From e152e734c24347ed8adea722e8d4dd61292e61ba Mon Sep 17 00:00:00 2001 From: Nahuel Date: Mon, 30 Jan 2023 14:13:23 +0100 Subject: [PATCH] Doc: Update security docs related to SSO and JWT configuration (#10002) * Doc: Update security docs related to SSO and JWT configuration * Minor typo fix --- .../security/amazon-cognito-sso/index.md | 11 -- .../deployment/security/auth0/index.md | 5 +- .../deployment/security/azure/index.md | 5 +- .../deployment/security/basic-auth/index.md | 119 +++++------------- .../deployment/security/enable-jwt-tokens.md | 59 ++++----- .../deployment/security/google/index.md | 5 +- .../deployment/security/keycloak/index.md | 8 ++ .../content/deployment/security/ldap/index.md | 113 ++++------------- .../content/deployment/security/okta/index.md | 5 +- .../deployment/security/one-login/index.md | 5 +- .../security/enable-jwt/bot-jwt-token.png | Bin 0 -> 94313 bytes 11 files changed, 104 insertions(+), 231 deletions(-) create mode 100644 openmetadata-docs/images/deployment/security/enable-jwt/bot-jwt-token.png diff --git a/openmetadata-docs/content/deployment/security/amazon-cognito-sso/index.md b/openmetadata-docs/content/deployment/security/amazon-cognito-sso/index.md index 4bd20e15181..9d3b219bb69 100644 --- a/openmetadata-docs/content/deployment/security/amazon-cognito-sso/index.md +++ b/openmetadata-docs/content/deployment/security/amazon-cognito-sso/index.md @@ -86,14 +86,3 @@ After the applying these steps, you can update the configuration of your deploym ## Configure Ingestion The ingestion can be configured by [Enabling JWT Tokens](/deployment/security/enable-jwt-tokens). - -When setting up the YAML config for the connector, update the `workflowConfig` as follows: - -```yaml -workflowConfig: - openMetadataServerConfig: - hostPort: http://localhost:8585/api - authProvider: openmetadata - securityConfig: - jwtToken: jwt_token -``` diff --git a/openmetadata-docs/content/deployment/security/auth0/index.md b/openmetadata-docs/content/deployment/security/auth0/index.md index 5b19cc5158a..2417c350ed0 100644 --- a/openmetadata-docs/content/deployment/security/auth0/index.md +++ b/openmetadata-docs/content/deployment/security/auth0/index.md @@ -47,9 +47,10 @@ Follow the sections in this guide to set up Auth0 SSO. credentials -## Create Service Account +## Create Service Account (optional) -This section will guide to create the Ingestion Bot service account. +This is a guide to create ingestion bot service account. This step is optional if you configure the ingestion-bot with +the JWT Token, you can follow the documentation of [Enable JWT Tokens](/deployment/security/enable-jwt-tokens). ### Step 1: Enable Client-Credential diff --git a/openmetadata-docs/content/deployment/security/azure/index.md b/openmetadata-docs/content/deployment/security/azure/index.md index ed86f0e479e..abb71335c82 100644 --- a/openmetadata-docs/content/deployment/security/azure/index.md +++ b/openmetadata-docs/content/deployment/security/azure/index.md @@ -49,7 +49,10 @@ Admin permissions are required to register the application on the Azure portal. "authority": "https://login.microsoftonline.com/c11234b7c-b1b2-9854-0mn1-56abh3dea295" ``` -## Create Service Application +## Create Service Application (optional) + +This is a guide to create ingestion bot service account. This step is optional if you configure the ingestion-bot with +the JWT Token, you can follow the documentation of [Enable JWT Tokens](/deployment/security/enable-jwt-tokens). ### Step 1: Access Tokens and ID Tokens diff --git a/openmetadata-docs/content/deployment/security/basic-auth/index.md b/openmetadata-docs/content/deployment/security/basic-auth/index.md index 22fb10dcc7f..a466f6c74f5 100644 --- a/openmetadata-docs/content/deployment/security/basic-auth/index.md +++ b/openmetadata-docs/content/deployment/security/basic-auth/index.md @@ -22,7 +22,7 @@ Below are the required steps to set up the Basic Login: ### Authentication Configuration -- The following configuration controls the auth mechanism for OpenMetadata. Update the mentioned fields as required. +The following configuration controls the auth mechanism for OpenMetadata. Update the mentioned fields as required. ```yaml authenticationConfiguration: @@ -34,17 +34,14 @@ authenticationConfiguration: For the Basic auth we need to set: -- `provider -> basic` - -- `publicKeyUrls -> {http|https}://{your_domain}:{port}}/api/v1/config/jwks` - -- `authority -> {your_domain}` - -- `enableSelfSignup -> This flag indicates if users can come and signup by themselves on the OM` +- `provider`: basic +- `publicKeyUrls`: {http|https}://{your_domain}:{port}}/api/v1/config/jwks +- `authority`: {your_domain} +- `enableSelfSignup`: This flag indicates if users can come and signup by themselves on the OM ### Authorizer Configuration -- This configuration controls the authorizer for OpenMetadata: +This configuration controls the authorizer for OpenMetadata: ```yaml authorizerConfiguration: @@ -55,104 +52,48 @@ authorizerConfiguration: For the Basic auth we need to set: -- `adminPrincipals -> admin usernames to bootstrap the server with, comma-separated values` - -- `allowedEmailRegistrationDomains -> This controls what all domain are allowed for email registration can be your {princialDomain} as well, for example gmail.com, outlook.comm etc.` - -- `principalDomain -> This controls what all domain are allowed for email registration, for example gmail.com, outlook.comm etc.` +- `adminPrincipals`: admin usernames to bootstrap the server with, comma-separated values. +- `allowedEmailRegistrationDomains`: This controls what all domain are allowed for email registration can be your {princialDomain} as well, for example gmail.com, outlook.comm etc. +- `principalDomain`: This controls what all domain are allowed for email registration, for example gmail.com, outlook.comm etc. -Please note the following are the formats to bootstrap admins on server startup: +Please note the following are the formats to bootstrap admins on server startup: `[admin1,admin2,admin3]` -`[admin1,admin2,admin3]` +This works for SMTP-enabled servers, Login Password for these are generated randomly and sent to the mail `adminName`@`principalDomain`. -- This works for SMTP-enabled servers, Login Password for these are generated randomly and sent to the mail {adminName}@{principalDomain}. If SMTP is not enabled for OpenMetadata, please use the below method to create admin users. +If SMTP is not enabled for OpenMetadata, please use the below method to create admin users: `[admin1:password1,admin2:password2,admin3:password3]` -`[admin1:password1,admin2:password2,admin3:[password3]]` - -- This allows to bootstrap the server with given password, later on can be changed by specific users by visiting profile page. +This allows to bootstrap the server with given password, later on can be changed by specific users by visiting profile page. -### Jwt Configuration +## Metadata Ingestion -- Please note that the JWT Configuration is mandatory to work with UserName/Password Login. +For ingesting metadata when Basic Auth is enabled, it is mandatory to configure the `ingestion-bot` account with the JWT +configuration. To know how to enable it, you can follow the documentation of [Enable JWT Tokens](/deployment/security/enable-jwt-tokens). -```yaml -jwtTokenConfiguration: -rsapublicKeyFilePath: ${RSA_PUBLIC_KEY_FILE_PATH:-"./conf/public_key.der"} -rsaprivateKeyFilePath: ${RSA_PRIVATE_KEY_FILE_PATH:-"./conf/private_key.der"} -jwtissuer: ${JWT_ISSUER:-"open-metadata.org"} -keyId: ${JWT_KEY_ID:-"Gb389a-9f76-gdjs-a92j-0242bk94356"} -``` - - - -By default, the `jwtTokenConfiguration` is shipped with OM. - -### For Local/Testing Deployment - -- You can work with the existing configuration or generate private/public keys. - -### For Production Deployment - -- It is a **MUST** to update the JWT configuration. The following steps can be used. - -- Generating Private/Public Keys - -```commandline -openssl genrsa -out private_key.pem 2048 -openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt -openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der -``` - -Update below with path of above generated private_key.der and public_key.der. - -```yaml -rsapublicKeyFilePath: ${RSA_PUBLIC_KEY_FILE_PATH:-"./conf/public_key.der"} -rsaprivateKeyFilePath: ${RSA_PRIVATE_KEY_FILE_PATH:-"./conf/private_key.der"} -``` - -Jwt Issuer can be your `principalDomain` - -```yaml -jwtissuer: ${JWT_ISSUER:-"open-metadata.org"} -``` - -The `KeyID` is a randomly generated UUID string. Use any UUID generator to get a new `KeyID`. - -```yaml -keyId: ${JWT_KEY_ID:-"Gb389a-9f76-gdjs-a92j-0242bk94356"} -``` - - ### Setting up SMTP Server -- Basic Authentication is successfully set. For a better login experience, we can also set up the SMTP server to allow the users to - Reset Password, Account Status Updates etc. as well. +Basic Authentication is successfully set. For a better login experience, we can also set up the SMTP server to allow the +users to Reset Password, Account Status Updates, etc. as well. ```yaml email: - emailingEntity: ${OM_EMAIL_ENTITY:-"OpenMetadata"} -> Company Name (Optional) - supportUrl: ${OM_SUPPORT_URL:-"https://slack.open-metadata.org"} -> SupportUrl (Optional) - enableSmtpServer : ${AUTHORIZER_ENABLE_SMTP:-false} -> True/False - openMetadataUrl: ${OPENMETADATA_SERVER_URL:-""} -> {http/https}://{your_domain} - serverEndpoint: ${SMTP_SERVER_ENDPOINT:-""} -> (Ex :- smtp.gmail.com) - serverPort: ${SMTP_SERVER_PORT:-""} -> (SSL/TLS port) - username: ${SMTP_SERVER_USERNAME:-""} -> (SMTP Server Username) - password: ${SMTP_SERVER_PWD:-""} -> (SMTP Server Password) + emailingEntity: ${OM_EMAIL_ENTITY:-"OpenMetadata"}`: Company Name (Optional) + supportUrl: ${OM_SUPPORT_URL:-"https://slack.open-metadata.org"}`: SupportUrl (Optional) + enableSmtpServer : ${AUTHORIZER_ENABLE_SMTP:-false}`: True/False + openMetadataUrl: ${OPENMETADATA_SERVER_URL:-""}`: {http/https}://{your_domain} + serverEndpoint: ${SMTP_SERVER_ENDPOINT:-""}`: (Ex :- smtp.gmail.com) + serverPort: ${SMTP_SERVER_PORT:-""}`: (SSL/TLS port) + username: ${SMTP_SERVER_USERNAME:-""}`: (SMTP Server Username) + password: ${SMTP_SERVER_PWD:-""}`: (SMTP Server Password) transportationStrategy: ${SMTP_SERVER_STRATEGY:-"SMTP_TLS"} ``` - -- Following are valid value for transportation Strategy +Following are valid value for transportation strategy: - `SMTP -> IF SMTP port is 25 use this` - - `SMTPS -> IF SMTP port is 465 use this` - - `SMTP_TLS -> IF SMTP port is 587 use this` - - \ No newline at end of file +- `SMTP`: If SMTP port is 25 use this +- `SMTPS`: If SMTP port is 465 use this +- `SMTP_TLS`: If SMTP port is 587 use this diff --git a/openmetadata-docs/content/deployment/security/enable-jwt-tokens.md b/openmetadata-docs/content/deployment/security/enable-jwt-tokens.md index 14c321545e5..3f1bb451a4a 100644 --- a/openmetadata-docs/content/deployment/security/enable-jwt-tokens.md +++ b/openmetadata-docs/content/deployment/security/enable-jwt-tokens.md @@ -18,7 +18,13 @@ this gap, we shipped JWT token generation and authentication within OpenMetadata ## Create Private / Public key -To create private/public key use the following commands +### For local/testing deployment + +You can work with the existing configuration or generate private/public keys. By default, the `jwtTokenConfiguration` is shipped with OM. + +### For production deployment + +It is a **MUST** to update the JWT configuration. To create private/public key use the following commands can be used: ```commandline openssl genrsa -out private_key.pem 2048 @@ -56,32 +62,40 @@ authenticationConfiguration: provider: ${AUTHENTICATION_PROVIDER:-no-auth} # This will only be valid when provider type specified is customOidc providerName: ${CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME:-""} - publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[https://www.googleapis.com/oauth2/v3/certs]} + publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[{your SSO public keys URL}]} authority: ${AUTHENTICATION_AUTHORITY:-https://accounts.google.com} clientId: ${AUTHENTICATION_CLIENT_ID:-""} callbackUrl: ${AUTHENTICATION_CALLBACK_URL:-""} jwtPrincipalClaims: ${AUTHENTICATION_JWT_PRINCIPAL_CLAIMS:-[email,preferred_username,sub]} ``` -add `http://localhost:8585/api/v1/config/jwks` to `publicKeyUrls`. You should append to the existing configuration such that +add `http://{your domain}:8585/api/v1/config/jwks` to `publicKeyUrls`. You should append to the existing configuration such that your SSO and JWTToken auth verification will work. +```yaml + publicKeyUrls: ${AUTHENTICATION_PUBLIC_KEYS:-[{your SSO public keys URL}, http://{your domain}:8585/api/v1/config/jwks]} +``` + Once you configure the above settings, restart OpenMetadata server . ## Generate Token Once the above configuration is updated, the server is restarted. Admin can go to Settings -> Bots page. -bots +Bot settings page -Click on the generate token to create a token for the ingestion bot. +Click on the `ingestion-bot`. The current token can be revoked, or you can create a new one. + +Bot credentials edition ## Configure Ingestion The generated token from the above page should pass onto the ingestion framework so that the ingestion can make calls securely to OpenMetadata. Make sure this token is not shared and stored securely. -### Using Airflow APIs +After `0.12.1` version, we don't need any other additional change in the configuration after configuring the `ingestion-bot`. + +### Using Airflow APIs (only before 0.12.1) If you are using OpenMetadata shipped Airflow container with our APIs to deploy ingestion workflows from the OpenMetadata UIs. Configure the below section to enable JWT Token @@ -101,43 +115,18 @@ airflowConfiguration: In the above configuration, you can see we configure `authProvider` to be "openmetadata" and `OM_AUTH_JWT_TOKEN` with the JWT token that was generated in the bots page. -### Using Ingestion Framework +### Running Ingestion from CLI -If you are running your own Airflow and using the ingestion framework from OpenMetadata APIs. Add the below -configuration to the workflow configuration you pass onto the ingestion framework +If you are running the ingestion from CLI. Add the below configuration to the workflow configuration you pass: ```yaml -source: - type: bigquery - serviceName: local_bigquery - serviceConnection: - config: - type: BigQuery - credentials: - gcsConfig: - type: service_account - projectId: project_id - privateKeyId: private_key_id - privateKey: private_key - clientEmail: gcpuser@project_id.iam.gserviceaccount.com - clientId: client_id - authUri: https://accounts.google.com/o/oauth2/auth - tokenUri: https://oauth2.googleapis.com/token - authProviderX509CertUrl: https://www.googleapis.com/oauth2/v1/certs - clientX509CertUrl: clientX509CertUrl - sourceConfig: - config: - type: DatabaseMetadata -sink: - type: metadata-rest - config: {} workflowConfig: openMetadataServerConfig: hostPort: http://localhost:8585/api authProvider: openmetadata securityConfig: - jwtToken: + jwtToken: ``` In the above section, under the `workflowConfig`, configure `authProvider` to be "openmetadata" and under `securityConfig` -section, add "jwtToken" and its value from the ingestion bot page. +section, add `jwtToken` and its value from the ingestion bot page. diff --git a/openmetadata-docs/content/deployment/security/google/index.md b/openmetadata-docs/content/deployment/security/google/index.md index c9601fb5df9..d9cbf0ef97b 100644 --- a/openmetadata-docs/content/deployment/security/google/index.md +++ b/openmetadata-docs/content/deployment/security/google/index.md @@ -72,9 +72,10 @@ After selecting the **Application Type**, name your project and give the authori - You will find the **Client ID** and **Client Secret** in the top right corner find-clientid-and-secret -## Create Service Account +## Create Service Account (optional) -This is a guide to create ingestion bot service account. +This is a guide to create ingestion bot service account. This step is optional if you configure the ingestion-bot with +the JWT Token, you can follow the documentation of [Enable JWT Tokens](/deployment/security/enable-jwt-tokens). ### Step 1: Create Service-Account - Navigate to your project dashboard diff --git a/openmetadata-docs/content/deployment/security/keycloak/index.md b/openmetadata-docs/content/deployment/security/keycloak/index.md index 1260897de27..a7e8d9984bf 100644 --- a/openmetadata-docs/content/deployment/security/keycloak/index.md +++ b/openmetadata-docs/content/deployment/security/keycloak/index.md @@ -45,6 +45,14 @@ Follow the sections in this guide to set up Keycloak SSO. - Click on `Save` button. + + + +Configuring a service account in Keycloak is optional if you configure the ingestion-bot with +the JWT Token, you can follow the documentation of [Enable JWT Tokens](/deployment/security/enable-jwt-tokens). + + + ### Step 5: Where to Find the Credentials - Navigate to the `Credentials` tab. diff --git a/openmetadata-docs/content/deployment/security/ldap/index.md b/openmetadata-docs/content/deployment/security/ldap/index.md index af5796bab74..a2cb21e34f4 100644 --- a/openmetadata-docs/content/deployment/security/ldap/index.md +++ b/openmetadata-docs/content/deployment/security/ldap/index.md @@ -3,20 +3,18 @@ title: Ldap Authentication slug: /deployment/security/ldap --- -# Ldap Authentication +# Setting up Ldap Authentication OpenMetadata allows using LDAP for validating email and password authentication. Once setup successfully, the user should be able to sign in to OpenMetadata using the Ldap credentials. -# Setting up Ldap Authentication - Below are the required steps to set up the LDAP Authentication: ## Set up Configurations in openmetadata.yaml ### Authentication Configuration -- The following configuration controls the auth mechanism for OpenMetadata. Update the mentioned fields as required. +The following configuration controls the auth mechanism for OpenMetadata. Update the mentioned fields as required. ```yaml authenticationConfiguration: @@ -31,7 +29,7 @@ authenticationConfiguration: "dnAdminPassword": ${AUTHENTICATION_LOOKUP_ADMIN_PWD:-"secret"} "userBaseDN": ${AUTHENTICATION_USER_LOOKUP_BASEDN:-"ou=people,dc=example,dc=com"} "mailAttributeName": ${AUTHENTICATION_USER_MAIL_ATTR:-email} - #optional + # Optional "maxPoolSize": ${AUTHENTICATION_LDAP_POOL_SIZE:-3} "sslEnabled": ${AUTHENTICATION_LDAP_SSL_ENABLED:-true} "keyStorePath": ${AUTHENTICATION_LDAP_KEYSTORE_PATH:-"/Users/mohityadav/sslTest/client/keystore.ks"} @@ -42,29 +40,22 @@ authenticationConfiguration: For the LDAP auth we need to set: -OpenMetadata Specific Configuration :- +OpenMetadata Specific Configuration : -- `provider -> ldap` - -- `publicKeyUrls -> {http|https}://{your_domain}:{port}}/api/v1/config/jwks` - -- `authority -> {your_domain}` - -- `enableSelfSignup -> This has to be false for Ldap.` +- `provider`: ldap +- `publicKeyUrls`: {http|https}://{your_domain}:{port}}/api/v1/config/jwks +- `authority`: {your_domain} +- `enableSelfSignup`: This has to be false for Ldap. Mandatory LDAP Specific Configuration: -- `host -> hostName for the Ldap Server (Ex - localhost)` - -- `port -> port of the Ldap Server to connect to (Ex - 10636)` - -- `dnAdminPrincipal -> This is the DN Admin Principal(Complete path Example :- cn=admin,dc=example,dc=com ) with a lookup access in the Directory` - -- `dnAdminPassword -> Above Admin Principal Password` - -- `userBaseDN -> User Base DN(Complete path Example :- ou=people,dc=example,dc=com)` +- `host`: hostName for the Ldap Server (Ex - localhost). +- `port`: port of the Ldap Server to connect to (Ex - 10636). +- `dnAdminPrincipal`: This is the DN Admin Principal(Complete path Example :- cn=admin,dc=example,dc=com ) with a lookup access in the Directory. +- `dnAdminPassword`: Above Admin Principal Password. +- `userBaseDN`: User Base DN(Complete path Example :- ou=people,dc=example,dc=com). @@ -74,21 +65,16 @@ Please see the below image for a sample LDAP Configuration in ApacheDS. Advanced LDAP Specific Configuration (Optional): -- `maxPoolSize -> Connection Pool Size to use to connect to LDAP Server.` - -- `sslEnabled -> Set to true if the SSL is enable to connecto to LDAP Server.` - -- `keyStorePath -> Path of Keystore in case the sslEnabled is set to true` - -- `keyStorePassword -> Truststore Password` - -- `truststoreFormat -> TrustStore Format (Example :- JKS)` - -- `verifyCertificateHostname -> Controls using TrustAllSSLSocketVerifier vs HostNameSSLSocketVerifier. In case the certificate contains cn=hostname of the Ldap Server set it to true.` +- `maxPoolSize`: Connection Pool Size to use to connect to LDAP Server. +- `sslEnabled`: Set to true if the SSL is enable to connecto to LDAP Server. +- `keyStorePath`: Path of Keystore in case the sslEnabled is set to true. +- `keyStorePassword`: Truststore Password. +- `truststoreFormat`: TrustStore Format (Example :- JKS). +- `verifyCertificateHostname`: Controls using TrustAllSSLSocketVerifier vs HostNameSSLSocketVerifier. In case the certificate contains cn=hostname of the Ldap Server set it to true. ### Authorizer Configuration -- This configuration controls the authorizer for OpenMetadata: +This configuration controls the authorizer for OpenMetadata: ```yaml authorizerConfiguration: @@ -98,59 +84,10 @@ authorizerConfiguration: For the Ldap we need to set: -- `adminPrincipals -> This is the list of admin Principal for the OpenMetadata , if mail in ldap is example@openmetadata.org, then if we want this user to be admin in the OM, we should add 'example', in this list` +- `adminPrincipals`: This is the list of admin Principal for the OpenMetadata , if mail in ldap is example@openmetadata.org, then if we want this user to be admin in the OM, we should add 'example', in this list. +- `principalDomain`: Company Domain. -- `principalDomain -> Company Domain` +## Metadata Ingestion -### Jwt Configuration - -- Please note that the JWT Configuration is mandatory to work with Ldap Authentication. - -```yaml -jwtTokenConfiguration: -rsapublicKeyFilePath: ${RSA_PUBLIC_KEY_FILE_PATH:-"./conf/public_key.der"} -rsaprivateKeyFilePath: ${RSA_PRIVATE_KEY_FILE_PATH:-"./conf/private_key.der"} -jwtissuer: ${JWT_ISSUER:-"open-metadata.org"} -keyId: ${JWT_KEY_ID:-"Gb389a-9f76-gdjs-a92j-0242bk94356"} -``` - - - -By default, the `jwtTokenConfiguration` is shipped with OM. - -### For Local/Testing Deployment - -- You can work with the existing configuration or generate private/public keys. - -### For Production Deployment - -- It is a **MUST** to update the JWT configuration. The following steps can be used. - -- Generating Private/Public Keys - -```commandline -openssl genrsa -out private_key.pem 2048 -openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key.pem -out private_key.der -nocrypt -openssl rsa -in private_key.pem -pubout -outform DER -out public_key.der -``` - -Update below with path of above generated private_key.der and public_key.der. - -```yaml -rsapublicKeyFilePath: ${RSA_PUBLIC_KEY_FILE_PATH:-"./conf/public_key.der"} -rsaprivateKeyFilePath: ${RSA_PRIVATE_KEY_FILE_PATH:-"./conf/private_key.der"} -``` - -Jwt Issuer can be your `principalDomain` - -```yaml -jwtissuer: ${JWT_ISSUER:-"open-metadata.org"} -``` - -The `KeyID` is a randomly generated UUID string. Use any UUID generator to get a new `KeyID`. - -```yaml -keyId: ${JWT_KEY_ID:-"Gb389a-9f76-gdjs-a92j-0242bk94356"} -``` - - \ No newline at end of file +For ingesting metadata when LDAP is enabled, it is mandatory to configure the `ingestion-bot` account with the JWT configuration. +To know how to enable it, you can follow the documentation of [Enable JWT Tokens](/deployment/security/enable-jwt-tokens). diff --git a/openmetadata-docs/content/deployment/security/okta/index.md b/openmetadata-docs/content/deployment/security/okta/index.md index fb4324099d1..3a0b8651038 100644 --- a/openmetadata-docs/content/deployment/security/okta/index.md +++ b/openmetadata-docs/content/deployment/security/okta/index.md @@ -115,9 +115,10 @@ The Issuer URL shows up as Dynamic by default. Change the Issuer URL to Okta URL - The **Audience** is the same as the Client ID. click-edit-token -## Create Service Application +## Create Service Application (optional) -This is a guide to create ingestion bot service app. +This is a guide to create ingestion bot service app. This step is optional if you configure the ingestion-bot with +the JWT Token, you can follow the documentation of [Enable JWT Tokens](/deployment/security/enable-jwt-tokens). ### Step 1: Generate Public/Private Key Pair #### For a Test or Staging Instance: diff --git a/openmetadata-docs/content/deployment/security/one-login/index.md b/openmetadata-docs/content/deployment/security/one-login/index.md index f7b9091fa70..e2be206f2fb 100644 --- a/openmetadata-docs/content/deployment/security/one-login/index.md +++ b/openmetadata-docs/content/deployment/security/one-login/index.md @@ -44,7 +44,10 @@ Follow the sections in this guide to set up OneLogin SSO. - Copy the Issuer URL -## Create Service Account +## Create Service Account (optional) + +This step is optional if you configure the ingestion-bot with the JWT Token, you can follow the documentation of +[Enable JWT Tokens](/deployment/security/enable-jwt-tokens). ### Create Secret Key diff --git a/openmetadata-docs/images/deployment/security/enable-jwt/bot-jwt-token.png b/openmetadata-docs/images/deployment/security/enable-jwt/bot-jwt-token.png new file mode 100644 index 0000000000000000000000000000000000000000..4d256738199c06f76927a46cd58de9651aba589c GIT binary patch literal 94313 zcmdSAhgVbIwgwtN2!b>Vs5Au;5CIYC{Rb#W2bEr=ClES8N+5^|iZrE4Nkp1L=m{k> zMWq)Z1d>oxN`MfM-r>bF?m0*AyYCNpV`MNGJ3DjDwbz{A{AStDO^xrcv0P*U003wkM7sht{`C_8fCKb(wC+7}Sjq*~pZl`=^>tL3@6~U&46ch8-8sX1 zcZGS3(e}Dt+O6-QbAGM@- zO|hO`&bICb-d)vSl%ySo{F>2y@!X>1Djb5fwWgJ;(}$N)=C8xe0Q` zy>;3BsM^NHwI^szvrD1ycWngmGmF%m%YoGQ*ivu(Gb6%&k#~od6>_XWD=l`Eq8dtB z8KGmygttHA&vTm%2(X6RT>5c1`oJa$5#aXj!>)OEKWR*R z31nk-J- zf`^Y&(DL;&iwegdSi4}mQK1kn2sqzVj}*Q5R2 z4X7m(9%HM`9*t8nWeIh*)^XTJUFPJagW0T`19{df`7ygxb*f1ZpZfYho_3QY<=O1R z!==U?AVn$4hEK1tb0{eHQMf@7qPex3o#5WsyyJ;3mBv(*I(o|%<84Pixi))7Nhm)M zbBypwNbq!#zkqPtYVYSp7ahF@#_I<2nxoztH%`GC72nk0Mpt2ln zr$bcZ*F1ytsGBYQg~sQ%!6;h=O|MJyWf$U?W;;IEzoAdBaTw$2_$=6p$k~n=*%}gV zQP&gwsIGp&5rKmh#=Hx0Xl$E=72*rMtW5RQ@Wc)M%?1~UTr;G8_(Zhus^nhJK7|Q19Nb;0Q}1c%-v|)rJ$7Y#uV$_SH%xB0SQ%{G-uu zXAJKosEEIL^g8cI^C$k}AG|z`dyNP6yFSO-!~sM6d%yilCQDC3DBf-Tved13*djys zW^eO|eB+&fm+7+JR@KXJd-tnknNfG6ijcOlYaCu-~K@BHHeOfW1cXvw|2k6 z+A}^wsx^(VUnUv)d6KM<_ibdloqpz2W0?A69 zmP)=U_Q6AZDv_;O?BH^-kn2cHfL7W>=+rcHb)-(71UXHQ8M}uO8^*aYUB!G$NxB8p z!_hrzxiToPG^9I{rZ+#|?2aY~KYKverZat-`Xc&U)%#KaIJ#fB@!ptyR~22k&N)Hs z%Jq01=m{niA2$?cq z^jA>o>2qTMuhhG?1e4}n6ynBys2KZytDcD3s$xK|G@Da}fH- z5|^8f{jnQwNK4dh^#FhZ*1=EQ)ZiY)y6cu^`g;EL(OicGfGFtXd0ag6(0c4ZFzHF~ zWMmayx5Pp9YYb6zrL4L=B=cc~s>5`CQhURh=V1{m1RnrOA@6;adY5vYLw(za4+oKP zcW0aE#>$Sz8Sb>AVDQ-6 z|^g$-Kr4xe2GD@3_5ofCe+Z54iq+9suqPJn9257K+BZCP-y zzJCAknoRDe8#4@htc7xKoFAlFL1Qg_0Y5Xv^tO;^5)qPae~TDnlkcjZt(hwE{v14` zfM2oN_G!ExZ z-!4X`drtT*145maD-+K_H}%&c4`-cK!UhVAlQLa`ae=9I>FXNqD+GCuB4CXN+b<+H zCm$K`m;KVH4FOI}eg|DH3*&iyGAFRXEJLd5AuV`8wjDp23}jVKb+B|3Kwcozrcw;>H!!4&f(2t zqJprgO8$uw*xRqU>pjP%{tMiC!|+|U`959TRdUdjT&NyZlL`!$KWiGk7GYcORMn$l zkUJ#Gq6rCb=vbCjQBwGuiHB1Ctz&FB*fPfA%7>T6VD5^3A$BWSP@K>31bO9ht9a#d z9A*~>^j3gMbAa_v0@`RoQ})LZv+z4}8bR8H!N&yAtw{+vpKR|2XW6(5$y=Ls>Xo!8 zNLYr=i`!b+PY?09j`l%nSdd%O+Z4Vy)zvnF&-WWe;<7h(=GL$Ao3bf^Yu*EZC7J}oU&rM*zh{Niebev~3!h(*#nm@IzR-l|S$}N6ZUuJ;^J}Z$q507%^V=_;6@vCoFx?aurNTycaKHiuWTd-s zSFw6#%7MT{^QSvR{B8?f3FG3>R*oem!S&B9rGd{*9w~q7>ejM>oIK2&wg&omgW;)~ zpM7CWib+w-^NFw@syre}9`4PK9yKO**BCS}?W>?oo^E={j6@qF`ER5z#2(u&1P)#8 zXx^M!_pXpsuR6JcSKi5xw8U35@3tJOJgvPyf)=q5I8nh;lAFn%zDXm&Qfh!*?+aE- zwd#R(wexxkYNOHmfa{!Vw9_GE519LIZY@qnen*uWZ!|n|j3^-Lewu_4=(FV#K8|t| z(8q6l4@0sZ{wDj0n~SgIpgUW#c409|lSM7u=T2SyT6Oj6rrs@ShK%OThy)`6$CY=W zkenYvQA!F-XS`08^x-Z10O%N6tmm?qSi-YjqrMBFj4QpIaCs1LkR?@}ep4g3E{VRy zb*ZV~a9$!9+LalKmsaYx2)SSUZA_iYK>{5cJ;ol-CYww<8rdC8r z8b>z?v!!mDRV^yURahy+ijd8O=<;)4Rgb(L+wl3RqOp%8W6a_44Z^Z9-oL?}C;Zp$ zr}q1psOpO5x;L&Nb~)aTtz+eik%`#~m7Di?qQl2%OziEkl+_Q>Rh=3zSHJmdjK6D5f0{DU za-;?>2c~p|tu$FtzKbuM0<_(!&0RqLnmHLPm7gj$>UF#j_$hJO`Uex~;)F}OT3BG3 ziaeR!so81AjyHK}I!<2QL~7OvQRi6QCg^oxuLtf(BPi)@M1sTA4m~CV4 zibwBqja@2)Msl&}Zrxw>k1S7st$|}x{cVko?Ejhu|<(VAX zq2m`%9MNqDgzE9bZJh;M9Vz)b$8&1G*xA;NT}>=S>rWGWs_t7#Vv=61J0mN0aulPO zxNPhFQnK&l5yj8I*a^u)a8J8SEB8hF;xAR0_yWGW-nbF)<$-0m-ojSyKb}Hn&lMx5 z2^X_v3R{pZB|PTZoN0TL66gnMsnMWr?S@ZbOM&>8VHqpwF0`~ISEcpFdES(69noQd z)rP)2Yu}YtGYWEb?UHzpRcr*hHhknC&7g$lJsosuMKZ5KnL&f7Nl9IXU@6A(w8>G) zWLjaR;7%hyEuD!k?-#K6D_GDnGCHt-r`bi`IGbz4bA#vctfn_9$*gkl&zul!KJ{+s zsxv}DUL{JGy&-6qP3J`UT=&_nW?V*J%={Oh?-iG+*Ou~1xoIif2$3`}O5ANHH;Umc z5n?Y53llTh8KT`DdX5#_#wz#mkxZ%>)-2Y1@jo5rp7)rI2xv z-6_RqwTvCpO+ziO)O`HJ0^iU6K($?PRhAH+JpS(XqvA;{tqc5TNcln2s$_VZu%sjMz zW0K3c*4JG_6k`(;Um(H9MAjZrEFJr4O^6Ys*(h6Xpy+;Y-G?`>kNicW^iEk%f&tUd;epubdqD9UB5)bJ= zc-j>`N2qo~yt$%3L`3egdX1CH%oRTR312^f4t^k0JmlV6UTYGJeSJm$)&G1zA}3TB z@u#hMi?yxH?n(AMJfA?1)+9b12`0E0ytY#c;!^g$Mpt(kVr|-!@S0al z{0z6G!<&geg$%LWw{7jLdU^nNVS5K=B~VV=n%?&kG%DvTNxK4?7+KSV$W!SQj7~>J z37Ja#M}7UFYcDE-_)Ab9q)vietR!e(4TZh^3MVR3qcu@~D2dP&!1ZIE-oO96)H3r( z6Zzm(!R9{_9AK{#V3GeyvvHf%r2fMJe#l0Tesu-44ZdE&whLnX^On8q-7&MC^V(1dh9W5QXKFEE;) zNY5bnTj zi4Bbx4Zcejvco;wT5I57Ok~DNE$Sa$caq%jR{zHH+NiS|JbRolFnq8@XxDl|-G9_|s+mLiYa(A{k^Q4BG?au&8e^4i0_Hb#^H$1);9joI~K!`TjzTw91a;RYK4p{?~=gqn<*S9f1+c+@(OLA;-eKqEzgeg z_*~wh!mh%q9v<6CPWEoEv%T_4@LCS%4XHx-jnuEx(N2|RW!&BH9LY*ptHIjZfI+59IPT-HWI z{no-O(er*!sN&`xBNZW0r+#BLmbRChS;mQsq{HLn%GlF2=npX zdenGXKjzNK6`YUL37>d??cP%gZ`T^V6=gq(Vxd0;CR~PH29!XiHjwgO4te!)lSWvg zF=~ITFk{?1Es*RXy?iz04{y4+rR?^S0ITyL-|c(fA$U^-Y6bOqS8M#3m^6uSI^07z zYfOBIjnA76T)xhEO`!vcaXSHy2C-KbO1&)T0}#J{B3$R|4Rwlc7hPRj^nb71hYxRu zKF@*llr-nMSn;YnLw}?}Dy&>d2%O=OKN(f2Z|ODh7BLan@y@;H4L6+S51)6d_{Pwe z2UAtC1RFOWRTGl6YXW%-gJ}`ZATfkcSU2W-R9z8|WQ=tGVbbuX+Gh>h%y-X=;P2@y zXoNKYuJG9zq)(q8+?((E$0>v1k@esxfF=F$(}2LnpzIma5E{Z|W#EW3`CKVqpvHXI zxhVkz1F3Q zN{oa-Dh1LE%3Nl)El6&Qs}3#Rbv>82I%5W0rH|$E=a|sbUlVFnR+@%=8W*mHZxK9D zEs-OqQ!1n+tt#6l!zhy5A)$NUV>rBjety2SP>gWrk$XPZm+f&!Ahe))=Vv@Y*GTH< zA#8gh#GYg(xYE3x*O#Lti+y91b@R(r!^}Zs|1}8-Dz$FPc<;NAW${5IIXC2D=B^-Y zBSo_3)aQ<)v6XHgOG7dus>MEXca}i-H;T*E(JGB9u)AyUds(@pTQ*IKq4RsLX~1n8 z5!4D2I&Ldy)w6ZDg#C>kXQNfUVi-yifMltij6T(Qtt4+w{!^oQr@`uVTAsjsL>l&$K$=xiKC09+fz|fM~5p> zw)gMfhko-Iis4ZA)Y$pRF@9tg&n;<3`bz%_<4qXC5Wy1J8m%`3*Tsu-oNc|Up7!Oc zj1n;ruc?DM1$*A_E0NpShN<2uP;qV<27__hFEq$#gh~6Vbf->~XF?}KJt%mTEfn+b zxY>uIh4_p-85RH3?UP-y6AK;L6R;Y>r&-|7GWmpy$*Pwo(sHrjH}((ZL!eL}kP*Ti zAEi-qa=OL-Ctw%9g|n#bLI8Mqv&wf*?hE07w_&_7>|e38=$v($2_M-i52@G zlc$PeLfQ3$Q!Y=%tr_0&DAEcuo@$Aju&MMX$YwwLT3Hyv8ZEv t^H)J@# z+QgV!=WY*)(wA*6+?>}C*x5fyohu3k$v@kRBi=l3SSB;+*CT-WHa9`dsVT2A$tYJm z?RS5K56SJsl*};X042C>b%`RzHWr4d&qebpsTfj!v@Oy-Fs^fQ0Ja>sRf9O}{W#;S zyj(v$uB_RdMu!$fL{!68!l!E9ym_;fpN605dQIJ*I&QHKr=khEBAbZggN`&TE)?}) zxnDZkkv0d(ji#qd`Ft({w;=-(XvsPk7#>+`eBb`T~Nv!>{7J>T}fe+iTZAVJ#2FXN`oNo0+a8Ln!~rD zew)vDeJXhz9$gNx>u!gplB0nFl}dqgGZ;`ngx!C$?e|wP(Sr z78c}lRAybn*Q8F)2@F_&>=3pfvcG8A+Bn38FNkqcA<9cErmUTQen2x71^C<-O-YFE z1^Rh6-u@KW!AjI|&6f!0)DPvfygGbIX7pKG(B3erZnAMG_}c%lU-R3vtm0UPH$v}6 zleKK$7B%OfLp`hkHGAS zaNEc?v(uA59)2@f4;EqYQ`^^RpPt!xuQ5sE6dh~|;gpe?%LU4VU7OZnkd30{M%cP zNYIWL{7Jod{*nnIxdbvBfGY|G4-epAdkhge>W6g6cwOUH8Mip*19tBQf;cYHw=8*V z1?(!1`e@p2t3U<}7h`e)L&2|GUT>vvgCcE4V*@}OYr7y@EFbz#nH-Xv!Arrg{MbOc zQ9L}{N)pU&+T*dP)1UsrPj#hfoo`-vMeJu_NE?+7$mf*pUHv=;renx{@m2}o72W5^ zgK0rhQsjm(4_A-qifG;==ViqXzQC6d48a{=;i$1s^^KyyZ**Kx^mAgjIofVLMk5Yp zL@@*E`(snbN867N-%%=BC;1VxB;Qt;kBT~Z<=ea1_=|3>@Nt@qud~&<1@uTez7@;X zy)^!S&dcR?Z8&)du^z|KdbC+#-*CLsp)r?l!KLJw)uB|glAtg-mZ-caR@VvuD;?1c zYeDnI0%M6No~`m#1SV(nH@MVA)J;GGQ~Fk+sqrx1mfbns%O2uxT9TEy>kZ!@vj$K$ z7Dsxv##}gfW!+yM(l*dD!dsb|$}^MF$5PMc$M~%LWnSpqg*yJWTio9>prWs`1Fr<1 z_|`P@g{}LsO@82e-ux80A7$8fc9nXVY3qiJxl=NRj*Gv4?{I%RguIKLI_yUofMb{9 z8UCGyJ@_Yq5q*cxPB96P)zaL%d>8RPI!&8nGX=xIeuGkzL;xOHe=Tnv_wMD2%to>r zE2wN*9q+gMcR}~}&N47?+)#PMQKOJwq2*$#0?MD#;KHcBejs^EB`l8cFkIA4wNrb< zGOx#%_j8rB%7Ax8Vpoi7NR3OZD95tkzFX3`2UIg8if>Eyr(cay%|Z3`64+wYQPWi9 zgh}gKg!!cFF4yrdQle3}c^VUsKRZyQM@q5JdqXoSa>?sJv9&1`uVAVYNHp{sdE0vE zG>lf6&|3P(RHZkXn7%x`@lPdpK*F<58^qqFguLF_;y!H~9{((c2)4^kbeyLsa&e2P zqd6`BQk*=PH{WwO2YtcHK(Lc6wRQNpSnU`4x7v;OgRS#kO?*})P02~mp1iH$&mogr zdRy|VStB@P`a#)D2>(r2J*b&6KpA=ETMhFgCgv-?*HfPBNaO|Mt);Fhz`IwcJFuxI zV+F!W;^i50s@V50?{U#V2<|(-e)v>M9BEzBSUf(QI#!B{1)zB$wJ9p{p~fywCrgB1 zV0@=qk2XK?1ewH+9e52YW0DORU3Bl;75H2Oefn!kJRdcGvF&UZyqfuX;OLkOZI z*mgZ15?!b1D-^C2vPUn?xkaM2yw3l}7#&LK!J!V}H$xLAn^A;)9gNiK_w^i$h#-lc z=o*pGv z-hQAwTpY&P19u(}9jJnB$%XIBwMu@&YPzkFt9|=fJx^uo`Zj^_KD;$5z8hxf9Kp7& zmuC*v%xw^w)FD?y?6wMljW7MFyjRV-5*TRPW88kam{YPqlleV|T_W)^SAmhRmwh5J zxmZ3}N&zC{5$&zLzX4o(1I0}8j?odl_X`);1H?Hx&3dLHqL>$CRLl5Z&6Ti$I3ikU z&>4+x$KN%LkE#s~*{3>&6L$Os-F$fv`bKQv=a_>Z98vQ~kT_SUUaj!pSvod-h2%rS z+_+IFmDn&LglB0!#5_E%^1)K&fze$_FW{dvzjt>Zh#|iKM7~u-?X(N> zoxeJCw*IcvlvRP&CFQL~N_pULM1WwipXLmdk@K1IecWbMq;|-Mv zN5s|deU@rs3B&vVRl@NZkm*Qed&CJJdB#uUO76|d*%SWn1eYl9W_G6&GWxa_zgyfm zJKS|=R_j{ho>0x@tXlS!=Gkq!I1%%m7$!&H~a-wBfmLePXG>vseD3*)0zyzV5!2L8-SWyL&;| zXDdCNP`lD>fAo#5q3T*(z?zE(DDD4dpnZYtKCzq?X^-4=Y z%-av{(=3cGMkkG(SN=LyOmwaDYf7c0O>O1!1l9w8GoutDe)7ZJoex=NZuRg&UgEM=M@6K8kpo_aHj)v0g|QxSC!lq znjEItPrKSQw~T79ieHAeL>*EbCvF0SHPc-_JNro?{Q-H*NTr~8Q(&gJ zsQ5*A!ez2#s52d!mY?-O&R~Q;DNQDRZ2Lq$kT91qHMk|dAgFiFZ*QR(%lsW6t{<&= zjX6Jz?$gYYWYNe;@PNi~#OQ58G%n87-M*hLm`WT$D+TuhJgR(J522%ZfYJJ-)zi_t zI0>c$kAde+O*$Jx$Nx4g8%8-M++G-_{>E%*}<5A>V?+_@QXB?OoQ{QT5aHEmAvt(n1tAQ_Z268du|2||H{k&^1>zX5P% z)PA2oC_z9l^t+3aHJ17-%Uu5XSmWxV4iYlIIJYv}Q-zfQ_IENCf-2k3;dDcY`F zAQMq+PV&a#$-dL$-yhaSrPKl+a?0?S@tOF<^;WmMx>e*4(X#&fGJXGpMd3`ty=ZVEx#()y`~I!xO*g z3ZIwg7Tmh@^R?%s)l7?svLf7O=wkARXw{ZeyRMqZ+GNS*r*MfE<+=-Ne^=}O72OK%-*eG~ zKyOqfz4quJ$XI?=^p z%>B7WB-9lVfinqQ@{(G8e|pPv<()ehLm-tTl672=TR?b!)h{M;uu(! zgiF|5&KBrBZKUG$42YIiql_|Mi>3PrABZhV&cZQeu8W*IL0>OWn@#w103Vauvqa*T zh6~;@u_=$VwCayC!QJisa^7Lk1~AP$;zQ6qNo0Bn@vV|6C13c=%8cO&H+ZcMevYb< zwC&^@I};*97P|F(EH!%y6z)pu)Fz$B3#9mx?Yd(CUePX%T}0=T6@46(fZS zoFuEzEFdL8Ct4_9ez!@T7scYlwhqsyk=L0@-2&N5jhjm~15k#br$GQZ9DO!HV}UPj ztdHe8Z$E=6D}b#7=ziM%lxCu?kEP~S(yG4tr4%~6^D0Q)Ea&naNeTnVh3kucgR`l@ zjF;Y_CgJ&BUy%UdTD3h5JzDPf%NkDsQm@?Cl{e2=<76|6v3DC ztjFPP#hxWOE5a@&=d%o7zk|L=dLc3(=nlY4`m!m>=x_&<$e=Pt2N zba*s(e}A_ktQ^e=(q%_-m*Brf+pNVhnNl87rKoBp!DcC-$!`Eq2o&C5tik-fpIpL* z==Ko0MLH3#SZ_gh{rc%m@d}v^h?a^gNoeMMUmXHiM~7d=$s-VB#j0_@GX}$M1&3dY zzx{%JNQ*CF#IXm%5~=vPIGf)1oNw<2iCIAZ z>0FiqR%d~>m#PRI!fAA;lLNdi+jr~R7r4BpWHPmRdou7>s+c}tMI^)SC*JykX%E~r z&SX0}J@w?T3uiSU=M7&n8{&UN>@?+30mxHlxsg}RDpIpL4g0h7zSA;wqHa#Ly4&T) zul20I`*jNTkatp}&$2A>`ki!QyuoB@Kz#B$LyWdh1R9>8?|9FlSJk%qoSrSE5GP62 zdLl(Ki^NEz?ZKma$AAo2vyNKE_ab9JaWQ8zdA!Jk&M87W();>5eghDV-sIcA7aZc? z)HTR8MHFN?{i?j-XQP^Vp4_hK0(WORscqjFRONW^lV@vZItjZj`XVz}kKCqiW%8e< z86N(d*)-z42Q^s8DXr()E(Cl%4O1>lB4}avJFUN8RRTrlYPFH@QSw;PGX*lM+BHYb zee4rG94D9xUWZ6jXf||Um30o1`SHw9lA*x z-k9TZci8Kjd}FeqgXh1mPYJ=LZ>00pdTw2BrMgwd=u|Y%Cv{zNfralzf18YuwBItX zZWVZnoHA}JMC2hCV9|D)@7dR=ub8|LL$;!l92Ie-VUu;Nj8RU7S;wigDZ4dBKKrPH_WwMz+j*TG! zcCgw}&JL)7Tbi@nu;Q7$dY8L-W5{569R6ep_(;)n5cxRH=IE7Wny0%a2nM4SBZdT@ zP&*H8ujO-hb{8Mlo^yM93O+$b_+|nG9~n1)VW?(2Tt^%SA>|Wm`&dj3j>Wh`n^k3; z&Xe5eq)pR!PSkR_k);o>3D}{6DR^3LhMg@cHp-q`jNQvm=(0R@7TC>Dvmik$d^GcJ zuyL6gEPn?K#sEkK3;!!#%{Kky`Y>GlrY|!cQLdlIH5Jy!Ku}E6;v5J?728lsIjgMb`#?7mcPHnE4JPC%Cqn zwb%(oT)3X#a)QqPInDU`bdJn@`qldH^c)f7joT}oB3BzSL|+y4GgxYFtjxxt^$XE!rH!!D)uaS)9W23insxpg7@}5gAjy&15z8 z8~kGz(QpIk~$fPXNTxLZGVkw z5l`LdRc4B_{+_8Ek=JTLQM{?Z`@VExCxjv6!+IxO&anI2LwfI|_2K2-fXHIl$3j)7 zmL3xooDGJYzWkLT=izN%^C#gUI-07ziL%KNjst5c->LXouaG1qg56&vx+_g z8(`vex0m(vevR4=LZTp2`OrsFYu}=Yi8Jqwv{3P>hQpW6(xF4)JX$RyES|iP>C(~z zggpuBZ8}@x%{C%4?pYACsrkCloh3i=THq*RahmLP@S{v61` zGp(L&bfrzND1-7PVaN6j4F_E(Y^yy}B)jAX@BUVAI;oY`dL*Lh;MP3$%;2P2eD0kc zlcB%{@bFpYv1kPjZy3vyhaguJFj%FIcX3JBi!MxHv7wcHXSbG_ZfH66V9Q}LNZ?X; zX**$0Qau+^@fhPx2EJyc@)M_G_9Kq{#5smMz4wwS28>*2VLOEFs3vt=VZj*&%ze|0 zx@Gf6e}9OWU)Ynbq$#FQ0g4^C>0oRfL(D!3+ztbRcMY5EGlcC^g)1>e#a!Z64AorL zD&xhPogax0X>}Cim_ezTYqVzCZc|Yxz>0;F`_t#8gP?uyNZW?`cVQCjAcN7?0a-)R zEJ>Qf3&u+(sz8p@sj&rIqb*VOsX%tzoN#S)?S|x@6{(=&8~KrbCGDxQ$y40JS5%1V zM$6izLjTDgUR?n}hKmuA*A!k`#&%!CQ_wH%i%c5yQ*Y*Lv_7oY9QAcFx_%*mFGrE*2?Ls^k(9N)9ZLww0cLIt1vU_!5#;VtyY;6pLQTAR{>7dsAWRi`Q0 zfQo8`_-3o4gu=Z*secW;f$yftl~6a6rbi`Av8(uSrNIZxU|5R{k9BsDmgj^_ffnE^ zn{=-=DUaE<&0gK(y-95H|D5LO)250SD!8=#RE3e{b}9J!@yR_W$EC z)*U7~NNYj%%Y`St8$&FT@tn9Ya=zE@_(Ze~2Z&V*6&vP2nb4EF@*&3i(ZHRSq?xrLZnzB-m%)A}16r67Ec?GKMa0zhDmyaWE}tEz zY(_5x_SNjNQ3H2|FXVurze(ijRh>(bHsl(k%~Ek4vL!-Smp7Z<`Ydrwf1E zbdlE8-cu>x_QvY4Q|C!Rp5?jP*!>_Ns5W?BRH@S>NdBF24Dt&b5N`eueRey?n~7Yw!^ROM|M{rLlvqe{Ii;p`{p_j zhd&_r)s^4Fp*^2NO;yH~gLrcv6V1d;c|laZk}o>9=|L7DpLZi@Tcratlx-qDV+Vc) zwpILC84tqF)CCG$no~!cpcY2t_(v-$_L-<=Gj(1AcDP&pb>Vacg}w!cpS5ieG+aoH zFQWc*WEmu%HM14_16K84y)mapyZv-VVqh%a_{!MKlEs788*ZObIZs|se)am+j0hx) zp$?Slc48YU4v$EAjz4j6E?>UgH?&XLVw(VcPP{&v{#NZBrXL-35k%d;jkEN_W&Bj1 z)1uypChGkk`=rBRmT!$KFDVme-@Cy@d8~QKrHs|HYa>O2^4*raOTrSo{}7oHg%nx& z>1ZWbrSd87!{UC7y6CG#6fg1u$J~d(k^CzMjPHD_!jnF0@3g67GsjL)75V~u5+R3 z(N+HoS5M;7pVPh&E}JgDV@-2D6ho!Fj#?w_9IJPuzYNV2jfDf1y!bO|f9TM6luLNj zV>zT)4g(U^OQjdmtS$SoDVuZoZtvvvN#eD(7&Vv!4e+!{u{pKnzB;fkO@d?_{W#=PKD`h);Wlmig6l)Ngbr`G!s~w=wyx za~#viMz^5{MOHQ!k~ANZIRzMU=QkH{)ugc{c}8@LZ>T9r3yF#TKh~&0Vzlc%+cQ*d zB1-BQ#-YaV!2GrRX}67v5cMI3xxHT0UeQ&}X4TJuzc87vgKf|z{8}HM3FIlOI6Aaw zH%k^r25veQz|6_!d_j67e4)}WYOdGuttc5-`({cq&1_#6;rw9Tx{!U^u%fU=wdVin zI5dOuM?wt+aE%*4P>T)umLtTk*bH| zH|zzwW{)ne@fI`OhGRT{3;mpR_|g+kqG}l=8H?#$;cJ5+7#nH8nC+>2u*La0m9E`8 z1FD@9;-fHj?4xldO9LkC*7_F;A<|2jJp zylzg4+V-LjHv878?~l91Z0#f12*)RR?LNV_n@8CRlyui@ud?lBOQL{Uf1S_7ksDP- z(EjJ6!k#+!qMFTIV-HfXo=PJo;Sz+zX_h_rj_vTuMq0AEu%^x4gF8ZX&uOJls8Id` zr2PMDFrJ3}95ilhJkgJj)$v9qPYe z>PF@$t668l6_r~@zYb=?7m;vR_A`BpH&K-qdxllh?1yd7_kL5c)z)h5bW1v#oETB_#+_$+#jPUecku()6 z9}T^!#R2Vpc&>2y`W5}eKv_crV$pw%tgNhTP{^3~Y-_w5AdX7*T#BvxX52b3foI9W7{KJ3WNUJ$^ZxY@H;toppfZ=Pf117W+8i0K zY*9Z0fZ0LRVvt)|Y3VN^&z9o>{tDn%5;i~M_ww_Jr+4kQRRDgV00YohZu-!Z8=PhxjW{O1e2tLN?t8O49!EcuS9)uw~m{f`Z1ktpps={I#kQ_4)bnMFemOTFiLOkWbN7@&!1xY+dpz>DN^ z`t$u{q&D;xy(Hm(WQjgb>u>=C!ta^wM?Xjwx{r=e{{p8WXJr-@UNBVCT4HUs-=egv ziBpuq)fOkgU2g64WV1TGotc^fGFAmS**RXOwY4P0k>NRjn%oCq?UAaw4_5#{=D0uC zI6C4=_m{dv0Xw8)eC+EyF4JG^!y!o?W$62UlJ=FURVctMf2*D5rxFCp=C{ZLfb^LE zJ}BHVk2Q65b>%SplK$NGz~(O*wEsa%sK!1QiV$kudpPG(JM02LBF2JaH8n^8`PuWz zMQ1GlEcmS2K{Sa^muKbv&)D5hY438?rp^4aA%I8@V2q#*!G@V1e}(kFsBQmy&V^={ zkc*XBHAJBn{hVDU#5Bk(_)o8dbq}GRAl4ie1T~p^1Mf2V=e2&B;tfYW^dNPTl?BTp zWPBK%nL&=^l?gSdx3Zu)Q&quG>SEoG3hy3XF7RGvHzlA+zH|CH693VRPHytKYAlg0 zSLa5bY?Hk)nils&l@N|#t3bcFs5lstk3`NH%huk?$sQzAFj*cT&n$#&amE7b5k?Jy z95E7JkZq=8s-&lLGLRs8vwd{bF5?qcBC2`?z98+CE6ey@o9qw32}@lfsQ)4oY1o;^ z3h;gs09g`osTzW18tcEx{;5Bojm7)z7%?o>_OC?yEJK{Pk$gN{^_~1tCk`GcViai+ zuugj(AWm^8xfJa6i}1&6t^FMEW^>?LH|-;vUv=cq^s$DpRZV@SfSDhdb9%X8oUGi? zo686t)4n8Dx2letKvx;M>U)GB_ZAFl&g}AnInHY%D{LyuW-Ly)eM_M`2@m}Hf}QW3 z%!7=$*x$S_ifGC+Y3C^A)tL3n69)tOeC{45)sZQy?o!p`y@uU5R9Wj5D7{Qw2;8l} zd+!U>tGYt~ZkqgWaoclnOE?P+fV{u+zk}7(qRrg9@KAt_FSLPTr|p?{{$w~;)-*1K z$Vw{4dcFur>~2|T@$pLL;7|0px!i2EIZ8WbSE8heHPK_9fr8hQhJM^JM8hn8^L?~!n4c1Gs@8(u}AW##ip9+^=t3bq(qB*3*pC)M4o za6a!b0iHW5pl<>R4zV@A&rq-RX;wxE4YD zPU_IU=iQ(G8cl4d=?GxAV?%btI5QCwB5I$sQ`nmhmd99y=^r#Ok2NY?948e`o8lS;4S{AvmiJ4_(@kV@>oOh>V2H2+G*UF z;uE8;0Qxx8Yw1mO***)Cu^7YLAc7MBh=Y`yw*@vk`vSJ?0Jf`ab_+SlL@gYKG%n*& zoSW{1VR|u94uO@^6%ELNh1|8>Pcj`hSG)TFZ0bn)h?HqFL@gJK@WgEdSS+J4zb46X zf?0+66UP?^&r;lm(nTvRVnVeH)lF)iT^}m(dfeW0v)(M5$9uZu587Zk8PUb~kw#zTL0xCKtNr2ynN9 z%JTWXZ|#skX~rxAi|wuuoi3h3e*`NF;&Y$<7pBZDt$cy*ni>0xa)$maOwXsYR^R=M z%tW7wC)~~b5(-mfwsRrqeJ{4V>3>@gkhwRf+yveM?hnkcSJ_(u@CZ)?yM!`d9?Khq z-+&pkxLF-A-oau8J(dpl&7!x3$xE4ojKZi`E}kfdUy`{fgP8NHKsG5KH3d<4mgLwD z*uzq+JFyS(s&Pn{4V7LD1R;#7vVh_D73KzSYgu^O%5S9G%!e5M zwEqrY^PPj(|K&y_d6he9^KW8DT*vdHWm#KVAT*Vd+n@m@Wld zKM!bDkF_Li*~*VIHFB^={&g|KZSmNicM6}*O}^UFnBQErm1-5BJNgtfI^B+X^a=&I zIrxHb3FAm+OEJY{1KcOMJX8EwlBqRoHa+`jF_lytclv*sbZw!~Jc(m=7C*1(+r!hCSB-bp&1 zpxD}U89ifm)3Nw%-rr$gxB065nAWeOKv>r;<&(mw+||Qdg`B{hQZglP0ds@#;{K#T z-?{*SD^Un_TuAR3_H|MDzlDYhqQ9v((2aIpAg{Db7mlR)COtz3%8DyFqxvYVsrA~H z)Cnt)nGwq=vUbd!YuFyG(ALF^P{gZK{Zg6W-jEXBkTtmtwV$Ix%iFd3$_l2DvzxH; z?~mdCl{%`b(cZ< z)ZVtzD@qYswjT|urc~1EaP~^Mj}FV_XLC!hS2~eq#yv{hmDdH77QeuG!KJ zs?m)3n-H3V3q-LG7n?h(Rt!9KASe^nEdf11jYeYV+mG;Gy$T~H6(GtbeW6pw?I=V! z7*4N5t9t(*y8pacJS-c7;{&2qRpA8D?W>EkVYgsAS~KAA;FlaFDPWI`OJe{2!t7{~ zijy8jpVF#t0rK@CWrL0Z{SC=D=Y+{R3wTYV3Z*fWROEYDukjcHPRBK5!(KR9vLmrY zaA~ZWcUajNkGJlu5N;8n32v}g(jQn;_v45c3}f#V3HRt$Dgy_42hicrlt#7}c^tYa zyW|m;vgTERb%Ff_hZ1Y>T_HOb{0-p(8yn*^E*d{JWQ}pDU-@CBm%?CC=vZHPG@Kcl z{O$a3X(`;V=|u`!`B8{?o~6#4pfCEe`d)}pO@$s%zGYqxlnWXlu8!8MGd`!IMR<) zq&Jxdh$>4eU<>4yms=9#GkQ}0@c^Xr`r61IE-E_4Znw z7`7|?BU${`FrlF8 z-DhxK;*#n_{uW-A@R(aRC5{5QLXD$795n6Vk2UOyBd!jDsxZ4pcXyd!!!n>bv8$1W z@HW>KFFp4;|%w-D22*cZ}{u@^Q3)qI+=} zKt)Fs1QZRbM$tS{EUvSD0-baeH>yimN+1_4^*VY8(OUKii_Y+BoDtZb150 zp>U!xvh-fhFuQ9q;pg4r?s!i&LhH-kY#qLhwBm z{VQAyF&pz0_VQgq)n;jmFmhY6d~(NKYpQyl&Sfbm76!liE(!RaMjl547TZM9+b^Wx z=q(E+2rpLpH;8iE>q#F_&Ws{7_C_NVk63q+ayvfEKdjg~;4xNlomSQX$iMdtSDYYm zVrfgZj?stsi1Tr+p|^yO7UOGW!F~J^Qdr8(@Xc!7y)b^1R)En@C^ioXZt-4caK6&o zDX30ydu3Kumnd?vzr|rTj6Lgn-tyt&p3igo1Hg7_z{@I%vX)APOD zG#`OYHG?e4PYS(0%;v`)hirXvn#@;u7>_q``vJX-$HnQ(;MRV*Y0rIXtknWFL?*w>^erh@7O;e6Zlh zAW}{2{2uHhkbQs@0k#MaF_lB73Cl&Kf9EBI4+gC7%l@PbLe%j}ADY$B>#*bZR~O7`gjJCXKct!$_6l4YL$C@hq*_^7YVbE3C12 z46!GscdYt0dkDwQ|Mr_g6-H3$OM5uUxSDw6Z!`^i+``N?(VY@uQIsAGY))acAj$l$ zSkn6u(x-Sk6q>z(VVf@Ih8)B1)=Shtx0xm5OiiA2}9UWq(R9Fbwa^c#$q07^%Gf=>0MH$VbQ!Bhjwuos&KtNB}iu_NQv zolbfOwI~}0Kke2@#c$Y&9+19EkteSxEvP}dl>}kj)3bN&vsQMn*;Iea_9a%?44n~B zuJ@`2Gvk1z&3XHY{8&cyytFnSH{ zE_zsC0+7W>=1GFGuyD=R$;v%E;G7IVX50`kaFc<+DM2*1=E+WBLD<5ui-&CUVp1%; zw1)H^ZJtXM&^HZMEVf_TO2iJJswbR?VFaEntSaV|HEi4;oh*Ux(J`zJf1@v)e*DJ` z|4g5F;^aeosPN@^gpIp`HqMtw&FRNxo{HV`UaJcK%t--;)nt75Tj&Eqsd&$^c%5-s zobjwlal$SuOHlwMkyUIm%phm?Ee0wy_?=a;vJ#6*09_rlA5u8D@HEPi?set!+$p#4 z?0^ew*@97QS&WEVNbY#?!?hplF5L~Yn2P5gyHR^LpCn+@k-Q~b&y>4m_;*|wX*`r= zTY~E@CCK+#V9+gktg$O^0$x}Gn;YIH8<=439KNp??@28*XR#k78u!Jrs2)-H?hSFF3BhuYa>t zwY+ziDmrCBNOjvoj$`2>ST->WTPbA#h#S{~t^bTMsc&!OF@Z>u^RL6Ar9Kd|X{hp0 zy}u@_#&&=D`<|{{*b$h1kCXB4n+sJYLzd8+XBcV-zU6N*NC*ygExKS)B@yW#)|6b8 zwyp$ZJPvB;s0Knb`{TsGIAuXt4n(RLlmgNN_B@F$uPhXoC*nuDGz znTx`FoWQB3=5Uhklky~Au9X98Ddu4!92iH!199!JqP8q%eUq&0DNAWU9v-K{0fyU| zDe`ZE>j*?xDM=mht~~`f>Sq0d1$r!>&z3mjujX5%V%M{uDbEmu-6^5Nd0NTNVexi( z=v|szIR)wOj3U$TJRJFS<8($m8nPa)s`@V)1X8|qcpm1nf-Xv@n-sbO`c}=Kz-7Zk zW!-59n=GQ!_>9JdV;>jZM3ltrk#H$&Qk?U0IH^Q&ujj?D+!$-KyLr*AJ{*3;*!~!1 z9=k(v84+n1BQ65RYBo^`{J8gMsCg`H`$Spwvz;=;|FgO=^vma*lEg~< z4xxg{t%HWX-Cit(yCBop61%R#49yje+_=vz8aDBCq%>~G3Wv3x{0n*h@`&rNVyJMY ztODLu)E$jPCOeCV8K>d14;V38npxEWLrF+HXXrkYFN=^+iA}OsIo+C5%t&MCXQXiq zLTUDmpg6H-u(NzBlKqU2bjW9$0@XoPCEvK+DjMkzOkNAin>vpw>TP3|9|s*Qs-Z51 zeSD`2N%pVAHjwLm!?h%DgzCi5fw7FJH2Fn)9|rIE`TBjCgg?~{su)`BzLVO0s%M+P zvE^u^Il7d*!4`&`xAgY7zu!XQBsrfSgK@8QMYQY!oev1^4>6T*s=tWxNrFj+R#ra8 z%CU&6+)N!AiRQN5@wm%U7tX!n<%6&dU70ilbVdUbknKw)L0eoV?DSO~aJZ{#*B{E^ znlRDM3@{x`J8SpTXs$E`$W63@5PpY9%_yJ=U-g4qNf> zc;hIsqbS_-Zh={lc;$DthZHXEXUVYN@}glOysYnYvQ)yVlpf|Yubtv6pFYah+*WZJ zRM?LB{i4uSN-~jlKm+3`k2N4AF+O<;9eCRI!5rsE?Y3aJ>A;a6bQhZ1z((AtpJ=Qk zLP-~^5fEEcq!SGVn{)gM(4~PH30x6iBurJlgJJCsDm3_?uo=8UtUBcmSo02IRSUD5 zp2xBj<$94-lVQTz)mlBxuuY%XhR2Q-rg5gBy~y+v>?SPX z?!gM$aN~S8UK57B#FkA3YV(NKv=egG6y`tO53ccq#B#mVPVaWgo%3ITFqtRZ2{`8- zJtVRR^6Y9P!bD*eq;{Ijm82zH-!jo+n|F?Fyxc4^_IbF^Me+-~p>KrmOPTj$hR-_B z27%5II4@LUK5{#VNs)B5zfItGdJ%;eMg9%1-*>40CE)TE=U+Iu!DMeGz<>sG&<5w~ zaI`VM@emeBy$TClzLSE6~HfuC2V6TSR`?MtGfS6_D9T(jn!D9etTWzrJFV>6kB-Lr3K>8Q1< z?p8lksVZhtpMZo>Y4GJE&?D6@bD6ILuCg6SbAQ;PLSXA6-H@5xS$!^2j{x_cLZ>AB zp$RYY!T5a0r0{X^G_iv@WfFX`Vm$;n=vC%$?n)7)zM#v;f9onp zt4qRzrxwFsV;Bv8F^8rOb?D7kCEW3s~t3#n=$%+!wC40015k` zP(bd|;pLg@C|uj`rH{{9=we7FCX(X&+U806vajF4{H&yF&4FQ#&k)oWlfg?!*mc^} z+dd$RGZX{&m@|CC_8C3sF%q1RTWYaZ!>sMX?JC@-b;HvGvAHD%jLhZ}9jB>JrdJ1{ z(!SiUB0{!i`EvdU1EEXBIqkT0Bl>Hh8`zI&B3>VJ{daS!QdLP-iCwr=<<5z{d!cqa zIEh~6p=3@0<>`vwkHU@P6{hA!PRJXT8>N%@e|Wc5?a|||w2%?KZq63yrs10>PsD0T zavm$=Og38Do4oFdz@#}c`afR|3Ls5K_xTJt4vID!R2a7(GbPQK%Z0kj8a9>_phR;B zE-vSDEUD_54);!&dq-D7j{89GAj2n5c&OmtguI_p-lQMhHlJsQqhZF?ygj5x%{m;4h3N!}0C zuXW9MX_g0Tu)usibG~K$;fuaRBBJW*rYXET#sU(|z`H0`Jf|rNkSnW=g-z~YDJ*qv zkPvCVR32-WOWKVv`z7VKjsHBi?cGQF%HNvcL6Vp1yLhb$sr0?y*~Gmf^q6{x%uaj7 zdT)ofSRQ|xDtlEH9I_GF?ceq5{IliT_hxnqQAL1ubVh=%oK_^^ zlm$UV#d}OJ$ zA#G)9{!hm&Bb*vksz+@yJzKS>A~`_wR8> zHAF$WTwhMF+EXeW8&;zk&IfOT5zMy@NrFF|F)e}!;kg8B=@5%*85{JSx)WJe?|JaG zc6%B$({?zdlPk%qy|QDD28}ltGk(^U<1{+@nkN6vxD1yn&z}?jtc>LM`@OK>4KmE(ow+WgQaqZ?G925(h`OW8A_OYGEoQ)7_p0L}~6j(LqoLQ+%#GBXl zLVk6ka@uLU-xmVJatI1R#cW0g4X_J<*e+_J_bpDNDU;kC!- zL@1B;pQDnTTf@gL8m)5YA2B8x5if$Xp$5gdHKRDjdpdbnICF-%V$Hc-R|Tn+&d^}@ z%*)W~Lz=h$Z1X?{TW7FI>l4=NLDud+OTs_#IzJZ=--D+nI>nV-jJT$7T0zQ5oS=@B zG!7?vY$d_f6?xynE9I z8`;mUA7x4VJ;O5I&mwfHZ6&<)ClM~_*Va4|kE1_~*I%nZ#w*!<5k6lU>EONdRyB$5 zhx*3;lq31SO#Q8DhXSw+K}Y>}y|<+AR{bumbafng0@}8ML>m97)f7gKA9h*em%P;d zaIe2~%QzIg%WAtz;V4!|MoA{tQtP71?TudMc_Z%8wK3{*i$5(=c1V^bw-w50Y_Pki z)7hS&Xc^omen$B)NS3u1cNTgtMk{T;q6M=(Ng6AQm&`A|_+0Mkq{}aF*l0y}2GqJD%{g+ZowCeD zB`a&M9KZhV47Wo*kFWxq#Z|0>SHf>rIy3Mj60e5Uv6jPMkuf zq`^vHyZbPM|M+Sgx(0k2Va5^k>O+5s4m5O3JD0~vj$FqB`Ivu9e&{fWL_WkXNjPT9 zz;1S ze-(nl=}9N>4Xk3E<@>f@{gNtCml)B)OR0Yk7jM>dtjNvgl@9bc zK;8RP&HAgu5J5zzQW~*a<5$@OKRH!9(mKjT4-qi>Vw~!g1zZsSwc>&p~D|RxOw#(dgFkTSW ze{Nh{RXw_O)7}1iL+K!5%kZ243)TGay$%cf_+niJ$60(UVQTlhL>&KG_ou?aS<<6m z=jVQD_QkrTOn;B##BO)7a zN~tE?a?ee^>J!NT@%jDVg0u)aA8I-UV5XuKYthP&?LCS*lv@khkcFp6k5wOSpvFaj zsIqTm{$9A?dT*>nxBg~Zcs?d302&EP9b^y|7E~7O>PY;`1xr{1=fkVqjMKi%})rD!;K`cq?HVco}T3aI)wi8mrBc{C0%y-#$XXgM=FNaNo0VV_GxD zH7R65{Qao7*n`z{Sc8`XxC~~#Nmvy+Rq;Zjy@(%VCTA40>_sf zvBy`j*!89@P@bp47$ry}H@4HI4RO-AUmUy-_Ws2EVn+I`K)c$;R1ti1RCB_x_5Gar zhOOXu%}PE^Q^yd^ z@qtvav*VJ%zZtoW`iJy@UGGr0&-sr=I`(KqQLFk3QA)3|~;_Kq~TxPTr zEY<9hD7DqVPz`UT(re6k8^V$F@^iJXWw$fK^o@*A?r=LWE%0MV&zPN~qU?Sb?5E?_ z(lRjzNjw(o#zxtzpu2E&<48@(_3$deHq=>tz6F@n|& zgCVwqjPRU%Sdg1bl~Jk8>NcB;)I03q@u~Gm_8H^#xb+WBotcFN-lCRbP1K38yzxVia+d;LI@1sN~!UnlKza3Xen z-Mbzyggn{~PaN}_LE=y99DjgI?% z!aL9|g9l|a4HV#|#D{mhnZ05YRF@@g0;8Lzgj2EW6 zWG@;vFHIZPg|evGlW=&b6+pEj!6tokcQkVHG~BL=(`~!HCEBXZh;6MHN;Bo>N=H znX_9J#YLpCx@BvCmYd_ZtGxjN0pigKdfh!+&)w24RAJ-Rf z3tRr~;p#W}u3Q9I_v`<$ZBK!cDTHod@7+R4d)ntkUy9`j?TVfPx1B^=Kpq2e4Kask zVFaex2twx6EeB?#ULvbuQ9TJaUaVwUE1w*H&r-q_MZ(=Q1w()utpd%y;0M~lA>2zi zeM2$Hmm2PYp@1Ktf}_-K6iI;}@}GU{epU{(CRpyrx^l3*-Oo@r%h9XWrq8K9ohWpi zqSfSdqiD^E4_?A&#lH!TC_5zPYYg}_TDSieoyT*m9{O^V7>Et@7|tMd;j=>9`|I@u z`1Q)5w#+odE`3z}RhJd-%Cp zB;?fLUOtu3Q`+8C-N%^D!4UB!F9TG8C~ASmeUhqPcYGwUk1Fw{IG0uS<}y|N=h&|= zx9^y&t8N4e!^w%xx+1Cp)U@4uxdTG0c@|zORSuUs=D;1wR z?1mtw`29Q_`j~^|FCVBkKJn@}7gZadDE~O}=!5R@x<~(cOxN>lvJ--OUq)5D2At^_ zbla$tMnMG>Qpw@iT69h#oG)Q~mg(9aYdlrFIuT0hKMzZ#I9y9&dpjj-^GniXs=M>? z`o{-N>wlU;PO#w43Y4KC72ne~*p9qdd;iA~%0Ggo`sUtejiz6$j5h#WsmX+>a46)+ zq}+#PXaTL0XEXZCf4yyI2hBoI5@=YwS+XCS-ovtEa602pKXa#KoEZ6Y!mizTn(E%- z9mGA~0>M^e2{u;|lg4Q@Ld{40&pcFjS*Kffd9+(!A5!|Nui!;}0YedsP%0frfORUW z9GWOD}#3QwfVn(rlI#AM>kb%ZS6M%-g!_5ffQrnh#Q-?(h(a-0X_qg?h z_z9g^gWA_d10aWh|J;_xtJ=7;GB|`Y|7fc$7xuYW7MIqm= zkqKyUtrhF_pDE9F?n(Pkz?K?krpg>s!K#~)DpJ}y806ZCKpqIWbCz($$N6${aWa?9 zf6>i5MqEW2cf^{^8NiEJOQ4Oc#5V!B#0p|e(K&a+&u_(PxXkaxZPb{El>9npIA&lG zvC9zoG}aK>=Dc+t-s-A4C?3D-&OE8u79ODDX8oth#8C94;az9ptC5z3D(;0J^Iejn z^?g3^PEcAEliefCY#Q zS)XLtoYjASG*)rwjb|Yyv%&BuWDm|2pW8r#Hz@J4kAE_KCKoOBKWEz53qWHGMFZiT z>EG~fl&<{c*w)Zx{K<4tR@=K~i*glz>&(7XPBF0t<%)MD3A=fg85Z|&6~VjVQmiFD zZhq(Tnoq-#N}cxVj`(3xA@*pZ<7+*8a-I9Whsb}LeF=MbHU>b-&zYN`0m&=SuoRH zo$$~EIVXpzR^U0lgvQ|31K)FhC)|j&+*ZGSjy@RkW0zkhAMj*T#e@!P^5DT(qy}z% zhex8QLRQuD$q>Uv$Izbv4x?r-l2f-SSId0$+*2Lz?2QIzjg-PrH&FG2xL)fTLjk&f zeIP=RXZnCUi?}aTCV4?qHhl=_1d{qR6=d%nvdLGr-jXngJ1Hy*>ghnbg|j<=^A&Xz zj$}|r{1p9`n%vMz&s=&kRTPQrcQEcY&TceNX;TvWiolJ)dY?^KvL5ubT@s|0!<@h| zn&2%rFpAqi<)+iiP5W_v3)z?6D$yF~{&AOB+polz@=t($sW?G&E?Idd$7sCzpGJJy zeMVe(#u=pk2?%zEQ@;(_clIjK0it8iiLZroG1k^?3WZ7)n>{QeehN%LTFTIY))L_0 zuj{_%V$^@WH5TB|@rtS;vw>B8Qs>PI5PAm&IEbB_DfUSd!EbiB!Z8BKQV3bCOSV@s1+{FCC2b63GQ!HCHx#bG*D@ErLOi`dh&@?3|=vds}&6G z%UN?+uw^nIdbv)Ir?m}hpthzC;xlBVU!oR`_m4lxcXoU%k?p3hY%;Bz`0~DO9h!}I z5yg_H4cio8Mhg=;na$AK87g;bj{e*|xHSVm995!$x{|(AP?RYla*t~lxij@nNUbrW zn5LY0;`C3ENIVdmCFD4rDKsp zz$P+>N;E-M0`D-k+72Be_|dtHZ$AhpXbf8qju-v}+J!t{D$jL23&~3%G+Gs>mDf6& zuSMMr2Kzo5_%5ou&wnlrW6@Srq~lt;n?Ipja`k9uq0$X=Z;o3}aNqYN)j+mY+Hn#c z8F685;gPlt{Wbh-@Mh|Tnp+<)c#c;ETo$_LFZ$|b-M)mfd{ol-W*!TokA{HzMWyAA zJ-;r;6{pYqwH~nRJfCCL$A6Lc+K6v6{!dNoeIEM!a1FSypviOn9Y!y4x{4g`v^&>O zz*pD(y_Zqn6$x&HIB)fAb>8)QRiLV^MIj^KeqH~dgi9QVByj7aoQTUE`3-lwB*g+h zAUY4iVG{DjVx2Pih=)rS4-VOAZU_Bom9N<7{Y+1z$9c{MaP@`0F$hxo!E`WQ#NIdg z0WPd%lfk-O7)EpT)&aC`?S&*^5cD0gaW(WVWA#$kkPQDP=k!cTDb0lzw)v%PSgKYl zWpcsGviV>QZgvWgBqaeJZ{(Grc;sY+F8+rX&_ zIZ?)gJ(eeYvRSnbnTLLDHkky0!az?{mG$2Y{glPq{Yu!~=fT*hSh62IgG-S=PF#Mb zO3JK7jR>R^DvBBX`@N^%d+Up|R;Ow$K6T4r6X|^KitGA0I8yhxmx$-`_+kiM_=nhm zF4U1UfAMp8i|wm?=%>i7=_8Ie;?KIr>}JW3MOK>BWcI>&Huc>ltT%%BUc>Gv`>c1# zf|nCbotUBi=h>e|UC7RV>~Bt@t>PKD3>`J60f;SlP74Y&gib+U6*R!k z8t~&j!p8_e3=#?IGCqrZ^Dc$VGkD9JeeOeIo^8yy|4Q~iheJ#9kW6tHa;+~(cInK) zrtm){hmHrLc-SXX3XrRpfCu-{Ix zzlfep$$orOj}8zska+wNs`jxGJej%&OD&~jFw$Zx=5Qf$3The~iL12biy{OdlWDYb=;B-QvT$=VEAI_h&@j+Mz{Jx>koHujTM1+um6X zSJ@cWX7Um2!PJeg+%B1?X$4pi^U#agDSrVlh`6UHF9O zJ=R9!{o`%%VV{LI8)4|N|wu;PjMQ}bR}-VDIvBGpLWRn z+I*P9x)CZwB%<|Q^+Fm;^l(Hq`ka3G<3Q%olS{KL<6VX~_1~kE6FT~U_|-IQ?i&A% zMCA+TY0uY&BgG9N^8xNL54ALJP6-GFZZVg*wd9> zCzBsbS$mK<)eZ=Gy&}a`u8#q#?fqABA2amMblB>)ZUZ}V&`C#8vrM_du_|{fWKA9J zWSB|rw3huhBifuE;P1b>Hu*G`zpv@C1ZCP3S|H4hK?P@At*qAKE#+%p_wik&I;!p6 zVD1b4AI%`YSPQ73;K2+`0A){<{I3r3=bIp(-+turKQf3U4-G;aa?-6J{v^_P@m`e@ zgo7PftNPo(`4cX04|4B?ehbL!=1%UW`V*_W9&+{r4j zI;2pUeN~)4fziryN<0GLD$bO@)ukVB><7D-&+VzoWM z{MF*5kFd34QaikpRTSYe6Jwlk^)+S>vvFCjXdq_ue{%zQv%otr)YdrXMeu>kP?jiJ zt=;qU%UYw!KfOOLn*z_in*Gk>f=NW3Q6J<6)N*9hvm_47Ci?3%QDk?dHijO`r$iiJ ziq;aY>-8^(ic~a{O7`<%M!`RdiStWiHSiFo{Y9200%@-L6@VArek_Xv=S!!@J-) zuT`qBpCb6KkarbL|6~_+m&~cHkihA#?O^+@yp)h>LSUG5XTin6&#f2`@hc3sDRDZ;X0{*7XDX!C(xOx^bzNmLj!2Ggo zlG#7mpjdXy@lm=^USI+{gXD(E-m{k2TKdQ5kapkG-)iwWr(DOMTv96jSHzJw8{h*6 zZH_Rz%r(%mHaJ8iG9zb%`LpE$us`wj*ueX(wkBJPYax<*jjxTdox}iLtHB>0lP&@1 zJzxIOdp-%R%s&#icA~cC^XUwgT^Acza4b^L)I3!ZvwDu`)V}b^&r;7{roa4QRFEFzwx1UE)qe|Op z#q2WE0)DvG$^-Bu?Ywh(NsiDlYvH%+2|Bqxd{&5;;Y^1Sl^H{?_ zSn8-k{BcvycST-gpB==1qJ^PQ`*U04ZDIpyalPnEPphFVDwIh|BD0qI<6xSRY{i&p zlFhvHVtMz&VhtM{Y$w)%!zS2M4uX&Ls;ID%L2i{aCBZisAE0Pc5bOq)wJ ze{Q{iaPgZ$xmsA}Y7*2(p>z4bgAa#1=C3|(8=}^gnSe{XFUQ)QrGl3;uCN}TTd2p> z-i9=;v)v1pnn@sk^*1|++jIFZ|0E3z9iY#atyekwN=wPe{HFg%&jDN|u`!xirbh%X zF()c5E%mJ-1y($D&a6mZH%lhqvDzd#^TV-_xQVk}N8*i;Q{5LXOYO8%Uk!j+sNH*w zwm|KWwM!;+pXBiWvGtWyytx20~avtec$(9YwfjuVW3(;ZBr}2_lBTq>b@I` zae%y#IqVQuHeQE(*M4dN4R6oG7c_!t;Qi7X3I@X@&}dg;=l`YlmOn+#>%`GYENNA=1OX16pL4MSO zog!STxcQOA&{jkA*4)(ri{(m=loivU+%TqV3;qUwf-jhM zQwjHHZ=W?>wmAd5OJxCQkRKf=1bz#x0Qm&@H3>1VkHe*DzEnCGd&*@)ZnnZ_z!arA z`g3A~No3eE8(`P!ngP8fC$arR#ZC})SAc?Q2mmT~H+b<*)A-?+y{PEuWk5VogevkT zlmbyM2X(tkj4R+J*&#!=FDy@SK258`6^R#{n>Z*o4~F;~O1@y=NX+otmdeWo5&@cp zp9vH$%2R`d9#m@~$G@K3ebFV)O6wlVsC)QHW|ob_XsAzHZ7C`;&b0s24YD2nIi+GGM$x@77bNkW<}h^|5n$&-qB`1nP;C+>Axp2i~Kku zFR7mtYENB$=gmh0O8D!uqa~Om3S8(r|LCLtPm&T(Wd*K^5!Y`f9uaX_@?qTmggfLo zzx!9{F~Y%^27P;B5^iZ9XCQ)u^QJMe$ik{+8$uAeNwLIM&DFRH zq{lpOt7%!bc`KZ)Z1OxqoOwN?TyoV6mYIBROm5!j+Qe>l(Kzx7A$AP5q>KpRIZvyjc*bTIk)&SB*~fLK1zO`Q28Ei>UA53G4pn7W^9wl zYm%JOp(lOFSKu6`s*cP9&qaP-Q)m!SUn=*(A6PZ%hbQ{_jwp10ziQ`jm78 z-Cqlt^|TrjXPXP5BF)`W79@Ahon^Le3kabIM1#W9-;P(JuQRaR#=k`?}4 zPB|Db)RYSR16c{=H($JQ=$waU54nzjbqe0<~!O{94KzypMMr9}rq zn$NP)vIp?ytaD#c2oe`GYYsQ8F#7fa)%Yw`+GqC*LLyI03kS%;n{KMw00i~r{-vf{#Q)%-G;4!I>o0y3pBCQ1^g~D;0XMg}glT;9<^6zbA z9(7$?xQeDXng~^LnpS?cvh`kKliSh0q2-xv(w}!+cjR>)rM2ID6s)E5y+MTkr;MFq zLmz&y)tYsl!cg^y2OBBCp(9uAQfK-77FbPR&O(~H7L0hy;+Ab5gB|D`-GCXrfB$`# z^T#f?0SiaAX`@S>@x~>3&nY{=WdYDjVg-}{TxS_J6M4~IXpaeL~yY@s7&dlP(RxoED$v(Ajv)HI>^R8B8 ze`tRS6Z$=*MPW{=dm{l!h|Sm*?suh@psv-d6@CpS`hgLJGiU0tB#EVF#?v@R_q~)=ZO@k$bxf};+`J&3;R~*hi#_kbnFm4#LY={WfeE+7sfi!|#BE<% zZLp8!vXMsSDvI1CjZF00uUQGIcoODayI7H+qq3x zo zyNKqkxO}+Fg_aXBVd1bZ+#b5Z>mtEcw*FUMicyJvY(&6ykLJoU{W0qXZZBBcfaQ<} zjJ87ACPf4b%rR$9$cfCg+$%=GfM0r^M`RWg5LU1B_Ve1}*noP(w$C|LOcX1D)S|2?LqvDSLCPHk&a|B#u7C zWchhrUW3E+Sy9C8&aMgR;5-2 z`l%<=&V~QubWuhzIjJKG+1h*vz|+sOyDnJ00fmesC}2FdafClSI$rb|yU?PLt{X^w zoX$U0tVUBzJl^7Ee|4~e7dSR4e;( zMj!CIJxvu>Cg$OD??9&^8kakQSRaM!6{~)0z4)t+B6(t+38*6JrvgzDtVigu(%Er| zfA)dmLTkoCQjFKC z(zU5y3^jZCOcx+p7RsbVEb!NauWC1NG)G#Md==1WGFq{$G!gEi1Zn$UBg61&shP5p zAw7LBInThh&0X6h0z4hpS7Xu>F)*qYSXvAEHkq5hhyt*Fp9eN~DeEY}2L zXviMlq2w6~J!^SJ)RmLm1qci5iqCxbMnH6vSl}n+vqs9Z&pvMDD)EfFSdCQvEx+LU z;V|56*f$YM#wW*B$k3B!D;5r(Z539YrR#I>H6-aVy??DDkQt0qtrf+^ZTfE+N`_rd zUejNnUE?i%f}QJX zBpoMTgoK%xWUNTl24B3t>H>ard~}UJ3T4`n<0vXFHq31G*}F6!{_EuGRCxiuKBwuT zG?u{ap9ChJ9Wi?{+#NkKc3+}_DMu+U2k9*scwuYOcs@~t+LjI z-|H%uuwBTqb%H|*2On~CU#41HTIXA@2rEZRs{(3Kv7tUc6$V81i?^Ex6^1)=CZxJ; zBAAXr#1enq<=~;CdGZUq1U?BT*nr{8jT=M9bMIKZ_N^=>Vd}ttAgKnfh&#h}Sa?!S z;e38kCrN+1Pon9o!$eW}FklG0ZmRR!b9LI-5>51h4Qmm4VT(r8TH|R5CV-F17*E^~ zfq@Ro&BLnhTAtz`n{; z*B%UWa?iyAI|UhR03={|Q$jUSISzT0{-c{MqCg_?as@JrUts%&^unF7-&dg+%leuc zvzFKFQy70(XEp2>2-OzATKb&+5yopM2%+DO)4NOrr2cy z>9PE5VS^o;#=*5WU4b;!IjQ$yp%0|pYzK6$oD>hF*P1;y;GG_elK07ALw|kqcEy9V ze_d{!AqPIgj?9$&$Atf}E!EE5H66ok`j3j}>FI@r&OLTU z|MJQ@pVB18>rUF*#m_rqB*1?AalhD_JL_k4hs^GyV1S$lJaANWM1(C!O2JEUMEd?T zpm>DFu~lg4{tCElB)k`^U$k-QN=}pVO4Jev#nw)AuQI zj(9d_;d?>|erKhtYnL@gC<94zD2g1fj9U8{%lfDQ@dE6J34Sxi#UyCv@a0C9xO3@X zZQ?Me{@h`Xq6ddHeh%i@VAk@!+^yWOV%t=QmX0)A?bKu%NfX2&9dhZtA~$(85##lY zLv(R$qF9af(N$lan1Uc-e5c2l=e{h|+3@*?)4KBlZJ%jDSJS4RKaQWL_t-Wb8^7w^ z9H1Wt59sR9!M_Wg2Kx=n*Jz}hS+@KCU;!^R(&=VXRiS3L`DShua|`~R&RO6QN+uej zr)d|;UFHFI*cZk;xsf5$0{ewZRpgE#wMNPaH6keDH!y4ZE+O*0Otfw%1_6!TD88$a ze0=!q;r5$kK3JD5r+A!@^6od%D9~;h=h0er08CFPn6GH%N^TX!(L^5I67re!=m**v z-xX+E@{;K6-euLWyJb(1Wq}h*qcf*rdZoVQ!>a0|dj~0nA>oZY4<57@n_b|U$KClF zU8UlSv2GC37wK$YkbZ_`$)M7taX9p1Dn>h%-P3e5cC&%B>|xV@*ezd z4W1(LuJ~zC6;S0m$@5flw~GwTeVzvD#0qq~l`xkS^F%kfg5}<9O}-xC?%VJ^X-CPS z+c_Tct`<37MFRsjXHh)^IS|b}xq0LMgjegm(M%&|Iv&K6!_u;J(&gb`wsax z2MA~dXlx)Z;4Si z=_(;K`X=VHLA8)sbFC$d#Zyn*HGbuKfyTn~{b>)S5M-9$uzb^0Cy`xt#<;&dV?%*H z@z#O z{F|+ZxqAVH&V->o|6HTH@aciBfJ$5^dVh~t*KCZE5!I8xMALd};bpv!GTAS5`<%!b z3N@y9Hccf2hmui{Sv7Y8#-g3*JJ^S__24Wku&uvx&#eCs=Q!O@djU@}U}DyaLKzoX zRD%AVWkVU^G09r)sNPTXA$#+)0c!*3_Fuw63JTbLQA-w-8V3hWbhQ~LE$y10=V<(b zm2I;Cv9;OQ$;cg;NHucKPSwUMA1yWh-BzQR*udOVes44e-QK25nGyyc` zD-L#SEL^s0ta=mUI))}zv17pqRok!B-DejnxwtC?8leodQ2H(MU-@NtcAry(?4UW1 zsg1jR{iKglztfIm>JC`A8rjl)H8J|+d2?Z3=g3C>o-{{BNUpBsEESBnK0&%V<}Rs= zIxPNWr=4ZPu1ywG)pkp`O+N4jz$qeSw<}_|$qTc!U`C0fGD@W+yyRg{^v_(DS`8D& zf)j1p85eSpH>#2NtmLHICbLvyk3ht3a*CevW5%U_q`E1c=qEkdR>3Vl26t?-x`*VL zYV-ULH=X6uv(^Lj(}lzCZMVE}7af}~_18uQ=5364hNEtp+s%Ks?L_B@dK`A6<+O)8 zwdab4JgAFQR{KK-&=TF7U}3YdmVa0Z2kWA&B5UStNRirRIy>+36s2a@k;merKN^}7 z>+0&9PG_AG|%2te~fA>2;2O@nxtXm@N*DCW69yUwX+|ZoAXjIK}2iTg!>}5Nw z8pku^YWvlQH>zV?(#x5Or?;C=VqbLjH$Lq{vCN_}B=56hYZb!gZhThC+9Mwr=IkL? zLbt=@m~^iulJ>|^BV=##6untcq;C(?6_}2%tn*O7WUy5jnZiaoXW5)rJNiYMM{JDb z$9HDF= z4ATU54x?iEP*>JTDRTCE&gA%2`#2P++Fmxp%cb$N;Lnz7z8>3ZWblux`#G~-`%J-A z0MG=;&Jt^Zc{L-bhhrpx+79?%&wmU5gHo@*wP1c!CawCOZ5m~pXQP#gq(Q-GI4Ukd zJqk>>d%fhr0l@c>extPKSs{Y8;$h2dy)RPrT!(CgCAisueyPW9Uc#syKrDD!XO=EH6?RsFgp&?iqCGn>_XKAN zzYI0~I$?^5y3WtAzweZKPGK(!psYr}E_RP=FX$~_NUUv@TIn$jB5nzQXiH+X1 z?gc`Ql7T4915ED4eZ>{L;><;Lo|c3a3h}PNP24;JaqLm5>>sTTI$)Nh5m@Maz94PV z@`soD$meqGP>gAOvaQ{g&TG=bIN5hv5;k7<(+tgZV@PD==9DWC@Qt-^K<^YgOZ|qr ze_A79<_XRz$zT#OfQaOL5dr|Vax+w1ul$v*R~Wwz%{7&ttmo0260!#=l0O1E9VH&?bmh0K8F?%* zu2InjK;`wCUaH>BB#&M$G>@E(uZLnLF$7yJ_|t)*?UvAG^9bf(u99_zau3#iUgXV! zoe`Un-OK-M)F$7e)t=nou4jvVf6W55O2a(%f%~^ZCL-50|&s z4epX#Bt$TE(Me+sFgwuiXr%z!A#NtHN@w7Y8@Zb1JGU|x1{xoBH^S7-`#EI)07b10 zC(u->)WJ$4*MVdvPmgdp+RiFAh*CfgVaFSl8y^8s*s($I&0=0k2eZ$^D@xHY??$3O{VRi6icueMV|05&h`@Wo0{j zGOEqh?Im;ew>-Crf_?1B4`i#IVt8i|vvH$o~h! zRZ3!KoI-EH2msd{KwnhCge3{Ns3U7j()1bo>)`LIaRY^?(mzPxIL*VFUAg5-q?SFk zf1$FMNc{y@Pu%h;y;*`d1~8i~;V4_6Dbfi$Y8vC*mYWp(=|ylhrNHE|0=#jTUbe}r z#>g;vBv>nM)H%#13fhcu1tg$MB*V@Nn#b6PF0w-KtIRBw3DV$(F%q`=IroDWJ_ar zTHj2?jAEBslEV=$ht~mo1YH4wcf$g!*mj$kKLT8&@*TvKebp6|&)CCZ#W3~xpPdL+ zb%ZbZ2CVY=NY>9Ekb$}8<&WUK;^8iG=Z&{Pk6|)NYa%gtgUoS>tR!FjXm{|E_m_=h zvdCTz2lRwkrFkfGy7uyqGyBl)433u{$8aQrNXs0)^r1E~=qtex0H~PS@S6}ZZ4orbdex9U>4RITL+uPZ3n|-$$R%-Yy^Oe_aP5qk(`n8g)vd=P(4(44%Cr7WN z>jxz391f}B*H&UZJ*`|1{-GhIbRlia9mYJ^N&L7Up-Kg_S>Auhrv6I*p6_*a1%X1d ztQG-cWF^;-wkegL$^gfw&`Co_e_6hB(EA=o3hFTy1NYQ6z=GH5im2PSj%Bbq#;3&)TPXL;QUcRl-e2Prto+5mI@OAP+?5@Hmhq1rr2F%y^!P&G4{ zL25GqYIIm;GQOzljSaD#&O-DTu369Da2hGU{j~b_#5#FDu9FTG$RB)q=KBx98oFhF zzN_7Y!gCiCttbAx6HBm&i1uSDe2afXu!6d0>}@7E_7={EqAI0c0-H)+g{cIZXtA`@ zkhh3h(kvcYj7V&}8f4G$+dVz~&6(VOM!}tcXEZForROu++O+Uf?7je(2g@hZs@(|?wyxf9WDAkDS#Q@9+&!-TJSwqJ_fkGscAm@c zHJz>b#{1G|=<<-2qFKQ7J+rGq=GS`y?jbzDJP9fTOpqals}l0%GfBVxM3`-aMJlO| zbN8P8>{hT`2QXgE!Mmg+3@ik%Ead`NHv$ipFXS|IzjhmEzW;h)s zLh(ro7mWBC@SThEZ{kE&+n!}EnBE^tXC4of70g3-<*w?9`}`vK5+sR2>*6~eoi|)C znrXLeRE(iu?i;5AoVE5tZ~p8-)uGNAQ#UCFV;u5(qeIUdU~gT_y!wAXmNc}SZ$f2_ zVSk(Ni_RKezd66KXmF6|yI?Er@gQ&|Jdm%{R)eQKo~6+vbi)0c6kMb>g%GcpXx5WQ zCkyPt+7!#ZAH>pd_O{g96HOM%RemRgi|nQsr15bju}LTF{1O40JmiQ5w@))^3ynBt zc0`k}h4a_tCf@@m?1soA0;ta4BOUMgu?9gNpYHl2(@QhJV~GTMxu$a!#1!FrmzsW9 zI&3Vjj)-a({QRAP4#}y3x2p>$7dj#vucQXQT&<*XDGsWzeHV@Gu9c{=v%;MgH~X(s z3$nE()~mTocm788(KiWK&su!pc_`2!Ln#aRTyxY04L$O%Y$Nz| z6!IzVqDwXPS;R_3S6gsi&G=Wms>_>@!;~pD;;DxFqD)Qi|vF|Y8o&Wjh#t`!Th1&uxxZ%kUx$*B3sf|f|_&jKeJu1wLN6{uaYhe(#RDeT%4;z;x9CN9|JQZ$edS^Tcw)82(?osuLJbndHWF>WFW* z?<7w<(oS9{CA}{ebDm}U)H2m{Z|m5{Oino&LI9wZItr8y6bycyiI+24#FT%KLml0| zHWsYCgYGd>kkGC0;W`jx)YMj;Iv0l|r`H;V9Z5o7d$0`3?%jP+*%SG4Kv8x?`KcCX zpl(QPM^_=82gRPTyQ9L z4-CmTBy^(s_xkb%@jq4)u>K81jUsCtf?2A7<|fsC{MvKUZ)VU^wIt@a?UB3RV#{!5 zG+9q^w3|{#7I&?!>BFPW$d@)VR`6Q!xyH4kS7CMTYIiYiU8TUDbu0z|lhIjU zcPxi!sf*9eh&c#DST#FrF@ud z$b8n&Df$s5b-`Bb6fOG_tDfGl&K>}3n%?~gf~C-Q+-A7oLxjpvu2gCEf7no54L)@( z;TT|^ocx>gOFBvQTDnExysdKj)fVThVhLtAz%^JtLh^ zV>8f0bPnnBo<3|KY(V_DS4HYX54^PT{u^^+t7FRm8FBi1yE6q6{H3vxcEm2kj_ioh zzPOst)2;`07Ly^e)vdItdE{PaE?5qI9v9^$gv}!4)wUFR^8O387QF@^=fobQXw&_z zaVj%8d=!C0i+Avx>0KkeJf5Qm(!WJoCCs9BKcp8M)iGqgPkb;m!Fy_&Ba8FrSWivK zh{7!EoE=PeeYB%iOyDQ!B%fPJ7VM-jq!?BEx$`nZ{ynSqp$6(}=5fWfmG83G>8cjn ztG6!%lwGr4Mbz5$@%`CpR98_|Q@uSZn$;?_&IYTnm4Rq|+(VWsc;q-lAl`q%6JTi;V|G{gp%@<@Hzn*l#-b*!XS&K}h=BjVuE;gcm*5xAa@^S3GT+ zV6%KJ_NGLQEVz)!sOa^FAG?JH#0^_?q*8mGdXCg$_vF0JOW&8SU#$id6As z2TDsj5xm#LYH6H-pDY2k=Uc;#BG9(46I97lC94bi)zGR4nU9@mim6Umuw^2mC;?$=*ruwuP$tLg^)ViY*ju&9HIQHZZ}(4WQ{0YU_f2ui%qgE9XZ zt>>(pNb^tp&eoqq1qwL7iE}u}mT2-jCm?a4I#qfmELmivRP_x|72(m&={{KKGPAJ# zza>fX7?+woiORHdzZ)a{|DJP<3cMdpHUyHsj!AXhhakn`&p6)4w zN~NDZa5NMH2xdOm)K@{>9}%a7POg8kszI11qxp*NHH`mP&Q*WMCoaywB!oX5;~o6Z zW3H_eqNFRU`=jYSc{RP9?$9G;RxaL_{YC3e0QB=^Q^6&{!?!7&Vr?gHPhEQRnLG)e zwMo ziSLC1E6;1N+$;yCV}L6ee|b~-X*UU0M$z>d8&~~&*kb2qB&Y@~4NxStUvr*6u22@3 z;&_T9$fvsi#;EH6!sP$rr7^}+0mvX@5^3QBf|}fXiT{r17$BmP6FMz@1kDn=iYc>k z-ZpAkzkTbli;&eQ|3{vyv8RJ^)}T$fHAk@{F8J56awjq^u3+nDmEA4N*z&KJ_x2AO zKL*wm6E-A3rjrI1Xbs~=m7>0{6ozK{K#&<42Ugc%x=!q%UiaRMFJ*gahtkF1LZdoy zU==Q}k95o6>5zSZidNeQny7Pn(=yI%@Z>24r(sSam1Umylnz_R!HS(x5Wm%sgCi2! zm(Nr9^5-XtnSNE&{kIkth-Q3sheAo^=@h`n#K;pse-Aq8YS7M?H zR&2hw<46ZH{vD*r(#8QT2fr|Q=ib{VvZVY}H+#8j zZgvjIJc1kEV<3SC0yuV~_%4cnF~%@wI*Pa}=fnLc1km|je1Y%n!AI0DT8I(EP@?49 zV_l@Y$BYcqq^bP3eq>lzcsO7maSjJ1UySo_7nwJ0lF7jH%Q@&&VVmelwsU0=6TE-( zcjV5QOd+T)(}B5j;3UR7_Jai1OT|} z>Io)sqFT+TcDg9;Ryqp-UQ+%%RQ|U%h-LoY4J0Lja#TW^ET@Pxly5}^-8#5>#DC}D z>kU`$yity1@%up4BQFZ@OeJOl05fCsdVb-{O$o82xg0)8iiK#St){gru5d(4u}+cE z8ddpK5nq|-#Z@tyOW)6J>F0K8`gmu*AY7o6R)D@~ZGB!Av%movgXKNzc+ELP29Y>3FlICNt!Q zDRl6saA+@xZ64hbS7g}YAfRhc2+E>ufSr}D#eb6>uUvPC2EgG22xg(TMiC}scSrkw z0|kT(No4xvJuszHw#tFh)UPTEg~=;f_;tcVTuBeLnH1{ysW<+73b2E!N3oddb;0et z%R5+QyV@dy&JGvcN4`)WY5)AF9XpK_r&w5bGwsU-6FVUj@@21n=TTq$N5P+f{_)u3iY|&BdNpaJ`4>yhuBJ@yb)T<9M zg|Dnt;dJm)Ma{}A8`Vi8n?IERcy?=@K1U|MKuN&7;`||;SAuprPE#qqSK8#Mwa`DG ztEEHMeXT5OSLLx(1d6Cx>Vu|RhWylqG_3jsjaOC#&@^KBf6HS2SH>TF^`H8N2)adD z@rCrn6F1&|awk|mOz1VuQqMe>V1g)@T`IY~JpG(-oG-SCZwK*5w0G+$4yfGjOIRBB z%7j(eE?0jnL;vMB*cTeNoNWZn=iX+xf;TD^iOezFvwhx-KL&8v1Um&yVNR zzM||eJ9k}(T72NkbT?W+t?$`$y_Vx&f8eD2V?Vm*30R`a_|n`>JRObd$U~7+=ykHb)ToVqoNLuw|fUf0LB0NRqwyU$edlRQ?pRg!W?C{wd0mYguwbaH5lY!QUa!U9{l)g-PLDB_15_L$ zey<92_sDa0@1rS|(?YS)fb{uOH%UqwtDW)FWp80MWA|56LlE_Z__>tp$_^iY*WN&%@@i9kF1S>6>sTy1xqXgJ%Jdq}WYH0f$Tv=BAdMK8V_2E;8>I*Zq#sbu(9!xfP0QCD)6I6lJD zm0?8X)@*{I9!=Su-RaxmdJWY&2Y$ib;)Sg4K8h_zGK|{uNsNa57Z2WTtQ;LSv%W?7 z>FY`)4P7l?n{96d`h9c7AH{zkK}Ld}A$H`3Jr}5=_{$sPj+Ea5o1man8AI;W!3&c7XGSZaKv|&Jk=$|5Aw8>f)pcZD zf4p?}nLX>-TFI3CYw)ts#GG5#%Ojm?dHf&gh}CP<3#cVdomkk;KWpJT^L4{ynKP6Q^=njA(GU z#3AlbT{n5g{1lMt$x5OjbYLjinvAbD%+H3AK=lG-9;`1lQouva4sU=S9gciqd5Ng& zk5G#&j4#W1j@nrw$iHabcUuTGlQ}zH!1R^W(?DH0(-*+~DHXca-S-S0Km>X}f)os% z$fF}@;B=Ef|MJ?K6#A+;xiL*B%Qud*q{@8oO5SzE6Gi3@3yc~sTo*SQK_8kr%# z_VqhS$7!!P+dg3xmwYjY)QzqyiFeU$6`_}wV=&@BOF93qq7gA%;r{h@3-i_Q>Guxj z)?sXN-o5h+ZOwjXjHBEuz29)#2fG$`9u^{$dm0z!8f8eH%LpicD9V3u*)jT2Xq<|i zq*ZnZ$T$b24&-(tUF7djpos3h`A@ZSNEa-Yp?{XRKkQ z7mA*o2*c%TbsBn8ku88mGH(-t-|(u4?$|Lvt#U;m`t(O-7q$sauE(hGihGqW;Z9$I z!fx<0vXv^iZuJ!FeXYeR33Ebh-9S{1A&xZMShI@rJN7sO_#_{V_hr=UKVl>QVR!5nQoGHX#i;Yyh>J?sk6i7mWcer6SIh z^UZ16VTt{Kb{W+UO!~+FNYh)yKt6g~Ax1jZSKt!-_=)8S`{9ZW@rEl2EVSK=iyeMx zB|vbXm7{?tQ1cB2(=K(YPXB{5D0#f*^6Uo(#i)~RMUf+lwO}R&D$$Hqs-kpmWVtffg=OezFWvu@oe+kUyk`aH76N2O!|>_Hh^7JRpK56#00KB9e`M zyn%WbJM29@h=}{Uazn!&a`fn(?@2%Hr1$J)j`AZg;%Qa~J@gdgr`A5v4cGY{XC9x6 zG`qU4BhSv3%x9bTcJCS+tB?$M#@u@FKw3>j#axtE8kwNZ@qSd=o|*gUW{y|PeXhZP zy+s}QrRiyTdC`v#kG#y0<<*C~)pNzcm+*j15TGlzXWC^!Lcaoxc2w&nh>m-*4LKor z1Su^Xf4Sg(j-J)M-j?&@Y4BUQpCc83xc);_yb{{B6~_NUPP@rX#d7;>ch)kj&lVZ% zm6djm=!+j+L1#M(ZA?#W@OTcN9K>OBmg@qNeQ^C$7u70LLZjCOX6@e6yM9}DuVLGu zKeBS?fq{FkG_DRy%MzY!7?*^sd)*J?2^9sthE~z}GiMJcTiZouL4Rxw_)}kfef`aV zfBN91@`3qNXX?BQcNMYA*1sea%4b47LW;Lhksu>Bws}vgcy4!?v3N}LjYcZ|O=lkN z67d2FkxE?m2dLd$YKQ06uBM+$8CXrQ9Jw8-luq+HSgtsG9LLd?OY9N9TMvz)Z_&$C z_H|CPGRc+ZN$OyIH(42RL_CyobR&H)PW4-DJ6+&9v~0NGtTddH@yG4O}gL4*A z=m1}~-d=IzIWmkR0oX7qcr_?H8e<-&I%^R%(dQHErfBnH-4L%LD$tYan;X^>&F6I` zB!3&!=)@j)#<|Akh4;T*ExtEXY;#7?Md`0fPcU6B{&HtEC!f>QN3Bgz(b~1==JngT zX4_b=(VGRHC_#t4C-v^vYss@h=B<%9QtH_5Y750a>(R)qyssjH&(@SZH|l(3oxM2( zPfQXspAuEc{865gkUvHx*GYwJ=Y$DgEH@m^87BoaDLns~Chdihi@BBmk?|m~_{~Bd zv#?!xxOa_UiNzPBX~WS$wev0QJQ>#Snjo3rO{tr=*yB$=BTLAYh=w#@2C;Pc9?XL+ zaIrR{SGM=ZEIWLuLP(RIA@iaL!+4rka)WO5q`miQ=R2g-#>G|9z+oz4;(GqLC~j-=H-9YXL?fb7!Sl0e!FA1Fu7BW0Ns5 zGeWX)jn~;9<46$2X4MjqP3he6 z2}I!>0?A4WRQ*6|X6$wiDM6cUaUD3L4+$6~-dXtmUPOb)CVmbFe40d8J2-JlyNDHD_are51YV^y-*0VWf)+@LVNSbl9pw+wg3x5z_Wgzakyx4!hmg`w{}I=Qs>W{S*(UIu~$Ok1ddmpaN} zdb#WI@2tN22qu3)QJH|sKsxYB|`*J&9jipa#v8xRFXEH7QqZUn%(ThSZ9+GfA`nKr3 z=pwbGykzHuy=@xqiPsaFE2A0p#9F3j-DQ^0-VAb4Ts)aUuCTqQRc0Oi^K@z7^*fD6 zi+fks%Ev7R$gp4i+F6f|F3!V7gu^BVSL2haWy8XN8}q^|xG4YQC4YL-JWzj9<;8Yx z{;{-b!FR~_n6%Jx(dJ#>*f;cA6SI7%>MxWLFo4E3sr@Ik{f%%-EWk;O(p1WR+Sk{6lh6;jkcs!4(3A-UB^7I_QC(0%u{>3F%u( zXKB~i_ug*EI@rw_kd-qB{p3w0*HH;xo`N)UsOHr7{6>;jT~oInkvr9gf*-ht{tni* zj{pN_GsQ8+d`UB`1c+H1anWDfgsYoS;C1=6rlL{ykee&UbGB*V&2pB8>yYX&$ahv( z)_qDM=#?LKS-@Dh2qpaH5F2O5x{tA+8FAiM!@d2SV}me~aUy|lA3T}@$6XdX8(xnL)rnj z4d}tX(@ZI8C%!Q1p?${#7gh-;k`-l!?xNk2+ni5 zv4WYv=3)XCjjBp%#sUjx{c=no&-{0xYjNFs?V)7Wl5Wd_3onxw>Mhx1&X_+&muP+0 zl3QMs?D6*!l=$U203kzX(ruyDX*IdOy7bc_*=X^BQ`w|6^!|Asm}xVvMZcpx&CB;J zHRmkRqejt%!AIrL0jafsylJB7aO9|EvUBu}6r}|VujMU&*OM@rqTl;1C}t^_9J690 zSwGHhV=bB0XXODxHJL|QzRyl$1R`vkwTPRpICM#AI6sRCjDZ=Nz$@ZGTE||c!zQ;0 z;Z4#DIB31#kyogI*>_O)$ucf>yj0(^B?$+reP`&AnPkQ-y@{TnxBDf&zNApPoXN4g z7u=Nn?#8;MS0|_Da?K|ioJ&`8*WbslL%n)hqcbF1+V7K+8TTv>ebY48dCL@Of(^^j z1+xEt6#;(Q6i(MSP`=0C4YRBkFy`tN+xPxyS^UnjpeN86|IqF+!%lcylI?B}C~_f= zxPchzormE)>H)o+Yh^UiP|6-6btbpJI{X{dN zwf)YipA#O&A2g0HCXx!{CIcq{jCs!vfOlUWG~P_7?CsH(tv1J0!_}d!jt%*G2g&T` zn^fVI_uePvo$FS6NDm$K$1c&77V8aYU35c=a@C(nMwSmZ|0xwuHkxcuaovijl4lm; z15r9D3Q7~?e<|Wwx3Rypo;b;n4dgj?MtnL_@2}dE3d7%eWq3{vUM>?S`}=(8URJ-c zC-|Q7BKbT7B{)|<8$Lf`>bDM?St6Nvy@aLyY+4wg@h7}+V-s^lYg2afpAXJ-uQz=| z2=#j;o~0|`)Cx?G?q`Vk2!?v%?R2svbm$6*-?_?OKm7e7QZa6+vHjqh2Zjs9I*^RmAEgE9hgQB&wq z)S69c^jF4Ak1cE%hYVwJzg9Xj!+Wz+RC)l7YCH!{lSb1MmE&JF0((HKd!4PRf28g0 z^^XKgp=kT)=pYRHKNsh{RPTq{yNICrXAvgN-id6M%b@FvCfCgjlH7d zjtizm4+#}bd?7IVa&^Sbgfb!XQY$Qz{{B#HX#}5T8_i-V7i?JMsxZQbdgAqQFy|Og zZXV;4Hv-?REsEPmso8GLyg&9jZ;DzG4$VK89Elr3!AQ8BvaxjQ|GUOX-5mugXLihn z&=-~ExB08*!po7D8q9NX+oqB=MH(9eggTFz_BZGL7hUfi4(Hpg4eK>Zh!#CsMD*yL z5TZv2qlPGB3?X{2kq{*$q8l~Zs55#`M08OGqZ33K-ROLGp7-6)-oIzR-yaT#!(Z3B zuWPOIJXcc&RV#y5o}Q(ad#S)PN()I{uBuRY=z|K1a)}OP3D*;rR=7S*n< z*aq)2DSRCP+E5MOVOEjJ>C&O#?Rj6iFGeBVA95W>a+g#tO}qVC(;dxj6i>Go+#umD zC~hF!G3+`(Hdw|eU5{0Ko)66cqr>nGvRILX5ik>HDuR*t*G2S0O%c)VR!N9#E8v~9 zYJv2n;FzyGel1TATO<49d964t{e#n=u|j%;;^h!!oC!orML2gwq2*R zG5Qb~zp+CtP!xO?p^mV>T;AUq4^ke-{pmYczd0o}cSn-8Z!ptt_?7SkoT^=at*PMj z8%{!hk)Rym+g;zfu=T?L1Rjw?@wy# zm6^gpGlmyy_4kujweMW+_6*e>tHq{Yj5GmnqTGvPT!Kov(tduh6!T>4!Nsq$F*PTn zT@KJViS?RZQ{&+obc_A*SAEJ{@WhpqRZz&3*hbn#Uy$q4^oQw&i)UwQ!oqJhKdeX7HVB6k?$hyz*U>N2bbo0gEaC}IqyKey*pZ1&?}0z(!`14&*gg08 zJh~wtS6Q^@b~L~ETJ-qs$FxR+ExebcHkD#EAFQ`0SVbl8TnBV->6hM~a?glAWxXqF z`wVs-=|w%uD^S#X*1B}IPIY_Rrs(t=ZkbGKF}oBvg}d|LGNx8U!F__+5OhMd;S&p$pAoHMj23EjH95t)oH3rt1D)by@^iCu|D*v7@o6kzJYGCc^45Ia5>zMaX2F?tdZ;n3bf<^ z%0kC5ZgLm_^1%_s2S;ZRz`4N``Vmx( zVU(;`P(h0W^K}UEviH3c$cJ|*M>ZL3(7!sItr*4JtmfrHYygIsbX+W~4`Kbt zT_F;>-EtI@Rc+}{K^CU0^Ic56FW#VNmBb^Bq|h{Zk(K&gj<)9E80;6G;fjVX{h_xr zrRn4STGD7g0VNg2T;AMb>qxMUAx*ZwIH1sk`Cwy5vMpNz(vyZ?o$T7DSIY?$OoBBPDL4RbmSGws?Q@h^A? z=JWq*e*Z%KJLPxA=T&O+YhRsJx?gP)&OUWq6ltG6ZiLL}J?Ed*;DC~pBVnj0B+YMT7r-$zZc-}M_3fW=yKQR&--cI8 zJf45C33J(rKdna7Bg%YOpqnfjkV&{RyPvNm-|5tj@Lb)zA)*+`U`$S_yuD=&J2j6p zl!b`5oajOH^HL(-pOsRX22ih{*uFPtfgtr?>Rgu$pZOW&kfL!4Sh-vcJT07rp`!IW zFm6r^0lu>W7(ghbU@+x<)N%7!gWtDXch=e!^V4A1XPZpFg)VcShn%)EoS>=5itUMc zmS!dOZAXN|nN+3b!*xvk#xd0esr2@?D1jnIQb%Fy#(Q-5Iy4?~6dgQwC`=xR1ZghT z2lcQG^D%ZjzWo@~@x-+6*k&j z+H5_z?>#3L)dv|C$R_h{^9U6xTP>p{Y^#p`TwF0dhidld3tY`Pr#vxDCz=H&*4TJUy z>-P8tL!*&jX1gV0OQf#ByT9dD8XZU#{Pd(5v+0JJ1K!9en-utm>YDpJCa4iaAODyo z?7z~F?!D$%)|I%hZ+|o2`Nwy#s%P4Kb%`!{_)@Q?SvJYn(tS^UMkOo7Rd&7X$->J6 zF2WF!rTt|p=H#z~Uz(_!T~Vb~d}&X;u~Cym#Bp}51eNN+(Wk9z3Hbkw#uGktFPd`s zpiwTpr}0*~eNzeyRpdTmo&DZPh;!ba zx%E;R8DymGnjgVa1rK;M?!_i{fdzJS**U$qAxNK`jXOB=&s&7#}MQcYiWaPw^8lQ<7qi!3JfsunFs)5x=nA3M9L&}&XXL%F4< zBYL6p$dgcRd1&}&>V*1DqsT%f#3tLROAIW5Bi804M`C{Go5i9|F5ahINjA~-BX92b zhwBw7$}pz2&xhXgbihlhpF3o9x0XF-j8t(IOOAk53yjI7-suz=^PiP!uiKdtv~2YD z!`cV$2boV>1!!M)yj)qW^Nv}Jd2i``cF;n7M3Z>8__!=oSk=r;mw=NQHz$NcWHaUs zEA{t%lsleruwt%gr&MR*L;?8lR|O;l_g9Nv!;LP;lic%~=AFCpqj|-l8^vexN|8?U z+>Zi0WKuJ%c^hR^7X_BMDrvK6$%D_#2GQw}q9=CMZ-$tI=EOvb=@WKU8C;BX(rTO| z6zcAbA?4kG%l~=U@%(VC5=2B(Wx*w`EoBD}s8=?aTds(f0#>5HzeQ>uY@JFQb3`TPPRK zdKtgvn74qpMY}@FZA8$bQ$-6qe8P1d^ixL`^lz24Q1~y7*gKu~CVvBkCCKk@NoqN&)>mk~56 z^Nx}|`(q?@rm2U(w(sbr*vb3XsOcU`3cdWGE85fYZM-|dhmbp`yFKp)50uuWgJNmS zLSDyPzFC*18TVF=nw>M?cN2czyFfKTcJ$;p96tgk>5z(x408qQBk`SeCsZPv@Vh_@ zi!a%yAHky#JiMvgP_5(w2{7>AGmD746;Z_D(?%lkjH1mU)i2M^vIA5)3ZI`4GWIsKgvAo z#{)MSt`ymI-N6@Y6f)tPdR0J&E6B;A6l+;nE?s3zK#xH)i!aIB|=W^%(AmUZLF&z%ek#~m%uxJR;9;RPO;el{_w*wo^howxmu;)D_>3Aqen0%R7cxjlPs97B)gpTlb%Bqs;$m*)2=)Kzx3+&$ z><@pa>fDv`VCUP zJHJf+M1fnUXv$oyoY>hdMhStsK^cqb>c4b$&ks-QEiMPhfbw;`i<~oZ3qsMmhDUHW z1L^)7>O+67JAoKrQg*rW&npkFS0TB1p3{;K}p>VhH`@|b@67eo z`&xPJsF$@ptZ(V_C445(cg&pSFWRi;(>`-O~H*U0t&t^trs4fM@&pO zJ4b0FVdv%dEcJu!Uoo}c3(~*O=Ch-(@qH_-UjuId8}RK;K*3hT%+{4?Pe{BU^fYAK z@V|if^LBkQ=Uo_&VMcw*>|3Us)DK&e&$2>z?A!2g>noP`fOm7%ejD$lnK4Hza{fGm zBqEl{lo@RX*`n?vuac+&s_Ri6o4VuYF9n;O=guR1((^yb!BR0LaefgB$f9eG1p%** z>q^MPt<_E6^{5!%^|OQfX{}6c_v`Nv)MY8j0y=uOMl_XvZiMm>@yM)qPZo1_^2UjA zk|Ae^@Najl!el=(ad#r2;D7@gC!D!*ND7gQc0gle~c42X5V2hWfAEn3gfqP)Vq9$w&-fYC27}H0e`tb3cnMdosNG29# zg(k%4b~xJezBGvbJXIe-eF!QFe$D~AT0Q4sQSv6>XO_Iz*@$`pw<-g!Ah4o}YrbZP z8yIC_RI*c@I%U6^PKtrbMJUun7Gj!@^u=`p+TR;9mzVu_LZeg(^w-3K#jGMO50`)F zbhdQ&yDy&_Zj|xN9^h9x@s_u`U)@U?)c)>sOhg*^nHy^JT2$)gRv7X?TD1l>W62ze zoR5S)39Dl#NJ2)&>~z@5q?JOW#GZwW+~JwaM(4SupGTxl4#I5Dc#O@N8?7teX9^pu z$1@0UZ5^(D?*?*#!}Hdm*yDs;?Qe&8vT{M5ARS-k9V4IV>tkYQee%rg>I(V6>?GZb z{10y|Jjhck!sIK*RoY%Ced>!)t(5YJ@BdPSUBs~Oxz?=>?Z3GIzwuEoY*8?bxksLS4Xw zPg6bIXGHQZK&w?GS=MJSo8J#XXv4Uk2Tu#}J;_H?4yq#*w}4fRhVXX=NrxDhjEelzBB)ju4)pz4dv4v^MF zO&LmeV$GRWb0Wn(z?sMR0wr}neO3E=+rA80E0&ZjvcMVAP*q1W@0W`=?_W`lGo$Jj z7*iT`o^Lh?#Zzhy_ULqfAS)%mb^75j(~CNBo;6@HNTV)l=X~F9T0>~8e9e2DUy_Jt z;q11IRq5MpVH5iMS?fw(nO7CN+aceS(^C|X-SgLMfN!HU!VR57oPXR>5mW_b6nR;+S8WtZ@D>A)QsuUAfqlC7hcHA^o_$`55sH;SfNILn zy#0@Kpe2}$US~G4zl23Jd(!q)f}z(UesZ}mcD*X##8qpAW`vjfu0V0?39#_!zYY6f zBH~}DY#!)B#O%2ni3V;zzs0P;L|ZiU0|lRXz2aPoW3F^7*1@0&XGu_z zPDU^W7*%<1lH>6v9CP281lM3o_E~94M2x7hc?wK2;LRt8Qb}{#Pe0FDV_J_TVyena z9#AW4T)$xE*cI^N0r$0`SzK#Uj7g@mg%j#?0@&TIFBHNuy8%fGp67mA+U0?8dws`J zQ6`!#PAGTgYssJUUca>6gZ=5|75yREEqT7JonL=y%G>R}C7@2 z!IeS!=_zvvS7B&t-VTSYI>3u=^MY9!YAI1{zR8HBqGN9GwA##{*7xtW>h3z~?Mbc- z6gD?LBqo>h+`~yqHsV&-Hh`4FOjO|iR;K|wm&)<{MZLFG;9CvVMj|c)cLvhi8Hp)( zd^kio`2dK6MNF9fYJjxcpjlG$Ce|aoF95C%xd;hF3#Y zCCJwy*>x#;fj?HgcOuMJQ zI498$U3m!p2Hae$f#$`Jo6MDcil;4e1clSO7kUCrkIPxc5RJ|GG-HUfi@duKDl$K! z+p(-~Wvkueb)}%JR0TjC4j{Sk7-@|@O-JdDKa~R3YDouLc*rY0l%+f-OHfbXjji_C zx;=Z2iJ1z~Ewtx#a+`06Oy-M!xl%M}S}$~)G${|6DCtCqBy;|^eEL_0x(enmZjFd1 za(?nb{4f%!Gc9D^NaU!OLv5OoCQFbWp(MK6;NnWtR-!_Oc{#S6Dmh; zfa=M@5(LZb(UNX_T2ps3RC-8Ub?L(E%j%HikZI$YTZM&qO93Uy_Yc-y0NkPRIWvI4 zxEN4G#0*@E+vM#o>#r^8-4ri`=6#Dk$>*%BmfrtVc>BSf zKk@!N8u^CP(@qu=xbV&G$I(>4xQU*xBge_&L@mMoDzhuK+IZGrMcxt2{Lh9hKAoX# zjjwNky{$WJk4jP^h5LkmJlWM#`J9?#fS&#;Ux`XC*qs^vOy~P>!_3hN2NP?Y6;#Z| zGy zhoA!COrcl;K#U@Utbasktvi@Q}bh6(U z9P>8>Ze-3_GgA(Y)@)Q>5jq0xuvPQ52Ki2oEjhJt+`8-?^xi9I6<|yv)Vv3-QXFO>{6f4H zDg0am%V24`B`t7uNlb)Re4)p||8gT^$j@;Zd+hl1UVr;S_so#Tv~_7X%aG%$mtynY zjCHQ(P>S#Hblr(Zz51$Zkby*zQt1!ulfv-URhdJO+@1b&Rx$^0q($YphTi(sZi^|C zo6J`KfeVuswr#aseCv>o;GX!Iwlai65Em-(+rJks>)R-K;ISwYG6xhIR=!G<@IGzJ zm}6Cb$RI$~1fyvNAD#fIq9DUo<&g2$V+bTP-Q)pPY7uLElR63bNkbOG^M3JFRl}s+ z9%nOHJH7MUCLLRZhW!saiyNe-LVuWBh5hLh9IJqGnFfzDdF;+y#P@<@UUh+EqFiI* zYrp@W2ZN0O2^YluZm1@j(o2)ECIX)W*omXoi=@4pa_MgTw$caOEXO>L-1uiNY>4j0 z61i9!WF&+FpAz2%3P`KgOt1Uf&>oF58leCqv9X5hqME8ql91&pPN9L7DE0Xl&RoL+ zMP!_l+7pR~-48}B1-wW&NzEbnt}-}gIE#umZ8#HB-S!`&CV&B%6$`#~o*ib{K`*TM zA|=)W`bjf`GA77{xQBSRyf1Bem`(?HodjXWMNWgTmpZ>BmBVg=BLO`iJXK23M-Hr; zR0jySa)XAFPavQAdmni?t}}Y8tpZqwM`;Y9lG4Y?<&^a>?lhg67sM0XGf6-k$n?mF{2A+At$Ob`V!#OiPZ8o&IZUBC2EhT>S^ktd&XAqK&+s0PVclt=G8S>GJ`N7M3-+3kJ3>8B$=N~gH>T5{O?D7K=Uk&iAY{K`N33)d zVlA7!?{RXT)!_hEBSijNkN%4^b~68_ST0nc1@Ryy7&0-1t@lJao>`8NwrH@sNYLDV zLyEM=i_Jry zfc07n(~MfWzBQLHF&Q04co;H{5LH77+sn9719WPFDH;#7C!BpMozfiNg+h82$BLlD z%9oj-A*^JDnwlBU9uqLIK2^d#2$K^3))Ji*`FY7fgOxz#U_%Ag$x zzhgUoVu}_JU)EI7eP{l;Pp{jGP4@Vn3qQhXk5$}+Xd{mhOG1m$P1yxj<6t2TPkQcT&9Y$Qc}~+>i==w zIAPdPdqQM;Pq4ujaSeDn92C~PLhACh|8lQ-OayXGv#nI6?`qiYWqyU6boX7jjkxiC zRC;HVyMA@%0l`*Z*xAsJv!;fzq2ko~*ztQ)o`L}ov$8#v9dFkfNfHPk?~gy{daP-9UGlJ*={4?dlPmGR4)JLixzK=nAT4-%zI#b;6%hlNcazCZ&7&jSGuHM<%9l zrnbZUd>T6fNWBV#@4Tuk z;N(!s=oo+*S0!Q{$KNr9fb|U>;`2j23goZi?*m;ExQM;glT+eeR);VyJgB3m# zM;TodogvaCR3! zmI{^^PsUju*Zi*+8r=Rbi-8T~oV#wVycf^3FS5HFmjUXsalZ&GOT&h45i%D$s|*x;w`G&-yYNau%*b5Up0kh2Z z-e)GL4f|bAJX8~rLPxAK;*Sew6?vGL_qh~*UHbRh{>BbVPBvhXw+y2{#I)oHykc&7 z>1aY8P;HVIu)aU zM=?(d^@Z96YcdRuS_f=Bh-Z}z&ymxA0$-jpRHPb1S{gJeJ5CPSX^o@7j?X>Is0-*- znjmTAn0Hiwp%nU7U87H0H_$AC`&QmY(FU7Y?1teTSSYzmyZZnTUu&*dM9uD!BJ4-& zs5>zbf_j1ycCF=U6f!6roL}Nlz3q93YOc#pa)itkl$|MIrAt?Yn*0_KejTd=> zasuyRwa?7$*(NW-`rv*>SfSaQ*DIh0l1K)WN~?J3!85!%Bq<=;PYMH93+I4JX@v6F1m zA-4t<I`BPqa2wy6S0Goyik15Y?y_0K!1gC_jAY1zn3_&ytLoeYVT zrA3;bFAxzMyuIO%znVQ z3)(m?x#b&~pXaBg+LUjTI~InZ3LMjLgwl}jT`DoTpVK2)=tsnKXS=6QT!-96jERXx zuxefz1#wLG6YESKZc*w8!%O5vvJiMqX$4+`rTE_CsP|0qMaM<9-I;dD zl@S?ILQCVlc2fwjI0~+{4;@KMe6UfV}))0OJX+K>$CAvtWU-K?dg+aX@Wl z3t3WVN&8Af^j)18`H_f9n|U<-Z~7*mZ?G%1H$IC$3^T=FTkT*;Gn6A21XN5uneP@N0Q&?sDT3nfnK;w5C4LuJavs>qVH!Da!fo^{$1xoX65udldt*laYFc88 z*P%9$U+8@8#n5@1hC36>hY2E`VM%vlQb>%?0+=lwMlsG(6OMx(}AnVp#rZSphXb@!teCUE$mb}Zci$JE6h71p^X;Xo;+31 z4ZNAPXM6^-%w@NO6NP4y%$PH9f7UcDnz$^%aT^HA)oU2vX)|~&m6aHZV7p9t?YrHA zB5d7&WS%X)L!)B2Sw<#B$Mm+&FpWrUKz$JP$eI_fV6ziB^$1o4iPw1tu8f{iiErfx zNokos(n~@(ELPd%)#)uQIhi^?B0^Zl1j$jV;XsMTe#!UfJhN^MWV^s()NM!4abR&M zm5lj7hbu>-ziPU`i^}CcC2ypIu9I%^{|n&$pC~#y@m{<{I`~{(NWDbCz<}8{Ia?yM zu6#wz_n_N{^~;a^8=K&08k_A&w-iht&RJd%FnrzN!VX?(-GWA zs0c7I3$})se4q=$;EP!?{TKzEhmYzi-kbr?_ekWNd{qj+c|DEFIYf?_rp~*gn#!XY zKi<#zHUZkfZAm&6!ShIB5!Eq6GfmHv2@0VQcdHc=4ifC{%`~hLJ+|Jw53ewl4 zE)gRsV>StJ!n#qr{-=@h1a*@3%mnrJq^>fjskf9hUNcA5CpFO(I}`EH(jsX7jGBdz zGSGiv5|$E*4bpGz4DdbRDRR_adcUr{xW68=R2{8%U3YZQ*eyX|6U^Gk?IOrK7Sh4csIM!4& zM4_!r{MN4H?tO!ls=B8z%1**M!X{=X$oio>OmNH*QhM8zb>ueP!N_(s&m9Ty44@x0 zb<|PJe|ZjpXw~0Mb;faJN)tQl>!Dw}3xlxJ9uVpNnE@ut{D6Hv8^|OYNFgt9(1nLZ z)kgkG${rkJ{oE32;!Jt&5B!kB;GChTqhF{P`xx(cVF*d}ttP8#=`e(s?aJPMb3OoK z#4?pInaKm=EDZ{XFPU!|115!V3&l)L8J$`$u4^MeA*CrHn!=Wi_cqYv48k%YuQp#nJOeiR`~k-xob-bd_aL1x$)(!>D?xyj;95~7Ft)=Ux(N1awt*=DOx>j zpdlg`7Y*#OW!)g=cvzQYu#Tl;GPKEVX zzlYSeGT$E8h(`P(qB>MV|NKm>0xaVNW@Um8MLI>-&n~+P%iK?YF5z4r;&(c=t)e)A zovwFU&2`m|Q`wSK=`_uYNXd-K_g6 zYXfujwNR!pTaj#|{w6DT%=4?}je3h+a(Y zRlX78|Kh&5=V8>85U%u)5C1fk%=S8-qViTWB1F|-3ogZxsoOliXo!or^{w0n2j?}T z)?=0DXL~=#{Pun-St?&7u$;~q$-FxM!uRGC^>|TMfiC;FhW1!fB8u3#du+XTi`H?V z2OW7V?SsAJdgagTMM6+lUtzo2b?jsjlDhGAu*Va65?XeLyPU#j^>S!Ds_t`Ui6@$7 zb`80RD4W8WtpH}pZkXetV5AmtP~)&3ou9H5snK;gc8blm^E=BxUrIXWWrvHRl#F>O zw#%$O0;M~GWWA3%NQ$!U$xD(?1MUHdezh_ zq_0sbb^4`5iUVfvfpxq2`Tj|EALsRq(R3Dn7XHo2E9^U9^YIu0m@>u*#TjWzlzgPM zWx`f~3+B_wNqAq;qn{NGenW4!k^%(;)RuA1OK))&Mh)>Xq*T_%?EC%GmQm%v#M;;b zr!xA@mllaT?;ku;fm6-jb(&ENg;w1Q_ z9|)7mSH<2iz`wWQU+niEYcmnWs8so?k0QUuv-Q9#Y7Hx&TZa`yA|}XwDHwhhVtmvI z*CCf4+SMa%UlL+*Qb9!K&j3^M8N_=gQVwoo-4YB=(h5+{MQz=8;{(3&$McFh2QX zBBBwG*Ht9PM0ieuna4Bu&MV;n6anW`u+dY3^Ixz%-Y(Ro8XXcz^iDb+ARIb83Vdjt z6-vt&Pa4?zxzqdzUPy^M>Au||in#F4*e{BUId z&~^EK%YAj3aNYD3%SifPF*RsYS`s=R?zLt5hMH1sH~U)|#c0M017_zN_VEu>H^l!l z#5*5@mgfd$0;v`L()G< zQo$fYBV7^=sJjLNiQd_KTFjKre1jJ6dgIS7$ERaIw!EZ$CY% z*hBS%0LSH6Rl!iO=nIg~!FMU6-^QS`s6x$EO)k>ctDn)AB2YnSt)PnfXSUU(g}%I@<+dk!md;^}PX6l>Clt8VVKYjQO^T;!{`lBoMdsKiIsB3BweySC z=@yjuLFC3^<_?ZaDj>1Fx=}l5;xHHMd``KIHlFp?E;2$MzJG z86baTRmW;SoE(N9j3L|S8$S5aPUd>=10lF9gWHMJiPWX+4XC(2jiy63LB<+x!0wps z%|@Pi%xjB*uNx!a~0?h z%*{&Ke&Y})?olO{hG5EEjR^}p*MHh;VYzn~n#zb@t zjq45*slc^Hh)OAAL{#KR*i&M@C04|K^xt7ASmTK3>3Zlx=s2ADeNE7uaO4Ny?3NH3 z!D0nXoNoyS{qsIH?_S&*2UOeaYcmuxqw-(aH-iFNx`?(YT>K>ukBNQ-Hp3)A>5`r} zqDsXSx}y$6<3hLak+_;$U1r#cn04wYp{Xi?cq(!6WJf@O@IO!L#KV;=xy&TkV zTX!?zaku1c3gl=&5kHqhL{ z12K#OwCgHS5>W8n=E8_aLCON8XhJ-DHC#C0TCr+qo@MZkXJ2`DYP%-|7Nf*5B9Y%A zMj}M&;(i?I_5g^O{*LO5tAcjejfOB3AhTWo}2R==^5-R~hXE@zCLe9*MdN9~Pj*DeP zW4oYLSD9JzwW(8*_x89SqqMW+IYq|%wu-aUuMKI8k79D<7VsU%h!IDgTYlQBXH17* zxZJOJGnGO#XbPAxF37qod7n0mfwF$nf$Yu2^Pk*uVv1}@=P$9JL zr!vFPU1js=P*j?Uur&3t_AS6MX}@-&TAG)*#6o^xdr>Tzasgx+^)3v`%?_5&?!$Bk zEaq@=?|&_uh`zu8<5j$-vu9^Cr#TOUDZU~%T(LipWEey?cxO#@m<(Ru`fbV!!H%xU`g4ph> zP$C;pyD~^!Z26X{;_IMUOk?Z|K*Gvu@LmmPdi@aZ=Ld%_G$2;mO-?ar72{5c!lK&Gc0nJO=*OWjLz{$6mrTBC;w}|VMx(7Y#+_R5{->RS+iAI5> z0>h}7p}^YV(3ZAI#ka5s;#Jhmz{#W)E^Ya`UUj>-sNzF$9Aok$V3vZQFtD$Tg(Q=UQY24wBOX&kXXx~t!Q5O#QV zi@5LvP3HU$Z>IF2?JEpr?zeaPMt#3{ob|U?8Rd>iw+aXwie6eF{85xs1TX}Dm`M_X z2_KosE@ErK_$kf-Z-&!uO_NZSLp_7kKyC~f*Z+XmTgDWQ2+)Gnq3!0Ce5sQo~M*j|@I+*WM~|99D6r6l;KcHv;8N zc2_?HO_7qMWrdp@G7q&fK0bmI79J(pLqwsdQBPcWRD*byU7M@rv*&y1z$v9g!3s&q zlliuTyZe6*ccWBBFFODCF{5Fq8C`Rl1nqQ5CAKrioeP}N(dm7FAug^y?EV$<(+Rga zR|}+6FsPG`l6!5629U3uFJpkym58JQ@k@*?!-xaXXhp{Wp@0Y^ENv*Yp5+aFW!GE5 znb-TvW=7G8DkRQ>*Jx`uD~-`jsMFQ7?{ndC{fDr+ckY;b0M#oZ96*;aj8fj}Fl%xc zP<}2j#jcPs_#@2nN#XJ$%8hA8az-s+>5|E1x{bDMIk|e25K&JKhEMWvYu&hL;J_Ek zOfsIsZ^Ye(msk&S{Uh*0w!E;&Yf}g4OF=mZsiPb5cnm{@XOY0_aa8|G zb-=D-3CYhu*6@wW)fFD`XM1K*oW+?5UL;DnDavM(xCRi5Cj;sDlj_7_5$}x$Z)npc zQbU33+lK{SZwHXjZ}q?p$P9XE>${2uhBI;|VkLngJ2kv7=kq>~Ds4qqZKT=wOvfO7 zsK*@!bVglg8*T&Bk-nAfKJQ);o(-8p0Ex8!ytP!y7@!B2y`4%$kXY2_$q)0cgD9>+1W>#y ze}3iTDT-6MRB9d^AMGbIo*aq=T6mL`GTbZ2B%sw55`oK_6{?$82MW7BEe~WVN{H#{ zJ_KruvX>%v1s#DpW$UgbuIP_d!L%mjFJrtFOe(eM7xdCm<`T*s&Pj;0XaxPZkY$@j z2e@FkJ?reKB{+yIDHF3Z8YFU^j3mqU-M@}PApQeLQRVN-6jPY6-x0-sezu0Eq{7jN%4=Q-LBLVJI z?@X1D<3~gS37^}e2wa0^vRVcv+QlKWmb+Tab&Hq4KAj2cep!Md8+|r~sQ3jv4I~~= zcx7`#EuuXs=ujkK8>|uWOiiTxf`$dHX6mExEpZBnLyAE({26tmPLllSV^gG%S*9US zRFFmgfo4?5vKm{rNx4HB?W-^_L_0((X-PbbHhh05fbd6cS6XF2?*u_F~r2>Qz_9E) zryU#<_Agg^^$1xs26q0%n1#P|Y%cnbV>LmI6i~$s?hW+asB>Z>S}quTqhTX@rAjoI zfy5{6=W&Q0H|-G38c?PZ4VCk@vk!dAp$_4Iis)+7j#OxAGLLHDA@QChXAXmEg>JPt z0N|tl#eDB(#Lp}QKR!~Qy0%dj0TC&Jf=Cl-n=UQ%E&@_TX`y#g z0O=j1t4Qx16cB+>6M7S+H>rU@K&43uogn@E-Or%#QaCu|V$cu1X=!q0$`N|DCVPlI@=JwHm2#s!SmzoF9 z$4yS9t!jnkSmAV}u*m34`i!EpmOM|FFaCkk8En9nsH!D|LK*I4SMy*t!DSrNXZCWSy~f`fq<#}BR>a-;=;PY)2glZ%Vla)FPE+YubLCHAf7Q9 zMsh$}@_;hoEuH>-sJ|lBGOr<1N|7yL2Xb0n&~5IzhF6j9E6PHe;Qn%>%(VQ68#r+Z zADPMb1s0!sdVwq5gr#?^rit$>ucQ8ZKL{3|wHH9m`J*_^{b{x9Ltj^239g*npIH7p zpVR2oK3M=ID+^d$HTlc@K={TRdd|G$=fM3EjK$I~uR$2Kb5NA5oI}8UU^G2inN2iY z#^e@TAIGL@Pwo^A8S!jSQa}-$1BP$X_kdgFi{mCq9YW(g%MTJntw}6rF7jBuVAZ>bC7hS7Zct2pt=3DRviF^m%N zP>j;c50FYLl@KK)RM|{tRGNW@1PmL=XS|p{o`15hv>p}&)-Yt%EhU@}HioRpa{G92 zguadVMc$gC=|S+%9i9DOew31XZ$`iN-Z-kZq}*4i{O{F~DL(L=Xf?d6Ep5&ad)D-T z$*(AH{GRl#yHjGhhb4~nro|ewvwh1&PfXi6EAjcRjc4<*Cl{T?n*h{RMEo!KaKsS2 zJW{|Fq>~n&=UqG>6YYOZpokHCn!@7p$&5kLmpn4oyglFA&i88%-J8tTD*+J^oG=o< z$e46`a)>Y~)b!puF>23bPjr$6K3h!y)Iu6PuF-{-O=?VmzhsU8m8H|^n)kNYeso#t zEr2RTgn$Vglo}!L3Lt0O<5~-7cFV3=Tgy1l$)!g`;&K7;gW6_TRUECwwV>rZzFN1)Lq)ytd~H1s`MEJ z2Y?h7i7b;%6N0gP?;2D997fQ6!=E>HJ|ZA;`0AxRw2GEVd%{Gfjgee2Dn}Zo26VB} z{JP78ERRePgG#Ft`5`gnrmoL!bvPGLABeL88is_RAtr(NCH0jmYc$hpK8g!-n@Jw% z0;$cMl=C)xbPs{Pnis`d0O1@q4C~~fA{;m#jt_7et0hQlV>6qB@lfeks9jV4G*?dI zpZ*rO7MY0~4Gjru)g_N@+qNijXwldCPhrGzA4ujPq_BPfVCOp%1(H5f58oy&fH4Eb z1;9O+q<4o+fHt^8*GfVAY;C*l3qM}^9B&XspZ@V3IWoFvHQ{A-SG-mz_=9{}!?nE> z4(k=O#4m5IULqWqtQa(HWNH~Jma{1F9A6|%Lw$`UMD4BG?gSrAkkA*reqoV3aW!zt zw}~UK1zJ6^j>BXlh1sytS@2z6UKyTZy+3tQ!0=}ej%BZ) z+$F}0)D2H`)3@FEnqU{Uqo~*irhc)+^obsFN95=8)6DImbnCuv`;yI3UA7a)qf9eBp{ z^B!*0`!Y%dM!DR3D#_+N8{uZJO=>X+XAD8(TR63H2rTU=^=MqP5Aa7&{hpBPrME;JmRnKs4Y;N^;$;l#8vZGVhJmtiSM1j{6&8 zHxljXe%xgoCHlr|o-6CcHCeb3H}jqK;7i064Cz$s${jmi!$<(3^R)p+dHxK*MfC@; zZ@3}|prF*mO|n78B9Nq=Bt%n^6;~hF&;j-x*?kC~@esdcbG9<-r$xae6P4{p zZW+*L$9AoZOmphkk%&}XaVzjsJWs7GQ^4j&rvJO+6QL%7lLD!IUwdhPRk5S|i0FAJ z@4z?WgEAz;{Ibi>))S|d1@y>B@Pr6cYRhGxN2xDZBL0d z=7KtK`DDaCll}n!HM)bk#iu= zLe>Iy87F`i`1U29)i4ujbO|>qx(>YTq2PFFw1@zzbPwkk0xmK{cX3*EWffXJ2PKfe z-Vd8C!)LnMj}CI5%2mod|9Jy&q}YN*GN(q+ttpNME(~4G@;hiY^Ul5!P?z@oZ)_vD z1chibcBpUlT3Bm0%Ui5ZvPeHwC8FO$v&^o$(Ws6LbGE%By7ep00qSh-%YIv-BSt)JsR5 zr3t`|dC5d#*w+Lh7<#k-zz7mm=jyRW9CYdhQ9u;~(BHtx#FusGSu}YnK~x2rHzJXi zdIT}(GR^k=8zJEJUSS$FMn%Ow@(n3>jt?ytmthO&eC3%| zZ&rIUwGmm~(C|W_jQoE@Gr4=l*}6sYPCjUE?G|DemLn8=A%Ang$wh<|E_4+VmLU_Fu9UsY?=S|7by?CmCI~> zLwX1*fbrs%80pg$UeZe#BnyJ}OF5n$B1{0$>{Or}KW1@EV1puXu&70!#J2}P-jD&( z#VW9=(vyrA5kuZd1e)Hr8!)9IvKkYXa$J$@mJH1PAoTUCr5{Dsb4y1|yS~NQ&YmG- z8%bwh;Hx%i(=}~k2;{%)nAnnFx*_AgrT|=@@+~x4tr71-4(gH&3(<{icSn3s+9n6# zyOoSd9hi?)v}(>T+FF{E-^1=r4^*ea6|b<^a8~SjOEcSec}7l8_nvPLP4D?gRWzsYr`q&@ zb=E{zxjr_<^d7y;bn(<(1DWdZdLP~dPDPqG>eD#LHz_*CDMOct(i<$INz50hr`FQK zNP-YAGc+?#L%=wiNjfA)mS~5S`)C(NlU_xqX+n1QUQFI3Q_r!LBs^5n=4frug`dOj zeXMCsVChlYtZ5^Qot)&P#l=T!*R_o$@d}c{k7qfd_JvO?xDpoj))FMuA?U4OH(H7s z)?&g-zy7p5wm!;H1+F%>5u#}Pybv);e{rl<-|~!A^5)Df2;_uT31*wZuFRy;k7u00 zXe(mOpC1`S%&#QiTJ!sS0C*MHn(;tS!UmB9i)AOUqPMDytZ6d(fu1lLDbK-zJ z?Q*rZ-iy-~?`(~%1|jY@(R5$Hhp{=08q0hWRm3}_5ObTwU_X9b%_Ao7NMt_n5yo+j zdj$bqJp@ri$Y6!4NMvgWX6g~MLw%!5zo&3tJ5vt^BH!fT^P-G&3NP~G0Fz5pD;We5 zfyXk)`hvA`+qmrqLtI;xX75%?C{j9a~ z(4a+pcGLOYaqbG2YZ4-reC%}9%F#++HZdB6Y^d1IE~>T~{loW{5lvC}=(^n=*s7~~ z`KhSQX%f5Lz{k%1I_oee8eCGd_Yv?Qvd@z%wGkPc(`hV@19_9zVJ!s4rJp>17O-!2 zcA3bA4I78$&A18Timgtg1m zgz?>5W*pCm1I0LD3_~#%0cJ1DOiE2rt)IYT4z%^>rmen-aIzah-<;qlZu6dAQ=2nE zs^rX4_K(a>UcQkTM?0>tI`z!58y7kp)pC?+rXtE>=Wnju`)&O~1srgD-l;?}>N7)R z+(&oxns``<9Ye^WmGwwB%ajuOr<Gz3^$QOZCOJ#H)H&&dE*H z7W29-jMw9c=yZ1Bb2IKJ1EQXgrS;i&f%qxI-*Z=xkl$I4qRHS!1uQoJm)5ZZp}4qh2>3JF-Phs zj;a{Ld2{Wns-8J7xkQ$cki$HP5TcQjj9=Ey&D3+%N9~Wy)?!dLOs z_Wb>oBSHQ4K0N(xCc_tO26RX7*6&e|L$@>H@+QMjrDA=f6Lb0S@wPc#c^#O?SQqN$ zR81pf;nUhnY!$0vEgZ{2U$+ql+|QdaW9Rpb7IEe?g1+6eUG}iPJay{Ig&S=}Cawveoidr-rBS{QQ*T?UowqIWMR=cC5 zUIgf?mgbjN`6lLDBC71%#=l#(DuV4}q$?XCIN+^6MNGX4_2&R%rD;ksyOu`#1>ffD zq%-U+`T0W74f9>iZ^w523K0z2pY(8VCfY^4K6VMYc2G&UEGL*W7X&*FtUq4;>uR=n zlhYp4hbL{R(~*hGXsYome_QgstAh^g)!oRrPj@5pqM~mfzEM)OrjLx{w%#n(nx5(a zZ%H71WZWFue%5BZ$*J#Qe4Ae0opw2+X?-Vx&MgmHi=uZ=xnb1mC1b8+4)ZLR`YVuC zN$aRhBv-AA*IXTyYuqz#6s2Kb7Ezs}{COiAIedG(YeI9K9D-8-b~ARfCJ~gc;ArJJ zhEc-Yv8M2kmR4QN1F_VJe!;f*)$tlv=|d;C{<;WkGs)Vs^~mIY@}Y&-gz2wuPb}Nc z?$$UMmZHDyx1rTPj`C?nIvsDE%aI4?(fmC%@$?83ITO zK0+!_^B~19zf#OJ_N2|dfo(mKy})!OzIvrS-F`T~#b1S-K|;XPH#U_aH!0yleVyE4 zP}Vv<8L+Vc@Cl9c6SbR=x!TA9+d&3y`DKE7x&EXo| zEH*v*vw-bjT`Y@Yf6q3oilfpavUu4ZSASMFlt0L~Ds(#zL)O$+)LtB(bKjrX_HkXV zY>;M`mKkruF8aZ6kjy*3piRQT92uu?=Bu))=&>LcpSB9N0OHuafjmt^F+@!Wcq&dm% z_=xFN;f*vAM=6tPf0Ite~QM zdDwd_3NqizYRe5u0*F`N>jPs=%9D*ayxtq>Yg)VU#8rbu(Zf9i>hO2ha}H}8hTlj` zv0kRHQ|+%kWAC=td)o*AppwZ^JwU z_ngP<_9~80S5bdEUHhu8j!x;uFALO$6^yxD!CZv{g0mZU7<{=XCMe|hyBGPCN)n)ilYGnG?WJt zhlGI7#6;k!VG$9%KX!zdn(mXCpbhssJE%g3$|t^{{13Fs55=ZVgTE?1oZW+oj%SNo zqx=oZ(pQ0hMYql`zWlwZOs|td`G8Po^I(DUb-K$nh|ui>v~VD&kt{DeLh?pxWeca~ zCBMzLTQ4SMBK22-BhYRTPp^c5=ss!}ad3_&+OEe8tZUEBy;^fSb?u-eDCFdhRQU~jq~PZg;b{`F!!DF3$GCNOh5O!2BWCsZG4#)VFJ6NSm=uIOaMIv zTC|X_gn@yUxm|b#LbeRaJh@yQm=gO!&Aq?n4b)W)D0$je_pMf5dY@NrZW4m&P?0h=OU zNdUt$)4nKdPFWWAxu~%kEmD%J>6u!Ko>{m7_%aS;%;~5Yg2`K1D+-7w{Jc>E!Rhw6RmBhD|?@fczFeZKyaa7I`iqE6$grnUS+K?Mgzz%K8{H!+v==G{!RorrMc z@DI2abVjqB*O zsEFzGs}{qls8P9xKTa|5Ts>j5&s6Kvos7EX!!Hu6U#zPae>VG8r~kuI_?3xJkm{uP z3R1Cni6~HixGGNMO#nFpcwIv3<_iBbcV{0eMI=4yafuhH8bHt42c?c?6%aAf-o3(* zh4ttg5&+`vZ!O1PmlKVL)X-*H=n+icsezn{6r=3Mz*wX{C&Ehy1~?4mc*H}Gk#fTZ ztw6}Q@|;gw79FicTUP@0FUoPy?|)$1^CR4K>PzjSNy89KP znrX;NQT74^R;3?~Cl&-8e7hE9Xt;IR`j<6T_*xIvnlu-9Og#@zr#s|oQzS^mGUeod zFmrF9Ta_el(7{oOOi~Q zF2=U_@@DI&m4c^RA9l@#GJuqkt42O4{#}{Pei%xb&2%{g7`T7Jakex21aR^;(|INS z866Pp)T;8PYEF5uw03MA2J=aYW&~XsI{F0YpI&2|NRKffzS8*V(7Ro(0{W6F;y{4_ zUCN6FW&TQRK3{_(Iy;t!%()AB>ii3%!r6()Oy+&s-X0M=1UmhfebI6nQ$e(|Z4{eT z%qrTCdMc};Gz^^91_~4W|KaeBx2VU9`b-|5Z^)|go3_xe8?=hXNqTI)ev`9krlZ#6 z{Ek?6>Ft%7>IA_^m@%FzfgkonE!C(AMyi_OW#x%(ecjpVKT-)AoM|ZVo^BL!S~D@K zQzn>V1PtMjjg$fsn%vu?5zYHfU>FDyuv7Un3_1J>%nKh|b{t(E4&I#?DB;NL>@Z83 zFg?!|DCuX$a%9M9JTz%#U9mdCR?>`;V*PZ%UUzx6g7n5t%{cWeG=GzGe&wquNKHx# znCzsdwI8^h&y0!u$0Oa^4p7<5zcq1(-Y2psG zz54n0=!7LJ%U22&9%S&nTTosAy_0{XF`eozZ?3+2eo=mvh&djQ<>>472@-6Z#}u9j zb;rOyBQsRxNrX;9Ai&AddJOyd~M!c z(9%>}P=Icq6mHV*W~pz2J#9%=nbY8~MEJ^_(e8pXh8N!nsH;Xgg${nV(zl>@TvU)& z1RvIirpoQ!1LFV3RwV%1=?&`!+gL1%qCA&M4s^HB<-0>CONnQ{=3tL5Nl3nkQ|9qZ zn?|(;n)A}$cgm0#b3nVS$~dIl;+xkO3Nq<@qx@xFg6u^uXZ^%Vnp{#nKL2DiAf;^9 z?Ed|VX*uwBz2B_ITwJnvg1m>9*&v><|4INqL(w7OmMjZ94=O67DgBFu8nd$p8fsCB zMX|HBOqgbVcu@fQ#gRZhF-qRTN?KfoWf1@=Qkrxm5&Bl@$M1OB2(jkBXGa13M0IQY z_y)x5VXo#$8R6#~v0~Ava6&@$w%~=OC})^@2Cu+-brFd%xo0-V#nt1^Al2GUX`3!a zhwg?mukN>uwa0$$yR)~A+I%YZ8N{Ey)^p(8S}C!`zx%e8nf^Fq_!1+1ew~L&$Y}0? zEVd|iMBe1WaMyAZ!;ys(_O4x*oPl-4OZ)FnosUpe{6?_zju8b!gqEXZY-&`hRXM!k z+vqZmc(MPKY+zwySTpU%0;Q0hz$#N@T;a=tL6Zj<@vEkA4T2ef)mjl1tF8VI?%qh> zeLR8TvjwV*MWp(l4Ch%KpAW==@&P@gRSCT11oq=ZR5)Sou;AQcq_2^X2}gww8rN&| z=^tSa%#IJOECn8af}CYfRHBUA=v=oA>!m8AZ37Xb4a1n=(pV{v&5{inZ+-o8isYR! z{m1Xko)%a}ebilAank+SJ-MqFOq4LD98|v1SfQ||Fq*$&vp1Ez{>f%O-_7;-R1e*{ znHI3tdU3cNfA)^uO!!r>@&BjF;@XiyM9wut>Ftk+ukCZBa_nsNbA`H{y|7t<6tACZ2-;G=%O zVmAI|f1TzE!b!>p|C&MSHsr^!Z?4l=_Ydm>iN>Ilkf7f#y2?O54o!u3n?2R2w4sPc z8dvlQVA=JSbp>+{zc+WYICwd7scp%Sf5To$=;{^^Tcnyg2hjOZ&gpI2_DVI5IFuw@ zQ)k^sdSfYCdiyF$wh^LfxXx2R76XVcD)ip-ps4Wh@ZK;rx5X2xXm(S4wH*jLa7aB_ zAEIar?n~?KU+n39X&>`&dkJ2DawyQ47P}Yzn^kAC0?Rskequ{DP2(=!6{31Gbt|pH zP;SdgWrtRjT;U>@!S*c;J&#itOFXd3a=x4Lh8}06wY$8a_YuLk2D!*r#D5Dmppg#`J4HU^#mWqN0r!C}*Rh+26Zdt9XB*Yo@-};Ga>7bYGX! z1pp~QQ_7QFy!c@Hm!!Oo1z-qJl>2;ZXh@AK9m11JCo#F=}Oy* zH(t2Xoh>Ey_pteHt*pBLj2I?5rTI^~7?y0N*DR>7`Vgaho1Dgi)qJH#j4TmNO`vyl zkvbZqwp{QombA_;cZQCcUUvpX%}1~4@#660Hrd(q*%b4j^?ntG%vomAFZZ{nuQJe% zuZ5@_sf!5LI1ER~nSNDmf}ow}c#Px_cUiCciuy z3{(TYwBuW}qaHVD5!iUNlWSW5K(`lx#7`sbW)-dgs}Afyvl;~;muE?rwW+FHy#MZ4 z`x(0FTkG(-xcP5_FebrYJQ34Om5k{&3^%j4Ja2KRnRW^qDz!C-58VB=FhK4xi$#5y zs|M;02f?_u(ExtHbroCrp6Nxzq+52ez^5BjKt!9q<$059MbWUEg63GH9em^ea=OTUlnfqrJjL*2~7p~ zyOCcRr=W(J42s64a9*rbL!ti!hY;-i@ia}dHfU>#k*^p~Gy%mHLx8alN7_|YV*PBs zeZQ@n?@Nzvu&H|Rp5=Ecu+o!PYc>{4&-clV1(zi?{Kxp7^N6cm1->(6LPRPNw*1T%M)?LDy39l?+3G-*zDm= ztAP6eSa6fYS{R4FHN}^2Sr9}><2uJwe0F3Hu|$wn)q}|2;am$Cg}y=N;lvZE)e2EH zU*6$i*)I!;W9$QJeP(KOx z-|>)G74~k1lix^e|JsrRK(Cl1e1Y7`eT=9nJZ#O%vdLx_*{~amGQ4AojQJf;vxa;W z94Cczo2{fI=mW9aLdj2ezvD&X&tH+vYBodV(3G9b3pyB}#F|dC=i1t`?O> ziS9W`BJs#&AKn{@zhMSw>|-7bJ_SEx4{Ubd5K`T#R;eY##fTP9ywJZmFq0pcdqRI} zgUPMZ&hdqa)7(>`pl2foIn{<~V>f^6z-}fwnf%5^N417eCER(XF(Fp8_nrH?98cK0 zX(!l~$b;6J-^h})gc8+GhFD8}(x+t<&UaLxo?VkR#?_0O);*F{V^j{pd#ePbUYftl zL5W|b7o(<;OJ2h{FPg8q^-D=ye|*NlXuDc+X_~H4`%0*%oEyjy8BhGtlBy9_w{hco z%EwO}>g88>X;Km>|2--e6$u{!drcrPPKDLz>-h1XHZsTtK56CJ%`6zy=jhr?klSjX zl%Zm=_9SyuS3QPzvMcG6IiY6sKN;&8j;f42K=;56dKh!CT&IVhWCqne@Ge`@ zy7kl$mE4Szq+P8ZQ_lR4p_aPquYSKRHBe7*l7)%jBWj9y|Lo1mPl}56NovfRL)d81 zuQAnJOQ&tg7BnUimi+ie`(=?g!|Tqx;O833WWp&Q-@VlSFwe*KVeZIGw)g4u8~!vQ z>)^8aTYpJ~D6zYvnMg=x9M8$fNfHN*>-zg9=xu)VeBj6%Jati~Ayv=+2S0?0CkQ)z zZ)9=B8*Dx#g?;HbExf?y}bB&`>^n^iYxsPCK< zeRIL^cCsHdDKBLo_N#7g1*HJuYTq!KlzL)HOQBh!lWr>*c2urP;3H=*x|cDU@nUj* zURYY-PnH~W11dVsqu&~xCF#cw_|fs68akkmyH3oq{LJT^kGnoPw)nZ2>|5gYS4$A@ zEEW}`ns(#00d{u1BC7Jk!lWakrkpX`vGnG15$!tyr2mE{$@idjPCeVRl$N5XN!fFY zp^m{_yx;9#th=-3=e0oU#MKNv`~@u+-M>G@?U6D%`h9praCtl961WAe8)O$K+D)Kcnd;LOpJR z(%0VM1qz0bGWB3IG*Qj$e&jjHA%(_|O9l$r7J{r~ndNuof9I@2BfxRNizFbXa1NWW z-jscG4^Vl|B8SycjWPpQY*uS(p5KmR_-8}9>y(b#^01mOJKy{0r}giU7GwX26A^|0__$P(bxEcnb@y5aq6?1GW;(F079XORaCZj|gVl zm%gI{NMC}F)+6SVD{=dOCSLe5Pk)sG!-0tG4e!YW7M5v}`>>W?D99);2}t#TF~Ft{ z3GYGvj7(in0Wr!yy>{T&+p4spL5z?oMgeb?8*61Xuvv2mq?*i&xiSWE^~QxBq1sCo zf6t#^nGp3@3Kpg3z(Ze$OMS^xw=~5jrHT%$TLkj`dwli4 z<&J~kM|1r~PkkwJ_*AqWrfq`B>~NNd(I?j$O+&HZ=;I#at%h9ZdCnK9k-s^$>FXO% zy<-NsjCPbm14zhgN1wW9?G4yZ2SyUxY}+wwL<&-icSW!})(R!?OYOme3;vjjzmo_> zLk62a%6q$-BDz4yKM%_PHOnp_OTdjhjTdql_dnXtlw3v$w$XSu{8`GD{XG2p+$Oel zU`1!A0S&7^$ZawyrlqK7PRU-=f__Fk%#9Ws?AWtOy?c^t%{F5{F`#HWP(etQdah-A zocA_M+T-JYWSZX#iBWB$>zNy&;3&^7=+}%U3u`)2mk(Leew{LHlPZR#Ln^Z(GX}&P z34L;2ZZd5Qz(gJ<%^gS`JQ-SZ{iay(AL(1CItBCu&#)qMwP15GQs(`Ed#JSWm zT=Fx({zHt=mw2N2+s@pH_T@Woq$`P0G%%Bn?|M=L*9Zdw8{xLr8?^Epqc;3}N|73M z|Mg85o7lt-_RPn3BYCTnL768W&q}a*`emeomI!`sK&{}T6~Lw>+6(lDK}y-2zj6Fh z1J!bYeIW1ugITQBndH9)htTiW4?T5KsH*>QhX7X&Ao*>`Twqezri^VD%V*Ix{kkm~ zcP&YL7VlPo-dGkz7t5t8_1t$^{wYmG56zn47pkwke(%hncs2!G$rAmUt3s81FXip2 zK)j>Os+fN{gM^Eq*&a-6OZ+d7Ao_biH5G{A(ZQcnxZNNhjN6)e7P|4VN#3-7%&JB; zZWdF|Cee1JJZkH;Y;ZniFTeu`Zt={0wFyRhVtox!=wDU66rX|FPUAxFPS53aEa1m) z$K*l=vRg*aT@vzs)2s9QY9V06q$5#pW_lJ{Z(Z{frf$CU-o*N0(n01S(EG7>vnpDt z9%wj_3s8%QHRd&6E_Lo=u>nxPVp%*W=Y5Jvqj&H5lYf6>ZwMxiv1uv$BE{|0L?0ID z7&Ba|4&*1chrz;BE=Mt|d8kO#Ccp~XK=3Ut$e2&FPmb*T>I%tA^%9N3#bNSKIA&H7 z{y!dWr1` z<8Q)vs+>TCie;8fIwotB3e-mk07W67Y*ftFCbG(D?8P90MXd;Qf!gqmtK~ATLW;l% z6jtVyGi6Ng&sS>(jUM}- zh#R0lKku0B{I@+S7v*l2pE>5GZjPdrWEc;V3>0w3zw8HS7uSO}8m+<_NF;f>)5Vnc z=0BG24Fw~fu-d7u4RBSI0#Db6Hd;)f!!vt+LU@+;8%kYw68si}1tj?uRPOVd)8Ai$ zd4hfwRILN~vXn2bJt={cHn^?Vp0O@8MEx(U|BN!A8b5ct2p&H!Ol;n9>b+yB`8a{! zn67s_*HyRmk-br)WY0i(3+2u3ztL>Gfk((^`R-A<;ZtgO;pZV6acxPo$7!y1Y0o(} za)X&x;MpIOH7Dfhug`vPOQ@5Vp$1`;GLs&5-vRWIqFCl>g`$1zh2{NoDE)p`0buWi|*#nQV#JIeH( zZ<>#-m(g}ye7XLnDnLwQkBl*W5Dee=g>1N)kXY4Fn$ST-+sz}C;2{~CfiL#GhiP3X zv4%&$ed(&8ht1Fb?D(C>zzXwSmRdR+E`5C0uKccKpS%>DGzrckybOOp`g*m800?*^ zE+oI&nnG-YbxU@ci-ZMDK_Sj;K}DI;Zd|JvTcmX0&oAdAaew`BhE5&|C<^2_#lpN& z#t*5cngowN%8n}WXzb5;VQN<;NM-}HZ!CQ;oN@g=U`rbxn9v1W(Qa{(<<-R{$v zP_XS_1vcO-@^mEN?df6v-Q}Z3=9AW717)dJVH*J+)`&B9Z6>+upj&LvKMN5L2S8@5 zd-(ChT97JG>G(l(@D>|+w>~hwqV)!osCi7zYZ20zPEeb^l(T3hw%##!96H{;5$a^y z45c&GwdLo_UHZU9x>A9ZA>j=ga=EqwlzM&%xrgNc!%Ox^+T*8$>dU## ztQAW%*q5T3QMO-Sa8c1QK`suo68^P9#3+3k|LxeTWu!?&(Y`$==BGAS?vc@_H;F6Dj7S2@rDy2O;Z^-0)RQh-tW zZIJxPx+*P!|6$9nZkfAqy0lB{L$jBa7m}QRNNCVES_OnxwuFnm-H;)-$C^j7Kr4dP zNVfQ%bMw=Vs}C_QrPfsLOhux@qJ`eV+|B$z-w@ERqc@c06)Pi-J3ibG{~=OI7Tdgv z@zg6CG7~sb2c?deyS-P)3}|~Hc7`2Ye^`M67)1iww9SvMIypYJt%RksuQrZ_;Jxa0 zjLhy2h25Xczxx8uJGOw{n8tv!h_KCB)|%zAg#6H=$E7r91%2AMLY-c_U5{_(PqUi& zCHBPPPCGLnZ+)y;{JE;`x-+T?w1a+n{~TT0kKXF7dU|uzs|Vg|(44+_mhbZB>`KaM zXJDexZLr$A2yCHOouH7%LNkhP|-!d5g0a(g$-CIjje||e8 zFXioD-T&YC>4Uzt+#n`Z8=HbNr`L~>|DJ;{y9a)Q4l=i4@Ij|MiPyBTr#1a874XL7 z|1@c}0ZT}Q$dUHB|6V&cA>ahxbAIOcZsbIZLC%ipJ&R-bZefA@hqu+XdyhUCy?bra z=-yi^_S$#n&rjU%4aEQlQTl;frf^<>`Wz?Yx@=N^=A>=f>Z(_ZyOtbD!8|Q?ROWZM z)j!!z+2FArLvp(gP7%-Atu@VzH@V#iYs-=j7z*@yU7|+atp@yHAtW(kbP-K7A_6ru z@IBbzAST~PEz#@iZ@(N+=$y->`$3WJgE7Fo+5)kyQm=i#{WBP~P|Qr-*5j3&Pd3M8 zKLaLO3@!w#`R{!Rtb32&kYWq+WOTSP^>ciQ2VG$L{@nF=gV5*n=c^k`f@&#<>y>gF z4bb+=SJm((q7y7vk;u<-)0z_a9CE~MCNsrzRKHB;5fRy%y;Cf`82B|U-(QjBOxqig zZ>ehjtfuN{9*7N|E8;YwEa}O7U(9K?+BxP)0C998S!V6b7Jj^yAQI@gW!WKzR+zN# z1LLs)B13m9v!CK;TEs_I&i>aEn{h(yDLMUJWb1u9#XCg!(YRXI&gz^v&+lPXyVlcG zu8Tb^Gptt@SItT)qpj~_iG)75<9m;msF8{-9rY-Ul>I}GOc zQbMd0?f42L`8}xoP^DW!;|LZ!U{tB7l_j}8?a3mo3v!yaj9GF<*GlZAW}@@D-)4XI zg-eBcsrWJ8bwH3!*$qu!K{vGe@&&Szh!i`H=K&quu2ZdQLs=4h$<0cbSJs6Zt5(&1 zUTL`aTgml*P(wL^5Op(^zdsjClzGWBKtAsVlLR|hzSweM3+LBw?v~QitXyjIGi`OW zR!MHU-uC@;;5wdhRm!1kpGjOlrF{0@LeW6{xl)&Uoh++AK!BNKQs`=E)lY^9Y`=}7 zgaYvQ>BQl0k+|`B;lo;VyCBEUamm2%$kkfYW;mjZY>FE=$0VAMn9OO3EKr_d68h{h zP_x39+CXaXxK!?>@3knsOvOj3;)(4#&F(-Uk7Y$_%0m~%z0V)q2CWYSeT`$a)pKQ^ z|70^-lzileZSm5Ubf>q8F;<#fDkT^Y1Pa?HqtD$tlG+9(41qS@0Z*BtfR)Rxyxjie zGcD#BwVO_g24p?Nv1z>6lb9rzM7#d^ax}Z- z-N&KWW*=kl*|bVZncj2A2n%*T9R=O zXSqez%_$&=K4Bb7zip+o$2piEp_ThZ7+L~OVpdv#ZgSObCMBEs%ZGOePJV>ai#hcT zeU+(p9pp#{x#h2#$ON%;z{j-ofSTYjvdNHEtR|HR#n?oV(sGg;k-PGVRpSRelS{AL z{D}2?o3k!?qiU;A60paOkQC2xXq+Qqg(OG5dPRP<-@L-G+krT8OdnRV?sJ@>kC?HN zbQhi4lzIN<#$DN+^cw#FLR6}NX@YrRxl_pW&Vov&7UolA?)f}lhFE-@g%_pv6M=XC zAZ|h)etgw!6zL(hit!8EUy}p-Qruxhod2*^lqdTclPk>^B_qyYgZs(U>)b)Gk!`e8WhHsy3v-!O$On2uA-zuywor9sRv-plF*XjBP3WK zI2nM4rsqwfoN=Egj8K@J5|(;TY`I}gZ@BLdtCeRt#4 zn)~EUlI%tbL2Ii0`iaro^frDvX%dt5eFi#y+g~qp=`Z>neSi{bTdbR2MUD6WODA9} zo(L}^BFp7X6);Z(?wiiMc}Y?Qr5PFM`hA>kFWH|=hk{w+o6k^kDSF_?71$#j0Bp8B z#auZ!@LetF_75K5^Ih&{rH6(uO#LV_T&~*>H`$N-5~IYN=7gfWj8Hztl@hXK_7n`# z+|kDFcwWV#!eGccd4SA`kOD44bJ>1Oruh_7TsADsi2AmfhhIj_*x^fKbiY(e*3wnF z5TY>2W!;4fw9V!VJuX4Li>rHs!z5%-Abv1Ao`$C6P-jz|mhIjipKEYa!Ea9U#oxRs z8)_B;UbFp2{Q*S17PrHkqmpxc9u}`D&U3M=b$qyJn=a~=e&Y^M4Y8OC+I~p_jf_s`Af{jz>wX_x6r)zzVTzkG zt>tb%l@9DV(ykNChypkMl}f7kJ!X;GB(L&OOz@ga%zAvdgJTdm0!>~ z<`sT(2FT4ohplf6U&6KSMW6UBM@P(jK!B&u7(nC5_WBP z2<}$jpp)p_c&c(EY*Y3gYq#bhuN4S#EIr-omU?8gGCY(~r_p%G$kjshCf?=ga+>lm z(sN6O4eJ~GK-m6-g3h_?E`Uxm?p@%*;2O_wP>9%e8j0|rArVf0;z9{H`}6`K>3f!W+`R=#k{6y?8rpP{4I-Q|S2YZIfXinkskmp7(xA5D(GSZBtCc9(WG$C`~5JO z4JUb!`t?f-elXB9IM}$*F1k;*&B^hDxd3@N&Lijp*Ep9k<6%s{T>FucCJT zA~T?1l!(tGADdd+#QIfx_&Fe5h_tw6R3xpw86n-$-EXYzOvqNwCB1q z#CU>@`A0qh@=k8TUzx5=N4=o#2P-4UB(ln+$#d|WQsv(^y0!G8(RHahEIeG*K{YNc zf=Gq>d*fEu!TPcbYXn6+gm%<}IQIR2Zs!M#@s#FZn|eNzRC%!t+_e}}D8`w%t z{FC8Fv5`P8;Pc?uG(!SPkvEb)h939l1|j3G9POsHgIYaytm?*#j z>xQ#scz99-G?R2BxuDDDV+En>qRpzS>j<4z;AAE>kSGIn?E}fsG2xN%3)ON${F8b-+$BH zxj)}+IH0Q36H1KlFI11uIboV@6PT%Wir?A`;)5AfB)p8GZOQq@Pgdam`2|sdKBO*> zsCf<>Q|CON!Wv1@`{5~PfaiXWL;&!*mh?R!L#=ccI+5_*f64j(w0GryNoH@`%4n>t zDYHout7*ojOw9!~3b(W}Gq>DO)N)C2O+*qyOH=!{Xq!u^Xql#npeZUSSYySM3yK1U zqLn2Ip&25H3*TpE-dWy%;r+ZnKj%5;Ip;j*ocq4cbzk@X*nVQ>dY!}1=6<=opqO%c z*Ho)tJkn-j`{VB2hliF$uu>pLcOKA@2O%@$-LU9PIfMv7+w88|Mw9hAnW z1X&_q0UqsL&poaVDQ#X#gd7@m3CG4n7yMXC@Hdq1<9=~FWQga!Z8+C8gFv4Gj6t)8 zqw;+mhX1*P=<&vbAbbp;jD!wRQ%!hoS_jfa^iyaO*$PR|RU{go-(FOSVgn#BK)GkI5Tk=TQY!aMt&k)(AbrsdiZ;vzH>$kW@ zCQmIXrA53y+#sE}z1xGDaPW1}!a4wuX`Gez_ow(&>RB(A4$RZ&8a*V=0TSxd*91Vv z5bgg1f4Ex9i8_M3}JTZ*O*5yO8Fp<#`qQ0 z0rezFJ>&8Da=K~s#7=eyNzfignG9akpDq|59bwS#FF>y>QqRL>f;ahljkv^n1$Z(G zA&)A@Rhm5w6e2vvo}AdMm-@WH#W~~E18&W4O|?bc(oG#8XUS+$(UPRg9c}?ZG(IoA&4hi%puDj@7@Yj6}hZB zOtZG+W7$*4?(@JBa1=B}?)`*Z=%260dyg(A2jN7O;z*a9-21s>zCTeMmeS*Z}#~cFg?aEm5MpVi) zb}ra&x&XMXRaBHW6jCSHG&F#*ZfBSB13ba&jS-EuYw@buVjJu!Pp?VNq^lM=>RqkK zbCnb%Pqkn@q1dtF2WmX~b&Eht*y#}yBu6G}NrV;M%8VtHF+q%V>GWh;Ln1fw7aQaKoi#a*s9)5Saxl^!IG0I0R@n&6EsgmM56 zK*4tSw1-c@O}$rHXj1iE3Bj-V0+{bNOgFuI~%~uczd+^;#0d-ZA_f6tBzHiC{Vp)&r)R$pW zQ=rklK1Xx5iD|WVwR)x617cdxCqcFsEb!rlKKq234~}N^vI~9FBUwWxF0dpJd=@uJ(_X@6p2Z#K9kBLpTyrtVkwC&>4GJ9c3&E` z!!yG`+Er|Uxw9yHcUj{%bMt{OE$$t#af3PVyGU$R5?0Lr1hoYaedYSWaTj3_Uf~4> zMY+{new?3G^76X2c@Rcnr0Fe}%pzcc!6U;5`= z+r6j>SONGuMA$|Y=A*4!?*?{K$!>q5!>0aE)#ac!_x6EztC2lu#rqLfHUhvpvM?Cn zamu_|NMFqS*Dzqw?If|P%S{s()AgPtZHkJoWj!uoA(VnPAP7NLV2ISkSf`o@n@90? zopFl9Tyn2k3Z4HU65(86^tG#sE0Rbj*s2ps2gBJ4{(XRHyBj(iFtNjQ_S>wL94fW~ zX)4G30SS@~X-#>iWQh;UbYjQOw!ciqo%6|IcD4DSbLB_Zn_VtTB8gj8O^bQdyXJAq znt8tt4^0&Gip&e<Ku#p^K;?C#IKkz+=?r_nqVrHdYbcoGw^LMwf}6eAzhvX!W$fkyyUIt;2Vk z^L>Bokaq^6WC4|@J%Hjedvr~kX+f}386&YW-i=YVbPnonw^7sSPWrCR}aEfUi zy!h>w1`>K2KA}C^6fsw`=Su&E7vb&Duj>9_#0KynyGt?fJ^9R1Y4@NyJgN5PcAhi2 zxYS`m+>U(<3`ryr(hjTuP$B~6+U)i`u3PmmZ_rMfC6DSpSY(ZPsuC9^eT9M`T zvdGE9!BW(Q;km@e9ZxHq509LHGe5qT-`|gXIw;efz82>Oh=k~A4XZv2cOM<}lh5-$oPp)rQS2lS9?bI-&4|C^mVW5ysPLFK4WFye@2P{bbLm;o z3p^X6*=yq8xUu3NZ9dA>`*4s6=tHw~fF_xMywU^Kc*xH(S`I^+F#%&`yU$;z%uhA| z&kFVI{z8pw7k@E|PYQ>*V}81v74Ch2h%5nTd4H>ayvTceSx2jv66dPb61g;;rYdw_ zHQ(O3I|DQ;A7MO6yuC+r^L8F3#NG#a!0C`KwcNXdZjHwk?yQZG!$kRS!H zQ+DjjsfK|^+CFs>vhL8g2|nL9JKQV<5E?y|5||_@;D#QTf+V8%7 z>sC~HG~80~nh0rzp^n5^#_3z+xDnsG%f046PjiwhS8V4UTc`S5aap`LpH>v>fxj3Zf9oy9OG%Z@%fD&rGnqMrL3j!TQF z_GfDvL!gVlW=1HI3kbRI%1ZRNa5?0$BWp@~Zg2&y*k)0btl-DpE*B<|Fi-DQ4%5H8 zJQ~p$>!=GCE;Pm{F?i(n(a+Oq;iDrJta4Txj=NT?M|^b!+?o-zDhYBZen|;sk71^2 zd-QoMF%3RO2az^}8A^4yFS{*bHhdWtAqAPW>k|Di&*iBRh0%FaQKB5_IKJ`358D1> z91<<+u_$Spg8?2i$+vz0JtD^=sVLh104sL!I((Y^!P66~Jf+24g=_O<6mRS)SsTy5 zF=yui5=d^JWOSdjiEHyq^ib1FSurDJu5c-4<8U~cyOV!#KypknJK1k?6g%jA=uVAS zZ7?|o562;2jStrE=2VBI^mi9;{?{F_2CCY}6MQ48nUutw8fs-F#-S{$vic}=^RAeo z%8G%dimd3jPhVfTA)q0s3CaD!lP}w+Mi?Ql3?f+cp5dFkM1PTS?28%9W%i~*j)q2sN`KXwTuJ6{C$OKe$wz}aXM@PyYSG^)5;W;O# zzs(#V|Hj(tds}<|pTqHgl)3W4pbEYt*(Fv;i(}jVa_!Nb7&rjesZ+62@T)U4&>z(Q zTf;yp#>J(4ji?bDZt+0KXs93g1m=qWu)JkG4(Rb2sLf~(uY6W>Ru#=*8!U)){&;Acuw}Z8_W=+< z**d(^)}tZK$nSIMxj)}~?Vg?i1gSNteIX{No%&aGKtBNe1)!mlCG`3~$L`<>H#bSQ zUY43|!dX?