?SI34QiZ(gHxMuz7?r#zaa7v{p#Dt1v1^Aw zUo^L(HPtQo`slV7$GO;Sgg^%|o?5~;kDf`fzSq^NZxo>4Ty=)L)2dB|)BaQ({vzom zdl7Kx!P+OvDC{I(CQH$lDEQLxbNfh0Dtqa3I@!r|7l!81g+Ek+7^3=rgV3g|&ODwO66p%xSmY*&{xIQX!vA^ znr+kX4sAKrHf~x%#k<0McfNxr7UKnIR?}r+faXHQuk}MmeW~kzWh42V!;BVw6Dhv| z0kW#wc*fvNGJlEA07@)G*)qqUAT62=qc+n}L&!>e0bmeZZ(ZL-ziA&5m9D1z`>=M$ z0ciWPuItWpC9_*lJ4!1D8BAx`9lp1$JuE)^knlt~X9qL!BM1!l>KW%@54$ zNdonBoE-<4iY~aK^89{Ave+H3{^T|J_U)OZFPP}D)PZ*HN@(NgmeM+01|7wSQzBk zts8z9n#wdvSbu@@@J?k_!A^zRY9I`u{udltpJSv>kjlZ;>}~nasZ+!G_}xn5N}0v+-JbDmh*Qh;97V)ZkhADJxcU zgfV^=0PS19)L?RP1-S3S5dql6?T@dV`;TAJb`rXS5ls$~l6-Ooej=^mm&) zsF6`RGhIveIT4AIRu)?BSnLAZ99N^;qd76nQC6!Vwv>j0adgib`LGRsyG5}p$dHQo z3c?4C-HvAX>O^MPx8P{0rhJc{xt|oa%F1EJuJs8S*ObHpLuoA0yAB$vwIJ1I2Ldd(ZbEcEL)EMnk64f{D^j?vJ#=+{#rsFcdFk2OJ0>M$*Pq)^@5lG#ib$* zx*D|rOZWx%wI-cK_^Js31-erU*|#MST?!UX@&j&dXRT#Ep4!sJ#kro_k~*{C0e>^G zs>ZAE&++v>!w7)GspEawMRIdJ7tg#Gq2V22FyY%h@3XR&VD8s@gUy$O1IQRdpdn{C7oRg$mWC{U zZ@J_lcVTJ_lkvd0f|JpJ;}LEl@AIhtVrOIZgO>Oj<@~2B*gcRw@gRTLv0k>cD#8tR z=aO<7n`5NPSmcO4mjQ^g$C>}$AaNkbF#IvE@H?1;D>nAioa|8w9X3*|Wtk5n79-JVO$0nOOu=Yn| zo2bq92yLkHX%9h0V)?oI1nbKBOR2azRl1}KFG)sF$>DOp-=)Q0@{-CcT~v3vQdP6Xb_60 zKkp!-$TKu(?xsM(+hZwt!DS!hVnZK+(Cq{$YZ&!L68ok+_TcS{A}u=4;I_ma5%8n> zbS7P8zd0N^b`mxJb8=NK^PAO!^hwsQ9!*v-GQpFb70&e)jBlqu%^J@R?;M(HRm6_7 z-9}$7$Gs5rODOO`na|XqoDuT5*L&voQBK{Z1LMi_&|H3(A8KVi36C>hzXQ+vL92MQDA+(7b2b_YC7uXK|c_Ngu~MyF@qwd4N!1Rwx;bv z{nZ8VNyhMhq5Pm7!znd_Hi+X8kjo?+k2_4AD5PTNbHo(}#aA8|q}Im}Ra{5W&5t-h z8AIwsHz^CvJL+mVi8S&@rV{!! z2_}y5dfUKzm{%Q>lamuAnw8Ot!k68!=e+jIk)Z36vdf^Hddp!G=qf~#E78|%G5d+0 zJBQ(gL;#d%XJO6wffX0l{Ug`!b*6kKo4;MZ4|lMM$3!MK{`f9D=8ZgT7np9cDOfzJ zGS1%CA}~TShehai=hYvu1vbgy*XrjOLN;ygE?C!xg?He3U22%>`4-a{Z>2yEB63JG z=dj|990{UHZia&4ffkv^wy zdJP^-NIO2t@MOi)xKqNG`4Kk=bWJR-bsVVd`Sf+p7~Zti6KGZ52HX+WPWN3=@Dp-6 z{|s!4%UolABy1YJaL|U8kn=#e@gR&LyAzBD>_!GdO0L2|ZZiaxY#+k&cz_!bxTHb4 zbDZ^PEO0>!5bh73dI3LevG^?fZ{o%Z7dA3&pf@7JI0<4f@^{FiU5)Wy*iZH@`BJcw zV&EIL@kaW)w&OyJ8%H{~W&ZC5FjsK0(ty%KLh4r+HUGZWcp@Tnu>+N5>wtCGS!*ut z*iQcG>aK$T)+Ve6W91fSR8IuE!%jGoh4LU!|E13EnXt#1`Ot3%yaP|Ks_dMJ%=IsQ zDJI{ybxu15za1Wr2#l_%40?m|BBQRt?&91-uEN}OGA{EP?01IQurhy&i*^v^XC}=h zTs{pn@5T9-U3-A18Z?2T-JYZpQuKXUMULws7)t{2YLLURsqD*p@eLZf@o& z<_N!T^K>Z=eXZpEAb~LZV+3u$mcTmUdeNK!cnatmpc`#+rCQYKuC{_iUj*(@q|lu> z*S6lJo?dapBECFt%X#-4vru6Q4ajE9+<)9A+osYNP08L};CNi+x2>#acnhYGj)Chg znp}1cL?WIr7rkxm1S^@Hr!8V-em9LX06&sj11fm+=4k)3ciQJeWBb4EuL={~i~2d{ zzUL$$mo_nSFrs~kiU0yj6#o_3l^BsbA|9*Bk8e{|&_77U05{KdA`HqE&+PlD1kcw^ zuT~;3+Fqw81)l$IlKXv~L!T2A?L(3TjHmjj{`U=59VzrjTqgOC)4p9Ej-CQPk-&!K z)clyHozW$SkxgfjgBa=KMuXwHg1?LGPuop;BR_-c^5Z5^BufC*$=gU3hFAHY z8M99f&Ha?3n%ov($<=I|0e`z@e_~)}m^mBq*Sc)r)@9o;!WkWM)wNCp(M3f=mhD_W z^oAxjEA`6f2$R==sbJ&c3JO@`6BDx6V8Rtf$v6F1-5c{TKepSZjn>2u>+C7unqM8u zQ*z~D>q;|FFsP%Y8{6+OM9Df^v|s%wZ9Hi1{BaE=kQzv%FLlw`PoH)VxkPKJud&f) z{`YCVZQzf;^^Du)en-v*{`)let=?}KJHtTT4(dCL*hYLsg^y_0aE%8c9Gr#MZBKt> zJ)71`YXkMA^>_CvI^iP^RS3hnS~o@}zAY@FOHUQtp~trD5#8}PX%rsl2^?U5Ty~?G zKeu^*#1qCmkhg2ypXJL?LF&jsz^1K6-%un%0L~ld)9p4}B+Zt}iByTk*W-7??Z{m| z?KOy=Jzk1pH9ug;$ENe=*T571E)VoeEB~u z0X0Q`@?>f;oq8KFWk;OpyE9BM+3jT;bV?DIj)iNs-Pb^OeiH%T<5)JP{Qh%~7SA?E zv#U)D{k=rdki=bc^z?LSTXI^OhtDfXYQ9(bsDAgTF6U;u7^v2!bRhZ&zbr1cEIuP5 zQy+Spqnsr0#Rr&e67n6JYOh8p68=jhH9)brH=KL>|6=Q_!>UT(XyE`-(k(3@(kdYx zBGRBBoho%`q&p-F(x!$NJ5^&;4WO8E57>d+#saTx-2~@5CAP zU1Sna3Ev_-&imL~^r2}FjNj7yBsY&S|0(vv!zcatIZarTO~>wEEWoNogH@A0x$Bzb zPX2A-^G~@x*+uDNkH{V`quPW`n@q1d0)jnAAV3)=GhB6}_U}YKiE>D_1R)- zzrKh;3Z#6wq$2Molk0jbL-gc^HSQ!WHz4Be5HrFPTE}|^QPY9$R&H~6D1al z_K0%8h@#c4V)?8^(0#W<2nNkZ?FZ9`<-8XJxxVWS8Kb2I7r{?;A0N@(8gNz@&&gPI zFMD8M^1Qj8=QkWx9CCypdefZ$Fyi{S+rDU|uSDe`wJ>>6lAUKy}bLo$FIJLQiLt4Wv6rLj7 zB}`@QwboTAS937vo<9zF{QjW<886vZ;xlsttTSD^`V_(&S4}&wiAk4Ny^Eg}rO`x9 zeq1fhJ-Ph^@X~Rt*l~Is**d(f(a}o3A;W}5@4##U+}#x6j>ur#;37)c|*~{sa0*3 zc}+6iz=3HmH2i~2s63($o*N%an%fn5hKSCR<8FkZ-@|RKLR!-5x_?GU0{Q0E%xsQ! z@R*bbqsPB_E!YvV6$hX?AeP{*id?wf%b`qJ{=*T~SC8&2 z53=e_P-T&!L7L}wsLrZu$-^ujUww6#!Ul^TV-@~|k&}T{l`vnfxmWL7qCX#pG#x4U z=t7^gT*OCfZ?P!_{k@pYh>MvZW}2YVg;XM`kI9ISiX73oU#+rcPN7ny&8rJKya1AA ziBGyQ3UG|x9kDE`_W;y$)=qI)zpuBqk-opcg`jod2~7=u!^_oGA#nH!7ZdBUQnTy{ znDBd+&-ansZbhw6->%16r;vXv0sL~2GxgBl@y3WKPxe=oM;Ff}jER?wlp+BqbcX>Q1TZ9h(h2>dr*p?++@;PFP`y!W|RnlW+0 z+xf_r+*eZ!PLu_4yNwC!O;{~Wh9pS-LS2hPq7dZmXdWmVF@ko1*&!WHk1S7U+c4`r z#lpvsxnP94WE7B{ZzBvI$5t-&Di_1lgn{sm)cBcyCj3-T z@a1O=UAqpFT+kQ)e9^M+w=f3LJwq=MsUD|*%vxc~HJ>o4w+y~~n|35BlfGq7Ud(a(O zx@J^ingJ%HG*!7OK9Rg<9|LKM1VC65%n#-$fl;$%uUuB%2i>!sZ!NX*0z-l86J39N zB^VyVT68(>d_ftJ20qMq5|?k!xEV74ZRJIdF(pCp@&0Tc$zUq0*#m>@u;!URfOF8D z5C^`V#EHJlGx!)=`Q`BP8Z{ycnfVxd#_U6EAGNx=T3_nARrmTf_raa^+{e#FcUn_N4u2a7Vy#n$r-9#xll+!2w^Z!(hiG(B<}Xhy(M_x9 zkPC$2si0F5^6MV%U@Ij2xreO?<#%n*pp@-&HGP*9Wf+?RKZJsULNO*LCjF^g$l&uS zx1)_b>|_va;DvM9mApU)JR2uDqYDFulH& zQdN7HouTEYzekMw@N;jL-87Dpr4&Tntyw4!Qa_BUxYSemy(U5QPgmCm2LS?YyCX0o z#n!aLPsN*%kc&EFeXIq`R(vjpvtt|?74;rFxlNrlAtmMfc)JrZ^ffq4T*uC?j3x>( znioz#`DJ%+8&dTu$}5D^Z0vq`VvmR}>i#FvNwWGE)DU&|W}z%deax>X_aDcl{pq3j zY$BdK8!yoRq5wP@_a50}$Q=;Jc!p&|3Cku&61o%bzjAoN&B4JzrwOJ#^B!$XzG>KQ zrUZPTjQgOrS)a(V_^!GG{{bB9tIwezQ+dYZZ{L%CSRF{C(mtM<6K6|XJ$Vg z-JG&0=>Q0)9WV_U?Nd+>bg_H7JC4nf-X65qvQl{z-GB6Q52W0C(T-ZuQpbMb`T+}; zKpEF-gS?X;a2!uhnv&Qp6+@Rh4~W$U}|$vN($AC*ZF2GnAy&n!us%`2HAs_vo$vO zK#ptE945d8Fsb=$%o08uq{1_#^07eftvEjVc2168y0<^uPcpd44laYq&1RRBzuMA- zKqtBH@g#J;c(|KOcr5G5fDGLuR0NBrIU9Nn8T>SE)Z%pskR>28XYO+V75ta$V<2ye z*RchoP16rf!8GoS&?Gc8v?WvQu*IJS(qFCE5@i`BhK;H2Cp<@s=CV&9;qwvIO!J{m z+jc7SvDWytA=hzPZ~krw7h*%I43rMWaJht)e)RK3iBlkA?*Swlw5QX@Zvbg!wcTVm zn|a834um@sl~5w<`qew{$nSrsJij>I2RqS2DjR`m2CJrR{RD1g40W*3Gt@rN>8e9* zEyA6V=45e0-PrS}(Lr-)KsX7CrfqVLzv5+&K&LrraM~uMWBO-6Ct>LdD(2%D5UxTq zVqr-0PHFHuGwr1+k zKdjnQSpnnAa*CR1Hq3x@rz46trKC{U<4Rn@xSt1@qFTF91Mz6*lwa$yX7wLmRzCaqq&^qHzW^!a4Gld< zlD)mXd!AjCG6=i)V?2y@)#^=jfb zhzg;f^uLtCum;#;x(tv~-0^)c85HgaxRPvHnXIJTiO5qAQh%&GVpKKrok}p zon423@%5&ALPGAzRZS6Zot21q&_VdZ_QWnXSN!8Q|J#Pg%MDDd8Oz}`D#w~-H5}2p zMX?&Z$u*|lWOZ-7#%mY2Y@rQtOWhJL+TyFzKZ_XL-#5N9GM*gzS2OYiA?0)}BIAI! zan&BPa^88!OzsO#FV3!8(;}~8azSiDMLZTngNpMXk za!z9o94D%a!(Xoss_Mz+w?N#W;?8$d@-tv)Wft}%I~CZP`MR1DOP?kS-jGu&X@IVD z5KZSF_!ttVKLThaGr@n?4>e_{ok)U;M+zJ$B8Ug@pZrQU*b)0QUNhcM%-ClLtzP^xlDzJTMxjesl>)?3Kr-L#V z$eS7JQB(HXiS*>a=tV|DUWgMJ&pNqu?@t=`sHC8x8;MsFX+AM&+XO{E%|D0eP0eN3 zaPR7p_UMiASk`)dSh?4sPW*9^o_`iuTA3Zchfw41EA04Dd^M@-3CmtophO9oq zix_TpbVB9(Z`;DK_G4)Hnw@=bhCHL)Z0T0xdA}KC?~Hz*e&6^8a;V;)u*L`VgEUzF zgNdQnhTvz~i6*)yLE)pdA9drdS@@rnV3I=Avjz>BSqzR+?9*)gBQlxyZk>T<-Rzvn z7fY>}mM*EP1}2L?!6y|}F@Yd%a^!15T~FO~ zdz@CV&v5#-n!5M^g+OJD#=d9)v6szzk-QNS#ZSFPaUQ0j6iF6rE1=%$H1YWC?<74; zMA_KSsunF_{eX-H`*w~zST6!PLo$hq3VIVxWLpc=F-0Oq{JXx7U79sCkv)5I>Ago{ z-8h~;jbF>jqnuVq-+vpS+?xQ+!}-AdZ>mEbbtJ44ieS*>j1eHWfB2Ou5EDC560 z_KZS9;>FvThXA8*p`$$D)zfA1W9m<=>4Ulf4rcb{Q7;q_PaUShUyCqClA{(fnsrAF zc6}k(KPEyE(}1Et!o8c9-*vC(7w*L19No4gi_1Q=77}sSng}%ewOqe{?>557_=^uI zd_|?YZYO#`feR?Wr4Nt`Fks3MasY*rFS_}znTZOyQw&}cMzxpfcPo)j==@bOMa6(j zWYz1WeXV{KJ-v`nr8_=W=mRhVB{WXPv>qS0Hq7U*Sc;yYDn1B+%~{6}&iP|L#O>My$5BOC z*W#$lD;C{oNoRl2LI7%vz5`82WSVC@Oc02vKv-X>lBkB?KO|F|9vSV zJ`K1P3%iReJDB`O0n8pel?Ye=06kN`_jp7ns zc(mXG)~$yqI4)xn6xC1MfMyN?4}Bk3jk73AdHnSVrH7-qSXbsj+crKivwH%&jmJdR1=uZ7nSw|+^L6pr69&g|qL&Dt_ zLLRWe08cHL2qa6XXok50o&XgN+Sh9;Hav>SF(CRS2y}mgbAO)%DI)MikfdxYD=O8Y z2mHb7uf#ZOtOc!AezaIFHJk4yja~-yW#IieRFOU)BfT@9tz+2*9#TfGQx9q=_;)~Y zh+CG$k=uv(zFLXCh_2`1C?faR0SW{!x?@=Ywr|jdvt_{&Nu|SXWrZd|q0p?DAIr<@AC>^vWkqOLAL-b{*tm(r=iwjIgR(Nf z$!JIh33qKSp%oS8&3Yn{rq|jzq+Hcf>o#3y-*qQ`P=M?oURDXgc<^^2vh4+w2Z`5S z;4bW7-lXI!EK*r}l@&|;^V@W*FN!05h3ENEoKh*^yXs9`Y&C3qoL~GnbdxqRHMPk% zG^7SjXa*(gWME;ZDF=(|{ zM19DYZ~BA0V=s1u)aekIk>ZPl>GF?>9`-*bx;XYAnj!(8)O>6<6s98Q85v{j3jxC^ z#u)rd0i6#XuVMhdFOJBBwvODIxY)9$5>db(ibInCf#BxXCu*sgnvuaU72&U-B4VWn zlGY!J$$W}8-66N=kS)L#?|ZI)eHVnJfI(8jVs>Qylx*N&Q~OD2Zy#4{0cG_PR_Ri z)J#4fcv6%5!ODB=q?~lGdT$hoBh7zwXy+e)>Cl`vho~B2eDuJVoq{0H^`XV!qwq&y zs42EKZ^w_ToK#|8txRHT%~A-UK7SH(a|(QHepdYkO^RRTxj&<#ZCqQGZjvys@?;2JaNx06It25P~xF4;@DR=h2FrEq# zRaGQ7>4m(~ciE^%K1fC-3;~(aZ=!OZk(P7J9YqIvzv^JOQsokoKQQ{*2Tt%aq%5_EK;W?;G)Y#LS^Az-PtyN5$Had)$A{@=eew;6KoFP_ z8>;)YI_2>{#4t^mA}^nqxsh<5!&TVlyfXlp=>C4WtNiY;O^`#uCmlWsuQH8@@3HEl z@TJeA$vfM;OdVhAM+?G^sx0O!He1%bZS*PxO>ikPq%B}T!=zvV116P!a)3+Qr$-UA z9;*5;k7GorA!B+WYZ{)0yDpR=$=8Eu;c0m5DJTrNfvT&!Twd{#G(fBj1@s;q9MtYk zHG4L2TJ|SDEEz#p999Ps4U<6rrzcReqfcH*0rG+Xoc_zvcSnloqtJ?m{Eu^LQG0#w zPcM9|jl-R`d$?M?$E`T}-m|nX<~dp{%qj})c=wF0eT$*JxfT{)WwEB(I|FVn1zKQl za{(^Zm(vQewe%LzQuGI~heOwmNAm=_yPFR-2Dn;>JsVy+Brh2wWE+`Y@-&$oVnt-1 zPkRc~Us+jOUs^14ip`gBiT&nTBj7#0GKiEJ`k|7H9l5h{2erZW2;tl~fpg>Nq~p40 zy84g9TTg`k;gC@+ii*eMJbe9d}q#X zeXuOF&wj`>W^wys=~KAQj#d$VFS$6cObEuPg#A|EoMjk%bTiI&cRIYIpk1LQ#^>eQ zKM3+lWuIFA z(QTvz&PA->?3Yc2&IP}fm1U?KY7-)r>?$lDVKUM}8mL z`Oc+Nwh6w#owUk+b1mI2h-&cbqV=;iW>; zZ#Y(SH1B%~Hr?ZAaR=obt_js&wi*zg5N8B6+;^x_Qy4)$z>Ku}ww8ftVu1+Ejhev7 z8ZpXxjy*gD0IP+eNmUl{JUKw#v2|CD-@rs=nDr`nkgDW`(gt)wJO-`DHp?*+m zy+3fAbM6GwVq?iW+)?LH#tG1-19aR?Yhe%KW#h|v=X~^f=k~Zw?fAFpYB($KT$(wd zoElDlIe!yllJQHWwc!^>#k26GrJqH0rmJ6){U|z{|Aozr_?W=#F-S!5wbRchlBL}PZbKX=2v0>!BqivGSIL%I-LJQY&|zjnfYGH zh!0MzFr4{lbq7EXswlr@J8DYzqmU3VE&m+U5?ia|lJd8F#(ejE67d%(!W)8*e%V#Y{um6^AIbB^jxUL6StYHc0 zf`OO6Q!m8d=~NIF4$NHgmqS>%_mFweVD_EI1f5HZ^78VzJr`lsSQQN<+mJZW$O4C} zZaIyz@mXkCBDZNcP@9;k8$Ku`Z*2e-^l{BzH4x>I{IU+KqSOW>JiHr)cNA4&8YOcN zCN^>T9;xOhU3>LEy8L>&ynHBmeCF7#aJpMPdt!8Mtvg=E+Yg;W!s9$gv$5%BDT>?z zn4%jZb><8=9$E$4Q4cfRG20UK^5}GKxq{_D6J5u@ht;6<_+S2Wr!sW9U_U-FecfFk zM1)|qbo^*3j>!_`;CP}RC^)KNbY9<&)3$;{YB*ubF>&Y?>F zsy*kNHxk1#=eO&Nt~$?e1rmB9(n}m-SA}F}NoNiED=IbdSEt2`r?qZZ5A?`AOWm1u z;dzdqQTw)!x3tO^Cw7nYOU?$G zh3Nn%bp~|GVl-dPeFe0}CkPTrj&A!Vf<@cEOlnRo-e=_%m<)h(TFqwjNZVxac%t=* zWA6r&yMEEwKV&h#!@LlvR78*F$tb8gWo)H0zdNTlKg2`q`pcK;ZNxfR1vy-5p0Tah zta>NBlrS(kkWMx4GDhta_sla(O}CzIZWec?e3aJ!K6|%FT&wgiG9HodyhVI#RA%Z^ zjIRXG1Riy*-y?RTl7wI?fSRri`d~Mi#Q$ik(JPrUHQ)PMRvwuw_z``0S>;PnUz#++ z=~gEQ_%8XON%|!<4zjRpV<02ocDw1x6oW4Yq3yejQ-_wLOP-(I&*etfhD*OS1DDE+ z7dZS780V?&_{9$g*>06t!I8d|DX&~>z1oyD?RR97wwzO@aBCc)p~MMkP)VE4(9qq_ z-C-`T-pt%m<_XzJnW$mAm6g3BHuL%i{|#f#*2HR#9e?`Z8{b21(!->~H}vam3~-Rn z%`Fa0&K22p7@k{cGnH#6)3By)1|7Ye!mj-EkKanG z(&FXGV=;CU6!fDQj%>h+=u_r$95MLv%L%gU83jl)Pn9;oaZrpzM#xwE8<_=l6Sq zDnKmpxm2h)4N{kr0e%stSpq0vx*{5aw~+Mu1=rc%(TdS*w_J-dM&IXBwq_9rVs!US zddYR|0!Fa0ntpm8BJX84B5m88U)-`Awehbku#s9jeRXkEl>e#TaovI5exW@eYxW7q z=9V#10mh=dq5`0(r4rw~5*Ker#zU3~ZPUG<^d0DF>5uxXBM~22jhM+dXjch#7`+Tt zEMMJO2$MfruI8O_+W{&!G!==V4ncoQW^@w38!1GFRqs6T26`Cx;%}2#B1}I%K1gCK z$gj1aJ$_u(}6I$O=j;sa33chfd4)F?M@Vtg&0%rl$Bor;=v*q~Y>8l7T0g(Hod+f=s@)KA}eYG4fPQ9wgNpk}tj8C6W3Miqj zb+4LWvWE{}5TqZ0uizZbP(*vKUEWi5+OA$S#dJ<}8h+wW%Cn+|mHyN6I;(VIS_=iY zAp@rw#1Hc}(WJVRdVl5~fub6s268mbo#V<*v5pS8E1=r-i=~8&zvCh-#+FqN!XUf| z(KE9o0?LQhAS^oFm&Y=f0j-(}ubWNAJ@IPV$5-{LWDl@SQt?SpY;)Q8;KXmibLro2&KpsCcNs2sa4#6+4Ui!!#kJ82$L2= zA;&f}{=kv44ysNVsi3!}^*&ax$$5LuWuxq^vT%2l6#*a9a^~b?#@NMaD3m$fzc2ZW zR1=N7+=|3GpykK6Vm-JQkOVfw>dT{x@DqW>ES- zk(46(9Lkc6U$)@J#F5odRFI^NR(5rhj#?bN?c3N*H9r5wz~(j6P?8EU4`qg755Swu z7B_bf-&Xvy-i!~xx`#BLk7=GiMEcRVqH9qr$pw7xhB&ZjTV6oWv*Vk8pM#8hOsrQ!B1{X3NaJ!NYANPdw%&t2o4kTVKI{~QHR*axJg zt1(ws$1R;|8hQaYaBe+c^N+|lH32@XcEv@$fDxb1w+)E~VrxAS&u%o|B}(nij0|VJ zdwJvgP$dUhc23P<5uY`^GsBXczTN%i-mb1)R;H+$=ugMFJy}4G)OPWEu;L@h|Aak^ z;DaO}ua1L>TxeURk$znN=VCl(8C|a&R{F#}AiU`OP6ewcflGQIP2{Js?)G-yY|tXt zB@r6jJ1ct#U5SE+(zX@xd-vNfIr&= z)+qMqH;ZD9BQ5@@jvzAw zNYv_Qy{d6o8d@o}kGE92{`!X+@FgGsc4|mK`XBRifD!T%2%d&q>2qN%d4_#dzTh>a zeD5@3Z?5mjrmLtO3;VoLRzqrihDjzG9IElovL47H*Sct}C zWwjQe-`b--n2hzO7T}Q*JMgxd4<4D#y*$?I;kzbwoJjdk0X!cRUtlb*uOjv=>=p`a#50hdYv4k&>VfrgUsqxqcsHSS9y2}`R+2*|O2>S=*UtDYX4}Tl^_%$uW*Z|A2g_RQ# z@8%=c6;Cb?Iof^iXMzE)c`*P<{qW!>lD=|`5G~%#n;l$%O+Vf2-Iv=WF3|~Lh?vFM zE>6j?Oimqsa{Y{qyJ{rbd`+t5qL7Rx`s-6@6^#ccXuWnZr+)^zA53_6Lm>f`+*HI2 z5DTQ>=#~dh_B%XaAx%O?cX13*a+ic$n_@@$Bz1W3L@xxF*m7MSm8g83tFu^dYljGk zEKXzb1}r#p&GJv*E*|<%Z4W^tY~w=0W;f7B#X^!%5h_8uc#miZ@X^ihx{&^t8Y#@l z%Gyq8)94HS+ReQ3HdCWL4nGm8pV`x3bQaaS_5eld6?g-gwhK0r%L1ZUfjtx$~pkn80-0pK%mI%e_bBwx_fQA6F>7 zh5S{O1UgDKTb#_^wcrR~S6$gs=Hv7Zp2OYNi(CNmnGo~T#mvWAv#3lm ze@?TjolkgXq7P`$#<|Mf)#dNkLTN?T^Ql*kZ`iwUFk@ zV}=jnz!~*IoY5M&yb9ol-#O1k>Bx*KhC}fvRH7^PnvUl_q3H>In4c5N&}8vAp1!a9 z65}1UdA8wIE3QnDI*w33rSI@|Qbt6Qn71fwL`HIMf&VA zhW8g4Via*X`ms=P=RJq~QTU%Fm8oCi!^r4+CgTjoxI@*7vdRqbZqRSJ~+rS%G$s8`$P{vFis9+l9DsN zuIU30hCKEq*^^e8+}8Wa z%{kHF{0-<_3$kXdX$)Ct5scIka~D-w9Q-0xQ7LBt;+-7xX&PggqOs!8luT58D$;YN z)E}o~V<(nEKAxl*%-1J2)+c48t-ItWjQfuF6N~TFb{I|#v8aT>SU!k#r&)!J`~cMk zsc5Hm`W+!8WfXG!Z~{czO@<1Q)E29lKLt3?-8OXE=XJLK4~eluXKZmWos)$+VOy>C zbeZ}qo4QM#yZnfpQydoT_G`|%t(QCvM+3QI*C`L|sYTp~FVBxV*G3C=!K9ShEGx;& z{XI}&Oq{HC!y@fX3|#sojoS3$x6v+R-eEw>t5s7$W|M#!JX0Nx{jaQ@GJELJ_POiy zw`-ei(bmlTt?LNyen^j>N}*w?A5(lfmLD(c+g_hr&u)H(ls&ngAd-Lih*)RiYU9br z5X>7dJ2^Sx)9;sA6yjsElD3xLZr^I(Iu(OY3auL_&L&N!PNvrFiw-P)+?a9iUf=5O zH&r^d7TK@T*&Udy8w< zBAHzIv?A0#!j;SYO>{F*Le9*xaN0cU;A?WXsZ>%^YdCOyrWiJNk$v`w%iMf?Z^+#I z&ezI*{?)pEN3W5*l9rYXJwa)PU(1Ez!L>sq>s$l*;U=4t?GIb1SBiF!WLxVy=2#HL zi8^@MOev#kAYDnZ^~EH5>4t%e%#Z{sY;$J>`autkJ*8H6=+)*FYZ$$cxGdJ^#ofud z^QH#J^=#;HwlUQw1k~^9^1Q?$wXdBDUQ*+v|FNNZ>sgj!y~Y&fX?8T{U?o`ruBgha zmsj>J(MuUPm553N`-S?V!Ko(t(Po}bjh+F?);R_2{CM?!5ZMHJXV}kjj`Ot%obi#h zWnKA4aXNQj+Y^(vB?Bh4?3rd*?8%Ppqwev|7ZJe;?ezm zT%xP#IgDrERH;RLIlkyagXu|!sUBmRKIG8xwrzV!eY$q>`6d`YVqL0|kyNa4J!R$N zRJ&mU>FbSn$0nyd|3H@1Kh?lZZ@?y^Wa7ne=+6t;y%4xnIZIW4U56fL7K_kQnvZ+p48zY@6v*$OFmFw4*!Rf)^q1+V|9IO;&6nkDpB7Asy zHb+0$o4|Njsb=_4mQT^cP>1ci7b<>mvp73x@(X4b=d}@8L^7&`QtipL+UK-K(J7bJ-SEP}4Wt9XPguy-%|4s?)RK zeyBWaWEJMQ%D|DYLq9FKUnRYzG0=3>mj`#UGwV7{2YS?Y3jHLuD3AaW7pZ8D)icu< z$t+=0CFDci!TTf+U7)sKCSe7*&^r6#e)pEb82hUJF2~m-j;VSbSORq-S%@XBX0(c+ra!_&^^WX)s_6ZbC}nYWS`el z-6y++^2&Gm*ap9x(gaUd&rg2c56@+IHfg}NtjNj;vgQEqH zZW-3Rgkt-ege!;jV6z%h4(ODgdP(TKe~pTN*A<+htJ-5xYZTXu-Oiu7J>IDty0!Q2 zFFB5BG20cDT&au(@zCs46gEo?ld_M6luXly4Dsq*i!Y9E&tBZ@i+VM3IU;L*vhm8( zegs4BZ0ok(+1zdFxf18^b34)Y*xWW}>0WEv3ot)ri&x*jEjqSYRr}qkc@1FoYqZy; zfMb)9L`khdrr&BJtr?jlTvxHf5if(Sv3YNvitAxp&vaL|lxm7ScGHEUY2(RUfYdOH zpx>``*@D#hN17O)ws9lFQi&r5y3!hA9CK2*_=f=z;rpdg+W!duO7vq8FCd?Jr z^!z8#ta?nIo=b1C4qmThC2M%$IH^X>3OMe>$>6Y7wD3r4w$Ql#AaLB8xya0v3MGZk zI*uz|fP(V2Ss3qF}uFi^A zCPT{-9&*6UX#18?sA<{@Gb@d zVGO?xVrjWJAHC5DF81wfDi8W`3fM;`V?n)>WepVYIN>((TB=|nc9W)7(88!%vm*L2_0Z}3K!-IpA% za_Fuz7VlCsCA~Q<)<+^lKRYMPOD!y$(RD5QR<_m4cGIYQW^RFO7-Iz+f>9YNE==S7 z**#se;&T2CUcSZn(m;J~Ufwrcp^c21Iky6q#|QEWxo!taik?-ayNTmV7E{XwH(=E@ z*_-Z@AMK^SpLM@LH>=|2QvZ~I?Rca#y;6Qm+J#H*wjiCHuRQ+6@NnG5yI4o`Os>Lt z@-d40l<9{U&>7-ol-lw8L)qYYvZs%3tg2Bi;|G+juV^ zGbI0>6gP&4_h31`{oDO$c1s0P?C+M@OGER-)4!IR}(H@N4M)5yLNJ~$@@x|9pJjaljP5lKJpfLW(kFdDM}neN{HoGO4;~_2L)phZt;ZPIEf)Uua6!OX^i> z6q_0B2BgF`K4MZ%!k5Fc>cofj-HYAwo`{a0&~F1W4zF=H@uYsnBr&AVGPX7w1(h%M zAU~5=C}T6)YVU2^rT6#ec8SMRT6@)0Y;|O6&0i{YUmFN4rzbeaD0{E!x$jFz{PM#Y ziD>P<@B_mnJ9F>N1Z$l$s~(@YK7 zupK!cCBHwvCPwuk4b(2fW80hxX-l_?&*3<%{yDS?>2r9o)PGb>KjPIqRmo~~l$nZg z{p4xOPrsI^*crbs`ZY+-c02X1P2_?eERJKjdZZOKT5X3;EvKH;7XnmfQ|#J0MbW}P zXTSwgw(4pKfJMj%YO5@Iy$BntwuG-$l&fgUWoY$^b^n~KN#3+wFl-6gBQ_ktpo@G) zM-w5o(sW&>=Q1F2oGTqMf_JE1{PODJbjt7z4y>8qY+n5E`r`8QyDlw*3G}?Mj-$rP zti@lUBe&z1tvcgruQjTv&WbGY;k9%4A^OA3_pU(oXD#tnxez=^oO^h9{t%b2GzkO6 zPb5w-7dva#^7f2_wK8w5@0{zjSiUJPb0#yojg4@#-D}#s_LlEW-fQp3;4L|o#w#KS zcQ2lV>5tN)8+e5x>vTuDmWRwN&{Qz+)0dGWOWs5@OLcZb`Tn7sT=q3P{U#5!>Bu+> zWZgs$U>u8AbWDSlA-XoQZnr0}d0f5C6QKqJ8p&hIltF!7H_4_MdQ2LoG%X9O6@)2d z0u$a%%TXmanPbnicf^;AP`_h1yt0HS7Fbx{tK)FQQ(Cuq;GqZAK?dQl*W=o15!9pd zBoF6ha?X+XF zZEhw(@ljz({w_^`d*GC9m15Hpsk%pJ`?K}xlV<>54C_WrqJDo~Nn;HKVaRu)aCY|r8>EnZW!^x&1566!ZJ|Gel@VfbsA{-v8#yoEHVKms0MMIG$KR=Qn<3!Da z)Pw*JKKTa%LbfvaX93%IT+GTviYL56XpmdzfmK}a% zzDDG4$w$Ge%ZG<%4Q}X8Z`TrTE9Q8DE}@k{1x1{bob&6YEYCg@yeak`OL=+U&7Uke z?#$~qkL!x8(im3*O#~@vEcgc%nr8f@uqno4Dx)&Pm?r1qFW+G6P@3_LoA7Ji8SFh0 z3R@Rcm``ZSq2nupA;Ofx+xQWk+lO=0UH&j(*VixOUs;5vs_S$A#LM>-9;Ocp<8Yw3 zU?}oh=o@-Va^`lu@gU``7iHdbEsm?m*ckUrYs`>has&rAZ^0 zuerO`)K$s?;g&t{#!cL`HrXFJ&|svjv}CBgNg!wyugJ1Z66cQLFCmNbQPj8+K1o+y zWT7TTY_rI^QyGPH=w>pUrV(nq_R~!$rO?F~6 zUyDBaAp%ky5vIv_zCMoo6=#;$iaJ;}SykZj!TWdkF?cFY`@h3J5Y{TGRAs_R)Jj%v zf@mxN1Q0Df?qXjAUj?oC<6S^4(AU$F@?d%1PcPk_P8RaBE_@cek&q~F$v&2NzF#dl zvRFP%#O2WhuU7H&oLXl+rpU5hRC+1}Kb)S*%0B0+`#~tO`Z=&6ra~_WWGOeH{r1@1z}?yIAWF6Ijn8We~cMtbONvX*Fsi9OT1u@w!+mAyUKE5t%lt)KBgQ}IRe%yPN& z^L3pcO5jW&4q|Y{X4zZPbyBwVPJ-hj7954{LdJM~@sRd?KS`n@Yi!9+ zL6FJu_MD`2T3D}f5Xz)isuQFk&f!vqW+G;4Tfu7SmRUB))Z!Q@)!&XknNkQ{;>Et%RvM;6?=2t2#!dTCg!gT}hgNWY>iL>1bU3|+HE>aB`;Bj) zW-=I*XX4c^1pDkOji*Xb(SK@cK71N&l|x2jz^{8VozQwz>z>6jT45xiX#(koz7gx3 zxWR17g$6mgv$Q?l}$Bq4^!9(Ye-F>yhDNCSywmH72DQL$!*PWwr-OJ;eJ5%RdZ{fM-2Lx*)aP

z=6jMAJ6|dz<60lfCd-vG=_3r(FRMsr07=5_D|5OU?nUNJK&xP~a>|YauXt`a29d=U zi~0Fj_E^>&W3BlP@nBY3s~$bHI`citu^4NYiMIAh(!{#hUDD@M?|Mc=vpBD-lM;{R zZ;|K%&hJyJz;vB@@!_+BoWX4mQk5xs+3V<$o~0z2de)x{)4V3vuuL>m*y-7~j5HPE zQX}|L(1gs;2NfzL&nHN}7ucYd)#A2og-7PNIwS?aw$yFG7F`Sl(HqJ3$bn?eF{}X(^fY&XXZP0XmXCSjFOX%1}jxZ`rNYC*{!nZ zo^C)itp;c_O{-IlPnv5bBDk$z_S2Psvjs7{W z3+u-?`V}Ps2{z0nWs|W^FKhbv6*TlC9a1til3knJOQR3Sp!zlQeOsPSRbGF|)pIhu zhdq2X?brTrct)r#923LSbA2%AYY}wV#6t;tt>ROl<&shTOK#nPoBA@F)8TFG!w$%$ zn+$GcnKW%(%U$&`zS*gBu$xehc@ZX~Xv^XFyy?BGl3|BlTr@Yq#Ag=nNmJy6J(HL` z4A<9hWNwx^+uokIicSmt988W1Oso_zv8mrv8os)>xRtjT)yxSJSZ4c`vgOUjhxHtDTpx-NRg0MWwSU|d}=Tz%@O?rcl&*9twI zfl#6@J5MyHsIxz>AnHo?!W@yYsB*>ER_SP1;PXnO z5tR_5Z}FxRvH^<52P@wMH%dQ^d<^n5OiX{>ij1CHU9C=L;86zpIk5?HEtf~rpWpSO z)0|w{N-ocM9v&XX06C6Pn5V_w5ErWi9e!!w9^UsiQq8n~3;}rbTL~ZW3i33F=U4Ss zT)NUGB1`TG*U7ohjv!>#2bvf&N7;2>+*@9}{sB}DlzYc6x|A(xx2hA~;0nsfCvc7e z-LdIL9DLRZ91r_zN^khEuXPVcXc#gjK%_Gry96 z$N=zAQW;$p2Z&Sowq$fMXMNf?dQjkFMG$}wS7++>v*ykj+Nq}jeV?dpsd{?qgBesS^Gq-lB)U|cWhwgH55$^`Q;?v*U*@=PC_dLh3vkUqeET^vb?e>bHS8tugn z)m(sOnEYpxUlY*{_V$Gqgi0FzpZ2c&t*L8k*AN7ZGFTJ`W|K050-`{HTqbh}lY%It zX)8z+6ion`3W3&OQGo-Z5J0Sv7F#P-20=g~XhC8KL4_~`c`gt_nG_^41nv$XU_Za_ z`v-1*$djCNviDi|EFzn=&F7($ut&9ctxA#aha=H#d2} z5owb_mZgx%8jz1Gf-Z6Ok`B6IC3KIZetuI*Nh%oywC)VJsM4GJU^^}DiT_SeOGXn^ zFSzsk&R_rjE4A&(kEn34?MiQJN?>?1C|0)lo5F4-#ZFXvBJ=U_!|RkZ*fj|M#K3_z z+>FPpnaim)J(lQW3mPMFIw(Iq;wI?d_$c{F6)?{@LI63Bysbt7UpK~_iFs#sHJ~~g z<7#I!Ud!~I1X;fHnc)Y`|h zX=&Yo@J2ajO_tIHSYwcvkmM0_-U89Yr5LehLgOJC`}R{=XpXTTbG_!AkeVDRwM->SZE^N++lVOCaF z_MK{$YHCtzDk1?ho<+6ap-!Mj3!BP2!8S;EGf6yWU(WdLLCFViooKyzreZ@ot(b)7 zrq_|qRcHSV@SxCZ8`5`C+XJrgVrbLdp07b2Yx`e8fobPz;0(d8!Q7K4Pm)2J=Le&h zdfOJTi@hdU8-dX*{*k^NX31GA>!+V?by*=P<=hr^wtkzITKCybxFrM4{j+Y&A@cgA zjlhKM#QLOqd3xsZt9$gjcw2o#Zi0?}y>mxbA$Wbi3crgE98eEeHSX3Xg%SrV~K?(V=y6W<+*l9HLTfeH)EYmfv?DpW6B0Cbx zKyIqBO8eWop#3dM#o5_%P$k4!aEyO=2|)dE9H)yw<{XTIFYP*98+0BhMLLPzPRz@(5#!CU0o`8O5gi~)*S`1$c}@xQ_QMkoU2S`$bs;jrL{IOeHv1L za}3y4M8`>nxV_LrU+$fp(2TPsqbQpdx9$11-g?ufP5k}*{7GIUZO?blvN8KNR{HS} z5joS{FpJR4d^hh%m|Rg>(FXb8tf7osJ=_iL0)D)lYiM5Xh>IU}QLk8g$!Ag;0~)zO zsx4Z~;*ZgYVk{5fPogsAOMjzVqD9^u$@9zEn?gjH((pm}85CXSylI=+s&OEZ(x$t{ z<+s~uBRC{0Xy0%~+%*rI&WeLN!F9GmWH|%G6 z6UJY0&f|9xeR=S^h**ga2q(Y6Z@pcb_z_4Um zpovf=b#}-jjlG%F1W>moaPTiEM_14c=j*24G;tEkPLWk?_u#ZJRI|&GO-(&RwexJ# zHNRH@L4ezvnjo8by>SRgjyBW@ zRa$oOs#*(OCHq%d@#XSDd^*m`OxDEeHSlQ(PI0< z23kG79BX*SDcYWs#IR9mGx1r3dMTV1Gyp_X=GL`T!;0;D&yy@XIiv6}`vMwm}&x^l^N5!({S0$a`kt|Nd$fGnXM+5#eECP6BrpYZkABV2(PAaDgZtNsr!x07Nv zkh4ls=o;{FJ=xds;bnRxT66?9a4Q$>vq>+(a+KgZm^eLRHobCcSU*%ltm8hkyG{{} zt_nxveS8n8K_Yahc4JohnXd#?n3p!`Gp^Bwg6AkVMgzKh8SY3pFBibH1t_N+|1^K3tZ>NchEavy_w2!)B;5qtDK z1*~Jfkom*l4+Zwl6{f61I(Y($*{dmc8|tk?nR@>m;FX%o&`iLlqsABdHRG{lIkD2j z=8IMD0J4J;gO_Ai4lN#EdZXY#Om!SOYrO5_^=nS91OKN7E?|V;1hT}R9AEmHoC$PJ zSJg^da zF_edig2Leo?fOi@Lpl5mTJijA+{|6lXlHB~k}^PrU#F4FNvA{p&!$phf}_XorIDlM z!&FCdA6bPD@@7LZD*8pw5pMjh(!0HHdH3`LkKt&i=vwng!l|KN)&J$T{=kC0M$wSg zddk2>Rt4>eB5!sUec8#oFhGxZpESy6)a1%RLulZ#)Xez-WfoOJ4-D5hQV)fG4}DYS z{WH<-<)F2!0cJ!cR%FAf7^xD@ za`l<+Y+~=gLHLP?m`0|PP8+AL4h2^!FaETf;w72GoBa~)uf$}|9py+{Dr_^Kx38#(u@%eEME<#pE+bKaVI*i`{{p z*aCG*ZDBz&x{sitYn5Y#!ubH`mR%lLLXTioOe1q*Nvp%PHIXC%YlbkF%3*NAXzAN| zMh_~=Tq9UqhOL=I>r`i~ZV6L#n%~vlcbUm%4xBx^yn$*>m=rhFZ;(bR*#1LCnO5Nl zg*bbhr(a}TAN)&38`8vdgiug_jyxu!!DSo#Pf+KT2Xh~Iu)WU(@Or41R6pA4T4zl8 zT@21wLbl&m#EHK9Z`H4th>S;S3oIb2IbU^x=Q|kX$G+tQ`6n&Rx0{!LlY^ab<#%a# zUrtE*gg`587leo#ydd$MpG&fox_R7>lgBtmMp;VXJFuKOkc^8+P8+F?x<89ID7bN+>_7aoLye+aw$HSH?akTRfiQ?xq<7mer4{7VmyIgIx)DmgHq0=uS7 z=FnXd|2}<=mG`E){EJB<ytmM14z_%LZ>c|6|EBq#CBN)F&n=xC zJihn0Uv%vIy%)p%T4gWO#bA97cl`WVXtT2=qwD!EaLCqyxsXwp$jd@rR*tYVo5nKt z&2jx~5CrzT84)ULdiL{{4d!-u5Xr0QM5z`0KcPSem~3-{Y<1UaeDzAo)MhYxG$M9< fzHf>dYA)XQdGfOlQBK#s058bF)&37#LgIe_eGO*& literal 0 HcmV?d00001