From 17509f505f90a2190733d62b6c4da342e955d063 Mon Sep 17 00:00:00 2001 From: Enshin Andrey Date: Fri, 8 Nov 2019 15:53:15 +0900 Subject: [PATCH 01/79] Update 07-bootstrapping-etcd.md --- docs/07-bootstrapping-etcd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md index 1de9616..53dc94e 100644 --- a/docs/07-bootstrapping-etcd.md +++ b/docs/07-bootstrapping-etcd.md @@ -8,7 +8,7 @@ The commands in this lab must be run on each controller instance: `master-1`, an ### Running commands in parallel with tmux -[tmux](https://github.com/tmux/tmux/wiki) can be used to run commands on multiple compute instances at the same time. See the [Running commands in parallel with tmux](01-prerequisites.md#running-commands-in-parallel-with-tmux) section in the Prerequisites lab. +[tmux](https://github.com/tmux/tmux/wiki) can be used to run commands on multiple compute instances at the same time. ## Bootstrapping an etcd Cluster Member From 91b205f5b4dde0ccc01ef565624ba4ecd43b0891 Mon Sep 17 00:00:00 2001 From: Enshin Andrey Date: Mon, 11 Nov 2019 13:05:19 +0900 Subject: [PATCH 02/79] Update 05-kubernetes-configuration-files.md --- docs/05-kubernetes-configuration-files.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/05-kubernetes-configuration-files.md b/docs/05-kubernetes-configuration-files.md index 597762a..d824a65 100644 --- a/docs/05-kubernetes-configuration-files.md +++ b/docs/05-kubernetes-configuration-files.md @@ -4,7 +4,7 @@ In this lab you will generate [Kubernetes configuration files](https://kubernete ## Client Authentication Configs -In this section you will generate kubeconfig files for the `controller manager`, `kubelet`, `kube-proxy`, and `scheduler` clients and the `admin` user. +In this section you will generate kubeconfig files for the `controller manager`, `kube-proxy`, `scheduler` clients and the `admin` user. ### Kubernetes Public IP Address @@ -160,7 +160,7 @@ for instance in worker-1 worker-2; do done ``` -Copy the appropriate `kube-controller-manager` and `kube-scheduler` kubeconfig files to each controller instance: +Copy the appropriate `admin.kubeconfig`, `kube-controller-manager` and `kube-scheduler` kubeconfig files to each controller instance: ``` for instance in master-1 master-2; do From 5305709e7fc18a706b5782737e236481c2bc8150 Mon Sep 17 00:00:00 2001 From: Jonathon Sisson Date: Sat, 7 Dec 2019 02:41:26 -0600 Subject: [PATCH 03/79] Add comment about additional changes I modified the Vagrantfile to create 3 masters and 3 workers, and noted that master-3 and worker-3 were not included in the /etc/hosts file. So I've added a note about it in the appropriate doc. --- docs/02-compute-resources.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/02-compute-resources.md b/docs/02-compute-resources.md index 13b6583..3f8396a 100644 --- a/docs/02-compute-resources.md +++ b/docs/02-compute-resources.md @@ -18,7 +18,9 @@ Run Vagrant up This does the below: - Deploys 5 VMs - 2 Master, 2 Worker and 1 Loadbalancer with the name 'kubernetes-ha-* ' - > This is the default settings. This can be changed at the top of the Vagrant file + > This is the default settings. This can be changed at the top of the Vagrant file. + > If you choose to change these settings, please also update vagrant/ubuntu/vagrant/setup-hosts.sh + > to add the additional hosts to the /etc/hosts default before running "vagrant up". - Set's IP addresses in the range 192.168.5 From cda5011f254895b1534b1dde0f17b3896dfbd863 Mon Sep 17 00:00:00 2001 From: Mumshad Mannambeth Date: Mon, 9 Dec 2019 22:23:37 +0800 Subject: [PATCH 04/79] Update 10-tls-bootstrapping-kubernetes-workers.md --- docs/10-tls-bootstrapping-kubernetes-workers.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/10-tls-bootstrapping-kubernetes-workers.md b/docs/10-tls-bootstrapping-kubernetes-workers.md index a8bb38d..2f2e1d1 100644 --- a/docs/10-tls-bootstrapping-kubernetes-workers.md +++ b/docs/10-tls-bootstrapping-kubernetes-workers.md @@ -331,6 +331,8 @@ Things to note here: ## Step 7 Configure the Kubernetes Proxy +In one of the previous steps we created the kube-proxy.kubeconfig file. Check [here](https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md) if you missed it. + ``` sudo mv kube-proxy.kubeconfig /var/lib/kube-proxy/kubeconfig ``` From 48c554c4ba683c2ea94b95d692474215e03baa49 Mon Sep 17 00:00:00 2001 From: Jibu Chacko Date: Wed, 22 Jan 2020 12:51:45 +0530 Subject: [PATCH 05/79] Disable RANDFILE to avoid missing '.rnd' file error ```vagrant@master-1:~$ openssl req -new -key ca.key -subj "/CN=KUBERNETES-CA" -out ca.csr Can't load /home/vagrant/.rnd into RNG 140179099013568:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/home/vagrant/.rnd``` --- docs/04-certificate-authority.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/04-certificate-authority.md b/docs/04-certificate-authority.md index 253e5fe..b84e2cd 100644 --- a/docs/04-certificate-authority.md +++ b/docs/04-certificate-authority.md @@ -20,6 +20,9 @@ Create a CA certificate, then generate a Certificate Signing Request and use it # Create private key for CA openssl genrsa -out ca.key 2048 +# Comment line starting with RANDFILE in /etc/ssl/openssl.cnf definition to avoid permission issues +sudo sed -i '0,/RANDFILE/{s/RANDFILE/\#&/}' /etc/ssl/openssl.cnf + # Create CSR using the private key openssl req -new -key ca.key -subj "/CN=KUBERNETES-CA" -out ca.csr From 7595ca0e200a66f7b0c9abb408f97f7764782e19 Mon Sep 17 00:00:00 2001 From: "Robert E. Peatman" Date: Tue, 11 Feb 2020 16:19:41 -0500 Subject: [PATCH 06/79] Update README.md --- practice-questions-answers/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/practice-questions-answers/README.md b/practice-questions-answers/README.md index 5565eda..2f3313a 100644 --- a/practice-questions-answers/README.md +++ b/practice-questions-answers/README.md @@ -51,6 +51,6 @@ This repository contains answers for the practice tests hosted on the course [Ce # Contributing Guide 1. The folder structure for all topics and associated practice tests are created already. Use the same pattern to create one if it doesn't exist. -2. Create a file with your answers. If you have a different answer than the one that is already there, create a new answer file with yoru name in it. +2. Create a file with your answers. If you have a different answer than the one that is already there, create a new answer file with your name in it. 4. Do not post the entire question. Only post the question number. -3. Send in a pull request \ No newline at end of file +3. Send in a pull request From bae604742933b16fecdfa50ddbb9a66a37625c42 Mon Sep 17 00:00:00 2001 From: Anuj Upadhyay <59619947+anuj53@users.noreply.github.com> Date: Thu, 20 Feb 2020 23:47:36 +0530 Subject: [PATCH 07/79] Typo Error Updated typo error --- docs/02-compute-resources.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/02-compute-resources.md b/docs/02-compute-resources.md index 13b6583..a06c070 100644 --- a/docs/02-compute-resources.md +++ b/docs/02-compute-resources.md @@ -90,7 +90,7 @@ VirtualBox error: VBoxManage.exe: error: Details: code E_FAIL (0x80004005), component SessionMachine, interface IMachine, callee IUnknown VBoxManage.exe: error: Context: "SaveSettings()" at line 3105 of file VBoxManageModifyVM.cpp -In such cases delete the VM, then delete teh VM folder and then re-provision +In such cases delete the VM, then delete the VM folder and then re-provision `vagrant destroy ` From 50e9a6bb87832978a381a3d462d2bd98cecb9014 Mon Sep 17 00:00:00 2001 From: Marc Paquette Date: Fri, 21 Feb 2020 10:35:13 -0500 Subject: [PATCH 08/79] Fixing typo --- .../cluster-maintenance/backup-etcd/etcd-backup-and-restore.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index f9d7ac4..84234fb 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -52,7 +52,7 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne # 4. Modify /etc/kubernetes/manifests/etcd.yaml -Update ETCD POD to use the new data directory and cluster token by modifying the pod definition file at `/etc/kubernetes/manifests/etcd.yaml`. When this file is updated, the ETCD pod is automatically re-created as thisis a static pod placed under the `/etc/kubernetes/manifests` directory. +Update ETCD POD to use the new data directory and cluster token by modifying the pod definition file at `/etc/kubernetes/manifests/etcd.yaml`. When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. Update --data-dir to use new target location From b1df9d8d8de4a3fdf82fe1e07c2533a283edc5b3 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Mon, 24 Feb 2020 10:41:22 -0500 Subject: [PATCH 09/79] Create install-docker-2.sh --- vagrant/ubuntu/install-docker-2.sh | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 vagrant/ubuntu/install-docker-2.sh diff --git a/vagrant/ubuntu/install-docker-2.sh b/vagrant/ubuntu/install-docker-2.sh new file mode 100644 index 0000000..40a2085 --- /dev/null +++ b/vagrant/ubuntu/install-docker-2.sh @@ -0,0 +1,3 @@ +cd /tmp +curl -fsSL https://get.docker.com -o get-docker.sh +sh /tmp/get-docker.sh From ca99534f3d17723290bc1fa826bc89f5591472b3 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Mon, 24 Feb 2020 10:42:04 -0500 Subject: [PATCH 10/79] Update Vagrantfile --- vagrant/Vagrantfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile index 338ca59..5b0ac3d 100644 --- a/vagrant/Vagrantfile +++ b/vagrant/Vagrantfile @@ -111,7 +111,7 @@ Vagrant.configure("2") do |config| end node.vm.provision "setup-dns", type: "shell", :path => "ubuntu/update-dns.sh" - node.vm.provision "install-docker", type: "shell", :path => "ubuntu/install-docker.sh" + node.vm.provision "install-docker", type: "shell", :path => "ubuntu/install-docker-2.sh" node.vm.provision "allow-bridge-nf-traffic", :type => "shell", :path => "ubuntu/allow-bridge-nf-traffic.sh" end From d568b12ab1ecbf707b2482999899773fd9c2c4ae Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Sat, 11 Apr 2020 18:58:59 -0400 Subject: [PATCH 11/79] Update 09-bootstrapping-kubernetes-workers.md --- docs/09-bootstrapping-kubernetes-workers.md | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index 9818fb6..f4db7ba 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -8,7 +8,8 @@ We will now install the kubernetes components ## Prerequisites -The commands in this lab must be run on first worker instance: `worker-1`. Login to first worker instance using SSH Terminal. +The Certificates and Configuration are created on `master-1` node and then copied over to workers using `scp`. +Once this is done, the commands are to be run on first worker instance: `worker-1`. Login to first worker instance using SSH Terminal. ### Provisioning Kubelet Client Certificates @@ -16,7 +17,7 @@ Kubernetes uses a [special-purpose authorization mode](https://kubernetes.io/doc Generate a certificate and private key for one worker node: -Worker1: +On master-1: ``` master-1$ cat > openssl-worker-1.cnf < Remember to run the above commands on worker node: `worker-1` ## Verification - +On master-1: List the registered Kubernetes nodes from the master node: From 3cc6714b08add60df867ae4f90807136e7801aa3 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Sat, 11 Apr 2020 19:00:00 -0400 Subject: [PATCH 12/79] Update 09-bootstrapping-kubernetes-workers.md --- docs/09-bootstrapping-kubernetes-workers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index f4db7ba..eeba698 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -56,8 +56,8 @@ LOADBALANCER_ADDRESS=192.168.5.30 ``` Generate a kubeconfig file for the first worker node. -On master-1: +On master-1: ``` { kubectl config set-cluster kubernetes-the-hard-way \ From 38918b3d5abc64e5b9069a8aef338343fd91086b Mon Sep 17 00:00:00 2001 From: Sulabh Chaturvedi Date: Fri, 17 Apr 2020 12:33:19 +0100 Subject: [PATCH 13/79] Update 13-kube-apiserver-to-kubelet.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I kept getting error as the user is `system:kube-apiserver` and not 'kube-apiserver'. Also, the description says user as kubernetes which should also be rather `system:kube-apiserver` below is the error I received and corrected the CRB manifest after looking carefully at the User attribute in the error received. ``` ~ at ☸️ kubernetes-the-hard-way ➜ kubectl logs weave-net-7bmxs weave -n kube-system Error from server (Forbidden): Forbidden (user=system:kube-apiserver, verb=get, resource=nodes, subresource=proxy) ( pods/log weave-net-7bmxs) ``` --- docs/13-kube-apiserver-to-kubelet.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/13-kube-apiserver-to-kubelet.md b/docs/13-kube-apiserver-to-kubelet.md index 59ab6ac..fc5cebc 100644 --- a/docs/13-kube-apiserver-to-kubelet.md +++ b/docs/13-kube-apiserver-to-kubelet.md @@ -32,9 +32,9 @@ EOF ``` Reference: https://v1-12.docs.kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole -The Kubernetes API Server authenticates to the Kubelet as the `kubernetes` user using the client certificate as defined by the `--kubelet-client-certificate` flag. +The Kubernetes API Server authenticates to the Kubelet as the `system:kube-apiserver` user using the client certificate as defined by the `--kubelet-client-certificate` flag. -Bind the `system:kube-apiserver-to-kubelet` ClusterRole to the `kubernetes` user: +Bind the `system:kube-apiserver-to-kubelet` ClusterRole to the `system:kube-apiserver` user: ``` cat < Date: Sun, 19 Apr 2020 12:00:53 +0530 Subject: [PATCH 14/79] cert verify initial commit --- vagrant/cert_verify.sh | 255 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 255 insertions(+) create mode 100644 vagrant/cert_verify.sh diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh new file mode 100644 index 0000000..6492e7a --- /dev/null +++ b/vagrant/cert_verify.sh @@ -0,0 +1,255 @@ +#!/bin/bash +set -e +set -x + +# All Cert Location + +# ca certificate location +CACERT=/var/lib/kubernetes/ca.crt +CAKEY=/var/lib/kubernetes/ca.key + +# admin certificate location +ADMINCERT=/var/lib/kubernetes/admin.crt +ADMINKEY=/var/lib/kubernetes/admin.key + +# Kube controller manager certificate location +KCMCERT=/var/lib/kubernetes/kube-controller-manager.crt +KCMKEY=/var/lib/kubernetes/kube-controller-manager.key + +# Kube proxy certificate location +KPCERT=/var/lib/kubernetes/kube-proxy.crt +KPKEY=/var/lib/kubernetes/kube-proxy.key + +# Kube scheduler certificate location +KSCERT=/var/lib/kubernetes/kube-scheduler.crt +KSKEY=/var/lib/kubernetes/kube-scheduler.key + +# Kube api certificate location +APICERT=/var/lib/kubernetes/kube-apiserver.crt +APIKEY=/var/lib/kubernetes/kube-apiserver.key + +# ETCD certificate location +ETCDCERT=/var/lib/kubernetes/etcd-server.crt +ETCDKEY=/var/lib/kubernetes/etcd-server.key + +# Service account certificate location +SACERT=/var/lib/kubernetes/service-account.crt +SAKEY=/var/lib/kubernetes/service-account.key + +check_cert_ca() +{ + if [ -z $CACERT ] && [ -z $CAKEY ] + then + echo "please specify cert and key location" + exit 1 + elif [ -f $CACERT ] && [ -f $CAKEY ] + then + echo "CA cert and key found, verifying the authenticity" + CACERT_SUBJECT=$(openssl x509 -in $CACERT -text | grep "Subject: CN"| tr -d " ") + CACERT_ISSUER=$(openssl x509 -in $CACERT -text | grep "Issuer: CN"| tr -d " ") + CACERT_MD5=$(openssl x509 -noout -modulus -in $CACERT | openssl md5| awk '{print $2}') + CAKEY_MD5=$(openssl rsa -noout -modulus -in $CAKEY | openssl md5| awk '{print $2}') + if [ $CACERT_SUBJECT == "Subject:CN=KUBERNETES-CA" ] && [ $CACERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $CACERT_MD5 == $CAKEY_MD5 ] + then + echo "CA cert and key are correct" + else + echo "Exiting...Found mismtach in the CA certificate and keys, check subject" + exit 1 + fi + else + echo "ca.crt / ca.key is missing" + exit 1 + fi +} + + +check_cert_admin() +{ + if [ -z $ADMINCERT ] && [ -z $ADMINKEY ] + then + echo "please specify cert and key location" + exit 1 + elif [ -f $ADMINCERT ] && [ -f $ADMINKEY ] + then + echo "admin cert and key found, verifying the authenticity" + ADMINCERT_SUBJECT=$(openssl x509 -in $ADMINCERT -text | grep "Subject: CN"| tr -d " ") + ADMINCERT_ISSUER=$(openssl x509 -in $ADMINCERT -text | grep "Issuer: CN"| tr -d " ") + ADMINCERT_MD5=$(openssl x509 -noout -modulus -in $ADMINCERT | openssl md5| awk '{print $2}') + ADMINKEY_MD5=$(openssl rsa -noout -modulus -in $ADMINKEY | openssl md5| awk '{print $2}') + if [ $ADMINCERT_SUBJECT == "Subject:CN=admin,O=system:masters" ] && [ $ADMINCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ADMINCERT_MD5 == $ADMINKEY_MD5 ] + then + echo "admin cert and key are correct" + else + echo "Exiting...Found mismtach in the admin certificate and keys, check subject" + exit 1 + fi + else + echo "admin.crt / admin.key is missing" + exit 1 + fi +} + +check_cert_kcm() +{ + if [ -z $KCMCERT ] && [ -z $KCMKEY ] + then + echo "please specify cert and key location" + exit 1 + elif [ -f $KCMCERT ] && [ -f $KCMKEY ] + then + echo "kube-controller-manager cert and key found, verifying the authenticity" + KCMCERT_SUBJECT=$(openssl x509 -in $KCMCERT -text | grep "Subject: CN"| tr -d " ") + KCMCERT_ISSUER=$(openssl x509 -in $KCMCERT -text | grep "Issuer: CN"| tr -d " ") + KCMCERT_MD5=$(openssl x509 -noout -modulus -in $KCMCERT | openssl md5| awk '{print $2}') + KCMKEY_MD5=$(openssl rsa -noout -modulus -in $KCMKEY | openssl md5| awk '{print $2}') + if [ $KCMCERT_SUBJECT == "Subject:CN=system:kube-controller-manager" ] && [ $KCMCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KCMCERT_MD5 == $KCMKEY_MD5 ] + then + echo "kube-controller-manager cert and key are correct" + else + echo "Exiting...Found mismtach in the kube-controller-manager certificate and keys, check subject" + exit 1 + fi + else + echo "kube-controller-manager.crt / kube-controller-manager.key is missing" + exit 1 + fi +} + +check_cert_kp() +{ + if [ -z $KPCERT ] && [ -z $KPKEY ] + then + echo "please specify cert and key location" + exit 1 + elif [ -f $KPCERT ] && [ -f $KPKEY ] + then + echo "kube-proxy cert and key found, verifying the authenticity" + KPCERT_SUBJECT=$(openssl x509 -in $KPCERT -text | grep "Subject: CN"| tr -d " ") + KPCERT_ISSUER=$(openssl x509 -in $KPCERT -text | grep "Issuer: CN"| tr -d " ") + KPCERT_MD5=$(openssl x509 -noout -modulus -in $KPCERT | openssl md5| awk '{print $2}') + KPKEY_MD5=$(openssl rsa -noout -modulus -in $KPKEY | openssl md5| awk '{print $2}') + if [ $KPCERT_SUBJECT == "Subject:CN=system:kube-proxy" ] && [ $KPCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KPCERT_MD5 == $KPKEY_MD5 ] + then + echo "kube-proxy cert and key are correct" + else + echo "Exiting...Found mismtach in the kube-proxy certificate and keys, check subject" + exit 1 + fi + else + echo "kube-proxy.crt / kube-proxy.key is missing" + exit 1 + fi +} + +check_cert_ks() +{ + if [ -z $KSCERT ] && [ -z $KSKEY ] + then + echo "please specify cert and key location" + exit 1 + elif [ -f $KSCERT ] && [ -f $KSKEY ] + then + echo "kube-scheduler cert and key found, verifying the authenticity" + KSCERT_SUBJECT=$(openssl x509 -in $KSCERT -text | grep "Subject: CN"| tr -d " ") + KSCERT_ISSUER=$(openssl x509 -in $KSCERT -text | grep "Issuer: CN"| tr -d " ") + KSCERT_MD5=$(openssl x509 -noout -modulus -in $KSCERT | openssl md5| awk '{print $2}') + KSKEY_MD5=$(openssl rsa -noout -modulus -in $KSKEY | openssl md5| awk '{print $2}') + if [ $KSCERT_SUBJECT == "Subject:CN=system:kube-scheduler" ] && [ $KSCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KSCERT_MD5 == $KSKEY_MD5 ] + then + echo "kube-scheduler cert and key are correct" + else + echo "Exiting...Found mismtach in the kube-scheduler certificate and keys, check subject" + exit 1 + fi + else + echo "kube-scheduler.crt / kube-scheduler.key is missing" + exit 1 + fi +} + +check_cert_api() +{ + if [ -z $APICERT ] && [ -z $APIKEY ] + then + echo "please specify kube-api cert and key location, Exiting...." + exit 1 + elif [ -f $APICERT ] && [ -f $APIKEY ] + then + echo "kube-apiserver cert and key found, verifying the authenticity" + APICERT_SUBJECT=$(openssl x509 -in $APICERT -text | grep "Subject: CN"| tr -d " ") + APICERT_ISSUER=$(openssl x509 -in $APICERT -text | grep "Issuer: CN"| tr -d " ") + APICERT_MD5=$(openssl x509 -noout -modulus -in $APICERT | openssl md5| awk '{print $2}') + APIKEY_MD5=$(openssl rsa -noout -modulus -in $APIKEY | openssl md5| awk '{print $2}') + if [ $APICERT_SUBJECT == "Subject:CN=kube-apiserver" ] && [ $APICERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $APICERT_MD5 == $APIKEY_MD5 ] + then + echo "kube-apiserver cert and key are correct" + else + echo "Exiting...Found mismtach in the kube-apiserver certificate and keys, check subject" + exit 1 + fi + else + echo "kube-apiserver.crt / kube-apiserver.key is missing" + exit 1 + fi +} + +check_cert_etcd() +{ + if [ -z $ETCDCERT ] && [ -z $ETCDKEY ] + then + echo "please specify ETCD cert and key location, Exiting...." + exit 1 + elif [ -f $ETCDCERT ] && [ -f $ETCDKEY ] + then + echo "ETCD cert and key found, verifying the authenticity" + ETCDCERT_SUBJECT=$(openssl x509 -in $ETCDCERT -text | grep "Subject: CN"| tr -d " ") + ETCDCERT_ISSUER=$(openssl x509 -in $ETCDCERT -text | grep "Issuer: CN"| tr -d " ") + ETCDCERT_MD5=$(openssl x509 -noout -modulus -in $ETCDCERT | openssl md5| awk '{print $2}') + ETCDKEY_MD5=$(openssl rsa -noout -modulus -in $ETCDKEY | openssl md5| awk '{print $2}') + if [ $ETCDCERT_SUBJECT == "Subject:CN=etcd-server" ] && [ $ETCDCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ETCDCERT_MD5 == $ETCDKEY_MD5 ] + then + echo "etcd-server.crt / etcd-server.key are correct" + else + echo "Exiting...Found mismtach in the ETCD certificate and keys, check subject" + exit 1 + fi + else + echo "etcd-server.crt / etcd-server.key is missing" + exit 1 + fi +} + +check_cert_sa() +{ + if [ -z $SACERT ] && [ -z $SAKEY ] + then + echo "please specify Service Account cert and key location, Exiting...." + exit 1 + elif [ -f $SACERT ] && [ -f $SAKEY ] + then + echo "service account cert and key found, verifying the authenticity" + SACERT_SUBJECT=$(openssl x509 -in $SACERT -text | grep "Subject: CN"| tr -d " ") + SACERT_ISSUER=$(openssl x509 -in $SACERT -text | grep "Issuer: CN"| tr -d " ") + SACERT_MD5=$(openssl x509 -noout -modulus -in $SACERT | openssl md5| awk '{print $2}') + SAKEY_MD5=$(openssl rsa -noout -modulus -in $SAKEY | openssl md5| awk '{print $2}') + if [ $SACERT_SUBJECT == "Subject:CN=service-accounts" ] && [ $SACERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $SACERT_MD5 == $SAKEY_MD5 ] + then + echo "Service Account cert and key are correct" + else + echo "Exiting...Found mismtach in the Service Account certificate and keys, check subject" + exit 1 + fi + else + echo "service-account.crt / service-account.key is missing" + exit 1 + fi +} + +check_cert_ca +check_cert_admin +check_cert_kcm +check_cert_kp +check_cert_ks +check_cert_api +check_cert_sa +check_cert_etcd \ No newline at end of file From 84b8c9d5890a765f15b8c62322c0ede0c997415f Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Fri, 24 Apr 2020 23:13:43 +0530 Subject: [PATCH 15/79] kubeconfig verification --- vagrant/cert_verify.sh | 131 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 130 insertions(+), 1 deletion(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 6492e7a..2c475f0 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -36,6 +36,20 @@ ETCDKEY=/var/lib/kubernetes/etcd-server.key SACERT=/var/lib/kubernetes/service-account.crt SAKEY=/var/lib/kubernetes/service-account.key +# All kubeconfig locations + +# kubeproxy.kubeconfig location +KPKUBECONFIG=/var/lib/kubernetes/kube-proxy.kubeconfig + +# kube-controller-manager.kubeconfig location +KCMKUBECONFIG=/var/lib/kubernetes/kube-controller-manager.kubeconfig + +# kube-scheduler.kubeconfig location +KSKUBECONFIG=/var/lib/kubernetes/kube-scheduler.kubeconfig + +# admin.kubeconfig location +ADMINKUBECONFIG=/var/lib/kubernetes/admin.kubeconfig + check_cert_ca() { if [ -z $CACERT ] && [ -z $CAKEY ] @@ -245,6 +259,115 @@ check_cert_sa() fi } + +# Kubeconfig verification + +check_cert_kpkubeconfig() +{ + if [ -z $KPKUBECONFIG ] + then + echo "please specify kube-proxy kubeconfig location" + exit 1 + elif [ -f $KPKUBECONFIG ] + then + echo "kube-proxy kubeconfig file found, verifying the authenticity" + KPKUBECONFIG_SUBJECT=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") + KPKUBECONFIG_ISSUER=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + KPKUBECONFIG_CERT_MD5=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') + KPKUBECONFIG_KEY_MD5=$(cat $KPKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') + if [ $KPKUBECONFIG_SUBJECT == "Subject:CN=system:kube-proxy" ] && [ $KPKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KPKUBECONFIG_CERT_MD5 == $KPKUBECONFIG_KEY_MD5 ] + then + echo "kube-proxy kubeconfig cert and key are correct" + else + echo "Exiting...Found mismtach in the kube-proxy kubeconfig certificate and keys, check subject" + exit 1 + fi + else + echo "kube-proxy kubeconfig file is missing" + exit 1 + fi +} + +check_cert_kcmkubeconfig() +{ + if [ -z $KCMKUBECONFIG ] + then + echo "please specify kube-controller-manager kubeconfig location" + exit 1 + elif [ -f $KCMKUBECONFIG ] + then + echo "kube-controller-manager kubeconfig file found, verifying the authenticity" + KCMKUBECONFIG_SUBJECT=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") + KCMKUBECONFIG_ISSUER=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + KCMKUBECONFIG_CERT_MD5=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') + KCMKUBECONFIG_KEY_MD5=$(cat $KCMKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') + if [ $KCMKUBECONFIG_SUBJECT == "Subject:CN=system:kube-controller-manager" ] && [ $KCMKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KCMKUBECONFIG_CERT_MD5 == $KCMKUBECONFIG_KEY_MD5 ] + then + echo "kube-controller-manager kubeconfig cert and key are correct" + else + echo "Exiting...Found mismtach in the kube-controller-manager kubeconfig certificate and keys, check subject" + exit 1 + fi + else + echo "kube-controller-manager kubeconfig file is missing" + exit 1 + fi +} + + +check_cert_kskubeconfig() +{ + if [ -z $KSKUBECONFIG ] + then + echo "please specify kube-scheduler kubeconfig location" + exit 1 + elif [ -f $KSKUBECONFIG ] + then + echo "kube-scheduler kubeconfig file found, verifying the authenticity" + KSKUBECONFIG_SUBJECT=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") + KSKUBECONFIG_ISSUER=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + KSKUBECONFIG_CERT_MD5=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') + KSKUBECONFIG_KEY_MD5=$(cat $KSKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') + if [ $KSKUBECONFIG_SUBJECT == "Subject:CN=system:kube-scheduler" ] && [ $KSKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KSKUBECONFIG_CERT_MD5 == $KSKUBECONFIG_KEY_MD5 ] + then + echo "kube-scheduler kubeconfig cert and key are correct" + else + echo "Exiting...Found mismtach in the kube-scheduler kubeconfig certificate and keys, check subject" + exit 1 + fi + else + echo "kube-scheduler kubeconfig file is missing" + exit 1 + fi +} + +check_cert_adminkubeconfig() +{ + if [ -z $ADMINKUBECONFIG ] + then + echo "please specify admin kubeconfig location" + exit 1 + elif [ -f $ADMINKUBECONFIG ] + then + echo "admin kubeconfig file found, verifying the authenticity" + ADMINKUBECONFIG_SUBJECT=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") + ADMINKUBECONFIG_ISSUER=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + ADMINKUBECONFIG_CERT_MD5=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') + ADMINKUBECONFIG_KEY_MD5=$(cat $ADMINKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') + if [ $ADMINKUBECONFIG_SUBJECT == "Subject:CN=admin,O=system:masters" ] && [ $ADMINKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ADMINKUBECONFIG_CERT_MD5 == $ADMINKUBECONFIG_KEY_MD5 ] + then + echo "admin kubeconfig cert and key are correct" + else + echo "Exiting...Found mismtach in the admin kubeconfig certificate and keys, check subject" + exit 1 + fi + else + echo "admin kubeconfig file is missing" + exit 1 + fi +} + +# CRT & KEY verification check_cert_ca check_cert_admin check_cert_kcm @@ -252,4 +375,10 @@ check_cert_kp check_cert_ks check_cert_api check_cert_sa -check_cert_etcd \ No newline at end of file +check_cert_etcd + +# Kubeconfig verification +check_cert_kpkubeconfig +check_cert_kcmkubeconfig +check_cert_kskubeconfig +check_cert_adminkubeconfig \ No newline at end of file From 61333adf32a48a0914a1a2eb7c823fdf861bc923 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Fri, 24 Apr 2020 23:32:00 +0530 Subject: [PATCH 16/79] kubeconfig server details --- vagrant/cert_verify.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 2c475f0..70c862b 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -275,7 +275,8 @@ check_cert_kpkubeconfig() KPKUBECONFIG_ISSUER=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") KPKUBECONFIG_CERT_MD5=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') KPKUBECONFIG_KEY_MD5=$(cat $KPKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') - if [ $KPKUBECONFIG_SUBJECT == "Subject:CN=system:kube-proxy" ] && [ $KPKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KPKUBECONFIG_CERT_MD5 == $KPKUBECONFIG_KEY_MD5 ] + KPKUBECONFIG_SERVER=$(cat $KPKUBECONFIG | grep "server:"| awk '{print $2}') + if [ $KPKUBECONFIG_SUBJECT == "Subject:CN=system:kube-proxy" ] && [ $KPKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KPKUBECONFIG_CERT_MD5 == $KPKUBECONFIG_KEY_MD5 ] && [ $KPKUBECONFIG_SERVER == "https://192.168.5.30:6443" ] then echo "kube-proxy kubeconfig cert and key are correct" else @@ -301,7 +302,8 @@ check_cert_kcmkubeconfig() KCMKUBECONFIG_ISSUER=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") KCMKUBECONFIG_CERT_MD5=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') KCMKUBECONFIG_KEY_MD5=$(cat $KCMKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') - if [ $KCMKUBECONFIG_SUBJECT == "Subject:CN=system:kube-controller-manager" ] && [ $KCMKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KCMKUBECONFIG_CERT_MD5 == $KCMKUBECONFIG_KEY_MD5 ] + KCMKUBECONFIG_SERVER=$(cat $KCMKUBECONFIG | grep "server:"| awk '{print $2}') + if [ $KCMKUBECONFIG_SUBJECT == "Subject:CN=system:kube-controller-manager" ] && [ $KCMKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KCMKUBECONFIG_CERT_MD5 == $KCMKUBECONFIG_KEY_MD5 ] && [ $KCMKUBECONFIG_SERVER == "https://127.0.0.1:6443" ] then echo "kube-controller-manager kubeconfig cert and key are correct" else @@ -328,7 +330,8 @@ check_cert_kskubeconfig() KSKUBECONFIG_ISSUER=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") KSKUBECONFIG_CERT_MD5=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') KSKUBECONFIG_KEY_MD5=$(cat $KSKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') - if [ $KSKUBECONFIG_SUBJECT == "Subject:CN=system:kube-scheduler" ] && [ $KSKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KSKUBECONFIG_CERT_MD5 == $KSKUBECONFIG_KEY_MD5 ] + KSKUBECONFIG_SERVER=$(cat $KSKUBECONFIG | grep "server:"| awk '{print $2}') + if [ $KSKUBECONFIG_SUBJECT == "Subject:CN=system:kube-scheduler" ] && [ $KSKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KSKUBECONFIG_CERT_MD5 == $KSKUBECONFIG_KEY_MD5 ] && [ $KSKUBECONFIG_SERVER == "https://127.0.0.1:6443" ] then echo "kube-scheduler kubeconfig cert and key are correct" else @@ -354,7 +357,8 @@ check_cert_adminkubeconfig() ADMINKUBECONFIG_ISSUER=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") ADMINKUBECONFIG_CERT_MD5=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') ADMINKUBECONFIG_KEY_MD5=$(cat $ADMINKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') - if [ $ADMINKUBECONFIG_SUBJECT == "Subject:CN=admin,O=system:masters" ] && [ $ADMINKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ADMINKUBECONFIG_CERT_MD5 == $ADMINKUBECONFIG_KEY_MD5 ] + ADMINKUBECONFIG_SERVER=$(cat $ADMINKUBECONFIG | grep "server:"| awk '{print $2}') + if [ $ADMINKUBECONFIG_SUBJECT == "Subject:CN=admin,O=system:masters" ] && [ $ADMINKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ADMINKUBECONFIG_CERT_MD5 == $ADMINKUBECONFIG_KEY_MD5 ] && [ $ADMINKUBECONFIG_SERVER == "https://127.0.0.1:6443" ] then echo "admin kubeconfig cert and key are correct" else From c0f71699bdd8facaa22e4c239822147f7beb78f3 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Sat, 25 Apr 2020 14:24:21 +0530 Subject: [PATCH 17/79] check_systemd_etcd verification --- vagrant/cert_verify.sh | 61 +++++++++++++++++++++++++++++++++++++++--- 1 file changed, 58 insertions(+), 3 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 70c862b..a512c21 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -29,8 +29,8 @@ APICERT=/var/lib/kubernetes/kube-apiserver.crt APIKEY=/var/lib/kubernetes/kube-apiserver.key # ETCD certificate location -ETCDCERT=/var/lib/kubernetes/etcd-server.crt -ETCDKEY=/var/lib/kubernetes/etcd-server.key +ETCDCERT=/etc/etcd/etcd-server.crt +ETCDKEY=/etc/etcd/etcd-server.key # Service account certificate location SACERT=/var/lib/kubernetes/service-account.crt @@ -371,6 +371,58 @@ check_cert_adminkubeconfig() fi } +check_systemd_etcd() +{ + if [ -z $ETCDCERT ] && [ -z $ETCDKEY ] + then + echo "please specify ETCD cert and key location, Exiting...." + exit 1 + elif [ -f $SYSTEMD_ETCD_FILE ] + then + echo "Systemd for ETCD service found, verifying the authenticity" + + # Systemd cert and key file details + ETCD_CA_CERT=/etc/etcd/ca.crt + CERT_FILE=$(systemctl cat etcd.service | grep "\--cert-file"| awk '{print $1}'| cut -d "=" -f2) + KEY_FILE=$(systemctl cat etcd.service | grep "\--key-file"| awk '{print $1}' | cut -d "=" -f2) + PEER_CERT_FILE=$(systemctl cat etcd.service | grep "\--peer-cert-file"| awk '{print $1}'| cut -d "=" -f2) + PEER_KEY_FILE=$(systemctl cat etcd.service | grep "\--peer-key-file"| awk '{print $1}'| cut -d "=" -f2) + TRUSTED_CA_FILE=$(systemctl cat etcd.service | grep "\--trusted-ca-file"| awk '{print $1}'| cut -d "=" -f2) + PEER_TRUSTED_CA_FILE=$(systemctl cat etcd.service | grep "\--peer-trusted-ca-file"| awk '{print $1}'| cut -d "=" -f2) + + # Systemd advertise , client and peer url's + INTERNAL_IP=$(ip addr show enp0s8 | grep "inet " | awk '{print $2}' | cut -d / -f 1) + IAP_URL=$(systemctl cat etcd.service | grep "\--initial-advertise-peer-urls"| awk '{print $2}') + LP_URL=$(systemctl cat etcd.service | grep "\--listen-peer-urls"| awk '{print $2}') + LC_URL=$(systemctl cat etcd.service | grep "\--listen-client-urls"| awk '{print $2}') + AC_URL=$(systemctl cat etcd.service | grep "\--advertise-client-urls"| awk '{print $2}') + + + if [ $CERT_FILE == $ETCDCERT ] && [ $KEY_FILE == $ETCDKEY ] && [ $PEER_CERT_FILE == $ETCDCERT ] && [ $PEER_KEY_FILE == $ETCDKEY ] && \ + [ $TRUSTED_CA_FILE == $ETCD_CA_CERT ] && [ $PEER_TRUSTED_CA_FILE = $ETCD_CA_CERT ] + then + echo "ETCD certificate, ca and key files are correct under systemd service" + else + echo "Exiting...Found mismtach in the ETCD certificate, ca and keys, check /etc/systemd/system/etcd.service file" + exit 1 + fi + + if [ $IAP_URL == "https://$INTERNAL_IP:2380" ] && [ $LP_URL == "https://$INTERNAL_IP:2380" ] && [ $LC_URL == "https://$INTERNAL_IP:2379,https://127.0.0.1:2379" ] && \ + [ $AC_URL == "https://$INTERNAL_IP:2379" ] + then + echo "ETCD initial-advertise-peer-urls, listen-peer-urls, listen-client-urls, advertise-client-urls are correct" + else + echo "Exiting...Found mismtach in the ETCD initial-advertise-peer-urls / listen-peer-urls / listen-client-urls / advertise-client-urls, check /etc/systemd/system/etcd.service file" + exit 1 + fi + + else + echo "etcd-server.crt / etcd-server.key is missing" + exit 1 + fi +} + + # CRT & KEY verification check_cert_ca check_cert_admin @@ -385,4 +437,7 @@ check_cert_etcd check_cert_kpkubeconfig check_cert_kcmkubeconfig check_cert_kskubeconfig -check_cert_adminkubeconfig \ No newline at end of file +check_cert_adminkubeconfig + +# Systemd verification +check_systemd_etcd \ No newline at end of file From 5409a1c6da8cddd52e311a839c6e2142cf3eb747 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Sat, 25 Apr 2020 15:48:55 +0530 Subject: [PATCH 18/79] check_systemd_api --- vagrant/cert_verify.sh | 50 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index a512c21..f549eaa 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -50,6 +50,14 @@ KSKUBECONFIG=/var/lib/kubernetes/kube-scheduler.kubeconfig # admin.kubeconfig location ADMINKUBECONFIG=/var/lib/kubernetes/admin.kubeconfig +# All systemd service locations + +# etcd systemd service +SYSTEMD_ETCD_FILE=/etc/systemd/system/etcd.service + +# kub-api systemd service +SYSTEMD_API_FILE=/etc/systemd/system/kube-apiserver.service + check_cert_ca() { if [ -z $CACERT ] && [ -z $CAKEY ] @@ -422,6 +430,45 @@ check_systemd_etcd() fi } +check_systemd_api() +{ + if [ -z $APICERT ] && [ -z $APIKEY ] + then + echo "please specify kube-api cert and key location, Exiting...." + exit 1 + elif [ -f $SYSTEMD_API_FILE ] + then + echo "Systemd for kube-api service found, verifying the authenticity" + + INTERNAL_IP=$(ip addr show enp0s8 | grep "inet " | awk '{print $2}' | cut -d / -f 1) + ADVERTISE_ADDRESS=$(systemctl cat kube-apiserver.service | grep "\--advertise-address" | awk '{print $1}' | cut -d "=" -f2) + CLIENT_CA_FILE=$(systemctl cat kube-apiserver.service | grep "\--client-ca-file" | awk '{print $1}' | cut -d "=" -f2) + ETCD_CA_FILE=$(systemctl cat kube-apiserver.service | grep "\--etcd-cafile" | awk '{print $1}' | cut -d "=" -f2) + ETCD_CERT_FILE=$(systemctl cat kube-apiserver.service | grep "\--etcd-certfile" | awk '{print $1}' | cut -d "=" -f2) + ETCD_KEY_FILE=$(systemctl cat kube-apiserver.service | grep "\--etcd-keyfile" | awk '{print $1}' | cut -d "=" -f2) + KUBELET_CERTIFICATE_AUTHORITY=$(systemctl cat kube-apiserver.service | grep "\--kubelet-certificate-authority" | awk '{print $1}' | cut -d "=" -f2) + KUBELET_CLIENT_CERTIFICATE=$(systemctl cat kube-apiserver.service | grep "\--kubelet-client-certificate" | awk '{print $1}' | cut -d "=" -f2) + KUBELET_CLIENT_KEY=$(systemctl cat kube-apiserver.service | grep "\--kubelet-client-key" | awk '{print $1}' | cut -d "=" -f2) + SERVICE_ACCOUNT_KEY_FILE=$(systemctl cat kube-apiserver.service | grep "\--service-account-key-file" | awk '{print $1}' | cut -d "=" -f2) + TLS_CERT_FILE=$(systemctl cat kube-apiserver.service | grep "\--tls-cert-file" | awk '{print $1}' | cut -d "=" -f2) + TLS_PRIVATE_KEY_FILE=$(systemctl cat kube-apiserver.service | grep "\--tls-private-key-file" | awk '{print $1}' | cut -d "=" -f2) + + if [ $ADVERTISE_ADDRESS == $INTERNAL_IP ] && [ $CLIENT_CA_FILE == $CACERT ] && [ $ETCD_CA_FILE == $CACERT ] && \ + [ $ETCD_CERT_FILE == "/var/lib/kubernetes/etcd-server.crt" ] && [ $ETCD_KEY_FILE == "/var/lib/kubernetes/etcd-server.key" ] && \ + [ $KUBELET_CERTIFICATE_AUTHORITY == $CACERT ] && [ $KUBELET_CLIENT_CERTIFICATE == $APICERT ] && [ $KUBELET_CLIENT_KEY == $APIKEY ] && \ + [ $SERVICE_ACCOUNT_KEY_FILE == $SACERT ] && [ $TLS_CERT_FILE == $APICERT ] && [ $TLS_PRIVATE_KEY_FILE == $APIKEY ] + then + echo "kube-apiserver advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file are correct" + else + echo "Exiting...Found mismtach in the kube-apiserver systemd file, check advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file under /etc/systemd/system/kube-apiserver.service" + exit 1 + fi + else + echo "kube-apiserver.crt / kube-apiserver.key is missing" + exit 1 + fi +} + # CRT & KEY verification check_cert_ca @@ -440,4 +487,5 @@ check_cert_kskubeconfig check_cert_adminkubeconfig # Systemd verification -check_systemd_etcd \ No newline at end of file +check_systemd_etcd +check_systemd_api \ No newline at end of file From dc51d1bcf3733edde10a882ed929b21ce4a96a98 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Sat, 25 Apr 2020 17:32:16 +0530 Subject: [PATCH 19/79] cert verification - master node --- vagrant/cert_verify.sh | 66 ++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 64 insertions(+), 2 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index f549eaa..be0fdda 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -1,6 +1,6 @@ #!/bin/bash set -e -set -x +#set -x # All Cert Location @@ -58,6 +58,12 @@ SYSTEMD_ETCD_FILE=/etc/systemd/system/etcd.service # kub-api systemd service SYSTEMD_API_FILE=/etc/systemd/system/kube-apiserver.service +# kube-controller-manager systemd service +SYSTEMD_KCM_FILE=/etc/systemd/system/kube-controller-manager.service + +# kube-proxy systemd service +SYSTEMD_KP_FILE=/etc/systemd/system/kube-scheduler.service + check_cert_ca() { if [ -z $CACERT ] && [ -z $CAKEY ] @@ -469,6 +475,60 @@ check_systemd_api() fi } +check_systemd_kcm() +{ + if [ -z $KCMCERT ] && [ -z $KCMKEY ] + then + echo "please specify cert and key location" + exit 1 + elif [ -f $SYSTEMD_KCM_FILE ] + then + echo "Systemd for kube-controller-manager service found, verifying the authenticity" + CLUSTER_SIGNING_CERT_FILE=$(systemctl cat kube-controller-manager.service | grep "\--cluster-signing-cert-file" | awk '{print $1}' | cut -d "=" -f2) + CLUSTER_SIGNING_KEY_FILE=$(systemctl cat kube-controller-manager.service | grep "\--cluster-signing-key-file" | awk '{print $1}' | cut -d "=" -f2) + KUBECONFIG=$(systemctl cat kube-controller-manager.service | grep "\--kubeconfig" | awk '{print $1}' | cut -d "=" -f2) + ROOT_CA_FILE=$(systemctl cat kube-controller-manager.service | grep "\--root-ca-file" | awk '{print $1}' | cut -d "=" -f2) + SERVICE_ACCOUNT_PRIVATE_KEY_FILE=$(systemctl cat kube-controller-manager.service | grep "\--service-account-private-key-file" | awk '{print $1}' | cut -d "=" -f2) + + if [ $CLUSTER_SIGNING_CERT_FILE == $CACERT ] && [ $CLUSTER_SIGNING_KEY_FILE == $CAKEY ] && [ $KUBECONFIG == $KCMKUBECONFIG ] && \ + [ $ROOT_CA_FILE == $CACERT ] && [ $SERVICE_ACCOUNT_PRIVATE_KEY_FILE == $SAKEY ] + then + echo "kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file are correct" + else + echo "Exiting...Found mismtach in the kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file , check /etc/systemd/system/kube-controller-manager.service file" + exit 1 + fi + else + echo "kube-controller-manager.crt / kube-controller-manager.key is missing" + exit 1 + fi +} + +check_systemd_kp() +{ + if [ -z $KPCERT ] && [ -z $KPKEY ] + then + echo "please specify cert and key location" + exit 1 + elif [ -f $SYSTEMD_KP_FILE ] + then + echo "Systemd for kube-proxy service found, verifying the authenticity" + + KUBECONFIG=$(systemctl cat kube-scheduler.service | grep "\--kubeconfig"| awk '{print $1}'| cut -d "=" -f2) + ADDRESS=$(systemctl cat kube-scheduler.service | grep "\--address"| awk '{print $1}'| cut -d "=" -f2) + + if [ $KUBECONFIG == $KSKUBECONFIG ] && [ $ADDRESS == "127.0.0.1" ] + then + echo "kube-proxy --kubeconfig, --address are correct" + else + echo "Exiting...Found mismtach in the kube-proxy --kubeconfig, --address, check /etc/systemd/system/kube-scheduler.service file" + exit 1 + fi + else + echo "kube-proxy.crt / kube-proxy.key is missing" + exit 1 + fi +} # CRT & KEY verification check_cert_ca @@ -488,4 +548,6 @@ check_cert_adminkubeconfig # Systemd verification check_systemd_etcd -check_systemd_api \ No newline at end of file +check_systemd_api +check_systemd_kcm +check_systemd_kp \ No newline at end of file From 567847397b4ac76d1d741e20330a13eecb6826be Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Sun, 26 Apr 2020 11:06:11 +0530 Subject: [PATCH 20/79] changes from kk --- vagrant/cert_verify.sh | 60 ++++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 22 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index be0fdda..d52328a 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -5,50 +5,50 @@ set -e # All Cert Location # ca certificate location -CACERT=/var/lib/kubernetes/ca.crt -CAKEY=/var/lib/kubernetes/ca.key +CACERT=ca.crt +CAKEY=ca.key # admin certificate location -ADMINCERT=/var/lib/kubernetes/admin.crt -ADMINKEY=/var/lib/kubernetes/admin.key +ADMINCERT=admin.crt +ADMINKEY=admin.key # Kube controller manager certificate location -KCMCERT=/var/lib/kubernetes/kube-controller-manager.crt -KCMKEY=/var/lib/kubernetes/kube-controller-manager.key +KCMCERT=kube-controller-manager.crt +KCMKEY=kube-controller-manager.key # Kube proxy certificate location -KPCERT=/var/lib/kubernetes/kube-proxy.crt -KPKEY=/var/lib/kubernetes/kube-proxy.key +KPCERT=kube-proxy.crt +KPKEY=kube-proxy.key # Kube scheduler certificate location -KSCERT=/var/lib/kubernetes/kube-scheduler.crt -KSKEY=/var/lib/kubernetes/kube-scheduler.key +KSCERT=kube-scheduler.crt +KSKEY=kube-scheduler.key # Kube api certificate location -APICERT=/var/lib/kubernetes/kube-apiserver.crt -APIKEY=/var/lib/kubernetes/kube-apiserver.key +APICERT=kube-apiserver.crt +APIKEY=kube-apiserver.key # ETCD certificate location -ETCDCERT=/etc/etcd/etcd-server.crt -ETCDKEY=/etc/etcd/etcd-server.key +ETCDCERT=etcd-server.crt +ETCDKEY=etcd-server.key # Service account certificate location -SACERT=/var/lib/kubernetes/service-account.crt -SAKEY=/var/lib/kubernetes/service-account.key +SACERT=service-account.crt +SAKEY=service-account.key # All kubeconfig locations # kubeproxy.kubeconfig location -KPKUBECONFIG=/var/lib/kubernetes/kube-proxy.kubeconfig +KPKUBECONFIG=kube-proxy.kubeconfig # kube-controller-manager.kubeconfig location -KCMKUBECONFIG=/var/lib/kubernetes/kube-controller-manager.kubeconfig +KCMKUBECONFIG=kube-controller-manager.kubeconfig # kube-scheduler.kubeconfig location -KSKUBECONFIG=/var/lib/kubernetes/kube-scheduler.kubeconfig +KSKUBECONFIG=kube-scheduler.kubeconfig # admin.kubeconfig location -ADMINKUBECONFIG=/var/lib/kubernetes/admin.kubeconfig +ADMINKUBECONFIG=admin.kubeconfig # All systemd service locations @@ -396,7 +396,7 @@ check_systemd_etcd() echo "Systemd for ETCD service found, verifying the authenticity" # Systemd cert and key file details - ETCD_CA_CERT=/etc/etcd/ca.crt + ETCD_CA_CERT=ca.crt CERT_FILE=$(systemctl cat etcd.service | grep "\--cert-file"| awk '{print $1}'| cut -d "=" -f2) KEY_FILE=$(systemctl cat etcd.service | grep "\--key-file"| awk '{print $1}' | cut -d "=" -f2) PEER_CERT_FILE=$(systemctl cat etcd.service | grep "\--peer-cert-file"| awk '{print $1}'| cut -d "=" -f2) @@ -412,6 +412,9 @@ check_systemd_etcd() AC_URL=$(systemctl cat etcd.service | grep "\--advertise-client-urls"| awk '{print $2}') + ETCD_CA_CERT=/etc/etcd/ca.crt + ETCDCERT=/etc/etcd/etcd-server.crt + ETCDKEY=/etc/etcd/etcd-server.key if [ $CERT_FILE == $ETCDCERT ] && [ $KEY_FILE == $ETCDKEY ] && [ $PEER_CERT_FILE == $ETCDCERT ] && [ $PEER_KEY_FILE == $ETCDKEY ] && \ [ $TRUSTED_CA_FILE == $ETCD_CA_CERT ] && [ $PEER_TRUSTED_CA_FILE = $ETCD_CA_CERT ] then @@ -429,7 +432,7 @@ check_systemd_etcd() echo "Exiting...Found mismtach in the ETCD initial-advertise-peer-urls / listen-peer-urls / listen-client-urls / advertise-client-urls, check /etc/systemd/system/etcd.service file" exit 1 fi - + else echo "etcd-server.crt / etcd-server.key is missing" exit 1 @@ -459,6 +462,10 @@ check_systemd_api() TLS_CERT_FILE=$(systemctl cat kube-apiserver.service | grep "\--tls-cert-file" | awk '{print $1}' | cut -d "=" -f2) TLS_PRIVATE_KEY_FILE=$(systemctl cat kube-apiserver.service | grep "\--tls-private-key-file" | awk '{print $1}' | cut -d "=" -f2) + CACERT=/var/lib/kubernetes/ca.crt + APICERT=/var/lib/kubernetes/kube-apiserver.crt + APIKEY=/var/lib/kubernetes/kube-apiserver.key + SACERT=/var/lib/kubernetes/service-account.crt if [ $ADVERTISE_ADDRESS == $INTERNAL_IP ] && [ $CLIENT_CA_FILE == $CACERT ] && [ $ETCD_CA_FILE == $CACERT ] && \ [ $ETCD_CERT_FILE == "/var/lib/kubernetes/etcd-server.crt" ] && [ $ETCD_KEY_FILE == "/var/lib/kubernetes/etcd-server.key" ] && \ [ $KUBELET_CERTIFICATE_AUTHORITY == $CACERT ] && [ $KUBELET_CLIENT_CERTIFICATE == $APICERT ] && [ $KUBELET_CLIENT_KEY == $APIKEY ] && \ @@ -477,6 +484,12 @@ check_systemd_api() check_systemd_kcm() { + KCMCERT=/var/lib/kubernetes/kube-controller-manager.crt + KCMKEY=/var/lib/kubernetes/kube-controller-manager.key + CACERT=/var/lib/kubernetes/ca.crt + CAKEY=/var/lib/kubernetes/ca.key + SAKEY=/var/lib/kubernetes/service-account.key + KCMKUBECONFIG=/var/lib/kubernetes/kube-controller-manager.kubeconfig if [ -z $KCMCERT ] && [ -z $KCMKEY ] then echo "please specify cert and key location" @@ -506,6 +519,9 @@ check_systemd_kcm() check_systemd_kp() { + KPCERT=/var/lib/kubernetes/kube-proxy.crt + KPKEY=/var/lib/kubernetes/kube-proxy.key + if [ -z $KPCERT ] && [ -z $KPKEY ] then echo "please specify cert and key location" From 118243245014d0149b50f41e9354586abdcec7fd Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 00:06:07 +0530 Subject: [PATCH 21/79] fix kp to ks --- vagrant/cert_verify.sh | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index d52328a..c187f39 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -61,8 +61,8 @@ SYSTEMD_API_FILE=/etc/systemd/system/kube-apiserver.service # kube-controller-manager systemd service SYSTEMD_KCM_FILE=/etc/systemd/system/kube-controller-manager.service -# kube-proxy systemd service -SYSTEMD_KP_FILE=/etc/systemd/system/kube-scheduler.service +# kube-scheduler systemd service +SYSTEMD_KS_FILE=/etc/systemd/system/kube-scheduler.service check_cert_ca() { @@ -517,31 +517,32 @@ check_systemd_kcm() fi } -check_systemd_kp() +check_systemd_ks() { - KPCERT=/var/lib/kubernetes/kube-proxy.crt - KPKEY=/var/lib/kubernetes/kube-proxy.key + KSCERT=/var/lib/kubernetes/kube-scheduler.crt + KSKEY=/var/lib/kubernetes/kube-scheduler.key + KSKUBECONFIG=/var/lib/kubernetes/kube-scheduler.kubeconfig - if [ -z $KPCERT ] && [ -z $KPKEY ] + if [ -z $KSCERT ] && [ -z $KSKEY ] then echo "please specify cert and key location" exit 1 - elif [ -f $SYSTEMD_KP_FILE ] + elif [ -f $SYSTEMD_KS_FILE ] then - echo "Systemd for kube-proxy service found, verifying the authenticity" + echo "Systemd for kube-scheduler service found, verifying the authenticity" KUBECONFIG=$(systemctl cat kube-scheduler.service | grep "\--kubeconfig"| awk '{print $1}'| cut -d "=" -f2) ADDRESS=$(systemctl cat kube-scheduler.service | grep "\--address"| awk '{print $1}'| cut -d "=" -f2) if [ $KUBECONFIG == $KSKUBECONFIG ] && [ $ADDRESS == "127.0.0.1" ] then - echo "kube-proxy --kubeconfig, --address are correct" + echo "kube-scheduler --kubeconfig, --address are correct" else - echo "Exiting...Found mismtach in the kube-proxy --kubeconfig, --address, check /etc/systemd/system/kube-scheduler.service file" + echo "Exiting...Found mismtach in the kube-scheduler --kubeconfig, --address, check /etc/systemd/system/kube-scheduler.service file" exit 1 fi else - echo "kube-proxy.crt / kube-proxy.key is missing" + echo "kube-scheduler.crt / kube-scheduler.key is missing" exit 1 fi } @@ -566,4 +567,4 @@ check_cert_adminkubeconfig check_systemd_etcd check_systemd_api check_systemd_kcm -check_systemd_kp \ No newline at end of file +check_systemd_ks \ No newline at end of file From 74fb28b009ed6b48f1b6ab7ee6744150568ae366 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 01:05:42 +0530 Subject: [PATCH 22/79] worker1 node crt check --- vagrant/cert_verify.sh | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index c187f39..7266f32 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -547,6 +547,8 @@ check_systemd_ks() fi } +### MASTER NODES ### + # CRT & KEY verification check_cert_ca check_cert_admin @@ -567,4 +569,41 @@ check_cert_adminkubeconfig check_systemd_etcd check_systemd_api check_systemd_kcm -check_systemd_ks \ No newline at end of file +check_systemd_ks + +### END OF MASTER NODES ### + +### WORKER NODES ### + +# Worker-1 cert details +WORKER_1_CERT=worker-1.crt +WORKER_1_KEY=worker-1.key + +check_cert_worker_1() +{ + if [ -z $WORKER_1_CERT ] && [ -z $WORKER_1_KEY ] + then + echo "please specify cert and key location of worker-1 node" + exit 1 + elif [ -f $WORKER_1_CERT ] && [ -f $WORKER_1_KEY ] + then + echo "worker-1 cert and key found, verifying the authenticity" + WORKER_1_CERT_SUBJECT=$(openssl x509 -in $WORKER_1_CERT -text | grep "Subject: CN"| tr -d " ") + WORKER_1_CERT_ISSUER=$(openssl x509 -in $WORKER_1_CERT -text | grep "Issuer: CN"| tr -d " ") + WORKER_1_CERT_MD5=$(openssl x509 -noout -modulus -in $WORKER_1_CERT | openssl md5| awk '{print $2}') + WORKER_1_KEY_MD5=$(openssl rsa -noout -modulus -in $WORKER_1_KEY | openssl md5| awk '{print $2}') + if [ $WORKER_1_CERT_SUBJECT == "Subject:CN=system:node:worker-1,O=system:nodes" ] && [ $WORKER_1_CERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $WORKER_1_CERT_MD5 == $WORKER_1_KEY_MD5 ] + then + echo "worker-1 cert and key are correct" + else + echo "Exiting...Found mismtach in the worker-1 certificate and keys, check subject" + exit 1 + fi + else + echo "worker-1.crt / worker-1.key is missing" + exit 1 + fi +} + + +check_cert_worker_1 \ No newline at end of file From 188c278c00f597023060ac5eb1e7743579197fbb Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 09:31:15 +0530 Subject: [PATCH 23/79] check_cert_worker_1_kubeconfig --- vagrant/cert_verify.sh | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 7266f32..ed5423c 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -579,6 +579,9 @@ check_systemd_ks WORKER_1_CERT=worker-1.crt WORKER_1_KEY=worker-1.key +# Worker-1 kubeconfig location +WORKER_1_KUBECONFIG=worker-1.kubeconfig + check_cert_worker_1() { if [ -z $WORKER_1_CERT ] && [ -z $WORKER_1_KEY ] @@ -605,5 +608,33 @@ check_cert_worker_1() fi } +check_cert_worker_1_kubeconfig() +{ + if [ -z $WORKER_1_KUBECONFIG ] + then + echo "please specify worker-1 kubeconfig location" + exit 1 + elif [ -f $WORKER_1_KUBECONFIG ] + then + echo "worker-1 kubeconfig file found, verifying the authenticity" + WORKER_1_KUBECONFIG_SUBJECT=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") + WORKER_1_KUBECONFIG_ISSUER=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + WORKER_1_KUBECONFIG_CERT_MD5=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') + WORKER_1_KUBECONFIG_KEY_MD5=$(cat $WORKER_1_KUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') + WORKER_1_KUBECONFIG_SERVER=$(cat $WORKER_1_KUBECONFIG | grep "server:"| awk '{print $2}') + if [ $WORKER_1_KUBECONFIG_SUBJECT == "Subject:CN=system:node:worker-1,O=system:nodes" ] && [ $WORKER_1_KUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && \ + [ $WORKER_1_KUBECONFIG_CERT_MD5 == $WORKER_1_KUBECONFIG_KEY_MD5 ] && [ $WORKER_1_KUBECONFIG_SERVER == "https://192.168.5.30:6443" ] + then + echo "worker-1 kubeconfig cert and key are correct" + else + echo "Exiting...Found mismtach in the worker-1 kubeconfig certificate and keys, check subject" + exit 1 + fi + else + echo "worker-1 kubeconfig file is missing" + exit 1 + fi +} -check_cert_worker_1 \ No newline at end of file +check_cert_worker_1 +check_cert_worker_1_kubeconfig \ No newline at end of file From a9559c1ed2ff4773b15418650a008f7b236dd514 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 11:34:46 +0530 Subject: [PATCH 24/79] check_cert_worker_1_kubelet systemd --- vagrant/cert_verify.sh | 57 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 56 insertions(+), 1 deletion(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index ed5423c..52f896d 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -582,6 +582,13 @@ WORKER_1_KEY=worker-1.key # Worker-1 kubeconfig location WORKER_1_KUBECONFIG=worker-1.kubeconfig +# Worker-1 kubelet config location +WORKER_1_KUBELET=/var/lib/kubelet/kubelet-config.yaml + +# Systemd worker-1 kubelet +SYSTEMD_WORKER_1_KUBELET=/etc/systemd/system/kubelet.service + + check_cert_worker_1() { if [ -z $WORKER_1_CERT ] && [ -z $WORKER_1_KEY ] @@ -636,5 +643,53 @@ check_cert_worker_1_kubeconfig() fi } +check_cert_worker_1_kubelet() +{ + + CACERT=/var/lib/kubernetes/ca.crt + WORKER_1_TLSCERTFILE=/var/lib/kubelet/${HOSTNAME}.crt + WORKER_1_TLSPRIVATEKEY=/var/lib/kubelet/${HOSTNAME}.key + + if [ -z $WORKER_1_KUBELET ] && [ -z $SYSTEMD_WORKER_1_KUBELET ] + then + echo "please specify worker-1 kubelet config location" + exit 1 + elif [ -f $WORKER_1_KUBELET ] && [ -f $SYSTEMD_WORKER_1_KUBELET ] && [ -f $WORKER_1_TLSCERTFILE ] && [ -f $WORKER_1_TLSPRIVATEKEY ] + then + echo "worker-1 kubelet config file, systemd services, tls cert and key found, verifying the authenticity" + + WORKER_1_KUBELET_CA=$(cat kubelet-config.yaml | grep "clientCAFile:" | awk '{print $2}' | tr -d " \"") + WORKER_1_KUBELET_DNS=$(cat kubelet-config.yaml | grep "resolvConf:" | awk '{print $2}' | tr -d " \"") + WORKER_1_KUBELET_AUTH_MODE=$(cat kubelet-config.yaml | grep "mode:" | awk '{print $2}' | tr -d " \"") + + if [ $WORKER_1_KUBELET_CA == $CACERT ] && [ $WORKER_1_KUBELET_DNS == "/run/systemd/resolve/resolv.conf" ] && \ + [ $WORKER_1_KUBELET_AUTH_MODE == "Webhook" ] + then + echo "worker-1 kubelet config CA cert, resolvConf and Auth mode are correct" + else + echo "Exiting...Found mismtach in the worker-1 kubelet config CA cert, resolvConf and Auth mode, check /var/lib/kubelet/kubelet-config.yaml" + exit 1 + fi + + KUBELETCONFIG=$(systemctl cat kubelet.service | grep "\--config" | awk '{print $1}'| cut -d "=" -f2) + TLSCERTFILE=$(systemctl cat kubelet.service | grep "\--tls-cert-file" | awk '{print $1}'| cut -d "=" -f2) + TLSPRIVATEKEY=$(systemctl cat kubelet.service | grep "\--tls-private-key-file" | awk '{print $1}'| cut -d "=" -f2) + + if [ $KUBELETCONFIG == $WORKER_1_KUBELET ] && [ $TLSCERTFILE == $WORKER_1_TLSCERTFILE ] && \ + [ $TLSPRIVATEKEY == $WORKER_1_TLSPRIVATEKEY ] + then + echo "worker-1 kubelet systemd services are correct" + else + echo "Exiting...Found mismtach in the worker-1 kubelet systemd services, check /etc/systemd/system/kubelet.service" + exit 1 + fi + + else + echo "worker-1 kubelet config, systemd services, tls cert and key file is missing" + exit 1 + fi +} + check_cert_worker_1 -check_cert_worker_1_kubeconfig \ No newline at end of file +check_cert_worker_1_kubeconfig +check_cert_worker_1_kubelet \ No newline at end of file From 5c996d39d2f5c51ba0d3ed0d7a11b7c2dd7a5a33 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 12:14:49 +0530 Subject: [PATCH 25/79] worker 1 cert path --- vagrant/cert_verify.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 52f896d..b7e0bf4 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -576,11 +576,11 @@ check_systemd_ks ### WORKER NODES ### # Worker-1 cert details -WORKER_1_CERT=worker-1.crt -WORKER_1_KEY=worker-1.key +WORKER_1_CERT=/var/lib/kubelet/worker-1.crt +WORKER_1_KEY=/var/lib/kubelet/worker-1.key # Worker-1 kubeconfig location -WORKER_1_KUBECONFIG=worker-1.kubeconfig +WORKER_1_KUBECONFIG=/var/lib/kubelet/kubeconfig # Worker-1 kubelet config location WORKER_1_KUBELET=/var/lib/kubelet/kubelet-config.yaml @@ -610,7 +610,7 @@ check_cert_worker_1() exit 1 fi else - echo "worker-1.crt / worker-1.key is missing" + echo "/var/lib/kubelet/worker-1.crt / /var/lib/kubelet/worker-1.key is missing" exit 1 fi } @@ -638,7 +638,7 @@ check_cert_worker_1_kubeconfig() exit 1 fi else - echo "worker-1 kubeconfig file is missing" + echo "worker-1 /var/lib/kubelet/kubeconfig file is missing" exit 1 fi } From f00dbbece51936c8319e1cbeb481885622494a29 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 12:24:17 +0530 Subject: [PATCH 26/79] WORKER_1_KUBELET kubelet --- vagrant/cert_verify.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index b7e0bf4..85ce030 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -658,9 +658,9 @@ check_cert_worker_1_kubelet() then echo "worker-1 kubelet config file, systemd services, tls cert and key found, verifying the authenticity" - WORKER_1_KUBELET_CA=$(cat kubelet-config.yaml | grep "clientCAFile:" | awk '{print $2}' | tr -d " \"") - WORKER_1_KUBELET_DNS=$(cat kubelet-config.yaml | grep "resolvConf:" | awk '{print $2}' | tr -d " \"") - WORKER_1_KUBELET_AUTH_MODE=$(cat kubelet-config.yaml | grep "mode:" | awk '{print $2}' | tr -d " \"") + WORKER_1_KUBELET_CA=$(cat $WORKER_1_KUBELET | grep "clientCAFile:" | awk '{print $2}' | tr -d " \"") + WORKER_1_KUBELET_DNS=$(cat $WORKER_1_KUBELET | grep "resolvConf:" | awk '{print $2}' | tr -d " \"") + WORKER_1_KUBELET_AUTH_MODE=$(cat $WORKER_1_KUBELET | grep "mode:" | awk '{print $2}' | tr -d " \"") if [ $WORKER_1_KUBELET_CA == $CACERT ] && [ $WORKER_1_KUBELET_DNS == "/run/systemd/resolve/resolv.conf" ] && \ [ $WORKER_1_KUBELET_AUTH_MODE == "Webhook" ] From 24438edbbf13e06c74d83dc518d1e31e7b477413 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 12:56:27 +0530 Subject: [PATCH 27/79] check_cert_worker_1_kp - kubeproxy --- vagrant/cert_verify.sh | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 85ce030..6b6c7a6 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -585,9 +585,12 @@ WORKER_1_KUBECONFIG=/var/lib/kubelet/kubeconfig # Worker-1 kubelet config location WORKER_1_KUBELET=/var/lib/kubelet/kubelet-config.yaml -# Systemd worker-1 kubelet +# Systemd worker-1 kubelet location SYSTEMD_WORKER_1_KUBELET=/etc/systemd/system/kubelet.service +# kube-proxy worker-1 location +WORKER_1_KP_KUBECONFIG=/var/lib/kube-proxy/kubeconfig +SYSTEMD_WORKER_1_KP=/etc/systemd/system/kube-proxy.service check_cert_worker_1() { @@ -690,6 +693,37 @@ check_cert_worker_1_kubelet() fi } +check_cert_worker_1_kp() +{ + + WORKER_1_KP_CONFIG_YAML=/var/lib/kube-proxy/kube-proxy-config.yaml + + if [ -z $WORKER_1_KP_KUBECONFIG ] && [ -z $SYSTEMD_WORKER_1_KP ] + then + echo "please specify worker-1 kube-proxy config and systemd service path" + exit 1 + elif [ -f $WORKER_1_KP_KUBECONFIG ] && [ -f $SYSTEMD_WORKER_1_KP ] && [ -f $WORKER_1_KP_CONFIG_YAML ] + then + echo "worker-1 kube-proxy kubeconfig, systemd services and configuration files found, verifying the authenticity" + + KP_CONFIG=$(cat $WORKER_1_KP_CONFIG_YAML | grep "kubeconfig:" | awk '{print $2}' | tr -d " \"") + KP_CONFIG_YAML=$(systemctl cat kube-proxy.service | grep "\--config" | awk '{print $1}'| cut -d "=" -f2) + + if [ $KP_CONFIG == $WORKER_1_KP_KUBECONFIG ] && [ $KP_CONFIG_YAML == $WORKER_1_KP_CONFIG_YAML ] + then + echo "worker-1 kube-proxy kubeconfig and configuration files are correct" + else + echo "Exiting...Found mismtach in the worker-1 kube-proxy kubeconfig and configuration files, check /var/lib/kubelet/kubelet-config.yaml & /etc/systemd/system/kube-proxy.service" + exit 1 + fi + + else + echo "worker-1 kube-proxy kubeconfig and configuration files are missing" + exit 1 + fi +} + check_cert_worker_1 check_cert_worker_1_kubeconfig -check_cert_worker_1_kubelet \ No newline at end of file +check_cert_worker_1_kubelet +check_cert_worker_1_kp \ No newline at end of file From 4900dd558feb8d797237c04606089b8ad9f173c6 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 13:11:13 +0530 Subject: [PATCH 28/79] master and worker1 node certificate verification --- vagrant/cert_verify.sh | 105 +++++++++++++++++++++++------------------ 1 file changed, 59 insertions(+), 46 deletions(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 6b6c7a6..ef3e560 100644 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -64,6 +64,28 @@ SYSTEMD_KCM_FILE=/etc/systemd/system/kube-controller-manager.service # kube-scheduler systemd service SYSTEMD_KS_FILE=/etc/systemd/system/kube-scheduler.service +### WORKER NODES ### + +# Worker-1 cert details +WORKER_1_CERT=/var/lib/kubelet/worker-1.crt +WORKER_1_KEY=/var/lib/kubelet/worker-1.key + +# Worker-1 kubeconfig location +WORKER_1_KUBECONFIG=/var/lib/kubelet/kubeconfig + +# Worker-1 kubelet config location +WORKER_1_KUBELET=/var/lib/kubelet/kubelet-config.yaml + +# Systemd worker-1 kubelet location +SYSTEMD_WORKER_1_KUBELET=/etc/systemd/system/kubelet.service + +# kube-proxy worker-1 location +WORKER_1_KP_KUBECONFIG=/var/lib/kube-proxy/kubeconfig +SYSTEMD_WORKER_1_KP=/etc/systemd/system/kube-proxy.service + + +# Function - Master node # + check_cert_ca() { if [ -z $CACERT ] && [ -z $CAKEY ] @@ -274,8 +296,6 @@ check_cert_sa() } -# Kubeconfig verification - check_cert_kpkubeconfig() { if [ -z $KPKUBECONFIG ] @@ -547,50 +567,9 @@ check_systemd_ks() fi } -### MASTER NODES ### +# END OF Function - Master node # -# CRT & KEY verification -check_cert_ca -check_cert_admin -check_cert_kcm -check_cert_kp -check_cert_ks -check_cert_api -check_cert_sa -check_cert_etcd - -# Kubeconfig verification -check_cert_kpkubeconfig -check_cert_kcmkubeconfig -check_cert_kskubeconfig -check_cert_adminkubeconfig - -# Systemd verification -check_systemd_etcd -check_systemd_api -check_systemd_kcm -check_systemd_ks - -### END OF MASTER NODES ### - -### WORKER NODES ### - -# Worker-1 cert details -WORKER_1_CERT=/var/lib/kubelet/worker-1.crt -WORKER_1_KEY=/var/lib/kubelet/worker-1.key - -# Worker-1 kubeconfig location -WORKER_1_KUBECONFIG=/var/lib/kubelet/kubeconfig - -# Worker-1 kubelet config location -WORKER_1_KUBELET=/var/lib/kubelet/kubelet-config.yaml - -# Systemd worker-1 kubelet location -SYSTEMD_WORKER_1_KUBELET=/etc/systemd/system/kubelet.service - -# kube-proxy worker-1 location -WORKER_1_KP_KUBECONFIG=/var/lib/kube-proxy/kubeconfig -SYSTEMD_WORKER_1_KP=/etc/systemd/system/kube-proxy.service +# Function - Worker-1 node # check_cert_worker_1() { @@ -723,7 +702,41 @@ check_cert_worker_1_kp() fi } +# END OF Function - Worker-1 node # + + +### MASTER NODES ### + +# CRT & KEY verification +check_cert_ca +check_cert_admin +check_cert_kcm +check_cert_kp +check_cert_ks +check_cert_api +check_cert_sa +check_cert_etcd + +# Kubeconfig verification +check_cert_kpkubeconfig +check_cert_kcmkubeconfig +check_cert_kskubeconfig +check_cert_adminkubeconfig + +# Systemd verification +check_systemd_etcd +check_systemd_api +check_systemd_kcm +check_systemd_ks + +### END OF MASTER NODES ### + + +### WORKER-1 NODE ### + check_cert_worker_1 check_cert_worker_1_kubeconfig check_cert_worker_1_kubelet -check_cert_worker_1_kp \ No newline at end of file +check_cert_worker_1_kp + +### END OF WORKER-1 NODE ### \ No newline at end of file From d34d9075d88bc32272ac641854df3ac68cb0ad0a Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 28 Apr 2020 13:36:52 +0530 Subject: [PATCH 29/79] case interactive - cert verify --- vagrant/cert_verify.sh | 75 +++++++++++++++++++++++++++--------------- 1 file changed, 48 insertions(+), 27 deletions(-) mode change 100644 => 100755 vagrant/cert_verify.sh diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh old mode 100644 new mode 100755 index ef3e560..01ba0fe --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -704,39 +704,60 @@ check_cert_worker_1_kp() # END OF Function - Worker-1 node # +echo -e "This script will validate the certificates in master as well as worker-1 nodes. Before proceeding, make sure you ssh into the respective node for certificate validation\n" +echo -e "1. Verify certification in Master Node\n" +echo -e "2. Verify certification in Worker-1 Node\n" +echo -e "Please select either the option 1 or 2\n" +read value -### MASTER NODES ### +case $value in -# CRT & KEY verification -check_cert_ca -check_cert_admin -check_cert_kcm -check_cert_kp -check_cert_ks -check_cert_api -check_cert_sa -check_cert_etcd + 1) + echo -e "The selected option is $value, proceeding the certificate verification of Master node" -# Kubeconfig verification -check_cert_kpkubeconfig -check_cert_kcmkubeconfig -check_cert_kskubeconfig -check_cert_adminkubeconfig + ### MASTER NODES ### -# Systemd verification -check_systemd_etcd -check_systemd_api -check_systemd_kcm -check_systemd_ks + # CRT & KEY verification + check_cert_ca + check_cert_admin + check_cert_kcm + check_cert_kp + check_cert_ks + check_cert_api + check_cert_sa + check_cert_etcd -### END OF MASTER NODES ### + # Kubeconfig verification + check_cert_kpkubeconfig + check_cert_kcmkubeconfig + check_cert_kskubeconfig + check_cert_adminkubeconfig + # Systemd verification + check_systemd_etcd + check_systemd_api + check_systemd_kcm + check_systemd_ks -### WORKER-1 NODE ### + ### END OF MASTER NODES ### -check_cert_worker_1 -check_cert_worker_1_kubeconfig -check_cert_worker_1_kubelet -check_cert_worker_1_kp + ;; -### END OF WORKER-1 NODE ### \ No newline at end of file + 2) + echo -e "The selected option is $value, proceeding the certificate verification of Worker-1 node" + + ### WORKER-1 NODE ### + + check_cert_worker_1 + check_cert_worker_1_kubeconfig + check_cert_worker_1_kubelet + check_cert_worker_1_kp + + ### END OF WORKER-1 NODE ### + ;; + + *) + echo -e "Exiting.... Please select the valid option either 1 or 2\n" + exit 1 + ;; +esac \ No newline at end of file From 853fb56269dcb7b52ad4d34873d348ff4fc41c90 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Wed, 6 May 2020 11:11:07 +0530 Subject: [PATCH 30/79] tiny tweaks --- vagrant/cert_verify.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/vagrant/cert_verify.sh b/vagrant/cert_verify.sh index 01ba0fe..5f5c610 100755 --- a/vagrant/cert_verify.sh +++ b/vagrant/cert_verify.sh @@ -325,6 +325,7 @@ check_cert_kpkubeconfig() check_cert_kcmkubeconfig() { + KCMKUBECONFIG=/var/lib/kubernetes/kube-controller-manager.kubeconfig if [ -z $KCMKUBECONFIG ] then echo "please specify kube-controller-manager kubeconfig location" @@ -353,6 +354,7 @@ check_cert_kcmkubeconfig() check_cert_kskubeconfig() { + KSKUBECONFIG=/var/lib/kubernetes/kube-scheduler.kubeconfig if [ -z $KSKUBECONFIG ] then echo "please specify kube-scheduler kubeconfig location" @@ -704,7 +706,7 @@ check_cert_worker_1_kp() # END OF Function - Worker-1 node # -echo -e "This script will validate the certificates in master as well as worker-1 nodes. Before proceeding, make sure you ssh into the respective node for certificate validation\n" +echo -e "This script will validate the certificates in master as well as worker-1 nodes. Before proceeding, make sure you ssh into the respective node [ Master or Worker-1 ] for certificate validation\n" echo -e "1. Verify certification in Master Node\n" echo -e "2. Verify certification in Worker-1 Node\n" echo -e "Please select either the option 1 or 2\n" From 23801b3006b475551b76b957c4da2586242844b0 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Wed, 6 May 2020 11:40:14 +0530 Subject: [PATCH 31/79] cert_verify.sh - vagrant home --- vagrant/Vagrantfile | 2 ++ vagrant/{ => ubuntu}/cert_verify.sh | 0 2 files changed, 2 insertions(+) rename vagrant/{ => ubuntu}/cert_verify.sh (100%) diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile index 5b0ac3d..5490ab5 100644 --- a/vagrant/Vagrantfile +++ b/vagrant/Vagrantfile @@ -71,6 +71,7 @@ Vagrant.configure("2") do |config| end node.vm.provision "setup-dns", type: "shell", :path => "ubuntu/update-dns.sh" + node.vm.provision "file", source: "./ubuntu/cert_verify.sh", destination: "$HOME/" end end @@ -113,6 +114,7 @@ Vagrant.configure("2") do |config| node.vm.provision "setup-dns", type: "shell", :path => "ubuntu/update-dns.sh" node.vm.provision "install-docker", type: "shell", :path => "ubuntu/install-docker-2.sh" node.vm.provision "allow-bridge-nf-traffic", :type => "shell", :path => "ubuntu/allow-bridge-nf-traffic.sh" + node.vm.provision "file", source: "./ubuntu/cert_verify.sh", destination: "$HOME/" end end diff --git a/vagrant/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh similarity index 100% rename from vagrant/cert_verify.sh rename to vagrant/ubuntu/cert_verify.sh From ff55dafcad653358bb7e473f1bf6f92897220258 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Wed, 6 May 2020 15:53:31 +0530 Subject: [PATCH 32/79] skip admin crt - master2 --- vagrant/ubuntu/cert_verify.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index 5f5c610..e1afbac 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -718,10 +718,15 @@ case $value in echo -e "The selected option is $value, proceeding the certificate verification of Master node" ### MASTER NODES ### - + master_hostname=$(hostname -s) # CRT & KEY verification check_cert_ca - check_cert_admin + + if [ $master_hostname == "master-1" ] + then + check_cert_admin + fi + check_cert_kcm check_cert_kp check_cert_ks From 76fb7350f13dead1ca94388d4c76ac1f294a2526 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Wed, 6 May 2020 23:07:53 +0530 Subject: [PATCH 33/79] master 2 skipped checks combined --- vagrant/ubuntu/cert_verify.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index e1afbac..c874f51 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -725,11 +725,11 @@ case $value in if [ $master_hostname == "master-1" ] then check_cert_admin + check_cert_kcm + check_cert_kp + check_cert_ks + check_cert_adminkubeconfig fi - - check_cert_kcm - check_cert_kp - check_cert_ks check_cert_api check_cert_sa check_cert_etcd @@ -738,7 +738,6 @@ case $value in check_cert_kpkubeconfig check_cert_kcmkubeconfig check_cert_kskubeconfig - check_cert_adminkubeconfig # Systemd verification check_systemd_etcd From 7847fd097275b89ea7b3878953d28632a2ff32fb Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Thu, 7 May 2020 00:13:07 +0530 Subject: [PATCH 34/79] color output printf --- vagrant/ubuntu/cert_verify.sh | 215 +++++++++++++++++----------------- 1 file changed, 110 insertions(+), 105 deletions(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index c874f51..74a3f2c 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -2,6 +2,11 @@ set -e #set -x +# Green & Red marking for Success and Failed messages +SUCCESS='\033[0;32m' +FAILED='\033[0;31m' +NC='\033[0m' + # All Cert Location # ca certificate location @@ -90,24 +95,24 @@ check_cert_ca() { if [ -z $CACERT ] && [ -z $CAKEY ] then - echo "please specify cert and key location" + printf "${FAILED}please specify cert and key location\n" exit 1 elif [ -f $CACERT ] && [ -f $CAKEY ] then - echo "CA cert and key found, verifying the authenticity" + printf "${NC}CA cert and key found, verifying the authenticity\n" CACERT_SUBJECT=$(openssl x509 -in $CACERT -text | grep "Subject: CN"| tr -d " ") CACERT_ISSUER=$(openssl x509 -in $CACERT -text | grep "Issuer: CN"| tr -d " ") CACERT_MD5=$(openssl x509 -noout -modulus -in $CACERT | openssl md5| awk '{print $2}') CAKEY_MD5=$(openssl rsa -noout -modulus -in $CAKEY | openssl md5| awk '{print $2}') if [ $CACERT_SUBJECT == "Subject:CN=KUBERNETES-CA" ] && [ $CACERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $CACERT_MD5 == $CAKEY_MD5 ] then - echo "CA cert and key are correct" + printf "${SUCCESS}CA cert and key are correct\n" else - echo "Exiting...Found mismtach in the CA certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the CA certificate and keys, check subject\n" exit 1 fi else - echo "ca.crt / ca.key is missing" + printf "${FAILED}ca.crt / ca.key is missing\n" exit 1 fi } @@ -117,24 +122,24 @@ check_cert_admin() { if [ -z $ADMINCERT ] && [ -z $ADMINKEY ] then - echo "please specify cert and key location" + printf "${FAILED}please specify cert and key location\n" exit 1 elif [ -f $ADMINCERT ] && [ -f $ADMINKEY ] then - echo "admin cert and key found, verifying the authenticity" + printf "${NC}admin cert and key found, verifying the authenticity\n" ADMINCERT_SUBJECT=$(openssl x509 -in $ADMINCERT -text | grep "Subject: CN"| tr -d " ") ADMINCERT_ISSUER=$(openssl x509 -in $ADMINCERT -text | grep "Issuer: CN"| tr -d " ") ADMINCERT_MD5=$(openssl x509 -noout -modulus -in $ADMINCERT | openssl md5| awk '{print $2}') ADMINKEY_MD5=$(openssl rsa -noout -modulus -in $ADMINKEY | openssl md5| awk '{print $2}') if [ $ADMINCERT_SUBJECT == "Subject:CN=admin,O=system:masters" ] && [ $ADMINCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ADMINCERT_MD5 == $ADMINKEY_MD5 ] then - echo "admin cert and key are correct" + printf "${SUCCESS}admin cert and key are correct\n" else - echo "Exiting...Found mismtach in the admin certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the admin certificate and keys, check subject\n" exit 1 fi else - echo "admin.crt / admin.key is missing" + printf "${FAILED}admin.crt / admin.key is missing\n" exit 1 fi } @@ -143,24 +148,24 @@ check_cert_kcm() { if [ -z $KCMCERT ] && [ -z $KCMKEY ] then - echo "please specify cert and key location" + printf "${FAILED}please specify cert and key location\n" exit 1 elif [ -f $KCMCERT ] && [ -f $KCMKEY ] then - echo "kube-controller-manager cert and key found, verifying the authenticity" + printf "${NC}kube-controller-manager cert and key found, verifying the authenticity\n" KCMCERT_SUBJECT=$(openssl x509 -in $KCMCERT -text | grep "Subject: CN"| tr -d " ") KCMCERT_ISSUER=$(openssl x509 -in $KCMCERT -text | grep "Issuer: CN"| tr -d " ") KCMCERT_MD5=$(openssl x509 -noout -modulus -in $KCMCERT | openssl md5| awk '{print $2}') KCMKEY_MD5=$(openssl rsa -noout -modulus -in $KCMKEY | openssl md5| awk '{print $2}') if [ $KCMCERT_SUBJECT == "Subject:CN=system:kube-controller-manager" ] && [ $KCMCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KCMCERT_MD5 == $KCMKEY_MD5 ] then - echo "kube-controller-manager cert and key are correct" + printf "${SUCCESS}kube-controller-manager cert and key are correct\n" else - echo "Exiting...Found mismtach in the kube-controller-manager certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager certificate and keys, check subject\n" exit 1 fi else - echo "kube-controller-manager.crt / kube-controller-manager.key is missing" + printf "${FAILED}kube-controller-manager.crt / kube-controller-manager.key is missing\n" exit 1 fi } @@ -169,24 +174,24 @@ check_cert_kp() { if [ -z $KPCERT ] && [ -z $KPKEY ] then - echo "please specify cert and key location" + printf "${FAILED}please specify cert and key location\n" exit 1 elif [ -f $KPCERT ] && [ -f $KPKEY ] then - echo "kube-proxy cert and key found, verifying the authenticity" + printf "${NC}kube-proxy cert and key found, verifying the authenticity\n" KPCERT_SUBJECT=$(openssl x509 -in $KPCERT -text | grep "Subject: CN"| tr -d " ") KPCERT_ISSUER=$(openssl x509 -in $KPCERT -text | grep "Issuer: CN"| tr -d " ") KPCERT_MD5=$(openssl x509 -noout -modulus -in $KPCERT | openssl md5| awk '{print $2}') KPKEY_MD5=$(openssl rsa -noout -modulus -in $KPKEY | openssl md5| awk '{print $2}') if [ $KPCERT_SUBJECT == "Subject:CN=system:kube-proxy" ] && [ $KPCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KPCERT_MD5 == $KPKEY_MD5 ] then - echo "kube-proxy cert and key are correct" + printf "${SUCCESS}kube-proxy cert and key are correct\n" else - echo "Exiting...Found mismtach in the kube-proxy certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the kube-proxy certificate and keys, check subject\n" exit 1 fi else - echo "kube-proxy.crt / kube-proxy.key is missing" + printf "${FAILED}kube-proxy.crt / kube-proxy.key is missing\n" exit 1 fi } @@ -195,24 +200,24 @@ check_cert_ks() { if [ -z $KSCERT ] && [ -z $KSKEY ] then - echo "please specify cert and key location" + printf "${FAILED}please specify cert and key location\n" exit 1 elif [ -f $KSCERT ] && [ -f $KSKEY ] then - echo "kube-scheduler cert and key found, verifying the authenticity" + printf "${NC}kube-scheduler cert and key found, verifying the authenticity\n" KSCERT_SUBJECT=$(openssl x509 -in $KSCERT -text | grep "Subject: CN"| tr -d " ") KSCERT_ISSUER=$(openssl x509 -in $KSCERT -text | grep "Issuer: CN"| tr -d " ") KSCERT_MD5=$(openssl x509 -noout -modulus -in $KSCERT | openssl md5| awk '{print $2}') KSKEY_MD5=$(openssl rsa -noout -modulus -in $KSKEY | openssl md5| awk '{print $2}') if [ $KSCERT_SUBJECT == "Subject:CN=system:kube-scheduler" ] && [ $KSCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KSCERT_MD5 == $KSKEY_MD5 ] then - echo "kube-scheduler cert and key are correct" + printf "${SUCCESS}kube-scheduler cert and key are correct\n" else - echo "Exiting...Found mismtach in the kube-scheduler certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the kube-scheduler certificate and keys, check subject\n" exit 1 fi else - echo "kube-scheduler.crt / kube-scheduler.key is missing" + printf "${FAILED}kube-scheduler.crt / kube-scheduler.key is missing\n" exit 1 fi } @@ -221,24 +226,24 @@ check_cert_api() { if [ -z $APICERT ] && [ -z $APIKEY ] then - echo "please specify kube-api cert and key location, Exiting...." + printf "${FAILED}please specify kube-api cert and key location, Exiting....\n" exit 1 elif [ -f $APICERT ] && [ -f $APIKEY ] then - echo "kube-apiserver cert and key found, verifying the authenticity" + printf "${NC}kube-apiserver cert and key found, verifying the authenticity\n" APICERT_SUBJECT=$(openssl x509 -in $APICERT -text | grep "Subject: CN"| tr -d " ") APICERT_ISSUER=$(openssl x509 -in $APICERT -text | grep "Issuer: CN"| tr -d " ") APICERT_MD5=$(openssl x509 -noout -modulus -in $APICERT | openssl md5| awk '{print $2}') APIKEY_MD5=$(openssl rsa -noout -modulus -in $APIKEY | openssl md5| awk '{print $2}') if [ $APICERT_SUBJECT == "Subject:CN=kube-apiserver" ] && [ $APICERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $APICERT_MD5 == $APIKEY_MD5 ] then - echo "kube-apiserver cert and key are correct" + printf "${SUCCESS}kube-apiserver cert and key are correct\n" else - echo "Exiting...Found mismtach in the kube-apiserver certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the kube-apiserver certificate and keys, check subject\n" exit 1 fi else - echo "kube-apiserver.crt / kube-apiserver.key is missing" + printf "${FAILED}kube-apiserver.crt / kube-apiserver.key is missing\n" exit 1 fi } @@ -247,24 +252,24 @@ check_cert_etcd() { if [ -z $ETCDCERT ] && [ -z $ETCDKEY ] then - echo "please specify ETCD cert and key location, Exiting...." + printf "${FAILED}please specify ETCD cert and key location, Exiting....\n" exit 1 elif [ -f $ETCDCERT ] && [ -f $ETCDKEY ] then - echo "ETCD cert and key found, verifying the authenticity" + printf "${NC}ETCD cert and key found, verifying the authenticity\n" ETCDCERT_SUBJECT=$(openssl x509 -in $ETCDCERT -text | grep "Subject: CN"| tr -d " ") ETCDCERT_ISSUER=$(openssl x509 -in $ETCDCERT -text | grep "Issuer: CN"| tr -d " ") ETCDCERT_MD5=$(openssl x509 -noout -modulus -in $ETCDCERT | openssl md5| awk '{print $2}') ETCDKEY_MD5=$(openssl rsa -noout -modulus -in $ETCDKEY | openssl md5| awk '{print $2}') if [ $ETCDCERT_SUBJECT == "Subject:CN=etcd-server" ] && [ $ETCDCERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ETCDCERT_MD5 == $ETCDKEY_MD5 ] then - echo "etcd-server.crt / etcd-server.key are correct" + printf "${SUCCESS}etcd-server.crt / etcd-server.key are correct\n" else - echo "Exiting...Found mismtach in the ETCD certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the ETCD certificate and keys, check subject\n" exit 1 fi else - echo "etcd-server.crt / etcd-server.key is missing" + printf "${FAILED}etcd-server.crt / etcd-server.key is missing\n" exit 1 fi } @@ -273,24 +278,24 @@ check_cert_sa() { if [ -z $SACERT ] && [ -z $SAKEY ] then - echo "please specify Service Account cert and key location, Exiting...." + printf "${FAILED}please specify Service Account cert and key location, Exiting....\n" exit 1 elif [ -f $SACERT ] && [ -f $SAKEY ] then - echo "service account cert and key found, verifying the authenticity" + printf "${NC}service account cert and key found, verifying the authenticity\n" SACERT_SUBJECT=$(openssl x509 -in $SACERT -text | grep "Subject: CN"| tr -d " ") SACERT_ISSUER=$(openssl x509 -in $SACERT -text | grep "Issuer: CN"| tr -d " ") SACERT_MD5=$(openssl x509 -noout -modulus -in $SACERT | openssl md5| awk '{print $2}') SAKEY_MD5=$(openssl rsa -noout -modulus -in $SAKEY | openssl md5| awk '{print $2}') if [ $SACERT_SUBJECT == "Subject:CN=service-accounts" ] && [ $SACERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $SACERT_MD5 == $SAKEY_MD5 ] then - echo "Service Account cert and key are correct" + printf "${SUCCESS}Service Account cert and key are correct\n" else - echo "Exiting...Found mismtach in the Service Account certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the Service Account certificate and keys, check subject\n" exit 1 fi else - echo "service-account.crt / service-account.key is missing" + printf "${FAILED}service-account.crt / service-account.key is missing\n" exit 1 fi } @@ -300,11 +305,11 @@ check_cert_kpkubeconfig() { if [ -z $KPKUBECONFIG ] then - echo "please specify kube-proxy kubeconfig location" + printf "${FAILED}please specify kube-proxy kubeconfig location\n" exit 1 elif [ -f $KPKUBECONFIG ] then - echo "kube-proxy kubeconfig file found, verifying the authenticity" + printf "${NC}kube-proxy kubeconfig file found, verifying the authenticity\n" KPKUBECONFIG_SUBJECT=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") KPKUBECONFIG_ISSUER=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") KPKUBECONFIG_CERT_MD5=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') @@ -312,13 +317,13 @@ check_cert_kpkubeconfig() KPKUBECONFIG_SERVER=$(cat $KPKUBECONFIG | grep "server:"| awk '{print $2}') if [ $KPKUBECONFIG_SUBJECT == "Subject:CN=system:kube-proxy" ] && [ $KPKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KPKUBECONFIG_CERT_MD5 == $KPKUBECONFIG_KEY_MD5 ] && [ $KPKUBECONFIG_SERVER == "https://192.168.5.30:6443" ] then - echo "kube-proxy kubeconfig cert and key are correct" + printf "${SUCCESS}kube-proxy kubeconfig cert and key are correct\n" else - echo "Exiting...Found mismtach in the kube-proxy kubeconfig certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the kube-proxy kubeconfig certificate and keys, check subject\n" exit 1 fi else - echo "kube-proxy kubeconfig file is missing" + printf "${FAILED}kube-proxy kubeconfig file is missing\n" exit 1 fi } @@ -328,11 +333,11 @@ check_cert_kcmkubeconfig() KCMKUBECONFIG=/var/lib/kubernetes/kube-controller-manager.kubeconfig if [ -z $KCMKUBECONFIG ] then - echo "please specify kube-controller-manager kubeconfig location" + printf "${FAILED}please specify kube-controller-manager kubeconfig location\n" exit 1 elif [ -f $KCMKUBECONFIG ] then - echo "kube-controller-manager kubeconfig file found, verifying the authenticity" + printf "${NC}kube-controller-manager kubeconfig file found, verifying the authenticity\n" KCMKUBECONFIG_SUBJECT=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") KCMKUBECONFIG_ISSUER=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") KCMKUBECONFIG_CERT_MD5=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') @@ -340,13 +345,13 @@ check_cert_kcmkubeconfig() KCMKUBECONFIG_SERVER=$(cat $KCMKUBECONFIG | grep "server:"| awk '{print $2}') if [ $KCMKUBECONFIG_SUBJECT == "Subject:CN=system:kube-controller-manager" ] && [ $KCMKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KCMKUBECONFIG_CERT_MD5 == $KCMKUBECONFIG_KEY_MD5 ] && [ $KCMKUBECONFIG_SERVER == "https://127.0.0.1:6443" ] then - echo "kube-controller-manager kubeconfig cert and key are correct" + printf "${SUCCESS}kube-controller-manager kubeconfig cert and key are correct\n" else - echo "Exiting...Found mismtach in the kube-controller-manager kubeconfig certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager kubeconfig certificate and keys, check subject\n" exit 1 fi else - echo "kube-controller-manager kubeconfig file is missing" + printf "${FAILED}kube-controller-manager kubeconfig file is missing\n" exit 1 fi } @@ -357,11 +362,11 @@ check_cert_kskubeconfig() KSKUBECONFIG=/var/lib/kubernetes/kube-scheduler.kubeconfig if [ -z $KSKUBECONFIG ] then - echo "please specify kube-scheduler kubeconfig location" + printf "${FAILED}please specify kube-scheduler kubeconfig location\n" exit 1 elif [ -f $KSKUBECONFIG ] then - echo "kube-scheduler kubeconfig file found, verifying the authenticity" + printf "${NC}kube-scheduler kubeconfig file found, verifying the authenticity\n" KSKUBECONFIG_SUBJECT=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") KSKUBECONFIG_ISSUER=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") KSKUBECONFIG_CERT_MD5=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') @@ -369,13 +374,13 @@ check_cert_kskubeconfig() KSKUBECONFIG_SERVER=$(cat $KSKUBECONFIG | grep "server:"| awk '{print $2}') if [ $KSKUBECONFIG_SUBJECT == "Subject:CN=system:kube-scheduler" ] && [ $KSKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $KSKUBECONFIG_CERT_MD5 == $KSKUBECONFIG_KEY_MD5 ] && [ $KSKUBECONFIG_SERVER == "https://127.0.0.1:6443" ] then - echo "kube-scheduler kubeconfig cert and key are correct" + printf "${SUCCESS}kube-scheduler kubeconfig cert and key are correct\n" else - echo "Exiting...Found mismtach in the kube-scheduler kubeconfig certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the kube-scheduler kubeconfig certificate and keys, check subject\n" exit 1 fi else - echo "kube-scheduler kubeconfig file is missing" + printf "${FAILED}kube-scheduler kubeconfig file is missing\n" exit 1 fi } @@ -384,11 +389,11 @@ check_cert_adminkubeconfig() { if [ -z $ADMINKUBECONFIG ] then - echo "please specify admin kubeconfig location" + printf "${FAILED}please specify admin kubeconfig location\n" exit 1 elif [ -f $ADMINKUBECONFIG ] then - echo "admin kubeconfig file found, verifying the authenticity" + printf "${NC}admin kubeconfig file found, verifying the authenticity\n" ADMINKUBECONFIG_SUBJECT=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") ADMINKUBECONFIG_ISSUER=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") ADMINKUBECONFIG_CERT_MD5=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') @@ -396,13 +401,13 @@ check_cert_adminkubeconfig() ADMINKUBECONFIG_SERVER=$(cat $ADMINKUBECONFIG | grep "server:"| awk '{print $2}') if [ $ADMINKUBECONFIG_SUBJECT == "Subject:CN=admin,O=system:masters" ] && [ $ADMINKUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $ADMINKUBECONFIG_CERT_MD5 == $ADMINKUBECONFIG_KEY_MD5 ] && [ $ADMINKUBECONFIG_SERVER == "https://127.0.0.1:6443" ] then - echo "admin kubeconfig cert and key are correct" + printf "${SUCCESS}admin kubeconfig cert and key are correct\n" else - echo "Exiting...Found mismtach in the admin kubeconfig certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the admin kubeconfig certificate and keys, check subject\n" exit 1 fi else - echo "admin kubeconfig file is missing" + printf "${FAILED}admin kubeconfig file is missing\n" exit 1 fi } @@ -411,11 +416,11 @@ check_systemd_etcd() { if [ -z $ETCDCERT ] && [ -z $ETCDKEY ] then - echo "please specify ETCD cert and key location, Exiting...." + printf "${FAILED}please specify ETCD cert and key location, Exiting....\n" exit 1 elif [ -f $SYSTEMD_ETCD_FILE ] then - echo "Systemd for ETCD service found, verifying the authenticity" + printf "${NC}Systemd for ETCD service found, verifying the authenticity\n" # Systemd cert and key file details ETCD_CA_CERT=ca.crt @@ -440,23 +445,23 @@ check_systemd_etcd() if [ $CERT_FILE == $ETCDCERT ] && [ $KEY_FILE == $ETCDKEY ] && [ $PEER_CERT_FILE == $ETCDCERT ] && [ $PEER_KEY_FILE == $ETCDKEY ] && \ [ $TRUSTED_CA_FILE == $ETCD_CA_CERT ] && [ $PEER_TRUSTED_CA_FILE = $ETCD_CA_CERT ] then - echo "ETCD certificate, ca and key files are correct under systemd service" + printf "${SUCCESS}ETCD certificate, ca and key files are correct under systemd service\n" else - echo "Exiting...Found mismtach in the ETCD certificate, ca and keys, check /etc/systemd/system/etcd.service file" + printf "${FAILED}Exiting...Found mismtach in the ETCD certificate, ca and keys, check /etc/systemd/system/etcd.service file\n" exit 1 fi if [ $IAP_URL == "https://$INTERNAL_IP:2380" ] && [ $LP_URL == "https://$INTERNAL_IP:2380" ] && [ $LC_URL == "https://$INTERNAL_IP:2379,https://127.0.0.1:2379" ] && \ [ $AC_URL == "https://$INTERNAL_IP:2379" ] then - echo "ETCD initial-advertise-peer-urls, listen-peer-urls, listen-client-urls, advertise-client-urls are correct" + printf "${SUCCESS}ETCD initial-advertise-peer-urls, listen-peer-urls, listen-client-urls, advertise-client-urls are correct\n" else - echo "Exiting...Found mismtach in the ETCD initial-advertise-peer-urls / listen-peer-urls / listen-client-urls / advertise-client-urls, check /etc/systemd/system/etcd.service file" + printf "${FAILED}Exiting...Found mismtach in the ETCD initial-advertise-peer-urls / listen-peer-urls / listen-client-urls / advertise-client-urls, check /etc/systemd/system/etcd.service file\n" exit 1 fi else - echo "etcd-server.crt / etcd-server.key is missing" + printf "${FAILED}etcd-server.crt / etcd-server.key is missing\n" exit 1 fi } @@ -465,11 +470,11 @@ check_systemd_api() { if [ -z $APICERT ] && [ -z $APIKEY ] then - echo "please specify kube-api cert and key location, Exiting...." + printf "${FAILED}please specify kube-api cert and key location, Exiting....\n" exit 1 elif [ -f $SYSTEMD_API_FILE ] then - echo "Systemd for kube-api service found, verifying the authenticity" + printf "${NC}Systemd for kube-api service found, verifying the authenticity\n" INTERNAL_IP=$(ip addr show enp0s8 | grep "inet " | awk '{print $2}' | cut -d / -f 1) ADVERTISE_ADDRESS=$(systemctl cat kube-apiserver.service | grep "\--advertise-address" | awk '{print $1}' | cut -d "=" -f2) @@ -493,13 +498,13 @@ check_systemd_api() [ $KUBELET_CERTIFICATE_AUTHORITY == $CACERT ] && [ $KUBELET_CLIENT_CERTIFICATE == $APICERT ] && [ $KUBELET_CLIENT_KEY == $APIKEY ] && \ [ $SERVICE_ACCOUNT_KEY_FILE == $SACERT ] && [ $TLS_CERT_FILE == $APICERT ] && [ $TLS_PRIVATE_KEY_FILE == $APIKEY ] then - echo "kube-apiserver advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file are correct" + printf "${SUCCESS}kube-apiserver advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file are correct\n" else - echo "Exiting...Found mismtach in the kube-apiserver systemd file, check advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file under /etc/systemd/system/kube-apiserver.service" + printf "${FAILED}Exiting...Found mismtach in the kube-apiserver systemd file, check advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file under /etc/systemd/system/kube-apiserver.service\n" exit 1 fi else - echo "kube-apiserver.crt / kube-apiserver.key is missing" + printf "${FAILED}kube-apiserver.crt / kube-apiserver.key is missing\n" exit 1 fi } @@ -514,11 +519,11 @@ check_systemd_kcm() KCMKUBECONFIG=/var/lib/kubernetes/kube-controller-manager.kubeconfig if [ -z $KCMCERT ] && [ -z $KCMKEY ] then - echo "please specify cert and key location" + printf "${FAILED}please specify cert and key location\n" exit 1 elif [ -f $SYSTEMD_KCM_FILE ] then - echo "Systemd for kube-controller-manager service found, verifying the authenticity" + printf "${NC}Systemd for kube-controller-manager service found, verifying the authenticity\n" CLUSTER_SIGNING_CERT_FILE=$(systemctl cat kube-controller-manager.service | grep "\--cluster-signing-cert-file" | awk '{print $1}' | cut -d "=" -f2) CLUSTER_SIGNING_KEY_FILE=$(systemctl cat kube-controller-manager.service | grep "\--cluster-signing-key-file" | awk '{print $1}' | cut -d "=" -f2) KUBECONFIG=$(systemctl cat kube-controller-manager.service | grep "\--kubeconfig" | awk '{print $1}' | cut -d "=" -f2) @@ -528,13 +533,13 @@ check_systemd_kcm() if [ $CLUSTER_SIGNING_CERT_FILE == $CACERT ] && [ $CLUSTER_SIGNING_KEY_FILE == $CAKEY ] && [ $KUBECONFIG == $KCMKUBECONFIG ] && \ [ $ROOT_CA_FILE == $CACERT ] && [ $SERVICE_ACCOUNT_PRIVATE_KEY_FILE == $SAKEY ] then - echo "kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file are correct" + printf "${SUCCESS}kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file are correct\n" else - echo "Exiting...Found mismtach in the kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file , check /etc/systemd/system/kube-controller-manager.service file" + printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file , check /etc/systemd/system/kube-controller-manager.service file\n" exit 1 fi else - echo "kube-controller-manager.crt / kube-controller-manager.key is missing" + printf "${FAILED}kube-controller-manager.crt / kube-controller-manager.key is missing\n" exit 1 fi } @@ -547,24 +552,24 @@ check_systemd_ks() if [ -z $KSCERT ] && [ -z $KSKEY ] then - echo "please specify cert and key location" + printf "${FAILED}please specify cert and key location\n" exit 1 elif [ -f $SYSTEMD_KS_FILE ] then - echo "Systemd for kube-scheduler service found, verifying the authenticity" + printf "${NC}Systemd for kube-scheduler service found, verifying the authenticity\n" KUBECONFIG=$(systemctl cat kube-scheduler.service | grep "\--kubeconfig"| awk '{print $1}'| cut -d "=" -f2) ADDRESS=$(systemctl cat kube-scheduler.service | grep "\--address"| awk '{print $1}'| cut -d "=" -f2) if [ $KUBECONFIG == $KSKUBECONFIG ] && [ $ADDRESS == "127.0.0.1" ] then - echo "kube-scheduler --kubeconfig, --address are correct" + printf "${SUCCESS}kube-scheduler --kubeconfig, --address are correct\n" else - echo "Exiting...Found mismtach in the kube-scheduler --kubeconfig, --address, check /etc/systemd/system/kube-scheduler.service file" + printf "${FAILED}Exiting...Found mismtach in the kube-scheduler --kubeconfig, --address, check /etc/systemd/system/kube-scheduler.service file\n" exit 1 fi else - echo "kube-scheduler.crt / kube-scheduler.key is missing" + printf "${FAILED}kube-scheduler.crt / kube-scheduler.key is missing\n" exit 1 fi } @@ -577,24 +582,24 @@ check_cert_worker_1() { if [ -z $WORKER_1_CERT ] && [ -z $WORKER_1_KEY ] then - echo "please specify cert and key location of worker-1 node" + printf "${FAILED}please specify cert and key location of worker-1 node\n" exit 1 elif [ -f $WORKER_1_CERT ] && [ -f $WORKER_1_KEY ] then - echo "worker-1 cert and key found, verifying the authenticity" + printf "${NC}worker-1 cert and key found, verifying the authenticity\n" WORKER_1_CERT_SUBJECT=$(openssl x509 -in $WORKER_1_CERT -text | grep "Subject: CN"| tr -d " ") WORKER_1_CERT_ISSUER=$(openssl x509 -in $WORKER_1_CERT -text | grep "Issuer: CN"| tr -d " ") WORKER_1_CERT_MD5=$(openssl x509 -noout -modulus -in $WORKER_1_CERT | openssl md5| awk '{print $2}') WORKER_1_KEY_MD5=$(openssl rsa -noout -modulus -in $WORKER_1_KEY | openssl md5| awk '{print $2}') if [ $WORKER_1_CERT_SUBJECT == "Subject:CN=system:node:worker-1,O=system:nodes" ] && [ $WORKER_1_CERT_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && [ $WORKER_1_CERT_MD5 == $WORKER_1_KEY_MD5 ] then - echo "worker-1 cert and key are correct" + printf "${SUCCESS}worker-1 cert and key are correct\n" else - echo "Exiting...Found mismtach in the worker-1 certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the worker-1 certificate and keys, check subject\n" exit 1 fi else - echo "/var/lib/kubelet/worker-1.crt / /var/lib/kubelet/worker-1.key is missing" + printf "${FAILED}/var/lib/kubelet/worker-1.crt / /var/lib/kubelet/worker-1.key is missing\n" exit 1 fi } @@ -603,11 +608,11 @@ check_cert_worker_1_kubeconfig() { if [ -z $WORKER_1_KUBECONFIG ] then - echo "please specify worker-1 kubeconfig location" + printf "${FAILED}please specify worker-1 kubeconfig location\n" exit 1 elif [ -f $WORKER_1_KUBECONFIG ] then - echo "worker-1 kubeconfig file found, verifying the authenticity" + printf "${NC}worker-1 kubeconfig file found, verifying the authenticity\n" WORKER_1_KUBECONFIG_SUBJECT=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") WORKER_1_KUBECONFIG_ISSUER=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") WORKER_1_KUBECONFIG_CERT_MD5=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') @@ -616,13 +621,13 @@ check_cert_worker_1_kubeconfig() if [ $WORKER_1_KUBECONFIG_SUBJECT == "Subject:CN=system:node:worker-1,O=system:nodes" ] && [ $WORKER_1_KUBECONFIG_ISSUER == "Issuer:CN=KUBERNETES-CA" ] && \ [ $WORKER_1_KUBECONFIG_CERT_MD5 == $WORKER_1_KUBECONFIG_KEY_MD5 ] && [ $WORKER_1_KUBECONFIG_SERVER == "https://192.168.5.30:6443" ] then - echo "worker-1 kubeconfig cert and key are correct" + printf "${SUCCESS}worker-1 kubeconfig cert and key are correct\n" else - echo "Exiting...Found mismtach in the worker-1 kubeconfig certificate and keys, check subject" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kubeconfig certificate and keys, check subject\n" exit 1 fi else - echo "worker-1 /var/lib/kubelet/kubeconfig file is missing" + printf "${FAILED}worker-1 /var/lib/kubelet/kubeconfig file is missing\n" exit 1 fi } @@ -636,11 +641,11 @@ check_cert_worker_1_kubelet() if [ -z $WORKER_1_KUBELET ] && [ -z $SYSTEMD_WORKER_1_KUBELET ] then - echo "please specify worker-1 kubelet config location" + printf "${FAILED}please specify worker-1 kubelet config location\n" exit 1 elif [ -f $WORKER_1_KUBELET ] && [ -f $SYSTEMD_WORKER_1_KUBELET ] && [ -f $WORKER_1_TLSCERTFILE ] && [ -f $WORKER_1_TLSPRIVATEKEY ] then - echo "worker-1 kubelet config file, systemd services, tls cert and key found, verifying the authenticity" + printf "${NC}worker-1 kubelet config file, systemd services, tls cert and key found, verifying the authenticity\n" WORKER_1_KUBELET_CA=$(cat $WORKER_1_KUBELET | grep "clientCAFile:" | awk '{print $2}' | tr -d " \"") WORKER_1_KUBELET_DNS=$(cat $WORKER_1_KUBELET | grep "resolvConf:" | awk '{print $2}' | tr -d " \"") @@ -649,9 +654,9 @@ check_cert_worker_1_kubelet() if [ $WORKER_1_KUBELET_CA == $CACERT ] && [ $WORKER_1_KUBELET_DNS == "/run/systemd/resolve/resolv.conf" ] && \ [ $WORKER_1_KUBELET_AUTH_MODE == "Webhook" ] then - echo "worker-1 kubelet config CA cert, resolvConf and Auth mode are correct" + printf "${SUCCESS}worker-1 kubelet config CA cert, resolvConf and Auth mode are correct\n" else - echo "Exiting...Found mismtach in the worker-1 kubelet config CA cert, resolvConf and Auth mode, check /var/lib/kubelet/kubelet-config.yaml" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kubelet config CA cert, resolvConf and Auth mode, check /var/lib/kubelet/kubelet-config.yaml\n" exit 1 fi @@ -662,14 +667,14 @@ check_cert_worker_1_kubelet() if [ $KUBELETCONFIG == $WORKER_1_KUBELET ] && [ $TLSCERTFILE == $WORKER_1_TLSCERTFILE ] && \ [ $TLSPRIVATEKEY == $WORKER_1_TLSPRIVATEKEY ] then - echo "worker-1 kubelet systemd services are correct" + printf "${SUCCESS}worker-1 kubelet systemd services are correct\n" else - echo "Exiting...Found mismtach in the worker-1 kubelet systemd services, check /etc/systemd/system/kubelet.service" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kubelet systemd services, check /etc/systemd/system/kubelet.service\n" exit 1 fi else - echo "worker-1 kubelet config, systemd services, tls cert and key file is missing" + printf "${FAILED}worker-1 kubelet config, systemd services, tls cert and key file is missing\n" exit 1 fi } @@ -681,25 +686,25 @@ check_cert_worker_1_kp() if [ -z $WORKER_1_KP_KUBECONFIG ] && [ -z $SYSTEMD_WORKER_1_KP ] then - echo "please specify worker-1 kube-proxy config and systemd service path" + printf "${FAILED}please specify worker-1 kube-proxy config and systemd service path\n" exit 1 elif [ -f $WORKER_1_KP_KUBECONFIG ] && [ -f $SYSTEMD_WORKER_1_KP ] && [ -f $WORKER_1_KP_CONFIG_YAML ] then - echo "worker-1 kube-proxy kubeconfig, systemd services and configuration files found, verifying the authenticity" + printf "${NC}worker-1 kube-proxy kubeconfig, systemd services and configuration files found, verifying the authenticity\n" KP_CONFIG=$(cat $WORKER_1_KP_CONFIG_YAML | grep "kubeconfig:" | awk '{print $2}' | tr -d " \"") KP_CONFIG_YAML=$(systemctl cat kube-proxy.service | grep "\--config" | awk '{print $1}'| cut -d "=" -f2) if [ $KP_CONFIG == $WORKER_1_KP_KUBECONFIG ] && [ $KP_CONFIG_YAML == $WORKER_1_KP_CONFIG_YAML ] then - echo "worker-1 kube-proxy kubeconfig and configuration files are correct" + printf "${SUCCESS}worker-1 kube-proxy kubeconfig and configuration files are correct\n" else - echo "Exiting...Found mismtach in the worker-1 kube-proxy kubeconfig and configuration files, check /var/lib/kubelet/kubelet-config.yaml & /etc/systemd/system/kube-proxy.service" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kube-proxy kubeconfig and configuration files, check /var/lib/kubelet/kubelet-config.yaml & /etc/systemd/system/kube-proxy.service\n" exit 1 fi else - echo "worker-1 kube-proxy kubeconfig and configuration files are missing" + printf "${FAILED}worker-1 kube-proxy kubeconfig and configuration files are missing\n" exit 1 fi } @@ -763,7 +768,7 @@ case $value in ;; *) - echo -e "Exiting.... Please select the valid option either 1 or 2\n" + printf "${FAILED}Exiting.... Please select the valid option either 1 or 2\n" exit 1 ;; esac \ No newline at end of file From 337932989ad63717a06c9db54d4a7c3244699ae8 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Thu, 7 May 2020 13:10:50 +0530 Subject: [PATCH 35/79] master cert validation with github links --- vagrant/ubuntu/cert_verify.sh | 66 +++++++++++++++++------------------ 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index 74a3f2c..fce3f26 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -108,11 +108,11 @@ check_cert_ca() then printf "${SUCCESS}CA cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the CA certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the CA certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#certificate-authority\n" exit 1 fi else - printf "${FAILED}ca.crt / ca.key is missing\n" + printf "${FAILED}ca.crt / ca.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#certificate-authority\n" exit 1 fi } @@ -135,11 +135,11 @@ check_cert_admin() then printf "${SUCCESS}admin cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the admin certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the admin certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-admin-client-certificate\n" exit 1 fi else - printf "${FAILED}admin.crt / admin.key is missing\n" + printf "${FAILED}admin.crt / admin.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-admin-client-certificate\n" exit 1 fi } @@ -161,11 +161,11 @@ check_cert_kcm() then printf "${SUCCESS}kube-controller-manager cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-controller-manager-client-certificate\n" exit 1 fi else - printf "${FAILED}kube-controller-manager.crt / kube-controller-manager.key is missing\n" + printf "${FAILED}kube-controller-manager.crt / kube-controller-manager.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-controller-manager-client-certificate\n" exit 1 fi } @@ -187,11 +187,11 @@ check_cert_kp() then printf "${SUCCESS}kube-proxy cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-proxy certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the kube-proxy certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-kube-proxy-client-certificate\n" exit 1 fi else - printf "${FAILED}kube-proxy.crt / kube-proxy.key is missing\n" + printf "${FAILED}kube-proxy.crt / kube-proxy.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-kube-proxy-client-certificate\n" exit 1 fi } @@ -213,11 +213,11 @@ check_cert_ks() then printf "${SUCCESS}kube-scheduler cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-scheduler certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the kube-scheduler certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-scheduler-client-certificate\n" exit 1 fi else - printf "${FAILED}kube-scheduler.crt / kube-scheduler.key is missing\n" + printf "${FAILED}kube-scheduler.crt / kube-scheduler.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-scheduler-client-certificate\n" exit 1 fi } @@ -239,11 +239,11 @@ check_cert_api() then printf "${SUCCESS}kube-apiserver cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-apiserver certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the kube-apiserver certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-kubernetes-api-server-certificate\n" exit 1 fi else - printf "${FAILED}kube-apiserver.crt / kube-apiserver.key is missing\n" + printf "${FAILED}kube-apiserver.crt / kube-apiserver.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-kubernetes-api-server-certificate\n" exit 1 fi } @@ -265,11 +265,11 @@ check_cert_etcd() then printf "${SUCCESS}etcd-server.crt / etcd-server.key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the ETCD certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the ETCD certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-etcd-server-certificate\n" exit 1 fi else - printf "${FAILED}etcd-server.crt / etcd-server.key is missing\n" + printf "${FAILED}etcd-server.crt / etcd-server.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-etcd-server-certificate\n" exit 1 fi } @@ -291,11 +291,11 @@ check_cert_sa() then printf "${SUCCESS}Service Account cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the Service Account certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the Service Account certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-service-account-key-pair\n" exit 1 fi else - printf "${FAILED}service-account.crt / service-account.key is missing\n" + printf "${FAILED}service-account.crt / service-account.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md#the-service-account-key-pair\n" exit 1 fi } @@ -319,11 +319,11 @@ check_cert_kpkubeconfig() then printf "${SUCCESS}kube-proxy kubeconfig cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-proxy kubeconfig certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the kube-proxy kubeconfig certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-kube-proxy-kubernetes-configuration-file\n" exit 1 fi else - printf "${FAILED}kube-proxy kubeconfig file is missing\n" + printf "${FAILED}kube-proxy kubeconfig file is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-kube-proxy-kubernetes-configuration-file\n" exit 1 fi } @@ -347,11 +347,11 @@ check_cert_kcmkubeconfig() then printf "${SUCCESS}kube-controller-manager kubeconfig cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager kubeconfig certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager kubeconfig certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-kube-controller-manager-kubernetes-configuration-file\n" exit 1 fi else - printf "${FAILED}kube-controller-manager kubeconfig file is missing\n" + printf "${FAILED}kube-controller-manager kubeconfig file is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-kube-controller-manager-kubernetes-configuration-file\n" exit 1 fi } @@ -376,11 +376,11 @@ check_cert_kskubeconfig() then printf "${SUCCESS}kube-scheduler kubeconfig cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-scheduler kubeconfig certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the kube-scheduler kubeconfig certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-kube-scheduler-kubernetes-configuration-file\n" exit 1 fi else - printf "${FAILED}kube-scheduler kubeconfig file is missing\n" + printf "${FAILED}kube-scheduler kubeconfig file is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-kube-scheduler-kubernetes-configuration-file\n" exit 1 fi } @@ -403,11 +403,11 @@ check_cert_adminkubeconfig() then printf "${SUCCESS}admin kubeconfig cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the admin kubeconfig certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the admin kubeconfig certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-admin-kubernetes-configuration-file\n" exit 1 fi else - printf "${FAILED}admin kubeconfig file is missing\n" + printf "${FAILED}admin kubeconfig file is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md#the-admin-kubernetes-configuration-file\n" exit 1 fi } @@ -447,7 +447,7 @@ check_systemd_etcd() then printf "${SUCCESS}ETCD certificate, ca and key files are correct under systemd service\n" else - printf "${FAILED}Exiting...Found mismtach in the ETCD certificate, ca and keys, check /etc/systemd/system/etcd.service file\n" + printf "${FAILED}Exiting...Found mismtach in the ETCD certificate, ca and keys. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/07-bootstrapping-etcd.md#configure-the-etcd-server\n" exit 1 fi @@ -456,12 +456,12 @@ check_systemd_etcd() then printf "${SUCCESS}ETCD initial-advertise-peer-urls, listen-peer-urls, listen-client-urls, advertise-client-urls are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the ETCD initial-advertise-peer-urls / listen-peer-urls / listen-client-urls / advertise-client-urls, check /etc/systemd/system/etcd.service file\n" + printf "${FAILED}Exiting...Found mismtach in the ETCD initial-advertise-peer-urls / listen-peer-urls / listen-client-urls / advertise-client-urls. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/07-bootstrapping-etcd.md#configure-the-etcd-server\n" exit 1 fi else - printf "${FAILED}etcd-server.crt / etcd-server.key is missing\n" + printf "${FAILED}etcd-server.crt / etcd-server.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/07-bootstrapping-etcd.md#configure-the-etcd-server\n" exit 1 fi } @@ -500,11 +500,11 @@ check_systemd_api() then printf "${SUCCESS}kube-apiserver advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-apiserver systemd file, check advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file under /etc/systemd/system/kube-apiserver.service\n" + printf "${FAILED}Exiting...Found mismtach in the kube-apiserver systemd file, check advertise-address/ client-ca-file/ etcd-cafile/ etcd-certfile/ etcd-keyfile/ kubelet-certificate-authority/ kubelet-client-certificate/ kubelet-client-key/ service-account-key-file/ tls-cert-file/ tls-private-key-file. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md#configure-the-kubernetes-api-server\n" exit 1 fi else - printf "${FAILED}kube-apiserver.crt / kube-apiserver.key is missing\n" + printf "${FAILED}kube-apiserver.crt / kube-apiserver.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md#configure-the-kubernetes-api-server\n" exit 1 fi } @@ -535,11 +535,11 @@ check_systemd_kcm() then printf "${SUCCESS}kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file , check /etc/systemd/system/kube-controller-manager.service file\n" + printf "${FAILED}Exiting...Found mismtach in the kube-controller-manager cluster-signing-cert-file, cluster-signing-key-file, kubeconfig, root-ca-file, service-account-private-key-file ,More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md#configure-the-kubernetes-controller-manager\n" exit 1 fi else - printf "${FAILED}kube-controller-manager.crt / kube-controller-manager.key is missing\n" + printf "${FAILED}kube-controller-manager.crt / kube-controller-manager.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md#configure-the-kubernetes-controller-manager\n" exit 1 fi } @@ -565,11 +565,11 @@ check_systemd_ks() then printf "${SUCCESS}kube-scheduler --kubeconfig, --address are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the kube-scheduler --kubeconfig, --address, check /etc/systemd/system/kube-scheduler.service file\n" + printf "${FAILED}Exiting...Found mismtach in the kube-scheduler --kubeconfig, --address, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md#configure-the-kubernetes-scheduler\n" exit 1 fi else - printf "${FAILED}kube-scheduler.crt / kube-scheduler.key is missing\n" + printf "${FAILED}kube-scheduler.crt / kube-scheduler.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md#configure-the-kubernetes-scheduler\n" exit 1 fi } From a4db3dbf137ae65468a8f641ad67b50466857153 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Thu, 7 May 2020 14:09:41 +0530 Subject: [PATCH 36/79] worker-1 cert validation with github links --- vagrant/ubuntu/cert_verify.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index fce3f26..14cd072 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -595,11 +595,11 @@ check_cert_worker_1() then printf "${SUCCESS}worker-1 cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the worker-1 certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the worker-1 certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#provisioning--kubelet-client-certificates\n" exit 1 fi else - printf "${FAILED}/var/lib/kubelet/worker-1.crt / /var/lib/kubelet/worker-1.key is missing\n" + printf "${FAILED}/var/lib/kubelet/worker-1.crt / /var/lib/kubelet/worker-1.key is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#provisioning--kubelet-client-certificates\n" exit 1 fi } @@ -623,11 +623,11 @@ check_cert_worker_1_kubeconfig() then printf "${SUCCESS}worker-1 kubeconfig cert and key are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the worker-1 kubeconfig certificate and keys, check subject\n" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kubeconfig certificate and keys, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#the-kubelet-kubernetes-configuration-file\n" exit 1 fi else - printf "${FAILED}worker-1 /var/lib/kubelet/kubeconfig file is missing\n" + printf "${FAILED}worker-1 /var/lib/kubelet/kubeconfig file is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#the-kubelet-kubernetes-configuration-file\n" exit 1 fi } @@ -656,7 +656,7 @@ check_cert_worker_1_kubelet() then printf "${SUCCESS}worker-1 kubelet config CA cert, resolvConf and Auth mode are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the worker-1 kubelet config CA cert, resolvConf and Auth mode, check /var/lib/kubelet/kubelet-config.yaml\n" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kubelet config CA cert, resolvConf and Auth mode, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#configure-the-kubelet\n" exit 1 fi @@ -669,12 +669,12 @@ check_cert_worker_1_kubelet() then printf "${SUCCESS}worker-1 kubelet systemd services are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the worker-1 kubelet systemd services, check /etc/systemd/system/kubelet.service\n" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kubelet systemd services, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#configure-the-kubelet\n" exit 1 fi else - printf "${FAILED}worker-1 kubelet config, systemd services, tls cert and key file is missing\n" + printf "${FAILED}worker-1 kubelet config, systemd services, tls cert and key file is missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md\n" exit 1 fi } @@ -699,12 +699,12 @@ check_cert_worker_1_kp() then printf "${SUCCESS}worker-1 kube-proxy kubeconfig and configuration files are correct\n" else - printf "${FAILED}Exiting...Found mismtach in the worker-1 kube-proxy kubeconfig and configuration files, check /var/lib/kubelet/kubelet-config.yaml & /etc/systemd/system/kube-proxy.service\n" + printf "${FAILED}Exiting...Found mismtach in the worker-1 kube-proxy kubeconfig and configuration files, More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#configure-the-kubernetes-proxy\n" exit 1 fi else - printf "${FAILED}worker-1 kube-proxy kubeconfig and configuration files are missing\n" + printf "${FAILED}worker-1 kube-proxy kubeconfig and configuration files are missing. More details: https://github.com/mmumshad/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md#configure-the-kubernetes-proxy\n" exit 1 fi } From 49579afaa04392cf4d9760e848f37d700c73d7c3 Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Sun, 10 May 2020 14:40:31 +0530 Subject: [PATCH 37/79] kube-proxy config skip master2 --- vagrant/ubuntu/cert_verify.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index 14cd072..6ede5c4 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -734,13 +734,13 @@ case $value in check_cert_kp check_cert_ks check_cert_adminkubeconfig + check_cert_kpkubeconfig fi check_cert_api check_cert_sa check_cert_etcd # Kubeconfig verification - check_cert_kpkubeconfig check_cert_kcmkubeconfig check_cert_kskubeconfig From ad51d1bb58daabda6d792bed7c418ba8c562b412 Mon Sep 17 00:00:00 2001 From: KK <38712160+K2-KK@users.noreply.github.com> Date: Sat, 16 May 2020 12:08:49 +0530 Subject: [PATCH 38/79] Update 08-bootstrapping-kubernetes-controllers.md --- docs/08-bootstrapping-kubernetes-controllers.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 263f5d5..427d641 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -119,7 +119,7 @@ EOF Move the `kube-controller-manager` kubeconfig into place: ``` -sudo mv kube-controller-manager.kubeconfig /var/lib/kubernetes/ +sudo cp kube-controller-manager.kubeconfig /var/lib/kubernetes/ ``` Create the `kube-controller-manager.service` systemd unit file: @@ -157,7 +157,7 @@ EOF Move the `kube-scheduler` kubeconfig into place: ``` -sudo mv kube-scheduler.kubeconfig /var/lib/kubernetes/ +sudo cp kube-scheduler.kubeconfig /var/lib/kubernetes/ ``` Create the `kube-scheduler.service` systemd unit file: From 85f58acdbc426b5ac9f3f3a9e7f6fe39b0880e22 Mon Sep 17 00:00:00 2001 From: KK <38712160+K2-KK@users.noreply.github.com> Date: Sat, 16 May 2020 12:14:13 +0530 Subject: [PATCH 39/79] Update 08-bootstrapping-kubernetes-controllers.md --- docs/08-bootstrapping-kubernetes-controllers.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 427d641..44fea97 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -116,7 +116,7 @@ EOF ### Configure the Kubernetes Controller Manager -Move the `kube-controller-manager` kubeconfig into place: +Copy the `kube-controller-manager` kubeconfig into place: ``` sudo cp kube-controller-manager.kubeconfig /var/lib/kubernetes/ @@ -154,7 +154,7 @@ EOF ### Configure the Kubernetes Scheduler -Move the `kube-scheduler` kubeconfig into place: +Copy the `kube-scheduler` kubeconfig into place: ``` sudo cp kube-scheduler.kubeconfig /var/lib/kubernetes/ From b1c7cf9cecfa7a0eee8b56f7f0f6301c1421e03c Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Sun, 17 May 2020 15:29:56 +0530 Subject: [PATCH 40/79] kcm & ks kubeconfig - path fix --- vagrant/ubuntu/cert_verify.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index 6ede5c4..705a53f 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -330,7 +330,6 @@ check_cert_kpkubeconfig() check_cert_kcmkubeconfig() { - KCMKUBECONFIG=/var/lib/kubernetes/kube-controller-manager.kubeconfig if [ -z $KCMKUBECONFIG ] then printf "${FAILED}please specify kube-controller-manager kubeconfig location\n" @@ -359,7 +358,6 @@ check_cert_kcmkubeconfig() check_cert_kskubeconfig() { - KSKUBECONFIG=/var/lib/kubernetes/kube-scheduler.kubeconfig if [ -z $KSKUBECONFIG ] then printf "${FAILED}please specify kube-scheduler kubeconfig location\n" From d9a947b75317073d30527cd18b51b2ba84f38da9 Mon Sep 17 00:00:00 2001 From: KK <38712160+K2-KK@users.noreply.github.com> Date: Mon, 18 May 2020 05:59:49 +0530 Subject: [PATCH 41/79] Added a note to login to loadbalancer instance --- docs/08-bootstrapping-kubernetes-controllers.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 44fea97..761aba8 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -218,6 +218,8 @@ In this section you will provision an external load balancer to front the Kubern ### Provision a Network Load Balancer +Login to `loadbalancer` instance using SSH Terminal. + ``` #Install HAProxy loadbalancer# sudo apt-get update && sudo apt-get install -y haproxy From e9db375e4c51afe97b49b6a6b987c52e4c4466ce Mon Sep 17 00:00:00 2001 From: Sujith Abdul Rahim Date: Tue, 19 May 2020 00:31:51 +0530 Subject: [PATCH 42/79] updated docs - certificate verification --- README.md | 1 + docs/images/master-1-cert.png | Bin 0 -> 102322 bytes docs/images/master-2-cert.png | Bin 0 -> 76760 bytes docs/images/worker-1-cert.png | Bin 0 -> 44679 bytes docs/verify-certificates.md | 24 ++++++++++++++++++++++++ 5 files changed, 25 insertions(+) create mode 100644 docs/images/master-1-cert.png create mode 100644 docs/images/master-2-cert.png create mode 100644 docs/images/worker-1-cert.png create mode 100644 docs/verify-certificates.md diff --git a/README.md b/README.md index c0773f1..58dfdab 100644 --- a/README.md +++ b/README.md @@ -55,3 +55,4 @@ Kubernetes The Hard Way guides you through bootstrapping a highly available Kube * [Smoke Test](docs/15-smoke-test.md) * [E2E Test](docs/16-e2e-tests.md) * [Extra - Dynamic Kubelet Configuration](docs/17-extra-dynamic-kubelet-configuration.md) +* [Extra - Certificate Verification](docs/verify-certificates.md) diff --git a/docs/images/master-1-cert.png b/docs/images/master-1-cert.png new file mode 100644 index 0000000000000000000000000000000000000000..939959983dae03327bf78fec9c1c51b144297751 GIT binary patch literal 102322 zcmeFZc{~)_|39vjHc?8EN(;Fqd-lxaN|I0sX)p>Y%S^~VOIk>hvX^BNQns-VVTQ;W zlP$(z?E4r7voGJd_rC9~?!AxC`~BzdkKf}le;mU(=XK8ObzZOMdA?pp#3c)p?OXS4 z6%rEKZhHRg6(OMw5Fw%UW1B?;-#mf7SP>FBBxHKl@M_??h19m9@p6eX@sF&ML{CLx zP@8X|U&kN4EF@;MQ)lzLk==2^;B{wXw-+vtTE1O0nDkkGenyC^d%s^vsM=mRF^yle zPPA6&Up^@@p;lXs)gvD5`b>SKQb5Os09eG!ySh5bvhwsT#G2tM9Ay#zA_}}kG)ivq?xZ1bBSUVFlF7 z(yu;p_n!icif*ZKmHg zAWC`33#3*{!&^}HBH-Azq4FyB45h7k{1{)7@yh^3eHBPBV;VIk%6;SD`c^c}X3l9P z(-nR2b4p#Ba_`QCD2#h-;y+EXk6M;yCizH({-Eajq1viDo)riO%Wk$Fre;tQ8y@G~ z_ZDYeW_}H~cyv{=cdh31^3y}PaQ-Xr#wf9U@`mbpcek|2=A-8@zo0)tuN6&*xz?=N zdObWf;_WBO%#*ZCKo|#gVSV_|Cm;vz#w_@>RNUDX2imB1Ooii~a9CPPe#br{bPfIO zc$f3F&X;BU*EB!y9#R?gJoX%~1a_+bGCezp=F?$2kvC};oyC;uP=JI@%$&-;I9_O| z4ds7g3@niLNLRQmLOmatI|+$=|BM)mK1t6W=@9LJ(6O<7oK}B1yH{%4cH7E9{BPsZ zDk6m2E?X+$w%*S;YibJEyPw^6DBwn}<q@%8O_sQ)Mp*NDP_TQ^I)0Vn3Lo7LJ{n4X4B3r`&)QIp4?EKJI^WB?a@IvXB zixy#{3o>Ox7cl6Fw2A!YM4hhuvqcll@(E#*+THGt>{az!G?*s?pfuksFfHvY%9!3_ z^Ff{)$WFAm>Q#!Pp=Zj^V&6$>>oZiEqMGe1#b6VS6fvsTg~9hOi${ofJ5&_9otH{4 zdcu4PzP*k8>1QYG>2gN;>!#=R>D8EDq_#vz+ZoF<;6!|6b_ysV?=J* ztgoF-7asHed_K6*e6y$ZCEXTKB4xDPbYpV+db1)|3#^k2vVzjzSQFsoK5aq$1!YRi zx6ML9LKyma125yR=6kU;qCef}JnWqj>$-xFVAeQ%8f`4V6Qs3e$iE#9Fg{>KT6?i@ zPLij%bh#`&)<7T8tr2L`iqZ7mRerkC`UcJaqbL$mW_|}o9w8lL?_s<_sJ|<+J{3^E z3HD=T5v)k&>&E8dBgV+Z^79v=oaO11FT?vJA1K@6LMBKj{A_dmd+Omu+>N2H5GD9k zo8vX+N58enSYpr;GJ2P<#NjuU7QtOSF3;@;0Tg0E>vrSHJYXI+g|P_=UKkcd?Y%9i z_|}%!7f13qapWe2hGWd|lDncHkk>|bHZ;Bq?o}+%$|{Q-?lWu9k zi}hMR1q~r#6}OQ$VtY3=ZfZFk`cZr_rthAabRQRSAR+%s|2<$b;xH%y->e%b#`x8L zB2vQU`}q=_wGoh7VQewPqd8E-!u4@m)%y1?)=z32oE1W<&6)z}W@BNG%oFNv7=!N^ zi-7@OfPb4>Rn^&vR@YjqF?2#bmHD8PUaUs0?Q&CB^?d0AJrarc`h-HwT5`fjKTnz^ zT3uQaZ+h6p<E;*%Lk`$hed&4D*G{Wyac&4yv(E@ zWe#8FQvgUrCO?{~d}nk2I*P`zj@Kyn$tEE!0tC;~5LeDl>8JIuZ_6GS>}j$dnKCPQZyWR5$vn!iij*GR#Fc2h&}@bc-1fGroDqvGW*B5h>o&7$jId0A?cV zNTDBtytTG$ynr*BKF~G=IhkrGrjRV#*R6pH5xeL1(m|;*5>*p~P-&%oo?6sc_AMQ< zR7F<95IO_z(4PF0q!1GzZejo!$wRL)Ut@h}pzd#d=v~P4SGXi0M`ozQp&;!*O<-@U zadbvO2#w-dvsy>L&7T+`Sy3`z-CYn1T*60Qnl`W>ngC2w#0}N&|5L*1p#5;E@ZTkD zESi&YWYu^-0(Tq<@AlFv=)+2`wy&^vBJ@0x-NvSG%cKgn`FbC^pJ#`q-&z^$AZ1k2 z@NfA9LMwr?;Da;4N)6u}o1)F=+r@VaP?L4<+BtFDfRx)+d%q#KY{vry1HVYUaRkD1 zd*QUmmwn{)j{ZOZd%3qko>^a8MN;5qfHPr1oXB`^jZ6Ox*!}%}?ZAbzY~}^3DX47A zTN`Eamx4vjj^&2|a>-Tv;CV{)?8($cH4Hzi2WgEX-qU&-JDGO+ej*D>wQR*d0Ppu8 zM-B&zW{yu6rz0uoQiMCd6jlKChxM%ba`$qzRRN&RY~lAe;o2sdR0Y<71wM;o^{VLt zOLO`1ZBieF6)uZ(;8&39Pji#Xv*Q+gD_4!V*Ezry{Ce!Im8kUjJPLD#5vfyHQcvY=I&4sp7x|Eh}~F5!GL2IY2ZJS-$n-CcZ0*^uW9o z);nQ2X@*5TrTO~2TeISx;CS*7oq$tm=#!A^z-{BmHF~$jib+EBI|?ok#+XiZIrw4O zH!>~Sil5Na)RBbb1jk9gK|L#)3v5 zE{Itn)|n-UR~>pALPN;B%F*XfURYHEnc+E`i*N`b=o~5VOuWj9?6$oRY3N?;>Ue=oCHu?ihs`5RIcOq=*HK1U zvw%sL;mVL12szZ{gKNMgjiSByEk~<#xmUsE{LC8WBfati1BLT4)LcNfR-;j6n+vcB#B^9U=3 zk~hb=I2RnWooO7+EW0TS1okZ02J_4Vcgo1vt}s=XUZPM&Y>R0XCI>i!Ny9xw=F;+) zz2aoBUUm#87O5;NC~X8| zqiys~*EtaN_^V6}z!qd-^mdcO6joo8mTj zJ)i7)9+Wzw?OHL!ws2fIDIR)f#6DIfF{yYiiw2zqPRo+8MRDr!q|(S@*CMW*QzsQl zCKX2~lofI37|pZUEOmlZo3A)6c6&QZlWWg5VI$``lAd4lP*cvOB$w>lU)hQruj9D6SI}!oJyJr+jWX`j{60y<%eXjAFEttBmPl=-TedMuU7$=)t%6ud z<0zgt5k5wi30-*&fAGwXuSG{m+g7cDM@a5qV$Ct6RZu#zw=ajX*9_5)amNLHnbG?Q z?}bcIx;V#Z1RdmVSCuFgCEQHb>I?s)@CiVGB-7O~)-I!r;OU*}kR$TEJ-iaJt%Z(I`9X7V0&}2EH7D zom$9VRO3?Gvene8vX7zMagXa_2X~2!`cjKTQPP1L8Peyx*|T5PxeR(p-*H6xy!OMv zZp|gE-f5+*L7Sz}-xQlE9bYS}!rv7(_4ljaY*o;^hKNxQ$d8{7iNbASZznd4g+mo^ zL}+e|_a52pTp~-F7c~G~0M5(W0)tf5SNA?I7I@->VGSl`722;5gEPndq0C}|W4bt1 zhrNz7#)fULZ$^3 zKOm{Q9!y|jUW$`9<)W`wS~ns6MY!`Mq#ZxF#t4qT)Rn;hTn^y767d7(oZJF;SaV>3 zqY}=Tya7?H_$#P&o)wuwSgvdkV>x=*o1iqQD6_#+1^q2-Oc`?0Egv;y35e!s_bAd) zsxrOW97Qg}!UastCnDfJ_hJ1UNJJUd;<0`VOXsMBU zEwGzuz4T7&V*N+YeBv=lQFY;rTkpeI77)y|t=PqmRPR`>yoF0iNBuH6zTES+NOe%-7_BR(v? z&uUW>?Q#qf(B^|1*e*@#5yvSAU3Hl^~l6{unBLH`HTo3*eR38FYTCNh@T2j3Vs-9cUXpHjk zC=7rj=C2kv#vG0z6++FiKCrQgU3Np_Z;b9H4IsM|Uh(&FKylFh;D`Gm);C)3Wb&Wk zwU{O9JyWPKs`6_vRbQ)EeS=KiBoUJg6Q9Ml(vsO$eFyj*WoYJJaE|xLoC#NDQoFSB zHSQQcej5LpgRNEt2Fpw>C}{cm7mfKIr<0s*U>~F5CO|VJrKa)H>kjk-?F}x)7lS@p z)XiDfyqqO`z@(l!0Y(G!uD-PWJ5bGNgBv`!&Z|5el>E6 zb6(;r)pk*%MBtmfVV-29BM?#XIx(9y+0@j4{(#ybTD&2!+F~48*f&xi4tV>%G^DN$mS3MW6j)f2Ullysod>70G zCf1#Hd}-I*d}WgX=`(e5TFmZ_eF#DkZ>h}BN10laCMELp3J(U) zbJBJo06+a|THEdDN~Oh0950`3JARI+KdJwk6!02&!TB&5sfF#SP7T5Kvc9l$n3!60 zaW)3Wu!b)-InL%=Z>Qp2(_C^0+1CoVD(Z@27r0`sAxj1`Z>L}A0CJ-!EqmmH+G)wF zq>iRNyz3m>G@t+}wv983CQwiLkB{T17g5|yxE2MNhFq(WU8b9Cmc~uG-|LBV!H5j! zy1v2D)$enQfd3)o%SxlT$j-HBHiBysGU}=T>%Z*LOd9O=SG*d1ymnVPI*~zPjl~hCWL)U z=A}+x{L1um=Roa6e~+1Gt>mM-Mi!k-j#)2k{xeIkbV4K$;o+n-bU`)M zl(2uKrWHjhMBRw&DWN=b-nt~NwvaBWiq!goQgK_FJdoD8xp{RvPErW)$ zZv=>wtcci!!K4ru3{6t3$uArg6U5UKu64V&HX0Ao4Kjhl?(V(1*{0n;-I98=}PD#ainDn(da| z>${9tjc>R@(~C=IQh_`2nSJb-c6-7W3GL3D$4Z-)yly&OD_e0T4HUL$LDGUt;970S zul9=L^FtBIB}9{j2ETC1r--fOVo^U-uMJ_foKcv;p~!7QXIhSI(6q)HzU63*sW_^^=XRD1hfX>+|{_uNoZ(yG6OEU zaF}ZEr3alzw^QcS^7$6b9(WbIi^>Ek6mx?4Io^l$=9WiekBlDVRwmZe0Y0-5I1z}f zWzrGkL->)7Bd9OaWd!%~7+9Chac`?KOTi6(jdT;`&fkbNRx#Lw$D&TPaZ=s36P;wf zr-T@nMBX(#4Cx(w@yy%sdUe@(9=UDE2u2q*eNne;!%W(}C0AoG^ivn&I<7r%MJW42 zn)p8ZBO}8B5Xl#8Ozb2ezoK$Tmdl-r(X)`1E8P~R@cJ~9EpEQ%RbaaFkFy8Bl>%A;$Ol_BJIJ!u5mL5 z%8>WDnJBs(qyb-KZt|)jKpo*vqcoojkc}~qvj*tg7(4EWjS^4w_J zQt+(owkeWj7r@rQks)*NJ54#VP3=%b^2As0-pps9)Mt-c3MTWK;;ELco*SeHA=yrcw^m%eyHg$lfoNJB$wOBx=>we69qbmw2i4@y5k5T2jny++ODRa&%N=cPKo$$}_*m-J%Gu=zBE$iK;nsr`)U8tjW-fzkLBc zhcm{$GI%Uq;JR2SPWzrJ6L`lrhrO-1pW$2e&Shn6LfWRuh1nR~mf@C`#%}oqwqx`m zvabO2_$VkV23#8p;Mgddp)LY_-gS6-Sa&VXHC*Tg);kS;<7FUEzl*=HT-Ol>KEk(U z(L?R7T^{#J$}3oA^)l_ysMmR-l_u|YAzz`~q%Xl;h%NHRv<9?^sAiW^*Op*WRsBZKPj@u-(B)X;TeX<-R-0QtJwfHhXu`YcefJ>zLkrkYk_ic*e zx{*sh0Y4(mR2z@#7 zkb}@|iAK`v&b1kZ9DDO*mo`Mw^zQW&IFQ$Px#?qUafD3j{qqw~7h*e+W@CrlNlVc( zFXoAfy(bO_(t}&=v>&!>t>H{SUVqjCp!(Y}u6ggInR>N|@keEvhrSeQm80(NM5b9@ z^el!JSx(}*q*b?%V_I#;rmxWr#q^7IG`d2JW4csq!AUW~ed8LiPt`Fp{4RtcuNf!} zP=aURPwPWm9be0N#Nicm!YAB&3YsYsKGVVNV#xAoI>CmpowhS5VHH^Lbj9D&v)C`? zMDi0)d)E~2#~Z&pIGw}7UJ=QowZmPYEV&BVa*1Bj3C#nK1|V@6657gdOo!jcS4%1? zMR$NM8Qw>%T;6{u3p)8~9=si94fIWx9B!4E^ST3GPdXel$$2AgufYrhD1)!PJ zgak-wZJO%A?OG;_38zWyy?HcoBx$NPYaFx?hZ7q=0STC?vIbxrtcFE(qEK4w3gPka z{6{O8_2o1uF}n!qN}PSe`9{fZF$rS(h?jr2<#kewYa#&Cr5*hh8WzvMQK3t*FlMhy zZ{3|@y*J0bsl5xKfG;NBPx&7S^1@xhQa%bs%7e7WLq+=kR%>x4K6GxooZL0F9|Gr( zqfl<#Z`e*S_`c!a&2OEQ&T(O#sm$kxW0`3ekNGz({@C%4w%biX_lO??(!X@qwelCY zYu2j&IY;?hqNp}R>X5h5n8J=gu<-0Xr?h>iHS<<-9WAG&wM4H@kz zZvUs~s!In&&JVt*_)!Pnr4Nl&zwc}@C#C+1(&BP6U_tCV?)cA8caQz|?nxT1^cRmk zHU332)#2+TwB;Z_F8F(UBvW)GDONA+;#7$GtNsI3|J=Kji2vSw>LS6woj0buMmJ$AxL<1=L*#;&MlYM%aWPQm2bg@@HN@6WGZpo z>^UAfj(a%0Wr0zK#VjlE9{q_c?}wfc?v)WUQ?IVq#Wa;r7W-7Px+U}x0o=s?ry(RA z?H3iya^KzKi&5jxAIXf1eb;zLYwgmD8C$&y>t9Ur&Q=by7YS>056+pnn9ZMi)vAnq z$&{fIlRizNjAjEb`~^&AInWBTx@FS$i)u3f=SSr9eyY;yUy}5-kcgW z{aHH24(If8o7RmVsu5^Thqhc5+maOa$gsL=@*6M>ZSl5R*Skpan(U$23TD#TWCoF) zKVJo*rkch1J7AP550l&cG-O-s50SqWV8My2sjF2L`16AcYKGnCqJXV8Hhf=*)5yHW ziwzzi;euy%oTmp5G`Bza;(-jgSN{|>T|zmCAuu%%$#|pG%Ne_X&Pz#oo=a5GEi$;* z=WQg76(jTHy1L{nPauO47T2+7fOe_rt^vsT5}4L3au)tZi9GLbf_x{)BsoC222|7u z(n*~2>g!VU!ZZ>2I|4qtDN)YUCQx!0K%VX81uR4awCux~7SfYoPqT+tA~P2~%&2%CPy3jKUSeuCC_xv7YqH4LkolL9Wm_iOE=F9*;4Equmw<7EA@K}Q!8G1?`ff|1}uyTaNh?)e?%exfzK z;>h!RCUWDOoNME}OE=PQ%Kq%IL!+G!?bO*?5mOvhhnL!|U>Xz2573daEB{#G5p%|U z%gH9dMZ0Yg$uqXFqnAz*x6w@3OesTVIJGk!Y}Xo|QSvSBYlHp?Iwin5Uibp*$lZP=)6cJck$} zStwL~)YIgjidXQIUNOq_wXgw9C+_*1uz2S~Ti*KBmSNP>y#n@_ro?$i#M~(}Qx?+K z^4?`5mTBk~yWKq^Ep^q`KexZ-;^}94aT2zV8=}gNxO;Z@`m!qH_sk8(zlvUKefCJV zH$e$^13ZLKTCyci_s8Jdd6;t4GBK{=PAT|ny@K&cF?FsekKhK2NPX+k19e(RZwma3 z+yfrKVXKvqa^34uRw}@QMcaRh#rH$4R9|e~x$&Z@-L-fL1&6MX3;cuYbuj8jhp2L( z*f0&9!5evWo;S|;Rc-w)?ZfLv#ndb&bL-|Np@8vQSqMPr3r}6s^;b2PRfkIii|RPk zGPifVukORoIvEW_=tIs<*;(o1pk0a?aCH#5yj)gZ>)rBB1xSyy)(7sOy9~zsMDr{2 z!QBfo1iY+&H3ar*{7@%;K0fbB1j~|(VLX!w;UpCwCtU#)g)0?q{3*P^b_*L`lZD9> zce=gib*&qb{=dpMXJPD^xNh+5e8e_cr|Y@W=VT^Q z^b^7B$%ee3AlA2xYJ?Sv)vnhK$||2DT|p}2zEOfLhi6WOD1LoYAIy{)K9L2#dhv_} zZ8xc+9^wW)uuDwLa!xDHr~8vE}>n#UNKE!D{lqSEm~e} z?G6B*Rll=`p?~4NbM`&X3N-0^>=ghH1L5qwOId~{L7%sl-#qir@FzeI)p4PT{@VQ=Ao ziN}KZ6{y9LqP=t(x_P>ZNSjgQgB6q)-9>^&1;Fy<7{t%V^ z6dtSa-$fUF)kAq@`kBHw@Q(q`2r6yE8n*vrX@9LgC2rk*-z!Zs3;U3m&XmtNyZxum8io=~Xq7TtI(|QoreNBt-rH6g?C@nKWNBkBSBX zwguJDqZbK46rM*IV$bhw`{vb)yUuqCfzx@m<`R7&BtZa0aIZTD#Vb9+|AvPs=2|<6 zciWLbCmGKl^?KJr1Z!Iu5OSKmh~Sp13UCn4WyEak79h=Z@QasEhsvRe29=*QdCAS` z{GdHF8ta>TiNhDvhLDp6n>QpVM_jT$V6_*K{tzuFJf=kx!;j_KtFmCLm|p*&5?=Bo z|155Z)zp0pg6TDWwY=6U7vE<*6`iF>IK9{OS3i$2R}XHl^TIA^<0;$clB@^XKbTdh zq^LbBk_cF>ShFR#j|v;=_uF?GA}d9=JPgb-1H5tQGl^UwrBw9q6NOm7s_ppgR1AaR zNx!xruD)2#n%xkQ?ER&{G$~NozU!L2d|zosQ{Ok%MTH@f?34P*?}xWG zTiprRv$*G~h$=^g%1R8B&HHeM>_dh|E9WtSXsKp$@|S{M9h`f%uO{Y(C@;_Yw9(S( zykjxe#;j*DiV>x!T3)uI(onGpDqmIPx^7Yb1CLZbv!1`a$~%jj&&QeYtR|BuWm(Zg zTiOa4$Vzt9{AR#PmOHZR`IkfQGWm@(a#7r|dj%2PIKf5rB;OG``z-m!npqBV4!4nv z>9<_;_U{?D2dFsIkY%|>Q0J5~s}j7IUR7%<-PdyR{XEp?a!hiuCAZ56(*L8SGfs)* zHMDnSKJGn7eYF9%?!~?2C)+Lzm47&F7b{X`1mYds8z))rokeb}yXJ_ttJ!g}9AZW- z_M@xW-K`m7R}I9JMIyGVx34}CadAWzSrs6xacm>z=Z%DO>%AUwUUKbY-dlk@PJ{Fa z(+}=t@SFE+K}jpuIB1mv3HQ$L5F-jZgP&BV@vq_zCF7dL!154#aH`pL`H$zw$%-S& z58Lx-vE`2>SMkG>$b=(RWX=&Z1o)&?+A*AKgD zsZK6=_i%!78!f<8EP8?t_koTliJNbW3@4fM{?h0HT9y~b0lYCKl>8O zJTz&msN19w;f0j?`Z@x)74iWvTN5%n{lE?`c76aq*@f;yer?JFcjH^UeRJg{WZ&)2 zj~9TWO|&wfdW&7VTBCJ;1Kd5hs$NxkGD#vZfF=PJa3_9hAkf^t`%>&N=~$?@=(si+B?W-vVVh1dNOjX>7iMUQ{cMrE zikDZ;lf0Z^p6Zo?SXA{`JEq7Ek~RVZ$qFkeYbV>lA&V3On z$Pw3AI@qQdk^JKR-Q2BLnC^zDi8$u7N^|;oqV|9z$i-s0m zJKdMZBnKv<8RzkWw+Po>xu}vcm0VSb-0T!F57z9yk!C$lS9DGb$y7IvG@ zzc>qurn1br^V-nu;e(6m$VhH0%Yjm_bpRLNc;LByNG|?2D76hLIiOS&GwSBc4$W0d zAC+)8-nNmu=NQE0bc3_&B2JUjaxKLHPL(ery{9x#^3uAMOb45{7U(S7mPFsGn9RSj z!u%W;8}~O|KJY9_QTe&r=`+r@KP~M)F*bCc03Ez*XfKqw z>0hC^qxaC;{pWrh<3H^YDFNqE(GUd`uJ-~5HB8T4G(E8JNaF9&>22xgnaG;ISrB%w@LEH=)B-$RD5&R7LtKm zC$tNb6_NAKkPztu@dc&Di)kB7+_sF6CQ~xjkO5Ap-{t^ugZ!E9!4nhc-VoQy*k#X% zWWhVO(-7|3z6Zg0K_&X&W~%AxU#R(y25g(ivxfG`u4Ff_-NFn3VRX@L^q%t9u65IE z-$)r$hAo$+G8Zp+kJCu1D#aP|%}(IDfE(U+>;5`=I^Ec!w?B^DgOyVi zed0l7QUy<^^b0UmUD_M20s^DCm%e#yZE)wB>EHU*Vzp&WRzloL{S(uK4L#o)$Dy$3 ze$}Yhc>69SIk*sZ^XU8u7Rx2m>{oZJyxLJt_T*bz3&e4Jlzx#z0at{7P45*-SK2nO z;`o5V42HnZNDX5?7QDV;Xv1{}BH4xFKPy*9_}tj7Wt$H#q&gK<-Pbu?RR)#x_&@n& z=2|B&4{IjpIO-Di?& znoOUyE4scB5v$l$QW>w8>woi*=$Jh}fumOoT|oMdAPQlG(7{aPr^n^d{Xhj=+_cT$ zLN9JkAvae(Am7m(dkI;>=eA}*dY`_@!)gxwqF^ZU^JR4jAvgrF8`2V-Z0=7{d==MU zSaYb<$Dj3jd3?i@#nZ3ddK~k)u7vttGPDb5xAP_;;9WqjBblZv=RIzl87C+SEz-S< zCp1yb8f>fJ3qqt`OHMYC&fVMkxlfmwbvm))&h_QkesEj%0A|f9B|pcu$Z`gm%jZg8 z*CSM&Rau;D`VKdFYja(aWmPnfxmu*+$)`us3& zV$y@1(-HBjqVc70$-wK+`}5)1P5ZbHIb|A^6&9RcsA$#AT?lum%+D?T*uT?JA2ci%~v%3yEz zUW=%h^zHxa?kZ?721HMq4vNzK@i#!$Fh^6CP5SI1NBVuZHFPlOqqfA*xY4C<>da|L z%6%VpSvX^8z!th__m-a}c*e9b38B$f?0fnGOxb>7Wl`PF+;43`W<)*%}4KVHxNXuG){vh#kJ(J}YS#E0l(FaE3rcwqi-gCYcI zd-U1=o#{Os$>J8jXY5CP=Y0O;V>AD6u>Ph_?KgH!mP^jGL(kV(g`Ys#c5J>Mi>+xR zQoYSeLR8rFDt0vN-j!kS5$7EB8r8|w6Gr$j~$U5k_4C~lquk-aakd>>}?36*Q zHIqapJ>}B&E0R9uf8lWRy{Hh{EZ-IX^6v1CzPh8QKMB~Vud1~`c~#bK-65yZx;d*& zU+6E`u?$Y8H*#t3Ej$9xvRbN`#MkC$=Mw+gaSiZ(>t4{jp4P5yn z>t0KD9qFnH|3JvCt+S%#zF+9D-=3vcuox3Fy=vm7Ezn%1>H(uCqa7XO@ zu>-JgNv+Evs}<;$GTR^v+!XB(h7UB>HpP;e_ewxI^TX#O;F$JUMe=lIFwL??q9>Z^ z#vk-m=3n6GInYYmN1f*voMoBiQSgOu?r$dOq#$zB=r!&M{DRZH(v%QD|9>W5Gh962 z&p!)F?X=KEL?5K1sbIm3JX?{*c5)L*vP9)gJJoi8WY*D3b|SsP?sS~#b8i&B1dnURc=0|X`o%@Cn}v&xMn)tH>hKz^w?*^(d;QQ{ zvRbNUw*iFfSC`mmjo~h^nv@(CNna6a_j7wK+bFRdtb?<43~%F7%s0z5L7krEX#uke zW;ywhDY|Tt8i(XDR5MSB$`1eb#yK;QQ8COnXMZ(tF@c@ef8~+I*OPtaZzU2P_$HqK z6g<-TW|V43?a4j5mA1BKh24$171Rp84pc%f*-erO~3*Z<6LuzB(@$t37O z)F)r5=chW2t+@9%HrJT&G+y1^Ob}|VGA=1)q}xbePbTjKt&AhvQu!9)5`LZAV(|`{!@^*ICHdbp znkb`O8LCI+N&Z>dfrUgmvJh$k>`lDGFM@g9On*n3;CBMU5cN54G*{4_y!WxiQD3r$ zNgrj65JuP>Zplh?bAS!|DJ+Xwvcz>b0JLIf@Q?CK38ehF>wY5LI?DENjIsN*4>L^< zRCl(-9^_Fb1XbixY|}NbZuDc7ZiF?vk43tkHrIwT2WCB6h9Z>y$h!m@2rnm=GMCgs zE?FFW2CKaO76{3{(l+byl-c*lU+}LP`hcs+m#-5s6Zg2^=BDSe)Ta+Fd@F@+*h2{4 zXa;b=*(eKcz=>4*kt-fJn}PxSoYZ2A$UAw!o>JV&bgAg5yoD%MvU6LDV=gq_BNZNW zgQFQge?~`|l%vuOOn`YXt_q&Sb}SQnkad7E#BXJTui^DIc6>9CE;sYEHlT?b>@>K5 zD{5C2fk4WPZq}c=-O)n2E!#bvvES;hUUzzt;LZi?#b!jQN618y44T~XxtFnesAIyf z71uD+XQc9$2~=+S!1Iazm+1EnMP}`YsyGGbK7))1@>#Kh4Tt^{C-ZQhzK))nO7I?7OWCKa=faNW6>U!J|2wV#~4B&a_rp?pOQ^V0<s@_8AaH1S?>r4Odn zFjfE7^2>N!JK(doOnFF!^{W+Y885Oe8F_W=-5n03h|&NpL6-4z#@*aWw3l_!5Twh8 zj%)%VOc9-nYLj7#`nceLf;>5=Z#sGp_98cjh9+RLs+Doai8EFEgyWon|A7R7>x7G5 zwueX0Jv9CpKCrRxw;XtxYyKem1|<3FXkBZ|B)u$}evRBFY@ZjaaWfyQqLQ*aa$uC~ zwCS!nS;0-TQ~@Hv>^4|*RCYy`+8@MjrEa@Tdx$jSw>(T|jsWP9tBSTId=Wq=?xtpQS*0WnMpwrkm$VL1^ajOx}%ddmV-N=8Q;PYPI7d{zBjT|twnRWCU+UnrGSP>Sk#Ki_ zRQb)yc;N{2XP`Rn76(+u-$b!rMZ!5!FRtoCbku(!;>cZ*F|jY<(P5jm&F9NWxRmQG z=L|ntT{ze&b5>9|12TH|@KFY>mw0sS&<7i&BV;3m)qYC(<*79TwCp_abZJ3w?sH_| ziE6)J7z%8g<7-QyPf0vgP#E+UoHJZxrgO z#x19Non|R?^VHe;Y|#j2g+tNkAn*>Gx!iYCwhwPdCLTfFK-}2}yg5Bs_LZlT=0j^M zlLpXz>8lQh@|begNx2@dcayB`u3c$WkWp>Ct>DoPyKf;^x^Q^FR#tXEjN`COXg)=+ z+xk0puQihnyyJGF(-2n`3Nc_TI~6@B<2=oOi!S8*fK)ClsM+pjI_IfOiznaE_yNs^ z;&0x6Gc*41h{PuLMZJ#aX12tNy64<^S^!9)N#jZwINT%G5`eHreA{a{6h8CtPZj== zL?3YwfLJC&=w(A)l?eW;3JqF_{CE|q*F87hBnx)j&YKPq>G*5|58~w`!gt9-Y;e-f z6vM&>LRlagyfW*g|jpV=fptx1TeB3!gmbDFoj(719{)Jn$ndh;t(Y?t!b z;3r7VeW`WSvHp}R?(XH`{hh#pi3JoU0m zkD)iKN=uNjdB@(zn!+`K6Mh>TO!p+&k^Q3&0+}Y#TLftKeeJWogWyG$F|GY@`jBau zf&}jy^bLsM;I|)VgwGJi7w<$X4|O(pzh)ohIC0Dw?geKVmzGR3aQP5F_mc~Qm8Qk_ zTG;3pz$#}*JgcgG3yM9w9Ky46i`a}&MeN3V*1Kfu9(~UWty^Wkt&Rz=9}glHvpf%a zuQGhCE{<*mlw1TWJdDFrNjZs5Ebe(qu}pOypzA-CHy`D+j1sx`k4*ogB%kk0NlZCyEP+E~*mgMa9Ps@BOvEF~=8m*0E z&-J27jtSA0^g%bEiP&tzO%wrQ4UtRQGA0AWyn7N*)0_tdtS3suZC%AII4x;}wKM5P z7M<)6;inN`1=j|&g7%>NrAao|xLa6perH(^x#*P*s|F}5c|^|dDtWj(_hQX@c0{?J z6m4w#x``z*!JE6CRwc)j+|G(fyDzxh&p~G=u~v)adn@l0)Ga`%r*S3gTE=C%?_ym4g|p|-he~T5A(fl+Yn?>tAAd_i5x3w zDN(}>qNVwJ>{m(EIsr4m@>vxz8M|6RS?DFKI0~F33t8qY8*IiX?B7;2dVtFC$~WoZ zE$iAASM}M9L+BuNyR=M18rxU6L}G*OEW#L9dY^|%u#^_?-Q2XuxDbx(A-XlaZ4SQLyw`o*+u4!t%Vf6)41g{TT>0AAaE-E+U@2jM3`8K`l zBt$XiIs5r!X3b+BYc#W@gQ$SVQ4*%B{mb1$Bs)RPy}B+HSEF7WT5el$dd4h2m_E5! zaXGiRmX+d)Upz^c#p>mbiEI?(q?cc8IIlpUx2^1zxFL5t-2yMn7VPaB9_>2E9$Pzq zf%^&@cGW<#2UGR@~yv)BpzOY!z$vP$b}hR@3#bln`^xl{-{4O%c?RN3gt&3 z5_fw{^-E|>S!R3;k(54}tRKGhZUFA~__=$!#@e=9>+l_^V{4X2g=r>366a;#}fO z>nHws?gi%#vYx$m3)Y@s9_l5x5OYq12#KDn^^K+BbLP8js@_E=9Y#2@^?mi~$gjap z#ZK^x`C0b*)gsl;RbFz^t?)T<9B38pv~zwGR^-Z&4PmPA{R#|fyluRbD^lRmDJ9I& z!+@i-6m=weqbY3F!K$~s5K4G|_Sqhne7Q~9n`Z{St|XrgyRQdD0@U z-b^?Wxm)F^`Qvs<{DcY12D9Ek^o%TP)9oH^+9xoIG?z1*fxg9lF_M-8Sa+7?Hw~*# zGz`=4P^0OZSGjVWYOpPS<~<{I7^MuoA~_0v`lh^s4Er-4Og%9nji}ZA{WGe#?c)tr zlakeQ8(l0=;tpr7?IJB#x7rOY(gu2;DlbX*UV9NA${4)KmcY(y#W>6_jU)YnNPj14 za8%yaaI)Zj`S?h{6XnD%HwDQzym8?65&w=HMaR3ev8m8Nw}tT*jZ08qQP4Czd&J?^O_Zk4tN=B70}6A5R2~2KV~? zwp!sY>#H&-qK>>r=y>l{^VnpL4Wrz}c|3O&2`J98v$(b3$h}1FDmcYZc4UNiGgOFV z0HA?=AMp$1EKr$KEgv;1>d8^pKM{SOK@R7l&mqWM_%ZV0<9CPZ#(FtPqs)GYjpj(G z4>Y@uJ(FqiW682KAkI{oqVCS%_6v*Xw&{=ExQYmFQd2r7jVi{xOzogQ;^f^Aw;na2 zWYPNr!In*m1;dFFU>9b{Pf+{!?FJ7(y6V0R;+AFTr9HNFw?xE_lvLi6m00W~BUyN* zsW%N!w5{Kyg7K!JstV~?Tc&2@k)G_~p;{z(sRUR-TB9Q9>-`xRS$wQcz4A7EzJv?BLkrFTCE4`>_y{QpDPYe-f(;LBv_rJlCaHD1PRMA zLj+)BsY5J_{eUqdtM+vKlR2vtAD;ipT;L`1;?UO@h0ia`BNkjOlT;;2yub^tGQn00 zulQ$7rDJi9xqCjw%Wb&>9mqM{(K6QYIQfI0{qmt}W4#+G5LE#;t}p4KbEyY6ir@eI zNPYaYIm^2TclKO24YP!@+4{pehj^A)!S%u2qDYQC_p1QUz0Z4#;UM#GX>f-&i zjlS>6K~-@F!#=v$&XJjn2?Yf8l#ezGG4;AYqfYlj4tRC2OnZ>MO5zfF0>+Y`b0gn9 z>bxw!>DJiM&1WDeD8nL;Vti4_>v`IjiQZ0xqtOwEA_HbHD>o!uju8-k2Tvv3MDF)6 zPqXSp_QgkMnb}0bvaSYsAhPgU>$a_hpV$7oN>GjyEWBSVHCgidE)Cyv;F3|_rCx82 zrGoLWEx7eX7Rr5u>5Z=XplEUYknOs;;=Wep1K}$#y6Xwj&EnJw;NHObcx)+GDK76F zM);x*#A7+Y4Wr&n@?0@Z$Zrb0tzBE{r)|lgzGUk{F-im8o=?&6z=l=jeEw%o`}_Ov z{;<>R+Xr5EI9f^g&wSq1zOIRa?z6h*&3}$*mgYCOGr%u_=L+B5uO`iX`lJu3a<1<) z^est+?x)JSZfTJ04UUJRC#{@Wg6j)+m)T<+H+a45e*Xq21nmIjyjP2n(aN3BJC8Pr zvkz5W4enu{qx>QwN%A+$mSPDT^`-tLb^WVsk?3E?18_vaqmF(JQE~6wD{xG?w{ZW4 z#X|y>UR7Rd6=3I>w&kwLsu3o0yYRL|*#qOZ-xtHX!TOEk*(&xdkfIP^uYd^3Fxc&q zJC$)U_Q?QECbxq!;yfrSn3`_6f;ro#5!XgIoy--L?(X!#CKOWDLI#+!0#}}3`TINN zT&Jni&<_@k{Od$mk%e)>v$8bJy-(g7!4c>`YSqxC ztOSa1j%u1X`7aOJ!AS8xgcmw30pLz$_g)g3tkt^Y;MBTIR-L$%SyBA%Bgl>K?8w&y?HL}}m>N>DJ((Yh?!n|{ z#q5rgHi}QJ^2dNG#Orq`;V!1c&ONgM2HqdCk)d7dj?LZg-sdK@w)4<_ zx1!|^AIYWrW+EGvuEn_n)sRs!P2GECsy?1qM1C z0Zt9Kj2+UL2|WT2Bh6ShI8|GZcBJ3#ZDiA7*qR!Rdt^uI^)^!; z0lTr8oVScEI}aaLoI~C~HDIV$uzqku$yF{t%UA0*O_Z^LeV4XjDW$7!RJ%uc8JT8Y zXwDpd=?6VZD5ARkCOafQ_iwCB^39GZryoXLu+6;d#*=!_T}5+Q)%U))=cVh{{4C5V zq4=9?j*dQ=J6az`Q}lUDv`#2%E^OhLuV5mP5tm_kv$WY6*)<=)tRyVC=2EA?y{Y>B z{V9x}h;oKuz=|uD8L^im*`*n}upiLU*kWtvD^`!O>c!*j>KT}RdOAI;8aJ2NM?Zeg z&w?t(ksx`D6lxl9KXU!6tsnzr8@Lt!vH1fk47>={i8n8%u!iUDp4QR%G_T43+>UVh zcdH^ugtZq`-9F@_d~NfmXO0v5y6Sf^ANs;$Idy)6 z(H)?J?AvYLW9IeLF6uT`j8k$=;ib*`;TeM>x^?DrY|y*%?2lD{eDeglLDi6T4Zv0K zZ9^VaDUL@jzEK=ro@J*MS19R}v$RkwN6Uq)+DpC#ovjHl_83V^g_!hnE)pEy2Kp8b zjPBn98Nhy$tW7%Y@=h1|NZ}&&6i^v6@*NvL%-N$h!Q2VBXrl}NPATE$k^85vC2^-VfC(QO#`7IFE3bZ$Op*v0m`L&c~`dxK-=0u86FD8h;h?2@x zpk+*BCJ9vtBFByYN#|}v_{{~NA2D+4BMdfiUu3r)V7AYiDiF-Jq<8F|pYX?Dlf3q7 zM{fvdHK^62fhO^T=Gw`mhc=5_2zQyE7=DWVSn_+EoklKO*r!n&!_cPm^g6dxV zgF%4(fnm-jO!%@Mt3DIeg6a{O8$E#c7#rI7udD{9r-J7;->r*NsgXFKv`-Q5F1l8J z<-Dux=|%ylqx{{Vkuqv1H0UgD8xMJoGlF{(dZR8aaI1%*`KkA*uGK^#rXE$28^?SZ zu&}5~=0>IeX(=?p5nR=yplA24M|gi(xRdy#1=S(Ps5<=(fUTX+9(;;@&zyHaHmJSb znRjoUB)uxol5xmn&l%>;*_k;B&&K7OPw|TbrC5QTL3}!OK^oYNKeYgWJxjBP;Lz}( zZE+x(gPzqaQ13D9$_OQG2U-U%P}L{rJsVb(smDtCN+xFy=Y+T^3&fR45N~yD&2JM>uBvk1txO(srxg=M73ON6*C>_P=i?N*>0o13SY{gG$O9hp&e&br z`EBDLU`(pCbbI~9cbu5=D_~KLZ00_8!D2%3E%PuA z^(x?)I|8ZL5IVtQxMT^{QFv9luz%#SZ*YZWQinkUOsH0APw;oL{yt z&w<=5mS!_tTQm}vj)nPekUq+Jds{Q-3RUPPV==%b`?p3ZKS_RK*qbK(t%D@h3+!s^ zbq;vP%H50CjLBJ4w=^J1N>d!H0gGDR&ik zF_c$Tn?wFjfVoEei)!{^_odY=E(t)gK&nu@F7yNY0l0AGgCEB!ua|Ns1Ixf9&_-}dUy zJ9QCUb78{Fi$w2m+uQJVB$DauKOAFAziyZfg)j(?#Qg;zBp zydGHoGK>04Ftl(*@WE>ifMnt!?i}<0!a?zgsHL~i3fZCuV(TTq=HI$$5a^2A% z3w;4&IBj^X`t3W%vjXEbE>~=tGX*2`G$?1%CoD4=(s@fhI5sQA`<}@??i9d* z!@mup#oF3b%iyVUH$fi?;23g>a|fl5jnv>(N6j|r&=k8T^yWLaAA>UpPCLX_?n1MT zV&#F@W#N@P+Ul4rBZ6q;)5_dW24vaFgEzJ@Hc}}Sc*n@CCGMoE6aV43U^I%kW;?kI zqe~_pfW+2%Y^&miZ2HsdRKDh=E@|D_0Jqqx=anIsuiF}Juu>`$u7aMc1>+hkL$qy~ zmOWtMF10z3KNy5S{EfrISs*||UVd|`M{<*?RKzAww41Fpx0&3sDMVW>{qDXV!YK%D zui)mtKCwu`#BMR1K0`r`)8ZH|Ns5n|X;roOP>vIoQm>aie-UB8{sz0^t;3b!HoDm4 ztskqSpR3`cRUrOF?Z6$9*LIEku}#L{`uMP!l?+Cyw{))9+f?ax{pNG^ z1E{VDo;^>`gS1>9Zs_%gW#Xc$dtPrU^(>F(Up|y@B&`f0G;K>q?b2d#@?$>DVI6A9~U{cBb4E z>$n{}L8%}L4ybeWJG)zg4Dt40_ z4l>bW4f1klCSbombYIl+z#f?Iz>urLZ^lo!oYMMV*eYFJzH1f*$@~?K{8zFs+jqGw z_ufsrwBP;h%(S9m(mCznH=8aGWt=$0UCuBSsWR+MF83`)-&=|?yz^xu->HRY%yg2J zqnU^vodVHoKp3@VH&bGJYNsYe1r^M|Ei1y*7z$YqH6XmitUT2o$z8N;KMY$4Z2Hu} zaft-w$h%VP@2&@~p5t!Cd;IQv^BrROhuaSBec*iV8Bc!>_lUVsa>yR8P}YC8#rGex zxAE5UGi5FkBe4B3$|G(!_(yC4pL^M^|1I+Vg>`q`98{3q`gQEXneJ?zX%on|f|mW( zF3DQsKMWrH=jpnFgR_{?*&|N1VBP3{)xYquU0(FP?_#EGKG7NgGmVDnOj!Npszc@< zUKv;+O{lVw1k;RHRjmd}Lx)Ig__7_?Uc@D*rGt@_9Nyvk-F4()&bI@AQ?KEi<#kY& zBITEbcakEU*!H8=Y0GIWqPBtfb25+_>Z>XPO$M_??6Y z^KbK4TnHRw<(J4T4i@!2>*{~r`!|^7lU!JUJ3MiA0frcW&i4CeUuHSC~f}3&Io7pPnkVU}K zl>yOi@35V>M`ldN+r1m`GeDSf$2T8u$jR<~voC0xgQWd6zjPb8hAbhfs)y9*So`QI zV|DG)jPV)x-4BH24QI^uil}>RjqSpOpa$+Khr}Ab!->D;3^bVa0OjQ*;+TVb7WxQ;3P0M4jAnY?M5eZ;?2S?^$h)9aHG) zTh6J1WKMXj>ZD^MiXZ}7&Ze-ALSD2G^CL~9wcTGp;m3iLe+sGBp*PrkL0B|o z^$so|KzG@s+ST#JR4j62{v^YR$)cWy&do&tWj6cqb?hr2Q54W0>0-%s^;sB^()j!2 z^oI>8&h-`EPx8^q z^a9Hf8me$J*jg0acq(!7S|8F%u2>-fyK|du|2W$DtS>ja^Aq4$nfo@X$SLW>E#wU_ z!tZ%vF)4?<+igc6)$lCe!=*E>tHG_k>+0%pLNvt=VQiQmA8V?rDT!$aW%y;}0}rzz z!XML|azH5{2y2L)scdLsoSHQkC+D51I$${(sRjE;(DQ1d4*}8R0%_PLbPI0kt}2(( zgCDOfO1uC$F-okMangIPjB_5_{8e?8oQOpOg;>?YLTsf;7&qrU^vnn+jr!^=$s;rj zxIv7HnW!1msKUYs<6tBHx@x4bBls0cw;8gTdg8QOLRoFX;OkG}G9D(k1?{SJsQ0H{ zb#I|pf#NLGWDTln0^C zd3$c~3oCfSRAZ0TdqS6qy`v=Bcl2#1u@q<-7LhIfVD= zbHA~WIz4&FmAZR1hG|lheWPEN>DkLpXxx9@Jk#yxT%aDV@!1E^Tv^Y0_o!;JRec$|KUffg&ppzmj^HmpelZY4~jr%b8sv$QHmHSBg_#E!wr>X?;u3aP)}&0jNBz(v82Tu=-^kB`XTuqu zjq&BxF&Fj}kzVpSy(?kH+~F08!8vC#!8g%Nrr%J2f zmu(`-m-m{S3gf8QN6m1ZsD_ZuYUwLR`G;2U6Q*wW&AFF~-jsQtE#GE)QiR`haAfVHL;FXhp9TrEx##QO(+vVtE}^^Lp^ZLd{K*v* zUv2283?Szyh6y@y$5eb666$qE#(k#0N({?nrP@jnp1Fu|8^VU5;4e^F=h_OKC#-$tCmN7_2 zQiG!(ILD@uJ0O*({o)cXsdkZw!tq*ULB-FzkQQ15 z8+lcIMhutTqKJQ<0i)$kh`+}~KdyKIdY+b|4zq68yy}dV`Fb9xw7mJP5|7I}TO3T> zAuh%=r<7b47>Or*t^l8NyQxLoR8Bp0Z1wF)i-bFM3f%4Z_~@lzh2Gp(4_}?LH`%G~`9Y{S(cmhB0h|q(A0nwA`U36kJoK~L zU5PEg1~V#YsANvE-^&qD1=#P^xY*tWX3o?A$HC^Bhtq`PU^Ly7;viAOxR%B?Uin`2 zmagS$pT^iCYe}z2Q>>!TddAR)z7_oK-WuIHAnKa-Pkin#Y|A5$g_|YFiPbWTf#Jj& z4aM)Z?@y%V)$Bd5qv&*_GC7*fII;#>jbD}@lCGvxWzfHbpa zTh3gdCz7MzH;Xo`kuCV;a0d?#mKw#t?KwAwYu4p){B#;Ei0yyoR~cpaIl&%d^LDq7 zpbXiD!{cQK4=%RbtR{wlWp~~r%-0@5)c!IXB1e9I!}amW^7k<>QlkNrlVEez9r#K5 zF83wR!dok>IJ#4G9E&KO@-Oz{es%c?chy%#)HG-}dcb1+x}EfgR6N9<9y=0ChPY>& zN%S;mF)NBYH8Ga&Vbsc;V(fsa2oK5=Hef>KFqGRd#~<3WXUNjeD{$&z&z$E^}mY2fDMWxv_8yKm$=9xEfR* z{L24my!1yJqlK04JYwOF6@oQ6CP_diP9NIk6bBtg>ab9)Ob9U6D%>q1K25R@iAQpzzbA4tAd)i= zaJNfevOa$_Cit~+Y$qRW1!5hOi{vs{XvlP3!1sJ^w_99 zxE#T3O+?NfrJ!c*yD!xD<)4?z$LFB*5zpI7nYiG})Y{i=N?BwGQaGs>w zY^o%-QwwNI)XTGJV;8*?3R33U{L3i7TfiEuul*inpO~;cQ@9F$WnIn__4%BSeuO$a z1^Ee?{w0_0;($_>3)!6T#j)iI`R$4@e!|D)nF&FQ)%!uZ|3;K@1ZH9J9wUsqm$6p+ zFBWA)SgbqeL0I;mzwL3j^F_veDaE@txNmD*H|?R!Bvm;1xQgQeY4t~;$~97=NE^4Z z%X0e9EGSMlGpMp~_7q(%Cuz~njHP9K&z(HRxJxfN!(xY*%9C1%^{&r}05l7PTgC+( zyfCb^e)6&=ud?Ly{2M@S&Bfdjx_uTrq9*KnyMgP#leBNhH))bMW5ONyjQ>;-Egl%5+!f%BP!TVvr=zHC?T5^4U-OEhq^6&UdKRHtp7GIcquTPfPD+dw!yPeuv}LpF z_{};V3-$lXftc--*jN);o;v`QFlSz;l|RAsUays}W7LnX&uA#aZdgg9X<7hjKu#Dq z_YKU`50su*|4M5XwH>eMw`E)a10KhZ97uW;W1|)7bEXOF9+a&JNjGI4XJR;tkc$| zM?7&0y55^5gQ_dIFs##k^OiDS(Czonrl1I{!b*FG1XlN%{la-pGW1zucgga6ZQYUP z#|Viyw?ObZGU0CIz54J>JWMMB7v;T;M`B3H^r%QvQyhpQ{tkoI1m-*~RI=Z`Syp zckI*vWB4^B85c`66((^uv7=VKw&NjTgY)*db{0q*MFTJnI}{r?tx%bKbnt zGWmVr$7;Q+HjH%6aRR13*1odL+BuBlDY+jdd*unuY1p#6GefF{D@wcFd8IsyptauI zgOyBkXC9NzxZ-)~8}f@a4T$&ik#3wx@jFs>*+UBX*p4&dM90MryG+Y`k|LMxOp>xJINOFd*Ql5Z>hDs zKn!?FHV^(wE0N22ma~eDD_^Bc{fnY{Dd9kT9@>=~Do*=s^M4RsJiM0w%Q*$9791a$ z`S!PbLea>1EbAx1^uyLx>3520{yR5St4LbZWtsINEs#sw{7vxC|A%Dy+d(dPC3<~H z>-{URz~KUX72#c4KZnV!bAtu&IE^dajIX{y`;UnmG3G5uvtmwzT?VpJuKZmmk8P`o`FBR^Z8YwVH*p~wf{iRjif4m}QBU``k6V`ovmhelE zpAx1x`yk<;42X!}U4jjLQ5i4Pj^qPV9JSEk<8Mb(%}uOWzDYn<-nk=m#8@9Jb$HZsJ6B2Qv?-@;3DrvdhFixe zO&_v~u>}BK!>RP=TV`R_C_F;B3-XF*vu3wQ6Eone6+<%1c}RP zZM3!%8o&hoPnJXc_K^{lAA?1QmuuV4~rf4BDs(;Xzg|BV8h-hbDO8ZFzjaO{`ZS@VV2v&ti zZu{z~w68PZOJEVVaf6`Dm63o@C4@rNI_%un)}id4-H&b|49`fFCKFqTmPbceZfmAp zaJu^6fF$m&Hufpp)=B2cy*ZHuCRD;a2=``Ye^=qR$Gn1x@+}4w(^gW}_N)6MZ5;2E zAfx)NBCapQg7RH}K~2#vgXkv|Q7HY2`wePr0j3L`2Jl-7T3xkFK7%4*>fsCgG#YX1 zoqDpUgh*i6F%$g`e+||76qHvbzJqU<+tWSHv7fnVq1KChY0|QLZ<||T$vHFg8oe6g z^^G%ErSWxEqjq5;;SoFZ=RArP^HB!?ZETilGwwRMAz7WHFe^50l5-^!mjPWVh;TQ$KP1+OQ3HjlKnWKFAz&D+9b#h^kqLGLhC#QcZ`Gd+A*hpm@+ZG!6fMJ5X>(969-5Qhdzai==90)_g4cDN*ib`k3# zQN0}g}ne}fe2clU>=V~gd!Rh7bq8Zd!)e` zazN+=_tEcNhV}%PY~{p78J58c_GxL0I=C=>Q&hc%ZtA&Qdi`(q#_cJxe;d&2!Q)k- z^v^C*fz==)M~XV7g)OhyD{P7gzB>O%);}-{b1+(3RP$WU?hlca0~hXFz};9c(4vxI zD+xB-3S_t0;rr@e)W5V#ouwC>K_W(lPLbHpW~r@`;RgO8b0j9qYaaW#zUP2l9asgK z0Zi2v@C!;3nZ{PFkI+Bp+zvRwjfsk)3&mJY4f{Si^A}gsI8eLlps>QJE2*od_f1n;j=;o&dm5x0o*-{-!UChEp&dB$rs z_%$nF(bw-mh-6N%ajC!`oprvi&)@ehdfB_u8sn4ef2s&4k{Z?ZIu{qdvl=nCSKyN$ zZXdC&!j))smGP!;p_jSA_lTQsdeM8~gf`Ym$4c46;dgosJa6D8#gkmCcJRWW#5#3< z&f?0;465b~xx%&MalS2?#%-Xg_9L4~jH-YRuwt9y$PEe35tq}t8@UA`0#_M-cDHIE zQYlHKdz#hd-B}+;4#o6Xui~!)+QTQ8P)I<3t08{xIbT*SY(r=cv(QnB>IkPL)m2AD zmLwCCU!PB+iHQJ>T9_Bo^MBS5&oc&@X_QXJh?iSq&g1zCesLb&pHpIXeV1|H!VSYy z&$fa&I>e)2$c43-=nX>W$QwSZ4-NS|eyh6DP@XuwPax(YVQomcXLfaeRqd(wLc5~M zy$jFfkoh+`LfWi0ss;WwWK}|KI$DR&+EKo*Ht_D=7uXw7!(`ja>3!~%jfHys?@RO1 zXZzf&*8nBOh{pRdFFvq>mmB0=ov+MgTzrSFq+6UuZnD+(y4_e!W|d#UMx|zA5|JsA z$Z?GwBYYS1QRC)@2QN>rE@|fx`(64hNmX|*)SBO5QG4dpoG%T0ws-gIpj-BG-*fYT zVD*igmQ1U`4sI0bn&2lZ)Ga_FHKrc*o?r?`z@bET}~IZ`*9NQSgk);oM4> zG{3_u+kloPtEICnL|MivEj-c4PacnK1oVd&*NvZQRL&cpi*cu_a0eUOvE9R%SAjml z|E#aOyZLR(uf*&3l>&q8(}M@pxtKZW?EVenjySU2LIA^!STD6=KD&G4uRA z0fW^NU2*+@o`)LRgN=EkN?DQ5(-Ywd*=0XCVMm0Xjz58{k2jBHT~eu;X*Gl_s!Uz8T`=!e8J9oLOF8*26`WmKgmgJ0OToI&+F)j!^Su=?c7 zLIzW-BwDg`BCH@dOt2BlSX{N6G+@rNG13$a^(GA}yriHkBm8oj9LGU^Ty;1HH1ji| zHsMaz&8H7(F8Hy;gB3&t-y5B|%bph!P~&v@nF+7kwS~|kSJ~Ys9hC%hbR>~DDFDms zEVoyW`3I|%%feTHWI#R-jhMCV+t^PEvUpKkYy26X0lp)xLN^Mzl` zP>MaM2e6Y zYHAuhh^kk(-b zFmCL0Gm6N0*-TgB?hOJ0*Z&n^|Jw5Y-soKheUCV5eYl-lj4lkyNohY`Rmt%ubXDqh z2L=YzxXc}PyD+)vq3$WKwAxl8+~-asG)-@V%OsbG)ApWjr@I%6Md zoi5bsuxbl#-d~^~x=Tn+2)pEeEbG%nj^sMph2dS5r4h-F@k5_+;(1>(;F_L1BWXYiMH}_LV%D0Ie{<`+}W%?sgPzm%u;$Dd{ z+7M7m4?9iGIHhK**{!~Q(f6&x-rlbt=ov>Vb<5z;sQPzkT-Q-x@{nNQK6t!qID+TZ zm!Wxzk5JkTI(z5^4d&1kCw9fn>{}&G$&uNSvu&nlU;Blq2Xw3J?&k`rr9Tx>Zw&Rd zbr`TrF3h|ST3buEI(`HmbKri6XH6G<@0DDcMbh5ljIzQR4)@Y74P7Wc4ENn9aU6Xd z$S1gWjH8NPm#a+QhaF-6J&w}-yvlxf0wx;Yl1UJY+x%LyK}HvLq}5 z?Em}7eSc%sY{wC+U0_^Q7;%HZeayq%bb*7e4|TfMZ2fQSun6_9KJc>a>YkZzLNcy> zdo{>%SiaeH%dGpCPb~;*G&W01mm`^*xc`2x+){O+Bf(NR?t$&*o`ByE{htXM5ATd> zwrWXb`<>NhD`C+{4H`4PC>=9;j^_tv-lZuQKtzN z+KYWyK=s)8$zScC*(fiDW0mTZy^n!yNfOV^i}=oU?%n=~8f1sEsz~g{>Dxv9#@<>7 z)2g?yY9`f_x$@R|64=;TD2=3$1?oyl4!cN@=1 zUb%3j1_@^gI~wy#;(Kon*AryrUmRj8cF%qEbU91j&uN6q)p6#DE!wro3Lb zR-aiBrtn(~F8B;RmR69!dm8U%6Z7R$~Ac!GSt1qIs?J&(DyU4)0r@)Zte_jG zHT9x2*G4nE!7HEUU4s~R7xjJJSDW7aXl5Jp$O`zCNZB?&wD)OpnJyFO3rZ`EZ(rCw zd!zp`SAj0?s=y^=0Cz7P7y>_%s{2Gxq52|)9>LgWpR`;zJx2tXbm-9xskLKHQ}Vr+ zk&%c%V$_MVt7}6TTR2OeTN#8?Ih~3_neQ=ykim-jl!D8napB9VhopO$)rG^H+(LX9 zg%k&P!|VZV?+`|Z<;2OF(({UCJF&!;_K&CZthCc4>5*_}mg}zH)-IgDz$jtEhvNpf z&Wh7(EO06PFFbOCT&X2)S(`Q#&sh;YP8qRmq!0@;(z}!5C!K8HW`HHMy7!f1w=(^R zpu1Fr&YiNnV8DMIC}|2ZWd+MW9bfKO;YT-74&k>#Ce`qG8t!{)w<~D`MR9L zCm7a$W1G5=`H_EWKHr({?N@4rd4r02x0x$319l;gN;-3ta$Zx(uT3Hzy?FO<CWRoI_@a83|D#Age9?z;fF$`*Y>u0#Z`_Lhe8ocAGrC9QG}iI_I{i$ zs^hd~M=kouoGi?v!Cl7`({soI6XSiwMfqw#uKfXND=js81o>w<=qr)k?7xfi0Bx2l&lYzua2X>RCNo>}cQT~Ofzk2cvAT}SqQvSS(YOXfm(9Qpk72o@aX=eNK& z)4sblYI*KVX#Bq0ArB2$7kUef9mze+bqDt|FZx^$e}z84Sy~}1;Q7k^U5;UUIVl~` zKCHgBi*Tx5zHA0L) z$_PCKY)m2zO8tGFma|mKPc`)SX|8Hqq&@-en5GH@RT`(*WFCy37uCE|ITdgKXCjg*9Wj)?DJuGTwv2@1^(^ zw_jzb;C5|8`yKXnXWW(tjIXmM?9SIfrb`F-1u&Mb%^E4t`Z|NPb7_#-I!*)TR*v=S zVv!CJe1vo)DG%7GNnk0*T)3t)KoqfPvHcq^jBM}~iT2AC?#Kl@psOsa zM8iIZl_yT4;%1CN4-XCj7IxGXEEIh{IP-L`Yu7&u-G9~gzNi3B=W$t4s9B1GdgdJ| z0keV=#kw)QVjC~mYH6S7nU`aa`TVh=J-+)T=koUt34L5)Ng7d3r17?+I#XobF0-;S z#MdvQK5(j(Gt@i2At;@DX^PvEG1bUZD6x1Mut50FhRX=Q1US`jqR5RERh>=-wwt#G zT`j5!E=A;+wqy_OsLk>XJ#4f|xeBGUFz3=R)jNkgssfL0RMaKW;TDJhCp`olRlWT- zU^}zH9>{>DCEYV%*azJ`x8V8MNgoM+R{06!m2-fpxwx+nd74ws_`2@52pN9^PEQta zQm>+N)T8HW%24Y>=l!o?UR6t}ElTaMLW8wU&0nRC5N47US$b(MlZW;Lf$?&#Y$?Se zEvxOWv->~npxxD{Y^)#QvdZPsgvl>f*PP#Q>O68C&trtrf>>P`ao`j2?(1%*2lEIs zrH9yFq*%V5vJ?`6GugAPFF2%P-$H0W{7JA1DTdusaz$Z0%vorfL=Wb*x_Y!DPvx^- z>GVOPTN=HAw8+Kw!-&`xlQy~Ko2Q&43tQ{Mzr^TbQzWXL%2HDgT`(Q**2c2J}XQ+?^H<4;2a0aNILO! zrCLRzfaI?LXnE+FoU6ut!GL%4up{-B(Zd9Thp*pZ#s=dD7fx9B1>U_Orq$|cOe@x( zndhB)`Y0IbOZ!ABHg8-u9yoB+`BNkF6JMsE>pde@=gbX?VM8UC zMKGw-`(_8S(Twr!1`m?GJ~3j|w0FX7x%PS73(gc5!?nj5U2A(SJA zBFYRgg)9=OlD#cM+&2>iUs^Z+hFnSajX$=2mbj5MDPY0R``0X=zxn#!S`q2Ox^=w9 zf~7v!1I^U2!gR|uC+k4TwEj4`2wNMxAX%rb)e5+QOXl>caPs>2!Iwvq3#C=hR-w=iW zWeJOXDnaPm8ri}%fB#oJ{Qm+RQsw2%vs}%WdB@^M0MT`XPJAOSO~C-p!~UWM(vnCh z5WUn75w0a{XHt1~#p=_-7D&!qvcCHAO$qMny?6Nj^Jd#){Lc#GqC&+Z#ck0U&rc2) zy9>%cJj9KQFML2tqJ8DP_bV^?xgKNeVE11*oyq+4SYVH=VWY0umfh}oqcV%zJzYY; zyUv5;tcuNSKIE^U1V8BdT+`;NB(y*s+_>O*_nmwXVlU4f*3PP^~`P z%~f><(??8}Nym>95d{F|98hZ7)O{Ys(sC`ttq=Vc40bk;KPkj5*4mFs$mHM)5uH!gP_AA;vS(y%@!dhV& z^Hmy)lru;oyAyJU=}6znxJr=$dcP@tg`)M1@2#!|JN-3v$7+4n`w+y$E)5K zp?o~;OFD1gj8sR&s_%Wsf+sG|zp#0qGMCumuk`8l*jT%nU5G{_SS91&oXCL73|j|C zXV55;C#Dp3VSg8;UD6|-P1X>*4BUcncAU`==VlUfU4r}OAPe7Ro7m$#@nAXu`I+2t zeKC)%`_>-yoUUdth013=V@j3xfeEymqvyx4dZ5JFn266YR(t6{aXbZUk&RZKXIp?@ zEgCak&t|>G&6bXF(T}mE)X|ZmuSn4$dbWW7Ls?$XpBj0#O?K@@nq<@9{Z085*CgmQ`QO3PEk2bN@;VX^NX z;HVDqy;n0)?p6ixZih@=4?+0En#tYwA=HS(V{ApndCb_^x}SPVbSMQo3LT?WDmGIT z7GfqW??CdPM+9b zM&{)K4OzT~V&t~}XIK6}PFsqJF+xT(-3!I$M!^_$QOZuyEudB z6Yrkcr$i%r&r%a-awL4nOTL$iA#$E9?F1jTd;;!19X+VbLATOgJ?{S#Kp%t=M;2zv z+>K6L2sUJ{PB;pI+#rN{gMO2eGkakn;;gD`$XY9GJVh%|?$wd75y7V^_a^7*Q@0UN1-W0jyhZWfLI*sDyp%psz; zceWRvyu$Q_7la01yHw8_NqB@eVWehz?7)wC-$hZw_C(*0?6#ajRoc4850 zgrD{~-!YZlNTlsB+nq(AK1~#4KSc(UAA&BfKK6Qr)9X#|i=JOF5dM35?}tvP?B>d? zv^=-qTE%;eeobXj^03CCL)1J|YIRDA&w#$8vx`7N4~#TkT!eot8N0MCJtDDLQo^c6 zdS|XHm21q4?QW+mX>Zu9eema&WVWt&7|s6+_}=CDu$a678gKB!W8IiOZNm}u!6^=( z;ad5AST=if##Q62U!g^-7#B^EHhYSvNW(b^b(FbEjpZ*7BFu^fJc|_`avpwhYC!7f z92TcplI{R<6@k|J_0FOPoo6B#-+W1LR(1ZYK{tWg5gCySLYgbw@c}-!@Ua<4xxMbT z*_GFhAhND*KTWd`*(F%Je6I^rCzdrClWSjqGqys40yH^Ucx%@)^q*-qUDoOHc}i1K zLOi3DDo>2b0tD3Jr&sQf94t=G9GnhcA6GH#EnbUjk6>mk?sI!1Av65u#_H+VQP5P_ znvdXu0z(0&{*>|_F~C{-@EWL|6&&0W5z~uJfCnN!;2Jl`2%i_^iKpnU)bc?4qsYLU zE9=`Q^nuswzqgI#w=H#ul!3MgzJZkl8(CQV)7Z0XnhpOKjNZcc+1=HS?! zsrMmVcB`GhoBs_-|CZ^eID{UR4YgKPB-DPpwmaO_d9JjjAmYU@9D;rujeXnl4RgwI zw?yuE|MxZ~!jb|#2hD7GNX;>JKr@NWCoN}#-*m`EMTZZ{!H0 z^nL9XjEvl4#mHzbda)>6c(!M5t4(ggl>lFQ{EEzU&?GVJTKQw;AD8}^_zOUs4NR^k z+vR@$KBOcB*AQd8C8H(n+KXT%;2LGv+p@tI81s;G;Bo~8jKzeRr)s?iW_*x3fp@0& zgTWQdVtP1jEOG}pjOUMEeaL6TcXU!Vs3y%Ui*d%818ov;b$T##xs_@u@WL4{yz6oO<83A$_;uPVUWVm__o%qo>f**PN0V)4h#elt9K`$KKp(}GFvNeuuXa`$342;w zZv#svhX3^VVqJ-Ba~!aKM2#(fS{G@OG&D;|F28xFLlochQ)5=g9`=O^mRpq66xX`x z!8(b@jyWmi1oy8|1Ea+%Otvu#+HpS2?)MIW`EZCfrD@QZi9JhS6>pX4{AeLL(2%QVzOdpobOpy?3Yidv0`%q@$FJ`Mgk^%r1UH1W*7_5+k)b= zk>5&c)?QF9(?V2BT?9VfQ-1LUK~?>jI3P8pWC7c^o;h`i8u7&q^j)1fooB|p#<~c- zQ+om7&U|1!42zg}-#~34Ve91bp>Lq&@TT)MM4-DZT^r*{i}?<47bMRxQ`htF0g^p# z)`ya{=ZQLh%>4aO9H9CWkDqC?QLgmg$yL5;Cv<6FedM?HMlTmti9@2oi*Alfm$!3| z#$;3^Uu>6hKd>f16YhZI(478*AofpKy4ze}l_6aRH$jM8c!}}^^c`~NvXpDa(pQQw z-XvEcsm1-rn<%8qHse21)w~XX*%H<6+#$EOfGu9lV z(k4yiOilJlBCD(yW4WJA8w%V&7Bdam>Ts=ryvAk#^cgf*uYRj;M(LZ4WeT{Bl@yVB zsqmX6sHaGaQuI0YH>FIIKFDiYBBk%dDp7`dA((*2HAwl?8YF{CvPRh7N|RiE1g(GC zgdJ*UB{kF6KN>^l?0fPjO|TChO<0aQE7G%Qyxi){0gT(|`7RS1DT>)GgR2FT4%~zT>|Tr0FoK0KJ?{CNpdrnox^<2iT$T5Z7b5dbYT z{wmTKYZYi`uh(KT0?opj63ftEu@kN6A#Cw1nu6^I$4>}qS}{itWSYkSK9BA<{{b6R zEYw(`PMv&zT<0eC_YY*8ekLf%_;fW%>&mu#n-K*JZreFZgH1)gFy-oxJRBX`N^XO% z%mn5j0(FUb++=fhTHQ{RbM#YivG)zYd=isuHZr@#jB*oxu4M~)7^94%4bE70`+vf= zp1BOFhuE*+X5(lvigGrKIOj zRbVm{37+q&4j$=LZi&w-zp2dJGNKWv|8p^T=xpeFJlp1Ws-Q?CwUO!Emen{#*1>vh z(HUrA@vWJyj4d}eR>Jj|7>S#D-{<2Itf73e^9p%phH^XdqA=e28(T*d zxsO$bDV~K*V#(IPp^Uy)?)P=rC3}YtDiO3^IYe>)hg;yF@i)~XU=Mdv+OE+^;K||g zQjRILVTj9J$@BT}^kEp|T+OZRd&i2GVnjfEEi>BNcT=uDGTOEiXS@4U1I#FfxlG<* zArK;o_~UM8XWIeTU?il$I`VofkmWzcq6uUX__SojoQ^203M$%Hs6{CkZ+C=yUS zivN6skRNcxDzaMaJcHhke2AF&kRR~@T7joxr-L2wo7}OM+3LAxrP3VbX!CQ zc5`?(JWlFDkKFj4p&Fse3Fcj|m$B`x!_l9A9eo-hqrDBwtGW)J?Mhl#VZ}L!`i46G z6$wsq%=?lsKoC}%)Oep}P(jmuKBPSK zSYyia_i_FeX9`w#M0i>5-wGpoN^VZtBIT5_*d?&SXC@ol$_yCwRnbrHQg~(| za?4Er6HuwJK{T;&omGmP5x-$MKLijA+}g+2h;^8O851W+G1I_ymDrWU!bCDnx{&+e zph0X-k^1BLa)x_)N1pv);Etd(CVx)G#=(obWp}&4-pH=v`TM|dKuHCa_bOzsy0>GY zfr|b8H1lat?Wzq6e9nADh_wIDA^h{&_Xt1={FGzM*3}xZK!yHxvM@(r_b;A;Q?tVo z9_JQ;&56D?u!_&FMJ|B;7^Q7wXvD?)s-a~3mDZb!fLK{0<-6I)sf`cL(FI>YiV>|x z1psc2=)DJ*|JVXsI8a~jn+!2ZH5-x6rT$OXH71aYEOq)Vpi!jBxaF)Di31l~#d5oh zEt=pX*LWYGCgrRyx6xA2*F>ZT)ZtAX!di-qXolqHUG_&_hi zZ*#S?sa-5xs1s?C@guuwGLJMd@#F zkbDDyJ!i7Q-Pp0ikp$k%I@mSn0S+!qVZy?|j@9diYs<6=%Ai<9zx?%!>fXNBGJ#jt zY}Pfp)yoQBaLxL;1)>8q6eUaF03lHG`q=sXtVpr#|7X2`OvaH;jMZi>3?F&ru(oTP z^M9F4M3J5nEXtJwRI2R>Dw+#P*+*_n^>{bK@$t}&GkO*S2-Sm6@euQFgPjg7Y4b1Z zjPa22cs>G2!`@HN*Ng>F9nNi19YO;h$`9YDg67uhN7r||sY zMJ$<;6H>>}9IynQk&$g+0xBk<@xTbND=o(!Uk79hUy<62^1-+Weyhmc*y4+E zEp<=U-aSYMYyXgV$@yueYI_KM#Gtna8SnEMJDjs-x(#^;ggZ2YE`d&AGXzTQqhHTt zkqe_UWIc|Oc}l#kmp<8mY|>s`f-}nx2!z6>64I$W=*@6OF#YNsb=%;aKd}i5S9K#R@UP#d6m-Q5V@9pQyHB<#sy~p->!H2_T>>q z;co1ZauW|SUdNlw9!m2&iByOGJeuBcHmnGsoFHv2kR_-_UC>+DU=+1HBAT|=j@QJo z65vB0wHaO#S{cj7PlU?;b*Sv@lsNXLn5SIWA%M7g*V#{RurvurqLV&p}4xb$dbcna-h<#G>x|cXxM@- z3fj|{{BbeQX!J2&dBJ*_Z3A~>a~HFo_EgNDPRMDzo8kIDD{Y zTYjIArkiV?)qR?rB*BafD%^aK(D+D%qtw$d-S6Zp4=t_fdZbp{PHJhv?~XRiE7t~R z*D(bic*0*qP7{^-!f7dsDl3tevgfuU!rZSRWKcHH4`?#+D%=5p-ITi_X##Rr?zmrO zJh_!3wE7;>-v~1XHu??vJ&m%tCI%hRyC%O0zCBvJLy2Tu?>~j+$_@MdPX2HGeysJr z(8{Gs(9j|TvM+8AZqx zHgSt=k{?)l{2Ib(+ByfB`n~WToU-n#Pwk-056w7xE$~r0$AgerDT+m09KX(EgDMaV zr!{*(ugc1Y<}xZI-)U@jE@t1~;u8laar+JOC?}LVA1RWc}uogoyGJBm?-{!{a)@2qa79=tqJHbg+<_cS@H+^^#o)a2#zsBq?K zKTd$^o_=?S_)uqzITUPWV8TyOf;zMvD!hweCN(<2B7H)zSZP|_P19X$e)M*27 zMg%w|%6aJFdt*8g#@fO%mV+PNE4@^NZTf2C zkxVrB>CwG(W})*cyL|u{-R-S@N%SGKmqmCAmJ%(gVHF*rQMEtPfUVdiZ+xv8I)WGZZZiTeJsS= zLnvi-Y5|wCUeIx@E^i>ch_y;_^*cgB{{-c*7HI|TQ!&%?WD4!Vu7AJ`HB!8G%Oa_H znI?;KY=C)7uIGlbQ;-ORXb!9)qYJ2-9Qlh$V?jd8vNC(>*K!vdL(q=MFjk34Idu?I zGv42ie6${;ZVr&KdC79PeeGiDkaFQca9q;xhg*KpiQSCyEA;N% zR0wlt90IY*y3qnSS-z&8!(L@~-z^FVdFJ|oxH2P#hy64udDKx`7XJ6Oc`xiP?C4b2 z{#AJ+!2kozWQ!tIO{xt9vaPytq=Cp)%qTN{aX+(o9#&8o3MEl`m4oebhwF6cNjJ%w zGz*0}cHv4NO_@U|C*(Pj{>3{Y;#R6D2g-^LXX@+Hs*?x6IP{>NBQK*g8S8X z`6jOZ&sjd`30B9+UG|3;z0weaiwd)b)B7E7Y|tl2mN{%w+I}IB+MfL~mk&_-8lO*4 zz11~twfP*Ecsp;!9^`Qygp>jW@WiU28RkQ5GY<|m!`{v^bWh86jH=fj`5iq1thu#R zDA-ASV#g%zJ3g{dF*^5s&{_kLl`6_58B$2_239gDR)Fz1rGQ5}uR{m7x*SA)NUm87 z;Rji}ef0Ujyyu=IvP9;N{@A4PlQNWX3_YC%Ko9u_={EfUVHB+p`)0BQe*4(2q#|gg zBYl)MjGXp2CkQY>YhO$BX{{rrrRvT^BW4yWvzJJayN+5&7DLXdHmR%=GN1^?F28*o z6E?S>(`$?tW3a*o#VmuVOMZ8f)QchECQAZj9$87%*9WcRL5UO8W$et@%NU90G>IeWJuB6YKHW$O#^u?@x;tMU8KFhwy^(Vi< z4-%CowRkQ#ED+kb9PG}T2m)9%@7X1=je|V&RBYU5PExav`dv$DF@Ck{iI+U>87)QZ zj}Sflc!NM1EzYTTm2qBR-Qob!UIKgV=tF6^E05fsn&rK>j#DZkqr#V4LZLr$bVEpz z*_>XQgI>E~94BN{6sd>G-}`T6*i(!t0u+Tw5(Vf%_S|r&jJ0I%S!>F@Hkvf2v6y2} zUiajaHF#(0x~Zq+nsfX#t`!ElFg7don3vW=sZpYzS9WB)W=g4l!&1I2>8g9xM#R{O zFRo?J#DlQie(T>7em1%eG-)<@5o%3ASOD2v6ZSP4kAK-wo487YmmDC(OihfYc9shW6aG zvhBZApt{;XZDCt-zsJzIyoC#%ebApMhZZS1bD^ZSu9G*9)_rWUsX3gEIL8mtKzxM} z?l$j(SDo_!H4ww6zMO;B$}*~c(I&QV?{^yE;{0wjI?m)EJo<50V0f}C4H3=1%IjY? zI>x01r`Sa_4F2rXK#!pIH7c*UgJ#g+%d!OQVPvd(&?7HiF%;Eb)aI5g$G@MKC&O(! zlHtM;A-4LY{`yTY6Y z^a#WT)+&IG>=D}FQ!ruZnZ3!+E`CsvL|z`Z?y~H2Q$jBA2K-L0e*NsJ4U$8zo&QDo z3GQ~~S0V&9U1NfXcHYJmb(iv57Dd>4OP;xD_diu><MV=H?U^JdfFA@fS0Q0YESnQ#%Zn|HlpE0*3ajT%X7Tw(i+%j4LvnkPKCWvs zTb;RzZh*#t2<#93Bf}XxqNe-_HbAfzTrS-0vQ({T}vh1tKOg3V)Wg1$H zR`Fl^a;Ne!OPEHdU0UXl`PoeEYbH_CF&^M1d?_cOh*PxskrXat_d|GS?Jpimk?L+) z5BW^bj1(Jy1ewlIx;PXJvi+XTnqC=%R zQ?5`@Lf6~|_0!pC)afcaB=yL6M}N$ZMyk*Aj^>*z#k5T#L7r;_0oT=#lp)!Y(iV^2Kg7QaBHu8o*8OH0{-w4+Rc*=x<|m`GY__8CLLE&Wk|&LHQ2LNn#7 zx?%Y&3ZmH&Z5ITPG92jF;DlMr!8A zxiwQAyfju!d%aW*em`ioDF|WUIsQx2H{Xg&nz!)yt++f3-s==l`HhFqw9|>BPI^K7 z!O1F{z+UO?LqF5hOt)q9W5N~0wA5`){0Mbtk{k*sE!WOOhVIvg5s;}sYvMtTlXu7L z83dfVSG{o#6NBimXTZoofl-R+#R-tFsSpn@XFJ5eUg$w>m_u!vT>>+9MS04cgwE*T zV>Jnrph)jfVks}9$EWBC`2Cb|kB#|BZR}{%W zt5EqCLsa@^j$w6^Xq9^LNIX1y5Vs1yJ(|%6f$Mm^$Q=MBT^jRcEiu-p+4Iws4+_vv za6IhdsTxf~XgYFb^Z!EU5p*iT zAs3N)@F3xqKxFcJU5m?DdWq3heWr8}*wfn)PJaql3J}vc?i8%=d{Sbv6v>Rq=414; z4lO#&Ao4InvM?=OM0BG3t@oTIJ)qa!fNnjVE5FM>jb@;bwU_lNDitaPdF+T@7Z8!Fs z;or4Z^J-Pgc|545Ui|t9Q$EM* zvL;<6TbnGcl(OicD7>P(#uIKmvRmW6{$H1ffc*%UIA&9EGEsX!!op0kPC)ld@BG%Z z>sye<6wx&v9rMAjzIHr+qxY?LBV2Wa)1wW#hnL*D4XSNVW8*Ib)kQy@HC~hF zz4uP_o3k9D8nPBFi*ylV{B=pp~WihYm$7A4hB* zVRb*)wtpF{%72S*8`IIGC`)jV!tG=`PzceOkp2wf-dM-mhP5t5<{~F-(bLO(8J)6odwzv;;9%#ebAuJU!o)}sP34wi zW%hysVunLD9{xQy1v*gD4U?;9+}zF+Wz_XY$Ja@Y7m=w-YeIj{$w9{ruB6X?!|^M5 zNaDBVEY*ncwqK}8!3#+D*J1G1s4m!L9f2x8ecI(Ie~*wVL!ccsK+iypK0AUtRlz)> zK}w)%3t8y_Ak)7$rQJ<{P6BW#-=F;&w@s*EY)tYs{>trJ&k-}1ukf>nXMTQQYe zE7}mN+`2F`vr=aaFf2h!%Jc-ds_ey)_Tq$#%m;Nnhen}mAH70yGf;iu^c)FLHPR~t zx8lA4%|rmy{EtPqcA_2u25&6}CLvoSvOLb5VtzTS#L{IgL&tCCTy8mW#_ zs-dp%Cv2(u-O_oW7#U$a!hZxS6*n5ES~_5lp<3c6ke=q(u^s&P~zSz zz?n((^|G()AYe(dirk>IB(9mS?Ztgl&0YFB5r>aH(Yh!{sBxCWX+7ZjJzgo1k(5Wa zkXcFLmkN5vIJ=C~nI5f?6;-x3K1(tV&-^1fxo?x3LBdHdlcYo7ZD5R7`|ukbevg|I zAj))W4pc&FMz>dM%Um!Xe8H<=?^QE@aVppNxHf{JMM>fX<@HX#FoccW7zWN<&&@{Qwn zuR61U--Fc^8L4~7J~upUa~|97x}iCdQ*sNu7kR8yVgF-jVI$GgtkWR)$rHG<0~1(c zvC7fNVt;wEzfi9Dd+H1|UPv=3z$-fDQB%I-bjQp|&NiAhZ!v08V=}k2Wvmy`2AD>6 zvlSI?8-`t5vZwFPA8J-6)HRwV-n{|Hr`AkLx=w&Cdrio^bU&>xi}_0IvBl&b9N}BS zlIc{u71Eep9#S9y5JLpii$UwC8Ml+|5~wpo^;t9(+l}cwO+k-Cydskb0Mtcro?Cl! zN53Sz!`9m6k(l@IAu<72L~}F{Q3~S!E>bSGir8mV8UCcoYk%-SU9hKTawQKxvmkKO zcVhb+0h>URI6y1HpBrQk_bl;5_S6{{g&Q`otVW#%wjAeAoy6aY7QKnO%jCN5&U~bM zVE-MW_ii~|E01hzhS;6`8;%pIAg-Iogk!#E?^`}S0T8np9i%#sc3nruSHub_qiJpC zgWtN6$Bh;g7a@V7C8>gRQ|R3aRG1q0TBASGL&l3VQT~$MOA{01Nnq3J{9#bX?6XPK zplEkU3oMt}yq3*`kFatak^1Z$3jiGfcaPx*1Iuvz@v5tpw~&Agr;LvEr}&XXPIC8E)$DbdY~^#iqTB- zd610OW6f~W!=LL*?_JKujssp4vm0I%CyAE>U89Y(v~6po^=^Wu!}%9p)tyb;m0ouS z$gLttK0BCN_xT5pc*(W&k7B`?WR?s(Ir+WiIAo0#dN@nh&nbf>$2=y z?i}x;Z(pnh^zMxKlFrX$sNh%`GlSTt2-f`f1^-Zxf*1?zvP@Fpeh6DvwF-WPi^qc+ zp0pFMBTjxlU2{KrTx+2i>pgMdm38$2OjC#3I3Z9R8R9|51(HC{H&?{{HPN=(kqRavY05R z;gYn7v4AzzK4qmD=+kw-4DF2cJcko&t%Wt!Niho!BNvQo8O#gNw4A2ZU^~%c|A2ed z6KV_Gn!7Iy*=>OYZmBR3pUV&f9;iHQN{_E*&tun2E1ro;77s@4vRl%|Tt{IiR(Mb8 z`TutU0PcH3_3eF!0vCS%+{(@MpAhC(hOtS-Sn%VUZJooWX(twHvo!O4sI=HY?CH_b znN>Fon;hd1v=!Qx;D)$74nQdwE1GsZJ5IxMSA+Q9Dfbo*AkG@uj}!`O7QWot!^!=o zqmw^E%yX4*u2Z(`7x44zKeh|pNNv=dM-8(?&Tq0lDmUFJS`-(Bqxl*1<$#ABKYace z$NkVT;6aLeLz3d8d$erGuC7kQ;F7dQb%!{@Q*rGtEzN)u$DPrJISzdVxquEacLA~T z)UWX%q{+A&hK$^hmmp()$xDEIheb%V_pBPgen^Ll^=cCUxhn?2P54)E;xa>>XPaW9 z##bf??eXH>M#PM48dYdAixa<^?WS$;Z}gYK z9v}?gl(pTyc}1bcRbq(!t~K8zBjjxwy2G|HR1AkM>Y#kwA@ra{&cf~GBbKq=sA^|Q zJtBCQj7yLXkEeTg8cvFTdg9+a2H6M}U8VS(XvAQZj$Bzb$wZcX7gdn7V(3WIzd@qp z=9JmiOPVrXX-n9wnOINt4OrvcXxPiA+L*g6`HJIwPsWF_-666X*Xe-oh1O@p59KcCjDj&Ju-%N@u_I|>&2k3y(}a4B z-pW*7QfAbMbFyNx&T>OFZb)G!=|10HL{3U0Hn$t#C*VIHa@z zB;LCt_kRWw0C;u$u*@D9k+Z5w<+`kk&AG|R6~U)`na zcP2<1@6~a^CVGx-FNT&v#IDmdY|4Y5A2W(lG)ICjUb!TFtQV0=NC_U+I2n#duWNQg zeq_}_>vuIpll8A!Dq!7&K>JGWNdQ39+8+B9G{ENwB4i_noHIrHK(7_xZY02%!H^Co zK1%NQ-y??)T-$|||KIob07dT9I{x{IJq)Y)Z7qm>&xxc|sH!~&G(SADfQOsQw^mYI zM?W|_39%ZPw^kjw>hQJ`%#(9>bR6RRjDQSxdnTm0C@J@aSzO(xYj{>cvwNiA+(xWl zaAURw4;js(jPCDsy9MQI+|NFra4sV3H1l0k~X_VZTCp1rqJ92>Pf?Y}#QIEtr=a8dDxm1KNi!?WvW&VKUQ4gxYI}ga=B7^!@iDGxMb0>q+ zShvKhzJ~0ORQ>oDLU2FS(td=0+a3T8=l`NvjMFs}nS-uylXzokiAy^*VxIhukVLtr zT1;zagcxU>$z`Q7gAYLCm?tA*&(U(O^ut0&8V+jx&&=A{DRS?=ei-N{{9jr4mm;S6 zyy!rj{VrVl5G=m9;OZw~(JPJBV@`A5`^2qQv}}z1=UXXxq50mwA%{3{l&-~E7(LHP?SZ%lWDt#Kz~AsEqrbVMYs-HbN|$J z7mE!TxH3BKU6D8!6o4_=z#T}z$7xELgO3G4v4R5sAD@eWT^l|ZJ7wRIvX>6Nx1(Wx zK>JG_h;Qm@odh*`e8_X-euLF-B+`ic8=v0odAxFsoVBK_iLsSgT-+d3m@L-6a((xm zwKvhrcpav;5(@rrW~#mUu09AIJMf^Vzu$XClVx2H?G{*WkgoCSx=0!kKcsBIe!P<0 z{c&jR%xDG~W^x((hik?id)||Ja{q;JJ1~cmmrvP{kpbOlfbBc(7XfP2def4#Jm%l? zU8#w6kg6J%I1ol^&*D%T-%sB2^3)6rW(B8DOKN)27g^F?fp?)^j%`0~=jyTVQlgaw zW`wDCLibI5jo?y>2Tyy9*97MdcvF+LKA#*H^vy>Uvv$yRAKqXq--0$l)Zy9i_**cM z+lxn6a`+E#Xgnhw<1IAuSyb9}NT$GIhkYmo6f5mH@g@HVqa|dGYDsd<1)LoG`Il>R zKcIU~w1A4CNzl7AjWzUDq!6n6@sW_7N&%7+i^KthI|6kI=}mtb=76y7LUD zWXo3P6UeySQtCb$tg$g^J#0c;{2AXR@S^CSkOWmEB~crsMTxfSG@eu+XnpzMF#g1V z`}p*O=K*N`;9Xqx7rULE-LCY_xBbY)Nv>ZIJZY<9?e9+x8{6=>sH(~ZxOwS`B`p-$ zS@4^zd1Yu%FCq*6>fvOat&I5f3tF$Loi4=1Ad?^i;NYUKUyBUV6KI;X>_W1_dLs{5 z27X-`z=E(Q&o6#2?kGXTmmLD@7$%&X;G)cTFUEN4Hd(HF2^C?tL9Li=v~yNmtu(dI z$Tue42*5RnW|mA%YGu^A%ObYBT_UvE#xJ6**!U1{keUX$p#;?xU)&j0zur>Z%IRcJ zth_(&nKozE_Oh@k|}!uA7;%8`ATydA6bdjzU*;@ylO}vb^2m*>LS50_-lF0 z&GLc~+72=gCgkg6o|N;91a% zD8S=NC;`oOvUE5SDkBHJ#5e~YKYO;M?KE-@sg!?Z3fk*e(}AaD!he9*?MF>AebSK_ z)=}i6YQp-VkAPU2JJFkEK7lrvN)&@e--Xi3Cru#2XOWPCXMfFa!uNHHFh7r~q(@*-$ST=fgrXCxM@~CVH?b#jj z+QYW5U@}8J^jjQ`d?`0p^K*RG)S7w=qPd6$m3c^NM%$7~Y|>Q~tfv z@e}x^FBnI5htbe;N{0yC5n9|a#BSHU{3d%Z$$R{9bZc}@j||t)=a;vRNoTu|SBZ{- zyb0`v6~Fw(le1WiQ}|+=YABvw=u#43=$7#x?rK^l6h~;dyb) zVipcRv19{ia-lX-z5x5?xBJBn6h{j0z2Dce?W@pUuOgyxnRnQO&u4De5Ci(R`CHCO z3K>3tLcQU!fDs;+T(Y*waDz> z%Wl%R3vf{q1+gsTm;;n-YNk)?*5IsFzCvglV`H^ze;I=##gpaT{Fn2*1EFW1_ANNhH_U?!S2QST06D0l9!!6Up@WaC6yfIymd-M-EKb%2pOYgLsCFPCD zrFh|ay-^_prXg=ql?1nw6ZGJbx~CDdgKhiKYGj}U;vv7`pyW* zICyn6qIiRC^{@5ivDV|+no(bwVsEw{|8=M}I_@7|@Z1M`4cyvCS7-7xwWh3(ugShn zwh>5TM9N{wAFy8DTg{jHlMa53Em7u}xVhB-_E1wT^>vgN`%Yn-ii!jg;RXdP7Cz`R z8iWQBt|PaEw$~Sp{G$HdJ-iIm$o+_#!Cs^&dpW1_+nakMn8zK zMR_EsmDAMlSm$GWSV`^qHVkVpqk06k>w$0B3tD{RfsWt+5u_nuUIoz=?g{xwU!&X>ioX zD);KND{L5F=FF@P{9}AM|4EK^V$SK#Io5*z*dunXop_{}K__p}Kj~L>i`qiLW72tE zO@eam{ouNBkI6lF>)bgJ*?pposSZF8pwx515L<)$kqgVyRruTzkjn5!~ynNCJraD+Q$>wbe*@%#vGM3 zKw&aZeJx@g7W#6}xC7O?@ELjVCH%rr$gl%Oh818mvKA;_GqIrk-!a{&j7l9qf|>;JFxPe->rq%6B6Y6AUJM-m zr`N^89DuI0%O1O{pboGthc!v-k#4c%M)ZZ-gL=DhP*;c|WPGJ(B_2q6*xGN0IlRxkQgp7bH|nSs-6S??5w*p=dEpFZTI`?+(QF)aO!mvJ=YZH}TaUcu&M6B_Ewt1S!50x`VK8~l(ByCzAM%eFEDM{ypeZ^ zc5O=>rHvvReU0Sfsa)<8E1zdzaJ4(piEpXF@FM~3G*tV0ut|Y(KLJ+{dsIMsy<$p} zqo5am%s>YBncwMdkO5yJf6T&b?NJRBG@tF5ffTYe^2I31o!L38N_ac=my|@r{Lr}W9(a_-)9_bC{I34K;NG66TOH4FKwP>(+Md+*79QK)hTS$(O`^`>Rv9uH(kdmD zrJs>TS%K&3J)GSt;K9ol%H|TrWm{=BaumgUZ?w0&A^VYEw|6&gmSb<3*&rXJ6@?9Ek z(^UkAkEbq9WRk+rjf*#sA3Bu={=x>=?s2PaP2>x4?@oX5W?{D@M`Oy6uIwvLEK6M7 zOX?*!DCJV9=XWsE3WqGvT}Kn8GWNTe$j8&}hEBZkmaL2A=m8qR(E1q=cs>8%s{7@o zJ(Z?3d1frG5K*2+iH3UJR*$koZCGP$CIBTG*8ppm_6^I;T(&Vux%=#t{V?Vh-?T!> zU8;FtFQ#93rh*%C2RB+_!q$&q+5dgL0aUQk)X}qa^h#pRc?FLE_KxASM;4zL;%!s@ zAQ4;MR-2K_Q!yb6ALKk3Ea6AG$3Bs72}pj&gp8iw!AL#W(GPXS0w$#O!9xSp*H1a^ zo&RcfX?9`D%N^XT+{J-jND1;YTaGZntPMV3+$lFAg~4Q)0)Cr)u&5y|aDeiW16zY0 z9F9FZR(BELNFWLnEMc8Mv!*4I{m->aYq>H`(_`xNLAi3>Pi_FQJdXCPK>XR7q}w0y z2e_d_Ha4Zodq8O4%P8u)*I=00J_JVSd?WoN;XyFxt*=WQ^neh##3^^`#~r zV}h5mjWMU(A-$T40%V`%p_Ro@$Yn=xionY6{Bbi%D5!1mvfS%`c9avb#tHdp@d|#1 z*k$nC>%S27D-=~rbIaa*`0%XX*v^%@)2*r_7D@bBW!@7%f>nM$nE#$2T@EIXwEc_c zTR9X|?N;sHSGk|p#XQcBh&b@~M%erp7CWyVI>s&h_XWA-zgouWxJt#g?C$GQ>%Qf0 zgZ$1^#|NF31rw5X}|}txGb65*8$mZ+`PGDe|N)4({k3@ zub_l6+&U)euG}^LubZYbyz*iDCn<>XX)%{SC{}Ne|LvvDK_X6%EJ0XcKF z?s;sc`zgj3KrNC!U%p5=8WHVGK)E8HDreX%&r&}QJa+}Jk8{I$*#AZKY8}<;h{TeI z=jMcw6?L|<4gfcyf@T0t6=T&t5{mN(S_@FC$w z!>^Rw5g_U;<@ zo}s;ld{-Q1%P3)`>9qqNdW>hkdaq{byN#r0A3aJ|7Zi91SZ4T8z3iNYEGpTTDyJva zX8HB4Yz?F(Q|lu8;9$Cx87(RL}|o)8cM2Q$khq~1k7{C{knc|6qJ`~Q_t*-9bVDxtEBC2P#Il59zm zETbf44P~7rNwQ~8mPv&q#=bqIN@9pmHzPmr)-(T~{!=rJ|`@GM& zuIs$6=d1EBv%7%$TMN*K`-uK6en6-**dU*=@6Ug=hqd|f0Zky7ex#+%L)70* zAj)qc`UB=8ZsW#|Vc1o#LjjCukA9C9nAk5^7Tksm=A=wSj*P21;d)mYrf%rnvCmL; zor=YVEs}dK(99vR)67B9t@y-kiI}qOVoM?_<}pOBg<2{3=Rfq?FMJJi$|g_E1SENS zrCzECOqhQGcLoi#GE0*Wn!eT(rm=@aojMTjHAMNjU+UVaLEZ27eFMRIC+@`v7d@hXiO9v;%_)rR}Of*9R>zMRyZ& z4Hs_sVFWwZe&=B`h3xzW1*pR>AV;#SsLv1fVYC>W>(WjMmDT+S59`3(QK`tF3Tv{! zp9LruF4$Stl=2Yd_dap^{j9e^DFQz207gqHt=h@ZV5x_n_jvKOiW?Y5|4t(d@Jx|2 zZsE}U>Gl!^8=n6>oUT?mDZT%EZYMY8GI;v(bQNyN}{Fk{h_dT76A?6+5Z0j>q3~yJ@x%-Wr ziAB~huHB{;*Yxx*|8UO7C-EOIVdPqm-S>waQ);KN8^(;6>OsrS$l3(;DzCU0EbusE z=VXe#H+f4{`yl4bnx^NGe-SU?ux7wzPTK+I!Tgtb2?#!cE)=6H3=ewQQ#nQC;lb8H z8JA{<|7zC=OOcndBeR#4dBEl$g1_oxCu zm=Hv6XB+zl*MNWP{Bl~Hy7&^DJ+)#&iLoA5cX7l7Kr=A)GzEu$X_o(F@yOBt=nCow zU;MX=#`aweux|)s)S5%x;@`hZ;yYe7;p!WeoSIH#}_JeSYCq3@i^^Kt+7HqEbr(CY@0d3L(#SCtj@&~8^K zh#}?FMe!CwL?v$e1~sh#Z1wYlCMoyg&rYlDTpf7LV(f0ET8Rbub6<$J;;ipp~^3gG_fvCUI@C~m#A6O#owg~DzGGvD@`41vOutQV>apP}Dgvqd72eb(p z0RDmSvu;&8weI<@``{mk!Opo8@M_myzI{C@UwoSvLowwTnC%1~Xu{5DwUJp*3vRv( z_DgH&g!4|V;%DD)z4i9c8uup){SgaIqc1ADIXI6T;9%zU`q`a5#t zp*1Er)-wHI-dxX8tv6~j*zpQu%%kca3^34mhM92tXPdSaU@el@DV#Cfy?^Uf=T3jb zdE5Jou^kjfn0QHu*i-*l_xz_2x4!Dl?Rt@7GhDrV{=R>Aihy7R!fTz^;}>i>|NY@V z`pUlsxyGe++I`(q35V2OR~fTa7kZl{N)~FW{o9dZRnJaHi>Lb8|1A2Q>A?&6+{h2E z5mvwk2+_D`0J8g`V(@7zPSO9QAHaG7=-Ytp`eE7R*dfsOgL}r>d0(*sTcf`!j!9}C zE`JBV?Jm(I$EVir@wI`bnh`14+#E-8@AQAX2T~XHPXxen#7CF?GRtjGLQDW#UyyD_ z0-K{Eb1A~`J3ZX?LlaLt=m84NNmEC>F1PR!Dao&D($J5LQdzo`x>_ql+Y9*vc0SH8 zG(JviUt*?qmN5aB3dj<~j`foK!DiblIxsjuz5=QSRPz^Gt&ANGPJ#~K=4e}7_B;-s~^QWm1W{7Lv?)aFRi7rG(ibctxZ;kD0=Bu;wr zQW!dl%8MwhEYS@SZkNvu=Ok5yZ1OXP9))}bdD5oV4z8seZtUPE-$3p$`N<`l@k>q* zk%Cb1GA93!G<9_W8;M?^T^MLyZr*Ih*Hve(eSg2Jt2Odqgau5H&dmlH|5KJL{Gdi7 z__=`J*(Mi(rRSyVZgC=~X(yb~06nsHawper42^h)*iSqa(pz<}PWl#wa%!(8dz3Sf zAU~llYs9_Nivfc_Em4!%b3GT)yKEOhbGieGOJ$paG*c(!DPt-)4$t8c2F~DDD`9YK z2BH+kf&K5=a0;`hS%{S$w-$Z!jBa5uQ#-`{iXNXD>Z;cl?w~dEROJ2u(qY8pcJ6)g z%?~$S+xM?Kbb@nwuXbjXl2cI0|9kW4!^++gG9P;ADQ~p1ZMv2C9*b)leJW=FCyp+R z|2qGd6SgcP3t8i*dHVf0uK7D3lMTeNE%0vGR&Ia#flh%Iqq?w^;E_k_*F+Bs`+a+^ z)QHGU`vPyk^FWuoaf6ohi6=X0%?Hi87aVfMV1iPr=^Ps@tbeXiIJ?&ahd@2`20h#N6M!@BxgcaMmVf zM(w^;!bm~JedQA$^32RF-375655ARO(Y){H6!LkQ6e4x?XSovqlgtBD1EY}r^SbV5 zk@vS<3XL~(OZ8DsQ@S$7Gbo=v>*2Bc)DqGZxEtdTh5PXUo-(C1_n#;NASQ+H@;Jig zI1Jj1RxS#-BG+x&7GINXrVfB4VU=dd^r4z|4wJl5?IwP9O#2ViD(Za{-(cSoN|Y@5 zRfl2j>;ZS|m3D*XGOuZng$id>700(87J|99oQ|qgpB_@WV+k}e21|(L-dt!|A89d; z#*|}YeySpfq>8UZARmnwv`ZQ=igxQ9hS`T-hp5?^E4)6X&LEI7+5VQ?#X?P}c(zd5O;Bmvh*9##>2l zu5^Uk!R3PmZxM0FvWKArWALN1d&>JL5~y}f%MEuKi4B&@e&#zyf&XaLIY>0lLSGEj zVe}M6H4I&Tt6K3scig-AnXv&u?4}U&wRP(?O{n)cE)|TBbX#*+S%0%F{r@9Ls&|;fQ zGegiK?DlC0crZ$RM(CO9f9{=Z$6bVcMj}H#@=3hXx>Li!v4!PTP(612U)e(m=gGxlPaI?+%h z`wCuW!@*B%x(nns?J?ZDR z{Q59h+x;$iTWWiUFIxUOwS9K9`o4pmcb3^JZZW>TcJY6n{}rh-N&I!2{}%E9z%Z;S z0!Yc`*)V|5;yM3d!@9?ucf2rj@e9$s45*Y;>z zAM8!Uvc2~Tw30!Mfb#~VRdT4(zgrA$SOgRwl?E^ha9BsNo8HecCHJD^@GSC~t*yIH zul@J=3Ll&j~zJm+E0;K0;uwoG@!g`qB5y;95PoI7Qds znR%OoTE=jZepZ$vt2iRmb^PIj_JAN!x5YZo=2S7ZyFiq-O1>={MHOGHR0hb)lwq%P zo<$TuOOT-*bv1Y-fA#wW-@MF*L!~F>29O0?idtQtCGB3|DmcuZx44Dc^6}$gx-(x? zf5G0Y_P$|RTV}vD_^v7O%4p>~z5ev=teSxn%j;V4mInnF6Cf}oGpbcu0kI%rb%J6+=q}d)Kq1r_>eUbjbi?nKq-Q|4A{5*_Q$EQ zJ2L*PC0G5OFeNhPXrX(xVl3`^1Rnx9{^PW#qh$HozBI{&2x!Q7PbkLO;{sdW{W9Av&7|gmJQ_c zzO>`VVvaL99KMC)4GFfQmNJs2KDgSAfpeK!sz2OwI-)YRb#tIZ zXc@fw`nf~^^na!R_JR4NwZzkiT=GF2ZUN>S0E zG!8K8`V$8Zs`UDEj@#>ue?}x z4?d~o;N8l+mQ19a5s#W`><0lh}dzINNQGzwEgYTRugz+ z{6+20?x{-~uMCJ`uqUQ=+`^ty57FicjvQ(UE17A~WNn&e2dVYE#B;kmIPB2vih>Sy z`4UnEVp&W6gI(Sz0@{m(oQa3qUH?#BhrWOWnfIWn}t>AoCE4q&mT2e6^!RirHqi}BKliV0DFm!ilV%D3!os(7b?9p zwvheqSG!JvU4MYy@G6y_e9AFvzfm$Q%`4%}V=tzGy&v#pTLQWqm-IvU38~m*X zh1GThka%&3m4HypNK# zf$M8j8?UI5hKl_##u%Id_K7emAI);ihtv8crA2;tq&~%@i5NKA$!t=Zc0F1+mb8MDFo8{(u6w5O_g#X1Rzlu`MHn za~(~XZSEm|T3u@>RhISw<$mc3OoOFr_Y9JfBRTxvs4VEZY{5Ho9kAWi5|u+LW43OIaFOxD4oxNDo-E)PEWAvVPqo(h$uX zm?-21Kd5Fw?Brh)?_NB#7vkyC#cT3yscP%vPN+B z6XP_YZyk~ahcd(0YNt*jJBD;!%$v&co!ZE@GgkK`nf(&U&-TWI%6(ne04tc0BGXCu z(Se^m+ZJ6M=`Wv0$Ux)m6886IHq+ z`?iZ3pb*BbLQFO@@HsS9XP=MCaW|C)rnOc|HD7-rzm{ z&lz<|$mgNm?FW*se7pPtzMWcQ&E0=TJMc7lcAsaGe$|U84VUn+B-zh0jt}~?yF|yg z_R(B{4!^ZB_TEp241QBge7xC9k;)lkKCB&EyJN-Z3tQdpn0M?lHsh-?r_c!qywoBxpM_|`Vf6~P0I#&mAc`DZu=U-{qt6^oI5*ugd|qus8PnMyYMk&5*| z+Y^Nra+Kj)%{%5T0;oh+0AJ6kJMVGhg0vZpJ17inguwZS2KT7Yv+EHTkJlE3?BVrc z`#&lJ;CLaJ{HJFEK$pZ0N#vWyp8I9Zk+^VErukV)i@i(~s(}eqRVeFc8KRx$AEWKp za5nfOB9Y?+z|DgnZpJ-J6x_b82=n^_byktdj_CQOqcyt ziJ;%n)g@@mg*J4)V=Mn(w+R5pcXf0Fu+1tp_(YMI`Fkfo@8j1vx6|XJB8*hYd#onMs7Zf!(aN;WI`Q8VX z1rrF#j|L(m9!C|tfS5tDv15ZJ&*@f|T_UWk%@!~&7*$LI?HYAIeCuiKw{)f{xNzM+ z7VfzW8vKV|!DtqkBdw@?niD_5@%QGfps)k4c&KiA!%n@{%|-;Cc+$1HQ%&0G)Lt^@ zR?oYS7ojVGp^E-4gNw{axYGRM?8C?t*Y_<%jclp)1JRyqU8;61_d9Nz4~YGuODc!s z=pX%GJcfG}4V1(40$I=ROj{fW;2I(`B)DPfGT>tLlOy7s_#ByjorID8?so0QKKjuO zIh)myop7(Up;Lm&GbxU z$i6fGls+h0pBAi0^YEeS%HRwl0F(qeCp*1d7fUkm2;R_j` z;nnc3nfX6bUB@=>n`XdE&3dET=ibP<hK{1vKo5Xe!O;}OrFpHy%@V=iVt z-Vnua0uDVWd9|35LAX=FrR9jXGRHTa6FyShk4|lN=~Xm$#h~W}^Iq$*mg>NRTrVJz zkux3W=owv;LFC(?@5P$i!xshTky7VZpCV5%-y&4xKmH2SoB-fN1tYv^c=MZK2i>aL z`++Vz?QMBdeOW)mj2Qz~VK`FMabFue?A~9XyxYNoDu}l@xiFnb_7tPdhZM<8UcKz; zRpZX;JHDNO0NHs_gi+2T;%@p!8G4t(JLMX+F4yd8P6W-N`h2B(d_V{Q?>?AeRSGRaxqKS+abOi(7PK4M0f^PwKj}y?WiC+g%QAZm-7D)>(!q`>KEKI> zitcHSWwK?I!+Ge1tyc_4EHVh%dc{yYBKbU$#B68)7$7ybT=m5)DP=6UAG0srW296P z$1Be=_2lBP{YW-|oBI^LG-}v-vv2EK3v}HpIG1SqH|1E(G^dt)046efa4lc%%6mlkO|I!=zaj_Ib6LKTx(35SIkiCly3_ zeErKgg{qu{sgf@+BC8eusnc#&dd<#5(}@|EQbX9ihB<}uI`0^mUC#gv%#NvOfo5NA z_*EW!EDk$7w(#SCPXRZvQ)*4@Aim~ZH^S|Me@Y-Omw&E(c5iAuv6xwau%~)_Eo8zc zuk86)SPfchQlRR{H!^Eq_P-bFDfRibT_GPoq^Q zm7n}M1suvOv&j7QGAhkBjvNrBs%kWWGK@?e4Lu!>iii+LIX{Pv|Hq~!K!^R<%@5a; zxqgf_dHFrb!(D35wP|5$@;ne<@g~o*H9@qAAD!i+VnNE--&%l^wVY%g&*A#nv*DcK zfAs2?9I4@!a6M91bDnmpZtP*yi5hb(k)Kv%PXav3a5Gx7{Nw1&U{1B8gny%57C`4H ztw{KC{=l-U#(@_u`V(r(KD6jIQ`i@dJ4&*4of)(4Oi#z|__l0SGI58V z_<1w0iHiVMExx(@%-hgW`9=E&(#6c{;4>s`=Nn>*2(bsT)2G%e+OP)joK1(NJ7ynL zX0W;>yT7@n=J@Go@D%exP^rxDQNuTk9U(GT}96+58(=XA>AN@-V11AHdFyM}Rj}e-$d^t^29qWvIn(8oI zHho#|LMHLl$j5^6kJd#Cf7!M~@7T5!Dlv;m_#G~YTM2T-7f`O`(aXiurhcb&Kty$F z$0l&ebAwsrE!SMI__Z|l@&2wFZFNuG@rrf{-JV_QTpW*qu&&$``1u9&c|N|YyZ3A^ zqRdmjnvcD|x|@^pSV-n63O*iN^<8S^tlo5x`58!Rb+D&qJDx_jNnsL|s*uJG-+thi zTdD2TAEeb)Uorv&4L&_0IE&4v6-E?wgARQB0&Qc0Q&TU_?n-r}7bzo7f(_0m1Ts^t zzcF|(`EXBJrc4k=Dk@KIoLerhh=l9YU%>eo(qZD^$&WDQwrO1lZ*-OK3w!$nsy(Gs zYBH!+6x(EKk%(2Iq|yQxD(OYyXU>W7f!pa>m%!Kje98JECo$I40}r^F(aZ7_Dx56e zHTN02`!rC2DVu^CQhmuWuncsQ=G035Evhy7n$QEHS~19{eb&7I^@M~;K{e2~o+D3y zA2VZw`I%mEC~DbcRIqsK&qBBEoawA?T+S*9R|^S|W4Ic=xz3Jw#yZZT&cXwH)Rd^# za5k0aXR%?EVvhD4({hjBDh^SWc6!K%=)xXN|5y)7%t}2-cZmKNG(_IdW$0m?6rN6B ze`KKgtqS$>5CkPvYFhYeLD!coh+ueYIjhS*{|K}2?Liw@*}u_)9Z}<%6dyw3`CR^<|QjoA6{AB&q;Y@`V#pFYJ%E+4^7+> zAGU1ewU(+4Y>GT-$c$#bwTi)slD-d%)3b!3+4>B%5=dLlT+$|{4kOFByyQYP->kb> z{i-Oq{<^mApw)iprOY9^Fu9bxji3m)N5s530rscaF_t8e9E=NUImiTTA*dOn1G~R; z6Y-cD!N~E8aHs%Ttsi04ddBfdWXtCOgW zLW&^m)^biG#6;KQG8*?CDb2hOCHu2Ox&3!tvfaD01b(dqVUK5kFPNh)O!U!cH8wW- zUXP$AO1Xe%Gd_1|sNtNvANgtG{J{GCB|_3qPe1-eEm%8<;}Nl7=}BLk%(gJ`X`kE4 z(%S;LsV3Dr%xnaI{gw9DbV?10A)8vyb0YjYT#oMT4 zX=)vg8+y0H{agPn_YKaKfL}wWUEv|rDbU{^l|nY6bA}sY(%Pl^uZUWRAxvbY7&0w7 zvp=Ufx%`hGmO`b`@?h7fHy~y7)7ww_1$112qZ}A$sx!xS-Xka*rh{>9n-7*K<+_7U zWhQ;eZG|~ah%KrJ+8m9#hm@gafxE=U&L6=pe@rR-?5rqZdkJsJ#+LaHp! zu0<(M|unzZImEc+~O&|EkSN?QTDmD6E>cMWswahCcK27^muUv0Qj8CNalfyrbvt9ef z(m8BS$!hfnhHXS_#so4<@5ya6>XjWEVUY0P?V80UuJ~%tG=ZeDPX5DZ@JGQ0Ya)B3B&un#-g`L&(}t1@K-+F7NXoJSSUmxR>BA*VaRn@c$2;v1* z;?QT}q48}I7D$yq!L@BqO%~8(nAyg)fo#piOjo28?WtkaBBcW6ZXy81->4q$sna#6 zns-L6wObOOq5}t*ULnbggJu10#l|%bjph+Lu-u@c;#8REC3!-las#M!wE&))d}zX#wmnJ2@|C0%bk58=yK5l~@zFkQD3 z$JsHN0(mizef6H(o1aDnE?~|SOcz50ag8)du1pX!Lfwl5T1=ZKkk9DM-o7dvzotEv z*bJFK-FVqKz1jm=$RwfoGNY+WtoF|fW@ZnIiz0j|4tRS^so_UBLGAJGKj&pZr2H#O z+X+skTE)DMT~$Vp*)YZ4BHE#lV(%sA7GJ{Fe%jA&#EGFo$t_S5CUqLe$65T83JZ#` zmH0ik$EMDccn!Q1Cuqqc@64x~lvO7|qeGF(gnLMv?yi?h{MEW)hUcU*YjE^!-z`O3 zUB*vs)hGd{cf3-Rf6gXW4;CHx`49IFD*GQdss5~xn!N{cOy>*!JnYJXw|WlR-6a4- zuI$%|vO*#mF12@y*IGngxQ?s+-njGMvgQb%kFoWNVR=*UUi;63|NHs>{qZi0HF$!6 zbN3M*dpU))=3lsM_=%~hg>&3($GZ)N21lW$2tU%-0elZZk>Smj0w~;j*qNfi1E?3J z_fWQBNUTb*y)b#C*@2yD-Yhs+U&f)ZTj%#6exI`vo2~2^4iM3eE^$BE#ceqTcl}zW|NOCov41gErc{_Hq_!MNtIes_EL^*&n24f@&2a0bL)r9JcOo8!^-r z)eT~~(+|QU)4Gh(*Pm542&s)$pAByaUUkB{57jO*65}Dw^inJVa))L+YCvsFRqfTd*e0ZQ_j}Sxj>Bk+>V9gZs-ydl0qhj!5$+u_<0m0~ z;V#fQv;KNYhTy%H0az4n5!T3wOKwx^S}(ro2n{%_gbd;Z7q2%y3|jv0@3zh^`MVbXY2e(cu$d(WjwDPPjB z^cW-h_sX4lm@dS-9ubzuD7yM^f}|?a93(8K6uA>Ep{CwA`%$!vu+rO^_Yd|(5ed_8 zm@ch}@zV6B`Veg(NLsD{f+S@3+CJG|9zCz9-`DtSd4mX5gBursit1e92kHY94cE)e?JAF^RFKb5S}93+`*p;aev_9T+J#<7xoV+hdzv`HD7gVx z#&H!@lU%k>%y?A{RNqKzO?3V$3FH{=t0qX%=QiW2|1RKXtcw~oArVm%Q_|IuH@_iF zW#4{oFfgwme%2*b%#_c~WPRRqh1{VGFVXY$guZuTncmz*y`f!EfWN&YEK#>&S zDz8k$$!C`qJH(`52 zp($ZOt^4i1`>Jhsu{s=|ZC!24Dh6$Oju>+ymMfmImaI-q$&GgWw;&8NL%#VKW@)jWl?hgFIT$Esbm+w z0nY6C@WYE-{N8u(q!hewNo<8KhzmU6hBaNe-e59vFs1~(VXU($;F>vsuiL&x;-*-T z?k17BKK_+xd&U0@`V%tp~SwR}8gJuf@0d7s$LPVeVR&rj@ zXgEJr*>fa{_dBvK?OerF*COhWbOIwA+-kPGamco55<2EoTrmB??kID5Z`sTKi}9k%N}LfG}rez7z@eb zq@S$5eFgo*em3<*kl{~8xx&)zH!)q?<}R6mksn}0GkJW@B{^8b?#M3EgqssSOcu>t z=2IIeaLdI#MBRt1=V)4!B*t!s2tPWveJyene=_YjLJy%&O+r#BCEI-t&>?n7K0jD+ z+G%<)&tj@~d1+0sS8xkON~$$6hYjiMB+t}~dTo0$G6pr=Wgk=UsdP1koY9!* z%J6QTU2BfT$Yb$gw`K8Aknvi|v*n=uD_DXA+oZ-@p9#zXCWt$1m(cGQ|+stOGeJuFKxX0A$qs|$QUWN8Ds)b-> z(@btj@Y#-^{#)|Qgwo5F-iLCmZR!*9CI5Y&Mg=);OwQopWH4&VC^mm&+TRB`q@H~# ztW%#(ta^Bts+7`&so$bD`T4)t3lwI+FW?mM_6uPa)#f(#G4uEh?UV|}w!eA-J(Pr< z6?I;mCm+C@PX@pIc>)1_Gw^n_(_ig{o2e0N^SDD>*IR!*n3W|WhbdWl`^M}r9TY9} zRAJ)JXEcs}{7m5ZYW)^SQntY;HgRiWqkU=Xaf6SBxa?0HunG}>%Pp`ra#j7|G88|?JyCg?S%+bK0dhlV!^NK%{o`saA&)lJ52m%L$=t z?^;sz9U&Df?k4Z2PT0T0WOUgHfx^F3pB=^5b$(VG+geVZ@I1AYIQ(cLcF}$$eKOsd z3Ofp2_4kEvXGKRHREvdvNDH$5Of9uaVuThd~-L~HDtUKq~;PDJ)kvNYbD9O3qi*q}DUV_St5Bg^B zd-Y3co28O>LM!8pFO^_gVPTsy5@laZ*qr1YaFcYsL*AU9rR=-=DRts0H&t~x$t(Xc z%wBj|5|e{0MD;=19i&_jQ$sX+Tn!l|6cFrrIie3eB1F-%UfVh>_>3+8-~2a#WBl2J z%YJg7QrBMSAESy~(dO?+>1n7rxao{{i~6se`BB#sYY0BK)c{t;C+Y>9qiTVqal!N?h<+lIf^L6XvcSw zZ;`$2aXPdqlI6fw?_)72zoCmeZGB_bYbyrn!jwhDmwz7?eEJcZLmPLHqhInB-zja4 ztO+)WnmbE!{Bc~o3ubMaz9uhwRhq(|C*%l@H8K%}~{X-SdTY8v0vD zEPZOv9h8o(GzO!jIk%5*w|nRz{P1t#_Hb8Ed|wlW7lN%Wr4K@7VWt|39p+b{@#2Yf ziPJr_cR5HL(iss053R>b0_CLLIPGcZ2qwSC5!wm4EEEXB#Vb34$b-+`R ztCgqcU`cCck}l2MhOSe)19;X%v8(U89+h!_lZxMy4N#%JmBK#|85FcnqI!=XU+(|3hNVCqp~`Cslb2X=rz#I3k0|HRftt>}hmB=B6`f)D zA^9hz0?k9jaP+I>R!EZ@@cM4>ezo}P^&Ns7Wnc#_);^$-DC8(_-coP*bIw0AZRdu7 zz4ytEuLm8Gs$e!TfyZriEBMQ(H#2e+qLXn&`gEcxQF-?Q`Z?i3>`>0hdl&Qz!^5JB z=fa>b-)@_|aldOT?OOLRmlBGC%k^U8;OkL? zkzbAB50&1!L~RO_^s&YFqu`lA2ayrF#iBgP4-gUNNw%M;*jT}*+g4n6LWC2=@q$mM z&9PqvN~4p-F#GJ}(mxCpS367?j}q1ZT9tjGNFpf={yMd!;Yj<@jhxA-UWOHH{m3Jp&c+I;0%!zUDv{X4~P%Y^+Pz08pId4!^%qPCJk|-Dk zIdK8D`sM<|*UpL)9k%A?&NXN>Ai#5qwd>D`wn}03)P&K3j_*|u=Jg?Ek}sYUCZ8V; zwjwVdLC*D6dxNiQuXJ~NRsD?nCf?IjCSvL}E$$rhLi^u<1t>kAPiBQ5!jnVmRv+it z*v;oevGMLyq5?8R1|f_%^zaY#MfrHq%@x!Zb$ykgxEp)-(x0)k7rrJhLc*!P>+LS_ zan}Eg@{gcTjtA)Dl2#^fY^uU&{-wL_sO#K(jm?E>L3CBM&IPuk(DlLh z#QE!)k@X`4RS{P**tCJt zOAn6eZ0SjJxGM{P=p2BvihLm#Ud4kg%lA*;qta6G;4by72olWRv^>cf)kkEepA@_M)cc(4Eh1+~GF9xV zYb$1!Y%Jv9wuwt@*gCjYX;yhLj~eNpFTTX_`%4u#)ZKd%^YamFyq2HrFV0|QCpKk( zsLbFM3VgcOQv#iK^~7P1F5{{%R=4#n5@_GE=JQ4T&- z^E7eO1c>=;`-_jg5O;R&RPu$&(7NZhhD=Xl3-@V$beN`}|62Yo@6Kz^=WX;gBNkp{M+LxX2uA27J}TCbs-vHpZ~zSoVWx zi-eox#A00W`s>LqpOr9n++8Ko?F`PD1j>*oFL4-%?)3X$aypQ-5PPssm6;|b8Q3V zO%4ygyUJ;*XasTn&{0Y6Y@;`po8kIa7tLA>!#biUucu$qw8>wNFG>*|ZqL+CRb(LV z_qk`=q;r^x~oPJmg9>m;?Zy&2Hh39uRtr3gLcIqEjujkH>Eq-JW4LmVO%de4%C+@pLr<`?zFzJ*1C) zBu#-9IM?K0F9el7REgQ7kJ?;!Ki6M(CQeZ4acW=~?@%I*;p-D~#H-cWHfP+8npFqN zV0<(l%DMrGwLWb=T!s&$58-X7*LT;(Y)N7>7KlC%iKkHB<`(&<(csI*#5l6l&!Wp|0<&Ml<>MGK z+i=7nBc~;~B+A3~pZEM3EAlyO?mj2(XPVowhs<3rW*EL|+%q8gb^vi|_C;(t@$%W$ zk8Se!zUer;zoe@c{pw5X6rl+vB+mOx-exO*dbOdsiEidAhZc4Ro@XKm2jG|2_Pd`!O-xmDFqqJ_8&BJ)h7?Oat zzf7;LKEPe>h>w9}yO@H}qp{FMz#p0Dwrt^R>;zpX)2nz@d4@R^8FgkJgmx6PNSBG%6CZ%fvi9mY%q8l) z;M6nswMBPnW*vwU*OAog{j&82LNfJi%0=or`QS9FQMwtSr#k|fZ8cxNU4VR<11RxY z5miJmc`=^RX z$QKzr;T~Ihy`A;08sqa}!!uNDd3wD_RIhoirgR=r_D~psdeXH@S-qzLg*{Txb#*W2 zE2ZoMA;JVV z3Enn&o@P+xzp>gP=;&zPn2jA}gBIFX6-- zp+={RedaQmf#DX6gr#2P-ozYm6I!>C%`@V{qu5SyJak` zc<<+t*(0|==S+W)eP=_xLGLgY6ty8Kd!-? zZU&XTX%W2e^(8bLzJ`CNK};k&%%HnGslq6w7x6;FAV-;!kU+yCbg5y;8CPH* z-bfWO4GEM+TBo%Ojug@@Nf|V`CB}t)UP2I60B6dG0Sa8am|z1^c+p|xN4#yvH0wf8F%3f>4d*Q&NP^a^Cw&Dw@| zsp#CwBdiFgASTI2Ar6mLpDHFPsfCEq$qPGQeW0_ZV|`#*PE zKw28WfoI{OzI$oLryQ9(pE$L2-gZNNrrp!xX8Cd%X8sAs)=JT;h_WXY-vq6GHe z-^0SO@|@NC_%!Y0o|yeLOE1+AKqtsY#+n9J$Gwjns|mF#Tviu49f_2=rle#b!nC?bHh@K};(RFL3=RVde?cW3#%n~EF^yQGA^EUU6s zEWotv!QZ-Hu^)5!hKmt1pBV`TIV%MxdoHPE{Ty?c-C(|=1u!PhKg8S4+lX0jXoRB| z$azC7wCYO;kcj?S>eSeB#CHBZ=iNM`DjX|!$SbY&hOciT;P+Pp)^wy3)b0j=|9PxFbT30fiJlQC`Zh#D)x>&NUS%xG~5oGOwQXhspU7$3`r8dBF z>KR?*G2`n2l=yWd57q893Znu6cqn_;aD~_a=&{5_ z0D5+>&A|gG;C8ia!bP1}RCclOqEWv~(V`@WYY*F@c3tl=D~vu-e|_j16*mG=`F~`+ zXINAF*7dETq9UN8bchWQX#z?o*@}wNq9UTS2#828Dm7&zA|g$xA|)asDoE&^1Zklt zLFq*T385oNfE2Qlyz!iU?sJ~&{lvFLuDMoL=A7d<#y^+$v$=V7-nBlIU)zUn-egj7 zdf*Ykr!voQhkwT_#wBhtt5-#kgxV~RUh^iDAJXLbhyJ}_VX>93QGy(X4VmG~$1m@F zUP(B;$L~GDn35SDcHzLG3yU&Y7mt(bHYs^W3(>a_-h4sF%L<6dWUmVJ;M041gEN?s zyww`MNfWP3ETD~MDKNKk23ZhMLKZ+s2ab6$*G_G*rCUo&-byhwN`KmjA+@vckBQGl z2t`j;u<-j&G-hmGm&GhB+teeP7|ryyyCm|MJ$cuR-N~s*Ms>&yA{Z;TqUp0i+`zTD zKIoAe_wavSJUf!_3d$%x0&>u^*!&9WbXkW|@d=P9MMMG7F3C`0VA!21(t!W#6aqOmkjfPb#`_N&>E2?mudCRlb}m9z7+c zVwQKo5Vy~qdv8;`ylL{zk-Yq!zdm}-+>57K#uY;SlUG9J^L8nk(yumE;KJ|D-Lq~r zUz)F8OHY=rp&r~Cq_cT5qyTy^UOyF|GSC>nAcUCiZ{R=b8JV^p01HS++WC&{KwKRA z8R~OgI9#={8}%=3z|+DrX`T|J61%{S!yIS$78rLh5KHHvJuOeOyl;up$@ zqRXa?;;RM6FZCR&#SZYlswHz986G*k#m^!a`KG+$YKg6-DyZtnBr2N=Wz<{p9xz7A z?i8Zj0g+X`o;#8QIAy?(zhG&ij~BP)i_nsT-ulcz6nJWA%*Mh;A{ni~xHAVr&_C6P zzgFE;$^b%REWfKc@^+)XuDOKk~Yq_6n8(EA3H-XN_@lZ+Alj{uPGD6TY~AUkmpSAfbG4rSPUStC62ZMlJ41MfWt;kaxo0;@AB<=KKc!EO#JWzn*Jb|Cm^bR?d8a`Q-RfoOcHN z0Wn7}gu7JQ(!M#<=Z_ov%hIm5*^zOJuzHk^c&Cpi#~(g8uDSw6_!9)RDeknV8e6qu z@BzuVA1FWe)|`F;&K`VqGoGd$d0Ew-l&nE?U<(%I>?U@M1iz{#FkrRy@aETJfh}__ zl5yE-2VM#9Slh5ueM~B~W~D_Pv)ZbHsmtW_+xTp&I0W&!JFP2{rhA|C)|^l%gs3N! z78Aju5syA3Kkl?%fLMK745dV*pohd$$>a^YvXce+Wu2AJB&W@BdOv(_d;VZFHLmds~*pGoJ#%*!Xctz3M`$F^8}rl2R+U<4-$Bn5WOf8`*?_%*IdN1iq>lh&BY7v;NgmPR6z zVJ9KEzcPG_+KKAeQB>=(GcZb(-G2daI&E*y6rQNLNbaau23Enzk zH0yQrjf@Pqy8E42kM40TGE561g@>350^aI&fCMw}=xaeL+$X&k#pkg{oY3v|kzk}t z5do1b@n#gCZAE>wf8Rz&Lg1+XWQ!&bqI7gJ?vpL7>nN_|tb+f_h}PqxHd0TUO!Q29 zreDeVE4pPwY+5<+`LMBd&Ru8(4bd=M^n3kyG{tKS8SxA^aZ=nfqvC3w_1^b4a9g%C zEL`2}u{H3TY4>*V=#SAnB1#;b?)%O3s|Z~o5#qcWA94~0ho6x8D4t%cUKDD_A-3|= z(VbecIDhzazwDarsNGc07j{u9o#H~uv1zQHxTTW53w*E6H5p(855YrDDetLY(?+HP zrDRNkt29iv@0oVKBIs*CN5E6Gx(wQ9(j5dwO~hs22dJHZCMOhW=iOa=<1(KOR41e3 z$uOzQ`#{&k8&3=R!nTMI~Ba0_b3|hzF=MOE|VGCe@zRM(!zIN%IRL2KfX6)xkgTM3XyX>N064c*#h5*Y5}Rg-!cfa z&N+bdCte(nF4vxwq7TlrkrPM>uXdFr?G@L$y;Fmk)%z< zi!x(s_H5!}nMw#)U0?5_34p{AjxAW5Mm}a^zCsgESaL0WmY*=4IA7XF{P<5AlJ+hd zzYs6@cBn`$1@#3nGHg$Kb$ezlTUP5XCg!0mRodiVE6+b4;;fj-LQ6xSE1SnP&Vg#l zUgP}Yn8nFi-5X&~*s(tC>Wkq$US{BA;OD+&PBrGY`1|bMMr&*=v(Wf2^#c#enUVRq$KoY3wAvN{V>k}u=tOYIIT{q* z;>xxP;adRT?p?u_ci}Ww?EfoSo2y}`EJ@^Xx+7Psyd%YEG&mZWw_AAt;* zsco0ETykpUE9n&2fNKAi_#d`1YEyn%_m+dPt3Z;La$z5zr*I<;25fSvxQDNHzSDK8 zvvR7ev~hXHT=T*c*c^lrT3JaCYsL;|frBE6Bq!-{?RGzO?0}aINqOmz$Gl#TuD{E( zR3(_sg|P1=$DCIZDXxcf$!o`hB>K+3&Ar-0zUmm(9rN(CieOIPk2?wzA}St=xtLd# zd}V2K10<=mcjDXc-O4dm*2u?8o)fXGT(tJh+)Fb(Fp?T|F^w?wsX7In3xsEa;gWy| z9YfP1bSkhw7Vt~(D^BIBkN!yfBEkmZC%JnHT9Y~hjqJ{I% zCpGMTgB&Q`dO;)CJawq((oUryy~&^gfm0wea3A5?j=z389g=<{g1!K$Fstd>OX)E6 zn`vVyaSP#DKjsjbO`Qo;g zW(f3;v|}?;c|ic7g4pFlw(I_!cd+;K{FRznP$Su=>ue+6nPheXsm*7m;Dq>hQ395E zEl~O))&hvg1SKnRpL8W+pFx$!PGn>4A*3~4% zVu@h1M}81?ZbqNip9#4-<5rMH9)C3Myr`_oS^NzYbeo zhC7UXnji9Pv~Vla#D83O^{y(J;6iWQQsLa;iZnmsodOO&zUMTs9J&E|L}mXW_)}s3 z>bU=JN*8b0{{4AJ(u*^D6XW01sh!XI_>8cSH&AS}VU%j16{}J{+-_iHk^Y5lQl6Q5 ztNf_6ly`*_qhphu7kN(7KX)~mUdKKBTF_y#KHF9gv@PR`o1y|<>M!+S;;kE@DJ5$~ zGbY#<8RKs7X5KEv?=kUVrNJeVIB5v-(o>8&%)8bP9XFsMGo)jU`ea!IPw%Tpq%toc zz3F=)r&BBbXx-^KyKs#?a;#9&NKHW6)oS7?bQGp#DgpH$wcD^xkGx#9FtWPbA&glQ zCAGQGBU!rGTYM+~)&G&Wv$^K}5kM+pCLp#l!MK#!b+m>~ z7Urk#{n;OWa!Cs}%q=_d{`T$XjEb1Tg-C~w*74Y&iqm;=Yu$Q7xGyn|Fixt;?hoE* zzy~>gP~yz#5c~rXp--?=T1#EQ;xNln8h8;V@1ijg%0W{fXgYQBKFpt+7y^#7Wr3@! z5sWwr?OfyO@Qm?(iaqPq;!hRy2Ong>F-RlJc3Ne%5ufyBKl(v{93Kpra1LcOa9;;V zVn5~lu{cDJV`KTZSSe0#K#w+Iqp%+u^T*vU+gBt@fnG4q?PsPChhU@jZP2^<+G(F&rJ(=*Ue4Qr(ga`g-K)>u zj=cYQvBKrH%HOR!8?KyrZ&bA)OXz>QYdF$Z_obyxQ^$Kd&A|$R3_e{Z<^M+p@5nN) z%z4+Mw2`j#{rGQpR3S1S+k!D6KP3nn$_EzkU%R$#YW2Oo(+?s4aH_i<{D`VnnVb(Y z)ph&0c|Q7Duiw?8E*;nwjhq zChb&#SDQEOd-z8iSN_=3%D4pov5+ZdsF?Z}d#44m{^_A}13N2ur-h+UxC;7%=1z}j z_Fv`%Ye)}YjY%Wi>B8pYbB31ZT$6(nL=-;5kgqNyrx^qM&Zjp0X^!d8-mpq~)H-^>ptCc7ETYqEC3?fZ)rLQr|6BBb zCFoFmRQL{kl=fi>s{^izrJ;$LHD`86UA#fZ1Rhg%DH-|p`wcmcAQg|YBduTp_e9hH zvu=PHz>B8IVMpkuX;GkmzJU5IQHGbpfS55+=~W(d`-+zm;XvH|46n!&*F1JXb5Oh{=Hov_14rcR zd}hkKIxg({pGN2Zu|X(i{jd2!B-J3Fw@if#Uku-hkOT8fArf(ql6b3EIj^2XdkleQ-Y0;(Y%k z)rTa4^*B>DXP-@whuilcE0e}E^?I33Oe0!e@w^Kmk`+#g?0)<`M9biBqEAj3kEz{+ zFg+)1WLt}Sx|R+IGZy7hrT0Js`bK2MmBwhqNS~ImpLq?=lJlj*v$zgtXRNzYJq*)w zMjgQ^N@sph;2B}2iHP+vTwiK9Z6;u~&TIGU@RrS2G?$5{&i3pr`Eg^N-2RJy-M4V1MPD zIdx4yfmerD9D_9Af9#sH^g9vsaQjQn^Tx^N6SdHjw_Jusj}&u)bM)r^d^Wp!s>##C z<3D#kQ8M1~Fk3e^U83zf^;b8~af@m9rz}Z)`|{+hfuz3#sgQSxW6k*rt`>ybK5nnIV|-#AW2O80 zbwV>yWoxAjQ5JL^?TwUK5t!wwFg4dw;unl-(Xr4|TBL@AAD`fxfa9`fLV+mfX~fXN zxpnpK3a$<|jgkWD13sB!=U5H9a29M4t^*mG3@FgbWl+C(ro3}2grD*Xo6}M z!)s^J&&u0I9+TFlPGWyTgufWMUg*m>BtaGvI{sC=?X5YFx?jokvZ0E(SZWV#WuM{V zb3%z9db6_B8u-~bQ-C;xbayL_2!*S#qaR96rsn9@p7M8xh!{8Eb|E$3W}x=P-Kfqj zFVD_dNFL9H-ERA)MJqgrsUPjfEc2yaVgR)>kl7}WpdPITBO3Feod_fnXX z3`cTrmk>y9RE2xxFJWK8>&XVjD+Y#yo_>1}A|&O+k43QY4LV3qntLffhBf&bma#70 zflY^fs%f$n%smgt%8LYEdM7Rjesd0&#XSsrteNx70`{Te&@)-L;QAxNaSt=#4yNmO&_cme z+HAWMyl|E>pg4w8$=P5Zb9YD-GNpZrM&%<0<|4kiWtBe4J*1CuHILunBvt+)fwX6b zxO$HCjDpEdy{NMpTH7uUi_@#O(BmVbP!UIqv!>$E8<)kdF0J)3 ztbz2cJ0J_Tx}o4N=bZQ^Z7*Yyk!-zMFbeg;8S+w^t$F2KSEBPuHmTAO_XrQoE3kQJ z>#{(hPkrK=z^m#s+2|!tSWG&_l$9bV_EUqgc>!fpj!w5PbSBVrfp?)~?z7OUvbHYOfwH!|wtqBS9QN~Z)*tsF`@6ZUv|D-XWI>KFB3 z^ayC{RK(;a)#!K9K~^9RPT|>dR$Fvl6{j5QBD{%TE@3FRm2|G{pobdR#3)SY!9N5g zazkceDiCYl2DP9N;yRlyEYFR@$UZ;I9o3|d({j9FP}CP^8T9RE$~aku;D|y!_Bb6w zwJJdP7r57^z7QX&o!y|4w-mS&45^^r=gD*J-6`3Wp91TW9(8Ex;RO8gsyS_lDL$%_ zXy!Oxl#06#$os8u&urt2^M1W1?t+{0*XJ@_fak0D@R_qx-IV5s9OuWp@9UGTefK78 z_`2jsDM%V}EWnrpTjLum`PayzO4ycCU{U_b97i%*8Fhpx7k3bYwa*Ki9uKu9DNn@I zm|$mVrxIg)L99?tiCm(vywFd(T$nc2WNlUrgRTylr`EnaUrnQ+XIgTQKg7P~vmQ^_ znxsiR*16ktP&R7J?#&}UBvIJ@gW93-2G>tw39RS~X zZb+X!<^vh^%+$R$inHb%X6Umn$$t)6(qS%)Ps3)#RvP0GB9mhy;n+)~%yt!*yFd3^ z)UM}_6FOo^sr~f{sC?{eSW$4?4|(`H=m>dq%nsLIa3r}`XYQgDKV+TXd`Mp|5h4n2 zTsh(H%Ba=n83N=Qb#^P)?Yr$af)4u#FF4_4j;7&7e$8C+%pFT`2IM=sgmpnDg6pG` zP8NHJc!3hbp8t(!tUY&ZKOYZCDE1&GKs?|J(=ZTZ<*`U_=+|Ps{5YYzmw(bP-e(Wx z@3abEdR%%jd};mBOD|rISYIm3?MU;_OR-*wak~om-P-TKoA)PGU#G2lu89ca85E|1 z@uAd1x2yXct1#~7i1aNF!A@)8+Bgfwwo~;FMX@QFc;y^Tcigyg2~(1FRpAkQ0`OWd zs0!$YVJ3Oieywj~lKFNigGtX%*ur0po)KO&ViygAq4b+$@p0RGO9h)RyewZ8D|q{0 z#JP7D6yXl68+SDL&p~XQUR|QZ8}OJ?O~9kNMw3dlY9(|Q;Ft*|^1BaTcO3#OcAD&K1XW)CfHtP-EYr z7nll8RqxjOKr6}w`LKqDF#$mS&X+L(zmRdzUP*uc6R9Koc9Zkz&}_$>>$+Rh-`-C= zdP!@Sn7}qOd}i>#8B+X*=>EnSzpT2M+i%$RBE&(a^0Lnl=rB$n@@PIFHTRLaH*$`b zyHrfy9If?7&EoDizCii%nLsDw9{rd-&Z-)6hI&LF0wht&Cwr45T z1?oHf%?-$&FC+L(n4?P=z56)~R}U_!L6Tp+>52mj#uJ&%sP#PgGLi@&*EEqDDl(4T z7JW46p}t7_uAMRdkt%;pLr~f7WqiL05To9YQ<6w13n)TxziilN!CH{HjL5&MI~`!= zT)DXy2Vv7hecwumoUP(tK?aiYB0|UiI{=%=3ol3oY$dzo*I5Mb&e`#Mx}`068;!D^ zz75q2aXn+T^S{W<|H3+dX2`nhVw0J!C7}n*0~bY%;9dRI|gZYN&UIm)%JfVk$bA{iYg(&jmdWy*UiIB#$ z$gO&wxM0wdl49nDf8}E4Vvo%q>4g5WscnNfgM}b9;-#y!a4p^rrrz%sVHRL2HhHbg zMS*ooEWsxc=YXt<32LZUB96y(-x7IJz3Tf6M854b(&ITpj6{7x`m9c<5m}Q~yu{6Y zO+kF@?!m^HqK?XR8mf|2){im)^iv6~0rQ+Zq<_=j2vEe=<~N|-C@nBjHdx+22A2V^ z!}Z`8B#fMtYpq>~5SDok8q?h6(rm*&Yr>C|gX)BH1dK*Sg9rQJb)G^pzuIs5Q?=Rt3OAe7W5kG!&?cIOCaEfM8wUT96^ry(mtEchkt%w+x( z)F*`jRODvw>?^vzHkR+oQJ$*8GdqEVm7fWivseRK{SipH!1j%a{79e#KmJv)H_ z)H%?-+1|U4&WBmUQ?*VSgY8#s+56xhn==qMP#;jS^mML0eT0UW=QqqgWH}3*9L0ms zu8|Iy41rp^Slpd)O4z(5N?G_#44D-FL{CY=K!*B<1W$W(@O-M|yP$HAibDX5P12}3 zF9fgtXu10IYp(+f@A-L`}G$AgHz&udG}&C|0;*`%lD^;G{Z(0C{{?)H|^nK`nZ zmDLrTzC+qor>gDfdz3gKaT9frCD9f)HR&d&6~seLHdF1q!koQlwo}6H9Q82jy#sn%4x-=Os}E zCfNPeleuKHD$Kz^A0VvQF4g{o?1;5bTJtkR_`1S6AUgs`VTW0co#Ne58QiL;^&cl* z5C}H#{UQ4JlPI_kU3mfZiDvs1;(D?B$Q%0@kQzRcz0O(JUrP>JE{FEw%w&?G6rig= zo%3P&GYuL@E%-`2Cm>IEIm-g+4WxkF=$2h|e+&JRUkESbT~ZRht(qw!eDHSBSLemr z6V!9UH620)$8q|jr?$r8ga!0Cc+=}wKzFLLvS3nsnZoK<1}Z?>w>9;L?&g9!#=~jiB$o~h<(4p-<=!JrlmyCOqmv} zYi<+)R4y;GY{)8{zoM)QzEZ!>`MuaLhMdQViH&X*P7ptX?!6kxjigi{M3Xk{F zG<)l{8fx45n%&S0yXN23XWo1j7qzz=R-H?5qEkm!JNgN{f6(BR`vX1 z=H{pF{hTG5U7N+EB`-X!JUoso8<*`nG2%PH2Lbp7tu4|?#F#NDRjnxPb;0h3cCmP@@xcE527uM@7eKwJT66FPQo$-Xr z{1TWsyo~0@f-K|LPh)S<;^w=1s@uTIkYNUBNiHa{Y@kPq`Y&Rrzww$oH0RZpcpTTuV*Z-IX87HFYoSacNO)Ibly>hvD#* zt)#@(mK5Z5acN0hsgF={8f-YTMp~E$=6n|NeSoP%#&Z1xmV-(~`sbOWyz`1_rtqCyzxCrzQMkYdnCH*NqY+gYk}M8ELm83&Ma1dM%ha@B7ZDX z2^R=)@$X@3;A`Ptx{CuMJ%ysCyl_g%$PEtc1zNo*d{aW@JI$<3bz=xm9O98@0(w;H zA3f*gvSBV@TE-faN??i;Q1;}?FgP^g4a>9+QHZKo>ten7UC+?PUlRZ>YOGJ zzb#k95oGZuT?-^Vu~pde-E+_T(0078+wI+k=cgkVWye9p?Jm!uKjsX!9p+YO(oA+& zXmxA3n5k04Hz(Fwm|X++|+P$x`33P6Kmgtpr0^g;CIe3TSa?1!9$O zWow7eG1~#;FVC>stUKjDlf`{?-n5 z^p`HrC@%Z;>j6?F2ow#7A~#s*xbr_WALioKh7m?5Y?uK7z*!E6%WD9tDa)16cu?_5 z<&2EJ2CwuL+R#0bxP9V@r`}YnzPbOjBK402&|ho=JZfNPx)a@y6D==SaKxaqOrJYPeG;C{RQuEcb49d+`Z~`%yu%48~>^E!L319c6{z9;9F8BqBc2HOTk}knbVm ztp--t&LWK)1pU1n%+Jlw*Zh8Vh?6D1tIu}NrVl59RmkA74oD5x!w!b@u4JyaWd_W? zd}97d5NG&WC1jb=%tqk`C?8;b7(X z``H$}Azmi4z*U9Az{%dh2M|%JhGj>2i3Y7$*Wc^wM&Bv|NcRn~^R&YBy2Ut5yOtVw zzTz`Yj= z1LrvsQ+{j*;Dg>0?;&!CQV+i_mW@lzQHCnWC4C3qd zbfKm1D@Rne)#_e;eLE^Zie0V5JMOT0WgEW*7f&U`7wm=vT&Q`rLPg^l=*Zf&=3bO8 z4^>24yifIMzt+VX)js^^I#C*if8Tx4e%OGzApaJYum~A<0~Q)C;5h4^)ODWkZb+j< z_OYPKh;L@_28mMlpt?89&zGl-3%zAme11myzec)0Sjqok1Jf-qN=vk|{}e8k zxb78}Wx0|$Kt=ErkSJ8<5PAY+$`6+96Tsjb75$R=JSG+UehqSMp7JP(aWb1XY!FWA z0&C4u6oSEPx^9n=Enqw1YY88c!5u;1P4?qt5s z`0XC}Hcg@KcQN?hKqI~waZO5W#g+6zK|i*cJ)?1;DL8(lj&J{j(ih>P%6kAfABJej z>z}L7X8P|Te#qIKbPL{;S@+nF{e_n~>UK5Phl#s*e{jrjP7W(J8D;$M!v5X2UDiPG zpJ5iapXVxTt+g#iel5Nnp>hxqxC}mG#xNGnUT(?l-#u6}8i7r8$=d7Bwl%&HvVQ@2 zGZ{~s|Dtule-BLb;ac7~{3Bzc7K^Fn|e9IxLWII1L@U zCQ-}O=!?l$Fq_1O8|2QN^na&0<0PjF%lIeaqsdi{S8H%W=*#7EY3x7a2K6#@MwFkK4FGB1WR&q<+I*(iwdc$A&$e%fL zmTaCvND$9&>JWbcV<*)tslO=uXfdf4CPlvc3D<(N#j56IIK3Pd;Z>q45jvc`f{nR^ zSUyMz+*Hdt-_7ZuRSp&bp~Ae_L$G|b53%h)=<*%LI&~9Yd!Lhll7Oj3&%u=LlZg3< zuOf;CuZwcIkv#YHRJWTakb!(_-s&j`Ghk+I#yl9a$-jlD<%{vI`qG%y%DoFxlmGa4 z>-2;lJdsur`!Ahkuyr9;Kxesu|Ik^~f6-Z!fePB%rtOzT)?SyyrB2dHvd+-rL@?T) zUM*2|s~#vW51dSuJT}&GH_s@L_Be%o1w_9h)D;w5{20d><84666Ugu&}jDx-~1P7yOmasOOMb z{gr~p!0idh5QzPHrHCDVWIpA~1%5N2&-yX@*Mg@j@FT3aJvM{y!8*-gdU#GO+Kcl` zP(nCrf&@&1lZbS0+UGc=>vnx}ash{H`^}Qo>8LwbfD$5RBxcjv$T0e`b-U3#mJ*(M zgO{{*US9-~k$kA@(Mwa6_I7Sd^E19~$Snkh|JfzBWKyLx;@fu3mRqSU$QCcsr z!t;n@0!4(J{2_S-lC~xTaxf~auuznl-=g|#nYETVY)c+Zk(b0)ui3)JcewmJ!PWuZ zbd!Im_k-zxSVj2^a=d6U&en6z8-!(-inwY$Us82FhjabJ9T&p>5&tbfxZAV0cz?^GaSZeY(@|cbMZ*`cO=78$0+11+HaZ| z2b&YW4EfCM^c01gg{$l0YX_hG$%d^ax!d!RfH(c2A8-s{q!0(ts{xw?$}Q3@AK2il zIzhILXEv8fgEC@pnVrW6g+l)W9cKtVn?Bn;9h09E)^GYH0eyAe?jvsh8wsg5gHj@q zKU`|wN+O^VY_IEQ4qZ3VpGx)njB=FVU>Pdm`>lq+hORG>2gRk2;F5eK%>Rvv(W&vS zLVrjx>^uJL%MGU~6(}guUv0s^*NeQoL0I((4wP~J9_&rbh-Z8B&Qs4b)B>}|3wZHu zZ5S;0+~|;gGt!g)%@`|-=;BdBTP1HhbH44`5EuIwg&Zg&*1l_5 zKQ}-dYf-RTm%m-dX8M8s<@yukY?p^uc8rK%&elEKd#n5}tH%#+fb*_Pq(F+I#`jA| z7-~zT${M~RENOuYzUGbkta?fx_Wb?r&9x(SPq7v6@3bRUFoRlyQmjHcjZNR5dWb0Y zuG|WKmk#Lqzle!0BR{u`Y72t}UR*la8@bX3R7jbY`8j(XDr|5dQ69T=+@-@n4!uKM!k1!SDMh<< zB7zc&dwFxmDV*;s^s#G5yL(1^^e3(#Rc=4oTXiidKCkXfHhU;3h;&~oreN?GQL5NKXs1)$(f!FR`jux|?sqdrwjLger@%bL52$kRvb9`*lQu~~v4{^G?-^)NQD-e0W-5qr>CfK`A!UgFrIq5e=$rFA5l%T}I&y^g zG~qL<+HLKovY}oQI+xqq@P}qh)QYFcJ@L$&pNEJB&Ouc8 zQZ?tu=EZ_Ubdr5H?o*S;iL~u1|H(j^o-sTFJ-;ladcZ?5sYN90*ID6UE1B_C`(GFG|6Ax`0+l7flsmIW zx$5;zmpq}hB3C0J72cDQ-&daaX$E9Fe$5HdyN3zvlQI51Gp2yoXN?dyv;FzMUZH;J zOh%(GT>fVJk1c_xF1&SE+;Mi%H+$(^G*XzbLpWExIZ1tXs|7}GTQJh_bU6xBi^R`#rGgf)b69J|7X^mxW% z7>Mc{Kt8tU30W3d+edWFTuWgLuhe?*BWp1|4I#+ufljLh%&f=_bT#YO0N@*ixJAp) z)DP24VvDRqvyk;{3Ak%(gt&UC4ze`S)CZqj&F$TK4s!gGD~NV!`#Pl8yf@8WQ(+q_ zfU=Fd+5+a@jzTxy-2~R$!#EKR!;CNM%wdX9kv-MFL)=V`gv{hg0B*aGp|kda$@my_ zkS#Y3x-~YR6t;)6mc4B|R;oR8l~wLKX$Fjb`+a3H;ry(C%9CDF&~|4#?1&V~w8z$< z24OYSyOWF>!W7_c8t9CVE@XYFSsMrh*wQW#sonf$cH?2G(%M>hF%9Y*`oeC!mgahClUl;kV03R6#s}&Bh-PAwn<}*XvW+G>B_w9;hvU zLqA6q&o=Eys)=xAXjtY9;~}0vKkT z;kAIN(b^E9tf=%PsSl&k1;rc5ZLVP{qx%IJGDTs(lm{DzfY18@6J+0%RRFmcFmR?sZU(;kL< z9Bng(jMD;qs#Xfv_S3)8>ORd$Ma3#X-lI&#UA0yWhEtLSSy!E~?*Xi-TuyQO@U4$rcRV68}q%Z zwaSkKPyJvGLBomy14djRbF7oF(oMUxp#R3I*C(#epZYMTnOS zp|1;EyFUh0eN1_AlH|!ejpytUvNljpy|R^x?)d9`^6qzGukXw6nadeEu*8?g-}^Z* zA7t<%&S@Aqh6+wly>rp#0Hs^<#8*R+U%SNe#dbZYU$CJ}<`tqA%-gP4fyCp6IfQX& z>hK|f)RmQ20o`&mU@Q#A9`5=XE-Q#jz7X){{T{%G>NgBUBm!3$sd3rPoAW$5z}J=Iyg3r~d5qAH$tXhoy-pSNbEJDQXJEE&oMEn7*T`#F zAmH~+{IrV}z0i0QB#4WH9D?-F?D{}WtT}eTEz}}Vd_u;a_E$WN!fK-hP|hvX1@cDP zV<`^pi_+1~oT|BiNnB*JEr0Pf%7dZZ2_f)OA!7#T*p0!wAF}AiIid^S#SkAb#E*ZR zD37y+J2ZlIH`kt{Zq|Ch{2M)R83I?18Ap`AHlxye+c}yijZ$-(3>$&qnlDTYw3_~| zJ0+ixCh|<{w|$bn$HtRG6*)pGYt#99mBHd~jS8}a3I#{Z?h3+3ROEWGa?U20hv4&BlUD&>6<;5OHLbUByV z*}R`sYw!6BkUIj)1awb*-V0D|A?P4R?CA(u(fgUG$4UEn*n6MEIXkdzAqu z12c#<#PyQ`?!z*I-bBB|e4lvr7x+<;VDmiB#(Q%jc*SX!oO&)MF~Eke(^BSC0eOcJ`!}`@G#|I+zMG(g4ZJ`7()N(rpnXk4_m>Q>8y!%Oy@$S__I|$Q zvPpcIJfWkYB0KrW7lZPLMJDwwc&Ep55)$g}vna;*I=5-pfP|e({YYwoy&GH;u>e5E zZR&Fu*C#kW2(fHyt4E-qsD;W+mOpDNQ-yRlEUIZ4?iorG2A`MpE6@!}#e zkRF@_Cvv6HoK&=Py+SJSB<+W<+%B;PD?bCn+ zozqMcczx++P6&u+w^Fw#O)Oo4O#v5Jc81tJ{O9BhomYO}L9bzJ^1{F{26?N{fh+EPmLB-KZ7~r**kA_`yOsb?I+VE!7*>g$ByRNQZguu zQsR|ZPJCtr$HVGJUF86%7iuInMJq-0=yqPL}EB_f|oJLQESk+%lpV zQLNpno2u|aR*vkvdM)4jc?8b!pEUix#vfoed z(;0?IKxvTJ^j^?`L>z@POe^UI57C4)JsB%wf*)9p@D8>lI}dIG&YxT8sz7&x7q1O` zD2G=agQ&z92tU6oA2XNd@l^I)m=WC>JDAn=J(Cbx?`UwSL>nS~`he7M=MK{kr}nk01el-2=H{!& zLgXH*z~}>Q{4vQJ?~FP{nS+CD8|w3jw8bE=dQMP~0sAF?^a*r2dq3m^OKN1Wgd;;! zpRsDo;slbKG!5z!C6d|^RY(FvT9DXe-9t*BX(d_XBJmVWId(nzBs+;x+6eCBH=`5> zue5J#ePsYnK*aGZ4vq-BX~EKbA*}rFN+zZmw-P&Fx_Q~tDQJ{{Q!8hx7eK1;9XJxj za2g?w*s5nP(E2F?&2`Q;lzVsQix^w3M|2BBl^yAQvl^m|b{R2g-M6|-#*gDd z15;o*oZK2shiV_DFw4%wnE;P1~|e5 zZO;~fW!gvTj=_1iUEjCrYA*=hs@L$o&ob`*KHxW<;PIE36KBS%!|kc32qfF%2}qx5 zTopH1O+aQ1UBf&WmGkMH7n`2&hCyMkGz4XKH_JJQBL>U_AT+b|MJy+UcauFa9$$ob z0&sE-t;(_FD!_)~{boW7o|NKPV9kAoR@s7d#8V5dzeo45pJS>&)JDffp^vMyvnm$Mc`!rC?M7!JzSBs|l^J7N&f~(e4W9n;50N3=k1^(YcK(~h;T(8)~W0fc$b#=Dv<5igti89TXo%A-yJ3Q zmZ8go+C~M7Ut(2;Tp5W>$LM@F9PJfM)xZth&YAUR7MASk!&_L)j`+#I;>3eb2;4%u zWB6wt_}%|h#VY#2VexN&nkp*$#&>i(JHVS$tA;M_Ml1;7(pEHSxMt>GB-weiF#99z z(2O5``QtZjsUy&`rp^=0+V~)$ZW0QE4==-AIM!wEa~7Azzq&Xzi7QBs>bU2yKrQ?V43gOHMWj&znV6HUcqaap^jX^6O zXa$XuY`)QsQJX`l9}O1XXn_zZUK97HAEpW_KWbhoIaE|=vbHe{C)oVl&;F#yzt3Fb9Tm0*h61{Mot;AZCk#ADoY42d+ha?QHzo`pt*46pma4Hjx2e(aSeDWkLNM6DbJm`>QHg z_$wRRWk?kynU~&>M-r4FLO7Y8{qxTXN7UohXR!a`=lzYp4ejQ6t(*zu1`#JrEZa@u z$8OP%?iHXU*m;h=Z+-S^1|+MM8Ailm=9invhB%AJ@KrE|Ku6PN))xOUmtUp&NClif z84+)Ag`q%yi#L5Qiv~1Ic#E${iG(`t{s+#tj{21-@I+_tJR%j;R1}{`>r7C_HBJL8 zuO{D|3>@|?6=ru3UUuUWZ?rkL0-Vxg*pt7QNA`wY8miM&wH=Z4|DOb5CFxx0J{tU< zqx;{^e=v^oR~7{I6r9(Et9T1eq4{yidoAh75n{$cg$P4aY3RrkQAIC-+Krih>m6_Y zW%HGx&X~QYi!as=oRU*Mza$nRWTxS%7j<1nAC)Pgt^hocDsZ^)=&);T-3FeujkVcn z0tBuXoO`o>s88;C&Nj=5RJp?+{^-lw0M-;Zy;tjkOrl@9cNTgl=?D}?KSOVTzAjP8 z^>=cAZ-3TxBR%AAeDe1%oD@Jf>tjwyZ|WdiMfgSth^j&2+Ukm@Cm@wm z%={a~vyKZlix2AkK%77TjB}XQS9_YLye4$SuT$k4xmO-a{O_Kb*8{lNIM*5vyG4x& z|L=eCV*DB}|CiCU)`)+`iv^%|{Gj1t$-k9Geqq0L!~Y-E2)L%M%n?>#qPF9=*|tWF zD|9~^i)CYqfFc%|SQia|zpM*;-YRqz-^hqZDPD6Hpx^FW`3(&ZD;Wuu=+=!g;B)RJ zKiH~F{YGDI1oW8K$7QRC;z3jxX?SJ%2`CUNKZus1_YU}Zu&k&@K9_l+q~1S8lS}#6 zY3Lu3HRoT3tTa6C{{s%+v0sBv-$g9$Wej(2aZN57)M7c&6~@q!hzPdcP|CcX+eFLk zk6kFM(Ytd&fpb((7ySy~%08_YoxV+K>vl4m#0BX2P<3F)<}aZO0JQDH^F){1Qr^ZD z)A;&v{~v(Z=(d!%3O*pYPl)#|UBe1h`xB5P)KBo;fvC6-om!J(*ec`(s}VwfT0?5} z-Al8-R5BokRHm#03~J`Bd6&aJ{XP<$P2)P{g%ZG{6H9h$83N#R*GjP2Q%gJRyAFEr zj-Z=US9n3v&~cu)Bg>ysw%K9BXFtqbVdvOag@P@$)P3i|=52zbRCR`;@V5U_oEVS& z1cZ{UL;Ss?n~OGI?C)T9uXsxuZHLiByk7?NIa|GULL`)f(e!wXvDj(O-3$WOF z0zS+m9QD4JpV><-Z~+TIz(F8OvL8XtDOChpBY8UV>IRbUjZhk|btl)*-Kd9a=&o`!Z|**=TDWuU!fu-#k{xx`yfw@((-Ed3WNvG5&FoWBANV!d2U$t^@qhkZ+K- zlvdbm)gFB&jE1Tj#+$N?>NccAKYB(*>tT% zHWtyI_GxUc4*c0;2}ixQUtMZ9P*GddPv0udJ56o&!3;l@A7Acverl@p{H8F|S-?(kp zFWfeF=W0fHP1cjs`k)FkJwMv<`**Sf%JKkgikIOE5U)zoN zZg$`hL8W41F`xg_7wIop!j3T2(p?FsoeDIKqeO&>$=S{$lW9oHl(ENUEU=u~>D{Gy_vjtjn$^ll>Gjf=xa z&l&Jc9IR7M!~k?#xoX|ZijNihyA6g;F+U38Wx&5+-tTJOpVZk(Y(Q<5Fb5#8Juza1 z@N0UbZ>S;2%0&SZe2uVU&LOi-gBa<-TyF*l>7labGv328Jb0oUUa`n0GyL@C>e+Az zGcw}6yNQv!F5cv|qvffm31=un{>D{#Y!3z4DiA%ctaOtx)^u(_c{f1TA#jQHo^PG4 z16sadIcQd|S4CP^`$EPWJA2swTn0@mRuwlL%J55I@Js?HB7muautc}un^eWhHFy=K z@|-cYz;b_u2v}Zf3xQj)mAfD+?r%P*vEj6UJE5VaipXxISE z3RXda@lU?lb=9Ko6=@G`xh_le@-j}9@(Ol3 zY)+c$eC?#&C@l}Ym1h6#sBDqLH(8<67OWg+`RwvN6}rVeL1E{-$79lGJ|KhujFr|q z{LuIxDC<=8-qZ4C0HNiZMwGk?=&d!<+eH3dsKgHBF8nvPQ$QYKl=Rl~W+p8q^Bx(< zojVx=_fKu5+A>>I9DNwOFLtnZba^ScKB|1yZ0WB`HXHREAyQ$bh^2XS=lf>G1W-iy z^EqX|(?vjRGe9+oErT=-Umh~23=+em(af3iur%>wqa(DLA-3~E0`16`m-#fpe5`W6 zKAWG#WopWi2NB99MAV_2Js4N^!7(w9n84J}|KY;gq;d7`!4sDn%siV+Ddm)7^Cg?E z1>J=0ft*^+xe$YqzKR-&gRnp2%-^D2>n}f?fk~9weHJS7{<>GFNCoYBGX8bt{3J6! zaXGTDFDRy2<8q-)?X?*9INP9We*yFzhBMgWD^JPcY%$sc>f;@p#pdHbP`-@x&)69Z ze23OW&FR%FRsxeyH~B2}>dat6I3v5j|3qW;>J-kW^CU5Kp`#>cMxRM$gy$k~1(q)M zHzah9!!Mwy(g_m2oGezbq;CKeDXDErODPef#PTQH#ML>p?+;R?Crmx2Rh{x~jELKb zXlTLU#?4|`4xsF;O+(o)OpK}0DE3w=AdZ-5*R@##leQo znU9Q>HT`@8h`}1k$@%w z=`eg4&H)+k^Q>M1eYNdp=)eUOu9rZZ(9rh%$y`&%i01rIGDTN`|1w|+bFWO-fP zRCcRUEZ&xW#6Lo(&g9RmxW4hBiT%AMch3Eeyga1+Thz3ksJN9|QJI*;*%r-y5#zW( z;P>0bR@FKOF}RU0KfP%a|KyrRfbB*yJpaFd-Ec_L(}cHYN5}U_pbHaHQYmf9<`tAr zda!3T0orN9hXtfm{5QyYA`-X&(u&Mh>S^tT=jsD;I(G@lzjBd~6->ac<}h(x{jxriKnyZ5Y%pbOJZ&CM z);yu*&jN+bi{bzo3tko*9`Qr!-0bA8?CJTeCcQrO{<%ApC~tK#$Zx=4V)rqC98%Zq zLvg0};lZOc<$;oZ7f6201N)?s1_Z4^|^X+!HX zkvkblRP0W-Dh?!pBV@qob zJgHnS7--bfd1z7=EEjrU|EaIB;q(?=D97Rujw{C_=2m?00V#|@OD7xWZJ>4rE}1)# z0Q+0`-M_w>Q#FQdO9&zonk03i)0VA|V+X)LX`#+r_?^DFPBdSCrX>R{YL0#R(FtGi zR)T($THMHv{G=J^x-zBd@*f z0ubXQcsOxirq_!B4=nf$hLT+ywyIB;yA>)0(1f0$2kS@$SVZ%gjrl|$ODWX)^9UF&14x#3zH!9M3Bu(n>`y098c>m1Do_mk{TXK8ru=*@iz_#|T&$kap? z^1#f%z0Ev;=mN&7CXcsgzeX(iGJ|`D*UIg|O&Y)tN8ig-`J`5c`_|MkCE?_@_w*Ux z9iY-P8kCs6$F10-I}tI|+f?QXi8zjV^N=|A z>5%a?nbHfo=&CNa>n@wK6o&3xyWsp~{!!bKh0wO0$ zDSqYsZv~e!4vfPtCIaS$-UfJu@@4%XfT=vm`Gb+Uao_4{aXg+3rZh$xO9CAgO8D%O zgEI{fM9iY4Aa!L=xCBw6<25|6|4eJY-0>qm&8xD|pS*`jga#j(4w~W7)3xS*3zS-a zrWVMU#2-Nzsn7nMiJp{Uw)cRtFM~J=a7@|uPDo!(G)CpWhN-@N9Bb_uF+tT$?d6cA zp+$|cK<+21l}$HGc=Hzow!bi=CPA$Tk`!MhRJ`i=F}q2n$#@dfz_#Cz0WNIX zwS+(6Nu0w91sq53dIAKSxA?)K=lJcmZX8hnTURubCwgWse^2YSkrH{;AYh6ZJY+zr+>B*j~x^2&P=-$ zdC;2+6e_TBO}U;6kt(jl3w5{##(FItLCy$vyoVb5JbXtRqfGa9Ir;jGrR7Ywuka&L zEwS$fK!K9a81z*R`3Kg!;L<*ByCbjm?F&9IEVpIvd>chWRF-I$dYX@qZ(K^bOc97f zIo~_}{l`Q?0WDW-s<^mIvd4bNxW0o*i^gDaEm51fh3y{x`JkC_^LO{>*hza7Ot}Ru z7}pYVi>9Wr0?UXzxB$0u8an%HnCA}Y3EiX1mS)K6Rq9=cl1vT#TnL!d?i-}GPi?p* z?N42H4<8*Cdy>|o4;OnZ>=M?3$(f^Jb5KEx<6=F+Ys}^30b=3YPuW1l4U^WIoS)aMFrI z=?&gP+~qhh^S@p%%AtrwH~t(70hHv2_SxR`D(?>as#b4!pLoyCcdSWGXG7=Njl_!H z;e`x$<{r%2p?I4oX9&zAL@LXwUmh2A+I=!`7*=j73E3+5!<)2BO^t9KN-Ph*d-hwq zmy0tgk)`nEW8bg?`gY6ptqLit)-mUxX6)!&G6U+W#K}_{oG=QuR~%uKUM}O58rn#vt1jO{4 zdK~nfy)Cbb9S*~iUMLspKz)})u+3$Kq+iBAWF^ZG(c5VIb|cTYSB+H9>6W*<_;+O> z_n3t43EA{g0Df9JgxsOZeeUx?X>(0ZMt!G)S6A4ZR$E!y@W(WUHrsNhH1y8Nn&)o#6z8G8fbg;M+BhT#{W{DIQqz1k zC!$ zk7s)ru&T^YsQ71frBq+sukWklx!{@f!t#7#vVuZ7XLv+r+d&(-sOl@K9%&hc*E7-E z)!JS<7IKK>0GF>CKWp}Rj*G@D&re4}-7qw*GXHr2<=43y0wL-nB@M^PxLq4YG#X!*02RIEVk{K-uHB1n7LuHNd8z#TZRZhY z!LkJ5L$DZPU+joENaOa#7GMecU-!Bvs<pmO!EVv90g@`v7z;Cepzp@E+RUBl zFmg;bu8AxgVZvMaAMg72w-F8Qt?GNv{=@Ws-N!DMd*AKc$8j-|vJyA-D;+o79C+hC z*Rx)SYc`In-wkr#^{oAU%hbZl>BQ`s4Q}g~MTuh`j$HI={D+nOZED>Q8)hn$zI`QT zXSwDj|Eru8-*)I$^?zLi{;V_NJKAo$FMVIiKY9ch=S1P%L))PnJ<{K=@F+v{ zYHG%Ti>Du?``l3Y9{2 zLa0&$(m_CK2rVeRgc3+d&lk@=?(N=Zf9IY*_uqY<{FqOYwbq!NIZ1f`en{vEAJ4Z}c?5cn*%k9EO)J+zj5alG%lt)+{+cd#UQ0 z)O(Rq6+RE-!Y!MNoTL2KU$1V~?As-v{n!yW(m>E?(&5ICmXp9RnJ#DtK*=?wzhf&uUc%Is?bsXbiw)lus=*Qh=;N6W@-FpIfX$~j#+7L`wlnHk2ly{_qDF@;F$YnV}qNt6bE1IN!#1CQD|GdkG@ zILW6iU8F(uq(a1KNC6H-LZ-)i0othVkA@vrE?#Wpa&8*2(~#fs{2|>g zyi_Nv57+AXb!d^fz(KCi+3AOdH+_XydO8#4RvO4FB)ID9WvHmM^%FfO3!TZRe2m914Q$J~d2e_bKejt#2xdtvSbcamyS+ad3iqH4aI)PA)2F-=6s* z=$;1>Qjw!5r=mW|ygPwd@I3@hfPnKik3S=gi5>2))+g2q24%z@!FOOKoOmjoTd?__ z+8Ql1%a^=09^CH6U4bJ^MsU~0TUrM*lj_#Z@?o9bxc;j6VC&lTdfWasc;S$^;)9j^ z4Gn*nIJCFnODg%?5-t&P+_~|O;r-rFJ$22Xz_wNMt38iyWf3Sa)V9cZo^#P*T&p;x z;pQU;tp-1V0{I=|x`_?EHCJx#v+=_5WEmGLT_`fm2yXXBlb3suj&6}=?+oG>MiD~B z%CBdn75deWcLr^QAie~^B^Fc!%})@biY=HmS6fWLd<`RH&br`e<7rUs8cozEeph(KTl zCm-vZ$c{YgRA@7}SGfyzz-^IgniZ@cH&jpiqUn5@C*Vj!M&MKOOzf~F(dLEaM365v z#%IYl{n*r2wb3EH`VUY$^cx)uSX!@$#LX~Oj9|wx!xSYrxn22@R@GEs#MO?Ecci08 zHVlc?)MXLcnmcIQb;C{(KI1t9?9z`w+=sn#Q<#6CZ|sG>LUD1k*eEgU-BYx63w>!k!gqMZ%?L0`1*&JE`xM0CX80LKucl_C<>|L z_u%=v&}X@0EU|^Z1$unZh8DCn<~D>b(0s*a9*(#2ULFIszoSoa&+eyHmPu2~i!2}z zoF08X>GGZLCM#B(Yl%8(RRX60M)fk$2UJ+ivqwEQAKM%RrNC}LA1Qr;(i}nEfHq6= zo?qhF6tDPuS&Prp=Lej1e6Q&+oFwZE<@eaeoyO5Ns2IqvlQ;rGkGh=S3ZzGzpwu9NV?zvrc$Kkt-22}bm?sfCCQP;8#lBcd~ z-pw=h0<@qB{rv7K!Li0a0vWr};CAYoNx{`{*8RK7O1rXGPlUhCi2J_xPR45?A(7SC zeQ#|Yx)iui;48UJEgmWpmd|@l`X*$dzH^!#*is@4&o0lNIt(toH6`kmmIMxHeJ1Nx zeSLH=;(mgg;wM1#&4~}+gD&4(Gp41g1VFabJGzLhw@G3v&Je$q1 zq3}Xa7d>B_Q?m%9A{(OID{q>%Rh@+ns5u072Ax5DmrhI4%f%nMCC+rIG;$BqZ9tol zOz_?4w-jE9+|8q`C%k_K&|rP;rRd~+fZ#6_Ij_F z7HHB6rO#TA$q0{B?21=*EN=&9w)ATz1haC%TzejLoh?U7-qA+zy1dXQ;TqtpYRphP zBHkc<)h2aq198XUTV>z#$c@lgm9rI1&K}Id+rB#kt5qiPB3-LOHysNKKXq=VQdt|! zxY<~UnKPbF+-2DPMOtDWqc8Hj{S4G8}!6AHBd+4MPCeK7E|Ym&!2+rU&z;-$TF=D;>c?5 z)Z@X2a+MGaFm;S;(?Mc_3k|`4=|*^^)6{r#=hF3**)Iv(dj!y0TFu#E`4=e1ot+=- zGMJP-Al2(E33;~GCp_%-y~`NnP+>Ac_gcjkc+stM+slpY(i)KjX(FErP%3A*xZYxQNI54@~2+VuqmMawKRjE``yICg= zog~mADbwXa?!bEtT4EUR8p{j;MD(#hiB^>RZLoZ1`3_q}VCWG-J5!A>23!v7fx-v1 zF>Ntn^|Wpal{YwZLKMFKj-$22d^sVAm^2V7W?1kZRBgXV^W;qZvewxqu~I<^oi?GI z!Z*-2&f-9B8`KZD(8er85v;f=-M%zB`5v)!*}k zeoRK}Wy;WSrNx?Kz$%jThixq2L^)yrc~jv;KKeP<*6Omiq?mrxEb#00+xz66z+w<3 zG+VvLa~8KarbY{V00TS8joxxud7&LJiSkl(UKF3%haLZ9KO9yf@S?Q1C}q5*w>|`_ z(n-4Gzpb|6UonAjV3G-xZ(iw8S6VNjE{H^x!!S!1Sjhm~fMpLfbd>t}9Jcvc)|oFL zNshO**#f3?A5{-_PkD5EssSZ16md9m5zFi-XBpJ>5=@M1v>4V))uHtv-yl{@4Vw%N zTK94sqZ7wj?rX1zTY_6w;T9Qn(a9lkGW=l1q-Il3@6o7*ii4O?+!DEalO_&*FszP< zMwEJQUEOTMR@XcK=vL*cd8yj0u5#8%Dp1=-i>6yO-X^SA36=a@l=4~{Y{`|Y_KY>u z6ujAX3sWb!H1y?T+@l@KMC5d#bZhbQorRhq6=h}j!F)BTt$dI%ffn8u5X0aLy>mFe4bk)vF+`QZkF_<|zBtMOn*$qxB#5ZKug#mX6k-9nG~sYkW< z%kj!_Fh$jW z+5dqa4OO6_0j!&Is6?nq*l(jj#3)qIG+2yQw7Gd7tpmMY(mQ)vgy^}!>I6!Vt-Cdz z6zR{XRNypO>I;?`xN*tj(A$Xca;9mpDPx)fiGb-MzFp6D-!>?L-Yo_PLQhaNP&u)B zx@%>F-Uktw8JbGD*(@#p4a_&JV&PhKTer!n)cm#WH(`4>X*qWgT~;LUIaVIYgkC@- zGP{a!^ty6p7d?+4hcmlOi(YYO+(hpIMxjAvf^o#;iuqwQgN$P^wz4U2&-9A4S&Ff& z!Ol`2HiX+0KEU|s_AU&FG%dYefiZa^7I}pdG?wSiV8hk#RLkW%bjV|H9!v?KIATVd zpw$D`emnUu|^Ey3A7h|Il=nqTk8`l+jfh)p-q)aFg z(@i9++cSdOeY)~F0rz^~qQ^oqMf9t8^cA|605oR#PCwou$;`C(oLyur;ZP?R-$BK} zcF2_zNiQ1p^;lYrj5Q(JGMAq@i;Hy$-*xmW0a+5Yh_R(*A>_m>rGWahAR-^VvTSYj zcpN+f+NrF?G9g*}Cyk!6M1KVF!MG@0B&~BWCFhAjWH@}#v=42^Sd3{YUyBIpJO1VR z>_*>voDZ$M7oA}LEI+CpIXb|&t33-)+5E<^NymB2ic>D-=Jf+N8S`E)-O{{>2-##| zJDZhsZ=ky|?H;jGwN?>z!=81CAVETPmP=lzEYb3O!+cN?^%{pTXDOD1NQx2=txpxl zYqz>~J8a0%*|2IWxW9GHtqoTuGg<2YUn(?_Dk}{EY)o8q_dQ-x=sYh(DuHbBv{UQm;fp+Ok3BO!FeOB!{*yS z?u_&`?Jr6L0j@l0ZPsIEUb(cBqh`IyIcR^pM!P5xkqL6Pxl5T{W6;ajL0LdgLJi?F zec^rw)(ktog~mYUCdSMZj(QSuD#i(G5z)z-GBc+QT6eZs*h(rSEqK>1*(rBAxL)=k z>WU>-w0w%$@HQ}^Of=m6ir&F*ZuVh5>1Ir9Nw5L6Oy0^{Pr;4ARh(msOJ^#b=7wRY z3Ds2QR|`Ge0jA^kVP^TLAY+D_dTvgol^a-23IKguv!&gFK4+Un@N`xFb)SXGVmEl) zaZlT+{MNiv-*Tp3V_6B%C$&$YArwzi0zqaIa}@Cblnl>-dZ=uJb&Fn1UWR?7od#Z*1_)inyg{+I#XdNC(n}UlxTH}4_dx;pI1A95y1PX`N~;J#3BFaJ=l=>W(>!&n#-# ztbab7*fpvgV_RxcNYX{q(7;6K&WMfxAnX83Dg`$MOsKmH3_vczj$?ERgEgp_?R-)` zKz&vBrIn$`CGp0RXEm7hz0jCyFH6wc*JCGceMFyrx7SIkb{1+5&4(DnC|?d*JyAPq zH&1e{nO7A^YBFbPD zEaT1I0^FN6ow>x4JB%CkNr7)j<&c|o?TE9qvW3)5)?4z4Me=TnKfagL^#vVAO+)i9 z0p_7g8JC#J>h*T4&-B@V*kGGQi1b?1*0DmST*o5zF3yWqgmm}e<$bgwc+4ZLz^lM@ z7-j<(T}+3lbXfW5wGjpjrmd38S{v?_4p(0%J}e`YB8 zIsxyEBZAUc5dx9RN0>&;LTsKq`WCKV#_eCzX;~i|J*0bGj7O zohPdg6Gh*q@F#Mab*1=JC7qss`6PDPr>>Un_rzEs<{&H9bMvi5B=5yV3p?_1XdGIB zW&*#^5~Gj+61jQewtR&FTJs?Hh{rWeEq>M&yaowDgb$jDC_iD!RoLDxf*7wQ)Agwu zE5aSPTu?yR44Z_&GWo(??tHT=#JvG=!fsQ>R)p#3EZ8F`G2b0=LOMAx0Mat_-K-DU z2$&SS%@7y`C*-|>e|IdQM9hH7C1%#cT<39D0Abn|;*s%_~1^z3Z+~Vl-LW*(P z_5`Lk9z?mloJZk9=rhxol4)iy@CjUh!;PjQ?!Q0cEM+fE{)^_EAIW_C z6?1zwiCIM+B!u3{_`vjVzR-zQK^?`ahVZxZ)%w|*Bs`%y-Q=BV3a_qGvnWBkaA8ZL zlL=~fdUp75$Z-tc-<%bAw!Q$D^pn-LjJ4C1EB>6q)LeZ1ZGXco-&I(}H!x4Vi-oxX zqk$KH2eG4Q8!^yJ(Fkoda{fJWssJmau_@taaY>%&bEw?jc<>s!6&3^agSXh;0=5MA zz|18=g%u|O*bPVtOJWXzz0xT%?3N2TNG=|I1sos_iB5j+eFm{6c5NKWTH8CVrUn%W zQU9XVlO>plo{~_oabza@VIS0mMcv+vXutgmOG>qoe=t(i`uWPBt zlK7yRZ3dt80`k5Y;+jg0(L9*^B`Z^A)Kx4dEKu{|$pxc@CFgzlgHo2BM zOp3^Il;UTIAlWnRE8}gl97m9d@i4zQ9YRv zrqRsnEE~!#{&%*!#AEOp6r>JJWK3|=#u0koZ*E1@OFj_wee>FCeOm#!48Y>n##d#% zv`X8VTf8@@N*Tl^hprsL3Q4+UEKdzDn`!G_#9=FUig!FKjyyYPS7Z+bs&?ibH9NPE zgidukY_pZ5ad45jwX@C#C%!v?P^Q)HF}vf&=8{67zd|>mRdxd@S#cM#(N%iyTlbBa zFeU0@=y2X}Uf2w^m*&=OX3*bVan@UiHtdCVbh1Mqa4;0AAfi)%_Vj`-bB2qbZJ5yV z0T)#wA0M^2C7@n;8uk%LxtBRIP(NgIG=Nb~w?>yT5EW=|=Ent0a}-|C&C(78arA`c z67r^HlzJE4Xdo9GnwuafymaeTXQd^xY+@a}9hsR48{6{tPTNc;*cIxiwdq7KXDi>7 zDOh~o_SV5a6tc3iBa-(puTOhbqe&LLx;zDFw8yjp5v>b=NS`=T z(l6JJL~cI1kAmwwmxSZ0VUIwVP1+e~;O4Z8_aZ1xtq`#d@@C}Dca={pF^Bx8A24nw zq3xC7w@o|;UPyOae9|v^p!)%BoTSEE3t{IvNY-t16^Dl+=!dVo#b*)@b*~lGGaLQ- zgO=$i(&A_1QI<#8hY;<``XOoo?IR^9!PPG4xIak{IuzS=@Z46b91mqvcd_lCF(sznfi8^}t z>WS8OJJnPM8?1ku+P_^frsE@UO za#Z2|;=xJHo%uXd^XDjXJbgB@7PTO`!)MLB!JDBJm$eFY`^50p?1Qx5#DZs1x|4(y z*S^SC9~kkH#EtBe`23SVsolwmNVoEB^eO3T;W{E=Uo}#qsv~w2sBnqGS^5gbD8jDt z3Muv>nfigxB%K^aiG+&0Rq2wru#T`&h(H&NAUYeQV39QeC=Yo`*v4{2t8B>qq+=VR z`NM*pT*aasvGOY6TdMri41;}{=a!W?W4`ciq;`>uCpgXGt|ntwqM1gZdfglxq|Mb@t3~R+}asp9rY6eU}M+0qec6MNC=1#95>B zE4m@qkhz=4*L;Bkm<7p~)lB8V1LP5h<13Qysf|%Le?U8LdKKn zbD2q67Ue3yC0eCC(^1@o_T|NmDq#)*Aw}Zd15+A&lb6nw!H zWu`HCf9fbK3fkW*K@3uV(cE`Ze*pa|TvfAhN?&3gWyEbLY_Ag6Y=ai&T$YH# zaT8x^z%{3#`3%uk{jULz-6f%ufO4v7MIy9iW6kw=yEH|i$t}LG+K3T3U!FBf>F5#_ z+NY(iLTPfAq3D7hNS+~rip{=i&4cn;SSeE^VcYyJBLA!pnP2(Odf-$7|4kvq4%7H! z4QGT73MzpE%8uwCdHOO=Lxn8okk9}b<^3)~sXF{12eAuKxp5Hx-Ebz0W(Ww7$Hsp|QJEe;a&b;^33t=KDM&L>F zv(!U}eILAw`-oUJ24J=|WDVZX^lJ7Jy=bfPpe_k&YVV1awIy7yU}jcmAu~eKR=T45 z>>&`n=9@MLb4u{vg@ehga3d!<-n+!lL)OJ$WlK26o;dIVw| zVo!TXx?IBbu6g^-6NX$>ZepR^1_?`gGuOQJ`L4O4-+8<1SHfn#B))>x#(fM2_oUP_ z7O#Iy50!l<92$9e=`O1gz}}Bok8r7tslMRx`5chM$j#Q#@lj(P%vvg_GVQWvW;$o* z_^jR=eoHDOdY2=Yb()!x8?UJ)oNKB*f$|m}R6|zz#@cF!tiVCM+GfF)9l&NzeSlku zaCX7{$9}8rf-!3^d&KC=fPvg_i6TC?k)1YwWQm4`>)a#-i;rk4l?#n0UCLBb39`PW zo=3d42Kr6!G_HwIlr>WWT}6$9e>+Cu(pqfNHF8-@T2#nbEO~JMn0rvr_qR(3_jO56 zv@{KhT@;q4dy?e{upF4ECgqTB&y$W-sXS07fiX z!Yp=PELUNSkkl zvF^So0ht>~$n%D)aseVCDmxL$Jsnqb_MY<)<;t9PyId37t3kHkyxT7*sBnj1Co z(x2J<_EQVscR%Aq`Y!CJC%&x*ME+d6+06~Fn>+7kdoC89KSIuuO8$U8a98VCsqB5* zKnthKJD<^h7`ZQUiiBfB0Q5n-U{pf>5N_ry2JVpNbt*An?H5liJgRR z8~&HeHA~_Vsgcd|WXWG@n72H38yX&j`VV9h8=9+C_ z(ow6g%xY^xrZyI-7;-kcy7a+d7U&j^;?0Jt8=11FqZ~C;!VG4CU)p-!JzBO*EQx`NQevAs zQ?IV5Xh_}gp=f0MxkxzpYxi;DURqVf`sl|Blv!Mu3aBMEl{wErrK6Y?=UC0Ut^N6G zH|{m-&k+|hHv{9+5fmAA(4O{SJbqMN6Xd@@iMEvJOb28~Q)yQZRvw@*iHp<|Wz z3E-Cl-5Sg(!i=IyR17_@Q?N^A2kWdm2-{nZgIC%B1upOyI>~Ckd$!|l2ULG-yC5j> zsxSOCFPL$Rm6aqYN3&C&zO@`E-O9|Ba`Qy3$q^AHh;3irux?4Q4pAfsDP5Y>yA`ZL z=`DxY^Z*hkyeF!m-q2&zN?D+5Si;|`tY=QI7e*%=?>4O~UObZX4VAs9dfPLq%k}=Y z!PlIK&P$ZC3C)pC1!D_hSn&vTBreH&Va|d1V7b*)*Kcbd{+p1ighW zvV zOU8*;Xt=K$iEzJq*}sJXspf`ld5bXBGnwE-ZZhEBpf+JW20A!4(kTYNjb1}plHq>8;{szrfvLGMCJ`QaP zSXCezwm|ElU1aNy;{o%~10Y3;G4n%*rJ@;e7MF|IsbG8i=C6L&(BQ*euZ4OO$oc8~ zt<1J5CSI^-FWj%4s3^?du}xh$Y`IfqNTF`~I<)gG{nSohxy8!gJH9H1o6azJf)zm+V^C0;nd8O%ZO`Aq+ zz!f*Vc_8D&>-5>JL3RoDjrk{|%vZ2iox&Bdlq3CG3W|s|=FY}?N(kRy_ABi4P_K*n zzSA?r_6m=k^4Ek*PmIc39wAadgWV0mKFCC?-F}hFwn%P6rTv?S8JCKlWeO}JCN}!t zAXYwKn}=Gdk1L`3&^~C9mm0L|a;*EAZ}Dzh_CktpKoN}EtIF<;dGN5Tz?I1xwoABpLxEnAf^zhoK9C+q--H>bl1vJ(*oxT^$)zADb%aX1f z$bXd!*Y5Z}zw!!~fT>wQyJ=bpqo3e&7HULFE-7b`)r?hH{hH=SuxXY8Zjcz(4$HN-ti+B8zXXD+nGpvp*+`AA}<-B8TU;LjElRq+eLz~)p zr<`-UXA)8tZtOcs3?dHeEyG+aP6h5o|A=#{muI|@f@|6Op*k$5rC=7hDaP$L~%^haS&UfGcAQ`|gQ8w~3Z%sY(mvt5< z$tfYEXp^*OZ_TcY_m&!sr6c0AuS@a0N<8lVwTk{3mYV%x{pF2OAIX!mMC+l=M*C%F z4O8ap^a#pwp@cTEy-#n;Gu}N%|IF7-Dv$Q;k|lBZ!K^6nqqtp|9TXXwp^)1(_;byQ z`=?DG-F?ey7f~aQO9|J+q=g7_g94hucw0x@OdEnsz(;z13A`;E(v< zhQXmnIO0a16UPhD;DI7=J1G9hJlfszi<5H zk*AGFvih5h&@KBo>bq1MFZv)*?3vcxfbi@+924jvnR97+s-@vMiT)wE?Zlwv|COqrPOT@1rF(u-@@x)!Dm9x&`apdQq}O zp!LgZ&@b4vyR>?!LXBZ{dgx4{a3~i@y#g_d8%ot5%jJA;8Ko9QP%Zj=cEhX!;)Zq) zd)(Gn!fT38wW#q_zR0+jtnNW_KVdfVn}jTN{^itWaIAyi%CBi~y@UUzu%es%t&DGw zVp%uG<_mGMr*FQI6OK>jMDzNnol>o|G%6tbUy&WL?y!{5EWh+6VoSK{MBur1FlCej z{@5$;6BYXzGsVtC`Qu$rYGyT7^2d-|!wChhpjRaAapnw6OYc&mRDYW)zX$)#txbX( zC5S*d1nOz+SXG%vw8bKqc70^@du%`D16~Q$)gN3LxM7b$f3(R5jBk_BHyVsWq*?$Y zJU`d>RHpbbSqpmFZ$qGa4CL?-&F`?uj`$TX1K37Nwy&1+?CDN%IY>~9$O5+E2G{93 z4mzopLW+P3htZvRgrSCe1PuhL#2k3&eDArI3P3Il+GczkC_VB-&6O@L=1VxaqGJ%j zRHw)Q`qk706aXUPS80cQaPai_-~90{ZVkT?H|tYEuPO^GKSFMO>%C4(JU^yY?=jt= zyILLqeJZ4w)###cC<|MHv0hH;z{Kd6iE32KfUa1rC8cQ|8;3vK{s(^&=EODM+oKV5(gA@5?6TNp@n_usiE9vS zHYC~Ok;|xI@i}^_HT(kcL&TmsN9mu_`crBPi28x0c13GPT#)KrnD)05JB&~}zkas< z$$uc3V{CRPC*JC~`18};B7cdJKX)lV_?L|2e}Y**fsVdK;y)vq|Al-pO8jSj<9`51 zw+;V)SgHR?o3Kro`9wz1(Bhvc8;Ab^*|^Ac{4*iM285`K|9o2q1vVrNJovmo_MdsU z{{;~x%l-<_=V_xbqEn>|tiWsL%`OM`mx)c4=2-iW#MTKC-*{7xyK~iROZm}jkB~RL)H5R!D-a_%E@E1sCxfSsSQO3{ARqY}Kq}gTRmD~^0Rj*WlAb0q z@02F`v{5&T;nMIL#@ezc z>r+L4Gtw7P)P#%UchC>i`wN6UpAv2^tSGcFKJU^Qu<|6ht*dak&1bS+<-*8))^98A z0%?vbbD(TFgS9t$exCT$h+Lj>X(4`Ym$MXG%Gd6Wr^|)rRO-VvE{w-~e4m+VuQls+ zR+=gwTL8Ho9WHnKFtd-Do+vNJGG-M$-}EmLKCuO=$vO!tP6*gbt#)}W%X=1g#8-%H z))ir|MbQgUel6~m>WOXyrkKvT9i4uDNbxc)m?1!eRScX#7duB@itbqd!b@rd{2Jrn zZrQr163X?%h)-X&#XNRc-;|Qly)njk+p_VTWJ#3k^Dkz2IpxSBu1j^yXHM)39^-7f z3oKdNIlyf0R1Lh%svxR_6PGqlcL`MW`jLF0TFMA-8V^F$O1Ge)-=#WcPqZp(}Y`H5*8c@Sooa{T6mcordxXm%-shHsb&l_$}IK%qu4)&f`gYXS#d zh=q$+w0KYcM0x*?-Yx8^apJBgAHPe!u-fsW#teF0Whm88%S=yq=Z)P{GdeFq2ki?P z-q^|symUVhd)*NmloOP1k0)u#p}q&+e?bQ>`f3*UVA}}B&6YKgJHs+814c8f8iIkn z)+tL)0={4i*G#nU2+=&*vc3xFvr;?a3DO2bnuykJGE{J`Txh8a6aO10uJbT_n$2rW zVR@b#eJ#sC`HIi-CqSXDrGmAe*$g@VGs;OGtjSUMVz3-08otF3FM}KqvwrfxiuR^W zicv=|SFc%MJ$i+Z@Pi{oXcGugyckl1jvBe%?#UTtTG+4q5|w# zue^m2Ef=pr&UWbbj$Xmm0u<`jaq{3v2R#8TNa189zsj| zEBs}RNNEBzTiuTb@O$>u7^P@vcQZ7&R&$toV?4c9yzocCOerN$+Uw6Y;95utnCm08 zvIR(FfegVSb1L^`^WRC4DLk7`*f|L1A)3p&8Wc1f@aOw$DsRwNJ@3Tz z6}WRt#jGOUDqL|+<9AsL&B{M;!-6kY((yYDMt1#@fPeZE;1wGX z@jrx1amaRz?AiU-b-_l%_a6TXFtJ_z51#Rt#=i@5hdS;~D1Q=(<7%#L@sVCi|L~VE zK~9>m;tv?e2oCLUZZ4M?d|lJ4=(ej~QiT3Eic{N$R0-~~hX%0{;8`!WRT54$&6`u_ zJLdEBsreo(Hl&IGJ|0KFgo9Xw@GHzFl-%H%XO za8w@G4Pd~=s)bh33JcAvBa8|0;IZb;l~0y?imk}&a)c=}?5ZtWxR0KBf{B(u&!jFvU9dsxx1CS4tzoC@dUDTEWg+&uFV- zoPaAloS??@>Zmu`8nEjRk{f2dw4|%nsm~*OWoBVRDl2QnG{w;+ar}$v?G<0vEoRpu zW}Ma2P+rC86eT)R6!Ac#o(a4IsLo=9xot|*Dth88meLj`cOAgr+^CDS&gT$f%JXt zP(4};N4^D6i7l?Nt7$EgV(^X16(W{k?2_RpL1&D&9oe=`*$srOEEA^-W6_tPmG8IC zU3tJIjiI64r8|#mewQgrsm@x@`ckE+`5syU+ z^>pA3fDpSz>cYG}t3*JKno$(vaAPA~86W17h_{b^pf8h3NiZIoI=Pa>xGsg3V_l`Y zjDf!mbUUU2GJF^#hNoL}=j3&+vWuoXa)8+tNyfyBA{D7-Z~`(B8nA0KwefF4=ecy2v1@ z*zvx{{glgaTKRhj2vz~M5|hXG z&c4P!qQ6E4G@M?X?1x3eze4dI+o1Wk!>hK+>LU)@RrbZN1H8-7rLT8A&42gpxBFcd zK^o8-Ec>vK@ZNSHAij@@yJSU!nzW5IG1Se8| zm2q%Ing|}joDi%?0K6r{vWs$0ls7>khk~_;-64?@BeT~RC!6Xn0INM3+e~Cx>NCZ*MX8Qe>{gvJdViNrkXNb^U)F^`Z675*votTqm$HjeI!F zXF&u15v#_!L){JOxV1e`FQlEC!EDn4Kazk-D5v(kfKsOVOz&6_3RDUUpbc%5mVx1B zdcX;00Vva~6yn~M=`By3-Jk8AhZqQ8J~wfRrHWDx)&u9Di4_GD4G&l~I#R_P{gL5G z(zVW7>Oz|UyCt2aSAG{^+)JqKB*R$SuvPRTX!_G=u8XpO1>bGY*ZCFMy>Pw{`0wQ^ za@z-68-bmtW9y)$k;~}U5M$HDN(-Q+O0rhv`shGCO10~vM@QZ=rZYn7Upuhk_vIi( zOT1ga*7itv<4lvi$k6k`$MC&){T-tz4{|~!h#GAvWj6WXWOg+-#4+ql^78q!;<%40 z1HhE9Q1VU2%ZwSa_Y&FxVU4z+RhxF#GbamJdNx{&iy=N?J#71xV`2X3(2aXZ6FZ~# z4rHq{SW(pj#3<(?Lw5)-~Kue6zXNDf2RLaBRdS5Zh8M$r8rZuF?%R%L^ z=WAGIuLrIL+RYqd=08W|KtiR?ko)l9Vgwd?$5zvBBIx}Vt|2c~hQ>%(Y|8{Wb!(T} zzcM>}CDG4ZqbkpX^$KFs3I75+%QDX*dMk2{>&J8dKtL*O4I$bV7QO48j=mEkL6zz< z9Y{lhSbS8cHM#vwFd*WhNW&ePBl`^S8zehaMXGU+i{{yI$nAKaTJ?c3Bfd>)HX_8{ zr^c2i8DkZc1S851!>q(c_%>6RNs;MQ#r8D0Es3H#ti556sY9NZiyAICphmMsD*BlH z6^vuoTIwCc4v@#25vQPUs9Dl6y&144XVwi?#z&!jlUmS;c~|Be_L-&_2B3l2U*8_T z`6D!e#L#(M%q;Xt5a1r4o9Qh1SUYTx*#l5sPX@F}Uj-Flt+_W*fnuga#BO$BzGldoX0+U%#Ly8xJso4(Z1LZ>ZvQNQbPGB~J zZf1!~=X#a0HMSFjZC8E|?TF@v577sf3x(L!tN$%BG4eFgqVE47K}c;=*mJJqAuhh$PocKKm}B5n0(vj=W7OJn!M_(uH&#uz5mss+fe` zf6p$es05bCXFgyB015(!-2AWQZm9+GS8=`H2)WL@LNgvam1G3ax~954tgr^d*St29 zF3sOe9R|;ren&iMI6ub|Qg2geGtDVqRtQ^5Hj3=#iv#DCg z8@}E>Wan{U0nxZIMt;-n97Z zo!7s<`RFI5{*%M5JR32)it~H&cx=M~?S0o0r@!?=;}}2lVV5qvMRL&wGvNfZTT5s4 z)FnHUrZ3Pe##jOj5Tva~xC1tb)?e<;fb!^Xb$sXkWuQ}BY;;aYHXThA3x3mV)Rk^r zFH0VELL;}98|$-L>v@PzfBbMs)-wM&QW=(?HQsjdmzn@O@(HN1-^nrvGF$*HZf9zX z8yz-Km8!eAC4mqfW8d>tbLR}M8`*S{;sVBs(D3-_u4UZ>$o4{(1PGb*H`mL>aZoP++{`?sHFZ^%9=&FHbQBS74@E{CzGFMQVn z&26~g;%;(2!75ry80~`sbv6z#)0;ahxkIWb-|~g@s+j0!n6*__{?vU#)n|Ocaqx;im{d}zJp`K5dD=pm~j<3BPv-`GF2BzF@XGfDg z^&2sDhTTR5JP={j#>;8#U5Chcea ze}uhxJe2JlJ}g2dRLYWNDqCflq)?dADhaKYEF)`@Y}qnql8}gyrO+sqdMslf>kJa1 zj5WK#7&~LeHv7D{o_e01@B90`??36&r@3ACHP>}6$9bH`8D#zKK=B=u8)X-s_q@0mp$*65WkR3@P0X zcst_Zn9xjDM=s_z{1D<2YC#fJDO+eU+S?rPmUW!%&bFZMw0;Nwi~h+RH-O|r4wSLj z1z?gh$0)F=u}|{f@BDQ#P{&c+EO2h>lYy<{e@e80DuzbTP$4MH3k{Us--|gE<%)z52i3Uh!oWX zg=aE6(!5o#^x8OG>if3R1dRq1{NApC-I=+&_^a-|f!oXy=CqkjSgao9SPv^NAd^Bgk9sT;Mzv{&0`lVU zPTy{G9*MRk;DA^RZNoi<<%P!9)U%}KU8p+;z$>`FEXuW4zWC8O_2PZJ|GqdRGSo3D z>0qE8nde~G^(w-_l<<&*)F)w%pS|O@3*6_Lu1`>uZ4qvXPCR!rj?2yaHLs1~d1mnIpaRA;&d?YbYYw9j$+mi1&t zz{zfUR|qA*C4cMMUhvXCXw{PXcA1O0<^0U_=~UhZXF&u01g8${(T^(HWwUs; z$$|yn;MLK~))ONe&E--eaVLQ)A^ko22lXc56!+GH?hE91US-=zr}Djo*;Q+$W&?bM zeG)HgxgR-(bG`Gu*Rg$0d*E9A0T<1CQemaC&B=vi0q)C<&G#kdeBv@_u~wHRU&s?R zX``xicSbKmlvL61qzC&~)&j8ai{EF+Eg%h~0z`=Iqxc_vv!(MJG>spz(PzEag&u5~ z{@g=5XA7pL;8HUE>6gIu@8R^)Zfy4c0yP1VN*o}c18X~YB~H@FdcXHAeyz%(BG~oU zYbmV3QgT3pj%>oPMn1bTWYSj3ni0!N7h(x>XCQahJ|%%lVeig3Sl`f6ocz#KGCt80 zMr-A7EZ%;C`QT-k$!EWO%(Rn08_XFN-?}&3gsr{gKCSzm->@mWh%5zsALteIiWb}b zndl8ee2PE2k;4}-_G;$LdK00wui?MvC=4(fUp)8s3KpIB~j-9ZZP#)qr_cmZL5rMO<1Sq)xEsg7dRz|!>$bS*+qMmkaEv% z?B=D25OsB)G=G6^fAhXD2#99L&UVeEA*LYL*r40cR;@Di2!gGH!F;g@Ri1rxEh*SV z_8N$Rl;E=_-c7MwI~2MvQgDi)F^J3zaSYlet(4xjes2NlNT{eu@=zfbH^Od{Rq4_z z0hJ`+(Cyjf8_FD#x>4t^1bV~1!}a5whT0?+?!5ag2}b;f!DTndIMh=$Bf(` z%R4p+?&&(9$06ZL`f{s#>I3J_Z8=bX0IOKg<0jiByw5;pzNWsN<+s$=jb`vq&jX6>JX(6yd?K1#}1+Xpr*oERJ6Me|1VBh-~v$V z2f>pBJ<2{^zWNGn&zV*+wsKtTch@Z@x-#RkSLU{c8Lf2P^*Mm_JYffYCc5Hm`Ug!O zh%j2D!Hd~ytaa}rAm3X&dQ62tEVt9p=pK=Ja4TF-7v$O+06`w{FB5eGHU7KsQTGj( z-59k;prd#Df%%w>{{{a>eSwY#YEo1Z4jG4Jue-B4I;XgZXUIk<5zP%zPrr1DCikyZ z{Pp0`e&9o$2@`?c`T%?`vvNhXL*&04Gys;Yy>O?W#@&DDm5O|R9OG8T>k`n_gGMFVL zXGkaDDeF+E<0h88iW#%7MU%fw!Q8{My<9cpq$8(aYkQU zh!IVJ)7PhH%LH5_l*{UyZU+(Z$SL*_A`02HY}iRfd5I`{YIcX4Dds1T{OMA<>V##BLo>Iiou#jU;ZDT`<8 zwWX&X0Ke|v(B@(2y7LAzBr42-=MC?wT9wB2%PNr-5l(e+IOH>&!lAdVT;V!ux5caK z_*xFwh=-kFG%M4mv9ydL{51?Bf@f3|T;QWD!{#Zct)!G_W36WPV!=(Lt9OH(T1ugc zWeT6DhW;Xo*ez_6$g%tdu>`xi*D24+4$h)OUKAotuvYnJ(MuIMgqBDQ*&Jd6(j}pr zr&juIFK6oZI?L7m$Lwt!l+l+`I?0w%31AOh8*#_(MeUYn6VEnd+>X?&cuQfF#NJlA z)uNdeQE?Tq>bR0-Xs-#Ay1@0x5P$~%?{~rIF|??F|5QdVVrT7l`L{>1_^|;B(%9*B4HNRD#1}Iq;`nS z-?0<2@e2QMAvREYqpxZy6>UAD3y5O@v=-8!*AI0*AU8qfID zHsEr;;*Fyn_ER1_$OMsvG?tjEI@zScwf3O&4_>OKS;skZA_V`~qR?KK%;!LxNLTD` zKl?jCT~NMYNb>B(%Y%r<7Uvh5mYtYgBtA#7WJYG+?$ihD`j_AtsY5*tE!64n9h&A& z&-txQraoP&tiabxsY?t(y5!GvwV}r4uc-`PUs+#InI|a05Ip=DX>Fs2(hIM4GM})H z(}yO?({RYw^i8PXu2zUg_(gX`RghNoZCu|3MGu%-AA+uq(NMc2gXJd?3ZqCLuJ9nfp51eU0D zqC~iC$#u}FG$57k7Neo2!kX~kKoo2>v_!k;Y4y?EIDi~uMAm)m`n|PLtpPF zL1zhBt0qji;I)tv%Cn8EX=49=^z}wzjOT%R=B^k5%4w=IxuLcT=mG;|gqt{JzEgej^brS~;acz= zYcnT;{)5TJ-W&yUtTo4m8w@YZZVOn)8M@4-Gc%$>3cs&UZ_J}JFM&$ zuVgB3V`2Kp&W$}{{Q+^`eTdNw7YD18iwSbD`A^HkY;yd|lOA_(DbN4T$w6NXd>y{% zE34~@*1uHwQEw|~hpnDtct0=RzX(vOJ)7y`KvhDttAD3U5Xpiu=Q015G0Tcc<_y36 zfwH}oUg%S!Rzx6w?jv+IY0OfqnzldiJKv~34=H~Z;uGGHLgzgydqQh9AQKBjhRfuaE{@U2mO)^&{Gh zovWq??x4nf6Pg9bO$L?SkMCEW_OQi0rvhF9vyxfvv0NvPY7ZLF^@RDwSP^6KMFj1>=dGzg*zU#XJ zFX07gwxDCa*k0aOqO3_n0Ep>0r*%7?Ff4zHtvbb9XngUTtLr7koFOE(47Ab;^;^yxOObQ3y?w0Nk&SM-Sy?!+nE=2Z~V>?{cxwSH)>+I=IcgG1n0ysR_dkJ zI;zmKAlz>wPaKNQz2b000i3{G>jNikq>I_{)%utu;*x-&^=UOhjS$oiQ0@XUMgRiNzWk%Q11joGTBx?-Vv;D4bTp@=q&6$ zyjw~|C0LO~oQ5yJp`b8ist~Cdmv6Fxpaihsrc` zzOUayu2z}6!}@E)33ZdnpQ_5d-7nXJJml5RwnBm^==Z3}u30mr_zIW`Tjn;98$5#d ziJLuoS&REX=qC-BS8?s`7Hxxsu|JoK^d7;6pt6kzaNs|1zEiA?jS8na7n%PH9I_**1WPOKA+AAemjU>!>Q^-3&BKF z(lNWp)z3L|)LvfPC-{R)hfVGDKd`ISmP5y{Pn}|;=ga!^!D&PC>|Rz{AB>4}HZ*b@ zZ)fSq?n<_%3m*-4|72FInrQiHruP`ctOWI`bzmJC5JwoLRlU*gzgL2<6PIo~ zo;1>d0(Tx_ZG(sWJ#^lq&Js9SheV^tqosZAm zfulU0k8#k9EmV(KvF2&m6`#sn#xl-X`c}o6-KKJ zIV&phP%0`+OZNpYx86GRF+PGq-@**%(R9gf$WYgf2Jn~H^8h}mkiCGr$TSJ9x#KvE zsVTk4&zYp%nTPetPI%o5ad|QO*`ZVi;?DY1R=Rze<#nC&fl-J10hm!Sxih}KBxcM$TRa`gs==r;xWS>@TctptWjRE3&_YGETcm29zhJ#uz%vO2A)3ilTtoREo7dDc8 z%|QVXv*4~=SRBH3=2$BV5L#nhnKQP7e<#Tf)zx#72H?KG8Qg*V8<2J?yxHlC%JzJt zMr|{_3%r`?IV;JIGiSNYS#ir!SGq(Z0}Xe>-l8?z@YJ3tRt+gozg4uP)$*T^>mbmX z7yd;tDk)JiwQPydbn7$G?2;vE>zvAh??$rRypb$7FZYe9c$mVX3HT|`8KEl2KLT`} z##*M5x#_m#O^cFVeWJ|&a8mzf+K6p%*#1e77w(tmaD!QN-mS49E=!8bSXb87wyU*> z6d(|AO*jtoIOlf9@Y2w1y_)j)KUr?-MliNrEGAO%(d$D6iiJM; zXq30Az8DgJ8|1{O)(HL2|JF+nooslj8+q1W?y;stuIBaoqqD6@_Hr;wlSATgrwAw@ z*nu{pxDlPWM!z5uJcY}aL7rRfp-ZW;t1{gaz5_bvO@!!qBmfx@klYJ0ms7Y?xVOD% z$~qDY>c>$q)2qHOeymDq%@y0lmcR-#q%XNKTM#Zmv$)pO9(+HtBZ%YPYNaL2VSfr) zL5+7cbFcNY@ds5G^&OqRAbTL=gweUtXb=ELbmC9H^j4c8Gr)bg!>A6Fr?1gpJ@h9{ z1ObTL0puyH;S#3EF#3DB>)8MHRN(D_#+(DENT97Z{W8bIBsyGk8d_kBmn{PiV zvX65B*wz#XXSP0@Inr@xx|?)-3z7ru!f|C?L<|ldoNu=!_cZf7_YK?c^qF+B7)X8V z0dDfXMGL1ear&@+g279YO|6enRKMI@Ci6D)6mF=eluJOLuv#OMVMMeQ;m~a~J^LMM zZoM`(RGh2ctV6*!Tx-{6SubOh3mvG)PlK*sdd^$#UbTqYYQ!MX{-T5XS}O02%WGoq zz+be;b8UYtpE1E^v8=Slik<%ltOo9+lE7b4NrZcb7ZR?=XXYO&+(rIcKHXq^!RE2- zkxrNESiY;agl3Cbq#JS%PgSPhfcMfA3PluE%M!gk)ex=T#bz=UXst@oD{PhE{D2Yw zB`kxsR!&zw^eh1ld%kcF0>tow-?e46S$423*n>)3hq#9GShgxxjim$;j(T(#70(t6 zdZdU5%^)VhaHAKz7S(En&&qXZw|ML;#Wlnr=ugvV;$(TOOJrJGW8yOo$FWcCR-x7jH!j zn3`AIBILpiNf<^iH5?bWBr!1Ba{4#P@0VrFtOe-I;{ovUQH6dsfJvV$@F5w=+Abz+ zGa7%tZ~7$93xgYNIhJy2PyO#-XTlOha^6MkkNhWA!0;z`IbQXq&T1^67sOZc`5B_K zNM}qta^djLI05;^A_{kr`wEnOrqf&ncj|-J@xG#v>m3A4;#AIeq(8wy`V(q4*Tdz7 z^vOw5+CWQ6?}Ro3b9WA&;^i>hE*T8 zGu}9)*X=vi<0H@jKmia0ce%LZC8S`R>!bN;=;kCB2NE(-wTliuVExL{2;Wyg!VAVi zF8D39v_<+Y^*W&LF!_(zFu%Lz&Uc$BAKX^78K&AR&Q;Pf=4F0G90DD;+Eo#j$18fk zwVU&$4F4iC)xRv)-)4{V$7%B1)9n@hgA-lN2{dx1uTDW_pg^1kHtd-XwWr0M+B@N^ zs))Fc+Or@x_>fun=co<9NEH`hFy#CVdot~ ze|WBLIb{P!Eqn#dK08DGdexX~Y%c?KDbedL+&t&TWC%kN;eK>QnhJli?`TcYvuW0o zHIG5k1Z;k}oU;nJ==dMMUG)4|vwGkU2xQHCUm{n4`$SHClf6RQ9sh%~gy)uSW7(>o zU*TTFeZcU}7)~d=J0AqkWyVcK`UR;H8aQ^Gma;?7R9XsT|AU0UcL84J;x3+=^eb=& z_Ip^0Si~ke;)qjza&Y$4HD=UudQBY&h`(S)FIHR69Ul0BZ&WLegSCh zfQLA7{3B#>-#(>~p#Y~s4zE)cs99WB5x0p)# z2{F9AXC)_#V+S&0v7nBrUlnNA5Y`smE`d3bf8naz4x@^@R8(b9`vSR-HVs|3>+IZlQp)UUq7v<|11RLR;+yS(!2w;hlG3wcAH~PLEsNXf3KOifp{;589W+h zigAy!FHt>=w(FTVkp5P8F?$Xlbik!Z1#AEgTCLB}7Dkug7*+*mo#tScL0&}0ee0&v z!b$l~hlXnZ2C!Y(&=L@ zVdU{zl)!a^%a+2vV^bpNV^@pFPFeDar5vjA*amR9ZsUt#(19FuoQfo#k3)4s$1L$UpqtkhFNkhGb%Z!MVCTvWL zveBbc8A&_EIS({kH_I6xHD+nj<-bnl-=kp3S2C5@A~bFRT#-wwedmO-2RETH-1PEJ ze+TnF*HhwUb(QS+KD% zo;lcyVQ_78y^cuiXZy{=T>l$_y)brkuEQ`(4ZKU6WWD$Ou!JR6JiSdP*_D^WY; z{s2!ykMnJaYvkBNw{yHRZ_Q5)E4G3oNQOH*Z4Z6oG4{HC)8>_P^IIR1jm5pY?@c8Z z-=8DqNk=a29V|$KbbHPsw^rVzCs5TwBYSZ9pp_PWr8jy3r31a|S_7E9eTzwEPW`hW z50Ej`Hvea2AlgOr$!R!$a3dNRZ7My%ztEK*QXjPp*6^YSd@YH{wvShkWXb(1zh6aRFl*bDNJ8lK*{+-4mW0J+efs36eIzO~6h zC^wrrqmg>UYj&_$;!C&2lb2J%3I^vR?YcY8>zxN8A;3vYCiSJykmFog0;}H z8tDx>iBJ;z9w$scowj(G)WpUio1U(~mdw5*et=sBu<`j388*xjTwCKO^x(WE`Rzbw zfP%I9k~S-w`LRFS9MO%47l{Z72|^%l7khee;wheZ@Tm{!z`qo@mG6Dl|<&Bqr2+q)8(SqS&&^n^HmDf8^%R*`aO*>w<8+&<(Tz~a65 zDtmWNV|2mpQt+l~4af(>A0IL{wFVt<#xgNV126Y;v##N@6nd zBXD;~uV2~vF1IQek6^D=cv-HY`Z@h@0fd;TEAv-by`2Ehi@^`D#0O3oa|GBK_bNDH z@bCtkQOG)b_gz`(AH>=lrVS*Gm?I%7`Ekzz8ZpUXmk)B;*T=FxAg|kTZXI~twagiZ-2Fq`jk&=yI5Lm;?4WzMx5a=W;l9V9 zv~1mG-6U$KE@fFR2L6&8IOKTdDowxdj#MkGkC>53(YZ*pC4v$|pUDjI$i9pWWjy4;g##JpV7| z9${lrqj(%pj))4K*_psR7&i@HKWo4p#Kp9&!x$gCd?xpB1{To)#r<^FEnuJ&E?=c9G>+TaD{GW&%2)y8X_`va&bP66tK_ijW9Eee-uM~~BPU}VD8bNCQ z90Hnx2kPppP^BF7tK4b9AHSlT-^s}9_|Oz!uvXUC^BG~mV^K-IVisy!RTk?6|3R() z{tLL#;6x!6hav)_DPxe~TrN;ur+eetxspJk-GXTv;mT)_z)vJoriz>QOav*>0ia@J zGv^X3T%&GvS?9kJi*~Oz7;;n7r>Quk>NXB}iZ(}RG*len-_HHo)CyUn%!d*+n++YD zrRK;-5$+H4#E{3W4srD$loLRU|L-_2G{qjMb9-+MA25yFD9WeEsv$Y-ij%1Esg1Oc z17z#Twjd4{$4zd!px`Zrx>9)3_zS;2HaV#A;sEm1icxDXwMTAd>(LYXoGV63f`J2w zJgy%doz7Ne&ecL+aMjFLv^sU4+5{DpSHAN9rvIb(2Cg)un1g%_SMShvC+no)4S{%w zZszaAKgg0ovWvMfdzzx=w*x8L`?apMtx?7vOt*mUV~~}pmpEevbE}R!G7+W*`(Q>` zJa+FYTWe`pf#9sC^b?ej=zsggZs=N?=b^}*zu$4A>Sy7!@tRR_8w3Ql9Fom;OgggD zS#di4jB~cV|F&&hg=WEkIEBkAZ4$EAzpqb)wLBlXAUr?7A@|CBlBD&7 z@n8%$&#BW$SP>`VzxR<_G52Or0cvwIfNQj^2}Ny^t#*@w+m|a8D?CYO?VK4+xK_IP zrG6mj7OeMtBiFP|p32rNJTb#`1X^7H0qBAhV(%alKUP|w9h11?o%501`T(9=K5{!6 zrN};>CB^KWh}P+pnJrtV<_&)Rs?1KIeQGAR2vKE8Xcth+LJ)tIy~Lj{8sPY|#w;-x zlXRl?CRwLqx)#Q7>RV)=KXI|nEsHAw#>qL|8xkJH(2?9JQFC=S-IwMan9+)al>8q3~cK@bE z+X?;iGVYcH`q|z-U5kCVwC@XCI5ZEPCK}^JsoV_pr#jsnedTO)x$>rD71ipmrGjrC z&fK=e6+@b1!#;5G9u9&B@)#$NKyJ#xG1^`w3{j7ko+QBcu5p3>oDI^+a+aQ5@+jCC zkmu;ByonTKbJOI$+| zpKwi=azDO{k$rM8^JWS@Uzh*I0p=`sSxT|gAkeTvL@%$_%Q#4KsEV&ioIbafM@MpF z_r#OY6bz!_ZeqxG_I@pA#p zNhNEjT?0%wDzG4HcAWlLbNJ%{zL-^HXs!qUQ;& zBP2$%AAlyHTU;LlA_nOiR3-}5QC}ghV-i~W4ot0kmSIVm0`G3S{2ZI2X@8eajn(8W zR@mbEGolq_zIV+nueH%XpZI#yRpaW%Jf_M#^{&r)mDrD1!EBs0gpBg~&?dq>3xBuj zu5}TpL%b5jd&q#g^79UbxGL}PNpwGl1mnH}t)QJyB92At)8UxI%^oC8Bw~$8$LY2~ zw^%2JcR`a^-m5kpKz$bYBZseb)db?*a)Y^mm5<@o!-j&fDXok=>9KviJm!avyjqOs z>Cm~~16r#X(AcGD|AXzB1pZo4sbsWUZLX-;!d9tCW3}d5LpKS=^U% z_$Lq{g{#13<9it%<5dYdTg#diBW3|0B~6LTCK8KrdM$VDrGK^W{3`sO*uGm#<>Ata zeWP>aWxsod;t)CnWgmQ3^gpNUNc)C{%ltjzeRsm2Fk=gjF7(~>KPBrHU0Lu)JomS+ zfo*uqT`JOY!VV81J`XE34H|)akS2$(7mQok^Fr!s^m%KFIR<$-&dkWLq~7pY&V*E`pHNZ^_C{p)yV z8V~4iV#~&#wbwL&GjU6uEOjp3Ad;W_}Y#*B6cJ&%+p1uD6&y8Qc9{t>tZTgVk@*nsoa0h^~UbH^Fe?7Wl z@N~YI5}*MRz=@A=I)$h);+-^-v+Za!nPB}mm-&_I6UVE6Wfb=X@hUW%15C%OYBH^$ zoO5`;V66Us$1i{g1^Xl6M%jcfRWbVlk#;uVPnkzGOc{jR;A0*0n+v@E0 z=T!uNC9msfVLFo=y}KG9Q20>8YdaKQ)YIi>@-u+JgHe4&gMf1^tI1wSnV07n2fVtw z!HNH@{(-(%F(N-Ip69RM*8l9;9#I>*1??UQb$O z@y?pZ66_OOiTMu`qKOEjI5JdEcz$$-&-$CQ05HM?X<;`Fn^33s&LmM^enY(ns`b*e zt}+sN61?DPvPe{B{pN-MCs~PaO40nZ{d3J~>k?&Mhx?-mIoXhaICFOZe{wpg<^v4f8%R>94>|F;TTm%10sK{ZU^~}8 zvghKCgMxs?K5Zh<%PHZzz>8S_c;l+_9d1z>{_vH8R`F|9Ke7z2aP4sYP;uz1xZ;JB zzQeS$uyY(MJ5Oky>pRpfm|N@cwQ;hKlm+66Q|n;B4KNYc6Vl1C=+~C-n&fD%^>8k7 z^W*Rl^cjHPJ5OF|UPVi4{KOSdb#{N?3ML5;TTp#}%t5KGUEa_Sd53#45I5Vf>4Qb* zwwTrN_M1+vu6a>mtq+M4O+O zP6{v;AlsuJ^|kFe5%c)-bzCR16O)s*3LQkKA#9to7Hm537#N8Rh+tndRXs{#VYWRy zSB5S^_g(hC`hE?-2mEm7kPO*q_)=+gPG`M^tKqYFIu%DQ$<97=pITJJ`?m@#U`uv3fVzp7yof7n;;j% zb0)ar)-)%y$<1gJ^E%hWkZfSoalS+q?#5vJycF~BpxFYrsLk;!#<2|O7>kc7vonny zqTQLrL9o|svydPu)G1u?1bPNGw;@;JYtH;Dwk)yPuv|MEr-E!?U9ngGTH7-e`&Yqo7riwT@}KS3#9ko zSKcs*WaqmMLVuF!&~>#@QG1YD4N;!_37O`*_KY3>4kYsGSugOOic}%i9fvRcI&N3r zeyMW8m)iM4H)f_ z1ZHRduwIxlkXOxR?|<@R$|1>mR|!$TrOt$AH!6-!^>`9q{8lUuvs$o0KP>;uo~# z!09Tr&^*NQ6NLk(hX;=T=F0oOO4!vU?e{ZBfBd1$0ot=5f3lM2+Xb2K6;#V|)ShhE z%8z$m?MwAvk3ipc$GP@{H>aMQ>Hd)Rb%xI{F}gBjndL^9^G^Lqm!H4QM0X;t*`o)Z z7v|CL$$hTxrMjSl;K$d{b1j2OofKQDqc{91YeqWzD8o%kP6?UFsl!FE-&V*s;a}mM zw;v=#XiVoHLP~KDaR*s+jr>Iw`qQI-r^sCVNU2OyKC#`j{*Vse`uKuu=(;*u#z=7V zh)kXE+Z-j{>`|Fx{0YwucJ2EJAV^h)EJlx--4`1jq>R5 zh&<#2eiR4_Ubd`r8nW6B2^-&xFW8r8WIZe)@BEoOf>w(yTBJhh0cvX z@_b!|*lSZDpLTIXz2xZ5e?R?@Z|=my`fcJ!ARj<}>%E!@O?KFalZ6uB@8{qxBiF9-!*(5mR6Ap-d5oZ*L#p377|w%^q)_M>P|eoW*M~iHMd3>G(#A~ zO}TLs3%rQp-rp8)A7rL5v-L#L(4ln?9mMxRN7Br)-;M!cG|G&Bt1}ox3vqyzLGD$UNKgBAcIM%Sd7y zGwVRb7cTEM=M9)?E4qtM+65a!g_&On-Wv;*0m%;0$w4|U^sE(F7;eAPO@`lB=nJ+n z-7Fl@$;oews{P7rI@;U>vB1+U|5t~s1?t|G{XH%{f&yC*;jWKXo|#3b`Dh&HRbAaGbfZFN*q*gr^ha7;3$2B2!k&S5K~=Mf2fZ)f zm!z}|>}HpGUt+)D7&qb>7p&b_f|F*4bE_kC&ntLJ@$nNnq5M-7mou4ZO&&6>lxw$6 z$KgcSmk0?W7rFEB_aVuM4pUuDH6>~767F%96i7I|)O*R+E^xD4E#HR0__gd!UiN21 z`ofb6K8`otZzxoSTZ(ZVu9&MemaN^mB}RT>KhwiI4}I`B((bUaYqc<%III{s*8T}s zbEHMWwFkYP7DKRr6Xchdl_Ba9AWtzkagA~c zx7*nYZb)bJQiJ@G9da$VZ1r>~_<@Yv>T*{f(S)~>%x9OC|qeT2?i$w4$ z5pRwl`O7G`@d?>)`j0X2QruYiQZ#zaIG`|9Lzy#j`jVT4xYmtRjXY1+teXj@XNgQk znoyR4a#>T;3+k5{E#lzXA=<&RU`ATFkhAKIlx@BB+)14fS|1~5O=V#e|Kh^udi{l+ zyWy#1iQVMsC89hn@~K*Jp(3{(p*r4i%6WSlE`#MpMVDClVB(-<2yfM@;VxJ_x_=kE zcT71Cj7=NgWXU7+-=iVBaWvks`5N_kMfeutsf-)d_bk*$x1DqAI2E_H6!9``vG8<2 zPP?Olk&CV6Oc%jU^8GnW%f5E>!s@tE-_$5E7PVH^E*DB&$~yf-7x5W-Xa70MEx+u` z-m%9`MIn?n-jGf6{itWqfVd>XDYLPF#sp$`h33L7hlYTG2CX46CGr;E6VJB^RtqMK zfjV2qEhY(J?@_AB6R7^l6ZGuv_wPZDmTO~yODpRuLd4yOi9+vhA;NkO1^;_pkDq8) z&F%IqO?|3x)r~&6@8(Ank7pRW$KfyG-L7@kq1XoNP=sBiV`=Y2HI#%^ZWhMtDQ>BJ% zbBBHc>ld64i)sBrnG?swlp8|5h563=!#7FW^Zj{vd}|No@*EVH1!c|j&C&m!iYKSvAa`1>n6PzoD*u(uewH6cb#@B|E+t4e^ zJ?-y;C|{o=2+!bt;M|$6h#G;EeZDw%(E|RmUn`OJ0bWhG&gR&rWhFp6qI4B`oxW)u zcf}IU<;b>Wr{pO9xIqQ)0OhO<9)&EH6pWL;q}2r&!)za>$mQn@kZl2$UsPefzlY_Q zTQp$=-`}>V{0QKjDLmO5zqN z>z-^E9;<4w__2B`z)pQM&V^9AikWb)T%-(_lE}Bj8g2Z)3*M_0{@beBD+*Q$sf?X) zuJjFCx9L!dJ!Ui(g}ejJz()EG7*DX+cJqX#qt!^W;Ah!;>{&PSrSr3l7 zjhC$-3myoVBGuGdjN%_y(-JcBIGZBNr=JFQqzjIBenodLQe5-c)lKbwG#JBTw3Vhx zT0iBWLiK%Xzu08KsJA#>uX_(#1J)hzz=N6Z&hMI&|;awfP`cV&Ax? z67l!3uSHE6SlkL%8ge~+@u$L<|P z7I=ChQlfhj1S3CR2A31x>VF0r3=&~k=?;Z@2ugPl+W`Bq$7tt|cLQ-{MZQ8GPbQv;TAXr!plpfXt7Vl@+iL^ zuL-S_uNFdxgA8C!0RC!zZQhC3I^fx1D(=9wHBp>o83R_2z&cLtWm(K8Rxd5hkOCZU zwMLix~sZ!i18 zIW2kR{S9E#N_uHS7dj{J(HWodo9sSQ*Kt>MRXw^M)?W_O(Q!wV5KJQlq;_u_i9#>A zyO5b~I?L`4=;ncIs1F!PWvcTzuF1UTX1zG18poX$RQ;TGhwaSNF?YO`)^^p=Pk3bED}~;8l9L7)})=S$W;jbxMjB;p<@i zjhUGL9^Xyr9Y@Vr`kZE&K(vKaiZ0*St#y*3<^f2pr6HReYgX2mT;Xc;p?iDImr%}u zq7qv~A(%tBIOJ7vNOYfljCbzSy3wtHyc-^_*3k#>ZSQmi>L;?wgALO9+JpM*E2rfL zKZ8xbH2D7D?|XgQu;}o@RctnNZr5GRYKeq+EL;xO6*f41yR3^=W+zinh7fu4-X?VL zm|S!AqqM-y7t^z6)ds`3((F>0LJlW*5Re#CVZ{SSAf7`+NFnCAKkBt!XMr#6W_MGp zV*P9mL!V{$OU*Ati^hsEZ_iBip=T5+lmUHik(q^@qh3?fvE}g~5aJr7fHgOyF*>aA zC6#ie(1JAeeo3*WL~lrufQM;;o1xEGGc9JE0b_0{H5_$=dxx^0abakM6U){UUyhAq z>Bk-v|8?qt9|m=y*!pecfVy*uM=qrIJqw6`5v=++Dyi?xxqipTN+hD(-j&vFCg2x) zFb`Ud5?C?}?bn5EjbPHcDXTu{T|eK#$Sk>VVeHuv95?OW)l2_V$i3dudLQE{o) zO^NY#C74T{)~m=uuN_30K!>}lu5EjQS7O4eib5oq$~eJX@Hb>~v-Ej9;mpTy=<@f& zGG0|RM?@IMS=YSpOt6mmm+t@MW9oZrci_9BE4|I4Fhgn3ca8=~siqO<+GJQgc=ubJ zGcr_cSz(@}fL-?>>WWXdy?&&UL5rX7IDf`}5UGW|!cFB)=btlGGAJJ7 zw{1a_E!xx+wZUeb99J^2W`$e;?Q;RF#g>#VtB}nxL7pVT#>0(Hau1}Pm2WU?zkE_$)26C|14`mvEaC}{ zddSV)E{mNJhOsKNsco3EjrA8el6Xf_&ZMlMb)y(9n4dEOu>d#X)GA^MYn^{52BYH} zG3C1|ota9Z11q=t$|H?g{70)Cw_&UD$)l*baWhu7E?<#h_dVpB0a@;TY=EjvD6V&k z{C#RkmL9NN2EC~ss=w?5NSWCET-G-dfHI^G4J}PnR`)PNQtz#vFTe}0E#M=OWlg)Q zT`m#j4RD{WLN2)prPsn5_cpyUV=kkUw?cWu{#g@Z1AW=1qHSYYL8v`_^)dP1Eb%AE zw2?E?q-6?(RJgK{m@y9>4ra%bcCKIG`LWY#HhLidMnS~wRYuEhs(hYO17{htxMZDb zj)E3PCNi5htM&^Le>kr0vy>hS0B?4~Z*1?SqLR!~c zHh3W9g&yt#Ewm;Kp$_Hh2{)nQ##W23>?n5?S&+r~761^Am1E7R{IqB z3m;qr74~;XuXjZ7V*wS%WrJA(nb2wEo7+pS;>m4~e8^FS7CMvxP-=SG9(1z(iYqOy zzU50`M12b(?b3V*+cIGgcoby^BohC7b)my24E$c?*Iyi3Ci(?V>RXiX<7{-^tr2_Y zYOA8E*}>{-o`C?^<2~1O8KZkH?o2;!2sG}dbCX!iK_wzU(Dxx->IaG04(O;Q$uH1C zL;hjHQ4WLf96#ZrPa{+N?t&M<6#eZU?7cLB3eV5(wPcS#_FMgcE#bXxgbeO$AvixL z7ZVQd2S|HfPog60w*f*9>6#F!rPyf1dXjUpUf-)+7G5tpBk ze1+W0y2zNKzy?z=_|bq-R6+E*=GBEGD|acyk^c{0=N`}W`^Wvx2Z|);!zwxCG*S+U zbyg%vp&S+}L`KSKvsGG>!;({SSS56zIfk%l*oe%b5HdE$9CmQp=CkddzK6cQ$9+HU z|M%GTIb7HEx}LAs`+ZTP$9)-!eYkft+%6MQxdZuPBSZ!gLz&w)Tdou=)%^U@alap+ z5jZz@1osW+0awhJ|H_BX)weR-c!l2yFR8MCQqaU_v2oXe!(xPKOG7kRit_g>vD9?$ z15wQO7xm4=PR$)PMNg;~SC~pv?B4ySh0RO1UYrp2W^3?+7b7SC|$i9PqA8}VNSr@Nal53srguAKruCZxB*gkUb)|5<2#WcOdX zZ<^}9oXYNxp{6F-A{Uu1V-;1L2dsR~dk&csguKXn3m8ks=JEGJ%h)y~$rA+G#cv-U z3srdW`y$vCuL$|jBACXQs)i5wxb%PM%)S1RyDrW#p}IRxqy!DSA?%V)A*ayJ@^Nix zGxL4{-0qhJKi8g_#A8lO5>}FT=eBw|q~C0rk)cp3uDfPJPzYXy|2wv!R#1 z*SwLPI3j6<%=5DtI}$4_u%mK5pf)F+1QM$DCKXP?1NsbXGQ9e#&)GW3;93N|aAx#1M>eVlk^=Oe_o7g|?*=r-qlXM*SH#hEe1 zW`;{6bDX~Lfsa@V$EAB>piwP&BQs2s#-1ew`NPQluEzm<85`=S( zQ%OWC?_Gy^FRq~uf?GD0z>26{l%gzB2lG7%EY>N8&qMkxEX{klozBk%=!StcG0o>A z`Tk5f%P7h}7kLjtUY%d`bk=lJQax>U?M=_Unjc@*{+4J7jSXS4t83BsJM~B5yi)zo zAue`s+HBJ}>wraNe8P3}c-T~9(qR{f_j#>Rv4K3+DNC7w2DNjvLlGkI&u-{AQekr55>>K!sOGi^kvzq2GD}mge&pkK(VlcnVU&XpFta_tqEv z0g3ne>4%{nXqeh~wNyg`yk=|7z_FdWTN+fg-$ow7l9iV>nQkew`ZCoM9C{~Kqj7#h z3iievg-P+G;q)v=)>x&R_Dj!|S*_~N?**;BFJ~ZYHobTSfcUBv(PWYGnJ3j7g+CsWJ(YDYFqx2q&6P1zoBxM!)upb8A@R6=*VjqViH@QmNx2z0_?{@eq|ejE zL)iZKEJIv}n#Gqfx|g}9k1^xkPZg$W%?8{*%j)XDp^}wvNE%Vf-ji0*2a)9FtV-J| zyC;7;j5D5Ub_6roPN<-<8eO^-KBX8wBz)fdkLFp?HM94Av$tFIXqi2U@Kd|nr4FtC z4VjE$6c)sMx&X>X^Ch|Qx)?ywm!f2HI;oSPMw61UtpKmL4Tb*yU zgq#2T8^IOG2-iUo1cuX<%R7ayfWY}`=lhvb5V@|?>?Y1M+glw!%X#Qt?OA3esClho z@>+OV_+f^iW2Zmq(A39J+~9vt@1L7Bv_jtWPM2Ku2rJwy0EyfHlu%;4D^_U>T+hI< znXn4tI2k&_`Eg!w*6ZgMyh~r`YWG<#) z>P?YDR<$Py?r@Ll^MYBx`7QO)+=e947O^xJa3g)%g-Gl5)@v0Jtqq9Xa9kll9Tfvk zov-=`s2|Lc)ad*p76YSKM&5(*%E>gF!Qc}a&Ru&F#Kqt8Z}U{!e8GuxOYmZ0QwvjI zF>~O2MTKS$n9#^y@sZzE6Inf3k%m@s(O6 zZnk(gSqsSEo~FN@Zh=n%XIV%1ZrteMx{!BlYrq~rhI`=X=b zPmN?$_B=aOoJ{qVb`jyUJ={#jog=ZS(183Ct{sClT~V^v$^sQZtQV&z_I4S@p)BJY zU!*N{-9|nSJKL!I3$)--1%wX7ee4GN*)67^bGI19NYe9$pY@fnwjzjTtD{TaG>E&; z$e&sD_Za~`bomhy@k=?Nbh`owesm%y5u}bf2*~lBbsZH#g9_vZq)N94I|;8Kb0;AB zX&{nIv!t75^JW*wS3wX?(H7jykP!ONF|4k5T$!j5JRQT!<0!<+suLU=(i*XkYU5$w z!MbI!hv24LzK1{fn#(+J`?(&quA-5$)U_0-7(04lM4J194w~}@^Uax(A1|>lL0Sl{ zl#|G-(-)9T&Q|V40;x(@oP3D9O7g#yzIAm)5nE+e{*C7HFYx4k!6O#277+D;@@%0v2tRy`yt)u=- z*~Y5z;RwOS=_El1;56LN2KC&ppQiu509zyI8Uf{@uzq|qC zk`*BIHB$#y7}~;25>*=dH$kJ`dii!f{UGu&b-M6or#l!K!OAuKYT>9q4fTcIbE`Y^ zu{2V|(P%3i&70p!d`z_Ku)1}8bR)L^DfEgD%kB%&JHb!+^ZGw?Vw2g>4#$ZOG^a8i z$Thj^eC7)=^py5ueB; z;=zTBqjQzdRlmvNm$>$QmxVVc@|&}wgna^k;X8VnX`#Vv15OkFuGlDRE27@4SZ}QS zbWf+%FHRaU4G|#gsL1Mxf%*C^F8u~~om~4pc+0TGQpv?mR3W09qFvxakG0&cnF2z5 zxQ6m!(6PyA3U{4Y*ec0C*L`J0c+SUOeU>RhID11HauA%sk&V0x=bR{i_H6EI;O9h< ztthu@@u<2yW0LVJKMp(-Ot#zetxbHfi(_eNAr1)%3E6T>6i!-CXk}P0Z%3rbI)3Ce zqKbi=oJ8)S`n04MWZ zo0em4Y`zGWCjrOc?T@UK)lYr^8lr3Gp*m2`r3IWU=oO~Hmci(ycp2s)Mi@c_K1{5wx?vuEzB0x-~q2ugLYLd zYW@;_^VXk*M=`5&H(wDg;_%zflsBPg;(YCmXGO-Xt}O4`OfFy5lHQOax9tw|8eNAS zQxG()B@3cgE`%vmMe!Ymb((0eoaMbx!jdzC+syjc=8sr4V08h%}g9% zzCZ~qWJ2{J3DpUpn?IX2tc-2LK?`Ik$4UvM+bX765W>JznW3o*ndx1lz75I6&E>RX@WAiv~p0c~+Wi35D&%j&aU}v9V zj8qPB`+qMGefSPYGb)y9ZAA0a^Ur0Bs2#YqTEA@<@-z}dpBl*IRG&mD!q-DIEOagO z_!9uhJU)Wh#{DzxG4%NZ0GvOGf1SSKg z<+EEVgd_M(ix<%#Z=i~!KL++NsI9u$Q0#!8hUa~49L>IPc1sG^f}Tc(7=HZbVI%@w z7^LH9{{8DCmgK{iRuyo~My;Yj+5AiJy(Z({DkeS~HU2EEt0a#Zsy)2yD&A{&6Yw)3T2iUYoXzks zgqJC=gBNVxhu>)O_qJ&)P{ei42#PocX6FVULuMw8G@AnTpO%pBaW=Ix0v$mPeQS)E zPW39(69F?6f}UxdVV%>Tv0W)C^8GyZ-!ba%ZQ9S-{2$%=FFIPKT&cQon)n4p9=;i- zlpxf*pg)gN$%d5&7DpqoxOy@rDC}1ecXH|`NB&=tC;IS$=F38kCWl5fnjJ`drpG-L zC5$cyTwZ~AcmMUV{&k0o){2bIAKSl~iQA-BTiuH$2dMPu`{Qy$TQqWJxKuK8apA!_ z&!N&w*WePu9ySc-Vqi&I|9}16gCbUEt$EHZma_6i@WM5Xedw9;`RfCpFn0B7bwzA$MjF(9g$PYg3p|FE6 zw-Cj`%~N19M{05Xtu($3ADdrm?gM!aE+&g%z){C(^;Ey{p#INED0!lnzOX@c_if=( z%1?zOvt`k3cSHyBX#z=1$YtQlz!_oV{V!#h_!6?U^Nu{mcMHc6c{IujRBrmKf1E{~ zhZPY@0yyVp3~mFA@FtcFr<&9GY^wmy2?J~d6|8VoV(meN9&g!>%Zr+PTfmLKrPat4 zfgBO+ox^~HQ}eKiiuJ;Mx)DsGnVim3qDd&EYOT`~@V^`UmfsR9cGg7uU{kX!xMn1@ zB(P2zwqjb2X;P=|Yw*jq#bwlzPKa{K@?}L4N(pr0W7*Z@Gh_n+B}jLJMWkx}ToO`5 zuXt9G&mI63xzO(HX(bcf0@GulZ0@{^vET?f@&16bb5$xTYBm)m5!7MI z&Ka?b7QO=U8$-0T_pXmwkyO(JQc!B74PWW;u@nBrw><;8Slp>QrU{Kr`NLXV>OF?G z2ydhaoc;k-`!>XLzDzsKCpr6Jy;(UUsA%M8@<M5puwlJAxTii_vamfsca`za-rsoOu<6Y!ilr(&=_ytU8b91YwJgHq~~ zl)W+^Xwxw_qmM-DoYsI&Lh^ssN8jma6Tg`aJd)Hy@?!1Rbd?p=W}{@5<&#vGlLVHi zR9VLrvr$~vsFn-QMTKN{eu!i6(s=&m+s$u=?AY0 z+UGFwLhI!N%ljgEq>6<(cGO=GDh#hKEMu`$W;6dR2`dvq<=Wp6YM8ER8Q@^yeqQ&+ zJK|}lYPQy~#e)NtT4SZ})*KCs*RS1iP@ui6O$A;xr%815y+^Ct$Xa#d-V4hn-ZMSi z%7WhLA;2T-_vx3AzZiN2ttZq){-N-4NJZdVpz9v&Q_>3>xaFnQmx=E^qxW6A?7qnH zFUFM%N+jtN zlO0=aQx;Q^$%$Tkh4Ggp^va6UWv+B0b-3WAwxcaw)bDl*(7y2mERyxTP299yq;#p}DI1#)`8%mq3k;2=E>-4FtPme@+KfZHe9yi@zNBA5nFkM)KozLNi zHK<+fw4@0ASS-#s+iJk@NaL2b@Q1-IkgdyI@*#+YM(=p@sjhmABcd_LpI;MVhq5DF zC3^}CB~1I2R~y%D`0rc;A6`LDOXf|;_}rL^ur0X*QM+|BMab!k>gqBr`K9(v86B$8 zJ-BiF4VAyN&H8hHX&ZQ0r8wCWBLcB!gq?yS1OFi-eZlU8J{6fCoX3dW=@mu$VzlHw zIMgVnLojd#&Dgm7BII%F7PW&K5 z3bK)(KN2x|@D9g@!%0|EImGJ!K!~Ai({?v!GoK8jRM=Jf!N(3Fhi+p&a%vrTAA9ch zd5ahmi4HZJA4nyS&dV5x{=h-mgsZ^<$EUt(18=a13#Y^V&WMA|-pY=T#_qHegrHNV zI29jZ^LA`3*D+aNCBbR5_z?E|Ac$c9+47wjudkz!cp0%(Dxsk%X1TtoPAsYI&eN(li;PSlcQh?P z5IQ-|B6kr2M5@VIcN97)3FuX!DMM@j0UIj`sHFxGV4>;7wGW1RZw-u4&b$r@xPLV) z=IR?!E1F7pW@Qw3*yhi2E*h=(l*UE$!esV^jqaIU^;&lks*S39M33+!B=Fb$7%DPZ zqGki+zsuY25k9ni1r@~(iR<5I=)GyN+LdP!sV|lJq+`qmv2MaEOoux0;MvJDf4e__ zFkjtz(Te+J{b$nAs@iiKEbBJ@=S}=qK@1I=GAqP%7}RaY2Fki8x;z{^19&Ulr zC&(Cks)vX&{1B?QYOzlBpI_yaiY_BJ3SdwP_1t;3_v!oSW7VDrBcQU2_?V2#_*|jp z6!tN0#^k~?`8&_OsI^lNvSVhfALzgLeCTfdy%3Ml(MXOZmY$_J91t)1?cCa?OpDX` zjYGM}Dz`EwLgDN;$0a65TtDh}nEY#!y%)xFgd7Jl_ti4O;pH+Soqyp-A=g#pycG^Uo zkP`I5JRod(F7V*jy#>czzEmG!6I)vX zOXh9Pik-lS@?17rj;CAWC`KCd5guruODkE6PWkEgVv>3VRgcma9XyqS{QPi)8fOyc zyO*FVmO67E8t|lWBw7}FRZ>n+X|bc`X?)2k*?E_G7^&%C$PkLj@?#SwA(Bvt@M>se z3NS%*`ek5*dcZPUdZaehv6tG4(uYXa@7h7UCfEUZb8lrnMjeHnW`DYjfI_y9-xf-cAsuYj)p?K&6W*-rvSMng)a0iI=jZ z6rYb||N5#}Kk{sOB=*qdBwp+_ z6g)0K%8jzsOxdnC0eixJN7HCAWp*3r;@JSW>;8$#Qz{dsW#RsGbga5fy_Ja!Zr)`a67XuEdFw2!;t zfAZiWYgzOPv*ai@Ff!SJoyE^G=Z@;Ec`9a1X&%SX_divss zx2e|5dH0ZjmQZo-%O7f^(ThZCiNy{}ml?e*^ZwU0)>KR2LV#@VFM*ee9-r2_=}tPHH)XOA%dUI$EX?^$IiZl7!OZo;b6u2geK9 zS8wU7V`&%uzscs_r)y`3*2eZZWcM#IUas>E(BYIA|1jHMW)|#Yn5jqn%VGY0G)0ZV zYaT}if_7_`?>~8YTb#Jr5B+N?;u`~uFeKuKV89*}jEHKN)&FApZi_AChm#U?sP{yP zNX!Bcg-`Y0&E{lF=UXct0LQb(po$qb%Ac!pzk9|1D(YmS_JBQW8vZyOjqDzqXMX%z)q9~CF`cFv;Vxc#Z zcVhU|;h;fIR=d5h?Q-uzJY>=+X`P1tg6XF%Cm_D>_aTGt?ON8x`UwvTY`i8u*%^}- zIr3?Xrn1~KJ^jUy0anLQnkPLEcmiCz^b{*PjBVCg0c6z0q>>09h0oSH0=XfiI80ow z={ulu2i`h!z3QE2XuTcVu9#cd(3ApZerFf;Q-`Dbsfi4(Q>l z)8U-f;&`>n|74Rf^`e#bXsBAdK!cuR+NYwk?s#Thmj;e5klH`_S}-qv?)lwramG5& zXIJDZM)EDo-efP-Gxc;LY(qI<6|-CI6R++p;rO7=4sE7(ym z?{vnsz=!Lj2AH>7D%RZLnAAs$?d(Jm$?DfTANodF!xMe=;_d?^RdEa6wNIN`^BHMu zHPTlfc(YwIELA7$EZazQeCR+lg>Ej>u#~hl{()@RsZjH89B+0SuSYko_^c=bg;Eo4 zGQWuQe*}}Z(jk0Jferb!Xt?^oG}}r?RUIUR@`OJDC`Eup!xlSmKhvw(k%D4nWwX4X zb#njg)I`=1%k+wzBk{PvygCK&ueo7%=1K~>rzOUHxTWGnOU1&-;V&l85z3n$*qx#H zO{FfAjrWsoE6Ba~ttWG?W7A;^Los(0j}cs6%@rQ*Q#(iJn8|uQi5Kq!g6=kdd+Ip=q@o7EggfMfxfLCsho!H7|Ji{ehXfO$0b8lv<1N1*9ydubz~c7aiX<(t?3@cCqE zD%i^F0WxWXe3Xq~Bs2@8_ON)V2i(Xqp-mwe;Z{@@@qn+!jS5 zCcAU0^4$BI@y-IN^{#;t=E9%msd9AChg?biV-g&*b^??6cL^7>$4r#98D+@@ptAN9 z2@|B%e<~Dl0#e{ba58WV^C2F08WU>j6B@V6a`v7ke6mtac<$7ZUH?TN_o|2M-iflU z>v^H3?=hRF4t6GtpnS$~Zc*bb9X*zi1E6 zv!^;J8PX6;LgV)3yPyw=HepegLtFpRae>k+YGr@3gP;~kf_nQHdh?S`JjloO498P| z@GRson1osm7g4O?9^unxM<@rxMP?;u&d?x04q8{(EtKRdS~>sxsiLF96{YNL_s|-{ zhf`_rvp{nAqN5PM2akC~E#%2W{0tq85)MKBQU>>wR_f9wb+nub&!Sx(T>CsCGSwDz zEcQ8^amHG{T@|c`aXe)u6VV1;Rp`pGc1uOL7ed5z-cev<2`MSSQIAnP_)NtP>T4UA z$F0-))hDqwwB<(}w|eg<;Z(D&f+*qN_h>eGt+}jY_D1cLXYg}c(%oFj4TuOJk(NCk zR-i@&>erTo%L%8o#Q4(i7wrksx1G*92Wl^kG}T_XzjacX8@cnCE7MV}32jvhk=bv} z7he{@RTEPA7Ca|<59iGZbU+ENonZCQPdLR?77J+>FKLn^p|Th8yFMVlI?KzVQ!2er zhxc6cB{Zbba%z%%&n8|KM;cNJ*W9oX)^Ce_*~+XKUI-qe2j~gag&8b`zJ4BeKyO)& zbtg=lX2XMh3dXS8Dx=R2cimZWMIJLw+V2+~DWEU6IDpqiTJy*0J#3E*6cTY@Idr(c z2t1EcazBPdD!CJU>@*(B1oe!0oDi6a*4ASX6a25K&^w~E4!@7j>l#9p5E{W{tN(r= zD?5;9_4oKh>cR%ZO;WsRm`MiXl;!3^Br_ck>V6>$+z2t-J#^^^cSmy1| zJ{Eh!&;HHi-rFw>-);8po&~2C3O+8IK6^`~e+f3}fYk4koE=Z) z`+Cf40F=d&Y#_Av%rjYT+2CqBOjX&Syfjty%8_-G%p=~LO70IB8IV&1@04P2wY_E6;E%KG} zj=QfI-w055A|rq*{^@ch$*-lY9F^bqch2a<_EO>{yn_6MW%Z zM%m^4_z(xn&M+-?#7~1|jn&SUWXWkfg*lXl98GhmFE$ri*3kwY zzq3SjnS@@+YKHy5HKzgWK9^f><5|lw8AeVS(!u7- zXpDkz#7+0h(fY1kWsD2XlO2$nvGkCWuQ;#BD%VAYH*9Fh&p3)I|1t+HhzIh@Z3JPw za8VTJIpV9T4!%5iG_;S?iMQ=LF?f*+VmxaX_g0DZO+%eURPmM2DP{uc$^^tBGX-B_ zSs|)xv++vcz1f$S`Axg+-OcBb=TGJ%FX7YpEQKWBKii#3Ly2i8=MH2?GD$~#&7J!i z%U7}ar?HmYSBoU#-uUm?&c+(uN7FtI+Q{K87CTf`JPma;m}(kgZN-I>*dS#O7&TOB z680sRrL^cLy}Si7}DQZJg-1!k|N(|WjdC@gANE=c=hYhsp1NiwwAa%;YU;1F^h z-<)=nmOv+5%~8S5&1a01KxKs9mD)3pG5-8l%D<}&v6E@jn+B$aF8y$tt1hGX^{}g_ zsm&-Q(4qsiV+1tSK;9lbA6iQI;zvephwOrvII(c1xG_Ja=*uW8!quhM7)zu-26Ni6 z(Tg-YRft@7k#6-c5{nEDs^fkF-4hS|mpCns*Cn7+ZpRi47~G~;tm$}-Lt$k4rWvNS zDQ|*3_bzo7ZK|^KXzX9R+qN|vBR-|TH~0*e<0m?=CIm@tR{@oz2T8yauO`urk5pmt z8_(to@(zj4V*2^*!K%Nr0It2F1S?U!luE=br;^t=eZ1(I91k+iDB#M0s$vM!;N?-| zH4k;&yI*W?n{$p3M9rQLZ%&Kw=ouq%-XzvTiS5K(NvMnDVtN~;0iJ*%sp_O6mCYTi z^F;}zCad+5g~}IEb}Y3bJucx05Vjc3`F2no8Zrm&Q<#1GH1xv4B5bI?%#NnXmRRtx zyvnx$S`ZF`pD#rT`$W`hOYOneaE`YeqhJd9gj!2}9Lcv|&}P+9Ip4Sc5f2|)MI+@r z^~=|!qh>#RZQHW(w4Ci8uR*Mn4}yrY*B*R@cr(7A!!NuD+maVCRae%bH%0A?Jm?)U z*G}dvVk=)1N@;7p=q6U=qx$jNUHZ1%9zdMmW`j5L?ZnFNUEtI-UG1N2lD_JGyyfHK zcm%@iBuJe1Uubu%^eF5L!D# z2cz_3aym;t=1z;cQmJ4gIhTPB4w$QecwT$QPkRsR*-gIZ^vE-74cY{?Ml3A#upz@gidJsj*#O34Kw9<4fe(dV z(+B2l#z%Ns%BRsiz$dAjk{OY6YVLG$V%0B?p}{W={QDlpiQVvetjZ3`04rPsrm4H#rm&#QB5d>Yzg+@~5@49Hx{5 zbuZoOlqmnvc8iwl%~(y&=0oZmw?T)ZM%G$JN&c}jizG$T?ubXOoAYYR>S1Y+Jx6|! zL~dE!d~1*05KqqRE@urxxSQc&6eju4ROlMLk_!tgav5HABr@y8hS@rmKhORjeSEJa zXlR$1jvw|V;iPbY$~Ixj>zpI~j44`~0jZmdn0#Q|RU*D6d+x9Bs10kw;(X zLuBcI06YjuS@&=k=rwX9=-8J|_e9MeY9#$sznqo6m1ewOKTKL-VKw|}?@3g^6G%N77G zo>D%u#7vxd@IBWgLbNM?&9||H_7i$YjJ`!M>j(5#@J%G3Uf?l>4>lWu8zQoZ*3cvO z9_yAoBZlsL&~Jfqj~*AEH>9m7$tg2Mr#%ItHeA1rSj24MlNaqtH~Xi^Q@k*n_F7JR~7V-#`_lGoTd<0=s45`Hv?tD z@svH|ApTrAmo>p5S~gJE-nv32iq(#l*lXEu@1FJ^t(Tw7PG^7BMtqi7pK&`um;J=( zr{D|U^!(ZPka!_=E)X!WuvuPYm>x>m<7v^tfD1y%C{=e<@572=j=H!`IqC+0eK>wb zIBqRGcVRhn$1Tf;fldxZvDaehTL91E_+|V`e})s=*$YOoN}EH84=j$u#+&){ct$yB zgEWXjPy|1Mo$zQ?fhuV>FS33P%@#Zat^+C(#~cU-`oYJP)d>Shvj@QQ*_&QrtNFs^uy(-Kb-87p6T09g$zjA>p&YL8nH zLlnm8<0YtcYW8DpkOkg^;9HT#Zeg{AyrlL4CZ0nc4;DitR$JDM3rvfk9-?4f^HpgL zbfb#l7xdfc3wMs(eXK|>x{@v1l6)NU5aT~AqmsAi?RLPTN>8OwK!M`wMJ8tZiQ|ck z;R{Vq!@}sLwJ)6y%U#kgd4vwH)QS{U6YVXV%W>bMIfZ&OGn#dJSXui;e2DCkB6-3E z4tIprB-(df8tTZwHs~z3%AM8E+kHUE)^iueO$R%;D_tejviDlb_A^Ep z?gA6q`$?!ROwq;_^+u>S4t9mo5$b~87f_*#@+SOxLNum(0UDe1WUV<4bq&7*1qT*r zxN!cCTe=cq0t(4#44RE}ha2Pfp%&)FL-f9)R5;F+!^^$_n{@9sTCCLKF>#5AZ;Zn) z*Qv|BUcG7Ve&VB7>blox-`BqTWFXEKkBn!17i7x+zIPe?(W>VNNzEVB<;-}jek;4< zU4g~V;(FhoeSmi-Sp_0^x0T#SDvpm2TVSzljV8k8ekQaonv0rvo5Y&W2uy^74a>ZU0o8rc{nj<{?s=ch#Lof))$+}}m_ajmhFnD6%9M7WvEsjadcIayouV<^49Xwm?&((D z{!Y%_7H^2}!`}QpKl1VR{$fV zLB7E%_3>u?mH^dSR{rUqZ*ZQd8iPjigAuR8(L)d@c#cT=BPUE#(9|e5~Y@gQ_`qDghVo@WpyLeS|Z{$uQOSx;7rt)I--ygDykLooa@V z38?+G$($zt#E%aJLy~kao|Wgvkx#NmcQot<4VR8>(7vQar@F2P)ANVA-RHjsNyMvgaN@~D^jGTd}z zGd`DVrzB40Pc|A;QUd31k@*!2XXn%F#j8A~&%)N9*X+)cHs4*M&)uXuCSeOxK;=ZBf~V8VLn#wfb)%R5uGc2m}#8T z%Bth?jm`>$7QjB!g^cQhyd4($13MtO`g;8CU!W0_d2wTr1VBT~nVkj=p>6qJ%mo4GJegg1_)NFy>g;J6W73)Nye)QB_xsW1No6D>VW7t8 zmvOkAY?$@(FQ=eoUa`b?LzdT|i(6j220aW9s3Np~K7-$v+hMMV`b3hWpF(muC-t9f zNvSBv54|u78%A~8(bMXoCXj|=Tk2iNT8_hxoXO|L?^j(Km(<_mUE?AT`3hJ>33&^Y z7|Ac2k22t`P<6r-pc5?r0jJ`)CcT$qpqX*Oh94L_Fk z8=_$2Fd5CcLm*E6sQMpW>rWAJy@2a$Dr<(BLym=P9bRv zSRG8;Z?AbSFyd0>ISD=?dP%(mJTU&3In6L0c6Af_F&*elot#e6r=idfLPy$E0_unh znMhX|jkfoW>Du~Ni;(x6Qw29licHlJi2~oYm z6?SC+J4^<7BPcjuRHKP9iNZbPb}|Cq7z_{NK2oa%HvEUkv|5R^u%WI0sPMaMvy^@0 z9Nk5oCg#ir-%8DPb5sY@29J2`JsvAMHTCDEVxQrqzv~u0HR3**78$%`*gGHDR>3j+ z=oW*`K}gBP(ro5?NHsi>5zW}HTL46W(J?D!3s73DdgKQ^R7~4Ml;3~am;p!r-xl;0 zuvyTaOQoRopE`+RqH2-XjstNwooM4)&>bgb8`CCm@!<=MfK60&XJ@VqIt34S{(pRC z(K8eU9?sTOF?Y+IWcw>e+lVbc&D7w=A;Ol5@Di*;M4-b40IoR8LImxq_$96tJ;G z>o5uI?DVkt!~Mc0^vxTZ84BZD2rr;(so94m(Z-V?``c5AAla>(`&$_sG|*>lk$3vM zm!mmZj39>@^w2LTO@}%8je_s;Rfm{!=k&cex*WNAs5CSiW6p#ma~=avDm|B%43wV> z=9mj}&|n0K5QF>Xaa|xrkF9B}N~IS#;L}mkcw@-q2XpO)in(JSH(p2~gnXlxQtL6( zFm^P@ja~Xk=!kMcZWKl!9t5l2INB3u#Zkm>_$LArGAi1#m^H-ob45vmL1^Cnhk=jq z?IYxfPNEOu!9$Jo{0O7(22~@LT+dk96J>9G2mFoo_mOJP5*v*45#(3(!v+t~7y2aC zr|gmt+9m#BH&Ei<%wyuW!^bgo?U|co785}wCr&7IUVZ z#otjSb@Rn;hj}MXhTMj&Tz`0Dj>M1XIy+*DnZw+BGCmdc<|a{xmSeH~`Xq>Ci6wdV zwk)5XP^!AYt`?7~3@cT=*fI^~Q=74G<*hhk!aQfC1*oY0gut5^rtscycMZ$61<@#M zYLg$`zV011vE|*|sfrz-YP#RVeiwm0_hlmCneew2%_OK}7tED6d?zS_;yH{jsI8(i zP<|IJ9Hgw0zVdhQdu5Vv34CGi978a5gcm&8d@VE6F3HP%;&|hEkFj~n8m60U2^eLp z8THmcZMn0`RX$Pt7>i#fAIvL7EcxiYSteoU(@*zap@u&S9XTV9Ih(dvx^>OQI~ds? zZRpM7P}Sfz`vmMfW$?zH{>IAhYmSt~FFI1gfxbG(dFWQg>!c5a-H_5FzG>`|V3&bQ zO?F>Z_fi+Ajyx0p_w$KC?V1El!EIr&yDZ*SIsNvRIna`*_mU{eZ}4rg=uf(C40lJV9b2ZF%(#+!V(SJ>8d5!olg+qr}sY%v~YLO8A*H^2P8~I%GB_G{_ zgJjS`(CCha>&q0DefF=jo9&QJ@U_$zu(B*r^z+%lQ=fi2%5N?z#-+9u&n&!7?+E?ww--;6czjn1L5t6*#VGGe0|B4@I^`tB3L%T_-LBbw+v!+{)!K!8^4-qkICqYQ8gX5P)~eT*Wm<|$fiKp#!k>ii(%m9C$3Bk2hQ@4g=_8k+?N_g%-#=Q`!j*yNrHz(P3sxSPJ23OXL^6l2oPNBRp5t;E$deNI-moO1hu-DvN+d%SeTg%Uhu#bx(GK?2V-#%3o`%%+`tdXvv`ucY>QElq zhSc)Nt#?a0$WRe;UU*q>RTu%}fSs772(@@3*1!I$l=u0Ma!^snkDF=o6_zfXrD5;o ziZqlSB4_Y3UR!8J&*w~&(%AX)c53=;`TRA#^VhQt2_aw7BKHb0+=^pJ1?(l{D}kOM zhLtOkF-g4!S$6siuKw6$l@~!5#U{K_-Gll-Dx!{Bh=?*~{--%&YS4>I&XeoQxv?3~ zRxKt(&!w8pJQ!5Qnb8_sRk6p)w;bdm^A*-hu!)Np) zn{mfw`LV<=2k!rJzcx74z;R?QGUxhWjR|@Sl|$=8+8Q~jZIOZ{!0Zq4>Br=wo{V>0=Lr#_KV>r-(8&njr2ZjS9AOjf2fYHzhU#brWDHj) z2`d_e+N`z0+v9zreifHYD*@5nV2SPq`i{k0Ji$R&*y#Pfh7h7`g3sg>097pR`vsR~ zT=`;QH_Gdf4P2Ms&3>0$IuElU{Gfl$1nt7xJHHh7dqe8TT3a*zSXTb{dH1mVl`bdD z)R6OG%S*1)6xRMjLV7pmWkBeCfr$7%Taa5u%{NINNmHtZWPY`qTUtm7rq@!`;5AVuom7BSEy>L z4HgynK3Lq1Yf;YXbD|Iqn0cw*;n|KM)4v`?1|p0oL(&mC^XifX3Zp%p_;Z&4o5 zDPC6&$_nW}26e)d2@i$oPThcRBMOht7>53$vazw)G-$)XqifAoKjhUK!-2>rqE#eL z5)1uuY6hc1Z3D_jsdrrzp!XqhxJE+z;1F&;mR&WKAoFRWw&T@tiMq$ljCTzJsqMbK z)5-VeHK{sxH7v?}{Rg%j(0FGC-+TyFD?u*qW$jn)3fpzbz~B&mH#W)It^LK7Q|Ks` zT*R$T!}=Fi!axZb^^+F)hsBfdL5y`~dmoJ#s9wIjJP;RI-$qN+nsw zzJwXO5EEi-8H^$8m>I?_XXgA)pZmVQzt8fR^N+`4<~o;i&hu?od*Zfg`$vgHj4xy=d!20 zcc{rqvHXI$CFoc-Y;<+CthTE+7TLb)npq$E7wtJZmSpr;Decng-%H1FuQd%9GphBX zPbQEzP87{26fgx3jK}%ux$!wF&h8<)_y}Auz9Aw`a@p@xNBp&9N?8+k3C{XRm-#sj zP19Dh>VU&+t#T*zL)$n#3g2I@hi1A-Lj6 zorz}T5TL5H$SBFn(B0~d!mr;jE&R2n!P$GYKUfw}8fE(0#RtT?qZ!kfoIh*7baZqQ z`q!#1g0B3NE#FNwL~Wq$S4jvvwd~W#`Qc0|uvMY~&VtEfrTh!Ow!1a&%l?i!%l1pY z$vx3_RmIL}wk1dRipy^2O@i#t_veGvhWJO`bkgI5$py0ukn4*ugPz72%g~ zWt0!_kC#|a(L&rz7ZK4G8T&!6^?N@O(w*-Xa(i)i#AbqSf;`{s?8Sm<##-nOhxUz_ zPN=Fi0lk_^!R@CVt_DdK$CHLYjX1B8j4!PR)X|&D z)k;%2v?j)o>XSg_agHEDSv7vb!SMD{*_4|3551 zFus|4;fqoMu%13!Wph~FSMIdgU3>$d^W`PM82a9rT1P(?(b;6_vRk}E?LjI3Zm;!$ zBIQu+hR9E`^^<$m5#4XaXX?osw{fqR-peu45H2jOK*Q3{?>VF0x{M?_ zqU0l6m48?AF26#eI2TXvO*9cVX-_fi!A}6v^j)ehAmrEFqk(OHhX;)2JyZl2@<~rJ zeaVStQQSL_Ah$M#(GkP)Vih$a|< zshGbHC?=MD@1w_}f^*`D31CgYBR3+r$fj7syKop=-raAAvpCWGOK@L)2K5JJJDq_T zaGjjs*@8s2-qf@(@UqLvP0@;d%Z*x1OX!9zd|9_m0&1NZ&qL*9T&jdN_K0mLLKV}Q zz-W3Vy`JXah*(gx;a}0s<;7G-H#xR=cuQ?_l~-h{7_5zAt7xsg4}(3z#lhUGT9Lh4 zl^(E!@as#Ln!b|+Fem&xK*>87{Y>yLVa{}qssq?8Oky+GG%waujN5bn1HUF_^R=C;x#Zj4-IU#E zMN!r{he8>v=d>DBW;8fhLY;_EYn4>qcKKdi+Dyy=sj&FGe3P#fq)Tp4H#!COmVK1$ zL5GN?p_u|{>88?2VlA|a^5l4TYVJ1^LtVadxfC=vN?#EecQ*~YfoCF!RK9=sVW$|E zA@OIw1$TKL;$nWG#%Y;Ou7{=Rpcy4-c4i9G+tJeGuIm3T8mMT1oWm1h{|etb{atu{ z6%qrGk$*s3yVUS1Bbn$fM1oAU?FLS_pGZo^2_udc=pJ+%F&jK)c#m@=wPjk)KePpq zBOhfo#j&0^)E{j{$7C_-F=%)EuVD-Vy>Qne5Y|r$Za;l#?h}%}C4Lhs@ZfdL(fq;U z!2Vy_Xe(QZd8OYI^(*h%5*x!Q+kqXoDu;XYQY>qnCBC`p9ozuu$xUB?S3*fYCB-*u z--Ht&o5;g)Uw2yLpY>`=PwF>h=$cy9Uiuj=qc@!kFLgC;f%Z`r=F_bnll^?fhf&;@L z{9aQ0|9|D_NW(;mtBI7JP0Fuzdn?y?@vf)aJ@Xf_W*%Lj9%Mdp=pGyQ)yX0tv3F&X zITdw<>&!f+@^|lX%{CDJ+=cED+Fs3k7#E?mJwPKv6LH`E~gXyzlLOcgkZ848Ub*kG5q(4pjNlT)L9u?Z*3nvUAE-$Ex6Nr_!D15yPb< zf&4%X;Coe1ZV>Mh?i^M$6(>D?_lEMTnCu>))4vCG+)G2w;ao2*u5dek>V$6&-YdTA zqNqn07&cVMFTINEMsM~g9ixXYZDm`RdbmsIn&<;j2zhATVi!9l7hO>l!YgOX!|_L1 zc_}rxhGWaE`_5fUv-)XOT8D8$OQCu4akJB0XK>}5&tRDReEGjPbXBlzV^+RV@dv0s zvd%_ARmqiQ*SW6bO4%2jJaU=IS2Rq|29LE!t&Hr47KA85irPkdA4B}&q zfSg!2s%apOzw}nQK1<*-79Nd3uQQP=t;JZNag_aJ-Y6+Wd8G6*UW&Y=g|51Q&N%=J zWKyA_#?-?@lC2RL-@X@!%Wt4%M|6h(SNTm}&`hqTT5ULLPM9X93@$g_mGfgiMc%Mp z#-=Cfa6(A-VUe}#{zcS`2$ra~=Pmuh#9|mad!#!rPo<4y@9JIS&X1KOY<~m$!Hp-gAo4u!qP^J7G4=2^^?)NRg&(1L@g+$58S&5FFc?%KvVn~ z5E&qcP$aBVeK^#mZkPZ(T(=G<-+zpx)f_)~75ADEUlbao>Wn5vUHjRI>h~FscmrKS zH<;fwtM-Nz*(MsMM-JEvjxG{3;A&JZp%$H)w6LA)Ec}%w*f)E&S3MY$!(Mwt4>A(C z$f0-f5^~SPERCai>DnI=K-8f3Yi(0636loYP!7kbP^x(D!qcIpWn{<&+A~x{V#Nwn z1Rq{vCWWJ86E^snQL|?1D}VuJj$POcbYhpLJ@%m$FMU?I|C(`xeJ=kg$ajpjnnljP zW!p>4Ip6qlvq+|`kS1uVl-!-1n6G$_;bawA{h~EsUQ*}#V!FpHiXQG3-Hp+btT7j@jYC#u@hK-NSnA4t(Th z|3!Dh6?3OyFCNBYi3?7e_~Zjt%FR^0p+0OTB>iN3{mF`L@wqsc2^pzrGvz)a;i!;g z0i0`>#n(4GysaooXZLY2)t}!Y-1^3(8S#70>@;0N$=rNWc_bLTDwxuWL1;Yw49NR+ zevhKG9E#79;Wvd7v=C3lO)(E+nmWNh#b%YN6!3Du8A;AJ%x7#6P6HhT&fN5nB(O8t z_K~cn;fXtKnc@+D+NjxPi@Imxl+p4A`X>VEcuwHNBJ~IAptma9qvZuJCx%cxl0aK3 zNi!{(Cv8N8>9Ox^;yaAXH-{xcMGs1T4YW|HmUvmb9?4v?nA4nc75b1%Tq{|#b3guj z<$f?(AD={|paK8j7zYAi&)(Y47hY;7$U0on-D>LuXMpG}pi}y9Y0eKd7`XmzTJ4WR z)l7ARymxsQp&iep-W0V)R-MLmHP~*yVCH($IYGPolJ$Zl#K{w z%3;YxQ78W+OdDDEwky2tpvNQ?MN|9Sa6Q-H3{v=u2w;apy6x2!3|iO}1bMzbFrmgkT!bd&re@ z>DT+OrGmHf*3($FG@QpQzw_;gk_}k(fV7p46c>&O^(`o0E0{tgPs@^X+VEgGzC~+3 z*wi*mMYCeZZ_R<%Mf0;!eJh$O&OZ*A+ZTs3JE7fg={@;i;92rQxB@0m*|HKw${~2> zX)|=ox!1!|){s3ZIC;EElfy@|FT9vi-q2@syz8P6P;wGb8itv2c*h}iiv^aW@w z{`U7PLcfY5ehcuXZvvmg&zea$YP6Ruf(qh_m5)Kq{6V-Qzs5&!$-c-l0 zAqL=+@7!W8D?Z1S7wwvCCse!dy$*WM6B=(YBMu499DQ;3htL9_^WwPci+%bLe>FLdXKk#Ly< zU<5T9ByL4p;%_mVcG1TGTM%Bm7YA11b;k-rw+d<+OE*B?2x=DJj;WERfozh4l0iEp zdO?q~#U-N{HOz8_RUOi;Rwg=2dW6G9n^snbRgA;sI2+cyyS;Fy-iEJa+q?xsnto^gJ|m3KiFS#pwXKr4r1HNqxPF=V zLG)HnN(7jsDoy!8ZI#bAG5u(xD1U`Va}YmCYbBV97Y5D9A0#>8pR*sRd)hMtzgPim*ch%=GAHRAE>2sTY=z^Hn(t0 zc9*QEitm(0zXI@+aC!q2ZPPxIHt?S12wg!NUlSLDXTh7yrZG%Bl*(=@Nig#So?aLq zZD+%qO^LS$DWq>0YlG-Be2DkOVFWn>LV{X zH_Q3_wjT9A{j#4tEZ&>pe*k}EQU0E?@+D?10tnu>XY~hEF-69)x2KGLy#7ljUH^I! z5ntSn&$paC{FqlYEiF8fpe}WWaYF%87dr}EMvwI?+YxvMlIfx2#|T!c(rEM_A`^kL z5xUN~!NUrtocwb;?7L(@&vq<}S*fj#HM~`esj==(+|fSm9|Lx802b}yeSY*bSdG); zeh1ij)JQs$w&zxu?d-IXe|0O=v#9k|k6TDY9EVmxA*0m#H=C2n+iA#>pD9E(*!Tti ziqlj^IRyBKh2ZhBE1(^dST4x;B582!=_G_!UINC?`s1(6e`_?NR_V(J!RimK@LMh6 z9?dTw8Bpf?qvE>%M%T`uNJ4u&Ry|oaB35}9IX2i(DSBmLUS}7j2jd(>tXK7~RmG6& z$4QLvu1?}KJ!)f<$R`|Xl9P+{N-2~!c`j9GG@tYTLLj6a0 zmpXpep*3nAOw>BYq12ak>|f*P}uM?Gv}$Wsj$p9x5m%Kb_|E6v+^^Rs`*yBMT=hS zl*UiY3GnlPzxbWHE}&uJBkL=dw_JKIRthPD^yR0?Egf1L($d%qL=5zx;)dz;k?Mm@ z6%AB}o|kuygT?{iU@@S#U-Qq~l-_peWTFTEUjb59MOl>jloKZnCk# zaGw(Aj8|zcVYW(@$!%Lz9rg-lk+zlZDF1h@qJPh4s*lNmIkhdKrTGxkbtwOudj{+1 zuhhJC$Y&&d+0t`)yX;@I6!a%CsmnkZj}tmD#)<<4!}7y?W#83~ zd^~07RGeKHgk*M$(Z-fki%)|G}r`Ot3%y zMyJZ>q&$XY|4P(gp|Sq(grubr(E)rP8jxpMu-@do$Y}m@yXn53it`Wh4VU@9xv6mF z2p88#BOAF8Zr$(GDUsMF8+m)w$}UPe?qFV^QLpumRHe{i_1AMI>(p|RNhW=4n5Sx$S!NFa3^4y|u_^ zdGN^`?gz~typ?|LoMCj-J3y%w$waJUofLHayKILIzA~xu?r%pY3tawtYB3Ylp%Uur z^tW%+GU-ddNxeYV#&Bf=zjlpG6fC}CFynGmWcNCH$GX|=&v^%*HF={RCXI+gzPOEp zV$)f|#swpJ`dcwJO3r4WjrQ3P6OGkW}?ffC7h%=&e$vu%(!{{bG zkp`DIj1Zwm){pHKj8ruc>Ry3;!vWtjrJ&=Hq&!q#cMRzxymT&}cBo8gAC_j&>usmr zG}ubjX_ALmV$zc{U}q+NzQEkz^E0#^J{~Zdg5^O#6Yw-^5AaoQH#(Y+T?}Lf&Re-g zQ>XqYZN^+(_3iJ?V%^_GJa5exSu9^uKt5wBDf7+tP2ZJwRBpKON}oXZ{(aZjCG5v7 zdk}*f#M7Pc1%U@X)|>w-qnRfs*N1o5-O+#l5194m{(@^V@s4Tu4RN=N&BBV=u`kZK0Ff&kcfeR$+W7!rw3$eCXekJ*~Bg6mKZ<*RO zSffaWmltiL58p22 z*0HQ(+VtfVpZ$T~$|si!bxKwOr|=204g&~|e8ak?8>#4?Q7dsqP#&YQ#lPA1C>{l^ z!@W{lecQWATV#Rvs=UlOj+7L!KR}@{*&^(yL&sx>VYZ8t#iVH6iZL_!?ep}xU6rvE z*t->TJR`aE`d7VqA3@nmw6WyFW^KgcOfzNuk}%)JYt&vCxs+^BC6B@-h0nAS z+nSH<|Mr!9=a!BB>4sHolgahU7JmzlockB?6REZ*5!ZC=!lmu0Rgqp()WFI=h^t@A zRr(gs-}SpNLlweWBjhYhZM5((Z#bWQcdRgXOB}4WUs#33IiMrt|IaKcmHupll9n2} z^OWR(r~>Tm!ylS?C2*4xbUH`sF`mVBuh77ezEXwz{-s?KEhEDvTqnFh^gDpPXQ0PE z38vcA#b#{d@h%`cDIB|1w9CTbYSwSzi$`x05vbi5PT3^&j`Zo5z+aLj^yjFVi{dP% zS%;Zr|AJ&I=ixfI1Rabon19LGV&=R2uhp($&ToXYAo3VHI_O4p{Kdkjux@RzCE?w7 zhM_A(Nqyi|?<4c@+gX}c-^Sh_Kl`gOvcx;7pbQO6sK-VIPVm!Bb6?jAydeYA7VDo{ zjAqtN?6B%WYzdcfzKbMUe3!m<=#Zf6z1D&_6oK$%w^K6x)sXA!CreS1lwOQ4zJ7Noy#I! zevrmbL^jug>602_N{Lhd7rws~WC<1oX)c@>>!o=OtMx_dw?0b4j$7UtY@e!R z4D2<9c>kBz6iPQqX(IDpEANik=@Nsx-Oj$bH|ZVt$%jSsGm=(Nmv3gwaC>l>tv&hX zH)ZB-xHQ>hoKJusp)vXC-QtO2FUr?eiSc+#dMp5&OBwgF--`&;()n|<-Z}`ykZv|A z95wlY`Sy?i5B68?g0h>@E9fRLViq_igZ>*ZEBhB<#^T@j`jj(o;3AWq7r5dt^13?Q z02T`QMRV=PxZp0GsBjBEbk*;{$-pBo0uST5e8A>yg?StI{MoSL(BfNjZkd^xonz{% zEjnk_#_G+_8jhVXnkMqL-B1J;)ldwIByCcQn&R~|ZQV^bDYM&O(g9RtEJ z<a@M@&?@+5?EX+@0nKV`jWRO%@zM( zyd@0yU9mI-h1s}z^Ej|s;D^dcS4mAzB%+wl&^2*XWZcx9J}UD@KUJHK@nI|=LaD%-BZ zJ;(PwuB;_ov`Rs2CG^{2&pqRM#hC{D2<2XWR&_yJxrRZ0&yR)10Mfnvy#h z$8Vj#%*aXz$cy1Z{^lq!d{C#aaQxQ@LT$oQBtV8kIgM3_Z; z_C5^W`1iOmRkOQnx2E)d*Uk3n#Wc)J(Jb0&aYBOwUMI*jA z_gm+s#%~?PVS<%29cT`CNd_)Th8S62a#Jyz)NI`s()VDG&&Z>z9 zFUbmM8wGZ~eq@)NHzXCE<%p(@rxnu(#T<7?`Ws?z_GxJhqfoDg-A{U}bItPPA8-#= zRFS~U_5GT91b$80jr-3f8*Pgh8>^(}49vG7J zr2tg{qm`jSMg5e2#DVo)dQ&J~!G)#xEH>te$lh_T3Yedcs;$1xqkDqc4Omv$7e&bX zV^hK?IL_@#ZKPIlR|uN~y=_fREtUC6p zU}Z1`h27}k^$!oZLb~gdPT@ZU5YW-HwoS^s@PL9a-wSg$I>||FKYdxNjjCIi*2e7{ zgoJF>K!)Hezcd{(5r36DU5Jl+>HID0F|-*G85V=af@zY7$2cB_Yd7j3q<9lI08SEj zwc_-mbMue5qzJ@7n?8r$*HMb?xOU?O9OXx&`CCjxH`t0ndWtrm1t*73H_NMFsK?8a z?o{?%jHypf&ZXE7&Ibmnqt)^Dj;+&HH{nt$q}aL<>n5oaz7zm5&{wS@ft0_CAm4;? zqnF74nMRE3z&b)ERa>DlE~$sV(c$gHRwv*U7o`WC@b-qR;T0ZLCylHseZz4p0ay}8 zs&pD}N@QJ3nFb=z(v+$;mg`XVScV4@{RrG1)U@H9vxeeX1OokG`d>#;i2Yh2os=cZH4E??eo*srG1nll)y^KMjN+Ia-f9B z)Z=$A5XWs*5D_ne%*Y#|xZs#)h%Mj%O=2l7T628#;z!IRMGmit&RWy_)#^%24x@A* zdh)Awk=rl&JfJJNC^-UVO11VFSzM)U=_cO<7R+=&T6MTr^Ch} z=g6`Bb5 zPlNpH%>ubsYu9_=j%IIg%tRAt+jJLq-nOdQc{c!d>-x9+Av23}rA4vqaFfDBbM09L zjAzyiNf2lgQk0oVdf^mmGoRD$$%h4k#QVjOMzCyj^N5Yh$qtk%AR{tb(2+sL;g=I_ z@X7j_&SirVSo0+^_>$0LV*jkge1>WNR;!oUYofIh8v{aW8z(;V{eakvw>ebPL@nr3 z4ArnX{R5E~`WPKcufZq)Cn?^zdRsyCO!jnO6viJvG7cFoUChlmR%3i<$P?aG4Q4+R zdSFAp@n_i>&m_NT0X2bYfXxJ8Nor9Lc-JfhKLT&P#5-Tda~5nGsbKm7<`MNGv`etX z>S0=xBznPmMy(0!gb=8k(}a4BNvL5 zd94A7C+P=YqVJ9qKLYV`(hZ9FULl+3@=J1rh;58-)jAk?ihiP|sJJC<2HE4YnwDsOPi0dpqUbo#3d++O&-Wr-2 z{QB5DRZH4{cr}y&gb%snyMz#>s?gw;lWotZ=e}!Os<+IP@Ay8*e74hXnOxoSK@LCG z>Fy5SwMNpFH`kxj{S$l!Gow{gKdKg#R=??}`g1vP+4qutNv24OE8VWAgR?+&^t6lh@j?4UeWElCO2bt7oEOXF9JS zl^I9-glVPrz4g3(@Z*wz;bP?Zq5bBPO^gN!Fkc7oFjCYtU1KKazt*oNQY_0v$*F2Uf!=K z#`)lm85qb_rn+KcDL>-45)%mjD~qBA)ue3?)nD~?A*MMFdz+DQ1#D+qAtle#zR|BQ zqRwJEA%DkS@Mdejqyq=Dt1k`Wdc1N4{65%$qZC909V#IasC`Sh{XPS%>C_Ug9LVCyE>ddhdmJbcoY()!`I6{!t z&&arHw`@_zKgYx_ou|l~U+3^@Cam=B@z}dJq|c(QsCLaF(sj(*;|o~&-2AX^>h=9r zGtUd%A2{{#HRSQu?PUpBFEB5=On9CG&wF9S=Am-v9WPFjHpgXW%^w*L`+-*yF96~z9$AC#i8u&(eLEx8YeDeUT3JDO`Fwi>(NWCc|ImCl zYbOLZigvMj_gH`Y7|R$a5{FBSkjO~xYx-n}_PMSACSxb=QX|&fp|c44DqL2C?UKcS)_%^PNpz2kwB!x}q z;?Cd_RS~(f2vg!qpnXOa+-;h?Xs%$y#_q!pEx{E%Viwo7KhOq@zkQ^qM1C;=UC(|- z0a`B-EQSpLg0fu7|R=vqHwHjvh9 zE2wYi!+e5FUkEgV{h4}P3-7Zkp5jJIzwJ1!9O#;`XlZ&S z@n|g@RN3%x)&T0`sai57sFh+*QN4#mMt|c^BvsJ?%gtG_Kyo>M3!=;Eo{O<2r-ma+h(qCv3iB3Qp890XPDqYb)t+s)P85z{3 zZtO}Gafl`EtZbJ=D-metdVN*Z@gj!iurbKcy=d@uw?{to1=*l7NtYU3 z)~Aq+Zf;%qoIBsoXw_tY`xZLpuFi!DCKbyqe$;c{_{2;qR%4EYd zD<*rS{%!Hw5b#ovq=82hmIjxcxKPAaP_H z9qJ>jxA~>nAm?xX-6mnTLtUee{`*Ty9>yInDQRf+*Etvgd7bY~I2E zxOd+xI8|K|PuFPJED)z-(f9cE5RD5RBtuW=ZcQwun6at#w`@oSS7)?iozy{*UQ^>r z)8lsK_Z2k0{_;&)Jo)8^k74{+!Q%STX}W#ew}Rfvi~^1TdUUF{Qg{B zw(5Tm8@Qo@PQSfz6bHXu9)}$xcuh7(t2;SqG((<>vNn*fDnPssQAt2UdMy zq^uerwC?KyJ;hd$q1@8OAF~7H_wLyP_V`z~X1E!aR;DVDuz%;_U9zb%T7qJVU--)Z z=mXrPvLjNLUECqRI}xQB+x~d+ggxb~;BqyH+1Wg(x3VK6G;=e1Ob$(&TX@Sn2gib0 zE~GXnq587A;J|;X%cTD6pd^OD z_9_a-CwB3*va}y)K2x^f&Hb{RTYuu&g=?od)Tzxbtz(F;6E~XQqYAL=y-uiI@c=$b zzLK}8ZO;b#+pVwb)tfd+5o@IW<9@-H3f#YHs!>Op+6Q0Pk&nfx_ zivq$e%!)%vcypHz?m({ObJyXyY3bgo{k2iqU!QU>e(Om+SsOk^ zTD|jJnLYBD_GI+T^p*UJg=lLa_Z-{^Sz&ug-ZAO_egGs+tG3iey-wZuTA^KY5_VO6 z9ab=4V6cxOsSxJih1L*+er-*w-KU8A1RPb@mVXXXdsLZGcl$g|8y9$@$ z#CIOr1z~Vx?+i<92jw>2shVmM>Z!{J{0O8lCvd^D)Lb@LR?=1i8Wli;{InD(O}Mcn zTMcVhA_%EqUBnSsF7QylY7KYQa2ZYjPLt_Gtm*E;`WiiTuMODIb^p4rzT4qvwsAAJ|MEmrpH$&m@2ic*<|j zO%=jEW?LvP$O!ch^jkharsPPzUA)J%kk)%PjY+TK%Mxq;ic$A}?VqDS5-v0#01Wi* zcc_(po_7VDo=CH)@O>O0x@@1Y!)fe@eZ75S`@wwLuj~kqC5}N(vOt1+*>1L`wl2d8 z3LvuVhcXP3PS_0I*h-%hheqaU7c~>xX*nz4TaeEyUo z3-vVU=~W6K3)xc+dNdOA9Vo{Sxx?_!Xay6UU!jDd=N17eyi$(dG;5eDOr)sf{a@4{ zG>~$4ao3Z@k>Mvr)XLp;BY725fu?UtWAY-Jq$%$z~La8_m2 zB;$$(epvUcnpua7@}4gv#xM3#WS^hBc44HZDBW0~5c2q*KWq)iB=EvHViWC}VkB^H z%CcX>?}^;I#mQ!m@~|o)s)*jN+=uA*?3%`VHqnwGv1!y%DvCAd6uerBWj?dP^l^|^ zm5?=(H?m8zy=N!F6Xzi5*gQ5@m~Ra!f(#!=1q_|?NX8vMgtnhmMt4so741uNkMj`s zmQXgKb1FsXV|JZXCCVSX5@--g%z%# z2+Cc=)_iPOR0bW!Z%_PI(IIybc!D3JR^_ns!B)vqK+=@0=)`cs!^+F^TEq}jq!<%w z+d}^gB$DcEa^kb_Sl|D9(UmFxj^?syIv&}{VKmLM)ICdv7dCHEe)Mulc_};VfVZ=_ zLO*$}LSTyR++~+~Iq$ZKu4^BkVWzRp77FoXjz);mG1kD+>|;fPc!HU)x2SksqkLcK z+P*ufy-8q}yAmmfe;ssdT|3*QXh3#~o@sr7<(7i!C1Z13&sffJNjLlQNI@_9(0QO0 z@pfI|8cP@ymSh4=NLLUw+>cHV@tPscV9Lwd`W*^MREirgeT(2Z{Y`y3n z5jn<%iaI&MicX|tktgRvn?2t(6>-(;Ah}$aBY%5xPn5fv%wWV*?Kp+2Sh8NFyUp5SI+kN z&yn=8e0(eC?NVYtt4qW$yvq*MwmgsacMmrH`;Fz@UcJKQ11I{mtnTdlJqmWjG}Ud& z($3oZ%vZISI2z6C+_gH^csNr<+HIW7)^WJbV|CWQCxOjr;Zi&3^;As&t!sbIQRf=$q5EWG_ylm_9*KCv(`= zDHf7-ll|ALwhSBz=;L6Sn0zEnzG4cygz#a2``PAl*izG*Jy_qJHARkzv#g2xF{DX@U70|RN2`-G&lgLam#DzNA*KT9Mfi1lO^|n4eQh^g5*}D`F z3TEufWAwuk&wKrnYG&`yl`jEnQ~#W#WO!xai~X|GnK~&$(-gLBJPudicvC!T4ftLk z^>VZDbiEXdnS##Zgh41Pa3@5Ct)8aY7#cy~Wc9@Y~LrnBPC^G724cL6f z%x2AZO+ix?`++tgT#RPosB9c~7ROe_Km2QkA2y(Q9%jq`T+p#!D|QO%E9Uch-}HTH`tEEgX^r6+hu{&FYKVwC7M^-98_B zp2NND%~~WNhKOx4Hi@$$pxb|8_S~u^s_DKmd1xM*Hj>q1^)*A`TiL9MPkhK3Nm5Y> z)Ph^A$9_8ApRDlsU>*1J_E=6GcemmBig8S^WPpF;tYK~+E23TK<1CQa*Lw7$carPp zwg4ZUdLFYyvyP$)j(p7ZX?gVK7>5IkIVU@o_^+v%@`w31iqU71CJ3Q(vH?hU1!9-s*Nz`KSOi{ zbR?Uj^Qu<=Go2oel6CykP9Rp0Uscn!Z8Ki-ncMI|pl^}8ZsFe$o5kw`Bn_Qkb< zd9~Y}H=M$Jaa2QeC)tj%whQU$jq55VEB+3lPqlp$^G1`tw)X8W^jW2Ec=s^$c+KYf zVIi)=LMrPHviZ(9bDZUZtz1==nzxAK4{adcN zYE?^Z3-O^*dAt#LWlb~{xFZU2ii5}TP~6<&#BiEnKe*s`o5TPDXEH82;EfO^KLNQp zzQVhNND_fblPs~Wc(Z?=DK%xX=u{c4J&pf9?}k=OtwtuvF1(6l9{D59q9pTD4|-Sj z48{59BqK7yHJW8}FLJkO#KHee6~m;jFLPl&uW``HKVetSmHrBMt?~Zh@A7||sS+D6IIqvPtp3z~evoEy+CaE=r>kyg1S=@0@Za4V{tAQ{7pyiI7<#>!D zI#ZVDLAA?w--V0O%GEKA+CnRXs6!1Bb1`g)KG1ar%YNC2n#1HsexAV!bNeLR8Eg-F znw|*}pY!V_&o~ZZN}BT$lzW}XLKhB=I2Veq9&aRdVE6iW9kr;y)To+1_-Bov%tXqm zHtOsvs~v{D%RgA2o%OKM{~lHvwNE=z5J~;~^e9EPKBCS!!u$qwMJYt1pv7g=hHKA# zpLj1YA+=Llzb0ojeeZUjz3JPgC>FevlW#*ABgF@yPxRYM;YFW7ry;aNofUEE z(iiQsLvu&%`l96NyoRu>@Wdq&%P%6L{V@4@M@RXy0?ji@{Oo>iUkeJ}>u|EbjL<%bC;I81(Or_=;Ny^1 zi3v@T82UDJRHxm}Wu;mDt?1CsCM{`vI_vLMqH2=Mo9)?OQJ?DqQu_Elbcw()7hEf#N?aq&j|dZlAirNiT$9z3tM@z1=w zOshZkIgtCGBh5O&iI2{qM+$oooYFlui_0BhtX?t9euDrrI}k;9PQQsSmQb0cllGSL zH8GG@=tKe1=1VKuF06P>q`yC2Y80Y3WZaMBe0s^DeiWUU3a#L!rcm8^l_2I=|ot;kI+AOGdDa0G#n{Ep5#GFAhGQpaox&|EX>kmqgAeFWIToIiF>3 z8$vs7tT3$E9ph!qxbmuzMLbRZzj|(y56f#*tc2Zk-+G&X`xm2M^!%b=}w4bRzja z6n3gqqic3)7#U~Ue-&&snxnsarKbrsDZgX+(b9a5t^Z1gMy?seE!07kUQ(gu9JBH^;h*TWnbP`k1lIQdAY-~ktUeTP?r4cDOq(}@{|KN4fM z!t>p(okY}?U7>OEI?7*QsBL~of6UW`u?cANvK#Q(4eu#=&%XC7bDx8GT`Mo=Yj{3` z9gs{wmGE1<*eG>{CGnkcdQz|jWT&Lx{rn8(+RrN{V$Wqq)AC<=j-wcLg~OAeD?M$? zbkNqd;%t*Q9|~`)9AD|PQyIyi8QFz*f~TX1WP<0dPHj`uW=s(4P>9HPV^XCD2efhX&cl2&ZQ5FV_W2 zqr8$Unqs5`hW)r^%QWV?QB3)4o2TMI`WI6B4>J2_#s*=N>|Zb!O`g9!j9Bo$M9(X` z-bPuZROoFz@LqbcOezO(2FBiTFpFW}FoL|{Ye8POY0C$m)RQT|-&&(nyWLuqBm?Od zXMz?@UUuj4c5Pa(SEmrg^O6+W944nO2jtaddwp@wgU#4yTQ#!F;pH*{F&EJ;C+8!t z^Qnt$yub)jn7GeLF2TJWP;@QYVv(4MX4WY{Edt`4V&bQq3ei;mPLPT{m#8p7t#{_h z)MmWJ(kRvo=3?>1bCsGSoAg=26`r-+4}%=Xh2T<2_{@#*>HS{@_kUkk|A_F#3W6Y% z*BC33WAG;hxsRhnKVL+jtW&76I3Z{PBYCOn#$V|DPrO|V&rEgjU6z#5cy6LnSY*6i zf2g9AN_ga}u1|T7K`NYCXh{K!{pzkN>xd-$%v_XALe*8(5Aj){rOI~ENROKG-=BF* z82HIBip=^T(@d@2EazEw_HE+F;6BsxYBL`^=vdlju)Vy-loVXUz45fA90dEX2k6j&sq7Q(~aKkSGMS~Q zv(e6#+u#u!F4HL83CN=Ee(LOmj7p6!)$xyyMIOw%(B8yf2^Ccs$^iRQop9NMW3`%6 z4Nr6-1^Y%Gdfs!l-xYEEx$-WWPW~aNHDWwk@Qap_8*2SB_V5q|^n)lVYm($nxy7rO zo=y*TlY5_N)aZbO^p2Lx_-9o`xw@(_0s~5q#gd&09X1H=rL(PJep1ZWS2G$HQ~_M+ zhF453a1+nEyk1Jn=^Xbi&@@1T_Ciue8{!M zeI@O&+wU^ETczNOO9?bQX4v>A8lgzw;HEY^6xZ!C04wf#1OAMd^vY06*L+K>a_YOyVU4od z+K73OSaQIodNpUF(4Kl~)ooa#zjPqRz2LFcB-NZ=%u+Qwtu7+}q`z)}5^CKm)UgGA znDeFy5m$Xl0#^URz=18QAdUex!=+BuGL|L_cKMnIrDL8!{N=GWh6UD^EiT#G0!@S4auU{ZoBiZ6yvLU11@WI|H_Psi< zXnr`U(mGnAZBX!s$vd^JxPWZ_@RNE=5C5GX4Gq}(QZNAKO>Q%S3HNVrNoO5f-w@DU ztTl=cwGoBq1^k!Ve1c$rEnLTotsR@l(uAMGhiKtO2$0)#3hKxheRllkJQ`aWm<-e;}v-*>I~<6e{8Gk4p2U;Em7Pv~_69f6$( zcW&CWNdR_L%W%`Ct@@ibZN9sMmwV^aW@^KxO-DDuv@~x%+`Le)*SSzt@k&_Qa^S>( z(SVijAyM~=;pL_3N>-5b^hJJwqqnQbIYI7NexAY8!@Ewx@f_(q_2H21i;0;1 zc^{u0`2~Fe=lS9b{_^qaBal-?;?GqD#?jy^2&l6$Alt18O~-@h)$fe*of^&{74{X>4HXmq5Y9Dw7zJL6#VTEi)?*h;w z90Irq9^ll1#PdYE!KiYiYKQGw>M;-1Qn6}P$?Hu_+ zV!l>`zUv5>dl2Pck1T4MKH^=gO0fd#r%=uQT_f&`ZcU3mqOM4#R3VWrE9h`hVoQ;A z6F#ckcf!;4T{u~G6VKn5Tk9rR?Dog{-C2ivN7QEPeF4a?TGmCCuPL2&XpNyG^o?rv z%6+is2H>Z9h#~IWj0pFPZ+R z3{s=_P?z&btN8@+t@mF0?UUutfz1p%l*^=#D3haV*%=|Vcj@r@Xe}qX!=fuzVNkK5 z{yEx0Wvs^Kkd4v;?>`fjbr<9D=$?|Zj8#|KA0U(}bJ=&XC4Q&$Nn8#~Bpm)4(B(BT zspRhjx;gpQi?7qo6Xz3O%|1BHbSQtatF0;aK3bz746 zyP~N=fJ_*0sD$aq_@=JkYz)yw$#nTuY0<21fCput!(zvp1YrAeYfCrGZY4iN`?#>; zwt}knKH%%~^~lB(lU}Qfx`QbeSHxP+ndn47Mhs|_UZ@^NiG^)*bNP7XGN_)tDoImM z3psL&)Dd%Wb$dTufEq+uXBW z(9AF?as(u*^)*ECB74O_IdYBCxTlY39Az7o)MEavRF*%?%}Ym>L3n6lVL zmNke<*!K(I?hSiRw&UL~IbuJJka z8&9miw^6`da0PY((Q-ekkJFR7-?o@NKb1l>;_RRvY9f@3-b_&bs=Sf?k&^FKk4GD+ z(>E5>oP*B(C`1}DK?)8Jx*N*`<<A3a`XRl+^HT)EcB^|d&qWt_^0j>AO^fcC9F4<+H{0Fa!1)S# z?UJDLlZc<@^(g2{x7M~L)mGU?_qh;jjq|6m4WCxoS6(FWmS<{)X%23tvMvtoP_;)+ zymDhAV@TrLhjm}LD#P)41U0Ygl@hb--VuD;H=Z}%$-Jo|;}f4bV6rWl@#MoBBHcgE z+WSR=^CxwNDLI#;QERMyOvEGo*1Re9ej2ZR56Ay7bF}_=Y+2!a_)u>}f|H?&USO3R z$EXVV@ac)csmg4W13}e%n(F)I?WEzQDTwqBWWg2n0rx4t;` zBCaJr+4`iqTWhbjD?Gw=nAJ#Wm0Rq1X9Sf&o0d;Z8PK9cOp<5gH*0@68DMY#`^)+5 z=|!a$K57s4ydZe?mt`)VDAAgh3cQ-+?j>cDu}`#+Ek^z9bDj;cB6mW@@Hdy<2&9CX zHJgL#7jafFp^w&6#2RaJosEqZj+M;i(?VeLPjV%@e2?E07JF`POwsciPr)9Awzi;m zGfzfKwPJqp?-E3gZjM7Z80O*6&z3)S6Mi^v<7Iy89K}JdRRTL%Wuia)Tqyq4yY-%# zT-BRNc|Bqe7&YO>Vr%IKq-7UEoP0y&{QX#kk4g``3+dwzb&fqUcyx5pLrAegfU8_5 zUX>ql!@P?waJpNZ3riEUml{;29nmbOUsHrgQyfaZqWL7fYb8+|sTP3Jh^Jjo{uEl;4FW&fHNG_ss2%Db#J!+DA!nT9S8LkN->~VgtD#-iMnYfgP0}sX&%3>` z_pc$a?kw{&xX4Uv$SjtDoiT-N+gPu%Z zW(523bM*1)nb@~g&3;0mNSXrpfyt`Mq$#seJ#c&+TWaQzec>@atS=Vv77`< z;!x$*xag=Vg!14PrB(AmuWL-_tEtklB^iixd@tC-GO-;yS@+<{kG3T!>Ry9E@}V79 zB=T15v;{-MX7^<#*lr>e1Q?#d&e&9X`>^%|OmAFJabIBUu|N%)K1a?Gf7Gd%hK6yN z(1vR3`l<1iP!9*Ymc(oH*uFh*Ns`(lo$e=_721mfI@$(ys065o#>t3Cu53ph`02QZ z^l%>l@*(Qk=+V26L!pfj{y;?@6#QihYr?P&E@&C3C`^ZdO@HsnCjJX&d0Hg(-Dy3l zDQAu)-TBE@{s9*5+uIm-e;B$de|N!zR5~^|T{*Re-=|0_NW=S<*z2 z(1(L2>kuP?;RxKPXdb#Do~q%jT{rOCfXj{%!8P7aO5$%wU%)zzbapiWqp?D-y^?#m z{R!|Pqay|5Jgj4?ttHT65K?dQ_};=MW=6uu7)_lcW%s2YAxd3@MhPGOGdY!cWq>pUK=oIBz@+ ztuTjT)6gc(b)&$=ZmnX5?gnVxzG zR2`191cq~R?bhrafO~n$^)6o?D9JILS27RJ59KrRd^n?WkU>rYtf?M|%?Gd6Qx-D~ z0Tn>kF2l1Lz8~tI!H5UsOFjmBX_Rz~aL}4*gaK@Sm(vWPjH*lUug5Do>@DP#yH%Cc zIHc~f!0eX)H14$y_@}Q``@JFt%-5NNGDk=z?X35cU*%Uk-D;tY^p)k6@li#jEztFV zRJ*|zHvvm$!K)ZI2Pu2}S?`g|aD(L8&5ePEk9uIqhc=H#A96`j7_K$?HV-wVoM68z zk4!~%P?0NH{*`Q*3$3oS8=5)`COE-frr#p_7Y+Yr)w)qcibB#i<;ZdStG6zM9g0l6 zf*)m4o46yvL<0e>>(|)BdOCR|QXTuiH59v}f`u?rq{-^xcU6mhK@+6Rq1 z9S@y`s^fcQh)_qS3MdRH$>B^}bAl7^_$g^;tx7US20`jdu3TjNy3<7Fb-WBo(1Zjs z$A`Rcr{X%XT5$`WssdL4b2fgtYbS31WW;Oo5k?qQDH1Qh+}EN6)mFt@KGVB#n*{ruv7+n zR`XE%P(CC?nP3DX{-ZwG?KS9zgC15uotYVxm;cBS2M}bZ@Dt}z6Lc{uZ?wdZ4M2fZvbVw~!0C0#@7=MD*hOK`ENb zq9`h%st)>I5AeFw6% z@d>w<<(#Zgl%1Ul7&@i2a5s(cKx;;L1Jlf@Zr;rtDnk&a5T7L1QrYw)bN0Oy5noT< zFpRA51JNf@SpLE~XaJ{~@mo6d)4<8_hawh3N>dwlzQgDftOK-&&S$jq(2S;jmYx&P z-TC%zH#oh|hmb>mrHm7wu8f5EB}oD8m6&j|X5|T&f%j44q&nxjBy;-txzYsiL&ZHg z(hI1}<&PTWbm?_`H(QBR5q?%gt;(aIob%ycO-BZ>ZfeFeXYE)Q-bt*-Msi{0Ok9jCa>wz_&Sg1YbuotVa%(vz4>TRj%)QPwn ze*1dWDe#inG?eQNeVqrYpv(J1?Q&td2|9=g4ah zB!X)zJQnM4iU6_oB*!&R2O;BqK2Cm7Cb)!#HO7}sM)vz{q%g7wV=bq##79-v4V+S)M`ce*GmWg2B+5nCJ?(tfF&P)mqjP2|KVkZhfj-{*T1W>WjnE-M z!%B_*PO_5|8v2@J2J+%sBs=rDp}7=G3Q-WSo{O*al|%1Zr5uK?mZ$-{0KIk@|I_MOqjehF2b7{4%f&Ye z9KmaC{(b_CD^b(McOYH99jI)E+xxJA0p+D+s7jjeXGDSzY^t*lLLWhaSBK6mOxO}T z5g+lj(@OM8uTO(;D<>u?jc`Hcq0$h6kk1U$7+v>|EV|Hh|JEt+RE@?NQD41JYx(Ne z8ug}ywM&k*Up|j;Yjf*!o1>uQ)ut`c29+Lz6&8;N1?%+;OkGf1gg!#o7qzN+od|Dj z+j=eL%zJ%pNf)6~*L+JyFoEXDS)q!yZy0h1JX~yw-h1XgW23@tP^W#s6kU#<;=0U9 zoRrQPi9SzIww=pZNxBkoWg`jIceCA%Gb|yJl+y~Pv7Si{?K9;De4N){qs><-0gp69eU_RU z@JAOhBnM8nn-tc0TNCm3@HuPVER}Sn5yTnBd6IeJSu~kxTpwMpH<>bEKSRH=If{g`V+$YN*~%y^pNU3lEK zJ-W17gQ47O-{_8p7tTFct!<6beWGHKrSvqU^Dfz*uJjgP3>2U(8McNQi$hG`B9tEG zDLY_DX+fxUI0x~^z729>8^q=FiW1zuVuSDnY!_N|v7HL%HxxC~0dpD>@9*vRv2OvM ziwH(OhLkWD%SdP7S0Epo?ym(;A$p}AY{ivKx}AUw3Er|OU%Mp&66I$Rc+d_YQ+H3R zUxry}9790B5~}^81jksX51IuviAo@4_-}y@#=kf_LuQ7h4*src&GQjD`17k6z2rCB zr86$C+sb~5*>H1WwRM?8J231c47W2TuF%_xr`_l#Ln|%G?6Wg^i(US1wfF<8I?N6# zoD;U5pGp99`qYTTazqu>0jyqK+IL`taIhun)}Zk3QYgihLNiS7k@H{L;lx{c6 zCzfJr`q$CQ(0NQ4{4Cy{ndB%lze`X*x#~*QbV>bCP78cvrO zl)Qf2LeaqxE$MU3T+BUmcYLOARbAwyBL4#^gYZ6O@%y$($kZ=iY?L34bilxh2{*y= z_TO?gg%}*8-Xm2PR$_X(SSF)M7QLha9Hh<})S}i(Dkeq`zUjFc_>zkD{=!c=@f;;O zgk2$JU}~H1xRz)(q8{jXq9+-Juvi<6Gl(k%MVldC@jeQRJqhUdpYNe>E%dxa zG=k5T;};RzTQP;uGcISt@n@MMZfv9+5aFAA7$fi2sxCg>Oq7GYsr+s_8?j-iOlHf3 zWzmrl{8VyQ`c+huM!z3${g^5y5-bGd#m;)w>#H(ZHMm^Nv#^xyry%>Lg;H!|C0c=w zckpP49|BDVzOt|yXiwE|OXz4$2%8f~fzW$kyvnUVW>I(uZ|#s;L% z&C)8fo;+!R-7B8JAI%OyI<3Y}3Q1x<9n|n2yJeiu8K1{cVa<46aQ}1)lW_8xg?{3L zgLC+?QhiPVfB8!8IQtHd*GJ8Y5g27K-GV`L5!*O6;yQ@(WYv70pjZOQ=&z@~LLJd( z@vl2O*ykD83#k67jhS7OcRQeWoO-~a98`8JE-?a^-zrHJj%tz6Z??Ib(A?Q#MlWTq zhFj!_+CL{>?{ANiQpj55y!DwWykr~=y@(i9H%*mCH`=3S-d%y3NDs7E=EjQdV{AR> zds9szmnVOFhL1I&oUX<{^lj%$M*F2syz5=;dQOZR{t6V?@xXT@F3OVSzkO{0s)rKW zY_f1QG~zQ;l(%DgiQ&2BT_KRoUiom(Pood3F#DW82PJ2gXqVgLu>{^_e0|oQl}0PH z&Uw==GfiNQ5J3lk+>CvW(hvN#c@KB{!^@#Yj2=#Ode@vii_}`N-nAe1q;&mdTct6l z%$iY&7qM?4DFT63t`~Ehd7{hr_*Uc{B~=_oIi{qC;07SHlFO)zww4a?S;mMF(6_ zUc!5Wwur8k#l8ijG08Z>-KZ4O$JM@;mLax&RH9x=-xOjLFQc z;1EzKoh#ZDPRGJPAaG$E`w>08QYrzi242ueU>mLAWv5Ln=ju`SP~^#coZ_0Vv_ton z<`%2FnoyO~cWpXb5H|0R4DkHL6O2Xk%c3p1Qbc+q1v?T1)nD>JPfMKEa6sE)G7724 zd1IGmx(YKntMz%%k^3678~g*G?f?$U)~5&o?x}VxTGHl zj5-M(UwHCMiq?|;%_k98M{?|JEfGQ&oEnysuGQZdvo^qG)QuLL9Q5kwR@q1)w)zjf zaH&pOskQIRr!3rBFglAVW$gkrTqjP6Zb}$*s_3$6ru2Ln=Imlkj<8NLkspDlisQTg zoImbK5J5k=&fi^NdDj@}xWiud{9}Dj-!(;iqHlw1{@vRorJWax;Xy$s5^s#2a#-zj z&aepTP&ydAERPELBgzpZcxNm#MndC-{;gd4rn?{Qw_8Xc)p)+mEIeX#t5zd&ART6`Dtq&G!UkPtN(0QIx`uG>bgx+7IO;A05 zpmlc^go(1QS$aH$qdX&~Z&LAoZ^0{&l-3JhN|~y>UEJjF7@L5GYIfV|nyNsSZr>5+ zL8ShAf2A+o$!9PmtM$YE&h29QFAq!&jQI}y6D|s(@@v6_lAIAmmnpPe9$@v>CNrpr zy5LATq-&(vDzz(mTxQLhzY;ZDqd>oK$Je!T{&o{t<(MhiG9yb(FgG@TMzsnJ-@M9* znH8o;dh}ORQ|H&5$BmrtC?UgXR(WJf>>iWy+>eWjWmwfW3`sE+#a=f_oo?H5I=1_R(mTR%pt_jg`|pWOm$( z9r=5QzZKri5ErPjI9$muo%}0J$Vd2z?`6uC8yjwtVO$oZhWurY(yPOK<|A`Fw-l~q z>2-aAli<@$5~Xe^dcj`9b~|8EWeb?1EraIZp#~MT9m1J{;(4X{NXV}dt+Ip!>tDn; z5%YprheO$zvhk?SXE#bRTv=Bb9RbN76#J;!Oi`fAsA*tn?0kal$Lu?FWBIH& zOOIql?j?V&wfV4ZdUEG($i=BGQ%_OSZ>src?o;)TZ}b|h)*=QCODGSKhm^Cu<2Wt@ z;xTA@z%UW6O1(^p-BP0u_`Wb|I|6 zI4m}e*3qg8xb{NRJXJ+!1k~&RDevWwW!buNwF5?3Yd*6^w zW1QN7BCOk0lomm+USQgp<@y5AF11)oI=$fL2n`oZI}%VxyRtiyoS1$`-uZ_}pB`@l zELP04FV@gW4#%uBPmsYLo!YzK?3qX`YoYvfLtm^P)i+L|y2|)uXt=osm}itI>rPm2 z>cfA_9CCl~rY6&-lPHr%?8_vRN_DPwKpVCDUMbqQUkB;_Jsdw#WzpC|_d8Va1F?=I~5=yEg3^s-;`zws`(w@I@UA@cY zcH8^9yA&n#9hucMCxC>Ah3!-rvY#-UQv(&FTyg}=r<}g@6cA4*(t;Ccq5~xEaSzPV ze<~U&Z$Gfb;vcI1qC8K2j6|Pg$J!J0-lNH0wQDfLdp%-=`?=ZapKV9sW5}_^dGCDq zFiLWB##PRNGoXJ|HazF>;AOiN)u^(4ktwkUjlu9$N7_E5;GNhSm+S!BIB zS@2;+@!GBFhrm4BmJDCGz!+eTyr_MMG}lQ8dU>q2)6&o;7ilCS3@Xk?6?x1EzC#DQ ze17F0BW{lwtngv%2M#jPw>XNd0S$~DgmD;w3>SJ<#NlNWOue_QElw-BtK|MyF2FsO z7VwJeh9K`9Rw{R!+t;c@K$M=FDc<*k9pTQE93#=1&fA>6)Ac=c(d+k6Hq2Xa;s z4qZ_p9E)kG70&|J$!CXeK0_s0gl4X{#|!7!dXgV@CCC;{G4Z{KKjc-9G^^AVX%U?u z@#f(4TI@|(TVteuF@@}ewyQk}8B&1(n#T|+Z1SHiV^$4uQ7<1QQ z5BC@p(l!r$e)i_#8JAmYUFlh{9dC2ALe_#utGd149$u7rTo|2w>i()fX%J=9@YXsr zdEM&V{ozv%CGEH?u3DAZNO72QNyP;jz8$xVpCW3}v&EMO(a{$^iN~9_eFuu!0MR8- zRZ`%Cb`j(=Vvhw8|IvUkIe?w;Z>g}D_QdXJ6aMmz({m3}S-nAL4y}^y3m1tr2WP}! z1xE330yZ{Uq197i|hfCd0oR9y@x->j$+yoP9I%!K@!W1?&5Bwa<`W~tt8~iW2 zccsr=(kLnZaaMn}-O;>PlV2ztOWE-+>mqBz&5HRTyK}IHWlw&0PVrB8_V>&;A9(2V zzjtpdwXb;*<$UH}rZX8tRzuAJ)1mbMUJ9AwmR(eY(hWAn;02vNv$&e_(kYSzg8 zcV{b}{&?byd5@$isKCZV_!C^|r?B(kqNV0iMh3z7=504sZLS@9(J#8)kfHS{!*a(~ z3&hiv66(mWZ!j_=U-Af#c7Mfc<~%(Tja+4hr9GI=XL_4V3nz|UjZrm-JiMwy^W+P$ zuHU^khSxKrLwrX#?S#dFMm(2*73HH8BG!GVRa%c(m3lkhX0>MDhbG#342OL-z`HV% z6Uy$+o}vv9@lRrBPcA-3O*q9Xgbu+0-Cp+m$^2=s~OPh9#h}?)ZgyWt`9fAOg}yWlvU zfg-DLmm0(>@Y)PziKt}6jp z^oq%pGFpT8FrJ*f8~B@7XKNdUn!=;_Ui&AVC!2~p?l2L2Z)0cJ?l*PvmNA#aZ^-R- z^xNyoTW^Gn&kFh^-jZjj@d?6HZXPpz6iBt)r?%J)tu@TP0}WhN%Q{B1}8x$xHHxiQsiw@IPJo4DjiYYsQpO>urEcw_4Pvk&7Nu;eG|k|oTiuS{vfvb3ya8u1wVgHDZP z^JrE`$!iCEJyi$xRAsZUq<(L@cpfl(T4=-3;DvmO!l?nJ5)8@I#{!gNX=Y#uQf7R6 z%P~whYPy6Ec+SoUH_iThq@rQ}PXoSw+a_9JB?w-!)!O>-%Pmp$Fro4!@*TI3b@Gw5 zoVOF#gdYyJh96BtmA8Ot8fm-Xjp9|9_2h`@;97lndE%U|OJX?A#vQ19{ZoRHjYC z#)Y6C^D+N~ia|+S5aN;G9(Z;}ah>oGvM)xmIPKkb+7C$bPwen8fNM23F^HE961+NN z?(A~@!BhNWr5Cw~=NK0iZ2gbXa7})L&7-W)+rO5$E}AJhKP~*p(EJXKM&thrI8-De zw|<=UZ*b_(mn;7Ae=q+LY5xCS_ByBTsbOlmJpkAviUN z+ZW-W^&TpAWhG_?mVAaK4~xy#x3&%UZ`JtCWnAE&Jspkup0tUxd^TE$TL!63)CV?q zjtTWv|Bim#mpd;LNFn6uE0|BU7ngkwOQ$TZeq>S-z!fY@Dd?&}f~)6dbU6*n8NcIUH* z-!p6&wS)+0C)dzfK>EQkqrjd2EQsv&yIfD^fG}kLm!~yA?0sPC(01L^S5?!VwU-M@ zS-D=O#3+YaTIb{s#cDwtFUi(S0QA`afzSR0}))l~xCRr4k@`>DMPo=F?0AFyh@@(y_e z`qJi8GY4I({#iq=-CaiU$HhuG3GoWRH^i6uWwWsoRgb>Zzm=EJ?SAwCC5QIhd}F-t zb=j!$o;Gs%N#QNk{U*2T*hr;q^WUki`SY(XuRFbPc&*dxxAp@H5*|C)n*Rp|O17@= z93SisRTMrdx~Nm}F6lg#WCmK!yi65Ez`~HnR{c3fz~f=g!7y~Zf`Q=LctkI}TRapmES-8J#vL~QXVOM%%50!Ecs1t(D%ENEgkk_bbc@Ev+`s3A`F!z| z!|~0{#X*mE@1>Gl<(3||GGNtiN_@$~ZU#m4eVA!2)b8tvGsBLd3+WOX%c;Q~-ioqQ zQDbtQZeQV#+utmic6BhHsV=UDu(ydk;Kc6R=5P_K!UYpVxVS)0%{n8wV7_jUGs?WO zAM@+%vr&9VhRa)UHz!U`x8e+_iOWaK$;)3DoM_;jCy00|0j{6a(~N4g@YQmo5^vGk z+>I&S2-HqYtz&miZT?4wxVm=~6J*)_0e_s!_6zdf-gy=IBKNTx=tdp7cJFel^OrYM zsYBQC9h;MPw(Xy3@w{u;yyN|TLjFamKFNC8Ng!v;usp4-+zKoz5uDJi;l+- zh4Q^IXSUDHOuZd&NaW=9*d)4r?Q%I(fUC0o2P0iz;J>wmb85*DfI?ev=M%7>#8HeP zZ)Sz3x>hOEyQIqNB4Uj#P}!~LfPB@Hj`*@6^@-!_U-OTgaHKh?APD%k7Wo>M8yxuI z<#QVUxSv5A_D2o4nCIwQxOG#{w|VdCF)x1C;pb1*VdcAa%&6-d1QUg(hOCb3*amBF zD>%F!c7Ypb5tMF`?9K};f7I4as>^NF2E5!0y!uNPd!VrjJFwc-T8Yj@2PuPlAKw~m z5?@gHMY7rUz_83dwkM)wAOjC=;<6MmmD zdR65uNxVgoCexA3*jUPf*~oIyR4aywpvS34^K&v*MF4$n#5UY%MkDy_yKO(B5DU3I z;`(C0#oDpPtF9ed&`%C$#n3w}g%OG{yz9B`vlE+y>1XU7Jkq_MEZqplNE2ctjw8&A zvW3n}6EyRwR1w(4UTO-FfH-ha=~wkj;C@y-7fMa$ALCF3Du0=qAd6@2CQi!)s!zYm z(hk9lP`4N5*k=iF6zVX!VVUX}YbjU*pZ$=hhWZEI8B83KxSmci69m)TK zP13p8WdGEp(9%ckWHJ4#$v>XKKids6T;4&~shC)EfWp^;e@# zp3DAl84~>`Klq@3Bf38egVIWEXSMhLCpWW+cZgd#^uKaD!$Wee|M&7A#DS}f{+DGp zja5+b1>9>#-lGZQtDS>lmn(g{N#qCh1?|73bJ3G}F$rU(5u7*ts;m_%HQ!afJ!u5SIx_Tq6i(!0%#al9RQMg!TeytXP2Osqp@@pB zcYbXPi!EMAt^NZrBX6L<-HDWVnHi1Pr=D$u8xx#t?+sW=$EgU?2#0FX8( zkY3ZBRpgN--9(Duw`tj^8JvW(`Th}f;sIq0&60I&79+H|6FP*xdns!QO~A=a0;vTyF*K(ZwRTCxlE@4!d~40tSKlmR zj=x9yTd%jZ%FKAS>K0pZ<0+u2Y7$;WM5#dG)R5$CB@v8GYhHO8FCnIREkx4boggjf z2cc-m^Oy*)6P1=H7<3=~7S+g`rz za@nmHGU&@|7r>2I*A$?ML%y186Y(Y-UNY7)U*QE@iY%WX z$1Z2q5i4I&n(jpb?tOX`i+Ms2hPv?!H9#di{^)tegK0w*Pgu};%{r-^)<^ZZenj

$}ry7s+sb7DR{6Gnw_AJ=mbu$~&#%O$}I-g9u@5~5i-+X!aCHHSMNc9zJ-#jAm zJkb)A24ds)Bp`+TE9d)MF|}g)Y~An}P)FTodxr|k6ctK$tc*HrS-TnvdI31#z2Azr z0ZN6Nz@|{>1zW&Q8&QeOQ=N+O`2&(=cmjy(5=*;pl_^X>eT&$QpY;95ussUm5;VHW z^s$c7x}I%XYw7!Q8y5#X(ljg%Jw82HDz?CoT}&Ih6;x$n|5&a)OS{Hi+Z?}>c_#SK zEqu@2Fpef?C|%;#vdi3E_N@xg8FQywjDR|S>gzX5z2@3n=W6`kozci1b-g;v=iquB zUF!R)N$Bros$$ow#`AD{J=!Vneq;^Y6?lj-5|btx zOd|a>ybgMWNsaUCF;c2l&zA`s9!@l=dDzst9$1DBF~M1)UA7=if%#qHPV3NkTzY0| zKK^2vD=8!f*&HD+jD=sx_p?3!iM=f=56F2{*Nf||_k;`ish?Q(Eeo^@*@<|@M{7l? z=gyP%gS|xj8y_~|VZWFN`}6_e`KZgZlk7IeW6P9SiBVjrbHC)*at^yg|9{XbHiA4i zx^3ZC;f= z$gr*3|Db1oCxMjz_dv%^v+Bu`2LpR8{xix`cly785ytX1pY&-zSLgi!pd#=77Xhkx zHEF45XN$#u5~uH|ry-vke0!3`H>mZ0Q~w*f{oeR5cAXoxVQ}k^i7r(PZe5GN3WRVV zvMJ$j&-KR!_B|IIsQ5Nf{Y5%w-Z3YJ8C%<^?;ZIQPW@zu|ALl*2e>lu;nTY1_j+$r zmrE`5cagW(xBbf=(PeqtV6kgosFgwS5)j^Pd^`zl|MJKN_tWC~!>413)Ga3;{g31S z2VuYL$3GP#!Ho@lkFfE4oY4&GY7iYt`70M-Mdd%v&L;i=DgCQ2msNLD=Kk%KE%JM? z3Mzt}_(Qi|zPKTl`EOxFOec3;_%H`>Bd)=mDD2D&D>i*$B3JO&*{+VgKl#!&V?rXo z#YkZ8Z}Q5S{ILY@Z}4u)mEzm``0}s*r)R;v!_O7c1KPzUdTj0fe`7B-!v5dHXaQHt zN8G_SO~d4!W{ONi2Q;v$zxNv6%_>UN#R74(rP2z=GQ zvoyT6>v+q4v|-4_KN!xjtGtTh`s+R4KT{yKgZh}u{dtdCWcg~&?+hYKZ9X_J!wWB8 z<%SOupj!w1w?%?#L#z{LG4tr8je}Lx%Y?#_o~a97DlFc5tF)5j<0a@Yw#FErROIn` zu{Uoj(Wh3AQEemRY2-lL`3~8K15b#3h*I>6#!5fq00S-f^<6aTv=Q!C%r{0HzAVrm z_ujr0stJ~WEo1fzm!%lk72*IVePzx|cd@dclY5K|CZjs>;w(&=OW#{f;6sh+C^hXl zYDQ0va}u!N=J8`zP3G~g<(h|jrA@_qesvBKM>H| z^Sj_Tn8?1=nN<0s(DnmQ@Nk-_U zovhsaXg4ZUFc0rjM#OT5QqUK%QV+0wIi(Pqr$?@!6C*ZDecOf$3Q!u+Tm>cL`)LDl+anNCnZLEA4Nx>s@2-^zXp1Zcyn^WkB@28zjk-$$AeMK$5 z(Z7`Rg9&_Nw)t8ieR!pL%1{~)^y~~T>Ufe;TonCHJjU)kVAO}N=VUCVeeO@cxd9=Hd>y|vlBQ%dudZE*jaLu;J=$v_Lhm__0a z=#xozUs~xxX_8bWR17Dqs?d)p2lIza7>>6^eLE*A6>+m`Z&5uu<;>hwZw)=F zuj{_6zAMlcLWw6MBCu*#gPBXlJy0Y2oW zJha%gssbbiewdLI6<-_?zdbQ@zYL8sbXgW2>{5oz^}k0WowVg>GGO_TAv3FIoj%AT)<%1Obr z3R)?LFj;A@EV4^uUBTG&lk*YDtc_xO&|F%ODd7r~TT+ZqcP$C>+~amxmH%;&jQI&f1kKlbCS7(vKrETj%0_EZMFDwL#F+dH#-p{aL~jD@XNJ)_SBMRWUTy(n@d(cX zW!_hAicKMQ%}D|quA0bM(%_2B*6flNqsXYo?0`ke;v|px#s@VKrw>p$+MIk<~x zLO;*4cf_cLlcLc*Oi2_OCi(S*M%(F#G2bq;x?BT2mKi8H%&dtCxN;NRjk{Cd`|y;a zZga;xwJ0?aIwu5E=how(3)VahPgjHX>uxc|>r(@YO3elXeBbdGE;P-ep2rJh_NrCiqPa9z$){g?boh)a6nwV~sXQ+~}P@*;sDEAgs3@>+?VnYVIt zVEA+)pQjnkuiLy7pHFo3EYVydUu^`3d;w!*y_l!Q5?T+}vxf4#Lisj6f%6XgQ()9fS!-POiMZM+)JR{H_8(+2ZjKZ_sNsN-@&p_Gf&1 z{^qqCiQlse^jIYENvI3=%QGUZ!cwkte(iY+^*JeFHJ3WW!rWOCUnCv})mtbHrXK8M z70cCA8lNGP9)43tkLc}U`f+vwT~QE!@7DWWWvGq{Q8ba!Mm|4ck@MtL4JZ+sGB@<9 zYn{@(f@M<=bzE2FMB(!1pslfOEqFZYeU#wx=I=(<+5Tvv!gw=5w$V>{N`HY@z}OQ*O)u-g%VOD!Pq->tYMPL1$zk zd}H0_5kRKly&U2EWY`k7B)5YXO&Dy@9@y~%upSfPI?}7!ng=ymgxzuj_(skgS!j); zbzu>mSv)J^=JTod3-tC2k01K%=i=Xg1KBnN8+cD+kMJ9+->sqT6 zDrIyvA4zK4K{)5}54j%H_1)DCO}X=^SYj5Pkp<)I5)q{Re{6kcSW{`&wT^A9%!rDJ z7#pA>pj2szj0F)e0tzZ6QWU9?CQ_0Jh=>S?5s(_Bh|;38NJ~@%gb0xudQeJ$5CVaO z^z$B^XJ(xFzCT>yA|a>U_ugymwbx$SC9M0pLZrzx?6?Vk=6{IWoZg04#avKB1GUlX zp-uF^50UceeZGRZNZO2_K4w#L@{rNUFU&N_rpbs^D3yWKEWiyUN!I4rLfxtkU+Lza z2OOM9_B)PUg%~b6H?U8M1Mx~<)0$~vb^%#=55<* zqIFELdha}DPItJtQM9-rDPf?9PctqwlHzL;VXT1iWx`r^AciD4i@6!&cORL*`A2qW zb1Vz1XpfOA%3qilj?-V%aO+iydM5E?Jc5@e1RFd)sdS~S?j9|O2dy9&iQ71M4;Kc) z`F-mL&m#z(^qf1L3m!~q?zbo1$7b)=l?TQxD9pz{g@+fA119q%&}BS@F~jX`RQ<$8G0r7n*tD9$+Um9NhT^<3W zzLYw*Dq`cTJJ)Lt@miuNbeFB1yE=)8Wg?D@B96c4=zvwQWJE(2l2nN#^o95cYzNLg zv>*{*Nqdj0RKXBvHgC39hW|ya@LbmVcN`?Z!z4puX82v)q1!7@V&nv~yN$;1J|Bh@ zB;qlpI_IzS@VenOGtu)o0=Vtx+2zlS2|8@v9O zui#(5b=W5k*@vH0u>a%haiwazd&O|dWUVk{$d?%t3f4FUHjT+2d50^>iTDcAA?n`3@@5}myyL$FJdZ#CHV;p!?;O`X z;kWXs!H@%VDlYR=l*xjfwU*|ZGveDExI1>_ee%#%Qfj$P#*AWT`-c0ct;3J;ZJ3ymo+-&8p`P5ekhO*dC?-7{hE2R+ zIqSd%+w7bl+<+yhk>lHeOR_^v=FqYJbjfTj^+g-bJBFm;9NU}bym;|fhmke^+fJZQ z!VbBqo1Yj`-sP=uPA5H|mLzQ{^*D1es`;|^p@o2<2ex2eMmFw=uzIYvR&RgP!K#E} z8UeP}pY7f#x&-wp*%w%`>Xz*l>E=^o$u_#c>Fe zBr+)nI7_NnclB+ox)I8p6oMmoRtgAxiZSmkXVlQiqXiNTF80h&Lb|L_;L$H~?IBSm z36D)MRJyNGpp~$ZaX1>~yhB=-y9jUp=D?;d;wwPz-bA_(efjJ_>)5H1)+rW+FrPp0 zops;ht%mVag}=9vW5<>YvSTIzfgJpbcY#ad%pIM>YyIA9n`;Jqm4BRS?#?suyD~MR zL~JftM?)K4eNv2xwc1>zlu^prDKMs1FRc5F*tFriv>lZ=06SZ^Bac%az60eT!Y@6K zZcFY@%I!x37YdVm%H{d{WV+-eonTI6rB9-w6Sf4|#*5ZKUX=gct1N(F8p*pg&GjJaI+4O+-&L^r8}$S#{g6k=Yf_j}*rH*zEOb#L~6 zWzH`R>bzZ3`48_Ec0cTdoBFI_m(Xma?W0b!H&w} zML6!#MQu|)Rxqo8iI6xD?1cMqWv0|Lxhor&s^+acla*;b=nR-!l(YK2i_lNny=(so zhrg_H1CwZLg`Er7(Zv|ONPPVL^)}jvY|Sb;mhNHdVnI{wRKW=qTMYR=a>I#kb>Tsu z1I*s0yimQvZ$!b(+I)_TUQehYea3pdIsS&-I>J2IVI7U7dClq*hs(zq2mLI~rXQ`M z=ZO#A>)>)fB;M}*PMu8cIR9`1X)4)g)&;hHkMo^esjj$vhtjR@O)(hU)+Got#PR+4 zwr4Z?ElxtbCC2J&$@C7aIu2aDIL2eyJxMOD5X=4`nU1}n^fxnqE@P*5=-o0;Q_x%iy71P6;w&65M z1~JYZ2hbH0b$NzkYn223 zcGeiV;Dv51lLN)Zfd)HbaWZk(M|Og$KQfxp=ibhgh(272fxKIL;qTBp{0OA(R*0=n zV)^3QFKR!>{6AOilGDfw6D$qAiSz(bA5S}Xsn#s}dpxe5g#mUFD^@(j$iBLE;@hqh zKiA~IRdILwGO_>uu;T4=smGqzwOoIY{^n;b8AzOhwG~{FCZ9{ke+%Se7#kkt#5xpG z6plQ=)i3o2#Gin7j4iCqaQ)8u{c&d_{dgSZUp(qb<>gPOSYIwOSzEqq;T0qE@GX01 zB?n4Sd>B22r(XcKpoF}MhRh%M=VHBopCkL#1Pj3cP?5-)U;PM?F;86@Nk`VllP0=% zkt70QFYCJyL6QPr9v6v1u5}*o`7>nzkLgxC7FoYk%)uWYPIWnX33&ujO*0Ng7o%>b znPbc=5rUiNe~ErfLcv8jV+&kBHxwA99}AjebxCN6H1uYeWRRHO91Nf#qFreZKOj%V zkt1i@)+&f2VoO5>3jsh1^N|?t7IXu+2uw)8ki3R(0Fe$T-Q&SSZN^~bcU>93=6&~{ zt@H==Oli9Z>N&2nDaeiaQ?wzP>O;0%MD+>|ix!12k;TLg%yHs#RY5t~N{*V$8>O|6 zreU!w{rtox_6;Lpq5+r$ ztoSPlAb73@8$6-y*%6D0m4~Jwyg5DF(3b*Np0ZEHqxcFjeFfix9W-R!U+W^(mSFIA zw({pTdDjihS;oe~^L~3%J>qU={q9p_=zL@G>L;X#QTr4ZS8GE7Vx_0vvSh`5rgr(Z_bE#A^V(danm_c zLeo)P2#3&O?7OGF=?*`Zdw_olhfXpKILhaFCG@s&P5!Iwy$)F}nQgf8Bl3QZ|2D9g z7Q*>}Qop<9miRQv{Ngkjd{`t)yx`B@FYncbk#-)Fbf-R>KlZrLYD^)*Ke1(--A-RP z-S^^E0mDNo0np@)U3PaJx-i9pforDA!(w=g)1UE|Z&@>&z8rsp11y}M;Kz?lK}yJq z@~0&mFjp@e6}t5mE%ZyY`0jKMwk^|xKZaE5w3g&qu9ub$I?~ zV4OE~X!4PJP`zErow8NtO~s5`HrebR$Yaky_7(2EbW*4W*(&$;tcmo)nhVVv@JR5g11aq(zK(S1XWm(=_M6YMBg(}#W6TALSW295QI zG>a>hyq?5|J}=byu3wL6hGds{dfN>yynK^yasm3*V>Z-Wk{aqjXcZMtVy;3gjic4t zKKxtYWbhmm@T#NcKdsS%-aSux)yd=RPP~%H@as&nKuvA*Wq zNnAFWtpDx#YHnXC^s8+PUB^5l{QWpzh0Rd=wHc~$qw1^>$DFK;y z={CMES2=x7Izshd?^q6M?<1B$?ez%KW#7@e1F`sV5mc0_4S^Cjua))u&khc5L0>QlXzeKuF{6c3pz(&^ng{uETDtC9U0u5r)|I}Wi+fO$*@KJom?VvU9|Ly9W@~5k_ zFs%9oN)3yp0)ejjHe(@I_D}n2i5K2*rB$yD6tl~g5wA|mPysGzNST8nL*WMj2VhnO zDWI0hl7?7&!o1$9{B=_Ab3mO~>He?KIZ0A*s2xP$C%I0iPG|GnMX?gRm9H0I->!rvcn-`23cuj!!qpHl7{ zXZ~>87}}?B5pU6 zc1mg5CH$wd-oOt8{A`<#wDVI%+1o_DTSI-4p@_~5w!H3juW!81T$UwOx-T#WU6m!A zwR@_W(zv98#;WTA%|US~!bT&JBVy+7wu3oOutH?w9bg1*T|tvz1x@EW*gQdYB5fp< zOA5H3-bG&C2)*@uNmJGa1v&+mH#G;n^8|BkAHwQ1Eq-yL(;P3}7}{HyIj%8@3Bv8glWz-$bTjbsYM3b){0ie_t^Z#K4no>?i%m zW+ZgZ{Ryk?i6gte&3wkpG8 z)$CVlC8b!ONt~8ZeZ=inFDl355kAVw{kb^JN`xHfKBC7}YvvU-u5%-Orpb>dbN#sZ zK731jLw*Ozn%IwCh3T&pwceNdCp8_80KsE3^FS6R5L2`Hq_{E5JA7Dei8x1nH^O*2 z6a7so4~&Itoa;9BNpA$JG#*NN#{0L;<+M!4vR33X*|t80$t^mxepc8HS1N2DTgPqR$Sf4Q$69ZQ&m@ zaq8@JyJAQ0_a1?DsPT{$C=K;uZ|GQTFxKx-+y~Ox!a&>#aZj9 zqqx&T^=1!MzrNMK!rW$~K>vf%P5vUQ#W9nm0>O=r0bhUY(COKN1$Q~P$q~RyU?SI-Q|5RFE-h=iIi%+D>CK~v zO8XnMsnl#(eGATicWtuhvQRng3fKpbBB_|kZ!yz8e9&H`r7O0#j}=W-@@xfKKQ)}+ zwE%Ur&6@lCLFAdZcj$H|+V;ZEx=v26f!W0}BP^a=H+!78M_uK0a&&Qe@(rf1nIfl8 zfHHJ`uYiC41>P#XPS)3E-wysGHe;{G`t#)~XIxdHy3~Tn7K?-yQ^VO?83?dP9$8TM zTloWzFIjm#l1rHHF%2xa0maT+=)bf8$-zf;2X%p(c|lmOO^Z#uEWhXuwHJfr7Yu6E z)GYXo5a)by#4TdKXO0$u2SXZ(lGORZUcBqoPNGK-0MZROTO*8>P@iAxe@YFv0Vxa9 z#C?wlX-0ICdWh*11;Zl2W!ct;%~5t~oirSB6i#TMsf=!+{?wi;t+6bMzU~|1?LRua z22EKVq=aZ=7@m7<5~zKPjqRVy?S`9S^Gk@5gRhdKi}Y?XY^axBXpEI4y>3RD_Xp@# z*M2Ub*l;N8qH|^%gX}Tp(1gRaJKmggH>YdhVVZ1jB8$q_OX5a`E%sHP6Geg%yhwr?1x*NWG`y9+}Q(Tm@+&5Q3lZaK}jD+F;%k8P2ub zN{b5d`-ZwP+Q8p1{Nn@t{&8i2slAhxZVPKSZ8YPC=pp29ZIR{L@43yq3wPB(SL)5e z!ADr{%=UfqC8+uuwr5|}KcADRzPfb&6H&M|JsX6o!#-4caEY5iu~lQ77XIqPvq zM3TvpKYTTU=t)YIIBE151d1~iO)lQ-f3cX0*>u#`$oL?pfYeJ29vqfT2Cmqj(1$O*OE<%tWOe+b@Q&B zAyd6BW#3S5aZ)cz*4qf$SnE!h!}Btevdl{CciTTbnN&=EtM$$^0VYo2O@W|V%obabOAx0_#K{Z5(I~3g_qL3}E{Fh8hSFJJJf$qiG}=AwE9>qh zstzEMM-kDTWde0-IDQw#3Ls%c=7M-=kM{E!n+4=fjQ>?vQkB#t-m57{1_Ap>fp*(_ zmh`jdNbNR|xfsj4Z-c!uhVFG8G1UY&G69ov;6Bd}Ozf zzlqnQ9W^PFVm_G=i+J;s-$Ur{U}i`BJQuYtWb(t_|DQxDN`3BYZZi@FVtD+wCZyW* zr#iNf4U1yopB&>eo8}f+v~>VL!fc{#O(BW-9y~Fgb#xp)Q(6sLVEXZf-r%oN93@-o z`BV`d`RN@xTfCmMf_vNq1lI8+3{)x`p{ZC+LZwkHE;S$VrG=Fns1!%qzvHamtjWxv{CkDwhW!{AJ@+YAmh9`M@ zMzztO;{RS5hz2n5jakcl6552yp+y|i9`{Xu;{T7N{`us7>3TzIVBwCZSx7q$cmeh> zeb`<+VueKOtetex`MTw#z-3K@w^BMVPp23ieOHb!2NpxCY3Dw`_R}DKLK0BSgq0jy zub*NDjpGi^twg;0IM{ibI`472`s{c^QlGOusWtSjSf;;tAZ?t$S`V~HE(@y@^=b4v zr$GtSV`h|rTUvdMh9OF!W6jIMZ;cmZKb3sQ2NNYqzQjHbV&&B7a!>_71DU27K;`#i zjEDz#8eZ&|${)WbM*sfP6@Ra>To|cB9bIJ2A_*&B(ROyNxrq5Q{kb<6?*iYneX;5u zD;Z3F4xHxT8t3Y#d6uK(lfQYZf4+wh(Yj?P-* z@WTg#mq(X94yEh-^^Z(u^movQj@-{i#V#bYEeEs;)I7B(*CbDT&f3is63e!b9j)zA zvr8L?Py618>+d{GKvW>pMACBm@w-onYXtFl=bK&Y_!E!zF_S;it^oz&z-c5$>TN8n zvKuja07JAU`9Pnl_0FG@6bbmTO6q?(`TNIhh<~L@wFoM*0a^;Z)`XhdmX8lyvl4$xdrhizA~@; z#rP9}pTKrJZ%<%(o7%M6XPxef<8GE7m;#veecSN>S&V~0VO$~a#Ac}OJ1sYMQ~bB& z&_`EA2bs2PWGSW@8X}}j4!lKZuI2ZyQxMk&fYP2j*qmNC!CCCpXM=FfpmOn`2`pli z;*KCIVf0ff*-8Po4Q3S|{#zz{G8!yu?1%dfWy)dVSQA1+nU_lKXP;Ck9-22gbLI8- zRZ%Y8kC3qS)0@AQ8KwAmY5(r@Iit>cy0{s+#=KhI-eJ0nUMP^`CI^e!Pv9B&<{u}r zUo>gx?k}_wr{vzd3_UWssDDpN$?BA$=^i_wYG1yCey89v({>)7Tj+S8HJ<8dyF7&@ z`PJ7_YCo5*3^p^e#bvD+)0!BSO~Nz2plz4@0y~yDMxl=B^v92F48BY2)@>Uwn)&d% z+`p8WpsmS6tm0_qO43-sZi3@0TOT%k_rdCW**{VX%Rknk+%e%kn27d13vqtu2zQ3Z zr!O5^NR)E7Ug5mj3Y%`7HHt25VTCIO6*t?%X8G!M#4&O*(+14bXchS;TZ>Ze^rmW> zaEs1yD1Dd3#Pg)$(1YkAaQund>W0!NvjQBR;7R*Ta^t_w*whp~=u}uCZbF`wvkrPL z)>Jk=16*utPAt^vfQ^!#!cM#P83cD{LN~LkDwjSZuoOlT?`^IcT^+TLe27}V>F537 z!=_wt2!}A>ETFrE*1#sKGPhtwZ6xX<5nh4w>JV_gEXsi(4$>la9u*lu?@+}@b(;MS7U)sp8 z8-HG8flhnPQ?F0z%U)ZP3Ay2{aX2EDlo|$-CD26pVx09nN-MdX()$w}KQ`yT%*wZ% zdf|_^G7mxTRQCDR61Vr9JmP?@=cmWW%=bEvjicg>k8SS!`Flc^U4x$ZdOmqd%$!3# zL_j_cH}!{P7&cLT(GawGnm%3`NG$EtCjOTiJpo4Wd$ZrZGFuldGChy~bbJ2PHNQWw z^X@IM&waDF7*f3uqj-ed!XhK0$Y+}}L7Sf;?{6d~r}p$y@C{VxWPf12?%NbX1IL$S z{<*}I-!h#vATggJGw<{R^THp)| zAS2*%Qxs^S+C#FEm_rA2fxfPZgkWfbC`4RC5G4!0pCegP#S`tlI|hhy;GtWa-Cw$J zExvkc&t-~qedv#tc}(BEvO=-c9Hm~-Ty57j!!J-od(=1KJ0G{rwBcFG{8vXR@9x1e zkC{N1n!pl<+e}DqCLZctTP-pcJgttaS$EykbNwoO{j%~P^nty#M-eK#F0doG%RCTi z=$#!DGLd+M{(^z5=alY$5iprm2Kp~bbT1|A_s%7VYTYg_c9|rmVh|auRCN3d#)HSb zg8@w@+vexb2}?lfFmt$~WSOHe^b<2KH^%-~o`9G3|E?U$Y59?1Y_J}T4a;rD-WkSc zYR-BBmldOI*OeGwD5zZQEDpBt-Yw-WK?M*!1cpx|v_iqaH;nJ;WhJ18x_jD$l#)uR zbER|vweYdrG6f_y=5q=MFwZi}%XY)xuGbC=QwKxX(~xQi3Anqbno&zQi>W)xO`9_{ z#k<2F*=%ve5JX4`5wlcZ z;TN)7S0B+0HBJsvlOq7_M}Uk6*&+vec<2YkzIn#jj0|ilzNxYEb^$w~k~9O$o5z>X z?%X-+y?v>4zZ%oEBVOsjg!U4dK!K_r&g3AZNoA^5;r5Im;=v_wK*rmc*@$-D#Pslo zz)4uCQtx+()p*S?V4k5QmTPRXs^`JFWdt#g@k^CBZ>p%~1qNpc?dI*6{=%lW$uvc! zqU1z21*B%;wFil#cs%JC8sv|50WG1`A;?oe7cr3gh*y&%(h_@c3)!QM$LKcEI@ceS{c6??><7H*(kxm9NZ>;&^_8?{ua}!>WEjg3Tv8**=ou5eUz131l{3 zNgj*ET0K04m3+;!6S`M>uL?;Oz|pZn1|dU!yeS+*4rL`%2GC`wv-0O9h4Z#$w7i-E zVXEnGujUIKLt}Wh#0%2|*^coA-Tx+}# zhy)E%X?oBU$>t>`DrC&aMGq!D02=)CBc74@*F2l&IpKeVKA>FROZmZC?fv%pyFt)x zo!ddxyA&IOZ#?wrOd%^uCmx%U!)Yq%sIhW0IC!7(eT2b_rJ!@VBs4qOTj^P{Qe@}m z^NO*JSWgyqD)dc$ciRSGEWBo`ZknenPw9wjIwFrW_Y|l32)RRtr6n*{H%$|~s}M(s ztP7*Ntovj&dF zS9t&g%kEB{fYfcdS6ico0e568%NC> zVZEEuKD@^+i!@%YY**QLN7<^0r~YNyvyUsDWN7lLy(2;t>Q%^8`0Y@8 zUx%bf@^O=0E{r8+ytH0WgEQLw*@^d0YBs$7Z1aqC9pYswd$eM=C23Nn=``T~U9)-U z8qwcsTUAkx0*TnBNBWAtj(c4)m>bGSy==u%0k{rG{v_RJ&?IPfeO6jqo6*Mz>%WX-qJHaE(L z%zkKtB%bkW%`vkEbO1hnX4+i@@@;uGajF))>?c;eDP{RYH5{$N6 z$F<=B;tTl%AH7`?T$?Ur7rg?lB{U02RE#~K%rz%}L(Ba%MYf{57|921_GCnO(QM1Z-4^_Epo{1E1XciZ#;C-*`6<;PZajHYG)6W* zj}k@(w#BfuCY9Ld^*@G-hW(H70*~Upg+zwx>Yko`Ie()NC=jR!nMH(wLgjQgzbka( z#z%fO#$&Yd+Gox3(p3%C{Y@5PS>b1~b35S2R7F$b<1K_!JXSvRQyKk@1ll@qx>(tVv$P^CJW^k%%@3T$oHUD;@+|@ z;W`3Et$lf4VIKcuGJ$OIX{c**$>oItFe4-fro%GjmOU*VZGi2%%x)%qm~)4LN$#l>PWWOuPXrUt01-$ z4?CbG;nrU$Pvc($?tn6>Nqm)0F~1i8SoludEhZzLsC7Ze&YZ|&Zgz`uDmA+h`}NfZ z;KKOXw7P-MHcYq`75R)RBm~%L%oN;sD7KxbxlBw43J{oM#4RtFqtnGgq>z_9P1nw} zlU^hjVn%x_p0bjJ@CekWvlH$sA|mtfXWNQ%Q9h!;fI^>kj4ty6cc2MVg3;$DiwPN| zq2v zbebyXcn41!H7#yBsu+pCp6t`%y-uO&Ga|I(H0)Z!X@f>cQ=H8boqi<<*ZzQ|(iyS@ zfP9jpB&1nL4_O*=-5CODg!m=M;9|bY;9ijS*N5$Xs;T?+`KCDp?0pTj>ZRejMkVF> z^XW2kgpmCe&WR^c_d?ILyC{{KC&VVV|kTnom$$(BvZmm_32-;RW=^a-Ht+AL${!aSH zsuwLbQN9J{00u=UCL?2%X77Sl6yCC(*Kz)7FoA*8G7>v@n+OUK*KDTj4Bb8Wngno! za|{ZS(rK}!2gz38lq}6}oC7pPP%Fz3Suxj)>v;4EY{&JV%*N+_T?d%x3zX8kvzlfu8Pb164DN7I zqv=ZS@Vs^r0)>huS3IkvcB`!7G%O|VhV>qVpOId@`NGrivpAC5~#~D3R|XpUs$Uj zW!g|N<<8!D=U&tzF~i$$2t3$cTQ5H6nla!@a);;karp-vnvW|S`s0mmvx1N?x!nl; zhkVJg@h$LXR38EaUBX9CSP@t=-j_A*9gxbpa0>$MrbKEUnGxm*cu$gO<*X<~Jq6Zb z^JatS*Z7Yh^wv`qD-n00stibrJ}*#iHjFH3PZiOH(wj4)fhCvF%i_X*V&Q_YR_2Lw z&~_ll%&BY*t%KO(c$}yb%$loNv^tEdKr||LWU2ukyeXCx=>ZN?ZCGj-60CLQ1BRHH zit3P5)sj?FEPRtiGK;;Pm`7ehffau{?3-vpxU`QgGqxa6nUe z92!`js%+!qo2Mi!9(QL87osmz%cpGH@dGHibzB-&+Ot(x&TE7L2%E~cjt)Rz4ocw_2KaLv9}s1;DWmPXpD9L{&h!{0m7}uR z8_`T?@eNgh+T-7evF76Z7pQz%&wP~;vH5}A_);}^6)V5YOOJJOCs=yYy}$lNGrnKB z3^j2x5AwskeKjs<4;{RgNtA=T$AS`f?ca}?1ve>0T7M;$Nwly>PR$;<_(PbWHWZh- z2=|&=m_7V9?Qu)tz6-d?WlR%Ct$SNr=+~L4cvhUy8oO{!QXu&lvtck>FfMxTpO$$Y zPQBERD@kLdh(_9OFbhiJOOE#|S6bA77=$S^-NsdO3n{}SW?Clud?A1;uZ+OamZfiL zH$&ZXtf8M}_i`(nEkC$3lBK%dK zwX;pcx{_38{#b(EkOcwXpAlp>7H|WMpxZC_gcc`KKIh#q1LFE2WD5Hwhv`K-1Zj3o zM<~!7ehB!&4b#oiX5p_5`GNkJGS60|!S=rfnrQzh=^qX-eLi&l38bDdMR4gjverRk ziXBj;jqD-o+l6<%pWi2#ax^%;bCvhiv9!9jC;BB#;AoD}GkkC)bAM2R zoxHR-XT(S}61N}MYaZvuFUDFTF#EwQWvsTc?6Lz6H{JhS)2)Oy$8;f`mYBSJ`xx`l zu+Q(A2KkDmHbbYXq#eW0Ql6~nCha#Kf9^#(g9Z*e5ab?@4%9ilaGza0 zzq9}gyPvCAAJ|Sd0Zc@Aet8RH0lO&xUFO^hKIsVdYi2pn(~r-^Zs-N|Q z(k9r-_36Ej4{-lSKZXgHp`J@##DL!@Wq!yRxKLY*Ri$&RzH4DsVQw4X=f$561-VZ% z;Nd$~-J8kne5VabFY06LUo8u&giKyk#;dB8PA|j?(y$l=ZsSe{m#m7DNhxj8-CMzQ zPp1mHXEZ8orSxQ0&V$}H&%D7BgpB4cw$hE=Au#}4e82`Taww!_;K8Zzq|T}rdj_KR zdq|!mN#@`TZYFXo*{!#UjcZ6?cOIhgrmv?z*P6B&FHruy=#C0s8xQLKs>HZU`%S0_ zFWOgla=d>9*wkIqkABrz;Wkgb235*e#V@7?6;086iNnBs+W6b=q%7)D5SA&_crNLH_Eo9v4wa@3_clbEE>I}HRW&tT|cH$j6Xt3 z+t%V?KHJRM`Ocj6MaUjEblfkzxd@5S7h-G8$E6KZImw2~8(6u<%(RfygGOOfQQ+`0 z7kF%!i5_L0BFNiyN%;CJj&CbY-DG791ppAF(lI3D|*utS@jXA zV%9a)&yn0Pow;+zRx0i(QZfy2atfc`zw#i_U`5!$UwafEo*nMcez3Ir6^}#)?qTY1 zk1BOqj0#0xfIP8xVl+6%&An_>YOkbI41aUHyv$&4c7M@Q^hU4kMYeM*=-T)PK#G=t4<;N(*Cah{=oF6!qeP+ECFWf`54O`7DaXfnIoLBQ!-9y(S zJ!HrJF1Dv*!_;qmSK6-LHy4rY>pLveGjhIIv2)W^yw1@;DqK4K%6v~&@$UPok_^R5 z?se}c$9z6X*yP^?jO|cy43HfeiuvsID0QG058{Eu9HliiLsx>ukxApjdy9=G)iEin zqk=Vg4>=TV;4&6>HR{^egQ5}x85`7ObW!z$(yd~pGk&rhJ?Lw^T$N38#~zJLdHW>t z0keaJ(!4XyOh!J+@3vgtbfSHRNlX`y!9Vmm3 zyRmg#FsBY=IB?{2<2M6A!eBu;znl49P%}k(1@}f?rFFIt1VC-<(&AJFYnY!YCNET> zjHIxThU7d$QsU8hC0cLjcQ~SC=Gsx|5qmZ?!>Cq=J#g4KgrnIeL%&+@xOn+7iN3>c6U}Z z?K2Xr9SxcHz$*|)m%I1t>lN!tH@jEuJNyBcbGN$F5N@zB#{9nH$f31yw_={H^7y$t zb8K$!rr$KLew&nAXKtBeaGdv)?O1w(IjeaqT*{{0_5}U)>i?Yf+f4@GGhkc%_KwCE z+Ez`UuwVE^i*HBl)Q7Z~2X6gA4>C!LZx*JCAkGlCTN*!qSNx~^z2suy(*AX5RS2!Ub=ab5q$W9~FFqJ z4fT@N!d~jMa;oRQGQbgNXtBSomPEp;nuN5l1Fh;LD52$7jY4c?P7&g&WW5;7oDXny zX5_vjsEH(@LDuiPelE18f4;XRmDl{GsdIlv4k*|pnPh!3e}W!O% zG1#@!0#E;Bg4*!t-TD!9u(hBM8`_?W8`hb8fNB+Nmn7&_Yks_#1ZC^*(VQBNhB+_SGHMFWX*_zD@;mSQVHI z8$KwM#4|~kzJ6M>Nk%+y66h|YQ1d@vt|BCcW$`<1{Y$>^`&$36pOBAaaSk;fP|s_t zqSFk-aoB>zE+~|*n%PBh+nC>A;&o;HUTHT}Yc#*GImG6u{Fj~P)G``QZ90!^ffcym zpe!5rhdma_Gohl^BTZCCGZ>4W6QLLvL!UCy$l@q_E?_^E@Bi3GHDR%R1GJfpE_iaW ze_GH?E)^uIXZv7DfM@(o+8m(-?nv2xVw@s3?mG2&;k?q-!(EHWB%C8A2ug<8A@CRq z(IM!p;LDy-(1!3r1?>>5Os$8~=fb8H!su2c_o)_S%)0%PXVU&@2MSxcwlvEmHMh!U z=ivD#;>Bm^0rQCsQCiq7IO@P6SK49ziH-Kt9I&ksy|<}7>oH_oRQ>{cx>?jk{H^|t zexHS$T@1=x7-9s5+P8M{F@iMoZS5FTcG_<8V!m06#1C&T|J_4vcKdTDEsM(PkIxU@ z>C_2VtP}7TED+-~O%p1;p=r9h1juRZ7A(!g+)xbp^kC+M$IW$Te`%V~Ekx_Feixn< z1~x84zw0uIv!s6SHA6z(0#`;p7`leJ%>6>% z{p4JL6*Z5xLEnR<#$@%%EMzbb{}R;4pPL@o|7Iutc!XjH+N1E^S^g9CbZwQo(SR~& ziNqV&zx|xXVlfqCMyjf{gw>N$VjKCFxsmKR!k@R%wPH4Ji>RjU*Z!=Zv}Nz#pI^() zG8xRZ0147GboJ#m?pk4K$8rtV?F#v2QnUH+nXm8ZHw+>#@L6}T1K4llqq;G_bt|bT zA3>TWJ80rWFhIUb(t~+&KY_%trV7tlqH?q=lw#HGAsO^ zy`>R~K9r~549y>LwJyRshjVQ<;=3$qBN>qg}ot8XB7D%DQ zh3%wrF*xppQ6mbr;0NHo#>IKz%C-cBj0Gx}++bN{n#a!?kG^|N0brFK1j;T&f5|AzWP4KUO<58ve`EQ%MPC^V2J5es$1LNrdY%}f*oWJ*xPe!cBfhq}&p`D_Ht97QPU ztLI?~CH!&b!bGV23p}BZlPm$`XvX?nL@}n%T{ty(pjwpi3aJCcp=9Q1b@70<3-DS3 z)`QOQ-mSqtYu+ihw&(cCuP$d+&=V9ngj?sNa#;*IX-X)jR5u21#0`d|1nRxM``oDS ztoW4B&Ie(T9e=`vw%Kg>LMiZTU4i(+*#UU>@P}&TS(;Hu)O5{C@2HugZvHS6-yK7f zjRHLlAFI#ZGLnWkCgopll$K1GkB2F8%;nF1yB0E3KPhw#1|&KtqQf00Uuj4jZ*cP> zU_WItua=OR1X z&Kr6#SrdcSGb)U`9zu`tkkoG{J7B9^a~|E1%`3{YSXs z0J}*SRk%<+ku~=GPKnnzi>zK{0*E?H25w&Y@l8;8IgpO-brH&@r`rVdJ|SL~lM5&s zqItJ@)!($I*bX3+5d(LdNl1H%0^{s(vOFb=#iH7*Gk1rR7M1{s84E|7ultVaT%t3a zU~5U`Y%6BpoEr49nqq@vcN2Xv71Uk21{-PvTJNjl=09aMe*~*qufW`fMuX+E-u2&j zjUY)5&sp^Z9s-6gapEa>CIaDFY&+3Oow5qe@U%U?qJ`aWPG~1|kp_{uFW_AOCxFW$ zAzK5#?ytqFu_k0fQh9QB3|wd3vKM%nyG;vqFA%S8$(Gz208nroUa&ozh)J8OgBA>z zepfDZeNCE1?1$ip7+xlnHnhh?l?1PVcQ9&g9uL6W@}TBIXW=zV7MGae` zeFa?zv& z$8nV)SWKc>?PXCI!o?DYoMw>~8^Xb@a-3ber{C0pcI=o3D3LoXN6mB z?N?ksdeP8hj0_p~b3~BPy7_)pY#~FKKTRE4Z82~79`lms4%}a#vXH;JpH+YgM&%Zt z_Tq>g@8gmrzBIRTwfWI(c}A(nQvOQdyoBkT5n^IfM!^yM%V$U{fDgoK@ebPSI$Q82 zNlki;!-h#J17(vc#>tpc>Ljj|EhBg!5^E(&;4N<8Aa6oy$;avxpklGOcUw40U^MC* zdMq1%%TZn^_9Fr7!=k_IQHed%Htge1hN-V#;uevrJVf6i8iV={_V8xKVjWv%YOQCY zx-M4;(flK)RU<1xky!Q^o@Ymw_RjRaw-;_anq`aM+y)`q(3QtF1L5` z*^t$_z%oN^O!wl^IMwSw7K7Ay_g1avThpJSG0AY@Es(^vbxpEOT;wSj~YIaZulDqKQQ^yv& z`BFr0k%M3}SOq7r%Q`rd#&9TgkrBW0klx1cL z$<}1cmKkXgV(f##WEtCFEVHlA*IDj!pZmH0gXfvoyyi7Oe82OZ&-GcZ>v~_;^}ezO zuJ$;nFIGUSmhZnnWl(fxX}Xn*fuzH*;7*3u2SvpRwy!v-NI1fXH@g6_0|DhY9IN~; zL~;%i8wra8qw0>}4I&h(LC{4ss;pY=;DZv8$S1>o5-EBI7 za}6t1rOl!R2$Q1%`!l)1C62TlsE^q1{fkI(k@~BE#?u_JMPZ2-gngmXqmz3Ow+1N{ zpsCdPF79i>^obih16MC}#azaU0{98F?-i#0y&WXSVS!F!Z#$wusmYxT94uhcb8u;g z2+p(AY-6YCq{CvM=a(0(6Cs9&yIgD1w%F^g+BZ z{hA-gSg&CwxVx+i@??e_?)`fHIKMgs{|X0D>tKFW^c0c00k+2nt@NcV-6AWnlh7O& z*}}if!Z_gvG$x2067~JU(Mj_aTptCaHi5G{F@1PGUi7otv|UC7BXpPU({rT&{Auz* zd4|2=Tux7EkJ~IqmcOvy1MO(r8AcFfPuV-6TCLzebyyB$Sz_kYZZq__~ zWM@cti%!L-SuzgQ*AXCkSy4pOpMt%}{!o7~<@k*hUQI4w#PeKef&PRG&XOL--r_Ea zzqGSAr%qL-2 z?{ey3nW#eZc9A@{VlHiYumvVSjhBr=p3FK=J1~k%LsC}t5EEftrxVX0+C{5QJfr#& zmi`swgvhH`C(y40@X zV7beK!c?05&rR89zbR;6d|-f|zCXNSq6?n6iX~0kS=ChtMt&?Z5xhuL`_I~UZ2ML6 zxNL0|SCZ&<&-w5)`aGZEFFZ3B*x#(zA1$~xl#X=dQqd}S^JL}Vr9u}BdFR`pVnoWW z{W&d?3?|d(gS;lQFCsqAD4d^Qmek_tWpg#B_p^ygyoppvV_NSgvf(SlWOJ3Cr7h-) zgMenQ{WuRKC>d;F93>O_9cJgcAIg<8JovO(t?Q_Cln?AXjGRkL7u|i&PusImvlTyt z?Z|+%dihXHg(**3)4BT7@M?!N#`M0WR8EiRDWlc;7{-cF1$@h8g7~=g{8QIJePHwY z?e_3A9*H|U1IpAN%HWi@ICK%dv+AB?NP9}Jsgj9h-h;^4MEgeV3EI4%?YGwfD0^fJ z2GiS)=xY*7L^^Q`SQ;XSh10y1_mDi-<$*PQaslDSUCjLaxZIL#GXZk3B{}d3dU&l> zNG`taSOURsA<&_35gCNgBLJC^3t0)DvDdp_%Cuy(UC^L$$fd zf_kcyinGAd@aF`)h3?ezcAv4yM1w96~_p>sLDKs3M!@!6VRCzSRFhe14 znp9k8zXFoF=r0@+G4=B+SH7kB%Uu_SHg!FO4eMof!V6JAX&B}WN@!WnDLV113_+T| zddd1quO1~jKX_}V_zlRomNZi?gg;aB6RB83P|=zcMZj{q#d}feZj)M-?UkRD^@GML zn8#JU#0zElH$}B3v2ROMYFCHu_CY)ryd9A(ULxlG58`=}HMv$$Z$&?$Y9)|e z#?fjL5##qI>@i;fF^oyfGiqrFZ% zuMx#UyZc4+PUK7!#DelIuRExn^RgG$PiTLCj2uu;h9uSBx-)Cs~B~6lqt4=z3FhqkLlN!Vx{Yb6(l@5C*M9U zNNvqc>xa&s*`v3gt6x6rP+l4%6)c=L?T-{OF76Sd-;Nmy&0Lk4af4ueUrpg1B&5OF z7FU>Ze);0~#vlJfP!<3li3z#QV!05&5iEZE$dvv*ay!Z}f zV{{(q;{-pDtvvD6lo%f*gU=QI>1;QKOR66APBB?<;olPg{-nOrJ@8|^bGGAJ< zE=wkJxE6o02a5Y_a0wQpP7CaH-ZOj)O@wvg0$L~ocPI-A;xWjYYi=O-yKDF{%1u2& zPN$I2gU8pAXqGcCr3nPkLt>Qnef!c=TiAkSu zFyQ#vsOb#S1_PmzA%@EW(S*m2jTt;94f7Mk0};1Ef!c{V0^png_h^P3hoUvak54+A zmEDXMBm_b-=~#>5mIGBUZ&`1H?0e+!JR)=E zh%e}P_h<^i^VaCk%3v; z!M?(R0T{JHf3SD{kZ~xgv&wo=qRIq%9=yVDOMQAWH7%75q$G? z3C0&C$~+@J?hYfM0x2+MRv7XbC0|O1U#NN^n_dxf#(Tq`)KFPBOaWJ!UPuEn&jVu5 z6N2)UqeMs8o@+T3c7|AH?Av$SOR~194c|L1t1hwAQB<#W4#Y;jnSxFB?HqhQuZx3+ zvF9@^AH6rv*dN>R0J)!u8!}8LTp)LYGznvXljV{8S;~m9cgXrxI`RbV-FgHkwfTAI;SL#FLbv-CiLX8Z1 zYrO-a0lcxT4&kTfD8%?h92MqMc6;mian1>+qfo&Y{q*N1xJ<6Ik?%qt%7r0*O9)~s zl(kjigyX8+MV}r5%-xw{hA{93X21@@`;bJ1`CTa^_6c|LBUoYnQk+}dsNhg=r{rIm zR@ZaaLM0ut56172WYJC6$+F4R1pT1SB8LZ8)Mb6J$K=<;8L`w)jB(7pU8!=Ykw;uw zc{ob>E_~m@AL~gQ!D8-3jGBCb$Brf9*IXK@O+SD{@L4Hf)bA;Bvs%X@K3=NJqCnUyp3p?1t9dSFFeC6qey%DC3~dc zYq{57I9hb6PBIXAy54{EBV5yr)nm(p#;AU|4sXYHOjFUiaU{iEsb>s9ZAj{y3{SWP|BfDp%T))^_!;spux*O(Y_ryuwdN48) zV!|&qD>!zxAR~NsH5S-0gYDv8ji*7!RcWAOVyacYZMtZ z!J>N9*C|IP5N(ACtd~MXTq#+RQHp_6tLN#1io$9q_VZ)KnuMcVQ+eG#RatcV@nk9J zxcZ$HqeOBDvDDy__3CicEr7ozN8N5zE`8eUCGi5p;u*UPNHec*Sva)3vYc%}nTu^w zz$(RdxqJEFCRIUXT5U%r(0jS5f;9v`z#{IFxF}~7e^+$O{{o>TGT1uR=B(qv1ElE_ z_x*+|#`7$ownF}z*==~2xIPf2eMsBT7}DU3ss-GYHPN97Lrrz@HOcA>k(pFOQj>oiz^;9>=$e=!Dy#rFniZ zAhurguLs4~#1=?nw#GHgN+68j##MVqOmmpV1)_*x7-l`VEqs;knl*m%@t?eXjjz{$ z@3E=`gP@hzTn<%Psk2_V+ZX0FBRjV%wp5GLp|QJdgujZTRZ88zRwlGPUd3=Gpp)mW zM&Dfn{iW7G|GI~3pufQy=uaNTp^y#bRVf6k;|H$!*(|Wh-W-x#QBUiBhxaDyS4eso z-^2A5Z0JmVFNB2qi0UQO?Km^%IMQ>VGA^cL+@}u6E_nAW=FTCMIr+CmOGIr8YOwi7 zg+JjirE~+ZPFvxTR2cp0GBf$;4B3}bCMsq1^}=Qg^fKA9-9vuoL$I`;Bm23V5$E2y zDKU1Jfu>4BTzbSAJP$tPkT4IYndHGML8&fbz66G$4!3<5BYqN_vzUuXZ7ae2jOkSo zh(nyJXqKH0-qk5#@;B}eND1!7XE#4-TZ@U>C5YuIbgKLj3oRPLrW_)EPpGQs2r@J*fJzq|W1QUPmhB|-g#@}|stq&q<5m$iim>gG)4T&j%}g_Wlh<*`QThK&0; zZiD+&=Kq}1HSQ{$dlYu_^}vnuVj*4px?k*ECU5-DsQj9B^?MRP?W6 zDbF7cl2C!yeWsT|uoR@WT@^K%niDrmotQOBeJ#5I+63?nji6eI4O2!rz1jlAi*(EZ z|7q*ayi%g2Xs_0toD+#1GcteiLIVGEodh8vI!-#16V-ZSs7>+QTcvL`o{kLaz^5GKBzJ-nnT&&aS5MW9)*xI?8q zoWl;9_lVdBt8qT!<>L(sntO&7?YF|htD4Cl4!=wz$QgaGBBFBA%AJ~^t^2QtK3sjB z*n;HS){LT)rhNde78|oTm)L?=qBdN{6`BJuxFR_Z0;odFO!O7CP91Y^$67LOj8zAq z>qjPUMexJXX!ra_>}h1U>bob{%{ddB+*~9y)~4g%-VSbi42lm#Z*sy%e(TP>^)Z6To%CH^tgm&BR}UU(*AWE?4=B@nEOd4j60e* zL^I^E#qJiLZ-fV#VR2p^!O54TNUQ zW8Zp{d(f-i|Kbn*OMa3P3D`%OHMG6vJLq(zQ6BUPRpA9EK2gD4TYWm%v`K45hRZj7 zvi;d}TCV-+`Mb6}lRgL^M|IYx9k))>9wyMWlTrzva$-tHEtWT!)zL9^vA^ zPXViSdSP>ZRA#mUb(?POsaO(toKC4K))#%o{QEl7x{Z`9!CG!Is;SyS-2j%fn6#5| zBktIIX2t|kVgj94*p?$W8>?<)@bcwybo|wV%F8!_4%QoGBTY{MQE*&lje>?xQpQc< zQ=pL62)gCW&bwiykL?a1_xE{Mi%+gJ2TyU@0Cnq|*7W|0T&WMMnmnN%a7#H>9jQRP z4&DIWl*v#s->>^0Mc_5RNO*Q0c*{u^npBz(Ywj7$@Y@AzzJ!YteCQ>hbAQ_YiJK$| zja=IA_=0sPh@Wv)xp<1oSM+KkxkiRj{d8ji0AdcdyOl<}CMs9ye@#>JdSmZ9Uw?A=fDTeP+uUfu z+G4Y1S9aNG61w06y5f{njQSEh4SaoL>VQP*KP0>KLnhnAdj*bT9hk+<*KCdw^<{_Y z-QymXl`o!8!}cM6@xGIZT#7^f<1Szg-;R*%P}N<=EZMDpgqtoDl()`pHoy+6KGWnx zrK!uQer)*3jbWlC`Hurb>s@^Gsuc8g<6$YSOOX$wwpn$8{?-S7md>lJrLJwwIfK1# zD*c}W1uk|$ua8mR0DXA(Zw>UvjlX~H20U@?)BBv@TyK>c%-oN~p zpKgr$xXw)8{8{PQx_3$5NB+wde?46N{~!Jj>HOan`w=A$ilvNL`jV4HS_ix=EiRsZ Jd+K`3{{a1$XEy)< literal 0 HcmV?d00001 diff --git a/docs/verify-certificates.md b/docs/verify-certificates.md new file mode 100644 index 0000000..29fc186 --- /dev/null +++ b/docs/verify-certificates.md @@ -0,0 +1,24 @@ +# Verify Certificates in Master-1/2 & Worker-1 + +This script intends to assist the verification of certificates for each Kubernetes component as part of building the cluster. The execution of the script is straight forward as soon as you have completed the Lab steps up to [Bootstrapping the Kubernetes Worker Nodes](./09-bootstrapping-kubernetes-workers.md). The script is named as `cert_verify.sh` and it is available at `/home/vagrant` directory of master-1 , master-2 and worker-1 nodes. + +It is important that the script execution needs to be done by following commands after logging into the respective virtual machines [ whether it is master-1 / master-2 / worker-1 ] via SSH. + +```bash +cd /home/vagrant +bash cert_verify.sh +``` + +Following are the successful output of script execution under different nodes, + +1. VM: Master-1 + + ![Master-1-Cert-Verification](./images/master-1-cert.png) + +2. VM: Master-2 + + ![Master-2-Cert-Verification](./images/master-2-cert.png) + +3. VM: Worker-1 + + ![Worker-1-Cert-Verification](./images/worker-1-cert.png) From e7878a2d6ccf9f651330e697e42f56f8879ce337 Mon Sep 17 00:00:00 2001 From: Mumshad Mannambeth Date: Tue, 19 May 2020 04:16:04 +0800 Subject: [PATCH 43/79] Update 09-bootstrapping-kubernetes-workers.md --- docs/09-bootstrapping-kubernetes-workers.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index eeba698..3f35208 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -260,4 +260,5 @@ worker-1 NotReady 93s v1.13.0 > Note: It is OK for the worker node to be in a NotReady state. That is because we haven't configured Networking yet. +Optional: At this point you may run the certificate verification script to make sure all certificates are configured correctly. Follow the instructions [here](verify-certificates.md) Next: [TLS Bootstrapping Kubernetes Workers](10-tls-bootstrapping-kubernetes-workers.md) From c7d1f0a19e8cfc27362c6b7c2abbae87321a5b95 Mon Sep 17 00:00:00 2001 From: Mumshad Mannambeth Date: Tue, 19 May 2020 04:16:20 +0800 Subject: [PATCH 44/79] Update 09-bootstrapping-kubernetes-workers.md --- docs/09-bootstrapping-kubernetes-workers.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index 3f35208..2aff5aa 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -261,4 +261,5 @@ worker-1 NotReady 93s v1.13.0 That is because we haven't configured Networking yet. Optional: At this point you may run the certificate verification script to make sure all certificates are configured correctly. Follow the instructions [here](verify-certificates.md) + Next: [TLS Bootstrapping Kubernetes Workers](10-tls-bootstrapping-kubernetes-workers.md) From 6d8accd7858ee25d5a741608af8361be273a0f3d Mon Sep 17 00:00:00 2001 From: Mumshad Mannambeth Date: Tue, 19 May 2020 04:20:31 +0800 Subject: [PATCH 45/79] Update verify-certificates.md --- docs/verify-certificates.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/verify-certificates.md b/docs/verify-certificates.md index 29fc186..c9503f9 100644 --- a/docs/verify-certificates.md +++ b/docs/verify-certificates.md @@ -1,6 +1,8 @@ # Verify Certificates in Master-1/2 & Worker-1 -This script intends to assist the verification of certificates for each Kubernetes component as part of building the cluster. The execution of the script is straight forward as soon as you have completed the Lab steps up to [Bootstrapping the Kubernetes Worker Nodes](./09-bootstrapping-kubernetes-workers.md). The script is named as `cert_verify.sh` and it is available at `/home/vagrant` directory of master-1 , master-2 and worker-1 nodes. +> Note: This script is only intended to work with a kubernetes cluster setup following instructions from this repository. It is not a generic script that works for all kubernetes clusters. + +This script was developed to assist the verification of certificates for each Kubernetes component as part of building the cluster. This script may be executed as soon as you have completed the Lab steps up to [Bootstrapping the Kubernetes Worker Nodes](./09-bootstrapping-kubernetes-workers.md). The script is named as `cert_verify.sh` and it is available at `/home/vagrant` directory of master-1 , master-2 and worker-1 nodes. If it's not already available there copy the script to the nodes from [here](../vagrant/ubuntu/cert_verify.sh). It is important that the script execution needs to be done by following commands after logging into the respective virtual machines [ whether it is master-1 / master-2 / worker-1 ] via SSH. @@ -22,3 +24,6 @@ Following are the successful output of script execution under different nodes, 3. VM: Worker-1 ![Worker-1-Cert-Verification](./images/worker-1-cert.png) + +Any misconfiguration in certificates will be reported in red. + From a6211e8f649409c91d33730849e8aa50491425d1 Mon Sep 17 00:00:00 2001 From: Mumshad Mannambeth Date: Tue, 19 May 2020 04:24:37 +0800 Subject: [PATCH 46/79] Update verify-certificates.md --- docs/verify-certificates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/verify-certificates.md b/docs/verify-certificates.md index c9503f9..123ba0e 100644 --- a/docs/verify-certificates.md +++ b/docs/verify-certificates.md @@ -1,6 +1,6 @@ # Verify Certificates in Master-1/2 & Worker-1 -> Note: This script is only intended to work with a kubernetes cluster setup following instructions from this repository. It is not a generic script that works for all kubernetes clusters. +> Note: This script is only intended to work with a kubernetes cluster setup following instructions from this repository. It is not a generic script that works for all kubernetes clusters. Feel free to send in PRs with improvements. This script was developed to assist the verification of certificates for each Kubernetes component as part of building the cluster. This script may be executed as soon as you have completed the Lab steps up to [Bootstrapping the Kubernetes Worker Nodes](./09-bootstrapping-kubernetes-workers.md). The script is named as `cert_verify.sh` and it is available at `/home/vagrant` directory of master-1 , master-2 and worker-1 nodes. If it's not already available there copy the script to the nodes from [here](../vagrant/ubuntu/cert_verify.sh). From f1ab700fc2872399e4888ab086e03c00e0f0a4aa Mon Sep 17 00:00:00 2001 From: danielalejandrohc Date: Sun, 31 May 2020 09:01:10 -0700 Subject: [PATCH 47/79] Make the command to work straight --- docs/10-tls-bootstrapping-kubernetes-workers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/10-tls-bootstrapping-kubernetes-workers.md b/docs/10-tls-bootstrapping-kubernetes-workers.md index 2f2e1d1..f7aa8c4 100644 --- a/docs/10-tls-bootstrapping-kubernetes-workers.md +++ b/docs/10-tls-bootstrapping-kubernetes-workers.md @@ -40,7 +40,7 @@ So let's get started! Copy the ca certificate to the worker node: ``` -scp ca.crt worker-2:~/ +scp /var/lib/kubernetes/ca.crt worker-2:~/ ``` ## Step 1 Configure the Binaries on the Worker node From a5ab87c5023167b7f5a0d6ebc76528e6da3f0983 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Thu, 4 Jun 2020 10:37:45 -0400 Subject: [PATCH 48/79] add missing = --- .../cluster-maintenance/backup-etcd/etcd-backup-and-restore.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index 84234fb..468a6c6 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -45,7 +45,7 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \ --data-dir /var/lib/etcd-from-backup \ --initial-cluster=master=https://127.0.0.1:2380 \ - --initial-cluster-token etcd-cluster-1 \ + --initial-cluster-token=etcd-cluster-1 \ --initial-advertise-peer-urls=https://127.0.0.1:2380 \ snapshot restore /tmp/snapshot-pre-boot.db ``` From cff2dbec74b9f040910bd8a39091bdb9621017be Mon Sep 17 00:00:00 2001 From: Thileepan Sivanantham <41337294+thilees@users.noreply.github.com> Date: Sun, 14 Jun 2020 07:49:51 +0530 Subject: [PATCH 49/79] Update 02-compute-resources.md Fix the issue returns by "sysctl net.bridge.bridge-nf-call-iptables=1" in latest ubuntu versions and number the tips --- docs/02-compute-resources.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/docs/02-compute-resources.md b/docs/02-compute-resources.md index a06c070..852e03d 100644 --- a/docs/02-compute-resources.md +++ b/docs/02-compute-resources.md @@ -73,7 +73,7 @@ Vagrant generates a private key for each of these VMs. It is placed under the .v ## Troubleshooting Tips -If any of the VMs failed to provision, or is not configured correct, delete the vm using the command: +1. If any of the VMs failed to provision, or is not configured correct, delete the vm using the command: `vagrant destroy ` @@ -97,3 +97,11 @@ In such cases delete the VM, then delete the VM folder and then re-provision `rmdir "\kubernetes-ha-worker-2"` `vagrant up` + +2. When you try "sysctl net.bridge.bridge-nf-call-iptables=1", it would sometimes return "sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory" error. The below would resolve the issue. + +`modprobe br_netfilter` + +`sysctl -p /etc/sysctl.conf` + +`net.bridge.bridge-nf-call-iptables=1` From 23f1ae5cbd594fc5d2bc53c307b2f273bd0cf609 Mon Sep 17 00:00:00 2001 From: Mumshad Mannambeth Date: Tue, 16 Jun 2020 09:01:22 +0800 Subject: [PATCH 50/79] Update README.md --- README.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/README.md b/README.md index 58dfdab..9627793 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,5 @@ > This tutorial is a modified version of the original developed by [Kelsey Hightower](https://github.com/kelseyhightower/kubernetes-the-hard-way). -This repository holds the supporting material for the [Certified Kubernetes Administrators Course](https://kodekloud.com/p/certified-kubernetes-administrator-with-practice-tests). There are two major sections. - -- [Kubernetes The Hard Way on VirtualBox](#kubernetes-the-hard-way-on-virtualbox) -- [Answers to Practice Tests hosted on KodeKloud](/practice-questions-answers) - - # Kubernetes The Hard Way On VirtualBox This tutorial walks you through setting up Kubernetes the hard way on a local machine using VirtualBox. From 9ea063f1dc2df5e6b16c9c02eb560fdf65b66b68 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Thu, 18 Jun 2020 00:00:32 -0400 Subject: [PATCH 51/79] Update 16-e2e-tests.md --- docs/16-e2e-tests.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/16-e2e-tests.md b/docs/16-e2e-tests.md index 733cd69..e02babd 100644 --- a/docs/16-e2e-tests.md +++ b/docs/16-e2e-tests.md @@ -13,23 +13,23 @@ export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin ## Install kubetest ``` -go get -v -u k8s.io/test-infra/kubetest +git clone https://github.com/kubernetes/test-infra.git +cd test-infra/ +GO111MODULE=on go install ./kubetest ``` > Note: This may take a few minutes depending on your network speed -## Extract the Version +## Use the version specific to your cluster ``` -kubetest --extract=v1.13.0 +K8S_VERSION=$(kubectl version -o json | jq -r '.serverVersion.gitVersion') +export KUBERNETES_CONFORMANCE_TEST=y +export KUBECONFIG="$HOME/.kube/config" -cd kubernetes -export KUBE_MASTER_IP="192.168.5.11:6443" -export KUBE_MASTER=master-1 - -kubetest --test --provider=skeleton --test_args="--ginkgo.focus=\[Conformance\]" | tee test.out +kubetest --provider=skeleton --test --test_args=”--ginkgo.focus=\[Conformance\]” --extract ${K8S_VERSION} | tee test.out ``` From b6f62403600e2e08bcf1973d250d7301df81be3c Mon Sep 17 00:00:00 2001 From: sugiyama-takahiro Date: Fri, 19 Jun 2020 09:47:09 +0900 Subject: [PATCH 52/79] add mv command --- docs/06-data-encryption-keys.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/06-data-encryption-keys.md b/docs/06-data-encryption-keys.md index 4d6392c..f1f155a 100644 --- a/docs/06-data-encryption-keys.md +++ b/docs/06-data-encryption-keys.md @@ -39,6 +39,15 @@ for instance in master-1 master-2; do scp encryption-config.yaml ${instance}:~/ done ``` + +Move `encryption-config.yaml` encryption config file to appropriate directory. + +``` +for instance in master-1 master-2; do + ssh ${instance} sudo mv encryption-config.yaml /var/lib/kubernetes/ +done +``` + Reference: https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/#encrypting-your-data Next: [Bootstrapping the etcd Cluster](07-bootstrapping-etcd.md) From 99e798fe699dfffbdf1a9de8b408daac1cf70ceb Mon Sep 17 00:00:00 2001 From: Gerasimos Tzakis Date: Fri, 19 Jun 2020 16:13:38 +0300 Subject: [PATCH 53/79] Update coredns.yaml --- deployments/coredns.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployments/coredns.yaml b/deployments/coredns.yaml index 352dcd4..23cdafd 100644 --- a/deployments/coredns.yaml +++ b/deployments/coredns.yaml @@ -62,7 +62,7 @@ data: loadbalance } --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: coredns From b62a3e49fe4979737e80bc79b5b334bf9e9bc9e1 Mon Sep 17 00:00:00 2001 From: Greg Rundlett Date: Mon, 29 Jun 2020 21:47:56 -0400 Subject: [PATCH 54/79] Update 10-tls-bootstrapping-kubernetes-workers.md Add terminal prompt identifiers to indicate on which node each command should be run. --- ...10-tls-bootstrapping-kubernetes-workers.md | 52 ++++++++++--------- 1 file changed, 27 insertions(+), 25 deletions(-) diff --git a/docs/10-tls-bootstrapping-kubernetes-workers.md b/docs/10-tls-bootstrapping-kubernetes-workers.md index 2f2e1d1..6b1387c 100644 --- a/docs/10-tls-bootstrapping-kubernetes-workers.md +++ b/docs/10-tls-bootstrapping-kubernetes-workers.md @@ -40,7 +40,7 @@ So let's get started! Copy the ca certificate to the worker node: ``` -scp ca.crt worker-2:~/ +master-1$ scp ca.crt worker-2:~/ ``` ## Step 1 Configure the Binaries on the Worker node @@ -48,7 +48,7 @@ scp ca.crt worker-2:~/ ### Download and Install Worker Binaries ``` -wget -q --show-progress --https-only --timestamping \ +worker-2$ wget -q --show-progress --https-only --timestamping \ https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/linux/amd64/kubectl \ https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/linux/amd64/kube-proxy \ https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/linux/amd64/kubelet @@ -59,7 +59,7 @@ Reference: https://kubernetes.io/docs/setup/release/#node-binaries Create the installation directories: ``` -sudo mkdir -p \ +worker-2$ sudo mkdir -p \ /etc/cni/net.d \ /opt/cni/bin \ /var/lib/kubelet \ @@ -78,7 +78,7 @@ Install the worker binaries: ``` ### Move the ca certificate -`sudo mv ca.crt /var/lib/kubernetes/` +`worker-2$ sudo mv ca.crt /var/lib/kubernetes/` # Step 1 Create the Boostrap Token to be used by Nodes(Kubelets) to invoke Certificate API @@ -86,10 +86,10 @@ For the workers(kubelet) to access the Certificates API, they need to authentica Bootstrap Tokens take the form of a 6 character token id followed by 16 character token secret separated by a dot. Eg: abcdef.0123456789abcdef. More formally, they must match the regular expression [a-z0-9]{6}\.[a-z0-9]{16} -Bootstrap Tokens are created as a secret in the kube-system namespace. +Bootstrap Tokens are created as a secret in the kube-system namespace on the master node. ``` -cat > bootstrap-token-07401b.yaml < bootstrap-token-07401b.yaml < csrs-for-bootstrapping.yaml < csrs-for-bootstrapping.yaml < auto-approve-csrs-for-group.yaml < auto-approve-csrs-for-group.yaml < auto-approve-renewals-for-nodes.yaml < auto-approve-renewals-for-nodes.yaml < Date: Mon, 20 Jul 2020 06:04:42 +0200 Subject: [PATCH 55/79] Update 13-kube-apiserver-to-kubelet.md Reference link updated to https://kubernetes.io/docs/reference/access-authn-authz/rbac/#rolebinding-and-clusterrolebinding --- docs/13-kube-apiserver-to-kubelet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/13-kube-apiserver-to-kubelet.md b/docs/13-kube-apiserver-to-kubelet.md index 59ab6ac..289c577 100644 --- a/docs/13-kube-apiserver-to-kubelet.md +++ b/docs/13-kube-apiserver-to-kubelet.md @@ -53,6 +53,6 @@ subjects: name: kube-apiserver EOF ``` -Reference: https://v1-12.docs.kubernetes.io/docs/reference/access-authn-authz/rbac/#rolebinding-and-clusterrolebinding +Reference: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#rolebinding-and-clusterrolebinding Next: [DNS Addon](14-dns-addon.md) From b7a2faab6d0366fa510b82079366c297414361d7 Mon Sep 17 00:00:00 2001 From: Filipe Costa Date: Wed, 12 Aug 2020 12:53:40 +0100 Subject: [PATCH 56/79] update end-to-end tests to use the newest version of golang and leverage go modules --- docs/16-e2e-tests.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/16-e2e-tests.md b/docs/16-e2e-tests.md index e02babd..5154cea 100644 --- a/docs/16-e2e-tests.md +++ b/docs/16-e2e-tests.md @@ -3,9 +3,9 @@ Install Go ``` -wget https://dl.google.com/go/go1.12.1.linux-amd64.tar.gz +wget https://golang.org/dl/go1.15.linux-amd64.tar.gz -sudo tar -C /usr/local -xzf go1.12.1.linux-amd64.tar.gz +sudo tar -C /usr/local -xzf go1.15.linux-amd64.tar.gz export GOPATH="/home/vagrant/go" export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin ``` From c7698721b61a4b709b534a451d0650d1dca5acf0 Mon Sep 17 00:00:00 2001 From: Filipe Costa Date: Wed, 12 Aug 2020 13:06:50 +0100 Subject: [PATCH 57/79] use google download service instead --- docs/16-e2e-tests.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/16-e2e-tests.md b/docs/16-e2e-tests.md index 5154cea..5ed43fa 100644 --- a/docs/16-e2e-tests.md +++ b/docs/16-e2e-tests.md @@ -3,7 +3,7 @@ Install Go ``` -wget https://golang.org/dl/go1.15.linux-amd64.tar.gz +wget https://dl.google.com/go/go1.15.linux-amd64.tar.gz sudo tar -C /usr/local -xzf go1.15.linux-amd64.tar.gz export GOPATH="/home/vagrant/go" From 5050c7edd8cb3e0501b5efc15126b8c3c863a5d7 Mon Sep 17 00:00:00 2001 From: Himadri Ganguly Date: Wed, 16 Sep 2020 14:51:10 +0530 Subject: [PATCH 58/79] Fixed parameter error in OpenSSL. Fixed parameter --text to -text for OpenSSL. --- vagrant/ubuntu/cert_verify.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/vagrant/ubuntu/cert_verify.sh b/vagrant/ubuntu/cert_verify.sh index 705a53f..dc104e0 100755 --- a/vagrant/ubuntu/cert_verify.sh +++ b/vagrant/ubuntu/cert_verify.sh @@ -310,8 +310,8 @@ check_cert_kpkubeconfig() elif [ -f $KPKUBECONFIG ] then printf "${NC}kube-proxy kubeconfig file found, verifying the authenticity\n" - KPKUBECONFIG_SUBJECT=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") - KPKUBECONFIG_ISSUER=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + KPKUBECONFIG_SUBJECT=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Subject: CN" | tr -d " ") + KPKUBECONFIG_ISSUER=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Issuer: CN" | tr -d " ") KPKUBECONFIG_CERT_MD5=$(cat $KPKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') KPKUBECONFIG_KEY_MD5=$(cat $KPKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') KPKUBECONFIG_SERVER=$(cat $KPKUBECONFIG | grep "server:"| awk '{print $2}') @@ -337,8 +337,8 @@ check_cert_kcmkubeconfig() elif [ -f $KCMKUBECONFIG ] then printf "${NC}kube-controller-manager kubeconfig file found, verifying the authenticity\n" - KCMKUBECONFIG_SUBJECT=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") - KCMKUBECONFIG_ISSUER=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + KCMKUBECONFIG_SUBJECT=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Subject: CN" | tr -d " ") + KCMKUBECONFIG_ISSUER=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Issuer: CN" | tr -d " ") KCMKUBECONFIG_CERT_MD5=$(cat $KCMKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') KCMKUBECONFIG_KEY_MD5=$(cat $KCMKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') KCMKUBECONFIG_SERVER=$(cat $KCMKUBECONFIG | grep "server:"| awk '{print $2}') @@ -365,8 +365,8 @@ check_cert_kskubeconfig() elif [ -f $KSKUBECONFIG ] then printf "${NC}kube-scheduler kubeconfig file found, verifying the authenticity\n" - KSKUBECONFIG_SUBJECT=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") - KSKUBECONFIG_ISSUER=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + KSKUBECONFIG_SUBJECT=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Subject: CN" | tr -d " ") + KSKUBECONFIG_ISSUER=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Issuer: CN" | tr -d " ") KSKUBECONFIG_CERT_MD5=$(cat $KSKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') KSKUBECONFIG_KEY_MD5=$(cat $KSKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') KSKUBECONFIG_SERVER=$(cat $KSKUBECONFIG | grep "server:"| awk '{print $2}') @@ -392,8 +392,8 @@ check_cert_adminkubeconfig() elif [ -f $ADMINKUBECONFIG ] then printf "${NC}admin kubeconfig file found, verifying the authenticity\n" - ADMINKUBECONFIG_SUBJECT=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") - ADMINKUBECONFIG_ISSUER=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + ADMINKUBECONFIG_SUBJECT=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Subject: CN" | tr -d " ") + ADMINKUBECONFIG_ISSUER=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Issuer: CN" | tr -d " ") ADMINKUBECONFIG_CERT_MD5=$(cat $ADMINKUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') ADMINKUBECONFIG_KEY_MD5=$(cat $ADMINKUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') ADMINKUBECONFIG_SERVER=$(cat $ADMINKUBECONFIG | grep "server:"| awk '{print $2}') @@ -611,8 +611,8 @@ check_cert_worker_1_kubeconfig() elif [ -f $WORKER_1_KUBECONFIG ] then printf "${NC}worker-1 kubeconfig file found, verifying the authenticity\n" - WORKER_1_KUBECONFIG_SUBJECT=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Subject: CN" | tr -d " ") - WORKER_1_KUBECONFIG_ISSUER=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 --text | grep "Issuer: CN" | tr -d " ") + WORKER_1_KUBECONFIG_SUBJECT=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Subject: CN" | tr -d " ") + WORKER_1_KUBECONFIG_ISSUER=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -text | grep "Issuer: CN" | tr -d " ") WORKER_1_KUBECONFIG_CERT_MD5=$(cat $WORKER_1_KUBECONFIG | grep "client-certificate-data:" | awk '{print $2}' | base64 --decode | openssl x509 -noout | openssl md5 | awk '{print $2}') WORKER_1_KUBECONFIG_KEY_MD5=$(cat $WORKER_1_KUBECONFIG | grep "client-key-data" | awk '{print $2}' | base64 --decode | openssl rsa -noout | openssl md5 | awk '{print $2}') WORKER_1_KUBECONFIG_SERVER=$(cat $WORKER_1_KUBECONFIG | grep "server:"| awk '{print $2}') @@ -769,4 +769,4 @@ case $value in printf "${FAILED}Exiting.... Please select the valid option either 1 or 2\n" exit 1 ;; -esac \ No newline at end of file +esac From e16521734e546657d89d5739544c1374f5c58f62 Mon Sep 17 00:00:00 2001 From: Paraita Wohler Date: Wed, 23 Sep 2020 21:51:36 -1000 Subject: [PATCH 59/79] Update 01-prerequisites.md quick typo fix :) --- docs/01-prerequisites.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/01-prerequisites.md b/docs/01-prerequisites.md index 4e79b7e..824b791 100644 --- a/docs/01-prerequisites.md +++ b/docs/01-prerequisites.md @@ -2,7 +2,7 @@ ## VM Hardware Requirements -8 GB of RAM (Preferebly 16 GB) +8 GB of RAM (Preferably 16 GB) 50 GB Disk space ## Virtual Box @@ -26,4 +26,4 @@ Download and Install [Vagrant](https://www.vagrantup.com/) on your platform. - Centos - Linux - macOS -- Arch Linux \ No newline at end of file +- Arch Linux From 69814a72daf93c4b8316a141f2fda613aae4226c Mon Sep 17 00:00:00 2001 From: Dmitry512TR <23633956+DmitryMihailov@users.noreply.github.com> Date: Wed, 30 Sep 2020 12:11:07 +0200 Subject: [PATCH 60/79] Update 17-extra-dynamic-kubelet-configuration.md Added reference link and also enhanced the instructions. --- docs/17-extra-dynamic-kubelet-configuration.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/docs/17-extra-dynamic-kubelet-configuration.md b/docs/17-extra-dynamic-kubelet-configuration.md index 9ad9856..bccc52d 100644 --- a/docs/17-extra-dynamic-kubelet-configuration.md +++ b/docs/17-extra-dynamic-kubelet-configuration.md @@ -11,9 +11,18 @@ NODE_NAME="worker-1"; NODE_NAME="worker-1"; curl -sSL "https://localhost:6443/ap kubectl -n kube-system create configmap nodes-config --from-file=kubelet=kubelet_configz_${NODE_NAME} --append-hash -o yaml ``` -Edit node to use the dynamically created configuration +Edit `worker-1` node to use the dynamically created configuration ``` -kubectl edit worker-2 +master-1# kubectl edit node worker-1 +``` + +Add the following YAML bit under `spec`: +``` +configSource: + configMap: + name: CONFIG_MAP_NAME # replace CONFIG_MAP_NAME with the name of the ConfigMap + namespace: kube-system + kubeletConfigKey: kubelet ``` Configure Kubelet Service @@ -45,3 +54,5 @@ RestartSec=5 WantedBy=multi-user.target EOF ``` + +Reference: https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ From 6e4c8a2bd8e0b733d94f8e6a94f30e29d85948d5 Mon Sep 17 00:00:00 2001 From: Rashmit Rathod Date: Sat, 3 Oct 2020 10:11:21 +0530 Subject: [PATCH 61/79] Update 08-bootstrapping-kubernetes-controllers.md --apiserver-count value should be 2 instead of 3 as per the setup --- docs/08-bootstrapping-kubernetes-controllers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 761aba8..99941b0 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -78,7 +78,7 @@ Documentation=https://github.com/kubernetes/kubernetes ExecStart=/usr/local/bin/kube-apiserver \\ --advertise-address=${INTERNAL_IP} \\ --allow-privileged=true \\ - --apiserver-count=3 \\ + --apiserver-count=2 \\ --audit-log-maxage=30 \\ --audit-log-maxbackup=3 \\ --audit-log-maxsize=100 \\ From 9bfec71666b9f7df6eab99a7ee202455349b0316 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Sun, 11 Oct 2020 18:34:55 -0400 Subject: [PATCH 62/79] Update etcd-backup-and-restore.md --- .../backup-etcd/etcd-backup-and-restore.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index 468a6c6..c7c17d3 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -30,7 +30,7 @@ mv /tmp/etcd-download-test/etcdctl /usr/bin ``` ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt \ --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \ - snapshot save /tmp/snapshot-pre-boot.db + snapshot save /opt/snapshot-pre-boot.db ``` # ----------------------------- @@ -47,7 +47,7 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne --initial-cluster=master=https://127.0.0.1:2380 \ --initial-cluster-token=etcd-cluster-1 \ --initial-advertise-peer-urls=https://127.0.0.1:2380 \ - snapshot restore /tmp/snapshot-pre-boot.db + snapshot restore /opt/snapshot-pre-boot.db ``` # 4. Modify /etc/kubernetes/manifests/etcd.yaml From 97a3701560c05b899f55e472789cabf4bc6bc08a Mon Sep 17 00:00:00 2001 From: Martin <46542697+msadofschi@users.noreply.github.com> Date: Fri, 16 Oct 2020 20:04:50 +0200 Subject: [PATCH 63/79] easier etcd restore By just restoring the etcd to one dir using --data-dir and then changing the volumes.hostPath.path of etcd-data, it just works, no need to use the all the --initial* . Also updated etcd version. --- .../backup-etcd/etcd-backup-and-restore.md | 29 ++++--------------- 1 file changed, 5 insertions(+), 24 deletions(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index c7c17d3..6d7464a 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -5,7 +5,7 @@ Reference: https://github.com/etcd-io/etcd/releases ``` -ETCD_VER=v3.3.13 +ETCD_VER=v3.4.9 # choose either URL GOOGLE_URL=https://storage.googleapis.com/etcd @@ -44,38 +44,17 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne --name=master \ --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \ --data-dir /var/lib/etcd-from-backup \ - --initial-cluster=master=https://127.0.0.1:2380 \ - --initial-cluster-token=etcd-cluster-1 \ - --initial-advertise-peer-urls=https://127.0.0.1:2380 \ snapshot restore /opt/snapshot-pre-boot.db ``` # 4. Modify /etc/kubernetes/manifests/etcd.yaml -Update ETCD POD to use the new data directory and cluster token by modifying the pod definition file at `/etc/kubernetes/manifests/etcd.yaml`. When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. +Update ETCD POD to use the new hostPath directory `/var/lib/etcd-from-backup` by modifying the pod definition file at `/etc/kubernetes/manifests/etcd.yaml`. When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. -Update --data-dir to use new target location - -``` ---data-dir=/var/lib/etcd-from-backup -``` - -Update new initial-cluster-token to specify new cluster - -``` ---initial-cluster-token=etcd-cluster-1 -``` Update volumes and volume mounts to point to new path ``` - volumeMounts: - - mountPath: /var/lib/etcd-from-backup - name: etcd-data - - mountPath: /etc/kubernetes/pki/etcd - name: etcd-certs - hostNetwork: true - priorityClassName: system-cluster-critical volumes: - hostPath: path: /var/lib/etcd-from-backup @@ -87,4 +66,6 @@ Update volumes and volume mounts to point to new path name: etcd-certs ``` -> Note: You don't really need to update data directory and volumeMounts.mountPath path above. You could simply just update the hostPath.path in the volumes section to point to the new directory. But if you are not working with a kubeadm deployed cluster, then you might have to update the data directory. That's why I left it as is. +> Note: as the ETCD pod has changed it will automatically restart, and also kube-controller-manager and kube-scheduler. Wait 1-2 to mins for this pods to restart. You can make a `watch "docker ps | grep etcd"` to see when the ETCD pod is restarted. + +> Note2: If the etcd pod is not getting `Ready 1/1`, then restart it by `kubectl delete pod -n kube-system etcd-controlplane` and wait 1 minute. From 772d4869ae8f5fb8aa09e9552f7ad04eb600a4b8 Mon Sep 17 00:00:00 2001 From: Martin <46542697+msadofschi@users.noreply.github.com> Date: Fri, 16 Oct 2020 20:51:56 +0200 Subject: [PATCH 64/79] remove name of restore --- .../cluster-maintenance/backup-etcd/etcd-backup-and-restore.md | 1 - 1 file changed, 1 deletion(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index 6d7464a..185e006 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -41,7 +41,6 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne ``` ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt \ - --name=master \ --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \ --data-dir /var/lib/etcd-from-backup \ snapshot restore /opt/snapshot-pre-boot.db From 3fa8559cba1d807ac276a90b74988f29eff5a081 Mon Sep 17 00:00:00 2001 From: Scott Bronson Date: Tue, 27 Oct 2020 07:34:06 -0700 Subject: [PATCH 65/79] Fix typo: body text accidentally caught in a block --- docs/05-kubernetes-configuration-files.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/05-kubernetes-configuration-files.md b/docs/05-kubernetes-configuration-files.md index 7dec4ff..4d945d8 100644 --- a/docs/05-kubernetes-configuration-files.md +++ b/docs/05-kubernetes-configuration-files.md @@ -45,10 +45,9 @@ Results: ``` kube-proxy.kubeconfig - +``` Reference docs for kube-proxy [here](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/) -``` ### The kube-controller-manager Kubernetes Configuration File From 0f726f12df6e6fdac7004a0388497c4cc57ed72b Mon Sep 17 00:00:00 2001 From: Tim Date: Fri, 6 Nov 2020 19:22:50 +0000 Subject: [PATCH 66/79] Update 10-tls-bootstrapping-kubernetes-workers.md Update the documentation to reflect that kubernetes will not automatically approve a node serving CSR after v1.11 --- docs/10-tls-bootstrapping-kubernetes-workers.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/10-tls-bootstrapping-kubernetes-workers.md b/docs/10-tls-bootstrapping-kubernetes-workers.md index 2f2e1d1..900ea2f 100644 --- a/docs/10-tls-bootstrapping-kubernetes-workers.md +++ b/docs/10-tls-bootstrapping-kubernetes-workers.md @@ -14,7 +14,11 @@ This is not a practical approach when you have 1000s of nodes in the cluster, an - The Nodes can retrieve the signed certificate from the Kubernetes CA - The Nodes can generate a kube-config file using this certificate by themselves - The Nodes can start and join the cluster by themselves -- The Nodes can renew certificates when they expire by themselves +- The Nodes can request new certificates via a CSR, but the CSR must be manually approved by a cluster administrator + +In Kubernetes 1.11 a patch was merged to require administrator or Controller approval of node serving CSRs for security reasons. + +Reference: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/#certificate-rotation So let's get started! @@ -311,7 +315,6 @@ ExecStart=/usr/local/bin/kubelet \\ --kubeconfig=/var/lib/kubelet/kubeconfig \\ --cert-dir=/var/lib/kubelet/pki/ \\ --rotate-certificates=true \\ - --rotate-server-certificates=true \\ --network-plugin=cni \\ --register-node=true \\ --v=2 @@ -327,7 +330,6 @@ Things to note here: - **bootstrap-kubeconfig**: Location of the bootstrap-kubeconfig file. - **cert-dir**: The directory where the generated certificates are stored. - **rotate-certificates**: Rotates client certificates when they expire. -- **rotate-server-certificates**: Requests for server certificates on bootstrap and rotates them when they expire. ## Step 7 Configure the Kubernetes Proxy @@ -395,6 +397,8 @@ Approve `kubectl certificate approve csr-95bv6` +Note: In the event your cluster persists for longer than 365 days, you will need to manually approve the replacement CSR. + Reference: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/#kubectl-approval ## Verification From d540efc52a43dafe9a672d313372515bb6f741a6 Mon Sep 17 00:00:00 2001 From: michael Date: Sun, 15 Nov 2020 14:04:18 -0500 Subject: [PATCH 67/79] Add etcd server.crt and server.key information --- tools/kubernetes-certs-checker.xlsx | Bin 77536 -> 71603 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/tools/kubernetes-certs-checker.xlsx b/tools/kubernetes-certs-checker.xlsx index f385c66df8f2e63cfcdbcae4ca1f0c2a1e2e9aa5..8e9995baafe4a621f0ddd2090062d08f342b7eb9 100644 GIT binary patch literal 71603 zcmbSx1B@u$)@9p$+qQArwr$(CZQHhO+qP{Rx9#q^?|YM(Klx|gBvX}Cs*+RZ)LvOR zd+ohSP7)Xd82|zT0>C59RvzHL9MFI7bsdbY9BFC(b*)b5ml>pk3Ay!*pnPH8=7Y#D z>68-dBw)hrBeub64lf)Eynhx#LWGHK7>u#^@%=U^-jTAQ+My$r)CpHs4+rWdHS{hW zn*6qRr)8Ng@EJj16IHMkq;!atm3W-m=btF@bc&OJI(v|ooCiELyfOmd<_mSuR(56h zHVQilQoo8qv^P~LSn~zx3X-lW$QwOH4cGt-!b-X zpWMAo`h@{QCnk-MN^o*BhPv1qL-3U}d7hSr)X{$8U}x|MHr<67L}%*cDNW=pCUujG zg2SjQ5vh^$IeCI4CkYM_oWYcF^B05}AOHZl|0_&ze@D1k(Yo3?SQ^;cTGF^#TSY5w z#%$2Rd*7-G`GjhzS4)YrDS0M0SU=ri^i7_S{_obF+~Is4Bt(?O&^HldBR=OaJMg6DD9#JHJx% zA3z=QI}*FHrm&bqeGm|HvjBDPs^PtlFeB44nbPfA__pdwG7UBC&Ob{-(bB-rFXr)< z=oJVl3X>e~$|4F{)LRSw1j~;nEQi6s8cg&{{5rO+`E{p*btnD%$RQPj+IVUXyLLH@ zJmShWM|-hMG-qSR%?FiowKQ!$jE40zk&`D9TM~26jSj=5#S{Jm(U1kQ6yYJR6i&L( zfCY-Y8h)hU_kkQ6g*#w{D0;NSk4Su``pZ+2<(W#eBf%T2u7lMBX|p;i@lRwOVY1NX z6bSniODyJ^W*Ca7Pa@VAk?S70Ggp}|2CN)DdW7twe0)e9f^pt!o@0O-Vq)cwbI0lj z6tTm?7FsimLc2dTS?^PjkxxWkWHUq=0nb1^EFOKM;5kri}JOlRQfF1Wm zHx`U&_q0c2{t8*8QO6s9@n0;u*3^vMU_-I2BN=twC72n9fZ0e?p&eJ|a|`y$>Zd^LvDub_u!!#JB{()MPG zGHMB;7vqUT8IocoV*;b_EQTghmxmY#3N$cUD>=uY53A$3I&|g=UlhuWXO>Y%FBU^; z?G+$>)Y3*e0YYq$`wl`^@N+U;V|4%?{Lb3Tz)?g?(C2-t@dgeHr^@jWfzQX(mI8k_ zGB80yGlUn6rvf0)SO|kY#gCa&3A={r0%6jBLw#m=84w**96X|q7OHa&JZT>2&XrzN zB3I}L(Ry(>eh?Z3Ap`L*I$vk+f6yRDTxpq;-^H1QtU9et`p6l2Ld=<=9^0~UIh5uU zD6`to)`kfALJ?CGy9??zdwckD8GZ+!;-Jzem2@S33J9n+c9j9Ivw#ogiV&8YExL5M z?mIRq>4b{a?#W%RUH2+z9p7$ayeHlnA^P?-u`RrNwOR0{uyrkzcjZcPd-%eKXMV=$ zR#s1|V4!|V*;c#GLd0y)Zz{`e(Ftp!1A-0!eDAU}e&v zdgCVfjSDNTh}akkGzg54Li>McjSloBMe zn{K{SNp+6_ocpI}J}Oek$C)}f^ARrrNI!V^QLO(W2U1dm2-_qkoko2Df_E!XT&V&> zx{?6~Hhvu#CK5kYek`v!X~bklZ=%Yrf##SZwozP3Tg$Yf45?R^&IK!qFfDRZ1xxCG zo>L_KZ8OZ#Nj1*O^KGgq(caSYudB#YGsN8=Q~Ts5=fX_A1{pp<{yM{cUo049Pn9#7 zrhVQIFityMz&n;EePy=CVbR$eIWfn&9i@%ww~flBC*g-{w=MmRf|;JU*0S43oKx#j zkoeV#Dq_FnNV&SP4Z%-H0_Z!pMYx*nHA-1!*iCCYta$`epTX1>r!yuyOf;=OxV($! z9bCRQh)<_%*g5T)6`Q3?kFOq4^d{FYkFSbLn=6c6mYKFKORrQ_8c$Y)CfDzd6AR2+ zCQB7dF;zI1+l&^ePOBCjTnJ57Cesrbd#g=N9aq?GInPdQIPL?(ROwk6?_qB@;zukV zGVu!#MDo_Zb-*8SpvVfkI7hrI%1zo#4jMS?Jbr&8;gAHGKu?C7E;4j?HeeGB2n9ct=ASW_-%l>~kdJDT7eLq)sw(8~aE#mM+<4Z)HF&DjKwD)j&#p zE55}Wdbx}{UVOwHx-&>SOLdo*&y=$==a^|Xe#RBta0U*;6`z5q|jEqcuo>4}mROyk9L}Eic?>C}*B!g-wt7 z)hhpZDe~le{0IDB*;_1Iua*-O0HA>VKkd3i|2um-ni(5AInw@H^8E9_@ULz7AMq0% z%Wnxpj~sOSg|feGnJ`czJaxejjoTIW?HA|WiN)d$DXwwV%ZkR|A2_OS(xbnUS?PKO zr`Y0;JQfTPVkBT|u4Kpl-ay~Dkzb`pNm9c$Ya&qlKqypn0Yl)f zT_HsjyD{Y<^i3i(xkv=uK}O2?2(^%(+Bfrqu&W=cUkB#e|LIY5ZxA4xoRn4EF5rw= zPyT1415pLp1KHtsrpbDX0L!H3ff_96hh@Le24L;#+v3X&*uNkdS2iaf_!}?-;Qu!y z^#2Qz=7j0LdJsP7);nVCWym@nz9ORuobSRPni8&VEptfXv+yY-rPb7vT&^5EZtpDn ziIs7ohE_Bz%$dUf<9+RPNKVy&0#6Oyx~n$Zn!`iTAy z3iLK~xCk1UKalfS^ZlMk%TX;$J69ev*EA(F)=`q;@VNIZ^tPl7HHQv zra^Qv&xo=_7O^Xh&=%|xRq?Q>c92VLyL3o41$Vox)bPH#wUh$KZ|&C1-YXNxUk(zw z(-jw7AINCQdL+|U)wDBJZ+|r+IE4H!{yD_I@Mix<&4~WrSoaU#{sFgpUE48}4H<0j z;|m4mC7PN{CNb*TX7WWebEaf_<_ZUpeFX&mw^8YNtu7?p$Z1mc%@vGiFdiRA*MRnK z)2AEHcr0*Ai;>A@ahj77{>dcMDld&p-QG4^8>zw+@pKY)+Vc&s;^sG-hs}%N$Wsr| za;7B!<8BsL1r^su_3Rt7_$9Qif?|%w;{vgwck&z)XA-jnW>%CpEBajB*@&QI6V8F` z*JS!vmq`VS2PfS*g_b~w3^Ije-CH$fJkgJwuLZYsF`cDC+)IokvsTmhyD=2ZTD|f; z=G}?NBs6XFR|;FxR?}JaqFx2H_^?y&ClOe!@=#AB_QYE0=o6D=m~VA-%@j#Wo_ne4 zNtSWTiW%i`B=5X?%jK+8-B(l4(Z$ATi>vvea#Or%smL#7;N!4%kWUt{vY*1rMxyXn=A{x*=PJ*F z6GwOcCrrsqoS7#+w2sV^gO+z=4?aOrHi_Oe&af6dG%-GMB(>8D;2D+l?!~8dW;vJO z%+X4^SY?nkwNi)Rr^A97N0g)txo|wb7B-<3z|o1SJ+=<#GZ(dkM5nVEk8O_KQqzWK zew9ML&K;CeMDiYar4}-|Pt{Nty_+QJQ%@P_x8vr=k067GhnVftorS2~l0wCI(Z&v~ zEVeW$sjUx}!ws^M)G@Noj}{G;(Aj<(Nrg`F4=gunxMnpqtFlfe7N5@)rlyOo%WL6M zEWi78VdlByI%-L1HzMCDWFBtSQsx_Y=XJcP%CzV9x1{MUARme`$P8l>{@}mD13?f3K?roAhyQUnfS}b6f~SID0Razy?ho7(guoAiCxo~= z77J2E5_JP53ew}RBVdEqg1`mA696Cxg69vb6(Q7;!QMv{f#?s=6STu`gXebSC;0CRdT}G}Z-x_jLI0m7-Hj1)W3&%qr4xWa1;Gjc?hoGM|3d%* zF93lM^lCyp@b|^8U<83W{55!N2pSN$05}3ac!4ndp;jVePAp?T?cs4OD zVq8Q#aX(@qM1t^8hn&-&tjjpyLb>W0b+!Nv?yzXv87J*fEIc&DqCBFvBZ3c zgyC^RMpm_gB|BH}O`H7x{fo!fMna{!9|+7Y1BV0*i0tFq#JGrg5&*=*hy@T6>$Tz2 zUs=7xHgpFb`gJ|W-*i0-bF~`IXxV=%FNS(^28XeeT_7uNY1Cn8+A+(04t6W{1M(J9 z@|xE3u;k?KmYCQrn2&mvgwuh!o%5GAi+3v*pE8$knhOMypSZYeZp{!8U8R!A0;H0Y z>N_S9SDV$5KMHn8)^BBn2OPEw7Y_qAGfU5Gbzy8`pJSDhlomGX%Hpgh7fPnh)Vydr zOg8FjB z-|KL&OXU>J-cDX^#*Ft&n;Q{gI3X)O{Zj9mgFV!E0g*KR z$mpo+I9x5(1@1Jkd{E#Wr~gbW>N0qIwbjEa*gPuM$-7pemZQjolwrnsavf8JifwALnK81~jC4=uA&YB;(xbIi`ujvF0d8?0@Yx`W- zA~aO-UbvrS-;;eqCnG8wNMIkPxEOovEhmoo?=cydr4zu1;dEd)Sr;mv5V&k|i1h0s zwCt`J%1Mz^qt2cr^)|@NwY|{5PE*4k-rO`iQxSoa^?C?ijt+h$wU2YAhSQ+uMsy1V zS&|`pmy)JZr}*x~PB`}=ID5}oS$8wHq;8p7mYKyKaXm6lFD~$2$U%Sft?tYAJ4wt! zrmNBsSN+R94|?d;ErbqiD_VmCEj`{kPShWSqSHe>FEYOaC)2gtBQ&^=nBNL%V>?jm z`uN_8HZB$Eatb59+Rxa^F`D!7yt2Z6rn50no)m1*+NQ_vQhD}nGyOk*P7z*C2$2e! zD#*S^g(jfzo$z7^hfp|&ipSS_dJS>OSkI!<-W`}Dy-u7<@S25{h@ zKgET(;y#IUbLhqchla!4br@vIn`PUe^>@!Cs&%t+Z=PGo8j8mLmd2#r*ahM|s?X58 zrRL+aq>cMI52GLwR})N^DhqJXw4tJ%OL!-J3Fq_{0=(S|B;bp2In5 zWUuCO%2I4&VC&^?c+bKng^xePqd7Q2;SufgU+fWY6mV3F=Vu(h9>iPAXA{2^g($u| zeBN0jbP=={FY z^&1_rdN^PbV3wl$96V^AC`r-V+Y`@~=Fi`9k;tD!-5RTr3|29Ur0FkX7*3rnV<1h* z9dQ^-$R%+Yi^wf;7|X~taTxQD39oy{omgO|t4G6# zy=UhENQ;7ihH;D_ql9r#kY@`RLrm3Rr6VEBVL%4}Q68dt=pe58DX8~buE4MH=|THz zgO()+KaU&dYt#N6FbSlnMCU$&Io1aPqzEyEPZ!!3@CVxDh`P%}Tno5k7fPowqz?>8 z6XL2#738MG?KV1uw$l1AVhW?PeIi}4lEb9T0b})&(l7$blZPKLh7^OOT~e1VFH}lW zMjbjxe+`~a7&r-3ACv`T0LtvQWI(}!v`#POGq{xbSI64Bb3MIqV5^iAe`9PN5awV) z-kB3ibnRG)J$L5FlNBPe+wKsu+J56@5_^eRUMDrgZ#zVImA<@Gkl_Mj#>Vj|TsIz- z)~(9>6uZ*~J3q*tA~tOeqf1Gl z7R)d!X880yC;s1>@YqW?uj+#oR0B*RLAd$7Na8JicfN3cTSN)IlLHu1}gEAPPF zxPyEml~~z4PN|q*fnF3G5(^3YF>cO}vDB-76lCI87E%(Iz;w zOjp~;c%P(*VBk1D+aD6BVL)yJ3453|B221M3Qkhw(`is=?JQb#=-+PiQN#Ve<;Z6O z_PR8J&y0PZP;ypUcD$q36{zM97yzJuEwp{3#_sKL!k^@=c9N8OHHXHj19LhC7(V9F z1>rcQP9Q0L4GbpjTSH+n@Ehvn>sKK(@Qjngnk2V=D$X8wLnT z!7~Vt!4NnGQ9<0k>Ms&k0MxjZ>pSVA@V!_DS;035kJUshRrbAKQI4$^HQ#pU(Oj^Pw~BYaT$KD_}xo=$pxCwCb(mi?vzHrFhio{qdv5K!u5Lh|Y%%X+hsu z&huE#)3p4mEZpf-m97D#wVG3fwSkpIE@~6vWPsDP_QhAB_mg0qf=6neeln0z(Q7BcfiO;ud(Ou!` z0--|1<5rHYlbm}V{ux0r2!k;bzoiMhU9Hvki0t zmbx6fGCGw}S{WWRb_5f;Sv!8hhTGQNinX>K`b-N>&Yj_@r*nCE6(ZZTXlNM(S7m!% zpvHFCoMLr88l{I@Aet|^ai^MSd3BO<4I$2T60SGu{v>Pul{NZUF4Nw9jNJsJd9*k4 zm29;MU!crlhrLA?k!X#X`EbtDOl+*Fe~$<7`)$+#Eoez%%4U#>FqHR$H)d)#B0ka` zrNdzF{JFp%`48PMYgW|2yQ{B5*4?*!Xnx_$DtCs z4uhUl%qU=2eDiU!h$G!NZn!O>sYlTxb;MHh9-(pUUjq2NGB{cWlzY{OQaLo%Mr)@r ziPy6Tpvvs1q3OdgG_jR4L!%BqtAA+!Rq6|;gnke}0ssiI{3n@(`R`Ky-(98uY7+g^ zSL#lfwfJkQh2DBY6@DBLV;M%Vbtm!HYQ6xB$RErNu_Qc~+VaLmQwJ-!kaJ>;KfiqN zS*+YX6zRmfMfLM3C*{$#twrn8{ps>->j-r2w7|7*NXV_jL#q5Fs{^D>xM?;ywQtcH z3L@Bjj5qn+Uc^s!`Ru}{oqAkdLIS)&RI=d$X11xE=Moy^t3TRemHaAzC;e1&klx>uTf%oBT&HTA?hxpZn|L&Je?3)xAQ-(@`c zMzy)iP$`0Ut@8o+FNExl>&`d+#^3NCn<2>mM##}j-@({O(aFKw#`GWmV_MzXc9RAE zyGPglk6!_B$?B5$6{$Ha*?L5cx?kJJj98Pf8XgUZD79Eh}q;^^YG z<19|>(RgSlVJK*F1f-H=Jp27I`sX zse|*zWD`v&e_lcqs?b|O5q7RrFjd${tpjSAf=#c{vWV<#u}{}%-z8VIIBa1!&;E6BLI(o=85>#8)YSYh`oVhzJMGD6 z@fjNu#zIAfIxls&Q5P4HqJn5WBN3pFUzhW8$;AAk^G3qQ0nal#pP0e7ysE8A4i)7A z^vN00>HO^B{A67@Bf6C;O56 z2r{kBsv0UwY|lvgoT8q(is=0#Q=yXarw5tBaDXLp67h3Q2}`a1Ho}<(7AT-4*Wdc6 zTH#q`p*}cP`>7Nt632F{aNv6cv^z)d-U|}7h!pQ8CA)#8=h;5W1pP|tbnn$CEbS=C zBUWbXJuEDA##5g>h3B~)uPgVwaoRyXN5pIuPNYSNX7WnG6Jqc7Aw#M(P|D*7RqX7)LDUP&IU=TXSEQ2EoaRkGl>cY#%oB_8EV~ z%Og5KZx3pW7PKEo1`DpD4xLFP_t7UDD-g#eOeHtyE5;`t7tBwh-)3R6{Vs^pYQr&; z98rmfWQ(x&Z%jGDeF-G}0EOo1VnS{O!Uo*{e7(}0h6kl_SJj|F#0Z=^|B&}Rb#~Ll z*6{Y<jm6okEe8juJ-OBqit;nzvawnsmeYy7_+y75{v&Yr!8;UxuQ^HMP`77OadLNHHydRa z$3+xZNjAl))vMhK$qsjOxD^Q+yd9Y-1S`S{u3$|M-w;vcDON1OzVd1+q^t}^r4a7a z*O9Mlv|MFs$K!ioCl0Ht9Dd{O`j7CwHBggL>p;+k!x4B*IBH>?lc3J{O9?9c3*Zwa zUhHQ$*!sfju=P6{f=Js7=rp>&EZO-3zSjwNPjuTR~37=}fj2RSOwEbB#&7E~?q7eg>8GVsEN- zD#mRS?x*dOrIGE>RQeOt+9ZSig?FI2F(}WANa40`i%)}a`TkNXmF3b!x?vL~>jXwQ ziQKP$>=%WMcA$>G_KQF6f69(X|K9tpjg8FpY0a(mO^xYk>}*V_JVBK-rB|InBLpcx zS`R>e>*VzXc52#{%2l-?i$!*VQ>bha@I`cXTH3k()}Zoz_xaHn*Lc~P%3eR6%3<`} zCEmB7Y+y?>N~6{3>WfcJTyVPsYDRVEiu^tqj!ZQI7bzJ_Os&CeK%}J{CI1yiMxHyI zJgnPQ7BlR@Bq*F?=#{+a=zVwab=CVKnFOPD5{V|-dt5x!+!Yn8Ij=B&+C7^Dt{IGT zh_Zik86f8zSQ_mPAuU73y5@_ z{lv%eGjP0QN^d{^a9(usj zR>)3mAKdFip-1m9=7>JaL}l4zL#bbn+S8&jxwt^1jjuzz5E-}D9%MC45P^1>Lp-MR zmvfQA8it0(&!7T$jnhnp@qpQZR)hqTGK@9^SQjj}rL@$Uw?B+-+kkX=)MUNsYz4Q*b``Shz0 zwO^<2!>GqKSLRYXf0AI7WK&`0=*>q8ugz`5I^N?T?Vy`dz0CL4EjuO95T$+;G~kyv z7<)!UH4)Se(o%Hn@XsnPL+ki(p+9!+DO0wgBPj{icK=Mn@c4Kb#oJKa*-`11y=_1$ zHEC_E>V767vfjtYQb_Vx_0F3(L>32Fob*y{d*co}0OMJWPCZL=A}p)*HEPa<>|2)O zY8+XAL}%+gkGH?he)^{D`oRUhrZYLLHGAaXVC;QjIO3k{Kh=i-rbH)lwYd3S(q8*_ zbP`OAH@aa&L|R@oVLiCK}er}WusZk*Es+h#NI7`xM>qs)As zM5C`H_SsEtIeD1P{g!S!=fJPLba^`otd#R=DxRY(-l{-meGq{08Vy|TG9_%abIcNRG;M*W)lTo{M8b(h*A*Pt(5beC zBtfct>j{g-oTSVuK2wg2y|X4ISP(G(LyO(m6_bU!y^cu( z$_`XC>w<0!?=lKjpl?^b{6>QNvrGiIiQKatf4hTGYiXSd1f|B`^L>~*xwX3$`*0hk zfEL7nk4?8)BrC}V@hOT5rn^Yf3~YmwhIgPrD{ZNluKH$>KDj7~oD(DZ#su>KI z*&TPaZ3>HmJKM>QZbT$qBGg9l{suC9IuPQ`osw0$qq}Hk=1<6;-ul!fRvhicL?+!W zbd`QkPh5NO_;RbF@N+675~&TBYAR5|q@M`YvK0X=tl1fwQBLvY3nwSDKunf=YdO7l@0S4v%@QLpVyLlP>QZxH|iGP9qa9w-rY2Gm(QEe*rLFi8$-mxlO zHhj=GXB)AmSgd`VVux1Up`8m6w5=!E+VVY9iLR7^PnxFQDO^zV!a{u*(;#LeM^@kY z+2jy#+tUW zlnM4KIWw)cYs;KSp2>L7JZx)UnWfiR&B-4Ee)&!E*wa!sM=olOV}78NhIsju+0M?2 z#at>XoY+A~VW))jyBJXP*YhxU-xD$B=57E-Q#bXGCM`Gai(QfkMN_-V-n?y;y}#ne zbQ{6DT{R2IQC(D0Va+&PWQB7d;pz2YondM!07Yo|49bYPW0FwX?9=6N zjOQ@N%n9S7(@o7lQpko`V%}nKmU^zXA<|Rg>Bv>p0A;=>v5C3hN^Rm*oV%&kR(WDv zM_fvH@UtN>=CLcxo0m?1!pW@tuZQN9j&D)bKABdsN)^VtFIH?oW);X{`9SFZDA=NQ z+poKt-m@s_J$|-Nf_QPzH6*z9jd(w3k&@wv9^D+oszN~6{N_{ZAzo+lOIc@^5iH<}k+pThK_`@!pz-6#*M z(nuiTd}x9mFkUh}chf{VabhOr9 zaeY!45sypv^Xsq^{@P{$Mc?TB1>G1Yr4t|V-B6uBxHi^;tw;)Shr4%c75ueg^} z>}AlRmS-(sI7)UkkXy*&CA*kpq0k2n(2Y9nvM^_tXZC2Qx2v+C^TV>0ShKVJiasa% zQtW7gj!ydPNJY?X<%cUvimo8pzgOk+>61sLw{z`n~ z%v<&`F*~glYOTO*FuCVd=0*dV`)Wb}e=!2NO5GRPwji%%fx>p-b=O((P7`p(&%>NK z4+^RNQ|swqd)8#7OxGzwmDvNNLC6E)-!|3FCPAWR=cavO+j@Q!;FFMcfvyR-g=8d# z`2du^k;17|?|I9LR*-gTO{zR^E~dIq}e+TG&O6*<511mr{Rt2sW@A<^&_~ZzWPs0y;@#HAeF2T&Z}(NsBgP}%K>KX zPfWNm1$w=SKZ$v+*=Rw=XA5ujna{RnnC@)AoeIx5<3zH{rutjh7pe)z2Q$@vc~-Ra z*W!f=UH-%duQ}FWR%NNrQ`&YUwyzw(M3nF|(yF3W!u#GPeFv#pZmOw9jKh0pIaTAf zjqXSIj13MuX=dD|Q}?r=z_`b;k(DZqX5UH%D~Vf!DB*)MLd!+@6G{@0ty4XSL!X68 z)(U3~_l?h0bq zPT2y*H)MY4)fZ4S^?bt{$U`QQYB^)hJ?7F~eC5pAdj8aG%x*Jt7bOFj=yS===FvtK zv&1CHZ`D$6nCX;ZE1DOLT%G+-F*Mhtjo$Il@MW?<4TGwyTgO4o>tH5GhFi-~c$_!R zoqf-xqC8Pl7DIx8p^@{Z9^qjaMsiX(xg!e7>-JsqK2Pe_pB=G52xwsO~Ac9Nkr&#Mp z>E2*{Du)FUO)~lMHW)AJeJhh|o@~MV zBMsjD(HLEh;b{_1t_WYeXdjT=4z&%+TW{PzZaL06Z z%hj2vTEH3w{RMA=6mY|;Y6TJP5<<7EIr^No9B6HxY{z>A&2{FkvCju5P%4h@yn0?79}!Q>zjokV2X#$21ZxSWWl z{BprfjTG!Ny$jXo&%3P?!hTZNq9C(d)sDZq_0v0JZbfAQQVyY0kDSldmdeO;G+urT# zO7-_1uHQ56A4I}Fu00*NE(K8!^M#fsE=d)&Z(TTIBObKNno?X#zBnj+M$2zdiM&HU z)oZES_bE)0A3<(mg8A!7qE79>iqgN_owr+yE_Z=&Nb3i;K4nYWAXTs)QB#$C!*U?M}7UPN|NG^mf5&Mz>>h3L8MY(rZmQUShOYwoXgYZ^<45jU!9_vWSEXRM~`41r#mz4jcNkR{?rHSogKpJ0}> zIM^T$-Q?ObMX+prsx-%0u;s)euiAM&qYZO^4dhLvLnw7>RlmdZzMtEI*pJ0%yk|7p z?z(T2#FS|N`P>Vf8$ zX~UBk4sXz(NcTsiX@B0ScUUxSX->|wwu{FkH#1S?>^XW3$QBCD> z4+Vx$)X`L8!=@u*t|4kUlTP8yf%XSa2hHnD--(hU1++p*Y@UO@#Jkhcx~ZI`(Vz{5Ot2a|at8rQG zE9oGk*k#sgc2#0j)rh4gd=@aI2+*tjoPq77x2lI(%8%t@ zuzWisB#8)=!5F0I!`>PqR^YVh+467zxQ>SxsmqFp54hWJ61wI4v>N#qYsZ7eBkn;j z>HYo|Uv4#@2@sp>b&)rA+@<#a_eQv&KulRzM*6|`B z!*xWLZ&#U-kL4HKiP_KC7W50qneg zY#QFQS|ymMt~1}bhQt?7xx#dKwA@RwIq41>qs4<1314f$eWXUkXZVU z89I?DcxR+_E?;arX02R|EybE{s$ERAL#VqdPRki1j9Xi5Sz@HQ2H|}!jxvf#^sp`$ zv^!PkOCp7g3#)MH3OXN0g-S-gYf=^njrR>oiFZ=yMcZerbHT|U+u8({vbWEkVLmWP z)4k`iy%Pe!Q^pgyP`}J$F(uhQ)ubuk%UoII8eHpK)VQO=w#4(#W@=(I+yN-$b`3+r z^tU6n;bVSjskcF-TOM2D+{_5trJUzXka(;vjET_ucBlCA(~d_iI^-eBA0u zrlG;rwb%P0exR=;M}Fml#%cx{YQT!-4KrD5j;kmH&3UrjQN8vvX9>W{9)BKf;cItu z6S2A{&T74_+yXCmP#DefgOeMX+xtw^ChJ=qkgh7~j#x?D&7NbDJLk}Zgj3N8k=sw? z7w|bzMu4X2Jxfb6@MN$c1Iogez#O?eAVkf+y^y#FtA#+^o-AMDvSwpX!XWd zb1zpFY$3Ue0q1~3E-RwKQCLB$!8tH41pnI?d|X4g`gyOD?$v$nDmK3a8&HSX8#)m} zyOR6F0wzp=5>w3&EyrNyuj&=@SH`*iFsq*}|Xu=>^HfGDrK#=?FXpv|GUrgKwq2*c;SDa&mma%qCY6^v;sO zfP|)id4iMW>lc>rgre&)=L7_pH6yiJ4Zbti7!!lqez!fxD7|Tnan)+*9`c%GT8eG8^*9V$^~7 z-E-tpO?PE}4TKp4*tYH$;L&<*4d*Y1Z+b|vHW2J98?H@OZZ2^e?j0>^$p^(Dgp8PA zq_$ba5@k|h4MPca@(>yS6dg+jt1p5~y>7XO*{gf#lN3y|w^_Id5PU<=+!(YL)a6nv zTuWFIzdlPKH~y#CXAe|CJibOdeJlNoHXI*0 zRo3luH5TNU`SC$k7%-*mLJ$hft?YG7%kWR9^3m?ZgX|LU#D_SqMnDq}llY4Lycbm< z4g_>^1c>FJ`7J+<0=s{BWa&9uZCZgs)kUd*hl!oMzEO7?K|HMCC_1?a!=VminXRjYevKc-TrRF`1`{;%YeEFW2d>3(gaV6}&5`Sz+qkJ7yXyXz0X z)T4jS4ob5A08u6Hj+8gU6b8%&*v2k9%4qs9lEbi`s6ohHPs6j-TZtj(^?AH+M14c0 zLS7XA+XHR34=>vBtdutneeIy9E-^7DjKi~hI*Es9yeIzTr?Ee%TH?F!fprJxi}JO|5=KIPeD}Hy2#$|E-_1OUi-^ELAR;1dRL-%K2%#Hz*^M&kRhZYFID}0sPs@W&z)iOT3RA9)dod_Onpq~ z50wvBU9G2VqjpoJZMf6Qkx+!{>IhLZbxBr_aywzSZ=_ptkcEp!&z?`)t=el{By3Mx zv*ArT0s?cwl7QOzLMIG_S%=K-o+fr8zDA)K-ru8Dp3|pp?2B-8+lp5%^v}N0z`^o} zC#Z7zb@Y`P@KRTBcDwP$YrM;2k1L(tg+d9@j_S(cT?tqf!Fy|eVZ~PwI(l>QHgXVE z=q-#$_kccPy>cO3uaaPjmDrvbe=EB@JhkP+uv4;N;O;}uh!#KOx?`A=W8L(yjCDxg z6fFq|J+>z%EPbIl0qhC)JGLlu0`?IG7@_Z&SYq?AjSK0TUfH|*H9_Ef9Q>Y}^?6rN z9p+b|0^wj;=c733n`UEtk|~p`3k4)fn3m(V)#RlR$o={>f$$w3?CDMx+}Dd|pVd1n z!6K5Nl#u~Spg7?J|BkKRtl7cCVL)=)Yj<~|q>LN~4)rxs&#v(Os+WwkC3z}Wo9zc8 z4975}ADY)fDrPqk!hAC_FX2J&jUqn<(1lGQ+0GEdpmwjRpo258vM{J?2iTLH?*Nu# zpCURrEaiJ-e{r8L%!!dZZ9Z0u3Wg4O=Rvat8dtxmAhv)8CvvT zmmVuWyyfelb_ z;ulPYP1s#y`)(l?c2W?JlxFN>MOqY}Uvb2vkL_@t$rC}hlX@ajo5 z`_v|URU46Y8V9F}FKb67SOz?g($wgzu_VD^4TzY6BrE5uLN50UhJ7j=#Z9fQc50(| zLoo@bR%`yR+KF>7X^eP|As}OTEnASxqw=EZ`*}b7Arw?J0mme1xDdWpo1%^_9dH$|0a2Hl9j!7dw~dZ)GSAViKHq)Wa=fGmtATItQ&R%@p@X z@m79EnFKZ=g6X*N(t`ZJd@Cge&apGY)wd~6g5TMQPe3X@g_Wc=cnR2wFwKJe5yKib z2e}CY+$=1+@^VOcj*d4>_)Q0EY;dw=q?`{K?M-pmVU^>+qeK2YfjT zsoF9CLRArSC*JNq* zSw={;;P(UZk_ycyB1xnQ{~ezCKzo%~VqJ|f$v?U;xa)-PRSVN1%)YB09>{=H*r5g_ zxgTXscG%me^6IQDBeJXe?V?~yxrHnjDDdzi8^=5F-2OtK0-cyk2?IUg%Qf;T$?>h5~a^j{xADk}cQ7p9jTU zKhGG@!#eh~iu%0;3;?Hxn9xJD{HC+hwpqqnC599%%7i5N^PtW0rAopt)wl(>)i%OIdb!j%M6RXt&0@b4PJ`m^?}Om*J>U zG&TwRsZPQLt(VFIU^0_yHwU7+ji8p8_4l*D5V+Kk5zh!AD`M!I_x}JhK+L~9Q{AYq zXN?HU?i!6n!vYrPD#*?+HC4oGNm(1ca{Lq0iC4I61WP006J{Y)t=FZwU7Ll z{w)Z(PUvEEWHHQ40J|FmS7CJ!s;#y4uvgWFOPH}2cJwiRKEerxgc1L{OS%dg*@D2y zOQc37lTexqnaO~7zLyd|ApDt5cpihrm%n{qJ{xd>3Mf^GLF^KQ?Bx@E35j^5nB{7q z6=vw>bU1|2WQmrZ6TNrdN4?HO7<2BoKc$D}hl2>yekp zVU@!cRbC#H^GR#L-KMk_elz`o)a97dq+#kT7IF#l*=mE*8Fw*7O|s7h9`aEKLrjTd zz8c!rzEXy8%rw0^*)vUvnK*l`m8Al-HBz?i{v+=TbfM2Ua> zty_O7hbEZ1$`Znh^*fs=ok(aP9<<8Z?{KNX zBw*eb7HYKDJ0z2{USthbxTrS@v8;Q`>QHmie;NL<%EPwvO{b#+-6|Tx%(ZjD>W`nr zKJNcuk37XHkMK77A$q@|M;eBnm`v@zc~v2%SI6ehPOs>>$k+40qss85fvzl3g2O9N zL98!OT3Vdx8P|bKi6z}Z3*HjIs8NUGZ@4I!pqXQ2aj@#D_3giJiMA&^Au*S&dx8TH-FL*2Ql>93lvgj_u_u^1Pbc{W)GPKY4wSQ6D0NIBpep_c$IRo39-`gQUQe3ok((0~X z*gVstL}G;)aSENj1vpPY7v9}Z#r5WdBNyDc7p%sC7hJ#|BxI`I8HB6E2>O^dXC(z) zkdqA1Sr}tIS?^{76MJ-qMRVkv=P}7!DMO5GdE(a;5XOIj4iTy9it%O@rVxHYovfE; z5JC&H;8$3|zf)f+8lK9rjI9ic0t!ydb1rOHQzKECup-%&ygP+ zKYOUp)~QCcx|ljoLSJqbhXsa6Cr_k=xGmF?MTSUAcbbp@g^^qg?#p9Gr_5;SIpisA zj&9ww34S_}0G@nZ+Ke?Nj#?n8fVOJehTbr7c5cYCIsidN+@Jz>EuzLvhwAMsZAmlt z>W<{Y3~iH#y&hs^C@3Pg&SYB!n+Om+HPJdiol|03P3Zr$65$Q+J$-V@NcGFnx;4os z^v+3L`o{>%d{GJ_{wf8t-O4mcW9Cx`w#6f#u3uOc6pdy`D-0W48>TV=}fFjA|ti zy);I=0{Jotn+s|)$J_~0&;tDsqhTV*d8sz+&i0xK;gA&(J?^03ZLmQ$KK}n8=+ZQ9 z;Ki_D5HFic@cDa<`pGOWDf=IA@Mb+$32d?NKQ?*RGt`gdGbilHYS1NX{aR3ox*xD+nVA=+>G2FO`VB6DAUtt zdVRoUQ@3kT3&HP*0MhpbX3tES5+!yjk1stZ4-0=VnK=`guh}5&74M9=7)sP}=75Rq zw9p?Js4@^e9h1!Bf3r#Rk*@TNRf`S2M_d* z&6S?Bd+;JYRIvGJx_=AgRGf^(3%$ zgVpWQ!V2BW?XAK#Lyqg{S%)0;c3Ihq;&ln=m8|tDrFZI#Xa3kjPi5siNCzG#%Gs*} zPb%!OU?_vliVUJtd|6d!cAQlo?)NDgz+{Egw5gu`NgXz7G%{Tjd}E{AUpEUKaPK+w zgfe6O&eDQ2_(bi_FBoz~KxORNT5f<(pxolUCp2%v(45}B-9S|o+T3PTu@%nB`2*-b7hWXc7Hv?T-It4hk zHR#dNttGa;H)$Z3o3y@gJ&#w_7X&FQ#W2BwV%TEm>s$FuYSa||B$Zi2HJa(qDI!Jk$>a(bLs>g;5%+92j(Ztq22zFbz0C? zS#Cf?=UobjYs_!l4puNxJsHm50{GT7IgT4_>YG=pHw40H(Wc#vIY5;3Z6Dn5Z+ic# z=gJa~9YQ>wIyNt%#-Fce+#=*j^hQX)TcjhI3h6GVgV~VsDWZ7o1ubZkO@N(G8#9rP zXvj+dy%{pM%~@ZSoetA|gz4EapQq&2;ZDKQm301{Z;&7@@}~-8r=*Z5xjBSnkp*K4 zJ{ta?ez%N6iVfPl%?l4mVn@>tyhdllQ6dv%w6i(!4Q$JNYfw@JUg$5|4f@y_6KQR9 zT5Nde(ch;`d#$j&`Uvru!;&Npr=Ytw9zIB#bHU8GnIP>hTDdqVA=G97I;fPeBHus< z{8ny!L#lFfOUyDacAki<(KgfsqNwN1aCD-^n9PX(jHbWE-{yapt~7J^la^w_iByQ$ zdT<(g9X&XWAV_F>1Ge4Q*|Ob(6Gu`KkFHv%Qx2HioOE;fI4V5~ zjZf$}wOa*4j8q#6-9-PB(|`L|YhM2#8@UeB-;do{zcPjV zDDNsY8Hds6iJxb^a=a$`kXLys+WGD6Oz*encSN6aDvz26HnWj)3gDhk)*+jFeSA)= z7aY^0!|b>WUfbSIe{Vav&*hnN8c2c&m9ES^O~3oh?~Tbaonz3Cqe&P6tx?^PsBb>^ zV|r%7@{ALDL$njr%7%j6O2ZQFIpGi@HU)z0OgY^Js&bg1qYixJI(0L$Kw?D!=)he5 z$+f$b&GP>e7dOK7L+xSD+vz2r&m%XR2hJ({kD!3NA3~by2uZLT!}j4d88H*(EZzFr!=;wem-y?}enl`bSe3$hHai`Rlr z$dVBOl;JDtJDy(Uw=YNDy^0)?xVT+QMWfN{%-=fFI_>@S+iO!uR0oaS7206qRWGbx zXQr-lRV^gf`XUlD;5NE2Kw8i&{>4SGSv-_;!dq2{7Sv*|_X*;~paZumM#8AEfc~}N zU@eDrsgyzIGHy>NbTk2LuHSX%u7rR`_Xeib4Di0r$d<0}NcB<0r2X~V=Db-o0~@DW z<4o*4hjAlLV88p~T?w_^_6|z~xUE#5{`^BSSYckcmwiqRw&O$#Ee;J%3 z*(DNdG{Ji8Upt&duBxqBaN?nqt_yc;l}_mdIv6*0YzdYRMV3QdChaf>DLNnIFNs5; z3tY!=@#1dB2Faz2h5;ZpElBI_Av+yjL6z0LPib>M8yfyQd{zKRi>Sp7!QxXKl7t4@ zCVLEiuZd5$TKz{!yF)kR6Ol6DBk!dn$UbsnGEt0`ex}oyq)Sl}+12rDNpa{$$=_OV z$6G2Er-Dr16l2p%UkaLTL(_xb_9UCYV|688XE}?>PCmc2AZ_mrh?@|jg4G(IodHsH zUKoM4(OvM`J5Cu4Wr0@x1M_C?##66fs5egk%TP0->4+&ny0UAC8W80}+~lf3JugcA ziE0!j2Nz^TesWrJ1fmqb9vIZRI}gw9F3o@*5R}l&yo_}C{{Xkc}k^H_lq_At*+q06`qG0kbEt-GGP-U=tMq!G>BTy#@s#l?cpy>YQ2vyqcUQV4~Xyu<((`j560Zs)UTECuIi1Fx7*%qKp1g=8J|_EW)o5eEFj`5D&hHuIF+9-=8-86R zOUay~7EeNNENo<9V21Ryl)u(r^=4s&MD(dGs>MH|UT6askllG8YAaa;8M%l?vt_Q- zLO)E}@7^zx3;Z##+L9r{o zn>X)-qz$CTpj?^RB)o{x%#vyjw3Y0YL}`Wv&!4tiF|dCM9{}1u!2ur}-S#I&Vx@>H zbSKp0HG|uP#Bc_Un933g0lXy!3V_JnAzgV*>3bqDsYfC;Qc@mEc`Is5Lh8!DcYNu$ zM4D+okP)q1h!^_hlkRP7J9ZfbT{8mK)%VaYb*@k_s!xHeR?sQjKA+RT;Y}fPD|T1z zxDo!EE+A&Yd#aabVw+^wu5|6X2MPvYrQ)vzI4Sw`puRU7&IAd95^nQNL3*M89u=KG z(^YDeC9)1U`v;VJ%}3YnIDi&7$*tdDH`%^yvLQv7Yc zkRA}ipTQA8Bj=!23%N<|@mwdwM-l&$IJ-5CHLGu1*4&?kaZIs-TNHrohD{o2vsZJ< zPaZJH*<=0RsD5rJw9uL+9XybF?G}=iLONpfJ$lgp|vyVykX?_nVF74|v2 ze`~%*{LF^4GkT&m9al_QtdOn4rYvVHsT9A2l12MHW?j+Df5L6#(*M5KM?#>sGT5ZF z=kI3M>ak4ev?+6UXzFPc`M(d}<{zrp$7JmAjO$FL(4;{wG0@5a*C{9GR?lY6>l(y?$!|Nq67$R@kv)rr$;Ek06*(x#^5 z*bWw&|Bt&~%`-O3im@3pnqPaRG!KFOzeN0do#MBAer|=g^0b{B@h~m+pm~nxOQ03C zm#hf3j)FgP?`6covnCPb@I zLv%92GZ}XlAEk8B-z?3VN7XfzGN3d|C>1}~X&yIC9Ss+#b-u>+o4_Yj6HYgqu6aj6 z4W@h~7Jr+9eh+8NOhTAK>0YKMXWktj3$M2$J1=1P_cP}|1A{Q2J#2O~uz3SI6tU^# zC;z3C9VPvJP?L7W@Cko;sSK(Uu|%eo037G?^2|ttFVXzxNYP>xqqU~86qFoA{5vv} z?QF2elqDNZG2c4?=oue{g*={)iBme}U80d$UWMaH^~#wby!Gy{%{)?o9N7cm;xqn? zfSfNzN=FL^THDM3!6I3ny?oJ@b315cOL1GBPFf=os(i{P6>=RTm@u9?jTTkj$_Jjy zqCb5zP* zP|0fg8NX90*x3c4=9xu_4W7CH-{M%b$F|u=&W#M1B#%izc8!#EO^NAsf^~01x05p* zxxuzwmLq(_qdojw?oD=ZfW*Az6AgbtAf;S_PqfEx#NT4{CL=V+PX>;U4Yqf(hMOMy z6Q*^|1dy2>3xmC-(|?~=aZ2^=9j>H;pBUG);j(4QfKB>12Cg_J*@?Z@^+5A6Z+Tox zIdAlM&<+l(cA*)cK&4jn77u5K<6D%$AG*U}`!9!*e`-`A&5xR$$ZO&md6Xj8as^TR z6cR-7KWZoMf4H)IsbRH+P4Dq$Vy^N$8-IkcP1t-kl`)utYFvcPUe7ZbV+;;U*!vz< z`bL+Pn-zS?NWBi~Y`f@dHX*;Nx7R+@&wfXJTApA2$nU>2*Pz z#(Z7H*nADgy4^#w)v(5VhpG>zwjG#8(X4cAs#vsreZsJR$nf$H-r$goq{|=8zeC_k zp%)%oWcj|QNjnxGqgv+Yxi_=(e{ful7zj%C-pn@XjE|_tYq$LeZOSdaI7LgHyE!P0 zq(rc1Z$HI;8TYl?%9D9>H3Brkp&Cs8WO6MiT&N?BXGKl>_YCCx^lx6`F2T5L+90TiMy zf$YZ>SWo6CjYg<hcz^NvQQPKWxWhMQFJ)2&-rijSc@{FR%2m$D^fT z&D%tS?K=7WYH!bljdrL)aLTyfl(Axxuck)ex?^k1F^Rq@!?L#eO8Lcc_!79F<$;D32BgIDO-F`qe=9Y=uN_M)H^O71vd(8TPD7I zQ<yPoK{?(=)SL7R-9dRsexOzdQY_wD@nk9?1lR9zdl z{qCj1SK>yD;@6|)KP&*gOR|vaSYhet67pxG12PSQn5DKOCfm|T90KFtOdt11kw@{S z+9bwX!+TL*TMWR^U;^G4xYaPJ2Nlkrqs5L=wIj^&!!p8;vyGoO)a>(C`TwHu!Ox3c z7MvYB&EaVz8i~lHi+<{1ry@z_E`?uKvb{Fr#*CQKNvQr}kvMHKO|D~OxDyRTF0_I# z6zMESvN3u%iNOJF$=ThEsCjp>V*@wr1ooRkIx^%sDPecNJ5Bp*7jf!aE_5U)MW8uH zBtwB}jHd3&@%4}Mp5V6$O$w4OrL+Eji-wXA3wO&_3(A8fsChA z;lNrS4^*j{fl!IiZxEzsZ+X(I-s~td<iz{1DaC8YL9Ub3Vcal`-J zd38=Lo{;eCn1a-7?acW^G15a|PP&;o(3HnB3_C+4c{nP0$R?EfXFGbR+PkjTk@Yo~ zr4o6Rq95Wla4l88zP&r!I>WuwH?B08y#bp}Cj20EklzBzto`p_YTK1iAM<~w=Z5oa@6;B2IdC`^$V||*-*K_NupdMXj3`L>=-NW zyX53*MKq_0_a%0gkk@a^D_QT?s`lcQkgAk9So_SEc z1qWPMg7Ct8zCZHrrp*6b2_Ce|mFGxyGBFv9dgpCm6W)777P5;d@!wB^r+#cLGrOB9 z9q2e%3!P0yA&6{u+*@w3hfS;BALBtS0VN#2_i*CMcagQR_`Js0PT;!18kWvj$SD}E zf6>S10NrbQ+023!(f(WYC-HxA<;Tor`d}JiDh@dv-t9-uAzBk?lQ~JAMIpLg{t+)d zE14wecb9dD?zm%O)gxN^G8ephd*rXg2%omSeW7{xm3H1FBjY`%w4?)-p7q~9-Bls^ zR?@bg{09sR-6}k)d~J{JHI-V#c+rsyLN5i^DqT^=V6GtVm5c$s+tRl5Zo8Das!THr zfjIX!sR!a_^3*|&>`7c|ktc)mOARvFJ&Wqe#1ffO{7Owy9L-GYFTcog^+%Y+dB5Jf z`E9x>N^U9v{rvxqj~>Yg`<6Xk2bXj64etqGS<4v{e8_Y70_u&3ZS%S8kK};||FkRZ zt4_Owrq{f0J~NEV-$e0c7mKH)o*jaORs~w3=FR*zN|Np{b?-I9=T?`<$4(%WW<(SX zzaaj<$v2Po&~(`iXjyg@Urb2?0~eHgi}~{^ZbNt9t)hr0MC9>b^FS}LuwXjB+yv%uFHT5_|7NtK@zxDR!L^o;*dK z%?WXBp7|;_JfmEW4PA#gC<`G?_a91`T|~=Hd&ypR+ze55_~LMIGNSN;Agj4=)*SX1 zEyTL<=_zC>HMD69v-0eLgWfsnIVZ=qK^SDDj!ozKJ*l;q+`++VQ)t&g$uFCah7EN>L+lG+3q?IVJJh#ojx1f4S_9 z-T%kO(Oq-t<<)Mf930l^g<}F}dIU{tl@t_y8MY$qW*h8zttLT9Y&FRRIuUfMwc(C} z!nw@dlv8Byy_%HUkP76Fx!$wG%*$vCSB9ssb`nC9CGYNTwoemXUsQkbyBWo`u7u0P zwoxW{k^OE&03#(_#Rh6JVqTfFGVZx^^GV7!ul7rtQXb zIs!w+J&(adr$w7~h)?t-m|AB0!s<{s{+Il%+zm;|u$ay-dCP zG3(T-X?gb0CTq2=)_U!_$8k}N<_ornDgV{c&;<>e6N|N(Cw7n#Agp@@Kpt#OO{&lr z88Qn9_B@!7ew4F33lf$g7yV$_hPJJpr<_9-<1NT>coJrMU1K#T1Cz^JxxDi>mm%n} z$&RHE`<6zgaVP&;dBn2W3FhkjXeS19cT}9UL3`?dV=AEiqo(jSv?fHGm$dWRPb_F# zk8rhN%2)XE?Q!Aez$pWuyprq=O*I!YTB2-nEb{*7bBY)*8$ibzUq?8A)NX?g$myrF zLv;9a)wSk`AsOuMfWV{iCX$9A@b_GWwJ@a_WDI=0f@87F+ga{8 z-k$}@@s@i?Sx*5<)%}Y9ku4PsU)ooG`@5n{x(^lb5d2?GbBi6U8*dDcOO+|&?o%Ci z0*Hcjz~(mlFIHV3tt~}nIHb!)0EaW6U~IfT+k4E*@m^4;YI5!n{;Xu(kb&;8BZ$q| zQ)(962VrffG!c6G-5LT>urZW3Mk<3$5$xs*?3xF;2dl2b()Vw_JkZVccJp3k=2AQ< z%bAn^Zad07*5)n0p+EfDCXDS(`iH07Bj}iqAJSyDZsPK#R?-2$m&EWfBbO!rvFzyn z(9HEUYMLE0qI!GT6PejSvM*ws9@(2aNGU{dffK_FGSc3cT*a8Q(ZHp^F;N=Cc9n%3 zVBsL;;@MPAi}K0B4^I8ktyHt!Op?4mpQ0%9S|88N<@-uU zwDci7aM~2(HVt=~2iK*36SNdfS!BEl7xkkZr=Nl|LmjqApUja;_D~^#0)yBeGzQ<26+wRC&>_d6>Z+wb!Iy^RyD~gqiDIVZa zKYBhf$A8n3f83WE#45L4Uanp6X}t~rlOMaPdt2u}$}c@4iQhOzDK$0STv4~AUoIV!DS%q(gIKSS+m}GEmagvRPD*RztO&OwSmLe z4Yi;phFag!doS9&)ObWoo7-*bM|~HZB93EMJGAZu4KIkWxvSI=X(b}8r|qMEp~6+o zI-5^j+K64B24x;_CyGd4Y1Bw*F$eza9f+$kEr7Q9rn64CDBe+)QvTTJ*DS$myrY(U z)aw-EM|ZFvL6pAsWLRllWU}{>l+Xln|MjRc4oQjAqm-b?AA**Fr_?nq!4=1Y)@QTI z4%d%-45&+q7uJss*flqB5WI1JUwCX(KQDkrw24CUrx)11#Wwa){RE`Y9|1;9G~&C= za?V8Yi^#XE`2>T9%30^qnn7Fg)gzBW~&^zjITIZ`Y6IQ{8n&A6=bf#=?|)&7b{!J}>Rd>t@3&DSO@c zJ(hQ6xZ*NH$H{FQTGJMtbd*P#m|rhLia>;0DbA`8>o{pMWB28lqukLTn|i+>ttA{q zzz_9n-EDs_c~`8BcOu;=KY=G}S~qpTfA{M2u2V*%gy+~}Y=(n+<}R7OR7uBTRX>7n zzG(ZNewd~n@ZA$RAvH9jMyl2~I{v*^(MY`Yct~l{swc~h6{v9EG!oFJNhIq@t8IN5 zr_B#l?TtM64>0z1s`u{Iv!zt{&8VSn0VAXI5$lDb!qmu!$}ds)h{tQ-gJ#NDu`gisFneTM_sN@-AY^)`BImKC6g#x%rx0FJ%TBW=T4X)^ zYl?NumeG@kPNu`UWv*6l?E9)8U)1>3lYowVr~h(y$UY9@5S{r>Mi9atr#*XYk$kij zHl4%P+;XEud`45~_VDyByVnPUSrTIly%pY@1U}ATQl>yi?P{0ToSDUt z@_pl-`@Ky9?H5Un{QGPG9@XqJzGcshZk!H-5GY zWO=I$l=Ejo|3~Ji!Ab|0QWrtwN$VU>-)_?KF&O3Ph;On}4wop^AdohXb>7F%$*VV( zI2tTRCW0*>N}s1;KEehPn1jWMb?e+RZi?lf~8lOOmV zpzj~Yue=%CHSiCGnT;)|u+}#9WtJ4MfB!)sOF0YI)MN~g?2|+|fuUnvIK7*I7#8An zHe{g1;68)zv25jHFTJnad}R>ZnnLHU*Hcc!<8ia5GoW*R`s)|sP`s+$db((RqTb5L zp3T+nPJFC@RoG*9QOH7ab3mw_viokA(`9pXYvpwXpZU19=)gxC@pBUUpVqRk0 zjOz|K349D_dMBRtCgP#Pmvckdb3!s)Wb;3K{(}7#m$tGO(@$D43DDV}#rz$64QAQalBq1r@ZuH^;dUiJUP41gj1`db%-w|Qvi9x5g74xGqSu(_`FXWX*Br|ll~Wo0_Ee;A?Qav>0LRqoA8! z!KcpV8OGNmfNifH6!=6k(NO>@h|+xV1bIqtrq2QZ+60*7g%|^oDIOrIgx7UIkw4{= z@`d8NhH(K-{%+NBUe+{uVohJ;OrpT!v1IP_n@{&dNz^dfq&7m9a8wzA88q7U%jG8qKftL-EUQ8 z5T4b{ASF_Cca*WN?~z#-*kBvasL%I2=1&+=edlngCWbAt-Pq@pS%4{tVa3Wz`~3x; z&6M(_Ps}hFNd^h=X|@4k_Yur$*XV)YIG^6~&|wMJoPnB7W~;=3j?@F5UpR^q+L;%Y zc79`gnVebpf{Mue2{3s9^icYv)lXdS+FxI`5fA(*4>;2rZU2(1nuW&Z)yx<%* z&#J0!oMJ2(^|GnrHMoYLvm(B2=>!4Q3qSRVZHG5{Ra8zv<~!??1A3^>{^+;49@M)X zD}W{g6-8!0+jfgqe}Q!1aQ&S=qfV$Oq-*ommQRZ-;Iw?tUiBHq_ag1OnM_vb11S-& zd;OHddF{w|9+14qlM%au37?dRwa%@xc$UhK;2j187`FFeTSvUq48E5nUgezVs!$aR z^a>KyUHZh%KFh}W8r_LYjF27Gc6lKeR7TJ^z-f?bukD_ihVo0rAbinDC9%EVA-j+C z6VT%Iqfs##oo)KRk^dlu!#!ueT!@|t!#Sa^0$!0g=qd%91W${H*`GyhA-12>e4kxR z(%;N<;ku!MZT<0^0Y$Qsa@1g_N}Hhdbv{}mXhvFg{)c&?qVgVvu>Gn>pHuv4HO@yV z4~g~Bijl0H3IV6}?UpYSKg4}{m+1GfRto?1@A0^tPNJk1JW=c~{O~_s)*HTOu|9=2 z+x8h{Yx!_`1zp!nhyL?%r?#H(PEKi=_FT#WC^4N~VtMex9dnSwSbF8s6(K}zq*KvN zyYDi6p;}a(tXQ6aOB!YugPCnD>J#daZjeEB3Xr7^%Vw_7Hb-m9`8z zcb2yU7kghflgPdcA1q?yYBfy!w3B5s`i#{V#Loq5%CXxMp4?4$`7lbT(Dr6G8KW9wt1LRl zvrne8#-ViUl|KbUfM|)k-;{G%x@)cUd*Ml`+edN><`JhXS%E^HqKP=4?DMdfH@0#K z4}ZIT(g?fwc6ARts`bue`=J;%Y`NjSt8wVBqzMwSqk2Vf8DaVaSiHiyyMZO7uxKrF z8&C^Bnnh|eOs2}2%wJc|E6L8ul$`ufZb2-mqM^^n06db~Lc09-G>OkF>I1FwVZ?)O z4yEaNc|+;+7WJJXF-Imv`7l${m%df3UDp||Bq;SbO7BXIY8-V(EA*#=b>dmBfrd%k zg}BncRVu$2D0qA|SbcsA$<3kiCte!k7BFVN82RRyFyM6IoJto}Jmi><%LcW7EP764 z#v}D^nb!1MN7PZ`OxvrM}1oKP#g=*98fM}H1ELLa(M;fEjFiJ{Ky z?12r^Q8P-OcuOidexC5@A5N<-^ej~=wh{ywy4}r!g7yi3Gp>9elsa^(O6pQTdLBD)< zfYeD#4?--28_fR9(3hb^>0LSUJbl5#(d_jz$d!QtCodLf%rVQUygqRTOqy*7=FGGb z)%xtgc!lr2{>PDMHof8aV?d+Fz_@3(mLJ8=mtIHW);ewI{M5qny@++57koF#Zr=Rd zhxvaGa;tExBp{SOaxeWe9br3f4(4U#Awho_|eMD94dEaV#d$PwCkZH#qK!JF7_(6+B4fOqX9HHJhjP zdr~+S8+6ku; z-3y0r43><1umX$4BmV?QIbI1dLcq7-VQT>Lp^t$`^6peuFN2Y=ONt(j`MT~>aG%#4 zbqMoaNZJh!{5}9TwXRjLsMW5Zef--y$nvNnm-?*m$h;X|k#0LZey;*zlY-50k58wm zKy0=JRjFI+{wilFvVAupF6YYgO5vXLcOdf#Vw*r)E|N9{vO?2Rjsj@c!4L66@tUcJRWCZqyUK^F(3&Y23NSW-qdeywG2*PC zdfZ}F6iX12Of#^0V|Dfs9Kx)TY$}31$LBg%;p(;W&YNfy!zNJwceCAOBJ(L5QqUn5 z3%0xS-(`0)ohF!mClie21)p@_dPx264p>(p(*cy^RPTy*@_dNc7%}|cy);41TboOK zr+UP^6K@vYn=d;`|J`z{FQd_%HhNQn1rx``6Els(7R2sM79>qX|93YYA7teJgY4sx zn=XBPd>QdVNog|P`OUIrIQxGqhpZ@=OwBsyRGFJW(P;Rjjs606Wn$^IujxcpGR<%G zvZX40ZTETNw*OX4D2koTJ|#swr23TZCXUX~ZHPS2HkMOx?{JIH<>+pj%HqgH{CCsdFg)Zt0P`v4dedWv2yRR^olPagV+v%vl>Tp9 zXqvoA#l~XJH}iISxP}dXd#wL^Qq?`-v1RKkP!^34Sx|+MW91(-szAZik3j#uNgw}r*e!sj^uH>?oc=)e7}A#1xeg`X*S>c3CP-e~WB zIyK(N$-wV987chwhH^pt6Cq(0Y|UEg|Jk`HtDzIA>TxyG+qye;gm^=x{~3-7QO{>}KzbN|RE z(6erMN|oNj3fP_jzGUGd6?pgbRXUwpe1=q|g3J;xdsb4J8fQ!tRP&PNcJhIi;PPbu&A$r?=gGdympK?jC8udN1}WYMeqBm= z&~>v>Vh?(nYvrxktg2jjk?*zPiYXWhmFs%z0_qdX(5ia~9VyOKUYC7v zoATOM{Bn(AbB}p%5S*YOtFB8u`=KB=8xQ{5sQ`Alyq?2=M3t!S<4DvCa!-GmN2ZuR zL92<2@C;|(1z+3Ch8k`K?Yosmv9Y|)O27*%E=b6?^WDUtqvisIUPaL#pI^(~uJpy{ zFP3OE=oOE9P0{KCpY2&ZM@gpD?R>%6ec89?)vPMdi`uP_0sB=a-PQ&V`et9LI+Twd zRJ&Nlb+uTG{VM-C0Cu@~JGhIuc%^^h#SC*gDC&J=CA)#qt^~|5>TN9bmZg zYaiVZeju0{5T9~0*Ncuh5D`>=aXn$hM(~R+;~{?&io}Cyzh}u9c`Fg}JK{_7W#WtS z7nBB~x_z9GeTS1IqjETH-_*tz4=6Lb9S$0N6ph;TLL8Xhxmf}|vc3bO8uLGp_)lZ*r%il~$joX>&X)X@|{P*F3vVnfFm$*a? z@3<9PB*(#l7G$W+7+>G{%=1ykb*QuV0U5Q;* zQ1vYyd)1-(cUhgc!Bx@NeL6Q?!T67Bjb&o3Z*$cx>U z&zFjfRsuJ%sFs@#3%7NqvSr*}l>}lSQB=SBVrw};?31DCbEt-D$0Cp0j(ZKBZ>U=VQ@b zumm~us_vKBbH*e=25UX7&*$@xxl*Wt<{hRNTl1@`R&oA#=djYbU6qzM$R!jB8I)X< zH|2%zb^uIT7q-f@`Hu;v#N|=enbcgY>)_!_SE!a#!F0ow$@rp=lA&b=_1~szKI2*B zk$0~DDXhj1avu^eIL2eERMVQz<@(mcV0nR5sB&it7ZIZ{k3M;?6NZ@NiiYgZME&k0^|A0l5AHjdn1oJKLoBBJ<;`YuZA^2?D+Hp)iEP`cYa8Rkvl_kZGGIY{3k7M^gye2$QUCc=9a6@9w9;IK( zJ`!MM0SbfoE;~Q>WIr{%v0slmgx)BBd~PnwO2VG)r{`H}Jqu6b?O)lP{zfuO;mz7v zm)Fs|Cs4R`oTpU3zP$U$6qN^>*9QH4C68;b$i<`^7294`D>3+0UsT*)UmgA_AZO)t z*!(&cZ{FjqBvV72z4-bcA3cgfzvdxmqwefM=}NXpQi_f@hKjhsjZ2khsQ_EeH4u0| zu(PluMAbp z6C@5v<)za3V}I5Xz!k~q+78N5!Mt`VKkB?TU;36zvDx|{LRTamm72_JY@vfb>b3Ls?(h<#zT3T-|I(v8$_t#e z`ABE;T``vVDOyxdgnCZ=IR0g1QQs`=*QdtV(g*+xJA+pvNV{4C6X>@$g)o2L{TwH! zY@s*upka1aOAxQ}$)DB#_vBr|K3ExEM66H3jWA6cSl)NFrUmKFRv3Go@|W+;o!HH< zO>)ZCZi&~xlbA1{(~Ad^jD&T@W!;Ui@~(ghe7x`%HHTxq6HEo4YKxEP)T3@bn zMyZ`P>sqpkdmT9-YPW1}``75|&7%L?ArZ}zdOrO;6v%!L8F-0|crl@^*n&0BU1e*BX*85rN?i-;yCr%iQ0CcxPYJ=7Mo(g zr(X8+g99m_!Za3SFZ+HTPgqM8XA&Rrxmb!6?L6eScy9-p-`-+m(4mF;oL*xP*gVY9 zOUcI4HvY4;UOP*|z1##@m`JFFJxJ;`;?g|zDd48!ehP79FEcH+85~O)YN2dcksgpT z-n^z?Q)Q3iW=Qsz=<0Lzsy(K2wEVEaJ#^Gu<=EfFVwkT&;C{E&1wDNwINe29#34Fi zB7$lTZEzb(e1wPhv}WIsTweMC)86AChV9~&!C?hh#&&kNsjoK`K|PH{KXv6+ONEE3 zeiHuExn2V_$OaizHbbp-JBjAbCX7iUrLui8J+IdnWT5#%omlqS#F7+CuKdr(|Gd9 zBYU2(fI(#rb)!CB+KEeH_XD3Y9RrLO%fX1sS_UkOmE*nKR$wR3`1(`O^NW$X(}^1Z9} za)A24g7Q*|k>y9FYf`N%=N^Yc&u5xbe}$4ioo?yqPZ^qPPMx>nMPOx}T#V~h4q+XX zNofx-d(njF3liA#>!aDBzk9z5%%9(P`J|$x#}Chc9YmJYc2^W*^W>lD3KT&3wYs`_ z+Amd9N^bDC%iJREp$Y3yFtLMihKm5ix$Qo%96$D~pyC~9MZD;`86i(7{$sWxYpda5 z_hxjyI|yWU5X=fdRYfOyJeS@uEp{-jw>lcg+|MkVUzF54#Lp~LceBUmS|lFE{?7nM zK)AoeyMT#H@cWV4?Y!iPh{oCm4Km#kJ;ssnTY)Y89OerIzbHUhm1wvWX6MhW2+Y!_7Q;|Mw%Q{y zTxOc!o6YhG6@Vc$!*`OyGQ}`YKE`LQ2K8-kBM4((==H(tsyZuQhE!CL`(f<>@cD5R zt*V0^e%hTL$rmI%LH?TF|1FD&PN^$?Cd_;1;Dcaa{(|)D?n`S{YQPUYkxXClqib4O zOE2Jizlu#~8O`;$caEcO-WQ(brKpBtK8UdKq-(b+ql*C*`@|U`r`I!xs*Gjh)N}r% z?wY-!!5oZFln*BFws1Vj~lysx?RpXIP@^l5$f~I-QQen`d8C~ZtaVI z*b#Knmisz#y`)rK6_5RB*?H+;GQyZ*)QeJp#!NsPuY*}rq^^pI3j(yeBbk7L7h>v% z1Y|I)Cgq0rX6Uy-!I$+Mu{}g%5^)r^(A6(?Tk2#zGA}oC&b#|O#}5(I@XBrVYZh}> z#=hA`t}<0(!gI4g0+cHrVk5=)j>2S!Q+D=cgTf19?+HA5AA{S3Z{Gf)hkIGc%WMMK zKWlx#CM7GNYDh&BAj#{2xWvJJ%KaOg^4Ky2D@P+RY6F3E|h{+X5l zm3wP6#IQe7+8MdE8Fy9gR8G7o;>2j5)gi&e=Si;To}j_RB?9oXhGEK1s+dODX^5Mf z3jk0V)_+T_>PcCRExgj13KSuFo}lPcaa9}W>py=}US+wRI&;@9oq6^t)9UK?WxDyi z_-rbSVaK_q6G-`XJJAT&FVyV@iOU-<578UzE_o#mktRJYcD7k#I|xsS7R!G^Z&WVn z{Mp*bUeTwkECj|smC#FBVSY9kVK-2Q_x(4RmCki6!!3Gp9G2!(bri`*&dyC|FD{I+ zdHDX7b{5FY@VZQ7okZ;uT-}0A@WQ+>d%YAVxp!O2N{bp|`c2ve=^YCtR+A3B_R9Z_ z0}=lrMW99)lCezzJ=NvIf^CpTq*P_f8CEczjh>B+@JWD)JDx3}d7I0?8@s=geO{{P zVx(g>zSwklC=J^omrCl4bJROn!KvU`Cu9_#CYaF>Paxxt8pMTru5c4I-F!fR!wysG znfuN(%wWhf8M)?UUY5$#nEg+l9T#js0JSSl&Av|sD5>yFmjY}Cvs(8?zv=eaZx$eF zm8C3cMqy8R=0EAu$7wj0H4uqn5>6n~Km*e`D;XS?rRHAt8w#>u-8Y%1WAExN{Fdq#%K@ zDU2<3fHn@V=IZL7<$el~+3u$t+`Pv+ma+Y@Og4vn=Xnv#&&SCWgCDKG*?R4r&?~$N zaE6T9=URV%t^M0^6f|!OZaUqSiSw1-Xkk2bhaV0lj}@mp@=(Ich^jEFg>U>U<5Z$F zb%8T_ShSM|VxPT!x!Y4)dsg4A47UKop(U7bC?eJT7FQY|SEo^1-ry=fdgD1L<~~q) ztZf5#ZfZRhD71c^G+jkGRrQflv#80_ox^k|X2gJ!y=4R>Md{)F2M1#$eaT2(X@B=Z}x<6ZjJ#lJf6rAX;G5onh_A6vO6 zvSpTHR5XtTY>=Z&T&?yKFO};`s50Q3S)=Q`Op1 z+q9#dzxk+QyZl;xcG6I*23r6F4&)BYC%Vu<+{_HL{ zeDp!XY3$v1C4c&U_Sk0yc50`W(a36}FLWhH-`z=)49RetvJ=$5?RRjC{CLWiG6#zO z;_&Gl*4JZy4c6wJbd+>ZcSdFk`X{+uw;MY>5(4r)$ z4|*Xs+gd-fCr>f((w6^t?{7KEFsoH7YRz@mHNBZOG;{miYA!+2 z8hfhdwYBi-Vhp)k+!9o0%{{S6v+?(`<#p`cies_i<(TRG{2A73N{d?rA|gk-s_y}8%zqD3y3{Z{{r& zG)qVQ5cLr>S7t1#TAdfEvsbB!DgV!~hC(kJ2iv?@*CJvtWWPz;WamW8y}acqtlMQE zaxL@ZP+!p^2f*zGzE|=&;nQ*B(8jV{Cm^$Ehk~XCKL|yWanF+s2XQEqzY39k-oE6X z_(rple&AtR-*mD$A)Prc=pK-nSd2NlV2_K6&@Ft7tJFI{ec}$Z zs_(F;ObQ8Kq4FR2e7%@O|M5{x1Geo^0bS(yvRVGj{qgn+(D+m=ntcASCG>(@Q8XZb zFW0YWfbU~1K3^-Q#r#|FN*$yGhW>Hmd6=G&;i$JSWeslrM7rw}hme(eeX(9GP79uLC5?aJgeqc*UNq z!snhSCZxpytL+b(U*CFLxAazRsH-vXXBUef%@Lea)(Bu0xpJ1&vs0HoktxEXil8h8 z*R)Qx(tGu8_9L)jriMnp!F?{a5xW?8N3-OTMy(K>|LobVP5>N3+4;p~td{l1@mrU2 zn2x8)(a$Kx-&{V35~)@dxZaQ-S=KzD`*o>RMhM@jS`J3S)+< zYR7tt(D%+%-}~wz9lZUb{5n;z zXR|z*!8MdHdlf1%`!zz}rQ;103~`{t+0W?;oo=)S&0n$@#%8$L@BCb()w{N(th>?C zJR^+@QaO)Jq@7@TafEN|f|P2vMUF1Ak|mxmh}KDA!x&t>gItW=8DLWX(x&g3e~OIj z15iXG5ie^=sVqb=A+-*V3GN|eqC6^EN(b0@uy!gJV>0BsGAC_+q~fAtM`X+h;qDO` zdpAmw5>saeiKtZZbltkuXTe|gZ$|+m==Yx33$ggo8}Zl&+%#ExRZ?s8OA@syT<{}utsssa>QkZKXw_q$!p*~5d^FWoJV=MaA5(Bppjo{wJBZpakh zz4XI_#gn^k9-oDuFz^>&;t#Ac?fX+7hVt_3x%4uC{2_&V{A+t;rI)q4T8c^K@|UW$ z>7D3J{(@dRN?ZQtr^sP8(1oE5vW#{q|HlV{eDJOQHl9H{mGiN0 zZQ^CPm8CrP$R~)14L^fwRJexoGl#}(fb#m2`>b*sR!IKg;RMji&4U>%E2`(TyeS?E zy+6~Cow}fLJHXtJ6=T7z@cCe!e7D?~I^9iJFmy2V*NJt5dt^(yJa{q~>GkJuGdwt` z7VQv$b(u+!e<@k@)9}nQJ3We8@47>}7Eb-Pg<>d;{>korxCO1$^&OM0x4G3@;t7Q= zLg}t~a^e+@#G)9Ee*-rU5`1Y}xkZwu2~Kxe3%%`yU!ef}`Z243q@Ma3J`L6s_U*RQ z%L!cK5W|3g@Pt)+{k(ckZ$#f03MCec8w)HL?@uB0S>{eQsFWMu%N3G&0)*%P8dgHA z;b-t)-$lEuLlN?d##m%xx?8t-Ny@m2w2hO4pzR2_HeQ`-@Ve+IwM%qWuC+;mT z1eG(?NR;d|%|@XE{6j9Ke|ux*ISX0EG5g4TRDNLmU=HfB@%K9yUMal*p_zQ`d;`^LdFoSN*#XL6|+C&;00MKzjSqq-J@fn* zU0yDf%()?31b*9Nhd+Cw<+z{)s1Sn>9uGUD5Q5_5|Gx~C0$9?I4>514S#Qr#_4NdM zl>&53Yq0PS@!9QK60_*TU_Pi%z~Zlf8u#b);Sq}+Z(W`?ymbLJywyd!xirYGl?sU^ zwTMvi@K>k1efxP0aP9NDbzNeD8xL#wEet zeb1LOosGlZ5r$a!-4!1{*R!UP2>5y**eKUTRXvL4LYER~K&U;{s1@oAmkiHIgWZmIQz|Y_jI}ObS zA8!RV!b0(E%XxQ~h*BL3z_`z1q~?h;cb*J&wL1S1x@~8#ewj7sUhjMvCZ}x2=wwM# zpgeX>)b{euWWR2f16-@ls=;010zP`1$j#{6!?ZV0%b)$3XVhdB0)!srqX30bl9)lC z+#eFbB>YI4)`O1?l$7XdpzQPlFAr%EKkQ=e88)nm&nKX#xVA22i#_O0;|!L0j^)Fk zNT)|~`ynmC4Q}Sdeqxp3wUmNARXox8ulXX^TFar0PI&k9{y{LZWV*`orPJ>nHlk8j ztZmXi#S0*DH5*xUW%Nat?dsG@Gx56s6!fH*@oG%Jor^kktwHEXJ25Jl;?4R&%8j=7uXupf)Fxui+(My4jg<#l4cgSJ znn4J*cFcY>s@UR={mJurvD0_}Gkz9hzvt2$&WC5XVQ0K+?^}L<2&y)&_jeH3Si`Q~ zN(Jy(KEc0uUv@JE1KA>P|2=@kon}7+rT-3OTa$)F6`Oaynid6RbtqsZz7f_o`foeC zuWtyzW(PfcD(k{@XAh=aBrwSpc&QRqnu^@^hvU+>3=@3viY1oUsAuC{Uy0y)ziBoG zs)OyRX>}QoZ6Nc~0~~GL!1mX=`<@@h4uN)~JMb_aTI(HPjsmKXW&~E5=@wno;y`b+ zV8>iWrF-m{&9DvhAE26Pew%#~56BV1P%X=7EK01deOQ)|ObHMA?6iA}CX`qSa_b!# zTKAhMD;UHYWOnl`@oieY6-)?G&k ztp}KynqOVE5kd3Ub&ZjYdneV}jM`~@v9)Ov+E^b9m8ddLKvO98xD3WS$X`=I4xD=a zC_otQO_(1#!&9`^4{KU^2zuX!ghw)PjlaIsOXwxX3nfPXg=&AJ913by)bXN#>m>9#^ z8+AxEFL@MSNZ0>M7m+vF|Z=V zlZSw0m7;wC#%vP>VQZ4YXS!PU(w1h_%i4Z#=wS2PkP{w-vz|t)UbkK~Wn_;;u*w zuA5j}&Q2D=3v=yV{vkQ)?ICY~<)z`n+`Harg1?v4Pwvp%E{G05L9T=I=WoD_JIOV~~J<5??tUEGHD&Y!n1)2S)(f2+|F0knfec{jH#jTmY+kMHFe_3$nj0 z5d)U^YDi&vH!;kaWYGSTu`D-JuQD?Vqn|Vy6PuG)^(hAKv{pLP2?(!MYB2j~Os$Ui zs+!slu}!=3K)WTr?edCy=x=*^dhR*0COX(3chscgyUh;=8OSSq9xxn?vI7gsEEXSD zwZcwuf$nP0APlICHO0;8LR4x>kRIbdYKOXVA~%&b{~D?nNt*fAhCWpf(b zGVp&Ds9l5AE0vLZha)kqSx+QPkVI!93cnP{-2UaeR5Y9;f%!XK-dKC%+`J<$U)A4` zpqy&sWDGr<;2O-zSAFbGXPzEzkwWZIk@0~$8L$nN?owa{laCA!aSjC%@=4b#Km~Kn zhex6CyrEn7ZqFPjl5hGG&q}saZz`U?Prf5ZW+M#0`4;7&s!N8InW7va)wX0-Z3|i(V^PBZMHhAc5I}Q!nrteFKQ0;2 zKbSLJieHou=q2V1Gy-AkHC_w>wY~OTutRKJd{ZCjC&1GPsBr46u+CMoc@QNNwmx~kygt)78 zo30ID_d4RvNc+{rKK#`F#4yKb?wg|?&MuO+ayk>+C`xCuc1L9Be1shDa8rG3D0_}V zN5HSo9u;AvRAtO+Izn2^nx_f@A#eBG`W)zIV#SX{KmX}DG_r@ zX2+ln0_oI`lIWIhkA|K9w4#c2!R)dGm^>cTbTiVmw%~L&Hn!j}EgM|bs`|K+NjAm* zyC&^YF;-f}ucmWYkI9aE>%v2b&UG+ef7s}8AR9Yx`p1@UbVM+{uc9Ecd0DY6R6$1j zrgETox|^xodzTrzb-tUv3^zhytQ=SIrNo18@n5QV?hfD7U(*)4KRn1r6-S;;ONX+u z@89dR&}vr}0}6csG)eM&5eF3=a&~u(^j?b?s6p>*Jl`W4AP2>juxy6_E6cy_QCS;( zQXr|xlh~%nV$F4%%d0 zHR`b6AYUUd_7s*al?hfSPW(7M$XbT##12)*?lX=#hHzF2*2xR zIck5HrnbMm!?0V+Cy z6zGj*;^VS?R(ZGI(Ty|+L7t>gY&nP6QFqhkzN>R8&G-;c$zn1QsUsx-o6_!sHn!T@ zA)W-ia+V6W@H-mPY;@B9Qi1;WqP3bSGpM5UK!H8jNEoenBlPSZXyH@%ISNaEIAHH$p! zjTMb>JcHys>mv1asLn+2*=h|U=_`QoLYSD=R!6d=6zZV%^*1BMrnD%yW!y=9`*>&VwB-L%ZI>+tKJuXamgL)R$dG)I=JD-$d*Ua-DL;7pXR`Q`s<0J^ z;_(|Ci5cm;ss?aS+uhaND#Q!?1xIoZ~-OJmZ6VuASa4ocp$%kOEW7dYh_F{ zT$+1Dql#hAXZAAum>kZZ?)v!t>x(z-&x(eEuE>)X9_OlP;B#Gv#%?oQMnr5%?cz*O8xLBlt=~U4VC%8^^2D|15v6%6F6X3 zF3Kv4pVSgdV}hgsX&VpsZznn0 z7G))%8E`w?o?U*$s)$MO!L%GnWT>RC$zH~ej)1i-WOJ}X2~ZK8m48dE@Ce1!drh7I_Sr}33ScWn z&6g7F&w~om4=m-Hf3`jmgH!KtmV@9>;Vc)6;{CFoH_(9GnKv~Vwh9qzvK~U{*0SQA z`p*~Zy6o<|PQ}A772U~>XhRf81;77;Vx)92xeUi>i~cSMbQ?*p*qdd%l&Z+H=yzG|w<9*cB|4gPdRvwI1?svjY?TP>FhF(H_A=P9vm|f%mCbRD_XP|bb;Is`jEH+I$4Q8c{e;zX= zg4S0St&CZdV}%WWF_BD8V%>@uD(nK6!$bL`RgSl|iU36aha)f2L)iUu?2TcpW zPtQMTe584WdO(tf-q4o+gcqXtn)vKU@J5_d`69z+C`in!_5b7QEuf-mzc)~o?(UZE z9*{;r>Fykfp+k`oqy$6+rJJFp8wN%MiJ`k20TDzP7`pQge&6rj`~TL$#ag(SdC&9i z{lsDRd+eVrdPUb&Q6wL{6;6Lv^dcWs<^|FTt8ne$MpnPUB&^jMTn_0R9KX-7JkWsv zlVyHhO1jH^v3-DL;1PbYHBCp*GjSI=045Ea@`^+ zCX5R$##iFXQ-^^k7*aiB1Srp!l;H<6Yfqy`Ng)17%Ta+qz>F^V!Y7R5FZX=N9EfGNZJfOkWn zjDg6!qKP903jR+;*H{y$pIgx*j3}Re)%uZ3=LDsvap5WXq#Vf+p&5&v&KX z3)@-<(|cdQ&MEc!atj5C{m7 zp()LR7D8Fw?ABRuq+H#(XQ9XxO_r956qR77P73|ENJ!3#EtNy9D~3u+g=ytO~L z!8Hnr$j{9>0TMT_!#Nhc*Ig{<#TR6ajl;+oq)tNXUli6kS*nb`NCcWVC|bzZeB0y_ zPwqD?7EjXmWV{r(HZ&8aMxfd(`);bGKjQv#&2W2BJ0%PswRA1XIte=}-8a#(oFN>(X4rx8V1LcLG%PupqTtkXftD62ZK_C(WWKjb zVKC8Z=u#LY-;%z1RdDx1P7?i0Au%hbA(C@Kf=mlmOhRYs%=(lrcBwNMw|@}R*)-V0 z&GJaBrr>2^nPb@wp9#Ig zkaEgIfzRNG-eo$qg)W*(fAuwp?qI%A%em%|>w zZ}($Ksx<<4hRK3=!95VQPUtusR0E?S2X4Xhvve zHF@roKBY4$l2%{r)6YlyBnY81Dc>|o!5nj9{Yde4ULrNPTq^g`@3t4fg8<>*Z9kZD zS+Mo_N*!i%`?U+LTLV<~9>j7qOKE|<_Rg#Spz`^G8p?~gM*>aQyI-!UtI(QeOWY6m zVBe4N*Ev)T`zWLj28%r;aqs<|gRpeD|J31x|5M@u9#aH|zxN?d%cIGLDXmk)a*onz z2@kHj<@^bI=u%SV{q2kUX&Cgf!t3XlBLTf0$L7YjsZ4T~@p=)&=-ltbMc1%W^814j z-!zH_G)wwY8vCtbd_DyBv1P2DYcAvM6M2O|DhK#jT86`TV^ru8Gxp=3CD%uFHX(;h zyYe?^DBs?37|YzCQklNf&2&dzQJ-1C^(ezFvA@cLKHb#`xaIR_YdzkD)^ID-r|I3Q8l!5$nhZ`DrWI2mrPiIo+| zK$1EYqc4oA*1=1LGcAF&kpDe^2e@Yyj1r(7=u(AB=21O>}p!W09W1 zUkK@MJ`}IAticIo77u+345$WQby2ijL!}-J%7-#LaLCEF5@?-H0Ok=HtvOG@3jd5M z{&@8FXK@7o8+cVrY!TA}TgeG)HN|z}~+Q zhv%yj9sK_rs?~I}{YB?g*Wy~&;ND5~)A-+0sHfH4Y%jBm4$}9!dK`nJIGVq6SS*Sk zvf9>hZi7Fs7Kr>iQCpXE(A~UDZ@GA9;`04XHLPgwxiWW=ucvvrqL!?4cVm-*IcrHs z$*u1*y|St#(%npx4y))8-9Jn=Ogi65gGm23{`tSJ^^$|^6}=3s-MmCik;*+CR|Y3{ z8*>3nXoIS`3pF`HQ{xLlwbaFek9sGFj{fog&a(c0S7Z7Tcxp6o*#&U#Z2vvhbIi88 ze&_7RlSZIlvS9EqczZPLc1Ezn`Tzb}D09Pyrk7rYb>Hs7$2OFsoF{?iM&v`rVYv^C zEYwR~{X}ZYPDWSBN&fFz<6M*%Md~?UAL;Vchx5c66JS86rS$ky#qMhF@QP#p^B%r5 z4ufNk^^gd`2pD0ZDYJh+I#g8unqS`PTiu$;&xHRj$y#wfMUrL#kU7!tK5X7Hs_nN+ z`^o}-D)xUME5$!>ZLs(t_yHDM@N_X;0e}gG7ECoXw5urn2it*gnBBQWp2ahLP3j?7 zWo}yongGjx5Y*?H%K8$aB>l`FkAb+a2MAUyE8jlHw$%T>FGbwNA0R>WUB2F1touED zCqHc7P%(H=r?0SuBQX5GFy)VdW1~NS6`AS6=BqHE-$HLwg2OeU|8v3Qp)l`b$Gjyw zZhTOxK$=$Jx%tLw0_%TJ0Usb~{fc4UJ0f`Yc0$eTa5s*XTBgq5&;N6+hpV4-TA$Qo zh0akA3D^ihR1X^Dm|}aY!!1Jo^S*t#vUSt4UrdD3tkQu1qp_94M?VPvbG6FPoIFJ+ z7L>x_JL(wFQgWNc*`F!@-QTdkbJ>K$mE(k3!4}PLHoEuoz8Rjk&e!i^EQu!0Eaf&A zO-l8NC*!W98*jF+tDL|NNF0I>iB>t?@{qI_l$g*KlA$8~>q;#z*Z*#v#^zW*(R-#e zf2n}Go#{R_PW|}m(A^x3@KPt{<~|_!oG^cpQ&dVpJbvO-=R5JTgf&q_{uiXy>4#Hx z1HQOuxZ5Z?v{de93#~e0@%?}HTuSci&FZWQV}{PwTViFjc?UvJgeTgPx_CD39u|^L z$4@q`vd6!Q$Mvd;%k^!wQ~4EB)hD039Kmwgz0kqTRKb9}-&%0p*%SC>l|{1GECrAF zkC)Ti@ExGlAek2~wmxo^8H}%+{MhH3f}(%TwLpK^mR03fg^*hmTKkS1^%xY zI|e#Gd486u-w#;7pSBhv!Gs=RLZ?q|Qj<<@9B&S)R>B5Ng+HnVm*>BhDdBRLuY4^8 zahWcQ5O(@Vj^5w7r+baG(fDJ=LIhDck{J9GdOk>xhcR^uI;Z)IrVRQ?or~3WMayYU zR6P2~{$Nx4{==?%YNO@j#WOalDryOo-rAy;M&$+9S z&0sCiY8&r2K8Uw9<;V*gJ0X#Rm+(8!Pgi&T%~hkrb{FCs^APTvlcx$uOA+|a=G4?8 zq=(bmTvj{_^)GR}z#>E3#TGCvCMODg8vr&(Zuz0nW8OocnuiSbGFp@^#I_d2VFZ?9 zKp{m%RCNo%voh~WZ#bjai*@vgh#_fLj*{sAl*k#5Y~2`%ANhT~1JI$<{E@tfjV|p* zL-FU#V~4#_)yVIB*vO)ve~6W%>dJilMzH4c8LcnIq?xH>9J$e4rkT6|A4GidX0ekG05qs}Iy$~(&Ah88Y7RjM!TWp=?2Kcp0`6|QDSnLf!&$fk zmVm?NXE{l$-7+%1>F%D&SEf_{10M6otM`nu2XygY{;mK7ck{X04{DTQhp)UvP_Z(^ z-q_V2?F`4qbmw_p{qi0^6)nX!S+wPu;Q2fFjsH4{C$Oy}LMMnfz;`w6bU!p-u5Lg6 zzPUSe8e>M^9N(b0Sk269p_KftHoC?F{RR3>rT^f?{s8#~LLK921JzIrNAcZzjM_q? zFX5`bUJU`h;moIF=X)LhTnl@Mg1`6j=?V;s*}bXrw2d-sKCiY`qMKt?gU{K27X_*3 z;RD+%orbq=2wpGhf109@<@Ju?Cu(}D0k|77MOlQ=CP3UWBOm7^+h1q%{2N33Zf|xp zSUx2RoTH%S*5wnj&XF=2YLe0*$zgQ0=^omIt&9#WC>#*iNtRH`>J)pt2y{BXt z_NBSJx#fOFRQ>jaj6%$5TT1BsK~^!$oZNBBfvHYMux9S^F6fA9w75N7#uymo>; zBy8h))N0pK_s&QA!o2x~w|#$N(=!~frNCJyZ!%^7$AaohAb4$k$7Ya8J?kFtiwATX z+HD1dY{3|We~+DT(~JBmo;-Iu`&39;=E;SeA7oegX|pHvrZ_5E>jvxJx>0q;VUj&b zaPWGKgX$m#Rvn5-gLLfz(kO1iY=Z!M8zh=4}%9& z3qxEZLvLrE14Zp4*N$YbwYQXbQxhXh$})*+vUGUkV-gM7ka@uKbN;9qzeGypWiznm zro~Iu==s|E5Y=y@A~3s5<3fOMVN~>}r3ZcXExRQC-=}Q6uV4D}s`kdDK8C96)CT9x z?qr8m1|{+wqPyukJ%S`=qVv~rt4mw$dJkJE#Y#)NHTmZk72_tzp1i&M^CawxIQ@_@ zn6r&A6)vp4Xt#%bmUZH-<&0@+IJ%_e(P} zuV4KxirgAJ1jyyQhqb*sZF6?pU|Ri`90rs&H%qH)+c!z^K(5Wb*{!#i9dB)C&vIlf zR_;urczENqjKbhECr7Dofv<5epq>kpSB#D5FjQY%tvRivm!I7HF(vjd#e{ZWkvF*_ z^jVak=r`{C8$dwCQ(|mTVuV3CYMbeaY66Bda;mojYX&n4xt}!X-R8QmufnH~_Yvz4 zQ`C`Wz9?!>h-fdHkte!bs503$Hy%`;4ZIlSH@Y&DMv;QWoa-HQF^FgRHsUEV_+fLo znXQ2VlM8K56OZS%LnwHq1FdhtkGC7Mr>5m;St!KA#gFL7=GNF~qm4Xxdj->&q5R_V z5o${|gwUU*DhOFDNx#L`UIN4~L*L90Wom470AXG^KN(3>h_vsB8tq{y5$kddyR}Q5 zfbZCm)le&SL_4>s$-)dgNM=X;n(^tEN6zdrgon$8=Ge+@(nX==Hw; z!u8(-VPpcH>L$VH@ZD96A&Tst5<>|Mtoka$QUWG{AugM+;%AU3pW-Rgv$LNGMi__w zTRW}rDwl-w^~jZ!uV)|}_clDn+?N5T>Ya0QOzkgxX(t3SQ>Tk5I~?P9Lf$goMRm5( zA2)zCcE9-J_DzkD?>Ag4pM1UMJqh(P)gTpr^?hE=0t>?LH|0Bu;qGpuZZYdwdE(5y zeI4EBi&>Yb`0Q(0lZi0iy$4PPgp)m8DzZ-#tNj=Uw`vv&?8 zN34{bFLV})Fmt;xJ(p6?AxoK1xmJ(`~_@XWdO zf2l&Yw1-XWixX|?&v43+4ryEdkujA`isw@pPUh7`>eooU)?h@&IZrXWU-gmrZ1;Hz z%74yMmr*Q19;+*P)qe<^M=Y;@U9EQ~LC9ZFO)vwf{sK3D^F-*x?fbjc=fv+52tm@p zzSAn7lSy|kadxUWoH8;IN%D>QI7C$fa_vQ7bKaxvEK@Q;cdJB`z?$RL;wXw^Ch2@G z_q}(M6;E6^()a`0iyjjV8YjpC!^nfL+=GI*1v?zd)W})V_}y9UCl(0=46azB8m?MPdy#>g_zm_J}#=6-d@5jY5oQ7 z=Ds)gtg*u{vRHo>#Rgi14!FQi9YF9c5b%Q)+1{1qRxZLpe^8?jpgAJ35s!k$plv4a}ZU-9qhDSI~e3 z?!sfxZeBL+Tv}evo0jFH^UeOu5FGmvXkw(bwtg&CjBKN0WKPNawvd*2?JD`X3_Waq zne(S-b>fdtKk62P1{T!xo-C+)D=g?=DmNHr&67rGJi@4txz#QCt>uMNM%z$ZJP*E7 zSztv~E2{74Cg3im07Ar}rqICDm)T z|4ij_^oIbZO5sC2p21u$lE0-n9oVk}XCKul*!$tQjpcWrZ9Oocoo@>EbT&t7Gn^XZ z4}sVq3k)_kqUt8*v>ICsy0bDKlw6G_9jzvpzpy=h99WALq31o8U50Y!t`iXjq#6f* zPh`2Ynw|w)pM2HQ9dDZ#QM-J_wdpypC7@vxOYkQh2s>thM9B!Dkc;C_WYN`9Va#?& zkoD3a$F6U!;6mm^XqYx|<&DtQEno_mEdrn0DoCZ;hd8J2$nAU*!78joha*0}Ei79A zf=Q6_JE$dTX}Sx+?nsFg7QDVL1{bYQ^{xt)(c**r6LYJ5iq|iTe;3>&H6&V6BJG9d zPOW&1+;egt-`z>wK_|FciscJ z#?R9ljc4n7AN)tN`zgqiF_laC!t#}ksD}ubq|esI0!1V0{T&1HnmO(szuMao>~t82 z^qeKD#$n974n)R81`{pGHK??>2e7?f>~bgvf}QT>9D$SHl`%(SYVLEL2IUawArftE zwv+vNT;{#0h%n(1?t4(ylSg5jXz+)R$y($5!J;I<|DZ?tSA!R|c!d5e*z|JWu;5W^ z3KLc!zr~|+^E>*WGPd&ot7bRVgyLxWD@K;-)fK zgK6r<5CW#G+Z!%DC=%+nv6V8M8uE-5%Xe z-=8OqAJ5RB|IzeU{5ujigfjyCIZ$Cy`0_6N^fMzalJ=(7p~jrF1mI)?+YAWIS8eiK zu6HbZYi%8VrPI$zL~ewl8RYG^?!GY2+wrgE+u~kN2A+AHZSL`2B?e;$Z?KDaoj#F` zi-zwcU_!U>BE~8cn}1HQeq`@TYSp-G=TSf0A7DHFSe^m|%f$OSxV_r2ZCy4Amu**P zv@GrGOtN+6Bn0ZYfnwiPcfL-u|<}-XTY=-@YJ5%sb zIM=2;;6Za0u8VM5RxD}{W-%VQ->D!PU&q$b!(GDcW&6<9@TptQ6!~sGU0`-1Av?cRy!-&u`017o9q6Z?^VjfK!76HYn z4xUhj!C|8vRkBJ#6Sr3`1z%RAP<@HugW8|a#?vCdpFf#s?c9}(UYMG!z$#z!t1lu7 zn|}v$-Vc=v$=B>?oXW-peS#yt%a)h3rezU1yg3X*ERQcCmTObJG0M_U|Bz%25*6%f zc)ZKmr(C`DwuvGXupU8I(Nfffy0E1&1Uaqlt&$p2j6ZBNp&k;j5Q3a$o18^!!TA-4 zxhH_I9eA?3udg`QOx9s|v&@Y%5rM6Qwx&FC7nPs3@{;iwt<8x215Tf}R&fs8cGS{y z*=*gicdvlW4%-o`4{cmsm!f-@ahoe?18kn0%2Nan8qGg>qBpj3Sm`jRpUw2D2aI~h zN9FNA82*ANe+jtDUJ=2!B|BJB=bwZz6_Wr`K&`)eV?MhFuaf;liu|s)AfT(ZfN>AD zNB!M2@sNk+$f+^PEHMJzHf~T&hJy*^Rk>bJuv(PJLND{du_42FR4IRURqpvq8IWYv z2o)?ROjI*24w?F}mdeU_*Q6YMCU&IYqg| z5v!!d0S)Fp^l)Fl3;0MBG4wp4(PxKk2li?Vs9b-yL-bow&wzNUf`LW5)(f9?oU*+U&E8Q^$_;L?XM&T`fY3>2$2M&4K24T?3lxRE`n@W_Q*O?bm{o3tv2Cv1xhoUNI5ct@kp4+V(tEmL z#!YAu|3-wp#3xXLvLc1M+>u6AFXonGXTqB+I!i)z5l!#y;yd_`3%u?ob;*WD?TX25 z^MZ3O>yMMBwocRRt%0JyXG-Zk@&UIkDC7w+p@XrcZoxy^xeMx16LM7eF(xY2_WlJ` zIM14lp8L=wkAa+{WmDyl;}^kGzBZynhJU7;g786T3maYG6_MmBIEmami!$Uxl)WVz z3DG)QMxAgs(bq9@<-i6-G0dV*z1weCZa;uRG&)Bhl-%o7%Ac<7&_VLbu0ZJau ze+s(dp}!Dnma18~HBj3XcfJeLTE+wQ_Bd`V;Q$lCOX>-yIXrUmHa<2q6lkc6cy47i zC}-wn&eQK@>fSmR(nv4v7tD0e&d}_l^R7VYK_V*?!Qo%MO>A zI?HJ_m-l_fi2oZE?ZM~qWY1UYtyraABZ4J9^I1C4OP%O?f+O(}@K zmNJrmefg?$tY3p5toTi}CSNNF*cH;(z7?N&Mi@5lfCrkCFn#^myHWg!USKakZOGAj zTnCAEn=)KOSD+4ryB&pBSq1BAT`8&O(%sLPYM4mX;rGely# zBsb0cuB-EW4u{0}d0cmkyws}Mos)2wWy^8O!oAwZXCty4!Zn9<%excu4Fh4S%u^?R z-Zkbt2i{I`q`R9TOTMA6g&Qiz^#?A?y&Njt)`4N2lg+=yhY9` zlmPC?)-aiT<47>Qw(k6yPHt3*303OVw!XN|>zC+!LZvK|-2@Br+Fd*O!fE3{FPm;l zD~$JO4uvfZzq*lp;}{M7=&f>T>voqk9VuX!0aZ4%Lq&GDaQ*=t|1Zc6>Kb(`i$VR( z5HlpI20O7#tU@o2dU@%FZU;6u1r2|#COf zmeYQgE9cSeDcuVyiUDj#lT$FmvBAWhqTGjkl+7z?HV#%A( zdE1(|v6}t$rxU@wsc(fWo;Q03D8xqhzmC)RSV$7?k@KqhNcHCDuT)cJ^3XhS+Myul zZnrYsHE*rX{f?F1XH@z$S(;e2gY-ils$TFL5xlVZY&=lJX*5GbKvJT@Qmrg0nt9D5 zIeaI-WK{9U#7PDCikIudcY3zAY|2z0K)3*aGjjT8!*%zMk#um7${}CTqYv#1&29UQ zF)u#I-aRWt1Ti5mtU~4!SB!AtgCM&3Ryh(_<=#7J(-R*_%7joVYlaRR>oPA~i@Z^ABK6KN~Q5v-#MV-rw?%c_K(X|>3e^xT_89B ze0p*SkV{ovbZ0k{_RO1``*GwG*_A*`Ce1`W1ZKMY?W4Q>cAUN>Wu%3fi`e6ac;``V zyUohor-6)RUfUX}VxWvm6T?paP6-`mMmGu|NF4@*->)9oN#$E3wPGLj*JrsXt_H4| zbpTT=UdwQRU)!%rm_4vS zi9W**i8@s8nxO*q=$u@i?GwFi^F&fIL{w<2o%E_>94;zcf|-Ef5hh_X$I1L@OOi4d zZw|4Hc;m5j)7gkhFUU1UhT30D$%GhH2J`baeNsHC%U1c8_O$b-F?y3)Df_c*CHi4HXM|elAHio6+Z6$ly0!~ad5PyDpq-~2x;#Z%Jp>M>2jBk zjBXY`<77W}*!;!#ZuWd1+Vm3@J1^!rF^SfG&gD!&YV%?Ej_y@Do>v*ni5haXrb$c} zHm`|t_-aD_-5agnm7-C}(=#Paca~!R>vf#A6ps9-r1X2L%S2I~1L-3wbs4<`Mvdq- z&Q`8qAcYE}R3)3AWJ57oK~*MAM5n1pz$zZU=PRj)6?eSu6kDbG8eBe=D`aRhPdH5t zrS(G;u4v}!E4VU8o6-_8TVsB1QA>C*`{3!Z*`A+$(1umqKeL~-gkb!OE!!_C%j zKWv(v7z}2oi87na%i%j-SEX1#4c*6uq|R*loC)pigir_<;(!v>uLk2zUXdO*$U+=+ zHP~|Y;_KuyS&4@Pey&dQeGQwhtxeCph9`fL@fu(Y6l(Z#+{tUu#0ggE<)|Vrt42DT zUDPMkl~uASelApH9y{e124?9*P1KSA`03P3*7C)?2uS54dw{S&!-hWu@SbemC;t5z z=#UfwXA~Km0Z=tD9YTj}6I?!#o6F+uBI8_{O&g-<;&6v07a*G%3K#F@HY5LRrTy^Y z`bc0Z1i>mF772dw9`2@*)OQeg52R$oBUR^3`Vg)7$9gkoD@hcM%W2t$dH~~wi63`X zbM<`pr|@(GeNtewe@SwQl}hB{w!QgAB)KArCs9gN@9XxQxGO*?&7J8ady67H4WcZ@ z!HHN-51JE$Y>xdJ1c&BLQxDB7P{y`9qvE~Pl`v)328vkqP$g<4bY$ zOxC=eG1{M0O&<%JufsCo=?^PcByKb%@$~+^TK)1h2S>1P;bWpq5j7@Fq$)O$Ogv^p zTkuma9^^a^6MLq?BOyft49F< zWT!i4VrfaaTPaEMu7~Qm$N=N94E4)o5=^LrlX&U551aom-HzcSXO z#OUzz#Op(_SZkd7^}Z5H(4ozA(zp-)?e){o)PuW~|`C^XmRh6oplstqS145UTm+Up|b*4?P+dlI@)IVL)B zRVCDiU#Fw!<0tg6tTu@ED;1s>mWbSmm!trGybnN_91X?v0bgmJ0BUK-Qu_5ItcB+83N@Q&;M7D`2igaG| zcs`E|UYoo2Zmr_9MvDj~e@E&j?}=|p)^FV>@^W5y4!R zT?WS=d838X9Q9?C$bZ6o$C=&nlxF9|!eb5QMrUMLkVa(S392 z5eh#tYl&lvx9#Rqa^kbZiA~%jVOkovcp%85nLH$`^HRd!7>T57M#act9z&YTHGUgiWWA@r8!wRn-NWKUy}R5hi4uE?h}jhLr2LAC7N(#?{jn&LSL>lf)GUg`^H$a zH(GW=%?kC^+2=48r{Ogp(s0I%<_C~*AOO8imUxKpET@@tSN81b-}#Cb#~JP{yf&N& zGm*LCZLH3*ipL=n27OAhh+(KW>Vy&R!dV zFqdP-vrjhg@#!6buQCJl)>^_Qu#ELoWWGn$$#2;qGUm>YXL%1E3?dfw=(X9Xd~RWi zW*1OWw+~5ixic4Lem^r*MT}1dk{M>)dmecfvt9{NL@eCW%vBU{ zZC`m1ql!Nir%ou%Dk!Nadu;+>lQg&cDPf(TLv69TYP;F|tH)2YeW+ig){yvpnp7VN zWFSQ2CW)E}vc@;nSmckRg#%$9<(JO}QNc%}=&)I2=8|QOoSVh$p)2(Ls$3F(q(2av zkaz!VY>N72_DO28duj5>`rdB)SVk^EDH{j0lGPZ4RaW?`mWB9!mH5UMxWD{YBea8F zn{|$DO%~#Vo@0)*P&1gy)bla6QO1lLbR|IL$HRD=HloW8fUv%>Pb-sqS%pGrS(N4N z%yCxsLelk)$Is)~y;07|?Y@*N1%nP&zrtBq{D5n_>7NA?ci_nb8z}XsbMmZc&Du}= zrdC)Lsg)KwH-Tl){P?6eIoCtn$*qYY2EAW#Y~_&OY+jTrE=7M9OnqO=%wE?^DA_=e zemKE?ACuZWRCZ!TMWE;kc#&MfXyu|rgt`u8t68R(`VyTW_Haxn%HRaCi;!{*4{&eI z6^IbfuwPv-R#aqz^FKr+@kW7@9=w`VjKNX&V=j z!oq9b{)M~sA9h~Us*!q1$Ui6V8n#r*&0LNpF`*ct2d#HH<{l~sBF#m2_mw~`Y??K$ zYF?BlH-%)?X$P@~VL(}QhwG)k-bZ@y;yOw$xVO^9Hk#aF^9V&_rk`J9CY5nEx z2QyXC%#-7)(Kw}QBWd?;9K#O8HBNu3v->+ysG!YlU$w$)!&|cF4!XNdB-kB;tS2H& zc=EIMqLiD({Xbn}ri)BptP5htTf+2Q zR7%XtM{g#YOgZ%B|9L8~bH6U&bcvb3aMtO*4BIg+DMu9+ZiD%Zu9)0*uROf$&Z;|g zeiy#9J)Kc+xI@`y&X$GJQe!=(tUqQo<`aPQaJU;QVxhHV;&6aH$;iQdMYM)S-!{p; z^JwGV`hRwD@2#oSw(ZW{)do0XRG#%E*@q6N$lRa6^|n2uSJPf3NM=^9~%*(X*n1s0>|uUG*ua2HVIAI2>FAUISnQa z;tcPI6>m(6&`lRPK|~rV9d-@o1KHAn#_Ze+&d01fc}aE6I1I*WRZ#*{RxcuHK%D4$CtRvqVJ=ZBm55 zfela7LXEbhh;~Gk@*|AZpk|>Y{xfsQ!_;n3luetvweWl3?eCew?a4iSGs?Yvc}H~p zncud5-p}tUTc?13l-+6DfpjsrtY;mEfDnsY*rom`pcN3M;l6`PAPQcAclGs|`ssrk zm#s{lAk|0~pX;UccPCCT6pc(}b+R+X=G_0)P<+zb6%Nv1q#XJH^l9xUXT@@CAsYf< zRQQZbk{ED+$)(=Icb?+NzdDp-tbmcnUdT3ifz4iT9uHz*Lfc3Je6M}>o2ynKnE^+L z{;fMINZQ+6=U0gS=|s^|x8b6~(I$6FVVkFWVLi3q{?H~)h8d!oke!z-McDG_87j=R z#|8&+H~1ZIQxAd59Z#$J&lFEb2el*^0{zEUPR+Vknlug?_yAyJ zWkcUKw*g>PLJJDQ;X8+U%FWhs7-(r-d2%18K8RpI>HGy~LublWPG}3NdVt`(`=hTw zMofb}6#^DQ7PM(8&Rnc!y5=0taT%_2TxLR2IR%O?0@#MANEL9;H%UFaHVLph!#Z%z zVCHC}YOBZ}are%jg$hUe&8wW=N)a@4wPaHq$ZyH2{@EHA3&9%?Kj>Uj(Ua&up1RyU zssnRt2u~Py3#IX+4S?x%*v%V$sX8=`7aYIG`ioNvm76^H(ls>wfqk z0}A4ynbTNg*yB~)koNdDSli~?VXY}SgOA2MaDzx|Lz-ZBY7$J=>G*58MTH*J=K|OE z*0diSm)*?-QTve$qG2*uiNBmsFA#92mpcdu0MBf^Pu9Q_pSv_*tk5p+H0L1{)fXs$ zKS;M-;x4S^#f2o3i_dtE)7Ova%kYcG+!vwP*|n0f>=1it?4an-N9rNQvI}6tIgKCe zne3KE==NJ1E`zJP#J`{E9o=BdR=1*~gFG>-Jyt4w3CHJ;0xe&&esfSI9~%! z*!*Lcqjqa&zxBrsaj6;&-`ds{4cMaVyzS-4Y8VImWTvp<>%5O6Q0597sSSXj&Ai^! z<-P9}q(vA zoWJdx2V2kAA*+r@`5aWs4kctNI457sdLoPk^yN47jjb|_*ZQuH;4jbGj!QvFz-`WlGhKYnoccN6;UjebbdP3^UAOrPbIwZtYVhnahHOg0b8B4Cr_ZC-=r)!PL3YX&s?-q0Mal0++U<)>>WYyBZq=XFo;NCU z^#vtbPlf!oY_v-cfgr>i#Zmlr*BSxb(TQ;g|XO%=#LuYTMb^e_0~iGLola;CT1SN@q#3B2FD!4H|F z_iD_$7P+07)Yjg##uTa*PijkO`iHjId`b2#mYcDNsgMP>vFL$gK;&O6zY-5^)KaAH zLQahD|HCn|ClNiIQ7RI?^GLYsvO?J|R2e>#$mBqm9yUJ?@Aj;tz^Hlq>eu!``pyFw z7m6(uA2feJ^_NZCIXxz{vS;Y;llPeJjF*-ozdjY_;Z zOU{jF+!mx~?E(xWI()6dXPvwhrC60oMm7s1rJ@8<2i}sI?4L$wPvq>{n+&RS&7)rJ zqyh~JluNW^<%O^+3iD-`Y?pLU4)M9wq`xq)SBtR#3fGwW+rosYHbhYfF-n;y;5(W% zQaM6tNFV)KR6X0&FWnlb9p=D<4}^BcNZiij%irDV!lf*@Knh&!)I=@zdML-oD!f#iKJ=zhY~P4>IK!*o1Y8POj=YwgQO=%|*Di`psu`VnpvLy(|yiH)ZO zJNTN*&G^++LkpEdh->>vL8o&o<}h5^_9-SSBvl)!*O5b*dZ`(-y~sw#3#2 z>AqaPHK37wuu~GrRO2=zw49od-1jWEPLjP&mzHWgrLVf9^ug8#zZzlLA<1G(vc0=5(^AHy3C5dG zAK_T3QUZ7tn8#fHETqq8nGIVnToGedyT51;6<4Kvly!7DdvtSh-E=i8+dCq=qBC90 zV?0$kGjSv>m$4;$t5mEfBFNX9=B{j})RwR--h&&#g7NeRrSx!*OX6!mf{qs$DnDLc zuhg4rom~PtUWmsYYu@cSS7mrXVvim#VMU+>3?y2+z=qUd?%Da_)hcqzNLL=6 zAfW2QM3eKrv+5h@1@IV;@y=<+remCb&ySU+I{J_mKw$?Uc?6E`c4K9-X-bIemxc+0 z$`fBUrBw#H9zC-)L1@HJ3F<|$b)Br593B)JeA>>r<9xBIVe*Z|;^oU5jg_#KDDnq- zrz3;lHJ4X`l6odzSq1kropu<%+sbo*@;G&FQ!onh&Sb+_7iC zHWeR*n??G1uZfB?M5Al-Gzzotx^I>ttFPklNm4IBpYPI~6Grd`(Ws$M_N`4o$-*Xj zG-uwIV(1CkDs-K}-5*@Ekl&^%ddYr~$;Ni%p@3z)DuVTLUIl6`JW$wtB>#h=1%t5C zd8)^DYIJXk($$5B z3);NDlh9|LO3Uipm~LzjI*%L+4lx)>k9e9V?-WHClV>@%mUq&{D&r)r&geIem1i=Rs(L+NHL{d@wp8Kklzr!91YqdMZ2csj6$ol_;He z;!HK-Qik5#>;23KhFb;9$V?PCRE2*id}qTt=$FL{X^N2hIeKEua|D)pa`e4{6=(dD zp0vSKn${l--mUNNgdv~o+$FW`8g|J9DVrGamM|h7`@JWaw%lqpAO9w6JSEFRSI)nb zW%#z~D-L0~SwYU}O6Mu1M&9rgQ{OdSG+yM?j6W7#c|)r`OV7@ZFsi`U3956ik|WI| z`J^+jZ21q{Uuu5`48+bEex6sxo}-5H`xWh(P(%MvL#MT3ns9L0-%rD#cuYsZG}a?# zt6tv^iP0vQSQuWF9rYNnRGyPU^)rz%-`yD@^k6OpLkTR%%>6vb{{qj1t zziEVhW3JjCt%I94u=i2efx(h9@Asx-p&t%rgf`SG^D^5cWvS}Zv}Vv!Cd8E_dUkMG zkk_6*@*-#XB6q7uPynLwyoE3%5 ztPx}E%*bIL%wHscmupBArb}lURptGu-JB6&rwVm3d;m!WeK9`0ofQqvBDoHNdMn-3 zxTJ#~-GkQg1bFJ3EwiRC?`pO`mxhL(r6b7kTsluW4`=*}26z*{2HVn464A?!<&4N# z*t{+FKS0HqE3jsw6>_J*!+oPGSdn-pI5`znvYmfBhdv+W@ej*~&_l2jNQbmCe>Pkp zQ6jP4;9X#gu%gpUckR=N%|AZk_4bjx1Sqt)6$g3~^Qz`%bB0T-C}{*8#lOmCF8qc8 z#Tyd4ipV@uC`ZTlLSM@|zjNtl-19=M$do2sZ2fykT4ZVSeDcq#?&$ zLn}<3yxHs_fLvX>97}YCdFg6ByNCR1o+BFb5{TOI_{ZORaG+k82F-V&A_k^vCc%z~ zfuS~d`HI?k?5B;nsB8Ct_LDKt>8L-P_1Lrd4OmKdN|{Rx1g$M(*1hG^y~HmrBAj_{ z{WHDlK7gb9t2FOCn31m)W)QUKnxiU`=;H{*Xz+cij>R3A?uF^M@y6KVSv&ffxoK)L za+X*0Q~kPC?n5DpBotFK49sVb{$$wO!LkhXM~ozsem@H@d;LHuH$>p|qyVZ-GRIm$ zN_IRb{5@)NL6Q zSuD2u$(%4LtNXm=dzL0O?Z;leYY#Y-;&2jh3ti5gn6NBTRungdIhXA0giJt`9LrvI z$4csk{iplVd(vha`t31eI?#wh%Au+-;C~{dl4hG_>uE-zjhsL4n2Ue=70DND+@$ps z?N>JO7A(b_P#4||W6?EU%g(xI7Zp#DgTEC)f0qxYP`>hfoLV~;ceg!z713qg1y_SE zb&4P=SKrTHXf6#NE2W;w3GKN|$6o}jd5M0EJrqXoS|)E_f8rpD-t>%2@cCZ6)#l5D zHg|yf49MxQ8)i!-oa3}|QnrzdYeA;BDfw;<=UyI9ymU@FBA}*3N|+7hW)$U3jzRVa zqq+E7t!#stQ16W@)MmAMZ$rIbXLoakz)J?7iHpeW(>RZhM8<)$h~Ngc_rt+WoA#g+ zQ8c`qRcD+RIZG?0rk{i{qpXdjb6G;rQ-c3K(?3m|x%GhG3 zUiG%`CfTQYB4{1+aAOarv-EOosdN{GIsSSCJ#(ID>8{irh!ooUFQWi^kRW$wBYolapkwk@(+m@S=u#6RBi14i>(x6)J)WZjbdUyI~4e0wDc)2e8$VqIP|DD9PwRKJpG01vI5&Yxyg)1#(1!Jh4WN>FCKe^ln=SG^DDL<=!>7xJ5M8S>>^R#b4XU7bv zCWsq^`eZN`4xQ{St8@;4E5U&I(+QD`Eg{TRd}twVOr6@e=oX8=qs2{ zCuaHnF!8vBG}O1>tlwKKiWg|(rY7rw%KKJj^2Vmh$H+A$e7k$i!OP8nmDe}vm0Sw- zc&H%El&v;gz`a|SJ+@S-kYax43e^b)^VV>hN*liG)|<3dlJ zoyWyIDOwDMPg|TkiTH~-ZyOTY)rhueH*#GotYtt6D^896v1)u};QIK!OO)iCTj!1L z!IQ5*zFCTfJ36}#=;HkQ-A#?ZU4Q->Hb=mO6jhb`$EKnYEZDsn|K%wM624dN7P?tt-P^`z6L8 z8;aqqQZn1dGlUZs^pt?5A_koLmSlALGSpv%E%>aV<@>=u)EHQW^~K^j4?~p+>$A(A zq$!AfsgkT1Pz~c?R>Zq!tIf?S?hGvKwc1*g*Xf$whKJ~;q}X6M7bSa?$U+!U11g~Q zq0DYA1Ig8O^Lofdv0HRf9vZGIZN=eqOUu~s%JUom{Z{l%*B>6|U;M_HqIY)2{*B5( z+CYm23keaW>*_`(5ZX<=%t_iNdztX@Q3V+kGkC+nW4!;{E>_3ZmCHG1A-C_wE5jXb z^Maz`Kcbqpc)tEUFW{v8#gP0Dw$NIQVOsLWyUgcjtf3vqw1}hd%hp5Ge7{M;{b8k! z{jeX^0pu~Gke~=|6V`c&yme`zC~#JAfHA6D$}5*1x#f9YJk-W5q_Djs@g4r9o3=54W=~Un!GKm*EBspmBY} zd61VG$2lb4M$=9Qw-NR8Q}GA2*)}F5uMiqTE zgt>zuTr6)oknv{(pQp>nu+N6=%L87C%=-qFJSJ#iLfzLxHd|LH144LbkDKqS&zZAD zNu7`6Jn4(iAtN^E;mco2qBc;>SOgqUY=xyIhX9y&F0}3}c4GN5^pSrHu>zsaO`zku zm_;=Lc4vl|?YkI5KQ~Obr)3Z(!ZKM3;;k4>$kV%1I~_cac-vp-irF|dV{XpKRXaH?zc{rNm1YU= zFLmtnnrDOnGtB4sLmAPz=n0oXT=JK1|wc@qy-_42MF= zw72ScKU%_`m->csbceraGZ}ng^?s+F!2K7IxIUJ>=4Ox$`3UD)Mu`eq+2ED!Z`V0J z+pro=5oG-SX4CfLa%@J$MZl#t} z7?6x7DejA337!Cq1>k+dgjvmBJeHA63?PwXCIQ2^=nFmbOx|Ru(}q6y+VLfrmikp7 z+=4&LkgvHl@Ig&D&q9kK)c4@iA7A^zpzN9?7mGD<$C~>h7wYvX(aQEmLH49${VC(F zoIIajX&=RnkAIydDMtFPFCR6PTZ;-9ISqq#wBff{!beg$hM{@J<~3vAL7J|7U2rRp zrOyM1_)9pDC`D=8}<# zG2?G!S1#P&kE;>53~JP>NZ$O)SokOK?kS~r_azNJhXR{6%zwQx==DNbvGYNYxO$h? z?B!%!We0Q>_oPC#Mf`{S-Xl_Rb=)U3oYSBF9VO-&TXg*2!NSnp>wnFr0`wWlQ`UFQEDb^-?2u= z8WQ~YHRwSH>qhs}{Igd-20cL&DT|r>mI$0Qv0o+0Kr@wJl_W?J=QDHP=i*j&H9H&Y z`CS9=M!14#VieXu4S8`}+}Zd+1;s$oTTy1b6~Ca-0NB)wwZU|9;xNr2poZ~5MM~YX z*@%%e(Lv`In6Vkg9^r=(amh?%Z>||-n zhyyp>V>}%oUKft4iC70FBxidyT9hg^&2oJ4%abRhq5QB7$meJEtQqP^Rrj4ofYEb# zt7|~+ZvRU-F7L;_$7E|Jq`bUz0GTS^J&``=&cpKR{c*vzC?@&a;K(g#JA1=o1XZtp zKWAhVZ-^z}gN|43Ad{1JsY7?Q&1kaE7s?`4Hsn$8FLfv$>$=C5s{!9uhr;3#>4ll7 zwnD3tc$}kHg5?U?wV)6hWW%s%1Uq`OkBxO-F1u{OK9amew)pfzPtJMih2IAgK5f$} z>i2m7MBl$MfMN7R^S$;+S%YHvTFz-2s z*zq{5i{MYP+gaIDX>s2cemxq84=P*-Xp0GA7Ie*1(l}vc12eo2Ia{gU(q0pV*`fS6+KC{x ziYP79UoAI{D3HjZ*y&;2^pd-~Ay|51xD!IQ_FXp5`O8VJE#^4e@8; zZky{nAIDbK_hReo-U0F^TX^15jv7@nM)53X z4Dj*NWgoHE9ImVXm?AMzb>^EU-@(Pst@y!+=cOv06z0P4F9z6c-Z6XmNd};)K4I}I zI)Z;@zhDqg=u6_Np-+pFzz=EGG8Ep{MPFKYb zORQ`B41rvGv?4vK_e?&yQbK%KR2Aa5^Z4QLA%!wzbfPpy{27eGmW$>UoWn_2z0u-1 zsa#`qxPJ@EWO@f9Ls?wr%cKB(P?(8Nc6t+q0DQrtPIYr(iMXmF{}_^Edb`J1)gwWo z-Wl}6>0_hPpvh2u#u4A)ssy{tUFx70ipq>!Eg!J;FyXY)VHpR>HI}quum)&A0jRu* zNeh2`tIJ8%DD9v^zMM#xLw=2eTj4YTQ)KGF^oT*VdY6W7314D%O*L7v=I+(%?5 zDrmjEQ+WmymN2*RBtJ&J`b|O1b1!fi{L+C~aq?yD$Ek7e`{j94=5bLR%VD(C`Kx z0nQ-BMi<~1JXsi7Q-7l6ZXu?lmEv$y6Viso$ybcM*v}sBj~ZD!I4Pd-CMseHWi@>z z7zPOB88GZi31rLq+^-Tk*bhAuFg}1XFreU;{-Z4&DoQYv zjqphf4hM&jgUFYUn+c1NJoke01n8Uy`gL)mxryCK=qp&~pA7s+J1Jg6_am$jN@Ncp zZ~m?>IaWCq{;n=5YQ({O#82C7`jq@{?1)-Q9e6U6bj0v+4H>pqgCNO;pfN$?+oqq_ z0qXa78IyYqZbX$JESa^?PviY^=P&r-P0kMzR7!HKSJFov``rWbgW;vc z=(@6C3Oy@&vta$LhVjx5#gEl0di3u+tyJmqJUbG=O-0mSyH{+Rf|s4euddgbG>pAe z@^+=_v-EfyK!)sykxUIuw}s=wtu3+kWj($a(;Eo>O7fd~caS)?91Vzysam&~7UNDq z?L0Q2{BZhKx+RSY=mE->5m`&!t;_h;$Zrv(3B!z_o4H=wjMpt%MzAWY=XGt0%qt~R z05xbWnrOT@(F;&Q2GmMk#Dj}peN59%4@1VUyI#6ZOr;*LmZXtYXV+`IAJ=@p;wQB) zju*Sh#V;8cVk`w(_DoG^4e3bqX*#Rlmy%931x9L%jbbIU1aoSb`hW9 zwI+WyP12T>ngF$QZV*CUZ0zA@C<-c7=Q(#+o72L0xE%!52iQu1{D32Pmcy5hJ-Kt7FOC^nd?Z>g7J*q%p2RD@IN|={?f5(c6h?oEz`V&kcr=QZhj6T1_SKevu2d~-8}f-)@KUNiB~#vv z@gf>o=#f{?=!Vv=_5Jhrpp@tg>SKh<1 zfR6VuboGITe1#UX>Kl-jr?s{1E58HfotB<2#XOn+9D8lBI6Epp<*gwn?{rEp^a0pg#Xr5n!4P5o$k81VWUZbSnkVfkUP71W%fL* zx?4YE1ax9?Uw&EB!G&9OR8(#E9cnG%e}_gf-Am%lTA%)PVL+4p(&KKDHP-no}TC3ODb`?^8oJ%3@tK8EFZ zbawsMJ`=+Rv=)oy#`$L@Uo&iCC{gH^9WZ1|Nl;RFOedm667iRk)s$>9BLeMg^r^o; zfUEbP=wy2mp$Nqab~hv6G&O&GUnGk|U}YOVZ%hfVswi0J(=i8`);f}j9uzF2ZneGR zrCNS2Pw=q|2SE}iW&=(L+aA=L>&b&p#SyPRgAb^vDOtI9${jh=KOf^4A=ekBo-odR zRh!4E^fZ5{#mwDdi8FQ6#XV*-4VcIMCVZh|^4>A^u`A^e&P%eaV0J?O+kwqv-ygf2 z7E#*c8A!*DCZTnWk{^`QHqkKAJsu^D9xL_J=O@24zCuQGQo|IxyUTm?sc=EsQH$`L zOCtgQVD0y1;tTM*gUw#}&SVO?WbBB#5<6M|gJ2R=NilHiFpl~>$JcyTevrPrI`$viM1rrrC1c zQa5Ho$0ZN^!Czi=hL=t6v^9kj9_alQN0~H|LTqQPt+N>Kn8gh(BjfN5AC9Su4qY=y zV$b4@p_OM-Blh;0g;?2c&rnCaCrHO@F)&*dFc(Eq4uH3t6V zq=k!8wu_yJ1Wdniu*W+0qKQXnD0#-WoDt0E$8@%d-B8hH>r22x4YTG2Ubpaj<_QzJF4@+bSBz8w*^ypI)uM#kjm!ZP7c(Dn_-Js~V4U zfA-=d_*`6H0|OVNJgx~jWZ z+FXK@(A=m<74;#4Uc`@JS7=!25Le+qMvlCt|E7@ai(6O<*38dy6NI@|N44r_hYr^jrf~@^+LDo;%k>k$6ZFUupfzrX4W=Ra;)Q(dt>1T)j(pl} z1?`yqC2C8E;Bpo@cOE@Z>bBJ;SQhmn`EgE;r24=mBgs7yvRoJT{iB3Z z&X@ePrwNIHJsW$%yKj4R_Ejl$dNBEmiQ2o5ADs)RruqvBENGn=(kIITSHY1~(`P7m z#iFQ3+%2iyS}uz6$vW(5zip34;d!2V81#BGEtAa5jo-L{uG`z1aP9^Vgr{!RxjVhD{DU!!=1ir=?TNw^zzCEDmQ^DN<#(poJMN44awGgWNfu;AVxv|4heb9X=8Yc0?x^XU zgB96HQG1E*#IV((aZC*OlQ#;6WDM3Jt6LCv;M(Y^jbA*`k5jqyX(4o|S>$vE} z^@;Ea{W!?u2OAyHc&oj>_Eh!MNE68TRwBn~3dV4T6q+yGrL_97wO(k> zL&I1mPB;JYk0qQl8gm%9XgFK1hFQ*;%UD96@2k%w>r^z?as!zh`;48^yK|dMr^N9V zG1=;~4lW>4QGH2FjISFWo)6}2zBGwzGq62B7`D?GePZUhG&=oKV4mj1m)T|5(Hi$I zMI$jkg8c&~S8RP9@HCIb`awYq>}dZ2pdycnWzz_X27LzrXx0G8eKd3u02cCzThDh6 zs(>qT7rE_jd(YI_2x?_-0l8=3Y-S7j-!2!2yPYk^y%nJ2{5acW;pkaOV3Pgs2R{NZlCToKOwq1^7` zJ_zVBlA`Bohw5GtcUINw6k}s61o`0vzjw)GXg0pu5t64(l)o`aagE7;DgDV|l6sf@ z7$*VZfE8;J^ex{^*e{DFM6aKfeocHw!B_|C?#Y;A?`kAjKK;}7LX8U)W0z4A4x3&-G) zpUnP3Dj_xG7rWgHoqlcSUBW%XjR+HJzsd6SZrPAEt1-FQa4E*4wl_1;$*1_dtd$9? z7kQv59^IzT1<;!uk+dig3hrd3L;CYWC4Da2%7)z;>V^0?)=AVR9oqs}NzU=p>lDlm z`9tE}GZAOD@hp8iC+p3GJpD}ui$vHK5r;oGE~41SRcMQFqYWZP_!Ie0Cd?r%f( zuZu9(T(@dcY*-;Z&drZY8#*A#Fp>EycKX_+{Yq2N3@G*qEPQTJs9|FR;|TGF3)BdcKz z?Qa!9h^z=x2NM-%2S>;~69;Fr%hSn6O;Ndp6Q^#MH9v8A;JvL_g)0$_l7fUWamdq0 z2=@L=)mfi2uK{~@17iNM&4sV`_ASfqo0Xy5aWQKP_`x0ZA~trwO^{*ttBvFm#(F)43e0^M7c@Km_&m3deXq@`KZHb(`DZz0^+~3=TGSUl^ zF^_$;6eFo5?GUw|)wXMOTY>>F>BKPLoTAy(I}J^XPThG(X5( zvRD)9Ic7E~w{71|G|;Pmxm0{mISnrI<{}-&-UU_*DQDXdYe@{@3n3O+um)^`oeHJV z&Y4;fByKe?g_#<&cXNUUVprDR(oXYCHc9x`ewB?Ru5^0@d4INAmLeU_4C)@m=yMir zZ>X`wi0`H5s}*hY<5h%LBn!QtniQXHQj2S);C<`J^kF82m|Ya*QaL#W#d0sCavP|B zQ;y)Oaz>7hm%=5zR<=P3_i^)tq-if+;3ha`w)%Zc680Dv1jp#p(#5}M(ULn}|8Cd6 zk4Q*PK78zH3xA@X2xeHd-JHFwnu1Qk)mQ! zxOwg9ah}c+I3T&`2fn0vomE}E^BJV?%pRycRMc&r?E2~_`R$9VtdY1Qw#Ka@u^rj* z#O(%^g@rz!WuNMR?m1fkC_-#HVzRR-gVVpNF=4zOd!NMbvznn&z@0sdfVe5rih^(X z1@S}TaF1ILhbKlWKTb5hGdM&Ittixn>wq-PH$);nKeavuUD8CD6xOkfB*F8qEsyvr zO(w1o7YDmbrYZ*&9sD>cFt<)bF_v#XRnfpPB;gTWD`}1M(hlSCud*rt>FiHv2Q7Uz z9UL2sJB6)B^Tor4V!cyu{Gkb09G;7;6mD{OI*fN$3?WNh{Vt3NG=w$7r);r~? zmUhe;cSqXwUhlhjHrQqM$frZx=SV7zJaFpEXnM*37)1@(>LZeq1GvF6tMMdR*K)ve*SA=G)ELSHyi-JEp);oApdLPKg=y!&(3Wvs*H@*Fou^xA^2Dki zvG6huv%3b7K3=3ld$4xk;6xjUVRUy@uz7olP_2x~cB{f|EVjr$xJfehd)Dl0Ce4z7 zC*+?*!$3}y*n_Bg*vD=98p4uzI*acTnIVuT;-PD=0CV-+4O0<^YW+COXn4CT-wJO9 z8p>7pfXC^l@eOXs+#VUstl-#^TRF;!fqa?V2lD=t&4$7fjR7SvjR8t1;u(7Qb~4Te zgx)>=WRK0MUl5mhk&8foS39?0yi}-Ha&UqN9C6wzn3xf_JyPD|LPWh

S&my?HyJ zBNTXSUYSst1jB`o%X&MeMoc@);P$`qfWGjvF58iFy}!CZKebZmufJYSsY_hBTsxlk zwzHa5sb$&kp{u7$CKaJ&*Efq%t&e)lVFVrIE9l zsk)2vrLq5$Zdb1mE*r_OFs1#8U}t7(WpvNV&d9=yi^I|0;`&ss8spz}YP^ARNyz_q zS#cfks;~N8C+wTQ173C4*HNyn@s}R#S5V=i{9i|QJ^kw1cWDHE#W3EL^nY!^_3W#C v`*%{$@ULY5S}m^wTx|`%1HcGT{?zPM&%3Poy-|hc@`F~gg11jTk{fvkmBsU0gHI(+Jz(fm;5cuLhEnk38 z>`*GgY}`}kKKZPa5zAi{7Nm4;YdcvQ8g3)WE2<}x5ob8H!~Yr)GS?=}4=okBW$+!g z5DP1*RV-;z4q_|F45eTctgeBW>e$qw!o_tbAXk8M2L;_3xSL%Hm4x~V({+}kmxFWR z!rGb~()tx;5(i_(;2Tu)YmMQncf3~}Y-+@9`sPHa6e(=A6e|q~9nPK6#cxa=7yq~@ zkBQEMxd%=h0{`9CeBH}vocaTaBUtG2;J$flk5zX8ciB}P)VwZdA_@Uay;!Z53BP8g zk`LD2tQ#St4FlhR5xZU;?L^c0JXxpdc0OpZ-7#X1Q9_?3p-i+S@?+Nfw*a14n%=S* zI`W%z51%vamn6i^1yEXciFTYpG;4IDE$}qoC#Xkct0M4y;`7#`8OAlnTPQr|OV z2SLeO7clq0IMF?JrubAV(8uOiSg1ypC%FGla35i#WxyNYAePsC15sHcV5^r-`7EaU zdjx)cfdDD|UodV`WhA-({zT>*r7+(x)^`9{J2KG!bNv7C{eKv<|3}v=<7MUh8DWF3 zB;G?to)$M_5rw2(1tr>vRD6C*ZXh&86_Da=c2nRYs$d6zi2HW>ypOGK@bVsnCTKG9oEM>Bs6>7bKJUN2ABO40+C-;q;4KKGweZMYMDLKny?Ay%<|8Vw^(1D)qS}DW%?LmGeEso+vV(T6 znZav>Z}CPiTc>uzl3=$-sCf;8*eC~T{}om+R=-k2qp^V>JK z8)wtXZ7Pbh(o=Nmn42hSQ9U26g&*5Br>$z+1{_J&Te(MHw6w_9XS&o{2oI3(sYzgs zIc6vXG3T|IR+R>sXQ^j)XKVBqGkd3~fuUP$SGxI9V4-2|!Mge+A_A-1t;(q@Qk*T1 zN6(bEozUp2z(n%3Kd1(pP1WdM__V$0HScO)XKMVYlq(xzle|-_r&Of%lSjU0=;)jn zaYKiC+@8OTO@9B85wp>wvFQB*d?MZ6A#{dV`;m_sGcge14ZJO(GZSs&m-Mm@+<+F) zIvkJW90I2g&EkrpOzQ_G;I^}T@oQ+zVP_#T+klQ z)0e5M>Ng8ifrfgf6I;uI&xA4WXg#I4;nCX&!YHcf%Z~yu%|Oyj(^h$h{!uOxz#2^~ zOT%J%yhgJy4*NwfrcilFy-Vwzwz?mH2Gw%o6C65gjD2jX=R#M_RFN5_}EsS|fEv@=wTR|yBMPO8dm zqtE$sv^3OVMfa;BU9|8|nXVmyY;J%K=8%z^kCH zfZ0y__)mo~ZcnP9&gOLp#yaE>S!?4m0r$7`#7p+t!jzc;Qr0`B3DY;O`#n4o=PfGA zdR)-9wT!7IXuT(S^(Vs6CYH7*c(h1~+A4Ym_URQXIeC-zpTuRHN(O2D0f{QwxU2yF zTylqnE76ZnoTXi|{N(MAswi0Uy}W7dxA6R^6zWE+3qk8!VX7 zFqnkgXu5iTi+4SA%^zUy*?Bq%yZyr;nj-x6xay=O(ygG%?<^BW%q>=Zv5QEPFvBYR z+(j(f3}lWC)UYw$XRmcMtdjzd4r*U#F#m4k+^bj1Q-T2jO<)26eQ*E8?vCaFfRiJ` zzh0RBq4~^JZM!ouM2PDrsSo(%Z9IKOL_`I@s}w0!`E}P}T7$tMrwdYwswvm2O3BEl z_qX3MiImsIshfDPSa22kU1~+QV{Xa|$4!>}nB{#_?wt%%!%eTp1YM7%)Up{_Pnw!J zt6JV>QLp1i$2n?tY`(T~kxkG5P7bSwh31r^YL1sMRn0pE{gpI)u7!>`Nv++t-Nww@2;KaMk>q&jOp)bobo>Y_RL;ITLML*9~se;B;lkqykuVDJo zX2$y|q<^BhW!87Moix}&H6}=&GXaTDni_`Vzuk=*>T>%CHO&hv+@zFvu{rY+AO50jV+}NQ2uJVsQc3w z?Ys(WLv8K+6oy7~i&<+x1_T~uI-5&0{ zKbDPGpHlzP=>wx_&)d|P_+c=AI&fIG(cNA-dfHZah)@2Zw^=#KPNUaNb&ov1lrBxa z#dtJ_D*D-NW~1?|$`tcd&% zwSIFF(uYFq1%MI~Nq`~;kP@CM6l%?ApMPqF8nmJl!iU1_`8^W?OF$y~4G=;}aHE!? z&oeb4_Bzo0#6`py0J#zT5sOIrBTNuE)`?Py&eYiQfBe>o;RPYk@g^YqpE`&L0}xO@ zg<>H|!6kpri*sQ0*Kb?z#u{lfZhD`iUlGC4f|;n3rdO?t`aer`aj>!0&S#4 zw@9N-6uqAae0;b(~JBy*E{(6VGhnSd&An4k^N@ICQK~AtaTU zRIF0iL0_b$q^S7U2U>tEl~}6;etZlnVUPrpQe+}w5%Opd)?!ZjN-i;%1buwS0STA{ zky0Qk37JHhh=ZXRTLrmGg~Y#;sF+m|Rz(vZa6s%X!LRfil~`1QNy$G^iWI|C1;@&W zAmV`V--()^BZc7is;d~J#26L6jr&oENF@{=hg_&a+{$R2-nLSB;`5ue=>S-XSil2^ zK@vvG7`sG6WE;J)Tf25#ln?d8xC2b~jnI9Q$y-ter0)_M(=>ZKx!bfW`n6iPHT;Ie zQA3kmO0PS#H%n5vSTP}5jC3#5i|QzgcWu7-^|a)I zCnhGMs=|h%A zx4P6f<8rw)&pXcYK5E3?6eXFWNMQRMkGEQbC4hb`Mzxxkp)uzfq#u$#1hQ%SHzL(| z>eTVM%yzx)wZk=^iof8dFx8$qq|H{~YNlCqi=ooHm6DCY9C;1yX!)$@h;BMuO;zsT zYvKOqsa|-K)LRoqLu*s6$~~Ki_5lF`EX+!j(i5*|fgPDGpsBsp=8JFONZ^}0|GQl# zQV3-V`SzPLsQ*WHW&W2Ft);2F&x`JzQ~rWL)txXPjZWF8P8yA}Z_W0%0Sa6vYXEEg zr?T?4Zw}2>o48GGTDdJQytw$>CMj3j=l=1{j62*OX`~#A?A2qF+^;opgxyn%{Es_= zsX>juq-DMy*9fyzspeOL`5*Ro%iTKNqBk)IT#$3{RGIN%kD0~C6?zP-0ubT?r((xD zBEIgCdj&ajH8;u(T*H1}v25J<9%9`B=Xf92g@@4UH)gE)!^6J_R%SmBF*E0MNa5jq zr1s^r`yG|a@t$(xcwTQ}Qtk%%xw9qr_;~|QJ;}?Rqu*$rPEiLxKm3k9lw01tkIiJh zU|;Q$H%&P2onW8r6GdVyQW8C1Qte+;I>)oSYZ8Bb=ETod>EU(+_xUv?-gpYnK_n$B zMx=F9u~!ZRw(eD=TpQ+pxUy%+PuB7MVSHF$hZ)D;(2I2T_F|eVnP0!LcH&};6llu$ z8xqS)Yq}T~FdXJmp??t>x76M`_2Wd}@H&~5-&KTnOMDjL1|sG4G(iLz*S|9~GFm=n z*#I3E9>t~_fwK53p)7owbhUytBS+esB4Sr}!yOX;BSrYN<-`UnP=1<q-h;5k!1K@E_d+*d>rP;PffZeopSn@C;orcc`!#93@_A!2R zB2fhpF^Q1z%YFz|*iE=A;4-nir(KY-(4qsuLYF<&gg04XlP$12tGCc%6$=9ATPL5- z|5-gj{&RY4Hz`Np3d6{h`JNVH?kak?KaSsaK(^h?iTd3AdNyP(-PD!yebZpJ!W=(+ ze{I`%u}38Mur>BD?V{v!(iykYx%41T#^G`BN51~)0sZUGn@k)w`Hsi}8KyBhB6}KE zX7nN%A@?tj`R>cka5ooK^95lO{X|ipfzfN)B~Hqj8un7 z&{NoX_aEjzh|{b8`ZKP|Jb~;oNVUlYF#v1=Jc5j$}6u@vx(ud20|ccXRXC6hdX+0r-e0!`T|tVz(lDN%45 zXm(~d`eWENjs=S`=xSx9v1^T7>cVFKJ~dPfs>;Z1D$K||D$0jzvXJm9By9;*cpF`b zAhGs&2eFL#*k0y7QE*Z?C8y>U4`?Yoym-Js^5 zQQe9oDk^(&P(F#6CN*V8Fk#R#q6ubYB)u7eBtpR@T1d#d$L+hbMTq~XBe{4w39_!EV`n5!_;J9gMSK$qgJFE72*ug z6sd0>x(L0=vp)&M^UkIH5m=}N0x@mSU15sk2cZSZ8@nGTp0NNs>$E;ZOnfl);?khDEP011ub8J2{SeZ zI@rWV1kL?skcnD?*OWkqcJdaW^ZvK6PyEoULoGa_N0vPp0qzD>D5gCq#rRu>?!k0s z;Sn+O=-7anA9-X#^g^zX?vPc8S|p8v<`FY;{w57~vZn2;5q!CdNvUNkeUS33QLwR5 zm0UvbLNI~JkgbrLL?}$_y|1?dlW1!gyz4wn>{%#T~0@m+Mu zC&412h<2M`O+DMci*UBpIos2MUXbzvC+M0FTy{ng%QQDhe-ts=5$?sx+w?i`o=T=h zPW5%B#GJZqOA+XcQAaTDPQ6U9gv~718Uz}o?POmXzECSao~d}rvV^ZwHw_EY24C1( zeALgI3L5^bl2_wyic{%I(fE26Yi9w|jqfdKA2Wr|-D127sh)iDN$5{yQNo|v>bNL6 z=4TafMtv~aOb|s>>p555ANl@U=cN||u}cmD2xy4#pGB^JO%0vQ0X6`Je;xldD?Hbn zjKJYQ?Z$W&fOT|zXWNe<+uE77PS_+h$x6g+YCcy~V_}Z(z(M&z#`T~?Sy+@JWXG2{ z_Y(xJ^F9WOwDFW+mSS>+r0S3~!&*wq1ujDTv$Le+Dci^6&go{ZGu1;p6{asfS-(r+ zmM=4MC6#nO+1HAblGRIIA~6yP0A>3EL;Ehhp5xq{?-$=pJo0*8@94<-9*R!lcewQgu z2riOxTfMxFEU#|Azg{Rb=tSufk7(`IFq?@7f6sI7i4qyv$NYut;~1lb0ex1DT;vd3 zQ`k25i@84TaqU0c`CO!`iuQMOLHGunpr#7fe^~o$~bY>+4_HGMfo^tzqq9GjUdz^iq{TPsc2|>U&D7QMG_0xNzjK zV$R+<gq9r+jhoXeo-1*QFtOovMVK5gJNWjBlUFm4ig<)m-Mt#q21*}s zhdf{lc0jXBiN?7GNMd-!tn!HP z3F9i%Gi|g$HTQj(68`}^uuM;+2z>=i;nj6SrgaivIQiE`0M>Y$SDGfnSa`Va%97UF zF_oPnhcG=`_#HK73|YpHTW8gY4U+KAr7CGgrc@s?4S)gh8n_4qF zdw(}{$}ptu!WV3jO(|W@!%P*AtY~=I9kw5b1P2lGRLfu|jPdQ=l7FKhHO*2y&@a7o zf6@5ZH4Gc*Z}DApfns@CVi7*JJWe7iTKV%D217!_Vr=?{qJ8R!WL0QcUnXX(WUwQE zpo*z=q9hzd4NiyEQ@p#5;kyDmf`i3q-@GMqXHWu;Mf@6|o(O2IJj}BlET#>lU3PqO7Z>JC|m5--QW2HS;Py+J!> zBOw?|*A?3+S}lR6h@aEhQfW65N$B?N$pt8w*J5U1wS)niJ(=M$4=Qdfq;CjnPUP z(>fxnp{LTsJQ7&S(ts6=7+45noRnAF?AJglixIl z+R{Q6nB`lIT5%j$&Y}>ItVD?^{`irTE6)t@*uFGbLbgzouv)#KoM84ZyMecoENElo zEB|r9lFYV!b~Q}K!l(}sN#xc^kQ)PMic9rO9H7&u^G$+doyEvm3r-2AAv_0g6}Q3*_0&bSA98dK)mHSa@W_kqQXRVs z-Vq?ZjC45@%(9vta{b{A4T|fHEVPiY@(b+GHqK(4d^gn;0wY-yTFyUd|4L;&zm9Em zESf^N`tf@F^5ra1I#Cd^OCh0rox>SPWH*S|NYIRe-0t9_p!@QnvWD1{TA@qCHta@J z2~f&IYOV-!!BiXnsMR@hrbgH?h*Q*opa1&`tYbJM>S9qdyi9+&e@HhOgcK1Wqd$Ss zwEMc(rL*c~e}zPt_0}|&t7+q68D!eTM+w>~S1@zF#2utprF{kGu~|Ed%X{5P0tdgg zXshs-1G>qfMH|wR4B%6sSqhOP#Z%gX^O5^ONMmepNabzP1@vUu-u(4%*WEOS47d=! zBeT!nVOhBUFu#sY?$!Xue*y**nwxfeoQS>xr=KB|b9{4Nv4v2?l~U~|YHQk63)xOJ zMD{)9C?vy9hVoC{+biT@c|VEhhC5M*MSj2hpe|At0`&6a*G$P86C*qu}_FnpMIlY~6y zEM~(lPE;`c#fWDvcbO>Zw}9~k)vFvlXy&eDP_MRLy%M{$<)v;g)49?J3LkXjOEiq0 z%YVkJY=8D8;X2M?qI+l1SV<{au3K|L;PQJ%DVqGF>PJX_p!sDDyO{6@3T~al54)(z zSBp*{0S2NXsz29flQm|vnmpCM+`uOgX2e^jPaaP0@d4mcpc7O;@YeyblXZ}8Z%6Fm z`7=;`jFBB(`|ivlB{(;KCT5@kby%e=I-q_Ckoi8CVDvzBoeJS?yg$CqxFPuw{hT1K zkEsAyiAUUd?K{$zR;;9y$FaDW*^`3|B{0uCMVZ1c*l;YF6Xt1%aS>L~S;$h{DpxB9 zj-_4Bw{{=G?xl$K$$?RnK-t7X_(7rFw^eRBhhnX?i47W5Bo;w3 zcM#)X?s14U&P2rOHDVuH08FCR#BT^xvX{|Ca_h%D{$>C_llRo{Yn}q!A{`eI=6-yk zokqx4b@3ftJYdk>q$(gmH#pGT*EN*hGI>$Lv)Q-zxw(BA(Jb^|wm^B_J_A@49gZi0 zKPfFWtVJ`wCdR_nfT7g>($tSvi7K$CdH}LV|V3==LF`(dEs-7WKJ%MKT*z(Z7&oS>XFHAtA`l_*{v)NU7!E?QIyX3RAQ%Ai9NNDC*13ZC! zB(q;y!|}*Enub=CtTB+9k%7pH(d+?3*T zxrl@8T{4#?xnC%nfX^!tw1EuD*DBq*;14@<^1vyL`!mZQzr9NxjHJWA3?y1_et6Ee z!ojqFRF!H4>R@EWW6UVuY+0i4k{khJ#FfJi9`I{QA)6M;*HUlDwEYtV;HLR|m0jO^ zm?2Rby>7L-JKTOFjyfp&+zRZDhdVl?7_io@K=#lf>-TUB)*!O+ruJi4t zzn`>T_wAG5BK;LFW#Lv04_j~;M+LOHe)Xsp=Q`#>&)O0Jx~n7m#|ro32;4c(cAaNJ z*TsDYA(W@#%#$a|wmrcQyZ60bru+x=oEXYRMi=8W7Pt=%u#Cfc$JWdD>^Y@QJ+VktQm_4dG%cp#E&Zdad@&k#KLS7$0S zZTI9uIJqyKYO?6hiKx#C2zjZ@9}T_xuBqzIJA89t5g{e26;Zo>r>l?WXY;});0>C4 zQ9FPPKkN@#by||O6fP9bhFEG6aDheUnN}mxS(+i4WN>@TY;dgId2MlOCs2HHvw`I_ZE~s0<(T+u8>w9+{4g~)U{LnQDh_zhhKN~yRdG(_?byw> zS>xD1r%v&R`7;w+(^;nk$?qCdX;z#dysqo7w5Mc|?r=}u(Z$T_KA*f7Z&B`cd8;_z zEGBeH{j9@N{d(>O-{f~(y}3ATtDTTY0m+bCG=hCY4O#$R&@Y$bDsL;`hXVtldrX9g zT*LkJJ1(8uSfr_@QE7pBwOhU6^bp_BvOwGO9phM|HMofN+T?c?B*Tx7Xd+xU7tPr< zdQQmd&Rfl#qRMeHH1b(qxvI}q`oGceEUFkpOV#dU**1MP6AS)MeMgK-w7a=;5Ic|g zAMgx|ujinX#%?NwYdojnQAO(Kxjv8QwAcj2O-Hcau+TN~LPN25+3v;*%PnZUm?H5SDe+{f&*a;ZIC>5G+ z|EXENpUIS;@7vlhiI2a3KAESJi5Fq23Q;^kko%a4aS@+365#INeXcBEH-gq#9qT&cZw#-Ph0mYy*Tcdw;P|fy*4qb#Sceta4cD4BxsR-cCF@eLvlMr zobUV;jGid)7ujd}g!8yP#S8)x3B1G0%%$GB^ismZyZVj6bLFMB2dF8jrx_23=Rg?^ zOz+UwkB0eq#xvIuM$TUbSGkOPx&hm#0=4$36270S$|3`M)kNVFE@pCT>rT?O$xIq^#ZY@qHB2h!GJfuw2v*L)(%yuu`OpH9V)#TK=Mw?w=N8M_>G0 zwXCxw+!vze!Axv1=x#K+*IT#FU;(t(8j@8c6`&tNgc@e_=S@M0F4n%$2)Bhq86Wgx zIK;#$mQst9sz6IyrfvZ>rx~Es_ms|d|4hj8+qu2PHT3#3jz!1QjXG&Gu8CuHf!R>9 zdNW5>W3_Y2@p+?o-k;=#oIA?+i0#+dZ(TBitmEb2#?-Qkw2!wA+aY~(2(6m7)78@c zW=V(R1kUvs@;fq)ru7I4zfaUXl(wDV!2fJMJzDu(uu$U~p!iTz+asg@9V=No3Af4b z9fLrTb>fG8Qsu`Z&HS|cy%7ScjlU$aHG$C09G|Z%g=#k*odeP~EUw=)NZVF%}~Jtssb*UR8`SF5<}{W0-71&2~P){c?7g}-q(5s*y$*>qDl z!%WsDyFei;*KB8`RdPLp0I_43*)28M&W_QcmF~KO^{C)lA^>tW9vt0Zhju-pgAPuU z5_}MIWTg6-hX1Vm zD;`y;vTmEni0ECj;QP~u0yB9%zjl_sT_rA`y?hPfS0t1g5Xrh{SpK``Ft`g^QQTU& zJS@KF(R1d0YZsSum7{@@{p|5bci)I19~#;ff#dz1_-XNoV){Lrh3K@y{WlkAdVe~3 zmz%h#XrKP{(*s;*6o~yLy5kkaSweCq178wuMz1Hq_Bkw2mvji6)BOvEIh>76N|I!W zIls;nQ0#F)Q0^S~WDbZsEuhp`ul8JnJgp7?+cbu>(NihsX-U;)&w+LUt?zjxMc#-; z_^h^EK^Yo|+EaE_$?Hm49FZTuB5Wtcud;2bShd&M1M zj~#ftQFOOq_w5O75L|L~rl5q^gm|7_Q;WkK+!unR5mh|Ja{>PntuH?OP@Z*oWi7iC z*NSL6O0)snbgf)2*okiv30PF=hX}$=ORK(ZzKt`(u1n}r_6X1HJmB)68aF_>7@MIZ zauDu-+MJ}`ao&Z9eo3+y3b(YQMjkdPwoX9d4(LZ27AWvej^MT+=ydPAPmDbR6d# z?}zN_&rel?Au9YT-mC^vfSsL7XIceGF?`WHgENY+#h=&#Ruexl@TH5f#8<1B4#b5@ z{u^8!HvVaid(Tw}>=b(+P-`Cni9x7R@3=h9Xphn%EreU_vx`xnVA!kmR^76}vYXPBuR zJ=FU<(=2v^|G6Om5Bd~Sd=$B#wWyXzwg7-D_k6@1pz;cXl4bnE4HRfdNgCcD8)>Nn zOvhQ!sQ*s5m@Z_vi7Y*p#B@1hmZK_7u=DkMX#dv&GW568@=qZGvg*M}AUp>G`e*;o z7_1Gz#KMrl!p6`Hz(oJc)+|gxP8<#z`=4vzBqcTW%n!D(M}%QIO#QKWFGsrgq2qN{0z>)E|<)VmB{$N8}eaUGwh-UerbZMy0pFZ z*2GjUQi&pLW7LTfw#P2k{f~$AqhwU0L6^mV*?53-K56{(6qnod&cqHZBM9to;KvWX z=`SMJqX~mCsxSBB39fM|zqN%s$)eq7%=a+DMS1gi11at8oVmSDs;WAkBGERb^0hdn zziUddpn~Nv7s+u1A-4EZhhrP5y>aEFPU8||az{h3(JE+po5oZV8xpE09?t{GBOnw? zyKkn-yY0owyXzFnyC3^hjz?&oSGanPV^8HTg*{yDykD{;R? zLzRie<%@_zFqB%EIY^rZCMQ025eVGSI?F0|%(KdVmd-Of)?}wkR%L_APAtic6J`4{ znq;+FJ-q9Z=pO}}jOTmDl;m$7E6qN#l#SHQmyM86D91q@EAI+BdSG)fb99$k{$V-p zy3gR|%CIaiitHSi-ex1NiYU`b%P2bKa#Z*JGXAdfcs;R7SG@A@%Y4y+vn`Ci^S)Dw zc9gl;R<6|l>ZO)8SwGQQy-kUoKxUK4mJB^nw`}!b{7YHMROtux#=oLZ$Ai zFS6P)829HWITYn_V0~IaRV2~b{y`u2Z2(-~A+X=SqtMPFS^f1ozG8K3=#v8Vm6B}X zyuHhBVt!vnMo(Sg&P<|jbWG%3hxcsN->?Jooa&h=XrAXt^ucFPbI+eDtdaIwC)B2|a z5giwplUvCPV|jf0Tr3=9Ua1u}&o$9mu}qT$tR($8+`9qFWiz^u%p8-BaUn;_<7X%(U6U-Xym3YdD#Ws* zC{z^_lT>C$NAmN$#wNDsVW@m+$&?7^9AxYy7_8}eB5hqjzRa0!rXC$PZtq&p34#Qf z%!)w7M;t71KoX`sQFq6sdC_;x#F)i>CJ@+zGcJ+uK%XX|hQ>4+_^poAG`i2(Sn;i9 z=K$OED}25*Ep*AuSMk`Og} zTdbq6V9{Ne7sJm93BHDaHJLRTyOiarmw!Z$ev2;Nx^waBZgamD;^#^4L6Z6 za6kM!Hwzx=hbfy8rnmsu#((AGr9pdYdYLjGiX9!T`~y485Vq~Y)ki!0#R9UMfjyj4 z*&-6sey`yM+fs|FB$#aphiwW7fgw`x}S5&S2 z*^3Vzmb47y(+qEz?z+?c#^~w!7GD>>h7)^Hp^V6;5;Rt0%9hAa#LtDiIN;|RlIItz zb@7J14VUShd|OOTJ6qt&+Hj*0gWW&v^(^(ORkT8Pu8s*>Xl~yc6S*S=3STKepy=Q>!$m85rdrXZ>$(J3 zbKVBR=X30`5FZ+~&hztZDevyS7vXaPCdz0AgY3El^(>|TX-xmg>S#Zz;F;B8^zuj7@to$N-|>JLeBiSm9cfQLX655-mP zxR9%C4lF@B;E5}~#?&YA0LqAIpk?cv&J71?l%tjs20IRWu-PW5a|Up}q>{L>`a7U_JuwfcG9^Hs4$nCbmQ&df`sM5fl9p=Oo=UMjbUE@RU z6R8(XS(4_Y%q7wVs;l_x3ZVu1hS3Zq_=Tg$6-#A3*!0AGZ_MIYmYMBuRVBBo%+ZPC zIU@6X^X*nqiDcQjw70Rvis-$KLDS27IKK=*TalB;!bX9XWQ~q!fc0yBSf@3&GD_BK z!_-$#;h}rjF#(pwI~A=SH)=xbeA>{ebf(ca8|$_s#;uV#9Ty%BLw8kEY*iAFDE|4H z0M<}l#GDckKO)y5$@VS0I(IdAnalOb|H8;Jy)=4FPGxDSZ@yy0h4%j=PsYN5`@=sm z*}>HISrW7ie?en85&860_!&j890QxXfPqKjs;(IS5eoI~d}PSg8FEijV|fA>E5jx9 zn{NsH4j}iuSH@v*u+}Z?1VGCu<(Sz`Z3i4@rs(b$sXf7D^bxk%<9w>D$5vu9kyLnc zC{>5l&bX5sym{Vxa@9)P%MMwjU*2{7f-W6QtN~Vgq7s&28CV(H3fzwnHfRQQsMuXH zR>?t3hW4rr3)9TGJ)IOP`N+XxYb*BMfF z=GI$+14wPNj`MJ;UMcfGdiw9RmdD;vPt}u;g_p9)}hL;)7$D3Deki zw;TnGu@bvPd3~atIVO_oPT3zoPFrH!Ssr`ea}ZX8%zk|PEd8NU=p0FX!EE~+5`RYP z0jAHdm40fjYwWVH~XN{C9L3nW8hxw~ijT{M&I)z4^31Dzs`eHobfTcIByBEthnT zV-ebqw>kNrm}!&uNR4TFAMv#m0(zSnzS}0A+#H{nxzp^2Y(qvkX*5oV)yQe#^!qw% z3~eQS@hEK#<9_NiN4m(hd=C*5thdxeA3F{&>W@V+qc~?v23BLox-6c7^7}g+skhbv zv17S@BPti)^)t@9#SvT@ZNZrB(O(F}-;@rGuDy5gIxplgFDt$c@2izR^p;(ihWSmz zNGv>f+a?4U4Usla1@NDIrcOKe^J-Y0hr6IO?$(e%7%c2TW|$NhDg9jlR$X2f<=tTR z=qZ4=4$a=ZD_}o)1}CfH6fJN6o=VnRz9$E^oh>!e>v%gh^8<@^3d+WLr<<$pZwyzx z%tQ!s@b?4v2Cce~)k(S1mVw7neMY2O@BmLTu}+VL+aMlYNel;A#}l1!L|#+0mUSd^ z3$kWBEq2atn=quyq@`}2iBZ|C?2f4D#{(8a#rt*{EOiM)`2K%AzG~b5uv{(!&(*AdU30E5Ztdz$nJ4uzP%`yrv+zLgx(zYyk7X^y4@=P z-2T3=Dh0lKcjx{Nxm7iM;E$Xq*`T{A2>D+Nd8lut~5nlA-|m#w8V!?czA+96B%41CQs z)_Kgz044#EZ=X=Ei%FgHzU2f2_dPA;nm;~F*0{W|d$sWsJ6l+I>{=f$xlU5gU*Iku zAqai?#=d4gQnnRvZRO6wZe^RdWDjjuy(W)b>HNiU;&BAJ{WCQI&4uKeh+;=x`s5Ay9|fkGoRhSQckRuX z3BQsp*B752__VOF56cZTd)kYx9Pq}&WPN%?ouQ)8CL6V2v3qL46Xbw?HV#lL7xI;K zA|_*TOyvk!`8?a{oz%U$$bPcFTR`D`X(6;i1tLs(g^AKQ^yq=k5e3MahhWqc>?ic( zaOL?SJm#=D?w2WtKeX&1`_^sUd`iW}JV5h;~ z!1!Y4PC9m7qw&Z`>?g7w-kU z&X@;PiXF|Q_+9IRXbtZ;hfX{oQo6$U$Fw=bN+N|uo%4Y_c|>8cg^RKvg6b3v%2}Oh{F`z{+znV%{L7x zf>+pJ0hlL&N7TuYdt(P~Bb7osqPwiB46JoIm4T$lPL8yEHvI2N*asP(s>ca~2CeA& z!V^dEOoqvZ6-x*Ek@0!mCp2SIMza~Kojf;xBc@f`!-SBC6<_I#d9dFB_y)J{mgS5& z7=!s<5AXdS!ZN>%OTIUk^f(eylKD635dHwwX2_Q8bhG|!Md!@LW664dfOToqd|IkG zAs-3S>lu8j zqUy%7o#XE&h)9n`)4O1gv!ECCR;m^a_^EHh^99J#)Hcp{J)5=C>!1dpENO(2gEw#M zz5#5EDt*6vofsE?uUT-3Tk*Tqgj!D)r~jH!ovt++RNppq{tD=g_NPdma{fByEQ*B{ zWHyhP_`v@Qt}0Rl*UsG2ra8Mx+CEimmRPu1b>de0-eTTD!wnxBhDKwmf7K+lt|Ot! zZA#^>^xIx~^b1dYO)V(V#UdhVS|`{f6k^2nD}d-Y$z|#-CW_5y@F8q~1`e&PUkb;i zKa?EZH%sxNE?E_!#&eA z47Ai(g8Dca8bnVYsM#Vr7J8nJ_B#I`3<^J+!WFHDES@hdl8-DhzRY_&Q zW!U#@aqb=VC=kWU6j9n-{Z@6aqb^jbt7|PGOd~<{9aj|=B=%Qzzp3GTA75Qx%Sjsi zljVrobjR#ir8CgkN39)-#!O4irTNs|^%hV|&Cq)3YwW;&EJLT3*fyv3LATAKG9pqt zh8`T8sMFA?iCk@6-@b6vTm&euSc}a{4QR*f@BRzNX`8Ut(?tG z%k6d~%6}g||E>Kz6uC?-RNAKpq(bCO8ia06vw2r5x|hXbq&StR8{yS$v)G9RymBtX`-RR*e2Y} zM95juc*?_F&KIP*M*OPbAd(l5uzHyR_k$ub1<*1VJc$)$e3$a_b1In0PBy8T|3n9i z+Gb6wclZ0hE!MCHp@Sp-Or1l4>WWRfEr1~&mNz=0Eoj^hxDuurO9+1Wxoy?1pbd!Y zYM6v&1f>_Khla{1T54bMkSYDT{_M>YE!G+5n3QJn8DntTG{ z+{RcNhuQpFG`V&(v4PGNxsfu*~pV-Zk7knV>4zka{(f6j6a=iS|zJ2Q7? zp8MQqW(ArYP;2qdv76&2WTrM1=@zWJ339x4DNi&@ zBIJ&L5rY|y^VHg>?Sr=6jE{Hm;q#T>$|XwAsj_b9^#{4BvU2sc#e8>f0|1j8o>Op) zOP5g5Lz*((wGq4N32h41&6Xj>HKv^9)rCX;jtWNf9vY6*ul03htf@mn!D^KrgwI1; zo6gb$DiLRB0Gh5a9~nV(Y+ri;f#sr%foDk5Qzj*kkoG$jwmrkE;2MVZPlR6|g!lTT zp2b9myh*zuA2Y`o7+f1LIjk@sKt7LYz%$wZJIlOe^VHhkRZo{vaUSN$g&k(OeVs0a zw#G+y@bU?*4Rx)XNVc+PF_k*UFxuqXQRW|h1dsMDVVr3pZme7UcFwO94D7Io(jl}J zY_4wxu|T!#rWf@@4GpzCBGdz2-gWlAbOpuxxX#DdWr03r8c-M~9+v-(%ed1k_ z6AIXLxR;=(sZ*e<)2|pdk@*4Mti0~%S{T^4HK2sy7d~%v=S77&;OXl{xi?Cl0p6EX z;d|vKqhtJG#i;Z_vrl3SWum;+hS@eLTol`giEX;6$h^KlhlqSBd5<<4CW)|!AvuOu z`RcoOF4A!qIosUcx|)Q}14&;oj%&+LFr_$jvbKc>Ibx)>e8Q2BMfTx&)oCMysZ+iH>b;?cFMids& zD=ROh4eg%Fu({NIId#ZPYA5sm`m+EF1UP2A#Rw<7K2~GGh%Dy8(oAhQ=?Ai!Gx&VC zD)q`l%4peVRheb@`MSn)c6TDgL!8bKR2Fm3?MVX=n}wLUS%N5d|J0F{*|ke;T9;4> z1|9OAQ_=C)>JMhhn4Z*IIqc*p1{gEpY9r{JwGd-u#WXr4Dc@V8G7A1!GzD+lPH+ad zCDsFdr@;9^BPsj2G#pKyNX44y;UmS>mrS-BulR|QPO5EXtDq?W-E;R|MF zZwl2y%xX5}D2K&2YuK?lm5B}s2CH85yx1ocys+cfLMVOR>}l4uYtW^vaQ*3?8X60y zAABEAZvsqDW+vXim6pXuMH3Z}tUU$!-qwjF{K43xpn5M@I$_~u_j=Cjh36q)REz7v zSPUTC8P6y)^8MVCphHhYSv?YU@lfU-gnYM~R&eH>Cyyzf&zv>%t!j@S+Dr@ktbtq4 z6X?^rOu;@8LlEH@_A1^H<=}YTD`P$1nX~%Uh9~}Sx+>dP z_HMJ9H8}ge5>aRn=kkyM{LwhUzM9b5f;Fdk2a*kEtOHYf%j)J=Z|zVk(w~}T|FLR0 z{JRGM;M8EaQvl7;-^OOXp!C{iI=MuL`^bm2OYJ@MF>e!UODW~ z(b21?>F6<3^u(G>^Jfv!u;b4$-^F=kSjHc8nlrjZ5Z-8oli~ zo_!@~rCp&`!X{vJ-pc(+l5?7|VI)+cT+>rrI5o=q*ZNCJ8j^h;uB~RIW+FS+?%~wg z`pM+pFlGJE%!1clpuyP$;S*(JS+6?L%RfPvNskR@iG(K@fJaB` zs%0Mqdzzl`Fi6@%_H%1$acwZZE<62jfTHWBC&7^g^Ho zrJSVHy~9O5JDl4P0rgzjBcwR+PYAog2t>f}DS()F>4o3jbd&%PiIpBBWR@74U?x9K zNm0b;E2OFQ!~XNPL;z+ko-MCRSgR87%*T|5U-r-ekNVhHDDF(~K6pX9opyBF&k6Q- z+%hP?@e;jgBH>#h4xzSh4(%fFxq?&+7OU~>j6d|7Zn*`gmUFSO&}M;7$-U)X;+ zrSKf&1iF6y*AnbS)ojLU0NAas^@&FB`i}%e2NN^4FOt9D_asJ%*S;D6V|Y6 zFk}7GwR<-(^BJ*S1>2xn=&r$jHXE<9Q~^upO6VjPIC&xe<)WILVXzu+N^d&Kl&Jn0 z?agUu5Yq0k|1LojQ-C@W3nH*TA@Daj<6*^tnXE-Q-<*NTMqn2}8)dP+{k_xsLeu{> zSCO?w6?1gG>Dw6)Y4fKNGk8e#USEG` zz;bBqnig-TC0l8~ z-sp==3Ym=0y-xr(5~qb7TvMG`*P|AsWpBOu5->*zZ#>l}kEsYcQQ@Y(71P>t^he1= z+PViBa|9l5bcwXtp{sr4cWZA2&Vt&Ivfa?7xR`R7*_#)=x(H=9C&7jWJ8wr7Erf&_ zM`_mplg%D>7$lP9@3+9U(3mzPc2Noq(3yl_ZlEValK7uUe1Zt%y5M>bm!CBTJb5(W z)-9n@Ceh`PAmpf?97s;VCBv*%)m>qMuFph42u+sh7`QO{7yQ+lOoTA!8-u94HD3RT z=GE}4zw0Iv$KUU_p7h}&hB1w}; zLVdrRs;NOa2lwtYMs7P2y6F@ovR_tjQ_K)o7M#D((=@0EpULGYZ~DBWs4q3b(W?Zd zxQaX%4&p&5fTj-z)st#G&K&h9DrB*$VN1$S{#5gWH4&cEnv0FhUm#5d=CqlZ+DoO} z@A&PsbhDX$V~U#O9}V3VqYj6glEk|j+BG~?f^g2ZK0VkrO^=^ELeb1q2H6=Y*>!U| zsqH_Qh;TpT11rV}d2eCzt4HFLn;`4-~rXDhch;sezRw@@#T8KAYa7pgBWM!R6 zMWJ%(84X(XgQo}7Y=_Nu;1Q6TagszyZjG!QqrPv+1K)jL{c+biL|qf{3x&Yqn1Cok z3t_(Xa}t$Lc`V>Fkv5%$8Ao-Odp#xr%Z`v>i=*ByxvcdPTZH_{H=}UNCOkH$`h&r< zsJFG=cHL;*&QA2J=!~-$ZY8UqvdaCv{+d1Zkf1ci*Aj^A|9}x=7;#`Sy@U4jtC(IB zdk_bMg3l6v-yN?CqkS`dRf+_s?`L_jfzM#DIP)Wp6S*R5wv#5JErdzE2|LJe>0Po$ zfsw_ZRS(S%??0s29q@+7pV3V$?ZBpSL|oTxpcDqh+mYw^#w<;gei$rr@s5FaUVfBoaJ)i!MwAKET& z;5r2z!Y>dRrU|`DD9dmz;gM!w=T?F36;Fp7Ervg6KW95QcFIioO{RI$7>G>_!Pd4r zdrDDMf3-8u2i#GiuWM8THLJ70TuNAHh6s2WNkPkLQ&qQvqqzT=Hm}T=$15LwG9YwE zT5Ry1l{6y>%dW+SR^G(ApBA)Y+Vqc=n%=Z_W0D(|;+=FN3r}2S~jA)$vjwi{fjnj|Q z>4-Hp>)9{07kau{?z$!8y!qq4wlzJwVVK$UhipGxhAC{ccV$bk53z`e!e0HrKfE{4 zb&N{+@RLdTDA>{b)&Ve*@}#4iPUq)|?IXjp7_4w3F2O@QBDYEC;>+9V#QuUPV8R{y z!s?y)f=f6;1x?kuLva+Dbl+yqTS-9|WhFzjfuq6)KYN*jNxZuw<2Z}Wi+2%&{p*i)>q#*C*5hKI7O6Dz}_L?s921t+#_ z88N8LSTXEw>Q9=ZQtnhh`!taC$C$S*Hr{G;O)Amt?xt>2&?g(^k)OlCX_M*Uo>}w`XuFnO#3eIV z_b)j%Cy=fYk8TNvCUMKUQ{CpdmZX_iU02#}j+V*Yb{~lnR5!Y?$z)Uc1u;?F^kn-G zO+f{ak_viQiS|SEA3nI`WCRvyUYQgV`W0lXa zs9I@*Ia*M<-$#*P;)+pspPW7Zd7Yvz1NeE8JjD-Ec6U@b=llTxXhDI<@kkM1TcKk~H+f<&fl;bBv@cK8b3fR)X zdv-at{oNW^ZKvp?yzFnm4&Q}4U$e%_*Dp}#frXqEy57=5r=yk{-|H`|ad6K7ki^(N zhKfQw>1+pc?dhH*aA12hbtCqs%Fdqc_Yba`zFLc240}mT1imdXdt}a)sBloef8sN> zTl$IF%#GN5%@zo+_-4h$p2hCx4w=}^2yWwmd^!mVR?1oypIR{PwoS*!=3NKEA(u_V zgBp~zS_sX=F|WQJP}OU9BJFROj_)Q?e7Z-s3g>LM!H?^B#4X`Lxqz<{-!noCxGML5 zh5>Xp z)2|h5#WhZ)Mx0AHinQ4d{t|yyEY)pYSs*NJ-3Cm@R_L??)^K#G<~C~&d~M7Bd5JWf z6A@^)LwF+CTgd(+NX-g0(EV)s;myV+Rb~A$K%X#r;^cYst4}g6i(1M*nvrouXK%#S7k*t0e`ThAFkHAI;{U0^x!-L2 z4Zc$M>rEsb`iz$`r!Eyk$7@gg%l;d+LK%{YU5NKX*ZLXM*ydu^Gg^*RZ;Ui}gKP|7 zsof8U^C8vK#7SCC%L0fZ^ij;S`hs7K~}cc+`9SUTLRvTl59nf4m_nU9F#RTilR)Da=%H zZssJHunqH#VM%2~X^>2>?%VG87;B@$a>HHk!2u<@3;E5}dx-ZumLy3OCH;l*=%3Vi zcg&p2NwVIum6Jaegj$RsC*=w@;1A@4-_CVsklczEY`3GmVYiJSiJ>AHU$s!9 z8Zx;&=<1;=cCOR1%QhixmAc;fvu5sPvTW|(37fV?K3V5YsqU%qEKzE4zo=y6qFah9 zrMItZVTnlVt=K)rG^lXkh{D2lR=gMdKB?`}X%z-BQfV&r6n!tNk9Xf-{_RdCW`{^T zp8DCYzPg>{Jpplxbj{uPH zdUDe0x$Cf%v(-T9N(D3vI|*Aq&rKnps(UI;zQbts#EpYa_-kGS*{CBv#}>PAt{J9=(<9mjCOx#4+wqs(0IdE>HOV?|In0u@4ca z@7{O?BEi&qfD3-nA%9oH(SN{c=IyriNMJ;x(tL`aF*iD8{xj}X`vBmRz6(MiV6AU) z*zMG%a=lUn`MRE7nYoF-#rA=whaL9-Yoo;Zb&DoUh(lM3XT^t|LkRUlma$6Uy=SScep(?oxuJ z?Q*z#ki__4vTKz>hEba<5`6ylj_JyLvYOk|;*yA8lAv6Z zeky`=x^0en!Vq6ZZG=@hU`D+K^v0Hxts2&&Tm_xaxjLNG)*xE*_^2~~E(qGYH88DX zL=1GtwDo)h&_^w^mg|T01+zLvb}rSH*@Oj7;}#^PNJk#MrUnMk=wLJ1zt}25&~^!D zh1bsE3$MDJ$uxXzDOM(%m0>pNEUZAXMGL!cLQx|(>q9Q3#)wN|(O zmGD7!bo`h2Y(%=6#BH8PR{!$wRCL`<^82t?8u;|9b*GA2T{_{y#7abO`Ochm9b+b^ zQpDI8X1k3^dlV#rqV`cF#i4H{8#NKmSJbR7CAk6V#-?Whl(fBurhgh8N!LO9YKj4F zvKCX_{DEtsT7JJEo`OvBR%`qY1_0_jG1A?{aL4WJI%G7I0a*Kf6>hWlciJ?LB|biSyfq=zG6Jp*^0 zQUFCau1^W9R?umj0sq6#qw9j^RvaEYiDLrwJs`~FSJY3A#Ma3#Jm@=h{>U2yE0((g zoL(`5?f}{^H-hAM5}pgKp?VR2siNaY`Wp2Ld7+dk`_Ac70D7eKE`EswgrOlo4!P?t zp;sWw0^)B1dV5(1Q+eahU%4Az{! zT@`#V@A*FE3Qifo0fw-HfiQcup!(nrNOL6wp{dw3ms)7fkPZKlLh%gGkj_}Idi0GR zpCbKZ&RfW)FSFE2`j-p@UXeCYgBuI=;zzbz-Eouc**IcKVx{a|wp9fasg?K@RIFOB zFq_I|-wSn6fdA(80TXDf4A!X}1$u#l0ha0AwpCtEt$i&b|9ca!cvtOPe9ji{ckO9g z57YpTgr0&||Eo#%qF{xm4X@RT;i11cB32-MU91Tohv;vSz^f8Pfcq^~T3@epHWm)q ze-GPYS{?RRClBj1`N^CrTU*l-x>)}j{nzeqsy+#MR!nfrI03Dd$|B^8e>>vuTZi~< zHjnLycHWL-BVOjEK6Ib&#S-XcofRwZ+Q)-!c(!vA5P4Hb3Pg%x_CAOop=cs{%K4V@ zUo!x)gYwQNg0*_fWeY`PFZ?3V|(y;>BR{OMLeBS6|0^a{vQ^NU0_H=z| z6iM{3q_Z(N@&7doBVy^-SH;vdaT7NU1$GQ8WxqHV_x0M%ID(WIT( zLX0YxF04$UZ3Gj-Rio9UE?RlbdscQjFk7wIJ3^u3Xo@ct|I+qD1@u&94uTmzVgcI# zq!wFSE9~q@jF9Hg?nLb_TL+=={0PZ9hS|VFDcI2op~jI#g)Oey8~&w(5|4of%+y*aKmowh8;ZHiF!H)L3 zlBe}55cs`DH}Fh6r-(}ALbfDUfKq}u=~Khh?I#ab`+7Dz*vvLxF6Julqw!l9`=qUn zskFf~RQ)7!?qY%2`1$atgk!*NO+Z{#wONUMPR2!OcgM*9+=Sx%o1@mQe*R0E!|LK{ z`vc8@!AE9CW4EUr^UGSn%P1v@>I+R@Cl=~Ce>&X3twz-sx>WozwH$(J70fCprprY; ze@+?>ju@Vu;tr2UOS+$G+>8X*2>#=}L0%kin7U=5Yt+EMw6(DOEU9YR(Lzq+XXPfeVquDbpr_Z2r{wac{o1cgL5Xe3dl}kiS<;0;&`-Lw`y4k&}JF`ydFRC`s4Y*m#!;1iOj{t%?nkViln6yk4l! zGmD~CVOd)VyHQd68UIpn&f;3w6djVZK8E15XAt>`x`3m0oJ;*+j9Yw2N){?v$)42L zViI>QdYSwq_9Zv3yeH)gJ7)f3Q|aZd#Iz|}u9(5vFv&NnVy*%fP!apT{-DPTDO^@9 z;&3noe}uOTtgBzy99k&=dWx^Y}_{*fu9i zZ)5A!#6cR!_5=#-1?;D)c(iN=-h!i6632{^e#XhYUL^V`$x5beg{7@SD3Fgqlxq;m zBDEPk)sac+^f?J_X1`C0B9<@1HYLd#(T|E^F$6=0z43dFQwNi}Q|8JVFL#z|7-LBq zl@_|6Yq9yI>R7ZYaPy2G0UUWKIofxb$5l@;5|Pdp1>~UAq-i{W#G-~B#f%3tdRjZV z&fX$r#$<*<+tzR^4g^fJ5_`&Q);*bcJ?xaQkdCzcUMAF{>x7A+OAZ3ZbwO=u3hngB z>&9-=!Gq5>z74f<4la&#FwOUP?*d?iYN5@seBRCEY9Mf^N!2Qjv?-Kdcs& zhAU8ujJ92toL)~AewtU}^Gn2rwcr0ypk{lfUd!l9{a?xg99Pc)ytk!)ZR7^7=%+$Pq~! zjZGV|jiAZu#E4LR*@F`Et^TZ1qKHcLb&@)crHU)w_0h%=&b7XAjltYyu<2CtCo(6w z4UqKOzo*nTYoPw-w{ojcguudv9e@1y02*%%;*gGcwtDF_g_Fhr+~l;_kDZJxcTQ?2 zz9VxHvY)4j3yq+y)z9W8*!W(irPV2*yG*{SaIl1+;8oYKo(5%mT-q~&m`>;IA8n4X8MWJeT&N{c1!v<6~eWmn8e>{u83}-8rT99zFX9H==HH>_%dYU(3<4)V%jx zt7wXe>6QyD=|rt(eRJAd8(wS$wi6B-GA#A{>RlUPw|A?d*e1q@0Za(JbR4T}1!;r% zlA@>51`M9do8aG_QfeyFa8@7{_(AH91Wu7L%$YxhLnHEFaD1jtF0*Y>H0zS}36E{vxcJhktZi=-gV?nBaAh zlf7<#bV7&!*a3bflv618Zy(I^$% zW$M*$hR>rWQT!sA5X^)u8~umme}iux=dI!XJEZN0hxk%@YA|R~slQyH=<8L)@0Y93 z#FL|o1TOevj07`$2?bXTJZYRyBqiHb`0)RZdeGF!gqlyRz!8bkw$Lx5cbBm`v$h_y z%VlVpG(xhdk1q&?-)6pCH5Y>zG33@@PpZgL7Yzvq@P7b{N%uvP3O-^H>=9 z{No%yxZ~8Me2QrcxgD1FZ+k14ipJsUWP}IutOXO2K*6Lyu`GN^tsTg+#A4bV^zZ^D zYsNM+7$Xfyt2L~@V``Ea!6u#Edrw9c`Z>m5fbQaOc#u|3U`ZMVlcop~h#5#~sj92< zGgpmlkuJ(zupJfLLdPPl{5nhTo=VQI9NSc3wpAK3S}~PI;W+J!ur;I@w9XG-Nu^qP zC;@EmpKO=hNg#XCWP~e6S!8=a(okf+%7e(MmSxA#CJD_$g6ZEst8$2L+v=>??oFH} zu8Ue44NF6oo)F~02jcFjV%MrtqUJwB$k z_ft4IxvUHRc2W#1YPW{57JMk<;_j3Nw^PW%eY|lQhH2jvmT)6}#rLxvH=sqfh*B%4 ze;x-eB?g8hNvqs%%i)IG(b(%>e;og94*s#)D^-BaHnX@-0L_l3ZLgJrBF-XLggouS zd@fWas7S1)xOETSc{bSc#6l6==AKIFGPl01N*w?KIW^aNbeeqygv_AH7~r8r|)y2wbc2s^|` zlL)bU=UhMWI_-hQ z+Ux^|t`SjW?+Ot`m^BTV{6I|j98s9hpGok&tmRRtkTiwpYs(JwO|2rO0_u3bcbvNi zk${-bYF-*9TeNa^?Po4c&}W;UKq>YilU)5;4n=9q67B-?aJzR9gLyeC%-Nzp45FF7 z(fU+hdKFP0uEj^zeGw=Yx~WIF+B_W~bcVNIx;}KsNK{=zevPhDh#4nQH8l})yJwRw z#>Y;iZH=!j6hh|kiyp)ksJKPEo3-juzsHys?B#^SrS&5QLy-8}9zvR!U`AnHvS^v3-Nh6;d+s{ae1@gs=1M zJMG%3`CY`LqIGi)hWFOH7fgMXW?=&mw&ofW!H357aEQFEp`0;*401(Yz)xP(-^t!t z_3T!@!n41lpYQMGJI^hod{B}#r)cchE8N%OtG;B|&FT<(;YW7LTkRdX&o2OJHT!Ae zZr>p3M8u!U_%^4IwfMej?{?SB0|hnHfdyH&`NIe3+0W$mVqD(&>stU6qCCNlXVEp% z+L2s+K4q(pLy2voIQ+sx2J#0B8-R;P(*-ft1Uj*oD;f(?G$ihTwDY8Ts`RzXAh?}+ zu9sPoFY6(es;K?`*j#R)a!gYn!i%6wH||jPlD_j;9yCEu*N_3)3y1*5yAFlJa>F5@ z#T>Q}4hKc>bL^_gW_Nxjm3x&%NSUevr62quSY9Q7J*l~a+xx#6sd z3|4KiStGOBdLRw&rcIUOKQo!EY5rD{>`b_1}PtRBi9?cJ_c-aAKP``AQFR|x^kKfU-1~BZxoPsBG*#U09s!OJ7j>MdNR39A7Q&P6IRg}uK zRVFg}?%-~6Al~xkHgnjx?}}~2W!zS~%9G&H6&`vg87P)YQkB`9RrLCBxU4}(^R+!3 z+d(im>y$N#NBBVjDx^Xi^s{d;zDB=D3GSOgH)SvRL|RBXw#ly!WBf=@ zPa?1~e!m-)TIQMVqZE2QRe$0+E{%dyW=jbPj$Gw33A!eNwtT9-95TCEkhXrL^wuIO z$6ndKIAu`WL8)SkKR0&XsZ}mgih%Qi3+GnoC*qp=34a2i&@m^K;%wCqk&V2mQsYQ} zx|OZk2to?(dzq5 zHCxAhB`7>P`J#XzsSqZDTU8ZqD!Cwot!ArAi#QRZjdGf0GKcvEtNcQd1o{E?yBmIf z&$el%dl2bJkSj0^ZQWH9I6rF8c!Z2caW68&n2!ecF5c60)dsro zzDGP)xY{~I^|G)goAYPYP1t+XBT{Roz1fa*zzp|I$6?yli=?}1wSZMHo3F~M?i8e~ z3LrewJPse;|4K_ij%%wIQBetB(A`N&%#4l60NJTA!x(*gX@kw0mLuQF1OW+KFdY%dk}L|h+c=_0d6dR+r9vRxbi;H{R>2SkDn zOn?n$mL_x4s))+jfYPEN*8>+LWNyAXkJ`i(EgLJYDYe1{*~crLEdrid&^&J>dJxR) z=qRc6lG~_U73O>PZT{ty<=sO>Ojb?Xk4ZOJ1ITWs%1vm)cHv3|ub1PuWCN{9^z@mn z{-}C|gQ<^Ie=YSL)DMQkbm2R9&e|?Y9n8o({{s&rgdtva;nFDeVlQkikG{DDse*k& zT&b1g_iabXznq8hN`}aMtz+Wlepqd+@yP8)w^H zaudf1J+L1^52^eavZ9;j!oUT3+5c;E?2eAgL&)ma&(itgpCoyY!WmF|V+Ahc3L||^ z>!(TyxOs48!OYgrx_2GdHHJH5zbjk55FmG2HVilfeB9lNNaPeUDxp}jzOGtyblaUw38mHt=k4r;m&Hrvl(ZcTNQ z)qBgew}w+CB5u1p`OPvAiSmu%kraRqtBv$jQKf|kUcc~d=PzRlgFXWAJ$CZJgQ`sd z{fwJd*N6~dW)7<`dFl1<4FcKH*{J$@-_h`L--Kgm+cboeJ96?Nz-~7qS}GJy^XSeS zruJ6CC(_LiT5+uqQYVexN-U5w^0(Tc+U@oFdes?!O`F+V$@Ub?RL6?m!SYE$9H(g* zwG%IRCAB&5v!%4tVW;hVb9Ch92i*hKu^R}MHp#Optme>y9w1PC#k;T${KysV0|7%L zc8n{D!Q;lN?~v94K@msllhs-(?GI?Zk_Cyu5GVThh%0tx!~ubh?*a}}q%@mP?6>zX z2c>Y%+rzNEY{(Cl+ds7av|CyE=(BBF7=-q$Dkg-?X*bgo9~az~N)qSYe78?DAC~dF zV})M*!$bgnGHC%5MVz-?r2nFAgZx4-z9{^ED6e+xK`58P2`9#N$x*lAlo`WYi@0w} zurCR1Hhd#Lgdr~^(_XYN^h+0FJwAQ&C}se+dK!SUKTA2;!~R5s8BR*l&i>{o8b|9lEkv>G zdQT>mbU1h={*oTJRUq>(>Jw~phE-IkEu2$_u&ezCU~9)>xDk}W$UZJXJHt%f$1$L7 z?k|eGBWXxq0#Oiw;o4RGHMxQ2D_}#L62LL$qrlQf1A;2zh+Gp%(AS9v3hpKpbd=azBM~0d&UhKx{kIi_ZuS0RM*qmT9*0*(IKR`_4 zJnzOVi>ACG5x+b3ZW3O7jTJbcs1oox3f))ZFE>azO6ISzOLCB?i38RO9N9ziq>g@* zre&!5)cw+HOTzuiViqM4F5N)eA;Kg0GdTrmSIJ;>-f1bmqdy^sl$wdN{IKz;n9L5i z=AZh1sz$?I7P{_uZ@5#KmD~f}ajey)KIs8hgoat&MC?`VD--`%SWDL2&9Y}f5_;_& z`^_^&(%~{f5i{lAlwb|sDm=4PBn%v61)q7vor}FrYAC-zK9DHfjuV_=YtBkW(sf7# zUc=fCEvtL(!h5wcdTCuk?C8loz?1X>gYTRM@rw_K%ds`+eqVC3*ub);` zg>*TkxnnH85$%|5wkT&YsAMYMJLfjc6=@-sNcP7uS0U_f;^CRV zxJrQYJ{cb(Y@_kHgYM_`1=M%HueI`VB<9EN__cwjm$d5OOUSu zo%f&DVvECtQ?9zGMN~P)V-q%sgSK~eX{1r5BQ}Mo^h#FLyth~eAfbQ_68(wxs0-jX ztlVAkzl*m=u*mTVDwucL4sWu}u1y|N9-lFOCUcrW55KhJ8@{o$0t_T2qI!Gf@m9*_ z%ar%PXnJk2OSw#`DHnjyEs-k{s#m~1y&{WLiZ+wSuSV}=8wIg98(?2LC&X$e>$ z^1Vi-D8Oecsz6Y3&2q1~H0h03WE2@SVO8v9(PK5@QQB5^C?^W16E&#+#@gcQSXdFw zH>HOrLzqGNR#>N^(3-j>!Ws^SrMy2h<7AAtui>M#yoppVGTCbL#5nQzruC?$p zQ&WUsSmVJ4Bxnp`Y_G7nr63OFyG^!jB`j%P05?ZlfH}*QSLKT{)dRZI_OT7t zLPq0dY+#e~;G|2pir>qFu09*=)&^Cj<(ZYsXA#>VV|HY!qX!4;S>gFLj_W^y!dZ(7WzCo1ixV$SCcD$Ck2F(myWYG#P7hV%p(KRe85H z8l5EeVl&c;m%Ob}0%Uf(COuR(-=$h7YQo1s(Y1R~3$`oUq7Egpq8D4*%~vO<3rn`J z2DzZ^!bielF~)+aOTIS)1TKy7Lz51u3yQ>1pN6pPNDHAt3k52Frlld#eC35LX{ZpXl2+{oW6}@t%3Dq-da4Vhclgh6gu4Y5DgT=ZS`ND`rQ_Zfb%BcbRLH7R zH?hD87KK!O9>gs=%dHGcpQ%T|R1+T}k?6n7_BTC|+#GOGJ71iD<&*y)O-`R5w;VJ5zaTP|Idvl1nYcQ#f!agR3}eJsK8z+D^Eqc zMQ)gcGyGR_$fkte%z|BBjiG_k>}<-kx#kM%*QD}CU;U|?RN_DK6~AgURh^cx;s2GG zSQ0m#bB$X?Mwpx7$UmE@-WZ=+2s6@3J;d!f{CgJw@Ur~##fkh!io<1}gi=%GOV$Hc z{>41?U42m$v55bY@QtG*zJp%gr7S+ZmQ|mcQuP@&Kpc^Umj zEj7Ad{ij)w^}})G09PGu4S2E)9_cq!<6z#_t~g~DH~H6El!`y4# zoxDu+-m9_V9v^}g{#;C|98&G0jK}S*lYSjZ9@c{PVa>*DN6=fU|Jm}4HTI{-#u4_K z*p>R`V~gfB-c(>i#c{h-$S@8~ah8185kqTWa>e0%6cRW&RQ^Fmi*Mg8#a2k^b~p0(6SU zy|~J^M1pdX_r1FS(X+khUsmYll!i6W_)~YU>xTb#Gg5v{jlN-(iIP zz9_5A&590J1ZuYwrKEUI{8#xvf^mO!;`47o+y$Zmg(861AvImGDOeK8)$B4SX{ilL9KNzQe)aFLdNn8aL!Db}NaFReluxTT++zIRa}d z*d62qEdfLg7B>luWm%?w^#wQ2Mg4DU>132k+Dz*MPin5Z&9q+hFSyHESB{_7+8d!} zv->^u`pQK(-OLj^Ksni74Li@p~+r*qUW$id5blD2VS?cymCPto7TqhX6;`A!;|%s*~aiw zuC%}e2y(G+Hs+LvOWyc#%9I{soivk-M% zw{3m@*)-0$7z%tsZgTCEAhX;0w9#9#o-yv_zApQ$p~loNA~PLE@amW7WI#x9vUHT* ze)lp&6D4|DfQtiJjYDg-Lci5%XTF;ZWUBPik-F~dCjZJcE-`?#+INV+(!a|tj*L8P zW0p(mF0!T6eadogTgo#~_(cBt9jiEUN@&v3Ktpk31i-&!r_x%QrEdIhplp+-^pT9G zrz+qPxGuV;-Hi)n=40^RZ3*vgk*A1}Z^@N3P3kTxvlLV}T)Ist$OjzgswV7TyL4+9 z9yp}4+ZU*bMx2m3s%vk?fzrJ;sZ2SM zaleL*6az7E=&>56aIWJYNUHUx zHysQ!yK$(*o(+#ix0#iUtTd}vh+w&V1j;f0lzU1ui$JIK(@RPZtoZ>rgy-*=e;Z&E z8qd*T$eLpGjs8UYZ7h3XyNyXD2~drafJoV7_b~U{9QKe73y0=m1TyLfK5~ z|GWc;Zr|rPY*_t(bi}^?*LOyhnt?{cK+bVOM6>#wN)G7enXGrY!QAcl=uWRhvDq#4 zu7z8wWG)Ib4V5pq%hW6o!r*1=xwY29nwl+?V~;#KQpbn#%0{uolGj>gca`4?!VlX4 zB(3hXMYH>l-clJL2)GeijB^+|b9GQsu`QZwe9)U*^On*!$s{`e_QIZ%fPT=|uvH&=ULKX*qXRVDD+}B?ZW>BkQB!Jt2KB|3QLa^Jj6lI^;`8K$F^pvgS zTvJ@PAWB~{87vF=KM4}WvWALS*5ADA{$(Z3hIW0F%&fB^Um`WKOah-AfPkjoWS>d? zP_K92D(WnpZ4|b1{)nm7wMHIpr1NZv8zL!hWB_huieiyp#;$jN#YWRwXgJ7Q`5kDI zBfmVMf+V?K zIt})fR#SEHh8@e#ik`}Z85F3+D?GwURS}YN_|ESxq!<+i?gNNhyDz^C&mU$4ko_N5 zZygoo_P!4rG}0-EbaxF%N=c5yP!ftXLyI6t2?z*?bR*qeGjxXxAq@_Qh=fQ;N!M@V zIp%y=li%RexO3C;IBPr1Bk)-!V>VN-lbX zb#*sisP?=xYD?f`t+C)t`O}xmHDQK*+tKE`%Ro3O6Wd&g3H1OrgZH?4%il@tbOHZS~KAku)&LIviKAH z{qXXri_t68WyGRB#CyaylzPl2g~ZDG&rog5($BVh_jL4aRH9vZVZpr=?IexE$lbRu z@%B^}Qj%I7YS1V5lFw!C@i8$1#UQxF!pk|{M?qug)vcyPV~{iYMWJ__i z7+~ZGi(2Wb#eMY6SUw&!xs1e`b2=$ZRTpI`xV+&3BhB+_7=R*mX7-Af(}iLawB69; z1PBKX6|TkH*-DO2ez<;Zc}0;umNp61_nnhB-EUL9bZcbB=974gYh){nwScqiXCnbjaJmd0&eUhX&; zTy&t{cOI6Y+AO&8w`e?N??KF&43>;49wDzKJtJE7Mq+qYCF1EUM}n%{v$E_nz zDnN0ob3Mn!sU*x5lD2+Nd)=pCmO)}t7$!vVMf5PrDy|i&+IcipwX^CFCqMO8T_4YyX^z zO=qUe(Dj(NWc$mJ<=pBxyG%70F%cKba0Z=P*b}G2t2Hd{M7o!>`+}|#65b&fK6}Y> z&stSW{v$Y@XFPK_v-;6jlwz}-E0(_)pm{F zc}?ikF)fA0$@s&9l|iERTOQ9>Q$2wT({tQL2u+#4V(B&}D<3={(gl?-8|k9M*Il=5 zdn|=5T2Y`ENv>aDgoYfuTFv!;O86M8J}-0L`~7h2xnw~q!2u8anNa@LU0%~SmP&J* z8+5eVR8WuOOLXaMHu}It99h)Ndy>>+`3!G6Gg`)7D9F@`P4Z>wxk;h~*rtL$Qqh_o z2CCTxNF-U1=_CEJWZ#6*hE?6F3ai@=`ow?mFS06Etk7-4CHn}+pkWi`LvOh0AWs<| zZl~E94NW;D87?Sf9UeUvO8#Y1@A@dQOP$=NGCpoXt(vgnX$sA2B$^|$AUc+a{JFcf0F3w7;muNY zdC!^Uv&nfBm7>Bh#W%5x>C5*{vyi>Cs$xmS(~vf_l)y#M zi?`!APbUcq18#t2@~N!Th}0O{E*UumL1kxSM5?ebeaj6P8cPA9sEzkbTD!ApI@ZUH z;jCOI%^@ahT*e79g(Vk1wC(Kf+y97FO#^92nI$!uhpKpZQn+^QpuEt9qyw^(Hwl*Z ztuCt6o>G?dS{7CaQp4wU<3bG<%Sq_ya3L-PIx=&^1+(c3lc#($%;^B>=^!vYn<@j4 zTRFCASo{JOj;G=z`c%Q$bJ!Fw&)!V2vR8R;@`J!Oj4-29v3)m<0n4ZB1s|ER<@=)R zb&fGsm9j6gn=&& ziF0P$rL!`&aKqZ=efL(f*rYq??Qp!)d9m5k%Y&JLKifZYO&;UIKPoH2c;j+j0vKKM zEn&3zgBw$2C=l{%ws&&1oGU9AUSV$*JG`@kM*oCD2&@fL;CxDU&A8xkyt5~{Wj<`n zqG0?+sT`i@x0$lE4aD8f_3#`=Ha6qE04Ct7%GxGJGimgbBKtq|RE7h|&0<{dP*iIb zJuy}Joj&@dQS5HyKTEs?mbe&)EB-c?`EhnhvRJW@loZVV^x@!U+n|UcT9bUcU6oiZ(SmbHpLs_o2CJjhT^3KZ<~3= z8`LVsnHvZTIF{Y6; zhuZAveD}Otorke4zO`M?7A_?l_Y4I*&VNSN*(Re_S5u=@p%|sy;Ye23&f|a|0%T=; zc%|1OjKDv&dcx1Q{^?!(ZHv#$vyr!L{CdsgQ%EQ@icFc;M=kkfTaMx47{-dB zk1w8d?-c7rhQ&3nwU1@TWrneT{^|G-47E@GJp9s6&#Xq_EKW9fLXe?YF$I7FjTu#; z=C)=~ip;cUR-f3}7t&>4vx-y{U{QL&AeLSMr4<$VmcH3;a*=tPo(;Fe5a)s{ys2e= zX}T05XmX{Eme3UVbbZ`Yb_ZRIY3 zWo0B@vzEa5d^-qN(ViWY=uCdc<1aWy@{-2;HRBWQB75vqceky*xBR_1^HMK6&!00< zfPLtGN8g1VUe&}@bQZV$qrhl}&IHD}br^Q_ChsIWK_v+NR*0D^S*!WcWC6%xAJ~=3 z!n*rW<&ogh1iO!F_Q@L}ux{cR^AZ`?*VK@yus^()FL;w3PET(=M!m@+73Em7Z@wQp zO+Jn_t$QLj9vG%EbOi_b&6LpK*aNko%}c;g_;h(QRu6zjYnFZlDk|mD+AjkCIjXH4 z2gQ9WDU(lY|E(TI%)*UlUDGRcqr@)Gv}=!EljZ3XjgzPkBNq~zB~1MTcVldz9uFP8 zO+==C)ZgjUI=jJAN-gzlS6jA+h`hb*z84h>H?_O8Ai4ncvqX`pT?+lWoScL%0b@szS*<+QiB^ch69}l!mPd`V5w&~L^psgr20$grDSgGcooYDY4f}CeZo|z|#F)&VA~INY#L#TaT5)X6 zJu8`nM@G6QntbGrP2o!Veea~~YBttCT$I?B5G)AU(pjaoiqZ2plfWFK)#*8eKzxQ6 zBx@s&K)N3XIyk_AgGzb+r^u|12;c@>lj(C6lwi(m;m4vX=Fpcre-d7#IUL(@Rxh47 z_dcT1(d|uj@OYYKB#36YeM!xi@cA0i7^j=3)5#_(r@u5nW2m#}8Z$r?D^Xx)zRC>H z{ox`x4`>WZ#O<=48(1lLv=;}u^G-zfkd>L7^oLr0D#rTy3&KQgKa%1QK0fN6WLt6Y zj)#PWliEsD5N!?+p;~Ed#`>4VLO%&rKgOwCx*gxMDQTujp=9(~3SQ$D z2_;aK3c7U7`E^@K^qVA(Dqdj9CMon-hi4XIUUNW1Ui>J<%w2n}do3ko97N(aCySHZ z4aJbP-@oELT+}krQW0w%=B-YOgO)Xmg|&tmYOPF=M97S7O&E^`giareFXg7H5}fl( z-a2ZkVGrjvi@Rd?m#_4LwEA4*?^bP1iWBLP={K@1Iov<-p?-@}u2z+65^pVmOFkspzh5dsv6r4+51OBE= zyZQk388d~gm?4brF{>nnB91R^fyb(~Y)|AgdTcN&xpzNwD`xZIq;x#P5k&VGrpf5M zol<&Eon}O>Mx^h3YwL6IRTi*cB3$d}htVvwV{a3?Ek7-B+Feba#-zyFV9`Q7o@hWQ z9Q3D_;U+0~p1w2ULI+{;v<6%ocS+SFHt)lpBs}2HiaM8L^~o#30BJ7^Cyw59;e-WS zTI|&PP0$&a7ekxpMHX2@k%KFlI=UyBAAO}a`^fs&F_=bDHs2S^WRPq<&Ug3nur)$s zhwH94UAjg02(E*eA*K4U=AR#{e=Ux@#N+3AnL^^Ag=kQiPc*sqD+r~F$2W= zJTasjUWBpYkDko?24!3Ys~AI59g+syXKQyt%m@5gznQHl=<^eM4Ont7es1So`P7lG zco+lBrN{dw&argq#Rz4MLq7AGVS0`xs~UF;0-4ZLIskg&Y^Ww&upuw|YzE2BhoAv| zbL~sFT~H+39H?{Fl6A69#^~mGf#mr9+u>5u!9G0!s%R1ZNDEjdf1Rr%jjZc<5XX_Xd_EtilF*a9r z>hWqSkZO|Q)cHRZnQ5w<-j*Z%gcb6E@_Ol zpsAZaE15X4t1O8cm(K-P79vO-J}g4DR~=*OHIToSo?S-XDmxSzT#Be%rDsn)(@`K* zE;0^DOR1)0_i?r3SvMa$eE&4sHwy$oK;*#UL! zq&e=a(y)1F18_%>w|LOI`k<*5QS>6XzyMpebSW*}M>y3%Gi9^nz4cGHN%5q+?}JbJ zk&z<~?$ZrAUZ2chmPc`T`UaRiTC$po0H^`pn_4C#uq^{V+0AAw5@Eu^-wjt5xON|- z%5~OIj}LpAl{Z-u#svf~P&s!zy3S@McRW;*z-v2|K^Is%)=M5b-rrmXhELhF-eZS3 zx(CvPqGa=SweLy-dmm|(Oj+@* z-KT@vTr_=!bNG%X#b#m@${zf;+bo_~6nm$Bjq~kg$aA*;|$m#Ior>_G(c2 zORWon%T~l?9vH&tz((s?EpN6tP++fJe62drj`aK9&geyX5XUZK03wS_*=H0p6Xzc9 z5(I}8*wSe2liE~^FzOtvhTIG25lFB8T@L0U%ZRwv2JuDpYJoW3lZV%N0@xU`whs76 zHPg4l*YFZ|ZD-|!?_qSmI6Uk$4!z73$u#C|KEs4*eoM_^f3nOXXY*d{nlLM^1p_0v z9%Rl6q6aFfN4oPTaZin&#oy&?4xHD;gu}KAUx-yG0!ZQ>&p1|^NIIrS1(apG%SkF= z^J&RtB7gUKNdT>V5MKHURBWazR2Sa*3JOuOrUqSv_Mj=`bGEs2M*YYX2dk~`3skU6 z3$ofPZH*J65B|!hkug+b^iL144dFGCEfzJy3rxf@r}M(KlC#0I_HO=gLq}S7$-iOK z*VLVS!#ZCS{!pk(H4(X~5IV5h`aTXusdSiAS!2;BX0BOF<+BlKlHbxt%{!7G!Xk&H zjq&0fLsPb|6vf3RPV{0>iK59mwJQ$;I(Dz2fT1+o53B?jy=V-$tbDKP0q8e!sdl1Q zq^gQmlX#~d0zlJc6Eih8@Jp%JDD<#TuKT^~ zltWE|=XUb`-onu>2d6B-2eiBe=h&ZC=y$y-_Jg>2VelSWHgBc8ZQj*w;-d5F->%6%=mSh&ZkB@5xnc2?t&1;IO7IVJ61+af`qG(_)?PS3^amA*Zibj~Z z`Yn}DM?N=;7Gstdaaq+oC=Ffn(yK&;sM|fXMy7+1*PFy+g;T#we20r2cq<1d28fI> z%ywyAGzbcM2em3~zF84QOn`%a9)GLEkRsVZkUywD=*Q7>gyXx$7CFdxK#l9p z{(4A&fAyqw=q!9XTFynh;=BF{n4T0y0lRFKs*a<0-AFo+MDyS`Zk#EV9ySf=d@k(41LYhsceI!y`_MwO)mRE|{!M+|)lg7x{FU19vJp>6s6Gb_K1s`FY&u6Z*i;Wn#wA)vLjNS+Jll0m0)Vgn z{TLEK)+(^I`wk`ZPy;EjhrQ1MJ_T%J>M0{Jz?cush2{7~^=F{&8-Bfc=9*9t)A-ov zxmTy98#2nD4hjKScFsx9ZP^G47f@0q-aezRO1U}S;kTfDn_Hwps=W&=oyPXWuFs@? zBXCMDnDm#AoXCs@L2zUOcdGs6^Ms#JBqzUHCwz{B7CQ{ZX59$t0jg2o8*OUBZk{R6 zt@v+!&+N9wqKOp_4Hx|Kl=sRbI)PJkc8egcwP5>q*_j#!K#V)i^-G^KD^>q{NT+Z4 zb$|bjW&?`xzZwd6Dqq|CmlhwLDV2ywURyo~3ch;u&H{?l#SFUKM*m-b$`BLuXK9$mNueVJ zK(Y(Ov#-hILtb}VVgt;r&AcYaLiFA`-EEaDU&AF3pxuagtuyHWN64%e35dit z3XyT~Rwg@q{(e#@^WGnBp?jx7B`q&Fwvi3<@M6^FR> zK3+<-GYs~@3pDk*B|3Tvdrm3l+l32Wlw+)-4n=vU0|1iB$)UG%_gYYt`&H3NKuZC= ztTr2h!{l|XmUZXGru7A5=)%o-e+#vh{o_WgFv zmqtp8W)*C8}l)N=;hw+r@m#lg)?sw(H+6;G*+MDcl1g_25iyy`aoy)C`K@zeSw04>lDaz^h z6V>hP6B)q&0I^oB8NyNiEN=K(kQ*kii)pW*&%XDio=^~jnuAlxFbH83#il2Za0i6Y z(cfaHU~wa#3JZ1AQI;^j^L?t)ZC^S7qus4p2T?>@`;;muH6Y-G;>7sdoeLl zOfI%0AO%i!sv{i7`}j~^Y1R)E!|R&Et_w@ADX-TvZwT}6ImoIXOmQkJJ|eReKu7DV zP5kLmgI6>rrlM9I)cq!4Y{uxMuea;_1>LzNFCSW0G%`HVd-(p4MxmESq~hGY5t)5; z1n551)oAr#aE`orG>=v@gG}|_n^j%3r&L?lHffKAvEgNYXo+=!IZ}ckMr^uiS|4ch zKL7G__lXXLe@?K;e{$SXgxp=>>L(zXYPtQ00#QwM4En?&2s(f)-_t~BQLJeAmom4Y zcf(NyrZ=sQ9?yv!M**Mlyp`+AqH(y-3kns04&cI7%%fQ;ne z{Pp+6R}=1R7B$z?0~j4CcT-ThK5Q0MNj0bfleQOA!fa`+^0Q)}@xV<l`G58qrK6$Rv)xrq z@X<&Fu`3L0G~fpOdESZPg|;l6bfDgIG8$Oz`2^S&ASW7fFHdy{&u_G*F`u_&C??lA zv`MGk1oj7LGvzPikD|UA0%-CjY4ruMmDRUPV&VxQ{#mxaue}M`tQg7jEomypt1wU% zdd_Bi^)TjjQXMEHfK4Xe)d1GV1vV^|m1Q-SEj-8^hB-JO=~y*pIcO{E-3bHBOw6e) zUJIrCW4}tr%(<2L+?c|4bfKw!9g3_AfQnU^L{E|`bi@0jtmQ7rmG*4AcjT35F~&^x z?cx%&e(qN_apCm54h(rm%Q5=$92VU}f)zxd@V0oP#l8jsy{)<7WzgRa7;sG}h;NZ$ z9NS#*-hzOTr0G9vBi(f*Olq1|XPfhEPexKE9&z`E5BoZk$m%TPZPC+(upqUGG|suj zrZpT);8Dq&XR8?#!-$>haxc(90;V=#XFgQEOh3h3zsND^!Pg0%9f2s2KDY}~R!OR- z5cDR#|7=xk$aH(-cGBXsT5vzD0Tcz)4?}(q%x-mrSEp_wg}W>u~3p<+LZw zBTBwEVqVznEk);&xU=7Dkl!l=x3$C?I#K)(Fx# zh@elz{dXUL!m*KSu`#K^cS`lK_3?|k1U*M8GwrG9Qr8s<2+MFpwYKPrs_Hk9b;}Yz z%SE2ek}{0R&)YDVV}{HV?b&ZPRi&ajP4@d~NyuN_K)NlfsE(cMtp*O3*vDmVYTP}n=7)YngTqEY$~q6=Q2%PMF24(f`GVLulO zQW0Z;Al+}MUX5$jva8n={}A3BXO#fZ1y|3e5I-)h_t(NCJ@i(5nKs4%ihR94>XrB`SV~<< zrs^~vkU1P{Ni0Nqy1mMrwcE9J%lqPpX1ejL#F=|2tBs+xrrNz3}& z7Ms$j!xzMfrG6qDcg~l(`NMNDe=tJ~{b#BKS$$>Kuq7%701wfR63uN5p(kS;{b@NW z_Z_KCl0!@r2%O4N-g3r+wV{&Xxn}Ni??M9Yf`C9iXnz5+V2-(vFcg*>bOYnM=0F;M z)faP8xS4oWCh;cz>NGo!LQH|l{O)%hG0!1O{JzqLE%s}ba6AmZub0>K0t8|*yU)x2|QrdU$am%ElbF$ov zmX=MJ>VRy5;brJ5e^&+9ho@M_4L=l9KWQLq?AC}5uoWh{8CiCDKn+?(N27kOs)?bY z*gE4O7&U+sgRSX6GAz0;3<7Q2hT_j0bX9MszA@f!PfUYDX7ACt69T}T)^(-JSIV)* zj&;uDBWxzM+R0>5f>=)HlL%pE1J|mO%P=!d@WhxsR9(`Kx_6njN%n9ZHT4` z%J{OFXTZOEw5$HP0Y&hNzps=l*Xbj-4q%#@WQf;Kl9r9#H`dsJR(%gi4MWZ_Y<&)M zQqduvm7X9QBGP)spwjHWI>M-m21*xpdKY+e8p?EXC2ve(U_TgA;RR1iKEYx#J|V%e z^%yP$vNgZ-oVP69IQy)iUu2XQS!$-gcJL+-b4s>8mpCsUhKra zm|&Z5&Z~oNb^xX=p?+c!MrLQ+Vp9_|7b?p=SYHiZ+hsVo@Oy%|)s1vD8n zj^%v=UvE3~TGLENiXI4O?R4)OJa-=h?n|-x8!#vA@9xRYj6e}!YRtV@>c#8Qu-#4* zsz3+AB7=j@<^omk8vE+pJ~SyEQqiPxznoqs!TYNQ)ndV{l(bh>+aQeIl5^wC zNr2kEKT3Dd;JzO-xIyN9<7aAocUYG&KP>OL z6P%UhC^#3p^Es-cg6r1cRox|3p5xuUbX38+lPRenCYD`{HdD=(MTCXIV6e1-)EfO0!);m$WK>EP8Gq$ zsN%rt->uPQIf`PDmw~n*M731vj6`sNRAMV}kxkHlooU6O)oKlNqNuIJ1kqpfa31Be zK|N9i{9i6Fi$#F*QeY^DmA+9gwK8x9C@F}k_u-# zbY)8Lz9>MPS&u}JwXJ0=UZR}=ud4Gp9S7G;Y~g*?O|#Jg98hp`#U!`oYAV-P@5eHV zd#R1C^JcjyK7uK8Q0vgt8z$t4Ep@e;3Brk`gm(9z=gZR=N=JQ2_gLZH^r0R?2q-;B zAl5N^1NuvoHi5#w<>#xR0wXF^+_MiyE%;zJW(^g-g|2;U%CBKFo_}zj%;+qC zxeQLUTLYqa!;3t+1e7=L4*Fm0pp@*;g*Dojv>}hBahkbk%jg7D=hjW*pp1@lR@0wV zt+nrLY3f_{6Y!ikM1zf!<&?}oY?6;5z<7SVsz zt-VVg`~-BEm2i&IPx8>Z5qNa6XUfr&{j-f@{tx3!X-K1FQ!a&&V9!any|HSP^o&Y5djQ-YrsC!9UISNA0DRf7>Y~9!9s0skjAs0!@Bn#aAT^|O{@vF0E zgARiiDmn$u7E4t;d2n0lNC6V($IAzAU}8&K9uW?a;#^j*pxySEIS)A`iQ`SSzmNO! z>{ZLd`~m+9V#PXqo~yC!-U}cpaZ@%QRpu6bLAMF$mm@x=9d;jmKpv|?v-hf1Z84?t z#pv%eKf>6=w>v@j%I9-s|xEWGPibs-q98d}_imgN-%`WUq$f?oeHwr!LGH_hARi=y{vbq0XF z*qKe>7`P2DH$opvueO}Sm!OZ(YPJn5G|{1wJ?aOouvc*nHT5I;(5x8LMdFr~@G z;OQr&t1O_;EJK>U<=KK;GTuVVY@)=Ds?Wl}LB z?ZML1{oJP)Jzl?)R#i$G+tlY!LXhKiBd_e2>Dx#=rnZ{oIx`2) z2rIVEnn<_Ls5iU%!RR7D)^a8iCA$3jp_o!hmMO3`9wYI}eQZx4RtK<)SsJ8W6)Q;6 zXnr$UZHBIYjt=4Mvn<)`~9DzUEg#&v&Uwel;%nEiv@8GDp1wpv*b={!`_4TEq@ z^hL_Xi-fC?Y}f*S$vOLHKL9Qu6(V9vY0{Y&+|vcOf|C?TALgx$`&C%phf=0vPu`BR zsnrk_o@VO=gZP^ZD&R*$Am2)@_DP=k{n2jx_ebBp55?1=3F7)mGdwwq9Zrb{{wV4{k895Em?sryK{JYrRr$$hZniFkZ0(?;k(UOS{P zXGJNR_}7FLgab1fuI=K<8l2)#P0vl?KgAb!eEL!SJ>?739m1r^H7&W1Sb+*J2~H09 zuSD4&ouz;duZU}t<)b;5$eId@gx%MIDUS-C=KwL!lZ;*LeC*%A>@^sVy;z0ECYg!r z^&XjRy~{^$l9Qd70>2iv5M(MoVXnDh%KANe&H^jQglhHq zl0se^GE^HoCNLLc3L8cMZ2rcC^4bj%^k>lNfuH^ge*|(hZ!C)-MiJ6cts?K(D7o=i zn5^e1Yhk3l!jJbAofW!7NBspA%VIPcAv>hfM0$ z`MepjP8|r#E*RgZqu`AIEsycT_iY%VdX)0@(63pvwzc=}!nukf6vNm;)y<1)hX_gT z<=9hi2mP82(texA$}aKp^cUC?%kO`-yDLmsZSDu#E9&7X@D6&r7%FAcrJu4txg2mV zDDKdh6PVPfb-ja+kzFkg12tUeyKR} zOb13_J)2!TeQ-S6&0&Flpy9U7RC-AUozj5@5Pyy(}0MHu?6LpY5*@t zO)suE6FncQmUMO6^NSv|d=x&-`-(a@uywhQC5-3_D?l-~qS0Eg74K-WJ(_!o8*d4R zrQlX2UeDk`DXXN=gP{H59Rp31X~N-ix=kb(PJQ~RZqdOc1-mx9wzxoHO-bT&`diaP zIs+)8=iwmvFUhkPc~@U$#4(N@#(m60gt3o{kwKA#B(#Qh%<{BR^WFYQDLCw%NCyZ_{6Ju<+9Y2fhs!O?&!t z0l%4x#*qkBYjS2fev>O!*)n!D|NZwWwa3eCDTZsM?2n(&z^4gEWa(e;^gKKcIMM91 z7L{x8t>*mddis(NM)zBMA7)}>KBL#{=^hp!O}>Jh?h;~)JyH;AoyUE^bu^JXys z?-WR?&GqZ#+>YQ+qctd9(@Vq}wPk)s@ft0bf`Yc8q9iC#V znJm=f{HJX`O4~Q0*qSAv9xmI*l|Mm#KC231F~=}71J+*GB>=BC%n-XK_~2aA_-m{x zhTR{g4El@QBys$-lDTdIzeXL7djo#YgIB=m6oTc*Nc5f>;2q7PUD z=i}3_%NN&d7>ttqb7id0KA)Wa80lXo(aV^`XonJGaJ~^0UcyeyLHVsWsuv7s6!j+p zIt-G>oxn1xgxPrsKGrdwoo_~E)j67+YBkmn9thYlOy7&n_iLU7?9l_<>1`0VckM+n zAe72eHhbx>$jj=|%Q$YOI>ezWobILA+nW7y4;dZ|VI*2ViB{{6&}Z@@_XuKm_YeWh zLq`hx%1Wl1&MNf!xj)=f3)ua1)!EX*ANxD8xn8OscH*Ww*vFNZZTXVaDCy13&%Z{+FIk=1b6L#bCntYt2V-2I^VGVgCjf`C?mR|F;m)hE-4h57Uv8VmD=1Rz8lGdXq*B?K1Zd z3o}}00?Yt*5_4<~qhWvl2nFh8RZ2p)~$Vqd!2GYar$2z#zRIH2lKT@rR zgZU3y+nQET%69Cg`mX=)6zVB8aD7rn!EVZSPoIr{I9qcIC>x0GF`L)0Z+N_4%oFfd?wQP88Ngd!RU!+vl@&P)Je`e7<)G4by$ww;Bj%z2z_5L!T~ZNG`a9jA z%QP}T>nHs)dd(J6Khpo`pZ^j%<(7+fGZwT{v43aBX$X~XYueMUE77{RH@ z*EQ60*Hwz)#yr%UezfMQ)h5C8KwJnvc!j@s0v zh4P0Y3G)pZyipjn!aC=?vZjqSO9tO#|L5ZjPvy{w;&*2u>EnpEL1>fk_7!-?!t9+S zod5Fn|vZTv__gL(*A zp4E=H&ByrP4*YwbI$U7nLa2h|BUm;aaetqghg?bN#xahG&i`FHaSyML7*UICotsGS z+s@6LAhfQW|Da}nek+@A@c(X8&ZtLJWQd0x18oqx0<*R;@G{XqSUvK87EB(9bo*nI zJ#WEz$2y5G8Jd4=w7MAkFTwcVw+m$O*xjP>Dnz<%3gKH?2sAHuIII(R(p4{0VlZ) zUH2PvUN~-gKC8K4LZV+Z0dFBif30I#=>WM)V&%U_w8-v|y+w0EiB;Q5GE|^*UJiA! z|KFoiUmHacy`@j~mhidSoa(>Lt`k!k_&ZZQxY(AVx!=s=m@sFKU0C9wXw3MbW()B* zv8P0#Ik{WV!;nK(7*BL$r^5(FZL!S7uiKTOb8r9etLsR})L$&lDBVxh{Pmhx@iy9u z&^pxl_Pm;C2HrOI7Oke2bTXK@U%_R6Rso2CmA0j4^c4~ASDE~!(%XT9=}G)P*(=aa zt(k+)(+cARml+B!(XXyk8=aeGrh{ZIcsM$E72vwPUh+Tg=M)sECHp*`VfcmU7wo^X z2U{cuU4H^o* zQ}r*+c_~%I;V4`FQXmaJRT3&_`;Hs~)xE8CzV%G~=MzSvG^Ks9!JmQ0gZJ<;Cl9TU z@BTelDU5>}xame&>tSYi-4;app}?1zH<|zHRmsQE+}`n-N0YDW6j-`xbK346B|dtP1wTq-QJORZBcKp15SKl z6u^0LApda7M5uFfZE|uht&jbwk+kSX@GovG&p1^SZVs6ekrA$a?c-sz^~>w_J*?|Z zQOVx&chQ@Z&c}HwjCJ?)BB4#|^ro$_%4>pTaA*T6l1_3cmj&Rt&ExargR+{UzuA)00t2 z2I>zsoEWvaOH1wd(^CDi?-5msycwPn5%g|!eL>pZf9>>M{MbjF>lFvhSQAx|2crKD zPjfI|4gFmY+DLPm^OuF@OA~3|1^yA*uk3%;P^K}=h1X_g`Zl_gS3&)7zZ*>5zoPtu zXyw3Hp~~$jvGBhs8^9nD@NkY^mHuh5iJzxvX<`ui7sKJupcSE69QGIVV0HB`qK?0# z5Z;kXV3>9+c=R@16f$jj;m%%}6?p`qXV^(A9a2*pwSFJUmZwnvvv~~f&feY!cWTGv z{(S@MP6zk19lr)C*3JbmT8)`5>cXOKe{(qILvOar*$=m|L*Zf^gE@1qajw6_?>jH! zxqREZLN)!keLNSF4|f7{WNLO|u9dq>v*E+Yt3MaO7OOsSnJp&2s*bEO#(0i#QSLo> zvNJ%wx~_&PkDwa*z*czm7PC5^C^uNe(**$rf-)SA9&dO3vliBXhu&`A4i}Kv4316R zhwYR>=581?Uk4$x?C^C0fkn%}}Nfdp~!^5@SI8tkQ_M?>v zPgY!v{`L2_>(*Ju#gd2qmU8fBopVQC5EnC^6z5lGh0ZVq&R9?B2sGQ7|6tw=)h;Bx zZv-W(tik>gviv8adiU-f^J|lg#5pyRH8R;r4X@ick$U*yustyly<1TsCI;0ojjjLn zn5FIvGV5Q`7gl@~()~~1#7Vc9%kIxX@PV(|4B6zk)9s>)XKiJ^8@c%H6Or=SeNDjw z9qGjI!#7+&guin8WfFe$WP53gyh+&3ajVUuwdRfc;}fIi=Wdp$xTZ(A9wvN8-P{S3 zsCRjlr)C~Y%bU*z>D4}7@At_KTJ^{6d4w$fn1p}FPB>_XeHTsmaycU}APFuQmhnpa zttj8@TzgR%9tpj`{#R~P>~QI&4`QucUg81`qGQ&in1H1`&LjOL{fcMy%22}7F>xjc zeJ(>Xc9ut%>MPgk+(%SsKn#X)Cglg%hXr0vE1L;hhAr(&pFjSkz?}prY$fSLRUb9E zV?M;`vTS9W9Ut?CPkY5tZk;v*z(}i$ik|Y)@(|SuQGo}mRKu)~Cm7{CV&Zf!6WAp9&wA9NND+OV{2KOK`nQxKpZw}k-99HT7`8rHvP^48ys&qoI01oeqAP@~@z#Q@>NcVkLEvz_W&H z3Xuy7hwRaJp8TjXL&n`e{#w){->g{;V=b)jr`K{*^>pF=b2E`+R_wszpB>=DtDn8n z^f8~YH%k(QTAKebNMp0PhgBWy(f;nRo$Fg2g^0YdvS3(mUOIrV2}efegh+SU_KVA^9tJ4&WyiB4xL3^t7P2Nh?0PX>AQ z&YpmIIPZ+V*k9Go`Eh-_43*#Vzu8>+#2f~rhtp&>aXD{T1$r!W-R__D;_k)jt7?@8 z=q)F>7t#K+OMSi7c5?rX1uT8K(vwqg9d+KS0LG)FhXTg)lCN~5Y zWrlRg{C=NAiRkeaQG+ECII$l4pi7IS@y<;PvMOph@P8Th%sEkI4!H6aR@I!E$N9jw z{`~nA&tf*>9kxM*;fvq-6ppo(q1}eDMW9r^?gT&47+tuGKgl;~1R>`ipI_=kSAV-3 z1fd8^ZJ%-~tC=GGyyH2ebMB}M=W8Gw>cS5*9U`w4kEFfhsHC4J$LcIL6pLWiQ5u%u zGw=<7uOSN`rG>i}P8uE^eUH_{-1Gjm+16PBk3C)vTS%-wvc`36$G@ND>T{^p{pAaN z$8%4balZ7VsY1#wn`o|p*Y~f&yW8*mL3pVD&h^IYpZrX|gE&__s6XdE2y`)2Cl!6s zf>t%gPUH2O^c=wiH`b~d&p4MK*nx(r3|5+6e8TRB4f!-I*j-jIR9wM$&yJ%!ZQr(3 zqub80ws=b@Qh;+V#83Y6TgAN8&LzbzfwaqJF6V@kDzcVe=RpHOdB6c|bidWD{6 zC#ZYcx-Tw@mN)A1JlJ;=f6Lkp$XyFX$Foi#G~`#M_mC>eYCo{?^G{K2V@KQK2nJzL=K#kOai^av`8j8>hsHY^?poVt6UqUYYZdGDsfuZtX^dHyeYP?EId z%l9qwRIGIudysb+g*>U3pC+${LuD9MFd4->1l6yHi|PBQQ^H%jGqq#N2%fpx2ZPg)C_ zfU7T@!d^7YsN{Hc_vEPCB~>)oXko&klsD)QA7Z=*ZjR)8chg?oaR+QHmmx2{R>S~B zSt4e>)c{4&XR0zJNs;wzigL3hjXI~Ka#FXI(T_Zx8Aa?7U-9vy<5ZW06!v{=r7%ye z$$QjOLAk`#R-I$Q8Yvw`oZ?2goeqxMUmi7dd4(0~%m8Zu&9}lci|8`*xHN-&Wd_69 zKDv03^gu+w7J25!N_T_@V8|hM$xtG zGQYaD2)G+chKZ80*osokJf?3WIrchu;x-wL*}8+oD7>N};HFV)@|7?AomQo|@mg~P z(~cNac0`u3b$5}LglfjBhg$qF#!fgFtiz~e%C5MylsoyOyJn;1k*-J7J2L}4=+g2Z ziNdXR+WQQN>5a3=>F4(1?@KU((BIg=26d!#I`WkdODX@RHrHSl2gpW%PEYxwG&@;G)bqB# z+H7EZUFWt=n6=%n^0qbCK3AvOHpJ|i;aD4Evak?UHZdeunPbu(m2d%fH4?wSm{9uM z{E*4F8aq_mZ8W0d{5@gl+7PX zBv}U7rEJPvcmbbxJk_;3Dc>Pj)lg71N9DP5y4HfiUM8vP#_h>F2&%AHw{J=4B8{t&Tq6){!2oQZou~R{CZ5bo~Ld3hhau9Ks?Z2PtdEt_96+kFSkAuHk!e?sr^V z5`bA7Y=+oWD&e@c+m81d7_iEO)hsbAbiBEedGU2&s9RI@cdker*6r58?9PXCf~WtF zske@c!h52IRisn8JEVJQPys3F?p|u?5Tv95`T%0THA-CHJ{}fA9Nw zp1(zQnLGE)nKN@|5MdY5)EN8ZceU0v2KXfqThqoZKmUCBX6NO4o3eK%CSf#xv zCHCgmCUrpej)U*Q*-wL-A4vMTOM{kyk6JFV1kk9C8W4J3!(q?2q#%!4sxa(%K~p(6 zgIVM!jtJSECXcu}%1-+bD~TUZ<5ADcGK6)>f$1@6v7oxB`j=B21FhEhi-_xo34h|M zlk3AFh3ICP3;ycAA6pQ(wrnbyZ17^Gw{| z*cW_R5e4^hhXZbPP99Ib|NWoHL|gZPM9jj}WCd#ZnooTZZpi%mM!Tb6$)NlKoiyYm{80AjR7kI1_W{rED$%@|Ig3o8N zPr_Qn@9c1~Ere9wNbMhh{AoKc8I#&XAJ5nCLawcfW$?bMmh!pj_B~VYikJRL$Bz7C zQwN8onEqvqmP&FzQ;`cPA~4BkUPMG4C}ovkd0GyQTb~#B#3$wPW{p@2{G26TJytJw zIJPB*O6q)*kf&l(?+j)SJF6t3@b|yJT;NhuSU`R-wo^S~8gJO?&FF;=AWPI{u#G!# z$7I&|psV<*Rzt=Wnv(`1Da z5|9tL5yNr`O`dyN@-RDqN<(_96BgNNSqBUs zr?3-u<}-m7-q*K0CBS?7-50m!sD>?Z`*EW=?4r1>>LgH56USC{&mv^*A)74!=Fbmz z`@1T{R&GF(m|bp+ylbG+eIOo5Jv@5tmmVc9>^|Kv1LIl5y5nOi@$^?Bu1H}mw;_{P zkG*H!n{a;~lPx5_h@}2*@qOo>eP`WW>XIp&!VL{<>xyMAd(-xfifZ%hz2-|_=akY1 z%lqB80?T8gz=z`SVS&RcpBEHAPDqkq#p=pdTlp4Lp}%g{mh&V_{t2~CS2sQNlKY|nvxMAfj>gd*my`%-^GA!z(vo~bNUiFOEZOA>K3E0 z?UdJY$yz2l>t=1be zhArYPR^#q`6^f}Bf*zvUQXbcC-9HDEutSR9R=?qBd*!$Dc!#J^V?VJ!^_rfL+OHb6;64yJmr|Pu!QS6hOXa3gJIm>ls#`-wj_VT$Z*Bs0V zSkKh6&5Fu!Ksw zCX)%(?rYb^HJj3P!AGsu=Bc7l)h;Kt*k-TK`dB(j)8e21gAXBGV;_|rAbhj@rm z{&sU59~+8k1h(?s8}q7-$gEks5m#YG`(u;0$WjFY;GRScjqW$*1if36?%(Nz+Lb79 z>3$WHtJ}N*p>7cp8S$Lv#sHUtwR147-HB2n-GZDK^T`~rEg7exwp7zkGRm=gnbNl1 z9x)1h$N?2_8}i{ION>s=L3H0Q`(30pU@G2_##WI2KJdYAR9)lXtJ8jVisAdgtu1b? zKdZ@humd0A=nPq~-%eF$^pq7(`1);46qBmUbS;b3?DO0w_ZJlABt#L&aQB$*f#iVS zCMTV+SW`y?mEeMpHgSE5;uhy_vR4u^+1O12{ zYyEEFb)oI@TnQi4XNa};7c6kpl&mvy=}J7A%}A7}1!u}n8d;TG9gx=~Oe2i72tDs! zz)34o?4@5nFu+Ao4?6yI`e}KCKWS66){7-?gXb-3-o?EcsK1y9>`#5iV<^|+?)M@t zX29c<(ucxlVNSVj)u-}zzyGA_(Gmvd36c*7*!9B7)YjaUyN|k7`oS0!vg|jgwL_G{ zPVz3DcYK&3^EsGMupx&k!Y?WD#Zs*VK9WJr6G<#vpJd=X;-5tQfXJ-Tx!1S7ZCWP( zDDyc4a!E+}dZg}Qjij};XfEN3I%V*W;Lq)Uk>>@6n0jYLaWi!Z3#<0?@hV1Hu%MZ0 z`Np|IsO9b-FOy=tw7+9(>%3hy(?$$|8rXkE1HYVtAaYix?9Q1o*Y~Bd9*}(o6Hr3t z3#G?J+ft}1QpS2a3PTriLr0zw*lS)!)0uH*%ET*?Ml?_ClVL(JJ9ju7DXlPq%-~FM zjgJ3b>HJ=>;FGm3j(D)vg5u2!(&15hkN&gE9)PLhDa`8Q*>XFmB!Nyi;WGw2V&3cP za;qLx<2-yTq!a{5bNMP3JcjR9eu!d0DT3!ci06I;&3}E-I2hUUo|vZ14blcAzSkEnAD16PSsq&Q8{Mn@w?1R^g{8=c&yYs58nqZZ(^s>1=9Nh!xJz zIERn0zYMjNgzCWE)dvan*qr1K3la5QgG79S zosVEtsMxB_Ck&8WdeNALMd*gioF#LnEeVTXy*)wIW{*czOJ~F_y&_Z^9qurn5)aa@ z4CG{Q`9^5uxko)mS=-r;@ExP@{w&HVI$9qV%3ErF`tfs#BZ+(Lq(ZN6yg82;3n;Dy z5`|2^ju+LVZ^-jSf|+>f@rZH#|CVgIE3Ruo{KbII#$|ciaERO`e6LK6tY6|&Sh)1F ze>2+lnGw43I3gGgq!0d9K|4n7+$G~G*L4)GFL;*uD^;^>nI@a2?i>6ApJb*Ic}~87 zbJ$WXB*{C#)gSI}i}iXihfB6ZdOoJlBqS3QvaEY_Mdc-N?XTlF2hqP~Zctoo0|^u}&D<4|@^tUTqGM zkfxS8eUf_QE+3}0CUMBNzB*l@feIh!UYGhoqccK}o1>E;{&_*;q$lCsKa7Cd8^@Cq zdrrjQmmHp;X?dQX_x`+kj;y5RqH44E954ef!iKwi>WWczEa>K1k?qQ2a`*vzT}K1m zkLS-x#oCA<-0Xup2NYJG?OdA9kpCM`xIK9?QEDlep(dZcUP0p_hRphlPSUmD?dteS zg!D^BU^?YLvt_HJxz@-PBd2U=7_VEx%`JQAg3kR%Hr_XI%{NWSu&+f5b!}KnFD2PR zP%Atg2Z&*f>*HQAM)IiT{e1ZSUx?S!%`TREJjK~#t(Ale;`eZ$XdG4 z&It&$4X`X{ag!R1bndC$q+`02HQJJ9-mJaB11bY3s&Ogs`1WqJeV2{_nWu9~n%XSU z(bwBgDx&C8QAz0!P?rUu&Kmy-iK4iA0<}`i8cW;rKrW35n<8O64MBJaYHs&U-3KxZy2HsNiI}lL4iBc zV;WEtT&5N7D6`hKNrfs8p#a$O43Kii3SCds?K>THKTSRtHQSD02hUmk-?I zFBTLh8kb^KcuEJ>TYjs3q6AaR!mDGOP7nIgay) zURrS2;eeI`VBtb^XrkiH(5G`Z{Idp$OlvhI#@xgBI;kuMu;cvq>NLmKkonr$^v}1Q z$x-4igN*(>4PVZ>*)^M4ykz^Cs|d@g_wDqr>J#e9Dj8o!7s}KAyx`mM`FfjV~41XV&Pi1-7?#_T{jP_zq+|%>)Z202u2-fKN;ZQS7&KFP}@!WwZAX zu&m6c4HNY+J2oa4?6*)AE+Xc(A~(0wez`pVfUU=qiCR9w7ib>Z2~$e?aqRzKNa2Vl z@^)L4LCW#;>NA%sNkmP{X*pWz5S@mJUkKy5dX9%FJiTU~DUIa+f#ebc3E$&gD}#+l z!j}LiK_sg8hRNae`0=DU(wygP6Q!qR$_OyC>@24T%n4*}{rofJ6`VH>O1uliaUFIb zy%)XVCGOb(z^V>hRGa6<F3Y_jfi#dga} zEI{bbB7y2tjwGQ63V`WUXaJcB(BPW5pSwpMIWM`hGe&Ay1U7;nH%kVo^Zv7 zaAJm=HA<2ZO&@cV=5b*`#bhGSD~OP0QeM7Rd%k=_Jy*XDt`(~pCy`$cXdO8uu-&IXg z4?c4q!`EQR^vySBgf)J64n~;4^3zOut}di$9Rl``8eg$Yf<_c^FriApGtG?@|G8qT zCCS+Uq3la>nIw?=i04RKiZy$Gm;0Hm2^{MYFHR~GbvaTPjqtJN9EWn#<(abxdbo}z zkJ!XFZ!#5r?(;8j5=#Ygne^%mvx}fB=c0h4z0=ZMlXnB3Y3^<{c8=x`6%T1p;Jj(Z z9|!{-NO2ys@`g!*N(`o_aqhW|u#at8T5I7i+-jrR(@_wBr@e3 zAl*hQecKR=3|x+tw3-~kj%iehBs<&NsW)g|w=<7c_Ve@o zO;A-Hn3VyHkD2r^Ad|EtMKO*4rQ_Dp6JS3A6QMK1cO3?zl7h2%iOsCfLX?#-Frk@G zX7ctK?3NP#OC$FwT0k0^ZY$2HM6iqjmHsSRj8jC^4E#!E{2={Cg4e7vs&9vJf;tNf z3HO+<3(w;>EuS`nWLcP44162+pluNip4Y85Q5IR<-ZY(hFj_0wFwP-aWyD@uBB(-< z>C=`|VpP~)5mKUP&?gB>NY&qgEL^-}$DaDLXYSf@p`|5%Kl`(eBKtR7t&voxbnGEI zpo}G~Vj1}?WIBa_BRDv(s?J~k^J_8g!6&o&_MZtfK_tNoKF&#=csKv5Mt{J(69$R{ zsXi6z^gxu({JoP?Y;~ouaG|MRj|kdWI}A5oC^GlEreT}D?|;3KW16DKIUvHT7?$6d zI~y`>w2@kEM2-ReGn*6k+6X42^>R04D(c;PM_qEDDrZwg-{b|hq00jGa zSKN`09VDDsCRf8e(m&$lE*pU~!sGXFA?O`W1RXJO)I%=*@$qd$UM8FI>1&_oX-fj% z(dg_h=lIXDC;j1VZ~w=pDC(?KcEHLOT1=~CO;6AM(au#`i27P<$ONj6x-2Nt)=6z! z?qtmUJDX)cel)bRs7|TENaA_l_)`B0jt>h@`t*6`O5f*qhCH9n`Cu~DY-bTuFCa~- z8rJwIa7?+#%h>hG%$HzIFWFp00T`9yga@2I7`+ZuTLY4ca@Hmwrb%-LQ3>mu%nFOu zRl6+)U!8s<9l?Dfm4^i%vPs2Je<~a#)@L7Q0!*;-R#GZG@p=yGcH-D^&7K6f)OZMc z^F~bBv03Afkf@c(!|Xzyv~1$?4%$z~Ry<<$HfM65nA`z#f<3r$C3nE_>eo&>Iv=yO zgY;vFpU!p07M_&Hi=Y-;at*|{+Z_Dctdd2$K0vAr}d_&a2bXK7qD zgu0E?E^q9VsDKRhM@nfp!f&>ymtelYud3qWu} zyT`c6zY(NHBq6Z#en0%8{W++Ld9V*GAl83bx{%68s!Q*0p1*I{mMzz}KNCiQBL^S1 zAyf^VWRLk;iVzQ;K+3C^JuYuhlqWg0&!E}?WeP!t)2WTri+z1a>Ae=$LEIRzV0t6& zm7u=VI2-?FQ5!7fZC*TC=tfZrFihL_GFl z;XaT<8_3NEH%=~=m(|^>e+ykLE@l)P5P&wbv@VpE>ZnU+Z|c_=OhD4ZI$;bu3vI0v zCxc8$+SZOM{55167D7}tas`R zC*dXI#)2B2_Gn5e^`h{mjjX!?-*vt<{KV;AXFpxr{s|?8ol%&B5qGC~Ik1th69o(^ zlO12y4Nlq!+T5AB2*eLy=FY4AcKL%wW&gueybk`3S~}nPPNbIfNzYJTUgXMq=~r$* z_{by@V8h$`M=^)R%Bxs#8dhQUUYM(aR`8vl6ii3s%*;zO00cajB=41eE6>_w+iIh^ zdMhxq%=r^aiL3(BBp4~-0(H47#2(X=IxQ+xRVO`E$n^m*hC zw0u@)){(n0*4=9a?rk)u#lXCe&rObM0p}Q#?JlTkfo{BYbZi_{R$lx1Q@=LIMOiOYSc8VXLDICMglsELQe z%{ud;!vhC0O zyl*{^TB=sT1kBT&fo%jyX4<>Yc5YyfZz6vwY^11gtl5#6*Ywq4NMG%@P4dLa5G`;C znb-+Zc#Te9gJiBFE--+#!RKrjXhG#R7gYn7FE7T1l!d7LeSfZ8==ZKPD;+m*4h9eZ z#iztiKo!jKOXZY?rGQ4U*}lDF_2i9C8=aoT<;PO#i9hGkVm>#j$qh12WkMryt6s-9 z6HI-|3QTWP3zdGw_;lC66arM>f&$R+eUc~BV)6+YDXk|@^21a(A2OW6my0}jrd;-% zyr2qn$mczbzJhAg4E0rj(wiZ9T8iCs27NUHX1h-r4s*}-c|>yyUfOe^X@Qi=?*VU; z`VLGJ8WCD`Ub#bAV@>jHe4B!f-MR(JKXo(qE632T^jF5Sg z^}p=88m1EG5+H>`gWfn(v0Z(_lr){qBm!H4^j|cSb{;&-d`@u_plK{sqiJ_=WBwAi zCLvks3~Yd>yJJ6$i^ z&q|?5X1hXsojboYk}l`~l+m^IRb8IGXvn60$uo1)Qe&q8XgW}N6Uh&I&Aft2C{P(r zMD+-#`ekbL71SHCmT9pyqVS(gfo+SjK0XCJ@{0)e&W5|);9cMLO!!?Y=pdc={@NOb zD9x%z{I9_rb`dQGl1;nGN=CbzQgXSCsu|poTOvyQKlt_x*idO-#(-~@Gxk80rwh27 z^ctd5xZ!&U!1_N8Qth(rJuhtsSl)xV5DR_js@NR?RBOI}B4;adazvFt1H3s;CdQLF zLD0d%e>74Ih)=c6MO$s1Dy4?*+r7${rn?0kFZN|>#Cl|RGJNl8b6r)~ZyxKAoK1un zFE9g*0a7a|F!Zm3?c-FW&S06?sjUY!%fw^C!u?MiE|p6B7$E$9Am6>pBCQxrV3q$} z?R+OYS6@(~{EEj{*;J+USP}%`56yJ7C9|zM=hao6c7RWU7=Tv+v7ak(>;@So&%O89 z;kq+IVRmvreO52u^pxHk<9OWVvzKp z=?sNu;Xg!UAYkrhCAD`nuh9f6$KzYz=xvf08!Sn@Lxt(^>G2q%>F^)h_(lF_%ddFD z8?{8~2bt$O5C32j*_ZeX|A>8!zYsCn`m)Owu-8cvi}fEqd%OoW&G1HhV5<+0m?7 zrDpKaZ7z6>;_awKG_n2qz=QG&9_;`YqYO9+Sp2j1$we_xQKys1u z``(T2KHl|qDs{L9y4kBm;iH88lg84OX*z~@*pxBDGyR_n_7yuss8Cbn%oHr*VdCKF zJu*|0z=N>|G1C@2`Zse;Hp;Ihp;vtX3I}8HBE|>*d}c2(&4E%LlVAISj!XV&Ca0l} zlnY;H$b9GVq452b@A=vK#lK-IHU=NOOpxDe;dPkMcfv-e%XKxSuIHmbOFc3?U4Ctd z++z8~G;W4Nt{eN zruX6>>{Vz?Ml1`r4y)5>OEY z3PW67fST*_y(XE&qrEDgEt&W)EIFkQhW7iT*nLdqOJGQ^4^9&B$7_W1;c&=$$)WU^ zH9+;#iRh+5kICU}(RutC0d*sax+y4KI`9KTVA}LCFG368#7E)1o@~ z2|8P^o}e4cgALCwXn)#oE~L+A>yMZ$+~A>9JDPU{3(6Be$v(ZFJ-s`>ZN8b6=pU6> zQJpSk)0wKAnK%`b%-H6=mo8T4AZG0Eh z6y-4qT=JeYWVxZ;Ro|fIW@nhx2-_Lcu5rpk9|p4Om=gvFktO8W6R((F7z2%IbHb+q zu|{5Kd7^7`TBX0k>1zw!9i{jwZuO6hJ?E>sC&z`FQM|81(GpWqLHL|j)MFf8>=QDZ;Ljlc53qZeCGq<#^# zBI8urP4!v)92q=Ile_F6`lBgoKMb{KVBS|k;f317{giagB`;Gz@S{6^5_qNNXSeSB z`)9>BFFR-03!4Aes{Jqq3i@ix;T-AVndO*5uBt9{b7PxS4%}Z)tCuRC?U*)?sRyoO zP}GHmahrxBgfwWU(z3fZrkgqf{zd)_4ALA;k9d_QW&05)07i{lsnyr{W<567FOy!{ zW}yG`YJ&Zf2#+&9ZX+e9HW$(aIm(ze=i}f8g=-a|`M{?*oEU%H0@T;VP^XUW6&bkWV&yW^;t(@3C_owo@-rk<;%D z4Cv!g>SCHxY08_(?Azbp^JYd_Is)ab;eddfxS1Mr2|0q^Clq_yXuHi|{F{W%lmr_^ zIpVdc2<_BgfRf^`*MR~&mPdy-5a9=_aWaQIZJLWutSfR?M;?pnG7;&T4>!ItS~&-nYwVJu{#a>Ty4ghU z{^}ju1%Yu1MDcR=^N|(|+!yju<6}z!9YaNfAp5|Pu})aUhT=_h{_gL{N0cD^q>c30 zYfofyc(lFe71R7B$09^w*-%KOiT<{Kol97NKjX$?F}0Qs*wM{3#VZf0=WRYbO0njg ztsoHp*4}bhg)_e{dj8DtBuu-LJ<1wE(>+ARN>HDc{dYq<*{5Hg&JrSvhW%@ql8G*ef5QcpDDNG81O9mDIK5bk#i-0)7(Yzt{I$=QI|Ba4PY_9y6hKjKL8wk#k$ z=Mcm(S?2IOn!X4uwq4WYe#aew@UwD== zDCnhucQTB!_(I@$3mWHS)5oFia<_bx23kfp@7g=Tt*$3~f6(e5*O4a}vH5$;W?s*6 z*S#D4IBeC&#dbj55<*d7=l(}DoL5XbORjjPCU0TSL-Ej~%M*6O08E*J-J=r!DTa5k zr0$<$i>)THULz*Y0~l=fWFF?KR={$#P;ngbI@7Q-sjW{FnW19lbnF!;rUvz0m!96+ z3{0XWSQjpSY1d^+(HaU&J&uBaIe%ZNgp zvDz^3HzDJS)2`6|XoL6ZIaVJU3xD7Gz!{|9qV}@Sr)(~mSBxsIF}w{5mg#I~Wm4Ki z#$sn9&?88QIHA%N8%ncy>e2H=U0Iufy%xPNMa%UbfxxQG^wnF{_0h}M$yZW*Cr(ST zw|?86f}f+$`TLGd6AvE0uoLXt^Y{?=wzYV_)0@1{*v|6ph?EAsZkAZw&AeK6(m^@d zc7WkC98UC!ocqf;GslDrBs`pQ5u>r3w4%I)8ORCpM;5LQbL${-c)DJt;)>e9GfS^` zS^dl*u#!<3VF8I#0>|0O4>7!%C@>vsx^Ui>JzI)@f_<>&Zv%YL^5ZXI-yOJJpaD2> zG%ru0$l>!NW$IBQY=vZ3xQRq#2+c8CFqfkgQ%=%k!qs(2eYI2 z-{?~DUTkB;;|LO}Ji+GoG1Chfov)(jlOMlbE`|ytNW`F;|I}MPoCaF`+jLLCP+L&^L=9HiD&7BBA?kjS{U5GR|Mrbm>H0ByT`vb=(+MZ%C@p(+ zLz_SnMgL=(@-v3+w>IB>m@@k0+0DNXck~?{t+|M3OB*l6XL^qtxTBZrYTNELovanb za(A-gVg9gu9-aIuN~$I9JJBOMPZu2;cJBmNsU*DFP#&luZ9_P>TfZiKbm{9t z?A5~utIm-ccZ3sES#dtL0KwbiwA~K-^DkerVMO7_`Oqsz$5|l{>~@`rt9Azu6s}_C zXS&EX^@8o{%`A@!8%W{&vcIP8%$r?xoH^*6B1M0@^gQVw{r464o2g*9y`%Gp=DhEa zo1y;q$4c*@zmdqx1r?-zTD5eUy%H9_r4p{+xmvB-;sn0cvC@%e9YPMbtAMt*kAMU8 zGiu8X>}S*Qz4cpK-i}%qi~dcx9gq5jgcpjt-J52tZZ@owWjV}T``YLLK^l%+@S}uR zEMmlAa9u)UFiqJt?9bcnzE?xM5R5WTDJ%fd4CM8)7Gp~vMc#RoC3LlZD=o-uDSJM&Q+%ax~+!nih zOvvklX^NXOIiRcQ>ppOvGZ1eD-}m0JIc{<34;Ov1(f4hZ3s46knwO6cB~?@NLmaZr zoLP3l0j62p=jWA}mcye@?A&LEz8_C(SUa;gM*YbdeB!Em$ZA|rG;t@WYK`C=I`IUb zbh;MuCD+=rL1lsvtC@)E=9(t7yF4Z0BK*GN9KJea5Jxxhy8AS2yv`3RY6=n%!D>LW zDw4M&&KJp>8RVxA?-%pTAt~SYxG5g%WaX1SI237x)$|kA@j@x6W}SayV=5-n#k#($g9vM}F4_MeHc?0|aTkv>Gv zVdu$fjp%vS9_&@3U&o2bqu-+c^i|>hCS;PEdu0L9=jL%hrQn6?qFkjRhUlQ0QzcYn zK8aE*6xthmu=UZaiUEHuX>Th^;EQ;(;WoAv8)cHI60Cp#>NkD63Gg&xx`D)6soH4F z??x`>7yl*{jB8?{oZLNwX_*Pz3O`qYRqucj4y1N+IGt8`n?O=Lhx5v247Kp8Iv^0e?9mV#CTgNI7Jr#5XVEIc(#4Z;ektdB?kXwcR_<=W~K zrw`rnNSSO2LYv4K1*Xg_JbfWdSA{+6H%x5Mg1XywNNkSx)xkLpZsrxVsti$S=1OK2wC2n-g>Ve{`RnrWD)lW z5}Q4Ju4EHHQSnU0&!I@@nK3u0~$Q!6DW}D~+6; zoa%IiY-JjET%g7;g7%JZJEiS_O!bAu-4M-WiK@F0M3EQr1ZhP9Rj~T?z|Y)HRyK0W z0v+pi@%S$Q0BAZ^ts~EN{!!VNNM`h16f}^-joT8X)=+k^JZ_k)oBa|IXvKrE8$ok` zSOD%D#!qAXhC@O$-VaTR3XK=aLQ?3FXYf8vnJ|>$Yj;f$A)c#0%!Dgbm$R+IpP@dS z?N7U|rT1C>owsdaKvsQ%lgYNQeLbDPt#VV+M>*Sz09%Zip`=-7X0~cq^^2I<*{>^T z#pT{Re=k}pECjjr942@*)M4n<;giWs6P9`U#`QC;6spdgy)bk4_39BzM)qt&P0J#6 zSIzo$(<8eGw;0ShJ;(C8W!kaoQ0aKS*Fp%x%EuK4HcfBCIRD<^y#C0y5~%j)DiGC3 zQ5zfwr(U;Y&;c2iVjRF$FwgKn8djjgbR((UOk!2wDgRrQDNG^U>W zKA>5xGI8%KS>c^O(G`wY|2+XB8+$rsg6nZ}z`H+X#g1nI!pgmBEB6aARo#}G^DinD z+J(noojk`7R-VuAgE8wAXYu*M*jB}LD0pvz)V5Gko!<#@tJr)Q5;_*n;uG=!9^5Di zpn(fhr8Q9U%FO?w^TrCV014zIe|q)`{}q1feGxOiSCpIqJ+-gbuz&<{yrW>~rrGU( z`Q_SmeAI(tE@>@;%QSFa9Mz`^ZKMs?r&g3gcK+=$-P>FAtU7vHnj0b=uV$FEV0`4X zj$--kGhs)4hDz*_qF_NPggFzJZKGk#+AX^hI}aw_C=(Isg97rKX9UXTUP= z;DE!Nb#udRfuj0A3`j*q=}39*i0{2l?Gsa9B+voXw(L;jb1Icp_Q&=ER=Z^JRql`Mo6=jKTmw#Z!(VvmdB8-iUrBkP zBq*x`w&jvK#jhHem-r37WiF(;9PIcjimVvBTqkI@f4h5qxg3PZG_HVN&O&>U?h;+D z%U+5Ld$)6G5!mI*vz%dV=H*!GCL!42VOAYBSEMQ+=rzoG}Ls z@FFZWtm10nyTLY&@*Q9hy=$NDFqMNAp8GE?4#X0CwglTlx)cNN{t$IKe|l@*L6a`D zv*YFW%3vSCUdmLjU_>UI>0SX1ZWx&EeB1stZ&UL~PKWS8YOKhz(R~HuJWNww4y(7d zJSvaH9uLG5@~YO@8?n8GPY7^n3{YljEs*;Mj%TRJw#`gGB;$t3=cwR3%$!aGPujvY zwK=fk;}w>_t8$**9-_yNMktla_h1|I!)kP<57=jHUoDV=p!$N^r|1&0S+%ThT)=Ff zm+@ndA!fp#Scw}^mg&J?x*Ew8@ubN|d_6FO|6cLwwbItN5KBFYep1vgz zB7ZT1vh>+K(3I-dRXghRr~H>0rZlyYMZD^COezcg?vs@Yl>nHQSsGpy6j<76i% zfkh|(7`SVT`rp#U@A!!ndhZbOhRxhv+ic{;&O4)hM?d95iQ^4 z0w1`3l~^SrJRzt6u|MQsoH)mpgG|kpMhVM6v8`DMTwzQO{L0NHN*Gejb>Y74aD%18 zVF{e#GH-HeONPP>M54p{NHF)U^m&i6F~3MmZIN#j+9in%$F#x)56ZxDALG)cUTMHW zs5aT8_e5=+O~x@^z#CaPGM4t-=_V+DO6i1zo#-}oN-?hr#fUVxd27Fc4SPk8Ns zv$OjCWS%rzMRbEKiF(&h&S)Q@^lw)ed17r<-#80m|8Yu7G}Xl_q&~ao#YkDS=6pDz z&SYADS+sja7VjtR1^m{%xrK%&0an@}?u*CBeez$Tex{d2P0KWg^Zr1w6H_8B_pIYZ z4W%*GPrPsV{A!h=ukb%1&6%oj>nwFtIzKEz{BzMc%VKOnUM2gfA)i==(!TlwLBaJYRw zuL^vFL5m<=qCR^f=%pV&A?>@Bw)ykhpYkes8Me`r6)^7FNy5^|f^Y9(5xi*_(;o}w zNj<2^Xp$HEq|gJGJ_1eX*POU+apJ>?y*bUA7>bE$+DEjzgaO~c)H4y#99R@kbJf#hDY**(jvcznxBV3 zuqd$pUbZ0@m$Oj@<#7``APs5GPvyk-ms`3*d+yQ@lU*1H70u7kLQ51|V0q(Djfv56 z(XdaA36Ya_#*;qkMoU+Cw?yUmc9z~Vlx2|~RlgsMtQ?e)Jgh{UU0$ax)K^<(si(2* zZNn5D*hOG`DAMQ^ND?3eAgFW=bMA$u9W#J4@PFLVr)41Wiy{$v*((3WlLb?%QI{oD ztu_N>>vF*HP?eTc4$poY%)W^PaZ543aY*Qdvni?W^{)wu#PL>X!C%s6l6(W=6ho0*6&JrSdJVqW1)i8P_{j{6NnMV5%;^CYqy#6V<~Wt_dp@3L@T1u> za<{1YNd=^^M4Cb$mGr+oTd?z|%(?C;#cdc;MH95RucbO3pbsy))g3ZUYGyLEBgd0O zLesZbuoJAJzdkPexlUe-8(EKbPnG`$AoRwK$^;p9FGMVLd&;FQ2E)R)NSHD)tMhksTH^tWL*O zoG+oLni9xUFu<+J${XLWd{&+F0IM%{H!?M$pJ9=k@LhtiDdf26xax zFkXLcZU7t!Cb%nk5e&CmgXBvNj3Kj+o$sCJekEUSmZV_TWi_d!&#IUraf^V4wtd@ zsTIY?mz-Jz;9$@=!_lY3jpbM_L`}%9>5aUmyW;-8<0$&?I5v&W|FQH-v>gXlImfMF zNF|)Sq~0Ry2S*}i>hV3mz~?b5_lrqPlV_HV^c))>cJfvA(I#Z`>pp3bq zzsIX`x-)4eB;m6t>Ou(jnMZ@7e}r6`%VcrFoLt_Dc46$!=hDes`4_@I-5|Wiaz!n|N6I?1>_%(1DX#-G1J4#Gdhqrr;In& zva@iOWlw7HTKQiz?G#+7toZ9oi&fnWmx^+)FKf*gZ2R&=jVqXyQ9Rm3edatp)=fkN zG!sqfEBjy*Ur$OzSSy?NDe`Xr}hA#8}w0E6hO)PCY z^j@WdG^IwW2vU_Qh;$GOm~C@U@j+hr;`VKE4CXI{$F`Tr zMJoPP4AGFgyn)3+CuDyUzwu=)Qi38mgMFhG!`f)ZpN~}* zZ4QNCdk`trnJguLo5)JC5q1IETE$Vb*^32I$LfFZBw-%Q8@y1k zV!$fvp&G&mh6}Vahw8Q|A&7s*RBSH;m5p_K`5st|VCpX&xY<3`dj~HGXi@tsyURju zc)XU=4ALd}O(!7X9VC0vU9pV0{rYg@V_T*(a3le*4`Cd(Y0lW-&sIW1 zZ_+-5^w0Ex&}|qa2H?JtZ?gf`;M1a*=;uOwwEZ>D4h$Y8k~kh&3B=v5ZMC#Tqg0^-~AKV1>;I61~?{ai*=+pg~^+RVs zy)K@v91l+g54oo$R&Q75T1htaN-wMJY^M<;woD*XK5?!q6y*mgClyx|5$1CuVnD=w zvrStj^#)6VI&ybBrCxSg!OuEne6A^u_KSH{k}XO*scH=$>p&)!8%mpzB6ZZhF(kDe z1sFm3UW8m;JGcvqmq)t!8lkh^1jA;t%#ld0BwR$!%Xy!Bxq8X8Giuw%6<&XENHI6G z!uNFA`*@02yS6Eoba9*{;OQ1%HPo{7rm4`I94GD9f3hX%V|*(wRu%)_%3t(s5$a;M zZ*@z9^GUrZ%+il*gV>MBF1!i&H-LHhK(QoxTwq8GMH7Ug#}hjWg8Bm&?#G?T-;VxB z7dFyOxA?i03aw)H9@-G!PJvblMPE2w{H$-u+s<^2-7V)ZLH%JvQLeNodsYt*O!~Il z;++P>fo=|K(G&;v6~qA#%Pd}$T=OI~Q~a%S`VA(Cb_~%QzkFL(mK;A2P&8DvRSJ~; z^3&DC!>0ogf{207xIpllJuX!o5Xb-z1UdtJ;sz6Ob#%5z*g_ykgowE_1cnef*bx(U zgTsWe`>&&0wd+KwRX5dll_$N%vp55CvmiL?riH#MI0f<=`Sny`e6ROBvh>|w3;L;| z-Jz4S9tDlv+l}jJ*1w8sjMLAlapS%8e^r%JKf5AUO@EX7YuI=HpsO%0)b`wpm?d?vOHafMo{!PuZ>j{<6{()t$F--f^x-^`{(B3SF_voHB=j+a5b7j!P~gf2BinKD6uL| zgmAq0ttOhAih3q@;t-~9Z{oVkTd${aWt&LJXa=RZ6_n-(_Lf3=^Q)v% zi=K>qiLZ=wF&FrX_NmbMqt;$or=O(+GzP-`r8R433s*Y_n}0m_aQDb}^CPvi>n@WA zZmJJ)ttcd9k_G7U4bx=`4?J-Oou4?HVeKt3q2%FV!iE1>@Rfz#?fnstjeCeS&2{ZJ zCYE}ECp8{z6g(7PX_vhC=?MrdQp+FoNY z2BvLs?_%JbioBuR&9Bq<#kksDpGncQtZOejOau38L*RB(i?nHEcYD{TxAp$;Yioi6 z$_c|`ANp3mggJ9&>1V79m)9~&Pwmt#8)k<-;PDbd2#*fgJhgL^D}s$XcVr3g_xS({ z`?nJ^hx!Qx0O~BH0)hAdtpY=Vle3)z65?zCK_U;ddSYKp*wW5nE>29dPM5j~Kej1;VsH;IQKboJCVdl9m4S~>&yGGT%V|+`pf79S!X+Z0tT(vshnvH~Tr%al< zwYR>j^bx+~Q10Rsj3Boy>1tr_EA)d@3^I)qGhTc;%C*bDV>dyP0p0avy%M|>O9}mf zbW}}Ccq(hFI>7r_v*O0xdyU_ryM*4Fy=q#2S=l4_;FC740!!+*%`B74MhO@??(^I$ z=c@5H<&=J*Fk23O=#|ZOTEx4n`>uTV`Bj5S>P%jeHX%Z8-^-lT#Q3s1r2Tme=HcORt;eurUxmIt5ICtZw^$@uPz18N*WH{t{ ztemuK%=&yq8D+nnODvnY*IZ|jhU(S4c<^YpolkaO-!;{`Y#x}(YNF)Er)%cKv{TZ1;G4?>vxSEAc>?|&m^tu#mO+drKdpR#I|2X7>?=gu-4E6gH9`V)HW`?;4> ze0F^{+}0<)kp0P!onu#C*8+w-NB_SXQvAS>hV55}beZJOzncG+MM*b=)XN0l{YD<0 zGi;QQ>2mc`z}fTVcg2wU#G%a*Dk{(XwpbL@Ti)~{7g$)sL7FV}JmFDvX*^2Qq95aVDHZO>a1bwRwH z=>fsGnX(oZV=^wZbHR*Z><@ZPtMU~{;))bo(rI%{bn`dQ1>p&{mnFU5f6UiqU{Y2x z2a-j~*~jPu$7uvbw+o=|>j*zj*{#gNkgag#o@GiIOq2|ZiIlECs?4_NdIs~2iF}%F z>tSm{n}YL>AIlOhbO{zYTCZIjEj)*u;HNlG|7K4wey2;3xRo5Y+do>(B6)L_AN57X zYz&UXb+d>icMV}tw#iH<9BdZVn75|h58tmEzC-_Q=7Id1A2YSK+dN#=wk-1%lZI;{ z@;@fOqnn-;_bpTPz^wXGXr0zz%V1Ytd=I@RvsOD_d2wqziRi5Fxnbi5L7)2d^Pn$ zsdW7$x_5M74553YIM0n?e)TSP@>|ep8xltWM+v!^ECM)KH1&*tvU^hcr@>fDm>Wq{ z!h7kMQ~hDFZ50_KW3kIRr8sPXUvM=GuZgxgQLTMO1yicm@L5;(u7jxAlqqOqF2v*G zW88#n?X)S$TiOJ`m5!#_%0tq(m-Lc{WDT?$3ugU<*)7X=@vFZ+>QpwW*550*_~aZ- zvNJ`Sq)cmq{x$FWLLzTH!CK8Kem3{2TN9a+Dob91sa=0`pYee&Jbv1V)ii&?w;UnOP2oPXWANN8FC#U~+!lUahIZDxfNR&EoF>s$K!{d5~WI)je zQj6#aB~3<`=;Z7bHz7++rNsE*{he_5xLdUHld=T&y47hZedD0gW*H!+GY(!=6&6P} z#`VpUEf-eG{tzxw8M|uxwoZvn34;fV95RGbxc@?M`_#9PxwZ-}lj7#W-OTM8( z>E)rucWXuviV?TfPw8jgw5@8Qh?I;i-5Ge5#bgR(cFem!C8dhUFNFL0mQ+waeMK0I z(Z>|=?o5JP9HOkG36j44Q2dNiefLrElv zKvqVb`(=pJ@Aq-{LI1~>zOvg)O~pv(eY|VtM5X&eC$hEj=+68x$s5vG;`q< zM`?2}NrRR7XR|(lMSeOl4z3XBh$s1=UG&2NHfleJ+?eN`gWk(=RazL6Jx;sG- zrdYq$)%+cx#7Oka8gTkGU^E71?PH}0xH5hctpj>>vZB%a_b;x%DL4RO10u6yWe(`e zAz!m}bhQ6dt5b-`&wp^Z*48v9_}iv4dOKK*WTd9BfYN;3V%q5~YF-=O3>+H0U2!0Zsy* zq_9VTm)ZXd;1Quc33!s-9Ra#<902}O)X)AMSJxkX_$0qM0&L(s06f8NPO_f^wsW$V zCu8j+&~Wbm1@s{DJ_-7Jhi From e025b40b0b8d378300cd4ecafb75120d35be87ea Mon Sep 17 00:00:00 2001 From: Nick Moore <407440+holynakamoto@users.noreply.github.com> Date: Wed, 25 Nov 2020 18:01:38 -0800 Subject: [PATCH 68/79] Update 08-bootstrapping-kubernetes-controllers.md https://alta3.com/blog/error-invalid-value-apiall-on-kube-apiserver --- docs/08-bootstrapping-kubernetes-controllers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 761aba8..7a1c7fb 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -99,7 +99,7 @@ ExecStart=/usr/local/bin/kube-apiserver \\ --kubelet-client-certificate=/var/lib/kubernetes/kube-apiserver.crt \\ --kubelet-client-key=/var/lib/kubernetes/kube-apiserver.key \\ --kubelet-https=true \\ - --runtime-config=api/all \\ + --runtime-config=api/all=true \\ --service-account-key-file=/var/lib/kubernetes/service-account.crt \\ --service-cluster-ip-range=10.96.0.0/24 \\ --service-node-port-range=30000-32767 \\ From 61263677bc7ccdee618e09257cad0e2fed2051ef Mon Sep 17 00:00:00 2001 From: mudit000 Date: Mon, 14 Dec 2020 00:53:23 +0000 Subject: [PATCH 69/79] Update 10-tls-bootstrapping-kubernetes-workers.md --- docs/10-tls-bootstrapping-kubernetes-workers.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/10-tls-bootstrapping-kubernetes-workers.md b/docs/10-tls-bootstrapping-kubernetes-workers.md index 2f2e1d1..a3f1ac7 100644 --- a/docs/10-tls-bootstrapping-kubernetes-workers.md +++ b/docs/10-tls-bootstrapping-kubernetes-workers.md @@ -87,6 +87,7 @@ For the workers(kubelet) to access the Certificates API, they need to authentica Bootstrap Tokens take the form of a 6 character token id followed by 16 character token secret separated by a dot. Eg: abcdef.0123456789abcdef. More formally, they must match the regular expression [a-z0-9]{6}\.[a-z0-9]{16} Bootstrap Tokens are created as a secret in the kube-system namespace. +Perform below step on master-1 ``` cat > bootstrap-token-07401b.yaml < Date: Mon, 14 Dec 2020 15:55:18 -0500 Subject: [PATCH 70/79] Update etcd-backup-and-restore.md --- .../backup-etcd/etcd-backup-and-restore.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index 185e006..b91fe18 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -33,6 +33,12 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne snapshot save /opt/snapshot-pre-boot.db ``` +Note: In this case, the **ETCD** is running on the same server where we are running the commands (which is the *controlplane* node). As a result, the **--endpoint **argument is optional and can be ignored. + +The options **--cert, --cacert and --key** are mandatory to authenticate to the ETCD server to take the backup. + +If you want to take a backup of the ETCD service running on a different machine, you will have to provide the correct endpoint to that server (which is the IP Address and port of the etcd server with the **--endpoint **argument) + # ----------------------------- # Disaster Happens # ----------------------------- @@ -40,12 +46,12 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne # 3. Restore ETCD Snapshot to a new folder ``` -ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt \ - --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \ - --data-dir /var/lib/etcd-from-backup \ +ETCDCTL_API=3 etcdctl --data-dir /var/lib/etcd-from-backup \ snapshot restore /opt/snapshot-pre-boot.db ``` +Note: In this case, we are restoring the snapshot to a different directory but in the same server where we took the backup (**the controlplane node)** +As a result, the only required option for the restore command is the **--data-dir**. # 4. Modify /etc/kubernetes/manifests/etcd.yaml Update ETCD POD to use the new hostPath directory `/var/lib/etcd-from-backup` by modifying the pod definition file at `/etc/kubernetes/manifests/etcd.yaml`. When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. From 7dda532c57c403b0924df81b64c675fa61b9c455 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Mon, 14 Dec 2020 15:56:04 -0500 Subject: [PATCH 71/79] Update etcd-backup-and-restore.md --- .../backup-etcd/etcd-backup-and-restore.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index b91fe18..5e75d3a 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -33,11 +33,11 @@ ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kuberne snapshot save /opt/snapshot-pre-boot.db ``` -Note: In this case, the **ETCD** is running on the same server where we are running the commands (which is the *controlplane* node). As a result, the **--endpoint **argument is optional and can be ignored. +Note: In this case, the **ETCD** is running on the same server where we are running the commands (which is the *controlplane* node). As a result, the **--endpoint** argument is optional and can be ignored. The options **--cert, --cacert and --key** are mandatory to authenticate to the ETCD server to take the backup. -If you want to take a backup of the ETCD service running on a different machine, you will have to provide the correct endpoint to that server (which is the IP Address and port of the etcd server with the **--endpoint **argument) +If you want to take a backup of the ETCD service running on a different machine, you will have to provide the correct endpoint to that server (which is the IP Address and port of the etcd server with the **--endpoint** argument) # ----------------------------- # Disaster Happens From 96e3a9b1aeec27a3ed6641465e621717f51e29cd Mon Sep 17 00:00:00 2001 From: Mateusz Zarkowski <58977973+mfzarko@users.noreply.github.com> Date: Sun, 20 Dec 2020 17:24:20 +0100 Subject: [PATCH 72/79] Update 11-configuring-kubectl.md Move reference outside codeblock --- docs/11-configuring-kubectl.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/11-configuring-kubectl.md b/docs/11-configuring-kubectl.md index 1d3770a..61d58e6 100644 --- a/docs/11-configuring-kubectl.md +++ b/docs/11-configuring-kubectl.md @@ -29,9 +29,9 @@ Generate a kubeconfig file suitable for authenticating as the `admin` user: kubectl config use-context kubernetes-the-hard-way } +``` Reference doc for kubectl config [here](https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/) -``` ## Verification From cfa90e2ef2509fa86a5944f7008ea061b3617243 Mon Sep 17 00:00:00 2001 From: Mohamed Ayman Date: Wed, 3 Feb 2021 01:57:07 +0200 Subject: [PATCH 73/79] add the --data-dir option --- .../backup-etcd/etcd-backup-and-restore.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index 5e75d3a..c24bce2 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -53,6 +53,11 @@ ETCDCTL_API=3 etcdctl --data-dir /var/lib/etcd-from-backup \ Note: In this case, we are restoring the snapshot to a different directory but in the same server where we took the backup (**the controlplane node)** As a result, the only required option for the restore command is the **--data-dir**. # 4. Modify /etc/kubernetes/manifests/etcd.yaml +Update --data-dir to use new target location + +``` +--data-dir=/var/lib/etcd-from-backup +``` Update ETCD POD to use the new hostPath directory `/var/lib/etcd-from-backup` by modifying the pod definition file at `/etc/kubernetes/manifests/etcd.yaml`. When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. From b516ed6ee6ade19849d54b44d63622b0f117e379 Mon Sep 17 00:00:00 2001 From: mushdavtyan Date: Fri, 12 Mar 2021 22:03:09 +0400 Subject: [PATCH 74/79] changing-to-better-and-comfortable-design --- tools/kubernetes-certs-checker.xlsx | Bin 71603 -> 96587 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/tools/kubernetes-certs-checker.xlsx b/tools/kubernetes-certs-checker.xlsx index 8e9995baafe4a621f0ddd2090062d08f342b7eb9..009ecd6cdb712cc8e8540f9169f60445e53b52ad 100644 GIT binary patch literal 96587 zcmeFacUY6l);^3PprQhbpwcvSl%^EvU8*$cRVgA}dQTKodROU91f(0PbdV+@Aksm4 zlM*15gqGxcLfjtCd)()T`}+QSU%gz zJJXrCV|aMQgm`!t@J=4rm$J8WHn(#&*6?_2?qtZ}ZfkS(&57eIsd&c$`~Um(zc>R; zn(fMsT%^_XaFWQvcMg+JNUetP!|AUcqnl_MX|mdna3h9|7rQDxSGBxYdOk+jX7$T* zo~uaw4O?w*ap`G8MvnG0mij&;ssW8D6wKi<{b`2TlErF2g*?1wGjA}Tr#?ZwZ#s?E z8^+V+>L#PUnmW69VQvpa^28rPy>HT|9<;Sv zGv1q)b|@E(dB>I}`9mo`;Q42gEJ);;eVd0?Uu%tYUT|A(N=0VH$Y3amE zrz@gweVC)ng33GTjnj~&HG*&Qi@v0eyVuZvqWXR@`o5eHWbb{T*WB?t>1pn2k;yO3 z%V&zBQ$#zn#=6>3SA9CZWWLtAjLi2Ufry6Otm9C*!7v;1)NAp>E;CKj=&_q(;pL!4 zYB_4lzGKOi`_o$mKKLc!G5%i_H;;LA%KTVG zBLn2R{p!U@+v;8AmaWRz=}Fqs+s|5_w*Kl?IEHQARjUCNxoH#kK^8Zfq|Kj6&Xz6)TcNOuuNnfn`Vy=Cu5gK6w zeY4?|`El0_b&NX>b)P>j;%y}gc}K!It&G+)vCu8qBW~+qQM!9Nsh8{d*D|Mk6Cd_e zX?;{gefU5`7VUT^bXo4>Q;<#0QtsBRP`25$!7b6Cys05g`Du;h;CQ!RP*uQEwpU+v~SCxzaEh(-5H^~ z9Wf-ixWW5ID=mYe;XU~CLcr%ekSRVbvmPqt$EtO=y80c)=kfSSb34no2}-Kp$~aws ze2=^1Jw+Ns^ef4+09X!o~AMj<=%0k%gL9}n*e-pOO`Hk`Oq z<7V$@ZDMb4jeQONb%Kro??T{s{qO!&9o1pg#C7J`>hoH^?izec0;g7zhOcAG9(Acz7g0NdT2|xMuP++U!QSNNXs6h@Gr%*Q@5? zzCjd7$s?|I!t!-6C%vT&S*F}8>Sn$mw3n>cWa+*ysNrfBy(aBqE~1mJv<2wKYzJm(cf$O zE>&?o#Gaf`tye8sxnF(q9&;6u=GNuUa}rIO9XHQJD3+iz1K7!q%v7UwNk1D}6KDTILZiX=eyi|60~ACPzD1;ykN@dP2%?z zb$*ROA!>Fm>iD-g*Nioe72OGYvh~ApWv;L^PWg(znEdyOaW;NMd&~_NJJ-Mout4G$ zHyEP$OSYW!cM>A+F_@2Z1uF|#3`#WS)zun%rG$V7pRPqjdN&ZsRp?}0L~**+5Rxd% zm5zRz8Sd`MC$@JPDE+SfeeZ777@ysRWE#cf!IA0?_-2d%X<}0gGt}YwCOr9!Mhl~**O=7_%cFw4R|y@(9lMm!)7e@K}=7+#oOOD7YY2I-+YgPJv| zs1D$;*ch5!-|MFP%vG-&!xpEv9AE4cF&J+<5$k7RXcBg#&Kvmw?fCV?p7agG<(#G0 zkLw>SN1IwTzzGu3KvDiDN7#?ir1u7X0Fcne!#j&BTPJ4^8*?Y@2i-EYb@&wDnpXze zpG95FQU2t6GlE3dr|*~zbEEC9Z&{yw8p=WP@|h4K2aW6;Z1T9zS@=FrZHR=}RhXp9 z{o!(;#hSwf!q0A;@~GQaa$1NCHLE{`&Vx&+b08u^`L#K3<1Tb0T@9;F+nvf-Z0#GG{Cq$eE0)<+#`MPQuV5JwhPJ?b2D_~rzs-vmMtSf3Np)Cr_&oiVMQ7a(=IO? zHtEykwov6PXtJR}qI@#HV!Xao<{d)bqn9WGT;@v zg!sZ8XJ|1Nc|k^bO}@oBzR65o#}7ay&rn)Be{r+CPlHIkU`p%%;uY@{cG-*texU>=@v zw>j@rd2QqAtfHy2b;8>D%6clS!`l)&b7(}ibts-1gD&4)yf$;{{ZM$%%Cp$>z4R5n+rCW~O)O_$8$Xg*Tv9)I6t;c(NRquX;XdG|n-tG(xb5^gN?16++rXN)E%H~j8+U`<`N1#U%J4^5%4zBz-H}$GRGO$05=3&bH>62OO?t%%B=l7n&v@5T@5qqN1oq8^0oiH}I9H-!Ot!#3mUo3Wx zTYas!_Sm%ewxYW}-#O;}8dBZ3j&kPHO0DcHcr3f@3l1wSj#7^1jK@YK9wG(J>KQc7 zPWC+{QgV496$gtkJtdKow8Ir3e_FKuqT(Vk+Z30$JS*MA?b#v%P0`p&#ZICd!3hyW zA6_R+_~nx<7}VbPk?SP7^dLt&YNMgQg4+9~GU*94JxS%;p$nQj_Yn$?H71DD$6sPl z9#9%Fr^5Vwxx~Kc@@uW+vNqMZ3M~{hGao%HI#Dc>^}X}{>gvR@pZv|pf^T^9q?_3! zfcz84PRSM-R;#u$1T!Inq{8rPP*V|!ByGN4X~JW=s^3FS)rLWuD7S74B&O@ICCO;5 zs}s%l#NQ4V4KlGdCXA@F_TG9If73xjxQ_F_m{6Siep7OMwP_|}7e}H~9)ykT3x`2; zz?}=!p|k4Y@`z&Q@gjx=B<#?z8$0PR`&QG-`e7bp4o5c+gA1JlHVapUorAy;DU&0W4 zL9w$s>VCwH%Ja|%a!ls}2sR#3ez^xf9@F6MQ5z^C;Kc5UDFM&nQ{L-M4^w$oa!cy^ zHCSO?s!x+*ue~U2d1ejOS^4AB6V{OLvV{Cmg%1kESA>Z+POJu>bsQ(K`|y%OTeCn5 zy2N!_>*M8|p0gz^;nrfG^uTXRw#Hw+UZ0q%A$E-r&lQ<g%iUj%vOkYA)@tFo%4{QE0zbyC?$3~TB36%8+1EpE$$pYcO>-+oZF{gR>sV`tIb z{)XomnfD?1#8jMpkdXab{>IO?Gknw+F2xR4lt1p5Kr{*ZTftEzjtz7(B|eM67?IAC z0cm>Pn2=JL32)*oa>ZS|by&Wd`Xmupk}+KYn(`)9uO^GdwPeIEowSXE=SFwSYPX9X z{Dr^27~unW>wTfRtgh2dux~GXK*PJ=lWRGy_`&wM2Rm0UFKxG`a0yVS?OjD z(Z4Bh(jz~fgCu|TWKpDs_9g3#WU(!otzhngroR@s=+pvL$~|a_TEB_Ug{7x*nI^D{ zj;E!h<72fQbDV;(PH)j}Y~sm&J+1HZNT&JS=$4<4@S|y{oLkTvECMg|47UuMY;5$~ zmbtF;-BkAt_q$+WVHp%OX=p)rt<`wsjiyQb>*fJ>L;ky>1WexBA|I|ai+Bs44CS<4 z<__d6a14rXpC=mG+5gHdJpA}fij^THT*}LRU-gkN_z}shZ0-&{JM!LI=fXVsX`Kd$ zdD6DjR?5P35^vlvOv@OuTrQY7V5>XYDxW)Y+0O^cUXve=VSgnol0L!8+I5;=DYVn) zinwmC*-~P8C&Id$PeW1cT@_2<_VSEi<^ny-0@pg>{Zq!%r)nF ztBb1`hpU)h>-6z9ep1Y{3t91*^QV1w)59iGmV8$0B-_ONb)`oY3?*+6upeT-r77kQ z32nP&@$gQp9K*ZxFLv$p$lTo7iSyub6U$igz7IL-%a$=s?1lYsQ~iOK1M%v(4vI$B zw+MGNCMjgL2SrJjH^q1MAdjDlsz+;S=H@IJP-lO;&i@3(h^HR6gn`##5DU}Mbp}2= zyOX;cDk_}GHSW7JiyM1O#-iTnX%!Xib_ArxXLn|)qpGW}de0rTvzV0ysoUM%tb?G( zF-xs=Mv$GJf$@R@yX2;eq7c-=f;~Tf9cFERX8>7e=;Mjp8roXbPMNOT_e9P1R3&Vu z7^AoMmsX7n#!!wz3q7s#F`P!#9_WQp|1Oo)g0;pN`-+yW!aA@!MANVivyqkC#qUPB zMAMwU0YjO z&3kTig)RPG``j%?&&C>NNd^WWf=a70lfmxq#>ahXJ=e>dSK*6x7HHJ=fVN7?cLR)Q z_3l=t#}+roS9jEATNRR@4(-SrdRa^a)wtEsv6Z#sFNSt?syc0FvOK^!fN|Q|LFkT& z#x)Y(Ho#4DG#X}$jO`Rx zc?En39&vTqyWK^%GQ~gIl#*NWlOM+xymFQ~VA zkwHSe9CoK@G2l9b;d1-Rg&5{KAS)|fboTKBbo_MSiXC>N>Ed$xac?&`qRL&j6?3}| zZH-(Mr&gTqD|SyE=|eSgLJA9NYr~N`H_|LPNy2x~yQae8`xxdFQEJiaQ|#+2_T>=t z*2)woXNqChc3qQwo!+` zV8p1~c#XG`nS3<>8-M|*j=B46AN3MTt$bZ-Z7ugKGF zV`ZMM&H%F|?|q6+^!@Y&k=k#Z;16Es-~;Z=qoV^=U9U%SM#4kNyT+<-qv~RPHb(rB z5G#Xmp8>NJrow6bP1I!C=Sk?49y}_2*ZK@*cAj5M6r<=}UnBOqDTa`7JSm1JI;wo0 z5&o)PvsR2#!28iaN_%tgM!c(*lY>!Dn-xcwb){}c`$oKx*2ZFWW=dbRXyIiu-f;dM zk9T5U{rxuKy2pKXX&k~mKYUhEF>ZDA7O#01$s5M&pCZ08$!YblqbfdF$1|Llw}dUb zA}_6!*6Q49Ok@uYfsovnP=rn+*;#n|22MuN&72<`5$ogiOdH{`7AB zTT!ljk}r$+8@u&yMBnF;87Ir9W#Av z-(#S0_GhC+?6QDDN(i-~%AK$RW_lKiOT=LWpM1@p7TwpazwwCTHgPh+SKmiZOYRTX zmprw^?;*@Qt3(yc$7Op|;6e{m=3S+PSUzrBli{Y4K+B^67c>9-H@lL4Y#EpBgW-=Q z&n=02C^C--aNC*=x0HlhQuXj<+A592mK_afDDkr->N%H5qa+mT$_2YWd^CWvha=Na zsVdf$8)h=xToP<~G(bejD;B{8dobKs;%`aPLz{U-fE#8y+*%TDN!KHq>7%q4i#QS> zSnvE~0k7v+CcY9;>^Ux)`$q&wd#+_lDf!2qd;7Uz(KOFi6~zW~?kgoo9C z?@zif*x>BDaH8i_<^?6@SY@um0CM2p)WiMcJ*=7cl(J%#xsyx;o1KFe{ta;H`8V}n z{T8vETuBcE8=YS)oawooc}wYtfT>`sbJzlPk3goA(tK-rwhk>2r`M4C}TOe z4DVOgJ0A^T%v4m0iRIunG^uQI4qQ0jb2LCZwt&mTB$6Y5Ox8V8DnUsROmm}NJji+9>4_h+2Jj>2LB zDJj%nk~G4+1{{fuDrH&p_a$ z5I8vmehC7nhQO~v;0zEr3j}@x0_TFjc_8rH5V$Y|E)Ic9L*Q}{xDo`e3V~}t;5rbv z0R(;@0yl%eA3@+Y5cp#V+!+FQhrqod@Fx)XGYC8Y0uO<}BOvgX5O^#Eo(O@bLf~&9 z@OKb+9t8d#0xyBUKS1Es5O_TV-UNYvg22B(;9nu|UI=^;0{;$yPe9-^5cm%Wd>H~? zgTOZ-@NEcu9|Ap=I(SUg<`@eCk30b{$PllY?}-VWIFu}P@RX_z0Sn?ddBU-vQM_i? zCnjRz&}*rKWU4l&SP&=36OIQN9&0XpVqz=~L9DC%|#Z(Y4QYupwZ*au1`(s#GwyT2f0;k zF0&xckS7oZ8R9pWJvA8@hdQJV3aHx9uprKnClCdV;x{9nnqb7CPg4gaRBf)YAV|p* zP6ipCXy)@Zp_70{rVh%h+Ay*p&XXsc3K~7p?CNVGCIL-L9aK}bVP!#(lP8=GG9+j& z^EEM+fI?FTbyaQHSr8QD3B*C81kDIv6Nm(~A$9P9stq>_;u3knnIJ>LWY$~n4KEAg3VFiWpi#nRS3i?F3Fu_%po6N701JYeJmFlBAyIRgpUJoc6rMWhp=u+- zf}kZ&APE{JYDV~(U?iZ&(gvTZ+DNb8w^ynkzqlA$P>td zMo%`oJ~I)MgkDPCO6%=g?RMG~r(Hkhqyqsf9`BTu*(Gxmj!WyJb@y}khr<*xyiUB)FExKLe<8Q1;Ig{Kp8Yj+>Cf`f{}ziO&e@bwRymT z;G%ZCMwf7@^LPS?YGLGff?aVXsBOXc)107zkV)c-$?iF*eCYHi+bh$yglZdhGgFTz z_bz3%>)p}ZQgx!M>os}XA?F{-L0_}nZM~rF^YCmKJy`;BJJCALw6Q8aIx}*&{(~r2 zHi^;_e(`R7wdnhIBsZ4ub9d`2Mc-$W*eu~!?bg?ds-C8o-RpVJXchJ?>w#h~b%sjg z>vsTsd%>>e)#C6}_xKF`DoJi1h{E` zhE7)@-xBt;z(>8*{Vb=qS46TKN*ufklY9SPwC>MX++V~`@4=t{{!;HQWhb3*jcmJ;cA8gUwPEG%*!f+}+<{*lFTojAAD2OoF zD6G5?IJFh0jvOOB@Xz$*ASA>wX<(IoWf!l0d>#AfmN>Agj4~A7!DP0l0#FoCAGAoC98*gO;bb2+rXg_#8OE zmpF((2ND#X!aF!pqdg&B4)C@O8ML#hXZdb8juCU6sou+NWB|Ny^_k@UPER`A5!;erngD zCXwbeP8NeNrp;Yr36A8Wr@2!ZvKb{?mq%o7-u0ehmiKnQ^p&CMT=(kEq5ROQZMqMo z{<(?c!_%J*&7LQ4hsjrcGEImYBR0Ln+@J7TIwC} zbWIu-a($d9fbZcwpYpV+N-yHlOwUqE!B(SYr^L#gu|)88b>1j?&ak6>JI_alztE~Y z|Fe~qJ*;1<17D3V*OgwVb$CHhd;xS)u4pg$(>PO6Ti zg-IFudk#5GBt?pL?;_WIx`%AhM602}+m~lX>^3G_2isRuXvQAb`M6`UTDC@2%7>7R zOa3XA_MCL(82EIS1GVRl$~d2H_tLJvhE@}D+qAn;s5Py#+#n}GG<(<0!!u*oi?K!> zHL_p(W78j19v-~DOusTkdTMX4stbO~1>V>k99+deT(@7m1T(j)^Q$iKdCMCnQ>aom zy~8-8thzY##l(6m7pU{q?~E;eBCvCPLRxghB+YG-}8;Co(4aLQr{G zu(v(gkM5p<&ttJw#BAdDM| z9GTp1U!PXDrOo9q7S0>{oc3DE)?e_P3(ca)xupFI3MhWF`Liqj93)+v-l17_c&*lV zF{MA&VVDiNV2%~=fR|5M$r47-+1Pnkswkz`Oy zGTZ>xHeHkLL$>wpI@}WMmeJl5gUm$8@Z2_9Sl_%;lV4Ng-})x{(&IZVAxf9xZr(IC z>-^*!$w+_wPJf8arJK=j>{Y2B&B& z=-*M+_#kJ%!vUgv75qhJ9^|Z6DQ8&1VL}PKVflOQ-i@kOrMXJMUI4GzBLX?28dce@ z_h6aBcS{qj`1|aR2B=s4`R@!@McC_M_ELST@?N{_QT3{$0cFFsr6X45eRjE{T2=Y3 z`mmz`LRN0QEAK|ts?uF$VPV5GrAGvEMm4K)UA18a!-l0*R&ISOM+354Rba`(BBfqd z$ljIg(R)=#18RqTO82ageJi=6+Es$!&0UGRwRA2M+4p>O0%p~`jT@*H2)o7 zN*Mkvo+EP4D-)pviyOXGYGKvYo1A?_zyMY;>{L2$)zz1rE28aHfH)dJTuN!h*=zK! zM%60~Aqjgvd_%NSNHjj`f98ldi#flz?G8opktZB^K7lwET)Ko3?r zY+X8FRoG{gTchQbk2o4YRmyK=-#hlMM$Ic7aR(MUd_!%OBP+Ew{2i z8gS1m3!w}HXho@;)oSlpcFoZMBUsI_S1HnJwQnr9M%$|paWsI;AZ0WB2Tk{ue9{z| zQA)2REgWbrlHE_~U7#gH$S19nnE)sqH_+T=w5DyVlr2I;=0O;&ueJ%w6;VXx`7>C9 zK8_+{r$BR}*&D@IeOICd#m<5jMY9z}Numg&<*MB5zL}i&K*}2e z1301ss#WHgmabaz1oi?x);%INbCK!f~I1@cp5DCtNm=Od&7FWi-Nr$Nj71wjka^OcxF9VUk8d8B3~Pa;a3)TSCO9Zw8zhf|AdDYzke&`m z1qTH)g0^r=(FJJ&L0(s!Sv&}`QWvC$Gf89ohBNWh1Kr0#`HVLa2crb_K@V|I1!EKr z+SLcy;Gky4bp#M(h4d6I$Sy`nVASq?&`TV2k;xGURXza4ugRVRT z)c`@ZE6pHrnS2QPh%<3uQr|xqgoAvTig1wNBTy#}3S>Hu!Y$v}Fxh-~%W@?TWG*X+({78&K zWKMhxOKk~DxO*K;2GWcW)L))fSMAOYUC3wNq$_mxc&rOL!*+NY*A#ATqks)kJrmG=r8K(0gZ26|+A#A0l19?Ul z6CR$)rqO?>kxfH|6(i<=NWcnxtf0aQz$1W}{na{9e~PV~K`K)@*x==K1=vYrKnz~Q ziVMF~60CammwF1T68%!~vFfp0?PkJDQdX@9N=>WQIY7v6UjbSzShehz`Wmag_@zF? zs#*uCUJV=NRWw5IBFI5t& zN*t(txh9yvYo(^hK(` z1+D}XftEg29H=7-Kq~<&4pb^^YefD)1U)hBsPBVX{->hUQ}bCNP~Qht{ZB++F33Cd8m_bt>ieIF ze4~q#){+317W$fZhagI^Ulg$JbUF1BFz=L61p#1;MBp0lViX@h zf+MLv4kQA6^$x&sjiLZ&1B(3;^twdyVr{^1fHbE@0!%e)hO~ALpwpzlya0~|W&^B% zIRF+5c;(O~BCCCfWyyrmQrp9rj2R=ZyxMcOf*=>0hypHq%a&zKf*rn=9y%@J65TLSZbO0T_4*o-xn4Xn6d_s4@w-2^fD!yUT7mTp56;8 z^x$)S3|YQkEq2&o4=}j+nap@&ujO1&VOuE8cRHa<_G)3<@#Flis@`|)mM74I4epVS zO#}P2P(L`!Y(OD=2z~>20LBM#xO2I3(PjaW*4ZzoZpVKgZ14jNr2&f_A5)^{fti+b zv>`Mh{%nULUAqrNstp9Wz3z&l`FaQaHQ!#q#yn*(omWZW)4~J(ADd;b3=m-(||$e zzZrzngbV-%zmmS@4n*p4IMP-i(%E)gPFtp9=xbXnS~q|PutT_vwgDME;e^ZR!QQF> zk=~0v9O+FUr%i_=jRpd_F$W~yr+Gk_O2}Q%m20f!ut5)CAPE@!N_sMoQ@5LkBXtHM zeT|E>!JP{TV0+p9Ch!1u=wR;wzn4fX4(~mX0e8{Ekpg?wLLYxPQa&K3-+(}B3%BDf zOo_&US&=-4XN3ViG!Og0nw0bYPm>2fP2iufs~m!V0Um9JBMn>I!;~3c!C>?~fs$e& zi}KFe{frRTjh0}s8jrojR{ugH%y#wF;h_#Hj0>V|gVL>buN@W4&&dH^T<$Lvt=;L+ z=CrFu@6PQE!FezC*%^0ajiMLR#ULAfvYca5Zk%bknnlH&1yaZ{DGNGdRAzXg6mo#y z2i@lKqrvM3qE-8wP2E0sA+<=9=l%*r$p|xvausxo$~?c1E2?W}dEI`$t*;I~ zKagfWE~Ra1Teoj0nz&Cmw|aYrof*>ACiZw;NEsa&4Vjur5!j(rM!$-NOwWu9ETCbV zoa0+mvN8IVQOZ>Yov+f{lMDnrf4CX0%;@EXLZ)Zg3Yv#gIYN!oHb;`E=z1UX+o=k! z)SgvnA1#wusL-K$nHgLvu}}##%BswTGAhlcmK%z&BL{%0dg!_AV~vMPb+r!ka|#n#RLu(4fNYKdXqSp}T?n#(`kAI!`R%*^%I z%;x{r#RSZZb%qPU?9j|BR%fuzl(ScwZ+~+wH#yuTdeHTA!qI2IGO+U;tVf9JaEN;@ z3NAa%k+`m4&cj`^1c#Q&QFS{STUv}zH^rN>9he(xqFNc^Z z3|9w+9EZEC84pLFcH&U(3!<Xg1&Ni_HK1hDEqQ4IC z-*x@p7Gpo9kGj`%(6W2W0i_<9Ya33XbWlFA+ztAErmQWjKw`xXR_tK~3M(*xm_Ob* zfFEUI3+^YQhVltmJZ>7EXt@;y^zgfK8AT;hT5l8slx-MG2uiX1&KlsEEZAPvJb((O z>Lh$0lz{R91k1!0prrpY3?X8Y%?s@cV+J1o)$qT0e2k^4z>IYyElbfGK$NckWyZgE zgypEEIF9;9YdGxjtR28kfi+Ge8{DCeMtL1wVMkBKzZ_v{DU|Pkmi{hl|1$h<>1_xF z2q}=&ebGyW2A#pBJ464G{-Zd;GSPk<6FtI){*A{ESPlwgb)0D0{EG)rbVC2H%J`k5 z1M)eHBcFd>Yd<{_@&mLJ$SQpAes!h*XaAf<>mL^Fful>|HeotcDKuTcBjI}~jX`)R zjY}CuI}f&(K7_E8fUX+XZcmSDW4sz*JtU{fkqhM{6(v9JuH+^<1T^PFX(ui^0BEIw9+d;(Udcx=FtqpgK zEM}btu;NcLwC(kASOVI_&b%$Ip6dxnOc}|Saffw%Wpr{hWMalGai5+U)6^#Bw9c8h zf1MfA(pKm64K=)AT)V^@#u4Mh-a_b75pB)Q_YNSC!B7biIEh2W)9ZBJOk4S~bqKk} z(RXnFuMS8{RlOCyvkG0K84{M2m#AJA0JfG@`X%>r6nVl*MlW6g=mQo3x{lZYNYpDV ziTVt@8$+6Xo|IuF4x3~t;aPxJMgPR6{e>Vp%*r0Ejvna)Cn^?gE0faMFlwidsRv6TinMOO| z&o7;l=jIbzIumw@>bv_LN1zAzGDtBB>i~H5La}_&6w4P|uzWEDO9L-q`6BlLU$nvU zMeK-w8D1h$0$iogr~r@uYWUwgPPFty(*rXC--Qk^%Z3~fwLgmDz&RIf1~oU9s9_&i zdi$Gj|63FX>uLy{XOjii4G=X>EnrD0G)K?HzntF}HWM(h@pct92Oj^Kw0{}?x9s{+ zsTg3By6wYdQ~@jr%hQgqBmcvBgZnJQu5p9b@def9@xhlS8f2`QtsQFMD#%bvQ+ zD~y}hKDu_L@6n2^{YaAy7xrB4z7U@5xw$;ty_NE1XnZ?bU>kgsF2}&lzD{g6BDiY4 z+b5jXee-L&EUgIQN1&{Vh^H&;$8OiPKIV#AjMp_H$hwm|#CdDJz8f_{{X4IXt&r)i z$q5zkxz+FjH1+LDNJ2Uht;pt&NZD`^&#CTv;mL+Vm1w8!8T)+!>ixE^NmO@V3cf7T z-f6Qw-Je!u{RdQ5Mc8w(yVzQ`Zl7Aza|6}fJhIm{E{d7UrQ(IiXpaN;Sp*M=Rqro^ z+ZXK58#9cFEg^fBggEQ=cITFu$7}XuJ3Dk7VATE=oe_F-u7!lM4uY&pkP$Sl z+i#5IuGz|^AKY1-cf(}AU4T@3?jicZV=%D2;Q4XGYEkq^mW74!_ub8PjOb30@BFH9 zjptq+su8{4T8DI_w8w02gpSvFqvl}tdxdp7J>eMm$_0M=YEM)V<}3t_n9WV8t=-wk z9k4eRgX|#YLRW<_tJ)|(x)sd+`ceYj_#)=)_D1tkIj6CKfB^V5W@mAWZXAY6z>xj+ z8X(&S)HNC4%GGa(0o^J8*` z@1L$8D-e;-Ya$6{EXNO$a@!7-9Hmmtj*T^6sl2Wi|Mo%}_w=Qf=o|4Y~bYb_C*@OZCVj4BNrc7%s z#Fncl!}C1&X=#5+bkX3e~L-8od)NIJ$?(-J!)qBo!geA zS=Lq^m=TBMq>TATV)zcIbjgCdpU2=8X|a?!gvSMqr^BYD73iD?Z1;>7?DmS`{m1b+ zV-(`L{iumNHg>mxi!%T7CQYc>8-{b(>wtkvV1H)C%<+MnrJaS-&pU*Fs{g9ZyvV!C zjpApXBjvtdTNjOcOZ-fgd6fJu$6%@>-mPhdbTcr|w4|4p!L<{w*q{$A_0eNq2v4U? z#VzHE50`kH?-E}mxR6hr{$c=i&xb_w!5NB}OLC2Yr)_pe61IrhKNV>(#V9boROM0n zvLKOd!nCdvAItK|EMSOUF;4c?*DtrD^h#k#pX)AvHRj4q>Wgr5CFn!Hl-{v-r6#m^ zMAgx7Z{qs-&mP?rSLY&iq4D)lBvDEshT#FAL1=Ho`TsLS8WXusd;#f44}pbQdnNnR4vR zLI$cELETe({iXh|)_P--IxKG#lk-4oo=Yc%P;j*rN@W>rFw0n%};4q?aZ0kNv16DKz=0O=-r2N$}KjMQMw~F zywoq_3mOR&m;#DUl#epbtz?Xbi&X}=N866=du z6-^l?_>x{RvkDT{akCGwy-KB~kNTkOYx3C3N08BU`AmkQo7-%)$|N6|0bhuv=T$?~ zM#%@v{+fXkinQN)1td#gl42KJg`1GimQz8#SrLh(bIKo2lJU@K=(4G&x>qE7!M>;FX@$vPu!LR;$$IZ&OtR zKl*YBjW&$OC%(gHyXvp2&W(@MlMr5$?grW~knG%+y^>h?1qt6;s6y5}@0sf3GA|kY zseS~}^)~iB8i-&`*Unpey?XXa>35H(zE(QgG0P^O&qMS3O`Kyg@bToX%J?#b>2$)$ zL(_t!q}x~+J89!&RNb9ka-HjVrDv|1-3Zy)=zSG*a=1aR_;vM@Q{#`Kys1T%+YCxZ zRT^@0C6dLwT-VnY+8T{jXhj4)ww=bx9nA*~CEAqAy>=S4AwI~8jd@Ps9klP#zhx;r z0OthnPBq)t)qNHT`Eas%!#=qh_$OvN<;H0Ev}rI>Ip~g{x17nBBP9KyM9#8e@Y>_ZFUv_;#58Uf(&+WauPKC_KvFtIXqz})zB8EW;rB*5^|JE&$1}HF z1EA*4ZYQ~?Dpguor)}60g_;&XCTH6sLP8|jLJA@-trwM$J=36q4%NY&FPDZ^`iCnq zR8s`#eInuJ{pfy~{X~#0hd)cEXFW0^z=nb3^@2|8R>c#gE-rIrh_68Tkb%mBYQ1lT zz8?pBYE@#Ofl34dB|G1xLKZ&J3Z0=R@5)b{PZP;5KeSS&EW%lI@`$iPet15qrwzFqA+vmP)Nqi7HS-w|CxnjGzzSHiK_Vwym zvz}r8_vw6MBx~BH_zl*vX)9Rg1EcsescN=ty`7FVkqNSooelr?HR>=(jxG=LiOyRCl3Kmv*@3JvhA45hKGpuP zAHtG5A#Z{`2(>|#ndvM2++SDLxuwMUrEbT!okAp8j235ET^6{@6D-i9dQrf7xOo$G zcl}DP$$4HK^KbcOXRE(f_A4x|F^j*}&F zC-kSvlIimz-ACf+mX)>h6R&D5DQIplHu|H1>Ra)3-<%+Kmmtv2e#S|{>MLXH8kX2b zSPeo-*WP({-6Aro%&Tt7t@{0(e}+QOYD{&dHY+bmxuzG6@+@7|zFuPoJEn946qE}_ zberQ5sX50%Jk?-SDaKQMx+BlIgWHvSj99NvEp8~5mZ3I+rNo_Ah)N}L#})}Qv}$g# zc+}Vx_n!8%%cgu5I+jYg+tEMqbcvev{Xn+A(O3J|zE+oBSEqs&`1LbhXy>|A-^m(6 z3X-gwp9v9;4i}~%HEOm-+W(d)J#wjuM*;W24^rX%-K~`eFS3_I`c7};E)h=bNfvFKm4EcCCAYaPF$Bw#Z&@ zSqDw-JwWUEaAD{S#%D7T@0JBSfLoU(2)^zzjoApSw~Ak!rgUF!{pUl`5m>3ny+podyI&5 zrE4log9l{Qyt55a$7YKeIz1Zr&BH%iy2v_wxo4ZBmNDy{^!23lvO*^x@m8)VF_Dj^ zerN6zwEST9qZ+NTlN5{BhKsm%CtB4t!H<(`n$$km28P_L^z^Cp46O|azE^&+`Nvws zx#0G)seR3ea-(-Xi}DTX6v23}0>Cxgei<4a-;k=<#`;hM6}7I zdQ+N6M`Q{LIj2i=z2>|M@`jiMGcy``Aki)r`tPF0+=V?8g+u$=p<+92=54Op-?s16 zkQrWcNPD$ww?Xg*s}( zfh;*}a43t1>&jDbfu?pEGB@Yzs?)2<4_U}8&9lNPxk74;kM5Y4B+l=@{pzE#s!k1p zlP}!zNo5zZ#iNMgW+#FI+qc#DrXmje3HUlZ&6jvf8 zZX$FLHy|ZxB044hvFs7KZZwq)<1AvKx$YVL741obJLoeePhzi91e~3E^5H6N0Ll3$ z&uk-$E{#P$e{{p**zfvM=i!JwNuJlmc-;Rnft>EwtRa|gK#L>ARlio(mwJ zdb)k}nA{)*YjCSq5oze`4e>Li7n+VkC8$X$oABWh$0Odet5c{T&8}T(*L`y7DpLS~ ziQnz3905dAekZOz(0_ZQNhu43+G}4W>(=Q!-h{_3af6hq>6n9rFex1a-l-9gId=^+ z@!$2O^@QvosM4+2v!0q=jgzB@3Z1!HAx9e(PJZ?I`L+gUi@Z8-6X)1(BJ`K#n4+GW z(F@3NMETFq6Ue1WJ94?*m2Wnv+t|PQ+s+OZm&8=iZ@cblxg_TQzN^E)C9(4NU3X1g z5?g=Y)nRGLdRo-mK`S_4iGjH7j$?!Y14*0g>4>J`VHa^nuF+EkI`^-Hcr~SXJA_+K z{-{pY=sLfkpQEett!hc$C7P_`Wjr5#MW|Xn1BZr{lddOsx+g#RR+!oGF5yAXT>Q0&i~*jU7~!QeT|8FiCufY5 ztIO6Syx-!nzLfhMLGi&MZR5q>d%;3ICfoHmXS;g1c+5;O>jNyZhqq7BuK@azEeqzjx2>IWx08)73TA)pcE6J+qG^ zZ=Jiq7wFN|=D4AeH7?UElOS|A_*;PW*c*|{OlV(*pS!S)*Y0$|q5YAo>YMCsCG=vg zwZc=3SRv6XX%b!Jth|(}eOU-@5?aLn2I?YMjrB)7!8YDIJI_j){(5F#Pxl=D+Vi@3 zCphq7aYp>X=-AAVZ*qSrEE!tF=z`Ge@EUcSkLSH{?P;Wwbv=-rHI>l*jWa!2fLG#e zSX67(A2$W$YJA~y3EMWwKRHiw;_bw>s?Ief7vHkcLVpy7aX7f??kOrwd&a+RIDKZv zKzcq`wAz{s(oR*VD`k^Zk-z1MmV*krjuo~`|Ke-fef|GCWT*|Rd13*u=R5A3H`xCN zdmPOT988RrogDr_$$z}YC`8K<#)a)OA@kCMPr`FJx}}AT#FlL$v3Lp{GX3hb9!US) zpWdA^_3QJECj}u>eYQcvDM!5Vcb>TM8{XtnS9wWPS}+Lfsd<-I7lj%_wD$Stt{MppR9b_CP=JpXWfeo`iby|hzjj#fR zq!F@MlN$%wuQx1AX0*d&++KJ;q<-bRaLzx+h7qiM7U+nJ>=X-lZ}e$kD|`+e93uo4 zmB^J*+P~hprf4AVgGgec_MYc`?@9~_E$JWl+jWnZvZw|QDvVn2=g_=XEn5%DkCB*a z(jB|eGPiul^QAG#jjzOej`O5U4U@?wO?F#nIwn|Q_Vu_>kBay^@8Z78?c;2nau^sh zH%BpqS@(JBk^7zQ$#1k$?8rq!Kg`&ViX~F~n37=5Qut(DrU_z%&E-uNq=O<*pw|#2tFl zS8BBgeUeK!>G4ivUo=whJBv4#k<(a=_NR5F><6t5_QII8Qx|_cdfOA@Il0kt3X{m> zjJhoYui79#*Wb?C3>>>Q_n$r&w087d{VcI-NlgAJ-tDXrXKP+jP!C(#-H&FHnx0Qv zJLhJmE)ejqS+~XZ3tMChu*`pg#s=b7&mkzeY~)EPr@g$gdlKBEuf$TydD&?iAmC-k zV3xArt@`7up;jmEEE<-q|6cj_PSAnZU>o*xAR)-50B1X8JkOhzN|O`wxPNfPbe_H@ z15{L@yB$Jdw~=IvPmK`i9%LjeDoZFuPQfoAGb)2i*o8f!>m^{4G8z}D1QGUOaDs%*zKd1Q z?JmO*CCyOaS%Jw^oQZS}Mcn;3x7)kIQK5x@F z?x`)@u6;;j8ckguL#_C*tXwi3iwp-#Gnk6=%kpJfjQvkEM43!nKA$WYSE-4GlcKJ7 zZ1i~(gVYVwR$R7Wo>Bb0XokhHGV_;Yc_y6f=)BCxmrP$K(6$`)(vy1>%L%LkfE zf0AQHG1+A@B|{FH%%`?#%1LIwXR05tN|$MQpxR_~Y+3TjM}uCR0yeeZi}aEKryVqP z`O;6#$C`2cS^4056u?2HlufVF`(i^0<4B)(F$`^p*7h@QnqsxU_}g%01y0*SVRuQ6b)>)9v{22UbtMo0?jZ&vzwvH`qL_-M4 zDPzm_u~DNW?za1opuWe!(*s?q=y+SIO+>a$CT8}HfbTskO3S{U#GdH_#rN^(hi67o zcU&DDM5iZmdb`%&H368=IX-t^TBv;tUrSdO4;y)@7N(w>OO%&3c5R=EXI$~*TAtVI z=1*2e0+wPLN8uW}BZP?p23Oc*p9e!-IifOU*rU>=*wM4(*iq>V2r$i* zU=ZNl9#N7lm@|gk#yMip2siL{G)J zU zn1!Wn^I|<6j<986h^2<^{o)tLmsQdL(Wr^6ZkC3~`CuUw>Zb)9SkTY1Yp7b#t0pE) zm@cSSH^4ScBG6_etBHoKqs!OP_$+EbKxkovg>&~$B5j4SO(A}|DROlvmhF$3`_R@$ zESzJGvB7)FBS%<;?PIL2-(n3hRLEq9uxLt0$7sy<_T*>285!H0 zgktllB~fFXa8h!RGq^~A1_Fn&Z78+Y>$&Q_Kk#TXXMp> zQFhc-JsDm>w=n`i-=s^#)0-FL5CbDx2uYJ8m{#XL6F;uW?8L<8*EtDaswR$P`UB3` zN|o2rQLzOMp~)Cgn>hyy=YZTE`WeZy_kFQRSjTR{_Nc5)$=7d+!TtSfBDPjC0&+@* zSDobe7lrf({&Ca#!z;ZcoxWFb{JP3}UsE+&xIazWkjPo`nj_4azlpqZ3ZG-$e4;9j}wWJ+3E z*srxUqg-sr!r3P`HYUU=gtbfIsO)Bq;L9+Bsk|_i_G?}U%+Va<=qs3i73#(KeN=+4 z)*mJVld(-+82|gP>LH-&g0(9bua0K-3o%|Fjew5#pN7JWCG_2QUrx+|276G7Cxxj_ zO>E*`bBI%sJvF>cS$4(t_7?wjJG@}_^}MB9Tavk4%FEs@!b917DN-tnB!`V&MufEH z3dVj`S}la=VXF^lwq3r&T@!lC{CVQiYD6jCpovA7@vNMRb6!Tzi}+8l*mcHm;LS;6 z?=SSEojR<@9ClQ|PQAK&Q6vJ%OFm;KBEzSnveofT862+In%h&S&%CUuX_$v;-Y6Z_ zhuhGoiJ1mp7rxp9dr_gZh`K@$n-O(G#LLH*+3eW2_m$-Le=V2AYqwThCbDvD@VIPk z-j-E`84l`iHn!BT)~J@#30BL-O$$5c*h&=^T#+%Ug@HhSmH2332(J<8L9T^#1R-K&F%q zZKkg<*)!RAM6>tKw^en!{l(agOekB$v*cHak{(MF4}m&fs`K9?Lawq|sHDG4?zrPB zO??t}kPMl78`e(f-3UJoaaK{I5d1=S6__GD^gKaS_SIx#osl4(`A=V*+H$YI<5X?0 zo)DRi$8n}X^)aq^qhcz$JBQA1d)=MbcdAz?<9#8j{F&)>6%oeRQgPxTtwB+0->6J9 zTHH=RP-}`?kU{EKV){YV_kY$E?jkFLM3s84Z1G0NxsEcYuAn!+?eR>Kxzebul|Iw6YqXzff;J)tw|P*3h9pR9l!?_tPH3AIk1|%qL+$u$XWp)R=sqbv zc& zA^x(3tpHpxwHynFsZFor+7VAutvBye z=Wn&5mf~Gj>Az1pKLgJkjIB&8w?rj=gr?!Att;@{B3Og;tFZ~%Wh|2dnGNh!YiB3c zLDwlz(f%Og!*SX+5uI**J`BdHan_jLOLca&3&Ii$@pX*wyo)p`TXQQf*xI15Dlq)( zRgKg*;)zboUO&aps2eZ~4JB45GYUK*{|ai)1GX*B>n=`}Ney|O-trn5Ul0zn-1M&0 zRzajD*F9nysI^Cu2lUWN^HXNh;D_k4v#L#kq;fHXr2GY)ftxNjk>x{y8jiNeEr;LL zoD}0z;Zy|u?iq$|`?fUy!qH!VKK6!O6JK7N>b8GYATB7H<#Q_g=9;5`5q?6u=r^Az zXU@^Y>O+p3_lFJ9?yR?6PgxjCfoAW3n58E~3WqbXJBWRoQ=)OG#>Djgq0C^qNOq$q zZ}$R7NXqNUQ`A6>7qdTpa?HqzkoPiNu!M-2?x(m52nPFXz=Lp1y51pk1o?av__0^k znrdtn7n^8ZU@+|xS!QHglTBD%@0oB@$JwbDJ;K8Ae1;xpvPofdRmpk)&yJzD5uhz> zAIizb!GA>$Nf(`5_~Yn7#J?VU*Of!}u2i!Uvg+mIzbQ}C^kZIoKL(>^f1Qi}j)g91 zi^7Pu>y|`Q!N04X5h$B*aJheA=1#jEyp9;|1c8o+1H6T(ca;=UYkMqE%e6}Kkw2(qQ!&9%*}8#Dfr zNljTjA>vmLFfmjXGhWyGwe{j+@ED&dKs$?TV6R)m8T7grfHNw8->m!IcP~(2rz;C} zUT3La0pr^8%Y7yK$Rc{?lzF9+aDUM52V?ve3%6JktEia>Vr}P>WyAjZw5fYEP_Xm{ zXF_Bq8;2t{&VH{&f5EnG8f$g@7ZSf?kJn1~5QIx%!)FUUuPrLSJf6Sf9n9Q!)(|U{ zhmXjwW1&q7ur8wV4Gi~-Ldt7G86b*sxtn!n!|2L#&+bA`s@^;|LEGN;{c#p=O=YB< zKEH@PfKT{?8#a1rF94w*dx%tCdYnwqM7gh|SGj5DOfdu7ZNRiP)xs&22MtxzM5P_hi=MCo6n-XlnS$QjEP^E>7ojM>!okct4^!t z{>#GQjriM^cGC=B&QifqIr#<8kM>nT|L@v-szK`Fbyfcl`7{y@7~2e9nLo3D2oMv> zwKJ=8T{j%OCwfXvzTl4wl{G5K>sW%m5M&Aq4`1jJCsj-8`Uza+U0C4JcrXj`SAnr7UD#n8_VfmuLmUfFi_1 ztJcb39AP(&ye* z_n`X0MfQc`$pVS^RTHBLDF9>4D^!%$p;H%b`isA;c`$Be?sj}<7I*efjN2@B$L(Sz zW2+W+7eV~Ac^90wkJqlL7uH`t(Txj*62EfX4E|ia^!+KSF-ee$eu?5s@O#X${Q|@* zAHJQyzTjfN{X{d1-sO9hb3z0mhH}R`AipBTv=%{7)M9gT?!Y>qpfyui?ANL_Jy65vz|7DbfejAOVy+fm`gc z!D}N29z&Hp+b>rc=~U@zaTT!rPZ6U*~;_qL-8z|Z$^bgEcuH5ng{*d`LM#{yY^$!9G=m9tMl7+QDadCYrGxqXRqGKOGJl!%WGXtR&+SXr_?cK0Mb4zAn1AN`{1HUKx+T`{ zf;r$qZj@#VM>kH!Cj!^%RTDC!PA>iYWc?|N(6is7f6ta=;@e;4xZ;d9_XHCwXXm>Q zTtr&t4PV9G??dL@svyWM#dZ-%`7Of=7!h}jyH^deU+}ejjShwSgL=Myyen4e56Tjc znXdNmI9hTrwYt}U)6lHqVnG|2;`D`(+tT4SkdQA?8YI53loDGj!EzUo}9l3s?>hht6sEZKMYxa{lC&ZN?9=j+5Y z_aDrHTilZ0tun-Ftl*d3r0PVKVW0ZCf%B_>SCk)B(zx^MAyM*sy1Q(0&$O-Kr;}C>F*H`~9`-v{&kI|9rhJ81oy|iec;vOkNm!6QXIKCOO&(fj@ zAgG2#?Muxy%8X~NPM{gs+L5x{nd>1zqPOICO*aqoNPD_ytEd`qP^x3CUbx~>9)2h$ zUoLMy)EDvY+lvZxzgp$~K9x$?y09X8-TS3Z161q}RMB?Q--1=SyM6@HvZ!V3#AxO$ z_0yX4liI%UYDR~gAXfhl3rqkfrF$a9af^9@?Q?#=LIgq4R(jmS1gX@+P!Vv zV66}k3muqSg__l^?xijBn&qJAx0wo*dZ{j$#TBwn@n$qMl^nCAgmIg^Ku$8ArP|2k|2(0(?S zT)G$OBO9&$BWxKV-Hw558nA(dH-dT z?ROUO6({8p&z05>VdslEGtc&gC(zF$3gj8;H{G&u;f~!IEExlDaT1BHo-sIXp0LVl zC>EXz{fyxiho!VI;6DMnM&fWP&%2Z4m}~%*4d8PbLsXcWh3lC=bCp65d3j3s0##vT z4-f~DZ2$PBvoy4KR1wK04bwqm_>o3e$$!6(2Qk~qCf4&GXyb#eVVYf=^vXvtf?L?RV8E#k(c49rwnK`!EabRCXCsjd?pJ>v-d*^1Rs#v`G|3s6jh7vj{ zgKr~nbu5(s;d2xeM&;1+lNzvMS|W#4`{=^l&9Bh}%(ZeTjbXkC4h0QTS={gEv0}P{ zw^Jw6tpQyS*2^Veuy}dG#vGo@Rc90RQp>mmW$u4k20KcQZj~-;H1^A@&}S$r%Ng{rlGY)2 zRJNLC(u9bclK2IPDwa56BLy_qUnP5$z^*<3(R8ul@Gz`>|K1q@mW$$APJZ?8zREiK zwLQwy9&6wER#3G4#4dmScHAcd7ar!vne>-n)DW?MV7*`OtXK={6)C*-qu$BCUgj*3 zso2I{HeEo>aF!_>-rR$S!-6b+kg^s^Z~6961vydzcVrR@3F4kS=Zix?)xSWYgvoZM2<;L#s(THEU1e=JjD+weWgH?mQ{fMG@%4KuXV zL@1Bz;DINuDq5p_+Af{CfwZ7CzsIe=i#k?Mn063EB)Z)*W; z=4W7U3?^hfti~_2XcO5n%_rvZIb*#hCS$ME97q+{zpOE_JV=-E(*25|1|zdkg^l9p zk*ep%Pc(<7WFH#U`|g{MGx)Z~)Bw7ZX7E&wO+ylE`5*<7HwFDSCiUMyeDPy|s3^Hl z3uFcDYbmQSz!B&A^qO9JZUTisgWgY>HSq`mr+ko!6 zQL)|Y(x@x`WmEN?ig5n(pIzFDVDZsJ7n*gi+I1Xl37v13YLLWah4U59-mqWbRd38@ z1!PjXB~gu;tD3diw;r6GC9TxQ55F3f8G6e>gvvM>EVuxFG=_De$h*E^%3#?3N{c?) zj;yw8@^`bRazgtzj7? zku?c5yW~-kBNRwF*3D+1Uanl~9Q$WTB5t|SCC@x@^P@J{X~jMN^w?vIy$tI^h|6%y z?V1s&UYz!{z4CQ25jQro2zq#a{^eaVLO3xwj>^~htKcx`g@5>jAd5Kl*t2@0^1Lu^ zkW{KRl}CAFCuQlFa8`g0SNFy27akL}V#Rz~4xQ^}=AXh0)0DNt0n$Y(PJ-VOLR~hu zFo{TUPgodt8(&po=opXArmnUwCy$4SYBu6-`el8q#Z6jWs#?;`??zjH>#=Hz$%0sB zo*j!3L9T-$N7+kqi=v7FQJJmXJve*FsckE{&L~_v0JFWM()jH3hNA(k6zc4XiU~GQ zY!#|F53U&Z>-IMDebw-qXthKrod)CnG#jsA8irz_!H z&3}97a~u0odliFyi3nJ97(_Ac+}BC}l7&L}N1~KEEdQmkA0@HAhWBq*gb{Ny=;&I= zRgQ;5p4Y+aMg1l^yD`8L|5Ri4afUpRveEm=n*03qr{uu4#ej0LrQ_=BVCND_40f^T zu%g9rw95+Rf2GKnn^O@JM=wa$OG?_7gdjG9=Dl1%VAeI<4VE4()e9#C$~l zjr(tVJ`f_&kR$rd;-F#8WJSu#@adE%);D{eAaQ|!m^p8@s5E-Ll*1_tS*+!@n+!PA zOG{1osQ1y+xvIzLe#(tLaoPTTgCDFjJWjl(&=wWaD9eEOzVLq#0Ix$S{bwb1p%Uz8 zsE>pn(Av)u`Jvy~82>`QDO=PU&>VIiJ@(J|!}d#|+r$f96=-m?QSwX0&}7Ew4g!u# zRH@%LWdsxhWgn+BrbG2XHE^H*{t57TwRq`!j8;MBAPGT9UXN0FZUd(T=F%jV8$!M4x%TW_W8U%hp7D!U$|u|;+c4po>F>+8Mm z!6#BwE04XeCNur68Aguv)$S_?)V|jZB$OS(RL2w@s&^Z`mEB)?GRvU!$h6^OSb{9e zA_E04GHQ_GmhN}Qd@Jp*mm*trZm+R^lTjH@(ZE1ry>Nh`uO4A{-t=nRQ=_y5^ik}; zPD+y(#8@5hE&6W7(`s|%=W!r4$Z5(PmLn$wq()b@);spN&c$)%)A}mWRkaiuUIaDZ zMD2mV`4ZMNxtl6!kt#xAM? zbDCCJtfTs!Sf6e9ITcxLseqZA-9i!HNItW7_sxHaJe-Q5+jq zq}kO>Y>W3f(S^)6KcgW|PJL2_w@7S8`LojLyHgU{vqlTiVX&fZtWbVNg@h!frd$3q z+f#4NMdwzck_v3|J(kf07ARO1X1KdC3C|`s>g5koBQr9fFY9!uLB^s!;N@wu(l{cJ zFkPYzmbz@v2{Nw#NNZhlI&c-rRq0~U^`XngntTm`a`whPf9>b5A`j<(VvjyY%Z{=& zdB65~B8F=RpXyB?e0WzbpixifLr)>?y2Rf5$SP0yqmjHcUWmcXUrM0gUsP0(>IL1J zK!zsGS_RhX_f@GL%}0BQJ5D)U$LMg)QN{DSXS~HJYf#h`+4#}{bQ+z{Zp*BSP%Cdg zgibKu`_XuaC0ALcZeORh$^ikP^baOs)=PC_OOB(H5X(SFU=sL1VE%3CAH%gIVB`}m zgBrw=tMxAH+A?f}!ET7k#>0Iuh}6>ia@KwA{HnNs%+;ZKrS*S7{Srg-GcSPhq#BQ< zvLn-R&Sja)4;^<~rwyV4+N8AXrm6-%W%CV@2HZs#rr6}Oh*8in%R`Uzrh{}AgPzrp zXiqP!Q{(sWRW9qi(Qp#c)GV&v5$4w19n7;adrN9UbSkP0s*RABqPM6LIh=Jws){}* zDD3-&G9T(UuFe-l$({ey!ghEy+Gf4VZ+yirycQ$V0|iEwK>(Pg!^)(f-H>7dvHtdyF!ZeUw{Zz|(=XG>uytC~+255n8W2?nNd6dW)|i`lMfXu4avJ#=?S}0T zp_$r|L_XRX3Jxgn%gU#-CoPCoXuRjfSGjXvE5ip%KuDs?_AWB@jZ5`vH56}tk^WxhhVQs+%Xsum@L{nQr6X-_wL zsC;oZkGo@A4KX-=CG4o`&=PG_(5wlOsRQ679knz;26&ede*qBvJCAJ*oe zZ$DM_cDpFVKS(rbGC9a;g^VCPNK~{-4-d=>*kWLREOJoF z;>uP*!gA{McH~fTK#|jvZG)uQ#lV!5&+}@SJFM^Q*)~1JJ6q*WFAv*2J7tZz>Edtm z+Gxv~VwWM!b^e!g7liOIvei0K?5OdbPjR%Oa0&JBxz5MDxj4e{4Y`xdpzxK3y*FFbtO!w@biEpr>WX% z>LycHOo;07_@;dNL;;Y*Xs+5aye!GIr*mz|PPi?=@ThN(<3gO4HrwanTRMHW9myE6kWU6+t2j@TiCT;$CmVqPkn=J?3=iu*i-1$dfC+FVfikI1l1K7Fnl?dd<_&xE?HweuGkMGaDmY}H&f zZHY1zR-m#^)7`SZ>w%On*1`buwm87PzX(I*jrJt08xX*@H6(Q!4e93jVMcjtfV1C zq91EgEjDwCBLg0VgUGarHSO}}e^N$tnsoG+xIdVy57f_94LbLpxdQXyb(tzKN{@)W zg+*=Vuqtt@g6k2m&c!Fu+rmMW)Zy+kBiE?MbAJkxwpY`|HiygnF9Lcd*0w{<(_u!= z0Cj(D;|h2)YDfcb&Y&P60A+m-a5wgngBZRGXy@Hz-VS!FsO6(s)F4JiwiR1=-KIhu zZd3b1HC*0RUt%S%7D2i5i=azg@AsrMze;Gb?R5|9<#qlDQZ9+5$VvacO_)((EbLZAo zm9E*%tW%gIp2jGi?>7D@z*0M$4P_;kP2E~->DoBLUMv{U1#@dv#HQ5XQaZOOEg zwLMDn;H98Pewmh3gxLm)R*?I2eE@_s%9}2To(32$b`}O6alm0r!^T3tYxam)Cz~TI zn7?sJjPGpziP2>LdK^zh9BFTedkft*+#V8^gBAFQ_dvM1qQXse&Wf~;Tn74O$!?@} z)}9hw=23)kLy5?5bVm*o<{gmJZzu743Rf==i?LNH!Paucw7?H+{i%)RlQv12p)qo) z8$D~-^;kQ698Sc`RwyD)Q&dLScbyr}*t@*{L@NxOy+uW+(88snwjXVW-$xG3ykf;Q zfAF<9P}{cHhv9}3xy0;+dFKv+XbmOw^HY zEO6rgE}{AHsn)RJQ9S$rBp5{kcciIgA^e1e(kF?;=`_n#BL4*c>7@Ohed zqQx@n{Y;R+(`>1B2$u?#8u#;?J_~61@rNXAQxN z%y%|7I83<}XZ&5BA7}eKUodgZvMY{T2Dh?+dkSJ%NKzx1e}8g;s}UI0t43|J;=8`H zllH}8>VVlb`OF{hHCVJF=Pd2sjKdw7W+q!}08JS?tg1$SSE!-o!kg-a3dJ>s=L61e zKpPz#FqDSGJut!&ap>f`nbS`LTus__K&fc%0B*%aW{#Ga8uAuKbWiW8D-+jT-A(e0Z^C@L+ zWXfPHis$WU{%#+bFVpIMW|T zTOp)N0@9Zn2X%)5!a3)Yr;GV=kb{rV*g%|JsdS1?tKF;UHP_?UJHyE`W+$Ut5LUJp zl@IxOi0ix7W#V!yeMP~G_9>MrYN`{HFRe@fgVeKjta!t3y0TB8X`n8dFKgd2?eeI& zidqWIu5#dfS4tNPnjgKPE88fETy^Co&RRr2VNT=WBm>yy`dAg%q&NW%NEWuLxa;ax zcK3D^^IiC`(B<8F3c_cNuDtDIm9xIzb#7Zc{AvjFj#Z83ZVkMe^#+P^*VQ}{ZEwPn z{q7>cGtibnyX8u&=F{)a zCe@Td>yH1a&tLO^j~}%3t0`gqUE!_W{{hiQC6%h3=hlKjH6g!zdU1X00hb$X@oC<;nIfb0-F1%6TfM7~!2 zM@F?%J?I;bEQpKk$_8Q;J~-y9XsV0ddp$taeKXOC=c|;-I=iJ75OrSaKz0xvFgiNV zD7D4GCIf>D2F|+E@82jk&HU3)%WLy7m7i!u_b@3a!UMP2QHgYcpY$8a7+f|w#Dwtl ztoRs0EO;|Gq;h`|n$=U1UUi67{28Eft^c2ZJ0TLUOVX`51$x2CU0`zEN~rI3tu({k zOnn9P{pGeVTymc(5ERqmhy3jVFCW0GQJ3WalSaKZdLAkM64qz0G!zEZgb%N3%agvU zWqE%Gu)D@WB_&KztZ9p(U7PR?R8e^Bag@#jgUWkSzXtMV7MKT~+%Z|u?a1;^v%cjJ z+ZFl$ZlQ|qWU$_>d#n`5k1;|%BjUweiKmyH^{L4Fy|VCMwA;Y;lt){>zu8 znu9h+--1=v#~O%aEsHF6^J~DVWZGB&sfM|sbKu9L-^ipITyG@tHjN5>25Bt_qD^P0 z;~qY!Eq}e5zPMD$JFg~Jx+w&maX+@%of`?Ts!v3L5UO%s69NV%G}6OjA~S4@-oc zzw{WZ)q}JBf~0taRE_C0gYb?%>Odia%9n0zX!e~2Q6KdP3KA<~#^O{bbM#&3-KwY8 zcy7n8B^RXf+p<((1%7W!iHzvVQs0dv7A!^zf-Rn5ASN59gUQio5!`b1Nd-yez;@uB zZbLd$rEvuywqh+QQ25@kx}>t`1CB4gOFStMQl5yoOREYe)|dU)`D4Hs0Mp(O9Wsd^ zH^i%F^}FZ})KVhymRD$Z|6_*;K+%n95&_<-Y8t)YNcEi?yc1plLoE?&qhl!~Qz^Z*M3jFY>}OP#Ho zdz<+F@6V5UM~V$m>AS2GYSZS9@Lu%M-PvFMuO^9`>{XW5kIg0&&wY8p5gf@|0`;HJ zLH{lZd`sSQFmn+n_4bIRp`hdczk{ve&6X!?lV{Z`?D*Ct&CN;CoizW1{wH^Xf@^f9 z$=4R-NDkH2lH6C+|0&|%UuU0M&0gAIZLIAVI;>Pny$G%oc|r(<9mT8MZDYP>Ec@xv zu*|7fLRh>^+6kB)CZosyhk=Xoe_{a14sr)SvDTx$rDUqo{ZUQPIQclr;KDe{Bo@Ju zW^(d*l+6WUl*8qXDNzeM-!a6ER0dZAMJx@G;nV-bLiAe{=Kba?npK}XOfJSdn|^P^ zC8Cb_VR_ClqQ1F=60Su^rsxHDAa?Wg@kqWx*L!sD$xqk{yuh;D8h~8)C4Ryc{FsdR z0Q;Je@Ty-${x&TsrpmG+RfKSY{{foppo2aoFPk$8 zc-?~_FQ4FO2xG~q7)7Hn<8=&j%WY1pSI@a&ZTEl87k~id*a{32ob~w%%Ko7vbG&${ zvO^8xE)-|o&*N{sumq^aqV{^V)FvEw$>eWxglalaUJS+0DkQn9OsrRhfBI+3WO{}P z)vfeDi9}(Vdlpyyk)KOM4jMLsZUdftF;_uj))E*etzWRePG%P0U@JIRYux|y=8<%Z@Jg>8a zT_cE2E%nR%hq;A6XpTCRSjGDv=9<+eMipaK+rL*e=M-I@A*9UT9+rd?zrHDBNCCz6 z*iLcW@Wo8&*K?$?C(Mtzu(fhGI$wl4r(t#=3ur7ev1*#;%F5j0ZtSCpcuc(DvMy?q zFvFhGXUiptSa}gf&80`#l@pHKmIz>gWAmR5VvlaJ`IREw*Kc~|Vg!c&mxR<@wrQ^{ z=zC0j;b!6RH~D_zW#7-Ct)H=ho!OGt-xQTkEaCYp(su~h{-pd%9a@m zQ|wYG^aI)~?vdH;E?5&+>tT4*fkOML;z-FWr-U;;@`t{x!ov!K>@#id76Nq7*86uy zM-FtXQ$7)`l;uMyEi&O6K-)Q^D$P^ze<(#UHTh;wOn5lEey$3J_}U`@-Bd)E4!xG8A1t{^BkfB0HKs{zF@GJ9R?avCC#S zXv?;R&N^f`uerHp9XVKuMVk{=Bc?g8a2&~=Slv~C{9(Cp^P{wsntMz_I9+IDOJ3}P zi9z1dw|A!Hdq?yd{1fUgUo?iy(|>7f@BY!V6a!{^yg81&P7>rDn|8b(L_=3&Ms;F0 zA|;s?LH`NU;H#OSsHtOfWFdkwv;wF_cEYCGQ}L|*V?WHC^okHhu%(#C$C|?W;NKe! zLJ^>x?nvm>P?1MD#$RJaHX^m7)UhLCyiapYW}6CDxoaGM;n-ool85~B6We(VrFb1a zu{3@l9h3wwi3LcpsGxgqz=9k$trl1P!zg}6Z-!9KTzfYX40N>oA4F+1$Kp{MXz_u5 z?MYcZU*U7_qsIqt>9MS~c+|uQ)sjQ*>$>y@YM0O&S})avi216rkMV~66~5{_%f>c5 zEx7uAjBAz>b|{(i`CB-g@Va=vVzMYZR1BZ1vv0d(%`}zsb6%FsJq8Wh_H-yuN)4_O z3ieC{FnjB>M)g)_sXnW^0oI0nAFJOSh!Pq)PA?>~kN1`)O@{^c@6789Qo*>m-zP-) z2J7ecr_$jrob#eBr2hJ>t|6%Dd`Tk_NyFyBq`x{4gB38l--kEUT$Kpr67w^~Dxn+8 z+kL!0-#$mb*VL`hn!EMYpNjj5Z!NhE7F++{Dz%-8Di6a4$+apN$HKM+d(?y%sf#j> zU;8|5jaZWOWt|sBTvEh;9hB6M){2*I!*jtB{!=(PI#tbOaC76dY?w(&)zS#IlV6H0 zjT7I0EUTdTllZDHJRu;cqz=hQ=hw3PD?i?j+CoD(X9ZRD9l3K5%>mNDOtwq&sLa6Nb~2@Wf~ z!)AY_)e1VJ_;7+zWeh52sM|-2Dcb{lW6}S|(^rQ@xpi+JMLF>F?id85k?xLfbKdj&u8Y68X7)U5@3mLl>t5^GuXu0Ge^O^w zl|rA(ArPc}(8Xt4w%+ofkqI-nwOS#W_)TQ-He->t7nR@(b{Tcvm1~Y(YW=bXBa$rR z+{aqkTfDR^WD=xbKK_Z*7_y5gy+%*@&4nyq>Aw)~=Toz>$u(*}R?8Zpr@!QYO4z>8 zGP^izFZIthg<1-E_UPt1{ctXIx7@l^k#7>^eGD#yRsyzZ%3CR&$(*c*QaZFwvn$ZG zR!JoVsYWJH3UrgaB5ov4M6joiU{ea;=%y+`q@%KwikFRhx{=vSkKEZrqbMjRdgB60eN9la#;f&Wp+61aorbvFO5)j1 zqY0q&cX@sP5dZJ+jl!H&KCbyR{dN?aNr?4go`!YiL$ZFH1+3xCKN5=$&Vroqh3LIb zbRl>>uj52%cOW6rtiX$Vf9jqiy@N`hLLqy^uyw&jJ%Q6ujd2Ud@!34IBuYUU)Z3>7 zLa&nehZ{qa6z2lt=Pio5iD>r6w0J`YzeR+xfg*!0l+4!Cj?b(rZmv@62HP~QAnv-Q z279`=&`@f2ylm44qf9Xi#t_1oZI}}rHXwrC$i!0N1|w`JSQU=!P$^r+Z*blhN%T(9 zZh0z;A+8iSGD%~onq5xsGm%C`^4#m&OEMNo6OR_XQg0K~4F229z$afO_@FI^`uQXD zt9R>u@&C$OK%X_xs7y+*Bgd36C;=8G0n0M-Mm4nD`_IKv%-rOFXYU+tme`0O zeOjZ3Bl|qdVu!dg%V?e(nOZEv`dFR#YuX)@=FOub>)@u<)`Io+$Z?|bpqW0u_`BQ# z{Itfd38ShDbbqt@n;ZYx#DIonjFP=8c3Owf+l&m$Izdf6rKdEGUt*g($!%@zmtL>g z%6nurn^iGoxaDzhwMs#o$-$emopERpRQ#DaT*$@nPL};jw7`0i7jKn)2mGWO!I4C% z<-4w0UvSyHhySaO18YXm-}CK~8CWc1)7$uEDZy0DrIKaHqrf>qCriIiCyL?}#HJ%$ znmYncl@{EgWk@a~Cs=~?rAq^>1w ziV2yK#M0mDO|9B7*0#xe;+vPwkuVZo#UUs9D2PrWI}st3rKgpJ<)f!ch}_(@b8O!n z*CntiNm>hUvt#xj`n2uUyPLOUeJ4a)fT3!*A*fV_#I?#^&Rmp`2n=tt8o~{vxQlFK z^)XbPaCN1bIYFV(17vZh~?3+7*fXrt)DODwt zHFtFGY9xi%aBVGG1-E-UVS#?rjb^~F=3S9{7Es}@ z#!K3E;vxEVMT=m*Zq!}y=-GDeQqL|OVQ~rBIl4k7Mwocf$Y99jmU)6GFDs$C8LqmZ z52^Jc4Ks&_{3_9A^1Nfk7G1m--1ZKK%9RKjcZa*~D5#17rIXTeckzqBG=z658O<#? zAKAXk8Lpvyef)Cos|;_kv!vN5VWE;o{=Kp#qT@o{Wmmqul}h>if_c;HO-5srbyYjg zAP$!TL-4s!4R^HWbCw>9v-Ath8eeM5=ih?jep&Eiarop64%Mc+4!YP~3aFQkOl~4? z<<06+A3LuKJf-g_H1z9=W2r0Ae|=Nk>>np*p)30yL&1A~HF50@>G;~BkO|oXZD_{Bj3GA#dnUyGqbNbRM2!);>V1+Yk>Zxr=%s&~i zP{w|ar7w?o>L?xe7ZVGFi+iIPA?NrSp{H{yQ$du(9|5)Vpm-#g)4m(p{9>Y=L4r5= zCX^zp`Fh_-wyUsTRXdIcNuBV%MHw!26 z<)KfoiiYbx^3f|?D@@1bDZ*%+%ajBkQh1>h6=4Wtu*rnISimW=&4L{3j_XTfmS!7P zGbk;2Q1Yyp2a1$ZGE9Z2BEt#O;3b5=j8044xm6>U^=q%> zL#8Nhp_{j5f(lfge>%FuOSH3KjV_7QBUTa*qy(ixYh3F9*t{bfd(vSM;!1LO5P+Gu zCeSB2%RSohT#$35;=pM@3I#jQ;(44`;5>)E=Q&|ny?60xkKx6Xl-ccbXEnlnthx1* zLt6O_lp>b!`!q zBdL^2q0O`Wy)pRVc7@E6Q>#T)R?wJ$=xdAQ)awuKpP8YZ{nhzoyhv(meEp-;5%p6B zQLNf7+y{5%=q6oAR+(MP@spdgce6q+EH*||uS9NZeuuHF^c7zxDOuQT z!^#?iqfavMqcW?6af*uk4J4+dv6L(nsgMVvR6(}m^hQ;#UJ8pS5?~*y*4i46uUS?M zHFpAS@V`Mu%NjP7Ajf-^Dz|Y1L0r?cAx3>(?bFwkKTCwdkTRi=yPt|K=U*oXyIuCU z&v4W=2rFc&YRr!x71v;Gz37!(FlbM)p$0eHB>|g$Q!9}AtiiadfWc^9MsXt}W*&lc zig(<-d9xTFb2p%_oJBz)bV7Y4AwJgMFAb_w{kkFAR#G}ECG~qQg%J>PZF76>oL%{F zMnS1tEW2-Pn=PXUI@~cZRN2CZ@b;ey9sY3$f&t%bK<-tz$&BgZW9!NK?m~T_J*@{- z^eYI0wrv)Q@uRSlJcPscppNMZrDs?DgN>GLR??c#Y(x0KcL>gNj@)aNV79yRkqex* z5}_xq8$x@l0q<;&{w%M#nXR|DV!;(YM&f*8kjgTwrqR^lAl<|U0p5HLje8*Tjy`ZO z4qtjIxd*<$KU;aNM|nnWd)e(>m#g?68E zfwjRW)6UWtS7okM*z_kZ6UR)=A}_q?cqV^8dkp67Do&m1#hz^WO{CG()!!*#T@Yp4 zke)xJb@-|_g{`Tlvchr~$;!}&L+J@EUu|`m*3s*IwUTkvbX&$0`$Ti+Nk=Vv(^Yg0 z+W`&mM`gPdpJ|hWYbN}l8Cog-lR0!lL*d3}{)ewrx|p{F&z?UmYI`W;L^d<<(_zI( zE`~jM&5{bDHFW5m$x{fK?X0f*E_8^@R^4(0EdU~(;war+$d(NIUob}q zkvzN>yz;`0UZ;Egd6SrxTq8q?Z<7|kFHf?psKV%l(wB&7F}a#NbG7BbD2N_Z^7{lF zTwM=Wu`;A%A`FeV*g14sL7VbL=wtOMf{WhP3bq3=ndF3fvO9ClwU^;`Dnmo8gN)WI zj;#gkB4II$+2L9fk2{oF+FKG3I?PwoPz2>>?!XsuEhbMxGCjY5@I7?+#*w1wE&34` zm8Kp6($J`?KpzkO?*xGqsT5Rgts%5$-}wC>tD9H)li9HIBB2f!y=n^Nwv*^~%LZ1a zLI+ZHH)>%GaU`}X?S+`kc6Vz^-Ab3|OG`yZd?ihW6FKW6RR$WSG}a~$BEr}W{9f4d zK<8rXJbX>0Yw%$K84o4!Rwa9 zK5q8If}4}=zH4@C_+vRY_vO>NL8d3#qoNQWQrpcWCtMt8Q!H_qbKTW8;iO;Ula@Ie zWw$|h+-Q;vdh#%5%fQdm7L{^S?YJV1|BLcU`)>rlk=tU2e3-G(tUP3R?5sxAG4i@2 z3T@nfIo*dg%_qr9B=hU{pU9=~gq6LJE}Y^~5YGO|WozEUJt|-)mfA9a`$(2GTXzoX)K3Z-Affumsik8e7%?TBkuKipkG6 zq>@p)-DhHWG+?Sg(tXtTy2-Appg?Kr_=OLv(tiPLX@3Y8^10Vt2ghqm-6YN1ejwY& zr&-Q{lq7f{3&Pi3IIB1((@}j19NGv3`#mo?rZyT#s<_sb=mYS&_u^Ih#HVkM)!neUS}P#flA^4%CpY9&TF@sHsdD?f&l@ZnJ~hc`L(VlNpM--cVQVgI zSk*4P&b~o2oK%%*f65lwFXL`@Ez66{G2S>}5T1ie@*;T)^Sj*G-%RE+Cyq>#YrOK} zWR-6O$?kKw!LG(r*I`zb<=&$_#%VQKrQ`45tafc40OnOqfH{!=i^^ukn%WTd5BcUg$idlDvC=eRiL#Mvn7U4FrWGwKS^! zt@x*?&)VGi6C{E$<0FKhukVt)lIBM8BsNqE$DOtr+hJ;9L8y zlk|bqICN#mvHV(CRi(26_c#SHEgNZuFOQgAHvFLE`S&8hvPwQi=E8Ph2y_cW6ul9azMnC(_ zb+~{GFMq4$su(Mh)Tt>q$9Kt5RcS^6~vC=fk2R zpP#ld>Csr9x@nKYaz}R)t-cOmh&O)Pjh&GRF_z*PaZU*oa)|qJCw%ZsX^l?uepmLh zFhSB1{-ieTI)B$t^6#8LzD+2u9#y|ZiU@l)bIwS(bLyqvhdX1@NYcMH-`@IN4cWOd3NR8!AbiD^ZPhP*vUApww?VcrU&mdZq%~GZ zsq6G(R#IeIIPYv;u1PR}G1)xdl_<_MvmjIoNi`XlC3KTr{X>Gd@^V-Cuin$T@BN8k zj}z>c>b^G7$E4lm%iQvuM5#N6dZ1yKXOm=pA&PpVSLJD#3CHTOG0RWP$mmTZ)2nLX z4mr`v$%Jcbe{dFyRssU)FL_+wM_LNY%&Xi zc}KL+qzMwAzY@|Y$T?I%ZFInb<8UE~rlhPg;V3ZZEO}&{cg^R>%AQXjG)r(B%ufaV z5-lpdC!w=uVvFc&cK+#yFAmPD_7>_z0C7bLQ9Ynd#~r{&-oF>0ZP)kB zF{cu%PeVOw?7D~T+Z0^!c7Ar4V>MJN!e+-$_K1?q`G2n;d z&!=CzC7Z){K8c~%$-Ib?O->l~X=fH_yE6CWcfSi#-?^>NJ0$sQ?@yVyASpOkO=Osbd;R5!IP>(_f#ZnK)rTd^C( zpJi+3(`CV059j%g_{zpeOWrpZwifo4jLXN(;6ad)bcJc|SVb3ErNerwJV?+bL)5)` zXK)b;I#}MuYI7qm(HSqL89NLdGe&B7k&%S|RkmxjgukUivzmFsASMs~S1itsC6R}a z?Ic5xEReHiR6D`{)qs`Rlg;R(Evl@?E$m5)Hu}{;h4KCmp!nD57F9*F7Az@fpMLI0 z{%_?bx#jV31|yX*j;xW>+>yx|EIlk+NS#6M|f$t%|8o0u~8aHnU1kEp`{@*Y5o+0Ptt>_q#3G?-=XT4slpbAs*8X z6W?^2@}{;3ifF)pMfmEzUYBmTb1vhjc9SCSnpo|rcnma3Pl{`y|BB(`L>WIMYH}Gq z&6=p7s#hPk8~*oA8QaJg`VAlHL9rkG|D;UVS`O0iufg}-!Ho%%BLCmN3#<~`%y{TN z_nD})z5I`}AOpumiao87hCv9Q)BpENs_1_UdYWx33jTcf@A*4sEd>3&wAtuEjVsBw zUFyGMw8#6+cdC)0*I}R$gvj-g0Mv_rf5{#XDI8x2iTQD^Q}SyOG*8_>DPS2mM^OBb zih-@_xE|~O;r;K!9fDs^pZV(L(5GO$L;3Ido4jk>w%=5zY&XQQQF@R4_uprq6nDR! zYi^_^p|_v)XaD+yKgahCgCdngeJ}BLef6MILxP(rqZy%EonpiMisFCI@`x$)kMQyy z)`IAn^2%+!>iM$~kII7mW=S6eHf46QoZlX8gGY41?qtv%=p4#-lUC!M`QHQgMAJLn z_3J}lq$)sPyow5TkL$?*-$|75v!`i*3lYwXreW;RpfyU#I}a~Z5VGU{w|&zzhx_8p zhtIgC=Xqy{Q4Z3E+A@&8*0(D~$_wCXY+7@!xa4Iq6y`$fIw>osH>3_r` z$*4E%1@j*v*^Mv2UcO|+VRwK1F_FY3BFW}Q{T@4@KkQ$GH*t_yxQ44;TU6++=B9+V z=wZFdO3rgIrN$91vz!Tn$zK!QGarZ_U!NU(`gb9&3=#KCVL*0>O^~nglDOmewHWub z^=>22l>T+PfurP`gKA-W3xgxxl0vBkRwwlpZ3qk|+WOgwzLPgep^_BVpPMYTF7otV z60RD0Sv^-;#GaNw}i zN)I)K)%79#2M57u9k*ZKY)=<`UTF`xN@Zx6HNLGu!2SuhPvVow>ej^C>&n;P4?%u! zwU&q4+-!vAc6fKsJ`mf+6_9&cgDwww9?nLsXPy?}{Ov7Na40vE!dyAZIkToyH9IbU z)rt9IXphtTi~xnyF9WtOc_uRn^tYNLoe(Pd^=33J&)V$d-erWbs4efWl-?5<9xNS< zSNk7w#Ct@<-A#9lha7Tq$i2TEF`#+8M3O|xR*S&4qdaI|)U3Eq5i*;>Y*XQgoXk1N z?w~eji;B*pQS1Rxl*U2X;e|u|q&Bm|YG;WGx-h(LP1bQ;m61h4Lk&9U{P*B!K%_XB z*-L1?!t+r@2_A)Tu-z47Q<=`uthQPjZAODil~%%?=Eo)df9V>hk3m^&C=N37ui3?x zmaAGG=a9S#tk3;8VzRX^>Et1FAa^dnBz89$ zK)S<21!!-hCc3KSh5hrSTd#Y!^z3SyJByBY<^xH*MLQ)3Gih(!t`%Y-!LkH9-Z3^Y{jY)`=9it(D%Fb->)So z4A}3&5cPLo=YU0-mfq5ADv72i2PBi5pT_zlSk6iE&gY7ksSnTOJsxAzU{;P`pNHQN z7i*8MSnDRWVN-}cLi7bU8RqoP)hQPUW7>ZK>lk@|JER;(qEoqQMJ0HY{00i)v=;KO z0OnuA*;;g&V)SZh4%AlYG(pMgPy^M>0HT(44DeOipI>k#k%t!p1d(`$h3 zk^SFq@Rq1!ZNofN>;u5BMEh#9f+oVT^nV}yRd)?3e8z+YjKW6?h=kt!tXK6AjWZ}? zF{t<}0Dx|nC)g~Qoq#%GRk1ikr%=*Wt?R))K!B`Mo=`|-zIY_#oUb!+ITYLqj}#qW zRsK13NfFIKZm6R0{c`pNV;q6ktl7juLuN_ID$2fN8a0W{O@3juXk-qjTHaM*ZHE7D zGl-;>;j5IJ|7gwR0Yboq;B=UE&(Q~Kn1V&tMD>l<@Pf0Xx_%PjaqTUu=2XRrW4hZp zyv!B)1RB9H#B2;Oh)hQ7&vt6db2ywocE(VPLd3yzpf5_kGe}k|#;lYhOP9)zj=%Ee zQqRfH>yf#5^g6SGpC5RNV49T)n^ar~v@M#7v7nvrMKfqD%jHP+&Js5ccf~P}@~0e0 z{8p~`xSG|PIbJPfY4-&~?dJlSzn;dU8Ll`9IXxX{1AP#q+$>hb$CoUW4Vk*#JcUC* zBpW_Cg12wO;9fY`Lu!X{UZ3AZRFdukSk{4SG zG6^VHqt+pLd=4gq{p7429GGco0W=;8nhL~prqYeH({YR0gNJh^nX6{9+05EP z!8i@pxdsDevC0h-UwNl@1c~IR*>l`NQAGg~6S#H)Cz5pXkZX6MhPKo1h{@eVcT#Np zaw;HY*h9-Nt!T1u-<5RneL@kGe(Jm%WhV#ypw?Ga_28pyhm&?o91~rIF;miUS2FXM z0XmAU`JWHH!Fbg4vxT}Oz37CN9d8W^t2HCU=y+z-*O^kuY1sr|%PJa}Yx_CJT>P^(+=wA2R;;83M0yqJLj_|X@3 z0Nf42stq!8{F8ev@{=}xGd67KGI5$?L^T*6`~5k+J^S_2HQ>XLajn1GkVgQ?h2Tf@o7FhJ}@6wvl)? z&6jbdPS+2gYa=q~XBFv>KZ>E6N-$C?2Zc2il=Fj*93DPXRk@gN9%(D*eY&?{XtQ<~ zdC712XmfA>aaO_0cCG7$)hJIL=C7o3N5?5S&JbW#+c3&7FJ>W28M{57c(!Echjo~k z$CbaZPuzy15IZ?GzXZ50LBC=OtU8O4kC4Q&pa4yREzyepwRtc*$x@Qcj6ekn_K$1H z%NK6cd0;DI6BW&*f^gZ!LmLb#s&AG@Ej~Ey+i2YUoC$3^Ekv{!Gw1A(xrjc87*T61 zYnMpX+-rJTr075K!QV@(-y<30WX1GnD?c#OK~HB<-%c9n@csV041Q z-~?1cl^@n{?aj^6L>v3Kd##RlRr-6l@QPFAut6_5uV~yPpyk7Q3hnws)0mK0VXYY_ zi^7wZTiwOMSiH@Kr-0y;h=`A60R@NglMWL{$7Tmk!iQ~}nIG&5gB&0!o6nUt-E)yt zug7^*xCy8EP9r`9=5$WMm%i16dkm2Vl}+pmGuy9Kw;z1;G7RjjHR2zt}K3eW3`fcGPc67}P;r@5u7m%h?*vB`AYbOf`KO$T~GI^kzNC!KQ1n*ZWoqSWd=5b@DKS7e&!0AV8)}Dy z9Hx{N2ufZKUH2P^?~o}G10UN~AIv4c#YiN*Hs*~2}0 zr0C@2Ycz?z3yo(ZO5R-LZQMI3*O@%LUeWOfSj$JIH)V3~i3&SS@=CZ!tmaf>0yGwX z;8IXLfqcMH7MUH$MW!x{U$Rfpqyna=4d)~>Sp+b*GA&ZjI5>@MFJIxR6Z>V%q7yn@ zeVL$RD0AE90D)}~c3PWc>p=YKabdZ+8+XAM}2kRldVnw2X@@Miqzgr_rm z!5Eiw{K(7Old0b0y`?POcTcRoNlU7*#bi1G8eQW>`=?bCtx`? zuXE^44O~@m%lL3QnR-H4Pk2XZFworZFE@Wm$~E&{=*jG+4o}zflZO3I#D_q{#h53r zzDDEjir$oVIr4ndk4v`cOt{H`4|{EUwQnYO=`IF^u>jbW>@~(?d);qRrG2(#L9U*a z0t$iDU8kfn+C&d;Yx1{W)x|bU0xAumlQCP1QOOs?+N1H)go2F0&!|}1^@sc9pp}d< z%%B2B$uyaLFYFW+glX9?_HKCE2};iq9mh{SlwwnvF_{C;e%N*z-Q-dEOMl^3u>Me! z)A@QmvdSV6v9^{RAq#s{#1dRX=g@ZUy~K%M%#KlXufj7=_R=@jbCWMP*f+ZaV^NF; zX^>$k=ANAf;z_uK^7(o+o5Lm?qD|*kuO8`02E4n`YTqwV3k!;A+-M!ih)EA(7+kk~ z1BTis4h}eZsu@&BT*Zj`jd4*GNG1Vtpw3HKn3076j4(Y#-?W>7VIfuYGaYY9E*g=u z3dF?KyQrij$HXJUQ7kNb+okRyfAuvNEn9N2XNoEz?+gKSt0^GKYO*$Fvra6s7zjet z_aN3UnRiAYG$Liyt8;t12qWyhN@q-ENz0E9KE=hju1FK$eCAJrWt5P8uiFv>S-rSM zaGl89KEKpb%C|;OhCA*Ye&y)QoD*_tyEddI1pCk)NcjsrxU7LX|0-s0DOY=nLRW=p z=QQZLU`;jft=JN94JH(f4JU+$^>&6$+lLVt^ld2bDqdr0M{dZO%znS3f8xfH6 z-M$4K3f;F4qSXL-v|@S5M-rMvZoLTn=dhAe4D88QL6IDC>-k!hXS6IBW)+>>{}fur z=>0mRRG@vYC4UhSK6LYXyO6r4mo&;8=KRLiO_z6KsrG4`;?+O2MI=J{2TGzHI0UW5 zFIeO?OBdoihInJ&j@vePhRJI`)~i>V*P3fo(%DRJ|)u$g*N< zGyJB|q7Z9=+k(P0rJ0|S)gD*HHu5bcBR7c8s{8O;2tsP$=RP(zR=`0e86M{wRN(;L zfI}i>mIPGAo<8`TPsRx5w0|7;F~#QGlBs<0!oE|ASXs3**~a<(cWtg2T9jK7_PD`& zMq`X>wsIRipP2e`FPWzDqC-?KPW0+O^g8Od1>Eb{ zvfpCl^k_J)bhA^}^HE|uwgn9o2%*}8LRJ-yVK6LNA>Uhv%)cm5zInmNvKT%|+jy{Z zWmY7_sNw{Npg=0g0IsyrzLDfV3LOUDKjPP!D#4aBp?EwMEr2LbuvXEemX4^)W_V&=!nA1pbluCQ4{ErX*@F>2Bmng>hqh2U|G4Q zy|K)C=Pep2y#0-10lhmDk?qxEu9*(a6cOdG6Hr5v6m1eY9Cf#cJA(yx-+}$&W!{{5 z6G=-x@-@EQq!}85wHGQk;%BmOX z-#mo3yYPE9A5jk_ZHE?!q~Y$o%YnN(TWHUq2di#2+&V^faBYH^A*uYG!tv7DzZOSa z{{F&EBwAB4d{i08j)3j3#lUdG`0!8cB$2{A(p0kk8-EHIB=NPaVkqqNns7alZ=62t zwu4a*Rc%r+dXN}c-V6Zd<8|--N;UN6JZQ@iQsPRc2`VE`z|Es>>;^O*dvQF4rL)?b zAd8Yt9Kx5fVkDPv<&ml3jCbH!0pl9ithh6fH41Ob6+8Nsl-8VwZ`z%oj1DZ>CZVqt zS-J0T)aykzZ?Gz%&hgB(*Mwzpu$67K`)7{iX%sM*&Y=xVBdNlRA=2`v>_!y>l#C6g z6>wuLk$_7IKzd@TE5}|iCnz2?fMn!AW&nS4W4hhaH;jH3;GC8CZFJ*Ns@bj}IezhV zpa`$8OO2B_l9waQSS6jK%E6XQRB5F5jkA4$L3LjFxlDP!al*;YaV8?yB(q$V7RT41 z+8FqNL(#E@TO{91#UaP|1Muy(-Gf>+>x&^jtIgm})u~;kn1QF&=V1@s^Y%Ocw40`Q zwkReR5Q!*`Un%qBxIc(~<&$JHX2Jpb_%lIvkQsqrUtosUmFqu|M(s3othP3r=+(!# z|8rYkBHFZ%I!HyQ*RsMFC!!S_oChlc3zBTZK%XKc4EaenuB2Wq!p5V0Aqi=wZw}a` z0lC@$D(!&mJ6|?i)%tgwfYABta5X^xWn*cZ8k>Ryo&x^kDzEpvQw>#f z_l^q@>M0EhL2KGWV?_~OPoiG|9Q~8;Et!rYEP2~~HT`k)8g0D%ts&RyLI|!+_##Yc z%{Ho5zUJ?;{%zR9;#1zf<&e@fN`~YsWeGg#d>#Lkq;et#cLz(>O{0<1(D#uZ-yZ|& zMT*thr$>O~fGe8%neWK%ERS%JIt@FTRfnD@BZv3?tP=0lEDsZ$Q{0JuY3b*eJ57=W){H< z4A4c3mQzyQd6I1ulC}#&&DO1S3&!Cd0^RCiVM8|X$vS1%ZUYsQvlt9@4b%=rQ3Xjr z)Bw*-B9i9Ql4dpDPOrloqD#xsZY9lm?>>g5tIS}|;fD&P4`|~?Ik|2SnNOX6T}_Se zJIf@1$F?hmEztekEPP}8VtWM`K54yL=Y5*U4oCxnh~CY?`d0$j`!K!lw-N~<|6X{> zW*orA2p`UvY47g~`usse?QTEl6MGS*5CwZ4!rz$t+1oT3a+?I$X-EP`UjJ{m%~?M4 zit1*B;G*&-V@v!VqCZ}*&92bD!KIrLn6iS02k-lon8~{GW-)Db3k>)PrJXrYT8y=f z3*3^vAP?@G9NCWZunQ^lztV<36HQ$@tU#zQH!pClm_93Ze#A55Q*VY;bfcdI0DI-) zXW8D?8qYtiFI|aFVi-g;KxC0Fs!upIcI_M($2A~9pF(b(&?1}vsLIB)AD&BDUE|tw zz(~_?5)#u~_iFKNIcE&p#hd#)0c;F@%TKGJa_afh&sK$SC41?UKS30K8J#WVPhE{9 z@#W{t2UU2;c7nK_ZZz?Kp35<5{mz|LJ_WQ!yc#ihXLT_?wUyRgM82{9-09C8z zPcR77j098>T74&K4C!aDU#f>C*_iJ9Ss+%qHO8;JQv z*koKWut5DR>T-^!QV{7!Ztdu0rD;nJ7yLJD`klO=qgmyF!0ZqBP>w^O$35dyZua8w zqaxuTyW;x%ZW?B!iS*TwFz&AKS>wK7cu-isuntCyZ9vlAo#ZS2u?w{*L_A-ja^>n9 z@1F+wp=;Z$y-)NuJCNX76M4q#U;%71(4$$psdp1 zl6lGGKwN&Cgj|pwI(@L!Kb;@6P*F((oz)2`GkL>A%BR5xyMBMa%ixTuK@K&KC@|sKvBSkt6C|- z|E=X4vzk;8^19(VuQI6@zuISJ0N%>RjtU~eqhhhV$>$3LHH6goxwrQO<}M`fOH{yv zHjI5(s7aV;!^Pp-;Mv8rSRq{vu0!&W| zB2>9;7AlV+{9KRMn?NS8`y@t>Sn&3NR_o{V(k;HoY%9)0>kLsoKpN$lq5JpXX6ZRT z82{M9PLKzfz?$#9E&K%o?$?z{nqKg=i~4JCc`g@F2Tt=`1n4_GI3B-Jhd(#($TY}0 zePLL<;X|HT0D!`9US^6_`yo2Km(D3H0FLMX3|3^A`gh2&%YsSD5jSpeO;|-#qD`A_ zUfi&>5U0$!Oy6*xD)+n61HM;;T)5Fa6vTk>{AhX3tB|}bv-hsww=?!mZeT^5)jvR; zQN?PUoL)z7mbkB>7C^>@iZ$3?2_D%Nn+jNfU%mSd5`y2%xpNSR5P2hC!+D5)#0WkG zY-94}%V&UN-ai|Z=^4?JhIpa*`@xk%Ty9kTJ8eVPHWSC12rmj41aR4z#$EPALkK?r zNcGv?6=hk{gVCR!3rZ*~yd^@dzkuju78jOXy0u$A6KZ~Vf8E7+r{uBx!s1wxt#1wE z)?qbF9FA>Pvy9~EK?r)YdVmMWM*OKauLyc@B|W?9weu&v-3*N^nkOKbYx+IgopWRy z6CZL1E2cSjZ@2hL?h#;&+s^g~U(-O#|2w41uN@&fd7fAU1n}T`McCe6Ydi_Hu(F_%zhHYvknz^;E@Xk}(XoUp3yp=bj-r zH8hD!w6V26d{LMEI=FOIDaq2AdHP$P;*>Xnh}qC_xzKvqKu&Mrj@HKN&3u`%SQfLT zE|2TUBSe5>T8jUB{>j`Y3T@NglPxwq4#C zRi2O1s(AQu8es#XM(Y;Qy5J3zC2UYwMgAhsmJl%6Ib#_%L~uOMLtp2P#Zevv~vX;-u8(q(h&&*buXfycdB2UP^ViB?;c~ILz z%QJHED8()KzKl;*6gUu8G>xM+%jxn2!aw{9;@J6aIoVRv&mF@@&-EeS@TH0&5x>W; zC*VODM@p&?L|4jyASs;~fRc6CgdjR9i%bBw6ttIBWhxX{rtWW0h#uKHfXROgr&F0?T%WWapwd;_@!N)VR^p)dk474&r1!d$RB-XW} z?@Zo5Hd7ooSE7CKMBNRK2q7YO^Wt12a@=I<%xjt0P>`iWOBfbbosZ<1N$v99gv>lo z-y2TxZK+}5mH=ItYXYgfC6;u`ZDB#afKuO8K1002S0es`Z$)K~w@Oa0`z(~FJ_i-3 zUKVK&$wSSZ$8)+N?LM8LWM6so0qirR-{h@)wX>r*4MsL!s{X94RY1Oy9uV$3FOF{1 zQ){OLi~gLIm`GfLN>2pxRdaDrVqb zk?Y3q!L&~>{XbpF7lh9M=3rMi074i^{>kyPC%xP=k@L|LDltRdd3nlj5hg00*GI%f z^ClsW)T`I{W+TVP7{S!+TsxBUaJ6OTQ!zhSg~fBx1D|^DY8zcFSKc4~<@g-!CCtH@ zPOO1z4TZ283$#Zn{}fTYOtuzbO(fepszJoB7#byhi(s!nm9KfJEUe12Y*HzkpN!rL zyr4aqutQDaJum7|$S8s7*1wyDezw&PylCbOXLm6^o?k4w&^yVB_)?iChV9*{I27p# z!0@WZpnG8HGts>~bDAn%9Vg#w`;zR63(oLOIAR$ z;%*%@nJPLiMS!TLJZk2`#uwIG^W#vVT9I&7-m8eFY33jpk*oK>^z7X%?|B698Gmw- zzX1d|>z`zUoOCRIqW_zezErcy&5V6x4Y_)sDnN!ZAOGv`3+~3?^u`tU(*s`G5*;KV zRNd)~%MvOOxwl^IwsUG|GAC-Qfq%vm3KNDMw7SCTI zFTrGbG%R!)gGG`kYV&fCR9~&kp2) z_4%MOAoTsa=|~1oA59QyU$3BT*@#J>g{WJb3J^0sv$S9%fautIje>@0C*Dwp&|-L@ zp>`8iQ{@fgFVT%0$CGHc>WMHDyCr}gTD0$rL&+bF=pI?d#3`;Hl{GLw?)dEEA4twP z>~yUX*@27ZizV^3V5`Zxq8f&xu;r@J(+WD^8W0eVe9aj8S--;tPHsWH|H+1TV2hp5 zF!`2#)}=MEhA94wr89WI!yZ>uc?DyKlER<1MhQp$nuUK--bU9dB60g_Ep2R|djB5o z1$PjOx&_#o@KUGLOVrJqOx+GlWk2K)L;_EM6r`+z#P1<9+n8R+vS|Ow*807K#Ywq> z#=jfsYRw2hYF0tP^iX*njbDlW*co}c`AB? zSvnKYHdwV-hv0p$pp~cxwQX?_PWJm}$MpfAxl6W!i_C_1=HivtfdBxGwH*p{@HGAq zy&c&cy{U>*vn4iAnusiNSS5te4uq5|@vX|r&hu`X6ndI0vThd^KN=t0Q&F)^6VXya z&OeY9ifGe4>LJH1c795JI6w;)6kfmn>{krnCm}W)GT7_5P z!Hr=S#Yqt_F&4a*xWVzQ#q?9(g5$#;(Ufki8`Pq-cX$3}0u*zWPKv!E0S2-DA|sJ) zN2ZNcD;NUkP+m{&elULotr5Tcvunz1bYU0VSx$h4Zpq6929L)P&go*RFtRL`5F1wK zDQSGNzei?5nofkUWuLeAe|@z=9;E@R`Fu3&8n5ps^cE_Ast=NF&KRt&4v zyt0eEi}KqO0J9y$FDR2ZHrn!IH`cUSF}FZk!St6MraJ8D4WNySvme6t!(n{x**&OW z@p}XaMKVJ$&l97F1r4a`zJt-ZcYXK&-9W`Mq)NW9s5=V(gnShy*W+jsEuNTb_T=p) zm&KgEH2#_6iNc!lJIlHqJ~2Reh?I&qve1NGj4<}3WXim-CDBdv*NellD^B{#6bocS zBwA$|z{LXneJp)}LJG8g1X(cStbY&!%@MZs=pJ*xi@ocLy2#s(zbk(ICHC$zBZiP) zg4&4mk21eYzX@g+a{o)6={D$uuH48?t{L+gpOv~Jjeg}%ZcU%S;K79EFpk51QdG$T zDr6s2euR8xyhny4RR+etsh1u7-V=|0S{`FesVQ-frD(k3Jz-Nwv3X4vFe$XryG6lq zuYDu9GMjK2wpC<%MdLJY1J*cxl`x0D zM?0@ul1%QFuc@%yz&Sye7;Aq?d%y}XXc1-k+S#%Os=5NRv^QYXz~d-%1smJ}z9SwG zXj{}33^G!beVv$p`Jy#G#R`IaP65XTggM1~q{~Cdw!)HbR`;9ARC2kU?&9lbV#?jT z*y(l5Yf!;8?f$Hhs2B<$)6ZO5{-SchRZ#Ili*~_oZq3g>xhZI<7N+#3MKw$m!_Kxl zOhZf_6^4`|k`QKH$&;9hqR%FB5k$Ss8P_U=pV-L#6?73gw*{=dUhTubY7I3A{Z_p^ zgdCVJr5t|((@ZV$Z1W;vMF+mM!2oX6AOGZ_nklNC!5}*s?c#xI{&}htP z0{NQq{WJt*Mdf9yl^`Azt2KX{q!C2-N_>_TrmG8`=iH{Ug0|%Aj;BLTNUO@nc^*x&cn=L*?l&NEl_9huk7qKN0qR|0U7mG5 z6$ZwKCZs}28f0GlpcIL7`z=qrn2Qt=b}eh^Q=v3r+PbpiB(d&^Q0>!r;YkDDAQM_Y zNP-Dh`Nad+IwHI&h^(ZhO({>lL>q0#TR3Nj4Z{hjjY`?*6r>j%JqxQ1%+-#ays5*9HVqsKzr{@69#zJopAE}5qyvIA zm})bgWMOiUkgKV9^1dBPx8w^=yL<>bQS!sO?-J}v{0a~SKIOa3k;R#k{9(5~79d15 zfwqNJGlEoNCw`Hh%WIQ*RioK-15~0&O!>KHerG?H%AtojC-r(ct*r2efb)`Izz3Qg zQ*sw{E}bcf8~{X47WL;YghQqBzn%so=edSL<7tzv=uaJ}_J~u+kH9?UNf;ToLquf;U%;vzV+UGyisbCn9;6T<U%H!xdw6iA-`Jbq?JzWka zBC}V%;-n|zhw=OT`~J+hqqZK(>SY*iti1I{Q;W?o%#mA%DUEnvtOAbwFW}=jXF?hp%%4Ta5qdSP zf9lWGCPu{Qho3cJg55xBO3Vjrd~3+5px2obxK4a&FMhiMPPAPfBKeOiL1ZC-H%a@v zZuSvS%bC0irCW0UcfyYwnaPVOIAv!y^o7 zN!6f3N&IZ6r3WY=rFg{S=vacg|Hsu^heg>w@53tH-QC@=D2;&9-MJ#&iXcb{2nb3y zOG`H_tO!y93esHyB8b$|oxcm8=Q-Z@`}xB|4}|5q=bmfgoSAbJaN0UGyiAM7xI0Q1 ze(1xgNW)A(g;@#nB=f9bM*kf)o$STqxbdFZPa{Eci5Aqvv9jsc!U!O9;vGNqy2l3b z<E zvPnl*c%XdVSUaioUA|EL_!e)E&k`8(O^nSYj4iGTTTxOteu*MJDRocT0Mrui{mw}` z8w35Ml_(W`K?>G^99w0)HQuki%9p5B96$PiE^%P=k@OU>t+2A)NK0(_Pxh;AxWLg( zg*-eN^v6hOiUB3XvSE}1wkyo%w;e5?@*td7&+<3j+vtXJjjg|c5daR6NprCFeU8x) z(hn5YJGtDbx=3(w*27C`!kVP?Sy-Ac=u|{7#L`?68#~k#H%l6}2jw9q*~j@MEGxzBFfg ztQQwAKg$(<54s{$tjFQK8OiIu0-BOIVV|Wuw-f-XP2hgH;-EQVd}RnOU{h%JTeXFk zl0Uv0-i8I@C#1aD4aIrv<*6b4hVvH>V|sbXWAeanHf18rG8hS;qMo2DJt0>zwtz6V z*l*Yr&E~ekBbYwXiq34;IiJ!P2vxoUp#yESGZ&4CYAfjL_|XW#<=ZIRkv;MQhuGV3 z8lq9u%VGnSI}1tU@y2msFc_{TtjDK1bKir8^(EQNY42~*nT?o{9n*9ti-IlwSO)JF zchInxFtr671CR0bW`w5n>gP*6dAhj!1_WT3Y~4YY;?pBVU<|nIZn4WRv&zgzF})LU zKg2-J*2W|R6R!9;x{lRdZ0Q%jf)qycu^1$e_(rs04Zq6aJFg3> zm|^nq*oLW@%8N4>HsMVR1rA_K#v6?a`9vf>phx&}PFOp5E(WbjHg;FZ=}`l*RR zv$8317rKG|;8%mV(T}^ZnsVZVrmrq#c=^6}3M$qu-b7u)b6B5g?jUC4krhihG4)z9jgND!?UHC~FdY6g8s+qaT!{MqzCG?5I+ zQO2IAAp~=>DB3ISe5nzTGx@S6{prJqRT($I@ut!uWPR?%A6-`0ZHJ;h4+U4kBZ`oR z1Oh+q^wN=`hE(9)vo zhonceArBvGNta5$+Hi-C@%EgzUd)Eo)r?`BK}irdU5py zpx++CD!lI{y=Mm|l+GSHY-xaQy42HPW{OzNci)A_^&g2;zFU=L_Udalxu2B4yczMm zpbb)-|63`JaDB`c!ikpVq~qbk7MAW(%fLexG{K*EdY+~Bp8R<)E`I9xnznovdWgac zyt5;L8!?VY7wMqFEBdU-=Fyx-bX^r$^4=?<^hZTc@`0KcNG2?GXa+U1`1U1XEY)DM zOXgttzDMNQ?eR01=jWxQJKZWCgEu^-Y8*H^4Q^z8P=njkxV=?f`9<3TR#`=^A2*Q2(EV z7A#f(=_#;flBfst8A&hUE=e~%!(SM_RGBMyyLN3p6&y#`!$WE?fj+;TH=ofXeq(P~ za9k@6S?TKG+0EvaP9ELT;}uJ(oUVQ8y)4Q&C)wo+d0&*_L$zU#n!JhRE*34yptOS( zWpIxMO=jg$f-HOaQ!2l`+kH@PWp0 z=#IugZZ75rqBUUhrp&%mf=;@Q`ei8?evy>xw zA3dF%mE4aUPN@|KLz^)_D-U)i@YVe%b0u*`>ZRvh^-eT`$p6|l=a$PIhAU210UF@I zcfdo_oc~$GY38POCFq5lUs#OZs>r!>ipc zxzpe?tqwae`Nn`+t{>0NU-0YEZQno8v#w|!KMq?A2Gg690o(9Tq`if$m)IvV*JitV zg%}zLG5eg$^u0(d@W8b$P>qrFVNlI@t??cGor9!{xzg=0PHnr}nb9$B06K(=W+XUq z@!$0G{!cA}PN z18&eyw_{1lHT*aF$pSYc9b=0LDFNIxzuWkQ+}+JBQRP1?`15~4*YFN!u@8#d{t(LE zyrG`efel^g;h`Zil9Z*QpFL=J7fags5Dv#YC1dQu2EP zH$JHqeOE8(Nde<92wpEdo7gfI_hqM%_R+jTD1~jua9W1#NMlq8n1*5gS#o($XBE89 z0Qyc*K-~UiKbEmUsWN@5o8gAEqCT^N^InEaVsDijZMw4qblod_pf8+>VB;)Kwdb87 zvoEQ4DC1kX24EiA(>Z?s&QaA})wuoKUtSqS9D(|3?64@!AUF1B*DA*ySQ#$PiIo+| z0HQi2gAeq|*&oMhHkhZVAxeY=-$&duVpc_`{<8LRG}zT0Q6UZ^?+mUzOmuavW0D-l zoel17-WRJfufYmo6bpF;^{@86=pt(YqhojaWJ4Hj*=3|#@idM{Av1swE9arN+&@!| zKkohgS{&ZLLyjNi6I(+?NI0Z7l>#@|H$yqq$3yEUizNw z!$dyHEo$)@kGX%QFynN`00*#}=uC*yxJ@VW-yzKJXj!df8jzB&>IlS>UE&{h|BO8r z5a;%?moX()y3)Vzto)a5np@>^cS$_Iw<<8P<#tO}W8uG}nMMxk>_KQ6khA6}b%eL) zuMM!*RQwCye?ztEF4n(j9O_yCl#KcG6npb$02_$y zvsl-0Y~3t*Gi50W z1{1cAbjqrdh_^G1zF0&DYyV-eV$k|b97z1%_~*X^o$@Osd)bRR85rAniR!|YJ6g_k z4z5RyM{yQxTPGkHGdTj9hybI#m+5UU@ z>mlp*%8jEhcN(5<$*kVppv|Gs>q&txj{p6@e?Q+4-t^3)u^sczZmXTtw{JENuiOv-(#SxDw+ z!<*0<^QgApPVI}cxT%=`=L~=l9e2;U!7N-L91&aaa4t*^f)0llj5jp2D=GZ{4-5YN zJq+>m)GW{Jk*+#rKcX_XtpSCf=|2hl`#yEK0p&u3g5)E;JUYUjuTXFKvhvMSOmp4; z`{;ySeE#ADpJnSkMZ4d0Y~_c}=*tK7Y4sGgum^2gxDjp4caGI;&91B zQlF8d!&`{@i*zq5H9VaE_tmMb4fhhfVMz0n@W0ub=t1Gojjs;b&QS|1bzp4nfqI|f z=g)D7NXUuBj~;7%CR`A=B#6lWfYdk+KW5Y8jf?JZ8A64Z%3Q6ZR7cFc`M*ckm5}*( zwKSzfpP{w>ick?{#unc$!X0H^RV*8O2Lnl?A8278VoiD1uU|_XF`2|DOJFlA@ zfpY1ckiN`R0sp+;8XekGM;+%?X2~8?WZYsuo=t3aY(XvhNIbAHb+N0!y1j1FL$6CR zvfgFq0^I?pE3s*ezq$uXLC7GB`C8f60skJW;mh~Vckb_{>UaHDZl|pUiO}H(={Cu6t%Z=NBa_KrS`{!i2$Z_ zAl~;Us&lf~tY|sTiK<6Jq~!#s<6r0ed#}o}hCdvbvBYMo z3yu7}Od&I~UxUl@q9dy##5rWJQ!AYs_r9Jw8(8(#LM=9Ne&gElw5A+*U}7dDlJVew z=KksI%D1*;u;1=Pcx4*Qb#?Sm4rwmjv9&fnJ_q~CVQDHYmIeMKjue<>h&fq9CPZaK z;II6>O_A%qD75IeLQ&2`26-6FNf%;TieS-0OVQx4q9TgA*`O(@*QHk+QEbIpx&(x< zvQoWLWO@=UT&j@Wd!EY5>$)69+(gn^857cIdNOht!9J% zpfq&Kj-ZA#Wack|39)tZ9{6}eja2&4nTEw#y-bjp8( z$N2W*4L#VY9sl9)3G6ytye@VF8>QGf76G*y3tjBh)B1z0f%us2JdcZCo+HO1rIUwS@#9!jyeH8UP_E*%))MC!hO$NEC6;g!nC1zab1(O{sJ-^RQ5Hp^d`LXpTLQWZs`L@5GP&?e=QWz(2=fmO4RXdZlJbh; zBP?%o{*z9gWb)p(1=Z(J@8y*(t3C$RtXp}X-Jwy_Y%9QL4MM~JOFQAB6ZumtdHQ+g5zo><+&wj*8Z}!uVHjlpV1cq>mD8Jzije8$`#VMK-3Fu3135F8z{s z_QqJk$2DatbmmfqXyl@RE+as`#r-Qmu@NC4<4i3Kc8(0Wo_q`yv58zhkiOJhSKvtn zBWz`v1T|S&Jn=D!`mD%2=;o)(C>uOpUg@X!O;F^`Ce=9W?*piu zhs@n*v#;6i+>(Ktfx+Lq|Fv@jH9@D;xr6GJ6r;D9=_DDnApzv zfu8z>$SHTAt{Abnc+3%pYx1iGib%YJSYI+A-KtxSWGnvI!=UY{;^V=0csGS}R{Y5O z9|>?_f1JJ1^0%IHhNg;X*jWEEg0b7vqSuCbx4k`XV|s9O^550^t>F6LAoUgW1r{3I zeRk}Ez7Z7x?$yPz!(w{*(bXSgLcdaUc=rWqlkw3aNNVh-sG?p;r!G zGc7@lf4>^&>I|sq%P8b}(4cdj>%_LyF>$!Nv2r&>6=~uFOnX8^d)cHc!TD^J(Wa?k zpW;-&Ss$Olg$dxpd22T9d;^~g}{WNv7W9unN4W&Hzy8>hClAt;ttbEn0 zY0fC%dJypO^2r46QeMMb45KRJ=i7y3uJG!JPUD0U0F`gJIi0BwFJ32|6`FqnA?Kn0 zx*EaF-|7ZlM1zfve73~$PwbWZZ6jRoRUld>XrG$6rm6cFsRhA4gni}ETSH$FM}nP7mn@3+3y+EL|{aJmw?nDX(&4$HL-hd%e2 z|FLT4^fW{J6CdhP{>;>gV)8HcaooYL=x?Gr+h`9Pyw$cp_+j^q50dUSTq+)YyyQ6w z@i0~+7JL4AM#T&R#^*ckGlT{<)~cFKxmO-Jf`X|GI?Ny`c`s)3Aq-uQiVcv8E12y& za#q3)9Lm)@9bMt2Na1KfuDS5Qht~^L^HRIlWP6bF_kJ4Z{X|+MZjuMRg{1v}=p%?O zvxzVN%6>VV5d`C&==vbM0eSQO~SaAq6#4y}leQ<=3hF8v-dL3N~T;MK83d)HTa$T6+~4SxI2sGixivqU<(_uw{ZNH$X%C&y6(d*!8$hIp`!&t~NEu5f z#q-JyB=cw^b!#MEsL>cc~4HWpSsF4emd zZOEQcj50zf{t9m9>Ve>q%jefij|tx-;M++C`AjIiPbS_z$J(l52Xw(3NwST)SOiu4 zGVMj7)1F|UcU&s)W{F@7T64Hm97T4>AeqnUy7PLh;(-%;8ec$r5i>!bVS+R?lr-qV zH85yX;EQdU3Mo?>pDT;a=o}uu-UU;XY>8z2mb@jqr}nHWBxJ(GNx1AhWG4N1aeu*d zUbc~-raS{QuAjN@BXU$7PAuGR90{9+9-O3lP#U12!^?4OmF6Tvu0O;oZ%2F1xGJzA zi}Y{rIz2MP!b}&(T*~=Ek8vPo`(Se<|J%FHYOcFLu-wLc zINI;NlU1ak7219$D;cDyKoFJK&89zYwxL$zl6;)nX>0ncKzB+JV<_PM=*ek@$6`9i z0fthfkM=k% z3i-hT$l0A|n}m8Qgblu`naZ)YfF4ta6SrQwY1xEhX?ZzMT9%jACz}&}@7T9c zBLj`)l|zYQWE%}VV@l?y*|f|{=lk!=P(x=HIDWcUC;oW%qi!zn`>cx2gIQHixmn$F z#RmPX8R7`Fdua7B*V-k&H9WA&s2ggFXS^?zW?6u?f_q0Z+Tm0R!Qa?d7ra>Q@`^#3 zpx-da5;t}wDw%AU%O00zF-n?e!Sk4LO7)oPJyALz`oWK`RCrg1yDyg$WFz2CPXzR8 zb+8So73}=5-^B2}&28P#;GHiEcC^+8Ycm`gh0 znS(yImXk=e33g21lG%DEj8Rw#h>737DlD6YdJ`c5hdDPOm2wqC+z=DU&3b&C3o2R} z|F$GpMvZIdmzZ1aRlIUu{JY>PsUgvv9BCsseQd#P;F^=md~+jl1*;F!vTsO4LoLJm zE;1==AoyeN2<9en?%gPA@K_>EV>Zj*mAqc7W+vgWg{(&~M!AA8)>Azmm^5iW1f$$m z-Z7n)A)Wut?^`K2hfsa_mYt&qbrv3hUP08 zQ1;``OP(wb2Z%(}``P>FHM8F^Ki}CB=(PPF={`kLjYXe%8Gww53?i79X;5l$^#@x= zx@^m#-VQg@_Rz7_A=*NdUUZ9TR-!vb(dI!LsBj|@rwt`ShXg7( zCyBal6L}~xhiBM#Z``~nwMjMiN=Iqk*mC0mi!#kwv3$eRcliieM-FX`!nP!M!f74< z^UJ`~(z0MQco?){OR0?W)^5AfHZr1Dh^X42KGpT(PUFMT*XzAE@e%ii$YsNE18{fB z%?X{~gdM-9$3{|L)!NpW5|=<6tPpGd0r|>J?hEzyWv?tP!!ERXIS5D%fSCatjom$= z9M>Zs%QwY59(;e~ak93~Z`+8bA?S3Fz>3oQUDd#O9x)fMBXCsa5T~ zom+K(_dDz1+wv5sw^Y23t;_RO>(&LMFzI$xdh^nrP9B4&&sQD2p5(D}#9aLNLm!y6 z;p{hiIBZ(egJNPd|NUvuo#qoi^NHqt$)@fb&C8TXB-f#`7l`gwDK1IPQkX1m~-NX&leSwtLsH@madO zoFy%b!1m>S=*Ggx{Ki6UswY}m`tcv4tUjv_pI^p+-se*VXgTdO#}Uw^5k<+NJAX6s(`Hra3AP`+#B>^vX+Z2`Nv zlG@+u!LckEVDg!H@IVJ3WtCugS~kP;uioG{-YbuXB5-F#_)5IHY~(k1*QNVP>im+> z#$!^iOs94_s-)i$BR|W}@@uQiqTLGHt^Q_$u-{F6@YoOpOY~5e)hlqxu+ZT=N|&>8 z7IWfRsAXPQRwQWmDrHYD%H4k{LXs>R;R5COi7JN0!GKmfm4*JMNiq6F^gzx_vr^;M zjXD5YX5dCYgbO$M_Lz0J2pRLyU57e}R#Icx_2u4mb6s4Us<<~nRTv=+c}oz{|2U!1 zYm0RY@q8GnSbwuc@LOI-k8r$#8_zC+Am?0b|Fv1eQy2c*?SJvt-4u1(>4A$S>L;qC z=(_;GQK5s+egrkUHQb5ocM(rqj*DBX_JhRq@Ex?atV5@7v&r&L0V43{zn8?h%S{;) zv&t>dHcd4Hb>50w<$}Rw?TlkO>yLxFrdHF`wVu46drIl8)MF%&vBYRYa01VI^{L&qOO2%CgGB^Xcc{p~If(m*7kLYUN>rt4i*Hs9CL(E}}tR;^$1#%Wb8 z`m}y~Jq!diH7pIJ?TBA(*PA^THhIOCu`5p0&IS-jR$*%ouW3DsD@vHSMbesvxT zn&>^RnsA)MEhB5?Wkp4X0v_VAg+-r?iH9k7uZOXh*Te~0re2DG>?L+#>w(bId0U;J zXM0$rjsfJG*GyaAMJPjNHqR@;u=cHCp3l5B%wyD=eWLUY#UV4Ruf3{N$Wp->698k;I1mj(>I0B|mMjetMD}CO&?W(`qW~^N1ezH%RThPvc1*FV$PHNW9nx5`WKY z?m#PXqzhVbC%(q(aanZcYtoF%iM^08kbQCfymPo$4KK9#WwknQE0MP|4D1?<&pg2o zow3ES8xuEv@!qph?14_eH;78Vz2%4&66HE&poXSE724r)5L(`G2is1|`n>ToaX)@c zY#Sd$$g{8!_|koC?!=W2gYi0jB)U^_)8y~EI`_vNuoz#r%WmOk8a3O~;hm>CZuxznh$XT3qg!ZIO?+Atv^IBfB9#G7|#yJ z9Bk#gwh+=DP+YcFm(pa%{AHgv$590w;Ffd^gV87U1mjD~&Y$U|29@Y=g>RacXP0@s z;++pD6s5A85P=@s%SV8%-Hlc{-I`hm=iW4sEft@tfo$V2746WqVrlDUmn01_WSb7C z4RwFfQ|u1D?^u2xkY6Zk04rXf?pm-366jzjhLJ_c*}*p+n*QtWYik1fzm}36UABGi zzt2zt`|Y$02M@Ri@1MV{dB>*ZF;UB5GsT&6@A{bL2?bdM8r(Cwvo|^Lr{#W!ON^E4 z4V~DmuK{^|is~BQX0mq@8r&9nCz+KJn2e3~=;OB04i|}nrH#EA``hp%W~k+}wfC`s z2d5e_sLzlaAZM-dwbg7ha+pfI*r60^^kS3c`v@+zXU=HL(pC```lMc0a&XFu6eop8 zw-Ml+#0w^obmj?V(_d-hjJ9(nFGFUmYhJ~w_tqbe27OC?C201z+0$PxHoEskoZ8z$ zqA<6d=hX+wS3iHH8Z(lH?S^NfQP^hxhF>3p0``wg1IG8Bp>VcXgzM=;!=JO( z!b-Nq5x3HsRlSg->>p%)@$K-W3)obt6n34Ftj8M|6hUtI;ghCIhb%xpslRkTIsFP;&U{*+HiKAiFR->k2j3?Kc`nrr{sG3dzDr2KVp*o`(`? zeAPF$ApP`$&RqX-x+s0)XR!_S_V+$M0;plC@|-K1iKKhp^z@GdugIMa%!U6%HJxXLC@$00)o|{ z0idTI*-7D3Be7@`^*7FPl3xl~HUV&0=5W>+1Lph#Ujtl2xG^AV4wlq2?ix*Pt-Y;yH#7*v)0jE#*L%a^$T@#Q{4^7MTSU=F&G)*KX*@yyEp^{7X zao8Za^k#sDMHq!n9wzgp&EJjVii@SUv7jXXf0AszDz0n1`HgKi6`Sc}&->si;d5nbWc|Fb%It~1llow5F00+* z-G~rOkUj+11aFvo3Y3g!p4ZVllM`GJsnp7JU>j>3zitQ!x(7=o^BR+b^E%MYCMi3^ zb#Cu(v+YUld%fT}y9GShpW;@( z~P`kae4se)uwL}(zH`2_EUE~ zmBX}`rFXbjmL@86G2p$OE3!Qdh6Bt5*@g*HxwE?aT?wyFu>)%_T=(~#_-?*`$QBHq zP!=4%4iGYS<)SQ?(4M;HbuslOZMe#(uNdUPwfnPNO=IKL#;@lN`TzWhfR`W)y_SaE&NA-fnO!`@jNN3;O`#Udu8u55D9Ez{(P{je zDq9-Nu|=yGIN-*_e$*WPgxvnnZ|KNp5;jKFRQi+^GOa6j0!K;UUC=2 z%7}NgxiUuiH(}y$AIMkIp~nkdUQ*gweDq_zn4vRgBiq?CJtz|ol%9GpPK%1S_Hry_ z3Q(F3bZlu~q~my$Asi@S7t88|0A&D0HGUOAzwXu6&kE5X^K?&1)1D&R{dgItDS;*X zE-C%i)MWxwXG?sKLRCs9fnF_onWL362uh|zFHy3KHxCcm(&fGyP%q`ui(re?1yMTk_)vt(BZDkIHoiOCuxNn z8eFxlvTro{(1F?V3Y58xj5r&wibMP=yP9P&n>~}iF7;YD)8+)~ENpwmAJ3|eBIaW> z1xtHZnty7?(E`@8@amXGWvD z{GGf47AJiC_ak9WcA>K>FdmF=0OpZHLJC>>GWEU83qmU)<4i;==}Mn60)NYtBx5ooprx*m3@IX@d7-=uB;GdhTUM@;fPy@2mlW z4Id6WdGwk%yp_JOSCN)gBOOi7>J#e9Dp}><7b-IjAM*)8v$Uc{Yl$FyG^!=b`Jx_p z#IliJp@;x|u)Ve8Yc|gVzupW~7+5F)jIjv>=)^=Y4YEyO;YemWi>Hf(V{t02pR9}B z6_H$kY^E!myO~~#{Ij0+!-MlJp0OYdqkKR(=*gQ77qz6Gy?|Rm-jBGa?6^i7tP#(w zGkLO@MAo>FmaVS?F>Dz9abq!E&wIGBKOyutQd#U=_3wHJ( zpF(DWOkouUb)+&Tlte6MP!sHa#(|yYp<_-qxFw{h;h+WZkk{9^h)P2WRQT)4$t~kzVoV>2|9rCj$9Y^st7t(ms_#kERPEU`ol%uTtY8-oYKH`hhpiFjBx%U0N>wwTm5Vg`%y^L~3 zaw!Xn_$PRfWbwZ-kEN`Mc}x7u)4bzC^HRnoBQJ3GkgK_4*a^q(v8mQPesOwg_{hv- z++Y`6J9`k&sPUv}6r7rQw-2${$~kXbe0xZ5sl?@ckrO;mroKGgk3UCHtv?!}Cn+q` zUKcUF;zB|DHK7~iG0}-jN`T@`>r2twcc`IRZ7|R0O59J(H*!ax5kvTJ!l4KmDzb?^ z-qJjNTsuj{$fF7}l*ttNN7|eV7xdHhE8tpjLHWr1vq9^~4vE9YSww|DoAb#hRwNhz zu7X-CkhC!oSSJD#={V>1cm^4?Jbmd200c{vh!E1(#4fV#xW**CmOa8x1kE0SCDRw5 z*l%o!!?Ur&OczjL%=}+aCJaeE)5=-$zvsdk=5;9^_go#aDM4=jL*f@5udy{!c7RUL7ziA|r zrWvG>=?+q?Y9tHTb_%%?#rQ>JO+c?SN4C>1q=lfB@4jxZj?!lWlJFNZb>Vp;R^<~= zNT#)=b?>K<7mUpkAu~qRmKqP1*8fy@*-SNQa)$TuFM_97>B{+39(116qOLr})LulY2RD0Cu) zgf}E4uc|Jy|YIACI z_y8)bi3Ehux_k9dkpjgx5WGM=NNK*lEp?9Ryvz??9McHz9?>XYRN!97QG_DDJw{c+ z_u)*#3*M-I(->>=QUkP`$<Bv%$r8&-sg@O1IvE5^Btj;%kIO}I=OUwqd0lgFE$JfG*=p-Eo1j091zN(dm7 zvRUXQzum?hk5>1c>pp40om*z2GJ&rQfiUVFOEUBM`O1p*7Tv>8o@B1Kc~vx*f|mt+ z)QNg6qrjZ5hnCXyGMIYBH$f^N_`gl~dBSi}Q*mj61yN8{7997TrLBj&S8=`NGBD}Y z`Cvf-XD>=9t(7c<04!7c`Q!k5sk2|k6L`XxkeP&Bv9YiHiYESbydW@&x#d@uhz+Z2 z+BpcGXlXG)wsNXuCm^o$SC4~`xeS4$mF&(`W zUa!Z0i-91uEQg;miSp;a`=%FMYLeM*$2s&cm7(4tTBO~iKc`$B^gGaucY4f6=F_|1srbUkM#sc82 zFaL?AXzFYLmBQ;9A#ZX9Cw2)>ip!lmGx7bIp)728^gWqws-uXl8w5>Sy0*mVaGb}HCowCP zFnO@1mukAA08pj45d!58!Kwq**1)8q?B!92RnqkKyMz@!c9ps6s?BE8k8VFvcHzE} z8vSCo*`(@V03ALG7g5w?pe3%c+8kdTbq5sjR(9c}4W+|Bjg={Rl#jM5{jIzRCwM>M!r^Gch z!~W&B6rmaT!lZL}eXJ1I4m5?gP|_Jo)$`J~k;jbabtS-MM?!g;R-?=IpopH(cZ*{? zS%rdWS>)yIjByq=f|B+2hmYgfJVE5-a;wUf0)cx=A3KF)&+0T%sz6?lId z2ltBBtlh*%8fhWZqZoS4%tyt^xo%<(E=_bXsJ-$4VdgWL5#fwW0hJfZTU}=K zxSR)WV}m&S2=h%$YIlFxkp%^wyffrUatXbKlL7&F4n>P8hG)9sopx+tplbu_704z` z%s%j)Ykj&v7>|nW;&QH{BHKGZJURhQKs}`I7gfqPz3`nDmQUDypIk?3)ySE(K2;Y+7oUry1CT^ zN+IK{5oOb&JehGMi&ncGTPPZwNqeAP^5bnv?>)By{KkMao4S;Dg3d~=QOFF~fDDR} zKACSp%oj$oR4Zwg(UyoWwErH~v88-7lcRJoc>lbsQdiN=evvr?+({ZLi5rlL_L24< zBdPslZTd2mQB0HLs!=#3Y9pz4uIxki#MF*|s?b9Z4QW*Lh zUa{laQ7AAj9K0NDGG^D6{bwt%W3M*kc%BhYf6C!j4cpPp$%o`-uY-6E0NlKN;pXx5 zq`Fh%(k|S?tf=XGO%@B6se)o zwN7&FJXpOA{ogyeeygd}wC>IYlw$U1l_xz(HX#EkQnP@8>s348MX-@rtNj~d5l53? z0c*PS248@;W|}Vccdz2p0L7)pT7xv-`uIiDq&<$`q!{z|{i%2B2&WLD62P@HJLuAr zRqI9t4s_T3(kzb8v(9Ovwk-}lg@^S%FDt=D(?SqJxC0#!l_`xZ7=s=Z&Bm)X*`eBey50tGmbu5Fmnf;A zj0xk}vf`+lsZf^`Q4cDUzeTX<)y$T}zh^ADo7yb`!nEmYGv7O&0L$lc=Nh;g;@UjF zA-H_cXWcvF>wA%{RlqmI=CBEBTA&+m1q%-!gGNG7k#`SjOE4hUdI#-Ze-_$G>!x(pN*4mG)w3t2tf3H@68=?`_{Sg1a@gls${DMIE4k3cfl z9vc+M)!=)$39z7Y`{SzK6ZzwzJ`HiY0KehIW0UU1Cbhi=zV9LZzlmvy6EMWG{ZsiA zTv9-z*wojpJ)Pv$4tv9{xrMv3>50SBY0-?$-Es87e<5A`0-PROqMGhQ5RH!4*9%W>MJ_~ zhQ6;Ap!8-&otEOr$zq~y%I+AK;XKW0A}EnlAn(MFsSi>r|66;L^mW@R0db>W=bh7+ zIn=1!D*Q*xwex48+`(@15{IWk1Qks!$v8XmQ?jyOw%XZj(CXcAtxF18B3z;E(rS{qZO!nRI;7D`#>jwFvXJr#vEWfer4xmS^E@3C}_WtsJ zAso+*5PFd%AyOPL5W$C94p&@$6aqZZ{f!SCb4O{GDL(xKzk#XUnu8|47u~L`bd(-)u08P#iwXUnfOB;Cs-c3eM%jt8clNDcFJ3TVO z{>kH5WGM3zc5r+AON>p^&Cu4AoW6U*ZrFjuwZTn@8x_!6n2x)gTT}=b!}u?4EUClo z7hFvQ!23wHqhc^sia#G!E#P;hmD%(6_nusRldOg#Hhr!~U!hsvY08Z+qRU^OMhSL3PrLlb?{ckDz>C4Wb4X0GTh)2@v zY9X7itT^>9ZW90Y^bW1EW~*Az(7+y;)PjESSFdZ&hB}#;_&-2iEDQbXU@BQ=f@U*~xk0fH+`q$UK0GWlXno9Fhf zAb*adk&EXEky=PqF@xo1`YV8aEs@vHq@J~wPz@UmvEH~It*j*Ot(T5(I07UxiT5=hcIb@d%5NScT`TD$X^_HU z+FiKQai7KE$XHFm$iS8$6S*eJj%^|sC(T8mo`r0Up5yk#6M2G~govqnV#f}S-!{#C zt*0xnCHsSXc8Uet5)vh>qYoxuBMkXf}JKA&XI7aPp$L#!&@?=>X+Tq~7U-yj(LvxY zFyiUHBfd8dwk<08`W6T(&)x8JG+b?lZ2Gmq;8&@jgLL%sBU_i7(#-mse;UkPj^9gy zWYcl1lGX8|l=|^%)g-~dB^fR8FJdPaJUazH*1%6sC!GK)&lGqy=H17nav^-{fK7%? zQynv%yiOc?IbH)^2nfx+$wTK&-ol)d(!V}<>JUvjCE>9pD7rsmF7=U$y!E`DC=)5f z*1=0p-+koAA;{i0LxXQ(XyLU7(k=V_ikzy*&X!OE4e(C{Vc7Sk#Xtv($nHQf2z;vT zk6UZ&v}kpWUT#&&TWuEb${`hNB)gP0GW@O?bDnAPT--IJI2;YNm}LhT1Ef|)wC}W? zJ8C@A@Ozo$fx`=Wj?ufMg~&Kwk4iNWY~X(1Qg5DRQdSHma4G++cE3`Zt}iIjcqr(n zVWnBRCj*@D+a{*klBpKMqw1;-M-Wc}A3#_Eahfi1?F1R7;I+@t&Wihu%EI^L6Nig7 zu4iXoX|m?+$;au_FPbWlf1dxi*6W@1#SweoZ{bL5v8(tqpByATn1+4fnZ&o=7yy`? znMrN!P0I`+8u7%|_{M*zi%sXHUtzcy3L6WWVH%3;+51QSmE}jm{?%Ht^ljLY;q8Ce zM}AF24WpNc?AW>|)OB8=_%uYZV=|G!mL@%PW&}|3*O8&syn6m?b1!}C4uTU{3;8?E zp!<*6s_m2(9bWmh|L^8Kh8x5A`N)qCg}8a-7e~x&ZVl%EQEKEjy{TETVfAy4)kj=r z#3$|ibVORbtwNv=oU9b1GReSdmZ($&Ph!vWekR+yp{XO8r|nI8RobRe&$m*cdIgFl z8q%_Y7!`&2((~5yS|CDv3^qXt@p!Zt0uY2ErvADxVZ3dlD3}m?juSUCzx2`UB)d~h)jlOohmlSFzl?*U@5rd{p2ANTU1sQLEA&OV5S2Y z`iDMCHqWo6VAi@d6wVe>MXa~_N#rCw!HZrVonI@*#IKAB<1;gq^$_j|o$1)yxqm(G zcXYUNeA;ir&EiW41Npr^VY?-Bhs)qZxsjgi`OG`eQjZ2tS6=R;wqB4M`#5-czy;x- zc2I4$JuQ3Hx9h1GD(<=-KtL*Q)OdY<%9GsmRI3N1#|Cdow|FwvE?jP`l60alK+~Zv5phy; zLq(RDy*wO2Z@&3GGgsj*ecm0V>utIBs}YeMoGdyo{cYQ6Lc)+Z!Eo*2JuC}lu;E#b zaoFk4Z2C-=$$;hT1tEI1>y!2nF=g_5SqJA+2UkazO&3$r-v*@@wI+(W4aX}dM-L=r zGS-Ez6^eC)1$e)uxhk3{v?XkdeZ`JoLVNgwTyo&6Q{oE&yf07Clzu$BT&y?NI5~%W zc_J2jsD88KSfSZK9wSSojyZHVj}ZYJn4L)NEGtrt@$1$Pk5=JhdYba+1b$^N2CAGl zomHRgoFC9)tofaW?ck01E_s8o2tDKr2WwuOKq9?5YxZ-8 zf;5~C&7^{F(;d^cg>6SYgiA`agQ)%U76z4|#9f9ax-8Zck`)Bjvq0eBwaxwV96G- z1L(a7L{Pp%15HQ*yQVVnh0`?`Vr+&4X`4?+kfr=y?Py6C-ZGw0bZZtMSn`{^>Mn*G zFZpS>SDTMSW}p5*!YZ{G?KJ+?-*cKQbL zuH?zKVcnpz&ng;eMPMMCVE~Lrg>p1Gy={H0rrG;4^p}sH>cFR9(JT@3Ff4Cta_myI z&XzZ;QJJ2p)M94cU7wd?EguCtpK`G2$=NpA6U9nBi)^$z`cNfvt-v$ogNVg~w(RJ` z1Szj11iPF|TeaSBk~+nWmv3JSKGU%e7#~2gE~!@6=6u^%hH=aeGonm}7cd zjXFcMLK>q&Or*subLndD>%Kq6D%Q@)JYQ%#Cy>kPAEo$tiyny{Iy&xwLRwtaXhPMw zyUPv$d=<0&^G!miHt!386cl5Y<7Nki22fA*q*}z3IO-%3l*K*oK$8f%K?EI>kE(l& zMi(&F0!61d@gX)C&|b1{I2PFys3H`(9u{e3qd}s63SDZ-1g>!Bwl;`Fx6R^q7D(f; zU1JV^!bV3a^#iegQ|N6tO@qmM|XlT&U_{(+K(yX*5ULnHD zWchJ~#9?kRp3Yq~s=ZsgcOo1YUpQbsm5=_zhmUUOPJI_Up9bl_T14~8&AaFIGsk@QGbNlxCKMh|9}zJy`H=5%3XRkkqe$r# z%a~;!?ipPl-F9eCj@Ws?zbqMcS z)5<8h-eC{eZ+K+Sy3Y^vt;2%$m!icFUN)-EJTfiGTb1g0Z8^@;`5=JH85XD2K0}>TpGHvI)0Wu{evymCF`;`5npx| zL*bqQ%TIEDyQTVY>I>&aUv>f2St$k{QgBr+nd)QLu2oiEF3yx2i=sk^OhCkc;X*OsJf4Z@lfbfKO)S+=zF7uCRv1okzl3dE!tj>7 z<3ac!h-yk*kat-s3~GRovkt4Yf*ZJ9z$f8j2^QsPUZeCSf$}-|u5S;-6G3faKmpWT z8u@CSYS}O6(MYMq0Cds}FnEBVS<@afDsjQ z$+4kMW$VQ|w=Ehv$;c@_YXepKgYdvqGzusqrapu4!laOAs0jISTHAWUj`GYgHvOou%VCVa{Q5i41jo4`?yn0nfpw&BxZ++i&XUTx>{Dckt8bgQ^J za3Ps+CBkuRI~R59x%H0wbHo{E=aFIDKKv^S?#^B3kZ9K*`FkyHB%S&eVAp;T6>7~i zf#{nlrS$myV&W}t-6vQqkB2kvFDBpG#GWJIU={P}4Q3?gWlfKRj*-F`SeuPZ{Yapn zv`S?cl)9gQUEZg4(feB$42bh`37z2COpJs?vZo?jYnW06vDfdKlU{OnTG!Qfb3lrZ zvI85e*z6(RSkV-(kHblzQ~gEC;r+!fBEB6FQ}KC=lR_F`<4#ho5jP9Eh;(F9F`6ka z#6nRV(rFken@%z4=pEOy9sjl%46RD)OLgxOWWGU)r%5-8ZA)~oiJQ#izkTRIME_EQ z46Y^{uKP)EBe)h(DA<9i4}%XTB+KHi^Nk#vPH7R1m`Z?mozI8x!UzQ*s+Y?3Atyd2 zmmBts+>tdsBH(ARxL6@LRF6j%?{L5_$kM5G1GyinIPxGb_s6@X9Pe@Ob=t3-4^lgo z`qe!&-q|e=rN`7S9mZ1b?cET9G*W3X{f4gI*x_T95(k(mdZq?h>SoP^1b5yuJkucn z>?P*->J}V`Kl*K7b=w>?V7Zjh13c{7l8BYUdwFeA$+)pV;7ieL(~b= zscybobG(ul#n!@zgZ>jN>h>*#IU+$cT%<7#W|PM7 zRg;x7GHX8l6HO$uO714*ItIAhDk3PS#O&yuQJsT^-3uz)Q2s^x_D5Xe?>S{N@%e{vzB9Ihw%ZU6ksc(HN%FBC8##_04wN$pr0${6op*hRcp9E@A z0%>aM2NdY3*O=+k#iZeJ>p3^S6}~DEv53DFgOW|i4#D2)NY+<=+ozER?xX)EskaX! z3PQ^HS->t3+;7#hDx}hrEbkDw?7Gz{+RHv9OGLq`&J#s{79fRGlUDR9QH9~|ereLy!IUl~4gQU7 z{Tk41zI|A1R;RV9pb?$bVP8`vx9aI8F369F3`%+A-LKFK6^Ta?m_r)X&KqzT;Lj zg|YM=zXMu2S@F-#GzC{F4C7YDodgb5cw&T) zg1mznbtsnjvbF^|LfKROJhh=+0`D>ii}##w@&{WOImGr4_wIbB5P zry^1Tccv9H^HobRH|r;W<)Z|-fdRi@XE>)7_dtPHqMxP|HDe^wYl{|~`^8G)(tuZ@ zTeD5m{YX+JVv4aHbLr{qQCz}6ZNzeC8TKMRoz$eLF-V*3r4AR~5<6ImctU*EM}9k?p#_EHmbGkFGJ5oaRE%)Dg1NH|G|5pV#tYie)2-|5la zfTBzk%~Ym#LTA3@FXD4Y*D#QeBUx%xG->4C?8Ohv9aVU~30`Ub`F&EWw5Jj&W5Az* z+_$Yb>KdVZt_XcheAv9i(}8Qr&AZ?QLK6v;O0BrjxKs)-gt*6yEZ<$PZ43&kUHO;L z-jw@~m~;-`Z%T5TfcwUStpSTIwz_KJ3315)S6@d=uH6Sb_h>>9LsCHmR(xB%&^o}~ znMa}g!9&!`2vPmnGyvfupDrY2E**`|Qp2s9^IP)y&|By>x?xUg{7%JCCoq@H^k`sN zg|ZTnb+c2DI$+y5airc4bvR`J5M^ra$tzx}GRz6jJ_4P3l)X;*vTaV4dc1I*HW)@e zBRb$|PhhBtsTl#&h1i4}cCxQ2VWE1}ZXK2;tv7)~oRL2Au$)|#++G=S3z7%*7FxEy zTOtN&FSu#t?W}O z+N)sgJ{3Z*6I_td^#`%8mJW+v^K%`Cu&d1oB-)davvw0&n0@%Yq+Bx%%8cnmPo3=@ z>CQE7Io&GBrzyBSBDl_H6UI;Jwk_S>+WR4oK1BpQd+>g=ozAw$+PA@~+mr>EAw*E4 zmZBF1C-~4%nBw_>KNSMwOUu6M>6&S40}K1CL~tL(0t4G{EhcvGz4g53iep!0OZUirY@s@#&a18s7y#3`&qz-*-YB&^I6~li!&|r2 zgGFc4PzFI~KY@vp2f41-&dc({JX*8K>>1TVYlH>ckgd|ESFB=Xci16=NK2uc*eY2m z`v(}qKPaRuq!h9o>N5v)o+XwSwY^$aK520uk(z9 zq2~8Qt@}*^js@WR269s9zj-0VALEHCLWar?VIa(P&eHKsmd6jE`QG-`4sG!dK1|B|+}j*&yf=Qrj-IL9 zLHRs#V&eM(YJRcX_S$)Ui7_{umenx3in8@%@}Q9fx?ymZwtnUK4^l-tmJVwpr`7U) zFfDVst|~ZB*+I2()$q_F*fA1)Qp={eVxDraJU}dlLy`xkTMA#YZ&u?P$g*~aB^k!C z;G?vB<%6Ops}87xMXOENZ=V=LHX5+4Kt02KG3y)+x*K8nIzp2i4{?dD!VGkD9x~XY zw6bNYlgLW8d+$1>(zxC4#JP7~Pp`0Cy6*8{>6l}Q!>sUi-tU)-@@-DNdF4Bl7Vf7b z%i6#jQ?E*8ns|pqkDsIQ%1?diw5Hd{Pvh{gW?B-|AZ5StQ`$sMvU|_NreK!c%X7q= z#=+wZAh=o>Fb%Be3O{^=uiko{x7?WEWFwfI8t zNFw)u%^M(*K>U-lcD)%uu>FRQG3dl65HJo5T*m}H^ZCac?=x!qV3_II)PRI3t0f_m zZ%d0jx*tbnuyg--jW>2 zUjK~vsvl*WGqf^z8;Fo>%w_SRGB|i^QTcB#U!euCLUusq;x!b>^2IWa2hRaV&-R0= z28N^gCTC>U(23J@a|)=Wq_Dp@L9}Z!Y0;61+~Lzj&OUcvT*JV~V{j{V?Mg6qw?{91 zNGP+vA>apHtm78P#U9}V94YJJrQIwSg-Gv+Lao16Lz#@LUl?w9Hf#(A0=G)zB*ESb z_!i4#6H4wUl1r@w2H_Rg4s!=nckcF3Qk;mS6)l^GU^EHmUuFJGzbU+R&(vX2)}6)q zlm&?B$9E!j2qE%Pw|TL!M!skj{T!!GZR&KA{rEZ>5@{dKHrQ|+DP#k?OZRlfvs zF#+j7xQnyDE_yA<>(<1ohG&r}&2Wmbk(K3|Q+*UG64dTxa@#ww5$wScI>s;4W`u7@ zQeJSdtO5oFSVBh_f5;S5K_Q2{+3^FaD z2Ex))tU)U@;EJ%Qz>=%!2AwS|`8&Xa=veu9hc53o{oHGAraKDnGZ?sgNUN;R-SX2G zyN|Ax%@m(_wzpk8MRoRI%!PE7GJ3?ksZJ%34^`b`Ev`-9vo=%@r8Mv#QjH~PW}2eb zEC{biN^7zMw+D}-27=`ZrQ0#}Ijz5HjO{azn~P2p0gLJ@a`(Io z&_>z3wtf!1Wmd}1U7E;YFM25p%>$_cp`-qRIRe#$LW%l`V%TK1Pq_a*BB7(ISPw3d|s-> z%M2Eww)^;zv61)qqKr_=aJ-5zBM6A;oJo}y96_xV%E|@oq@wS1yw)h7WMnIuR;L-a zoJn@uHyO>Rw$X$9S||RM391l(nK{2u!o}!8HaV2Kg|>%zqo&v3N%zfeaiR|zM9&UM za_`erU5sORO>xVTDOj^b&H84-)?)L^YCX^-M5d#c%^H0 zN}L?=6;!+~F>kJc5XJ9npU*48g2)Q+>%3TYTD+}fu@9B$b(A&?#DlLu3i)`Q;$0~N zK7JH(9n_`R{li+NaRb;}qr#51@dMn?rd}E6Gp2oITG7b+7L{*-VG?-s>m{p7N9mB^ zm|fI7f=Fwa1R=EhS~RYVk9U|`24s2gf_C@}QwlUXSs2bM4#6~Kz;m#sv*MJmGmt|Q zsjCR`XoBj@9rOud7k>Bz>!ci{>&0dVjoWDfw zp6{fcyU;51o(@na9&sD~7HyVtgya22LW-E7DRZm_!kJh&EM&pIMV^??u0Yx^2F$$4 zX#)>fv+d=#QTze1Y!R*wi|k4Z``kGMl8}Vcxe<*D`3?ou0{U3iHZBr$nJyXr`{%c3 z%(yI&hv4vRLw9YE3K@+-MD~PB+>%~Rck5hnpYf7&DCta!?QLIYvi_R^Z)e7DjOXZ= z(w%C@SE4`?6DgzaGCN$f!Z#;e?j3uP^}Pk9lE0`XlO#SLL?Goy{#(@7XmC6bT^rWP zNW|5bfu1`@X8m{--n5E zOLM?zkB42h0o|E2Jend(SKwbKjwj#ol+xRS$zASfA`P!BY3rwfEW<|C_>=5S{43M* zUiBA6s7?jpYm6j!6-79eq_KZgpT_;MJ2_qT$lFBS-)ZIusZ%;T{MVPj=3{X|a%sBjspual@OM6XqJFZxQz9 zj$2Pwg3@+BL&k?fIl+T|j<*NVQUefgh0$~YqZ-~;Mo0|ih~!9s}DIyIUR(^U+1fVAHw!$w-sU<#_AA-P~= zb3pR?AFJacq#~?8R>y{pSm=+qE9=c&;oLqg#FYo#k( z4kd6WmZQuIDVl6}OH^b4>LDvEDD9i5?Mc501=cOuFV(#~$1FAR6_T^VLUBVs#JFe0 zPK7zTgDkT1q~&ux$R$C)CyN5ldP{U+iT(cGjmU7uJbIo(IH0UZhiP-5S?Tj1$WY9& zY3~$ezQK|3b1X09`>+tCcLK=5OM-&udXhlT&T$0ffiqLkMl@ekqK|beAjH}t)I}>a z?7F`@g&s~6kvN7=jmRJb#!=+DD|}jO-?TnMq|bCh&Tm8$$s4A`mK14zFnu@?Kb$~A zL~jj7x20aj6H;{U=4^jZ&|V#q_*@~aM)=X$NQNNGxhsv2`GsV240NQ#1@{qn`x-X2funi@;E?js-8G7Q9H+~O(9bOn&Ku51^N z67fM!)zVmW$=TfFBttxDQW~f!ad8z+mn!jhE%y~tMM&RBXCuRVlZomT!(a+2`K*pz zt|iGhOkfTgbH`|}Om+h*K?mkaRxr)&W)I1n6|MgSyxqOs+S+4yf7X_23CGAe^a5s5Z!vSl6^v^gT`-T0Ir=y+I|8$xk4RlcLtN&>18v4Np6#S zQaVtsVM^08_0#wTg*w1oy3z2*$=7yr*W@NGlxMoJ*jiNTbFx46uJJU%3Sq+-jKfm2 z9(#xVpj_G?h$f_AuUXXa0L7rP1U()T)R$s7=Qkj}rq**AYmNR>9eKaiv7vW%$Fz{bAz{zJ3J%Xs}XdAC*W%87waM0Ulg@bhb6vLd{iS$ zc0Q5;adM#nc^5_?!aYFHsEoT&j6;(8*x3am;MoTmO?m|xxt z)WoNV>Ji_D73Vr-)iAj+?P!&v4{zmwi6YFxmZz28TrFUamlw@z#bE;ba|qnUj7req zTBP+))?_~@&B4xlxAK?+M zDY-Z9s7+4`#qE=`^GztpSB8&SM<|$;Wu+vy)F6xGg|#2eUT&lT=^y8Pijcg>vA+3n z4bYnt+8a}e2`Iz-J95Eq(z6szq^u~6xT|wBWot*5xxz#7lEho)R;(K2(&Py+3-NWVgFxqKN6U){|8$ zat-))5mQb^UCrfvY(VPf>!vXQga{ggF=XtL2<$7gLByvC>R%e#7WZ@+e+`*mN)4}Y zA4?nE!cy==P5SV1bPUt;i-NFYoRiHd!E3BJh4}HneWm-0baC9A?s6fZj3num&{^u3 zYrSErAPG=1?EI(uJp;)&-0G3C{dAG3x9;+F(BfwOE#M#bZB3z_GbK|1xHmd zQf@rF{ecFn$u?N^WVu{hyKqONd2@vCec9{JjjO+o3ShROsKEUcC}iO&|75Edc`SS` zb0CkNE&yh+mwEcwy^PKkYKadjtF<;Lbw*=N?(?{q{gLlh5LV}w?HM0f8i((M z7Ug-JU3SU&>V*$o{rt3pc7C4ySvxf+K{`xy{ zzs6i=f;kb5jWZIx4|38&)0BxJGhmk4+RUHf6I>W^%AoTHM-};z2Hvoe!k?XE~ z1%=UZ8@zY1+lB)J}A*8DCx`TF>^li@BKJK%9^_bKpaXpwx9cD`LsZx`4Q{$P^6yxWz8yJXmy zY96YP+IWii03bc%bJ2?!wl*BU_{XgSWiTe8F(<*|e&!(vLNVG!rIX@Wm-Rz6%R;WS zdgKG=JwfjmIUD)8+VARB62{cHBf zhKS@NhuQsY^$wZh#ck-<;tQX8mkv50?1K)F9X&bPYP@hx)zE+-^oFsMKA?*UC7J^k zF0cZVn|0qxWu}3_rW1airTu(;QiutcCe1L!>Y--sNc4f8xT_2mx^^elN ze?Av_t~NH>v3`q~z73J@NR|)qjRXva3vs)(k@{j!HuDeHw%*@k2ZsO0qbT~??RK2b z>l!EAYy9t$wR)f7X*!x_Aa{u5!D4;2Cyd- z$e#N25n$3HrjR10mQx1Gf+qs^eUtuGzkTW#e&qZJ{=rNy_LR6mGo&NAA9G4PVv3s# znmc~zZJ~ck?pF9`f%-oiigm>ewIcQKfPJ}gJFx6<`YoG3sh&Us$IFs{FUuV8f=)fr z3|{}Eb1EHrPW>>H+7Bh>q$GtO;DAF$LP5Mt^z8>FIRr#}IAl0f;4>;X^+g88b$B>9 zMnpI`BH$A@Yc>-{BUcMsGpGN0!OrStV_l*;V>$a0$BXThB4D1>Bi)V7cn_x{2Vb@x zdkf|HF)zVThjdTb$px9V%NuiY(amt;!J#xKF3xE~Y@HZ9UbfQ0&28#@#E7qvT+vVO zoO~{9pV?ek~ff&~8w{kV3}r{%)gBux9(?EjxGXK*mNa(LilTIcUw4J%JLG7%?0E z_G|dzy4TX!+It@88=(4EuiA0+;aHugrd#4pu5{hHbNuoqJzkT7l$43;&7=R#0D7{ zPvvLCy3vJ89hh;SV)&s3@T`rM>8-@!xxKCLcu7I}?eKIU_~0#fD10@VIFVGVqKH?B z25)M#xVGu?#N_0sfX==e&+a9n#xg%8Tq&nTzrpYCPi*sgE_-&G0L{Z-2yp+z1~*qm zup)qs1_U@bJUCQ%6Fabyqn*7I8~B}*vz^TYEGWMq!ax5E2b}c(_t7vSZ};IP5z66B ztQX3#K=tPWqUPu3E|W%~Y!_wt7RWXu8ax%d_2oZ*?NkukdG*3BPGv~@MYenRlyg5V zvL7O&^2X!EaC(Qd*w(w`HxD77Jk$IzLd2!!?|yuV^W!;HAxDH|m!v(J|1c4szfxT6 zxEA&<=(|9m5;w@D2uleciG~YrRZG?ObM!Bw*lf@jmo+*pXLo4am6Zvrv~K#m9jQgH z{FltbPDabNVl9OXG(DfEd1b*3xuigqq3}G^D>)JU;P5d*dlQdI6s)eQAJ?Ki zUK7tr-8rDLjaJ#Xc7m_O0;t{e!``ypkC2~N?@a~8W*g^i*@I;Hhp}usBj4|LgA~*w znzkz2Z(p5Yc|H9ii>7DszH!g}J*VL2(Z={(cj?csS+2faLJd?kUkbhWTwgH|R<;-2 z;WlwDoz2iK{6`!z5woVJ0T7b`aESAF92(i%|1Svtns{k(%2qQkak>^zZm=W|B4@4R zpO_>J**bsy_G)(jiaryptc^Q7MtgHA&^79?+4k1X6(*4BbCHx|i~WNc`OOrvVd#!J zBiboF*Z2YRk(SSoYud0ki=_4~V7jQ}j#6)!f{kiO@=s${w}8Qf&5&iu9&7$xs`8rM z+Toy41c#J!j>=MQH;O*F=#1667k0Gds9yg4>S-up7R!*&FtTYx&f~TGYa(K;Vv?Ip zUnORDtesbjmNVG~P(g-mr-%U(%4%`gSNgzbI!ukvF!Kp`N$E4yz8M?v zZ4=1*#ZnU?n}KxZ`;xx_DYZfa!3LQNUnORb;@piTY~iDWNqIY5_Xmb~BkR;y)m`Jf z9G}3`Gy(A*S;scoj8@YFj%tdoceP3Wy`9QwuWIZ=wR9bmeX4b(PuZ67+S&z{JWodG z-ijoB)lMo`vP&UQ zxsVJ{eZf3~caPd_=O1BkwV1PAxz?}!H5Ihy`2r2m4n zXKah@EG16RLBcT>!Nz-bm(;wUayeW*g^5h2*^;$Sk|!&XX`1V&zO!}K50sItb@ttQ z_T7qk-4)$fqYo6flswUX`W%4DH9~7bVIeIFCqh6LH#@s8x_CM8`D5bDtk7H7mhCVWdPgZ;^gY z{pGVeeibSs(hDNgN}l+P2^~Yl1$WqwIN-LiH~XG5vkQ0Y^H)T^@CB5Q+CTIweMgyr zLrbB0r1|yna>5)ruP&HS-a$o3;rB8-C9+5FDIC@-3W zSqVbmJKxf*juG&Rrr~U3{W5*@0!H0ALp?bhfGj@txvT+3Y-zV+Boyk5_c0rk=ckV# zclhG=$1M*)(@S8ag6eP@Xj- zc);U*>GZ`|^F&+}owCFD8s6~Mg5o1Q@-(sZPXr{Xj^!iYfyfY}4ko@PA}SX8D2ecB ziZRC&xV%A33?BE(Q(}LGE`>#yC1Kd)Vx@fIzp$8eU8W_{L>%#)*e6B@FQV2cSu3Q1)C#*ZWRobH;CcAW~_}k9HFAwpM@-B1Nhzuqkjy6BPHxGdhCZC zC3@2S`N+35Y|UYrV2p~u!j3I~pOQ0Mi+wZ%k)V0Soa@<|&y3A`=MzYTv!%VOe?pp>-w7{6_sh3e?LuCf%#YBQO$S^Q*lyOn3o`kBoptxs)(V{ja~PB)qV#al zSDuQfKVzaY+u7wZq{9>6%X|Mu#%iu2Kk8$+-Q%EBgk$qF)j+b|M*C!MyXZ?yRZASD zSSz|s86vFIF9{%X=#AV+Q5@q6sVbhJkD8}=wJudihN1($)`gc19V0oBf!|Jj20{~` z)Ay_v_ZE@C9Y?OgX3mfLv?C0ov?w$liu0ngz7h>D&b#o>q7{%clp4y(Wq;&^OWWI# z8~f;uzAenq`e5;uz>?Udep7&APQ7j9D`_m}=zc!SWrJgkcbo~8xR4cx4|sZ?miVny zcvH?^L0sF3?x>C21jr+})>{v6E;v4&QSh7Xx$(POCzC?%;UmZHxi2djI&1FbX76$1 zh*xk&K6U0iIljEF+|Os;hUoPwK3gY%z7O4zg??m!j!SM5={YCOqViN$$$9!Foqp-~ zFw6DIi=nEU+lEc9FTDx4 zSKl#;RfzO1r#TKn^wQz>OXVXT{n=MBb&(On4O%fd{q5K zcHtY1I#ZF8yK((1^ovL<@tE%~cAUPJI>LbaMKh7tKr627t(Q~-jQd@ahN)+M!t^B3 zRP}@v;gtJ>>Ni|c(p)$m)58uA>E5s2mG{LE#(3>~hdebD65clbTFgASEV*y~sk5e^ z%4RR07>axb&eq@HgxFe$6dgcci7S8%qMy}Nd$dTOmb_;7X%}eHHgh(5_Y9pqlNIkK ze$JbyiTb_2V!mIIK_D~O4H$w9Q*wO=X6T*cO=#qj_zuZ)j0`0sQPoW zGAzCHs7^TBib-HGS3#i%ePld;4#T`JydiBTa;APpr|&q1pEiHwwb zR&CM+A6$%?`COM?XWlvYTBZYux>es_y(6vhgQu9k;tzL>gN3G*BIWp*RLso86tl~7 zTr$p2rR@#A0s}lp*dHWBWVSrI_D4ZUEw{`lyda}48JyObiK&uH+SwZ5a0W)A8L zSk8bGg`K5H96#T6rPdwpF{gg)6ka>#{*~w!g6cH7fIH(qY&##PWx-_&d&y%^ai7AM z8deedM7W@_I>LwQ70IacPo77t*N!S&w`U1BuS3gWKLUiLI|F807SXd&Z%sm?tx3w#ZEK`mjZO#F=+W+meFF)ejaBRCpS}=I)v*ehejWuHI#zE_wI9$9 zSgFTBZTCVv5ioO>ZVjvtu*o_7*e$nFGPu}Uha=wE9w0Z@V&2cTwC7~8)%wAyQF*C^ zg}F;Adj>5Uf*E3EI%WJxPlX+SE*mf=2)Ap8c^PCpG?Wdj|xa-Wm>(juPz;&7K%ujYY z15G&I9d&1$VaGPq4V?U-(RuPTfoiw!V4%y5Lg27O;FR;C&x|}cPGN1f(Z|)P$%1`9 z4#hS*-bgLAP}{;?Rcch)^>s_}toq~~;dm&KhAEb@YT8#5ilya{tTmDIr#7sKy_x%# z(Q?mQd)`!%yAoEVq&yzj(jqJN{(3MZJo2@L!>BNR~S*-x~6DDETWkvnS5+mpE9dz0_7L;sI zf>0MGy-hI|PDI1!JXxIx+b}sC(?Qi**4t+JGY3@~vKyt`E7~;0jq8>i-y&aY={+Zz z=;xVgJ0mjB)K`yOJm~bMZ-_e;3_pRlvBa_X7V|8oTR+hK|;@ zw6^eENwQ(bI>(hmGgMhrwtHp_NPApCWot2-=mJlG? zFVB23&qDD_xNGKZ1cZX-*RR(SSj1z(bE6T|)EEyyViLbdq47KpwI^hJYz`iKcp4YdGAiR$y;KY0G+66wDjKln#1aDOEcqh{$bJ^|qj6!{@h z^zTDg%ntAZZJiC(-0e-B^dG_-CAohxz%ytxeFQLA0OBF^f6xyDzNVq0skIXu>%;TE z31tiOjIIF!Dd04ce-I*}{B}YApmnu#v@*7{vwCRzKl0Ji(h~>+8kYb@i2V;fB7jQ^ zxUzre@b6CCCaKeS0_oJ(ns9KK{~$gG1_KZ~IlEh%I{l}Cn?jInhNR%&5clDKr(ge~ zPRIZ6cAd;kO`Vn*p!tgh@G3{|-(3C>$ZuZ16TAOW9AN3A z%`t#n3}E_ChD-+k4~D-x_a7O4GxSyds1H=EL8QAe-M@oXm|JO-)ptfk?>gZwNs9^HeH0t7g(T%3V0Phu?n= zq}S;;2OCop3nMlQ8zVDQc2;{^vwwHt-x>VBI`Ql+{QsEG|2LO^=6e6)0SCux3=j7o zGQa<3@XsXO-x)NU{Efk%DZ77D|1%--cj{QPzfu2JdgR~a|BgNXVgRxHErWkWp8t+a ae@CK9a!7zC;oxwApK)M2#L)Qxu>S{UUm7<6 literal 71603 zcmbSx1B@u$)@9p$+qQArwr$(CZQHhO+qP{Rx9#q^?|YM(Klx|gBvX}Cs*+RZ)LvOR zd+ohSP7)Xd82|zT0>C59RvzHL9MFI7bsdbY9BFC(b*)b5ml>pk3Ay!*pnPH8=7Y#D z>68-dBw)hrBeub64lf)Eynhx#LWGHK7>u#^@%=U^-jTAQ+My$r)CpHs4+rWdHS{hW zn*6qRr)8Ng@EJj16IHMkq;!atm3W-m=btF@bc&OJI(v|ooCiELyfOmd<_mSuR(56h zHVQilQoo8qv^P~LSn~zx3X-lW$QwOH4cGt-!b-X zpWMAo`h@{QCnk-MN^o*BhPv1qL-3U}d7hSr)X{$8U}x|MHr<67L}%*cDNW=pCUujG zg2SjQ5vh^$IeCI4CkYM_oWYcF^B05}AOHZl|0_&ze@D1k(Yo3?SQ^;cTGF^#TSY5w z#%$2Rd*7-G`GjhzS4)YrDS0M0SU=ri^i7_S{_obF+~Is4Bt(?O&^HldBR=OaJMg6DD9#JHJx% zA3z=QI}*FHrm&bqeGm|HvjBDPs^PtlFeB44nbPfA__pdwG7UBC&Ob{-(bB-rFXr)< z=oJVl3X>e~$|4F{)LRSw1j~;nEQi6s8cg&{{5rO+`E{p*btnD%$RQPj+IVUXyLLH@ zJmShWM|-hMG-qSR%?FiowKQ!$jE40zk&`D9TM~26jSj=5#S{Jm(U1kQ6yYJR6i&L( zfCY-Y8h)hU_kkQ6g*#w{D0;NSk4Su``pZ+2<(W#eBf%T2u7lMBX|p;i@lRwOVY1NX z6bSniODyJ^W*Ca7Pa@VAk?S70Ggp}|2CN)DdW7twe0)e9f^pt!o@0O-Vq)cwbI0lj z6tTm?7FsimLc2dTS?^PjkxxWkWHUq=0nb1^EFOKM;5kri}JOlRQfF1Wm zHx`U&_q0c2{t8*8QO6s9@n0;u*3^vMU_-I2BN=twC72n9fZ0e?p&eJ|a|`y$>Zd^LvDub_u!!#JB{()MPG zGHMB;7vqUT8IocoV*;b_EQTghmxmY#3N$cUD>=uY53A$3I&|g=UlhuWXO>Y%FBU^; z?G+$>)Y3*e0YYq$`wl`^@N+U;V|4%?{Lb3Tz)?g?(C2-t@dgeHr^@jWfzQX(mI8k_ zGB80yGlUn6rvf0)SO|kY#gCa&3A={r0%6jBLw#m=84w**96X|q7OHa&JZT>2&XrzN zB3I}L(Ry(>eh?Z3Ap`L*I$vk+f6yRDTxpq;-^H1QtU9et`p6l2Ld=<=9^0~UIh5uU zD6`to)`kfALJ?CGy9??zdwckD8GZ+!;-Jzem2@S33J9n+c9j9Ivw#ogiV&8YExL5M z?mIRq>4b{a?#W%RUH2+z9p7$ayeHlnA^P?-u`RrNwOR0{uyrkzcjZcPd-%eKXMV=$ zR#s1|V4!|V*;c#GLd0y)Zz{`e(Ftp!1A-0!eDAU}e&v zdgCVfjSDNTh}akkGzg54Li>McjSloBMe zn{K{SNp+6_ocpI}J}Oek$C)}f^ARrrNI!V^QLO(W2U1dm2-_qkoko2Df_E!XT&V&> zx{?6~Hhvu#CK5kYek`v!X~bklZ=%Yrf##SZwozP3Tg$Yf45?R^&IK!qFfDRZ1xxCG zo>L_KZ8OZ#Nj1*O^KGgq(caSYudB#YGsN8=Q~Ts5=fX_A1{pp<{yM{cUo049Pn9#7 zrhVQIFityMz&n;EePy=CVbR$eIWfn&9i@%ww~flBC*g-{w=MmRf|;JU*0S43oKx#j zkoeV#Dq_FnNV&SP4Z%-H0_Z!pMYx*nHA-1!*iCCYta$`epTX1>r!yuyOf;=OxV($! z9bCRQh)<_%*g5T)6`Q3?kFOq4^d{FYkFSbLn=6c6mYKFKORrQ_8c$Y)CfDzd6AR2+ zCQB7dF;zI1+l&^ePOBCjTnJ57Cesrbd#g=N9aq?GInPdQIPL?(ROwk6?_qB@;zukV zGVu!#MDo_Zb-*8SpvVfkI7hrI%1zo#4jMS?Jbr&8;gAHGKu?C7E;4j?HeeGB2n9ct=ASW_-%l>~kdJDT7eLq)sw(8~aE#mM+<4Z)HF&DjKwD)j&#p zE55}Wdbx}{UVOwHx-&>SOLdo*&y=$==a^|Xe#RBta0U*;6`z5q|jEqcuo>4}mROyk9L}Eic?>C}*B!g-wt7 z)hhpZDe~le{0IDB*;_1Iua*-O0HA>VKkd3i|2um-ni(5AInw@H^8E9_@ULz7AMq0% z%Wnxpj~sOSg|feGnJ`czJaxejjoTIW?HA|WiN)d$DXwwV%ZkR|A2_OS(xbnUS?PKO zr`Y0;JQfTPVkBT|u4Kpl-ay~Dkzb`pNm9c$Ya&qlKqypn0Yl)f zT_HsjyD{Y<^i3i(xkv=uK}O2?2(^%(+Bfrqu&W=cUkB#e|LIY5ZxA4xoRn4EF5rw= zPyT1415pLp1KHtsrpbDX0L!H3ff_96hh@Le24L;#+v3X&*uNkdS2iaf_!}?-;Qu!y z^#2Qz=7j0LdJsP7);nVCWym@nz9ORuobSRPni8&VEptfXv+yY-rPb7vT&^5EZtpDn ziIs7ohE_Bz%$dUf<9+RPNKVy&0#6Oyx~n$Zn!`iTAy z3iLK~xCk1UKalfS^ZlMk%TX;$J69ev*EA(F)=`q;@VNIZ^tPl7HHQv zra^Qv&xo=_7O^Xh&=%|xRq?Q>c92VLyL3o41$Vox)bPH#wUh$KZ|&C1-YXNxUk(zw z(-jw7AINCQdL+|U)wDBJZ+|r+IE4H!{yD_I@Mix<&4~WrSoaU#{sFgpUE48}4H<0j z;|m4mC7PN{CNb*TX7WWebEaf_<_ZUpeFX&mw^8YNtu7?p$Z1mc%@vGiFdiRA*MRnK z)2AEHcr0*Ai;>A@ahj77{>dcMDld&p-QG4^8>zw+@pKY)+Vc&s;^sG-hs}%N$Wsr| za;7B!<8BsL1r^su_3Rt7_$9Qif?|%w;{vgwck&z)XA-jnW>%CpEBajB*@&QI6V8F` z*JS!vmq`VS2PfS*g_b~w3^Ije-CH$fJkgJwuLZYsF`cDC+)IokvsTmhyD=2ZTD|f; z=G}?NBs6XFR|;FxR?}JaqFx2H_^?y&ClOe!@=#AB_QYE0=o6D=m~VA-%@j#Wo_ne4 zNtSWTiW%i`B=5X?%jK+8-B(l4(Z$ATi>vvea#Or%smL#7;N!4%kWUt{vY*1rMxyXn=A{x*=PJ*F z6GwOcCrrsqoS7#+w2sV^gO+z=4?aOrHi_Oe&af6dG%-GMB(>8D;2D+l?!~8dW;vJO z%+X4^SY?nkwNi)Rr^A97N0g)txo|wb7B-<3z|o1SJ+=<#GZ(dkM5nVEk8O_KQqzWK zew9ML&K;CeMDiYar4}-|Pt{Nty_+QJQ%@P_x8vr=k067GhnVftorS2~l0wCI(Z&v~ zEVeW$sjUx}!ws^M)G@Noj}{G;(Aj<(Nrg`F4=gunxMnpqtFlfe7N5@)rlyOo%WL6M zEWi78VdlByI%-L1HzMCDWFBtSQsx_Y=XJcP%CzV9x1{MUARme`$P8l>{@}mD13?f3K?roAhyQUnfS}b6f~SID0Razy?ho7(guoAiCxo~= z77J2E5_JP53ew}RBVdEqg1`mA696Cxg69vb6(Q7;!QMv{f#?s=6STu`gXebSC;0CRdT}G}Z-x_jLI0m7-Hj1)W3&%qr4xWa1;Gjc?hoGM|3d%* zF93lM^lCyp@b|^8U<83W{55!N2pSN$05}3ac!4ndp;jVePAp?T?cs4OD zVq8Q#aX(@qM1t^8hn&-&tjjpyLb>W0b+!Nv?yzXv87J*fEIc&DqCBFvBZ3c zgyC^RMpm_gB|BH}O`H7x{fo!fMna{!9|+7Y1BV0*i0tFq#JGrg5&*=*hy@T6>$Tz2 zUs=7xHgpFb`gJ|W-*i0-bF~`IXxV=%FNS(^28XeeT_7uNY1Cn8+A+(04t6W{1M(J9 z@|xE3u;k?KmYCQrn2&mvgwuh!o%5GAi+3v*pE8$knhOMypSZYeZp{!8U8R!A0;H0Y z>N_S9SDV$5KMHn8)^BBn2OPEw7Y_qAGfU5Gbzy8`pJSDhlomGX%Hpgh7fPnh)Vydr zOg8FjB z-|KL&OXU>J-cDX^#*Ft&n;Q{gI3X)O{Zj9mgFV!E0g*KR z$mpo+I9x5(1@1Jkd{E#Wr~gbW>N0qIwbjEa*gPuM$-7pemZQjolwrnsavf8JifwALnK81~jC4=uA&YB;(xbIi`ujvF0d8?0@Yx`W- zA~aO-UbvrS-;;eqCnG8wNMIkPxEOovEhmoo?=cydr4zu1;dEd)Sr;mv5V&k|i1h0s zwCt`J%1Mz^qt2cr^)|@NwY|{5PE*4k-rO`iQxSoa^?C?ijt+h$wU2YAhSQ+uMsy1V zS&|`pmy)JZr}*x~PB`}=ID5}oS$8wHq;8p7mYKyKaXm6lFD~$2$U%Sft?tYAJ4wt! zrmNBsSN+R94|?d;ErbqiD_VmCEj`{kPShWSqSHe>FEYOaC)2gtBQ&^=nBNL%V>?jm z`uN_8HZB$Eatb59+Rxa^F`D!7yt2Z6rn50no)m1*+NQ_vQhD}nGyOk*P7z*C2$2e! zD#*S^g(jfzo$z7^hfp|&ipSS_dJS>OSkI!<-W`}Dy-u7<@S25{h@ zKgET(;y#IUbLhqchla!4br@vIn`PUe^>@!Cs&%t+Z=PGo8j8mLmd2#r*ahM|s?X58 zrRL+aq>cMI52GLwR})N^DhqJXw4tJ%OL!-J3Fq_{0=(S|B;bp2In5 zWUuCO%2I4&VC&^?c+bKng^xePqd7Q2;SufgU+fWY6mV3F=Vu(h9>iPAXA{2^g($u| zeBN0jbP=={FY z^&1_rdN^PbV3wl$96V^AC`r-V+Y`@~=Fi`9k;tD!-5RTr3|29Ur0FkX7*3rnV<1h* z9dQ^-$R%+Yi^wf;7|X~taTxQD39oy{omgO|t4G6# zy=UhENQ;7ihH;D_ql9r#kY@`RLrm3Rr6VEBVL%4}Q68dt=pe58DX8~buE4MH=|THz zgO()+KaU&dYt#N6FbSlnMCU$&Io1aPqzEyEPZ!!3@CVxDh`P%}Tno5k7fPowqz?>8 z6XL2#738MG?KV1uw$l1AVhW?PeIi}4lEb9T0b})&(l7$blZPKLh7^OOT~e1VFH}lW zMjbjxe+`~a7&r-3ACv`T0LtvQWI(}!v`#POGq{xbSI64Bb3MIqV5^iAe`9PN5awV) z-kB3ibnRG)J$L5FlNBPe+wKsu+J56@5_^eRUMDrgZ#zVImA<@Gkl_Mj#>Vj|TsIz- z)~(9>6uZ*~J3q*tA~tOeqf1Gl z7R)d!X880yC;s1>@YqW?uj+#oR0B*RLAd$7Na8JicfN3cTSN)IlLHu1}gEAPPF zxPyEml~~z4PN|q*fnF3G5(^3YF>cO}vDB-76lCI87E%(Iz;w zOjp~;c%P(*VBk1D+aD6BVL)yJ3453|B221M3Qkhw(`is=?JQb#=-+PiQN#Ve<;Z6O z_PR8J&y0PZP;ypUcD$q36{zM97yzJuEwp{3#_sKL!k^@=c9N8OHHXHj19LhC7(V9F z1>rcQP9Q0L4GbpjTSH+n@Ehvn>sKK(@Qjngnk2V=D$X8wLnT z!7~Vt!4NnGQ9<0k>Ms&k0MxjZ>pSVA@V!_DS;035kJUshRrbAKQI4$^HQ#pU(Oj^Pw~BYaT$KD_}xo=$pxCwCb(mi?vzHrFhio{qdv5K!u5Lh|Y%%X+hsu z&huE#)3p4mEZpf-m97D#wVG3fwSkpIE@~6vWPsDP_QhAB_mg0qf=6neeln0z(Q7BcfiO;ud(Ou!` z0--|1<5rHYlbm}V{ux0r2!k;bzoiMhU9Hvki0t zmbx6fGCGw}S{WWRb_5f;Sv!8hhTGQNinX>K`b-N>&Yj_@r*nCE6(ZZTXlNM(S7m!% zpvHFCoMLr88l{I@Aet|^ai^MSd3BO<4I$2T60SGu{v>Pul{NZUF4Nw9jNJsJd9*k4 zm29;MU!crlhrLA?k!X#X`EbtDOl+*Fe~$<7`)$+#Eoez%%4U#>FqHR$H)d)#B0ka` zrNdzF{JFp%`48PMYgW|2yQ{B5*4?*!Xnx_$DtCs z4uhUl%qU=2eDiU!h$G!NZn!O>sYlTxb;MHh9-(pUUjq2NGB{cWlzY{OQaLo%Mr)@r ziPy6Tpvvs1q3OdgG_jR4L!%BqtAA+!Rq6|;gnke}0ssiI{3n@(`R`Ky-(98uY7+g^ zSL#lfwfJkQh2DBY6@DBLV;M%Vbtm!HYQ6xB$RErNu_Qc~+VaLmQwJ-!kaJ>;KfiqN zS*+YX6zRmfMfLM3C*{$#twrn8{ps>->j-r2w7|7*NXV_jL#q5Fs{^D>xM?;ywQtcH z3L@Bjj5qn+Uc^s!`Ru}{oqAkdLIS)&RI=d$X11xE=Moy^t3TRemHaAzC;e1&klx>uTf%oBT&HTA?hxpZn|L&Je?3)xAQ-(@`c zMzy)iP$`0Ut@8o+FNExl>&`d+#^3NCn<2>mM##}j-@({O(aFKw#`GWmV_MzXc9RAE zyGPglk6!_B$?B5$6{$Ha*?L5cx?kJJj98Pf8XgUZD79Eh}q;^^YG z<19|>(RgSlVJK*F1f-H=Jp27I`sX zse|*zWD`v&e_lcqs?b|O5q7RrFjd${tpjSAf=#c{vWV<#u}{}%-z8VIIBa1!&;E6BLI(o=85>#8)YSYh`oVhzJMGD6 z@fjNu#zIAfIxls&Q5P4HqJn5WBN3pFUzhW8$;AAk^G3qQ0nal#pP0e7ysE8A4i)7A z^vN00>HO^B{A67@Bf6C;O56 z2r{kBsv0UwY|lvgoT8q(is=0#Q=yXarw5tBaDXLp67h3Q2}`a1Ho}<(7AT-4*Wdc6 zTH#q`p*}cP`>7Nt632F{aNv6cv^z)d-U|}7h!pQ8CA)#8=h;5W1pP|tbnn$CEbS=C zBUWbXJuEDA##5g>h3B~)uPgVwaoRyXN5pIuPNYSNX7WnG6Jqc7Aw#M(P|D*7RqX7)LDUP&IU=TXSEQ2EoaRkGl>cY#%oB_8EV~ z%Og5KZx3pW7PKEo1`DpD4xLFP_t7UDD-g#eOeHtyE5;`t7tBwh-)3R6{Vs^pYQr&; z98rmfWQ(x&Z%jGDeF-G}0EOo1VnS{O!Uo*{e7(}0h6kl_SJj|F#0Z=^|B&}Rb#~Ll z*6{Y<jm6okEe8juJ-OBqit;nzvawnsmeYy7_+y75{v&Yr!8;UxuQ^HMP`77OadLNHHydRa z$3+xZNjAl))vMhK$qsjOxD^Q+yd9Y-1S`S{u3$|M-w;vcDON1OzVd1+q^t}^r4a7a z*O9Mlv|MFs$K!ioCl0Ht9Dd{O`j7CwHBggL>p;+k!x4B*IBH>?lc3J{O9?9c3*Zwa zUhHQ$*!sfju=P6{f=Js7=rp>&EZO-3zSjwNPjuTR~37=}fj2RSOwEbB#&7E~?q7eg>8GVsEN- zD#mRS?x*dOrIGE>RQeOt+9ZSig?FI2F(}WANa40`i%)}a`TkNXmF3b!x?vL~>jXwQ ziQKP$>=%WMcA$>G_KQF6f69(X|K9tpjg8FpY0a(mO^xYk>}*V_JVBK-rB|InBLpcx zS`R>e>*VzXc52#{%2l-?i$!*VQ>bha@I`cXTH3k()}Zoz_xaHn*Lc~P%3eR6%3<`} zCEmB7Y+y?>N~6{3>WfcJTyVPsYDRVEiu^tqj!ZQI7bzJ_Os&CeK%}J{CI1yiMxHyI zJgnPQ7BlR@Bq*F?=#{+a=zVwab=CVKnFOPD5{V|-dt5x!+!Yn8Ij=B&+C7^Dt{IGT zh_Zik86f8zSQ_mPAuU73y5@_ z{lv%eGjP0QN^d{^a9(usj zR>)3mAKdFip-1m9=7>JaL}l4zL#bbn+S8&jxwt^1jjuzz5E-}D9%MC45P^1>Lp-MR zmvfQA8it0(&!7T$jnhnp@qpQZR)hqTGK@9^SQjj}rL@$Uw?B+-+kkX=)MUNsYz4Q*b``Shz0 zwO^<2!>GqKSLRYXf0AI7WK&`0=*>q8ugz`5I^N?T?Vy`dz0CL4EjuO95T$+;G~kyv z7<)!UH4)Se(o%Hn@XsnPL+ki(p+9!+DO0wgBPj{icK=Mn@c4Kb#oJKa*-`11y=_1$ zHEC_E>V767vfjtYQb_Vx_0F3(L>32Fob*y{d*co}0OMJWPCZL=A}p)*HEPa<>|2)O zY8+XAL}%+gkGH?he)^{D`oRUhrZYLLHGAaXVC;QjIO3k{Kh=i-rbH)lwYd3S(q8*_ zbP`OAH@aa&L|R@oVLiCK}er}WusZk*Es+h#NI7`xM>qs)As zM5C`H_SsEtIeD1P{g!S!=fJPLba^`otd#R=DxRY(-l{-meGq{08Vy|TG9_%abIcNRG;M*W)lTo{M8b(h*A*Pt(5beC zBtfct>j{g-oTSVuK2wg2y|X4ISP(G(LyO(m6_bU!y^cu( z$_`XC>w<0!?=lKjpl?^b{6>QNvrGiIiQKatf4hTGYiXSd1f|B`^L>~*xwX3$`*0hk zfEL7nk4?8)BrC}V@hOT5rn^Yf3~YmwhIgPrD{ZNluKH$>KDj7~oD(DZ#su>KI z*&TPaZ3>HmJKM>QZbT$qBGg9l{suC9IuPQ`osw0$qq}Hk=1<6;-ul!fRvhicL?+!W zbd`QkPh5NO_;RbF@N+675~&TBYAR5|q@M`YvK0X=tl1fwQBLvY3nwSDKunf=YdO7l@0S4v%@QLpVyLlP>QZxH|iGP9qa9w-rY2Gm(QEe*rLFi8$-mxlO zHhj=GXB)AmSgd`VVux1Up`8m6w5=!E+VVY9iLR7^PnxFQDO^zV!a{u*(;#LeM^@kY z+2jy#+tUW zlnM4KIWw)cYs;KSp2>L7JZx)UnWfiR&B-4Ee)&!E*wa!sM=olOV}78NhIsju+0M?2 z#at>XoY+A~VW))jyBJXP*YhxU-xD$B=57E-Q#bXGCM`Gai(QfkMN_-V-n?y;y}#ne zbQ{6DT{R2IQC(D0Va+&PWQB7d;pz2YondM!07Yo|49bYPW0FwX?9=6N zjOQ@N%n9S7(@o7lQpko`V%}nKmU^zXA<|Rg>Bv>p0A;=>v5C3hN^Rm*oV%&kR(WDv zM_fvH@UtN>=CLcxo0m?1!pW@tuZQN9j&D)bKABdsN)^VtFIH?oW);X{`9SFZDA=NQ z+poKt-m@s_J$|-Nf_QPzH6*z9jd(w3k&@wv9^D+oszN~6{N_{ZAzo+lOIc@^5iH<}k+pThK_`@!pz-6#*M z(nuiTd}x9mFkUh}chf{VabhOr9 zaeY!45sypv^Xsq^{@P{$Mc?TB1>G1Yr4t|V-B6uBxHi^;tw;)Shr4%c75ueg^} z>}AlRmS-(sI7)UkkXy*&CA*kpq0k2n(2Y9nvM^_tXZC2Qx2v+C^TV>0ShKVJiasa% zQtW7gj!ydPNJY?X<%cUvimo8pzgOk+>61sLw{z`n~ z%v<&`F*~glYOTO*FuCVd=0*dV`)Wb}e=!2NO5GRPwji%%fx>p-b=O((P7`p(&%>NK z4+^RNQ|swqd)8#7OxGzwmDvNNLC6E)-!|3FCPAWR=cavO+j@Q!;FFMcfvyR-g=8d# z`2du^k;17|?|I9LR*-gTO{zR^E~dIq}e+TG&O6*<511mr{Rt2sW@A<^&_~ZzWPs0y;@#HAeF2T&Z}(NsBgP}%K>KX zPfWNm1$w=SKZ$v+*=Rw=XA5ujna{RnnC@)AoeIx5<3zH{rutjh7pe)z2Q$@vc~-Ra z*W!f=UH-%duQ}FWR%NNrQ`&YUwyzw(M3nF|(yF3W!u#GPeFv#pZmOw9jKh0pIaTAf zjqXSIj13MuX=dD|Q}?r=z_`b;k(DZqX5UH%D~Vf!DB*)MLd!+@6G{@0ty4XSL!X68 z)(U3~_l?h0bq zPT2y*H)MY4)fZ4S^?bt{$U`QQYB^)hJ?7F~eC5pAdj8aG%x*Jt7bOFj=yS===FvtK zv&1CHZ`D$6nCX;ZE1DOLT%G+-F*Mhtjo$Il@MW?<4TGwyTgO4o>tH5GhFi-~c$_!R zoqf-xqC8Pl7DIx8p^@{Z9^qjaMsiX(xg!e7>-JsqK2Pe_pB=G52xwsO~Ac9Nkr&#Mp z>E2*{Du)FUO)~lMHW)AJeJhh|o@~MV zBMsjD(HLEh;b{_1t_WYeXdjT=4z&%+TW{PzZaL06Z z%hj2vTEH3w{RMA=6mY|;Y6TJP5<<7EIr^No9B6HxY{z>A&2{FkvCju5P%4h@yn0?79}!Q>zjokV2X#$21ZxSWWl z{BprfjTG!Ny$jXo&%3P?!hTZNq9C(d)sDZq_0v0JZbfAQQVyY0kDSldmdeO;G+urT# zO7-_1uHQ56A4I}Fu00*NE(K8!^M#fsE=d)&Z(TTIBObKNno?X#zBnj+M$2zdiM&HU z)oZES_bE)0A3<(mg8A!7qE79>iqgN_owr+yE_Z=&Nb3i;K4nYWAXTs)QB#$C!*U?M}7UPN|NG^mf5&Mz>>h3L8MY(rZmQUShOYwoXgYZ^<45jU!9_vWSEXRM~`41r#mz4jcNkR{?rHSogKpJ0}> zIM^T$-Q?ObMX+prsx-%0u;s)euiAM&qYZO^4dhLvLnw7>RlmdZzMtEI*pJ0%yk|7p z?z(T2#FS|N`P>Vf8$ zX~UBk4sXz(NcTsiX@B0ScUUxSX->|wwu{FkH#1S?>^XW3$QBCD> z4+Vx$)X`L8!=@u*t|4kUlTP8yf%XSa2hHnD--(hU1++p*Y@UO@#Jkhcx~ZI`(Vz{5Ot2a|at8rQG zE9oGk*k#sgc2#0j)rh4gd=@aI2+*tjoPq77x2lI(%8%t@ zuzWisB#8)=!5F0I!`>PqR^YVh+467zxQ>SxsmqFp54hWJ61wI4v>N#qYsZ7eBkn;j z>HYo|Uv4#@2@sp>b&)rA+@<#a_eQv&KulRzM*6|`B z!*xWLZ&#U-kL4HKiP_KC7W50qneg zY#QFQS|ymMt~1}bhQt?7xx#dKwA@RwIq41>qs4<1314f$eWXUkXZVU z89I?DcxR+_E?;arX02R|EybE{s$ERAL#VqdPRki1j9Xi5Sz@HQ2H|}!jxvf#^sp`$ zv^!PkOCp7g3#)MH3OXN0g-S-gYf=^njrR>oiFZ=yMcZerbHT|U+u8({vbWEkVLmWP z)4k`iy%Pe!Q^pgyP`}J$F(uhQ)ubuk%UoII8eHpK)VQO=w#4(#W@=(I+yN-$b`3+r z^tU6n;bVSjskcF-TOM2D+{_5trJUzXka(;vjET_ucBlCA(~d_iI^-eBA0u zrlG;rwb%P0exR=;M}Fml#%cx{YQT!-4KrD5j;kmH&3UrjQN8vvX9>W{9)BKf;cItu z6S2A{&T74_+yXCmP#DefgOeMX+xtw^ChJ=qkgh7~j#x?D&7NbDJLk}Zgj3N8k=sw? z7w|bzMu4X2Jxfb6@MN$c1Iogez#O?eAVkf+y^y#FtA#+^o-AMDvSwpX!XWd zb1zpFY$3Ue0q1~3E-RwKQCLB$!8tH41pnI?d|X4g`gyOD?$v$nDmK3a8&HSX8#)m} zyOR6F0wzp=5>w3&EyrNyuj&=@SH`*iFsq*}|Xu=>^HfGDrK#=?FXpv|GUrgKwq2*c;SDa&mma%qCY6^v;sO zfP|)id4iMW>lc>rgre&)=L7_pH6yiJ4Zbti7!!lqez!fxD7|Tnan)+*9`c%GT8eG8^*9V$^~7 z-E-tpO?PE}4TKp4*tYH$;L&<*4d*Y1Z+b|vHW2J98?H@OZZ2^e?j0>^$p^(Dgp8PA zq_$ba5@k|h4MPca@(>yS6dg+jt1p5~y>7XO*{gf#lN3y|w^_Id5PU<=+!(YL)a6nv zTuWFIzdlPKH~y#CXAe|CJibOdeJlNoHXI*0 zRo3luH5TNU`SC$k7%-*mLJ$hft?YG7%kWR9^3m?ZgX|LU#D_SqMnDq}llY4Lycbm< z4g_>^1c>FJ`7J+<0=s{BWa&9uZCZgs)kUd*hl!oMzEO7?K|HMCC_1?a!=VminXRjYevKc-TrRF`1`{;%YeEFW2d>3(gaV6}&5`Sz+qkJ7yXyXz0X z)T4jS4ob5A08u6Hj+8gU6b8%&*v2k9%4qs9lEbi`s6ohHPs6j-TZtj(^?AH+M14c0 zLS7XA+XHR34=>vBtdutneeIy9E-^7DjKi~hI*Es9yeIzTr?Ee%TH?F!fprJxi}JO|5=KIPeD}Hy2#$|E-_1OUi-^ELAR;1dRL-%K2%#Hz*^M&kRhZYFID}0sPs@W&z)iOT3RA9)dod_Onpq~ z50wvBU9G2VqjpoJZMf6Qkx+!{>IhLZbxBr_aywzSZ=_ptkcEp!&z?`)t=el{By3Mx zv*ArT0s?cwl7QOzLMIG_S%=K-o+fr8zDA)K-ru8Dp3|pp?2B-8+lp5%^v}N0z`^o} zC#Z7zb@Y`P@KRTBcDwP$YrM;2k1L(tg+d9@j_S(cT?tqf!Fy|eVZ~PwI(l>QHgXVE z=q-#$_kccPy>cO3uaaPjmDrvbe=EB@JhkP+uv4;N;O;}uh!#KOx?`A=W8L(yjCDxg z6fFq|J+>z%EPbIl0qhC)JGLlu0`?IG7@_Z&SYq?AjSK0TUfH|*H9_Ef9Q>Y}^?6rN z9p+b|0^wj;=c733n`UEtk|~p`3k4)fn3m(V)#RlR$o={>f$$w3?CDMx+}Dd|pVd1n z!6K5Nl#u~Spg7?J|BkKRtl7cCVL)=)Yj<~|q>LN~4)rxs&#v(Os+WwkC3z}Wo9zc8 z4975}ADY)fDrPqk!hAC_FX2J&jUqn<(1lGQ+0GEdpmwjRpo258vM{J?2iTLH?*Nu# zpCURrEaiJ-e{r8L%!!dZZ9Z0u3Wg4O=Rvat8dtxmAhv)8CvvT zmmVuWyyfelb_ z;ulPYP1s#y`)(l?c2W?JlxFN>MOqY}Uvb2vkL_@t$rC}hlX@ajo5 z`_v|URU46Y8V9F}FKb67SOz?g($wgzu_VD^4TzY6BrE5uLN50UhJ7j=#Z9fQc50(| zLoo@bR%`yR+KF>7X^eP|As}OTEnASxqw=EZ`*}b7Arw?J0mme1xDdWpo1%^_9dH$|0a2Hl9j!7dw~dZ)GSAViKHq)Wa=fGmtATItQ&R%@p@X z@m79EnFKZ=g6X*N(t`ZJd@Cge&apGY)wd~6g5TMQPe3X@g_Wc=cnR2wFwKJe5yKib z2e}CY+$=1+@^VOcj*d4>_)Q0EY;dw=q?`{K?M-pmVU^>+qeK2YfjT zsoF9CLRArSC*JNq* zSw={;;P(UZk_ycyB1xnQ{~ezCKzo%~VqJ|f$v?U;xa)-PRSVN1%)YB09>{=H*r5g_ zxgTXscG%me^6IQDBeJXe?V?~yxrHnjDDdzi8^=5F-2OtK0-cyk2?IUg%Qf;T$?>h5~a^j{xADk}cQ7p9jTU zKhGG@!#eh~iu%0;3;?Hxn9xJD{HC+hwpqqnC599%%7i5N^PtW0rAopt)wl(>)i%OIdb!j%M6RXt&0@b4PJ`m^?}Om*J>U zG&TwRsZPQLt(VFIU^0_yHwU7+ji8p8_4l*D5V+Kk5zh!AD`M!I_x}JhK+L~9Q{AYq zXN?HU?i!6n!vYrPD#*?+HC4oGNm(1ca{Lq0iC4I61WP006J{Y)t=FZwU7Ll z{w)Z(PUvEEWHHQ40J|FmS7CJ!s;#y4uvgWFOPH}2cJwiRKEerxgc1L{OS%dg*@D2y zOQc37lTexqnaO~7zLyd|ApDt5cpihrm%n{qJ{xd>3Mf^GLF^KQ?Bx@E35j^5nB{7q z6=vw>bU1|2WQmrZ6TNrdN4?HO7<2BoKc$D}hl2>yekp zVU@!cRbC#H^GR#L-KMk_elz`o)a97dq+#kT7IF#l*=mE*8Fw*7O|s7h9`aEKLrjTd zz8c!rzEXy8%rw0^*)vUvnK*l`m8Al-HBz?i{v+=TbfM2Ua> zty_O7hbEZ1$`Znh^*fs=ok(aP9<<8Z?{KNX zBw*eb7HYKDJ0z2{USthbxTrS@v8;Q`>QHmie;NL<%EPwvO{b#+-6|Tx%(ZjD>W`nr zKJNcuk37XHkMK77A$q@|M;eBnm`v@zc~v2%SI6ehPOs>>$k+40qss85fvzl3g2O9N zL98!OT3Vdx8P|bKi6z}Z3*HjIs8NUGZ@4I!pqXQ2aj@#D_3giJiMA&^Au*S&dx8TH-FL*2Ql>93lvgj_u_u^1Pbc{W)GPKY4wSQ6D0NIBpep_c$IRo39-`gQUQe3ok((0~X z*gVstL}G;)aSENj1vpPY7v9}Z#r5WdBNyDc7p%sC7hJ#|BxI`I8HB6E2>O^dXC(z) zkdqA1Sr}tIS?^{76MJ-qMRVkv=P}7!DMO5GdE(a;5XOIj4iTy9it%O@rVxHYovfE; z5JC&H;8$3|zf)f+8lK9rjI9ic0t!ydb1rOHQzKECup-%&ygP+ zKYOUp)~QCcx|ljoLSJqbhXsa6Cr_k=xGmF?MTSUAcbbp@g^^qg?#p9Gr_5;SIpisA zj&9ww34S_}0G@nZ+Ke?Nj#?n8fVOJehTbr7c5cYCIsidN+@Jz>EuzLvhwAMsZAmlt z>W<{Y3~iH#y&hs^C@3Pg&SYB!n+Om+HPJdiol|03P3Zr$65$Q+J$-V@NcGFnx;4os z^v+3L`o{>%d{GJ_{wf8t-O4mcW9Cx`w#6f#u3uOc6pdy`D-0W48>TV=}fFjA|ti zy);I=0{Jotn+s|)$J_~0&;tDsqhTV*d8sz+&i0xK;gA&(J?^03ZLmQ$KK}n8=+ZQ9 z;Ki_D5HFic@cDa<`pGOWDf=IA@Mb+$32d?NKQ?*RGt`gdGbilHYS1NX{aR3ox*xD+nVA=+>G2FO`VB6DAUtt zdVRoUQ@3kT3&HP*0MhpbX3tES5+!yjk1stZ4-0=VnK=`guh}5&74M9=7)sP}=75Rq zw9p?Js4@^e9h1!Bf3r#Rk*@TNRf`S2M_d* z&6S?Bd+;JYRIvGJx_=AgRGf^(3%$ zgVpWQ!V2BW?XAK#Lyqg{S%)0;c3Ihq;&ln=m8|tDrFZI#Xa3kjPi5siNCzG#%Gs*} zPb%!OU?_vliVUJtd|6d!cAQlo?)NDgz+{Egw5gu`NgXz7G%{Tjd}E{AUpEUKaPK+w zgfe6O&eDQ2_(bi_FBoz~KxORNT5f<(pxolUCp2%v(45}B-9S|o+T3PTu@%nB`2*-b7hWXc7Hv?T-It4hk zHR#dNttGa;H)$Z3o3y@gJ&#w_7X&FQ#W2BwV%TEm>s$FuYSa||B$Zi2HJa(qDI!Jk$>a(bLs>g;5%+92j(Ztq22zFbz0C? zS#Cf?=UobjYs_!l4puNxJsHm50{GT7IgT4_>YG=pHw40H(Wc#vIY5;3Z6Dn5Z+ic# z=gJa~9YQ>wIyNt%#-Fce+#=*j^hQX)TcjhI3h6GVgV~VsDWZ7o1ubZkO@N(G8#9rP zXvj+dy%{pM%~@ZSoetA|gz4EapQq&2;ZDKQm301{Z;&7@@}~-8r=*Z5xjBSnkp*K4 zJ{ta?ez%N6iVfPl%?l4mVn@>tyhdllQ6dv%w6i(!4Q$JNYfw@JUg$5|4f@y_6KQR9 zT5Nde(ch;`d#$j&`Uvru!;&Npr=Ytw9zIB#bHU8GnIP>hTDdqVA=G97I;fPeBHus< z{8ny!L#lFfOUyDacAki<(KgfsqNwN1aCD-^n9PX(jHbWE-{yapt~7J^la^w_iByQ$ zdT<(g9X&XWAV_F>1Ge4Q*|Ob(6Gu`KkFHv%Qx2HioOE;fI4V5~ zjZf$}wOa*4j8q#6-9-PB(|`L|YhM2#8@UeB-;do{zcPjV zDDNsY8Hds6iJxb^a=a$`kXLys+WGD6Oz*encSN6aDvz26HnWj)3gDhk)*+jFeSA)= z7aY^0!|b>WUfbSIe{Vav&*hnN8c2c&m9ES^O~3oh?~Tbaonz3Cqe&P6tx?^PsBb>^ zV|r%7@{ALDL$njr%7%j6O2ZQFIpGi@HU)z0OgY^Js&bg1qYixJI(0L$Kw?D!=)he5 z$+f$b&GP>e7dOK7L+xSD+vz2r&m%XR2hJ({kD!3NA3~by2uZLT!}j4d88H*(EZzFr!=;wem-y?}enl`bSe3$hHai`Rlr z$dVBOl;JDtJDy(Uw=YNDy^0)?xVT+QMWfN{%-=fFI_>@S+iO!uR0oaS7206qRWGbx zXQr-lRV^gf`XUlD;5NE2Kw8i&{>4SGSv-_;!dq2{7Sv*|_X*;~paZumM#8AEfc~}N zU@eDrsgyzIGHy>NbTk2LuHSX%u7rR`_Xeib4Di0r$d<0}NcB<0r2X~V=Db-o0~@DW z<4o*4hjAlLV88p~T?w_^_6|z~xUE#5{`^BSSYckcmwiqRw&O$#Ee;J%3 z*(DNdG{Ji8Upt&duBxqBaN?nqt_yc;l}_mdIv6*0YzdYRMV3QdChaf>DLNnIFNs5; z3tY!=@#1dB2Faz2h5;ZpElBI_Av+yjL6z0LPib>M8yfyQd{zKRi>Sp7!QxXKl7t4@ zCVLEiuZd5$TKz{!yF)kR6Ol6DBk!dn$UbsnGEt0`ex}oyq)Sl}+12rDNpa{$$=_OV z$6G2Er-Dr16l2p%UkaLTL(_xb_9UCYV|688XE}?>PCmc2AZ_mrh?@|jg4G(IodHsH zUKoM4(OvM`J5Cu4Wr0@x1M_C?##66fs5egk%TP0->4+&ny0UAC8W80}+~lf3JugcA ziE0!j2Nz^TesWrJ1fmqb9vIZRI}gw9F3o@*5R}l&yo_}C{{Xkc}k^H_lq_At*+q06`qG0kbEt-GGP-U=tMq!G>BTy#@s#l?cpy>YQ2vyqcUQV4~Xyu<((`j560Zs)UTECuIi1Fx7*%qKp1g=8J|_EW)o5eEFj`5D&hHuIF+9-=8-86R zOUay~7EeNNENo<9V21Ryl)u(r^=4s&MD(dGs>MH|UT6askllG8YAaa;8M%l?vt_Q- zLO)E}@7^zx3;Z##+L9r{o zn>X)-qz$CTpj?^RB)o{x%#vyjw3Y0YL}`Wv&!4tiF|dCM9{}1u!2ur}-S#I&Vx@>H zbSKp0HG|uP#Bc_Un933g0lXy!3V_JnAzgV*>3bqDsYfC;Qc@mEc`Is5Lh8!DcYNu$ zM4D+okP)q1h!^_hlkRP7J9ZfbT{8mK)%VaYb*@k_s!xHeR?sQjKA+RT;Y}fPD|T1z zxDo!EE+A&Yd#aabVw+^wu5|6X2MPvYrQ)vzI4Sw`puRU7&IAd95^nQNL3*M89u=KG z(^YDeC9)1U`v;VJ%}3YnIDi&7$*tdDH`%^yvLQv7Yc zkRA}ipTQA8Bj=!23%N<|@mwdwM-l&$IJ-5CHLGu1*4&?kaZIs-TNHrohD{o2vsZJ< zPaZJH*<=0RsD5rJw9uL+9XybF?G}=iLONpfJ$lgp|vyVykX?_nVF74|v2 ze`~%*{LF^4GkT&m9al_QtdOn4rYvVHsT9A2l12MHW?j+Df5L6#(*M5KM?#>sGT5ZF z=kI3M>ak4ev?+6UXzFPc`M(d}<{zrp$7JmAjO$FL(4;{wG0@5a*C{9GR?lY6>l(y?$!|Nq67$R@kv)rr$;Ek06*(x#^5 z*bWw&|Bt&~%`-O3im@3pnqPaRG!KFOzeN0do#MBAer|=g^0b{B@h~m+pm~nxOQ03C zm#hf3j)FgP?`6covnCPb@I zLv%92GZ}XlAEk8B-z?3VN7XfzGN3d|C>1}~X&yIC9Ss+#b-u>+o4_Yj6HYgqu6aj6 z4W@h~7Jr+9eh+8NOhTAK>0YKMXWktj3$M2$J1=1P_cP}|1A{Q2J#2O~uz3SI6tU^# zC;z3C9VPvJP?L7W@Cko;sSK(Uu|%eo037G?^2|ttFVXzxNYP>xqqU~86qFoA{5vv} z?QF2elqDNZG2c4?=oue{g*={)iBme}U80d$UWMaH^~#wby!Gy{%{)?o9N7cm;xqn? zfSfNzN=FL^THDM3!6I3ny?oJ@b315cOL1GBPFf=os(i{P6>=RTm@u9?jTTkj$_Jjy zqCb5zP* zP|0fg8NX90*x3c4=9xu_4W7CH-{M%b$F|u=&W#M1B#%izc8!#EO^NAsf^~01x05p* zxxuzwmLq(_qdojw?oD=ZfW*Az6AgbtAf;S_PqfEx#NT4{CL=V+PX>;U4Yqf(hMOMy z6Q*^|1dy2>3xmC-(|?~=aZ2^=9j>H;pBUG);j(4QfKB>12Cg_J*@?Z@^+5A6Z+Tox zIdAlM&<+l(cA*)cK&4jn77u5K<6D%$AG*U}`!9!*e`-`A&5xR$$ZO&md6Xj8as^TR z6cR-7KWZoMf4H)IsbRH+P4Dq$Vy^N$8-IkcP1t-kl`)utYFvcPUe7ZbV+;;U*!vz< z`bL+Pn-zS?NWBi~Y`f@dHX*;Nx7R+@&wfXJTApA2$nU>2*Pz z#(Z7H*nADgy4^#w)v(5VhpG>zwjG#8(X4cAs#vsreZsJR$nf$H-r$goq{|=8zeC_k zp%)%oWcj|QNjnxGqgv+Yxi_=(e{ful7zj%C-pn@XjE|_tYq$LeZOSdaI7LgHyE!P0 zq(rc1Z$HI;8TYl?%9D9>H3Brkp&Cs8WO6MiT&N?BXGKl>_YCCx^lx6`F2T5L+90TiMy zf$YZ>SWo6CjYg<hcz^NvQQPKWxWhMQFJ)2&-rijSc@{FR%2m$D^fT z&D%tS?K=7WYH!bljdrL)aLTyfl(Axxuck)ex?^k1F^Rq@!?L#eO8Lcc_!79F<$;D32BgIDO-F`qe=9Y=uN_M)H^O71vd(8TPD7I zQ<yPoK{?(=)SL7R-9dRsexOzdQY_wD@nk9?1lR9zdl z{qCj1SK>yD;@6|)KP&*gOR|vaSYhet67pxG12PSQn5DKOCfm|T90KFtOdt11kw@{S z+9bwX!+TL*TMWR^U;^G4xYaPJ2Nlkrqs5L=wIj^&!!p8;vyGoO)a>(C`TwHu!Ox3c z7MvYB&EaVz8i~lHi+<{1ry@z_E`?uKvb{Fr#*CQKNvQr}kvMHKO|D~OxDyRTF0_I# z6zMESvN3u%iNOJF$=ThEsCjp>V*@wr1ooRkIx^%sDPecNJ5Bp*7jf!aE_5U)MW8uH zBtwB}jHd3&@%4}Mp5V6$O$w4OrL+Eji-wXA3wO&_3(A8fsChA z;lNrS4^*j{fl!IiZxEzsZ+X(I-s~td<iz{1DaC8YL9Ub3Vcal`-J zd38=Lo{;eCn1a-7?acW^G15a|PP&;o(3HnB3_C+4c{nP0$R?EfXFGbR+PkjTk@Yo~ zr4o6Rq95Wla4l88zP&r!I>WuwH?B08y#bp}Cj20EklzBzto`p_YTK1iAM<~w=Z5oa@6;B2IdC`^$V||*-*K_NupdMXj3`L>=-NW zyX53*MKq_0_a%0gkk@a^D_QT?s`lcQkgAk9So_SEc z1qWPMg7Ct8zCZHrrp*6b2_Ce|mFGxyGBFv9dgpCm6W)777P5;d@!wB^r+#cLGrOB9 z9q2e%3!P0yA&6{u+*@w3hfS;BALBtS0VN#2_i*CMcagQR_`Js0PT;!18kWvj$SD}E zf6>S10NrbQ+023!(f(WYC-HxA<;Tor`d}JiDh@dv-t9-uAzBk?lQ~JAMIpLg{t+)d zE14wecb9dD?zm%O)gxN^G8ephd*rXg2%omSeW7{xm3H1FBjY`%w4?)-p7q~9-Bls^ zR?@bg{09sR-6}k)d~J{JHI-V#c+rsyLN5i^DqT^=V6GtVm5c$s+tRl5Zo8Das!THr zfjIX!sR!a_^3*|&>`7c|ktc)mOARvFJ&Wqe#1ffO{7Owy9L-GYFTcog^+%Y+dB5Jf z`E9x>N^U9v{rvxqj~>Yg`<6Xk2bXj64etqGS<4v{e8_Y70_u&3ZS%S8kK};||FkRZ zt4_Owrq{f0J~NEV-$e0c7mKH)o*jaORs~w3=FR*zN|Np{b?-I9=T?`<$4(%WW<(SX zzaaj<$v2Po&~(`iXjyg@Urb2?0~eHgi}~{^ZbNt9t)hr0MC9>b^FS}LuwXjB+yv%uFHT5_|7NtK@zxDR!L^o;*dK z%?WXBp7|;_JfmEW4PA#gC<`G?_a91`T|~=Hd&ypR+ze55_~LMIGNSN;Agj4=)*SX1 zEyTL<=_zC>HMD69v-0eLgWfsnIVZ=qK^SDDj!ozKJ*l;q+`++VQ)t&g$uFCah7EN>L+lG+3q?IVJJh#ojx1f4S_9 z-T%kO(Oq-t<<)Mf930l^g<}F}dIU{tl@t_y8MY$qW*h8zttLT9Y&FRRIuUfMwc(C} z!nw@dlv8Byy_%HUkP76Fx!$wG%*$vCSB9ssb`nC9CGYNTwoemXUsQkbyBWo`u7u0P zwoxW{k^OE&03#(_#Rh6JVqTfFGVZx^^GV7!ul7rtQXb zIs!w+J&(adr$w7~h)?t-m|AB0!s<{s{+Il%+zm;|u$ay-dCP zG3(T-X?gb0CTq2=)_U!_$8k}N<_ornDgV{c&;<>e6N|N(Cw7n#Agp@@Kpt#OO{&lr z88Qn9_B@!7ew4F33lf$g7yV$_hPJJpr<_9-<1NT>coJrMU1K#T1Cz^JxxDi>mm%n} z$&RHE`<6zgaVP&;dBn2W3FhkjXeS19cT}9UL3`?dV=AEiqo(jSv?fHGm$dWRPb_F# zk8rhN%2)XE?Q!Aez$pWuyprq=O*I!YTB2-nEb{*7bBY)*8$ibzUq?8A)NX?g$myrF zLv;9a)wSk`AsOuMfWV{iCX$9A@b_GWwJ@a_WDI=0f@87F+ga{8 z-k$}@@s@i?Sx*5<)%}Y9ku4PsU)ooG`@5n{x(^lb5d2?GbBi6U8*dDcOO+|&?o%Ci z0*Hcjz~(mlFIHV3tt~}nIHb!)0EaW6U~IfT+k4E*@m^4;YI5!n{;Xu(kb&;8BZ$q| zQ)(962VrffG!c6G-5LT>urZW3Mk<3$5$xs*?3xF;2dl2b()Vw_JkZVccJp3k=2AQ< z%bAn^Zad07*5)n0p+EfDCXDS(`iH07Bj}iqAJSyDZsPK#R?-2$m&EWfBbO!rvFzyn z(9HEUYMLE0qI!GT6PejSvM*ws9@(2aNGU{dffK_FGSc3cT*a8Q(ZHp^F;N=Cc9n%3 zVBsL;;@MPAi}K0B4^I8ktyHt!Op?4mpQ0%9S|88N<@-uU zwDci7aM~2(HVt=~2iK*36SNdfS!BEl7xkkZr=Nl|LmjqApUja;_D~^#0)yBeGzQ<26+wRC&>_d6>Z+wb!Iy^RyD~gqiDIVZa zKYBhf$A8n3f83WE#45L4Uanp6X}t~rlOMaPdt2u}$}c@4iQhOzDK$0STv4~AUoIV!DS%q(gIKSS+m}GEmagvRPD*RztO&OwSmLe z4Yi;phFag!doS9&)ObWoo7-*bM|~HZB93EMJGAZu4KIkWxvSI=X(b}8r|qMEp~6+o zI-5^j+K64B24x;_CyGd4Y1Bw*F$eza9f+$kEr7Q9rn64CDBe+)QvTTJ*DS$myrY(U z)aw-EM|ZFvL6pAsWLRllWU}{>l+Xln|MjRc4oQjAqm-b?AA**Fr_?nq!4=1Y)@QTI z4%d%-45&+q7uJss*flqB5WI1JUwCX(KQDkrw24CUrx)11#Wwa){RE`Y9|1;9G~&C= za?V8Yi^#XE`2>T9%30^qnn7Fg)gzBW~&^zjITIZ`Y6IQ{8n&A6=bf#=?|)&7b{!J}>Rd>t@3&DSO@c zJ(hQ6xZ*NH$H{FQTGJMtbd*P#m|rhLia>;0DbA`8>o{pMWB28lqukLTn|i+>ttA{q zzz_9n-EDs_c~`8BcOu;=KY=G}S~qpTfA{M2u2V*%gy+~}Y=(n+<}R7OR7uBTRX>7n zzG(ZNewd~n@ZA$RAvH9jMyl2~I{v*^(MY`Yct~l{swc~h6{v9EG!oFJNhIq@t8IN5 zr_B#l?TtM64>0z1s`u{Iv!zt{&8VSn0VAXI5$lDb!qmu!$}ds)h{tQ-gJ#NDu`gisFneTM_sN@-AY^)`BImKC6g#x%rx0FJ%TBW=T4X)^ zYl?NumeG@kPNu`UWv*6l?E9)8U)1>3lYowVr~h(y$UY9@5S{r>Mi9atr#*XYk$kij zHl4%P+;XEud`45~_VDyByVnPUSrTIly%pY@1U}ATQl>yi?P{0ToSDUt z@_pl-`@Ky9?H5Un{QGPG9@XqJzGcshZk!H-5GY zWO=I$l=Ejo|3~Ji!Ab|0QWrtwN$VU>-)_?KF&O3Ph;On}4wop^AdohXb>7F%$*VV( zI2tTRCW0*>N}s1;KEehPn1jWMb?e+RZi?lf~8lOOmV zpzj~Yue=%CHSiCGnT;)|u+}#9WtJ4MfB!)sOF0YI)MN~g?2|+|fuUnvIK7*I7#8An zHe{g1;68)zv25jHFTJnad}R>ZnnLHU*Hcc!<8ia5GoW*R`s)|sP`s+$db((RqTb5L zp3T+nPJFC@RoG*9QOH7ab3mw_viokA(`9pXYvpwXpZU19=)gxC@pBUUpVqRk0 zjOz|K349D_dMBRtCgP#Pmvckdb3!s)Wb;3K{(}7#m$tGO(@$D43DDV}#rz$64QAQalBq1r@ZuH^;dUiJUP41gj1`db%-w|Qvi9x5g74xGqSu(_`FXWX*Br|ll~Wo0_Ee;A?Qav>0LRqoA8! z!KcpV8OGNmfNifH6!=6k(NO>@h|+xV1bIqtrq2QZ+60*7g%|^oDIOrIgx7UIkw4{= z@`d8NhH(K-{%+NBUe+{uVohJ;OrpT!v1IP_n@{&dNz^dfq&7m9a8wzA88q7U%jG8qKftL-EUQ8 z5T4b{ASF_Cca*WN?~z#-*kBvasL%I2=1&+=edlngCWbAt-Pq@pS%4{tVa3Wz`~3x; z&6M(_Ps}hFNd^h=X|@4k_Yur$*XV)YIG^6~&|wMJoPnB7W~;=3j?@F5UpR^q+L;%Y zc79`gnVebpf{Mue2{3s9^icYv)lXdS+FxI`5fA(*4>;2rZU2(1nuW&Z)yx<%* z&#J0!oMJ2(^|GnrHMoYLvm(B2=>!4Q3qSRVZHG5{Ra8zv<~!??1A3^>{^+;49@M)X zD}W{g6-8!0+jfgqe}Q!1aQ&S=qfV$Oq-*ommQRZ-;Iw?tUiBHq_ag1OnM_vb11S-& zd;OHddF{w|9+14qlM%au37?dRwa%@xc$UhK;2j187`FFeTSvUq48E5nUgezVs!$aR z^a>KyUHZh%KFh}W8r_LYjF27Gc6lKeR7TJ^z-f?bukD_ihVo0rAbinDC9%EVA-j+C z6VT%Iqfs##oo)KRk^dlu!#!ueT!@|t!#Sa^0$!0g=qd%91W${H*`GyhA-12>e4kxR z(%;N<;ku!MZT<0^0Y$Qsa@1g_N}Hhdbv{}mXhvFg{)c&?qVgVvu>Gn>pHuv4HO@yV z4~g~Bijl0H3IV6}?UpYSKg4}{m+1GfRto?1@A0^tPNJk1JW=c~{O~_s)*HTOu|9=2 z+x8h{Yx!_`1zp!nhyL?%r?#H(PEKi=_FT#WC^4N~VtMex9dnSwSbF8s6(K}zq*KvN zyYDi6p;}a(tXQ6aOB!YugPCnD>J#daZjeEB3Xr7^%Vw_7Hb-m9`8z zcb2yU7kghflgPdcA1q?yYBfy!w3B5s`i#{V#Loq5%CXxMp4?4$`7lbT(Dr6G8KW9wt1LRl zvrne8#-ViUl|KbUfM|)k-;{G%x@)cUd*Ml`+edN><`JhXS%E^HqKP=4?DMdfH@0#K z4}ZIT(g?fwc6ARts`bue`=J;%Y`NjSt8wVBqzMwSqk2Vf8DaVaSiHiyyMZO7uxKrF z8&C^Bnnh|eOs2}2%wJc|E6L8ul$`ufZb2-mqM^^n06db~Lc09-G>OkF>I1FwVZ?)O z4yEaNc|+;+7WJJXF-Imv`7l${m%df3UDp||Bq;SbO7BXIY8-V(EA*#=b>dmBfrd%k zg}BncRVu$2D0qA|SbcsA$<3kiCte!k7BFVN82RRyFyM6IoJto}Jmi><%LcW7EP764 z#v}D^nb!1MN7PZ`OxvrM}1oKP#g=*98fM}H1ELLa(M;fEjFiJ{Ky z?12r^Q8P-OcuOidexC5@A5N<-^ej~=wh{ywy4}r!g7yi3Gp>9elsa^(O6pQTdLBD)< zfYeD#4?--28_fR9(3hb^>0LSUJbl5#(d_jz$d!QtCodLf%rVQUygqRTOqy*7=FGGb z)%xtgc!lr2{>PDMHof8aV?d+Fz_@3(mLJ8=mtIHW);ewI{M5qny@++57koF#Zr=Rd zhxvaGa;tExBp{SOaxeWe9br3f4(4U#Awho_|eMD94dEaV#d$PwCkZH#qK!JF7_(6+B4fOqX9HHJhjP zdr~+S8+6ku; z-3y0r43><1umX$4BmV?QIbI1dLcq7-VQT>Lp^t$`^6peuFN2Y=ONt(j`MT~>aG%#4 zbqMoaNZJh!{5}9TwXRjLsMW5Zef--y$nvNnm-?*m$h;X|k#0LZey;*zlY-50k58wm zKy0=JRjFI+{wilFvVAupF6YYgO5vXLcOdf#Vw*r)E|N9{vO?2Rjsj@c!4L66@tUcJRWCZqyUK^F(3&Y23NSW-qdeywG2*PC zdfZ}F6iX12Of#^0V|Dfs9Kx)TY$}31$LBg%;p(;W&YNfy!zNJwceCAOBJ(L5QqUn5 z3%0xS-(`0)ohF!mClie21)p@_dPx264p>(p(*cy^RPTy*@_dNc7%}|cy);41TboOK zr+UP^6K@vYn=d;`|J`z{FQd_%HhNQn1rx``6Els(7R2sM79>qX|93YYA7teJgY4sx zn=XBPd>QdVNog|P`OUIrIQxGqhpZ@=OwBsyRGFJW(P;Rjjs606Wn$^IujxcpGR<%G zvZX40ZTETNw*OX4D2koTJ|#swr23TZCXUX~ZHPS2HkMOx?{JIH<>+pj%HqgH{CCsdFg)Zt0P`v4dedWv2yRR^olPagV+v%vl>Tp9 zXqvoA#l~XJH}iISxP}dXd#wL^Qq?`-v1RKkP!^34Sx|+MW91(-szAZik3j#uNgw}r*e!sj^uH>?oc=)e7}A#1xeg`X*S>c3CP-e~WB zIyK(N$-wV987chwhH^pt6Cq(0Y|UEg|Jk`HtDzIA>TxyG+qye;gm^=x{~3-7QO{>}KzbN|RE z(6erMN|oNj3fP_jzGUGd6?pgbRXUwpe1=q|g3J;xdsb4J8fQ!tRP&PNcJhIi;PPbu&A$r?=gGdympK?jC8udN1}WYMeqBm= z&~>v>Vh?(nYvrxktg2jjk?*zPiYXWhmFs%z0_qdX(5ia~9VyOKUYC7v zoATOM{Bn(AbB}p%5S*YOtFB8u`=KB=8xQ{5sQ`Alyq?2=M3t!S<4DvCa!-GmN2ZuR zL92<2@C;|(1z+3Ch8k`K?Yosmv9Y|)O27*%E=b6?^WDUtqvisIUPaL#pI^(~uJpy{ zFP3OE=oOE9P0{KCpY2&ZM@gpD?R>%6ec89?)vPMdi`uP_0sB=a-PQ&V`et9LI+Twd zRJ&Nlb+uTG{VM-C0Cu@~JGhIuc%^^h#SC*gDC&J=CA)#qt^~|5>TN9bmZg zYaiVZeju0{5T9~0*Ncuh5D`>=aXn$hM(~R+;~{?&io}Cyzh}u9c`Fg}JK{_7W#WtS z7nBB~x_z9GeTS1IqjETH-_*tz4=6Lb9S$0N6ph;TLL8Xhxmf}|vc3bO8uLGp_)lZ*r%il~$joX>&X)X@|{P*F3vVnfFm$*a? z@3<9PB*(#l7G$W+7+>G{%=1ykb*QuV0U5Q;* zQ1vYyd)1-(cUhgc!Bx@NeL6Q?!T67Bjb&o3Z*$cx>U z&zFjfRsuJ%sFs@#3%7NqvSr*}l>}lSQB=SBVrw};?31DCbEt-D$0Cp0j(ZKBZ>U=VQ@b zumm~us_vKBbH*e=25UX7&*$@xxl*Wt<{hRNTl1@`R&oA#=djYbU6qzM$R!jB8I)X< zH|2%zb^uIT7q-f@`Hu;v#N|=enbcgY>)_!_SE!a#!F0ow$@rp=lA&b=_1~szKI2*B zk$0~DDXhj1avu^eIL2eERMVQz<@(mcV0nR5sB&it7ZIZ{k3M;?6NZ@NiiYgZME&k0^|A0l5AHjdn1oJKLoBBJ<;`YuZA^2?D+Hp)iEP`cYa8Rkvl_kZGGIY{3k7M^gye2$QUCc=9a6@9w9;IK( zJ`!MM0SbfoE;~Q>WIr{%v0slmgx)BBd~PnwO2VG)r{`H}Jqu6b?O)lP{zfuO;mz7v zm)Fs|Cs4R`oTpU3zP$U$6qN^>*9QH4C68;b$i<`^7294`D>3+0UsT*)UmgA_AZO)t z*!(&cZ{FjqBvV72z4-bcA3cgfzvdxmqwefM=}NXpQi_f@hKjhsjZ2khsQ_EeH4u0| zu(PluMAbp z6C@5v<)za3V}I5Xz!k~q+78N5!Mt`VKkB?TU;36zvDx|{LRTamm72_JY@vfb>b3Ls?(h<#zT3T-|I(v8$_t#e z`ABE;T``vVDOyxdgnCZ=IR0g1QQs`=*QdtV(g*+xJA+pvNV{4C6X>@$g)o2L{TwH! zY@s*upka1aOAxQ}$)DB#_vBr|K3ExEM66H3jWA6cSl)NFrUmKFRv3Go@|W+;o!HH< zO>)ZCZi&~xlbA1{(~Ad^jD&T@W!;Ui@~(ghe7x`%HHTxq6HEo4YKxEP)T3@bn zMyZ`P>sqpkdmT9-YPW1}``75|&7%L?ArZ}zdOrO;6v%!L8F-0|crl@^*n&0BU1e*BX*85rN?i-;yCr%iQ0CcxPYJ=7Mo(g zr(X8+g99m_!Za3SFZ+HTPgqM8XA&Rrxmb!6?L6eScy9-p-`-+m(4mF;oL*xP*gVY9 zOUcI4HvY4;UOP*|z1##@m`JFFJxJ;`;?g|zDd48!ehP79FEcH+85~O)YN2dcksgpT z-n^z?Q)Q3iW=Qsz=<0Lzsy(K2wEVEaJ#^Gu<=EfFVwkT&;C{E&1wDNwINe29#34Fi zB7$lTZEzb(e1wPhv}WIsTweMC)86AChV9~&!C?hh#&&kNsjoK`K|PH{KXv6+ONEE3 zeiHuExn2V_$OaizHbbp-JBjAbCX7iUrLui8J+IdnWT5#%omlqS#F7+CuKdr(|Gd9 zBYU2(fI(#rb)!CB+KEeH_XD3Y9RrLO%fX1sS_UkOmE*nKR$wR3`1(`O^NW$X(}^1Z9} za)A24g7Q*|k>y9FYf`N%=N^Yc&u5xbe}$4ioo?yqPZ^qPPMx>nMPOx}T#V~h4q+XX zNofx-d(njF3liA#>!aDBzk9z5%%9(P`J|$x#}Chc9YmJYc2^W*^W>lD3KT&3wYs`_ z+Amd9N^bDC%iJREp$Y3yFtLMihKm5ix$Qo%96$D~pyC~9MZD;`86i(7{$sWxYpda5 z_hxjyI|yWU5X=fdRYfOyJeS@uEp{-jw>lcg+|MkVUzF54#Lp~LceBUmS|lFE{?7nM zK)AoeyMT#H@cWV4?Y!iPh{oCm4Km#kJ;ssnTY)Y89OerIzbHUhm1wvWX6MhW2+Y!_7Q;|Mw%Q{y zTxOc!o6YhG6@Vc$!*`OyGQ}`YKE`LQ2K8-kBM4((==H(tsyZuQhE!CL`(f<>@cD5R zt*V0^e%hTL$rmI%LH?TF|1FD&PN^$?Cd_;1;Dcaa{(|)D?n`S{YQPUYkxXClqib4O zOE2Jizlu#~8O`;$caEcO-WQ(brKpBtK8UdKq-(b+ql*C*`@|U`r`I!xs*Gjh)N}r% z?wY-!!5oZFln*BFws1Vj~lysx?RpXIP@^l5$f~I-QQen`d8C~ZtaVI z*b#Knmisz#y`)rK6_5RB*?H+;GQyZ*)QeJp#!NsPuY*}rq^^pI3j(yeBbk7L7h>v% z1Y|I)Cgq0rX6Uy-!I$+Mu{}g%5^)r^(A6(?Tk2#zGA}oC&b#|O#}5(I@XBrVYZh}> z#=hA`t}<0(!gI4g0+cHrVk5=)j>2S!Q+D=cgTf19?+HA5AA{S3Z{Gf)hkIGc%WMMK zKWlx#CM7GNYDh&BAj#{2xWvJJ%KaOg^4Ky2D@P+RY6F3E|h{+X5l zm3wP6#IQe7+8MdE8Fy9gR8G7o;>2j5)gi&e=Si;To}j_RB?9oXhGEK1s+dODX^5Mf z3jk0V)_+T_>PcCRExgj13KSuFo}lPcaa9}W>py=}US+wRI&;@9oq6^t)9UK?WxDyi z_-rbSVaK_q6G-`XJJAT&FVyV@iOU-<578UzE_o#mktRJYcD7k#I|xsS7R!G^Z&WVn z{Mp*bUeTwkECj|smC#FBVSY9kVK-2Q_x(4RmCki6!!3Gp9G2!(bri`*&dyC|FD{I+ zdHDX7b{5FY@VZQ7okZ;uT-}0A@WQ+>d%YAVxp!O2N{bp|`c2ve=^YCtR+A3B_R9Z_ z0}=lrMW99)lCezzJ=NvIf^CpTq*P_f8CEczjh>B+@JWD)JDx3}d7I0?8@s=geO{{P zVx(g>zSwklC=J^omrCl4bJROn!KvU`Cu9_#CYaF>Paxxt8pMTru5c4I-F!fR!wysG znfuN(%wWhf8M)?UUY5$#nEg+l9T#js0JSSl&Av|sD5>yFmjY}Cvs(8?zv=eaZx$eF zm8C3cMqy8R=0EAu$7wj0H4uqn5>6n~Km*e`D;XS?rRHAt8w#>u-8Y%1WAExN{Fdq#%K@ zDU2<3fHn@V=IZL7<$el~+3u$t+`Pv+ma+Y@Og4vn=Xnv#&&SCWgCDKG*?R4r&?~$N zaE6T9=URV%t^M0^6f|!OZaUqSiSw1-Xkk2bhaV0lj}@mp@=(Ich^jEFg>U>U<5Z$F zb%8T_ShSM|VxPT!x!Y4)dsg4A47UKop(U7bC?eJT7FQY|SEo^1-ry=fdgD1L<~~q) ztZf5#ZfZRhD71c^G+jkGRrQflv#80_ox^k|X2gJ!y=4R>Md{)F2M1#$eaT2(X@B=Z}x<6ZjJ#lJf6rAX;G5onh_A6vO6 zvSpTHR5XtTY>=Z&T&?yKFO};`s50Q3S)=Q`Op1 z+q9#dzxk+QyZl;xcG6I*23r6F4&)BYC%Vu<+{_HL{ zeDp!XY3$v1C4c&U_Sk0yc50`W(a36}FLWhH-`z=)49RetvJ=$5?RRjC{CLWiG6#zO z;_&Gl*4JZy4c6wJbd+>ZcSdFk`X{+uw;MY>5(4r)$ z4|*Xs+gd-fCr>f((w6^t?{7KEFsoH7YRz@mHNBZOG;{miYA!+2 z8hfhdwYBi-Vhp)k+!9o0%{{S6v+?(`<#p`cies_i<(TRG{2A73N{d?rA|gk-s_y}8%zqD3y3{Z{{r& zG)qVQ5cLr>S7t1#TAdfEvsbB!DgV!~hC(kJ2iv?@*CJvtWWPz;WamW8y}acqtlMQE zaxL@ZP+!p^2f*zGzE|=&;nQ*B(8jV{Cm^$Ehk~XCKL|yWanF+s2XQEqzY39k-oE6X z_(rple&AtR-*mD$A)Prc=pK-nSd2NlV2_K6&@Ft7tJFI{ec}$Z zs_(F;ObQ8Kq4FR2e7%@O|M5{x1Geo^0bS(yvRVGj{qgn+(D+m=ntcASCG>(@Q8XZb zFW0YWfbU~1K3^-Q#r#|FN*$yGhW>Hmd6=G&;i$JSWeslrM7rw}hme(eeX(9GP79uLC5?aJgeqc*UNq z!snhSCZxpytL+b(U*CFLxAazRsH-vXXBUef%@Lea)(Bu0xpJ1&vs0HoktxEXil8h8 z*R)Qx(tGu8_9L)jriMnp!F?{a5xW?8N3-OTMy(K>|LobVP5>N3+4;p~td{l1@mrU2 zn2x8)(a$Kx-&{V35~)@dxZaQ-S=KzD`*o>RMhM@jS`J3S)+< zYR7tt(D%+%-}~wz9lZUb{5n;z zXR|z*!8MdHdlf1%`!zz}rQ;103~`{t+0W?;oo=)S&0n$@#%8$L@BCb()w{N(th>?C zJR^+@QaO)Jq@7@TafEN|f|P2vMUF1Ak|mxmh}KDA!x&t>gItW=8DLWX(x&g3e~OIj z15iXG5ie^=sVqb=A+-*V3GN|eqC6^EN(b0@uy!gJV>0BsGAC_+q~fAtM`X+h;qDO` zdpAmw5>saeiKtZZbltkuXTe|gZ$|+m==Yx33$ggo8}Zl&+%#ExRZ?s8OA@syT<{}utsssa>QkZKXw_q$!p*~5d^FWoJV=MaA5(Bppjo{wJBZpakh zz4XI_#gn^k9-oDuFz^>&;t#Ac?fX+7hVt_3x%4uC{2_&V{A+t;rI)q4T8c^K@|UW$ z>7D3J{(@dRN?ZQtr^sP8(1oE5vW#{q|HlV{eDJOQHl9H{mGiN0 zZQ^CPm8CrP$R~)14L^fwRJexoGl#}(fb#m2`>b*sR!IKg;RMji&4U>%E2`(TyeS?E zy+6~Cow}fLJHXtJ6=T7z@cCe!e7D?~I^9iJFmy2V*NJt5dt^(yJa{q~>GkJuGdwt` z7VQv$b(u+!e<@k@)9}nQJ3We8@47>}7Eb-Pg<>d;{>korxCO1$^&OM0x4G3@;t7Q= zLg}t~a^e+@#G)9Ee*-rU5`1Y}xkZwu2~Kxe3%%`yU!ef}`Z243q@Ma3J`L6s_U*RQ z%L!cK5W|3g@Pt)+{k(ckZ$#f03MCec8w)HL?@uB0S>{eQsFWMu%N3G&0)*%P8dgHA z;b-t)-$lEuLlN?d##m%xx?8t-Ny@m2w2hO4pzR2_HeQ`-@Ve+IwM%qWuC+;mT z1eG(?NR;d|%|@XE{6j9Ke|ux*ISX0EG5g4TRDNLmU=HfB@%K9yUMal*p_zQ`d;`^LdFoSN*#XL6|+C&;00MKzjSqq-J@fn* zU0yDf%()?31b*9Nhd+Cw<+z{)s1Sn>9uGUD5Q5_5|Gx~C0$9?I4>514S#Qr#_4NdM zl>&53Yq0PS@!9QK60_*TU_Pi%z~Zlf8u#b);Sq}+Z(W`?ymbLJywyd!xirYGl?sU^ zwTMvi@K>k1efxP0aP9NDbzNeD8xL#wEet zeb1LOosGlZ5r$a!-4!1{*R!UP2>5y**eKUTRXvL4LYER~K&U;{s1@oAmkiHIgWZmIQz|Y_jI}ObS zA8!RV!b0(E%XxQ~h*BL3z_`z1q~?h;cb*J&wL1S1x@~8#ewj7sUhjMvCZ}x2=wwM# zpgeX>)b{euWWR2f16-@ls=;010zP`1$j#{6!?ZV0%b)$3XVhdB0)!srqX30bl9)lC z+#eFbB>YI4)`O1?l$7XdpzQPlFAr%EKkQ=e88)nm&nKX#xVA22i#_O0;|!L0j^)Fk zNT)|~`ynmC4Q}Sdeqxp3wUmNARXox8ulXX^TFar0PI&k9{y{LZWV*`orPJ>nHlk8j ztZmXi#S0*DH5*xUW%Nat?dsG@Gx56s6!fH*@oG%Jor^kktwHEXJ25Jl;?4R&%8j=7uXupf)Fxui+(My4jg<#l4cgSJ znn4J*cFcY>s@UR={mJurvD0_}Gkz9hzvt2$&WC5XVQ0K+?^}L<2&y)&_jeH3Si`Q~ zN(Jy(KEc0uUv@JE1KA>P|2=@kon}7+rT-3OTa$)F6`Oaynid6RbtqsZz7f_o`foeC zuWtyzW(PfcD(k{@XAh=aBrwSpc&QRqnu^@^hvU+>3=@3viY1oUsAuC{Uy0y)ziBoG zs)OyRX>}QoZ6Nc~0~~GL!1mX=`<@@h4uN)~JMb_aTI(HPjsmKXW&~E5=@wno;y`b+ zV8>iWrF-m{&9DvhAE26Pew%#~56BV1P%X=7EK01deOQ)|ObHMA?6iA}CX`qSa_b!# zTKAhMD;UHYWOnl`@oieY6-)?G&k ztp}KynqOVE5kd3Ub&ZjYdneV}jM`~@v9)Ov+E^b9m8ddLKvO98xD3WS$X`=I4xD=a zC_otQO_(1#!&9`^4{KU^2zuX!ghw)PjlaIsOXwxX3nfPXg=&AJ913by)bXN#>m>9#^ z8+AxEFL@MSNZ0>M7m+vF|Z=V zlZSw0m7;wC#%vP>VQZ4YXS!PU(w1h_%i4Z#=wS2PkP{w-vz|t)UbkK~Wn_;;u*w zuA5j}&Q2D=3v=yV{vkQ)?ICY~<)z`n+`Harg1?v4Pwvp%E{G05L9T=I=WoD_JIOV~~J<5??tUEGHD&Y!n1)2S)(f2+|F0knfec{jH#jTmY+kMHFe_3$nj0 z5d)U^YDi&vH!;kaWYGSTu`D-JuQD?Vqn|Vy6PuG)^(hAKv{pLP2?(!MYB2j~Os$Ui zs+!slu}!=3K)WTr?edCy=x=*^dhR*0COX(3chscgyUh;=8OSSq9xxn?vI7gsEEXSD zwZcwuf$nP0APlICHO0;8LR4x>kRIbdYKOXVA~%&b{~D?nNt*fAhCWpf(b zGVp&Ds9l5AE0vLZha)kqSx+QPkVI!93cnP{-2UaeR5Y9;f%!XK-dKC%+`J<$U)A4` zpqy&sWDGr<;2O-zSAFbGXPzEzkwWZIk@0~$8L$nN?owa{laCA!aSjC%@=4b#Km~Kn zhex6CyrEn7ZqFPjl5hGG&q}saZz`U?Prf5ZW+M#0`4;7&s!N8InW7va)wX0-Z3|i(V^PBZMHhAc5I}Q!nrteFKQ0;2 zKbSLJieHou=q2V1Gy-AkHC_w>wY~OTutRKJd{ZCjC&1GPsBr46u+CMoc@QNNwmx~kygt)78 zo30ID_d4RvNc+{rKK#`F#4yKb?wg|?&MuO+ayk>+C`xCuc1L9Be1shDa8rG3D0_}V zN5HSo9u;AvRAtO+Izn2^nx_f@A#eBG`W)zIV#SX{KmX}DG_r@ zX2+ln0_oI`lIWIhkA|K9w4#c2!R)dGm^>cTbTiVmw%~L&Hn!j}EgM|bs`|K+NjAm* zyC&^YF;-f}ucmWYkI9aE>%v2b&UG+ef7s}8AR9Yx`p1@UbVM+{uc9Ecd0DY6R6$1j zrgETox|^xodzTrzb-tUv3^zhytQ=SIrNo18@n5QV?hfD7U(*)4KRn1r6-S;;ONX+u z@89dR&}vr}0}6csG)eM&5eF3=a&~u(^j?b?s6p>*Jl`W4AP2>juxy6_E6cy_QCS;( zQXr|xlh~%nV$F4%%d0 zHR`b6AYUUd_7s*al?hfSPW(7M$XbT##12)*?lX=#hHzF2*2xR zIck5HrnbMm!?0V+Cy z6zGj*;^VS?R(ZGI(Ty|+L7t>gY&nP6QFqhkzN>R8&G-;c$zn1QsUsx-o6_!sHn!T@ zA)W-ia+V6W@H-mPY;@B9Qi1;WqP3bSGpM5UK!H8jNEoenBlPSZXyH@%ISNaEIAHH$p! zjTMb>JcHys>mv1asLn+2*=h|U=_`QoLYSD=R!6d=6zZV%^*1BMrnD%yW!y=9`*>&VwB-L%ZI>+tKJuXamgL)R$dG)I=JD-$d*Ua-DL;7pXR`Q`s<0J^ z;_(|Ci5cm;ss?aS+uhaND#Q!?1xIoZ~-OJmZ6VuASa4ocp$%kOEW7dYh_F{ zT$+1Dql#hAXZAAum>kZZ?)v!t>x(z-&x(eEuE>)X9_OlP;B#Gv#%?oQMnr5%?cz*O8xLBlt=~U4VC%8^^2D|15v6%6F6X3 zF3Kv4pVSgdV}hgsX&VpsZznn0 z7G))%8E`w?o?U*$s)$MO!L%GnWT>RC$zH~ej)1i-WOJ}X2~ZK8m48dE@Ce1!drh7I_Sr}33ScWn z&6g7F&w~om4=m-Hf3`jmgH!KtmV@9>;Vc)6;{CFoH_(9GnKv~Vwh9qzvK~U{*0SQA z`p*~Zy6o<|PQ}A772U~>XhRf81;77;Vx)92xeUi>i~cSMbQ?*p*qdd%l&Z+H=yzG|w<9*cB|4gPdRvwI1?svjY?TP>FhF(H_A=P9vm|f%mCbRD_XP|bb;Is`jEH+I$4Q8c{e;zX= zg4S0St&CZdV}%WWF_BD8V%>@uD(nK6!$bL`RgSl|iU36aha)f2L)iUu?2TcpW zPtQMTe584WdO(tf-q4o+gcqXtn)vKU@J5_d`69z+C`in!_5b7QEuf-mzc)~o?(UZE z9*{;r>Fykfp+k`oqy$6+rJJFp8wN%MiJ`k20TDzP7`pQge&6rj`~TL$#ag(SdC&9i z{lsDRd+eVrdPUb&Q6wL{6;6Lv^dcWs<^|FTt8ne$MpnPUB&^jMTn_0R9KX-7JkWsv zlVyHhO1jH^v3-DL;1PbYHBCp*GjSI=045Ea@`^+ zCX5R$##iFXQ-^^k7*aiB1Srp!l;H<6Yfqy`Ng)17%Ta+qz>F^V!Y7R5FZX=N9EfGNZJfOkWn zjDg6!qKP903jR+;*H{y$pIgx*j3}Re)%uZ3=LDsvap5WXq#Vf+p&5&v&KX z3)@-<(|cdQ&MEc!atj5C{m7 zp()LR7D8Fw?ABRuq+H#(XQ9XxO_r956qR77P73|ENJ!3#EtNy9D~3u+g=ytO~L z!8Hnr$j{9>0TMT_!#Nhc*Ig{<#TR6ajl;+oq)tNXUli6kS*nb`NCcWVC|bzZeB0y_ zPwqD?7EjXmWV{r(HZ&8aMxfd(`);bGKjQv#&2W2BJ0%PswRA1XIte=}-8a#(oFN>(X4rx8V1LcLG%PupqTtkXftD62ZK_C(WWKjb zVKC8Z=u#LY-;%z1RdDx1P7?i0Au%hbA(C@Kf=mlmOhRYs%=(lrcBwNMw|@}R*)-V0 z&GJaBrr>2^nPb@wp9#Ig zkaEgIfzRNG-eo$qg)W*(fAuwp?qI%A%em%|>w zZ}($Ksx<<4hRK3=!95VQPUtusR0E?S2X4Xhvve zHF@roKBY4$l2%{r)6YlyBnY81Dc>|o!5nj9{Yde4ULrNPTq^g`@3t4fg8<>*Z9kZD zS+Mo_N*!i%`?U+LTLV<~9>j7qOKE|<_Rg#Spz`^G8p?~gM*>aQyI-!UtI(QeOWY6m zVBe4N*Ev)T`zWLj28%r;aqs<|gRpeD|J31x|5M@u9#aH|zxN?d%cIGLDXmk)a*onz z2@kHj<@^bI=u%SV{q2kUX&Cgf!t3XlBLTf0$L7YjsZ4T~@p=)&=-ltbMc1%W^814j z-!zH_G)wwY8vCtbd_DyBv1P2DYcAvM6M2O|DhK#jT86`TV^ru8Gxp=3CD%uFHX(;h zyYe?^DBs?37|YzCQklNf&2&dzQJ-1C^(ezFvA@cLKHb#`xaIR_YdzkD)^ID-r|I3Q8l!5$nhZ`DrWI2mrPiIo+| zK$1EYqc4oA*1=1LGcAF&kpDe^2e@Yyj1r(7=u(AB=21O>}p!W09W1 zUkK@MJ`}IAticIo77u+345$WQby2ijL!}-J%7-#LaLCEF5@?-H0Ok=HtvOG@3jd5M z{&@8FXK@7o8+cVrY!TA}TgeG)HN|z}~+Q zhv%yj9sK_rs?~I}{YB?g*Wy~&;ND5~)A-+0sHfH4Y%jBm4$}9!dK`nJIGVq6SS*Sk zvf9>hZi7Fs7Kr>iQCpXE(A~UDZ@GA9;`04XHLPgwxiWW=ucvvrqL!?4cVm-*IcrHs z$*u1*y|St#(%npx4y))8-9Jn=Ogi65gGm23{`tSJ^^$|^6}=3s-MmCik;*+CR|Y3{ z8*>3nXoIS`3pF`HQ{xLlwbaFek9sGFj{fog&a(c0S7Z7Tcxp6o*#&U#Z2vvhbIi88 ze&_7RlSZIlvS9EqczZPLc1Ezn`Tzb}D09Pyrk7rYb>Hs7$2OFsoF{?iM&v`rVYv^C zEYwR~{X}ZYPDWSBN&fFz<6M*%Md~?UAL;Vchx5c66JS86rS$ky#qMhF@QP#p^B%r5 z4ufNk^^gd`2pD0ZDYJh+I#g8unqS`PTiu$;&xHRj$y#wfMUrL#kU7!tK5X7Hs_nN+ z`^o}-D)xUME5$!>ZLs(t_yHDM@N_X;0e}gG7ECoXw5urn2it*gnBBQWp2ahLP3j?7 zWo}yongGjx5Y*?H%K8$aB>l`FkAb+a2MAUyE8jlHw$%T>FGbwNA0R>WUB2F1touED zCqHc7P%(H=r?0SuBQX5GFy)VdW1~NS6`AS6=BqHE-$HLwg2OeU|8v3Qp)l`b$Gjyw zZhTOxK$=$Jx%tLw0_%TJ0Usb~{fc4UJ0f`Yc0$eTa5s*XTBgq5&;N6+hpV4-TA$Qo zh0akA3D^ihR1X^Dm|}aY!!1Jo^S*t#vUSt4UrdD3tkQu1qp_94M?VPvbG6FPoIFJ+ z7L>x_JL(wFQgWNc*`F!@-QTdkbJ>K$mE(k3!4}PLHoEuoz8Rjk&e!i^EQu!0Eaf&A zO-l8NC*!W98*jF+tDL|NNF0I>iB>t?@{qI_l$g*KlA$8~>q;#z*Z*#v#^zW*(R-#e zf2n}Go#{R_PW|}m(A^x3@KPt{<~|_!oG^cpQ&dVpJbvO-=R5JTgf&q_{uiXy>4#Hx z1HQOuxZ5Z?v{de93#~e0@%?}HTuSci&FZWQV}{PwTViFjc?UvJgeTgPx_CD39u|^L z$4@q`vd6!Q$Mvd;%k^!wQ~4EB)hD039Kmwgz0kqTRKb9}-&%0p*%SC>l|{1GECrAF zkC)Ti@ExGlAek2~wmxo^8H}%+{MhH3f}(%TwLpK^mR03fg^*hmTKkS1^%xY zI|e#Gd486u-w#;7pSBhv!Gs=RLZ?q|Qj<<@9B&S)R>B5Ng+HnVm*>BhDdBRLuY4^8 zahWcQ5O(@Vj^5w7r+baG(fDJ=LIhDck{J9GdOk>xhcR^uI;Z)IrVRQ?or~3WMayYU zR6P2~{$Nx4{==?%YNO@j#WOalDryOo-rAy;M&$+9S z&0sCiY8&r2K8Uw9<;V*gJ0X#Rm+(8!Pgi&T%~hkrb{FCs^APTvlcx$uOA+|a=G4?8 zq=(bmTvj{_^)GR}z#>E3#TGCvCMODg8vr&(Zuz0nW8OocnuiSbGFp@^#I_d2VFZ?9 zKp{m%RCNo%voh~WZ#bjai*@vgh#_fLj*{sAl*k#5Y~2`%ANhT~1JI$<{E@tfjV|p* zL-FU#V~4#_)yVIB*vO)ve~6W%>dJilMzH4c8LcnIq?xH>9J$e4rkT6|A4GidX0ekG05qs}Iy$~(&Ah88Y7RjM!TWp=?2Kcp0`6|QDSnLf!&$fk zmVm?NXE{l$-7+%1>F%D&SEf_{10M6otM`nu2XygY{;mK7ck{X04{DTQhp)UvP_Z(^ z-q_V2?F`4qbmw_p{qi0^6)nX!S+wPu;Q2fFjsH4{C$Oy}LMMnfz;`w6bU!p-u5Lg6 zzPUSe8e>M^9N(b0Sk269p_KftHoC?F{RR3>rT^f?{s8#~LLK921JzIrNAcZzjM_q? zFX5`bUJU`h;moIF=X)LhTnl@Mg1`6j=?V;s*}bXrw2d-sKCiY`qMKt?gU{K27X_*3 z;RD+%orbq=2wpGhf109@<@Ju?Cu(}D0k|77MOlQ=CP3UWBOm7^+h1q%{2N33Zf|xp zSUx2RoTH%S*5wnj&XF=2YLe0*$zgQ0=^omIt&9#WC>#*iNtRH`>J)pt2y{BXt z_NBSJx#fOFRQ>jaj6%$5TT1BsK~^!$oZNBBfvHYMux9S^F6fA9w75N7#uymo>; zBy8h))N0pK_s&QA!o2x~w|#$N(=!~frNCJyZ!%^7$AaohAb4$k$7Ya8J?kFtiwATX z+HD1dY{3|We~+DT(~JBmo;-Iu`&39;=E;SeA7oegX|pHvrZ_5E>jvxJx>0q;VUj&b zaPWGKgX$m#Rvn5-gLLfz(kO1iY=Z!M8zh=4}%9& z3qxEZLvLrE14Zp4*N$YbwYQXbQxhXh$})*+vUGUkV-gM7ka@uKbN;9qzeGypWiznm zro~Iu==s|E5Y=y@A~3s5<3fOMVN~>}r3ZcXExRQC-=}Q6uV4D}s`kdDK8C96)CT9x z?qr8m1|{+wqPyukJ%S`=qVv~rt4mw$dJkJE#Y#)NHTmZk72_tzp1i&M^CawxIQ@_@ zn6r&A6)vp4Xt#%bmUZH-<&0@+IJ%_e(P} zuV4KxirgAJ1jyyQhqb*sZF6?pU|Ri`90rs&H%qH)+c!z^K(5Wb*{!#i9dB)C&vIlf zR_;urczENqjKbhECr7Dofv<5epq>kpSB#D5FjQY%tvRivm!I7HF(vjd#e{ZWkvF*_ z^jVak=r`{C8$dwCQ(|mTVuV3CYMbeaY66Bda;mojYX&n4xt}!X-R8QmufnH~_Yvz4 zQ`C`Wz9?!>h-fdHkte!bs503$Hy%`;4ZIlSH@Y&DMv;QWoa-HQF^FgRHsUEV_+fLo znXQ2VlM8K56OZS%LnwHq1FdhtkGC7Mr>5m;St!KA#gFL7=GNF~qm4Xxdj->&q5R_V z5o${|gwUU*DhOFDNx#L`UIN4~L*L90Wom470AXG^KN(3>h_vsB8tq{y5$kddyR}Q5 zfbZCm)le&SL_4>s$-)dgNM=X;n(^tEN6zdrgon$8=Ge+@(nX==Hw; z!u8(-VPpcH>L$VH@ZD96A&Tst5<>|Mtoka$QUWG{AugM+;%AU3pW-Rgv$LNGMi__w zTRW}rDwl-w^~jZ!uV)|}_clDn+?N5T>Ya0QOzkgxX(t3SQ>Tk5I~?P9Lf$goMRm5( zA2)zCcE9-J_DzkD?>Ag4pM1UMJqh(P)gTpr^?hE=0t>?LH|0Bu;qGpuZZYdwdE(5y zeI4EBi&>Yb`0Q(0lZi0iy$4PPgp)m8DzZ-#tNj=Uw`vv&?8 zN34{bFLV})Fmt;xJ(p6?AxoK1xmJ(`~_@XWdO zf2l&Yw1-XWixX|?&v43+4ryEdkujA`isw@pPUh7`>eooU)?h@&IZrXWU-gmrZ1;Hz z%74yMmr*Q19;+*P)qe<^M=Y;@U9EQ~LC9ZFO)vwf{sK3D^F-*x?fbjc=fv+52tm@p zzSAn7lSy|kadxUWoH8;IN%D>QI7C$fa_vQ7bKaxvEK@Q;cdJB`z?$RL;wXw^Ch2@G z_q}(M6;E6^()a`0iyjjV8YjpC!^nfL+=GI*1v?zd)W})V_}y9UCl(0=46azB8m?MPdy#>g_zm_J}#=6-d@5jY5oQ7 z=Ds)gtg*u{vRHo>#Rgi14!FQi9YF9c5b%Q)+1{1qRxZLpe^8?jpgAJ35s!k$plv4a}ZU-9qhDSI~e3 z?!sfxZeBL+Tv}evo0jFH^UeOu5FGmvXkw(bwtg&CjBKN0WKPNawvd*2?JD`X3_Waq zne(S-b>fdtKk62P1{T!xo-C+)D=g?=DmNHr&67rGJi@4txz#QCt>uMNM%z$ZJP*E7 zSztv~E2{74Cg3im07Ar}rqICDm)T z|4ij_^oIbZO5sC2p21u$lE0-n9oVk}XCKul*!$tQjpcWrZ9Oocoo@>EbT&t7Gn^XZ z4}sVq3k)_kqUt8*v>ICsy0bDKlw6G_9jzvpzpy=h99WALq31o8U50Y!t`iXjq#6f* zPh`2Ynw|w)pM2HQ9dDZ#QM-J_wdpypC7@vxOYkQh2s>thM9B!Dkc;C_WYN`9Va#?& zkoD3a$F6U!;6mm^XqYx|<&DtQEno_mEdrn0DoCZ;hd8J2$nAU*!78joha*0}Ei79A zf=Q6_JE$dTX}Sx+?nsFg7QDVL1{bYQ^{xt)(c**r6LYJ5iq|iTe;3>&H6&V6BJG9d zPOW&1+;egt-`z>wK_|FciscJ z#?R9ljc4n7AN)tN`zgqiF_laC!t#}ksD}ubq|esI0!1V0{T&1HnmO(szuMao>~t82 z^qeKD#$n974n)R81`{pGHK??>2e7?f>~bgvf}QT>9D$SHl`%(SYVLEL2IUawArftE zwv+vNT;{#0h%n(1?t4(ylSg5jXz+)R$y($5!J;I<|DZ?tSA!R|c!d5e*z|JWu;5W^ z3KLc!zr~|+^E>*WGPd&ot7bRVgyLxWD@K;-)fK zgK6r<5CW#G+Z!%DC=%+nv6V8M8uE-5%Xe z-=8OqAJ5RB|IzeU{5ujigfjyCIZ$Cy`0_6N^fMzalJ=(7p~jrF1mI)?+YAWIS8eiK zu6HbZYi%8VrPI$zL~ewl8RYG^?!GY2+wrgE+u~kN2A+AHZSL`2B?e;$Z?KDaoj#F` zi-zwcU_!U>BE~8cn}1HQeq`@TYSp-G=TSf0A7DHFSe^m|%f$OSxV_r2ZCy4Amu**P zv@GrGOtN+6Bn0ZYfnwiPcfL-u|<}-XTY=-@YJ5%sb zIM=2;;6Za0u8VM5RxD}{W-%VQ->D!PU&q$b!(GDcW&6<9@TptQ6!~sGU0`-1Av?cRy!-&u`017o9q6Z?^VjfK!76HYn z4xUhj!C|8vRkBJ#6Sr3`1z%RAP<@HugW8|a#?vCdpFf#s?c9}(UYMG!z$#z!t1lu7 zn|}v$-Vc=v$=B>?oXW-peS#yt%a)h3rezU1yg3X*ERQcCmTObJG0M_U|Bz%25*6%f zc)ZKmr(C`DwuvGXupU8I(Nfffy0E1&1Uaqlt&$p2j6ZBNp&k;j5Q3a$o18^!!TA-4 zxhH_I9eA?3udg`QOx9s|v&@Y%5rM6Qwx&FC7nPs3@{;iwt<8x215Tf}R&fs8cGS{y z*=*gicdvlW4%-o`4{cmsm!f-@ahoe?18kn0%2Nan8qGg>qBpj3Sm`jRpUw2D2aI~h zN9FNA82*ANe+jtDUJ=2!B|BJB=bwZz6_Wr`K&`)eV?MhFuaf;liu|s)AfT(ZfN>AD zNB!M2@sNk+$f+^PEHMJzHf~T&hJy*^Rk>bJuv(PJLND{du_42FR4IRURqpvq8IWYv z2o)?ROjI*24w?F}mdeU_*Q6YMCU&IYqg| z5v!!d0S)Fp^l)Fl3;0MBG4wp4(PxKk2li?Vs9b-yL-bow&wzNUf`LW5)(f9?oU*+U&E8Q^$_;L?XM&T`fY3>2$2M&4K24T?3lxRE`n@W_Q*O?bm{o3tv2Cv1xhoUNI5ct@kp4+V(tEmL z#!YAu|3-wp#3xXLvLc1M+>u6AFXonGXTqB+I!i)z5l!#y;yd_`3%u?ob;*WD?TX25 z^MZ3O>yMMBwocRRt%0JyXG-Zk@&UIkDC7w+p@XrcZoxy^xeMx16LM7eF(xY2_WlJ` zIM14lp8L=wkAa+{WmDyl;}^kGzBZynhJU7;g786T3maYG6_MmBIEmami!$Uxl)WVz z3DG)QMxAgs(bq9@<-i6-G0dV*z1weCZa;uRG&)Bhl-%o7%Ac<7&_VLbu0ZJau ze+s(dp}!Dnma18~HBj3XcfJeLTE+wQ_Bd`V;Q$lCOX>-yIXrUmHa<2q6lkc6cy47i zC}-wn&eQK@>fSmR(nv4v7tD0e&d}_l^R7VYK_V*?!Qo%MO>A zI?HJ_m-l_fi2oZE?ZM~qWY1UYtyraABZ4J9^I1C4OP%O?f+O(}@K zmNJrmefg?$tY3p5toTi}CSNNF*cH;(z7?N&Mi@5lfCrkCFn#^myHWg!USKakZOGAj zTnCAEn=)KOSD+4ryB&pBSq1BAT`8&O(%sLPYM4mX;rGely# zBsb0cuB-EW4u{0}d0cmkyws}Mos)2wWy^8O!oAwZXCty4!Zn9<%excu4Fh4S%u^?R z-Zkbt2i{I`q`R9TOTMA6g&Qiz^#?A?y&Njt)`4N2lg+=yhY9` zlmPC?)-aiT<47>Qw(k6yPHt3*303OVw!XN|>zC+!LZvK|-2@Br+Fd*O!fE3{FPm;l zD~$JO4uvfZzq*lp;}{M7=&f>T>voqk9VuX!0aZ4%Lq&GDaQ*=t|1Zc6>Kb(`i$VR( z5HlpI20O7#tU@o2dU@%FZU;6u1r2|#COf zmeYQgE9cSeDcuVyiUDj#lT$FmvBAWhqTGjkl+7z?HV#%A( zdE1(|v6}t$rxU@wsc(fWo;Q03D8xqhzmC)RSV$7?k@KqhNcHCDuT)cJ^3XhS+Myul zZnrYsHE*rX{f?F1XH@z$S(;e2gY-ils$TFL5xlVZY&=lJX*5GbKvJT@Qmrg0nt9D5 zIeaI-WK{9U#7PDCikIudcY3zAY|2z0K)3*aGjjT8!*%zMk#um7${}CTqYv#1&29UQ zF)u#I-aRWt1Ti5mtU~4!SB!AtgCM&3Ryh(_<=#7J(-R*_%7joVYlaRR>oPA~i@Z^ABK6KN~Q5v-#MV-rw?%c_K(X|>3e^xT_89B ze0p*SkV{ovbZ0k{_RO1``*GwG*_A*`Ce1`W1ZKMY?W4Q>cAUN>Wu%3fi`e6ac;``V zyUohor-6)RUfUX}VxWvm6T?paP6-`mMmGu|NF4@*->)9oN#$E3wPGLj*JrsXt_H4| zbpTT=UdwQRU)!%rm_4vS zi9W**i8@s8nxO*q=$u@i?GwFi^F&fIL{w<2o%E_>94;zcf|-Ef5hh_X$I1L@OOi4d zZw|4Hc;m5j)7gkhFUU1UhT30D$%GhH2J`baeNsHC%U1c8_O$b-F?y3)Df_c*CHi4HXM|elAHio6+Z6$ly0!~ad5PyDpq-~2x;#Z%Jp>M>2jBk zjBXY`<77W}*!;!#ZuWd1+Vm3@J1^!rF^SfG&gD!&YV%?Ej_y@Do>v*ni5haXrb$c} zHm`|t_-aD_-5agnm7-C}(=#Paca~!R>vf#A6ps9-r1X2L%S2I~1L-3wbs4<`Mvdq- z&Q`8qAcYE}R3)3AWJ57oK~*MAM5n1pz$zZU=PRj)6?eSu6kDbG8eBe=D`aRhPdH5t zrS(G;u4v}!E4VU8o6-_8TVsB1QA>C*`{3!Z*`A+$(1umqKeL~-gkb!OE!!_C%j zKWv(v7z}2oi87na%i%j-SEX1#4c*6uq|R*loC)pigir_<;(!v>uLk2zUXdO*$U+=+ zHP~|Y;_KuyS&4@Pey&dQeGQwhtxeCph9`fL@fu(Y6l(Z#+{tUu#0ggE<)|Vrt42DT zUDPMkl~uASelApH9y{e124?9*P1KSA`03P3*7C)?2uS54dw{S&!-hWu@SbemC;t5z z=#UfwXA~Km0Z=tD9YTj}6I?!#o6F+uBI8_{O&g-<;&6v07a*G%3K#F@HY5LRrTy^Y z`bc0Z1i>mF772dw9`2@*)OQeg52R$oBUR^3`Vg)7$9gkoD@hcM%W2t$dH~~wi63`X zbM<`pr|@(GeNtewe@SwQl}hB{w!QgAB)KArCs9gN@9XxQxGO*?&7J8ady67H4WcZ@ z!HHN-51JE$Y>xdJ1c&BLQxDB7P{y`9qvE~Pl`v)328vkqP$g<4bY$ zOxC=eG1{M0O&<%JufsCo=?^PcByKb%@$~+^TK)1h2S>1P;bWpq5j7@Fq$)O$Ogv^p zTkuma9^^a^6MLq?BOyft49F< zWT!i4VrfaaTPaEMu7~Qm$N=N94E4)o5=^LrlX&U551aom-HzcSXO z#OUzz#Op(_SZkd7^}Z5H(4ozA(zp-)?e){o)PuW~|`C^XmRh6oplstqS145UTm+Up|b*4?P+dlI@)IVL)B zRVCDiU#Fw!<0tg6tTu@ED;1s>mWbSmm!trGybnN_91X?v0bgmJ0BUK-Qu_5ItcB+83N@Q&;M7D`2igaG| zcs`E|UYoo2Zmr_9MvDj~e@E&j?}=|p)^FV>@^W5y4!R zT?WS=d838X9Q9?C$bZ6o$C=&nlxF9|!eb5QMrUMLkVa(S392 z5eh#tYl&lvx9#Rqa^kbZiA~%jVOkovcp%85nLH$`^HRd!7>T57M#act9z&YTHGUgiWWA@r8!wRn-NWKUy}R5hi4uE?h}jhLr2LAC7N(#?{jn&LSL>lf)GUg`^H$a zH(GW=%?kC^+2=48r{Ogp(s0I%<_C~*AOO8imUxKpET@@tSN81b-}#Cb#~JP{yf&N& zGm*LCZLH3*ipL=n27OAhh+(KW>Vy&R!dV zFqdP-vrjhg@#!6buQCJl)>^_Qu#ELoWWGn$$#2;qGUm>YXL%1E3?dfw=(X9Xd~RWi zW*1OWw+~5ixic4Lem^r*MT}1dk{M>)dmecfvt9{NL@eCW%vBU{ zZC`m1ql!Nir%ou%Dk!Nadu;+>lQg&cDPf(TLv69TYP;F|tH)2YeW+ig){yvpnp7VN zWFSQ2CW)E}vc@;nSmckRg#%$9<(JO}QNc%}=&)I2=8|QOoSVh$p)2(Ls$3F(q(2av zkaz!VY>N72_DO28duj5>`rdB)SVk^EDH{j0lGPZ4RaW?`mWB9!mH5UMxWD{YBea8F zn{|$DO%~#Vo@0)*P&1gy)bla6QO1lLbR|IL$HRD=HloW8fUv%>Pb-sqS%pGrS(N4N z%yCxsLelk)$Is)~y;07|?Y@*N1%nP&zrtBq{D5n_>7NA?ci_nb8z}XsbMmZc&Du}= zrdC)Lsg)KwH-Tl){P?6eIoCtn$*qYY2EAW#Y~_&OY+jTrE=7M9OnqO=%wE?^DA_=e zemKE?ACuZWRCZ!TMWE;kc#&MfXyu|rgt`u8t68R(`VyTW_Haxn%HRaCi;!{*4{&eI z6^IbfuwPv-R#aqz^FKr+@kW7@9=w`VjKNX&V=j z!oq9b{)M~sA9h~Us*!q1$Ui6V8n#r*&0LNpF`*ct2d#HH<{l~sBF#m2_mw~`Y??K$ zYF?BlH-%)?X$P@~VL(}QhwG)k-bZ@y;yOw$xVO^9Hk#aF^9V&_rk`J9CY5nEx z2QyXC%#-7)(Kw}QBWd?;9K#O8HBNu3v->+ysG!YlU$w$)!&|cF4!XNdB-kB;tS2H& zc=EIMqLiD({Xbn}ri)BptP5htTf+2Q zR7%XtM{g#YOgZ%B|9L8~bH6U&bcvb3aMtO*4BIg+DMu9+ZiD%Zu9)0*uROf$&Z;|g zeiy#9J)Kc+xI@`y&X$GJQe!=(tUqQo<`aPQaJU;QVxhHV;&6aH$;iQdMYM)S-!{p; z^JwGV`hRwD@2#oSw(ZW{)do0XRG#%E*@q6N$lRa6^|n2uSJPf3NM=^9~%*(X*n1s0>|uUG*ua2HVIAI2>FAUISnQa z;tcPI6>m(6&`lRPK|~rV9d-@o1KHAn#_Ze+&d01fc}aE6I1I*WRZ#*{RxcuHK%D4$CtRvqVJ=ZBm55 zfela7LXEbhh;~Gk@*|AZpk|>Y{xfsQ!_;n3luetvweWl3?eCew?a4iSGs?Yvc}H~p zncud5-p}tUTc?13l-+6DfpjsrtY;mEfDnsY*rom`pcN3M;l6`PAPQcAclGs|`ssrk zm#s{lAk|0~pX;UccPCCT6pc(}b+R+X=G_0)P<+zb6%Nv1q#XJH^l9xUXT@@CAsYf< zRQQZbk{ED+$)(=Icb?+NzdDp-tbmcnUdT3ifz4iT9uHz*Lfc3Je6M}>o2ynKnE^+L z{;fMINZQ+6=U0gS=|s^|x8b6~(I$6FVVkFWVLi3q{?H~)h8d!oke!z-McDG_87j=R z#|8&+H~1ZIQxAd59Z#$J&lFEb2el*^0{zEUPR+Vknlug?_yAyJ zWkcUKw*g>PLJJDQ;X8+U%FWhs7-(r-d2%18K8RpI>HGy~LublWPG}3NdVt`(`=hTw zMofb}6#^DQ7PM(8&Rnc!y5=0taT%_2TxLR2IR%O?0@#MANEL9;H%UFaHVLph!#Z%z zVCHC}YOBZ}are%jg$hUe&8wW=N)a@4wPaHq$ZyH2{@EHA3&9%?Kj>Uj(Ua&up1RyU zssnRt2u~Py3#IX+4S?x%*v%V$sX8=`7aYIG`ioNvm76^H(ls>wfqk z0}A4ynbTNg*yB~)koNdDSli~?VXY}SgOA2MaDzx|Lz-ZBY7$J=>G*58MTH*J=K|OE z*0diSm)*?-QTve$qG2*uiNBmsFA#92mpcdu0MBf^Pu9Q_pSv_*tk5p+H0L1{)fXs$ zKS;M-;x4S^#f2o3i_dtE)7Ova%kYcG+!vwP*|n0f>=1it?4an-N9rNQvI}6tIgKCe zne3KE==NJ1E`zJP#J`{E9o=BdR=1*~gFG>-Jyt4w3CHJ;0xe&&esfSI9~%! z*!*Lcqjqa&zxBrsaj6;&-`ds{4cMaVyzS-4Y8VImWTvp<>%5O6Q0597sSSXj&Ai^! z<-P9}q(vA zoWJdx2V2kAA*+r@`5aWs4kctNI457sdLoPk^yN47jjb|_*ZQuH;4jbGj!QvFz-`WlGhKYnoccN6;UjebbdP3^UAOrPbIwZtYVhnahHOg0b8B4Cr_ZC-=r)!PL3YX&s?-q0Mal0++U<)>>WYyBZq=XFo;NCU z^#vtbPlf!oY_v-cfgr>i#Zmlr*BSxb(TQ;g|XO%=#LuYTMb^e_0~iGLola;CT1SN@q#3B2FD!4H|F z_iD_$7P+07)Yjg##uTa*PijkO`iHjId`b2#mYcDNsgMP>vFL$gK;&O6zY-5^)KaAH zLQahD|HCn|ClNiIQ7RI?^GLYsvO?J|R2e>#$mBqm9yUJ?@Aj;tz^Hlq>eu!``pyFw z7m6(uA2feJ^_NZCIXxz{vS;Y;llPeJjF*-ozdjY_;Z zOU{jF+!mx~?E(xWI()6dXPvwhrC60oMm7s1rJ@8<2i}sI?4L$wPvq>{n+&RS&7)rJ zqyh~JluNW^<%O^+3iD-`Y?pLU4)M9wq`xq)SBtR#3fGwW+rosYHbhYfF-n;y;5(W% zQaM6tNFV)KR6X0&FWnlb9p=D<4}^BcNZiij%irDV!lf*@Knh&!)I=@zdML-oD!f#iKJ=zhY~P4>IK!*o1Y8POj=YwgQO=%|*Di`psu`VnpvLy(|yiH)ZO zJNTN*&G^++LkpEdh->>vL8o&o<}h5^_9-SSBvl)!*O5b*dZ`(-y~sw#3#2 z>AqaPHK37wuu~GrRO2=zw49od-1jWEPLjP&mzHWgrLVf9^ug8#zZzlLA<1G(vc0=5(^AHy3C5dG zAK_T3QUZ7tn8#fHETqq8nGIVnToGedyT51;6<4Kvly!7DdvtSh-E=i8+dCq=qBC90 zV?0$kGjSv>m$4;$t5mEfBFNX9=B{j})RwR--h&&#g7NeRrSx!*OX6!mf{qs$DnDLc zuhg4rom~PtUWmsYYu@cSS7mrXVvim#VMU+>3?y2+z=qUd?%Da_)hcqzNLL=6 zAfW2QM3eKrv+5h@1@IV;@y=<+remCb&ySU+I{J_mKw$?Uc?6E`c4K9-X-bIemxc+0 z$`fBUrBw#H9zC-)L1@HJ3F<|$b)Br593B)JeA>>r<9xBIVe*Z|;^oU5jg_#KDDnq- zrz3;lHJ4X`l6odzSq1kropu<%+sbo*@;G&FQ!onh&Sb+_7iC zHWeR*n??G1uZfB?M5Al-Gzzotx^I>ttFPklNm4IBpYPI~6Grd`(Ws$M_N`4o$-*Xj zG-uwIV(1CkDs-K}-5*@Ekl&^%ddYr~$;Ni%p@3z)DuVTLUIl6`JW$wtB>#h=1%t5C zd8)^DYIJXk($$5B z3);NDlh9|LO3Uipm~LzjI*%L+4lx)>k9e9V?-WHClV>@%mUq&{D&r)r&geIem1i=Rs(L+NHL{d@wp8Kklzr!91YqdMZ2csj6$ol_;He z;!HK-Qik5#>;23KhFb;9$V?PCRE2*id}qTt=$FL{X^N2hIeKEua|D)pa`e4{6=(dD zp0vSKn${l--mUNNgdv~o+$FW`8g|J9DVrGamM|h7`@JWaw%lqpAO9w6JSEFRSI)nb zW%#z~D-L0~SwYU}O6Mu1M&9rgQ{OdSG+yM?j6W7#c|)r`OV7@ZFsi`U3956ik|WI| z`J^+jZ21q{Uuu5`48+bEex6sxo}-5H`xWh(P(%MvL#MT3ns9L0-%rD#cuYsZG}a?# zt6tv^iP0vQSQuWF9rYNnRGyPU^)rz%-`yD@^k6OpLkTR%%>6vb{{qj1t zziEVhW3JjCt%I94u=i2efx(h9@Asx-p&t%rgf`SG^D^5cWvS}Zv}Vv!Cd8E_dUkMG zkk_6*@*-#XB6q7uPynLwyoE3%5 ztPx}E%*bIL%wHscmupBArb}lURptGu-JB6&rwVm3d;m!WeK9`0ofQqvBDoHNdMn-3 zxTJ#~-GkQg1bFJ3EwiRC?`pO`mxhL(r6b7kTsluW4`=*}26z*{2HVn464A?!<&4N# z*t{+FKS0HqE3jsw6>_J*!+oPGSdn-pI5`znvYmfBhdv+W@ej*~&_l2jNQbmCe>Pkp zQ6jP4;9X#gu%gpUckR=N%|AZk_4bjx1Sqt)6$g3~^Qz`%bB0T-C}{*8#lOmCF8qc8 z#Tyd4ipV@uC`ZTlLSM@|zjNtl-19=M$do2sZ2fykT4ZVSeDcq#?&$ zLn}<3yxHs_fLvX>97}YCdFg6ByNCR1o+BFb5{TOI_{ZORaG+k82F-V&A_k^vCc%z~ zfuS~d`HI?k?5B;nsB8Ct_LDKt>8L-P_1Lrd4OmKdN|{Rx1g$M(*1hG^y~HmrBAj_{ z{WHDlK7gb9t2FOCn31m)W)QUKnxiU`=;H{*Xz+cij>R3A?uF^M@y6KVSv&ffxoK)L za+X*0Q~kPC?n5DpBotFK49sVb{$$wO!LkhXM~ozsem@H@d;LHuH$>p|qyVZ-GRIm$ zN_IRb{5@)NL6Q zSuD2u$(%4LtNXm=dzL0O?Z;leYY#Y-;&2jh3ti5gn6NBTRungdIhXA0giJt`9LrvI z$4csk{iplVd(vha`t31eI?#wh%Au+-;C~{dl4hG_>uE-zjhsL4n2Ue=70DND+@$ps z?N>JO7A(b_P#4||W6?EU%g(xI7Zp#DgTEC)f0qxYP`>hfoLV~;ceg!z713qg1y_SE zb&4P=SKrTHXf6#NE2W;w3GKN|$6o}jd5M0EJrqXoS|)E_f8rpD-t>%2@cCZ6)#l5D zHg|yf49MxQ8)i!-oa3}|QnrzdYeA;BDfw;<=UyI9ymU@FBA}*3N|+7hW)$U3jzRVa zqq+E7t!#stQ16W@)MmAMZ$rIbXLoakz)J?7iHpeW(>RZhM8<)$h~Ngc_rt+WoA#g+ zQ8c`qRcD+RIZG?0rk{i{qpXdjb6G;rQ-c3K(?3m|x%GhG3 zUiG%`CfTQYB4{1+aAOarv-EOosdN{GIsSSCJ#(ID>8{irh!ooUFQWi^kRW$wBYolapkwk@(+m@S=u#6RBi14i>(x6)J)WZjbdUyI~4e0wDc)2e8$VqIP|DD9PwRKJpG01vI5&Yxyg)1#(1!Jh4WN>FCKe^ln=SG^DDL<=!>7xJ5M8S>>^R#b4XU7bv zCWsq^`eZN`4xQ{St8@;4E5U&I(+QD`Eg{TRd}twVOr6@e=oX8=qs2{ zCuaHnF!8vBG}O1>tlwKKiWg|(rY7rw%KKJj^2Vmh$H+A$e7k$i!OP8nmDe}vm0Sw- zc&H%El&v;gz`a|SJ+@S-kYax43e^b)^VV>hN*liG)|<3dlJ zoyWyIDOwDMPg|TkiTH~-ZyOTY)rhueH*#GotYtt6D^896v1)u};QIK!OO)iCTj!1L z!IQ5*zFCTfJ36}#=;HkQ-A#?ZU4Q->Hb=mO6jhb`$EKnYEZDsn|K%wM624dN7P?tt-P^`z6L8 z8;aqqQZn1dGlUZs^pt?5A_koLmSlALGSpv%E%>aV<@>=u)EHQW^~K^j4?~p+>$A(A zq$!AfsgkT1Pz~c?R>Zq!tIf?S?hGvKwc1*g*Xf$whKJ~;q}X6M7bSa?$U+!U11g~Q zq0DYA1Ig8O^Lofdv0HRf9vZGIZN=eqOUu~s%JUom{Z{l%*B>6|U;M_HqIY)2{*B5( z+CYm23keaW>*_`(5ZX<=%t_iNdztX@Q3V+kGkC+nW4!;{E>_3ZmCHG1A-C_wE5jXb z^Maz`Kcbqpc)tEUFW{v8#gP0Dw$NIQVOsLWyUgcjtf3vqw1}hd%hp5Ge7{M;{b8k! z{jeX^0pu~Gke~=|6V`c&yme`zC~#JAfHA6D$}5*1x#f9YJk-W5q_Djs@g4r9o3=54W=~Un!GKm*EBspmBY} zd61VG$2lb4M$=9Qw-NR8Q}GA2*)}F5uMiqTE zgt>zuTr6)oknv{(pQp>nu+N6=%L87C%=-qFJSJ#iLfzLxHd|LH144LbkDKqS&zZAD zNu7`6Jn4(iAtN^E;mco2qBc;>SOgqUY=xyIhX9y&F0}3}c4GN5^pSrHu>zsaO`zku zm_;=Lc4vl|?YkI5KQ~Obr)3Z(!ZKM3;;k4>$kV%1I~_cac-vp-irF|dV{XpKRXaH?zc{rNm1YU= zFLmtnnrDOnGtB4sLmAPz=n0oXT=JK1|wc@qy-_42MF= zw72ScKU%_`m->csbceraGZ}ng^?s+F!2K7IxIUJ>=4Ox$`3UD)Mu`eq+2ED!Z`V0J z+pro=5oG-SX4CfLa%@J$MZl#t} z7?6x7DejA337!Cq1>k+dgjvmBJeHA63?PwXCIQ2^=nFmbOx|Ru(}q6y+VLfrmikp7 z+=4&LkgvHl@Ig&D&q9kK)c4@iA7A^zpzN9?7mGD<$C~>h7wYvX(aQEmLH49${VC(F zoIIajX&=RnkAIydDMtFPFCR6PTZ;-9ISqq#wBff{!beg$hM{@J<~3vAL7J|7U2rRp zrOyM1_)9pDC`D=8}<# zG2?G!S1#P&kE;>53~JP>NZ$O)SokOK?kS~r_azNJhXR{6%zwQx==DNbvGYNYxO$h? z?B!%!We0Q>_oPC#Mf`{S-Xl_Rb=)U3oYSBF9VO-&TXg*2!NSnp>wnFr0`wWlQ`UFQEDb^-?2u= z8WQ~YHRwSH>qhs}{Igd-20cL&DT|r>mI$0Qv0o+0Kr@wJl_W?J=QDHP=i*j&H9H&Y z`CS9=M!14#VieXu4S8`}+}Zd+1;s$oTTy1b6~Ca-0NB)wwZU|9;xNr2poZ~5MM~YX z*@%%e(Lv`In6Vkg9^r=(amh?%Z>||-n zhyyp>V>}%oUKft4iC70FBxidyT9hg^&2oJ4%abRhq5QB7$meJEtQqP^Rrj4ofYEb# zt7|~+ZvRU-F7L;_$7E|Jq`bUz0GTS^J&``=&cpKR{c*vzC?@&a;K(g#JA1=o1XZtp zKWAhVZ-^z}gN|43Ad{1JsY7?Q&1kaE7s?`4Hsn$8FLfv$>$=C5s{!9uhr;3#>4ll7 zwnD3tc$}kHg5?U?wV)6hWW%s%1Uq`OkBxO-F1u{OK9amew)pfzPtJMih2IAgK5f$} z>i2m7MBl$MfMN7R^S$;+S%YHvTFz-2s z*zq{5i{MYP+gaIDX>s2cemxq84=P*-Xp0GA7Ie*1(l}vc12eo2Ia{gU(q0pV*`fS6+KC{x ziYP79UoAI{D3HjZ*y&;2^pd-~Ay|51xD!IQ_FXp5`O8VJE#^4e@8; zZky{nAIDbK_hReo-U0F^TX^15jv7@nM)53X z4Dj*NWgoHE9ImVXm?AMzb>^EU-@(Pst@y!+=cOv06z0P4F9z6c-Z6XmNd};)K4I}I zI)Z;@zhDqg=u6_Np-+pFzz=EGG8Ep{MPFKYb zORQ`B41rvGv?4vK_e?&yQbK%KR2Aa5^Z4QLA%!wzbfPpy{27eGmW$>UoWn_2z0u-1 zsa#`qxPJ@EWO@f9Ls?wr%cKB(P?(8Nc6t+q0DQrtPIYr(iMXmF{}_^Edb`J1)gwWo z-Wl}6>0_hPpvh2u#u4A)ssy{tUFx70ipq>!Eg!J;FyXY)VHpR>HI}quum)&A0jRu* zNeh2`tIJ8%DD9v^zMM#xLw=2eTj4YTQ)KGF^oT*VdY6W7314D%O*L7v=I+(%?5 zDrmjEQ+WmymN2*RBtJ&J`b|O1b1!fi{L+C~aq?yD$Ek7e`{j94=5bLR%VD(C`Kx z0nQ-BMi<~1JXsi7Q-7l6ZXu?lmEv$y6Viso$ybcM*v}sBj~ZD!I4Pd-CMseHWi@>z z7zPOB88GZi31rLq+^-Tk*bhAuFg}1XFreU;{-Z4&DoQYv zjqphf4hM&jgUFYUn+c1NJoke01n8Uy`gL)mxryCK=qp&~pA7s+J1Jg6_am$jN@Ncp zZ~m?>IaWCq{;n=5YQ({O#82C7`jq@{?1)-Q9e6U6bj0v+4H>pqgCNO;pfN$?+oqq_ z0qXa78IyYqZbX$JESa^?PviY^=P&r-P0kMzR7!HKSJFov``rWbgW;vc z=(@6C3Oy@&vta$LhVjx5#gEl0di3u+tyJmqJUbG=O-0mSyH{+Rf|s4euddgbG>pAe z@^+=_v-EfyK!)sykxUIuw}s=wtu3+kWj($a(;Eo>O7fd~caS)?91Vzysam&~7UNDq z?L0Q2{BZhKx+RSY=mE->5m`&!t;_h;$Zrv(3B!z_o4H=wjMpt%MzAWY=XGt0%qt~R z05xbWnrOT@(F;&Q2GmMk#Dj}peN59%4@1VUyI#6ZOr;*LmZXtYXV+`IAJ=@p;wQB) zju*Sh#V;8cVk`w(_DoG^4e3bqX*#Rlmy%931x9L%jbbIU1aoSb`hW9 zwI+WyP12T>ngF$QZV*CUZ0zA@C<-c7=Q(#+o72L0xE%!52iQu1{D32Pmcy5hJ-Kt7FOC^nd?Z>g7J*q%p2RD@IN|={?f5(c6h?oEz`V&kcr=QZhj6T1_SKevu2d~-8}f-)@KUNiB~#vv z@gf>o=#f{?=!Vv=_5Jhrpp@tg>SKh<1 zfR6VuboGITe1#UX>Kl-jr?s{1E58HfotB<2#XOn+9D8lBI6Epp<*gwn?{rEp^a0pg#Xr5n!4P5o$k81VWUZbSnkVfkUP71W%fL* zx?4YE1ax9?Uw&EB!G&9OR8(#E9cnG%e}_gf-Am%lTA%)PVL+4p(&KKDHP-no}TC3ODb`?^8oJ%3@tK8EFZ zbawsMJ`=+Rv=)oy#`$L@Uo&iCC{gH^9WZ1|Nl;RFOedm667iRk)s$>9BLeMg^r^o; zfUEbP=wy2mp$Nqab~hv6G&O&GUnGk|U}YOVZ%hfVswi0J(=i8`);f}j9uzF2ZneGR zrCNS2Pw=q|2SE}iW&=(L+aA=L>&b&p#SyPRgAb^vDOtI9${jh=KOf^4A=ekBo-odR zRh!4E^fZ5{#mwDdi8FQ6#XV*-4VcIMCVZh|^4>A^u`A^e&P%eaV0J?O+kwqv-ygf2 z7E#*c8A!*DCZTnWk{^`QHqkKAJsu^D9xL_J=O@24zCuQGQo|IxyUTm?sc=EsQH$`L zOCtgQVD0y1;tTM*gUw#}&SVO?WbBB#5<6M|gJ2R=NilHiFpl~>$JcyTevrPrI`$viM1rrrC1c zQa5Ho$0ZN^!Czi=hL=t6v^9kj9_alQN0~H|LTqQPt+N>Kn8gh(BjfN5AC9Su4qY=y zV$b4@p_OM-Blh;0g;?2c&rnCaCrHO@F)&*dFc(Eq4uH3t6V zq=k!8wu_yJ1Wdniu*W+0qKQXnD0#-WoDt0E$8@%d-B8hH>r22x4YTG2Ubpaj<_QzJF4@+bSBz8w*^ypI)uM#kjm!ZP7c(Dn_-Js~V4U zfA-=d_*`6H0|OVNJgx~jWZ z+FXK@(A=m<74;#4Uc`@JS7=!25Le+qMvlCt|E7@ai(6O<*38dy6NI@|N44r_hYr^jrf~@^+LDo;%k>k$6ZFUupfzrX4W=Ra;)Q(dt>1T)j(pl} z1?`yqC2C8E;Bpo@cOE@Z>bBJ;SQhmn`EgE;r24=mBgs7yvRoJT{iB3Z z&X@ePrwNIHJsW$%yKj4R_Ejl$dNBEmiQ2o5ADs)RruqvBENGn=(kIITSHY1~(`P7m z#iFQ3+%2iyS}uz6$vW(5zip34;d!2V81#BGEtAa5jo-L{uG`z1aP9^Vgr{!RxjVhD{DU!!=1ir=?TNw^zzCEDmQ^DN<#(poJMN44awGgWNfu;AVxv|4heb9X=8Yc0?x^XU zgB96HQG1E*#IV((aZC*OlQ#;6WDM3Jt6LCv;M(Y^jbA*`k5jqyX(4o|S>$vE} z^@;Ea{W!?u2OAyHc&oj>_Eh!MNE68TRwBn~3dV4T6q+yGrL_97wO(k> zL&I1mPB;JYk0qQl8gm%9XgFK1hFQ*;%UD96@2k%w>r^z?as!zh`;48^yK|dMr^N9V zG1=;~4lW>4QGH2FjISFWo)6}2zBGwzGq62B7`D?GePZUhG&=oKV4mj1m)T|5(Hi$I zMI$jkg8c&~S8RP9@HCIb`awYq>}dZ2pdycnWzz_X27LzrXx0G8eKd3u02cCzThDh6 zs(>qT7rE_jd(YI_2x?_-0l8=3Y-S7j-!2!2yPYk^y%nJ2{5acW;pkaOV3Pgs2R{NZlCToKOwq1^7` zJ_zVBlA`Bohw5GtcUINw6k}s61o`0vzjw)GXg0pu5t64(l)o`aagE7;DgDV|l6sf@ z7$*VZfE8;J^ex{^*e{DFM6aKfeocHw!B_|C?#Y;A?`kAjKK;}7LX8U)W0z4A4x3&-G) zpUnP3Dj_xG7rWgHoqlcSUBW%XjR+HJzsd6SZrPAEt1-FQa4E*4wl_1;$*1_dtd$9? z7kQv59^IzT1<;!uk+dig3hrd3L;CYWC4Da2%7)z;>V^0?)=AVR9oqs}NzU=p>lDlm z`9tE}GZAOD@hp8iC+p3GJpD}ui$vHK5r;oGE~41SRcMQFqYWZP_!Ie0Cd?r%f( zuZu9(T(@dcY*-;Z&drZY8#*A#Fp>EycKX_+{Yq2N3@G*qEPQTJs9|FR;|TGF3)BdcKz z?Qa!9h^z=x2NM-%2S>;~69;Fr%hSn6O;Ndp6Q^#MH9v8A;JvL_g)0$_l7fUWamdq0 z2=@L=)mfi2uK{~@17iNM&4sV`_ASfqo0Xy5aWQKP_`x0ZA~trwO^{*ttBvFm#(F)43e0^M7c@Km_&m3deXq@`KZHb(`DZz0^+~3=TGSUl^ zF^_$;6eFo5?GUw|)wXMOTY>>F>BKPLoTAy(I}J^XPThG(X5( zvRD)9Ic7E~w{71|G|;Pmxm0{mISnrI<{}-&-UU_*DQDXdYe@{@3n3O+um)^`oeHJV z&Y4;fByKe?g_#<&cXNUUVprDR(oXYCHc9x`ewB?Ru5^0@d4INAmLeU_4C)@m=yMir zZ>X`wi0`H5s}*hY<5h%LBn!QtniQXHQj2S);C<`J^kF82m|Ya*QaL#W#d0sCavP|B zQ;y)Oaz>7hm%=5zR<=P3_i^)tq-if+;3ha`w)%Zc680Dv1jp#p(#5}M(ULn}|8Cd6 zk4Q*PK78zH3xA@X2xeHd-JHFwnu1Qk)mQ! zxOwg9ah}c+I3T&`2fn0vomE}E^BJV?%pRycRMc&r?E2~_`R$9VtdY1Qw#Ka@u^rj* z#O(%^g@rz!WuNMR?m1fkC_-#HVzRR-gVVpNF=4zOd!NMbvznn&z@0sdfVe5rih^(X z1@S}TaF1ILhbKlWKTb5hGdM&Ittixn>wq-PH$);nKeavuUD8CD6xOkfB*F8qEsyvr zO(w1o7YDmbrYZ*&9sD>cFt<)bF_v#XRnfpPB;gTWD`}1M(hlSCud*rt>FiHv2Q7Uz z9UL2sJB6)B^Tor4V!cyu{Gkb09G;7;6mD{OI*fN$3?WNh{Vt3NG=w$7r);r~? zmUhe;cSqXwUhlhjHrQqM$frZx=SV7zJaFpEXnM*37)1@(>LZeq1GvF6tMMdR*K)ve*SA=G)ELSHyi-JEp);oApdLPKg=y!&(3Wvs*H@*Fou^xA^2Dki zvG6huv%3b7K3=3ld$4xk;6xjUVRUy@uz7olP_2x~cB{f|EVjr$xJfehd)Dl0Ce4z7 zC*+?*!$3}y*n_Bg*vD=98p4uzI*acTnIVuT;-PD=0CV-+4O0<^YW+COXn4CT-wJO9 z8p>7pfXC^l@eOXs+#VUstl-#^TRF;!fqa?V2lD=t&4$7fjR7SvjR8t1;u(7Qb~4Te zgx)>=WRK0MUl5mhk&8foS39?0yi}-Ha&UqN9C6wzn3xf_JyPD|LPWh

S&my?HyJ zBNTXSUYSst1jB`o%X&MeMoc@);P$`qfWGjvF58iFy}!CZKebZmufJYSsY_hBTsxlk zwzHa5sb$&kp{u7$CKaJ&*Efq%t&e)lVFVrIE9l zsk)2vrLq5$Zdb1mE*r_OFs1#8U}t7(WpvNV&d9=yi^I|0;`&ss8spz}YP^ARNyz_q zS#cfks;~N8C+wTQ173C4*HNyn@s}R#S5V=i{9i|QJ^kw1cWDHE#W3EL^nY!^_3W#C v`*%{$@ULY5S}m^wTx|`%1HcGT{?zPM Date: Thu, 25 Mar 2021 18:51:42 -0400 Subject: [PATCH 75/79] Update etcd-backup-and-restore.md --- .../backup-etcd/etcd-backup-and-restore.md | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index c24bce2..11ad12b 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -52,17 +52,10 @@ ETCDCTL_API=3 etcdctl --data-dir /var/lib/etcd-from-backup \ Note: In this case, we are restoring the snapshot to a different directory but in the same server where we took the backup (**the controlplane node)** As a result, the only required option for the restore command is the **--data-dir**. + # 4. Modify /etc/kubernetes/manifests/etcd.yaml -Update --data-dir to use new target location -``` ---data-dir=/var/lib/etcd-from-backup -``` - -Update ETCD POD to use the new hostPath directory `/var/lib/etcd-from-backup` by modifying the pod definition file at `/etc/kubernetes/manifests/etcd.yaml`. When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. - - -Update volumes and volume mounts to point to new path +We have now restored the etcd snapshot to a new path on the controlplane - **/var/lib/etcd-from-backup**, so the only change to be made in the YAML file is to change the hostPath for the volume called **etcd-data** from old directory (/var/lib/etcd) to the new directory **/var/lib/etcd-from-backup**. ``` volumes: @@ -70,12 +63,16 @@ Update volumes and volume mounts to point to new path path: /var/lib/etcd-from-backup type: DirectoryOrCreate name: etcd-data - - hostPath: - path: /etc/kubernetes/pki/etcd - type: DirectoryOrCreate - name: etcd-certs ``` +With this change, /var/lib/etcd on the **container** points to /var/lib/etcd-from-backup on the host (which is what we want) + + +When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. + > Note: as the ETCD pod has changed it will automatically restart, and also kube-controller-manager and kube-scheduler. Wait 1-2 to mins for this pods to restart. You can make a `watch "docker ps | grep etcd"` to see when the ETCD pod is restarted. > Note2: If the etcd pod is not getting `Ready 1/1`, then restart it by `kubectl delete pod -n kube-system etcd-controlplane` and wait 1 minute. + +> Note3: This is the simplest way to make sure that ETCD uses the restored data after the ETCD pod is recreated. You **don't** have to change anything else. + **If** you change **--data-dir** to **/var/lib/etcd-from-backup** in the YAML file, make sure that the **volumeMounts** for **etcd-data** is updated as well, with the mountPath pointing to /var/lib/etcd-from-backup (THIS COMPLETE STEP IS OPTIONAL AND NEED NOT BE DONE FOR COMPLETING THE RESTORE) From 417edac191938b7a69eb1b6ed5f00e0cb6f6ef86 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Thu, 25 Mar 2021 18:53:55 -0400 Subject: [PATCH 76/79] Update etcd-backup-and-restore.md --- .../cluster-maintenance/backup-etcd/etcd-backup-and-restore.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index 11ad12b..ef1458f 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -55,7 +55,7 @@ As a result, the only required option for the restore command is the **--data-di # 4. Modify /etc/kubernetes/manifests/etcd.yaml -We have now restored the etcd snapshot to a new path on the controlplane - **/var/lib/etcd-from-backup**, so the only change to be made in the YAML file is to change the hostPath for the volume called **etcd-data** from old directory (/var/lib/etcd) to the new directory **/var/lib/etcd-from-backup**. +We have now restored the etcd snapshot to a new path on the controlplane - **/var/lib/etcd-from-backup**, so, the only change to be made in the YAML file, is to change the hostPath for the volume called **etcd-data** from old directory (/var/lib/etcd) to the new directory **/var/lib/etcd-from-backup**. ``` volumes: From 20bce206fc1ad726db0b7c2a5d5c36ad81fc9972 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Thu, 25 Mar 2021 18:58:39 -0400 Subject: [PATCH 77/79] Update etcd-backup-and-restore.md --- .../cluster-maintenance/backup-etcd/etcd-backup-and-restore.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index ef1458f..ef891ff 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -64,7 +64,7 @@ We have now restored the etcd snapshot to a new path on the controlplane - **/v type: DirectoryOrCreate name: etcd-data ``` -With this change, /var/lib/etcd on the **container** points to /var/lib/etcd-from-backup on the host (which is what we want) +With this change, /var/lib/etcd on the **container** points to /var/lib/etcd-from-backup on the **controlplane** (which is what we want) When this file is updated, the ETCD pod is automatically re-created as this is a static pod placed under the `/etc/kubernetes/manifests` directory. @@ -75,4 +75,5 @@ When this file is updated, the ETCD pod is automatically re-created as this is a > Note2: If the etcd pod is not getting `Ready 1/1`, then restart it by `kubectl delete pod -n kube-system etcd-controlplane` and wait 1 minute. > Note3: This is the simplest way to make sure that ETCD uses the restored data after the ETCD pod is recreated. You **don't** have to change anything else. + **If** you change **--data-dir** to **/var/lib/etcd-from-backup** in the YAML file, make sure that the **volumeMounts** for **etcd-data** is updated as well, with the mountPath pointing to /var/lib/etcd-from-backup (THIS COMPLETE STEP IS OPTIONAL AND NEED NOT BE DONE FOR COMPLETING THE RESTORE) From b9708b54e6ce48609dcc4fd0831eced4ee8d0572 Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Thu, 25 Mar 2021 18:59:23 -0400 Subject: [PATCH 78/79] Update etcd-backup-and-restore.md --- .../cluster-maintenance/backup-etcd/etcd-backup-and-restore.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index ef891ff..eef3523 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -76,4 +76,4 @@ When this file is updated, the ETCD pod is automatically re-created as this is a > Note3: This is the simplest way to make sure that ETCD uses the restored data after the ETCD pod is recreated. You **don't** have to change anything else. - **If** you change **--data-dir** to **/var/lib/etcd-from-backup** in the YAML file, make sure that the **volumeMounts** for **etcd-data** is updated as well, with the mountPath pointing to /var/lib/etcd-from-backup (THIS COMPLETE STEP IS OPTIONAL AND NEED NOT BE DONE FOR COMPLETING THE RESTORE) + **If** you a;dp change **--data-dir** to **/var/lib/etcd-from-backup** in the YAML file, make sure that the **volumeMounts** for **etcd-data** is updated as well, with the mountPath pointing to /var/lib/etcd-from-backup (**THIS COMPLETE STEP IS OPTIONAL AND NEED NOT BE DONE FOR COMPLETING THE RESTORE**) From 097fc74dc56a3452151518ebcf18c1043c12b1fc Mon Sep 17 00:00:00 2001 From: vpalazhi <32654249+vpalazhi@users.noreply.github.com> Date: Thu, 25 Mar 2021 19:53:43 -0400 Subject: [PATCH 79/79] Update etcd-backup-and-restore.md --- .../cluster-maintenance/backup-etcd/etcd-backup-and-restore.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md index eef3523..ad05cf8 100644 --- a/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md +++ b/practice-questions-answers/cluster-maintenance/backup-etcd/etcd-backup-and-restore.md @@ -76,4 +76,4 @@ When this file is updated, the ETCD pod is automatically re-created as this is a > Note3: This is the simplest way to make sure that ETCD uses the restored data after the ETCD pod is recreated. You **don't** have to change anything else. - **If** you a;dp change **--data-dir** to **/var/lib/etcd-from-backup** in the YAML file, make sure that the **volumeMounts** for **etcd-data** is updated as well, with the mountPath pointing to /var/lib/etcd-from-backup (**THIS COMPLETE STEP IS OPTIONAL AND NEED NOT BE DONE FOR COMPLETING THE RESTORE**) + **If** you do change **--data-dir** to **/var/lib/etcd-from-backup** in the YAML file, make sure that the **volumeMounts** for **etcd-data** is updated as well, with the mountPath pointing to /var/lib/etcd-from-backup (**THIS COMPLETE STEP IS OPTIONAL AND NEED NOT BE DONE FOR COMPLETING THE RESTORE**)