From c649243f7c29d9e737cabf554d787a2482f65f0f Mon Sep 17 00:00:00 2001 From: "R.B. Boyer" Date: Wed, 1 May 2019 16:11:23 -0500 Subject: [PATCH] docs: add documentation for all secure acl introduction work (#5640) --- command/acl/acl.go | 4 +- command/acl/authmethod/authmethod.go | 4 +- .../authmethod/create/authmethod_create.go | 6 +- .../authmethod/delete/authmethod_delete.go | 2 +- .../acl/authmethod/list/authmethod_list.go | 4 +- .../acl/authmethod/read/authmethod_read.go | 4 +- .../authmethod/update/authmethod_update.go | 6 +- command/acl/bindingrule/bindingrule.go | 4 +- .../bindingrule/create/bindingrule_create.go | 4 +- .../bindingrule/delete/bindingrule_delete.go | 2 +- .../acl/bindingrule/list/bindingrule_list.go | 4 +- .../acl/bindingrule/read/bindingrule_read.go | 4 +- .../bindingrule/update/bindingrule_update.go | 4 +- command/acl/policy/create/policy_create.go | 4 +- command/acl/policy/delete/policy_delete.go | 2 +- command/acl/policy/list/policy_list.go | 2 +- command/acl/policy/policy.go | 6 +- command/acl/policy/read/policy_read.go | 2 +- command/acl/policy/update/policy_update.go | 4 +- command/acl/role/create/role_create.go | 2 +- command/acl/role/delete/role_delete.go | 2 +- command/acl/role/list/role_list.go | 2 +- command/acl/role/read/role_read.go | 2 +- command/acl/role/role.go | 6 +- command/acl/role/update/role_update.go | 4 +- command/acl/token/clone/token_clone.go | 2 +- command/acl/token/create/token_create.go | 2 +- command/acl/token/delete/token_delete.go | 2 +- command/acl/token/list/token_list.go | 4 +- command/acl/token/read/token_read.go | 2 +- command/acl/token/token.go | 4 +- command/acl/token/update/token_update.go | 2 +- command/login/login.go | 4 +- command/logout/logout.go | 2 +- website/raw-assets/README | 3 + website/raw-assets/auth-methods.fig | Bin 0 -> 451371 bytes website/source/api/acl-legacy.html.md | 16 +- website/source/api/acl/acl.html.md | 112 ++++- website/source/api/acl/auth-methods.html.md | 310 ++++++++++++ website/source/api/acl/binding-rules.html.md | 372 ++++++++++++++ website/source/api/acl/legacy.html.md | 6 +- website/source/api/acl/policies.html.md | 29 +- website/source/api/acl/roles.html.md | 456 ++++++++++++++++++ website/source/api/acl/tokens.html.md | 142 ++++-- website/source/assets/images/auth-methods.svg | 43 ++ .../source/docs/acl/acl-auth-methods.html.md | 127 +++++ website/source/docs/acl/acl-legacy.html.md | 28 +- .../docs/acl/acl-migrate-tokens.html.md | 6 +- website/source/docs/acl/acl-rules.html.md | 28 +- website/source/docs/acl/acl-system.html.md | 94 +++- .../docs/acl/auth-methods/kubernetes.html.md | 137 ++++++ website/source/docs/agent/options.html.md | 6 + .../commands/_http_api_options_client.html.md | 5 + website/source/docs/commands/acl.html.md | 13 +- .../docs/commands/acl/acl-policy.html.md.erb | 433 ----------------- .../docs/commands/acl/acl-token.html.md.erb | 363 -------------- .../docs/commands/acl/auth-method.html.md.erb | 84 ++++ .../acl/auth-method/create.html.md.erb | 64 +++ .../acl/auth-method/delete.html.md.erb | 33 ++ .../commands/acl/auth-method/list.html.md.erb | 55 +++ .../commands/acl/auth-method/read.html.md.erb | 44 ++ .../acl/auth-method/update.html.md.erb | 67 +++ .../commands/acl/binding-rule.html.md.erb | 91 ++++ .../acl/binding-rule/create.html.md.erb | 72 +++ .../acl/binding-rule/delete.html.md.erb | 34 ++ .../acl/binding-rule/list.html.md.erb | 67 +++ .../acl/binding-rule/read.html.md.erb | 42 ++ .../acl/binding-rule/update.html.md.erb | 61 +++ ...trap.html.md.erb => bootstrap.html.md.erb} | 0 .../docs/commands/acl/policy.html.md.erb | 97 ++++ .../commands/acl/policy/create.html.md.erb | 104 ++++ .../commands/acl/policy/delete.html.md.erb | 43 ++ .../docs/commands/acl/policy/list.html.md.erb | 68 +++ .../docs/commands/acl/policy/read.html.md.erb | 123 +++++ .../commands/acl/policy/update.html.md.erb | 85 ++++ .../source/docs/commands/acl/role.html.md.erb | 87 ++++ .../docs/commands/acl/role/create.html.md.erb | 63 +++ .../docs/commands/acl/role/delete.html.md.erb | 43 ++ .../docs/commands/acl/role/list.html.md.erb | 69 +++ .../docs/commands/acl/role/read.html.md.erb | 54 +++ .../docs/commands/acl/role/update.html.md.erb | 81 ++++ ...tml.md.erb => set-agent-token.html.md.erb} | 0 .../docs/commands/acl/token.html.md.erb | 93 ++++ .../docs/commands/acl/token/clone.html.md.erb | 45 ++ .../commands/acl/token/create.html.md.erb | 108 +++++ .../commands/acl/token/delete.html.md.erb | 34 ++ .../docs/commands/acl/token/list.html.md.erb | 64 +++ .../docs/commands/acl/token/read.html.md.erb | 71 +++ .../commands/acl/token/update.html.md.erb | 79 +++ ...tml.md.erb => translate-rules.html.md.erb} | 0 website/source/docs/commands/index.html.md | 16 +- .../source/docs/commands/login.html.md.erb | 50 ++ .../source/docs/commands/logout.html.md.erb | 34 ++ website/source/layouts/api.erb | 9 + website/source/layouts/docs.erb | 121 ++++- website/source/redirects.txt | 7 + 96 files changed, 4241 insertions(+), 964 deletions(-) create mode 100644 website/raw-assets/README create mode 100644 website/raw-assets/auth-methods.fig create mode 100644 website/source/api/acl/auth-methods.html.md create mode 100644 website/source/api/acl/binding-rules.html.md create mode 100644 website/source/api/acl/roles.html.md create mode 100644 website/source/assets/images/auth-methods.svg create mode 100644 website/source/docs/acl/acl-auth-methods.html.md create mode 100644 website/source/docs/acl/auth-methods/kubernetes.html.md delete mode 100644 website/source/docs/commands/acl/acl-policy.html.md.erb delete mode 100644 website/source/docs/commands/acl/acl-token.html.md.erb create mode 100644 website/source/docs/commands/acl/auth-method.html.md.erb create mode 100644 website/source/docs/commands/acl/auth-method/create.html.md.erb create mode 100644 website/source/docs/commands/acl/auth-method/delete.html.md.erb create mode 100644 website/source/docs/commands/acl/auth-method/list.html.md.erb create mode 100644 website/source/docs/commands/acl/auth-method/read.html.md.erb create mode 100644 website/source/docs/commands/acl/auth-method/update.html.md.erb create mode 100644 website/source/docs/commands/acl/binding-rule.html.md.erb create mode 100644 website/source/docs/commands/acl/binding-rule/create.html.md.erb create mode 100644 website/source/docs/commands/acl/binding-rule/delete.html.md.erb create mode 100644 website/source/docs/commands/acl/binding-rule/list.html.md.erb create mode 100644 website/source/docs/commands/acl/binding-rule/read.html.md.erb create mode 100644 website/source/docs/commands/acl/binding-rule/update.html.md.erb rename website/source/docs/commands/acl/{acl-bootstrap.html.md.erb => bootstrap.html.md.erb} (100%) create mode 100644 website/source/docs/commands/acl/policy.html.md.erb create mode 100644 website/source/docs/commands/acl/policy/create.html.md.erb create mode 100644 website/source/docs/commands/acl/policy/delete.html.md.erb create mode 100644 website/source/docs/commands/acl/policy/list.html.md.erb create mode 100644 website/source/docs/commands/acl/policy/read.html.md.erb create mode 100644 website/source/docs/commands/acl/policy/update.html.md.erb create mode 100644 website/source/docs/commands/acl/role.html.md.erb create mode 100644 website/source/docs/commands/acl/role/create.html.md.erb create mode 100644 website/source/docs/commands/acl/role/delete.html.md.erb create mode 100644 website/source/docs/commands/acl/role/list.html.md.erb create mode 100644 website/source/docs/commands/acl/role/read.html.md.erb create mode 100644 website/source/docs/commands/acl/role/update.html.md.erb rename website/source/docs/commands/acl/{acl-set-agent-token.html.md.erb => set-agent-token.html.md.erb} (100%) create mode 100644 website/source/docs/commands/acl/token.html.md.erb create mode 100644 website/source/docs/commands/acl/token/clone.html.md.erb create mode 100644 website/source/docs/commands/acl/token/create.html.md.erb create mode 100644 website/source/docs/commands/acl/token/delete.html.md.erb create mode 100644 website/source/docs/commands/acl/token/list.html.md.erb create mode 100644 website/source/docs/commands/acl/token/read.html.md.erb create mode 100644 website/source/docs/commands/acl/token/update.html.md.erb rename website/source/docs/commands/acl/{acl-translate-rules.html.md.erb => translate-rules.html.md.erb} (100%) create mode 100644 website/source/docs/commands/login.html.md.erb create mode 100644 website/source/docs/commands/logout.html.md.erb diff --git a/command/acl/acl.go b/command/acl/acl.go index 649c2027fe..250b0d25be 100644 --- a/command/acl/acl.go +++ b/command/acl/acl.go @@ -35,11 +35,11 @@ Usage: consul acl [options] [args] $ consul acl bootstrap - List all ACL Tokens: + List all ACL tokens: $ consul acl token list - Create a new ACL Policy: + Create a new ACL policy: $ consul acl policy create -name "new-policy" \ -description "This is an example policy" \ diff --git a/command/acl/authmethod/authmethod.go b/command/acl/authmethod/authmethod.go index d8be7857ab..321116394e 100644 --- a/command/acl/authmethod/authmethod.go +++ b/command/acl/authmethod/authmethod.go @@ -23,11 +23,11 @@ func (c *cmd) Help() string { return flags.Usage(help, nil) } -const synopsis = "Manage Consul's ACL Auth Methods" +const synopsis = "Manage Consul's ACL auth methods" const help = ` Usage: consul acl auth-method [options] [args] - This command has subcommands for managing Consul's ACL Auth Methods. + This command has subcommands for managing Consul's ACL auth methods. Here are some simple examples, and more detailed examples are available in the subcommands or the documentation. diff --git a/command/acl/authmethod/create/authmethod_create.go b/command/acl/authmethod/create/authmethod_create.go index 46a55882b6..b95a9b0648 100644 --- a/command/acl/authmethod/create/authmethod_create.go +++ b/command/acl/authmethod/create/authmethod_create.go @@ -45,7 +45,7 @@ func (c *cmd) init() { "meta", false, "Indicates that auth method metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.flags.StringVar( @@ -86,7 +86,7 @@ func (c *cmd) init() { &c.k8sServiceAccountJWT, "kubernetes-service-account-jwt", "", - "A kubernetes service account JWT used to access the TokenReview API to "+ + "A Kubernetes service account JWT used to access the TokenReview API to "+ "validate other JWTs during login. "+ "This flag is required for type=kubernetes.", ) @@ -170,7 +170,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Create an ACL Auth Method" +const synopsis = "Create an ACL auth method" const help = ` Usage: consul acl auth-method create -name NAME -type TYPE [options] diff --git a/command/acl/authmethod/delete/authmethod_delete.go b/command/acl/authmethod/delete/authmethod_delete.go index d8c341c989..1b622db56b 100644 --- a/command/acl/authmethod/delete/authmethod_delete.go +++ b/command/acl/authmethod/delete/authmethod_delete.go @@ -72,7 +72,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Delete an ACL Auth Method" +const synopsis = "Delete an ACL auth method" const help = ` Usage: consul acl auth-method delete -name NAME [options] diff --git a/command/acl/authmethod/list/authmethod_list.go b/command/acl/authmethod/list/authmethod_list.go index 837d5f9ce8..a954209402 100644 --- a/command/acl/authmethod/list/authmethod_list.go +++ b/command/acl/authmethod/list/authmethod_list.go @@ -32,7 +32,7 @@ func (c *cmd) init() { "meta", false, "Indicates that auth method metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.http = &flags.HTTPFlags{} @@ -73,7 +73,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Lists ACL Auth Methods" +const synopsis = "Lists ACL auth methods" const help = ` Usage: consul acl auth-method list [options] diff --git a/command/acl/authmethod/read/authmethod_read.go b/command/acl/authmethod/read/authmethod_read.go index 1a98bbf64d..b60fd30a19 100644 --- a/command/acl/authmethod/read/authmethod_read.go +++ b/command/acl/authmethod/read/authmethod_read.go @@ -34,7 +34,7 @@ func (c *cmd) init() { "meta", false, "Indicates that auth method metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.flags.StringVar( @@ -86,7 +86,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Read an ACL Auth Method" +const synopsis = "Read an ACL auth method" const help = ` Usage: consul acl auth-method read -name NAME [options] diff --git a/command/acl/authmethod/update/authmethod_update.go b/command/acl/authmethod/update/authmethod_update.go index 6f77235f51..48571ed934 100644 --- a/command/acl/authmethod/update/authmethod_update.go +++ b/command/acl/authmethod/update/authmethod_update.go @@ -46,7 +46,7 @@ func (c *cmd) init() { "meta", false, "Indicates that auth method metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.flags.StringVar( @@ -82,7 +82,7 @@ func (c *cmd) init() { &c.k8sServiceAccountJWT, "kubernetes-service-account-jwt", "", - "A kubernetes service account JWT used to access the TokenReview API to "+ + "A Kubernetes service account JWT used to access the TokenReview API to "+ "validate other JWTs during login. "+ "This flag is required for type=kubernetes.", ) @@ -202,7 +202,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Update an ACL Auth Method" +const synopsis = "Update an ACL auth method" const help = ` Usage: consul acl auth-method update -name NAME [options] diff --git a/command/acl/bindingrule/bindingrule.go b/command/acl/bindingrule/bindingrule.go index 2b94139463..4bf5d0328f 100644 --- a/command/acl/bindingrule/bindingrule.go +++ b/command/acl/bindingrule/bindingrule.go @@ -23,11 +23,11 @@ func (c *cmd) Help() string { return flags.Usage(help, nil) } -const synopsis = "Manage Consul's ACL Binding Rules" +const synopsis = "Manage Consul's ACL binding rules" const help = ` Usage: consul acl binding-rule [options] [args] - This command has subcommands for managing Consul's ACL Binding Rules. Here + This command has subcommands for managing Consul's ACL binding rules. Here are some simple examples, and more detailed examples are available in the subcommands or the documentation. diff --git a/command/acl/bindingrule/create/bindingrule_create.go b/command/acl/bindingrule/create/bindingrule_create.go index 01bcfcbe72..19fb282c7d 100644 --- a/command/acl/bindingrule/create/bindingrule_create.go +++ b/command/acl/bindingrule/create/bindingrule_create.go @@ -39,7 +39,7 @@ func (c *cmd) init() { "meta", false, "Indicates that binding rule metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.flags.StringVar( @@ -133,7 +133,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Create an ACL Binding Rule" +const synopsis = "Create an ACL binding rule" const help = ` Usage: consul acl binding-rule create [options] diff --git a/command/acl/bindingrule/delete/bindingrule_delete.go b/command/acl/bindingrule/delete/bindingrule_delete.go index 7956e1e3aa..62b571bc6e 100644 --- a/command/acl/bindingrule/delete/bindingrule_delete.go +++ b/command/acl/bindingrule/delete/bindingrule_delete.go @@ -81,7 +81,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Delete an ACL Binding Rule" +const synopsis = "Delete an ACL binding rule" const help = ` Usage: consul acl binding-rule delete -id ID [options] diff --git a/command/acl/bindingrule/list/bindingrule_list.go b/command/acl/bindingrule/list/bindingrule_list.go index 1150ac42c2..bd1feda0a1 100644 --- a/command/acl/bindingrule/list/bindingrule_list.go +++ b/command/acl/bindingrule/list/bindingrule_list.go @@ -34,7 +34,7 @@ func (c *cmd) init() { "meta", false, "Indicates that binding rule metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.flags.StringVar( @@ -82,7 +82,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Lists ACL Binding Rules" +const synopsis = "Lists ACL binding rules" const help = ` Usage: consul acl binding-rule list [options] diff --git a/command/acl/bindingrule/read/bindingrule_read.go b/command/acl/bindingrule/read/bindingrule_read.go index 677a950cf2..d4788907a6 100644 --- a/command/acl/bindingrule/read/bindingrule_read.go +++ b/command/acl/bindingrule/read/bindingrule_read.go @@ -34,7 +34,7 @@ func (c *cmd) init() { "meta", false, "Indicates that binding rule metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.flags.StringVar( @@ -95,7 +95,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Read an ACL Binding Rule" +const synopsis = "Read an ACL binding rule" const help = ` Usage: consul acl binding-rule read -id ID [options] diff --git a/command/acl/bindingrule/update/bindingrule_update.go b/command/acl/bindingrule/update/bindingrule_update.go index 0f6d23f659..ec028cad42 100644 --- a/command/acl/bindingrule/update/bindingrule_update.go +++ b/command/acl/bindingrule/update/bindingrule_update.go @@ -40,7 +40,7 @@ func (c *cmd) init() { "meta", false, "Indicates that binding rule metadata such "+ - "as the content hash and raft indices should be shown for each entry.", + "as the raft indices should be shown for each entry.", ) c.flags.StringVar( @@ -193,7 +193,7 @@ func isFlagSet(flags *flag.FlagSet, name string) bool { return found } -const synopsis = "Update an ACL Binding Rule" +const synopsis = "Update an ACL binding rule" const help = ` Usage: consul acl binding-rule update -id ID [options] diff --git a/command/acl/policy/create/policy_create.go b/command/acl/policy/create/policy_create.go index 7655425ecf..13d81b1d12 100644 --- a/command/acl/policy/create/policy_create.go +++ b/command/acl/policy/create/policy_create.go @@ -131,7 +131,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Create an ACL Policy" +const synopsis = "Create an ACL policy" const help = ` Usage: consul acl policy create -name NAME [options] @@ -151,6 +151,6 @@ Usage: consul acl policy create -name NAME [options] Creation a policy from a legacy token: $ consul acl policy create -name "legacy-policy" \ - -description "Token Converted to Policy" \ + -description "Token Converted to policy" \ -from-token "c1e34113-e7ab-4451-b1a6-336ddcc58fc6" ` diff --git a/command/acl/policy/delete/policy_delete.go b/command/acl/policy/delete/policy_delete.go index 51921e3935..d651dc7770 100644 --- a/command/acl/policy/delete/policy_delete.go +++ b/command/acl/policy/delete/policy_delete.go @@ -81,7 +81,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Delete an ACL Policy" +const synopsis = "Delete an ACL policy" const help = ` Usage: consul acl policy delete [options] -id POLICY diff --git a/command/acl/policy/list/policy_list.go b/command/acl/policy/list/policy_list.go index 27599ff44a..25a2b6e67d 100644 --- a/command/acl/policy/list/policy_list.go +++ b/command/acl/policy/list/policy_list.go @@ -67,7 +67,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Lists ACL Policies" +const synopsis = "Lists ACL policies" const help = ` Usage: consul acl policy list [options] diff --git a/command/acl/policy/policy.go b/command/acl/policy/policy.go index 9dd29daa55..d96bd2700a 100644 --- a/command/acl/policy/policy.go +++ b/command/acl/policy/policy.go @@ -23,15 +23,15 @@ func (c *cmd) Help() string { return flags.Usage(help, nil) } -const synopsis = "Manage Consul's ACL Policies" +const synopsis = "Manage Consul's ACL policies" const help = ` Usage: consul acl policy [options] [args] - This command has subcommands for managing Consul's ACL Policies. + This command has subcommands for managing Consul's ACL policies. Here are some simple examples, and more detailed examples are available in the subcommands or the documentation. - Create a new ACL Policy: + Create a new ACL policy: $ consul acl policy create -name "new-policy" \ -description "This is an example policy" \ diff --git a/command/acl/policy/read/policy_read.go b/command/acl/policy/read/policy_read.go index d2526693b2..4b008c2296 100644 --- a/command/acl/policy/read/policy_read.go +++ b/command/acl/policy/read/policy_read.go @@ -84,7 +84,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Read an ACL Policy" +const synopsis = "Read an ACL policy" const help = ` Usage: consul acl policy read [options] POLICY diff --git a/command/acl/policy/update/policy_update.go b/command/acl/policy/update/policy_update.go index a75c122ef5..629d74878d 100644 --- a/command/acl/policy/update/policy_update.go +++ b/command/acl/policy/update/policy_update.go @@ -159,7 +159,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Update an ACL Policy" +const synopsis = "Update an ACL policy" const help = ` Usage: consul acl policy update [options] @@ -167,7 +167,7 @@ Usage: consul acl policy update [options] current state so that you do not have to provide all parameters. This behavior can be disabled by passing -no-merge. - Rename the Policy: + Rename the policy: $ consul acl policy update -id abcd -name "better-name" diff --git a/command/acl/role/create/role_create.go b/command/acl/role/create/role_create.go index 8ab869c00c..244084361f 100644 --- a/command/acl/role/create/role_create.go +++ b/command/acl/role/create/role_create.go @@ -118,7 +118,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Create an ACL Role" +const synopsis = "Create an ACL role" const help = ` Usage: consul acl role create -name NAME [options] diff --git a/command/acl/role/delete/role_delete.go b/command/acl/role/delete/role_delete.go index 5e1b17ad4b..7714be1f2a 100644 --- a/command/acl/role/delete/role_delete.go +++ b/command/acl/role/delete/role_delete.go @@ -81,7 +81,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Delete an ACL Role" +const synopsis = "Delete an ACL role" const help = ` Usage: consul acl role delete [options] -id ROLE diff --git a/command/acl/role/list/role_list.go b/command/acl/role/list/role_list.go index 95a3741890..dc60a425f8 100644 --- a/command/acl/role/list/role_list.go +++ b/command/acl/role/list/role_list.go @@ -67,7 +67,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Lists ACL Roles" +const synopsis = "Lists ACL roles" const help = ` Usage: consul acl role list [options] diff --git a/command/acl/role/read/role_read.go b/command/acl/role/read/role_read.go index fb51b8d099..8b5b84086a 100644 --- a/command/acl/role/read/role_read.go +++ b/command/acl/role/read/role_read.go @@ -97,7 +97,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Read an ACL Role" +const synopsis = "Read an ACL role" const help = ` Usage: consul acl role read [options] ROLE diff --git a/command/acl/role/role.go b/command/acl/role/role.go index 87bf01b3d7..b8acc8a76b 100644 --- a/command/acl/role/role.go +++ b/command/acl/role/role.go @@ -23,15 +23,15 @@ func (c *cmd) Help() string { return flags.Usage(help, nil) } -const synopsis = "Manage Consul's ACL Roles" +const synopsis = "Manage Consul's ACL roles" const help = ` Usage: consul acl role [options] [args] - This command has subcommands for managing Consul's ACL Roles. + This command has subcommands for managing Consul's ACL roles. Here are some simple examples, and more detailed examples are available in the subcommands or the documentation. - Create a new ACL Role: + Create a new ACL role: $ consul acl role create -name "new-role" \ -description "This is an example role" \ diff --git a/command/acl/role/update/role_update.go b/command/acl/role/update/role_update.go index 6327755ccb..3041192cf7 100644 --- a/command/acl/role/update/role_update.go +++ b/command/acl/role/update/role_update.go @@ -203,7 +203,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Update an ACL Role" +const synopsis = "Update an ACL role" const help = ` Usage: consul acl role update [options] @@ -211,7 +211,7 @@ Usage: consul acl role update [options] current state so that you do not have to provide all parameters. This behavior can be disabled by passing -no-merge. - Rename the Role: + Rename the role: $ consul acl role update -id abcd -name "better-name" diff --git a/command/acl/token/clone/token_clone.go b/command/acl/token/clone/token_clone.go index cd33be9d6d..dfb0862786 100644 --- a/command/acl/token/clone/token_clone.go +++ b/command/acl/token/clone/token_clone.go @@ -79,7 +79,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Clone an ACL Token" +const synopsis = "Clone an ACL token" const help = ` Usage: consul acl token clone [options] diff --git a/command/acl/token/create/token_create.go b/command/acl/token/create/token_create.go index f8c90d4228..5d037c0c64 100644 --- a/command/acl/token/create/token_create.go +++ b/command/acl/token/create/token_create.go @@ -148,7 +148,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Create an ACL Token" +const synopsis = "Create an ACL token" const help = ` Usage: consul acl token create [options] diff --git a/command/acl/token/delete/token_delete.go b/command/acl/token/delete/token_delete.go index 7e1072a56c..30be88a3e9 100644 --- a/command/acl/token/delete/token_delete.go +++ b/command/acl/token/delete/token_delete.go @@ -75,7 +75,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Delete an ACL Token" +const synopsis = "Delete an ACL token" const help = ` Usage: consul acl token delete [options] -id TOKEN diff --git a/command/acl/token/list/token_list.go b/command/acl/token/list/token_list.go index 3d903a8693..9c92ab557a 100644 --- a/command/acl/token/list/token_list.go +++ b/command/acl/token/list/token_list.go @@ -72,11 +72,11 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "List ACL Tokens" +const synopsis = "List ACL tokens" const help = ` Usage: consul acl token list [options] - List all the ALC tokens + List all the ACL tokens $ consul acl token list ` diff --git a/command/acl/token/read/token_read.go b/command/acl/token/read/token_read.go index 5924aaedb5..eddb961502 100644 --- a/command/acl/token/read/token_read.go +++ b/command/acl/token/read/token_read.go @@ -91,7 +91,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Read an ACL Token" +const synopsis = "Read an ACL token" const help = ` Usage: consul acl token read [options] -id TOKENID diff --git a/command/acl/token/token.go b/command/acl/token/token.go index 078c27e42e..4914f4dad0 100644 --- a/command/acl/token/token.go +++ b/command/acl/token/token.go @@ -23,7 +23,7 @@ func (c *cmd) Help() string { return flags.Usage(help, nil) } -const synopsis = "Manage Consul's ACL Tokens" +const synopsis = "Manage Consul's ACL tokens" const help = ` Usage: consul acl token [options] [args] @@ -31,7 +31,7 @@ Usage: consul acl token [options] [args] Here are some simple examples, and more detailed examples are available in the subcommands or the documentation. - Create a new ACL Token: + Create a new ACL token: $ consul acl token create \ -description "This is an example token" \ diff --git a/command/acl/token/update/token_update.go b/command/acl/token/update/token_update.go index 4f814aa674..aeaf72c9d2 100644 --- a/command/acl/token/update/token_update.go +++ b/command/acl/token/update/token_update.go @@ -278,7 +278,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Update an ACL Token" +const synopsis = "Update an ACL token" const help = ` Usage: consul acl token update [options] diff --git a/command/login/login.go b/command/login/login.go index ada268cac8..34b0665085 100644 --- a/command/login/login.go +++ b/command/login/login.go @@ -136,13 +136,13 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Login to Consul using an Auth Method" +const synopsis = "Login to Consul using an auth method" const help = ` Usage: consul login [options] The login command will exchange the provided third party credentials with the - requested auth method for a newly minted Consul ACL Token. The companion + requested auth method for a newly minted Consul ACL token. The companion command 'consul logout' should be used to destroy any tokens created this way to avoid a resource leak. ` diff --git a/command/logout/logout.go b/command/logout/logout.go index eca9c416be..c86d339790 100644 --- a/command/logout/logout.go +++ b/command/logout/logout.go @@ -60,7 +60,7 @@ func (c *cmd) Help() string { return flags.Usage(c.help, nil) } -const synopsis = "Destroy a Consul Token created with Login" +const synopsis = "Destroy a Consul token created with login" const help = ` Usage: consul logout [options] diff --git a/website/raw-assets/README b/website/raw-assets/README new file mode 100644 index 0000000000..c8d862c814 --- /dev/null +++ b/website/raw-assets/README @@ -0,0 +1,3 @@ +The files in this directory are source material for files in the source/assets directory. + +Files that end in *.fig are usable in: https://www.figma.com \ No newline at end of file diff --git a/website/raw-assets/auth-methods.fig b/website/raw-assets/auth-methods.fig new file mode 100644 index 0000000000000000000000000000000000000000..05b596433acdc842b56ff0dcba559239cbf51c9a GIT binary patch literal 451371 zcmX6@1yCGKw+#V8aEIW*-Q5EO2(F83aCdiicXwMnxGoahf;)@5yDdDv|83P)_1t^9 z`|6pQt}(SRW3;kxvw-^a=@U2Rr%z3MRzc*NfCsgiqalHZ-oWsWUpY?)*=I6kDLSbM ziVAB$iI=G^w<>jt{24`s2H+?|4;}p~g*}-qiR9M?9Hbcbn0$^t!sP|C$)yziE{W>d;Powo_ZInyjZLO9< z9VQwQeG+7G}d+AK>2y?+}N)r#T;uFjW=BCPI+FwM?Uh`{G-S?+>nYjz5QMKxB< z4sW^m@+*^QTRzAgYC}z(#Q7+lsho{e{=|1w3UQ1N#NTU^6KXh*$*+M=EYgN!ZdW?t z@%zpQl5ojZ8D|mf6kH-b305zyg@l6*_Kjba6=SA9C)zb-SZor`C=!dGXf_Htw8-q@ z@%5WAEQ%19tuJ6`w8SAjeJea`9E7$C*Ggb?ayL(8>ZoBSE+FHt;r-F=IqUG8%A3tY zKE~;@idQI)TAg~)TCO-p39PkCS`w@Tw@4Dxj>1y4QnZIaFCNFfl=9>8LcDY_9AQ)O zo2&1O$KB>z&bL!*JbXGr!cR83L}q&lx(rbb>q!mmxYD*fx%^e&ua<^yJ0rl*4(r6L zQT*Qt;%#QTjJC7}4b~oPx`Xg-v0Y~fJAMIMvb&SS_=1?)hEpP&zOi3 z%gpUbYZpV}(ia-1~Bmnw<_USI?ap7Pm2V8qS-ajpFV+y0|6Qkf&~k+7j(% z=vdr~g^8EMh8lcywx^ZQs@c28b*GM2jSJppvE9qKkyA^3|RdzKam`BN|})6iSikuV;KHst3G7NrYDK#ZaTqfF-HDU zGhg-zW~^z+DO#;lzMClN3)YJgqWO}kgn#FjEUh1(q+xXgg)Ik*!(;@F0 z<@`r4`zQ0?69$dG+wS?R%1Eaa@VAyB;$YJ(GF{de7TG`Mkxo|K>_B-NzU~X8;foy` z{N`pUd}@1Mn@S_m@83-quX^6Bw_DCN&Eu^lzH~A)&J70_{V*_JFK8(eDm18r7G@-v zpXPyiiA@qorl1jQVI&%(K<-)m{zap|Mxk^bWd^n*emd}1#A}GfFGu!0wjx8^iWW(= zG!Bn&;lc8C(gV-dh@{ibyLl~?@=sjVasyBS?aqJpwF(#7Z5vg>n z>;4KL{9%w?uwJ`w{bwmMEr(HzS+xvGt|PZ7 zd#z<0>Wm~hpcY3@-`y&VG4iOJ^BZrC6tkUf6x5xuVNDideIiy384&}K?8VK%Zq}Jd zvd5R(fjD>=53sGncgl0MPS~f2>zQZn?I)hId#;JXr{#BUBje^Ocpf4%XilCXd|BjI zSy~CZcpYRcj$W(?W%8CBMqjQR^CY6HK&RO2Y&8ISipf#sqv_TPsx zmtGxb(&0JN=ld5?OxU14^LW6DCG&ImTftN$3|U|w!1`iT&6Y3q$UJdAP@@rlFR$QM zXtY5+KZ-}0Wd(Q#c{NZGE#k?lCYPru^2yH0@SuFV4;yy8h!1jaf?JLa|F_N+7u) z5>GiTMoLhr-D3ZCypR;Gx9*8xQkDDD*yoOd%uP*!><=pfM!5RDCr+QhjxoW+-#Uuh z$Vpj$cYKBx(#Un?)N8izu>2CkI)sp_i6B6u0JLw$Z<@am-zj9uq#8#)0ZA_m<9|ZQ zF4y!?WV#k6+4S`)m`r_EhRxdeessIqp3TN2f5+8}HD1W(1~XN$Q>cEk_iU;{nVt6a zu>7BD!lxs1^{LQbP;vGzYu3Z=%8@Ldk#L~DsKS`Y-^j-f_<*5@gnhv!Cd%$>z1|6N zD>Ne{7F}sAu<*zSoOGHz?`Zw=#)l*=!E@@y`En?M6JJs&VmvTvFSQ!Jy>VxbJ!<^& z@JD3_Z26s#2FXcusaZ-;emhhq$Nb>4R-F7x%k*nj`j!(BdjZOq<=CCnLpd>f9I zsUut-=aP$&E!eVw1+kEFMdz!w{MDb{OZlxcge_9Zld(SRJtx@}!I)T5Qw4`kNlrNC zN;(%qLT{(E?8Mo!*1k7~K(<8U zRHu#O@kma>cn z1@=WEKlNC{1R3^4YK*2HW68Fl^7%EzuV&Wlz^k)~F>PO(hl5^64ehTfKf#N^z*bH?N$hWvon$*u7%4n4 z>YAmLH=VE4Xgi7lzs&8{F4Dv1(8m2Yk{lz0qA(BIt8T6<{F)5hmGznf83xLQ9+lKq z+!7->1hdWIm(G*aTw(uBv|}$GYJhF?&=`$wxr;-K?`c>sQ2!JKmvxf4upP%h9ZQ#( zQ8MjG0GYjYLJMQOkTJB-6W!Ex)UZ^^xZ~cFxF0sYF*d%zrZ6asHSiY(c>z(bgo^I{ z(e77v^Re1gf#4u-DU&hI+{0u4pE<%zFItjGEo+5(;x6cha~AX@srCb-Jls-W;Tp{H zyUd9L#CnJhM9#_4M5gz@qZ~fObGNHIQ+_v_gD?H-AkT_6V__O|^J_v=-C(k_2rU!D z$`WSe>FhTDB@@k59;3Y7w8XR2+mgYJs{Ky}79)m-$frEgJgKIwpWJIqf3mXVzFp25 ze;WeOf)IfWii|c){hx^2^Z%*am=mw)COM)iIU|+08OKKc{0v-(7U)@$X}RIujWZZm z+Q4=X^4DQk;LOEsy1j)F^uG~Of-viPeBCooFM@e1_oAf>(aYY~UyNiMliAIL@{e5rDAK{(>nCe&FJ?VlUQS%5T~* zZ|oQ#)Ev!3IZXXEmbnHtJk2<*Xaikj=GJEhBm#vm9Kal*CMsAr^f*r(9+9a~R6KdJ zKI36K>h=oe3FFLKJPLD%{pVmdJiNpe4)dS?Jb&pBU0ObpLg`I%Qu*sAwTt%Z3-dsA zz5NUAR^j*#-1JYdTS-37H2YZ%!`6?QbVT?yQZCxFLE78xGEK>j7717oD(g;<<^DkH zeQ_N=Ev&p7&B+=ZnH}C0Vw#5YP*S{O!pVo4$6FxyZLFTSRXHimKb_i+VM` z@yoRqyzv+I{PU$u$h{{NYnvtvmQ~ErXX5igSPJ$Qwau0vpa@X3Wmr1{ZO02aZvD9J zmMlM@_cISk_4o7&6^4u5NT1Wsi5VU7KU0touGq#Ix|F5wF$7H$k#R7xDSAxR-T8-($(;2&Zv|pCFY-%P%_nlDSM=2eShW4Hdl~P@AE8q1XungTDn}+u^4a)! z;F+cxe(A-*@IUg|m}*HiG`z(US6VPMXJ^w!LoCrGyiXfakDRo`R+`PNXFT6_5GJ;L1VSj31Xdy&WPX zME`p9n7c0sBk{m^YM7A0Z zT3hVzvu5JRcg6T@q@C%4f-Wcn(N3MYw%=;|7?=x&gMe?JYdaPm$Bb9kyi3@3CJb&-HWZXI1Hq?4kzCv+G)zf0_){n$3 zOs*%dY5nY*?*|kp&{^oR`a%R!kt?_nBYl}Qab34=CEE~Wc6s?85VhztUUB7LH#ntQ zZq>MAQ^(-cDVeIVIX+AA_ZJkbLB@&Mn2ul_>}8<^;GfqRgZyVVBy@$yJo=(8N`dRG z(+rk~fZJ}iiWMWDvd1Tx@RgO=UgCY`4YHgFeTJk8I6k<6N#-MMroYT8mR}?vtCBC$ zH1$$`<4ZO{YKLQ(&;-X}ociDpL~jDU-hk2nw0^+TH9Y1=w=qL0G^jhH_{ue*uaLIn zKB);))K_B|gdPoL`SOIVR#G5>^bGA;({pzo?R%%A8yNI-$@aJ>Z*-^*$zfGQB3K5N zg0nq;U1c43c)NQ58A!x!3Ze`{l0dAx`XI_#+%s+OACYk>wjrLdB#GNCGCX+%a3stH zE8?hIZpIqkiAN%|nYk}Zj@qx?yK`gO0}job26s}eAlP(lF6uO()7Qm2_?Ugiy6@i7 zn02uX|NN?^fqLWcc@yxr&e*}i(=guL2)74J%L;IynoTbMH#atECyc|}hfhpr=q!Fc zM0_*-c~VzlNNQ*2d3#ZJnL>`uBxQTd(#fObS)8`JFQMp`ww>{<+xmQ(F1Yct^)1P0HnePOqa?&A zL)kIZFA?qNdjsjWNL<_Po?t)PJF{!mbA9HPHnOFFbx0PHYQZZd?VGNid;4?B{$uPT zop()zvyTw%fS;nd09fcH9qYXU-u9~me4wQG!83^C>^gOEsO0e?im-%gp1Syv#23S{ z2%;Z>y8Df(#jmF1ozvr62iVYWQpK&`1X+Bq z>2n>=V~#ak7FDb{{c0ZbZpb9vBsu={la5*Cv}YCAyJV9ya@n;1ev!ZsaMl!zI*;vW z?REUQ{>&yVc1Lg7ZUHE(A?g^KtWdj5D{!kPgLuQP+C9(xdjv-JWh(JtUfQcfBZngZ2Gy^I17_9^9y~IlQ zwB-203Cl#7@qKwJYe2+v1bop6&{;Mp4q-eEujClNc)$Paw#P5Y@ z;vxd1w>Z*Ri1^qX`>Kji*rXA#;`M(q211n>zNVHNi21%9baC6c+EIQ#d{;jw-=CN~ z9nV@mx`A}VhY%`>5C5d02qrhCDVYNF|EVPu^2{#B2f8Mq6}Fed`rV?w&tcyMe}(s! zX~de5a%dRRB^H9LY%S_|4P2hkc~r`O-QXwOHKOkNV}bcDHl;`-K7<1-HL6T<+~&m9 z<<%K-3}?BT%O?H%S|Pft7`y_2-pMA$2>L!_T3G#!{?CBRZ&C9ZR%&PLsbFWl>@3-t z*II;E1v6%tBY@bMcECM#95MH6<}_{$LY|Q4+}+j&ZcO)mVSOQx=bx+&_5P8nSV1PA z>9WKSgNi3AUx`ZEPHY#;>Aeu8_dcK~H0~_iuWy=OLf>)VaIDYFbf+OoLLcLt-*+5) zv8SO|J?6t*YnJ!6XMM>T6U$$XTd&}(>~|j%9mPQ_5s^h}_~RVs3Ba<^eM0<&7k83P zi98vM)DMOx(o`+JR3NPxG6~l?(CVH<&L+CN+uXasl_NlMVmF~+zc9p{el_C0u;{SR zAJFOUtO#sm@pVH*KLH32JxRdh{+vB|0xHUQqw0IBLm576_ZF?vghV>qDX zr5ET}-k*?2=Tb$7td!C?dOSJ^zDTF)Cc!JGpS{RoF@3*t`-`nEi|_t?ltk?DxYc!} zy12De@kVUwVj0Zm@=Cx*WB|FV6uoQ7RVrZx&Q$!7X5T+U;j5t5OlcXFO1aS+5n5t) zY3)y#Ndwx+l)wXL+SmYpHS-<;7KU^aZMCw(8UTDALfQ()U_c2i(9zk1q9SfJ~}jipEg?Etm-T9F~gZhS-GSQPy!2_X<`F7 zGM@-nkJ)sMYY2)?5jwEozl)FRXZ&lj=lKi{W{ReDeIcOz{eX^3_O{p_XP=0JR#l=@ zLJ3UNi=a!|fsIpOvdA!0Z7Xgsys%&KH%$R5Ke?5wcB!FI|0J@pnyHVOuE#!J>iT0z z5SJ@pGj}{9F$Bzt>%%IoN_2V<{_OoS!JWiJB=kBcE#cpcG9(|_)R0%ldF;IQUmZw( z0@0}ooW;=DD5emn%$G7HQJoZr{-L{?{N^D)Z^R_9R65tY^{axG$V8@u5$Nb$!k%uo z@B;7%SIx+5pm3}M7V~{XIMEbf5eCdw)NCPms|s7}9WQ_8tYj;`H2@qP+7}l~Q&&oR zsg{_Tlwg2dg1HB>mF_f^O|%+~s)GO}4gXb%q&9#rpRS8eh0p5Xy)1tq>RQTuBVcmltVA#Ll|7amlT-hdPhrJ!nc=j!RZ~SiY0@ zm}$4jXL7k5{|!OJIjx?_-n2h0)=+qX=P#0<1{KUg#eVVyl)HQ40b(Tpp6XoRDiS0Q zL*^OO_MT{qrSstYgqKQ_x9p4OlG$u3oJ9c7s%rJrUHU2@6T163%oVk=NFTcvl#e+4 z-TEbkZ35u^0yxsnpd(SMC=l)u{fJ-#{tyA+OAEgSK9YX67tTHsarR##NGhe(RriWVrT6sZ;-*cOBZU7Qgna|J=DOAaZ(TmhcJF7U zG`DJrz6s-D!9S&T1~US{v#?L5(%zF5s#;3YfBk-B29S~j$k)iGpsP#e1UN{fc<9Ic z2AuP00OVc&t9%fkgdaEqnn7*sIN4?4-mjo8F1By-*)jm&ZGIRrN~@N#qnHAff;_D| zqc>+4^P+<2`IZmho&WGMWwwe=P%%a29zaLtt5c_%iu`tO0O0+|m{dx@$2_GJ75W^z z3-{5=X1xjqum7g?|EFWGrlZcMD?2OFpSDBZi4`_OiCH(>P`vrrbN9bJ4JxG-RQGO2 z2lK)AvYDO}n59u!?d}H>(Qo^U3oek=j!V`LjwF3%s8nH|v)KHvH^R(8bR0kPY*a^n z04B?;W}NAd$|_fO)KU<%m{S|8ed_cr!~Y{6zM)iUDxjmONy+u(a?Y)`m}bf|c-pi6 zHS-Hxl?06 zYg11MisWPy$5=U*c*-Quno;q3Vk~Jud_6{5x5hj7IY~`{W92~0fCQ-X5ss?S0g052 z^3mm#l*vV5Fza2)6j9M=eb-daFtq}HM$`M-Zo$vrGZtmJd=}fm@LrYV{e-bO&q*?; zxFSCc6dJ5V7+YJbNkcVlA1ccoM1j=$j5@4Y1fsa`j){;B_u${jR3~U zQruGA>nY|*c?rOzaNWT2ZC~l)`%P5CTlpv~Trl`5`4t{a}vh|M=M?8L-Epy0`5!1qq@j(^Xd^ zs-jcBUIRDgPphTODy0~HBuna1)h_3-vbi5cE2Z+k(#JCb;DrNq91Z9Tk6FIOxqO-q$9bV)Ka>LD-+tF@((Qvx((e@eN)tGRD|$jHEP2w0$H~7r`Txe1 zRO0}JJ+|g0%PzWiL)!FXjv=lM@WP>(;xo%F(f~)%LeKIyf|xwIV*sRWzHJIXG~4LC zRu!gKb+z%fk&TbRnVngpMZ@0fFyA5v4 zQ|b~`SCVT7)RgIPo)#)?&DOLVyYqO?KW@$(2|$)tD9N)5uETs%NH_@xOU5h`@QcTU$K5ipQD{* zY9^pTT8Uk28BvfE?vb4(M&r@ksASps9{=>YK5GBfdqD-Gp;w>R~RDa*S1Ne zvN${;K7qr+X(RDlpi72jCYypP%NWbnijn%J%z6H=KDOVA1JjH!$=*!H@X+5&wynU(&guSi58n zAx1m>EX3dTU;Ev$Ybn8iY?a8^-GetCePXbw*H>j2Z@H~0YpB_8p^pS&v1mlz*)UW{ zJUtioz%XheIOJ2=^%#AQ=RZpQ&|jrkl|Xvks0%$4Yly*b(#-zIwi|10m{S5f(FAuW zo^@qI@**wd)*4atb{c>HdJIdar@f%Kpuu^9jv@OCC3Q4OstTX^f4sw-<^hVY#+koE zgRh&Ibz}Ndnwb;ky6K{5<5kq$4?fNZhYp?X3h$e?Yn) z6F$!eF;*RK)HdyDahVQUg8j zrtZAv1Ha-%TFxh}R6_K+xlRZTvZ_s27Jr!QtLrWtMbb03Tf2X1VmjVmn$(whavmnj zcO>4WFm@j3Zy2h{_IoUw(9(aEZrXS{u5%&bzW|*dtDG(uih+DwZ$@C@edzB%QpCT0}() z%Q4AKf%18wmym(fB&{qLre$r=Cl2C+@b`%)1@fYoqweLY{ExE&et}<67&5mYU(?y2 z;S5X(*M3e@24;d1G9$nv%{beqn|ill^gJe%Ta@;_b&65Ry>Lk_G4hT!1ovmr^tP#> zCBN}^m3IfS=7y2q_HkX+g6CoK+sjP7Z(=PCilpvxo{UR=;euqz{#+1`%H6l1jZ8Sb zDP1BRuOCi+G`sc^i8$Zn?6FxjUvtkNfD)DA|N8R>$B16_SfDZN!vB$P-ihXd5&7Wf z@yW;0k6d2$IJ>?&{hV!h)oY^ZgE%u5K%Z*iui`x)y=1=cQprs+-^)$DpX>|M-?P74 z1p27#-Q-19#C~-GW93aTvbx#%VAc&}Q@xyI(K!m~+)TVZQ&~JyJ*7QU394tzT>udc zH~uVkTa+AS5m$HGS(-YR@ggpf^0+*V+NKId`i$Cb zYNF>5&fR*nKe%wXpqCfX+EM^Tj~a}Y-H_}p4e1#raQm4357nHr)K;kUYGa=vE;R18P7j#sz=of@dz(4|8c*2GIlJj(BIO>zB?xUZ%6 za@gGW@Jx?#XIXT5Bw3xC4?-R0oirZ33U*sui^FC?h`!~LJb?8(m+L@qDJSCwp9Ne2 zkee|V2kc%9K0&iX5Mq2&h6AZ{{x=e;EBl~tZrD5=;a4P(I&#v2=%pvy*u_B5miOgK z(%A#hL~EYzlJA8Iq;B)eDn_Y$N7uJjEatjgq6`kA=hC^IgX4E21ya|obx?>>pt@tVKszHWRRC3)2g^P&{)DmID)S9X^TI^Rh$g4CfEVvZ>7IIq2kw(eMG zWwxcjl?97KvdkI(mM`XqPmD?{_lI7(@L%R=DinQdsq{$Lb!~VCF6QU{Q=OT;bY((7 zx2%SzM)x458Dv*NInCh1D-s=CfP>;z(S2o|9+qwog4>e<9TGJ;K>0S*^)9))NJ5v@ z^fb>jbbb>oM8$mt&F2f;HAX++sGP_)MLvEY%yq7@sIQCsBu+`Uf)JWz^cETUc16)0 zcSUil5KTR_$%ioi&uGv%0W5cswo##uNofTW+I%&Zwnw)~d;`fvS$%7W>53F?*pyEMTQR%qo13UA6LMQzUrJh{&u8Um) zrIuV&Q0NSP&?!SzPey%EQ`&Sck`DT?V+IX-AaVu*sws39-i-Wn4hAUU8;V=BOqpnf zw6CIxgz%rLZ{aC+#Pq?wONCfqc0+uzbH6m!zXxKZk_u5rkg7aI8mh;f zJJ+jupXS9~J32iRnoddoeR<)df0FqbaM!-VEQ_9WbAn)bBW~Z}9%uZ0Nl_pDzFX7{1SHqq&GBfm{*jVb62mGfZlp6{M86YprzJyAHBKSoW& z66xfVC%4oT^y2B{Uxwa;jeU-5ziXm4HmkR|-0u419?iC9Ssi>na6mr0ApsWTSJdR) zJA-KsEA!|T5a*__YVuSD_Qitk*kR@0tb%jF+7JQE%2{J2K2{B35t>jf#Ka} zDaI4=%jdne583d$q+F$;mDZpyTJ37-qrcd1!Ntb*_liuMAKitXo=;MD)6%8rz$oxgD`ln-I7iaWY6UNGive?-8Ti)${%tU^^YfpIAtNuWuoFzt4<{))7 z!)y3%`4gI;VsP_;0`(&zYjs7T-|Q}?xAY0lW&7>nCVcl%Pgx|oSdzkJz2n=>KX1(> z;IgKdKGpI31Djx^zV^wk43q8WO7X+d9@I6yw`*y%{1+YOzEM+^;jPxn;6%0H+DEnE zrdDL6cIS&{Ij6r`hOACgSH;{d%}x!yeitsh+5=^Jdkpm)bGLvl&k)u7W>24qGAo

WqQ_}_i@gqm z7rOwsR!pjsl}L7XKgo{v*u@4HZ#!(bNp9oykLC-4LvVS&k?eS>;(_!1`!Wb>*e0~4 zpIm<7Kb}W--V*HYGW<-D?Ka&14o8PV%tH8Pct0IXwoqyR7HE#m3v^i)L@?TQ0r0Vcq42lca-C!p&||MQ8exF64Ds* zS4`(&=*)ye8me1F`Vi#DAzcv|`F22R^FkPdLb!5&4szg-PSBe;>JpC50_}G;w`4-w zhhjZ__y;U3eD{c66|$NPFk0t&f3cLGf4H>>39b?ei0pzq-$|v$UA95kARpf>@h&ilf4rW@3 z*FX4;_I+^x?VEB?nh58kRf8F#KwpG*!P0(W$k#&`VzYe#d7&}Psx)ETE*@Tb8fJZz zFcCSjD&OF!wk3oG#JdeQPQsna(C_c(m7bvY2Q@LZRl^)2wZ{u}G5xht{8-j`mUY#B z*4K5LqmU|MibKn<0V4isc@{tYd`Md*>L&+4PMqF@s{LR&&expEt&5R)dnEOK)|c{7 zqgMPtgT$$8n3KIJac22Rgwe6Ie#3J7H$4x|Mm^942>-sVOwJDEJyP`4eEhWc{>O6I zlE12w=0j)B;h$nTdEM`qq;E`$^xKOTN?aB2gVhDOsCqI0)a&&- zZ)7SLc`a;CD0;r&r>cHy z7pU~S0Jcj^-sghcipKULrgq$D3G~MAw^^s0tTrq_=%f2-S@(*6#!cR?hMw()hrvhg zG`iEG&TRWS`xfxB^0_Z zu^AWhc`ia5kMVqj{#_SP;HI5`rW7A>NRAF#(i=Bi>nFFI!VlDv79}^`+6I4klxO}{WNhFv#Y7^=_U|p$L!sKGV!*UxC-H=eFs^{O_MB?>>yn{x-88jbmaQ0lC+CR`bI+Yx*UH_oamQZme-Qc zQa1Hxk9YTgP+KANm6dnYhfQdR6?!|{WXx$eijSBz{n%q@KrNzdj^5ZK z5B{%kBX<64@iUoEAIAWJd%51psn|{6wPUSVZqlb1FB|?*L2_`a*}09|@#S2N(>lMk z&m?3QMH}pBH~T!K&&}7W%I{Da)r7QOW@x8lNR*3qE z<*SNe-^n${P10IzBg1ie=LwGt3imU(ERV!;6l$Aei}j6}HP^;X(0B~aEhJw%;FXY@d5wyN3=yyh`AasJw zEW3ZQadU3>)YrLR;&L{Y`#KrLH@<_l{}=h*qw@}DRewO+&k|(!dKG8mhn)urs7Af| znQ>OTZDF_iMz`@y^gn>XiM_XITXoA-LEZ`5)!Gl+4wCSJ7i(F1 zqZYa+|Gz*7} zSq74upfj^k`tJHYmE0z=G;Qs~jvv{Q?tkV*#;%kj%f?)Z^k#1KyPJ&^+ny(5MfP;* zoZXLyM!gOX9FAqiWI)Xx%pmWMGb0EHT0eLHH`p|_$n&Z&aw&(#xiN1vnFg$f6?G;m ztd+TMX6a@c8N(QjNHVp~tc?Axc4$v~sE)m}tOs*N9C#i6tFZ3Npw#&p-|5`ArB>{~ zwX^5gbS-{KEhN=Ut;G}NFHhymwF-Is$BoytXX>H``?50RXugNTvS>}ejHsV8-NCBs zPb5l-fH|lW>5|t#TkCRTYKrjpn)Ob~~c+ zx{3R-sqZ#+z`k0^7JKWDt<9>cuM$BL$v=YJX4a>efmjAx%h^d$Q1e1H+1YptMj_U! z5`VN=b?m|3`2Dxi%n2_qq^v*(XO;^Qo;-fcZQjvTFRXszy%P0o%f2hGitgK4@2h_1 zi8NoyBHWYZ=`>$$WW+iKKF%MJKF7Gc>EMTbjlCKf`tlmvbaov4OWks$ z-PgKDzW%#=IXi0fk47wsm=wwu2t!g&?sLVIqjk{RHe%MW_wd0iD5%8UI7 zz#j2{VENgq-D8A)graxB~mr}bI#_N)zps-FXh#f5^c9)+#{GXf*ael z3`H|`*}SO>lgH;ISvp*Z9?(V1ukc3I8L6v zrCu*j4w4j59-r1B(7wJ8{{CQp>FqEutHLK`1npyo62x*pw)1ko-b~+cj4*A z+vnsd@PGz6atZn32cDk6O>U$wuDeN&N5Q5CRC4Xc3VGKSfr+V7Uhx&GguD zWU@1Sv_1UUhm?t}UF6-jUal7Vc)u+!2C2xIyw5rxwg2GmN30H6rvsjEnxdvr>((tJ zdA8pU(-$InR=yKrG;r6PdUG1==*mU6z@{7TacT~{&kJ^P9@)ond=9(`Yv29)EkQuL zPP9ebUwg^lpmQfH5L1FuGvT?Y@RX0;uJp4WpWo4;TS)}msC6T=?_&&Cdw_R}4eDHr zp7HC0S-Hz27i9#;>wm@q4vwMUO2o(6CA+uVy#UgI(mEL;19p3ZcQMTW;h=F zKeqipYzr6%nS*iy(KMfA0+A|w*P~bV17sTUF<=-anM5?5bvFRLSbxa&6?yoXS!}a$ z$D8gV_hFrUJaX`cUj*_5gg3dt_j}B^dzo)AgHp0mm+kd_)1UEos&Wy%eMUtsQ8NT; z7#h!vO!mpLFsh>jANCRk^!WQ8q6uDh1^CsbnWyfNMb|_ncs z&(+ZosWo-ctxcw{du1JC#&0(ubEgt2oM7KHQ|1RoR=We$7yWTJ% z=eJE^B~*lNmS!suQL&4jL)36wnXVe(WXo8s?#QF3^m) z;}`)6wu*B(A$-Ap@|XC={J_WT%_cd|{TsCd0q+ZstgN+hZDh^8@FnYfIxi#h=$5g~ zys*U{xmmAnUUs8>8!!ENqdS$O|H}Jzx8E@sbF3s1}@@73w{9``B)`T1A zzg_HT{dmBTSglkd{%*_-@0Pw>U4b_|?nyUL3k2~4^RRc9^<%^DazyychZ{Nnd7$27 zmzM9s8qFzes5jLFj$0$Ye1R~y=j3UP+j=r{UPn#z3mzV{rAhjVk7z5r({RFj#Lu|V#FGOC?$EI?ByxprR`(D1JJyj0H4wD2PY;c%Sb4L?- z$|5ayp+ARodWh2ebctU?8;r5i8Y2FJLecm;d~EM^o33D&(+L|BwUe5)3v8{M_$_tv zv&y(vm02XS53}&}Z+D~v-aCO5#wzSd%&j%FNw_USw8@uE9n{H-&1{s(oy|4m$;C}V z~uU)f$U|2RC3{PlTw>HUnl)Gv*9M4`T{4-HVMB>YOka> zZjD1tN^i=-ObTsALr=18ju#e9<4(eFc0x^Jw|`qVn8KfgF}NVPe>7w!xj!|uBfj4> ztR=diGrS%BJ-RrEU@W#iWk;%Zq;96zq#;ogM6pN*yZfi(FkT%!}k=x?_kS*3wIWAo0>z zfFQwAR)AnSfh=C%Gx5EGK_1M#m;soa$(#iGp58$J^F4_{9@IUi0oWjvR!k$VKa*tP zzAiM+>KLwS(Ex&cVy&Uj-;TF1REH9J$5dry2thbe)rjkB$6QFOiw(Xbt3tfsGRb2$ zmxHrvc^PNdVD4>4Tu?_%_k_Dq)F9Zx|Mf5P%K}rKL_pKmDqaH{D66j;^gWrM_TN~B z!rBDJmkn)Eob1!B`m^z=N~0H?Xbe3hrt!R%6Nz(5Q1QVrNEySa*i(qfT05E#$SKADn>3SHMxtPi{0X1)s!ZImq;XU`M*nV~PK= zh^XCMHtj5U#qIeDH$j`%GO^0}GB__sL!k1!B1HuiZ>O} zF1v6;yA;kThe^K-=*jl^UP&yi@JN+4)p6fxK}0aZo%CzA^ZOr7#7S&df`+h4yz-~-!d?P@A<8lHS03Oh9hj!_;+ zoc+*WPZcXqkI_*5 zkTV6xJ6XZnjK^r!kDNEr*Jf(UBiD~ z%>Qol?e_*(AMovdKzUP80peT^kh&&)#OH!1Q=mrUpzZ3j!tJ6B zCp{Rb$XPj7#Au>|g5c9H9T&c_RHwYF2#^B1rY<2SP-sj$LO0^ZG!W8p4Q21L^Z|kb^p^}{L+09Zjun-TbNA9%WO>2KboU4&L2lNt}1!d9MQ+rbB*{S z)BcTRUZJw%m8oBnlSrcK`38uuc35P3z{w#2uyyY6-NJ2j+C_itH5*_-4rRvR-1(F} zQ%C=O|Edkm1<#`EhvEZ(6J+q-z>PbBFs*~?YgcMW-&Ajz;ORj`I;PW(0{L~|1I9jP zc%O8H)%yer7ER`X^E-+GGE{UUIeXBz8$p?T4313+KxJ-~B;f(ge*QcALX+D-GQp}6 z-}71o3@Mr$p#crFaIB_<-??ggAm5;|4zzS9bqJDL$?QQyo(jX~;pDxd0#Jjm7rCZa zDly(Y7&kcjCa}g=WudVl5gU)0%tDo4F+Yyfjx?{{A$|FLj`?v%BH{tR&dMy$H?Asd zYD$Nr^%HOBlMQ~xx=+>XiY&*>C%ZIs{ofuK`-C7I@NzH`b$pv_^hm49*K0|GUE|^6 ztI4@^`z_vVKVFM)bYdr{faUMN=0@By+1BxiI3>NT;w`%qUIWJnJ9t+8;_v+9GY)A* zo7%T>VXY*%NNEf_tRc-oWBu<1EV3qCKif82MFxarnG=SR)jMNjDA`9)KW8$NFC)tL zItDD@L~1haLgYNp8@@lTEj`)?nAC-mIe%6p+V`HjzL6OIX1p6}^SE}v#4Yl|joHJE z-MYyRim9GexmW(LQK$WJ@K~e9~;_;>Or|=d55hP!q3h^(e|iQjUVB zWF~!fwBM`8Ck6Hf&xb$%=P8V_HO7v0*zM^J#)yDE<9WzleZ(n((WA*Q<7rU^TV!~_ z7dtTvRWd<*T=q53C3!esXjM(4)3QSLBW)e8kH_jp5U|}d0l40n{*Lx;dBw!15H%-p!x-<0 zm!wGhv4%3`fE({r;I-~S>2@+sl^|lh7McCFw|3SW(d$B!{xojDbUm)~^QrBY%{kI+QWLVzP0}t7 zib$SwP5(xBA#sd#^Ux?Lei$2}BU`t}{5W?ndw9hP`5wzTfKOMM%x2#ibs}(h%2Z*P z9!uv;*~y2YFfsY&n#(pn7cue~z?Ddc7CzfPyEo%9XyOrJC9iAmZk{q)=}YNGKCY7> z@)S4atl8x&i3&nuSi0iM_OyvVY`wQ5-yt96?EW-vogmWA3MJb%M2hz2zm`;0FSa1_gR;k!*84^9w4-P`(e`Hlr{*^Op%-6T!|U zJl`ozdy#$6qg|jG#;gIjDj{P~78uWRO5@!DS&oAHlAt!s zp=D}-t0FRn&jRCdPH7Z7+Ur_jI%)v*BD3c%<(hA>7lo~sU*60*O=j<6R;<><`bHs(>xecaA(SHk0m^@Po! zKXP9ayDzak#Bay-BtOXK^JB}+d%Fa7M=%DaNMRvuAs+kSyJ11roSsC#rMCffY_Is^ zLsp!gPrqd#CY66Yg5|hs(Uua${)l!2UTTVUSZyM!$F6TNTh`HYSY<13LLRa$b~%_8 z?RO-lT~LaAFyOTP{dE1O_0D0{qAnE)mO}$&kSJx$OJ_g5cVhYB zIKL_uL*6Jthp%}yz?#N?(-g&i1TBfU{-r0^w}>BEs&76*WnH`cUF{Oj>zuB(3(6g@ z-EP938Kpymy#{MMlDOyHfXKMgUy=K@#1V*ZQQ$MOPO80X9ILR0#AYDOhuG!h^eIG+KD@) z)XIVwm2NaQpUn>(k0utuZXq8V%)7)}r%eL{Hp}hD-rf>fOEAM@47nH?)wb4#*YmpW)H1vYOF7E)7TM*b3!{3pf}cu9*$@_4nv1v3~UY;~}ekd)pKGT`%RZM_02zzxp!tdCdGH zK4Rv21jl&(2&QDMlQB^C1+%}HRyxri|r5@v3SrH^``_Cm&Al4EXx z<&E4&qc#xAmxB)s%Nd^Vb9fg*m#n*4S&J zPVSW-J z-}~$e9Dm0rA)lzz690Ra1s>z_J%Jl*iv23GcU#*xl|Z7AkVL32$x#wA*ni%yD9NR?z8T>*&m&wy)hljNp95-i z{}aqIg0!*bJ|}b8u1!n^C-ZY0Tq#&CKgMmCx0!eDl{3%R$-O3I7VcszY=51p)0V$< zk1MkuVNbWI?B2Ev0Eoy<~-OJTlPqaT{1s89dPUM zU1|bOHwws5MN-p1>J`Y5&uZihU*^d#Nqg4^1QW)<)30qK3uM-<)ZL-$*4W%K+p)Q( zteV?*h(6yGd)*aZMkePTSo6C+`so=a4HZB8HcNTfj8c}SZd=%lp4EUxP1SwZkX0!% zFBP0vp%ms^hTHZzL~*fS4T0T?rs}Uf(y(W8ykPNWx~2Ybuy-AC=H<}0r6{F`9V&H$ zUmGopO@$Xr&AMasTSlF%qgN3Z9*`w_5#Jl1CS{6l62cwsYM@auk(q@dM;ANG2P?yX zvy3`&za87ANn*e46GPp-4REEoiu=!%Exy$)k!qjZ#?in@B_pLagRRKW9D74O;}!hT z;tJjcIizjU&+D()r^j_I{(0-6;LJwl3PXLwUa}`~F_*C^tEZX0T-P*0mB0bI;pXHTOl< z4?jcjW#4blX5^f$(6#@o*cI8&h_kOi-KGh+JYE zAuO~~fDXf67Up!2L{hQ#Uktk6Om`%LuMdiI^#3v`OPB2!i0nTOReG*?r{k3t;5f@C z=uC0=uZ2jeeRn^M^CLZ~-&g1pb{|gM&im==%3tk{rex9MUQy!qbZG`pdhwRO z0v=T+MT%R(*?rwjR?~ddd*`wC7iLp^xz0Li+?*fZchn8k$Ub&CU-dv3j{rSt!(-pT z-H0!`Xjs{#gl6P{OPGW2k3(qcc2!b(OMSKsvE+VfF;r<+u|%^ z!>*&y7N#P%?N(qZj5L17dQA&?Z~X$TNr?}y_d5byAN@mVM}BTYH=&b!qCEo8+6c)v z+h)b(M^W9j;()!gj0tgTC!*?jNN;k#dSAlSw46L?U?Bh|e) z?7qoLo2~WMp72Uy*Q0JL_G&3SKCSgQjYpxGq;n-sx5OtGRS-sl{6w6n%gQATI(j5VGO7#eDDvA4n7Ds?7-ey>Be=hLUjI&+-=i?|&)csW9zX8hi z{@fE=A>yxDQ!(r?!y611$7;5{Y93dR=FALRRp(eW|FI-B%RAC030#@jG1Qaj9<$Av zVCh15oA^L8h8bjs8p+UuO-!A}Drb|4)5Jc>PQsk9r$Fn|7L98o9mK)~iijF=}+Bf#k9DDDn;GqPPqtgnu4M_aD4 z{6!rDuCCqT6yTh{J-S}k?yZ7f!Bdh6$+UBf={c`u=wXPlpz%L-;ui-wf6Do zWQ)5y8h3}Arx+y7UbOExPg62m0|%NXk?_^m6%%tY>K6dQOOvev;GKO)+>^r(ZHl zaHJJ{eBM8&WcVVyD$kP@FF))VxILfbdNjYJs8_n8e%P2D_m;30Y*MsZC9Vl+k*(PY z#np!Zj{wGHR9l8KSeI$?^WN7iP~ zu3V4qvcT2dXwq~D7Me*I*T?J%A&tD`A%ucOkjYp;JYRkN@6kT;=H0i?f$K$)g#-@#B=;*&K zsqlYW(w~j3f1Vpn*sf{#&tbLj&nLzBZ*?aA+d9i&!`aCT^VKbs#JQrv&>PO@m(70l z>RDIgt?PPq!fYkBhcv!!8d(#0&}%4W*EXNY*eydoN-V8FKH{u*k?QcD->&7ru2$-K z#Tw3bTkXSy858c-qDU90VL&SoF1uC83KdMkI~5k}*kSClE8OvC=GWNAllIPUYg@Gc zQ(9r_@TpCex)lE1!V!}yec81#*0%z=st}m!%G{$+e~yq_hXEw4JpK7|0#3wplhyUa&s_dxtPxeEg#Bs9-*7e(k3A+ylUaNt0LH0fkxXS@b4gr-d&?C~2h^w3e^` zVsjS=ZhO)>#oky?J4GFH3O#G$OL-C-aF`?-IliT;&(=A)84#Pasb))9I!WeODGxVu z^NL$~%_zI`wRq~SS;k75epOw8tJj}H4)Biv6yp1=TA_RtjM8uc7Vm>(rfdBNu_Xz} z2bl#i)m(u2``Y}bVF3{dL8zJ?dhC3v{01D~RR`PO|NfzNkxfK19!(upcl=*w*lY(O zD8dJSi`abq;GGM;Gl4&esX6+sxcTCB z=gg;ySjv5Kv^oO5oZw1*;ryYNlI<;mAtV}U3Kyb2NiXT+AS_af({;XX{C0=oC zHz2N%e&?w#7FOOsxInv{pqh${H;2HC^A)oALYoi{;UC2Iyx zKfiLQL=J#fm^=hBddz4v)Yf@0$60X{b(6IDBq{-(S)IJua2e=PPG8%yX3fg4ONHBf z#2sK#X+0P{bA_MOLP9q93B)}FQOtrtrBFE)SZ!F0f^(lfy&2>I2|qwP#pdFb)Rv+} zWo(#CrFM$#*QLSgC!FNQKTLXJl;dBLRe?a9ekJZmvTf>rc!6{U{A)Wgbn8eheACfh? zws1&o*sR}^&4BTy5+#;QSD}K)h_QXc3Di9GrKZndIxYmszi#LjC4U<@&zb zuKkv*V#N%93xEqBP}g-(k(qvI8%m~1R5?8`hMMNHz8R*fRr}LWLFAj3LFzqc-r@6voXTV41|MlG6Z>3m>_j+r z)YJE;vwZx>Qnq`GsLzYKo zU?sa67K>wYTn+6pO5X)cQ`@PV({9eSMyU31vf|HRRed$DM+M)20#t%uEtVvB98gkFu3xL`SFOyVazQzgf$S{&naq)EwW#g zJcS28h(C6(Y-yd}lzBUd{X(v$|E>VQF}n!Ps?~DIn$Wc-e*!*gp}4S&WyBQOyWSAU ziJKwSv5-C@l{@Vd@gRC?Ch_;8RU2%-h))T1Cgrw>g!Q-4K zyX7i!PZV;aZCRMbIwc&0#0lmQILo$_F*r+|TNmDhK=>t0#m_QALYS^@z`bM8@KP<) zDYj`gIf~$zflok(-Y@dFDZh7EuEaMisK*o2^uMRpZXPtAlQ08P9=@Z9piTDM#a&DZ z{?wW7cU#-sJM5h-m=^KbaLj-w0!S|*vjdbAr<+%fkB6^Nl z-Cg?*9a$c=6M59-OO=5Z>(+8sd}*WPZd}}78kl`4?IhnSO@>Mh%++gKIcfBEQ@_Z9 zdr-M*j?CPfRvWzu-KriCEoFNra7`P{eNzP%)3MUvyf2p`0#*QpP3B!w)x~UDh`3y} z&gN*%L46SegCFIuzYndlD!_#)c7X6|c&mX`^ zyl1t^V)JTpK_Sye4a5+H+b5g>phLP5vh2%WtwVbgU6D{>&h3aUs4BpBg!%v4p zP#@5OSohq-<~MwR8j=6kNj$mrG2nGSj0om~w1c_LKbCLqz9HC??Q(|c!!Ee*Xx9vg z>l<+^^<|Qdh>>Rt0gv#iv&4pM5OM(mU1S0`y%W2;I`Gjm%-=2a{qSSolhliroP7J%Ymb+14v{#KwelHI`2?b8EeRfxg zp47$-zF{m}*}12M=d7B&pM#iWf=k+Ly(qXxfi2|wx1B-4Kr)u zkgaz!_wp*VF6;$+>wq4;UE_$jSr&XT{Ks>tZ75q++pufdkNGw&sv)&<>`W%#Raz9q zc(Kza+mBs3VDTwCg5y3RhzA3q=P?of;d1WeK~>wY>+yAsKitBlt6!>7T)v+`@`k(t#F0ZT@Z7SuZ%j_=peFhjOqq`we2&h*WI;0g#gyWcHL?0F zT?5HGf*HVe(nq`&4A^lqnj5PDGNe#+v>0<|7E#^>8xTW0_Nl*60?FIH0We>e$>ceHY0)K-9qTmw%W6X;(1skw2w{W=B#SBI+JAqtX&tt~8+w0Rx?`ILgIFr|oyB zW=3g6kg^FCVD7loGOwOK!+h|QjdS`pVqZi16kvh5c9-4Qhvy|-J*`azlo)xq>DK@b{BX*%;B>(FlIJ>@zSb|2ZMr)KFs#gQ^gOyQM8?;4`lTn{Ue z+yoP>FVDj?Oog=7EblM46%H{WCnjSc;ih(&+E9-1=j_d@P8jg&4gbGqO3g(R=LKv{ zWPPSHFzNG_Dh$Ff={rnKnw%BPy7~x&sfqp1YNeMB%&K+>45<0G0ah+)i=_;2Ym?XA z9TleZwm6iqtip>z*k^yEoT8NW+prdP%!S#Oms`ie+`#QdW2IMoOl#^<6$1$KE>TlyWe1C+q=9!nfcS=-d zcm3BoqxYBi9tqPzn1iQOMLEiWCYv>?TPK_o8A-#jC(wjLA=EDo#K2lA{AgDp7x&;c8PZwCA`>-r;9gi9DomE&RNwz3*#X2#V zd8mno7=KR7J&&o4VF^*X@#?<~LzwRJ({C))u9G*uS~j`ur;q)D_vFWoBN8;ZZ_C?M z4~Mx_^T^d!w|FPN5q+f^Xn)H=;uT2_><-!DWWwb3;$?ajdr8SCm(` z+GWz^Xc@!Ieup{IS{0SZF+^WqHH}e(HTOM(+Y(^8! z1cT+UqZ4nTN$38%>^3GP7|U(4Do1h==6X?NofwceElZau6ZTCOX6m;`QGA!^jWYKZ zT53AXNYHRHg;l?wt zc;F=V2;CqT?CVDCN-HApB+*Ap3~1U&kc$fJd~N5qI7CeZn)cCh2CooYW2br$QiRQ!H{(Vu7wBTKNJxDlc3+G6SaGGa?0vr&HBdqH=4%*-YYihlX=~pTK`lDD8RdI zJ)mCLlzDTHS4_*dP7DV*cfu$+*6Em0KAyy?&$nn?gV906ZB+}j<7w83@gOc$SV`D4 zhsj_q9$$q;07kX)F5y~4k&cbS{>K5l%TT`el!;LqFAEwCT!#KariK33FYIjMjU^*>1?UT(q6LQZ?UwREb~g!qEyFk z)2(4ag@T?na=n_8-f}d(W{xbpib4?tWcL^0;Xx;D+DnKLF-r3vMMdN3yaSs>H#;?V zS)>O?=b8BzqLV9C!e?m>M785-M8C?;ts`HWcz7Pzgc5~DqGx=_?v=y!{k`PDkMI@sA|UFvH2;sVPBWhK2gwpH!I$!b z08!LHM0L@h@eT`UWNCdKN-QV~W+KDssNlvQaJ8JB)Ybq;mtE=zQrG?3h%Zk2QnH6- zAdK3@d_g#ymERXJx7zt)G{>!MG5%}1UMcv0)hR#!_~IBU-oQf%|GBo1x}Z|J;C(hn z+7%UXLGFGS=jT>=6L=RGmKj7{Mj*q^!`WtO; zakL&ZG8*)-Tksj~ecBtaH0Na5%=k(1;i)qfO~e*3LHE5d_;^rP$cJsR@1n6a^ljS_dbHJ;|%RtI}8uXlm0?Ml~esSv&#ohdGWqTiKut%TD%J` z&1GQ7jx$R=3j3R&mtN&P=9ho9P%4bPcoi0noAI=FfbVWOXiTjMxje}7-BR+L+9S8o z_10j7PWt^p@a1@VjMeX9U#=g)&iy0c?Y(!tlnq6N#E9&?yLiZkhC%?js{-COdy8CM z*tzQh-Y$&RcD6BbTN!~dQdzvYTO$?G(by#h&en*+QJaz?FEX}Qc_=jc_d&|@HrcRT zW&FE{S-g~YpK-NHD*()4GrRR-I?gul`>jlq9_z0p@?s9r@W02{Mqy)#5+s$U^2%oM zlD$Xxk{OFekLEv9)!K;sx8b2B#r|o9zTh{bJ!YPGo{6D8^v$y#YFPAP$qPe*jy`?AuO)6wUh$}H>Fzjx{uax zWhtUVsl0lRq&Dwe1rS-(Ce8QpCS$I*m=(`*`}Opb_RC6+b;y0v?@e0y)`P)9?3na5 zc7n|`Z$sw#W>+cx-Qt^U4rgz7W~gcVZ&;dlwAP(OMe;dEw4tCaMSs)F+F~U5KWUrN zL)2u6ll(iyvA=O*S`UWp(1x}VmD5EE@%lLGoByLBOH>xyDHb`wiGjWA0bua>AE3}> z8Zx{I$@pmF32A!tcXP$+D=g54s091r~(cBA|ln`xU8WiZGsbr|*+ zw4v38B!>gCz7-{PEJW`mVv8L=CB1}(uh!$o{$J|{-`PpJ=#S;b@t4}U!pS(%g zPD{qsZUhN3z1%Dh>OK6(wf8I+GiMAkwO~Jp(qu2tMgbr(q%gzO?SiLcE7dttu0n9Eu zB$SwAO4)+>aKuRb47s>t$KOw2^@L4HA>{3Jd|q1%wH%BQF$P>r*FyIO z0hA;{-X_P3TRYg4WJ2EGkI&;_;(-_u{dJ%TuKoEq@NV(d^}BtyaM`uPQCEZJP#$?3 zq9~;6*{Hg}08x9-@V@$Mp@mhma$ps8EriplSZN&GNItJ)aWE|5FU4l-DsMmGU!qZk ziOj>A!o{95MmAxRyE^a1y8R!|0r&rsct{v|tJr+P*K6FTR|&-@)9!BmUltEpzM^hJ zG^X4CW%0|)`J#!opHDJok2Y!9R6xCHMN>a#BQW2)}@1y zD=8Sf0HGYMz)}UsinNl-K99n+=y%1jb=Ol5p2II+j##Uob}zmq>KJ$~P&jxs96sB1 zJ}HqCv4;P5m$DIaK$yK;;dMq&*}1Eww@$!4smLmKbmBm0)=pU6Ho37@35nHRE8xkX zTzCrP*(xwKUGo}aj$NbhasJ|YCc9T1aoc*4wjPV+!|J&Kd>MSCls+Sxw3>U$7s^mk z&8TzLR%VGtBLWABxz-X?5TzLS+LvZdGH7m%-L!2ABQ}?ACEnnqeLo5W_q>N?&M#IU z0bPPeue$pf7iKP#2Vc~Y*feQc+e|VyJ@KTgFTdn@aZu<~0ILcq;9FKpWM1c2=PR0R z*MsMJz;qkS63Qpv)AkJXVaHCl>xFtT=7w1t6`L}k?{7xwUn|1ZbL)Du|6_ux)iRD` zf8Fm^mXY&SuFbAJuWS_2{wk?GW;Q+T4xMQb?&;saNe{)RFpdocl7F9xAl?c(Dl5-) z5u5gl<+%jBK$wF4n!6xF{Yyjb4za`oei37FKhN7e2}s_ihaI{>$(Ai(J}e8ja<=k> zFB(nR;M{!Vo&4=j9UUo7&h?CYlaNh-AV&SH7lmIx(JSx5CqAf$?y1$Nd4MkjZsef` zNNPisAxj{(6*9@#p6z)5uOu%GQ0!QMVP+`|m3GxtZ;lZa!Ho zLmTRJQ10A3^@|QH{g9u7klwz~y!?yfg>wWw&sW^F>vxymTf*)Xly~p1auidP()+Ir zF^6Y5Tn5nThWv{?>pokD1}6{BbUQCK3G9w}8_jJ`F%5-tp5}ggxcv_QV41L>C7D4u z%C~>;vw*i?y*l8TnN%5F;(m54^skQ$Q>?$cqDZTRj6m#nFD7|CX>7wkwm+FBaox+a z852b>G`rhAa~@%V6Skvq%DWfS4n~S&lDVTf@gvQgH$wf>_t0fRTIm~w;^#(|ZHNf6 zFWNqM0*L0j_D2|uOpKq*mU=ZdEhFD!D_3#r@xeHWa{*&uMjH(hvCO5G`@rF_K%}g)k;&0;q4~w|7 zQ`<2*iU9YNj0R2{cg-!ev-ZI88#gU2abDLJ&{#Q?mhJNJe2mD;75H~ku;W&(8jzd0 zGq;Je=iz$);@lzF;THBa)E@YE4xAJ%%8vCVMaK^7Q)CdzH3*1BEp&Zq!@eIDV>R`3@uMloqz`bdo%g?GHuR=mR3)8 znIw-cJhBF-emOgxs2UM*kXmBh+2TUjHy&C-`;_{XMBfSSIU9VEk73#a~{*= zXrpcZ(3oIUy8ZPxo`sC$(~DPcWl=(HEpC}RV6Aqy0_cE(kEL%#Lv>wL?C_UgLdl*4 zq~IJ$WF#YyOQ~+NwSS_kha$y|=qgD}l^^S6kvvjFS8>LNze_*DSFOhOf_MN)1X+7# zXTSMPh+J@gYrKSpV%DWDIHwOsL|o|SQUlR3fv3D%(?r9Rdfgo#=#z@Ne?9D2w1lcU zd{^pc4@Ca4o&CM;nS3pA<*f-M;AdNP88~~mvLb`2Ej4kDF>oCW41{V~5>H?NUBP6E@%#L53WY-t&OU72 z{0)2Qten;vY6K8^8$wY5H4RcJkPf& z^&eCNTy2@RzkIhDXrKZ&Vt#FZM{7NLT1)m{jF8;nPL~{bxdUGw) zO&`_{rZ#SM1`UwTa};~0XjV2c-pB!Qd?8rUHhLQFC5YlbfM4uZkMdXb%NJU;Q(q9x zxZ^@!)((2QMgN7q*~5Z3L^=LI3QmqDcp!rPwv-+TR6wE_rysUhxcVb4I8{=xDfFLe zC;w6sdxKRQ6#kGQInq&5z}!=1O6D^}5a|f+`4xTt-~e81k~}6&h-`kEuUY*Z~GJ}$y^}6)qMD&)O{rE4KCCq;VZH4HDoq{>Rwmhc6mgil5 z2?`B~e-1`a&f|%J(dP?eUo=m_x%GDND!*Urs7o1HN?yrIJ`3lNcIUTK!NHQNxqmTE z{|k?)h3~FSo`t`ELEbNW&0&-p_Vrssi!EHhC=l!Eco2+N?4-I2B=nS@jl7~gCTy8r z{qNp0^Ec-8)#}55ODN*FQkg9Y1c}MPB^3Ir$rtyUdjSHI{@Mr7Z_OWAN{y2P+9qtp zyI}(>UUMyj^CM%I=;Dsc?mh=iWXFRhCFLUU4ey%U;w+eY-->Yk9oNJ>ye>qs_P2c_sY2*!Z)g&QYX8S*+a99S& zQNXgpUgEo#1p1BZFu^48|0L-4<2p9oh;v5+qMerro{wwI|DuWX{>6nQ{EG|I`ncTVLrcFRj!H~Jn{11X*L)UJ7i1AU{G>p^2baSb zy&9$kk;D*=V{_Opx@G&M$1IF7Q}|e_VCd_V$qJn@zIOL+54YW8Q;wo1;?9I-!U~2B)Wtpsia#vrKc>uI_qo`Cr!@o zKvFwr0{mWuIE;<(Z!f<;uKFQgZs)kferB=YLm}Hhu5B5NfATuK zk=o&%!cmJjc{#V3(9{c^*dAZ)3hvg-?d?D8U)Wf44aY=xi943pPBaQs!_d&2YpctfKCJ<`!+{r$`P;y%F>}5l^=)3xVhR_13%O71^?FXQMJQ>Uno%IsE`Vo6jc** zSF&|FI;uZQ#Wz*lj`?MDh$;M^8>WX6JVG2iqwZP|0%DuLVEDiwlT5B0E=hR@^O!61 z3pSW3A_jvAbBk7pw>!^xBh8VS(;mZLMrya%GOCgcQ7t|*$I6_7>?r3y%Z@1RX$r;z zRAuQp+3cV1I-5-HBcO`}#9cfD-O9I2!v{DK0W6$P*24#o`15vIs*GS&R;QU?nkvJY zm-X}QG=11aWrBgs8Bl^h`nbX10e7O$pEPzfAN0Mls({Zl5X_}AO8tD^HI_!tEdpAw z3rDkSZ{JFBX6&>d5p&4EH>|JLjf&+SxOJvL+QKUi6)|^d92JX5lb$FfYL0@4%r(cn zcOkmOB86AeUu9j3GGAOns>mx1LVgb`Rk0-`aKGdU{IvppEfgF7g8bv~xe4K(F3{#W zwAF}SjkLu>(@s77MAIPB27}{v5d0?^T1py9%?DeBWGE~AQ4R66bCC^~s+D`6vfC5& zL)PR}IgP}G*OabvOAz-fNHAj*XVXpwNwO*>CuZ$2VKFeYrth7uNhJ;9UAgj|Fa>1? zFRT7Tz2Ff1K;9$nN;Y_~-!EfD{WI54$(S5*8AiejqaE=lI}!I5-b_q8l9%wL7dP?` zn)An+*2+=K-0))_I07eWCFF_-%NxA!pTb~C$ytuNrDY+h9~55X-V6$W2edQ&Pl9Gu z^6%_rTCkwLX2LJ5o;7V6sM>iz#G*n^1gBMl%lWoB^%dNm`}D1Z}? zWE;db3|5JQhEauXir3jZeQawm)rB@=7+bzV3^a2y5^6W=fx?i8&CPh%{vG+ z7z~tB>+l|t7O58P_`NgIBQ_)ljbi7G7*k9g;%EzArOdSb^@wwgEHg_R1*H4 zYHP8QjFlg7Hpu)lfM%2P%W%~N{BIU(nzA!|DAQG&M^CLt^MGlOZnvh=?x$VVQ_R-aXnszL8}v{Fh-eP73t$>L0b930HY4Ei1gJlK=(IdQGMOxL z8iT`R1l*E9ahXxr_^UrG1!Yfsk)C;UB|k0=S!=b|4G5oJ6jpM8%0YiAbl45WFU%-H zgUmmqSD1_m$>Nnc<4b0l{S7KCbP#~w%%aeYf;a(>w?V&0z-fs{)T;Ll5sheryXppxI> zE?Z!UnQrv!bbr|YQT3GpQ9a+^QX-9jgrq1T9Rkt_0xB)i-2%HT-7F%~DV+;~64JFa zOLt1Mba%tjJeTk9|K@qY%$+mmoS8d&=gwv3oX`1ET{!enJB0EhQ(uBbRy6z^vyyG7 zl#NRA`3K4>gI3MkUzBFR-fz*e5L)^odB-<)D(?M|4>9FePj52An_`aYRkE<C5>1Gp#eYH)zT4LdKlqoQ z9y}q>>$u55Fr|>txcAQ=FCJ?4({vSZ8y+M>;kabj8-cAUyTzHwO2pbRe}|WtuXd#ZFKI|x*rG>f+6 zgWM5sd)iS-1Ip8d!-btF?bmr``c3kZ+urgAy|W~I*-wL4gvUGFZxWZ>M$8{{WD$v# z9YATh&ePd%@-4Y-ldns9L>iyZiPD5Qw=$`iUpq6WL4rVugnw31`I53fjQb1lf2eFf zmD$khdfIEiVgvorSC3G?ujQlWJUcMeA98vnl<~|Tr}BBE^y~1|Vu`Wrm2wm_zP}ad zEa*|TQkMNSN~B(P%4PR*QuC%3FA{%2Vt#1gqPO>wvv;<9 z3}z&!&dZ?@r}Dyo+|lzoS4GC8H*C};AC^b?f+hDxjPxKl>9ZJ~s0AJdKCiv9-CTaa zg|%H&&xv#V&I(_s@*r5!h(fxq-euO?KsQ}KaIB}+w_o1WB+AUGOpUimd9aa-;-lT8 za)sZ}TuKnjR*U*y`Fs7!g#K<(Vbm#L6T@Lg`-gOL2S0F0IJ_lR{EGXLde_g|M9#4n zL~8imvEpeRB7?P|svc3VT&e!DY>;!0mAE=>3>sxF>~8Sc4V5vp z#=P*|d~;8XwoA9d0UT!~E$drYydkLjCx%_P`)Ou~!_Q)(*3yN5SuR9UD(S>3qCxIn z!1DXk(QfAO0;WDD3H9#f>R^@yi`KNQp5}9*B<0Lav|QL~u1OVWHU0`R)&0%LMNy0e zdC^zh@;v@9at&*s(p$8Lwr<8d-bkX`bfODCvOfF;-6%LGL6WB&O2-mAu!bel(BhLo zAtkn_PmRd4HLpS2m5J5Nx#JjbbR(FrY*=(W@W9sA^v>LM^6%+9H1(s1@{m|R5)12- zpZ4zJg>e37Qb6h_q*S99^ICE14>#t2rXn~|3V;tA4(T0phpCfB?1Dk(`d=qshfC4F z%nSA50~$i!TYQ3Ajfimz5SN6|l)g(V3SKxiV^o;`^-Q8&Woq{DQiD@asNs!yS?%^Y z?sdc%j^~_7Y3=rG^{!jX#^cn2`I1r>hP0>UQ?th_V&TxsFcPnOXT z`kVVQP)6gfSxGbFSg%AOfj}syVaa8p(EifGUXfLl|9(mtq(!=MA>XUoCYHe5tY{X??uB`Mh7f~1KY#*=Kh4KkKKC!6b#j0n~ zn{{o8;%Ur;7A^`?3gpwXPrd2uG~yAQbbNtJ!egnr@R^4skbk=icRt19Xa@`OPV9>o zFLX5O8I8mowEp{q=X=51XHB*R>JpwW7Ab0Q6LUe*-}^YT9axSrK8B} z6QLc_jS>A?+y3jw`H7g2C2FS__4Zi=?D)tYHnvc})Kja%$doc~kiC}uVg9D3h={S_ zpW}!2PI(S3dHtqVN9*?&YPQk__&R^qC_ZS~ue6iG!dKp`uHi(I(yiP-Ug^2Yn}Y5X)($cC zb((uj(qJnT86bu)MXMKM5CVIILQTj9H@NMCj(Usjvv&(%yO(v7|!c z#+bf?tvd zAmA(Ml;`o-FYT_XSfXwR9o^q&wMJqsZyj(1$^Z7bO%xWpK?0G*l#JV^1=4c)J40rb z7{6h^A|y(hW`ccl@Ygwd;^cZd&kY!Xz<>Vz&hrX{UiQ~mQCc`9ibbE#bNBZ&@WHwZ6Du!x4R!2+RCRrL}pyNcRnMr!tRev zu(+80HlVALM%!!@4)nU!$ee=K(yXtVhK_BBpnJ*Bjgno32FB6u6kB@{AAH+o^O2T2 zDMDW*ExifezpWLcb-^2i-CslZqWcZI@!}$tgFEhsv!sJ-3Ry*n#){nNZToc3hvmaZ zTo|jJ|G~ZnyMatk>KK}rbU^)G1y52_?6y1n*H@@ia3q&cX~LEw$w1QSy|Hh_n}z$h zZMde!K&0N)wLRSS8e&}P2}9muTf}gesuYFDvIp<REX<>y`7GSx<8mPS|U0(tG zNAD2AV($i{Ge$|@Y}~0NMG-j$-mI_u=l@A$mB3x)WK+udm`*O=`Sa**))CS~40=yS}f!yvP(rp|!45rZdI}gWKB}l#%(2$)m1+ z58r~@r;px(b8(_ZT|G1RVO(O$NU4>sG(m*$B|o|+%;cXjVN}Mb+&(V7Ro6--0SR3$ zxb(w%<)yIrJ3`HVmW*e>rp?d;IxOJEDZ>^*54~TYfjOZ=uU8Iv7Otg#_M?~yiH;g8 z0L0cNp?bdqC2xYL1EuwqkOL(ex~PM_jZ=KQO}>8kRxV>=Qd8jNeBzU+1M%4$C9qq~ zqzz-Icf*<&wa{@RH@{2B#_L2JK$!Vlya~0iahPT;ECy`z*|ksc2L*XVc1DQFFYoq$ zT0XSTP+4CVhpl{FI-)5d=@FA(k%MJ-EeWF*T9>FO4w3W^?CncO?m+Saw&KE=yzzCm z+v(L{WS0{Sw-{{Y?EfeYEjB<{8)|P)EDr-x5LFJj3V_I9&c~txBoqe&u>h=Mk2%+T zDhp{)(0Y#$08Co$up%Z*mv`b&Fuwf6!L`BTc)(EX>GHrTb8^&%2VZg+YQ0Atq&FZ> z808B~dkNHIrV0+kik}>@@hQC;ip|A=z!V$sATTil_me3qMh_Th_H9(Ubzk~=4_%P_ zvmpR!bycV7)GBP%;}~RgyG<{Nrao*$${1vN1U4O6UMU46&$YclpL;nt?y z#3KiavOw`CP^1Bh*H_;gq>K(1I+vE379*vM?1M_UYxsvLX18|m5*}ZD|I^g8SPYO8 z0kY^Y#f7j~3p>`a&++_QF=w#6T-nkt*~#=y*W$p^{;`lE5Q zi>JA{^y@AG4E0Q68!rimHe`84~e$zwS&gy31t)(m^MXVtS{D{61Ck_N9Ew>k1Z- zkvygMecJ8E5~7~|T*sb8zwXWl!?a(OU$cu=Dp^WL;C^?q+{sPfM!i0|rxhgbc~wSw>F{i@vpdD^VQ`Rqms}iQ**stc+dk~MpMA^N(Cqm0UD%>BQPsxT|LP?0@SJ85^?3Z{*rn2T z5MOfNeU34mj?KDWj-ite-~O3u4g@LkGxE|4nX9D(I38Z7KXlrz`M@AmPVUIE1&(f- z6gAMgvV#cvwHV4WLjhGOjmRlKJ5Wz8_wY43G>niK5%Ac64%hG=(9Z}e-JS)tQZGp2 zdLyH}MIbn6)}>F3ug>E8|e#VzJvi{Uw{Ea^o1;(BUyz7toyd%fynL^FnHm6S~lU`+PM9r`Zz zh4p}e!o>*4uYHe0Uta|JuBGJDoDkejD(*!D;a=U+a@j-&;hw!VdUc|D|C;b`hA*zm zU5UMFYHAt&x+hPre=T+Yh%wh=C$1#D78>03PdqH&Yl-?D427H$g!*Y#Ir(#0`JH~a z4J6&esM;iX%#P(P!*8c5I~@5Xpf;WLL;V+L0aQ`&3}$J2NULBdZ$}K>Y~cfXn4j_!V-C`QL$=v#EKqM% z=tw8u&#RR0sf^$3aJ4*nPPNe!F+TkDyw`cUo@C!m=pRih#~_*}w8@VXyvu_-ZStgi z!Wb9#8+&BO{+Dq1gyxH348mhQGmDdF{;@9S8Nbv`R*q7%poOotrW1$roquTqn_ zdY{MRT}X6#_ce$#qZC=up(R@Qj}l+)exYRGGLZ9E2u26wXT1FvB7QCL9h|1Kt~TDq z;=SeS3{j{$7xI2~iv1klzmrxjyiaLVop?RvR_59779MZ?^@00Dyf>8nFQR|rC+M#i zU62GcT&{5q8&hg?jYBMei$?~8Zz$!G6-YE+KY8?qGBE9bZNctIkTif_R-^g3HGp&sK&zNIbqMgzu2yL4%dz3aXM>Jf)jWTYZhtXirZu}MQ&Gz(U zGt+05T6~qnwLNNCKcjT0MH}m30aXFls1cYL3+i$ic9z{-V!2qC=406i)b#llhkbY> zSJrn5u^IL6vjJoVqFsZIcFS+-Qq&f;5*Kvw-tFPrB?24X?pj^>aeW`$gsi zlfwty=lk0I(BP2+LYW2H&PGvuPd5%}iS{YCAio2`?0MS222pZ)dehbVwo*6Yn_X=( zMGdhzkSdVzJT{yt5+cU&dh`QZ{TY66;;C`KUus%PEcIvMk%=mZtZZV*_uJ6F*<*T5 z`0;L(EZjSCL5#?}eSr;z>)>}M$6Fy*FC}rJPnxw%F&kekv7DX07LoF|;cDAjJKQ-f z_#3Y$M`YOKe9LpS3vD|%8^(k~W-Wp`VJNUzsY6c;!{nLau z2E~*`+@qp?hjHjh62y~Kbq73l3ns%&ZNWZ4OIL(uXKTBj+1XP1+=yKp%w#@$qd|#t z5nxgZ(;aM^k|7k0BwygRpB=lgnA%!=K&1Kb9?mbb-BMqOs`EA(4Z^%h=LO^#?thq; zBFv`oUv%Cm5F3ZnJI|0|Uh<(y5!T^7@f;n?^k{xhQ(2r~eF3C;y0)bfWbkH0eW zdOSgFNr1yj8qm-<=`rZc^fBNyIwr}%YhtHIA68(#l-u;f8*hC+0 zL0V>oZdw7Lgu#LHRir=7K1pzi$Eww&^+y{BCn%qU4>Hs^<@}|Euh6PLHQK|8Uh2ic z4LV3fF)Lbh-kUfzvX`wrr!5>ec~a01Xet;}kTyrFyI~v$B+_2?fpuN?ZGs|+X>UNA zHy)KY@mgTWi;fr;pntJfq--6P_^&mK1Jsl| zlznu)!aw(qMB`Y|8urV-kEkaj6{NAW{Xk6e(xyHO`v+)|&qXHmXot9qR<8&H1XANlk*tWSo4=UKhw!$VD;<%3_;P$+Y**76$ICrvU2dj{eEZ*l7$)`QA&g< z&K6gsc;-=GKQ7mAvv3Skq`@1n48^V<0cJ3DavVQ&9H5j4$3sBW;jt&%YbA^I%P zh4>Z^07;fxA`(^esG!2Qdnq4z9M1}st|FW&yV&0z8Owzi<{Nfk3;23G!{8B@n@Bqn zk#&H+{$oGYdJ5`H- zR(?VsSo1}uBSe}xLu-W{&#t+b)6)t{Jbs??zo)IeQY0xC1T~*G7t$tIEqQ==1-K_O zgf-YftYYQs+^T3W)#ka6zwN&CZ#eu9AhpanpP1B>#`2{5Cf~?de9-7tSeMDfCTiBD zO|$Y7U*<^eR0YqFJmJ*EQ{4Lbn@2@4JX`YXLq0@BF~lbuL>>4HA6sqW5m(}spIV(6 zlIgFBYk4u+$qVKB31TjNB>!MnNw)P6k_MRHwHYm%v)qqykFeoX1k&W-_ZW0Re`tO@ z&V5LeBww8ff!-Cos<-qBf5pg5+H>DGAjT9>KJIggk$ za`hXX-UwSy@m@xj28ks-fO`oDQ`X*6RcxDfpRpm?dcv z29xXo?weGp_jz4pq*Y#QP$yO~sL3(5X z*z>cmVo1Amo9ZZWW)DMN9n`eWJSE17Mlc8$MY2R;7UwM~?tgPmO?Fms!zYA8vNfFgqog_t)M<_PSxj><&Z2cN3$%7A$1dUE#_jwCg`yG(H8);xe%V1Wf8CNbu%%vxlFxoKf0AwZm@|MQ$L8qlG zo4D$sNk^I364@(=*|Nx;ZGPX)zruB_8sFgKgdqKz>(o^ikg%1(VIk*6At$wd(+0mS z-t5I)eHM>OUB5wpT|x8AukNc!@fv~<$B{WMd~;TnI&8@A+(T5ocZsFuNsvL!YTBv* ze9(OEtgx|-e}}84;7){eT_6$cZ7$$DKhKgp-tfMU|KoglClpm!&k)5Qev{dEE?N#J ztLyg|oH-80GsE91>1&xH=&>OTT<+~Z(K1-SvQ%QjItly29DC~21|DQX_YtWPq#HFX zhc{2KR%OQs8K)l5#L&+b^_{<8-hljg*$jO(^vKr6=i@#as#ji-vXP&)E_(KW*jDD( z>UIV={q+IGam}p)L%-WANFm*t=jSE@csbjq@GQ!%P3Y9ThN0=ljI_tg8k@PzbG%I_ z!5)=BF>2!R6m2@_W$b{s7uv0eyC9Zj^V&RV#O$2o`#vGp3KVVv1r6Ba?t%-+d%4!l ziV|Lv(RH^5+gW>zku@cUuxHb5o63ij?xpIKjyq(APIB>2Yg!mmUE}U2Lg=tB zI46()onTwYUD8e7Yf-~=?I!^Yt}O}kg_!FM}xeot>&0k z_JoS+2?S#v$IiZkaCJB-T^uE-7*-p>8&692*Ghxr!0>(i;CosX!7I?Usb*YPHuz*+ zm+Kb3U%|QIi%hUS*8`=xRTNSGp(+K-u8hF-?BEM-dLwTNPT&F+VDVYkdwp9XQ=|dI zC}rhdWe=>uGIZ?_a&4MYWQJ5uwZ6PT%E`Dt_lNt4_Qm?9Snp78N!|W~Qy7PZcV85huib!81 zsrYWQU-=ZBsaeH{+5Kunl`oXbepMx06Mc8z$!t{ZF=XWTwr5`sAzVEzh=d$*p6i*3 ztv3yS?<_q!acz&aHvDq9>GRr#dHF4>h6 zZScW3iOSZA3NLpz_4V%7(_oJD6ps+3gglp$G3 z9<;rd#Tr-Vf6bG@3h$C$C9k{u$!%t)8Q6J%3l&22J4jO^KmaitR=(o06~v&PVRUt) zD@ymQp={(l7Hbkxerx`&FA*fEbNKHBMv%S}2A0$T97*?B@a(wY;M~QQ4RLC5RD=0- z&v&d;v3g;Cq3Ncw#S0RZrVT2j3VFj(L(vIV7vk%VcZ)C+9Kzua$!76A&e~)77(}h4 z=hb;0JFeMaiKOk#5i7V=dme2)n}6P%3WsTlZh=!vY!({Lx(aPv=F7}9tIi=v-h!Dq z$PAE%3hgFoa2^NJR;UVI#VI1~x;A4dnkt?AV<3_hYetUkEb!t4GM{i!J65aKEDwrK z9X=xRf97u4=9Pv|yNp;oBIch5Bi9GP=pWA-2^Q&6ckD$MJ_Ddx0hM!Gimm>n5Q}pm(x}=D!;}Bug9!?bi3zCGC_4L#T7lZFVPyx&{n>%+rz$r%YT?|ButM3C=&$Hc~A z5CR~~?rH%XEO+JrM;bkdp6;%&^?Yfmsu>&qo>VZ1Ln}WSIUb<1PR(dD|+0jm90eJxpap#-PNO@cKNvc@kIF^Al z3bHKo&(KWx$SrOQfTivFxW62RxO;&%-Hu>mVo0rI``l0|QLz1Ie2G6RlFQR&h@EMF+r5b-x3vym5QF;JX7(yIhd(iaw5sGJ4j@ z6Ws=pU#(C6tp%*Z#nkA{xJ&wOqsa&M>c5D8-qGv>48i(a*_(4A#CMD_qTdTY7-I8Hf8bo$ z3X_}{WJtZ}Lt)1i&4x1|VtYzz?K)fJ9qKaCUDUhU>m$eF~oBPZUt%@vY?W2dTst zvdlkq(AcbR=Mzc3>T!rky=YRxM9MS9%3mW?B)BnZ77Q?_KQD>~*FS+*@$}8IEHuMk zmdnbDy)GAzw?&SW<;?pL8i0L%oi73iq21&fvyP!XRob43yS-;p)Usa zzk`K_z2*YkO8Dkjh|HXu4xk>3fbIO*VZ7+g8Az>&Lj-ng1wJ1(SZt~@pvCVw`) za|MJy6TAJgh-4e(M(Y}R1}gD$FD@P!4Q4dk9g&l@D;F5nJDltPGWpe!rmK9@46*jb zHY^kXB&aCa;=dTwSsDB$@(I<2!Ciy7Q&lF5C5XwV%y%o`q|ie?zVOKo3Q1jGn zIgW}^OeBiI@a1%tbm~vp^nBRXTa^yCTT~wrzPF^~Mi%%lKjsj|rdwbMB=>q%9ZV}0 zJEO)Ncff#j%e@AvwcO63gVof$oKz{y!q_klo>NR1qBo)LEy6Pzw2 zts25?uSF`c5AWSGyd}Jm-B_(NMa{=e&0|`nv@XAlx!9|)S31w5nWmb^Zp%RiSqJzx zTI;$-=IVwPAhk30^-HQ+6PRjs5=bTDW1WiOP(2ULbk?@0(OZ9n%@@l0HD;xhg<7w@w@e& z@cd5s&AW?o#{D6=6jz)*ySPPeTby5P@>-yFOX%Ld<68lq;+LQ9T2h*ZL< zN9kWq?MLJ6Dcsxq50V-N<}6Px_tpCn;e79E_hX+o12js_BDU`YXFy_zby5jMQcTVq z1zlWDrtlJ8E$v{Q#3&Sk*}itE5_KW(>frYh9ybQ`!=ndHFM!#i^5jCP)Y>^zvC`+s z^tYt1*Rc3xp%e#y9G}DfS)Yj8+ zt{4y79vYBHXTd&RbOWG8F6RKa354j^4A5T{7&-8|@^|}oa3JBaJf_7Cv%Y#>%+0@7 zlVJEp!TnryQ6ANkXjU`*9Xv9e27z)nw9KF8(@BxWbTCtYUW_fNg#P&}XGtZx~$Ms$;-VY0`bo@HA* znduuLt7mU&t;Ky5GE3@Z-FN2nz;s{5_olOSH5=MbLmFU)j6k?QFc9v~C-rb*v^s3{ z>~ybHPi4VmN1!NI+|BUuH0*d{^txUJHaY4BD64c>@w~G8*#KkK`%(!Tr0ChPUghb!I^;8^atWgq>rb9*p_`wrq zbwlJD5;M)v;W1h$5MWXA6;izqTuUib9Mw%8Z$WX&q{OB@NFl=l75>ndND+k_a(rhRPQY z32J=e?GJ#Fz-T2ee)=$%*KSQ`WnGFPv%X(BOO7A87>i=uz~FW5FLyAJTT^ymwV!*x z_mZ7`yzepY{54lnwvnz44 zZOrbWl#A)}ql%`}4EUMk1m4d(5n^z zn6K^up2|ZnS$8j{lF-%07_ES6t>csr^Xwi2D6o;x$}1FB2_B^6_ZYNq4VbKNTx0iM zLrQ*t)JF_^QW-r;e#};C0XN>zNV3u?5e`!E@M7wW@M5w!uOBrGu?n-X7!iHo0;vJ~ z_5a6TKHV_1^95K9yqFF`fHqOy7IN^s|5S+md{EzB<1nZ4pfrZaXW=-zx%w7}EX;E- z%NT?D1b+h5Pr=IfHqDGgxhQ(PnAXTx5;|DU_5K<5u)w|5`6ZtL#D`Ak$sQZ_XnGQ$ zK816#)dStk`&zQ<^s_H#IG@h2U;f*^gsuy!V|&=y&DLlg#{)wE zyp}4p$^r1`rD_9Ud_>;^>Ij$i;z1;Uq|tTLq>$eMD&p|G5%H|&dLCGAuNDsgjN)pC zl_s}<5A!HNyIIuTJXCT9NE6SA9^mZhAN-~Ufu*(aA)M$v88F3tAB=7g55JQU2K2gG zRu(b$aE_1qws6oS5de(n^}N@Q>H{TUJbVs(aUcuVL;xVNlHE-9mF}wpuWO=9X+I1p z`xB979HtTs8hnMFZ$O|-mq)eMv<$py)r8S6ATSuoa>G9nhK?LWVGUcO)g+pR%)H2A zwCXXCL{}5$k$*D82Br+g-=G@kKapmq4U4fSfHIql-Ym;ZeVf1r7pWqExw*!HR#h~v zfiN%PXt-fz_&?GXG#$t@0o#>2G=pxXoo{W@Jv)yaM@2GWmxMQljnP7Pbdk{c{|U1^ z2p=dQ-aWv$2S0pu@GMU9tQL(>2e^x6mQB?-M9ja9YmkG4Lo4MVB%chkg^vD=yaBM{ zts~|+9x4K%Z&2cVz?CH5`xVyB2^tGX#Jm`wL2t@a$@Y}I>9p-(ps&yn36w0mf8s6S zd>$4C;nXhHw2bxbH-<*$0O0=T9Q2*WbzR z$-s(i4sBH|9$$Z!rByv&=cesP`HOgd2|i%|B^ni(brpJUt1eUNx_qhg*E;HOZnO|) z4tYDUty5H!T|{qQUttzJ`O`x-U3%V-{H9yUYa?Ao?9Sp@S?YRPS%0?7tWiwkQMS** zAB9C~7o4A*Do?x=gC_$k@A&OXsdSt<8nyZ_0h=44S%J8QAmsR@W_>ce`!>d5WhyPQ zy!_lOf_fjTXP3@2wccE)#w)mwoBiai9;^~BJeZhE=XY~f>az;|xsq?FBRUFvQ0A!c zoCP2^aGKmbA208ITnhtN{n=CKiL~e5epzN`@nch&0(JsqsWQIlAHlq_2a^1Dg>Fwj zamTK2)kVvI-1x=SbqqG^z4qgii*KP{U_kPcFMIvkVe@Nu1@)|G`}H92j-ab|*wv4( z1g%~JKGL8rp_0536z!oN>MUNpL@GIb({ zdfF}cHuoscw_DGNpw#8t)yJW9E$2{c-&vy!lH&>e+(1BLHAi658i)X!=&*9N=Bys& zF<>!Uv;Lg&cwPR`EfaMcItVkP;AizarIcdzMRu~cu71(Lp+_I(ie-_E-RXR37(r%ebYOLk!Kin+~H)wFvt$R zhl`t4?!C;Xe`CjySdcfgX|W!;%w{B(h_y_!;$-vy2w(E>rD28vHS_VHr|7ARNH5Tx9 zIniH%VY`m>*;;ryyhgZ?ayi(Xa;dzK;$dw(&@d+CTgP5%+0<8U*(46+$V4dg;Z61b zd9TtB@cz0ZK39$}%70(5g)=Cfb#@6hTe{#^E9xWcN~D;P@8 zIZNxFy{E%3<8-T=TzYp>)H3h;EBU4UrZm1NO&inhRl?vlNz=_dZTGc|;O*0&L3?7~ z_IKT{ZPsVul5kHyz9R-3O?|k zj=ua7d?fQG%Db0hXhtf{b}y|EbUSM4y>=a&A!y5xBw3sdFONKUq_+`frNJVz zUf5@%uy0J7*qs^en=m%s+8bhQ@Y&y?Z*bVd&^MUvCD1n*?B~%op4&swHpr$Her)cd z4N@+0pbg?@!dmDA(=eK$lDj)?cjCLFZBVh@`nEff-Rw4~@NQV!ozN*~DbW+JnNl|b zudz}J00InS3_wco)^4S2+ymubQ0I=Z>bxu*Y8paTrXH@HI7$O zsTPh`OeyNgE#q!U3zTt}y7i7>7o!zQzq`|NN4q=P0;L(l&^~CRqu%|~0;AfEXrZIr zb!mZ-?;5nwJ=>LSfsyWVw$PF6K5Kyy@7^}k5$&!u!w7ZPmA0nusO@fSNPbLQxYRoShHa+^u!Q6TYQ`{%16WNMoPJJ3QKumO9)Cl~U#J zSC}Ud?d#^}*b{uEmVQ+@h3|}u&}?zFMVp_aO`!8^1l8Vxb0k{QsMgnb?gKr}4S>Q8 z;d(a@MW8TuKiGs2&q*UGwsn?tJ&7mrhw#gOf`ViZhJKW>A@+$-Qf`Yk{<=X_s^j-d zto~$UJ4`2rq@Cup$Lm}?@;X+nE!y}ecuDfj-e~JsJa=txiB^Qek$)=vo;M`=hmQz@ zLIzFvoe7bdCkyT-ia;7O$j}HJ$9Gic8C5P*y*af?lU|IyC!_ zhkXs&mn_Cv`9I z%I3s^BGy0t6#QUY_nGO~d8*vIgZ$K4^J*E3mXV;iwMMN>SUfqHR+dN(J_cE3g%{Wshq<1-c&-p7&UuSNdma7|5yZMB+F`w&uZI!%dWwB=mV!232z)g*#A zkA*>zLneCOgw)GUQ@9yz%ojl9z{f##ZgB%Hq(~yCX}XMtmk`(l+z-k_kHDeci1kr$ ztV)QO6?NroF6m9Uat`5;`vtimr|1{Z;SYErxVTYzCQ*BJgih z(Ng)PWUc2e|5g2cmgaqpq3?QnC>X6bg}Z2s&L}U1pHw%*u_F-8<$0e$%`LO-KOd3R zg3uz&-olTUT$E>z)%`+R<;ha<<6d#76<}{YGUlC_A{wIuLOv9$7j$urLiBT{k}~z@ zG$=kUQR${i-)16A`@TD#MXA1`(w*xn9VkzJm)=svI#y^{xDd_?7tYJ}d?y*44;-VO zr6#fpO0iaOxntRS4|3X~u0vghr6{ z7OqGAD!n?AKP-O%*Urmk8w=SiTsX@-?^XvjsRHJWbGc^|^paIlWt=j=x$JD8rVUa0 z*#%oiAc2drR*ms$<+@hXR^G&GxFc%?--{h?YnQ6KtS@CfGCCC^=9fMOcOqS7Dr88> zI01TZ1Ib}}+6abiU6b$^pNLH@s?IQ;s4iIa1<#nplDF<}%Tia7fDHs=Su5`T6qxFy zKuZZlLGWZ&E&3*s2SD_EE^5`WXS;NBGm*}=bS~A(EB2GRaQrd@*`Nrv-k1Z_=9PC0 za<}YD)Wy|;6me^(bJWDYHTRKqm`ta|_ zdmExe0^Z(Zuts)S`5+MZdT*r1q9B|w)!ccCF1xLh(&B2<=4(q%gUs1iQ!kf9PX6BG zKHJPo#Ob;*jCZv>SuP0tMg){OVzLun?rla;w2h;?wmqUs9H^Wo#f@9ixp9Uv=EH)Wn}ryN59r?L*LDzH)B-^Y%(CE8W3SPp4IzU+e^ZMXJxcIe)_Po9Sr zDYs@K&)ZB_qWNx%i$z$JoXcqZ6W^5n`Cwp|UOH@bpA^b$F$MaqSxq3WO%mA(U;}-y zaYrLYG!(i%&H4T?(nw;73m!W0*Gvwn7Wleo>-j62Z?Q;UF@82|a1oEwY z8)3=jF;?&`vL{U}vfO^7+;NTOI`CG>swlFL`OR7}dTGXMgVJ;y6lSToQc#4o2QkrT6!%XllOT)K)=;SApdLfjO= z(oS{as9j8Xt0R&=B+0V7EkA=wST#GqiQw#|FZ2S z=^FLn`fQ1VKd`%M6d?ZCwEBW(Y}XO>1Q3!fEn6H-F}O7wa16wYt3Zz_fUE&6ez|jh zSIo7n%cU)>^!u)OY9{|T_E0`O(KuQ!ohIn&%iWYWnroGUq#x41_%jGwAY%X zr6=9Q3&Bt}-`xhxfImd@ffMu7(tq35)o9@n+odL7K1#Eox-$01e!>>ZfrjeXnQ#9L$Ag^C4Bn*Xon##?a03W%LDe*b zlHW&`m;S+^ps;9)SkJ{}>UTlgxjwDn`nGmo$qV?_cIi87R$Wf?jT3H#*;$1!dp!X_HuDROQ21SgmcdybZ_+hlwd_o+j*LDCS_PT zMkZw)%*ISlN~hSwvCy9+?zQy7CpTG70V(O4X3JdDl~Tvnk0B3gZ*Gjq$n`+4HR0*{ z!~q?eTgp5X*MChb%E~K|81DWgQ;`8ctI_emY7ADVZ&sk5$}HsYx$^^LXXx|*339!} zc(C3(wX|QK=)b?eW)~D-M^23DZgprPg-EA9P3;5hYbIpO4cAX1T|qxI;f-!gkwJfQ z#hyRN{*M1cOWzi0+v;ME_7A;d-I^Az#IE3L^faJj;s>_oqI-9s4b!s;bJ>vjyeXR^ zjz)ezX`~ficIlKUDZJd7HZE)M>V3C1%+w1`f~gHss?qS;>>#JEjtA4;9-W!mwoV%_ zxyG9+RF_w3qC?`64n5H~OhM6YKJ7Hi)b|s+gtDb*P+GDsoOK%b*8Jk^d6gSyH@2y^f>Z=U4>Ae>{T#nb8W7&0j77wO%N~7U6y119|sv2m-pj;ne#>nEu+hAFBnE(1}#{WceA_g zW(ad^is+7qFm9iOAm0u7PKc%PohIKxYw3YY?uYm;GuTk2tZ#bqJa#k2L^<7{AKSjU z>GQP5`p*_^Bz;NatDMwn+)u|yD;T z6iSPR5HrD#-wplauZe;PPPeK#;BPmB1wEMVs*OTGUa~s`I9Jx{aTUykaqeL~HNAU; zW#^;21-V9&tUS><3RwiH;kf_stv;k&smHK0Sg@*gnWPQcNqITsCweaTo(b>iq?+9ETi$*n-<{~8Acl+%^dtr;= zl_ieH8q{ezuk@PlD`X6Qo*r=6pv#|bb6BHye2Cn=Pi*lCgQ~DV3WKV1JgF!&=wH%B zsq8i2vh7rL<^vBtFaIOpVE3YvZo7k?k3n|yjEs-}^?CS%M_u;B#;sh%uwM6o?GDqf zT0|$et-hN_Vkx;aMh?$KagbI3ebU1IJydC-uIxO^+{)Fl z$Y0bW8@1iR-cDULML4WnNUb8l!ExS<5JgM&`C4gsf)9HXH)x7Pa&gfaq*M=4#|HR zYr!=zHEZFey1Orv;=!UkOWGnW!_`mk}k~ElrdSms43PPu7Q<)MQoaK+3w*| zhqr7=ubLi0^&!?0-529X9W^8Gxd(8BRY{sH{@He1q4o*yJax9nT&fhS6t>7)(j%N@ zcI!mtWLmwN23jM(S=;Fl9vl4>j}e9w-bL41r1AS?lJEyuH$`@%(!USbRC&7N1eAFe z^Xk4(nA88#+qZgtM`#Y8fIT}yOmC-=(BSn1hR_i9B><=R#d+0@p5LX0!`9DdZ>cYD0VZ*a%#TN;*7^i5 z&v0o;RnHd59+R?ZNyhc$WJ?wxjlk6B@UA?^c3pG5;U(tBN1e(jl=XW;S;TRT_nwGBl(7*t=fkMqJS)o>5 zTL;Mm@mO%I=>6Tq@bBuH|AJ|^*|`O;ftGmcq;!aE-5t_uXyrX!&1DnxD`c1>BevC` zl8g)!+~Mbm&Q8Zbb>pXM8PyVl;*}Xu5pUCr!DC^(qDQ!m@m}ed0b-#s zQsnSWX>qLCc2TTZ-$O%pUjHuPx+=x2)SHabn1)v_RiyPZUWr9)kl6g0x2J9pIFmst zlx>4#VtFj0G;chL#m+>`v~DBQ|4n^nAf$3yU~cR-9we@lgj9UD4JwV{u?St!e6|USh#LNTHt(B(OG5l>g^+UEB1Chq#$*QQiR&z( zje@Ix+PYljB9HhzwCXXBvJdS}u6{4r_sz0R0#$d~zAc8gTiJXw%?&13!Cq!dJfpWnT37e6u>*iHcEDa+c~LLWB<|S@TL7!E-AO7l zk88t+gTaUL3{dr{-Tj(Nw5!2w>o~!mO)GYP2D_I}??R!Pyy`+3){B?nKc2RBHicgq zE~PjCm9-C|&mB%fh;Z!&BCt59@g*BqA6~Q?$yZD($xa8F2&DZg82($&`Ueh|{Q#Mm zicl$$>(asIaPVpp+_{cDq;8B_neGr2QNm-Px2kt}gtDxXNSbDw!*D&VoajXy5-<`t zXOuXt{^wh51FZTxaPjelU+*U*1yXlpuX1?{UoF|zG9#-bTCacd(pqTsU+elAnx8(P z&QX6G%Aj`tUTNbfDKwD&z}n)HG@P)sJ5#BbzI zvQs}nB5Ea#6M_)kP4&@*5KGCL#k`gyekrU6{M2qe850-#1w(V%gfB^n=_H{_p2fMA z=Qpwyp32q~Y2$S-MT-|LVB0J=b(wTz)C8J3SVjSA)2wP%85zDpSWf|VB*x~P*ngeE z;%29LG<6t^%`NMo#4%e@vvS2ba*yDMejW?1HNEO{IuUaCfB*rJDJvg1WNgCd#A>&? z$;qa#9&YBur@Fm!JH+f1jKktSM3N*OJYKx4Lk-S@8TQRp$9IikIoMaM41iGnb&`)=Xb$JTfu7 zh`bzQR(LAGW)Qbl*>|RzyQXVh=3l}r&{nLtLfFY8bAJ0vB)B`my$Qpni46XX{@X2l z=a1gCQ+%BqT^!IRoT*D{%tx}Wl|!F@TX(KxFzdF3F`aAPjr)otp}MYjkKc#+!cUIc z(f-eXzV+1sWBf$KKq&Dh9w#jDPY+q zO|)bC*Na}R?-BYKZ}pRwBAf`Rn|J|QtyV)=#tsYb&-9ZEK8YMZ8oLHXD*n`+9vSY8 zo3i-c^E=)(U1Pzv2h!Rk$2mu+TqR} z^Of#>k=o*c;%yui?|rg+vD~T~2LHVzy_dORN1FW4*;e>(-1hBKt8&`cUF$82!1brs zYn>M7i#QK~__pq!X#@ z)2A4h++29iB~tsRqzT0vPk(3RW~SCDx_Y@W>eLe%oPDBiWnY~>ow}l~Pn^O{al4@R z&M7dkH$OXk5)wZnsVkz-UeT5+c0Au9<6h?Jk$_X=H@8n)addB=&|a}kSp`{B!?`k8itpf81PTfDZ!@ zdO+vT#f1fK&6P)a>nc;1=HA?w&*d3ycW$s#WE_jHLui9H?aU);zQn!~b+5fnk=~X{(HYO>!T(OY zXf(=0U`pLho8OjXTzTuvP~E=WHuQMAF}&_gy2=!bqPY!fQha~Jv)ITzc@^{TRIch* zCg&v8{ni0)@bnq~+s))#)Vu3)^74O#8*kfh-LK}qZM`)8zYVxc3+NoJxM_^jk?ykfHcp!uCWeUXv~`1;)HB4H1*j|4v0^T<^on-X}1^FXKF zUdj-^Z(ja%e@4{!NuB}tK`gv;3T4D{SA}0a175-2E}U@ccbF*ZLE7gPb9lTES#5*+ zz1_W1h9**vv2K@{iy8FK|VWKNp!{^Ou;!ZZ0_-`23`g_?U~Ddrhi`*Uo+zU{Oc$jRE-;2eH4BA)D*wkaKnsiL+D@6d13 zsNTQ+95~bIU)BJZ$Q6q-tn;Yez6gVJWo=>+f${Xj@4&Cp;2ckfOOu!yx5>`GZ_8W+ z2p$1ssRZ8X?i4-&00Eaun{74sLJ5+vY7bK#!ij(t*8fGdBnazIJ?l7&z+F>wZ!OH^ z#UbQ~>|N|44AWbEe+-w=emY9ov0e#R!Jz^5SOp_5PLxIuRR;t002#%BI&k@R1635( zZj31yDzFS2y*2Lm4h0v^icr_e@!e6d!19NMOf9H(8E>pgr)DUPaCC*8m=wMr_+b=Z zLeOVdL^dy*roBfImcGrB)GE=<$-5C5Im(#cDkTcC^Gz(rRJH^%Smh3>EuMa@Bvwmx zqUH45_fQ6A6^uEgD_QzRuG4)MRYx3qM{oiKBAYT_V-R`dYqpCp1%%vwn@5c{(fSl? zm_91w;Aj_*NF_mu!U+j4)TckPN8tC6PF3&9GD zPznghKTPYcovJY^#%z}p@aFN>nLyPY5__y?R!|ei9b{53z6oVlGGPH;p^J|gGDCE_ zsC+(F=5O~$WOMN0yHGoq$T@qtzrnM}X2e6pm(#3Up^=R8Zo)Q<$ViOBuxkOWmI_Q0 zM=uI26*_iph3tx4A&pM;umoyyL`5ubC}$ltx0Vt+#Gg9FEbKbxl$F3Ac^XCQ)FI?Q z&XijWO2Rh$BuYx;-INaCqNvyS=d5NFtch^LYUeY|vCb%@7vQC_`1AR!6dPPD*b^v- zLJ-dDJhy3{Q7vb4wTuz+MJpHTvDBaPoQLselqIgP(V!r%dC%a}EX;7y!#;iW>KPRV zD>3sZt_S3X?~m%$WHLO{+!0OGSVu^Ru*<?^CD+lV)5mbeSEYAu?WQo7;X^oY= z>2sEIvj%X}CTk224=O~sL{4c9fNKc9roak46iwev$~ID{W(@0RI=5B zk7K!f9M?usTFR784}8oZLM&US&IrF7M2;}h`F6&xv8ju56Yn9**%A8TxH<8`(8Jo2}a=nVL zW_E}x8+vs7YfaQgu7ZQ1{_rlKL6qX_*TbfWFTNi`Ber}`$G#9?V|7xLK!2a}K6wut zP$Q(2U2+JO4V_(JD5lq=VuNLm1*<84Rct4l-ZXnVski51ymsdCc0Naq3Fn1f`1=ZId>Z!842zwWD0RG z=!GQn&Ta2&*RG#el-x5P|HbWHi%!X)TIm$m7s8dQ50ypkcZ?8c>-39))Ae(yfFqc) zagKK+Ixx=ea2w~a-e5}t%{I7ycNiVpgiujYuY7i@8^DC6UlocZ^VQA$?kqVKI`IsO zw+#yIm)x(==qA16)M&)2He|HraZ|K_m!%ts!M}#I@(&`*<;8!$S%l&Sl*gSRhzv4$ z$CRFR8-1s{Y2J~Bc?WIsf!Or{Oj>4h|KYp+>tXPPvj~dDfrvq6Dg|)CJC&K`nMq@^ zaF*e9+i!;TX;kQ{Q2FXq`H@_QHMlO3Ere3)p8}Bu#9Vmkmgh>tf==A=Ki9SYh~qUDv_zy>2L+$D^3Eh=ABWfu&SOFQ zi;SUGof?sRWjId{7;?HcDfv2W^(Z0J@_yqZQe~@{)`jyf-i*P{GE(Jp=LadyK2k?z z;aQYf4?B~B364nac)hYEQ5L90%PY}sv(@^UqEBvkTb zM`378C%tMnqGBFqWj&6AN-=v+8We1&z4c zcojU#VBQJMAR{7Gy2pJH^#1I);Nen`J~024WW6w0Z@o6W3ytRlGv11==K?m&>~*dn zXW<4?rP7{>wBJ>vFnZ+rk zS!ud7M{D=rtjW?@u0+#{h+JofkN)5j9frdJCR2{!r0URsYj*kXm;(_V8nXJ3wjW|R zm>#*|NR$s!_%1wG@yr*$4`_{YDBm2#vdd#)qD6)WzP}+H-w@Nm03rd^BO<)yi@MmC zm_Zd105cUZQHy7zX{gUFf-H0`Xz}S(QVcq}ZpjNv;g5GXE9sZ$^dKggt-A`NCjDH_ zI*_qI$l2dd0?|AlT%_Y@WI_!FtGIXH6$+Syh+2@!*f-{Fra(vOMOSz){T|>gC=F@< zTbZE4b`7Eon7=&YB44zFC4Jk-zHlChGFOS&izNqt zVW7ls{G3frM%)v?jq*(}O^i8~zvi!f^sUbWl7fH<{vzp3Y`8z_j9l=x9_c;VC``Wq zdvwf+PaEu((}at#RFJuZ7*5a{Iaz9_&cRPZlLoE*{Pac=Dw05G`bZm&k^k;q|{co8i&yW-%m_IpP*qL zB7>_xi4O}ZT4M|jfCRT;V$f$O@J-=R1_bk(C@$VkQ7Lce_4g{81DHNEy^5= zXyUblzHui=T%kdbJS`6WPTDvgt!Gw)x!C`coi}})84^0&#I1zpyO}%@R6#Sg9<*=T z{ct~^p6M>2qScYVzaFMi)V$sZ&fR~O;Eqsuf0JJs_V4+M7(GWoydR&W!1R-L<{nws zk>VqUQ2GTZ*!?KzeHY+keai}mex*GeTvuLx$=-Lx)HO5BDe3H(;s-BKZsb2AS9c+} zjqz^Vl>ewnzs_{M3@(%Tx#-wtS_Z#a`@M?Tz(Qmvi&tteAjfk0y7nhLj_|z|3#irM7tGy33^%cNp@8^Bgtw7S z!E~DbQT4I;G)UlZX_H2AAHKzjJI4KJh1!HR`-#?jiYnTDrG+|uvjSwGIv)l#um(!> z$T*}5)&b)W_QA;DlW?Ow zsjLw>p!%f+#53C_0FuJYCGjV7yOjb-^{_iN7xi0#-Yv&_pk^~cyL+RQsMN=qC(kNP zCEGoW%NY#EI!{(-xx+;J^HJHx&s>Nd39iqL&>jA+>0BmJhe79*I!QKcp8vuMetJ3H zbrn$eg?(<*_F|9{9euc*Usb4nY0(&Ld3jof01kCNcdpO(OH_as%MGN_zwEB}AlQPu zv3vEP2xX>FE+GEh^XkEFW?hCf%xS@(@BZ$Kgig7@Z4QumaWn2M1yn(%wiiG2_|f&g zsCUxL@wm=y$_rZNN0*7?@%DFEK#a_wr-N&%obKasKho4QhP53kmioSV5_UWDr<=@? z6@qfNZ_bXV9C?hr>%cPW()0N?rghb)W0>!)r}u;I;^)LcGG3AG4htjs=i+V1hThwU zjcjW>x)X3v3;iCtka}bO2+~`{Pxbec;nKh1wD#d{QyXh9n#uA=vqz4XEgG__jMR&B zP<%_;pXXP`_Lj$?J5*F#1FyI*xv6S}dMA(5W<0M;wD)rY1-WN9lq7jBx#5h`GtE&{ zQFroYL7rueI`3`C1Z86${;?^>m&^v07b;e>6r<`?H>setYo`nHw;D&k{KQZH$(CgJ zpmnLX8g0=l>86q&Vng?{f6-2Ld+g~KL=x&xU|#{B-S2i4(lwSUJupPo&9i(y`EfSm zL2Az6B_l|X@_LhxasF)NsQa$OGK^0Y%KZzViQCZ1;cv<3xl26ag;EQh3AzROfeWop z?qR2LxXi~#rRJXP#@|JoLY6N%cj6v4Ga@3ms~`Sl=%hI9S%Jsnp(3)Zz;eep>G#Wv zmj){GeYB|`j9S>MS-g1MT%kom+S2)S3}JVhkUPY#PEQ&)8$Mah`-0YoGj?TQ?&}PA zF6*oJ6H7jggA3e`fIt{q)3;Uow|hRk7(2kV(f%0;iWA#|r}sJPY-HQ?CoqeSz+)b@aAK+ z#69C}V~JYsjr#6RP#=bFCx%e854_yCojF?;?!59nfL01D?XEw{v4LI1P?Z&g1K5cgVY zZrjlY>q2;&J@4EWyH2xLCO8#SPI=(wFP?f2IZP*bvmuwbn&1^B2Fm`CnjVl;&7HJV`d>_@7r7!< zng53(kZt-ZlXnft%W8>ERrxxlkVrFj`EMa_0E9aoF!|jOwo$ZqQ$9L^&(Z$%@?3mI~zmU?RBh23?PuW@wZuiNUOfeDJXBZ-25pVA_v-P>Nu&I|KtxcJyPN<*;7{x*;AEXVX7DNHO~0SekZb|K~2RT=LoCYrbA8H=Eb3yepa^p zaVYR{7Z4LL1=Yvcp99*0I`~?BmFi(6q~WN%Yj(H}qj798b9RZSh^K5L0Vm)Pc-NS4 z2&s=%9}&NNC|WhbCQi4P_*nSncObDn~#i^ajjQ2ImYB3#!);4)+u- zm++UZ!jFHNJ%yUm*HX_dw1fj7ce30$y-v^)VQbzgIRi4$31fgF0H^J}Y2!c*#dmcE z=IhiruS$URq@{n2z0K5T`kW=eO*-v=$#aVV+u_lBKn3s#b2LbYEn0qWdT4yn$kN^n z@k9C#sJRCeKq5Z%6Mdq_FNF5tw^9TEz{W0wPxSdbhtUati*4lsneCf~HXWdz%c}Zr ziVMeNNLy0c{<;^eXBeO4ok)ww?mA=Zr*zI08|l+L57w03&Un}^RlGs^t>g=;EyND zR%I$EgSf1rKS#$zshLQ?>GFUoQIQ8NBfM6nI}`1uxgT)853eO;hHBiyZhwwwh1 zx*G0kA%(h?U#MuAY~=9+mjxta#;Ef*;keCG#AUCa@yln6_~oWDJUv76-C6ESkSySYz(!6bt^MrKz>zAm2OYH6vwKnM}Ya(6CprmvWk;O`C}571{KP_=q~J{lVdhEKcFj*tJAY-L2_LV_qY? zV6rP{=lKdmwIDZcJ9Rr6~U`CZ*SKu$d zPe`eBcM~l<#AL1iof4~}LQc*2!8UglzR?x9xmSnLosn;a)He`{YqG*(-iCX1i*j8T zeo=U#9IQ87fU>!YJmywgX1BjPo*Xt8Bry3m$c&sOUT9wm-C!RVYK}fY|IV}wL{emN^K5%&FR>M6PJ|b0=3PUC7rQN?f;xJYNiU1a(@=?3m*uNr<^qt9UJj^ z)GySt>psAcwWu!tStja>j$j2UjYED4ycvt2l`>O?xn1m+zgvV1CGHHwrif2Rh!>^&^V8geDw@}jJbaiqjE~M%DjPZmf;Sft)!y|ncbuKhRa z&20Pc6J7s1_UjJQ`$VUG4_7N!T>W-_T=^-f{QF8kN4(+CF47uMG`%V68Hl`)XMZBo zmKYyoPdUyb0_UZrw@DEhmP)@Z*uTrdX%(0W@V}k3j{UoienK9AhYT#OUne?b+PzFR zKHQ=ruUuoOS-;F^3?W<*Fl;)!1!mcg zL3x%B&wh^EizAf`9{KLCe^#Aeqm3TkuL>B#K38War+U6lAax(SWHkakLCYpDlg+%S zLHd=AmrYKNXP_w_i*%YkBL%MSGgG-%!R=0`ebrZ(D*z45lA95fTKdMrm#p}=Fhj@? zQrVpS5jEMjFsFIz0yTN8l?+Qsbvchg?0KGc7t3#?mLhIZsTzR})uf&Ct92CswPp^S zd=};b@@1t1+-v@C!ehGrnUAXiJ4x=45rN)auE??G8p8hHif<)Q)FKf03_LDe=f7?W z6v(>iElLxBov{PRj#Vttam;u&T3V~v0;`IEM*5h9y8EZ)!%u|9!;&3~#62ET(pCBe$}ydD_3vLM#+vQ$8(8D^Lfb*@3hWA3Awf0+03Mj z0PUg4Z0~)RE7v;mm=uHc^teEY{{mxj z9j`^a=@3k@lUI$QQx7Asud!`9lj{H%g}oF3rnm>lNrI1`aRV;&n;B7nuLeU_1%st^ zq)W(so2f->k2|Rgw$|#E-AEap*nU!C(;?8PpB>=1k~SU^RX3-4MlNcNQ~Y~1vV7p$ zGji4RZ_$dh1>lW@X$IPQ4{Yf`+xj{ruWjM9FRz9=?4b;t2Xu&mStp;c9^b0>k7I%q z1EkzJHcP=mY`bZiT74Dn*0;%w`P*cs3HV|{&=HS+HI}0S+z8*Mt$lAgV#MY_+gk)c zm-;q&B?01b1aw(euG9y1SvtT-l`gN?1Io;$mGvVS+>A5_XC|K@wW=Jx|VG7H92mRw05*a-5kK?X^V+K-bMtm1Nb}& zZ$CZHx$eDd<=^I>wp=k^-^x=oL#`U);Z(ZmoYQ>LHDU0aNC_iF9PLH@X?Gqyp~>5m zLQ9GQh#Ge16M#6A5*8G&x1|R-O90M2fHU%FZ77 ztg^FnK|~+`4F;fHDPeE`G-mEmJm7+PC?!lhXm4wBPLr3C6*sDKZ;MLE?i>>knE|nO zO@QHdqRm{JnY)P&+uD*UcEF9Y=vh=12W()sg73PC|?53_kiG%^7?}+gx9NwklOlZ;AOW?xV z%L>*T{UH0w(%Nqi90PoEJwQ}FR%D=Lic)(vfk@e`*01kS*>TP1|eEz%=(4Ee)@~fMe zeMPxDoppt;o0w&VqC1^w1-YB}+sbuUI>X9p7cu=xZ&y0)N@*AI*OmCLbZR6VP9|=9 zFv5DLYY^n~W*a&Ld-DYig0RVt1_Ac=wF-L?+kn7B_BK#ZAWIvv$dIv(NF+$t#@I(l z-3H1>NYRGu5zK0xH6zTeq_x%iTVZR|_qTl3<#AI+uRU2j_ziA8JU9)~K0KHWgg!iI z4aeR*$PLZjJctcp-aK#(8s0qb8)&_G-f=z#v3PP02eG(urUtP%bD9USTjYS^iZwedSbjoa(*kBJe&Y##EM$Whe#~RT9d68KqvgYx(Z&<( z*v}1K*fE(6_xBG}Y2qDFAHjsyf$zZB|5`iN@W)6u(%y|>Zmd9!!EF#h-8@#52R-wg zOzR1tJX+$x=&mEUnJ%z&ui@QxFr1p|ow=r$DK0Q}wPD^Qa+nD$On0uK-FR2b``JLv zT~&Dbc@UiR>#oB-(k_U1dLrD2R=oOnpqzkp*P$OV7lJxGVQ#Q1yqpE+aZ3dBPEpO> z)rPxMi0AeyJ_OaWmlW!qBAFYiee6!bovS0W_vlPPpUbUy@pst6Y!c{jhcy>b``DF& zI_Fps=vPZnGN^kBYfh&o-I;%BL!v-ry|h17PQ>xV!!C;#p5ZjmckrFZ|lz-GHu){fQ%+G6>9=ogS^JF zXcme_e&m|v;01(LgA0<9+p-R9lUs%i_P#2-Twst&IIu9#U;8K}nwE(4HSF?7A0=cy zGdm*h)nJ_8n-BgqqPW4PZ1^GBx(8FpP@(y*kfB-&0nJ;9qwSFm04G04{T8TLgZr_1 z0dwsBY1W8@E~c_^1dzjR5Z>%q(!i=?)SRaC{)}@V3x1WzQ{`J$AIgt_l|efCn{vYK zd)vXv*v4w5j_J4j0u=*rKeQ;PFm}PkUujy^cJpQc*?1OX7w(VLn9`yLLi^9Wg&(k* z5kg|8j_dv4u<>TXP(n*$E>(-+(n%^DzV5| z`Aj+Ys~~o(b+X|PM&+ruY8jt+48CQ#!#H=Reh`b-iuVGC88$J-C=iCW2+zK106xsO zi34g6kw6thpd8hh(UacdZbyCh59F`*E%YvZ8?>C;8}~eT%=2|6)e^IO-nlLBQFp!U z78`s-c|oAC7vE+(aUKMVQYSrqfJlL}qeik!Q3$;vyH4UtUTp*8Pr!mOwcaEx5Eiku z!oc#WD6vb-xRSvaMjdL@^>H^15rbs(OqYIdpa0{PLs28*!$* zAmNGUZ6o)U&J(~C1@9M5RLdR&vz%ag#6aRsQb(@sr_`8**VwP zUuDf-ClXgHT$83`h>9GT5LX}VRq!p(SlUxLXOy=vS2e_x1nb5Pt+EZ(sp2OMo*~!V zqMf1iEbSo>%vlAVt4>ae`22I=KF;gNVdX%=yP!VptWcGC z@B^of34(QhBmciX3R@J3z1Yhni7^8lt|*!v-tL%v=D4(eR$CIg0T<9GD#*e65-Xd< zji&DkNt#JAvaAh|PHK>V6Ouc8J9b`z;yYo5hV47?Y{BOdUOSSwk&q8MMR);!cT)06 z#qzj}(=d_8+~5P)z=bt-Vv>28n8*((q0rZMejKF1(AO+>lOb$pt5K92KK>{LnaN3G z1}fa+6T6Kd*?lIK^n;l_NyE@n`|bBR^F}G$=SI`#66MRLlWHd#BR{FQ=?QZA#5Vc| z-#cbciw204FCW@u&(B&o0#}ubVTJ&S^5Gf4GEWw*jT@(Q-OKBgJ#B8FaA1GyOyrSt zB@4346miwkZSzy+X4ybM(~Vy|R^dq9r*sivo zwm^Q&TLcWvSHbDQyG53;%%plx<|*D$9!%IPH~1+0!(M%0jD2hg#5rMz1DC~fXV94LV0(XV&b*)s+-l@*Z*hLv1ql8 zr@pM9&7WPm>z;2e8#&1f$4Q^$M>IHz16+z{hG*Bj7okPxw@ei(O!&(Aup`o!Or(f*1=f_~Lj& zKevOW_Xx1Gct#W??PIjoecM%~DM_%js790}S84ZKi(mGT5=Vrn_t@Sqb(&%vz+rMx z#L^(}?U7;ORh8$Nowyt=|Jq{V$}+P+Q-6Rn7W6*iNGY5!ND;ExfKx6v!{o4HdHQuo zxF(*s_))pfc(WdkEuC6MGLIQci!rS%^j|;`r7{B7Bl#r(;t~9#@?V*5$y7;{-j-2$ zugEA+kXiabc#tpe(F0sta;PHWG-(mZUxHGvgms5sOb!~O0n{ih%rF5kEE%D`4px+6 zSa7mG7E3J-#x-Esyu!!nLiDxI7CCRfcLLKHi9FC1lHA|nkr0w;%Fv8<=y6>_ufg9G zcYI7i*$4Ln`dE=yKe1r9_do^I30I!#vwi1BApr^t?99#CYPLEdLxua8y<7FMg*dSA zAyW>vk^*;+X@+Z}Hai&sU;6`W2a~@JPH9lYeG4Vqr~5&&KSusTb-*P07wk-~Wo(A^si2s+F=w0Q$O<{r zl(08uHOxBRVTUoy#@Yx)yfSAK11oYyE!6%3bU^Jorpz^1cnDK$P;w+bcoO-xrbPo){8|`Eu=v5j58#_tj*!=qH)zTCzECA#5fHQpt;PkZ#Y9hG%`@$9?ZW;&cn4&geINkpJ$>9hD00HJkN&4+HyL z@iUDB3CHpFn@wLqfnQb`A+4Xyr$`aEIw?V^$4a#pe&6Q0y@MXp?l)oq z9dA^3Vi7QIwXa)SELcO!!tAqvFC+FjyL?#Df!iP5IC8~gM6`dr5GQOXfWW-c?^{K= z4i`-f-WgzET-fK|GsVt%AuHq7&12#DUp(=#w9@-!e6x#zpk7~@J>k9sqE9T4V>I9^ zGh_)Ds4}?-A6+t@vbXoX4Tlg=i2R>FM4!aaW?WW;l#8uN@@W)B-RZB$97t}T_Bl7d zc@u5~kJNqL!hH_b z=(%u0oit~=E~56jVpM05H&<7ZLvRf;8Z@Xc5@~$7Z>;cF3WZw zs&5dbD{p;^fA*C*c6}3vX*>PwaCzRayl9+Q2)J;=!HhnAWtM$Gr=>Tzk7^JFUjD*> z+2uO&fp)9?<&9{rz!pwSp`K`8yub!Ch3DqyqoWimmEYyB8NAw$C<0`Z5z1N~0+#5* zI!`$D!GRugMhrirLJawgW3H2gRMM?|(Gm->Wx;nA$#N<=+zshAp~O--RUn39XkM&~ zjBD<0NjR2KR}f3_*tQ@ZMVOiE0NZd{^%n;Y1kwD0npsIW%!w`+V=(8Tgp7(8AXZO? zW@ki~8ey22Z07hCn)2=CUL)z14PVue*iE~FK*vn9rD_C)llbA9TGOPwW)C0*T2C($ zUbDycGkLGvV-}s#e#2T4mRVPj;xRtIX5yk5UtZC5QvRGltor!3rKS<(VQ4NMdE&Hcvn#4nO&II4O;9w!JfT(C@$5vK`XhHLEd?mmV~r@RG#D$^MY+wM+oH(%#rx zdL!k>IdXKobRsoC+x_*IWK)9Z<4WXpV-pjy9|B2kR&rnVuq5~Tu9NUoLENo2;BU6G z=lf#modej_JE4*u9ou?~lfV423P8!UH}13Eyq13L0kQXXy&0yTMiND`H5igXs@_ll zUD?7YE#G7Zp?coFOnbH(VTbi- zq-Id>F%xQe(u^j8SxwTFRM^IA(Km>BfGR1PN2YY6)MRSHA^B>h|Z=}o}`o_ z8R7iP7>uW%+^ia1p{cC#Uw=Rq^iXOFXqhBUXh)A|DNoJCeko^N6bGv1-C+}(7oQY; z#&P!43pQ%gc?XSD8CM1ur4>8q#b^A29j8*92rRyxLjAgK7HmYIJ9(~!mQnOap3p^-mK8vrCIHFB=W2wZbT0GoJ{|S?aLJ>b~fS#VG`>3j+ z@j|{>dXEjKxA?pBPv}Ob5{Bd*HQ@gPv7yZ~wZZWI>;=D^4+9e7)c44-hf$(CqW>Dy za9*KE?qeIHMGa|o_CWZBGX4XgaJo?Q8sK)Q0&SXq62(su2oHLG;nuwJ;OtQ>O`PaC zS83(w&Dum03y?ry(cr>RVdV#3kxHT)YE74EX!37ZC7cq5!`xfRJY}5T^)zoGLr%lX z&x1t6*>@b&giAR$i(UN5X(nf34{QC{A4X=H$$sxqCTt&KZ~JpFi!n?6uY@KJUOrL@KlKgP44X28|1;n{}vaKa5zW+vEEE zMj|K-t#7v(vv0WhwgXI|#~A}uzm^M=_(nCPR*#>LtUqE}MW8E8gnjiYawnG|epKLK zUXd)VNuWzQ6~)FMQ8zOya>Knlq5crFbZ)U+@E3BbnwwCBGEmKxDLf9A89t~6Z51Hhz-9qe&vQ?xj@Bp5_F4}18u3BD^3C)XHx?O*FYn&N<>=$;mzHd_C7+eACRi4gY zy^ABMeP70}Y8mKDe}s6bvC>#1GwxKw{^lm1l{h+GNv>qhdUlJLjT$2uRQ zhjof1wwb`3%E#M-Zrr}&?p<$4s*ubvJUD-18nDPapjLfwmHe0IXr6l7SRd1*6(8qV zl#De@Hs{7zXPeWQ8m$v&n26^d$ph2#m~kAsGFHm*8M-2u7%yK$=I3WpRQ91D?>x@l zABw{rbSs||7XD{GvzZwz8?s@R+VW8A)kKzjH2{6|HIsy)wnP4Zm#%e3ya<<-&PRUPQiWxMiRFN|4TAE@tN2JP3nAu(lsr*|yr{pLoV=@{iBgHJA$Woj_r$Y=s z@U`5~nD8q-P|efjWG+mhn5xhxr3CcnId^0{GGi&L|~0 z#)hgNk+3254IT*}dTB#*f9Y>2Jumnoh*Tk~i{z#H(C4KJcw4^cby!L!e8_#Qa4RXT zG}x<0ml0>yGp*GFj$@SzuNW=7|1t zs*qd*7>xM<+Ud2!gnZZm9wIY9m&go&WF!iVpf)d5y;|)j*7D-_s@VG1iO=~}vBDQI)FY{-*G6U46eP^rK zrJwhI??Bv|a;^**q(e1iA3 z9XPU|RjT+p?^^nm0eIHlWo`?ye7bMGcX+-W;S->B{CRQZA?ds)*}m0UE4fD+UFRVmk0V(O%sJ<*VGCM z-m9Aa6ZDBnah;OsNNU_szf?;Sjullacr)5Ft|VwLUCuR&n0Wl?j~(WY*@}! zA50I+^YSEu<^5Pk%4$blbX|>iTt6+%`PRDjdcqI`qg&GYzHbKl5&R$5bC}I49k;!E z9rOu-c_UXo4Ehu-y+Jld{D_{z-@28pPlYLvAqj)xo*C2n@F^=Bbk9N{v_;UVH{g$ER2lP1T%3S)!^Zs9e$? z*lA#3X1Vp%yb$h7lmPr02IfM^Y?mV+OJE}`*QvVC9)ewTh;?M4ybAzwx$xoDyVdxs zcQ4yl5_k{Eg~*k2BHYuTD%_Va=X%|jkS=x6?@NFH9qhARPKpTGmFlE&MPJwbR zuLlrEsXsTL0(xHP(;r7*l+l2Yt2h9^bVHF*uAJ+C)EF#3!-LIO>7d&Z0*|mz(m#Dj zVqHh#pmdHpDd!J3{m;Rji(L%$WbtzRhs?Px3eYJ(hI*$Kz093 zr*UGL_cdy!G%#FX!2qPf@UR(=FRu5bzzque`v6tiVH?uevlaJW%jMV?-=>#s{-RFE zRU@Dmpi}gdL&X2qD%Sz7Y`(xu>jT55KOGVYSeQqhq3&`5T$n@3{(e#gNI!nB9|O?- zo7yH3zVtdD0H6QmNoKXv0CV^*Z1_5XRV%q%n@?Pt7lS}mUx%?-PTX)1&^m(gqTC{k?1qk zEA7mu%J$1)0>#=~$qMOvdbHAKBG}BM9#;)rv|K{_Tq1L2M}G`nA{8W~uschXfkqs! z%(Te^ft5AdtU-egxNtXxuJCm)89Ljqgureigi@5?sL(5#UZ{$SiYWZ-CvVbue2bQU zo`zq@Bf$*p0+q~m3YykGs^Z{gKQ&Y6N@2cU6=^U~d98@8=Z6Cq245N_f|4G3WdTFM zjpa-Wy@F#zmGZCW{Y+z-e&1q%F#Cz0UN=oOCG<)$wT}?PBqk~QGhCSlaLO_XsAga< zv*%=vlt|UEEQ;IS#P|vg+{}!`^?rUq?+t${pbdx>Y5fh{tZcI$fCSMmnsuR-Mr6@K zBYyWGNluvv;Ywkqky;LA$)K6~P7z=m5RK!=NoC zR$4oo%x^A;BQQ9bD72BJ&?`;r@)yCrsDRNrZP=U+m;?|uC{>?6^hzoSyOWxs3mY)# zffU$*4hu${G)aAgS=smNGP>GbTAFjEFVdqbnRP)R0bRyycKE~IcDm|Iai9YK z3K38>;iH1_pe+m+oc2y^k>cFoy_}GFv)0N98$QV1iH>@f7MG`j9Bm-AB-?~NHCk?8 zO`?)UG{$&7g=ch?u}^6|LXJvm7e6*W3F1VD2SN`v~#cZWxLgK4L;Z z`uST~7pfgInE?r)vx*Q8y7dZ8LvdDOFGjVO(r3f~-5si~vKX<;izmIKGSAy*_Lyg` z0qN>0g<>lOiBwi3CqnAB8ydgZ^L;Q`G(0!3l%F8&oJWz`e&U=iTtsuOs|>BsY+cUU zN2Eyt84f%J?F7Lw{N1`hI$w6^B5LR%|9AOOg0&@(-EdSs6fSfCCM>mknQIeI?A{RA z_rk{YKbv|@Pju{#&VQtWh&fb;9 z3}6ZqG14Uy8L7|ur87`>!+=5SGzu`(T}*EXca2);v-u=zKuD3%Vz%)1_Et^Nhx3ag zty?DpwRaPKwM5zkCtJp%Xy%y5C($q%FOKWm1DZ!ldc&}H6QsI=K)>U;7_(u{ur-JZ z4E-pkw~b5lL;r2Xr~8_2vc*5R#9JnaMG>Avpmz?mH8;_)Z#4a~dr!esN4ND~!7SB6 z;pUTH5hZu@`@cvQpSB|2E+k%S$TSiq4zo#_`D0oMTJqCK_h}o>mcHgKt5;8CS((Ae z(pDZgH~0jhVZef^&a*PMw8+w+Iitt?9oOjR4I9ImXoQF`jO>W6z&7WSSRv(Qlm9Qh^2Nw|mrH4& zwKnps@Cb21=X>__BstCHazjUANY=yj2XrJkph`J~7Id6A%7XcrdR3zW<1Zw*pql3 zWL!q#&hI`u&ypF?Jp~X%#03%4lH@Ej$oZvwMIA!U;~;r35L9^~>I~L*anzf~BNctq zm!1$pF&JrE%ZUr#ElG5TMSS*{Wiu&$EC%?NKlaeYcV~`gn^M(y$JC;nN#`ysuA$Hg z#d~+kT~BqRs;~L~!*X%gyVcfMFBShftPu%V&=;|I9&MyvVI<;1(3k)N@waI(tx!C) zZ(vbtiCzdZMfY@A*@~@7RBKtJnmXY%gog?FO%F=1W1#@@$ZI`nd>S|ptK;4P+}xpd z8!GnXnA%VN^g{2CPXXfi=COfazOFJKR)4v<4GCBizD){(ow7&~!lj2oCkKAL3Tl`| zesdP}i?4+Hpph(lSj2&@!#D(~;=SoScCRBOkqJ2@fLXx!I(^+}2be$@dm_V2`Nll7uLM za80f^^7rof6)Fd(b6bp>Tb!H;S7kfAM>uE`2{kmA<)a(Jwuj-fn#;XA(zb^nr6_`X z8w7*-!cOu_>w0IuEN;elwtI2q6VAY1IhI6ptBGC;ewFkm+zj+~kI-C;JYnfRT|=)+ zi-EmHggiw;$>`Sg;s9zH6E5eum|}Kn1ryh!>mnihZ%%nEB0E}uTAU#m0hGrpG2t~) zB|o>zaRHUfL>mrwwW7y4Ke`bB${=bGbn=m{K?aj%0HC)R*!x_rH##YL{Js0CA|S^q zKXfcS0-@_lV${f=&U?n1g+R?82~fL{8Tikcj*Ix}8cw+PJ^%qpN_{s^k^q2AR8;$s ze5Jn7!kqkm7Ljs@9gM!N?~nYhLhE6{Oect6R-?!2St@}0YQk^V|* z#_Eb>U@w{Im*wbc=nG2%49ZWyG++|El6}F`@p#c$LzCcyBCK^ioU`A3#Ij6Ui@+~6 zlU5f#iB!fJ=S$~4HXWCs+c?d@9@)Z_OkJdeyydRk_sjCL$5FR#L0tO?!D%y!=Dn

NV7Wg?vTU z)Ay9E`>OioeSDo#INUQwTWy9JQY9jGpA-&Fr=AEa8ukP%^$>IZI!!t|xlNwj?a%d85y=oAidO8SR6;Ypx_ZePs4(etpxw>r7o{n|z>H z>imbFrhS&~CsDrfT$hZLLJR@=rb=r+kDw`fxSkr*vRF0lw(ff~oxWn5HC=GJOH3It z`Ix^Wr9N@2$_kU>md;EOG%f1UxWRTZ=5m=^NjGoX6m&Iya!Zg5xxzX}v7R{W{nxj0 zEi_GKFZA*7^D_^HuoBPTMdp=osoCVy-zC|2u7D@l_D|l*@QRLe|9c*07yd}C zf5F9xtvmg_kdGXZ`O(n``T8m)Fr|A=YWzdflOXJ?&irfj(_e-w2IE}_&yGRSt$8qX zVkP{oEWFYZ7vGWA18mEb{3OAuleOl>kJf?7!# z1+{>B=>oXCS^dd!j%#W-@kx+D^18@vSAv@Ljzrm0qEkgy);FZqCa4ZnG_{l~$Pzs6 zmilZ0`#K$CNDZT<495^Aq|Uxgo1EuKB5p%F9`^ zzDWU;o$NXXC_aH#04zLETXH%Z?&->O_vtE=RsXN5VibV=CMxq*HaNKNDxTIp0ef_X zVH&|t%n;9oAO8E#Qm4C7xe}1%0Ls%u!|pR3$E~mCBQ~@AVK>ff*exq?r*mL2h7D{p zK}Y7oi#>tyxI5~u$u{BB9^IXYh3kU5rcWhh-Gje!J7hTQ_-IP&3A3JKX+vDnbYIBI zvVG#vB2eY~*7!LOc1B94Rr|U5p~R%&Afkn<<328NcQNv+ckf+}8ysPdFQ>Hz0$#zzlr4CPgJCiCCr!UeIWy#L4l@10* zYVaU#xZfD6acwPeDL(D;fz7um#^nP;lDe>dwmU}TYo+QxjHnL`&GY-WF0xU-tA?4K zvwVknAW81yiq=sJC@tj6%vDLQGxgI(8bC(5$vT~tu`(eYgp+`f`i$tguRUML#yJ+-mQ z*Op-wuqWj5{=OWwgL0j3pGkwqjV#tOtb@Ui?dd&=rai`-D`P>180H+c>-}HHMPKjs z;DjFI)1foHelgK1G3(_Si-J<80z%=G3#3FBjt(D02GM7ZxR&Wkv4XPxU(eqt^=2k{ zT(zC2YJ^5Dh0d8U=$GxMj5LL(Jr(nEEiaKCa^tGIkuKL=3(XFMFb3^gfA0oH>NyKm zh94Bz4{?NtEOY9#(yxteyOa*`D<S8-%ppvKCMt4*KNOjF zwG;9&9-a(u9MKmwe13uVS1Ve`b>Z4e2AattW zAg4*?*ei9o^hVdmW3F?Bde36>i>VL2IFxPST;afgQuiNIg^bw6E`ZVPV3 zVU}FJzBY6O7JHB$X(n?ZIfnJp-#~*7E6el;oWk4B5NEVweJU<33Qc!{4!2XtlxRO;dbS}L-Z7!Lzbxcd`9Xx0aWXn|e{ zum&$De6PeedbpI}-uW#D4D@wD`Sc`IO;-%#$ft^`X7y*(Ua^Bnivn4WWoAfTG(zpf zZ_kpW(Kg+sJR!F?Mtgp&y4@Mvu2UjH;~%r`K@wY%I2Z)iT#ext`Hbc7Un95Ah5Jnj z94C524R0u8J|Nxl&X{%jkf8Sa&K%vFLtOU;2wGwQlZ(dNlFS1MR&bUXk*CzgSMLx{-0<<`piC z5lnvgFf0&&*^jLMQ&8PCd_lc#c>rcuH!hfUlb0U2@f*h33_G3&p9h5WTaLZCcNFY? zR)bOW2W@#}+PU~V`Rf!IDhaJccuGhRKicE0iA?oieT(?`?$c`Dw-4P{bu#bQj&2^^ zioR`s&w8q+Op$*9H28MRpe>*YrFQMouX<3ZBRl*N~@rP&!O&hUpjatLNW0 znSn9Mp)K7?Asudi+|KjTxoTQILe`4UwBu+l#q}J|4GIRWZHd7AhGHd5JB>22aI{I^ zwA7!q3x!=5U2*3g7WMl`2!GCNq;Aq1F31Niunwaz{Lp_VQfT(-xGVbb)W7&2sKR(* ztA>%iH~P?A0+OG}DvgiKmu^U}kofEN0u}``fOJnE@od-7x3K)SF&Fq7(@q6pFG(Jg z{avG8QOT@vZs@KsGW4NlX)MZxSvltpB2Qmv5xP`_N1dvWHf*~`Cfz3un*T0A!)Y+5 zu+W#FlT&L_H6U(P z!!0No?v2`((IpvNO~9ja>d6LyE6yY)c=kl z0Sq+#w|Dx1mB}0#kmy}fOr{KIl9-;tg#o@&XyS;{*aSGIre~a?hA{@7GW(r1=yESq zesX>*E7?0$&MpXUSuH(_nIaaA8dA@|mLWh34vq(XW=(F+(ACD&qO|!zqiJcxVVI_5 z!&M3Pohs~49r06XG)oy)R-4SD7+NS+!nfBbk~-Y3NyRSX2YIzen#P)uRwTCg`N9BGIW^C>#;E}R z@rclUZ)VXxk439%T8-@&LC<|7x#nRgVX53oqS-D_sXbrAnN2}+neGq58M)_3iAq&Q zWzzys1(IJUOU;&NMD<}+GPF_-%I?nwX5YhXf%awFm9eGGtL@GRex2{P!ywJd?h`vuIkJSaRSdbv zR`nP|p#K?m@tkC({mPyL#$$(=MnN|PMNR13gN3hM1Se?uSgZB--Z3|Dd1;l2 z^tCQt<|&$^?x2a@(S<>YicKvgWrX|N<6|u?5<$Z*6^uZ4If9|dczulFMN88+Joh90 zEGJG^76e0TdXIQ*)@QMOtxBurJt~U`_zbDz>)3yRj!`yCIze>R4s*tL*c4xC`|mC3 zj+1_~*q9=<76b2w*cga-Xkj+%H--3K_Z0qNF+Fnpj!ndR@Xi62pAgy(({WlZ8*Jw^ay*S&RZ{1{3|I)y4 z(prrlUdHiIFlliqbXWyf<bi8wWg;vBS%xYR1slHaH0$|YEKw_kh?x0Id6BQpRbj@H|t*P4~`8uq#%h5!cDP7pG$*< zNo#RIaN4@q;)hFvu1V_+0Wjg3*rL;=LD}S65pOQ%?|zWQ{RZ_M`_xSnz4w;}b!zKA z>z+qzRr__FXTqPO89yDa<4vPSdkr-J*o^mn;;Q59rnPU?sgge0FLsSrX4~+J}~4fJ@fZLaWTzVlNFqH zIq-wBMss-?WdZSJObjMuLJVtinEok0122mPa)|`HF zY`PCss76H^7$&+^V(Cghk5qPD(jgnnKdsHZLw=cXTdyzMgCvu@A!=81(uh)g)YfX&Dd)o!+S8hWd5;QBPuq-4LpBtNQhE53qpWf@^2?C*6FiS38D4Y^TjIaP6~yUBpFg+npg6}N)1 zl&f#pmo3Eu%*}w@;4@PR5@tr>r6@Dii$W<^!NlbRRVq|7%{I9*Lq+bq`BsqfQ`&AB zx#PoYj|YBbCeWU4kG9U{eA!!7Kb@Sg@Mzs9o#u-BA?*n>A*5FIYKT6B?GSVQm|4umh{nVQa&c68v9L*Y*Z)yh|khZEG&1&mNRt2*Me*d0+ zbdw(TR0vr()lsRDxxg0*TAuY?x_jgs36Wf0F)!KbSTcA}Hbv|3fVn*MkUE=J1yfhv zu3Ama_K=KQvAj*S@e#LntaLHAwid2D32c6tht;|SVwN;g*4@v{hlqLh9J-y$N@hRl zE!HZ)u?w4@dU}VjJ8v?KLG|=dY>uqYtNY7)((%NljJt_G8{E&Y9yYSP!aqsr`Y7-<<*47;c>+=eW`qlL@9VOQ_?XFlF{#Q}I z5`Q5jTPvsYBes1&Digk62JD8cLrN+3$<-qk%N`+#)FZ?we&1}>@wb;7A@Y7K(^wD* zHT{lj<@XDJ5*CrEQiBj&2C7aNbnaJr3P_V{h1%T;A-{b|hSR-sN4IX2GWbv2E?`}% z1zDZHm91?ZJxcy6j)q^A*ZSQAy@!hz&6Gk;|cwk>_ z+UasTe}DJNy1bqx?CntRL|eoaneI}h&Uu`TN8WzhhD$*k2$}1dxvCj`1Lf6gUb9;+t?q7Ci$K+TZiY410uTTlYoeFQ{;zt(9dDf z!rsI3j@_RF3X3ZnZtwU{{x!*ud;;>@G^`%NJ!vEdt{~~Ssq>V+Rj+ufch@6zVO&z; zWen$-zym$>(maQLJm$!@I9gxf8T|pD*H&LZu6VKGhKTCBbhF;99#-F=1|{WL^2?mOkKNn{!oFqD0^A>2H2#duK5JbAkx zmrXD*?2G%z7_1UAia2(k6W@|e9(S2zpY0|PyoGT&Ib^RUxTV#3^HL?A;@fiRyf)E^ zI*&TYaTC~V7?>9xy~-OBl*|L1fFHAZJE-z)yH{>GJ%Mzn59kwu>{me6z#MdsyXSY72E+`S9&wKtx)P^OQZ+Qu-kQxb$=+U zT02==$`TpvcK_sfd@^qK)^EJ~5C2;QTWS;15y7tl0M%!2z?&8&1;BT09E;Oh89YWb zJQZ)NWyRLrJn7KSId>X~I?KMmBJJ)^^;LYhQT2=J?3hgT9r-7y<`<>vw*gdJU#gw0 zFTJxb2otN8W1===SUN+rPy144?SlXyY7GF~t^tVajVr0{Bg|*W7n`RqYme~Nap7}}4b_MFUh%nt|bUGiixY8!2L*smPy5{S=v??4Z!+B0_WGA8fc^m078 zOX_iu&7v6fdYj59ySIoaW@;i}*WRE8uIkc=wjPf}puL6h$ko;3SJwYL<*7`?#|Y=( zzkbJW)Hv|5GMsd+nVgdpkKxUD<#=KTQF<7Sp93!UmIq?4l(8L>(9lQgtR!7^W_@l3 z@WR3}CR=wi#dkcZL~LzoS_7H)sX9a9@NLW`dx(t#LJSDD2vu0+k|es{`Q+SmvTYSm zYFpwI#^bU_srpfi1xYNd3E}0ykYpsBE+eJzT{XdU^%3nImnJWn#7+ezF4>^CoYyXo zgf=le)AP*ISM6kqR15sl+)bhgcl4;nF%6G%BbNNv{dY*C?55*HjO4~ag-VqgIC9t= zw7U$ill9Z4k0P_m#m8}qhn=+k(MNB3XFfGx8Jp4yMf;SryQe#j=MC}F!`Lo!4zIT_ zaOK?izVl0uF)Tesi%w3{;-N?x_aJ6yhg8Fo!mjS6IGN3v z=ivLQ#<)hHHF4n-j67ql!v8+c3n;t|i%yU*(K!|pb2t`o7~a(DdN$%4Bs8F*`S;7<9cr?^(_JEW5;bxBYi{vq)W4*Xhj2!s~`zPXkRyG#qq=oETe zVv~&%nenH7mOq1O$K&*wUndJnO!CqPlDlN#-b=_LUO;_cTPqJJwb&3fTrdIVXhl^hfXSsu7|&xW~hxQ$Ki*0$RZfeg%HM9Q%#Bx8!IPV#?`BWrR<;NNB{idii44(lT;!S9^TvBdol?T{_homJjSH=&X z;NS24Og$8H?dsr8C0-L3Bk=Kxrh-vnN5nVnYQ69jA-JxSxl)MiOK{Cf;s^!aKJ{?Q z>13k_EQVGX9HCCpR7P-&ie?t@x*anJ4sfH#*>+jDi#SN5=p3OEhe$+H{Oc2%eX1Cn z=F*9sKM?*fFo#;G0qZ-|Nw6Fo};^z)=f403)*sGrvxn7wp z(pMu0e^i+_5Gs9kx<95X6>x-3@mkOPVKBDa?Yeeh26O?qI#IMaYP?G)K}0WHjd!kx z^H6l=CT|p!)b(kcSG>GJU=GSRE8Ify)Q(A!&`8PIcMRWsb;)OFSL%1=sN<7eQ6S)E zmKqqD|Mrqk`pO}nDcX!%slHBn# z>Tu5w-ULAAeAd&~f#HA3Cdhy@g7~|}r|Y{Qvc@P!$On>Y#d`Ns1(6buIp&cs9&N0S zwu9`c#NQT|TuqL9j*wCrajvULw`^WXUm=WVyHw#Gy(iqmpUU8ljyFN2c?ua?wcgO^*}P$lklLC8fXDce@gOU}|2 zRhSc{4u*r^Y`x12EaJx07{d2Ga&}!A8XHhgJb7c90KFi3Nm}~d5=dH#F}+p(lC-o% zE8zfNJYmNH2(j?}!+#fOc9YQWh3>{lG)?;vCE^8U$9nL?7@&_NH zCGi2MMXBGD?a96*Eft*umjvh)SVZYfJF z1){xVduK25&R&w02K_Fr(*m-cvY2OIImTaiz^lHhwmH_GSskSGb@>*`@DyT8YGcKR2P zCwBn;E%nSsvd>OepLEo;@t@6Y8mK6wU$*?~;p1N7=tA-cw*TK>9m&)V`EttH)I93u zI!lsP>!RG78g^XeZ|@5rjlq;`57YZF7=0Afci<{4%G>v7ATe(?q!~JYsJNAXa zRZYJyTNHajrXXf->pN9*f4;jM(vr$xK!J<1d0(}=;FfzllOy;0ll_}#ms#d9rloeA zE18T>`Q#Aau=7o`Gdx6zTHlDA?oCF)THl%uK8*|imUeQ;JLguDmZr^G%gr7Z!<78D z#~azM^_#VO<#oQ!ZN2_2-vNpRSCg|v_qLO!P0aN0In z$7=lXhQI5*e@i}jAUky93i{P&$A8HifM7yy1TlaJfTqp&y8zQswd0MUcFNnfAwbM~ z8CXBWHz)I{k+CNX5H#7exy6^7QLYyvEHH1L(0s3=SJ`7@2rDzJ?BV;i`ppmc({is8 zs~O^G3C-A%f$a&^^iWVAy%{!!mDyJIG&S9izb<+LJnV>9iu^~v->cLBsJ74yd|B9@ zTuo0C7Bpi~FJu%0njx_GuoihSyLj}5IpTg?36Ll}Z>|ndbO03g0KDjFcGEvZo#oB< zhg9GPLxLYzavCqEUcmWVMb6U><8-Z37U(X7bvFf~p6e3cvF4 ztLUR{?0$*03>E|UXzqmdk~`03T_@jqO!lDb zz~D?s@JeDW$P766^Thy!{m)@^=IQqbxabcRTdN+=r0++1lu14K+7m+}*h+x_3F3=0 z?Fit0POgD+w6H)P(~*#HHl(p>FIvm$L~gZcHC%+f2Ym;b?I~)V&r)}pOatYpVIt4I z4l+;CbPTH42rwE|T!diDY@9zR&v9(K1v8(ew$OAUmicHsz4Kt^4l;#PPtj~h_uJ2D zY`YG8wDo6EFqj?;_QQ}0{=Rt z-t9At_5{(gC&R%f!AuiPXxapq}CD>)7jPl|M@Elp2Hgh(cX5##fo~Y2q+VT z-4cd+EN6h-*N(mDTc7X=N(LFXfW10>bxdiX)4Te5QBlpSoqM?N9(j?c-Ym@fHAK=P z5B~VIf#8pOxJ7vGt^Q6dAop+{*F-G$O&~P1myuCuwY$cA1#dXEx++)NN1Sv%JfGKm?{;pXX^#RTdGR;ox#KmB;kyur$d_PK*{6a!)sCHwNQ%nu7W|rR8)jo3?CTIK5VG~G^D(eRq?eZ0A zgyYkmuFsoP3%IvhtD3MNGhPpMxOtHz#B_NDxkM(}{y+2h{JLpkG>({_wKl4GG`|g2 zR5(lV%C_W4ESN(fJ-VmYDk?3Ngtp&MOHOs+r!^a}tM;&ZD@pvBX>xYM%E>NBqnH)j zghdh1zLu4NBvE!lJr_OJ+RvYDAo+zEm9y#L zwBm3lxF0ld(44-a34vtZSr8Pk{lxZPT&YC>r(qo8GlV8cYL;(skZx7vJA5@mL+i?@ zbV4qq4uc_)+#(+($Q?T4xe&j-&=5aw!!rXE(|+qjQmA-USFYSDi%0YUY@=EzC5<4h z!Cyeo7P7~6mlvldIRypsRz25S;|1&`0zG_G*GeHDG73h*+J zBYMMN){lX7q#J*DnzYKYj)%)dpF;E5wm{y2L&9Gswn8(3ocMPJf=HJf;4l9Ux?klQW}IU)pERY+BOnC%om!V zU_X2-EYdfu$b5els7{NIVziQbQ`jW^*sAWT+oyCxGE_eGd6DWI@)T+l5V~o~h)cf7 zy0R>__9|2443Z}-?=qj?m3L8yH2PA^q*0RSdr9G{LtWN3mlwKd5(uZmOWXpn=%tdvL4k&V!J8zM7_X3KXN;rBd`>jsc zFi=4n9Q5F_H}@78nKMOn3r`?MzJHezW>u?2>2AO3xjrd~E5!L@5JO4Wt2a^LraM4W zKGltb42bU*9(>rr(Hvx{#n}ri+Jygn3BLH8fN+bGY0Ic~lt3kczdsTF=>*@xgdnJ;aq{gB#5nmtI?b<#)RlNv!J#M3zE=EWbMcpJuc@RjTBTOhla+?QodszE4@@`U6cu;po_Nqg2BK)L#?hbWwm&D z+XpAw@1Gl*wj*U1Mt17SBO0Q^n&~8NQ4{3%%6fho*x7k){8t`SB+oYlD?z|c$cef>)x&m!s)n4`MGGBLua&-juuhr$N zAqhk;afJhaj7ca-#xW1elC|8|;SVO@hE^&>cX5T^{usSbk`Q(vIp^Y~VEi%>1REG-o78c&Ax6BkbLCBel590dvsP;``K+iVwYc(#OQEIca9{ndRAJVR49N)rqeWmrbB=IG1j3Z&Br`8OK)$@GLkx|`h5lu_}#uBQ2yTi_I3Cynx~WP7a0N9 zvQL`R4MhQbm(@k&IEZ*mPs1cq*xsuy^AT274Os{ZzokmXfD+QcO^)qq{60fZcJJ8^ z5Ao8E7gbR2rvCW-ZxRLq5wVy*h#;DT+3in^ITd~Q;K8t2RNq0}wVsCZ=syeh-jpAD z3&yY3OY=|IN!d?$G?%SY>xXeHr+;OdDxjg`%-hMRQ@JzZ?Q^>rnAD#-rMaeu^tLZE^%GuI7)Q>90?FQW>zh?K^jjT~{NxvW#fk(pxY=M;W%yW1Rp zpfDyauCA&cdNxdVtyMfR247hs2iBtHs%}j(n?45C+CT zSOUQ4Qz^cLLc{P_z#7INJ~~x>q>fgh`@m7#KHfe(YpQk5(F6 zhugd4nr2&pszi^M^fYTj$#8)f5Dk0d6~2Xn5>vs6j4bWpdGmZ8*AUT zNN#3viWPssAS7-rJw9V%XZ{g$$O)ZOXKv@8CTnf7OZXvinQbnypM1ckDD9D(ccGVU zs@;Cz33ImbKjg(c70=fv)@khLrvr z%GYt%91cXI09lTOuYnM%=FfwF`OG*@zNVh%1*w|*{#FHAa0aO&0?6f4_xnHACh-&5 zIM9+4FV+QfI0$mtCX@^URn13ikR2yXD|$xx{1U_-NvW=dB&fDIlnvf3`u>#%G@IEb z>N4Y0&Al={^0je<8Vp6uN)$f#KLFHSdu+e?U0gtCXJ4}Tk#e$E~4{M;D2_NNI$>D5SRhOL_4YGQPeJD9m zBd4Sgu{qe7hkGW!L+AaLaLn=(4aA6fp=UbRj%I={qr^zVIWqDB8$4vd^u&81N}AP~ z?K%xR>z#7Q1&s-6l}Q)s2!n8l)2Fn^MS=W2Zy_)e5sA-B)sAvwT+v6?%-RoeV6JI$_y(+L!GW7$)W2L0A)Px$PlzobJg1iHF&SqS2Z%B&HtzR(+K+7v@Ao7oNeAi3pO`41E=-Ir)c8;@Nv zrxU&(ih$h82K^u|sP(jQDj0;h+70uQK6f)(!~`qqp_Z?}sMhXof{nC~G?K?Ex()ie zc)elMV=!38WBaWtfsBFfW-W;GkH@E4RyFY5F{jpt9D1~c|1yKbQMBJ!TaH_NehmXW zBuMie9%1t~=$7*ewj=5-ikC*gtiN$9or7_<)vs@jq0v}dum(durG+j;s3 zDP~`hL6-{&W5s{%Z%h^GXxsl~{ua;C@MyI@{*jcl6S*J!mvyN)K;rlJ=1#THa;hmm z3SrBR&)t5yFtW_X4H6${2mWQk4w@jLBs{PQ()Rw#d>G(dA{A*Ssc$`t2ozAJiy_}(32p5x1b#d#G@Vpaq3KaUQ&eB`?%)Mh&sI&eNUJeeI9V831 z3vz}H(a#;rGFd}qhIlQjWWnlEqX`%9{L0-8xjeU;WF?vQe~sc~V+(Sm$2+%hyRF-l zrKEdJKMZd)n+*D!zFE!u_3MaU%-KbsMf-JQL`SpQ^v7m@+WZdowR?G5<~N$vGdDE( z-l;zm$!UPG(;O@L)%nW9-^O^=FG?hv)-9FEX8A>N@Tqn8$^axL;3}Nq^LS&1y!NM_ zAZRyZK1Q!6nw0!xpI_`Z8qUM4stzzb%reVph97+2}WiD&5+q z;ZrZWY6S2$ij(KV#F2w^xZaj=25*^vCelhNo|rJ{Lrq%d`Wr5dpfd{iX6m*i#K*5 zO67EE@0io#uTqjvSTHkgZTe_wLcuH8F_pNZe#m(N4yb7=1w=224rMJtos^r zG511e&xS2+FU}pvgJ(rHi8LAaZM$GxBK$y>%Aiwavb{qwh8q>yqg)m>7mlc?`Zq=q z6j!?qf5|+e&MtWYY7J+w=%yIa@SlnU3 zE+}4%h@gc$PP&S`r63ceQL||Y?hr16l>LTZR6Q2=t^7EWrQ)Y0I#2zt&G(~~O?qrx z_YI(UGi;%Fh{U=F;k4;m@R*}zZgg202|`WnW@O_>jq>3eXWK+yj!7fb&&Ep=3+E7_ zSPigl+&Wd$VBav*Io`LF%f7m>Bn|3>Vy+Z$ki7j|s9hqpdjVAOiE>Gu2o?-4;-c;ldF1#S)X>7UV__@r}#L^jWnIqrt#cAl^7P`lBr%t_2}U z*owi9-)cN=7jNGC8zb}2r?QQDzcKW?-~ju$t%yfFaV!Y_IOdz+*N&I>r>qj@2nDEUh$X~_g*Ae&t zeolv~t|{k?wh8`eVXS`clv z_ur#>inV^6jBmF(whgfJ_Yx>PVc~Lh*%I_}qE_ys9{D&%CCu&T@I0N-lT(>WvsSz_ zy})~2{;2aQoJLzTll+#xT?1@?oqQ8)|4+pykTLSaNPBU_;J52d6d#NRXmbs{(tL}O zD|PQ$7|Ek$MZ;@Me@$Jtl|>2|o;rf>0wRXU(L~ra?gu8h{8KqHI|uVWf|2_B+RTd} zrQ7(@f9t50z2bah8N23m#@aA;h*-tiWNs-C2ge*M=wj;rx_PI4i6W`6CMkA*uO%mB z?~2eZ2c`~ZL0Bc_{d=A;k1#~Kgr|jk^_1D3-*YEi#?o}<;O@yH5vdF?z{F$|Qn>fD zjUUWB>$;Mea)r86eYw*ZWmh)FZ-76QSsJm^&>cAEiNJ6p-#V-B*AU;p@=1)aHNyL7 z3zMsbdS1VNJfr+XlFJh5?+3s{p5m3YL_VL90cV}i;zlwi$dAR>Ml9$y>m%t;B0)nH zd&DGhkXA2DBf1nd#S|Q&S0X9|H@R)!g`E7Nh7qh&4b=AHW&6d8_4D!ke^p4;dVACeWjB#W?H_MWb=K1P_b-D6*0 zWXPU`a0aTu++GzpOj{U1g=(EB62t_(D6=<+!kbjU5LbIEzHF3186^9DqV1zc))V3j zBa+S6CCfq-Jf`Vfl|fX8agtY4`O9B9dk=-x(m}>``^(e6(Dk zHCL9*AV#6mq4$!@_^_nVSE^RzniER&spif)~!bPwa@OINKUR2Uy!_2m1LPSMLU zG=cYcn)Isw@k9O#V)>8FPnHLC{9B(Q%pb{>&03MYd_D8LzvRXqs*0uQyO|=G9&6=o zm41wOeW+JXEbt!wdr&m3Df|(;!3?i5)}pFaUs1;F5npAfryVwIP3Q##mCsNW7(tIH zsHGOs{uro|_%AvX*kguGRw9xratYW|p~oU}D5MhhyQcpy<%MtrcH*>_JWXLEs=L#4 zVfo}}3TeKAw=etOi^>v1QApM2WRE9QBJ;gjv!kg+yQd^o8cMh5 z>OSx`S+mT`SaPQqj2Z%DhS3sK27T5Ms#B7G&y$rnVG$?I#)t6K7-;2$*RdmX>Lj82 zGfR%7eP=3@z2UZ<-hRxi99pso%0eyXZ6WI|GgZTLI-=xfT@arY}IZRO>6 z@4cgp!;G)Ku-wf(zIrP2Q?<8UrJ!qev@W;qWmeVU>yrF$Vd4f}2DM=R|;=;h5(uLQ#R>%g=Y^?UoZj~tfS zk`o+fkuOx8Vq0dq8{UjD9~ID_1~h@ZmUdSG9= zlB*lTHJsPjT&~*rS`Qi>?FkO8bp99d&jY;6X^2x#=C%v}_MGee2W}jG!1!O4#Kewq zRyVw&^%YG%T1-E>L|P8Rs@~!D2M`%f44efb_E}p=ct;q&?qz#}))lWhPH9FJrbUHr z#W6J*WenWbYMglX<^>ErI-Z=c%I!U$Hdm$&^0fc2i?FI+0~g7&>9A@V%si3{pU+c# z=a?Ju06dD3oZF?*bIYV)y;RLike$n%m;+9xA#=>awA^Z6^+;o{?eIS6|c2 zCu5h>)@fArCN;v^Rd7t0`9V}S5W)kDDlG~WbIG@lfuj<&dGriW*hEq1rhD{VVj+|) zeCK3czUa!H?H=CNmT^Q0hT^|8%}4K7hkwGIht$pRtFbN!aXeW$ zB;?|Mb~)ZQI{Jq+Kg!3K{48tnN=0SOOpWiigcFY$+*7hMiwNVQDM|UI3VW1V?vyfE z;D=t38Yv`LLFiP8c9`Ln8$p`l?Rd$+?$62m*PgE#jBjU0Kgir3r>BR%>?NV>^(sF> ztJU$2=Thz`S2ix5?qil-j*-)d&?r0_dgAZsRqi5E*M(Tf9P8wapkaegj`E-S>f zA;9=pXZ=7*hU-R+uCnLs_T!1^EnV!#O&EN7X(FrOACi$L--Zw8>`c^n$v;gCK_74( zF1r{^y5z#zWn<9SO<7@g;8!1P8`=EXjeZerK|1E8T>DrQ&pS~Gbc3HQ+Y#@3%eP9) zjO}h2f0;%(Ox5c_)931}_x{v#9To@_>4({2%Dei3t@OOz)%OO;y(FNfX;v+`a0~sG z5pW?!^eb_x z2zxg1F$>Nb<00RQ#q3f&xVX!rktC^16w3=Fpug{1J|j2(Xb|d`(uDkWOUoGx%S8Ti z&hSdaM~tcHHz~pZKQXQPqRMtxW_;L{f$?j-+q92{ z`J9+z*ONUDV4x=be1;=-{^Q5t22&EcW=ZJ>C=NIMQTn^Ar8UJ0{*cQ=R$7P3hJr&< znuo6H;-6=gwLPYE26#N`o}p%XRjgJ#q~uA1b-F#iuM)nI@;_1#nZP@$)WOT1JW&(qvshZZncK{q zD7^0NbEVDq3#lYay>W0p*jO+lDIe{6Rmr1LUU88@ukW&(l5yk82L`eZIEsaF*#W?%SRsQGYzHc!M&&SNt6^hj#Lb z9rdm~&VJ8kFtznaH3&$#jT8}}0xnbf_?t-UbcAuZcho1_%g{&3^ei9kx>f<*Wit)( zgW33R7uJ+rpA$4$#O|~bG`n#nr#;NuCMnt#jGZto@JoOpM{?%AFSCmovSk66w$0~XF3RWE3*MB1>x303mxvLM?_h{wte zhFn!l6;b74-)&eEB=9BFTt!W3zF(63Oo*>L0U@ij*D-S0Nm?t-6#j828tU8B%P11$ zbu}&$a_4D&{q9jAyJPj|1Vzy_86=3}I62BM7!aS@?H@`Y>bHo`Qi4U@h%IbB`qHyr zL3@yX{n7*lk&R%?t4Es%B}%j49wNCP61d*zOu_(>+CMBDp5)_$i8gf1?@PeHk%>;( zF?u@Ut6X&LJEdzVT#?H|24l`F+=>m=7dw2QLtz-){*U60z6jYRb0Dqa_B#;+jT|Hd ztKOL4@H{ruA%}^(l!+>x>4;qCMScDhtU3WK%ohZ5ofY{PVkYy%hk_HNiovq76W6Rc zu8QMl6Otk_vm@m%2#FQMV*9}(wA?T48VL9i85q;VJ%Y@wQ}B>DzmA^w_x)Uh@Y`mi z6Wa^qO>RrVOe!>~MhgX(fhmdi(VMU$OhGt3G!wBpF@?@Ft^4aBL0t<_sI9gL2wr!w7@1OrziTy=h`ySj~MS7Yq1Dm<34R$mGyV z*bmv>l;7~Injz}SpModh*@0nznG55{LjGoFX(UGh!OF_SG*iD2(QA>}<6mz4Whi-`i0JRU&Y(ISX0%3^(ay3R% z$rJxI84m2|R989l)*!wPjm&juq`*+DOPw? zoU}YW0=YUp6z^G_`_cB_ce4Q)eWwzTO|wOe)cK&aFv>QY?0^`S^pQgO_As?;`Ffe- zgw0fVET&H<5V-l=ZhqNk+5beckUwR)mAF&szmT9Yb1BvLp%jzLM44{{U*C=CC`_2zIT z*yQ#@d48|S><0_;n)D0Z2WT=McXOfbH~nbxA>sMayvRYe#53)S5xQwHqVeT=$(~sC z%pQS4~^xr0^*x?)5k;rT4; zS2<_oBISiMsPNSi)g&7oDO-`yXxzv}_zm$&4CrZjD5(GOtvCz)&sLlATAPR*ng0$; z`+K_WJCn#=%6n=o=)LvMgRl$y+VU`wo*c5#zrB|W<`g&Ld@Zs6eV0lzixQTUz0%oq z%{y|usjXQ5EBCbIfAYvaDn5E=Ou^54d)UvZvNJnoP><^=*Z(J7ExEnGu>13VsAYGj zsL1HC{^`h#J)#uv@g`<97+J#1;1K3`vz$T6ymkS|ZTpY%Q!HA@8{S7Cw@nIP8tBZq zzBx0d(>fPEe)r~!QRDF+<9;)UE1jRO*M_h1febf~N&*AG#S-K3A7vnu=Hmw-^x24k zcynQd+hO)q=E26V4(ka&Um9N01-fSGXnyVOx97-aF${`N=3t!dQL+_bpOgc}Pst8e&XoRj?F}^cSj+tybv%nX0!_a-Ow%=(^qBtY|m_ z>u)L?iT$?v5!|I`_4E0)KyaQqM|HppH=kvFB7Qpe?VzHZB2Glr{n;WqJ~2N)TEs7X zW}~#T$T2wm_Kh#ntT~fuZ7<9}@M3Ohx(a!;34+!6EjN zQd4dS88yjy^%Fw^4k-X%{l^!-)3^{aN{CL`C#t zOv{~-AwgIPQ&w`7plGr{cWbYqv>Zmb8EW>o_0}i*PK8<8?6;DPv8$p`>R0o4{0Qct z;Mmeks1n$kP}Ho3MQbg88vlk99E#{H z+6i|Q)t|h~yoB|`pV__e(-T*hg+(s%O+1szn5{1rBd8uK9DnZ4{$}Wu@$^agZ$vXl zP-9q`Ca$t|HWj+3i%?rZn@z%0@i^W#1^UrlY!5|a0RsqL%1E@6Q+-`Yc4bZZVMYvA zNO=RISxaLJV;7`k-jiSa%9;wEq$mhm5|{IGeb2+uIKhBk->fj!sPMQ}PrEBKWkClS zjvMY>G{C4QNY1n-s|&+;pHx?W!;Jiz{Rn<5WIV-H>jGj#W#p{qh-4hiqDQe@m8NlP zoc%_z#vZj`J|UrhgTwPL&O2@riHg)F#uLm)$)T889POAfB|D>vewPa7rJQ(T`9kWI zjLoZ<0hXkk*yxQF_j*#VC>*FR0Jfo= zu&MhJ=CG5o>Q4|e6ir8I(vNvb{}r5Pd)|Z_?d=uysk7O@|F7T;Y|eJmr|8i~dQzrh zPwCGiX1UmqP#B-n?y^I!TfhaBe*`|Ij)MHXo}?;D2i6%G$%DinewkI=O;j;4LRj}- zi3QN$Zm?-5NF|OEYWF;t-FQTqmg0UeXh6AHo*1Q3ZVKbplYH2>P^Kr-4E~_CDP{T- z#kZ9aaq7+5%GE}1CHO)MRywuDxi~6E+FzTKj&RcUcav}|{rO{Y)pg2CZ1j1>r)KBa zF;C_&@rPverOf$t3k8A?`M2@tQ+6e+S52nP1Y!fu1R_42=%E&1393JA=R=Aq^9NW* zOge?qLuB`Pf@Lq@SN9~aKGlS^kBVCu^(1ReS>sEUsX9@@jjg1Y0EWMcl^^)4#->Fn zQQAJ~GVIaQo=LChG|@_*O8Y%L(w>9=F?8XF>Yd2@AMk3!<`r~kRe|4n<|&-DKg*cz zz7^=$WHHyd$x1OKfg6i|!A;d+QPb9*1#1V$n4Y`}co9S7{-mQ}xedH7)ExKYob}CQ(pc zTWSC?y47PQT3(=GOtPkzAYNCQ#sLJcyqHwj9m3V{h_d3RY|jd0JYpmiD>#@eXVc<^ z!`+^$>L%7stib|JsH@(bg_??=&JS%xQS8&A*lbrf- z^+I*^Mh!&t0KTXGLUt`lSWuL=TESzz*Myro%BWm)*fgn@V0nBnt@-0`K+)`@GUf6a zhp9TFHTZS^`#0Xbs7zC* zNOa2Q`N>?Bix`|f$$4mfWqNNi#?r#sbwkQJvsQYrSqx8AZz;E*1}c`9X2k@9o9|cv z_y~U7+c-}})4R+KFCJJoH4;GnjA__1LncnJ|t(#CJIF8K(&U( z+}U+!=Pa}d)Sfj9bb*yD=mi^&QHFq)w2MZgu0K}e#~~^Wue<&$$dIRY8T>v zw^tR)qtR}ZSA%A|Ad8Rj&|otQu8!tK?UnWgZMh3_|gsfe#* z>=@&w$dRTTZxWX&$;}^rjG>R4u0||SsS1y5J!nmu)<^6X;wlhi?NMYgU-0dxwiTz3 z|3Vu#HICR#;-E($SSS=sJS9#Z*8^lA8L~g0Ijo^Y8e=3lvIamm5PQ7m-J0bRJoaPx zQ|pN$+Kpn`M0JIHy>M<73QLJ^)ONXW{>v-@jY1*g_1xHeFAMJGa|YSzV%oYXfMy~^ zKqG;~g$s%Tu5LI*00&&iUz;a3dYcrs)O~^=Flx8*udx>7VG0*kY8zEXdUPaHyBeCY z!D4EgY-aLu9wmwtTxOeV>8jhD#AlfC&v=ifnX==j8JW(dJiWV3BYsB!}w z!j&|hd&zW0J+AmCZ_YV{K5y>sZ?~dwsEf@GSyy>48{$3xL$1(iLaTUzty~MP3lfp7 zx#^Fp{L&8_PQv4;6NmZOsTb*3#m}dFnz`6}4x`$cM5#6t4=S(jIZu}%U7N{dd*{R2 z0nX$~<58EbJH8o2yIy`@Q+r89?eKseCjmI;L6A)B-#^r{N_!Sb*aJbZP+p8MdYjhuXeVMcl{W4&q*}`HsqY^rLdri%~@ad(c_yp z6FxETsaE}8Z&NwAkH=l}W%;J1dF(ILHYb*gN{!AD+5F=*zGK%ZKbN4(@^|e6#!B*+ z4ci!eG-^O)UD_f-MvrnUuXOTTV`=E{&LJ}LBIEoHZ44$FLOG?fzWS|$*u?wj(dzF=)!Nee?a8vOc)OOD*hRH;``rUKs%R>UVI1u%1Dgk^r z3S2u!;)8xZUioBLXbwI{_gX<}xFG*@0cv=vQWVrD!o37qxQBq>av`>&KpC&@8F7wh zDCf5@IF^Q&S6E8|_&xh8M}^2sZ5PxIo2PP@qSyrq0$ZX$Ur&t=@G<;O$v7v~b?t*C zDqW%*@mMyC%QuYCbecj?i&Cz`oYY1)tn6ySWe@C_0*dpG5{n|i*A)3J#UJCd;igRS zwM@}U4~2Z`Q#TI_mj%K^X|Ojxe6^MHx9EZ&e`*sh9o#Pz2#f7=2zOKK@AC)oSvA(q z?z6$%L^Z}k|CdsNWA)$xkZ3=OE9a|bz}|SBeHPO%1Rwv)#R1m(;7!zp8;LRT=lw@P zr(yz&7Kb0EBUz_+4qQ7^xBGIOGqzg*{GM~eqsJN$pVx2z;z6AKji0YC(m>~%YYH&t z{HN(i`st1){N-HcYerdpLgNH`RNN*IgrC5#X?orADwH!l|3GZc;p z(})_aupf?2j8kBcg2kPOyzZ}2O2NFGYkipXVkxT-{8Ats>d1N;Bq2CmIz%DDgNO^? zYW`e;3*U0rk>E(6WDo5xrjTu3rBYD@&BRi8SuHXXvj@zjjAcEh1nj!(Dw*XUjK^wM z7K-S2MfA^OAvx6ZgBk>n8}f^JX0qs$-);U;ajpFa#$OB-38&tvV!}N6eNQn2uGqlL zpL6r8p0IdG+(--U_3AG5;tuy{J%g6Jc!)Z|qp>rzj^$VCy*13$PN|A5gXvo4u%J#UR0VMF=J@bEK>TnkG_^z)K7?8DtlO|^-wJ8?Pe;qy+}B=Ua4 zU=je;(992-|G_8We(6A4(O&ZQI8gp-d)HoAUpzl}S@#(rk%4b?82T62Y zp>YJGQ|aC7=??VZGFDk0LT1vcj5Z0vzk!5ZQV9gHYV&7EnTrnGChRW=B+?ak8`oN+ z^rEM=fld$ZS7qW7c%N@LD8&!iv^-9DE!oADP9?Z9g=V&_P-#M6p@wjlvw+>PaEze9 z7K-nw3g{bbYPbH1?09z`3kQE*%al&0=(x1l@cjEn54=1|L5W)j+?UuD`757f*$=iR6i8ylK zK0rW~cDZ2R6!BsOQ0FmZ&OmrFU=I<(iI`J=fM~aq3>^Sr%7`0{mhsO#bS*SZx#eO|tx@ z!#e8LK`fwn+sHRilD~^tZ3@@v(8C%`}blKNLDS_Hd)IBE*FtgPrQBxzN(JZvN3(vJ=DS zqs4_N>F#WE7CQYSup!pNCWOb+-r0_wwulS)4EVwXbO;II zGjw*g|IG2-Zvjv5H}z_WZk_S-zu3Or z66L%lkHhAMb(`)T@4Z)ti&kFi4TcMG`@ytC3nx~)83?bWALKmHDf3z=%`e zy4n#+(sbckNj%YpmwbYWQK5V8PTA_n%yHOTH2}}#P2Zv0M*=_u`bFy$`|;*^_@!~@);rwz?w#(}hu$`VM)Q56+~D0| zU15FitK8$ir@mwnlrTR_KXd_!twF_OpEaCEQg`jG!7Xv%2Ymj!c<%0B(#_dsVb|JO z0$@l02Z%ZUefzx}i1I}nn8x`#fA{Qrve@~%ND2@I5FkA*Jd)mq_e6BB+|{#P3!OCe zMAQK`HCOKbi5>dfuY2E#hrO9@xkjHZ5dMcV7Fa1 z#YdeTymyr&U_dj`YLd*R6Lx0Fy7ybGT8Eb5fgvd7}IQ&RSn6SpI9Va5Bc#X8ao&;?eslhq_>gjf@((P@Sg zw+Wbw1H}S*PX8TX)^RPEy))qo?V_jf-m6f~l6RAMHOk&FzPdTvKK^rO!_0c7cj41C4{g4{ z)y9$V*a_o$oGmh4JK#*Qr~zWyDc81{=2_7li1zf|^6Ae$Voesnil$HXw6plBMW@pH z!cqkmR;M5R3D=~bH?Xqu-w#OIfpunAj!yZLv$f^t8={Ne8=Al{8Ax@>BYsBlVm6b3 zd@H~-82R$4u2FSu3S0RsU>F8(Njoza>UjVKM_J@e(?ySm6Lx9!Ei4!6D29O1)*Wfg zC$kW0y>qV6WtCk*Dl?aIN*>bh(DDRZ8JF+sL8(bqwD;NL2g7S@7Stn8lj^p3U!f5H z$*|EZs*lZ@#Nbzg+oAfqFd^0xGox7~AJw&xfv;G%spp3s;eNy?@J3sAJ+~pXm|DFiw071E8NWQzf1-*8=*4p>MJ39RgnS@E84`#ht9%8-{kGva zsIMNgY8mwNBdvU{XSFU}6|G+h;zkAQ8^%G|e9&^~TZdY~sMiSOhMam~A05;~bK#kq zW``ftLv~@D%4L@s&_i$`ow8$(=+}dF!JHCeAMMkFa)FydWrs%)A{}f)+qtV;M<0>L z_c4kMYq+lS7G?Q~{GBS)?#so*k~pa-J`rX7wJ#ihl-5axEb|q<2(Aq!){9t7jaID+e=>u@7X7 zL9$4QYa-U)r;lZo3rb5Gs~dX67XT+TgjJtJBZyY|S3iyDBVxv}Xu#B1xx%n4uF}dd-;Xu5SZ)YL32?Lf!W$fzZ<4~YV3MM_d68bHRo)?lBL*kw< zZ^MK|Hwdz5|8EStC*k1I(EnoC%@zI!!w#`(3}DzHc>arFM>lkqZi<3DhyJLH9woUm|AJSw^h)|NvN(A-UAt^Z|aSY2_>}})_RX4AtnmlLlBG{fWl`vx5YCGeMxuj1>r8dVz;pf zW^{!M+;$r5CW_-{9fehXkuhVh+)RFM-JzRU6HW;7BQ1Uu48Qh*6FB5(oHfzPAI%g_ zfb`1~duxw9zQSKR02R%e@a0?72eAG}F=|bYeCZ0yCZ6syCE*rb4rjKM$>PRSgFtrj zKpWgs)Y{f@VIuuRSla>CO#7TD%88?JS!+lE%Lo;qAj(?_h20C; zsY(*qCSMc`Y{fzE3cq~(l|Zg@ZXIPq`_x3sLT9{ANe)-#p$-VmajFIFHI8p%S(F4a zhoDGh>J z@@>aB)9pflEdHuG)-4FZ%~zVD%6Bzpq^j|GEd&)|rhp=9z=?BwXShs-U2*hY^7qeG z6m2ui&FpITiajFHvdMa>1W*hms6Z84I%cRAIZ-GSGM2IUK-wr$0p(CMu3|p+C`z?i zM!;GU)ebvK(#Cp7S21<~W0Fq>SkYB2D`Ttu1u{wZrTW<6TJo6dpQy;yzmQba_0LdjA)4PgA^ zYV47xcvE?iGT?Q`{0_K_G-EG~|^1$)Y;NgFFu;X)z^F_?KusdV0UO+WWAL<=JDP%7R z?2|U!*d9b5=n&!IvfS2!daFabBRK{FNJgD&cGyW6hE3lF`~sML;y87ZBouNSa%yKrwL)^k22-v|%LbBUcxISD9wW_t|a}{jo z9f=Dci^!_AG*0|pkG{%*yBW`SmV~KklGrVQ5Y6G*LO@}ZTKx%>td25895vAAR{YP$ zLaTbs^9Jj_8@dIj$77@o31i!b%<~ZO`4_>zBhb3~$EI|yPqZS zn&+FWZ43Aw;kk=IoXOqJi#Y7(DPV5KQzuEliyrXuiEQM26T(G5{D*gJ!wtUSF{ncW z#ml*<>cnQZC1+f#6{Q)c#-+S)u0x}NQ9+X9Ov5&tpJcov{CjR;UY8UHf+os?p4V=y zvYb$uBxCFt&c>ri7#3B(vq2)t>M@+SLnfY7aDo?M!CPi zKRpI5X$E3Uf)CJrT>ZHk>I!Gu028o#^CF8|ufKdxwgA!uyII`==d3++A_ZAPX_%On zb{hKcxq89H-9ZwaK#dW6niG)Znu%|{Mc)wXV5ratf)5JDEk4N!0e!c1llP_qqKg!3bSxQC6?lbLF2VPm}dD9nC4hG%owAX&y{8)8DAzX)fz?F$67eb?G0$t{He^K#`t8~>#_WE_Rv4&AklZ5^eQmQy1=+Ev1jwhh?HIs^lQ9hH| zz-0Y!BA-}pT)UlY$4Fa&EAAXkd{5>UgKo%!w3fe#ikzuUFK9pK1+iL;H>!?nx3q5rPm2zh`L4vI0#<@wzO zrDdL}iNDA!8t7GOXN@((gyMLMzsbCw4jusnD};d4Bj#{B-53SXNwFJW9Q&EJt%F(= zz!oyagc6K9c*$c}imKZRSPc2&PC#@DV%M>)Yx)3$$i%zdH9&6#Iw`y1tFt}Vh+0ID zD3jVaJs#WXZU#d0*Rd6`L7ic;W76E|G7em09jp=>QHz;pvlTl&=_Is^gHq>!1`pTj zZhi5xKTGKGCBluLU!n9E7uW^43#6wPt}<47s5@vLhvom0YGD~MLI$uFVV{U7`Gi9n zhYu6fFx5rI=Vg9H4P4+-eIKsPSemSUW%bzXP&cEbA*f}MeluyhtVnKm>a%r7iQU9) zr%`TH$AtJ9wP2PU^fNd#%lZ16H|aE5Ws{N@FWFl*KCe|<$SK1#vK9ZOqzco`GdsH( z=Rje^CuTlDJk2$^Sio-Z>;K2pR|dotGwtFOFYZ#jxI=LY#kD~3MO&Q3-F=}HE$;44 zad&qs?(VYaa<}jMefQo!yL(QONwRrnPLea3XK)i3>$NV#cp70B-D8YI)7^h)x*pl% zAagzf&J`aVtG167y7958Gsr6KtoaznxlIAz_r=aoQ|D9NUZwOVrw*5{zUud=nA@)n zsxD7da9wtcK$U30)+KI*I@wZ;@G*9t~d4r@o|Oz;{3zlhF32UL3AfrYlG<6 z_SV%%`vu|>V0?8!h#cDAY51Oq!0)2DtNOvq8m@QSyxkf-a?tRJii6(QPlw8|otlG1 z)WtwN=WcxfnnwYM6xvT}i;5oE*~rJivTpGODy@JExAS^;GRPA~=Z%T|6JFe~D)2bK zDxl`n(j_WqUE=_0Kow|ZW?)*(&s(c&R1A(X^f4`N+?Rm12XT2{jRWdo-5Q-J<6I0dV9hSS_6jDrh#0UR~ zIIoiL#rz!pQgi5LFeN1(xWwY9t8{W)W28jl(Cr9+sZbAicv-1&aio~kqk|=wIM+N_ zTHEABB5^Cb-wj`iPtA&x(5YgL*SnxeG;0XN`xxj{o4MvrG_kn+fGZ4$(ILt;1f4n2b_)|ji_uuB49JGf% zj*LHxiHBgm3Nfs~;50w${p&*hy|NL^$H9bvIaPS@_B-NQXtmh9@WkTOlI;Phtj%sD zOh_v*GnUX?AdH(@SlYDGt)Ecuy9cO?rC}um4Jl?w6$njRHG=^izK4UC{ZBtKDxRs- z6EbbD|CCU3%qbwn2qt?rf0X-Ag~Az_!fwCf?O;IYcQ|tw`u`d;jXd=XJ?Q~UOXT)8 z1T(`q@uu95zWY{@O5Ao5{gbNO3u2(jJyd4PO_z_S{4RW zd$j4^xR>l-36Af4NgZV7iB2-7s2YbpWj%iMA6`F=?ewRFcWUj?xZKZyz4Ip)n0eJ8 zt3S9r9A2!=u0OM{NDaua#|}rPqHuZSEZS2;UO#hr1fVr%(Xk&QKo8n^AJ0OwRh>(< zO{1Azn~>{BZWUyX%vo`r}Qsrad;Q8%FX~F7V*;q7&jc*x=s~O z=*d~K{wF{YAimv|P@$Dboj1#L-SmVHturYFj_c>#vQ-6WZrOAED5bx2R6!+rF@u6# zPz2x*0c%cvA0Q}H^+%E(-@|`=~ zNy_(zQ8ZmxxUc4vZ$Z(}cDOKei3$FcXN50>gob{1FJX>&(vbXcmm+>_0{}pG^h>0mcWhSq@Zsn7mo!I?&fG*sx^(O@!N;EEo@fq4es2(jg@e> zRsC)?pWS`)+rP~|add5K(vJv)G1l9$jx+7_#;jzF!^`73N=a``2i^)c9S{GP0Qb$6 z^dFsYjecqHNVqb?`#30_Fx;X3khy^2q`kZXd^ds)@o{laH9=H1ms#zh1DScH9_yT_ zqs)afT>D2Uyl{xRE+lf-QwE58U}zElhwWfsr`$aqYtpQK2`zV+9E{i_H*T%vnFVDG z_A~8@FnhnjYk3x>sXzg~tFZdf>iW6h>QS^tGZp-)(&Iz^t^KGlXeIn%V!axr zqw{~o@+@bE-Jbleer@~jzhroa_wQetZ*k3xrxGuTe^0y~id9zLZKy7+zJ=}Ej2%~) zzyd>5>DbQp6X(!?p3+hBz1eS*=jQ*PC|Im#KAk5JrN>)^(d~qZ@CEH@3;|`JNES(H zt3|hxA!CF<_nX(v2-1RuWJ2DroA06}3q2P>;hZj;KVjviSm859F?1`ZP`fWrvLPK6 zU|W&zM&Dp35V5R?$3*h$U-IKR7r3VG&@v{ZKpy=d!s6$;da?A$hIommlm)L7Yhq_F zm4)jQ`3|+zTEdB>LgjQx!BJ6W_u2<_}TCh<@C16(&QONDM1>v|YG%h|NBuFXpSL z*rBAsxNCDtGh+fA+?`Adei-3RMZP{MjkaGONH-d`^^TupV|b*`+MIk0en_802@4cf zd0=834Q3DG3KT0sxf*Y6+id4m2A8~20WnyJ$9|R5HKU~yPd2{DXkYQ}O(hr8Z2$|z z=He)^M%?v`Ri!TvUL?KQ7L&E9+>WsOJYFLOHH#-aoaxH;kE!JNL{N;}?XJBFDv?bpoWNKZ-H=P{6m2-J}q#9&y1}gneDt z$i!xaJNgM;uJ^w=)!z7t!l*L;JwOCv+0v%+u~}-7+d{@r_IgG{A}z4|S$vC{J(XSv zXet;2$HytvZs1<6n{dH}YKR-)mv$`So#2wS`s_O;_S{Z-J6W(21VMqUihU3T4;N4t zji#F`s*hf>_yr~Jdyo1B;~Ro|eV^eyF2EA$1;~Ns(|#5BhMi@W@akfWX&1S6RMD_| z`md*QRR0|S7m5}#!l5evz1~LIOouoqLfh8mhtZth5Wdeh&}Pk2oQwIO&Odb5rm|T>B)>7JQ)skNhHWl46j6P%b#86+bHb z`M-E^F|sde<~c9_{KA01Rj4C#P*f4;SL6)%^pWv7WAm+0Q;Xf&Z^-;J(j!CjWfgWE zE?vrT+vP5rWbLn;FMaihBQH_HE|yep4QVBfJx;A@Pf~sclSGD#ep{sG$k({$hz`o4 z%-lyN9xd-|SraqKjY z=GCz7ABM-DzC?X0`{9O6Z}o(s;lYMtW;f^nM!Mb)%#Lp8WIy!Uobpil&_f>FR02W2#~mnW-kiG0e>0Xfpuv? zFaBZ&xKI%s1Vd+4DBCvY#KLHhbo#ynw}wtOg9Y0&o)i2bN`UF#HIE09+4J3v-Ut<2 zR@0qa?}Ol4WkU)Q%AuPGMc>^&)bT2}i;sg3E&5zeHc%R8x@MxE95dcpO&2wcX>`ox z+;hqPOs9ObBZYsVeuRcS56Zxi8#Ee4v3xfX%VD0xk#18skCj8l5AQxqQc;>e&iWAb zFW&hdsZ#9bZHfi#xm8A>Mn>gB!|Z zbd%!!3XOg2l=4x_aezx5a0_komCGwFB@4!GV-k|XK08Jxq92t1=cbiHA%E2KMef%} z-W{ypkx!bAU=wbLst60ZnexH!F9EC84wvho$p0A;Cy3!kl-)u)iS$nPcmFFPRWyU` zsAn+9r31Ndt zTKS{UMc(7Xusqus-J^_Zf1Ceq*g~;@T3k}lucLn2tSfmc6(%hQ!FcbwxB~PSH1_)K z6COj&BRngQPltY)3fCyA(le9Y*8~*6;m(uVat+7AiG$IBpW{0Woo0%g*`3_9;Z>bz z@-l;ut{A#A(vOwD3!_CKi}(R=NdVALU z>MieFY%`xJvBTkIY#9j_{~IDcO*jz&d?YoYi}}PUQ$%iVYn}V;682b*9}gai`+JwQfF>>9CT-_|6v+c%mQwh8p5&{@^0B0s#sE!X7}G=rrk7|IRmmD-*`~f~mo= z$a#tO3m6=~)u82TW=SP5=_O=6srk6qmu7eXWxJ{!~G|8f?t z_fsbI6sjzWfT zMmFzs{Lc3vk-IR9|p#Xui{~`9!)64 zChyTa&p+CbT>s+llR__u@r}e6jAXTdRy?!u(>ifaYE0Xn*ZJNHMroNIb0t zI)k?=ZOL8}-omvY5}}P!26Z@*8)NbMgct4n!dUK$g!b4!N?{U4b@)|{Va z11E?p<3fdYzF~(2`bUcGrtmbw*w~JQ3z;fU26@fyyHLAcF;w0vwxHNu{at#(y!;$e z!}e_@eC-(2Djcs&Q?RS>^gPlj4uu0B3j_16a4jO5eaEk;JtW9}`;F#1Xx=}|F z{b^0s?oRuS2WSwK%F~SG@>F!HTp465Sy?JvYe#vMIW1$`(~d!X0!TQ2Z4hPZ@u+96 z6=ixzXZWi~@}W6Z(9^psdbYfEIHzZzfXTPnaqq;FKa(nC(YFdd9}{_ESX zPi1m<`su*Ygy{AFguAjEECIa}b|ykQuE8o$vwD|1G? zdIF6$!*v)YFQl?p>WTQeSy1N6y_Zkvdh=uq&Zcw)AD@#?nS2iM$m!NbYU7Ct5CyC~ zToj~1_UADUftV`lhFD_0e)vp^zFvsnm)rI3_V#wc(m*~94_jGe+shfHlxz&*Dh#=) z(7rMujf<<<`R?{kRD61$KPptX&+c3`Kq_27OQ|6h?rR(08R1YcrJ&85KLMd2)b;d} z?>+dzL%d6cea+dZYZ6|>7xVIR=O7FfP1240mcbOe^9`hGY2)bmv&J43tH4OSPL8r%gVM!Co)t*>*8=Eg{GVJ>t&ShDggD~EOp<2u2Fe-E1g;#XTQA8_ay1Ul03i0&jbQ?X_ z)?wfeu(i2O*jrS`pQc7jhBf5!W%SrG${%WDlK&Bo0zZ_*qJe_Eill2R^;Vrp#LT~M z*AG=ZDq3&|5vHF<4dx{NIOk3R=(r$BFyt@yR|li&p}K8YV&W5g-_4Zc&wJ6q4pYU^ zorp;HK?_6Dvoui7B9|j7aQ%Xb&o{TuZRvRC%{FUsCZO07?hEw=oWZf$ZIeB9+{d4E zdzAr0m^6r@qgm6~f0`Lgh5R+1v24=VpE9z4oA^+wC>X@s2W4LfjF$|#T3;|mxUgKS zdvht~fJD7Je>_qM^h$C!efi2i8Aqmn9JMnV_-U6*1;B>2A2ZtSAk39437J(je%u7C z_i{41i~YP_$I1%=2PN5&;I>f?xL<_Ts2x4KmTQ5V{0YQFM4JwZ7!bhp?k@Vo^;_~) z7`Q=v?ni}XfqeRV4O_?A82=!*KE5cJt^`Q6NZXx{dIPi^w-{x1PUP7-YCN51ozDBH ziI3hC>P=gpkV~vwTs}CPPhq)vzS?U| zVF6l>&a)}c@1Kl+Okr`qNx5F$NQRB0o{vZ9C$nN=+}AhErjrk6Dz|Q@%ihZic>k88 z;jyThzNZWuwyVEM8^D)Kw!v&Rn)%X3c)rKCP z0L7GCi?K+2<)10?i&|Bm^({Cs2RCOhzF=YuY`up`;R#W2r;X#d6W&)!{fsn5<8Hp< zD(1YDCqYW_8vkb-oQyn)1sz_*ZV|C|j;6*-mH%jV}Pa(0d-I`2=5{f`N`mTX1mor&IFuv?wm(1NFnE29LHW6ek)|DBC zfT*Q?!kZE6*k{qMXebs*UR{LP9hRaO$F-&WI*kX?#`fry_>O>oJwUy0uWp}1KsN2< zL+2}*FKxI(l}VMl1ViUs(cn?|WrOqiS3B|1RzPRfyCz;Hz7=zn>^x^pH zd2ZUAGIEd}Ftm|`QDSv;XVcwTRyA&u*6q|;j*)MZzL}xdSenZfUSy&(r#VqC<_OA~ zeEW)n`BX?9hQ!=hb?5SKQmSW~zJKFBWIzFur)qp{O}M(l)7dJ(le{9vZ5h{n_qBkl zDHEfAZmHh4R0Cy#GR^D8W}fUYinue89w+E;O%)-cpl*G3T^Qph2ImgD;{@1%Bk%lw|D1f zm%z_%XNU7@u}lVG8t%4-*#Ac646ojpA-Yot*>ntRui^2{xR^u7@1AGt%ItNSdv77@ zcgf71c>$qSjaI4i>vE(d`plCPKQ4vJLKeN!$>f?rxL8YLtBl@-zp_}nj6D!b<G{!or|UFJ(8T5{Ex%5vm2Ee) z2Z}|5pOJl9I|nx)|3NGKznt*G5DKE(vjD&=Je)3)dz%Pu-$p~gTw~K z_P7FkPzU+pyq|@5WR@rk)LdH!c{KpYT_i}4+xT_^|5@waAU?A5s0^AwKC&y|XCjKD z0_1;l1hww=yf#sxzj@0F>S@1F%z6~G$Vq>KP22g%35WU|0I!3{^$$n5fnE$t4dMz< zQh-R^ENh0s-516r(c!Tq#|f9OBcacVS?Sw1OqRXFKSV=BM~ngq^#qZ;%WJQqME?htH2BIsXXUJ4Hszc22WJl}#xGS)DMqh|CY_oDSDxd1NxuOeh^4DctPj?^j!S zvdlL$Pbnu9__HoXrrU4GGxyP;x@WLC@0Xv$oJ9H=%w8`5wxJlXmwu_l$P;AzX>()W za&U{Ulsfr5<`lb3(l#WL)Vy@P2XvlPFqd|Jh~@6t8rI+58oa=%f+&c*#3eql-(K## zeFt>vQ{2X8Q4p_^9z_i@2fB6Pue(no@2n|kMWGHnGXmS9F$bP4svw-Otfp-)i%Uij zvXk*IJAn?n1!)7wHwW%OGNpG5F1T$^Rp=I1v$#QCzE7o_>zV*^Eo9rKzt+9H5~OX; zvkelYm3MzRK3eqBRzXhSbSo8_xvPioTO)euRQRm1(mxsi2a&P@41fm5?1BJ3yo0Q2 zGnhmuTUYXIe~1@lb+9(MMJHwAucm$92M$fyI7dTu-YJRSP9PFANpz^|TX zyAgV8lcy!~p%^-EAYE-;^cq|z{JHYn=HTVWVF$%Oe0P&iSA1)8w~%+G)>{xPtM60J z=DOscc7<6iZbd#k|-xOa1OM z!AiFsgEackNd&U%q%qUl&MimjnQ2YKC)}&G z;yofAPAd+~TfiZY%80Cn*H0`oPqBu7@BUtIYX$cnjivHzX&+@W%co9?>CTk7zs3-F zrD$fpcw-OEY&2s`$;eghci6Dk3l|R zmU)B*7*BqM8d| zpiXhQmO0Xa#oXmoW+Q)iqKL(nPvqglxMShuvkCvCr{(sSvL*c9*ex zO?SJD#{?<|5z;<(2jB{ZzSdzvqfmbXY>q98ZC+OI<*$+ zgS7lz%0>(J8D&YXivrFS3+gmZ4u6Volmzn}giHO0!G8?~>OzhT- zvvH~_go5?Ps}D3TjOK4phc-&dT0FfU-)mNbn!^hPy;%t0Sy^ID98T_)bu4>MQ^g%h@G69)6AV za7jD~NsxOgDgYDR*&ursZVmsiSey`1kU=c~mPa7&ww1>25%$S)oZ`-D2B;17YlMbB1&X@|WfpP0)*^XK+UKifg4G`|ywA6yoC zLO9qIP#J9gG%+~MAb{MT!awoHAvCJaDqU{pl-PVsKw%(-b0X9M>1Q1v{b>7?z`R}{ zvOk4+;u|!3XP3vvi7yTikdtz{`SvQ#LA*d%p9jqZzJqVL)8};L?NzJ;FM+{c5AumU zdq}7gUwYBjD*Az`0CKMf;Y5SIZ-^69y3E!p%7KD_OpgclM2I~k$cZBTU~?7efLkD} z+XHQ1;god;9nqXl0JnP?c|yQGF@PH_U1<{?&KyHPy=xhE;+;K#zlh)InJE^f*WFV5 z;JVQLQccn?5vS8AQ!FyCHNs@y9$)tRk{Ze=AM;aoQ%d6J{w2Zz@2GaV(>oItLa)Z9 zynX=7y?#w&gowuJZxaB21Kz098-54e!d^&He zg6RcZGVKMB+>cfBhl*6|VYDwH_dxLPOR6bDd>BsIjVV!{zqlW4J`;M0FP(H}V&2TX2p_;`8d4-EeHL+O``*aBF4(6oKM zzkIv~X;7Ec+NwOGMtVS($Qn>?TNB!^i*Nn4T%=~8PZ!5px*VehsZSSJp`&jU71}_w zps%fGj1kg+vmmAYY!nsLfWE*&X#!LIe5CEI!Yttak*DXwQ04$EuTbs+KVTfjUs}5o zSGcHJ%j(OP500ywdhvVaWlhj_!~AuAjRSW(U(g%>y;cS0n{M5a6ofG3!3HeP8-(Vb@+mAr{mDbdvmAs{$CqE~h zk1%juoyRe&?xO04538~~S!vdxzfD~Ryq-#Cd5}dX!Z!YA_-%qs8`HLB&jSY!<5q$q)!j=!O^Og~U4FD(*0pM7($SG`L2J%;tcRjywKHCFBbGHNvP zQpPjeqGW)Y#Z5Y5S2}@=d?5o_xDFTOk-!UWGB56o-Tnhu13az!YbED>M|*bkTE3x( zQJ^Hl3%{k{$4ctww{POHX)SVzX}@wf6{LS(ooC`?ZT4;Jqb)f`p2G_O&5^fIQyrUE zPf&zg@JKck`t+JiHnl`_@5k*QBwWcWv)nbzyTq`A@qGi9qMJHum|>e&{b?61U&{sX zqbtm>6CMbn`)k};0R5&8A1fU%T))5d?6iIdNe*;2F^!#N(qVQF3kaB{M=?(vCVzq5 zj=2)9^oJv(PB030kfeyja{T>#sP|)@w+xiD9i#tc(Yt>&RLjwR!<|7ZJ;!30dRf&4=hXF>Pk%w(K{K64m1pc5U+H5Jn!&I6qg&E0i zDBC~t9oP1}K4-)hv2@A7$DM6qg17w|0siRzy5=ELhM2=8_U&T|FWBU&Qw`Z|=K+nj#lj zjG(?0Ca?J&#@>TvhY1Wk=ajetF_U|~%6+kIaHq!HD8u{R7KG4 z)2h@g9it*WSlf(lek`v7z_nQ(J3s(F{e}_@i8fK`fy|CKU=qi|qsYeY##5V{h7O^b z1pxO{cd{sI* zzY~&;Hig#Rw8TG;HOV0_B1Y`@TqCfe6+-&f?WX+3@EdRPnMv?fXyD5^7&sJ8>f7&M z`FeYiOtKSi2n{&~Ri7h%%qLUQc`7>JCsT(R%E&NZk-(@ji1|WA;WtvZSI=^osk<2V zmw}%T=UV6%BTri(X724FLr&CJl2gmJN75=tP1CJbNPr%0j2EovQIT0+XD1Vnvw7IV z?4Q}MGpyL=ZxI0sajR7;$E2Q0w!&{GU})DL91URlthYf$r^r;>j5!Tb2}>YKT^2$%M;a0X@cxkxCk+Lx1gU zB%<>pp_U`sTKaGpCoF2T9};FtQn33J?b>&^?{#niUG`NziK?H?l*$8^kaT3_h61#= zF%Ch-3UH3>HU()Mbg`T8Ol~e(=67~U5n!@O6-a^^Dh^pZOT5J7pgyM1YdFBKP1AutC125r@NJ~*`dv+ zh5O91g=GTr$<}oh^!Ikl0E4~a%7r84YD*OT|TaX6nO_P{6oP47ivo0NzU`-xjz4g8BaIq~sS{Q;j*o|ODU zv~!vJaCAQ;HldadO17gMs;%kK2=T{Kp)tJ?`Oo71s^<`h4M&Rzpuxo(+Oxt%>C8@< zN_$B?Fu$XpkY@>9LQ0dBlMU70<}6-y7_>05!0~Y@FMPd}3gj;C>1D9EUCvi^!tn~^ zizU&hw|NKKELU_4HxCN7RaM)_5!@M~J@yKnn1b)?vsay-G`CuPD!aa|bN`v*k69z- z6i$~AG-B(*rZC&*1p1A$DDlO1a%cM2CMMA<{ZP<0x`@~z9FJjgI2J0Sg&I~uva#Yr zn6`;n@n=@}5EbRU=0Su&)#+??V!~Vrm_`t4j)3H%=%Gg8KybLKxP+5R1qj!8`%51V z3w5F_c0@plT+X+;vM)~k!BMKyH(d^i`zs$$wO0CKrgqb%#LumrhmSxA398LJ)lV{}@^IS47SiNVAAgx}3dC9vM8LAPw7?7`1piSL z57_ErynD~(z-B_aN=vuJW&(1-R>(&Ced@&vJG`f*PD6VfBA;4W_~Yv#+L{eYK#oA3 zDFI>^BPcA#AFiA>A+-UAj3#l2s3y2yRh@J&e)6l5sPiM>gd`=VgIX7p6$0>^FvZXYvNaWiFX(_)v}Bjh*U{wS*oz@;W14lsEm%y zoG7XUB$KkVL!r6yq+q2uYnkcW57_*3bBlvG)yMZ&Ps4doh+!+7Mrp$Vi}QuxhpnWR z1z2g+1T-8e{a?AsB22+QgLhS7P@^ii8DT^yL6bQ|{i{5AHnIxUzm}xg<>baN`@1Al zZ&98+t*K#!=jLt(E#t!I)V-qUJmM@Utmb|51oAX9QDrT#ej9pz%-MXPz@o!Bkc4IA z@r}zC&$%j+3iM^n?lQ;8TjgNJ7RS?SF(#18_78?vqrznr=TrT=MDr1ZgQE~0qrDx} zheJmDCsyh!4h?N0%!e8&WVH|_;QqAx<+yNKvg!w>RA=sJ!#=cbcRmM6C={^8j(%jq zD!#`?#H+`Cmypb@C>5*S13E;E0Wmv{xIoJ+QG0f~kneo<$KK=%kcJld>jJy()jSbX zq&B5BK2Codjv|4h@Di&X7~O~CA?5c=nV!mR(JWI*kq8H$oIk}JH{uJIKx{H?1guCJ z*}rStY$NlvFUnpMQBI^OWRo%#svgQ~RcI!-kGd?ts;vL$@12^4E{v!Tr#~Z5Dy*O3MVL z14m&OpO=R>9%aRpo_itKSdE-LZCFWyg@9+g&rB_Snllov4;?rA3oIfh0b{o|ZUtSU zDr@OZ3Odilbk|Q_2R)4&tVV7&1R$)b(tE=HHKf=Ec&hJBCwHsaaMtM(m)L3$TtRfD zk;e}j@UY|YBo>Nt;e_+v_V7?Oy@8I3JNrL1MdqJMj@x8MW#k|u+Jgm21%hlJvJw!2 zL3AXFEICFR{Tb-`SNA48)DFgT_-VotclP$lG`J`@c|=6%*)WX1!#PnIrwF7ye5tog zO+e(h3Y$cT*&Ov=e@vX!#Aaxi)y(G7{D3n!je7SHC{L*;@xNoZj>owv7ZsJwH(s8p z$7gN6ZI2c+FX-f}oyE6rr-$HaO9zhk;aEzyKOPA?A#eR~mcwyFG2UY{8d0A!#>g>-L)>sl z*BR&n+)Y3|xC-wm8m>)|xYF1Py4kMWHTH)Jc*s>%DMUnM?J4?+$?F*XQNB>$L5)a) zB;y?(t+AI0XgQC|fN043k@j~2j3^WLv)n*PxKNjE?jz&GRKp3JR20fto`2xsSi*ww|1)$E0FE0|5xx!NY!CBM^h zzBss!SWP{Cp$-7ejab$1KAMe4uz%Yj($B@~=X2JO55(`sDUnsO^bGJH^A>j2qc)Dz z*f+`U{GiiJ{NSQV&G~aKVbWRpyayrRr(-h|0~YxLc`96cqIgS8v4_%D-_bW;$3`CL z2#9fy850F$YA|vW;_PK=`UJmPZ#;@~H>m%qynDVipbvVP1QSpup28t5^idaCXMJ+#axAC=%F92t)2lS(Bd?9(y_nI8 zM9}V+-C8cC9YNRjm8Isl#v0azQ#?WEq!L#^;@sbt=T+K>KRg1l#R?Iy zYx(~!aRcRG5qUwX$Mh-giZuwP5p+1}EXK)mf0e}OjLy1LELmg~=^I?Hi+BhaIpQhM zaI)nbqz740jaX#s=@IdW(1O2?1_#?k*eaGMNZCiwd8@P3q|HtJvUV?+_rs{dQ=(#+ z7k0p?8h<~IV$F*?FXs>n7+2EoEfd1shSpqx7l3mjfqU^W(MY9q#~CSAih|R=ko)@CZBQkf1gsh1AW0?#U+^gkI0DR;iUR;$e9wSRBQS|zLJY+%ZU%_FdxMm z21;3)LBF$TzMN&ohO42%h(4;pWWC^s%5z3ETS_m-Bx--H!ASfa7xT5IFa9fV;z`r= zk*j&Tdc)b&SB17Ip=CQ%?DqX!TD$eawOccYr=aj#k=28wh-SR?w3jgbX~O#Lw0J$h z_1HC>Zl0c*vslB?M@PxdDrLQROI!mdMqbHaq^r~on_PZ_W4c7+n%n=IPH^#z?YMj~ z6LbWv(+uutRR4_1uQD}Q5%^;+YkK{j#|yPf_)YbV$&z$&SI{<5X+mC&mKkJGaGg|M zAXjXXY3ESu@U2I$Bx2HcT0G&)&occ{b5LK)*K|&XW|QWQ{Yn+u%io?i5gWX?$n+vD zReSA}xQGfs&HQ)TF2dSQ7StbVZbLCi+$C$RD(D-pI{F5l zETUZFV-9GV3t)gL9-W*#22XR+1$zW`&~Cv(`eavt!C%XkJ6!tmBrBq@#QP!Y zfp2!le{?`s_zM2)h}lz3)Sv7r_4RN-_XQ-7fGGoo_|QVWFH7;bx>dWNN2k!0v= zNi~fpWyZi+ILz7nl?lMkZBUg-^*Qe3^D5w z=(~nAGO`TY%{n=?u&wx796equpQcciA?=qQl{sen6TMoZ1x!93Z{MmQ6_2jz&Ncl- zwp|4;HNXRuiyYa{w}QEDt>Ii}7fm@KsYO?XJtRcA$I?ic`C42cN?5fc7MY2i%RVb; zP|}Bu)7DSES1;}UbH!+1`WqREixx3NEWJMkeupLDIwGOO*k9HD^5DifrDk7elh|y8 zzqLhIlC*UFw%@0~$9VI_sF;rv>!wwP;FqgDtROc50pRX!tb5XL%U$R|VbEz;!7#h6 z|1mU(q2qW&_$|VV;4u()&$bIjC}%15@~%H&|Pp{Xy)B9+JJF zSpHX=`k-!GrQxz3)3*# zPd?G)WWwHqR?G~*v%|l?yknUYz>fsuygP`t{K6i1!kibseJvJq`>tj$FNy1~2xke# zop8hWJdv0_cYf+PiV{3-J-hmdfiNZ9?oA)kmE`J?*2Jy^es1wxl^Rx z;*U|&q=a`NUGJ=guyOXD3S=-KQ7i%YAi4MbRLn~p#>vKPp?^!e>5=kThj<9s z86EmIaA^uUV-E}oH7_G?n-Kk#sSb9yr7}E}@W{zg5%izrb?<6qip~nnWPh?~Y8dbq$_9bEEMkp6xu(^)L@YX9dw7J@1GnZ+j*{>BK@K^blWGN6NfT{1Yo^2q|k6XgexZ7(Fff zycOLFW*G3cvhY28o_L?nh3>FzFv z&OxLkhpqvJ?rxX?e%J4M-#<9(p1IFG_pWBWG&NQZBn#%_|>65qnQ9C~(?r*xUC*HBldd97jtA)Wv z%VikBZ9|mO`gE!tb$qMxQN%I z+;MiX7AUscND1Cl!~5pGkf)-U_lo`}VuK-Z|2Uo&-vE-<9Kh|7higs&}NY@f?lXyY+M$WdbU4$QCnOQhzpamhjc)AUz4)~{NlvVm6>ZXNtzO< zo2xrR)avHES&qJFTKWU=@tph;vE>G9-`pZm|RUt*2XbiJ(ekrHj8kdP&7V=eCzd z*|B-7MY|M|C+-IM{>X!R9e>xD0b*0s@i-#fCp!yR$lkcclwhoP#W{#`lH&&%t?zdE zq&~3l#?ti*WGnLmYtI0t;OS(cVxx1UaP|*z?*tnB16Yj3FA1l0a+ziNf~L82lLoiw zmPgW0)E2S*f}?#rTi$`$YvfANLMZ2g$M)kxo(hM1#)S% z%NyhRD0;)cs6B0+v1(IM zyw`Ojz9YCMsr{LOf&Zn zHEv@skXGwVGa>fW@heC%)&ukUVRBET9>v_E8Tq!N z;%{zXzHTu@cU;b~8^~bL2(WA2d8V>k15?bU=vnq#6fxa|nvWOvzbUSUah-j!fYka8 zD-jQpq&b;X(v=`OIj4xrfnlIfz%o)h>bG10SDN&9EYlTw@V6uCpQ~atb@gG5g>=RS zj8`CwfYqF)59c0;{nTIap33BM;l$v7Y;?b|uvvhOP5?0Aq|!qEH?!B`GS|t)K!7>= z!(T+~$NTtBnwDb~qNce!Mj^X11t>5t6rjWPB>UjaWPFq%ZHoX_Kj#-9*2}5JfZn5A zKg4&p{5t;=XyaIJloENA7Z|RFA#UmS@gVY~JI2Si?hk*ZYQ5^D&f*Sy z=q6A+?}6z4_;ZB^MXkMm&rk58|-#feDkkh*bcutwq8!Si2z+M^Hp#@_5ttR7w^1* zy+3I95S3Qgd3v&b9iw~Q^n?>3Uu!cAHM;lCR3vhGtPdRWF{WN0=si{z0Z(3LDZoDh zQXmBIHHu}czrOlNzcPf6!LoNVJ}!N21jOy;JcXh*PB*u|a)U_v^-do5rVoq2jR@e= zt<%lxuiTyf^?}E${US7@$(Ef+&?M+f$xi3C3=)R22}yn=dYmssf`-Ds>_}0G1AFey z+ipKf1=v2OJvv?tJ=WtNg0`iocrSBq#+EtnW`pV<2g9#GYf@qtS@%-ALP%JEwad$U z*v*JD$-M(&{xJV>5%i^Pr}J*?f$wp?<`02D#Z6y6f-1_L`xeg%FQG+|3zHLn=7MQ9 zyM=m6aeFsfnBBfJlFtA_G}c>HmycfgU+EI_V&zn0d#^NYTH!??DN zhSbH^>Tu%V9HpqWTJv|B#W*jE5mub44*V$<$aH!?A@EQPb`t`6eZoXANl>{*+y*j5Gh-b zs_diz$yRn@u-ebXE!#;$aH;XWU{-h8}mo2jC$n;3{wy}lCC*i5xs zjGyYXbX2d4l_;-q31B1GL^lokp5r;K2reKZ`8*FxjE1JjwO!>{`8&Q7UQl(M=q3KK z82>L$j%HD-MqduLcWUF=-QpK5Rese{&l>4*Ne}0H0>vq<+$Dxra4s5g`3I?}I)@{yTb}+Hy61d@8}P{#Ur~0%s0+sGNsj}J_uV;J z&r$88+2{Ia%=d={q89QD*gFQow9m2>oyYGhL!Il#Eh_%x5EfnN@lR-*t)M^KAeBfA zZK*CTaiDlFkg^y5ixo##CcmP(w!iV3#HR;_^1y7UEDXUVi)K zNAf~=Gkf$$e~!BYh<36X*ubAd^bo>Y-=9B18^zYfW^^Jl^!|}sFE+-cZII@gN$Eu* zoL*6Wz}QW`f&=@<0Y!|r9P6w8cUX1;d&iI+Xu_m&>*SR{vPHpvHTjJ-ltwkbsHv)a zfNaB6V-2r>yqpOE_81Pptl1gr&*z|vDh}YVKVuU*Be7o2Owo^x8Eto-P~zw>6n-=^ zAl@NCH;DCm^3$R~rRM9mjZ}4cod!wLjyt`?J&WAuI(Ma0^!#r0*buxNIS16&9vfD_R9%S+&6BrkLjglMH~ z)?);HHsC)eL5CG-piM=jL!V-g4Y4-;jTjB$z(ztENqQ(! zDe;1|BSZ<+Q`>^wCI^(-u=`8zf4`_5X%w(a^b zXR5l!&hfihbbpVh*ilWTTw2O1JXCNj;&RGSHAc2NSk&<7Y2Ni@jWIV?p}dx4#OU;rHMpMxz9;Bm@kv}T3M6TxQnTYV%sG18r;?@k&qm$N^2f@YlS#86DmCS~>&01VCi zqeBQGLlM2KjHFSx)3x7%Q9m4Ji!q%d7^ohSZMy!T05E}^o zS48?8vKG<%oskrY*ZVuSuwU_HycNXIN6q$l^}z3bCUvAxpv57k6-0z_20vDEcJCdQ z*=(vASJPsVShHWBOLUSn=eddKU65&@*6el)Yz%|jD@*ZjB3%v59)lYx#a{MORMoP+ za}toJk5tdCdIxT##EI7%mNAFmX`rp7{p#P>zVmy>5XR7|)7-EmU?<|i?VJvw)VSRZ z#Ip58xoot{DSyz43%`1m;wUkCta9|dC;K(2#ZNsBMXjMI+zsT#Y9nPGA!lk}bJZ`- z_l7Ys;5FQ(nf^Oh!Ty z|DSy%Ws6j|{a<=?iw!bY-eX=$7?l)R78LhAXGww}fu!051a@r@du`tNXL>*W&$P?W z2p$~mxcB|6a2E4!_S3_C}<*XDcq`BwdVxc3cSa4c~w ziZ-$&_7|(sA|-oGY%^{pRNF%yqq(>2-fuG(gHj^oq9cPO4PhTmcZ+g)qIkA=*sdkf zL!DnKk-cr?WlMkZt}~S^vjTj>OwdgMK)pACpPDsHSLYCV13XAdrSx_mZ1yx77m=QW%9no~M4H2YWBh$@` zFe|8;c`Z?P*i~zFwV;9^oaMUT4TZrkDB@@Ahu!(aJLHLKi7c+?#oaM=`ZP9vfy6A+ z%o!`w7ct5=bHelkS%J*AL?n!~+NB~YHWxF0!%ohA>s{;=?PIlzr+%-Vd>-u^H<%^y zL5fG~T;Kak?{`_pKy!!JiG&F`dIy11gY12TKlJ%@EcR0)PUF&RUpfnUt9}ND*nTv} z`j=~qQ&WGHBE~{c_v$(EjjDMf5g~*iviIEwm0KVFCz@fgGaR%D5e+{Ke37g%`v=d8 z#ab3m!Kp9aU|gxHqpiyxL=fkVUGRQX=_KbX>S<>sg)=x8V7z;^C=!uJ&_F;q;Diz+ zs9@}U$EM`usG-mEp4Z7pXoz)oC{p4RN8g7 z@w&8M%D-(3Vs1CQR!S3h{54W{8?fe@y?HiZoiUUW_iiPlCnV0=r^{L&lEh&;X58II z;WJw~$C1pvGo+z~_So*CC@A^mhHTg{hw8n!5vE;3lVU z2Tx=6km=(1?`^k2tlxogFFrS3a~_Ma4y|^m)4~IZR36Y$I$vcJeb6EmAkXam+8&Jt!SApz0x{dn;%X?|hu_iqa0v{PM(_F)J|aQccy;rur9b>d<1*Lw zevB+m&4)te6c9A+Z(XLT^$N%!hvJ#SEK{TM!(fjjRo41hOcnjC)kfj5N_wM8YPQvS z?YEMEzEX~U*-2NMo_FTrn?v$e&(&^gu~e6>7gxG2tA`^p7VG{B)h9g$gj6_C{3$`% z4=x^`fwB(=ud_B!UYVXe26R?5ol9drE*^~Ee)n%YHlMA29`(`guP!g0^S*0PViRN-E_%HotO3N8TlhZ7FC;{8p8nK>~lG`Kh=#DgZP8?e^ z3d>F*1Mp@`XK^-iLayDaPB+GFIXWJi4{dukHa={Yh_yYQy(8?T+uC3~!nmG8%0(@{Tk#zmGU@H7=Ad2e(pi4+wNJmH*)T8%o9 zxbW(ma15xQI-G@Xsv$;_N&>Eq|7`aA_`H^aT=jdI?x0Xa;3B@qm)-jpUvBqpQNEhl z43?;)!HkwxXJqt94PDsfohSN!sM!N$SQ{OnjQ@65a!TTg-pv_q7&PN8T1!bU*n;9| zM}O*r=$bzHAa`Q(AN{Fl_j=gG75e(d@0Ui$kZEdCVhg%1Y(a~gT~T(6OU{OA-tgHb zYU|BkL0j*>IH}&=If&b>cg5>&DQO;?>8S4Y(?@h|TaUg+eWSx2$)(@2xt7!WZwo-p z5~{d^@5)+Z#;?QhSu}6RtFOt~&o5gHmM5OHWAKwhM`Rxqx8^OXYGUtnSadWaw4xqg zp<6ufjN2{HJV2>S9q_vwj(V=0?_uLZ7sd*PHe7@*GR*^Brtqm8w@XO`x+|=l8rNcm zXizi(r{}E>a-5${;;MGOfG@3T*Ak+PgGPEAQL}*x`r@V~eIm{0db(S;JXiBI-qaRu zK@x8DL$KKDFZ+tuNGZVPieFIj1yw6=SXDOd#Mitwn->*Tqd)U&E0GIqwReHqCX_G% z3V$RUgwu%zz=oUpU5FOXC!Iq4nU}tcW_Cz4x=c`-t~wsIhyC4!aP3nolZ$|i{x=J#Cu{P5Hp z$JPvq^!;w(UDNq`M9|_e`d(u8pQA)`IJ?62)yZAL;UU#Q^X1{OjM!$UuN4xb{zAYj zH^yHSI@Tcps0y%c=Z6ZcTxzOr4)0k!7&>spg=rR*6xPV-?FXAV*sLdd>Uv@|X9!fq zMe9sJ^ep?AHVtX8LeBNjD2~JZe?}IfOWZ$-f@qzPax+I^K}cV( z<9|AIBSCZXkMPzYH9G5MJH0xzI|n2(G`r(|kXfJ1mGVJQw8#TcP-1S0OVZF@ zAXaH}V*lIv#@OB(hifY`kdr0bqvrh&1PH;wC&&h4Wc5QUk-v?l6c6x4kB=7TP7b6!WybkOfbG8 zj(W6%(dO*gWq;fhbWC=UOc?#G)?NR1zH{AXLd&_;zj|J2y+yerobGYI-|_O3GpF&mq^9K#WHOCoRtP7t8Oz59YM zl?(5bN2NXleK6Q#(6h4k_y1eB#7Ps~!IL*Obk~%<{7McF6$d zghV5>$P-rN@-gbZL*FG~33sQb)mAXh1%Aw|axd90k&;~RTfKwAaiyZH8s2YV_$h(8 zY{6sq*L|`hxd~eI!hX|A)Vg-Oy+TM+jGlMmAXpI zZFxuT$lJsBe0`P={8!f$!)A^k{LW|M-0A!=E#V!|p6Mb(D_XPki8JaF_H-U^z}loe z%T%}{b5O$GQqJe9G%ex%wM8*qZ(qvc@pyK?H0lGin;lqN=Hp%={ck1v<0d)KaYm4a zuIZixC=*L~_i@}~&jW3}AO-cex`AqfR^q5-v1n4lcsQeNtmVk)z0LRd14~kcS}CF7 z1;ja$MX|0UFyzo1(%_M^a!+nF2!QZ5J=ahMbx81FKj z0S-5H>_7a(m$UYW6UJ@cdH;>321wy>G5^yP#wPER z$iq)pITw*EhBba??~P6@w;SFio1AYY&ZZ@^HP(t^}H`5WArN^(O>@17x+Xfv+wN45#o+_UE(!%Q50937I9_0gqT#jNN6a%I%mz_OobGWuk78GUUDDkyj}PK!!4DlO zX9@7MgnlP8a*=_`MfV2Q-2?{F7>$1*!?pDRZe$trS_;zti;YsuLmpM zep9LaZ-8^p&wiZ6&^m8U-13v|#5~cGgh1ha>@yBgUzYnGS}^Nb*%`FWPD|hpEK#d| zN?awW4b6?@4QtOFS!*`ZLQUm6V_FhqxsMNECS>RAAj{-f=td|QRVSX86KXt6s{KY? z)_)g3>u1i#B9EfXrR3dZcuMLO;^f4}E*e~p+Gei}jhxYE#URyb9Ekju%kbGPoCABK z*g2KN>Af7Qj&r4kv23|}z9@Or@@I~ZA=rSTFwz;Rp}&J3g^{;46W{t=mno{1MwKlf zU$r!>UHk`HJ?{fhzUywT8wEHR$NIPVndpkGD&7R@eUN*5gjvq)@YLV zlhqQrOwH*1pqO)hCVL@Dg5C;dMXQbeS;9b^ej>MYw8=~v1Jj$5@KU1PW`-JVFjFq6 z#hhbxSF<#OLx%G+mODm*XeBS8v!EX#0=c{c+f_ zTC=8-HOl^Ic;*vA3@2v%&tRvOoQD>{FX3@?s^|8#`SRr~5B{D5_rR=%W?U%90hG+!I&azKu$d!zI z(_LE3Hfoz7_XO8rTvL0~V?oP8F9l|&^f5iZo-(S>o@1{ZvQwVEhZxAcGdfC&X085o zsptLcYOfwZyWKCxmnpc$BpKPNuvsaoTt4s(5>4bID5KmRIMS;ir48k0jleGzHhHEo zCr*Bo#E94m^OYXUarsuXjY-z_a{65r{ygMsnTd>_%o(n_7wNy-ro&)39J~CNI<9 z562I(o^IMpW%v9pIjXro3~d7>2zrfrDGm zABP6Vl-{zT$!>kmN^>kYub6TE#V%B-rsiC#fi|H z9!McaC+JAxW&Rv3srug5l=;sNX+`TU@@?9rLxf|+yDY*ai|1(8^$y2>)$6^+rF6U$ zw05but!JQ(WN+xBcx%(o4e6fFWH(`wyc_|37%WlrUM&4rRQd*xYa2a2d+y$1K{T$f z^Da+Hn@C=Snc%r~Z_-{gV|nRUTRwJxM$bS0{gYOSX8uMc0FEI(ZXMut&yW$0`{+2- z%>F%#WAb=_l9fqB-PIXn+)+L8h@B6?j^L^{K(07Po6`U^*d{`aXdQs%U!kHo`#PVg zY9?sP5D`)5aQxXrLnBSc1LI(XV!yEL>yBDQLpXEvw;j_gJ*&gSQtgU#lwvDH=(WHt zkpM*k;W$L6BAm7+-Z*IrS3H)uN^aF)8uW$uNrh0z{E7hB*0kd8NWoT1lTfECJ3E4{ z5rEL!1t6)lvT)<6b`dy^_i~Ey5gO_#re6&%2n)Ag- z90(J?XGUB#Kjr$Mes2>#LH)XXBfZ_=sr}%-XOxtxY>m-$(_sAj<-NSt_boL<8oauf zn)obHsJpbC308K>?bg@=+ZQ!CzWilbQFkp{kEhS35*>WgDQ)D)jH{MCelefVKEqxQ z?V}^oP}arW`6!0R%pj{|JnbzC9*9vLQ`_MZVB0S*#wqm?D>Ky$FOp@r+i&fEG0n8i zqHYdr;AhSst`?RV+B=gO_-M!vZ}>`6tugibvI8^TudTGD;?At!t#7hF;eFjsyTgDO zxYClx{bYjdxsNgC*N1^U^xWqNZUQHtrGA-mNQyclLwik5z+`B=EE9q;8%Q*speqoc zJiZu@MZ5utq5pUeu^nc|C}tKgel;S*k}p}a=bs}lQ?~V8Q!(7cb5~oX`{h%6h6v<= zEb+d;lI>p_MV0P>yFN~EL;VLZG>~KP3SzrZfpu(Z5aTj8DAKI@QTEV8yRjpY;a5#_ zl-IEwrm6NQ`TO7BjpbdR6#S@hF&bu7g{G=UehG4%zSqnzq>Bm*;@G?0+i$ekElYRl zdr3MztqW}6Eps`Q*^Q0NZ?1tp*z-T(qoq)JE*oV!LN1=JK1}{LT|M$6$kFMUNwifI zyzJC;U5 z9B;0UG`URLR-%)4_B|-rZTrGfGdwbbPZu{aoJ(qSDR0KUdmElQd~g)E8%qOCZAjIu zl3+lkg1v;gG54IZV({AK`tIDGIj(8$am}1yV92A^VsIDLH_tQ>ezYhz^C8*e*GKco zJ!|#1Cy_Vt!Bl+a=d$&3`!-H((H)-?!|{i_ReVo;A;D%%zB$2|pZnpzQ>+%zdVL+a z(M?0i8N;@bEP`7oAIC7s5vx0=jjpAOrWWwHByIIMuG7Y*ntA>H61*MUv~c&WGKOf; z#b>6^jEMzY%vlv~!wJg~(decUMon;6T^8p~6FY zK*?M#<~@Jn85(Dte2H`~)0}Drk9Zf@HwT6?Zl9jr8f8u4Z2@*T zEk1m_9)mG29s+6sGPUJ3Km=zQR5FGwYGMxw)0iHwz)Jie@c;c;Te)wX$tz2R(s56A zdL*|%v(MxA_a7cT1MgACjWy>k$=XV$+c}@6CuVQoR5=bWp{}bOIhIj#I{!Ywxg;p4 zr@1MrfkU_N{6;gXYgnpX1D75R;j_LZx=N-An7q4fG_$SH;FbKCfYE0 zVJ{ucPmdrSG3Yc-?IAIS)c3zahNJ=%bhB5=s-q!~1vW7>QtOVcUW(#phm8%5CF8V) zt<9Y|-cwe?8=XAVYMeY)qVX~$)nuD0bWXD|jq=Sk8r*Ol`N@?p`*gTDpEOiPIlLWTDQWGa1-ZESIf4cD(YDAJ$LqSqikR3mwUSx*?V0M#k%LMD&4a)4nC78$Ahy@Ga|tNjg0y52YM zCl-=aYSvv}j(P!nXCJTi*}j6Rsyu!3;rdHk2b;mDBki^il0Qs1YbE$Du;z=S53>k7 z>LGuxhL;Y*8B4sGCAuyTJu0J`f?nVK@t8bx^4FW4FA6Ublg-abt2^yGCBQVkJo~%1 zJT75ztStJIO19F4&CiNTHa|tGVX%kDg%qw2obYR*RtqR@*tYcF-Yh&HxEdCr3W;8i z%0Ux@c(M%DB>}*azttSHg*t%VW?6ru@+m=;zJagAIiOIiyBRSs`; zTK(#s*2`}B`~+)HQFrC?p3AppEmmU+*O;meV&NW)>|Ca>37&W zoDX!?bm4Fs$dakHGsF&H(45vx7tVk|YM<8@uLC90C5@#vxEEf16mU-m76Q z=R`%##nQo2erGL!)hbWnZ%rjMSop?y%2~s1v2-a~`7?E$MBOAh@J1@n7sY<0EN8bL znDsLZrKeQy5hd;AT!D=iOFQL?+zS4^u73>-bwZb$H+|N)oTswmqo^8EsxsE)53P{E zKQC~;wq^}~1ukbTZ7oWn!5*>__g&!D#GnJW#Zu$^iDr$ozr8UZ{~a)^xE1*DY^}+s z@voM~eq5K={&$(mzss7uUsz;43av*GjS#9Cna|vw_TBre-5mE*9n%fR2eqG~=TD@1 zfk;e^mPydRdGDdI*W4C|0Iu8!B_Wyvz+?O~V8r{Qlz$mcZ?c4rZh*ST1F&YAK7{0O zMS)-~gt_81r&B4;g8Ft$h0$18X7{A0&sbRZqb$Y=k{xNC=8y5*1NO@0NQ5obKlW@Z zyC9@x+ZL!Y1J%>5Yzt1h8}CY?YihD#iGE)X*lE||deIwbv($Cw%7_FDh6fD1yy)@i z?RDk`P{s6s4JYdm|DGK-CVY`T^CW5eb=) z7MoI`>r8@S2^${|SX$SjM=^_-S><`1_|3sewvzXo?DdVDyE|%^Wnm#UguDi$$*5d{rBy74m0qjGk6^l0gz1!xR9x;)7s6N-sEXBt%6TumyhF@ zt6|iEk0D}nglO@mz#k|apcCC{e9uH_A`qP;lcHp=3pKhkF z1OhI&)t7yExeguIy@jP0fnoy{$W{P&ln`m&KFHWkyIK2HL1VohRTp^h>jF>1PTWzo zNzdQ zPt3-X=V~Ows>fuyFyl09@U&;P$^A=$5NO%4uO95cZFd*secB^bXybC~K`PMD z^;qyY5ahpMZlq-3Grlr_`QX1>EC!%go(dZ?MBefMH$rOp#`vE(=+VmZlCv}CDDKv6 z8tw5h_~Z7izj(UM^Yb2#8W$V?8@DVV1HqHq+e;=T)O|H9w%(R=H$3-Zf}GpOBK0nE z@I`_9b-H)s0a+?P^i9TbU45q9wNb#SN5--D=Fal{3$=4}+8`7yU@^JB3Zx-gj(((B zSnUS1UguVU5L@BV0g>EjjV{g#h#W^)d#6*5B2lcuqDN4A0QT_t$+{?P#x%=!DlviQ zu~hfb;$KVWdpXBDwRU9)2mB?&mCMaPxh`bs*HnEg3`ogAeWZ1kyyFS5R*8Y$#wm=3 z<%Gr^*hiV9U(rNXm*?NxSk{ZA%A|L=H3+jcjGH)Gr5(0^t}%GE^pwh!dXPAd8*&D- z_>7ezmwBBJ=FU!byC^JT=e`>Gk_}>WfB2Cd+vC!MB{(9<>b`3ey*P+`q=;*RVYEL~ z+^q3>OC8^gZ4}vMpRI$}JLz0dpx^DEHa{ZfRsDS9@0z{3Y#c%lLqyu22W% zaD0tleFrIE=M3#Q-~ZPeG5@Sm`I@hbbrqDx!bofIT%Mn|14gLuznS9Kjk96i2gq2^ zF~BYV&sKk{YbeB@+7!hG%bxEw2oiF4%hjFZ8G#BL`Ptufl=9D<`D5TOHytY!L6QUg zxAC7ENS;_ebeHmDGyn`~y7?gMb~=6Bgebay0a91ChNMY%^QfK*E_T^Zc{&CO&mK*3I|zfQHJ;x^`~e*G1c)6xb^={#trp3 zP1xz|%S{d(eH$Z&yN%Nsr>jR-BAN!eZF`8{SGUV|t>lot=|Z7wI5 zk41;qNyWzxERLOzgGWfje1MGPBO8VQfQ>JCr|dj-9D3VcFLB+$EHs*;jKudqBvA`- zGWTEPK2FhEjQeT4RgF&hz<>{RlUk(2$&MHAAZ)C>INb|@;NS&;G$yz_~zxJm8L z#kI05no71b-4P&g(KLQ5H*w||=i_y3o1Ns8rwYdbA4AZ0OF4C`xqjya0wPx*B zkhqC&2?`Vvc}Q%uSPpvsqol1&D?1UECfjtsw$h{dI?aDc#LmxDa7k2(9@L|6qd7Y+ z68xS&-?mFynOK-a%gBRMXpg0M?`g!tpM}iU7r)*KRc}JR8!b^ytBx#{BuGEM_?SH_ zWcpDSrs;-}=#fi}WksiRH zd~$NFd~>)7w*ATWhomFvt#fHYtwGt^f+1nPJlRVcO}Ps~Y}RyWO2nVC;x-42t~N@l zxJkU=D_Vyf`yf#IfR}v=C;t~!J&AB_4U*yHC&ZLBYS`>=Y6Uaow%xB;euaMCoa$uB zFDyqRW;2-##4ZcsB8bs8?&tVs3!gkV=<@(pngb9kU2W%HzmIOvvQ4&)Yag2vp;?{m5=3Rly!V=i z0>KOieIfSpIyOp>JE^Ea%SgDjB5ZbNynH9kL!cayPyLZiF=KGT*rZ7;$WdJ7qPRhE{UdIwXGfi&0)KIsWpEZ?$j=GV~4jy zy(TPahbhzL*>w}zsGhVGwAmEM#*q}{S5QT~U6p!0HaXJJo)H19UWD2v7MA0z&g>YhFJ5?Qz|qg=pg zM#ADqi6swad$AW)Nf1m`eNA4U}PEt{Z;J(makw!``E2cEi~8-`1)CDyfQG# zCQ&hePW)D$DKS+u+Q5xNw3n@E7B65salfpPm7E>B0nccR7sI*0sS>b^sm6IJAb+X% z|I7z>==<}(Q%7OAbL{mSFq9DeX!E38Sb0*WpWf&BWZ}7> z!C<6@toA>pzz}45Koz{@&S5{qCgd)H-%o>BU$ym2)vjOP=BLKNuUQ+nAx_s`Z4<~m zMZv_WW4_c4f+*t$Er)tihhycY^*6nBr^#b)A(h7*ez5W)5B8^i)QCu2VmT~>O@yOd z^6=RAK3C!x+vjNAkbd^N^6-LEg$mkPyG%dftD9HVz&T^PrC5ZI@YQ2{c!5Ty&iJ`0 zfx6F)1#PT+lmQ8sPe%B9rjV~NWs-d_1#k^0BfMa|MyKUkDj$&4t|$Rv^9FMFAcj}h z4|M$0a_0t{$2yiLOY2nsIHH7PKPPOAOd0=#18PNDTwh~)ZH8y>{lXP>3^VH z3vir0|By__;;N|RoyN)%_h{2Ubv68S<0>}NltDO7I;)1(Y@n9D-(= zf*xbvs-dCVqK!-JC#`18y&es1jXWwFQ?msJ6-zg*m&hj0l33Nt&M)GK=>Wvlri^h* z-Ow$ZK^t+kE{ft-oR?=UUC%Y9{bd~ z9wAU8SX|l`N+ep>TCWkR8_H#@B7Wi|0{t;ZQ79`TNqXrs?XC}c!H<*!{S+Bb(!JFr z2o_2B^#>&hW*r6S`pm4kv+-ctarWH5o3V=In{MFJss4O5x+vZbKqj$^<&eb0mQW4~hkrLiz8 z^df&QOTuI}iG`*%zpKU|Xul*_bw1huI`4?oD<~-^n?Bd-U6QkHf91|q1ufn6bdvqz z{smKkhsH&m+>jJ031}p0>AxKwKOytx9b^S6uA^D$!!GDE!{8%eivk96JmrvQfX$h+ zO`-vAwEjB|!6y*%XRHj$Ag8S+g}w(0$P0jbP7D{BT+ay{kbS58`~nZd50#Mr&ZY<0 z6=lXGS~}`U9>4rENW;npFlVs&O33SLOzE{fhz%}|)=?v0`Ki99@GU>BdEekWl5Fwd zuYXc4Dt0plQ>jZAxgtC&G&n-;QAqF{9V^B~N;cP5Uz2D8V)fq|)IPhOlqs~1ngI*Ep4SGhY-$;O)$ipP zRbRilK65krO)g@~8*5H{k4f+m;-j7k;aGiY%3}VI`&Am0X-Tnprw<8LH`=|^fBF7- zwAuHkX`%8l(h0`4M#*~Y(TQ_PJ?0#FI@#zRYkWW7cr!>Iy$9>5mL>%**4q`=AY=1ma+0f z7dC1N8R73Sl2Ix9{CUup|71tjQAlgc`y`+oQk6`g#N37 zb`b*2M7;xbt)!<0mwCd4rQEPqG8FEh!UV@9F>?}$+3KoUg zt+^p{?XFY;Xiqgh;eIZS`K}~{Rr3WBwko)H&E0f*Evsx%8k3u%QLS1TIJ(%hhJTTV z_3-h~DjJXHcAc1bu`YxcJt7Sbtk@l-g5F0MLfFCUBIu@^JC5CXjH8DyBMi3QeQL-Ueq+lI zDH3zBwx~&l&DR^8B&zjb7E>_tHU2t{9@=)??}GbVeQ|{`AjbMORg67aMSS#as3w~N zy5wIxlvgQaU^Y1&x*p99PKO5M1rJg!1aWzv=u)-t4vDtfDCC;(C982adC@eEE(>PT zcEc>mk7#}u55xW8t>jx!v4bc|%+4iPADiUC{C(w;_;#J6x^H)QEBBYnl`O}!RVZN4Hs}S6*eh1OAX+JAQJ617%S6P zGap3x&R=&=cJSiA6@Lbkv>*K4IboC_)pN&|Du{2Ac(Wv0wW;R-m#9J#OcU}2Eewm| zNp-tcFjfYl>UB;;datf04e%gPhGLaawGtQH(Mf?}p1hL(qv<;XnrfPGMFdnzP*kMr zi-Jm1dXLypX(}op9fW`(gx*4^3Kk$L(xi)k(n9YEO+acWQUeLS20{rWkPzUX8)L{mN72@f;ik0kXN`5?L zl~aS-tUdT7pQibt-V|5^B3nNG2f@7FM+>&pK4O#AA!aG#$=p&YDn6(dW)@y)z~8S7jO5ET{eCJ& z)yFR~*aB^9RppiFm%8?e2eg91YEqv@V)qqfaogsRy(6Qe8zTFwkZo?Bh7XZF-aR(7 z3L*al?v0dHnN*Q|qr7-;%Si5`3i&ZxR^Z4ad~1(fd=kF+X8+0SfT9xeZ=QoqY5KL5 zn=9(8dKoP{Bj(z^exiCyEL>vhll|KTAD9k^;z6dO!=my>3TxY?L6NYX($r58Yg^AM0&}@E z9Imgq@oF*!G{ku7f*(}`&T`S~$Knoae@*9}O~BO)?k=6(QgPb6C>SA9RsKr2#2u5v zkd^bJNM{dTr;?mv4}b3TD3A^$^D?1#Hbnm(j>oBx-`T>o;M=*2z|4|UgnzeTI+Z1r z{p`fST@A2)1DO?|#62WH#kO3pyDSiv8yf5v3CnUAhdt$k3>9yGrelisw)fVYo*Q{2 ze;yxgn`V+rq<##g&j%13t@9p7`h3Hi@TmY}j&H?>ZV*tyBC>?j|D(Uj%CB=vYn@yLpzGigyNW1aJ$H}jq1 z#DZJD>X$izFPB}(!{`#C?}_b;(hXV2=%}VGy86FSt>_%?H?O(k7nKXn_&X*#WYiBm zP?ERmEE6&dP$iP$*7Cc$s#d_ABK4j%Qe`>ei1;n;UR0;0Wk?U8=lq@{$c^1;;g+ek zQB`Y{j_a(YsLMvwZGp1%;Q_*sMiwRuGPW<8x~fK_cv~iQdQX<|jd-il(TgkpjrJ*c zTLK?n+l!#{pc>}j&l$X~&X%PY^tq4Wr(`taXz ztgUYSQA<}F4=$<3iv_T%&9LL z0UA1=MvUxo(~l8|ea8}kn)Pu>^qLTM@=vE#OF;4vpm=(yM;I2u4HxQE@!iNzHcxUk zg>&NNfP?M+ydJFsaA0q$Ln=pR>S$ov-8#QsXWFUa->ZneZfH$}h;qg3C-<#!?1+;2 zSkPm3^tFzMic-!SNFBpxa|wW^i4 zO!C&J3Yy_4d1Tk4d!!`Bb!>R+=LoSjuDQ*`4sF2VdAJ)8C?o~K>=N7NRh-m&)T3=O zZKsrDBBZL^6)#ykB~AZ(>J+=VEzmdPp zwyy`3z8ex6|A6c!Uz=l;wt6kMd_c*E|9Uir{#LaaCqp$I(X+qr9^1BRH%@jMC3#Ex zXGFqgzpna}lM}9fs?7g_iMa~89Te||fiDG?jg-v&5GfRv9kZCdg%Hu(4`C;)`sJ~% zU|OLggNGH-Y?@v4i+WbSetkKJzG^~pqWgBZYE(1E*I;|K6?H>@)t*{DXjw@4wH{@) zJ60QgV@>17`dXS&X@g}IrdMV0p0}2lzo+5zD*U>Vhv9QyFS4MTWFF$|#t6Hl&4TUZ zd5ko1g@?s3Eq3({;#Jab{LfsZ^#}%&Kkq*oDj4%KDxyd2Ow$75V`rl0k6M){X}Aw7 zZ~881OXk(_Y^X#ymM0K(y!k1m9?wi7d^XjdP6i1o69v7kLm~qKYbR)JfCu0ovVgpX zC=e=E_^Fl#`1;T4CHsmYp{I8`D&3*Z^|%et4<$@?`dhMVb_=Srq%Stvb887I1A|ea z%)0Kf#+Jo<>FNJW7R$)`VOf?JiwJ{Fn^v`QHv|l!e(u(C4dZb*a+jOE7)LNRQp)pC zbbTxip_+0{&byGyHjSe?Dl~Mk`_x;Y0N8JB^N1Sd_{MriI)kCL_I+(zXtxx(xu@*5 z^G6$a!j1cFYs}AmSoXN3FtO748cv%Z+;9T6=-s-=nQyVDcWirnYI}y@!xg0MET@6h z4i=$I%=8a;yK$wY`^}HstT&765epi{`bhJ-3@f*&;Mw9sGRD|$BC3M}zl=)dFC-VL#{b(I1H zSty`n&XrtyB; zpC@zcDq{{%8u{kPhx-+PYU{5RfG3CD<3KYy|H!y9eYApmcCNx8IU4l)i&mAg@9_nI z;VUFjWgsMcTJMRK?O&{ zsbWvW5w5U(5hr3eKwskr76hiI52BUtf=XcUZB83zB}^e8BXtok{jV5MF(|qxjeyPme%0KlTt!Ee4e|hFTmuR^dfY+=P%^QNP|}* zK+_Y-C?me=&DhmdDO5Qyuo4)UhTkdAJUmIq76tFSX+-`*{T&M`AlCHGi#>;Sk#BDP z5mbW`Y>8PSnk&~d64v{~HpZ-&Iz{zKdZ$p02Sy$a4_LI@yBY?h4&OyCaz=s=GxJBH zuJ_6X%r7GR7Bm>o*mpY1zTs5)hq)_Y7N**xO{|8M$VPjkM`b zF4dOGgl#mXGkAJ>uX&n({0TZUY5SAa-kxaM9#6wJ9SjhXtI*4$Yh`1}E8o413kd*e zZ{5)#b0>OarczbY7qxD{Un3eL7l8{XKP^NBSE!SCC2TRxem?kia@m`V9Q|T-;}*?G zuBG>ZyOLT{1kVBn$Zy?(-g}ktw2%XAh|pmb)bwNPBz9~}hER96IC3ogTR56qJpYDZ zSd6xvrZ(j>y2fM=OUp?0DjC9ihi>yd^|x#q{gs1T*%HS59b45}L{e)0_R2^RszNA9QP*sM5l|RCXsJqRao^+uG^^YofEp z_MDV(ApK!on&$SuFFsn2_8dj0wlJES+7oHh#w>8Xt-U4xtO9-QaZ6xv_2Jjel1MB#|R}I)) z%PeW!V=iX4pgvmDtH9DcMp_6uq9C3wY(Ek&z8F;k=mDXQs9f|B6^g0=Xcg*+PPUD0 z%9nc71B2?_>$A9vzhr*_AvPZH6_BC}Ql@reuM=rCx_f7Xwg3z2v!n^_QpY0;q?^M< z=m)Og;UXE`USa5ny|}{cM3B<-T!lk}s|h{`l9;~cyFBCr$|X{O#a;&wEMUu|k-ay1 zkOpJ)jd#&p6om7SxX_@n4?b2azU^^J9?BzVR7B61MMDp|oY=($+~Dc{Vc`({VvkYs z)~T1;*NJ~+5>(dS)X0bIxfBt>MdkG?zEk%!KvYD)56e1_I;>l9Utdpndg9Vjl3M=} z1ZQNY0{0p!@pZdKi~e0Yc0|pu&HJU{IM^q39=xb<_`81EpMHNt)vr&fNPkFa-K-O3 z;s1Me7|NQs7`M9Q20yJ)WZ?bcKkNOfPBprNlLFv$(W5Q-NV0A}G8b^HP zo~3oyA6j>PS97(n$(ZCnY`zE7KW+5@HPECJHSlEamy#;0dP3*4IlmRW{bbV}b2(6u zcj;Ptm1vR+{mYgC`2RlfE^Pmth&SYb zXk-19h#Q-F`;gH24fFPJ{0RWE5kCbav(Jq20Z`4ReXN934ex5;*<)rKi)MyBVQ3&F zY3QtCW0iK5?EyG5sZHk!b4}yC2Ct^9jH7*GvtE*U>9dOE&KIy=QKKC4v?h1K3;fw&g9&z8i~(G@ z1b6L&neBk{pMudp|DtKfs%yRSyL0qoqrID)X^)~5QcsD(4}?4d)Z*~ccEQ2T3NiSb zD8Dv$LD$lf6UwMRzA)??&cWbX9-;OoT7JPefW)@hzMT1-`0|0oiN%*MivahkBJFuy z)^ab13&PyTHLY&Tpf+K z36y^}5pidhMPOPbH&>^~0LV%P(~lJWLJLhXndlhi=YwgenY|&X&5VLRtIfFsn}N;R z`1PR!zd123Wx=CP5c@v;POL;jlyI(XX`H{IoJ2Yz?q!kcpWE4z=EAv6d(~^L_Pw75 zdC#|66J66>*48^Xis}%hgBqW&Cb&K%+b$@a+Ng<4;w)$6&=dFWKlZGxiXLnXYOFbA zIy$kY?P^|FOPK%=R&gO03|rD?XDC*V1)sRSdkK~&s&ZF~srG2!^`A-|j`H~Gn4b12 zS=BXsyFW4J4>|RZvlE1V%^v@chwy_7Jf;$82O!OPDVJiuEnCHJe{zy*hyChw3q1P) ze+)cfIZz+6?7WyQC|Nhh5rgb3LoFl!+r5rbu2bbEC68yfD^s&PhI-EC|M}UGTmNCu z#=mXZ;CIT0!9M9VJh8W<#w(Z}Gaa-9e=Rz@a!jG&{ow|y{$VJQ<5ik_)MaqYU1A22 z!&FnIHJp^v?Gf}jS>+>#Q0<&rY)&o69e4g}kEg$^*5}2ka$2z%&3eVBp&;BFk@iv`f)!fYqu|T+Q>f8|0<91gEAy93!^A?)Ojwt8eTxkmi z0=QfAh17CYHCz85q^L;S% zyH&Thd^#>b8Cd>=sdaYzAGqk$N%XqjabPK6_EFfm834m;EegOSh=(J@wX`kI{Ovj~ zDz_C{@3%bjD?{vofBi)fN{bVE{U|ebH-hc3o&DhEa2Cv>4>YSOAOK(VPZL+ee8sj) z+#^xV)6zC1OFt6hM1}XG5A&Vwm+!Ehr+l)ual0`NY!B&N=w{?!Z0#zuWQkUhc0h=?w~}%}{Q~=ODaC zj`BMT9QkhS23l?z(Z20HAsiK%j8UFA3nZ53hjWj+<+l^@z^<6wm6Q(=Yj zfa~9=%A*way@=1MJTyW&tPS=WyXlxrWyL0|6*cAf0O1^8X^%Pds<Xn7DYwr3Z9XLsm51oy>yQ zeboO4R(zl`vf98Qz9%uwRB&Eth?MRjt!bCQ-L#Xp#-#;pU_ls|9xZyub~^30tV zXopo3+MI89UpGVbW+B?2O(g54DsBnH6b1)w+eeVMwBQ5p5ks2kj}0m{li{=vhn!K2 z4y(_P2GhFM-p)$keZVm-KW=ODC%M0cx3p&s!0*Q9z*};DQShG!8L+=1Q&{d#U+Bs% zF^?O#lf|oYtc2r&gk)nTs;2oWjr_PYr}w2XS8g0ATg-I)jeWXYH605`&sB4;<3GgKv zR{LxUVx20@oIau!i9!8aQ4QP&)!eqys08V>_?a%iPUfS*s?4M7%I?S22V3vff`zbx zHSm^^9|Hhk>P@Z#K+8h6Irk3?6qFr^|9W_Wi^UQdXAFuXM;?X~YNOyC};7ExnnRk=SP zRe%tAP|RRo+b(M^_zD3FpL_M1dGOEIGJL>TWpI9yR>1NiHC28PH zD{RV_iwyd%IP*&pc{WM)qXbU`up5AD;*)R4X`@0$xgxM@KgQmn>I>2X4S;(AlIppy zIMd4iKva!gA-Cl4y?wFs^qJy24V|eJY5cOixUZ68wjTEpFPBQ1ylft z8!t69m(i?a2m3~C>_NnfW6k??yp4-TfbpAE@P9F=tK^d4duLVtdvrKxXRk)fO*O}7 zHz**bOX(uG`=eCDVE70NgHFgoL<@ZSPY+5$lpAky(2D>-hM<$!er9h!cJf57(pF7(rBmLGV4G1#If$ zjI4|&viKk?l|5D!gje=f6@EG(;~&@fvQ0j&*)dDGVVMq`h`7#YuFU2a1E%S}pD*w0 zXZvY|?wI8R)u_RGZD=YWRAE@NGp7D~03g?^w4t#_O^<4r(B%Iq*s<2oQ$XX!$CP{Y z(ML^%dQ?ATrB$96KspO?!$xsM009gl5Y?TlWxJKk%^s0w|NA>TW@>Sst7RT7MhxPm ztMc%f%G@~-?TVH5U%+77&JM?Q0m<2`ngz-RpUlE#F`Us8|T?hOc)pE&y!0gAos~h5@$L5twj$q0Ud9sPuWSD6JdL_m`oZ*6qvr8k;;4jAxf`D3siuWKALiN_+tM z#SX?Uz{nj8p3rXcR0kslU`ri=_b+XqPwS?he2tBi+}2=|Z-|xL7Rq_-5Cky~_IKnD zbI%!xn62~_gidr9RT|L_-~&C^hzj$)I?FQY9>i;L3u-AW55LboRz8Qwo^y#CF_y5r zcTneF8ougUDWTusbdrqnIWYu$GB1gY)F`ER?J^IaHSEjzjqCQ{k>}d?C%EPASy^VISc~Uvj!Ya5txp>%~kq` z-~ODM^L`nuL6k01Z;TT1Uk~}_OMp0ifja@$#0r+{YO!{&I83dgq(ooidpE;DTTU9P z8G}Y*XD2lNM7cA>mi*%5%L}4GJAR)4=o>%NJTE!&O%$~PSQ7jOv%d=5aJ^)!6Uw&y zjrTWhOYo@d=*Y$t+eZcK{!B5%eTlf>-=3sM@HYs*7+m&u@)DYvb##mFZ^C35yB_W& zhNQRqF*KE@auZ}l`8T#zQR(fukEy;W>I#m%JY_1|h-*DHai;88eXf!GcE(2Q&ku5v z+v<(OzVZ#8s)mS<_9=Q3#)fjOfw7`?^iM?U-THl_Q%-8FLgd_>#|`aQRplRyU)GrgB=c)r$k%%bUB&A>M;+xvxQ0dI4bqgUXy@6jvy zj18&h8a^$feQ87Sy;qP1dCwuCgDnqnE3a;h47LfVIDb^ozCKTR zxRHF1YM7;LnQ&I*VZ1|ZPDSsWO`+=8?DP%`_<+LQgb}LOuDkX5gOJu<%Gtlbjx^+c zZI>s>H+VcLabXComC}6WzuJ& zn2P{w*omcd+w`amnsZFX-iQ{54k#wzwt!{qUBloSRSlXUu$Ue!X$tAtT!DLeoxdtm zYv}7w`)!5BP}yM(BjySd`~?E*+rZNi2Q-3?QEFjr`aaD9@42aBs?fc&5_~gbUI*T@ z@#GR8$X|Zb?Gm4r`oY6Xd?-KpTXLU2_*)&I*vmCnqTAcUHkpaKc!o_qVtFRare1Et z$^2r0z=ePvxzkQ&bAP8=d_ax1#^Ocf|^{KfUu!BOf9DBH$%t!0RP7Cm*#Cp@Km+TyRBcfQnJ}CD z_Mr2!hK8x7jV#Zv=e?v>Yj>-~9hZpXN~tVg>_WQcIH1^T5kdS*=l6 zP2^F-?>)zOf2Xcv4dc>=kg34`CsyysOw!wW<<@-Da) ztN|bw{1ezH%<29E+>yWFBa<3+kzIgv_GA3)A(lD-4MRXlfm#K$a1kNtaPX-2-+I z?Bnrn+hrn*Ui&2d0LUDI%2*5Duu@5n z3V}#Wo~R*Q@=>;>!KOA{?zR|xfyUQhSdk0HXA~ z$@<>`9luisF|&&4GE_U^m;cvz72rk8!1ZAaUdwTecd~ABZPYAr9p>M*sEEN}3F1q> z;7OV4k@n&KXAEt^*;_l3&G*?)x2lHB~b=i;LDH9*iA{8>>M$EJZXlmIP}T zNf}TV;;te2Xh5>!m<}0AM>TX<)V|2Ews^xaDd*$UM?X@ZvH+hvn0=nFVFtP8^C{6>zR+KAS+gyYY$`T+b`PBkdE4X`r41g+7YGR$E$|Mb<%n3e5XI? zmrdqs^~V;*YVI}eTrmnV5e-GHD}ei=XMwF?JoC&l%a{w+Smt}= zOrFW1^HIPMWs0y&cm;8?*q>DWXRenzU3g}LsF#c58h!=|fc`EEtN3STbpYWgPgyIJ z>)l+5FYohlEsozBXx$Fm>GBtaEtXk~xqBVuPdQT848$LaUYHPCsIUbB6{oF)WKWMz zWq;yt&qloDN5C$gDQJ4&w_|-4K>U;AUblSHc5$Jv%WkZ}PEEmiJPWHSJBgm9ToWXU z+vm#-Njn!nZmL+?E{4S}5zZ3=Byh7b;>2(MpK@O~p2L0E#mINok8A{&Bhls0{hb9t zxovicCWi2A;e6XTS(WK{5lU=T_%z#%c-7YMXz-PNphYcJgHW_e@fT|#50rwzq3wQW zpd(T+bF<+hFY+kmkLj*twSj~I^mo2pZdWAng}&tG%$seVDP@mwO%q}JReNMPv>uC9 zUZO(nt4!3c%TDGiI`50t$zH4)X>~<=cv#e$I1iMY_+#=>OISiBvTH%8TFVE$#g4}+ z_o%dGBjQxr0J+D2oLVb%@LvYf7~`%OZBqpdQ)K3Bzv}E1$n{5;5(>r~w5-MIFr5PK z%U1JT;e3bi)7TnU59s@uo+dxvcZ$N#6)Dj06>FY*zHL7%EC#NJ4Qv8iJdN&7_ z&6+eI@hXsBp4YyWCWlHaGM;u-CSw-^0jxOc4Nkxxhs!>QIBLM^4MxLAFLG^wI<|A7 zYaMx{9Sm%edSVtmwAu?j@Y5OXQRI*6u$rH!F4tm`n?{#S!E+rqfJP6ggUWW)OUQfc6>LENh{ni}43;6#S zwg=c+4_bdW@4(^e>3KISRO?vfAguLufNsv6C)Tjo@RZIN_8|mCJ0htuJ7q_0WhH|pLA{+PR!zZ>RWTwX5by{#@Y5diZDczhqQ?#1JY||n?U_EP_}@=1C(8$oB|5a9uM4VyXrBy^G$?74|q35h@^#C zUDGNA)Vv(UrX~c*jUobYctijg;KbEc{_vo~M!fa@%~9+9K7e2I;|QEvlS2xVQW<({SUng-7!0QFCYW$Q`0};JwYdp{)`*>8zP_z!T_EX-HFk%#g$j|gs-@vV zsu$PGEaoPiBI1Gw|%w{*|BLM;R1N+7VF|Bbd4{a;fp~@J!!Uq%L**w$<=Hbhh*v_Mza`*BesvpMcOs@Vmue zhobe;(r3WwCOnx}@J+6BTDtP6H$k>iR%%`k8kt*dXm;It7l?`F?w_nIcy2Xb zyPJb&3j|IPZ&qx3;(d$}$RH9Q57V%IND+!ch%)(dIG)%eP-Cn+LZTrFO%WI^nkJ-K`4lfP|>-Wa}V z^?g__IliNg8dzKPyAVvANb1~iT~PX@eF)@VCHMCH!uIbTR0(KRCF1Cv6ISnjx`Ut- zGM#f;&Ey7|`dwFn@<}83`3ZbyY)2t$5^+4XPByd~v1~U2%vl5+)EHda#{2D{`TGWX zw%p1VU|n+K(kDEf8KV@aN=9D~eHsMiFh;^2eG%$t?wSm4H8iv32pQl^6Goh5QEagN z#X*`ZZ=I~TEDw_3{;JvT%zOa;XydC58xRQ05)=75&@U<%b7~>mUeik0{AF#Vmoza; z>*s9eDCw_>ET+z6mv3&&< zDapa042Fjz!ZEjQUYY9RMaku!u^w1&u$QQ@tIZ5R)9%3#JN62g;5EZ$DvWmPkeZG}vC9!?xOlHsYmQjHP6`vvw6Q zU}{3%_obVa8F1_Iw@U5>jr(HTiJbZk=7;GiIYBjje@nhCD5jt1QXqrh1Pmf03Ke9AqBkQ*OOZCV9JXkK6`uhJZ>m3Qp$^gR>HmgejI_3?_t}Yw(fq$uz`bDWMAnBY0kaSL6OZlRd zJ@7;J^Q61OVSvk&3bs4-y#7hTbjm`-Qk+9Jgv}(rrY!8k1<9_adsVIm)(#8GUncWA zC(N3L{@07}vNnDh@X}^LG19VYRT$U|Ff(TagLp*_Y3YU<3=C4QDWKqkN+r8SI6UWe ztiThzlooD)U8J-`TOAl5O*{RYBK(tIgxb6^`;88DcIX{x^dg({H!K5(s)_Z>6=(*b zu<4^h=VK&y_cc!}yK5;7VxE?)Iqu4{L>a6)L3O=_j5w?U-l)wnx7^Hc8Uf#u)_{ou z9~6~aG-%}onyGPQCAA5oQAi?u!%BVrP^XXl{HZQnZEjsYS4Cy8?>~r^gh4F_b=3P- z*QA!!LD|s&(iFi39<3-jwJ3~Ak7fa5yh?aC%BD8A2{zn5@Uj0*b}VL-K>$iBM;HR+ zH*4>D6V$siPO-TO3RtGxZK5ImLI+y_HkyCpw~wNi%K4wQG(q za4=HHLk*XJH#<2lK-K*w%zY~n6bH<20(#dNNNi>)%?`U30CVCQ@3YuNJA@F*t@b|v zU=+YdrEhWLS#sAscbAOfff~32${hgKdhzlNig_;h?qC&j&>OZMhvf{l+_qf~HU zAz)QcE%nuYjSYIMMjnD<)=$b!QHk3=V2MX^GEx<~)+KCM`6D%QRP^9J zDpHOOID6zcs8+lCq`2D>R-3P9hHgvLdu>(#Kek`b>;R0q5-bkS>*2jFov+cQ`*_gn+P~fY@EIPR$ zEteW3msm#FrqP3LLNM05==O8^e7viUB687Loac0;Z~kGtfvwMiHfwnkI5(?!A)K4# zyegcxf_a14ONx27PnQ((wwx}>#^5@OXRYAA04Ku`rbFZTG_87%=Y57M}IaQ^2B5K!>ez;KMYfqd%qY~E%P21rYg-L zsC^lG%I?>tm#6K1a4Ev>)U*Fl(3v><(devu{h2@Kbr`&VPU&d!{yDfE2>P?BDmzmx zEO}2DGW+xWtm7qZ_8FT?1h$!1mx9=4o?jAWn=!nEJu&kz1?I;UOn=W3Y6^P495TxN zzCXm2>wQhg=;`;FA*QF^e+U`nc<&x!$}TP*WAGWJI^4MQ-k#&qgJX6qjf;mT#3eV% zK*0waUBMO8a*TqOT6S&UKzvK2R^U*Jq*frVrCl?yqXnWF*wVtG8Hj1g zrNbT=PPNotwrg1ReL&I`VGd05i!gE1i^9zA=_+An$8@AHvu)Z$nAtKdDa>q~rV24J z)9pgc+UW!#X4N!Ah*{2maerD&09!o0Ehu-MOJ2YFllZO{=8B#5z=i-fv2TNg+ZwmA z%th?k=;yNTmJ{3yLD|!uMl`&p-4E*dtHr2k&b<}L-=cdf@J!3%%|OnU$eV#|Es{3_ z51ZS`^fPqQ!A(1{dNEy+F+bLGTAUy2HobiT3!84afPFI^djSiXw%>&+#7slZGi|3i zE-L6;X~Y2D#) z9UAXj^ljRSw`4Gl7A^;-k;38Hw5f2k)&_Ub(i9jJv^50+1(BzSJVB%>G>_*+hEo%V zNMKJ>u5e&`ldf=JQ`4eQU|mzBP+&!qq);Hbsa-JecN0V~Fsq3}Ffg?#S0FHG$0#cpow98Z_sm^>~fkUD1(V9bW zoV3ai5GO4!#OO3FEd+In_B8}|k`@sHI!Ox%G2)=PhM?GKb|E;nZcy>%NHI2=UWoMx z8aO1Km8K9vJWi7g5j##33bAIPfkM)c(O5$!!6dqEI|zXsoo``^`s^0xMowyyW^Fk@ z2;b2Pv^*mWrs6VSi{KIR9R1qjC|o&R%+g+Wp)$I7HR3>-RBnsnu7i%6w8RMR4itZi zIM{wwRvj`aPl~mTYheC9evl#doakIqP zN>s7?TN!be3%1E8h3<_CHs|nGh8LfCD|5+(X@lnw((c|aP71daC6R3)90>ISW1EEI zLTaPUO$*$WuwvWrLP3`S8w9(M!syo~N3KfSVwUhiewSLCIyNC7xTI;}bmfcU%&@|9 zES@wb8{gyfv!h=ctxot{EKhr-!7T zAYHbh9;365-fFaBS$({;+QQCK$zFUtWbK&C2^-F1sliLT_WHL?1orp)x+0lc6jG)U z2;;xheitOVzupIpWU5pCWuka6o=XXLQNsH(eVma@6-s?3jvE78g4_iO?GN|mM=%vB zKW|B7+~t~tEUDg25K!;xGl<}k_ln-+3Gcm1iOiJbLfR}H+-cwssP7wjXC+I4XF@oU zuap z7OSQ3(!}j5c6G(RxKKkbFYAoi&=G@OBkz=`jq) z67;ql>pp*9S%@|pMIu8i6x*bx>Lr?iKPJMybmO)pOD#v=tq@rjFZK+fVtEt zfLyPKyW^)avy`Tpg7c6(ulQGOkWAI>KVuTTH{D-;PEQAd^9 zw8zuy?q(J4DUi}ImBO}oT~(!N?_{rz8zIz_JHe5 zr`L_Pw+6}VI+PrKM7|{D+7Zvuv#5f5jY0go$|aE>Fpo)(?8s*jQ9$T?+T~q#AdMhK zo3w08=0SLkerib*+8zFGfY^Yckhe&|w&|R7v(c(%=DFR>V&YrmRg#!(`boOZD7A^n zv+G`L9gY+rHQ1!H(XWrHG%-)^>J$@0k=!I}oAl%KGo!$JVsj7G^X+lV)9C78N3M-u z?6P{#WvRv5r-ftB36h6KPMwNOYq;_BU0VQB*2mzE`sN;#ZvfG6azDaN@S5Vf^J!9} z(UK)k_z&*PIn-{~A5%uEqV}UVXN?bG?0>BjcrQNNVENBl4H8lg(43w`R{O{Y0vp|GF3}U7L@VRa3uy=_6bQY%lzkm0U#eiMHcF&Kg?k8X;$0 z4TdZ~U~icdRi6;6jjTaKDx&{>J>VJ;Kso2dj9g3J;geidx9a=Fqiw(nU;cV`CmOYs zCmE<28UoJ$3O*a?cs$+ce|RD6-G4#m1}LD`6rE&gRL75xmn=~?jmcwWK|j}aDG*|i6aZSM2&ioTHVqJNvY zc&|V8Bbx7<^z*>9zN|fz;-F&DwT3&8f-HBL5oyzeqVM&)CxC5ep|WI&yc;WoJVx;P z*Vx|ic~=N}1KXF{@WC)RTokX*3RTQ2r0{`P^Br|48Y`n`gr0mSSbA~pc;AE9uBe|q zeqpkrA!h|-8F`_Yf%?UGlDdgmr?e>M!I$%he}A!t6nQn>{_jU%(=jAcOl241VPr_* ztJUKtG%Oe3-lr(ytDrA+gUQ`un9nt4m)&D?*Py^;mjEZ++J63@He^de>W{ z@q_xw#PwzixMgWw@2Fwccxn-lmO;(_-UDmjz7ZtFTXG|>fjvOtqFT*_XpV@0=F{9z z%-74Y9{c+$$XNgvmURI6Q?@2K$nJCRQZ`z*|3z1SiNx#)TMJC zd)BBQ`9XYFZ?W3zu!TJ8_+jML5r4f_UgmHw;EDTx+}ZcjohJNy!q~!>@{)X1Sw0yK z&k+0~i@3aq5t8gHk6j0hgbU#M2CpAC&OQ0pCvOQ`e01X1mJWcaRrb0+an)PKT5?_? z$LS|{DQ5y~31Jj{ndsi?qw!g1qcFv;=$cpVUjD7<4cmY z(L>&hJSnmJSy5=c#i)ae^cUW}qDWY}<~}j8|EF2zVmo%K zvHmTBA%^^ z->JCq8;8t?lhS?-ohLd=pMQkx5}eUPu1h-pTlq*l`D@RuFzAQ8zq@VTD>-4lp&fj+ zdVw`^GdD!-UCME`i8QC$Iq!q$Pv!< zzZk-q>&fK~oey?0G&EevT~XhWG8wwp;JBGrn7*%YEA;n(h1n#H6+&TJfp2O5w$8$5 zT8|43z2Vl^`;{rN@_y1aTtCZd@}nPqHsg(UV06fS zyosWDn{x!VphF-#=_cjsWMRURklf1g#l+PQ-@lyrCvokG(*!EL@toc@N=nx?#8r#P z^QBh2)J2tH5xUGmflU5y=H*yrNt?evdnhl^F6y)DJmlhD!M~F8p2~%7b;MhCsieNSlq(Xjv-FITj0;Cm!DQIy5}&-Rjfbwu1MCp_zMg64b;`!75Xap zP<>%}_-$c53>wZ1duc(8DXb2v4ZC#QYt@_O$3>$jd?CjRCBN0~Jm+|I=&4qP4eX1U z*dLFs-m!+g7EK-f;x4oLw=h@g#^5o(hNai%s_)>g0N_haGB*aVy=s%Z%Nz|^24g15 zyS?1Lsk@|N+>c#o<d@2Ab@BDG>*RfK#tztgl%<5?$FRbpjFhF_sTSS7Jur&4r?CKVAG~@Z=csp;3nMsdwuR z55}aX)ukhE3FfXL9xG`p|I4#B>~}bf*H8A%1JdRuDU%dy^ImYI7&hivyA83maSx5G z+;ix{^%)5#>UX7PD#R$8VA$p$Q6_b?b01c!$ z<5Pcw{60EPhzsUQ$bn6=UMbx3oW;H#*GKmB3>$Ivvk6i7w7%TZ>QLqy78rr<8x5Nr z^jGA~T(NAge*KEfw-l`a;9&s1ti?!NqOW`rq{elWuj?+YK1a@eO<`aE=lyTFR`dt- zTkr!DLjm%YF;CASQ=}0zJH7F-(|EVIw@Aa)vC!K|orX|vO-rRbzEh^&r+$5)aDS#J zOHj=}(>+VyToj;K|9V`| zVuw1Am*4v@?$9{l-^j=GCBgZ_zUPZMcLf7^blEr?Ri$Zd>kj1^GNgF%=hpBIXuA}?njcwa@ z8#`&6G-#5>Xm0E@w(Z7hY}_bNAW&oilfIW@c}7P!No5Q&RGZ z&r?W9a&ga1__RGFt~rgk+c64(Qg~ih?RW%`(e=f7%)}wv(-s!AL6x?KUno0A$50pN z{oMl-eUPrsb;jRJV~yqAk_X)EF&tM}-=*a^HLRqn71X{=JzJ|rtlC;jP%;ln1ZjoO zo*ey7FE4%ymIqSInJ`qk_NjShw_9p*CN#`iMdplYt~v-fncYIc9I5`P=(}=sP?doO zLiK;!lw{H)sAmelaCp^4$;r!Ky)tX8T{=^~i^#a;#iqjsd3=)t@x@&^Ej5|pWssLp1)#Lco&GC)msvZ}n;Ps) z!tvDI6M!?^f?Sfnd)f$MDF=K$_9S9#Cknem-~T(R&w*20b+89?N?Ia{0G*?9eW15x zZ#us}c(6X4UoZTP0<_l3)3cUy5*vU_B)hIIEv{&4pZG=PbX|r8^Aj7U9GWp}nn%^v z$~`T9aL#4lx^27qu^^HhN?|2!}?9fnqmQ2PKZ&%0@gv&o!#A>PlK|HD5zSXa5+!Thslz{9{!uQP#V|fy$%^H zZ_VM*+@8-^YRUEo?&0P7S?!-Bazgj05V;}F0&~Beoj@jI$#0`-pAdb?;ZuK5fdMV-D#*?Bb?M&4-h{dwfd5 zqMee18{Zv#Rwk1fa#82yN+HpI6nFR1Vg$6gW_l)$#6$6Iur?`h` z4r5wqiPJkB=5u@KMk(C~od&Xr`KgHCJ|#ib16f&WpqzLv#mAgIL&ayMwF{1Jz(z+C z3l9HuNd|o_Fn{X*dyF(H1LnNx=o}8t>Fh2D?)Pgv)5$*QtMP?&OAj&o0rT4CBmRv_ z0i)J+YLylaG>}aWzKx9x%Qa7gj$FO4XDA)!505x=v&QOp(~7xdQ2D{V>dmcdb1|@% zBD@1iXiQz#Wb47wwD?|+|FJrJv>D=4)@qgbL+9y1hXB!+!p=ekfD?S0upP;||J z%Y7xKE7k%5;Bmt-$@69`!=n3Ifz`*&IVF{KmB!nuP}pkARfeUqVvjoN9lz^z9oMLL zNDTGIYE}g3aBstc#X+q+5O2n0!$0)V{q~ zSRoAVL4Se*V{B;|x5|3#%^n@z_>?a)*7`~rkrt>R3NFIaWRT;cgh*>G%40syLZx2X z7Exh#SC2H}X#)=E`U6huzB7?+maaMgZ6NOsQ)*2|hFmxA^V%a-Dv*Mw#`?`>O&=g} z1*NLhTGj<{#)O4j|9UUV34ZHVe;)M%P}zG%`Pba}G*P8C##r0-@eiIvpvG9wd0vnq z8lOU#DdgoNLk%o?m^InJ zwwIXv>tTZhmd2x4U)@-(8LK#zMHZ*lOl{6%qoA~ECGFuFGtSvN4jh(0P!dYS!!?$4$m_f84alx!#Ty*$%bVm!^^3tk@Qg(uv6ko1=3nAkrDt0x}usO0eyWfo-=;;Gnll zB3$QVm+ODod4GHdJlUfizZD%e-9KKZfWKy^w+H%kpuUQ*-!vFJwW4xhxYvCnHS_FU zJY2nXFkx(-BJc-mgGqXOhOLEpe6PBvosh>KUuP3y*K~vfH^5ZF!G@!wI*~Ry8>y5K z5sUH8BtrmS#OnPf65fL{)K1-q{_Puv6O<$yWFNAqSg&_A9i1;3Ss}W7w3k}bs8kZ?{^cJ&tdkgTBnHCZVl^?2cS*MNu( zjIKMY_gNBMNcjqzw(WtMu{&!FB6tRIPoO%|pK*V?jmaX5RT`dWml4}w7I|;wAwYtz ze)LO|8&vVbMiE2zXa&KD`hAm#vS<|hj-5Q>nvQJHxM`+$*eDe#q+S>0e%`nF zx8hq-$1*SeGjymO*ZhOcuQ?uPnf3A3z^isWt%`?Gm)8gB!Q&g&r1>oE&lNkqst`~W z(;Ws{(SFX*2wjXhSgi{98qJlBiVuCCQ1o=XC$1s-#qui!ZP#s*X%I=@M88ojsc24P zLU>5GT!dlH_#q}{?63%4?I}Y2ao?>Sm>gtr-~MxfijE%nMg{Ttv^z&QB=vgm)_E?p z8xDi+$;%3b= z^nmpx3`7dPrML|7Gb&0ya)o*2Ma*#%Qi9xZ4zWzJ)?UzdB9a3FJ3@HytAgerJj51; z>;(6(O*`R>@0y#l!V@q91K%ep7=K$9*Abpy7k`2_k0S7CwdhINYd>5S)n!LQM=f+Q@egwd5I{w%sDsU!~k3S#s2f5uVID|;k)N> z8~K@SG^bZ6=%J)D$rH6{h7eDpj#t!b%x6u6?wb|f;vqlAW4GdZQg-B;^~R-eBll-A zdkmPdr5f$GuR718LKnlNn!6UT@ATf%cPEV!okzIdl_1l^Hsw0i8hZRTrJsg?%8 zGQ$kP(szZ1iVjt^*-mJ1P7<=<{StKE^QDtEfi-^W#Ll_sa`a6;1!|fyzRUD*M2Fct zi#*6d7?HM!AmYKky`&X**K>N|5~(7PIA6IJZsZ1O9#{!M6viaH_JwmiAAg2GSy2%W zx6d@g=T=y5@X8}U?u_l2is~&lp@LDcpc0{!N8!N8LJR*#7yFxqQZl~SC)>NXv%B-; z;1P|)Qs5^_oD+&#jTHnMDbG)^d#87wK-_^kqj4jhyLnt5(Hdc%@5`UO*bvN41E!b} zBzQ%NytKAXqgQ_Emc<%W4Bh&R9wg~KK<^s2-}`qVD7Wc^gSr?Y@0TRJhcbx@iNE-a za(tmLjvShp;#P$-xbqFwJ^BJRb*zM1@19A)`P;FQg8R3l448x8BB?4|4si|pVqJBG zPUddnE^k-!RjU5@>n?sTP#_e8B@tYNX`Djz2?2G#vp_g2I1VU782mXNJUagiIv7P1 zn36n-C`}gFD@5Mb*OOChRn+T1OmMyK!HeF2Pn!lSPz^Q29W*RIFvsS!x4QpYZ&{V1 z=eOM@F4TP{38N*;F&|~4NqyK#)=jqloIHo1-yI@Xf!*g1nJ6v=^Q|FVyT5bJ>Kno* z@BYLJ;(T<$x8@~Xq{~ZDs5oQXx^D1UUkUHYaJ%5mh@ZiiR>x*O82di1)yHANxTJf2 zqKx>#a*+jbm-D^DrP$l}s_Mvn$cYF!-dCbjWM*`*1CR(4EmY|Tk;2{OkzhY~z}Pko zPO!=Wj2YqxM7u*^Y{O&0e*B;ljXARUB?2RzV;A{xz3z~8Dh3ivS$7)mM@MnR+5v== z6tgljcKPsM6`_=5`gqlE^z|=MU;iB7r-;H49Cz z4QGAW_Rv#tb7|jkF|aYVGW0VQ4bAf87mpB>4>e+xe70;A|9_oPTms#&~?_n*A}^?;q=A4r!DChScKmUP>Ccx9X(s5jtqjq-nBd$U2Lt58rHc z?yBqFwU<^bU9LRm?^FH#$p4e?zRQunDSY$!pW$vb-?3vGe0cOGHD4HS>Vwu@iOT6Q zb5>g&c)oK)Fv64SdGF8TW6y;oO)Bdm9uQCMkY?$1Nt#tqqe#KjCNK$0E{=X|37OYh zgq3W&#N~2R@!T~+lE2opZ`EF|_U2>39eO@O&?59=*sB|YU7uDf{H*C5bBhNtvUZE8 zyQX~@FZn7~L4j0=!Ka}Zy0X-KjZ~RL*{u^-8&W06K79L#GKnUFz%x5m8;~iUmRtlk zaHS^<{lIT3pU2Sa=m8ZWUu{68u9UD3!+uS((c+|)R3r}w+yd@iTX}tTG+7wulmKEp zAATZY>k!40o^Y9EL7m31Ul&UZs)9mpo;V4mHi00EaJfWo%DE-(7g_fWoO!<% zvKWB;vUZMa>OW927c7osOa4sslQ|gbfGG9r4bB(xX4EWygI;b9gUE!;CiPwnjwO7+ zecI$%%V{g~?LgfX0sGIpS`&^-&eVCF7>b0<=eOYchq19`@OyvzURzW!CeeM55btZp zwR3A|b3@{&+ZYfRD)u4r-s@2L?ERiARGdXIF3>NnuqT0%8xMt_)If&?3MXn55acB2 zbEywvAxl5gft31u^lksTLue?Y+g{3t z5R-nMSjeYBkgTXSCq7#G1F7{}d@9ZWM4VsO_f=hWS~KB>VWnsaM1e;kGP9f-hD3Da zEQ7}gA=#jfnUC$0n>6oVMG+Ops98k;miWyVj2uG(EIN}24L;Lbg6QegEXF&xVBwb9 z!O{qfq{;v;lg!IUaG$Ty?lku)7|p{<*2S8wN65aE-eEttVWDo1Nf)e@QgjMghPOX! zI3=(u#_?d8MmKd|Y6!EATE*NQ%DXqW28l?@WQgg`YKUoU@Heoq7-B+5REHu{`v#$h z&Kun8pFgrSNHemvMH5pq7mn<$Mx~P_SP){e=kMaEP}e8W3IJm`DzKBP(8JMgl&XG! zgA9Vv#O~WX$;G)C7bOJI!+DL+Y)Y%?#d2VTQ6=bHl0gO?Y4tKWc1YE44V3)t9aQ}k z)@_Ibo{25?zmUxU!>z&qhqPV6c5VwHU3A}lCD@x6kwAVZw}sGVj;aNH+icVirb$W7 zoJ1uGtOsdd1Q9F%FF3}LgW@UnNW1GR4y0b^{@*4p1wEL&(!ZkciGM|bx{Y-4KKOAy zN-3B(dqe;;;IC+i=VVC;d4ZEYj7P({gDxM~w(aFxL}u=a*y3p3daMe17(e^Y+1 z?in22lk@rOdZcZ{vRrSF`Imkulm~hrjJOl?Ufv@o6B%v2dn0&NCclnns+PI747Q1l zFUM>sV6DqPfBHaz-9J?zZi98UaBJiCfrB;LgLy;zGgu*0hgwkfJ)didFk3OZ@Gv*? zeZutrrNORtCBuTuBAlIfNN#=v~7$e54UXx+1iU@JE3M+07D_yTem=6hd%b-oz z2ksrC%0@vHZ5dLC0Wr65Yev!ayTu@K00@hz!iBmGCNk*9Y{J9fQb`>tN6m@BvoYuo zAdBO`QrZM$v1Q#K$AU-|T_P~LL;vJ~$}%UMkm3Qa0Z%8=2j>;f1{fZ%q58E`|6=DZ zap_Gku!aSvq31!u!wrvr$LtD)E z#X2dLIGJdZ~UfWfJ>`s;!?n%@7C1vX?JC2BZo|5 zp4~~Ucd$2fZ(v8v2dkDoL`ssdzdYWNEZQ5{i8dx7O@%*t_Nqj`Rhe5jhx$lkF8P0eRDGyYuF4W4oHCp~s)O(G zgkHtJ-#4qId{Eh`j^%{>)#-P`u$=XjEJEklJ{I0Vc;*W`==GW*WOt$Hig!y))0j zq^jez*7j8Lv5KqKLJm?~E9I^2<3K@Dbc7_ z)^D54@(%@$OT=VOL1~U8NH}4^)Y%MI+L-9sT)iqVn$?*bVB{rD77~K8B?#?P-y$4D zCc9)?xT9S?mJX;$V5aInMX9t9A4-{0E>%sX)K?Lk@*MEuWhJ>2(Y59X9u5EP&4}Qy1ydmRQCVh?9Xit0O6;6i~AWUhi34N7b$*L^= z58)RwJjr=gOLH(2wx1A$z&s+^OgxzR;4~5w?~Jm9Ys$taZEo_75Yc0`FWlr6r@s9! za0dftcPtdX5HWrdQCj^8yk8*VMdaD)zeoKPcZDfJ+I))Gb)x7zn#=Ifw@IVhto7fDbeNbed7ErHWIsSp@S*pPgI-Ycs~gsCZH2V!zP$BE6wgF5J31-_hBJK>LP} z&u3r$v9$bRIao3#y>`f};4&YCvc8IK+tE}dIBNX!IePo)jOfDENy_@<${CEWGqp&;%$W(E?j1GH0c0 z8B@Bbi;tEK@U_UbW)_rLzLhnZJ4Ma0RbK%YDfyo(kN3!!%?zla9!vC9dq2omqv>pz z7Cm`CpOzCETnmkvfnp56FX+~{7U-K{6cFeIfVL1%kSi8WGYxP7Xi>PFj+}^-0PGty zk3b_2!mUd|Myz~r;o}gt+x*hl6Akr@`wj0!K~s6kk}s@UGbW!aaDiZ_Ct{@1CqPdi zE&`&I^SHg9IR<5v#3<)Akh=lnG0K3$IWYzdpVX14Ii7k&kc&L!u`P__uK&k)kpBZlx*av9(l{Q< zRNfDig$~vUpxqZup0DvlxytS<=OWjbS>UAn2G|-e)Ft1*V^$u=vjG@6Pl1&vqjHl8 z45F}Wlz8V(dXxgNTH=q^i1Kr!zxHrX)2SVLLeY?B zMt+sVVn7z{w3x!Sql4tFhX(te$Ya<(@)X)hZ@qb-kk{7Pwpf0H)H2uCg1@lvy2lp5 zqTHPkzdV0!dBL*!!&_mdsgtM-F3&W2;>j(+(G6_%V=4nswl}e+));P& zhS$yFway6pCiB7@?s9MnXO6`!W3tvivDyEV$?a8kB`selTR#xx)UFJ2gzz(T%&X$I zt3d^Mun%@ktXfCH+b-4x)*s4s_ANgvZYw9RW!#=-9m|IZFUN=ar(Ezi+1rOe{KL5I zgDY;ctyCbg4F)ftqMNZy+n8{(%0{nL=nfa4LMdB_^bS|`%NX{J&qo}yu{Yhe^Z4jf zk$wg+7*)?cbYH=EnmO#{Nj0pCu)ajJK>Kw-9Iy}+vO4TZdEIZXflOz@i7wv4Yj2bf zrIZF8C@2t-<4vqqe7sreF(f0o8}@bHLWhy_uV9_e{wh6z3BTGhczEy6{n#Eqynr;l z@$h(xl*=em1D1UbslC|QG4(; zjOo0Ap*oTLAl+#4fSHEn(R>0c0Q+Q8Ys*iU;N{7(99zwzFRN+%x@aC$8J2v(aZxMx zFx40s?QUfB$^f{F6kD!OfIbyUEWf|NsIh3`5tg^~`Qs_9?DL4=aviQX#ASV5^OiC?2D*@-2FXF3|F)>4AiQqoE!@_y3? zgVqT889JB!c_KoIVd>L0Hq2*F0%`g%7Q%jYb9-W1oA8|fXYiNY&Rf6-;s!%%f|WN` zAe*@9Wjp3OI9g=3Rs0ne(r9X9Mda!T;= zv>+u*D_bu^tsI+Uy#hP@{hA;w!bjLNvB;CDfd+s5fr%P$+|YIZ`Wal3C|B?(Ihfj$GAb@EHnrnR#BdK}rrR?X8-hOkF=sLQe7vxw~ z#Q*y~j+!FTnT(0aE86jF5RrJUkM-?6v3{#(Taf2aSA`#CEv472zblnVfgc0aFnY;` z?ShOE-7eiDsy6grLTpi-pBr$ojg-<2ew(l0>z9~s8}Tm-HG1jOeo~OcFwX-@%UtR@ zp2Y7fwjyHK9@LtpPsTGnxsF8c7rF}k8!=0w;9pK9Mx6i7MELmxsh>)ezOgxk{lf-4 z*jTSCsqkY|{FMUYPbx~pptkcSiMfsGqhdrgGK2vJ>xR`!(SQF+0&)-3sHLv*pZs`g z`m~ONRCU`M8A+v%BOyi~es2A!24Pj@j3$K^Oc7vP*#iLE&7x8OgfT-Av0bvzx35QC z{3LpSRmw-;i>a>w!jl`e5@OhM02)dy)(nc}r!2?9e9Z7hV+Meokt)UaWs6x+(wOIA z7)ym>uQc_GMsL@iq67kJdB%vIOC>L4NC2v>?=r~_QOFuBd~fQgy8qS2SM^fI!ft`J zQPOYDHeukOMl9Zb6QJ5Dvwr${TYShdVj-J4*0ZvgK5hDU+5Os{U~iz8t^dE7&$}HW zy}y)Lz&9>iw+QKv1O1T(j>o=l^=i69k8a#Tmp{&le$u~{n%Hr~` z|Ips|!q5roxYoJDHO;U2V7N$=Xkgm;22(1~IZt>~e_N2SgLV#%Dw-kA6yEo4gCC}> zEY=u`g@jou9|aphzy?PH!vvE6TZ|LdC&dc)o5fq0fg=6ekQ}7)KADb}&NY-{*{IWJ zYh$mS1>A)d=(lmmxwL}(5N{`llzF)vANOk>$Fk!2K`>T~R@?=5h!=Nyio0*$@M$5V zntk0PN2hQL{-MR&yAxD|sFty(c^4DsE4Epl38pc+URz8T?Qt9bC`iyzvg7t9}tx~4f_G=wZIZQV(^SB4EIFi$!OAdHC@hVs^8>} zz_Bc072m|g7KVAj5O-t)xpn8a?<#q!*S->Q=cGNxf( zs7vLIo!hTAAKL=d>5)#7gu`%7{%Tg~^dkjB^8-_;i!DG1&|RN8VDY-cq)|DX&K4FJ zev)vavAAz!+ZmWttCQ$4{6nkKe9@5xnU48*EVnN7#1;?>j{$F3ui@vi8g#Jx0btvO z{BTaHxkoag`GNa>#E?#lZd$3L04PG^3t!N1Ha^g`0t1+`DFZKo4}DKwK>sc^=|hFn z_{tX~?FJw=T<4Dk+^CN4K)0N%vYP_k0TSDI8*``hQo1^#Kmw=$z>ZtLwJMkG-hTst zwYXAnP8P5c9iemv2G$0=>-O0o-307R;s(nFgM!jd_UufEhGbK}ZeujrC&WQ~oJLdP z@1uPs%tF&A2IfyKQY{8Zm=|nnLZSI<*@4(@;}r2+Efg&(cXLTlwW)j`czW1fx-8|k zKSl$jPs2P@$*5uprqjjJvi1XjU?~&}bm%Tw648;Fb}Y9y^Tgpq!%fII)9_=3CKCVc zMRatd8P5i~fIqzJ3c_e5iV=+ngxtz8e>_Fy5P zaQ1ZCigdz2e7TB1JJU%dmZVEIGMHp7+`S9`>0^Bu*EWuzz+A18y$ihCofBRTlUr8< z6lA@VQ2B5lB|><%6M2+Be*RyO{`_~n{Bt|c?&Ah;Ef!WrRmKZ}f5Kwh*ywKlxw5Ag zo{>OX@+c)|rK+}L87=LQw=#ujyTrwsfEM0~gXRCkIr-y2QIM^aD08A#F8xkERjx=E z=CuCSc0swTrz?RyhgE^Sc+CqbZ=is<%Lt<_T7?L?vtgXCD#KT4T-mOF$QlC-!jReL zeGcmXVz~9NASsPlv)c(9%+T*w8xwKl*TdcH&~HJuKpPdn2QKFCSj(3$i&=Z zOicmqU+;&)P{wg@{=y6eXrvwvHUH}crr#zG!SRg6N#c$E+m-jNJr zxuK>$pwv!KX=ZEq7Sm&btiVYdz1khX*taG}3^({?+#yj%970F!^~b1>>o0l!-NU z1GTV;v30lWMuQORC-KXt4 zuHyK@^P%1uepz-{k@1O#{-;|cN3n4ovRQG68>AthbWyr*<2rGYT#3=SQnMoRoq9UD zI!lz&-E6lDEoeY$FY_e=uuGq|UmI^{>(9_FbF~?Ge^or`X$xE8>}t)b;^cptv&LD< ziwuEFrFHzdZB!9Ms$J^%1GnmCmXy0vld3K{i#WFcT>%BRCpg^nIm*urmhPLwCn%^of+M7mVMvq1+0xzxGr-%jmEJ@|A>@uD$Q9?}c9(XPe?!Xq<%(}yQH~;Lu&VOL` z?1AUiSpmE}^SqT4qx6D>Tif?OO-fgbi{%sq|uPCowqu$f;!t?+`?g=~6)n@Gj{ z1&gB$Tt^lm)oaW{#tz=J;ff;;M6{seOTA_H;{x6?7`#x0aUbg&=y73PFsR7xF^6$@ z`uoHbZ-`u%6~*@Q3v39khZ@`-@{vjr>>8yfbDnXyd$z-i;MT=gr&$CyrzH@UZ3Vg^ ziDu{`#V>UI0TI)Whxf-tT#=~SZyvTp{`;~+(cbNq0wWmgNTM-;KDi_eC4oLC{KHOM z7<|(ydo7gvfg4JDb*QjjSXuTzXV^527x|enK@aqfKL_Ej8|S>K)4R_^@vN+$q7*H& z*0T!O1~Y5YA-5y6;`61cDXkn}jddY&N@48B$rG`^I}v>zW3VsFLc#U;JFR_IE5GU1 zyv|l??WxmA%I{ET)*w3G55r1|*NWBGy}WI(Ht(wjYv`(#c`TdMZzx*oh_SM9NruD2 zE7;x7Ch!3L-RPiPj#@gvUOxx216$`o2KEi%FvGC1t3;H5)!x~wBUWn;a`VyK#`9Jj z4KWA>SpkMc;LzWz?sG8bw>`wo{nVRf!#3o#+@5U$4&+ICX5R{g%~F~!QZ6L=7aRSf zz_^oMnWC?%ff$-}-IQ{}H;F;kGcg;O5XL*4f%}_B{UD@<-;(q4Y-8q!2+%AI@)EON zD;uulL=ih2bzfz@im;JJ3zKcFS0Xh6IFc< z50ZpbL4SM5oW_44HnCe!)>T>Maar?1Q*yZsMKhU1 zVf%fkx;Bd7onCW@t6;xbuuYdw+YI5MMx9{%@Rw0cmvC2!k%>S7HK=1J#w zoTH~woAoasS}d01&}nw<5U2fX3lVQhXnSnzE<5d9^FlbG=WG&M{IO3{t=$(p5Y0$I zIxFcoF7cb|+!JC7P~2;13e8S>%li%)GA~!^&E%mQE1cwmHfkE3LGS3Ju`$|^a|2|_;!GA$)b?`~pVJyX!MdH<{1XHM4?fNet zU-7>0%&NQ~ZtfcTtexmlcA18!f|aM@ICRmm_Vfos^+q$Q`J5Bb(7Mgf7k03ZPDfNw z?Z^Y{QgU2bblTTqZ>(nZ-Hu=bTu02WE|y!muH2!zgY1VZcVb>4qDa$~c*YiW)& zAaUdVz}DfZeP1-9MH=`4ZRflz^|*a<`>X7DkE{DY(`7ITsVx`r&T&Y+Vqc*x&^P1$_6Kb5L72#{~r;?c9Hd|Cie$gKBMAM-H@I7k7c;)j{W zI?(=YuL-oT6aj+{o}A;05%cy+g0M0B%Ya#@p(KTNJD3X}5H66Mc_R_=iEv+}$|W_4ueW1NQ)hH~jmQ^&Y!s?9?zFaL8^$5ey)yu5q}sO(Xq#0}DDAx2{37 z&mrtWeHB%$KD@Ej;;HdIKLSsEwTZ7x&cWXkN_mw~Ug{=y##|Q=y})Wu_uc4b(B%{| zC{T?E*j-3j%~enfZ(EFK3{-A2^ioT&*MeiIF=+_c&|@rZU&Y(A;dBcH$4x+FT%~l= zXsVnNq|-biN!7ZFSL=fI8o&69pvx(4s4f4g^oX{_D6cX`a__hil952De5W&>k@v=3 zWiktPGn7P%bzXs`uSuur&LLM^twJ?*@0SjbOj)JYvxYo>>3lR?f;p?;BLR|c0Vsbt ztY??|p>(M^d<)Z@_rgC}HW`I8trd&KhO1~d4qC0ugSZ%f&Rkpjl9&l`4Yh=qXJ6TAh(c{jQA4Id^<{e2 z-c7zy<5@!))F8ixdh4JS=%P7fJ|nU{Ztl^PkRi~5ZefS^B1XA1LDu+=U7I9&vBGHb z{w2t2-=VBk5xK{VIly}8t(!Z~I%6nBjkUB-(ia=3b0F5md}Ky)JvKKfpwPGzJxz=6 z{G&0rUGXZt1b2_q9K4}S&J6~tLw+5;fRFyOP6%y979^_GPTaE+Wl;KNI1wMc;B>}J zeUjyLZjOvY8r7^-@iEn5AdT#Uc6iziTp}M#UZRDlvw`yQ_;@q9u@`HNRRiq=d3k(|#)XiamdVP|y(?f&On;83l z=492q4FM;$a~_pI&TYU64E2G~z{ik=6zKY%u~MVb@a#HDTOYU-=7}2H!Im$rNJ8eg z#WyJ1!R|+nrd7iw+}N9yFSqSX)oGB>X%0yaW{f%z=DjXzB}!MGAex@nPG3teW#?8- zfltlVBQvfFojRvfPMt3POmldybz2UIw;bo0$2Y8cL!z`-4l*rSK5UkGrvFrG|6Dus zuW~A2>aO;~%EDn8u$t!jzb-x+i*!kVi~iVdsRp@UbF#x)ON_)Hbjr+R7IJ0ja&0(_ zKv8T$QmrcAq2s2tC94#vVn*q5!Rj2#hj+mc-Mr<3aOoL+*`?SJ*R>zRk_e0-77JDW z)ebz`n}qmpsYrkD)7Qew^T-=botk3;H)7805s|xUVh5R0Ho!eW!rwDc z{o_5|?7d~g)lf$4NnV%do<=6iMgKb#?$D|KvP~meJ&z0!ES)A{zM2+fg+jeHcj0mU zya-LjxIG_;$}uPCAwO_)Uduc0zlo$Fj#{)uHUxvpA|d6tx!D={4`1 z7^H_J=aLA!%{(ZN4F-I|x^?UFqa76G1ow?(PEY-xt>8+m!b=a3b?fG$Z?FIRQU1r3 z2!(o3<}xC6RJ5O1s+(1*aXdhPhE!4)QCj*_t<1pyw5B+$t5U1_L7$!ztC$n3SFED} zKO^&QF>h6^zGUsh;G zo~IdJ#A(|~?YeU|GOTQ-sE{(#Txs3Qqu&~R_8a|#Z5QZOBglzJIH#;WUHrDWDB++} z-OaP^Yr5Lf8QmW0R)S?A%ryO_E+BF}yvfaXIGfCMLD%RU9Gm|;crUSMpWrZ(&^dzt z0o$S%W%U1dWB4_-wf8H>7|!t-+QmLn1%Cc+jhJ;IWMT(sdQlJQcTS^M-GOz=nKm=c zO8%oov~vqU;vhL}5C-v@?jhS<-HA3a1u+{TI}8=Gk7S*0u?e2l9k8$X@UI-^K3>Su zTFLldC%c4oZ_29g2l8|LZl2C68-s&oA>Pa_;+-0Fg9{W#m+XP_8*52z{-Tb-V#c8r zNh@~yo%aGY=LS#V=3*7NJMXGniYeroO7bgIHhfxNT7LTyU_R-7FevoXY=hRz`V+Dr z@d0M&pBa7WNxKiSdDBv`9xII?2ari^-z+HDI|BxPEAFXY^>5YWZ)WfW1F>#9enm2i z&6&`?9Le)}3|+WAqWukYSr^##3DMw|9c+`EPMCV~sa*1sJ50w{dA_1gBZVt@eTwV7 zH(gWgt4WLPW4(WcPjHC8>V|?9;?o-Er)Q0rzm^?B-M(%8dbryfd*w&C_v#@_sk;&9 z_Uf;Ac5BCTerxBdj(RSOP~wmq*B9GuCYSLLbDN|mW8WQutBz`Xj$9(>A;r4OkatQ& z-0s!qXWyKmv(QKPP%vm9DRBWCTQ}D9o;BziZsNsA*_s;dIjIDTnv^H;F!fb7*#ni= zWnW-t&2WgdwTR6x{tY%` zdV?AF!Vid7VcF1+^v+=`vFUGZ8@g_vwsM7&)3uT{BQ|6_<12`Er59lqC>~HdB=)&q zAokx(TngySymsZ}I`n=)`x015%dyJYOtEfAEi))2LoX}sg(h>MOIxQ|gpNtU2*-n7 zc!8Yi3_DA2zAp^^-=Cnsp*V;-H#$ICsv4mja=xyXxwJ)h?{7xsuQBV0L&$9Ise<4VYRjccpM zt|TlKmCK*sYM$ym9k*;95mwK7AOBhU_89QvC$W}gE%h6rr`K0n;$BYsiwD9cgNEq+ z3@=rQMTP-kb@x2-hKH&Sp-Wfn*&a{%2FC1&_bR%blB&Kw+sv2DypZ4e)GacFtv`fK ztfZ`qEQ9i4R!0rAm8z*;JujR&^E^3+oCVTLKreqg%#j{6R9EUo{0e)jCinck(&)~q z2E%Tihmq{;1_L z*y2n4f#>;t%aYW%78Sz9l4PPEw>l>#{YzGw2P3>XUVAcO=V&@mcxjA|ko**BX{qH& z+b!n=g++t!;L;9MOW8#HV)k-ac-$4?nC&W5^r-J86hE2N&kABqqZfm!>VDZ2G$S!NKyzhrIcFIYQ0a?WTo{3$b759uZ|7`Q9Ot@Ii zRUOWS(7Z%vGJ!+k^jm3`_F0a`uYm2kc$w~Z+-i@QG-{5ZTeHa_y=j*=>uSOw*8Ff( z;u?#~p~cKJGEBw8>ILd6VTTY*>Q*TGs|U#D#4CR2tl#kXZGL>?P+aw${pBr1)50yb zYkIW2zHO1Nr6UYy+AECl42OPxLL0`}xm{7eW0mA5&^a9&nCL3Z09kcp5kK|ri-O{BU8&q9UqEvIK z)t4RcD;fJCYXvnrbH6q;ZCSD#>^LSOtyuyInabaE9&&m#Kl6;3jPq-LcJ3D*Akv+3 zaDJ@k7c^Tl0A0$Ga8HO&w%~P~EjbMecz@@4%nl@de4%uZ6yT1W*;R%&IPiRC*d3nG zpDTHj7id1_BIvclj2B)S1h&EfT;lR!eUD2^lH)?T$Y}kNsjgg7KJ`mAUsV%)BI)<- zq8A&ce$PDiKd~Mt&V9#MYUTarZ?ZIU8<&u`A~q)#Uw7AgI4l+QuLR?a&A?7wShuG= zp0s%X=m{kq$h%TCRNN@0trqk%ksuO#J$Am@j>$hRWK<$QZBh9eAJ?Z*Eu&sQlH?WG zrU_;~cZP2L2zC21ZnHxQ=1DQAu4z1&jkG2A1Wqdq`1C!p6;H-t*n2`&; zioR(5Swa1~Ja2!Yd!(zH@Yi;@UXSA8uz^eD3l2e=t5o*U9Q)v@t;0aguC#LAx*T@A z*mcSR-NWzrlSy&3)R{*quZ-mLlj?Z5tfzM+PpQ4zY=d*ZLFthuDW?Nd^}Hl=PRj3o zUOI2PUxbFU?dWF>R;~64>}CZ7@5Murh1>07NGYAG5?t=A3akqH4MA>d(3b+119R?s zb!ze4>wjx-tE%YzJeu$FEt9G-767D%Hk2^k1cS9`-oxw;h2_{Yvg+ z^_6c|)y}RwRaL27Gl5j9LF$fjR=k8mPWeUd;OR#}BW>+V?nB1S!MSy)TTD;R#yx$g z^xXQnoV?~dP{P499rC8}rk1iL-FU~HrQI50D6)xIpkl6$Gii(HeZ;~gj)kgk)!cbJ z{q>7u#bUkq5eft6^RZ&HF|SF=*15VMO~Ld05pUqKZdshmP09YwgRdv#0k5DO?&JI+ zA7hUD@gGO6J+u3L&h)7RS3#PZ)C#A*@B_pc7GO7Abb>6~UU+q_mVP$A|7oFO@8ab> z@Atl{PA6;gmKIg2DioVgYwqQBBjf80=%tzj@!|gSJY=3*Z_ZqOqg8wMe$tQklIF3- za%~3={C9I#Ps7J}oF?j5|2`Q3$(cS6I|BQHYY$3N{^&xG%5YzFR_k-MH+R#TpT ztlmbONg7wV2_0_oOU8b@LGQHdGq^betjYS8pM{sPRB$u`F2Sdh7@*cVi(}y7p8r?-&B?W8Nbe$8I`~ zL*3@-wgquf&+!FX&$qfRz6)DlUiftNpx~nNzh$j&+-HHG+xMQ{@VKt9L?+);4i1f9 zt@AuZlNggyY6yKkcv%qJ?}tgtXgqlNN9WcMmarQ5$Nea#OD>%6WrW%CK~@XZk&l@k}}=z1?{ah)9U-K-LkZ4?pJT6d3q5}P8oE|GpYze9SyMBrc8sHPsicVXZA$s5yZIyiP0*2I?c0sCH3Q1x@pWO@M- zP&M-NkkD!NZtdipu|U-`sxi`%C$KGSMy5LqPN@TfmnxkwhHv^F zUq3c1fBR{4agh=R+e0dNzO~sZ-_b$%aQXa7Y5>-ONb)A+d-ebuu)w!YO0v(tAs2a# zZ2EA>zrh+FKKwG=={2dGex+afwA>~7n44jrCJnRx0J`GggXFp$IR{(2S&n$k)no07 zHn>Fw7Y3%VaBf|i)?IhF)5nLefdYub^6gI=`;7YzbC=9gLAOM2dvR}cHwpiTv9}D0 z>j~aQvEVMj-Gf7b;7)J}3GTLNSRlB&TS5W^m*5&~VQ~)xx5YiUyWhj_|H`epUvAaz zsh;VX?w$i@M|S&p&Ww9UiITN%G0yB?z45#?(5O(>$$_Xp>Y|h=ykmNIA7DJ=2B&kj z=QULIkVF3P=}OpJV*QN|FyD>8Axz0xsEVGoZ7(&xRP8!sew^~3eml(C@?7Mlzg>0o z>7Kg<=VRu&K58@0{YG&M$St#1bDptB3oF{5OykZ5E1F!%KK|7Eo4fcz|Na@ssf=~s z$Zu3R0B&Emo@L402vl$Bw;tfgHI%K7@zr17wMi0^J=S7k?SMb)>_}3Z-Hx^IZPAYP zE4vMA-wP1tMpwcw(IU+aqW9(_pLz71klrX3sANUzSx*?>stwr5BS%>1hkXcEdmG^7X{ri z`T6e*`TBDI$9L5g;K;aQ!TsAa8COEY9{Czs6&Xs*!|a~$hEunFTtnO6>7!xbQ^N+s z>7X$e09`gyR!kXWer#FU1{|rJ2(N@!wA8#@j(%sF*mnnHvKkld!Uc zAvdlM-T9Pg?jw8(5|;^TNFv*$u+eQ&VdW-m-j%ui4A9PcoY?4?+Zm1_2g`~ZHz1L_#72rw61h@ye*?oUp#?%uk%%2m?{Ib^MU+xPN5KwqJX0y{(Uls`R z-#Dta--wTnt&k5T+(LWzcR+}kdc978Jncn*W4_&@Td`sCvg}`^Rt3;OLFOMd_|F4k z_+L=7rTApxEqlse5Gn6-j`Bb1x0e3DmH#o5^GftGo@-&IW$%5xEeZcCvHA5j0y8ZD z#(0iH&ifn*wB(uRT3|e%19U)>_gHBO5KD3Mfrqy#f7SUc{hO8l6#+)N8PE9uBfDR3 z)58Cb0>0U0{(+#D{tdL}8%Dem?^CF$Q-{u>)ZRoiyAko^sYMH++X1^P;TH*BnSL4% zRD5lkR4KRBC^-+lS2SG0D`i*Odf8u}SO!f@2e21kHB;_67!*(TYAs67IEJcB%{M5l zgIa)phDZ1UlY=|=ul`*%vS<05u2EAwL7;am2%NBJ$E5&MH{Mg1wk3*qf_w!0Rc zLq(p7(f#IBBBLs=?Q_3!)!?&E;|>6I0py%QsyfB*obL5!H=nDp|#t?Y4G(B{5l+CN;PxqI4Q z1an^e%b)EC`CAdAx`QuY!gn~G4)oTIj6dPHU(f@h`PKQud5z!|`)PmqP!iQe)QiY0 ze+vbgUkO_b7rg|N?VSl+cHM!PvPmy5n#$tD1@~+d%Hpm_wgT4jwlMPJl#Cod+SQF4 z>yRJv+bnDYgZk?)uKe)p#axQ~tx1#3?V!!*Bd7iq`NkAHsB-;LLdF=od2=gAQ$51) z@iFmQ;@ats;u&wQ=+hp3xc@1~ezte)!w;*d8OQd? z72bz?wMxIWXH5%ArQ2zWr&fFH=ViU26YBH6EWLM3vzob$)U)>O4~~qF3yH@lRj%Kqhn;03lpSR9P>_B2 z==-y>_^hl}jkp!t|AFh+)w5zXW~()Lbe#0fow*zGE^}t?S1xT(@uusS@WD3S%%I0| zzK^H9dzhbM&&rx@%p?+IrhRL8HHWtcWZg{4fir-B3@&Y^bqdiZvNqkcVzXrG<2=UY z?Th}OZLlZf$()KGTn+8yPd1Jw4gpn;WA16AX%;8Yzbx(XF|W7YFHBtmw%z>VM>Ix> z%lN9Z-NNqxueohNKx8-OZsExCw<%DYrp4_YOf0_|VZ?hqkj-YyG$|SB<(IIsxJvH5 zT_qiIBirPF?=e5hVg-P7lKeh-a(?G}O@fey!v8gbx95PD;n=e(_i>l{@vK>hO;aCW zaTXYIxILDa?a|kifAV7WC%q#$9I<##UkDz!V?s>=E@O8xtc z*5-ZR8Xo}Z5FphS*&2s|TmM~0J36LPx9TuI*6Ga75JQ2>_Q5pco%!`1K33LO!v{vv z%enY|g(d6>b>8tTQ&3g>V~fsgXTNu(KK;R}>(!p{OIzVRXWfJA+ZXAUg0iGm8JV)3 zdA=90_n+bE|1AsyLcjlV**<5#J+S4mt>T>HzpBo@-g{6kddx;7}=lfr085k+buUyA`4rj1|<~xn~4PH-Z-AVxSC4gZ%^g}m+!JI2*Ow1<&X3Y-FEP8d4M2)ZV9b8jyjIT9Sq-psT5nkyr^ z`m>B`mDh%1df@ddQv`dlM;zWObsO zd0Vt0KO&6oCc4|6MVZ#GBiBaVd##3=`)|&QxvmZ}FDB=pkzDT2EatI#lb-(5pyR^Z zj9QOLzZyWg2P8gUK(fAhk&MoGwGs$epY+;bwH~#xPJieA6Z}Tzph6#xHS7MK3W1LQ z-I4pnM)RsbvD5BrOZ$#dxU=z^nD*{@x3Rcn%VGi2QB}B*{Dv` zHdao(sjs;xR{W_>xyomLXJZudF9O&fYD4;(r{!!~gjFq>oJ*&Hv zI(}^yQ`^wWJKz63>p!#|myTY?H9U2E$_`&?m)W0fVQP~(2lL*_JUR}yu}LT&uMfTshPdf z4Af#7or!iRO-#11S;IbPnLE5~o2NY+f^ty_B%#9p_ zx}Sm5UgGTElcTXurL#d^Rogm3;bxTOf9sEipKN8Xoy7f~Cj`0^?o$x9-Mkjnw(B#N zsBe~vj(zeVD}H-fKMR8}TCU3Ww-AospZI6j7N(Uyh%P&DJ!v)k+CvN=dwAMfU%D{) z(rfg#ue#mH^?9Z5o!cM&YZKo75|?D)9Cku|BRRzsM4j;XaQ;2!SMNoNYj2wW5D`lI zdaiGiF4bU)t7owW=MUh3qe7R{J)_FzM5Dy;;GIdyV!#ifhc_u&hyJ$>Z??>jv%dQ8 zv3(j60(qU5>5nw|likZoo7Dg3vR z80=jZBRbxU(Vp2l^_Nl&xz>M~Z0e1i>q}Z58o3*c`@p~FMWE#w%^o&#E|eohmr=r7 z8LlL5LYZ0J`@*-;`_AHiD=K374?j8e_sE}+frF)hCN{OZ7)^PZh}X-{e4aKR)s}jD z+T}A6uJ0+9zkN431vB=$>4+NY9Z5{au6zn_uK^B@1f6>oB`UH78DTSD1o(Fx`hFM8 zVyE*s)-8Lx3GqvuK)%#-(tq%cE2p0hpH03WeQS|Uu~!77iT;qmUg5cV}8dpqL)XYn;Cwa8@{8pPm?*O^W$m z6Cd4l85u)rF+5z?usIj&!$j)A9>V!R`Y!Ia;j z_Znam+@n`rj}nk=l3r$gT5{15#uak?gbx3KG!3efr-(M zC_0zuATmfEVXJDmi;qDf;@}jNql1nm3KO53%D8T-HW5U>a|4`}h#()Xwv@{lA51Xl z)lp#wB_YHf!9!{F2z3!J2ucIqMm%!wpu~oh!F%wo9=%$u34{`YL0!kc6T0Lnt|?cI z5f@DYebAq-PFfL3*ue>KM;INgaMjNdnGy%LW{o)azOc3KWh(c}>g zSWUMvrTgw%YtOkE3W2R^%80mk4xMJ_SPP$F;BIYlfw}6|@Hl>l5;H!m1sj-T_YA4P za3T&2w_A<$YM@#q+>fV^9H!i5P14X=4If^?<=|}w#UM9=t#|!<-B4eh8&<*YU~YDg zPOby{-DOSGP*N=wR>A6^WF~@6t_ch7`bW@^S-loo!F2cbfW#~SO+*={)%6+wDycdo zw3U93!ri3WEVP2o0pH9Am0Sjf-(`*45L68xT0!k_X9`6j7lW;L{=;r?tIiFnpm10> zy+`1J6i0X0 zsP+gpA~;AfEkg2PfKhg~p}Naf69*gN9t4wnJVLfz z;{2IxJKq_bY&+Arl5{)8S&ei%$@z$6JH|PlWIN26lVm%Qlo zqoS8oKjV9Enr?<)FR4z3Rd3p-4AoxJj~V>EX&*8udr37jUiGG_XB_sBs%1>~q^V@I z_K+%P{OUNY}0_3;kU_l9)c4_=~oxwM~GJ`;72f44dJeyYeo|u zeGe8a0;uj!U{3vQ!dIg;>hX`@10Rb3@_QJps;}+sRd&s2?4#uYxkUiUeFyBgw~h14 zsYX2pAi#y12N2yC!?=3eSgs^^`Yf_Be15{9JyeWWbT!+Nt#Svn=2f^p!La*oD(b7V zYEVS0&_SnJ6_$@3Or)D6q4mu{gxLzly#cI0I6k_S>_F8F2i->%c!ZYmt|F_6L&dT| zmihoENjvgAFD#%_9OFu>+9~)E?;xawX3|`h+J^*I){%vDMOED&*ot&OYU;G=miBso zQFpfgPHbkkhAP3$qrA$3l5&5`NinTkn0ltUrZBGFzFgCSgUo(J*PxG#cP6@qDYo9E z{M4L-*uFtGy_bxAM!%*ox?Zb1$()1GK1+9@hm2|FO$}32eSejuk0}S*ez-1mk1);5 zeRXBTrAYatnHcu|XI+zSVX~Q_YR>RWu5wp1F^qlfBA~Sxs=b=7K^GbRO!VF#r!VEt zrkN=FLb{EecbGF~)yu(dMCIA0nMnJzy4Mf}3HfT{AUCvf3DZpYeKcLcjyt#+_&0x? z{CyWT$f;KLZkYNT1>0&)IgB*@L)Py}RyuE%dp$VXO!ohH`mU@k5Uix${OA#+Z^Noe zKD}}8@}O*6Imrw^=JEAdyWiXK&Bc<-sy}UuPk>X8%lU5HJi)0@Or*k<2|6DV!I}5e z8&^`NHYeVk#dy8BARtkdDp~nGJAer;hvvCNQVL=De3z;tJ%-M_R2Q{`q=1Y6RuYHG zv~Gv3`XVPzi^_aj2||GA8K)_GfZKuWW9luFo^9C@V^~Hbksf$4AxDS%He}IFV3Jag z@i%_;$A^m7CI7T&j2#H^hLB`D?a)W1R2y$?t9Mx(0x==R+~G*#yXZ&-xCE)_E@}cv91$_UINjTBHl1VS6W)Tz8@&PtE(E)11<@GT zL?2&LUThAWeq_6pKzr}oc*B^|5CnlpmlIEIT2#q3>gd3vJb!V50KNh!dOa)LC^cLg zon&OUCc=cWdX)ZyGJ^;xpM#?%^b_}Mu32MT_^r7mV?|jF$$A?6g4q(hO$vTmJ%nD^ zyp%NBA8AtkE8LFt9ag!T7^H7B|M1dRsYFD{ycv$$k?oZv;(SUuLBk8t~#vsTwZEKLkpC!8Y%y>LJk?%pTN>St_3n?Y6N(Y3p zf#cmh3&|5gi7ib8Y>u?ovaZ8^_TGs|~I?^OCQbCXYrk)3BM>?hH59+Ka7sdA!kyr2of@n>|0 zMAFJS`KFl32Kc7nZQh|qmg8lh<ZQVIc*`3S6&6-E(^Vmlr`J>q=vbH`>ct@iUUv94P(|$l#!6Pnk0A;jpB{K-wfedeir0Bx zA0>Z!2r6BdMubsCH2d@Ez9j1J#|p|CCw-Z=muis$S+zX;?$A_Mu$IEbnd(*d3Nq9* zD?@`d3+Rlo>K6_DrZKK1X#EmYoDk#g8`3YwPr*p6zO08S>IBNr!|jR0YeyIAi+qD! zg%4!ulg@5CM^HZ?c--7{zFJ&!@=kjn%2{=ai?_0cMaI`4Kw!BY;kYhS_v$4@pC(Wc z4fn7yD)0uGT<%9)&`nj~#$4d)!KWmTnn=%2NTM`LNANN5Y=KCKlO|`b@lXC3ENAD` z%GSx!q`ACb*vuKjhMwW1HCU>h>KelvBh6>$PfentFM&k;5l>ZFR4MWYd=F*w*Gn#a z`bR(LwOxZT)Lr6Z!pc2eUg{#imQ7rA8G@`TBQ4li(PgbFy}O&R5H?H}F`>K- zbH=Jf_oAzHu$Nu@o*NuW>b}MmCv8e|)E&O5?|e>%%T1@x6`I8IS!D?qOVycr2Cw)v z%voy>_p^IS6e@gVg$eXTP%!;xJBr|eetsL-%1`gsT@d7b>5B2+m@b-j z+Q{yN(vJjo3U}g-8opLC(KN^@rCjIqVhq&pj8(S_o7j&u=KH0M>QslpLln5BJ|aEX^}FFsbJU?i*4dD(;BdoU3oz2Hqo<=@+v91%QU^E;*%-J@ z-tH1AEEDIQc+l8p&+}_fzur8;UB^U@;koXONv?{jc|T>ntM8JFYCyrgG%_InJ(kEV z?59FVV9*A(`=XBNfxf1vj7tRsSqI!f(wU&aw;>Su1lP)Ugj8&2pTBKNWqQ`zgWHHM zDd^Kf3dxk~neIAdd1vBTuP~>U92CfqbWY|HM!^HL$b%`$N=AkRm(~x<#S_vVfg=*x z+SVPZ5%~Z*sxbF85jweD7frz~>OVwyCPvCeCDj=nq8=E3U?b@w3cC?@TwmS!XUejI4&d*FBXUml ziH{H7AaKs_Qy-}fOXPS3Zmq3zNMY|xh2UetX475Ek7wV*wZn*=6w%gH=ivM2>N(qH zQUWgJll5Y&|2$9-bM_j&e&2Ha0RO+}pGOcq51NnKhEg$VG z0!jfmOm!d0B7vzP7>Cq%I9-dX01Pzi1w?UNAyN8QP1$aQ@J5I5Az-WW_^pRA9?LXz6LQ#^a#@(03V851QG@$zH=c%5aHX59cs!_| zPJ`oqyct-rbd70c)>je8wCVX53{r1XSb(M|oF})oX{xVr64`ds`X1{M6UgMj^sWL? z9LdH|M0d9F{5wLH&~%@*b=1b77~8r5)daba8~yjvLaQOzAH&s&{+(7n_`mzpkPw8{ zaJi9)hoBsA-=B=R#AE{=*R}U`5eU9X`Ch$zGt;nSYxQ!*>Z~X@a~c-iGJJ| z$S90#dmWJBosCLjSyk@ZJ|GlrSd(XEfT_|Lu;@iSY|bXKNE|%ErlCp*A9J`m=VQyM z?}Y`O8I1KoMg6CW%ijbu)_XG;8#%g0T^36$WIfL|*^j4Gs5GT?azcWw%RHc#>R81t zAsmX*^r{pSzPv7Kd;;XSZuocSH+m=;m=>+ri30(9GW7kw%HB?~{tM++OXCR94M>Ax)ex)d3$?W0vGuJYn zM3I0(@HVW-DNXS%nrL271`hB3qLdV2|8eufEif(TI`S1iOnwKs+!mpX7M!`_j1;T` zd6T_c*~a_{5f@{_33#~kk0ifDmsXwA-2QIF+W*-IO*bNx?`Rdk&kx(pI@m=eu||E%KH6&%c^LYURLUN?aZ29_kwD9 zXLCeIJc)Mn@GONCra>C0StM3phpkYLu17tSn=VdA(fN}z=%F*=oJuDP$aa~)JpFBzHzIeaJn9XcD`j7&NC zInY^8$5&cIfwhcyOpQ&1nfurE$Uw%W^Ha6E>T>@rT)VP8Vh+B zvGXBR`hrKARX=o4a%gJjcchQScx)IF;dg@pRt(~S@@sZeL%-MD{~-^)0HkQj2qAfe zN{=bCyn6hI?0j|gfdIE&dt;=R9f#l80D%7Qkz>H&k7u{^B587={UZ~1|N5(FHQUd~ zmp|oLcrs#~5{oPw-ylQ!&=`O0a;m3CTVNM(n8F|ts@~kw_lhnjGn2$@R@n1vP)IJZ zqPqKe>EM&d}hORTL2-l1*=VrED*w>!Apwovu~l;)%nJ&PO%b%j#8q zQ>ON&IQb=ZzfLyMM&Kbj^i#w9NMEzhnsT3kxB5P z;X_7Y0{@$tQBlsHweWx?VBBs!fW|mg~Ncgk#KEjK{VS6_d?8E1Y^p z0bdIeW79Bxty1@DI}1S2yDFa!b~WKX4FgGgDrXv<`eD(C`DOZn2keq8vN9oJ>avR* zBrV8plSXgH^gm$Xi%5(%OPl|?q^P!N9hj4@6Dr*i#v3;ekxXJKKysVv)u!7$E%e8= zx)g9**e_o$oPjCq9j=rKeDzNE?k6uVZv$U4O&C9`Evn2r>}3e*wfe1Xx-!Z;ACR+Q6(--_@~i+SOUonR55vKVQO4c+sVX}M`_P-?}(+O5vbn+D=;gj*LbZ$F_0>>4p9p1A}`Q)98vms*bf`!q#@_f=xw*4Rb0TD~%58NJ38F z`1S+`212fj1qBwZ>(-IIiZ_2ZhJF2s6ZVlzQEaypL}Xx6^K)S4UQ71}Zdnn9IHx(O zArujiuVgFD`M2vPgSSU#RPb@5tpr`zAO1NpUi@)7d^mTsJNbLiXq&@KETRBc9g^&2 zrHCq`kk-A7HV(AnI}Wd28TaG{Z_fdV#EJHY85gwhBGmXFqbM1ebPi~E5Y17df_}MM z&s5^NC-Uwe1NS) zEcSMcv}I3FWHy~?W!3Q|_$k$TS}%g$mVJu>ehB^otJC_^6}2}|164IhL;CmLk$`1_ zdm==y7aM<`6c}~>*by`g8e+&+yMcoAR*f)@2?z~E`UX2lLsQ)xg%!w*ek)UbPf)tO z^b&M-K#De)H=&cLoWG4gk83WDtzErV#(BX1e!N4cwCmZyRSE{tzzq$)ZHW_N|Gw&YA5!6&4!{3HwV6Rjc zCTcyAPY}9b`>FnvRy&<7XU*`wvY#MS!@B(mv^d78If)>nrUMN844HCt8N70pK<9Xh z4%E61P!!|b-t{YI4Rt?YRHX&&7*7zcel6^PH<>R|y82p}SZhkH{zgcqok4YNYTrZ? zW0U<|hbsQOb7J6FybKUG`^`@v?lva{EmYNqmvAPWAagQTW?w@zmd!q3x&W*x(%lKT z;L;sbeq*&;Cp|6H%jX|JyT49~T7k+x5niFHt|cEE0MS>z>-s4@(!Y{eh%4+HDc_NC zfhfulzTQr^`f*Sk&<`G4sjht-BnG^yz-0crMR0Jcv{N@2fYSQ=??Uk2CJ??$bbG-_ zhO4v0^-)Fw4!9#Y1n9s(Z4Qk7f)=Aibz>=qwdd$Q)r5EF(n zS1*6{lops&7QnQ|E_%m@0W$33V#o-4^rv03)InuNlzt(M5&}R&--HrCXfndY{F(IF zAJ!=_K#RJ_>voy+YwQm@>=>XmEs)|n4C;5vU3#hRKf?Gb_x12cAlU(QYcFZ(uSb%c zvS=oevt0cyP4tw949;jqVAy%z8ZufgODZ^=xzeIUb#sNs|9Zg z;g2NYJjnu{_6RYy2QHb>BJZzI@JG6e;%mWue)nQ%pxjF_G-l|3H|BlYEl^>Wzrmj2 zJQ+Z<#;ziw_*)n9KnUEBfk_JRB`MI8Yor?ddgLK0l#g?b9jypJ1-%CH=(&^WVuJjx z(!9Fj9!#@$5p)g+GlbT#ie_1*zY&^0}-Tzka5d%|0%0*c}qy zLHlKxFATwUQxOjj=_J)J=a_L1O(lGXOl9^9^w9Lyl^*NEovF(MB_9# z&@Midb{_C5=akY6+)m-wuVPsfW9VQKf@{(?EhO1JE!E9B20wR6UM0Dh0VM#QU^4jq z&=%c)Du8#TGsLK7wNtV*4oUYUheG#+h7hRIWSTQXwiB%hM)T$R$`t&a&wYrBNVdev z{fYz+ev8#7DpCPr2?}6GkVOQUXeJq!Z7pG15^EC*$p!x`7T_VVPAFkedR!Xel=I7~ zZR$%{_}$mJ-~T;zR_vNDF;h3ntHMz6%)5^6{7z5qf1`WZ$o(S{iqy%$ZQ)gVY1|e5 zWt=A>#+jlA4*N0GE_8QnR2q_bctg+M<-1d4M{dooJ&E2!y}wm>`pf zH&yH1XJ6nE4Md{6`*O2+HBZ0nfCvC$m_8$$Bq9O9Y5i&IcNebju@HE(O7Q;4NDKsN z@wZ2@zq8hQzuJ>ay~YcI>nIh>(t9oqFOP}ihmbK(uMXO2$Y^hb?)@gS=fQo}_htAf6JJX*xx6 zRrIx*?X%IbVLys;(1CZ}Lwt840{@5X;mZyR3wWpBBvV%0|C5{6#W?wyfAMH*5`6AA zZtx5zRKo-yXd1Df3M^|m9){zbvmz(cNCChhgc9Jribz;|nsak5xI{)jGZ^MdZ^@C3 zpO{>cEo!+h17LbyGek(qMjmn`Y}#IrYtOw6gS>d)<&ku@#fzBD=u5CBGW=FZvZ-7z z%@)j9$mX)bFRXZXud}6yEXh65LkTyi8^db}ehTZ#C_o5nQkJvtu!RZ>mBoOTgb;(o zE3UIT72)pn6aj?}e){JZEHmP}^aQxl0xh?uq`@EDiL>pT{2z>Cnim!PhNgefvK>26 zlKqAe#r3>A6E+NkLGpBjc}f56PZ>%+@M{oOljxGLq-%4<4n>`3g|xeNyt&7f^rboW zfVAJA&(AQ=z8NyjaZvPAJCXMr8TT;plb5P!)o7N3XGLM*ucC$5UXdW(S*XCn`zhFx zRN(uW-ul%iE?o=a7JQo2?1e}+M4@8$Kq<^?u5k!V`gE?0A# zhl|a=#S3hOt9s|N@;glQ6i&q}Ue48jZ2&O!$EKJvR>PSxEYvcYV%Mws{)djqVVCy* z7addg21ipq<17oJc~?neC8O%Q%aQs5v?7L#4uX-;?`Ut=k{^;K&z1iSS9o@nco^9u z>`~gO5~%&5oIMTII&R&!>0%WMpj3Sawk@!f{Ic+Md6t0N?C$byU`ly=*87XEOS6-> zCTB~RZ#Tci=&!v{q;>4{3H5;Av-I2u(tZ((i(u@p+DQ5h;BHW{?z@@gZ2Gb(>HUU& z|NC<#+Ig$ad=Xs2jm|)lW63#*nBbC)j~DAzRLlN-Z4n=iTJ}Ew>B|2EGkkgC9u<+5j%?I2 zYYVhok17c4_>0hr06>tpYaPFyh9ygf(Y#%;V^IN!MZC+Ix6Dagx3x{Icd6isCx_9$ z_vI4iFHzw_yDr4yHOafP+bGVOBszdCV3E{i8XWw+tDu>#@CVpr3925*nmTN^`E4 z{)b3;>~A1ImSkFzd1Z7D@F)S8A|NxR^zp0$whAwwuMKt6hq@0F^L5|g70uYCiXKC| zdhsv9iQ)e?3aW%dJJgh|W|i#wI>J{LUP5R<$%tm$!K$J&{VDlMo=N$CIGFrwGhaBE zCIz~_9ujp1s3NyUqUoG^we%j#+M{eJ?;pakUnq<5SL1Wwg=k)Y#)UZPh741cLU zOrLR43AgS1ZdiSD9SGoF>Ky;}C&NP1*@cA7HpV(?kk!b68jEq#E-nGC+Vcx5VvM+& z_3HrO4V}8?i$U|Z)`a|}gX^Tj$Bh|~Vn-+JSr4|f=3&)yxl$BFqJw5qt^GR^8$cV|q;S9b@Cf!A}xt}2d!PR2c-%c3WYZS?%*_|wH%(omuz}CPMI0Zm$&7l+mpiy4!9^7B|68Ag&&Oib zi>Ua0*{*Fp!Cscs$Nc-cBGhEJ}Byxb*DDjeyu0`s95iYgtljE7{pji_wN%DU_ z{OO9w-&sjEpvRZWpCc$ZUzuSHP#_K5H88WD=_wxQs}5e%nCduk>x-oFtAOJX;h^Z; za1XX1EZj#i7ujaUJS9|Ji{tr7q}s!B_Ni$Fsn0235)?RqQ$(s;b7o7-%XiQ_Gl)H) z3Lsmul#^1?!CO0~1lXFG)UUCDC};eoH~|G?P-lefR!~C!Vfk$5trng6Ggci-%#SX3 zxX(4$vN3-Ez->>0#LbvGx1dW_pIJ^q=+sDa5pfBE_P3vTwmnb&GqqwR{Z{-|vxD9Z zDDcqv%T*+w?hK1r88hi|1|AibT7L{pQt?lz{RXtVKe*NW?%rf5(sndEk|Giz7oa+v zAEKkNvQJg%u}*aZ;5_e@J+XAn8yb^7uO^CD!8GPit% z5o-?za61W}M@~e&&-?dUk;;?sf_HGEVg2uhk(V=f;|m_p=YHx4p6avckEJQ!tq>u3 z!Pzdu73@@!hXa*1@8N9Tt0i)}M)tv>*J0-pR>)c9P?mhGvpAWdMM83o&=~yQEAwtY zVFf!060RZg+lLFgA3N856N%3fJ26Eh6aWs-F>zt?k`-~e?Pp9tprMj$#qBL-F_)U6 zIAyZ?y0r9{evb@I<2nOiFd(exW@%KQYGnEE#hpOMs2N*s8sv;cyLfP9O{FP(sxXC_ zv>EhXiYs6AGuw#h@(UD^qIjbp#|-8MX*mE!gfzIqnbP05#8m1K-@1LeP~6@~;+h_b zTRTMGip$;md3;Uar_t)fL6>A{YtgmiTWDP>n7q*-hNyA;;A~)d!G_m1$x~#M6TmIn z>dg}CCxuP=lKgUT-r!E-cO}{QDHsc`jp;&#%r5hx9m%-Ih_A}VY9$!5xiI`~Fz}T~ zCb8v-F*1n}?q--Ij!5#~v>yjSkc1am^Tk`VTqNRy-dDB**c$a5c67ZeLH@@l+#|~k zEEH6IdWH}cT=?L7qwchI*KS4(tRu^#h{ZpPPR&{_CZN#GCu8KR7T(|{E=t;3V~S3Q zUA*PdA2~AwmVs>3I5{gPFIaLn{X$r5% zoHuOkxbDm-)DQUu67ox0!viQ(59N|-MC)fg126&c)WU{|i_Bk8{gCufo^faX{hc{2Y;%2%`M~*-Cr?5M~o*);yp5e-Vd|zx_tM1O__GMUb+PNrVF( zv@AUBxX2`a6kf#|S=hqfl)jBGy2@MIu(9LvHhXa%(SJH+{Lxla_0Wb@<#5s5+)f8L znLb?uVj{jIQ9cL9N%W1i7y>{~S;c$^7RAiOe%^w>cpvBLqs1vzCF7v-t_b#Tw~Lb` zqBSfRd7?F58;M01xdWdJ>AVli+>}%xnosN>h?kV}UGi(vlb;uf9tK6E?aqv|h zfvKmJl{lf=a|G7}8bA11F*jzDXK+IQkhxzbq1Zgq{_?RV`S<&vjY|U!4!ORpJ%9!i zaUpqRfOcj}hbxsZ9PP8-)8kYdYs~QmGMBQc>19N4WX)wT>jv}0=eGLhLb!vWU{(X9 zIc9t0sDwjjDQi?p#;q_kcGWT`OPXKvNE1g|@$sO;Hg@5xO|GrpQ-;J%Y3O#~S!eR$ zh9Xq`)=bp?n)Q@G0jj<$5me_5e2?ijh{Mxi0MAMF5BeX2)?bej&(z~Q;Qhfi3#DK| ztfSWl;GF32O>w=rHjsorHC(4~2Dd`8@jH zNgMesJu--YoJ}m6wjw~&^;?luN;FqZ7SdiGVkx#0R3biPg-bmyWN%Ap2>CG5CC2Q6 znW{hzEyGbQSPL8M@YH(UoEEujC^&sNsNHp}^aBYVWw8Z#QhqJ|P_h!_Ba##nSg=~Cs*pyq z_z|^Hb*w1*`hdh(-8g=`h4xOR!=nEc|ACi@vCVzSO3>-Rw834Tfm%^l5&15&l4n-M z+5i;cNudh`DZ||Lr)rlG$C{I)`X-0Ll41y2Qg;|O<3IXvk9lr$Ym&zCDIDRgH@ai= z0^t{ z-dPqNR2v=IOP9UhT~BeKU21_4b4iv70%+*AAbl**^<{& z@98S7NT>j>Y7S+%2l$sv9uY3DD2zH%rs?q%P;vY}e0_CX6j9qYh=4STw6t^yA|Q=O zOAAYfut+!3yOe;^Qc5e`-6_q|OLuoI9m~QuKF|BUe|~?=-ZSUSIcN6FIrE!2_kCR# zlkQq{vq5(NZxNa1`Fq-YGEFzl`s@t2ax0_GjjnE_vLA%>PSC=0$r;_G2N4>&Gli#G zB^hQ*?^dsyGPx@rL`i#Alqkbv8-RYMOXW4a-%hj=wQ4}witoh4bf@)S%4{<#Mib9| z#z5F2qKJw0td(dFk+>`@pyhd!8JFH`*2B~(Bt*FDOjK?&-Z(_#X^LmGoj%0vmZnwz zgEAXbc@7cBPB)rXbhS77-@bQm<|osso@^P!jE?im6a2MU$+b$0^;YLjXB-FGnj4pH z`nK1-c^Du=_AwCkg4%Ab6wkwOppt(x8KlR_7(_kU9n(ZYKbnMz&GZNCE@2#z$NIhc zvJH7!FcWLXgp)qbm)#>W%!yQBZNreHcv1j)K1=R|P``f6)WUV;3Bs0GmYHyM&vji^ zQN2!WC0r2g{_ENt9hA|5q~2u~Z^0Huq<&-_I{CHxYbluLb3d;xGi67R^G239`K?{Z)|~sUH%Ve z-3YM|wFS~OJVe)VQIm|fL~`gp8Wx`z1sPnKqBNECQwy%=5xEm)5A@we@Z+S8pRF%C`_C>Gp8iC;OQ1NSUpf3Bvy$WG zUCean0>QES9@g4pUD+h@4vX-4>!Yb1Ez0ya$^&ZjB!ag@e7*$u*LD1iBjL>|F+Ya&2G6gsMardOS6hkQ?JLqT1~Q6FD-V>?KSrmMT{U#t^v-W>q!jx zO}3XmifPLe??2t?iC|08+Fgea47hQacwwtKW2zlsD3L}~ayD88&_xrWmu_efp`T!^ z!g~zR7oE5%|!pCJ{g`r;xy(faY=24RZQB`-> z-!7qhWk(v(5+@j}@aWJKlrw*%_W|2*C(-W8?{KPQ%lpY!o{=6Ww2l*6Dj?Abfw|v_ zMKt(OXMo^zLU3-CA0%qHb+c_kgHgKwy-4{kZKGFJ?9M;j8wleoRufCrT+X6BPLp+p zANOKR5V#>vIzPjR43m5&)@AnDRBy99uj?4jGTU~ksodVUjLq)QUH?7C#b||-dN9|~ zCHN&ICK2W?M~9|T10}u5P?#&>#SK^`FH zzspCJULwp@amOdIhNkO1>$m7UyN~rT9F73&D7T?=Zd(p#>89jLFYjM}gNC&aP+O3p zZ8YR%B&}$yi;>-R0o2g3Px7AnenXI-=8C5EgW*MVEf(Z%jtb1$Xr(A{tNNqJk%iK) zDy_(o>VECAv~_lACxu3=!mlbwWFL~g>PvGGx6;yfqok!C@qv^*jzP&JUD8bEgg@F*rRNVXVN+Fr-~ zhvG(V@yfa1fiCOdIXO4GT+@|%jgLvzBC=s_5kbDZV{=7KBi1d{U~$Egb&z5N@N?Xk z3im>Vy#bs`UT>el#ti#b;tpCM=dN=MDns+8fcDM9ODoA9?TCSMdJS)Pu^0srnPiPG zjR0Gh?5LjfgHYoCzX3b`vL2kCL!Kz^>A31Nd4nLHe zCv>kVS>>hOvY9vQsdo!4vOj(WqdfxP=F7XlUGivHJK~2?tge{_|Ls&DCkkm3?(CKc z8S{{9@T9mPS|^5N5nMX}cv`yk@8(c*o2m+)Ulg_ofnjEn5J|7*qPA!u&t%h;UdKR< zOYwgQ`IgdpAMv}Gm$Z-4cE0(c{Xk6?I4;Pe`pDH$YPWU2c^Au&6q4!QZSuPclXWVZ zDEU3B5a>Jxe;Vw{zbnZ17a@d0?G|I_STC5tSd#vytmoF#C~WaNVH@fD342%>B+jTg z<(|D%`0{Mw&7^gxMW-77b&N7r0$udD_`#3Ap^=xqT>y0o(*wQhHQ071#6EhjBC5AZ z{@c}Q;4;TN<6x76M&Ikas%dgm`R8b$yaz9WOcX zTN$Z+Gm8bOuOcws{>PE%YUJ!1>Fk_d6g~9%cE-F^!ty$f&f}t@H&QU=_#2JKHZ_>n zX{@rH0(d{{DgGML3~=a$ukson{7CBVsc-5c5w+yzgBkAuozDv(YwtG!Y-(Ev>Gm}> z67-CFw{bX|?v8nzqIosRe8Q)+h;9>rvw|qEPoN1Jmn8o>H|`%xT0G|wdsalA(cyjd z-_F-OwCS-ZN`wtLQ4s;{siD{gCAiEPApH2;w3hy6rRHCORL-NfGICQ57EWmlK_g8T zqbKs;r(b7+)o&HCOk$eX%+wz%Nz!il+G708>Bb$$3M%y_PrH$8<9M~hfA{_>yc7Zq za}$>ufRAR`YnEi*(L@ji>Hf!pGYKHLP5%9pX(Q({>cjG}NkVD@$g)#S&?@iJ1{Izl z<(4bZZxr0hSk*DQK?tKrZ60>vN%b7ut5X~EjQQU9TMOHi?omVw_nN+`#)5V6Q0T^c} z+#gD9xjd&c55+li)v@{2@OxAd3a^{e++i{7uCmEP4&xi+M2w_bBNqURtNI`>U?cPY^~L2cqZODYfKrS-h{Z`s`Y z^$L1#qUQI1yzb0s9#NEcM&iFk!kIstP=TSFe>OQ~2rrv9?AoN~(UVds@7IEO-iliF z%`zmV((uFX=YYO`=mGkgsA-Lm8vMdJGDtq6V#na$biEcOCt9XlU(p~Zl7EoCKS3Hd zUQfNv1t%m%@BG#61Fir z0^45eloPd6G?sz$AQHg)&RKGxwo7KMZRg9@GA}K}?FFKYR^CGs!n_UkHZ*M+K(Ib+ zee*-4qJDk6_j)Ub)7-V}1=BVeO*?u>Tj^=EpOs9yZpqxQw3oWMiM_3zzaIsw<B%TJ~SN z-}=Ia#hsLmZyF(&dhVFzt~NKZe~{{EA-USl)Xi`5@#Y5EIB|S-%5*ZwD`{B_fi_tb zq(1%JAV|txRt42cU$bjj(q9@tg0G8Kv@e9h0g_2vs4PHhrXBBz5cXxpkc1>eoN_i< z6%1Mf#1d@t2oihkmO^_t8j5+?`C+XPt{CNw=w7C#|jU9nYF*^te1kjv39?(>nk3@ z{NxT;KP?j@gJ!VpUOInj!}IZ+DY89SZ4o-CFykfgv7A=$E?4`C;yJLbiQhEMc;urw zpMoCO?^y06ws4@Qd|K?H}0^>)N&_ zKbj&em-DYd^F3Rir(H&P(cZJjBW03$JOo?wP8K7M&3&=geaM$ z+M)dly%pn2pGbfM1`Tbah?~pK(rCqRWtq<*4)`<_jXZApJEfxsH6!MVY&ECmkn{%+~dr%SQg`UkIcwEa#G!U)YjL~@?m&# zdvn1@dN>CPYdHDyg5*B&j0y{XQ0r%OVP6BbEB@BALCT-hudq#vdw)h%G$nrscYd-=J;bFXofx#eq@Gp8sNVOS0YzxQ79-M2+ zhp6gv*RO}p!z`sYgzfT@bO_gu#se#apZ8$l2QGXPZBbn`^}gj4%s^P!VrB4yV`@Tw z_S~P73Kw;KAu#lr-$ZW<6SF!fpxKxUpLp*-dbAb>5$qVa8MVU*4pH0;{y)Ue$$-9S(<9d8&gbH| zezO?-{f~5lV8)DS0^*lfuD(M-=;M2Q_Y7ZyE{Nk7P87SYkMyB&C!|HRjz-f<3w zEA#w55Y3n@;4S>Qxk!TqIC^zFgw7b8xT+;cDFKdI)taJ^uy0(|mIIDrSGBe%bi6x5 zZ&L4&(T~S6VS=5f%@0;F$uF>|h|#U{&7A#-pT+tI%jw(eN}*RU#uLA`?pW2jq}Gw1 z?|JbWsiag8@s?}kKrRB0jHaENTa=5CI4At^`$&Paa{vEo>)K2B!d5!-ip70l6Ee>; zq@@0Kkv*DyZ!qhpn{GS}-%qo<iq5c9OPE(c_|`|lroqN50hgf-U<5RT?Y^ewhGWzh-C>rRY$NJFX7L^ zesrB0Qj?+wmfO~0JNH)db5@9rw2^cr@RhUvmSC~};0tT-$}3hb4y>YsdXC37ni>2f84_yaEht|BcjRQGNBw^1;BB44sJqZn zZ<_gN0j}P?hNf|w&;22?TEF5y|J&xaZg*{#%nktGq5d(3lYmRuSY9F|0R}5GTYL@C+voTfj#70&J zbL!|1>AvunsCh4Vra76H2>WitvTMTgHm*lN0<5^MWhtO@JGE)2=4wZI#cr*|q^l3} z`;KobHwSC)`6Lxqsvza3q(84K6>!wfCQJS!S4hI%aZ{U2SON@L*QyoLv9Qp7#Ax!7 zAOHs(W-bda{Mycuw7vb&;)9kgG>|uTP zzSGDncE~+@HY(x%LhW(3s2D-YfGVP1w*=V4(O@8qDB zW|LYm&_10haWVk9%Pq)EtQ5?D0rdBkEby?o7dDth>3+0=sLi{svC^t#KaEMazcP6o zFNheEVS+LC>tu`jQ$Mn!nUKgV4(39`ydect5y2c_ zeha?uAXEhZNZCQC?_4IVXfTWm%eaoIEs^ACytb0P5?;kS*0i%b3oRE@#9%5i9ib$= zMm%O#pOX8t6!kbDP$kN^E@3wo6M%J#QsdyBLhBM}eqcVwyqOG&sMJxXWY#mZDxnXP zdIbJ$5%3`sZC0va=yx;BsXwnc(HCaXuf!WutL$zNlh1)<9;m9s{Ki4a_d8U{oFyFN zJ)QAv;CpR7K|LvHSBC%r#~+re65#chEaKJ&=a5C>kp_40l(9P{d2zbcN(m=k7Mez* zLc6Pjk>V24T}EtM$%oCFd{awKLjwGCQ)^3I0*nXdqn|rgqj)cF$JxnNWa@0+Xu33B zBxt~|$jQ$4LeaG#szx|K;8!JX?X<;n3(f>E9}t#=|FIc?ZS5b5=t|gC)MODOetUNwLoI zmzVUXroF^+s$h5U-#ct3))eE&>I9s`?sj5Pm*${8zEPb^U7hT=#w;zf4sX!%9jX(Y z6SZ&27&Q;zHg>;rxN3Z19|ky3VF3zxXkZON1D%Z_sVAMUsT~$=I5Bv_(WR$S&{?$f zUG=2UkCSY2@fYMtJ z|49c&?yKMMy@5x#=+KE?wb1HBME`~`5` z?TaHegJ0kD`jXQn{_?blYfqfF)K*fG;1dv|U(LpjVZ1c2%bzpd=gZ)ysZw%0mX+EF zGX7n{`jzvruUO%D>30NazcfF~{1FjH7JoQKp!CZbZ~o^W$t=m#yBv?7zKs7elF2W0 z#%}PsC?PsPK~-L<0Dq)dp(QE;Z|ZY9cgg7gJ%kmj{^uclIPMD*9?B~rXo1NM<>5~h zpC=tZ8S_61?VfNl&@0lz9FPlf8gjnv(6DoPsWM$0h!B1RuVNjYr-VhR40>F}MtC-U zz$JYdR;FS-Vd<4?0rzpRo4sr-;acEA+sz3*4D>)OY-1YyYQiaeJRJ5jJt^{YijXyu zCD%XpadrkJPd-UdhCuKcJEw34e?S#H3rS?X2T zV=D|W`)71a{cq|W?^TnBZsLbhf8Jv`5B`*n*Q6ZPODDkq#`ex*2e8U#XMZ-Mm-IH- z)@hi}Gn3Q|e% z??**$NH7A9x1SIKuOP;wxW1CnOJ#3ww#?7>lKE+?AK}rG!=xHaO-T%hIh5b+Z!lve z3VnV1J1oZXtBxrffa9Mb!)4~px5MW~^VG1qAzm%bfA$e8bn2AxxeinP-F)wkv=G?O z3X}F1wNja@*Q-%i!e8_pTJNQg@E@rfzcKni;vNL!8JnvTNlA|ja{lDKdsWM?SuJcD zl!nr+rT_G;go~_Xll7#-0gBxCLn&avb|%aD%9ap)fJFUG-3%;o47d48xCOu7my5!; ze@ZUd7`(<7^SwIO{jz__v&a*8wWBH7RCKj2CW;?oq15V$*2x_H@JRJ2g=dEZC!0Cj z{Tb1HE^k$m5NTvu`LK>2n!pbKW?&FDzm@W4Mx_(1Jfja`#dea8 zk#|%qa*B?XuoLx6cQ$QwkjrIo1^*(S_OePPNp<3%-8?@bpL@K!r%O9O351OWjN=o*&u~PVE!FdqIOk8a3a#o-P|#Tpm38ERT|!bPpnYki<3}zA zg6nh!;C0_RStM`Z2?JgMadf7Z;(4A=vAEItPgS|pjZ8feMbcuD(g={3^a7;Ex;%#I zhDvN+Q4;K}{_D4^aGm2FNA|I`typ18;7E{uNX%}F}^ zId2w?F@2+3=i_k8!%g(!$QfSbG9F!T+WLc|&MgDO@s_L4@0q}H599ZzOUuXE+a`DM zw%7f}?dFA|h!9V2zF*)>2Zia8kfKyXNA7t%eJ5z#r~mOtlU&MmuVa03x*Bu+sWt=m z{MlYeb*fu|(g=-f^7r!&zB&zU`((Q1N(Y4j88asD#-E)jqqf}oR_ei^)N}Hz2#)j_CJSwR+G|{Y zj^xn7gB?z^m&g6EGS3xGw9_U|+QJ8nq3do+Cj!t5lc!FyXuYmCxc({{?gy&3X0=qC zz)9y%vy*AJZ36TkL+NCVH$RUTet_ElGB#3EH%Jm&;4OQMC^Apj`;ImtPZKS|(w97s?PM@nega(LuK-1xNm|2zs~kI9K} zu!u?w#j0;ZAwe0gvQobOWoYeh%n}rgvn9WqM^7v3X`*Cr>lpl~)ehd^+ADk^c_MG{ zE4u8lnWPEd4|1SCoR~3F))b-7H(3=8F>h+vcoeT1MCRvq-A6(v`9*lwPB{((hjm9~#7Mw9q%w8oX@UHfZ6FW8407+377!*j#ST6Y*b z|I(SDo9>J3+l)>{_R_ZTcW-l|6UsYJOf)?5x85!NM}n>wrB~1Kl?5a6b6$oh2ydwA zTSxP)oVswB+ zGz5s0jrjdF5Qb3 z@y=D@p(zBkw@pA-o+_b*h8p10V%2+6n8w>TSt-6*5daw`r#ICi0qVc6!O227bh-TZ z0i~_|5JA69PV}Rt5H}dn8TC)0g}rZY%<3oC2P=XoLlXh=e{ZTky(H=Kp*xWHwImQ4 z8g}>M)|hL>!xy3y^89^bhbuOcr5;G@qs)?{aT#_8<`aRztf*es4C<}b^^=v^hDWCS z-EZ%I&4*|;jtUyqy)Ws3h|rFJ(B8YH0peIWaiB+bT6c<)Q5Q&gPhAg^?S|gw_=y!6~VmV`Dv|yeD)k8*<#wbe}+Ne7V>f>ZmuKIz&!xbl4AcV+CVaDk{WW_I<( z^v|kNb2}wn?(MG`hAc~tMl7SS#QK4LrE>xpDt8ZlrR%1NkFPKckQ7y&k)m@w5P5%c zzr-e>W$^)Q|AW+P$QCKO7SPNC12C({FHC?sOLl!{GULk7X3~oX&1uc%OdSjkehwyS zrn)jqWnXLP$zw`5bjn9oGV$m$KC~0Hq7Z3XV~B@w4b;P4y~O$2!(QJ#)Wh%rx}D#O z{Mjn#b#d^gihPZd(45)BAqk9GM{Y zaI@3uW%p2DiFX4(*0LRts42Hw9YbGuX%h4B2~B9ANZS%1yAtwm+V0kjG_=`b{v6Ac zhGxk07snGd+ks+;`19=dd0)3x1_v$UfGu32hW=2iXpAh;BNp%2Viauf@z-`N!Ju+KZ^eZovPwT2(s|f*wlcBkGfKRm z4wc%;AGI|XO%Q3m(C_}})vAS4b+TQr9`QR+F}u8+v#FSe)$iWZN3oc9H_=1mOLSVf zv2w%tSun=|!WtV&!^}q3u<5&6L25PIRU4Is?`<*C?Ni4`xMVN6Y9}8xBvc?S>1|%N zI=%Y+v1s#=HV3w0J$smt>jb<(iZuH|?^E@;o)@*{EEN%6#aHJBc{&U zVeblTjO#8~!a(+ty7+cvfj8d7j@$VyPsUC$CwSM|ywh_`96mU0W)5_3J{f-hdcX)* zV~+7@`P5d)_sH70%5t<7_o7h`$!-gC*<8R$!67+ktBc{2TuMsN)RR>et{QT4 zdwURPFl!mVLt})X#Y9g8#R!#?)TUg#)FE7#67>BrwvYFnfLD>6{p=GQJ2|PI3s5M6 zC2_8;qBf)qAg>H4iL(7!SO@hO zkGpRMR`qn&rEhVGkIl1~r{waiZzr*0cIpy+Mz8l-cvRfu45 zW@!FKx?D+iNL1j*DDB`!$kr?tEL1U(8@m$^3PG?;O?`=!0a`eu|Mo%!*x`f(t>m3M z8`!hzop5WA?o8(gsMO9GobC?2E}Q%GtmOzsOj`~U9%l>2E}4MDQ55kIt@amPOI%ow zE80uwo%r$Kotztllk}yrjj7oZe=m8x_9SO6@pKo(RW_G)T2R8CF_%=yqq0vNm|XFj zZsBe1Ty~{k^Nhsf?w2JVK6BcdqB>I{NBD-fT;E9g4mqF3cCm4=JXNYm+8j?YH?GOq z)I#b>)cgYHv`}UnCgoyMhA+%k3Z_;Tq$-cwvAlP1)w3qzFaNFYj}z--JQZ>Rc~|kf zDFY{#+Ek(?YfIZlN1_I2OH0&L=ctk4cf|Sd--S~dE9wvSp?VF+i!k)vx)6RHH=M#2 zKF-uoS4*0p8TxsVS{Zfwcs=}=n694*aJ6elf^4P-x1X0?4sS)P660ESwDA(6kZYrW z;k!Eymw9LvJ_pQ?^oMZrP|G?OW9-1R$UxC|Rl<~`2B2%Y>iA#~g zn}owdZ)iL}HUrUg&2i+bx9(ZVat$@+W^Z&pcZ)jpQZa}xAAZ%jj(94usKC2jZ|+W0 z@1QKLwwW11Iy?&!btC^4%@w&%T|~+a0RuyyDJvqaD+? zNt@HWlkcOhh@ITA+r*N0c3qp!8VUcph#9&kopC&+8BKE4qf4EGzQ5deR`uNUNjvvr zsh~lJ1ijux)P`ucQJiIBIQ~31&%)A5z5nVoc^qSW(MxjG+Y!4N(T0!^*&6gbdSm>U ziVp5d@~c>Ewf%bti8)REre|on*E)?iap{h4tB8DFLKnvzQp11WyjuH+L(`QD0;|Nw>r^so%h+5;F zZ!~4(RA640vC6)fpzhKNhYE(z%7!kM*WpQx8+HYJ#=Nfmvk#~uC10(I-c8WDbyRrh zi=a?Lz)^0}TDXBIhpnvQs2zBspbv%5mh%s8upeHR)_;yT1vOn8*dvm**G3TJWhV%{ zM;yykL2aLn?9YoeE}`Dqiv3frJhOhonf7VQUkIS5XFbA?cf7KWrkgB0S~M>4fZ&Wa zBsl-!UOOkkUN?oE-ZPoDY9`}@IV_y^qC+{>x=O6IIlE$d`I0}>G02+q z-E~6Fo<;60?%%5OpWS5~Cqg$xVh-!`e`XL&JU4HmZy_rn+WRI@!o~~YO;CKfWG}C( zg5)3|^Yi`38LX3EyLO|U(+Mg5oc~$y zdE3Kck5NX{|%=BUDefeU3c%2dIFM>6x{#NGO7~PWdMX1NUbkE5;D1j_4qIp|` zC5aYQ_-v|(-r(5hlgiH0G%CPR?X!6JeuRnk9PQT#kutWEx*@_vi0nO)xYG8gGmBl; zhWTCRbK$$|1m-EaFB!O4Fze@&XB zl$^NO2t`C9bYE*P+W=ydLJyz4BQ_k*N8H-{-rP2ndKi<$KyJ6@nbtpg`DEj-J&@Bv z&;#4BCpneN;GSBA1=}@Snn4*YJog_SBtQ!iGLTlce%7|iuErh^&yB!cKT^D+G32CB z^AtVFm-ZD*Vh0G?0X~b~-Z$?|r_X>CT63LJ2K#_Z3FC=I*}e1D?J2m7gV-c7sX{Yr zB|pWZO8!YJ0#a|HLCaaCw_-NuSI2<5&vjgM!!438OCq{y@2pW*-{h6&yYM58SKeeAYfHv=k+XN2i% z%YYW-#}=K1JF8Bo;n{`heiPsB%Iee2UY@T!m+LgxCIrQ)yV)K%0&3za>N{kT*FcHcK-} zwb$Cr5bL5wo)nY0!cvnE*i26u2T z-~g6cQYv(rQ_>@MqheSsz_;VDSD2IwR5$dmy4OH;bK1Nh>I;|1BI8m%Slg8BKn&Y;Y*{@Bp>nZ}YLB-n9LM1Zu1R-ekQ$o zFirpK8|Z~`hOre;WT78nP0`7xWB#FMCY+DVoW18mL?i`Dh|(DfoC z`1MF0*Ml$YU?k7(9`OFExvhnq(iDf>MI}|=SK;0YttC~NJ_?iIR6*zdk0;Y*D?Zv8 z=eYnL1~Wl-(!g5I*UZfVP8H0I=xvYY?1oGV=XK^%&sHqMIYRvx^h)G7VN})%R_K^x z1|WSBrJ{Ek{OsrKK7e7V#wDCK-EZPrNT+x6wAQoof&}UP9$oEkekGYXh|i4`O!z>3 zr1z6rT`=^&VF zS@D&BJoqaV=O&=#Ccq>j)|<>n16Lo*D}G*bt~2dA2-|;~BcS&@a!hW`rc+D_DI1Qi z;k_tWsZ*M?@$~x-w5;dn$^&v4{I=)TO12;%%=D_yJg-yEt+ z6^%3n!DlFjARA^TZ0 zXXW(I!{X5N{pOh-rF1pJ;F-o5-A)rcnoOy!Og?9iQw%pb(|<{Km~799RP=6F z;wlK^62H;rwf)c5jDXEPovpH&* z{l?0(*7~taEl;d2L<(213@GjOW4BQ6qu2$D-*gvdmT(FC!F+Nm#?!s}Zm~$K{u2 z59Y8zSKz(CR9+4=;LAUdE77TG9LwS^QEH5nPUmN=VY~=@TwO?Nxs)SY05}}`ie7N} zDNVT1aOMvx`^`m778QT+gLO?P(P8;?r`V0euiAZPJyhWy0Wm#cyT){k#Iy(datQcq zFu+fRBFNCQ?7`n`ym}&5{k_b=j|7!T$45NBeR`C{VE<9J>pf4_B8oBK=XB2B!p&KP zKLFyhESmgPTWNg3KCYcnX+WygCSXeQ`d6r(b(an49se(EciqZQF-c@4WY}TsTS@(5 z+zMwpcx+bRZw%(@l?*@`{B9TQoS^W4-h)8OOhexhr8v-ls~O|P3$>tccA;#CCfsUC zKEjzJ!NlwcH=6leO1o#Aro zAvj9F+=RqhOFvHriv-eY`~y8Pl@J_3R}A!^LYmuqvk#jpB$% zF7J!K#ftO#16rP}Z7(n17zdJ=IKxMEb_6=#`>(jqs;}Z2=S-HU{aUzU^(O918~lDck6`e@PyKKid-5JI4+BJn zer`~c3ao``o;Sf3=qQ zXTjc)RF?YAqcJE%T6XVnH5 zi4f%(A$CK1sg|MrIzlYO#k34E$$d}tc#1Eslqu?Xe3`s@d3x0NTQdK;YUJ*&h*1d2 zP9!u-)3*{UujMf>sI{9Y*V8Ok_rG$WVNbkv?k_H`!<*Ssh_jxfj-E7YX{iY?kr>nw zR&S?aPG{(0viHCdW;c1N&etm{d+6O+4|x7*8@FXzC>ibMusEJRx3x7PwxQCHg&c^V_i9A1h^3dnqYv zykfr{*S{Bx;5iC=@ix`V7Bz>!qy2&><`o6AT>pB4O=-4;JE$m&A@E$Cp^FdmLsV$5BDfP`cPZ<^^ zTC^9*MY=f9EF5ysHO`+)tBYSI8r&ANl5*A^_!t4<6%ZVtsLOy8wS5TJG*I5WbqQ(W zWyoL^L(~9-ZWrypuIuD8%4o>JPDQ|Z-EOZ*KwmxWWDQKgxip>J71z&xxck(!HiWFc zU>f4Y2gxlB@e?@6`Duq>NG>~(OJ3vpA$9NKy@#{h=sqz-IP!!aljJ#C{>C$#?DU~_ z%E$*v)P{yjKm0iLPchk?c_Yj9LN-cqwmmJ!rnyBY_R0C3Z1A}v(_>8 zL(iFjs|$EEZ?4~{fn;mns@T1jH+!g?NkNE#s5M9Jms8F9Ud1w)$nqHGnQ+_`d%yqu z4s{J2%c#t;`;XJxEhq0d-VoQ|LU_ zF{=jWk){naUA-aAva!ykuVMP#PHJMj;-Jg2`I>{xFBBA-jnYRx1^N=M%T2P&r*Q^T z8MH~C#n?PD52`$s?y9;d8Yqj^+5YN3Tv^CZm_Ks}s%>&l+rE5Z-o7p~ zjPZ-aZQi-wSDj?ne6K403<6DgvdnF*K#pJtDN`IrF<<$#R~Ew!+#g^@taFT~c^Vn4 zPb8{rk`oO=-X8yAse0i#WT$fW3(Hkt=*6&rmbc>B-w7^kLN&NGVN|`z_NG&GoN=PN zQx_A@Psak$`Y)9jyaV_Jq3?(sy4Ft@Bb^{@@#AN__fI}vy*rw=rH%eN$yBevw3=-& zjeG4Hf-DL(EV<0wI-If(^S8*0Sey~X7AeA-4CkgM~rN`x- zP_a6uKZ!0EW1TcPjGufv^1B3Hb^E0-yLtPC=joYha`T1iQtik-b-@qD{nX0gQdg^= z%}c*aTw5_5*`46keq;SjGQk4|@8eES2}Des_He-k6-8GD-cibU&3o<3&AD`+Rf_5r zCFhdA$p0pRG%JkISohZLd5Ilv)t!r_Uk>SrN9Rqlxxp4uA&}}fB{!V6V^h^syu0!S z<5(?!9PgD3P$5U_*1gLU(Y3io+SzpWD)TMcBkP0HK0of?Z9kn_a@?DLJ#OqJ6Rlx= zVeHX?-BLLI*-!J&X5#8c!iU4f82Ba&QgXCfh4$iU*)du=3J1W0Ry`dS5>#!y#~AXN zs_>B6lOkDNrrmC@EUgT&cU@`eZhWweo~~}Eo@rU1t`dUs4l*%7k~`V#5-S@mYyLrJ zu_#r~P!z+q&+LuY176z*>D94J?ZX+-?5Vk(`yXGtd9Jn&c2xOet}TOU9V`879l=)n zKe_UHkLP>^`%XPey#9unH&Kz(I}`U(x%O_al~G& zReykK`LegJoPZS%x7D3ntq%Ey7L3^-{>xDo`7z0(q_<(Hq(NSCVH*S)eI&+>-w?RJ z&|x_cYS+I8^XwB0VBxzRyd+V>u$c9Yh`Pc9&KfN*axrO z7rV=3w;(i|_KMHZ){A#EN-5?}n;F@i>+}BB@-?z}BkpFZrdxk&wk@rA`B{x&g|_=2 z27}=e+dJho3Hi;M@pYW#%F*GNlFJa^c6-M@RqQ0LxA$UD`M2p6q=}F|!S4plqWveb zIhIiDj^)`buA+L>Mu}Z{CC^r<9m)C6h3+?yUu~sW3qyeKt*L3Pks1|3SL#k1wi(q& zlqynJ?ws-J?%p48IX@z#Z9Du{<4_k_xj6j;E7F^Y63p55huiMo7r5k{%(UqCzS(F` zU3p6(@~0Q40WUfC!=g;>o<|Vp5mr#B1P|>kg;;j|KSwEp!FIq*D;5z-tb(ZPep$?7 zVCv93OK9LkwmX`ePlPD3?Yu~hW7!tli}M~{?R_~;(-@BJJ+WSGn1S)|+i^um;p*g^P0}zt z<yA?_v%~z3(;*W~iu%rXf_?LRkx|8{vfT%@aKI&Peb2acy1?rMI2- zbsk=y=m-)a-U6P%te0b^muEwqzWd2%RtSaYGb^VM)+znBo$F#$VlWb<6@m>&Ls(_C ztVB&!Caks1|4Un>-5xWA)K7T{ct-Sk3H)?4a-}7p-5-QnbX!VLi4FfNycA=8=W+MC z?xeG3IO{K5EwS}KZM;I>jG21jr9cF9Z+FK`Tiu6%O8y+wQD_~<0dgb)*An8Y&u@;W z-Ft)z?~WxbL>EY}{CTnjl6SxPsq5YrNcM%=y89`$0R?^4ucf2UGG9qr?2EC9-9Xvr zZ&X&l{HA8Uo_b?20RI^Mx=nJ!*-fTX?F`vjdVf_O@bDDm6}=;}urcz*NnK)>b@4>Q z{6+7vhKvqV`pk`Z$2z5WlxQTFQEwM(T-b!~{Cc<2c;chzVwS@TD(W<|K0?TAG1#*- zZl>AO6!-pL-XCrzB$dxP*Za5@qirxPeRO*}uS3dbT?X5)g+fn1j8+cZbLQVQ4BxE) z6OrJ4i_-6@^O+m<>{zcS{@CHw&oM~!zH{I_AdQaN67|bi+pu8+wN0QIA4pBGKCFw4u?cs<_@M6Fjz>pb&437Y;sAB@U zJa~f^yv^^t|K>|> z0=l10C#Kg~H$1ebk+$l_Vo)UZ41*#5Jhwr9q7jBkHH? z50i^7h$MpBj(wucnCY6Rt#S9=ZI*7tI$?r83sgzw)^%ylqI%=#1O0)`4j^PjJm(I(7d0>`2`Q;AH!n`;NNGRk;WS zmsr+ImNdq1BoB3s8{S2)L9)v({lV)1q0q%$r|lzn20kQ<);Le2Zd5_iFVyjDC#8xl z3YDEl?znx!Q+TQ<*?JhhyhU5E8G-W9GKzN^6&zHA@jAXc6Rj()$@#+XXy&^7-tukwtq7Yfv#Ows}5nh20`PSdOf)b0mj04Zma3{O;F z=Q5d16tXYNVZ0nQ94X0#4I|Ru;I`9XZt}&Wc1X54SU%JcdGzpw+6~Hq{PTl(msNb{ z^;^|^>LLl(6Z3lsp%w9e*u<}#M|eSrnjq=~D*Ni`NjX3`c4Sfx86kKJpOpJwaGbf_ z@-dai6?HX@(*<8Ao%jxw2N6{@&1u&#%~pw>NfU5q0lD@M4`!eRv#bav9@;1hG2i{Q zzXFr&A{zw(DlxrLBH!M5wRwfbpR?5$(eJhZc;r;h(_cMKvNEuVeWb#h#OMDnd>r(By1 z`t|~mq)h}By+G8FUOi>ymM`{3+|b&cDy3tb-YF+0o{5cjloi zgo%PfDX0Gab|NITZ;4;G+~+YjvmPjkI5Vb9z_!8zqpl@l;m-e$rLT^Pt9Slp(ZwB> zqKmsMPH}gK;;zNrU5mRrMOs{n6?ZFItax$P;_~kE`@VndJ(Eu+$z+nd_neu`q_8rN ze3Onc|L#k)$FEadY$oC}T&>HUXGwhjCKbtQJFCJ&J`H8$fevZAi=CS5>cf%yFN{xC z4tisW7yskNKFL|38^8S}tY#_Ft)jWY`z%R!2q_JqEX8E5{R?GJOL&&l`T|hSBsywd ztScwFqYsiF2`IsZ3V_{EKl|S!JD?=ho!B6Mbk5RKwyB=92EDhg1EYf4a3Jvlfr0cs z^z-L^ktYVy9pM!ykbj!nMPX*h=_mHXpV#r`wv+M&`ka_R9gEZNon|QeJ(h-8SyV>zU;-33Db)r943$-zPzl zjp;(`z2a}=7YDgdGEQ!ncI78s(pQhd(-XEV-`!udSucMD61}Lhea$^$9rWF-U44nz z?;4a65YBlv{<_0d*qQaG!Ai7S=ikp6m%7`p2F6p@P$qwtjW8*Af?TtipL3o}wzbzxAiQj<1m)Ph9=}b<)qy?NBIyHOG8t zvtMqaEMsHNrRkq`LhjtG_8ufk=@!C-S@YUfBX7s8JP_pY0;Qk_5*+?R^xqF{5wTAN z$90|>KsfLC3Y2;C?@Z-`L1uCv|_lMsnW$y|0 zfuAHaF@o64WSfUM3i^CpJkEP>-g;a?V9)j%KJ2>M#ln*or){2`Y$5e&!#l(HaX^$h5@ z(@;sENr|yZncmG{{S|{1myPZ>Md`%RM`>@rk4nRWwL}R%mB4Cm7ZR5Tg1O+(A8(1i z(#1GB5by0L0An2;@b@y%kcoaU_-ZOj_7bRa9Z-e~a)fJGylr4bkX_`F0irXn^5y_- zmjxKezxin`oGW0&YCA1Repn=FNJ#sR^Bs@NT8~qFkd0aa4+u-m=BWxWCt+kNL>)*B z2ggjx2uvWcO=x6TkBYX+AeAw5fWLfX91d~Z>HKW5;%e*a5ZT8_*n)A*u|AGEGx+HF{(?O!>0(4Q zG5o`n*8rd}YSVpqoD4n|LH$Q7Xo@pvzC-2ov8rhC**wMUVp1@bmgP!t_TzzRVvOkY zqsM5ymaaKB7E;#Z$9keSGDxJ>unTS6I;87>VmT2|14+P&DB-WM{QibPw9ZIcn}HdK z0SML8ai*}StfCN;?l@*tgx@hLldzLNuPOGI(EbM77gNF(T<#L9Xr-0C#w#v8IBv#D z6~KxPAjs8+&{=p_7a`4PPf!ei%`GkAQnj*H6`!i3g2fQ0#(7!GkrJu*HW9(4HkP^o z2lG;_?!2|N8;Qu@b~yx)=5cQ;YR zr8ma?-7}q<(E+Zxxqbno>}$asZK2_6rn7|W$2Uf(+k!ls3q5klrY} z|E042zz190XW)h^@)pH+h7uODeW5@4stY!h{?x}dTx|bG9O#soeeTnub`aiYULTwQ z$myp}kAYGU!C!aFjgq4V$WI#Ra`!01Dl04h!^2IneiS?2GV44^?YTB2-|)O2m&|eU@!hH zHoyeyc?gOi1h5X&3`s16YC4W>W3ewqtOO1&+l64Fj7xez_QLA@2Sx4GtiNQA*Jv}0 zkG(5M8}XZIw#2=R0D)|@yw4aia*;N%uMQ$&U~5CJdK@3iC&(5=!Z- zBxBN!)e&s%nM*`gO%$L!Q17i>?Hosg%}+ZHuf(fdc75dT3W&ldX?1x3muWL|v=j9+VXH@lbYo6!63 zSsZZ%70cD_U~D%-0dN4JI=3v;LC%hYOlXM#sRk}AcNdQO`afJN@t>&a_!DWe5J{S^ z$QQ-2qO{8)eki`+6c#aY4(uI$2{wHU8NPguGr$Dpkh8NIyLVR8pvaVHH%?+iq0JGJ zl6NR(=wgA@MVRq9%#3Hkb|^1l^6>}m5fEpa61#Bx>ej7)Xw8z@i8MjYHV2!3EgyLalqI6}iNFEVP_gGh3*`PXQ{^)Zh}Kw=F6M4@3R3_NI^EJw&nmRw~p)*lOU6^cfhMbHiW60n_{qzi%vw$mV4rXEGx>nV;=+&M*kN(_H)sv9^j zd?d2CGDz%yJ2TwPl@X`4!{YDyIgZpb%H!#Vl2JRkhGnA%EJP-OwQ>Sxb%^cy%Zg8V zgf-A-kBIrd@0c*lQ@bTejeW%kB_kmWL86zp^2P$eD}--k6G4pV=j|Jz56D-Fbv#1S;eefAGsp@N53Q)TZ&K(MW(hW(Yk z%~>kh>y86(lY>{J#X5-JazKcp_q*UwuXe+l-X8%$D>1-Y6FKUv_Q z%#=hmC#Vc|C_pSV-Z?_79tMoNtE3poMsQv zZ)q%8O{~xwE_d;7O>QR+Lu?^~$;VY1^$`6BW*19#>qwpDT3`fKQ;f6aF#HFzZCyKO zOGM@m^$>F&^bpKl8{geY?ly?|XLOg{WXhM4L^S>U&~&03`)Dc+BWcF|go9eqeq`Ep zEL3uT>ACH+pO~`Ms|Wk5<8RNHJLYv1i~Ao)8;0JqHRTL-5qU? zj_VPfaKT!EWLziPHy)?^QF5g26LbPC&gb9pswcDhCAu2~5SW@03}d0v`ID9GeEUy2 zZUiPy+It|E-{`YZY8|WbKVF`O-vT(&# zyPs^e5Yzgy(fv=U+Suv?cCJ$ZdW1le1*LBR9>-a9<-87xt4N2FNcL$!I@LY}a#k?4 z$sM+uwdse5?tk-qCG7ZLyzK_{?1M&0DT%3XQh>gyjK?28vn0?fs#87{qz+@3U7*^M zh-NiVn{=cEx68xQG8P|}!ORXs_gB+^gyQHW4X;g77!>J!`AdS4Kx$djlA>7bC8|l0 zYt%FLY{G7NKrE9hRH@wDk8~FOxL0>@PO#*GI`>n&^^fe&Un*~&rSXnm9vFR181b&O zZ_q*T_-6{>n-XZNrOFF_(S$}iixj-8MTNS*;>}aJ#0`F?!+2MBZM>?LKQEPTdv6*3 zp51KpQ_#PXN90ruS!<^UGibr?YhXW%u*vl`s7?{n@Evlr$Bg>4Q6nJ9rRw7hpm5ei z=XsD9)dxKw?TXFTj((d*!jtU6gszhbGS|1*X-#IpO+CC~KPBz^54g=g?~fQLQXGxZ zd1D{h3tn5XSWxGiqQ?sDWx&>bp7POuKV$Rfx0qw`Z$k@|j>ufNle;KC(gEQOvk&}Z zgC*XnA(Vot`h@CaW)@CO5SY*t!wYQ)O#efNE(JHcD3;G!0sHh4gF2eIKU3mVs`UE? z%DW%a#vC}cc-+wT(W^T};;~b7tVTRF(7Su?x@S1NRQ3yfEvdATS4#iYfUb?_*ZJ%v zKFE=iMg5zPweIwEoIC$+KK9Y|*hiMRz4C$S*1rL2Pb*kCjWFu5>}P&CFqD165XqKV zmS5olqKcuLH9kb~wwe|3ig-6wziO4lT#P|2pfIJ7!qVI&SZ z)YgrFyT~sZsCZCjzcN-IGB5Rzx5iI*l(p8v7cizVSQxkCrn^{h-?#@CV_>~wfl}j2 zf$phwK#!I~rz`3zqejJmANB5?(p?=I7a83xks24=n$IEkpN~DI&Z^5Dy%6k_c|5|8 z_*Z_bb!2E|7C^YRHyM;SR5&)HD1V1MA+w0*d$54qQTH$`PpX`%TYT@|pPn|}2k9Ni zb(&Q_F_*r<)ZsBR%hI_i1iPm^S*qz=8l)_f-lRsXm`j|0g*z`s0JgWI?)4y#^~3hQ zsC%(&dD3TrgJ*dR_ml!!VIoP*+5v;>$a3eS3pM#jnoK@aeO&@~6bJ}Q17QRfsmg|( z6s5l2Ol+q2_a#LX>6-Y+LAYy=6THIm1Vy$7_i_-H@??rFQ_*16EOg27p4p+K&x%Qw z$wUNJa5vWs-hOnLSaaL{k0#yBT?$`S+I}QUqXIrEMy$k&e}EVPeGajxnNj;B9LHjk zMz8^5cvf{745KAUNcezc0)lE}Ft$57O*}hnimndK+8Sg9;UY?K4PJ23B+|7ipK)5u zb2P56?<2Y(?7mxpmm~a=*X*H0Db^yEQ1D*|lB=X}Zq2NK+7HH4U%dU*sXwD1Si4?y?i?Ayv;|)LB)B--e01RgJS0z(_qkPc&}!J_`vI+~|cYev6;{m|tzU+~2uA zlbs!$By(;kfH*IMQ%Rk3;FRmXxPJ}lxEwI!IL)Y7xvpDIImuq~$GzL624eNzpb}q+ zHC(Gzr;4$e-crZOBVVGycKToE-!5H)V;5WJ4bWhBJ3xXG_LmT9^ta>FBUlyJT|Ihe z%0Mu~{6DWy&Q#Ue6Ze;VE@e+vX;*hWkmWUgJ-MP>N^0S*8S7%GXTN)p53-IOt7opN z5nSvtgC_1$qp6~H;Pooz@9EaxNMS}a7a^GCykO;%u%qRstQ?lsAG7vr`gg$&Gn6TX zVFw~ikFbw_ax6^yvoEdhGuIhH>3cu-qZ(%uYn2i1w7P16Ys^&`-OBMJuQlj>U@Nj?LX$6E z!1Ln?q)yRMVF;I<8^~V3XUtBK_&PmGI@>YVvp*viclJ#lyJ+)Vjo7?O_k< zRtNCj6m?xB>Vm+xTUj4N@vc>aNZb@b5=ZNuOE8K2`}EGoiU(Tsw609K^FV6@?ZCzA z^Rka>T}%8y;}6~6_w+cjoVvMmO6&R%o5b@y_;7!k1XE4ba9fmQfIrB%wpvE z#JK7ge_`e!Ue4-l0m;@??q@_h=@;&SC~@N93r8hfPJErFfNCFMlf0{*CnAP}Z|oyk zml|^_WDXeBwh*K7!NZ>Y50}QVb8fL{B6Z-grfsuIjfI=OoF87lhLWbt@Cgl~C3$12 z+Yu5h$bd=$-=G&(267oDN4&`pzdyY2$_Jsm%v(Y8xlm2soPb}Pw6dt2KjzK7xXZ7@ zvhAdAR|WAe&^-DaBcKW~N{OFRVPjnVH zn}>#yxOb`&?y+!c_*2QmD_<8`8rr6C-f$1N#HU}!jg=Ccf8KHsA8a->CtV}tirTH( zLZta%_n9lJ_POkXQ?Co=I;FZfA&J3EJQJv!_tRrkD%mm8X9GS%&XXlRb}de#rC`qQ zo!=Nqk_xH#$)|d3nkuEw_;a?qrFnfM(+E|cZuZ*MyuXk6$({jja2CHL@F=~!`!O;y zx2Nq$6ASQ~`GrJOtpP<_G#8PF2x)Bw5Owr0iu8#RbvR6RimGL7+@yt>NO`1FCZqFm zpW!=*UWch2mSOagb+COTkdpcaqhDk~cc=omA#byhN@vt;Q*t7~lNQY(^LkEM;Jq5=7Q!;R;Du3k%7c>J z*%KN&zsVPIW{Dp{R=OMMl{*|Lg*@0N-f@w?6!Id$)e7`2R+8`d1n@(_I<*R>$FAS( z_72?Xf?ABGU8=m|uEUH26odz$eh$P0eYnIG>1=?HVvgFPybPB&Pk@ZA6*YzQuDxV3 z@9*M0J828X>G;uTMThi1bGqMIB!~)X{_r^=LZ3wT$N6Cwt-mcjr#P-rdfZsrlcB1L z|IhRDw~d=$`r-29bV{y(<2xA@gp-2YP-NQWXKxCd`(ZY*w}Q+>rxe&@|5@I?4rFE8oMAtsaLO@~>I~sH+)--(N|o^MEQsVC2{0M}EhajTPu> zoIq7~@wW||%C(7WGTTx0l{tusw=xj)qyd$7p}LCKck+)qi%aTpB2ju!>USzo>lf@5 zk_^v(Xt5r=d&4(Lj@liLo^w7;F>p^8`kF#b#7A6o?f905HzPLr`~Cy->mJXWwM5B@ z+QyeBrem$paRYxs=jX-e=tV;1|FCX5CIl6sX96nA&;MlEgZgKM5^`%cPuf;|ouHy# zxItwO968&xl=Re%CKr@`?5j(Z;RTE8AD+w##y-z3Owd0j&CQZ?P>^F@;Oh%?X8KQ}kiP{fj=Up5C^d{*r_3ZHJ-b=2 z!be)eu=J;Kf6LGoJKW!R8@;4kNtRz+F%3ndiI}l+JPnKqK6R(|=7e(i42~n;{CPX% zQJwzsWKMEl+5;eKxb^*P?F;h+j0GoDxIf(1&T_^g{WZ?I!Twn{huiBdiME)8A>d5> zb#pZZRNZZRo{8u;Il6{Ul-%CAB@;JF?0{$?l*kn~Dl|Xf-tIIPH(GF<8>zoN(6p`n zLY4PsAHGl+-`wBo9=Ew`oj(+)7me-nbBdgU61V9WNTqJao)mL@ zB*%3rZuEP8S>f!S@`cb2hug;QTfP{T1E)OeIQ(J1P9t5jlbLC{0-n7uj_-rfiuTOJ zxT%8O+fjf1QRhdsAe)H_7u^VFciT=*<0YaaADZOdT8)x$X;nlV2YhEe`D|+@YP1x3 z@L^uCfUsI$0c}*_);IN*Wr*E4|NKe`)}k3=*t*1WL?qB1%i+N3u1t(Kt@(<@xx^@h zy!l!9iRjyNlK;ui?7i8XgbBSPX9Yzwo&YCXv)?U5$zP5J+}uH##f}HZkiG$Enxj!? zq3O?`E}^?yZ(8`^sv~AN&`h#6-mdjg;DQS&*J)g!q1U`cUyl=40@84S19v@RW+kT| zeSxMR{>*rp<@05^5Jk}KS-dzQQKu_zgSvfm-jC$41z1=J<9h9rRyg}g)X`)iW}K+^bEb^jK~NNSW$wMmN-%{AE7gq4M$j^#Dkk+*Iv5ul8x;hHE(-n zgQB)71ah`mU%TFxozlUKC#7DAlWl5L?L+0tLGQpvt^VXtq zR}9TC#q7`V&I+%0STdtBb0r%)EM*c$l^Z*~2+2fOkImkvUBi%5z1a*Q>+zyvNq-%d zmNmp?9BWB^$ExUxEPq$h%Lb34>0bfDT^J9C0$Xl&+5A356cHoCWNfJh;J*^~L~n8s zslDB>9JTH4IqX84iOGd{6hGft^YoJe4v*21RR}%%=?nc=&U18dp$96Cbkr7@_r5p@ zvl{^cJ2J7$E605l;}Orm-UmZgj4}KlSsg8DXHw#zWpZZb*bA%fMSYa@fWI)=A)Iev z;uxGT73M>*f%i5So-5|Blw$kOeHD9@_cP)Q)oERWsMk*O)a3c7Y)-nGs`X6B2L}-d z*ZxNNrKngig1T8^h)zIZlt|tl?d| z{B+M^Ah$s{2Pdvenf6Hv1Z7$uwbNWz>*V*L zvXN7Mpdz0Xrz8_j%3LX=a=Ukyt+;ND@)uwe9sSkCH)$v=^HxKCt=2Uu?97>#j2Vo( zok(4{su0C6chEZ4e~o*1X+-)L>5pFTLDNex<~5w~5at6=Wai*ixNsNAKaTv8D6kjl zAw>A>{*gpvOX4M1}cC7nUsO%B7p$YnK{toTav4{8tynZd1Ul$JW?& zeAQP8mhi8aVmTz&q6o1-rx8 zJ2Q6+SlP~D)01c-l zh>#>T)1~j$TO7i<7}1tq1x1C!jj-w+#CjtUpoXoK%>LSSm6VGq^p$bZG{1YvuRxu}N68~o`%zk?l9Qta zi%^+x!;ji!w+zp4vp$B_5#qi3$beN^c>64@daclhzXuZ*$Nh(~3Tz5{ z$~Hs|Uqah16EnW8eLgF#NM$LDs-kT9grzb)nLKtuA5gwayd-VkNzu(Gl;-4~z`B+u zii+4`fu%yoTY*Gq%p8^yl&&k$%Y**6zlBf^%s|x+LMLAC6*B={7QsL=qnH1P`CpmP z4}2yFaPg(qaB&kKCz z{2%$36pLJBfViXM&w5urj4_<$VDakq2O{|Bbzz(8TXwL89g55Ia0Br2Tjv&$t_WMW zy&ibcpEWEc40+|#DR5;!tYJY-ShG21jItvN(2CI22qLIIscLz}=_#rI< zS1W-MNzPhr`xV>Q>*ru%w^2sokfaIj`$WlDjFwZZ^dPG3JLJ+`;<+%$4OaS%^aN6C zq{&HguAk*74|yorZ|qOgf@jeI^~23HA=cyJO$=Bm*nD} z^P?zY$e1wAZ%=w*{Wu_2FucXD)9q!o`p0OUra<_TWkwM}90%Fu3`tE#c9e*5^08fu zPch5&l55>T&1fj0FefQJ;w=ztirtLS&l^bme!Lc`xN1JAc;h*jcY38W=iz56l6#9( zYHhE!qho)P;?*Sg#*)_VC1gDv&nt>s{I6D|X-weo8?G|GK|(A`;;Z&H1Mn$Zw6TeK zl@##r1i{}qZgshIP3Q3&Tzb*)cv=vi@sGq-8lvM@f+dB8Va*9B^36*L#4y9rK9Yk2 z?6)a-91Fkr({i6@eF3WTcwuvsAyWT)b2gu5fOr^(+dotC7-5c{{sMz~clT>CR{*UVFZ?e;htDjql`_ zb?+VK1n5si$3I(@2j8A<9AOQ%CH=A)93}+A4fOjZ7KXHN*=taJ=JF`v>wO&aj(cC;TaY@A;{ zbLdJV5Sr(hUS`eDCc(d+34Vgagu(=sR17mAk;gGbcp#OMX9=5_Jlztz0NcSp1lPfH z*;D3soB0Qnd&e~Vri-{}bf0=N6u-qJOj^ob4Sk6KpAr6;Zcaz)PF`xUaM4v6R}KCp z)`}^?J(9($YBaN@aQo^#ACtkSrfW<@-JfY_&f)iI{!YLL^AtiFKZfC3C8qQ()FRf) z;#gpP3`|0c8uwfZjoPKojbrgz2XqEnGwDXQvMP*mC(p(A14?V?($~a@O)maCOTynG zg5JXFHNjN9hF%6{yNH?ckKXufgIY>u=pdwTfnH}_AH~}ko{oyqv%I)RExeCMoR9)0lZGm97PJ z=^n2iSbm`W?oDVDw%g@kBKKqbs|?XkvgP{%<>`=uD)$c<&FdDsN;Hs36*<=ThT1x~ z+?I(R%?l*o^X8XR?hB0fU!y`^M{PMg*Lz-t*dMZas&XUuNLH?K{WANhMKUHWpZz2p z!aG}^pm7d97gF`T6g!t)^#$VUdi1Twvb$0j{TW|sGTItOpT*CJS6pzUo>gBbj_)F+}?GwS` zG2=n!jT0I#U6ZdcRu8vblcZTQF24eP$i?(zw$~Np{=Kj~Z@f{5)*CL0k8rp8o!|wr zxv4l+#9JN2pvJ#6WcFWk?P&2)luQ3`^+ z3Z~1P+-Y>I@j;uhk(92g*am&Aou5NRf}*}hqU(W|?Vm-;m=b?`=shKKbiBHYSSCz; zx_7fW_V-YkoOwJBoNf{@URO|AfRf{Q`E35R*9%=2|6z6c#WxGD<=Ov7mO{x)|NOf1 zPl8qdkzb(bJ6YXL#I#m-$L4J{w9ln$kM6|-nAb5GYTh7aVz|1xdex`)f?dYx6R#!0 zuFBQNr?3ewXOmZjYab&e#et`s>67LfXey=OiS7@ssd#&=s2&1Kn_3j}##5bD;}!w4 zW;ZW2G;OML(>J4|M6b|v3Vg>t&~z;wLZx{!o30y#y{Dqm|9tQlkKOkTyY+^v3KDe~ zUN!0X&1tR~K<#BIP{#_u;X0>I>@Oba8#IUWq1Cts|DoA`f52oTxpX@FTMk)zzRI13)uN86*gO-zT2d;Z;c`91OL1%gLSMJ@_x zCvP<5^#dWUe6?Ql-N_drH-b6Fzii&`)#exd#Un__e&(w12}g~b@AHyn4w!r0@a(y@ zo#%M5rv6u8fS`Xqbrcp8{sb+2p6mIX`pYfGCOX-7R)cNcM=UsZR*|VVNJQ?f6_gBU$vkyq@}OoxL?g1Pf&b) zY{k@?J$i3x%Sj`rX}=sKdAsXjNts?~yF4@3a)0#q+d$@DTME#}?XPyU$VX&2a42;y zm*Z!am`)t^!XMpR?a*=y9?5=@gj41>`gMJeJpZ3mkcLY_`BwFdxAWORNBa9ca@*eKJ{lT*@CI=t_4^u zW08Td(uo$bXPJYhvdFc|l;LjX23>*Q4BauWZamSFd|L(RN3OXMP@4+hut3+zhD0b>dRx>ODw7_9= zX%$RiL84(;Q6t?LIfA%nv0UQbmcS;bNcJOz#8@f+z7rlGc0RM`3R%F86jLN4qv{X;T6gwwc`Pi8LLT6Rw&P`x#KKe?8-OH$umm(P+Id1_ zgouc6u-i&oYRvxtfv`)`A54Hm=?-$uGnPV_6CFbw#${v$hq{ zT@AReZRlnUZR6sM!9E%_cydH=`(cRm^u_pi`L`Ta32eaS_6V?_6#@W!|MEA1{7=i`7-tqa_I-$I*(XX=U#I%w6(xBD?@ zmCJEJjMjw)wCeN1Ggrk%g|1J);@EQ&w94x^phN3|Gtalsbm3XCV#8YRU%|z1zizFI zCMagP@N5so^#2Kue7on@?h@Jg{cJ!QI$n6S;hAc7f&J(J$ansXu1uY7hL9}&;LzZ!#mAs)ZfIMg=jmm|>Ip)M!gu`>gR z!PHBeFHznCcF7)(4zvQJCqv@a!9DeXg;hJWt6_xAWVD2Sild@-DMMt~Jfc3VVj`9v z8=2mSZOza%6a-ACB~aWGdbHz??Z(n}|IHNKm@c_DYW!<#6@l4fsr@n`M4M9N&f5An zsBbVT@RN?ii)F>Hp3|$hsf}^$-D^DNY)@>VCh=I(R`h|X>-uN-@70W6DtI0^(_kMBYZkVX`R*=4bpAYR^8!D`b^O}9vAk@6?kg&?L zo@s3S0*+Ve$PSd<1Z51#+$vT0)a_Ee#xE)RE51f-Oi zYlw+%laAQHU9Q@W74kW@ynTZ@5DNJnrR(z7q|VII;gGzN;nZ)=wKq{x(dkKb3q&e7 zl!Jl_HFQm~1B#y&R8C%==j2e2kdo|onHX``3j@j~3TiPbeoS@~R9C%L-!74*QmMTd zS2c_It)FmE`2af3{@oe{J`t~D&i=V1W-@%vbN}6zcGJbsP)&537J;QBa4+ z`+uH~9w-5Q^@nbQ`rh_GI<}BOISQbQ((#|}{);9n`;T*dOq^(D{eH(!?CZRdDuPHip=QY6-man@cmHNW3+TshM~%l%On#)RC??RKt&*~1mZUYs zH}PObeuUqhHlpr66jJk|?Rjmq!s{nSSCqSgsxEMjpmhc9P%Dl2#drZ4{iP+v`v;YA zXXHNg`=b@xp(Jz=cgj7?`%q=^6|=khUq-3~kMsW<(N;{FK!~%2&Sx;R2z-c26G{tdsbYaSOh0PAD%f`ea2oN*88Uhq<0n0h!DWoo z-^gzML%zGtL7EcJB{w^H5V}8SE5F7Mu?jS2^I0sRpf>adj#14m}Z!})fC)}}~C z66(ksbO6!Ilz2}RyP>tXJ><&{6Tbf)HQHQ7_7DLI%+m92Lu4rV5P`9J=*H^WPjUE(_wlSH^Xh{-hU9jyr_?A?cq zDo->!nPocYMR7X!15ad&SM^3wV*PvQ;9 zYRFCUVNL*9_X96v`&aD7Q9k^WJ*EZdH?~>4123TcKK4zaqCXsy9HzA>ZgYhToLNZy z{y6*bJ>TwtZa7&teQOx|&g`GU_*bwOihB)E_7&NAL;0~LJxr7})P5P86u{nKXL zy&*@=xpCDc{yWM?s={*=e1)b~CAv?Jk9%yWGVX^AU4n#=eZ^tVrns|gEVz5=2sBaL zUvG|eWX%~)ai~P`v=n`+BQSEQ^OH%%wjsmKk8!G~paKGR9u^Z5z1~W$*%GEC*EOPZ z!-qWo84io+92+$QEHMr8Pyc+FErzSUxR4r)7Y|wY8l|8RbrP_Ff zM7IR&e_2f0^m}z$gF_t6{uC!#*1n-&qHU7(wGLMDx)hxy0DTv1X+By=8b_dopn~2B z*dJI-cJ+(4J%!=6V5NHy&;n3F_XIXcdDEAz!3|CTxJ_8;E`$%12b}*g=Gt62u0sQv zLhFaxJ(88fOr1-H(mgI2m%A41sP>~cT+A-gQq^o+z9OoF*hQ7&hzn^V`jb>$?Iffp zkZ}SrW+e)uK>~CX(Q9jyl|z%M*ti3H0vxrr4tT>tI!GbrXy0-DE~;be#Gl;gMvL(J zSxvn26{REwx0?B2)2O(qhX0JUXtN=-nwnx*I`#K{j)Z?GIOHs1GvO-C`dRIO;ycx@wfeQ_z`~}m&2_(w;gCP*ov%NSeM;pe za8`=mz{j!)?=}zZ3D?coAuY5ZH7Q6&Tp9)iCnL(O3ijv3VA6K5nWGHFpEiM)fNiNP z++oC+b|sD5t%ZzeQR||jEGAYJv1$JMIZtTMMBE^D3snQ%Bk@6_NkdOl6kp|G%yIVI zilT$g#s?gDY)F>s)zsruBZQ`tn$zG3;+%v zPMQG`O$`lH2x8~sFtIS}tsfLMCkv3KLqt9! zG(fDEu)Fyj_)$lq5lqvpFz?~gx+Y0PI%0f#6W!^&CE$L4>u*zgd+ z`9aGqN#X7%c+w1T?nDn2(Ac z0UludFxMJsT4l{wrt@?*PtV-t!4aHAgeh0T3}1BnZu2L5@VWewqU4HUkl7_=dp+@r`SHg z5*qC=>n#taD5_;#=S8oIoXs`Ux;dh+{=-3f5>uR4^4vo7!1$H?IL0L(5GFA6-O1YA zQ0qG<@ktDJf!TsSbX4}J#?PR025qhEnEvk*bmoQ}cN*?Njw6a&<;RsjErXm5guB$+xFE==rR9@q!~r&CpWO} za)6jdKq3uB-!mT!If$=AE*o4Iokj3BJ_g1lOjdN29QEi1$REwy4qFZsIw^&Q1B=6N zhaPW`Q+_~@o=!cb1<7}czSzaWR>krr^}!-dmpLhgWMb=p%po1$I92>EZM+iaxnBqj zZMZ4h-_2eV9@Q&x#TrpjzstlK;wN#Kyp)o>lYEA$nNHFc>z_8Q!@qXQ!sh7Ky8UiU zFH=5g6A&S_Yz8`IBsCH({&Y07D+V?mlDlUqrr6MXJJsWH{yvVsrX{?_^a2e;AN z%_ZBLwvVm@^mYG_rKb$5qi422aVy0g3Pp-L#a&vQ;_j}+-KDs@ySo%QxH}Yg=iu&g zm-oAWhGab1oL!z|W+H@#7+=$ns|RMg&Nh}uP?koj$8?RVh}G!>%lGio#8idIH|6F} z{n*JAY_1?!!1cptd}Y@?x9S|!01ib@C-i#I=LZc#LiCz*^YJ+eu-QChxUS1Fm?%`@ zueE9Tv%kp?`8L3f8u?TXT4;w04T;;1c_xHRwd8Kz9ogQGwLW8(69k?9iTzr&!HJx_ z+U;i}+;lz)hVTiYF098U(MI%<3g+sM-D>0T9wQk+ z60|pEaQHFidc8M4Gyy@AL*o8Rwx7I%YHbQ9H7#LO6WwO3h#^_&# zxa*=6hJgvQ;e*KWm)c}McEtHg+t2p+3ET(*Uy)v(Ga9OfYruA2N89!Ul5Ph>AxGch ziV-jdaq51s>pal&?QT(+nr(0%3Q{B0r>f!fVB-80j-u0n*df!88P-!K$Vr;&ZHny| zhHFTRBKuX(t9_!TfoY3Vx4DKh{ZW&>BWP-qqV?iR_qe9H<;H|cGvlp9s!t6KDyDB! zoWDzDpP1n-=!Q(}YuJPAar{sz;g}7>TjIZPoLt(y`6cS*JgGVOjU1s~mtCK(VF!;I6+{LbE{cK^LcoadT^G*2^M2c>YXE{Q3JRTiJIYgx7#4{aYwUN_ zgm0kO)yu$cr;xwhp#DTFroC>Y;>UagVf-^hulRNWyEXeg_8~6DJ9Vaf83DXm34m`f zJ=vmHx3zFPLIxAUmsOgkrpJvF2c}GWfe7ELCl^>gzJEJ@sk8F`;sYGPX+AE);h^g; zXAnnqiywK{T?|c*gN5gl9~1~fRtkmOcZ;h^$XLpyE8*DbVvcrNnGVI0WBUlN8h})Z zg>F;wM@Y3w9YyXR)3ka3Mb>y)l$S zsjslp$C9b$3;ZT6?q32D+zh&I4v0ukx9bzFgx?#nWSDy|Dws@37WE8ls8)_l#|I2y@u}9ilG8@aQ8w>ldVCU42bW{v`g6HsGosXa8c8vNi=TFvMlO@*l6owc%@ytVyi$3hpe?deK79qnNy;MH zV~#PSQB3ia!+zhL45Uyazwe&^ranA@tiY!@RKd2ak{7k>{--8a{$?qauw4GeEw#OD zYCt+)Gxu^!F(62*Gyxd!Pz>qF8m zZlbcQ8TDIc_Kt<2m+UWa$5;KJW-&##Va5b+ByawpIM)%EvFHTXrS#_XyZBg@1Ggcm zia2}suN~IU9S)@ALBDeBGjW)*VJt)1JevJP^ww(NFEj~wJ0i_yBohS!8h`q z3Z<_eo?l^6z3oe+R7P62!>kbsUaH;PBurN@lu+)bd`o|9-uAs5tcy{K-??JbkUQG; zaZNsKxfwLRbR~>)R_aJj;yKjlotGSgBeU)pjhO{+J0=w+%gcMXB#h_Xe{u;SrgR;Q zU>-do?^si-QwyE1n!fmhsOx<#g;|B|zU8`1_K7)@B>qZIi08f)|mQK94TBdpUAU9fOR`#W%?4N;OZZ?ba`&%S zCJ#I^V-kPHn#M647NNSvu|eWWwPj;V+|nb5enNjXi{s+)n8VoMGc~ zf_IK`{G4}4Pys*(H+4W#mHAiFTeyrY*oiMs!+R_!XaaL&BHU5fF)d|k!)$EH>Av5r zMV8NFTT070_>RBqX{QID5}&=SDs##*DA+xG7JxPcMF5&ZX3maKn@_80s0ZEn@YdF4 z@*^2Pll7(qY)MYVBp*O{`wX$Ri735+<3#ToBtM!fp9p*%*#Wz2>~uTx61i zPK**&77axq?ZSb=Zpw{<`aJazD|R1i_4ED+wXx=KDwKv!Z*%-?fyAA>nrOAV5+C!X z9IvsJ&nmll(@xef`_aaa7mwwIug*MY%}+; z#O@IXG_^expKRRpLiN~AUUJChDIUn8;UE6hFApeWN|l#1IGfi-6uR1@_v8PVKpjNJ zIfJ^)x`97;ihG`l#9)Es@Wk1f5h5#dA%6WAL#gUTn}VzE?v0bQh`MLtS9-*7ts1BF zJBi4mcKk^*icKxhy}YqW7HE)xW*p;{j5+|yx8r#OY2~XIxAGyb=JiK<5YuI|4Ip>Z z$pN6uUmF0PKOolipZ(UnbB35+h0EG=yR8n(gTwdlD#tpe0r6Ep!oL>JqE_s9) z6jWo9xqUg{7~@==e-cfSTtCk?PCrh&%RBx3`06CUA``o!FvQQz3~*UFNU+H0-rru~w!O7}L;gh@&ua~{j&Cpl$Lm52eBt=dbLe24F2 zA3|#NMF}o7am6Wa`$-uj)M_|@_+7){k?1Qu|HF^yh59xG(;p4L^^hu#mrcYUS7=YUL%TcBy0ZFY8WL|vf$Q;*i|*Gu9rA44~- z;k8pFk(|@6Z)Pc7J(OJ8nOB&;Kt9nwcQhE+LtV4!%&4szT;JR}An)>XG!Z4*AZOg2 znCaJ#NV6Qufd@ghwc^EMLb~W%KH-{a1s1LW`6dDMOlvnXc*YI0W(>l9)(9SBG?MFvX{NIXUgJ2Deh46y#y30Edb<~6TErX5YG%I#1iUPe;|G=1-cu zGB$8H^JI34OY!-ht;i`K_vAy)7;Q?g?L6$0A6BMb3=~H}RUotU0lT1S^&3C#X?B*Z z>u7+0l;aN_L@H+e`m&5_+|!VV217cg73Arm)_*Kg@N`ORe~Eu_?X@So7M65a@8Xib z8Of|JAvx1;uXK#q?$@%svh)z?bVAx6>L?S-tWe7%m-UhH$@@GuuzrZ1QO5sj;Y)f6k7UGm=guMQEU&Xln z@szl7#X_gXv&E{Etk2&ZwF%hV2wTw1>npIuBb+Xg%{p{S2fwBs~QB5mpE`LZky1lR*z1Q^JUgGzbrBs}gcl$2yXj^&|OE5N`eXzkfHGQpRdZF5-96M124`N&= zpDrKVC7VnRN4bwSt`sj!$8~;s4WJLk1;RlVCH3oBOb@&=1%>&+eN&UNZs9J*Vy$1@ zUQ@)^>Bjk=j_gt&V_ucDVL4r!Zi;|c5b*(U2sgsYDY1X%)@Q4dy|3V})Iw_2YkL=b zDjX!2m5Y0VA)MN0n-oR0ucv%}?wo8re-ifoSc`+pK!k^hI43CJGt&UfH;Jpv3WMjM z8is%2&d>O}JD%|-bMbkO?m29`rW57V11=YAyEunNvFC59@nfk9;O0V){;(?Qgvj5b zJ+|T&KhiF&+v3JA3T-5S1*WF>jc`65z5PDbJ{Pl}oN`n$Q%zCkcFSUTXa{;eUa<`z zAT+>h&P(5HS^Us%%VXPRWdIeD2XU(_@*VZf$4|H!OMlmDLRD9knRi{!%-jTUKL*&o zGOeV%gQ-;Jb-?)5RK#3--Mg|xC9%2;=Cq2LMkd|?fU;j)^KsZOd1W-!z7iP66~Ge< zJPK*a<8Wi?hxB(86M0=>`dJFwE+k-Cb0dYVK(9IP9pJ}NodaGKY^Uc;0;&*s>k2h@ z0Q+G)b%no>oZX~>w`zT%hhR}4=m@*K)^nWts4uat*G^*#mwm86J001+#AJa)=a-ew zy1Tshb^t}wB8ko=68;V|AvzNV-b>_;J;OLmi35S6ii;ilAZDhTfBSLYB1z~)HkQ*+s}HpC6Chgr%7!4g5SyBH&jggXI%tHPJv z?SgGmEMrBiFK8-qPM}K7)qC~7Fq3%!8{naT0%jZUK>CI#N*s6q(fai>7TLgyZ<}q> zm`&#LuEaqT3JrMRQ0)~1`uZ%@^8$cp79{#utN;M!^AqqpW}CzsCa&}inHn$mUAr2^ zJMf&HI9DwIB&}vWAu4<=gIb+4+TJ*joS&a2?ViqYHha#i*w4A(^2*7el+nhAt8%b=GF4WV&LS+AfEX7HuaTTGTdqP zI{g4Y>J~PqYIVOa#W!R#a<6{fZFIC{YR(sp%?js4-5@i3t-___aqXTLSR=RY4C6@G z?Iy{-UgulC)d9@hPVnQWw9Rp&^rxvqGH?6G!K`w=%j_9(qI#g2!FOp=7R9r39TN;- zv5TUf`v4}#$3dM6zDo|EI|g)}9|zy(nD0^+K+GJHp>lif=#@o1kATVEY99xoWQZS{ zX2pr@9tX*kiNW8G^)vhE_qdPsL4EXCoX7g?JsBg7ck9e6U3>y&S-5m1v_GEe-#(a; z0bg!61}$)NlJ*>jS%8jOmQ8vs?n$ay5cg|>^R$9?ovF0yPb6nW#}uXWF#=_#rLW1J zieS!QKJ6sjhKKD6&Tl|AgWFdign;G0&)@bsJn(>2-v8|>-B!NQsUB8(!Y&V{RDYC= zT$Ti>JsF$b3aCFBKNz2AtVUINhHggAfqDmx=RiLO8f>KbLAOd=m7c&SDnjrLST`pu z+^z^rl!pyf({?BBrNlZ7{wbZY$ZWO@R1g;N~Y3V9?6vY-;IF3TXW&X#8~1 zVAH51gPg%^Vd|-3@^H~`rgk7^p#!{$0nnCrbNn69=pG4pK=}v|{{o|8SD;PFRDWW> z99wFt0i0pK1sb6;EI0Vl4w?Pr<5$}jItANYwI%Pg8-SMb-nbfDy7K_+@~#8kAv&l7 zBk@%N?Q|WX`~Drl)BQ;ID2xxedkB7j1Qc#3o`Y zT&M69fGjG9UI86Ae`Zb?co<{@K=M_yqX4*qj0J zBAD-}(`GF*u*!R2UIXyo?L6muXv^`&fLaqb6_(ol8h5Fi?wnNt*^yHvvB~Oq0SNZ! zNS%MY#j^tQ%~3{Of^zOeh6*15AidSo<9D&6hm<7HT2!62&KZEG_eytc4YN^gvYE6> z-y7mkHEW%cEUH)s;#J&Kfbq4yTdo5vHv#``d%Z`iI4$c@%v>hE%1RZ^w!gWv&*U+s z2x-2dq*1rIv$D^;A;*C`M)Ze~3Zrd|nH+JY-a^|khHp)g3gy_v4S)*M%*jL%?eQr; zNnZx^85&Z4UIBTI>If&BS;;?hDx>_N=_>OeN&4&P){?ny>6Us zT7JK7$Nxzf#wd(X7Q)P6#CDRm0&Qvp&T7hZ*y=j_%2QrX5QkY)gZ1z^-y`p5bI14x zu&wjpf>q4bkpP(S3;Bn;@Mzx^h`eTKxIo^hC<+@Qa!=(joM}1=8<@?1rf)RDx!s;c z;^Ai~I4g84wmR|LIfASQfosemZfIofqIprir&s?>2NW-DZmH3FKm|R7^43FUQ`u)W zG2Tbw;SkvVr+<|nd1#huHh+BdVJ~g|L0o})cHzU(CYp)9fkyw*T4(N4o$;u8WM3`9)HIcaXzhS_% z+y3={;`#JZi>p2!wNN5B9?4$0xaNtEY{n?lW`F?ju+C%uC|d7OUwk})x$(>hWoeMn z3jw!|{)!fg=APx_hTG{!e*F)v0(x2xrs84~8%%VY%DNd2$YS>M4tihPFU;$mt-sd;hT0H7eq31YBx{KOlE> zVhpRba3UOb2LGiWf-AKVTXHyV^8Zd1|7%L&&E+W&MCfD) z+l6-fMB9DlJN5j9Mb$?~YHD!bkbt=hVTs`nJ5=S{?kC2Vz(t#Y@GDfD9b(3A{z+B@ zKByNcv4^mj7g-^(v6$8}(mV>`*FI=x6)~}~)d?jL9`xg4 zoMi;G*^<$yh>J-Zqr)Zt5YVhvB(a+ud@YEUk8_1KOg4&R>_L!zFyrQw2vjinD9;JD~l?$%hAl8! zh=_KH!2Q(g(19kDt&!zXY00hK>j0N~^OgDXIIA1%csR@fLP^0F1lgG*Nc{695zI6T zl8PshaG~I7KEVJ-V>4U$c|fVUY6Jtj&rx)K)EFX1Z2Q@aFYWyy1_pf4cDAy07}e!X z*3J+gc!Vib;F8q@rK)D&N@h_|_^{!plZ^$XbP#Y|xOiNa)dm|n(-CuT>X79)UAAzU zkBfvUbU#&y&&8oq1ax-GsWN^wWQP$%-3yp`>REpvRb+Wj@muL*b~VvwW0CdeY_6!e zeki5&E37?VgHNd!B;X-#*6Tp<{R?Ea%MBu-KoTF9k(Vj#u~xbDI-uygIS}cy7Iiq& zdzFr!kf>*Qz#zaj4gDD!k4!#*ped~0Fnq|yV%{=qM9TV(1xeuzm;4~;0Lp0??S|6Z z7q!|M(Go87{S@|cdnt(V`OdGLwhx{ZYkdVRu#ZD0soPEnO(bOe#99Kv;#0NAPGTDl zvqnHCti1?U(khTmE=5R+rQ=ChYd{ZbA={O{kO)RF8aPl5ZcqOSm7&%bLF$|5G#w+{U`$|kSNZJLw~x?1#S2!#ZKA_&HQx4oY&X7Oq!aO zLK)!l@C^e?e4eB?-i#_A3PZdEu9?b*KkYm9M_!k&nr-!Y&osf5qH?6YxbuUt8K3Bh z+%apizBMA$xR`NcV5xuzco`i751u)r(MCuZUyg*v;(+>=qMZ&{xtpF%g}S8~O%?74 zg-fGWq!(s@AbeXBMJL_P&{ed?=)!$NnsMvexZyOtKBT8RA8JnP7U|@&MeZ?@2SW* zOaIU)3z(BiCcS*@hI%+0yR1q#XK@c2eA@K|Ed3;ECB}zUGz*EPztg`mYp%zR(fFo~ z9CNosNENT?rSUFWOZo%BMzZS{elojm=~y^EJ0=sc;Soi{=u zmh1dlFx00w=aASYw;VYI7w7jG+9Cb%Z6yJa9@63kMly#%#fR=O$iwgReUJuOiclwb z^p+Ga^5mUEQX1~MD7u8-@b7Tv&M*9X{*4}EqEEhl>E;~aZd=78`6RhJ%dNJ5rYFw= zO|6XK(2#ZhVh08}p8o9ml?E0P8PY=CFkPswrA7QcYkc}io*9|QP$b$b*_ZCiK#62;7q~}`b3vao@_tnDi?Jpr zq)y;9)K{js#E+w@Ur-u}BSf04GVucAd!=-~pk(rXrVeEat_@{L3guidVT{0^K<$-D z3YG2+uZ61CfN?_4CO1w*7woS6#Pi`RlVT>2%o1|H#KVr`jttRo+F(QBOy6z zNR=x+PL)q?t*FPU@Y$jtJL|gwB!vW8Fn@}#)$aKPi!IlPCH2-}#f&W%cLzrd4U6NS zWF7Y}F?Q?(Q8Q|L@@T;wcwrweL<;T64HYm2yD!hrFD6I?d05IrdM2Ug}gKoz)@{0lTGm;|rhP$sT$`$BiDr3LNW0KEb z9Y_i<_~e_flNd~VaUCB=pFcC6{On9;@TCa3NO}CKyO!i5sUxDCR6jaW0#rH|K-6T= zhry}Q^Nw*a#jz?@4v_W(>x#@7(15$LXsRDrIKmxNgT{#A^bruBLqhdG@~YxlA3(9r zP6UkNk+FL;e1T?-Yj>;arRc(7{&F<&#qGRP{h2RWmO_^~#V5rOQrcphB`2I@Qy|%K z?Z=N0{UkK}rK(uhQVc88M!bCzDK@fNdL94nAajA(bX=yh@Pk=8x-0T8f9{f^B~3-J z5UK*ynuH$c5K>~qD$fi*EpGQ9|Fx*5W8{rkm^5HRXs4(WLLF5iQ*8Jw{`rR!*S}s) zKE;KPqdH`bFBg1X)62E%1G1?@mLfe+XIqr3Z(!$Yr{qPkYnvMQz@UotPT5p5>)yr< zw&(oNqdkeibPnLVzu9;^e;#KHNl;@ogMTl1cUA{)5xi*I+cnv3_N3ye-`U+ zaER5@T9<5#-aWn7bn1selRt!0Zx7BFan=hbTF?0@HsbxaC|=Vz&E@12>u4`O*K%Rm z*1Ba=Q(Qih@NO@24j+JrwCszSSf4R zZ!!M)SXBQ?Pnq~)(I?{&;uB>@oZ%nhDThmxloH~&&e^y$4SGXRmd}tEr12ws@*bsb zWR?#+(7A(8UZT|1&JsY!evmptXKac(NN57WA=LIy`a?O;UqZC8y?oKnkViW5*92=` z2Qy6=co!a#W!h38B@82;uqfBs@jQdkZT6sIc_*AXFDMkUaY^H#phuC&1$;uCmB(H< zFN{-377b1ZLY=FIp6s^9(gh*VVM4WAL0zGDK@IC0y=ja7B6EsBqjkRLy;~9>G8fd& zd9fyE&Hxxvk+3|dg9Qv-cI3*a#2|&12kB&2>%Cd0yRd9WFUVP7%e47A!BMP9@&9MD zN-Jx#H|=joZ_sY5?b1@&%{wDgjMVJ@yUI&wKxKi1;p{UWpz?Gf4Be)X79qJx!si3} znKtb0R&Ux+m|@G^RxkIFZ&iu=FDWtoo-3W4>YO1A>Jnv?=o*%H~UP-KKL}sE=8qNQQsMmh?x@cAXkg#{Jmht9_v4@RbQb zgHIM&U*q4D{^;oR9730}nB1#zV1~cA4IS%#zA(K=K3`fo_s8c^Z*@zo|~Z* zauJ%6)f>Gmu@I`cn?P3Ri;xWU14&Jb9hT}Qn3c5Fks{!;w0iX9PTKT$fs%=1IsL(g zf{WRVqTvp`mynX&-f`5QyB`W($MqkY@{N1j1hf<}CZqGO z&R%(lIx%P|TuertU)iCxl?Vs_p1kG6x@>MDjlU!J8yBqXi{~Y6nY=M~p3uomsGS@C zeWU8c#eH48DlBUCP>e?^wbH>;)^tdw~v*FLqOvMvL2EN)#8Q68<%0=}mzz8UN*IYVKK@Wb|Q zCTH86P>^T*UYxw-aH0P9qVU<}H42)eu%E|E8YAACgY#ziRy=p3lvG%O*SR6WPtdWY zfF8J%4gn}L^>)6S|1a#Pm`K;Q7FH3vV+JmCm8@oL>cc}cRdexe{J)E)bu{SXfh+gt zHhM?2>d~2lojnf+T+#DIK4JS&n| zUZxrHHnxvm(w}tJ37~J{)(cwiwNGzEk12p!`4dm$b>^w`#`JHqeXoJ*e zP0iO;L_-QEXBmg568MY^bP5qil|lc=l7_P=nV0hl#>te+ z??1ahQK><)N?D2oZB3*Mt~1!P^UxV6MifcIVz>vEPh4Dtw>Jsaq1q)NrhxeTtFs|S z$x9Ey43wv1bQ6k#Xr#lARcfy4`drCa%Nv4>@dAukhJU4m(9k!nfz#AEaXVHh!&FC{ zt>t$s>%>R2OjpMQ8pd}zua*p1Pt+q(iQHKU(>e`wZ%vNRZ>ce-reOLjROKK;PsFcS zwo}lW))3fu+%X?SF>KYKTh2S^jr<_>u2iDL^cU!4iv&O5S0+T=_H-=4g7yY-SAV}{ zOFW-r!iOqO41wD>sGsqFlC}p(YTi99e&-L_HIuK}IZlsbc;NP&4zK&2S*Z!)bevfH zzMA<+Pj@Pro^iE;T~&x)l$lZ2yp(W{tus5;GymXmzeHn?a*U*qJ26RP|5}Qdzj4;8 z(T2f!OnX$|5Od%#!u&nqBSg37@>3B>zceED#&aOZNwzFO-jdA}jA$eLvTS*l;a%pGZz%tZVL^t*!&%0QWtfc^N%KvYKNB@` z5}D{kJ54;ZTDSQN>q^(F zt(nbhJa0#daMsE*6IXjdOC20@0eP9k#W(dHP4FQ1jnEY4QACMMl=+t+a_?FJAocg5 zAG_c!|FT1qPvupkJS4dr!|04W)*|Hy2StjQ?CrA^*ta7{Tq?nPL#)~Io+);IeAdWi zLyVCL*VIr{(ru%Ee#_qF55k)gHD$ae?VEPVRxEhvD1RCW8-6`|$L{iBHikO*YWB+P zl0m+Z*pzg{Pz(1)GqI;d>g$NT+`l>4!m3HD?M??5nP0Q2)_=yad*tJfTj?Rt^N@a0 z#64?q9NQU=pf(9#%eqqXCze064suBV@FQb@3g< zu#!a`fSGIxNx#o*g3JLngWv-<@TyBOebd@H(hOkch^GS3nuK3wHYBgSE_(LV|E|qS z3~YbIYm{I3mGZ5%oS76raYX$C*o(s7ePh5Y0ffAt>tBi7z5lbZ#w#`xt9UQ+6J#_Y zwYn#-{BKUG^jSE7$NTC zy3YN6Y}L5kh6H$zbh0~Ijmi*ioa>L<-x2OczSjIB{d`65=smNyl(@vhvM^>7`uP{b zy=P3W=g|q}cLW2~G{!|rpXlRZ?r89z>sis1qRKfHY@^r5SWpYqRXFwyfMV##f4Ul- zqH#0<8x;mJa^1CvKEkv;}t3 zO-Lzp_T5IILw2WB(p89gQV;DuuG_%nQiSRE_{e$!sfqD;*`P{KkJy7nVO%eS)kv02 z^3X`n@F4ZiTHNwozpg`^0>G3Zne9$Yazeip9()~oW_}RO)cyO$o(8!(IW}1rJTy!s zEEGCjT{}>Znf6&^KwEkL<>SO;uJT2)y_;h9bc}LKDg7PBBb&pCo*i3MNePFUn^WYQ z2#v>mhH0O7EKuv@ik#+E3Z3|ItaeGju}J!pmb(+859|Cn&bL++z50BpUEu~1>FajU z9#ac-Gcq?PABp+7>tm5sx!S~oMTo7nfn1Xb3y8@#MTfNe!}WZViEs3@%@k_*J;x;@ zf!7ep^ISxVe?DVM6JFa1%snmk6@l$>eSkb?Eh&fN23Fpf>A3SXuy(q6`oWTWUWeOb zyTu>1eH~9q)JCr$-~*LnwVPDe%eDEbt7zlH8V(}kEtiVhcS3{Q;__ssLc)xQ5pI(L8@1svJo|R4(S(X6` zpu%27u1W82Zcf4tGs&;I_rUaJQzxco&wS1o;F@?0+I+imSZ$=UE`4Ipy|pNP@{2Ib zHQ>Pb`D5UIf&*OZn6JwGU>3T2y*^XNLijZ0n1li(km>-HE8Gx)!$kB*jV+wbBZQ65 zPC$yh>hr@St z659>5O6esu!cZAcVPBEGJlFJ=W`$x*pq;j7IQxeV3);W_+jD}RG>jYq$=}DJLM}rO z78&Saeux9(+IFXZ)cW%p68VCnhH^)#mgJdzY;nc_k{J-0H`6LQx|-3?73s)J2Gb_c z?*@kf3pIjXc6vXTKi9xUXLOqa9Q;{sO^c^6<2b-ttGsP(V@C^YHh306qysJZJ0736 zFm+fKo!7l^oEt3iG^2F)GesTtkb|nunyb*m;i&K_H*hE|fxoaskt-mst&in5VF86>oam@}m`SWW0U~oE;NJE)xvx9}*uPdL&8GV8yr zGzRKdf7&%|e4lA=Ia`c9s5lDiUszLKSEt1qWmuj)PjF4wgb&&iEK)R>d7o zL{^jb`%0cJf2Dmu$ay_%-MkN}1Y}`~YyK=Bd{|AqM3)7#3wq{DPrT;GIj3cMMsKqZ zvankDJ8FGSK$~hnm&Tu}!%uA_ZHY4EassZEcE~rw-|I75ijQQq>T&!QQfSqjP>CkP zC4TVA#r-{Ysix3OktdOr$gUk&3IAD3(arLuwT8;@2Q?>E`cF@~7-`zl$UM2^)#DG!FurG$q z)Jr!GoBmNWR&-cmFD!Bc43-=Sv08}?Seq`rk8(cq=3Tj4P@z>ec9B`yDQ;>buJN;A z6K-aXSsEBnZVb@qbc#|;mo6Qx`^k-60sjifq?awuk#ESJDIYq??hUs*57;9%cq+^%g zZCyd;ngD_@H$)SN@sU@4DoWgYu3cry+8kW2>jx>W5K}d2uD;WD+UG6US=eorD;sYd zZTD?H2a9If0`>RC+UJFUwKM>w8)rVx$Ux%e#KPb*!gA#|R(iH|VN>@?bct?rWi@~hM_CP?-#0VvhxmJUA(v7kr`EU zOb#cr)5OJ~penD&P8Jn@G{V-ukD(4Nk7jAu9sf1J!i2Ka2 zQwo3rvm9<;92RK-wXww)jey$N%K*7v<7Sr;%Ufo>9P|kO4M+q0dxu2~@2)3t@wGe- z9Z1LOxL%ZHfi8h@y@zhf0&7Nv-}B`EJ-Uu0@}?J2mRm5{=Y7ht{ur13WmzuUiA=c5r{W_NI~vjg-(;?n0gE6| z#o#umS}oXK0@TaypSw8sO#z3N&|EAK`YymyfJ%&(Q=G4vmB4O5)D&W1E+BWY`3NWm z@PTT*5`M8>j`e7g0TPE|0UNjl2Pk1H7ri0cs(u}2|C>hC(t%2Bh17qLn{4T(*U{8< z5G#baI7}X=W<&GAxF=)`t*?@@Q@KXw;}AVEOHKe`}Lv(vo50Kl>N~t zm9x;5>C&XfgZ&r%-;z_8ZQpAL6)(GZ>QfAtC7CLYuc+#IY(kNQ+~k7d^_TD&hT14{ z6E%{CIMT!|m8emk8#MPC%s%eL2R@BQEc7z#KK-!U2rWSK=~w5I3khd_h0~db+pJDeCG}yL)03FFlN+cV+-tzI8P$M z3kZt>iUg)LaDj=aZB#R>OokR?KGJMZjWb9K5{f<_CJW4LEPL$@!=$G!eUat$CK9JN zF&~C^f!ob~1UE3}5auRsE03sFMl2*M?rC9Z4BcFIA(~DO1!d@~`=?OVuW-S8)+Q85 zotskEM`W}ArW8R-^8jwt4JQhaCbL36s{2~}A*Xu7XY{3RdMIjv_7{OFHzItOx^+fa zV~!=+w{_J3p^=KP-LwI5OU7?;q-AU>Fuuxp%o0Yt?}^m(Kpi3NNK0?aAK%i(W8t!Q zXVz2$Zu2cwzLmMs^ZJOmYzwn9V z#8Tq1d$yb2Pd*P-7x~s7RFd1}S9`sILV}HtUz<>hREm*`Wz|kBrL-StS^F(B8RfRL zOsHCkZgh>H_QkxjzYId762`I-uX@b96Q)f6$VY+tuXzkLZJ4rw4|mHprUGKIIe%v%vOY7v{ZH|g+emy_{w!+9oblC zDNF-20)_hRl14b@DHpPp4bvSHXa|~NCuG~y`HC@W9j!VG8**pL*(EA&o<*`9ONnbU zDqKJ|KR;Aba7T;@8fdV$U}oS^%5{dj76>}bTaKj~klF)YN*r(dQuWoBuib}ATO0~7nASS%gq z$-alY5X+&!?8nN(yQBiYU}+VP_NkZmwH*S2-}fJr zCxbyx{DD@eB>Kbyiv1EZX&sWUFeoX@30D2Fwy$dNtr`{~$$O2^)obBdg}@xPW&$3S z4ibMulyn&~OgPO3M#1;f<*(#+Zo{4p0S($GOJag*yXs;tXOi5qGOu%tOZDo4>gL}+ zymuO?`1nyZzN8_CQLcHx1y*G7`?O(M3e(~_v|zi^4MyKf48rsQr)ZaC@BM`qRn~y%Z23@ipAG+w>rZw!CAz(Wq z0MHsqi`RAmcd2gKzQW!e5F39t(r$vb)w2~C|nQ=q!i)jKv!+>Yel zFTD<0*qQtVU|0Vrb0cNUJS0>wNKTDCjPlhjo(ReFBjD7int)%|9-3u_@4TN?CX^NJ zNgeoir_+S~wv}*9ZI1Jep2T9O*rfh8HCc3R&R!i^4f*01^=ptT60a&77B&6?kNUNj zA%OzBC667C0(*5ueeqvcpb_159UhHb1l5>|Me@N&*v1`3K@^w!*`IZaK`bdD1n7_rYE9lUswNrT?A}t-( z(uQ76Rpnc$^V~JYIaKw<--T%ef^T9P)^RBIygi8r`Xd%3>7RJ_;=XgG6@<}E#GI>c zruQ_U9z@N%(L`HARL;4o&M*@W1%JeV; z=;ih>qg~@|Rl)u8fhdZ9@<9TSo=XsIpCXp6ZV#B7tB3#BP0P0qwRxQ9UJJN zG|F-Xp~FVOTCl64_51`3%haikeLjmH9Js z?X~giIkWm%9cBmBqcJ9e=uZ{0pA2c&VYxM;gVTskFP+mPw=clm&xv~2q}1^EPhq*m zaAt4J>sk@C?UoM=%={X@wC$p2bi#?+K@cIiD%v86+MSReeli$9euSS0;KgbWp>0R{ z6m3H*oVYexNmDJ#s4ieQPVQEh%QCOKZG7PKe>A;!Kod{%I7~;Ssi^c~1Eu#45&0+z z0xA-ElM)dKy+Z<`pwd)8S^_8_N@z+6H3Sfl8tF(&s3DY40wnbJcz)makL=FP&d$tU zw$0w%%u>G+z$?SP@MA%m4-80oHL0TOJBaNuyN;aw7TQRCI-t;zBi(|F_8tTl$ErfnS7r_ zLlIRhmZ4!%R&i2|@h0cBp||dTwxhcZC>ed3NoUObw!}-Dc%aDU{Jr{7!iJ^4Sbwj4 zysk5*p5cu!L|Xr|UAvM)8=axoVwvGb>HCa&(;IKbV|DnM-%i^0{9O2FZu>pJdbhao z(1~G*9DZrV`LCfw=xvW$IsHh;dBOr`@>1C*{k@e5HyIZCW-@{Ad25=>0HLfeTV~^i ze(9U%NW&|i2B>xB&s_8G_>lZxuOuX=#!2&hUy65FkaPes$rIQV9BWlmG>h5hW^R3p0w3^|JFFTVJhs4)n2)_G$0zxlAAsgAD zs7J(CeaFZr#}_l{#tYG$2bYs4v@| zfyaCrd7|%SE>z^CG>9>@+oouC%TX@5dcF@AE~+Cp z3=P>5!%f#wG54@H@8b>(LmIo{Cga<8&&~8Gxm3OUxXAPe!7%#hR)ZbnL2CsVqatD1 z&Ng3rtMw-L^@qp7--i3d(}_v(1IOaBCr{JVI~yPLX^Sp=GdMOX^rXBLEp;>6@~&C_ zBHPLAJ0X|Ug4Y@zNU8?u>P&h2%YI2$8jPqeai_#7ga%SY|)dPtH2J zxf0ivoNb<12{$`V=4yn@e?rISyv*vUr%fsztC#ADsBb+^t>%i?qKArHWhc#l>fPGw zU95dMF>hZ*RCO$*M81rzdMaq_y2HL!2M%08@3g|*#e&qdf3b?{?JHW((|)TY2{f;&r>m(;6ArICla1b5dOU^iFRCv zS#N#PorYy=jG}2rfKi5_k}Q2^+0BR0#XnuR*tDgZ2jA-I7gq$Y!_U;GJsTZu;7ntB zERahaQu*5?5u0eA`k1{Q7Gm*D%|$(f89c|YUXK>j+MTCmsdD5 z%a8D`(choT`7-r>8f;zA~$E(~!<&DbQ~h`Jb!}^>_Dbjpp#;yGtLR zV-nwWJDQ}lkG#97`i+)_v{=_jSkG1~%WEGpkz!T_9p=xMKHa_kDNJIX*W0@KfJj|dmzzB)nO%N2MBFADJrI6)JTt=7;$kux{HER1M2o3@Iq1XTaKdeJ znb>aR(PYJwX}rkyi619;Sb5n;TyoaiA{<_1p&(dl4CIm*Ifd#ZJ1RYc`R zn^W`g^8YTp6d$8=juxELUrLQ(W|}W0F;8?fH!>+*@hF=R2gr8QvWG}`d*bbc{%L&3 zhj!??tm=Pry|?WJ%=THo)p+6YBD-NfOn@NM4{ehsh*~eRMZX>dH09yQxzi;g28C@&LhX9_{FQK z?TNz+HYB551uy-r;p9i-cffex0;<&B^6mYJvhBr7Q{sR9mL>nfi?!Y*eSIo)3-FI& zci#>3%AkL6U*LxloAc$-l>Ys!qWNx)#RgEx)*;J6dl+%$_{&f9V=7ld_m!pNFFxxG zQ=ku8om+ZGdUNEdT;KgpMQihIi>6%w%t-O;N)*j0OmN5 zADxY&4AktLk_lJbAvSJ)dIQvJD7^!)7P!0&Fw$oOh}HZ`p~(rOy?+7zEI0t|qoxN? znD_PXOw-UIb?~K)c?sJXA+eGXmoZ1zk20;CE+b0{H$pxw#CDZ4uD<-Puqx-A3ZPTL zB!yM)W&?m&#=5k-yp_u^fG^OZ;lDJ;Sls7jh1E!Fp=U8d4$-=)j^_~nuHr(q#tCW_|-Zujflb@R>+N<9i_%n&mz!Bi$QLU@Ii3WN(S&==Bsh7*P z;C1b`4oJN!{_eZ`P;Ni2mI#r#k4mNgVD#gIZ&V1e4J-Pt#;HNgH^>s4t1tfz|sdgZHNFA z=8zs2mhgyVA3#c~1KC$C>f73HBbMEVQJ^IatAH)o^`w&#n);D7MMlTmQTVv;H?yy> z&(o674b9%XU(4i(I-}Cedh?`rDIMyci(Ay)%ND~dcNXlp*QdgaLNOCg1r)aHBGlSV z$|{rst;ZRqXEn+Bd?_9nJo2-(N5Q5`R@ib-`&K(sJavhI@ie_ALxmkfP0r<@tMk zvQscj4tXIsWN0)3KZet-*ZYvex+mIcPd}>c^JvDejg=N5uva>6*eo|p{WXWfZ>v^0 zjhEHs{FgDPLgu+{u9i=!aT>>IB++aZJ|3$6Z29RjYccVWe$(!OZ!f+-kZGX~o=&t7 zLrGh{p%5=f!<()=O1M3}4rkqSr63019p64W%4YcnEgFP9;jU?1!0S^0FbN+B*7W>yN*A$@ziX1dmx1bIMZks7fQ?z8Nn$Me1uoDDH-- zz#l2Io3Tx4J>TCOb7`B0xkwkl?NG<*Zu1q22|0SHz(Qs7rdD(CH}kK37RAC=zbaNW z=7C3eheh8Eo*j;-!bFQ-=ZF_J@^%LeBr<~wpDB^{Xu*=m4!*s@RmL1brJS)jkM9d&diFYfM1et9%)7813U4-gA{kX`oMf-_pS?I`AFEc)(o z{Mx48a~zn&bpA2**Zwq_J%7K@U{CN8Jg3?-rPPM=ztI2D zd!!DWf%Ta2%cu|M&&-$_@e|YwXEseAHE_J-+e=JN$f4J#qh01woNNIcZcjCHNAuN z;Q0nY9r5M#lwTU+%faT{N6-$5gdN`g&DQ(s4NX&5(!n7LFKc1S=qjH}HuA3xX!zyBnZq5h`u71kBT-y=U@oA83peaCz3F>9Y*oK& z8F9v?D*G;I8S#A%ykSE8PsmSH*57!@N9hmfyOJKvjeVJRhkMFc!&T{jLed^umMCk$ zI9wh8q-D{*d4S-iyEZ_LpOX2ysn*PI^c(Lb#0#7>&w^Z&eAl%4jY1g}-@i5^_nba) zKeY?`xTEEANUXY1OJKOZu8yaL%!E_O7>ZFkA!lx!*fqrULFA@hdXWiM&MYSqXIA_1 zL`*D6K4Z}%jND{_`?sq#XfxWDJ$Ugc201U*DY$rTnqta!n_Hip{f>}ByGPYJ7g89~ zmOU&Tf1hC7qr*0WQxC$^8S5BX(b-aW>7?q_q8YK`!tzT1;AEeJ^4JxVNQ!Fm}$+57t2 z?N=L|mcDub5W4DzPLd7`zY|p=y7fb$gQ^$)SMi!Qnsg9i0OyIIE-Yy*Ti2xm{HKPx z@;RK96St+|86Q<`zjb6{3anS;-)5VNygGJTcnAoWU0ebDths~y{HxR*rDt{`8;Ob+uP~)e&`>5?8qpcg=Tx+$dNc#1GZ0mpgPr+eO z7f|E1Sn6cgH2h6z+%I_L;Evhu`)fTYas5T2jru{0@RjX`zQcX35>?RL4MM?HV7((#pz`$>kuvIM97B(q)-0Y!G# z1M8-{vl-lSwb7l@nkzouzC+D_QZ<+5BeoiBreaNC>l&2syW+@>&S8y}pD^F7zR=-@HV{}4itM5*_a>$-CfNt1$sXbx>JKzUWjI4Pf+_!3F+X7VUBMu;BMlF+e zQpyq}jz&qFp{I6&ELZ|b@p)9O21ADwx}J%LE!zq`;IrYD2YUpIq7A5+8D+CkqBv_p-Lg!j!o z>!(T&X16r1R8hJ z<7UEyq(V5z%vIg!c_aa@(&?v*`5g)~YoVDhM9w@G86aQ$Aa3QByIx?s7S==Q2qVGD zY{j%r`f27z_v-_xB%-EBunkpFbA8QyeqOK6>tF4T;}N;Pf-Lld0HME!tbMbzmRdB5kHmhAV@Zv@?8c-jH3`#P;cjP-$>k(?||+;s2R%W`F#g4JM}0I&SkBN890BT*|Mn9dt;2Af}n|@vzQvY_xwy zUh(4RqfD*=ziwCs%d$^{{fucS^k3Q0Y3eoiKX^-28=WslwDjpeEWsN_Z%_WhXGHsl ztpx4d(MGSP$v?(H_C13QaMB0T;iqZic1pJOZrH(Xpwv7h7l5cf}eztLW3k^Hs=aN6@q#?#7_LEY@d!-Lj`SK5TVd{)KlfUc>qC#QA z>+w;iDox+f7FkIXblyeDKgzVOF4DX^s@b^>MRnX?(nf%j?=SgRhdRGDhM<1fHIRQ@inIo5GhzK9Ow2pKJfVletAzd$~j3qEyR%syZ!Y%!iq8`aB2}-`ikL@OL9~W)I$$Te* zquYf-8T$$E3#3B&9%xsC1r?qqm24y0!CNLxo(b9g3wjE@d+4f&`yEwlM-cxEuL*VI zoG%_IkX;VMb4BMg?G`A*RczF1;Kp}n)f$P>jzucfo)n8IPPDcf7=Hbh-*~3Q)@S)T zVYIYB-pYj>ROpQpqhfE5jK0F^1cr>hlIjRL1ti2%bCZuE*zH_(6XktBQE@A1?oq=+ zN7gph&scoFa2v;~rklj0xNoeq)h3$UNR8j;4#2CmCja_HpT618L^&Kj+YaA*D28bL z+yMKuNol!3Arl^o^<)(j*Wynmj_x{0m5<`rBVxZR77B-%LVvP>J+8I&M zK-T&s5=$f=j|SPD*LSS=FQxWU}B%pY8&YX8rp8sI=ntt+e2LAc90a>U6mJiD|B_p9@phfWhQ^>3$ewGrtmA zs42HN6XxIXrdB*310lz%wL002Pcp59n>=7d**4qzvEEPD;XYZsSp#~kvGry^h{rS8 zW;);Gbs!SBKh-yCv;@9Rhd<8>&q`nF#*tM1Cu*eGEeZTP5PlB#fJMEyb;zL*KF^Qhl>PfBF-OJgGa?neP#Zt<{c zB*GW^H9^?vyYTpT6)wD)^>7n5i1Del8T|2d+KPha>-B#@b~V)8%E6hG{D~EvjPa1L zL9hI>$D~}fGRd~HT||{sy-N2Msw!u+ZJ4h zK=h}0{w9&JqKQj3!%Z9L3{*#k&O7&jj3<`%C@1pg8snt0Ay{gn)&#ORkiE&cX#Mqx zW?0Wz6TCfSP-k#-Wjz5lYVFw&M+UL})7bWUC*ZICxN#!LVR9)YekYh5IXDm>;{ks)BIi_gs7WUgMI?2KZw4A^2Kk;*bcn}bxC=}FDl4E9UqOrE{ z5GA#R*nLhS9UE(Jqr09*nsPA~*W~yPY^Cs<6HcOxwb?5NRQ~*k)ddUit+s_EKg7qb z$k$PxCzr-v?RbIO5O~?ydg^qITyvxe{HHUmUimjcYc)rMNFE#4JfwnvXX-!R!X7E1 z^@j2ZvIR;f=VwbSUJ*Pwhp3FNSPpF%4zkwx=J{&y^Zz3m_>Y@&I>ZrO@DMzijI2Ba zm}0$(=2-Tt^shJx4kFeaGgD(BNG*%d(7NPU5_qq#9N-u4R7p?E(3JZ%xJSD&w7wAL zDkRsf=>EX4BLM3m#P5@dt8U4e``w|jZRTghOUoYcDOJREsU9wdxb|%zc%8>^z$5>4BNYE;Rd5C}7esnweLcjm&|WKj*_JTBrR} zz)d#RP0rN|z0j!>oPtWRz=Hfb+8$^$4Qz7Bz${ZW%ZRDjuQjhOCC16u^?-}EUZ0r% z*zGut^Q4`Y!Q1`}8FbJWcdanu%8&IkBQfp`wDHHJ8WkJBwOma8;P?j#Y%#}Rwxz(8 zu+6HgQ&GBp%K>)bo;7`n?yctj$iJ!^?|)SM4wc2I*mzZa{^n`hgdacdR z%UmG|8=uLn=He>A)Zjc7q6?x5r=SDWZU(DHHmW?+DCHPN^3?TAD-VAs*T}iIN&{MA zh=AJbM@cok>k)?2%Qc>6Zc(8p*tzjGLI%FRGXXIbin{%Gw}{*3EdxNIJSZ4ksR%v3aX;f-f$CTmTw% zVqfEu5F-C)b?~NxsieH?2p9ZSeu6N_ItmBz_u+XpR>oj z4!=ymxQ%DS3fExpcrQj6=zBFYWu37P{ZL~{em_s2+OVOvn+G9#A3cn{zeW(BLVq?9 zd=}8-Nfq6>7d+a93l+Z8lvCm_vPFYdZ&fGyA?>#VTQ@mslr<6DouyQ?E`~igbctZwIOyijIzGiT{aBkl zTs@OO9|{Zntw>Q+8>%2eaw&&B)Lx4yV@yU4Gb|kT%^#5?U&xQcS;X#TY|K#u!dgq3eI>Ff6io+ZKEtuXA(N3z$pv2 zHRq|*t?G%X6Y-)9M+`2y(>7J?TLHv30Jicxb}sDA@u=FfGR`VvO3)JgIDYW#&lnySgSnUMW4KA9X$HTP?dq*qA!y|wUJ$}e% zoCRuqN#Q`K;IS_$5Dm}cN2p$irl-yXfJCa`{{l#L&toZ6Zw{ej;_#owanFs-`z;y5 zQ-cNm>2qSZ;efkyO#^Yw@auR)^z5zmEM)_y9bvrR$QUuKZ)?yfT*ta#FJ)lx{7DFS zBC3f<3jGeAe0Gp`fXv$WZ|4f~Q#PG3t=T%n5h=YPB+3zO{2__Aomm1jsUy4LmUwo? z=6hF^=Q)|7g_I1X1^v0Bdsd(i7>mNV-36IllKOm^`i^W}Po}k7{eM-8Ivq{F3)RKK zgQOote8FF-L+swXsFQT0#A>+Yt#b2IT}e^rITA1Y#k8S?MnhWlRy6eEaBKnMSgN4= zUN-fISNwru!QA2MQ`@wmSli{SJxfE74#=GZ0FtMGOB*~R`HHpIT1^!=;!3g0_~VnW zqY9q>@QTuV);m)hVV)5y4JHL|MuG5pRaTlgxcplsYyOt(2I$d{Ld`1^fRZhM(=~fi zjqMMN5A8(4)b;F02sFIPton3?F9X8vg^XIb;G55hz=Vovni_6DcWgSO&C$3Y@7$3p zJ|*wD#@hn+1@iC#n4ct4{y>WpVqo)lvhNa19$nuDJ{;8qYRDv7^WayTrU@xT4sgiy zQc5APdGPI`h@rIV_cxEGO2LO8lRra01Mc1eD{xfH-ADMZ`?@kb1x~e-1{69We2LQH zUm>c_6!YytGmmYf;3hvVTYIHxYWZwa@564-5h|=+#6D>XnmQu{=4%F~jhex|>GjI4 z@Ryr9BJe$9+ zC(s6SEq&Vr10R|IbOS{=Eph1(FlZPbZ{~jtsY;_a4&!r39W?Eu9;d*!*9BmV(!low zKoH^I4j|YG$svd8?Jgce3vZGt8Q_;6zcj4z((FmXCuzq|>%m)l`ET@U zB+Xn$$cF<)bUH7o!}H36_2@vbNginIpr9&sU`xbueBi8Fu-BeTv|5^pdjVhOd zIU7j4qPd_`>WoF9mgf;)#~L51uU*~qIbv9+Lvw9#V2~T3BH#Ryn;WSj-~S%|3FwSD zt2IW|Bk87xH4*cda;SXng@wzQ7?^2^@?Rwghi0!;tIkTXV@}m<4mrPV1fm92EXFu~ zQ`G6H>{7+^iAZV7cay?gEf+K=fb2m38ROVppV(;9`mmRdo zj!V`23?^Pe`pU=OH~o2N_)!^RG1tR4 zV&NB4)rW8_QHDIw^oyxfhTIBVWN!l>t{^IlD;C+y0HNl^>aC$b#c7E`4r3wD@-C8D zVWM5tEPg59CC^O1Og&&b6Ua0Jw(C->RRN_1Mi4VbkiLy?mrumRrL&6n!-3vy4YZ^} z5i;gcm4-&{ZUMe6*VX1)HNl5(jIE}twxts%uHX^Fjl>Sza!Mj3U|n-(1LM`VT)n?p zp;0hrImIfbvnrqiyt`s>3$$NsObQ00dy{g8Jt@7GQ?anaVzQp3iHQ2%!5;}+(s1~j zZd1~jSaqHUzyTF;i3X3&jNK5P;RHmiZO=ghG)o!@CWkc3De)0Ol4&6a|CAwo@&82E z19;@XW-$~k0zzF!_ALWPV#-a0{#vMm7E;)Q!iqZC;mi!`JIpp9+FYa8A52X(+YLj6 zmhY4aq036Dt42vgsujLZ)fnVOdKY0V@(Z^ghzS@cqmTQWIA{^XtctoLj2n96I&znc zp#tjQ4;G8btcp$d&?5dPPj!4Eog=_OSXD>>2xxwtNQwW+JfIwG3lON=7;6X#U_AST?VSjuy^AA>ZNcP)kUC#|3Z7xgnuKCn4i3+@Leb}4i^aW;0yzn>nu#|Y`8N6ww z>K=MqM58BwH)r7I+A%512M8>hEY$5-0Y|#p?l`_{@;`p*ggkOtpn8d~!w2nDkyQ0C z6aCd=&A&&=1>$m^f4OEo&-+88b`Lz(afs5R+-GQCreWkot#o5 zo3cWd(C;t9&BUe6N)%9wDVEBEu#4gvE`eXoT*cMbR&StsejyaPf6bPW^9w>97SAic zqFIRnBD%5aOH*2F0DfaAQo_cBR z_G2!;ATjmx;44}~YRkMa1=-(}cod!$>+Ls>wZJZOSt0 zXQQTOZU|T5!YX!b8p#b*?K>O4HdR~K^Jlkji7`%q*=IttAaBjqX&d6P4s^!_u}d-4 zjiwso(?}kG`Z2Y0x76*9XSC;f=CT(g;A@7AqDG;c>+sH=apOd&ZO0mekp9E{7Ex## z(5F{w9~5K&o8WINvj8H<$6<9VlhvobVKGVoy=QxoSI|FBG%*^ik-a1KN{v$^YUZ!H zqr%&{+~oa(tiRWWHv1264y}3E$K86Hbo9i*`|s^-i1*(gSVAu8zE*T}Uw^=al#ko_ z4qZthpTE)pNBx;SO9h`w09JKo0CgI(kDwB%a>P^Ux6j`a#^`7$Hvo7t0D!{*>J)la}!7cbrA*i&PCJ7S^c?Q|z2|P7Zx1e$haSROQr`+)DzP;bp^n9D}1z zKws9Lq$H{>8S4tNPIYculKN7vM2w8917s@!;jg1H)0G9YGN*+%0hGYsoMzo*<74QM z6aUO-uOTP6U0l{<6}1-wXIZC|0nO{JJW&D*W&ptKD%FrNP)v36svaMa1|LK=p)J;k z;6iCWZBW1VDd~!QHRP*4aI>gq*g5yBMWOEgSq1{H{T>1+JhTlS3k-;+L7)1;%$05S z*_HO}5u0Th_e8oA>(E&!L?!^OoVL8sQxIyoiJ!|~5O#<8lwDR`K~zuo*>nvIQq?JG z2gQ|BCTj+8eX8{)hybi@BL0AnHR`h<1Kry&0gVA6SqVaM1caD~OSlXn^u^ORff zXkWn@ay^|>f&&4(YugE;7^11Bq8YRbdJbfd@%oFsa}BHj}i`LCy(bA*aPkq z;0rICm%$DmdjwU)z&jWDy9x9u`UAsZq(c92=OmSZqLo5qC|pA>EH&>H&8}d;M_Xll z530}VTIT!cJRbE-gKUUKp{X3=>=zH2yyRl9=mF0e0DZ0)%02V#>q2Cukvuu z)dAqRWNOK7{~y5PhyNrBA^e*vQFto+J|G<7h)Jqa91dz-2Rg6>1*v?KRB5hm*b4;r z_60laNL-M*1y5uWMSH!=>N2Li=Bf+TDm_kBrM5zT%jLk?^p4=g~jy z9D9G*bM~O=n$j36$abWjF!0lfHtkw7rJzBT5fp=yQ=`V)35zn$_=JFuRh%*QPaOJ8 zMwxsBR+Iq=cJ4d&8$l(d6WpIjqEII!*w2aAA4>V7JA z%%Y5IR%K+RWPbvfQHxcX+S~WdDw3k0Wy@N=WA${97p&*)8%W{8R1QpAnEejxe^`wVdlm_vsvh~!i(Vz2uu$_D1s)i%K0q_MDtO08Z;`tJ30nCi(a_ zE1jLw{o~?;YtL}I);+u5U?Zh%t8v{DxSpCeOUP3SOmFivqMAmYX8$z?3Jc0nH!8Sl{eI8AEQO*cFlfR-s>incWvPs~!k> zmE6Z&Ohc&wCSg&cz>*yC)z6<+F??aoMx>e;ZTahc{eIVC6fYiZB`dt(y1Xd&Igyf9 z%q|?Zu8)=yg4_87Y>yVFFG_74CT-t{M=Hx<=tB=tQR^jn6byTXd9y}MvmkYzU0DCc zq2|9XFKO}hYS{a^!1u#q|L-uO9<^2(VrVkzGafF4(lPNHKXd~hcBs4kKy{bj-z4!h z1b#hwHK_Ok#&NRzgcjORlGYro95M}98P*!Jzxw`e_V2H<3)$~EN3&hBNgYtF(O$R0q8WI!Ze zk^g3xK}XH0eu`ayyk`J|jIPsBAZXY$1bm$RInmk>l>}XgH!CUDSx|tmmv8^)4q<=c zxpUhSA)lLY8E!2u?OAfX=vxS?pER)6ECf|-`-c^R+`S6c&H=cV_a_G8($%n3z_En6 zCe+;8$7XJRhF_9P2mu^^*X1S0CW3{1ky`UsoAxU}*DCXyEFFw!c56c_d~fuFm-tt@ zkc;MXicoY>3u}uwiv&u zJh_xF6pvzFkt@a0COD3S{;mgf=N`F#@VbwF+!3VsCVF#fHlK0@#qJf*H8@hQ37snO z%8fOZ(JuC_?cHma()OvRBuqi8K58PoRukj%sB9bcg9Bk2P;JE?%Vt}?%?gHsIjt3_ zIHn#z=$6IPETaH}hak)?vipX*v{hmjF1uiob9oX)JnIq{2KkLU7Ya$Qcy*vK3t^^O zhScFZ@xbSJI=RcX6!@paovqxL9jjUX8j?$S?I2-+180C114wy=k$6Nq`2w(S*5g|& zCO8(#%GIU8Zd`|fbN#g>gO&b&KneghEMn9pgAo{k2=GQtHhQrng2BZPd`AO$dE0dE zO3vl&ZaE0E$+FU*&B{a6D&^GNI!?5PqdYmhF{$(;=&ck=iACu1TuKRhB_>tZctR+} zXB#+;jXrJjc?i2Wa`CI4BG3T6Q-qw5SXH#6>vSe>>AniIzV#IM_Ega`l2g}DsSG-F zR^2j*OBJsQ6=(N;!t5cDcmzj z&q0L$_I|Yg?JaG z#fI3b-1h%sn*9bGBICR05T}rMY}C9SVhC>r#!Xw|#PgK{i`ngH!(uJzfPGyk zk8@z>wx8{tt-zphKYe1Pu{M9zbK%Qar=CxH{{&rP<>%w~|2r(&k5?0ph=^&<^ZN64 zu3z=94P!^4x#Dc_wz(Teg8NYdpO4o5ePym!C-&VyxqZd{-Y61w9H3ZwbJ}}X0{=%Y zcw2P`MxOxpT0Tmb`+56%qCVcaM0vUkpiWH;-tMgvxu&)6iekqH0%Hd6GdcZpdDXVi zsKLGJowRXQ`Sy00aaJ(yCHK0f=WK-JG4Mputobv zc0apA$NPs3Cwdiq2I0*8?RtY@PILC$b&IF;e!i@?C z1?(4_DE{v@D;nY#0FMsP4$q*NTBlV?JWa?c2aTVcvEC|SkXp!f*4Y3qZ_ zz#c)ZsY@+1a|Ycp&~)kmqHOM)e}mI%)@e1oMaWp%g(fGDob0473g&+(s}P#Zby&w( z5TCw@;^D6KJ{5T8ctWT-${jt5xX41lZGtRq-Jd=?;PGq0Tya>v$jKFuz#7kXA+sD z(VG{BCcva?^x4SWufl#3jwNe|64q^ORMTedXWsZrlakC-{buba-XfPK4~CvCTp+u@ z3d@jrMtT(%NHD%xqj{G6;N_QdY#LL4^XlI}6`s;&3Sw`zz3UA*Kgq!qMAvK!@-Dw4Yh5}CgykA?g-N)tkW^3~|Ekl#mXIzqRW z64Ri#7LfsJWwVGbJWN(lG~Pu{n|Vs!c*4r*u1b?1kBkQa|Ut} z@7M9OlmF;~Kv*HJ>(BNWAfQPc9aRn+!RB4YFquO~y@8E5GUi?!tv+`-=C zLQt^MT!LHJ%Up;J>=CEnI(C5*v4-u%7!-)qR7aUdBhg5icwW=!-&n;tNiV0`UcZisIr6PKv_w2FFL0(ZY6w z7$LIW9E^o>-mHxJa^Cce#C6%Co~XG?w9u$D9$HWogooxIrAqZm3ikdoNM~nFC}YmH zBIGeoTN2Wkg)Iqj%yt$8ICHi+!H;F5(YU;8o|>k*za_1zHw6bNFBoC*YfMq_ybCu5=ZCIac?Nnb8&A- z)0bV`5T`e}xN((!{lbO-ebR-E%k;7rHn`|<=QqyMd!654q~|)nanu9eVL_;3hZzxC z*hWS{O>6-pLY=v2GE$t828|qLp}9vEvd~^c2C>jwBK28l&m(zQX!emrW|~bTnwe%9 z8OuxqN18L!Oe4jaX^$hROf;j&4knsGWEv9<_;{0v_Ftqb6HPagm5HVkIm$@W%!SkG zFaUup$Q*<*IvEZ^4;_@9fTb&CBUI9n&k?@U$($n~=%8l_ALvTY5MI-fSqZ^(GOPp- zIw%Xlfv%L9@QjYkM0h|0r}Att(KXR;@Y31SZ(O81q1#}m%b|;}icDrsq$4oU^?)1> z=v%ogBCzv}yTWq2kp-ZyVmy&iti_rR$@CXK3dx zM@0T(@(}AWrJG|4HpH4Sz%F`!ii~BNyiO3H?>G|-d@{*!eBL`IQk-d0l)y;OdL|fz z-JyqZd51=JFir{)R?h45oR{I;@QU|UwD}KvOL%UoHtZ|=LiYS|3EylUFaxnnvE zYsPSUJZJ`A^0?c)%e{EufIqW~a6q5k&2Wf4yZhO}{OoSBgLtj|9&;9`+=t2fez_&n z#DC?wOxAkkx0xoI?NjZ`qZ#W#Lh(*a4ZqU9jM66oNt&Kzj#(8L^Q<&eZ2XzpOo9Qe#ZmO1c=!wFNM zu>+1N(9j`=De!@V7gOLp;2Y<_yMM1>V^}=k*mhQr5UeY!haZ-O)x$Fviv7m03c&(i zl^wBU=2dHKBJ-*lR)%@i1lz~7`Vb3cTGhjHGOcQ3OBq*HvBr$cEUVYBy9^#u*v||e zVh*-U#9Rkf`dv;W#o;Q?>NC}q7(IqZ> z!#Iia-ol*3X>SY%am?F}gE-)Q%uej_&SodJd+V?hvEI{c#5!*n8?kbuq@|V{(b&Q# zi705vxQ$3?;k$(hXvq*m*tYQ9MBHo1xQ>u+;k$;o+>#-RIBMn-K`b<92qAi#`2-PF z%^Ca%WHTQh;tj{s9Y&(AcOo;<%v*+;XyV<+M11HCW%9c?hKs2XRii{z2&uJ3Rq(4N zM^*5sIYm`m0@jU+3u=r}6`X2=krixed65-o)chhVnAP+mD;U(cBOBpkbFq!#V->ND zA!E_8jl1`XBCyl9SCd;|YO7(b$11B%tuW)vD_+SD@=BErR7+9 zb?^%65UX=x^=FIS@=3>Z&K>31%}Y>XoZ;gzVv`Dgzzbq1vskuzbi;}ab9 z2v5{r59?DU-UvX|EsvBGSr4P3!;J|Vrb7u|IWGkuzYqR5b#wXF6P|Y(`a{xRIWGjf z`Of{{l*lseaayc~=1}h!PR;<&@1}ZFe9M0x^TcS#4tajzWD78JDM)19G5HR;8*yGL@rBktEX70l$WzDs5v z;g-o1ef#0T>$_ujlEg#>VPLtddT(yb1MzD(3)#e+b3eTH-ig8CzZG&EN){i|+pc-j z%szs0lZ9luE*-1TPrQ9}2^_j`NmJIR;g9_|i*F+Lv7z*>%EL7N3m=Z#O3oW!I_?h; z4Zkch$@Kjj+ey2?S=Cs-8G5>qTFRHi@yIRZ;Kw}6!Hg^4SyM4*Z}DTJ(YcAP8wAhX zmp>v|C1-S1gEwSeQ(K~kBVYQ19$0Wa(`LVgzWa{;aR>CyFvW*%SGVu#1|jTR)a`O6 zF&k!IR{8)JkCUa?8Qpsm1}E2;zL!=EN(NPP_%yD04Zgp-^ywQ@zB%;FP4|}Q(8nPh zx8(Cwa=$|hsSVSd5HrSS!=g@R!G9@Mbfs@Dnyq;U1egDO@9BYx`7Y7QSe$n;w}w;r zS?+l&VUs(sMzuRt5mte>6vbI<*;yFF9(R88;fbXRRR$pEZ7=O0L@WFYy*GSTjq z*uF5t7M=lk#uE6S+#bjybrVDmC+*=s1SDGB-178aD26?gf$foc98jwPg6Lu}LF7oy z!P)oZJKQ1*fnszsshCnFV#{E?C}`Y+ohJ|?oB^D)ME2Bc36a!dVC&Sg7Qy80m?U=r zHQ3INzVY>Z$w#p8BWRmSn%ytVBSb0D6r#Z)kZ(j9i{USxgUO^@mHaOKSKgHT+&3$WFC!~W)K-Xk>&1! zVYS7W;ahmIzql z;jvxM{)HmdPDRXKTi|n#nQd%z?IT24tb2a4i-z>T2wOn7g+xvx1f#-pbw6$@h~H3- z^!uPorvdlW^IiQd{4gmHc>o^(E!Qs|;f0wOJEr`sm1#y~Kg1$x2!F?Do(^TgwJ;ch zqa%cfu__jY%SOxW^Q}&!tC{+DRWMQvxex5FUBb>*Si%w0tY%dJtPvf!o@t>;1akZp z1(j`}TRTFENm@G!Dvo_XHSoR``Jr2MIH{3Pr=puw<$y>Pj=F?h4SmMmX|NhQs`Mv2{op7R6;%B#-=5W z&-NPmlc&Go7xQO8FfU3o_@|SYBq1l6ybHXC3R)!jf~^>QyMn8Tr4*~r#5hUiE46T0 zXPC28l-pRrpEf+rd%fT+vGQn)UE6Vyd1ZJ=(lc@|cc`>3jn)K9hXR(6ay|UvLs16#USUE0rS|h*>D};j!~^YR3p_teOLkQPUn* z-mj_AXPxyhNN0TC>#bo+Kko2(Fye*wVBkdS%0hM|e8LtW$SB_UmSC0LdgD(l$Q1s5 z`uT#LJ}UJ@xAgP0lLPNdwgTvkcJw_kLyCnDH6SYAteer}4bI(0kEj0V;hfI`otSM! zTKM`$;qYkKARk~-x-ZDFrVXN<>$dr6Ow8`79MO(?^B){4X#&3O|NW)2Z+fbkl2SB= z#_j)y1LNJr>AOK6Z*{I1RXCWXpeb2oEfg2His30dbwkcc_oBg#%jx@j_5Nas`rcx0 zIZc$}pI9g2_E=pdat#=;2j35{@hgN%s$~q1o_zyIx=5Ocy9)J;58AgnGiM;O!DZd~ z6>x$L|A`74n99Em==~PD`MSp5hy+&gAcRlVeX{X~68v-dC&chZ$D=y}TH7PZ3Lo%o z>ve7tJR22j7iuRslH0r+zn|Jr4jm!gBp5>~_@p}l{->=RFy(fZ80v5Pe6Vwf;3o{+Navj- zmpjmkrgBIh*+PIPDiD+Hz$U3HDN%+6+qvQ(YsO7Zhfuo@g^d%3Y!;;@I5z~oKr4Sq|NQ2Ukbe`#M}DC~w*tli zfVrj#w+73TfnezovZln6C+JM9%>c)6Kz+{<1-e>Z41+~BE4WBOE4K^IzlDIoS70LQ zBjw$#-ffS8C!5Qk!G&n#U1}*V^Tl!`Gi7&E7vx8PV>v*+(#{&DQhnVOMKhQ9Im}Jx7 z+Xp4Oh;c!}f8p~`3Re=H(GjX5P&;Hq=0cXItsnB^a#7J0vMXn!|JJ3PS&~CCb0C&&xxmZ<)NOf)z;v{7M)IudwMI+{U=q9oWiGYmt z27?dt`uO5;U%@20x=TzT={i!gBd7ZT4UgD4WnmAUUq$A0SXDyBn(BAGB}b-28y>zFl*=?2$C!9HMQTZ!J6L|yIsFobyqZG$RP@bB)Ig7k$qQV zDkthkYLiIOnahh+xXL5V<8baTwhkB2RXgU$60_MRc7elNwq`N)kZ1cd1~o^l4JQeo zPFYShftWX0HoD|uwNY0N2tv*zE4R%S-%z8r;C|Fi`B`t;`!x@O<3|QMneSY2T*)_B zdoM$N=0x>!XG?W$!5E+d>enFt;$FybX&TXpjo)IuS|ZR2JW?Z$aLHub?Cg%jrf|Yw zYDVp-$-F@#tn4*6U%Uj>tTHOX7fnS9#rDbY{ACsEAFkXjZ&c7;)vO@_l+ zOO=kK7u2(f60s6@U9?rx=PA>)$gMnBWD$r03%kK&5a99(yZKzqRN}GFaODtW;|}8u zhUVf9w8mZp@J8Q;jalk6n z5KR?Qc)3|@m2~%^nj<}+w?$#7nne9&FY#i`TsGfhJqyID_emp*fR|X<4G-I2n6^bF zOMZM|>sLml*A+|^A}hXCfG*SeYDbc|>of*ON79@PQrV_iQ^;mDhLDIAiK&?gGH*kT z>V3V%7=apjIYr(>cI=B%wM*y>pZ&c>v&{UWe6IBXWO!cE@}P~_07$2**~oa=bLNl zl>aX>5X0G;x!RKB8BL#p=94Ms8Xz`xZSnSWw<#U-$p-#Y-koKBkg1H*48A#49yFI~ zKxaVux7xxTLZ@3?DlBcJGhE8fWyl{NOj7FsDPSiD!XT`@@{<<#essx(=2fB zO^p>ZieTkyu3ewW{k`Z(LPmVG_OmDuCpj;8IvN`!wbtIiSn8A54?188O`HCPl*4ay z+9qdW*Ym3H$14zYwQ*vUs&FaadaZl#H?h7$X#Ku8vzzWmQgJ_%p04vV?&q)k^{dA1 zXMkMa1Qa^Buc(^Q;TiuMJ$T#6c`(LAe|T6Pu@r5o$+f*qi-Do|&R@+YqLb}vpj?@a z5L)@~yrqj}X73oFYr#d29+gdO3uL?$PEQcl5z#a#C2)&B0Yw8@3^T{2cvh|f$DD;k zErgP{IYltz;tdu@EJYNe2r)n!rUeW3G+X7(YW}1jZ5cuh6mZ|rfX0gV;D`q&-{c|43s{(z;fB=I~q9BwG3YX?q>Er! z!I1SR31n|$4?)@YxsXh7uoqBds&o2RH-5&|(B2R1&Cn=V=vPtNP^JqtxOY!D9KE&L zWUaW$&*uiC;_13Q`ZZ^SBI+>1e?AG1pmRI&_IVnV4a37^X(02iw5~3eDnaj4novw0 z&y1=bOqMs;i~zsq9eGfD`G%SvzzY=u3uy(xnb#X62YM+3dxQQxkV1O5yCtB!L228V ze4C6kfRI!^g|0R9LPu0WjO`BUSFI&$kAv~(fkvq^D82wK;|QBaWy`$!aTN9+zl%3{~f6Nax>Za zJw8w9z_3Gn-`&%7m9%F;cR1*2VLDT7fwxp;fyWc7hEEL|4g{3uW5|#chgX{`sb1z?_}TWj9N|17sN|1_!kuVm)B1pYU}Kf@nU! zvdSU-F@rPw#`8I@;D2JVg4_HyzVWmudr@hiIBcK&`0H%YMEEKR)_>c+@+pX^_1$~$ z{^c>6P`n%otkQS;<1!=jLRjX8!=KCxHuXKB?fRC~j0Xc~=P=$qi0YrWQscCZ3Ls?I z0+V!+j*9UIo4lICnzc0~Q*aEO{0?COnGalHtGSQszajL0Rpodr^vfkwSk?AwQ9qrV3-FW`{@Ji|W~qDZrUg(o@>9UT4S z3>|7R(h!?8xGTI~mPp5f)Qs$@oHd-FqW;qO&7IeEB?=yQU?rCf=~JBisLw7cfH#Z7 zG^Meuzsb3&(XoX!ou@F-_W@%bdbVeU1+SOk`#MqSibkKk#svfOoCHhtT3ApTeEN@F z40<*cgO4Z!@QLydXy({vRMu9!VF5ek@S7}IFxT02Vb6FP;trAS9axrWGU95-0NAn> zY5(a&SC1Le22&@vpnj3eZX{kAH3--U%1h#NyunQzY+nsw&X5=aI>hO&*kY8$9#x1@ z9u;6hi8woKEdkca$b$*ng$CW1z|>!1lE|wTTRwB^DZBi$qn8(i3RyUDH z3L|kq1Vsl&=-&2x9YTnPUwpt@)b!L<@AdDH*dg3le<+AKi5F&G3hlr!>oNk)qro@+ z6nGhbxG4QlN?|5&Mz0rsItcmpE;y3z#5nS1Byigk>6Aamh>T;M9@QM~Cby&O+OUix z_O_}jZhJh~Pa|gt>oH1d@sdHv zk#&Ud-AxANB0zt6=*;YoN(6xJZJ4ME2>NRuq{oio@K7#Pw>G2M(Kz){H>m%! zaDT%QE6~lFhCkYALNuD^PvMUq*i~;+4V^`yCy>Fgzd*W3G?ijYVE<_9!r}b(;J$?E zZl=_d)582Jr(oW7X2oSD7DEQo+9qC98rZ3f5@59}hOWw~XWBKDpF(W3E!N_Nrarwg zQB#x$BEw@2LNHj8m*(+7fmFvu*e{8|D2rOWqC=MEvCd27r5!C|k^aD3A!b8iI6{0! zJ0fc}6LSbe;D2?A4nlYl>mv|V6SYtptSKA*z%PRWd9bk@3qv8$MpGrXa>(0Ihx&aA ze$M)z&wAIPWMz466Yb>T3`b|b$-vd7i2@Na!Ays2KVtwht%4&W&FzF%9~S*F*?H+G`YV_pD_fN2?&{C*lN?flcj-^otQ)K z@(CUJps2a&!LYQ02f?)MoS6^P=LKH4!3^z6C%of_mYBkwkU%Lz|MUd|jfl>=KqDeO z%LqyNfe`xT1R;S}RFo?F$9byl-qp;1e(|*AY%y%$fUD;PPIA|XPsy?XsQ<*PO^?jk zAMg!|pcezKhc{DC7X+Igb zUEk`zwnxm4PHO->H`3!D!&SYZ)Ztjw8qz;lEuk)Y_I{7FcqA2 z&o6f(uR4&L#naGgB<3q4@o6H?z4M_!X8AuK$n?RMh3deWrPrjn|K3}9r${JjCF6lm ztT{lHUqN&~NX7(ufEyld{rBN*a~AQ#$QOXwO7SSE(n7j+T~1dS$n3AD6;f5psDVI4 z-wxJI*(9DmIZfYvWjEDl?VO)^i1vP3U@ney7=GS{DN9omDuiqT1^d1xPdGcj_JI(# z_%I6tHJ`l!Irm{!HS>l0j*MXFL;~oUk>C1Y+cDEgFtl zq%s3Q1Tiw3aYVEsk4`V^Yh!TE-)RJ5MGCURYpTRL@r6XKGnAiJI3R)P5A)!xzCRxO z<=SY>baGST=}(z(8z|J%ffOa)s%XD`!%}IWX96ka;Z8s*XJ2F{VLo5ZuOf?p2&5c|D4IOGK zDhigPJ)P8F58(nj#+F1x=nnxQmkd8e`#}<>5jztNoPFU%36rD?zcv9{gFy&~XQ$N| z(Mnp<42lNB`$l#{qn88q9N}B>hwz#(i!Lb)m-7)u8i2t$d()$3YuUhAGhSm&$)ijh zsy8jZ37zRc^po{K2|T2cz(DZQy9XQzi6g4IzbYOz1$;?aV5QDRGOrYezKAJ2{i9tN z`C$p`QxZoM+>VHVbY#7RHUbh6hh7yJ5bz%O?uwaWDv~e;!!|KxWBdY3da=Gl%f&Dl z+FK5^)lrdB9hbxuG04pNX+oX3Y$~E`z7{dgXOH}=9ULmwLqOclPm1J~KnV)GJsc|k zkWCv=d3Q_3ux@FNe3Uw4n{*evRgr~X!@u+-kNA)-OX6eo@YBIk(AmV3g~0hD4@9>_ zh?wcb6m)0R7&?OAQS@qZ#4COvKo-Rrf3gOQ*4zvz7oa3QX3{Z-q1FZKU?6Qp46TYJ z)HTThonXNNnxM4mw+sy*5}LY?70xja^t!iYn_MZbS+6;8V)Bq>l2Nk94ZC9%x}N9Hj%d z-r9^TUe25Xg1_uUva*}wlDq(BL+(rr{!)W-=97^v6JQdvAfb#Nz{5;(Nsv( zTCt+npHF+>XgM)yE#0lxw!2BDJAOWH@2uQhGJ;in? z>9pJYfEE`-f_t7{mU4!PAAY0r+W*!@*Pz&7yj=|`B4Mol+K8?9f$@y^|)^@hYog zx}DXM`2>z*kQ}Hgk%EzeStcVfHEvdHu_kEGXB~kK8(slRhb4#rYvEGzFRJ4V+qRg zi@U#75(*_{nmFSgG>qGp2?z$|%z@s}MIARi7sm%y;rupQG652R2IB+0aDJH1p%6G9@!40x^TI2e)*?4NXn>EK`tg*$yUSqtQwcBNNTVJ%ubxs5ANzE2OVxUF!x#~ z-u&C36-rgK1HWT$VeCI;a}g;7@Zb0oR4Gj~X;+z?;N*}Y9K+&OIyoZx1N;nkO69hUr{*&V}gu&*5m*8rUHb#=b*9L5YD25P)XB)jR74y+LS=po?H) zIYD7d6o^Nm+zTRO1q4NS2v#O6!6{XoF<(9&xN!+BTbAG?536BKW$OCRvn^s73PWclSr)1yDW4ec zz#pz<{#PVA(0jQ9!3Pu{%qUeKulPs)3annIgIkMH3-C4<7m}4|{=zh%bfHHWM~#RU z-1Y+XWCmkYCoC^GuD)L6R#?kY#M1zgjtz;0p+cK?poc5{2Tb_hLXijNFr$}df9|>L zn9|!!j%aIZ!vW)0EwaV-xuj(L>!}CRgG+-V3$))X15?MMb2J~97l61I(7(DTLhZlo z?Rp!-W!-%UyCLr`6g{cy1$nr_i?_D+gC@Q+FIyAuaJI?_FBf(-T@gWau1D7r^zh61 zps>QvIHWt$>7>GzCndJvxfd=Nw_EC&E-vn?z;IG$R8;Rzo=b9}qfhEkTHtq(y9(au zH3vQVUp%h&ylUGw{Gr`;9Vq-TgCqP^WHi(0z}4n$D3;In&z?rLAaGiqM3>tZ&OiFR zW)bjmmxI#!Kg`-NYYsGQr(E6McrE$#^>l9C(#Swzaaf=Z*G%Jm!#V*2`^|EnyAp!M zat+RO&HLpF6>7By%=Om@k$8U&knrjV)2acSRXatB@XB%l&7mY{D$LSf@5Vj6aPO#&Eo!XC+?RJpjdT?4 zy_GeM?$4gkDiAhoOF9UDVs{$BZ%|~!;V}U~T(ud;v)v=`Is*e(Eh4o8Ws{M4sk@_o z6{-ub0;MY+_K-bBW?n57=<$DmsK5ApJvCLGn@~YbyO(JcI)3VL-Gc2PatOK5LXe8q zCLV`w`SHyL@VJ9@`7AUPBgn~a3>DQ*9*}^y*DVZymobKWd&WWx^apo~UI507vo9}s z#XofmuQxD&%!M@W?H=KmSy1x_sYCa#Zx_FiJ?>6lEg?ymmq18o3jG?uhZ1^`dE@YG zyZ>bYSx(1ZFOH@=8)RAj6tTjS&k*}+!NCh{h6TqT6|pIdA6cSQ9TlO0Q-2fB&X*0B zPxeWYq61M@!^aKXJI975=n`~^8orHWqz!@96;8p*LkCA4{!OyM7`p}s){G8jZ8GCj z%zN|G*2I{-nYm6W)WDfAX4qnW&~e61yFjFg-6_d-4`yW$xjcqYjgZHYkepT}TCx^C z`jowQVkd1~s`BTm%shZ*q>me-Bl@OLnVHikOHAB@i02vhhF3$I2MAP{Le2AAnfC>A zS9>{!EIs7b;{gsPh~r5^ITG=SYo!8vM6h`IL3ImJC*4kkI!;7$TP9@hOXSHebFNCx zGYodQ$t^jBPJht`(ZPwNC)xBcMHfXk(Nxei8vY>{%Lud{ze6K??RCWkXKR*go#bM?e5-`SkYg6fMS%@rb(pOJwV=P zg}VA)ztc{CzPXK`IFK$8~Qv6IA z%+aFduin`(WAHXdreM8lTFIig<*q_7|@!6(V|uLkv|JMcEErd65Ten8tzlFTVT( z#N_;zJ7|`K`A>xjj?@#P;7T&**@k0+374hPSK)cM^o1Jl}H9`8|9ZdhrZGRD$Qry!_weoxdG0*-~s zXWQtIwc^OcNV}W=1oiJAM&M*0J4HCeuP=XThYx29XBI~8u1RC!;{3)Nu+{bvfRrVa zb`FJ=a*m+dk`YVz!xE&7)0N(199BMlRrUI%ca#~%Fhlq8UQ7RgA(=xtf09?{V39gz z&&*zL$f;qxs?CCk*#&EtV+bDGZXCEbLT#731k}rSg7cZp_ zzECbNE(1Jqf{qfHxcnvRu)G-)G6h4J`6Cs0A4p7u>7)NUX`NSBgEl;|k@8|`3>9fw zTum5_YOm19z|;r(SW@{)D^{`CYB8v4S*1JJ-Fi9H+pF2}-ug1#H|Ty|<*F1NgkkrM z!PJPC)@%d8$B}G6Ck<6ESC`Lq0|jYK)e^7o8#By7k;XDa5cZ_JURu~SghvgWi(iTk zIVL7bQ8nRce&dA-49R&2^+QRuP0+Q2YL&Db3RCelG(W1qgd^H5!m86lhk5tL#|pdG))UH6w`74)Kjt1ZXiv*%#B znYcw;glwdrV9FRRIrc)$PQ{e*Ct$mIw{g_CuS%#cv;WDf*@FT0#s=^ik6%O-))3a4 zQ!t(lGG&6Sv5V8r*0C3phb^YxV)Bw(K+vBJt_uWUyCG*OafKdVLCevPRABuO73r(JP!e zAa$t!*f;Azr+JD`pfr}but0cu%$K1+?s>XEfbjV61%Sj^l=7f`zIH^k7sP3IcY{EI z1Zb=<7|$Mr1R_B614W7u;;_6LO0cwOb{o8!2fv|ieaa+_4E6;M&lP+ZZ<;D`lSB?H zy@L3QMAiRh@#R3X_*S4!zlbjPw~{OA%O+(AF)Ab7nPavJ2+XYnhSgB={xm_7Z~!or z^(z_3t8Ea#^D2RVc*?($Ng{{k{SgJjb~CY7{6}4*t?8{cDuFMovElWBpbr{k+M8Z| zMTSHk`$`2O&qq|&tO;0CfFk)a7Nf3Up~opz7R!jRz1QM@mX$6GEV3|lPN;V>dM9S%VfD6TQCnR}-H2k?i$!yPDV zi{dSI;bdzg2vd2BTkNPC1$qf*QmnOFBQ(3NVA(Tg)2WBy_ zfM+pC1Y|Kt!T+`@2NhqgtDW0$hr#{?SBB(tRE)OcqzzxBcx|2B5w-k+7NE-R_CT~- z>AU4eo#7*L1P6JIHb7hX>MMz{q3sIaUFz23v#q`r!9)hJgiV6)l(@%g9!M8lo}!$2Hv!>LcjsQc zrTN*bHO^GD6!d>hN1O>H6eDxCc+eeh5|k(83{vhMH%uN0JeARCXSPnet2sw0vYJH}&pdLVdBTFdME?A_@Ji<_EO_`w?eg~Y z$&C#Tc$a_f06vQ82!??T288dIkp2!{LD7wBlS z1&9c@6^Qb~M`*UJ+FJX>>L)$$A-ci7QZ&7__7D?Ief&1#Kd^x%{*(m`d5pN>pau`Pn_Ft?F zzg+kR^h3ZY*_V(t{RPdg!ohAuy=e_tsqB4fq(Fko;ploTn^&H|({H|wQoVb?Ccw@t z>yDCF+c}NagJ%W`iPpzx;mV{IS*7KxX#-4L?N7f7+}fWX{XZ6_(hcrE3w6J=G-Z{H zE7)s))#PRGDzEsKrnT&mYLzv=93rq`UoUQ5iTm?RsIcg9_NKzE<2Ybw?2XZG-3zUq zs3W?`k$4hQ49mr|wUanBD) zT2O2_rb5QXoo;_*R;B#>)o7NZv1C(QLvV_z%>uBj7PuHYY}r#h?r3-eEGEDosU-@J z$kz0e(lcH5E~z8Yc~MMhBGK{F>&+@Xo3&ABd}pd$EMoB&@pdrv7?lP7Ht{$_zfm9e zL`e{LqTLwAQ1tsn+Nbokb49+yr5EJM9E0`p{mJtOzc*>$61h)O>W6w{mcaw$ju8RH z*2{1+&O+90*ck0Mzq+4yp+ny@=>;di*Qts2{3 z!*woA)AbgUY0If9)59>s!oZ~YEH~zRHW$I4<6J81FI4;uk{VEYem1@qA`>CQ!;38I z1cJ^t?crzAtVIA;3NzgVb6bU`{Sc=c*Vp+c9=>2Xo@nG{Zz}E4ao?zwYXwPdze6-s?0BzvREPs5y{#IT+ zS%zZU;5lrC+xHDm=pOI6o$P6Q5B$*giy3Gk0Q`%vO>7I!?<|zv&e*%2INKc2pIH0{ zmDLMoEj0!CJ0iG#6dU;~yy+JWA#*|Yek*Q!5wG7{j0||DCWY*^RJfF@YV4Oi|GjvAR`p+&lV*gbAnD?g z;$MW_tneiD$Jnrnf*gy-xAVL|dPYu-PLz^HjwyQH4UqFfzHzfh)7D=M^{QG;bmZ5!;Zc` z;4-EhU+MpH%uG!ArnJI#*eN=%G2W(iws#+cwuvl7EMbLe5$^kBqOusXe>v6pFe4y= z*UVL_PT&=c`kughj6iz;OI;Qu-4ia{+dgscoa@-ZWyd4@NVu24wv*;rqrYHkMJ0MZA^~UHM0{(E(7l2?ux2ZpVDrkhPyT@ zGv3q~@^l+j&Zr*Hc?;XpDIT#?o}TvhaDP)I7n1eR5Up&V-XKoxjfl6{vE7fs&%Pa^ zM;qF)PGX7yEp`d)uqinbCD!F`JjOpobwoK=<50eYCi`9Z~gtbP&##>I5gsLW2`%fq0Z9{Lhby>K-n@lr`Sl zv1_mm#w77HYJ?)uE2glkuV7EaG%DtCMzpxF0#oUJ^p=`e@oxAjjNBH~bLtEyJ}h7i z!Tv8dulEZfSF8QawC7w`1FU}|*OU2FeU|52=>xt@d>wG5^ z>>88T!C*b2eg0JfR)0`@G_IlGeG97U{Nb8ew$PX#V~;|1(^mP+_pQ0mm(N*^w~gYS zX78NiYnU7hulD>y?LPmWxGo7~`@f#WLxkQrT-@^|r_Z0RB6n}!{hD*rY1PXRm2M^*r^>wzG9 z*E3b@_7bi77JB^bQs7jcVWxu{dI`JdIr|0b_eS!R+hS2QG()Tl`j7zGVV2IA8320e zCa<2wuE0VxrW%EW|K3A-sy>#$!S&|Ko;Jpx-`hhos<~^eug%@YcWa=pO|PM~&CBw* zJjR=6s>OY7u%pdlz40lPB**D;XLn_GuCGn7vGwwLx?srLGw09sCBg-D_EW;0u*{Y0^`+!}hfKs5)7daWW%g>1JJcqvx_tE- zZ2G;}_2@aM5!HN2ds|j}UUGl=o>SXlQ1J?m%8Y91`ebEr|ZNbcsgEtqxPUJJ|dISBvf(`mps$( zw0LMHq<-NU0Xr7sc>T?nBPa4!Fo^A`nSq}ZZVIcHJ@KY-BQx!_R|8wKOC_i2^m+z_ z=g@r#@q)KuX}3R!)yqS9U}vLtpBfdlvoPjxjKJ@$|Ss#i)`g?787d<11mw&d}#xHv36Bzy86u{lPX5Ra(oZYaY=G{{s0m zOwIeanJW`sSsR<;l5;Pgy2BMyJH71P43lpSeB2A1Lk%9Unu0E8>UQJB__e1OU#c#S zNpy;BY(|l$GP%U}(lSW=W_ESWJ)g`{n=U4~jh8A{bT(Z6b>lyvZtRnDm_agi18~`M z{dR!KY*aF3O0>4*7qH0v#ytHZc#gZ#LphCCDHX^8ZZ8=2$pbU8zoS3Vt*luB;KnG2LEmbHu== zd3#L9NH{WhglCQgFW!C)w~t&dj5$k@{`D^IRCB>(uV%^)4^;+EAsZY8yK+An+8l&(0Sjm8tI-y4v z4%GqNH-wVTDcaoU&Rp$XMr(Ys68K?j-rJn#TTtuhPI;~Rr5^t920%WmPj{{cJVJv+x)2&F#GB5JhgfX*I)3qc@>ce;}c&vP>_~=JD1Rpkan9Qi` zv}u4_ln#}qwDZvWoa@HxvCt>KWI4q&m0z&$GUc#)l;L<+A;+SkP)wBQf=%_W?Y zqdz_PWno55@+2RzbhXE-U(uBvmg=0HHuc)j+Q>Vj(Ni**dadDjHO^2@kcw(zpAqtx}iV!>cST%IfD z;`D#jZOpMQH2Rh89H$Ww*rj}V(}J2}tFSo>w;1yXjkXx@pozBV@)(S=_~T(7Wl`?| z6J=55Q5pGT^IH zQ9Ycv0Nox=EC6E6bpq z{bi|zv@ie3go<#im*c$qFa4~$6`0dsDwokOX7iN4I`Qs%OFtzALEH7JIJ}1UcxlZy z7wBW(mz2^HQ@vu|E0^v`=+T@osqjSb%gl2XD5ATDl~PLRk)6CLH;3^9<`?o6QCuBL zO~myGPR5maLiuab_LuWX;O;figYH#I-NoK9P7-KFulqXKPk_oxLHxw?8+oxXuI!~Q zq8kV&%F3F7{OI$(d9jeL_@(tC8&D@?%1c0g=y~G2STI-cmcyYA!Hb=GkotTelEph$t6c>n2pJA_n^{Jgs?7l>v(p9Imu+Mw_~g zvGB{HF<7VE%j#7rLElf0?KjTFl0y2#zrc zaqx*a?DIdVipKhF%gcsH(6Xg+<{OqE`yNU~#)y$1fo)1*E$D6{OVN8Uc6_J8~whWpQSSuBvUV}&o5P4dSFEdFz*gx(Fz zQIUVHdqzGm`F|P=uQV5r>TRKVBG#0{i?U4K#1z3I5)P3^1|^qOt$cKqQSWW=dT+j9 znd9PuHdth?e%7yjUm4wcG@Kp0ky^veofH^RT&hso>>|8Ae7KsM zQou00voJqnvXbG;Dv~Jbk z%a<{^!wxo{|MGPRzE^(>Xx0I}`TK0Ny9;*nMey8l@hIPR;02+fB6#1FMV*}W@D3dR zXMMhM^q>o$Q}<;?RZs>)v@x4x|^#nm+uqyVq zq2#Z88N!;ngW8z^E???sHUz&Y56007YmJJl)G1PprNZL7H7xivLH=}eW0|S_F7mVE z5(yhenXfw210^Y^wI5^bN@Az0kIr^WJ_pfKyj6T@?PVr(p(zFqG-ElXR-akajteBk z4foM|84#@+3etR|!5uL8#)ihKt_oHOS`nh=HI`*2p(Ri=)_Nwtr3>tB+FK(sF(U z#wFDw*%}+!kGG2 zdFQW*O z%I8k#!s80t6nLTeIa!J9=MNA2Y(9s03*~|;r=XNTpI zTM53n{_ajz9F@mUer?S$v78ds~0>~pE0zQ!EWHVE27d&Td#MjOeAcPfj81?<_b(Bz%*xLb@pbZNcH}Z zw;29AOto7_bHu`D`1AA6<^=5EVlWFYd&!my_Ny}W;_#}Os#m+}SPdf8E0eyGl#V)& zF?4p-(-f@-!7uS`ar1&h<;FPFXWY_YMg1CN1_eBuRaAGANd#c`^~LXX2AaQYwaP;u zH)G?2w*b2YC+)+6m5qf#0s`8r+|5*Hf6czsXfSuaCVu!GfjyGvL_4AoA zER|uvihESXRLCPz{py__H;1|SKlZZWRQgKyUWxIK348=XrVncM53Z+R;FoY+%X#~^?-aF*43L*Y!763pX)^&7+T zp&{HQ$23F0`UblqAn;)@TYyZa{(`dW zeJl$C6iH$W?2V#eQV=9iTV^7b=Zj0Qa4D!t`#NQ011NmN@4$$NuSgK_C>u-{Mc4g&6^aLRm`@h2sZ4Q$h*Y>%iSl`xoe0<<5A8NK8GE} zl*nEY0f&n2irP7dn(}S9_vjnA>mIc)j0Y}>VNe;?v)s_akeHTD>bGV6_qrLE-Z#D^ ziQij7MF?{x3|kc&{MRx>ozCL9D#1^UNgp!6C_h#MA8#4UrCsQR2eovePPZlr7R3IYDL`wiz{}Er(%OCF!XK~l=bbi@KJRF8cSK-%uLQ&#`u+A0I zXG;_W!afWO-LYa7i-RQzZtJSZYd-m>Kl@ujpJgbX)T&Vyg;O@ZUC}XYWL8)XCXfWn zS!Hp6jThOilyQlE>EtHO(g%X5?FioYRwqU0hF}Omay-O?b=K{`K<@BdaMI_>%{#87 z*1WP(qO$Q6Mx2fbhd=7V7V&sLd88jY_mDV3hd|5YRCQGfH5aXdp{)ur-4QE4bAow3 z)qq~gMx_a1ho`b9cKv*Jc&7cLIt3)^BEn7y^BIxPN|pQD{9!NMJERI+^U34KO9TzK z11T&%5|RH0cItzf^~>rj*7%q*HwUNglcG#=E04Q z1kbV;Wyk!sq>hg6mvrXMN}7eiEy6-d z`;c-du0~#<=Jx%{s?J`=n!U`%OBb*X*@7ns6b9Wkuj;?Lv-6rgi(m>`k$z^Pu8Ybi zn0VXe`q={Dl?^0&_p>=Bkj6!!Lr zltBuaDQvwrem_`W-RwWx8I|H8x;V9~;?UUPpFAp*Z-|Y~p*Isj&aH98F8A2p_EMxM z)hAJ7g);V54Wr_Uf^P&53~%k8qD=9~r`P%^R&;swAuqSAUirgB6z2W3F9S1LiQjp) z$w8{4V}9Ws;DGXrq5dy_5eQD+X*QWnan8{qqt$KCum-oy>|E~#?9z4`D2_RO#`a61 z52v@r(#F)i}dMtC!CM{0Yr#4J-69)IZE z#IS$4(nd2YwiNvBYZGPmHM~=6n4IsjD%wFcNbhI)x0{5ql38WH8Po`YQIq3{y@1NO0T99wKnIBka72#G z<>u-+GS5Sz?UyKsey7m8jlFen@#}*Ns|h+OpP1|ibRa6+zM8Eb!W+eY997aDhZx@G_DtF;(qsxWo{I!U*u*^(2aY*j9iG) zb>%MW!Ix609QP+objz+AgfPyVm#$UC*aGgSiFSL*`L3OV6+6&r7*@Y~t@7k@fwF(- z_2SAIUVeY;>aDZA`@a@*)uBi8&-g4MtKTvFK7QMrN{DG94<)zqTr>mG_LnDkVpy*E zro}Wx+V<6B(FiDv{Jh7s9GdL0BW<$!#z7!x&;Qe@Vd+Y#;}0dbk4WL_(@j!APHddv zr8fwlR{`{9t5+ee*-6_C;1-r$$@CfUM?L}pzNvoCZ##JIB_s=h@~J9s>Bc{a3>~R_ z1iaCpf!RUwXr_`$==9p?);p9y!2jis$=hmv+~pGkNB5P70-`4IW8Kww0kW+GL&|-w z^U0ZIkN)_OXYTW~ujEv(J5v8WBS-idv=V&VT+NPMden6;13HlTHr2d3?9Y$6?(YW- z4f`b6Mlh7z>1BlWwb9rI-sOt)n+?@0i#OkRW4aWK9LIK}T~BTVR%3vdWT?o<87m2lK1dFF{t}3Q(7SLzzuBi<9 zu}T)){FRM+`n__yfj^B1t_yA2CLrz2h`;z z(~UCUoPv+P6gT&*=oeQrIe50htUyyLb2d(F_0mut>xy})MDF{$!X}{zB=8n;T?BZQ zMlh+i7~X=fXJ~`f#KU}8lluTChLvRI;)11o_HVhO^IS2%#x;5RvDVCTNj-!x1K0?r zs0ISlENI)BXffzKVc**cR>Ju0?91$vrPjz_9JxNbTdsK2_N~)X<>pH;ul|pL7?5Gs zj-?jEvEJu4eaoYBgFT|wn1(Wm=)&gg)NlJ>Ee3VWO zn(H?fMuUvyq{DIDhbqqH>&}@A&l}2>8sPRXd~Ay0_I!zgY(|Z(YB9uyv8{43^yBaM z6P$wQrugSsCod6~Pk$d;^pW6i4n8rOVlP6}Se7AXKiutjb+?pfr08e7coM?fzS0DR z)ke4|U68SijXHsYrqU-aCtNn>>n`erZhJXgr)&FOyM9hGNHZ5k7%l;@xY{uW(LU?r z9vLgpkBtke_GTT-EHO1NvazX*Otzr>#Ed%Ke zj-hM!+Z=*Zq(m@Kx=eme!l_;o0+b4BO9&u zd#vDuxno;}-{$EPl&exDVNYqVlUEZseM0rk26_bc6E*6PMw4_xOc;@ zOrR@x^(-w)eF539j<1n9b>b+`Y4}w=@k+V^m2Z#qsK7>Ei0mqXYzkMezi%vWx@mPg z-IE4q)&}?kKD`hVvVQ$@!(!SK9`$h>aYl)(-Q8J>OKcswNxIVNjx$m}7`vqKNA}f{ zppXgh@!Q?a6U+9yAs@uj9aXIOa%m39IVkN)Wa|to_U5ZD{WbM&?!DaiMgEz~ ze!#ALdPrPPzm-O&;yFGj3#S9#8gm0LmtD0Ou|#Sf4^Q?7KB2F^FrYI((a6HL#5e}+!G#)Q2(4b{#8h*^2H7U1L7)%T;pS*xw_QZ7d0!}{%Hc2 zV+L7|ks{Rg4bC)8Jc9eFT4IPJe*p)G9aUgJN zwB>oR)WmNh;2J4%Y7#dYI)#opKXQP~9)(V}MZUYe)C1y<0pjjAylY*wFpB)geEeoj zA^-ZI%VdO&`qD}*#zNO8L3g_o(ncDe6xd_8HS?IMf@>|xA#Yact~h(!CGSvHB%&Ib z$^GonA@!cu1SO%}ttRysl@0_Wg3pg0#8*ADjia2AoL`!IRQTMzuuwnahv2CPGySKu z`b@E#?NM;K%&zuwLP~fGL&Ysmne9MaFYj=l+2}kgboy^{%W5&t>p}2E*@aA9HgVcOm0bumpJ38RE3#wbB-5}TXYP~ElwabQ&YsbY5@DX58u_(_)d7uPD*1iSqt!(-5x%pv#Gxh%2hOsq{xx@D0j}jSQZmR5CWSc<(JY zt_;U+K?w1T&6IcdHY9gd-Trn3Mw6HDf@_!}s&H2+vvEY@mf=N&k!xwc7G~~;R1DX{KFUkOA0d7Ql+q%(d~0vttACDFAXp;h zn~;95zVNK(NS-*k!$EKC;yWM*?(PYAkullN(|&7ygPy znOqTfiH$F-2&WE zqH#Z>RyC;)QAOV2M;L@5g#@ipAcZ1@2(kw+xZl&(Vy@drE~o|z?Yz%-c<>GTXqi2? zoK^Qq;gN_o9uc(tt49d5$?8fL`8D`lVxlv^xkQzmvg|B7cFw9Rwx06Txs7~BGp`Fz zD{%h3gaM_Vfm6+B8!qPW-Muqd)^=+K^bprzG%?@|2F%SDjnG@Ge0UKd)9<-$(Te&` zoe5hvl4mS!lQOax+esy}D?3LLhLI07l2$M$)glgDi-qHdPaqFYcDpd;nO<@#KKT4+ zONM0*qR!*+(Nk|Bn{Q%5E;9Q~Hfbs^=W(zql8OCaNWtN~0(hGzAF6@(f0*6cMbyc| z0+2xjPMjg7FL~zk9q8MrX+jKr3=OLtU%8^D6jfO%A4ZH8kKryUH)4{VrvRRG3w05c zWxPxg;>h{t_T|ye8^1AKgOM7F0C|CnSFgr>l^~7+3BnQ*cod&JJ;wmpYrE;T2Rs#6 z&f+9H42-TW06@3yvfGg3$fw+LH{HyDX5Hk0wh3AlV=jsgM}=OU91h&y1Uafd*%_mh zYmf6bcP<#uNM~yVNI)(}-X%LMOo_NNmzd{glqR@`&vy)&qK^NI%`KazklXH-=MVJj zm;4G{3_KJ@yz~Iki6l#n6D8wWf8OIA_uon4er3`0q{=y!+2uvQOMd@l%E0Y4O6Q~u zJuK@;{0|U!b8~viR`tYN&B$lY{j*o}4uLwFi<$zuWw$mbcDHX_{TxLTOTU!tmZ^GX zN7oPB;iMdArg#{X{TG3oD}k+cqD#y85>K@U++J@4xEon%*WYJbS_52iMXZ&>CpzDU z$#k0o1mzZEL!LP(80z6sQW3c6kWt+GQbY{B@|~c9JSE%NU`w3Fz~hwcV6f^bku=Dw zy(OrZ(E58ljqPn*rt0xUX>;_Cib2_<{~vNY_h3dcEKg2^Z5b!!1fP?0LHGV^ByKPL z)Ah$E*c=1tg2As^HrXVL%Ms~AqJ}xpB%9x?jhbB4(OoJ#vx@^R>^0a`#=00;fDqopJEoqNhxaGe16^dU(WMaB!ykxnI^zoRV-ek!YK`Ip7diwowi)2o`st0Dt1 zKjUGXK6+QP#h%OYC}T(FPjNYx-dh9Is~^91m-zhx^%n?3m7%5x0oZoXpYZAlX_LtR zVCCrOE>P9sc76ZCpZjo8Q!8A_&3_ty@-99{V@XPI0&Hs4$I%@k@C~ybs$=UUnHfzP zPUSf`{pz^{XYRx6i7Yd90}%g&9q{K}-T#7UQ@3%H9nk8%mAaU|yt8ig5m78s=p{qr z+%1!rPDGnWs{T#yXG#cxX4?vR{Po>Qt|~5P>J({?3pk^Ms8GJ4_B5g_aAmJz=vL@w z5-#rV2WVfRkh@sgZO}g3E9%9kf3L?58{*1qf7=WeK*wy?wVI*>0N`wOWw-X36A$aZ z4O_`B>8kZv?AW0Io=r<`xtLz?gX>5&WwIT*nqrRk89UfD#pU7|I|tRp9Acdv`kKic zQq$w?R;;K-P*BoWDud`%Zd&3z-NKzlK^4);-AwyNarI@nr$Au-eq_|&$q?mPRI zW`4V?Lj9hGtpnF|RgWU}hkp)Fag0N?f}yH}3Iacv(%+0$Xo9cT_rHuah90P=lq$J( z&T34RD7n?ox^kG_jFZ}^FI4bPtbbu02avM!-3x&@FVxyDM8^He3)GmKO)AmOY;D(n zwyW`eTxbXM7~qz~d;OEcJY$Ey?*AaNU0@|Mn%gbWl;n$Wnfa6Kx-L8?ev21h*7EHl zRWX3q>04R?4N7jla~dA?N^VYb`2P!#jpG(M$70}&bBtxQPRB5wWFPsTT`i9%?(BiP z#Ka3T&*kvW7_xKEfu7nW-HPI#EaLIHa~a%flK(Zi@(K!wZ{rSre8S&AdM1wd7K+!3 zeIKBz)v4shIWGx(t3ttXNI#b&LNA<^(<3_E-6zQYTM0En(-A<#4q74%in&oO+C^xd zNeWSB%cQ)gFk~J#aAuu;OhWcIUF_*I3j()Fnnk79_q2b~Ykh(jK|9HfpFaUG*g;0Q z>l|#}C$PrPCz2Ex5Oy{K00bM?4K=?SjP(j6LL;%QXCM=Xg9IpNFT4Wmf0blxqtUPB z4JjnBhj-GUq#|K!hR@!j!LNg%)lY2LXM3`Prf7`xwaBMeXt{y|mS0bo6b3^F?UNLJ z@mWwx%Sji_|Js6~v-WBoPy3%_d&ie5Pl$T33K4tP3pKyP9tL~3ZPP;6{2m0wi3L0} z{BVNZOd53-l-zj}Qr@0Jwj(b)1}OI~gvx;|*G!(5n3=}?v&Sg$>cZcUWK zy`RhTKi!!W`9X!j6d$1QCw3OM=W%->$5_S=L(69o@``xWn|Nn5vi0Ywow9)-asacL zfz~JOV6sH`Li5l6fLa$3ASXM9{{h(0?RO;BToe1=tf_r}J67cY#OaC8KCB=LrLYRz z=GfTPGH8l}8USQXfU~-Odr}Ae<-mUH_^gbAfPfJjkRfnU7P1uc`ZcUtB`V+MX6L#! z>1sIg;Tv`uxfq#o13%X7|Daf3NurRF27C1s+OOij7tU zZtF`zdiHFXmL%P1)sd*OYCJS(HFm5L?hi;w6y}eIu8+d&Ey*RlC7M4cV@}TaO_Q=d zih2I69;W!$b?=1_O!u$Q4S+WV`$;fo0+MAK!(_eOp2m=`uvC$@GG!5dPy#vZfB0s? zD}sk9?*VJ^pp|5tj_31S4KnNkv-D;4Q0# `SvmHO1W()g-}=lhZ!9m%Uf^3vOW7d+|vSeLY?*8Rpp-Na(x zQDYWwY;{Ur?Y^nDkjS>ITS`4XrhaVJ#y~|-3N5Z>ZDms0*QB&0+Fs!Wn2cUn^GkL+ z@ToEPcUwl4?o7Elo&YY|$ZuHWzTOh;A;2SS^#yG-OWpb7ddwCnbH+~UW2^y2eQh0Z z3^r|+nyl_@P}PSwA1U53pTCVdz|QEs{oY!ZUy~|jr$vpI2aZsrU!XXd=P2`4>vQ=^ zAgl?kx6!OAioE*NA)ysqmUf%+yUDKI)hr}K{G`D4^{URBd1!&n(Ngha#<`vGF>xv@ z{#W~%b-?D*OnxfbPYZQzNjql|mC-BF(^^LP&^v2uU)J50MAJMM%pe&*63x=mQ~XyoU!9(=LclV3K`!at`ggJLacolBSVCSpNAU$VHM z=25ef1?%P3Y)K61?WR9<`MafX))-Qsnyp{FlOsoJ0I`s1j!jy|d70TG`oZh&+C{so z5Og)DrK~21QCqiNoldY|gm?+fkU$zB<@5Oq$SD`y(QcQO&2%ko%Om&mK+8nAqDy~t zU5Ak-JHle$4X8>R{YRB0A%K2|k#=``E2KJxR0NTd+%bVd>nfe1AG!C_p9at}{8JBp z_6lBnD4?xKvEDCI5!T>eq_lJj{ji58N<}|)}W-D8VpE?18soy&VoTY1PL}hJbwJ#V_%a*0mtd52yJ21oQ zR0o@ASudY99-FdWs?Kl#HrX;|1T0zeQ%XXootLhFv4;Lgffe#wOSheua5Si)psbx% zKho?>x_~W?*+7@c%n#f+uT^b&P^!aCWWScY5Bx<=l%^sXy^XCKn_JTeDy&v@x&3FS zYfZad!CgR$O_zRK8*pD}x&OA4&>n}IJ%ZoxSu3H&I-g{3h4ko)IH`O&8q>`#Tmbg* zu$?itm9pB06Cm!@%XlXaJyv2`_+}5BR?ZGMh9VZ`p@CsH@107i+GQE<#GCEmRPRqj8>+R*RuwX zRsSMhr?ILZI83df}uJ$L;)3zeH*|KfaFbvSn0q(sh?iB+t za{w&>4e)HVK$imGO7DXO4|K1$M1b3Nb*FE6r()PR9dbD2K6$&gqLAhB{=|}X{>)HN znL5FHUFa}qjj(a3>BZH7{-(iqkuM>g;(Z<*Zi|olsuvxBGLK9U7-HuD0?Nz$CwF}< z$-+Rjj}^@*3!n^`17Zwq9XfLfOGX=|SAA2QZrySGQY^l6rbq)WmzE}rSGF1^4MVyC zI`(*FsK1nv!82)-FHj7jvVIg2jFTKgU|jHUDm&B!Lb04|^g^B9jPJ;AfP8}_X*n3tg2 z!}S9vC{TCo7^wbkudtn5l+9T1z|ZgZAl!)EhQH$QCc5ZLsbU}Q?j;TlYdIW<8&1LP zhl<_(O;gV;;3A9b*Y(eS1<{CJ7`o=#iGgRGn`o4X0`)J)be6uxkig`ysW7#A--A-3 zJp09cpiDk=o(xkn+H>uGh1g;of`ApTr*-IggzP*f!=j>Mvl@9>5bA~Oc|7idyPZWr z3(9k{w0HA5^fFls2!NdKx&x>u&7kX_#M~e}h&|b%>+d6$CDmf)B6o2>nR)q-5~)_d z?>ZT_)znp97)L9sukzYE2AVCSOXngQ{j^!4|Fvket>CH`m5$z?7nQXUPypYP@S>u0 z`g_jzsj2sz&)K|U*ZS9|IG`APKQ;C--xMe=!*{LC|EW!l_5L$ESX}Gi25Qu@1}d+m zaR3P$cYVvcqNuvi0tSePpV}BA?tJ4Em8Kw7V}GSi2aNc z&)o+MB4fOA+{@QIC<#UJ-HnvPkU`Ce1iy>d&GV_H?VlDQ-Q*t*ogZ#ul&(eRVz7E5 z40|v%2qYgtkuHg82 zfMa>v8mn*$SZBVTxHNrhx?2zQHwB?MEu&e=k@aKZU8Ln8k-mMQ?T&Au$Eb#*^?nY~ z3PX4FK1rf=OR86!WyWmt87n_Q0SOfMt%|D0GHX6QPqR2lMDl6=D!fbGj;&#)*Vy$m z|KMra49eCPNmxM4D4#6Il_HO^ieNg`YBIHs5jFhHh`j2`p6UDUxsYPc^s^vu)2r zctV@$UyW5bb@%%Js!~rjVZQlXwz`aDy!<*u*SuaEU<6ALCcY0@iJ1t3 z@Jk-`V^A0D|8ijMIYNH^8YBDuU-8BAM5ST2`u&;wds#AR?U4&#Y4UP|5$iluA-*y- zvw`Q?&)YsKI@-m5UcWnFbg@taBAp;Qa{hQ;lKy>C;(zVQp?1sQ(jp&9gJ`BCq$*0rC~rDfCnMhtg5Ixwe9 zx@{Ochds1>!VtD2=)!fC;`KzFcR=L(?RD9ZkDQoei4;*GZv_MSlnVspdBV=2pSrw} zmb?rEf+JkU+3gK*`vp_ySIGc+0R=~Z6%sl`v&PRcVI0w8G?m8Lr!wKTYo|GtZwaA| z9-8H_9d|$VaZk{zv$rGP^r&5c;wGQ*mG4J+pU?{k-b!r8tHi@6+`Eg8ralxJ2CeHe z=`V2=Epmn+s2?UhR&7|W`w_oSKr}_fGSljaw0r+{j{HeL)u%ek%>EjvwjYOn+}4@N z%6zEu64^b(Tea^ZB#U?h>9$g+efTDgewXUi@r!{f-xZVK!(={Vo#cH2Bh2f3TcgyO z;gyz-{OBP0I!>DT>3l+ynfee`K8Pbpm?eG+zf*U}m}fJSzoLJYtr6tEE15(_;ywX= z>w=C8zU3>nT`y8=3!QRD8!1aaZsp{Csq=I}M6V-JBd5gWlg1vo2MuDK?-DTWVMkuU z-aNOar!NfOzin_KDD;<%)WuHnq28Hi2`4Ah*FJdf=dj+(n_EzZ{*9|$vR;I3Ck&^s zo0@zD&klRz_P6Ni5`@u9_M|s$mtiJ5Q?8W zNo>fc1bwPHQ-2HSU8&U%u@t^NyNyxRw|)7TW2A%=>5b?1EuA3>2KRWrdncrY3Ymus zE0fZH=E=?I@*VzF$uEU(1BaWOnBYB@P`=4s_i>&F^yoML`}{EwT|>X;CY?XDB_lfu z>^UfYkNNl0l+*3Qj?!IFE532@E@-j1Wvm-fzp&nH6oU-)$}dMi7?&x54zY*ZCI&sn zFb_c=$n976_xZb^`$x-(&=^F2<>FMW`~LScGrCCw8vn=rRmuoRbWEo+|Luude!25&)B2JwCJ;s_=E!=N2Sme-UfVkIyx;tk%?s5;!! z88Ta!uR8;*X0)qm1KXUgxGcN#QAAJg^}fC(Y{HNsN8;A+P-tx0Q)XZ!ZvyY|grLB4 zy{Dh-)q100H+i^Ah2v2_@9XkNI1aD9OhelKFdLk#nEhlRZk7rDs(3#L&Qz@O%Evv; z39E+tQ;++#>IoK-vEPqUl$$6gy4%v#V=K0;v5A-L7z`D@`^yz8eYF)gQMyEyY`ASS1m%%EukKwvEZM>>1j)w9fI|j2+<}A9nQc|Y)ulV= zS~cbok`YjX5G_Mfh2Xa^-iX3Wa=J*aC4uk@0>Q%rtG5B`hQiRdgGz9Dms7?wr{jMM zn;q3RP|xhG-Q==~sjkNA*o@XvmEjiIm3tqQ^eyVJ_5}5$B8h$b>+)x&N22qU9t4zy ztw;U0FrK-Jm7<;Y;??j|UAdHNNJ~`0JBN2tzUIQjgpc#5U|e2~RvuZlB~-kWj4F>O z3~r%Q@+^9t;pYQy5o_#UTQs1HJYPnu!RaZmDH^!`6mQl?z4z=oPg{rs_J!|_N3v_CQve!S&Y>@U0hIXmay{oq?E{x_4J+G--+_AnX zd&2IdH)FG2_h2Gtuhtpo!U5B}jF09Jr@pb~BWDs{@*~|$5%C5?mYI^6jar`k+{;v2t!x~L29=ZuUFUV#wJoc*+nI(`AH>_*Dr4U1u3fv>akd&_AVv^90^XEiN( z`~t$B8y1Xq_U;!0gG00P&2zj0hm#u?ijIZvv8l@IH(g&( z&Q+i3${A+hPy$kL1Z_e;ns6ooJ?)_YJG2vL(+dDvtDu$0;R0$>e61ah;rt%cHu<~z zI^BJ9r|M`M#8lT?UVPg2@}~RJ0E~3sF$0KfY~Wmggj23gv~5@ofD796f%p2U*#t%< z{LlCekhizr5O6)WncaGD;X}Q9QHKV@j$c#qJ?fLV(e*rh_kX#h5Lt0_hR%o?=DaAt zETfTcfvd0sF8x2$?cwJq7eUp2*^3?7?tl&ZOwo|!yy zz|NvxEv5~0Ew5xsWh=rj?5S-2d7V+&04?3thjNd5tbx2lbk}j{?nq>dCX}v)fudZN z6Mbc8=|H-Nr|XEQS0$SLx>vDztRXst+XoPEQZmLGqHpb1ms6_>dy9q;T}y$GjWcNd zGa!7bB!1J$P$^+I@?`6sQVjhC(zOsiotJV@JG$HF8VUq)jSB!}Z3>#~p92$8IcIRx zJa7iB#|)r{O$@qk2=%G{W~@bf=v2h4B57}5uph7)8{&=BfXC#6d$daB^?!k;=D&bj z$YzNlTHRYT#p0`m!;|#DndXU8Xv0-lJNLXo-;q}-;`vkZfCKMR#kQ^dC$+=V+t3!U z=wyp#>-ILUX!gEma#_n^GH~PN!I>LNdiLUwW;DZbv=EKml=^6Gl_m!pH_p@HDn&ic z6k(qMuh?}eJJuTLaT^(@w)H=+YyIujmlc3Rj?$DJ=mT4YMc_atL>t2MB1W^PDVx8! zq}C*LkP@+ViF;0GA}na!YOz^)DJ} zoRr$sjUIBN6PmJit3VD{86x5c>FDNvoUh0b5q&vMRMK6*wHvkSM;`q+=yI+OBNJ^! zr(lpnfGxpg=snIEn=|}nIbtVA{j$17w#cJMGS16s-Y4`nzG_>PVUj?IgHG4I7l{u< zoq3<+Sk?IMP==|zqq`aau6@Ai;-YyBZG=-J2&sP)AEX`~_nrp?c#BFOT#?^i-bj9J zI|I@^jDTIS`R6lJ*q z9i8Fm>LVPHX4k)6>W;&m3Mi?Hq%+nF5d_FvMr<{WNVbNb<{a2uOHOlIvywX5wqy+? zlPt6yVcfT(r>VH=x840KoX!QDTdV&p46`^i9)DUYJS*3hRI;!2Ig@SFmC*(TJR&Or zNb~R*1=2inqNjcT!kb~=hjyN~1BO-y=KfU;u%2Aitay2gNv#8%EzzqT=YLl_2l!iM z@98<0h-zj146jMR6h6t8B%a>)6aQl#AM||o83G(JM*vuJa?q-^p%)ncvF<|;^qLbj zc6qllJm57Tp2^Ry&}a-O+bW?lJ$IS|h}aY-1cXVWZ6Xb<9JeW*gg&8HDe9vB-Ex~JEohy;b;qJ0m#6fCv5pRqiSPw#7-*kR0Z6lW z+2iTZ8|HPe_!RNQVe7Q(fY4V=tAO9P5}j^QyF!&iMUsuh5(8#8+FKkxX%u<38M#2+ zeKp@=0&M>}And;cYC1sQpHeu`E*zHJEZ~YDsY^z40%u-?t~2K}39NzOjrdWWGyjpw zdJW`)kotbHohr~cIY#Gj0BIy9;6gaWL0d=Iwq=zP$?_!o=YuxR|7LKMvTT0>GH`ZU zC&`-xnkP382urR24ii3$(1j&8-Dc>fj+-1oj5i@YTq$25$;npgCcRbL^AE%6!x2x> zcK^bo^o@T6szy5fWwEo`{hQ?u0**`e(gsYD0D^(gG<9+7_R#d=)-d*_??8?oX_kPs z-S2(t9BThx%N9W)r}l{e7KR&cj7N7MVo7ajGRdb5(pnztHhyXN(Qy<1?%5mVTmMK- z&FqG*&E{DAoh#F&F8g_=hKa&O?o#?hC!vg@Lv`pi7qIz!v~OWU-OFl{U}@t>WrWOq z?VBZuzH+x3ygnbZ{h&1m5vy**mv|d~NJ}bv_qtp!;>qBkRpztWR);l89MQ$;)6&Xr zJtd#Y6JwGbR``5w^xONXRc56HAD{cpRXOX8l?97dl!(Al${SCD^+R*`{MzOD_~gbo zQCKEY+hqpXYs5~IIe^2SSzGHPuMkS`{IG7V7WaISxyU;~}yM&>$^p?4~7)Q&Y^QaAIUp-N-wKH7Ebl zbiMkyhuE)Q*Yk}MSqEdSpEe_t;KA@DxUEsCkHwAt727h<@IXvUj9`^lNsQoH|ElyW zz+`vXWxYCP_BzBw7U1J{(gm~3LW`ta5d+GZO_-&}4Zyp}7dY!82Syw>p6F-+JSRU> zx7oL9UnzE5-$Kzt4glV}D}WHMOMrJFz&o!Y5q@wCa73b8Qqa=Y0cqa8=!;13nVbXo znTYI}U9k;@nSKYZ;tCiR4Gbf&7NNg5^3mR{7Ng5P%scimB7!3)E^oz%;7f(aKH|XH z806j$IIB3m#iGmhmq1+Mh>Dn$`vLRoapT6Rw86;(~l5B_bmJ0dd6$2>aE2s^ST`XO7+s^Md#l?Wx?NYO05L;o@b-KE0i%otf8n z#hq7o*+I^vk~}dy_B*^osYf?P-SwvTmc9pqO!wL6joyiy=7J(vs!kw>f6l<0&Q5J+PweP!+R)WA5|E`YIoLFm(}WwYb`rut?^KfVkw7nOOGK{EXp zO!qYGV8wr@L9dZVSwZBPekX;{yPm@v@~q3opcERYHYYMZcC6Bu^YnW4Y^I;e&g@N2 zvCA#@r|y5A$Zx`iiAd7I9Oc3fnI7W(#>6=A^2Ev~6(=g)#rID3jnCO**70jDhO3Wf zsrcKgvy~jL9}V63RC;`7_`-AW2A=I4&yWN5TB}x663f_&gEQEitDuow3ca$Gl5EHh zz=rGRT{Hd7JEa11vnmOv-D$aE`^_q&KQD&I7DTn$ALj@qnCe=Be7P%)3&z}AZ+O-7 z?2^NjMaAY$ZR;`-m;NyfH@_R=qc^=Sh=8QSY);J-0hQewHXxU?s^)sr+iCCm5aNx~ORbKxyxr|G|>TM*_nOP+dUf;Yw+P13q|6=(_vNOsGL%Xvkl z=v|}sE?hwLuDFY!O7t$R?0oZ?QK_FtgeD3?#O`2yoS$u};E4)={s^jH7b?1z?k+Y; z?(@xLsgGI`SjB0N@}mgkA_bI zS$UtA9v1`AN~94&{q6<6*x50(4Ca)%ByOYQv3%CAo4o$n4BB&TW8 zcG=A#GM<3HSM=>@-3TSJ*yq0Re2f83VK;isyu>SWrF)klT4OueZ53%5RcB?Uu}qow zAiA!M4JC+t2J%ZkxNvX*OJCcK?Vx(4`ekP!_P|4pfnK4Q`_gBC)v-cum=S)h-|R}- zp|B6i(+_b-!hT=82_QZwUk%KV94*wqX=v>i60@9@OXh{&U73>i=L}IbMtVk^)d4HX zAojhx!UFj{N`FkMxWOyz@VL1X*#M17M&ewXt7}_xef)8m_5o{-ckDxd zBROCGd(>>}I`K76_m6XCbQfKVu_Ak0l)Gflg>48?-)cpNiQ#k?;dNo6J2Rbh z6FcG?0E~$LrsqXg9ly_^r?^kW`5{p@@++Cj)kyWlZPEFm6MWWX9+|WG{NB%b>U$!| zP_qf0$jaWiG)yjbz~fWGS3mdud@Cp2eiiFWZjtqI@si~l%N#G=5>%AzkPr}(i&W4G z{8rMWEDk&``A1AHR%h4cOqhoniSl$-qz^a_z2?mvGY>tbOIvAX;Jw|5qx1vr#e!7- zVfw&PSQz8|Fl03-jIjm+%c0A@R7XTa(q%UkO`uZ3lG|#oAbq?`oYpmW`)P-OPgPmA z8ckX?t;SK7Tb-j2Ko*aZMZ*qo_Jv2PSk{7R!W^4#ehiGwzh{=#ZrKfcEH=0WKcm1% zFJR@>Hv`UTEYsR~%)r?Ft~bm>QM7rWvHe0Gi#>{@ksZ$6-2Bq*7`0|fVVPr&p&(~; z^OzN@!+*(ggD6>fHHLR8wsJ!dBH2kIH5xnyX}MMCR(EUGBGc{@1=6ydTL9Cty<);> zbtUEZY_*N3tDz0l(rsd3x>|^`uo}86f^f{*&Yt)zUmC*+f;#2BXa~*{oP$91r*l`UOjx23>(p537x8=p69mu#A3k7(Ok{?beI1*b~Yr z8qAWJ)n4^y&mNtw4&|HNP$nTdr?Ffx;N`t2El&e3`K=%* zjVM0zJl{v2r*lZhpbBVvhc-jHjcYyEf6alRo6bgFR1HnGu=PGOVr5^PJuR)RHjHIz z7)zrb`09}^|74~vKe`ijivU#^*$ryz71c4s5|zL7NR!82J#LCz5@e=u*j%2MIqw4< z+k21sIxNQ`d}7~rSqsNXeQOHM|0T3vqF|Q%yH*P_%b_?a{L(g~63VEDXb)&I9IFoK z{`#JX2>Tt~-ttQO6Wu#nQ6Pa`IomRe#*pgM@QlUM%^On%Ye}PUNNRP#qikQS~n-e+@Ga2*~v>FG|RK|qSB=7UW`un z+RArwYRuC2omdlm%o1tsI|=W!ysHswS^~~&&c&B=*D;ksA;YKTUf*|rxHYtG8sv8o z&^e!uREO0Z`%Ir2dTN)Th>6%^tvu<^hfj)1vF0vQWevR)^S}XN$(U5^SfVGR5~t!7 z5tj;6t6xRn*nO=%=ion--bm%{?Sln`#opBjVmAH!VVhA_lZQ&`!9vqZi#?zy@J1fU z@m?G(B%o`|L~SDLr6dOGq3M+#hoR{Qbf?zn&M~0VJ~h$%IeVuf@?gOc-R3yf;*E?N zv-Cj@MXO9-m;SFTms>H%>nMaz-EDKCl*WyD=D}h#m)YTB^s>i;tYY({o1RARl$C)j zCFa+_KjbdyaU1>{m|r5$|L@oQmxsvaqu7BL2%kmE?!^}G5!b`T7ISp1?`(4a-q3yW ztr}P8O=-(0Z!hTTEu@RNXLpd5D*OL2^_5|5HBq+-?(XhV+#P~ju_DE-MT$Eq?o!-c zf=iLMxLa{8P~5e+76^9J_q+DzWF}i?&5&@;Gnutl6taz6iosxZ?FR5IX?5rO!7NzI zPjFHv0M$(>Vc{OPATHxO*3~rvv6Mtk;lxUGzJGjdiUZ$>hhxO0(1^}KkITAETL5x{ z@cM{S)=4b!`2v%eJ54h0Pf~Bwx^i28p7~iW?Z(eHRVPNb>#43+s@!V7ZIrH4Kb5)P z6|Q-#%Q|UY>kW=@^df8`h#e$}+N1)%jmaM;Wyf|nt%{$pk z4QX#s)O5N_IC}3~R$jkdI0uxCyZ`Q@WHq45pZYcE&?T16YM2YQ47TAg+x+V(t#cK> z9bGYIgotjEPfulhc(uE~K=EQjUbXOcFQeRcjLwmr$GD{N&QoK>45r`o1}u9vlh-395!)x_i#a>_dfgkDvnP3uzkjOK_Pe8KI8l27;%m6-A_9Y z@itCf#S;_W67JU~j!v~#;}g2DY*T#i*Jtr`Jf1hb;b+u$-!f$GI zd|`jz8rJ*T=p9pjYShqb0LzI83qQ%qF%l485f{F_SIoDe&ZvO8OUVL5pOGMeG&k^JF9Fka*wAxn zDT%`bWycpq~o+VCbUA@j2~93!GEj}oAib-RMKMl4jl@X zHsi!5J;~X_4fU@Px2``YxJiPkWlkTULItI%nGUNF{F4jMac_7+y5y#9P@qWC)HH|3 z@cur9=U6v0!Ck`B2T0K0AZoHhm;jTA`r#ws*|<#`7$HDDH;4Q4M-Qo}L0g@j>0d zLu$Y?ps-VF`Ibv?QC(`qy#28mqp4WY_j5yx;-hziyP~gGgOTE+M}w@QuX_WV;-hN= zexTVE#qw-XoY1mc@r2;Abup&kvSG2Bz_NOA9RIS6b2=ABu0xB(qILc0rB|q9^o%u$ zW9SSLiKG8anRj`vkga0O-xgc%cE!J3%UVSf?8}2inC#1KMQUuzwMB7nmWzreSeMg_ zFj<$s6sfT+2NcB}XoWfocBfqL`-Yx!%+%tYGS8^vozl*n;hvJu#N(b4&T!(MV$V$C zoTAP+;he(HVBx?D_0?jZ-c74xpI%O%VVxdN$77xDajHURUQiv^YRMehBVrJjiy#xE z%jpnI(&aA@HIn53NF4F98w6IF(;9+Fv}_1bBfLUh=7!`EEXzXH@RxN!a#>Hi_D%gfg7v2_n=VziYFX`*YXg-{|c2NvcbFS{46AuZb!QX(xInHTJIx;H>TMyL(ZpcUi> zSCA1>g8^s-p+OpC1mD04S^+lTf{Xwi*9qQ_msnEk^Fv|};5(}G#T^r$4!#7~zeX&- z?5_!DjgR;FqU(x7z6aoLiu0r$f7cG;_`B}Qe4+J&LEjay6#2Quj=z1!`?$OE%Y6Rz z$U)yJa5w2W&yK%UM@H;j!eu^B?H-t!=p1W@(xL-B);r+RiEDl9XL}o%nfQEtn{tKt zWA~PXb_aFLo%v-K+q(VF$7-+!;d$|PcKqG$MLg>|<4>_-un@s{(6)(2$85B>&}BT+ z`p*He3~)2vx#qTsatD62H}z#a{kqkFSPWPQ_nckcNy@n-weX+ob zDCclndDI;%q2Az&TCDYv-gY7I5YqXt%{-)yV3Enx) zrU`t9c91vnMLb{~v4<~Ed}WBwPrQ1F@3Xk?5TBR0>JXp1IQbCY#XDC0%_V_+tsMjY ze36|c-hA2}1D<@;oh7dP%WVVB{H5(B_Wa&$1GfCiZD^2<99aF!0R(&&eUJl=k3L8P zb4DK|fG494qQOp42cclBr~`j+ZRCMBSUvK<6?_(PU=NOuIIse9MjV)dC&Ld6z)s-@ z+KXmjuTUFxa8sC#5?C+HMh5&h)JB}eyYLKe%JISvY0BcF193|C;t63&`9d6FO5(x~ zev0R!18$1(;t4oKdLa&+!o2VUOaV1F5`6sUHj4A9ZZ9jm6`w_qX0*)WeO%`Pi}T5E zmnxbSp81a;S{t!GR&&(F`6Rc!6?gK_oJX!&W-&enbKToy2|j{zl|^R+o+TCN@_Ech zf?AQ$Z7OrhMQ6C4u@$Ovd9+7JTF6mtl5>9`XIKm1xip9*)~!>8nXH6iNUtd0TpR=o z!_%ZL>DPMsvvxa>H*31YMC7+up#6t4qsL+;PLp@T`Bn}b9 zo^ve3g7+k>NCB-!W7m_dH9U9lO59KYFYt>~xXeEwm&IKJ%W%xW2|b z8m~@mcM;x|w_yK#W;$bYeT{mQTgBe)!oKrvN$7tjI~#L(4S!@`)!6Dny;HQ>>w>!z zZ)xt8z&O)&(fBSashCB1hu`Ad^9($L*IZX@eIXzxoqj(#@7vc`Kw}8VuE2Nj-LgE#iS_AkhvH|xiI`hSHI0WBc ze&QvXy)<38SLnYn=2ycZdLVUS<8uAp%Vl&{B4`xNX#v+F8@ zi&c)!6xL1TBw9dySD6rD^haW4sh*bbMev^RI3XMw(z54F4Y?N!|jOc zSYV}4YRlT7vs+{}^YYQ-4iV!=0eBr4FJr$6O46EUhOMd7J^Q!$kAhjRo*7f~FB=3D zrGgo%BU{JnsZ^ssX+|K*k)Za`B z531y#cz+rH(bcPjE=;_x2-9}LHh@@6w>=i49sEVOQh_Uc;UdSJ;$+PewY`hfY{n#d z7<9We93=eIRfwUGuUR0~j3aM)W(23T&uEQ)%i+Nm*i!>wj}UbV&2>h(weVn>0R&ZS zB25q;vHdB7%83e8Xn_5zy46023EhS3+;)2Od}bC$DZf{QCnrhrI@DhwFIKV`*t+JhvW{a*LVBkhwiD3;izrEmvmcL9G+&Y)Kt6fm`>(*1!^ zE%?bCO9S}e>RoX{nGc7&vByf&edF|i-8H0LxbY~CxNEb)p%TQJ_j-Vu+?2z7 zTv!vzgPv%_Z+6gNd_9g7?VxTf?B~o0Sd3*p+?DnvXr3+~F2i&OmW|xGDq+y*2B8cD zty%!14RZ|}y@aEGMvILfW#u+g4_3XlMcd`dV=D&)8c_*b3*Pbhn|FaKuqTXAHVFzb z_z~}`uVH1wSOF}b(Jq(|gJ+9jbI9P_g{4-+W`qp^!pvry8~USmYvp5yqZT|G!Dd`VEzmhG+~KK0 zrD0DQt>$o<8U^LIg!K;b*JAoFj!$3G2^~L^XsQvY5L-{`4VLAcMY8`@DDT@AupRZ17+!7eSal$5TBk)ur^o?LJ+Drcdv zqPD1^M{>E>Na79x!p}QRMKv)pNwlcq$D~eS=dLaJs$@PcM4>$L^We zd#wCT22IMKUA(_c;>zM|+%~4$sM7MTMRc6>?=bw~TH<7kti_OK6-=@crta}Y)x z45Z{G=JDM`J-;W>!^Cl4D0iw-;kmzTv=Pmg{Gqt5#!U4zeDklNZjM0NlP_s-u;b(2 zHJdPfUwWoUETqd{6F0%mV`j(J!`E#}Qoi_M?lk9dH-s*1ui4~<%h7!sdp=Nx+HO@$ zG>*WGW7xgSmBXe&H%+yqu1bdGYUn*v>PvW91(vq1^}WpTdC7TWHU#ys|AV#e)(Umza$T&=d@(&*+%J83cR27D37_$QYeocz4+?QDC zkWGfU9W)|M(AQ+Bj}eP6QYVW9jtL)?5$DC!TEj&BA@@fy5B{DL&E!N5LTEPug5`lQ z+eA;JRp1Mn>Z!YO2a(rKpGwP&=t$S4);5V)lmy|W$k|FYz&AMsRY~|OWRe-)q!*?u z{;uG>ClAUN1nR*USisT`p+P%n4PW8?)mBG8m&?*PM}3Oqw3MNUTnTy=h7`q-CYH7$ zbg=v%f@zs34Zo~^4)2eHr(awNi~~!V!4(j^|6gM7 zFY|HFM+Xl+IP>~!Je(sxWREeq!!4$pMziV$JA9I##Bzt)Jx&-YTgB5!2qmcFi5V+d zs+)MKEanqd|74e3GTBKHv!TyG(MZ)jKyCN#O)>2I5Wo;*b{7-hgTt6J+z*hG<3HO1 zoE7qvKuMMGdrh&mpJxiF_Myf2)DWm@nWW0RJeT<3t>R8T#znH^6DwRuf8@JK+tu0c zhu_Od7sAU?g(CGyf&B>9J?n*dixU5vZ)!aB@vB1=f}v!eEM-kVH-hNj%p zDbF+H1KSE*8~uWeG-&mZ0Dt{m$gRPMrjpM=9jGjvfGs??X9KG~>QmH)f zYEy0f%dZfJ`G2&QCuul?Ey;_5L=;#o#`rYy-$zI;*>A_q$%!= za4ow(e-KUmWkFoysfQK=_dl*M$vadE9T{NpI7$n4 z##R7cHu@_*MIU-b@RPy}Kt=7vh8v?t%-V!N#UoS=#NBG< z4#2!QI%Y!uWJZ7H+4ss4sRu2%MpZHsrxrbvUG$a_zmn`y4DKlM4&R9U*!Otz$UdBj z$tXF3Hl1#V!8DEp<;jij8y2sCH_LW^C^fLh>ZZC{7~js=f64+rUDUi5lj2zShVsn< zgE&qW|7b2C6Obio6uPMh)BMr^q5Nuwk#W+)o<7*fP`;OgO3I=tB2 zu3};*R5ymU2!3%^$@=}}<4y0cRmIrxoSs!T6 zGp-7ZP|`w;n{fIDx>@+?-hXPxcCcOg)65apHo6o*uBwN`b0YrN$x|~NAb^Wgr7#7- z3F|jND3OwY*EF?xB$pYBQ(@8RMB@;0d_Ad5bTM>6L4!l++p?mQx_^_J2^TWO555rQ zujl=%CPq@2#V*S@o+LB>8R@C|KxPDqdw)?tZBu%l9h8J%9O6Hxz>?1IH*$XP9h}qQ z#uL*#63D@H`FFTQNV!9;ODrdReq2RW$w$Ji--uy?3EOOR+i`!OS!AouDwX!(2chxy za7!A)y7l1Rv^mq=_VlRnSWnVbE5ka|-Kf>2ARk-CzzU3A#ISCuw9Ua71or)?&Kcc2 z;tdCH=-Rkz( zVQ>tkw;ioZVOW_oOh;frc_Of8V7lzTW-H7=W0LWbND=L)5fu-P^FPUDEVJHi$M4@l zKF-j~rl&Y$KfUl0>G5%OsQt3Px^@i7f8vv(`LW3_ zMU%$o&EJV*<%_ds^5;rdjgkq z)CmZPT|u+z!Un~&G~#*-4wq5Cv)vPKNe{{m2BiUcS(Dn|a<3(YYo-Q?(A``>0r}!# zDho4hR^jUdNWlO-2>lqrRF$I$*%%FawM0Cqjl;M4f4m52+ZDAXGRie32nq*?V9i+Kzvr9ETiYdz9Dt z%rPzhy~H|x>ZC#;d{o(VPHQEIP%nU3T*(kq#3*XIjzo|Ua#xt(!c0vTacWB=<0-l8 zKct5RQT^@O_wzOgZD2fx9Pa+vh3#NeL5YM#rp^HlIyB}&d&30B@RH7JzUP;z0aA~d zVBhNgZt!K=%qbo3#hP`?Sr7J--bV|syr%<)051bfhJ(mW_K8xg_n&j}iIK@`a>Vi- zS<2pRwgjSXMG_c7MD0;nY7j%y?>R7lyc@U-1W?wiViZi@f^{58Tmq9wpd(CAC*Q)tjUs8YYQ(^$E znCP5VIaoH4fCQin1f~)Q+tjk7CBtpYC|k@uO(}Dec)}DZ^PkobPDtx>V39)S)-cPG z2?J{^^dm7WfBLzlvc*(&yVAQw{8jnnz6vfc-s=Un<`jnTq%^7GPbsc9`1y*c#ojpe zkHIq8uB0iF*2=UNw_eEvFwPpYGEg>|KzJ)?F|Rp~AsohEdniqwsZ3-DpCUdj#3f0) zWW`qQoG-xDbiP$jCQz_C`8Qe?Z1}n3=6`r#YA1`w0#CX3h3l#R!A+H|HqDSgI5B98 zggpu_Nx&Au{u&VmlnNTcfQX^|t`H%S;BW4dEDS2Iul_rdMkm-Z-Flss5W47$mUl2P z8NXpL_r6Y0em5-qh^va$p5sifOj|sq2g8Z*-x}eKI>O%B`IDgkZn4u_Oc{-I4E+f& zu-94<6-8ZAWt?=)JvHmc?(zqiF?}dXL_|)P3W)B4?h%`r;=Vsx)RP;9p2fGk%W`Sy zF@|eBnY@mX`egEUoYcfWlZRC#!8Mj-wF2I_|mc_IsISs_Og z7t>>LyCXe6qOv^HL}l_Bwnt_0f$y4OR(juP5gvy9-7xqfh6@fJn}&C|d^R^qxI8w> zR{`5UZA(L8dD^jYaXKEk|5ma~GB zn_%-O#!ujJN9q<;7$@y?iOs~9wNzID?6Z@4$7b?D2eqsxZ4+SY(W{7s&!rIa51h>@ zec{K2e~_YmvqV(A{ME)uIUc@brpTJBBP5E1E}7xGEA0H`bx+55NYCV34xqlYyxD^v z&z+${7J>YtwVXUmmxc8pkGS^hi8NRa>d?Z_hvEYAPscbTvK)T3J3D^bxGr6AaZ)SAQ+1drGCi@>J`wC8LL{! zi3voT{x+~lI0O&2d*?ZuaPxN=MnE(k+O&{zDHVDKF#grDl|zHLspxYE_veJD0**1) zq4fMbvKRs9!VO;w7X2uW4_Ure34uzttV5!Lx@fBE-K)~2WI^-m-Job|%WHny$Qjh5 z`zLmWRjztS1kbxBilfciAeBmcNt~*>!UZaEHs81)PfM4j9}M~OtQBN!de1Bd3>ZQxip;xjSr;-aNv{r)@_ZF`yHHP0Klv*)T|d{BW42r z8-k0?d@b`q2rvHU$z7iR4H3>+LX}w%-K_GsMgMwxyh zqZNsg3KTu!TZGBew)`;4kabqU6Kchi*E@0)cecf!zFdGR-ol4WH=s{1vS>1TgQj^@ zq%sqH#f9)wqz;(hvQYTkTMsOLA;u=2T=g=E1|wyD>kF090ptABU}Y7rM_?7lL3|^Q z!pI_y z;eTQqMPm-`= zX&{TUEY$jNXtVf3UR`=+l5?KHTyPQU@{2oBfU7@MBZ2@r|}4 z6Ff}{w+j~5>Kphbsqk()!n3O<8o1KJh%lTf1^g!h!>gZ{ zT*5zNJWulX-fp%JT(HU_s*N<1!(LyBalH(Q#>KvzMl;Wzf$ z(T;l{)%Q(gHy(_dgFux;tfvilT=3`Kf-n%KSRk%uWMnBSh2e{!E^JQ$4HE$|qFYpu z#1#18tQSHwwDRJCqCrkj^kj_(%DeHGrz*Ko#<&;LE0Mlhs2vVX4g4m9lfnL~K^W5V z(G?|h0F>Q>A*`eWha9chL-T*t=*_jOe)h!9-NdR$-@qXwXX148&8u*MdJ2xXdN1k- z0-r|-4FBBmB}!KE+6-5YGhTVWw;HW_;319EuN$; z%=TDgcjOQ9w9`fE{f!hrJrw-PWMlh2Mb(()eTr6YwKNOQt|$&pdK_t=0a8X!jT9ux z7$*!*KkEpTUZ%nWjPAiuB1{ADq9XpnX3-S`Ef81rON;_KTzH9pLx|P)H9QZ)Q~Yd9 z0=6i!3^PoHM~04nJuPcs0_gi$up znXhO5;enBo1GX5SPy%^?{JX*m}Iy^Gm_}yW1xxY44?1ZKeUx?4Z9zPIb;DjK4vCPK0n&NbB!+SIj!nO zirIrHm*T=3t%M|dL2fXfT%3ZV!OgTcoHe9)Kd6bT^;jl6i4UEh}B^{=oxfm+3XFB64c3Q*dEOn5R2y1Xq6g! zfnROYB=o+I^+_O!Tou6C-oMX)q;*A=KCFSZAcT>;Yf}B8pQfrXlF|`pfYMdj$a|7~x-OqSzl80fJwLz z6J9gnq~q|(d;L1dTU(re)&zZ#ib8u1Y4hv~0fPQNMfH4P&~TabvwXG_=P(WQ_0+!ETH0>nA~m!MaBA!0C62 zSVw@x1HR(xOgBolN&K6RC}s$3B7TTa6y53YAsky8G$WxB-Ae8h*=iSkI_5chf`3E) zQjmTpjon`3iUacsB}djmoS>~JLp?3E8(mB;=3ht13kA9&mkqN3h-x(QWAh z0viqc3VWSeF0?;NYD#01NA@HXU07gfjNr^kpcJCDxsWg!6NK~egq6)Nhk`0A(t@53 zexRG}O_OqaorJ3q6c5d&0%(XvM*7+Ya~Lx|4=IG$%3{^oZA zf9UwBysh*Pn)OX||1a2QJ?=5q{7xbq$uwWFBQYrqMb5c3q5ki1ZiOJ(BRI}z%QwEs zKwZ@&J|KP=O3hF`bAFkN%w*m~DA{=V%rT<&nTMHoyC7@qTppFMEGURnx+BpIuR(ld+Nj@;Uwx2_#}P+cdmn5 zBG4dM3+jfRJqh8*s>wydFkj)3J=AyS)M{({j3e-=v>4+4#X4Hk9t>C}O941ovZMt6 zO2~G{*AP5_J>NR?s(qae$w8qN!Uc91B9c}_>xX2cu-x0}x;t&3PFRges{aDm(E<77 zCL%}Qf@na9sbDE{LyNZ~q5LmgkukwpKzNjt`Z^!%ugJg0%mp1a!e z2HC`8^970gsU;!$Da5iBBE+&iD8w=^?fnx)2|pLYm(e4{0_kbDRFYaJT=9vNgx%nM zo+49eOaQ_GH|lU-cdV8Xv;tx0FUgnHDa{aF#U~348Xa+_?pEYheqo)0H#yh8PptO$ zTq>Wk^k0_4_-BFz&Ew=MJgr37Rlf<)i4bejpdOs5GBGPvdg9Mja0LDZ^V!eI|eq8;h(~Jo0xQ=?35z5>5I49M?Ag2_; ze;GR5j11%B-*?3h`9h1-I(O} zbRJYqJG!oZB27=8;0r{rpDMxh;lu#&fLBk{2qaV*gC^N{*of*|7w57=zuiI9PC_HS zR!=r5vMl_;%a(rNFO82DZ}nFK?%uwQY6uOLMym;1mWK0^BE{I>KeH?N zhP9KT{T0CsnZ=cXkv_;`Y%Z2q)Z81W>r8inmAC{Pe*PlUP|rgO_=67Q?;BY}u)w|f z$qB~!j7de&7q%cjsQXr*o!8J4BiTfwkB>6c_AuoFDXi6ns122>ka7C#nXb|9^t0=jt)n9{3AsHNPtI5$0l2v z=_qtXq?$IDlIhVH1&oO<7Kl$#+=m>YU9TJ@qq#^tVd(tv(g3DBs^B+82H+7WKshYz zO7n9`ZJsN9gy*KTws}R-vY;DRBWogBI=m1 z44!@>2+799PaBVe{PT?(F}2`(v9{UifsNI?a**HN89(Com`6El5A9nZk~tc;3#aEq zniK3z4euS+>A*mtY`EtIk78CFsWNhn;FqwitQyFyl+ zjY?!#YK_0Jrc@cS8W7_X8aF^20L+EEO!1i}fK`wPEeAbaQNjGZZ(&Z(e|K5y%S<$~ z;q0l-m9=RC-f85+J!kyg4R|SJ{ufR|!h(|uECZzVum-WXpwX!0!s#HZ1HTfKgI)9rWIb_1kVdcWD(qzKry2W&s`C@0oU6!|B6C4&S<&}Z_;?4#x=W2uz zD++);0Yj`H_+V{-B2qaZot6iv7-7WUIw!CL1uqe2;)vV$?Xv{>?%uG23STZU z%^G|R6JuM7Gi2~cVtQ0vE}q^+?Y1SC^NbVB1kkP*rF)}wiuoN47(uu6BLYBdU4nud&QhH9h-YR*hn7twNtK|Cdxu{NV zrJQRX-(evGwelx~uyZalD7n}_GcnKqW3;C~ioCKDHPc4}YUQY}>-WEjnJJ%G3SJbc z2j_o>cSCKfYPLmJna`=)D*d18G#n9+r8WX_h5i-G7l6^ISE1O#HLsh8$KB5J&4#L7 z&)7BDhR%OqcMKahZdiY*A?+`woAmX}M2aB>I*F&qa3D8~moMA$a!)puiR*o0gFD3V zHY!jiuoKatJpp*wd?N&+2a`*+lJ)fYU#ZLx6iY^w%{qfjk&mqKfy(mC#4c2>vzdLa zoF;ggJAzX>pA%^!6_`+hb&y@C{_MiLiYH>Z7$hA7rW2?9(j!f%9%{beT-XR-W+4z0 zokS_WYIMKivs*qne;=llly9vZ79^ZdHz}KKb1%zzt=T{Q$#Tz!Eg>b>(3i?GP%GX> zKRa@7v4@k)+q#Oj*0`47?`2R>IIP%JUtE&vkOeWNYCtVqcY) z``avRR_E?6x_QXtDbo*0^JQ-Ld%YhgK{G2<4`=(1`#jZqdKFsNb?5eXi}5;APpzru z5p3@1_8eNDF$!dJWtB$`a^yJi010ScnlN3+&F?9;DO3O~0GjzH%r9%fd%9Hp2RIAp zRb-L3qLj!9?~)|TfrBcRjrNv{+kB535f7tMch@DPk6AUFulQg0XMYihJ-@;#!gnma zHfuv+(!#7{ODd`qkI;CB`Aw)bJE{^J2RX_#-rYqtHo~`_v_L9Q*7twwE=TPx^RZex z1ujwKPZGStp1kU>pSshAdw@y$JerDl-x(m36^;U+^k_z0^Jq>c-|&-_j=08=`zPIN zf@uT6UK!nr4u5-0`mCsaL+(?Id0EX6Yco6%2eTDtExLL@L1+Wr+n;$YIvvO{zkQ4w zBKi=hAw(QUTm{N}n@O0;z;WXvz+r1H)ZHr-TBITRG$toYe$` zbRLb_edciXBhl}^qzH93%!etSZs7t`hb|<%X)UqeYT)hXp9eH~JA@}4c0D(AJ_l3P z51f%61y^2?bma~?WB5TOSoR;qJv27!NU2eN3`%su3DwqcjSoGp5rCaeZ7Rz~ z;lKMA#DcyBHggN{XHt;x+}Cs0nemEfewbFWSYP=3aq~Vx^5RS4=hy}Rg(t4DuNHHi zXV!*xKl`y)lEj)_&HPqaZ(m0%?Vp_4Yp&lG&<#Bi`CLrw<~Urp;cqx~?m!4uPS)Ku zMoWk|_73b5KNip}KAGFJtvTKpfM@o{za6imc3xVaGoNf}AE3^DO4Se;c^WfJv2)gM zoOb}LmDbc4-8W~ky?*KxXgOUan*G!?RXN%F{FC}_$)2mPrKdPVtvkb2nb%L<6YK16 zv6DIw_UU~Ysh2n&AkARtKhQa7zzdpVBtBZ)Ph_q_1JA9~j@(OdIjPj;=dq=A13Qu4 zAGvu)uGfF>bS80?-JWT_nBU-=QFCtH^1k!Mnsh(jDX3FDH=0qbJa1jkgCDHoa+0wr z`)%HiEDFvt*cvT%jo=b*RYex#AH5rs(%laa@Yz`ytMn{zex6UN8r!}~kz9fPjaxvd z?c{HEnU2OP2zQeCqa8l_9*k1zFZHaYgmRWQ|Efv(WH7oilRpEeCIWk2VV>eweuF1^)XpH@2- z^!A)a#GvcTm95oSHU8hv7he5*ZzcjwO~qU8ziaTyZ#5Sacy!hw$tI{VmycW+t+C<_ zIp;kdDVr^9=T#+e^Zi~UewDPjmin|dG`*W{{UQ1+;+44A=q9RrCMNK=(`8Ri%{lS;;0hj_{SJFKW2Q_!$pw11ar))>`c6Vyur&Ys z<5OGPa^Xgf^P0QWbs;*(nC7L!D^p+rC*sCw)%WiajV}cSM6b`Y+0ttf-HYHSF=8hQ zKHr_B3@*Rros0PF(B*`Ovv$P=j777Hhm7|3Yf>(ngP{qYqSp_7VF!Y_UkB)aSATm@ ze^6+4ysxpa*xoddvhpG|X1Wf|xszOaDfm#QlQZq^GLljEo8nu`c|~+WI+u3oX7d73 z6Iu4k`I5&&=c%eLHEN(h*XZ=IBKsmy{hg!es?E&No*CwYO^-xqvk)2dxVB?XdcyGe z^PZhoj@E(U*|X>$%(F5j-B)_l4R-2|`?0IYyH0+l>a9~FsJP$Pt#w&PZvycKAMay5 z2_uZP_NT`61(U8ogWi%;M8x<0TwRZ|;S*eWs0nrt%hO`KR4gwwcRScPsNOl#LF;2( z{^A?Cfrovq8Tq2$o$k2OsG#3B!nNmD7Wt$ewwLI2iEhju=V$8z9!#q{yBEX*>JPT4 zlmpj1tmYdI)Fp*&wU5H*3oy^GcKFJ(r7~_0WBrZDsadp__g@HwUcmeLy4d31{2UV` zxcChMcaMJ9G-HfVnf#eF3*;2`ofz&ooek8UNS=)%E+Kbf5vz3mq!5wEj5e^L~ z5dkwlENt_vm#ziTTgkpRqW*Waxe zcv$=9uc>bh>y%%9>+gu9JG6uGMBhKk0>ZRq$=sBIy}d=)-_jv#ozs>ogH$A z5DRyUHMek~Hr8(8{X!aw?|sZP^$cFc-_C*B5pi)fgEfmzQ*xHoZo-os%4EdOd0LDH z8%Rmx3KrWB@ujtucz(|vzAI{dCkpANbz4@Vj?KsARgx0?n9(iRt6kXW?hUg_&9wr> z@;C$$`=12__77I{Tey1~24vn|U%lq|- zJWfW;(YyZxsV`+*DK7(awuUw$elT3V#aexv0Uk@=8;&aL(r&2 zW}r%WnD}8WtC3#7$SjU#R2?^EmXFbGy!+wjM;?joUE>i}AFm|g`0NUzPM%cd4NR`` zg*%k4PcoTfe2vD8-{jyD+hwZ=?Eju+I>j%dfJEIc3n{hb)yngEA5jl{fLS@Gx@}?N{AozD>$q z^5~Nq2q-()Z{>=N7Luf?uw0PkUrpBF3A;(SsyxrHJxZu739?N*U9O?LNilcNA>Qz- z=2?k5=2Qrx7Alh1*dR)IoY^1yq>(W3;eueDK!nU*#GX&vmCp*!MZ_xM$4AEDv`4fn zQlJ>4 ziDi7=@w`uW^uCSUmlcULsyWPez<};1^|7Tf>lT1g3PJ)sbl*svsO!yk@x$V`w=eN% zv!C#V9)73@%du6p*{N6k;jJ9#9s3)0Wz@E2v`@u-nI|@gXY1F#EE#`g*10Y&EiJJT zUfSL6S|N1kWSCnt7l-w3`nJQ=xob4HLp0vbUSh7gzahB7_#?8KdUw!!otWljAmwxj z`?twDQOAm}bc3`X(s)6KmUh^4-?YE|9X|@(y|s|fSU6b8u%K&=S_hw5IPw)!bkFNb zEG(u#@weF+#kDe!s^_V!=4vgtVQ@Djh#fJl3sZa6}Gu3Mn4|`bmp*E zH?v4P6DQ!BWSPIr;#H*`v-bD-WRlIznEX~zI=(gelJ4_{ld6!7V~6x~d8w-X-u;at zD>GSxfVNd*8Lhv;s^BLx|q~mwGncBkc05ucN#jA7A!&rBLuSI@TI! zeWY{C1`P@Vt66N!S3~70(<8%k_;Br;L`~5EdS8INhYS%c*QMHUf2#i7C; z?-i8W(h%<-$MEK*{G~`CswWdEOYeHURy*Y!59`yl8!7!&aeBW!FvQfopA3iJ7*Qgo z9~pGiuBK>>wB{INP5bTftBkJuTrDE5_b1jumQ$BZbMTwIk#;C$xRM2NaG{Y+*84F5 zwrV5Ij;KIq00lOIW5veTc-~*pd#P^M#~Ds6{0PE#2n{9Yz~zooHm2l(kEC)Z?44Z2JSPJ$4+8WL=5II7#$p(@fYU5V8*;N zx_<$0D-%^}$)nDUC7qP2QzGjwd2H(oL<~QmaY; zmISj(YgNB}N?Q55z*T(sX(-E&Q~++65pIXwFw4$gE8te?1%jcB1DTQt%8(E0eR%qW z)-yRjp878SaipT@CG|o^BtDhhPgdEecIV0MjTo{>xQnsTNPEv`HNr- zvS5O{!^~i0&{Ya3v@~@gp-Fgbmpeo!X*dI|NxLi`$Ytf+`Rq@rz{X6T#{L;uMf~}oRvLEV`Wy#yxIHoywbE2JqU{N-lo@Vc=BU5 z5&8)tA(kp6b}0(mR4HK+iWxgu-{tq;U&a`V{qE{=^*SGv=1p(t?P|=e4d(Lp1dd8-@&?JiIQ{qNrA*WFs^uGW#K+3p7Y+dd)tZK5&>$eP^zGL!;8VZ*kvhe^eYDV;}X0&(EFcq7h7% zrf8C;05in=ejWR$Anx1$4^+UIk3dPfZ_Wo0hR5By@@h=VfUwKBcz8B@o7!VS16~VQ zHt#3Uz4q47c2ytXXun(U#EO+FHQlZ9+33U*LT)=UN1D2f7AJz(v#~*j*_q1An8%5@ zu4X`Ssvkk8#=Lmcyl2w8DW|L3{_+J+e_ch*UiD~Ftv;Ri!Cdj6ItaA*4f#*;Jym%I z_o~UZp_13iX#xA_5oqLvU52yxW4(?qm6J7lNt2kWvR*@S?_VPKq3^(l`ky{m$~q=& zbLtjI*IOC6n>IknxWQ!%W;Q!RotR$;JPolUv$)Zx3)U{h1xYnzHNv{%|3VYeL(l`e zrwvYC)c;B7u-j(XtcK+82N-#C}dA} zJ}^pc_>!d#G1UWQ%r~B2E%s)U>u>;?cUR_L!45U%A6IoM77S1LhI`K_G)5%@mjj09 z%zz*dKY&Om+-7`7a0QF`fAI>1ejq?%ez!hlK;aDvR}f;nbiXtBoB&WR>^fW^St>gF zUEZB)Blyi1w*6-Tt)D$`$2Xt9<}Dt#o43h@3Dxbks_7Xssp&1w#epWSr$2D-rV19c ziHrRg-$8kQ0WEJ4NwTNm2?rnG|FR)qHL_sh7T$+$Y`@ZDr}8<46&7%U0iF2$ua-%S zaPU8mA(TO;{i-zu_J3!H3<&o(<3s)Y==U{~-u{D?k%B`zt2LnGdvbD;SlrN1EpRcY zPTHwY2TF1Ute6i~v0=f$2_{s(e-7^SOkw;r@7?0SgGT87J?+1ZzU@(Xf)FDm_mYtZ zzZw^t{n(@WDI@UK;CY5`#-}zf-Da;a)L?A@tBU0(yW}LEW}8fXIJHw8f8C&LOxLW> zYgloeRL55~P+&gub@K%fpEpq=m1q-xngE9$&XfgJ4U> z^S9Nc?6Cv2+7bM$C)c}MTsq1snNedA6bP@`rZSC7CHW5Yd5Z^Klavj!hr(=Ms&JQ5 z$vU>-0%btu%{C)?0K7%Y$Qm&M#QC7tS%vv(Ihw5yfKNq2imI~M{E5oBr&{nYaGg^ zOZ|yG#{KD$ee@)1mOA?hJfGxk-MZ!!){jnksSHd_S!tR+>{b(LBdCKPD?$l!&AMnX7#3*hzQ>u14-~ZUj*Gyo4K#howYQ$y?$to z6C31u+|{A;-Ngm|gR(*tYzA)mUTM=u_D0HMLNAGG=WAZqUhfYrLGg?LX{j+8+xBBJll05wMX}3l9L0LQS4Q1 z^+x|#R1o~0WdCI8#`x;WHG~PA`m57R0Xb&33L;Sxr>@XF=RBMkBb{X^${)j{;N>}m zphkS%d0ER3APBznzZsK1g%?ZC!_Zh$Wi7auvlRwMOz?2j+!?{5{j*qK#i;zYDc5C^ zN)FZ}bzE;U-LAew^SaIL!y>yruSUBWCqeU3(5QwKYmPwKCr zwjb5#oFpf(FW^N@{j**xODu78p6xj${VKlDaMF7vJ9JsxoD0jm`$JzWJIgRD)=YVc z1`^w2(omB?66eLjR-tXmd$@l2t-w8Xt?ll`mF~&_dkwP*C&6n@Habln6icJR8k^AK z^IiF7kTfYoc4g?%^ooRRU7AHQ@Ix`D6Tcv6-L|ncu)N}r;2~#|A4_M-xXW}|9{_tz z;`wz9Cn#M9*$sABX>_$({HgMSHkWTT-CAhHF3jp#P&Fn_iU>LG^Yk`bN}68>k!BJN zx`sF{;APbmtQ_rX>o)&5$T2?p%&i*1NY%JBeL5)>;h4+y99YMOMt0z2&Fw(ph3l)2 zvIZGzln)_uXCxgnZtX5hhze>CTZR3o@jaM%Ax zxV_$+*BHukED-79ZjklT<>;y4sjFxoyX`=bbqzjYvvc8~k{Z@RuDMz%l?cc`=}1kN zi#51L?wGkec?yi8q1UfFTU6q<&M^g0(k49Y5)RU+a&6KnJoSc34 zy@eGlWrI9AhhuVHs`KctRZ0(cPJ5z0dFD!c+`U;-2p@m~{z#~EyFuvT{j0qV#1>EG zD6pq@2F6`Z_A3>Ty}lDYoRg!aupSco_UXo6)s?OB=0=92doF~yovN&Urk$vvMw=lq zw!imnmY=SftbLhl3*9!nP)Z#HZE9XaE%oZ}=u3*(M(GHVFESzmhX7H#%qFqX?Rp6y9iuw4ESbW9<9?yX4@a-lJ%z~ zH{@3Rk-Mb}p>37Ytx+1{tBA605R!V+@!8pHU(JgVf1e=xPYPB?SWfvi#xv(>`7xGT zF4yZHhZE5%d1RN3eZ2^GpVma9ei3o1F>Aa*vn$p3EcK7P@*PJGH636z#j28o7sS|W zL&K?fqm^{iOuweIleiq~!MCS>Pca!J-7$^Ja)v91U^&hncmXB+^)TP|$5OFMlw{P* z=eoormN!n;3u;(i(6?8XHOn~^K~qLD<-2nb3a0wjSMgponXk;5G#TQDRu{tXvcb*$w! zWqeF4V$fKUL0KgOPm}qwVw;W5?SS8EW!1?9<0EQ7 z0Ok&SID`C-S8l!Zx6$&|oSf^Mr1}AM5Z^U4S6sTk=mg;RNI9>wmZt-Fue2`VdZ!HG zwfs_#-*%a+TOd#6r1gxroj!;{*84?g*0Dcb+kgISo=U@IBFUCerJ=XB2NSw(cD8=YIr3OY0hyPC!ugUrR4RE^v+Y>2a0^KarT#X2wALNMAcc{PYqihn}K$1 zbM&O1+dSPqw;P|DMh4>z5Zw{8IKd#WixwOrLKY{k?S73S0hT}l$5lifw@I&D^sXi! zMaFF9NGY{w?_3ULUh?rC7ATJHlnwM1Kt=AC?!)MWsViuVxue|gTpCXxxke*wcEM8( zC+^pE?~AJdpxKyJ-+Zy(Ue77Sru9`nLMBPpG(si-j0i%5xhphM(;K^pv~zOXYUCak z0uL+rtR0>vTdD2XsnedVGyRq~2TU)o9MRv6T)Cn9NU#CL$;`oh59LQs;>wSC5)fJm z1}sBH4iy^XW8BN@SPQ3$+3bUF2TsM9p3y_46eT`jXq~(qxXuJI;o4Oi$q&uVoYY6wfvAkkb&%jV%Rnn^mxF zUDMUiIR6T&u~ct3ThL>=1y9xc@!lTvTpl}>(mkYnZ}MIb!w{y&^84WD2pQ1FhlTD@ zL;SiyyM=M|;o?Of#p*rn{hO9!o>-6ZGv3@eA2-aITid>3 z$HYtCeU00n4cq?CF4rW$WZ-H~`5hnz>Xdh9ni$4$(@+u04y?G{Am898xJ(vE%6g?^ z(%7c>SYykhJd;x*O2^Y-38K9%(ur!6z8YuX!-a>PRgEcc<>!!J>Xhy~Uq zZ(uH@FW4mcJ2b*Y5Om`2mxe&s%JGg@t_)tc0wocDBOn(YSq~ zWBdir$zh1J))HaVRf2=z)Ke#u@yEz=$1_>`lx2b2Hk;S)>*`%dz}gKy!%iAOsuEz_ z8?k0yy|IhUqJjRpS0oLNREAD*S;*ziU=sB{aP@a(aOLT9RfmYW?HXOO3m!d=7R_B7 zuxd%1>3r4r&CMo$nV*sb%=>4Ju%BPgvYoNqDb=^>V;nSFYu=(qW?Rbzfq9AKHfn~4 zb*|?phc;j02$g-R$3B?k&Use9x=g9Y`p&brzvWeP%&{QC!L2ZhpQ_%V(|R>vwI*nq zyMsR&eO;fSUh&#UiDn5Lv`2FuwStv%Y(1Kg+De_7g(K&<3DmpaaH|3D#FBGKXPVtL zwyTHZsPOM=+)_rQzCe2;`ZV>GT!48_mX04$|Eu|8WwViUt_2H2=F>nl@6@*JrxOX> zr+#RmHhc;_QLMY9bhUZqCAX82R&9x$72DIdT9RW5h!3qi2tDbz4`f5s$IS zJ6foDv?z%PSKt>}Fv_Cjmbkf@E|PNQ*$|83F(2mVQP`Y0Z*$G_H8&rNxXioSHye_8 zb2E346RXOFapN+?DT&}lg<2;Vu)(YAwx>L$JE8gV>T-BI|B*T`#7wH&2ad4p*(N1k z!RdEHI_1dzik+4k@+;P)XN-!{b~xAdKDY8MCdt!d`<3#Jw+rRs{c;Me<^))yrba5{ zcDC9yv1X5o%VQOmWsN@sm}IPFsNcrNL0U@17fi!>Zk>$!Dok0k%z7-56|h~;)GA_* z7J|U-Hwcs;uoIx#!*7a98-oPM3_bcY7bH z>+ibdB^ak~5>qTeL#`snF`_w%NR~r=R&is`)~^3s}$QKxzVm zh1fSju49OP2`(BUYa_c|ybxWA46MPMr!=`qKY4{LwdTK8#Z?9X9~jCBcCt!YKw8;wckFq$rWdq>sQ+ASXyDf(9K|4dh~=W5E0JLbHLCd z;TN*j-s$vrBf9VDq$3x<>JpiKIjC45y)~GXwj_SyZU3Gzg zzvcvh|Qt11A+v1qq@4@)WxL8Tx0C{)&O8$NOj>mR5!jz1bFY+WV^} zYL9%_m`Xe^y0L5KvU0u%H}wgR_$yyT?93N8Wa*5G>ytjWj>Rf!$%(Ja(rHl(MF!H* zC$Ru4%sONHJVFzvdYzUp9ucE13;oYV1B%XdGQF$4Cuvn4cMHhXe2tXDZI2LFuz0VTAjXHBBer3cUVM4PnzLPthC)c}grVM*5H}@L+SEw`l*61Ko%bo2b#cRCX z27WMIK3)3&w*dQDK(9LRrbYKi{nnu71^bKhs;DA8EHN>Z_>Y8sIz(R7Oagd6rM3c) za}NiV20phZQs~6RSo#~tY!+WsGsW!{r~AvvWaYM9PXviL}V#adY|@a*THwI&+Y*0M~^4hvH+ z{~~9%LFJQZC5h-2EIvypiH4%3k^G($V;$A@MwP==#ay>0SwydV0}d^bx8{edWOk(x zYs2D^{lF@QW-?Z!i%S{D!SP;J{aXP-Jq{X#lDNQG>ddtgV=P?`_+JEOQnoQWdU<+R z{5w{9QLwvmimUUa<>b8Lx829AnR}yyTDkYE3rG~nRyY%bQOHGW=;^gP=V`5ii zXU-iPFEjyn;(?_m&A5th3~PF7Y76_(gj@Y2TsJahF@^QDbD?K7Q^rF9{svytHdVf> zPv}<#8hqJ6qT|DZ!NJhle(+r4a)>MBQIfKXtk>wp5*I4SA0C(@DKD?1rl?p@Gl0$T zP$Cx_N;2C)A5XWr^yyZXtIKjOk?}<9+9f9Ls!qy5^`v?VKZ46 zKSLIDIk4HfHx!fWve0`hmDRT+NwcH8Fnlxk(?`oBwBFZE+f4!ZG8JV`|+4;@6FQ(EN!NZK>CxW3SiJnaM#YxJVk1p$O%7f>9x#()79n3=Pl^6 zDus!NT{-@&`-T{EJMxFXU)f2>9h=Ge+568#mu=p)E8uF4Ah?sa8im!Q#QKRMOeI>? z*Vm&g0M+??&M^D>H4s8daZfyfxk7`y%)*w{d=_Gj!@mOdT0c1RU_!y&Z}s6Ubl!OG zX`kdm8ISg!0}l{I{LXXAPE!d>;)c{g>7N=Nlzm0cL)I)$EIR9(d+~v$eWZ6SXwubv zXn+R>k7f#e1R01?p0?@MP|_M(5!<}pr7=X*rTpX5V;Dq{caR5~rTV;5R6wDIJ{3On zapS25bQt(t-%+IT{4w~_2k$Qf(h9JJFZ&8Y@lAu_7c|s9IbVh+LI6?v0<)t(=nBF! zDy7PL39v_eB>RU^NBOZRJUnBb-eXjNwvwLuH(J^d9;lYG(AlpW+Y|a;_1xCjaOhzj zA7KZ%wK7X1aJ|A(-8hQ`p}Z#E!E_%?xdzdX=_^Q40aT5z?LryK&W94+xDAJHW?NNl z0)0>x>l8UC^#cS(GjFgU2?ubtS6K%p3?K~NQb~}2-zi+9VyYT{=$(RLe;L_7wI!FR z{>eR!!+gJx_L-p&l!UN7X*ZzmPPWN?8u5F@{;A3QNACFe z<&HMTW0G}zepl{NLjOMRj&Lvp#3|^a8rGP{@w}K*1p15oDc0|8+H3 zpbbniOMnxv<`d&HKL}F=t~x{i&pYM7W=6zd9#BI#E_hF)l2grM&k%jY>V}?v9m77l z_}rBWzWuSWMNsI{NRj>_eSin}7bZRRS}6G%)P}Yrg1jTb`0^PO1rE#~`6?&9=PT{k z|L!3MYG*#w%Do$s$t|eb2@)>(t(fXg%Axcgru#km+Y0|BtKr|vbM6f9{$j)51~U1~ z7mo)p(cxQ6o?S}B+Ifl=btlrDIbtf4N27S$t87^=4-^X}_BI%N>WiA<=A6hdg(%1j z)mg{IY7QuwY(|^&R)X^9bpx-DIffff_{Oer3ogG!pPY}os6&%xR4GFMJ`I$?*{o3l1{o{_u6DhrCtFzt_I!7Mk4NO+I z^<`&zV=kjjd-$XV>@B`z!;|8D=JIHNNibTPP2L|HY8JRy8!Z;X*H1e$-Sp<1Al74t zZVx@u6zVU{CG1}+yXs*)rh)?`+DmUK z02r{+pzDR$TjNB9tk`*y`l=??gYyQq7aaJt2`FP3;H`38lZtZiUX^Et&cz$g!{j^B zRfPXP!h{vAc__N8OBt$9Tqg==Pbop9F3nyu6_7?^OR8}U9pIIa<7UcWi|FAca_SxR z`XATyJlbPPtzDDzGH^j|H9l+7d8Q zBslymlCn4jmO3CT-PA27h4aY+eG{VsN`T!%M+4g!U3eou!b2w|9y!grETMZ?@8dYf zh+CTW%0en!Z>zY9W9JLXz^Hos+_YAt$$Di6?Oss+8rQm9N;$%Uy*)?1%+kK_bWA$G zI}e*Bh>?3IiG5tG;b?QZvk;D>LtK*5=_Ja+EKd$WHT)m| zZ`DW;br7MWVc8_2?ML}yWSN*gs?9om|E$WxuHjlL_*j|qHNI`LytAQ0*|T`wdM5H? z>6%3_8==2}i|JE%RT^FP#-Y=Tou%j&^6gF-lkRP^*|==&QO8*_%#S7sDz{Sm&b*D% z^s5rAcMV)g>QGRm3USvX`4yfaWzM_+mkrvggWVdhREpu3Le$xe$TCEfBYHpBl%V@a z_E);+B-2J04bgTlq{hY}(Wi)?#9Y>I3WK*+y5dtA!BE2r-+=3Oe-0sP&_?D;rn;4v zLxtObw{XGr04Lb~ippV{LBWLO7O^5WM8A%<7TIh*I-$a{`V(9hF{+07^M|3cH$kU# zSn`4a>Djiweh$}|oae8cltd&}Z@zG7pF8%^iKCCHjkyUa}$zB ze;sgKnPk|I;;m^uJ%AUde>_d%HWZt+X%7O0x`T29#a|aWW=|Mq+6|ZB1eVs?CRvkG zY$^|5?5jCMj!Mjh$L^Jt5S(6-Na_%Mb0uTPNEdx3J;fWFnFkAWFJOzUa)f6(qi*cwp=v7bs3M19k7@-ki^s=NB-e{t-VO^M&euDrwo}%H=UwB(zN)Kr*4efF zB-E}QT<Y!~0+1Swq4oztCOAqBDZt!Fc5mU12 zER(OL`h7cejOAK(X3J@0RM>{ZvNz|JJXp&1l35y_uU9ZlCdpDqe&3`ehzr6g;$1zu4Tj2%Y-2FZIx{ zVutaQrOx(!c=QcJOh0)4s)g;ALuTQrjoA7a_?q$dK_Zm^1}ycDX?xG=)kGWFRBZy% z_{R@zPk$8WemOyZbPdN5K5o=b&!XF6I&Dv)!t0E{FmJ5E!{yzwlWns~aIB_tTU|Lm zbb7Awql@fhm~Ej-Q<`)v`d1Z+FUKb2=q1yelL|m7P9*tM232TqU?s zK}-B*1z|80Yz~iGK*DpZvw>W>>AU2Ud1b9Bw>Lt-OC#a6WGBXT}TLmyK2n;0}a z@_3C}ze`6l+L&W;1u!85MW34o1J%tO-B+BgBV;1!34S=J*;-E{sBKUdUAtXtE^lE^ zJv;6y*p7xxb8vvr;ZL#f1)yIz;N<<`N4ib9!`Np zu@w~7dwG4VF~k0N!MkYS5ErauNYI`=z8Vpq^JPTmt*A`j(P|nZZ=fh13&>aP*UTUvXg-aKhgBUqaS zkEb>>@j{s!WNJlIbL&C0XxkZNR6f~WZS zP%spLn$0KQoie#wG`l-7Xs{LsTQ&=E+||*mZsds@qA2zwSL~5}W8Rjts)OU@6}p>u zV~0~sM>RqfxC{Zcwhw1nmkEsJX0w94s`((@mpefXTAS6MYR)Ww=9a!@7SPC#;nK^v zD}=x}(|)gS<`cQhsnaGzB*u6Bnc1Cc*plBdgvW6**z1@xN{%k>I_#2Sx9HPhAg;+Q zOwwB!E;Az6tJTQq3)sZl+krWx(=#+a7MP5=b{FiL>As~QHGslQ$Cw?&G9R8_SrPkD zw)liH$+T+j{*tUa4>FZ`T6$HLALT(M)`^7~q;4F^|baZKy=OhObCw60l+GjB-i5;hx|A60ax= z!%?5}Qn2;#B@L$3(d$j5VEL}`C3(kk8i%-trNpJlWnqmy=X_`h)FzQTUiL~gnj)v~ z7#(YNzGioL`}57=yA4wp35HqoW4oOkl0&&SwIK;GQ@Eznj9W(tk?8$zSHTU$R2+}# z%G5U;c(4<^nzKJsy|Iz*k^4k+kW+m$*vYk{^|gH(rGi@s+G&>62n+fdfi@#c2_^y$ zJ302$Y{dWUR3oz0qn}BipaD01EW3(62JI`?5A-FW1itz}t))kMf`)&sgY|90!bzay z+xQR~_*J6$D5)barU%i$>Mv3@jWhkaHX*&wFz=73NaUik4>n%elug6+C6n^WH|96E zv3dJ9)WSZqnYZfRy0~%lBLXRzgjR1ar*?hx(lLa)GO+?;bGvJGFKw!4|56jH;Wl;e zxAo>r@5cywbEDS*aS)!Xr5b%v_a_@>tNtb`j?bxBTe>f`Yy@cbe1tD+Xvu7(cdep@ zpErN8tv4CC`EhEX>Xn%zqUL15|9-TZNtzEq78#0jPDSD$%OZM|A0~IKpb%}V1*?w> zP0Mc^`N9^2^c7ro!{QMsTvXorp-*{=5k;*K4EJf=goAmWP*?C;I(P|vWWrz5s)0P{ z@3eE@u(LVU=Q%*J&JRa-Sr8zNKOxg*NP zokKQt9V%M2$j@#Lvzhc=6dB)#NDLQ*5@@^d5k7T!oaP}HI`hYR(BQTicz`!y1O;ms9DW={W&OEHA~w&Rb} zs;nU+aZ<$B_Hx-)U8_qom9uO{%endd?woyV>>mp&^Ju0uUF33(xcKP9YyDA#D*=dX zlkTD>fha|Dr)`Hvo{Y1${Nc^aURsWUbABk}*skJq^mAiCy}CA&NhwSDhC%*M!}fx7 zx0eEzLKo^Cn{puqp9Y)eT;hMJ_TvM8S#FYliVn7;*E=0HU%%$0{c|U}+Y?^xUinSB zR6Yug(QJ>C{mP`A+C!=)=Z{(rfyemG+DxMgqR~h&INuM|9Z8pwlKI1+ZKz2J6z2}@ zfgd7sQsRKvOBHh{_aUOXb_>wznqh{bkE2`y8~lk&uoGU^MkIvg>^pN?&HpG6?QLbF z4agfCF-qi!YiO2H%i?g&qlL}Gd)7!v$0B5?c`Z8|cv5U!uv4*v|H4k5Fa4adre81s zyp_6>7$TLbpzki@ro_84zLo3GGxNGy=W53{#+Ao7ZRc)x5GjQr1=CYA_czQh`lvKq z*fYsS(y#W~G+B|^9zK`aD}Phb4RBAKGe_S4;-2_t9t*>S6a19)JnOAKv$EymXUi|8 zOz0YoR2o%VxS0q;?rBcnku@-Ec{sgCK&~BMnRGp;~Eab8l)8W%VgT0mymIPp3Jk;DDOZ&W2f|JyQ^|Omb?%WoyNv3n%;sJO76~o40 zG*cnUF{Pjf44)jzi<3x6g{`~APzG;`kg&87?cnXvjsnkz+&oik!vApfEk#|Mg_&(4 zz1w6xsnA(Fs;m>1t9XTf1Gm@Mo`31JFsogkPDWYTWT|+pp_J>%n0iwA?+%)`{Fpfy z2pgIVPVVOxA>DQ3Y*C!-wRO{I%LO?Ma$4`@-hj$X`PT?#=$LWlsnlDCyvAvn!)m5X zvhpb@%T&Tp{A2BSjB(d=CYxN72UJJpkt+p|$LLP0*&9kK+T+lgnFpO}l3t#uvdL@E z41IZxm>Mo4xzj2nz0J88#mFE1(CaJP>{OLMMY5eF4(LXTm_gr?E`u_?Jjw0}2dljWmV_Vsb>rJ<)#W;X?Xl9}oo zjWe4y1_&;9Zp9IaOk3FNcwT>Em&V8B$T_p~8&y$qV4F+sZgy1BC4Tl1+RuI0e_X3GpStc+Dbm-8 zGKDIIBJu){^G&v%N!eru+OV-=2aSDh` zy*1a_CW9`H)IBtR?D>Z5z8^feWoKPqH9Ji5wr>~Idfg}*kWTqx=A5l;W)vYyZwkp; zIijB>oE4*#!4*ELnkr|L>U&OswL5id&ky7zOWBQewAXT-I|{-PCEsPR%=<4+ryfUI zg~zp`g$!Km$45^)x)nU%@;q}56p=`3w!TW+yV*yw*=g0E{{)TuS8DZ#qk`LIZ`b=^ z-Ez&~+jVyLst?**K7~v%Rs_DjDK-W? zm}AS1iBGR|xHFTEpx{cTHz^HE?UaPesj`sB(a|o>prIcu`y-I&S7YHm=`QB?hhvg& zPHK9@vi(@+jX<)I8lBm}RYT3>o5=C&DCi;dHQ%~uK%*Wv`;1baALg(=#`Zn>l2T8^yBIcq1LhJ9hjGjo6bvFJh4RB6k~+q|>wq;zyWxo-&vZRNfwCMDG{ zzVQ_6+4E09qX6fn^eM-AzR76H6_Ovd(L5|H)v*6x{NgMG0n55 zi)vmceNRE|H(;af-ImD~{UsGmUI=P~#fI)&Aa>UGtW&pBxuOc~i_CefUVFn;zO9C6 zX}UUic8OpzPD-@>Az)>o!KPsnAnKLQ!lkb%+C9fPiIF=}boY^tYG9s?2gXBsPJb0I zcS)46S0>eNX4idV%+BSus=?;N`SBKIypZw;#gVDC#$V*)c_iNDNgy4FhW2M?aqePwD=%=-JqkMiF8( zrGr}qFSfdYccZzTo}AFil8@Td7b9_!5sAZQ2AffeQZzTEfX;N!?ko&(F5er+LwJ*m za=6Bc!TC+VFWcwj$Dhi{vs#OlVM}Z(r#AFw!STvj?rz=)jJd?*W&FtTsz|(1>*HL# zp51w2%QiF-pTmBl_wm7Ejye_hbrGit-VgUMg`E9kJ+X|>aU%Wf&^<|H5oqTEoaR^>Fd@XTcdG zd0O~kl2;gF;c;GL3v{`=ZF-J#T`HZ~zk223S96zpDu~M5Phl<2nw)qekzzC;Z3xqC zl?^Rl@;6i1Xp5VH9KfwRKLsh-m6>MP1L*3{s1K5r?1_-;1@rcgb;Vo(rIP`=@rES{ zkOE;sbBZid?gYW&D$?9w1EYwT&&#>Uas#s4oZD&W@WdnrDkvs`G)Z-QGaF`#{G|jM z{kH8#)ypfn_0lUcm0RlB;mQk!(iL+dSphNF56qyQy>LID0x59>V$3VV`de5$ah*xE zNM}xR%xOM4>A9AvrtL+FoJR2vTTxJ&I$#*?_NID+lHa0XI~5>m(l|E3z@o?DwUjev ziLLmt8*3_1`R(1L0tIjXvFCE?AK^wX$5AAV&OdEJ>AQ)I?oY*-Y$Xvt6`xoO`oxXo zgKCk<`#%g|yO-bi{Qt8*a{a9$jK7Q5e|FyeLkfj%&HIPymjx3;5&BdzL{_gauI#^d zt1(zD*OQA&n!|`3{CY|5At}Xp!3CPdxtG z$phJ~F=cU2rOSrOd}A(`p_^9+@u#QtD#RU^#f~)RZ(|3Bw4r^_vZ4Rlmc~-*7VVt~7XQDW|HH|lTRG)`Gtf9D@=XV6K-VE)omvPX)33dkNvK4S^ zO6vK@AN5hM=+--CGU=#XEYt=VDU6ir^PpnZ@=_(}H7Zp3zoouzeAenJ%ux*n%H`Zk zo%_vcn#L~=DnVK07JGD=ST-^9ooI>=X(M!K0TiFZwFuoGZZFVff7$WrF}mHl)pD#q`&zey;-(~y>{|auk^FAZzbZj^M6lFJ zZ?~hvefEkqgY=pgzYz$JYKRSp>_#?V`!Cej-#+{)G(CmA8t)?5Q#Gt7eiW*N@H(Pe8YIk8qUAWo z@>?SR;@D&X6YK{9yyHL|Q~c<2eUel)bYClJwl!&2lm5zYgQWuu7TOHuzIEHHnJx7E zRl_aY=noce(WczF6wOVl97u zL`^C%HC9jv$C|+9GR907t>gZgXxE_yBz$5!?|x0RtKaZ5=}%C>1(v1?+9>sOo_Ua& zZWRT3dR^yA&YSVP`Zi5#cG@grIs08CT4)ba!7pgj(cSi3|EGUdE;yhOP@nnpPH2K+ z;>w5}8`JgtJ)pbl3-gPkPCdGk{xB)$%~$(`X#B?RGS5JrvHPx3rJPmHbcB_)inb->gmwInXIs`@YxeKM9LeAcoegdnRFI()8}6 zNs>SmcU9|W4?d@v>>zV#F8%RFXso(ks04Me>|VPI7tYe{_Rpx>x4yYQ)x>?OOAK)0 z|7mwO#tUdTf=09R3}0PKg_=5q?-rG7;!fPqGf~LIHEt<}$L+dG%Ox1{X=EP#)6nvx@TtEc60PrRJwuX(#>#tt3lgwW1v zAIDwad{|wBkGJZ{kp$x%IH)8{>i~>Z{Do5gpp{_C_>d82ZAFoT87IiPfz9jd{Pgb~ z_W|d%`%Wq)j&gHwPhI49k1Y3gplR?m`jnq)ZG~|uF1toSSJ*89SqSBu(Fp8m?_|sW z+LrvU2`8IOzAfe1T2s1pxH~upn)g4Y*Rv7f62{v1yZAB8E5T1Q}JPKeMAoDz0 zREODw+r9h(=k-@4{`tk0^B9tQ7u#0WNN_znnQ6M<**Y+N2Y%Fa5O8ytrMs~6BSU2y0w z&2?vUh=(ubbkf^10X{C`LI2?8Nt6=_q6P<{@froRL2pAuGAU_%s%Y!%)L}~9q+*)3 zLY zy|gcYeg1KDIOfjJci2i*(OTF1_4(O#PqAZ9 zz6P&RaOcYn3?o42HnC6t1xTRlHv7MfY%`?2tm@k5M9hZWpFZ-)@z#u{4MX0YaT>QJ zdYF*v7t4KoK+ZZjZn-sDE@o8o4TSO4{uES(`xI@SZvP3kQF-N8)K^4 zksYb&G3+82Q1NI>lw)^+auoJAxGa+?g@O5oQ@QV`;Lx{__d$r{w<86QHAm@S|3HSS z#NUtsl$Ld=f5g;3og~1eS1>()G4S*aE?Sj)k9G>Rma<2?%JaU%4Tq2T_(uxdRRa_! z$dgkZkJt%P_X3b|srcI<~W2{eQBb!LSsVoLGz>^YaZ8BsKOBsz6Y?vvy zRZxL%6jxpC7JGKMHq12mgWVESZB4Gd)lSJ`r%)SaEq6R)jRhcdhAlHohBaspOaf0u z%O6aqP#zH!+`gDD$R<*I^3|}eU2u-IGeuf-FgU@8zvtt) zBB#NmOwVxKxgfw|q`+&>YNSA1G_i6z%rsTCrksL3B+FK`DP$_xv#CCcl6$mZ!)9L0 z?w$2cm`lEOO$J1*CapZP{l>YOnVDIeQd4bQu)?)r)_UPb>S3O$6oi)r-Q`}EyIJnH)3_$;1hghut905Fefm+Iwq9ki zSCV(2{UdD)7L;C${irFLl?adLdOi_#Dzsmx&CWuLrzhGE@ksO6!kOY*UVvb7suBymv_*%`P>SKE>E>VvP_9 z?U7aQf_#E%KjApr7oaX3*W0*f?~t&W#<|p{cjV9}5d$-&wFy%uAUDCNcdDZ`S3q&~ z5j%VeD}OqEy}Q(i>r_Y1+2B?L!fL`Vm3~TxIfU3=S)gXs4~S=#g<=pv(`)496&c5db)F^a5>kSjD3+ABwzEIF}D3c7uE2*T{8D__|Et4*qE0uhWNh~*c4jxybMql z)XIoSI&MdySppIdH}CwCq0oqsa6Kq@z&7Bx8no#NOK9V3Ve%bqq%?J<%~=ZDV`@Nl zJa)Up54onA=glUpQxvZ>dN~_ZyI>#we5yfKM4Aa z6VtB8#AbI4ILY9V=ic;w|Mh6aY)310NG-Zl9EeYo(^DTuAhxA_M(@I(gS>ywNL!f^ z=SMr9otRgd7~C4ISjb>$wLS0YGV>bD0$u6Y$2PTV6-N2_1uBbDW7U@s1j{jvtm3&c zpHQ%x%$d=Sg2`B?JCT#g`G=Ya)dz|U$)RF9vebpXhx^eSY$acZ3@zjkZd?MNY_}(# zD-fJ!SqwBq5!AGv5S+F%@88<9Wui|V6V8rVQj#lZrLWN_&FGNW^(&-WdydC{2=H-A zShtyd`hj~DAB!c2^WpH9$*y0GGSfN5{oD{V?Q#`Fi|(Q8=vgbZCGGal5Any835-Yo zz~GuE61#>K<9u~P^EJ6rCtfwbvbm+5)+ynozYI6m_A5D@v@^}3wtzED9WOExZhI4h4HCs)FE5ECt0wOWGeW0EHqVYQnJbMAzFo}@tOy7Xe+2qNCfQT*u zr=geIL5O;nY8@+=SX89LePJTg*Y!=F8>Zhlmong#kQ}dY>JNOaJ)tm^2#Rg3fDK2WmwO}#8tCEP&uR|#Cq~S;P2|xY};F=k*zf@dp?KpRRMW<1ji`eQA|!-DC3_b zSag~>6W6yk35yl~?59RNu@_plUxEoVJ|qW8o89uHk6gaE4cn5RD$zS!5@el9Q#;G< zFV4vyd0kav5=a?qtvk?rm_)?pMn5QqyxaRQ`5>p1$1ahIVNVGCbi=A-v+`uiI5RiJ za<4U>WrG-1-l_l@sPEQFt)Si3Voa$!SCzu+_4X>C)7lB{d zl;58cr`ZF4Yt=|L5v$J9cPtvpgcplIuF#mO*=AGIEylrV8i(qRHL{*Ey;pD7Czin2 zDgRtN;f=7Cg>FLTiCDsr_RVsMo3^^!Ql-P$?Ai7NB9$kGe)Ct9ZARqi8LWQ%$W4!5 zuCsO*dA0-?K<#BP&S7_|6Ybh#$~Dh9sRx(U%^QU*dwD4lEt82@vI`lwQnIbFZcw=e zEJ&|8!!M&eMrQBP)bweYUO#hWUz9E#>prr&VE?dFJa(SU^qvQ2{!u=r*>qxA--;-> zrxvWtRFyj`W^7c%Kj!6D+vuM=c!o5>8Swbvu-ivW1!Ig!mjufCyv&Xk#%cq&h!JeI zz{K_Ujg)5Y(q~b;>ht>g{_o=H6-yjP9TcjdTt%v!XmqDN9EdM|h?*5&3wrPvUoG@# zx+K~v(=L2FbKQ0phsa^=C-@DLvt=@25@HP95wuQ+lhZ<7L=o=3X#r_fi?QuZsl zD?^9Xc^6ld1fR3NZ*6Gs7?BJ!N?soZ#67LWGUvYe`O4|G)Btxj{(YLaRAr` zO0#b7$Z$>d9NWwy@Hw29G;D$_`nIDvx`9ZHY5D*$pkl__g)_-<3_*R`Zkq{!@KJR% zrf+C=f(-=Z=f~D;r;Nl4l9R-`_2cr0xK5vF!XU}}GMu0x>;zBw7xYysnO!#1>b*!3$gIn@yt31oE7qT-x@oG4!)#GG z9u^w<+xn}v@)>RY$n$RD#;I?R%^{X*v1~bUd!MKS^36ofYvngD(;DCFJ=JXQ9G{9o z&J85u4XFZWlFK=ahPw9bd_5s{qLPVU$tfnZGtZ^{YWfsZ=E-mZ8o@8qG8`Y#H9b1}DVBmXVM}^et!ZxP3(B zY%P&ZqjssEQEM@qk^hR}8@re)XxEgJt0Cps zikpn(^XsSE_M-J-00`q_dOJ&oex;h#&N%A$bx0MfzNo=?FglDps+As$-zU8v4~Z(n z4=Y>jY1cCUBFFi3)_+-9{CvtYyVpm$`D++nVk+4R8>ir>8kdn{?Mp@0T3VV^3{j@D z^^! zuqdJtZIR%?zbb71I{2n93m(T!$&zx4ADK2M41K5N^)dp{?3&~uIVD~>-a^-LhA$M< zuMav-YT_AmG2sl+foaQP$)O$H?&2g?B_v!5NGnQi@|S-%kWr;2-q!FI3pNj*WoI$_ zR8y4eBPU9w^G0)=jy1-~c|Y5v(a!mL(w3&9suxSH!sM~4-kGX>y1-9yhfNvj`jx6# zR$+~+YzeFV@bPUce2+G&O`DK;=*gE33{BV=f`%_zv=KoOV!-Dmw~uKL@un+ zUj25m{?wFoxU6f9?XU2b?Dio!c|(ZxRn}66^G*x_y=!NR#1sqGdw01OS(x-vRXrG7 z>y=j%wEoie=?qx!CY{p1V@XxYf_I>fZ zt#DC;^7vAcvIbRWXW(U7)$H$T5JgilZW}gRM9-Tj$4!ycmC_*F?Fruwh7(yLFvCei zTJAI1k7kl&I3I~%K{rbm$w9G96eJnG`KzoPaUXCv-{F!?QBo&wC0muC_1ZpwbKsi0=(hRJvPck6AR$ za70duM!n5=`B*N&&~3z2EjGcI<@;2jITwz4WR5H@{VuiupS#?Ws&YYSk9ndFi$Rz~HTtJd6C1bg7D2YR$HIm!_v@LMoLo8al@I$Jqrk>5|-bw^GkzRE-`SC#G7&+I%=lAm-mBt3U2 zpSc!$UltK-p?3sMU_%^!d4TUM`!exZi8cTd8rr1bbT7fR++VTn^;hYJr7w-Yg=P*u@g@^*d zX$(0>T-(%tZcxo^|`5QT?A@dh{(MqkEdMg8Vm-Jn@05pwQF6hRSWdhzbv8HcB!a zI;rpUshdCgl(zHm`{CLsy4QDI&KAI@Dfcf5`RA$B&;j+KCa}Owqfdq|bgJ!~;{Ru~ z|2qu~xEjWbT~QGPjk|{jZKAis^U?mF-rDq22nvd)!#Jn^W-v+*zu+0D)HI|0Q9SNm zo+IUUuOGuOFanUxK)nYS3;Jn4^wa<8RN7SNfPSl7#-01i1-5ra`5(n@`CO}ix(R<} zB#@QKMXloQ9vZ)|_U-Z6%a@+uyNCZh!T+Z-y#J;W|7Amf#`u3LVg65o9dtk;R-Ssj zji>L*we9cZy1zyXoe@i@M{5TB$D@I((fz*K&u{D z-u_$L{=3EU`TLv2=*Qq5!9%Y&!t~p_{_9|K=z#t}ZxzNjK*^vE_t$9uK;ggXOLzCc z{o|`Y?=|OtIO+fP6m@qzgX&ruD<^5an*Z1k1Jp81j1(qd2>RoBjA9~t82@guqylYh z;>^8%7aq_nZa#&63dmKzubFjsANL2-SGgLodoH)GPLPC}J;vGDM8X3OaKnvv)zSQ1 z*u}+VziZpffmg#f)zc#*Q;N!&Eieh{*vU$$x`z5heT(tT`H#A>Qz22&l4xGDf~uR# z{)zGLj(zBE=fMsRw=l!=yul65FF!&V8y^KM;N`+K*8S69B|O#RWkZUq+u zR}LKggO&ttH`=;Rv~||r7we%^o@d8MCB+b#)B3lG6}L*lR#qhjNVJZ;QvxPb?t{<% zyD0#wxWC2fs%%Vm(@e@*J5LUIbGY7rh@g05$$JIy@!-=dx>y$k`>SS5j4Mc`*?4W# z)fT#Bq6Rj@$S1G8wjNs9x;-#rrN(#N{!z6XAPD ztZx5FPl6u%1OE^l$#ucgd~=NSUt-gPgb%oo{aMX!Y$WVY4!a>oJc4^47Q&tP>JdH8 z3fX1k$}SZ8wVQKeZ;S&j6!&kA*46bvA`p zPB~WEhLs$9mdU`%U}9cB0oLUohg+;q)7~GwGhKg{|DPW)EdCJ&2Wq7V7SQGPS7XQQyKi1u zP45+~A?khV?WKvH4ti6~lS1_i&>#vyaU}OqJnKae0!%;}Wu)!|tzF9I%K#L)4%~Y4 z*gD(U1(A~>Q3zATHF5#2`b3D8#T6x`4S|13aEA@Sapc)MHh7st4J)IJnq8#$%R zN6dH-w)%^F2BhL+j;f+!+IWW9yVj|@`(Pq#tBd%^y0UTL9%gZUdX{5t`Api-ICBV= z*zIEV*eFAn;Yy_MrAV?!hNxaoN0lV_pz(UXj6dFq23`iaxcSrU_};a${PY^TT$f2hLp&{n2;J= z!w+H&k^bA8vpqUPdG2;O;i|RBoB?W|i?PhJ(}_!xN%t=F;+xe1Iz4zpN3lO{Gl#TtjqO4JIZ&6G@gTf@`Yj zdg&z*gT&B764bqiFfs2&sW-_rv}B(?773|bvWui%wK}R&dT2Aa9gzN2q4~b~<8ECa zZx*kjyVKIp(6EB0DlP1B>Je|c?Mw<6twtrQUn^2#RliQE+Q{H78x>plp8a+^>0o0s ze`G>IgY|62MNdAm?lnG_$TYbI1pPLwYE9H`%3N4WHT!c9_|*|yPQx|2M#a|d?#=r` zXT!D@!P>&yDu?fNW1Os}&O`FzRVVeX$5|Vah^i!%mgVn3EAQ?z2g~yud=WXmoG45F zu;yrU`RDWg=BS z+8p;Sfy9TNH(4uJXY0*1uaUPvvbbsheu3&J$J{mZP%Xs_8YZ-w_IN6bAz>liuh%WV zZwO?OZlkD|$rNpCZrrYLot~uR)G`l1#N8qY60(a$7RG&^BfM20&CDt0dOMx^JtvEy zNV?mN{3wbt@2bG(#_|?&d)lDw!W!NPOt8@m1SU+gMq?(is%{^-i!;Qy4xQHs(Fm*e z4dZWQV;IegnN)p@&7}ULn!WlU_q&4xMR&~(g{?~0mnB&LaOJyJp}%7VsV!LxIZAlZ z^sl1n)Vwh}PmTUp@Z_HfcMufN_fO=2VfX(ahkv}&1v;SrPQt%O3!M={sBom1`j>D7 zy&B5ztNlIq`~~m-x35tBSFh(i`iz2N%Kr*Ne_>sW7fZ3PVpdz7`Jq=l@rQn@_7LX3 zUdsv{kmc`6_O5rRV*Ed&h5g+qMwItaVn?58c-)5IKW&>(FR{>&W`uTx{T<%_Z{Gp? zKUQ%)zZ+F;8{4ch`(svLmOT19*8NXg>fJFpZO~8ur!%4cxb36=>n2lZ{a1P4VfuG? z|G$5U?R|5KspO_H+kb3G_y3)O^!Mph#ZLRls2SkfA4+!9hQm{gt^UjP5Vs#y(3iP} zK;Pt+H^1-K(+_Pcl}l7-SUiGmAT^#X=Q=7$NL>qj4^AJqwl~u{n&afmh$T?aV7hxj z(C>4x1f12+>++TAx_Y)NwSTTvo!OqLRp84KV=MA`5verv9?zUL_>~_+sgm zaCD~-fa)oie-1ZvI}3M)KoWXXe4*8!?)A2ta8;rtPuX2bWs!lIdDA)UsL*5a1qGZI zwd8TF;XI(OwOu#MrU`8Z-b{hbg=Jp?aaf(xKt3>GsY0%pXnk&mFZ0@Uuh&?jry;kO zB-@ekW>WzQ(UbGaMqLyedW4`KB-m}x*A(FmKX9*X=#J(ma9<|I9iiG;I)-16GcvOJ zI3H>84jxCO`6;5%Qjedpf!RCroumFr{c2UcX0I@&3XO}Y7CA`hqCYe!^!a#DHRpa3 z=BCY3K+Zpg#QxmR8I$@V2NP%E4jyHm;O=C2f zoy+ri_4=2s43aSK5-7atHOMHYr_!QBZp^K8Z^_20qS~Y0GM}~+CDF!RMt&$ zUHR}_hx$DVet@Y=K3VdT^7aH#WqaPSQN4mTG4f1QM8ndN2P7LSF_7i>0Xv3oX#LD~ zcRN~lwdZL@QBf0!kHuWo-7@#?a5p~e6)J*++N9aqk~N_*7iVE;1S#`fg8hNwSqX=S zd4XWQEP7X8lK^h{0*LlG)bo+yEs=Nh0pxxc1?*?i`AE5Um#+0`ca5{{fLoIQK8m?O zM|J-ZG@4*Q$(P4xI-|wT33aA%ojozo_cN3O3UWwYl06~r&-REl+q*qk)vxeCMT>WP z89*a+K#($qzSyOYb;e~pA3+E|-e98Iq(aGd^lgdr#`C*wUB2|ckr>c-J>g+f`iE%C z;=zTtoIMB?n}6&q`4jH%?}wsvXF?NV?7Q0l1Ih{bU%#X4?jJ)crexUvtCx@ISV0?t zVM4QjPy%h}&H2q6NU?6Qy@9^WXJ^u>5qd`VC`(h)_ROSrG*KiTseyGyGI;NYfl2&l z=o*rr;iLn14HqUaqM3|j^Ao(%YvU3o0j_+F{9Pl87I;N{`X+hBy-oY?3Huf*~wz)p@qPV=`W0Cse_1L2AnHLipC^%o8(*J^3EW2!vpVI$J*T!a? zR_NwWOs*}S%EOJ40lP(jXvILEFL~{owB9G4m7=e`n+=V!Q+NboXaJVL@7q zqpi?aGG)s-qod^lmy*Nz#~v3c9_X1U!jxq$67AgMqdOMv_2^E}ogev_oG03MZ;#qc zMfn8(I$wNK39*k|+e(jc6A5tX5vF>?lF_9zQV{!z^OI?}J!iTU<*ddWP#-%Pi5?*k zBa(OyxTB=|=RJWLCw^Ec#oWi92Fw9SI`mCOr~W?h9o4)iu==22YH0q@lnqt=^hoN{ zBM@IPJ;MLh>*TtiFC2sJYHHy&yE}Qc`p*JGJL7=`7HSH2bweu52?9Z*mpj?gT^RYj zsp{`GX5s-{5D#8KtrlvvWC0RA>x?B@)pelPiTCGZ#&E4M4o^)PPi2U+WZjW}^ppkF zQ6LoIWlDc95Xx&Xe7x18U|HmXhv3C8|EJsCJ)J)?cAF3*r9TWv2(>6)T?> z50eD(m3_PmpnRbgZTBxAHMw6ERht8V$_C6{R;iY}l6pN(tJ(v_{ScaZ;mAh+{=SX7 zS#Qje`s7cR+KiVK2YqFjP)=K$FJMD2?kt0}lYQy_xJXvmJmg>gaH0N8cdwy#H@sWa z)VE#?q5jA~4h{AC*VIJ(Pa7`&!&pMkDD_~y-5g(ans1n&t6$r#5wklZ7j*910ylix zy{b6VcCEiDNo25dUZ8s(d3_b5f=qjMxh3dn<5HD29*JANM^C`UqXRDE9vT`lUhR)H zDrmT2IxR~{IBFr`(N>>xYdk(f*G?FAIU(P%Rdd`pj$1oEOJoEHBsXSWx5dsLtJVHQ zBOYcq^**c8nYKjU=*a|8y7*5#)yrMKxLum_wr_safd|%h+~kL5W{j0R{N{qnKTZR2 zyH7)7|C-i6{u>#m)oLCG6SFq?wdVHEO#t<}BTK(tf{ncS@+Bo<$w%O@BbB$CK=Y#e zdVh}u88*IkHI<}}(K7n8h6aDg7Skbgu{Uei;J|!NSUf-ev4r7T6;~7cvi7>4^5sd1lO+0e1qsGy z7!WB7# z_nZ6TG%3G(q#^QLsxc`qkcu=#m#1<(w8g?RnY-GG+uvM?JX>=Kobzj@x|nl8f3Ww- zA|uBTP+U5{DzIHo;vW_Ly58W3WxbxNt#xx-wZVE*wJ*Xy%xyPs5IMYMI2mhpDId(IATDAuBfc zXTx33YmhIo){U<&WTF#qH%Qzxfu&@tb@xd8R^WMi;?uG)8o66fMI|MznARu)qd-Z2 znGG$^)91I$S4L6CHDVoTxZBSz2gjKz_RgD4qD{XjOEf8DUm-K9X;|&7ZSVBPy4{!K zKOX=oo6kQRl63Tuj$XQOx$WEclojTLFz4HPL}c37+cG=dw=eVQsA?(smLz=JetggI zuD-}%nJaGSoH?!8x@b~Tw6YRiJ$(^W5VVfW?r2I#jU|ZPR?vkfgfEA;b*3;5>dH;m z`3^*Zk&%ge&;~UmJSXOd`ebrd%q_N6m~wOms#$OA_r0dK%eK%Iaw65I603F;% z1LORb6h3B8Yhro5FPKhhs3obUh`I#ag=rSmMH!siHKdo+G|_O-YZf3JoZjCV5N@;K zzk%SD-8>=p6izr5S?d}|n0yYiuG5Cl*CQT;$3tI_2*k?29DX$Q|4XmVTJ-oU0KYqV za~PJWYns`XdWq{4orso>Wg0NTvM;)EkbZo%=XQG&syk{WC%t=-PRZQ;ss3c6j=TIu zkTvPhGq0g)t6S+y46)3_3SFj+p>e(-F-`uI*p>p{>KM3xee3MTWYy|Uu5fv@hz4Rv z=l@CMCeKTbZO9$Xk|7(F^TWExvkDrUG9r=fxQ;JAjfYq(@OphvaXk`sg7lHfTEg{k zIjV*$AcNH@2U-WYSDQ2GZOBJH?5W7fEx^pTbW@ZLDQX<9OS;PMGa*@(U`*{qGqfNm zq(5*u@!$MR_7uAf1R_HLuoK2R{MuO(63Rrt;@fE7BV&$Ms2RD z^mUs~xwSIyRd$ z3(R-xQ->1s|vE=g2W)DP92)%5Ci0)l(~dY7yJ>;~!U*9W2SI0(bADymPO zc?5)YuvYy#A!A+gwevuHg|^Jnnfg<2v31Sn+Y(C+B<_>m8GVft+8c@HBYdm4S>sZ2 z$b--A{?SBSXrF4IhM{P3Fd)2GHV;94f*^{Z1dD`}?7FEiD|Zdv+?3xM+w5NB9^R0) zv9T!&-qN_;yOl1g+21*z-kWIp-nns|hK?E$>P3q`@aAeiak4J@iaR5;h&&+ZbnbhP z%ZZ7D^AbXTa2+Y9-4Ei#sblbM{+pY8RNKllD^-Iah7z{ur&8CsZgrD$XI6ANYspaL;rPygj&z4%<$*YU-+2p_ zO+R;{ZN*bVyyT(rM3>XO&^}S@_dy@X4eVBZMVLR;2)_dh)*rCgttU$SBz|9Ufc~ts zCEJ|~ebaW;&bqmV6n_lnn;^$S&_%YEU25Fq6SwhS^<#dPhq0)|>yVSLiXF%g6gyB# z*-2xgS`hb?E;brXnAa_LqcU3_`XCoFKZLZg)o=D;hEqBfA2+yk?Xr~JDm3^K2xMW_ zfv>jp7Uwd#bC1jP5@(6na3c^bgPgC8ESlm@vmE!Xyegl$SI@5Aa-Bzo@%b-o(77Z zYRRuWf_(99QF|CNT-wUtZcDz@g9HoWE9hLd9C!r&(eN3W)Nb2p#r+yDzqkgcYq|JI zKPPGtXM&qJMjrbQa}M=fON$pC4_|jPTe;Vb`McBQczim>JK<5~FvT-)!nXHIOEp<{aMEUwzN1EJ7@XgOSJg zm-B=3rc+QMEFcKm4`fp&1Zh9Xj6|c^&F=hZDb-S}h0cSGt1efNAGVpl^#Bw)$oJ~? zPtF=0^g4F9^$VA#ays%^-5U*;kM72N?p|>bel%#DPr>Tv!$yx9-;3IzFC|q;X62DZ z8muHms7)Pp@#a}PZ>Dm@gWIrDm}P`8$UpH?eDncL-r|-~=}N55rJil0pM{I9!ygij z&K{jJU<}z)NMtCA`bosmYhb~Cp#QGfq&T~^sW$9~JgBts0QWs8m{wwMaZsWwHs?Ep z=hd29rAC2WyJIpZ<`1R|yFxKaL?((_>8X-)siluK(#>hLjpx;nzG>||j%N`G^F7{b zU0#~_pEp_(2#R)6e$XN@7&v`ru6$nG_2{@!#IwlMqH%v&#Lx4VbzK>T{a_tkr*?1= zL@G0|$io;dh4u;=tUC_Yo*;F9T+;33jsRTkXKB01N(>hgI5>R$OE|*P;G+9N=P3@N zn|*qz95)f}btyZjgUoSP{c;G?7VoW})8?yULNP4$-m;r~Z^$0Yz~mCGWDIAk>w~AY zj=ipF#U>L|eKTOnyw~E@^I!U?c3u5eWyxmBZ=EysW=B-?(rfc~+18^x%W3kWaO``k zO(c&v&h*yoWhTcs=42~IuW@>-o~4`EB=R?)%$^<+>?!wO7hTV(K1*k@l9`fsLm%F& z)Df$wGrcy!QfXJN);67K@G+fs`IQDaOR|nF#`arsHCw9M@o6wFzInxSY|ORvWg7Uy z@O(wAGcJkJozj(xpVxD7OLdnLkl^VYbT&R`EII->F6vEsi9>&QCHKS*vmebzbcuk z{GNwEN>aODP5wiqG~b)6TJpAh#g49=@}x-MgGpSKu3VqrX<|gV!rXyzZuo}Mmc0F# zLC4A5?RAg^Wb~JSQ)u*pK#ED(qRUak`BkMcSIrHvWUG2b-N3$~Dtjhmc!|Zc;{7z` z?AW8&P?OvSCZ>mjOCw9DQ?_j+^Rz2ewN~JO*7EWEfi-U@BjB-buX`JO-%qRaTotHt zyy?DCi#k60g>L_&;K(f3t>K1La-(`+3Eh57&GAAU!X#Ldf5VnO9plF9TRwWLn~_nO zziVe$#x}8C+?A6kz4=(@AK!)CBEYCXxgghnU}aIqTH3scu3t+2%`LtppVzqZ_%Ni= zqy{Zv|0^oKrpvNtp{%-J1L0UwBZ-*xD|Uo@dkvS&7Kjp}!~@gZ_MCZ+Q4_j`gFwCb zn>hQ1xf;&Re*WZu*%w`Qk1owHN==rT>YfSQI>jSZoa`yMvH6yt+}4nDd8=#er%u0o zXRG6BqSjlk3|X;MZqwt;b$Yjm_uM4VH&2RfZnx z?YSbn;oX{-%$Y`0t$tD{?$&&Ut32M}1!E_>15^@%d*dQ{&Z{d@rxIcJn zhum^G1p0pnzm$=l4Cns&`oKsg^d@e*i~{D}+!K>neZ}NM^mtL*M^i6akLF^jLXEk& zS4^%OQqv&$QL7M+1G^*ili@kGY|~hMJnaG3C#WX=#wrvyOGJI;zTOU-g^iVGxGOXFva;78lAJ$W4?Y7)P#DFjMN+!-~7%EQO_Ou}>kV^AC7yN6#My|;(w&3wtMl-@Bv6_fXt zG4A5i6-|j2_nP1E<(mYnlJ$DeRjH4h@0*NQM!%~KsFL$f=Om#R>rK~3*!DAsm6W5# zybw?s0G~T@tjAIDho>f)*vxZkx4HFP){G`l>7q0c=bCQu>dp%I_@ArHV)h24OvljN zX7_zse4UTfiaPs|6Du9^%lFyYhUSFOYD|Sg*(1ep5t?DbOEc^3rp%dNA8)zFJ_RVC zH5lEhakwSkH0Z>itzN4kl5KCfBm@6%VzZmLHCA5$arF8DFI!y3n4dVkw$&P{uX4Tj z-f1=}QK@=)wbFztZx4f`-N9*nz5K>%(VFVVfci`Bb}eon>s$Pv=Tyg+^PV@fJ?bC( z%5RRmTmwy=%32|_-%abEt(asY#Q7W_SwB?JPRKH%Fos-Is_Oz?^C|d7UC(zl2fweJ zvvhEGK_{*Ovo}Be-EEvzU4kdGwz#bKOyy;m^ymDu$V~p}zS0|7meQlhVSb%7G`rEm z0k>U=()mwcb@Zpw8d0tT;(v0H#f?>Bc*#hiir}w8^$F){BCYWlu80s(=siejs z)V9YH!gdamLmxbfPIfi+Y$MGs&Wy+s)3@wG4DHjy-((Wlr1%vkEg<^R?pjZq&cm-N ziqYnj9_HY(tkz?SZ)eZvvXN#z%xOe0$xQ@@Ziz!aJ#4EX2uEjs(8-ZS}$}=Vl_}MLPh6D=z8PuDQ<5qaqay^aCCuw`uvPM-PAR1 zaQs+<;D9PNzm@;`-uY1fy#MqVZ=}BnvtY0Js)Yq5S9Z@*%GFVRR{35%VWmkcugViP zy6?nh1B4`(Y-@=PWP^J&>yQl|n|c1Lqt5mDX{XyWsxQ-qD;-yRz<1)|D$m?+c4D7g z(|Xiv49v$4?X4sVzP$URmk_m{^QGx+smA0)aQgz=-u#up(7yc12cO&%h~t%PK@lbW zw1E1TWJ3R^8+&iNnVEh{`#Sc+G@7Tqs7)dKwqO?$Z%M(FjEED=FO3TJXhwGXpg>jW zOL@(Y8TV?6RsZ?WdrYTIPPY$iAJcgUeRlSx({gQie^mK? z_vSco)~PAPxE>qzRWFEYQkDGD>GXD%9Ql)n>zRx2Dp?VEBg;+1bsgTDX^rB*J$Ye+ zX(L;s@{4&Jw`K?7D{gKCxZOOQX;xRX(DznR>~$wSw*_In0gH((+J$Tf&M&pHNiQEd z!(etHVf12jBM~AMf&68w9n}pk)_yoC7rfe9Na%i|CIi}d?+&m1ZQ&8YqZn&hsu^9r zVCTgVv;*|dA~vC;@3&;7KAcTm42q9E<>J{h@~rcv8W?w;f9aqDQ5M;Hl24MOAe8ee z{Cw5!sX+QPZ=~>0zprhB#AJ;rOaI7amjc9rcclPM^5IH~8fs7cgOA;vQrM`6bs&}-D^hrc;$w> z`i6GZh#$xVJl0uBx4ZIFo{~Pj7Zsz=B5p3^kIh~V*1oNk(33< zg-~~E(pIQ1`llL3et&kFY*zsjlhHh&pJ|Q^(U<5^l7G>F|V2P zHWeej;~Xzg7)+5Hj~gkO3~Y%H48I{+x7o+qim7GPyqQq7+b?@znRSpgBUd4|TYtpb z$=dV9>(kS293Sh{)+VD`6+-5;p*i{9E!&QhU3I%UOvC7BW5*9Fv{(%mr0bubgvk!P z-`^QS;>v1$_E9l>on4w{efybw%fy*^Ig!M}51R1W<eulxLFp-V= zR)e}}vu)3!2`4nW?4}n&ed_A8-E4Cz9_`SSYLMU6RytO{11WY0A!a6;4Fzw1VwPj; z+HN@SsjOfZi5N ztSD7pIDI3WY3&6Jf&Oz|H$Tzye3@$-63&%^;ZOX^V;5$54C>YrVe{8FQR``*OnN_1 z+z(R6gUeV@(rTTn{k_#+7(M+ZMim^mk37&Y?KLVVEyp7G-OrC~TKk=DD5az3C!tdI zw8YcqoXN6h1>|E@`bH;;3IiZbvR5fS7Mv|qh%3L&A8z`xum!9TSjB)gm?8p_`r^e; zbOmR!;5MX8!!a)#f4%_fDVAJbx<+#yk#BM}+Q}}13{yBvAiR9vhhX~p9t=^c^l+oi z2O#gouZo~U6ren%-$s6s{%mY0GNF*l_*%e=CjJ=?4H}5itIy@FeYn%{eBok!Q0uG( zE}%aARD1Y^`j?pLv}7wPAHpEVp)4nXVGq}Y1=>%2Ya5M_f`V>abS->C5UA>V4F;?b z)!OOe4aU|`eMMF+OcXulV9Uf)%Zz-pxLbPsW2gjEBlZNO)Pz(NH|-a>PN+224+=J0 zcL1o|V7G^b?$p2_vCn8q5>dKE?;3jCRogM%l6LEVD?5jr+(|Ed^+|}oWeP@o?t2wy zNf$EATb{_qbBYa9+}kuB*pb|pY6;ZBRX|Y+1Tf;?5>JOdP=3NG69)I{TY!T50Xm`U z!uxutYA@@!OucwKe5@}Vh`bPqZ+-Efh-MKbMW#>dhMcbA9$BAEZCUR&13UtPDL621 zW|4MFoO9JoeaE4$pVPZyoY#b|fBq`CthfD5`?#UYoDXEql28yz1Su zt85BR&D@B)9+1kh+=<`4w2}`_TL@1?kh-kY_7ZbMoE(}8-a8T9J%p#Cj{O8Lt7Aup zJk$0D2NisLZavT6o(Zvl&ATZV9dyAG!qB_@kSv;Ta_O*o07z0|Sa<5!^QxH^#g=5u zAlAw+gWH$k(x&k8Vcnu>0L^7h#JPeLZ5@xPzQH;L5r(5(V{uWfI8FaDyaT!IntSzl zRx*ID5qZdTXBY{%A9LYQ|3Fe+KXP7|^n@T!st-djkNrp|F-<~ zofTU_vCl1shsU!Wj+Lle1&!n5o}nF-{6-O<=Z1}G{i`=UJJt_BS6~Mk{F1B6kOSC}=dvhrKKaMj$IRt2}?a;z%$tLd5ke6JH)a(grOtLkwy$z#kf#EN)0%7lQ) zf&>dr=}#r6cnCWk#jxk3KA#mFN>-c3T%R~?bL5p4r-lb88EtNBQhkfaL@9Ssn!Ao| zsOaXMHR}$m*+veNz#)-sd+tr#2J-f-di=##(B12Y1>39Lwg;e#BzobO&pVc}DoD-? z+0u8)z6f?RmRPq3XmDEF=pYw}JiRtZGiJ9#JesCaCY-Ll9 zcSmvR6`fcF-0`LD78o>wWoO~|hKeZ>3KDyt^GhF~5*@hR%;}N<8E0^uOoOgCw<5np#i19)-p$Xmz8xvV z8p1J%XjV1f6&p|z<1qzD}h?gk-Nzvgp96F30LN z*HfDII1$nAjKl|~OW+QD4&(C5*p(C}w#bN;@g+y;il>k$z+&iD1s*WM!Qe>0g+5ne zlurC9-|n~5!+=L$cnu>(b>UkH$CAGQIzYw0gjKo3GNh?@=S&Jbjrt~Uyz0zdtd_!2 zVqH(=qR+AE95LyxEg#dP-qE|2XginSU*cd(!8bI0 zzc!P%W^WRQ2mGhr6qcUpd(`5~FlU5dnkYDwcliA{h(r<$vVJYm4Hu9!trjBXXY2O$ zgL9eX?CZ{?Q%6QwMT>wV8vIJt2}F=oMlgVHH1oE=d~A|8xZt^#YUhAFrEY+py@*Aw zFmBl!Jxj71DCIzW<1n3_C0~@bGYjIFZf)Wkiy*!a28QI&BdkiXBY z)9GZ8aqG;ti~NmqihDj2N(`2=KS*tT#x(%2iHQb5WG?zzflR6r-J$Pwmdq;@Y%&{| zme&vmyL@@1uc=+c*Szv@%$7bD6MyRLQU!I8bGjva3---?>omn!=?Tc1=CXQmSwYe{ z^9{%algSFjRgZfw1DV)9uhmyDrB138Fn!4n&cT>@COC&MG-I%TfKNbyZ*)N2QWs^e)lPHTZb8t8He@(hT!&7>1?OL2W`jejJZOP?4K)IzI~rwZ1x5FK0fXe~`))hx0YWII&Ml zCcB&+1p4fH&;wUd8|gRV^-kJeIktp;SuZ>pnyQkvm}iVG%jk>8J?!YBIXybA!Rhoc@!eZZv+D)e z$eg;`^=NR7UEa{MT{Ey7=K`e1MAG%hXUOUe<60W`_)=f{qAB&Fu@-TVm4D|Wn=2@q zxN9TP#OqUP3inoUbyQGsiK=+NXH=)ni|a-EayHXjv#)$L;6sng1BMEgvuBo_^_b=z zcJH3(5ggfv?#wfc8~}s%XM;Y7JC@D1sdWq0+HU0(oQNk`U2eWN|B?+;FaRY)R;D=n zt5X05q^`PWPSaP`3{qS(bKzI9y_bA!TH7kew7t@4P;CV~H{bKSE)@z+z2jQt%SFtD z!kon$9mWLaZ#k+~Yr)e7>uLNk-iDcpGcTd=qPnh1(j^g7GhF41(&X$6DPrR~k@L>C zYv;503SmxzV7Coi!JVTcsFLIV-e?*g@(~Jr=`HS>Vx$L#M|Asz(Y%>LX@$WJ;X;rWbS8a+!M3d!^l#Z{#?IxMrU;s&($Yn@$0)+y{ z5u20thTp9;h*aZ2ubh3W;a5B`$PWne$D{z%_0_i!0t6LHTmZ0QFlfpmBa>@NyrzMR zC)T9=h+ep*rm!=<>g?D@OGE$ugeM+EacP{d;aG#OIf z6)W^57>&svXgA-xq{4kBz<4(L3a&*@a?7p@sYMK7LN@~Jhkkf@etaTZ? z*aP5UNuUp#jGfe}^YRo>UEEXa9GU9)QvpDDT4d<;fxuEEvIiT~!7`OKQ0pqFx;L?D zveiaYTg)2?Oj~IT8J^wLVsN0mk9Btj4x(POKxQjU_V6!}TUVq)&@vZluC+QvdiWPW zmC}i%=$nxxs?qQxs9qdE_B7pcd*tJqaeF;3gV&{xmbk~^Dgh#mBtr&UAHQE=N00CO zTJ?D6Qv5h%ozSc=AS({IpD_^U{qcYi2hUqp`B*$(t(A5e6bTcidZ@g5ZjdTDP+qZf zOC=nRcD?R@ifp?+5S84e>7qtuF@=f30L*uBBBuJug}057{YoOlwib#pZXOoWf1U|I z0v)Q*p3)MFEEkj$Y@@gleKtLH9~v(mH+wZCwKGIFS4?1u(G>TJ&$j#P{&%Rw080{; z)CvO%rYrsUeoZbL=V|e?^xb1SGVJ6B*tD~HIS?V%_SA?F61OAX4xu185Tma*9XYYd zHx%%(BX9f~J&@an{6Hu#?l8-|&gNARD7ag~`N-#Vz&MQ67!h@WSQ5w=%3$+VfxNj( zowI_qSs#h1R9=t3?r4HRGj^F0cB>aL+fpXqI0F$(`U-7V1>UnhYi#~@AEHU)m05R+ z!7Jh~YC8_5?gkL$`bO^BVxnpugBi8FsgRvxln2Tst(Nn*v zaTybAusD!OJ|?$9JIwePQF*^J8;-l#EWf(~ex2<2iYTYzJo*wT5eHZ%tLX){*cH?* zi}oFs;u%NH#Q`{!R48Tvf|Pc3HFzQ@L1#t(e0_1Y1LBpl(C*>a@ z*|yx+K-c@F*5G0=jklo%-|79GQ;V)QNT&MV+62fUGw<&1|H?z+VgVg&{lf>1AZ-q2ndH7Oxfp4| ztMVak+L&IVfW zgc1S3(K1!f>u8k)Gf&iJlVaUWm8N2GfCYhqUH~PCy|~Yj?$*Ls>Ko!w$88@$hqyp( z{HUT8rh}{$+D}MI6t~}1%kU$n#v;6@K!XBwNC54R!+Q+eC3dg{uYO7Tf?Ql@9!Necx24*pR^GO_HdBFKyahhL!9gUA9k`pOqJg5CkA21mV}7q9BPUuAkieiv z_Z@`~x&1?W*FQZ%(8M^V&eYnPc zNlW7~>9l_T;@>O-$^GCcGx4gD5Mn3U$)^C;b2%xu`Kr)i50EL_h_8r&h0#|=(WX*{ zo-Iu;eVvb+?r#0Iw}nmh=-FW>wDUac4`l#p#wKka8q|T{%~ho0?kO^%RIf| znSfkv+iQ_dJ$&_zJpnRm7A}$(KVhXC3877y?@R4o)%l0y1JB_P)?Se7a9n00uiZ2- zEFoUYTgjZAQv^Nv-A!RTq^4eO9dfs%uL7SAM3s(*qY?G!`MR>{*wOrmQ42z%AG;^y z?~iPXJ6}a#f{p1a10D#enQGK!{YUAWDp3&G?*?2vOqy8R$xr^-X{=-bxD~D!#Zu?s zv}Jqp8Acf6z8_a$X9nOQ4xCf<;=L6BAz!F|Sd%VGL3tyzD#7NfBH!ox7FPF zmC%Yd)y#{ZUB){^k=u8U|9hX1e}|X%wQvhn*5F+F{9nDJL@HvO&K}m=`Tau? zPiIpgAf(=z5kIpgM~O}lFkA*s;{hb_pIP?dd(h^^R|S$KZ^aX1NVL0T;GQSc?A3}Nb^->otrt&V%)SubLh^az=E=1w!_9pU z!vjTw;5{0&4%53h!N;*6mv~}4Ae-TrHZ} z=KGH^AlJXUYwvyW7F|o52>=t>TnD`*B9bz(dTIcsbef~`??I%iHAPf3ygXD{Zu8-x z0ENbq-7Wlszhcd>Z)a{r0j7T(rus!B%pY_7W@QRd-vA26lD?{3Vo(~veNS-XyOvzm ztxuFWF%*7@*(8H%C%@9IG&qo{MBp0-e%n;R`-Sk++99r`PsgT}cD~nn{9~wRW618w z48B}<*RW0gbQ|TPP;+*bdR?n~vIhSc+H*kC;oKf8DH?W?m9Io9nuqub?f#a0fD?2@ z(>T4^x{o=6!$&z~J076P&6a}h(|L3KU2zZJR*Yum0UX54QJ4rjWMx@oaCl|t zyjEU%98)$p6^UuM=GNss!*Nf(-&Mee1_U;P{@l-7Pcc1zA>$Ey-?h^71y&CfChjBi zN&KdDmy-f#11xpBiTkTNS6-eLHd%WsOefwHUDqBIfgc8&pw-*HM`Ixlui1>~oVA;K zb??;xf2`#gJGGog2LR-|AjHijq(XAkBd11A*(A|Fty&_Mb0 z=ub%{?P|oej^dz40nffd<4V-P`d-z#84lM#=0DtGQmWqUV6mU;r2e(4O z=g{!Ts**xgd0)aAa`c9`Q{+THP<3^KLjOBQ@zq29{SH6?*rKyt-T7_sB!C&MJJNf; zKD*n~80^(&GEab~KDs?a+Tr{_p>d!7>)pPhV*h`yEG(3Jy<7ESp%fsgsAH=D{JkIE z{T5%PMJRa4B^+?8m!Yk5{+WQd1%#ewAFL=J@L3+;pMpVs4)sO45-2Ny<09(RkmL&rm6p$-a@T;o}gd8rIDd=LMSXu~tGv+r`>*@p0`Ho`> zW-5^f3*pFKx+uZWS{yX^@4+}Ke4;~HYMujXk+IsI;H@|9dPn$gHFYb;$g`s`9oc^MuS4!PqX zYBK>@lk9ice?h>0mwEmG)DHFWS6(_@nqTVP7;Iv}(3g4?ekh(8)FPi<(GkTJegzO? z-g~Rzoiu2#fU88Ylat1B=)4A^MmCU(o^5^E9<$m1>Vo@L&SLLL)k5MZGCgrI1=CYx z?tcUi?eQANm7l4o7C^AC2C^Y45W^!jy3NWWH@?89c@y7la#{aG*kX5-;=@4C2vt6I z-_3C){MGO1{UVYvO!y92bUXw?QLC2%5Ql(3<`DGT%3%PDqykJY?Jn?0E2=*S(W~}+ zxyMUP{0nmTc$a%Y4sDZnenVoBXX(rIUmkw<=9({0ycB>yFySb$YcOxaS5QA}%4_}f zk1K0>sOnEh+K2lfa5};MC;4F}-8J_Xx0je&I{0!M2k#?;YJWR_??1x}K>XeVaiP?I zS(TuDIQc8__$QT*NPlmw5ej?1FbZh!>6YU0q`Wicdr$1DoLip*EA$qots{9nP)Okn zyK1X%I<3|?<}L|a{3Ce;^LFj2Qx8YZ8`9~CqEl}=Md?3KbdZqb0}4L>y7}`7h3&Qa zdZXf_$;jvAnbp(FyIhg!rQk8EJyC$%QIam9PnFaMKwVm8<+m_es2RVyOEDe18xISz z_MSxo4sU_RA`p54=>5_>(K;yC>RgG}(ac1=FM-4YZxS+h)&*1J593by&&7XR{c-+X zc?u%Vn`7?hxT zFk^8pR1!YZV7B*8gRLfsl_fEPm1=a{h1l?oA^8;*uMv?TJGD>#lCrB)Kxur}d+Avyi>QIEn#^~^+@^N#6L z$g%xNW&D!mY3}rEwFd3Zx7jgHVL<#srx^kbZTw_&d(ACwl3)W++1n0ack7gTK^MB% z$C^#)w?)LxJ6R_rM_5Wn116~np5jreuv7IX9@eQcjIaEjXJUQ%-lg|q*HJYy?`&PGcN3Bq zHYa|#*bSaaT-jC#O1B&nlh6kRzdKC+a0!H|F}oUZP?}_ShT4!z$239OeMy0IsBn8B zQFVOy*vX*{u0nV)4*99s$XV8&4i_wSWn8Iar=Z}thpN%b8OKm7<%;;QV9TMK6LhyG z9tT2zHH@!qI9Q!d=<-Ogw$%^E}nbWa{T~NyY}OJYJKF+ z!@^&iTYD9WK@Bd-yNc>ei(ymEn+~TX^%^9XByNI`msA|+g1l=n@#eXJNPSwOejI!J zRfeFhkaeT8m!m+bMECvaI4+0jTH3JLbsqT(tJ{2&wH?fl7%quc%{CI7eLP%KFOcf% z&qg-nxemttT)E3%!n7lTI(SNjhM%MQBcg(*@_e$h3^M@fOC1@|t1o(yz*pT%zL&%& zb;g43@R1pV5Vz~oe_zIQmxZGT$Fc;H`I(vNvb&6qFKi9$e(f z9pv_BiTZA?pO&oNj`?IvJ-ndLQ83v4pmAIM_F($WbNJ(ins7HM6LI-si->*pc zKY=5EGgTB2ho5^YfQ75?Y^L{NA%@_s=a{hi$-7u z+0W&YH@qatFUQ>K=$Bb;;;m|TQH#_llZfaeBoJ9UdTl#=88X~IR`vd7K@U8IJKab4 z(($tuKt!$gF{I3kOZIKn^D004@S&kZ!-<8H157-8I2|$3?f7|YZ)d<|ZZ8({02Car zACmC_9}lHY+{AJWSDgZ2Wt0h?G+MXRiO$qu$j{WgAG$XpIgD~494^Q0w3=Gujpt40 zmaFwbD-V`cw-E8>;nr&O#`z$F@6`ivrVU} zAJG5{*}@nXCRuE9@|8Y;+$;GsaeLxP9qU~CBT$s${lb3rR_NWb`{|`{#0Gv<`&K#{ zOO@l!aa>^p^#pfA`2p8yC>}^{#{s;V*kOZ?Oxsrf7QOEAO2lZ zxyzzjpFW_46Y_udwL{slBJHN$6`JDPbe^k1Yhmj@Wwu01ZcIGEgT{%JdPIQR^Y;U$ zx_B?#^VAXmju6)6oAKQol~;Bup^^{>fT9UhuGtp}cVa2RI;+V4lV36m!H2evnwi^s%p+1aJn`&a{9 zRhyiJMac2VNq2JF3u)|2=jI)NMeJO7(K|F}(K)A%Y3rsiD3htOaz358GtRPt4!~Rf zKoxSSx~%bjbwxEmm_T^|u&GHO@H@D1@lP?;KlRK4IOmM^EB2UWc?xh7fQzqGJ{&aU zm>t?o(0>xI3We~AJ>UIa&^)fL;~9Hno#-MxEUTds8*X~!r$Add&3XLw44Ue;sHpTr zoFE^JW|gX@+{AY)cT!;ic7SDaW$x{k$IUC4;P`)01xR3ed?+j(iV3b$Rs2Xf`Tdf3 z$QOjNBqC#B;xbpaMzZq^9VPGUjHD!|BjYgU_@z$+2KOhTLP>WsLemH*9te_?5=Z`I zOy!>Qsb0c0q2rD?gy3+_ z`wYpi?$YidW%RRCaCCKNbW45D#6c`*Fx;Ut=H7at9WQhO156wcI7C#^Ji9ncK2+b( z5r+zrT!c=imBQB!sM<`cm2ABU!fDUgdh<%f+-~ zG`&i1^+u-ohak|_kjTJT>fc2<4NS4&SHh;V6 zB!mb{ofa@>v2i|4V}Vp#PDuhFM2%k!=ZCHoCA57(Y>CAhDp*AC>NK0)Kw#A>hEWdD zwo>NZJ{4r&x4I6tL5wV&QH!laN#NHG&`TTZy6qAlnfGJj zA>oM^U%B+YB_tg`$jBe^nKv#U=R#_DS1}ltF8{>3(z}GjWD)_S`FsF)UZ4L^dQNJO z)jz!fxJ5UP*pKrq_W!KhNozJ{qb@HY+;$p=4Fy-26PFwYE-BYQSwkF?hqD4WbE%4N z*-Pb(R@)Z0Tc?T-Qx3hV4FiS_w#sQ`c{R5H^!7Ug)R!VESjPh}uaTd%5%aQg$t4e0 zp<_$+z&MTp&5?cxfH*T9WNnGMY~Ic>#-IFj-1PTT7XZ`dA%i$^DX8!1J!)!vt(w^D}gRCxEDg@8V%v zVeNbO1Itt1Yjh`AJHh(n#m2$A`hu1Tc79o9mvmoWWW<{OFpfNV_b^kODx@nKd&r__ z_~yc8i)2IjmL-}YHE!YS9o<-SM>m3~Jv}{#rlwTieUK^Uxe0+%CUFvT zu9xwwRgM6dg07j*7MQuaZ0}mKzuLo~Rr;8u;Wa!8C47f$Siy1k2wUG|x58c&mFIA= zn>{XLSf5K-5+_+0xy~*3mF4qBY5dOydsLa^cUCup%`^M#`gX4&av$65h3&y9-DCA< zOXAaKh|$gzL+=Dya=SHtNqog~nmXFdh}B(vZ=YV=fUY#M+!?mK8cVg()`iT~u~|1I z7zE`NND;l}_s|}JGn}`A9)g3h@#I(S3={E3JEz2N}!Y& zbk4b-0>9@V!{NgnjXJ^$`ipy+xv#sXd6Z+a}LhCZE{}$ z8hPm+>}c2C)0dOlLn9Qhn)bgxE&XS7dqyy8Ze~1m`rRqIkx1x6-^|@%MSP})>Sv|a zB%CWy0#hOf5FkiZP7?P@6a4@_-933_hHUqaRTcz_Sc?TYVUutB$Vx%~;fp(j*2?$7 z1J?++x0q{lCad^CpbM{ipJ@B1`~^f1=y&&g5TnQ+;KNr=u)ZCF?lwsV6b7CCh^CRv z-=$%K3Gd^A|9xDrREHGIi`-tI@94z$a37z;!IE#%V=j+NiJDjg(`|)SE5J@v+Gxbr=xF*ZbL=Dm9*ZIqM_gFcv=I z4ed>U0g*nwp93L3tLZb5_M?CV8~i)kn2+b_{hVsk&6}I$V?kwv<$JU6=lZWYxr2PC z#+B-Njkh!sTt7^k+)jc4>SVa%oEs}e{)hw}Z2z29JhnSr2?G+i4}p!9>l3rD^~$#o z@?urhKcf?n)xv@vA>J<|!@nTe;bdC2%!9`L`(TMD^Dpf%a32|??&#NFv>Xrx?pVS{ zzbF2;qkx_t?|M#Q=0b_aKZ%4P1OP_B!h8jSG3Z4r#@*R^sRH)!AUw%?VM1WVQ2`uh zU;2!;cIX*kE`XXY_44`w#tn0)>RzcLnYg-r42DCr%Tj3)sQcclja`tVjm(md7Z+ zQv}Ecfn_k`K9`-jOsC^{23-mIH=H3gr#~rUWS#-PyPJpL_ikGs4AdK5nBL3&jSt1^ zY$8BHME5pIw)|D$PM86zzX)gz2|(EUVLSxBaTzNy0KyYvjcYn^CEELGz_^#tKmw*o zC4$xHafOlH^3)N3^K($pKZ6xa>RA&Ccsi^yH(}N4iQ^Rv@WcDN+w1q|{#{EG=tlzo zIBkOkM7g_lDTolSS!~V?oeGvUQzQS=RSyD{|I0;yZ^-VyvHf?^25Rg3`{X*%{49k3#FcXkhyv~7t@A&?OjJ)}Qw;*bMS*rji(y6-4#BK7bw zZ=f&}0u0WB1-ozU(7+NIg*eU0J&mW^#l7#3x{#K*b1m3mDv@%)0X(1uSCtPP)z} z9@O#ZE@J+<*5*GOCLX%`%9MW&sZlkh!PJC#w{&-yCm-6-A6J-KkSjWQr1_b{?pd7U z7B$T8#U*XW0Pbjc*Mk6zukNg`+xzxpI>BZ*Q!=v3YPF-wiHAnxJnX!)hwaU&iNoHN zLw|K_{thmkI+=#6eZY+K(RSsTwVg(YUZRt_`sJkh78BjXR##U>cYEY~!oF48l$ZB4 zG$O>kLx^5#hz48>F6ym4jHhWDYgiqkR6LV*cQ(Vs*Z^_N5X( zk8Ar*@zTa#hy5lH2WcdC5211Jxu}M-2LNw^N7tcpiF<7d{}66{p$M%;JvFbx>E3pu zFiAg8g$nUS+xTMnc!F|}n~`VTHOY-R#z_IP zZf@wNy23 zU5Vj@33h;zI^94_J%#(NKk}(p&A4zd8t-2@IGj#4SdC{g{*-i521doUvl2wDzFffO zWHxKjz7t9-VLz(J9lL6(`m$t80U1!`J?^rO!^)_}b(?FH^*7BFt_QX%Um~pp-&#qZ z`H8$31%vo3P13`BF{Bk@LL4Aqn zv)bNfIA#zlU}zklp>XPVyk8CnNC<2JO~Z%N`b7d6$Uw zy9I?$eMntq{=7|LM`y?PBuvk)Tgad?{ZrHsXsc%4Nf{WJfg}#NA27LTtIXyQ&VRHN z9M4@~G_FH~{WT~U|Ngo2>3C}ec!=waexcuN1-%I?MfX8tVqP0`JgsU7YdD``TS;co zC`xRA)DhVRv)}_2gvr_I?(e>o$mYW*08EMeJ?-3w9pl?;$=*-UKKKAm0BJWR)g5}~ z=Z8xd8uAy;0J*Cw+@~vdhE$+nbH4aq_r~S2^y6&!KA>mcWjO$+1d$*<26)yt_te%{u%!mrOaehRPEE(9pJSaa`#GW{+Q_R zi){eBDU|Na2Y`tLAa(=!uKsRM7>My3raCHAW$d4?Ri+#t0Tk(rZ+B+df$>j!b)R8| zO2EIfT`dq7ZsBi}aF>`c=3o7?>(pcXE8N>a{-B_YX{|lk>iQR=z zq5sB$e7i$c;D5)EyHp|rn= zxkv!g2E8M_|01a(TU5wh?IX4=ThE%6UgHVD6vM7kBa1e#rn5Nqz{bSH-z$T zuD`p2K+A~+-DVb%qK2zaG+`)y-6fSq_Www?NJ{9Si(DXjLGfJr14TZO``NVM1176+ z;?o_0K;QNoo<9TwKBn(i^kT=l=E zQ-I<>;Ez`BZ{t4Q#28i-^hJp75KpzGUmI^ZfX#;u}4Fn~- zDt!rf7@T0(-Mbc&M>2m$g3{31Nho7+PMM;*>Mhj$hGMGzQ}GD-Vyd4g^=AO_zIz*b zCKafS_#TE}y#z`rQ`HZ5BfF>krGxLtJz(grQFk;FUNd0!90&Svz$h7#tu)kJm(;eZ zG&1Hba_`HRKR+u%Obq=KRPScJ(cERfdCT%*zvi^qTjB53i%`nn+(GkaLH+P9ExPsT z1o|Ibf)w}fZeGyFeU0~E;J;xx-{n0Zs zbP7OYiFAk6+|gJaL%4~gwXpOVjxqh6jp@YEuI)68f3s@M4HLt#3SwtU(>m|FN(pdk zpSzN|!|6|(?R`fS3=l?;p+oJ^lCWoi7O=d(8)4kFZo#fE=C9|5PY;&}NWy?b!oBP? z=d|Zxe6B%a=XTSam=`Koe^AzFLZV#4vtheeXE!%BUg2|cv3X`j7!j#{>2;mgo(jc9 ziyu%{P&5>E+~fzGT=zXmI(@@3(`q2akc9BW>rxk0w)r<)yWF$03d@MMC$}Mqb+zLz z{fn(AD=++TTk8ZXoHq2FW|yiiRyht2xJ)bRhclOfzbqPm32}*Spki^kw5BK_zH~Xp zJ5hvL#<@>9H2crHhFidrWf#dTw)KlBbs_LCck{hO{Xgg);{4qD`EQBLk1MMaKI}&(U zx*q=>T<+n)T-CkOMq1lkIaDa%^dQ@ZL|qF}qGfZ>}`gVG$Ez_ z5Z_vQ;&t=&MZ+!cd}J%IrmO?M$Tio0xn1y6*ItgbwZHii>iq#<(V!6<$v+{oz2QXh zxTeifo%`GiGTT3N7B$Cpn^1Gr!B)SChBC6le2!0Bf*Ac9hXS*}nhKZqSI+fRSLCz& zjfqnKUS@m}+t}xCZx3h`@_eZmm_=G0-?x@lU*RG+WP<5-8f%)B208kwAiQ2HBeM1b zc@y(=ob%Z_e77>AF4?;G|U~zhG~=6u?aUwFjV_g5<_o)M>SWlL>t;)^GSJ10F9E17ja zjz3AR-sH}Aw73cJY!7IAtF5KHyJn{5JfBwBUO|=5S{9?<8yGKJ3-?xV6Jq>1=+KLl zcxBC=%yaBy1g5p}O` z1)tlV-QMLrhH!sw1Lx8+dF|a?v+gAVHhb@F_`#~wTT@)u)WkVk}P~a~DTLM5vWKp^LLm zes2K+EvNkrG5C8W%}Gt62sw#y@P~Ob-Rz6ZTJ>knnt0<2WF4RAC0^I09ZACvY7Gic z#XF=t5uY#}8rTXkbM7U&%)~5095lIl_i)FY@>ic{b^HZU{66hBZySK^yiax%1m3FlV2oafPTQQGpX2iXW|P#%5Qz!22C$&sC7ira}_5`adg5*ly9JhdE* zL$12eaFzg(wcpW>%l?44G!u{uXaQ%X?W5)fh0Jm02JF*8%l4KZB&}j=X50Wo;w1+N z;($YPAts1%&rB_xr&n{|)x@l|%dC zHaP8@)pt#J$nR>V<-0y+cmMH!^AMn7Vd(TZpTye&Jog`#i8PhtU(6UF@CZWDoV)+Z zUp&~ODxe?@x*zt7dx{=dDfBz@){eVpArSyL%waHfs4}Bd2los>aeoNZVE#bv^B>2| zWe#J1b-#Jv^}>|YGo?0>C$ zb26rMN5lT^!HuH-yHWyJ({gFT>V%p+l=BC&?;oZ^?Aza~0?@Df87$rUuPPW2(eF~3 z@_$V`==}b9O#W)T|1Rtgvm9_|j3;Pcq2O4Vf8zOFeI|M@oGyoT`^<+o%^5LX2dZfQ zjd}5}fu1#JKML)!huRoOy6Mil{A-f-bAFq@5YpX@x5@nxsf3_H7BFntyM@-A`8UpY zcODydmVnl3&|2^}@!iP&-=LpVL(TExn>Ep!Pjng_Z~STsVJYr64YaBLr{TWeF-EH; z=U?;apN)bF0VHcsW7OR|HAZdxO&@s+eG-9tp-d~~@AWUpALs621oHn~|AI($p*Fb! zFuV{LQjWV4&Hbarzi2j){olNqLXA-Y5S~blA46-42mjd!acB0L)b~3JUfhjl=zcUU zw)fjv`0hTtk1H)1{~&$&z5}HcEqCvl_WgF4yCmLN2nbZzxaxnYQ;+hGBHLG5+zg8& zGv_!(b;rS2pw9cA0Sc~vSHnW$W>$HR`J6tZLgVngRu%l@zvu~omhwi0ZMnC}XFyq5 zx&~#60slz2|C5n>0vFKe?oBZHUxA1o`L064mH#mXRDr+4{rNF#S*Hp*4|av?hM%Mm zkZpiDu>%Uqpclh5i%K~~t5d&2%{%@g5;-2;4iwh#;qj`SF`1&l4RJdtQ+W%woY*{f`| zVyUj~3}M>g{jQ7M%Xk=2$IE}_4S&zM)rkxFyID6Uf2;ZMfg+x?!Ws7DSr?3?xlVn? z7CH-YxFE@e6$LFV!1M;I{gdzjwaxt+HM*0Wg8>$`Mq@&cm+QMT0^_{_I*i=0qUb)c+6qGKdkNFP;q13$4{!uK!#)b3VmPFkvRE zzO|x)ouAjPJ1fLCEfXZ?VLP*m#P+yY>$z;DLfq~jPEb8@JNUqHb85iFXXWUSO-c2- zrvLKItrI$lLEyCfhHanI4>Y@(x;2v7apTm|PbmG9cm>?OzFt|W8?67xc^4ptkCQ3s?qhTA8h`2nm zG1jOxbWu5m*CbusKZLOhK+&gwd{%YeBk@YAwXRIs+RE#=VVnXGp-`Y)*|X%+(+QJO z7JZQuTF$zxXxEW6*q4DN@?`u!*?=}Mi@d*PeP6Dj$ca^&^&p1m4)28S%Xl3LJJ_|#TE-}qB zcjK|SH2%eN#a+)F#ppIhth&q7omtb3pJ2eZdVCDH^5cKQMyN$R)Xu$aU|4lf8Hte7f1R!Tcj8>7Miy@9dUdiZ$WU!uM*VO%kG`CX!drjQ#oR~~N zKk@g|o}mSA@pj49liHzqJ%w?dGbly5OaNd_qq=n^-ru`RfXj|wbT1t)@Ul#H%b3Nt zUf>DAyn8q-=1E1gm|-_Gob;h35|VHJ0S-sa))Aef<=3mBX85BS9irmQBf0cu!p-qH zSBl+}`dpV?%a0#7t&C7lqVcab()RoIhLRhO>am=HqwCrM_p|-IVP4FCZk5$e=}+)o z{}TS{hFC%3*XPsHA+Gi4X>scy>UbZKwFJxNL>KVY7*kPoDtIsE_~fi+3s+X5bK!;A zbhpVGt$q3Eo{snXqZG`7Aa7S!3yZw=h#O)XSUbI9`_Z|ZZO_|~v_r-7oyN0W(@^TK;L=WVg=v)5aDpPM`=pXSH+*OQg#_Lc@FcX1YM z*ha1F)v@LlKfip_QlkE@iYvvAas=sD^f?hImKiA=_+3I(s)m629CzeTBQg&4dAZq)- zQ_+F^D<{uHWhe3E%#b+tbjHx627r3nCI8Z=L6hG&3hBvE=SuD5UN@QZs%fk^iF?wy zNT!3^!%D89jj(K37HQTUDI8x1lDA3`C%F@^zv^APxRpMq6|yc@E4e(-d3!UIj8rRxOP?C z2)%ME5C9%D_k03=%VJKQIEqEhaaZkiqhfAt(Oc6P7MWL)31n5I?apS8z!}QV>8|yK8?O=od(d&WX2A}Q>=bu>&E$_=_RA0GFhYI zFtHMfDeB7mZ{e6QV^v2)2?+|r8Q~qqR623W($rz(I%B*~pvM3`K*GN=xeu=2V|1b4 zy-Cm(7}BFMmopupO0sZ6f0Aj~a0j+ZH6SR>t_~9Me7T`KwPt_MmR@DzurL$Iy7IwH` zj+R$`K1sa=mxr>~PWww&_J@v`{faqkj;H+j59$u-Y%~g>YP?wckI#c1ZDhpicC93+ z*9b-o5zOj1xrd*;dnlQ}xpmjF_rv0rw2I!>$!Hp$!+F`nz${3OJ~C3W0xO(bP^*AmYq=_wY+m#=_`^-Scs@sTW(RBvo?7N@IwM ztIK^_EDM+R9b>{XXLXj1JQ>==F3bJtl~G8DFd#fS=-z=lM|xTI>|(-C@*#*60<9C& z5G5x1fxOFfi`~|GvgMg@>HJFXRd&bav#*oS2WJ%e2Aaj~Bch)iZ2PqU^hHnjKoOH{RCtD| zwRw|L5|qy0d!4BAxN;|ZINvhs;2Y6p)G@^Hmkxq7z9om9k?KXXq~bJn>3r@&)DiKl zz}kYeT=HbG?#bE`&rvkV)d+IP<&F+F?b=yZ(@<`MtC~bboQ+dJ_Iv(hZ(sZw127{I zes*GR%j@_A3r9pD7w}EqR{Rp<2E&|OMUN{2NHgtD_Iia1#q<_(y0fJS0F18%awyd@DexbV+oylwE$^BmUe8?Q?foaWK$dJ;5r#%%E!Iru-O zk;^vdO)O>)>&@bj@4xRpweOkI}?(CS;g&w>47ZB+srn_dTSn!N(@g zZuI4DGy^n&H2XczFAEYHPC;8;ydzbPz)nE9um$EAG>Aj$L3 z9!*NVcP(rtAv(=$x%%P#=IrIU7`gr-dV>mdI|$%wP8X#ou1t-bCJz)v4RNOW@n1!A zSM5S(GH0ZO=ch+)CT9~7lvi)W@S8WJ-dUY%Yq&M&#VVEPR>MpHK;!|)J!BJ5u_DOr zTJr$~+kIwedS;c@NHXtBAMx({hmQbRT6n`*8oy5;Z~2&$(UaPWU9%lAeixFV{3XZ% z@tw|T%8<*06UU*#*ZRA!QN80Dh2OF0;U#l8OP#HKmA$#BuueJ2Snb~JceyUQDCBgW z=CpP*eW({D_cWJpU2ls}9skt8UZ9@})F@GI(};t3n2$x6+kp(}3vJf|%CnAtF(J!bu+(WktBev6l%RVL2_y`X zuts7<+-Rv16U^OOKgf8OsncW?Si(^gv1ZjJ^nCJg^l5qjR(SVe))(2}Y~jEUZn#ra z+dw_omvGdT+~61Af763@@?;0NXP7sX5&BKAaD0SHjSmaysZR;z+)A5~3tcx0wl=>% zP}DsyO>$KKwO=zh&?w@>y-~=GTHG_IfG-vOOxfaN$Xea))tB%DF5EzP)T}XO{&1$W zA*A8sbF_v@LiUf`AkqqGOAMg6K3(4}i_D}!5*7|!aQlrMmoq|Rs)k(l)9QW``lZ6K zWJxW%%F}Z}DrS8o>EAO2Jd)wt9;{}ne72Hlt!psTUaDhpXLOQ|h8dHlnqlOyqqSzP zn|-cjLw$3mZ=PZ0MZ*xd(6UZ13gUCED&3>u3g*1%MKEwUB)1&A_Ljww^$*nb+PA(!FCaQrYI3wT8G07RC_A9*^) z2+)Jj4Q_Afq1Dnw;|?sT4NzN$dVjoRx4F#It3zNzzv<-O?Z?;MSYCyq+%p%t`YXek z8|FrQicG!m$r__%Y;|~4^pW7aof*h35z@SU$)u}4{Iw~k*uHt=&GDIK`yoESWro}V zN-82l#rsYWQb2SM8R+VFeoG1W>iM|4fX^ZH^n#i9D~@`Nm*4^kb_2)Pj%-bXimuaw z+`M$zN_ds=-pX4fH<(C{P*u_3b{N4Zx%PeRlzH zv!>sNOU7GAMgm|A&xvy_46SNdT@s)mc94cxuAYL=0&r`{mBw|rCWhMe-(`qFTmkkY z6Z3F$fUiBkXj8kXToIfDg|7bun7nr<1V};~PnTXsGGcmTd=|p*>Y*gQiIaHYGH*ZF zXh`iOpfhy_2hwH*FuQx|Uu+XgV+^#6x@Y0tEo|?IQBdRPG+`{_$A2(PZJj3t>HsaL z-|wUob6?*&@O6J7g*H^`&!I2BxH~eEL3$Y_%`q_XE~1%0doimdeF90G_9-^dE0YC3 zdD$6;3Ck?44UL{{Ks>u1lakzVPyS&^BBFoVCir$OSGh-O1~+@TuU7aczfWjSt&A1( zHf{#hOU{G29gvFdjxBR9jlSR1<);G1#&V&T1-S0Sxsb8AGy2y*Df6SLj&6DrMWDN` z+eqej9U7jhb1?thylVXjbNKYG+dv2|{%kW;?xGT)GHVLJC!u<=1o`GhP31NK1XkCv zqYDM(>MzeC(4N_O#~OiiwYkA!R{7U*GYw+y&I0Inj~i;NPPL;3Js68fnFAffXF3D~ zU}~9^g|C6y3*l}Wd^~rAW(NkK1h~&I#9{dDBj2|(H$E67R_ROKF8DALjRCS0qkI;@ zs(z36@L;X(CgoYaIhI1Nxf?Cohqu|!U&KAnf_1-QV8ee4-|Jhp9_?r_d5pPXVCd(B zzJUGf?z9nl?<{i==<11=Vmq`iVj2)+C`8>s_x(m7&A9ZTT!06T@0qVv2L1f~?p#vT zP%lM%bvY;~^!WW2-QZXJ&u|v7|1=7NhB_VAyA%(4mt412sC$Vp9Rls?lP%bBKVC>EpDc?E=PHpeEn)UcCYP@WCoPt*soWHnC3!i<2m+;kiqN3kHq%FPatnOpSMf#QN}T@lF>7F6 z`V}n5KixFL?Zo&tTuGNMeP@c`N;Cw|1w~(hi}3h|g^UkjX zstwM`>yFEYGhamhT#!4yT`I@*jd#a&gCvTMCc4F7Qh+okO0Nuyy69>u3hAtiBVWcP zt%b`Jz<*UUy;z}{?m3j`?)VTS;|c>3Xp?dEav_2vt6Vcr>4Vc%#727vzDgcnG`po( zQSg4z*hTt4G5TFiPQrBk_-?^w-2S3UR*UbrAkLeOhO_7M&KkxVbJyQo4zGlc-y;L) z`18v6jpC#<{d;>k(n0SiMajjE+_{yn0W43P8cJwZa6y{vafe&nxi{&dUJAZkFb}*G z=FU*DZ4EBc`N!ULf&JgRhx1!5kficXX=R_Cb3n*`eEf>N4nfRt9)Of;+ zEMJqoU(Se^hQwvjPg+@y0_0v4DYFt8wGe8tppHS4J454)`r4v}rpM$bZRT+%e?RMu z0A9&6a_Xb{FMXZVpC&F*^rwJ(Aw!w@ zhklm|8P9-8n7j!}Chylm=LsJrmsmm1c|$JAly0YPCsA%eE_swj)mfAO$`Sln-@vFb zGx1g-?mdjA|BBefN`&B(`CPWbGg*FZilkx;ryyPozn#&m+R8a40WI;3H@R1r6u_kT zm(66m2{*nDPYQe>5KlokqKFwd13yQd3A?4Skj5Pt&**b8?oO~v7pqpW3J{ly%sV9h6mBx z7S~@P$Lfes+cVN_x4;W5`QhOn3cM4x4k((N<|M*Z=ji{WcYCl9ezO-|@56DA}1Jy+BLj&`l?rucQaWChC7?k>VvTb2wZ|_BA+NHFO+g zs$+l}Cps<O53va*}ov-!&} zgtvXfFm2Mwpcl)ks!q*m`hLYn)oZYGGq0-qjuK#RDTXTwNY9V1jx>GGDNzR#WAZSw zXh(Stf&qaxlGp!xUf3@`hlLZ!DeYaPhk5hL|oLm(OGJ5b$PkS8&^qxeMu^Ct#+< zo)RpClczCKJ)AS<-F^QwaEF_AFo?^+k&4tJANG?*?$;AH@p%XSIfq>ZAZ1G?6sM9( z>w6)#2+(QzhD*VJmc=1UqCWCb5Xe>_<&QibJnXc8&xV933)A!D2N2p0RnlsG(X*P{ zdT1mN-7EJg3)kc(xI9`_X))#_bn7H*1Gr9q?h9OZ=MR6F6Tk2(dhhP_*bmiZKt|?^ z#p6A$?3k?+L^~nPiOP;MwJRU3tyU&xsVB#W--Eh8hhyzkv)%06N^%C(0f_5r(fdQ+ z*E0DMo9(x1WTvpELNJR238p_J2hW7IiFOek)=ZhZ-yyv|Yd*leZDZg{6up24U3Biy z$dSUVeE-O^aj406@q{X2=CBv3rpKk#rJ!oQu%ZB$_?SdE52pQSa_pAq#t5)DR9Naq zqN=$?YeQ4DQRq&qXa{i}&7Ud`F{agj8b=4_;hLR|u8SO{%&8v6y=`gw5>Ze;X7j=I z`eaY3pBtD&^aKv9{6#%;DKkpxU#C|ACs9xOy=pU6DZVj}J#zG**<&>|P?Y-R&^xQ} zg*S<@tF_S1DH(_!wQJFgFO~bh-!y#tc*{s|IcqN3lYzz1h0k8Gg#R?Q`mh zfbaLJIhb5Unla7~9D7wut~1}-z(ly*HEGLHdhiqmw9HeY0A@1tVfxuzS7*=MVc8w% zE`XKU9#Nt?J@a*dr?9Zdlf-xshyrkVW;aTxeh+ic`xa~m1gPmeG(pS>(nml;fa zx&72~pJLgS)e9$-a%0^S)LmNo7uG;)tij*vbvLy{n;#-|YfB z5Pggq2tL7(xHc???k83cKPlE)Jr>kp-ZBnRXdTz;s_3sImKP{w(XZ{V)dF)oV3=BB zFR)!Bbb&2Vpu*2%YI0k_I6RXnJ)>e{#W5u3}hzxL)9ySXA#rg zQMQK=i^_g@ifDPkXj)7`$c| zSf_ze45rO57ik*ePCgw?Zm>|-7Z1OYC^=}Ip*x}Te*z47IpNz3Swkb&qvytP>nY?y zNbAyu<>s*v8;_z6VO#n`jJ2QS2jr5za@0T1A29?qsnI>bQs+RNJzKywxasG`1o6=# zx6?Lrf0AL>Tz@w)ZPZoIN4KwD8oLr)BCfbNM{==VXc4kU@#W34NTtbdvh+Xet}A79 zy;}*=D4=$sme7XAut?$7fkkEWbDn|p4Le@GM(d`GX-mLkKGaKmlQ%k&UoJN0Qc(oE z6^|x9w;P$7{YW2apcnCiC3}1tm*oFr4vz}KI)>_EW6E)Me0+PAJwl{7ux5-4>AhkmgZF(jP6JmExwSy zI2ruWO_w?IW8$%pu|(+W%;JUYTKoB}2#s4WAOczjWZtYqU_Xgv{ZOm(rH1fy%ps*U zI+L23nyRP^ydrIJ_Bp!hxz}MgQaWr#ps!2dQxo5hYfSZidoI9}O2aQqgv-iv{yF5Q zlQjUPo+jE@s(EfsV(`Qi#U0_pp!K{u2^!?>b1e?XLn>;jaQGnJ*H*Vzre|L{ek6>c zIY6=-BANQHr`FL3xI=tAB?1o;jocCoZ?y?7=BE=BsVZ)}%b-0EZIK#-bG4M~&*zo4 zkRpFl%Q(|a%5yNbR_|-~-0kHUZr-6$D}6VZ8$XUE0ILwelf8}&)!R$vJDj4(=E5ME8)L`eZid=7Z&>ywFYo@-q8N5Q#0)wwwu@c z%ahZWU*c~d;qr1_MDy3)Gj{s1WzMNT9aT6IwFs@Y^?w?eJoE|hNNUuez~H#iaBWjG z26a6C)Ze22l+~NdN=h2(kdBL_ zbazR2ch9*O@cqtjO{_I**3A4dz6+ksKKrxJKF@ic{p`3eM8EQQ(@ZGl??Xi}y4aEWEve5|7~d83Va>?7?`a=EI1Q#ECgah)0TU^W`nb@uClu&_neWlzH6YIo-? zfw8NGID?m7zB28BDHgho;=d*YVJxT&@i`KWdRr#Zyi4E5b|C70da z{{(?b;vqamlkasf&3BPWLWm7pHMi3%!@0zx^<6RKcE-_9IDtntQak(T`ReSWAMhMh zT1oi+&ZRheg*c^;|1iG^Nkijb8s%3zQw7e|O>VOh?MA9S!Gd6NO+>`jU5CZ)@q{V&Vs<*PH(y#0-!{h40srI?y-1KxTo zJhb0a?ucA8&c}*pQ3_She7=%vAmi5TQUqtL^q6DwKmRVwzf;m`xCW^Im%y-TWQnci>T@ z!$I)cTp~j<(|PM>RLEZ!AV@HQ*iW%JN`;slt#9I#u{0{1dl?wT7T(L=iG6X^(^6N~ z>zKBr4jCTU>~dTx7m1Io;J;wn^?kj4{=2B+>S+{A zSXbUy>>GwS8(QeOMtzM$Pc?(|O{4E{+YVCFQMeGk-^rUaR*pSc-|)OrG)-OORWH+C zaBRx;mpMapW&~n;MT_v|wLkd{?gVStHDl4M=VM#-)b<6KWY$|Ytk<*#!gH%VQ_d9$ z?ou~9KyXo$`?J(?t@g#)5C(+yE=+-zal}e;O36KLJ{BD~Q%lwi;vj zINQIUJH()E#IpWIpAnBBmMDMGT^IJ;NYky+8sm$|7uz7~Xso%_8{Q=!-JA33ipv2Y zDdnXz(QUWnMR64puUb++9D7C(CgbQDS=ueHgaFTLaxG_kkYHVoOQKyiii|yqG^EOI@AN2b``wqU8Mcfe+28(`ziZ zM_G0_a;IO8aV+_rc?w<67gbESGjyz9#tP%ZgkgB4arcuW;BYeiTAcU z3sJs4@x`R-`{DZAV#asMIaD`$l8HVb7Hz60b>@97jY}JC9sldaMWWD`ybL|<iCqo06N_ld~uhKZwl#NG7cf^p@+8t_UvYSt_Q2 z-Ysz5Tq>iId$QMGe()ofnq5LrnJYRe1=9r*l!_VF6^K8b+TU0jZJGQ*RsS#;B9D5i z&jJZm@_-ZJwsWO(UKa`9l@5NqSUj3aLcq%=^#i$Yt>0@aLVhes&)v;lE!=eZE=sD$IDDic`(4*}X9H zCS2W6{djpKDbm>cM#Hc$&QWsHf{*&fW~E|twD6;Dz=kr@vQUewg<%2b6AFq~a3HTd zJabia*OghDMy3@j&whHvpyHYbED)jfZBAv6FAIJT1O2n4zfGRbvjjAnnBlWDv68!w zvO-iKuRSDBwEuqd4sT>qd$;#1u(XUPk9$KOn_IYT78&Q&4(B>_nF0+~ ze;m2hX|8a5xY?~bYMkM~te~GndU5%q`Mpt$kUVk<5%Q<|qR!?Zsiu9xX?DdRJPkkCwqg3vfp5hjXPoS@fQ(t8b&%%IwfMwEf zDfIPuGwZUi_E^hR-vp|C+O}aW zRi}=}JAw{r@@YUQk+;m4)_A?_v@$+A**NR_`c1rc*NEywlz4c zJLbY;k7CpDx|hq-D0%nVY1Z?X=XD#G_Tr^={FM8JpY_d^*S9@2kAhs|0T~#rQ0)gG8nI5+IiHrzy&g6mifhiNS9ROOubO3sROg?M zvZWreLF<3t^rh;$1-N^Q<=iSI&%UT&89Y{ad!74x4Dr|aK}VfabmepLE|ofqH33IY z3Q{-iuFkz8j=UykN3$bc<+AhbRS$_}4Y)Dwn-#^S_pa&|W0HsNrE1K!C;4?nhd%GG znfr~ZR6tCxi(Wk|3a#q@s4UB2qgcNONuook)9R~9px zeF7fw9M7JT9s{~yzAq7}`)P-jn{9OB?h`tpM}ZDV*<3(n@|rfhgk>|VnrbOP_r`@m z%R`fG+HICh?P{Y+#(!x;$t_azWvm+Vxld$ z!Rgp*YC}Jd)&5$KNW3}m05bUXjoxKV$P=}yEO8oAK}$014QIUR3Bu61X#HYUAXcM8 zrKr-MIalm$|8)i&dvcwHH_Ta{C9~D55Lzt{t`|yisvergI_Z}#EZmEYW=;Vl$E&D? zQ`VMOeTqOSWSsGbf+3q+o`78kT!j!`?&jDAm&S*~ge{wjJ??es4gFGRZ08x(o+_<2 zo`_s~RCr@C1S$BVnOko>3i)-p9yrui8zN~)>X|onctUI!lRtXF#|VM`pZm=L34{;Q z7GgsvI|b%^LO={I1DuL4zAVvhUl(W+tb02e25#rp(&1``CYEi{o9cbl21=%JM?YoO zDb5!Z|E#SXcmB3^pS=!p|V^ufO_GOmb z(N#5WWpaE3#o;(mtJkCP^K$#(rX)ARO#4DplJkqekP$~9S=|N7u^Yj59%B{xK21rF zmy)iY;~^YG+2rj>b+YZyOCGN6iUMBr`uDQNb2Al*UzgRgorOhJ1f>b2hdM{nllrMq zgw{mrZty@s@h!C?k+H9OKTiE*B%_vf_^SD~Kp5PGotoV%m% zg9FQi+VmUR5H9wkLD5Ev_fa0XHf^6tCPzKUd^S}yD0s+hJEvR?VAr9Vf{#y9AbHYIHVzOy(@Gw zu3_#r$$bS?7a6(mVe{k*0YbM=SG)P8%4#HWe{|{Xt%dtGs~Ez%6Y+?8ua1vz9+wJf zGjZPBY)zy7GFEk_Tz6h)Jo@x0Rpg-z1LfS$RI2X`i+Yj^3wjhzX{(j(efIQ3W7PI; zUwizQLnkMA$hHVyO7pJ~zI2sVNu}Y_diH6p--{TFnqi;47Tftx8bW%YG+xVi-F4ZC zmTN)TiL=V^&zv$vcZ#~_7n^m*6B`Dm*LK$j$##MlKKrC6I>(8J3p-OC6rqVRcP~b7D@;|98h>ZCcADFy?k;V&~p>*Sz9J_6Z%0@-};#cp723-@vqajO$85&nq`9 zNYd*NNC8W$e#MZjX`8_%9+d}~au{S{&-|mqRg-K|b)Yk!@fXC;!fz~ee5+&)I1F=m z#;nucuPP^<^_H%tMXA^Q-VnZC?p|BfKd;(9qSkkis=hLcISG?>erJ&*{m6D>B)c-O z&1|00cs8OV1k7`Ng!k^EDJ;VkVk_?4HOh9$w!~4Pb1Cc>ce8Fc?pyOwQf(vQ?4%MN zso||wM5c1ueooY4yY|g;W@Qs~YfGV?QBhwonW9j2-R9xR!l;c{mclc%9*VFh9$O41 z?F-Qhwwr)bGiUkc!nv}HR^OVllZ;L4KfPo(dh{M}^65W+&-jW(Vy>4s$Z5wiGa@leTo1BS7x35nN`Fo6>UR@!TkB*%@(YxuN)s0U&`+dD* zJGuLTXiitV^;x;*NZm}fgHzJ6F8YF|MalKi>?KUr}_bSqV zJDQ8Y(G3m_nZ;8`@!f2>lb1eRa5W9q?_O0(w$8!BDNWwWIKhI{E6G<5&BjrA=!Q$t zeL~vH4pkYZq?|3{DT~yeCum4t$8at={pR}x&be#VIJrGiV$Y+w@LNk^rJO4;svoNL z0`07;2^&Mx)4HqplxAHp#C9$jUA;`+I3V{oP48bLqqaBBU+folNG{3d2@Z^L9Hp3l z;>dE+6uNZNys~b$nYKUDV?MjEt=df8`E_%0$$@5_3(lF!=H9vFF~ysJ_ZgN=K5(2Sv}Yq`}2(-pZ-(5I(1s# zoUtM!`Ag#Gro;W#0@h@&9rquMeyt;L4Uo7z|Dsr1s>e4bFQ0L)dF|evvuN^Y+UENy zBKuD&53W|pE7K+pbuu}Z?vTk+OFa`}PcCVx&nwQ%dHV6ht@+=+bG);0o1(ooHokO` z=D5~MOe~I3MLQ`qIzv!ODtRy8Byq{7dTDq~Q$&a*$3CCz(dOZFv3+iu`@7Q=Y5m)4 z+pcbkOELGJEXd~glDtUTfxdg@@H^`+i7*n%M%|FSt2Cl&*tnPP^^v|(s;HMPgPPsxkKs(>+vCb{mT>I#AAm`zRffG5c|4Z z1sA(G19Ht0!qJUk&0nXsmu!jCVft*soMf*BT+X} z?a+9)pY^$|esNq2PI{uw% zcv)en?D*ch_wxHW9)ih?gyaWJkP8Qn*Vh_nr~L+Od2hzo|5mm}1l6uta1Rah$9ru5 zLTFgj;v18u87j^U#Hg$7-l5>wJXIVnHnh0pa}hUc%p6L}*j~cntlK1Z(G1=QX)QcI z81LUQzBrS2X5*jy8=K~-cL|PtD;L8oo7SG|HZ?FLmrtX<=VUOlr(PIt^WcMI z7Tx9MD*k%+V69lgRac|lN|o=T6cULpbQC)zxHIvWXfS`Umz`JgU+yCl=>tgE*i_^LJViW#>Q7@&wN!2H3}= z9LIuIsP{G^s5}ynUu%A_cvUuR?yx;+TclJh;I!3-1qmEG8ehTP+weQd(sSjmt^W3N zIbA-=E0^BBWCs@lqSFqB?C+_t>B~kaQ!6~0H7C;-fUJE^TPPIoIOXyua<*uvcPiQW z39-hs8~A(bc3HMna3O7INv53}vM?E6Y3lj!^+0g>#l|Ig(;Zy!-%|MbdKxo*ZKAMEv#IfGa=*b81?l!MpvkwXFc}& zg>|VO*40je+|AQ^Zqgm5nXhLkPl!><&-o@lf0|!;lSOU{FY1L-;r3p0q$-$+LzLQ8AX+aw4m&D` z{qOvhUD^ zdVvj?8d_j#iqT!ihYaxfXC0}nvt53M`+V==A0D33Z0WUh6#80!K5#O`2{-qx0>WLl zzmAcSe4arN_4$*YIg!*68Hwli;$g63LX4hkx2Hne<-FY>=j_?}uk+QW()4k&rt#XI z8TPoSy3xwx-;m^^jT_Sml5(97FRK@HlNCUl?zYqs#;@f%SI+W2XgW_;E-1f$`Qwr5 z=g-nRQ%}V&&(jVEB`*WJ$NV_|cE6F@#KPX&_&9qV>2c}Ow$Zt;k@g^&=_S{K>Uu_T z>BdjJndGd-0lgr7kX_Y6s$v#P@`ajVZ_8q*t=bK=~~KG{X*+d2shb`e@auM?~r`p(f8t_(9*NwaXVm^%9wvYQo}7BTyn$F(3;X_Gxjr6-M>8wG_s>X>wRy9__nb zMuot;b}OlqIp#tPb}#-M1?q3op)i~LGHfq-#w8e)xv{Cjq@+UY+ z)p+IFD(*;^aTb_aB@KGd)g7@QqjWDpTzy| z4KNiv7J>+B-O6;Gk8H61TAv+-Wkm{Il_NCF42J1XJ}B*M5gz=hpfD_(qi0^7_A%|N z-iTxvjhe7WVxofk%ErKYnxmkH?n$yxjK|^84o`&oRbbA{>7we3CJnwQ$Mg6|Hdks7 zxUQw>*;9#$^KR{p*`3N&&Lu_JJi*cufBi7Lz1-Pj4Dg@|K1PY*)lqZt zWWD^Hu3EZhQJ;j=b|S^MVA?t*uCQUOt9=|@0<&mnwYl2Y8lEI zLQZG>uqI{K%P8XFG*VApo#w(IAoOk(y>$6~IX_x=V`Fqv@af$$@3)fK1F&~1$8aCh z#o+-PHe~E0wno?b4_c-HBgHKl)g{%^x%CZW63|E~{7;^-O}1`!8yREljq=pTA+w{& z*Mr8?)yuJHOQ!P$pNbvT1c*!L&bYq4yL?ug^dx+Qmo8-M@+54Br!_0#CgPVBTu(?HvYXDf0VFm9Y=9)pzzhGAtvS?Q*&ZsbfF+a z{&NSTGri_QjR>U~-6Elb%0&%p!m$1ICFbI2^^hg_xb?c%GaAi>M%{Yw7kY>96weP4 zjUqMpD}=&B-8#nurhydW`~p>xD+al|jnkP~wwrLEkd<}knQ~j?B-?fvWIjeit@84( z>QPQCAy7r0a9Ftt8RLz3CifF7==hE>M&Dr}%>iM5)yi3fQNHc$& zTey9;t3EK@LQU_CShTaWms`lCm@pmXuxlusq|(We<1}pEOQ}9wbA=&zdgaOL*~_z!h{drP#TJraRpKhOLmJ>b_JJ-di601K*G(ILC3p06PIDIzL8{_)cvU=AzKv%u3 zaE*R_X*q&ZEOzu0cB+PBgV&Cv z=+#`#oRLPK4F~F#Jat*3cBizU~6&X}i3Ne)Qt#(Z?6VdG^t-axP|_rG<8a z712ma=7^Bc_J?dhuV_=1OPhoTD6_upXYwWs_Upx)QXHXO_<6CmCTXR#+7~LEjB|GZp{YG5O%oR<9{(x|c@S9eoh$c+}Fp6tP<6%WqX(sGD=(Q0PG3kg+deTY%JH3^(m=G8)$8>n-E^VZ*Kk_ zlOgph$7qn9h^xA*uD;JCT6jrDe%mc3nK4?WzE9mx02&w&SmYMX?pJh)y3|OkE7m+xJiO()edb z8AL6k!ZM}Ocq}Lw=rjXW>=ReGJjrMvum@t@3i%y2*MV;Gp zF*0`&uj&zs`qc10e@^o_$k^Whg_`)@yjvKG=Dyr~O~d)>ra{c6wLGk_$q`I?uX!dU?Bfv+o)yRoa` zR<#CVX&RxYCENUHW&1ai{)WFRDnjeBO|mzemCFY+Hnrc_o_B?U-3yK~B<0ty1t-vsz7YUg$fT!u6Fj z`0(?qN)+k6%{9pd=gkhZcZzXJ;A6in$xoMlI~QVxqY{@|#20Te^wLUrX1nS**t6+M zwA*uETyjtA3B}SEDig=GE7Yk#W-ER5IA_ob>686sB`>ugl)zI3jxjnTJ|MqZo*oU; zmy0i^&0tnQ)9Yk%c}>izw$9aR5rQzLV*R$T#qAN7!0Y$*F|9O(Nbn7{#2af&=y9i~ zk~}iNgGA%E=c09vW*9Th4heF_Xs72jB}T=eAC>r)$Gv@Tzxuj^xcxkmTDH(+MVP`Z zxQEn&xxoEk5M2=z$$UI!1Uvv=tv{SxRy4Yi+;sR(#`6C0Txt0D+E8b-mNuGE+4AEPrj~aSJA76$ypeVZ7u$=Bw%PpQA7E zhao3YPckxH^L@+Rx1DBNz4 zm}$f(^P{#w=?9*hu6lwc(&$B}Ydkw~A1=$7!}J+La@}%JALQ8f0sgLzimtHsMN@Cq zki4?-LT&W~lW`0D>-=Vo_hhdxFa9EudwL5Njj{CmlNTH6Ry(#S4n)=^{uFdga2)sR z%~F2hEaf?NR>*(&`l`lC9)tUl#f~6$=43$5kVWl=r)ei1_1rP%13^KSUuj6*mAcqu zu0z3-f3OWWR=1p<32vEIWY8+cE9i1uHAnn9sE>NL(p0)rsMK1x^Z*E3=AL>)$>!z3 z&)htZn&>>=Z;$y_qHsNAwx2Um@x-|8xK*$a2`fY+#`p8*`DE(A(~t9d{`wbko6{yY z+!_gn7-R9Xhy5RZx+?6ye>1eV(eAIWm?0oG%#p{M+0m+Bcl=CNkMe7Y-60Z(?KAG- z;sVcoi$^iOrdwRnUL*vXz&@fW8nf)ojLxK1Cr#L9iqM!G?8)PqwV=F^qs;W>1b-Bd z`yOIBK9@|)%F=a0`?Hs$5=ScP@I}59uki{|E&fJ+n69(Ngmx=!aXAL~6vgu#-;oLd zKdQ~@?7hpPwr3LhMTYci0?V57uZNMHCWUH&q9R0)BsUt%WRIsIYHybIm_q2X_fK55 zWWPPDjgzsqH_W;sTk6##CL(OE3e&ZX6%_Xh*gXw#jB%emCU=ZbN6ih^?|iVAJ2O^i zZQt8^yx3`mZSHjW*MDv8ck56j1+iuGUNT|4 z+=wa2DLr+5;2!&9y$t(he%$(yRsly88s@s)qa8k89X$@K)@silv%iY^?wdmI1lkZ+ zo&+3eVD-V_f6gkOPA0#e@EbS`wW2F*{9a0~klX8G*0TUOena=F=T>!(Y|;;Aw||{z z$t{$6j&@>X`QdPc91PVgjLdReYAVLX^aACB@^!OzCIc!Ny)EtT(_y)HnWw|%iuEdm zC&@1>m`ZbOb=c6X$GEtb6S}{RvU?n-@|ooL>$l116^{bGf)a3gk)cnB2aM&S(@hS> zN#YWFNP0b--wRD9uE%})eIqwGIK0u6lcQH^QdUf$#%po5ewe@&KloejWLm0i;nU%3 zNy?aJFn*9Fk9_Mi#;DNFoHGRpyw^*n(U|y!Q2U|R?^U%jEDnxU+J4R{2R(C%3|FCT z%Oq(pJiq+;e2p_$KNnkMR90_Gcws?ZQ0oa(s&a>+JR4VTHjwUSJVJfo8_C&iF=#0{PnZ8+D;LRa!p?7k)3!S z&=wwt_n$_+tY5^_P*u*+A{y)rLfhw1CswgvS}4=A<9b;b^KxB2BkDC4Boq%aM!)IZ z@`>N#?E5dPanX03k=lc4gOh`igZw09$Lj@nO*E=6J_hC#|Dr{z2w zaromy+VL2(jVJ$n{>nE;l$wRq-l0NO*}So_=_C!%G%gN1mSWCnSz1MDsA@{Fn@v~i zMpLsIas3Qmrr;o%BjM%?plVhK1dSv;{G7$sOM4r|R34ULr>bgi(0FVqW~z!*Rii>W z&kK)AMkk}1fEk}>4T13501HK(nau>0R6qZ9-|ADCyl^=A%$eE5@zC+Jfnvq{fsxKdlTSXltYK3-h(Bb54_vmOvnbfy>>x7YIJx+<4KO#+>*kE%ixq4h{RXdcUvTtHkpFuh0c060O8b7&^%c1kW9jhHJ|- zuYRe++ZDOS5+6ttape`veDrk&tBx!GXf2D(3ku3%r3~G?4DFS)97v$9E zWH*9A2He;hpavmzRee>JH*g?!5)@{TLGpX`yB~2JA0wa>5?mecWN2H}mF-Ooh6y}P zbecz53$f;96TDiJel}BcTF54wTy+{j)O%79n=ZWAs6grSe}NH_BT-UgzpxMTOrSZ<#wSG3lw1^9*v>T{*tJ(X3wf|8?27FiK$Go#qs{EqM~ID8&F=jK3x1igvhqoTPsEp%j4baB&(J%wNFgXx}G%PEV1?zjEfB3)eg~D!{cr z!%{J&<}j7(-LUJr^D+iM%vAUyjv79OP~`IUUezV>!h!i{0a4X)l|^TL1)s;{NIzu7 z$a8Ntu#H|?udsmgnxyVV`1&H;yu0wR&`pQ><$Nq$&*e3Li8YI6akabzi?F@jgzDAe zh}kD5Y)#>+b4ccv@TJM8X-f34$vK-{ddNvyWh5Z=Yxg$g!Lu+PNZY5&{ z7e0!s1+*B*RIk^w-InJtnGvI>c6}L#qsUOm#CN%O(#EB3h>3IK?wfq};&~-9M{d0d z`yc1?aOw1_=Biv#xdfg9P9&9K=Y^}v&{J)pvlvhAr(PX(C+?o?<>y}8aWi{nE~hyd z8EBH&<~cGZEIw`4XE}>_s4qw{AAn++u{9dt7^A6FQV%G|uCAF+>Wm&R6kn#T+w_`j zedju=T39jHKUw}@W3!|>tI_A(nW2APv#%x2{L|licvmY~(`^*dNLU?Bq=$EbXo->u z30+<9?5MTD_~kLrx8yU0y|~{ihR&^SNH$S!tygKD`+iGL6EFELJmoxh2gpT++wg9t z7l`L47FOJ@9Sv@RmOQoVFZod;nkQVgvIa&rgrW={2f)vRK#?tU+aOojN1)?qLJJkW zv%r|14bEbVbmGkfyJOT1IFU!lIim#1%t}9dNIrja>r-xLA}hG+acoPXH`y3Pzt*ll z5w7)o`}5JXDs8a~Kl#fVx&1&{I_OJfCWXFK6_z!B_veNqg3ZDE@}(UV=eyE_h}N#I zSA-QY(%PF@%3JLm$;S9KsS^;IXs<3ux>_x6Z1^0)UkR_fQq|!IjD`nd7)QaaXXok zVALO&ByBz1pQmSP9W&z&V`&SH2~hgq+zeM-zc6A8|MJUn@-i9-OUg zkPuMo3T1>eH2s&zi&JbKJzRj;s)#LK)b+V5d6zM{zS&Y}!QVu&6(I%vn4~H4f*+XG z+y80bnO~6^x?b0Z|{ofDsC{0UL6;n?=G-W)PPO73uo1aEH9Wo)-D_hZYEoykI zF6#?baJfp3&Rdl#;Hh|I1Y~%ONrp6hLh0b~$3(N)Z#q5_SR}$Yv^Tjys&tBA@ z#Blak;Ermr!c`qte|SBwjdW4A2p_+C>UluoIqRfCvJl;=hi|YOeKBm|+y?c>NBIK_ zd(srwGP-b>pA+1uXXBb}tqE1Q7v=0%>+z(MgpQ9AF=l}8OMX8a3}-PPG{b@DKGXU% zz_D-_h4g&f%)m-qgPfkyx3NABIGIcxgk%|d_2ZWwpFKL@?Qai5vs^gf`0M|>bCu(2 z{7jDR>cxVcr7hD@5ZiV9{+SpXMS$@$4$NF6=7j>zX3vAO8OaTOf*V)&wSi?lR{PnK zrtfmdMq#=6qt~h~nwuB*T9 z!tO*Kmu`jwUe9*?I^F<6&9(0wONgTIk={;&DVCzTNLs|gv|zN)i|nC%I?-% zRV7(;OMFB-bGbq)G>P@!9aL46$@VI`fwmtLN_`?L*9&9l$NlGM8Bs+5Kw~e=Rk}bn-G4N8xYGuDL zV<`Z;S`?rmMXrM*MXrVxG6?h=_6Jcx_TLd;f2J&v&KvgkIkRM8|HpmbJ7{oG%Pf3Y z`3$A}rc)FJ&;V>;P;AU+1vgnO;0zx6s9iYr6$H}Ifrcf{nk9xGCw74|7#hla_egcs z_20U21LmmRNCi;IEY^t)Y7k)2E#)BFPn~^HaoLfG0sS5xgVkNh$mOj%1;gyh>MxduYsb<)m0Nv1ftKIp7bS@b+0BXF;F^BDR9iRDgk zG+EG^oLI5G;R&rVXtuQDsl9f7r@J?6`Gx-t^l?^zNtK@5aWQK>$w5%1jSvX0B^GS^ zytDu`|B|825$b@fb$&IA?`JhRJGr6mIY-l$d)F+G>piLYoc*zo6Wp-gtcxI;*E)(( zl!47k36LA7B3snq%H#DK3YG{vXYfYx{K?j4*{U_L>()CN5=T{{UbDSiU*OqzQp9vmxIL5SXzO-cl zu15&Rv%0<0s#@#YC*HnZ=nO;{nKq7CKL)0!z*oz2`V*CWA&oW@X~C(%+hG79NEtZ4HrL@N~L6g-M-8?5tmRz0h;4LQLdwFk;xk)Sai zhm84?U z8CiI?8;8Zo@zzI&mG9@)FO^;^vxW=nOHx5>IN0W(%=}=PEI3i~E0uqVJZZ zekKoym7#3u)ljIckeJV^PQv^AFthgi`q!AGBrB&S&nHY-R7!YqpatRsxEFCnPxyA0 z4(2N{SNwgHk1lq{u6IxieozNPJ z@5S>DE3v&&!GW@gDSqp`L&rn0?`KX0=fx7Jqnnd8XvQW~s}J&%W}dg58G%i#Tg?Ht zAO+4{Nd2s<${>ktHWj?vYKU|`lT-b3H9M~Rl{e7JztbCWY&8h=9*{^tD#Lf&R( zCl%2s*?i`ADykYS!AH@(M@;QGzojmx6)m?gkVYzw;U{sNqts|H;8x3RqdIaG$n&RM zXl5geV^95KRa;WVn-^dCBfO@GIUoLglCJHsu)wKi)2%9)$bURts33tU zXSYg!yzu5glvL_AX4Qlpt}odNde5^FLN_Ye;_U-ZfW@^bI%SGsNEd~m_CP|6{Tf#kw3$kJ#PwRyw7d(pggK{T4L*{Qm5Cwf}o=G^mRNKQ{={7;Tx z?>|kN^G_ti-50fcWkK@wu|Kl;j!Al4t;Sp18q#v!&O`}jQ3a^B1Ru`?yFQ^1$*u>F z32%y805^^VZrps+&oVjwCT(?2YcYobVHcIp_%Ymm-Xyat#C!v$-i}hjp{k%dI z1(nBUBGg3cTWhLhk@S_@-6n$g^J)vW+o#q%_e&_nMvT zEX0`B z$_TyB(vIcm553?7XLpqDc;}Ns3v$PbCSaCWvDL6Vt%PpUmYk`NHCoY&ZpJ>3kvGfJ zq2!_1NbGqo4kvy~{T-m48j2&gX!7DX*gSn<%q)8{XMa$KraMPM(M|E~T5ibc#0uK* z`DVFWoPoduO3stts%WGm-8ORjaRnbUA&dk!f=2k1#2b}0GS4N$p&e zr-nywK4dSz{{7y`SP+82?Dzb69-e~0N(Su?^|2TOdtm%)d@U)2u4O6fe zFx0ghKJDUiWuM&{`=+YVE$z0$A^90Mtk%Loh!b--U)PjxrxbEQp{(`8JaKI&Y$IXA z6*N|}oO7BVoJ&;@+PQ%hal4bwT@v}Fr z`*v7u2a}2LeQ2>#b za6Plz(xmUI^eMvb>^*pqYunK=ITBI7&fnU8vJoPoVA1|GvX<&Ow)!j^wmQGbID7rX z=gLI4z+R6N$sH0_XXY7ClX6oVn(_U>dE3rC)0&ZE^5)@LPYv6o?r~>e{ZSvKzqXh) zWSpxnjr~9;2mQ;PuYzb4RQN*Veo3?_(FAb^kB7at&OW9L4V*rn2~fowt6Wq)@~H2! z%@p)!a<#*lUw1Xcn0H%nj%9;|b?l#Y$3Hvij|~g@KQCg*ObCGeF&hJ2jg(1y|eMYsZs2%*lRDJb7#srh+>}@1`e)Ll$||T-jJ@vlgODylPwt)@h>kbag(vOdt^A zv7B+UU#QE49M#!Rk~xmd5{#DrJgw(Ua#p@_k8!)sT?>~k&-l18l766f5J6P&1&%j@-Gk0j>z;A zvR)WS?&r8qRUX`=f9wj~;y1Y>1@2T-DP!>RtIUMko}Btnd#_Bb z;10jXLI0AYL@KkMHT`c8uT3_kn&=}?Q4LKI-5;JHg^$B?!W&(t=_|rJhv#)^rOm2K z)f-kh$&<&`CKyW(x+IB1&o=bd&0Xyd$l9yBQh%n|CPs_#{)7##*NwgFEZ zSWJj105MBn$(aHh>?s54(v_j=wlyMRktZDm;v7Z?OLDTya}3{?BQcg74}%t}ccyj7 zYd-keNi8^S-&|k5q1GgI9iP1skLw;?g(HnUmO`|3-*(+5aZOq%4V+^_iexW+r;Z8V zQ2B6Pz3y`JDIDG&af=%{6tQ!sW}7)(H#(mK&1}Lb@=EJ-Ene*? z+PQn$U-r6gRUNI&*BGjSz2NUdq z_!eXjd+c!FvB?3~^L4*GR}z~kLa{$C)b}UL_EV+j88QZfyA7Y0_%?DLlh8j&AL%ab zU?d)Vg2k;cl|p63#$S*&JG01Mz}BNW{g`@tyB}Y+a(u)+>_UEOVpvEUG>wJVJS-F# zF7n+{d_3n9Z)o8Y|H-x;1w>n}-yGVAw(_egIS=P!DIabFy1C`v9J1L_h_$kzg_1-TlcHBy?)H35>%3*XxjW1uCBL(N+i++ zEJz4Tj(DZxXRfvd>!GA)KT^)+pG~l_6p(qfXMS?}_R!GF3fM){X+Q`h*~m!Fp5xXu*7QPw&4AhU`C`aN*ZNUF>7nOfJC4~$aA_3I9#7V zTTm|$IY5zOz%=?jg#O0K*v}6QfprKadA+hJeXq=Ap(mpk`u}-CqQHJXCErUhD(nEY zBWOf%9GyPN$StfA5-eK!y+87EZuO;f`fG)W1a1mPd#$Pul4le2LT6`0y|z85$?@FQ zLO|tW+R<8J6hCaL`lERVze0K7WsEx7_+pPP3&Z+u3Ai z=Sn;e#cQ`-yN(TD=ij_(HGjTSwld<_bh@Ko|J2g?@9%K)@uD~Gd<${(Rpv;5ZKRaI zv7$lqnf2^ay{(=+tm1Otd_7&6CemcTIh3qvWzsR2RQt+fp}QgrIBeH4$$^z}{_Pj9Tg(@pe9KwS&~dX$C=Gn8nm~;$#e>(LyW4H;&L+4)B& zn%c3^QFvu^c5YcQ`#ho{a3foSOGBF`8JITtg|aB7=q%eF_dV1OpOGtV@|?n@jzV{B zFsgyrPoPF`eY_{6pZ|{S2^jCD{+q|$eh9J@0fghjiLqk7Q>6GH?}V}L`7=Vo?llQ4Tx!l z>vqcHX@l%z9vT8(BobI-o5D~f*lMb&t0k#QfkextJ#MWs(gGD3t0EPqb!m2j1spDK zH_GRWtCKj;nbcVoNzf^Jq_jt{l`q&ylBF`wF@8u7B+p&Yj+-ev}2+cc?3|TG&BP8l1=}lfyi+YgD^scoj6~b1pVCc5ab)ql@RMEs(QQb*??j)XR2( z!5*iA3D5oxIyojc5e?rBIC4oGWBe74t3O^L?H*f9A54564R$kWqkNql)Y}t{90(`= zOowBT{q=k{F+wwk>Wc98caHe{Bd<5ByJ&u06AV&DH$Q_QDjw2ZMPVe1Aa)|?4P^hj zLI0_Q$#wOJrMmdD)P>P^)Gy5hp$m zy2&)tSt5TcV{X@SHZr_H2`of``ZZHoL&HQJtDaE{iTRV&BI!(z$C7Oqnx8{GxiHN< zb^=?cpP5vbwuDM+O^wP{nKJIMaJ6qXM{mRYcqC*msRWPyA;O zebu4;jy+!IJy8`*bxAk?T0mYpt;Bu}buOFx&Z?r1F5(~Nq2Py@ykLt}CtCet?P~Wu zELQ2yPIfpyu!&hHIOBRh)XP|OpJp$BB$${p(Zc!J~^v8p%35jcW8ELsyg(B}4dX%yeUxI#i0wM%yFFcHj7`txnmTTmAdx ziJcjp*~7(60zq}eJs(YZSc$#CBjppJmu%|oQoKEH=<%B6BU-+37Q=qQaaUwI-X=vf z?C-?G`WF9B+8Y1=%m3fGJdygsK=5eD9t_Jw<4zGq_Ln+0RunB}lc3kp?Zbr5ovtq5 zDQd^jO*hjQjpXa<3PX0TAK*a$grWC#iXX7>FkB`ApRLged4JrkegkGI2|5v^41nH_ zv@*3}CB={8r{`?tUeU9)=nRw!mm|@4O(}lqEEqyM*B+jG!UK`~N%9+`g>t#-WZ$4S z#jjagTRS{mnCxs!ay$F$+k`I56s_oXPXF@g;k(9`<*kaFgXy&Z`c2p)VH)n_cDGr+ zkc*MO7QDol1T#rsGvyTKynwDsFL+fIJf(n23W1tjI}0;B&Yant|*^8f$x|Nrv;Ph7qxAdE;Z z)14gIgI<=ERFEhTGx*f~2QJ{1f;8GgV(4GEMU$10PzHhE01a^3$k4doTB{V;@RT4~ z2~ia%y-nQ*_Bt)Y*XhIW%OV`qweqXqer&Hhc~Sh5r^Uc!hZg0l2xU9P06dL14FY>h zW^-&G3LJbU(ZWp4FmvvSUb)$%=XM@#XUW^TlV6G#YTuu?NteuY)$-3KR#`9iu)tYW zOrq)Wf=S^*y(lO#8xW%@Yyu+xVEsjAN2qL=$ML3az}h7N$bAwuTe0VW9Ba`j>0e|U zgi9oVy!2H~cohng_CjSAdH~e|5fyRpR#n#e5;5>1J@|!4N4Aqv!!xc5s;6RXIcSAl zfZ|8`2ybyTwzfL3Pc$F-Gs<%{@dQi&(DGS{90OnEmT ze+J8uI4yhM>tq7Jyar*+uP+TgI!q|3=y*>|AW2BA_YVyP#>O(FXVFpdYD|apkeCaJ z%E+*@@_9af7}W6tMJ=t#;)@=IuWk)SDL2ifNpFI`<>X1z+K0J>Qj@tzMToee*rScy zx~5O(zH~apn>ubsTWV(FVqYU7yxcGB;%pMQjhP)b1^!GZ3zP6{NhupL<9EfcQ|QdA zd_dp@KZ4Ul9I1zQ{&A(OqJpqa@_l?Kl5RPHsz^`s3J%BYU`0XlmEt`4*HH7I6pPy0whb>9Zun&Yqf>==rv#)QbGeF&2x! zTPa_-U&zHw$!u1Sm(y#)TfzY?=9ZH zS;l;e6doPnfA!!1)ADHvByvAVo_ZB&;CcH3sxp_lSP;)Lu*Oe*XCHlKqxhp{kF2h(=9%39A*nFJ$ z;K!&RHRI#xE068*Qc04`hf>k%i@=lBhI-ASFqaIwtX#3#UJp1UEB_n|4Rp|$wHotA z?TPp66}o{_*Dc1SHCE-duLNnvF>cDpfP<_kvlNKnKeLkFXrBmL)ovRW!gugP^(~4w z>>%KaDyi!BhJJdB@S?)|ZKSIHY;&jwpDx3oho??z14Z;@8DRULU_NpQtkX_)9onk8yseAmQXoJi8otFlcsa_1=hk5bfBvF`q66&#jY;i@I zy-wE`kZQ!iYG3zdoLx^P>$)& zN{%F}F$P}y`1(3sk&y;nKc*GLUJJa;AZ=$c41d*(D~Xa94yq(v-mM1SAxIeee43PU z5b?S|L65)pOi&wwUe;2z; zJANHVp0fPo9seRGKkDnr88&@TOKU<;i;g-f5zcVEA&6At9!mvuoc ze}_zU8ND#hGr;_>uob|v(Pa}d4WFsPza~b-Dj&`B^mSuqNw1H4np!e_q7qL@rdHT} zMe$1;-}U{gZw=UBr%vBAWZ4j3x?vh$wydFiXLo8tYfXkKcXjdqYpuj>Y1U2;YVa*u zj*9R{f7?X2RjOqMy|F^V(U>TxxcS5<)u z-Veqlh%xAIJlj0$(RJP3s+cvpJS~oWZbYo7d4v>X>$yT!@wfD&erjeW{-~ZEt)8bH zOXkZspYmh$1kV{mfuloCc0#J%hAT(0+~J3MWA)7eV&lr`qe-^Mh&Vzbl0VNLyMOUZ z&^YwXsZ1}KoR(skf!gO2_Kmwlk`xbISxBd+kMsA4XZCkVP)ws)aC4-hAnJ=uyV*L& z`Q+Yw32j&Y2y7gi=`!`=6%3(6LXX3SX|tWxh5}tzcFPG|-c5AU?(U}kH0R3AlAsh+ zjJEF;GryZK1ie&qXPe0?W`k$1t{Dlb4lB2!Nx~zj1ft6#Y_O}H7W3Nn{z{AeK9CDk z*(|i9eOa4zv+r2WG_Yo0c_S?>?xynypEbd6YRXMMP5_IoZl6z2?+k;ki2QtQp>m-- zzUaJ+E0)9PiF_u*82=W#HghbO9dXjdsGPirrlne*?u8H)HQMG)nBX;nRpp$PeB#r! zZz`tn-aB#$41cIvCJ5|upZ7UcCkiZd5aW3<=F@HO_0tc2T$q;bf-zKb zZztcN5P3nT=$GY8Et<65L3niZr?FVGx2C3s2hm%|YPlSa+sw6P$GXfALn8hTJUl$3 zEA?3_YHG9~{GO(o9rtFj2A!%)<=UIyo|=b46*vzwyXCru($@=RgRKcW!ojRi9LYl1HuC#0KW?t|L+Eo|G;V{Wt+dF}av=t_;oh2j z3{KX9uq#P>nEt0942lUX`Z3iN~+MSPY>uosuq`?}gFCYFjj2*P28rX4P`pA6V zPE2$2e*B%oyAN}3g_OO|PaG(ZN51q02Yx!zKvVI3mEHKPC~8PN5+6<4=mF`LnvY4# z?+9%aRSAYqhbcvi>Z0*v52Q=uhEd3peL~@lyF&dOETYq*l2%yo``W17T!<%5qA6tx zzwoJrg}P_-g}(GE9sbmlW3p;$oN760>y!T7=CauF>ruxR@~b1u1_lCh!L#vGNL^oV zr_|TIA&F$M<+5+i9IxW{vxFo!Em3>TN>}B)xiGKX1=XQD*DEE~NkV#o-nCD2@Zkb& zBo-+NTxaq7?3XSGNVx_~mLf7P!KQO%-&4ASjZk?+(xhy35SX2#kQMwTL<~TAEk}K! z3SM>Ph&^gdVr{gk3kF0gbB~cj!@SO3J%9GI|Ht9bNUE04O9fF=P56W@wPV-GP^0WJ z&9P4**<~W}k)W7v^vONGRTJYMdqMC;_#;$%a|epvimVAaY960|{9&gflvnQ(xq85l z8G+x_I3ZN?MXng573c{);C zxIM*rmOuFr({|g5bTaWlBlwzz*kG$m-GG&PdO+U3SJJY^>APRcbp?4u#+FTWz(h(UEMPMp4F$ZQ;ou4@VoE_P%+@M!3!lJPWVwP>z3#l9lCE;{2V zT_0xsaoRRPct7lJxX?+4|79riPbTbi{0jF+aIdSesUK3^LhtPnGL6{WNv9niTrgDUIg|&X zAuIoWS6)obb0$9E7vd0ZRTCK!vtCKY8pf7PVpF3t-DZd#O2hlwBe#nz`dd{R^xy<3 z(4jAGEcRs|<18%*2!)=1LFxKkxqO(Z{)hAx>@+UM2|JXOX1n44MAgXtZUbj? zgC<(`3Xai7@3A~#HoD|)Iu#vd5}PfR4qq3(1fc>!5q!wUA1lg5KZN|i7+STz1H!Xb z`xl#2dDOmbzS(b1*cR@zmD8{pegDkU9XZY8Bhl+s3@L-H>Es~BNGXiw{ntsrYCl4% zEe!WhblR#3U04lViS>BbaXd>Ug0slwO^axwG({v~Ogs0?|BX{VV_OqHe_kz#dg@0z zp$PIi!o8COPGAzhQ~^<*7!sw!yi&4#Bra+GPU!C6e6navmpUas@VpY%Li~zc!k^hN zv&`Cn8CK<@uO&_UBemf;sMZEd4lI4$P8Ugr5(!-2f4)E}ZHf@P@yFDt^Tz6=VQg?I zMavLQqiX%26WFkiukh`lAhQ5&?dMFd90MZiPjDxR)1LrI>+^?UQI9#rDVf4DH*}@86v-v(N7cNxwhXc2EXU9Lga&{Gdrdh+sA^3-|K- z_RP8KG9^roB&BOL&kByHHDWDn>?zegb~STiS2+sn+T)1fVk{si3~V|1b^d>i=L(gc z-PL;d-k|VZbf~)lWvSq!A@rA0^gvvip2l6Py|3d&f7V&N>REuHI`P~(pPTXU3E*bP zM5ZUT<5>LHI*5K~itD3D zbuJH9tGVX9X|pd^TqN{4<58YG{hQ`l%+o79=Wb1Dx0KINyTY~nnShTw{EAdQJOcRx z`wq@z`Ch5J*`&jxe)Zl@&kF;mx4-gZJSQCWtR)G+Nb)0Pnqw4`XjoogWY4NX4)#SV$*#|HB$u!Diy+C2cF1jRkjSg}Aaq(ew#h*3f zB59v%rVZ+(8HJ?{gUiHHRsMVlkGOyarwHFj{?zPAz7=r90fXU{P8&#MJeOT?1uKzI zg!KY@)=i$ddw9KUJaz4ryt?4Wiop7O?pXeKNs;N*UPUh!H%Hua`i&J+&X@-o1hQ49 zI#!Fb*H23H50H-=UG+^NE4nvSO#yCQ40f1jPa=Yl&+;U7`MPmZ48MNT{ppO-PEfj? zXxaBt(X?l=dzSQ#P&@}umr=drAsn^7?1E&Z()DO>taWNy0b2Dqk=dCL0hS#7k9`XL zr*1y@K$P~PN#w}PL#1w)OQjl9qA>PL4gtitwQ%o*MQVD2g`JtW+fALZMxooBBo2#v z&5QA=A1&m&`=xgM^WfEu74*X#QQ;F|Z^WWR@br0Xbnn}wt3&?hE)ikTordt5r^;WS zt7pM4MvGtT;^KdC&|Q>xZ*3txxeWGsDNA(7YTieR+2@_E1HGz_a5$IMD78 zJ)XNGah=abJtr-v`3&L10D5SDY1-455);l`Zof#@diBEQ_3Qk08GlANq<&bQkMwCl z36>=jIq>nZ8&4MUUdxHI;f{|>B>$4Twm&Q9wCkoKR6+hYEj8A2#sDE2h~Sg>#0D0R zxTbUTryCNAj_gWb)$NnukF<@O7}xZK*0tC?Pw1nO{Oz>&Hd9&lYVhGRw@UL@m6&A8 z1B;9=3}g{?8otM51mZRrKTc0pc&FZ1vd3Upkc^@IPEgC^j}dBgV-+vIh0VvYSfhg6 z!FI9v=4of{2}k@COKB{5CX?U&Q{KyL7$t;?zIM%$C8Qm;58c%_GTnyiYRJwtiI5ez zQ|BPAf6FJvD;eb#rgTjgcE5N^_Gq7^9QomyUig`g4+lOEgC3-W{7b$k6AzRr_%cyiy zGP{GMLDd$-Pm-?0hI%4bzedn0DuLyg|KeVT2+YHa4>5yu41iNDb--aZLc4{Eu+J*U zgReU=Sbg!g0(la)pFyqtlNX*R9ER54!zQ@m$8FgS_naJp>4Ie(byMQ6BmI#0a2uOO-zxFOeeVdq`b+pw8?D4)7mf)caAzE#6r`q z88mY)PX2y&rlV)zS6KyV?w7TWxJ@ zae4*Q`S|1?w`-FT%h7x@AW9$i%Zpy_4b)_|__)_QD>@};nr1A{I*?TFyEW4?h3OJ$ zHGc5{2fvU*Rd(?#a*X9^NEvF(cTek2Z>+dq|00;Gdbj{_!ZlWOf7oWEJpGQ-|R{C?(0YrSzFTX~7 zL*OGzY;TAr8u6&cXoqO{ipwQQ9LJwLdSRf%Diml;jz>E^TM8*gLqc7TWF-l`v1fUz zUmMkE=Pf|wk9}^$HojVgg0C}#oXe!Y zCS&$YgEvAbF!@*my2+km8ESmz_tW`$QPF_ifhJrys?I9JAx`z>gBPEF23ES$uKiHj zmhjrIKd%PT(mqhL(-7h+4IE5$f9p`j%?4a02{XPA$uzpdCY$J#?uyf9nAm45+ZhQH z%86>mFrsf#v+T(zP6KBjNuQY398FY|7bP180{$}7Xk}YGmSgL1we-^}EoW@Jz9D_s zA6lHRo)=91RSxLjre{fsE8n}BdEnN9+w=VGedPLMDtT5Fckm+U8Cu=TC0{_;_Nr&)0YJ@fu+UJX`oq7LV+SE5{}0B%e5l=+h0j?;u$ot~m- zJg?Y;GbnGP3k!KFOURFC!6Q`Fo3_+6S6vj_ zDe1CGU~`5CLVY!VE)q&6pQQAKetFURZ1Kg9Tw&rrvxS4(BK{^e{p{!K$wnOZ30b^$ zDvwZGj7_5>#aN5ZMPoF5%xja8RUUF?00;U$tM#vNP67(x1)(nyL{su}wvaHtb^pqP zK!yVU30yZ~+8er$`r>OMEp$~eTf++xerq2Mtv%~iNe2lLes|IiZHUAC8WFQAe-)03 zj`yK0Jni4}Jb*931oDO5-+j%K9}s-8;i?d$zZEmUUb&9tH+z~zAWr=dXViZaeBvV;D%aIMjH00$|IegI}$E(tOv`7BjZqJt4H?;Vh z+vh+X-!x^ZMnpB?>?nafIAxC-orjrv*5c*TOHo`haBgRUnT|*7_)BC^4$9)Ow zkvZvG>~1VxrRYwbe~91zd2@DkbqZ)FtVs;1KYhR~Lx8|Y&Gprj|cXT4u1t-fpmle_SbF*6@ugkV~gL7yKruSWNPV?Tdt zFw$}G@|$0b*iWJ!e*4z6W?x*Ts-%RPDD=oB(MHY%_P!PNa)6#5A!jpq#;FJ)fKvc< zEZ)o2Zg0Py7c7WH`FQa|O&wj)=1a2d4Krym<-FA+Y6%0SEW@J)*z0j)2j}ib>i*H- z*a-&9J^U+P)y!~-hIhU`Fd9PVH*6>_-_^iTZ?=+-v$sUjVY}xTqJsbw?7lT4J+AP1 zky^o~C8Q5Q2}ctA#P#0ckh-S0`dmsvYE?;h(tnJQ8rp4fNGx9u4|n+%t@?Q4t%Ry7 zi?S5$kJ=J^pwYJ3DQNCnc{=%`*$>rrPbVcUxoOTox{mee)2p<16YqY0{`>vD@aVJuW$uq=XOo z78yR!(VcHdabvDo?TWrpUL);r(D4tFjz3I{FW>&X-x>Y4Z%&LiQ9*;5`*_go*^iQ( zXhif!=;%`7;y9!V^r^vEn>$!Yf)^V2q)guJgaIAvTFkLL`PvZLXyO(WX7Gw1i)+z* zV1~T6{10|Gld@t&2}+vgHW89kI7V#2zl5)pG}~~4f1UoBqNL-)9_B)e6?S|GFK>Zm zxW-zps6Vn3SUht;-#^H&;5KSEp@fKpP-L&JB3(eZB_4u8Fh7r#rORVUqaym`Tg<3P zn$7;Z-}j#dP@-mF@ZYL5+bVO6O&R@C`cg7RBrOE~O0f0qTe}q}Sz4g2DR};ORVKJy zmO#l4`e>d@Rt!g@eyHSA{}wU996Ujvg(q2 zECXD9(ZbZ!M5<9oHoRmq^8S))%M2-Ye|9!(AG3yh+40z=UG7Qhve;v&L9ZEmXC)~s zOA9os!C#2hOZp>^eFwGALK<9d(h4=AHLzc$>vKp-reu$1pDJSF0dBbw2ED+WAA zi%-gCR!VUkQ35`0G!-{@AQ9R?x1yvZ+WbOlT<_BvvHptHT6ZCR=uQbE$rr|cRaS#dzr0Pd&9I?wyjRTj&)fRRt zq+^Y8<&T)4LP1UG2oh#&THw#~ctuj+prK5MV$Jy!>np!`D6UFX!}^1=aFaDw4$c)w+^0?vsNC1PdH`2dx-295i2~(9G=yn7L!N%d zg!gen)V4?SORJH;(p~fE9iKqG->Fga_U${+q?dk2ovaHZKU)005EQ;k{YE(3Zj@AC zUiw;r_Hl!*-M8itII}r^W?@5odR2UcO7l?WqK-kv(Kqd%nRbRfG5;1kziwjM)fT%G zIAuwJ2~;#iJW!v>eTI;elY>QOY1mFNF*(^kHT5YyU4oR2Rn$;S;QROQSa`;7dl?IX ztk#V%BwWTnOkDI0)+d!G=@}V6Qc|#nxylIn=^jXjEkEwSMT{A2Kkw;eGO(Oq5FF0| zEP1APmX23pe}b}knQ=wAd#HaM%5MdUL;1!tqZ4#>fiY+8c|}d`zB&4*L*BIbw6MzM zx$AYC@D&~oU9jYb57@*c@kQ3NqIAv6U2y>zLZ@s!+AgeAAy}u!lOen}mo2B~8#@}a z(B{=4k|6ncySt3MJP5d7+S(uJ?3*Keop^09?RwM1E+zH1+FTvlAuQ@r!q3ISxIWbb zx@6aDY($COl1X3X{S{+F|8k#U>!dCR%5Yy~Rlyr0&5k}lG z1cDP1m<7&DA7J6*cOXU!cQbj=9MW5%d1}cTD1oE%x*jbq5ddw>xG~San0);Fwv+ih z^Xul;Ev`GYzY#`I+3Fvbjt5s)yG%JPlxdVM3+J&6UwpXYVPIu!iBi`IOsqMf1i=-J zTgV#-UYxA#UCdtPkjQU;UywcsWSYM6*Gw21#QZU|kE@(uSP)s1D#lpla;@-DW@T7^ z?uDc9ca5pM-(j&WvQda|+yCbhvKb}4nZpC#%iY49;*!SKSX%qGQ?&ShC4k=fe`v5q zxzhkFBd7pb^#7qjySnp#SDTIZ(%mv9&?sqmqL_6l!+=pxt9~QuRkM7GQRpPVEIf}# zuS$+kIiO3fW4sm>&-Dk)v@;Y2RRGVPTRMmyGZ}*UlHHb&c9-k)@)0fEgLsxqDVAWs(iaXrY2OM4nFN_9z;-+lw`3#FT!Fgsx6jz^2B`H z@bUHQqN=M02OJ;w3AqE@>tqn}X}+kWwonkIP~dWfByWkI=?jTpx(B6je@Q#f*!hv1 z9O6U4LZ$+7=dybLUh-|a4Yc@C8|v$WPR3%gI9rMRc#Xqs()Q7K;WVP9Lak4dlmd=5 zb3}@S+$I&#i-~Xh1wcRZ$NpI%CMgA+r3tCBM+K?HI!%@cmvX^c#^ zHU9LV5o`AWLha8~%9P>yLWG~5l`pv8&_+WO06zG^=cD=^;Zsz>N7OD$jjEgJkwNGw zSLY;kVr`N~z8A#G-x~HS0v4?g1LIB&*U?WTsgO|h)b*fI-6GkOokZwo_8g% zX5nPbjv{|uYxJ>=`_x{vsG3rmqiJ(B_yh?_gom2Ud%{50om4=_3uU1Mp#rD?12uf# zuHd)7n@8)bP_}X4juCm*mHI918f-=g+bg`jw7m$A<9N}L>!(Um9F%Up`%8l%$Ji_L zMgkcg4iA&iKQ?|DLuKpRiXlNjc8|Nx`1>*rex{U+^9*Y&=NXBVVa420&0&O?X`mU` zA8}r!Vc8e>LmfyUHvP@@X8p&s@dGVKbZ6CcFwAYqaI|V=q(wHV)?9E7tRa|DTtN~jN zXny0z?I(m8J2|2q#WDeHZK&;A5f=ch$Gqb5t|_h_?b&i@RN9b#ush%|-j}F7?AUN}UJ{ONa9Pa? zTL_)BYFr;3F=!3`$sU(#u=A_QqS#=h>z&iKJ{t#|ahYbZ!`6j=@Ux;D;p0=B%9W%^ zj*lHQ#a~Y}^*7TG${HeG6sk8UYtS1aM%UG&kv-@z(1`u)MTu9LQG@Ioh*)zx8?SV8 zjUIg7jfb2Z@pRDum1ttQd(!3^55>E8jQ$}3QVtGu+}7iv24%!{D?N?c=CdvPOwppb z!>QTXgd31^d?KQE8ozAFXWVzF5s;APJCp#4So9g zn*PmXc_QzH#Tx5NvDU}wp<~o3X+Pn=oYaMW{biPZ{SMJpQs1s&+~iB?@Tb2LbNI7j zt4Dr(b(Zk$`sFT1C;l}H%m~@4S!kl0#2q!)lE182L?6jIuuhDtp%lWJ4fgqvMM(m_{p+Gw{pI$9to)eD(L6V<5?e> z)C{;h-3bvL^Tk9AK$+yHIAC$EEEHz?FO~I6#u9q$D7KD?(<`rwvJ6%jp=v4-^ zhnFt&@#r1-74Qlt=Ol(Ztg)UxdDv?FT5dGx*}ANPDxBj9 zHJ{K>(~r{%Ja#kOE2?5-M6JvIWkpEezcEzuCvHxsEJXHc&LGDO_oRO6d%*bzGw_EQ zS(o$^tO!H!l$A!<=wo}ar<=pwHqYX*xZmM+`E_6s5DtC5b5 zQ;Tn7;zxW^XsGxSGV((oZvN0EDxiV%ScU>DCyLgXmHGE{VduBr|Fa z)5CAX4PsYHd?`>Q^OzY8PByRQ4I+!4xR{|mO@AUEhuD|byC|qWx_Y%NI<=OUX`tLh8ExaCQ|v;NspSDNrpH{rg7x6^Nu+76*Z1GSgspX<-FMv zx_lvI+P~6pG$wr&j~j|8AACbfu!mEMQS@6fL(FSA@~?M5kH3Ulr!0?MpBYE8R3nXd zd#O+M$-@f&;zPw2>!-a`Ms|vP5mRFv=m(#GhLZ)4NMz}pr|XYyf8$2Kl9K_$kD8nE zu@Xr<-tObF{={tGyUx)bj#65@C;ko*YMwxp{E}wr`uO5Qq{y=s)yMM*#TNUKl-vn| z(JjTwM8A;9;(bP5IwQ*liGCFgI<9N6=k)giJqj#`)@OIA19*TCcc_GDT;11u%?&|`5*oK zl993=<(m)my-TPy271}HODE?@or)cY^cqw4tB#nn40;ozRBG#{6)ZZqpcTf?9AnpG zhBdBut=A`SveN|OlANEDd2@a#w>lGwA&bwDO8*wjBbkc!XtT6xOp+=NX{K)j*~Xg- zl%5_*MTX5r3g;=(F#Gg*Kn4(~1!V>8`_bC+g&5N7s$-y0>_}Z~FZkD+a1Y`{i1E9< ze<&Ua9j3VuV+sKHGly@-5~I$ja;`_WX`^a3I9fJCXj?nlf>Lb@oCRjnGp+Y8*vQPC}aQdZcpsk?he*s4*Sk$R}cx{du!8_TEp~otbHyy~zecI5BBw zou7qnPg+T72}laX)@-|;icnUBj`j`1KVYng&SWFTBj*- zdv{Bu48N`7;_?Pe5DJ%e0$g+MjY_>WwFr2i#Q( z&y&V^XoZ}F)@NoK?a3Yx2tz-BA+>OGoLZVf#xdF@g|@``Ya;ymgv7?a1!52z^Ci8F z?M+XDVTVmUIl<@8z_QP@e!d>4OY@Q@T>02Kw7Gd?^nfkOH!s5Y#nt_-F5zeZ^cPpL)?IQg8jr zlPr^8Q_y!DkQ@k&Gu*aUdsbp46C-xif?FIUAwOGNP>Xz8*APKKK2tM={LHNqHQH!# zCmQJ>9N=N&SUHV~e=f5v$$F-RL7S>Q?;DCmng_?<1s&v)iDC4?L z4E^9_hP3shM=;T|fpWDMSR3zHm&mUBq&Cwxp3{9G34pASI-trBP}U*huW770Up=V7 zeEZ0#qQ1C-)#pqGaZoydG^K$!Ctf8sBfD3HGBYuo>z8fR^ki%>9LvX zC-O0h(x->^->$c*9k5hyek=IeZcVUsjYcFCwbR>o`3Z|I+3EkbKYR8~@Q6t2>H|@u zX}TP7js_e}xeyku_AeyHH^MTF1UK`7Z!Zs|kO{BfcV0e$o56qx^xt_>H$q=$CKHi=6LblhL$P7GJ-s{(!{bK(tkqqkoNF{MPg6 z=uPnXa0YMXA>&(!!{`r$=x?%xZ!aIDhDa7y&Pg6~{0MX25u@j4Ry=B_*cyYkrn;iwVb6H38oRzZ7iID|MT#LJB4){ z79p~Ck~7wn1O3Att!_i>@U01v7 zSZ2&=9m1V!E=@bO zgC>;^SgtRWzBNpgtsrMAlI6a2Q%tes%@QDJLMV<@ke~f9bj0J*Vqmj7uK4$Q5wq1} z*9d`#w$)}MFpFWJTk27w?#Ep7bu0pN>?swXqQO2~o0^J=$-n0IvKG?Mgv<7@^Cf!M zbL&}*mk~;4rLQ-te$PW*mjo$6>UFdzo|eyp<)mz!M@hX?#JmQ6;tB3^52#PWT{*3d z*LEgdQrNN6+abTm3_o0zEI}8|V@XRz7%_N+X)IZm+>_z8g37n#ku@eu&m#zbv}1jU z{*3$~_^W4IuKaI35GS2t7g4rsa&NBwbVEektG7r`aO0Wx8)cbMa&;v0D*V53(Z|na zL#pIYN$Nhl3>0s zl48Zh-@b`z1O0M#gM)HX?{HtxQc(J?OgluURk_?b_mu`w;QQ2MVP3dZ78jS}GzM>D zZfz`LVyZS?`#to3fSCHbd%YyuKoTTD-f_OI3ai>7xx`SKE_?G4{dL}0cIyqd zu{x%7-S@C#EvgM;+zF?qLIq;fNIexqn-~t*Y{foLRv}c}NrS=YVO?5h(ii5cwqON6I*o3xit$YuBD~)7AJqXU1Ip8=^Is`c z_FJhQdqi%9u?ooB1~scQf1U4=7yGm1fbqg$yn`f8Q`{y($w3dZ+)#xHu(tj?;bq-t zabN+wWk8G`lYGi+pI)~8!KBCefZWV(KI0=*F`n^UW@_lL+@@%~3DC##W7&zLrbO{h z>goFS&N&-(N#=(kZ>QZ;CFMOiZ%MeZ?7rf#p60`k&Uk<)SjmO~u{n@7s!>xk!zu|2CaG!&udyn@CAjHRziX3PWL@q`e9a|4#4s z$3jF|L+uTdaPj4v#_Z`?v>e9f?&6#;I&#=;-SCM?v@x+#q~**>hD1f>)#G9bgVxtw zGAFw_*-Tv8zE>kPx5oDM^#$j3DK&xBsuJQ_J{h&=8ooT|3p{t(I?HI7sQt*6z)JAz z@nd%FyiJqT`jmi|*FgV$@omOaW2e!43Du8+u0js>d=JB-N)Y>J-iW%qr$Q&~Xe$X? z3_789C<*pC*Uy`MR3{X?75YwnYG9y;^;u5NhC!JF)$`}%Aum~Eg2Ub%iyS)I`QgdR z7H_IOVW$M;P~tT<{W5!J*_NOgc}ZS=oe<~F!M^-`!Qq4`|2J&n)D-C)XbV=)B9jJR zzR^E2la|D(cjVWX4-P+9;8Vl&lriYTpw3nCD`n7xz&?eF+PTD@r8!PBngFAZv1++bTFBy4 z5lKgij%(8kgK&?}_NwWFflsB_C0(WZtRD#7e-=RMY0i_4IUByOv6%c8xWDRS|9q&A zq;pqNdR|(aNg3KK_jKR#{d;fGLL;P_^z@ylG|`dKkJq$+a2|Z^8`z))BK4m|2=oTD zGibvTB;4Sj`o6ardapDB$Ho|z-+xWO^$QFnZf=t-MNxb)iTt?@&zr#bu}EZ+y_&Ga zOh{gr%CE9A>Srpb+F4{N6PQCoLq_}Qq%>ctJP5y~*qh*^sw<9?KDPAxu!TnAO^cwR z*XD`I`?D_t6*sV8zKWR$-8efjuEkKQ;Q6nX0UGH5%O|extVM7AVj*7CHrQ~*Jzez; zq4LZ!20x8}<{jJa%FZG(0~n4G;8VIa*DT}WM?I!yS$j6gpwIpp5=s3R6~S$-i`k*J zi>qzR_eB=oq{_&7I^B;ylr(b9xcvbt+S>fDM*E&w*kc+t%zu0iE|?;ICVUMicH=}O z*4mLAU{d7&K((xxm2|J8`UjPf;fEF+V*Xsz2mN64BGCRZkpD`Gp!9SZ7V}4%hmO^M zdzFmJOl#vk_`?a|+k6)@F~ifw)Ti=R##Ig2g78kC!+pIXfURUWTVCqFR)n3|TNB!qIqx<0m~v&RXQ#QZoPfD?A)6AF#>Cov!-t6uo zX9I2BF`|ZzFl2;p>s`$Fm(e?RqR#aU<~=qHItFMDSob-c2;dO;0Zev&p7#>%P_S|m zU}14lVro2dr4#i3t*^#naGn>}c$gD@HKF?{jg$dT$kn~3jf-AO6KL!20YS%;54F=p z5+ZBB1B$AbK;gS&(YVb{@o$1eroVS*YaP}7?drM)`IL4yhWb3IE77q_H*9m%P!3<% z^2Gx~O8_miBac_ME>dKPd0P@7k7l$qn!u;;N)4~REOHLCBaRdqP*XG;VD8eJniMa* zEqKn#bBOw(nOpTO@ZNFT@fC(%J?^W|0;;(mr4nyYP2Vr&ujhE#+t=M3FkqsaCx`ut#TeZ%k1(nSWpNyjV_$Lfs;OnPE{4}YoD z9&Gy&a?+8+=(_B^`#WZ?ZF`vGNp*cq>#xUQuJKvAG0+MHekkV+hXU}*5J{w$DfOK8 zR3)UOe&p4H_iT%y9TlTCtL)FiPN%;w-mnuYz_-ockINXX06-6lnL6M6LI z?)dHoB39r9Ki@Lj^qO3oFL-X~y>Rp#EF|ug5J%xo5=zHeqF056{OFK~QT%EiD0$gv zZux5ncx3CdbY7gI%i(J{XT1;ug!8`)|IymI0d&~{$KGFuDokA4eKY2A3|i<4m!10i z%Zbc;ZW&mulpA||4x}R{Z2^`!f6jFb7$aB`7_2G#wz@9o6ftq13pfxO+P<6C0##eE zC$zwy2DF5Zt{^`m0(Zro#r1}l9@oEF0ydXO3<>T&s|c6Cp@W+rtqamF(hF$=USQ3) z)Ejv+>TvTrc4MKE7WQHhK18TajMImpzQKv`n~w_gcwpR}LjC6S@R{Tw<2T;=ChS1m z!Yn5QsZX4x8g!LptoT%MHOu~z(7XQeZ;-JCJlC6zXt&Bdpv}*0RVySd!i^vm0SIGS zW}w-8DoLpmf}(jf`g@-kSSIQ4z9HTWD*#EKZTbmTT;DJL2{AbtOGL zZ}S4Z9-Xg$e!K3>T*V4|qT_cZ^HU~;X5th)r%U286)AE;4E0JtX6TNKb0gH(JwhUP zUljco9lbDpA|zpE#$eK$(3mh<>{z#G~&6fB|SVI zPl~b#omkXfw`!j@?c88ME{AtwDW9;gG*$PGE<|fvHFU(NEqpq_U+{aW9osPQ#qZ79 zfSsmUqIY0g%OhSLeY!k}rcrxp zLCRiVV4YRbJjc4C$2L2Oi^Ue=g|?Z9Hkq8}xV zY3Tu0DI#>eIKg{|Zv$&wJn&147|jFQQPSeEy>n7;(Z>zIc5fQB_0q8;?dz5ynAPxR zsYI9amY<_Z3IEMyx0{$Mr2yfqta^;yHeIGE&qF#5$oz4>0g3Sx0G6PADx_4#4QiS^<>4cy~?guieN{^1EG?$w3d)l zUo42MT9atM-pt=6#@%mtXe#gz@)eQa;Q#!l6_<_rDIZ%S&La0VxUP6k#Q5^6vDc?bP1T_UQ9rh(5t9-{$qQH4*@uZ%;Au z+Gm3z>6eOhM}fY-?Oy}9Us`B^p)p2#&rA2#szWLl8@~Xlhp>L_G17L|CKp5R7}o1* zZD0oyiN3eyF>1o78M6&JRHCU}9dj7@w1$jkn*Z{0ihgC zvvgW&sxKLa`8x5OJ+G4btPje<({YaC>P+(L-B;t<|LRnIEc!D zVPuh^yG8Yg(b&J&WM51BA(EK{4YaEWxc5-2X1m$21bfyHzri_eleF?hjNM`m&*5j* z*j5i%7iN(8g8Z4>n<^|P6;bV-CRbxqS)Z8#A|A1AhioDO!KGtOjaJGNcn85Q+HzK%Ch|4109G8$KFwnAybXWTfR zGAT{VpAP=^)|OwmADjy$&1*jc;P+*N(L3L7G~WnKdi^!v>d|}_iNcjNh#1kRqQgo6 z27|{S1@o!A!d5&gPZU?xa}*(w20$W*lpdx|sD)s$6!J%Rk2J#5nK78)CHX{5*x!oc zS|469MenWm=cxbc?C(i(Pr$UP2sO$i;KL?QY5y2 zUkS15JFv>Im4Cc|v$v1sa2_z*oJ>ZIWW-+kDSP_nz-r27t0g--uVp#^g56e(8_?t( zlae$!_m<~%&MxLxPP^?RHY%WlA>(8a@W^^WHwgs}zah*DrB_K0Bn-jRpvf!W;suqq z1lsj}|FYvbhM3mxm5_&PF;PO$$)?@t@OsDd5)bFqbIqTpZdY^?l9C1kKBR8N9yq0K zd~WHOOL%2{YfbEqBQ!#h?mi+5Sr>gJbI8iqHhBBiS^-7vj560PPbri*OZ4Sxn3Ss@ zATTMuoUZ_PrhWcE#m-)&t+-^vTk}!F{pIrk{i7kfkHbXS(|?lc#W~NH3(-@qKPUcJ zMHTJmOBZxLD&o)~B}S+_#OE;((m_|xf}eZ+TChvbf|IeJnj!!NeD;lzzj=rs6af)ld=hhtBzaCcCr%uFfxVuazNI# z{W0CzuTfj?C3E!M6FUT4ACZ{8l0|i+!^snI&L=NKhrAIvFpX?QnwgfPUn$9aFysX{ zA;4j49iMX}&`UkBk^pWUN}E6#3X=XI4E?2TcAx(r{L(h>H`GOctkTaWo6Js^G5Pj$ z`o^t9U#Sq@XHi8J znkoCg&y~{~-d~@ymzLvc{rOZkSL$xYmiGyjm3Nx;)gxB=i|OubiV6!py30MJY-(TW zbIX*mN0Nd+FV`9J3~Oy0o6=Zk`fnCk=Po0H9OusvpShKfmevzO1U7Qw^{r06=CesY z%+nnY^GbO01s_|1p8f)b{Xzrzahklw?u-%gOOX@##Gz<+TJNa!;EPTgD~dDG9E zpm<;vjObS6QnH8k{Fm zqSllh_)v|00eU?&I=p0UGgtNT6$$z?iH`g zVpv$x()VC0S~Z_ub8xa^nqsBV;h}KQrtg@U4KCVr@-e0VVWQ1y*qhV<4#%rKAmhs~ z$B~xdi7s#^O^cR4*p??usYB5O(d1PNvD0{A7YIh_zZpl#7W|@5()X@7>GXX~k$pEC z@a~>Ln)ida5d%iM{nAQtXm_lnoD>8aKVZMADFbF;H+Q3%ngDXCW-va5ZeLA0J(|bp z$SSIB%k=~@^*OdB(%`!=(l80eCv3&+MlJ?T2x_8<+zHotglZV&m0?oq42ikOA24PQ z8v!bt_+?2P%QQtSZSHeO?Qf>_CjLv}p!JXk=X&~9Jd5)&HxHR(;MLSel^W5m7FB5U zA(%Cu=kF^Tqw60{NKhX>mu0weaXcyhe5j$G=lZaCFe<9`k2cPS>L0_*e)U)*`ky&ougHNhvjK_qG5k<;h-r2Zr6K6kLe@*9A zIt-4wep?_>*cFP^7w{FaFH&E(%{Rca9))a)++#eSTf$*aE?-OzWv?@B=i$1aJ~c>7 zR6N}W3ob_lAzP4f8|jJR>F~!I1-I3zdKpF1=S$7!>%ZCN^PeyyRIFTI{5s;o)D=s* z$Ztsf&BZtI#__r0lMC>)Oq~@LHd}0{$V<%c2TVmf<0t)Us-A(}y_MQMZR4I*JGgFI z75MX~)Ye9q)ycLgv~QOWv#H<0y*fgY=C5Jgd@64H0L(ajshsv4Lh73APO%lNPydqS zd_G17+wbF1#|lKO?OOTm^@fRP0JYD45U?>WKOm;Iol|*4y_qegurDkuzz9#c+&A|& zw*8pe-f!EnchLI>OP*1x0f)jGV_tDXkdX41G_II#&8L(h2%BaNsSxn{n;dGWm)^?KWs;?Oi2Pg_qIibeYXyplN0=Wk`w6p zAubcb4ux#~D=`{UK)-mMk9gp?tdlMmwIK=pyEmNopN9eB60aCca0TtwZEcKLLvJq0 z-WJq;*(s9fp|txwntgNn1un#9OZBnYB}3?uLhbvv{0or|nz{vix~OyVm)NrNyM+q; zdD7SLu4#^r8oCY6r;-~R_VgbWf4~v=2I@D78DJHu#Uy%9Y_d1a7$-|21;Ra%`1#TQ zwKOFI<=4F*6%DBnrE={FH9NBC%A@JStHB~%OWdLC`IGVKBZY-g6!nC^AiUspo90~V z-al-jY^0B)a*}QyZlyQ5T;q!dI;KcBChdOQ%WZih^zO#V&>f8y;v3Sij>1axZD5a$ zL1b8P%~fbe&Y<7ULyp1Y%L#3fm|c%w#$TpN-7Kl8RmP&)-)wtB=)L%?L1b{EGj+5A zILgYSF+6<~(O`2*gL51W__Bl6gEZ*_%mP&D56V>g2dHl|3O+!lyf`en8 zEcpFHTGJUZceJn1KWCjdm@Kl%BgOQ}5UNj>&OnvDe%Key!hayedG%Y)u z5I+df8}}5WX9hFq)f(Nu3zb~ z7B$;6qJG?|y=e0f3u+0>Wo<)c(r>|w(FGfQ!%FrzN6g8|DZUIe-ed_PNDjGioyTxm zr9W9vRJ=wrO)dk;;U|ZfCb^S~iawcg=|ponTN=g0BJ$qclm{vi#b2JiY1D8#*g83F zF%oY1$TJm6e{-qrc75h@xgHbd;(b0?vx=_)2j{P|%l?bV)KUFI`Dp5Osr27xJVg*j zQG+_5NM~kYA!aMfh|e0^>C+=gkmR?b?}WJaj#1`?LSr<`O;7>jkvZ+JIQB+@B0bW+tZR*+hoi@B5dcS12G^;E-^+H~zD1WUJB9x+gUY z3t}W)sIa5~3&f3Rl1tZf`XNv#U+7Q1p8(tHq2DeFskqA_c7V? zOG{91(OSdE46E z`COp>#i!@I^s%;VS(QybhI6w>K_IYhA5WvxQ9P0tu{-`cpyzv2AdZH8*Y)CHFNb4~ zJTQBx1-0|aZijnW^1H99Hnu5@Hplv7IbG@a)y&JZ7FP%iwi7f@Pa{88uChX!KgIa^Qg)QRiY)Qp!*L}DLUI3vSl*e|&as7$o0_$g!_U=ne|@9F zNp!8^IopoJ>AvhuoUJ;Twu^aw@~7LHl&thk0q5iS^LeyKd6R}0T|9AT7kKZYkrBFk z-$%jT{tmJ70@h6loa9hBi$M z1SV*SU*3F=)qN&}B)0(9yqNLkje&9x4vikgN>8iKC_~;_K+*HTuCgz-mW(2Bj0Tkr z4}TpR%r{HE^>E~&n=uo0i^6$L&z82jTCr5PE2rlH#_@drg^LlL5koEYWPFzTogxw4 z%~W7;6Ms>8W$@lY_n(Wi$H8?Ti?qver8zc?w3E2e@S97XzLUs>BI}-(jw!0A6qAU(;W$NAq%!;( zOpZ@=hEQYOMGXElV7pG|(H|QgMx7M(35T{|2?y%CkgB7TN=}GJ`F~t7IH!mS_sB-K z6BJ@r{8Ic(C}>_^IMh7s3W+4ynGhc0g!4rjqlq5eWg^-0TEF2hs;9Wl8@h<&=*Mq5 z&!@+9h93GiU@HzQjO%}?PbP0`HKmA7)8lXtb8-nksQSEH=c2YP(u~YY$AfshA0jiQ z8JI*-f4qZL#C3ICz>stG%u$aEO9Low60#OuyW(K^Va>bYUH7_wofjC%?=f{>vHa9} zE-|OTc9}I{jGXU-U-UOl#7$SoP#4{zNVAxo_e{F5Qf z%&Z+Z3u4|kv<9mU`=OymHa03qJq>@6TU)bUz1H=O%!>ayC)1K`jh#WudPY)Hut7eg zQnlnO{7k?%!NTuRZps@9bn>yznNd*@ALXWTHC(*K$4pFQFS}#@elVuS{T>6cCOvxj zY`t|{l->3|JPZR2B^}b;C9QNwiXh!7f^>Hb-5?#(pdd&{4b32ph)8#LcfZ&t+#kKALeZ~Wcz>EKO^(Gm3u4^n?h#Im8LE?@Pjbk z(U3i-<=3em{hhk!Qtjsca4qkS7E{M%;S2fc+G2#_Jbr5CUe@Wfq%9Injlz@-Joa%^ z;fobrG-dR*K-bilQ25yw*e)+u9R^uvt}ixafm*I&?bPI->m8}Ji_RwbEC%`83)h)B znxFqBRjoce8$)G<_R9|$Oekl+I%%MT)mq>%?AiHU7N0>y-`o_PAJj216PX?BpT&Bl znx{vH#cW4sb8=?|^}ougn$@-NnwB2&xh$U}&MCUmY&Gf#?))gER6xb)n%aL8&$n6l z;>8g4elFMWr{jRL`Dyfl;hcaJySN9R54EEjZ$322tFBHt(fsIRtc{sq#+$}eWBlp2{NzKe?6N=&FEK}t z<5~mPX&_ZB;X`Y1Ed^8$8B-w!|+~G12In9JQW(hcE}j2 zoew*{d4u;+%xOx9f|wOyPAErvh`sFANZt9f+0TYbWgyHkL$v zEKEaUpyQ`*3bsi{6(x5>$&UuVJo&1GM$9>1=F3rZgDy^fHV^FP%$%_Oa(9y}XSS!Z zwR@eulE{c*US_3SJw-`r>kvQn#UWhcl#mN8Y7R%zxLg(ZzIuq|m z@!j&hCbwD2(Ro6P-UFAsaYt6|%EicRXWpU1H_sm7&)xctwJ2A2U*{(Z&*1yAeVvO1 z74Ap)$(27{+K+4INF@-vvfdU)oF#sJLcxXOoL_#X*_%1@nsILcVzx3l5Yj`+N~vfl zp_F3+%Fs#pWP|-4zn!eRQ6u2C>3pVhhRB^KYn9LN8-=++ql-lKB z=4%DMw_shLdZGa@nd@0IrcBCT%E z^VG&qOiht>tseu^Ze)g+w@EoU=a}q`C(duWbOI}!w4p4;DY8p8X{|G(I^ADW-tIj7 zfW+16@#osK$#2Sq_S3BThs5Y*g`dw1Z{BPx+5Y4?5M5p;y7a*#&J5hHx)Nw4#e&eGr1M>NuaHCXsul~8t{4F0wH|uc0M$FvjNlZBZkU)J(na&PwSIsC z)(8XfFv`3JiJHkz!n|Co$~{UMmU;82t2_Se#dtYcgChV54@wEUm*Do zzsG7%hA*LY@ZF_ZS2y}D27>k@be!N3jM%t5=W}pexGe*X5lz4ko9hlb(^0rici^b- zDwKoU@Wfyzu)9MU;4GoSLww$T1$sp$cyZO8!>`Gr4nk6D^cy7E>3xGlszL{)Q=tO` zWUkYG(_j%n;?+RcR2Uj`Sf`_SVQhE~`09jVW~~gej*cv}(SR`w3x3IbAe3n*GWe*# zGmT#pmLi#iwfoX6BmA=gBh1SdJ@#K=%#aXae5?j=K9COKcdefpD9gq>qyp9|79{DKLbC~94~|v%L2xLssW6Jrol+DzpEjU5=%nku&HSS!e-}hXVpwk~!kI z(RZ>MP+F{DG;wwOH+WQ2bejKwPg)2UQ8p)ceAz9GoH%xVcF~gZiQD1ydkwh<@G(h4wF#wqkAfAAB zqX>ga8DHgCRohZ-M(|*{g|Y_Wt5raOjjK>FEXkJzd^pE~9UE3H`3peb9w&|$VxCX` z3Oxm4(?$ft?|2DFo0pMtS{<%|rcv-Jbb_6&od1>wA@{%X$lJNwMwK>k#!k~WM40`L z5K2Bs&@@rjs}MXTpZ5QSBmNuD<0L-gg)C{OZU(69-{p>B5c~&4(5`Ul@?;YFg(xW! z+F;nLpYvARhB8~Hdq75n6K}MQr+!{2VuNI@b5f`5GIn9KTo0X zCz9}>cpgSIVA+K>Kt)VC?Lm0A~vC^W~TiP9wkv&Rl{;?U4Q`oj2vL009=jd zhe&gCRMe>pzFdcf!XxDW7aNBkGL|Rt*K-V3k40#)kSWcS@A4X`7k2n!_kD0m{+@4 zTYc!~AY{4YWfvIF2;OIql4SiN#&Yx$9YFc8fTrKaV5?e+L-+H<-Hr5ziA> z#ns6qf5^UdGM`meOg4R@hwSRHRd@X9UA{+8mu`h2bR z3&BKfiKA)g?hyIk#P?s3qn-GB+A11HJ&lFXWOn|KI)pdB<3Q8Efej&eLw1*cOY+}3 zxID%$Ch@7S4d}ENQ2tjPL2cp-`lr?pX@D5N@c(bn0UXE8{yn63 zt9uoH)H^S`1T|15z9}^A?w(@#A52V(^g2V+XpFiS4|5P3s@jlap}uJUiUDaumXW*~ zrX&P0yQg{C4zL$7kkV?U{%4x~O%_0M9tH#soN;KVfhWcvWeL$p{!xXb=k@{k&znh! z%4$Jho!m`1WytbxY@0^?TQx8)t{-jnZ{-ftbj1dn7J6V_Eip*{nq<>GmQ9{5*H17) z^GDo>iGzV4{_lR*RHiVx;W@k&VK#UgZ4wRvBpyn;O-ZN*wCoHvgFt$ld9XMxIU#Xi zo(eToNDxYw8V3hyd&r_55c3BTkj%Y{r<qqQD12;ix%ricy;+wep*C{uKxq~uy4 zDQX%HAq>%g^05HO%DDNuy1`CpZMC4ZGD%J(UOa?5b3PuLCizrNIsXd=A*Qm{VZLV? zEQzUf)UzK33=){vrCnw^j&b1}&6`?!}v*COIa= zLY&sVAa%qM#F(U}3=zc(588-BsYdih7GxWA{=`sov#51SMDx{E!mJ1N>za}3qWX#; zT8O12XVB+5L|LEO{*B;1ifR4n9jw||!n zK-Ip5n45h{_*ZN?EJ;aQ4j!zpo9X~WgAL*ZV0{H6_k54$`4^=dG!TfkFCzHG)_(|h z!6n3GNBdXRM4tgbea~PsQ}@!pI5Ra3W7Xxv($8oP0q&5G*8&vTz8BAPegj?8SQEE^ zT$LnGj^b(km}&eXa8Z{KeI`te8m$_)EZ8AR8b&VtER5$0%+h2bc?hEM1cMRlqhQx? zAA?fHNrX80meUJJtul&GQ|6zA9)UuSaKA76vV1_6eh?o|N*_U-)7l+G0F1_qpnM8R z5pn4FJk0280g_E|_v+e3GOf{E2+;#%ob{TNUQGw(rNDQ+e zZAeO0(Ru?YEKrc~Z2B3-KY=KReNEQRPgb0%{L`IMpJ+W3qkXA%Oc@S8O zZ$_>GHc`m@E&wnlO%lYM!?XY;e?1{G|j7X34aM9j1zr> zig^$C2Z~?|NN=K=@^t|oQ{5#AOUGD~keM7+5y(INk&Q z!3X#djUO#U{}eMT2dNu}#vsHz05&QlIY5c*!VGAVk%awuP4Za_g6l)^vzUS1d^C=s z=DD5tiik&Ku3t-DKcU6?^A4LW@MaxPVzutYz&(&e#q6o;QrG`yl9|`p50M?%%A^p*_ z_#Ko{5k!89xDu?CTk@GWwL?q>`0pYKrVpLu&QIf!VkZYkT?4gWBQ6a7XNcVqC5&ZJiWh3GLFVITFG>GTF|7pxl%T1TG^Nv|9 z0x?6wSpQFm+kAJfQpS>!4l`M5HN21ms1DT9GxYD%rg7}!y@B%WxZ~b!iO_Q>sc9(d zKggg!sk=n0m(_o0=#oUzL@yx4(4E0WOe@Gdy5u1)?lEF9%8XqhEzMZ~nPf(iCM(tX z&f^1B!3+I|&VI`56{soaO0$0gJj2m^U6A3uI(Lcn{U5`tVQoolGa%Y!58q-{>k2b7 zeQETMYJhtnefn_yQN)!)QKzV71Jyzp?A$U_1DyZX2w-ph2}Y~Abv>C4Iz?SP_Qi8a zBl74QBz8BMoKeodizGDP-8DnvMgxsL6oMf_NZ;)=*DKTb_t#Om-BkED-1+=^e@Lkv z$-maU|J2!WK^tQEZPpK^RQAi?1N1C+&Eo#!b#&GCMtAM9VGR9oX|d!OZrFS<`ZzTj zIuB(GgVR46-B!(cPkA8BCx4mr-cw`<^D6Y;UR$rJ_KYrZX5ECLB8rRM!q(=T4@hMYEN%+lv#e9!U4edaOa^@aI8lit#)pe5Cn)HKN{f^-kor^j;jreKOoRauR8QOu1(x8+q*FlAh^d?A9c7< z;N|&?>1Le>5T7&=AhHl3hVRr_|A3f}x-(h8yRX9cHW>!}0l|O(fgKFj!aP!r{}%{a z1PBoXh(&)r+&>^@yB?N)<-x#T;Yyx}2U_;28?27lT$bTBZq?lsTOA1%^NL;fokkN_ z_a>AFm85709LeD~SuKOa*B$y(Mx9uQD9qSr7M>H#$AK56ErrAgAg{?b>5tfC5mDqk z!!#~oPr;&B}avxgS$Vt(AgaU(v_ zjxf^^UhU(KSC`_Hf6Vs?ukvw+-I=&$8^RPpcqNWIVvofu5GQ6RV%pbJyRg2?}$Q$u}1S-rNgje^tqx4do|Bva2 z@V+|k=sy$pLx9ATqJ`f@Ns`jub9c8g)6nS3>au!~r~_q@h1{rLU_8h}B&AJ9me9V# zmFLlA;PpWTKa91(4EP)%9QsypemKFl zF-ZYgL65^t`f4(Cb|BJCC>A%d={-Gw=Mk82iFB<5Y_H76HHI1E(N24n6Vi~~0(wz- zsAQf7OVc2`EvF4s<5ia)#DC)e-3EazAwe1USY9;|5Xv>r@F-1;1p^HIkdW7J=iA=E zDD&ky9iDo5Dpv(8@4j$a0S)3dwsa-57)WCWKYJZ28HfjgP92jp8sX4j_#p?$LB0e5 zH29G$2^W8EC)_vO(*0h5Y70$7KP$B`5s?`GiEz zRd6PRVk7{B78*}@>TY8#iBoQqHoWT%I}{JXXth%NN+Wq6ga`W>1jWe$5*7pKdGo)~ zUK4{y8$VK2p?SvQ!{}aZvzwzvx^>Pa8gIuV8Tlc@NKyRhe3tQC0lxH*Dp8oR8i7;& zay;&raC1PR8D1j=GC5Ls4<$0@^=?S?B=Rh5WQrB5RmZfZt-VVQ)*WOZ*Tr>AoR5zR zdyO|k*i2cD^tJP0vdPzFn+?TbdjmVC1q*TvJY-o#HbhPn>c_hFK@%__qcO%@h%=z@!J1zXB9$fCYo|Ycc5```+9q_`V0XxN_5hV4zdL z_mof`pck><@)OvZqQJf4-CKbx2L2hKxbdN`wmb%Fqcp2r(!x`1#ojk`=~vqeO}XtpBb}PJ@}>CXB>nifl?t zDhF#|iUqtvsqg$uQQd-JD%m#cISs}c!?A?5I*FvvBHsfzaJIo`Olm*|RKKUlucWsR zS{;r8t#C^zU$kJuaEyPbo&4efuA{i87O9aNBY6T2agxw7n$-4g%|N1VA7Pb|{EIP< z%{_~(A?cYfaEz4Iv5lON&0LchwN6)CH)lE zfSQ9IjD-uZ6dqZ?!p&DHb$kJ;#KoA;Wgkg6iK$y?+nDRS@3>WyC^g;>1e1SjslA~_ zdSG~V4Zm0G&_O1>JqV11ugN^XQyLz*k&-LnCaV(fr?JhZx(`1cMFpnYbstKM<5)-? z-6b413r+8J$Ty~6;x|oko_3(#`z9GYEp@wTYudQFvVSmHUHSyy7i{dv>4c{u!E@KO zQQ5HPSB4D}MO5HShaJp80}y;uTS_NmY(h0|TugdNW9p!n!AyQF>#gx&h&N2q0jHzLNpy0g-tUxagrp+*KhSocm!LQnCAz|xVUZ>yU8k!K_54e|ytN{z zg6CerY{=4h+{U!i(||UK*lE1rn-_ScVI$X@XhivH)TT8Es*v6Rt`!rx5TjiPD#T$~ zHx;Y1{SF)W`f~(&_0g41#iqaX(SyGt~w7;4cUKdWO|f@ z*ap_Ms=uu%ptXU%a}WyEDmxFG z6g5aVybTM0PGnjaqV%=1&>oisIZYgZg${Yc0U|eZ=8XM@!xIjY3N(B3^x~j4M0`oi zS7v9S8Ohv05{PBMXIxDJlHH}D5k>ayl9POTK#5G+c6&rxZG_GtS4GAmOGKjtsZx-9 zUp8{!eMp2NDuc=Mop^G@{+tOI2f;pKBFe&9_{nRH*BmctaFuwp>L1GENkS`0{{)x! z*y{qu0<@z_Y)JKkR}-OI!qicPx0_Ltz}D|TltDRwa6Fz0i4nv~)?sSzAY`F86E384 zX79zyevX)dSLBCquI0%9y#jb-%hYoqZjvW4-QdKR>|a1y#$^%=FM_#AaH9s)lS zNZya-{5bP*+dGxLKQf}KCYCY?hCadW_Jq1w9Hl$_;zZ8Uj>-n&r;PBu)dULy+p+zA zI0dykm-e~hHP_F@;9aXnd^R6(MI)O;3Lwcc0nj^ryfr}O5Duf#qAQ2agn+?n9#~%y zr*fcN%#p)VJMOE!2*v@$&NTfw<*IEsCI!7fZpy}W2DiJ*34jH2L7FJ?SIB0dT1-v; z6I-wxpb+pI&^GGFjDd}7Hf>;;|9+YZy~E@~CKMB26El``B$+@-O&ThPKF-x{;M!`l zY<7n)xR-ZyrSy=~6^v+TJ9BI)3b@zQz$d%rb3r6Q7)BN&Q{CW=(nlO5gMbmqJ8EZ4 zod=U(q+5QqRq5kPQVQHwPHh;~@@14HWq}h?6=CsjDtrl$HgDF~*ihcO7swCNa=>2p~w-q>n{bl8^+_b9f;KhQY#n#xgJW8cnz|{3_w@x8x3xd zigZ2xu`msT%=7o?BiQF1)b4tTfUTgmedPf(*JDB&rr>#A9{@uW(t`wIk5I$zqW`Bv zk9?6_e2&tM`O>Q4`T%Y0tN!xTE-cUzN^}_C#YT$EmBD#BrgvXU`?(kSLgKfjS3d;l z*>1m#0($S#8NG}g>lX)R#i#TnO)C2`)Fb45J-AW~+Em&IC`3!y4W$JX9#U*dnr|Uv zm3$)H5jv*5!)LcO4rqtfCRyJf;GIxG<#m%WQ9%J$83_~2N^Jb?=iUanDX$B@@T#2)FneKD-OKGEeHJaC zvtB29O1%7ZCH-CiYX-Iu-I*uPE)OFPjK zg{Ys&9IAFEl`|Gvm}l*v4RcOdb{m4OF}b)n!k^DGU9&9(s2Z;dZi>64pRbYxtv&eT z`-q05uAfu(6T$g$yr?e@lvo&8@9nUzNEYJXIs0C8?c;4hH|5P4azEsuzF9N3q}W01 zinv_#iKXl_iI2`sA2%L%>cMfojm{6UYxh^jd5{|K@8KuHwJt(z^XSA{<8F`nA{Imv zPXJDS?27my&RMI+_uD3Ss2|Nsm{1t2+dhFoqftWdjKD|H#m%PgHI70f*z)~;bzQh= zb=ceVN}~6{Qo^c0I1?|vr-aMBoWREMG57C9Es_BiUerj8b-4an(}4jO6gp%V+#O=_ z-Pq|Y>RIb`9CfP^S~z#jwtDT=>s`wi@$xU5W^4Ec`&GOK@0=#&K;=-dS4F(jCL+b8g{8 z^=r1G0QQ?Rc8lkRD3l~e6PcmvdBe&tsjOrlJQx))ePu^#MkCibkY43@6Uh3hIcPpPgdG8k|qft2GRaSqnc)s%GZ2jumhP8rJ{ zPydb#3!HvdC$VHa`_so>v@i1(g}&axsxOwZAgdn7qV9c@IaB6}kNZ*w8ItO06>DKc zN}OvcQP6tEuFR_tA|2TW^jd$<@y8dYFOn<+1uI8BsCn%?-adN>r996vt+x@r+kY#M zx72ljIIo1BYoKH7`TXm8b)vj)LQ!}>r>AU-=OwEkQ5k1^dJ0Td*pOG+^BG0GiAG*^%olbi!y%oDwK#wM%WR?Ry3&MLi0u0Xq!=i@r`>Kk2|3d!uZ#|Zzp89OKA1WDF_&zPgI?uq31 z$LEnMPhB(Gs!#8DAA^TiciAf2oa=-b20^bu?ZGzv&--byeKjnqgKkGdW|5zcTd&_A zo(pt__L_JXL`C~WCtu-UOa;=OqYs&>Wrgd+-{2Xf06OY+TUCc zPx_J|rP|l@!eyKqnUKr=MIhaBXVcWAYztFtpX9zWQ%XaR3c7i~1xMCX0Xz9&ZXnc6 zlug_9vDrH+@|Q<@)A9v#4TqZa!jtqhb8vfb=JcZ;u4uRYdCwPff*jY|;r^8Pp#GR= zWYLWhIn3L?e?C1qCeU1+TBP0~!k4vq`-UPIP8Vxrm?aw`#k#u5dSI{3f3cL8FRfIK zKS)BxW0L3udXpJTz?)ne!5h3r4fm2&*olc6$5m#O+oo3D`1#u67}stUPM^s9sG`h= zn#nY)5)-t~n80&%wKq=>um4~b`3}$jLnoche0W1u z3YLl=8B^^hHu{kGhR&7d`C^drkE%!eA1YrcCWJ+Ai>`d?`{gxLB#H}sXs$meX{$se71Za2mH`AYF? zYZf{ol3(an(1%KqeCvVpD~Xw-LCBY&N{&@F>$5g68C!;xNbDN1JK_~tKBzL47esvJh;j`D8Ps_Q zn8v3L8vmB@vd9rB(X#as+KSerx>U?w4f;S-TL`Sd;H#VwI0>UEyPs&Jcok-m<58o7 z+?9}kI^TUh^Ycc7P?%jF=*cZziDL7#Bhc;fOb7kmQ~czmtohHeR-hQ2K!adqU(ffO zkKa?T{pMdRjXd3!PFQpu$8!ZguXxIVI2B^0yf}>xFB{7~<{f@#W*3Cu`9ry7!(#jI z!Lh$%DEM&?!#dY#`=UmeJpAHwf=}WR{ z9rC4HM#jr^Sjb#UT&GQE_q!2ePo;h`#=TSWf+r}7RJA+g#N~2G6{?MM>#HTDe=Mc2 z{-L#8S6yj4PR89&yHbLg>ITGFB^bqC%2-$Q=;>3y7O4q;+gEyd1&a|bY5O>s^}xqo z>#MZ`Z1z)ZvdG$8GgkOyjxl_w{Wdy; z_4`)49E|?CzF2evYE(WXTsm~Kl#vpe5!1hI{4o7#M0&xcBPA;WlqHl#jFQib(wmk@ z^0694{@3{F<~FPHX^|YB_1)`ysx`xMMWZs>A!4>kCP#N#6aD*YVg8H2*r7>c(PMLk zkc^EvtnRF}d&h?=oLq|(i3zUB7k0z1JdIa>()k2QHEK~&566wqEpx8Hz#m&|(x%*H zd+(6Q55B|Vp2xf;_mv_m?6LVu`mA;f^~-CwFf#J0Yz?2sQcePcqdcyQW)6<-qDBq4 z;9b)9-KD(2XrurWHl=F@Tn)Yt3>J!A8#(pkGnH2}8E@9lY6ri)YcVmIv6|-;gX%cN zC~7$c5?++YxCj#RzvT1!%^d6a)iku??YR}v=mJR5I(IbwcS^&X!Ks(nLtf2n#yD1* z#36;?$=sE;z-yuIjSp`VKzodI(Yl9S9n8(+({_`5*pHw5Cpu|Lpb#=_-rF;A+x*$79Lgo_pGWhQiDKr!$ zK`-)fLqdITc-)=~wr1iCq?iCcWs%T-B|Gk* ziFe)S7u)3O-J6&WXC`S9X@+;T;@w`HZ8GxrmaA0-7qn<|ta%vt=rg{j_t}l4ga?cm z(U<2u#D%2Mp){Qt%%wOSEl)PGCMkWT(ceh~!j+G^EE3jrRE!*ci;Sley0R}Q_R~bY z1>b$iUW&}vO4j*xD=27gZ3wLdZW8%!oV;uNAkx$9FL68MB5cb_Bf5Q%jjm;Ww?d=z z5M2GUCgi}DVBm>ml)W*J@vY-6@OGW|3Dd8fi8DRdGKa)N83Tg%V={dwd-oP6^PlQY z@%^dng@xYZeCWtW-ZG}Xmx9L`4^)a7m@!+wvMs%AoCvrxABW03pe=j}Uif@B6e;kN zHLy%4#O?))Wl#3rp={0|7rjG7UCHYn5n1nfmuC|~{ z@Ims&Ok*>{j7z=zt@s;+yJuPsWBImP&|s3#jFW_;rxU0w+Za)wY*1UYboHH`M)-f^amy-*w&^DfJ!FIgfA z9_V8JBrB4shXW_eITKW;@s9iCe7G`VP;V&TW`z5-eE4mcPvK2+W++u8P`hO6?c?m{ zc;(5%;v)qzyl*PRLJhI}+tGJQm`BaD&h+;LhqAHw>ICYr47gV%etphD`S8_pk@khy z{D*5zQ0J6!e&^TSiEfF5#J1bw5>Nwoj?1`w1a7KI?*(dzPUz4!$}5*29+x>}Q2EX-*feUvcERor@>BFX%bvDMGftIkg`pvF!F= z7~UF{nn-|z*jN}&{henlD&Cw)t1J0noW99OboSMU6j~oCp#o8W^$OStMJpuYU$XB$ zcj$3NMfizMJWN(J8hvIFO(W8&`lVgl4aw)Hj#w+toA;v)^RPZZOE9^#-dk;}te|^% zL&#^Zcp03&@}}iN@|bIev1W4gr;=;`fZU`zr*!q85Fz)rxKPYnWYrzZ7rU&%S7hQ_ zZmMS8Vsz_o<*8+k@u;>iK~!D?i|zTis4LIiaW^cl)3r35Ule?yNpi?*z5ae+oPaSn zFf5)khMByWSVsjiCw^KK$=w%!shXIgu>tJ>jf!7-aDuuX=%%QonJn;G#q9j6&8IiX z`SY|iHtw2a!(FXv=f+aH%9Pim;{obLlxIbG%ULf)6E#;8C8@J)Pv=nP(t3qv-Z09~ z@yF9@7v(=yMkB;^@U;z8d8OeJ8zu=So(&B&j2%~Vp+nbLO+SKV(!NR*$X~ZmpuK(> zpWPI*u*gqRU-MfhXX}2QR!;$E_MVY*+y|ef(ydro|Wku2$lPV6&k(dG5|P83#J79;|J^lA5~` zGnKJ&Rg=4&gZUU04?ogurr}b4a$&#o2XjT>Sp+>!e=ZLb%qCvZBDLRgi=#>Kb8$JM zul-F}HkNs;XWN0Xhin_Gd?+6CtBQCykRlL{FZ3-gSbsHu-?Bk2nn$)Js4pFi7C-)y z`#P!acMS&Z=6=PRj{En_=rQyaf6qm5(=B4-BbIqyT;Qsiz>FE;wI%(> z=^A$7&T5gM&>b7-;a004SA>9;Si+g=?JplaZT|^;<^yz~s(W=H}RQeE%Tn|Z~Ph`)!!>u{oymM zL1|hnK1W^JGl7acz5Cz6Yu-_5`x3UyoC`PA3GXyCOF=Ehi59=+1_wzht?%bfoC976 zwN89HDt3f1K~28&%6ludUQvX1YBDYCbX;zjbjOGnq6=Y_*jOIY`71~!2-xlgs~H{K zetTbzw(gvUcOqziRS}FPxb?v%z0l74m8$g+7BB%%(WNirai!tO(QEoql?w3(uLt@O z4QC~D>ivC()m+MwY!Ye4_$u-~=B9D(p7XRUm#ukwf|7Tf)aQV+=mh`QFWj6&L#=A! zdv1!*D_?9{gC~qHWo=sBHbmNhpzaO*L$kEBLdi3?HXV1_9sD0ok<|JoMp9*ycuq|UDJ zc)Ht4?i3oR#1pOL?w>*!$fx%ZxO1Qa`x4y_Us)sLWuz@6RPQYWNBJhO(_*WS<`2mz zyv5qVPo;gz$0);?`hm%^`7KqUdI2y0dmcvKw_aD`TZZFDcMlIsTX6ATd)}gVu2;rZ zs#Zttm&Ue7^~MnjEadcGwnXh8vG|n|!ppv1=f2+{ZvK6cVn#dH>nn!yTvT7?9{)+Q zyLTS<&8oz)_+8p>&U4*y5s$!ukn@!4+@2*%oUIQ0&+L9895nXb?~Yf-??4zr8iSQp z9=^7D?}<9NAHKPxq6k-$*zV8Q0s^QO0zvT+S(TM%pe)W=3<^eb^P7CR9@I zpGZ`wFnmz>iCjKWWF8yL5Nn*OVdmVoOjhe~R@?L+fC|kF9IEf}CZHH-g$|Kg{u?4(n_zYY*q;AEE zo9+b9rF_bu^N%d$`>-TFQ|D(C_#Hi_%@>^|Es}=62io?>-t3-zf(9?L)nuCBwt775 z9Gq+Ny_w0x3qiRG9i1$#v9+^3Boa^Qmwn+xY?l}$TDi=a!0CH*0i1d=U`K2fHC31r zC4XLKT(wB9@cTDcRpC{E(L_;F440PXe2mHR(Hokbs^qI|(P?&q!Wu;XDCY&?_MNWfgej}C zZaHN?&RqRYJbi9Ov%_=!p?%QS#?b=q6;g9o5aaeb!Ra2HW*nebeVLAubT0$0&uUE0H`fd-agE`RBepaMq~G9e{wS=Y{vNW{=jefLScLB zv^R#_{zdQVobyQE4v(33i?eu6_mIJbX+Uwp&U3K^9wxiDP{b0A zMa1gJOGLFNFhxyZkL&wJsNGVJn$fW*^t^ka zK-(WgRcspvEuZ`By!@z1m|zkmKq_vdci8+%l z>M#B1tT3B?#sqgSDxHRSarxn`9Gf=R1E_3}T2H)5jDpDMhs-g0LDPFeG;iTwtzz69 z(8nT$pu?f$(4Z8_x3l@ho(XTGy5ct;XEprm4GBKcX8QBB80h<+l6f;sd*JwRek;Sp z6uorPQJ#w{{~kExktw4(g8)Rg%{^g$N3~!u>APdv6bW?%);RY-f(^GQ}~ zK>gX4*sYc3^Yt32v8lWF`^Si?pL(g942M%*B{yROUm&W#*8+J5J(4o0O*Zs@k*hy- z9zO6KSAlx4D)*gcUKr1*hU-N>rIMcLXyAh58eW#9>?rM2q_CeF7L~X2Uv#VuH`2J% zBR1Ym|Ezv@;e2YfF~Kpe(RAvst10*4YX*_end^6lQR_RE6Jg~Adh_}XW_?DSxohfF zVLxGx&To5HeF60*Lei+eHniTgQaIU_1uUf7Cbn9fYoK1G@t(y9fyh6{;+F(4Bn-0F zDLYZwc{{XJ%!rSP|C(S3xbF=RQ0yX}+SE!j=XHL6`@IJFDD-N#F15;0p%#Ol72VK< zcdbQ3;B3?P+s9JkJOzb?m5LG+d%vUTwuu3s@y!`EKBrOmwYuZw!q%OTNzUx%l<@DO zfumnzK7!rt{&eqbmet>nJd@g#|ENDN!%DS;BAhOsr?k5d_V9ySKYW-P9;&TFMt{Yb zt{2zE%P>b}EQuCwFgXp}_=zMFHW23gKC1ZHFV34&TembLog*vx%a@D4pBg^jAbQ+d z3~H3!%A41b32TR9rnk2X+cVJFD~H)fs~K*=?3xq}X&hzy zi%4REW1a^>TC=;b+bkTXtnB?v@r^M>Ab}`}iWYsD%Apz?DEIAXe2x7#T;FX`KCyRv zJ#XP=kiMSPiva_&IJBWad%lJuvYPc1dqZfz(VazK<21+YY7Lc64zKt{IOjvm@0M?M zq);)Ul~j~Uyr)KT33aG(@9S{1s)&_e$npx1&N{!R^Nzl>PsEuP^hg-Y6kR#er|S$- zD}o+8U%O-!FPI7 zw+nu|K)=P8qrg(W{{8i0&d@XSWdKhg@f0ZVRqdyM_Mn29##GJj^JbIgyLgAj^A9es zXZ`Q;t|Uk*g;Io%nT_w(yBk#SST*kZ_C^=ISV7$DXYc?gmWOwjZ(Xd92ibzc%0B=s zQgJw!zN@}M5q-QZrPrH;qg|IyHd9KqHW)o%uXkVUY52^UdnD68;j}cFtH!odi@z&B zU^hQXAS`RBFrM_j>%|^M@=x7~GOyfvhe?1rs!D}>e@Uqzuk7D;YBWvJD}n0erYg9n zTnio)rq~!YHL>VyUdvL^b}(2`?vl3%9zSMJx-%z~q_qt}-mF_QS{ z?u&*-cXp@AKS(fU0=0aWxSEV^gYhsIE0V|HVuY=}#kedH_eXLMUk^_-4E$~~KO=d< zjzfLn<%zA`eSJO5(xXLfYZVeq)+Xia_FAeq0ZxzWP`-L7_rB~s z+maBrveQSONYW?J3BGg({I&odP3oCOA&6tm?Zf^L1I-idRyX$_)%)Kx*eMN9QUu*Dq@ z`pVp{doAmt)Z4RG_;M0Wp!q0Z`>Qqm#S_>5qtCE{qFP78(}L< zttHmI!`jBWiYf7rk)pTn79U@M%%mAW=bAc^vkPDYG16APK%{8{!Xi!Iz#@xiY6kKQ!%dk_*&xJ)%4xy@ejH5^^bN% z9=~$)g@%{z)6yH)=HqRi=bXptCK4Y3ju?!)F-#!{eqv%($ zWu`T=;pC!Db?mxoQ??B$ySk%OVy5x5JA>o)&?l`aS&U!5R*AyeS#v)68kfu+o=>~n7OxkCHiL) zcFz6TzH-})n)305;&o;#eMr^QFZq0#ep}OV_RuNPcn&QLHaBc1s`z7!eiI_i!o0e& zSCX*%w$D{S?3JH(rCQskE{mEqszpsF{n9ZCm$HgQ{T9e3d#=yZ_%6I&^0tjhqR3O< zFq>qG>J2@d+WqqS-EcZS@BS^*vBo?7z^82s_APm0c)&=euEm}5k_2T%-@1MWFOwSnD%2*ZLox9>@ArPw*tbF$ z`)$OM+X;!bI?hL)0a4pC^B2%Q+M18^4hhvE_}pouR9`0p{mk+=&B8(?4!rzFC=)FA zJpF#oWwOs12iBba$n;syIXLj0MO;QQ8@uL;XLVv>g4(jL>$C6kT3*mQm4W*3Y}4O& zBa`RL;0jxrts~!V4GmAC>q7YPU7r#OT2mE=_%y=GW0M`GZ~^-S%{DyV=p1=Qz3 zYs|Cn(eO7@<;NVpK}q*c{#mB&Xot;W`bdqiI*$g5a#Bx)ssBgYJ4K1o1l@vd+qP}n z_G#O;ZQC|Z+qP}nw%tAFzjwY_GjH=S^O(76N9@dp%BqN+5s}Tg*tV2B+CR>V1+)=9 zqz7T<>wziY4Z*n_ZB6egEG*T&ccxAfv0p8_u!pmHG-p)P2PZUpj(2(sjHqpF6&Bhe zSY`AEu)*li{}&d__u+n6x!jml+o5~lB@eklM9kK8}n>rnHx=CSZ;DbN@?9O zAX?#P2C+J6QAo>j0M{O}uazet&aHji$FPXUugWO@1clxbA2T{PC`oQYfBNr!Za@ZU z4%A2C zEO}J`JbPy_(+WSgzK3a!#v5eWRkq&)444iC)3E^!oVtQ#^5O&Gn*=%)- zIU^@Nsh?k2H6o3bhTKkg_Y8E5;g|LsTNk1?=rTL{d(^mnC8!y^WjsC*7Z}1ct`4FoV;gCovlJu5fdr$!c<5rGAlkRF+T=(%r{TCv8iO! zFQ$OtMjQLAnw|Jmw3jDnunZ^=4#`Ip&=$NZsCU(ll{fCYEk0&Y!Wq@$QkSL3G@9%~ z(pFiU7hq++^RQBE+U=)CK*PNcoACu(Gve7}*Q{s;l~%P~#)`YmZwjO7zd{;0w`q;8 zPvJaP@%eVkUmw>$b0^$a$)NMof~IAjHvAA~I_&rt>U7Zx^lU2CTc&!pX}*N|kjUJR z)q4NK4`>{#ktYzxWhMi~n? zpO_!of0F4A>e<~3Tm{6+4k0uel0OAwYJ>_6PpdUKh3Rr~Hr$r@Cx{*h+Bz&B{H2+O zXZNwVmB3kwHV(d$Pkc?CTK;wh3?9miY&N?x=*);H+`=klZY&VJ6x{|gEd=}}(Ve&X zUL3Wqbt7}#RT5aDyRhIrQmSv#*!sE8=C+~iyo?3OgxAuKTub*;9t8T$lF+Oa`IpRZ zTfm)tXqDhndO#A76B%mzeyC8B*s!+`NK=IP%?(%v>UEcKn^4YN`rJ9@E7bLQyez*h zUwb-Z)ZIkEMq6hk?J))4RPspFXvBK0Cs-|HO7{5kw1ZZ1pWMjHM@QIPXVE;06ejB( zI8n3y%HCyZA%Z79QqFhIH5#0aUJsU-El)=nRf18plGhx z9l4F=6ehqgO22sCN>0aazE0s~BLSNnPdyXut-Mfd;#5t(e(}0?!7*fE?FqTcX+>8H z_5!g#w>*L74Yy5C{C88E-o6okCvlRp&fY*3tXJeW1UH+My`_`}O9Qn5;eP9T&V7`1 zbR-A&3T>(rZRF427}kWHlRBC_=Z}4Ri`mj}yv+dKMXHL1q{Q9Q{usg{HmFGmO$CnwjPJ}(`V*8)P z`HvgmtsYg{Lc3*j!hy_vp?oHBndRd$ItbOC^)9Z!r3!Y$`INW!sX6Sa|)g|!TI!4JJ?5w{z8kRUDLlN{UJ=))6Yq?M!Ms;GE`QtHvA&)!r z#-rK>EwXnHy?xR@e-ytz<=4P+*5R!yc+AIlI+;fzNmUF{FBPGbn(}F?I%|W{)`wqV z?4kzu^NLs(G2yBNwdV@az4#z% zVPpQiq1M=6O5P?#gX-@A#4Gy+fsf%U3McurylNk!7xXsNe?R3i5_BBXWS1JrZq{;{ zbW|k2UQB9$$y6`0xGdT6wUcR_iJq1Rk*U1QElwO`t#DVa<=ZmueX}oe$lD7OwV0Z= zE#JDW=k+<&IC_hFAI8?peS}>2XkraI^2Bs;zg4YweMy(tK9^ejbFQqxq6P!ecQJRK zmb~5cbxhrR;`{^q@GfOo&qIr0T>|V{o#kO=eXmt;+*$c{9Gzy34G=b$8VvN3&|P59 z-a5Ov^Fsbw3;RqTyZX`8(1aWMEVaAkde>IR4AG#}e z-sym-!MCZ|M#41IwtC5?FKXGKGeE5z-*vnO$g4`UI8=-y>`V${v1-9f!*o|jot`}C z-3w?Ori|(y=3Bug&$C%S&&xRIb!)bJ?fl+F>mcC{qKc2#llSXs`=Rwd6OH&(E8zwQ z1qEUw>%DvB>EJ&;Jr?S;*8PQ3Z8v!ruC$5^_G@L^q|q$(akHQDvDzdC{9{Ht{oMMV zb-Rl*&OPQFL^?q7chP8nE~)#FYQVa=Uh%}`RJ;|QDyOpo5fR@}`?7IaYZLutRgLc@ ze3o?{eIoPifUldgdC$?y(P^$EaGQIAGo+=5%hx@_8hN_4UW+&y+yg0_h#pB7ktCF7BUf~3lu74Od!Ujx~JiDH=j z`RmY;&(ZGSu5O3--@SZUl&P%>UE<{3c!Tmjr^_Ip7?4NM3X`0n{ppHNvI<*zj)J-$ zWdq~ceQvEc6D3z4wFZu)w36l&QWbp$DFboM!lIYcrE$qL`jmjw_Op8EJQ%u%<}0YZ zDX*TjU$f83k|2!(Eq`mdPJ)ihVM9?HyOhgeaQbzpcuQAz&_wOhj&mqKA=iX15OZoh zO!$fpxlFN7R92mh)hA`)iK;RIozIa)>5F^XcJJ&;t4a>qr@vz!4o;{oUJvx4<;Ock zZauOUe4BJ@1_{r_J!+XRljVcS?^tS+$PdjUINM<20i7f^k1xSPDQZ%Onyx83 z$~ltvAGGdAu$RcWzQNiRYjIHAT?X&=gX6M1-H>Dd5|*vL4-c5~g>GgaK_@o}k8$mv z<#dPxuf6N$xKOrKacC8Ylg5;s?~{xsBQ^)ixAz8FrL6&rL8>ncwzB>7G=`;o=RTCq z+xyq9dNhR#!aO2k11Ikt+*;WD{2ae)3m4LY=~?^qlX)T4v);MBrkxHw*VBO?F9{6= zAvVW~9)ufPO&mE|yApUbx57N39P+nPS9DVA+vx8X-b>8wtDAo~hhaby^CW9|j!XH7 z)fsG)j;vj@|LPMfm%rO1v6?Ze@5X-mOvw?ia_^YZ#$d6&xtB0m2AJOXh7r5bm(;Eg zJ2AB+F##>w${b*7DAk-BB)Q952|F^hAl zZQl*tB95;SW>V)3rXw&c(7H5gM3wU4sk50b^8B>Bg^!Q_K9I%rEvU(UzxI5QjCQ)n z;Z^Bg*}A2-zY4Df80GXzMz*J7jgdrNk20k01xrou|1~5ChaX3>dDnaw5$8-Z25X< z*e~#3t+2=VmDsO7h{avKL1fsH#UNe@2tY2by1@^ z!kouYr*1xPQ%Owv0DhgB9z0C*kzdn1rF-@5=p9oOGDsq*;G~lG@_LpI^c25LsgAYs z>|(i|;euK-&Zth7FFA_3Qc26%{R71Ec`LO~!gXzNo@*?(4b|R= zfmZVjcbV{OUX!R#Rz<_{#4#`v)dU{PuKF-qp^sGQdwP!S_~Z@7xjeQGxk<`0@HAGL zx`oG??JLbVD}E9YV(sW>g&$7}carAk(*esH2W8tWtA}Gwnhh=|1-ma~L}{qD@KpCa zX;E3JR~9AM%Q4{0h0UM!Ad?;b=~8}-pH!wUS~ZWahKJ4<-%5O)4JBY-$ti7;vvsqJ%V}!j1Fl?i<0BA~%Vlcs9`uVZ&g;hoYV;W&*Ds=| zyM_f4L|d|ty%-msr0ZG!RS3+HDE8c{r}wt@k7t?Vh|pl>>r2(tT<`l#&qKqanT*@P z5#2+7@Fn%~hb)^YSXF!1efKTLte(gUg4JJ7%=hDs{m=C=)D?+8-8RtX*iDPE;a4}_isrbn1fiSXU}dAdCliojAa5Nz zX^1{Got4tg7w5yTo2*DBMwv}%$F+y1cCA*sk^1=D-8!y-+^ol3rRH$AKV3-p z?>*HetKtZP$&EtF-=T1D<85yZ^2ThB3Kq&x5H{~%YHl7O%0#cey-hkuMf=;voLzjC z?#^Mp2aLdENbZ2+7B!q-9{ahOBDu+C8o8cjpjy166+&*_ z@6PN@M}?!1mcUdr_>PFY$nn%H3fVL=(k8f%MVKL@bov^fFP zRH0RC7gcU@@Yf#5K8l@6{>*)^`mViw=GpHBbV&t|c_6mj8YZ3}7?@^DmrXw9y*Juz zG%wj1lgH^9TG;ATDTY*sgAY+!RO~wkyroxW-JT0>O_FYV)?Q+jR!c!pscy@)wCwA? zK)c7ad2*BSRmRq`yU!ml7mTE=@wz(L0Ga-~0y7qiGnO>2j7-MJ~t2sNRs|6*?tK7R@(H=#|BYumglT9V$E)zGU<^9;Att^=2D5)*W2DWRW#N zetmmkElPWp^*Y28B&L;mL$%8lZ)e_YVV6%K(Z9B=jiuV_t4YJJFBTDeDTO2RW@~Gn z%(jOqAm=-qOJtOMAN$qud{Q8mr>R}0u+`#*K0Bp;H7afBvX>j*I-{rMlGakGZ$6AC zQ)i)H^&~p*P$}vzPr?AqPG+etXZUm;*Y11N!?S)==CKs!2Wl|d;YEw!ZcTACkL*Oz zM<+rp!Y(i@Y&aoC(B5{GMn)IC{`|3WOf{pBqU4K0wu3D~J%R|2XeV2@h$1{wQhFK? zwh>s9t&jCJpJN>vLdht@N1Qi0q_Q=j!e22Ys4n;3XrHYgd8Xk_e z2(HWC7YNQun6eocSB~7}{1>8ifx)?$-tIWwQxcI;DWUgGc%J;)o4HO4G@_*qByIVD zl2!bBA07WjR9DDN)8`Yl3cXJ5c9FXY-4Snh`wqYrahh7f+hMFY0)=hoAhJc-p`cTQ|&6%5!urv@F>#Q5md3eV3d`esmIgp5wg?x?J8nk-r<{df{ns(zvkBxkM z)IkfcSogJU4>DZ5bLHpA&q&IvOxy6thp2>Kqu$LtCZd|7PD|+5Ti%Y#+Zi{){QLbn zjkqtz|4xV%eB3U=!FqQ4m_CJ3zztYgH^h+o!jXldtPYkm6dm^$WyIdjq_XgS2pWN3(>$g%gHhRqCCSq&Flm}GS;bTUffc~yG0K@ga*z(%Y&WP32^Lr zw@+boKnGv7LGyQms6(epV6}8Hmkqj?Rh>Mm`TocI(yp z54HP=?oMnXX64>4?pxaeus!(On2;gT^qdyvnPRo>_(oTSE^6i!Pfj}zao6RCjwv%@ zg4WulYBP4wJa4p(Cq6zZ4oT%dDsju>cCkn)&~%%SlH}D4#xAXt=`eHh449oc6)qR$ zmo7@ute@jzkf3oeA+kX&#CFWom)S>oG7~G{j1l#;igCySZT(=8?dM}Nl;zBox4QBh zNkYhKTWGw0K+)Eim9H0XcksG&g{f>#l9!Dp78Tn*lCQ?S{O(V|iSw%A&n(_*Kh_;d zy~au#3|aCam$hhKZ9N{Jj33NjD1UCjqVS%?;9EK2T(_`!zt4PYE(l8}V=d{OQY5&Z zDrx+5mqfS6rfDKlUKgfqj#cYjtfO!|W?h~=%WvIVkIOvAzk&XEe^tNCC%w2mTc z^aO>@0P$JRAo*&cdBjQ6GBsZF94gosLEL3!z~kBuZSmbZSWB4OxwH!5L9ug{nZiB? zuEyc0ZlN!)mVS0B5*bAz3^;;I3E?w%S;0@{jUBJq=QN?cVP5gJzaph*82hnwcubpi z9lN!GHR2BjgZnyXso`zVKgqY)FUe}>H8_DHS*+BoEQZ&Wfq1FpBqC~z(aYA8dR7Cc zC!(N5`gvAXxjr73SF8o=mVLiOdbEv<=etp$m1TUWwUwMfOPT5^V!CT{PucZ47lm(9 zwYoapY-BPSHEB+g;#dB3&B;QWjBX$EW9w*-c7<~&FIVr&OFlJI-XrJo=(Mpr4S!se z;jDA@=p=KSUB9kwU^}jz)NzfnPd7fR@HAFR02x-FIg&R~#2n;T+rDXen1+Yd!>Tk^ zw97d5CSD1C+^Q~vs(;dc8moA^pzbB3d%F3;kV&;pdbv;XU~*#TEH*O}F6mtbE6>P5 zHAH`(dFcM_PLyp(`~)dHx{>M0z~&%!TpBu?zDG!W*c;GW=Cm;sdZ*1p);^8~eP6}b z{g`&2OV+FEx1SvB|7&G6HeAulD%Vl_;|-yRQ!v7hu4L+W7Qx+{#&zA@&->IVw3sQw4~Nm&PhD8 zOKDb&*rmet{!L{2kpN9pCeDY#oy%u`ITKho6chqy^~h(}(W{GYXa}hU`ISNL_Pg}@j+;V$@t&!%rJW>~^ENNOXUNvSF z9LQ$-HDj?rANJ5F!3-Oo8;(ltf#;)pIhb;(7uApCJ3&!o?kyS$rNd<(6#L~+83u<2 zkBi3dyytV)msUKW*h?c}FaEw`a%nX5Xe?otM%41R&^7dVnddRiV?`~firE zfZFOz11^Ud@;tF++RKnBZTLb)g|;JI(5qyRly&ubGLyEO$%pf<6X0D7F({- zAgEv;RG|a7j=HyGx=%^tUSD5i^`qG?_L3V)>S>Q8WnW1?`^X-)uD2Qxro^sG)XIpJ zZM6s)AG7OfmPJlg$ukn}-+N;yAr#53t|o%wR9>cdNwUk~vJS=iXp-fkj^jV;qSAl9 z{lY9-r@uIm9|BmPqF<6%Pp6`g@`L3dc5#wA5A_E5A*2JAT)8tG<`nhQK=X25}S-(7uC7sw0%=B8(Qs^ zS3W!Tu0}PuCut39-iy;aw;>SZttKDe6ule0m#meK@`^6xF6Z{9pnwnIM<5>l!2LBK zc2hZO@I?ohSZaLA>G&tOZTb+QBBl?Qi0u7i^-Gx1m2sZ>9HX7<&g{Nv*f`$KRbT{* z4f9^cswt!V&64Sa7TTjT8-X$MFG666`lip>Q^fOi-;Cteo@H9u-b>3zT;6!KC1U>g zKyJQPbQU3!G@qNOhwIfDhiSIOrp-gROB6rCXIRmGv)=eRfjre6Sw*MQY!%9O_0ml2 zU@_*t5v7Q``5XtRnfD_@Gz8ogNh!{(TTYl_VG#k*7`$aT4H+|R#ta*e+5fV z1{dP@n*J*F(C4uGibN@#iB?Tcy-jOcm zXA7_yIV;Hp)W*jjWYTqZh(qBROpl&oe$z&qcw^fsGi;XL&0c@A+i97TZ#Vsh@wnmk zE3@poOe-^avioshTjKJj*2_(Io&rHdtruxl`P#Pr_vb!pm}YVXduV;LriGPO*1NvO zsNK8FJEkmOxNUJ}nfj2;3oNB-rmR~J{Gu(#f>Rne%a5YF<6KQA&3UdCr6=tpwV}23 zm34(??%0ztr}?qU>>+UD0n7sUSV$1HGxzKT+@?O)HZzsei%%o-+cEk~)ATRHN$=-O z(VpPRPV^goe+Q04;?X*D&u2%ff*+M#2P*T4kFls!Oh7H&X%w}f)qu&02n}3!s$-1W z@IzwT0q}WiY-|*NPm6b2e8c5s?NHay6IND5|EC$*s`AF4v~Ql=F79To17kxevAzKL z)pcLKLz+Uk(A4Rxqa-$_4phnp+s(x?t{S;e=?dCB3SDUht<@TGIs``w9RdAst%z$o z_1E!BubTZ`1b90_|LW0%D9GK1XBZean<+Zd_Fo{CWmDZXk(`WPTEiSv)M%@=I$vFuLDlK+8m?N&YM+{) zk9YXCUg)(((7WBO*YCoAQeP9-*S}hAMa#yPJt~fF;I%5)lH~!NW9T>+(jQ46jWu~ z|q&oEkp$ErqReJmEXp!1=;Gdy+WW%cKWJ>C0=(Yr5Cxa!$ zDbB}9TY9fjs@!%=uamOqjy4Aj%r+z-*=yS^X+;(tO>G9r>`X*RCmOfhv@59iR>d6Se{v-xK?|92h2KzF!#CNjzowO242fVp=KE%QOy>g3PsOXPBE%aRI< z3QeuLg8ZWNW((XqUDKLRcn2dKmjA-)dOK;DCEi<_ji~DdPu~m!!WiFd%Yh&B@Y`8B zwj3+;&o9%k1d6(l&np8!s}~2fX%azS3^kG>%Lfg?UqoZHDaBvCOhb}~noQu|ew4!^ zBh~1Gs-KEJYiWC|EfnISj{ljpMpCt#+ObB*9-P^spYlhMU^4-re9+U88@OtnS1FKO zkpn8GWSUw&co!Jd)=BrEG@WusVaWoO?RGUV^?Dqaz-nU50!K;}T-4J5uvcX8YTrXd zI@B20vBosegvzWQoT?MFipk9+*>cV)BQxkt$dPE*7Exb(rXi%cVFECPR2g@PhewwT$E{laCZ8hlp4Ngc~%o2n001vS`|v2Zo#|UuU>R6lIGhj}sg~E)&8A zD06dxUa4T$h!oH=@YdW^0|_~O-#ScFd!$J zDJ2|=M|QNhKSGf|Kmge$oY3VW%2sOCzcwup5cfR#APMJwtUl4Ny}TZ9ef(1pn5INH znx`eZ!_@~1*o>9#BslJac-_)#BHW{OoTV}tgoh-^spXR_jL4zte*s1r0L;NbM6sOw z*xA2a z4I1A5dCgbbHwOT~CZT5>T+Pp69l9GcicXW@0m`%yxeQkf;OQHMzJ|$o>UDiZD})^b z3@tZ-9#~>JfS#5Qgv12iAqHpp_JGEJeWD5--c{roz>xuABzr40;LgY7Mks_g;NOE4 zCRjA88}P8k`jyry`5W^U#$W2;4*!-gqVKoAgy0F71E{}avGguKr|(7d_YrXL?9!IS_r*R~E*s^tzuh^tC10HUr^I zWCQY?Tqz7W`H*JfL&Wqy|7s`L`Xko+2g;0CHv_Fq!Cc21;(%#tmEZ=I)Fn6|U(c~U zi89TYFl4RIWVVs2PZ>TN4Fo?kiw!aSgkwNo@jDm_fHPmkq9eGD_G5tQgkvw3vLohE zb2*3EBPYjcyu^YZ3kN+3s)uVm4H4x>%%cCx|PuDRI&Xw!pVhNsdPm{o7^QOkgi%T1N3fk=m zsr#vpj_x}P0CV3DgAdNXLLmZ*X7}Vg#7+zIJDdyu9b}iwx{nEhIikLg0R}Jz?sb6p zH)P8~Jir!LLAv)xWy@_{8g|kie|s3DvnNEeSqmhFYJ8O%$kx&i)iYR`d!hQ;16D#> zvA)`G8Xf}imjR>)pg+IePQY`)n=`VGeEQimwT$M1&ffJrP-)!zb!BGFqAcWv*IzPP z^6(dwMd1K*#WSl*Y&Pq+Mgn<5&k8S`Hvl zoUCr9DrR5np{CnF$_3e#Vl02dXO*v$RPEgU=+Qj%M@rpH!b%KS_w@cJ?)lYs~p;z9i4%Tl; zg0U+nJ+%+^gbHBJ1HpVc7l8a?i#SjQ{?#TtdB9?)jy50!V6XmiA+~KB}yRz zn+iw(=?Sg55xTOV=m5nAw*P^=gqK_?qC#N94>4ZF+vwiann)dxr-NKYMBM+!)w0U*&qcnvAb;U{5l zAuh9*_6YFx31NmjFs^f9^KBzpcky6E|sXj`){}U^{{pvb7pcO@D3@qJ?De1=>CaESS`<-;psdt~2<_2+6HeHA8y0Yje=sE*E^={t#3zvfN7wRK|yll6yhls=o7@r-G5*j(0fwj4z~}? z)X*PuH+$gtUUZ5O;LKqEy&X_2L5j%xcz;JLcfaP(nUC>Vb13EwNxm67O>sLjQD{Ga zKQyFM8xI*setM9wHH+-jqs_wPolQd|0!`m7`pGlcr?p_O25;tE3JT19eV}Ncps_d% z9>v;_2>cu+nqjcGz$vadTJ#?9pYB*#`LkYt$ohWsF7ez}GQqHMCji9YuIWgC^t2H9 zI-~r25U#U8I(P;*X7@Y-&h-2c^dwmZqkQNw(|n9!oQ}qPz|@VB&`A@4F_>0TcaUTh zVL~ntL+SlJpdcz(7#RZOP{N+pQ6f5j1%LGugPJ?n1W0-ss(jCHcdLZ5x=c$90(DRP z6H1uSwlhGnzGFB#+JGw1yFVBQy88M7D6{S^;^7buO#5wxc#j0Xj|*@hXc>5c8~GAb0%+8c}xT`r(|=g8)x&N+Rw)1pya=yU6J@ zWO;WE5u$yOeIcx{9rQqPeF&VgB7NTk)5-f!3vm=^wcv>(lu%^(XFT^t5A`??vyiFN z=@?4iHKr+fbZnAIbFdeFfe28*We;$M(rLmPfk(cN{1~yx;uN7*5G{cbrnn-QZJTfK z6Zz$&gqqQ2gr-N37Hb@7iI}r+NG|>!Oczc*lh91WzVdI~8dc;HW!Z%bb>1ZH2u~=e zud48elm`%zMpz+;^y4P6OlL(JS*QCo>t+T#hZ++6Ve=mEivm9s6Yj2ja>v)1v}pnR zyN?BF!;)nlECznHcQ4CLSCkZ{5KjHKhIiPJ&hbLKjE1T=$N&l9gcI}dW{VplH>*5jp9&!G@ zHux=^{ObP5Z+z_z{QebE4|nT-lO-DAf@XAG53e7Si>8$`tg=VG%{9}->l*spC(b=2 z|8RwzR}&K1)Cl(sM|ci>wlX&85H%4m%DY+6pQolOovYut}s2Aryu`U_t z%6Er3ffZKAAma%dZWP$l8i^B{@L4uNc{?kgGeSX2SA%k+!#u$S%>;uEB7{VXYi`z5 z17?MWp@rG43fByb52K0@fXfzR0*Y;0akt z08=kc=p29@7FrhE*co+9~eK!VnzvPjh>35%9J9c{H z_Y=|Z-Ark4cbm_P@_(j(TAFo~Cqjpz6<9cB$9{c-(Y}(%4_~t?JxW9*43_dBGd}OW z?4pVCAd6iO4bg&KV-OnC0~oNMl5)|$z-PC}efxSTh^pp^usDlCkRg;Dhy)o{`w#;C zK?VPmi$I|YYTP5Bgv$!m!7l?qbe0eQ2V9|%O~Bfch9-BlhLJl zL9DiBxP!E4gmw_gWVK?fUd)df^8nR+G2ZS67;h;PpNP+cZuT-C@=fVmHj~w$ir}y~ zoQ4vJFtRcO7*bQFhjFRk(QU9oPzvJ+Pisj_V3yYDke=<`2CJfPP7A@8GX_tpPyhrY z+S^&jo_qLr$iqZJ2}+oe6D{bs_M_f&R3SVau?w_O{0!Km{NknY>z~T!yYZaGAUs-U zLt}#;L(LhygOqv`?gX)C+#A~S!auRbzRwC(NDnv)zhz@u3I%*C}?!Uj*J zZ-I#k2vU*(58%M@_4zmj4*jO}a8jm2r3~4>K~(4ma7&d45~5SrHx6$p9;6IC^N2k@ z@wmqt!Ssg74TUD+fyBM0CJ^pVy@CJ$DnLAS`rt)IB_cpp#F|xqmOp-~u-UALB;r+_PcFAiuzgs> z=lhNvPK_t@2QF2p`NEJ4=d690hLDJW&zL+#_eCFodkbz8oTah=#R&A~_Kdq(b~2~G zn-aY6!gH*BH&lef>D6#>*|Jlk+2H{sezG~?K1y?Lv=_q&NtQry)G<(r5kh_)A%ebk zWv>0Bw4V^nsPvG1u-s@p#G6zWq~72i57CL$8_(eTo!DJ3u1G_o!%t*;{1A1pHxXhq z+@+4YA$*cwpQ1O|L`ykFUlqybO7pJ&YnUjTVhq0)Yt`28r`M3?}r+V}`1%h`=!)H)fi>AbuqSNTMU~-uIG=s~x+6cy5Bs`S0{xlqvyFg$JM^^BWg`o^s@YI^5B8K2+ zAnph8J^4%nsKPBpIFe;9j+TI=P@)T{DLMNKc4F6j)%f zFjBe^$2>MT=JueR2u~l}V4qVwfcDCe&;}F};y&Ep4Gi(JBZq2eoaOW=b@u`IE&-f5 z{C+hc0H`A$igXc*B?aMfx@vUp#h^T}f}8Y2b1iq+h1Ukm9=vCxfaAzE-lvx%6s8;e1_Fpc*r~qctGx{5HcPaui@Ria;}jNQCcH=_#4&kU?_(8U zZdZ5*OE`LT^Y``B>YsgaFH7ZTv5{78?Fx&RtKeRvEisVoE>L-o0@!Ki^+FqK0>F6xAcY$c~@InxcRqmd#-Ma;a;C4oys8^8^gZI;_U) z^7&l0KZAf4sF*-J5d;I+YDK*7Z{Tq1EwPqK7?KdkMJ4K#MYgFNdl3BPvYFQ)VwH*r ze@b}q8Q=n^0F(1ejZ!L?bHSHd5z4$w0d=L@c5xO)B2M}U?v+mZ=B#D4nCwx7xZF#IOm`9Lx!!WFv)p`s6^~3!8uL8pGgTEYB40mv^6%m*Tp@hN#V)7WU z2_chcgpfj^O7hU(y)LKrkNKqJ_dWicNfRm#)o4SJ89UMDlOQFe1QzJJF8D){4{t<2 z!1Uw&UV!}A9#?R3&&q{2bP7^L$wmN$+KTJp2)t^Oq8acK5+VyUfD5;JRT7gFN!n`1?N_=sOOh5wUh~U(m^k;l&yNe=~-J z911Z~&w2$YBP23G{XL&sMGC307Jq^Mw-3wjuPl!FO=-9PCN7M6;v5Pw8yo&Za9K*z z$~8%yy#MF)Ukx>Exnl06=l`6x_Wnd7bE3lifJ#YfzjbJS`LoF#>F0m`huB?Y>5Cvkb^ZR2HW!kYeIW#3(tn5#*iFK02(x>q|8uve zkL^JkbfG4nJem8}NGU|rrAU$!ADrBPRjo8els1eY+-sdQmX>wY-H)&3c=p+T<@%~) zCiN-MibF^Na<#=SlDNZ}-HF7aLI~!G@aBmg<_rm$mWiO|iKLc^7^ygJnWG<{Iq&fK z2RRn(xCOqO_yKe^gzjk&wu8t_$ zC=22_!Y&5w%S>b-o}*`>7K$|9Fr4Kt?8bpj`#)zj284H{4`P=DeaO$VIuGpsIfF<#-NL5;;Unxg2w4t z@UPSJkoh{MPrqD9`(E{s6H)5DJ6<^V)Gej3l%p@-8EFk^f90S##n!9vJs`>^^qy2C zo$f(0K9t>LJu>)y{iXccd5?MM+{-x+!0$wUoqV)|CQee}RG_!)mpd8VTwob;fjTYr zA}XRMmOD&>oWxrG7a;B^D3XN&egGuNn|%bHuRW?|;t<7JyEnoC5EKSr$kxeZ#9=uL z#lY=KaH5w&03!XD=z5U8>}z`SW0c zsVu^;Tp~HN31&Gop}r9gjkN$uFvMacsrV-Q0#ero1S!V(N_UXb^G`tH{Ah1TUpIJ0 z!b3y_?jT46`hGazB7l%nPIyB?$Xxa;Uvl(lXe_j?q)#Zmar z`Tol=(YbwhfvbB6^*=H}K{SK5UI5)qWXUfFz>QY0-mdrjrz#f5!D98;OD?qcWDEZ~ zey9Z{>v!NW@S9VQ2Y&p* zi0cmeP79NU+{X~uH;{H8#6~5dBO+FC09LV~fHa+AxitWYw^@r!E*Ju=NNPHcml1G+ zo7-EG13q*_BS2y}f2u-4$a`k}KU(|BxTvD8U!^*1i6=%&_>%aCs=ZHv%w=lG! zBc6rc+RFRRGVYm)klClvZZw_`K<7Gjs~%Te2$z7SQ6 zKrVWZTY$+R=v9*1Nr{`41QX;~o{$vYRsmdACVtP$kt4q`ONFghj;Td5W9*&MhbBH4Ti^wT0{+uNp7>k_Fw$@OnV{b6y8c*67k8yxIjI5`7V-iy5S z)QNK`wc~^@U?mdD>~xu6?>UNM1&WzlXP3UV=5b%-p@ROk&U8uS%G1+!iR)}V5^yIh z_g151eG&E=j|a@oLJ7k6>Ln#?cu^2R_RG!r#LGN1=(f~*1*+(zHCowxE$My5Jkkad zGRP;!+i@*tm5NMKHq0$(QqQfIY$zCc!0MuX5hj}3%DXB70!-QeKw;&HBH@|&oH`yt zESS2)vK7bTz^wAN5uPk#1e!jmo$Bn(h_x?x8%$TB*q|AeeW=(tKS8TWr6gGbrCj@^;lq>d;L; za!3q|c{7^tmJrj zcvKIyp-=JfZp8!N_eqI?_ci!ZIPgK{s%_$dhettw^SXui=`#z^dCTLe76h-jpZyQe zAhcK4QOCn8jib1*BErKHh;*x-^t%cRrq!f$^ z;trnCf^pAag}F*}$~sMpuJMd~y&B!i;QUp_^}-$QqoD-bhqv*BDNIPQH zABpgabdq%qkrMN`-446;GHgjI>73DLMp|0BI&&v4|KEAW$oKk!e73x%;@zL82aRtu z?3o3SAP8lm)y>Ch5FwP52WqLUcGC#`|JrCLWdjT9Wm0m6+MaAp0o1@#&nYXjMnB7Y zY{kgVqanfXM<*uIK@ilclJg3NrkUbrcr{oiZ$TwVrUi$th_Z*3>I0wQ60BU}|0u zSG~xZ^O|usA`jcblD7u>EVo5e+4UsP%FK(KRTVA_Shw$mM-2zLvS07$6`lV{DOyp} zlU+p%cTT7Jx}fhgH+E^p73>`Qx>~6mk3Pd3&Ur65Q!t63A(&GvbJHG?uq-HcoS<|2 zjO((i|7yD#X1{sP*%@8;E=n8s*o^KLZbPJ2{enDaP8H!~WtfjV^`|Nnd8u8M`PQ*pj5Da=XE@ zIiS&hKk5bhptp!g85H~!UqV6e@-Y46BwuvgZ70rY}$FUM;_3f>b%#He!9ifZNAzTYH?FJ5~ z4yHAT{p`l$a7ExQaN?eK9)9X+0dcEo*W7ZH^8Ja4^-}Kl`$HgO zbNr?wvTLI0q;fIOWqZ1^HkE%vac35HwO7*~W5d$Cqv73jx&3CQ&U4eJ4P{(n$?@a_ zx~Ti>6Il z7L6}5t0q=;6(jG|2;~whNrTtm)yTuyRQ;;*b}3d$FFLp7NN*^|*9}Dx4hM;p)!#?puD&eb)fmxcS9dk7D^if0M1x8-3}r zBoj##q!XVhx`GHuoc5R7F&91e&>8zST-R~drr|{NpsSJ3psRQ^Bc=^Irxz$tZVvmF zRkZ(sJDSiKA+*IzvB%j$@BSXWfTr&Za$8)~H{yBBlJVoKGMcd48O#0qf zq$p;R3H^PuR{Trwo3!Kj>a0F{r$$R#tH$8$EW49^_A<$?_0xVh2dDo!7yf>YoZAN~ zGw*`FMrU!tR|NCLlH$Cv;w3 z9{i%l<+iZpJr(l;Cl8itcg91%-+D^y{j&HmzIXc{shy=6*M=c>oC8+Nqtoiqh}{X> z(v8vJ4z)Ah9M?pwB(2+d%lE4juI-9gUi+qTTfuXUxCWf<|F&nxR>Jf z1kQOf&&|kVq!6z7#eTMx{>dZ}o!3XGRoQYiMuVYokvxMnlc~SKZS<4uMa|}_cSIYP zNU41F*c6Jk@kQQN`d&Ya%;jHEU)+^yH7!?~od@T&Z0&#~abs;(_6og9nE&i0SSDI; zvc$4@WrXYVMi45z^)*q*g8z|2fpPg1uBFX59FHA&Y{|<NVtQ z%#Pi7sIhVE!XbxYY7%6%jC5iCE*RHSCCBl?#o{RE=-b}yYlItL|6K1%D*E>;sJMOX zt6A$%Y3J?!?X6dlaDCn?^DpexoX8^q9w=);yhqQwW69-Dzx(R;R!IfWXwNQ=DnhIUo9`ep8q6FO97RRRG%L52gVpA|bU|71pNV4C)P_gF{= z*mq0jXttQYrmqF?e6wgE!Pa_g6kd7gnRXUvInR!Ksq${#{p8{z+<|U9cAD@AH#9Q# zq>rfL?Hg~{He@^f#a6VvM!YFE_43({f8Y)aS6qz;hnM%6W9*t-)xL?}&XC($CD*h3 ziXlGiyOv1!PPgoz5c#6`si<$+Uzxh}#SgBaw|ExAdo2=3EY9~2Le|SkS#W+>d$sJm zEZp2}SHcLJGxluA;IHP+-LJ|kLH<|r)edJau}cf9X}?^!(->1i;0IH_atI4g+$?t< z?fPh`0Ion!+3EX&ob}j|ps*JjR+q)HcH(g?PPPxrycVu8D zs`=D@{9S2lF)l-Ko45J&T|HtacxsPavF_Z?aSjb!#%o@2qEqrI!=e0deQ{qcch1VK zArFp#U7OK~niH=l@|enjS;^;7B1KFVuZ_4RUmb>M$YG5l?eC}|z=HJ{3nA*6sSbi> zvCf*7z06&=p_YS|Wq9+o;sw_%f2+o7p3)46nz@<}OZc|5QW;?(?+JnRqBVPxqQ6TsMLx&i^b50znIBpKBLcG?Nm5(ny|sBv1vP_f zAQr{^@RsW8>Y0Lt^8jv6^zQXGI&UTBq@yv=n#9PdB44bOWxu}Kw6C+cnk>-ud(8QG zr}NS8A%RE|kKlTu@JPbkE(ytdK{(R{2XpK*&DI$Zd$k-E!Oq9dyyWYab!<2z%#Px- z>rWz9>XJ@P#jdsZe{`b{-1yO@XVoj@_(cNS-^Xsl+!0gZ#*yQ6F}ZJKB8kn9%P8;m zpo_DX-14)Jlf=e2)d?F>aTWY#B%iuA>$ z5O>IlUe(RU=f#X(U{ebpDz>q5_h5F9=0e-cNutf+Xi8Ek4J)kum-;$C|6uV7_t{Tw zAdYLwoqPBR@x-ze^uuVklpSsHi~J#MmiURq<-tE@!hGM!1O6 zsj-2J*qCOYd=86Ke_z~Ypv{}hK1;>(X0PdlKGkxbumLENmcF2<+z07d*8>ipjaM9Rcv)|Icp)}>PEKSqt8<#K z8!9tjNg61TXMlSejDGC)e(!Qt*-u~EBu?^R3Mmkv-_sB2&HZ_9p&X#`B~`g&Ka0j+ z2oZ;;bUN!H&=F6PlVIQV>psl}jtNE~Bal8D>rIRaIe!PgJX`^x1{|z_9 zejt-7_T8UvDZvB9uu`yGtj%P{!!_7I`MU2J`*??O)4|8t>$!4Xx!9GYu0QmBURGL- zo)urJ$t*BNOjHVlqxSPYNqvo{O!Y2*!ksV9_AvqGcV>T8>6TP<$C=yFt13-Q*B2&6 za5c~8cgB#Z^ekKggvI3oKXVzi_?-0f#wk4=S2@7EkC(lib2KtoaN<>gIoiC`{Zm!) za=PBBe~zon(MY7KU_P)hhFxCjv_`IIdiuMuNnht1bY$I6ndRg(Bah=FIOXjxf|&^H zd;o4+4b^?8__>IZtEB^~@}E-osp?(}0p_BuMlyE7($`r+wY^U=pta}BeNHlvYJIwu z+3`~wYgo9 zjn{O03eC(PWfG@hl9C;-CqOE)hr$v{-n-%nsypEsTtGs0kgKFDxS3% zrFrSnVcbdm!M(Tu35)YtsNcTG1rU@lr;uf^1QgF-%i`ZPJ9TiiI@F=uSkd2L%A zgNrducg2-B+9bT(E=cX+NiSkxc#LdiLYdKK9T!;3_viQsy7?P|h%Y zcab>m^vZ0{=748R_o=Sw+u-F(xL}dH)pEVS3_8%)21F@;f>TA0=Zz3tiR|Rt=v_Bv z{9Cc`T0iEk-Oj{D@I;NV=q9X_Yz0`07$U>M>#5Qv5qj?^=aae?DJXhq1un==8wV8f zqN^yxIm>eNn%~|zkyL|icpT7N_s3o>%qgpMvPjBUCL=utI0W5P;flNR#0l=F;U)W4 zPbPPFZ|eoVh^^7eo^ zg$EIsYpJ&Uly*%jBD|8rc;2_%;-1I^M|@z2 zKMdT|6ytne_`u+kW}4(u_d}Vh=D=Qsc|$wq0Ix~b9pCO)zti3At+a7C-9cyViHDaT zPP{0fJqdWSP8FOkUCJZBukN_Rg#vWhIma9z+halRt>B`Iqfz}c<@gO5(R@O`3*3I* z!hSqpNLQt-mAd$x!trY30S2PS_2uj0T0+vv`nBIYwFoX&`tm|;5kI|gkGS6Y3AX~fdy`%r{e~fvj8nhPrck?errfJ>p`|Nv`7G`i&dlhU zy7;cewnX%WT`#A`I5fr2=rtC4$m&)NMU|9!&si{^wfmYGFGh*q zRt)&i1Rv=!KbuRae|+Iz!$&+LuR>vGLr(OwLFLlwoR-=xiJKiXiuOP8c|LB+{^lTeGh%XH_t*f88m zE>&fPs7G+IcTo|BaAbIp1;)i_qiHgB#9ELhb*HPF959nUS=|D(Zg7O|6Yi==E-r3lGvcK&y>uw?o;vMXOTnc6Qa?^KTYS8M&}yrsIk zCamIuA+w%Lq%WzUA!Ya<{_K6Mw+u@=;8+^|WfCGeR+n+4_LHLfjf5rLr7bo_h%tY} z)#4}9I4DaKB>nY=F@1YGvi`_HkDdpqtr!_Zc?%hYeS10g%Ro_Rw$p-?r|dl;pPo5o zcJZAOb5=%*-BNBO$V44KQ4pnGVO?15ts$~pNYyRcLrx2^B_h+#Y_mfT?#H~B#~jI_ zf)KK@H`CI^<1cTU_&#`*1VM@XkF@c0koOjs&7uFD?fm{%d(WRtZ^(Gcf&qf0$uu&e zDTaR@nkMK9n{fi_p`nXcQYZa^|DZNeNQ5=ISi#w*< zu0@lR8WEcqDGfhw;-JNF2zn=jtR?s!sin4fZBH{c%r^%%E917x$0sLQ8a6z~Piv2{ z_jZ*Z=QH49xl~CWPDlRwUBrpmdNEP29YfjM*V-N5;x zLB4;@+ZRh|Mr%AeRl(scfWe%Nr5ViI1k!k$5{5rLm-6>9tFW zi#Z23%7%xTgeiq{N~}}gOJf(($9EE6ze@KT9vwDPf16N^uq6_M5$3Ay(0oUGZ}Z`1#HRj8|#A*n;gj zNX;C}?}#-dMhe+i#G|9rl-{|=dmgtC(0nLDfKE|f@kfI`t0j7`wgjn9 z3H=}sV^Z|q*(&AOhc)@t0?LweCbrSV@tCGwuHyR+<8JUv>LI4aly{pPFi_+zSeiB|?&W0|2sMDA8( z`_v*VM>~n6#B+Q>J}*8*+XOyc;S?eKM%i2v|J|Y#)UJsShLY}zrO7mWdJlzupsPhA zyGWN3@1sz&CfSofEwu|oM{Dqik2_mPKR2PO_PyEK6>gWtawH;Q;^FM+-~$>Wn(OQG z0l~%l+rC?+oplkU+ex89#F0U$Y<)w+kHUl6LzeZ9hvYlr?6jP^FEl z34>=#+>F9oTd!K)ZU6gwpbW0s$pg;b`%mwzb4nBfWSiIfM6M}FZFF>$@F54`*Bs@o zh;WcFZKwvIB4SvLtCb0g#A&Wh8q_OsRJl-Yucu!gU3O7Zja^)ibYvF@3j=7Qp3^c9 zkWxI7qZf{5?qmpkfDcA$Gs4*13e9V!HtMqD{6DO(zoZY<5EJ2n=Kt0q?dm#cQLv`d zVA5VnAOeo%aC5ntPLGa$OcG%Lx^xFq2mo{1i~q z1XDB=mZm#P;26U2B6v+lM@L=X|M>4%^7FF6PRkokrEAcj#QSuD;F0fo)fL>#$sjNs zce0J~u(7cjT%Ryo3Y(!%nNjJF_>%G{I|a=ZoAr>E&RTOAIGKWeqd@-8jcnD zZ}7fRB^gQ>5#jx)E^3(7`8KC<)(LD))G?r->PMp~EdS|(hAh<-cXeck6W=;o zUtj0myvwdl;xmE5W_$jJtWvA-XGL4ngz-&o&LtRG$%+WG)15i>`Y}FC zc8jYfBUpW_m5Y=pn9j@IDxs^<5OKpbEYtsFs)hduOCb(RY&l3(4GbuGReSLzB3!Ns zrO&TJ9tSM+3=y>10QMsD?!XrJTTAuzLjuR(!n@=CZQCBFOyCe4c@&g^vmMan9BC8@ zRUASWjKW`5BW4;WGK!!eF(PSaD1|;xt47=?TYebKNsTQ90y6gxT~G!I81fk!MG|#G zhBjVipELv}q;2WLKtKz5OCR^`amsW~oXYE&>Nhke$|sXHCpQkU*{&7M%30|)`KA7 zZm#=%>L!m zgra)WWd~mNrdmPT04BjJ@na9T-10}k#}fg5H%sot z=gr6imJ0uv2g%_qB4q#-Zo>8)#1lec!pE)8d_udJ0ZDHoKg0_6XVCpB4i?od#oT6ert&?d|Ge_H)ttZm^6w2tKQ2i!s(PQ?U+pV zA7$Bs%nfZ#LwO9D3v!B!`;Cgtr$pPCLF|>Gj3MfP-{4H%Yb@{m zUs*tHynhqHJL>$F=0=Ab1H1dT0aqEKAqiNAw!go>{>oj-WArG!1q0p9`H!!OMYcgv zo`V!fud2*pVQAA$+~syt9-^gO=7I^-pk3|ntn-8g69Pe>&OV6yZtmeQv;SP3=NuE0 z0v*GDX~x%N{`Oe!{Z(1(xumc6R+8aHsW+X30}togJ=+N!`Pk(IJsv9$wZrw9l0mom zr|CHyL$*XjlJ*|G<@TRYWFnW;zp*$25CQ%=N?UF`=p!vtq~I4nDIsr&6BLEvzR5aP zz`*IT8D>05dCNj@n%6dP`2gM^5|NDFc>FP*JGd#%T0hl-I$ zf#nBKO8k3N8Oaih_LRrhI#DsvkAR;5Yyxh8?8&4Tgb!JqVPr_Mtoo3kwODKJ>_Q%G z&KMF90hw{xw>@~pMJ>rB<73cTG$HhZbld&xWi%WUJnJ~F%}r-;%Jc;j!>D3}a(^Hu zVsLU)NsNDLWL{Tb#tr#!j}Bxoe#B3hdwhU0%PQio0|6cDaDQkNwE~Q*rg&L|;eXQG zMiXvQ!hM=ZnvNymu}~p<+aOd~cwxcsWwq|KqpBbA%g9%vj$kNH!i^jWa5p#%3S)*$ zGzqakuvcZ|0upraBW)l7h?hwRY=E0`v_6s|eq|kd@YTLU&8U#VfEv)uBmCw4-#Kx_ z0}E#zvQ7u9zmo5FRV}M;@yRdN%8C0Ht;U089%vQ7Og8sE2#nKKgJL2gwH`lyyvNDP${IXT@3l=nuX@;f zFJek-@1nGmlfrU$rdoV*!^Gy*+(uwJs9g;oOs?zb=*Z1EHa4bS8waE+Q&*Qb4;-Q| zKzmrlvYbozvm9;1M(X|D!)6_nwf@jA@_f1$Y(ZpXq~+rWsJGbEVP3z^SdO`>-T6kv z8a7QRr{A7>K~a&k+qqQ+1qI*jlKZD#15$+#vLj4pJwF1`5S5JvfFw6ZvZ9T-NPw{j zvWprJ_C6mNV#_AVCjvT(nFQ9@i^~d1V0qH7-E!_Qwo7gTF%tZu%z_5ra0*##R}7f4MBtt5n-W2zO-1?)vEpYvyiOzAB$4!Pyks60m$056FT?w1FrbzPclxR0z20o%nNSQ z^4V+_MS@;E0C4>W95qQNE%7H%LiOC}D8tqReJn`u;cHdO|DtQ92va&+i~UJp>j0W2 z>n4I%+khCQDuG=T6xwPBd}7kfn*_p0!`%AV2qrY-po{qZhU73ky^|lI7K;$)^Ga zv38t5zr{XA*4Ksp$c^530B!f9~;S7l^wAf zDtAcpE9QF$Y|7l%x@UcNy&`7qWUwWTu2%nA;zCsjqf-u-_WWxqX%`?CjZ!b|ej)`I}U*Mk5 z07PnxP4BoX|2D#}Wa4?s@lYBx67YO$XZ{J$q$fvI$(obmY@z$Bu|_MOM3y_KHf;wo zm01f2F`xgq-6h$~6{k3Ge_CpOlt6oX7GFSqqS~ zREejuah5KTtk7N2_uuPB-;Shv{)9V~@dOwe8#6bI!}ys+G~(`ng=U=uKW2;ZwL#Zo z??>)D9npE?tpWVMWE0G_VLV@{-6p*7kwld}&aZluyY?e0 zQ^K-PezM_RdBiHj^bM-oW2(BsG6 zKc|A(LfWI41r-JbkwVn`^dLQ*5sTMV+!8&huO)wg*0g^8C%LK8ek<<{)HZ+JKwc17 m90=~DJO@DR_6czt3j)` - The name of the auth method to use for login. + +- `BearerToken` `(string: )` - The bearer token to present to the + auth method during login for authentication purposes. For the Kubernetes auth + method this is a [Service Account Token + (JWT)](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#service-account-tokens). + +- `Meta` `(map: nil)` - Specifies arbitrary KV metadata + linked to the token. Can be useful to track origins. + +### Sample Payload + +```json +{ + "AuthMethod": "minikube", + "BearerToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." +} +``` + +### Sample Request + +```sh +$ curl \ + --request POST \ + --data @payload.json \ + http://127.0.0.1:8500/v1/acl/login +``` + +### Sample Response + +```json +{ + "AccessorID": "926e2bd2-b344-d91b-0c83-ae89f372cd9b", + "SecretID": "b78d37c7-0ca7-5f4d-99ee-6d9975ce4586", + "Description": "token created via login", + "Roles": [ + { + "ID": "3356c67c-5535-403a-ad79-c1d5f9df8fc7", + "Name": "demo" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "example" + } + ], + "Local": true, + "AuthMethod": "minikube", + "CreateTime": "2019-04-29T10:08:08.404370762-05:00", + "Hash": "nLimyD+7l6miiHEBmN/tvCelAmE/SbIXxcnTzG3pbGY=", + "CreateIndex": 36, + "ModifyIndex": 36 +} +``` + +## Logout from Auth Method + +This endpoint was added in Consul 1.5.0 and is used to destroy a token created +via the [login endpoint](#login-to-auth-method). The token deleted is specified +with the `X-Consul-Token` header or the `token` query parameter. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `POST` | `/acl/logout` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `none` | + +-> **Note** - This endpoint requires no specific privileges as it is just +deleting a token for which you already must possess its secret. + +### Sample Request + +```sh +$ curl \ + -H "X-Consul-Token: b78d37c7-0ca7-5f4d-99ee-6d9975ce4586" \ + --request POST \ + http://127.0.0.1:8500/v1/acl/logout +``` diff --git a/website/source/api/acl/auth-methods.html.md b/website/source/api/acl/auth-methods.html.md new file mode 100644 index 0000000000..0ad79936ed --- /dev/null +++ b/website/source/api/acl/auth-methods.html.md @@ -0,0 +1,310 @@ +--- +layout: api +page_title: ACL Auth Methods - HTTP API +sidebar_current: api-acl-auth-methods +description: |- + The /acl/auth-method endpoints manage Consul's ACL Auth Methods. +--- + +-> **1.5.0+:** The auth method APIs are available in Consul versions 1.5.0 and newer. + +# ACL Auth Method HTTP API + +The `/acl/auth-method` endpoints [create](#create-an-auth-method), +[read](#read-an-auth-method), [update](#update-an-auth-method), +[list](#list-auth-methods) and [delete](#delete-an-auth-method) +ACL auth methods in Consul. + +For more information on how to setup ACLs, please see +the [ACL Guide](https://learn.hashicorp.com/consul/advanced/day-1-operations/production-acls). + +## Create an Auth Method + +This endpoint creates a new ACL auth method. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `PUT` | `/acl/auth-method` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `Name` `(string: )` - Specifies a name for the ACL auth method. The + name can contain alphanumeric characters, dashes `-`, and underscores `_`. + This field is immutable and must be unique. + +- `Type` `(string: )` - The type of auth method being configured. + The only allowed value in Consul 1.5.0 is `"kubernetes"`. This field is + immutable. + +- `Description` `(string: "")` - Free form human readable description of the + auth method. + +- `Config` `(map[string]string: )` - The raw configuration to use for + the chosen auth method. Contents will vary depending upon the type chosen. + For more information on configuring specific auth method types, see the [auth + method documentation](/docs/acl/acl-auth-methods.html). + +### Sample Payload + +```json +{ + "Name": "minikube", + "Type": "kubernetes", + "Description": "dev minikube cluster", + "Config": { + "Host": "https://192.0.2.42:8443", + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." + } +} +``` + +### Sample Request + +```sh +$ curl -X PUT \ + --data @payload.json \ + http://127.0.0.1:8500/v1/acl/auth-method +``` + +### Sample Response + +```json +{ + "Name": "minikube", + "Type": "kubernetes", + "Description": "dev minikube cluster", + "Config": { + "Host": "https://192.0.2.42:8443", + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." + }, + "CreateIndex": 15, + "ModifyIndex": 15 +} +``` + +## Read an Auth Method + +This endpoint reads an ACL auth method with the given name. If no +auth method exists with the given name, a 404 is returned instead of a +200 response. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `GET` | `/acl/auth-method/:name` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `YES` | `all` | `none` | `acl:read` | + +### Parameters + +- `name` `(string: )` - Specifies the name of the ACL auth method to + read. This is required and is specified as part of the URL path. + +### Sample Request + +```sh +$ curl -X GET http://127.0.0.1:8500/v1/acl/auth-method/minikube +``` + +### Sample Response + +```json +{ + "Name": "minikube", + "Type": "kubernetes", + "Description": "dev minikube cluster", + "Config": { + "Host": "https://192.0.2.42:8443", + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." + }, + "CreateIndex": 15, + "ModifyIndex": 224 +} +``` + +## Update an Auth Method + +This endpoint updates an existing ACL auth method. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `PUT` | `/acl/auth-method/:name` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `Name` `(string: )` - Specifies the name of the auth method to + update. This is required in the URL path but may also be specified in the + JSON body. If specified in both places then they must match exactly. + +- `Type` `(string: )` - Specifies the type of the auth method being + updated. This field is immutable so if present in the body then it must + match the existing value. If not present then the value will be filled in by + Consul. + +- `Description` `(string: "")` - Free form human readable description of the + auth method. + +- `Config` `(map[string]string: )` - The raw configuration to use for + the chosen auth method. Contents will vary depending upon the type chosen. + For more information on configuring specific auth method types, see the [auth + method documentation](/docs/acl/acl-auth-methods.html). + +### Sample Payload + +```json +{ + "Name": "minikube", + "Description": "updated name", + "Config": { + "Host": "https://192.0.2.42:8443", + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." + } +} +``` + +### Sample Request + +```sh +$ curl -X PUT \ + --data @payload.json \ + http://127.0.0.1:8500/v1/acl/auth-method/minikube +``` + +### Sample Response + +```json +{ + "Name": "minikube", + "Description": "updated name", + "Type": "kubernetes", + "Config": { + "Host": "https://192.0.2.42:8443", + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." + }, + "CreateIndex": 15, + "ModifyIndex": 224 +} +``` + +## Delete an Auth Method + +This endpoint deletes an ACL auth method. + +~> Deleting an auth method will also immediately delete all associated +[binding rules](/api/acl/binding-rules.html) as well as any +outstanding [tokens](/api/acl/tokens.html) created from this auth method. + +| Method | Path | Produces | +| -------- | ------------------------- | -------------------------- | +| `DELETE` | `/acl/auth-method/:name` | `application/json` | + +Even though the return type is application/json, the value is either true or +false indicating whether the delete succeeded. + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `name` `(string: )` - Specifies the name of the ACL auth method to + delete. This is required and is specified as part of the URL path. + +### Sample Request + +```sh +$ curl -X DELETE \ + http://127.0.0.1:8500/v1/acl/auth-method/minikube +``` + +### Sample Response + +```json +true +``` + +## List Auth Methods + +This endpoint lists all the ACL auth methods. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `GET` | `/acl/auth-methods` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `YES` | `all` | `none` | `acl:read` | + +## Sample Request + +```sh +$ curl -X GET http://127.0.0.1:8500/v1/acl/auth-methods +``` + +### Sample Response + +-> **Note** - The contents of the `Config` field are not included in the +listing and must be retrieved by the [auth method reading endpoint](#read-an-auth-method). + +```json +[ + { + "Name": "minikube-1", + "Type": "kubernetes", + "Description": "", + "CreateIndex": 14, + "ModifyIndex": 14 + }, + { + "Name": "minikube-2", + "Type": "kubernetes", + "Description": "", + "CreateIndex": 15, + "ModifyIndex": 15 + } +] +``` diff --git a/website/source/api/acl/binding-rules.html.md b/website/source/api/acl/binding-rules.html.md new file mode 100644 index 0000000000..becb7eff5c --- /dev/null +++ b/website/source/api/acl/binding-rules.html.md @@ -0,0 +1,372 @@ +--- +layout: api +page_title: ACL Binding Rules - HTTP API +sidebar_current: api-acl-binding-rules +description: |- + The /acl/binding-rule endpoints manage Consul's ACL Binding Rules. +--- + +-> **1.5.0+:** The binding rule APIs are available in Consul versions 1.5.0 and newer. + +# ACL Binding Rule HTTP API + +The `/acl/binding-rule` endpoints [create](#create-a-binding-rule), +[read](#read-a-binding-rule), [update](#update-a-binding-rule), +[list](#list-binding-rules) and [delete](#delete-a-binding-rule) ACL binding +rules in Consul. + +For more information on how to setup ACLs, please see +the [ACL Guide](https://learn.hashicorp.com/consul/advanced/day-1-operations/production-acls). + +## Create a Binding Rule + +This endpoint creates a new ACL binding rule. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `PUT` | `/acl/binding-rule` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `Description` `(string: "")` - Free form human readable description of the binding rule. + +- `AuthMethod` `(string: )` - The name of the auth method that this + rule applies to. This field is immutable. + +- `Selector` `(string: "")` - Specifies the expression used to match this rule + against valid identities returned from an auth method validation. If empty + this binding rule matches all valid identities returned from the auth method. For example: + + ```text + serviceaccount.namespace==default and serviceaccount.name!=vault + ``` + +- `BindType` `(string: )` - Specifies the way the binding rule + affects a token created at login. + + - `BindType=service` - The computed bind name value is used as an + `ACLServiceIdentity.ServiceName` field in the token that is created. + + ```json + { ...other fields... + "ServiceIdentities": [ + { "ServiceName": "" } + ] + } + ``` + + - `BindType=role` - The computed bind name value is used as a `RoleLink.Name` + field in the token that is created. This binding rule will only apply if a + role with the given name exists at login-time. If it does not then this + rule is ignored. + + ```json + { ...other fields... + "Roles": [ + { "Name": "" } + ] + } + ``` + +- `BindName` `(string: )` - The name to bind to a token at + login-time. What it binds to can be adjusted with different values of the + `BindType` field. This can either be a plain string or lightly templated + using [HIL syntax](https://github.com/hashicorp/hil) to interpolate the same + values that are usable by the `Selector` syntax. For example: + + ```text + prefixed-${serviceaccount.name} + ``` + +### Sample Payload + +```json +{ + "Description": "example rule", + "AuthMethod": "minikube", + "Selector": "serviceaccount.namespace==default", + "BindType": "service", + "BindName": "{{ serviceaccount.name }}" +} +``` + +### Sample Request + +```sh +$ curl -X PUT \ + --data @payload.json \ + http://127.0.0.1:8500/v1/acl/binding-rule +``` + +### Sample Response + +```json +{ + "ID": "000ed53c-e2d3-e7e6-31a5-c19bc3518a3d", + "Description": "example rule", + "AuthMethod": "minikube", + "Selector": "serviceaccount.namespace==default", + "BindType": "service", + "BindName": "{{ serviceaccount.name }}", + "CreateIndex": 17, + "ModifyIndex": 17 +} +``` + +## Read a Binding Rule + +This endpoint reads an ACL binding rule with the given ID. If no +binding rule exists with the given ID, a 404 is returned instead of a 200 +response. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `GET` | `/acl/binding-rule/:id` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `YES` | `all` | `none` | `acl:read` | + +### Parameters + +- `id` `(string: )` - Specifies the UUID of the ACL binding rule + to read. This is required and is specified as part of the URL path. + +### Sample Request + +```sh +$ curl -X GET http://127.0.0.1:8500/v1/acl/binding-rule/000ed53c-e2d3-e7e6-31a5-c19bc3518a3d +``` + +### Sample Response + +```json +{ + "ID": "000ed53c-e2d3-e7e6-31a5-c19bc3518a3d", + "Description": "example rule", + "AuthMethod": "minikube", + "Selector": "serviceaccount.namespace==default", + "BindType": "service", + "BindName": "{{ serviceaccount.name }}", + "CreateIndex": 17, + "ModifyIndex": 17 +} +``` + +## Update a Binding Rule + +This endpoint updates an existing ACL binding rule. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `PUT` | `/acl/binding-rule/:id` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `ID` `(string: )` - Specifies the ID of the binding rule to update. + This is required in the URL path but may also be specified in the JSON body. + If specified in both places then they must match exactly. + +- `Description` `(string: "")` - Free form human readable description of the binding rule. + +- `AuthMethod` `(string: )` - Specifies the name of the auth + method that this rule applies to. This field is immutable so if present in + the body then it must match the existing value. If not present then the value + will be filled in by Consul. + +- `Selector` `(string: "")` - Specifies the expression used to match this rule + against valid identities returned from an auth method validation. If empty + this binding rule matches all valid identities returned from the auth method. For example: + + ```text + serviceaccount.namespace==default and serviceaccount.name!=vault + ``` + +- `BindType` `(string: )` - Specifies the way the binding rule + affects a token created at login. + + - `BindType=service` - The computed bind name value is used as an + `ACLServiceIdentity.ServiceName` field in the token that is created. + + ```json + { ...other fields... + "ServiceIdentities": [ + { "ServiceName": "" } + ] + } + ``` + + - `BindType=role` - The computed bind name value is used as a `RoleLink.Name` + field in the token that is created. This binding rule will only apply if a + role with the given name exists at login-time. If it does not then this + rule is ignored. + + ```json + { ...other fields... + "Roles": [ + { "Name": "" } + ] + } + ``` + +- `BindName` `(string: )` - The name to bind to a token at + login-time. What it binds to can be adjusted with different values of the + `BindType` field. This can either be a plain string or lightly templated + using [HIL syntax](https://github.com/hashicorp/hil) to interpolate the same + values that are usable by the `Selector` syntax. For example: + + ```text + prefixed-${serviceaccount.name} + ``` + +### Sample Payload + +```json +{ + "Description": "updated rule", + "Selector": "serviceaccount.namespace=dev", + "BindType": "role", + "BindName": "{{ serviceaccount.name }}" +} +``` + +### Sample Request + +```sh +$ curl -X PUT \ + --data @payload.json \ + http://127.0.0.1:8500/v1/acl/binding-rule/000ed53c-e2d3-e7e6-31a5-c19bc3518a3d +``` + +### Sample Response + +```json +{ + "ID": "000ed53c-e2d3-e7e6-31a5-c19bc3518a3d", + "Description": "updated rule", + "AuthMethod": "minikube", + "Selector": "serviceaccount.namespace=dev", + "BindType": "role", + "BindName": "{{ serviceaccount.name }}", + "CreateIndex": 17, + "ModifyIndex": 18 +} +``` + +## Delete a Binding Rule + +This endpoint deletes an ACL binding rule. + +| Method | Path | Produces | +| -------- | ------------------------- | -------------------------- | +| `DELETE` | `/acl/binding-rule/:id` | `application/json` | + +Even though the return type is application/json, the value is either true or +false indicating whether the delete succeeded. + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `id` `(string: )` - Specifies the UUID of the ACL binding rule to + delete. This is required and is specified as part of the URL path. + +### Sample Request + +```sh +$ curl -X DELETE \ + http://127.0.0.1:8500/v1/acl/binding-rule/000ed53c-e2d3-e7e6-31a5-c19bc3518a3d +``` + +### Sample Response +```json +true +``` + +## List Binding Rules + +This endpoint lists all the ACL binding rules. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `GET` | `/acl/binding-rules` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `YES` | `all` | `none` | `acl:read` | + +## Parameters + +- `authmethod` `(string: "")` - Filters the binding rule list to those binding + rules that are linked with the specific named auth method. + +## Sample Request + +```sh +$ curl -X GET http://127.0.0.1:8500/v1/acl/binding-rules +``` + +### Sample Response + +```json +[ + { + "ID": "000ed53c-e2d3-e7e6-31a5-c19bc3518a3d", + "Description": "example 1", + "AuthMethod": "minikube-1", + "BindType": "service", + "BindName": "k8s-{{ serviceaccount.name }}", + "CreateIndex": 17, + "ModifyIndex": 17 + }, + { + "ID": "b4f0a0a3-69f2-7a4f-6bef-326034ace9fa", + "Description": "example 2", + "AuthMethod": "minikube-2", + "Selector": "serviceaccount.namespace==default", + "BindName": "k8s-{{ serviceaccount.name }}", + "CreateIndex": 18, + "ModifyIndex": 18 + } +] +``` diff --git a/website/source/api/acl/legacy.html.md b/website/source/api/acl/legacy.html.md index 420df18048..8c3cd3643c 100644 --- a/website/source/api/acl/legacy.html.md +++ b/website/source/api/acl/legacy.html.md @@ -12,7 +12,9 @@ the new ACL [Token](/api/acl/tokens.html) and [Policy](/api/acl/policies.html) A # ACL HTTP API -The `/acl` endpoints create, update, destroy, and query ACL tokens in Consul. For more information about ACLs, please see the [ACL Guide](/docs/guides/acl-legacy.html). +The `/acl` endpoints create, update, destroy, and query ACL tokens in Consul. + +For more information about ACLs, please see the [ACL Guide](/docs/guides/acl-legacy.html). ## Create ACL Token @@ -289,4 +291,4 @@ $ curl \ "Rules": "..." } ] -``` \ No newline at end of file +``` diff --git a/website/source/api/acl/policies.html.md b/website/source/api/acl/policies.html.md index f343094085..27e608f11b 100644 --- a/website/source/api/acl/policies.html.md +++ b/website/source/api/acl/policies.html.md @@ -11,8 +11,11 @@ description: |- # ACL Policy HTTP API The `/acl/policy` endpoints [create](#create-a-policy), [read](#read-a-policy), -[update](#update-a-policy), [list](#list-policies) and [delete](#delete-a-policy) ACL policies in Consul. -For more information about ACLs, please see the [ACL Guide](/docs/guides/acl.html). +[update](#update-a-policy), [list](#list-policies) and +[delete](#delete-a-policy) ACL policies in Consul. + +For more information on how to setup ACLs, please see +the [ACL Guide](https://learn.hashicorp.com/consul/advanced/day-1-operations/production-acls). ## Create a Policy @@ -35,8 +38,8 @@ The table below shows this endpoint's support for ### Parameters - `Name` `(string: )` - Specifies a name for the ACL policy. The name - can only contain alphanumeric characters as well as `-` and `_` and must be - unique. + can contain alphanumeric characters, dashes `-`, and underscores `_`. + This name must be unique. - `Description` `(string: "")` - Free form human readable description of the policy. @@ -60,9 +63,8 @@ The table below shows this endpoint's support for ### Sample Request -```text -$ curl \ - --request PUT \ +```sh +$ curl -X PUT \ --data @payload.json \ http://127.0.0.1:8500/v1/acl/policy ``` @@ -110,7 +112,7 @@ The table below shows this endpoint's support for ### Sample Request -```text +```sh $ curl -X GET http://127.0.0.1:8500/v1/acl/policy/e359bd81-baca-903e-7e64-1ccd9fdc78f5 ``` @@ -181,9 +183,8 @@ The table below shows this endpoint's support for ### Sample Request -```text -$ curl \ - --request PUT \ +```sh +$ curl -X PUT \ --data @payload.json \ http://127.0.0.1:8500/v1/acl/policy/c01a1f82-44be-41b0-a686-685fb6e0f485 ``` @@ -230,8 +231,8 @@ The table below shows this endpoint's support for ### Sample Request -```text -$ curl -X DELETE +```sh +$ curl -X DELETE \ http://127.0.0.1:8500/v1/acl/policy/8f246b77-f3e1-ff88-5b48-8ec93abf3e05 ``` @@ -260,7 +261,7 @@ The table below shows this endpoint's support for ## Sample Request -```text +```sh $ curl -X GET http://127.0.0.1:8500/v1/acl/policies ``` diff --git a/website/source/api/acl/roles.html.md b/website/source/api/acl/roles.html.md new file mode 100644 index 0000000000..369fd2e979 --- /dev/null +++ b/website/source/api/acl/roles.html.md @@ -0,0 +1,456 @@ +--- +layout: api +page_title: ACL Roles - HTTP API +sidebar_current: api-acl-roles +description: |- + The /acl/role endpoints manage Consul's ACL Roles. +--- + +-> **1.5.0+:** The role APIs are available in Consul versions 1.5.0 and newer. + +# ACL Role HTTP API + +The `/acl/role` endpoints [create](#create-a-role), [read](#read-a-role), +[update](#update-a-role), [list](#list-roles) and [delete](#delete-a-role) ACL roles in Consul. + +For more information on how to setup ACLs, please see +the [ACL Guide](https://learn.hashicorp.com/consul/advanced/day-1-operations/production-acls). + +## Create a Role + +This endpoint creates a new ACL role. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `PUT` | `/acl/role` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `Name` `(string: )` - Specifies a name for the ACL role. The name + can contain alphanumeric characters, dashes `-`, and underscores `_`. + This name must be unique. + +- `Description` `(string: "")` - Free form human readable description of the role. + +- `Policies` `(array)` - The list of policies that should be + applied to the role. A PolicyLink is an object with an "ID" and/or "Name" + field to specify a policy. With the PolicyLink, roles can be linked to + policies either by the policy name or by the policy ID. When policies are + linked by name they will be internally resolved to the policy ID. With + linking roles internally by IDs, Consul enables policy renaming without + breaking tokens. + +- `ServiceIdentities` `(array)` - The list of [service + identities](/docs/acl/acl-system.html#acl-service-identities) that should be + applied to the role. Added in Consul 1.5.0. + + - `ServiceName` `(string: )` - The name of the service. The name + must be no longer than 256 characters, must start and end with a lowercase + alphanumeric character, and can only contain lowercase alphanumeric + characters as well as `-` and `_`. + + - `Datacenters` `(array)` - Specifies the datacenters the effective + policy is valid within. When no datacenters are provided the effective + policy is valid in all datacenters including those which do not yet exist + but may in the future. + +### Sample Payload + +```json +{ + "Name": "example-role", + "Description": "Showcases all input parameters", + "Policies": [ + { + "ID": "783beef3-783f-f41f-7422-7087dc272765" + }, + { + "Name": "node-read" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "web" + }, + { + "ServiceName": "db", + "Datacenters": [ + "dc1" + ] + } + ] +} +``` + +### Sample Request + +```sh +$ curl -X PUT \ + --data @payload.json \ + http://127.0.0.1:8500/v1/acl/role +``` + +### Sample Response + +```json +{ + "ID": "aa770e5b-8b0b-7fcf-e5a1-8535fcc388b4", + "Name": "example-role", + "Description": "Showcases all input parameters", + "Policies": [ + { + "ID": "783beef3-783f-f41f-7422-7087dc272765", + "Name": "node-read" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "web" + }, + { + "ServiceName": "db", + "Datacenters": [ + "dc1" + ] + } + ], + "Hash": "mBWMIeX9zyUTdDMq8vWB0iYod+mKBArJoAhj6oPz3BI=", + "CreateIndex": 57, + "ModifyIndex": 57 +} +``` + +## Read a Role + +This endpoint reads an ACL role with the given ID. If no role exists with the +given ID, a 404 is returned instead of a 200 response. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `GET` | `/acl/role/:id` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `YES` | `all` | `none` | `acl:read` | + +### Parameters + +- `id` `(string: )` - Specifies the UUID of the ACL role to + read. This is required and is specified as part of the URL path. + +### Sample Request + +```sh +$ curl -X GET http://127.0.0.1:8500/v1/acl/role/aa770e5b-8b0b-7fcf-e5a1-8535fcc388b4 +``` + +### Sample Response + +```json +{ + "ID": "aa770e5b-8b0b-7fcf-e5a1-8535fcc388b4", + "Name": "example-role", + "Description": "Showcases all input parameters", + "Policies": [ + { + "ID": "783beef3-783f-f41f-7422-7087dc272765", + "Name": "node-read" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "web" + }, + { + "ServiceName": "db", + "Datacenters": [ + "dc1" + ] + } + ], + "Hash": "mBWMIeX9zyUTdDMq8vWB0iYod+mKBArJoAhj6oPz3BI=", + "CreateIndex": 57, + "ModifyIndex": 57 +} +``` + +## Read a Role by Name + +This endpoint reads an ACL role with the given name. If no role exists with the +given name, a 404 is returned instead of a 200 response. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `GET` | `/acl/role/name/:name` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `YES` | `all` | `none` | `acl:read` | + +### Parameters + +- `name` `(string: )` - Specifies the Name of the ACL role to + read. This is required and is specified as part of the URL path. + +### Sample Request + +```sh +$ curl -X GET http://127.0.0.1:8500/v1/acl/role/name/example-role +``` + +### Sample Response + +```json +{ + "ID": "aa770e5b-8b0b-7fcf-e5a1-8535fcc388b4", + "Name": "example-role", + "Description": "Showcases all input parameters", + "Policies": [ + { + "ID": "783beef3-783f-f41f-7422-7087dc272765", + "Name": "node-read" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "web" + }, + { + "ServiceName": "db", + "Datacenters": [ + "dc1" + ] + } + ], + "Hash": "mBWMIeX9zyUTdDMq8vWB0iYod+mKBArJoAhj6oPz3BI=", + "CreateIndex": 57, + "ModifyIndex": 57 +} +``` + +## Update a Role + +This endpoint updates an existing ACL role. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `PUT` | `/acl/role/:id` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `ID` `(string: )` - Specifies the ID of the role to update. This is + required in the URL path but may also be specified in the JSON body. If specified + in both places then they must match exactly. + +- `Name` `(string: )` - Specifies a name for the ACL role. The name + can only contain alphanumeric characters as well as `-` and `_` and must be + unique. + +- `Description` `(string: "")` - Free form human readable description of the role. + +- `Policies` `(array)` - The list of policies that should be + applied to the role. A PolicyLink is an object with an "ID" and/or "Name" + field to specify a policy. With the PolicyLink, roles can be linked to + policies either by the policy name or by the policy ID. When policies are + linked by name they will be internally resolved to the policy ID. With + linking roles internally by IDs, Consul enables policy renaming without + breaking tokens. + +- `ServiceIdentities` `(array)` - The list of [service + identities](/docs/acl/acl-system.html#acl-service-identities) that should be + applied to the role. Added in Consul 1.5.0. + +### Sample Payload + +```json +{ + "ID": "8bec74a4-5ced-45ed-9c9d-bca6153490bb", + "Name": "example-two", + "Policies": [ + { + "Name": "node-read" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "db" + } + ] +} +``` + +### Sample Request + +```sh +$ curl -X PUT \ + --data @payload.json \ + http://127.0.0.1:8500/v1/acl/role/8bec74a4-5ced-45ed-9c9d-bca6153490bb +``` + +### Sample Response + +```json +{ + "ID": "8bec74a4-5ced-45ed-9c9d-bca6153490bb", + "Name": "example-two", + "Policies": [ + { + "ID": "783beef3-783f-f41f-7422-7087dc272765", + "Name": "node-read" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "db" + } + ], + "Hash": "OtZUUKhInTLEqTPfNSSOYbRiSBKm3c4vI2p6MxZnGWc=", + "CreateIndex": 14, + "ModifyIndex": 28 +} +``` + +## Delete a Role + +This endpoint deletes an ACL role. + +| Method | Path | Produces | +| -------- | ------------------------- | -------------------------- | +| `DELETE` | `/acl/role/:id` | `application/json` | + +Even though the return type is application/json, the value is either true or +false indicating whether the delete succeeded. + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `NO` | `none` | `none` | `acl:write` | + +### Parameters + +- `id` `(string: )` - Specifies the UUID of the ACL role to + delete. This is required and is specified as part of the URL path. + +### Sample Request + +```sh +$ curl -X DELETE \ + http://127.0.0.1:8500/v1/acl/role/8f246b77-f3e1-ff88-5b48-8ec93abf3e05 +``` + +### Sample Response +```json +true +``` + +## List Roles + +This endpoint lists all the ACL roles. + +| Method | Path | Produces | +| ------ | ---------------------------- | -------------------------- | +| `GET` | `/acl/roles` | `application/json` | + +The table below shows this endpoint's support for +[blocking queries](/api/features/blocking.html), +[consistency modes](/api/features/consistency.html), +[agent caching](/api/features/caching.html), and +[required ACLs](/api/index.html#authentication). + +| Blocking Queries | Consistency Modes | Agent Caching | ACL Required | +| ---------------- | ----------------- | ------------- | ------------ | +| `YES` | `all` | `none` | `acl:read` | + +## Parameters + +- `policy` `(string: "")` - Filters the role list to those roles that are + linked with the specific policy ID. + +## Sample Request + +```sh +$ curl -X GET http://127.0.0.1:8500/v1/acl/roles +``` + +### Sample Response + +```json +[ + { + "ID": "5e52a099-4c90-c067-5478-980f06be9af5", + "Name": "node-read", + "Description": "", + "Policies": [ + { + "ID": "783beef3-783f-f41f-7422-7087dc272765", + "Name": "node-read" + } + ], + "Hash": "K6AbfofgiZ1BEaKORBloZf7WPdg45J/PipHxQiBlK1U=", + "CreateIndex": 50, + "ModifyIndex": 50 + }, + { + "ID": "aa770e5b-8b0b-7fcf-e5a1-8535fcc388b4", + "Name": "example-role", + "Description": "Showcases all input parameters", + "Policies": [ + { + "ID": "783beef3-783f-f41f-7422-7087dc272765", + "Name": "node-read" + } + ], + "ServiceIdentities": [ + { + "ServiceName": "web" + }, + { + "ServiceName": "db", + "Datacenters": [ + "dc1" + ] + } + ], + "Hash": "mBWMIeX9zyUTdDMq8vWB0iYod+mKBArJoAhj6oPz3BI=", + "CreateIndex": 57, + "ModifyIndex": 57 + } +] +``` diff --git a/website/source/api/acl/tokens.html.md b/website/source/api/acl/tokens.html.md index 5b402c65ea..e711fff8a5 100644 --- a/website/source/api/acl/tokens.html.md +++ b/website/source/api/acl/tokens.html.md @@ -1,9 +1,9 @@ --- layout: api -page_title: ACL Policies - HTTP API +page_title: ACL Tokens - HTTP API sidebar_current: api-acl-tokens description: |- - The /acl/token endpoints manage Consul's ACL Policies. + The /acl/token endpoints manage Consul's ACL Tokens. --- -> **1.4.0+:** The APIs are available in Consul versions 1.4.0 and later. The documentation for the legacy ACL API is [here](/api/acl/legacy.html) @@ -13,7 +13,8 @@ description: |- The `/acl/token` endpoints [create](#create-a-token), [read](#read-a-token), [update](#update-a-token), [list](#list-tokens), [clone](#clone-a-token) and [delete](#delete-a-token) ACL policies in Consul. -For more information about ACLs, please see the [ACL Guide](/docs/guides/acl.html). +For more information on how to setup ACLs, please see +the [ACL Guide](https://learn.hashicorp.com/consul/advanced/day-1-operations/production-acls). ## Create a Token @@ -45,15 +46,49 @@ The table below shows this endpoint's support for - `Description` `(string: "")` - Free form human readable description of the token. -- `Policies` `(array)` - The list of policies that should - be applied to the token. A PolicyLink is an object with an "ID" and/or "Name" field - to specify a policy. With the PolicyLink, tokens can be linked to policies either by the - policy name or by the policy ID. When policies are linked by name they will be - internally resolved to the policy ID. With linking tokens internally by IDs, - Consul enables policy renaming without breaking tokens. - -- `Local` `(bool: false)` - If true, indicates that the token should not be replicated - globally and instead be local to the current datacenter. +- `Policies` `(array)` - The list of policies that should be + applied to the token. A PolicyLink is an object with an "ID" and/or "Name" + field to specify a policy. With the PolicyLink, tokens can be linked to + policies either by the policy name or by the policy ID. When policies are + linked by name they will be internally resolved to the policy ID. With + linking tokens internally by IDs, Consul enables policy renaming without + breaking tokens. + +- `Roles` `(array)` - The list of roles that should be applied to the + token. A RoleLink is an object with an "ID" and/or "Name" field to specify a + role. With the RoleLink, tokens can be linked to roles either by the role + name or by the role ID. When roles are linked by name they will be internally + resolved to the role ID. With linking tokens internally by IDs, Consul + enables role renaming without breaking tokens. Added in Consul 1.5.0. + +- `ServiceIdentities` `(array)` - The list of [service + identities](/docs/acl/acl-system.html#acl-service-identities) that should be + applied to the token. Added in Consul 1.5.0. + + - `ServiceName` `(string: )` - The name of the service. The name + must be no longer than 256 characters, must start and end with a lowercase + alphanumeric character, and can only contain lowercase alphanumeric + characters as well as `-` and `_`. + + - `Datacenters` `(array)` - Specifies the datacenters the effective + policy is valid within. When no datacenters are provided the effective + policy is valid in all datacenters including those which do not yet exist + but may in the future. + +- `Local` `(bool: false)` - If true, indicates that the token should not be + replicated globally and instead be local to the current datacenter. + +- `ExpirationTime` `(time: "")`- If set this represents the point after which a + token should be considered revoked and is eligible for destruction. The + default unset value represents NO expiration. This value must be between 1 + minute and 24 hours in the future. Added in Consul 1.5.0. + +- `ExpirationTTL` `(duration: 0s)` - This is a convenience field and if set + will initialize the `ExpirationTime` field to a value of `CreateTime + + ExpirationTTL`. This field is not persisted beyond its initial use. Can be + specified in the form of `"60s"` or `"5m"` (i.e., 60 seconds or 5 minutes, + respectively). This value must be no smaller than 1 minute and no longer than + 24 hours. Added in Consul 1.5.0. ### Sample Payload @@ -74,9 +109,8 @@ The table below shows this endpoint's support for ### Sample Request -```text -$ curl \ - --request PUT \ +```sh +$ curl -X PUT \ --data @payload.json \ http://127.0.0.1:8500/v1/acl/token ``` @@ -132,7 +166,7 @@ The table below shows this endpoint's support for ### Sample Request -```text +```sh $ curl -X GET http://127.0.0.1:8500/v1/acl/token/6a1253d2-1785-24fd-91c2-f8e78c745511 ``` @@ -191,7 +225,7 @@ retrieving the data for a token that you must already possess its secret. ### Sample Request -```text +```sh $ curl -H "X-Consul-Token: 6a1253d2-1785-24fd-91c2-f8e78c745511" \ http://127.0.0.1:8500/v1/acl/token/self ``` @@ -254,15 +288,47 @@ The table below shows this endpoint's support for - `Description` `(string: "")` - Free form human readable description of this token. - `Policies` `(array)` - This is the list of policies that should - be applied to this token. A PolicyLink is an object with an "ID" and/or "Name" field - to specify a policy. With this tokens can be linked to policies either by the - policy name or by the policy ID. When policies are linked by name they will - internally be resolved to the policy ID. With linking tokens internally by IDs, - Consul enables policy renaming without breaking tokens. + be applied to this token. A PolicyLink is an object with an "ID" and/or + "Name" field to specify a policy. With the PolicyLink tokens can be linked to policies + either by the policy name or by the policy ID. When policies are linked by + name they will internally be resolved to the policy ID. With linking tokens + internally by IDs, Consul enables policy renaming without breaking tokens. + +- `Roles` `(array)` - The list of roles that should be applied to the + token. A RoleLink is an object with an "ID" and/or "Name" field to specify a + role. With the RoleLink, tokens can be linked to roles either by the role + name or by the role ID. When roles are linked by name they will be internally + resolved to the role ID. With linking tokens internally by IDs, Consul + enables role renaming without breaking tokens. + +- `ServiceIdentities` `(array)` - The list of [service + identities](/docs/acl/acl-system.html#acl-service-identities) that should be + applied to the token. Added in Consul 1.5.0. + + - `ServiceName` `(string: )` - The name of the service. The name + must be no longer than 256 characters, must start and end with a lowercase + alphanumeric character, and can only contain lowercase alphanumeric + characters as well as `-` and `_`. + + - `Datacenters` `(array)` - Specifies the datacenters the effective + policy is valid within. When no datacenters are provided the effective + policy is valid in all datacenters including those which do not yet exist + but may in the future. + +- `Local` `(bool: false)` - If true, indicates that this token should not be + replicated globally and instead be local to the current datacenter. This + value must match the existing value or the request will return an error. + +- `AuthMethod` `(string: "")` - Specifies the name of the auth method that + created this token. This field is immutable so if present in the body then it + must match the existing value. If not present then the value will be filled + in by Consul. + +- `ExpirationTime` `(time: "")` - Specifies the expiration time for the token + being updated. This field is immutable so if present in the body then it must + match the existing value. If not present then the value will be filled in by + Consul. -- `Local` `(bool: false)` - If true, indicates that this token should not be replicated - globally and instead be local to the current datacenter. This value must match the - existing value or the request will return an error. ### Sample Payload @@ -286,9 +352,8 @@ The table below shows this endpoint's support for ### Sample Request -```text -$ curl \ - --request PUT \ +```sh +$ curl -X PUT \ --data @payload.json \ http://127.0.0.1:8500/v1/acl/token/6a1253d2-1785-24fd-91c2-f8e78c745511 ``` @@ -357,9 +422,8 @@ The table below shows this endpoint's support for ### Sample Request -```text -$ curl \ - --request PUT \ +```sh +$ curl -X PUT \ --data @payload.json \ http://127.0.0.1:8500/v1/acl/token/6a1253d2-1785-24fd-91c2-f8e78c745511/clone ``` @@ -421,8 +485,8 @@ The table below shows this endpoint's support for ### Sample Request -```text -$ curl -XDELETE +```sh +$ curl -X DELETE \ http://127.0.0.1:8500/v1/acl/token/8f246b77-f3e1-ff88-5b48-8ec93abf3e05 ``` @@ -451,12 +515,18 @@ The table below shows this endpoint's support for ## Parameters -- `policy` `(string: "")` - Filters the token list to those tokens that -are linked with the specific policy ID. +- `policy` `(string: "")` - Filters the token list to those tokens that are + linked with the specific policy ID. + +- `role` `(string: "")` - Filters the token list to those tokens that are + linked with the specific role ID. + +- `authmethod` `(string: "")` - Filters the token list to those tokens that are + linked with the specific named auth method. ## Sample Request -```text +```sh $ curl -X GET http://127.0.0.1:8500/v1/acl/tokens ``` diff --git a/website/source/assets/images/auth-methods.svg b/website/source/assets/images/auth-methods.svg new file mode 100644 index 0000000000..08f09c58f7 --- /dev/null +++ b/website/source/assets/images/auth-methods.svg @@ -0,0 +1,43 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/website/source/docs/acl/acl-auth-methods.html.md b/website/source/docs/acl/acl-auth-methods.html.md new file mode 100644 index 0000000000..53bd688ec2 --- /dev/null +++ b/website/source/docs/acl/acl-auth-methods.html.md @@ -0,0 +1,127 @@ +--- +layout: "docs" +page_title: "ACL Auth Methods" +sidebar_current: "docs-acl-auth-methods" +description: |- + An auth method is a component in Consul that performs authentication against a trusted external party to authorize the creation of an ACL tokens usable within the local datacenter. +--- + +-> **1.5.0+:** This guide only applies in Consul versions 1.5.0 and newer. + +# ACL Auth Methods + +An auth method is a component in Consul that performs authentication against a +trusted external party to authorize the creation of an ACL tokens usable within +the local datacenter. + +The only supported type of auth method in Consul 1.5.0 is +[`kubernetes`](/docs/acl/auth-methods/kubernetes.html). + +## Overview + +Without an auth method a trusted operator is critically involved in the +creation and secure introduction of each ACL token to every application that +needs one, while ensuring that the policies assigned to these tokens follow the +principle of least-privilege. + +When running in environments such as a public cloud or when supervised by a +cluster scheduler, applications may already have access to uniquely identifying +credentials that were delivered securely by the platform. Consul auth method +integrations allow for these credentials to be used to create ACL tokens with +properly-scoped policies without additional operator intervention. + +In Consul 1.5.0 the focus is around simplifying the creation of tokens with the +privileges necessary to participate in a [Connect](/docs/connect/index.html) +service mesh with minimal operator intervention. + +## Operator Configuration + +An operator needs to configure each auth method that is to be trusted by +using the API or command line before they can be used by applications. + +* **Authentication** - One or more **auth methods** should be configured with + details about how to authenticate application credentials. Successful + validation of application credentials will return a set of trusted identity + attributes (such as a username). These can be managed with the `consul acl + auth-method` subcommands or the corresponding [API + endpoints](/api/acl/auth-methods.html). The specific details of + configuration are type dependent and described in their own documentation + pages. + +* **Authorization** - One or more **binding rules** must be configured to define + how to translate trusted identity attributes from each auth method into + privileges assigned to the ACL token that is created. These can be managed + with the `consul acl binding-rule` subcommands or the corresponding [API + endpoints](/api/acl/binding-rules.html). + +## Binding Rules + +Binding rules allow an operator to express a systematic way of automatically +linking [roles](/docs/acl/acl-system.html#acl-roles) and [service +identities](/docs/acl/acl-system.html#acl-service-identities) to newly created +tokens without operator intervention. + +Successful authentication with an auth method returns a set of trusted +identity attributes corresponding to the authenticated identity. Those +attributes are matched against all configured binding rules for that auth +method to determine what privileges to grant the the Consul ACL token it will +ultimately create. + +Each binding rule is composed of two portions: + +- **Selector** - A logical query that must match the trusted identity + attributes for the binding rule to be applicable to a given login attempt. + The syntax uses github.com/hashicorp/go-bexpr which is shared with the [API + filtering feature](/api/features/filtering.html). For example: + `"serviceaccount.namespace==default and serviceaccount.name!=vault"` + +- **Bind Type and Name** - A binding rule can bind a token to a + [role](/docs/acl/acl-system.html#acl-roles) or to a [service + identity](/docs/acl/acl-system.html#acl-service-identities) by name. The name + can be specified with a plain string or the bind name can be lightly + templated using [HIL syntax](https://github.com/hashicorp/hil) to interpolate + the same values that are usable by the `Selector` syntax. For example: + `"dev-${serviceaccount.name}"` + +When multiple binding rules match, then all roles and service identities are +jointly linked to the token created by the login process. + +## Overall Login Process + +Applications are responsible for exchanging their auth method specific secret +bearer token for a Consul ACL token by using the login process: + +![diagram of auth method login](/assets/images/auth-methods.svg) + +1. Applications use the `consul login` subcommand or the [login API + endpoint](/api/acl/acl.html#login-to-auth-method) to authenticate to a + specific auth method using their local Consul client. Applications provide + both the name of the auth method and a secret bearer token during login. + +2. The Consul client forwards login requests to the leading Consul server. + +3. The Consul leader then uses auth method specific mechanisms to validate the + provided bearer token credentials. + +4. Successful validation returns trusted identity attributes to the Consul + leader. + +5. The Consul leader consults the configured set of binding rules associated + with the specified auth method and selects only those rules that match the + trusted identity attributes. + +6. The Consul leader uses the matching binding rules to generate a list of + roles and service identities and assigns them to a token created exclusively + in the _local_ datacenter. If none are generated the login attempt fails. + +7. The relevant `SecretID` and remaining details about the token are returned to + the originating Consul client. + +8. The Consul client returns the token details back to the application. + +9. (later) Applications SHOULD use the `consul logout` subcommand or the + [logout API endpoint](/api/acl/acl.html#logout-from-auth-method) to destroy + their token when it is no longer required. + +For more details about specific auth methods and how to configure them, click +on the name of the auth method type in the sidebar. diff --git a/website/source/docs/acl/acl-legacy.html.md b/website/source/docs/acl/acl-legacy.html.md index 2b967b33b9..22ba65103e 100644 --- a/website/source/docs/acl/acl-legacy.html.md +++ b/website/source/docs/acl/acl-legacy.html.md @@ -41,7 +41,7 @@ The most significant change is that rules with selectors _no longer prefix match by default_. In the legacy system the following rules would grant access to nodes, services and keys _prefixed_ with foo. -``` +```hcl node "foo" { policy = "write" } service "foo" { policy = "write" } key "foo" { policy = "write" } @@ -58,7 +58,7 @@ Prefix matching can be expressed in the new ACL system explicitly, making the following rules in the new system exactly the same as the rules above in the old. -``` +```hcl node_prefix "foo" { policy = "write" } service_prefix "foo" { policy = "write" } key_prefix "foo" { policy = "write" } @@ -218,7 +218,7 @@ In Consul 0.9.1 and later, the agent ACL tokens can be introduced or updated via Since the [`acl_agent_master_token`](/docs/agent/options.html#acl_agent_master_token_legacy) is designed to be used when the Consul servers are not available, its policy is managed locally on the agent and does not need to have a token defined on the Consul servers via the ACL API. Once set, it implicitly has the following policy associated with it (the `node` policy was added in Consul 0.9.0): -```text +```hcl agent "" { policy = "write" } @@ -240,7 +240,7 @@ The [`acl_agent_token`](/docs/agent/options.html#acl_agent_token) is a special t Here's an example policy sufficient to accomplish the above for a node called `mynode`: -```text +```hcl node "mynode" { policy = "write" } @@ -617,7 +617,7 @@ machine-generate. Rules can make use of one or more policies. Specification in the HCL format looks like: -```text +```hcl # These control access to the key/value store. key "" { policy = "read" @@ -702,7 +702,7 @@ and [`service`](#service-rules) policies instead. Agent rules look like this: -```text +```hcl agent "" { policy = "read" } @@ -731,7 +731,7 @@ firing events and listing events. Event rules look like this: -```text +```hcl event "" { policy = "read" } @@ -754,7 +754,7 @@ give agents a token with access to this event prefix, in addition to configuring The `key` policy controls access to key/value store operations in the [KV API](/api/kv.html). Key rules look like this: -```text +```hcl key "" { policy = "read" } @@ -777,7 +777,7 @@ Consul 1.0 introduces a new `list` policy for keys that is only enforced when op `list` controls access to recursively list entries and keys, and enables more fine grained policies. With "acl_enable_key_list_policy", recursive reads via [the KV API](/api/kv.html#recurse) with an invalid token result in a 403. Example: -```text +```hcl key "" { policy = "deny" } @@ -801,7 +801,7 @@ Consul Enterprise supports additional optional fields for key write policies for [Sentinel](https://docs.hashicorp.com/sentinel/app/consul/) integration. An example key rule with a Sentinel code policy looks like this: -```text +```hcl key "foo" { policy = "write" sentinel { @@ -838,7 +838,7 @@ operations like fetching the list of cluster members. Node rules look like this: -```text +```hcl node "" { policy = "read" } @@ -911,7 +911,7 @@ policies, as will be explained below. Query rules look like this: -```text +```hcl query "" { policy = "read" } @@ -1030,7 +1030,7 @@ and service discovery with the [Health API](/api/health.html). Service rules look like this: -```text +```hcl service "" { policy = "read" } @@ -1086,7 +1086,7 @@ The `session` policy controls access to [Session API](/api/session.html) operati Session rules look like this: -```text +```hcl session "" { policy = "read" } diff --git a/website/source/docs/acl/acl-migrate-tokens.html.md b/website/source/docs/acl/acl-migrate-tokens.html.md index ed97fb9ac0..3ba056c380 100644 --- a/website/source/docs/acl/acl-migrate-tokens.html.md +++ b/website/source/docs/acl/acl-migrate-tokens.html.md @@ -82,7 +82,7 @@ The simplest and most automatic strategy is to create one new policy for every existing token. This is easy to automate, but may result in a lot of policies with exactly the same rules and with non-human-readable names which will make managing policies harder. This approach can be accomplished using the [`consul -acl policy create`](/docs/commands/acl/acl-policy.html#create) command with +acl policy create`](/docs/commands/acl/policy/create.html) command with `-from-token` option. | Pros | Cons | @@ -112,7 +112,7 @@ semantics of the old ACL system. To assist with this approach, there is a CLI tool and corresponding API that can translate a legacy ACL token's rules into a new ACL policy that is exactly equivalent. See [`consul acl -translate-rules`](/docs/commands/acl/acl-translate-rules.html). +translate-rules`](/docs/commands/acl/translate-rules.html). | Pros | Cons | | ---- | ---- | @@ -141,7 +141,7 @@ endpoint. Specifically, ensure that the `Rules` field is omitted or empty. Empty #### Update via CLI -Use the [`consul acl token update`](/docs/commands/acl/acl-token.html#update) +Use the [`consul acl token update`](/docs/commands/acl/token/update.html) command to update the token. Specifically you need to use `-upgrade-legacy` which will ensure that legacy rules are removed as well as the new policies added. diff --git a/website/source/docs/acl/acl-rules.html.md b/website/source/docs/acl/acl-rules.html.md index c8f44cb0b2..8a938df97b 100644 --- a/website/source/docs/acl/acl-rules.html.md +++ b/website/source/docs/acl/acl-rules.html.md @@ -57,7 +57,7 @@ machine-generate. Rules can make use of one or more policies. Specification in the HCL format looks like: -```text +```hcl # These control access to the key/value store. key_prefix "" { policy = "read" @@ -79,7 +79,7 @@ operator = "read" This is equivalent to the following JSON input: -```javascript +```json { "key_prefix": { "": { @@ -154,7 +154,7 @@ The `acl` resource controls access to ACL operations in the ACL rules look like this: -```text +```hcl acl = "write" ``` @@ -170,7 +170,7 @@ and [`service` or `service_prefix`](#service-rules) policies instead. Agent rules look like this: -```text +```hcl agent_prefix "" { policy = "read" } @@ -199,7 +199,7 @@ firing events and listing events. Event rules look like this: -```text +```hcl event_prefix "" { policy = "read" } @@ -221,7 +221,7 @@ give agents a token with access to this event prefix, in addition to configuring The `key` and `key_prefix` resources control access to key/value store operations in the [KV API](/api/kv.html). Key rules look like this: -```text +```hcl key_prefix "" { policy = "read" } @@ -242,7 +242,7 @@ Consul 1.0 introduces a new `list` policy for keys that is only enforced when op `list` controls access to recursively list entries and keys, and enables more fine grained policies. With "acl.enable_key_list_policy", recursive reads via [the KV API](/api/kv.html#recurse) with an invalid token result in a 403. Example: -```text +```hcl key_prefix "" { policy = "deny" } @@ -266,7 +266,7 @@ Consul Enterprise supports additional optional fields for key write policies for [Sentinel](https://docs.hashicorp.com/sentinel/app/consul/) integration. An example key rule with a Sentinel code policy looks like this: -```text +```hcl key "foo" { policy = "write" sentinel { @@ -288,7 +288,7 @@ The `keyring` resource controls access to keyring operations in the Keyring rules look like this: -```text +```hcl keyring = "write" ``` @@ -303,7 +303,7 @@ operations like fetching the list of cluster members. Node rules look like this: -```text +```hcl node_prefix "" { policy = "read" } @@ -358,7 +358,7 @@ The `operator` resource controls access to cluster-level operations in the Operator rules look like this: -```text +```hcl operator = "read" ``` @@ -374,7 +374,7 @@ policies, as will be explained below. Query rules look like this: -```text +```hcl query_prefix "" { policy = "read" } @@ -491,7 +491,7 @@ and service discovery with the [Health API](/api/health.html). Service rules look like this: -```text +```hcl service_prefix "" { policy = "read" } @@ -546,7 +546,7 @@ The `session` and `session_prefix` resources controls access to [Session API](/a Session rules look like this: -```text +```hcl session_prefix "" { policy = "read" } diff --git a/website/source/docs/acl/acl-system.html.md b/website/source/docs/acl/acl-system.html.md index bf0f8e72df..23d739ff4b 100644 --- a/website/source/docs/acl/acl-system.html.md +++ b/website/source/docs/acl/acl-system.html.md @@ -27,16 +27,35 @@ At the highest level, there are two major components to the ACL system: Accessor ID which is used to name a token, and a Secret ID which is used as the bearer token used to make requests to Consul. - ACL tokens and policies are managed by Consul operators via Consul's -[ACL API](/api/acl/acl.html), [ACL CLI](/docs/commands/acl.html), or systems like +For many scenarios policies and tokens are sufficient, but more advanced setups +may benefit from additional components in the ACL system: + + * **ACL Roles** - Roles allow for the grouping of a set of policies and service + identities into a reusable higher-level entity that can be applied to many + tokens. (Added in Consul 1.5.0) + + * **ACL Service Identities** - Service identities are a policy template for + expressing a link to a policy suitable for use in [Consul + Connect](/docs/connect/index.html). At authorization time this acts like an + additional policy was attached, the contents of which are described further + below. These are directly attached to tokens and roles and are not + independently configured. (Added in Consul 1.5.0) + + * **ACL Auth Methods and Binding Rules** - To learn more about these topics, + see the [dedicated auth methods documentation page](/docs/acl/acl-auth-methods.html). + +ACL tokens, policies, roles, auth methods, and binding rules are managed by +Consul operators via Consul's [ACL API](/api/acl/acl.html), +[ACL CLI](/docs/commands/acl.html), or systems like [HashiCorp's Vault](https://www.vaultproject.io/docs/secrets/consul/index.html). ### ACL Policies An ACL policy is a named set of rules and is composed of the following elements: -* **ID** - The policies auto-generated public identifier. +* **ID** - The policy's auto-generated public identifier. * **Name** - A unique meaningful name for the policy. +* **Description** - A human readable description of the policy. (Optional) * **Rules** - Set of rules granting or denying permissions. See the [Rule Specification](/docs/acl/acl-rules.html#rule-specification) documentation for more details. * **Datacenters** - A list of datacenters the policy is valid within. @@ -46,6 +65,59 @@ An ACL policy is a named set of rules and is composed of the following elements: and will be assigned the reserved ID of `00000000-0000-0000-0000-000000000001`. This policy can be renamed but modification of anything else including the rule set and datacenter scoping will be prevented by Consul. +### ACL Service Identities + +-> Added in Consul 1.5.0 + +An ACL service identity is an [ACL policy](/docs/acl/acl-system.html#acl-policies) template for expressing a link to a policy +suitable for use in [Consul Connect](/docs/connect/index.html). They are usable +on both tokens and roles and are composed of the following elements: + +* **Service Name** - The name of the service. +* **Datacenters** - A list of datacenters the effective policy is valid within. (Optional) + +Services participating in the service mesh will need privileges to both _be +discovered_ and to _discover other healthy service instances_. Suitable +policies tend to all look nearly identical so a service identity is a policy +template to aid in avoiding boilerplate policy creation. + +At authorization time a service identity acts like an additional policy was +attached to the token with the following contents: + +```hcl +// Allow the service and its sidecar proxy to register into the catalog. +service "" { + policy = "write" +} +service "-sidecar-proxy" { + policy = "write" +} + +// Allow for any potential upstreams to be resolved. +service_prefix "" { + policy = "read" +} +node_prefix "" { + policy = "read" +} +``` + +The [API documentation for roles](/api/acl/roles.html#sample-payload) has some +examples of using a service identity. + +### ACL Roles + +-> Added in Consul 1.5.0 + +An ACL role is a named set of policies and service identities and is composed +of the following elements: + +* **ID** - The role's auto-generated public identifier. +* **Name** - A unique meaningful name for the role. +* **Description** - A human readable description of the role. (Optional) +* **Policy Set** - The list of policies that are applicable for the role. +* **Service Identity Set** - The list of service identities that are applicable for the role. + ### ACL Tokens ACL tokens are used to determine if the caller is authorized to perform an action. An ACL token is composed of the following @@ -55,8 +127,11 @@ elements: * **Secret ID** -The bearer token used when making requests to Consul. * **Description** - A human readable description of the token. (Optional) * **Policy Set** - The list of policies that are applicable for the token. +* **Role Set** - The list of roles that are applicable for the token. (Added in Consul 1.5.0) +* **Service Identity Set** - The list of service identities that are applicable for the token. (Added in Consul 1.5.0) * **Locality** - Indicates whether the token should be local to the datacenter it was created within or created in the primary datacenter and globally replicated. +* **Expiration Time** - The time at which this token is revoked. (Optional; Added in Consul 1.5.0) #### Builtin Tokens @@ -64,7 +139,7 @@ During cluster bootstrapping when ACLs are enabled both the special `anonymous` injected. * **Anonymous Token** - The anonymous token is used when a request is made to Consul without specifying a bearer token. -The anonymous token's description and policies may be updated but Consul will prevent this tokens deletion. When created, +The anonymous token's description and policies may be updated but Consul will prevent this token's deletion. When created, it will be assigned `00000000-0000-0000-0000-000000000002` for its Accessor ID and `anonymous` for its Secret ID. * **Master Token** - When a master token is present within the Consul configuration, it is created and will be linked @@ -78,7 +153,9 @@ The token Secret ID is passed along with each RPC request to the servers. Consul query string parameter, the `X-Consul-Token` request header, or an [RFC6750](https://tools.ietf.org/html/rfc6750) authorization bearer token. Consul's [CLI commands](/docs/commands/index.html) can accept tokens via the -`token` argument, or the `CONSUL_HTTP_TOKEN` environment variable. +`token` argument, or the `CONSUL_HTTP_TOKEN` environment variable. The CLI +commands can also accept token values stored in files with the `token-file` +argument, or the `CONSUL_HTTP_TOKEN_FILE` environment variable. If no token is provided for an HTTP request then Consul will use the default ACL token if it has been configured. If no default ACL token was configured then the anonymous @@ -86,7 +163,7 @@ token will be used. #### ACL Rules and Scope -The rules from all policies linked with a token are combined to form that token's +The rules from all policies, roles, and service identities linked with a token are combined to form that token's effective rule set. Policy rules can be defined in either a whitelist or blacklist mode depending on the configuration of [`acl_default_policy`](/docs/agent/options.html#acl_default_policy). If the default policy is to "deny" access to all resources, then policy rules can be set to @@ -137,6 +214,7 @@ as to whether they are set on servers, clients, or both. | [`acl.enabled`](/docs/agent/options.html#acl_enabled) | `REQUIRED` | `REQUIRED` | Controls whether ACLs are enabled | | [`acl.default_policy`](/docs/agent/options.html#acl_default_policy) | `OPTIONAL` | `N/A` | Determines whitelist or blacklist mode | | [`acl.down_policy`](/docs/agent/options.html#acl_down_policy) | `OPTIONAL` | `OPTIONAL` | Determines what to do when the remote token or policy resolution fails | +| [`acl.role_ttl`](/docs/agent/options.html#acl_role_ttl) | `OPTIONAL` | `OPTIONAL` | Determines time-to-live for cached ACL Roles | | [`acl.policy_ttl`](/docs/agent/options.html#acl_policy_ttl) | `OPTIONAL` | `OPTIONAL` | Determines time-to-live for cached ACL Policies | | [`acl.token_ttl`](/docs/agent/options.html#acl_token_ttl) | `OPTIONAL` | `OPTIONAL` | Determines time-to-live for cached ACL Tokens | @@ -156,7 +234,7 @@ All of these tokens except the `master` token can all be introduced or updated v Since the [`acl.tokens.agent_master`](/docs/agent/options.html#acl_tokens_agent_master) is designed to be used when the Consul servers are not available, its policy is managed locally on the agent and does not need to have a token defined on the Consul servers via the ACL API. Once set, it implicitly has the following policy associated with it -```text +```hcl agent "" { policy = "write" } @@ -175,7 +253,7 @@ The [`acl.tokens.agent`](/docs/agent/options.html#acl_tokens_agent) is a special Here's an example policy sufficient to accomplish the above for a node called `mynode`: -```text +```hcl node "mynode" { policy = "write" } diff --git a/website/source/docs/acl/auth-methods/kubernetes.html.md b/website/source/docs/acl/auth-methods/kubernetes.html.md new file mode 100644 index 0000000000..86a03ed62d --- /dev/null +++ b/website/source/docs/acl/auth-methods/kubernetes.html.md @@ -0,0 +1,137 @@ +--- +layout: "docs" +page_title: "Kubernetes Auth Method" +sidebar_current: "docs-acl-auth-methods-kubernetes" +description: |- + The Kubernetes auth method type allows for a Kubernetes service account token to be used to authenticate to Consul. This method of authentication makes it easy to introduce a Consul token into a Kubernetes pod. +--- + +-> **1.5.0+:** This guide only applies in Consul versions 1.5.0 and newer. + +# Kubernetes Auth Method + +The `kubernetes` auth method type allows for a Kubernetes service account token +to be used to authenticate to Consul. This method of authentication makes it +easy to introduce a Consul token into a Kubernetes pod. + +This page assumes general knowledge of [Kubernetes](https://kubernetes.io/) and +the concepts described in the main [auth method +documentation](/docs/acl/acl-auth-methods.html). + +## Config Parameters + +The following auth method [`Config`](/api/acl/auth-methods.html#config) +parameters are required to properly configure an auth method of type +`kubernetes`: + +- `Host` `(string: )` - Must be a host string, a host:port pair, or a + URL to the base of the Kubernetes API server. + +- `CACert` `(string: )` - PEM encoded CA cert for use by the TLS + client used to talk with the Kubernetes API. NOTE: Every line must end with a + newline (`\n`). + +- `ServiceAccountJWT` `(string: )` - A Service Account Token + ([JWT](https://jwt.io/ "JSON Web Token")) used by the Consul leader to + validate application JWTs during login. + +### Sample Config + +```json +{ + ...other fields... + "Config": { + "Host": "https://192.0.2.42:8443", + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..." + } +} +``` + +## RBAC + +The Kubernetes service account corresponding to the configured +[`ServiceAccountJWT`](/docs/acl/auth-methods/kubernetes.html#serviceaccountjwt) +needs to have access to two Kubernetes APIs: + +- [**TokenReview**](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#create-tokenreview-v1-authentication-k8s-io) + + -> Kubernetes should be running with `--service-account-lookup`. This is + defaulted to true in Kubernetes 1.7, but any versions prior should ensure + the Kubernetes API server is started with this setting. + +- [**ServiceAccount**](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#read-serviceaccount-v1-core) + (`get`) + +The following is an example +[RBAC](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) +configuration snippet to grant the necessary permissions to a service account +named `consul-auth-method-example`: + +```yaml +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: review-tokens + namespace: default +subjects: +- kind: ServiceAccount + name: consul-auth-method-example + namespace: default +roleRef: + kind: ClusterRole + name: system:auth-delegator + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: service-account-getter + namespace: default +rules: +- apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: get-service-accounts + namespace: default +subjects: +- kind: ServiceAccount + name: consul-auth-method-example + namespace: default +roleRef: + kind: ClusterRole + name: service-account-getter + apiGroup: rbac.authorization.k8s.io +``` + +## Trusted Identity Attributes + +The authentication step returns the following trusted identity attributes for +use in binding rule selectors and bind name interpolation. + +| Attributes | Supported Selector Operations | Can be Interpolated | +| -------------------------- | ---------------------------------- | ------------------- | +| `serviceaccount.namespace` | Equal, Not Equal | yes | +| `serviceaccount.name` | Equal, Not Equal | yes | +| `serviceaccount.uid` | Equal, Not Equal | yes | + +## Kubernetes Authentication Details + +Initially the +[`ServiceAccountJWT`](/docs/acl/auth-methods/kubernetes.html#serviceaccountjwt) +given to the Consul leader uses the TokenReview API to validate the provided +JWT. The trusted attributes of `serviceaccount.namespace`, +`serviceaccount.name`, and `serviceaccount.uid` are populated directly from the +Service Account metadata. + +The Consul leader makes an additional query, this time to the ServiceAccount +API to check for the existence of an annotation of +`consul.hashicorp.com/service-name` on the ServiceAccount object. If one is +found its value will override the trusted attribute of `serviceaccount.name` +for the purposes of evaluating any binding rules. + diff --git a/website/source/docs/agent/options.html.md b/website/source/docs/agent/options.html.md index b798c099e6..64fae288bb 100644 --- a/website/source/docs/agent/options.html.md +++ b/website/source/docs/agent/options.html.md @@ -529,6 +529,12 @@ default will automatically work with some tooling. it reduces the number of refreshes. However, because the caches are not actively invalidated, ACL policy may be stale up to the TTL value. + * `role_ttl` - Used to control + Time-To-Live caching of ACL roles. By default, this is 30 seconds. This setting has a + major performance impact: reducing it will cause more frequent refreshes while increasing + it reduces the number of refreshes. However, because the caches are not actively invalidated, + ACL role may be stale up to the TTL value. + * `token_ttl` - Used to control Time-To-Live caching of ACL tokens. By default, this is 30 seconds. This setting has a major performance impact: reducing it will cause more frequent refreshes while increasing diff --git a/website/source/docs/commands/_http_api_options_client.html.md b/website/source/docs/commands/_http_api_options_client.html.md index 4c963f7eaa..7f67fd264e 100644 --- a/website/source/docs/commands/_http_api_options_client.html.md +++ b/website/source/docs/commands/_http_api_options_client.html.md @@ -29,3 +29,8 @@ * `-token=` - ACL token to use in the request. This can also be specified via the `CONSUL_HTTP_TOKEN` environment variable. If unspecified, the query will default to the token of the Consul agent at the HTTP address. + +* `-token-file=` - File containing the ACL token to use in the request + instead of one specified via the `-token` argument or `CONSUL_HTTP_TOKEN` + environment variable. This can also be specified via the + `CONSUL_HTTP_TOKEN_FILE` environment variable. diff --git a/website/source/docs/commands/acl.html.md b/website/source/docs/commands/acl.html.md index b9a9195560..7ea2204808 100644 --- a/website/source/docs/commands/acl.html.md +++ b/website/source/docs/commands/acl.html.md @@ -75,11 +75,11 @@ Usage: consul acl [options] [args] $ consul acl bootstrap - List all ACL Tokens: + List all ACL tokens: $ consul acl token list - Create a new ACL Policy: + Create a new ACL policy: $ consul acl policy create -name "new-policy" \ -description "This is an example policy" \ @@ -94,10 +94,13 @@ Usage: consul acl [options] [args] For more examples, ask for subcommand help or view the documentation. Subcommands: + auth-method Manage Consul's ACL auth methods + binding-rule Manage Consul's ACL binding rules bootstrap Bootstrap Consul's ACL system - policy Manage Consul's ACL Policies - set-agent-token Interact with the Consul's ACLs - token Manage Consul's ACL Tokens + policy Manage Consul's ACL policies + role Manage Consul's ACL roles + set-agent-token Assign tokens for the Consul Agent's usage + token Manage Consul's ACL tokens translate-rules Translate the legacy rule syntax into the current syntax ``` diff --git a/website/source/docs/commands/acl/acl-policy.html.md.erb b/website/source/docs/commands/acl/acl-policy.html.md.erb deleted file mode 100644 index 5562b6f37e..0000000000 --- a/website/source/docs/commands/acl/acl-policy.html.md.erb +++ /dev/null @@ -1,433 +0,0 @@ ---- -layout: "docs" -page_title: "Commands: ACL Policy Management" -sidebar_current: "docs-commands-acl-policy" ---- - -# Consul ACL Policies - -Command: `consul acl policy` - -The `acl policy` command is used to manage Consul's ACL policies. There are -subcommands for the individual operations that can be performed. - -* [`create`](#create) -* [`read`](#read) -* [`update`](#update) -* [`delete`](#delete) -* [`list`](#list) - -ACL policies are also accessible via the [HTTP API](/api/acl/acl.html). - -Usage: `consul acl policy [options] [args]` - --> **Note:** All of the examples show for the subcommands will require a valid Consul token with the appropriate permissions. -Either set the `CONSUL_HTTP_TOKEN` environment variable to the tokens secret ID or pass the secret ID as the value of the `-token` -parameter. - -## Identifying Policies - -In several of the subcommands a policy will have to be identified to be read, modified or deleted. Those subcommands support -specifying the policy by its ID using the `-id` parameter or by name using the `-name` parameter. When specifying the policy -by its ID a unique policy ID prefix may be specified instead of the entire UUID. As long as it is unique it will be resolved -to the full UUID and used. Additionally builtin policy names will be accepted as the value to the `-id` parameter. Even if -the builtin policies are renamed their original name can be used to operate on them. - -Builtin Policies: - -| Policy UUID | Policy Name | -| ------------------------------------ | ----------------- | -| 00000000-0000-0000-0000-000000000001 | global-management | - -## Common Subcommand Options - -All of the `consul acl policy` subcommands support the following options: - -<%= partial "docs/commands/http_api_options_client" %> -<%= partial "docs/commands/http_api_options_server" %> - -## `create` - -Command: `consul acl policy create` - -This command creates new policies. The policies rules can either be set explicitly or the -`-from-token` parameter may be used to load the rules from a legacy ACL token. When loading -the rules from an existing legacy ACL token, the rules get translated from the legacy syntax -to the new syntax. - -Both the `-rules` and `-from-token` parameter values allow loading the value -from stdin, a file or the raw value. To use stdin pass `-` as the value. -To load the value from a file prefix the value with an `@`. Any other -values will be used directly. - --> **Deprecated:** The `-from-token` and `-token-secret` arguments exist only as a convenience -to make legacy ACL migration easier. These will be removed in a future major release when -support for the legacy ACL system is removed. - -### Usage - -Usage: `consul acl policy create [options] [args]` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-description=` - A description of the policy. - -* `-from-token=` - The legacy token to retrieve the rules for when creating this - policy. When this is specified no other rules should be given. - Similar to the -rules option the token to use can be loaded from - stdin or from a file. - -* `-meta` - Indicates that policy metadata such as the content hash and raft - indices should be shown for each entry. - -* `-name=` - The new policy's name. This flag is required. - -* `-rules=` - The policy rules. May be prefixed with '@' to indicate that the - value is a file path to load the rules from. '-' may also be given - to indicate that the rules are available on stdin. - -* `-token-secret` - Indicates the token provided with -from-token is a SecretID and not - an AccessorID. - -* `-valid-datacenter=` - Datacenter that the policy should be valid within. - This flag may be specified multiple times. - - -### Examples - -Create a new policy that is valid in all datacenters: - -```sh -$ consul acl policy create -name "acl-replication" -description "Policy capable of replicating ACL policies" -rules 'acl = "read"' -ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 -Name: acl-replication -Description: Policy capable of replicating ACL policies -Datacenters: -Rules: -acl = "read" -``` - -Create a new policy valid only in specific datacenters with rules read from a file: - -```sh -$ consul acl policy create -name "replication" -description "Replication" -rules @rules.hcl -valid-datacenter dc1 -valid-datacenter dc2 -ID: ca44555b-a2d8-94de-d763-88caffdaf11f -Name: replication -Description: Replication -Datacenters: dc1, dc2 -Rules: -acl = "read" -service_prefix "" { - policy = "read" - intentions = "read" -} -``` - -Create a new policy with rules equivalent to that of a legacy ACL token: - -```sh -$ consul acl policy create -name "node-services-read" -from-token 5793a5ce -description "Can read any node and service" -ID: 06acc965-df4b-5a99-58cb-3250930c6324 -Name: node-services-read -Description: Can read any node and service -Datacenters: -Rules: -service_prefix "" { - policy = "read" -} - -node_prefix "" { - policy = "read" -} - -``` - -## `read` - -Command: `consul acl policy read` - -This command reads and displays a policies details. - -### Usage - -Usage: `consul acl policy read [options] [args]` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-id=` - The ID of the policy to read. It may be specified as a unique ID - prefix but will error if the prefix matches multiple policy IDs. - -* `-meta` - Indicates that policy metadata such as the content hash and raft - indices should be shown for each entry. - -* `-name=` - The name of the policy to read. - -### Examples - -Get policy details: - -```sh -$ consul acl policy read -id 00000000-0000-0000-0000-000000000001 -ID: 00000000-0000-0000-0000-000000000001 -Name: global-management -Description: Builtin Policy that grants unlimited access -Datacenters: -Rules: - -acl = "write" -agent_prefix "" { - policy = "write" -} -event_prefix "" { - policy = "write" -} -key_prefix "" { - policy = "write" -} -keyring = "write" -node_prefix "" { - policy = "write" -} -operator = "write" -query_prefix "" { - policy = "write" -} -service_prefix "" { - policy = "write" - intentions = "write" -} -session_prefix "" { - policy = "write" -} -``` - -Get policy details by name: - -```sh -$ consul acl policy read -name "acl-replication" -ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 -Name: acl-replication -Description: Token capable of replicating ACL policies -Datacenters: -Rules: -acl = "read" -``` - -Get policy details (Builtin Policies): - -Builtin policies can be accessed by specifying their original name as the value to the `-id` parameter. - -```sh -$ consul acl policy read -id global-management -ID: 00000000-0000-0000-0000-000000000001 -Name: global-management -Description: Builtin Policy that grants unlimited access -Datacenters: -Hash: b30210b7aba9facd1c57891e3df27669174a08b690cb2905e0797535f75eba69 -Create Index: 4 -Modify Index: 4 -Rules: - -acl = "write" -agent_prefix "" { - policy = "write" -} -event_prefix "" { - policy = "write" -} -key_prefix "" { - policy = "write" -} -keyring = "write" -node_prefix "" { - policy = "write" -} -operator = "write" -query_prefix "" { - policy = "write" -} -service_prefix "" { - policy = "write" - intentions = "write" -} -session_prefix "" { - policy = "write" -} -``` - -## `update` - -Command: `consul acl policy update` - -This command is used to update a policy. The default operations is to merge the current policy -with those values provided to the command invocation. Therefore to update just one field, only -the `-id` or `-name` options and the option to modify must be provided. Note that renaming -policies requires both the `-id` and `-name` as the new name cannot yet be used to lookup the -policy. - -### Usage - -Usage: `consul acl policy update [options] [args]` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-description=` - A description of the policy. - -* `-id=` - The ID of the policy to update. It may be specified as a - unique ID prefix but will error if the prefix matches multiple policy IDs - -* `-meta` - Indicates that policy metadata such as the content hash and raft - indices should be shown for each entry - -* `-name=` - The policies name. - -* `-no-merge` - Do not merge the current policy information with what is provided - to the command. Instead overwrite all fields with the exception of - the policy ID which is immutable. - -* `-rules=` - The policy rules. May be prefixed with `@` to indicate that - the value is a file path to load the rules from. `-` may also be given to - indicate that the rules are available on stdin. - -* `-valid-datacenter=` - Datacenter that the policy should be valid within. - This flag may be specified multiple times. - -### Examples - -Update a policy: - -```sh -$ consul acl policy update -id 35b8 -name "replication" -description "Policy capable of replication ACL policies and Intentions" -rules @rules.hcl -Policy updated successfully -ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 -Name: replication -Description: Policy capable of replication ACL policies and Intentions -Datacenters: -Rules: -acl = "read" - -service_prefix "" { - policy = "read" - intentions = "read" -} -``` - -Rename a policy: - -```sh -$ consul acl policy update -id 35b8 -name "dc1-replication" -Policy updated successfully -ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 -Name: dc1-replication -Description: Policy capable of replication ACL policies and Intentions -Datacenters: dc1 -Rules: -acl = "read" - -service_prefix "" { - policy = "read" - intentions = "read" -} - -``` - -## `delete` - -Command: `consul acl policy delete` - -This command deletes a policy. Policies may be deleted by their ID or by name. - -### Usage - -Usage: `consul acl policy delete [options]` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-id=` - The ID of the policy to delete. It may be specified as a - unique ID prefix but will error if the prefix matches multiple policy IDs. - -* `-name=` - The Name of the policy to delete. - -### Examples - -Delete a policy: - -```sh -$ consul acl policy delete -id 35b8 -Policy "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully -``` - -Delete a policy by name: - -```sh -$ consul acl policy delete -name acl-replication -Policy "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully -``` - -## `list` - -Command: `consul acl policy list` - -This command lists all policies. By default it will not show metadata. - -### Usage - -Usage: `consul acl policy list` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-meta` - Indicates that policy metadata such as the content hash and - Raft indices should be shown for each entry. - -### Examples - -Default listing. - -```sh -$ consul acl policy list -global-management: - ID: 00000000-0000-0000-0000-000000000001 - Description: Builtin Policy that grants unlimited access - Datacenters: -acl-replication: - ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 - Description: Policy capable of replicating ACL policies - Datacenters: -``` - -Show Metadata. - -```sh -$ consul acl policy list -meta -global-management: - ID: 00000000-0000-0000-0000-000000000001 - Description: Builtin Policy that grants unlimited access - Datacenters: - Hash: b30210b7aba9facd1c57891e3df27669174a08b690cb2905e0797535f75eba69 - Create Index: 4 - Modify Index: 4 -node-services-read: - ID: 06acc965-df4b-5a99-58cb-3250930c6324 - Description: Can read any node and service - Datacenters: - Hash: 19d2a73dcd315506af73bfff1492779a0dc0235066fcac07f432fb2cc3402133 - Create Index: 244 - Modify Index: 244 -acl-replication: - ID: ca44555b-a2d8-94de-d763-88caffdaf11f - Description: Token capable of replicating ACL policies - Datacenters: dc1, dc2 - Hash: b94669679cc24e0d064412e4aa90b470b7f900a8e0801f65feaf1f7d716a5390 - Create Index: 198 - Modify Index: 198 -``` diff --git a/website/source/docs/commands/acl/acl-token.html.md.erb b/website/source/docs/commands/acl/acl-token.html.md.erb deleted file mode 100644 index e7e3147c00..0000000000 --- a/website/source/docs/commands/acl/acl-token.html.md.erb +++ /dev/null @@ -1,363 +0,0 @@ ---- -layout: "docs" -page_title: "Commands: ACL Token Management" -sidebar_current: "docs-commands-acl-token" ---- - -# Consul ACL Tokens - -Command: `consul acl token` - -The `acl token` command is used to manage Consul's ACL tokens. There are -subcommands for the individual operations that can be performed. - -* [`create`](#create) -* [`clone`](#clone) -* [`read`](#read) -* [`update`](#update) -* [`delete`](#delete) -* [`list`](#list) - -ACL tokens are also accessible via the [HTTP API](/api/acl/acl.html). - -Usage: `consul acl token [options] [args]` - --> **Note:** All of the examples show for the subcommands will require a valid Consul token with the appropriate permissions. -Either set the `CONSUL_HTTP_TOKEN` environment variable to the tokens secret ID or pass the secret ID as the value of the `-token` -parameter. - -## Identifying Tokens - -In several of the subcommands a token will have to be identified to be read, modified or deleted. Those subcommands support -specifying the token by its ID using the `-id` parameter. The ID may be specified as a unique UUID prefix instead of the entire -UUID. As long as it is unique it will be resolve to the full UUID and used. Additionally builtin token names will be accepted as -the value of the `-id`. - -Builtin Tokens: - -| Token UUID | Token Name | -| ------------------------------------ | ----------------- | -| 00000000-0000-0000-0000-000000000002 | anonymous | - -## Common Subcommand Options - -All of the `consul acl token` subcommands support the following options: - -<%= partial "docs/commands/http_api_options_client" %> -<%= partial "docs/commands/http_api_options_server" %> - -## `create` - -Command: `consul acl token create` - -This command creates new tokens. When creating a new token, policies may be linked using -either the `-policy-id` or the `-policy-name options. When specifying policies by IDs you -may use a unique prefix of the UUID as a shortcut for specifying the entire UUID. - -### Usage - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-accessor=` - Create the token with this Accessor ID. It must be a UUID. If not - specified one will be auto-generated - -* `-description=` - A description of the token. - -* `-local` - Create this as a datacenter local token. - -* `-policy-id=` - ID of a policy to use for this token. May be specified multiple times. - -* `-policy-name=` - Name of a policy to use for this token. May be specified multiple times. - -* `-meta` - Indicates that token metadata such as the content hash and raft indices should be shown - for each entry. - -* `-secret=` - Create the token with this Secret ID. It must be a UUID. If not - specified one will be auto-generated. - **Note**: The SecretID is used to authorize operations against Consul and should - be generated from an appropriate cryptographic source. - -### Examples - -Create a new token: - -```sh -$ consul acl token create -description "Read Nodes and Services" -policy-id 06acc965 -AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d -SecretID: ec15675e-2999-d789-832e-8c4794daa8d7 -Description: Read Nodes and Services -Local: false -Create Time: 2018-10-22 15:33:39.01789 -0400 EDT -Policies: - 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read -``` - -Create a new local token: - -```sh -$ consul acl token create -description "Read Nodes and Services" -policy-id 06acc965 -local -AccessorID: 4fdf0ec8-d251-3865-079c-7247c974fc50 -SecretID: 02143514-abf2-6c23-0aa1-ec2107e68f6b -Description: Read Nodes and Services -Local: true -Create Time: 2018-10-22 15:34:19.330265 -0400 EDT -Policies: - 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read -``` - -Create a new policy and link with policies by name: - -```sh -$ consul acl token create -description "Super User" -policy-name global-management -AccessorID: 59f86a9b-d3b6-166c-32a0-be4ab3f94caa -SecretID: ada7f751-f654-8872-7f93-498e799158b6 -Description: Super User -Local: false -Create Time: 2018-10-22 15:35:28.787003 -0400 EDT -Policies: - 00000000-0000-0000-0000-000000000001 - global-management -``` - -## `clone` - -Command: `consul acl token clone` - -This command clones an existing token. - -### Usage - -Usage: `consul acl token clone [options] - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-description=` - A description of the new cloned token. - -* `-id=` - The Accessor ID of the token to clone. It may be specified - as a unique ID prefix but will error if the prefix matches multiple token - Accessor IDs. The special value of 'anonymous' may be provided instead of - the anonymous tokens accessor ID - -### Examples - -Clone a token: - -```sh -$ consul acl token clone -id 59f8 -description "Clone of Super User" -Token cloned successfully. -AccessorID: dcfa52ed-9288-b3ff-056d-255ef69d2d88 -SecretID: 0005d17e-5bb2-7e8b-7bfa-15f2eee9ad14 -Description: Clone of Super User -Local: false -Create Time: 2018-10-22 16:26:02.909096 -0400 EDT -Policies: - 00000000-0000-0000-0000-000000000001 - global-management -``` - -## `read` - -Command: `consul acl token read` - -This command reads and displays a token details. - -### Usage - -Usage: `consul acl token read [options] [args]` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-id=` - The ID of the policy to read. It may be specified as a unique ID - prefix but will error if the prefix matches multiple policy IDs. - -* `-meta` - Indicates that policy metadata such as the content hash and raft - indices should be shown for each entry. - -* `-self` - Indicates that the current HTTP token should be read by secret ID - instead of expecting a -id option. - - -### Examples - -Get token details: - -```sh -$ consul acl token read -id 986 -AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d -SecretID: ec15675e-2999-d789-832e-8c4794daa8d7 -Description: Read Nodes and Services -Local: false -Create Time: 2018-10-22 15:33:39.01789 -0400 EDT -Policies: - 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read -``` - -Get token details using the token secret ID: - -```sh -$consul acl token read -self -AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01 -SecretID: 86cddfb9-2760-d947-358d-a2811156bf31 -Description: Bootstrap Token (Global Management) -Local: false -Create Time: 2018-10-22 11:27:04.479026 -0400 EDT -Policies: - 00000000-0000-0000-0000-000000000001 - global-management -``` - -Get token details (Builtin Tokens) - -```sh -$ consul acl token read -id anonymous -AccessorID: 00000000-0000-0000-0000-000000000002 -SecretID: anonymous -Description: Anonymous Token -Local: false -Create Time: 0001-01-01 00:00:00 +0000 UTC -Policies: -``` - -## `update` - -Command: `consul acl token update` - -This command will update a token. Some parts of the token like whether the -token is local to the datacenter cannot be changed. - -### Usage - -Usage: `consul acl token update [options]` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-description=` - A description of the token - -* `-id=` - The Accessor ID of the token to read. It may be specified as a - unique ID prefix but will error if the prefix matches multiple token Accessor IDs - -* `-merge-policies` - Merge the new policies with the existing policies - -* `-meta` - Indicates that token metadata such as the content hash and Raft indices should be - shown for each entry. - -* `-policy-id=` - ID of a policy to use for this token. May be specified multiple times. - -* `-policy-name=` - Name of a policy to use for this token. May be specified multiple times. - -### Examples - -Update the anonymous token: - -```sh -$ consul acl token update -id anonymous -policy-id 06acc -Token updated successfully. -AccessorID: 00000000-0000-0000-0000-000000000002 -SecretID: anonymous -Description: Anonymous Token -Local: false -Create Time: 0001-01-01 00:00:00 +0000 UTC -Policies: - 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read -``` - -Update a token description and take the policies from the existing token: - -```sh -$ consul acl token update -id 986193 -description "WonderToken" -merge-policies -Token updated successfully. -AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d -SecretID: ec15675e-2999-d789-832e-8c4794daa8d7 -Description: WonderToken -Local: false -Create Time: 2018-10-22 15:33:39.01789 -0400 EDT -Policies: - 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read -``` - -## `delete` - -Command: `consul acl token delete` - -This command deletes a token. - -### Usage - -Usage: `consul acl token delete [options]` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-id=` - The ID of the token to delete. It may be specified as a - unique ID prefix but will error if the prefix matches multiple token IDs. - -### Examples - -Delete a token: - -```sh -$ consul acl token delete -id 35b8 -Token "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully -``` - -## `list` - -Command: `consul acl token list` - -This command lists all tokens. By default it will not show metadata. - -### Usage - -Usage: `consul acl token list` - -#### Options - -* [Common Subcommand Options](#common-subcommand-options) - -* `-meta` - Indicates that token metadata such as the content hash and - Raft indices should be shown for each entry. - -### Examples - -Default listing. - -```sh -$ consul acl token list -AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01 -Description: Bootstrap Token (Global Management) -Local: false -Create Time: 2018-10-22 11:27:04.479026 -0400 EDT -Legacy: false -Policies: - 00000000-0000-0000-0000-000000000001 - global-management - -AccessorID: 59f86a9b-d3b6-166c-32a0-be4ab3f94caa -Description: Super User -Local: false -Create Time: 2018-10-22 15:35:28.787003 -0400 EDT -Legacy: false -Policies: - 00000000-0000-0000-0000-000000000001 - global-management - -AccessorID: 00000000-0000-0000-0000-000000000002 -Description: Anonymous Token -Local: false -Create Time: 0001-01-01 00:00:00 +0000 UTC -Legacy: false -Policies: - 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read - -AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d -Description: WonderToken -Local: false -Create Time: 2018-10-22 15:33:39.01789 -0400 EDT -Legacy: false -Policies: - 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read -``` diff --git a/website/source/docs/commands/acl/auth-method.html.md.erb b/website/source/docs/commands/acl/auth-method.html.md.erb new file mode 100644 index 0000000000..825ccea405 --- /dev/null +++ b/website/source/docs/commands/acl/auth-method.html.md.erb @@ -0,0 +1,84 @@ +--- +layout: "docs" +page_title: "Commands: ACL Auth Methods" +sidebar_current: "docs-commands-acl-auth-method" +--- + +# Consul ACL Auth Methods + +Command: `consul acl auth-method` + +The `acl auth-method` command is used to manage Consul's ACL auth methods. +It exposes commands for creating, updating, reading, deleting, and listing auth methods. +This command is available in Consul 1.5.0 and newer. + +ACL auth methods may also be managed via the [HTTP API](/api/acl/auth-methods.html). + +-> **Note:** All of the example subcommands in this document will require a valid +Consul token with the appropriate permissions. Either set the +`CONSUL_HTTP_TOKEN` environment variable to the token's secret ID or pass the +secret ID as the value of the `-token` parameter. + +## Usage + +Usage: `consul acl auth-method ` + +For the exact documentation for your Consul version, run `consul acl +auth-method -h` to view the complete list of subcommands. + +```text +Usage: consul acl auth-method [options] [args] + + ... + +Subcommands: + create Create an ACL auth method + delete Delete an ACL auth method + list Lists ACL auth methods + read Read an ACL auth method + update Update an ACL auth method +``` + +For more information, examples, and usage about a subcommand, click on the name +of the subcommand in the sidebar. + +## Basic Examples + +Create a new auth method: + +```sh +$ consul acl auth-method create -type "kubernetes" \ + -name "my-k8s" \ + -description "This is an example kube auth method" \ + -kubernetes-host "https://apiserver.example.com:8443" \ + -kubernetes-ca-file /path/to/kube.ca.crt \ + -kubernetes-service-account-jwt "JWT_CONTENTS" +``` + +List all auth methods: + +```sh +$ consul acl auth-method list +``` + +Update all editable fields of the auth method: + +```sh +$ consul acl auth-method update -name "my-k8s" \ + -description "new description" \ + -kubernetes-host "https://new-apiserver.example.com:8443" \ + -kubernetes-ca-file /path/to/new-kube.ca.crt \ + -kubernetes-service-account-jwt "NEW_JWT_CONTENTS" +``` + +Read an auth method: + +```sh +$ consul acl auth-method read -name my-k8s +``` + +Delete an auth method: + +```sh +$ consul acl auth-method delete -name my-k8s +``` diff --git a/website/source/docs/commands/acl/auth-method/create.html.md.erb b/website/source/docs/commands/acl/auth-method/create.html.md.erb new file mode 100644 index 0000000000..4ca4c21d76 --- /dev/null +++ b/website/source/docs/commands/acl/auth-method/create.html.md.erb @@ -0,0 +1,64 @@ +--- +layout: "docs" +page_title: "Commands: ACL Auth Method Create" +sidebar_current: "docs-commands-acl-auth-method-create" +--- + +# Consul ACL Auth Method Create + +Command: `consul acl auth-method create` + +The `acl auth-method create` command creates new auth methods. + +## Usage + +Usage: `consul acl auth-method create [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the auth method. + +* `-meta` - Indicates that auth method metadata such as the raft indices should + be shown for each entry. + +* `-name=` - The new auth method's name. This flag is required. + +* `-type=` - The new auth method's type. This flag is required. + +* `-kubernetes-ca-cert=` - PEM encoded CA cert for use by the TLS + client used to talk with the Kubernetes API. May be prefixed with '@' to + indicate that the value is a file path to load the cert from. This flag is + required for `-type=kubernetes`. + +* `-kubernetes-host=` - Address of the Kubernetes API server. This flag + is required for `-type=kubernetes`. + +* `-kubernetes-service-account-jwt=` - A Kubernetes service account JWT + used to access the TokenReview API to validate other JWTs during login. This + flag is required for `-type=kubernetes`. + +## Examples + +Create a new Kubernetes auth method: + +```sh +$ consul acl auth-method create -name minikube -type kubernetes \ + -description 'minikube auth method' \ + -kubernetes-host 'https://192.0.2.42:8443' \ + -kubernetes-ca-cert '@minikube-ca.crt' \ + -kubernetes-service-account-jwt 'eyJhbGciOiJSUzI1NiIsImtpZCI...' +Name: minikube +Type: kubernetes +Description: minikube auth method +Config: +{ + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "Host": "https://192.0.2.42:8443", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..." +} +``` diff --git a/website/source/docs/commands/acl/auth-method/delete.html.md.erb b/website/source/docs/commands/acl/auth-method/delete.html.md.erb new file mode 100644 index 0000000000..46c826761e --- /dev/null +++ b/website/source/docs/commands/acl/auth-method/delete.html.md.erb @@ -0,0 +1,33 @@ +--- +layout: "docs" +page_title: "Commands: ACL Auth Method Delete" +sidebar_current: "docs-commands-acl-auth-method-delete" +--- + +# Consul ACL Auth Method Delete + +Command: `consul acl auth-method delete` + +The `acl auth-method delete` command deletes an auth method. + +## Usage + +Usage: `consul acl auth-method delete [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-name=` - The Name of the auth method to delete. + +## Examples + +Delete an auth method: + +```sh +$ consul acl auth-method delete -name minikube +Auth-method "minikube" deleted successfully +``` diff --git a/website/source/docs/commands/acl/auth-method/list.html.md.erb b/website/source/docs/commands/acl/auth-method/list.html.md.erb new file mode 100644 index 0000000000..6f9c830cf2 --- /dev/null +++ b/website/source/docs/commands/acl/auth-method/list.html.md.erb @@ -0,0 +1,55 @@ +--- +layout: "docs" +page_title: "Commands: ACL Auth Method List" +sidebar_current: "docs-commands-acl-auth-method-list" +--- + +# Consul ACL Auth Method List + +Command: `consul acl auth-method list` + +The `acl auth-method list`s command lists all auth methods. By default it will not show metadata. + +## Usage + +Usage: `consul acl auth-method list` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-meta` - Indicates that auth method metadata such as the raft indices should + be shown for each entry. + +## Examples + +Default listing. + +```sh +$ consul acl auth-method list +minikube: + Type: kubernetes + Description: minikube auth method +minikube-two: + Type: kubernetes + Description: dev cluster +``` + +Show Metadata. + +```sh +$ consul acl auth-method list -meta +minikube: + Type: kubernetes + Description: minikube auth method + Create Index: 443 + Modify Index: 443 +minikube-two: + Type: kubernetes + Description: dev cluster + Create Index: 445 + Modify Index: 445 +``` diff --git a/website/source/docs/commands/acl/auth-method/read.html.md.erb b/website/source/docs/commands/acl/auth-method/read.html.md.erb new file mode 100644 index 0000000000..6f5a69fb72 --- /dev/null +++ b/website/source/docs/commands/acl/auth-method/read.html.md.erb @@ -0,0 +1,44 @@ +--- +layout: "docs" +page_title: "Commands: ACL Auth Method Read" +sidebar_current: "docs-commands-acl-auth-method-read" +--- + +# Consul ACL Auth Method Read + +Command: `consul acl auth-method read` + +The `acl auth-method read` command reads and displays an auth method's details. + +## Usage + +Usage: `consul acl auth-method read [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-meta` - Indicates that auth method metadata such as the raft + indices should be shown for each entry. + +* `-name=` - The name of the auth method to read. + +## Examples + +Get auth method details: + +```sh +$ consul acl auth-method read -name minikube +Name: minikube +Type: kubernetes +Description: minikube auth method +Config: +{ + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "Host": "https://192.0.2.42:8443", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..." +} +``` diff --git a/website/source/docs/commands/acl/auth-method/update.html.md.erb b/website/source/docs/commands/acl/auth-method/update.html.md.erb new file mode 100644 index 0000000000..91e80a5c12 --- /dev/null +++ b/website/source/docs/commands/acl/auth-method/update.html.md.erb @@ -0,0 +1,67 @@ +--- +layout: "docs" +page_title: "Commands: ACL Auth Method Update" +sidebar_current: "docs-commands-acl-auth-method-update" +--- + +# Consul ACL Auth Method Update + +Command: `consul acl auth-method update` + +The `acl auth-method update` command is used to update an auth method. The +default operations is to merge the current auth method with those values +provided to the command invocation. Therefore to update just one field, only +the `-name` options and the option to modify must be provided. + +## Usage + +Usage: `consul acl auth-method update [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the auth method. + +* `-kubernetes-ca-cert=` - PEM encoded CA cert for use by the TLS + client used to talk with the Kubernetes API. May be prefixed with '@' to + indicate that the value is a file path to load the cert from. This flag is + required for `-type=kubernetes`. + +* `-kubernetes-host=` - Address of the Kubernetes API server. This flag + is required for `-type=kubernetes`. + +* `-kubernetes-service-account-jwt=` - A Kubernetes service account JWT + used to access the TokenReview API to validate other JWTs during login. This + flag is required for `-type=kubernetes`. + +* `-meta` - Indicates that auth method metadata such as the raft + indices should be shown for each entry + +* `-name=` - The name of the auth method to update. + +* `-no-merge` - Do not merge the current auth method information with what is provided + to the command. Instead overwrite all fields with the exception of the auth method + ID which is immutable. + +## Examples + +Update an auth method: + +```sh +$ consul acl auth-method update -name minikube \ + -description 'dev cluster' \ + -kubernetes-host 'https://192.0.2.44:8443' +Name: minikube +Type: kubernetes +Description: dev cluster +Config: +{ + "CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n", + "Host": "https://192.0.2.44:8443", + "ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..." +} +``` diff --git a/website/source/docs/commands/acl/binding-rule.html.md.erb b/website/source/docs/commands/acl/binding-rule.html.md.erb new file mode 100644 index 0000000000..07eee71109 --- /dev/null +++ b/website/source/docs/commands/acl/binding-rule.html.md.erb @@ -0,0 +1,91 @@ +--- +layout: "docs" +page_title: "Commands: ACL Binding Rule" +sidebar_current: "docs-commands-acl-binding-rule" +--- + +# Consul ACL Binding Rules + +Command: `consul acl binding-rule` + +The `acl binding-rule` command is used to manage Consul's ACL binding rules. +It exposes commands for creating, updating, reading, deleting, and listing binding rules. +This command is available in Consul 1.5.0 and newer. + +ACL binding rules may also be managed via the [HTTP API](/api/acl/binding-rules.html). + +-> **Note:** All of the example subcommands in this document will require a valid +Consul token with the appropriate permissions. Either set the +`CONSUL_HTTP_TOKEN` environment variable to the token's secret ID or pass the +secret ID as the value of the `-token` parameter. + +## Usage + +Usage: `consul acl binding-rule ` + +For the exact documentation for your Consul version, run `consul acl +binding-rule -h` to view the complete list of subcommands. + +```text +Usage: consul acl binding-rule [options] [args] + + ... + +Subcommands: + create Create an ACL binding rule + delete Delete an ACL binding rule + list Lists ACL binding rules + read Read an ACL binding rule + update Update an ACL binding rule +``` + +For more information, examples, and usage about a subcommand, click on the name +of the subcommand in the sidebar. + +## Identifying Binding Rules + +Several of the subcommands need to operate on a specific binding rule. Those +subcommands support specifying the binding rule by its ID using the `-id` +parameter. + +When specifying the binding rule by its ID a unique binding rule ID prefix may +be specified instead of the entire UUID. As long as it is unique it will be +resolved to the full UUID and used. + +## Basic Examples + +Create a new binding rule: + +```sh +$ consul acl binding-rule create \ + -method=minikube \ + -bind-type=service \ + -bind-name='k8s-${serviceaccount.name}' \ + -selector='serviceaccount.namespace==default and serviceaccount.name==web' +``` + +List all binding rules: + +```sh +$ consul acl binding-rule list +``` + +Update a binding rule: + +```sh +$ consul acl binding-rule update -id=43cb72df-9c6f-4315-ac8a-01a9d98155ef \ + -bind-name='k8s-${serviceaccount.name}' +``` + +Read a binding rule: + +```sh +$ consul acl binding-rule read -id fdabbcb5-9de5-4b1a-961f-77214ae88cba +``` + +Delete a binding rule: + +```sh +$ consul acl binding-rule delete -id b6b856da-5193-4e78-845a-7d61ca8371ba +``` + diff --git a/website/source/docs/commands/acl/binding-rule/create.html.md.erb b/website/source/docs/commands/acl/binding-rule/create.html.md.erb new file mode 100644 index 0000000000..e14fa02950 --- /dev/null +++ b/website/source/docs/commands/acl/binding-rule/create.html.md.erb @@ -0,0 +1,72 @@ +--- +layout: "docs" +page_title: "Commands: ACL Binding Rule Create" +sidebar_current: "docs-commands-acl-binding-rule-create" +--- + +# Consul ACL Binding Rule Create + +Command: `consul acl binding-rule create` + +The `acl binding-rule create` command creates new binding rules. + +## Usage + +Usage: `consul acl binding-rule create [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-bind-name=` - Name to bind on match. Can use `${var}` + interpolation. This flag is required. + +* `-bind-type=` - Type of binding to perform (`"service"` or `"role"`). + +* `-description=` - A description of the binding rule. + +* `-meta` - Indicates that binding rule metadata such as the raft + indices should be shown for each entry. + +* `-method=` - The auth method's name for which this binding rule + applies. This flag is required. + +* `-selector=` - Selector is an expression that matches against + verified identity attributes returned from the auth method during login. + +## Examples + +Create a new binding rule that binds to a service identity: + +```sh +$ consul acl binding-rule create -method 'minikube' \ + -description 'wildcard service' \ + -bind-type 'service' \ + -bind-name 'k8s-${serviceaccount.name}' \ + -selector 'serviceaccount.namespace==default and serviceaccount.name!=vault' +ID: 0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890 +AuthMethod: minikube +Description: wildcard service +BindType: service +BindName: k8s-${serviceaccount.name} +Selector: serviceaccount.namespace==default and serviceaccount.name!=vault +``` + +Create a new binding rule that binds to a role: + +```sh +$ consul acl binding-rule create -method 'minikube' \ + -description 'just vault role' \ + -bind-type 'role' \ + -bind-name 'vault' \ + -selector 'serviceaccount.namespace==default and serviceaccount.name==vault' +ID: e21ae868-7b13-a230-0235-f8e83510642c +AuthMethod: minikube +Description: just vault role +BindType: role +BindName: vault +Selector: serviceaccount.namespace==default and serviceaccount.name==vault +``` diff --git a/website/source/docs/commands/acl/binding-rule/delete.html.md.erb b/website/source/docs/commands/acl/binding-rule/delete.html.md.erb new file mode 100644 index 0000000000..872e08e91b --- /dev/null +++ b/website/source/docs/commands/acl/binding-rule/delete.html.md.erb @@ -0,0 +1,34 @@ +--- +layout: "docs" +page_title: "Commands: ACL Binding Rule Delete" +sidebar_current: "docs-commands-acl-binding-rule-delete" +--- + +# Consul ACL Binding Rule Delete + +Command: `consul acl binding-rule delete` + +The `acl binding-rule delete` command deletes a binding rule. + +## Usage + +Usage: `consul acl binding-rule delete [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the binding rule to delete. It may be specified as a + unique ID prefix but will error if the prefix matches multiple binding rule IDs. + +## Examples + +Delete a binding rule: + +```sh +$ consul acl binding-rule delete -id 0ec1bd +Binding rule "0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890" deleted successfully +``` diff --git a/website/source/docs/commands/acl/binding-rule/list.html.md.erb b/website/source/docs/commands/acl/binding-rule/list.html.md.erb new file mode 100644 index 0000000000..a28d034fe9 --- /dev/null +++ b/website/source/docs/commands/acl/binding-rule/list.html.md.erb @@ -0,0 +1,67 @@ +--- +layout: "docs" +page_title: "Commands: ACL Binding Rule List" +sidebar_current: "docs-commands-acl-binding-rule-list" +--- + +# Consul ACL Binding Rule List + +Command: `consul acl binding-rule list` + +The `acl binding-rule list` command lists all binding rules. By default it will not show metadata. + +## Usage + +Usage: `consul acl binding-rule list` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-meta` - Indicates that binding rule metadata such as the raft indices + should be shown for each entry. + +## Examples + +Default listing. + +```sh +$ consul acl binding-rule list +0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890: + AuthMethod: minikube + Description: wildcard service + BindType: service + BindName: k8s-${serviceaccount.name} + Selector: serviceaccount.namespace==default +e21ae868-7b13-a230-0235-f8e83510642c: + AuthMethod: minikube + Description: just vault role + BindType: role + BindName: vault + Selector: serviceaccount.namespace==default and serviceaccount.name==vault +``` + +Show Metadata. + +```sh +$ consul acl binding-rule list -meta +0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890: + AuthMethod: minikube + Description: wildcard service + BindType: service + BindName: k8s-${serviceaccount.name} + Selector: serviceaccount.namespace==default + Create Index: 558 + Modify Index: 583 +e21ae868-7b13-a230-0235-f8e83510642c: + AuthMethod: minikube + Description: just vault role + BindType: role + BindName: vault + Selector: serviceaccount.namespace==default and serviceaccount.name==vault + Create Index: 593 + Modify Index: 593 +``` diff --git a/website/source/docs/commands/acl/binding-rule/read.html.md.erb b/website/source/docs/commands/acl/binding-rule/read.html.md.erb new file mode 100644 index 0000000000..aa1ec22edf --- /dev/null +++ b/website/source/docs/commands/acl/binding-rule/read.html.md.erb @@ -0,0 +1,42 @@ +--- +layout: "docs" +page_title: "Commands: ACL Binding Rule Read" +sidebar_current: "docs-commands-acl-binding-rule-read" +--- + +# Consul ACL Binding Rule Read + +Command: `consul acl binding-rule read` + +The `acl binding-rule read` command reads and displays a binding rules details. + +## Usage + +Usage: `consul acl binding-rule read [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the binding rule to read. It may be specified as a unique ID + prefix but will error if the prefix matches multiple binding rule IDs. + +* `-meta` - Indicates that binding rule metadata such as the raft + indices should be shown for each entry. + +## Examples + +Get binding rule details: + +```sh +$ consul acl binding-rule read -id '0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890' +ID: 0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890 +AuthMethod: minikube +Description: wildcard service +BindType: service +BindName: k8s-${serviceaccount.name} +Selector: serviceaccount.namespace==default and serviceaccount.name!=vault +``` diff --git a/website/source/docs/commands/acl/binding-rule/update.html.md.erb b/website/source/docs/commands/acl/binding-rule/update.html.md.erb new file mode 100644 index 0000000000..70abd00e6f --- /dev/null +++ b/website/source/docs/commands/acl/binding-rule/update.html.md.erb @@ -0,0 +1,61 @@ +--- +layout: "docs" +page_title: "Commands: ACL Binding Rule Update" +sidebar_current: "docs-commands-acl-binding-rule-update" +--- + +# Consul ACL Binding Rule Update + +Command: `consul acl binding-rule update` + +The `acl binding-rule update` command is used to update a binding rule. The +default operations is to merge the current binding rule with those values +provided to the command invocation. Therefore to update just one field, only +the `-id` option and the option to modify must be provided. + +## Usage + +Usage: `consul acl binding-rule update [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-bind-name=` - Name to bind on match. Can use `${var}` + interpolation. This flag is required. + +* `-bind-type=` - Type of binding to perform (`"service"` or `"role"`). + +* `-description=` - A description of the binding rule. + +* `-id=` - The ID of the binding rule to update. It may be specified as a + unique ID prefix but will error if the prefix matches multiple binding rule IDs + +* `-meta` - Indicates that binding rule metadata such as the raft + indices should be shown for each entry. + +* `-no-merge` - Do not merge the current binding rule information with what is + provided to the command. Instead overwrite all fields with the exception of the + binding rule ID which is immutable. + +* `-selector=` - Selector is an expression that matches against + verified identity attributes returned from the auth method during login. + +## Examples + +Update a binding rule: + +```sh +$ consul acl binding-rule update -id '0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890' \ + -selector 'serviceaccount.namespace==default' +Binding rule updated successfully +ID: 0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890 +AuthMethod: minikube +Description: wildcard service +BindType: service +BindName: k8s-${serviceaccount.name} +Selector: serviceaccount.namespace==default +``` diff --git a/website/source/docs/commands/acl/acl-bootstrap.html.md.erb b/website/source/docs/commands/acl/bootstrap.html.md.erb similarity index 100% rename from website/source/docs/commands/acl/acl-bootstrap.html.md.erb rename to website/source/docs/commands/acl/bootstrap.html.md.erb diff --git a/website/source/docs/commands/acl/policy.html.md.erb b/website/source/docs/commands/acl/policy.html.md.erb new file mode 100644 index 0000000000..aa4031097d --- /dev/null +++ b/website/source/docs/commands/acl/policy.html.md.erb @@ -0,0 +1,97 @@ +--- +layout: "docs" +page_title: "Commands: ACL Policy" +sidebar_current: "docs-commands-acl-policy" +--- + +# Consul ACL Policies + +Command: `consul acl policy` + +The `acl policy` command is used to manage Consul's ACL policies. +It exposes commands for creating, updating, reading, deleting, and listing policies. +This command is available in Consul 1.4.0 and newer. + +ACL policies may also be managed via the [HTTP API](/api/acl/policies.html). + +-> **Note:** All of the example subcommands in this document will require a valid +Consul token with the appropriate permissions. Either set the +`CONSUL_HTTP_TOKEN` environment variable to the token's secret ID or pass the +secret ID as the value of the `-token` parameter. + +## Usage + +Usage: `consul acl policy ` + +For the exact documentation for your Consul version, run `consul acl +policy -h` to view the complete list of subcommands. + +```text +Usage: consul acl policy [options] [args] + + ... + +Subcommands: + create Create an ACL policy + delete Delete an ACL policy + list Lists ACL policies + read Read an ACL policy + update Update an ACL policy +``` + +For more information, examples, and usage about a subcommand, click on the name +of the subcommand in the sidebar. + +## Identifying Policies + +Several of the subcommands need to operate on a specific policy. Those +subcommands support specifying the policy by its ID using the `-id` parameter +or by name using the `-name` parameter. + +When specifying the policy by its ID a unique policy ID prefix may be specified +instead of the entire UUID. As long as it is unique it will be resolved to the +full UUID and used. Additionally builtin policy names will be accepted as the +value to the `-id` parameter. Even if the builtin policies are renamed their +original name can be used to operate on them. + +Builtin policies: + +| Policy UUID | Policy Name | +| ------------------------------------ | ----------------- | +| 00000000-0000-0000-0000-000000000001 | global-management | + +## Basic Examples + +Create a new ACL policy: + +```sh +$ consul acl policy create -name "new-policy" \ + -description "This is an example policy" \ + -datacenter "dc1" \ + -datacenter "dc2" \ + -rules @rules.hcl +``` + +List all policies: + +```sh +$ consul acl policy list +``` + +Update a policy: + +```sh +$ consul acl policy update -name "other-policy" -datacenter "dc1" +``` + +Read a policy: + +```sh +$ consul acl policy read -id 0479e93e-091c-4475-9b06-79a004765c24 +``` + +Delete a policy + +```sh +$ consul acl policy delete -name "my-policy" +``` diff --git a/website/source/docs/commands/acl/policy/create.html.md.erb b/website/source/docs/commands/acl/policy/create.html.md.erb new file mode 100644 index 0000000000..462958c7a3 --- /dev/null +++ b/website/source/docs/commands/acl/policy/create.html.md.erb @@ -0,0 +1,104 @@ +--- +layout: "docs" +page_title: "Commands: ACL Policy Create" +sidebar_current: "docs-commands-acl-policy-create" +--- + +# Consul ACL Policy Create + +Command: `consul acl policy create` + +The `acl policy create` command creates new policies. The policies rules can either be set explicitly or the +`-from-token` parameter may be used to load the rules from a legacy ACL token. When loading +the rules from an existing legacy ACL token, the rules get translated from the legacy syntax +to the new syntax. + +Both the `-rules` and `-from-token` parameter values allow loading the value +from stdin, a file or the raw value. To use stdin pass `-` as the value. +To load the value from a file prefix the value with an `@`. Any other +values will be used directly. + +-> **Deprecated:** The `-from-token` and `-token-secret` arguments exist only as a convenience +to make legacy ACL migration easier. These will be removed in a future major release when +support for the legacy ACL system is removed. + +## Usage + +Usage: `consul acl policy create [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the policy. + +* `-from-token=` - The legacy token to retrieve the rules for when creating this + policy. When this is specified no other rules should be given. + Similar to the -rules option the token to use can be loaded from + stdin or from a file. + +* `-meta` - Indicates that policy metadata such as the content hash and raft + indices should be shown for each entry. + +* `-name=` - The new policy's name. This flag is required. + +* `-rules=` - The policy rules. May be prefixed with '@' to indicate that the + value is a file path to load the rules from. '-' may also be given + to indicate that the rules are available on stdin. + +* `-token-secret` - Indicates the token provided with -from-token is a SecretID and not + an AccessorID. + +* `-valid-datacenter=` - Datacenter that the policy should be valid within. + This flag may be specified multiple times. + +## Examples + +Create a new policy that is valid in all datacenters: + +```sh +$ consul acl policy create -name "acl-replication" -description "Policy capable of replicating ACL policies" -rules 'acl = "read"' +ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 +Name: acl-replication +Description: Policy capable of replicating ACL policies +Datacenters: +Rules: +acl = "read" +``` + +Create a new policy valid only in specific datacenters with rules read from a file: + +```sh +$ consul acl policy create -name "replication" -description "Replication" -rules @rules.hcl -valid-datacenter dc1 -valid-datacenter dc2 +ID: ca44555b-a2d8-94de-d763-88caffdaf11f +Name: replication +Description: Replication +Datacenters: dc1, dc2 +Rules: +acl = "read" +service_prefix "" { + policy = "read" + intentions = "read" +} +``` + +Create a new policy with rules equivalent to that of a legacy ACL token: + +```sh +$ consul acl policy create -name "node-services-read" -from-token 5793a5ce -description "Can read any node and service" +ID: 06acc965-df4b-5a99-58cb-3250930c6324 +Name: node-services-read +Description: Can read any node and service +Datacenters: +Rules: +service_prefix "" { + policy = "read" +} + +node_prefix "" { + policy = "read" +} +``` diff --git a/website/source/docs/commands/acl/policy/delete.html.md.erb b/website/source/docs/commands/acl/policy/delete.html.md.erb new file mode 100644 index 0000000000..c7bc61e14e --- /dev/null +++ b/website/source/docs/commands/acl/policy/delete.html.md.erb @@ -0,0 +1,43 @@ +--- +layout: "docs" +page_title: "Commands: ACL Policy Delete" +sidebar_current: "docs-commands-acl-policy-delete" +--- + +# Consul ACL Policy Delete + +Command: `consul acl policy delete` + +The `acl policy delete` command deletes a policy. Policies may be deleted by their ID or by name. + +## Usage + +Usage: `consul acl policy delete [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the policy to delete. It may be specified as a + unique ID prefix but will error if the prefix matches multiple policy IDs. + +* `-name=` - The Name of the policy to delete. + +## Examples + +Delete a policy: + +```sh +$ consul acl policy delete -id 35b8 +Policy "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully +``` + +Delete a policy by name: + +```sh +$ consul acl policy delete -name acl-replication +Policy "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully +``` diff --git a/website/source/docs/commands/acl/policy/list.html.md.erb b/website/source/docs/commands/acl/policy/list.html.md.erb new file mode 100644 index 0000000000..a321737c79 --- /dev/null +++ b/website/source/docs/commands/acl/policy/list.html.md.erb @@ -0,0 +1,68 @@ +--- +layout: "docs" +page_title: "Commands: ACL Policy List" +sidebar_current: "docs-commands-acl-policy-list" +--- + +# Consul ACL Policy List + +Command: `consul acl policy list` + +The `acl policy list` command lists all policies. By default it will not show metadata. + +## Usage + +Usage: `consul acl policy list` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-meta` - Indicates that policy metadata such as the content hash and + Raft indices should be shown for each entry. + +## Examples + +Default listing. + +```sh +$ consul acl policy list +global-management: + ID: 00000000-0000-0000-0000-000000000001 + Description: Builtin Policy that grants unlimited access + Datacenters: +acl-replication: + ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 + Description: Policy capable of replicating ACL policies + Datacenters: +``` + +Show Metadata. + +```sh +$ consul acl policy list -meta +global-management: + ID: 00000000-0000-0000-0000-000000000001 + Description: Builtin Policy that grants unlimited access + Datacenters: + Hash: b30210b7aba9facd1c57891e3df27669174a08b690cb2905e0797535f75eba69 + Create Index: 4 + Modify Index: 4 +node-services-read: + ID: 06acc965-df4b-5a99-58cb-3250930c6324 + Description: Can read any node and service + Datacenters: + Hash: 19d2a73dcd315506af73bfff1492779a0dc0235066fcac07f432fb2cc3402133 + Create Index: 244 + Modify Index: 244 +acl-replication: + ID: ca44555b-a2d8-94de-d763-88caffdaf11f + Description: Token capable of replicating ACL policies + Datacenters: dc1, dc2 + Hash: b94669679cc24e0d064412e4aa90b470b7f900a8e0801f65feaf1f7d716a5390 + Create Index: 198 + Modify Index: 198 +``` diff --git a/website/source/docs/commands/acl/policy/read.html.md.erb b/website/source/docs/commands/acl/policy/read.html.md.erb new file mode 100644 index 0000000000..ebe586dca2 --- /dev/null +++ b/website/source/docs/commands/acl/policy/read.html.md.erb @@ -0,0 +1,123 @@ +--- +layout: "docs" +page_title: "Commands: ACL Policy Read" +sidebar_current: "docs-commands-acl-policy-read" +--- + +# Consul ACL Policy Read + +Command: `consul acl policy read` + +The `acl policy read` command reads and displays a policies details. + +## Usage + +Usage: `consul acl policy read [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the policy to read. It may be specified as a unique ID + prefix but will error if the prefix matches multiple policy IDs. + +* `-meta` - Indicates that policy metadata such as the content hash and raft + indices should be shown for each entry. + +* `-name=` - The name of the policy to read. + +## Examples + +Get policy details: + +```sh +$ consul acl policy read -id 00000000-0000-0000-0000-000000000001 +ID: 00000000-0000-0000-0000-000000000001 +Name: global-management +Description: Builtin Policy that grants unlimited access +Datacenters: +Rules: + +acl = "write" +agent_prefix "" { + policy = "write" +} +event_prefix "" { + policy = "write" +} +key_prefix "" { + policy = "write" +} +keyring = "write" +node_prefix "" { + policy = "write" +} +operator = "write" +query_prefix "" { + policy = "write" +} +service_prefix "" { + policy = "write" + intentions = "write" +} +session_prefix "" { + policy = "write" +} +``` + +Get policy details by name: + +```sh +$ consul acl policy read -name "acl-replication" +ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 +Name: acl-replication +Description: Token capable of replicating ACL policies +Datacenters: +Rules: +acl = "read" +``` + +Get policy details (Builtin Policies): + +Builtin policies can be accessed by specifying their original name as the value to the `-id` parameter. + +```sh +$ consul acl policy read -id global-management +ID: 00000000-0000-0000-0000-000000000001 +Name: global-management +Description: Builtin Policy that grants unlimited access +Datacenters: +Hash: b30210b7aba9facd1c57891e3df27669174a08b690cb2905e0797535f75eba69 +Create Index: 4 +Modify Index: 4 +Rules: + +acl = "write" +agent_prefix "" { + policy = "write" +} +event_prefix "" { + policy = "write" +} +key_prefix "" { + policy = "write" +} +keyring = "write" +node_prefix "" { + policy = "write" +} +operator = "write" +query_prefix "" { + policy = "write" +} +service_prefix "" { + policy = "write" + intentions = "write" +} +session_prefix "" { + policy = "write" +} +``` diff --git a/website/source/docs/commands/acl/policy/update.html.md.erb b/website/source/docs/commands/acl/policy/update.html.md.erb new file mode 100644 index 0000000000..5e6fe98b4f --- /dev/null +++ b/website/source/docs/commands/acl/policy/update.html.md.erb @@ -0,0 +1,85 @@ +--- +layout: "docs" +page_title: "Commands: ACL Policy Update" +sidebar_current: "docs-commands-acl-policy-update" +--- + +# Consul ACL Policy Update + +Command: `consul acl policy update` + +The `acl policy update` command is used to update a policy. The default operations is to merge the current policy +with those values provided to the command invocation. Therefore to update just one field, only +the `-id` or `-name` options and the option to modify must be provided. Note that renaming +policies requires both the `-id` and `-name` as the new name cannot yet be used to lookup the +policy. + +## Usage + +Usage: `consul acl policy update [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the policy. + +* `-id=` - The ID of the policy to update. It may be specified as a + unique ID prefix but will error if the prefix matches multiple policy IDs + +* `-meta` - Indicates that policy metadata such as the content hash and raft + indices should be shown for each entry + +* `-name=` - The policy's name. + +* `-no-merge` - Do not merge the current policy information with what is provided + to the command. Instead overwrite all fields with the exception of + the policy ID which is immutable. + +* `-rules=` - The policy rules. May be prefixed with `@` to indicate that + the value is a file path to load the rules from. `-` may also be given to + indicate that the rules are available on stdin. + +* `-valid-datacenter=` - Datacenter that the policy should be valid within. + This flag may be specified multiple times. + +## Examples + +Update a policy: + +```sh +$ consul acl policy update -id 35b8 -name "replication" -description "Policy capable of replication ACL policies and Intentions" -rules @rules.hcl +Policy updated successfully +ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 +Name: replication +Description: Policy capable of replication ACL policies and Intentions +Datacenters: +Rules: +acl = "read" + +service_prefix "" { + policy = "read" + intentions = "read" +} +``` + +Rename a policy: + +```sh +$ consul acl policy update -id 35b8 -name "dc1-replication" +Policy updated successfully +ID: 35b8ecb0-707c-ee18-2002-81b238b54b38 +Name: dc1-replication +Description: Policy capable of replication ACL policies and Intentions +Datacenters: dc1 +Rules: +acl = "read" + +service_prefix "" { + policy = "read" + intentions = "read" +} +``` diff --git a/website/source/docs/commands/acl/role.html.md.erb b/website/source/docs/commands/acl/role.html.md.erb new file mode 100644 index 0000000000..c9689d7d4f --- /dev/null +++ b/website/source/docs/commands/acl/role.html.md.erb @@ -0,0 +1,87 @@ +--- +layout: "docs" +page_title: "Commands: ACL Role" +sidebar_current: "docs-commands-acl-role" +--- + +# Consul ACL Roles + +Command: `consul acl role` + +The `acl role` command is used to manage Consul's ACL roles. +It exposes commands for creating, updating, reading, deleting, and listing roles. +This command is available in Consul 1.5.0 and newer. + +ACL roles may also be managed via the [HTTP API](/api/acl/roles.html). + +-> **Note:** All of the example subcommands in this document will require a valid +Consul token with the appropriate permissions. Either set the +`CONSUL_HTTP_TOKEN` environment variable to the token's secret ID or pass the +secret ID as the value of the `-token` parameter. + +## Usage + +Usage: `consul acl role ` + +For the exact documentation for your Consul version, run `consul acl +role -h` to view the complete list of subcommands. + +```text +Usage: consul acl role [options] [args] + + ... + +Subcommands: + create Create an ACL role + delete Delete an ACL role + list Lists ACL roles + read Read an ACL role + update Update an ACL role +``` + +For more information, examples, and usage about a subcommand, click on the name +of the subcommand in the sidebar. + +## Identifying Roles + +Several of the subcommands need to operate on a specific role. Those +subcommands support specifying the role by its ID using the `-id` parameter +or by name using the `-name` parameter. + +When specifying the role by its ID a unique role ID prefix may be specified +instead of the entire UUID. As long as it is unique it will be resolved to the +full UUID and used. + +## Basic Examples + +Create a new ACL role: + +```sh +$ consul acl role create -name "new-role" \ + -description "This is an example role" \ + -policy-id 06acc965 +``` + +List all roles: + +```sh +$ consul acl role list +``` + +Update a role: + +```sh +$ consul acl role update -name "other-role" -datacenter "dc1" +``` + +Read a role: + +```sh +$ consul acl role read -id 0479e93e-091c-4475-9b06-79a004765c24 +``` + +Delete a role + +```sh +$ consul acl role delete -name "my-role" +``` diff --git a/website/source/docs/commands/acl/role/create.html.md.erb b/website/source/docs/commands/acl/role/create.html.md.erb new file mode 100644 index 0000000000..092fb73c8e --- /dev/null +++ b/website/source/docs/commands/acl/role/create.html.md.erb @@ -0,0 +1,63 @@ +--- +layout: "docs" +page_title: "Commands: ACL Role Create" +sidebar_current: "docs-commands-acl-role-create" +--- + +# Consul ACL Role Create + +Command: `consul acl role create` + +The `acl role create` command creates new roles. + +## Usage + +Usage: `consul acl role create [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the role. + +* `-meta` - Indicates that role metadata such as the content hash and raft + indices should be shown for each entry. + +* `-name=` - The new role's name. This flag is required. + +* `-policy-id=` - ID of a policy to use for this role. May be specified + multiple times + +* `-policy-name=` - Name of a policy to use for this role. May be + specified multiple times + +* `-service-identity=` - Name of a service identity to use for this + role. May be specified multiple times. Format is the `SERVICENAME` or + `SERVICENAME:DATACENTER1,DATACENTER2,...` + +## Examples + +Create a new role with one policy: + +```sh +$ consul acl role create -name "crawler" -description "web crawler role" -policy-name "crawler-kv" +ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 +Name: crawler +Description: web crawler role +Policies: + 2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv +``` + +Create a new role with one service identity: + +```sh +$ consul acl role create -name archiver -description 'archiver role' -service-identity "archiver:dc2" +ID: a365fdc9-ac71-e754-0645-7ab6bd747301 +Name: archiver +Description: archiver role +Service Identities: + archiver (Datacenters: dc2) +``` diff --git a/website/source/docs/commands/acl/role/delete.html.md.erb b/website/source/docs/commands/acl/role/delete.html.md.erb new file mode 100644 index 0000000000..16a0b55204 --- /dev/null +++ b/website/source/docs/commands/acl/role/delete.html.md.erb @@ -0,0 +1,43 @@ +--- +layout: "docs" +page_title: "Commands: ACL Role Delete" +sidebar_current: "docs-commands-acl-role-delete" +--- + +# Consul ACL Role Delete + +Command: `consul acl role delete` + +The `acl role delete` command deletes a role. Roles may be deleted by their ID or by name. + +## Usage + +Usage: `consul acl role delete [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the role to delete. It may be specified as a + unique ID prefix but will error if the prefix matches multiple role IDs. + +* `-name=` - The Name of the role to delete. + +## Examples + +Delete a role by prefix: + +```sh +$ consul acl role delete -id 57147 +Role "57147d87-6bf7-f794-1a6e-7d038c4e4ae9" deleted successfully +``` + +Delete a role by name: + +```sh +$ consul acl role delete -name crawler +Role "a365fdc9-ac71-e754-0645-7ab6bd747301" deleted successfully +``` diff --git a/website/source/docs/commands/acl/role/list.html.md.erb b/website/source/docs/commands/acl/role/list.html.md.erb new file mode 100644 index 0000000000..f2f2da4d0a --- /dev/null +++ b/website/source/docs/commands/acl/role/list.html.md.erb @@ -0,0 +1,69 @@ +--- +layout: "docs" +page_title: "Commands: ACL Role List" +sidebar_current: "docs-commands-acl-role-list" +--- + +# Consul ACL Role List + +Command: `consul acl role list` + +The `acl role list` command lists all roles. By default it will not show metadata. + +## Usage + +Usage: `consul acl role list` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-meta` - Indicates that role metadata such as the content hash and + Raft indices should be shown for each entry. + +## Examples + +Default listing. + +```sh +$ consul acl role list +web-crawler: + ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 + Description: web crawler updated role + Policies: + 2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv + Service Identities: + crawler (Datacenters: all) +archiver: + ID: a365fdc9-ac71-e754-0645-7ab6bd747301 + Description: archiver role + Service Identities: + archiver (Datacenters: dc2) +``` + +Show Metadata. + +```sh +$ consul acl role list -meta +web-crawler: + ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 + Description: web crawler updated role + Hash: 3bd7c15a77c8d1d45c515378f1176df2e6f76d9c96d541f96de8272ff4dba7b5 + Create Index: 18 + Modify Index: 39 + Policies: + 2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv + Service Identities: + crawler (Datacenters: all) +archiver: + ID: a365fdc9-ac71-e754-0645-7ab6bd747301 + Description: archiver role + Hash: 9af397ea92ee901366d6333c658195be16f4aee8aa64d2b529b921c879b70a58 + Create Index: 22 + Modify Index: 22 + Service Identities: + archiver (Datacenters: dc2) +``` diff --git a/website/source/docs/commands/acl/role/read.html.md.erb b/website/source/docs/commands/acl/role/read.html.md.erb new file mode 100644 index 0000000000..483a899255 --- /dev/null +++ b/website/source/docs/commands/acl/role/read.html.md.erb @@ -0,0 +1,54 @@ +--- +layout: "docs" +page_title: "Commands: ACL Role Read" +sidebar_current: "docs-commands-acl-role-read" +--- + +# Consul ACL Role Read + +Command: `consul acl role read` + +The `acl role read` command reads and displays a roles details. + +## Usage + +Usage: `consul acl role read [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the role to read. It may be specified as a unique ID + prefix but will error if the prefix matches multiple role IDs. + +* `-meta` - Indicates that role metadata such as the content hash and raft + indices should be shown for each entry. + +* `-name=` - The name of the role to read. + +## Examples + +Get role details: + +```sh +$ consul acl role read -id 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 +ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 +Name: crawler +Description: web crawler role +Policies: + 2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv +``` + +Get role details by name: + +```sh +$ consul acl role read -name archiver +ID: a365fdc9-ac71-e754-0645-7ab6bd747301 +Name: archiver +Description: archiver role +Service Identities: + archiver (Datacenters: dc2) +``` diff --git a/website/source/docs/commands/acl/role/update.html.md.erb b/website/source/docs/commands/acl/role/update.html.md.erb new file mode 100644 index 0000000000..867e233870 --- /dev/null +++ b/website/source/docs/commands/acl/role/update.html.md.erb @@ -0,0 +1,81 @@ +--- +layout: "docs" +page_title: "Commands: ACL Role Update" +sidebar_current: "docs-commands-acl-role-update" +--- + +# Consul ACL Role Update + +Command: `consul acl role update` + +The `acl role update` command is used to update a role. The default operations is to merge the +current role with those values provided to the command invocation. Therefore to +update just one field, only the `-id` or `-name` options and the option to +modify must be provided. Note that renaming roles requires both the `-id` and +`-name` as the new name cannot yet be used to lookup the role. + +## Usage + +Usage: `consul acl role update [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the role. + +* `-id=` - The ID of the role to update. It may be specified as a + unique ID prefix but will error if the prefix matches multiple role IDs + +* `-meta` - Indicates that role metadata such as the content hash and raft + indices should be shown for each entry + +* `-name=` - The role name. + +* `-no-merge` - Do not merge the current role information with what is provided + to the command. Instead overwrite all fields with the exception of the role + ID which is immutable. + +* `-policy-id=` - ID of a policy to use for this role. May be specified + multiple times + +* `-policy-name=` - Name of a policy to use for this role. May be + specified multiple times + +* `-service-identity=` - Name of a service identity to use for this + role. May be specified multiple times. Format is the `SERVICENAME` or + `SERVICENAME:DATACENTER1,DATACENTER2,...` + +## Examples + +Update a role: + +```sh +$ consul acl role update -id 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 \ + -description 'web crawler updated role' -service-identity 'crawler' +Role updated successfully +ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 +Name: crawler +Description: web crawler updated role +Policies: + 2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv +Service Identities: + crawler (Datacenters: all) +``` + +Rename a role by prefix: + +```sh +$ consul acl role update -id 57147 -name web-crawler +Role updated successfully +ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9 +Name: web-crawler +Description: web crawler updated role +Policies: + 2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv +Service Identities: + crawler (Datacenters: all) +``` diff --git a/website/source/docs/commands/acl/acl-set-agent-token.html.md.erb b/website/source/docs/commands/acl/set-agent-token.html.md.erb similarity index 100% rename from website/source/docs/commands/acl/acl-set-agent-token.html.md.erb rename to website/source/docs/commands/acl/set-agent-token.html.md.erb diff --git a/website/source/docs/commands/acl/token.html.md.erb b/website/source/docs/commands/acl/token.html.md.erb new file mode 100644 index 0000000000..f57ca0d1bd --- /dev/null +++ b/website/source/docs/commands/acl/token.html.md.erb @@ -0,0 +1,93 @@ +--- +layout: "docs" +page_title: "Commands: ACL Token" +sidebar_current: "docs-commands-acl-token" +--- + +# Consul ACL Tokens + +Command: `consul acl token` + +The `acl token` command is used to manage Consul's ACL tokens. +It exposes commands for creating, updating, reading, deleting, and listing tokens. +This command is available in Consul 1.4.0 and newer. + +ACL tokens may also be managed via the [HTTP API](/api/acl/tokens.html). + +-> **Note:** All of the example subcommands in this document will require a valid +Consul token with the appropriate permissions. Either set the +`CONSUL_HTTP_TOKEN` environment variable to the token's secret ID or pass the +secret ID as the value of the `-token` parameter. + +## Usage + +Usage: `consul acl token ` + +For the exact documentation for your Consul version, run `consul acl +token -h` to view the complete list of subcommands. + +```text +Usage: consul acl token [options] [args] + + ... + +Subcommands: + clone Clone an ACL token + create Create an ACL token + delete Delete an ACL token + list List ACL tokens + read Read an ACL token + update Update an ACL token +``` + +For more information, examples, and usage about a subcommand, click on the name +of the subcommand in the sidebar. + +## Identifying Tokens + +Several of the subcommands need to operate on a specific token. Those +subcommands support specifying the token by its ID using the `-id` parameter. + +The ID may be specified as a unique UUID prefix instead of the entire UUID. As +long as it is unique it will be resolve to the full UUID and used. Additionally +builtin token names will be accepted as the value of the `-id`. + +Builtin Tokens: + +| Token UUID | Token Name | +| ------------------------------------ | ----------------- | +| 00000000-0000-0000-0000-000000000002 | anonymous | + +## Basic Examples + +Create a new ACL token: + +```sh +$ consul acl token create \ + -description "This is an example token" \ + -policy-id 06acc965 +``` + +List all tokens: + +```sh +$ consul acl token list +``` + +Update a token: + +```sh +$ consul acl token update -id 986193 -description "WonderToken" +``` + +Read a token with an accessor ID: + +```sh +$ consul acl token read -id 986193 +``` + +Delete a token + +```sh +$ consul acl token delete -id 986193 +``` diff --git a/website/source/docs/commands/acl/token/clone.html.md.erb b/website/source/docs/commands/acl/token/clone.html.md.erb new file mode 100644 index 0000000000..e6d94eb6ad --- /dev/null +++ b/website/source/docs/commands/acl/token/clone.html.md.erb @@ -0,0 +1,45 @@ +--- +layout: "docs" +page_title: "Commands: ACL Token Clone" +sidebar_current: "docs-commands-acl-token-clone" +--- + +# Consul ACL Token Clone + +Command: `consul acl token clone` + +The `acl token clone` command clones an existing token. + +## Usage + +Usage: `consul acl token clone [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the new cloned token. + +* `-id=` - The Accessor ID of the token to clone. It may be specified + as a unique ID prefix but will error if the prefix matches multiple token + Accessor IDs. The special value of 'anonymous' may be provided instead of + the anonymous tokens accessor ID + +## Examples + +Clone a token: + +```sh +$ consul acl token clone -id 59f8 -description "Clone of Super User" +Token cloned successfully. +AccessorID: dcfa52ed-9288-b3ff-056d-255ef69d2d88 +SecretID: 0005d17e-5bb2-7e8b-7bfa-15f2eee9ad14 +Description: Clone of Super User +Local: false +Create Time: 2018-10-22 16:26:02.909096 -0400 EDT +Policies: + 00000000-0000-0000-0000-000000000001 - global-management +``` diff --git a/website/source/docs/commands/acl/token/create.html.md.erb b/website/source/docs/commands/acl/token/create.html.md.erb new file mode 100644 index 0000000000..a578404470 --- /dev/null +++ b/website/source/docs/commands/acl/token/create.html.md.erb @@ -0,0 +1,108 @@ +--- +layout: "docs" +page_title: "Commands: ACL Token Create" +sidebar_current: "docs-commands-acl-token-create" +--- + +# Consul ACL Token Create + +Command: `consul acl token create` + +This command creates new tokens. When creating a new token, policies may be linked using +either the `-policy-id` or the `-policy-name` options. When specifying policies by IDs you +may use a unique prefix of the UUID as a shortcut for specifying the entire UUID. + +## Usage + +Usage: `consul acl token create [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-accessor=` - Create the token with this Accessor ID. It must be a UUID. If not + specified one will be auto-generated + +* `-description=` - A description of the token. + +* `-expires-ttl=` - Duration of time this token should be valid for. + +* `-local` - Create this as a datacenter local token. + +* `-meta` - Indicates that token metadata such as the content hash and raft indices should be shown + for each entry. + +* `-policy-id=` - ID of a policy to use for this token. May be specified multiple times. + +* `-policy-name=` - Name of a policy to use for this token. May be specified multiple times. + +* `-role-id=` - ID of a role to use for this token. May be specified multiple times. + +* `-role-name=` - Name of a role to use for this token. May be specified multiple times. + +* `-service-identity=` - Name of a service identity to use for this + token. May be specified multiple times. Format is the `SERVICENAME` or + `SERVICENAME:DATACENTER1,DATACENTER2,...` + +* `-secret=` - Create the token with this Secret ID. It must be a UUID. If not + specified one will be auto-generated. + **Note**: The SecretID is used to authorize operations against Consul and should + be generated from an appropriate cryptographic source. + +## Examples + +Create a new token: + +```sh +$ consul acl token create -description "Read Nodes and Services" -policy-id 06acc965 +AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d +SecretID: ec15675e-2999-d789-832e-8c4794daa8d7 +Description: Read Nodes and Services +Local: false +Create Time: 2018-10-22 15:33:39.01789 -0400 EDT +Policies: + 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read +``` + +Create a new local token: + +```sh +$ consul acl token create -description "Read Nodes and Services" -policy-id 06acc965 -local +AccessorID: 4fdf0ec8-d251-3865-079c-7247c974fc50 +SecretID: 02143514-abf2-6c23-0aa1-ec2107e68f6b +Description: Read Nodes and Services +Local: true +Create Time: 2018-10-22 15:34:19.330265 -0400 EDT +Policies: + 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read +``` + +Create a new token and link with policies by name: + +```sh +$ consul acl token create -description "Super User" -policy-name global-management +AccessorID: 59f86a9b-d3b6-166c-32a0-be4ab3f94caa +SecretID: ada7f751-f654-8872-7f93-498e799158b6 +Description: Super User +Local: false +Create Time: 2018-10-22 15:35:28.787003 -0400 EDT +Policies: + 00000000-0000-0000-0000-000000000001 - global-management +``` + +Create a new token with one service identity that expires in 15 minutes: + +```sh +$ consul acl token create -description 'crawler token' -service-identity 'crawler' -expires-ttl '15m' +AccessorID: 0c083aca-6c15-f0cc-c4d9-30578db54cd9 +SecretID: 930dafb6-5c08-040b-23fb-a368a95256f9 +Description: crawler token +Local: false +Create Time: 2019-04-25 16:45:49.337687334 -0500 CDT +Expiration Time: 2019-04-25 17:00:49.337687334 -0500 CDT +Service Identities: + crawler (Datacenters: all) +``` diff --git a/website/source/docs/commands/acl/token/delete.html.md.erb b/website/source/docs/commands/acl/token/delete.html.md.erb new file mode 100644 index 0000000000..6227870a9f --- /dev/null +++ b/website/source/docs/commands/acl/token/delete.html.md.erb @@ -0,0 +1,34 @@ +--- +layout: "docs" +page_title: "Commands: ACL Token Delete" +sidebar_current: "docs-commands-acl-token-delete" +--- + +# Consul ACL Token Delete + +Command: `consul acl token delete` + +The `acl token delete` command deletes a token. + +## Usage + +Usage: `consul acl token delete [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the token to delete. It may be specified as a + unique ID prefix but will error if the prefix matches multiple token IDs. + +## Examples + +Delete a token: + +```sh +$ consul acl token delete -id 35b8 +Token "35b8ecb0-707c-ee18-2002-81b238b54b38" deleted successfully +``` diff --git a/website/source/docs/commands/acl/token/list.html.md.erb b/website/source/docs/commands/acl/token/list.html.md.erb new file mode 100644 index 0000000000..434b4b963f --- /dev/null +++ b/website/source/docs/commands/acl/token/list.html.md.erb @@ -0,0 +1,64 @@ +--- +layout: "docs" +page_title: "Commands: ACL Token List" +sidebar_current: "docs-commands-acl-token-list" +--- + +# Consul ACL Token List + +Command: `consul acl token list` + +The `acl token list` command lists all tokens. By default it will not show metadata. + +## Usage + +Usage: `consul acl token list` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-meta` - Indicates that token metadata such as the content hash and + Raft indices should be shown for each entry. + +## Examples + +Default listing. + +```sh +$ consul acl token list +AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01 +Description: Bootstrap Token (Global Management) +Local: false +Create Time: 2018-10-22 11:27:04.479026 -0400 EDT +Legacy: false +Policies: + 00000000-0000-0000-0000-000000000001 - global-management + +AccessorID: 59f86a9b-d3b6-166c-32a0-be4ab3f94caa +Description: Super User +Local: false +Create Time: 2018-10-22 15:35:28.787003 -0400 EDT +Legacy: false +Policies: + 00000000-0000-0000-0000-000000000001 - global-management + +AccessorID: 00000000-0000-0000-0000-000000000002 +Description: Anonymous Token +Local: false +Create Time: 0001-01-01 00:00:00 +0000 UTC +Legacy: false +Policies: + 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read + +AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d +Description: WonderToken +Local: false +Create Time: 2018-10-22 15:33:39.01789 -0400 EDT +Legacy: false +Policies: + 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read +``` diff --git a/website/source/docs/commands/acl/token/read.html.md.erb b/website/source/docs/commands/acl/token/read.html.md.erb new file mode 100644 index 0000000000..2f37a9d0c9 --- /dev/null +++ b/website/source/docs/commands/acl/token/read.html.md.erb @@ -0,0 +1,71 @@ +--- +layout: "docs" +page_title: "Commands: ACL Token Read" +sidebar_current: "docs-commands-acl-token-read" +--- + +# Consul ACL Token Read + +Command: `consul acl token read` + +The `acl token read` command reads and displays a token details. + +## Usage + +Usage: `consul acl token read [options] [args]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-id=` - The ID of the policy to read. It may be specified as a unique ID + prefix but will error if the prefix matches multiple policy IDs. + +* `-meta` - Indicates that policy metadata such as the content hash and raft + indices should be shown for each entry. + +* `-self` - Indicates that the current HTTP token should be read by secret ID + instead of expecting a -id option. + +## Examples + +Get token details: + +```sh +$ consul acl token read -id 986 +AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d +SecretID: ec15675e-2999-d789-832e-8c4794daa8d7 +Description: Read Nodes and Services +Local: false +Create Time: 2018-10-22 15:33:39.01789 -0400 EDT +Policies: + 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read +``` + +Get token details using the token secret ID: + +```sh +$consul acl token read -self +AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01 +SecretID: 86cddfb9-2760-d947-358d-a2811156bf31 +Description: Bootstrap Token (Global Management) +Local: false +Create Time: 2018-10-22 11:27:04.479026 -0400 EDT +Policies: + 00000000-0000-0000-0000-000000000001 - global-management +``` + +Get token details (Builtin Tokens) + +```sh +$ consul acl token read -id anonymous +AccessorID: 00000000-0000-0000-0000-000000000002 +SecretID: anonymous +Description: Anonymous Token +Local: false +Create Time: 0001-01-01 00:00:00 +0000 UTC +Policies: +``` diff --git a/website/source/docs/commands/acl/token/update.html.md.erb b/website/source/docs/commands/acl/token/update.html.md.erb new file mode 100644 index 0000000000..e2cc6232a3 --- /dev/null +++ b/website/source/docs/commands/acl/token/update.html.md.erb @@ -0,0 +1,79 @@ +--- +layout: "docs" +page_title: "Commands: ACL Token Update" +sidebar_current: "docs-commands-acl-token-update" +--- + +# Consul ACL Token Update + +Command: `consul acl token update` + +The `acl token update` command will update a token. Some parts of the token like whether the +token is local to the datacenter cannot be changed. + +## Usage + +Usage: `consul acl token update [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> +<%= partial "docs/commands/http_api_options_server" %> + +#### Command Options + +* `-description=` - A description of the token + +* `-id=` - The Accessor ID of the token to read. It may be specified as a + unique ID prefix but will error if the prefix matches multiple token Accessor IDs + +* `-merge-policies` - Merge the new policies with the existing policies. + +* `-merge-roles` - Merge the new roles with the existing roles. + +* `-merge-service-identities` - Merge the new service identities with the existing service identities. + +* `-meta` - Indicates that token metadata such as the content hash and Raft indices should be + shown for each entry. + +* `-policy-id=` - ID of a policy to use for this token. May be specified multiple times. + +* `-policy-name=` - Name of a policy to use for this token. May be specified multiple times. + +* `-role-id=` - ID of a role to use for this token. May be specified multiple times. + +* `-role-name=` - Name of a role to use for this token. May be specified multiple times. + +* `-service-identity=` - Name of a service identity to use for this + token. May be specified multiple times. Format is the `SERVICENAME` or + `SERVICENAME:DATACENTER1,DATACENTER2,...` + +## Examples + +Update the anonymous token: + +```sh +$ consul acl token update -id anonymous -policy-id 06acc +Token updated successfully. +AccessorID: 00000000-0000-0000-0000-000000000002 +SecretID: anonymous +Description: Anonymous Token +Local: false +Create Time: 0001-01-01 00:00:00 +0000 UTC +Policies: + 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read +``` + +Update a token description and take the policies from the existing token: + +```sh +$ consul acl token update -id 986193 -description "WonderToken" -merge-policies +Token updated successfully. +AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d +SecretID: ec15675e-2999-d789-832e-8c4794daa8d7 +Description: WonderToken +Local: false +Create Time: 2018-10-22 15:33:39.01789 -0400 EDT +Policies: + 06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read +``` diff --git a/website/source/docs/commands/acl/acl-translate-rules.html.md.erb b/website/source/docs/commands/acl/translate-rules.html.md.erb similarity index 100% rename from website/source/docs/commands/acl/acl-translate-rules.html.md.erb rename to website/source/docs/commands/acl/translate-rules.html.md.erb diff --git a/website/source/docs/commands/index.html.md b/website/source/docs/commands/index.html.md index 5742be6d06..59e878ba96 100644 --- a/website/source/docs/commands/index.html.md +++ b/website/source/docs/commands/index.html.md @@ -26,9 +26,11 @@ $ consul Usage: consul [--version] [--help] [] Available commands are: + acl Interact with Consul's ACLs agent Runs a Consul agent catalog Interact with the catalog connect Interact with Consul Connect + debug Records a debugging archive for operators event Fire a new event exec Executes a command on Consul nodes force-leave Forces a member of the cluster to enter the "left" state @@ -40,6 +42,8 @@ Available commands are: kv Interact with the key-value store leave Gracefully leaves the Consul cluster and shuts down lock Execute a command holding a lock + login Login to Consul using an auth method + logout Destroy a Consul token created with login maint Controls node or service maintenance mode members Lists the members of a Consul cluster monitor Stream logs from a Consul agent @@ -48,6 +52,7 @@ Available commands are: rtt Estimates network round trip time between nodes services Interact with services snapshot Saves, restores and inspects snapshots of Consul server state + tls Builtin helpers for creating CAs and certificates validate Validate config files/directories version Prints the Consul version watch Watch for changes in Consul @@ -138,6 +143,15 @@ are enabled, for example: CONSUL_HTTP_TOKEN=aba7cbe5-879b-999a-07cc-2efd9ac0ffe ``` +### `CONSUL_HTTP_TOKEN_FILE` + +This is a path to a file containing the API access token required when access +control lists (ACLs) are enabled, for example: + +``` +CONSUL_HTTP_TOKEN_FILE=/path/to/consul.token +``` + ### `CONSUL_HTTP_AUTH` This specifies HTTP Basic access credentials as a username:password pair: @@ -226,4 +240,4 @@ If the agent is [configured with TLS certificates](/docs/agent/encryption.html#rpc-encryption-with-tls), then the gRPC listener will require TLS and present the same certificate as the https listener. As with `CONSUL_HTTP_ADDR`, if TLS is enabled either the `https://` -scheme should be used, or `CONSUL_HTTP_SSL` set. \ No newline at end of file +scheme should be used, or `CONSUL_HTTP_SSL` set. diff --git a/website/source/docs/commands/login.html.md.erb b/website/source/docs/commands/login.html.md.erb new file mode 100644 index 0000000000..5feee68d81 --- /dev/null +++ b/website/source/docs/commands/login.html.md.erb @@ -0,0 +1,50 @@ +--- +layout: "docs" +page_title: "Commands: Login" +sidebar_current: "docs-commands-login" +description: > + The `login` command will exchange the provided third party credentials with the requested auth method for a newly minted Consul ACL token. +--- + +# Consul Login + +Command: `consul login` + +The `login` command will exchange the provided third party credentials with the +requested auth method for a newly minted Consul ACL token. The companion +command `consul logout` should be used to destroy any tokens created this way +to avoid a resource leak. + +## Usage + +Usage: `consul login [options]` + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> + +#### Command Options + +* `-bearer-token-file=` - Path to a file containing a secret bearer + token to use with this auth method. + +* `-meta=` - Metadata to set on the token, formatted as `key=value`. This + flag may be specified multiple times to set multiple meta fields. + +* `-method=` - Name of the auth method to login to. + +* `-token-sink-file=` - The most recent token's SecretID is kept up to + date in this file. + +### Examples + +Login to an auth method. + +```sh +$ consul login -method 'minikube' \ + -bearer-token-file '/run/secrets/kubernetes.io/serviceaccount/token' \ + -token-sink-file 'consul.token' + +$ cat consul.token +36103ae4-6731-e719-f53a-d35188cfa41d +``` diff --git a/website/source/docs/commands/logout.html.md.erb b/website/source/docs/commands/logout.html.md.erb new file mode 100644 index 0000000000..1d8993d7b5 --- /dev/null +++ b/website/source/docs/commands/logout.html.md.erb @@ -0,0 +1,34 @@ +--- +layout: "docs" +page_title: "Commands: Logout" +sidebar_current: "docs-commands-logout" +description: > + The `logout` command will destroy the provided token if it was created from `consul login`. +--- + +# Consul Logout + +Command: `consul logout` + +The `logout` command will destroy the provided token if it was created from +`consul login`. + +## Usage + +Usage: `consul logout [options]` + +-> The token to delete should be specified with the `-token` argument, the +`CONSUL_HTTP_TOKEN` environment variable, the `-token-file` argument, or the +`CONSUL_HTTP_TOKEN_FILE` environment variable. + +#### API Options + +<%= partial "docs/commands/http_api_options_client" %> + +### Examples + +Logout and delete a login token. + +```sh +$ consul logout -token-file 'consul.token' +``` diff --git a/website/source/layouts/api.erb b/website/source/layouts/api.erb index ad8c2a380f..0056070edb 100644 --- a/website/source/layouts/api.erb +++ b/website/source/layouts/api.erb @@ -36,6 +36,15 @@ > Policies + > + Roles + + > + Auth Methods + + > + Binding Rules + > diff --git a/website/source/layouts/docs.erb b/website/source/layouts/docs.erb index 27bfb28af0..65918d7a62 100644 --- a/website/source/layouts/docs.erb +++ b/website/source/layouts/docs.erb @@ -67,20 +67,117 @@ > acl

@@ -207,6 +304,12 @@ > lock + > + login + + > + logout + > maint @@ -347,6 +450,14 @@ > Token Migration + > + Auth Methods + + diff --git a/website/source/redirects.txt b/website/source/redirects.txt index c313268d6a..456df4afad 100644 --- a/website/source/redirects.txt +++ b/website/source/redirects.txt @@ -49,6 +49,13 @@ /docs/guides/bootstrapping.html https://www.consul.io/docs/install/bootstrapping.html /docs/guides/sentinel.html https://www.consul.io/docs/agent/sentinel.html +# CLI renames +/docs/commands/acl/acl-bootstrap.html https://www.consul.io/docs/commands/acl/bootstrap.html +/docs/commands/acl/acl-policy.html https://www.consul.io/docs/commands/acl/policy.html +/docs/commands/acl/acl-set-agent-token.html https://www.consul.io/docs/commands/acl/set-agent-token.html +/docs/commands/acl/acl-token.html https://www.consul.io/docs/commands/acl/token.html +/docs/commands/acl/acl-translate-rules.html https://www.consul.io/docs/commands/acl/translate-rules.html + # Consul Learn Redirects /docs/guides/acl.html https://learn.hashicorp.com/consul/advanced/day-1-operations/acl-guide /docs/guides/agent-encryption.html https://learn.hashicorp.com/consul/advanced/day-1-operations/agent-encryption