From eb485481b96ca8a2beb6e478b8adf1eb6906646a Mon Sep 17 00:00:00 2001 From: alain Date: Wed, 5 May 2021 23:43:21 +0200 Subject: [PATCH 1/3] initial release --- .gitignore | 9 + ATK_DUMP.png | Bin 0 -> 196323 bytes CreateAuthCommand.py | 418 +++++++ CreateCertificate.py | 238 ++++ CreateToken.py | 284 +++++ ETSI-SSP-AAA-FAKE-param.yaml | 70 ++ ETSI-SSP-AAA-TOKEN-param.yaml | 23 + ETSI-SSP-AAA-param.yaml | 77 ++ ETSI-SSP-AAS-TOKEN-param.yaml | 24 + ETSI-SSP-AAS-param.yaml | 77 ++ ETSI-SSP-AUTHENTICATE-param.yaml | 37 + ETSI-SSP-CI-param.yaml | 93 ++ GENKEY.bat | 44 + LICENSE | 21 + RFC3279.asn | 275 +++++ RFC5280.asn | 1030 +++++++++++++++++ Readme.md | 123 ++ SSPToken.asn | 77 ++ SSP_ASN.asn | 490 ++++++++ certificates/ETSI-SSP-AAA-CA.der | Bin 0 -> 649 bytes certificates/ETSI-SSP-AAA-CA.pem | 16 + certificates/ETSI-SSP-AAA-CI.der | Bin 0 -> 644 bytes certificates/ETSI-SSP-AAA-CI.pem | 16 + certificates/ETSI-SSP-AAA-EE.der | Bin 0 -> 656 bytes certificates/ETSI-SSP-AAA-EE.pem | 16 + certificates/ETSI-SSP-AAS-CA.der | Bin 0 -> 649 bytes certificates/ETSI-SSP-AAS-CA.pem | 16 + certificates/ETSI-SSP-AAS-CI.der | Bin 0 -> 643 bytes certificates/ETSI-SSP-AAS-CI.pem | 16 + certificates/ETSI-SSP-AAS-EE.der | Bin 0 -> 652 bytes certificates/ETSI-SSP-AAS-EE.pem | 16 + constante.py | 85 ++ credentials/AAS01.bin | 1 + credentials/CP_AAA.der | Bin 0 -> 1953 bytes credentials/CP_AAS.der | Bin 0 -> 1948 bytes credentials/GCM_AAA_AAS.der | 1 + credentials/Text_in.bin | 8 + .../aAAS-OP-AUTHENTICATE-Service-Command.der | Bin 0 -> 2257 bytes .../aAAS-OP-AUTHENTICATE-Service-Response.der | Bin 0 -> 300 bytes .../aAAS-OP-GET-CHALLENGE-Service-Command.der | Bin 0 -> 4 bytes ...aAAS-OP-GET-CHALLENGE-Service-Response.der | Bin 0 -> 1978 bytes private_keys/ATK-AAA-ECKA-private-key.der | Bin 0 -> 122 bytes private_keys/ATK-AAS-ECKA-private-key.der | Bin 0 -> 122 bytes .../ETSI-SSP-AAA-CA-FAKE-private-key.der | Bin 0 -> 171 bytes .../ETSI-SSP-AAA-CA-FAKE-private-key.pem | 6 + private_keys/ETSI-SSP-AAA-CA-private-key.der | Bin 0 -> 171 bytes private_keys/ETSI-SSP-AAA-CA-private-key.pem | 6 + private_keys/ETSI-SSP-AAA-CI-private-key.der | Bin 0 -> 171 bytes private_keys/ETSI-SSP-AAA-EE-private-key.der | Bin 0 -> 171 bytes private_keys/ETSI-SSP-AAA-EE-private-key.pem | 6 + .../ETSI-SSP-AAA-Token-private-key.der | Bin 0 -> 122 bytes private_keys/ETSI-SSP-AAS-CA-private-key.der | Bin 0 -> 171 bytes private_keys/ETSI-SSP-AAS-CA-private-key.pem | 6 + private_keys/ETSI-SSP-AAS-CI-private-key.der | Bin 0 -> 171 bytes private_keys/ETSI-SSP-AAS-EE-private-key.der | Bin 0 -> 171 bytes private_keys/ETSI-SSP-AAS-EE-private-key.pem | 6 + .../ETSI-SSP-AAS-Token-private-key.der | Bin 0 -> 122 bytes private_keys/ETSI-SSP-CI-private-key.pem | 6 + .../ETSI-SSP-AAA-CA-FAKE-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAA-CA-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAA-CA-public-key.pem | 5 + public_keys/ETSI-SSP-AAA-CI-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAA-CI-public-key.pem | 5 + .../ETSI-SSP-AAA-EE-FAKE-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAA-EE-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAA-EE-public-key.pem | 5 + public_keys/ETSI-SSP-AAS-CA-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAS-CA-public-key.pem | 5 + public_keys/ETSI-SSP-AAS-CI-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAS-CI-public-key.pem | 5 + public_keys/ETSI-SSP-AAS-EE-public-key.der | Bin 0 -> 124 bytes public_keys/ETSI-SSP-AAS-EE-public-key.pem | 5 + public_keys/ETSI-SSP-CI-public-key.pem | 5 + tokens/ATK-AAA-ECKA.der | Bin 0 -> 288 bytes tokens/ATK-AAS-ECKA.der | Bin 0 -> 288 bytes ui.py | 60 + viewcert.bat | 39 + 77 files changed, 3771 insertions(+) create mode 100644 .gitignore create mode 100644 ATK_DUMP.png create mode 100644 CreateAuthCommand.py create mode 100644 CreateCertificate.py create mode 100644 CreateToken.py create mode 100644 ETSI-SSP-AAA-FAKE-param.yaml create mode 100644 ETSI-SSP-AAA-TOKEN-param.yaml create mode 100644 ETSI-SSP-AAA-param.yaml create mode 100644 ETSI-SSP-AAS-TOKEN-param.yaml create mode 100644 ETSI-SSP-AAS-param.yaml create mode 100644 ETSI-SSP-AUTHENTICATE-param.yaml create mode 100644 ETSI-SSP-CI-param.yaml create mode 100644 GENKEY.bat create mode 100644 LICENSE create mode 100644 RFC3279.asn create mode 100644 RFC5280.asn create mode 100644 Readme.md create mode 100644 SSPToken.asn create mode 100644 SSP_ASN.asn create mode 100644 certificates/ETSI-SSP-AAA-CA.der create mode 100644 certificates/ETSI-SSP-AAA-CA.pem create mode 100644 certificates/ETSI-SSP-AAA-CI.der create mode 100644 certificates/ETSI-SSP-AAA-CI.pem create mode 100644 certificates/ETSI-SSP-AAA-EE.der create mode 100644 certificates/ETSI-SSP-AAA-EE.pem create mode 100644 certificates/ETSI-SSP-AAS-CA.der create mode 100644 certificates/ETSI-SSP-AAS-CA.pem create mode 100644 certificates/ETSI-SSP-AAS-CI.der create mode 100644 certificates/ETSI-SSP-AAS-CI.pem create mode 100644 certificates/ETSI-SSP-AAS-EE.der create mode 100644 certificates/ETSI-SSP-AAS-EE.pem create mode 100644 constante.py create mode 100644 credentials/AAS01.bin create mode 100644 credentials/CP_AAA.der create mode 100644 credentials/CP_AAS.der create mode 100644 credentials/GCM_AAA_AAS.der create mode 100644 credentials/Text_in.bin create mode 100644 credentials/aAAS-OP-AUTHENTICATE-Service-Command.der create mode 100644 credentials/aAAS-OP-AUTHENTICATE-Service-Response.der create mode 100644 credentials/aAAS-OP-GET-CHALLENGE-Service-Command.der create mode 100644 credentials/aAAS-OP-GET-CHALLENGE-Service-Response.der create mode 100644 private_keys/ATK-AAA-ECKA-private-key.der create mode 100644 private_keys/ATK-AAS-ECKA-private-key.der create mode 100644 private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.der create mode 100644 private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.pem create mode 100644 private_keys/ETSI-SSP-AAA-CA-private-key.der create mode 100644 private_keys/ETSI-SSP-AAA-CA-private-key.pem create mode 100644 private_keys/ETSI-SSP-AAA-CI-private-key.der create mode 100644 private_keys/ETSI-SSP-AAA-EE-private-key.der create mode 100644 private_keys/ETSI-SSP-AAA-EE-private-key.pem create mode 100644 private_keys/ETSI-SSP-AAA-Token-private-key.der create mode 100644 private_keys/ETSI-SSP-AAS-CA-private-key.der create mode 100644 private_keys/ETSI-SSP-AAS-CA-private-key.pem create mode 100644 private_keys/ETSI-SSP-AAS-CI-private-key.der create mode 100644 private_keys/ETSI-SSP-AAS-EE-private-key.der create mode 100644 private_keys/ETSI-SSP-AAS-EE-private-key.pem create mode 100644 private_keys/ETSI-SSP-AAS-Token-private-key.der create mode 100644 private_keys/ETSI-SSP-CI-private-key.pem create mode 100644 public_keys/ETSI-SSP-AAA-CA-FAKE-public-key.der create mode 100644 public_keys/ETSI-SSP-AAA-CA-public-key.der create mode 100644 public_keys/ETSI-SSP-AAA-CA-public-key.pem create mode 100644 public_keys/ETSI-SSP-AAA-CI-public-key.der create mode 100644 public_keys/ETSI-SSP-AAA-CI-public-key.pem create mode 100644 public_keys/ETSI-SSP-AAA-EE-FAKE-public-key.der create mode 100644 public_keys/ETSI-SSP-AAA-EE-public-key.der create mode 100644 public_keys/ETSI-SSP-AAA-EE-public-key.pem create mode 100644 public_keys/ETSI-SSP-AAS-CA-public-key.der create mode 100644 public_keys/ETSI-SSP-AAS-CA-public-key.pem create mode 100644 public_keys/ETSI-SSP-AAS-CI-public-key.der create mode 100644 public_keys/ETSI-SSP-AAS-CI-public-key.pem create mode 100644 public_keys/ETSI-SSP-AAS-EE-public-key.der create mode 100644 public_keys/ETSI-SSP-AAS-EE-public-key.pem create mode 100644 public_keys/ETSI-SSP-CI-public-key.pem create mode 100644 tokens/ATK-AAA-ECKA.der create mode 100644 tokens/ATK-AAS-ECKA.der create mode 100644 ui.py create mode 100644 viewcert.bat diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6d85c24 --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ +__pycache__/ui.cpython-37.pyc +./tokens/*.der +./credentials/*.der +__pycache__/ui.cpython-39.pyc + +.vscode/launch.json +.vscode/settings.json + + diff --git a/ATK_DUMP.png b/ATK_DUMP.png new file mode 100644 index 0000000000000000000000000000000000000000..75e106d48a7a6ad858a1c9ee304d12460ecb2fd8 GIT binary patch literal 196323 zcmeAS@N?(olHy`uVBq!ia0y~yVEe#DGMX7gsk3@w&!3W*N76w(vpn)B8HXg&Ui2|Fz}SPMwGau7AF^F z7L;V>=P?L#Dk?KDFmQpyo%0JSi!#$QN*LDgpRrF7urJsR;fdeEQo>-KZnU~IR zK>Arb%xS^-rA5i93}62@zlJGu&d<$F%`0K}c4pds1_lN;kk*jQlAKhA74I&oGcYJH zc)B=-RLpsEx4vZR)4A{emUB)L)Hrx{!mh224?Im~P085M@I^&c%37ug-?A<>_k7T~O!k!q+jw;)mM!RUo20g!W2MVs6{*=hjF&bk zPO;6I#bTafd|uvK!Cpw{%sKta{nv^r-~ZnC?)R^Ivya&S`LK6ge`r|PKk-Q_o>1hr z)bMa@1Dv~r|NH@esFaGQ)KQ*42&up`qf(=x0Sf^FX~RTAX}8&?jb=7?Qe&np+O4gz zHb>R!POAqrZ7oqWEZf0-!QDUQdeya@T-7qpEAe|L%;`KFd(pvV#qXn8THof^+Ic)| zR(;|p)i>+hVr>`SO4)_qtmfHoobfx~Pq}hOHqqx1Y@by&dF<0+@-txY*uY8#Wmzwz(X(mf&j=C0cA z>@eZY&tlD8f8+Az3O{+XXGP-K8o4UIiVu=n)6>4&+`OGV^Z(V*14i>!#vEE1D8K3& z+qHA`9ia?54{l4#FI0H?#`@3{`;8r7R9L>zO&mv*-BtOqr3T<0bJ+iQ#h9Rh@6rnE3Rp^(`zoX#WPUQ|PsNhHOV719c+)*=XU_5dc*x*<{tD%gofBtm zS$bxk(H&P<8MWkKQPczRWv|#jZqP4q=8Ugh(b6Qzcx>()3+r2cKOV@vx_w^UL-fN7 z{r$cduhgBZ+tBsCyuG$j+ACt)7rwkxbC@39|NLwH|JKm`YgGT7n!IL*&D?akGii6) zYfiRY;c}2Ge*Pxy_b#n0@zhDz?>Bv$zWLE=Z4G|rMjNp|xrXI;W*q)(6Lo!gUH>ry(M<>XBJ*)wNmF7fO5FHu&y z<>HU}(;D^5CvTg(K4|{tDUs889bd{jp1jPp^Y^l_YkTCB4k*ljaV+z`M1_SLjw-$u-4p?|ENSZpocD z!!O~H3)AIK5g#rD+kEb4WiVM=Iqj@2=d3aZwV;x8&Y2IluBl$T-!|@T&i|jA@4l}T z|NrGpu+63w4R10T)%@n1IC7w5(`WGwe>Og^EHNqn{&s!h>)nPPrye~!|7CA}OjI4G z>-F;%qTd*M=1%ZBw|0K|wWSP+v%b5qZGP0h$01H}=X9p_vVgyN#|x$_!(xr?BzvZ} zijOYCbmLTwZGXCQo^KUD)e)PFf9zD%i4Q+|>KR*H)#A?GX)zCsW;H8n z_b=j!*txH3*=_F^n-@JhyXKZe{dv{X(~ZA>Qe07ZqV!_Scd@w+3Ey&z*f#M!pYhSh zi?L5_#g@&oxr_g8zxwB${Wn2NspcgqLF-PayuUnOt^C%5KM&mR-FAE0_ba$sRIS%P z_15xFC-&QQABeR7K5@HOWGrVZ|Fj8(3+8-Xe?{1C;+dZF|9H96mtDA6@@{8b?4)CF z{?Bu}yL#=GJr_NG+=^7*;~fHxCzVCT{LkO%SjZS@M%akY3J(gqd++&+W#*?dnPvo^k)7}LX3-MmV;9q; z?sYOc7Oj^}SW@ywVPP}F$(X{*B<3A28l}Ac|4g59eY?<0FSXPnF3rcgI<{O3-k8X{ zT06Q^t>}=jtjYh|{gHpyn{JWmFe(e;(wuzUIbB-UdfSF)JHK9$efRU)x(|M4x$D$x zWI9|kZ~n6C{hbw2e{84j6}=-3Lj2uEJ(3)5YFCT zX5asR(X@h`4{Cf{|ESd!B&%IMZ=Cn5XU`AE)Q*38i!5(6eSVj~xS{fL{;w69J}Xvo zHk^@OuNK(7u+Jp6{)R92fh#cAlHXq94lYfdo7xd{8tX$pGwd{y%-NXB9(=S`kRq>sB^wIv`Qm5r>8rb)J z5#9IgEBlVOw>}o^nc5Y9UBIsJ+g!zMf2*W(!=G&a^7`~nUFHR?tEQI;SU!&FxX`%n zvv{GW)XSF)fwR8%^qh!+`Be29yLXk)k{9)M&KjR2R^Q_Z{JQ`Dyj7)_HMQan#cmg$ zV7t}+Zf5A39qD%3ReQGeq-#x|z(-=F92J|xx{J+J<>BIexbXiH||GOPcWJu z{f>LX&(_dAU!JYi*}ZVPxy6xr=8xPjFZcWTVQJX9go}UXX+J%fz9QyU_EP6Z5B~jN z>-G#^R+MO4skrTL3HN)ZITiE2DF-I?s3-rsU-0_t%G!6#6^_PNk2D{7vgdqp`nQ>} z9Vh3{I6K#T`=`m_(V2H{p75QyQ~ZaV?Td^hyVQ7=1V+s9zxC3)yw6kd^|kZG1?8I7 z{BIY$KkM-q-W>U<+0^F$+*FaX91a!yPtUJ?u&~yS~RpB^@x`nd18*@xTm)`Fpq&++O%kEY?$xweH`eSv&uA{}hL;KMy_#TIu~M zgOx@mhk9+lUvXLXT>s(4KdLr+%B|P0(@(y8>}`uy_{WN;-Z~YJH05UAkM;;Zuz3F; zGuPnX^D1J>gJZ7BJ3G`L+Thdlw<7QV*ZtSzQbhu6(pCNU#hiL}lyyqVocbU0wi(2H zS9IS0vwzdW&P8>#-p=o97rj5;zszUfg?&3rxa8|*9D3&;d(mLwuiPp5*~>m&74MLV z_d5BN^TzS@dwXl$8E@U(S!l|eTqRNb=w-+rh(=kC(!zdBbw|5Nm>WL^9*m81V_cQo_;`hHst=2f@;d5ijk)%<3kj=ld! zy>8z_&1q-385GUzKRTQJFI;e$ZN{gQ?+)8-Q&28@^F;S~?62Y%tUJHX6Jjz6hzh)Y zx@j?E)6b8K3#uP|Yx})IYPO6*?zOpp&gMp{2r7p}dOp6$V)G;9cwEnmiSPOjZT@e0 zHF1W5`mXt9dp1A+$>;vUX5I--Rj5-g9bHw=>)dEFt>$}m&u{towA9aKr?#1Hd@%0} zqpu9d6UMC{zU4WkT#i1Ukm2wAN5Ovcb;IXVXdj~^6$N;t0W9t z4@~{I_*R?Rt@k`e8`}dH-@XyN@#Dh7g6HPAF6-xv*E&E#Q|DQ#( zW<$#z#%YC#vb=rYLQ&4`NBPx!9_Y7i7l8)eBohujg%7t6zb`-9&$aGP zz}~X-U3q!m_m$t){Jp(RZu$|Pz1ya3&1Yy7%G>#|`Q8o(17kU{yfw?V9XC-u@_Ky; zqk(z$uLWgSS)boM$dvH=*Y%3c?WT(A_hy`*#BiW&-kWh8oY~7c=#S*=A2Z<>(KM-ZK;dj7t^{2L6_2wRLg#Uzo6`Wf!_05M-K*Q z#048neUiAw1y-2y_60Y_U)IjnynoSU#ooEe%h|&>CbxXgTmGf9{y}>_L*wopkB__Wsi4yuEpPs@EBFp1pj( zc4^sv_QHo7J%pdyM;)AO-Qd9a{hYspMWvl)@y@6F7)&@;~WJhIZ-9pXd31P7scD z>ECiO;;Zqz>aDF3o@X>pC|58}EO~!yQsH5pW6T?CMb~JqUG_17JyyMWzi_Mz-?o78 ztrLBB3tj0qSDiik(&PreS7!fue66E7=Wk1o4>$2yv9L|oe*H32L*s96e&o%X%@}mz zoWz==x$vw}V70aV{>HznBR<{@eJ)@7lu7RA|7phCujk%c6;XJ;ChSX5>CMekb#}gM zJ}>-S_qlcay~D}&E0>m?eSByCvp3dEPilW!*Swy#*?G6myI<|@8C5?#Pi7Ju z0p$sLr}yuFb7nyS!`5$kGL@~WDf>1|S{CQ#Gv_<+yq|n)D&DwC{o65Dynf4E@%oZ? zJDMu@+AJty?SA$>O7nb(p5ku%rF_#kjd!F;ZF$EV{Q13Nn&=n7O>!$2f7!|9v^Un@ zOY!lu);pDNTaH|vw9 z>nE!4&JJ$8|3z9pvGV!tHyM0_yjL$36z$)sz4_$nJ+mx-y56y}pY0H&v|Qf(Tdn`c z^Vj#DxD`L`$Evz=X)Y_YTQ>TRIE`Rm5qDExT zx`v&uGum>J)N#`KhXQ{?7Q!)Qq3xj zi+7~{ldUmRoICk&B9motdf?u2^^3ctq|$X&UOR2xwIn6z-zP4kb#pzxnHqC^k-Ab> zp=m7sdFvOkth#7#=ht>hb3cY%Tk=serZ7~l(mcg5*^5bhuaDp258m;LzvoKD-M@Nf zpS^3xF^jM3uAiCX`)#XZ)!FmxuUtBAU5{>5+4St0K~()NSP6FNXYHCzn?CJt+ubqw z(0bc*i{6I_{`lm7qaglS!Su!4mmHIC7U$fQRem|k`sb;)lJCUL&nRtOx@H~M*9)~8 zuwur}OK6jG)FPIqnJf(jN6V!8zFNj8pJLgRr>8K3Wn+1K+G%Uq!?72Rz761&UhOnN zWXT7!!*+1Zr;af!S-yPoym@wKmNHyFyHtfaBkt(t|GT>a%3qZ0TyptotgU(9e$CaD z`jd+^<7S+$NZK+bf6+6Ck{#N+EM#*RK02D);;A&FUV7)`_T36FV@+n*g+)gGj8{Lr z@9yq${%k{r{YR88M#vyuV{XXO*o|+$Vr0Z1i zdJ&s#jrsS5JU-NL7Jv+s()xDHW6``dk7U$%%6*wPZf{y{er0ZT-LoXQeU`Z|UcYoc zep@u>_Fb=>TumKK#qv)D;ZO&APO@9&miwSQD8WtcWw4*MVd0&h`5E_}ueOy=3EktD z>n*`_dFJeRpO50=2H!v3dq3C0w11DZ{SO)5tCv0;Z@g+(v1m)!v}1?&X>&#Xy1uui z*8P=6?YgE5Kjlg*75Qrvr%ySkx#j;cwaG?5o3;ANU0&GO^?d!3=yYzb$adTFzhV`& z>Ovh8JQXuf9*&&~bJH&ksjrRk=kD9xde65THblWczszV)`&;Sy6W@BD-uZgh{pYbg z3H;@3Gk#wPK4bgVXT5Bjvcr~@O`Brp8W>K0)Vgy?jfhy@-XuBxn#_AE``1R#Py4$r zam{l7lS|I(FZ|%2z2Zi=`^{@6`--aB(&}JQqzm5hJ5%}3cD7Q<5_Z%+JmmXx5Pe8J~>wqi-_S#fh-Ecki9?#!$DwF{p*OxZX&$YZ9BoYn1&n;TnA&#ztn zt{`c7kKBrdU*^}lRn}@xT$d80wtRxox^9nbTT$t28+L7)n$cfgb|Gl%yjOPvlN{dI zmk0d|(>@#RecmGc+wE(g#SPRvzJ1kn=sEW5S==*NQtCX8oz=3Txk zzAEnIWP6RJW;LIDgdZM0-f;2SqwB7(--$5GdCAJn8gWzn zZ=KBBCoCuxubX<>dTq#`U2R)_rwMzw$jIg{OS)_3wDDugohtM4G=@OLN!!tK^+nUq5s0+mlbk?*BiybFbo|C4vje8(&JQ z?B6%}#k;#(x+-?+H_5qmhRJxA)T?;Czr$3N-rpBg01H(~o1 z!D-Kr>$fVsJskLqK~`mpxI*WHE8M-mUq$@?a@poD82^8C-2Shm^y*g`wv!$RSxc>4 z$H|;2A~s*_8)FZ+TWS0{=)ncPSN|r=(DZ+oIb+WEpT>vm8lL!{d3J908&oV(>p*oJ>Q{~!Go z`}|0Pd{oK%-CK?{WEY*Bb>VP>p`%@8=$^I<^MwraJDzQ~ZWKvNoxi(S`9O>IWlz={ z^%FjHZeGte!~FZ3y#m!%*ZGr~V$4JpypGS`t@kAlmQI(%#fo@W%`5uxeTx0&uJrmy z?->l0-)pAk+e94s;>~#L=jV)fd#vQ1)-o(J$V{?-KXZ!r$-_I-=e_O{`WGx*x;`|Z z+`#SiwcaZ+JEz>_ydk{dt;6?c9q)5f-}p5O(yVqsYzOI_oG5+(-;j(h(& z{(rf^v~2!mR`Dc%RR_80{m1sa5BVPDKQ~MMS*7D8x;`X_UI@ZY?avH4F9nZ2zRC6l*guzWY(*pD6#KOm{XTllg?YrvYNq6@;0W zs4;F4^gFSwI@V=(^rJ~aUxJM^FWgnVA*NPn%{;IC(2svLTLk60`VM`za;mU*FgjUp zcxNlDNL^V28pk?Uw6!Tk^M)(N+ijg z!I(oW!QKTPMw9jW4)hm3xx2Avr^An_qHBHxTKcL-pHcFi@;`%BTdUE5^R##xU;Iqw zNj_0&HZ!{a>}%zh{#ojJc+0yxM_z5c+S2gR_Wp)*6#X{_L4`t;NS;T90&^p7=5^-c$bWxR zpTt_(JXJl^@+I42@ziV1rY3J@yVk`!-i0*dPajnY+LZtN-p@=G^>t30^7PfdI7ybe zE186^U%qqK@|DHsUv26M_}+ar-y)HKY3;bp5;kU zkB+->GdcC(>~6guxxe1JbhMctauAA~`BMC%{#;lACdDNl`b}WYe-8Uf#rfgarv`@Y zook!OapuJ1Wrvd9#fDt?e6Mct$rhPsPeX&Fq@S*x<@Tv-^Na#Veh;O}OCsw|oKSoJ zE9R0KuT$^IOp&^m+9~^k55L|$>*n|692X@fOz}AtA9v8yIDK+$uED-9=}k+{#GJW) zDSE}vTwUI^zdK5fF?dMLKO`FdbYi))nDH_dy=ykn$9J3VDHWMv)P6HOHe^3yoRp&m z+yK9H`7+~;z1810h!rbB8g2_7Y~-!^J?((2dHs4TshdCUh(#rNrs)3Q+MYU3{e;y; z*DpsRCY@ct=D(%&)BL<8|1ykrcJK3fXtF;Cma3*ih@X_J6Q9T#dFFr41eGL{yqiwR z$19KZ8NQK@37oY(Z_&Su8vP@cZSX9WDbO?PfWEEm+{tr0toBctc~s=Q4F5*4xVtgV z(ct!WYxe1ipLZpE&OH5gUZqGMk%0Moeob5at3LAJ{rxq!IxA0CW(B4-rE_lnJ5zK` z_Rj}CCQ}}03Te&U@>5mhUnZ~U?`?s*DsA}nPVGGK_m7Ey?AOD+qcg6EXivM8=6${bk4o<=Ak-F zwaUvFwmPXeb)_p)b5owz^OY-#FBDEJo0hxe-G>5kC73d{q$}?qnolxaGxNOj`L6{J zLF2Kr=03Oyo5YLLtjJ-$zfX0-gP%eVTv~Q*G7WjtJJH29@~Cpc`h&`)Q|!VWJ7UD_ zV?1sZTsQ8py0YabftukA)c+I2Itms1mGtS-llhn0;N5jtP-|OBVSy}ny?vI1dGgeG%v*%m$?V#|| zt(#2bzQqQfxU~PB`;GEN%@@{jZ3{6M?sR;&s9kf8naEbYiG5*NtFkgW(l)HHm_EgE zULKZqcC*dPP7Ymbt;)amzhAm0$vjD7ewl7@+I^S2TR-cWl-}nqE^@c6<}VRqo^)(^ z;oCPi@0b|(a(>hDhL$9HNo;k_3eWT9-?*BEfZSDTnlJ^dO>$Ok$eXQu+ zuXl@UlH)eCTQi@jeWCemUfHtie1`=UZiP7BT<14qhWE!qF+smLa+KbOZvOdn?iN}3 zS-;wjE==3D_cqt`be@YXSX$`K(|*e4rCeUW?ZTb9UneEzuKgOaWuNomHM=9{$lH|v z1GTcWQoW0xOD<2IyY@=>woiVCb>8i>p8p`BeJa%9D!l=0b;_P8*4n!d?|b9g|LMbD z*OX-p6V*=5ub(91Ap9SL93>VY1wwVYe+w7b_yZqj|O)nO@WyMua zoy(pyVT#i^-O~nOf_e*6qT-KB`IGubtV|v%VnunSx5Xx>HDbd#z`1 z@y=pLJ7cx})^!}Z|I3YM-^*H@n=W}ZlRs!m-LpRn@0YdLdait;7vWG>#g+V0Y18gm zXJ^08u--9w(<=W@57rv9>93gr%}kjr#fp0bm%Mx$x<{hzz;n5$7uT1!*D`3%6si3i zC^wTi;OOT4>z>{)xMmr!aMoIrV+t>4&7Nugwnorbd~N=b!~2%3+^JLZfU#>G?*x;S zsc|ZkjCW|-a~#R|`#Ewz1U zoVOarc=!6J%Eu@D zyT2~=Sp2ys+oXd$<(Oq8Cu!LiENRW1x<2^+Ew|?%f9xx~UjNSQ(`EnL`R`mhUd^Af z>9YpQr|FwY!t_sXms^$i^;WJ6$AtR-L20pK3*U*aUU{Sb+K#`XYwC7Ay7N0-@7crI zm#b>N?EHOusnOfu$|v#jT_0T97jK-J#<;m`%BIbKbzj}v-I?H~^#8KJ!k_n}89jDq zmhsEZJ(+T5p7W{Qw>xBRxqe<4dFI`{&qkN7IA|Z(QhDZ`qKx0UIcMjb?9H*3NxT03 z@R?bc_b)Amjr0A|*myX9NyfV6T0AUVCthZ9Z}(u<&s+8CUx4@Jdx~px8yB7BH96LB zx_D=r*Zs%G(?m8Fgq7bgKVtPQY{Rdgy;t^#^Z!=Zmw)Hnrso>9+Mf;{Fm&9M-^1?v z&|He+>!&>zZd-RU_?%XLy@^G%a#8cM`rn4D|8H%Z#vFLe&r31&Q^kv%#i_@|uGws# zx9jlVigPm*ZeCx`U?}x^cBk438-~8N8++vyJlt-z6t8!`z2f#ghnnpD91FKi-t5l# zwy%En!PS>6zMs>`&Cgx@@cc*ri2>0`ucyHhiyq3G>|8=Qbee=Khxmz`) zD4aRS{IPgtF9BUq=}a5lq-OcQR^P4Dy(g0)@LpDq?f1gpvsT)3siaPvJ8^->s>Ksu%`%wa zmiRFHxl8=TT zq!%8_U-wjg+P(9W_1hnuV%qny{@RBt&DLtsP5xx5=vl}%6X*GfwY zpSQAAJE6Y5Oa7hhg|b_%oGE9|C~14^Y|lEe1L_^V8F@k$f)p01x3Ru;uy9S3U@lzc4kJU{W-hxeNGX`<)< zZJK7l`03qGt@{-lI$lm^+Vc6iOIaN6*2jVO*b}%WpX0maHYX%V{d* zx$4R@Q5z=w`SNbc=Fc2^?`lHR)}^Bd4&*QKcy+Ho|1f_fqri;Qn~v{0I!T&oIj@yl zb@}3JU#>7nrMX)@img_+kDuh2muJ+wH8AR4=Ay^9=KP4Otx2U$K;`!r)R;&1#deoEa47Z>2QT@3^?(w?EA60{b)#q=!7%wD{ zy?CA0Jzq<^#SM!9ZZoU%`Jb7qa@; zFXz@fGS92QMo+%C^8U(#=K}7x60a;XR&UM6G%WG7yi-*!82S9qP4^7$qy0?s z_B-t|8xE*9)H(!lSADm&}-Wb}a+Tj>n&E zTWb&8-kQV4amV4;ROiT;CLf*&vsf;;?U0W?)$0>0^XA@eeTf%}8~5lm-#N|bbj7sw z;g7so_43S@PMm&~e&>7LlnDDaU#=2;{##;dhVjn@5B+AGQFba&sg zzf1TNV~*@D*~}$> z!b4jcK3*4}R2_M~+;4}~^ff9E0+`qDyXVoPvZ=`ET;#vcGSgW-{h2bBCKdB8?6bR< ziQYN>ckt=Dj2QvWywP=WzS;4`%n$GOe)KyC>ijN|H;-v>IJf6V`K37bo9neQEbsiy zixrI0y1sd(A{Wby?>FZdPk*{cr@iv}oSNfbL-vR-e9cm@sQW~<=$ikfwt)%-!HSma zp2PCwE{~l|_dJT8GVS|#v-u`hSZ zzm(fEub;oUIv;H|E#~gw;>kt7-*MOqE_&E&Fu^4(t?JSL!xQE>K0FlTB>lQWW=-;A z|JUcF4CeLhk2>+D*ou4d$sIdq+zF5@b-%UZ_w}oDiqntf>iqeVapy`9v`ScV#NdN; zV$)~&hwA!IKEK*!bZXW1&FVajl9hKtBF^mX=Bm1PJKtpHgu{FGWO-#T-V=J+Bd$

+&mC_Bdy!^LQlvQC~LEINk2^x*|<~Xd!ax=-C7LEVC+}#=QIW z41^29jVzirbIlCg-a75>`k=ce&9{xJ0ZAcTe0^r=FA|``PXZ2I9Zw zPI1c%l-l{XZf9O{kjL(Q9a~=Oe{qAlXOi8oJBR(9^PR*#+e@o-O7uo=yHN2hu5xkg zmZ`78Up=~8yZQ4;sX*PH^zKW0N`=3=C;mBOJ=6T`erDLD+NF%-2g?&D8f~8OXy#+Z zYll|P&d%uOD|hX@Sh!){C-GA&vfGzvbGiSySM>0fQCyuln{e^Yzs8wg?q$O=!6Y}W z+m&q&fA_C>@IKz|?U6lCZMJF{AKct>^WPb+Yg=my)TF#Vh;UBzx%Eeg>;IOvuG-rg zcWvgei$CpI^Y_oMY;c>+`ft5xsFIms^X+$fDrdLA)}Aj3 zJb56Wqa`|vbH3OS!_PMsoVi@LVcIQowx<`HlYO{$mfv>|k7P~Gms^^6UviSiyb{)# z#h*^@H=FuIQ05z>&xteX=jKVN)jspvq{d%v3Qfl<_*=~-zDlk zt8sJgg-Lr}3Xpzi3oD;hJSUwye!ySqAl`+{SJ=OQnC!OV#JaC*Zr<{GBeY_Fm7=9^ z`|d@J9gy)b``Ioc0XT=lR3t zYrRl*|H3t&Okb6Qrr3Vmd{A1+vOL{LegBL}l?RRUEhEl7{=R0xs(y9->TQ!$uYWa3 z?RdL>&Eut?-iGXzWok+}Ki~V}+wVoM=P0B!KY1_i^q=+X zn5KR7c`D@B`zv6p*@m)z&TE(w81LWv!NIDTeqV6epH9~`D{RhJU-HX1zIsjd&RMr& zx4z+IZhZOV>>1_%-;(n77Fr2U_N#uB-M{&Tb!}MHv){a%U)tU3f1_Gs!lq(q_crR;-|sa=c7{Pot2V0C+O$sjzT18tWS!gLsLPc-yp!t7 z6@Om~6Sx)X7MY-_dVT)q!&=aUf2kwkfw@GV*@kcO^2t|cKi4}dQMG&8h1*-NuyLQ` z{loSkqFA%PK3nzn`58to&QH5dLiU}wb>8+6|Gu3KFQ=>JoMOCn=GOFX%^yzBTJLVF zx7ObOz1Hjezr4fME7sm|&VAaw=jRQ!eYM^Sg-iLiW*Cb~zkZQovy;2~ z0-m~MU7BW8eX2kl)(O0{ljo0+p3hbOM~U$d+JyG~3gBclX6muNSy;AZ?uUc6SGLdB zpP=>NVtn1~MJxZ#`II1f|2^MtCi5v9a$d^bnPSO$X#exC@&CD3*F}2&n5rIGSZQ_M zX2#hajQbuoWU(sr?<_9cTpKI8wcF_A>wL%Grz1aJ6`j)F=pe`aZ`%y(yfcYa2{JO) zN9MIvtYAa>EN-+h76-%4y) zcIQdn|M{*+?2f_Q14lYpmOb70VBzwLXY$+(8Bw2gW=9K|ylwDV^5UG3(c$dK?@{&D zdv4wQ_c?v{{m**;Ufx_@krK#w^D>jq9E*vajW1K4>nHq7KL7be#=Cd7;}2gePo6O4 z=-K%%lke|%!jt#+k519QEX{i3{nl@occ@IAV{LbSjW^?=D_8no*zFS3pAhcxZs~!A zvLX9#8{T;eD+x;Ytp5n<3M~_BI6c!yL|fBs+vi){i3*cb|NC>^wAHyO`R9(%wDqf# zQj3}O_g*{_YphowdG_FhsqTSnYhvPEFTYj&5*he8EiAWZ|MN*tPtUCWDR9N&$*zob z)!lvy2GwSge{a<3TiVWFG*7RG^V7-I3F*u({pG4V{2u*g`?qb@{lCZUl-!d+1J|N6 zpVa=k{KQXsj{F}SleZSHpWA&3(_F2+@WVkNBfcq{|4pqrq&{ip$D8{TAD$7hnsv_h z`fBe>GydMcyrO#R)M@5YoblG#E#;lC#=V|d*$>rQI|}bU3>Cfo|L=_j{@3q)P@BzY z)HS0zHa|N#ZPNGfkE>=$eJgl(uIaGi zCCTJ2dpK7@K;`?bMt85|$-m@2C%W)o3HWv1e(|1tQ$50sG$#jpNM3hcvUOe;Z+1lN zO)ry)!t)5t_nzNg)>^(Pv)K0GV+S3t)7P$N-U&ba%lKUG!gnWrde0~*)r(|k&&s$l z|HO3I%8bkhJb#3A7dK4$$>6)@@2$T!|GJ|NZ9F(z@5-myKMwZJ^szs`oh=*CC$ey(}(@fK(^i<23{@gJY(?>^lA@#LKMCm$d4e`DuW zay_v=`>o@tn7p0(2cC(CeY`Y#`=&Q-_wGFqsJ_=B?>pb>>EY>7JDXfTSFfAGK7V0R z=K868oz1@=OY5k`&OFs1e)P`%ZrR_Amrk7Xxg#_iG8$?5{_~xgwQ1r>pVZTepPya( z=gHMDsdBTT;IwxK?k|Q7Zxq^PF4wJYN{|E~*HrSmFU|6x0P zBxl;61m5%Y>5{I-Oak|ue->+3yqI_X<5Bf%L02z*7n=6>vfqyC%7abXzi)rv)_&n2 zi?4mc;}hCCijxhp<8S)CzkkZmZ=JK1?bpS-s-vcySXdDr^Xds>*%R03l{dB+?-PIE z+xo;uqN21=an}8JEI~7--u-<3Hgv9eLwnzDZt=Un^>hs%%!=7mRn`A)FP9<_OP1Ms zW$T*LlrDds{vqR^klel9bHlGs-^wB=vZ`)X$HYyo}D-*Z4-ygdNtMM<;f9KM&t2gz^R_9BitvY{7nC@>wTBL0Ix3p3CeL4H~c8g1V zJO;aStT&j~eYh8P?cbJN#|@9~zPx?gVRwt&-uhpKgU|o$kMV#0E7j-wvW|A^7Ypk5 z=fdNK)%s7{fg_p4J73TKf8@Nm&CyMjj0#7dsn?x&X3zKKB;&H0O}{tv>z?S4wXQr} zIsKnZm1ExCr#A))S%#+`XP_CB;L@^e}7`>K@Ix1%1rlH^pmi#o@A&Z<2HKQ7lOPvtrxA&TrPuK5r7QyfFI~@~7@aLCfd&>eriv6U+X+ zVqNw9sK+d;?%m?&)JiXy&EyXHk-)i=`OUrE3XmCdXN!lGK66bj9CL-Xef-mb(WoL4(pW9ZK_U-mJ9N)1sRa-3H{A&Lo95jY{9QNb zdoKU>e6jHFshSaW7ed(%U7lO!R`z1|R+(>pUmcy83NOlb2{>^mw!nx&Va^|Si`Lc@ zxz&cuv0NCld$z7F&zHTcpFXHJXVdLmS+isMUUkM;$?t3TO_W}KS^8?i!-ZLA92aYH z9lyVxX@P-$w%6uYUtXJS;#_g}zoIsC&y)&DnR{ydhF=$kvNgj|h!bE=ZG ztqyE@URn1iOmr>tLF<0u)9v=D&rd(SaWU}M7crmW_A|S-OxU!P!M);b{P(21{epU5 zEOe&)&rx4LhoL0ZCP=99!IO+h+&kX~%9_YO^eCP1JlS{3-?_Wy&bfQ`a{cGzx~c_S z-n)gDU+%no&nx+>;Ju2UyWjjVcvEn5i&6T+Bp!zFbC)m49^-Lts$H@!>GUzCNq_V1 zTyOg0vgG{SX>+Eo?qIK(u6<+k`dOd1#qD8kwBIk@zP9z(DrXrx;e|DOuGH+?<-xpT zh5Z+8zWJMypU}c+P{_a|Gbw3Fdwfgf zt@6#E=a=={1wK=o_xHKFCeO`fYrE#&*Gf$9NH5!&`yZ<2iP zGt>RM#x;Dh%iixjbN{}%O-6dk>;CyiKb_H@a{bLScT>k>Yqg)8od0HrWq?KJ#x}9; z%v#A~+wUI`O6odNYM*lb^oGwr%QJIUKfOEu>Zf<--TcD$=pA9wD*sgAd1B(G)kW4n zAM%v0Qc0P-TVT!fH&<%cY*3vB2)P)bAFv*>i4ou&%cM& z$S$||R`#Lv)qCB&Kl!I?RlIemouDbIb+4+o>)_M%&p+mi^Sn%$;c%}xI^dq2M{R%e zvsZsj*tt2fxt5jO|5_JxzEXa|t~qnAXvR!LPDC7rj6xr}H>|mO{?n4zI_k4T?{v*P z)>v0O^XH77@{QY8O!@8o>0+kR&TA2$m0MFQ->0>kE`q`*W6B zSXVfnyU{wkBJaFW7r*?HJ*%dz+MIRM>F=c^E^qTsCzxAbEZ;Qkd4T27oXFp8vqB}B z_PuC-W3^@Cs>SaE>kj!Gc5lo*d*=9-8p-cdbDqrWNbz%XW;)Fk9$5QQ-L=HWg4@gbUyoA^;P>PyF}AGMq>zqpk&>|Hd??fi_%-I=P5d#bxH zW*@j-G9~$W)neNPGuN)}a}MRo__F4{!a+NfWPEut%O9nTi;G;FXLbZ`-7;a5%z{eu z_5b&9sR~S9+#15b067=n%V!InDetSAKYd%#=hvgUvO#w?cgJye@1KdUtnOTtyLhH# zZEII~_J+ld@mm_3Dlf`SKuHOLbH04|9b~lWtGo4zsx0$f_P7Vu?0I$9N{+jEnWwv^ zXDI0ui>+I}X31pRsa&S-Wz_zC%+=W)x>tm?LUh%AJD0t|&c9aWZ%S=_@{JSO`7`#Z zJov6Ey1T@BH{X-Z@6Y~!vR61Q>aEqLYj+P%%g;@J?G?MFUH#C6J&StW|NdUtp*c0- z{@P_%lXs;{e*0EqCh~G={~~0Ec4X#;rKYC-caS{QEw1lYYOr{sAs4cR0!|!;lfHZq zMlRG9TLd0)`!Llxb$Axeu{@%<+4k1q858e_Yu^aZJSzLP5jhpKbZEVNsNOQe;P}kH zZ+`9-y`Ph@Bm1-Xp6d&mf8GDn)b;IQ{q@cNI*qs{EizmdSRwlA)a$@GU;kX%-~0Yv z_Jp`*WP1&rJrCr&6)&3egPC31e#yh0na9k&uK%@E?MtNFHL=`z2)&UUAWO~)AlEsWy~8or}No*7k>I+`DV)g9|qRi?l=AB zXsFvgn7jDujPo-xw=(b2@j2})V!NaDcX;~56_T5dfRp%fnU`m8i>JQx7Jc)3ujqWY z^S|7Wb9{?^z2xEfizub{nGIv z$4$7_&Rdkf?)j&CTvLqMEmu_cY!X%G3qy$@;|7*LX{)k(-~2uP{N~?_CxUuTMH-)q zG)}Aic%tFHO2w@29}nH%@A%etbx6jVn(4<*mEZh*VDq2b_w$sp^NxgBdb;1JF5y0U z->ffx+qbBDKd#T;kpCk)JO60R&90rFV(qH_G3ei2-hC$^-?ZFVwEb0~p#Q;Vx*}(! zQ-iWifAh~<^m*Bdnf%kYHhzkqzj$NHE|yh75!+rCPUHP^EBO4r?OFkgESGFNqn&U% z&3eC0Kz~qWht=WaHJ-iS7QkBxAphLS68bQE;+v4av!&i#UaRwX0{teH(hf9ueHFO@@D!#IIIoIdIZaxqBR_vWK*Z=L3JA5yEa(=DW&57CD zqZ6xBu`44tXThpZvb&tl#($DwkJCx5YG=A@^8cU4^IC!Ze;lvr%BVV@zk7zA-T> z%Mh; zCn`&LtzMqfLiV(ASB%)a&Rc!OA8M^Pbf(AEOu95j@t|G9&dwKN&w}@u1l_EaJHs9y z+??QD{^66o?a5_RBVPy!U(_|(`0{1=&9D7O86v*zIX7_{$J(+WAC%QLS98;HNK zax4wb-_ov(?3qVmlX>>fJdt>u=Ri$RzN@OMyRQ7cT=t$fKjx=CVb{F5vOdAue_!xX z>9f6i$}b(d_NH*!#W`G+YF@<;djEz-$mt}X5j2%g{H|DPz1{w&O6%wRgA)0c`e(l` zFJ#@-Chy@T_i1KpT4Qz z&$zpu@87jFgI&ycuaA)gzLx-SW)bBI2z~an@<~ zrx6U-@)954ov7<&l^c`2?Bg8%3&9&wJ}IiMO?#86cIa;4@qPb)h(6^FleuT9a^73b z@>=)dTMkDXZT~E~)MY(M`^)!BfA0T3r~hxiRg~48jLDNc=ZW*L^NaG6Nj@L_d*yzi zny~eMMcVsK687``xU=QYKa1!3*EjxOwqJJfzVt7ODtAI1K{vIr^d}yBbX5Y%_xtBh%e?6F`9J$zM`qbPY`4BCi=}i5+x)wJ|2g~r*M(*}o$ar~wCcj!@7mY+wa&VK^}@~t9moG&pPX}oF=OGYy}}lG zzh*aGGISGrlEd6B#<(LhZ?2qTF^V_0w@vvnXX2MB|L*FE9RK|0pU1*i&+Qkznycfr zJtzHj^U){ETPM#AJ9;jE>IUN%#nv}Mch0S0u!-3##bI~keBu_>n*y zlVx;yW=Y_gZ^m;n*bOG+_r!GiE`9fX&i8{dm(43Q{y)<>Vkwzj@ghz;zb@hFpOv3$ zu0|OAeEY)IzjUsw!G=0-!M24!d(gjYe)IlaW3G9AbZ^Mkp4dZ1Hhym!KQ$el`S97^t&46bZTaQd zeRRt{9_6xc`{KP{gdaWZAbV-e7yaz-Cgy#5rrLV7_f(8O-3im;n;%roSXXL$T1d^_ zYO2%cNbw10R{eQ!Jlg4*(j~@QxsFEfj-9Vv*(oMJA=)8s!&{CoS}gLXp7#m*XHQ#m zc#74x`-dj3@eY@ddAYFs&t`7q*!k59Cszn`~B8?%Cg?Q({4Bf#e~jgY7yo!Uc{fg^C5Tr8po$1n^WIP z??_Ng z(hgRc)vGo|zkc)NlPQDxa=yP!#}c-i{P@k(cw4V(&H2qbLUtypBZ{FVj+pS)h zTxY(x{hYQf&-qK<=RKqgmH57G-*ALwmQviyrPDv$%SDbA#eF|i4*N4q*s)>4+WO!6 ze|{ZU{U%~Lvq;~bAHjWFe9KN+1-<96ky*?tX?OmB&f;nR_I&+v=l@!x5|d5q56LWg zu!664;;$3$dSdc-=*#YJ{`LQs^U+lKS*))$ZpSzjshoFemaMkBW6LKK-t_0oj?RqJ zUiAr?*JBS}FF)G&x=JNn1G#*6y5nQ?=g8R-wQc_|?-%-Qzwfy8*{w2bHg0$see9%e zP&(6@f^SM(KU+>ohD1qUWp_O`;d0L^5BpR}-;JxiHBa9>E}dWR@mATo$!B7hUT|$n z-j)Y79{x!aR_?p8rFlC?No=7(mHkeIKV^P@uip-d|F+OG`lz}2dd1pPv(CJX{O=;k zI{C~!>FG~zS3HY5tQ+%CR4#dG?!$C?CDe)u_BDyx8!> z=Z$x^)~x>Z;YIbI#7i?LUJhj1RkAf@Nz|+&nKriHVrv$^neF;wxzdg4OM-uYzS#Nq zl!%V~3oYh{Fa4~Qt-suj;;UZ%OF^-5#|u7Jc>-3U#^DUSb{_lI7l(VbG{sWhc#h4!KUXj3GzU<+_eVXUq z7(Ze9k+EX!@rUx+zfO9arL5lB_g38?zAMc#T;I$!@c0t{^iy$3$eBvuav#f|G=wb<_K!@}DnHZphP?4tHPVv23ERe~v4A#5bGs{r6WbDpja> zUYPXr!}2#ZJ7uh`yyo9)%6vB=a=KX1HjxJ$>;JxvJM-53P^(;f>!D;tGc>CndyDNX?*PZd_4@t}{e^g>scq=+{jol$> z{rc&1<=bTSW`{k~iRoc{aH=wD*Wnq79vk|vgy!6gaM*Oe_jlBU`5j+&UY@kMNc3aF z`y$rrZ=uEau636ye0cu-(T1%7@ueMy)0L+5PoH%@Ts)IO{A+vN(TBldZ=AOseZ6h5 z$+f~a*RMt>Z$9>5UHp=rk_t2b%vq_Gr;VH+lB_1l)frD%UTbdsKlA$w;nciGH|y&r z9h#7PYt@aPYlX_%D$0((o|+S1_4xadQvXk%zDHI5^EG~EtN-Dy?cwJa5`W!0{pWA( z;pQ^8ZU25m>YU%>RCzY9E<`xx&Mv2Ue@^zzW^SDc0P%^Q7eHYbTurMe6+1TVynMYi*w_e=cCTmy_8}?t@h){q7#; zTHSS=V^dw&dbZyTyZko(xA$wEXBK4p;hA_~S-yI8UH;MQgwH((X9g{NwD$T6iI{&?a{tQ?PT*_fd}6zU_37K@E8i_L*4^_j-q5gNS%TO1*!SvR z=X_^edHSU1+(V+Mz11?62jOaRXmEZh*yZO(;Wu^f_LH_@mr8TQlw2$6A$X#?y@6M6p>S=*BKNOyZ zZVj0mdRpw&bg|%wT@&5qG+gYbZnbGYrI~j6mid)6hXlU3+NWG!*c&2S+y6;8P0Efd zCp*n<+0)ZI)~6_ccTp)ek`jst+tKyPdwIe2>xFe!(>@6;vRyWD()9et?A=i-eovn1 z_BvHY&-BHLPXDxnbJcvbKcDdHO}Kd4lI`06uisDFhadlFd^YCaoyObj8P6uv{AMbe zzFx7ubKZoHpHF_$p3xu8$XnTZ`o|)--G2{@ zSNwRYRdT<2GIPJwVp|zQy}fhne~2B|`*q=o-I4F|XC~Ga20k-*|5!ZKYr-36lx%9; z_~nCe;KIw&7a6~GMM>Ev`{^y4%JS)*uG@OX_{)KPb6@vvhI_Ps`MO2hWB;SQSv#;03wF+_ks+18sRle7;vO2_F{n(_C1Jlm3 z9(lZY=^ukq*>@TJ8ELz&IUU_?dgI~({aX$P_hj&UAQyBlCLa9uf~s!Y{$;R-`oCTF z@c?(t^8;tk&w6*mh@LB7cs1N`g*&4 zMR}G-{8!&?YbM-58NZpaQssgABDJ!YWo5D_((ljyf3jNr%$8fFDQkDP>)yY0?%LE{ z8T|e&ij}UC{lC5k3kGW)+!yV;`gqBCqc?AV=4f2M#kE={ z=}^hC+??)j3TZ1?k~L@dUX()}e#)3ESBDa-Edow8jh+YmA)Ys6{bP}vyXEGbAB$~8 z7#+^HTD`J+Iqk2ai^$j5z>Mto%huc9QWlKQtJ`J2a`8JS|1IoFEdov*(H>q^kYSgP zs!OhfU%J9uICHh8N#F9D>x8}Edfxig_TRSeOlYe_K6k$6UEi%&wB;Dqv|Sa^o7T4f z;+5ise4DSbZr0h7wocJn@s_gCqie-cS(Z1iv1{&}BJx7r?7hKb%i~q{#=*DOuq8z0 zcx&vjPL7J5GV{mtwi#tr(Hk}NV*aLO{Z-@Y^}Hwt9@5NfeEH>WP{)Ed>8C9}?f$M| zpSbKQ->w|t_}Kjud-!O zoOJc&xpzyStPFIQyf)+balfD4{F^ryt$Ep1`EI*@;4HBprdJ}^zaMpb7dh8;k=l<- zPVY`H^qTkhK=)D}87}AVtsnnaPBz~!yX55E13TKzNZ+&Dv+&1H<~=3z-#vTUt9oJ| zNA}*s+YI0QZ0i^1cx@qnzGfF>G0KvYTb|?kX~t&Xk~Q!8*jD}j@%-TRP~-69hn{9@7(HD$Tln6DyW*!S zUnelrXOydxw^5SQcyK}^I_{e zwG-7#TOYgg7q2?Z{`vanAKSSls{QMBw(JTxvqoY|@#K>cGknY3gldmf`lV2iI5_g^L*luP?8fQgtpO zw(+`RPs04`T|fQBUvQ=$`eXZG^mD&-XQ}-yUD$W)y{~B=pif{aF$ydVH0~Yl6 zep>-5PYsW%JWyX|*m`UJ+b74_rSgBR-h1@SL@{G`zJ160{(o29c3<|{^v~Pe&gAya z=zsUvUcRO?{Qtrkp8tN!E6VAxmwh^PeifVk9{zxHvn-3Qote1(7>8KhMV_1D>r+6j zihqi;#oYeQ=RbX(Kj`a&%_8TwtUk4U(q7TxRPAS{$}7{Y_N@QI7xk~A!vy_vekiUMhaAt*EYa-NdiAPixE&KUw z?i-(8RPiikUGazS)&2F7h37a;-~Rmmt#HlHXQjVl8o!#Zdo=sLj+1xTKWI)M28QtELYzjfBkCN+ZyxS>0j>bRhoWf zMSOp^diB-oC*^*8UDbLkIG2Spyw9oo-UP?nH~D_09Zf#5@9TU%xux@rb88!>P1)^Z zY<8plxYuFzyA{VjTitlme9*2zZg$i41c}e{-NU1~WpDmWX_4LWZ9z?pd+_w~C&7Q~ z_FRwsQWCqce@%h7MCHbrI+0f#&$i0_xhtNr>7_f%=NH>AmN@E8UFB;!srvF~IV&mu zqH|cS{VlCLC8T)lhhF=5$Yv7WNne={ym)3bTVwzTH%mN|J#zP{S<_u=;kZ?+U% z`e(T_n`_2O!{#4vuGZ9kI3l4XTvehulTB!MR6$j;=h;(}65>Tl%eB7jP|!<#levFI z(pOfU@>S;hO6o5)m|ks3Y};4gD&W*H(}}4rY1XF;JJbcYd3EH+-~!Cn$(pm)88Z+pPy3wwqoz3x8BER)khroG;8iPWBCog)AIwambHY> zD>Q!o^?B2K_Zbn>9^G={@|StIch>$zKMroxH+uE1y7ScUynnYJ)X8W6J^bxt%eUhe z+Y5hG9F}`6@bK+!!)LpfU8pEAKmUJ?%+nX#dp1^8q&?7mRGz&3O5vKAvn-cYbd&GS zoqJ`@yE&Uecj?zGVEb+IQY7b=!$l?8TM{2`Nm-Pwn3J~L>F9gE#2fpxlHQ-Zx2&jd zUh%;VrH{TRZ4W7W@s~};_G^fV$cG!NE@YRQ$Si)fiT^B9~~?j98Wo-RBwBCvmI@YSbRB4mDCNYIEnJm;0wtiv-( z7bU;7E!Pov)2+VziS(NIb?S<2RkvTSw1{!sym@BwaleK2DOWWj3*y!s?+<$4@`JT1 zEk3NE$MR8tWW&VkKc72iZO}Jt|H{8s-QJc_H?GRw`rJb2qq7U~>IL;hFmF zb?n#rS81-#Job?J>>;IVN5X=|&-MM;)O|XobYbBKrSeiH_I-H+N1FWvT+4*CM z%CD-b5AjHW%A?p6yAPdD$2$wHm7sn<(tg*d)t3ZFa^>-FvJ$Bd7UUS&Kgnatb2efBap?M&_C zeE+%x@=hmxy}n4|fS9r0q>D!$tu~E$@$#Wl^VA;wljS_1#vhA$>(SXQGg_XNSN>h= zrZ8XDIzH*Qm+1|5f!S$`-W(0DEYo!mUH|`FPx=&B-VWa@$yHz8SFU0?aBkw}wZSGo z3MKCN$+r6MKdB#o$M0p7@~`7}7MkU-a&_OaZyswe z_HJFtDnDUQ+F{?jv?>t=MMqLG{^&f7bWYZ)-6p zZk;*nMZ{mOXRE|&GA>M?^6>)K--MgzTYj?IY$=^9wIO%?!yn5P<3smc%j%m~=9t9D ze{cHn6HR3or~aGT9yx!1*QU4pfd=-8AGUf%L>zfmef7}7eZ{>d@!c1=WY30#m_Pn- zbaL>g={5f!hDt2E-EHK1Wi|M#pCMvr)>`V^~-Vgr0&dP z%f2z1aj&&KutsImv=@hWpSZpLLM5xhye&4&E2S3fXOFIaQLNDLt;{x4>c!5I#t(Kv zyE3!GFE4(?s}?4GIgjNxgUQAts>>Gb5BC2eTp$#=Mii$2Z0dp_5UGD!$AWxe>SB>T8c5y?Q8eHTQ){TPk?t z|DO`tRI-@;H$%|pX_GDWdsVZ;l6|_vy?M@G60*0SFUqW5*xpn+Co5{Df(yz*<*&OBHpE{?q{MOmC%imPruKb?=J<0xy+}8TgipBr$FIk$T zb&JdW`=^JUMn0}V2I;SkY&x-nXGPQGwIv5dQfBrgep4!%mNL2QJ6l-l3di*uH?LO9 z=DX>-^x*ti_3Unb7aOGWk1(B!yVIC@cBZV&49WR3cuEe{C%&H}yg%%Vl9UkB zcbjkV%kf3IR?LosrH3CTEjSu`W{%4xBk{?(9*TJ~H?2Hx&Q#eNyP(}J#_z$l#&nTa z+OuD%LHb!y(UW$b)&;OW=HYb25;e|hpuS~<$e zBxL=e9cQkJNFDyE^X+lY{sXPvvgY4Tu8~L*zI5WuNww^I5ogcYXr!OJP{uoB_Q_9A zlUaBEvA8|UqW)ytW!W2@vm%6ojU#K)#WbD6uitlkEPp=n^UBmq*Pga_9d~AWpIT8qh2hJ^^4MCF^mpP9`WjS}cYe;jvc3An?>EA0*o506#C3fe zi?(w{KH;sOX#anXp1cE>WI4-C#?3|^*G&^Q|9tr}A$9KNIZ1qZSXF`}z_x?1liH>iMX8ltZuWER5w5HbR z=2FE|!QZ#eU9u_n$rI=PxqWR~=W5@zN7%ByE^@xpa>4iV{8xeN_<#4z_)ut<(lhzT zI;I1;ZkzJMExzv*znvboCv(zL&@f+3q-Wdw8ErZyAuBDNqPu+*y+0j!w*E;S!@Z+L znKGx>F<#i1nK{LKrG@m57b~o$y`8<>+x}p*ep#wwbSXoqNtDv8$L^0_DQ$cG;DmmE zLg$M~t{$hqE^$je8dcIHk)E6Plh54320CHQA#6 zuaW0%Dj)M@VPwFWwuFOgXD@f#xkBvsmHU!9r_cF5e<>x!Jkx`3sj<=C*Fj+$fByT( z`diI7Z0T1UJBQ?$7P}Kx)%tSF-(5bSKV78hu1N0x&+K!Goc?@bj}%wAVe!`YAq>V+QN3l#{Dsj+Om1;kuTMSrQ0u-tZM6@8X#EBAM0BhGB;<@+TX{H zhBNHH?Rk9pSCd}z-Qm`vzZDnUKiF!2{ZhrsXx?v(Uw(hIxbV<+qu)5=kYV-Ot-$G^SZ*eZ3XM^20QI8 zW`({jXFe1^vD$SdI_*)=R~077mn&b{_l8>q9(%z$ecDV%ow^+HXo-8dWh%P24miGl zk-@z>$$iVxCpv1O++V(5DB8xm{Hx8{y$9A<@KoMZ-n@Hn9Gf4%p<>_BDN7F2TVIcH zQQLX_*z>z}3Vl7Tg1aa4rTIQQ%DkO>=~ER`b=?vRTl0Ir?Zji}UkS{9DOvih^W%b= zn#X_b54?YMsA$tP&B&)MJ_nzlb@{@>`%N-Z_DLF-f4J~gb*ap^We?x>J6cC~mtAw1 ze{1rUnl*R6*!9P+2tR-EudT+yOK!i{XxK6sE=hIM_n2Df-nMJ+JU+d4yPuZ}WfkQ1 zDxR<`cRKzvW#4L^+ihnYb|#*@Bte_wd@SrlwIqr_~f@AzLR?Azp3+-ZS|AZvGj%eTJ4gY!t-{c*@wbv`3&Kc zQE5umaSwbi-fv&~(xmroZAmStOJ$;DeCle^tp2GE`D<<)os6C28?{I5!{frT#aki@ z`o5pqab4QtTG9o#AJSFxlMddJmw0{Y=#sO&3*UcM^E21_Qn@=b^QD`-R&?$hq2AUh zJatp7H(r^i;&CWmKriZ*y<4H-jq|ygWl|rbt}x7TUU>A8jO~L9$q&z{il6CHF0N!u z-n#mAp4C~_cJXIRHm0Q7Nis`%H}Aa~6Cpk8LhV<#{oAJWgd~Zw_OI_g=jS0k@o3uO z%j@DM_WNIU-@0f0^=oU{?mk;G$xw+|tL0zc!Gyq9e-3ae`nrG8k-qzv?~U1o{%JeS z&o|h`ExfukVececx3XlZwjPU|>Aye3Zwv^|KE6X|{+WVJp^IE+JHDIy_DbEQ-v3># zlN*beHcIZ);rnhXx9>#bisxVV3C?sEF8az9UVC5-%Oo|6Weeu$mDX&2Hc8^;`L2I? zx1t&&3zt08Nj=%5vgKdn_l480g!Fh%pD=UD(f2t|zq}Ny z+EcqFcEcpum2s_ytNgUSPG#}_!JX!1mw#;abEZ;x)~4E%-G;j7Wo8Dx*m&u}f(zHz zs}?5OEwc`0JAb`-zIm*#Nkp(AZ_SFVuS-;87aV8Qo86>copNE1|HhTi4Sls_9+LZ6D zJFE>~>r*d=Uh zRJts)%HQPh)VQinC(G-ey<7RqAG~^X!C~R<$0F_jS4+Jvb(nl+lWF%0n>c@UzN+2SoX2>TgR*IiJ5O1lRS23o8EN3FTDAY$LVOlFn`&#>*Q`l&6Q}2Qe16ruT3_pyxO#*`fUdHizWYj%xnJ&q(>Z^k^4JF zH^R!s!6uT`xvAFRM)cXA$BS>+a818e>?!$!$x!0Lr{rJ}5BYCr7i|vKeQ2T0xmQuh zlwW<_ZuJRV^Jci*kaykYzuQG#)@%44pccatM_?YVHh^=XQz__JjT&Yx1VR`z_WXnyvHUW8Lwb?>adH~BLz z8?q|ZL(Dd9NvRv2fm?y?O-Qj!j`Pm&`wg%R#1t^u>cx^i6>?JRM`y+SqQohbL z-!I=*ckj!Vt&dE2{^+keI$@?;_u;ntR~>I(eUtb!GFHQ^^mp=QahI>gTtNnB`rUUv zIduPO-=+D5pMNjdpZp=MUuCai$T@3RZP9{nCC*dg1HoOK-kC*_ z?lluF-ppV;;Uxd8{KBfT>KWYmPwv)NHO~LDY~l&A{y7be55lf^DV!6S`F+Dj#|K9o zSIt^%J43(yuK(14phf>|HvFu9V{@US?k!*3-=mXfC|&&hn)_Vs%BK5six{o0-QBF? zQF+p{%TvuV)cw<&#QOd34%~aX;JSU0*!QDZeWtqWmsmX|o#VRIO8Y)gRseKZ^HTrqQ(xZ|iORUf!Cs;IpNl{Ni1* zCOf|eZ^_uiXeIwnj{Vv)slK;=%j*I&dwn{u7+UzrKWpx`yYQs&|EdVhPpIcJd zcvDh`W0s+S|0|oXo3i5HpOtmo+toX-E+I@P@@MkbcInyIue!cIzIBHF>Wj~pxVjlB z)fn2Q&HK14;eNx9+rd}%|6F(Jvh>Z;zJBqg#sQ~vEW7_~4Eo$uXjxFfxaCZ*eD%M5 zeA4Uc6g>Seh^22fnjya9!=38VjG3mU3s?_`vcBG+;p?t&SXs@~c+*Xf$Jg2~FRfEJ zaGT zd0r1cUrx_|`dCf1=%C$!*St@be%Caam$~rp%Y)rfYyr~Db?dv|dG}tq7I~#OQld&H zooT7}t@;6GWdh8Co)wVaAJ#X5DB@<^#zItMR?s1LK{ZOZ!x*vYNDF5#IWsh=;fK$gy zXQMwyz6eWq3vRg3mDK#lpsDWYOh>&SzSAo{TSOVk-#zPJALn}Y{QPC!pVfBn6MdMo zWYTks4@ob77{#2^C=pz{W`=%8;_spwAs^bhZ+_n$W%f7s;gytfziUgj6(*H| zH%>gB@4x>_i=EsqJJZWq?Q6DL|9EJhciiNl#ii+|rdILEtvcSyR(mq-nv2z}_wSef zY~F5JbB=XZN|Be@#(NxRr@F7$Wbwj8{?XcRrBia_oPRm|dAV!qtWRurUPNp!Y7*C(OWuy zhc8*JYPJ5W(W2E}{eEoo5eXMcZIGF{W3`StwDwy)0rpL~DxV$-FXN6f2c$AVVx zDSiH(W8fFNZ2s>c*56v9HAjLsRN7j`pQu_Q{P@+*RnzW%D!cGwxxhp2_y<7|^SRY| z>dJW1eD6+ct5dqaRxc8<;er_uE|243^on+C(bf$_xql3 z!0=_+-y{DVJx?9#n7S-a|E~DCg-iP4E?s`eKc(Wnfsl;Owtg^)JtbLHG@Xpv=@lL)S^HYzlOP2BP-eG4ycZ&b6m)}Y+ zW;SoRxNrXXQwfg0SaZ6%w~0yLOstvNzuR_p)9uY4<6j@Tb;)V=+0Nzr{ds+A^A3EO zdUWykerfBnKAv~yILe-=CBr|7>tw+ueVZl=UPwFdob{_0s8F})^amVi>Yl`-${jD^Xye?|@uUPtSoWi{W zMZsk+z9;1ON4bgV%l6hE5zEO;LCoxaP~XsGI49_t-SUMm&Dg*{9*Lqbx{8r+W4=*^7YTt>i<5u zG4LLE9BO>=(y>6JJT0G$HMb7tJDpY6%6Rv2p{I7j=klx9%MAXN-j#i^dWu(&QbY5v zq+*#}=?46V)_A~qXMl0*6_e%WpI!yRyuaG{ddA3Db z;@G12eRIxO9JuX!*?n=kerqw$59hP%O()D;HP0r-to5MEwr^!Qb_!-8X2(p@xu+;! zT{gjFd;h+DiuUhrdw4N?xO~+ztWSPPinPZp)_dpIDsNJ77dAGZx@PI>$nRgTN(3`c zRGmJxtw4I7ucf}MulN;(4zr0zcD}m5OUL(yldQgHcjRWX`D>>9aA=!bRkN^H-E+RL zW0}GOF>!yDsCP$?vc_%S;WO>-+|u9;{8v78?fiT-)8^ZG_j?zNTHIGIU$;_PKWdWL z>^!}#)vGI&t~@S~xlVqfu*I&5zls)O>j^s(^)jXEx)IZ09 zSJoL%2d6{dekrcihd#}0zw}e_-^P+{muiF#bbRdl!0h_#>Qa$lZ&9u?_KVuF>u2|K z8YCYp;`Ff$lycuvsh6~p{b#tQZTvyM`G_m5^|69b` z&*tpAXGLZIHqAIxuQ6|Cc~{x|r2F+@i+`9bS^rBd`r5L7j*@AdW{q`tno1YXzZX;mV5 zAoYq}8NZEB=DQOL%N~DrC!=9bGoD%P@99Cuhb;TihNx$m% zqg-{B0leRy{&AI*?zwooI8c20$ybLszkPi>|3T=slWUAGv29nJcH_mi*}D^so=T^y zCdSP2yzZWx^)2Y~+cl@97xTn;>8Y|l{{L@cp*x$nUHAu{Z*xB-<%Ty09X_4t=FVf- z$o=Jd)!~!B8KM=OS=aY2yLG|Q_P?n0-6g&IdN;Be1xLU5xrhDfr0hTI+tntX*?oOs z?utiup4ZuIJALERqTA_04AGNsI%+Jd&rmp_NnqqQ0z(&vN)|?b+;g8!iOTII2 zT)CwEs(SU3!2ZuGf7}xgx3}Hb4(d%RJyJRB@8cZ#BtJ~P_Cp}^!b$h%$cKK`bMSk4 zh5a;Bxw+JHw-4*Co!K2Rn>isdey8P=vbvi$SMzV;ci7(fNApg9XZHK#-F!OlLlWgy z&+p-g&#_y2`^uWgzJ1@Ho>=gux-eea-RjVUg!%tgr{-v1>bG|&zT0bkC3GjFZJAXq z!^srsrgZ*S;!jud*UY`4es_flqjOk-ZKm2jA(aL;KE1j{_qx_zU*20M9%ymfB2id= zwViRmt;o$irU#p98@^sHex<_wb^DS(o6gHxcpmMkO`mrC?J?WF!=)J;^z$z-w%L+0 zXXc7J{dd{#^#8~{?d)u9Tbw5zeq1ua%a13fYj;&^U-Yf$Gu9DFpVZ|1PjvrE-u38- z)`2xURouRwiZ^23eI)Vyj5~`a^~`t|qVH9GOL}E^Q~lvxx^^4n*ITMzyIvWmmRV?U zqx{tBgx8HPFJ*H*^5i*^{_EGF%nLVq|9Z{HfAiYR>afR-(>s)#BMw~6OI`G{QgUTu z@s#t@f9rz(-ZhELd1WEQBO!joY0^ixZ86ot(=J|m+N8HxeZo-@?^}O1_Diqd&3`^Z z-z8{~l);XB-Nsk8Fh5@>km}OT_Ir}p>_szb-yD4ya{qAQ$AgPJf(zolSnYVl)}d^7 zN^s(f+I!%M`tu>jFI+EEd-8M2ZJ|K_hqYNd&lO%ylCb#4yf<*S^{x*E*}oQ6)jqb2 z3OeD#y+>`E*{+X^R;brMdM>S2vDy6tq+Z?mD(EwNa+^Ci#b;4x-FpKS+)l!DnSMdAZ zjC>q%Iig1-U;9aK{o14dX3zcedr~X?f`HI*l zrMy4?{nNwt*~((W zsGjn&o%Ofcq?^wzHqW=+zx|Q3^QKJh+ughe?dPPQ=e+ar^^tpTTdzzEuDr|4s=)5$ z&-PNZTv%Il{oCbo8Wo_0PUJo}U~U@_L7#)2zNF%krvz?as`7=V+gH?GW$Bm6}JQL~ZP(b{QM(E4b^u{xY|w^F7;rc{=i2eRL99#h(VXOYQNvG*Rs8zl@JBo*hlv`|RNTt4&MQ zn@{dpv#~Ap$*tE{>gwjt*r+1X7ZLa9t!Bn;kv+AtF#(&@0#+GJJoBaEmfp?}C8bH; zFG9UL)RruqFSqr%hhI;-p7@uTg|mAu>bsPeC++4thI zPcL6S_qpDJ_}vzJ&dmI0XLZi(!Zmgk$rEy>#wVIT70UX?W|e5yJ0v5(<&%w zt;RgLoG$jm9m}fYL}vf8biQQM7XDjK?oD@Cnmj{zbjEAO4pr6M7vKD@RtnD1&CQy5 z`G!bd|0l=t*Y^2tUPfX`i^Phf@C>+Y7ZPozB-h{!yKGZoYq1 zvAJ11|F$yeb$a{)&RNH?@lzEc0Jlf{Zm?qTyuPgmJ)0I!B?(aXeJN<35 zWWl^L|H0fZH2$vsozEw7Yt@b2%Vj>RTF+~| z*T~2H)V_Z1-Lnqo_`0UMn<*`=FJSlAW8Dz^&)@&^-Ra+h{sn56Ef-#Xx${zt_s{&g zQ~mOHy^~$8%f!l6Yj0(bd*}|{V7QBY-s5(D-`WkABet|UJvebuIe6bXN!4pdj;UYK zu|IA7KJazNIfFfU=I^qd>(=q_nRxfhy)WM{oZc|+-~XG{zh7)y_xiwhcP1u90VdW< z3akeOd?y;HP87=ZT9&yqXhnqIpR3PR@)nz{yp(BUynf^TXwThox7I~^hRs`jwQN>o zq;K@`lPPaZKC1Ly{_*G)`q2*q9+=I8?jvLRkIDEKtd(Vg0jLRB6Rrg((ak*?uPx_R3sqcQz z_ISFn+h6}fTzJ%V-_k8xrZ5-UygmQj1=L0oRp=NN;pak2YfAD;aCa^|spLa+M%F}CN0roCOw z{q;I$^zw{1%rnXgca<*`ay;?lUgwh=-RV&m8K*U`Q0UvWw&bhzN7pp%Ngb^p zcfS3y|N7w*Uwf*zUrU%)lJ{tDp3};94*~Aq1>edIcX+vPjr=l+QQqmC-JHaYjV%*q z|9cmAhr3suGqFlY@ve1(TG#coqhcNo6Qzn{|Mh-2tvd5_?@Wz%-*>+#Z%?zG`N;54 zo%-K&w#ZxAp^0~{Hw3EI-fz|U`R7ZT&r$}a#_qdcZrHRWZJrxHgX`hml*6~K&M(f% zER#5Db-d<=yDLBc+>3kM64}MwV^al0Z(O!JwqEzo%>y%@?A(^B_;|foa_f(hrurJr zxN500w@V$GJXE^VFYK5bw_7;hz{_NsUPapR!2df^9;`B2oBw0ygt?!myPlW0y6x9a zMeeDgSKeRgmVWIi{#=&3Wzr164p-+2{n!P&H+OU2lhF8j#e7y|!F0oihhEN}8YsAZ z@*T(UuQOCv7r&S!TCEU!LX9KF>bQr)8S}I~x$kbwH~l8M`0m96dd?s3#PqG4eTb67Wuby^o(YR>&^O10id$nb`C6~s^6>DSvU)Ymv zcR$5FJ#$%{zSMCh@wJgQkyB@!4f@jJX@1T4uf^YqH|>P_1;6dy_`UqH@ub5d(IH2_ zc@>JZxV^1N?)VwNEpa?NUXAxj$K-vA`V*I~b2mxrNo6ps5s!WJCn)X6o)sVB)9mBV zMyX1#JoO+6wie*}v5&sYFAOBES6`bx5ezg%KI!Ohb~OBSVg7&H!~XwF_2=53{4QsI z^1G4!rso#-|L%SqQS`QNer?mX^v$sv%fEL1KNY_%l`XA1vHly&`IOzu_sl&0?~w#= z_s!q8{6E~>CTyu^cP#kr@yr>Y?YWQtd+7dQd;QVNbL-~h+aB)RKJR4J`;V?&dOCG} zwZAvd$(UdNbmsBfGuD1g-1qUle^JT3V{atqWt{#N^VH=3!|OkO&6iDcERH|7jpf$9 zgWdP-c5N}JUe^El0rUNZufHy>sgRsg-?#1fW}Eo5`X8Tyx74pp{P#Sp;s4tFk2m+f zoKdg%I9B%Gvu>Np{BPThx4(V1=|b&I1G!%&^DDP?PyeI;vFQ2pjM{{?dqbOf_I*jd zw{OzhTLSri40KQ5+UNfBmingjpkS>j4ne;cFG!iJl-{}SyKAz1!~Zwje_rIgyOsKR z-efPAl}wYmG+jAQ%`q<4+G#hkV!6LgeQKlp;bG>yI>XH(6F=VnJ7;h6Cn*tetp)a}KBZMWyA@2GuO+L~xz|Dki&pQo3+D;d({oD(-P@t{LbJ{P@05qZJMCuQ)(+g6xlV0$$mR>ug@wP`_0ME8GwhlB=TH0G z&8pk}zN|Ta%Jjg7bopoB*X&Rd_-gs$yXB@Duimsc>lFs(?^KJ{$@{Y`va`Nc{`T{` zEB7bu-z8NpQOII*q(z`_9^a+xRYoDff@O~)9S-XD@P9gIA)-B1MBLFyz~c;qs}|4h z*(=X}N&5KZQr_vbbDfXuZu@CfecrRjNv`U4ZX~Z`U^)NW&F1IMe_mpA`G&;9I}Pn8 zd_?Bo^?JVN`l|Gk>$iIN*DmgCm~wvodVg>4$%bcFELym1<-8BoW;K_Y68m{qAD{NL zTI&Rl$wa5jV>?P)0ul8Sswry1Z0;QSHm8qPv^3oIJuo--%~IR8LjCe9DHZ3QyjmP+Zu>U# zfq!s;a5+Qx9M-G)z56-XFXNAKDT6US=W1`zjr+>xxa^{ zPTLXmbJ~}lvqi}V+^T=CxpVRQcEjzv*Zr-TEGv4f_BTg)bfJG&yU`Bg!^O8Q9Iz`k z4=W5hdhxmP>or#OLB0#`=Q+GB6z)AL5aHW#Ms?F#w#yj|-&I`J^IV#{v46&WInN^k zOOy{XY@G3;Gs8eP_3hq2b^AVTJymnePDYqNaJuA#x3xxKV6OkkM1OPP&1vgArqyO! zivG-wU-;;Yz$#-`u+XYWnxvcOfG%;t-B-cRoa}Qvf4*-uf(_%ca@6s z*Wc_|{oZ!h`PfIFwsvI93z-tIZEstf_4|cCw;4_O`Q^U8Veu3Dn$BJOzQ1_4uR&Xg zT_j^w*@cR7Y4&oxv=x!hjMurxcAw7p^`-t;j{WJE@8aBQgO3CTEV|wI^qsTJt+}?_ zO%6EALP5P7*G*V1R|?Q^c%r+-KZy2*WXw#k&xSvL~R7M?FliVt=C8@s>#<0p>8 zFTab4F21woXu_(+Wzll4SFL}3;9e4&UKNLL=RL-ws#ZPIY$NglAHO`i?#8-Zwfdd> z$0fOcbhxmxI4UqM2w1q*AaM6)tKXm33a{#_in2>PVr$fMTUu>WiMejrqKi@nSFh^T zIA{pZZLPItDzR4PV3cNF$2IHnVd+&pZ){f_f4$+c47X6{(yfcVoLxgrpJg3xnwRRf zn6dhRH&Z}p-tw$i=f!D@7Ctj$UiUdp$WFb_Lv&`DvBKHc&dv8WoY=Em-+ldu2ffER zDh_Wb72Lmjk=C~Gz6WQg{m#x-J=SG$FrX!3)+6a7e}bguG6wtVy1o6ywzSjY+~Zj+ z8gBb9PddyT`U6*_%RTldD zg*30S$jX(gR!1HYSaj${$pqazY3Idphk`Ht)(u;9Gi%YaZ&^IE%_BCTT^q&!(cbJw6g*>drNLH zsdSly+`l^M?t*RWTnhH6SIt|v`f0*vrG?6=Dc2^wF57i(SLdST`_^VwvenLy=oPn9#r1_s%EpIA5B$f7*hG`11#swc74XO#y?v z9J31-O(h{&mRO*oQ1v}D(rm#-ewXvc#;=qVOb+dA{dD@|i4!N* zC@cPMkodL5!+mQiv-Izdhmtai0_-7fI@@zS9?n;KCUu}rm(k01+Fg)oZfkIfC8PFEP?x*?|si=Psk!Ox`>4Mf- zm%gr>+S7B!efrH0b6;kh`JHjAAWV~g?_0BH9{-h8MYo$LUtAkLciMrL=6P}E7bR71 zz3TlD2MtZG#+(n6Cn7*3+fgsx)Z5uB)*E&_G|FcvnI<+Xt!jh#+ey8k0$RF#QBufK zwpHa0k@B|Tu^W2c#wpFe-+ z+ikZQemrRAzqZwgTk*P~{T+_dDF}N}S&>%Ke|}5>YsX5QaXP_f4@m(aawgLRg*T;- zzqNU;DGyCaF;iGLF>jYX+mnxl&Pu1vK`JCAXU?8eA+i2;ulb(BaO;bw|CW5M?pRyy zY9>&`hcIa-Z+H8>GHJ#uGrnz4y1D7z*GMbIXz{&rg|D9)$uHO%w)>oERQ{ygnVs`~ zZBy%c9iTk(tFp*VwPWEty*?JoR_;nOTL* zz5J3hdA%8K&y2G%TyUaw=gz6Odd;RiO1`20vxCcSSM|cBCp)tCzTUz(fw#^`TJHbP z;5mQ3X3w!oKKio#)2y_2mY)>B71^hs^X30!O8eW)e%kHBYw|w($-QmBHw&=GRXXe%oF9&fxx!@9LIW6aJkE zy&e*6bK*FE$l}nH|J&x|&h)!&Uh(m^yJuPJmu(yV-0c5x@wx8j_nz0Z-`-og^`TDt z{+~+z_oD5-{}xmBj@DUurzbt;Q|-*JEYq%>pI#haX?pheEXywkp6}3qy(3Cp&F0It z{f_On9&^;>{@xNi!>Zx7<5|*%^QRtM(0Dx2f`Q9d)w=BM<9WNKR^FNO-$;FrGtW03 zBa5n;4^m_T0v6r&J9{tf-OYICn?g0;m)G#MvHg~i+1I0Q(i%~$?7pw2M=f@q)~p!` zckDV!69kSwRR}J02z0vnO-kzBp7v>TQ!BMJcojRc7x2Gsu@0M;ozG>zcb2dI;e_!*gN+=8bRtEz8^)ZyC;Q>Q5EV|Nof#i{8u4m2%4FwoDH@ zZx&Cx_@VTM#pWYcfjwE1i^`a%2?#vuzAw71{Nm%jbNd5AdWwoAL#?w`th}^P=hR2m zKz+X5!u|?AK2~$0*IZ1#7wLai_tl&4OQvk*USL+Z;OeG?)o$x|7VfmEXckOz`jk@e za7uosr@r#@+#Tz=b5fk0&s_GNug&C||15k?Tu%*FF2EWu*^eXpV6TcFC-3n zHXiBuasQF8)G4jASFT80e0qUH<&d14TTD-@(&oP*;F=~TxY_V}@9D(Gy0A4N3pI@s zR;@g`;%-J`XUb2r`BP7B4;AKryz|L{T2l{|Y1fWV^_ucZH{?!~|KDwIiu7J>EWG#B zb;XY6Y5jW+eq&RYI#8L(vfVy+oo3jgOCbrjBAa){=(d|rKB;dU$fU=voOgfC8%-^@ zm6rk%S1mji(rDE_&s)vBb3?med-c0r8&^n#u9Q2x*7Qo=)Si-i(mK6&N$F^HO_0b>%9%9+3aWX_O!37w>lWV z-@@Yg{<`+5llipOaxFeO{0Dyw72N^R^d#y6M`}YA%(T`%(6?bIsrP`%XDqf2wCY{I7ZX%ZdlDW%M@K z{Zj6|-?{Z}=hnZfbvp%*g(`JCo;!I@mhAEmR&3(S|CjDts30eKJkhpw@%H||{dT7o zzO6Lb*HTsaH9bH5M3+UdqPX+^V#6!Z$N$!UFxb8A*^c_GIrq%tpS^wP@$c1?=7jsJ z|Ln1KUUhUi$F8;)CA@{}-qrQl?$BP(W*C0FzjC4eOH@$Xxwz{ouH;Za1DEdnW(*)mz;+rg=*~ z-`Z3&+kf8E+d&+?7yj<+K5^!cH>ab57@xony#w3cY-c}a+oH7Kn)tR^My;w(UM$Qv z>6vhoUx;br2Z_FY3Whfid#lZFk@@n)n$ti1PrX{BfoR&BAp3(WnYTneX=d?GQ#*B| zwfN?BIb+VGMEQ4$@)Kv8J=2X&5qoyaV%}80GB4$4TIS8kfnDBbuRNLIe_eKN>$BU+ zCAXPe?lRxVv-J4uUXwQ+R2xi@Xttl)Q~PwS&9}4bi*n`*PGw4p)7H2BDmyQ4`=>Mi z|ME-Je^hbb%sH1Qe^tbd!w0nQKR(jG>%*RZ{d>Nh43pb!T>JROfsfzH`qF={Qmvfj z80Np`=={&;D<4H(T#=bm-E&+nW9hZzTaM4b3W;Nx`dAUUyI-Op3JPTn#K3sbKmE!nqK?<_r7_{ zq5U~%&+e($jMXdGe(tyYbKsG7)2HhBOa9*5`QLl%@1&>cTTXV}N}hRsM&y0f>!!U+ zx87Cy?pq~M^H*};Pygi~_WaYGXE))cb@6F;och#j{3W^2~r5}CKUM|7aU;J$?qg3Df^N(kQ1Z>;f+BPlr%_<%DNS$df z|8JOW9{=)~u-vn=#)q%euFCtzV*mEhm-BJYay0m6Yi0hqp*ZVx@05JK3qcN%ZfEcE zZh3R7HBf)5;oIX^|ElTlf39fsN9}#ws>lC!*-YDi(jz&V`?pS-miN*3qH4z^tDdL& z#da9fee-3L+JEGqjqbl=_p4n^zGc3)`1C8I|-FrTriad6B@18q(&$Mse zN>){|Dfu5|@-6dK--qAsQU=TBU3Px||Ci`;_s2Wxe(N3H{eF2~u-qx0ofg%eyOi(ZRW0hl4WjR`A|pDRdOlohg*AR21=D({`K+h z>)77e?L7YLTy&1ic&wy6&%o)3^Z$mn=CjXk8khy^v8g1_UvxCr+(6$(j6Re>vlQlYk{|`}fY0DrSw^s`Y>Qru0QDF=aV?@)so& zCd)0(W9rXeoc6Kfp_GK83A0zN?(XSXM=o7YH$0;o($jt~Pnz-My;av{8|1BDl-14E zQCM5kqy0FpCi2zumv4`mRVy!hdwb=oJ55|2vGU1py2RJlzYL9(l8l@GQ6h2wWX0LD zHz+(Pw&0L>ebZx?bmYFZ#)l;S)=t{!AKRE(ZX0S9dg^lIj4mP0Uco7$aptCq)#BHd zu>Vox4Rte~IUC=@#jZR(!qV(c(csP|w?tc+PUTjiriCk7AfBFd_PrU9=Dm+ z`<3qVwSS#-XSgXGmX>VvN9cZinLx&ajl%v#fBY`qU|(QlQvBxj{imw!n$sQE@A>D9?A9*$)aU-=Q@w@P-)m0CFBlZRD0a`hr78KF zp=;_CDXE?R5B^;wJ~Lk;T%+IhmDJAv|1CToo1MI&J~eXRV+HQCb`<8x0ghCzU*_h znUvM<*rxtDZax|vbsd#HUEb5Dy^%zcNWI^ z|90q{Su4i;>s1=xJJW^1qTb&_11{$rT)@y_`0U%Wt#NU)V@03z2TcZZDUOC&C`v|?Kh)$o|`)L=7krpvo2^i z%wYe`-rAqFb>hT+>ytSiY}WJB1s*ge*QEJxTf1T6Z@cE~?P|EDkC_%G0St@kYd z(}wR(WQT@3&gc`LCpLfc+roXn+Nbr$C0#trEA!j`c;(CU^AG<&m0j|;@O93={h`5* zpBJ7#@cR76YcrEg5l8BAVCnoS6Pl z_v_wNle^^_ua^d0&JB5#G)E)&vV)z?;bp8x)=m&|HIu&aEa()2xRlqYlo?w0Z#wku zpR%p`vvi%Qx^%8iJKM`QvzgAwXlvXg}2)Z;-(hu6kUBmQuobD;|1qz7&Tiy^i>taeib@*=5Oknh5OV_+desG zzT8Y#-emLfw`t2=v$i>Lhk`ck zO7dmh%3E#tbW_Oj#T9eSWTrQ}Oxo!rqO~QuHzYdi#7gaXf*i5iiVLrJS7e#RPjJgV zP_mo#veYw~%U5Sy*y+w8s5)t4wDZ=zjmvV(MMF21o@U*1{m6y#O65lf9*QpTaQ=Gl zr=pv<(#-XKxp@n>hB<#(#e7>;ywM{n`d#LX-+5Erc%p5m%=#9n|5W+RYsO7`lpg%L z(9N)7RhEHx*2DQZ%nrFZOBNP2Ha+Wk$idehVShzU>U+r3d$ZSE?R*);tHpGazr2p+ zNpz9Vi`Ta^ZiyXzz2RX2d&d#MVyTxsSIi@d`Zga~BL4j7mY+--dKVY1Uv+HKW64Hd z)%!()y(2S=tBrq|`5ROAGj^GaPCik2oa^Z(QiNEJ+ujq(Osy<7i&)<&hV(5Fq z`SMcMyNne|-^0a&=LEmgS-wtt{`BCKcgKS&w`LbVlZ?4&6<)P(#r@{fb0-Q%p9+rJ zyV~yYJcDoRY9-6=5i@Z3A>2fS}gUt_V&_yT9ZIp^wC;gRP^IvD`66v;5^ny`NZr@13;qy_xb%_WR4++zS}H+S1BIuh?d5{*au0ZKmll zQ>#VhZ;w7^)kyrk&D85vas!spbgl%(4;SvD>J z&FkAl9tk;e)jPfXSPi4fvO_=I*k8VqQpsL&xL56d(E^{gT^+wZtcfhO`7;0I@ps<@ z=Xt%hKDj6Mo1B&S%YO|?|q0Qg-7fc@pbp7s1pJk)BcdcP|$FKAIn zM{?zxApO|)y-y~D8`}Jx`-NvGXUYjHA*MqiGXmoHo!13zTlexugk;=$e-ouut8Q$p z?X|vZ^vvokpR!fMOo2FmzToO3swdAS@hsy>zVE|w{r9C=Ra%Z4gF1_XH}0^LE5A^^ zEZRimS@Qvldox1%Ur9~dTN0BR8*Ze3yvA(Tq~9AQGkwHVKWBZvaC85LoY;F-;vc?T zzM6jgE%$k;-wIQgU%7XAW^&CMX6?Jto@+|xPVrmy|M;;TbM7msnTu>{pMU1q;nyhz z5({STdd0eDQ;3^Rd&A{~?>`dHAF^}ZsNFp0&q>aCa&4dd?anoquiI=t_x8Db#vc~E z)B5M+$4j}b;%C_3c;CvV=Ia90`uMe3&ptfYvH9No{AI;|Sx>y-~|EkJHZ@LT627cYEqI6X_^v--M{&uPo$Mcn$fyj8j!V)U+%A)xZK z)poxmrt{VLmtHa-{ieL->iWh&cMhX3`~RCe7hZT%J!9HdFO%A{`ck!`Q>Q#XeXt@} z)?F?$>C4eLoA>|b{IAQj|1O)m%uhIJ!(U#jH;#|El-=v>=T|D*AM)Y3c-NeD%H>Vv z$}*=rA8p&spc)ly+iT6cqI+>g?sJJfLarPZ1u@3YP8=0G@UKqc``$Qly@LkNSqe5f z_1;TKsa`5rYos4!<95Q<;r>#ALrZ3N>lw3`oiW{#p}Tg=(q*4w)Ln`N4-^V&1O+B$ zrhG4xJ>?>ie&15YvGGMJ`@CIhJvVs-8O{9!iY?#X?Dbr(B3M@RZcg(AfupvM7ODOH z^2vuG`aMTuX2RroukL;gnZ8<6&GE|nBV`9Y6Rg_4A7WUy_H5?82*ViWzZFUj6Wdn( zij7!RqS5WZQMrNtrbIVK%UtFg+tvjhs&I6;a#U<_%%^vHJ`q7*R+@IpUX8VCoUmeP zKz4ZD4yCG{^SMv%iTQlXsHxh-;p{r;_j}eo;O*f0G>L1~r|+kp3-Wl+QtFjETvYb^ z;D#j!t}oc1I`=Az6U+S-bGg@XEO3br-h6=b?dz5@J8y;EwV~&~L4knJ^I6a;n7nVQ&d#B@* zE_>Ew&cE$tOdmDgeZQ}`WAD6UIrrwg%-MLs>UP8Cdt%&G8RwQpEM1y4yYtj3t}juV zAsYn_THjGWdsMmSN6(vcWlTk4X>I9Wd{Vyd`)^Sd&F2%pumb#TDO?brrmwb zjT$Bq&5N_klWzt#x^=Fw;kB~3|9obC#cB80&PQ@P7>pOJ+pr;hJLg;@$BHj9&-Gdb z)b8wHGR>@YNXS{hA0BmorRj?!TXdXyE==YA!pr{Y`BQVjM^!QlW^DRY`l93dn+WCu zYP!pAKi|Ie`co$Zk8HkLRko?@{yqtBHchYk`)7h%^5aR0p6N&C{r}W02 zNPd8d)lTMUf1lEIOWE{s#tQ=^-7HK`E0!+S1Xw-=lQa z<}OLI_Sb*=D8*b|ydux&-T8;I_Wh#o*G^iKBtN6?Qp3KImJ2RT4f+gi()s5n@TWA- zKXXjkOttmV#h^_KYL~TKDSTG3Y(DdcH^N(NXa79UX7@RM-jj{~daftdHhdGV+4k1u zTXuY1*EjvMX^%cv&q-Rh`BRaW-KC3ar&sO>{c~3SeBmYK?C35T$by@^tJ|JlSf2U! zV0pzm@%&E@=JMyp_@4^3dF)mB?4#MdlW|I*35w|=ai(HhE`OX{|HQ>Qpsr`V%^dgU zx4nm+`qllBp8ex@$czUmGFwVzelGryJ5yP6Zj!9~ zkID90&(BVl<>{aMw0Hj8sp~W}Zr(ezy#Bw!vziwEsRxU{ZFwQN`?rFxblUs{$8Oy4 zsnx2REp>QZZAkmBLboF^IbWlTIp6Dizc%|~{6=AgBc}2*R!^FLHK;oL^`G?tD=xgv zI3^@?IJlLW@y5jGGq-y5zC0JE<5{`nLQrge(wf_zDQQg~N)_7I1Wmhosis}BcZ;CT zwXn-I)ie4&#|b&|uUj!w%2QCFw6`P9kjr-3?pc@iFn0w`zkZ=)de=SUGNz9LdFc|x zL6UEz1&cQ(lA>A4f{c6$ZR+xV#O*oU5~71zbRVQU6MbhY&*9rurFqL4}VW0i{SX}uk@y;*F&#l<{!R5}^_&GqOCFWyKe z{#1j>dv#xH-Hp&cF3?n`^kRBFSIu0`mL(oyQL*dv_8d5CcI$R-r2bjcFc*(ozXP(x zIJ!;edqj9m3g04mc9yk|TjBg%b>j;m8&@^Ws^tyQmvZ{_Y@nm?^FZK+zWo*2ik!%yx! z(EfU5yGf#t>5|4@Qq0NE_o^%sY%*Tpt7Xh8E^gn$bo7O;uF2AB5zUZ{)1^};oL(@o zeb+gSi&xDq&)MW4y7+FO`_$WA)m{n@`WxbQmF2bw&Ue_huQ{l7olo;58>v5s1U-MQ zaoQ_4`5;fyyj#|nox)f1UYY&1LXYjiFVmVCf=B!0KAZ8*yU4-$-y+$VZPg{wYsPZx zejKR`3eTLgcu8+fg7|fi(_Ve z`eHQciQ~3)H-AKMUhnh}AK(~Gsyy$y((&ZDwIqm1H}*RIDXW8@vfys z>pmJiI$$TpY!YI=RPutuoXzhx2-H1ix;LZ!qW0G{Wl}rl)vV0oEk5U@+8ZKyhO=^3 z|1Q1axNo=SwxliiA;!&KcJ8jivh$}Ew@=<+*?zBb=j)iqahtk}nZH)A<}9=B#(WV;9lzZY|J)4^T-#WiP z&C+J$u319+_4dwQ(m2uL@!$LpuO!8TfA()-;_y+ut!$z?RWk8MdH#oQ4}zX|T@|$X zu9aUWzoR5ZmtnVz)Xiri;zSlKX^Jra?;3R(TVYszDv^iy>ni#*(W zJ$DIw3O?as*fZ0y0@Zz z<7)=5RjYg>Ki^%k?frr*VTUOPuHH2ME$z8axAoClv8cND4AZ=HS1Bd9@jSd%zpT0Z z-tGqLJ<}#RHCJ5>PR;W9eW^#%(`@yUvRNXZH>gQ|?|#T{{?xkWLC`C%S8sn`>Z$cC z$(a1#OFCj<;e3fhdg1p^ny=hszBrP-}T9b!j{@ z2j40hFoRYWzSKUaksN+Bbndx~b9Ey5lm+L!?5^)zxoe%d_WkIyo4RTf z*sRum(MvY`B(?JgTT=21{gjkTfh#vKl+CHwb72F^;`@ogVy#(i?y)*Aj{N#%T=Sk? zw&c$P&YCXyk5}ZM-IQMWR(j8mw~J46FTM8sAbZh|t*s|APCs3^^y}o~n)QDz=lw4g z=l@%oow&z3{Pe1Mg{d~*{+9K4V)VM_;zT+AaTh_5Y_9XS1hB^Cxf^eR=kIPobjId+q$>f17`= zygg<6tV>^huD>|tPqEdBA4~20=2~?>Kg0bei=KJ8(e51lCOY+jUQ-)~dG|1|vm z(5>?DGZjo%c5dUfF7{=K0>P%;fThM8BsiF65kCcR|3sVD_+g@hpa_HPv6@Tu6WAO~m z#QOVg4h&|qGtP)k)>r-_tI(Fpy`zxN`lGMo5z~gXHnwZxr(|rJpK~c`&EC0DnlcI# z#Ns>^3JMvfFRb*Naa3gItxGptZnyDX-5|l#l)`g2W>?eH75nCGTlUnp#>9$IJMyca zYvjYZs~vhX>tC-~9%8}9-S>WSIma7!_DR8v8vPCr!KmXbgP)*a*spCna0B}6%A%O%#b)-cdh;Z zH?eQ$HY=>@dtqw6?sPaO+j`--v;8s!%@)VD8S2<5uGIA2s?8_Anloe(FU*-Pa`XdI+&Hi%_?dq%aJ*~a^ zX#AhVb@>zita{xne_r+D_QSWilD~!A{i)D@m-k)kcq_t#FJ z|L1r2pTFYL1@kJ~_W!snJZIOYd#1M;M6@+8&c6Bof_TM(IL1Q${O$aK0rOWUsiwBY z%2<7K2(>J~ro}VzCse}KcqvG)s%Z#*M z^M7nTFTX^l>}kI~UN{SLxfk@2r2^8`Y+^SpM3H z%GRH9-%3BrJ$YmK&F>ulf8J2cD)Bm1CijT@|3_|_JL?#fc=i@{EmWOXH~HkDBLa8# z20L*6j+Qp>S$=xbjC0pDk4Ypq&n@}F^XSVD4p)|zms{q4wNu;Yv~1By-TP}krg|P> z%{1P7=C_A}kN&@vqKg9-u3fS0;k#y;h%WD=J{;BCMZc>AX&8BzwL0rf(JE<^`nK)e zG0+TCndRM3$KEI_gGKi%8-C?x9Wl`H#SXixD}-7 zbNGzO#;@1pG(%o&yITBUUDV3`9hSMD4xiPypL8VXk#EE_b$=%hvu|vZ^G`4J=**kl zx@O?KD0n}z-C9R6qDT6f0WlhIZYeYGxwHEXx& z+SfT2&mT>_QmQ&7OGSA{LxJ;)peZx9dwPACAnu=aqw)hAV@SwMBmZ6JtELE^pAfuq zKC4^xL_Tlt(`(psl)O$nPPy=l@2za?m)(aezx|4izPW4F$Bjx}7d@h_6Mr4+Sh47S zo&c|wq5R|Plm7D>)P>5JSS_xc7asfS!wDZH_xY#S|IxUsBU!O%Vyb&$^y^*Ab_b}n z$RuwP=FVY{|Z(u9t5CAgThmL~i+ICe4DQs+;i`e9oJ zF`eytcLP#v3Z@(`x!A~FFA$M*!mT%`i`ZQG`M|)3ohG(wrZpkDDb~*hwwHBuosatGHSg!Z`J?yf6v6cO1sDuBp*^>QRncZb> zluf9;eSNo?x600$cb6#1Pn_Dy&%Wb9FQeC%WmVsp<){(|*qR$rgv2XbPrR&%}A?Dqi zTa}`7GxDcYZJXkt!8KVp@!GBaoWC>PTDR8a^+s`W z7ziFRKYZ!X9;Tcy<$IE9PuR7%!;UUpY!n=7=JY~}Blzb;OY^BU-jyyZ0+t@ReQC;l zPt_HhRGjtnqS6|lM9T%ZmhJo)(>=k%<>Srj7kws|t@P{eor=i5 zxog(PjYdlXb_6T5th+0*vt|2?6_<7tx+PVtXIXK7Rr|-&J-(AwTXNX6J9IV(9l6kL z*b%3$pdfcGLN7bydZf`JA(1Hz+Zfdo88ucO*tA?Od8XFc>eHY(Kc>`4k!;#`qeW*3 zo$W2HFz*K!(G#+y!s$hPX%69^K5cg=y^svOby)Ud#APf&(6nhmiwiM>c>PU zW_7I$-9OKw@MYyy)oz`yLQKJvgIC*&O7(j$+QafRX;ID0w-fW;-2Qq&yt3lE5pS+{ zjobgwlf}jDlF8dPtX`V-YFp=iy(`x?r>=XubJw3Qb5l1=N}nUO?0XDLz=qcj&I^6- zS1Jok655_~?b*Q|g$I(;4|(5Bdf1S{+mmy*Pj3UPjHA z_tSbsCb~~P6)Un=?nI@L=_~Gz*Sma|Y6r(WnO%~6KTWy%yLrIYRjRqSH1Am+W7W0F z440j`V_xOtBWoDTR1ob%}HY17P(EU(E@r=>&oJ#|WUn13c)RcDWwz$5R- zFK4TcW}GSCaD7R1(3FK&H$99qb z=82hE4?n!$nsm{-a*LkzhbKpwv)-n@K6U)KS74Hd)HG$e80}3PIBp((c`QlfSYlLj zOY{Z&5To;h8$`0#?I9}hS) z{HXuteeX<~!wi`xOY5yU9bPYPFMgJGqHXze5m|;(-VptxyY)}ZYkNocz{&P6rrn}~!+LKe7`~HWpGpvoToAAuZD=E~t-9DZ1fAOBL(`2fR=1aW) zD|7rb!(AP{~x++|401a&zqNbgzZxD@-Z;c*w;PjZt3SwF-wHs zR5#Ywy~>Eryt;FW0gs&z{8iQJ1^RDJ6U&0bfO@I1dN zedISQhxMID6@f2zs&3tUC177D7uz%0qjS%05-fhWON+}VcBx@$!D1)<-nA2?-M2Mb z2p@PUC@QupTI;&a`ZG30y|t@9zVQ|+dcemhlDuNotYXcdbu9lY%2?lgHLM9{(E1`O z{V%5`PSZOo*y%b~wb1Piwy76*V>c!3-*zB#l4Wj+hvs6=-h{mpC*E35e14(TvU8`z zFur1V@6M$&s_G7zqdE->Wto9DU3Ydc6REiOuw`~H_V&s z0msBM-vvr9S0}DXSorKqsA$qn;W(RrhI<4Tc(h-f^Oj-BwCHVKZ96v#+WfR?T^Nvj zD^gXCXU0sGNz)Hs$kvYzx3dfDyOlG=Y2on?Jm1cp)--Ro{A(!rDJDT_PT=YahTp&Y znk3guxy_R__p#lvDAwh+v~JCrq6|yN2a~D`4{wX=d2pa)LN;r0UBu6OTK_p%)^#@r z?@WDtt3oKx0W^5t=2HEl|L3o}46!xO_4gn4e*SmmS+6%;Q=k8PHru9H?#5?{{=2(f zuD|uX5 zz3ZtT2a;=2`5Wd3*Z*dz|73o?@Kvq)zk(SB7Cq@Zx`X%skgNZD^tr^D?31s(&%9sq z`sn));{Edbh(w~=?r7YP^m`ahJnJ-zz>FYR+}jBo4s-p$J{33`|Fh)?&y>nGuF`P43%R!r9O z`@f5sf58fSk7T{Kz7-wkiVudw#_oTeyz{t7i>Lj%&Feos7C$G%X!4u?(vF7OoI}?< z^F6YTXNoVco*tRxl%QpDF5vk2%5T2xg(6pE@{Y|Y{yo(JC&mEY(zTlbE0)tBd)1wV{t*O(ilt1^+ zXGu}evE|dh^_+fd{n~8W^0t@nzAJ4o~c}lHrwRxSr#+Cck_u=a_KyGQg)((&8^crPX{`9y5_!>dAeoa zF&#|@rW@zKJ?1;6^4P6u#dW{))yj|D>Na=o+A_i2E11_!)Ip>?p1&-g#qrh$ZbkFI z=~b>v=LGrtp0!$i_;PQp7V~cD)tbI8oo<`|91$yDEVgWk-G_a%H5Ocn-jE`*AYj%R zi798a5-#6Xu{!pkp+euv*p$0PKbr5*l{@J(d(`Kv`sK_#AK`H&lr6B$fBExEnk-eX zblCzY8VMi0`*ZJE!-m<&sfB$rDX55=R`NWs9 zZF~IQ{IxA9`=VFPyFn+7MX65xZ~D^06>An$x!ds^F<(|Ayi7f~h^=9!M%--CXaz>s ztTUz0OpeZ+C$)LSM4y<=moL9poAT!OM~%2@{=3s%dRJ9d%RbwZ`S{qxe8CuI@q(C- zf_=xH?UPn?d(qW9@4E`?u1g2L<=))y8m~5&sng=6^e3Un3swfN_X_N?X(|tzWvEtb z@q70R3-#8R)9Twpf)=uLJb1JHVK0+0lVZ93-1oaX7dcJUeRSCBN@#4VLomycy*JKV zavq=gHh&vKlh@R8eeS1gcdwZCP0;Cp-}T+LF*}~9s+?TC;ePYsw56*Tb64*&bzPa> zE#+{aIIwE{$({R;`z@GoQDfUI!z>1+o>&=WCXw(N&w37*e6jXul=~D7t)KckN}a z)=NDrop|b{c04&Cp8il^QRNAs$3=H0YpDb#%dIY?o9sl(N`Vqd(Dn4bRq zz9V&6YpdWgwN204qd)J`GMv5i>(wRFuV>cH`FFE&Qbo@O@2ZGfu(bg9d-v|2J#V7T z%!1&!-->q*$7ROORd`i?>Hby6_Zbz1hrfl%Mt3QghKbF46L!YydswCWhX;H4790uK zy0BkObc*zo7n{zw^DFcJ{dwQ`&y)DimwryJdH->8js9ol>b}o+_gnX=UO)Bmrg}!T z+3nV%sQEwE|4EHrrlsHZ_olGTGF*KL5KgGU(4`6`u?NM^_LC*J006?_2;a3<)?dZ^3(HfpG{r( zdsCv#mrT3QIpX?1;~zaecmCq915w8U*g1@TTnYCjBn>_`#){zlKcV33Jg}ndq|7 zll6=Vm#Gw6#)J#+RKmE_*4}$eY)aF>-X2Kzt`@sfAV$T`)J1#b0!|&zj3bS zGv2o+miKjiVEJSwKEdRbYsmk(QOxQ;y9AotERAOSzgf5>@yT^jZetCdGg9*|%v!7T zd!vn>{E8!&0*+<32`KF=;Qw-W(dNT_%mGJIg1;0nDSz7@+`_ZhTFa#5$@ipXMgE+> zCMv5|g(^me_s01*J>%IcpB?u?V=tri7m@vOmY+`UQEF;wHxJy9vxRAGWBSR=Z_T?O`*is?n0@>HZuah`o~4%yxBQP=C-v{l z)yU0rKToTM#6yOf~Oo*@ZQ~jn6j6&k;S+)RD06_MN** zR-bHyw(HGxt4_btra9yHqx`j3!nPY(YjoV)JjZ#5N;+n(>|(o2o+X%`JZ)uB zyKb)BZ_^(6s|IWOf6eijW;f$Ty?OcmNbZPPGN&v-$0*7E0@?eb#xw|xAy z^kM0pujLaW12e+(4u6>V`S{I!v#;+=*>i5Gq4=CN(J`y8^W}RpI3^xhX48-@{4GS` z-TkWDJb!lbrk&?ZGHd>pzqzS1YTB_{z1Lh}>YLX*HhF%l`o+#PmvG}6mc9iimM+eVbb>R&bx|?A?3)>%@+3e)6bP?`}(UIM0=xbESY%!kYG3PAOTQ@!6wvBoJ;SvAJ&5Jztenit6%8dU3C50nU}8|b+t9-{0q+H6__G!$$kv`z7xlXMef(?#QJjhc7*ORy)zV&9?OQE!A1;OXpm(T`}$M z^R0V#KK~uYUwOw)P2HqUb>;k*1~G4zeBUf*bvw#%3-5j5o!6{Fd%B*z7OSeV&ajI$ zee#>LuS<2)X3^6ks{h3FB0D|?bMM_g=l6>X`g$^{{|*K`3Z8!H=flc%ci%0&TqHO5 z=-Hpg*LbvDx8i4A?NPfy{O?Tv9d@^@mOHNrlnT01`r^#pg4a@Kd9UBuwz1l2@0I

%Dh&B`vu2Rm!r2@!|IMmkpzA=Py;NE7ZQOf4At}=T|X(oR9ah6xbRK=6u_!%npTAIDl2r7Rli&aURk-kYxDn1|lTwF6)y01!2v)eJ{iR)sX za#Q=Mi~cWM^szb1?#~mWZPI2AjxP>XObUNGNl@JJLdM5)zDnO$tE~}LvuX}qvfguE z0>1|9!q4KuizB^WT}lagJVV|tB~$OUUW8@Z879*YGioY*t{mBB$P)U^yfUj&_^bR2i~OB!Z;MWO~Uz(+=NRw|92*-o0P$m8toqwYLavePZ|M zD))}#v&H=$cBU+8PqMgu=IiXg_B!YJ)N&fTZXBstwC?rAs?YAy`7h>c>|4M6dZqcx zHwsSA^<8T3*RD8pM?9loOWT?cWwUzMM&y;;+nHTg7N8;6{Wwxe{^`GJ-v0EbuQc># z+C2-ZR=>;KspD#pIB}zjZmiP{k@Ih#@NaHz;_U56^89n+z9z%N&Xjet{6GIp)4RE= z{o3^zzdd7Q{4R*Zz3`7;c;vWiqTOx3`&+|i?G_iZZ(Tg=-sS-3uoU*`c7}y7FZ=EK zeY!DnGbb0H>Z5M&j^6Ug6+6=vXPxn|(yMQJ8Du?|`8NaG)y5k?F6LjGy(V%q=PYTr zD~lqMrn?mNo8Jyrcz-|d`}_MM2U}eA9`377et#y|Jj8(8G}5K!R?o(xhrX_x_mAaa zPSZ2D4NvYZJyKuT;<%0}>3y0p| zPdlq-5##!3lgpxaFOOIp%HjIgVQOR8Jar-4xwsu}+nHyW&JK85s}sMk#h^7cYu$cP z?hgO+PFL@BZM@pFcK7pl9l~7-PS0I88t93A-LRxWO0sMJg^Gu}Hs47CyD; z2%&4eA781i^S}6FpW`ZxL;59O{wwUAaCEVcDTBb8s)qg17wXp~y+Gp@5rAAa-{6{-BwF)Z&~aWKASp3B`d ztp8_%D1VCXg1tNI@87sw{ar#x#_P$Uh$|Zd<91&ZXsFBz+8m-hzq&?ol18ac*7a@= z`y*0y@objd`iXyj2)&KHTYh`GQpbf4tva2dn^X2}mkKvnHDxNx%yUUHR}Pn#Wms@e zzvKT%=*N<8UtVz9E7%xL?kP|{c5U?yw%YCYo_*Xpb$iV(pXo?f16J%}?6A zCF*T@VPPS|mMvR;n9jK9(Q{9b!w__5=k8gdUcfZK~*HIqh zweRA^pw})xOy~0a=Gz^7 z|t)J2(FJ zJOsTzT5!T4A>)(2U&=+CDw52&-(`?eX}8)2Bm|*C{^#*}P|q+si+X-!K;Kf1Q`BeB-0mt+%s2?yu*W zJ3Z^?W%<>X_ZB#pUwc$j)Y)bdD$}XGS@TcTv%5P5)kI%&++S@pZOassP1o(u-3ryZ zQ?oi`&yLo+w>E}NJ6ycKzVpwDfA+VvD;{R=UdiNf<7oE($Ri&#bJ&uKBFhZgMVr4# zh+bWO!SqGOR;Cpfo}^8hJoo&q7+$ZV5gUIt$!^|uW9FOaImf^4msh-bec|#SU%hk| z*Irp{mQH z?5~%+`z3=b$Eh13Mw>2sMj4!Hsx_PCpK1AXdiR!6YX;VZuTs~Xitt@k_2tTz<)z0T z=d!$bee_z)O{0%+6;y2IwBV2a+{0zHv zUTk$=X>_Y#!l`TNpCmquG1*UTci+hLr8F^f#gmM!oU@sOw%a(zovE0{J>lEK_6WxN z(~k3Go|Ze#wJ-PdzYfuwxbi=j?UiSoG?a$Z#*zwNCC`_?MAlO@|E{WrGr0mo5(kc7@N}KKb!FB!_+b5HUwi5S#8J^$2 z?C`5!msFW|d9#%)7oTWs@z7j!&Ds}R*1p)%UXlLSd(WrEGVj-)-!lEut6rPgwl;Gu zW}W-o{^O?i{spflz19}vx#cXerTs?r$=#e0{x^H4PBANSj?ikI9n|@ujA`xpzMsuP zUaxN#@YMY)GkOS4FLV(H*mI*}5-IYX#bG?Q7Be zZTBW(m3PJUr8=_aYfa``d2K#;WY=*nkD}md-%ekhGUdu;vlK_`Yuu$WdoOgnT+ExbCHBXz<%k|OyZLz6>oV5E6Kie$pXSnW zk4t!e%5kqeW5A^Ui>CdtuD}0Q(_%}F+a%9ttD;Wv|L?3nanIsiO49k8%zs|&{%ydZ zarwp%{??p`nLcZbB&yb3%rdzY5$yQV!am>Yrf-N`?jc8wmHjCT<-!+bFqQvf`sUwf zIk~ngBglN6vbCS*g`5|;`A;$;S(o{7Ppx0$zE`(4LUu#Vg?h&Y9crbI-8MZ|;#ede z?QQz>Y1OS;uQk{H60*K_Z1;b~!~RWTsUOZRH?G;XuS2wT&GtXD4nLo5QKZzk{F=JY z$?q3S-(~zi>aD@Kvwza`MM?K^UhG=5{8NGIGCyJW{%eb?Y-%$e?O5Hp_^!Kef6*SRM`{X$9-6a3leaCO#NL;pWSCiCYUUsf4Hziv_t|v+z|NiQ8L~X2Gt=Sp*(BQzw zd%QyhC;Pe;n3g{NS!C0D_4?C`>BqCyJkDtS%oHm)&*$3S+$(c3XYb1Wvctxv|7zXZ z&RyU8E#DV}xlGt&)wgYO)v*|(3AfxCuFCeGPFCBJ>Yx18JNjGg8oTw@KN9atIpkKl z$*?oMoOAB-rw=CA99CKX)8LPnXIB$mEq_XRLekgLyB}-npZ?zUxNwaVhhk0EEnXw_ zKbkW(xMt@3e*S(EbAs;i3vb@fut|ORf=(6nfh=8XyOY-a8cYk$~vx+%8z%9V2Fg-h~odEMJ9crG=aU9d1;F8aFaLWVbO zSyJo$Jzp@Yw6v_ZsNP|9ZvKLEUw40Lv*X^iDosWs;Hg;P2B*^W6H_a@gEVi(pb^S0gQS`?m>bbR~gNUQpqWV7FU zY;5|rihs_0&M(-tBE-!0r^?UMQ+m=*I%LT=2AA9D_e)-!X4`v}KlkSMjlUMY1I4&S zZe!UMQ2aXm;0GuHhW{ygTGN$$Lp-c-dc-9Gd@kL z`>|L_$o+TMpIWx^+b#cm%on7D9=q~|qnJz4&iek}4WixquGrfznj1HL&Z@H+2Y3V~ zySB|vN%2TxTm6hVBJ;T?-p7T!p#f4y-7qzOq=a%c#pJ2Q|5~znXRw*p^}p_0ew#z%{Z)bWk;f-nb9uyC{JZw#bHv{OIh_u7 z;pt~~$@&LwP^$X#TdF_#t8?X#xrXte?`pe4~)do!ZkK=l`ks z*DCk_;GDz6;`951`x-m_{+So2+4fz1o_muY9Ao=xSpr~Hz-*W3d7P!{6Z%fey^m&o zDP!G`^tJZx$3J_nJ}*r-Ld2L)?-eEu^F^KC%MIpnsaYKSxnk9|0~Wvc{&ef=^2o1G zi;%kMukr8%lyZ3I&f|HCoUa2du@83~4OV-5c-sQff zN0}O4#g&&A-paHNZhn}5Zhy`+vo~?PYq&RmA2XL z*H@UlbYbW#X7e%M`}^j!YiiGzyy`4maYyFit|-5t@`eBVyTxv?$7N&}UNd$TD(t>f zQ;=?~?l1lOf5tJRg2al;PNzi~L^Pdhh?`);~Jc%1nKU zVbaCO-kK6Ag^7QrcE=ulf7<(&_-dmy8)p|E~HRxaE@S zuGwi>UfwHrTV+VSk(MoK{9dIg)ff1x;J~30v$gSWWmYX&+`0I@%+i&YovvyM&swj> zbMvD68jVLYMVaewUfBPaZR%p)wUYC^E*h^a|7SA4;M=F*r*@tfx%jcGSzFr0e)N!>+N^H8|EBBp+yuTG>!at2=LC8kiq%V4 z({^~u+=6qx1{>zB+yC{@B83fGi*N39iwVy(zaH?ZeV5|onbFp4Sq;lekAKenGUt8r z*V@X8bB`lzpZ)&pr!cks{n?gnZ`h3&>HfawbHnYv{Pe$$eayj14d-6k1LzF)VgdmEw0q!HliYqE36@|6C4|2H;W z_&HH$Pq_1~u8=Fjd%6AUxwsvA+FBG(f4fvI93$Mg?X##%&Hjs(j7ILhWlz5YqN@d*IQ%^i`SX;26WINKes;|7kNlcd3KJ&RC1%X4X#E=*D)Z~C z9iMFe(yu@4%H;2}dl%jKX2S1$> zCVlhAS3#j}zF+Fg!alXWjN46rbvF(e!HK)&YFEW?!D5al$lFO=<|&&c9N;fezs>r^bE(uM6p*p z)3p3w{jSd4mA*T`vvTJ=Gj;>@Sv~vjdrh-q`ONv8^{L03@UJqzlU0}bIS4u)Iy_tB zg2u+VhJoo)OW7)-%GEaZ%6)bQ75bhZOv3tqR_%9AnA(0Go)HfE+;E!@%LvHj5_(3E zF!%g%w!pf6Y3l7yjr*%!>{+q+&)4`3;n7F$y^n4FUo&+POTC*#W#UK6oNBxF-2Yd+ z-hK@7^5zSyUfET9KK$doU(+j|x?5JPuD{4|^^-}+!h*L=ePP;1*4;Y!{eP--W^m2q zk{hc`bAqQ8KbZS{MeP5-hR>cC&%GIN*lg{z+`sja{reA0o4$IP+J%q1a*tOsN2xq~ z?CZCS$C1-vz3l7dZeNaTU)*kOFkfSF-pMkfW3z-mw9UI@WP4X5;Ax)J)4zOcmSxpd zZ@On`b7D@$CG$Kb>vi_FH|{o;E^$>?wz~D#MsV{~7hR@x77sSBjMylC=G}bJi_i8L zU%KtP`1PcDhebnYSjn8@-u^RcH8r&vnq^pFdkN z_vZ67m*{WJGdJ|sS?K+qC&RwXMPcsc$~)82!5y+q&zWAzSQjKs-DP|iR5=(LPWm9+ z%pxo{+4Exe#+JV?r2qVx(zsVN`3$?bhf>nXJD+Ne%yXT;e>;EUZd}?&!p~29pLZxTpVKe-aGwv~pZm^JuG#oK zt1^EdxatJss*IzT_-3up>`C9n!R5G9W9FWG7ojgvhF{IsUYWmj!bDrIo%b&U*DMg~ zc5cin6>L>L8@`-DCilhaIp6oUsyzwZp*Ho!L0e1qHqlP5{nl$b`b$b~a_+I*Xd}w< zmowne^8MR?JB6O{a~)X>>L&Yj^(TMzuBx8sd^k<5pE3|7l$hrnAqoJ)$|ICP1wv}RuB3hIW~sB+prZ0p)` zBc_xGwidwDvS1b0x`>x5AJVQ!PIdCUC2apRUiAJ$>;H*Mwr$}`b`%UY+C0z6^V#-& zr_TlZZ$2M#@SS<_i9dnortm0RIZWN#*!zF`v`>??dR|X%-=8?KD}rH_!M1M`0C*Nb&FaKeFHA04K(PjC?1)*O!G>uhHwH`>F zlYG~HQ|q6lhwEiF*WR*!&~B9UMbUBZitY8w-hQaOY;#jw^4-yUwVwmrv>$9L_G2$C z6J+J*+q;4Jz^!*OO{sN1=E_a_EatNKKvBA1`=YNeo%P=^{93amp0PvW5BJ~mx&cDG z5e%*sM%nVG)iWb(w_Y?0VBKdBz-+VDdS3qG=QZ-H-=98QEO-2s;r;jJOe<|_^3}Ga z+RqToz4;v)$oxezGlUpR{GM0B0(l-6IFLhMos+$+1R4&SHz{`ejEzFUMRWLlY!9<- z|FSB9_h+>6-2VPO$LH($K0VdY;d9MqAxp4fsQk^ldlV9$~xV7hFPpRAvJt3NwwKABg&NAR5ND%HO$t6hyG-|59Md~Pj1 zxBbY9clXY0@VGnwOZbF6m(CtlIS?Oh!M>owdFz7zI}J=f{=HvVa%=kC7#}8C-5I}5 zJ8vymzy_-3?z#2<1dY-hSE-O%ef-ac`kc+>lng$Z6P zmn`QV&#hFuGS|UMuUc=yxsA-~VW6bw4Ni*6prpupxA6I$+)mGp^KUcPtp2F{yg6p- z_2(aomqvZIxIKko>y$9*tTl&xIf0KCrF=emEUgfZkA8~^iL#RdS?;W-J=gV!>UiWUx{H1 zSnT=b?1cz3XIo!}iJU9;+8ABhQ+Y0TL+mb}>Br|M9WA=}Q=@KT`SB^dUET_wj22QW zGYclG?hEwyZD!_3biK5|%0RuZC6()dWAa+L==rCMYRz6{f3awoa7E=xdEY!QA-RHg zs=CWdXS9bhTAy8>HK*L;ScZp0h}^tuvi;i&g=*wh%bz-&EO-2s<$Q25`;(xyCG|d} zz&vF3>*0i7<`F{URnE_weC;8 zmBYzr?ncY)R^GJVF4ypJ?)Md6z4EsPsyqqU!DSKTxAXRO^Ur7acoUXBdb<4Q!PQSC z)|K3Q`|`%+lcu*zUi=nsvbtC~Df9P^n~zUEu6`SK=4*T9V+T_)1(T%>JxBHOcTIl7 zoLZ&Gswr4-x$o}T{r3)vOLI>;8MTUG*Tv~m11b+btJ%9={C2CC*S{MbvH|PPDc`)k zSfup!i=v$$HqKrDAYm&jhpMUh)z_ubE4!Q-3pP$Vyj-WG*U0Eq$2#-NCCmz)Ef)Is zPui+C_VB1aIIu|f*$2tfbKkFc-8JvJkX*Zs@Mk|#3C zA}{O@_xUR7F!9K(Q0IKX0JU^W{aIFDr|gUN{M`Fbf9Z9%&D&ZIvso`tdA;z-!oy0H zQRO!G+@7cNuRR~j6LZQc&)?COf5|6?s@Pjq*WWhkA5XP6SaPpgZuR-o%rCa?&N=Es6LWSZ-sRfAo6k@y!uy}lL39+9lL>?tPl=Kc?uobyCH=mgnW4EHzbLF7>X)?_IG>jp6;@oZC0EpZNQ3 zMKs5X8$TA$|Md6k#vZfoyFZfm{@(izJa8Htx9#euZuR;zirOjvUX=eS`Fp@~<My zyDs{#DBIIjw)^$+-vQyus_R1&)LOnAFQ53f>e9D&BDvjLYmw*u zT~ps2JuJQ@e$A8ZsZ}|7;xa33KJ0l{v8#9Sw*G^6t}wwoiVwU_^u(@WJpZ)5XiUEKX??aw#vdZ+9@4K$^(V{?ka)_#Un)^gL? zjTh=xORcuQwF%TIynFEb?`sTMrwy3%o(cTuz6SBj+qo%ynIL zy?qCZf{X9H?b|0`_@G!?`rM%0TKynjtc3HYRWY01eSNpVU-0B>jakKVht<{2gs)3{ zy)E%I+tE85SG+HuI5A_%RWRB0xZB-;5)nH&gVB?ZX)zTuz0}i@N0Um%a2w^x7M;=iZlo ztc_Rut$p&{^F9Wrq)!!}qB&o@eq~X5?~Tu%bDXMCbI-iGqw~mJi{JnCIhAb}lj}OJ zK7VS+Iq%pjL;3gR3L8!xexBwO{jFK@;%GI5luJ>Ph6EI=RN6l-heMXz(;`P7nQ*e4x)|Pp~@AJm%n#MOc zJ#U^WmkT=`tByST`jGYV(|$%hfIt^tge{cvqG(fLuRwGN9`NVDsOGhDvOzw|N7i}{3DcZO6p!|O%L9X z)8cuq6-AeiP@Pl90i$ToU(?q9>vQt);JCP&OXEYi1jJOxl<`MPRUDJqM@-VPH5U7% ze=V0Vp0s!Aq@=ZyyZ18-B5PJWrr=z~W$1fT%Iik`p`K(ulY9F+pBU7;n@E~{$=~nz zRP_4u&?j#-luYl)8}=@`?iAZ9=e>NM`R{F?*0x`5`C+Yw96AC?ER#OWHkupZ_qQ|X zZK0HOiG-fz{7_wgXVKXwR=siR+7#j}p1J-(>-x9LvU>dQ{nXaIJ#BaN($-tw??2qz z6}9SI6ocrjJ3gPT+k>X0V?MjK{oQHv*J{J#&@H!3--VZbW7v8BE<3oeez)iJ;s{=u z6ScEy8FHR1-IRW^vmo}6*U|3i8*61#tzRA~dL{8*W~JNp1&gn8X(W4kdn#AgDrSct z6Iv$mrSmvw3O(7)s^s^dGj$s$JrYin;S#O%@0s-G_146^9Eb9EGUDsY9y81k_S#Y< zskz$7BhDiBQi!9*J^{xgYya8*&bxRsvHX~|EbGb>bvpg0*|j#BObJ?b$M0fS;?z(` z#6Ux4hM3AjbJ090ix2weH@{!}(AhBR+^Y?9t}YCI%H#jT*QtNy4Dq@h({CxR-jZ-Z z?$83;BaQC!p5Fggsl2gx@3vE(TF(zmbSm06&tl`zbyqfhkFR&z__{nh*L8WW>vG#8 z?%>MN>wW91>@wl0sa3l;RZD{vSAKS{TfOrYua{KJyghe)Z?{%y>CIWF_}6e-+UjMF z@3&N{NjzG81`omT7YHG3)p`dy>l=2lrtPW;E`h2jqhKcTv~^rf%v z&pB!LwAr=h`%9&wM^jn&zgXhEC%Q|wb4joH z0&USZ|K8@w>NKi(j5!8ZzhgvbFytdQaZ=jDOI4!M+_- zDCTUP`B#1Il|A9^hlC|HQlAAw;|r1lFZcW@d7C@kFX-1k(Hkd>_1`JkCkAZdPso!v zCBbWXdhgZU>)B&p%B2hC{Pc_acT&&HPNLgLhbPrXN_u`>YxsXvc816Q;sfu!S$fsa zOX4T1t4b9AhjSl4e*5@p$+z;+|E7t0q&)wx<@7l1gx^)= z+c&=YiB|iv-LuY3DgMLKesK<$XXX?21NT5Z=xzyPrC`h7r{>(=nR{K&Nc^XQ+x*u@ zm)JX-FF12TA<^h@!8txv8>SsEmtKguo3j|UKyfx-K#Raei-}wG>t|k>v2x{)ZQxZM z_hzmR5R~#g!cGcIv2qF+0brbHQngKRX4_ z22TE1p7rJU8I$>Whj!`I&iXDSitIhZ%O3pp`P_W({Nq9ce@~yM86Ug+q4Ft4p-(4c z>@MAy(Yd7ds^rv*7fyYc$@*7u;+(ZJ6K;8DmOh{H-mEU9Q7|D?QCjZ9y9G-wAM+J% zE9P@>eYMGR*_6EP$(igNi652Tt37xV{#xVT`TIc^Gmc%8b~^HhL#e5H<4oz5Haq5< zZ%KP|FD5ZweA)khrulys_B~r&)^td@V}?A}-CUFTR;T`5_r7qyV1LH?t@92)?TyH1 z=CeMl?sutVXWt~n^Rlk@4XZdlzw=k+d=MqurhV^@1xor$`lRykc`m1=$WtZ>%MW|= zKOVYmwWe=n^xUOC{m-#$3wO#st=;%B^Bj8=_hVU?;#Dg*nQai%u>Z5%Flkegp%kM> zOr`xjDW1|@FaKt9pJfQ-Jksj_tU1SIuEj-r{sczJdvAC%%>#e>@rt=?aAt4+eCD$M z$0yt8KRH?dM{f7NiLG7_50ovN;bIzq$2M#lP;i=DzR# z{+se5HSU-N|2%HBrgoio)QX?Uyt&<*Z~pV&9WkBZg3s0JGdjG=lOrWqh zd&2Q6R<=RUkmFGC2!rIM%dbP8{C^+5@y5LL`|e_^{yk<7*(>Z__t4C2{dq@W(|PwY zL*M+1(%XG^-?qu&TW?=rxN!LXziabrICvAc`1A4czOH}rHm?0~@6}%LSjLh+Yisv> zzZg|!XK_g^X7Sf8p96D3mONjWRlZsEdhL=o6{2sy2`Yc>{HA@5Q%ux*(aebXHr%HF zOQ(EhsNMeJ&4$McQ(EriZz^;BGUGFYUxsh#IhQ1lTZ=_9+P*pQM9y$LcsMQ2I&Im? zeVtc3R|?5dH*MZCV_~A@8j+ZJ?nwoNkw&Bkf${k0dR#UU_R(e}?Wrx|Uz z|F_LIkH6NG`d%pzxJ=Qtsgsl znBuz8r|p*xAFx=m@#6gJH!r`rvCgvksO$Op8Q=HCy)n5alNjkm|X91PUr zz4xX!?O@3^=?;b1$NTo3jTUk@IWV=%-1eQ?xw?-wXZaE`wLCxH*^{`fOaCtSg9D#d z=H58nl^VIkweRnp3KxyVbNTa1E|`8iiqe+p&{Velv&=_gq2+#Yp#1WiB-biNJsFhg+Y5Ss+g0g-PqP8CG30r-l4K;Ygg?(2L18r($n*qN`m6Qv9XnJ=l*i{mH(Z%#fyb!oVl>X z;r7+;bL`@N1rPSGy1VarS^c-QZ{66}?ftSy+>Q74$(_}CF=^U!{@;JGsQcqqGnBl0 zNPJ2AeEycBDVu)IuRrykZ{MMFI;sf^{~V1EsLR|me~ro~@4x)VXEgD+pFg0qnD6h) zYOQN^YdKWey0lA`c`R1BOnqCE^7hNUI|cK@9TmNx0Kr}G1jILZ0Ue?Tqe~+@GJT z6!P8fh0l?>>)gzf`VWR>ZM9-BTj#THvQDt>Oa3Rf?z_#gKc8i2C9iS#$Dt*QWj&QF zqm3Jj?yb%&{9I-5eR)oqoy{k?`dKCCPrS^KJC*T#!o+h6HTNEP_~QK!Nv8?syGq-% z=YIZtvF&S{xLtnC>No!W+ao3Ioag7?T$6i_{qwWJ{(5KBCUV<^migzmekyGK9C%Ks z|JNd9 z>t8oADj&F$BD84lhsG5F`m6;PB32*2W`6Cry1tX_`!}yEo{H@1{wH&8>-4hjqmq-g zW(nB4DM7j?(4gHhsb&6j$@}&WM>UnFo%5?=Q(q@z8=-$K=+C46pGPwtcFyG0-fQTQ zrX*dS0nv??<>PD z?efd5wr0wr`|q4R@6UKjN$&htr=lVg!I^6+oj8{jomzc&kK7!$i~q~=)YHFz{9^xa zM!d|LLlsLWpF8JgwRWw8_X0KGxXuV~$BkT;@wh6`L7;8V`2Foc#AFYu2sZFJwLbeEph~o$nSOdh8*a{@3H( zS2kGrF_tXW|E=5p`fLRI*_+q1wR>KPiNtaK zgiKxBwc=Fy-SwODznJUZJhA!zeLW-hIm^~|-Hkt;`kiC_JMdW2`+u_2wsue7fBDqs z^)D~Ht#8bKTORA=d8<6`S$lTOQXAYWn+!WAE%8Q)j;Ub@SZ9&O@F@ ztTw@x2pkiY8Y-Y@fS-<&mqb`HB|>+V!`JGJ^&ZpJa; zS0OXS&tH--h~E5|J!{?BRLxB9D0 z?dp4PZ-?+d=dXPP9+tYh=d#n&*VQZbeEwN!^YiN!M`MX|%9*u_)3$qEEWcq8Iz6Fi zxv{I;53m+E=e8UEw^({_swzk~jTT)t(mvV`mGFJ2MbeKY4&d}l6VJD&4o z=iif0Wb~FUS~YFe=5t>rW>xad{3%`WXQEF?u;sMp3E-0b^_x%&rqFNSE4St_hq~We z{AfzwvHoA%OFP@POi8)+B=3RZ`Y&_7v{$O6FAJ{SD7SlG-?A^hD!wM+%Q+Mub$5G4 zOlwNZv^gaxymel;$IVmUAI)0%+oAnnjb!xp&DyJ#Oqz~4>P3Be8tIs<8?!mcjdcG$eHv1gy`1$$dtIZ3nGucE`Qq_c4Z1qMiR*yWtuCq4m zcVtYA41=z&ZXIu$Nu$8yl0?X$rPI&3*DZdyEZToqQ23H-@XOaSxrGZNq7DSV7Eak` zVZZrhSLNbUkCuI32+gk$lMQW8$kfeu_6k+3>dgI!Fa->ib3|F%|u zL_f4xIb=KY@cUxTiD&I^cwR04o@nud>Ar=>ijW{d=oe z);&v~7n7qszg>;#Vye;&*&o`rFW9lxjB9C`TW_6bYg?F;nfWo>VDUr=)I6`)BH{P!gD^@GZxK*x@I2(-vGL2z3)80s z*5AF~*wMM+)hUha4L_}UP{JYU)Jd5-<2i}-dj9+0J!_R+zv%9|kDqR>fvlW=xc-Sv z{eK7T*MCJnSNwJHQMnsWc6&%$$VTJ{;o-t6!w zykFK8=JLZ@3C%K(L;eg4di<63iY^Ez9$c({;ilKsgXJ1)Z93Q8{yT7V(XGlw5m}`Cf=<2)YHqAyFA?YhEpKCtaW`Dmf_r?9X=2O~>>z8PK_xyhHoSpR9lze^?%0vqu=t=4Wf4KTfLX_a3*tG_wB%z zPcJf-xm8bcE0(^y{bl~-lWWeMRjS)k`wF!0z^3!v9oIE~znX^Z?OC(`wA^Oh+j_5l zesGpO*7(-N@x`B`cXlf^>n~ps`|8&LUx~+teaVjVdw-SRTTqp-f5N7z>2hU%!`$MQ zg9@`O-dQ~%la$==`Q2`{@~bOhTYPip`rtF6LX#)?zSA<#tu*jIz4(0F&WFygO5F7L zWu%|C2yJ{3cWK|B)S%>;SLan;`@QEiZex>eTh{njS;J{@r>9rq*Xffx=e_FVPQD=|HGXf)i=J*=&F3!UcGWFU)7~sUb#2*SLm)z`0PLL@$X12 zb8oGaHNQlS*lqu1^C`pD0vIRpAI?0Gw`R$fh0=$DH1ABY`o%x9;jPoxx$-~Nw=FXJ za@=dBNolpr>o3<^Bjf!)hkgisXN0*|;MC8VtM5ttbAJCe@0Q+`;KGMIyf6DVnnt(& zzIuD(9G!=EgLD6S-rFs6*X&I1)EUximDOjcy>b(7zi->MQuulQsn3TOEEm3gHSN{E z3qHxG!uEaLP}LH_m@}idS?WJ8^RjHo6qmja-}r3X?-%|3c(-xyVV}$FX|uj?uBl$r zu;l0Cj=PD+%eKz^wfgLpaQ6v&-W7flZeRW|m$&`r+SmP;_^i!}g-xHSol{w}IK%nU zjNGb4pv6Yo>knOd7&R$*$HgNLn~%5YU*EsC)P0uW{gR)8f2)++y|v~%tte-FbNyI! z-``(3FYd3GOfNcO{7-}b_Rhm1|F?JM&GGE%s4Uoh+U<6$)hRubNxP2z^<^k4HdS5v zbqlX17kK|eT{)lgI}Y2n-@6QCtGf?BkNN(XZ&&_|%qz1jmwPY$&}nlec#HfdQ<3U@Xcyo7^N%JEe|~y)*Xgovk(o8`W3^)XLi=Wi&GMgmF~=kIwb}RE&oe78 zWIlRvyFK$&N#(yXbF*UQsn3dEgo%7Qd#CWq*FwYKzww7BXY{=@n^h`m@><#hJUewy z+ogUB|L?0-UiViXe6;KI&X+oq7mL5Tdz}%Uo_w+=eGnE-UY(j>zsY~|Q_Fcj!|XZ* z8_s$hon3vS_QHXM^*6hpy`6p{{>l3U^@DkfK4l2=IeFHqWM7fbczb=;it7IoU&Cb= zbSPAo%H*nl-O`(GyZvm){!p*lcIIa;lmAT3xioE6z`3c*Uh)cRb4BL=G;Kd`Uiid? z$$zc?hfDp3^pHmvZ+RLf_9Lv!|F?)H{Uh_^7G- zHe0!!v{`WaTF=kNpI`hp`m{>@Quh?lzJincE~LKJh^qeX{>0jz!F)iQ}h^b#*f9X1j9mwahO{Qb55eV^Q1ja}OK-@d(#xvAmnBrP~HC;#Fk{h-Kx7}v%WNltJZ{g;^ZGq({X1?L}J@NRW4ezQ-#|yVxf2K$- z{hC{1J|#$UbM_0fU5VK?URP7uyN+rt(vNoY`Ll9!`Nr(88S}5W-HlegQm)m(QM}T6 zpI*QA)xRf~228ppzA-Pe{?elJez)6~ip<}#K;OD6>$ut^HvJ6q!ZlmwnYA~)5M^ES z+so#Z<$p!{r=DcQeHCZWreWI-SignUkr|iAovDVo? zHCgNSW%gTLv)=6s!F{By>XigtM@1ze3f^U#~q+oqCn| z`bzMs(9Nf}>Q+a|m0S!dY+2?P;IcGmgW~KTj$fC1Mjtb5=Dj`BODdRs>dBN>d;(i6 zX6~7)sdB`{SpUS&yCt#Ni*~JP`agf~Z~pAx``+*UuX8An_sk|&UmbI$2VGI?I$RYF z8p^JF`e@pfb06N!vGNsL?zt_d+;9EdpKo@R&;9IP7Qef!=ymH8(w7pwP8|tK)9H$BcNU7QqK9>yMWfx?cKz z{Q2Vd`j+>5e_O^oet-SrQ9{K2-c^$AO)_d9!jx{LN4#C~?xOq3n+eAzS+G^V zFELk?|KG#rD^nsx-<;M^-lm^_km-p2zP@U?oBGBZ!`?4lw&q9G27U$W?G2aSeh=Iz zqtNqz?};m{>vvcd)-f0a1ZwBmY4?g*r7n8EIhc;|itaEIVHT)co_yUIZs~0A<9YL# zb&Qk$emeKW_oKzWb)LFusmVTh->=l~UwZjAqlCu3({>Nj>VE_&pPjCBDf7gmmsjHRe&+}#bt?<#{ znEA1DsoTpxU6fKT*w}25uxicGt$CL=?%UTEmHwz)MTX1RChz1M$^DBPFR1D>JNV5s zE`7k-z%g&~a?WGC5&MF?ul86MNk!h22p4_4OTTchN?qrHC9hKt-rZejsdeM`2fsPl zMZ)(DwP)Wsl=W)e{L^oLupieq?f+{i@gON(#$e;hYo=mvm?P4T{ks}q$uiwJ_j#Mb2}n$9>{=l}U36maNX{xyTr3x3?U{~wO~_v=mK zA^o{We|uOy-8_Y9k0$TWk8`9M&g86`qpPeldy#(5f*-}wEB9_@NEVy$j(5|F>C>(; z8i;JJbysEOj!4p5dQjkAyvgTh>xD|M@|-?9C1=&q&@h9C*6jZF#~*H!coM!j|JIr| zgLm>WizhGWN>IqwtXh@`b_Ne1v40AZJ&Sq9WxdL-ksE)sd~ZmyITA1TSA9b_4F4P z{XJ4JuX1klqXNC?{Z_{lzwf%8@ur8_%`1D`d7CvapL|_c5)?c)>sZVhSJn%nP4|!e z(Df;fas9Y=9*zICbEuUVIJ64=tn<#{kT~l$=ls78^}cw6B#*6;n~P4IWM(^<;q!l$-Q}G&i}#4mn3;B4 zr$gG_KF!2r4v$s(@_Xw}7aKA%78&?Sr-*^mmEgqL6OI0;)Yj=QKip8sy>y$%W#zYj zp4@o(WVV@J>MymcN}WG%e>~b~>UYgQe0t8DoM_%s(US@HV{X0tCCYfYc&|u%P>6H(^9%xyka9Z}H^ak6!Tgy*R*nP<_TfbpyQFYZ; zg>-S{l5Yn0e=ld-)5vkyO?cTOFMmNG!W?JsnnHp*~C!68Xk9*$V#cF0;STDT3OSd?)Fvj6^ zc`(bCu+V_*weL)~HSPbTc5dq*uT$Md5+BdcvOR85wsL0h+(Mr0?E%*3tzwfIr*N%W zCe3BGl=X(Z^I}J(!x7W&svKkDR%^It@X+!~%-MNmo1Z29b$YZ*Jj>d6w`7QXN(EFpb+J&2p4hO}%XWY;IFtfGkWSQOcl?;)$bT5C3nqZ-p z6P;a{yJf=Z2;HTPpL;9b%Y^f1h8p($Nt;!jRB@j-Xm8r9xmO=7O?j~BgyYEDy9-`Q_dTe#H8jaNcWiEm-@eL!js`P#1bSS2oI-^VlmNg%>$w@wp8{qt~=7n z>g=-d%$;u@Qy$D-p7E0LaFlrT_45mlzWdzSFzsO9=kA$Z=iE72g}2}8bba~+*Q07}K?lS8Pd)4#Hck1RJaeLqf>X;2g$ZF|!7WeH zj!sgVdbK89c3r&eqK&tYZ)|qV2{jGL-{SCq=eYkCA*rT0y}Jv}1_giIwSxcqPl<$O zpZZ=diZuMQe*OV*_S4g%<`}1ToKuSo-~4fFSdzqskoysz-Vb+c7js|uqO3Z7XUzva|vwYzlPm)}**$Ilh4?{8a{5_`W| zJGiG{LgHsj`?Sqx+E$pnUalw7M%lp4An>=Tqh+^J`2fOmytXh>I zpeT4(`m@Dn1$w?5KK`!k zqG{8~HQJ|Nweo!Ly=!ysyrf#eI>zriPnUe>6JU>+=G?e-%Gv1E8s~lpe=B?xvEtV= zJ*|A%y`3}GEdBEOdFBhRD=Sv5klVX7^H^No(w`v>Gmg7IDAzri;D5xufrh;$ z+Y|#Xn+P5GyWZ}R#L6GXb|lF6T&?}}^|MLI&y2krB%^QU{Lad;*w?3heL;$1-gUOj zp9ekln0o$9`?pV`uxLYW?S!|J+dNr2>Lk40WFO`#n(iMNc`Jy2B3E#`r)i>|2g`}3 z_w1chX9m4l9aH4%aLVVLhO9VqL*t~vNUvq3Wjel&O|jxHJEr-~?i9(jKh}SL58HtN zlS2mtI(JPk)$4jLrQi{@aT5c_Ar7Cj?mdre|0N6g@?E@d?I6R(OThEKix!LRM3_n_3n}4F^{N{(hu9eN%er{9lIr)b(Kd)4e z+-7&`-jv^2b@?PumZ<|N)%-br{jyIyCQon7NY+3P_1K%&nZ8NHM z^Lj5W|3-T1n!l_kdsY?(?|X41kKs|=Eq#BkwJ{$b%d$+H{xD|x!gLO&x;=jnoZ^zn z4nAve?fQeQ1*;^N89Z0tA6;+aTA(4^*7?<~0g{xG`~%mCCdNOoB3%EFDiQQs@}+x-#$NFBr%>@;6b>t%<99= z7msXv>C5t);nDRybN);hW8yYC^UC1keUNo8*`I+V4r5#u>a%^750n1|o`g zgl8J5Jl(P=F6x%h&Dz=TW-WV`v8MUi{L0S6Wm(m(&zf}p%9_YqIu)mve5;(S^t`Wd zl`$Wi^=)(Csu@bczm?A)Sv7T;rgPh|--l}?JonEpwwm6ae0_cR;=^&5-#`Cy@|fm* zMPs9qx-*T1t&+v}o-B-b%=5jS^ZVI{_hp@#UDlOdxK+~9d|vk8<=GGWx*%1X$E_(3 z)r+tH*5f^2H-G>C=VpgyX#VH_KheH&P2271%wImwp11Vf1Dlxj=2OmhNuROu@}H9N zY1xcK*Pi$&#W<9elEbE_8e2ovNRuE?L*&O znfGxQ*2LNC-M%5v<5-_$;s2QJ_MBIWXH}$L`SA$;njO~nZ-MPspN%OC*UYn1@{y}C zYQ4BCZK6gn`|2|++Ux%QmXtkGVj-sXB6s1!qy6u%c)PTHTYB!z4zXqVa(_L`J3<=X z9MUSARvJ{V*Yy92;=IgL2dC`jv3sR%BrxBi_}Y>A?Gevitr&95y3}O4)w zIEj5D@5=V)CR5+0)<=Fid%|F%oc(iYzl*otK0D!U_|4|cp;-q5Ums}s-1yhR{XU;7 zN35N{v$OWW&F&S61^oRvo6k*}XeD;R$ZGCpe%b0~r@et1bMi0fyDfNW(0jM=MDeEV z=&qdG3mJ5IPbyqA*D^f+y+)RILBi6SYY8us-uCCLiNDvmd9$4V{P}I-^A;K&ce$sV zJaeh=nQgpoN)>(A9>4VGSsPLQ-Q<3;O4t7@-ZHxl7}$ijt+g(g+OYqn#d3XDj;*p! z4@}kib}cl>;B=wMth?@smVHx7Q`$M_Shki6oS9u7G}CSE%@DO1Yqz$}Z$C1#EnHt; z6XM0${_GIH{{F4r!|MoNU&+@z`Yq>?+QXZ9N9xAoT zv=DnX>%Q~j*K$tIj8gH%$+a5H*P*4A;7sGc?{_RYKVi-B@2~zpdRd>RoU^a}`2Xkj zpYFczVf)Qsx5$1{MQQcHp1IghD|;1KSb zYpzX1_HlZv04XPr>#{o?lG|92a% zYoQNr?NzUAzVC2w)kpKH&`MPkv{~yMe?mgfyu*c!h*QWA6W#qxU&yw)#x@`vHc&6__RRy}xW&=^1Gz-9aW3KwT+*nQvW z!mxBt)~_|&U+O&hXAo6bTPL(NK-^!Bv_04b2_Ggo-S5KaMzpiJlbWwxFLF2F7)q3fv z$uX%*la4pv*?o`Uqe8E*ozdKC`-8o6Es>whSO zX7e6k*f*K?$0d&iXUt}8w1~0Uv0Uk6e#^YDTh5ZNRznKEjx(J`e^heQPQRVeXppe; z`}rUL_ib*zz5I?2@25Cn2g_``zK{D}n-^EVc-`JAoqe(4g@47J26aEqD9*Dq{;PHTRpZii|5*=A zHS;S!#>gF-`kA9m@5;XuMuB^F_B}eQxvbP&m~BJk%x%w=6QklQJD&FA_`&eChk*2|io+)-S#Eayc;y0ZQi^`_cw>)+3v#A#N#*L;J0-P?yb z{0*(TTSbM9k8LX2n7hBf>)hcje0&A(<}zH(UUqub=_@;Pj%-V0j``x0K0%=D*{tK{ z>6!E8Uv|gk92IAuX1#O!E{VrK-e&16C~EIM@R^t8k!*#Y>xSjlU*6wRdb8z`;;|3z zpWiKmrkXnpsXsh_b;;(iA2?(F&Rg^i^S#W+77aiBy6pDPn0tDHjWH`*gTTWRPG%{G z_NW;iNin!%{x;_DV$Yn&ZsFPd@w^NP8V1XEoXkEp?aU+YeQ(vz7|h+j%SC3xwA-HM zPbP5`oI8`^cjflus2TfsuIfphWizh(ws~e`;;u&@Q>OJyd=q`Fc3%F`Z88eSEc@#d zH@jXEd7X9Knxlx>>WybiSW@C=1jrn4 z*=YK8V}|A?^|&L>Ex(t)o+W>NC*y&Jzk0_P+08Hzf81RAO_qOS@!^^(tH1v`zO)E! zeG?{@>|5HC8mZxRji;~ukk9YQa}O3*R%ld~M$g;p;eTdnW!)LaAI&M#G8c+^uUdGh zc<5lz_GwA|P)yxKWD zG8mg>AG_SWOp5D)r8pzc6p>};stu=FY%pWx{Icb8;n5>o%O5)!_LXk_sy{tOxPaBF z>H30{X*~+vqSkUXh5EYBPhURmGxK7ES;WU#S3k#GzvFU0_qou4PeD1XkC#Uj+(})w z)zatBBhFX(wH0KTqX*Ca z-#Up0HZ0_N?v%2g$!#`swKMy^iW$@9n{4`}D1P+x@|l&N3=LFon8&8wU(so*ww&w2 zk28WcO9J`V9Cto_)P-T`s!L}3>pgTn{o~j^|4~Ra&!^QZVx}*8KDoIz^U9s%n;9E+ z&HvDTc!GWD-oqO&PWbobYvSSOQ9?7re};zKT6TZcwcOt~_vik4#}ZfHru=;8#;79Y zL_M|R$tLS`X9$(dk$E%QbaTF#@!S5_jO*^VaPl`+o-$3HvGJ@`?6Weq^G_#g?EB{J zuqo}WP1w|JTh8_GJQF!|+C`$UMh{E4m^>d$Ob*B1v(WB;<{gI6&7#g8*{ni*%sTl-Fs z=Eyjc)$roL5}7pz1=g;=`dE_X@Gae(dGFGS*U3I-V-{HUH{{W?Es4#_Ggq2T&IyYa z+U}m5yT0&KQpFm-c&*bp7TS}(&YZ>f@l&S!!WTR2_+2?-zg>u_=kd4V=GM(*UT)Qqyr9C{a++s&%;&kcSDs+*5VrX%bpG!S#`8}FCO$C~ z-uLKm@h^?`dD$u(1pdl&3GTesxcp)2zjv){fBv%RM88(MRxbVONWEa%sW_$wX3|U9 z8oYnppRIa4U&C$3>Z!^06|L9m6xKJb;@!;7*Or{f^jxaq=Yc?*zYg;z$KKA#WaVmS zKg<%VrAUXYTUSF+B1eR|HZb^%HI3$V2SYH`wPGT%?< zgj^R%W_ak<4^T_`M*i#UU{?fSk{ax*)HB= zmrkviJG+o^$|A2f<`ub77ycS9U3=u~qKEVU^*Jy9!y}=yh{#-_sk~ue?Iwk$xi#8*4LVT*EZUI zjN)$OKmMPsg>#POsm^W&ON+OcSNapEvJ7@ z?$c3S+Nrp^I?AHzl=Z{yr4~|$s$XfOS2H%Vw&zZ3&vk3-td&^s^@k(hTs|gCi}!2i ze2P|wj36m>J4@CXna{s}aQ>g8)_cB-AJ44+n)&a=)#d7b=JyXzuK#NBbTeB+UffRC z*BgZtE<9egcX!jP$gI__d%nu#a4nnj%=%-@qt0@MId5*hmsesR&4g^~ zr#!#iJEQLTW`j@BzkUljIy)ztR$u1HSfbzb+x@@vc173f)!IAu=PjF6dGm(Zl%yRG z6z>SL^-Q@t@t$wU?`rDUA zt!53EG8b#k-#uAUPPl#5nGQStc7Bsdzc?6p)N*dWx-nC0!PL}+zZTkl$g*8~{n3$K zdrkgbnVqD1j;GYD>A5?5=AKDOmo_nJm0bypHQ6}-@Z5h#4EJ1W)U`iaw0M(FMDBx~ z63;KKw_3STwXgg2O}EPiccMWqJrlx-1r!M%0`9`u1j4$Zo@?_q{1^9g==X^F5sZZNco4 zIrm@uJF#{1)???d&i^U-qNw;u>y&8G?5}#O)~ww2>Q4XM6FU!I{x^?VBJ4)N-+$+3 zzGmoKJ=fysl+T6xp1U8~@_UlV%$wO-JJ%~6&|a&k^p8mWiKCXH-`~HKy1~a-(-+XiHsCjw5 zXYB3wk5#r$S@kK6Z~IY;=idVNY0sT~%RFQ039~G>iv{n> z)Sl|9w#oS0l08#TwZAghUoH55slvkhE*)Qv9lNEye%YcUJ%!u8AwSP~{%wG2Pt)3I}$C=O18$G=9_qa%GS@E;!Z%bl34Gdfs?bp7(Y2BJR zpS~WQkUc1BA@W7d6yPsM9N!Z2X<}*LKJNK}g%;v9!JEy+Nw>^36+&0bomv<=5 z-)hGGR9f~-VZy#IyJjXU)%S|t{?%*Y#dTutruXeH_so$w^p5*lowx)!r3PfB8<<d@HcVExlRxmd>~h)8*&d(D z4{x}0Z&=d#O%h8$7zd2Cma2Srk80~(r3+@^>6Qr6&wxc&Ye?z zd&cL=@z#rV8QS+P8KVFF3H|qJb+>)TjiBxJYghCyX7{@!Xr6HYBg zRsQPl_R!i{wyo}HQ=`Sc$?6|nr|)t$@0MtMCS1YR_{TRy|I&qGbFH$K6O-Q>o+#e* z`83zJ&W?^d8&bhEsD*#$%$NOdl`b3P-Z{Fi*HYm9gDZvR3vUE{&**e@uJGUM^YVR1FDxpk(+yo~4t0j0px{J*Hq|{G4EN;i&d#4F@!j$28n&$+h8F8v9R1u!Hhx^p znz{Uclyq*s?uk|6ZqqoQ|K&G~x$p69n}76%e5J!h!rA)^%&*4lElv0t^gT_iQZ*#J z>``3c*>k+hmcHwS7zrXzH2v}k4!*o!TvU|t!p)mIm&~2n`AY*@FM%net7l^xy`fPK zq0$yM%s-Lird08&|I)9ALFG?^GgN%C{|4IZ^}dS;9>IyTr)T}BJ+)Q-)~Ry7B{M$U z*lhB)IAzCH1K#?LvzO0a=6Cbc^Yx#m$D5|_*vli)`Cz5JOLDjjbKINVc}-SzwQ_v& z87du`@2w7&n;fu)1=||mf7EC^xoY)XNK60op&zHeZ#f) zz{JmvQt_Eb{%qi0UDzls+j*gITc>e;xu8@BGh5Lb=^G(CC6||eD|la!&z|llv-oS4 z%(WdAUm9EQ`+`SJ}m>bqafnUN;RU|zIy=416JPF`KV|I=Lh=TGZqj7W}N!qywH{oT>8 z2Nk7u+g{n9_q4M*S101k`s>FxhWkBwFaJMrPGiILV+UAoX}?SN->O>ryIIj@z5Mep zOF2HazCucC9$Z{MPR{xA{}*qc{r~+H>ohr@70LbEZ~pP#eVgMim%fWwcJzSN;{*~{q;w||34v0i%%ykDk&CRXe{T{ef_roHXY$}yQ(?s-b?K3R?paC>zI3z zspXGblZkqBZQE79vUe+%Riv8nxWD+Z{jrR-xYCs<|IJ?wv$~FLwHH$Sa5_yYN+@z} z+o3G2{LEu-&)0}U7b}6%V9-p}bkCGM{T1Ki|8+f|)ih(Z-1D2w_n&_B{kd8Ho1sX_ z{yu%awy(EWXwA{w0iIRfaDKxr&%2BJgEk-RNxWF~OEYoH#+|pAj(q&PdiDd4XR|xv zG8S%~@8b6S?>d(a{0g^SK3=m0jYS>#U{=l9A8+tz`No_6D)X9iUpL!q+|88j_v|;U z`KF|#WF!megS?F0f4=YbwhvGCZlBCvkh}8t7KXMz73X*v(#%57nboA2xyIjc`1sr` zs5+hTn9hRyz$(jS>zk)7Gp=A(WNSMxA$jSW?5!c&#d=e%Ixzq=j{4(%=XRwG~b=CPCONxb*}2= zE-MEagC`;Z74DW-Q_IerPX9k^S#R_Ti|QHI{uNi~&4A;(1)iko| zy`g2Exa)?~lIJ%6=5cAcC*NJ&RVY&H@ot;c8*QT-s))=s(M0pG|Fb94tmU7bcWbVl zA7EH-z0YF9v6H_{gd{fSnqCQ2X|CYmOcASTJmjn!?EjkBIH*cvGKlerDiwp zs_8!-D7kM2RpLsU!j#$vDY+ouYCG~youSEvl@0NqgX9zx#6xcTZ z1j}`fGDe9FYxeCtTq~fy@6Ne%?s7}2=61f(Q8?XF`@1$ohy9V=t-p_rE{5II)Mx1^ zJSRS5*RDMKdyWSZjwhZDFwlOr_@*q|njK}m+}{jWuD4D9xM%*cUtD>MSsM77Y-hey zVvy%mH)6X!W2fAE>COk%r4!!Edb0fHX}ub9OK7sv#SAuS*oeKLpx{h-);})CqJ>kp~Y0gLc1(bfqTb)yc)!K?_B=@BfJhHE zjR)$VJgf90%Ld)*{wk6aQKIau)Oet7 z z#jNYn3#_fG!+owjI`Sv{+@))x-v6zAmaBWHGaQZh^nCv=!?c`om8Q7|x8LIMd70JI zw^^5kkxTZ5-MX3cLH>l`Pn}B|=ASw1{`brG{{Pb5JvCouf1F>xrDg6Me&uVETnuzR z<*{eB{%K1-!lwSOH*LS~pBjt9wY@?!WlCOuzWCu(W|M>8Oz!8au6RGIyV!Y`;meld zS3Ug}Y;Trs(>z@7xABzIL`DUN$A#txU+CP|ynpbS60Ri}TDiGl6$sRE=1#-`0qlc8sYwL2s>B&g44&uj@@NU7Y>qVV#)SjVroW-Q~hZocpOOzY;) z%!+@KQq!I$oQh?W|0*o$(IQoxv-Qp0q`CiC;?oX4G`;p00oKKuJdg}8CpD^WjuYWMp#F=l~`s;y~s+$cQKHJMAe!9aDll|~%y~J&|X>0p8 zZP#hu%8pb91RU^BS#>99)v4K*cf=mgx$XW_@As6Rb*fXJFZjmDEWUUDq5uCvtE$*L zzA&*VtG#AB^?sjp`olMls;l?%JpLJ$)bLY}eVWPVTHn;_N}cwespWU{B@=> zPiXRRadAmeTlG+VlGnPqYvVU2DD=I5;#o5}`)Tc+qf93M?@T`NZuOdDb-_yw{KO9b z|7EzRdBWyG_0ZNTKSv}JY*_!eEK9t#qdQi*SmEBmm5=kBHZFY^nC7y+GP7c(oWH%q zwOuQASLfZV?bf{$cD}Q_@I-OZ`{`?a=4Wd{@*ar%^m0jvB;$eKhnN4nEd1DRMb)JD z@AOU&Jpt-L6VM zd)Me&%}I8G+Xm# zi0{`nrXKUc4g3n*m(22gzccdV)44ao^-A**A>oqeH$O8g>(}>1isTLR<3Nj zzdYvm!nHNe9lALCZM`qsxwl1gU;ZGzyK-0Nt0}tm|Fr6Vh8DNoKHV^pW8N=kld_|R z50378t+wLv_2&;iG`cle+}wP>wRGk0%?*p*n_RjisqpVnVnv0%-_?)82%Ba)G1@a8 zh>7tF{I`SuQ{K$Ne;@Swi+?=-f9R#~TNcLRkG3^W_vL>oh_y^R{N?o1wR+3{tlRi~ zV}kVC{qw@FiwE>LTz=@XA%AUm?f&U*8}e1WKGZ0y&;IN3=)s-6^5GAYzLZXMVcy}t zJG1}hjlHKkGaF~0*1daj-34wLOZg=qr@Ect-@QRfe8|tARWJnW2(bQPX}Dxxp|zK1 zcg2Lu=k3n^|D5%^rT?&O{)fr?Yn$hr*qqz^|8b(s>0sTQXY=0IOs_sxYn0pe&{v^s z<-}i~nI}9?37;!`S%-1zU|d%E8q6JeE54h(eD?#T8)f6 z$Aet1f`xmVe!pLTY}18d~s29rblx*H#xA%+R&d!{AWk|g{@(){O=!2 zzTGXZ7lD+M=SNAU_&s~_ZI}JymF@GM{QUn>{mP9`lN|R(pZI+#Zr-o+)(jl`ulPj& z_sQP*llAWU$KB0|f6Z2LrE^{65w6e{d}F+(Ea>}-#aD6+j1R9^R;1ixW)>dZV6m^h zR9NO@jqpWo-7ViHpLnt7{#1@{j487s<=>aZ6wRzs(N! z9(~hECZWqFRQmYTzA*37i#w`{l^tizxA%FiFk|)ijq8(UJ&dltBU7`nl_PDH{7v_x zt2pM#%P#qNYRS)aCPg1+9$R@j|IXomx!0zwo)>k0UBe;kQ!Dj0C;M5lym29^qc+)8 zUwQg1P6m;%z?n)GIXWv-E_=!A?oB+mUwTgO|-npxA?N@e-8a*Sk=y!f2=KQy1YjJ zho81!!=a)#tBtOloT%|{ermy;E3^0!R(i0KvJ>D?x$d}HQ~S<_0xmgz|>BY-^7di z*fMI)_I_RHb!Ib*@7e9Q4d!L4Uc2d;aH8(-?z7QPr0z0^B*YmO2I*WlG;#hePTt<% zezk!II9hg=nSP9Hth{thg6Bd|eE;vPnm3#8*||+ev<(DLilqMVZ2R*0*!emq35}o6 zY%QkkvNnGsbx@CidD>O;@*Vt-j!eIO^XG}?kofh|>4*0HwbPo$TqytcU*XS`)o-SV zGaa#b&g~N$yIuahLc)f}8&Wk?M895q!^a#Jv-=q9?-^IF&)Zya&p)}Ab$cL_1N*^w zXG#Pc`rCwOmS>-d>HpsA@?oykiSKi952h;T&eGWZK_UbdET9bmJbRJjFW}8 z<=Kg?dcXdt+0L+}X|1=fsm7JX^7hW2&|SM&mRTS_|G2$L;l>5`y?G3*=1QKP(_I?7 zM44|*d6K_j(6fm6$1L_8OJ*c~`jZy6maRkZ@7aPhtC>!3R<$Ry^A&Bfb-I&qXj`p( z{hr-S$8)F66qn(7X!*^SZ{7!?PHBUwS2nyqX&Yj(=FFxgpsWDFCwMPUm}itPzxT6} z|Nrf5hb$`oygaTMZ};2CeC>4>{p-Mre}y+Y0W z@ps&J-*3%zHkzET((&Jk#~>){bWDa;$yV);k3PNL^P~CMl+Qe>!S|f@)=oI4u<+)| zsEM6AyLsGGA1D4<9=~j)BOLBzh@plc)0%a{mLKS+jUB(r|j96p_HBf<*$*n-*UnD z=$=0A=^c3*zE@sV-#@<7QDMK(@hP|JJ{wG06K`(fu*AIi_1P`wC!DC+^K9WyDF?o7 zYj@w+w~^uT4x1Mb7akE<$*O%^^p`QiM}c{lJ9AFS%~|F=8(xcu%H&BD#Q5?+WMWoIFrr?a_%ndl zey8H&=34&$XX~H)ud-7VJ@x5~hy;UE%ViDC@?xoHQJc!3UU3pi6 z{DteC|D_sOPp@5k-s?%yUR%ir(Xr=1eO`fupYJ~Tw_(k-U@>SbR7pu`QXy!J)tB#E zt&-92b=n7#SUWD?{A;*&*R|_@uU#38x7`kAUEp)$okz;;*849Ne$1QiUAW+cg2|5{IdUWNmWw`Q$UYu{lC@H$;Zmvm2ODZtnNK9 zW!1F+$ zm;S!Kx@&LQi}&ySe}2ChRQ|0^V&gQGro@Tm)*jkV%w?3#EI#I&{LX#!{IKM^>?u6V z&Z}W-0Zu$w5Iw)YE!RpcF&&t|B6q-wr!0C%k?K}?zrc6 zag&MI4Cdm@(4^U4s#nx6o!EEpNx5|2g^MLE$!`r0_*@P5Qs+CpbJdhpUl-s1$k97p znWvvY`LK(gdC?P7eZvELZn~~K_8C#?PGnth@o5U*p*@99es5v^AlLr?PqfUuvU|EV zU(eTjo_%%nRrIqbVr!3kH8}Lo{`QV*)%9~W^+%%5A6%AjDs!Lk`G>pzojW=2ubxr( z$#edPKcBy_L5Dr~ozagK^G`S^U73-*I`zHS>o4j*jHLP68Snozcqo@pDS56mGlp-| znknJYAIw-g%eNQ&_&Kff^71RMP9Lp%uh*o1_3_K@2l;kQ`z?=F@%qVZ-fBx+hxtNB z?rps}2divq6>aQoPfStG-FoHjUWKcINZk>U55hB*Q08$@pYxqMV=Dgcva@^C+f<43 z+toIme^->?X?*{B$hPUnKiSSH++MiS+9_vSQk|Rjx_tY_$4#@1pZ_hXpAd5_;mDVr zTi4u==uB>Iy;&u*_r z@zZbmn z+_!tT%Hg#wm5*;O|5&3U)CfA!XMf#y>oHvK<;@2|Ug>AcQ;|8I$H z(&3goeZtM+kVHU^L4v^*i!A{e9_pNDd}oz-rAHZEezNWLmc8kw#;?nst%-cO=AO?r z%jbUQ-@ZB%m07)9{iVsw60h`06K)4s@Cw_gsUBlwZ{{sa5pWZfj`rBpqT}r}>AigP zKi%7#bpI>Z%-_1H>1+1>Th-bBE9QT%1f5*}*yDgd!-G1QtM~1zOZfWgDnoab)v4VJdm$1WiZFF&w!6-|uMFeC#Ao!d{5f*S z>qn;LC$Z->+;=Bb2OK)RQ#t?QrQH{JQ4g^@lH90@w{{7yApX|PpadB)af40a}wobnO_{jyYr;p1kd-uFn|9Meb_p$u_ zKPuL{+eGgak*Ils?S(=~ch9~&I4U%qbc zW4rg~tDxVU%w?xn@B81lxBv4}^|Ii!89!>-ig`_MxBu_cIJ;$M+VyWcg%3v7NAP}I zd*^iU|7fX$`&{HtwN93?zuIZfch%qK^u5r}7q6LQ7HLL=8GLy@*Uo;SHTR8qnosg= z4m`Hq|KKY(m-_#=D$AU!H$KxVS&iZ>4#QZX53|{&_y3BSC0Q2u=KnAAKUceZD;Q6= zNo8GYc%EhK9-sH@#l%{h?~k9~*sgT7+V@KB@AfOb6)A^!4!bHO*`J)qt!NPP`A70q z5g)^yYyQ8|?31&0Kd;2MU}KSb{O`?ko$Iac{}o&xA93KDkEZzRdChP3e&tfn-%{`- zR{MTMimcFQVU*Z?rzi9w+NEiE{UWyCKEHpw`~O+z_vy(mYYO#y_3Qipf4apPS8>nn zWaMtz`RlIroY#HMevH!c5x(bt>wY;CpKX70 z6ZeX`H-b~@Yi57zOP&++omXy~=LzUV+0bOQW46!4aMfr1a~JFH?-Uni|Nl$By}6db zQtj2ge>(SL*ki1G4!2)q%}!O*@O^(tu6<6|`HjU_Qw}bbIJY@#gZ}ZDv&r$lrG8(V zePZVJY4?&DilLc#ZBbT;g7zjlBAqh@XM58sa~s!wm4YL;d9RdZFi zXiw$F$&>A?=1x27|LM*0V$1S3rGD|<4iC-b{(sV2^QEUgXVTQz4VC7%&&fQC`Cy|P zE`MN?A0IDDBptcyWb{X@J43|!fJ)+?O`oK`%FpGR_cPjWXOQWiccc1Vm7jFOm zT;KBIt0VHKmnK9qvfh%YOV?JvU(q`Mx^?H0nsoWTw(FLqx=u13zt0su+B5lFIe&lE zn-lNnPBvG#?R0e-lY(D$_H&lgs7Ll4Nm9wQDHmL8XLAo?1(nzDntS`;FYM6U^cd`Tw?Vx2(H)^5lJ!#J^s;%Y0arl;_U* z^EGqIj(Mg0wG){`mpxp*YqrIw*OxV(_ZMt3ajo6Et-Qi|p7+g>Pf$te@EzWeOI@u%9@X6u0EzzI|nWrj?A^)$;O!Zz1J|$Z2 zfu-~5<1-_lB={b_Gs|8^^bPX~-IY%dJYVB5=UegHAIJAu%C&=%Y^mOqh)7-m9zn_9 z5&819!KO=o*yS)-1iZT@5(Lc(5SKiXQ(@eH^ia&M`FwHtPd=Rg zH}e^5M%1w{zdwFs7DBjp@Oph{{->nc%o^QHwb6$?_k&ynSinm=BN-8+re|w|kzAj4f)WND0T%{+a z_U-TT=RYs}GncXbE4;7nfkA3?c<>bFd8^NsRJ!jindDX9ePb?1B14yfl-Lek;TJFc zmW9XFP7nY8GUU|tJD$rl zW^G1g_FrSm>`nize4uIicum@7-pfChi|=3fW^2gItnM?<)GNOgU#pB+(7M-Oeo58D zHIo;mPP&U$!RRh&yC3Vk@ZXZw z+^e?LPTscSx$@$IAjUoBj72A}>Xt;KxQk<=9_Np{qD?pce|`V6(00bYKdN$Cu`j-z z2{8ms8fKgC3Eo@bC=zk{>Zwxm^A~Dr?bL2;Nm$F!arxGbCVRuHub)qFe<;Q9G$Q3( z1Zs*}r^vY9Roly8MS}fTHTxf*m;dc_inq~1%e|bS#N~6@Z z+`DaZ9rrCxYPb7eeD_Y-OyY<4kq^6Nx0viXdRzRN+4Bq4Yh%x5t%*4PO0{^G28z?1 zQYKva5bdM4_td=ny;B}>3Y*q{k-1-4C7)XP`QECYQ}MBlqUwJB!nx+#HfBG4vi|#a zxrficdYyWHtN(Ayw}tyxRerj;_sqUmaduPtZTddl5{zQ1v-02T_k5*@{^^y=vP!%& ze_lOrS!sMUTYt~Fem$Q5k$;bDeiLi@=%?sziyu4X;wrCu?)fcqJl=ZxrqpTY-_HKF z-80&0;oCLhCl+4X7RASdS^~$q{Q4@c9V}^@ZI*O<=hVBq%Ysw)Re%2FcJls-bF+eF z^7;z)t(-gSxc15T7iPUvvs2&CuWep++ILU=!pYLx|F}GI@Y7>G9UioC=d@K{#Y$hD z=h3|JN9BLz*5+mR%`ZRO(`disnc=e++z~sMwar>Pb&B}Yw1UpXUrS92_sMJAa(pXg zse@W>l}}#t>({TwtE>if>!3l;i+)+|s9I_!UD{~xb!HP@W@ z3UBqxFW;NLP`X6F`@+w6x3_$2uKUbb=CuK>Mt|*bK)*R`eVpx-P7Ss24L=Lz?yqUz z(OlkVc2PL;h1lKMd(OIBToYt>Htnyu)%7F_<@8K}a(U0^GuhYv|HD*Ym~({LdjCoO z`5RIzG~=Y=YZ~LN+vGbnB;#D%o+jNbp0Ia&+`}immu2i$J%6cgrnj%EZhk`T+V!8K znw{=!=xg7edb@plPH3!|0Zi83>;tGUp!H~gEWVoQK3$FA5N zcO0LbnBiE|tGrCJ=CM+*xahNG8IuK^&dh-st8{qEv?{Bb1=@H0=APYf;p|BUdD--+ zfJF||gtL8Rv!|z3Npk6amHlxcaMxPC=wtTrcS6~iVty`=Oy}589{6iz(HHK!YKlh| z32!kkx+W_3{fGMVKi0F>FPz^2c+1yU&HapFQ`O z?P)){dt>}pfxgO&tj1ee+_zfuCJQ*Jcpi8!_k3?j)8hRKsd^Ios^QDyD%3rRp=C6{v zf2{t$^t>Op+cfu`G~N?Y-|_Li+@A?%etZ5#*WJG1^I4UZ0n}Q4CHM5Ads%R*-@IA+ zpfbew)~PMGY;5EFYW{P^t(gC+ba&;u`1$GcEq^|D$(6k&*8l0|+f<37p!!=aw~Ln8 zp8t64`**_~+C6u~w*CKNT=y;Y_K)v8+p>>TU%uUTxUBv?@4Wg8Cci!}o0Js2Wa}Nn z`-X47_vWfkxK?L3_xsFKD{jUdUgy5=h_hyWIQJ6&g-icg@Rr#Zf(xaH=NW+$--XRO zXL9-0Q&l1MX)iX0y-B&g+&pNGx%ufY@%ay%`Dbms|6%oM752ZIrmndebb7g2w5Er; z`M&Qm?f+kjczrtmN_}4H`&FLPD!-b1O^@1nPgaTV$&0mX)~|iqcsA_Qb1iXu!Nc`$ zYr$=Q*$r=gO0jPj@%g!J<~GwycTcVSZYL47-m+3HEO%XMxUcH6J6~qW>?~`V-oHhN z@xY;b%lU(HWqxa^tJiCU_D6Y`?d6`viyS=IRL^z`;^tlnQlqOWhRbk~*k zz7(_a@{|3yj{KINcl@1C-hUh6)n@OL&i8%#QYW2Mr>T3T{71sfUfXD|%hhjP=2mZ1 zsBLzh!G4IP`M{L9iH0?Or(<@$R4)ITXLiSs|D0$JV zIwfCgalwb9+uxeZD;At*azNt9y$Z3d_lx;g{aeluyR-77oC&feluT=UXj#vvlh>Ru)+*KVi_)!mwXtp3*$*?Y{1 zHRtqX%gIrQ|b%r(kbCnlCPaz*ExCCJ3A@y{@OMcwLQ(xabEagtozZe{lvvkj$ros;lMin`7+S<~-^B6yO8J+U# zzTjJMo_zv`R!rfJg5Sah(ztk}$KN`rMNrX8SjpN||`KMNjGI{oz~p z=m^I*-si%t&D#~{?mkl2+IQOT&PSzfHCb;T?OY$DlUCBpoVc{v+s}OCBHb(J93Pk_ zKXRP1nlC1~Z{y)*r&iC^{c0y#eCf|`ZI(%= zjo1CS1sP9?@{vMlSh0va zYVe_DXBnmJO9a1_UdTDW{M@vYvuzbyX6!s#GFR={RHw)Gdk)lBF3!EOIL_VJUG}Vu z?WgE@Kljgjeqou3epF1Z$?jVjc4af_>z-8B{RrQ!{yt-ddElG;JqPapaXuVy{I|l> zAY*rZ)8a2rHJe(?XA9nb#J=?R&v*5|`F@9|)~%WNce#5;#gpA{=2_V(q@B9$T3joB z_G|v9*GE6>_WDt{r+mux+0`BXe_uuFX*YfTzP|X$of)ZjIUnZO9@N+0zVZ77$5qo) zi)PlA?E5U0AJ5lYspPlfx@Y#@$*0d=wfQ%7Z-jdHQk6ej{=ECLBl(=m`rQ9-6Z^{h z;?iuU#Khe;+xO#WY=n`_?#`0!AI@E5vtqt{W0G-RHp|m1um9Yhkt_NB`y-2D8TV*) z{`!v$Q-gC)cTB#l&c>Y4eaB|Y)teuR>@@~IF z-mmlj_X;O(uir0zeCGCoEuo*EEYz%%PI}nl%;LG)yC6x5`0**wRoURm5%iGfIyRf(QNBXF20ee&YfNJf3Ak({Qd{B35y!; zm-OdzJH+psdwvT4KT{iz$CEvqk481U4l;kJV|(qB$$P%)>HsFi3%<2Jd(_XqkYcZ~ z}L@TDvtvKMYV|VYfGV_au zxxOtmC0ord#YP#MJ8rcT7uUb>(dYZKvl)w@{S)w&wL7#f%xc>EIRy(Q3OJov?piWa z?V10SZQ+v++6Bv=uX%4Rb0^1fHgjOPasIv^%ymKc&v^g;`F_KnSC!wET7B$4xvYy# zH0u7Z>bM_~%BMEUf4qJE`o}ZZCYsBH%B))dJfN%JOZzfUP+F4jU)%q4^7pS{Gu5r0 z_i(2Bs}-v@Z4lW}yLsxi&FK~&XA9=vEa>?4>*89OQ{QHN`*b-q>HhcEH_g9%FW7e7 z*nZvf3vDa!*{dboe82SdA?rO~`0W=SES(~6Bdz%T`1z&x`V2Pf9F;A-GS~7{zJLAH zyZt`3lM|~xRKAjz`FrC++5D`Z$=go$Y&&kU|M87)%kEwiymY%Pc+dLyg>P?o*Swea zTOjjWx^7c#PTB(-PnQq3W?R%bon<*~n3wW=mYm=G_cJ%Ux~z|w# zyKf#kx!wPgpSxK7#-WK-+V}r7mlhT7oRMLY;v8jK=d`enq2yO*+m>vD_3M+*|MD@_ z+uRgB>uN&$G`7R1xU^1p8DvampIR}c;D2t7?M2StThgDV@$X}F$Uh>%DbT@QaK9&U zum0Ed2R{cI-B@lI5Vf)K)6*)GBOImW1^W*Bnmk*)_-tq8YnQo6#xp;exP3pWrl-!l zXxE{jQ(@7XMlUY-O_JQAu*ffJJsSgWYxec!l0SGBRUC3Kb6ec!px|=mc5}aznl(?> zmZ+pabG`7MNu1lR-*_7H(?Ie~bkc$^|GZB5v@I;1(b2}qTDwE}@pqHvwSBhAYR5ga zo0G)2uCHDC;##WBMuFJ3eqPyYl$+uL=e&*0V&AZC3U9U>KRbuzxzz{v>Bvr7r5nPN z7J8()B-Wz;u>7&og}tfs*BzRZx1hw!_@=vU$(EG|?ap2b(z-T1`C7JunA1xO|8{Gy zGuItoA5Y7=bZg&bHOFw>W_C{d$jM^%#9J|;`%DhwY!vZUTbR@W?fY2zrE38M!*8;|1zlmk>QxI!}erDW5?ucDI5HwQ<9TgSr?nlcDdqw{pjhEyL~GiO+Wi-sYz*A zP5%5cm)-a5$Jx}H+wW%1dNp@ z>)-9Ry8q<3{&vPto6mECLGwbuCF%!AK(AKTm1vd!i-3UNA6BGJT6-{LV}JYVs|M4yAGiLv;^O6(4 zAGX$x?(=32mpG<|=&7*9TdOl#NIA)norp3JsCskwXp zjzrn&|39Q{cAoXBv&x^787<6pmY46*lZ2ba6PTlQoG;fsTfgGj0r9d`jJIbmul)b& zNb=9*bHOs!@=VUA{WcLhS7ck94Ub;Cn{QLT_s@V0{0@`j&m3$2HzBu@A2JSybN)uxE}sjTSNZ-mu57OBELqgl zJ&pgmujyRp{I!X@&)UemVLowjk+Dc(Wb#atAI8DXvQekCH_p29lo^+br2Tb{6h3nxSpAxOPj&*V$g0ChM1%&GzN}#+dOXV%4^QX@4wP zMbx_$AD+(LzliPkrY$qfSKQxtCdXy@<%O3e4cBklnEBi9Th6>)hpnQs7i3&jdnLDG zK>#yPOJS*n#JQ*43wPKYX?XMW^~&2JRv=q1Ew~EO1A_vC zr;B6AvK=3eG{_jgF3(xCCBfnb`+}2K6HTTk&h56G#XjYUWkmnZOJ0F|1`GHkJT$ML zN}E0N&?c#}JguWM_Vk^;CKebs+2*~#(%VnZB`7;vOlpodVa;B7H}dqaP}fZM-)y4m zw3i#OcWB*Mzx2ckF{h47wZog6m_QPuKUY!6yF; zc}p|TGNv9f^6XvpQ*_D0uk%;jFFwEh$2s|%V&_ftKC7aZm4`msyf_U1{F>f9sZ~Zp~G`z>vQC!vUF;nSO~Uv#zbxKfdQ> z;x^USO=mriUDDV&<^8SczgCKVPkb!1)}S|&ud?4#%5u8Qt0nDvpEc_%Yt@i)%=TFw|1KB>06d}Uq3zM9=Gl7jK9;& z*REW2XZHDd?Apsi^K*~o{@pS6^IwO1VrBV$hX3;ed9AhmK9{-ADf?~uZLRl2*=Ye4 z|LeC3IQf5lUY-V?$@ts@7SZ9rNwyD+vEk;wM~_aQ)|p_IrJRRRX=s(my)H_mt&r< zvRs|MFuqjTla}rFk4t@)RPH36&77}%e_Fj-`F_T+=MB5^tYs{!onL)BaWQyH8guC5 ztfE#<_2uDb&dz?W$mlE^WyN*2>dar)l-+k#nBwj*hv}?zt4x>NnCoeK$7lZ@fwx}; z0)>vK%}&dYagS>j9lDp^nf2{!^@nBdye}ktr@Y|ic)9xp zm+Qx!%^Pwiy}qJjd{j+6uiV_cN=su-$r3&RK6PfKNa zRr^Pmw#Jd(zpMIL78u?>=5Js2T5O($gQDv9r8k%&RYhi773>yfsS-*0p1Nq>ZJlp{ zi+f*9u~)ZsJ-wx*b$J*P+&THi^|afnF7=;%mrwFtj9L-3_Cs7c!>?V1 zclG?`f)BS$zP|0&oh@zUz2=i2-_}w2Wvd~7Um|w5p|*5ynE%C9J69a%;Attewko*u zLAcAe=8@mjvy$99Hq>8f-K}qR=b8=kvrE4>F3owJ@Yh}Tn*Y^}Ve@0QonC%z-kDQw z`BA6acptys;TN(v=h3bd;W_&c>z%u{JE-=cr_tg`*TZ7-nl83f<)&;&h|ZTTK0EPG zU90Gu$n{GXFXdgT&v;8oYg_)Iru09_n=NI(#xDHGtp2bh>-w=dCi}}<8LCdb%F?`k zuxDLiTh{+Rv9h_UU$f?_a91e&eQO{5@L=-+A>E&!=a!nykX@sFWR3ad@EN_o!-Qx2vCZIAblIhH`2D=(%~!nbl3W;lwi zNxZx7cw18~w_ddKGhv}m8`p(4huEHdf7$ZebD_dZckVDh3D~LiRZum_{;2i!M^Dz= zIeU0zQ}p8a-Xh<*Z!T|A3!N6*GVk;9%-w7MJq@oi3g%x|Al+|kvNz#=&aG7?TZP$+ za#n9#5|MU)>-WrEv;I8Z<+SSKtb6?T9>xfKnJu4~-j(n;X_LmSs^h(n*iNKA?W)w; zWTn3Uq@)DL!#^KP(%;@?QRW1XZfsJNQ@!zc!BZdMa3umXn{xTH+tlto<;!~Y&UYlpJJcLWUm~=_>GDi58QX(_2kjb;%#~P}@ak9S z!E>8UwwEqsabx*C>2&bxEYl?UpR&`XF7@sI=6=<0Va(k*K2?^r+t*(xS=Or;pHUHe z%(>!Cdgd;pZwhN2C*R@xdw1QIwB;uxwu{#ntM#E2 zn5ey1`t5w@oQv`E4EeL?qHONUKFr&`t3FjyGj{ULpT|s>PJ1F!lvuN!%~|m9@uM5u zB}3h{b7$J^^Ywc8XlD0~Sh=Q&7oR_ja9Ml2Vwda5Hy>*i8uqT7xb3x_)5a&I&1q-s zCNFl}>|(5T*`#av;?D20-j=X0UVK}MYr&24MZe}GUn-r)QGWT_jF_^TAAc45=Wafm zDbxMTSLA8Zr(0UHY>aqRI)24&nY-7c{L~F^k?TuS68IHfJv?Sk>(M zBu$g~SqullLe2i)tnCgw&>dxap(%6G&)?|>wtO}G7FXFi+5A@J@8?{v%ibklPvf?@ z|NMpF*1CmtpC7-8o&M;GV#q`y{;5iP**pYze-*^+>$o(1)lx;7w^_DR15KAF?6?+lf6|rC*qb+3c1y_F+V71DPmC#3U$FGVwuxW0dozTZZyUP(a1+0qy-Gv!R$tm0RjWJZ zhg7QG&dK|dbUVUzW#T*Q-@B_P&2>G=r@P6^KvMtlx5oRId8bW!S({+6WZnHWHas(b z+5Tk8dcN_T!@))Cw1p494c@(T>#|9l>}q|&QhZ{f>iyMK#frOLD;`Ree3e>zaMss4Q%m)J}n8SF0r1CT$hHK0WD* z3P+s%`Jby9lWO(m?E4gWbNk}#2EQpY%`VOO{5|2@-gQ&nmTvn}&%c+?ifw(k*_xws zru+T~V}E{I~-fUYcBRz_t!c&Km5Bj=TvFIuO#!0(Pg`mq`2PSxBC-e(9nO= zXX{>(y?iwfH7*($M8@6@_!Kd9wX|VHA=`Be@7ycB8po_6x=SDVoW63XOZIuf+FcuO z@4xRFem-i|vQrlR&Fi*IIn@95$D_m;`F-v6sjSl1XI^zwD9&6kJ9;0>g2frGMSExX zilprP$ou2tu7gHv-;1lvn6o$KQPkzjqD#JSt9m;-|I7hNr{rY@|G66XvDo$VpPBSn zy(Pjz=)>;oF3Kk_I+oKi$Y5_OW$;-Mn-=`(Ex7FIUtz zs(;%v;n&XP@k{=#e7G}akJt35*Jn}|Wh{LEPHal&qTg5QD<2E@wEOJT4c)!}JKK4C zi^7hR+g=yGs{6$p_xGx`&92h_kIpWcbF_TU%IW*IwoebzpZNUW*PmOKh4=n?Yx3uj z`n~So{k$V2 zJe6Pe!NXM{zr9%84_j|JesI(8#BEDOTY3avw{LXxu0PIs??GU!C8?HaMC}(h~$Nvi~in=OO)XUbT8ya#oEI4w?!-6|&Zd(O&E&u=0LYAS^ z;Gjc`Mb)*pKZWIP1=;vJ9=E$SJGzs3=hdkZ;#xD6o*cL*%lc(XXg|ldg8^q(KB%5v z=q|eM{+a~^M>w^=63!=dV}k^Ri+0H$-POJ-Z3e>W9gbXpM)N-m}UC7wQ%lg^`kj4 zlcir>xD=EjcQ0ewBPXjGJE48iCHzx*IDGt6TOKEuT3vawNOZE#bn{(%Z%Xl6?VUNv zG*xr?JYK$Ulb&XE-raK9sOVOdg7x)=%5}?5&lZz!e3GA*>G(_i$Az;g&!${7v2m(j z*{U>`JKUn>cUs4%jk1>(zu36WwKn(M*mi?s{^rL!nG^fxZhjx@ zxc!V%WTmCp<41e;n%&aca3{-Aa*yl@{l%B84xU}$*v}`Qn0NU#qxY%@U4HFsMrOXx z=Db;~$bK%aA?M7rojbifZ9@%v<_j4dN!Y_b*Us4ZYu}>q&C`BKhE53GT_imF*SSlN zxDL)$Sa;1WCW=}0`_$mLsFu7<4yDKX^Mf~T$V~5gyX0c>x;s9R3p&>Y@a#ADNXz?B z`{hnhy}+?eXF((8Z&IJ;M7&(~vZ`aoeeZ@vg274EJ1#9<=Jhh{T0r&xj^wGwI#Qi= zf6j87mEY1?7Vo}N!>3k9{z5`bwDZ}7yJ4FQ*F?E@u9gf}X*)07bjWqWL|cYgPSUr{ zr}MFPmYmks(0}#p(^{5=x9cRLH&$(6d+jBAQzu#T?vEtHq+?qb%g_GWz}UR&e*5I$ z1a)4&`mC7Wl39}$&q})Zgj>w&MBXYv|THMWddtuuPnDa;d^fG9I2@26Q2$~PMFsE zC{^}H4X2Im-2j_jM&@^VyACr{d3mWv>MP%#J%?{cLZ#-@Y#mLuXLsCWg%>%`e!KAX zq~tFqzd^H(lYOS!_w_Ae(v7VROxj+}8EnCRyh^dfKuEyA0>^=+|cRSASda zzxLn8^`8$(=SGy-9Oke8=bI(AMeo`pft_`e?$6<7R4c11OYVB9ny$IKp-D-Y)%%!D z-SPhGkC*GaGWk5YrP;ULbwP$Yf9}kOB3*xNx9s`b|L0GH_P+`~)@`*mU(c%F3`>oz zY5X#Co9V;jf&ab#eT=`75bx)y>;Lb4eDeLiQqB9%?d#_Rn=3AVq*%6gUhWGmKa~f^ zZx+say#AlE{rd8>w5}^l&TK2SN^+_C`=k2r59Wy}+fq8t-Isr!620sByPF^9*Uv6r zcT{otr1mnMJNKmCl?h8R^oXrl`Rn*5uZU@H3SR8CE%I9|;pPA7eUs6uOS)>t7kaPr zFIc!_P06g%rqUPFR-FD8Q~cm`NPp!#Ggs?R7y2yc@v^!%Oo;aUXFY9>l1X*d*2T|! z%v!h2dYEuuVXvO#3BJ{gXC`hcnUeR5r&Rj1hEG|7>aW@zw`NzaUpR5v>byh7GcV;C zHE%t)#Z{zV=FP@M5oeWpt9O)Y|Ly0#p}*qba~Wvq3Bn4L(Cuj!k zzU4IUou>6v)1^yi6f^8^DqgkoOUcrlTaoTpS2>m3JmAo@;k>K+=jtow+aBzgI&seS zGpDpter|fWb+NXF)NNP$oRzGlSC78YqU^&Ct209AMh344_SUB_0h`6-fXX{3=bRR-?O~-*k1Ix zBjNr9>-NnPg@Z+z=Be)rGVAB~#(PR$#`d1P&&BVHk8VoK;k_2pe|BEn^1R*u_8ko4 z@&71Oz%Rd?E&FEXXR+femc2TkxkH;PJMNMmGv74lvD zyvc`q?9&TbjrXtT^_#jhco%;$l#@6G7hwPJtwvt<2`-|cf3JY0VN*yPW~aeo%`q$|Iz z>@(lDKfg*+Ph7-CCnW4lY|@!+bL5yy=i9fuys=v5pRe-o|9kQZduB*yhutqsoA=Zm+_ zSZ3R!*0=q$$o`u6xkgh|kLKL|FR?pJJzva;@tJzgQ*A!&EWLatWb>x)H`8xge_H6mv;Vl~^O@xqS0xYC|Km{i z-hc4$Hl8nXXIHJ=Z2D{WF{QXE*DlYoxa;}bdi}%wpGDZyrCR))pZxOVyRLoYV({M^ zao2Po%vtRmy!39_g&)7yO@nzSiQyK6Fcrq`qx@$FlEog_^!lT!QA3O z`<4lmxA)(8s~2_ewNtjnp`6Ih(xW1h;tU@Z-sy>(SO5L-+r6ZgUq$U@gZ~QUcbpe% zwOK5!N-Pr(DVpD1Saj-Z;-uQd6#cG;4N+gb)352Sh>r97`l(3huiP9ycD?cmFB~N9 ze>IcJk6iilN>tC|rdi3G3*BZ_yfP^-+GX9FS<-&(Mc|t}1OM8CvY}Bs9&jyAo0X?h z`e|zGE8FCCrymD4)tT$HGe0fsnX$Y%EM3r4*-k;m^POa*6p!|`qW`y^d?{w=nc)VV zka`!rAo_@P^VY|oE-bHhlng8Q&M0BHUgB=v;Vz{TJ@JQj=3YDId^*{7D}CyQO+UEu zR9j9zTvoGc_7WZ0XQo$YTvy?!o@=pg*9$&3#W#yrZx!6Wwe8l{nQJebX){`veg7b+ zv?k_J*V4YNn%^s#xABJ6$Xju`-igUuv)p+y&z_^luBe|qb?yYmqciUo2TtJ@pA>8= z7PQguvtyg%<=LwuMESlSw7GAXD(w}yfA5s98yUI|J5GP3Jf}nO)yCp$&zC+5o-JX0 zPj&L~?JqgL?<%;rqxF9M><=9lE=rRH(-JJ0?asWtC!r&|*T41GWaq=5czX6s;$r`O zJBYVRdriW57xtY8Gn0-NUViM$Al21%+$VeIq8W$!YkoYE zyJS_v!?L0N#zMZn)7q)YuCFqU-2E$8ceyhCh>5*1S8frr=CZHyYhH6K&|dVXPC9II z-j6wAWtT5rYP%$V?CPz9pXQ1N``cUpxH)syyC@FDw2Z(zm%1xM0!(TcEiY!+F(|oA zYF@G>^U9J7Vp9UYKYjl5;s2F>CRe{b;+!R3(6M3V4xhj6<|p2=%C6dTVUI@m)%v$_ zhUSU>Z?CymrmnhsQ>~|Ccy00ju?n9N)jr7Fp;rov@>K=XaTs(O1|7@GR`-N-; z_7~1l_HAZ;mTXa9-!n~NhMa}LUxpMu2Yy}NlfN2XfBU5F|NmqG1FwQqu<^w+Zem+* z7r5nK<%vx#nP=&luHe_VbJp>HA+g(?H!ifE_=Go5FzY9az3y@8fJc@gc5@ag1Z`_$ zDz?1MSJPU%n&Huw?UqIpo|?1g&Smvo$N732^PiK4r#=yIU%7sHZC~4Tw{`QMi05w+ zaPoipZ~cbytB2}-E^Pe3%$Zc4r1{@_$(eUjXL6cl&YCpIG?!j$cq5r|Bvbe5l{~3) zF5PUlJKl(A+Jv5e$^UkT`U};LZ(9m~?cKa3Hv9vN)8hS)SxkTMR5AoQ)$)|LNS@v> z)1<-b?!ygxTuqiff0OcDG;mv@wYB|b+33Jc!rD)kn5I6z;=@y(A*y#;S%$CwSN_YO zt2ik5G4G(~S`X?TB2X3Oha=eXpw@4MTluWj0! zl%l|TCG&_`@HCsXY2_rGyfSfgSb#@i}#%q_q9gOKwke*2c_nY&)E-EgPNkUMGn z9E;0*dMS&Ir*5qK?N^q+-OwVrw|r_oX(sEI zmbr_jwpLwnVgG8;?ACuV$gi|=)9v8p^S9)L?K0Zl?-m#}>&1to4#_ERue~a4T+=#n zPL;p|Ka<5bC$4(6|^O1qASKUavR zFZ*@&j%`-ihGhcD_hx)9O3^%4)9|FB@gxt+26NNZ&E}tUa&BeK4*L)}Is3?-G-2!O zv#-{w+&bGkQF43bu9OR*?wMEBPPwuDW++M1($aaAy+|%^>CC6W;ckjIZWX6i$m-9cKnVJ7N z=s9QHkE407{$+iCbY{Vv?0v;D|DFeHe3a?hUOVx4`5D(-BXwQhth!mL*AM4N8`tRH z|7K7h@%TYOam$6DWpn0lOE??$!e)ILTgCnQR{6d5AD3_6^HDkKihuh1%j_%7W*JOn zFb{ZrqxK)?x6mH`q+j`}&E3nI&iKdA0<9U94=&`p)4^;RQ7-%Bz_p~J<9w!{c3qv- zbGk<)g}E_%%l!algSYPWPQP2;N<}VSKTCc7-R{y;? zp3xzGrGb{684Tx->+QlQHxwaK6WG@HG7GJ8m>082J;_baMBEB!u{!!4s zZF7$muk&;l;b(L2aZT&`#GH|*)lwD1a(#-=```C{i+HBw-RfMnwej?JA(y-61>s`n z{t19^@t)TfUh%^Re+c&$FPE6OOHsCh20%DZ%W-wI31l?JEQrkv2aarEY~D>wHtD9)c9 z@l$2%PlhdFUfnV*d8`5J+Ly_lw0GOKaEfoK)UA8Fd#vS_{%)Jyb*Ochq?A}u%%Pk7 z3l^9BEj!huYf|?_`Qmlg-J457%wA|%89%+6b}G2`S*YoYWts-QHl{C3Qc~n)IUesS z5ZkTKCdHgOJ9~rPqRW%5z9#VeVya*}k?_`9;o0M|PY>qXJ3hOi5ovX1+uJA4O)i$$ zvM{oS8wqorxbZR9sz!e6rBZ9Q$f&Msxl58-3$GkVUb@uovE!FRqOKYFS}w_qGU?JU zE@hlhGnBb?yf5>n#fjAV7`3z4QyKwR4ix!0e`WIgxZMXco z)9l^hx^1q!-=5Bj+`qMH(M-O38fJk7Cwu!@7C(9~)oZnE>Ww3kM^5)VSu7wcV=?_5 z$DNqJO!szkE4HNkxZ8YcMU~Ir>(=ty{34hYe>~K@#}ctU|6OzH$;qpA^_vgtd%sUV zZpC2T?r)->V>^lUiEU}iVTNUYL(V=dGkH@n!C7s?|6PsGR=%3o@g;NhjqgilnV#Nw zzs|@=L)cL1?`4UXR!TS0D<3HMzuV+v?@+An^yHk#dd`ZMoy;NudA@UPGa_SG{!_l! zTz;+9>+?oFzEJb)AAWVcRDi7oSSiA2@}cvUpz7M2?9+WoFFn5PaEhaQ5Ki$44KZ49?b@ zwbF0x*S9ji7C&Bd*qc3AJ?Pq`nLdt2%zS_DWu}uOnsWLMFu zOFH`}tu;-G+dS{Bb@}I+uTtjDnbE&)-NpMV%XV<`Fj%JLm~OjxaNo&Uv(C)vJl>R5 zprUR0H8IgJO;@1o@vFDWB8h(18jrZ=JPim6F}N|IC*}GNn|&tC`wZ{gU0J=-o$Yr| zcJ_@pyWKJG7FuN_FN-vhm>j*;{)o%&)Fg$8pZ0#%y6;dY<}jnc>iT3u^L-)v_lGd$ zO))X6Ia#Zk(RjgE-MC9PWom*~-Z9sSH-$?t)y2lnl=>W%<91WBlp$` zxHd0bA+T31`fN(C>WOPFG-E@q%^M{t@hE6%NY<0nku=_U}{ywmE=-Kyx<$i6#kKIdz-|+J-i^?|n zY@NDVz^P~BiFI~I?ig<<{9RY^TI1gJy0g~(*EZ}gIph87cE#uTKBj>0Px6)pcluja zH?cL8hE7>pyjd`J@y{*4&d>U^DN`p?%dE^k^0@!M_ilUkS2gaB{;YJqwl45&oBj8^ zc@K{3n=u4@|FZbXnWv)d+uH8NZ~FMkKmO_c|F!>R^j_RcuKeIF^D9z$eUThi zJItQdyvlv}^}64qJI_u-tCspSQe>usV zNcB!NdVV(I?7{Ta>Ulm3S`X{bcac0bZO$?APKyk?_v{Cvw&qPb;Kq{vSKqSep8p(~ zHNWRQI@zna%~9>PRAJGlt;$sYM-CpA zs;~a_-mPOS8EqWg;K)DE?!)hz0HaC+&1E~TDzt+qX|66aP#_nwT{>o>piq+Ysm*Xv2jmH`VUY!z)bPmfw-roApr{oxLN zcXxBu*_kl!?@|ol&e>Q>@I4}JZopAcVqhw zqu*^a!h;r-E_P8Y*edz^QdG`qHH$}l1~J@OT%B>&Yt64L-oI_hoRwuCCoZzvUv=-q zslx_em}mX{nEUHc%jAzjXD5Ap{@!IhbNH<0j7!goFUqnNdGDy7towK6XZG(`8yVKE zW?b{Vzkd1qS&RIpuQoN_)^fAy;>!yR8?EcAoC9`Pc->4r5cI|BL+fwOn9%c_Zkt(o zrF2}aV%7=dr3cvVd-}@AZiT08h^VsI3sskgO!Ms1HC`Q@zo+7iaf-tB``4R)^Gyi# zIQlM2N3%bKW;F3vu? z=hyc8kC%EMXiKkncF?3beG5_#NTRmgnJ5?)-J;(B& zAMvk0<30DluJjvwEjJ5lo>o5p;VdshoZp}8`Jb29|JG8sdvi#dM~H_l&`R3!le}>(EnfsOo-w*oTUUz&YbDx~G)$`N4mjC(x z=5BpR$oIYP|En7`DKSbirKxnds4Woa%$Ry(_0c0=TzvN%F4MJLetb*k{cm$r?%!J$ zYo2>O)-!xx=l4IaVr_HJdtG|(>+AP*iS4rE@yiWQdipH6A*JHwBH7B*WpGr`jZN_| z!{akQ{wDu8`@x%y?d#Ww(@!^~zrXq3w)*_MnSbYfe=a-seA{v6(7J2p_m^!kwMnel zz3auR7vJA|o#)=!{f+T*dp*zXPNAH;-+$lg3yw2(V&8f%MP6ch?xTaMoEHo=+TPV4 z4tKt(@xOWPZ}D2YsMDucO0JuKbB)O+F&9R=RsXW>-CxbE?SK9K(Hi?h|GqOZn;pA1 z*ELGxo~>|k6_pY8lSiuv`I>P*}6j=THUFX1-0w|Ux~#Qk&olBIWVPkr$D z`n}u7&y}aPJpUS%Ja^*BE>X7w?RzW4^XG23eDCj$x8m9rukHDg*%xhkmwt3lp>6f! z;-yoUy*m8oS@`djZyHuqW=C$%Xj%VfomStRjJLIMx%F0^wLf+`FWURdL*XWS!O>$6 zy9(D`e7|({+Rjyz?ti%Td+U!5rDR{bWr_V)KgwFyp4=y4biH=w)$P(v`{bO17FOsA zUG|vE`(WwQ%SL^nw=+L~VSV&A>u}+^S)VQiJAX^{zpuBh?9vBM&E-*CH|e0A$(zqgjwXV;zE_qAmG z>bHwpcb#sue=N)%7uoSz({<0I1>5%N1{fA!^}c;Ht4~(*X;1Q#F2VJiciwN^@Gf`$ zY!{OUJD+fbTy5F2>$Jlo-Me3vr>~iEef!s1KAxp&+M?I2WY*3tsrn_~P-n9)?Umou zqE#!cCC$uB9~}<;7IPu#N!F|#w< znz8mk)cXZ%Hy1zHc&B=ug==zoQ+8ff1$)x>7>mO<-+6WaVC~)|{P%8NrruX;v@iT$=PZLFlAWd4E&E*2!&M_CZmJOAo$$)whw?eecxZ<9z`&MO)4@ z+cS=eM`?R!Om{XD0$xsknzDlay`p)|HfR``(UoJm- z^O|`VW9{)3yH^@cXqYQ1{^{W=Vc}i%M<1+voD#Y}IWejrd9{u6+oNeQ&G!BkwvFfe z<*&239Wzide!s1A{l=vi1uJ6jCaF~3kk>tu==G}Z|I7bz_w8?r&por~PD$GDcFXzw z-=g-uI(j*4`L7@Hn)@$sN_d>&#V!rT2g5zq03p^0#?*2hPv8IdGo+{H6+S`@g?+XSDwo z`+h4}WS`g@K4n(_zsmL+GByUY*bukHW&%>8wVM@sH*_${PSGtKt=dg^BmZZ{S^a4|dy_8|Z+*7Yc27b4hxGIZ`=m3L zJZ&;ud+*5M^;0)p-#NY3eV^CCUn|#zS&QxPhWAyQPwMTN zKkI+RbgAjRn{2H$xQ)WE{JEO5OFcxi#4zRF?oONEc3QV)t@v^N`tILt*yti{@ih1lY8Uf!YXsqqq|pV%2m{d zd@|Zslb`nDm(jPdtE}Rt^`@@UpPBwLwF`?He+ZwsapU9*=0ysJdm8sM&y}@4B;|h7 zZIRH4J>M1OWHeV=u1j7%b=9S=14o5+t+3qDJgfQe*=pXY(-j51-QvX7^{>v{_vmQq z`ek?GY)iIvsIc+pIFv~3+?nSWa;q@@?UI{O=LBCrm?^Zg^um;s&rU+ot1>^9C9T(y z-C&<~uT1=zhW2u)rkI~QA1&IruW{F}hue=$*f8PfcK%z6+fye*-FI?spT4d5>7S2x z7NkBqB3!$(_n@*On^5cA3fp;%;)fV!Om+&|BD;He^^DUqH!|1H&0D{~BIEKBKdC

@-7Iyg&?~&RRhdaiev0)9Bi&_Kh%yoHrx0qb%vxr{vQtzGI9G=~5 zd&Rdrn#`^i$hP}wm{7V&!v04KcWz{TroyC`^Huk5r@H;RUtFi!Y{l4Y?H7N|>@h98 ze)pN8^94o~{WzzrNK0N>-H85a1=kW3jFb#orvKLx5bV}8pZ@UHPT#3FZcpl5yZ-Ro z%qLF4Vx5OWHNW%RHEZL}K6$KSRrIZ0?O%PQzb=}qXgc-DEi)O%Ntf%&xp{eYP3A~f z#jo#(@Yz{z{3GD?$_}YTOJ_ZLwD0rPGgqF9%uuh0ymi~->&|zHlIhDQ%cdMZHd}ns zos@$QzdqU!cDX29tkd@Rxee?8I`Cg~EuZPWc2|dt$-kM2NBA|aSM==4xlwg$ z!a1dF(U(r{v`&7IegFQ+bYEVJS#9rgITL1Vp77^rZM=bcS>5ii!X?YqFGbvK+J3n2 z>5B#a7J?g9?mb$#R5!xxsGn>U?5;K{_JKpzZJ@{$z)a=NY;^-O)*5dN1Fqul#+cd-Xx5$O+rHH)eVtGrV;mV_l*2?{0&MhU@#L zwVgZAzx6bm?Q!9kjWTJC|7OTpSxZ*jxmTp!d69ST{K7@)yuV^(n$BC)&Of{0^P<*G zj`yd#ubMQsrp_w1*CZxO=HDI;1LcXW<t z{wsOFAYHLMy|=Ee`1);T(XW?RZVGqFi}Lz$cTJx5gWdl(wO@Vz_EGb9ub(d_Tg{R1 zjIZKVlJvpyF1ET z6TEjY8b9*z=~;a9YUlRnPG*f3i__I7)l{=_=XXm-Wr_>-SN<$Y@}IwK+fmsSOWwpC z+j79?*jn8X5q{qvyarF0@|0GdG~USW?bPD6rE`zy=9Q~|PH9WK{v_nbSQbg1@CdjJ%-b}AQB|p+6W;^~` zYj!T?)8iGZkItPWSkhtg{^+}hHj9M}`-&3JPMG8I=BC-5@Y@Ae3b|Xl*9#WUoL(f> zUYpSxpVZZ<60f~hcHTZ0kuUSoh4Oq=AM*(pPQF*4lhT)^-S~Q)vFBN?e=9#Kp@x0-bd4^SO3Po-@h01RyM{YMVKk8fjI=$rApNij8 z@4HL!oax~$yT@_=r|zvO$3IDi`9;6oQd)XkO4Pf?ORGF>*`b|5eXPDeVi$L$1m$-h zO)P%g|6<<>e&)FAb?awOtKvRxcRI;+-pcihOqJ&Kq^|bJ+wdu~nK|73{`1}!H%~4} zPoF3?>HF*pUFPB&lX#u zH;r`;$MB@9Z9g}+d-u-P^Sk~q-`}jnE0K0=QcX15%gjz@p)Q`;XJN9v&Ozx@VtGc`);a4AKe1EX_5xoLtMWQBr50ZNb;QZ|`tsx$8uW3QDf`lX`R4)**kcy~#~> z0n^D(Dn0jx*8Y1LvO`sg*~P70|E9aQ=~Qtm#U!L+nHBy736m)QQGde<@%bA zI~7*aD>mHt$YA_j_n6I7+cT~%O}iQ04npoSnkemVvP{*xVCvM%7ZRUe>C6aQBe6_; zZpVooXH=3Ga{kt|o_Eeo$6cD)_H5O!nxA{VY)hIg=w6jKt*WT=gu^~JKiSQf9<{!B z;`&7Uwz|^g4xu_FFfiKdawIu!9{cgN6V|58?`WA|*d3}Jykhn0r5`8F_FFIhe(Jm5 zN=k-Dj!lH5iZeXd0~(c#YF*E!CjN4@x|R3%-JG2(Zg1%DQTO`M*#QD4z6ek4s65(L z;I61-zG!CWl62Kc^F-e{xIC#6nLVxDZehoXk|lCb`@xP-Qo3%a`bTBYpS2-xZlC`+ zt$@8q_>;BezI=Pp>4#-OX2P&fOWT(@F4JUNZN5fLu!gjjo%Wciv(LYOX4|8M-`7;; z@$277=lS@{>A-!jqx)oKR(%(ARlPa8Xr}DD8ET9E3E1BbHZ1uy$-Uy&y)7&I(?#Ac z=P!J+hxh)u*bPfN_EmPz zKVJ7q;Jw_sg;&`tXU|W2`)6fGX%CN~${EiWe?NOwYroT0J|myDxmZ3W`11OjwU^E< z{BO}xcslA*(jnQYurL7Sndw4x!3y8k&zDVZo!k8>y#B=Z`x|&>pnRnwP(%5rsZ{Bj{7wahe`M`$6j-OWBsyihmD!-6!$|K&8N4`vp&;U-gnug zS2*KL^wH$|F;{;te|vcT#@{Itk0nESGFx5O?A_ArEUtCqd!p3+xcQw$bi+!^%P0B&dePHnb-a_@WvnH2`P5pQkDWt z;>;IY1n0eJQO%AhD-k~)tG>dboPU|mTq#6?by+9A>cecao*C2GtUgSAQ$73B zHOKPu2#X!-SqwHk)%!ffU0f^HRBTnvf!xXz)n2>(ip8@0y087d`HI$CoBsb=U-8%e z^ora!hXm$39GVkRU>;cgCAMtOw%J{$7sjTBCrj?G`zp;Bb}QrSu?Yt1jV&4aYqxpv zy}fzx^-;4X{%tq?a!=;*&3}K0{YO+^@rRb)S^VX^Gq%0=-!_rC!(?J{In#s1t2U+0 zD20?1;1qqLWQozd%p+U=?Y8-Sa(Pa5zWV+8Gfo$`Zwm^^Xj`@S&zt)FPM*w9Z2l=l zPm5dswKgv2c{ZcR&SJ*q>}$)opC8{{`MPKJiYKW#xAx51GB3-nUOV*t`$u<;&G`QA z>)En?{Q-$Cmy~ec_Iox>cg4M*{f&QiP$v0)Y;WqD>dzeCgnwI1`IReYz^`?A^Pcn3 z`y@V@*&e(VdA#!P_S7x&s@nNu4WH!xa=X8!%G&Refssvem71Zv?DE%tDs#d&otz`s zl#6sV%|y@TT>CSR9@!=TuWSClw^Bamipu^z4$g`D?`l^6Uerrt!Hc8!KV4dEdHsFC zJc|w2nOzdS<}G`<@0%9ibjwDQYk9AxzhUn1QTY8&e`Ai=g_iLrmT-Hvips{C;ONF1h2kplpj+ z_2(9IZ=|%btV5{ovhNhZ;8mSpt~g$nezn2eqOetUg}}>)hoX; zMpmYr=QDC%(s}zm!-vHECMti+c;8%^Q^w4xbJ~z~ZgSZxrXU7AtAbzb_p?(%4?c+N zIJm6WammCZDGhqJ>_7LFXM(a16mtsmzO-DsL!h;{qsyoi@VaZ z1SS{lNOu%@uq^3+e#Pq@yw9ipduXvS`c%dD?d=;|Q(D=Krt2w-eTcO<(ihvlvS`cW zx1N7~?%iUQwNm5e`Dk_Z?awY$?$ZjmI%Dd|CdtXWw4fdbQJjijKg>3Jr19gl{D%!+ z-QU>OHq5uLY?#kJ^YoT~l64zy`h1ykTwH4NtHZX!u(bf^{!e-Z}yssAC z@H)DG|G9OaH!nvW;oqZ~f|s@S2A0_cfRPnZat^U^w^B zRMtD+k1D;3&)SnWxt8I~xzx~qiDgsE3m2{F`r~`^3}3lV^U)<6zssIr}76k=RTo=lV8}LzCQpoNJ0Y^)ICFXjx-e`GP(}EwjeT@+Xt` zo6PQ6GDBcp;ev0kjQmO%JhdYW+x@sfE`#FhlRF+gdbFBbOo!pYpP!!-dDB#`JNGn4 zmWh12lD**>XcTk)$7Rv~H{4o%xT6fM{(LUd2@6DScbq8HU>{i{YoxbW@0egw@>qXBFZ(s4I;f5;zCa;r_ zmNzJ_1t-4l6RK0(l5nu;o|lVcPz)=AD_LoPc!zLz63yGl`8qb}P(GJM_UXcJ z-bXebG1h!tXn9K0-b|C<)>29M#P3hnKfbeWc^Ieqd)cj=&skyDrV9T5$$oO4@Vg8| zPIGw@=P$~bn)yJfuldgp?b{lXPbY5Q7jtIX(Su=`%fIY3ul${$sk;1a zL+6}BOxM=_*ZRKR#Lyx>Z_<$S?)o90-lC-|t>d)lqOp8x3I z)0anFzg8dNuRHTh+`YHt!ME1P@V|;>wHb%SQK8ND%d-jY9OBwtD2{lSoS zWYVN<9je;l6RgX3Em_Iqa(9x0Q~LM$|NLTdV;d`$D>rvujgLFsI=6kp{5!|(9xoQT zYx^WY6db%DV&d!up*r)`eB9RmpBLx+Pk9m0^X>A}8~)RS^P-GR9-1@Gn-%-#2mAT} ztAwd#I!CKFio8#KEidPhPtHo#g+-ry{l?BRmCp<$<_8^EYjA zkDMs-ZUG{lrL59?SRPyy^yz$K%KXAiL4Ui@BeQsvFWQQx%j(VPv(k!HR$X%K!<+YU z39+9f!e44UoWE;w?XjhKxK|z1i z&K}l{|DjVoFaG!!Ki0Cq&kwCbekzomtO`3TuNrE8*d^~F*R&azJ!Z;UJgvArd&RHE zc6{>+FPHqO)hd=xjeI21QpemibN@8``^m}2-TnIZ#JWAZ9-a_V9tMgtFrGNOOON}0 zkCa`~{c67iWqxy8P2K_T;r6ivoY$p1yng=fr;x zpU(eu=9%e}Gv-3#;_h<{=gzq*UHNEd{O31cWA2u3?BQQsD=_u!-ud!-^J8wkQo43` z?#0<}m<`VODSihx8yhCi+I8(@&yTkBGx6T{bQb*7XkUH%uxuZ=u?;4C3`2k1?TMN@ zg}Ff5Gx*}C)mx|V-z#8B+xE}i^$CmQrpsTB>e_rv<6M6wqT=_AsqMzcEPI}%oH&;r ztF~v;ZkE@-l-zn(JY%^1oqb#JX<`3>g4-fTES~PU5;EriuSED7g<_@01#ZWL<};ME zXlyxXHEYG6%ZYY&)s5Hq8pIn$HyC*JZvGx@0FWZAZ z$Nz7?{(p1Ntz&vTA30Udbh4HUZ*{+)dOUmg${jK_f$Kk8)5Se@0n)!A_pjM+5TafMX3z_>_D7xZ7iNJs^Z5A@zCrzJvY$_sT5K z{}h(K{;%_cV@1XESorpQZ4XQ;O4=U9XrRA;asY3e z)!mB!HS?kxp7@9z@qf}7wer`8!|&`G_%|s{xjG@%RHo`PM_Ihi%lh5DgpG1G{=i4>U_uC(1 z?oN8x)$6=p|L{xsJxk^)@3(ilyyvRTulw^KH2O3|dEK+~dfkv&_NMpV#O4_jk2SF} z#9q1L+dpL|*q>m+hnM$dWw6o4clCQ(_I|b8R-d%|$@KfnpPVhZmV4{a;n&wEOtzW! zYKzde+NBe69pB$R<$W~z1ml6j>GMm~<&%;nUQS$`{CHP>>#kP?Yc{e?3^-65Z(j7E z_wAm)C;#TeTHO&d2`<+u(6+UFdCOV%-mzzg9!&i7!&}7ODrZUXp+dt835Hsxtsk#G zxoP=n{re!^2k(zuz1G?vVZ{Bv>-T#<$*uekc3cY)^H4eVq`s5Am@Q24*qPXa&EIcT ze65uZJ-&L!@j2$_-f}G3+jThAPoa0~?6Aq#>R+5Y!LsT7f1$q5yDjd4I(X|7-u`Lq z{$0blW>>!CF^`U2cUer!?&vA6mXotsyLGRuTaOvr9y1J?mp_X%CQKfYeIe%Uqll&2GItxxbw zRLk4Xe4zbr(CZ1i7mKY`vd{dInLIJUhx5*kJ8r*!h(iW7LB;CC*Hg6q$5f?lQIcy<0qDy3MbsMZ3Enc}cxF z5HTq+%_q6y&PM6#HIAw45-*<$|8dfKx5bAOQe8&w^Y*Sg$=SW$@MSo-VlZEpp82Zu z(pAYFQ%%zMlon>Lsr{9Ct?d8Pw?#?oZ4Mn&HVxVPpKWcp+|n2C1ipMMM(SUFo6J_9 zUjAs?OfzwVi3>d&mmT|cpto3l)8}}8_PNi!%D=6BStQ-O`b*F=HGWG$_St4?69XIn z>uEUNE@mZZ@f;`uo|y zs0j~0f6*~|bYXt*`6GYhH4k;P#p2N#*|(&YvRO z%3ob*7%Hn+@!(#Ut$b|mUD4L&|6ju-+B)|CzPN5j^ZNHi+V8X%#w-M9D==}wVbzDp zjXghee(tVU`St&w*!n9|Hofnd+8b}^|3T#sZj51ZXSH{E5m z@8qzHB719OU1#pDc-qUa@%Pm=g<_RNAKp7!+an5XGnDjB#9TLbe(%pROMkmjk^Rn% zoslz+Dy>?vL~J+nrsw_p&fJ&*D%C56*W8ny4(kIS5>z?vzoh`F0lQ9l)rZLnXP&I% zytAo{WqrCd|7BTk=FT0-?V9r2k~Z{RdQ`+9^ao;IPDT zUE#hmi?nMtK@2hv-YP$Dz9WBjuD2ZDoto#l{|p|UI`J~Y?AVk86DBq;)O0@Z{I%Yn zo`V8io6c1vFR+*Qwa{;W@bTD|Q}4c%OrE?@_Sdqo)tfa7lE3AowV8{6QY!?{bn^P) zDNtHdWmJ&u`^xm{E#56V7VLf>tNHuiX`vDipWp1(H!FDz#0u|!+IP!h@ktpEv3K@9 zl^1fl=JwyyW?Z0PT^qFemCtIk4T2hX|1!>JkrXz{`M94kuK1|&^y@>J zb62|$=kXs&@lsUlnFx+&Fmd8a(4qHgDYg0P?EO(2cgIxxQeRgiH|OipH&y@K|NN0i zsF}fg+S$-!+05R4`yRm!?<)G__l7ye`hPn2_|UI|=Wl*{4rbJXHAZ{yg}L zJ=5)zFW=gHHMf8CyxMC+T*(AKYO&XsRbiZ%P1^h{rc_d${9R^97A z6zcS2bA3am{%N~@Z~aks5y|XNhOJL>QWT0`8YMB_Z*_iiqjZLryY;7+<&lS?#%Z3FFeOd1)$qKwjjL>L8OQH}@9wG-D&ITX z?8qp4k+dh*)b+dB#>dXm`;I-{^ZVGx1)FESi#0EB`m0#CZMo8kIc0o%zZvs=wfh$( z_d6^7VoXYPJ<&<_wWgXJA$TC^g zKY30sPtSkI`8~7m+Krc+rYFCAX+C|H^S+;cVe8_K|82FDSnRa(T1L^nf5CNIEA*}F zxA)u2tb8pebjju1FJ6(_uZh=ESmY-dSN(IFcX#6HS=+xAZdfv9(&ff46Ei%Ldz72kcTcQEhTX*zx5 z{v&*WYS-)*q|67UW-vZ+)`N5Z>@!WQ+*R6whqDS9U1vI+EsOh?%K7cxlKG&FJ3a2< zgQFYV)E9T2PrmG2dF0XJZx5oUn3lC#FPa_fuG{`i?x3g0va9?P%+>EOB8KffELOD7 zZ|R)bzJLGJN$T5^Z+=exS9JbB_2>Ni2X?hzIxIY^$Mejetstc$tZohxSzg4?yN@{%C<-4oiB8GW(MruA(PZZu;!L9%HWa9PJ|Bu~vKfSV8 z$}|2et66O-H^07Vo3)K(bIb1TAG_+!+m)_s-Za0;qxNb4gznEteEe(7R`xFfdmKcZ z@b%%e=hRQObG1LST;opR2~*=|_J@=o@;y>By}hTe{mjEYCwQO1<&dxK9|X_E#bsSG zWJdGEmq*19Gcpc5{M2qOv@`QZp`}zt!HyZ57O&gPTHQQ%+PRfc55F#bnZuaBqB$>lBw59AreNnHwdadCOV_GHtvqBRSJg*I!P zF>bY?Jd@7FW>*N-PU$JDAud>E^~u!t|cq?@r!eQWU1?J zi#lg!QBeAI>2jrX7i05k(MV6nX&-NC*jG*4w%XyXs+j1VqcOF{udkME>nWNot+eLK z(sc^SWjmCGIC~~vsYdl`J`O<}VZT?;#^>q)($iM3V1w+c3 zWw+D4Co0Za&R_K4dw%hU49ikKgS02b=Wp@mR20Zs9$WZ18a%G&D5qiC{zrA^o$wu< z`fE%KzZmtk&TaMISi2-a4zir_*pGw#H~%D^)QH|Rb$Zu!gOZo?*f$n@Si8M)_m(-I zE|)R*bbmgnf8#*g*X$FXeSBxiLE}1o5>IC&$;m^fb}v4QhODhTdAFWVJp28=8wbRv zEf*FS{d2MH?)1N+cBkh(zkab;VXZvfXhVK_!ax&IG=I=Dw+jeg@KLd|E7Cv~~ zt9D|a#N{gX+{ZJfOUtMmEPGsIb6WE9$@odyl6eRrAv_qVI(?ua?Cg414KcWb&u z^~Tm2tl2xVg^B~dbtSEePDp!I#C4|mdlP%LtK?PPI0KbQTb1~OzdSi=H0$1xI~q;- zr%R9Bc6vK=^9}vu6E^Y~><`ZhcwV`re{l0zkf>G5g)EQb=Jh(it>#>jyX(JJwcmZ) z8dcpBZrkQncE|n?ZIye{uF`Zj;HO8#f_2y6S2^M0>SZvWx?alz(U z>$}6EMcs2k=bWf%Sj2l%SzRM_!D-(cx9=Dj8{V1dqu1QIWhZZhly&Evxo*dDlOtD5 z_U=8qV^_kll;h@2X4#brH^mJnUs2uVV71gr@8XR&hl+jO8yJIc#Yp*?Uy>B`jyiVZ z{zy|EGmi=d;xl{ahO{!&-lb$+% z+k>MHkLLb#)b4(CHgbkuXu|iBO97$YSrby`?fzB*wsFgwPW9hvr!J>Fydin~z~hIj zeA)tn9+d#hzaN^UF@|Ysm2Np7uaXd-=k}t*^YKJ%47JA1DN+hN8#8hy0gm z@=ue!d(tkMF?#-QJy&lZ7x%{Ff#>c`uRElD^l8rjbM}e9zKchQze#$qAWN(NwBOTz z^Ebb}8uaGq_LsMRdiFHE`Mvv&ZCXdCvWm#q9=PrPZC8u+@JoDBq+% z?afzLn+aFvvVJeW_~oNrS#8Slr2o5T$klhe3E-Wb=An?B%BQ_)v!QC4d-2iEwQp*_ z)#ewX;cAY5(Y_E{(A-_Kv}F3~Yh(*6+ZCyPtd|C(P~uXs&* zI(u|#!i-?&M^0kA(+&GQQXU>skx8HRaohF4RBu)LwfFbPNr!%Ils|UHM3?XHgaeOj z|L(}Pyg2ub@tsLt*B-U1obNhv|KWo-FSDfVK0jJz-D{e8;X-G)Y{ag~wQVgt@8T|* zYq>pNn&lVqres@4@glQEQOSpXnWtvlopkQg`FQsAe>y78c#D6!>7JgMZSB1@_uYZ( zGeOM`AManWdwu*(t1Ew+a!)vXEmwa-Y9?s*e(oIqi=XYE&Ya4iy64aDqBd#WmHS^< z2>*=#&*(44WMNsbD{oSheEYq(CP5#rtp4-sr|z2Q%wru)SId|-3p^nTr=rmvbFPuSeZ`+DJ*tJ^i@PctfAPn*^`=dAsM zo9kI8)u_5_7q+QR5DCkP^M1EUY2U|$IE9<+2{U|ey=srJmOtPgn#voS*r{(4WVe0h zR?E{Gw>~LUZa;fWfYU{4hHbqm|6OT`2bao^Ir+N(UwUh$O_7Xw!k*`+YfsuWoRA0# zvy-T(tJyjwv^DR&>Jz&I&flMW1C5MJc>ey=T>E=*T|w;T6Q!q;k0<3G<38gP>om{n zcb?GPz0PH763^Srr${#*_KKAj5cL1GXyWQ?JjI(&%n<&ebvrEFck%Y;a{Ro@vzhk_ zF7{3FZ9Y@|*fKid$F<0nIw#F1+h_}vKUtG<=BMS|sR!no%-Q`bJ%e`Z;sH;D6J9iu7dKh$t`nsmNQ(6f@;bo$7|Ut^S|x zuAh;=FEJ?XX~37Yx^Mp8^PBVg{<1IYxqtoo?;9cXbG3Y1dD*9f7nMGR`=4hl&f~eL zWAL0wwO~zO+Kd*h%Z4*1AK!KL;JX>Vx0*y&}I*&72Dgic^*0YD! z&*hcT&XbV3-Vv%^7sGos&s<)6lTfgjb*bf0lddi(74k-%`sD&6|;W^Tgf$6a<= z-Y{dDAE{}3&mrAKsC!?5cyV==e{9jikIWM<9+`bc=bTSkn#+II_M6uxR+Ze;)>tQ3 zHFNjUT{9lN5|n$Mr991k-ob~>8NqU^H?>JBZCyIcKJ3Ovq28D8LQ~Fi+DV7s-cT3h zyC64S?B`-tiMH3rr|z22v*k$RdG8g;vikG8+h+M^7VP-d*XY6A#+cceu&aN275ln% zb;tdJw7B1Us2AS2?yeNsS~=sEv_6#&RcEUKECb89fQ5aIv2{kwe;BUcz6xVvvct$4&7$^ z%KPQUN)7Hg%rmDR`!vddx~;w6Xr*k{b#Hm9kz@OmAeyv(bmQLE0IUbyv;caFXi z?-8{#s<{uHd>s2;&%0jxpj6KH^G@SAxfuuFF5bRA>DMCHC4ABhlE-G!2g(}PMby|AJALqlyko z(JO735>g&NGT>kOXw{R+L{5uQ_Z(VM&C21h{CQK?H(_K&8mPwN)s`}2$8 z+622zJlUO{OA3w)_@rEU@j2$b5--c$Q`(Ix>MpEWOwAphh7%bIZgze?rE>K8Y0u#D zby|m~7~RyKEwXM_@|5UT8@7M-{>J!Y&yMI<8)S5k-V)pPq3J_{eQ8VbwPOyO_?h-D zj*{LWV|{hK(X#nv(xOY3M!bstC1lHB$G`5Gm5zIVLZ;NhnqRBr^P_c-+gY`3U1@!j z{lWJO*AgDy$aG&}miI^LnUTKg1m6!Pu?agoWW=SIGuK84XDX{)kXi13>4M{es`Qf@ zd$-)mo$}pIeWFB~gn>)r{?o3HcXD~z^YNrxL~iW!z8!h$Uj@(Vy}1tzAAG;`|GeV5 zT^nmJ)$S?%*=ZudRC~NeF2;9jh>Y&zHyrEv&$kBu`8Z>$+w|q{opzn~_5Q1QYWa2U z?5y7JHzd#8cU=6GW9ih=y(jG$_V1Q_{W1B&UBW`>8+WYJCX6MYY;s;>=i>|p6R_$V{~fsga~!ncdonyWu~TU+1R zBk}BP^)nfvG?r(%<-OBd&pcpo*x^a2{<~>x ztNP_1PO1IzU335bshd;XEkf_l7RRm^SIy4V#dsav=@t|FcTz2boqpW+ z^c_yWEKfNXmrB;_$d~x-d3F4C-r+pkV-p{5J-qMR`b=r|?ir`|JaL$`{%l_I3x5@G z$JgrO`OPW63a=!tWIUm6T-&1Ga#8Kf>c+zfTdfm6o-oy%*Dc2Pr%HPLm4=Vq{+kjr zXS{wXwdN0FgZ_l%eJ`_q|1zAoPo{$ZUqJTr-K)Mk>7uQVp_+n?b8medA;SDkq`jpE+dEyt>$R*P0LY?#d(q*rvzslJ8=wRV8q1$u*Bx)5#ZK%7%B+=o0R_S|R zN}5~QqZM|IPm|Q++IeT2@7z5}^~APsAzXc1Vwc%)RoClY4p+Ppu4uXE$WBj}+ixps z&YGAyewuJ+bF*5yf~L^yoTMG^BIK%Bukz_j2%U_QT2i%q|GVc~&vIWp*?l73X8U%f z)9+V3KGGR=>yDY$>fSY{-g#HFXk9D(Xjb$p<-0-4#^RHwqE6gt$xvd<510P7YVw?1 z&UpzLEA0;64AVcNvNcu@3 zJpblB-BS{`;^@4Y?JKJ-gX0qK^DnFFpJ^C&+HlA5hXtX_{_=(|G>-|r^dQ3LiRicP zoE@v?A6)nG#>@4e4{4r@VNFv@jN8+3rNa6CrZ{unuevEbo8N?du!<^RKB8h+E@S)s z(YpwrRg34eo%55@@;eyH~bB8H8{6$)3p{9@m*ILo};`E#%H zo}#Vq_b&T+*(=BM;Qi$`W!h$K)%iIK*PUz43|P8;_cpHC(gsH+&e}SoCpy{Ch2h7? zl3hRF6j>Xm@y1?1kSn{+s&Yo|7WPdaH)=+v+|N|H$53&5Lw%HM>165m>7^lI=Q)4f z+CMFqN6k=k;)!m)KW}v{_DKG{w;SBh+V%7Q&E5Z3tT1EtgyFUH-ge?(ApZW>=lhoxQp0^0y_=s()R* zb7Z#JHq%#K$4n+UDY_~c38sh`E#?T8X*IAovHqasp87WruNxTiSa7J!zaF)Qb@TUm zf8Xq#|F`-1X8ZHX{aH!hBnzsJ6?H4wB-E(Qc~~O0y+3g0H+%1Yb?^BvSH8F(m-4-K za)!p-o=dhibM_zqzGZpb!Y`c@C;oV|EiHA8@!DxS&X?v-j(YSisBZJ_zkAYNeU8xj zRQJJ5Kku7-lF^fQD$lP@xA<_)bKBb6cGbq3`H9lYv+f)JeDis)+r0mOyB$l{TRkuc z{`Twi8%@?Nt~Ps>TNrN#yv#h1QN;Xkjqhdu!(2I2-qg<&VhCw*cb~YxTiw=r@|GR9 zMK8Qscrc=0n&Z5Wv%Qt1f|qv_S5BUE*zCz?GUQXEHcXIE_@eykYe4;<@|r7r1Sm>ySw6PobrzoNa_#QjDRZ;aKm0Pa@|-1mea`F! zeWn`{eIFG}PG74-hJ`cOw4V;=@Uw(e#U>wYgWy>p`B*+@=+A~i}b7;n_a6)CYsHvX3yMy zQ{muikF8rTK4g35y7=;MzT14?Vh&X76c*2V#N+(9;OF(~lWX2wKcRAMnZBGb4_~*` zN^9ou=nYGc@v(1p3cPmm)t-VzzElUNP5TVYCamP^S2GLZ-N#h7*LTKxK8A@ZseN4E z7*{Ovh{|5@`|#&2{5LXoPV!o_UN|L=rSr906YGja9$vmrvPzBjnpeNr$9Lw>hMetJ zr@TIwVeTlqdD5D#RZ7o$b!Jbx(Dm^XgI@dGxFly`gLzHo^!&pjLcToVd%q`xXQkDx z>|CA-ru2!YFEzao`XW|h7Gx!IcdmF_l(6TSxt%KOFZ4>L^B*vs!na!?>q&k8zcQ)U zJ{6BFR*1jsc)9uFLmAl}-AY-E7x@3i%JK+2Rj#&Z;^;N_u}Ue3O<>ytc0{>iq1;Ik^hIf+v3pV##_GY^=V=kL_)m z^|NPs3Ozq|n@_N@+FTjO@-Z{pe zoF%LC!L>JUu|7(7eKh?>nSDTMi_vKx@n@S8?;HPo@?6{gyX}wdZz^xMt1VrRLCkmkxB0>{4_~A zBs1sci>pm?%am1PIVVJ(@(+6d)othNSyN|yKfQeA?P&3LulZ!I%UG=Yy6B7A(`9ep zRLiX1^oZw*?gI(q&GE}q8q>b@9+#SUVpib6eTv-e_g1}pEm!LQ=6G4?PjA`%IUyVJ zMSPV`+uW`G8lV0B@--Q^HHjq~&L_w5Oq`c-G~vSWdMlSj@vky%_NE5v}L|wx6RFH+v~NZ=T}~tU3gf*&8^~Coa}<_>OVfU z%EA7vIAXuD40ATG+R4(;Vkzf4Sc3HDm~d|KMwOU+)pZ z^u%2DhW%H=!y?-*F0U*XkmOU2TmepqN!upz*c<-NFp*#|K6~R9=d1aL_qfQP)r^xY zW$sJsQUCVwbNFeE>aUSjA^V?Ab$6cAJLSJk{{IaHMX^%XZoX)Uyvh4$&BIb1b@i?} zzsnZd7B)1$583p0e$g`Z-JiqmUNZAL`!0U!rtGgzre9ur&Pkk8R=n5bwqoYvynUbZ zcb}M5TAOOMahlwcC!3@f8QuK(RK#hv__E~>c0SjT_@MO!}F?sQEZ-soVdfvMF&^PPx-tA6<`Mref5l!F%UL;f2?> z*L*zUS-TWJe|&yI=GW)8=55`jBI4H*R$Co;UEBX*t^Vu1eW%~tST9^ue)-;=Q&Y3~ zWNH_0nw-yP^m^7IF&AH@jN-X*{w(kNB>vz1ee~EJ#&D~J`=`Htu=sTl@5J&SU1C+G zcP*Q*ct7ggcfs}gS-qTVbze@-Tf3ujs=qaRqroGgKg$)e#MY~nSW`QPTD%Y`=@_p+SW7PJvLRb z{+{%0)-{KozFD++tK{ab&5g4ecdagsJseZqc*1Qqw(J5%jNfrCv$Jj z6K(Tfo%yEV;@u$cnWj8jt$ZZiFTXV{j^N03)--7Syht7kvE#h-c2MNoWw^2=DOM`A7CVqZOcm!SMk;oAMB5wfRc1utB+ z_wX;bKT>_Scln0ieXWhptDUaZt`Ptw*coDz9;&C!pRr@&_Jw=@&y+pfdHJ)~A~(?t zyYn`No}e91_P^7YDw|!_J}S{HxuRxPhVY~*@o(RSE_o@6!?`7(5Rz_~` zy(@jN?h8kK-rQ-SHS2PI|DOMG^Zy@`>;M1Dt^3nkGHdm>k9XC-2h^l4^ER6${Ca-e z^MF`=m!%sYe`NZyUD-@znVOp2%&*q_93L7nnDZ`MmU-H(c-xc@ziw~+BIJ4NTYkWX zGw0pfUTgly_y6$VSc;HR=#FYxi*==s<0d#1g)#Qq%vl{%zTD{F{ggBPii)Pw*W2&o z)V&a0-t#Kq)!E#8>xCsVi~~PD%=FPUv)WZvc(q;I%V zCG>cT`@?%>(tDlf$M1C7Eq&p~X_=2R#G4c6Hb#hExb77@m-qkn&yH;En-cG=+gO_R zL*3!-&a0dJj(yGh)o_t_&q1kkxAs`RNSBUP{_V)}Qtb7)^t)fV=j>jyXQ@D;`;<>+ z+4H9s`|f2F=N2ukF!`wcF7fiJil_3g8&}83P0ciwY2RHJ%K7c=Wr6e?2bO(xK4|wr z{==08yVHfGdAd8f_@yn^=dHTva&+R1XY5IR`EtJ=WE)(cmAO+kyCfy;zH?9xOXBB-#yqR2vvbyJE#7jdEKZp9V>rw##d@pa^NfKy`XjQ>^+4~6XWtIExjEqN0T6oh|hRJz;d^l8Ns9_cc6 zV{^8~GS0{bLFH#+C%k4ZEIPBL(R+qB;}(f`v(|;5DXqyoUKY2?>fFR40 zheQ?a`^vL>^}N*iOJ~@we?IZ^`by*f=iV=vyzJ6-%c$$zftopgUxfwbRWB4<6u+=p zO!|xU%XWcu@utr~oa^NSn`$-VHIr5+HsxJ7l;pARyW^zyUk%?D?KE1J(e>|JkEQr@ zuc{i>r*HlA;tLNDrgRr{+;j(`FREEipRrVuyFi z6{j}#o84C??o%s`5fU?(op&b7RPgaGH-2TULQ!d<@ZR|6XIIZS!*EfD>*WsyL6vpq z4?dW?SA2{h zYBmX(7mK$3GugZHW=dPahC>e~nX$LOKR&DDcCq<9FR^vtvSCN9%3=RAPM%BbSNtja z^tft&{^|1im~)8@Qx3i4pH}&=&|HTjakb;4yE#6L2E`k0NGNDO*nBpwuBDmb*4rii zj|+Ql?U)%GW$=F;&*Qh1FMoe_ob2~d+3T8)`n|b7c}^J~+-Fi|v#)uJ>*T+D;^+27 z*L&Z3`z2({28Da;c0N4v^6u6&hQ-abnYZ^J>wkwZmRRvFE+s1?Y9_&lp;eFVUjg4a$*ADjP`Q?}1 zNysI?-?jMi`^%ayMe32r`bxX0~VcKmk{cR@bK$Yvo!lejqhzx&=zH{ZSCW^MbH_YyZxNXls6 zJe#h4QI(}M{aSa5hU41(_CFk@*w^ryd}mnE8K0?8HLvZ+)p>>L`DGVN)|sw&o;`i@ z{Kn|D#(LKaj;kaynHF}pRY&w*{mt=>G3MtKzlO?k0o%^>X^gi;t?oGZ*z5|pBk;b% zsnh(M_T5rH*XflOkBzD_ADyVEo7T`Q-6wd))JE%+uw?1CqS|Gf+CrrkJ)Ru7HBq=S z{>+yY(_Jre^7u}E_2(30{(JqSbxcA%`&>T;Q|`sfKCjGJvHQKjmCx$4!Z|>tz!??J zADxjJT|K~8hb-1Qr`D4` zrJ=*lw$)*0dEYMQKcA-VeN+2%`kt_~xf`lo-Y48|nOQ5mVYXkEyKr{WJ0+!#4|kk*$;wWS(Ca$FqI${T!bP{=qW%u$i8i}Dzf2IHJ!_%K zw|j4vZ(S#Ld&gg~qjS5b*j}yw+SLDY`}#G)-Kw{Wi%Pe}f1PF4uy$SFwS9%$nyPz@ z!&dVD4c}?7wRg@gRzZ!>1+(>jzm5I+h0FEs%)d!(N_DZHP=k5xoc&8!CLT%( zpJesLXZ^+E@3CGXxgVm0d&8OUhO%#%`*#Are`wIhM9r(>%jK56+;ziCyg_ST%f-8| zSCt;AzIXCvj-mGRHyP%;4a~KpWyH3##7>ATXudvc#qJv?6{Jc|e^uPYcYJX#U%<6a zo*OIHW-tA(wjw$BFp!9}MexIb|)`v2!G`G&2=VDNJYell5&gVT9 z58tT&*igz)*liOzF?LJbm%Y7nr`yEZWIyuccvvm}IQ+`dQieqx^Ui$*r@oG8HAZ_w zZP%xDli%mEta!4tzOwW1^EZd{U+~2k7CmscPq=TH@HMY2pKnwCVms+&!uILs>qD5L zxc2W%%~`NvZx3_6NOI0bV}mbU>kj*TT)jVOKC8z~-+QwzxGgF9{{Gp^s|;mb|Nlnr z`?{D}r2bCN-rcj`z01p)=GArom*xHc#~6JSV?Upf+F&01^P6|g_nEdLw;ikRf38VC z{^fgM>WRCad9aiNy#xC*v892gQOoDYgfIQP$Z$>c%9{SwlewQC?|&}7`^@CGk6tbL zxcIV3oMh;+*?Md;Z%s_4R@%J&e}>C5QeEWWBkQRTx;N?XmSkc3earBA$mJU^ofd!m zY$LK-y-=~C`<(wO%extivlE^qJt-=?ShrCy`RPs1czd-aeXc8+nzz&^Evejb?_BM| z71o<$k36bSV$3VKP?o!BCwqo%d841Xf&Q!~p~>+!9Z?%+9pPXQmwo1T>o4oNsx>C% zJu&Xp(X%t>`z*}gB~frAW6e*2$4~1Vd~>=Qk0v*jWqmna>SeHN{Zy;PGr!rL7u~vE zcJs!*Yjx+#?(DUA@QRK7*UN3&lh&s+Mi##;hsXha~^-ueCUty(6mM z?w&A5zG+b9wwZl_-;W$zxbdr<)!Ek9lkf1>eNE2JI+XT)S^b&KPZXH>q?d{Ludu2T zRD78jx>mh%W6|2T`(uu07F!>l{o>W4uQ{q)!`T>2H=aDX@b$Hu?dP`fJ#F3cLLhZA z7pU;>$W-pnPMUUU%n-Qy#Je@y#H?M z=zVUp{loZAdyoH>KCq{r|96e<;`(t(n>&5l8u$5+tLvwWSKKk!e_ZH9{k-k<5gq}HE!65dbHDF*dD@wfHm{|a{Y3q- zSOhax2yNa?>XB&yY~IujmPuWIGp~u==9x_&cC%S zbL`Jd>^gp8=YKPPqbqkEO6M*YJ(;=iM=AHwf6ror4ovP(f3#ZIXR8d#d@)!X(W)=I;Bw zR{}qT2+nl=+rg@_I_qOqnau?6PcAnntopFgvGv3WhR4q%H7kD#Z2h;tr={1rGG%dp zmC&TWR=v|yCf~T^nLWRIUALRv9*eR~Re>h6vSWW_UB04w`Qnw#q_& zh`QkQyFI!A5Ax^rJz09TWZO4w{f!~jZqeQsn;);Z(TO!Vak7o$EL2Ts)E&9C;Ck<%F#L|Gn*kfXyw-zVzCQW z7dJFAI*9r|3SpWlWh+^JyZ!iQ<5}X9k~`#P%FR4;YxnMz|CTUc@6F5Mb<5$k+o!H~ z@xPT?=DPh^>f6x!Sa-QmQl8&EMAE_vVV)m3@&XZyhaL zW&ct1PM?aU@zi(yQZIKrTy*{8OyoVL1m?v9vPliC==XEM_9 zb0gGB4gLe*J5hPiWlT>1Qqr?AJPcyrTK;3~m3% zn@^qTRyenzt$JFU$zJhCmm?RiKbG;f^&j7?S60X7xyuPoOwKT#AhAN zz@Wh3>Eal&`s@}n^WXDbWzU{6dEaxI;rPYZQEzPh(sQ!dJZ(!&;>$1I&02KJ{k-|a zU#5zZ#uwJl4&QlaSlv$1D4_p;SqvN!otl5JyrrK2wGtI^lIY-iThb;7k!XPB0`)iX~ z;=PH7*_6)DUA%I0_{k-6#M{ymb#^^voAmz8l5JPY5A@#%F}ow|_E+6(*Br0p(ufKZ ztHW75SZd@<>Z%2D>deeJ8(F!ru`F8*e( zmu;}C(Do$Lmz{wvH<|9Znp(ZPDdJr{dFHd#d{yi=UrXX7vV2tvyC+{zKl+>J);+CW zy~%G*r0LCw&U`O9W83FswU$Ni&g4y0(eFQAwQlagzO-3Y;*;NKPb=L#*KM=kwf0poJ-+LF8$Eg z;*t$y{HNa;H`CWI#@KgSV5zZ>Z;Fr7$(1Mf9sl-uS{?egd&&utC*!| zUdURMl-#)~e)<2lY#)EF#D{@L*aG?0a^p-+zBU(pzqj}Ep$j@a>YBP!kF0oE%e?A) zkn!6*hsDa3*HXT6gDOjo`e#$8O}iJfuf~#Lx?b$8i-%a0Qh9oJ2DmA<%n)XawYZyg zXt}M!cT45pp=TJTubtL)%#ZE4>!dHOIrkgeB9ru{hIX8Mx%B1YtXb6!FQ(?4y426l zb#}qQMn<;h*#YObO_yz%p~t-TO4!VoCGCQV6&2A@`5W{ zCj8aP+s-JxjC-!vu{%kJ-|#IsyL1zmVdg}Yy&PV$Pw|h7)du;Hpna7i` z*8K8Iw$e3?p+awjoj5>lRe7M^0xA>i+Sy)iHxK+Bs61CM!BI(a<>Xfv-kZ(xP8EG5 zc4yvCPb-o_U9TpNn78l>h5D%+|2`ruTl@oI^KK*mH#Czu@k3A~O|F4=7ySn+#nQuvP6(#(s!e_)j zShM%Mss6KDW`lOU*x%#7ZT31o-aRG%$>%q9Prtvlw>tK{=y-lFv?cW6iuM${iE>xc zeA?$t%Q|Im^w7lSOmlWp+8P;9N&uw+h^KPYCF_#TZJcXd^k?n#AOFn%O`GnOyYKnR zAC~9s{^(SHlMipIW%ve~)7bcY=Kpi$_f0OoP2S0P+Hv3iBiDcY)90&hs%0?qS=#>d z=l;6h{eL|T&AxBRxppPeM`nBfpUMvUr(cjL`m=92i8&p+sY+pzx7v5)b4PCxVAeNt-b1+#*84AuYM8mMh~^5^a6 zn&%I7O1K*st&eSwf3`IIw86h$k#$o4qvQ7Yn{RqBHL32Ge)Y;N&c6meiq0-==x8nnI*x%Nk z|NO^ZOzWT>L#RmGS^v+E>$RP@XWX|qaPr#A`9Iw?>5S;4hw9IkRmghov$GFBd9aw_wr16ZanUXii);!1^e)gkVZn=yP9=8JF6Z1h`L36}a^=Tvq-^A%!8Hk71_-Ml&TMeP}VaHzwG zmPsi;I(ME7@>gvrvwnF}S$?)}>J3J@GpgFh&TpEA4#z=nka%n9~MM@$ZGYV)-|dGO3V=Ty7n#&b5` zd9dr+fsKFH7j9X_Sv}wA#iHHk{hVLsSNzpqcqX&tQdsGP|G#n#zlO1|`yi1dc65PU zLBd-7hZkP254`k<=ix7yL&4=r$4AgetL{6-oZjO<|NmRRcgDq_A8)n=CSSdoX*QGb zgprEi)9>CUFT$QMrWRamn_H4I?eM83ylnSpHp}f=QgVP}saa0Lw`<#9h|Mq*o84&h z=~{)?q)CqR#Lj#(dZoMDgMZ4-=|5Dr-Tf~#RsG)6^Y_mrS3i2IQOt00rikry%RkG% z`s)|3;4As*AGGCK{FiIftNQjvc2^s;P5HA{WX;8m0_wT)vJW3uPCmc*=bMj~x#sJqyi1Ba7vd4T=$fZq9m}lGk8DGo5RYUtfsRg@_p7{9J zK0QBEviko*=6~0~UzX35>-cHV|=-hyoocdL>V-cOYI_V0-W`~CZ#_ZBxA zF+Jzf{TLN5InOY~?w`y|yJbGE{wLG=TrLc>wWg_ z&oOPE_-Qc%8`pKs*oaqQOOhEZV*55;y}zBmbTQ{`^ArKmO+o(Cdi__aox8*Q;0rtB zw)7Uoa&^lCACv2!U0N%WEA_=HKYZF8;pe>a^54H+c>VaX#9AXe`L|`e*lN!xpcFWF z)Pz0=7f<1R%$~|1acNSU`|ED6_~T^^zZvVk?>l?EhUD0;;;%-wmv=5=<+i<9Y4#>I?((l$8kNhX+SflVsk+2) z=WEE7pL3kyc?=X)J9JeZs6U(2sIAubKZ##Il<}5RS*}@+PtVE6v;WUwc6eG}Gky9! zvqbr>dtYxF?EA@Ne#jg-*tiM+xBlC{{Brh;Xhiyw#%^oL-Dsi zD}eAq={zGOIUTG(PyFE7;6l?ye96d#HTK}K1_okO`e)Z4apk11C#cy+>xqaofnf0|xg&s@me^_gN zZ0&?Y_5bRBOs`q{z2(6v?k9gAc_MO5UVqZ?vOEyy{orTb?A@DAL`V6bOf}yY%>MK1 z%8iqaJ)5x4Nx+&gyR#Ec>^<^#p|KQ4hF8BPw zZ~1`8)Fn6hZavX?r+eerHrduCzk69M>{p%sB!hkH)&rvU zsWm_3BkDHJ3YMRpvGdV_?`#cSCtSTFH=1>?xstMld)dkdpact#UlxP)Tef_8_UY+q z#vLUuFZGD231}u~oM|;etw@|Y9(cMJqv!;+(-MU~fV*XI<5~og_$D{ZN8*F^6whD* zbplZXm-r3}=MPTBBk2v`^VpGvfjS2ZSjPXw=Ud}9#NQ-;k?a^3!>+`hMhCpc6Yve z)gHH*@9!{vntxNgX5qZ5)=TP_+`~Q}9)uJaEx_sp-Gx_W1-dW11_qsOsN_`2}Q{--v*=jg-6>zA*){f$5M^TnZ5ncBR7*2TW3RIJNwGdBwBSciX!SgE)A*b|?J z59iK2;`8~HSlXL}^xLmxR&5Ua)GoATH`fLKP|m&is}FVVEY{Rqy(wby zLiMyo>P?R7WyQQtkGbj9zdG^K+R% z-HybUr}QWMKFT8`#&XXkFQVf8)nt>3Z>hJw?N48=xWoPT$sA>dX1`nKrU%ERJ}a6o zY_4@^@${q{GrZreVp(rxm!egA{JxRap~a6QW=-E1au0XvzdnBM^?R$ANAK@^v?t2Hbn3)kX}g2AKX+f`fA`6Mi(j$#SGthXxXQ}=(Lck$2M z>&<*?O63D{Wp26Id|xA)Qu~lQMQ`?ldp0i)6}}WX?tkS%nR3Tt_6zCDANp7xduX*h z=JlhJl_|A_e~(=Md~(idaLMCTbI$XC|CuB+t@@4a@Av0QeO|fuApO>`USD&-sMe$=VN&Ua?^$Ye~t!|q8tpBY^ zeNKxh|Hj&{U&NAsSjbdPzgt~*X5H0U6V@O8^Gfj4yZ>^PlRNM1$eptHmyrJddmVSP zFBROaUY+F=P<)K%*2=o&EVH9q_4ao(rT&xlnRBg(Pj=Z-4n3;rkk zPkM>|^x_v2u5Zdy|JHqVPx(f<)8Sn=HfHTQoV?w!y|v3tTgP*!uQreS{CJmx%ku+@ zc1}~Szx4U-@8BJ|4}-T0AHS-WwazRsSkC#_wc{ElKQiC!y>?*ZcK@W8MZf>_y%P3~ z_<7PLk8Y`yY|&AqoKyK8Lx!nWVHnNRAT?TPBR z(>toyUYQ_DI_vHP8dm#se_udSuD{^U1S=|FGp%=}j&8 zGB;{{^*s}blBB<<75lDKT-`3c_n`c7L$}=YwG+><@0a^pY>?l|HZcpHkjw_5b@q&A9SqSzgyyue`^;Eb2Ua^@ce$lartCU0;w_ zwZ8IN=9!e|=1hC87*8#()Y_%H=leB7sa<>R_FwEi9L(O6UH<87&EE4?5B5ZzKKVHH z@qAXMg1EKMPQ2IJP-$=X#WG`e#Mx@`Y^Ip=`Hy$%fNQcN=`AdOj_8;+yyW%Y;6MBD zJNcUSMW$9JS`r!NML(uazY(34a^L=s$lYlDpdCl5Z`MD$`PXYf!1VpI?|y$iVcxpO zd=Gw2t@2sETB9!giqh)xz^Gl>KAdgFN10L@dyP9Qx6Y1VQu6u6c^~k|-LX`GwlfVg znf0{}+Qt66T=V|@w#ge+x)ui9b|^QO4S%)K(CWvsr61atiuCEeEckX8v@BSA#)Ahl zYKg>#F~xQ++SosrK>fbLunBhEDmrPWi<9*>T_c`vNaAu3B1|^YwB7 zQ^Vy$CzVaN>|bNApieYM4N`R`;b{@3rWvF%Hewyl@%CE+#wU!%4yZ~Sg^aNmh3 zOmZ40T(%3m*ccf7iBEM}oKAgBzf`Q?>*l-*B8Lwpov8Uxm-D~0r|p>VlqEH@*S5Xn z`dOJ;yJOA`{p-PjF^x-4JO2G>9%%b#?Z@8J*Rw1u7Pw@t2|hYu&qMB%r7t`?x*DYU zZmpSaFf*&5V!fZN^QU7an=W6vaI{L!JnzQFu=!6;xSLh!s#}&CwyxE*lXK0B(5(N= zVH%q^W4^;N@#2$SR~N<#{MdN(o4CL7dacGYZ*QNBm1~v~@AG~tV;|=oUCrx$>fNK2 zx+fn?8}Bt@jfu^TI44qk=|@ZG`{c;~R~0cSN7EC^f9TQugZP z-~02@f*0`q+%oGr|J4htyAl`f*IBHj$Z%AGDns-WPg3o z$rnLKCltOfy5)EElGqBFxTdpfBp)7%`X=2cA-f}R;)IFr?|zw-7(QIl%)!?id4B=- z^21(7cOPGoTb}&)v!>4KZB?vNb0YqKv1)%crLFwxBc4y2E?v~Wyh-3ip-JN3B@=IL zj?W{<5p({p?+uTJyKd8K0PTXk;#a+cpAR%W)_Ccjyz^V*S}SDpXU zy-I1-dJXl5D`QIPzD>Ov)GvKOIw-?9x*$p?X4gaYA4X4e-z{#AC-*(iUwSm>YQR-c+M9~3FkCu7&S%CfEdR&~!h zs%PnKx0BYUFUr?`|D5w;>pn;EJ~QE`$GtX`Sg-h7Y&)}VI%`3qZE4f3ypEVv$^TMs z|H%G0!BP6@yoC8$c9Ugq7kkDnVVmB(jK9D5jgNG$sk_E?d)J3W_TLwJ#+A4Ee)_Xx z>g%gl-Z2NSe{S1*bdH7nmVFbg4lLl_y>rUq_tzi4ShaMC-DLG^zwIVXwwmrf`%2y0 zg$sYM@H!u_kJdZ6_}y9FrS6uQMGq{3oobg||C}&=>a3!tcZwG~&7bXCQE4h1XUCQs zvVSql?|V%^sJEK4?5pYMJX zwVdTQgUQE8k-s0(Yx0#HB==VxKhbbLb?XzG-`R2hAL?hv6%-Y1)l+RhbbSBe z{`-Iaq<-hUBD(p#%!E%S`u{d`tO-15$IzSpKV_*;dHGbSMbn;c{QdujoF&7w!xFQd z_H=#8&DkxlRsUD-SYu~8`v%$HJJoMYKj&=!OLxC)c=@IiyZ>j-tAG1*=J|K8GZ*Z+ z#g}n&M`hEQt`8#HY&Oj6S#NXj`e)mNb^%P9x8)N4GBH?R{rY(K-Az}gTzJBE^%7Ip zw#uej2JX_7yx&^0A2H;FghbAGyqNvmoDU-J&R%8Allm9aoBP3RZMbY-+0Cl5Kikzc zB33a~t*pIY{nyrH$~4V``&Ni-dsj7y{ry=7d3om_O$CP*3tw2CzWM9M<(i+ktd6JT zJUv)#?ABDv@OkTt{W}g{{_uX;!lUKk`P)tjUn$Y#T_6Adef;u*wRMLQ2nzMiI9@SH2v;JF^SzqNoH1+TE&+e|Xcg~AbD9T-SpY8rbwntZ(uC3<_zgGNk z()`aCTEA|&RI#q>{F8&~^OqD%6$=fBF6Lf0=TXbWg)Ce5eaqb!H>1KuZueZ>efzlf)j2C(vxcaw(SLM1UR%XDwEf!VgcnL{U~2*Lw|ZYXai)5L z`n+$a-W5k^Xl{Q{;67>6|I&SbKU9607<}hh0?#djX{Ha|TyI?qJZRUjLE_T3igl;& zrmxuh;`u47jH5|K%vC|3uTS2{P%wL=$?uu4N2rmxQ$Qlss?$6Y+m{$0h2| z7gml#ywNu{+BL7;z0dC;*V}@-VaL-q9NwJ&V#P5N$L-4wAG&fx=VZ$9+L@<*-b_6B zYHqJ-*XgKpoyL0wrk?ye`!Yv~NA@KV`b{C;5l}LPQ@d*|(=I zhM(P8t^DrHRna@*e81WmJgs_n5h~4td{W!EOVP3b>f=O(?8p`->iMV{N%jT z!B^9lew-xTk@)yp)5HY%12wvtv$t=$_Sxpfzn3>kZ=Y42GFx`X;vkJ5x3*WN?48$X zRnNNMtW&MIgH-%KuV)1t_#O5J9RIbxV%^a^>2G@LQ}aK=GHiOQjZt^x$&f+;;RAnN zZJumi?JgTFcmL?VRm?Z;>m2{FRi|hX!!AwhE#Z-7|0VZ*UeS1=T*R`x)Y_)^T=`K! z^Ubb-DthX&D~|YWKFhaKQEIV3gTthvM4G=tgg-raakhhLk|f1JxO zlWTM1-i1+|N0#O(8Fw^G?z6eB?R{C<=Xk94f@3V_q~m(Mo5Q5C<~mqp|3Bs)VCdr= z<|ie3T)JTX_JWtEFJD+29xg1pboq+y+b&i+OE#y!t&KhzYqx4;<^{K(>-mE&v){U- z{%4<~zq{#r*%b#Gr`^f7J@_laKG`)^^WoO%-pBOczxS<*f2^n*=jIls_xgD6{b$i< zX4zZ|mtC^#H_uk__pauF+gvnSk51T`D!g_5^yK$;&WGcRFY=~7;xTO!@^gDAc8Mvq zkWKbTq{kVh1xL?6S;!V0Y81UKo&9d_vcoxtxHjYn-?ZCxfZIG}b73H}==C>OYLn9c z9(%CP{Nd@MpPyD$_02869Fl!-qt=a&vdJBN%uTs3h5d|*j)2eYts9e!`DjZ6|UGL9qzoY{a2S%Rp7*!9mzQX zuftqih1u>5Istossp z%0O0g_2HE(3oj+?b4l##U-!4oXzjEm3*uKO=Y?9Bx~V@Cla3CqiCMmENAEW7dFzxe z2YG(n>O6hfgpCW@X6<9sna<_OS;TWNT5xk2_v~}~94p=R)6Yeoj5XS{*I9q1%ewl8 zwf}Z$@U1MER9t&6Ht}Sv#EOM->gyEZZKTB3UisW0ncHmU_jlv8IHi+&@`Zo>H*f z&wulIy15-?$Q6)#_gnrwD6>2*yR?3a$kg?V+FXSsS-&{$2oLeytu!~~x6>zc_7`op zr%UVkPY8ZnJ(pWdh&iHD<<9G$AHU6qbra1z+UCz_J#%Hc=6f;wDYIMm8}zEx%0@F- z^i-~RxMTOcet(9Hn_m~Gb35={*7>mI-jr#Hb8?iwn0R|}q;BvR+^RS|Hp=4Pufj9J zXRHIlk1|>xDC>G>+_Fb!Vd~+MTYM`{cl`3xY_x;U7Do>mTs)+?0nX{-E($#_3fPH zw@;=-yZ4vu=IOdiA|=<@L|4 zFT%CX%jX^oj!RZ%^3!%pmR_KgJM+Dj<y#9AVrN7@WHB`0L$sb=|UVF@{Q2 zyRe0?V4So3*W!=gW8Gs-pF6I6p1jU?^P3nk@W4e9-$c*`%`N81 zn;23iP7+bj_FjB=0{4{Wn`!M=qcTiCr!(wx+2vUDdynf{?Ue9SiF^^KZhSsdZfO5o zwk+50lXS@3Jmz$5P38xRJdaDSoTuF{T^;}Iz&lUH3z^5au~=Kb^?K~HXIjR3H@V#}CEWin>0y03bN0N~ zdJ#gaZhP6P_wOofSKUzeyX;-8T=T4j8`oBCoI3x|Bs-&f-DR#;w>}lUsr?$E_k2`?Cu=x~hBrl?_f2-ZGoN0P1bN{M8(-wTS zDyj|B>XTXcYgP4=&DpVE96lT@T04#9fE)KVf5qIUCEVf5r@oq`eC3N~a?ZWoN+&)q zTHg4|N_~OqZ@K@ybIiJhI%KmH)O?N?HFwRjGUuJ1Bl06NV&B?Zxh9M{*B0@*PAI(4 z`gi@+DSLvOg++JWsXjhWdHyXM&&8)B=2?7~&%gR`-mS{D?Q#;;|9JaM+Lo{VaOJz| zY0u!R0k88OT$;-C2R8#g<#T4P zo13}&_UE~8Z>C$_e{Q||x6N|n^m%^g-_@mmn|b->`^$ypyVe@-dfRh1t5oai+ASLl zT$i>=afy0~7`AduNyy+}5w7{SHP6zmesmuwQTX$ ze@5S*Z_#^wqH>GC=Y>IQ#Qi=*Wph=!{*?HdU>SU-a~7XXhQT`>p1XgKKN8_8m)co$ zrRD1x=|8`M_@cWud0zYy5MS2yNiFrn^F!{n&sN4{ltzN*5ISa`ID21NDbJQ!@4fJ` zz!mB}H&;s5mE2lf;&pqC?x{V>R_f+S>LYz z?f;sIkFH7a{r_SuQM=)a>L3w){YnXu6ibD1izf+ z`_oo$)`xR!TIa7^$as6`-tw6BS1xLM-ksq8Z&s(#@ikNSeG{rQ+Y1^-*L_e z-{(_4siaL1D){|py}xXB%IkAZ|0QQOm#y*-PjdEsHvidVnKP=n8mmiM`yQ^B*>d^A zzd*n1w?8thI#N@lq_x86H|M=`Tkg*E`a5IW%Xs#*l6mc!hIZdrF4l)Mr9JCXo}t~g zE!6$jG})Z990glvX2yQ2ejE6LdtSbh6g4D%6&CP#l5gXIDbMLI+_2K+$1;3t(DYKo`esKF)KF?T4o%iUQ%JvgU z4>#Uk!I&WWOMzMIY53FxUb*)!Qjxz}4c+fLZCTVIFK2T~|6l+5&4!E_wx@6Z|5IL* z{ygvBar?c#y}8q_MSoM;&CR8up|Rk>!}TB6%I`T98Mg6ne*I}~>$Hz6KeVt{rbrjO zlX&{koC2jukcQ>^e7 z=Iz;#>9P+G{8OH>?&lu)xh}uB7_6_VibmA5b-sO@v*6L*Vn*i-XXm%CuBr8NMo9-v zS(qLxeulB#Y@XKJS0zi&#jIZT#Cg7z^$l%CiTTe0POmEyR*$nju(HZpZtAoty8a)o?=C*UVe+RyuiRJoJhU=+ z{Mp8*+bpd8+V_8tcF9Ihw|!ump!fRI1`S=q(_0?5&HieUQ*yidubxrxs|?v)8uu0R zYI%Kuej+-8B^CK#hlss5xWgNW4De1`a*G&D#pOzKucP%T_iqXCcdm+d z{q`!NAZq2$Gh8VjzW)DbUh_VC^^Cg*!x!K9v96Ok@lL+VHvq$u2J8u8BK=$&-nvbjh&bKgj^i4al zXtHdC?kRuYrR^K)Uc5KHzW3%S*)Lxh9C==vnaoeh*sPkq?s1g9il6$6=f*j&O08w5 zXK8A#JXZCNWB=RRhs))p=E~mmUcdcwxaeEiyf=DpPuQe4D<9r9t8aSJkN45FOgrRq zo^jo?Sj@Bd*rSS~ZSPg=Pezxe^Kbs-<9tnSUUi1b`{Q?SH}2fka@kb25|L0Q0fd?7p8o zKljbtF!$7)^5W3yEw8_Qy0dHJ`kk?6R%g|`>T`bt zo}IROZ&z}DSW>R`(;w<=^GW>|jxEo@>jB|GQgH>V(j;Ha3soy(hFC9l7@EmMED*^%=V zbuSbTe?7N&PQLZ_e5dbA%XeIsGhVts`|z&6h1-_(gf|PI@30(xY~cA zS-;d`E3!6y`}oKHZ&UoASLJgoJ~(%keBJZ+`~8RP?5}6ObrvnWuWYlIG3R*y$N07X z>=rt|f7>B*PHgW~-dl!yOD9}1<6kwk^3C1MFV;)06-+o9d^s|KxtCpANq+NI<(&M%?;jH*9i8{Z(-E8N+Gj80O(oz(so&WnuAz$i- zpZ|*e?zHF{*qY_bIp%CJj}Y?R^1YEe{r;4q4NTE%RPA)<=hqwa%RX3R>v;9*Mfnbu zOVSc&b#6KOJp!!(oiXi8yPQ%iYlYMfn_YIR8LSMZRzLUg(tL8;zqWeGWO28)t=--8 zqQq`|h>7{=!oD$~BE{zA?EPmS&z|Dvk-jxE=Gse%y}Tharz|KrcdT<$W1Cfn>5?@) zN3K4X`mApimw6&){#mE66C#?2?=woezBwT&{f7C%GSQD0q(mPqTzJ#yr+8bdu;g^V zfA@}`>}D+p`rA2kVNAqZqx_Jgj}Mt%+&7Q;VV3N#9;bbK)!kp3ykE8Kp84<0nG4#zOD#{dL8yjP zH20d^yq{r$Gud>rV!VD|Tds6!g5SMu>Nj4=uC<9XZ=d_l+4-NK_ZIUA)0%T@Z=Csd zHkp});nmZfIVXcpWn^c}OA)yAa@y%551p4r*lK;5{cY3fa*v}YTUr-;pGiFa`1YQ+ zF~;ey+TMA;nc+7z`RfXg`%x#RxGj%+lB;Cx8&dH+%Ukn@+4(oJoZlQ5uy;A#e#a7O zzbu>WdgIG^&$spWRW#RDefs~$vusVbx{;CG<8SJfS=Clj2QG)5+^98wukrQL%8Gl5 z0c+1Z|M>phfgLuJPCRuhtNE^3w&o&(+?w>hpE1+Z52P-;BK_ua%G;20+g}uHS^fFv zxA>abd!}j~@I1UyNXkuBT(4u74rGqk*URY7kwe1E-8pYhz5L}UgR3^vlX}Z2gL<9` zUaw;B+3zdWKEal?V&O}!l;vk!8}oSsPrBCpmsgUw@iVzAw|(W06#1K#n~gWdg?uXe z_v&Wxls{YM{JI|Z=|Mrv|Xjj|nLTRj%)={El`7A;9wzMY@LV9uJY%jTrDCr%UePpxFXG1YR%7KU<{>gRj1 zkKN+bT*&jz|N1GFODm7HaBttQ9zE^Y+NgK2J4?+lHsrRxcioOtZl=zCoL1U3QXP4cng8>>Qt}}@1pL6|b*kq&k232PHXC-F`N{V@& zn&y6TXU&XPcIwaVH&57~#5J>-@rzm5_K3Cr|ZPCZ;?ctUq~Sij|xQnL$HQY-c| z9Z8#L6wdhUwV2QIsb%5Qvm{m;Tg@$(Gn3xt5IN8J`JEjLgVHlXHu&$))UW>ZRZ&{V zP-PL1O7-UDk2k;nF8qeMN-y~x%Z0`9c0tPNYwym?`^%9bww}51+-EsySvdyXlWhOj zZnx8n{dw?m<5|NmukKt=t)6bwqkVdk;ScM7iB*%P%(kfEz znoM}Kce+&Z+4<+;C7_?tpCe2nuFrnGE!ZP*`*nWNuZcO^)PK}0SwC-keK^m7W45#R zI&wCIn7zMw;@|&LvD@$CpQNvjfA({|?u(eUtxMk*zdFrOvgB2IWyZRW9J!yTdu4vb zr*GW*&n|uc#Iw(C*4UUU%|3hI%T%AnF)t0*y8RPM<=XlU0t?D{(3@Wa7W^@y}M(>^q42uY@Zofdp2ZG`XSa8mp+}45#15G zJY_=MC7WoA+RP4BxGcFMa=)$4T02IjmAo z-rM(zOM2e1$uiOZEUGs%=ll&hcU5vjebm~NMBP~TUGHms6q@yPX4dpese41tr+WN_vIISStV3+vUl!L;|1rPTnkmhLYCy8nKQdM_kwHjQBR-R2Ccb! z&ID%n8ch)5zP3*7%ye!~&#$>t?ndaDGTwVoyW-Rn;WykT|D@{~_udn+J6!bM%uV{{ z?>UAajBM5T_J?&{eQ(oZ74+_EU}Pe9!P%mVHS2;-rudyvNUgYeGrN3QsJ)t@_Vvcj zbDxi9O>qyCxv}f6fb~A!^4)Dr)yjv@pL36utK0ERTeV}Ebou)iX-igIR6IF@JAMsY z%!j3O<^G&q`%Y3$tnQ4#rq7|UUL`B2S2wM6s-|?Ty z`{fta`EAeIchlmxe17o1nVa;FrCi~)*iaXC=HLI{>0Z~K+}fKHWBpt8l6Xz?UaN*A zzWvutUcdG}d;h50f*&ax=a(`*=7u@?4|}ioB^NOSx|P{J**srt`Goi> zYiu0e8x;Q8+AL!q+`jd8^}a792`kq>x-$E>WsG&DUBmA4ZA*W#u=j;LW-+m>O!?(f zbtqgqQk=CU^ix=*@!sae_ugy{_}Ev(*Tda*BxTa{WoOt^tm;}Wd6zw{;Muh?UhC-z z>r)>xclowHzGiuDfpm2`^VH*fAF6hW@@suzwf@VpmTAYjoafQ$ISpKYm+AbU*{Ek6 z8hR>y()H#3cRcN`IQnR{aju$OR=UgFcv0iCcY*mkj$i-2(B%^3}eRf?X9oM?=RZK9q{sGw0W8Pi+8u3{6reqvwyyRQ@@$z z@>0Gx_i{JK<{k*Co74Q;`{UZFdGl*8TVD~Ys`++1Wq108-qp9ANH{W0JF%%hZD&i?Dgv~}UPI;M0Q`EFHNs{Q-uzsk=uvco*KU3?pK zYn$`f*)meJPVvk9FC)j9x6;zPa(zc0VnCCKt(* zd(};xm%cLkJSBVa;UgQjdu8r>cGo`7`fRGZMd123v-hyOpH;THTy{Ks!`I|pZ$nqC zV?H?Vxi{|;)yn5ef6qS-`E`f=#=4NAKennxt0SkI$=sNo89R@!G-+1R`A3-#o>)(f z*ya9q_iHnq^uFRvf)34wchfD-J8nN;CqL8qX0h#u%60x{U6?O~p8R;Zw4`U(`l9b; z0p-6ep08unvX#_a?A-G?0G7jDPyF2&vEWP2|AY2Pbr0WH{N9{Y_cQ$HpG)7Bv%i1r zuD{{_YKP{(pqsxphd+4#f7;)vW>NR*r;6XNzk1$kURwN$?pV<9XB^LmXP5WHZ0qj{ zSYON~^L77|qtn&@^}O3xYx95d-o=~L(l1`h>Do8-;KS*!SN@N+G_?*sDQ7qDtBh8~ zw2$uV=7|4~W>l`O#hdbNdO1~U=w&}AXH@p3Y z2PV^tZp2u9`@E{6=-ZF7U2RP>Cxyo?O4-Pk`y@%CAfa6A_5#nFr|z9?J0QN{sAfva zii{Oo6JIk;TX%SeRmbVr8I5mhY)ezaY;vc{)GaM~^LyWKHKVy}t=H};ywkGxxX;l* zW6`>OVO#Y&HWy#;`g`2#fx4|}<}|%?i=UTDd2h9u9=rR~pEOOkbvI8wZdR{&y+!hQ zsr1?BUKw`bM(>J$RlEI9Tli(E@(iYFuC9ODV&8le*WkN6`G16BZoAjUYjV%0R+-+i zo^~L?zEAG@i8+(@9rV1i#AXZk;;$0R=JEN|TNvd1oi%0cn?3dp1uMUC=wJP%y=vN& z_OeaN$xSuw4yPZ@J*|EE|E6tL`DOPnl|EVKduOHn9Y>o;2a71lUFWOLy8Ts^wzNF; z?bhqQ!Ubnul}~J&y!biu=W{3NJhH7WIcAz5L%3Jv%N6@gS6x^pwrTH) z7n56Ur)09e)D+$>80BmfwdTg|SDEk5If@&5-(GQPQqYFEy04ukTzuBP^$mmm)Ss2f zg*H3ux3$~Y^M*Z{wf4=Xf76t=hH3Hrtq;lC;^KPXYn=7D*A@LI=W#ZDZ@ld(VV}PG zsj%t|_Jq}ThqQ%b;{KlhZgue2qM#eUA{5&KY#A2$Ei70r__|Q|o1gIUdgFDiDo_27 z+ubm@T$aA;Yx1wRSHG-hzHEJ7*;D^U)6ccRGi1e9^~o(cbw6C?+2-ua7iv%Yy#A!Y zxZd_am(#pI%L-M3^^N8>DH*^0pLwiuX_xZ;uhBs~KX;!n{xRiMH`lk{x$74^K5TyD z|HBLUb~l%57gd@ZKNNjc_Qq@Pip6z*_BI#Ey^**+@BAJ;$nhG5)sq_LN9+j8dGh=J zZ;hYtWuN{1ey-@*WU-tV5vBLly2@-0eQV+=X?&L3;g$OS{{MNp^XEMKQ2jnQJleTd zyP+@id+MaUiN>z{`SY$nxP7Nv>2db`^!eX}Uq#E7#I9O+^!JVpdX}@7derXj-aee! z!nVqO&7mtvho3TD4bs(qzi<8@cB8-N-Z!?pUK=;fEBD=Naod*&qb3DQ0VMaM!`EKZJ`Im2m|Ve^+A zoz1?xdSq=Trz~B!E9*?zrikV;S0%}rHywHUmpN_DQSFq>l(=kk@%L=!j1xx6)&HIR z@3xE9lx*bvZJO#~dG=F^k-5l(*-KRK+&2uB*7);Ic*&JIm(Z)MI)44-J6%AM+pSJG zp4xMJYFRm(m$z(HP-Z7j{UqCymRXB`7B6kKu*_^q zFlVshDPO(tR_of6O}6ghlNR1wrs~uEabx<0_!SEt#R%uxmc424688VJcech3d&?iS ztAiHrEmqac-gI)-iy1nm6aKG#Ke2RYoALZB#ZOmlFTU}8M@tH`x@P*c#5V>fgmsJE zZGK%5F*0JBV|@3lNer`x+RJsGWwXld4!^RKekNvZX}HjuImCOb%iWdp)9%i=S(W^i zE$Gsw6CS)Ad zZ?$oP`u@pHD_3GGo5kd+tL`KUeK=bO^MFYRn{?6q|_4;pid`GkgEiOG_#o8YxI&opGq>`F)JHfk-pXA)zkKej3ZcuJPn_ipQP2Mb>)+W#hJ=Nc zDQjwSHk_WWe?B`=4RmD9?1eo}9S&`yRQa|$SnZY`%FSz+EySn)YfZYi%+4uJ@7{{Nk#=sis#0Ak{pn=9aDNpe z`)>xN;LkTN1i5};w)TiOyT4Qr>O;`z`<*jlQ>RY7>*3|aG-06}WU>nqh#*BfPU?L4 z!wymh@d1Q{&nxwiC{WUI0{uipLCJCU1l!R_nD$1~QQEq8=Q0Z6xi6G!3d-I?mu ztL!5VY+nDf@-b+6g_81-?9G9nCg0r?VfJtCS$nHf-2AVd_Usdo02w&plD1sPm5KYb zC!hGKciAUK^XbyX%Ra782Q@l)isR>beyI!ddYZ~T&$&JEeq4`{{d9zDL9DcszS1A0 z7kQsk(=5Bf9Vj?i|4HG6kg|@y`tr+;vHAaB)l-|T9;c$EH~Y<3<^8+Ym|ofLxB5i! zf!3vOHVD0mjyxe;FXpl#e}i~-uI6&BGdFA#?);T$?JN$wrqH_jqTXe`|5bah_kI3l zGc8?c;!NusS3gGgU5V1HT`h8VpA*lkpL$b4u0RAro~wE70sYVC=g$vnoBMY1;XPmc ze{0SU+TeHmSbF`zV}a{g&KSfn#P}|iSzYQhWn!##Z-%<$j;nPmn;uQRTB7rSK}!2` z#i!kshxbR>RdgzE{TwmRbEToko24I4gIf*X8XMEMEmbf?I|QiZR<3dT{Ka2&+Uq~* zmi)MNevyqhf9uTmxzVm74$o_*XNtv`CtJN|Dako8 zH|NKRf=Tbf47q*{_7mw{d!!Dt_e2hS#%y zO1zNxe~ZOBdiK_tbBfznmd!a{k}3Ra%Izh$I3XDV8Zb$Ichn^71Pbrl)mezV+3mXX z%vY0&22r<5O&$q6{+dbYedagJ!`Z40|36=E`Jr8F*6r99_w0*$mm4-WKPz5t@#B`D z&vmEWUg6cE?f>8MdcD%QaW`wr=`9(`cW&sGPLZ=c(P+f|kNx(Wr91y{h)$2KVDK+D zRei2I!`{N?+16zFC^bEY8S{EdqYgMb&$T?T3+gOrR#aT(9@LvBnWr;-He<(rb9 zwzeMnc2UqTreIOm>BQ^rYIvM))-;z%`N==K!pgn$eMn-3jd-jE(?mVvrTJk=Uo$*z zev+^@DpAhg8eaJ3tk;_7{eiPS@I(jKUi$LNzxdGNV>@0~i|DO=cHsT04fR!%_+_$s zcJDL(bW2p*jOPW1&vq@=uQRh^rt2r~oacAykwDID)U3j?J+STm+V#S(MHxhY?O>I9 z_d0jMqEl=V8h1>!Zm{I{_=yhdu5*dMluTC3%(@&f_wS1t3Gxk9m3r24MhtRN ztE4yl)_e2O0hH`kChlxhVQ3eg{yzJ9)yuhS6h4+u{+woWpC8mhfV3^;$>)%x}3 z#xI6P7j-XG%zy2rd{$23tVh+7`TQ*}cV?S5u)m)E_)z}kgrk3E3SXEsdExipohMpU z9x<*fOOpOl8}5G3?fy=Izk9`63}g)p8T6|57x|ZFqNEL{j)oME^U+63#s4xK5!&mZ zuJtBk|DrzyFPZuNE<5x-eO-0%Q>%4f5BRXFm6lw%#{OWzuOE!B{tB?0( z^Mz@mrUt|7Di6w6OPq`QJbmT11K>U#Pw@^XThRKc9S+|--x!^Ihk6iz%Zn2-b=$i% zWIt*(@Z~I=@h?xz<@KJ=FG_FBn5^XXddknAFAkWAOSTHXI#?#^&|7t~X1XhKtPyBO9YSPr1uh-36{OnW=&xV!9C$K$O_-+m7?*}RK=evT( zLVN7W7w4}5?Tykf6GuwwP zQ;R+nu=38`yQ7_{zB%vB+_N)I^%pNHD=X&9oi06P&9N;alf=%yT7?>vg|m0&KKrma z^iR)Sd)@E9?=9Sa_u#^Z_vbx(x~VqhOz1%;4I@onW-*=E&@0=YPS{`c==^O+SMdAZ zw#mOUCH|c~G4DCo%%5wjCoajq-TL)w@{FoCGqn2>)_wSFIQ3%s|J#Ot|1m5L|68*S z)cx%HlLfAl7T=4Xc>Z3ymBo)nR{v_#<#Fr3MH~Hfb`8EaYXNW6%KtamR(SaP?yA+A zi<;b@wH%SlQ=K^TNosh(j$=oEu43C%zEs%qe(I;CW&uC$rk~gmaCByrac=yr!b*mz zQg7#Kd!9a}n%o;F`ODa4OJwzr*Gtk?*{xZ4?^4^{l}`*;nM8%HJE!)0U&*B8tBNs? zBjD}*-BGLNpjz#e9T*vTvv+kyV_WTCZ(r-+WN*wFbyy}YQ?6NaGcDLR$aS{5_6M|9O&&$+p?>0a{*&7N_&0vMAER>S)c$n6 zmm^nsG?n+GmXlZS!UX-+c)2B8)=oNnRBGO>xjR2R`@FmL>owVjUyHQotq|E}7uMmp zs20WWmKmz%wFk~$i)qdcQRrLK7#Z2WcyrsV{`9A-)7@u?Jx=a_Y!~MB!&&If?Cgmv zf97PYRQlB@yF`EX`%9=f?orsb6>HYKId&mn=5+n|dDjp5JW117j2bB|0>y8a%{+|U zvIOTh!+Ee^o{=xdK6mZf5-YanyHy^Q6)tY?mJhvH;(N|gu_b`#(Tkj=TQ4_m=}}bq zZjsdW>$cs~H_OA)(l4ngw(Qt?_e=2)a4p$!yZdU0Te7*1XT z9V|4N`}Fa(e}(JsTV21uahLS@q)l3iY~6{r((n2Hn(@8AJi~;m=huY#|A&mlzguj7 zwD)1|nah5cm+Jkx8yhlH;ra^oqhr9Ojg5Mivwd6p zKb+`OGAem&A78(rAwB-{XID!_^Y)jw?4G^hq-9P-u+VL z_U?&~SYGc5@w~ayYTXv=j|^J9jix(y=A1GTu#B#J*PQoe`uTvGO|$x5FVL@;wD}^W}>x2Ssm|?rgc<>9Q)BoJ%l#g=% zms$yJ{-k+hf=tX^f#TCyi`HzEp0+e-gP!7!^K7r~6kETLt!nw{X3xiNkeNPX_Pb}? zF?(+HT4fr4Kj%0<@&8t_D7~$hZ@xbA_T#=C8a*FAsAephKDp+-R#KbYpHSiS)zL5K z8ytAC;N_d+8h_`p{&@erB>Cr){+KP*^}YLM+n+S^`Q&~^q3@cSU4HKJ<1f#uada!Z zIv2WRxhl(!dTFi>Kb5vEOv=LVUj569(v45}d#SJZz}W}9PoK74WwdPAx-E?Jo35`y zb*;d`ec8Ps^W>{8*~#qv=GGt`Xrs+aei^HtuQ=|w`e$*JbyY#t>)Hqxk;2uNJiR-(K2C5vc;)cP zzQ+oEtHpO#EUits&y?70n(>%dMg4WBT$V%It+e>=Lmcr^u6MdZ*LZcLdN%C;$-pKX zrf0VOQf9f)138&UJDWMGfg4qpEM3T7VYB@5zO!pLd?+|1-ajSdg6%55dqsCFs@y+y z{*sM%G^kho7MZyxVc})r)4P7ZkF%%`*AuzC>v&^bw(|T)tHR^!l*`4K)+;_POxSzH zXSM%qDKR;}ACs&*_GQ#u&fg_d|Gjg|nx%AehSVwhZ!H3ku5Fv}PBmXK?A*W4-GA<0{AIZQ)~sxeymbqI z+}LgN_y3*)`>LDwWM-~izHIBfS(Dp;e$Una(7pezO`-eYIg$%rzUcn*WB%!O>wE1H z_Ny2E*eul*KU*cDVzXqaPTjl>bLIaX{(f_w#IN+;S^u6&JiT3a;@Qc^%t^a)bgxX= z8W8-=EMKps$~0s7&;FxxR=hl5{BwEw4n6T{{QU)MZl%XwpBwSYtKzYfZR_uENikxl zO1~x9{k2lpv#7oI;lZA?h3n27YL!ynEvJ9PAW$duLf^~1rwViZ7MwTRQ#~X2*~Zsj zEcU)$eg5Ib(Vzj=TF+D_{@L5FuP+ZC!5&1;~Vx&{q?QxkP@%TdXB84H8=0I9%k)M z-}G()Pr~0VUB~pk|Ja_#^Jw3@CCgt+{awTLcU68#(rd}D)&A;X+Z!8dqvqw!I)DB0 zr>Xvt?Cb?4CLcGx^}bZp`@*^Ix0yqDu&#KN?2nt?+@~6r_8rSJZ#h1pEMDtkw_5zM zi#KhvB6Q8?zP-ETC`-qW-bXpP%WN&1pE|B_)|@ld-#%-}>s|A|+vMFjC%0?eS7Yhr zQ5O~kdq!XEeEEvuZ|?kya}4Zev~Qky{?-(}ORD8-zgE^aeEZeE^TNx!i&qsKIy}Xp zYxC~bU&U`#?rfiU;d`#%Um4jw*L-|qx%&#Qo^-6fe7vM~=C%z+`fRs$1{61z+1Flf zzCO2PyV<3;DWBG?l5XBH*ET}Gwrgu-vt6-l=Eld{H$6`hH5I#G9sT~(b@qai^2a;) zSh#-pZmpfoKI_TXKc1g1Tg>sb6{ImmuDk4@%oN&V9{h3%DIR=I}{+BMAc)6R2#z|QvT z_Uo0IFH#OHU(rZyCpL4Y8lj^;{x7_CK%l{%TBl$*KJ9+;6^;}w)dH$p&`R^aP_I!1FPj8F7H`BE>^vo_^j6A#X)9#8a z@1hJQb6c@h+FmPiHa&K1RkRl`brpT4AT~EIvRZ%6C$`@vOGIqE5~s~OVen#a)}k*i znrZDbgO{(mSg)Mk#A9ea%~;*g(qVJZ`A25j-yGy+&A21q@UyIftpzA`oaq<2JaOZ^ zGfgp@f_RU(Yi;*>caKl%Uq#O(Za=G4{=w6KvREqqTDTVa^tDf!Ji6KSw7+8r+8}K`v*TcmaE9gug=pn>+$iIZDOC{77=a{`cCutl5~pWu8BAm2X!*!>o)&v9@0-s$T4Q zb*y0e|63Qn?liw4F6ZiWD{9jFD*}De>D9{5rL83k$}dOcE56(3FgNM4(A z^B{w)f}RCN8fgk@PxF%Y?{S!Z+ta(bwI%29iUrphrnQMJWv=jK$`0?Zl{s*;CXVx) zZd8+9vTUYvq^KOb?$+m-+rD3piax)I-Kc}xEWm2z%Q=fH~ zv)t8V|6MmzJDpN+!14Rlv{|!uzu5oqNL0A<41a-ZcmHW_y_ax*(v6U7_cqVT*jjFX zr@;6@QPTSj{(oGKiQG0f{C(*0wGAH+vQ`=H%hY{SJtwnx`{&HH<~O#hOuJ&5sng%5 zaOZa3?%2N;)wedDzjSx^R_Bv`*Ie8$-@knLLAbDu!Glc!&w0PO9$7YN<}!6FrJjS0 zdQozyM_S(O(r6Lbt|zIWb>&R{=hfF=HS)}>`^ft3?sEBm%34Z#v-jHnWVOG; z5O8k&y_K9m%Vzo~x_@5&d87j<-X zInCcRaZ!HV{Q8=|VyE6QN32S|+O~JkhkX6dU!o3#9a>*kF6ORred0%s{+#B`>-Tu~ zo(Zt2p7!eGjlbqL|9w?=gw(C$yInKoaPq=ed$X+8t?r25K6&}RXqQ`?ZoZWbS)P~Z z?xz<0y>|AYtM?8_3&>4B+2>v~r6DL>^lP~DRyXl!$I@&X%*tQSC>0Xx(_7oI)=jl1 z_4NkUx>tLSA6fZ-)1$zbH}{zK|L6?68SS3BRro@}ot^E6u12NKO?;RUF1{%}+e+&| zXuRXyl*ewYC$EKgxlWe#58-OPU)5%7$)?mCS+FZrc1uw3y&iVaUrl@8L@bw=`(|9! zI#D+Md@$3taBa(C%@3RZ(ovC7MJYN<#OMw)LhDzzdCVy5@%|gSGuxqY@TXEalV{% z@5&cjxeacxmzZtUkYv2LIzl*S*5mN7UB4JZbvR!Zdfm3Z;Cg&(r#SciVE;K>RqJBr zlytZ;?26v_jWHvl^nO*)<3-2b9Ny5O>hki7%4_ih%Ksjo_KcQY{KxR_WvArdCnPN| zlr=t+YvA~jX(u_w{8r{aCr%;P_2=Y3epnQ-Rd1?==!17hE=e7VxtKY3@y0bf%^PRz zFn#iDiPk~8h63JSJ*8_tg)Ns`-P$_g!_}K5ft=rTyA<-)Zt7kAXi?;*6i)AHF2d7i zoZ9>Pv&M;8dk$OaD0SU9QhjrWX77xG2X6Ljd(ZYf`LuK6wz7w8hu*~;K2|LZI-#cf zP-ldYZ_J{^Lk}aD-`dBiD8{#a>r_4S1zpK!+p0Y;^s)SAICRy!qc6HO(d<~pzQnI_ z&8A0|N_T`ZnonV8`x7L6!mC#~E!3>?yPCk;z5U$X9jcbMtM4W@e7kl|Ktoz6Gn)-QM#eKUtAi$_ED7w5ATv!eM<^}h+lypQ>o0dJXqpOZwD(89 zXo@^xH226Om7r@X!sYM7iuQbNI_q`pl0?>|&)t9aZ+)Z}v~n4r_`3UC%1WU$@$H{RFi#K@3lDZocGMr)+HBDoBy#sdGkr{)lXa& zx3?`jEwc2-Nj~WU+E~0&ERZW#!WBjTb6NKUpA9BBb$iaEB?}S9LgncXD9Wy#5wfuwaf;YF1 zrRiLsbLwM2W=HJaX+4F-MPDz!myHYDThb@bDe>+?l#|b#wjKK-4p~`CzS(%O@^Hhw z`@#3R7kS1$|6gc)cCMjIOrg;Mg?F88H)ji}pFKNw2cvJ&wEKzw#dx-}o}Qkkz*M_Q z@x|}*<5%@m7YMIS-s#pIeA%hHxZ#~2yUy$fcBO$bAFa6O&V9S3bcvwx!^u_-_4~~) zEKED;RQKzMcG6R+N$bOkHXirAezd#f_;NvKb>Hc`Bv}qU4m!?n|Ly7Yl1hf8h`Qg|D5e{qoqO+% zYpt5(N8y~uA)B0)zNDx`{#?A1z3O)6U#*+BmwmhZe((0)0QRpH*DEe(-cL)|u%7$1 zcy99ZyciL;ik7w;M{dsO7u<2tKfPG_Y;M_{cL&7t>Tk|@H!p0KUH-z&#OxPnF^ZBdbRNzpOcGD=Ii&a{?~t8 zPb;!~wfDr$ew{Du#^q~oJDru+ztr3oDqZXu$8>quamjhV%h&w7*8g#TwE79AeS&{J z&R_R$p<6;B%f#ZjrDjuP_o%d4_{!`xOf0Fh^zaW?zw@+yxyza}2VT7Ibv+$fcAV8} zz2@NwZ9eYC)8Z6t`nHs^nOwf>{;(=YSSKX5@X?m27k+-Tr?Q`E5qK1)Bw43;)g^Z4 zB;_w(|Ga4^-szHZ=eQWdy=5;?iR{}g z`&26HVENTo@$5(CtXjL@B>{hKC(UyDbyjJCj_t`@BO;T=*IH8t^0MX z#buvsul(=z^K9N*j^bvF1y7zYfbKxpPXiTD%^|KT({m>#&Pba)?|ME7i*jM4PS%* zRjivgZ5`-Xweu_9e^~xpDfGFINx8)_mfs9)>vtDg{W%~1)S%wSx0d_byugEY?|)6H z+b;~$NI_#mtNdHkx%_j zwa~5G(alnGl~Sy7Z|rqWefgf@(Yr5pNALL_FWGcK{Olol`@e5XtQuVnB_@fLO<8q6 zDRk5CX-6gsl;qExd@gV4Z&S56{)~va<(uaIjlJgSzO%#o$N!tV|G!vv{?CE$`O!|( zS|{pC-sEtXXcm>`u`ujWJTs$_XJ(qvu7#duFWycmQQ!G?r}5_9zSVi#tG}gGRb86% zZrkO#lkZhunt9vIQ~l;lzRQY@x|uIpI%DSuJZ@+{$YyQC5v|;!s}t!oO*L}Td-?dE z+fz<&>*1}5d;a9eiAnqW_f>uQ`>|%;`Olhe&NAP>cHRusRGD^?Rle5zU0bT2NyHkl zEs+jKT$i8qu3yeuE)pP~wARB&+CWP7G{-qV!ylO!)ZZz!H{ChsVl2M0KP_E%{=$}k z_0ccmBdfg3Qp)xgmUdchY>DA`zxHClkspPISKiMGao5hBX}9m}iK9z5Pv2nqo3llI ze*5CYrE-sFhJ~l~zgMoyIqSRSdj+SP@O9o-nze3A-S#@!s$Mp6s!unT-+JQ(uZ!At z(-+56t&h+A{7v$ErOg%Z>fof?8$VuW|D8K0+w*Zm$#Iv0Sg)99S0VSdi57zMCx0uR z{=!$Py7R%FIUH{oU4HGXS}X2;d#PuCX`JWkN0nLHrJdPx6qz>5cC)&M^3rm-JeSTqG%*u6*;-2~Yja(z5Gt~Gs^t3|G&1bIN@vP9stJE%v zWBcy;77KLsVn2Mkva2*LH7Rz&|DjpWpziB!n~xua&dZeD`eDwn&u40>2E zwL|WzTWe>UP59xrs>?tx@zD0|pP9mI15X%keECqT%bmUCSe74a;g-^*IbqSt9eckD zty4(;df#mN%nK_6n_BI}%c2vi1fG2hjk0^MZpHMfDagz=V`0E@wnr{Zac{!)9!mLK zyQJ`qZ|S^KOJ)Td#AW9dxPCga?#-Kxv;5PV<$9%3tL@lxr@#5JSaHs_Je}L#%lF2e zv}^b%`L@ceZe`kJ8hzOTMMUee~;vx)oHygubpSUoi{uXm%x z(<4VRn;surwCG5of4b3vx12&;m4)nz`O74N8d*1=b1lEnn!G@#G*_YFs@Rz*^K$_* z@1Lhnws_Pux^TFsADHq|uy0Mxr!5a;n-UJRPm)@*bjgv1$Hn>|CrqAZZ0Du5 zEg^Pp-4^A?$G1nOWPj3#3w8<&RBW^9ExOmsR#+ap3yY5=gyJoX8!jQj$AyZI{j1St1hh-H5Yo~cwPSPuzSB? zv%bfdGV|QItZ&x&m=!CwY<|ntqmrear{%c5Px!^o1FhM0i<I{LE!m?(4(N@{dfJ?fW83UHn#T%c8#}-&r*8EtvgH>UM|J z;pVM5XEzo<3(~(BZMJK177zbBiF%y}$4@&=yA{{!$9*rL#e-wU%5}L0g=qT-L-Q5{|S@d?duIWJFRdYTdpT(Tl~!r$DAze ze{?xiK-I+_KN8htpu(ZH8Y5$C#C+Rys_Wk&<L%Yd`Z%K3V_$PqvAT`Mzo0$FHuvVr49) z8S`rQZq?K!9~hsi`|BL7Ik9B^(xmg{_a8o8zl6^)@-^S4*X{Qoznx!qK$zctXN|F@ z_y@V?ufOKMfBN-F^pmCaRhDa?hAP`hFR%Ziwcdo`m~+i*2R7zy<%Z#}BULY_#fmr0|&oBJ{!q#ugmy1^`rmQ=5o?(Su_vwGF`PnpHeJZIk7lRd{mfe@@CGY z|5G=~WR*RfB{}W%>^t{zwo0u%=kl@b(h~3UY;Nu+i%eYdZ)MEgk)u0d?&S8&jnhug z7S{iFq&zLO?w9(H2WMTLO}S@b=UhK^rqf#Cbd8SRX%jZBWWF@{#fCLkFW-H7Jhgno z$A^;BR-Cz%TzkUn#h%`Oi5y>VTYSG5x`j2(>+~su*VCV`U41XA@n@L!x{J3Pr!EbN z3cADd?B#_=sz-9!ejS{nvt!ZKMQuI0lXq&=nq(X|WSG!<=Z7;o<*d%+u zFT9$Xw)CE7iPyDD0+YEmWnIflef_{PYObRM--Dd&Ln}`%{?TZ3%8TpbIgu6TetgU| zOWXF&?~~=q(ivLY17GDYvz9peoO8lV=^Fjo?Njty_Lba@*ubx_dqL0H?7Jr4Svr5& z{Lq}UL8Z(-eD~B4&9}FtvgGF!tO8{Rc(uzuZZFgw#oa}$9ob^RIdxhlM z+g@gsuTN=~ZF|7u{;{elA%acvrt$)_h?^VNrs#MqiH&uPOwT(nEk6=4k@4)$O z-P&c}4!X<@-E=ZK-1Fqwv|Y`GdB2$grZi5=^189h^u*3E^@9^N7}KqN%}t)n^wQAY z95BQBwBXg-p3a||@0_{Qxpbi^TUfsw`{pwuq9u>M9((!zb?YKaABlqU%hF620%MF0 z*Uh|f??};spR2t!ZYTH|89p~VHAg^q)|$?Yy33wui>?*?ztT6eRoFn;n(-?oxZpCRDFEytMbaHbIZB-#jjc(HO~gl`1~g+)e>Cg zpKmySj&Ukn(SJ?2{`Bnk+aGqXJhA=V^PTy&hrel^{=~iH{Pwkl^55F#f7t$i1ARa^VRLkw&nUg?+?T}**RqcNpv+JJJt5RVZ#xH3) zCyyQ9)TQacW5IK8-i~E~BH{6m?*CjGvNYN!ZHah4zk_dK=1G~?EZG;=1#G)pf49#( zSozt`St@T&xEepLFcXtuY|0CN^gJV}^TL~*SNoz&Zc3~%eSC0VpjEEY1lb^_8N#WV znm2!`mgQ<5ogi_bi@&n4Y|Dp>FV&*f@8mq2?zwwr&o!&dB0(mFn~u*?QtdXmc7AR2 z%m0@9-!2lWId>`eTf#5q#E%(M7Tjm)26J8R#Qy9GKIPqMAMWV9!rp8*n)G>EWF%Xdc+Y#;+`5NX6n_=2KBKW) z&+Gm3x1EmH0t=ny<>{5~GKvz`e_UH~r2lPD`J+7nZKljKjkty7x#P07mKTM&nz3c; zR+mL+p7WlgsKi*cK6cT|#r+xk-lzz8f4syae_zb4-R$x7@Wor>x31BeA-CfCQ#G?0 zD;lkj)doijO~2y3`IY$;4aP%)^7BM~d+aW|-I8$shW7Ez6CZCDW!mSwMKx!(z#HkU zMJ3;U1Sp)m(a-j|ZKY|%WZP{8R%<`qT3zQ6j9g=y4jzsb98(o9puBUVas zf9sWc|9oMBo0zxU?Xb7g%Mx@?IZtNo(eS<-Z&f|3-)?V{@r0lI%yxw=Tecx1h;8{! zkDuXpsbb{;zHciz8wa>w0s+Sh(J;qQKmF>j|&N&S|* zAZ}vBE%SLvJO4<&_$>5STj*qkWvODzj_W$-Gbfd6_p)gxES8=wz3LLjueX|>Mh)hw zi}fD8UiS3w^`Ech=RNzvzu$TPtM?Ue@26WxXTJB|^LhF2=hGe*U39hgo+?^Aea5HA zbG~xB_f<(e{+(a^Wd7`mPyA)N{gTDOx-V?co#(EQ?ekVG%_zB$c;n#A;M^9&O}{&%dWz>Q5;}bO>Ir|lz-c_Gu7bDc z*L3ar+Bv&*!F+4sZJx*f+_rj=^YqBd%OyXPPwiVtJ({~EtX9px<^EG>-A=1*A-8g^edWv5YyE5t zUkOV}wQSt^>#?NkudC0#=vy%#Jkt9|>(jG6TQ)Rq;$^!tH*V4P-I;$^Nc+Yqs(p^q z$xb`DgQ0`9pxk<=<%7fKCW$YqRqPHk)Wpmz^q+7q+A$#W;wq<>ro5`=)G05WRE`}w z5hoV>*5pOl+5Cur-Me~TT}?gG{;TlDTZ_AlO3I3RY~PyP-4yV-wfDtxR@3EakA0?8 zy)-FL+G)MD@KeLJCy{UR49?aalr7v^bWzgjq{&^UPfxUsuU0RQnSNY}r6zAqnf1Ec zfs6jm-D1hLa^?qir-v@*PXtZgo~F#7=c8lKexN1w$ey`d{+@C<%j{k9+ten?T2DN7 zm-rM#@pq04w#!T>-=4dDnZVl1o*5T4%y4LPqsI>FpnW z<_XUdXzxfjI>ghHexQAatw3w&GUZq<|H?8RU2JvF_lZ?1pRve-=fqW^9)uWvUFJ$;tZ@Z!h!tSxdH4fk7> zQx^JgH!D6>S$8&;Epl>0TI#<=vePF8Jq_Gc$*!s#_-Aj~o4a~@oC_B<@4a#E`{T+D z)7G9;+bgMcWA-Zr^Ibk~O!9u&6gv1OUYwGudtD^)$DMBTYyMH~{et$}&Rb1AS-4X* zXQjtJpJz{0^F=RikYB%9diLV^Cp;#l{&jzC#gxIVS$(1F=n7f;<*j#0wrzVX#q}`f zb;{RwT{oxCm;HNtX4JbV4#jtgr;~0xoHsGvqKjtBQ?vSkx2khj?YUyJW1Xh`+sMrpiT-B~`+qp(_d&+~ z*#5JXx;lneh5vv2UGsnazVrS6UdsMEZocY;-EXVstKTFfE3mt;E&1$X)@O???CR!U zV~~)yH2BW2glj?nwacBq8lL|CvG#d=woL<@K&RHs3^iMCs~n5<+g2Sv_aHX?^~+Dk z17@zOd{sWB)>=$jicdYSgDdcq`i~6TN~v%k*Qbvqxs*~@pERGk@$Uii8~gbb+}wBD zGDp^RU%18^@LXbJj{Sjr+qljyiFIvkR$`e|nLC!xliz#UOF(w2e_eC!>uKN4_WQQT z8+s+&f~^JU6qfB%`>Q|CWOug7X5NrjmMoTTuh%f%{CuM0@{H9h?^@046yyBzcuVY} zl^Yw4=ie+?E}`1-Woz-X#l>5`?|AW@U48#?5z`-^iWrqx*d^sTE>BM~UB#HX^KjwL z(;1%UTTh8ZD6j{^hJy zx9y{>r8_Tsi==jLe^p}atGMw^4yWktYz^O@l~My_5AX-srSu_84@0hsgfIW zr>Oa@{ujOXWq!3J$4(*1)s<{K7f;T2%y5lM;<4|zZTkDd?1g8V?6?+p%4@npk&K9bK8SddvQva4?wty1xy`NZgsfBNiXuV*RG`tmcSKPKD%7xWd+vG~1* z<C$(s@<&(99-b~pZ?*z(!sDHtXusDZ{bbx%F%jWLdv-*!&($C`5&lW%R9dUv*umwe}! zqU5Awx$DdXORfe5ZJm0l^PnBW+RiSn&7bCY*l)jd=991!$HaNR|MbjBR5SL{cw@3H z-u1?QwWG2D3udn?W(ZruzeHZc=>3iJa~Z5IA_DLuxS_kt7mHn|m=@r%lI zww@@>;bm}J!>@BK#?d(5?t{vG>)&$6rE+a{=1w##-XAD=^Q-m!XRVv>Km58bc+aQB zwr_qtwmog!T(q(BeDRZd(??w^HE#XWVK3Kn%Qa$Od)BLN*3Nf@+x%zl+kWYn#s0YD z=N{fO9<=hw#G53aEW23hD9Q7o=9Ad^x=Fv*Z{PP>YwfA{^!uONS6q`e6k|3Icy*)p zYv#9bAO56Yd8$p_$NrqrkDs;e=eAPSV@jfTIvBNdO4}_y6bM=dFaKC^$IJH^lkLx& z4galV&8Kkq9Iv)tpq#o}?b?gg&t{5$Pn`L6@0uf<4)WOQacDLkWBt0+HTU(Or#Wj9 zgk`rR9)H?)s&wYx-w$7Z{qtgm&>QXlTb*t4V%-E6%}i4|pQhK`nPqzOfRmWxC6Q@? zu@P=IkCy)r_uG}fi__(iOO4;H^Q5+}6A7 z^Et_Mk$yJ!FRf}^;lBd!mk7Qo7P=8&v;BL$dEnE)O{M0qwq1_dDXRWxU*qme8$Nhn zxyY!yXovNzApWZ3dn)!Mcp2*2lq{ZFJYW0ZzCD*xy!R~iZa=wTskKB?L`jfCVyjkQ zuI|SlUuJ8Yw%O?Za1!7Wdf@k5UbScGbiWmrmWu_}MR!gJT`;@Y_vGek#-=#)i<=~~ zJ~L+MOcA;D@&2dBuQ<=yO|I{Hvqxy#yP(VeE{fjS$g$V_PKd;`S7{kB7wROB3p7ld z#Uqdj~#92ww`@DxjL#U^25iC#jD)3L-&YH_2azNa!9es@gwz8u>y$4EsZ^YH zU2$eg#8HQ4H?NeQi|e*+TI}XqTx@<&&|dHPm0jmP8_$yUx#F81{Axj5&4Fg|;7`T5 zXS(0UtQLB68Z_$6#r52}a`6d|f2rnik9@lJufBR}PS~QA#vR;W)*Nw7DR~sL%ebJp z#Jl3XUW-6E`^gWdR|Kt^7gYD_!RBpKOa++cn|{)B`1$WB|1?#zHZ{_}8)9G2VX{Vp3t-xZ!{=PUYqe&D9G%K!22 zdU;M&O!;s@CT*7=$G4gCmPd?BpY3GNXgl1}o?h8^-#MN~VZM>~r#FtDe|bG^kC30o zDy|jVnOd@H*UC1170v~X{jcYL*Su{uJ56qh&vV;zxBuME((_!icF`@T+)WAc4|bHf zR-Ur@EE`#8Dds1$WK;V5KoQ<{&if}jZ+_HxxX_?@j*VTc&NPdy&lb#kd&TPbK4Zfh z;Xj|4TWrXzTw}f`%cN8(Q+MXfC+bEI4m_XfoHn^^OWeH)Mhpg_M_l7)Jq_PvTIC~c zwlVp;+`f>xD<%tny>!?1=UkWAyg$kfr&_iiv$DKl9vmz@(|BWs17}}~>NGnOk;F?3 zist7U9h(xxN*k269f{;S+WK=b?@5oc-tG5iryVfw+HL+*)~Cd#owf~Q z&pl<-UHR+Caw`#)(Ct0_M<(z4))zJN_$i$RfrTaO)EDRNIk~U?g``uO+_H0UI9JS!v!_p8oi-b;N_~nvZ!}JF8+1&CkWBetTz)47VTf+;=E(ZQ#rxvQO)s@< z6TfXy?TN9XyC>-|u9aSUQFPbbU2OR)dSkh{~oi8B+rtH_sWmotIkcRPcXR}wRYcT?`>R)M`AN(#wy-@ z`{~A}$DS7d7S$JpGE3F-^yetv;EIv z+Ff~c;mXAG*Vpd(dwBcLr~30_j_}^CKNJ7cs{Q}E&h56oUTjbE({`9Wn`?66)J6I0 zk0scq)>*UjUr&rQJp6e%%kO8CZ$95$F=e}5iGZ_f-C0Mz_nwBk>s|el4k$Mqmu@}u z@_bjDyLf|4Y?YDc+8v%USN2y;30v^%rT9&A)zhbbJTU8-Z}Mno<+N$@PGx#4wXLr| zHFNfKh8QMKlEoK67-|%dbz^&J{mP;yLkf;VGAMv-iz% z)(=~r*Ry}Ba{iUaQm3cQIV{b2J9Fm)<^w^YcFqaPJ&PZz%j|xj+{ShK-}8zz?@8ws zCg<{6ulWDbFzT;iL}KFqhv_$r&L2E=@ciwKj8F0w?$P-A`Pr@VWo*Bv1*gT|%VN%2 z-kq^x`s#I;EOk0p9FACU&`?D2UjFfC`p0IStBVgkpfz=JfR0Oj{)Ap>wI@4#)|eZ) zXEjf~#H2p=-pkT?PRXv{u4F7rYwKxw@wQO?>^teRb2@pfrati4$GKVRfJ5Lyw&~hV z_3Pt*+NGpcEt@O0mW{*lz;*s|wEg_kC;xVX%Crh0m;sMvz@ua4W_@t-fwb2-U`vC7u#|0R(W zwdCx&PbV)s{#W?1Cr)FYX{%0(78bs|?Dwm^QAc*E>DDPrZ>e&>Tzt8y_O$lq z{GLqRqf+MUIDV|(nh+h@y;b3;V0p{OsDRBK{5LXoFO>OfdNlRSwWI1?6}6`-m9?ku z*{FZvP=9{0xYCr4=_|s0?CX!Szp=PH$7QnF`pNeMCIp{pj$Zpxf3E$laQ8nJ>wj*v zvG_an-fO+ooiV+gD^<@->j~?Y>frk=!O@ghIc3x7hR_#V9`N!$+`nv&@E0}XtSd9P zw_40~ywlfERCD@bT20Voqm^1-SL_`G4hzk*f3A6{U%&9v0@6_eXze`j&?QnEn z))~+KqPZ zZ~ud9o?0)e5MFuhRVb@R-g*J2Gd@OtjC9t&+x~O$Tn68o_xo%5%k`^|89h)kkFNNA ze&6ZW(;Ls~e>fC=iDwe;&W!s1>noqGpT(g3yZ-malZ{T_Gw;>C7SXkpQ(AmEyT;7# z?}z+~z1$l0jkdRqq$e8Hzh&LGRr0{$mG=Mn_J2;#FMhQ-&!&-~(Sad6TzGliuj_xV z=kM{YcH6#Zi_*NjS@(X*)&F=KZt;}yad`Zr@BBJ-8!ktcPl!EG{eJ)U7q@q<&&aBH zRH=IU{I|{Z3r}u0IokoM6xIHi+x&9nGq!m7@k;&S!iOe(N8Ts@`@E&(Y=C2~&JFfs zZ`mz3=*qV(+oJd}{#A|!yYByI9%o*3Kg`Zts2ys%Ifh&Gb*Mv6U%l%bF!7__t8aK?|_&F0aTA3wXrG^~1L zn05VJ=KHf}H}vm2=T`UW`|(U^rmMGV-`qDjtXsdJ*;u?L`S;b2A6;Ws&YvsTJU4wx zg8YFE&Bv};<{8SVzIng+@fZJ!$IRA-AyeM2JUD05`g3dF_ptvi(zyR$r<8xiC&Rw6fNAcnY`R`l(qGsv&{?>7SU1lhB=x3zx^f`4(ix2LK zXlYnJ+dKXC%sKzl7oAwqvx-et{NhOJwmnMe%RhdcT+#etfI4 z?dkrTe%~8D`R`5qbi(OghSsAE($)R(Cuc}@KH7it?)KE6KS^J??Otk=ihatn6(ylE&@YOLF(Z(6ug zUyw&zFY-sx)WytEXXf}$-o7kA@`L2N<@pJJK7LGyH>-TTYK2Lv|LTcL|Cm>&h1du! z*#BI}cm9nJ#~SVkX`NoiW4TH}$HOb0zMIWM=C+=B@v_n_cFCO4 zT54}*JF>r>{&t5=W9EBXsc(;8*|=|x?etq6zFt;-M*M@1xpiT^sc}E^V~)=K@#nGg zsgJ+EwB`k=J~$Jt66kGsssHh^_@6vVnK1`e=uT0+)azufS9I=~n#HYcE99RqRg21Z zV=!&ow276?$#{js`Bgd%3U{Yl6|ztN^?QQm;;)8}D{TLL4CRq{zxd$3I8}z(v!{Q2 zx{CK_XC%+TJiRiX7u=_v1l(_nzA^vJ>9coUhuf6b$Nk@)Iwg@MoPAxVru$yp_D_4G zQjbh2y5uDH?9h>)>5q2SC2jCePP#lTDC}6U%=z@+>-tBowWZU zU$Xa4eC78~)qlQjzyEmsa=X;eiTnQF=TG)675{#${Kjv$P4N;pzs}wNVE>!By9}aP zZcDHKP_^m0M0UkPe*Qqy=soKniq5 zS^xfa|GD^oYrEv(T1|WJ1jv~C<><8aPfpu>-1`3FmpUu|dCjNuH-EqFdGG#}e;+_| z`r)R3D?dN@`E>q=FZ1Wl``4}cI}0+6uX5jdvi# z)~&z$GAC62?fZS6f6u1ufBoRefAfV!H@Br%e7yMN>d7lwraihV7AmE?zS>$PGhg$d z9mDybi~rpHd1bBlG~4Mn7HyjIFhjt3YO~c-$yC*;)$)s9KUaUrWsy<$TzA%F8}F^_ z`kMPww3_wWKe_V%y}$q3|G#OA&fT|&{rTADYwOHkr(*6Ye^~8S_u<@?wHm+d z{&Cv>sQ3~eY<%h2{jkU4^OEL&)_qmoRAMT#aCPFR_o2()+WgL_eD=zyFZHVG@~H6R z3)NRot!iAkqDbxhsVgtV7Un%kc_ljedE>e(XEz*;yr;aX=9GMG7qc;|>GLb)H6i(MXMTP`!#b9wWhvdZ5(-g#S z#jvny=dO`^=KEY|Wed zxL-R7FHCaW)R}GJRKH%Fi^qY% zz2980qD%Ni=2FYl_!*n((^g+zVZ8aP;_EG{FBp7gZx6h5r>Xcv_uDs_>sDP&N!RqQ zIO^V@Bl}D@+9UMbTfd8I4Hv$CsV4FAsarg2TS(-o#opVO8g584diC&?}?+bd5y`@GFsEE#yY!a6fU!agq3yKKYhT?Z0h zX6VnoE_B*xoz7CDlkBUv=N-9nz0X?eXzuGHyLT}i&baUS^KN)nN8YWhxu&m`s!#n& ze1TOzn_Idw^GUPiaiLyUol__8|NT*5`|mkBeg|FO#u6Z&vn1{F58h{o z`tm3Z;0y?fb?jNBJKR*ni!Y}^n3=*;@`aZ3j8 z(b&IV_}UA~x2UWQp0W1Y#QocPx{M}ox>MG)Fo}CvZ@bqmRow>WSyIOTP93; z##x*Dk6j|uPF*W|T-r9}}nQ|)bksreQM>WN(I-3;11IW;S?+8APY9oyWj?x*LSmXq4o zVU&0vfZ@wmje~X#9kaFPpEK}G@v5J@@mTsasl#ovp4@kjmE^a5v3%!c?-y>`@;f&L zuHLLDr#fo~TYz}ZlZ9P3`|}UVO`jCFe~wXgt3Zbo_{OZoE`rahPYR-eirx=ckq=&~MP{r6}Qvw2IO zCUM`DTd<@{z5cCv#iIjttHf3p1kao5T>mdv?)Mw!zCVwqZ;8!Wcz5QKv)x;MTA%m1 z+9$Q`P2CLJQcb&V*U87%t(QCY% z>YdrjzVh$Y^O^5hlaD6bY)ah7|2{3Ney`Z^-DkffF8OrPU1NSG=fx&3KAZewg&%`w z>Bl@i<`BT?zpCg&e6-uu!~Fr9?c__35~mR`;77|Gq;c_w2dlzaG3#+&Fjn#+_5={WCBOdGg|V(%ne+yUU(z{cGg8^mO{# zrCqCTWodC==D7PbY}5DayFSc$rL@3s^Iz>~vAz2e{Eo)S?SJ-=Ihx_?t+zJYQv0Gq zo=(_brTcXDw!qN9HpB95;&%@2D_)*)Cg*PMf!ysE@4i-+kd#$9=eG7@U_?yU(koL+ z4!8wJIKCA>Yq7rUVF^1&-!jd#)fb=6)X=p>NyDr7C!{_3RmFr?X%dbDT_|4os`C)iK%T9x~ z^YSW2i4)iqs$1FS-gEK1>2{`arp1klm!DNOvGQ)d5`MH{qk{BwYriAa-3)C#>Ea85 z7Ds0;s&Lj^%4)2mFm>tisNLO6)#~4*?V2vG5aJ2SJfW@g^dP(U1^xEjda;sASIfri z6g_@7S3M$RT1n@Y7iW(Y&C_B&7Rh$)iW>8-)pbqEbvAh$&Y1m}6?*2@qSZTMFB|{i zaZTe&wySZT_|ZY6M>hRa`1F8n2Yv1>x-LI^=I+aFM(B-hQ87J zqWye!G-K1@$6Gnwe+OjVd?VQOM%3z4+Ap7?@ZcDcCHKo`2k7{fIQ^>K7S$Uz{mqVz zCCANscg~X4&WYK!^FzCEZs^Mk;!{5)RC2~-KZ?23aNj0%rbguA!*4l+&U^8EI=tk4 zsg2Z;+n3Mnye)bqZ1!>EsLfxd?#Y{@o3%a;z*Nzzp z`={T2_~S`&*fy!HVeOf|l1s%7FKPI;hxd!>rd_2HKAUCM@VfD6iNA|rS#Qn2D!I>U z)?v%YKIlWL-M9@7K`|>EFChxnlAo-Dd7};@H@e zYHDKAvnGDOT*K?@>-95}(~8Wu1ac_0>{xzuaZ7Sm(YtRCrV2RumOLy7U*5t_Ak58xU zP;Hr^61}zbpBdZs2tPjr7djcese)s`7L*G?}jHro?;VTM_t@@$N5mH=VQHaVg9176HkWH3{F(Dec<*_RBpkp)R*hKJ~ikQ+uPPLlOq_t))>~ z0UR4^R(9QtsG6+!UrKJ3mfI>`Zp9;aQectnFzpQL$v`avkMxSKU-^J~dRB{olaD&% z{_4m(?yomKp7UL=)cKurA^-D!+2y4PE2WjdClbMkj_SLy(TCUnUAwpDd9TX;ihrh3 z^H!hwaLs1Uugl9TmnQzo|5o!|Htt`S;o;k-8+P|{bEWb0;;%K|d&d$FDss)bNlG@`oFJb>Q=EW*82MTlaJ|@HxmELZ(McS zUF_%^?~*9P>pmsn{;gV@@9)$2zWrQh`uSwK_y)_SBMhPICYIiQbz}GDo zmfWv0yCquoWbxUB&b7)A|9;_{zWwu%@PbQ+H!AXf+kAZE_VCYVia0~o-aTvn|M0tw z^;UK@Qx}U*-(b7>)WJ>P1%Bu4b^Y5L)>oVH@cX{7b453%qJ&(_j_o?r|EzVrUi+xp zYeW9${12Dz&wn7!%WGotr%AZ}vu>GW%J&hB5s%g;-! zdHws#4xu-vwbSqC|I_>b(SHAl?*BjSKkfFZ4=lXvQj$a(a zy7AoimD^jV?{Ys_Y?P4wf2~J*-xXf;)bngz{3YYsv~U04EnKqy^-2YYP`2S2mt zbgQ}c_qQ6G%*kE6+&s`cApFR#wWe2WLplu)-)2f!(Z8)<`sbHdyfw~-0Z%9FzvgvT ze4oSDU4JzF%L4wt3XB4!`S>#r|NM5hEVkuodn@zjtd-6e-};=kxpVjD^4~r$_ps&x z)7tBD2V?5wYu~~$9jLH$;@J4&-E5xyk}Id}Vw@@XE^E0m+nSZj78Nws>qPIh*sW^k zaee>&RJs$Eq0;0-xtSzrxBMD=#RHfjL3%#imqWh&U6!E6v^ID6VI!_T5e3-9tdTx@Pns(XgaBXwRmMwzJMXR(ormULIQ+DCT8%CWs))tC4*eA^O zf114i+_#to|8>^xKXpdUJzMJ8l|R3hB*;7X73#9fZDlaDI#>Q+_OC|~JX&(8-+#$y zY}+8GAfRINbz`F=TY9#~Mdk>`4Ub>Ne?SjRiQ@b0e`5C6Ox0Wk{7;yDKET!>u`c@Z zq5RJe7QHSKIFVi*`sw?^D_SghyFMOS{_om}cd^0QifYw5yf@u=)EW$$w=XWP-HLkf znv2)>uao9YJe~jf)cm=JoJIBbd}1=)xp{xuO({NMrUe3jnWjD9`F^E%$w5~h*{l9< z7uTGdxc17gs_H57>uOKj{(oV{7t6z)Av^am+Ut}gUUHB(Z)0GZWB*U>?a4#8KMF81 z{QAhw@b^f3l!lQ{t>dQSmlpepxPIZ~+w|bO8fv1SSa6^1kJ9w}&-nNKwR#&;_+$OQ zro*#Mz3(nj6@Rz#x%>MqLN4x4C*M!Fzl+E1H^U>tr~eN-)-ccfd->#c^Iy(A8}7UR z;L8a@jrT`>yY-pt8ol#BAOG*k`R(tq`TLJ>TZ>H)+8)!Bx?c5k$n4l3Rkrq4%UFJ& zs(&lcA3b^P&Y6n0=RG{?uG{_n`*Oq0?|(XnoG+ZOGwl!)#$lAt?v$JUQDghf_y21A zhu^!6!x!gyK9$rAV*K)OX7bP7od@@wQr~~D(YIT8!X;_p-@DE`t7&~%y3ui|oqTP@ zI~TWyJ%1|ln4U~n9Q$e;n!DqQ;#vPJWBdKC^UOX&*BQDDhU@NsSn_w(%7goko_TY6 z`xMQouk+?DUHaTlXG7+(AVz`3YgdZK*KB*Pzo<_9I-|znm>n%|QKR~Z?el${KYH1J zds%)-*DqWl#MJ0;>A#Zq-5ZrB49+uQE$!P<@thf3yFb*~Fv zIdAq#sS53te{MO(*xR|SzV9CXIB=KLWEXx$ZTt7d_f@`H<-4Pc_f!@BnSa%P z|A~F2!gc$X^*Q%{`*^LLFKO>{%b$-wdq$_#mHeM`-}lxdy<6ui8APXE`}+O#bU)O% zDepKU_fA!N`-a`iCMxSD>Y0=W6mOVxG^O~eo~Qb_P)E|cjSz9{QeirSa#*I-vBk^Q5>Yxv|H`L_PW1SZpMN~ z&wSc0`{aR{?2$J$AL5K_A1=+i`1j=HqMq;8$rHlQUf-ADSfq=3y7xwjcfY1A-uC}1 zSN)HFE$n6W-S6#l&wdEAG1>c#%YJjey--m^k_wfXnPPDki1YJ>NP($3e+b#m3*^EewVwz-O>S~He&>pmBI z>aXATre@XrzibzizpjvdN63a8)}??-?XN!t!?7PrAF)H z_wQTMJM-k-3vQ^Xm_za1mfg$R=A&l17J(!y&L5l`Z#=S#>X&`Kr+lS!QT~U!Tax#` zjQ;YrW&QQyB?lcVE^bFXc3S65Z2V#Wj#S-ui@)B8zViJ@z(u#G2Y+v#x9I&L!FxFc z2SG!}fv5NU?|c3yde7Atj3G1RYx|sUe=@#)qH~enEdQ;KxVC&+{KNRqxy52dV(H$H zj0W}7ktWXr`j27l_-)VMK3rN~HS_PXBldTf|Cn6=pKCeesr^Uq|NX1D=5pNSbGNJa zAAT(yU;Q)pTix%kUuJ)YjDp|075|UZ|NqUGk#S#`)|<*K(>j{Zd`|7(+xgNzpB@#9 z(%a2oFzxDx6X(_ke19FE7Va50>AS&Z+xxZc)AuLM`CED{C~Mo*fbUz^f4<>oTp3)y zf5{;WsXmQ^`?mhBcz1s(-#6Y})*1HK{i@G{8d(mmeRaC2(b*L#)sjDrpFZNNe6iz# z$LXbVznTmgLU#TXnWeqr=c6($?#V5y9yNctc`GwB`*_`9cMG-^@L{Lji4&PJxrL5i ze(w24=5Xn0{v{XBIkKN!K0A|t`sXhPUzNl$W*L{BfA{#$gjPQ9qj|6P?Py(eM?`;C{{4^Ji=OmW#Tf7HH~szNS^lygJ%7s1nbbJVUflm+ z!=-CVr^V!M?w)P**QZ{j=K8q{1>1V(-BU1hSh{(`%5Br!w?#(G44YRi@tZxrV2`a$ zwRK}bJ^OR}Jjr}*t)efjYwm_P-*uiU5&ZUcptIbYxo>0kTsqnt-C4^s<9l6kl)Vi1 zvhxZzUoZP~H)rwZ&3?CJ%|EF2DWAFU|Jl{@MRqc|;+Z>(Qr~P2usiOXb35|%v_~d~ zUVU_o5r1uY^G2&a8>GlQIq$`Se^(c8IrmST(fIc~dzY_1e>L7c{&W7`l80QETscW#;?+JNSS9^w0QtrcHUqjy%m6_pjpLH&ydp z7kK!3dBx+1XroT-~9jkAvXKj6dAMX8r{<68vZ@a>pA6oAE z=l-Y%zg^BMt1Mn%&+z%TjabQCljHk@WeYCUZEXG4$N5}4R`9jf_KzpT({_rTIZ*kt z?+(9@NqhA?&u7K^d5YgXcj8bya@UKg?sVXFev4~ARO&;v?>Q8H`AE#1e-FP`e4QWl z!RP1Hzj(abbFG1~UH9-HF& zS{4@J}J1ZJ_1vvkzsLru{v$M&ZOZxFV%DoNHKz{u-^)CDwO~%#>EbJ5=k{LB?Ebx>{)?P? z)US@S|K1orl1=!7ecTVhVFRZDVlKgymPPRqI;5u>wLZTx zTYSfkzmfA+8ZSSy>}zbc%x=g1mutlRi=I7ubAEP~UhVO#6;tM`e_QP}-G3jO)AriU z@2>y+{`ur>nd-X}++VJK8>@NV_Q0Lre4qd8o&O#)-LO!8?S2d6&n>Mj8x~Joe0-VA zhVEnY|IhjS?ubLJqn-96MW#CTT=_pO+HZeXyt^s6PW9Qx z$}_XK_X@lFUlg73BcZ2Y|J-N)bC>5v&zku$kv-jS>(cEd-yGQ0>*|VbnKk#By^;;j z@Gtxmk#S#gPu%&B^?7qYRh~;=yk0W--eRrxKTS3rEFZp}+Y~Q;q5N4X@5TwmcWv%J zZdz}9sCG+TLC>#sU(T=l{7>)v_uqn$F_J4+l7CKM|9$iEjoYg$pM9{?Ik_+5^Pf76 z+jGx!qkd*54R{AqtVxiIOV-5cHI8@9)#{5C!xu-)urbFC zJZEZjP!L#SsPrJb#AHj&^8RT@|4%PlX8Z4Zt<3M5ZJ)ju_#d{OWBuFs-{!9g-yU3j z-hc6Wxz5A2M`Npf{XgF-kGil#bC!eMebxi+@BjZ0JHJP>{a1-^|K}f#)hpIs{h0aS z`}Mk`FJ7?zir+c$n|RS~`N&gee@R&Wx2gYVzW2wu`q|IldEJxT;nre%W7l05&BK45 z9@`?UBgy%-uPWc)dw@^_dH2 zn$K>1aq4Nli<8|P`%2N@E+X&GvweJ%b2LCIe4C4JsI%@@H|1TollNPRAF#gS{Cu}v znvE?_oau$E9b0#GOj`R@=5N^FRk8kC_s&$V-ZMvr$Kb;;fj0M77e%Z&tmM@UtX#_1 z+bB*kn~`znVfuqb_SH8h%zigxvEMXC<6T8hLi@K}-&mRU;m;E3_I1qOcUrXnyq2qM zQp+@y&p8^Uc{=vVuI_j1;%qM4<*c{9Air7Xy)f6bxi(>mOfj2}t9?(E;4irlwK#51 z{=f3n_Qji5OW#d?D=}GY!|!{2td1(W&zjjchON?6bSk)WZfCLIpX;(E-|inw{=NE= zf5Y=VJbPZIv>BD$_WJ0XW?}#7mcZO*yG2tHGpZ(}P44?7lwjv{;{B4}J+klTO#jC% zmo@q8Opbg1roWWo6LNLRzSVs-$z^%i$yz6~DN9bzEh>B#qJPhFf>}u7&T{^(Q>Ct~ z`cf4?;mwp+2Budxua4?3+qnMI-Q#+7R~o)u zdBpyO%I3Bg8~;sL&ph*G>V4jik0jZRC(ZigvwFhvIVHDiT~uXvowcjk$@cHlgt-@< z=G|PV@-n05hrm~EYtd)TJF5LI*WPS@8)|*)_?j1!o;a?YqaRo77+3yMBc6R>wqH(q zZpAX&l5*<{wmFgST*4KsyGkP;Ml3gzeROixm#dBZl5Z^?--ljUVf?<1bJwny^LvzX zFE596gXUv&Aem-#zS>E-vYeQGgnO`Y-mvxbZPAD+JvWm;-B{T>|e6U688*&9!{ z+L&8!)Xgh+(7HnIxyh8=%YjxemDjeN`Mu$IljNl|<6QQ&A-Ot@9%nw5U+lksu`~9+ zgznT;Ek#{#RTN%W9X=VSAEDw^GOl0IFw?b612&5ErOTlQS> z-2Tq+R{62h*^HYOUuX-kxu%(?+7yB4PAkPO?+tsERg!Tny<$RFY2?nj zANSu*Vm1?Hn{|8E%B$0YomwvBv%P#(^k9D3rJKv2pXAvzd48S7cKfM)k=cpPI+K>q zU2^8zg!hf##mlPLpUB2uD%1YD{ifun6z%1IDmA9f)zs&!)@NS4>Fvtx*A{Q$pSX6_ z$0z%py%ObD-e?Q>VH1$2t~pJ1LCWmTXS>T1Z>)=b6`sFiWBJ!d^S(X)v9kMC>aV~D zJNDfA%&1yC&*|A|*9pa-LWjdH?@rL~au$ZIHW$hS^lZ*c@BfjpR(rD8{hRyySbt~z zJQe?Mf_&X`30>Z+FSN8)tXScYz9RX3qk849BbT+e@8(a~+jpz|pR|8{sF~_-{T5CSNul8qObkZhPhXDBzL~{x{#B^2B991-nVM^A8`?tlsjfIZdPE6L?;%_l) zSK67^jnd*9;yFeCGX?59=UaU^@0n4){qqg;s1-Lgo`zg`zQIt8H8a{+mj8%MDZ^8% zGyF0O3xyl{8@c6_3ZI5t{hhgaMuu(KlxMQuMd6!ny4+?Kv(zX^?wBaj*n4&AT!D3r z?8Xgg=O->bX?ws*^j6yq)5Xa=J13jiKS?@Z$UG%6&)(-V-_|?lN>x{sn-uT3+QHJ| z{$_`rNBLild)t%wUfyND@qg#0o~>VdcRdMRW%@hgu559GQvBwc)vec-&9M8;zni&-bQGuV;CGK6QELmYY7m7x!P<6zr@g6|^a?RqO5i7W;2| zPL<7`Zux6E$D=pzj*CydP`h%fTP~k?+=}vbn~dKl@2Kz55IT0v;<)AkE7N1Gzm01J zpI`Mzidg)DtzuIRRMq2%-ioWw%L(@G! zH(rW8W?ql=ccnP%=lZ821^Diys|3H7+GW#_EM=K|Xkwb>48|gX6)z3gvs4s%PR~nW z7E4eUEV`WjS!gNGsvD-UVPE`IaT)t}MwkyX^xk>)sX}z(R z^+aEgwA0Io+} zPmBNl^yzKbE%DTJmh(ADmPdaryz);c;Y?Jmw3FtkT>d7xoHG7{8Iou0{) zr2V^YZn-hN_;7RiO_fCx3M;=pXYP7t!}{X*tP?vO6a+X}vd^sDTI6EIzx0ITen&+U&NY92 z#Is=G!g~P$Su;QRXEWr_dhL?LH$!Mi$hUXDimo(FHwwv|d-L?Vjw)q?iRGc6l|HV~ z>@@nD_w9cEQmxhv%dM-G|8`wcI43{%z%-kKJJKE>*}Uy({P}Hgbtt6GOJ%G>U}12(&XJq_quOOvW2|)w^(H5u4|bqb{{`+z|#EUX}M$H zB_GY%rnPE~?vj+(vLTNTxX$p1%jOGnC`;S>r;5qJJJ)yB?l`}%=d`NSk8%9DW81bG;B78tZ@9&79esIp$X=gST_n{rzS;o=mv6*nQWWox3JxQUxqp*JN371UOh8x@~oBnWa{nZZ+@&U zILq{A$+L4J=j-P39ey5aA(MD#@#8HL)57*@Py2j-$4(3GHTTcn3t7oye)VF6@qwG# z7gMi?s93YU_;jkLRB(^|^x%?JXTF{;W7iiv^fyfB!R;$um4`(%-6pbxObrXlI$LbTwPe2eC3*2ovFue% zPhV(nHF((0f4GJtGl=7t#GlSRzpwsz>h@*nJD#bWkA5!AVSoAk%JLI4790w=-|*`c z!$IlkAMR|>S$bd3p-ikPF?AYy=32eJY=gbN;>WDD_OD;N)^n!kf*N<-&LQht^@=TOoi>>mG#RtNSO}nJ}5L_MGq>hJW`@tzT7QnV)*HS>WD2 z;W>Y%D;~Qyzw_z6ext{w7fK(QoSUs(a8fDYpQW*z$Nr#=3SI_Vw&?rC6&uFFo7Slu4_$F`O~acrCxwG2Tw3=lB(rn{V;&oa&bv5{ z$I{c6AK4|lGOV!eW4uhllkcDE9q$+YO|&}@(4Tx#aqi*A7w-n@-nafP;QU_w@1q)l z=M!YUUJQBdSs<%pVWc8lYPx#!vyy|JYj$T}-y|}zD^Sb2`1;3K_JEDKuZxy@buMfz z^FEUqB=V@qwzPM~rMsUtuvfpIv1jw^(~{@>yw&1w{?rhfy#GtlzRK*We;)n)A!~f< z>7DQMqV398?lOA%nZK9csKoT!`Ii3Ih4VEh$sXNx=2TBaTURkl&!v+vM^rY3-y-YY*S<$=m(s)buT)Yk%yTv$$?aa_qM_g%5fBeVH1!OBJfc zS|a5iUuP(h_@b#L{Oxf~I?K-+ixlkY=d@@{la-%$I?=(sd1poUtxLB{%tn{LE1%^p|&(t1&3jMT{ZPx9xK6{=WG5=w7e}7hDy|--JCQY|ryPi6qRFyr; z|7?eHu3gLfyK-!KCtl8-l@*pS{h|l|+>07H8!yx)^v@~Fc-S*DGyc@(vsZRoS7d!Z zRG(S)UUk8-KUbF<=>M@!e0=lzoDExNy6?{l`{v{IH6*O5+NS6EUWRLHv+Mm*el$0{ zDY&^N(fJaKnnBUDb=#k8)=Ijs_T@K6&e?^h=W`u7H{-%W&*}?RLaP<6UuuK~vaxUq z&0_UpWQwVe{}-{^v+B|2I5sP5$twGI2fob?Zt;luC{^)YhuPdAbhrI(XDhePg)^OZ zt63DEJbr+GfB*74dtEW+r~Bm(erv1o*t2Er%y0T?C(oD4Co@Ew9JN2xy~%@@cLH_3W zlRx*kEbHBSVP|%3V^7^QxmPIkO?h4$$Hooau`B1abKc`PeoD2n_Zjn!bLENByqhA5 z%v>`1X5_7%@Ww$ZcG-_)*$2Bd*taa1`|OKj!_mzZr4gSwe=Jk=P$;|7qxW-P`qCCw zL5{X*DhaOh-2Hw{oVPMUS#_=2*NW=oj?K-C5&22~_x^elDbRF%CX0jjr(Eu8c8kyY z&OaW{+1Gcq=u-SUrLaY2wu1}FX@wIaKw7E_>97mI5H{PDn z{PyAZqdA}Kb(Y;-7BhYGD|f5BW5>chyVdNZ-4uUqY+53>dDDl&jf!@8OD4~a?rHjc zqQtC4iEHEJF8?RXX5X_j4?JZcze4@~M9bR!o7p}$hR*-Y!NSz&@IhW!@Wbvb?HLX9rn!`^|^0zpid;pEb|(@6F_T_xm4j-LPk@d4F=}$JOs|Oqq~p^5Js+ z=L_-Q)J5-|zWo2s-6_w1*#2McYcu~-)63H;p92e~{1c!5bf%rd<%5%Rv-dv!V6~5v zf%EROKRnMboQRC843Cqy5a%*7ZlCje|6a?~Ro)C&zoqT_XUc2){MW}l?-%@5b$=tw zd39SApY4r~y4qKp1P+zH6Mf=+&agJvZ~e-(qWInZf`Ys*Z+3X#WhX4RgC5Jbf)&t-*fg?;T-$kS|u)z z71`1&zVJWTGjDhEh39(|mUrKb>sDMVzgpmCVbQb5^fy~wZXWZ^xf$qvH}CVOyOyF- zTZDcrvfH!I;2E#xyDA;k=%lXM91|lw=4G(0|MKb9Y`vSEk*khJEk9IuaPu9-(#wwi zXB6-5+OE}~zSimfm(sqhDvR{*59HrHd-||-*{TbsGLHh9>uz@4f6(;&!?z+OVZW;T zvd>mQAqK5gN(oP!%S_r>o1qRAv0%(9L#<7U9C z5buX=NT zZLH|tPnK^!_4Uu~ossYVckYKBbLVLX-pE>Nn)>R2iN?gay;3C&{e^qpH`jT0y`OTr zXx@x{9xLbQzunTwFVc3uyx?1?^*u|6pyXBSkJ!IBGXH^1um)&6VA+O^dYu!x8xt)T zT#d;0NakpleEmL>=SS2hjvvdO-cr?zVZIO?Jy#=G+GG=p!Na5W>)mH--A(*i#2LXE zd(PGVl2DPcjSy?d8?$8|Q*GssTr_rI5MB0rZOGF_3f#Lpw`E1V347MOqyCqat@5VB zp||pm7R{ck=wIXzvhd9vo)bkoDw$QU-{s-qD?VD@{9ujEwpC_1i+3IDDoy_-EA#Va zNtQ_z=Q`Jqe~-CWY`1c~ALzGJ$|LH-l8`d4&5BccN>AP1;j(Yr@t}mf;7FGDN8{S` z;!;1Q=^S>+l#JTjY3th?@>F>H=>?}HPcD;x$^A&KOprAsP5IZ4GO-o%T>&;}scA=Z zJNCR;;?E_SvfSgxFTW2t^Z!IetzY(tzx2wiSBBx)M(+wvukP2m&~{?J)0-tq29^gp z&DS5%v(oLi6=j>Xf17;qKI=P1->g^L%WIsP;|^-=GdYIYZG86jxV&t9mNmy7=jF8~ zueXO!?oZlzqjc6*&v`%p%s0DuMdg3(&cFT@&$bGd@b-V+E9@V%{aWLqn+lDQ47w+! z^)?C4!S<u^ zt+(|0m;ak)Zx-Lv^8EAadcT~lmnOcdX;@pX(4M9K;cp)6x@eXwvm%OS-q4#F-TNR^ zTL1s!)0-Br3-SK@P`#q0-nPwVT4S4f&YpJ@&d<;JGfDGshGt}O`jcQ?v~YfNPK_#VuIg_&0JsAcvH8ls&4Ldo59J#aZXoXi1+*neYbN(k4&ZY z@+TCml=|vsnz}SF?Vfz{i+H~ef4A>B9o)YxDX;Cp?_`T#=L#O}G(H{t^jvH5{>O*^ zEuQ{zpFx{Fi>UO~73M1v%sQ@LJ$?HBjOtl;Yf{u@UO#U#Y-c+2pmMkLZ4ZU*-J(u0 z8|adhx~nk~8du z^Ij+Fa0Q*Md$nEnzt@K(^KaRoo?r7yefamoZ@+W<3Yy+cR0#C!P5fW@ufJXA%Dstk zr#?@e>tXTjo~iZn_*ZE!R?W}U3dj#x9LN7qQ-9sO=|BIi_G`*Kw!0?RYVJW5c5R!# zUsS%gPE?3y;XISajo7S^TR95Rt4tk zIM14Wu)efoo%p`~T&3f7D&2a^RoVY~xPN#QS#@l&g5=Hn6K<{uUL;=`yv9&_-@Vnj z&MBKG+bKR#wmzz0C9U$J)VScE%KiW9()W0>riRN$uKC#z^l9VdE=QF;75PtE)edZF z|Ce`r)3)^0<;UvMd7m-6LhCjKkIowp%ejLu7RVnrd2aFbl=PnB2j_RBtBPBh+Mdn6 zpLsI>Y`V!sp38T>$NqX3{Ug66*!RBI=4StAANRk1eB=4&)oKmzK9{~Y_2Agm#CzNa z(xv5|pZ_;MdAnQH#iPb-W*ZgHZ_(sjsr_7;CBI_FmD|n9MIFZat(G-wDsM&xJpA7N zq9&CgUSx@`*e(8dj-Piso|{|#VE(6s-w##xHTPeLnw#}%&Xiw8dL92?sa93X{?MEA z@aWCMHMQ}4FSmViT zcl39dxbu8Vx$?I{U%qcklzV@~^6A3wN7FY>UAb~cZl-Ag)9Dm#uLH@?pE|bBxwI;z z`)PvpwNo?f&iG7xBgeICm*ft%ptFp#R)3!Q&)^^T+&OYzPVVM=b<1*xyK}+^ne_I* zEbh5`-h96J?P?fL;a_JBk>YO8ES_H7h_h8!3KtiD@G@V1e)r6sS2}ZlPu?Om&CbWC zQd^jleaE}Pr0Ub1_2;_ZepUR^e?@=kxtYAWR*#nG7Ij%aezwCd>Du`Vua`^C_>x$C zxA9-Zw2;oqlYR4^EuXi@a@{(+>kNCD~5q zXv#gyHaGItq>iGSfysHf$39QueP7C+{%?Qx3bT+8D@#8-eBa#icvI0bI}z1-%Xoz^ z(dy~dPep1xvUsjFd+%0Bb3T1OE=b3^^<`0Fa%@erI8&5X*=*jG$G2PRGw+(6X_#eG_b;MG4xopmU>sGT|gUh?lA3nK#&kx!3ig$~+zAm>H-QJwq+4A{(*P7Ee zzbeZn?x|hA(bsL^p)(6>HQ&9RGWp&1S_MhV39mlqxG-1zicd?pq5t0IM$*E!j;|m2 zO_+Iq`LrU{O`C71D=%Do+rRs0$2Oaz`F^)v{A!)|c-qr))A-rzQmU16cOQSbN8-rk z;z{YhPX$b$e#reYOZuWt`+a(O4FOu#+!~t{r}UO~-QH0W{&|b7Q%jOxR%UbKF){6D z)>pjK8_u#9exI}K_a~lndeXoCuN8G(CTq3xMUhw0h5iy%^_)5HKA&9q=hke)CE6ocf71e_4v6W%+H&_*v?Fo;wr@g^2XA-7WhW`hRQajoyh(?Ek*M|G4-6PusXZ z&#(V@-+$%Pz1HVH?d5CR?)5z1ReL5Pys2ulVD@oklRTznbLYrQ-w)ay1R_9(vt-&r(;dr$6*tb) z7Z;Nao2U3whSRhAXMg|a7YAA0WsfXha&wEJv%u43lP@pN`LRf7m#wVKDf0)5Ldv{C zGPcdi_;*WC=QSgf#XnuobD>qU_7~3i)~2;3Rp{bOg@dy%yIjv+xhnhF2j{TL(%ers zRfHPk)A!4;Xd0Uof7!U$+fg9Gt95H-^Bk`1Q=Z??*SLsUEjhe++YII{Jf9b;TkP7- zRl0K4s=e-&kFtATs3hDv`!lZmkY1qWU8#WEPP0`DA8{{Omzj9qkF(>E+~>5l?wwxE z>$c5Y+^$a?Ed3yRfy6!BbIu7h>Unk!51Bnlt={jGA&<)7>|!A9~&e!lX|nH;zzx3^@=a(nK8 zy{`@YYu2((j?UFe-tz_WD>)z6zIHtqGpmtH zIX6Cbp9N==#qQr9T~&M5R$9&bub}qq`rI4sf4g7)p7&yd+LGGtGe^%w-;$Va@3ZiY z&bO1%--`Y+X9mK!}yy1dZo{uhno|98w=rTgjK<_BjLF8_~f zENgFl*3OrFmrG&cUfYdMUMb53K*P-89@4>+u71;4Zu3mUeCw9Pn{wiBm?M@S+mSEt z#@Vq;@_%ky_S1!@JD)6)&-C)UQSs4K-FQl(%@2;VE6=s)y4Z6$zML`jjMPnm$hS-S zEiF%;;|kd1=sk65ulu*tE0q_AyGfiry6p7Q{*WwZjqJ`M>ywUbqEHxD^BJ?)xaNkhzZ?*} zI(5N){~z1ynqG+c2XMv~KImh5eO6{enCiUA3oZrKZ;*V?U-i-LctIbV;WMkwdm+wm zpE16+F-$&@o>TKvF)C}?b=4ocXBay!UM9m4SNgb{X@}+SIo7qc>u*|o zT;p2@N>*<#Gb`TNUvT>Qk~dZxbYkabdE4gx-t%X{aqp5lo$04KEY&WQuvhZmM zVJ_yJy*=aMCjLAhL6zy3B^q<5N)$d&@p-a%$9M10jp;Vd7OuBU8S<_#VrTj>a~4z3 zS{1!TZ&tiplc=5-)AMjQ-?6t`^%~6k9@ZUObl{p>*;3Et&!kI@mu# zIi^ddwqDw;C;WQ8M)~Nr8*bIn7n71?bod)t8>8ShbB^=QnrYXT)c8%mcgyj%c<>xo zu^oEz4{j0ox>P1+OqctRvHY$xqloIP=6;ho8!6yDo?mw9P=r2TDc`b5(sXC5w} zb@Bc>$L<=v$y*K{`KPQaF`f62;~(y%e=m2;t>Q{u?jl+pAg}grLbvh?c9-duZ10x$88LBX_u6ea0($FSf9n4{RraY_%cqU&E|@J-UHevX;jbxwv}F8j zcLnW|yqi`K-z;r@xn~_$Nu=KN#dS**Z1Nr-^|MS!-mzc#@4Kf=Ulu2PlG{9KhiFbm zN!g|2Gv=hGvua+KzVPtq@%B$Qro5ggee;(Gt67T?*M`YqJfdxLtsi!AAFKUgIO&th zg_>V;O=s}0xdH2vHtx2gXfLbo{Qy8YVT^E?_k#+o}wTXJ@xeRkQ%Lbe-AVXm+zK~T_xi3w2H^D zy;FaJ|DlN*7k9RL*J*tY?>>5`bX`3Ag@q?)Epkzmlqui2q2feErRD09aHGwk^48x2 z4wZy+xyv5NKem%cA#{;}QZsysPpnT)shjE#cgi7Gu; zrxs2=R`g|luP?v(^}_Nl1r8R;|5N|?l^*C!1zJ1BU*L! zy(Lq_U+kCnm@k!Kr?&U?r-+rCE6mzi>IMEcvYj<+P-t}MV$eQNqq0o@WNNZVblIZ7 zC$m;)>|8rR-plz0X!1!RanI^+kDuDi;D7XQsrZEruZurct4=w+^PO?g`^J<-c2kA9 zKg8|TsZZUlm)Gtln4+%wvSepPa_j+974|J=SCjAUJM{YQBW9M{QZFr%T*Et>?vxlC zG3MNARZP5|IB{OP&|i-NEvd}kS<=U*O6=GE5^}UIJi5HRD}l|xv`;=caItnk((V5a8V6r-0Z?i+a*)~q?*_Q-76 zR@*BX+fMOo1mEAV;ek%7RN&HGF%5M`*mHW=n~Q7KML6N`KPGB@a&`?BqdQx@Ivi?USW?pC@!eMw&Oy}##Poo5frIj1ZD8jMq5 zG;F)~>5f}$G5b}0+v6+E>rWlrx{mKa`o1Fznd^^!_!&6w_dQLY|L+a6ieqvsA?3pkVu+NA;5#Yd3B`KlSuWuO{=oK5efq zYDB$|dbrEKOlDOn>zf8`wWU)f%Di^yyBF?#yyRWqk}pA@9c7sPDn<9*?69j`G|R+M zJ0tx*lUM5VWx~fr8ANy6PcPb=<;A3I`=zHPF^oCASFgC~JJk`FK-_ z+ry9Lk~`F{Z`~GE*0IFux$3+JM=#HL@%iAjG`YX4EKh32Ii0LZ5c?Cn(zNI#yiL*bMYd2eJ<@o|Rk5$H*k3R1E zs*|p_v8G(E^@JbWv%?kl?ZmC6HwXp?J&5a^!#pKK%D^k{PM|pR^jFj7&#t(9@W4`y z1xect_swNJCKuj6aPfA3_h@sN0LsCsp;#d+oMzY!@jgAGrgTN;wS#C0ynlYUqFimc8ngA%@57yhTyz?t` zyPag<)9g6kWS7>}r!`-d`<^uTe!Cla>T9y=38OT|?NfLs-t+tQW8(fdYa)Clq{~jM z?Aw0*na=NqM|MV&c^8U2ExW{JD1XRSso#3l+_tBW`xb#)8`>t%BRLP5@9{a8yFg1X z+4o1AxP8=@+0&w=_Lvla_q?-0}Xub;_0Vyo~!v2#`|Zt<1PkbhZZb4nv3Ve(w5=%+xrQC&#Z|KH56FVaeia6YlPn znaTU0bk5TwlI+F~GnWbmZ(RFkrozIXN47VGS5=;U$9&4bJhkYE){`>XsX`6nw|6Sm zEHu%UFg7&rJI=gd*|mT_rgJ71%=nOV=l-2TMV}28wtRo=JvCv+YDQjxxmyZ<@v84@ zJzV5uHz$A2u{z!fJ#X?oW{K(fU2sUYbh)i(dPeQ4;x}>6syNNp>jTP^9!Bg8E~|04 zxz6m><|UK5&#--rFTM2p@cySM{q2&T?w^}A=TvN;ov~)(`ShZ)xd+QkHMXbPIel2w zYrK9p2lFi3v#yhhW!uhAXB3clv8epW`9&+vx^u*qU%Xw~sGyL$`l!JEN87G6RF+E$ zBs@57cI*+q?JWMsTjwvf|E44D8~G&P&gloUeqXV=#ZCFktC_#PnDnmyScLynmW$fY zU&`>Q*gfZuDcS#W%6tD>+qNHb#g0yy`;+6Lrv1Br(<>LI_h<-(R==Khb?S*v_v5Zi zX!(BmMOn;-<*)P}uUd0Ruj41j!Y#tbYEuIvnOv>Z}Rgp{XPBVlBAoSO5w43$0D{%Tv&CZcc;g>15=K$a@!p3hgC9m_jbXD*bo<~>ik`=N%mWBRJ|Y*)mTnMk}}<)qZL zd$;iM-Xmo!Zo4e&J@=(K>m6Jvld~%%wdwltf^YlI+~0SjJ3Y$j`jvTqV@}RVbzjLF zcpxHtjhUW_Df{ikDeW`wiXP}?jC(8Xy~Qzo?~VBP{a;Hx4{Cxd5FOT>5Q(V1guRPZ zN_Q^#7`n2qA?UYpXU(xSTQ?{MO+9_kPwU9H4wb3gx_9Wn=`Vg=^gI_galh=xlFxsG(=Cc$ zxmMP&I8EPe@pG}>xj9z7kDIUb2Y`m9o3=jS|MlzFzrC9_2{nBD_|bH&kD47{=@iZj zzvs4BEYrXJ{oAK6_Vv@Jo!wZ!{`;r5|G)73wK;eHtL$R4m$xr}+rQ|o{<)=kvtyd) z*UfJKw@H51yk}eAZ%HY+r&DLHyz=#zi$^T~{rdk;`&_Ee;+Zkm1^rBGyPt24DSRKl z=UDms?)5)|b{_w~uRnRdzm`Bv`~JEw{~sM^-0}Q;{fT<}4QcA!PA87el>hR`we{&k z^^Iwq2|Dj2Je#*Ho#)&xby5GetK_kC`@^gG>VJhyog@|f`tTN&HJ@T`Eu64S;8vTn zOx}g%KJklMj^5Sf4%Y|{E|fmg+H~d&5VpOqp)``eiG!KU|XZ+xOJ>u9;`|(+`PjZVScg-AvJ& zcO+Ja^~AZB-t>6y@F1ty>W23B#sT|szWzOQu3u#7wup@C3tpkSMAszhZ<}sa=(qIR z1S4l{S$>IPyK?2%dTTfE|6aZR(T;g`m20*fJkr=6J#GE2x%`i6zN&1yQK`6!SF|Qe zw&urgg@+metBzMK;XOUgW?rh--~QF_T6)FfyXQuRN44$RBVsp8%|iLQ;#K279c#&X zkDX$9f8WYn9lI{}s(Ymi<~&(q%kWyajY{&|LiztuKGsbC3@<)+X_^Ce_5$+S{yTdYG0}0GnLgs znD4rn(8Kea4(lh|Pj{Kbv-GO2XYawP34eEAUOy-Ni%rs#wemMhEa%0PZ%MoJaQl^G z(|6Bd3FdONl3pZm6WWKL^nI1?=IBdPg7Yq?ZeaD=8o{?Md99D`?$#51Lefq@BbIOJ zWxci5eC`~()XC=~r-rPs|EoFU|Adz-KU|V*W7qAhT@w@=wno14Mw8|jmzi}U3H4es zo39;e3&>K}+-_SmclU{O2K~1(!M|*{Cd{4l)F$%TrWoVivs|oSCU)g=EIrSBv}{t) z&68n%w-Ofo)XqI!eoo9nZ~dzp29a}>VT<;Asrj9Id}@V`tWD-sRU7%c`|KAchg;s; zxBuyxqZzNtxIi`ChPI9=^W=rKq~1NA@l0lUSnlnZvb@`M6aH6y@|KaZI4*6!_rQmx ziTAh}UaZ)=nlJdV_|5FQ-np|5qyz@uKg`S@{`qme#M8OPe|zL!B%Bqho;EvU&F11N zi!(_5qFp;&ZXV0cS-lPUID!P>G*!zF%hWq-d_nkBu7CEX!vy<2>+d+pwx zKUUg2UcY~L^KmmvNg1iM5+k#jC#F`)A8wBGnCX}MHt@aG8R7Ybk1MJwy-3jDb* z4>BJaH2-vP$dprkEm?=vwn=8Kygm2z=jj@^cXaBOORO-wo^)r9>kjasn9Sj&<&sjn zdd$rVb#HHy4R#jpweG6f*6G#$HQPVH`qcrun%0x|bx+KyIXidvtChD`dcQ15pDXow zqWXo{ZOJk(-kHJH0_-<9^&}+Vo?_s#rLVZFGj{FfD%Dfow#4ag`)z|aYm%?))gDV& zmQ`)+ZxeRX;l6_2`uPveMpXXwd$+Hgf7x2?IUea7*X>@hcBRv1p-ooL6Ehs-EWXxH zIehAWG^1zhugg&-SJ|?%voGeK`Sf7wsh?J+&z$`i$d@L_7a0{Q`-pH}ZOaWYkJ$Lm zr#6jO#JTL##ixgk?K-gZ#=CuAE#Iu#Xkp7WlhVk1!Z4Kzgm0r{Nv;$@~hsS zwfR-bd~TtlUd+c+j@vI8ZK)Ejo+Y)?%d$;G$y)2n?|Ba{o?`r^w_`?y{k^=Mvya*C zycNFlR>|qpIk#3F57^v&D=YU^p>pU>n^gCSyn!bo!duLac|Fgo&M~?C(N}ie_P2X} zzxHf0Z{D~oEHNu%(Y_$xle#*;cP{X;?{e9f9A>zF^^vv{hy8?}IA%(|T6=q?>DA~(8?)hvi8o;TGc{lKP!t;uE5 zz3~&oC#^1@VaW4a@~}&CZ;k(#-QO3$9w&%?}=KZ$1cfgf&f=y-s|W zWVe?Dznx=tmq|=hKl{Olm*>0)FZec1Vd77Yhd+fvvTYlGFEJEXQ(9^F?VJ~Q5i?8E zBIP$rL=}bl0+f2HphD3?iNCm5v>kU&T&Djr>G}SW$9$>!N;_D08oGq<_qS_b6w30O zD`_srx3wHg4|S@7J6;YGgc8-)awy$Uhj0sCE1ijNOlS>wZ*^p0Y^s3l;^%h+{uO*P zYKrc-X_#X#r_j)H?p9ajOll(*f}}h__>^AftU_!qUj)2R~hSxOH8tg8!-2 z(HZOGUPocr)95fkcH*UAkb6N|5v~XEen==Y)iE9PGL}Db^JeSg=B?{as5d{@YItlN zYxp0lhlSG1fA47t|KkNxi>gyVq|M`{rob8%Xm#K+u^`dri~MJq{m?Gmy2CbG{n!5} zXX=|gXA3(6=iPmeOWp*Dub=eMrH1FL)kk0J%EEsJ@%NXDKmWlADl1W3_+XkV%bza4 zhI{XAju_Y8+_!!D^8Y_~Z^`NVTfKLB{{Q9aFW3!iPV)cT*!=W(dvC$2m(e!z@!#(I zUHr2A{PVcI$N%;1d%V?q>))5#D_`jU-YilzXa8$!x7=C&%j3P58A$(?{#DQ&HD=$EB*Xzs@k*t z{T7)wx38V~XzwTghC8<0_|s=WH#IfRb8d{_VxV?mpY1fQD>J`6I>%NJzs2~^Y0f{! zfecH&W|_UrTCw|jQ(^G5fY1}|o7d0&cTpkmj7;4s$)}1tr>Zy|knh;r_vrUskqOQR z^q-`zsPCA#p|PEBX0axts?{3zSu<@?50|f;?02@%s%(8gL1E)hh2%cRwtB;^ay2#P z+1rx$ZSOoLtGUh=(v!6OTQTdomFY1^aW~U)!4{si_m0e4=C;ag$-kvXALO!?`1UW` z8-H-MGta+AN{jDFE^62kclcXu*et0{Cw4aNs=8k_&3L*|nCNF`|BHKUkFx)?>$f;$ ze#hdTT-+*cp;f%IZ*1Gl_c~8`*4Ip~bH57rTA%pvl#^*=-2$KelaJYNO1d@4vHy8< zh5p{t7d~iA4o+OeurzhW_IC^3z1wY=?;n5v!*9Je|9|N%p6qxiaOe9QWzX+Myf3@2pfWVxBPw#dg?k;8R+|+yf#>U6_O9zF8guu}K(=FR)&+3x-_<@pq4#WNA-xl4MFeB;W`eRgqu+WYpV z>oGAukBYkOnaq;>w<^k3Z^^pPiGQZQy`isjqR-|VxFEl>=#(M9OU0h);#RR6WiMLI zl7D?*j+_3|*KQnr{6+8fF#nHvW|u6e`pZ!MkiFHR4cRRlS$9qhS+PAd@b^*ME9n=X z9{qM#;;?N|r{H-NbFmVg>1F5GBz7AeT6$Vet$w@0cF9}O4*NGZ2;J0N(fir4X8QUE zCH)44x)PTSFTL7qRDHbr?M-6~<83vpUz8hVN-d{vv<$XiaAjGvc5GaN=`lvvTpfop zCC5GMym{jH?a?sb^mgOqSl+KQk3VHC+Pbkj;j*UG>nUF*W~bC26W(cg?7`2?7Wev} z*{oygdS=u0Hf(9>+3<7MUsQ^uBnLmJjn$P_I#v`NdH7rG*NE3W8AUOIv;6N%)!jdO zp*1n)J!{Hb9bM=6%QNnp=^tp*2s!t8qoT-ZzlCP8jeq+bK$%uv-Q~dhup^&k=6-Ab z6aIRw=)NeoEAId8|A?Od_t~IvNk3Ea;W^UM&+hc=sj!)K`#!L3`+YBY$NS@ZiXQB) zd4K-j_H%~oxN#%TiHP~FZ=fCwS76h^8S?iwZ)H^#naD!c{H=H-q`EM zF$w4YMs3;QAIl}#^yfeQ;%{?C!CLt0Qv>lyPnW%3#r@eietBiJ;Cc)B17DA={!*1D zbgvH-$rp~^=$Lu<_^gY|cRX2jJ@n&ej>r2ioP6mRKgrLP)BmUB?h9vceBe0SFLP|p zlJkk{=NixD`*ZO~k#U^(Ui&>~Jc4H}_`Ie4o&4ORwsXJyyTjwSo_qFpqrd?V%@+4%PF%b=#p6SeIrH^R z_5D8u=FOXKQC+F_vRT8}eD985dt&6wieF4j`5E{RG%{QF*yQfXPgcUa?{%~)yRUh% zsUx-`sbStk8zE-@{>0Z--Jh%E_HMegtF87%e68s5uQMKJFP?SjC;!ZOpB}xcoOxRL ztc?An#5YlYWc8W%uA6gNzWsjrrQ&t+=R@A*hOCl5=$&3^S=s1h;&b73+JV>47A>6G z$KLbuw#2u`Z(bgG<~eQe8q;I-8{5y>?Yw`g)9E;)>LzB^ErL#u&346=tJzNH5lMKj zk+!xZlCdjym+7Uau3^bC8e!6(58SR#+8JDx$M!#zeQ&sa(aEBg!(p*mb7MlKqkl$( z7s#({Xv*0YX@73}xuZ;Fl?$F!iX?2;TK8J&#LwfIb_}btomFn1>MVVmmUCqC?HNDK@2tWtY}S{rI~z-q5P5@n3k}lE1BY-nmaJ+HB`` z&i;J-A7A}_pYK20xqDJM+d9ES{%v`n^_}%Q4fjsuX=tf(x83^HttX0C^>xEfj>h{u z7cZN(SbyqkBqB>r1s_0_&_hT6M$ zjO0s7FWXDH-dg5t{qpqPht^M*+~6p1#hVqH7VH}t3)*Mt z=L*|rDTTJra{xE-|j@ZrgtaIOpd3tV73doAvM;QM;v z=emALfBxoh-qWR$3Fo^1F7=ZM4%E1swClQ8Y%ky0UpdQ)S@Qp%F5x@<_R6epNn0f@ zt_hy^=Wpj>32*u8xEnQqA+p^AbCcu`qo{!yOPdSgL^qYW(1a8-?|_m zt8&3xg_w$Y=5-%0Mun^C?%P~1%l+-@r>Xn@DBAxyXBZ{5>SAa}Kwx0wxq##MnEgL} z>0BP3S1x~`N_H#%U-NnYR^@#A7GI!yJ9mfJkG6Y&`W}`0IG@jBQ!d z<}|*BY_${%=mc%GT<`<2)lvew)$&cXd!W)@xgYkV_u z_x7!Vxxez&1drUj+pn*+@OO}QuOxTd$2du4t`)DNGw)5j;(u++g{*0>W)k25< zPUC$qGv#g0N@g{NWrZKJzg`5g&a8Jsy@&1lF-Lnmi2-6PS!oJ zQ=SyqC!G%9t)h%)^J}+CgHs~+Im1SYKzR#E@dW_Sx-UPuy!z1c ze(q;m{QGuhQ*D69{>2exT$#xyeCMC_ zo?_I)F8}zVbFYMXI`_AQckTtAn)PCn)0A5!*$Yl{t~q8Au*B?H_q|(=r{AqQnjr7s zxl`=&zom7@KgUga9k;S~?TuyH32U4a<#&pGOTW;3_MM`H?%@k1Q`F@)EjaJ$!9C-% z#^z}56{~|R|MMHlM=(n(oeR5WT6$qy^!6G5cGj$(xoy44sqdd|F*Hl&JgxZ^7W%dB zmX2CfzpU?ua&NQQ8Qr$^c|3-jatd3Dq@6a-32xwBD3EG)_ZDnBWG`rq=cbq4VfzkQ z`tAM6CmVmKx_hoSdyUB%Y5hIS4sW;5dvxAtokSdO-r`NSSiT%SfB!Mtla0ZJtTR48 z*ki$*k+H&DWJ=q{KbNHr%zkDyaYpfO7R{@7N^32%4tPthy0qiFx3=M%HA$bvqc$Fq z`MY!7BR#Rs^p_q}UY2kEU#A_a*DN|d&N{31M?3Re&+JL@&LEOT1KMc;aPuOhZs@C?@B=U86aJ;a& z>b$R?UUM?&ZZ%yQ6@;?uF@Dasb-~H^=5Lyayq~V1XiaFWs9nE@iP=N_i9vkpo<7~= z_DNIpq}J+HTaLZu=}(^9XI<8i%yOvMldp9}412)Rcg)wO28J=7Y0|nU{QmocS*$la z&(76U$wJw<81!}<=fgVfXKQk^j_yh961g>X(uJq{Zsbi!i}KA{_RFZ&+R0+uH`mZv zw>-nc7P9?W5Ttq~_~mDgzP=NC-+gm?6|8e3AoTj>4HwTIILk1-PV~T~2~Mxp@#$JYD+Y^j*f+LN_m-w#vcM_xscNa()x*QkKYkbxTk>dz`ybX=T@6_SYAm z*-X&4n5MES>XuOR%bNjKd>T_^pXRd6KYT1g)P^w zUS{z`rIpuOw6`iwIaSGM=JN66h4{5o=Wv4tJ2o8akgeOUBw89FfAPT2;5nyfEl>LT z^Tj1rKUN05OCO)U+Pcn9X?Mw*D~8!Sg}(JX=wpgLdqpH-=7Fy>KCceiUUT(JnC(@e z1F3EIzUoJB6yIZVB(=ep?F*;yIUye1x81_`ud23ef6t=+Kec1y_w=Oa!Y(sETD`C; zlzM*FbVU%~l=^c$f|u5;ib=etd9zkBCFOvp#D)KXu}NOXcD5=^oKkkY(`&UeZ-KGH zf{xWsFK=3>vQ_xiv^Ckko-f?JI4ZBbx?|z@$tFd19mO8sM6y?XeKPSt+oY1|Yc3?; zV0m!7@St;s-N(ltju`a4Zb)&F->>(0vB#SI9`*6&`D-V|@7Z7D&frjS#qWHDNapRh zs9;N{OM>4L-pfudZ?3VNUYv32;(bm3y?+lkd!|ojNYp=kxX$6w4%@a%cGjQG;h-ZMwz zJYUMR&Ayo1e^qya7ZYL=;%~pQhTFPZ-s``M44B|(ZzOc!fAr7Lsd+!IE&6a|{YR#t z+}OI8bH!x5Cw1fk^B)L_BlgE4zp<0aq9x~}Qf({@|vyIpOU zO!C%ajY(TJt~e8Wyj<4d=(e>d-^OuDTQ~b2_qr)J^S6giX1)pZ!nNFofN0`>^-{p!q?f2nF^+zI@)3~K~UXyAvJ29=hsiSd)$D6+&IWG9C z*a~r6I-h;a_)pcE_n&L_pa1^T=KlOSFW)@xKP!4?>T8wOpD&_z|8foH6@9rSN?+3a z@3uS!uhaXcJPwRxj5+MgAX1+i9o75mqFVm9OZOhL9`%S_t6G*8zHjC(HEreew>$Lb zKAS2%_09VA2Vx8kCWO!4<+&$m$-9rLGbS#(nqd9B$?-;r=jBG*DQnJ0-w((p4O+YH5h7s%$URWX|n8ug@yWZ3`-@PcLmRy zZn?Jmsr$U0eb449Z;2_r{CRSCLD-w+`!4xBT;5#rZ;kZx7OU9{UpAJU>hHhco@C;( zT~2aE%^tqzEB)@s&wKv0|7^(h>j|b!uP?El`@Z^jU&QQJhrU&N`Oeb|dEDb~9^6Z!jHDCkeOF@vG|?L-tA4?_R{kcCY`u==^p>N%f@WG zHvQE!`|#sK%^P-+F7qY9&Z+aR9r-jvn`z(48A1%nd*|$b(z^BOoBA75F8X{sqf=I| zVqo3*ySc3Dn8VE=_qX3}T&cdZ@c9q%%WGce@0Mh`k#gcy-TKbgvTIY-n~UdsFtF;4 zieG;Bhg|%n3irt|cTP)2Y?_hR`R-|I9iNWgNz1h01MQDvOK<*bn%f(a8@H=})^wF+ zr>ovfbdp_Zy4F*-{LjizwZheDQm1}qo$gQFzpgWh!+xLPR_1LMzZ}h9r#?v1o_oFa zjJ@MB^_g=NKmAIv_M62KE8Qb;X^pw*UhhMTelE0ZJF(5@)oRPtOYaFfaVTC=kge06 zTB(0_cl@*8`FlKnCyUDLDetsj|5|n4idxNo@8f<*@0zE}UHkax--)~SRlcm1R+=XL z_1~lOm5=t9yUXsG{{G+F?~mR+{(h@Gt5WwJyPBQat^C^SFYO9@rte}nEV%FPjMtLw z+Y9>{G$hQIUH@TbSuxMtKHxa}IiFuMW-+ENp1N$=t{vX7OfR-w`*`O%@0R!%$0}F% zZ!`bpv_J4d?#e|!KW6!4KbD^@d{AMRY_E;%zBdsQTicH38GlKW|Hsc>_|7yr(le9I zp}jEMkf+*dGXu}*%Li;8e;?EN|`H_=bBMI6wDsmAx}rYWb^7$o)TqqeJ@E1TK3s@66J2 z+2;|{e{J0qc7B(>l&1FjLs3}{)BU0*KWpa;ep_sln(@5pZ0GX*y_f$kjMud4**!b+ zUar@BqeWF_D%KzDHr`~tk9cvIQ zFz$IRHpA@b&pS?EcOBEKeVV>vckRB7+l+eM*#B?n{g&-`BgWbJ&eICvh{eaNenfWt zn}4hG<(91v=2)MsVV?H4*JR4k?1BrEXMLTw`oTrnTi)O7C1XHT%XEUwf;^*iH(W2?f!|f5x zR`@G63R=s`e<^;v?3WFDYm;xZ=KWajuYWVA{C5Rq9{1mtM(;vj-|lsNa<}Y4@yhwx z?+j}$J32UqZ)v@B*YwI84Zn!%nVsb!c~EPgzvQ(?Z|2#sKQoKFkF1qE;b+9(-H-`jov_f0>?mvrZ^Z(YHk+aXVOEzY>rUM{s@#tX)$Ct1?eKKB0p z(0ksL&*{TAhFtsC2SxMePY{Tm$ar|y3sv(bmUk5&{f_7aOpTtMZ6TE3zwqq$g=JU! z9{fA|NnKmC$~mKR!UdfMRrA+}>lV&ksGxECd+=7(qmSKwZ|r60YJK&|Vy;4V&y3So zrpqp0JGaqasa{s1{Nndw>CCHE#=$@GcrRYRdg$Zy=u1(vu9iQwd3)F~K6UMz{95=EkPoi^L9cvd#EZ^>OLuke>Ul&wuXh zefCVUPrtYn_RO5#JeSFbAe~l_{H@Td+|47-{`k=MGijP}tcBj;KQq21 z*#GA`uFv;?TkD1Q>&kDp+gIoq3vQnAa83U{GwD1Lo!^%-9?bmMKJ9&R^6!_KxAgcQ z&TJ`t{q;q6iNV{$rWX#rlvj=XX3@Ll)%)!$?4{o?erzlL@55_z>(1x1dbid0++Xox z_ocSC%c|tB9?S5?XnxL7Tw;32@W`WKHxOXw8Y|H%Q1Ms}V!Io-XaH0#dcfO>V^ z_5Ve6!-dUnESJ9g^if>gyXOvS&n4omQq>#mL&9no_La;y^fOL+Zu318yWqtshIi-m z%qx9)ZKBlWT_PXT`E;bVrzyOCYQz3>q2;l(m+P{fG>;1$Sku37-Q_)>gtuZ-@M{CpPSzt_xv}}@7~MVOgtg>L2~Jxua3OD_C?Qg)1M1+&MK3tZhCIs_iN4- zYbOpxmt84s_qn#^eP3*oyyL)1^ZH}I+5b&xpH}qq%&qrD-}GNyj%HDpknEI{`zsgQ zf3DX2#L8Rto(9eSU(f!(d(=4ISAQnMvGrjIIt?48|JFQd)qnd>t^Qa1{7A{u-RIT| z?{8dWGF_=NVpow_L;jhQSNqC-xm9OY9zMS?{Z-Pp{*U)xJ-svAc1QDqoK;I+K9J+t zB%{&2}>^~F2*?R=dx&xv0T7ZpFA{~$6s;c?o7G=YDmJB6n%+WD9Nk#6CP(z=+~ z^cOO`hpe>E{ywAGrxY)7cJ<~c!{fFZ{Fe{+Mzo(#oL_LM@R7t^)~aiFw;Ehlatf() z)!Vp=>&M_TfbzoaqPR+RQ2Rbvm>K?f5$yJS{s-- z_rrr-_q=zXJ$a>NZt?qB7F7y2zxtZm|EbWM|M-mRcB@-k7IijP^HeyW&i=Koyy({3 zWgkznojLicJyQPLwc;D^S9o7Bv7NEt$lbzA-!6Z)c-Ih=vg}=gY}%ZXxEIGPA1-`< z=XK9JOQ+B8KFs8(TEkmvasS1U(%t>jIt7@5ZzuaL-{muBw>vG0} zne*nnj|nwfdHP4BS=-f{m*uMNTRNX#G5cKkF9TcQy-VVMWiCD8b=Xc_{eJ1gm)Q@W zYFmAY-(j7@cA81mX1@BHEqkA{9X-@I<@Hk439tS#9?|)1^Z0P_V=YTLC8_4f_zi<63srcCaNi>hb`Fq{g!e@(`SFV2k;?A#JsWaWJ4>hk?&pPcVc22PMQPT+l!q)q7hn=QDe^_k1^Um^f8g zKT5e??8D=~XG`Dge{rPFy5sfTu&Vd9X3O-hh+NkFzIRUd^M-51EJoVa8;`U9iMzvW zTk^%CaLfM2{AZDUOD?~hIV~i~>V(ZVkL`U|W?egzv}>wD<(*lLJ*O(SEIr@<=I9OY zn%Kvl%55|L+&K4>uQW48#P->&X70_^%hi*=?>tvF$0YB0%<8$CB0XDuGq22zy0031 zlK-tCOG;GPrM2tB>cRC}hGPGgsc+VC$yGm8{IKur&UsTeooGm`JN)6@?9&FDO#6=i zJIw#%;Qv32>i@p!{D1t?$ZppkssA5;PJa!b~XK84ja;~rE^{;)cxoW${0g=9Kd@`qvRCTS@)WUD9IgdJI~)`(o*p)@YkzPn$xG{% z#TS=et0dE-wkDrS*m_b+ZAw=J)gF|3oqS>P6CHOe%ff5tL|7yE?0jPv{hhdJ?zKfp zURu(XRr`0X@%?a1!MXdKhNrFlpX=7nym_n|?xhM4HXO-7CyQ3G^hbMMSynB6ef(<}-`)=*U!N|!utw(VF0FWj#L69w>Hk;6{N3%_7QpVvaJ^c5<9*Nl z8_gbUD*Sj#Bxl94!i#+~f9#Rp(qi?y=gObk&ol3Y`XnYAUTZ%8`H&+wt3$z-_Ts?O zCC~l@FxcGK?fjd0*6WH_t;@x%I2h`r1JYY^bQW=3VVhT9AbjQ00pTbwj-EHR5yCeU znKx{kvFh*DEW4iAWR03-)23}{dr>a;=*9Kdn&vMrJ`8vF_Sarx9J#{ogAVV)se8J4 ziz}ZUzIUzHdPPEJL>t>qm!Q4&LMN{W@7de7d|t@-1~sm3O4B zb+B%5>rcIJr^6*sV(_Q%#>CczZT~k_Nogxv|7Q4d`}NK3&WueKZ86;{Mn|jMi*KGh zWSMvG^ufIo=hiap@(q2nKJ0YQb;Bt&A9sd4n%i=GYQW7OCSRi&n=IJcmD007xx`~0 z-{EIPulCi=IJK1_?$Dt6wmuJ15k!QJ7W_y}K_EVei_sp5cZ=5cURbC?E{N(KRNtXKM zt9~csZMpPij#TrxJ;CE zsM@VvuVq08_G{04xc!i1w%p?f|7+%R>)wsA519A*2}8n;eEkc&;q8UNV&$6MsS714 zUhI7T;q2-9L)qu};;c4KZ~vF0Z`phKS@T^(wRa3J*KCyk{@-}R-ZeAknf2B9N@>%z)xjIi`5b;IlGb!~_K}bOM3*t#J*TB}Qmu5|#o$fLJ15x|)|qDo zr`ybUtW&yehVJbR7usd*8}F9WrWtMhsEW2y7q*GbPCXQhYVZLqKuHvZ^cZv5U?8r;!N?6lAx&G$l z9|tznD)w$Y-=5~XW5f4V&E7qxydiFH-6JAy9e6D2Jm=+i`A_-hFQ}`|x%=|B?~0B07AzO|aJS$AACrZ}|4qstE$_W~^24xHT(eB>(a~D9 z6W3d%`j=hVByryM=nMvZIW@J0ueUBsRmz@PX&>U3BRC@^LBPTPGHYGauod z`q@0`4oBZ?1G9I{7bZtu6lJjc@Vm1R93GKO9WRxDNboW z)|UKgulSP5Y;pd=-_uhKKc9@)Hk+%V-o|~q@$t@`t9yPq^RJAL|0DT-!Xb`Ls-m|f zq--iK-}FlnJUBC8-~F|Z-))#*{akA0wpj*l@3UD0G7jyD{CnwbZ)8DA>dc*I-`-|$ z<9R*(g|S%X9G}+wyz) z(TMQczV!S5Gw;=x9(b?%BFPKEEj^4y5hrnZtJ`fcjUikU2K1KmVE1seImc+^orU@EN^D0 z;rSo6mcQp%Z={4}>VXZef9v<&bNFLFlegv7`VZCFoR_WMB^0pS*dSb-x9xTB)MtMu z#!N_9G5JkiY{lAj$2UaAo-W&%{``)D=rx^~(7$a-r9n4!^WPZ77pFP1uj{<*GOcXy z;;nBo?A>|VF4zUf?di0Ve16WbD*2*{&{1p8{@J&!4Ij;V_9)Iz?Z6$ej*H%(bR&JX z3%!4ubNYeI8&@E7rK-#xwb`ZvZK%TmQB*z(-f{2 z?GyT>9NFW`w=R2@VavyR0Ss%W1dFcU%wKT#N5J37YmdFj`zmnlX8N7t7H3m8-nq3e z_j)gzE-!gR;N+5kvPa$<_jPSF0vEhW!JmAhKfYVE=pDz>{5@w@&i~)kywi{Gz~24~ zH4lD&iQjYXw7rGv&;M0zn?l^~tzUX?%Z2_r;T1JhRyP*>=1QlYac=n23ACGUaEix^rjNGSto4JN+ZmslKc= z-&JfC6yGOUziqC&5#W3E?@L>yn*Cf)AK!|Nc-K4m)QagRecV4~`LCY8@SojQ=A7)v zH(Rewk*|ERmUY=dW5NG@F%_M<%QSY)aW{8aVo;p{`u;WbIqASO) zfz~;eD{iR|HGTRyRr8#khhR*JT=qe}i1`&0cYV0YSNQE!hsCG6$y;Jn|LM&9v$O5L zb%j0Wfwmhpd^&SdZrodW>+|6cQ|C(P-TZKGkI(-O)ig`x{~y@D++i^Y3|kdPQwe)4cDpW5N+z7vi0Os`tsI^FlI zI41qj9>zP#*9-ZsC-&X^uG8@PSSiDl^-Bz+>LymC2mVw1wZ5fK+t@wk^3(m(CrfO< zT+ZuoeBFANYo*>omvs;B%{g_nIKi;(T&xm zecvw@n}WtXIj=_E?3ldB>i3qjZ@k~f26@+I^eKw@dtTZ!Il${{=$fOacGjOc`oc$0 zHE}cR-()=-k>pz&K1lAH?d#_v1d z2jw&TdujUbNp$_WnWyC+@#F;Y&e(DYLjEbiPOZ;nEW*l6gAMr7eFRC7_Wo z{py@=9(@P4@So?kmbL$>?YGT(W>C)+Te;^?b@P5P|FAE-SpLvLeYf+^iUnNBS2l9% zPqsSqwSDDIef@uye!n@-9Q(Uu&62C-w;SK8ufJgRg8it+-F=^q^uEh{+AjDxoSWgp zw=I_pUnK5Zah7ey9$N?Z*QqrPo0jqv|LC~Ap^d{V6;_Q(g*Ax9=upP>-z0>jzs~RwkxUKJ85yuPkY(v2a(eq zv`Uw3+j8vpnk&h>9719(EX)5k1zxw-3b{5*e&&(2QJ1Bre)w{_vhP0oq+>Ty3Sy^Q zx1BH#4ozif+Ohjw!N0ERf0mY&m(Ts&p0hCh$-f!DVmALgXJ-&%c6moIzh%X zpuwvn6O(Rss;~W(^>2pAsh{e#b1bhqz4rGn`Zp`;64N=eILoU}r&kK!aQe;SS9jyo z$@$wZ6}{rAoxfy4f?|t6(#$nI4~yq($65V*#2NRh>+jj@`zxPr{rUder@QmUa{!gQkMOH)aoyPLe=FvEz1=hS@A3Q2xAyO@{CR#? zrRCZFo;`9Czx~_3x#s=FE7oB>rf2_reEt6Ow(q&;zSi`%^F7I9{dOq#w&BA=rq@nC z$WS%)jAMG{ZmPZ@XVs#eJFS*EHl7W&iF^5ItsVcqgM5DcWk)O{{41T4uW&fYH|NVQ zH?DHdW{}zP*C6M3V~Kl|`r|hbuI_*1pm|~QJG~h*zZjY_w|wJTVeA_2$-VgK;+?zu ziq~Yn+wJP+wazdwFgazxY2Sh^?Z)ff-pWosWa;j~|;(QIQDUnNb<~Wr}%??m4#i zb~5kVzr8=$zxlDsxfXTFsncg&es%cYWtXQiC(HwjcL-*eJPv33nYgBE&Z&vpU+jLH zyx^}1^V`BpF(Ky~k1zW4A^uI4Gs}Spd0qQg-d{Q=KHYl3DR=MW==%35Sxcr*6W&|M z7hrJJBv`gKzqh35P0k)`Z^!tk;|HshZ75S^Lmq zj$h&9!|p4J=PxO~;`e$r^NX%)h2N!qya|^7r?7C>a=zjpjWcc7w@jPMb8cgSJM-Ch z!dqfWldZpA|KehQS=9C^Z+lXjMOI(ASS6pq^mEN&rTj}dEO$&7zP8q2x_JERUgPG# zVxQ^F)t2lg^A}&+H2H~zi0!jlUz1}cB56{|%jGX;)?Z5vaL@8t{cXm%*0=4Pm#TKR zU$&3wc&q%q?#e8A$s=oLU7q!F@18k77aATr_hgq|H4kGO`|K6Jf2hn=4z}2R?!lX` zKgFrZs_mOCEY5xPj?UnZ{P1n-hgV9Ty)#_bTDF}~us1m_5Ovy*?d#NOMgLy9WIQMn zn0}o5cCXL9kFC=@<|kb-=A6y_@tzdt-!rF=EO%hroYgAe)R8lZZ+~dg-FNPl#|j#Q zPn+fH?cBXh?uq@}nwDqtxc|HnpZ;?Ht@G}249cnX0gjblncu9v=^g1ccb4QO`y3~d0YO5U*(r& zmp_+CWY2r_B3$;%-s|U0zf0_UdBM+?^=Qu4H%nG+l1c6ho6osiKmUQpKU22wexG?WPxtU9!?XV#FE0H5NbHQY){UK)MV22loo(ck zUB~$AY&2vdv}3otyIYA{*1ozan_k!6__f~f*X*5}mIZ9c)V3}Q3*30vBT>vgeE;H! zi@)#M@crAR`ec(U2iD(;&d)P$9c<=*zp$pb>C?Q{En3-M*Zf{I z@ol``;x%_#>RLq`-vnwz>~CG0dV6D@{_!0*iqrQ_RlaXz^kH5v|G!F+`#bz?>w-C- z?#^D>75YZ;gY~4#{e3O0p zGuO5xRxaU5*bn2sj;p>ek*i)J_Flzq-I`NfsT)(b6cy;ZFBOTs$hK|9=@mD&My#1U zcgDN&hjHh=$OP+I8?v7}YHh7~JFY2FbDQx6q06bJ-#ixgohkkE({g&5<@wS&ozkAU z+}U3uX7?xUy4Sw;`neM`<|}aRTBJMW-MWQo?tk|FtxM17Q(TmxXPtQ^T=4jkfOEZR zTHS0fX5VxA`hNA?j$gmm&iHN16X^G~?5oA)b$e&9SxcIRB%i!nQLNY^pmgkgX=&-- z*V}S$Gf2qEoy$xT+bnfS3zd}|BPkcU)vFX{`tk8 z`3;M_-?Hi*XZpubx$Asl_HqHIKYBBHAMih0*nM+(3F|E02lLN5%h_rl$?H@P-)iAJrcJtA@I@iN}yDW9B=aG6~5&fXq<*L#7Z)o+Fq@v?Jk z8}|5cDIR%#a8~G*#LaG2zr&_n4Jm7ha8)@b7Ug*pw8CN9J*j~7vunT1EMBeH>(p}j zea^DVbVio;jQtn7kI(-jv9ZaA|KiUw{y32yQ{KXFLZ~-ihP8zn`8#)9^=M!DjiWSL zq-nA3oSg;@K3}3$neuY-wvd|wnlhme~I9?_k9qf zUio`V&H}w6rSl#~m7iARPrDe9>{6D1a^L;NNq^(Q!>{juW(9IL$_1qyxhbChpn*TA v@nFd?! 0: + PL = 16 - PL + if cb == 1: + H = PL | 128 + else: + H = PL + m_message = message_fragment+bytes(PL)+H.to_bytes(1, byteorder='big') + # Return the message fragment ready for encryption + return m_message + + def messageAssembly(self, message_fragment): + """Allow the fragment message assembly.""" + m_len_M = len(message_fragment) + H = int.from_bytes(message_fragment[m_len_M-1:m_len_M], 'big') + if H > 127: + CB = True + PL = H-128 + else: + CB = False + PL = H + # return the plaintext message fragment and the chaining bit + return message_fragment[0:m_len_M-PL-1], CB + + def encrypt(self, plaintext): + m_seq = self.m_counter.to_bytes(cts.SCL_SIZE_SEQ, 'big') + ivc = self.generateIVC(m_seq) + self.encryptor = Cipher( + algorithms.AES(self.m_gcm_key), + modes.GCM(ivc), + backend=default_backend() + ).encryptor() + # associated_data will be authenticated but not encrypted, + # it must also be passed in on decryption. + self.encryptor.authenticate_additional_data(b'') + # Encrypt the plaintext and get the associated ciphertext. + # GCM does not require padding. + ciphertext = self.encryptor.update(plaintext) +\ + self.encryptor.finalize() + self.m_counter = self.m_counter + 1 + return (m_seq+ciphertext + self.encryptor.tag) + + def decrypt(self, ciphertext, m_seq): + # Construct a Cipher object, with the key, iv, and additionally the + # GCM tag used for authenticating the message. + len_cipher = len(ciphertext) + tag = ciphertext[len_cipher-16:len_cipher] + ctext = ciphertext[0:len_cipher-16] + self.decryptor = Cipher( + algorithms.AES(self.m_gcm_key), + modes.GCM(self.generateIVC(m_seq), tag), + backend=default_backend() + ).decryptor() + + # We put associated_data back in or the tag will fail to verify + # when we finalize the decryptor. + self.decryptor.authenticate_additional_data(b'') + + # Decryption gets us the authenticated plaintext. + # If the tag does not match an InvalidTag exception will be raised. + return self.decryptor.update(ctext) + self.decryptor.finalize() + + +# Open the YAML parameter file +AUTHCONFIGURATION = { + 'options': 'c:h:i:o', + 'description': ["ifile=", "ofile=", "ccommand="], + 'usage': 'CreateAuthCommand.py -c [-i ] [-o ]' +} + +if __name__ == "__main__": + try: + my_ui = UI(AUTHCONFIGURATION) + m_auth = SSPAuthenticationCommand() + if my_ui.isInputFile(): + f = open(my_ui.getInputFile(), 'r', encoding='utf-8') + # Load the YAML file containing the parameters. + paths = list(yaml.load_all(f, Loader=yaml.FullLoader)) + f.close() + for path in paths: + for m_token in path: + parameters = path[m_token] + if m_token == cts.KW_CHALLENGE_COMMAND: + m_auth.generateChallengeCommand(parameters) + if m_token == cts.KW_CHALLENGE_RESPONSE: + m_auth.generateChallengeResponse(parameters) + if m_token == cts.KW_READ_CHALLENGE_RESPONSE: + m_auth.readChallengeResponse(parameters) + if m_token == cts.KW_AUTHENTICATION_COMMAND: + m_auth.generateAuthenticateCommand(parameters) + if m_token == cts.KW_AUTHENTICATION_RESPONSE: + m_auth.generateAuthenticateResponse(parameters) + if m_token == cts.KW_GENERATE_SHARED_KEY: + m_auth.generateSharedSecret(parameters) + if m_token == cts.KW_ENCRYPT: + m_auth.encryptLargeMessage(parameters) + if m_token == cts.KW_DECRYPT: + m_auth.decryptLargeMessage(parameters) + if m_token == cts.KW_OAS_COMMAND: + m_auth.generateOAScommand(parameters) + if m_token == cts.KW_OAS_RESPONSE: + m_auth.generateOASresponse(parameters) + if m_token == cts.KW_READ_OAS_RESPONSE: + m_auth.readOASResponse(parameters) + except ValueError as e: + print("Oops!..", e) diff --git a/CreateCertificate.py b/CreateCertificate.py new file mode 100644 index 0000000..7acdddd --- /dev/null +++ b/CreateCertificate.py @@ -0,0 +1,238 @@ +import yaml +import datetime +from cryptography import x509 +from cryptography.hazmat.backends import default_backend +from cryptography.hazmat.primitives import hashes, serialization +from cryptography.x509.oid import NameOID +import io +from ui import UI +import constante as cts + + +class PublicKey: + """Base class for a handling a public key.""" + + def __init__(self, name): + """Instantiate the object.""" + pu_name = cts.PATH_PUBLIC + name + "-public-key.der" + with io.open(pu_name, 'rb') as f: + buf = f.read() + f.close() + self.public_key = serialization.load_der_public_key( + buf, backend=default_backend() + ) + + def get(self): + """Get the native public key.""" + return self.public_key + + +class PrivateKey: + """Base class for a handling a public key.""" + + def __init__(self, name): + """Instantiate the object.""" + f = open(cts.PATH_PRIVATE + name + "-private-key.der", "rb") + buf = f.read() + f.close() + self.private_key = serialization.load_der_private_key( + buf, password=None, + backend=default_backend() + ) + + def get(self): + """Get the native private key.""" + return self.private_key + + +class SSPcertificate: + """Base class for a handling a SSP certificate.""" + + def __init__(self): + """Instantiate the object.""" + pass + + def generate(self, certificate_parameter): + """ Generate a certificate according to a set of parameters.""" + try: + # Creation of the certificate builder + cert = x509.CertificateBuilder() + + # Collection of the subjet attributes + attribute_subject = [] + attribute_issuer = [] + for k, m_field in certificate_parameter.items(): + + if k == cts.KW_ISSUER: + # Collect of the issuer attributes + for k, v in m_field.items(): + if k == cts.KW_C: + attribute_issuer.append(x509.NameAttribute( + NameOID.COUNTRY_NAME, v) + ) + if k == cts.KW_ST: + attribute_issuer.append(x509.NameAttribute( + NameOID.STATE_OR_PROVINCE_NAME, v)) + if k == cts.KW_O: + attribute_issuer.append(x509.NameAttribute( + NameOID.ORGANIZATION_NAME, v) + ) + if k == cts.KW_OU: + attribute_issuer.append(x509.NameAttribute( + NameOID.ORGANIZATIONAL_UNIT_NAME, v) + ) + if k == cts.KW_CN: + attribute_issuer.append(x509.NameAttribute( + NameOID.COMMON_NAME, v) + ) + # Get the issuer private key. + self.issuer_private_key = PrivateKey(v) + # Get the issur public key. + self.issuer_public_key = PublicKey(v) + if k == cts.KW_LN: + attribute_issuer.append(x509.NameAttribute( + NameOID.LOCALITY_NAME, v) + ) + + # Add the Authority Key Identifier (back chaining) + cert = cert.add_extension( + x509.AuthorityKeyIdentifier.from_issuer_public_key( + self.issuer_public_key.get()), critical=True) + + if k == cts.KW_SUBJECT: + # Collect of the subject attribute + for k, v in m_field.items(): + if k == cts.KW_C: + attribute_subject.append(x509.NameAttribute( + NameOID.COUNTRY_NAME, v) + ) + if k == cts.KW_ST: + attribute_subject.append(x509.NameAttribute( + NameOID.STATE_OR_PROVINCE_NAME, v)) + if k == cts.KW_O: + attribute_subject.append(x509.NameAttribute( + NameOID.ORGANIZATION_NAME, v) + ) + if k == cts.KW_OU: + attribute_subject.append(x509.NameAttribute( + NameOID.ORGANIZATIONAL_UNIT_NAME, v) + ) + if k == cts.KW_CN: + attribute_subject.append(x509.NameAttribute( + NameOID.COMMON_NAME, v) + ) + print("Certificate generation: ", v) + # Getting of the certificate public key. + self.public_key = PublicKey(v) + self.cert_name = v + + if k == cts.KW_LN: + attribute_subject.append(x509.NameAttribute( + NameOID.LOCALITY_NAME, v) + ) + + # Add the Subject Key Identifier extension. + cert = cert.add_extension( + x509.SubjectKeyIdentifier.from_public_key + (self.public_key.get()), + critical=False) + + if k == cts.KW_SERIAL_NUMBER: + # Add the serial number. + cert = cert.serial_number(m_field) + if k == cts.KW_NOT_BEFORE: + # Add the low limit validity date. + cert = cert.not_valid_before( + datetime.datetime.fromisoformat(m_field) + ) + if k == cts.KW_NOT_AFTER: + # Add the high limit validity date + cert = cert.not_valid_after( + datetime.datetime.fromisoformat(m_field) + ) + if k == cts.KW_EXTENSIONS: + # Collect the extensions. + for k, v in m_field.items(): + if k == cts.KW_BASICCONSTRAINTS: + # Add the basic constraints extension. + if v[cts.KW_VALUE][cts.KW_CA]: + cert = cert.add_extension( + x509.BasicConstraints( + ca=True, + path_length=v[cts.KW_VALUE][cts.KW_PATHLEN] + ), + critical=v[cts.KW_CRITICAL] + ) + else: + cert = cert.add_extension( + x509.BasicConstraints( + path_length=None, + ca=False), + critical=v[cts.KW_CRITICAL] + ) + if k == cts.KW_CERTIFICATEPOLICIES: + # Add the certificate policies extension. + cert = cert.add_extension( + x509.CertificatePolicies([ + x509.PolicyInformation( + x509.ObjectIdentifier( + v[cts.KW_VALUE] + [cts.KW_IDENTIFIER]), + [x509.UserNotice( + explicit_text=v[cts.KW_VALUE] + [cts.KW_EXPLICIT_TEXT], + notice_reference=None + )]) + ]), + critical=v[cts.KW_CRITICAL]) + # Init the issuer name. + cert = cert.issuer_name(x509.Name(attribute_issuer)) + # Init the subject name. + cert = cert.subject_name(x509.Name(attribute_subject)) + # Init of the subject public key + cert = cert.public_key(self.public_key.get()) + # Add the key usage extension + cert = cert.add_extension(x509.KeyUsage( + True, False, False, False, False, False, False, False, False + ), + critical=True + ) + # Sign the certificate with the issuer private key. + cert = cert.sign( + self.issuer_private_key.get(), + hashes.SHA256(), + default_backend() + ) + # Write our certificate out to disk. + with open(cts.PATH_CERTIFICATES + + self.cert_name+".der", "wb") as f: + f.write(cert.public_bytes(encoding=serialization.Encoding.DER)) + with open(cts.PATH_CERTIFICATES + + self.cert_name+".pem", "wb") as f: + f.write(cert.public_bytes(encoding=serialization.Encoding.PEM)) + + except ValueError as e: + print("Oops!..", e) + +# Open the YAML parameter file + + +CERTCONFIGURATION = { + 'options': 'c:h:i:o', + 'description': ["ifile=", "ofile=", "ccommand="], + 'usage': 'CreateCertificate.py -c [-i ] [-o ]' +} +if __name__ == "__main__": + my_ui = UI(CERTCONFIGURATION) + if my_ui.isInputFile(): + f = open(my_ui.getInputFile(), 'r', encoding='utf-8') + # Load the YAML file containing the parameters. + paths = list(yaml.load_all(f, Loader=yaml.FullLoader)) + f.close() + # print(paths) + # Scan all certificate parameters. + for certificate in paths[0]: + # Instantiate a certificate. + m_cert = SSPcertificate() + # # Generate the certificate according to the parameters. + m_cert.generate(certificate) diff --git a/CreateToken.py b/CreateToken.py new file mode 100644 index 0000000..6c51c11 --- /dev/null +++ b/CreateToken.py @@ -0,0 +1,284 @@ + +import uuid +import asn1tools +import yaml +from cryptography import x509 +from cryptography.hazmat.primitives import serialization +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric import ec + +from pyasn1.codec.der import decoder, encoder +from pyasn1.type import univ, namedtype + +import constante as cts +from CreateCertificate import PrivateKey, PublicKey +from ui import UI + + +class Certificate(univ.Sequence): + pass + + +class CertificationPath(univ.SetOf): + """Base class for a certificate lists.""" + pass + + +class AuthenticationToken(univ.Sequence): + """Base class for an authentication token.""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('tbsToken', univ.Sequence()), + namedtype.NamedType('signatureAlgorithm', univ.Sequence()), + namedtype.NamedType('signature', univ.Sequence()) + ) + + +class AuthenticationTokenCredential(univ.Sequence): + """Base class for an authentication token.""" + componentType = namedtype.NamedTypes( + namedtype.NamedType('token', univ.Sequence()), + namedtype.NamedType(cts.KW_PATH, univ.SetOf()) + ) + + +class SSPtoken: + """Base class for a handling a SSP token.""" + + def __init__(self, path): + """Instantiate the object.""" + self.path = path + + def setModel(self, modeles): + """Set the ASN.1 model.""" + self.model = asn1tools.compile_files(modeles, 'der') + + def generateChallenge(self, parameters): + file_name = cts.PATH_CREDENTIALS + parameters[cts.KW_NAME] + ".bin" + if parameters[cts.KW_GENERATE]: + # Generate a challenge as a random + aRand = uuid.uuid4() + self.m_challenge = aRand.bytes + # Save the private key for additional operations. + with open(file_name, "wb") as f: + f.write(self.m_challenge) + else: + with open(file_name, "rb") as f: + self.m_challenge = f.read() + + def generatePath(self, parameters): + """ Generate the certification path.""" + # Load the models + self.setModel(parameters[cts.KW_MODELES]) + # Instantiate the CertificationPath + self.path = CertificationPath() + # Load the certificates according to the configuration file + position = 0 + for certificate in parameters[cts.KW_PATH]: + # Load the certificate from the disk. + filename = cts.PATH_CERTIFICATES + certificate+".der" + with open(filename, "rb") as f: + certificate_der = f.read() + value = decoder.decode(certificate_der, + asn1Spec=Certificate()) + self.path.setComponentByPosition(position, value[0]) + position = position + 1 + # If Name of the certification path is present then the data are + # serialized and saved on a file + if cts.KW_NAME in parameters: + certificationPath_der = encoder.encode(self.path) + with open(cts.PATH_CREDENTIALS + parameters[cts.KW_NAME] + + ".der", "wb") as f: + f.write(certificationPath_der) + + def generateToken(self, parameters): + """ Generate a token according to a set of parameters.""" + try: + # Creation of the token builder + print(parameters[cts.KW_MODELES]) + self.setModel(parameters[cts.KW_MODELES]) + self.token_name = parameters[cts.KW_NAME] + # Generate a pair of private/public keys for EDCDH operations. + if parameters[cts.KW_ECKA_CURVE] not in cts.CURVES: + raise Exception("wrong ECC curve") + private_ekey = ec.generate_private_key( + cts.CURVES[parameters[cts.KW_ECKA_CURVE]]) + # Serialize the private key to a DER format + private_ekey_der = private_ekey.private_bytes( + encoding=serialization.Encoding.DER, + format=serialization.PrivateFormat.TraditionalOpenSSL, + encryption_algorithm=serialization.NoEncryption() + ) + # Save the private key for additional operations. + with open(cts.PATH_PRIVATE + self.token_name + + "-private-key.der", "wb") as f: + f.write(private_ekey_der) + # Compute the public key from the private key. + public_ekey = private_ekey.public_key() + # Encode the public key according to the DER format. + public_key_der = public_ekey.public_bytes( + encoding=serialization.Encoding.DER, + format=serialization.PublicFormat.SubjectPublicKeyInfo + ) + # Create a public key info. + public_key_data = self.model.decode( + 'SubjectPublicKeyInfo', public_key_der) + + # Collection of the subjet attributes + for k, m_field in parameters.items(): + + if k == cts.KW_ISSUER: + # Get the issuer private key. + self.issuer_private_key = PrivateKey(m_field).get() + self.issuer_public_key = PublicKey(m_field).get() + + # Create the structure for generating the authentication token body + atbsToken = {'version': cts.V1} + # Fill the signature parameters + atbsToken['signature'] = {} + atbsToken['signature']['algorithm'] = cts.OID_ECDSASHA256 + atbsToken['subjectPublicKeyInfo'] = public_key_data + + # Fill the ATK-Content + atbsToken['aATK-Content'] = { + 'aChallenge': self.m_challenge} + if parameters[cts.KW_KEYSIZE] not in cts.KEY_SIZES: + raise Exception("wrong Key size") + # fill the challenge field + atbsToken['signatureAlgorithm'] = {} + atbsToken['signatureAlgorithm']['algorithm'] = cts.OID_ECDSASHA256 + atbsToken['aATK-Content']['aKey-Size'] = cts.KEY_SIZES[parameters[cts.KW_KEYSIZE]] # 'Key-Size 128 or 256' + atbsToken['aATK-Content']['aStreamCipherIdentifier'] = cts.AES_CGM # 'aAES-CGM-StreamCipherIdentifier' + # Create the AKI structure + m_AKI = x509.AuthorityKeyIdentifier.from_issuer_public_key( + self.issuer_public_key) + # Fill the AKI extension + atbsToken['extensions'] = [{}] + atbsToken['extensions'][0]['extnID'] = cts.OID_AKI + atbsToken['extensions'][0]['critical'] = True + atbsToken['extensions'][0]['extnValue'] = m_AKI.key_identifier + # Encode the TBSToken + tbsToken = self.model.encode('TBSToken', atbsToken) + + # Generate the signature + signature_der = self.issuer_private_key.sign( + tbsToken, ec.ECDSA(hashes.SHA256())) + # Convert the DER format to a dictionary + signature_data = self.model.decode( + 'ECDSA-Sig-Value', signature_der) + + # Create the authentication token structure + auth_token = {} + # Fill the authentication token body + auth_token['tbsToken'] = atbsToken + # Fill the authentication token signature + auth_token['signature'] = signature_data + auth_token['signatureAlgorithm'] = {} + auth_token['signatureAlgorithm']['algorithm'] = cts.OID_ECDSASHA256 + # Encode the authentication token using the DER formaty + auth_token_der = self.model.encode( + cts.KW_AUTHENTICATIONTOKEN, auth_token) + # Save the authentication token on to disk. + with open(cts.PATH_TOKENS + + self.token_name+".der", "wb") as f: + f.write(auth_token_der) + # Verify the authentication token + # self.verifyToken(parameters) + + except ValueError as e: + # Catch an execption if it is occured + print("Oops!..", e) + + def verifyToken(self, parameters): + """ Generate a token according to a set of parameters.""" + try: + # Creation of the token builder + self.setModel(parameters[cts.KW_MODELES]) + self.token_name = parameters[cts.KW_NAME] + for k, m_field in parameters.items(): + + if k == "issuer": + # Get the issuer public key. + self.issuer_public_key = PublicKey(m_field).get() + # Create a subject key identifier from the issuer public key + authorityKeyIdentifier = x509.SubjectKeyIdentifier.from_public_key(self.issuer_public_key) + auth_token_der = 0 + # Load the authentication token from the disk. + with open(cts.PATH_TOKENS + + self.token_name+".der", "rb") as f: + auth_token_der = f.read() + + # Decode the authentication token DER data + token_verif = self.model.decode(cts.KW_AUTHENTICATIONTOKEN, + auth_token_der + ) + # Check if the version is right + if token_verif['tbsToken']['version'] != cts.V1: + raise Exception("wrong Version") + # Check if the signature algorithm identifier is right before + # verifying the signature + if token_verif['tbsToken']['signatureAlgorithm']['algorithm'] != cts.OID_ECDSASHA256: + raise Exception("wrong Signature algorithm") + # Check if the signature streamcipher algorithm identifier is right + if token_verif['tbsToken']['aATK-Content']['aStreamCipherIdentifier'] not in [cts.AES_CGM]: + raise Exception("wrong stream cipher identifier") + # Check if the key sizz is known + if token_verif['tbsToken']['aATK-Content']['aKey-Size'] not in [cts.KEY_SIZE_E128, cts.KEY_SIZE_E256]: + raise Exception("wrong Key size") + # Scan the extensions + m_AKI = b'x00' + for extension in token_verif['tbsToken']['extensions']: + # Check if the extension is AKI + if extension['extnID'] == cts.OID_AKI: + # Intermediate saving of the AKI + m_AKI = extension['extnValue'] + # Check if Authority Key Identifier (AKI) is right + if authorityKeyIdentifier.digest != m_AKI: + raise Exception("wrong AKI") + # Check if the authentication is well-formed + self.authenticationToken = decoder.decode( + auth_token_der, asn1Spec=AuthenticationToken() + ) + # Verify the signature + self.issuer_public_key.verify( + encoder.encode(self.authenticationToken[0].getComponentByPosition(2)), + encoder.encode(self.authenticationToken[0].getComponentByPosition(0)), + ec.ECDSA(hashes.SHA256())) + except ValueError as e: + print("Oops!..", e) + +# Open the YAML parameter file + + +tokenConfiguration = { + 'options': ':c:hi:o', + 'description': ["ifile=", "ofile=", "ccommand="], + 'usage': 'CreateToken.py [-c ] [-i ] [-o ]' +} +if __name__ == "__main__": + try: + my_ui = UI(tokenConfiguration) + if my_ui.isInputFile(): + f = open(my_ui.getInputFile(), 'r', encoding='utf-8') + # Load the YAML file containing the parameters. + paths = list(yaml.load_all(f, Loader=yaml.FullLoader)) + f.close() + # print(paths) + # Scan all token parameters. + m_cert = SSPtoken("") + for path in paths: + for m_token in path: + parameters = path[m_token] + if m_token == cts.KW_CHALLENGE: + m_cert.generateChallenge(parameters) + + if m_token == cts.KW_CERTIFICATIONPATH: + m_cert.generatePath(parameters) + + if m_token == cts.KW_AUTHENTICATIONTOKEN: + print("token generation: ", parameters[cts.KW_NAME]) + # Instantiate a token. + # # Generate the token according to the parameters. + m_cert.generateToken(parameters) + + except ValueError as e: + print("Oops!..", e) diff --git a/ETSI-SSP-AAA-FAKE-param.yaml b/ETSI-SSP-AAA-FAKE-param.yaml new file mode 100644 index 0000000..7e15982 --- /dev/null +++ b/ETSI-SSP-AAA-FAKE-param.yaml @@ -0,0 +1,70 @@ +--- +AAA_FAKE: # certification path name + - certificate: + extensions: + CertificatePolicies: + critical: true + value: + identifier: 0.4.0.3666.1 + explicit_text: id-role + basicConstraints: + critical: true + value: + CA: true + pathlen: 1 + Name: ETSI-SSP-CI # Base name of the certificate + serial_number: 1 + not_after: '2021-12-01T12:00:00' + issuer: ETSI-SSP-CI # Base name of the issuer's keys + not_before: '2021-01-01T12:00:00' + subject: + C: FR + ST: PACA + CN: ETSI.ORG + O: ETSI-SSP-TTF + OU: ETSI + - certificate: + extensions: + CertificatePolicies: + critical: true + value: + identifier: 0.4.0.3666.1.1 + explicit_text: id-role-aaa + basicConstraints: + critical: true + value: + CA: true + pathlen: 0 + Name: ETSI-SSP-AAA-CA + serial_number: 3 + not_after: '2021-12-01T12:00:00' + issuer: ETSI-SSP-CI + not_before: '2021-01-01T12:00:00' + subject: + C: FR + ST: PACA + CN: ETSI.ORG + O: ETSI-SSP-TTF + OU: ETSI + - certificate: + extensions: + CertificatePolicies: + critical: true + value: + identifier: 0.4.0.3666.1.1.1 + explicit_text: id-role-aaa-application + basicConstraints: + critical: true + value: + CA: false + Name: ETSI-SSP-AAA-EE + serial_number: 5 + not_after: '2021-12-01T12:00:00' + issuer: ETSI-SSP-AAS-CA + not_before: '2021-01-01T12:00:00' + subject: + C: FR + ST: PACA + CN: ETSI.ORG + O: ETSI-SSP-TTF + OU: ETSI diff --git a/ETSI-SSP-AAA-TOKEN-param.yaml b/ETSI-SSP-AAA-TOKEN-param.yaml new file mode 100644 index 0000000..f4464df --- /dev/null +++ b/ETSI-SSP-AAA-TOKEN-param.yaml @@ -0,0 +1,23 @@ +Challenge: + Generate: false # Do not generate a challenge + Name: AAS01 # File name of the file containing the challenge +CertificationPath: + Name: CP_AAA # File name of the DER file containing the certification path + Path: + - ETSI-SSP-AAA-CI # AAA CI + - ETSI-SSP-AAA-CA # AAA CA + - ETSI-SSP-AAA-EE # AAA EE + Modeles: + - RFC5280.asn # x509v3 certificate model + - RFC3279.asn # ECC signature parameters +AuthenticationToken: + Name: ATK-AAA-ECKA # File name of the authentication token DER file + Issuer: ETSI-SSP-AAA-EE # Certificatte verifying the authentication token + ECKA-Curve: BrainpoolP256R1 # ECC curve for key agreement + KeySize: 256 # key size of the streamcipher + Modeles: + - RFC5280.asn # x509v3 certificate model + - RFC3279.asn # ECC signature parameters + - SSP_ASN.asn + + \ No newline at end of file diff --git a/ETSI-SSP-AAA-param.yaml b/ETSI-SSP-AAA-param.yaml new file mode 100644 index 0000000..839f39f --- /dev/null +++ b/ETSI-SSP-AAA-param.yaml @@ -0,0 +1,77 @@ +- Extensions: + CertificatePolicies: + Critical: true + Value: + Identifier: 0.4.0.3666.1 + Explicit_text: id-role + BasicConstraints: + Critical: true + Value: + CA: true + Pathlen: 1 + Serial_number: 1 + Not_after: '2021-12-01T12:00:00' + Not_before: '2021-01-01T12:00:00' + Issuer: + C: FR + ST: PACA + CN: ETSI-SSP-AAA-CI + O: ETSI.ORG + OU: SSP-TTF + Subject: + C: FR + ST: PACA + CN: ETSI-SSP-AAA-CI + O: ETSI.ORG + OU: SSP-TTF +- Extensions: + CertificatePolicies: + Critical: true + Value: + Identifier: 0.4.0.3666.1.2 + Explicit_text: id-role-AAA + BasicConstraints: + Critical: true + Value: + CA: true + Pathlen: 0 + Serial_number: 3 + Not_after: '2021-12-01T12:00:00' + Not_before: '2021-01-01T12:00:00' + Issuer: + C: FR + ST: PACA + CN: ETSI-SSP-AAA-CI + O: ETSI.ORG + OU: SSP-TTF + Subject: + C: FR + ST: PACA + CN: ETSI-SSP-AAA-CA + O: ETSI.ORG + OU: SSP-TTF +- Extensions: + CertificatePolicies: + Critical: true + Value: + Identifier: 0.4.0.3666.1.2.1 + Explicit_text: id-role-aaa-application + BasicConstraints: + Critical: true + Value: + CA: false + Serial_number: 5 + Not_after: '2021-12-01T12:00:00' + Not_before: '2021-01-01T12:00:00' + Issuer: + C: FR + ST: PACA + CN: ETSI-SSP-AAA-CA + O: ETSI.ORG + OU: SSP-TTF + Subject: + C: FR + ST: PACA + CN: ETSI-SSP-AAA-EE + O: ETSI.ORG + OU: SSP-TTF \ No newline at end of file diff --git a/ETSI-SSP-AAS-TOKEN-param.yaml b/ETSI-SSP-AAS-TOKEN-param.yaml new file mode 100644 index 0000000..f310ca3 --- /dev/null +++ b/ETSI-SSP-AAS-TOKEN-param.yaml @@ -0,0 +1,24 @@ +Challenge: + Generate: true + Name: AAS01 +CertificationPath: + Name: CP_AAS + Path: + - ETSI-SSP-AAS-CI + - ETSI-SSP-AAS-CA + - ETSI-SSP-AAS-EE + Modeles: + - RFC5280.asn + - RFC3279.asn +AuthenticationToken: + Name: ATK-AAS-ECKA + Issuer: ETSI-SSP-AAS-EE + ECKA-Curve: BrainpoolP256R1 + KeySize: 256 + Modeles: + - RFC5280.asn # x509v3 certificate model + - RFC3279.asn # ECC signature parameters + - SSP_ASN.asn + + + \ No newline at end of file diff --git a/ETSI-SSP-AAS-param.yaml b/ETSI-SSP-AAS-param.yaml new file mode 100644 index 0000000..4ac857e --- /dev/null +++ b/ETSI-SSP-AAS-param.yaml @@ -0,0 +1,77 @@ +- Extensions: + CertificatePolicies: + Critical: true + Value: + Identifier: 0.4.0.3666.1 + Explicit_text: id-role + BasicConstraints: + Critical: true + Value: + CA: true + Pathlen: 1 + Serial_number: 1 + Not_after: '2021-12-01T12:00:00' + Not_before: '2021-01-01T12:00:00' + Issuer: + C: FR + ST: PACA + CN: ETSI-SSP-AAS-CI + O: ETSI.ORG + OU: SSP-TTF + Subject: + C: FR + ST: PACA + CN: ETSI-SSP-AAS-CI + O: ETSI.ORG + OU: SSP-TTF +- Extensions: + CertificatePolicies: + Critical: true + Value: + Identifier: 0.4.0.3666.1.1 + Explicit_text: id-role-aas + BasicConstraints: + Critical: true + Value: + CA: true + Pathlen: 0 + Serial_number: 3 + Not_after: '2021-12-01T12:00:00' + Not_before: '2021-01-01T12:00:00' + Issuer: + C: FR + ST: PACA + CN: ETSI-SSP-AAS-CI + O: ETSI.ORG + OU: SSP-TTF + Subject: + C: FR + ST: PACA + CN: ETSI-SSP-AAS-CA + O: ETSI.ORG + OU: SSP-TTF +- Extensions: + CertificatePolicies: + Critical: true + Value: + Identifier: 0.4.0.3666.1.1.1 + Explicit_text: id-role-aas-service + BasicConstraints: + Critical: true + Value: + CA: false + Serial_number: 5 + Not_after: '2021-12-01T12:00:00' + Not_before: '2021-01-01T12:00:00' + Issuer: + C: FR + ST: PACA + CN: ETSI-SSP-AAS-CA + O: ETSI.ORG + OU: SSP-TTF + Subject: + C: FR + ST: PACA + CN: ETSI-SSP-AAS-EE + O: ETSI.ORG + OU: SSP-TTF diff --git a/ETSI-SSP-AUTHENTICATE-param.yaml b/ETSI-SSP-AUTHENTICATE-param.yaml new file mode 100644 index 0000000..d7b7567 --- /dev/null +++ b/ETSI-SSP-AUTHENTICATE-param.yaml @@ -0,0 +1,37 @@ +Challenge command: # Generate a challenge + Name: AAS01 # Write a binary file containing a 128 bit challenge +Challenge response: + Path: CP_AAS # AAS certification path + Challenge: AAS01 # Write a binary file containing a 128 bit challenge + Name: aAAS-OP-GET-CHALLENGE-Service-Response +Read Challenge response: + Name: aAAS-OP-GET-CHALLENGE-Service-Response +Authenticate command: + Path: CP_AAA + AuthenticationToken: ATK-AAA-ECKA + Name: aAAS-OP-AUTHENTICATE-Service-Command +Authenticate response: + AuthenticationToken: ATK-AAS-ECKA + Name: aAAS-OP-AUTHENTICATE-Service-Response +OAS command: + Name: OAS_COMMAND + Service Identifier: 'DD61116FF0DD57F48A4F52EE70276F24' # Root accessor identifier +OAS response: + Name: OAS_RESPONSE +Read OAS response: + Name: OAS_RESPONSE +Generate shared key: + Private: ATK-AAA-ECKA + Public: ATK-AAS-ECKA + Name: GCM_AAA_AAS +Encrypt: + Name: GCM_AAA_AAS # Container for the derived keys/IV + MTU: 240 + Sequence: 1 + In: Text_In + Out: Text_Out +Decrypt: + Name: GCM_AAA_AAS + MTU: 240 + In: Text_Out + Out: Text_Out_bis \ No newline at end of file diff --git a/ETSI-SSP-CI-param.yaml b/ETSI-SSP-CI-param.yaml new file mode 100644 index 0000000..66998b9 --- /dev/null +++ b/ETSI-SSP-CI-param.yaml @@ -0,0 +1,93 @@ +- Name: "ETSI-SSP-CI" + subject: + C: "FR" + ST: "PARIS" + O: "ETSI-SSP-TTF" + OU: "ETSI" + CN: "ETSI.ORG" + serial_number: 1 + not_before: '2021-01-01T12:00:00' # YYYYMMDDhhmmssZ + not_after: '2021-12-01T12:00:00' # YYYYMMDDhhmmssZ + issuer: "ETSI-SSP-CI" + extensions: + basicConstraints: + critical: True + value: + CA: True + pathlen: 1 + +- Name: "ETSI-SSP-AAA-CA" + subject: + C: "FR" + ST: "PARIS" + O: "ETSI-SSP-TTF" + OU: "ETSI" + CN: "ETSI.ORG" + issuer: "ETSI-SSP-CI" + serial_number: 2 + not_before: '2021-01-01T12:00:00' # YYYYMMDDhhmmssZ + not_after: '2021-12-01T12:00:00' # YYYYMMDDhhmmssZ + extensions: + basicConstraints: + critical: True + value: + CA: True + pathlen: 0 + +- Name: "ETSI-SSP-AAS-CA" + subject: + C: "FR" + ST: "PARIS" + O: "ETSI-SSP-TTF" + OU: "ETSI" + CN: "ETSI.ORG" + serial_number: 3 + not_before: '2021-01-01T12:00:00' # YYYYMMDDhhmmssZ + not_after: '2021-12-01T12:00:00' # YYYYMMDDhhmmssZ + issuer: "ETSI-SSP-CI" + extensions: + basicConstraints: + critical: True + value: + CA: True + pathlen: 0 + id-ce-CertificatePolicies: + type_name: 'certificatePolicies' + critical: TRUE + value: '0 4 0 3666 1 1' + subject: + issuer: + +- Name: "ETSI-SSP-AAA-EE" + subject: + C: "FR" + ST: "PARIS" + O: "ETSI-SSP-TTF" + OU: "ETSI" + CN: "ETSI.ORG" + serial_number: 4 + issuer: "ETSI-SSP-CA-AAA" + not_before: '2021-01-01T12:00:00' # YYYYMMDDhhmmssZ + not_after: '2021-12-01T12:00:00' # YYYYMMDDhhmmssZ + extensions: + basicConstraints: + critical: True + value: + CA: False +- Name: "ETSI-SSP-AAS-EE" + subject: + C: "FR" + ST: "PARIS" + O: "ETSI-SSP-TTF" + OU: "ETSI" + CN: "ETSI.ORG" + serial_number: 5 + not_before: '2021-01-01T12:00:00' # YYYYMMDDhhmmssZ + not_after: '2021-12-01T12:00:00' # YYYYMMDDhhmmssZ + issuer: "ETSI-SSP-CA-AAS" + extensions: + basicConstraints: + critical: True + value: + CA: False + \ No newline at end of file diff --git a/GENKEY.bat b/GENKEY.bat new file mode 100644 index 0000000..bcac71f --- /dev/null +++ b/GENKEY.bat @@ -0,0 +1,44 @@ +clear +echo del private_keys/*.* +del public_keys/*.* +echo openssl ecparam -name brainpoolP384r1 -genkey -noout -outform der -out private_keys/ETSI-SSP-CI-private-key.der +echo openssl ecparam -name brainpoolP384r1 -genkey -noout -outform der -out private_keys/ETSI-SSP-AAA-CA-private-key.der +echo openssl ecparam -name brainpoolP384r1 -genkey -noout -outform der -out private_keys/ETSI-SSP-AAA-EE-private-key.der +echo openssl ecparam -name brainpoolP384r1 -genkey -noout -outform der -out private_keys/ETSI-SSP-AAS-CA-private-key.der +echo openssl ecparam -name brainpoolP384r1 -genkey -noout -outform der -out private_keys/ETSI-SSP-AAS-EE-private-key.der +openssl ecparam -name brainpoolP384r1 -genkey -noout -outform der -out private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.der + +openssl ec -inform DER -in private_keys/ETSI-SSP-AAA-CA-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.pem +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CA-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAA-CA-FAKE-public-key.der + +openssl ec -inform DER -in private_keys/ETSI-SSP-CI-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAA-CI-private-key.pem +openssl ec -inform DER -in private_keys/ETSI-SSP-CI-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAS-CI-private-key.pem +openssl ec -inform DER -in private_keys/ETSI-SSP-AAA-CA-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAA-CA-private-key.pem +openssl ec -inform DER -in private_keys/ETSI-SSP-AAA-EE-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAA-EE-private-key.pem +openssl ec -inform DER -in private_keys/ETSI-SSP-AAS-CA-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAS-CA-private-key.pem +openssl ec -inform DER -in private_keys/ETSI-SSP-AAS-EE-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAS-EE-private-key.pem +openssl ec -inform DER -in private_keys/ETSI-SSP-AAA-CA-private-key.der -outform PEM -out private_keys/ETSI-SSP-AAA-CA-private-key.pem + +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CI-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAA-CI-public-key.der +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-CI-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAS-CI-public-key.der +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CA-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAA-CA-public-key.der +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAA-CA-FAKE-public-key.der +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-EE-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAA-EE-public-key.der +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-EE-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAA-EE-FAKE-public-key.der +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-CA-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAS-CA-public-key.der +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-EE-private-key.der -pubout -outform der -out public_keys/ETSI-SSP-AAS-EE-public-key.der + +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CI-private-key.der -pubout -outform pem -out public_keys/ETSI-SSP-AAA-CI-public-key.pem +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-CI-private-key.der -pubout -outform pem -out public_keys/ETSI-SSP-AAS-CI-public-key.pem +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CA-private-key.der -pubout -outform pem -out public_keys/ETSI-SSP-AAA-CA-public-key.pem +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-EE-private-key.der -pubout -outform pem -out public_keys/ETSI-SSP-AAA-EE-public-key.pem +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-CA-private-key.der -pubout -outform pem -out public_keys/ETSI-SSP-AAS-CA-public-key.pem +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-EE-private-key.der -pubout -outform pem -out public_keys/ETSI-SSP-AAS-EE-public-key.pem + + + +dir private_keys +dir public_keys + +echo openssl x509 -in ETSI-SSP-AAS-EE.asn -inform der -text +echo openssl x509 -text -in certificates/ETSI-SSP-AAA-CA.crt -noout \ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..9b453f2 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2021 Alain Rhelimi + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/RFC3279.asn b/RFC3279.asn new file mode 100644 index 0000000..2056a20 --- /dev/null +++ b/RFC3279.asn @@ -0,0 +1,275 @@ + PKIX1Algorithms88 { iso(1) identified-organization(3) dod(6) + internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) + id-mod-pkix1-algorithms(17) } + + DEFINITIONS EXPLICIT TAGS ::= BEGIN + + -- EXPORTS All; + + -- IMPORTS NONE; + + -- + -- One-way Hash Functions + -- + + md2 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) + digestAlgorithm(2) 2 } + + md5 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) + digestAlgorithm(2) 5 } + + id-sha1 OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) oiw(14) secsig(3) + algorithms(2) 26 } + + -- + -- DSA Keys and Signatures + -- + + -- OID for DSA public key + + id-dsa OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 } + + -- encoding for DSA public key + + DSAPublicKey ::= INTEGER -- public key, y + + Dss-Parms ::= SEQUENCE { + p INTEGER, + q INTEGER, + g INTEGER } + + -- OID for DSA signature generated with SHA-1 hash + + id-dsa-with-sha1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 } + + -- encoding for DSA signature generated with SHA-1 hash + + Dss-Sig-Value ::= SEQUENCE { + r INTEGER, + s INTEGER } + + -- + -- RSA Keys and Signatures + -- + + -- arc for RSA public key and RSA signature OIDs + + pkcs-1 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } + + -- OID for RSA public keys + + rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } + + -- OID for RSA signature generated with MD2 hash + + md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } + + -- OID for RSA signature generated with MD5 hash + + md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } + + -- OID for RSA signature generated with SHA-1 hash + + sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 } + + -- encoding for RSA public key + + RSAPublicKey ::= SEQUENCE { + modulus INTEGER, -- n + publicExponent INTEGER } -- e + + -- + -- Diffie-Hellman Keys + -- + + dhpublicnumber OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) ansi-x942(10046) + number-type(2) 1 } + + -- encoding for DSA public key + + DHPublicKey ::= INTEGER -- public key, y = g^x mod p + + DomainParameters ::= SEQUENCE { + p INTEGER, -- odd prime, p=jq +1 + g INTEGER, -- generator, g + q INTEGER, -- factor of p-1 + j INTEGER OPTIONAL, -- subgroup factor, j>= 2 + validationParms ValidationParms OPTIONAL } + + ValidationParms ::= SEQUENCE { + seed BIT STRING, + pgenCounter INTEGER } + + -- + -- KEA Keys + -- + + id-keyExchangeAlgorithm OBJECT IDENTIFIER ::= + { 2 16 840 1 101 2 1 1 22 } + + KEA-Parms-Id ::= OCTET STRING + + -- + -- Elliptic Curve Keys, Signatures, and Curves + -- + + ansi-X9-62 OBJECT IDENTIFIER ::= { + iso(1) member-body(2) us(840) 10045 } + + FieldID ::= SEQUENCE { -- Finite field + fieldType OBJECT IDENTIFIER, + parameters ANY DEFINED BY fieldType } + + -- Arc for ECDSA signature OIDS + + id-ecSigType OBJECT IDENTIFIER ::= { ansi-X9-62 signatures(4) } + + -- OID for ECDSA signatures with SHA-1 + + ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { id-ecSigType 1 } + + -- OID for an elliptic curve signature + -- format for the value of an ECDSA signature value + + ECDSA-Sig-Value ::= SEQUENCE { + r INTEGER, + s INTEGER } + + -- recognized field type OIDs are defined in the following arc + + id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1) } + + -- where fieldType is prime-field, the parameters are of type Prime-p + + prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } + + Prime-p ::= INTEGER -- Finite field F(p), where p is an odd prime + + -- where fieldType is characteristic-two-field, the parameters are + -- of type Characteristic-two + + characteristic-two-field OBJECT IDENTIFIER ::= { id-fieldType 2 } + + Characteristic-two ::= SEQUENCE { + m INTEGER, -- Field size 2^m + basis OBJECT IDENTIFIER, + parameters ANY DEFINED BY basis } + + -- recognized basis type OIDs are defined in the following arc + + id-characteristic-two-basis OBJECT IDENTIFIER ::= { + characteristic-two-field basisType(3) } + + -- gnbasis is identified by OID gnBasis and indicates + -- parameters are NULL + + gnBasis OBJECT IDENTIFIER ::= { id-characteristic-two-basis 1 } + + -- parameters for this basis are NULL + + -- trinomial basis is identified by OID tpBasis and indicates + -- parameters of type Pentanomial + + tpBasis OBJECT IDENTIFIER ::= { id-characteristic-two-basis 2 } + + -- Trinomial basis representation of F2^m + -- Integer k for reduction polynomial xm + xk + 1 + + Trinomial ::= INTEGER + + -- for pentanomial basis is identified by OID ppBasis and indicates + -- parameters of type Pentanomial + + ppBasis OBJECT IDENTIFIER ::= { id-characteristic-two-basis 3 } + + -- Pentanomial basis representation of F2^m + -- reduction polynomial integers k1, k2, k3 + -- f(x) = x**m + x**k3 + x**k2 + x**k1 + 1 + + Pentanomial ::= SEQUENCE { + k1 INTEGER, + k2 INTEGER, + k3 INTEGER } + + -- The object identifiers gnBasis, tpBasis and ppBasis name + -- three kinds of basis for characteristic-two finite fields + + FieldElement ::= OCTET STRING -- Finite field element + + ECPoint ::= OCTET STRING -- Elliptic curve point + + -- Elliptic Curve parameters may be specified explicitly, + -- specified implicitly through a "named curve", or + -- inherited from the CA + + EcpkParameters ::= CHOICE { + ecParameters ECParameters, + namedCurve OBJECT IDENTIFIER, + implicitlyCA NULL } + + ECParameters ::= SEQUENCE { -- Elliptic curve parameters + version ECPVer, + fieldID FieldID, + curve Curve, + base ECPoint, -- Base point G + order INTEGER, -- Order n of the base point + cofactor INTEGER OPTIONAL } -- The integer h = #E(Fq)/n + + ECPVer ::= INTEGER {ecpVer1(1)} + + + Curve ::= SEQUENCE { + a FieldElement, -- Elliptic curve coefficient a + b FieldElement, -- Elliptic curve coefficient b + seed BIT STRING OPTIONAL } + + id-publicKeyType OBJECT IDENTIFIER ::= { ansi-X9-62 keyType(2) } + + id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 } + + -- Named Elliptic Curves in ANSI X9.62. + + ellipticCurve OBJECT IDENTIFIER ::= { ansi-X9-62 curves(3) } + + c-TwoCurve OBJECT IDENTIFIER ::= { + ellipticCurve characteristicTwo(0) } + + c2pnb163v1 OBJECT IDENTIFIER ::= { c-TwoCurve 1 } + c2pnb163v2 OBJECT IDENTIFIER ::= { c-TwoCurve 2 } + c2pnb163v3 OBJECT IDENTIFIER ::= { c-TwoCurve 3 } + c2pnb176w1 OBJECT IDENTIFIER ::= { c-TwoCurve 4 } + c2tnb191v1 OBJECT IDENTIFIER ::= { c-TwoCurve 5 } + c2tnb191v2 OBJECT IDENTIFIER ::= { c-TwoCurve 6 } + c2tnb191v3 OBJECT IDENTIFIER ::= { c-TwoCurve 7 } + c2onb191v4 OBJECT IDENTIFIER ::= { c-TwoCurve 8 } + c2onb191v5 OBJECT IDENTIFIER ::= { c-TwoCurve 9 } + c2pnb208w1 OBJECT IDENTIFIER ::= { c-TwoCurve 10 } + c2tnb239v1 OBJECT IDENTIFIER ::= { c-TwoCurve 11 } + c2tnb239v2 OBJECT IDENTIFIER ::= { c-TwoCurve 12 } + c2tnb239v3 OBJECT IDENTIFIER ::= { c-TwoCurve 13 } + c2onb239v4 OBJECT IDENTIFIER ::= { c-TwoCurve 14 } + c2onb239v5 OBJECT IDENTIFIER ::= { c-TwoCurve 15 } + c2pnb272w1 OBJECT IDENTIFIER ::= { c-TwoCurve 16 } + c2pnb304w1 OBJECT IDENTIFIER ::= { c-TwoCurve 17 } + c2tnb359v1 OBJECT IDENTIFIER ::= { c-TwoCurve 18 } + c2pnb368w1 OBJECT IDENTIFIER ::= { c-TwoCurve 19 } + c2tnb431r1 OBJECT IDENTIFIER ::= { c-TwoCurve 20 } + + primeCurve OBJECT IDENTIFIER ::= { ellipticCurve prime(1) } + + prime192v1 OBJECT IDENTIFIER ::= { primeCurve 1 } + prime192v2 OBJECT IDENTIFIER ::= { primeCurve 2 } + prime192v3 OBJECT IDENTIFIER ::= { primeCurve 3 } + prime239v1 OBJECT IDENTIFIER ::= { primeCurve 4 } + prime239v2 OBJECT IDENTIFIER ::= { primeCurve 5 } + prime239v3 OBJECT IDENTIFIER ::= { primeCurve 6 } + prime256v1 OBJECT IDENTIFIER ::= { primeCurve 7 } + + END \ No newline at end of file diff --git a/RFC5280.asn b/RFC5280.asn new file mode 100644 index 0000000..f4ba763 --- /dev/null +++ b/RFC5280.asn @@ -0,0 +1,1030 @@ +PKIX1Explicit88 { iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18) } + +DEFINITIONS EXPLICIT TAGS ::= + +BEGIN + +-- EXPORTS ALL -- + +-- IMPORTS NONE -- + +-- UNIVERSAL Types defined in 1993 and 1998 ASN.1 +-- and required by this specification + +UniversalString ::= [UNIVERSAL 28] IMPLICIT OCTET STRING + -- UniversalString is defined in ASN.1:1993 + +BMPString ::= [UNIVERSAL 30] IMPLICIT OCTET STRING + -- BMPString is the subtype of UniversalString and models + -- the Basic Multilingual Plane of ISO/IEC 10646 + +UTF8String ::= [UNIVERSAL 12] IMPLICIT OCTET STRING + -- The content of this type conforms to RFC 3629. + +-- PKIX specific OIDs + +id-pkix OBJECT IDENTIFIER ::= + { iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) pkix(7) } + + +-- PKIX arcs + +id-pe OBJECT IDENTIFIER ::= { id-pkix 1 } + -- arc for private certificate extensions +id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } + -- arc for policy qualifier types +id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } + -- arc for extended key purpose OIDS +id-ad OBJECT IDENTIFIER ::= { id-pkix 48 } + -- arc for access descriptors + +-- policyQualifierIds for Internet policy qualifiers + +id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } + -- OID for CPS qualifier +id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } + -- OID for user notice qualifier + +-- access descriptor definitions + +id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } +id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 } +id-ad-timeStamping OBJECT IDENTIFIER ::= { id-ad 3 } +id-ad-caRepository OBJECT IDENTIFIER ::= { id-ad 5 } + +-- attribute data types + +Attribute ::= SEQUENCE { + type AttributeType, + values SET OF AttributeValue } + -- at least one value is required + +AttributeType ::= OBJECT IDENTIFIER + +AttributeValue ::= ANY -- DEFINED BY AttributeType + +AttributeTypeAndValue ::= SEQUENCE { + type AttributeType, + value AttributeValue } + +-- suggested naming attributes: Definition of the following +-- information object set may be augmented to meet local +-- requirements. Note that deleting members of the set may +-- prevent interoperability with conforming implementations. +-- presented in pairs: the AttributeType followed by the +-- type definition for the corresponding AttributeValue + + + + +-- Arc for standard naming attributes + +id-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 } + +-- Naming attributes of type X520name + +id-at-name AttributeType ::= { id-at 41 } +id-at-surname AttributeType ::= { id-at 4 } +id-at-givenName AttributeType ::= { id-at 42 } +id-at-initials AttributeType ::= { id-at 43 } +id-at-generationQualifier AttributeType ::= { id-at 44 } + +-- Naming attributes of type X520Name: +-- X520name ::= DirectoryString (SIZE (1..ub-name)) +-- +-- Expanded to avoid parameterized type: +X520name ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-name)), + printableString PrintableString (SIZE (1..ub-name)), + universalString UniversalString (SIZE (1..ub-name)), + utf8String UTF8String (SIZE (1..ub-name)), + bmpString BMPString (SIZE (1..ub-name)) } + +-- Naming attributes of type X520CommonName + +id-at-commonName AttributeType ::= { id-at 3 } + +-- Naming attributes of type X520CommonName: +-- X520CommonName ::= DirectoryName (SIZE (1..ub-common-name)) +-- +-- Expanded to avoid parameterized type: +X520CommonName ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-common-name)), + printableString PrintableString (SIZE (1..ub-common-name)), + universalString UniversalString (SIZE (1..ub-common-name)), + utf8String UTF8String (SIZE (1..ub-common-name)), + bmpString BMPString (SIZE (1..ub-common-name)) } + + + + + + + + + +-- Naming attributes of type X520LocalityName + +id-at-localityName AttributeType ::= { id-at 7 } + +-- Naming attributes of type X520LocalityName: +-- X520LocalityName ::= DirectoryName (SIZE (1..ub-locality-name)) +-- +-- Expanded to avoid parameterized type: +X520LocalityName ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-locality-name)), + printableString PrintableString (SIZE (1..ub-locality-name)), + universalString UniversalString (SIZE (1..ub-locality-name)), + utf8String UTF8String (SIZE (1..ub-locality-name)), + bmpString BMPString (SIZE (1..ub-locality-name)) } + +-- Naming attributes of type X520StateOrProvinceName + +id-at-stateOrProvinceName AttributeType ::= { id-at 8 } + +-- Naming attributes of type X520StateOrProvinceName: +-- X520StateOrProvinceName ::= DirectoryName (SIZE (1..ub-state-name)) +-- +-- Expanded to avoid parameterized type: +X520StateOrProvinceName ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-state-name)), + printableString PrintableString (SIZE (1..ub-state-name)), + universalString UniversalString (SIZE (1..ub-state-name)), + utf8String UTF8String (SIZE (1..ub-state-name)), + bmpString BMPString (SIZE (1..ub-state-name)) } + + + + + + + + + + + + + + + + + + + + +-- Naming attributes of type X520OrganizationName + +id-at-organizationName AttributeType ::= { id-at 10 } + +-- Naming attributes of type X520OrganizationName: +-- X520OrganizationName ::= +-- DirectoryName (SIZE (1..ub-organization-name)) +-- +-- Expanded to avoid parameterized type: +X520OrganizationName ::= CHOICE { + teletexString TeletexString + (SIZE (1..ub-organization-name)), + printableString PrintableString + (SIZE (1..ub-organization-name)), + universalString UniversalString + (SIZE (1..ub-organization-name)), + utf8String UTF8String + (SIZE (1..ub-organization-name)), + bmpString BMPString + (SIZE (1..ub-organization-name)) } + +-- Naming attributes of type X520OrganizationalUnitName + +id-at-organizationalUnitName AttributeType ::= { id-at 11 } + +-- Naming attributes of type X520OrganizationalUnitName: +-- X520OrganizationalUnitName ::= +-- DirectoryName (SIZE (1..ub-organizational-unit-name)) +-- +-- Expanded to avoid parameterized type: +X520OrganizationalUnitName ::= CHOICE { + teletexString TeletexString + (SIZE (1..ub-organizational-unit-name)), + printableString PrintableString + (SIZE (1..ub-organizational-unit-name)), + universalString UniversalString + (SIZE (1..ub-organizational-unit-name)), + utf8String UTF8String + (SIZE (1..ub-organizational-unit-name)), + bmpString BMPString + (SIZE (1..ub-organizational-unit-name)) } +-- Naming attributes of type X520Title + +id-at-title AttributeType ::= { id-at 12 } + +-- Naming attributes of type X520Title: +-- X520Title ::= DirectoryName (SIZE (1..ub-title)) +-- +-- Expanded to avoid parameterized type: +X520Title ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-title)), + printableString PrintableString (SIZE (1..ub-title)), + universalString UniversalString (SIZE (1..ub-title)), + utf8String UTF8String (SIZE (1..ub-title)), + bmpString BMPString (SIZE (1..ub-title)) } + +-- Naming attributes of type X520dnQualifier + +id-at-dnQualifier AttributeType ::= { id-at 46 } + +X520dnQualifier ::= PrintableString + +-- Naming attributes of type X520countryName (digraph from IS 3166) + +id-at-countryName AttributeType ::= { id-at 6 } + +X520countryName ::= PrintableString (SIZE (2)) + +-- Naming attributes of type X520SerialNumber + +id-at-serialNumber AttributeType ::= { id-at 5 } + +X520SerialNumber ::= PrintableString (SIZE (1..ub-serial-number)) + +-- Naming attributes of type X520Pseudonym + +id-at-pseudonym AttributeType ::= { id-at 65 } + +-- Naming attributes of type X520Pseudonym: +-- X520Pseudonym ::= DirectoryName (SIZE (1..ub-pseudonym)) +-- +-- Expanded to avoid parameterized type: +X520Pseudonym ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-pseudonym)), + printableString PrintableString (SIZE (1..ub-pseudonym)), + universalString UniversalString (SIZE (1..ub-pseudonym)), + utf8String UTF8String (SIZE (1..ub-pseudonym)), + bmpString BMPString (SIZE (1..ub-pseudonym)) } + + +-- Naming attributes of type DomainComponent (from RFC 4519) + +id-domainComponent AttributeType ::= { 0 9 2342 19200300 100 1 25 } + +DomainComponent ::= IA5String + +-- Legacy attributes + +pkcs-9 OBJECT IDENTIFIER ::= + { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } + +id-emailAddress AttributeType ::= { pkcs-9 1 } + +EmailAddress ::= IA5String (SIZE (1..ub-emailaddress-length)) + +-- naming data types -- + +Name ::= CHOICE { -- only one possibility for now -- + rdnSequence RDNSequence } + +RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + +DistinguishedName ::= RDNSequence + +RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue + +-- Directory string type -- + +DirectoryString ::= CHOICE { + teletexString TeletexString (SIZE (1..MAX)), + printableString PrintableString (SIZE (1..MAX)), + universalString UniversalString (SIZE (1..MAX)), + utf8String UTF8String (SIZE (1..MAX)), + bmpString BMPString (SIZE (1..MAX)) } + +-- certificate and CRL specific structures begin here + +Certificate ::= SEQUENCE { + tbsCertificate TBSCertificate, + signatureAlgorithm AlgorithmIdentifier, + signature BIT STRING } + +TBSCertificate ::= SEQUENCE { + version [0] Version DEFAULT v1, + serialNumber CertificateSerialNumber, + signature AlgorithmIdentifier, + issuer Name, + validity Validity, + subject Name, + subjectPublicKeyInfo SubjectPublicKeyInfo, + issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, + -- If present, version MUST be v2 or v3 + subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, + -- If present, version MUST be v2 or v3 + extensions [3] Extensions OPTIONAL + -- If present, version MUST be v3 -- } + +Version ::= INTEGER { v1(0), v2(1), v3(2) } + +CertificateSerialNumber ::= INTEGER + +Validity ::= SEQUENCE { + notBefore Time, + notAfter Time } + +Time ::= CHOICE { + utcTime UTCTime, + generalTime GeneralizedTime } + +UniqueIdentifier ::= BIT STRING + +SubjectPublicKeyInfo ::= SEQUENCE { + algorithm AlgorithmIdentifier, + subjectPublicKey BIT STRING } + +Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension + +Extension ::= SEQUENCE { + extnID OBJECT IDENTIFIER, + critical BOOLEAN DEFAULT FALSE, + extnValue OCTET STRING + -- contains the DER encoding of an ASN.1 value + -- corresponding to the extension type identified + -- by extnID + } + +-- CRL structures + +CertificateList ::= SEQUENCE { + tbsCertList TBSCertList, + signatureAlgorithm AlgorithmIdentifier, + signature BIT STRING } + +TBSCertList ::= SEQUENCE { + version Version OPTIONAL, + -- if present, MUST be v2 + signature AlgorithmIdentifier, + issuer Name, + thisUpdate Time, + nextUpdate Time OPTIONAL, + revokedCertificates SEQUENCE OF SEQUENCE { + userCertificate CertificateSerialNumber, + revocationDate Time, + crlEntryExtensions Extensions OPTIONAL + -- if present, version MUST be v2 + } OPTIONAL, + crlExtensions [0] Extensions OPTIONAL } + -- if present, version MUST be v2 + +-- Version, Time, CertificateSerialNumber, and Extensions were +-- defined earlier for use in the certificate structure + +AlgorithmIdentifier ::= SEQUENCE { + algorithm OBJECT IDENTIFIER, + parameters ANY DEFINED BY algorithm OPTIONAL } + -- contains a value of the type + -- registered for use with the + -- algorithm object identifier value + +-- X.400 address syntax starts here + +ORAddress ::= SEQUENCE { + built-in-standard-attributes BuiltInStandardAttributes, + built-in-domain-defined-attributes + BuiltInDomainDefinedAttributes OPTIONAL, + -- see also teletex-domain-defined-attributes + extension-attributes ExtensionAttributes OPTIONAL } + +-- Built-in Standard Attributes + +BuiltInStandardAttributes ::= SEQUENCE { + country-name CountryName OPTIONAL, + administration-domain-name AdministrationDomainName OPTIONAL, + network-address [0] IMPLICIT NetworkAddress OPTIONAL, + -- see also extended-network-address + terminal-identifier [1] IMPLICIT TerminalIdentifier OPTIONAL, + private-domain-name [2] PrivateDomainName OPTIONAL, + organization-name [3] IMPLICIT OrganizationName OPTIONAL, + -- see also teletex-organization-name + numeric-user-identifier [4] IMPLICIT NumericUserIdentifier + OPTIONAL, + personal-name [5] IMPLICIT PersonalName OPTIONAL, + -- see also teletex-personal-name + organizational-unit-names [6] IMPLICIT OrganizationalUnitNames + OPTIONAL } + -- see also teletex-organizational-unit-names + +CountryName ::= [APPLICATION 1] CHOICE { + x121-dcc-code NumericString + (SIZE (ub-country-name-numeric-length)), + iso-3166-alpha2-code PrintableString + (SIZE (ub-country-name-alpha-length)) } + +AdministrationDomainName ::= [APPLICATION 2] CHOICE { + numeric NumericString (SIZE (0..ub-domain-name-length)), + printable PrintableString (SIZE (0..ub-domain-name-length)) } + +NetworkAddress ::= X121Address -- see also extended-network-address + +X121Address ::= NumericString (SIZE (1..ub-x121-address-length)) + +TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length)) + +PrivateDomainName ::= CHOICE { + numeric NumericString (SIZE (1..ub-domain-name-length)), + printable PrintableString (SIZE (1..ub-domain-name-length)) } + +OrganizationName ::= PrintableString + (SIZE (1..ub-organization-name-length)) + -- see also teletex-organization-name + +NumericUserIdentifier ::= NumericString + (SIZE (1..ub-numeric-user-id-length)) + +PersonalName ::= SET { + surname [0] IMPLICIT PrintableString + (SIZE (1..ub-surname-length)), + given-name [1] IMPLICIT PrintableString + (SIZE (1..ub-given-name-length)) OPTIONAL, + initials [2] IMPLICIT PrintableString + (SIZE (1..ub-initials-length)) OPTIONAL, + generation-qualifier [3] IMPLICIT PrintableString + (SIZE (1..ub-generation-qualifier-length)) + OPTIONAL } + -- see also teletex-personal-name + +OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units) + OF OrganizationalUnitName + -- see also teletex-organizational-unit-names + +OrganizationalUnitName ::= PrintableString (SIZE + (1..ub-organizational-unit-name-length)) + +-- Built-in Domain-defined Attributes + +BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE + (1..ub-domain-defined-attributes) OF + BuiltInDomainDefinedAttribute + +BuiltInDomainDefinedAttribute ::= SEQUENCE { + type PrintableString (SIZE + (1..ub-domain-defined-attribute-type-length)), + value PrintableString (SIZE + (1..ub-domain-defined-attribute-value-length)) } + +-- Extension Attributes + +ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF + ExtensionAttribute + +ExtensionAttribute ::= SEQUENCE { + extension-attribute-type [0] IMPLICIT INTEGER + (0..ub-extension-attributes), + extension-attribute-value [1] + ANY DEFINED BY extension-attribute-type } + +-- Extension types and attribute values + +common-name INTEGER ::= 1 + +CommonName ::= PrintableString (SIZE (1..ub-common-name-length)) + +teletex-common-name INTEGER ::= 2 + +TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length)) + +teletex-organization-name INTEGER ::= 3 + +TeletexOrganizationName ::= + TeletexString (SIZE (1..ub-organization-name-length)) + +teletex-personal-name INTEGER ::= 4 + +TeletexPersonalName ::= SET { + surname [0] IMPLICIT TeletexString + (SIZE (1..ub-surname-length)), + given-name [1] IMPLICIT TeletexString + (SIZE (1..ub-given-name-length)) OPTIONAL, + initials [2] IMPLICIT TeletexString + (SIZE (1..ub-initials-length)) OPTIONAL, + generation-qualifier [3] IMPLICIT TeletexString + (SIZE (1..ub-generation-qualifier-length)) + OPTIONAL } + +teletex-organizational-unit-names INTEGER ::= 5 + +TeletexOrganizationalUnitNames ::= SEQUENCE SIZE + (1..ub-organizational-units) OF TeletexOrganizationalUnitName + +TeletexOrganizationalUnitName ::= TeletexString + (SIZE (1..ub-organizational-unit-name-length)) + +pds-name INTEGER ::= 7 + +PDSName ::= PrintableString (SIZE (1..ub-pds-name-length)) + +physical-delivery-country-name INTEGER ::= 8 + +PhysicalDeliveryCountryName ::= CHOICE { + x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)), + iso-3166-alpha2-code PrintableString + (SIZE (ub-country-name-alpha-length)) } + +postal-code INTEGER ::= 9 + +PostalCode ::= CHOICE { + numeric-code NumericString (SIZE (1..ub-postal-code-length)), + printable-code PrintableString (SIZE (1..ub-postal-code-length)) } + +physical-delivery-office-name INTEGER ::= 10 + +PhysicalDeliveryOfficeName ::= PDSParameter + +physical-delivery-office-number INTEGER ::= 11 + +PhysicalDeliveryOfficeNumber ::= PDSParameter + +extension-OR-address-components INTEGER ::= 12 + +ExtensionORAddressComponents ::= PDSParameter + +physical-delivery-personal-name INTEGER ::= 13 + +PhysicalDeliveryPersonalName ::= PDSParameter + +physical-delivery-organization-name INTEGER ::= 14 + +PhysicalDeliveryOrganizationName ::= PDSParameter + +extension-physical-delivery-address-components INTEGER ::= 15 + +ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter + +unformatted-postal-address INTEGER ::= 16 + +UnformattedPostalAddress ::= SET { + printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) + OF PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL, + teletex-string TeletexString + (SIZE (1..ub-unformatted-address-length)) OPTIONAL } + +street-address INTEGER ::= 17 + +StreetAddress ::= PDSParameter + +post-office-box-address INTEGER ::= 18 + +PostOfficeBoxAddress ::= PDSParameter + +poste-restante-address INTEGER ::= 19 + +PosteRestanteAddress ::= PDSParameter + +unique-postal-name INTEGER ::= 20 + +UniquePostalName ::= PDSParameter + +local-postal-attributes INTEGER ::= 21 + +LocalPostalAttributes ::= PDSParameter + +PDSParameter ::= SET { + printable-string PrintableString + (SIZE(1..ub-pds-parameter-length)) OPTIONAL, + teletex-string TeletexString + (SIZE(1..ub-pds-parameter-length)) OPTIONAL } + +extended-network-address INTEGER ::= 22 + +ExtendedNetworkAddress ::= CHOICE { + e163-4-address SEQUENCE { + number [0] IMPLICIT NumericString + (SIZE (1..ub-e163-4-number-length)), + sub-address [1] IMPLICIT NumericString + (SIZE (1..ub-e163-4-sub-address-length)) + OPTIONAL }, + psap-address [0] IMPLICIT PresentationAddress } + +PresentationAddress ::= SEQUENCE { + pSelector [0] EXPLICIT OCTET STRING OPTIONAL, + sSelector [1] EXPLICIT OCTET STRING OPTIONAL, + tSelector [2] EXPLICIT OCTET STRING OPTIONAL, + nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING } + +terminal-type INTEGER ::= 23 + +TerminalType ::= INTEGER { + telex (3), + teletex (4), + g3-facsimile (5), + g4-facsimile (6), + ia5-terminal (7), + videotex (8) } (0..ub-integer-options) + +-- Extension Domain-defined Attributes + +teletex-domain-defined-attributes INTEGER ::= 6 + +TeletexDomainDefinedAttributes ::= SEQUENCE SIZE + (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute + +TeletexDomainDefinedAttribute ::= SEQUENCE { + type TeletexString + (SIZE (1..ub-domain-defined-attribute-type-length)), + value TeletexString + (SIZE (1..ub-domain-defined-attribute-value-length)) } + + + +-- specifications of Upper Bounds MUST be regarded as mandatory +-- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter +-- Upper Bounds + +-- Upper Bounds +ub-name INTEGER ::= 32768 +ub-common-name INTEGER ::= 64 +ub-locality-name INTEGER ::= 128 +ub-state-name INTEGER ::= 128 +ub-organization-name INTEGER ::= 64 +ub-organizational-unit-name INTEGER ::= 64 +ub-title INTEGER ::= 64 +ub-serial-number INTEGER ::= 64 +ub-match INTEGER ::= 128 +ub-emailaddress-length INTEGER ::= 255 +ub-common-name-length INTEGER ::= 64 +ub-country-name-alpha-length INTEGER ::= 2 +ub-country-name-numeric-length INTEGER ::= 3 +ub-domain-defined-attributes INTEGER ::= 4 +ub-domain-defined-attribute-type-length INTEGER ::= 8 +ub-domain-defined-attribute-value-length INTEGER ::= 128 +ub-domain-name-length INTEGER ::= 16 +ub-extension-attributes INTEGER ::= 256 +ub-e163-4-number-length INTEGER ::= 15 +ub-e163-4-sub-address-length INTEGER ::= 40 +ub-generation-qualifier-length INTEGER ::= 3 +ub-given-name-length INTEGER ::= 16 +ub-initials-length INTEGER ::= 5 +ub-integer-options INTEGER ::= 256 +ub-numeric-user-id-length INTEGER ::= 32 +ub-organization-name-length INTEGER ::= 64 +ub-organizational-unit-name-length INTEGER ::= 32 +ub-organizational-units INTEGER ::= 4 +ub-pds-name-length INTEGER ::= 16 +ub-pds-parameter-length INTEGER ::= 30 +ub-pds-physical-address-lines INTEGER ::= 6 +ub-postal-code-length INTEGER ::= 16 +ub-pseudonym INTEGER ::= 128 +ub-surname-length INTEGER ::= 40 +ub-terminal-id-length INTEGER ::= 24 +ub-unformatted-address-length INTEGER ::= 180 +ub-x121-address-length INTEGER ::= 16 + +-- Note - upper bounds on string types, such as TeletexString, are +-- measured in characters. Excepting PrintableString or IA5String, a +-- significantly greater number of octets will be required to hold +-- such a value. As a minimum, 16 octets, or twice the specified +-- upper bound, whichever is the larger, should be allowed for + + +-- TeletexString. For UTF8String or UniversalString at least four +-- times the upper bound should be allowed. + +END + +PKIX1Implicit88 { iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit(19) } + +DEFINITIONS IMPLICIT TAGS ::= + +BEGIN + +-- EXPORTS ALL -- + +IMPORTS + id-pe, id-kp, id-qt-unotice, id-qt-cps, + -- delete following line if "new" types are supported -- + BMPString, UTF8String, -- end "new" types -- + ORAddress, Name, RelativeDistinguishedName, + CertificateSerialNumber, Attribute, DirectoryString + FROM PKIX1Explicit88 { iso(1) identified-organization(3) + dod(6) internet(1) security(5) mechanisms(5) pkix(7) + id-mod(0) id-pkix1-explicit(18) }; + +-- ISO arc for standard certificate and CRL extensions + +id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} + +-- authority key identifier OID and syntax + +id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } + +AuthorityKeyIdentifier ::= SEQUENCE { + keyIdentifier [0] KeyIdentifier OPTIONAL, + authorityCertIssuer [1] GeneralNames OPTIONAL, + authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } + -- authorityCertIssuer and authorityCertSerialNumber MUST both + -- be present or both be absent + +KeyIdentifier ::= OCTET STRING + + + + +-- subject key identifier OID and syntax + +id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } + +SubjectKeyIdentifier ::= KeyIdentifier + +-- key usage extension OID and syntax + +id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } + +KeyUsage ::= BIT STRING { + digitalSignature (0), + nonRepudiation (1), -- recent editions of X.509 have + -- renamed this bit to contentCommitment + keyEncipherment (2), + dataEncipherment (3), + keyAgreement (4), + keyCertSign (5), + cRLSign (6), + encipherOnly (7), + decipherOnly (8) } + +-- private key usage period extension OID and syntax + +id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16 } + +PrivateKeyUsagePeriod ::= SEQUENCE { + notBefore [0] GeneralizedTime OPTIONAL, + notAfter [1] GeneralizedTime OPTIONAL } + -- either notBefore or notAfter MUST be present + +-- certificate policies extension OID and syntax + +id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } + +anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificatePolicies 0 } + +CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation + +PolicyInformation ::= SEQUENCE { + policyIdentifier CertPolicyId, + policyQualifiers SEQUENCE SIZE (1..MAX) OF + PolicyQualifierInfo OPTIONAL } + +CertPolicyId ::= OBJECT IDENTIFIER + +PolicyQualifierInfo ::= SEQUENCE { + policyQualifierId PolicyQualifierId, + qualifier ANY DEFINED BY policyQualifierId } + +-- Implementations that recognize additional policy qualifiers MUST +-- augment the following definition for PolicyQualifierId + +PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice ) + +-- CPS pointer qualifier + +CPSuri ::= IA5String + +-- user notice qualifier + +UserNotice ::= SEQUENCE { + noticeRef NoticeReference OPTIONAL, + explicitText DisplayText OPTIONAL } + +NoticeReference ::= SEQUENCE { + organization DisplayText, + noticeNumbers SEQUENCE OF INTEGER } + +DisplayText ::= CHOICE { + ia5String IA5String (SIZE (1..200)), + visibleString VisibleString (SIZE (1..200)), + bmpString BMPString (SIZE (1..200)), + utf8String UTF8String (SIZE (1..200)) } + +-- policy mapping extension OID and syntax + +id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } + +PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE { + issuerDomainPolicy CertPolicyId, + subjectDomainPolicy CertPolicyId } + +-- subject alternative name extension OID and syntax + +id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } + +SubjectAltName ::= GeneralNames + +GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName + +GeneralName ::= CHOICE { + otherName [0] AnotherName, + rfc822Name [1] IA5String, + dNSName [2] IA5String, + x400Address [3] ORAddress, + directoryName [4] Name, + ediPartyName [5] EDIPartyName, + uniformResourceIdentifier [6] IA5String, + iPAddress [7] OCTET STRING, + registeredID [8] OBJECT IDENTIFIER } + +-- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as +-- TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax + +AnotherName ::= SEQUENCE { + type-id OBJECT IDENTIFIER, + value [0] EXPLICIT ANY DEFINED BY type-id } + +EDIPartyName ::= SEQUENCE { + nameAssigner [0] DirectoryString OPTIONAL, + partyName [1] DirectoryString } + +-- issuer alternative name extension OID and syntax + +id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } + +IssuerAltName ::= GeneralNames + +id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } + +SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute + +-- basic constraints extension OID and syntax + +id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } + +BasicConstraints ::= SEQUENCE { + cA BOOLEAN DEFAULT FALSE, + pathLenConstraint INTEGER (0..MAX) OPTIONAL } + + +-- name constraints extension OID and syntax + +id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } + +NameConstraints ::= SEQUENCE { + permittedSubtrees [0] GeneralSubtrees OPTIONAL, + excludedSubtrees [1] GeneralSubtrees OPTIONAL } + +GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree + +GeneralSubtree ::= SEQUENCE { + base GeneralName, + minimum [0] BaseDistance DEFAULT 0, + maximum [1] BaseDistance OPTIONAL } + +BaseDistance ::= INTEGER (0..MAX) + +-- policy constraints extension OID and syntax + +id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } + +PolicyConstraints ::= SEQUENCE { + requireExplicitPolicy [0] SkipCerts OPTIONAL, + inhibitPolicyMapping [1] SkipCerts OPTIONAL } + +SkipCerts ::= INTEGER (0..MAX) + +-- CRL distribution points extension OID and syntax + +id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} + +CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint + +DistributionPoint ::= SEQUENCE { + distributionPoint [0] DistributionPointName OPTIONAL, + reasons [1] ReasonFlags OPTIONAL, + cRLIssuer [2] GeneralNames OPTIONAL } + +DistributionPointName ::= CHOICE { + fullName [0] GeneralNames, + nameRelativeToCRLIssuer [1] RelativeDistinguishedName } + + +ReasonFlags ::= BIT STRING { + unused (0), + keyCompromise (1), + cACompromise (2), + affiliationChanged (3), + superseded (4), + cessationOfOperation (5), + certificateHold (6), + privilegeWithdrawn (7), + aACompromise (8) } + +-- extended key usage extension OID and syntax + +id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} + +ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId + +KeyPurposeId ::= OBJECT IDENTIFIER + +-- permit unspecified key uses + +anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } + +-- extended key purpose OIDs + +id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } +id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } +id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } +id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } +id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } +id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } + +-- inhibit any policy OID and syntax + +id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } + +InhibitAnyPolicy ::= SkipCerts + +-- freshest (delta)CRL extension OID and syntax + +id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } + +FreshestCRL ::= CRLDistributionPoints +-- authority info access + +id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 } + +AuthorityInfoAccessSyntax ::= + SEQUENCE SIZE (1..MAX) OF AccessDescription + +AccessDescription ::= SEQUENCE { + accessMethod OBJECT IDENTIFIER, + accessLocation GeneralName } + +-- subject info access + +id-pe-subjectInfoAccess OBJECT IDENTIFIER ::= { id-pe 11 } + +SubjectInfoAccessSyntax ::= + SEQUENCE SIZE (1..MAX) OF AccessDescription + +-- CRL number extension OID and syntax + +id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } + +CRLNumber ::= INTEGER (0..MAX) + +-- issuing distribution point extension OID and syntax + +id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28 } + +IssuingDistributionPoint ::= SEQUENCE { + distributionPoint [0] DistributionPointName OPTIONAL, + onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE, + onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, + onlySomeReasons [3] ReasonFlags OPTIONAL, + indirectCRL [4] BOOLEAN DEFAULT FALSE, + onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE } + -- at most one of onlyContainsUserCerts, onlyContainsCACerts, + -- and onlyContainsAttributeCerts may be set to TRUE. + +id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27 } + +BaseCRLNumber ::= CRLNumber +-- reason code extension OID and syntax + +id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 } + +CRLReason ::= ENUMERATED { + unspecified (0), + keyCompromise (1), + cACompromise (2), + affiliationChanged (3), + superseded (4), + cessationOfOperation (5), + certificateHold (6), + removeFromCRL (8), + privilegeWithdrawn (9), + aACompromise (10) } + +-- certificate issuer CRL entry extension OID and syntax + +id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29 } + +CertificateIssuer ::= GeneralNames + +-- hold instruction extension OID and syntax + +id-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-ce 23 } + +HoldInstructionCode ::= OBJECT IDENTIFIER + +-- ANSI x9 arc holdinstruction arc + +holdInstruction OBJECT IDENTIFIER ::= + {joint-iso-itu-t(2) member-body(2) us(840) x9cm(10040) 2} + +-- ANSI X9 holdinstructions + +id-holdinstruction-none OBJECT IDENTIFIER ::= + {holdInstruction 1} -- deprecated + +id-holdinstruction-callissuer OBJECT IDENTIFIER ::= {holdInstruction 2} + +id-holdinstruction-reject OBJECT IDENTIFIER ::= {holdInstruction 3} +END \ No newline at end of file diff --git a/Readme.md b/Readme.md new file mode 100644 index 0000000..366d71d --- /dev/null +++ b/Readme.md @@ -0,0 +1,123 @@ +# ETSI SSP TTF x509 certificates generation +## Overview +This set of programs and files aims at generating the x509v3 certificates used for the Accessor Authentication Service as described in the annex C of the [TS 103.666 part 1 V15.2.0 (2020-04)](https://www.etsi.org/deliver/etsi_ts/103600_103699/10366601/15.00.00_60/ts_10366601v150000p.pdf) . +## Installation +OpenSSL 3.0.0 shall be installed. The guidline for performing the installation are availabe in [OpenSSL](https://www.openssl.org) +Python Cryptography package shall be installed. The guidline for performing the installation are availabe in [Cryptography.io](https://cryptography.io/en/latest/installation.html) . +## Generation of the private and public keys +The batch file GENKEY.bat contains the OpenSSL instruction for generating the private and public keys acccording to the the annex C of the TS 103.666 part 1. +The following shell command shall be executed. + +`./GENKEY.bat` + +## Generation of the cerficates +The followint command shall be executed. + +`python3 CreateCertificate.py -i */, + aSimultaneousFileSessions 1/* */, + aSimultaneousFileSessionsPerFile 1/* */, + aTotalCapacity 0/**/, + aFreeCapacity 0/**/, + aMaxMetaDataSizePerNode 0 /**/ + } +} + +END \ No newline at end of file diff --git a/certificates/ETSI-SSP-AAA-CA.der b/certificates/ETSI-SSP-AAA-CA.der new file mode 100644 index 0000000000000000000000000000000000000000..c33a81664caee6e89d254f1f201dfbfd8447089d GIT binary patch literal 649 zcmXqLVrn&LV&YlA%*4pV#K>&G#m1r4=5fxJg_+49+K}6TlZ`o)g-w{rEy$49fE&c& z;9&`Hbaph9Fc1TAnR)nKLxMeZgM$Nf9UUEYojnZ&4fsJaTs#~g89o0XcS8XKK9CSM z4?9R*NQj$(oH(zMp@E@+p`nq1fq_93h-+vB=aOl;BXO2j8Hlj4gZ;_G$i}Iy!pzLX z!N|zXoW#H)xw`yBh2EF>GuGQEJ9QK@1fJPu<$3GT1nn1dT$(+1r%&_nO=M{cKXxGK zu*LqvSLEVXGz2YAP(7RMTWP**Z;tG#JG+f}Tk~xsdepU)rCvV}`YiH)&2^<|j&*bQ zy#1ZUwYYJaecSp`PM|16pY>ISN8Y%C0Of*6?$qzxq5IJDUqSy|bcm<)J% zxHD69i}G_)L1Akk1kxl7(!^oF#>n`eiIKrT2_&Wr5|c0xYY;j6Jonon)BVetdc=gK zk3M65)3esyKo+Eik420{gx6@&L)HRu^SX(J5fzH{i{rWSOu=YKIhGV^EbtiN}UUU1)sC#m1r4=5fxJg_+49+K}6TlZ`o)g-w{rEy$49fE&c& z;9&`Hbaph9Fc1TAnR)nKLxMeZgM$Nf9UUEYojnZ&4fsJaTs#~g89o0XcS8XKK9CSM z4?9R*NQj$(oH(zMp@E@+p`nq1fq_93h-+vB=hD{lDgzNVcCbI07}+?rRhXHXI2akZ znUfe;T<(sWde*ZGT?5OYBdafr0 z!tHz6TT**$cuzlFwe7s(sYSL${BL}B?Vere`{YB-gf}gL4+Au^j$LhBEBCOQB~V{; zXUXEmSq6>M4fNQULuC~h8UM4W7$_Miu(7f*%n4#N5H}EI4FkoY3{11vNC6JghNKC>&tU=`L^W1NTO!qHm>Jbx`KKhLLP0w0) z16hz7J{B<+?9!lEk>v*&!NSbM-hdqa%;^jUDNF{jJ0pH~ynM|ayj8$iCfjupOJsn5 zb(^ood!=a;f9PixY2A_24!)Nt`oFNKP$GM#Hj_bF*2YaQ)&}NAB;226_|nqSrdvUB ii`iV2S*}eDKdmzM3BGaqv-j-HulCiPrza<5CISGY`?(MR literal 0 HcmV?d00001 diff --git a/certificates/ETSI-SSP-AAA-CI.pem b/certificates/ETSI-SSP-AAA-CI.pem new file mode 100644 index 0000000..953162e --- /dev/null +++ b/certificates/ETSI-SSP-AAA-CI.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICgDCCAgegAwIBAgIBATAKBggqhkjOPQQDAjBbMQswCQYDVQQGEwJGUjENMAsG +A1UECAwEUEFDQTEYMBYGA1UEAwwPRVRTSS1TU1AtQUFBLUNJMREwDwYDVQQKDAhF +VFNJLk9SRzEQMA4GA1UECwwHU1NQLVRURjAeFw0yMTAxMDExMjAwMDBaFw0yMTEy +MDExMjAwMDBaMFsxCzAJBgNVBAYTAkZSMQ0wCwYDVQQIDARQQUNBMRgwFgYDVQQD +DA9FVFNJLVNTUC1BQUEtQ0kxETAPBgNVBAoMCEVUU0kuT1JHMRAwDgYDVQQLDAdT +U1AtVFRGMHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABEXfoLJouwwLaLkQ2Rj4 ++lU6a+bR0vTNAqkvPkPpfa4mt6vv6WA2xU2tfwrkcBOHvQeEZYw8DcvlqrbPIcqi +PXIP7E26u5txTeTwfJDshFHhUChqxtWBrR7hiwRRLym5dKOBmjCBlzAuBgNVHSAB +Af8EJDAiMCAGBQQAnFIBMBcwFQYIKwYBBQUHAgIwCQwHaWQtcm9sZTASBgNVHRMB +Af8ECDAGAQH/AgEBMCIGA1UdIwEB/wQYMBaAFM3nbfbCNb+nAowWExvF5gPsjK1H +MB0GA1UdDgQWBBTN5232wjW/pwKMFhMbxeYD7IytRzAOBgNVHQ8BAf8EBAMCB4Aw +CgYIKoZIzj0EAwIDZwAwZAIwXblY+4jp6wtTtRBDHGtFogRZUE97hk0o7yKWkfgv +aXIq3B4rU95hFf9xcnEYa5krAjB2arGy6K1RbVhg35ox6Tk5PIsgGbQ2nSSaRYKA ++TpovhHsQvy9zdn1P3sJy5NgaWE= +-----END CERTIFICATE----- diff --git a/certificates/ETSI-SSP-AAA-EE.der b/certificates/ETSI-SSP-AAA-EE.der new file mode 100644 index 0000000000000000000000000000000000000000..a6c8bca923957a56b38d02cbdee2193b6b789460 GIT binary patch literal 656 zcmXqLV(KwyViI1!%*4pV#K>yE#m1r4=5fxJg_+49+K}6TlZ`o)g-w{rEy$49fE&c& z;9&`Hbaph9Fc1TAnR)nKLxMeZgM$Nf9UUEYogEDY4fsJaTs#~g89o0XcS8XKK9CSM z4?9R*NQj$(oH(zMp@E@+p`nq1fq_93h-+vB=aOf+t1EGqR~d+~v4j1|#K^{}t-{RA z#KFkO&78!*5~;Lcn>foQsh%kH2xW%duK^T8=Xr)XOUGoaB&|#q@s1j@6SRUg=%rn0~RUplhnwovyu_`#!Ag UJ-qatB>yAFjQyQ&81K9V09By80{{R3 literal 0 HcmV?d00001 diff --git a/certificates/ETSI-SSP-AAA-EE.pem b/certificates/ETSI-SSP-AAA-EE.pem new file mode 100644 index 0000000..71fb971 --- /dev/null +++ b/certificates/ETSI-SSP-AAA-EE.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICjDCCAhOgAwIBAgIBBTAKBggqhkjOPQQDAjBbMQswCQYDVQQGEwJGUjENMAsG +A1UECAwEUEFDQTEYMBYGA1UEAwwPRVRTSS1TU1AtQUFBLUNBMREwDwYDVQQKDAhF +VFNJLk9SRzEQMA4GA1UECwwHU1NQLVRURjAeFw0yMTAxMDExMjAwMDBaFw0yMTEy +MDExMjAwMDBaMFsxCzAJBgNVBAYTAkZSMQ0wCwYDVQQIDARQQUNBMRgwFgYDVQQD +DA9FVFNJLVNTUC1BQUEtRUUxETAPBgNVBAoMCEVUU0kuT1JHMRAwDgYDVQQLDAdT +U1AtVFRGMHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABFkioLYXBNIajFonWCMA +u3cm60mtK92FX8s0khiM3ycpqjTtrljbbZOMbSeDfcvXh4TyCi1Hmxdt3O1oo9t2 +R/KcWq4glyQn/AAsuKem8lKCYPj7PaJ1XAMije4F/WZviqOBpjCBozBABgNVHSAB +Af8ENjA0MDIGBwQAnFIBAgEwJzAlBggrBgEFBQcCAjAZDBdpZC1yb2xlLWFhYS1h +cHBsaWNhdGlvbjAMBgNVHRMBAf8EAjAAMCIGA1UdIwEB/wQYMBaAFA0ykuEFcBc3 +fpFxWHghf6NfCm41MB0GA1UdDgQWBBTcNg23ofa8FZoZ/W4rQKUQmK6BhjAOBgNV +HQ8BAf8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIwdD7M2KiiRTzYrGGBJ2khF0T2 +FIB+M+ub+BeclwC3VUFggtin2Jkjl7ujoFfCcoTHAjB/HSO5kkBqagLvuLirk1jq +LtEIl9F6cIqVFtyKvSm+8K2Nw6XuGQ/iQWi/iewB3O0= +-----END CERTIFICATE----- diff --git a/certificates/ETSI-SSP-AAS-CA.der b/certificates/ETSI-SSP-AAS-CA.der new file mode 100644 index 0000000000000000000000000000000000000000..251a842db13b6623b22b409fa20bbd8ce55834a1 GIT binary patch literal 649 zcmXqLVrn&LV&YlA%*4pV#K>&G#m1r4=5fxJg_+49+K}6TlZ`o)g-w{rEy$49fE&c& z;9&`Hbaph9Fc1TAnR)nKLxMeZgM$Nf9UX&pojnZ&4fsJaTs#~g89o0XcS8XKK9CSM z4?9R*NQj$(oH(zMp@E@+p`nq1fq_93h-+vB=aOl;BXO2j8Hlj4gZ;_G$i}Iy!pzLX z!N|zXoW#J={k@XuOZLmvz z$;_LW6jl+$9UowlYNjI3yi>hwN08E=lhYqf`}s5~g7r%!kFm%0!iL+L7CuEzE=xr? z+cvZKFK(P~&^X7yn2kA9R)LZ6KZ~Y;x`8Si8w#>&eS6& zEPeDD^P8Tv?gp|THGC{$EFxD;zkON1Vw)iIEQYsMiA@U_R!%SjM~y5$$Osl@CiVv8 zG{BtBV35LOpt5l%>lv2@o~K1$BU}_u%;ve!zVgYdU)`;qdXw&C?t59huDiuAdlp}s zvUt<%$oc1)43cu3TzeASE=k{;BJXSL@W^_})2^fTk)q98=FDG|@%5N++QXi(W2O4@ Mmp^=?+WOiR05-O_i~s-t literal 0 HcmV?d00001 diff --git a/certificates/ETSI-SSP-AAS-CA.pem b/certificates/ETSI-SSP-AAS-CA.pem new file mode 100644 index 0000000..887ddbc --- /dev/null +++ b/certificates/ETSI-SSP-AAS-CA.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIIChTCCAgygAwIBAgIBAzAKBggqhkjOPQQDAjBbMQswCQYDVQQGEwJGUjENMAsG +A1UECAwEUEFDQTEYMBYGA1UEAwwPRVRTSS1TU1AtQUFTLUNJMREwDwYDVQQKDAhF +VFNJLk9SRzEQMA4GA1UECwwHU1NQLVRURjAeFw0yMTAxMDExMjAwMDBaFw0yMTEy +MDExMjAwMDBaMFsxCzAJBgNVBAYTAkZSMQ0wCwYDVQQIDARQQUNBMRgwFgYDVQQD +DA9FVFNJLVNTUC1BQVMtQ0ExETAPBgNVBAoMCEVUU0kuT1JHMRAwDgYDVQQLDAdT +U1AtVFRGMHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABIv3eQL0X6Can3mnXC/v +2+fpDPADAdCf2FuzBr47lmI4lJVxWJUcJ3TAkhyekWJWeFILX1A0ZTYkHwO5J3a4 +UiL8yZfilvnlWlgF9HkMM0i3cYDbKThMckJEpRQJhrMET6OBnzCBnDAzBgNVHSAB +Af8EKTAnMCUGBgQAnFIBATAbMBkGCCsGAQUFBwICMA0MC2lkLXJvbGUtYWFzMBIG +A1UdEwEB/wQIMAYBAf8CAQAwIgYDVR0jAQH/BBgwFoAUzedt9sI1v6cCjBYTG8Xm +A+yMrUcwHQYDVR0OBBYEFNU19vSvqLYRA5oA7TphgqAAqZA2MA4GA1UdDwEB/wQE +AwIHgDAKBggqhkjOPQQDAgNnADBkAjAksbkFzESADOVy9VhEIcibDNCHqeTq+ouF +SS6S3Gm+6XOui4ROa5oOZiMXgptZn88CMGJsQkWMYEbSG96UH00zQOI7pOWKxT9Z +FYO0nJ+iaPXGE2bhjFbGdS+fp+HsJYXrRQ== +-----END CERTIFICATE----- diff --git a/certificates/ETSI-SSP-AAS-CI.der b/certificates/ETSI-SSP-AAS-CI.der new file mode 100644 index 0000000000000000000000000000000000000000..8283a27991fe3c716beb14cd1627fdcd25b4e2c8 GIT binary patch literal 643 zcmXqLVyZW2Vq#yw%*4pV#K>sC#m1r4=5fxJg_+49+K}6TlZ`o)g-w{rEy$49fE&c& z;9&`Hbaph9Fc1TAnR)nKLxMeZgM$Nf9UX&pojnZ&4fsJaTs#~g89o0XcS8XKK9CSM z4?9R*NQj$(oH(zMp@E@+p`nq1fq_93h-+vB=hD{lDgzNVcCbI07}+?rRhXHXI2akZ znUfe;T<(sWde*ZGT?5OYBdafr0 z!tHz6TT**$cuzlFwe7s(sYSL${BL}B?Vere`{YB-gf}gL4+Au^j$LhBEBCOQB~V{; zXUXEmSq6>M4fNQULuC~h8UM4W7$_Miu(7f*%n4#N5H}EI4FkoY3{11vNC6JghNKC>&tU=`L^W1NTO!qHm>Jbx`KKhLLP0w0) z16hz7J{B<+?9!lEk>v*&!NSbM-hdqa%xMe;$xQlYuWJo=XZPP~xu;p08+0?EKcmT6 z@I}olvk0L>H8(c$slB))>XPGB{AzRd+5hc#m<+77A|C_@=qQJz@Y|XMuRV4*EY>^d g|07LfR%h|hYsb#LSNyZr^H|0{=O@P1?s|8^0K(e2`2YX_ literal 0 HcmV?d00001 diff --git a/certificates/ETSI-SSP-AAS-CI.pem b/certificates/ETSI-SSP-AAS-CI.pem new file mode 100644 index 0000000..9258ebe --- /dev/null +++ b/certificates/ETSI-SSP-AAS-CI.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICfzCCAgegAwIBAgIBATAKBggqhkjOPQQDAjBbMQswCQYDVQQGEwJGUjENMAsG +A1UECAwEUEFDQTEYMBYGA1UEAwwPRVRTSS1TU1AtQUFTLUNJMREwDwYDVQQKDAhF +VFNJLk9SRzEQMA4GA1UECwwHU1NQLVRURjAeFw0yMTAxMDExMjAwMDBaFw0yMTEy +MDExMjAwMDBaMFsxCzAJBgNVBAYTAkZSMQ0wCwYDVQQIDARQQUNBMRgwFgYDVQQD +DA9FVFNJLVNTUC1BQVMtQ0kxETAPBgNVBAoMCEVUU0kuT1JHMRAwDgYDVQQLDAdT +U1AtVFRGMHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABEXfoLJouwwLaLkQ2Rj4 ++lU6a+bR0vTNAqkvPkPpfa4mt6vv6WA2xU2tfwrkcBOHvQeEZYw8DcvlqrbPIcqi +PXIP7E26u5txTeTwfJDshFHhUChqxtWBrR7hiwRRLym5dKOBmjCBlzAuBgNVHSAB +Af8EJDAiMCAGBQQAnFIBMBcwFQYIKwYBBQUHAgIwCQwHaWQtcm9sZTASBgNVHRMB +Af8ECDAGAQH/AgEBMCIGA1UdIwEB/wQYMBaAFM3nbfbCNb+nAowWExvF5gPsjK1H +MB0GA1UdDgQWBBTN5232wjW/pwKMFhMbxeYD7IytRzAOBgNVHQ8BAf8EBAMCB4Aw +CgYIKoZIzj0EAwIDZgAwYwIvNut9Mbtrj9qE3il1bVLZUI9ogkMR6HzqNlgSwnzY +sQ4m6NIVRGxCc+qza83/h9wCMDsqWeBQECwjVGQPPTRTrcbdVl1LUv/iKTMFQxdV +1sbO7yH8vUnGaL5D5DN7Ry7cVg== +-----END CERTIFICATE----- diff --git a/certificates/ETSI-SSP-AAS-EE.der b/certificates/ETSI-SSP-AAS-EE.der new file mode 100644 index 0000000000000000000000000000000000000000..f8e4e65c6eb80af8b821f66b422ec2d343664781 GIT binary patch literal 652 zcmXqLV(KtxV&Y%G%*4pV#K>yE#m1r4=5fxJg_+49+K}6TlZ`o)g-w{rEy$49fE&c& z;9&`Hbaph9Fc1TAnR)nKLxMeZgM$Nf9UX&pogEDY4fsJaTs#~g89o0XcS8XKK9CSM z4?9R*NQj$(oH(zMp@E@+p`nq1fq_93h-+vB=aOf+t1EGqR~d+~v4j1|#K^{}t-{RA z#KFkO&78!*k}x5q@DwNia@#ivzxr>?%|2H2bF%T$Crme=N?v})MkVKQ*M)VID>_to}85;v@OxBYl_Gi~qPijy&OOgdh@GhZveT>i4iqO=u9 zl@qqD`&Y!6{gTN*A+B)gjq`j44Gj$25Az>he&9Gm?A8TUJq>%>… \ No newline at end of file diff --git a/credentials/CP_AAA.der b/credentials/CP_AAA.der new file mode 100644 index 0000000000000000000000000000000000000000..28dbba187ff4dbf38ec6d40fbe570fdadd8d9f7f GIT binary patch literal 1953 zcmXqPVxMc!#MEHW#KgXUnTe5!iILHOi;Y98&EuRc3p0~Jv>~?vCmVAp3!5;LTaY2I z0XK-l!NU^Z=|oi9(ItrkPtTmIdNViLjywtLqj720|SF75ZBNM&ZVv8RR$t#>|lQ~F|u)Lt1vS& zaWFD+Gbb^yxZYo|DPuPecg9YEn-V{Mg<54lyLjo#S*DfxcFr$r*Qsq^{r+Ww*-_uM z^;}O1gxmMBx1{#i@Sc9UYTJ3mQ;Tei_}}>M+C96__sNHv32#~g9|mY-9lP4NR_4cSii~c=?(;c&mW3Ot$MH zmdF7A>Na1E_e#?y{?N}X(z+w39egiQ^nYPdp+xpfZ6<@Vtc{yqtPRYKNVq@C@TH}t zO}B#N7PGl3vs{}Rep+Sh6MWYBgwL;(?|?W@JauHW|<+ z4LTB+0q~?j$<^g2D)he0pRwLX*{P$LA@IyLE6-bxCTPEy4I1Yd7=zLVI1OqVs2ixVv4PVdlYz8>BvK;e<>7`VLQww3k`NgTNK1&k zMw1@07KoeIO)QM4P^@1Z&y{BiE*|hF#1!HDFQ!Lk{*0aV_wLaP?psrrsC}IGrZD7| zb1L6oS9fbIQ+2}|Keug6-` zS(Q(EuHkcJ>kRw9K_1Wfbo3T)`VwTEY0$*fW6;DT3{8lvR7i+KrUjZLL|0de6Jn&& zf^Fg~m!x{4)FYG`c9*NY_FSudw>AE>$s~!M`|6sjOx~`GxScz>Cs)0>_Vo4kmQP%| z?z6>n@4U@ee7ns3)10Vv3e#28|1jw6SibC2P*cK>-?ocNW0;kC-?9Ep%kNs;xXhq& zv4I0TA(|PO7#Oj!LlPn*I8`EwLrETSSV~MxOw>&*D9Fi7PAtjH&okfwnE);xnG7(} zBi00mC>ZaU@or!EZI9?I$-jBp4od}QtZQr|B0ZMaow>1Mk*m#(HHnStnTp~r-$WYf zj9<_GAwFk1!}d_egr*zIZ_HGlzI*Y4@Iyr{$C(W3WtDeMa>&YJdcR}G>d6tW^e%Et jzgSh!HC60R*IvziAJ+CBUiwaw|B++H{?0dycisX39|~?vCmVAp3!5;LTaY2I z0XK-l!NU^Z=|oi9(ItrkPtTmIdNViLjywtLqj720|SF75ZBNM&ZVv8RR$t#>|lQ~F|u)Lt1vS& zaWFD+Gbb^yxZYo|DPuPecg9YEn-V{Mg<54lyLjo#S*DfxcFr$r*Qsq^{r+Ww*-_uM z^;}O1gxmMBx1{#i@Sc9UYTJ3mQ;Tei_}}>M+C96__sNHv32#~g9|mY-9lP4NR_fE_e!QO@e5|nuUsCZ|Ni##mpmVs886Jg5xtphpY^mPiz!nJBc{rzmmHWR zGjC#2SVa(be1J)+nTkB~PW7@KK}vs4PJcA*=hLVN)-RPj#va=X8*Xb__!K$0EEVBw z+sxv>xN*Kg;~WEHP|^S=K}`d7164LQa1vxRkT#G+N`t&S+|V?ro0wRPB^@#tkd_Xw zntuDTe#JIH=2;AHtrD9SFsz(l1}+_NrNeXvgA^tMm5n=D&$u-3JT3Yf;i7nAHqV9j zl}}#%>TdPan{+30-^=24-7S9Ev-r}K#hYeF&Ogs&kd))(+LPdRN&4Otd0%6PN7hT8 zb{(~k6m8xzXa1s$ug8Sb9`=MCE7hOB{NWqb*4M5EO-vmIO-%gIgvd&Tgh*ssph-e> zb)`5VCQL{vJjKbs-1bevul^fzvyT=1oNT=G3DeD|l9%5x`5oPIYsvHjX-tNUA;P6S zB6dPD2PZx6|8X?1FxOzt$sk^}`Ai3P3$?pDq=4<7b%U>2*l(yoia>BNC|B4v1Uosge#1$^Rah}hhp@CuhVgAF*4;*KR i-MXNvr(qA<%1NCSbJyv(l^ONg$BR8HU%Qa!U@8FdmoGm6 literal 0 HcmV?d00001 diff --git a/credentials/GCM_AAA_AAS.der b/credentials/GCM_AAA_AAS.der new file mode 100644 index 0000000..8305c39 --- /dev/null +++ b/credentials/GCM_AAA_AAS.der @@ -0,0 +1 @@ +04 i’2³µüþ¶E}¦h¬b¯Ùs²AßÙpœlÜd†!ŠR¿J•gDê+)÷ \ No newline at end of file diff --git a/credentials/Text_in.bin b/credentials/Text_in.bin new file mode 100644 index 0000000..47dc990 --- /dev/null +++ b/credentials/Text_in.bin @@ -0,0 +1,8 @@ +We are responsible for the development and maintenance of specifications for Secure Elements (SEs) in a multi-application capable environment, +the integration into such an environment, as well as the secure provisioning of services making use of SEs. + +Our work includes the development and maintenance of specifications for the SE and its interface to the outside world for use in telecommunication systems, +for general telecommunication purposes as well as for Machine-to-Machine (M2M)/Internet of Things (IoT) communications. +The committee’s work comprises the interface, +procedures and protocol specifications between the SE and entities (remote or local) used in its management. It also includes interfaces, +procedures and protocol specifications used between such entities for the secure provisioning and operation of services making use of the SE. \ No newline at end of file diff --git a/credentials/aAAS-OP-AUTHENTICATE-Service-Command.der b/credentials/aAAS-OP-AUTHENTICATE-Service-Command.der new file mode 100644 index 0000000000000000000000000000000000000000..be224d7e5c72e3758c2093f8b20528c5fbc75c38 GIT binary patch literal 2257 zcmYdl;yAmsiR0vgCXSY>{G%?C7Xk6aF$Y2ma zshFf4k6WtVaBHKcMSpp%qnLZ4zkx)9fX&avmkSTMn@?)@)@--4Yi(p?Y+__s$;HM2 zwv&aKX@!D;92;|}tTH3xe-@EDX1v=Me%m8DOY(1?w!>0^8S5I`79y!$l)_}-)X1)H zvOvb^)7{F1lQ*N7H<+8`&WkAi`R76Roac*Tw?EslLDpz_-Iu4oBnud4o9t&Y5Yh~6 z%zh<5Lt4FOgKU`W!pHnU*B`FZkUy{HcsOx(hq>B=3xikX&I9ZOCoF$;KSY!Y0h*7G%h4zzyPX@UR3pIy)Ll7>I$m z%sl+AA;F%y!NCE#j*gDH&Yp&X2K*oyE*=h$jGljxyP<#qA4rIshaIFYB*e`?PMp`s z(7@2Z(9p=hz`!61#5FX6b7^aN71s2?&78!*;(C963J?Bb;_ zXPH*&+d03iU8lBv_4}6zW=DP3)^j~65N_Yg-jdp5!+ZMas%_^LPc5=7;(z12YxnFz z-zOhxCcJ40d>EjSb?j>6TDgbaEP?u(J4+Tf&N676ZlDKB4GN&tpkkn8puon;!Z0U@ z(Lmfll#N51jggg=or%eSlZQPsMYkwFC)Gd*q+S@Lp2L8Rk?}t$u9QGx;1nfcAl4vq z_Id8NL#F$eGxdlGOCNp4{HABEyMZi74Ihgb3wCKxtjO|%jAdbFVsAi>e&%!rgA^u% z*qsr-J6^u#4&Ex@ER*fJh$S+>zq-v=Q=7@4 zENkPY7i$A^BNFbl==2!b_&eM|Z?Y;52($YdaGAc>R+ zd3m^@i4c^(u_QzW1JV*AuhFE3tOercbrTCCDirG%$8+VGf{O?I2{A=D|BLC7nLlG^ z{k?nig8SCgC2Ak%y(tX2<($g**VWxx%T(R)#?NgVQ+dys%sE}+!DOIicE0WF>}$Lo z>kcoJvOC-VxV`MyF_xQlR#xSco@@9V**e4iZ;;1xJ{`Tqo4y1YXBspy^%yiU2}2Vi zD-{wVk!gV@3DMP+;)EEfv|yV!%O$CvDD?9Rox*e#^*;%95eQJzG1xc768ugrrH1i literal 0 HcmV?d00001 diff --git a/credentials/aAAS-OP-AUTHENTICATE-Service-Response.der b/credentials/aAAS-OP-AUTHENTICATE-Service-Response.der new file mode 100644 index 0000000000000000000000000000000000000000..6b5775f92b85ec7455a7f990baa9969be053b522 GIT binary patch literal 300 zcmYdnV$@jL#Hg~ciBVx;6Qj(6#^nu+3|6sqtv%SKG6dOXyJ4 z&RT!9$?9R>bzD8Ztmo$Qg-EIwr7#&JY6`xw`hIS~ zvaUT0v5O=Q9Q=Rx;IZ`_EZq{n-j;V730TkC)I255f1VlpTb*;C@Qq4x5IzlAKUNmr#yRb%5>|2Im%b(`cGy701u#fQ~&?~ literal 0 HcmV?d00001 diff --git a/credentials/aAAS-OP-GET-CHALLENGE-Service-Command.der b/credentials/aAAS-OP-GET-CHALLENGE-Service-Command.der new file mode 100644 index 0000000000000000000000000000000000000000..b2b9e0cd0648b4863aa3426c6a5cb67c65e938c4 GIT binary patch literal 4 LcmYddTE+kX0^R`& literal 0 HcmV?d00001 diff --git a/credentials/aAAS-OP-GET-CHALLENGE-Service-Response.der b/credentials/aAAS-OP-GET-CHALLENGE-Service-Response.der new file mode 100644 index 0000000000000000000000000000000000000000..2b8d4c506799dd1835609a36318c8aee55f30d5c GIT binary patch literal 1978 zcmYdnV&Ar`iG9<;CiZm=0yaMvUoJf4Za%5qTeIEHu61D(`wW97rh0=WCiVr)OpHuS zjEn|cY#dr`9_MUXn3)Ws4Y>_C*_cCF*o2wff(&^LxIr8a9+m({XGcQ`12GVnnTOvs zB-m3oI5-Hxw}70|{~Su!Gcvgt!^ViSrs68WxQ0e>E^RHZG7w>72m6zWk&RPZg_)U&gOQP&If;SA_5OlQ8M}G7Gj_M+s-SV zT4Yg*wx0hau2&%0`)a_mMm_ZWzaa?K#z?%R91nJ z@jr`-fs%m&8!HRLoFGO6aRX5{4sA9@R#tW10*NVu#3T&F8br=M&;54DbpLXu9x-9*qtBS%^sIF^kOisXV-aJ)E)9wmS$>ca zEX+*o4am{YoW@{~%%pGjy4G-acK@xGdzz)WK{o^XGn$+QU(~!Zix4_gb7Lc)+KWq~ zE;&xcuQq3&{oj6v$-r7G@2IlLWiJS2BHxUodNalY8t2; zsIswvlOUskw1Fg28sz2ShNeN?#KdAO>5##Iv~+mY^xK#9E4B$T&tiCMmDsd^VdVrf zaOr?69i}rFq%aw%Y~0Cu#-)MhY0=jR7sV5^c`mfCeDdm7cdMt~q&u1WUKX$GZt=^W z#h0cm-ZVRM{&^;Yq#P&Lo&>i`()Xsw`x-kuvR?AE>!^LCX!Dji^A}}&Jtmy?uqW(T zss8-s58tS^zIHWeV(KtxV&aD;L{=&!L?Y7yO%kH3E5!*hVM0pbDNg?7wr>)C_1~DA zeXQu`WaFhzm~K9my!?*I@936WOQs)4V=`n65iac!u@jOxIO%!+kE4NwxdwAi2Jx!R zXF9N3sNLNmXG@52^>TIVcE^e7XA}0CZ(HLy-K)zxWO3sngU0y=Ht>W9stWYj*dYm# z(LmWi5h*2#@(3fPMBU=lqO#27R0AH6Zg9!SWPp(tu_iV|nP}#?c3QKHkxFg&%S9KX z(t?)t+P)%HUYH>`KJ{djgWZSUQRlQDBlI$pgqUn{>{{<6rTv=v8{ z6Sl4USHzh8lF2|Ju5js%^Lz#k4Gh~4^B-P*;5b9<)&*5P4SU#DPU@_fyH3Zg%&6Bs NUhG-<+J!s^QvtX^JqZ8+ literal 0 HcmV?d00001 diff --git a/private_keys/ATK-AAA-ECKA-private-key.der b/private_keys/ATK-AAA-ECKA-private-key.der new file mode 100644 index 0000000000000000000000000000000000000000..26bcf0ac29bc3323410846c2fd58c0653f60af28 GIT binary patch literal 122 zcmXr0U}9usQBZudpn~;t*#v2httO4};;(A7zPC=f^6{2HqF%O#9_yI}+-#iMD$LAG z9E^E`d%RTTSu?NvekY#<)ARd6LJq&)bI+pb`NIAM+-#iMD$LAG z9E^)1h ex;7cDITo*dv3d3*Y3muE{7>mtrF!&Q9I@IPd+#HxYh3KjJR6 z8%AzDplvGOba??c8>hAkGcywhBO~|16y_ub7MZjhiN(`xW#Y|JTt6P1d4X@Gm+B@* z)5}W?E@Z`s=NUaclXT|nmUW$CzBW&d*Sc98Ymo070m1gnpS4F(yn`3%UxPtwubT0t)4onUJ literal 0 HcmV?d00001 diff --git a/private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.pem b/private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.pem new file mode 100644 index 0000000..6523c2f --- /dev/null +++ b/private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PRIVATE KEY----- +MIGoAgEBBDA8wK4BXTmZTCypQrC3T2Qp1e8fhznxxZj0gLCl7Fib3Os2Dcin9t7i +j9B5nUc1bXmgCwYJKyQDAwIIAQELoWQDYgAEGat3yHgu9J+YrzwjQohzAFHMtjpJ +2uKQK+icRINJu2eWSE1hBIZXxsBSwzi/w9QeX6iAUqdgJc1jTXk3pr1sHcrcuzMN +hW88GIwnKiMa6+AS8xT/rNcilkF+nbzt+2oK +-----END EC PRIVATE KEY----- diff --git a/private_keys/ETSI-SSP-AAA-CA-private-key.der b/private_keys/ETSI-SSP-AAA-CA-private-key.der new file mode 100644 index 0000000000000000000000000000000000000000..bb24e2993985a33d4929ff02fd3bed85357bce27 GIT binary patch literal 171 zcmXqLT*1W1$YNk~U>#$uhAkGcywhBO~|16y_ub7RlA+Co1&5%%8E|M%k&Om?7}YHY?9t zk0xlpnB&syxjTKDhi@WFTlld9L5D5&AHE_NzoH>%d4lTMWZz2jWqWgEPu|7)%*O>?Z9yXWoiEG_`sKuk^m literal 0 HcmV?d00001 diff --git a/private_keys/ETSI-SSP-AAA-CA-private-key.pem b/private_keys/ETSI-SSP-AAA-CA-private-key.pem new file mode 100644 index 0000000..6523c2f --- /dev/null +++ b/private_keys/ETSI-SSP-AAA-CA-private-key.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PRIVATE KEY----- +MIGoAgEBBDA8wK4BXTmZTCypQrC3T2Qp1e8fhznxxZj0gLCl7Fib3Os2Dcin9t7i +j9B5nUc1bXmgCwYJKyQDAwIIAQELoWQDYgAEGat3yHgu9J+YrzwjQohzAFHMtjpJ +2uKQK+icRINJu2eWSE1hBIZXxsBSwzi/w9QeX6iAUqdgJc1jTXk3pr1sHcrcuzMN +hW88GIwnKiMa6+AS8xT/rNcilkF+nbzt+2oK +-----END EC PRIVATE KEY----- diff --git a/private_keys/ETSI-SSP-AAA-CI-private-key.der b/private_keys/ETSI-SSP-AAA-CI-private-key.der new file mode 100644 index 0000000000000000000000000000000000000000..7e86bf44f94fbba6a0560367a0a89883e3475afa GIT binary patch literal 171 zcmXqLT*1W1$YRhnfX-{9g|9n|2HPZ zeV5S|`sooleE~Ncr?v_+GZP0RBlp4-<|GCd*ZT`LW$fnR&e$n%Q{u<3P^;``7cYG| z%d}G8&iQ5SI<@Vq-@i;SJL5go4$aXjZ<5NnVE@$k&%003Ud+zOQh0*ZQ?AKqYA%e-mZ(dojbWFSG~FR^!4_ZPh7h0v&D1oyv=Vi_dp6oC>y+6ig-r?^ai=#enjlbczfSZj|TZNgK ziGz`meW44p69Y?>-^m^RA9Y_IepSLOqUQ9}Y3r`Nb39G|h$?^k|KH)glE-&})83~{ e6E1O`=*)e`CTW!MM?qKhv5#BrU;C4qt)c+BD>FU- literal 0 HcmV?d00001 diff --git a/private_keys/ETSI-SSP-AAS-CA-private-key.der b/private_keys/ETSI-SSP-AAS-CA-private-key.der new file mode 100644 index 0000000000000000000000000000000000000000..d25929b62d8b038b39bd7ce83782c86257a71ad4 GIT binary patch literal 171 zcmXqLT*1W1$YNk9{b)P?g@28E8gmOU0tzO%ga-9 zs)zokr`O9?-(JAY#;L8s%*@2W$jH4gg*l0VrTcp&)0g-Kv*uSWkI{dB`}s?r56p}g z=HH0k%(l;ZT9U<-sf7_!WzfX-{9g|9n|2HPZ zeV5S|`sooleE~Ncr?v_+GZP0RBlp4-<|GCd*ZT`LW$fnR&e$n%Q{u<3P^;``7cYG| z%d}G8&iQ5SI<@Vq-@i;SJL|;egCmSz) z!gTYgwTuKbx@EeA^nw>0VvlApm%CNIU=l literal 0 HcmV?d00001 diff --git a/private_keys/ETSI-SSP-AAS-EE-private-key.pem b/private_keys/ETSI-SSP-AAS-EE-private-key.pem new file mode 100644 index 0000000..51ce8d4 --- /dev/null +++ b/private_keys/ETSI-SSP-AAS-EE-private-key.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PRIVATE KEY----- +MIGoAgEBBDA5BhKos6R4rCkV0z4wa0ba/sML/+G9dXI5w2wqb90Bh3Z9wzdUe4MT ++ROwQ30/zMugCwYJKyQDAwIIAQELoWQDYgAEYJBkccoJD6c97GD6j9ida8Zy+ZMz +peQC2eUZ0+4CTsW02qSXwGYCMQFUE3WMFD4SHMGS54/4xVFxbTCcyVINJp8CwLsS +h0dAbLRUM3unJzuHQZFnzWC9N7asQZdKiktU +-----END EC PRIVATE KEY----- diff --git a/private_keys/ETSI-SSP-AAS-Token-private-key.der b/private_keys/ETSI-SSP-AAS-Token-private-key.der new file mode 100644 index 0000000000000000000000000000000000000000..bd6724013ae880a479dc614f7f13b89b3200106d GIT binary patch literal 122 zcmXr0U}9usQHbpLSL<2zuERj|dac%!$(q$U`+e>NgzB0VojB9T>#wwcn~hUjg_)U& zgOQPap$oGU1B;ycxyPG!cbZ&W*JWTBYH;?2+fw=GNtf%VoIK0ER>o|Dmgx=_>39a$ d?Iv3-B_;`<-4VmAv0|Q*)a~5&25kNk#sG}JEb;&V literal 0 HcmV?d00001 diff --git a/private_keys/ETSI-SSP-CI-private-key.pem b/private_keys/ETSI-SSP-CI-private-key.pem new file mode 100644 index 0000000..f555c8a --- /dev/null +++ b/private_keys/ETSI-SSP-CI-private-key.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PRIVATE KEY----- +MIGoAgEBBDCKmNUVzADHCoVQKWyGjVLaiPyOuFtWNhcrsGUcyt75sIiSdXP/gWJe +9xwrEvlIWZegCwYJKyQDAwIIAQELoWQDYgAERd+gsmi7DAtouRDZGPj6VTpr5tHS +9M0CqS8+Q+l9ria3q+/pYDbFTa1/CuRwE4e9B4RljDwNy+Wqts8hyqI9cg/sTbq7 +m3FN5PB8kOyEUeFQKGrG1YGtHuGLBFEvKbl0 +-----END EC PRIVATE KEY----- diff --git a/public_keys/ETSI-SSP-AAA-CA-FAKE-public-key.der b/public_keys/ETSI-SSP-AAA-CA-FAKE-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..a0ae667ec94a3e9f6645fe00f7f259f55ac23aa9 GIT binary patch literal 124 zcmXr0G7w>7*J|@PXUoLM#;L8s%*@2W$jHr{#K0nxmLsuvx~)vSS&Hk&gEKGit@Kje z7*J|@PXUoLM#;L8s%*@2W$jHr{#K0oCy8J|i-k13^*4rpMbrdrMp4n#Q zdF#;x?H6-gnmu=?PxJ6iWN8aOb|C1m#s0%r7*J|@PXUoLM#;L8s%*@2W$jHr{#K7Wuf5E1V-8|eGI|Xh^{P-1WmHq7E zr7vfhR_fb1zpP!Swte;cmkDM^eb?4=Jt+`w-^<>T+GE3e`su1|=M_&avMu6&_XosA8IDNX$gE7ppkX#YU5hDhutiJ`kFgS08PC$%>V!Z literal 0 HcmV?d00001 diff --git a/public_keys/ETSI-SSP-AAA-CI-public-key.pem b/public_keys/ETSI-SSP-AAA-CI-public-key.pem new file mode 100644 index 0000000..d1fa2b9 --- /dev/null +++ b/public_keys/ETSI-SSP-AAA-CI-public-key.pem @@ -0,0 +1,5 @@ +-----BEGIN PUBLIC KEY----- +MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABEXfoLJouwwLaLkQ2Rj4+lU6a+bR +0vTNAqkvPkPpfa4mt6vv6WA2xU2tfwrkcBOHvQeEZYw8DcvlqrbPIcqiPXIP7E26 +u5txTeTwfJDshFHhUChqxtWBrR7hiwRRLym5dA== +-----END PUBLIC KEY----- diff --git a/public_keys/ETSI-SSP-AAA-EE-FAKE-public-key.der b/public_keys/ETSI-SSP-AAA-EE-FAKE-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..2b1e1a4ea9596b859dff1ff1b4036c38500463d1 GIT binary patch literal 124 zcmXr0G7w>7*J|@PXUoLM#;L8s%*@2W$jHr{#K01%v|yV!%O$CvDD?9Rox*e# f^*;7*J|@PXUoLM#;L8s%*@2W$jHr{#K01%v|yV!%O$CvDD?9Rox*e# f^*;7*J|@PXUoLM#;L8s%*@2W$jHr{#K6-1y^`rm{DN8YE0@RUzrX$bCC>+D z#tZXrL~mx>XFV;+V#?IQh^aE_B?l(S%$t}LRuRMvB&nphTEDJK1EJ0OGP-_HnaEx0E{XxSpWb4 literal 0 HcmV?d00001 diff --git a/public_keys/ETSI-SSP-AAS-CA-public-key.pem b/public_keys/ETSI-SSP-AAS-CA-public-key.pem new file mode 100644 index 0000000..d28db88 --- /dev/null +++ b/public_keys/ETSI-SSP-AAS-CA-public-key.pem @@ -0,0 +1,5 @@ +-----BEGIN PUBLIC KEY----- +MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABIv3eQL0X6Can3mnXC/v2+fpDPAD +AdCf2FuzBr47lmI4lJVxWJUcJ3TAkhyekWJWeFILX1A0ZTYkHwO5J3a4UiL8yZfi +lvnlWlgF9HkMM0i3cYDbKThMckJEpRQJhrMETw== +-----END PUBLIC KEY----- diff --git a/public_keys/ETSI-SSP-AAS-CI-public-key.der b/public_keys/ETSI-SSP-AAS-CI-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..8eced246003e4479f04f0d22a61cd47673910e44 GIT binary patch literal 124 zcmXr0G7w>7*J|@PXUoLM#;L8s%*@2W$jHr{#K7Wuf5E1V-8|eGI|Xh^{P-1WmHq7E zr7vfhR_fb1zpP!Swte;cmkDM^eb?4=Jt+`w-^<>T+GE3e`su1|=M_&avMu6&_XosA8IDNX$gE7ppkX#YU5hDhutiJ`kFgS08PC$%>V!Z literal 0 HcmV?d00001 diff --git a/public_keys/ETSI-SSP-AAS-CI-public-key.pem b/public_keys/ETSI-SSP-AAS-CI-public-key.pem new file mode 100644 index 0000000..d1fa2b9 --- /dev/null +++ b/public_keys/ETSI-SSP-AAS-CI-public-key.pem @@ -0,0 +1,5 @@ +-----BEGIN PUBLIC KEY----- +MHowFAYHKoZIzj0CAQYJKyQDAwIIAQELA2IABEXfoLJouwwLaLkQ2Rj4+lU6a+bR +0vTNAqkvPkPpfa4mt6vv6WA2xU2tfwrkcBOHvQeEZYw8DcvlqrbPIcqiPXIP7E26 +u5txTeTwfJDshFHhUChqxtWBrR7hiwRRLym5dA== +-----END PUBLIC KEY----- diff --git a/public_keys/ETSI-SSP-AAS-EE-public-key.der b/public_keys/ETSI-SSP-AAS-EE-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..c75e564e899f09fd9dc36a513f91857faa96d841 GIT binary patch literal 124 zcmXr0G7w>7*J|@PXUoLM#;L8s%*@2W$jHr{#K4j;A*JvXC;xKWHwnM`Z_Ld;R`heS z@zN(uH=jyge#hi@bjz(J(+{LE88U_lm-dL*3CSFs^t}Ja(ZIr7gE=RIc-7`J9oQ|@ g?(UGYCB(RTxw>_`&gpFOR&EuRc6C)d^whA*d69*$BJF^o5i&oL~VjqD6CiBX6 z?mWr%!maN65tCDM7R&swPE`5ublY;-J1z4Tg#F9*=3ul^F-bcfw^Y61)<#W>{_7anpqpVaQH*=}do+Q`V*#K^Fci;V+pCkr#v3Izi>Hs(-SWk$yT zEFyQzc(*V7wnuc9*L{hydg~`CFkzLe1FgMAa z7g7B4&x7tc&lkmRf3{+0SGkq#4+l{Yrj@w0h45*)Z9KkNJbH iKU}3De_qY;aN_I^bF~M_pDsO7kWpHbu`7PF!xsQ^nsCVg literal 0 HcmV?d00001 diff --git a/tokens/ATK-AAS-ECKA.der b/tokens/ATK-AAS-ECKA.der new file mode 100644 index 0000000000000000000000000000000000000000..d43ce3f5072be4b007b2328efe47350d8aaf1208 GIT binary patch literal 288 zcmXqLVw73XxV(Xp!63>&gpFOR&EuRc6C)d^whA*d69*$BJF^o5OTr(G4Lk4LylDI1 z{!C@}s!qL)|J#dW|5*Mwvj0%a%)@rPiG0E$H6HE!YJ0YF2_1^sS?jMhSv~B#j;n`U z_dm1q1`-Vdg0{D(p4;tRwMa$nujQt5291o2O^ggHx!5?scCs)ttxzzKV`C1LRc2)T z&mv;xxOQ5zjFC!h_{&8Xqtb$w_1t{E5J~l-6efd2O~E%--_I>r*0qNrc9Fz^ga7Xy zJhq;LrCZ|H+wx8$0qa?tny1A1&og6xt8?zN+zloJl}x3VWz&{q9`ngbd2{Ydgfyd~ jzpBcL{e{cscKFZxWBdL6lxGi4nQlEWNBQbp|H&)>XL)r; literal 0 HcmV?d00001 diff --git a/ui.py b/ui.py new file mode 100644 index 0000000..8dfae1b --- /dev/null +++ b/ui.py @@ -0,0 +1,60 @@ +import sys +import getopt + +defaultConfiguration = { + 'options': 'chi:o', + 'description': ["ifile=", "ofile=", "ccommand="], + 'usage': 'Program.py -c [-i ] [-o ]' +} + + +class UI: + """Base class for a handling a public key.""" + + def __init__(self, configuration=defaultConfiguration): + """ Instiate the UI object.""" + argv = sys.argv[1:] + self.inputfile = '' + self.outputfile = '' + self.command = '' + try: + opts, args = getopt.getopt(argv, configuration['options'], + configuration['description']) + except getopt.GetoptError: + print(configuration['usage']) + sys.exit(2) + for opt, arg in opts: + if opt == '-h': + # define the usage + print(configuration['usage']) + sys.exit() + elif opt in ("-i", "--ifile"): + self.inputfile = arg + elif opt in ("-o", "--ofile"): + self.outputfile = arg + elif opt in ("-c", "--ccommand"): + self.command = arg + + def getInputFile(self): + """Get the inpufile.""" + return self.inputfile + + def getOutputFile(self): + """Get the inpufile.""" + return self.outputfile + + def getCommand(self): + """Get the inpufile.""" + return self.command + + def isInputFile(self): + """Return true if the input file exists.""" + return self.inputfile != '' + + def isCommand(self): + """Return true if the input file exists.""" + return self.command != '' + + def isOutputFile(self): + """Return true if the input file exists.""" + return self.outputfile != '' \ No newline at end of file diff --git a/viewcert.bat b/viewcert.bat new file mode 100644 index 0000000..3924cdf --- /dev/null +++ b/viewcert.bat @@ -0,0 +1,39 @@ +echo ETSI-SSP-CI-private-key >summary.txt +openssl ec -inform DER -in private_keys/ETSI-SSP-CI-private-key.der -text >>summary.txt +echo ETSI-SSP-AAA-CA-private-key >>summary.txt +openssl ec -inform DER -in private_keys/ETSI-SSP-AAA-CA-private-key.der -text >>summary.txt +echo ETSI-SSP-AAA-EE-private-key >>summary.txt +openssl ec -inform DER -in private_keys/ETSI-SSP-AAA-EE-private-key.der -text >>summary.txt +echo ETSI-SSP-AAS-CA-private-key >>summary.txt +openssl ec -inform DER -in private_keys/ETSI-SSP-AAS-CA-private-key.der -text >>summary.txt +echo ETSI-SSP-AAS-EE-private-key >>summary.txt +openssl ec -inform DER -in private_keys/ETSI-SSP-AAS-EE-private-key.der -text >>summary.txt +echo ETSI-SSP-AAA-CA-FAKE-private-key >>summary.txt +openssl ec -inform DER -in private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.der -text >>summary.txt + +echo ETSI-SSP-CI-public-key >>summary.txt +openssl ec -inform der -in private_keys/ETSI-SSP-CI-private-key.der -pubout -text >>summary.txt +echo ETSI-SSP-AAA-CA-public-key >>summary.txt +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CA-private-key.der -pubout -text >>summary.txt +echo ETSI-SSP-AAA-EE-public-key >>summary.txt +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-EE-private-key.der -pubout -text >>summary.txt +echo ETSI-SSP-AAS-CA-public-key >>summary.txt +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-CA-private-key.der -pubout -text >>summary.txt +echo ETSI-SSP-AAS-EE-public-key >>summary.txt +openssl ec -inform der -in private_keys/ETSI-SSP-AAS-EE-private-key.der -pubout -text >>summary.txt +echo ETSI-SSP-AAA-CA-FAKE-public-key >>summary.txt +openssl ec -inform der -in private_keys/ETSI-SSP-AAA-CA-FAKE-private-key.der -pubout -text >>summary.txt + +echo certificates/ETSI-SSP-CI.pem >>summary.txt +openssl x509 -in certificates/ETSI-SSP-CI.pem -text >>summary.txt +echo certificates/ETSI-SSP-AAA-CA.pem >>summary.txt +openssl x509 -in certificates/ETSI-SSP-AAA-CA.pem -text >>summary.txt +echo certificates/ETSI-SSP-AAS-CA.pem >>summary.txt +openssl x509 -in certificates/ETSI-SSP-AAS-CA.pem -text >>summary.txt +echo certificates/ETSI-SSP-AAA-EE.pem >>summary.txt +openssl x509 -in certificates/ETSI-SSP-AAA-EE.pem -text >>summary.txt +echo certificates/ETSI-SSP-AAS-EE.pem >>summary.txt +openssl x509 -in certificates/ETSI-SSP-AAS-EE.pem -text >>summary.txt + +echo certificates/ETSI-SSP-AAA-EE-FAKE.pem >>summary.txt +openssl x509 -in certificates/ETSI-SSP-AAA-EE-FAKE.pem -text >>summary.txt \ No newline at end of file -- GitLab From 8914f2fcba799bb165aedf5ec3417f6467089590 Mon Sep 17 00:00:00 2001 From: Brendan McKenna Date: Wed, 7 Jul 2021 15:29:54 +0200 Subject: [PATCH 2/3] Update Readme.md --- Readme.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Readme.md b/Readme.md index 366d71d..d6c0e93 100644 --- a/Readme.md +++ b/Readme.md @@ -2,16 +2,16 @@ ## Overview This set of programs and files aims at generating the x509v3 certificates used for the Accessor Authentication Service as described in the annex C of the [TS 103.666 part 1 V15.2.0 (2020-04)](https://www.etsi.org/deliver/etsi_ts/103600_103699/10366601/15.00.00_60/ts_10366601v150000p.pdf) . ## Installation -OpenSSL 3.0.0 shall be installed. The guidline for performing the installation are availabe in [OpenSSL](https://www.openssl.org) -Python Cryptography package shall be installed. The guidline for performing the installation are availabe in [Cryptography.io](https://cryptography.io/en/latest/installation.html) . +OpenSSL 3.0.0 shall be installed. The guidelines for performing the installation are available in [OpenSSL](https://www.openssl.org) +Python Cryptography package shall be installed. The guidelines for performing the installation are available in [Cryptography.io](https://cryptography.io/en/latest/installation.html) . ## Generation of the private and public keys -The batch file GENKEY.bat contains the OpenSSL instruction for generating the private and public keys acccording to the the annex C of the TS 103.666 part 1. +The batch file GENKEY.bat contains the OpenSSL instruction for generating the private and public keys acccording to annex C of ETSI TS 103.666 part 1. The following shell command shall be executed. `./GENKEY.bat` ## Generation of the cerficates -The followint command shall be executed. +The following command shall be executed. `python3 CreateCertificate.py -i Date: Wed, 7 Jul 2021 15:32:55 +0200 Subject: [PATCH 3/3] Update Readme.md --- Readme.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Readme.md b/Readme.md index d6c0e93..5e73c89 100644 --- a/Readme.md +++ b/Readme.md @@ -1,6 +1,6 @@ # ETSI SSP TTF x509 certificates generation ## Overview -This set of programs and files aims at generating the x509v3 certificates used for the Accessor Authentication Service as described in the annex C of the [TS 103.666 part 1 V15.2.0 (2020-04)](https://www.etsi.org/deliver/etsi_ts/103600_103699/10366601/15.00.00_60/ts_10366601v150000p.pdf) . +This set of programs and files aims at generating the x509v3 certificates used for the Accessor Authentication Service as described in annex C of the [TS 103.666 part 1 V15.2.0 (2020-04)](https://www.etsi.org/deliver/etsi_ts/103600_103699/10366601/15.00.00_60/ts_10366601v150000p.pdf) . ## Installation OpenSSL 3.0.0 shall be installed. The guidelines for performing the installation are available in [OpenSSL](https://www.openssl.org) Python Cryptography package shall be installed. The guidelines for performing the installation are available in [Cryptography.io](https://cryptography.io/en/latest/installation.html) . @@ -10,7 +10,7 @@ The following shell command shall be executed. `./GENKEY.bat` -## Generation of the cerficates +## Generation of the certificates The following command shall be executed. `python3 CreateCertificate.py -i