From f963f0ae7a920030c28db54a13885dfa1d2f4bd9 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Tue, 26 Jan 2021 14:26:43 +0200 Subject: [PATCH 01/45] DD4J-587 removeDataFile not updating manifest --- .../digidoc4j/impl/asic/AsicContainer.java | 10 ++++++ .../java/org/digidoc4j/ContainerTest.java | 32 +++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java index ac1a9f903..403c46658 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java @@ -11,6 +11,7 @@ package org.digidoc4j.impl.asic; import eu.europa.esig.dss.model.DSSDocument; +import eu.europa.esig.dss.model.InMemoryDocument; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.Configuration; @@ -53,6 +54,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; +import java.nio.charset.StandardCharsets; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; @@ -522,6 +524,10 @@ public void removeDataFile(String fileName) { String name = dataFile.getName(); if (StringUtils.equals(fileName, name)) { removeDataFileFromContainer(dataFile); + dataFilesHaveChanged = true; + if (!isNewContainer()) { + removeExistingFileFromContainer(AsicManifest.XML_PATH); + } LOGGER.info("Data file named '{}' has been removed", fileName); return; } @@ -537,6 +543,10 @@ public void removeDataFile(DataFile file) { if (!wasRemovalSuccessful) { throw new DataFileNotFoundException(file.getName()); } + dataFilesHaveChanged = true; + if (!isNewContainer()) { + removeExistingFileFromContainer(AsicManifest.XML_PATH); + } LOGGER.info("Data file named '{}' has been removed", file.getName()); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java index 4107a9832..44f783955 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java @@ -12,6 +12,7 @@ import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.FileUtils; +import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.exceptions.DataFileNotFoundException; import org.digidoc4j.exceptions.DigiDoc4JException; @@ -20,6 +21,8 @@ import org.digidoc4j.exceptions.OCSPRequestFailedException; import org.digidoc4j.exceptions.RemovingDataFileException; import org.digidoc4j.impl.asic.asice.bdoc.BDocContainer; +import org.digidoc4j.impl.asic.asice.bdoc.BDocContainerBuilder; +import org.digidoc4j.impl.asic.manifest.AsicManifest; import org.digidoc4j.impl.ddoc.ConfigManagerInitializer; import org.digidoc4j.impl.ddoc.DDocContainer; import org.digidoc4j.test.TestAssert; @@ -34,10 +37,13 @@ import java.io.File; import java.io.FileInputStream; import java.io.IOException; +import java.io.InputStream; import java.nio.charset.StandardCharsets; import java.nio.file.Paths; import java.security.cert.CertificateEncodingException; import java.util.List; +import java.util.zip.ZipEntry; +import java.util.zip.ZipInputStream; public class ContainerTest extends AbstractTest { @@ -134,6 +140,32 @@ public void testAddOneFileToContainerForBDoc() throws Exception { Assert.assertEquals("text/plain", dataFiles.get(0).getMediaType()); } + @Test + public void removeDataFileRemovesFileFromManifest() throws IOException { + Container nonEmptyContainer = this.createNonEmptyContainer(); + Container container = BDocContainerBuilder + .aContainer() + .fromStream(nonEmptyContainer.saveAsStream()) + .withConfiguration(configuration) + .build(); + + container.removeDataFile(container.getDataFiles().get(0)); + + InputStream inputStream = container.saveAsStream(); + boolean manifestVerified = false; + try (ZipInputStream zis = new ZipInputStream(inputStream)) { + ZipEntry zipEntry; + while ((zipEntry = zis.getNextEntry()) != null) { + if (zipEntry.getName().equals(AsicManifest.XML_PATH)) { + manifestVerified = true; + String manifestContent = IOUtils.toString(zis, StandardCharsets.UTF_8); + Assert.assertFalse(manifestContent.contains(" Date: Tue, 26 Jan 2021 15:03:42 +0200 Subject: [PATCH 02/45] DD4J-572 remove invalid OCSP default behaviour when configuraion is not available --- .../src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java b/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java index 801988e5f..8da99911f 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java @@ -117,7 +117,7 @@ public String getAccessLocation(X509Certificate certificate) { if (getConfiguration() != null) { return getConfiguration().getOcspSource(); } - return Constant.Test.OCSP_SOURCE; + throw new ConfigurationException("Configuration needed for OCSP request"); } /* From 8958f7ba7836abe5f6d0caa37080d17431684c74 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Wed, 27 Jan 2021 11:20:01 +0200 Subject: [PATCH 03/45] DD4J-645 addTSLCertificate serviceType identification fix --- .../impl/asic/tsl/TSLCertificateSourceImpl.java | 2 +- .../org/digidoc4j/impl/bdoc/ValidationTest.java | 14 ++++++++++++++ .../testFiles/certs/DEMO_OF_SK_TSA_2014.cer | Bin 0 -> 1049 bytes 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 digidoc4j/src/test/resources/testFiles/certs/DEMO_OF_SK_TSA_2014.cer diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/tsl/TSLCertificateSourceImpl.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/tsl/TSLCertificateSourceImpl.java index 78bbfa3d1..f3ee6a7ba 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/tsl/TSLCertificateSourceImpl.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/tsl/TSLCertificateSourceImpl.java @@ -163,7 +163,7 @@ private String getCN(X509Certificate certificate) { private String getServiceType(X509Certificate certificate) { try { List extendedKeyUsage = certificate.getExtendedKeyUsage(); - if (extendedKeyUsage != null) { + if (extendedKeyUsage != null && certificate.getBasicConstraints() == -1) { if (extendedKeyUsage.contains(SKOnlineOCSPSource.OID_OCSP_SIGNING)) { return "http://uri.etsi.org/TrstSvc/Svctype/Certstatus/OCSP/QC"; } diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 683fd8aa5..5c9d789f6 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -101,6 +101,20 @@ public void testValidate() throws Exception { Assert.assertEquals(0, container.validate().getErrors().size()); } + @Test + public void validCAServiceTypeIdentification() { + this.configuration = Configuration.of(Configuration.Mode.PROD); + TSLCertificateSource source = this.configuration.getTSL(); + Container container = ContainerBuilder.aContainer(). + fromExistingFile("src/test/resources/testFiles/valid-containers/valid-asice.asice"). + withConfiguration(this.configuration).build(); + this.addCertificateToTSL(Paths.get("src/test/resources/testFiles/certs/TEST_of_ESTEID-SK_2015.pem.crt"), source); + this.addCertificateToTSL(Paths.get("src/test/resources/testFiles/certs/SK-OCSP-RESPONDER-2011_test.cer"), source); + this.addCertificateToTSL(Paths.get("src/test/resources/testFiles/certs/DEMO_OF_SK_TSA_2014.cer"), source); + ContainerValidationResult result = container.validate(); + Assert.assertTrue(result.isValid()); + } + @Test public void testValidateBeforeAndAfterContainerChange() { Container container = this.createNonEmptyContainer(); diff --git a/digidoc4j/src/test/resources/testFiles/certs/DEMO_OF_SK_TSA_2014.cer b/digidoc4j/src/test/resources/testFiles/certs/DEMO_OF_SK_TSA_2014.cer new file mode 100644 index 0000000000000000000000000000000000000000..5dc31def6db908e131f33cc612b370ed17976060 GIT binary patch literal 1049 zcmXqLVi7fHV*0y)nTe5!Nx*N-?;Pbn(S0GT({^vS4)!tNW#iOp^Jx3d%gD&h%3x4y z$Zf#M#vIDRCd}mOYN%wO0OD}*NIC{91g932WTs`76sM*ZW#(oUXQvitmlhiu80dl2 zF!QK~xCVzPOL-!z@r!#=Nu zPn$o~^Sj%t@Bfcp_#v>Q)r6xtTxhn!nrNYf$|YQCdebDsCPc_Ctged+6Z$E>Y~DYf z>;Bbj(wx_JnWZG(vUFYL79Lmkci)x$?;b}sIvhRlD|cP8vaewB54DXsT=}`X+-m+W zEox@{-FvU6`tHaI zjcX0~fZ-_1&&c?ng@u`k?Eo-JfqYdE9~9yo+H8!htnADj2C^V=J{B<+5p|Y1sXWEg zZ6<{+3*V>uQgg!9CwC0wLDI@Bz$DQivekrZ?oxe$qt6xj_8r-n>MqS(_Rqi>q(Gj< z#=y$JVu9HLlQyG_l9GaAD}DX)@^U?Jve7R}EyypqO-)WN zN>0=RiXcZSFqH!%m64%q%S~0U1Ajvn1ub5|BKKA`;?D}D-w(GX&RW(mXtcy^8m+xfq(&BjFhF$gi4- Date: Thu, 28 Jan 2021 10:37:15 +0200 Subject: [PATCH 04/45] DD4J-578 default container builder bdoc->asice --- .../main/java/org/digidoc4j/ContainerBuilder.java | 6 +++--- .../src/test/java/org/digidoc4j/AbstractTest.java | 2 +- .../src/test/java/org/digidoc4j/AiaOcspTest.java | 2 +- .../java/org/digidoc4j/ContainerBuilderTest.java | 11 ++++++----- .../src/test/java/org/digidoc4j/ContainerTest.java | 2 +- .../java/org/digidoc4j/SignatureBuilderTest.java | 12 ++++++------ .../org/digidoc4j/impl/bdoc/BDocContainerTest.java | 4 ++-- .../org/digidoc4j/impl/bdoc/UriEncodingTest.java | 3 ++- .../org/digidoc4j/test/util/TestDataBuilderUtil.java | 4 ++-- 9 files changed, 24 insertions(+), 22 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/ContainerBuilder.java b/digidoc4j/src/main/java/org/digidoc4j/ContainerBuilder.java index 8b15a4b6e..6e7234795 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/ContainerBuilder.java +++ b/digidoc4j/src/main/java/org/digidoc4j/ContainerBuilder.java @@ -71,12 +71,12 @@ public abstract class ContainerBuilder { private DataFile timeStampToken; /** - * Create a new BDoc container builder. + * Create a new ASICE container builder. * - * @return builder for creating or opening a BDOC(ASICE) container. + * @return builder for creating or opening a ASICE container. */ public static ContainerBuilder aContainer() { - return aContainer(Container.DocumentType.BDOC); + return aContainer(Container.DocumentType.ASICE); } /** diff --git a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java index d71a39dbb..a3871e88c 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java @@ -230,7 +230,7 @@ protected Container createNonEmptyContainer() { } protected Container createNonEmptyContainerByConfiguration() { - return ContainerBuilder.aContainer().withConfiguration(this.configuration) + return ContainerBuilder.aContainer(BDOC).withConfiguration(this.configuration) .withDataFile(this.createTemporaryFileBy("TOP SECRET").getPath(), "text/plain").build(); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/AiaOcspTest.java b/digidoc4j/src/test/java/org/digidoc4j/AiaOcspTest.java index 88c8b8e1f..c68199652 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/AiaOcspTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/AiaOcspTest.java @@ -44,7 +44,7 @@ public void bdocContainerIgnoresAiaOcsp() { Configuration configuration = new Configuration(Configuration.Mode.TEST); configuration.setPreferAiaOcsp(true); File testFile1 = this.createTemporaryFileBy("testFile.txt", "TEST"); - Container container = ContainerBuilder.aContainer() + Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC) .withDataFile(testFile1.getPath(), "text/plain") .withConfiguration(configuration) .build(); diff --git a/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java b/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java index a372249e3..f149f8a5a 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java @@ -15,6 +15,7 @@ import org.apache.commons.lang3.StringUtils; import org.digidoc4j.exceptions.InvalidDataFileException; import org.digidoc4j.exceptions.NotSupportedException; +import org.digidoc4j.impl.asic.asice.AsicEContainer; import org.digidoc4j.impl.asic.asice.bdoc.BDocContainer; import org.digidoc4j.impl.ddoc.DDocContainer; import org.digidoc4j.test.CustomConfiguration; @@ -42,7 +43,7 @@ public class ContainerBuilderTest extends AbstractTest { public void buildEmptyContainer() throws Exception { ContainerBuilder builder = ContainerBuilder.aContainer(); Container container = builder.build(); - Assert.assertEquals("BDOC", container.getType()); + Assert.assertEquals("ASICE", container.getType()); Assert.assertTrue(container.getDataFiles().isEmpty()); Assert.assertTrue(container.getSignatures().isEmpty()); } @@ -56,7 +57,7 @@ public void buildEmptyDDocContainer() throws Exception { public void buildBDocContainer() throws Exception { this.configuration = new Configuration(Configuration.Mode.TEST); this.configuration.setTspSource("test-value"); - Container container = ContainerBuilder.aContainer().withConfiguration(this.configuration).build(); + Container container = ContainerBuilder.aContainer(BDOC).withConfiguration(this.configuration).build(); BDocContainer bDocContainer = (BDocContainer) container; Assert.assertEquals("BDOC", container.getType()); Assert.assertEquals("test-value", bDocContainer.getConfiguration().getTspSource()); @@ -167,7 +168,7 @@ public void buildCustomContainerWithCustomImplementation() throws Exception { @Test public void overrideExistingBDocContainerImplementation() throws Exception { - ContainerBuilder.setContainerImplementation("BDOC", CustomContainer.class); + ContainerBuilder.setContainerImplementation("ASICE", CustomContainer.class); Container container = ContainerBuilder.aContainer().build(); Assert.assertEquals("TEST-FORMAT", container.getType()); } @@ -184,10 +185,10 @@ public void useExtendedBDocContainerImplementation() throws Exception { @Test public void clearCustomContainerImplementations_shouldUseDefaultContainerImplementation() throws Exception { - ContainerBuilder.setContainerImplementation("BDOC", BDocContainer.class); + ContainerBuilder.setContainerImplementation("ASICE", AsicEContainer.class); ContainerBuilder.removeCustomContainerImplementations(); Container container = ContainerBuilder.aContainer().build(); - Assert.assertEquals("BDOC", container.getType()); + Assert.assertEquals("ASICE", container.getType()); } @Test diff --git a/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java index 44f783955..a179db510 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ContainerTest.java @@ -593,7 +593,7 @@ public void mustBePossibleToCreateAndVerifyContainerWhereDigestAlgorithmIsSHA224 public void constructorWithConfigurationParameter() throws Exception { Container container = ContainerBuilder.aContainer(). withConfiguration(Configuration.getInstance()).build(); - Assert.assertEquals("BDOC", container.getType()); + Assert.assertEquals("ASICE", container.getType()); } @Test diff --git a/digidoc4j/src/test/java/org/digidoc4j/SignatureBuilderTest.java b/digidoc4j/src/test/java/org/digidoc4j/SignatureBuilderTest.java index e8be5edf2..c7fdf0783 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/SignatureBuilderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/SignatureBuilderTest.java @@ -91,11 +91,11 @@ public void signDocumentExternallyTwice() throws Exception { Container container = this.createNonEmptyContainer(); DataToSign dataToSign = TestDataBuilderUtil.buildDataToSign(container, "S0"); Signature signature = TestDataBuilderUtil.makeSignature(container, dataToSign); - this.assertSignatureIsValid(signature); + this.assertSignatureIsValid(signature, SignatureProfile.LT); DataToSign dataToSign2 = TestDataBuilderUtil.buildDataToSign(container, "S1"); Signature signature2 = TestDataBuilderUtil.makeSignature(container, dataToSign2); - this.assertSignatureIsValid(signature2); - container.saveAsFile(this.getFileBy("bdoc")); + this.assertSignatureIsValid(signature2, SignatureProfile.LT); + container.saveAsFile(this.getFileBy("asice")); } @Test @@ -108,7 +108,7 @@ public void signContainerWithSignatureToken() throws Exception { container.addSignature(signature); Assert.assertTrue(signature.validateSignature().isValid()); container.saveAsFile(this.getFileBy("bdoc")); - this.assertSignatureIsValid(signature); + this.assertSignatureIsValid(signature, SignatureProfile.LT_TM); Assert.assertEquals("Tallinn", signature.getCity()); Assert.assertEquals("Harjumaa", signature.getStateOrProvince()); Assert.assertEquals("13456", signature.getPostalCode()); @@ -897,9 +897,9 @@ private Signature openAdESSignature(Container container) throws IOException { return SignatureBuilder.aSignature(container).openAdESSignature(signatureBytes); } - private void assertSignatureIsValid(Signature signature) { + private void assertSignatureIsValid(Signature signature, SignatureProfile expectedSignatureProfile) { Assert.assertNotNull(signature.getOCSPResponseCreationTime()); - Assert.assertEquals(SignatureProfile.LT_TM, signature.getProfile()); + Assert.assertEquals(expectedSignatureProfile, signature.getProfile()); Assert.assertNotNull(signature.getClaimedSigningTime()); Assert.assertNotNull(signature.getAdESSignature()); Assert.assertTrue(signature.getAdESSignature().length > 1); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java index 5b70a90ca..1dc08fcd1 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java @@ -1026,7 +1026,7 @@ public void settingUpOwnSignaturePolicy() throws Exception { signaturePolicy.setQualifier(qualifier); signaturePolicy.setDigestAlgorithm(digestAlgorithm); signaturePolicy.setSpuri(spuri); - Container container = ContainerBuilder.aContainer().build(); + Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC).build(); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); Signature signature = SignatureBuilder.aSignature(container).withOwnSignaturePolicy(signaturePolicy). withSignatureDigestAlgorithm(DigestAlgorithm.SHA224).withSignatureToken(this.pkcs12SignatureToken). @@ -1045,7 +1045,7 @@ public void settingUpOwnSignaturePolicy() throws Exception { @Test public void containerWithSignaturePolicyByDefault() throws Exception { - Container container = ContainerBuilder.aContainer().build(); + Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC).build(); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); Signature signature = SignatureBuilder.aSignature(container).withSignatureDigestAlgorithm(DigestAlgorithm.SHA224). withSignatureToken(this.pkcs12SignatureToken).withSignatureProfile(SignatureProfile.LT_TM).invokeSigning(); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/UriEncodingTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/UriEncodingTest.java index 5e2c93bbb..c9409b47b 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/UriEncodingTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/UriEncodingTest.java @@ -12,6 +12,7 @@ import org.apache.xml.security.signature.Reference; import org.digidoc4j.*; +import org.digidoc4j.impl.asic.asice.AsicESignature; import org.digidoc4j.impl.asic.asice.bdoc.BDocSignature; import org.digidoc4j.test.util.TestDataBuilderUtil; import org.junit.Assert; @@ -61,7 +62,7 @@ public void validateContainer_withWhitespaceEncodedAsPlus_shouldBeValid() throws private void signAndAssert(String fileName, String expectedEncoding) { Signature signature = sign(fileName); Assert.assertTrue(signature.validateSignature().isValid()); - List referencesInSignature = ((BDocSignature) signature).getOrigin().getReferences(); + List referencesInSignature = ((AsicESignature) signature).getOrigin().getReferences(); Assert.assertEquals(expectedEncoding, referencesInSignature.get(0).getURI()); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/util/TestDataBuilderUtil.java b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestDataBuilderUtil.java index b26678d16..13bea7489 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/test/util/TestDataBuilderUtil.java +++ b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestDataBuilderUtil.java @@ -49,7 +49,7 @@ public static Container createContainerWithFile(String dataFilePath) { } public static Container createContainerWithFile(String dataFilePath, String mimeType) { - return ContainerBuilder.aContainer().withConfiguration(new Configuration(Configuration.Mode.TEST)). + return ContainerBuilder.aContainer(Container.DocumentType.BDOC).withConfiguration(new Configuration(Configuration.Mode.TEST)). withDataFile(dataFilePath, mimeType).build(); } @@ -96,7 +96,7 @@ private static Container populateContainerBuilderWithFile(ContainerBuilder build private static SignatureBuilder prepareDataToSign(Container container) { return SignatureBuilder.aSignature(container).withSignatureDigestAlgorithm(DigestAlgorithm.SHA256). - withSignatureProfile(SignatureProfile.LT_TM).withSigningCertificate(TestSigningUtil.getSigningCertificate()); + withSignatureProfile(SignatureProfile.LT).withSigningCertificate(TestSigningUtil.getSigningCertificate()); } public static File createTestFile(TemporaryFolder testFolder) throws IOException { From afdeb0497b14a3c0acdddd94682adbb8019b9f7f Mon Sep 17 00:00:00 2001 From: siimsuu Date: Fri, 29 Jan 2021 16:11:00 +0200 Subject: [PATCH 05/45] DD4J-641 better ocsp responder certificate search --- .../digidoc4j/impl/SKOnlineOCSPSource.java | 19 ++++----- .../impl/SKOnlineOCSPSourceTest.java | 39 ++++++++++--------- .../resources/testFiles/certs/d-trust-ca.cer | 3 ++ 3 files changed, 31 insertions(+), 30 deletions(-) create mode 100644 digidoc4j/src/test/resources/testFiles/certs/d-trust-ca.cer diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java b/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java index 8da99911f..ed2dd2734 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/SKOnlineOCSPSource.java @@ -10,6 +10,7 @@ package org.digidoc4j.impl; +import eu.europa.esig.dss.DomUtils; import eu.europa.esig.dss.enumerations.CertificateStatus; import eu.europa.esig.dss.enumerations.DigestAlgorithm; import eu.europa.esig.dss.model.DSSException; @@ -17,11 +18,13 @@ import eu.europa.esig.dss.spi.DSSRevocationUtils; import eu.europa.esig.dss.spi.DSSUtils; import eu.europa.esig.dss.spi.client.http.DataLoader; +import eu.europa.esig.dss.spi.x509.ResponderId; import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPSource; import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPToken; import eu.europa.esig.dss.token.DSSPrivateKeyEntry; import eu.europa.esig.dss.token.KSPrivateKeyEntry; import eu.europa.esig.dss.token.Pkcs12SignatureToken; +import eu.europa.esig.dss.utils.Utils; import org.apache.commons.collections4.CollectionUtils; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers; @@ -201,13 +204,14 @@ private void validateOCSPResponseStatus(int ocspResponseStatus, String serviceUr } } - private void verifyOCSPResponse(BasicOCSPResp response) throws IOException { + protected void verifyOCSPResponse(BasicOCSPResp response) throws IOException { + ResponderId responderId = DSSRevocationUtils.getDSSResponderId(response.getResponderId()); List holders = Arrays.asList(response.getCerts()); if (CollectionUtils.isNotEmpty(holders)) { boolean hasOcspResponderCert = false; for (X509CertificateHolder holder : holders) { CertificateToken token = DSSUtils.loadCertificate(holder.getEncoded()); - if (isOcspResponderCertificate(token)) { + if (responderId.isRelatedToCertificate(token)) { hasOcspResponderCert = true; } else { continue; @@ -217,7 +221,7 @@ private void verifyOCSPResponse(BasicOCSPResp response) throws IOException { } if (!hasOcspResponderCert) { throw CertificateValidationException.of(CertificateValidationStatus.TECHNICAL, - "None of the OCSP response certificates does have 'OCSPSigning' extended key usage"); + "OCSP responderId is not related to any certificates"); } } else { if (!this.configuration.isTest()) { @@ -226,15 +230,6 @@ private void verifyOCSPResponse(BasicOCSPResp response) throws IOException { } } - protected boolean isOcspResponderCertificate(CertificateToken token) { - try { - return token.getCertificate().getExtendedKeyUsage() != null && token.getCertificate().getExtendedKeyUsage().contains(OID_OCSP_SIGNING); - } catch (CertificateParsingException e) { - throw CertificateValidationException.of(CertificateValidationStatus.TECHNICAL, - String.format("Error on verifying 'OCSPSigning' extended key usage for OCSP response certificate <%s>", token.getDSSIdAsString()), e); - } - } - protected void verifyOcspResponderCertificate(CertificateToken token, Date producedAt) { verifyValidityDate(token, producedAt); if (!configuration.getTSL().isTrusted(token)) { diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java index 74d21f042..f2775395c 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java @@ -12,44 +12,36 @@ import eu.europa.esig.dss.enumerations.CertificateStatus; import eu.europa.esig.dss.model.DSSException; +import eu.europa.esig.dss.model.x509.CertificateToken; +import eu.europa.esig.dss.spi.DSSRevocationUtils; import eu.europa.esig.dss.spi.DSSUtils; import eu.europa.esig.dss.spi.x509.CertificateSource; -import eu.europa.esig.dss.model.x509.CertificateToken; import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPToken; import org.bouncycastle.asn1.ocsp.OCSPResponseStatus; -import org.bouncycastle.asn1.x500.X500Name; -import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; -import org.bouncycastle.cert.X509CertificateHolder; -import org.bouncycastle.cert.X509v3CertificateBuilder; -import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; -import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder; -import org.bouncycastle.jce.X509Principal; +import org.bouncycastle.cert.ocsp.BasicOCSPResp; import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.operator.ContentSigner; -import org.bouncycastle.operator.OperatorCreationException; -import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.bouncycastle.util.encoders.Base64; -import org.bouncycastle.x509.X509V3CertificateGenerator; import org.digidoc4j.AbstractTest; import org.digidoc4j.Configuration; import org.digidoc4j.OCSPSourceBuilder; import org.digidoc4j.ServiceType; -import org.digidoc4j.exceptions.*; +import org.digidoc4j.exceptions.CertificateValidationException; import org.digidoc4j.exceptions.CertificateValidationException.CertificateValidationStatus; -import org.digidoc4j.impl.CommonOCSPCertificateSource; -import org.digidoc4j.impl.SKOnlineOCSPSource; -import org.digidoc4j.impl.SkOCSPDataLoader; +import org.digidoc4j.exceptions.ServiceAccessDeniedException; +import org.digidoc4j.exceptions.ServiceUnavailableException; +import org.digidoc4j.exceptions.TechnicalException; import org.digidoc4j.test.util.TestSigningUtil; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; +import org.mockito.Mockito; import org.mockito.junit.MockitoJUnitRunner; import javax.security.auth.x500.X500Principal; -import java.math.BigInteger; +import java.io.IOException; import java.nio.charset.StandardCharsets; import java.nio.file.Paths; -import java.security.*; +import java.security.Security; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; @@ -357,6 +349,17 @@ public void getOCSPToken_anyDSSExceptionRethrownAsTechnicalException() { ocspSource.getRevocationToken(new CertificateToken(TestSigningUtil.SIGN_CERT), new CertificateToken(this.issuerCert)); } + @Test + public void ocspResponseWithCaCertificate() throws IOException { + X509Certificate subjectCertificate = openX509Certificate(Paths.get("src/test/resources/testFiles/certs/d-trust-ca.cer")); + this.configuration.getTSL().addTSLCertificate(subjectCertificate); + SKOnlineOCSPSource skOnlineOCSPSource = Mockito.spy(constructOCSPSource()); + BasicOCSPResp basicOCSPResp = DSSRevocationUtils.loadOCSPBase64Encoded( + "MIIRXQoBAKCCEVYwghFSBgkrBgEFBQcwAQEEghFDMIIRPzCCAUqhYTBfMQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMSAwHgYDVQQDExdELVRSVVNUIE9DU1AgMiAzLTEgMjAxNjEXMBUGA1UEYRMOTlRSREUtSFJCNzQzNDYYDzIwMTkwMzE1MTA0NzUxWjCBrzCBrDBJMAkGBSsOAwIaBQAEFAbmmcp8gO6BjP+ofF1XAe1qxY9xBBStC4sZrfX9mYllcnDjXG/JQoEJRgIQMvhgOMxbzNo2TwepM/QLKYAAGA8yMDE5MDMxNTEwNDc1MVqhTDBKMBoGBSskCAMMBBEYDzIwMTkwMTMwMDkzMjQ1WjAsBgUrJAgDDQQjMCEwCQYFKw4DAhoFAAQU9dbitxaidPedbKD/hfAL4PHUQxmhIjAgMB4GCSsGAQUFBzABBgQRGA8xOTg5MDMyMjAwMDAwMFowQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBAQAtt19/YWP5MbRAdlEQTi67686w21aYRLGHTUMHKA7ztLosauZgFkr2CHRYQO6qBOGvw90EB2njMEmcgdviS0+z1UdQdVz7DO6iFY76IIg68Rn9WDCoOoJ48/OaTgKeg9vEc/WfjNZXQ6WwTN1E5//7s8BWjOEe4lGPrM0pt3GLbgwjDBAUKBkjnRJclHCwEG0LA6XZRZ/BIu0He7ScrE2kSzrQg1NM7E2nC+JLZ+qYI5Y9dlOEsrPuL1o3IuJXql3BfZMGRALTvJf1orFIHM6Fqsj9Z6vRytEbYJmr2x/npmX7QoIBxHrRLkfHnhqJ19lwMo0kD3zoqGnERrheJyvOoIIOpTCCDqEwggbbMIIEk6ADAgECAhBxomoaMnOqxOrKgUJHXKJJMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgFAMFsxCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxELVRydXN0IEdtYkgxHDAaBgNVBAMTE0QtVFJVU1QgQ0EgMy0xIDIwMTYxFzAVBgNVBGETDk5UUkRFLUhSQjc0MzQ2MB4XDTE4MDkxNzE0MDE1MloXDTMxMTAyNjA4MzY1MFowXzELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEgMB4GA1UEAxMXRC1UUlVTVCBPQ1NQIDIgMy0xIDIwMTYxFzAVBgNVBGETDk5UUkRFLUhSQjc0MzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti1SpBOCYEIsSQpFDn8zZcExN/J42wYNLMAlhWCn8N9gWmYMehJuLUiTHwSf49Qs3nwJDsRLlp6D5R/+t9zJeIxV7q7BB7wqS1AvqCCqNC8K54yOe+yQHRyeFsIhnV6V1cCwVrFvy1UWliDdaVsevoltYQjBgCVPLSFl8Whg6o2yWB7le7KXb0LLeFu8TCNp1048/VYBTuqi6/RtlM4gZO0iKkgAB0QV/pisIR713EvJ+53j8R8YWrulMIQyLp19nktHwFO60O4FPu2qnpqcX617nBccQUlBkvQ3pTTe2nAdBYsOIt+WzAk11BVYyzK2iBFP/UuK/UVSN8iOQOMWaQIDAQABo4ICNTCCAjEwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAU++3frUvwJbXSet2fmh0vbQlQIccwgcUGCCsGAQUFBwEBBIG4MIG1MEIGCCsGAQUFBzAChjZodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NnaS1iaW4vRC1UUlVTVF9DQV8zLTFfMjAxNi5jcnQwbwYIKwYBBQUHMAKGY2xkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVTVCUyMENBJTIwMy0xJTIwMjAxNixPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y0FDZXJ0aWZpY2F0ZT9iYXNlPzCB8AYDVR0fBIHoMIHlMIHioIHfoIHchmlsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBDQSUyMDMtMSUyMDIwMTYsTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3SGMmh0dHA6Ly9jcmwuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3RfY2FfMy0xXzIwMTYuY3JshjtodHRwOi8vY2RuLmQtdHJ1c3QtY2xvdWRjcmwubmV0L2NybC9kLXRydXN0X2NhXzMtMV8yMDE2LmNybDAdBgNVHQ4EFgQUoAtmHN3AQBHvlH2b6CG1O4IeYDEwDgYDVR0PAQH/BAQDAgZAMA8GCSsGAQUFBzABBQQCBQAwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgOhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIDogMCAUADggIBAKJJ/FoMPzCK7VCWQ1U7vV7N39ieGz0ZIthbd1M3/OzfWW2BDlf6MMXFyYea1E3KH7snpOVMaWrrhbizSYO07MEx7GyjWrHNSOe86AJ9avgYZFF8CMn060fqfkaWirSB0+VjKcg2JSDFlWMVOvnp1IWfSKdQlDgWTXtMhXjtVsXvuyZsR/o+uSbVWpZUbpPdWBwKoLb/K86aStpfGAutfP0C0s1FuBwcKv0kjq+q+fLP6u/NzHTAJb7Vk2YfOwO9AkrZoMux10YhBm1i8kgr/xbh861QNLNRcFwp7nop+xmbJixsRlPDR4t8qrbfGAMTsXrtey6dTQx12w5DNRRv5sBUELwgkluxFlfJYQP65F7QTdRko6rnbpoIBW8jIgk8zyZy0ID8e0Fv3ZYVcsUg1AzyBcaawI8OCT0oY9+M0ETPfuuBDec+tunXvM89Gxp/s8jHDsf+qhEqCG6rgWIiUcECLxMVp0s1hq6tTgOIa4gTzLfVTPFtRzwNcLoHtCXocjb6+t9S7c3i3qj0iPQRX8j6mgkPx74Z5FiL0nkvH0UOofsZih/MT+AqVMyYOvcELgR+MNYTh2j5o6slgAqEqrKnxw+42mmM9Zhi0gUWx5spUU3gY140xHzsHC78QJXtfCt00ZJOpRH289NzMv19Ivs8FeyT7EhUB7ju08p4tfKBMIIHvjCCBXagAwIBAgIDD+R2MD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgFAMF4xCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxELVRydXN0IEdtYkgxHzAdBgNVBAMTFkQtVFJVU1QgUm9vdCBDQSAzIDIwMTYxFzAVBgNVBGETDk5UUkRFLUhSQjc0MzQ2MB4XDTE2MTAyNjA4MzYzOFoXDTMxMTAyNjA4MzY1MFowWzELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEcMBoGA1UEAxMTRC1UUlVTVCBDQSAzLTEgMjAxNjEXMBUGA1UEYRMOTlRSREUtSFJCNzQzNDYwggIgMAsGCSqGSIb3DQEBCgOCAg8AMIICCgKCAgEA0Qf6buWosCBXDA9QBiJjHLYSAYgKOatoXaJMuclKoa1vNueQEKupz5Cw1u5oiyQIlgflJAyUHGNPv4IkpK01QfUFaNYKJswZ+nb3DK0aalbwghzZOBmYJn1qUNVD/G8ZJ4EcFrcHQp78Cuu4UpImNSjeA8Deg3X9i0NDyd0DR/jUjU9Ufwypf+NbklUH7YYfzdgUonKgaPkVr99tjK7lnmUE0nQWa/FHQLFmx40txQbpFst/W6sLw3Dxk9VniZOeZO5/nY6hxP3wPr/H12nCWuHfbQBl0H3ImqQFxvSdHGWaCOwousH+sywrlFaUv3Rtohq9ZVrAaFw3MAOXI9VpZBRh0gXx/tAtGnazQWBbShTGqgXAV8Gb/bHpIZiHA6iip87Sh+cHMUVYbdpowc7svirH5AvsY+5z/kbcmZNS796hvFPf0svJp+CUW8+H8atsCp5WKS7bzCE/bWjhlIUXjDlX8Czac2N9brUaJ/elyhL+iSq0z/Lrx/iH4SlkmZy5bdxGd9vdYaTTHineTVVydtr/gwwrXpE92vKntLYQ2BDLLU6JKCzCRPJntdLCdr8lDY9hDMF+EMaw9EIYmNqdRl/UEldzoJQSf1oIGxNCb+K2tFKl9iL+9f6N5k9mblbF9j0uKkyLUHZJnRhWoaOEyRR/Uyy+62cvCfcnCpjofsMCAwEAAaOCAigwggIkMB8GA1UdIwQYMBaAFNzAEr2IPWMTjDSr286LMsQRTl3nMIGJBggrBgEFBQcBAQR9MHswMgYIKwYBBQUHMAGGJmh0dHA6Ly9yb290LWNhLTMtMjAxNi5vY3NwLmQtdHJ1c3QubmV0MEUGCCsGAQUFBzAChjlodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NnaS1iaW4vRC1UUlVTVF9Sb290X0NBXzNfMjAxNi5jcnQwcQYDVR0gBGowaDAJBgcEAIvsQAECMFsGCysGAQQBpTQCgRYBMEwwSgYIKwYBBQUHAgEWPmh0dHA6Ly93d3cuZC10cnVzdC5uZXQvaW50ZXJuZXQvZmlsZXMvRC1UUlVTVF9Sb290X1BLSV9DUFMucGRmMIG+BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDE2LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDE2LmNybDAdBgNVHQ4EFgQU++3frUvwJbXSet2fmh0vbQlQIccwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgOhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIDogMCAUADggIBAG030a1pW3Ze5g2lc2xNcDybRUNcCCe6tzzBYLZ2e4iM5MmwTjbUKfmLrJwsHLON5zCzcNqZQv9vubTEJ+BheP4n8KS2hvhSYsxeqyQCn+NCwounhvsHw9H8dF+yWsSN8ltMF33fYNRdI5ZYnO2oCGcqRb71MnK2lkVOXySYYMLi0P6+0NotCvlLsM0tuH50ahuDZk/1A+dVcATwLWB4LVvH3lP6FADCjMJ7Rq2lgGzJ60BAE/VuAi2FmS1XFOJOXHxUsE9auwOtlg0kUhI52ohrQ6KoJslB0Ze/v2ihMju2wY+85Vz5cKAt8rZRZcvJg8IN7AFOwoDvlp2/ejF7CXuIAf6BracK/hVsVMVVaeef4FwtXBrtIlZPQoMj369ZVBnPp0b5zwiYeVBjkQyZjBXTNwEQLZQc8fNN49GRVJV/FGjnd5XR6umz+GBjKXPcupPKVX2qoU5tviOr90xYHYTAo3mFJ+9HreVW2URl/GSJ/wN2Isk9RJlDwVqTpo8NoRPvutMfRyUkw/y297iGdRszmPfMjNQV9u6Nhv+7CzXcRHKsRK/LNN1F8jtMkFo7YCULYI5UK9staE/F+IKe04eBdo4D7bIIgb+zQ7RhgTvQdWtNu4cp1Opx+yJDHY/7k8yXtX5A5XcWuaQLn4vcx7lSs9YswY4998kMliPtWfpA"); + skOnlineOCSPSource.verifyOCSPResponse(basicOCSPResp); + Mockito.verify(skOnlineOCSPSource, Mockito.times(1)).verifyOcspResponderCertificate(any(), any()); + } + @Test public void dataLoaderMissing() { expectedException.expectMessage("Data loader is null"); diff --git a/digidoc4j/src/test/resources/testFiles/certs/d-trust-ca.cer b/digidoc4j/src/test/resources/testFiles/certs/d-trust-ca.cer new file mode 100644 index 000000000..6ada7ce6e --- /dev/null +++ b/digidoc4j/src/test/resources/testFiles/certs/d-trust-ca.cer @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIHvjCCBXagAwIBAgIDD+R2MD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgFAMF4xCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxELVRydXN0IEdtYkgxHzAdBgNVBAMTFkQtVFJVU1QgUm9vdCBDQSAzIDIwMTYxFzAVBgNVBGETDk5UUkRFLUhSQjc0MzQ2MB4XDTE2MTAyNjA4MzYzOFoXDTMxMTAyNjA4MzY1MFowWzELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEcMBoGA1UEAxMTRC1UUlVTVCBDQSAzLTEgMjAxNjEXMBUGA1UEYRMOTlRSREUtSFJCNzQzNDYwggIgMAsGCSqGSIb3DQEBCgOCAg8AMIICCgKCAgEA0Qf6buWosCBXDA9QBiJjHLYSAYgKOatoXaJMuclKoa1vNueQEKupz5Cw1u5oiyQIlgflJAyUHGNPv4IkpK01QfUFaNYKJswZ+nb3DK0aalbwghzZOBmYJn1qUNVD/G8ZJ4EcFrcHQp78Cuu4UpImNSjeA8Deg3X9i0NDyd0DR/jUjU9Ufwypf+NbklUH7YYfzdgUonKgaPkVr99tjK7lnmUE0nQWa/FHQLFmx40txQbpFst/W6sLw3Dxk9VniZOeZO5/nY6hxP3wPr/H12nCWuHfbQBl0H3ImqQFxvSdHGWaCOwousH+sywrlFaUv3Rtohq9ZVrAaFw3MAOXI9VpZBRh0gXx/tAtGnazQWBbShTGqgXAV8Gb/bHpIZiHA6iip87Sh+cHMUVYbdpowc7svirH5AvsY+5z/kbcmZNS796hvFPf0svJp+CUW8+H8atsCp5WKS7bzCE/bWjhlIUXjDlX8Czac2N9brUaJ/elyhL+iSq0z/Lrx/iH4SlkmZy5bdxGd9vdYaTTHineTVVydtr/gwwrXpE92vKntLYQ2BDLLU6JKCzCRPJntdLCdr8lDY9hDMF+EMaw9EIYmNqdRl/UEldzoJQSf1oIGxNCb+K2tFKl9iL+9f6N5k9mblbF9j0uKkyLUHZJnRhWoaOEyRR/Uyy+62cvCfcnCpjofsMCAwEAAaOCAigwggIkMB8GA1UdIwQYMBaAFNzAEr2IPWMTjDSr286LMsQRTl3nMIGJBggrBgEFBQcBAQR9MHswMgYIKwYBBQUHMAGGJmh0dHA6Ly9yb290LWNhLTMtMjAxNi5vY3NwLmQtdHJ1c3QubmV0MEUGCCsGAQUFBzAChjlodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NnaS1iaW4vRC1UUlVTVF9Sb290X0NBXzNfMjAxNi5jcnQwcQYDVR0gBGowaDAJBgcEAIvsQAECMFsGCysGAQQBpTQCgRYBMEwwSgYIKwYBBQUHAgEWPmh0dHA6Ly93d3cuZC10cnVzdC5uZXQvaW50ZXJuZXQvZmlsZXMvRC1UUlVTVF9Sb290X1BLSV9DUFMucGRmMIG+BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDE2LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDE2LmNybDAdBgNVHQ4EFgQU++3frUvwJbXSet2fmh0vbQlQIccwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgOhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIDogMCAUADggIBAG030a1pW3Ze5g2lc2xNcDybRUNcCCe6tzzBYLZ2e4iM5MmwTjbUKfmLrJwsHLON5zCzcNqZQv9vubTEJ+BheP4n8KS2hvhSYsxeqyQCn+NCwounhvsHw9H8dF+yWsSN8ltMF33fYNRdI5ZYnO2oCGcqRb71MnK2lkVOXySYYMLi0P6+0NotCvlLsM0tuH50ahuDZk/1A+dVcATwLWB4LVvH3lP6FADCjMJ7Rq2lgGzJ60BAE/VuAi2FmS1XFOJOXHxUsE9auwOtlg0kUhI52ohrQ6KoJslB0Ze/v2ihMju2wY+85Vz5cKAt8rZRZcvJg8IN7AFOwoDvlp2/ejF7CXuIAf6BracK/hVsVMVVaeef4FwtXBrtIlZPQoMj369ZVBnPp0b5zwiYeVBjkQyZjBXTNwEQLZQc8fNN49GRVJV/FGjnd5XR6umz+GBjKXPcupPKVX2qoU5tviOr90xYHYTAo3mFJ+9HreVW2URl/GSJ/wN2Isk9RJlDwVqTpo8NoRPvutMfRyUkw/y297iGdRszmPfMjNQV9u6Nhv+7CzXcRHKsRK/LNN1F8jtMkFo7YCULYI5UK9staE/F+IKe04eBdo4D7bIIgb+zQ7RhgTvQdWtNu4cp1Opx+yJDHY/7k8yXtX5A5XcWuaQLn4vcx7lSs9YswY4998kMliPtWfpA +-----END CERTIFICATE----- \ No newline at end of file From 3417cf9792d8902ab7db5200fc728a47451b0dc3 Mon Sep 17 00:00:00 2001 From: naare Date: Fri, 15 Jan 2021 10:51:01 +0200 Subject: [PATCH 06/45] MAINTENANCE addition of links to wiki Q&A and ID.ee page. --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e910b7046..2c50dfd2c 100644 --- a/README.md +++ b/README.md @@ -90,6 +90,7 @@ You can use the library as a Maven dependency from the Maven Central (http://mvn * © Estonian Information System Authority ## Support -Official builds are provided through [releases](https://github.com/open-eid/digidoc4j/releases). If you want support, you need to be using official builds. Contact for assistance by email [help@ria.ee](mailto:help@ria.ee). +Official builds are provided through [releases](https://github.com/open-eid/digidoc4j/releases). If you want support, you need to be using official builds. Contact for assistance by email [help@ria.ee](mailto:help@ria.ee). +Additional information can be found in [wiki Q&A](https://github.com/open-eid/digidoc4j/wiki/Questions-&-Answers) and on [ID.ee portal](https://www.id.ee/rubriik/digidoc-teegid/). Source code is provided on "as is" terms with no warranty (see license for more information). Do not file Github issues with generic support requests. From 53d3bf4b4c40ce143b847810f17aaa22b70596a6 Mon Sep 17 00:00:00 2001 From: Erko Risthein Date: Mon, 18 Jan 2021 18:28:41 +0200 Subject: [PATCH 07/45] Fix build on JDK11+ --- pom.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pom.xml b/pom.xml index b6e86eb9d..54dff7422 100644 --- a/pom.xml +++ b/pom.xml @@ -202,6 +202,9 @@ org.apache.maven.plugins maven-javadoc-plugin 3.2.0 + + 8 + attach-javadocs From a1cca4f7ba9387a8f452851e4a57f95bdad921ec Mon Sep 17 00:00:00 2001 From: Erko Risthein Date: Mon, 18 Jan 2021 18:37:08 +0200 Subject: [PATCH 08/45] Upgrade CI to JDK11 --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 5774f2729..2347319ff 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,7 @@ dist: bionic language: java jdk: - openjdk8 -- openjdk10 +- openjdk11 branches: only: - develop From 01fa0cdd0e60e911470d7474fe26a7ef5419a2bc Mon Sep 17 00:00:00 2001 From: Erko Risthein Date: Mon, 18 Jan 2021 18:40:08 +0200 Subject: [PATCH 09/45] Add JDK15 to CI --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 2347319ff..a71cc70f7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,6 +3,7 @@ language: java jdk: - openjdk8 - openjdk11 +- openjdk15 branches: only: - develop From b45ba6239c0c5bc537cebb28e602161223bc4435 Mon Sep 17 00:00:00 2001 From: Erko Risthein Date: Fri, 29 Jan 2021 16:01:15 +0200 Subject: [PATCH 10/45] Update github workflows to run on pull requests as well --- .github/workflows/digidoc4j-verify.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/digidoc4j-verify.yml b/.github/workflows/digidoc4j-verify.yml index cc0af1924..d32f52962 100644 --- a/.github/workflows/digidoc4j-verify.yml +++ b/.github/workflows/digidoc4j-verify.yml @@ -6,7 +6,11 @@ name: Digidoc4j CI with Maven on: push: branches: - - main + - master + - develop + pull_request: + branches: + - master - develop jobs: @@ -25,4 +29,4 @@ jobs: - name: Build with Maven env: TZ: Europe/Helsinki - run: mvn clean verify -q -"Dgpg.skip" \ No newline at end of file + run: mvn clean verify -q -"Dgpg.skip" From d58a7d8712791e6ffc8388c5e602eb50bef93bfe Mon Sep 17 00:00:00 2001 From: Erko Risthein Date: Fri, 29 Jan 2021 16:09:41 +0200 Subject: [PATCH 11/45] Upgrade ubuntu on gitlab workflows --- .github/workflows/digidoc4j-verify.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/digidoc4j-verify.yml b/.github/workflows/digidoc4j-verify.yml index d32f52962..f15e52119 100644 --- a/.github/workflows/digidoc4j-verify.yml +++ b/.github/workflows/digidoc4j-verify.yml @@ -18,7 +18,7 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - os: [ubuntu-18.04] + os: [ ubuntu-20.04 ] java: [ 8, 11, 15 ] steps: - uses: actions/checkout@v2 From 61a9b2e100f867c9c281e0c750e9f620c315193c Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Fri, 29 Jan 2021 13:52:16 +0000 Subject: [PATCH 12/45] Bump bouncycastle.version from 1.65 to 1.68 Bumps `bouncycastle.version` from 1.65 to 1.68. Updates `bcpkix-jdk15on` from 1.65 to 1.68 - [Release notes](https://github.com/bcgit/bc-java/releases) - [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `bcprov-jdk15on` from 1.65 to 1.68 - [Release notes](https://github.com/bcgit/bc-java/releases) - [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Signed-off-by: dependabot-preview[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 54dff7422..e59350035 100644 --- a/pom.xml +++ b/pom.xml @@ -142,7 +142,7 @@ 1.8 1.8 1.7.30 - 1.65 + 1.68 none From fe0fc7dc3d795d25291d8b29ba85881e238ed39d Mon Sep 17 00:00:00 2001 From: Erko Risthein Date: Fri, 29 Jan 2021 16:13:21 +0200 Subject: [PATCH 13/45] Fix bouncycastle upgrade compilation error --- .../org/digidoc4j/ddoc/factory/BouncyCastleNotaryFactory.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/BouncyCastleNotaryFactory.java b/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/BouncyCastleNotaryFactory.java index 36af57823..7ae0dfc73 100644 --- a/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/BouncyCastleNotaryFactory.java +++ b/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/BouncyCastleNotaryFactory.java @@ -324,7 +324,7 @@ public Notary parseAndVerifyResponse(Signature sig, Notary not) private String responderIDtoString(BasicOCSPResp basResp) { if(basResp != null) { ResponderID respid = basResp.getResponderId().toASN1Primitive(); - Object o = ((DERTaggedObject)respid.toASN1Object()).getObject(); + Object o = ((DERTaggedObject)respid.toASN1Primitive()).getObject(); if(o instanceof org.bouncycastle.asn1.DEROctetString) { org.bouncycastle.asn1.DEROctetString oc = (org.bouncycastle.asn1.DEROctetString)o; return "byKey: " + SignedDoc.bin2hex(oc.getOctets()); @@ -387,4 +387,4 @@ public void init() } } -} \ No newline at end of file +} From c56f62ddbbedfe37bf4701d14e94af52d784c4b2 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Thu, 4 Feb 2021 14:58:51 +0200 Subject: [PATCH 14/45] DD4J-673 removed travis conf --- .travis.yml | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index a71cc70f7..000000000 --- a/.travis.yml +++ /dev/null @@ -1,22 +0,0 @@ -dist: bionic -language: java -jdk: -- openjdk8 -- openjdk11 -- openjdk15 -branches: - only: - - develop - - master - - 3.x.x -before_install: -- export TZ=Europe/Helsinki -install: true -script: mvn clean verify -q -Dgpg.skip -notifications: - email: - recipients: - - aare.nurm@nortal.com - - siim.suu@nortal.com - on_success: change - on_failure: always From d782ed72e7236d4ae725db4d84e14e71f51d315c Mon Sep 17 00:00:00 2001 From: siimsuu Date: Fri, 19 Feb 2021 11:37:59 +0200 Subject: [PATCH 15/45] DD4J-623 fix few tests --- .../java/org/digidoc4j/impl/DataToSignSerializationTest.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/DataToSignSerializationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/DataToSignSerializationTest.java index d99953e4e..94fed99b7 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/DataToSignSerializationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/DataToSignSerializationTest.java @@ -147,7 +147,7 @@ public void finalizeSignature_notEmptyContainerFromPath() { ); for (Container container : containers) { - Signature signature = finalizeAndValidateContainerSignature(container, 40000); + Signature signature = finalizeAndValidateContainerSignature(container, 80000); if (!container.getType().equalsIgnoreCase(Container.DocumentType.ASICS.name())) { container.addSignature(signature); } @@ -165,7 +165,7 @@ public void finalizeSignature_notEmptyContainerFromStream() throws FileNotFoundE ); for (Container container: containers) { - Signature signature = finalizeAndValidateContainerSignature(container, 40000); + Signature signature = finalizeAndValidateContainerSignature(container, 80000); if (!container.getType().equalsIgnoreCase(Container.DocumentType.ASICS.name())) { container.addSignature(signature); } @@ -247,6 +247,7 @@ private Signature finalizeAndValidateDetachedSignature(DataFile dataFile, Signat */ private Signature finalizeAndValidateSignature(DataToSign dataToSign, int dataFilesCount, int dataToSignAdditionalWeightInBytes) { byte[] dataToSignSerialized = SerializationUtils.serialize(dataToSign); + assertTrue(dataToSignAdditionalWeightInBytes + 20000 > dataToSignSerialized.length); assertTrue(DATA_TO_SIGN_DIGEST_EXPECTED_CEILING_SIZE * dataFilesCount > dataToSign.getDataToSign().length); From 9e351705dd4848e593c822d0f3ec3b5ec338fbc2 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Mon, 22 Feb 2021 16:09:20 +0200 Subject: [PATCH 16/45] DD4J-677 expired AIA ocsp tests --- .../org/digidoc4j/impl/bdoc/ValidationTest.java | 14 ++++++++++++++ .../esteid2018signerAiaOcspLT.asice | Bin 0 -> 9506 bytes .../esteid2018signerAiaOcspLTA.asice | Bin 0 -> 10001 bytes 3 files changed, 14 insertions(+) create mode 100644 digidoc4j/src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLT.asice create mode 100644 digidoc4j/src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLTA.asice diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 5c9d789f6..9192b7c98 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -835,6 +835,20 @@ public void container_withPssSignature_shouldBeValid(){ TestAssert.assertContainerIsValid(container); } + @Test + public void container_withExpiredAIAOCSP_LT_shouldBeInvalid() { + Container container = ContainerOpener.open("src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLT.asice"); + ContainerValidationResult validationResult = container.validate(); + Assert.assertEquals(2, validationResult.getErrors().size()); + } + + @Test + public void container_withExpiredAIAOCSP_LTA_shouldBeInvalid() { + Container container = ContainerOpener.open("src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLTA.asice"); + ContainerValidationResult validationResult = container.validate(); + Assert.assertEquals(2, validationResult.getErrors().size()); + } + /* * RESTRICTED METHODS */ diff --git a/digidoc4j/src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLT.asice b/digidoc4j/src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLT.asice new file mode 100644 index 0000000000000000000000000000000000000000..94164a3d27fa6fc2bfdff64c83adde599cb5c22a GIT binary patch literal 9506 zcmaKybx@qomaqp2?(P~~1|6IPhu{QvcXuZQ2<~n{0|Xmfg1fsjxVyVI~Ry|6xFtA7f00IDD7OJQcLHQ^_4gdiD8Gp9`c2;&~u3nC2MvjiQ zRwhQSRu1++cY9M-GglWYRwEZH6BaWjZ!1TozYrV%0s_MSgZz#ASHt}~lb28xVUbag z1lk$dTbY}=xUzcM*+$2)qjj^PNPtzmB&>|YlwpYJ=;6au@R?~8W}9#wy{Dm&jE%0} zpYEQWeOf;ljPaUB*cxg$ezo)wH6Vvzvx-Bin=;X zt#gFi9Wf3Ay888rIH9zLqfE7pB-7-6)NfF3C|pQzrDLLJDByL$v(*1+#>S_7qT@B{ zHRA2%t9Q)tj^}v5^HOz);_SqydOc5t?o#36j#uBxfH&~^J8r|kLk^j==LrAaepQR! z%pKk0bo1-}>y*PM@;_%+im=Uku^mNvJ}>p{dk7IT1R*zz;0N#`@YDMnxbSsf=X4@D z@vh>C4W$FEw}2`ppZ@za0&`;Bz)NaQKtkfWzc6i%CG^NNjXaCSVuJKGn~sGl))X%; z>kO|*4>-Fp+;{wFKm#PWux~=5KEQXfQ9f5EFgv7}JA8axEs*8U2944+`HUd^%jAWj zKV{#*Us8B{6UY90Qg;=^mDtz)q2OloqXGp1^5yfBS}z{>^H?F&KQ z_Y6{pwg*2|zFkX5wSU5O(0(booc#0lb_lMpwjsa_IF1ceejI|Qu$o??wb(&yGn7wI#|7@ z7RHg4QbVn8TYLnja62_dtQm{Ak_Mfu)!dXn26NOJ0Xno3nPOT80zDf9F+*wvq?$eZ zx-fWzpzl`K@xw_}og_cU;73FtE6!0XU5B8{QQ6?c+EL^N>;9mN5(_fk&qtMjW9@?y zXZF%DL)Cro={KV)-L-nXl*1ruYTh)4P7q!4b}D1-4R0ph=Dtj=m)!Q1mYWTI5c~~g zqSP2G`)Wm~?H(?!AjA}n(T0D#iRJUyPR0m8EjgP>gYRsdVSAqOLw^Qa9|IF)7Z~M7 zVxA2XWF7R&e4t?b@&{7NL_;TqR>fHcnq4|)hX&y`<@#RGou0r4@>03Ca*NWUos2Gn)zEGu8Uuh&mHm?`23bP+W**5kBpU3N|0q$JYsPfuA^Ht!;Fx9pxRokId z5LRaB7e65ljX+ksF-9Cs1*I$Pj|AgOHxqyx9jE^gw zoP&m)ZHW>k3|9qFA3S^D!iI;a1nQ~SHgII#02?o=>ZGPUsf|GsY(J<2v(}NHVKSsg z%gKKWQ(}qo*=X$Us3VmUju)(_!8@-LeX~%5^SjF=_W4o0n}yElTIC-2Ayz(bg;qyk zteB=TM{6&w<9I;nvD}azcZVvGIG5fJZV?c(5Nelr&yM!85s6~x#<}0u^2XLvOOkjU zWYQ{xttw0=HzOrFByJ+3$AB#qimmklPftS18%eMz_7W*N4E6VhHhK1_ES0*St9r|Z zxMIZqcwmSK=|Ds$BzIG|>7nTx+|T9pi4?tWC(SX8Kxe}oP7tr{@W>#T!!J(x$yvB6 z8C|nMw~&*wr`9{f1c!jy{F~8FwJAcJ3%4^y3<<4PFnd$%EymfS4#gimu6T#-7{pqn z`oDwQT7<$93{|8&bLpuGyZ$#L#Zekrv{_#LecRb34UhnM|xR zVgYE^COX4GzZ~vzQtC(kO6ol4KdeuZ6`nRO$$nIde_kIE+Rm?>cs0D#`}`BmGt2SB?iXF( zwrcGdga4?pLc!fc@f%B3cSv*CRm3FXyM*=}<*L~A?b`Uu+S1t#eo^C#+h{Bvd7Lk4 zN6azDf9$6?R*vsqJ%9K1JP#n^2^*|I+!_bJy>c@8;yl3UIu0cDf_ZyG+&#x;(5Sw5 z{P^%wC?JxNZ2bKEbHx2vD_c9XfK^ zGg!Ym%WRE2gM&K}k~FbpAA-6kdOzK)m!B$f+$XAOGz#oE1VGP!T3q*hlNVdRy)y$$ zTv|4MP0|l2mPw#RctEDP#EmwRjnXY32%O=HF(Iff3gd3*UC(${x*zHNq=49em8y_t&}vj>L{9SH5DqdeGtLg+iUfv+4y`zvoliJ!DO1`3{=YyVuhdM!dhp2RU_ zNPvmEbX2G_iX&_a!V<6{{t+7Vm`0Y8N*^DuJ94yzL;G^JFQ(TROOS^K;x7ZdEHMf{ z=WaMOxKWTlX~Ia3&et%{aE{anB!>VDcg%Cyy^_g?vk)mL0L_em7&E*euy2J1QD>F2 zr~9MeSg4?zq23!J(ZvHAktA*|Rf~lLG6F6E%EJm2$_SUdo3_sLsT=lUSE*TQ*-w50 z@J|JhK)*5!)sflHO8!d}Q!fXKR-X$U_voh;6jF<>^#Hax5ZfwTZ##elR!WW~@Xt?+pNDzk9+0$mX|wp9pL!{r-e_ z5E|(6AzFFN9U~_+4*|Pxp|{oeWRLEaE0VEimdwY)7vvgnO4ob^DDo*nLN&`{hmcRO+4& zK3LI;3TIgd!bXJSRbB>WzVY=$Qwh}HIUi8jUgeqH@x{Eq&(g6s!;t&`IQBhvQ3`=) z?`n@<4VNjaxy7&fn$}vjgzaLWG2mP!uxVtA&+1Cpf;l&$bpy?w*B)r0yzsi3NhFsN8}6$)JartM~%<{1(v zD*Tk)&!&1HqdFw@XscPN9qsHoQW+K9$@#}8U0YZ-xo4&rydDWl9<=~Qi2}BXC9}vB zY|*hj$Dd#ZC<+E>X5$su!-i$?eHoN4rOGd2GY|SCiuA+EG|No51N0S+^Gj_6WJ#HY ztG(gB@4vzjiln=Xax#xo1b0k$tI=M>bS!y>ic;@_{AbI3xvA2f*n_h_J1&)6d3MGCj7UM^AA(HqXYF9x zKQKRnSMW)9Fq@9|vQg}!;1PYY)_FFBORl79OwEv@%lD+g#rBCPPP%+B1) zp&?eeGOT!JQC7Yil{W3GEeX7qyed_4mw}p>f;&n|ja{3hn1tWXThPDv&b58dRI4kt zXJ1?U-Zu06d<2;2kxEcbKu^G&s1p1bIHZvu*tdmnOduq8 ze=%DMHhEMh1{+zb7u7>#>u`v+e8Q|B@g+iLt|EPpi>KMzoCwyZkcMPi9zGiFMTv7i zvT5j8tCvK{0ADSXzP9^I3U|}(7aLFh)CF~wQ{a)gtg@v|suypOG9ARGYSWSu;IHIX z1Sk3ZBx>+{`ExAC^YHQ{aREJ|$9%6e4FdhUdbXY$k>DGNtt6O0`lfEzYFK!J#m+7Y zw$H(}!(fFlOu5g+(0E>3l~z$5 z;giJYLxi^8)Nd+)*Dq(j)l)zD;C(!h?iXqLTaexiFHv4;T3(E0C(dD{iu!zuu{qwg z=$QBNurCB|93ClrJ5gw;cjhp*a39Lc0uE|@`Qp0P0(;f>2!h70b-C1v-VT7~i^^-F zSiU%iP-dFgY$))?w7`yG6pNjHO`kxhKj^!*CP{p8{-K}XO4R$MbjCzU@HCSbvWQG0Qifi5-G5J!+_{ZztY z%yJL5PKXjLZpacPTcu^Z*p=&}dNEx%vRo?B#d;!Sr#)Yjo!Z6~@4hWlJ$1idQ@|j4 zvb$>k^(+Nqa&*X|A<(FF1IplXS8cnJ-A7RY#v=BJ41T7%waQj0u28~$>JlZW#IuL} z!)PhmSmFtZlb~DPG%tW}fJL34;^BFwccZj4+RZzBwDwuHYNUlak{8}_C8NfqxX1H{ z=-rpe*JrlEjP=H6a_?4RGaX42h&RU8^e{?JV0v$d8X+O|g3yU6u@)oMcJB?x$Q>im znUAR{y~!;eMit3t+x;Ze^~Dz-NuUkBt*=p?RP#D$uj>+hNp?fFk*^yRu00puIqrg! zL=GPeh)O`8-n1{Lu&SD)a|#4_yvOm8n|%l>nP;=j$xYhUM12ysg@-DkLf-3lKZ_R= zae4T{Ly6(0_qCyVtRHunq#+M8>AG# zX}1ktlk;tycU)(Fgai%y!odqj<4}hGUV>Lrvaqh9G5MqPD0n&!K{JZ>4XiXN9B;Nh zG@iG@>dkH|iJCl~p=W1|G z=RbmGTHH`{#{o!Vtl6%58jW&j)-mpwnXS!X`Bzf*^E2wUzQ8QcHirs!$1MbmDbZw!SCgbwV`t(c&`1Y-_2}kCyTouu zc-4BrS&wi4dGdP1-61>=d9Z*ul^=p85!P&V1l@8o_RGYS`zD&>C+zj^fFoBp#8Z}d zP;#iR!1Yx=MH#Kr@sM_4#s7tK6oOjruRC~wv@ZTL<_pPs+oPv2s~*o zuc0ZIujV2r|HbV@TT`^Oers~IpU^5WvJojmB8FjcFS?O3LP7Su7teZ!=%m`<6tPr8 zhfq|)++fzzZaen?)I^*j=9O(>Gt08a7{_x{Wh2rowwl0~bw?2Etm59Cb`};(voz)1 zqRb<24#Ax>Nzibg^AfDQ3+H5#v!&T3e3Cq~eXN&{@-CW4(`64Pt#slazDB}f?GeNC zSoI#6X8lg;LjX|~^3ZRRVqJ#bq3cFI?0Gz(f$V|=$H0!;bE&`w2mrBmx;faY4=r@Yv2 zggmQ$b6jnYjO%o;(h15QR(qLx<^mShx=!yp4ngOExDO^`1}3RJ`;ZM_&Amu!^6;*~ zGKoRm(&~WEy#+tARZY)6sB{T!MDt>l5cK7$h-tsbhm9FO<{tP^`2LuS46%*Pyv=Wy z39cY>CLIXZ6OXt2jh~$2>=gRBc-uhDt3yX=k)vmeW*|ej=8w9!J%nt8HO`mLyAc!m z#JZ90S#%r{!N5j#OcT(bQ7y2DL{v;FdP#?S-RIQ0$qKespXXL*0pxz3I=hdV*rA&!fkOhsEIT$EV8iwTII z`Uk@exUk5zr|;VUj^6V1^$WZW|DH@S!QL-0@S= zV7-2wiY;K3_siKC0dBUuPc95y#DY|1;Orstuc+};xasc}ZBW9?MIfnrOW>ewAgbNG>{%Zva)%|42YE|*1?{JDA+(T6!p$j)a6 zha%t}9E=PFrj8yrURQL(9YCuGGDZV9QO`ghKL%AC7V z6&I@y;A-S-rJc>DwS?p9nHpHu+0kQFZeYNAt!1b{m5ExqU!B&b3oHm!UH!?h@_+k@4N80+(u{eR-3onmvrg z&Vxo45Yy3o$g#@<`MOr?yj1vKN-nTn|NMOG`Wpi&gEw02>9$Jo{G3$$f}Qe|?9T%& zrQM@kO@Su@olkP#^(m4r+Q7~PRuzSh{8Qm<+C*h*m}1UvC(=QeKv81rPLodnOQ4z3 za1=9hlKD~5q~83_h9+IuQ*laOlIi-~liNJe3NKrk!bz%Ka^m%OZW%_syx$C5%a-67 zUbwKNg%&^LaH%S#$+93Mn zcEVU-wjHhbWaz|}!lGVfP@-lFb$!dhaUVU0KaI2@A22Ea|Ce`@#qQb9UGSNf@a@<< zDZdj^eh*c2;wh{C#QVtVwU5Tjvd}x2z=5m|<_2ckLM@oJ55Gb7fJk$2#FzXDnRZf1 zq3HtBKvCYDUA`=y?+H+-=tV|Ot&B^^Ef`JyZs>tlh~IZ0e^@fK4NcF$`keW>nrT*l zhM7=acBhcKu+H7t9R+%R#a*V=j(KYR;H*!wjVNw$N15TP%I0|6auqeLIokM$VoRMPAk{baLE z28LWN=dzvT8g=A>TJwU30(Rv4wu>)Em8PTRCW+bkm^kL`YJI@y!0Y|agY|k>$W{R} zF&V~Ii}NUx)}`oOX)Hd+k7xb<_Jp>BRKF?Ub3Xc+gwIOkT@(JP6L5Lkpl+bUGB#j} z>^)y7(5Lzid}s2e-``sDd`c!{`eB>H>$P${qj_KLUA~R4T>yB`e%2TC7?w0l<(Kg2 zutEiozV8!uVR{aOyyo1JPL~;=f(Tb4Scq{XByoa3aV&RA6;zV1!#uNidrW9L)W^DL zl8y;`*2h!ZYNxJM$QA9aT`L~@(UeHud&XtUdNBwYH`f>t{hRjht6E5T*PJEY6n>Sx zB;@)@4(=KEr{|HC1}hFHcXbfwQtBmt4XiniJQ&1?MwMJ@50gPjVLDW_n`q>-x*UlN zy4&y0Fy)Dy+qN^q0F7V2OQsH8-y0gepBW=F{MjqHf_5m)hBT@(RY0~NpKGtl-KuHG zuU5B>BU=m%`wFy6O3dN&5a`49$SU1t&At46=5{{O$f9z99$VTrKN&zPZMCYD$c(OsVj^k2njA#hGOj^!ikHN|~hYkc$5CU&NTn+SLp6 z<&=f~7F5>_FgCY^9~w9N5&I|i8tul@A846UM_heWYOK!Ck%4;E8qVyQ`}4Q(xRc7` z!QQ!dX+nz)Wu#V!Wq()#;gKIVJZFE7Ui7bG28W~ixD)F)Xqxy)<9LgX*hch;=9&)c zvN+oqBUZY~pf(@O`SZZPHPO@5a(yjSz#4$9^Ib!6!_3yPVt2T~@BlA^nCr<>$9Zy+ zkFR}OP&nYzxxNDXSj0EtWR%X0f^wm6(TM#!M?aZ5y^5IQQ48v|^_(MpekJ(QYO%?9 zA1D!so@zx7lerFCls*w?#S1o$Zds*AFGJSi{_VcJ(4W9ae|W-nWbBrp?6sNFkGspc z9hZ&b%oN<^n3Cxfu9JSn8Hq zLldgCvLr%#$n{_|_bWu&FyX_YU8){qv(S0QDO_0yWvtXa+uZ9^-FSQ}@@>0r?!MEA z`ogfbmCy7Ve5B0Bq4a63wFFVK`taCd6-=bsD(xW1i0{B{%da^ZabVfFy~hfzR0R&Q zMm5$QTau5lewI=@d|&U>Lhazsh@?;PL&});HX3s)d+t^Rox@FD=1FO~l$}AJ~PO4ZkIF;~U)bQvO3oE{_4+RXlQU@ed7#8`x%4xmRFKF4^Z@2zvEcWOD zdQb8MvFykuqhC^R{q}m~9y|Z}mI}YpwsLkxp?h~B2mcb=?B1U@$NSxhHpEr#xZs{(4O8O0)N1vidjL}pH0-Fwszi!cEYv$2cR$2JK;pFbtRH^(1$d!j13`k*Gs zQ(H!W6$`vrwas+(UuEr*NgNEVDHblT1`gvl+^tbwIck8Q=Dn?Ah_DP;Jl@zy#?l~xb27hQHEAqcI6cw$7ris@t(s0>-&%Xp z$8+O+Q@s{H+^pbjK9goHDooTi+Js(AVwtRf{y4vC_pXH`pp~FChvIpCsFF;$7r0j9T<}m z&UtEuZ|KNx`xOofLW&J+;pDMTr!Q)4J4ZrM||9enm5ik|xu;<{sO(rC#yG~9n-^)*sb_g4?-Dmy%-(B{YIu>8|>P|Tm< z9p3#`G~ik*f5q!>%9K_)Rz9;c>aR2E5bTAlA{7d}tPnFg*@^|F%=zgfUFMPK7Ui(z z6!j4Vh`t#MUpf_T4oYEfxxH7*ZX-3;nPfx3j#<2;%aG{{*$HfWG_T&VC9$a}8RqEX-KsAId|Gg_4vXIoN9nVe z5=8f=Jn!X^*!QlZ!#&HCnnQNDkr>1ZYA|Xk_6;_VrlW#1mpTm*&(%R5%cSrwelF>}U`Z)b z<~B#gWEaPbX{G^!lNxg`c?I>^@U{4`F4t)AvH$c<=E5Y`rYZ82evKrnZnO)bX`{6D z*3?Q%mz(5?aJ*y;Z!EP>zV_Troc)5HCS&7KAYN&&?j4$r)U>8@6MB+DACuV-8xs*(*LQ2u_m9j5;8 z9sfuqnDSEL@00*Qn&dwc2^2IE;D7geQ2(kV|8DiJLk|h4tJnOuK=Xeh{xjo$R literal 0 HcmV?d00001 diff --git a/digidoc4j/src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLTA.asice b/digidoc4j/src/test/resources/testFiles/invalid-containers/esteid2018signerAiaOcspLTA.asice new file mode 100644 index 0000000000000000000000000000000000000000..573ecd5a4c9ee6d3bd1002d8fb2a7b82512e919b GIT binary patch literal 10001 zcmaKyWl$Z=mS}+h2ZFo1OK^9BLvR8?5AN=8a0%`j+=9EiI~**yySqD+?^Vsc_f6GI zcXd_UUe$a5>K{ueQm2k2r2@(hhh=0c4EeIP68xv;_dlLhDdut0L z17{06TV_{VV+einLQV9GjDjSy zje)I&sfm*_le>*|R4glUFAJhXm5PUig@KszCjuH;K&T21BbCBzGnT#Q4CH4+gPV`% z`xi%0I}8xaV;XL)uVI(_)wPDE6PL%0rXge}7b)4IoAH@b%_QnZ8$VTYe%f?2&8EA2 z;3zfr<*?9?@tMC0XKHB4U!WA7;9~Are!a|i&oak<4tX)*yQ89ccj4}cCf!>4uNQnO zRb5%0;B)|$`MZ>}#DZgju=F&1_$XT*5<=e7)5I3Mk{kdoamJ^u`foxSkPs06d&>XR zP3@m7o!y-gMur*HA@bs9x6y;^$1~J|>tD%PnAw?ib93s8NxOKyqx}T|;M5I2M^XF@ zqy9VocQEeX(|^^{$->Omz}dyo#EIpfa-MlDyhYs|;y$A^0#(ZR@J%@li&m!($Phu7) z4`YN24w~h|o!(DkqQCg$_`c?n^g5x>pYguk4LQB+_Hd$Rc@!bwgo^eVkW%QWuM!!XVM84hb*nLPp1BDjefAAg& zYY+`x9mKhpgyz$R=O99jQF_OH-0q;rUZ2EBTtmw57!z%YV^g!@u_F@i;9*chC;t?e z+}uh@DF}0%SWb!2akrh6Ae%dx1t=YyHQ*|M-8}usaGwu*LY%{e`*A(q zkEC|raNnK9XrC--Nz(4q-l3(YLr9)gLsd^=qS7pq^|rniFpG8gJYodC`Mo^`8qs&X zn-{%Z-moB54`n*SY2imH6wvJM=v#zb7l-()FyysVaf{G#-zp0A8x6)!tj7 zD|O4;>my`$EtZME4}Y)kPZF0N&cLX-thQVJ)<9O;t3M~Q#FaKFdLiUz!pM(Bbl+y) z`?A&HUhuPC$~(B;USdAPh(tPVuCs-YZXC}o%nlBla%*J77i$=jgzcQlt#|QMPs(NJ zk4089P+zYKC^pW+C$(Nxb|g;DV?N$j%N4NZE#~RjG~|Yz$$YuzcT2jC7}|DLCOY8% z^kik2uw7bSoL0)f2hLYu7^#{=^!+zNxB&alu3NCvy4z@!!OXmq-+2C5Epd=D#!aTzPIT*2a-XBsq_ z3{iUpIG5@k%nyaE5d&E$BsnjnABUkt1Q{<;%h@z$**V;B7I?4 zn-QtS4TnkoAkzbiS@b~gPK;AUwe`7m^tdkWD4*j`Z(WJRefdJmvCj6S z76G-Dla|i#Z!N9mVsSeXoOX9Fu$fW?DR0O)NX}db%Dorc!%p-$=YIUf$)MQ%x3z38 z&8_KO@G6ygURI1jzyAmXyDQ zjUpqd_<6G5H)$dJ9`TJfyo zp!C(@X&l~YADRj(H?~09MNcQlDfhx>%V_u~Cf?itas>W8AzqWs*jDGZ)**Gc{=BLLzrI}h!N{y9BJmwMW(B|}lsyn8w|1R?MH}7+|Z>cWs zugweYQrpc#t-R!I5a(*MHst9$M&7T?E*af_lu^v^QG!A0_D$4P-QEep%UN@h*%h}+i#PD zGDeM~EFDLumB%O9&W9v4GE4U*cax^@8#x&I9wT)OLo_x+vNCo@+Z#siicbxDk|dF| zor{IC=KKu^EY*{TPz(hi8ivRQCR65p#iBcz{Fk&z?%wD{@N??-G|#;5sw$=ftNdrp zM@!eZD#U9c`akZEXC%z)FE~4}XqsGNt4{-6zT&~mFg^er0T!w&c4UWKBE1`DztGJ| z1OEkX-za*$j18bard|5eX;5eVLn8!XmM+JU9Z$FsiPGyQ$tB!7gz&eo(>=nmc4Hk? z&$f=hYyok*4_}v;4|3FA_Qc*cArF3Z*p(PB9767ZB#%H~baM}=MdNg^4=;ghf*tkR zh8ajDyRk7-mZTR^{eGGW4EBVh@&Du705kTU3-<}ebp&@;9F*{9JBKwPx!qIqU0fc>_Nb=S!=pU=AZLQg`?>?!+D|cd@UE{;R zsY(uy)A|MPJDV`(NpU!}zO9f2lxzpGRW9FTb1zGkK)z>)v#wxW4Pib+8XSuqG9sbd zK2D@`#kCKe%Y@C72`|p6gB_79yG6wghlw{5fv3PHkjL$!+dL}QS_Dyb1q$v@3EW>f zBwzUogkx#tec|d@-eL{KC8-QDBu`FQ zmqmEjjEHbq7wE%#83~7oIFOFbrdTW>lA0-KG)2mL%)1Ye^?8#S4y`n3i+vaE_+_(@F&kLLeDT>d zTM|$?bxZ)ik*!@O42I~%=L<_3jYFex4teCZt^zF@KYavT{eU74plJL~nX5{vo^T|y z*R#hSDj`4ZdiV<2uA4hAui=IWU}p@8C%bgj-GYX+JtO=Ak;!NM5#!%n=zotj6+>|m z&R6#9jkY7;ooLe5#>%vbdT1F<$bbY=-nMzU-y1rF@zO@Ag*?M;3;H1Qdp+yqofQJ{ zO_hDX_`MS)d`Y+RI(3=t_`YA}bR743WqM96EH3+tHfmKOsjs&p0&BE6L!RD{Ssg+e zew0H~bh;;;;M-^a5zZ?P9xnSA4xqL)_2%s^+WA3s#cKB&UUV*e%=3{6Bg_~;>T?tU zjT`=cmOZ20Vn9_*XTK)ShzfZCchDD>HycKzOtP+kSq;N$2%%o6gQu$rWei{_{C(1? z=r_+OE8)1z8BCqEtfirLzT`kbI25Zk`@AyTiL#R)P)3@Sc(gHh3_X-g-QIXHl;&O% zyvP|=bJ&vJtZ;Cv*kD{KCSOhFV*1vdoLmhCO7dzF#V|Z}57Mq=m&UeNA(fliZrFOcshJtl^ae1hCP+8KFT5)XCMYR_OFK*A1<&9N`QxxL1dy0LPSiq5{p+-yC*r(-AdMhZ#_#rSY>8!Og-_DY1y*wsKye?0(y0lIZtk!MgDqHP{-I z!5oXGc0{T-IENR6dZ=Q6Vt+~)%1}glFzz(CUVedNMHFe6jg_)ptcXckHdw6w(yN;m zfval9rBIyMtajaM+l22Ki9A7A!H_G0qM}6c0L^x`A*->WqKSQ3!zdEhM>oCcS{HUM}(mtwaL}_!b2gJZx zN>mflU?cP+p@?puCD<%xl||wNbEaGJvxD(`TpPwY;41Zv2{FC_q7-@;YY!Bb_s_@; zkj<;gJVjMA7sHf{M9^-X0088hZer$~#}k+=}T#Q;?RhA5Kc zE{b<`4BN}-(iA~HEsVx|KP@Mm`Gy5?$Btx*ahd0hGUH-RidU%$KWTPd0~L8*Dx;==D2cvcfTAn%SunUJ3CyMlB@1(l zo(&}ndCSmpGa?DvM<-n46)@C|MB#kx*@k(Ri+(kho3#5RRXE_2j}d;UOv89DL9=Og zxN)uQ6@o{vK7PX5Z*{4x;k#h=B%9-x|0%4Zw+=StpvBnI`ehx+cq!q5B4ba+N-^q4 zt*=SkZ>{GYhd0r$So0433GrfdX|Uju^bOWGQmG>Hp)oC_Q48bH&D+2u&Im>wEnI1q z$$f>MdWIyg>A8u;jFH|tCEvpmW1WG2n>h^nD?wGfj za$A`baH=|jK9}B*EXb-oDBKd@VTvESXZf?=OJHicFzlj({r8fxm+B%5~lQ&a2L(@epm z1J0dyAJ&(Jvtv)@39qe8?b~)?wsB9Hg{CgVBny3`iPp|;>EJY zVMSoE_eW&8Kv*>bFLWnFmv?ma&`j-_cLK*OAA$P(&%-z)Q{m9zlqjS~V)VEVTq=^i zKYc$$XY{SA`eC3}cOu3;m>D$1>joVjKFfM!{mE7AM@IE44L7&7IY8sZbdf54poY$? zw4&!~Tx&H<>bobImR2;%Ou2d-Y;Lmp;~AE>;y3k#8(=Gatd|#w;aqlE*)CU>>kj5knvuMG|$@y|?JvO*H{lrEx(FVB{=@o2iSO9)Xb7n33C2^!* zWl3=x*j9AvESTDKmq%OH=5xMc>8&!(e_6~Jh?=ZWs-~#5ytsjg&rW{#&8CU#e7(G~ z&Fw&r#xc0HmB<^DH(RRX7s7k8Wm4bG$|bQTppq{d?0|(2StK`7+N#wU&e%F`@?wDT zDTUi_)V?6WcKJD(PIS!aegK-*aykxkY0#kY%k#c@uZ_Uq?mP-pZ&aiMn@WLdy;Vzx zN#*oT5^%_xz}?at@98jAjo74QFImRgHa@yc;cQ})r@}R*LU9-i_yf``;iRGoMLQH^ zSvkmY=u4+!sO+{elo_Hj4w$HTAs1B;s=*usyRL5v~M= z*b4dCzkLn@!cF3^@a^veD)t?KlJ8&~_;QbODdFpc~EwZ0NWI=WL#qR*A^wb@T$Cj4|+p$ zA&GffDSlO`O~1(SLOsWo8K>LCl~yX^%fdSly%d&Q831&@NqfnCd@o{`Hn$6FuMo5b z#lW$%D{a|OzH5U%-N$sp@(?o^0mva2)4{*gWduk{y$`T_Fz5S#pPURRf!Z2 z6OUor*$^i7VY~HNmRF7$%7Y?0!e@~Li9D5vl$s0`!DtvtdK37OM4!D%i~W}#v~55m z)@_9ssi)t?ytBgZSRJsFqACjbB98opwSBBG{s^rwr>fKi5!u>PkKW)XGBJo?yRCT` zo22yk^UHgeW&)T6$TK^kJjC3|ocM6`YAM_d>fD{bmaWX0kjTrAFY2k@O|#nD5osYU z%?s1Bal@JzthynL`lVcUhDr-43 zqgv0-Jsy+pvCh=NpUfhB5C*f41(HSvGLONlZ*vi#T8#|K#2NqSgD-r8^oCEpy6MvZ z-KY|pW7XZ4=W0i}x>SyxQ)@O+q z4jDY+9Kq@@wezY%#HfePuVsaVC=B=%?2ObN6Sr}94eJMuXAY~MM^NJ3(n-53QKXLb z=skdSRMh%zOTg+ejtpz8s6UXo!IFJm7HPK44Cbv#NGW{$I(fOPx^=6xlP#_r?16sh zX9F9+yv!|=g38u1kzZp3{+`~hGAO~y{BweW7E5=|ZcN_MTmGo>PTf`3Zc>;hoK5P# zu+d!mf0(av75q8czoj!P&INsExg9S1^!ChqJVqwazyD0f?Tkz@Rr@C zFyXc&J^5ubLtdD}<=NUit4pJBpbAUxgM-j4*eIxA7v7$@C|+#;@q=wEAVlPmq;xI=hv&E9q}33LfAp1rG`NDak(f3&mS* znxpK1FJVLXXiVz##LjWMOviGhv*Y9f!^A=Z&X!x>A4=#i6Vnx~m60NujZpOzA9#`c z;z-Dto?n?3QF27apU>d!;E8G4dHcmO+G$=(>UFI^hsSb2tVAASHdh*5jpZqaenxt$ zH{8}_bKUV-Y^m<@$^k#X3ITqBCEInILFWc4jIQcY5-BoT^#mt+`G(ovO+G`)u#ljVo}#WF4~|Z0`~m+C#H-o zDL*-i8deY>JUGBh%RqJO(|jZ+)Y#(@{MJEhB;dQFOXo>JixOzt;|!rFW;c-a#A7Yr zl6&(>ZY(-3(A&okR z6Imykc*Cfpmc}n@U%L*6eFdEUM7`Q_HGWeyM0o|eQ$qJVcz??>nD161<|D21Q{{%z z-x{B^UKbuuf_UvH!9`tO$?*cDY;~dv_wLcK0@u+R09dNPZ^*Haqv*shhaKaAv!pm# ziB4I=uQaufVW&%=D4N>WuyRjwtL))tn%b){L~nA6?BPQ@6Pio$d*e!lQH-SoULHKf z{r4qLb4BCHV?IUWcdOz}jE=w{B_FAa(x%E}&<;9DW5VO8gdS%J{@iPsc=7%NMlKWr zznJ!qXA+xSp-#6N{#U2BYj)kfaVe;|GPz)-seU}dnJS!@+xt~fs0)l4;@pTT^qJuW zN`5Ur`|C;v_fGA=b2UoeL_e4%D@R58%(uhQvF0b~s1*@SSIpkj=T#9tJy95K#0C6I3%m{GJPCP!IMdR$C9+TD@rNMd zZtm?*m9Y`j>08%zU=OzLH9dVr7(BkpS}$h65*@VH*2&5sN{%*S)efmxH0EQvG*X|y zC)JJh!#!V0@P&q)^YMkb&>o64ZIn}o-B~Ha?$)xsYbG8K2$rEdlzTZ$$~twOt~$i- zlk!!}@GKE+gRkw*vo>0{56+)9^13{xVx~}rNxq}CVggs=ra0|mQ=WuwajbLl+ZW;6 zIw{M4XIIRN=ea{GlnpWGEHo&Tg<*JT{pIA5EP?7&u9Je{V~p5E%|SiY379?#0STbifJo$Fw1 z-~w~%FQ_OMY*RMNXwiQyxya9Fc-C@Wa@xGNkFb38ZlV)#t82eX7S!Qj@*N^xPvf|p zxW%&@s{z(TZUn;kLVmR;q}6*Vf{6H3L>#SrC6rE^=iPk&@YMW~K?r;!XjbY>G1)-~ zdMqS-`KB%uCkPtCz#H>r*vT5nYEJ=O>z$AAKhm6CDK771*AEF>D7w#NT^0y#$$)wj z?#16nR)w`=_O$U{3eFd-Zpj%mQ@|_S7dA^$dUwFt^lh+@$L$qu=6H&92{~&Nxz`@H zM>Frn*C361A;(Q8Tke<9eP9VR0tciD+*usCI>a!aYTGzzDXzLPew$C5ALG$!JVR+D zsXcS&uQ{8x3GzF~=`K$Xo)P(9TRM{G1>sgUc?U#Q-zv=L*7X4vFOOQ$nIf;Xx$HF>n zw5=%I!{3Gdqcrhc2+rS-50bvLC8qkBHsw{t#qHLW;~u-Mvz_XvJh4*qCEtm;D)~&Pf32(&f#EHB>>z!T z?#!dbCBIjU8r)b=9|%Xt2LJrU8kI9gP`}SD^{I`qa${uNa6m)j0xkr7Y9j>QPP2Ki z%Sd^1&0zVZdtbxf;@(IfKe}vn^PGilr#1gru9SOdp7ba_c@nv-Vm>N>o}r1YvN#s6 zsGPMp6Bl+zv*p`RnLQj$-K`W(rYjk2_{dqmcTf_;#XgruV~Ik7*`#&Cl(s6-2{_gf zD@OBmNz}9j?=5Pd&5*KoB>dWSH+J+~*B(XgF5lmJRw0U2l=Nb?50fEvC|{)sND zYG{~`N%TfkuM<~B=s19uL!P_iVoH<6lB=ut3>2pC?cP8s;2iGPozCdXU8D-ullfhy z1@DGmMp09auhtysxc}=!b32U<3!k1&?W)m%bFE{wRp@hhBoJFYs$_1tbN6RQ3YQA5 zn!Aem93ItY&N!+o&pb|-Id^oUq+Zb{)k1=&Kx-KGj;1QQlZ!pj1fQ31)z;0QkgXJf z!}K2H>)*>E?x<(I|w8e{N!CXk+wJhw}l<^{&o69)x$WCj@8Q33yG_ti`6D;NOu>Osv?b;mndes zmAk!Ldun{S-l&JYL_9->n}*k&N_Ea-s+=6BUgAAqAM9b({xlCoT(sE|m3a{zUCe>~C`} zD@djAbL&5ytC>jp_J&ki-Ww)!w$0YV{pmW-aa``zBwOoyHNJ;{gPG?^x|{d{MKV?v zL;A-I`J6@U>6zD)sfojz4X8Nb7Lxbg&KZ4vJBZPhKNQ3T+o2QH>#v^A&&_2FKQD~A z+?&%c9g+-yoj+TNZ7k25Y)Y92 z)t!$J4ZQcy_N|yUapX96{W%faH+?LOJhh6AUUEx%3dKvX>A%-{!>Ak=RDWINNR&i} z%mvqKLkBU&@(sv>0(&TE$*~wHDSLIBGKn9>M4yyJa@3i&D8gF!_e7d zdP0;WTEzyOac9c=1|Fd^cEwe9|Nf4Rcn^B6C@wulFg?L=FHn}G8oq8E+pLZ}Wat9O_~i?-pW3;ZbU_3OLT$YLKlxP5U_k{ONkJ zO}a5s@D!jVBej*vDq_dI#V*j0~l;dA0JTY^KBM8Z82# z6uC&Ge@Y6AL-%<7*dY^*rE3ktxb{6dUd=vP?&_K29X^NUxi~~ViSzrtq-@La#z?=` zYt8RwRK;%geb_O3ARo%#3y}$569{|8zj$_0=Hv^^e0e!u-OxCA@8o-Um}}{(nt1bd zcd>n6(8=7fl&Ve9=T*#rj?*~~4nvs+E_&2pp3nqu@sa4Wv zNn{?N5j)AzkJf%{8yP_(VliXIRdQSuqnsd%Z>kNHx_k<@U!vx>ZOg`f3BW2W*{Eb- z#$AXHgx;nr2b&vRn+RHZMd#04_9L}mpEH+G_^K}o@)x;lFC-4 zdAj|YY=al|BLD2ylQ!eJBF{Z_wh#;|JJoUPWp~6(rCs1RiIeP-8LV(>fxOo8;Bhmo zYT8y;7Mu}Rb&zrU0z2Fw`rJgw=pnVU$C`ra!8|_pNK-W-NTHk^ws7Ht1%Lg<%qH6T z!6{P(thhZoNnH2FB7S{5ZR7KO>H5bRDk7UJKmRKYJ*xiW3_(JDhWOt#E~LNa(7)S% zOI_b&zLJVtm|2M18F5(tgTRFNx5V|IuG2pf*S`@Ge^>v~kp5HY`agO9sW|;(Nd23~ z^Vg>OZ(r*FMEqyQ|F}^9M#TL^{Od{o!;JbLNEq0^kr2>-JKf))0jhs6|KFAW0t-|! A&;S4c literal 0 HcmV?d00001 From 27cdbbfd1b8c064953e4c3e2558c2f8799cae671 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Tue, 2 Mar 2021 13:47:12 +0200 Subject: [PATCH 17/45] DD4J-275 zip-bomb validation --- .../impl/asic/AsicContainerParser.java | 39 +++++-- .../impl/asic/AsicFileContainerParser.java | 49 ++++++--- .../impl/asic/AsicStreamContainerParser.java | 58 ++++++---- .../digidoc4j/utils/ZipEntryInputStream.java | 99 ++++++++++------- .../java/org/digidoc4j/ConfigurationTest.java | 2 +- .../org/digidoc4j/ContainerBuilderTest.java | 102 ++++++++++++------ .../org/digidoc4j/ContainerOpenerTest.java | 31 ++++++ .../impl/asic/EntryValidatorTest.java | 54 ++++++++++ .../utils/ZipEntryInputStreamTest.java | 2 +- .../zip-bomb-package-zip-1gb.bdoc | Bin 0 -> 1045679 bytes .../zip-bomb-package-zip.asics | Bin 0 -> 6664 bytes .../invalid-containers/zip-bomb.asice | Bin 0 -> 48545 bytes 12 files changed, 319 insertions(+), 117 deletions(-) create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/asic/EntryValidatorTest.java create mode 100644 digidoc4j/src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc create mode 100644 digidoc4j/src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip.asics create mode 100644 digidoc4j/src/test/resources/testFiles/invalid-containers/zip-bomb.asice diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerParser.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerParser.java index 0593a7038..93a7b106f 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerParser.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerParser.java @@ -1,16 +1,17 @@ /* DigiDoc4J library -* -* This software is released under either the GNU Library General Public -* License (see LICENSE.LGPL). -* -* Note that the only valid version of the LGPL license as far as this -* project is concerned is the original GNU Library General Public License -* Version 2.1, February 1999 -*/ + * + * This software is released under either the GNU Library General Public + * License (see LICENSE.LGPL). + * + * Note that the only valid version of the LGPL license as far as this + * project is concerned is the original GNU Library General Public License + * Version 2.1, February 1999 + */ package org.digidoc4j.impl.asic; import eu.europa.esig.dss.model.DSSDocument; +import eu.europa.esig.dss.model.DSSException; import eu.europa.esig.dss.model.InMemoryDocument; import eu.europa.esig.dss.model.MimeType; import org.apache.commons.io.IOUtils; @@ -72,6 +73,12 @@ public abstract class AsicContainerParser { private boolean mimeTypeFound = false; private long maxDataFileCachedInBytes; private DataFile timestampToken; + protected static final long ZIP_ENTRY_THRESHOLD = 1000000; // 1 MB + /** + * Maximum compression ratio. + */ + protected static final long ZIP_ENTRY_RATIO = 50; + protected AsicContainerParser(Configuration configuration) { this.configuration = configuration; @@ -81,6 +88,7 @@ protected AsicContainerParser(Configuration configuration) { /** * Method for parsing and validating ASiC container. + * * @return parsing result */ public AsicParseResult read() { @@ -173,12 +181,21 @@ private DSSDocument extractStreamDocument(ZipEntry entry) { logger.debug("Zip entry size is <{}> bytes", entry.getSize()); MimeType mimeTypeCode = MimeTypeUtil.mimeTypeOf(this.getDataFileMimeType(entry.getName())); if (this.storeDataFilesOnlyInMemory || entry.getSize() <= this.maxDataFileCachedInBytes) { - return new InMemoryDocument(this.getZipEntryInputStream(entry), entry.getName(), mimeTypeCode); + return new InMemoryDocument(toByteArray(this.getZipEntryInputStream(entry)), entry.getName(), mimeTypeCode); } else { return new StreamDocument(this.getZipEntryInputStream(entry), entry.getName(), mimeTypeCode); } } + private byte[] toByteArray(InputStream inputStream) { + try { + return IOUtils.toByteArray(inputStream); + } catch (IOException e) { + logger.error(e.getMessage()); + throw new TechnicalException(e.getMessage()); + } + } + protected AsicEntry extractAsicEntry(ZipEntry entry) { logger.debug("Extracting asic entry"); DSSDocument document = extractStreamDocument(entry); @@ -217,10 +234,10 @@ protected String getDataFileMimeType(String fileName) { private void validateParseResult() { if (!StringUtils.equalsIgnoreCase(MimeType.ASICE.getMimeTypeString(), mimeType) - && !StringUtils.equalsIgnoreCase(MimeType.ASICS.getMimeTypeString(), mimeType)) { + && !StringUtils.equalsIgnoreCase(MimeType.ASICS.getMimeTypeString(), mimeType)) { logger.error("Container mime type is not " + MimeType.ASICE.getMimeTypeString() + " but is " + mimeType); throw new UnsupportedFormatException("Container mime type is not " + MimeType.ASICE.getMimeTypeString() - + " OR " + MimeType.ASICS.getMimeTypeString() + " but is " + mimeType); + + " OR " + MimeType.ASICS.getMimeTypeString() + " but is " + mimeType); } if (!this.signatures.isEmpty() && this.dataFiles.isEmpty()) { throw new ContainerWithoutFilesException("The reference data object(s) is not found!"); diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicFileContainerParser.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicFileContainerParser.java index 0e2c1070f..4caa8a321 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicFileContainerParser.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicFileContainerParser.java @@ -1,28 +1,29 @@ /* DigiDoc4J library -* -* This software is released under either the GNU Library General Public -* License (see LICENSE.LGPL). -* -* Note that the only valid version of the LGPL license as far as this -* project is concerned is the original GNU Library General Public License -* Version 2.1, February 1999 -*/ + * + * This software is released under either the GNU Library General Public + * License (see LICENSE.LGPL). + * + * Note that the only valid version of the LGPL license as far as this + * project is concerned is the original GNU Library General Public License + * Version 2.1, February 1999 + */ package org.digidoc4j.impl.asic; -import java.io.IOException; -import java.io.InputStream; -import java.util.Enumeration; -import java.util.zip.ZipEntry; -import java.util.zip.ZipFile; - +import eu.europa.esig.dss.model.FileDocument; +import eu.europa.esig.dss.model.InMemoryDocument; +import eu.europa.esig.dss.spi.DSSUtils; import org.apache.commons.io.IOUtils; import org.digidoc4j.Configuration; import org.digidoc4j.exceptions.TechnicalException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import eu.europa.esig.dss.model.InMemoryDocument; +import java.io.IOException; +import java.io.InputStream; +import java.util.Enumeration; +import java.util.zip.ZipEntry; +import java.util.zip.ZipFile; /** * ASIC file container parser @@ -31,6 +32,7 @@ public class AsicFileContainerParser extends AsicContainerParser { private static final Logger logger = LoggerFactory.getLogger(AsicFileContainerParser.class); private ZipFile zipFile; + private long containerSize; /** * @param containerPath path @@ -39,6 +41,7 @@ public class AsicFileContainerParser extends AsicContainerParser { public AsicFileContainerParser(String containerPath, Configuration configuration) { super(configuration); try { + this.containerSize = DSSUtils.getFileByteSize(new FileDocument(containerPath)); zipFile = new ZipFile(containerPath); } catch (IOException e) { logger.error("Error reading container from " + containerPath + " - " + e.getMessage()); @@ -56,13 +59,29 @@ protected void parseContainer() { Enumeration entries = zipFile.entries(); while (entries.hasMoreElements()) { ZipEntry zipEntry = entries.nextElement(); + verifyIfZipBomb(getZipEntryInputStream(zipEntry)); parseEntry(zipEntry); } + } catch (IOException e) { + throw new TechnicalException("Zip Bomb detected in the ZIP container. Validation is interrupted."); } finally { IOUtils.closeQuietly(zipFile); } } + private void verifyIfZipBomb(InputStream inputStream) throws IOException { + byte[] data = new byte[2048]; + int nRead; + int byteCounter = 0; + long allowedSize = containerSize * ZIP_ENTRY_RATIO; + while ((nRead = inputStream.read(data)) != -1) { + byteCounter += nRead; + if (byteCounter > ZIP_ENTRY_THRESHOLD && byteCounter > allowedSize) { + throw new TechnicalException("Zip Bomb detected in the ZIP container. Validation is interrupted."); + } + } + } + @Override protected void extractManifest(ZipEntry entry) { extractAsicEntry(entry); diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicStreamContainerParser.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicStreamContainerParser.java index 20054f796..36550d159 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicStreamContainerParser.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicStreamContainerParser.java @@ -1,21 +1,17 @@ /* DigiDoc4J library -* -* This software is released under either the GNU Library General Public -* License (see LICENSE.LGPL). -* -* Note that the only valid version of the LGPL license as far as this -* project is concerned is the original GNU Library General Public License -* Version 2.1, February 1999 -*/ + * + * This software is released under either the GNU Library General Public + * License (see LICENSE.LGPL). + * + * Note that the only valid version of the LGPL license as far as this + * project is concerned is the original GNU Library General Public License + * Version 2.1, February 1999 + */ package org.digidoc4j.impl.asic; -import java.io.IOException; -import java.io.InputStream; -import java.util.zip.ZipEntry; -import java.util.zip.ZipInputStream; - import org.apache.commons.io.IOUtils; +import org.apache.commons.io.input.CountingInputStream; import org.digidoc4j.Configuration; import org.digidoc4j.DataFile; import org.digidoc4j.exceptions.TechnicalException; @@ -24,6 +20,11 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.io.IOException; +import java.io.InputStream; +import java.util.zip.ZipEntry; +import java.util.zip.ZipInputStream; + /** * ASIC container parser from input stream */ @@ -31,14 +32,18 @@ public class AsicStreamContainerParser extends AsicContainerParser { private static final Logger logger = LoggerFactory.getLogger(AsicStreamContainerParser.class); private ZipInputStream zipInputStream; + private long entryOffset; + private static final int BUFFER_SIZE = 512; + CountingInputStream countingInputStream; /** - * @param inputStream input stream + * @param inputStream input stream * @param configuration configuration */ public AsicStreamContainerParser(InputStream inputStream, Configuration configuration) { super(configuration); - zipInputStream = new ZipInputStream(inputStream); + this.countingInputStream = new CountingInputStream(inputStream); + zipInputStream = new ZipInputStream(this.countingInputStream); } @Override @@ -51,9 +56,11 @@ private void parseZipStream() { logger.debug("Parsing zip stream"); try { ZipEntry entry; - while ((entry = zipInputStream.getNextEntry()) != null) { - parseEntry(entry); - } + + while ((entry = zipInputStream.getNextEntry()) != null) { + this.entryOffset = this.countingInputStream.getByteCount(); + parseEntry(entry); + } } catch (IOException e) { logger.error("Error reading asic container stream: " + e.getMessage()); throw new TechnicalException("Error reading asic container stream: ", e); @@ -78,6 +85,19 @@ protected void extractManifest(ZipEntry entry) { @Override protected InputStream getZipEntryInputStream(ZipEntry entry) { - return new ZipEntryInputStream(zipInputStream); + return new ZipEntryInputStream(zipInputStream, new EntryValidator()::validate); } + + protected class EntryValidator { + public void validate(long unCompressed) throws IOException { + long compressed = countingInputStream.getByteCount() - entryOffset; + if (compressed < BUFFER_SIZE) { + compressed = BUFFER_SIZE; + } + if (unCompressed > ZIP_ENTRY_THRESHOLD && compressed * ZIP_ENTRY_RATIO < unCompressed) { + throw new IOException("Zip Bomb detected in the ZIP container. Validation is interrupted."); + } + } + } + } diff --git a/digidoc4j/src/main/java/org/digidoc4j/utils/ZipEntryInputStream.java b/digidoc4j/src/main/java/org/digidoc4j/utils/ZipEntryInputStream.java index 59a609196..619b4e202 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/utils/ZipEntryInputStream.java +++ b/digidoc4j/src/main/java/org/digidoc4j/utils/ZipEntryInputStream.java @@ -10,55 +10,76 @@ */ public class ZipEntryInputStream extends InputStream { - private final ZipInputStream zipInputStream; + private final ZipInputStream zipInputStream; + private final ThrowingConsumer validator; + private int counter; - public ZipEntryInputStream(ZipInputStream zipInputStream) { - this.zipInputStream = zipInputStream; - } + public ZipEntryInputStream(ZipInputStream zipInputStream, ThrowingConsumer validator) { + this.zipInputStream = zipInputStream; + this.validator = validator; + } - @Override - public int available() throws IOException { - return zipInputStream.available(); - } + @Override + public int available() throws IOException { + return zipInputStream.available(); + } - @Override - public void close() throws IOException { - zipInputStream.closeEntry(); - } + @Override + public void close() throws IOException { + zipInputStream.closeEntry(); + } - @Override - public void mark(int readlimit) { - zipInputStream.mark(readlimit); - } + @Override + public void mark(int readlimit) { + zipInputStream.mark(readlimit); + } - @Override - public boolean markSupported() { - return zipInputStream.markSupported(); - } + @Override + public boolean markSupported() { + return zipInputStream.markSupported(); + } - @Override - public int read() throws IOException { - return zipInputStream.read(); - } + @Override + public int read() throws IOException { + int result = zipInputStream.read(); + checkEntry(result); + return result; + } - @Override - public int read(byte[] b) throws IOException { - return zipInputStream.read(b); - } + @Override + public int read(byte[] b) throws IOException { + int result = zipInputStream.read(b); + checkEntry(result); + return result; + } - @Override - public int read(byte[] b, int off, int len) throws IOException { - return zipInputStream.read(b, off, len); - } + @Override + public int read(byte[] b, int off, int len) throws IOException { + int result = zipInputStream.read(b, off, len); + checkEntry(result); + return result; + } - @Override - public void reset() throws IOException { - zipInputStream.reset(); - } + @Override + public void reset() throws IOException { + zipInputStream.reset(); + } - @Override - public long skip(long n) throws IOException { - return zipInputStream.skip(n); + @Override + public long skip(long n) throws IOException { + return zipInputStream.skip(n); + } + + private void checkEntry(int result) throws IOException { + if (validator != null) { + counter += result; + validator.accept(counter); } + } + + @FunctionalInterface + public interface ThrowingConsumer { + void accept(T t) throws E; + } } diff --git a/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java b/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java index 09097fb74..b5cc2ce8f 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java @@ -256,7 +256,7 @@ public void TSLIsLoadedAfterSettingNewTSLLocation() { BDocContainer container = (BDocContainer) ContainerBuilder.aContainer(BDOC_CONTAINER_TYPE) .withConfiguration(this.configuration).build(); container.getConfiguration().getTSL(); - Assert.assertEquals(14, container.getConfiguration().getTSL().getCertificates().size()); + Assert.assertEquals(15, container.getConfiguration().getTSL().getCertificates().size()); try { int tenSeconds = 10000; String tslHost = "10.0.25.57"; diff --git a/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java b/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java index f149f8a5a..0274eb068 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ContainerBuilderTest.java @@ -15,6 +15,7 @@ import org.apache.commons.lang3.StringUtils; import org.digidoc4j.exceptions.InvalidDataFileException; import org.digidoc4j.exceptions.NotSupportedException; +import org.digidoc4j.exceptions.TechnicalException; import org.digidoc4j.impl.asic.asice.AsicEContainer; import org.digidoc4j.impl.asic.asice.bdoc.BDocContainer; import org.digidoc4j.impl.ddoc.DDocContainer; @@ -28,6 +29,8 @@ import java.io.ByteArrayInputStream; import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.util.zip.ZipFile; @@ -69,9 +72,9 @@ public void buildBDocContainerWithDataFiles() throws Exception { File testFile2 = this.createTemporaryFileBy("testFile2.txt", "TEST"); LargeDataFile largeDataFile = new LargeDataFile(new ByteArrayInputStream(new byte[]{1, 2, 3}), "largeStreamFile.txt", "text/plain"); Container container = ContainerBuilder.aContainer().withDataFile(testFile1.getPath(), "text/plain"). - withDataFile(new ByteArrayInputStream(new byte[]{1, 2, 3}), "streamFile.txt", "text/plain"). - withDataFile(this.createTemporaryFileBy("ExampleFile.txt", "TEST"), "text/plain"). - withDataFile(new DataFile(testFile2.getPath(), "text/plain")).withDataFile(largeDataFile).build(); + withDataFile(new ByteArrayInputStream(new byte[]{1, 2, 3}), "streamFile.txt", "text/plain"). + withDataFile(this.createTemporaryFileBy("ExampleFile.txt", "TEST"), "text/plain"). + withDataFile(new DataFile(testFile2.getPath(), "text/plain")).withDataFile(largeDataFile).build(); Assert.assertEquals(5, container.getDataFiles().size()); Assert.assertEquals("testFile.txt", container.getDataFiles().get(0).getName()); Assert.assertEquals("streamFile.txt", container.getDataFiles().get(1).getName()); @@ -88,7 +91,7 @@ public void buildContainer_withNullFilePath_shouldThrowException() throws Except @Test(expected = InvalidDataFileException.class) public void buildContainer_withStreamDocAndNullFileName_shouldThrowException() throws Exception { ContainerBuilder.aContainer().withDataFile(new ByteArrayInputStream(new byte[]{1, 2, 3}), null, "text/plain"). - build(); + build(); } @Test(expected = InvalidDataFileException.class) @@ -99,7 +102,7 @@ public void buildContainer_withNullMimeType_shouldThrowException() throws Except @Test public void buildContainer_withInvalidMimeType_shouldSucceed() { Container container = ContainerBuilder.aContainer(). - withDataFile("src/test/resources/testFiles/helper-files/test.txt", "application\\rtf").build(); + withDataFile("src/test/resources/testFiles/helper-files/test.txt", "application\\rtf").build(); Assert.assertTrue(container.validate().isValid()); } @@ -178,8 +181,8 @@ public void overrideExistingBDocContainerImplementation() throws Exception { public void useExtendedBDocContainerImplementation() throws Exception { ContainerBuilder.setContainerImplementation("BDOC", BDocContainer.class); Container container = ContainerBuilder. - aContainer("BDOC"). - build(); + aContainer("BDOC"). + build(); Assert.assertEquals("BDOC-EXTENDED", container.getType()); } @@ -196,7 +199,7 @@ public void createCustomContainerWithConfiguration() throws Exception { this.configuration = Configuration.of(Configuration.Mode.TEST); ContainerBuilder.setContainerImplementation("TEST-FORMAT", CustomContainer.class); Container container = ContainerBuilder.aContainer("TEST-FORMAT"). - withConfiguration(this.configuration).build(); + withConfiguration(this.configuration).build(); Assert.assertEquals("TEST-FORMAT", container.getType()); Assert.assertSame(this.configuration, ((CustomContainer) container).getConfiguration()); } @@ -206,7 +209,7 @@ public void createCustomContainerWithCustomConfiguration() throws Exception { ContainerBuilder.setContainerImplementation("TEST-FORMAT", CustomContainer.class); CustomConfiguration configuration = new CustomConfiguration(); Container container = ContainerBuilder.aContainer("TEST-FORMAT"). - withConfiguration(configuration).build(); + withConfiguration(configuration).build(); Assert.assertEquals("TEST-FORMAT", container.getType()); Assert.assertSame(configuration, ((CustomContainer) container).getConfiguration()); } @@ -222,7 +225,7 @@ public void openDefaultContainerFromFileWithConfiguration() throws Exception { this.configuration = new Configuration(Configuration.Mode.TEST); this.configuration.setTspSource("test-value"); Container container = ContainerBuilder.aContainer().withConfiguration(this.configuration). - fromExistingFile(BDOC_WITH_TM_SIG).build(); + fromExistingFile(BDOC_WITH_TM_SIG).build(); TestAssert.assertContainerIsOpened(container, Container.DocumentType.BDOC); Assert.assertEquals("test-value", ((BDocContainer) container).getConfiguration().getTspSource()); } @@ -254,7 +257,7 @@ public void openCustomContainerFromFile_withConfiguration() throws Exception { File testFile = this.createTemporaryFileBy("testFile.txt", "TEST"); ContainerBuilder.setContainerImplementation("TEST-FORMAT", CustomContainer.class); Container container = ContainerBuilder.aContainer("TEST-FORMAT").withConfiguration(this.configuration). - fromExistingFile(testFile.getPath()).build(); + fromExistingFile(testFile.getPath()).build(); Assert.assertEquals("TEST-FORMAT", container.getType()); Assert.assertEquals(testFile.getPath(), ((CustomContainer) container).getOpenedFromFile()); Assert.assertSame(this.configuration, ((CustomContainer) container).getConfiguration()); @@ -266,7 +269,7 @@ public void openCustomContainerFromFile_withCustomConfiguration() throws Excepti File testFile = this.createTemporaryFileBy("testFile.txt", "TEST"); ContainerBuilder.setContainerImplementation("TEST-FORMAT", CustomContainer.class); Container container = ContainerBuilder.aContainer("TEST-FORMAT").withConfiguration(configuration). - fromExistingFile(testFile.getPath()).build(); + fromExistingFile(testFile.getPath()).build(); Assert.assertEquals("TEST-FORMAT", container.getType()); Assert.assertEquals(testFile.getPath(), ((CustomContainer) container).getOpenedFromFile()); Assert.assertSame(configuration, ((CustomContainer) container).getConfiguration()); @@ -301,8 +304,8 @@ public void openBDocContainerFromStream_withConfiguration() throws Exception { this.configuration.setTspSource("test-value"); InputStream stream = FileUtils.openInputStream(new File(BDOC_WITH_TM_SIG)); Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC). - withConfiguration(this.configuration). - fromStream(stream).build(); + withConfiguration(this.configuration). + fromStream(stream).build(); TestAssert.assertContainerIsOpened(container, Container.DocumentType.BDOC); assertBDocContainer(container); Assert.assertEquals("test-value", container.getConfiguration().getTspSource()); @@ -312,9 +315,9 @@ public void openBDocContainerFromStream_withConfiguration() throws Exception { public void openBDocContainerWithBEpesSignatureFromStream_withConfiguration() throws Exception { InputStream stream = FileUtils.openInputStream(new File(BDOC_WITH_B_EPES_SIG)); Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC) - .withConfiguration(this.configuration) - .fromStream(stream) - .build(); + .withConfiguration(this.configuration) + .fromStream(stream) + .build(); TestAssert.assertContainerIsOpened(container, Container.DocumentType.BDOC); assertBDocContainer(container); assertBEpesSignature(container.getSignatures().get(0)); @@ -400,7 +403,7 @@ public void openDDocContainerFromStream_withConfiguration() throws Exception { this.configuration = Configuration.of(Configuration.Mode.TEST); try (InputStream stream = FileUtils.openInputStream(new File(DDOC_TEST_FILE))) { Container container = ContainerBuilder.aContainer(DDOC).withConfiguration(this.configuration). - fromStream(stream).build(); + fromStream(stream).build(); TestAssert.assertContainerIsOpened(container, DDOC); Assert.assertSame(this.configuration, ((DDocContainer) container).getDDoc4JFacade().getConfiguration()); } @@ -410,7 +413,7 @@ public void openDDocContainerFromStream_withConfiguration() throws Exception { public void openDefaultContainerFromStream_withDDOC() throws Exception { InputStream stream = FileUtils.openInputStream(new File(DDOC_TEST_FILE)); Container container = ContainerBuilder.aContainer().withConfiguration(Configuration.of(Configuration.Mode.TEST)). - fromStream(stream).build(); + fromStream(stream).build(); TestAssert.assertContainerIsOpened(container, DDOC); } @@ -429,7 +432,7 @@ public void openCustomContainerFromStream_withConfiguration() throws Exception { InputStream stream = FileUtils.openInputStream(this.createTemporaryFileBy("testFile.txt", "TEST")); ContainerBuilder.setContainerImplementation("TEST-FORMAT", CustomContainer.class); Container container = ContainerBuilder.aContainer("TEST-FORMAT").withConfiguration(this.configuration). - fromStream(stream).build(); + fromStream(stream).build(); Assert.assertEquals("TEST-FORMAT", container.getType()); Assert.assertSame(stream, ((CustomContainer) container).getOpenedFromStream()); Assert.assertSame(this.configuration, ((CustomContainer) container).getConfiguration()); @@ -441,7 +444,7 @@ public void openCustomContainerFromStream_withCustomConfiguration() throws Excep InputStream stream = FileUtils.openInputStream(this.createTemporaryFileBy("testFile.txt", "TEST")); ContainerBuilder.setContainerImplementation("TEST-FORMAT", CustomContainer.class); Container container = ContainerBuilder.aContainer("TEST-FORMAT").withConfiguration(this.configuration). - fromStream(stream).build(); + fromStream(stream).build(); Assert.assertEquals("TEST-FORMAT", container.getType()); Assert.assertSame(stream, ((CustomContainer) container).getOpenedFromStream()); Assert.assertSame(this.configuration, ((CustomContainer) container).getConfiguration()); @@ -452,8 +455,8 @@ public void openDDocContainerWithTempDirectory() throws Exception { File folder = this.testFolder.newFolder(); Assert.assertTrue(folder.list().length == 0); ContainerBuilder.aContainer(DDOC). - fromExistingFile("src/test/resources/testFiles/valid-containers/ddoc_for_testing.ddoc"). - usingTempDirectory(folder.getPath()).build(); + fromExistingFile("src/test/resources/testFiles/valid-containers/ddoc_for_testing.ddoc"). + usingTempDirectory(folder.getPath()).build(); Assert.assertTrue(folder.list().length > 0); } @@ -462,8 +465,8 @@ public void openDDocContainerWithTempDirectoryAndConfiguration() throws Exceptio File folder = this.testFolder.newFolder(); Assert.assertTrue(folder.list().length == 0); ContainerBuilder.aContainer(DDOC). - fromExistingFile("src/test/resources/testFiles/valid-containers/ddoc_for_testing.ddoc"). - withConfiguration(Configuration.of(Configuration.Mode.TEST)).usingTempDirectory(folder.getPath()).build(); + fromExistingFile("src/test/resources/testFiles/valid-containers/ddoc_for_testing.ddoc"). + withConfiguration(Configuration.of(Configuration.Mode.TEST)).usingTempDirectory(folder.getPath()).build(); Assert.assertTrue(folder.list().length > 0); } @@ -473,7 +476,7 @@ public void openDDocContainerFromStreamWithTempDirectory() throws Exception { Assert.assertTrue(folder.list().length == 0); InputStream stream = FileUtils.openInputStream(new File(DDOC_TEST_FILE)); ContainerBuilder.aContainer(DDOC).fromStream(stream). - usingTempDirectory(folder.getPath()).build(); + usingTempDirectory(folder.getPath()).build(); Assert.assertTrue(folder.list().length > 0); } @@ -483,26 +486,63 @@ public void openDDocContainerFromStreamWithTempDirectoryAndConfiguration() throw Assert.assertTrue(folder.list().length == 0); InputStream stream = FileUtils.openInputStream(new File(DDOC_TEST_FILE)); ContainerBuilder.aContainer(DDOC).withConfiguration(Configuration.of(Configuration.Mode.TEST)) - .fromStream(stream).usingTempDirectory(folder.getPath()).build(); + .fromStream(stream).usingTempDirectory(folder.getPath()).build(); Assert.assertTrue(folder.list().length > 0); } @Test public void openBOMBeginningDDocContainerFromPath() { Container container = ContainerBuilder.aContainer() - .fromExistingFile("src/test/resources/testFiles/valid-containers/BOM_algusega.ddoc") - .build(); + .fromExistingFile("src/test/resources/testFiles/valid-containers/BOM_algusega.ddoc") + .build(); Assert.assertTrue(container.validate().isValid()); } @Test public void openBOMBeginningDDocContainerFromStream() throws IOException { Container container = ContainerBuilder.aContainer() - .fromStream(FileUtils.openInputStream(new File("src/test/resources/testFiles/valid-containers/BOM_algusega.ddoc"))) - .build(); + .fromStream(FileUtils.openInputStream(new File("src/test/resources/testFiles/valid-containers/BOM_algusega.ddoc"))) + .build(); Assert.assertTrue(container.validate().isValid()); } + @Test + public void containerBuilder_streamWithZipBomb() throws FileNotFoundException { + this.expectedException.expect(TechnicalException.class); + this.expectedException.expectMessage("Zip Bomb detected in the ZIP container. Validation is interrupted."); + ContainerBuilder.aContainer(). + fromStream(new FileInputStream("src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc")).build(); + } + + @Test + public void containerBuilder_fileWithZipBomb() { + this.expectedException.expect(TechnicalException.class); + this.expectedException.expectMessage("Zip Bomb detected in the ZIP container. Validation is interrupted."); + ContainerBuilder.aContainer(). + fromExistingFile("src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc").build(); + } + + @Test + public void containerBuilder_streamWithNestedZipBomb_multipleFiles() throws FileNotFoundException { + Container container = ContainerBuilder.aContainer(). + fromStream(new FileInputStream("src/test/resources/testFiles/invalid-containers/zip-bomb.asice")).build(); + Assert.assertEquals(17, container.getDataFiles().size()); + } + + @Test + public void containerBuilder_fileWithNestedZipBomb_multipleFiles() { + Container container = ContainerBuilder.aContainer(). + fromExistingFile("src/test/resources/testFiles/invalid-containers/zip-bomb.asice").build(); + Assert.assertEquals(17, container.getDataFiles().size()); + } + + @Test + public void containerBuilder_streamWithNestedZipBomb() throws FileNotFoundException { + Container container = ContainerBuilder.aContainer(). + fromStream(new FileInputStream("src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip.asics")).build(); + Assert.assertEquals(1, container.getDataFiles().size()); + } + /* * RESTRICTED METHODS */ diff --git a/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java b/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java index 238d09391..579ef768e 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java @@ -12,6 +12,7 @@ import org.apache.commons.io.FileUtils; import org.digidoc4j.exceptions.DigiDoc4JException; +import org.digidoc4j.exceptions.TechnicalException; import org.digidoc4j.test.TestAssert; import org.junit.Assert; import org.junit.Ignore; @@ -19,6 +20,7 @@ import java.io.File; import java.io.FileInputStream; +import java.io.FileNotFoundException; import java.io.IOException; public class ContainerOpenerTest extends AbstractTest { @@ -180,6 +182,35 @@ public void testSignatureXMLContainsTrailingContent() { ContainerOpener.open("src/test/resources/testFiles/valid-containers/signature_xml_contains_trailing_content.bdoc"); } + @Test + public void containerOpener_fileWithZipBomb() { + this.expectedException.expect(TechnicalException.class); + this.expectedException.expectMessage("Zip Bomb detected in the ZIP container. Validation is interrupted."); + ContainerOpener.open("src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc"); + } + + @Test + public void containerOpener_fileWithZipBomb_fileCachedInMemory() { + this.expectedException.expect(TechnicalException.class); + this.expectedException.expectMessage("Zip Bomb detected in the ZIP container. Validation is interrupted."); + configuration.setMaxFileSizeCachedInMemoryInMB(1); + ContainerOpener.open("src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc"); + } + + @Test + public void containerOpener_streamWithZipBomb() throws FileNotFoundException { + this.expectedException.expect(TechnicalException.class); + this.expectedException.expectMessage("Zip Bomb detected in the ZIP container. Validation is interrupted."); + ContainerOpener.open(new FileInputStream("src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc"), this.configuration); + } + + @Test + public void containerOpener_streamWithZipBomb_fileCachedInMemory() throws FileNotFoundException { + this.expectedException.expectMessage("Zip Bomb detected in the ZIP container. Validation is interrupted."); + configuration.setMaxFileSizeCachedInMemoryInMB(1); + ContainerOpener.open(new FileInputStream("src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc"), this.configuration); + } + /* * RESTRICTED METHODS */ diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/EntryValidatorTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/EntryValidatorTest.java new file mode 100644 index 000000000..11dd96cc0 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/EntryValidatorTest.java @@ -0,0 +1,54 @@ +package org.digidoc4j.impl.asic; + +import org.digidoc4j.Configuration; +import org.junit.Test; + +import java.io.ByteArrayInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.nio.charset.StandardCharsets; + +public class EntryValidatorTest { + + @Test(expected = Test.None.class) + public void emptyInput() throws IOException { + ByteArrayInputStream inputStream = new ByteArrayInputStream("".getBytes(StandardCharsets.UTF_8)); + AsicStreamContainerParser containerParser = new AsicStreamContainerParser(inputStream, Configuration.of(Configuration.Mode.TEST)); + containerParser.parseContainer(); + AsicStreamContainerParser.EntryValidator validator = containerParser.new EntryValidator(); + validator.validate(0); + } + + @Test(expected = IOException.class) + public void emptyZipEntriesAndBigInput() throws IOException { + ByteArrayInputStream inputStream = new ByteArrayInputStream("".getBytes(StandardCharsets.UTF_8)); + AsicStreamContainerParser containerParser = new AsicStreamContainerParser(inputStream, Configuration.of(Configuration.Mode.TEST)); + AsicStreamContainerParser.EntryValidator validator = containerParser.new EntryValidator(); + validator.validate(1000001); + } + + @Test(expected = Test.None.class) + public void potentialBloatingButNotExceedingMinimumThreshold() throws IOException { + ByteArrayInputStream inputStream = new ByteArrayInputStream("".getBytes(StandardCharsets.UTF_8)); + AsicStreamContainerParser containerParser = new AsicStreamContainerParser(inputStream, Configuration.of(Configuration.Mode.TEST)); + AsicStreamContainerParser.EntryValidator validator = containerParser.new EntryValidator(); + validator.validate(1000000); + } + + @Test(expected = Test.None.class) + public void normalZipContainer() throws IOException { + FileInputStream inputStream = new FileInputStream("src/test/resources/testFiles/valid-containers/valid-asice.asice"); + AsicStreamContainerParser containerParser = new AsicStreamContainerParser(inputStream, Configuration.of(Configuration.Mode.TEST)); + containerParser.parseContainer(); + } + + @Test(expected = IOException.class) + public void unCompressedInputTooBig() throws IOException { + FileInputStream inputStream = new FileInputStream("src/test/resources/testFiles/valid-containers/valid-asice.asice"); + AsicStreamContainerParser containerParser = new AsicStreamContainerParser(inputStream, Configuration.of(Configuration.Mode.TEST)); + containerParser.parseContainer(); + AsicStreamContainerParser.EntryValidator validator = containerParser.new EntryValidator(); + validator.validate(1000001); + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/utils/ZipEntryInputStreamTest.java b/digidoc4j/src/test/java/org/digidoc4j/utils/ZipEntryInputStreamTest.java index 92ce86ed6..b33bcec6e 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/utils/ZipEntryInputStreamTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/utils/ZipEntryInputStreamTest.java @@ -21,7 +21,7 @@ public class ZipEntryInputStreamTest { @Before public void setUp() { - zipEntryInputStream = new ZipEntryInputStream(zipInputStream); + zipEntryInputStream = new ZipEntryInputStream(zipInputStream, null); Mockito.verifyZeroInteractions(zipInputStream); } diff --git a/digidoc4j/src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc b/digidoc4j/src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip-1gb.bdoc new file mode 100644 index 0000000000000000000000000000000000000000..15eb478e9c37bdaf7a85ea40d12cd66f402fa996 GIT binary patch literal 1045679 zcmeI)eRS4?1ONYP?JC{b&8J4JoADupau-*aHf2O0N|G#5p&M;AE0mCu51~+z zn{HT12$A_nL~QcG65S}#^jZ2eu3zu{@jJhBe&2t;f4t9mymzj%Ydi1vd)Mpn-}{{B zS^gEt(Uy@&7dR3yjmumiKQ{HL>)w0-jB zfmaXxWzD$r*L?Tm!ej63k?~gYxIvwV&uy7_zd`ik>LZ%%UAJlNf%LZ~79a7~o^`i% zif;R1(CSW0+E4u9^}Y8z`NqyC{(STKWAfs!-J3me%?^-g)5s*;(he9P@Ylu8}22rQi41>RToqJditW(j|$ruWdK%!XIBM{`0>RuF8J! z$!()D&RyQ*>eH(B{r%wP<7)G-iof~XDINE=828|<1*h~J_wI{#7koT$*ehN3|7-EM zk+)aBaPFSV{!#GQzLVZKX61xU=eTYRN43lQ?7?Nve0<_Ji&uX1Q10uKTdepw zZ(#3ba~3uJ>%+yZ>Q)|m|JBD0D*mozmu}N<@AlNX(e0jXc}%M-HxAAGq(_gfTTbe6 z&A0QG&3&kS_v21Fvdc@0f0^;(yghIJ^~Mi1PtRR&U)OCDJMCGvdV2S_H|%;c{gLOI z%zXKy3!XUP*{5gj9@+e=QmeLjBk_vsxzY5o54({5hWs`**TgZ~vjd;XdG zetu$5pGVr>(5Tfbkyu{eUT2J2zOK!YrQ34y$De%9Raaj7>=ScyTeUs3s`a`(7oPUQ z+fyD&J^8yvD+f&2IsWQild7Lye{$=~W@Jy?HM4Hh`FFha?3C$^A5Q-4gbpK`Ov}A| zVz2VL+--OF|9M`IPu~6C{;Io<*}P}LXT`sK((1a-KTkg5hg<*s%&jXP`s16&F5T4N z+!iA)ZB)?Vv!#b3pWe3d>E#!W>E7VX-`?)iW?ZwKy@y;oC!^KSwU?%Bzv_Y)@-A4m ze%qVJcfED~J8HQ>teg~^RRJEKwckB?Wr*RA=34_r6t?3@u--#Grm zHs7@TJvJ<5@O3Xt9{k=lo?<)yRJ@eFzDzJ z6SFRv*=zN$jf*p4q`OgoRT)DB!xG%bHH!Ic@IGT>1U(pSmnR?$E4#V?Vy&oQGbVar%QV<(1s?=-2C_$INLkV9w6-FKl+o z#*F8)Bys6ex+J?x z+S13?PntVxO{-%c->|URQKwAp^VQUcmkcj!KIfu+xt#}p_4J9S58tx8Z>Ne)9ar}n z{$|HrJ6~8oZSo1buO41^`nKL>_vSZQUNd`l`_$>@4Frxj;%=X(GuK)dr>ey4K z{%hH1{obDP#A{t&xvlWb34c7_?YHUIy)tj({iXkUyYTw)sbAgn%)+(Xp2~dZw=F zC7pJBeZwy|SM@xt)rVj0ZT#*3mfYXrr9J1~^ZevbZtw8>OH22>wSUSL+b&$Ud+cjP zSO4RkqO%6RySv9XOO`!(Tlx8?3}12K<*SOyXWg9qU|QFu6UWT@v~{l`EyiBZzH7_X z=NtukG-B_mwRtk32N!vSaqHYP#$7NVC5?W%SuU=i&!CmhE4A^?&9z_}4qpeRn+E zHh063)msl8RghY8Q^vWEA9r%M{)wFVi?8dMbA0C~x4zRW<=}@&C*HNS@x@0z_1p)a z{PWRoFT19C|E}o3){C3`c*4sSC*1h?Y8IC7cwlz-qh~LF`-Rh+Ejanwd3U$%Suyd*#^cv+-JHC3=;j9>xMlo= z*V^=$f77JK??xBD+;7W_6R$sS(q%i3ZvFT_o>|=ajR!nT-CbUzSzuV;|BJb(Cq`S z%4iXLII^JU{trLe{Ny#CKR)5wlP*8=_@?X6+1vJ%d5<=lP<7KQ^SAu8eE-=i=L{Y` zddB~{9e4f8vnT(1YiUaBaTmls89M&qg5P%>igv1Pa#W=2bt$nMuJH#m|8vWZ zU&q~5p1q)Y`~NyLKXrBK;70u)KmF97YE}+;wcmv&tlv6u3cgDW; zH;h@>XTs7cul~Mq!^peed@=g+v5!vKpWfn~uTHAmbN6d+r;XY;;nsUwo;tei$j3W( zyDa;t24k{cxc%2JC$H|(r}2+#md}Xwzv!dK`nBtKeAfjXJ8W;ZWySi^IeBk9u=A+h zM{YZ3*oKjP8lBMei=R(!bKArQ1LNg4ZJjzGr)kmd`|nF1I-*0_=dVoZ+ilhT{fDf$ zwBLZG6Am8R^uWIEucf#D@vqBTT(@H61!;GmRF=QA|Ig2KoblLABqql$y02N)5&Qpof6jO9Q`VH7^>^C=6So{Z z@z;qrURwNqm*PR&4|Y!6^LD!1K=_`PpVTR!35WjFlt&!)v6Jp9K=J1cMR z+WW8L-nexCx2vXYY**a%%ynINyx4X4>CLXX5Bc^|`T`}{=DhCKi<8qO{W9n zw|=zyri+)hdu&JQ(x-k{e0Jj3d5P|KCZ?wB9RKH*1J#Y!-*f))TN|Hv%G^6E(^p>q z=ucaY{C>>4iRaF*{_VuSi=RuWn)S`OUDCflX7tq6bMNc**5wU8{ph?_t6u3|o^!&q z!u0pXUi@xhWm4jvg5Iw!nX>KcK4;8$WamAr7UUPK{Cdo^c5@eh`+19ouZ(U{IsA_< zH}Biu^4RO&dE&=rnd8s-Aeuk(l76$>z4FDZrXRgkU30^p9h=&p`rUD{1^vJ3f7z7s zA3s>QedfyN+n@K_!vl|A9>1em%EWI^c%;#FuikfB&8lHt>OYV<0O8@fmRcB4UJlcD}g1sYGR84y3#X~)spZWZM z(r3Ni<@Wf-f@eRQJ*UZz3u=0fUDUVa_V|`LLw?%*=+U=5`)%8cI!rk4=CTZi zb{slp^ze@H(Zh$FKKj)0!$$=-X&Gs7_>$k(%(`;f`!^0O-JW{*@<>jzNbAU`_>d9t zVM99}KCxdxlSp#Q+|`2yAAXI!yICYD`ro8TBzS^~?0GNg@Y_hq!+$T`+xYNDau6Uu zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009Ew7AX0qG&zU?B3X&by!?I+0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyKp^Y_@zj)P&;pdy6=vp!eT>gffB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72=pt@HK%}O)D9VEX0RjXF5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&U2)#f?ZFNq43s8|LPcI1l90LdtAV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5;&s?y}7AO^@vROaR5AV7cs0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t7-Y5Km2s1}#8IU14T!=+_uPfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C72$W^V(t;KsQd3+M#X*1o0RjXF5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5(zULd2kI;Xw`s7REj7leL}0R#vTAV7cs0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!8A1X>w8!17syC^YU>JAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0-+a(r=~=M7NDfAFf%vwYYZSjfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C7%Cci=K?@M6DK3iQAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t7-Y zkWpKmQ{MtqB+AnZLO;g<0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK%lBL zIVp$%vJ#bf`8Ws=AV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5;&&>{X zpJM<40t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyP*s|o6vO~oiORfu90Uju zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!8B#1>&hG(Vzt=sVmIP4gDGe2oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D-dXSX$5mL~4qQqBsZ;AV7cs0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5;&&CMN|kKvtqMFCPa10t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk z1PBly5PE@lYDzR{0ZQr$Gjl_~#sC5Y2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkLHEIXDKv;dKs;-V-H0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyKp^x2 z8MW0p^({a}qCCAI^m7a#K!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1gc7t zlY$r^D^Z!3kAnaK0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlay+AxQB^tB< zC3S_FxuIWU009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5Fk*N9ZL&ZfJjYo zQ4|LO0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly5PE@(+UlJ87N8?&m zV*mjH1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNApRhpa>!~j`|%Dj9W1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfI#R4;;AXopam$YE6mId{Tc%Z5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7csfwJsaTF?SSYKn`ZI0z6RK!5-N0t5&U zAV7cs0RjXF5FkK+009C72oNAZfB=Ee3uM$*=hU|V6^Zing3!+~fB*pk1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oR_$O->48fUHDiUOo;21PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+009C72oNAZAoK$9)Rbt@0+iGhX6A-|jR6D*5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7dXS#~TfXaOQM#YIsZ1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009C72oNAZfI#R4GHR=H>RW({M0t8a=;s(ffB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72vn6OCj~J;R-!U59|r*f1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7 z2oN9;dVzRqN;GHzO6m$Tb3?zz00IOE5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U zAV8ojJC+u-0Fj#Fq9_gm1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZAoKzm zwbeQGEkH%0JiQ?Fa||FrfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7s!EfS zf*2qxQJI&Ig8%^n1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oMOpKs+@i8ngf< zb%mL^pYVx(pdwM8UJ&{@ z1`r@XfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009D3rO8P_43L$m%*)3?fB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72!viBo|+O3T7Z(e!pz*zuQ7lC0RjXF z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UD9ete1ua0Nrno4Ig8%^n1PBlyK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oMOpKt^qKPJIhdktk0u2>l!b2oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXF5FkK+0D-E~MegfB*pk1PBlyK!5-N0t5&U zAV7cs0RjXF5FkK+009C7LN5?cO^F6AKuKL;W^U-$7(jpk0RjXF5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5(@WyjKj79dhnTolDYfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72!viBqqaJyz6GdAl&2SjevSbI2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs z0RjXF5FkK+KvijSQV;`VB`WjsaS$LtfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+ z009D_7l@~(M1vNfq^>YCH}q=^AV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N z0tCvkV`)JP5UD9HisB$ZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7LNAa} zTb)zi0#qc*(+fgB#{dEZ2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkLHsx&z% zhyk(^m3jF%2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D;g8#8XqEK?_h) zSD2X_`ZWd+AV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0%h5;w4eou)D#y* zaS$LtfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009D_7s#ls&Z%z!DiY=C1)-l~ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5Fk)hnw%8G09lF3ynGx42oNAZ zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+KE2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF z5FikGfp}_4G-v@z>IyS+L%+rV0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly zK%gu;mKL-Ck(%P7C=LPy2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkJx^a2^R z)j9PoKt-ZFy&&{+3?M*&009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjZ7N|Td< z7$7TAnU{})009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5D2|MJT)a6v;ZY_ zg_*gbUt<6P0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyP?jA_3tE6kO>t2a z2LS>E2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FikGfsESfocb1^B2k`R5c)X= z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RmN}$w@&Bkd>&+%f~^0009C7 z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXFgkB(?ni36KfRehx%-qngF@OL80t5&U zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBl)%Z{Z5EkLBExG0K)009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV7cs0RjXF5D2|MMs0OYeG5>LC{Hg4{Tu@b5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7csfvVEvq#y>!N>t|M;~+qQ009C72oNAZfB*pk1PBly zK!5-N0t5&UAV7cs0RjXjM_5FkK+ z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7dX=mp}bDbb(>D5)#V%nkh-0|*cxK!5-N z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB=EA>{wdR0z_(xi=sFP5FkK+009C72oNAZ zfB*pk1PBlyK!5-N0t5&UAV7csfzS(N)K=%zw*VE1^7Mkx&oO`i0RjXF5FkK+009C7 z2oNAZfB*pk1PBlyK!5-N0t5&Us47iP3Sxk)L}gw+4gv%S5FkK+009C72oNAZfB*pk z1PBlyK!5-N0t5&UAV47W0`b(8XwU+b)D>pthJK9!1PBlyK!5-N0t5&UAV7cs0RjXF z5FkK+009C72oNAZfIwMxEG=jOA~nTDQ5*ya5FkK+009C72oNAZfB*pk1PBlyK!5-N z0t5&UAV7dX=mj!rt8?mGfQm$UdO_&t7(jpk0RjXF5FkK+009C72oNAZfB*pk1PBly zK!5-N0t5(Dl_n z{~rQ^pZ+f$`N{cLBsFLmX&H$$ZX9{!@=-lw$1c2ndhv w!$*t?rWlA`}TtQ0-GAd-JY!$!eX$%nr-9RB|4AHmK3A2Hxtt^fc4 literal 0 HcmV?d00001 diff --git a/digidoc4j/src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip.asics b/digidoc4j/src/test/resources/testFiles/invalid-containers/zip-bomb-package-zip.asics new file mode 100644 index 0000000000000000000000000000000000000000..bb1035f2aad2dfc5c81c7decc46ad5a3b8a48cd7 GIT binary patch literal 6664 zcmZ`;Wmr^QyB_JT0cnsBq(wSMTDlvgq#K5up*y5YLO?{2X6Wwj?nYop2_5O9@A=Mm z-tRi^S^L`iSx?<--T(G|J!*=`D8v8^3=BY`f{PO1Z;SNzURg#FwxnVxXIx^}6|V1EPKmh75>h(!CJ;b}c_oWSk4XSu;Nr1}KRG`(hK$r{ zBi4O11*qFyZjQu@uHdv5i5*8hUzAHPE~zh`v_nYK{7F7r-d&%XVj^bOK~$Mlz@C`kK`K z?JW?mm)|D5>W)lS1@B%K{YXwXqKI%rMDVjiS|4rqi?rjM{INUUAxZpvw;Z%wW=Ike zmziRop?HWc0(N4oRKrWWPT_DH-&dWC8H%T#@NfNoIFzi*9X$E+=L3s{ujZWDOrhEB z+&*F_Y5C_v1JIezX-QUFvlb-q*kdHs!Fi1cQ4w@}!mpvz*B@T}avvvfbz)Xka; zSU69CKJOj0Sd@G^zj|v88CsVMU41C>adO=(=0AQzq?LBg+(=#znG)!R7B3OvyU@x` zysyd~dcIUtKM*fb8w7-XlQmSWO8tUy-&aI-S5Fb8LuVAQMl2*1<0_TY<4*gDn4C;y z+>&xcUVdwtSzdP~yDB}NNt%usSE#h;F!pQqar1rS#>L0<{7BFalO|H zf0Cu-#uv|6a$JqH^7(~Rm@=@gCA+pYBRXx~xG&{^`q$mHkmiQwWk$K9pqTae+aBJ1 z&r|mhKS8P~jiKi6F{~q0-PPEV@X!ZJ#1796w|ILs6FR0$cib3IV zcT>V{t)GHpFcOd_7+LKxBP0}{%5`@VJKlQVvgJoQZ>|=-$Y+o9Cjt&f$c*{E1)*;^ z4Cgw);xCud28zG zJ%&Vh3QuT_ap;h(ns#FfwZ65ZJvzk_A}tu5 zR|@%Mg&M!b2d_Pygi+dyv6YAk5mcu2`==+hkWple7GghT3D=klPbjes!$}oCm*6v> z`}my0cKJw?YjBFQN!hlU6Mj(K9}&cOq+@%>v7;Ims)kv8k#fX@ALFac#$Ew49pZKI zQktk99Ybn~Xq89n3yd@fu7HiA;#BX%u&+dS3Sx{_?aJ9jOd{Dc#ZfZtq4s}A-xSPY z`%pEZ-4>i#11fhm;f7p(mO6_uF3%p13i;4x^41rB&MLRCV<(5Q{frx#e<*`BVbm;L z<6eK-s_<8Mod@MHyi0~_t%(5k`g4(ssS{57l)ehR?R&DjO+Jk|8{e@ZeG%IJfF`GciG0>c93b*5h1R=1e?Yd?F8< zM#Y*Q4Xte=-j^Oa^3ev?qZP_R^1?WjkP)!0=V0wBO6$EiekKnCZjGz_LKhD!)GjS^ zZ}VGC7F4rXEhyC&%Q2Gt>0KCeh_9ZxLY!crqB&@sId;i<2n)hq#TB#H!TMRco;b+q z*60oSX#*C#7J&W0MWS()DjCfgcGaP?nvV3L9p&6Dfkt8!cXR9ZsTO{q6$yU^-3uwb z$Jcp9#!9d0`Led!mGQ3oo;>&3!jQzxDd-(xNM3oPyLkmiF{CQO+-58rWPH~)wbwXm zp+uQS0Ty;1jgyfhkhUEI-lDjQy_(O7?XDqo*00=S>C2h_5j|&{qS$>Qr~+|JN2ShC ztUc}LsSzsG4fdEa&`4Pxk2!!{6xQuWr%02gRJRp#VCTOu$o8gD8ie9v_;zf~B6nEM zzK^!^h15{X=UMqKUE ze~R8ufPSYruB?Y1j=~|a|C%cJTRn78{~0b?zT0`8@e?CgLv<3MU;-dt>8fvFHcNLh z17g6ez)g?U&wEP4lAVkOS+pw8Ti&g{;;BzHw{?%bk)nHB&l5Df6@o|QBO*9r>6@VS zeg77P>nG+@0LU0mkgK;}f=$NJ#&%K0#kL`>j9}w!4==fN1eQzzoL{;BnMv+0^8@97mmGa+6Y|6Ar7I$Z08QMMV-?+OvjDmIrG}HALxIz~r>`D|;EC&gyiVAB@n33VJAj>)7o9tSk3oXs zk=TpqSNGkiYfN}8VXq!&^r6ew&rhK5Xw*P}?Ou#Qu;KKVB4Z^~&gNC~FAX$kEsV zRmx+FL#Lje#vNc;ckFuVl#46rf*yI2_Omz+O6A%0v^3}BJ z=fM%Q=|wA(K-6+~;DYU?kj?oOF~!^V%x!E+U*296wKy5=6x#CXB&>nf%?s1x{V684 zH9En3y*a%%!FAicg?n-JpP2;C5)4VJ&D^l@peu}tXvP(h>=zBzjg5{A3z*Hl;An=D z{Wu=Kme~a&Nw5jh4&RiM9@YFzU=#`(;fzAVs~`mwRsH-^C)lEY?$=v+9PZDngh{nR zu4dy}pC(dLG519-lsvv@2D+Lpr&{bDC6hXTTA>kVg$R&J=MKO2D06g)5~Q#jY|PG1 z>{r%YewsZ$nsnTCCs=h*w`h-9W=}y?O~2u*0nPkk3ZQX5Jc28uLua0BfI9`KzyHIw zqX_u{P5+LX`a6F5b-c&xyT584LGZvy`$yKh3sp5mbPPd?!nZLv06@|U06^_8Jp%w> z05XJ>tl(RBoH^b<|~2mGnr>s!32>YG?e~%s^^TGW=Dc6 zMU@37o{hfwiJ2?k=~(!B2s_C4Zf<3|$TUWn@(G;6K4Cv$@zqyd^wj6Ji?(0WswJM? z2)mM^TOuLW9mG!z#Xl!5?{JHYVa(tZ_Wv4flvGY%+fnumY#dW(ez9T*^sT;lCT^ur zt0WY(gm8=`8oot|UheFo8*LmK5-1Rx#r2vB3|MCu-)`^d5#*~=Kq>E5pVk=J9wWUB zVnAMQO-pj{Qeu7E5K2y6SMaS*oYK-;V4o{~RyR;{}cp?iLcmoJ!t{S_ma_4VOX*a<5*~S;BG8_~Qi17BiMa8L?D@2rW@yX!K zudoI;t($C_iqxZXH(bA_vDNY`R=-Xr5u~hZ_ ztA75%#fSkZZAxE_#IDNONl+UW6H9j(%ojy_O)rOZD#kM{#;smBXr82V(@ABF`vh2; z|2UUW22oBZsn8FEmK|om&>d&4Cu5mygy9XtA*v|e&85*3eK1k2xlV%!_5;DlQ4=^l zML#6X+lsO+CjDn(F+pt_ef(#4q6`BH)yR4VCOI1wql~D2EM6OYp-PaX-B#~3OT4?0 zhF6R{FiCxz5hQcai|>NR;yD&2EMUhQzfoVxrODh@xAAO*bKv;9Ob}n82JSk;{5-h; zj(b}b#XxYktWpf}@K8nLfVea1QPJMY$_3g+X7UU{Cu8+6be4Cz?pWiXcMj=3_bLo- zp@)5^-ZQW3hJAj06YF-}K$bN*_O63PNPa}ya)zk|i z^>3vG$+!kgO6I*$WLx``C%k^Iyrrge7W~=>r}3)y_1xS=MbS$xnXEoFrwqrZ@bTuJ zX!9)49yHCx7g9T{h}ifB@^GljnEWd9AK|JV+EJpFSy7C*Pa@(O1oxc;_aCnK>SzDJ zwS1R0QN7)(`}0)30rv-M<7AYV`^Dy1uT(U0#{XAt?1qn6rh~HM=z6BDTzM zYJf=6&P=7M2YH6?N^z%J#NW8<{0#q?a#c+;1C%WjF+bv(dth|WrvqM&8DxO4AMTH0 zD(%it8B`8MO^WO`-;G(+Q$7qV-`iMIPlFORYOed6eCIxSZx)&s7Sh8%{rShS6 z%VU?dwtcNYP_<~!Maopet`)4ZKImf{p^C8ijg^T~8eK>y`vOSB?RxmbdYg4m$BgzY z!Ywg9``?!h;sKf2oLfKWeT>|NSk<{xWjTW(l0@k|ppLg2%)syzc}Jll-4$t4HPC>8 zEXQcOWI2n~(U{bdgCd)j#;Xr0>grV2Z}^zBT&1l#$HRYIOp*Bh&?;Yh^>JyLn7G8C z!w)ARvk7W^z4M@oKq{>g$}J%s2P*a)^Y8b3diFyfJQ#kQ7S` z!JrXaBErJ_=7T)_Dm|;3>sQv~7G@^zJ-QNJRIm41&5xEBKMI+CL>anx>CKA~0`Fd| z^)#re(_M}z8h?f2a`ldqbAqNF0?b_Ay;r!_ZPkUnqR!&&b1rK%G4Pqd{!sQg3V2vC zB0gkbFKYTpq51>cLPCn}SPkGsYW3W9X3W4VSxC^R09`c5n(a+wR;) z6!1ARgP5yohRGYJP-fq)diZ)~xPko!E8r5~$9zE#I^%RSr5jV^7}589~aw0RoR=@&u`x z3=g)?-EYbxeze@ef97EBW+J>x#++UP7rD>#YaX1WN4d~aai3PQXxTecEka|Bo>t=w zjbTulagxGqNbOb3c|~Ep1KV`Ire~R%O49gE0@fAh#OOl&x%yCc$KDr13)aV*D~$9+ z0WF0t0aKJuxTNfj(-ePl#1A=R_qXR~aw@%PTUvy4DFTY>S`EgH2GnGTos1YY*0R0Y zG?(^8zMJvSE-!SQn9q|kJrQZY$Ne5PE#nMcSY;h`ITY5e<)Ue$YCACF zvWo*!Xu+ZS8R~34c48bf9P9%1KiThw%N!QngNS1ma*c}{*)UZ?2C?7(ENm@br+Ev=Q82454Z`?0_=#BBIO#P`O$9@y=K=<+WO;6UVUv%Pc zuBBEFA{s#(__>R&2$P*sJXW&Hb;{D<5;9fYdY<*@jD`z)p#gqB2MV^0b1;!$I!#l~ z^=3DPcuwO8TeYW?K1ZHL=cY#3&z?Ifzk=(ED0or5kCP^?(d_3U;80uSC}qQ1g{sO- zLv+VVPUhoRbP+21=C@2j{tzkwZevd)s8emo%a+v|VFH6C&nvsN(0D^9=$zF_O=@(1 z0&oD~@Wwgez6L8yA}mi*jjotL3xgGfBpB&QTTiJ(|_n5Ci(}8 z`a%Cd(f)5xf05XFd>zKvvP%%KFNxRNKxubmW*8-Ds37eGk_k4Iem2Xc!nsjOFXWXRW80IBDrh3cqe*L;ubflqnaJ&e&v7u7p-piJmE2MmP{uk|x-qp`A z953;c0O+lqph#|h)F3wxz$b1QO%87dN{m4n|ZfuXkYx;NSZ)LV8vos zv+?AQ2*CQI0sb0l6iexs(Ek4U|MUJ10UT`|Ex|r6mS!$44z?C%U|VM=E>EX-oR(mB zTTU}~TMG_%w%-ClP4Nj5G2nk^BY#&Je`X{9x&EI?$sZ8VZ;*c$B#i&Uc=p>){uVHQ zlP6e!KS2QC34jbBY6~+e{4x8)(7oa>o5#AN`p5qRjs^JtiT(xf*JqCGe`%{JqN4o? PBL99Ce_IOjKi+=p}14rDdli*C|=yH6nA$o?k=UcySuydR_5Nh zvu0+!^WlDblC?r|BL8HEEcS2heMn>_9>F{Vfk5yeyb5Q^2;1520|XFA*$)KzF#&;1 z^oSYh9Zf9uW>gdv?D3nAx=|_BGhtA%Nj-K6+Ecy;fME=J8G|SVzv_CYD(9AwKpW!7 zvCI1l8!)IqBYF@cz7P~Xhr@*mU#9wcJ!l;lF`<2I@z4};!rL@4(9uqaaRCw~ zNXDz*M}BCFjh7Qwi3Te{lo*oISl=i4{A;}CNLy@0{UVPw2c|=ME~b&X_WEMO z>*F}BwuZ4H-U!aj$OX777g=RNwr{lX-beCrIl9b>FSW6T!k={Q)QG!^M`rEoC$GTJ z-0oDJzdA+VHT!P(VckJ)_7f{rr-{0;Sr+2xmP;Q(nL4da<$*BGomOh8Qp?&HQ*U0P3q#2$7>-lh5S=i*l4TU!=9+8)hYXu#^Ax zKHd|y7Azrk*s&`Hl(uj5aO+KU;*QUH)k3n%m@&C0#h1$Hsm7Wr-o+ATO36Zuf{ql; zSq^MQ=hWk!tDW;S=Ht2DI2ss?xZol%t?0K;HWH#t=aN6mZR+kuLFl^_maVS~5#^oO zvXEbqeUPz_&S2ybeF-NrFbl;huDq*wpmmfgue0m@A>&%-gq3B1Qgm4cC{ZuHb0iA zJXT@CiY6-YB3?1FDJZWmR>9#b4#errxFVZ#YpF0eUjM#k@}42di z>!YG@goSW4*RX|hT5W;Bk$|ah3biI=i+=aq=jD2?uhZ&L%Y8<=ctlMt{_bozRzO8Y zHqsn)W9ozf7)I7p_i`j8A@c?MDstO;wkH2tR`=)7(Crl}yL&ggUONd}S%&hL+sQ}N z9TC>>0&Y2Jb&lLKiB2YUqiP@fOibc7@PxkoDUsYP&ULvy07kkf0YY=f#y& zyETcwV-^3nw$&xCg~v9x8O_vjH-J9FQ?JhY-R{ZsXKwS@cZ3D`j?N3sMVq^kqoQ@B zwO!vNr=|5&7N!DcAuzYu7cR?* z5t1vY97>4YjaWpVo=PcV)}_sD9I7bhWI|#-zWAZtOj|f(W|kx%n=>jduO@MWe0J+C zul?7H>WQ@S`~dTG?JMRU&Gj&k(SZ0xv?oh<(t-#0xtPq#`3{@ImqM|uJ1%onymXPz zb2h;dmHE$Hwl+h;;FM^;t()9=(G7S!+cVEPg^MwMZN@-v*->3`=v)wm2tMOtYL>VX zoZ#1o2$*Rrx$eI(Y+BW?5Z61;>DSQ-BGNTARFTUqGImPd?3M9GsgJxfNrf_+<{RJ7 zDaAhHc!6`58!@D1W$0S3!&bz?xkw=Wj_iJ1X(}l3Ea!IQ`Uy`cB2QZ1JLT41Oz-x6 zqFPj@7w4#QY$mQ$$lpw!F;-V^C1p2ML=;LzhX}9oESMS-SyG&1$)w3Y;&IMXKths| zKfLhf+O_l)zj%5RFo2v0H+Q(4=;2kQ^js*FM7zY8c)aI&Xh|!x4;Ty0jbYKMU&G9t ztRxOPI6E0lqv`5o)5EqblpE+&CA~rs7piwj7RMyvMmi*Ndi|YRjZy17gMFgSleaAQ zsvAv93hBN;fC@rS5)LQBZ_iBLtd9q0+TNlfRkLM|~X(6Q^2XUo5(;L=%vH|w)bvhxDR z(#ys?zdXf!^46F9z_C){h3c;F(B|oI`kn^hc1ST7A&&OA*gl41x->Lstpv zScV4Jz9r$Plb+BJIgIQlGTrflIILc0WLYjZ~w5|)ill<9b9YGs*(;QRx@f?c(fn8YRjQhgr zUWk#qx&8ax2RwRHn)c=8aF&YVC~PuP3}uG74{lT0N=J)%dk4DZf~n5?jbN!*n#or^ z9AtA18vz4nhgcqbOPEKR^6hr_+p%_;bx)Hbhnxfc=-fR6U?1 zay)Fwg%jJOSq4PD=IP!k3W$ zEnMT@!o6tzJklQ}ws`cf;g{wTV7+OdO9m;hvmMD>S7Gp^z*Rooy_<1&<2=>y#LJUH z`?sgIMBzJ$&@PFs`)AVLjr6J?8Wb{%^HnqsMmKjVO^WQdPi>{ScM{=T<_PYB?LD`4 zu)ed;KT0dUnS!juYG2oKZUk>QZSK^*V&7jIn%Fy=x?Bip?5FtHw&`YH5Z`p)T6Nyg z9rWfE{2liltnB|+g-n170Tlu&1XKv95KtkYLO_Lp3V-?zj`shw3Yh^F0xASl2&fQH zA)rD)g@6hH6#^Q>0xASl2&j;l6;L6dLO_Lp3IP=YDg;yr zs1Q&gph99cK!tz`0Tlu&1XKv95KtkYLO_Lp3W?bP6#^;*R0yaLP$8f~K!tz`0Tlu& zB<28A2&fQHA)rD)g@6hH6#^;*R0yb$m=jPTph7@}fC>Q>0xASl2&fQHA)rEHEhfC>Q>0xASl2&fQH zA)rD)g@6i)4FMGbDg;yrs1Q&gph7@}fC>Q>0xBdn0#pd75KtkYLO_Lp3IP=YDg;#c ze?*1w@bI8Vau$-HzYLf^=B0!c`RT-^MHtLYL_4F`jolrn?SWA`;xS? zXR>3b7B?s7`tZ~|SCuI$m}op!Zy~sJ)d`OrC@SP-W-BPYryb)}s%sSB?%cc-=Mc5l zo_x^S!pA?F&C|ZO`3RDgcnsek{r0@-N4a#NKtDb|f_Vn|PbGi;*OFVC7(;YzY^@Bf z85x;=7QaJHC1Pg$^F0myRrpI%bQp~&2m#rPi0-8){va_jblfJ_7F-juU|ajW!n%0} z+=ST;n~RCNvp%ASxcuX2CKnrF1-I)@w{UKkFAG=5skV1V9?vZEeI~j;y9zC#Szh1` zv&ed9U_1FV^y`hG`aAn3KHt|a-8YSQ1Rg%3N9xn|9p>LjJ$1eah`kqb6?7AHy*s=L z&A7QUJB#iRzo@i{%UU4cH6%f7V}wx{WT)5)*qwOV7V!eT3rXK#KF=7#XT`BIf2|v(!cZbcpxJP=d4}BXnQ z>sviKv+J!kUv049?P;n^-F?;T#G478GT}-7E?e%X?cA8qb{bo^AvsIp7s~S?&_5U$ z_lqkd&c3KefqrP6C1qVLJ|R^QdM27tUvvSs1<4Z2ZPImNI2c-*mxN$7I4M?@i>^@< z)p+QWm44EaqZPEMD4rMJ++MeN^FR6PvaCaHDmA<|!2zU`#g8Yb30**W!E>?_1C1q%8FKHowl&ytzkcY73 zYu0leJ(gr!n?yr?c~MGR1r0it;F)$AhC617k!*O0>6~R|yv*8mmTCC8;=C5A-5q>y z*cwP{)%+6vH(f4a*ecRD;E;Z$&gDJvZhfhWWpRBjRl_^sI**2%Vf*;eopJ`(y}DuJ zF;of^=g3^=$R6wQW{iz=*jL;m_|I9XyY{+Z=pHX*6v8Klud0T~74|2<_7_`oM=qIk zu%gXau&R&M`44HI^IAn@aF3shWO0_(GW19huj>~;C8nDYl)URqY&m&y<}=l3lEQ1} zyBuAIY(3cy=^Z4_kbf=8;TuJ3bgbg+B67lg@p z6$wFaiIIlog7c`P9#c`DvG*63B5~aD3}_-3{U9#2{e0pYCuJ0evD-HO1T51!GLC#H zH1fJjqVzC9L)CeWkgFk;pI$-HyiFkk`m#IbBArSEr*4XfWeT(yzp!oN6r14g=Jd>N*nwAM zQ}a=Xq%&fFYPZ>RrYBj7*x76;jjQ~5MS%tb_ABWbIgJE|K^9A}x&P*p20I(FQ)ELJ zrF5Uy>I63o;;||Mf2|UKW9m|^DT0hAVnaEVmJb!`Jel+xdrZV_)iv~ zs4VB+q(m=#`eO8e9!4Lp+wy=Kmc|DqZ}Vu_4SAO16YV_S(YhFeNT2i~7rp1Y$zV_` z84Zjk8hItcD6b)m4VellTiqf|B@+!!!b-Nc->+(gp3#i^*IQk3#&_LKIsK7xrUVyvrQacuw>_ zWYcAWOoJ=$@CW5n<`Kw+)cNJqiVNtgG--F!55*7_g}0BT_Hf{ZhkDmIONe)PNhlTc zl;R^yl;q|1W}hT69Ip0CA*e2Tlzs@U46&z@_CI;@*rz!XRvaTBbUp7idL6;{>wP_y zh@mP{xi{)Y0^|r%tb_sjlu3rz;7E1m+Q~0=LJl13Q3_pCm~9eT84-HAE7W7vWjfmZ z#0n;$kO|tMY}zF)TS&8U3ew>DCT+KTiSW1VestYogvjsYdnk)Ok)hj6z8Fxby#jN3 zk_2f1tpfJRG-E-OICt<;8ONGWLKsboQ>M|GM&r$B#>S0I&UlFDLs&lbE|1_|roFmS zXRLt5yuGvjY`;Mk57h+sIAMilZhSkP-S!#&i)xE$B;^1JiqZa;tfks}g!P^_3jgVv*QFJh<1E z2cFQLe_T{-UihdtFOA4%9=jrTd&`k_4{RO4WE?B9gIXjq|H z^XDa&N=zOd^%^wW~xukMCL0L#@Q#--qp)iUNA1_KP)VGstOsma}g>zUOW(0 z>=e`BlHCc;bud0$z^V=vH?7-8{^*Y0l1MR{NL@0hd!0Ke z-RfzkQKf7jEYI?aB$`X(fn%6ZkwA`pf&U!dUg<29-A=f74i<5t)fRm%bir&Y7U}2W z5!`A1w@-4vMv^QGtUcC+(`KIHgQ7bXyhm*K29_CO3%(g}s~@aeIMXFvkIu{~H-|Zt zuv|23brZx-&V=3NIGqTl@(rcky?GV z*%Dhz53eSBtkTtlI<6BMXc9F$@O~@V+i?%A4kAWmbWPc6Rp-}x6G8CYIMUNN#N|73 zRgi4vkiob4(|OUF2U@&Aj;JrZ!ROh_&I}hD_HP}sp*GEPUP~oG4nLf_B^{XsnG-5a zJ{(Vf)IW=ta-(|eqL~UgKPt#^cE$2csYDLE&VOYtsLeBfaBurmHfq7AHoGI%MYV!~ zP$!n?0!N?}$A5&=9lY?$T>(eZtWtuY`-!|b*7`Z)ch6w`a!P3(n5SYJr)1Pzi#R6h8|0X`di$Afa$Ft&b(i zovR@nlOC*naD{kfnpC7RCwoVmGVGlht0W$=`y#1Npv#l|;5l@1#w@w=W}F1U%oi0c z6=u1OuC?8S5w*O~%#@|FVo^0=W8*W#bqplsvE%FrSc^!hR*`4ki#>1AoF(Ei^vjuu zQv#8@`@i471kRxsNFB$jyC02l#Pm{O$~-6CeQ4&R4LinoWxAtad~SC9 zFnBT0duFfd9942O)wRdpmG(_3xr90?1YdmmGzYUQ(mQBwoA7bcZpeKPDf#^=DoG$B z?#VdDta~U@R)MYmet)LR9FH9Q!4d0)L|6G!n$o9Ct4uR>qp~&QT!?z>F=mb07W?jk zzUiAqIr4_&QR^?QQ7dm%LyK9tb_-yRMZnI_lEe8>#tKi zmNWL{-pEuQev6_fyE~Wl_Oo+Y>^>x*6oQ!mCuSI2a$oQ`P1)%4b6$Dh zo&0`SL6<_1>L-`|6P6h_!|uMN?0g@U5F6( zKCq%{ZxXs0tVtRP)#2NT6eKG?iOX$7PV+blq0&k)M;4`d`U!tqT4I3XtPFxs4{?&* zqBZ4pk6(Q)-OkAqEM~;AdfKXM;K3gfX(}13!@VT>Vh3c{>yNR;s3f;K+UG-Ax$j?u zO7Cr#=@1+YHFIhzGmNaBMW@T5_)Nrr7tYA?B7LsaVN>@|+5K6e?m-?qgW-<5xW31G zXM0}tVANG%*b!@}{`Ys)<@P+I*ab0wOIJlv_EZJ-Y^ zLk0Pe&LW;5vXggwnK5$AI2bm^u>!3EoaEvZiJ9y&8Qu6~gG)WLqu7c{rlwKx{o>^V zhNq$)ZWYK#or#xnD63tPaNXfM!)h?RFt{Vp2La_al@BTOMcjLZQu*p66$!{L^Q1#L zhXN?i8Ou7?;+t&DY_GwUUDIrS08h``m+N>#N79Zit2?GBDR|aib)}7T&8@Kp6rSFK z<}a15Otv$Qf~$H>^~$n|5aQ-$n_}mjzFMi1yZOMW&c@J7aciP2=Vbwt281g=q##= z9Wk^{-ccv$UGQkZL4B|etjBaK*r}Z5_LISOE6S~Rk`(hsyPfE?UzY-Ih#e~btemOs z`nJH)@Lu6(KXv3_O*eV*_LlZ0J%y_PsgZVr1u^QFvK|n_3U-`#_6XwnlX#=JgJQSr zvQ2&Y>=eHCx}~XXtJP2?N$EL!=r??dOz}-FSho@7i}oL#njhP&`UrDIiJ+pFIjN?k z$%Lt1zGK=!qLMziJ?G&gbFkpL(Y0mY4O5p$P>GyE+|JD(bjU;rp_{xQu-}^;Nwq$9 zPH*nG%~@HsOq%UP(nI00CUuqPK=r7;`b6nF!jvaCu|{cv$WfpeAzBT3N7Vy4uh~?! zY2aZ)AU)W#WKA(dA+z1$BmDKk)P=$EfQDh5>YR{=O^u0|ql{q7|sSBoGdaZhS z((K!12_hS>py$e7ElTLtTb;950yb zOC4ETP8&Jo*x-SKd3)CV>84zVd}AQt)O+RD^YSXFgWx9OR>gH0J0@i6;?h=M$tAGv zoBC`dXR}$U^Yv>iiLV`r+E&f>H3hx5sO2w%*UFwWX)_LEKSHZ!mv|JOY5SvUj-O^J zQXP3(W|2o{#l3M#(Xb~IqZSo6A2*{A568STGALQQaaqZ60Lh?h2S?s`!&xf3Vb}Pu zz7Q`WG)~OxcbC2L8}75y;EUQBi^sA={8a30ABBQwWk)+L?*J)NPN{cdkk0;|lzWJ< zeX~?HdC`m)6F^8|!*C<)xk>zubzIwdk!7Mi`u+Kv&7gjwJJk>AcvPZyud&7grCNQY z%h`m$yUWkR4_3NP2&(CfK+_b+a(vRd`GNi#4tWXE;+dUlD|Q! zOU^hXlE3O4ir4F9o{#X@*1oeU`TKXXTUfAE=q0y|4AouL3a>L-D3R*!MpnP`TFVIJ zVYAtjr_eZEp!Pghh@q18QFng&mUGTl+EXC8A!NHw#~YJ;pnM6c-IR{Xwx~?n6;oe^ zwZ{*Sl_nf_(a89~#|3XsT>3-DcIrHphR4A% zhAu12k{VAMw#xHDGl% zVzs$m1|E*zPVvn;-!uGd>wC`$#>&6|feJ}~xAh@{K=7bnt(*ZQSHeU;+W3BsKNf+^ zOw0^z94riVEiAw$`nonI<`4!uhylH!jkO8AuC<9iogs~*iN((b!yh3(hM!HPvzX=G zPkzk*91(tuHa}ZOZ45u!h#7*x=EN%IR$v2S5?Ki-Xg<)hAM4>kcooi+5w^442R}Af z_WQXP*^lKv2jX8pK_IY+9x>z3PI$zBEP?{zfIu?ux6WdkpwRG@AFR*%{+#~r(O5su z`e!uL-yco;qi8>)ng9N10m9$WEPsErD&_BJ*8di5<)ZrQTK_Tq->)@<`FAwi-yiMu z>UZ?7myQ3YJLHeE{bTySpLLwb@91A|to(bUOJsjX|9b7w-y7Yj_B;C5v-AJn=vjl` z(Z3$R`u9d3Lw-m9dWzTI8x8O9JNnn7ApTP{^Bc`y_w^ss|NRaj^!y$D>;DP=-e}g~ z-_gIml>YZdzm5JK{p*`e|7-NKAAhg^=ob2Ghtbatv40LassE*W?B_N8Ys6pcp`SfV z{~XlP{u1$T{Y*b|5JCUF*7|3TNaa84u;0JY|5i=?QQ>_0v2);$z5cAU{^i Date: Wed, 3 Mar 2021 13:23:30 +0200 Subject: [PATCH 18/45] DD4J-678 OCSPCertificateValidator getIssuer fix --- .../impl/OCSPCertificateValidator.java | 28 +++++++++++++++---- .../CertificateValidatorBuilderTest.java | 17 ++++++++++- .../testFiles/certs/sameCN_first.crt | 21 ++++++++++++++ .../testFiles/certs/sameCN_first_child.crt | 18 ++++++++++++ .../testFiles/certs/sameCN_second.crt | 21 ++++++++++++++ 5 files changed, 98 insertions(+), 7 deletions(-) create mode 100644 digidoc4j/src/test/resources/testFiles/certs/sameCN_first.crt create mode 100644 digidoc4j/src/test/resources/testFiles/certs/sameCN_first_child.crt create mode 100644 digidoc4j/src/test/resources/testFiles/certs/sameCN_second.crt diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/OCSPCertificateValidator.java b/digidoc4j/src/main/java/org/digidoc4j/impl/OCSPCertificateValidator.java index a48f505e4..c3c6d2666 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/OCSPCertificateValidator.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/OCSPCertificateValidator.java @@ -10,9 +10,11 @@ package org.digidoc4j.impl; +import eu.europa.esig.dss.model.x509.CertificateToken; +import eu.europa.esig.dss.model.x509.Token; +import eu.europa.esig.dss.model.x509.X500PrincipalHelper; import eu.europa.esig.dss.spi.DSSUtils; import eu.europa.esig.dss.spi.x509.CertificateSource; -import eu.europa.esig.dss.model.x509.CertificateToken; import eu.europa.esig.dss.spi.x509.revocation.ocsp.OCSPSource; import org.apache.commons.collections4.CollectionUtils; import org.digidoc4j.CertificateValidator; @@ -25,7 +27,7 @@ import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; -import java.util.List; +import java.util.Collections; import java.util.Set; /** @@ -83,26 +85,40 @@ private CertificateToken getIssuerCertificateToken(X509Certificate certificate) .getDSSIdAsString(), e); } throw CertificateValidationException.of(CertificateValidationStatus.UNTRUSTED, - "Failed to parse issuer certificate token. Not all intermediate certificates added into OCSP."); + "Failed to parse issuer certificate token. Not all intermediate certificates added into OCSP."); } private CertificateToken getIssuerForCertificateToken(CertificateToken certificateToken) { Set tokens = this.getIssuerFromCertificateSource(certificateToken); if (tokens.size() != 1) { throw new IllegalStateException(String.format("<%s> matching certificate tokens found from certificate source", - tokens.size())); + tokens.size())); } return tokens.iterator().next(); } private Set getIssuerFromCertificateSource(CertificateToken certificateToken) { - Set issuers = this.configuration.getTSL().getBySubject(certificateToken.getIssuer()); + Set issuers = getIssuers(certificateToken, this.configuration.getTSL()); if (CollectionUtils.isEmpty(issuers)) { - issuers = this.certificateSource.getBySubject(certificateToken.getIssuer()); + issuers = getIssuers(certificateToken, this.certificateSource); } return issuers; } + private Set getIssuers(final Token token, CertificateSource certificateSource) { + if (token.getPublicKeyOfTheSigner() != null) { + return certificateSource.getByPublicKey(token.getPublicKeyOfTheSigner()); + } else if (token.getIssuerX500Principal() != null) { + Set potentialIssuers = certificateSource.getBySubject(new X500PrincipalHelper(token.getIssuerX500Principal())); + for (CertificateToken potentialIssuer : potentialIssuers) { + if (token.isSignedBy(potentialIssuer)) { + return certificateSource.getByPublicKey(potentialIssuer.getPublicKey()); + } + } + } + return Collections.emptySet(); + } + /* * ACCESSORS */ diff --git a/digidoc4j/src/test/java/org/digidoc4j/CertificateValidatorBuilderTest.java b/digidoc4j/src/test/java/org/digidoc4j/CertificateValidatorBuilderTest.java index 018fee759..a5cb4d9c2 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/CertificateValidatorBuilderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/CertificateValidatorBuilderTest.java @@ -13,6 +13,21 @@ */ public class CertificateValidatorBuilderTest extends AbstractTest { + @Test + public void findOnlyOneIssuerWhenCNAreSame() throws Exception { + CertificateValidator validator = new CertificateValidatorBuilder().withConfiguration(this.configuration).build(); + validator.getCertificateSource().addCertificate(new CertificateToken(this.openX509Certificate(Paths.get + ("src/test/resources/testFiles/certs/sameCN_first.crt")))); + validator.getCertificateSource().addCertificate(new CertificateToken(this.openX509Certificate(Paths.get + ("src/test/resources/testFiles/certs/sameCN_second.crt")))); + try { + validator.validate(this.openX509Certificate(Paths.get("src/test/resources/testFiles/certs/sameCN_first_child.crt"))); + } catch (CertificateValidationException e) { + Assert.assertEquals("Not equals", CertificateValidationException.CertificateValidationStatus.UNKNOWN, e + .getCertificateStatus()); + } + } + @Test public void testCertificateStatusGood() { CertificateValidator validator = new CertificateValidatorBuilder().withConfiguration(this.configuration).build(); @@ -83,7 +98,7 @@ public void testProductionCertificateStatusUnknownWithOCSPResponseVerificationCe public void testLoadingOCSPIntermediateCertificatesFromCustomLocation() { ExtendedCertificateSource source = CertificateValidatorBuilder.getDefaultCertificateSource(); source.importFromPath(Paths.get("src/test/resources/testFiles/certs")); - Assert.assertEquals("Not equals", 10, source.getCertificates().size()); + Assert.assertEquals("Not equals", 13, source.getCertificates().size()); } /* diff --git a/digidoc4j/src/test/resources/testFiles/certs/sameCN_first.crt b/digidoc4j/src/test/resources/testFiles/certs/sameCN_first.crt new file mode 100644 index 000000000..c852b5df3 --- /dev/null +++ b/digidoc4j/src/test/resources/testFiles/certs/sameCN_first.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDZjCCAk4CAQEwDQYJKoZIhvcNAQEFBQAwgbQxCzAJBgNVBAYTAkVFMQ8wDQYD +VQQKDAZFU1RFSUQxGjAYBgNVBAsMEWRpZ2l0YWwgc2lnbmF0dXJlMTEwLwYDVQQD +DCjFvcOVUklOw5xXxaBLWSxNw4RSw5wtTMOWw5ZaLDExNDA0MTc2ODY1MRcwFQYD +VQQEDA7FvcOVUklOw5xXxaBLWTEWMBQGA1UEKgwNTcOEUsOcLUzDlsOWWjEUMBIG +A1UEBRMLMTE0MDQxNzY4NjUwHhcNMjEwMzAyMTU0NTExWhcNMjIwMzAyMTU0NTEx +WjA9MQswCQYDVQQGEwJFRTELMAkGA1UECAwCRUUxEDAOBgNVBAcMB1RhbGxpbm4x +DzANBgNVBAMMBnVuaXF1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AMXl9pqRAPmXnNuh5m31SeF0/kddTWiAHpw68A1I0OMr/1xE0eXnH+/JXpSzfEtB +8+q9Ar5EEIe1AUJm/puSNGlQNiZFGKk44xXcya1R0pkwHJbk24ChJl9af6YwFjNn +nBWZmphCMLfxm5tlfrCRuBJ4+c6gjjgI4wem7WZnGuTr4cqELugp1uf+3yAFBrbC +zI0ltseUs93pizrT1t2SGR7TtT+HrdlscD3XZmlMRm4U7Dh8/0GeC/jJuTo0HViS +AL/+VaXu3t2WwQy/CerdqY4EFkRcMDOhgJwukzHH3XbtbwkfMho0dqVd/HO+Qw90 +dTaDLKduKtsYyJcuYbJeye8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAHxYA1aEJ +ILGSRa77tHpUvGRQkGmce0Cl+LgYJIuaAYKkQaIXLpb1Su6ge/AYHBUt9vtstHyl +wpX3DUCBfazeduzPToawaMM+4pzVNYaoZfGQbfWGyQuMU5KckGA+LMUkLMnS0SqP +BBGcziWRjVATSYXz82/dtRIQ+Tf9xy96Y0fGDo892LxizWVIqCPwxmeJfMUd9VAD +Rj5mbKuRCEeTTJii/2D2C+/xB3USbXVgKiaRhWUob2IWv5aJcA5ZjNhIGleaQ+VH +ECRkw8UfK8u1BIQs3LnnI4v8fMp4n828l8HhSU5tgnP8qJtzN3+KS+oAsum5KanS +g4/UDKIX2RZeaw== +-----END CERTIFICATE----- diff --git a/digidoc4j/src/test/resources/testFiles/certs/sameCN_first_child.crt b/digidoc4j/src/test/resources/testFiles/certs/sameCN_first_child.crt new file mode 100644 index 000000000..f891461c0 --- /dev/null +++ b/digidoc4j/src/test/resources/testFiles/certs/sameCN_first_child.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC7TCCAdUCAQEwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCRUUxCzAJBgNV +BAgMAkVFMRAwDgYDVQQHDAdUYWxsaW5uMQ8wDQYDVQQDDAZ1bmlxdWUwHhcNMjEw +MzAzMDk1NzUzWhcNNDAwNTAyMDk1NzUzWjA8MQswCQYDVQQGEwJFRTELMAkGA1UE +CAwCRUUxEDAOBgNVBAcMB1RhbGxpbm4xDjAMBgNVBAMMBWNoaWxkMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq39ZVGGN1dFrfiL1veEApHeG80v6WJti +Da8nRmCfyElV+WLp0nwLA1lh54dbVqmlzBmiPgV2redQk4v8Zr1mrWfYRBMHLahU +wI70plMjwVgRN1mDpMnw2lRBjW90I5ViHe70l6IzQBoLUkFM0PI794loCkpnh0DL +dkrdNzdfid647UjNShiHZ5p6Bo69uoicIrLbl9zoKrowZnZhs+nT1tObE4Xbs3lB +akKMc9LboLJ3H5DgIsJ7uzcs5qYLu6giz5MEqms7h86AhbGpms2FymK/qlU+9PRL +/jXKDM9kk7OvfUWtqrlMBgdTVSxWG50csvPcSh+pzSdIZQwJkRPYPwIDAQABMA0G +CSqGSIb3DQEBBQUAA4IBAQAD+GTgvBzLstT3E44pC7b/CCXliBz6FO4JY5fP3AbP +BN3qqpW7+t6rEhSbD07Nv9iEiv9zoCyJR0N48RhGnlcTO4sLHt3TLh7k0JdYRa2K +Q7J9dAxRQTV5NGnyd2qGi1UFTARUrQIHJqFyYP+LMtrok1x1/l2d1mOkaP47v3xj +alY3skVMVN8sYngh8oYdNNneGZY5F5mIqSVId4tIQpWHA169qMnJBbwdKQg/XOC6 +lRXDObaH2mqvQK5L+q0goilS+eUtbAHJmm1e/YM1JT1KSwsXx65ZfLMu/Q2mhR0B +OQ7Qp5GLFuBt+ec5+0kBzX5Z6ZvrGo4JCeinGdkhxM39 +-----END CERTIFICATE----- diff --git a/digidoc4j/src/test/resources/testFiles/certs/sameCN_second.crt b/digidoc4j/src/test/resources/testFiles/certs/sameCN_second.crt new file mode 100644 index 000000000..1dd09018b --- /dev/null +++ b/digidoc4j/src/test/resources/testFiles/certs/sameCN_second.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDZjCCAk4CAQEwDQYJKoZIhvcNAQEFBQAwgbQxCzAJBgNVBAYTAkVFMQ8wDQYD +VQQKDAZFU1RFSUQxGjAYBgNVBAsMEWRpZ2l0YWwgc2lnbmF0dXJlMTEwLwYDVQQD +DCjFvcOVUklOw5xXxaBLWSxNw4RSw5wtTMOWw5ZaLDExNDA0MTc2ODY1MRcwFQYD +VQQEDA7FvcOVUklOw5xXxaBLWTEWMBQGA1UEKgwNTcOEUsOcLUzDlsOWWjEUMBIG +A1UEBRMLMTE0MDQxNzY4NjUwHhcNMjEwMzAyMTU0NzA0WhcNMjIwMzAyMTU0NzA0 +WjA9MQswCQYDVQQGEwJFRTELMAkGA1UECAwCRUUxEDAOBgNVBAcMB1RhbGxpbm4x +DzANBgNVBAMMBnVuaXF1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ALyLQUPv4a+32H09BM9gDG67degcf24ckvjnpVqxznMNFx9+RBfTFOt9XlpiDroy +wUxoV0siHOcNs9pQ4gvzCd6nxuT5ue5Fmsfn3bmPpWsYqvfiZ+qAFQv3dkjy1F0g +aZ44FzPa2LgzS3o8KZmOfYJFSq0Nv8PF7iFNTZR5VTyW0BJfZVnbz+T0ASihUcoO +UV2k5iT8XXMChiwxgwp1n75FOq+QecDtZWsvMTrrQcWdkeUc0baGU0ncKcnZjiHm +Ap0szezwEN+QWCTKtpKb7MoR5+/ra7MVJ71Tl6AFlgZl3c7UgG44UTvbG0wBb0a5 +keGH7Vy7xjaqDHyfZFeuWSMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAKrIlqpR4 +I3uNpX5z4xQDasLSpM7HabB0GEnYMXaxepyzhRB0daQrF++nPLb637H7lfAQlb8Q +a4RnVMdfgeSnQ/StJ9RErd9pkL5rojPUburicJebwrOaiTRbC9BDpahxj97vK8Pj +0FeoBCapbr+rsaP2QCYjGgLhHe/hPMlP97gYx1DwVtuYBcZvYADsltbhWdGpAHMB +WtTNlsjdVvj+afZPmxD1ROQIIMQM9YfOdMiqI5k5E9UU3j3YVJuend9mwZf+fQzn +9E28Fe1agLtQCQWmlmDbcm4kIiJP4F0YpTqL0rDm+xEXxceQ9BZsUNzItQn9kt5g +BVY91vKFBT7uKw== +-----END CERTIFICATE----- From e5cf82b48cba716762bc876014c19bd277720179 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Thu, 4 Mar 2021 15:21:25 +0200 Subject: [PATCH 19/45] DD4J-381 configurable temp file deletion --- .../java/org/digidoc4j/Configuration.java | 58 ++++++++++++------ .../org/digidoc4j/ConfigurationParameter.java | 4 +- .../impl/asic/AsicContainerCreator.java | 8 ++- .../impl/asic/asice/AsicEContainer.java | 2 +- .../impl/asic/asics/AsicSContainer.java | 2 +- .../main/java/org/digidoc4j/utils/Helper.java | 39 ++++++------ .../java/org/digidoc4j/ConfigurationTest.java | 18 ++++++ .../digidoc4j/impl/StreamDocumentTest.java | 59 ++++++++++++------- .../digidoc_test_conf_temp_file_max_age.yaml | 1 + 9 files changed, 126 insertions(+), 65 deletions(-) create mode 100644 digidoc4j/src/test/resources/testFiles/yaml-configurations/digidoc_test_conf_temp_file_max_age.yaml diff --git a/digidoc4j/src/main/java/org/digidoc4j/Configuration.java b/digidoc4j/src/main/java/org/digidoc4j/Configuration.java index 1d61b773a..1518a4372 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/Configuration.java +++ b/digidoc4j/src/main/java/org/digidoc4j/Configuration.java @@ -136,6 +136,7 @@ *
  • SUPPORTED_SSL_PROTOCOLS: list of supported SSL protocols (by default uses implementation defaults)
    • *
  • SUPPORTED_SSL_CIPHER_SUITES: list of supported SSL cipher suites (by default uses implementation defaults)
    • *
  • ALLOWED_TS_AND_OCSP_RESPONSE_DELTA_IN_MINUTES: Allowed delay between timestamp and OCSP response in minutes.
    • + *
  • TEMP_FILE_MAX_AGE: Maximum age in milliseconds till TEMP files are deleted (works only when saving container).
    • *
  • ALLOW_UNSAFE_INTEGER: Allows to use unsafe Integer because of few applications still struggle with the * ASN.1 BER encoding rules for an INTEGER as described in: * {@link https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf. } @@ -645,6 +646,24 @@ public boolean getUseNonceForAiaOcspByCN(String cn) { return true; } + /** + * Set temp file max age in millis + * + * @param tempFileMaxAgeInMillis max age in millis + */ + public void setTempFileMaxAge(long tempFileMaxAgeInMillis) { + this.setConfigurationParameter(ConfigurationParameter.TempFileMaxAgeInMillis, String.valueOf(tempFileMaxAgeInMillis)); + } + + /** + * Get temp file max age + * + * @return temp file max age in millis + */ + public long getTempFileMaxAge() { + return this.getConfigurationParameter(ConfigurationParameter.TempFileMaxAgeInMillis, Long.class); + } + /** * Set HTTP connection timeout * @@ -1167,10 +1186,10 @@ public boolean isProxyOfTypeFor(ExternalConnectionType connectionType, Protocol */ public boolean isSslConfigurationEnabled() { return StringUtils.isNotBlank(this.getSslKeystorePath()) || - StringUtils.isNotBlank(this.getSslTruststorePath()) || - StringUtils.isNotBlank(this.getSslProtocol()) || - CollectionUtils.isNotEmpty(this.getSupportedSslProtocols()) || - CollectionUtils.isNotEmpty(this.getSupportedSslCipherSuites()); + StringUtils.isNotBlank(this.getSslTruststorePath()) || + StringUtils.isNotBlank(this.getSslProtocol()) || + CollectionUtils.isNotEmpty(this.getSupportedSslProtocols()) || + CollectionUtils.isNotEmpty(this.getSupportedSslCipherSuites()); } /** @@ -1181,10 +1200,10 @@ public boolean isSslConfigurationEnabled() { */ public boolean isSslConfigurationEnabledFor(ExternalConnectionType connectionType) { return StringUtils.isNotBlank(this.getSslKeystorePathFor(connectionType)) || - StringUtils.isNotBlank(this.getSslTruststorePathFor(connectionType)) || - StringUtils.isNotBlank(this.getSslProtocolFor(connectionType)) || - CollectionUtils.isNotEmpty(this.getSupportedSslProtocolsFor(connectionType)) || - CollectionUtils.isNotEmpty(this.getSupportedSslCipherSuitesFor(connectionType)); + StringUtils.isNotBlank(this.getSslTruststorePathFor(connectionType)) || + StringUtils.isNotBlank(this.getSslProtocolFor(connectionType)) || + CollectionUtils.isNotEmpty(this.getSupportedSslProtocolsFor(connectionType)) || + CollectionUtils.isNotEmpty(this.getSupportedSslCipherSuitesFor(connectionType)); } /** @@ -1474,7 +1493,7 @@ public String getSslProtocolFor(ExternalConnectionType connectionType) { */ public void setSupportedSslProtocols(List supportedSslProtocols) { this.setConfigurationParameter(ConfigurationParameter.SupportedSslProtocols, Optional.ofNullable(supportedSslProtocols) - .map(l -> l.toArray(new String[l.size()])).orElse(null)); + .map(l -> l.toArray(new String[l.size()])).orElse(null)); } /** @@ -1486,7 +1505,7 @@ public void setSupportedSslProtocols(List supportedSslProtocols) { */ public void setSupportedSslProtocolsFor(ExternalConnectionType connectionType, List supportedSslProtocols) { this.setConfigurationParameter(connectionType.mapToSpecificParameter(ConfigurationParameter.SupportedSslProtocols), - Optional.ofNullable(supportedSslProtocols).map(l -> l.toArray(new String[l.size()])).orElse(null)); + Optional.ofNullable(supportedSslProtocols).map(l -> l.toArray(new String[l.size()])).orElse(null)); } /** @@ -1528,7 +1547,7 @@ public void setSupportedSslCipherSuites(List supportedSslCipherSuites) { */ public void setSupportedSslCipherSuitesFor(ExternalConnectionType connectionType, List supportedSslCipherSuites) { this.setConfigurationParameter(connectionType.mapToSpecificParameter(ConfigurationParameter.SupportedSslCipherSuites), - Optional.ofNullable(supportedSslCipherSuites).map(l -> l.toArray(new String[l.size()])).orElse(null)); + Optional.ofNullable(supportedSslCipherSuites).map(l -> l.toArray(new String[l.size()])).orElse(null)); } /** @@ -1690,9 +1709,9 @@ public Configuration copy() { return copyConfiguration; } - /* - * RESTRICTED METHODS - */ + /* + * RESTRICTED METHODS + */ protected ConfigurationRegistry getRegistry() { return this.registry; @@ -1710,6 +1729,8 @@ private void initDefaultValues() { String.valueOf(Constant.ONE_DAY_IN_MINUTES)); this.setConfigurationParameter(ConfigurationParameter.TslCacheExpirationTimeInMillis, String.valueOf(Constant.ONE_DAY_IN_MILLISECONDS)); + this.setConfigurationParameter(ConfigurationParameter.TempFileMaxAgeInMillis, + String.valueOf(Constant.ONE_DAY_IN_MILLISECONDS)); this.setConfigurationParameter(ConfigurationParameter.AllowedTimestampAndOCSPResponseDeltaInMinutes, "15"); this.setConfigurationParameter(ConfigurationParameter.SignatureProfile, Constant.Default.SIGNATURE_PROFILE); this.setConfigurationParameter(ConfigurationParameter.SignatureDigestAlgorithm, @@ -1774,6 +1795,7 @@ private void loadInitialConfigurationValues() { ConfigurationParameter.OcspAccessCertificateFile); this.setConfigurationParameterFromFile("DIGIDOC_PKCS12_PASSWD", ConfigurationParameter.OcspAccessCertificatePassword); + this.setConfigurationParameterFromFile("TEMP_FILE_MAX_AGE", ConfigurationParameter.TempFileMaxAgeInMillis); this.setConfigurationParameterFromFile("CONNECTION_TIMEOUT", ConfigurationParameter.ConnectionTimeoutInMillis); this.setConfigurationParameterFromFile("SOCKET_TIMEOUT", ConfigurationParameter.SocketTimeoutInMillis); this.setConfigurationParameterFromFile("SIGN_OCSP_REQUESTS", ConfigurationParameter.SignOcspRequests); @@ -2020,9 +2042,9 @@ private void loadYamlAiaOCSPs(LinkedHashMap configurationFromYam } if (CollectionUtils.isNotEmpty(aiaOcspsFromYaml)) { List> entryPairs = Arrays.asList( - Pair.of("ISSUER_CN", ConfigurationParameter.issuerCn), - Pair.of("OCSP_SOURCE", ConfigurationParameter.aiaOcspSource), - Pair.of("USE_NONCE", ConfigurationParameter.useNonce) + Pair.of("ISSUER_CN", ConfigurationParameter.issuerCn), + Pair.of("OCSP_SOURCE", ConfigurationParameter.aiaOcspSource), + Pair.of("USE_NONCE", ConfigurationParameter.useNonce) ); for (int i = 0; i < aiaOcspsFromYaml.size(); i++) { Map aiaOcspFromYaml = aiaOcspsFromYaml.get(i); @@ -2101,7 +2123,7 @@ private void reportFileParseErrors() { } } - private void loadYamlOcspResponders(){ + private void loadYamlOcspResponders() { List responders = getStringListParameterFromFile("ALLOWED_OCSP_RESPONDERS_FOR_TM"); if (responders != null) { String[] respondersValue = responders.toArray(new String[0]); diff --git a/digidoc4j/src/main/java/org/digidoc4j/ConfigurationParameter.java b/digidoc4j/src/main/java/org/digidoc4j/ConfigurationParameter.java index 246c22836..44b60f816 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/ConfigurationParameter.java +++ b/digidoc4j/src/main/java/org/digidoc4j/ConfigurationParameter.java @@ -97,7 +97,9 @@ public enum ConfigurationParameter { TspSslTruststorePassword("TSP_SSL_TRUSTSTORE_PASSWORD"), TspSslProtocol("TSP_SSL_PROTOCOL"), TspSupportedSslProtocols("TSP_SUPPORTED_SSL_PROTOCOLS"), - TspSupportedSslCipherSuites("TSP_SUPPORTED_SSL_CIPHER_SUITES"); + TspSupportedSslCipherSuites("TSP_SUPPORTED_SSL_CIPHER_SUITES"), + TempFileMaxAgeInMillis; + final String fileKey; diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerCreator.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerCreator.java index c251d78a1..1bdc89173 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerCreator.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerCreator.java @@ -23,6 +23,7 @@ import java.util.zip.ZipOutputStream; import org.apache.commons.io.IOUtils; +import org.digidoc4j.Configuration; import org.digidoc4j.Constant; import org.digidoc4j.DataFile; import org.digidoc4j.Signature; @@ -49,11 +50,14 @@ public class AsicContainerCreator { private final ZipOutputStream zipOutputStream; private final OutputStream outputStream; private String zipComment; + private Configuration configuration; /** * @param outputStream stream + * @param configuration */ - public AsicContainerCreator(OutputStream outputStream) { + public AsicContainerCreator(OutputStream outputStream, Configuration configuration) { + this.configuration = configuration; this.outputStream = outputStream; this.zipOutputStream = new ZipOutputStream(outputStream, CHARSET); } @@ -65,7 +69,7 @@ public void finalizeZipFile() { } catch (IOException e) { handleIOException("Unable to finish creating asic ZIP container", e); } finally { - Helper.deleteTmpFiles(); + Helper.deleteTmpFiles(configuration.getTempFileMaxAge()); } } diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asice/AsicEContainer.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asice/AsicEContainer.java index 89e2ec1d0..532ec29f8 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asice/AsicEContainer.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asice/AsicEContainer.java @@ -157,7 +157,7 @@ protected AsicEContainer(AsicParseResult containerParseResult, Configuration con @Override public void save(OutputStream out) { - writeAsicContainer(new AsicContainerCreator(out)); + writeAsicContainer(new AsicContainerCreator(out, getConfiguration())); } @Override diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asics/AsicSContainer.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asics/AsicSContainer.java index a27ddf87f..55b771cdc 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asics/AsicSContainer.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/asics/AsicSContainer.java @@ -93,7 +93,7 @@ public DataFile getTimeStampToken() { @Override public void save(OutputStream out) { - writeAsicContainer(new AsicContainerCreator(out)); + writeAsicContainer(new AsicContainerCreator(out, getConfiguration())); } @Override diff --git a/digidoc4j/src/main/java/org/digidoc4j/utils/Helper.java b/digidoc4j/src/main/java/org/digidoc4j/utils/Helper.java index 162480d94..df1e23763 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/utils/Helper.java +++ b/digidoc4j/src/main/java/org/digidoc4j/utils/Helper.java @@ -1,12 +1,12 @@ /* DigiDoc4J library -* -* This software is released under either the GNU Library General Public -* License (see LICENSE.LGPL). -* -* Note that the only valid version of the LGPL license as far as this -* project is concerned is the original GNU Library General Public License -* Version 2.1, February 1999 -*/ + * + * This software is released under either the GNU Library General Public + * License (see LICENSE.LGPL). + * + * Note that the only valid version of the LGPL license as far as this + * project is concerned is the original GNU Library General Public License + * Version 2.1, February 1999 + */ package org.digidoc4j.utils; @@ -230,8 +230,8 @@ public static String extractSignature(String file, int index) throws IOException */ public static void serialize(T object, File file) { try ( - FileOutputStream fileOut = new FileOutputStream(file); - ObjectOutputStream out = new ObjectOutputStream(fileOut); + FileOutputStream fileOut = new FileOutputStream(file); + ObjectOutputStream out = new ObjectOutputStream(fileOut); ) { out.writeObject(object); out.flush(); @@ -259,8 +259,8 @@ public static void serialize(T object, String filename) { */ public static T deserializer(File file) { try ( - FileInputStream fileIn = new FileInputStream(file); - ObjectInputStream in = new ObjectInputStream(fileIn); + FileInputStream fileIn = new FileInputStream(file); + ObjectInputStream in = new ObjectInputStream(fileIn); ) { T object = (T) in.readObject(); return object; @@ -412,15 +412,14 @@ public static void saveAllFilesFromContainerPathToFolder(String pathFrom, String /** * delete tmp files from temp folder created by StreamDocument */ - public static void deleteTmpFiles() { + public static void deleteTmpFiles(long allowedAge) { File dir = new File(System.getProperty("java.io.tmpdir")); - FilenameFilter filenameFilter = new FilenameFilter() { - @Override - public boolean accept(File dir, String name) { - return name.toLowerCase().startsWith("digidoc4j") && name.toLowerCase().endsWith(".tmp"); - } - }; + FilenameFilter filenameFilter = (dir1, name) -> name.toLowerCase().startsWith("digidoc4j") + && name.toLowerCase().endsWith(".tmp"); for (File f : dir.listFiles(filenameFilter)) { + if (System.currentTimeMillis() - f.lastModified() < allowedAge) { + continue; + } if (!f.delete()) { f.deleteOnExit(); } @@ -491,7 +490,7 @@ private static File[] getFilesFromJar(URL jarUrl, FileFilter filter) { } for (ZipEntry entry : entries) { try (InputStream inputStream = zipFile.getInputStream(entry); OutputStream outputStream = new - FileOutputStream(Paths.get(outputFolder.getPath(), new File(entry.getName()).getName()).toFile())) { + FileOutputStream(Paths.get(outputFolder.getPath(), new File(entry.getName()).getName()).toFile())) { IOUtils.copy(inputStream, outputStream); } } diff --git a/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java b/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java index b5cc2ce8f..960cc78f6 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ConfigurationTest.java @@ -1137,6 +1137,24 @@ public void verifyAllOptionalConfigurationSettingsAreLoadedFromFile() throws Exc Assert.assertEquals("Set validation policy", this.configuration.getValidationPolicy()); } + @Test + public void getDefaultTempFileMaxAge() throws Exception { + Assert.assertEquals(86400000, this.configuration.getTempFileMaxAge()); + } + + @Test + public void loadTempFileMaxAgeFromFile() throws Exception { + this.configuration.loadConfiguration("src/test/resources/testFiles/yaml-configurations/digidoc_test_conf_temp_file_max_age.yaml"); + Assert.assertEquals(60, this.configuration.getTempFileMaxAge()); + } + + @Test + public void setTempFileMaxAgeFromCode(){ + this.configuration.loadConfiguration("src/test/resources/testFiles/yaml-configurations/digidoc_test_conf_temp_file_max_age.yaml"); + this.configuration.setTempFileMaxAge(1000); + Assert.assertEquals(1000, this.configuration.getTempFileMaxAge()); + } + @Test public void getDefaultConnectionTimeout() throws Exception { Assert.assertEquals(1000, this.configuration.getConnectionTimeout()); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java index 442c31ea2..59714fd03 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java @@ -1,19 +1,34 @@ /* DigiDoc4J library -* -* This software is released under either the GNU Library General Public -* License (see LICENSE.LGPL). -* -* Note that the only valid version of the LGPL license as far as this -* project is concerned is the original GNU Library General Public License -* Version 2.1, February 1999 -*/ + * + * This software is released under either the GNU Library General Public + * License (see LICENSE.LGPL). + * + * Note that the only valid version of the LGPL license as far as this + * project is concerned is the original GNU Library General Public License + * Version 2.1, February 1999 + */ package org.digidoc4j.impl; +import eu.europa.esig.dss.enumerations.DigestAlgorithm; +import eu.europa.esig.dss.model.DSSException; +import eu.europa.esig.dss.model.MimeType; +import org.apache.commons.io.IOUtils; +import org.digidoc4j.AbstractTest; +import org.digidoc4j.DataFile; +import org.digidoc4j.test.MockStreamDocument; +import org.digidoc4j.utils.Helper; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileReader; +import java.io.FilenameFilter; import java.io.IOException; import java.io.InputStream; import java.nio.file.Files; @@ -23,20 +38,6 @@ import java.util.HashSet; import java.util.Set; -import org.apache.commons.io.IOUtils; -import org.digidoc4j.AbstractTest; -import org.digidoc4j.DataFile; -import org.digidoc4j.test.MockStreamDocument; -import org.junit.Assert; -import org.junit.BeforeClass; -import org.junit.Test; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import eu.europa.esig.dss.model.DSSException; -import eu.europa.esig.dss.enumerations.DigestAlgorithm; -import eu.europa.esig.dss.model.MimeType; - public class StreamDocumentTest extends AbstractTest { private static final Logger logger = LoggerFactory.getLogger(StreamDocumentTest.class); @@ -146,6 +147,20 @@ public void createDocumentFromStreamedDataFile() throws Exception { } } + @Test + public void documentManualDeletion() { + File dir = new File(System.getProperty("java.io.tmpdir")); + FilenameFilter filenameFilter = (dir1, name) -> name.toLowerCase().startsWith("digidoc4j") + && name.toLowerCase().endsWith(".tmp"); + int initialCount = dir.listFiles(filenameFilter).length; + Helper.deleteTmpFiles(10000000); + int count = dir.listFiles(filenameFilter).length; + Assert.assertEquals(initialCount, count); + Helper.deleteTmpFiles(0); + count = dir.listFiles(filenameFilter).length; + Assert.assertEquals(0, count); + } + @Test public void getDigest() throws Exception { Assert.assertEquals("VZrq0IJk1XldOQlxjN0Fq9SVcuhP5VWQ7vMaiKCP3/0=", document.getDigest(DigestAlgorithm.SHA256)); diff --git a/digidoc4j/src/test/resources/testFiles/yaml-configurations/digidoc_test_conf_temp_file_max_age.yaml b/digidoc4j/src/test/resources/testFiles/yaml-configurations/digidoc_test_conf_temp_file_max_age.yaml new file mode 100644 index 000000000..fb788193c --- /dev/null +++ b/digidoc4j/src/test/resources/testFiles/yaml-configurations/digidoc_test_conf_temp_file_max_age.yaml @@ -0,0 +1 @@ +TEMP_FILE_MAX_AGE: 60 \ No newline at end of file From 33d91d359f2fc1bc37c0918e0ccdfcbfeab8d5e2 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Fri, 5 Mar 2021 14:13:42 +0200 Subject: [PATCH 20/45] DD4J-619 ability to close signatureToken connections --- .../src/main/java/org/digidoc4j/SignatureToken.java | 1 + .../java/org/digidoc4j/signers/ExternalSigner.java | 5 +++++ .../org/digidoc4j/signers/PKCS11SignatureToken.java | 13 +++++++++---- .../org/digidoc4j/signers/PKCS12SignatureToken.java | 5 +++++ 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/SignatureToken.java b/digidoc4j/src/main/java/org/digidoc4j/SignatureToken.java index c8242bf9f..fa51308a2 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/SignatureToken.java +++ b/digidoc4j/src/main/java/org/digidoc4j/SignatureToken.java @@ -33,4 +33,5 @@ public interface SignatureToken { */ byte[] sign(DigestAlgorithm digestAlgorithm, byte[] dataToSign); + void close(); } diff --git a/digidoc4j/src/main/java/org/digidoc4j/signers/ExternalSigner.java b/digidoc4j/src/main/java/org/digidoc4j/signers/ExternalSigner.java index c3fd8067a..4946ad590 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/signers/ExternalSigner.java +++ b/digidoc4j/src/main/java/org/digidoc4j/signers/ExternalSigner.java @@ -35,4 +35,9 @@ public X509Certificate getCertificate() { return this.signingCertificate; } + @Override + public void close(){ + //Do nothing + } + } diff --git a/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS11SignatureToken.java b/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS11SignatureToken.java index 25ad374df..28d25f752 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS11SignatureToken.java +++ b/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS11SignatureToken.java @@ -49,7 +49,7 @@ * For Linux, it could be /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so,
    * For OSX, it could be /usr/local/lib/opensc-pkcs11.so
    */ -public class PKCS11SignatureToken implements SignatureToken { +public class PKCS11SignatureToken implements SignatureToken { private static final Logger logger = LoggerFactory.getLogger(PKCS11SignatureToken.class); private static final String EXTRA_PKCS11_CONFIG = ""; @@ -98,7 +98,7 @@ public PKCS11SignatureToken(String pkcs11ModulePath, PasswordInputCallback passw public PKCS11SignatureToken(String pkcs11ModulePath, char[] password, int slotIndex, String label) { this.label = label; logger.debug("Initializing PKCS#11 signature token from " + pkcs11ModulePath + " and slot " + slotIndex + " and " + - "label " + label); + "label " + label); PasswordInputCallback passwordCallback = new PrefilledPasswordCallback(new KeyStore.PasswordProtection(password)); signatureTokenConnection = new Pkcs11SignatureToken(pkcs11ModulePath, passwordCallback, DEFAULT_SLOT_ID, slotIndex, EXTRA_PKCS11_CONFIG); privateKeyEntry = findPrivateKey(X509Cert.KeyUsage.NON_REPUDIATION); @@ -119,7 +119,7 @@ public PKCS11SignatureToken(String pkcs11ModulePath, PasswordInputCallback passw String label) { this.label = label; logger.debug("Initializing PKCS#11 signature token with password callback from " + pkcs11ModulePath + " and " + - "slot " + slotIndex + " Label " + label); + "slot " + slotIndex + " Label " + label); signatureTokenConnection = new Pkcs11SignatureToken(pkcs11ModulePath, passwordCallback, DEFAULT_SLOT_ID, slotIndex, EXTRA_PKCS11_CONFIG); privateKeyEntry = findPrivateKey(X509Cert.KeyUsage.NON_REPUDIATION); } @@ -175,7 +175,7 @@ public byte[] sign(DigestAlgorithm digestAlgorithm, byte[] dataToSign) { return signRSA(digestAlgorithm, dataToSign); } throw new TechnicalException("Failed to sign with PKCS#11. Encryption Algorithm should be ECDSA or RSA " + - "but actually is : " + encryptionAlg); + "but actually is : " + encryptionAlg); } throw new TechnicalException("privateKeyEntry is null"); } @@ -228,4 +228,9 @@ private byte[] invokeSigning(byte[] digestToSign, PrivateKey privateKey, String byte[] signatureValue = signer.sign(); return signatureValue; } + + @Override + public void close() { + signatureTokenConnection.close(); + } } diff --git a/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java b/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java index c2d08ffc4..533df8eea 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java +++ b/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java @@ -125,6 +125,11 @@ public byte[] sign(org.digidoc4j.DigestAlgorithm digestAlgorithm, byte[] dataToS return signature.getValue(); } + @Override + public void close() { + signatureTokenConnection.close(); + } + /** * Returns key entry alias in keyStore. */ From 98714f24a1cb9146993c262ab33df328540ae576 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Fri, 5 Mar 2021 15:30:59 +0200 Subject: [PATCH 21/45] DD4J-577 remove unnecessary code --- .../impl/asic/manifest/ManifestValidator.java | 16 +--------------- .../org/digidoc4j/impl/StreamDocumentTest.java | 3 +-- 2 files changed, 2 insertions(+), 17 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/manifest/ManifestValidator.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/manifest/ManifestValidator.java index 0048f401d..667a665ed 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/manifest/ManifestValidator.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/manifest/ManifestValidator.java @@ -216,25 +216,11 @@ private String getFileURI(Reference reference) { private List getFilesInContainer() { List fileEntries = new ArrayList<>(); - - List signatureFileNames = getSignatureFileNames(); - for (DSSDocument detachedContent : detachedContents) { String name = detachedContent.getName(); - if (!(MANIFEST_PATH.equals(name) || ("META-INF/".equals(name)) || (MIMETYPE_PATH.equals(name) - || signatureFileNames.contains(name)))) { - fileEntries.add(name); - } + fileEntries.add(name); } return fileEntries; } - private List getSignatureFileNames() { - List signatureFileNames = new ArrayList<>(); - for (Signature signature : signatures) { - String signatureFileName = "META-INF/signature" + signature.getId().toLowerCase() + ".xml"; - signatureFileNames.add(signatureFileName); - } - return signatureFileNames; - } } diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java index 59714fd03..c9fe9575c 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/StreamDocumentTest.java @@ -152,10 +152,9 @@ public void documentManualDeletion() { File dir = new File(System.getProperty("java.io.tmpdir")); FilenameFilter filenameFilter = (dir1, name) -> name.toLowerCase().startsWith("digidoc4j") && name.toLowerCase().endsWith(".tmp"); - int initialCount = dir.listFiles(filenameFilter).length; Helper.deleteTmpFiles(10000000); int count = dir.listFiles(filenameFilter).length; - Assert.assertEquals(initialCount, count); + Assert.assertTrue(count >= 1); Helper.deleteTmpFiles(0); count = dir.listFiles(filenameFilter).length; Assert.assertEquals(0, count); From a9df31868ab38ab295b2aede59e4184fb0821d51 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Fri, 5 Mar 2021 15:43:00 +0200 Subject: [PATCH 22/45] MAINTENANE version bump 4.1.0->4.2.0-SNAPSHOT --- ddoc4j/pom.xml | 4 ++-- digidoc4j/pom.xml | 6 +++--- pom.xml | 2 +- publish.sh | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ddoc4j/pom.xml b/ddoc4j/pom.xml index da422592a..15f1ee887 100644 --- a/ddoc4j/pom.xml +++ b/ddoc4j/pom.xml @@ -6,7 +6,7 @@ org.digidoc4j ddoc4j jar - 4.1.0 + 4.2.0-SNAPSHOT DDoc4J DDoc4J is Java Library for validating DDOC documents. It's not recommended to use it directly but rather through DigiDoc4J's API. @@ -15,7 +15,7 @@ digidoc4j-parent org.digidoc4j - 4.1.0 + 4.2.0-SNAPSHOT diff --git a/digidoc4j/pom.xml b/digidoc4j/pom.xml index ccf9147df..090e169ca 100644 --- a/digidoc4j/pom.xml +++ b/digidoc4j/pom.xml @@ -7,7 +7,7 @@ org.digidoc4j digidoc4j jar - 4.1.0 + 4.2.0-SNAPSHOT DigiDoc4j DigiDoc4j is a Java library for digitally signing documents and creating digital signature containers @@ -18,7 +18,7 @@ digidoc4j-parent org.digidoc4j - 4.1.0 + 4.2.0-SNAPSHOT @@ -43,7 +43,7 @@ ddoc4j org.digidoc4j - 4.1.0 + 4.2.0-SNAPSHOT diff --git a/pom.xml b/pom.xml index 445a05dc5..889841430 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.digidoc4j digidoc4j-parent - 4.1.0 + 4.2.0-SNAPSHOT pom DigiDoc4J parent diff --git a/publish.sh b/publish.sh index 959b88e47..fe6886c35 100755 --- a/publish.sh +++ b/publish.sh @@ -1,6 +1,6 @@ #!/bin/bash -version="4.1.0" +version="4.2.0-SNAPSHOT" staging_url="https://oss.sonatype.org/service/local/staging/deploy/maven2/" repositoryId="ossrh" From 0fe9ecd4b56a38d30136fa6a0566184d49e76c9e Mon Sep 17 00:00:00 2001 From: siimsuu Date: Wed, 10 Mar 2021 14:49:08 +0200 Subject: [PATCH 23/45] DD4J-374 remove validation nullPointerException --- .../org/digidoc4j/ddoc/factory/SAXDigiDocFactory.java | 7 ++++++- .../test/java/org/digidoc4j/ContainerOpenerTest.java | 10 ---------- .../java/org/digidoc4j/impl/ddoc/ValidationTest.java | 9 +++++++++ 3 files changed, 15 insertions(+), 11 deletions(-) diff --git a/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/SAXDigiDocFactory.java b/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/SAXDigiDocFactory.java index 383da0a33..6f6be18e2 100644 --- a/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/SAXDigiDocFactory.java +++ b/ddoc4j/src/main/java/org/digidoc4j/ddoc/factory/SAXDigiDocFactory.java @@ -984,7 +984,12 @@ public void startElement(String namespaceURI, String lName, String qName, Attrib String Id = attrs.getValue("Id"); if(Id != null) ref.setId(Id); - ref.setUri(ConvertUtils.unescapeXmlSymbols(ConvertUtils.uriDecode(URI))); + if (URI==null) { + DigiDocException ex = new DigiDocException(DigiDocException.ERR_DATA_FILE_ATTR_VALUE,"URI Attribute value is required", null); + handleSAXError(ex); + } else { + ref.setUri(ConvertUtils.unescapeXmlSymbols(ConvertUtils.uriDecode(URI))); + } String sType = attrs.getValue("Type"); if(sType != null) ref.setType(sType); diff --git a/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java b/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java index 579ef768e..7eb42302f 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/ContainerOpenerTest.java @@ -147,16 +147,6 @@ public void testErrorText75NotChanged() { } } - @Test - public void testErrorText75ChangedAndNullPointer() { - try { - ContainerBuilder.aContainer().fromExistingFile("src/test/resources/testFiles/invalid-containers/23133_ddoc-12.ddoc"). - build(); - } catch (DigiDoc4JException e) { - Assert.assertTrue(e.getMessage().contains("Invalid input file format.")); - } - } - @Test public void testErrorText75AndInvalidPath() { try { diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/ddoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/ddoc/ValidationTest.java index d615381b7..dcde7d5d5 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/ddoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/ddoc/ValidationTest.java @@ -17,6 +17,15 @@ public void setInvalidOcspResponder() { TestAssert.assertContainsError("OCSP Responder does not meet TM requirements", result.getErrors()); } + @Test + public void missingURIAttributeValue() { + ConfigManagerInitializer.forceInitConfigManager(this.configuration); + Container container = ContainerBuilder.aContainer() + .fromExistingFile("src/test/resources/testFiles/invalid-containers/23133_ddoc-12.ddoc").build(); + SignatureValidationResult result = container.validate(); + TestAssert.assertContainsError("URI Attribute value is required", result.getErrors()); + } + @Test public void defaultOcspResponderSuccessful(){ ConfigManagerInitializer.forceInitConfigManager(this.configuration); From 0a69c78a6370b1dcc8a98ed276b3ac32c6d35b3f Mon Sep 17 00:00:00 2001 From: siimsuu Date: Fri, 12 Mar 2021 12:37:22 +0200 Subject: [PATCH 24/45] DD4J-469 test fix --- .../java/org/digidoc4j/SignatureTest.java | 27 +++++-------------- 1 file changed, 6 insertions(+), 21 deletions(-) diff --git a/digidoc4j/src/test/java/org/digidoc4j/SignatureTest.java b/digidoc4j/src/test/java/org/digidoc4j/SignatureTest.java index f8260b732..6821402aa 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/SignatureTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/SignatureTest.java @@ -318,7 +318,7 @@ public void testGetTimeStampTokenCertificateForDDoc() { @Test public void testGetNonceForBDoc() { Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/valid-bdoc-tm.bdoc"); - String nonce = Base64.encodeBase64String(container.getSignatures().get(0).getOCSPNonce()); + String nonce = Base64.encodeBase64String(container.getSignatures().get(0).getOCSPNonce()); Assert.assertEquals("MDEwDQYJYIZIAWUDBAIBBQAEIGYrFuVObKYFoA8P22TxZ8knTH4dLASQ2hEG5ejvV1gK", nonce); } @@ -428,27 +428,12 @@ public void gettingOcspCertificate_whenTslIsNotLoaded() throws Exception { } @Test - @Ignore("DD4J-469") - public void checkCertificateSSCDSupport() { + public void certificateContainsNotSupportedTssQcQualifier() { this.configuration = new Configuration(Configuration.Mode.PROD); - TslManager tslManager = new TslManager(this.configuration); - TSLCertificateSource certificateSource = tslManager.getTsl(); - this.configuration.setTSL(certificateSource); - DSSDocument document = new FileDocument( - "src/test/resources/prodFiles/invalid-containers/edoc2_lv-eId_sha256.edoc"); - SignedDocumentValidator validator = SignedDocumentValidator.fromDocument(document); - SKCommonCertificateVerifier verifier = new SKCommonCertificateVerifier(); - OCSPSource ocspSource = OCSPSourceBuilder.anOcspSource().withConfiguration(this.configuration).build(); - verifier.setOcspSource(ocspSource); - verifier.setTrustedCertSource(this.configuration.getTSL()); - verifier.setDataLoader(new CommonsDataLoader()); - validator.setCertificateVerifier(verifier); - Reports reports = validator.validateDocument(); - boolean isValid = true; - for (String signatureId : reports.getSimpleReport().getSignatureIdList()) { - isValid = isValid && reports.getSimpleReport().isValid(signatureId); - } - Assert.assertTrue(isValid); + Container container = this.openContainerByConfiguration( + Paths.get("src/test/resources/prodFiles/invalid-containers/edoc2_lv-eId_sha256.edoc"), + this.configuration); + Assert.assertFalse(container.validate().isValid()); } @Test From bfbc17edcbc5f750e6dbe7c16cb8af1938345328 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Tue, 16 Mar 2021 12:25:33 +0200 Subject: [PATCH 25/45] DD4J-455 Platform independent datafile name escaping --- .../src/main/java/org/digidoc4j/DataFile.java | 4 +- .../test/java/org/digidoc4j/DataFileTest.java | 57 ++++++++++++++++--- 2 files changed, 51 insertions(+), 10 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/DataFile.java b/digidoc4j/src/main/java/org/digidoc4j/DataFile.java index 0f5ca4391..c241ddcac 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/DataFile.java +++ b/digidoc4j/src/main/java/org/digidoc4j/DataFile.java @@ -18,6 +18,7 @@ import eu.europa.esig.dss.model.FileDocument; import eu.europa.esig.dss.model.InMemoryDocument; import eu.europa.esig.dss.model.MimeType; +import org.apache.commons.io.FilenameUtils; import org.apache.commons.io.IOUtils; import org.digidoc4j.exceptions.DigiDoc4JException; import org.digidoc4j.exceptions.InvalidDataFileException; @@ -27,7 +28,6 @@ import org.slf4j.LoggerFactory; import java.io.ByteArrayInputStream; -import java.io.File; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; @@ -168,7 +168,7 @@ byte[] calculateDigestInternal(DigestAlgorithm digestAlgorithm) { */ public String getName() { String documentName = document.getName(); - String name = new File(documentName).getName(); + String name = FilenameUtils.getName(documentName); logger.trace("File name: for document " + documentName + " is " + name); return name; } diff --git a/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java b/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java index 410b81538..ded05819e 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java @@ -10,19 +10,19 @@ package org.digidoc4j; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.IOException; -import java.net.URL; - import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.FileUtils; import org.digidoc4j.exceptions.DigiDoc4JException; -import org.digidoc4j.test.MockDataFile; import org.junit.Assert; import org.junit.Test; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.IOException; +import java.net.URL; +import java.util.function.Function; + public class DataFileTest extends AbstractTest { private DataFile dataFile; @@ -34,7 +34,7 @@ public void testGetFileSize() throws Exception { @Test public void testGetFileSizeForInMemoryDocument() { - Assert.assertEquals(2, new MockDataFile(new byte[]{1, 2}, "fileName", "text/plain").getFileSize()); + Assert.assertEquals(2, new DataFile(new byte[]{1, 2}, "fileName", "text/plain").getFileSize()); } @Test @@ -110,6 +110,11 @@ public void testInMemoryDocumentRetrievesFileName() { Assert.assertEquals("suura.txt", dataFile.getName()); } + @Test + public void testInMemoryDocumentFileNameEscaping() { + testFileNameEscaping(fileName -> new DataFile(new byte[]{0x041}, fileName, "text/plain")); + } + @Test public void testGetBytes() throws Exception { DataFile dataFile = new DataFile(new byte[]{0x041}, "suura.txt", "text/plain"); @@ -136,6 +141,25 @@ public void createDocumentFromInoutStreamThrowsException() throws IOException { } } + @Test + public void testGetFileNameForStreamedFile() throws Exception { + try (ByteArrayInputStream stream = new ByteArrayInputStream("tere tere tipajalga".getBytes())) { + DataFile dataFile = new DataFile(stream, "test.txt", "text/plain"); + Assert.assertEquals("test.txt", dataFile.getName()); + } + } + + @Test + public void testFileNameEscapingForStreamedFile() { + testFileNameEscaping(fileName -> { + try (ByteArrayInputStream stream = new ByteArrayInputStream("tere tere tipajalga".getBytes())) { + return new DataFile(stream, fileName, "text/plain"); + } catch (IOException e) { + throw new IllegalStateException("Failed to open stream", e); + } + }); + } + @Test public void calculateSizeForStreamedFile() throws Exception { try (ByteArrayInputStream stream = new ByteArrayInputStream("tere tere tipajalga".getBytes())) { @@ -159,4 +183,21 @@ protected void before() { this.dataFile = new DataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); } + private static void testFileNameEscaping(Function dataFileFactory) { + String fileName = "file-name.ext"; + DataFile dataFile; + + dataFile = dataFileFactory.apply(fileName); + Assert.assertEquals(fileName, dataFile.getName()); + + dataFile = dataFileFactory.apply(String.format("dir%s%s", File.separator, fileName)); + Assert.assertEquals(fileName, dataFile.getName()); + + dataFile = dataFileFactory.apply(String.format("..%s%s", File.separator, fileName)); + Assert.assertEquals(fileName, dataFile.getName()); + + dataFile = dataFileFactory.apply(String.format("..%s..%sdir%s..%s%s", File.separator, File.separator, File.separator, File.separator, fileName)); + Assert.assertEquals(fileName, dataFile.getName()); + } + } From f1f02a4e6082a85980b9fe72200d985b3c9640d0 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Wed, 17 Mar 2021 16:39:38 +0200 Subject: [PATCH 26/45] DD4J-447 Throw exceptions when trying to remove non-existing signatures from containers --- .../digidoc4j/impl/asic/AsicContainer.java | 16 ++-- .../digidoc4j/impl/ddoc/DDocContainer.java | 4 +- .../test/java/org/digidoc4j/AbstractTest.java | 19 +++++ .../bdoc/ContainerParticlesRemovalTest.java | 83 +++++++++++++++++++ 4 files changed, 115 insertions(+), 7 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java index 403c46658..4a3f20b6e 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java @@ -11,7 +11,6 @@ package org.digidoc4j.impl.asic; import eu.europa.esig.dss.model.DSSDocument; -import eu.europa.esig.dss.model.InMemoryDocument; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.Configuration; @@ -32,6 +31,7 @@ import org.digidoc4j.exceptions.InvalidSignatureException; import org.digidoc4j.exceptions.NotSupportedException; import org.digidoc4j.exceptions.RemovingDataFileException; +import org.digidoc4j.exceptions.SignatureNotFoundException; import org.digidoc4j.exceptions.TechnicalException; import org.digidoc4j.impl.AbstractValidationResult; import org.digidoc4j.impl.asic.asice.AsicEContainerValidator; @@ -54,7 +54,6 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.nio.charset.StandardCharsets; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; @@ -492,6 +491,10 @@ public void removeSignature(Signature signature) { } LOGGER.info("Removing signature " + signature.getId()); + if (!signatures.contains(signature)) { + throw new SignatureNotFoundException("Signature not found: " + signature.getId()); + } + if (!isNewContainer()) { validateIncomingSignature(signature); boolean wasNewlyAddedSignature = newSignatures.remove(signature); @@ -510,10 +513,13 @@ public void removeSignature(Signature signature) { @Deprecated public void removeSignature(int signatureId) { LOGGER.debug("Removing signature from index " + signatureId); - Signature signature = signatures.get(signatureId); - if (signature != null) { - removeSignature(signature); + if (signatureId >= 0 && signatureId < signatures.size()) { + Signature signature = signatures.get(signatureId); + if (signature != null) { + removeSignature(signature); + } } + throw new SignatureNotFoundException(String.format("Signature from index %d not found", signatureId)); } @Override diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocContainer.java b/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocContainer.java index 9bdde973a..25a826887 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocContainer.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocContainer.java @@ -100,7 +100,7 @@ public void removeDataFile(DataFile file) { @Override public void removeSignature(Signature signature) { - throw new NotSupportedException("Removing data files is not supported anymore for DDoc!"); + throw new NotSupportedException("Removing signatures is not supported anymore for DDoc!"); } @Override @@ -261,7 +261,7 @@ public void removeDataFile(String fileName) { @Override @Deprecated public void removeSignature(int signatureId) { - throw new NotSupportedException("Removing data files is not supported anymore for DDoc!"); + throw new NotSupportedException("Removing signatures is not supported anymore for DDoc!"); } /** diff --git a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java index a3871e88c..26ed0a315 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java @@ -461,6 +461,25 @@ private OnlineTSPSource createTSPSource() { return source; } + @FunctionalInterface + protected interface PotentiallyThrowing { + void run() throws T; + } + + @SuppressWarnings("unchecked") + protected static T assertThrows(Class type, PotentiallyThrowing toTest) { + try { + toTest.run(); + } catch (Throwable t) { + if (type.isInstance(t)) { + return (T) t; + } + Assert.fail(String.format("Expected %s, but an %s was thrown", type.getSimpleName(), t.getClass().getSimpleName())); + } + Assert.fail(String.format("Expected %s, but nothing was thrown", type.getSigners())); + return null; // For compiler + } + protected void assertBDocContainer(Container container) { Assert.assertNotNull(container); Assert.assertTrue(container instanceof BDocContainer); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ContainerParticlesRemovalTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ContainerParticlesRemovalTest.java index 5a4e75e1f..d51f5dd32 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ContainerParticlesRemovalTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ContainerParticlesRemovalTest.java @@ -9,6 +9,7 @@ import org.digidoc4j.DataFile; import org.digidoc4j.Signature; import org.digidoc4j.SignatureProfile; +import org.digidoc4j.exceptions.SignatureNotFoundException; import org.digidoc4j.impl.asic.AsicEntry; import org.digidoc4j.impl.asic.AsicParseResult; import org.digidoc4j.impl.asic.asice.AsicEContainer; @@ -145,6 +146,88 @@ public void addAndRemoveSignatureToAlreadySignedContainerBeforeSaving_resultsWit assertSame(0, container.getContainerParseResult().getSignatures().size()); } + @Test + public void tryingToRemoveNonExistingSignatureFromBDocContainer_shouldThrowAnException() { + BDocContainer container = this.createEmptyContainerBy(BDOC); + container.addDataFile(mockDataFile()); + + Signature containerSignature = this.createSignatureBy(container, SignatureProfile.LT_TM, pkcs12SignatureToken); + Signature unrelatedSignature = this.createSignatureBy(BDOC, SignatureProfile.LT_TM, pkcs12SignatureToken); + + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(containerSignature)); + + SignatureNotFoundException caughtException = assertThrows( + SignatureNotFoundException.class, + () -> container.removeSignature(unrelatedSignature) + ); + + assertEquals("Signature not found: " + unrelatedSignature.getId(), caughtException.getMessage()); + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(containerSignature)); + } + + @Test + public void tryingToRemoveNonExistingSignatureFromASiCEContainer_shouldThrowAnException() { + AsicEContainer container = this.createEmptyContainerBy(ASICE); + container.addDataFile(mockDataFile()); + + Signature containerSignature = this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); + Signature unrelatedSignature = this.createSignatureBy(ASICE, SignatureProfile.LT, pkcs12SignatureToken); + + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(containerSignature)); + + SignatureNotFoundException caughtException = assertThrows( + SignatureNotFoundException.class, + () -> container.removeSignature(unrelatedSignature) + ); + + assertEquals("Signature not found: " + unrelatedSignature.getId(), caughtException.getMessage()); + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(containerSignature)); + } + + @Test + public void tryingToRemoveNonExistingSignatureByIndexFromBDocContainer_shouldThrowAnException() { + BDocContainer container = this.createEmptyContainerBy(BDOC); + container.addDataFile(mockDataFile()); + + Signature signature = this.createSignatureBy(container, SignatureProfile.LT_TM, pkcs12SignatureToken); + + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(signature)); + + SignatureNotFoundException caughtException = assertThrows( + SignatureNotFoundException.class, + () -> container.removeSignature(1) + ); + + assertEquals("Signature from index 1 not found", caughtException.getMessage()); + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(signature)); + } + + @Test + public void tryingToRemoveNonExistingSignatureByIndexFromASiCEContainer_shouldThrowAnException() { + AsicEContainer container = this.createEmptyContainerBy(ASICE); + container.addDataFile(mockDataFile()); + + Signature signature = this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); + + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(signature)); + + SignatureNotFoundException caughtException = assertThrows( + SignatureNotFoundException.class, + () -> container.removeSignature(1) + ); + + assertEquals("Signature from index 1 not found", caughtException.getMessage()); + assertEquals(1, container.getSignatures().size()); + assertTrue(container.getSignatures().contains(signature)); + } + @Test public void dataFileRemovalFromBDocContainerThroughoutContainerSavingAndOpening_shouldResultWithCompletelyRemovedData() { DataFile dataFile = mockDataFile(); From f8f03055ab644fbfcc5ccb6cbb08e0a86461ee06 Mon Sep 17 00:00:00 2001 From: siimsuu Date: Thu, 18 Mar 2021 16:24:39 +0200 Subject: [PATCH 27/45] DD4J-619 set keyEntry to null when closing pkcs12 signatureToken --- .../exceptions/InvalidKeyException.java | 13 ++++++ .../signers/PKCS12SignatureToken.java | 30 ++++++++----- .../signers/PKCS12SignatureTokenTest.java | 45 ++++++++++++++----- 3 files changed, 67 insertions(+), 21 deletions(-) create mode 100644 digidoc4j/src/main/java/org/digidoc4j/exceptions/InvalidKeyException.java diff --git a/digidoc4j/src/main/java/org/digidoc4j/exceptions/InvalidKeyException.java b/digidoc4j/src/main/java/org/digidoc4j/exceptions/InvalidKeyException.java new file mode 100644 index 000000000..07d23b0a9 --- /dev/null +++ b/digidoc4j/src/main/java/org/digidoc4j/exceptions/InvalidKeyException.java @@ -0,0 +1,13 @@ +package org.digidoc4j.exceptions; + +public class InvalidKeyException extends DigiDoc4JException { + + public InvalidKeyException(String message) { + super(message); + } + + public InvalidKeyException(Throwable e) { + super(e); + } + +} diff --git a/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java b/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java index 533df8eea..98af77ffa 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java +++ b/digidoc4j/src/main/java/org/digidoc4j/signers/PKCS12SignatureToken.java @@ -1,12 +1,12 @@ /* DigiDoc4J library -* -* This software is released under either the GNU Library General Public -* License (see LICENSE.LGPL). -* -* Note that the only valid version of the LGPL license as far as this -* project is concerned is the original GNU Library General Public License -* Version 2.1, February 1999 -*/ + * + * This software is released under either the GNU Library General Public + * License (see LICENSE.LGPL). + * + * Note that the only valid version of the LGPL license as far as this + * project is concerned is the original GNU Library General Public License + * Version 2.1, February 1999 + */ package org.digidoc4j.signers; @@ -19,6 +19,7 @@ import org.digidoc4j.SignatureToken; import org.digidoc4j.X509Cert; import org.digidoc4j.exceptions.DigiDoc4JException; +import org.digidoc4j.exceptions.InvalidKeyException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -60,7 +61,7 @@ public PKCS12SignatureToken(String fileName, String password) { * * @param fileName .p12 file name and path * @param password keystore password as String - * @param alias known key alias + * @param alias known key alias */ public PKCS12SignatureToken(String fileName, String password, String alias) { init(fileName, password, X509Cert.KeyUsage.NON_REPUDIATION, alias); @@ -98,11 +99,12 @@ private void init(String fileName, String password, X509Cert.KeyUsage keyUsage, } } if (keyEntry == null && signatureTokenConnection.getKeys().size() > 0) - keyEntry = (KSPrivateKeyEntry)signatureTokenConnection.getKeys().get(0); + keyEntry = (KSPrivateKeyEntry) signatureTokenConnection.getKeys().get(0); } /** * Method for asking DSS signature token connection + * * @return DSS signature token connection */ public KeyStoreSignatureTokenConnection getSignatureTokenConnection() { @@ -111,16 +113,23 @@ public KeyStoreSignatureTokenConnection getSignatureTokenConnection() { @Override public X509Certificate getCertificate() { + if (keyEntry == null) { + throw new InvalidKeyException("Private key entry is missing. Connection may be closed."); + } logger.debug("Using key with alias: ", getAlias()); return keyEntry.getCertificate().getCertificate(); } @Override public byte[] sign(org.digidoc4j.DigestAlgorithm digestAlgorithm, byte[] dataToSign) { + logger.info("Signing with PKCS#12 signature token, using digest algorithm: " + digestAlgorithm.name()); ToBeSigned toBeSigned = new ToBeSigned(dataToSign); eu.europa.esig.dss.enumerations.DigestAlgorithm dssDigestAlgorithm = eu.europa.esig.dss.enumerations.DigestAlgorithm.forXML(digestAlgorithm.toString()); + if (keyEntry == null) { + throw new InvalidKeyException("Private key entry is missing. Connection may be closed."); + } SignatureValue signature = signatureTokenConnection.sign(toBeSigned, dssDigestAlgorithm, keyEntry); return signature.getValue(); } @@ -128,6 +137,7 @@ public byte[] sign(org.digidoc4j.DigestAlgorithm digestAlgorithm, byte[] dataToS @Override public void close() { signatureTokenConnection.close(); + keyEntry = null; } /** diff --git a/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java b/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java index c99ced38a..6266a0a01 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java @@ -1,29 +1,30 @@ /* DigiDoc4J library -* -* This software is released under either the GNU Library General Public -* License (see LICENSE.LGPL). -* -* Note that the only valid version of the LGPL license as far as this -* project is concerned is the original GNU Library General Public License -* Version 2.1, February 1999 -*/ + * + * This software is released under either the GNU Library General Public + * License (see LICENSE.LGPL). + * + * Note that the only valid version of the LGPL license as far as this + * project is concerned is the original GNU Library General Public License + * Version 2.1, February 1999 + */ package org.digidoc4j.signers; -import java.security.cert.CertificateEncodingException; - import org.apache.commons.codec.binary.Base64; import org.digidoc4j.AbstractTest; import org.digidoc4j.DigestAlgorithm; import org.digidoc4j.X509Cert; +import org.digidoc4j.exceptions.InvalidKeyException; import org.junit.Assert; import org.junit.Test; +import java.security.cert.CertificateEncodingException; + public class PKCS12SignatureTokenTest extends AbstractTest { @Test public void getCertificate() throws CertificateEncodingException { - X509Cert x509Cert = new X509Cert(this.pkcs12SignatureToken.getCertificate()); + X509Cert x509Cert = new X509Cert(pkcs12SignatureToken.getCertificate()); Assert.assertEquals("MIIFrjCCA5agAwIBAgIQUwvkG7xZfERXDit8E7z6DDANBgkqhkiG9w0BAQsFADBr" + "MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1" + "czEXMBUGA1UEYQwOTlRSRUUtMTA3NDcwMTMxHzAdBgNVBAMMFlRFU1Qgb2YgRVNU" + @@ -65,4 +66,26 @@ public void sign() { //TODO know expected value Assert.assertArrayEquals(expected, actual); } + @Test + public void closeSignatureTokenWhenSigning() { + this.expectedException.expect(InvalidKeyException.class); + this.expectedException.expectMessage("Private key entry is missing. Connection may be closed."); + PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/signout.p12", "test".toCharArray()); + + Assert.assertNotNull(pkcs12SignatureToken.sign(DigestAlgorithm.SHA512, new byte[]{0x41})); + pkcs12SignatureToken.close(); + pkcs12SignatureToken.sign(DigestAlgorithm.SHA512, new byte[]{0x41}); + } + + @Test + public void closeSignatureTokenWhenAskingCertificate() { + this.expectedException.expect(InvalidKeyException.class); + this.expectedException.expectMessage("Private key entry is missing. Connection may be closed."); + PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/signout.p12", "test".toCharArray()); + Assert.assertNotNull(pkcs12SignatureToken.getCertificate()); + pkcs12SignatureToken.close(); + pkcs12SignatureToken.getCertificate(); + } + + } From ccbacc5867aa4ee4120aca055f22585550a33ccf Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Thu, 1 Apr 2021 12:10:58 +0300 Subject: [PATCH 28/45] DD4J-507 Add periodic WARN level logging for TLS truststore/keystore certificates that are expired or about to expire --- .../impl/ConfigurationSingeltonHolder.java | 12 +- .../impl/asic/DataLoaderDecorator.java | 23 +- .../org/digidoc4j/utils/KeyStoreDocument.java | 168 ++++++++++ .../org/digidoc4j/utils/ResourceUtils.java | 11 +- .../test/java/org/digidoc4j/AbstractTest.java | 4 +- .../org/digidoc4j/impl/SkDataLoaderTest.java | 18 +- .../impl/asic/DataLoaderDecoratorTest.java | 98 +++--- .../asic/tsl/TslDataLoaderFactoryTest.java | 4 +- .../impl/bdoc/IncompleteSigningTest.java | 45 ++- .../test/MockConfigurableDataLoader.java | 96 ++++++ .../test/java/org/digidoc4j/test/TestLog.java | 58 ++++ .../test/util/TestCertificateUtil.java | 64 ++++ .../digidoc4j/test/util/TestKeyPairUtil.java | 96 ++++++ .../digidoc4j/utils/KeyStoreDocumentTest.java | 287 ++++++++++++++++++ .../testFiles/keystores/keystore.p12 | Bin 0 -> 2549 bytes .../testFiles/keystores/truststore.p12 | Bin 0 -> 2549 bytes 16 files changed, 899 insertions(+), 85 deletions(-) create mode 100644 digidoc4j/src/main/java/org/digidoc4j/utils/KeyStoreDocument.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/test/MockConfigurableDataLoader.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/test/TestLog.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/test/util/TestCertificateUtil.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/test/util/TestKeyPairUtil.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/utils/KeyStoreDocumentTest.java create mode 100644 digidoc4j/src/test/resources/testFiles/keystores/keystore.p12 create mode 100644 digidoc4j/src/test/resources/testFiles/keystores/truststore.p12 diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/ConfigurationSingeltonHolder.java b/digidoc4j/src/main/java/org/digidoc4j/impl/ConfigurationSingeltonHolder.java index 1f7edf3ab..69cf11a62 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/ConfigurationSingeltonHolder.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/ConfigurationSingeltonHolder.java @@ -26,18 +26,22 @@ public class ConfigurationSingeltonHolder { * A thread-safe way of getting a single configuration object. */ public static Configuration getInstance() { - if (configuration == null) { + // For correct usage of double-checked locking for lazy initialization in Java, + // see: https://en.wikipedia.org/wiki/Double-checked_locking#Usage_in_Java + Configuration localConfigurationReference = configuration; + if (localConfigurationReference == null) { //Using double-checked locking for ensuring that no other thread has started initializing Configuration object already synchronized (ConfigurationSingeltonHolder.class) { - if (configuration == null) { + localConfigurationReference = configuration; + if (localConfigurationReference == null) { logger.info("Creating a new configuration instance"); - configuration = new Configuration(); + configuration = localConfigurationReference = new Configuration(); } } } else { logger.info("Using existing configuration instance"); } - return configuration; + return localConfigurationReference; } /** diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java index 8312d022b..c183474e8 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java @@ -10,16 +10,17 @@ package org.digidoc4j.impl.asic; -import eu.europa.esig.dss.model.InMemoryDocument; import eu.europa.esig.dss.service.http.commons.CommonsDataLoader; import eu.europa.esig.dss.service.http.proxy.ProxyConfig; import eu.europa.esig.dss.service.http.proxy.ProxyProperties; import org.digidoc4j.Configuration; import org.digidoc4j.ExternalConnectionType; -import org.digidoc4j.utils.ResourceUtils; +import org.digidoc4j.utils.KeyStoreDocument; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.time.Duration; +import java.time.Period; import java.util.List; import static org.apache.commons.lang3.StringUtils.isNotBlank; @@ -30,6 +31,20 @@ public class DataLoaderDecorator { private final static Logger logger = LoggerFactory.getLogger(DataLoaderDecorator.class); + /** + * Minimum validation interval of 5 minutes should be enough for the most common case of TSL data loaders, targeting + * key-store validation per each TSL cache update. + * Every time the TSL cache is updated (e.g. once a day), TLS trust-stores and/or key-stores are accessed (if configured) + * per TL fetch from each country. Minimum key-store validation interval should be long enough that the validation of the + * key-store is not performed multiple times per update cycle, but short enough the validation would be invoked per + * desired number of TSL updates. + */ + private final static Duration MIN_KEYSTORE_VALIDATION_INTERVAL = Duration.ofMinutes(5L); + /** + * Maximum warning period determines how long before certificate expiration date should warning messages about the upcoming + * expiration be logged. + */ + private final static Period MAX_KEYSTORE_WARNING_PERIOD = Period.ofDays(60); /** * @param dataLoader data loader @@ -128,7 +143,7 @@ public static void decorateWithSslSettingsFor(ExternalConnectionType connectionT private static void configureSslKeystore(CommonsDataLoader dataLoader, String sslKeystorePath, String sslKeystoreType, String sslKeystorePassword) { if (sslKeystorePath != null) { - dataLoader.setSslKeystore(new InMemoryDocument(ResourceUtils.getResource(sslKeystorePath))); + dataLoader.setSslKeystore(new KeyStoreDocument(sslKeystorePath, sslKeystoreType, sslKeystorePassword, MIN_KEYSTORE_VALIDATION_INTERVAL, MAX_KEYSTORE_WARNING_PERIOD)); if (sslKeystoreType != null) { dataLoader.setSslKeystoreType(sslKeystoreType); } @@ -140,7 +155,7 @@ private static void configureSslKeystore(CommonsDataLoader dataLoader, String ss private static void configureSslTruststore(CommonsDataLoader dataLoader, String sslTruststorePath, String sslTruststoreType, String sslTruststorePassword) { if (sslTruststorePath != null) { - dataLoader.setSslTruststore(new InMemoryDocument(ResourceUtils.getResource(sslTruststorePath))); + dataLoader.setSslTruststore(new KeyStoreDocument(sslTruststorePath, sslTruststoreType, sslTruststorePassword, MIN_KEYSTORE_VALIDATION_INTERVAL, MAX_KEYSTORE_WARNING_PERIOD)); if (sslTruststoreType != null) { dataLoader.setSslTruststoreType(sslTruststoreType); } diff --git a/digidoc4j/src/main/java/org/digidoc4j/utils/KeyStoreDocument.java b/digidoc4j/src/main/java/org/digidoc4j/utils/KeyStoreDocument.java new file mode 100644 index 000000000..7fd871ab8 --- /dev/null +++ b/digidoc4j/src/main/java/org/digidoc4j/utils/KeyStoreDocument.java @@ -0,0 +1,168 @@ +package org.digidoc4j.utils; + +import eu.europa.esig.dss.model.CommonDocument; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang3.ArrayUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.time.Duration; +import java.time.Instant; +import java.time.temporal.TemporalAmount; +import java.util.Enumeration; +import java.util.Objects; + +/** + * An implementation of {@link eu.europa.esig.dss.model.DSSDocument} for caching and serving key-stores and trust-stores + * for {@link eu.europa.esig.dss.service.http.commons.CommonsDataLoader}s. + * + * Invoking {@link #openStream()}, {@link #writeTo(OutputStream)} or {@link #save(String)} will trigger key-store content + * validation if at least {@code minValidationInterval} has passed since the last validation. + * For each certificate that has expired or will expire in {@code maxWarningPeriod}, a WARNING will be logged. + */ +public class KeyStoreDocument extends CommonDocument { + + private final static Logger logger = LoggerFactory.getLogger(KeyStoreDocument.class); + + private final String path; + private final String type; + private final char[] password; + private final Duration validationInterval; + private final TemporalAmount warningPeriod; + + private final byte[] rawKeyStoreBytes; + + private Instant lastValidated; + + /** + * Instantiates this instance of {@link KeyStoreDocument}. + * + * @param path path to key-store; see {@link ResourceUtils#getResource(String)} + * @param type key-store type; defaults to {@link KeyStore#getDefaultType()} if not provided + * @param password key-store password; can be {@code null} + * @param minValidationInterval minimum interval between key-store accesses that can trigger key-store validation + * @param maxWarningPeriod maximum time before a certificate expiry before logging warnings about the certificate starts + */ + public KeyStoreDocument(String path, String type, String password, Duration minValidationInterval, TemporalAmount maxWarningPeriod) { + this.path = Objects.requireNonNull(path, "Key-store path cannot be null"); + validationInterval = Objects.requireNonNull(minValidationInterval, "Validation interval cannot be null"); + warningPeriod = Objects.requireNonNull(maxWarningPeriod, "Warning period cannot be null"); + + this.type = (type != null) ? type : KeyStore.getDefaultType(); + this.password = (password != null) ? password.toCharArray() : null; + + rawKeyStoreBytes = loadRawKeyStoreBytes(path); + validateKeyStoreIfLastValidationExpired(); + } + + @Override + public InputStream openStream() { + validateKeyStoreIfLastValidationExpired(); + return new ByteArrayInputStream(rawKeyStoreBytes); + } + + @Override + public void writeTo(OutputStream stream) throws IOException { + validateKeyStoreIfLastValidationExpired(); + stream.write(rawKeyStoreBytes); + } + + private static byte[] loadRawKeyStoreBytes(String path) { + try (InputStream inputStream = ResourceUtils.getResource(path)) { + return IOUtils.toByteArray(inputStream); + } catch (IOException e) { + throw new IllegalStateException("Failed to load key-store from: " + path, e); + } + } + + private void validateKeyStoreIfLastValidationExpired() { + Instant now = Instant.now(); + + if (lastValidated != null) { + Duration difference = Duration.between(lastValidated, now); + if (difference.compareTo(validationInterval) < 0) { + return; + } + } + + KeyStore keyStore = loadKeyStoreFromRawBytes(); + Instant safeExpiryTime = now.plus(warningPeriod); + + try { + Enumeration aliases = keyStore.aliases(); + while (aliases.hasMoreElements()) { + String alias = aliases.nextElement(); + Certificate[] certificates = getCertificatesByAlias(keyStore, alias); + for (Certificate certificate : certificates) { + validateCertificate(certificate, alias, now, safeExpiryTime); + } + } + } catch (KeyStoreException e) { + throw new IllegalStateException("Failed to list key-store entries from key-store: " + path, e); + } + + lastValidated = now; + } + + private KeyStore loadKeyStoreFromRawBytes() { + KeyStore keyStore; + try { + keyStore = KeyStore.getInstance(type); + } catch (KeyStoreException e) { + throw new IllegalStateException("Failed to create key-store of type: " + type, e); + } + try (InputStream inputStream = new ByteArrayInputStream(rawKeyStoreBytes)) { + keyStore.load(inputStream, password); + } catch (CertificateException | IOException | NoSuchAlgorithmException e) { + throw new IllegalStateException("Failed to load key-store from: " + path, e); + } + return keyStore; + } + + private void validateCertificate(Certificate certificate, String alias, Instant currentTime, Instant safeExpiryTime) { + if (certificate instanceof X509Certificate) { + X509Certificate x509Certificate = (X509Certificate) certificate; + Instant timeOfExpiring = x509Certificate.getNotAfter().toInstant(); + if (timeOfExpiring.isBefore(currentTime)) { + logger.warn( + "Certificate from \"{}\" has already expired ({}) - alias: \"{}\"; subject: \"{}\"", + path, timeOfExpiring, alias, x509Certificate.getSubjectDN() + ); + } else if (timeOfExpiring.isBefore(safeExpiryTime)) { + long daysUntilExpiring = Duration.between(timeOfExpiring, safeExpiryTime).toDays(); + logger.warn( + "Certificate from \"{}\" expires ({}) in about {} day(s) - alias: \"{}\"; subject: \"{}\"", + path, timeOfExpiring, daysUntilExpiring, alias, x509Certificate.getSubjectDN() + ); + } + } else { + logger.warn( + "Certificate from \"{}\" is of unrecognized type: \"{}\"; alias: \"{}\"", + path, certificate.getClass().getCanonicalName(), alias + ); + } + } + + private static Certificate[] getCertificatesByAlias(KeyStore keyStore, String alias) throws KeyStoreException { + Certificate[] certificateChain = keyStore.getCertificateChain(alias); + if (ArrayUtils.isNotEmpty(certificateChain)) { + return certificateChain; + } + Certificate certificate = keyStore.getCertificate(alias); + if (certificate != null) { + return new Certificate[] {certificate}; + } + return new Certificate[0]; + } + +} diff --git a/digidoc4j/src/main/java/org/digidoc4j/utils/ResourceUtils.java b/digidoc4j/src/main/java/org/digidoc4j/utils/ResourceUtils.java index 9889ad2bc..4c5b63d39 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/utils/ResourceUtils.java +++ b/digidoc4j/src/main/java/org/digidoc4j/utils/ResourceUtils.java @@ -14,6 +14,9 @@ public final class ResourceUtils { private static final Logger LOGGER = LoggerFactory.getLogger(ResourceUtils.class); + private static final String CLASSPATH_PREFIX = "classpath:"; + private static final String FILE_PREFIX = "file:"; + public static boolean isResourceAccessible(String path) { try { return ResourceUtils.class.getClassLoader().getResource(path) != null; @@ -34,15 +37,15 @@ public static boolean isFileReadable(String path) { } public static InputStream getResource(String path) { - if (path.startsWith("classpath:")) { - path = path.substring("classpath:".length()); + if (path.startsWith(CLASSPATH_PREFIX)) { + path = path.substring(CLASSPATH_PREFIX.length()); InputStream inputStream = ResourceUtils.class.getClassLoader().getResourceAsStream(path); if (inputStream == null) { throw new IllegalArgumentException("Resource not found: " + path); } return inputStream; - } else if (path.startsWith("file:")) { - path = path.substring("file:".length()); + } else if (path.startsWith(FILE_PREFIX)) { + path = path.substring(FILE_PREFIX.length()); } try { return new FileInputStream(path); diff --git a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java index 26ed0a315..4087ca3ef 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java @@ -474,9 +474,9 @@ protected static T assertThrows(Class type, Potentially if (type.isInstance(t)) { return (T) t; } - Assert.fail(String.format("Expected %s, but an %s was thrown", type.getSimpleName(), t.getClass().getSimpleName())); + Assert.fail(String.format("Expected %s, but an %s was thrown: %s", type.getSimpleName(), t.getClass().getSimpleName(), t.getMessage())); } - Assert.fail(String.format("Expected %s, but nothing was thrown", type.getSigners())); + Assert.fail(String.format("Expected %s, but nothing was thrown", type.getSimpleName())); return null; // For compiler } diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java index de93b2b42..576d41f1a 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java @@ -90,19 +90,19 @@ public void dataLoader_withoutSslConfiguration_shouldNotSetSslValues() throws Ex @Test public void dataLoader_withSslConfiguration_shouldSetSslValues() throws Exception { - this.configuration.setSslKeystorePath("classpath:testFiles/keystores/keystore.jks"); - this.configuration.setSslKeystoreType("keystore.type"); - this.configuration.setSslKeystorePassword("keystore.password"); + this.configuration.setSslKeystorePath("classpath:testFiles/keystores/keystore.p12"); + this.configuration.setSslKeystoreType("PKCS12"); + this.configuration.setSslKeystorePassword("keystore-password"); this.configuration.setSslTruststorePath("classpath:testFiles/keystores/truststore.jks"); - this.configuration.setSslTruststoreType("truststore.type"); - this.configuration.setSslTruststorePassword("truststore.password"); + this.configuration.setSslTruststoreType("JKS"); + this.configuration.setSslTruststorePassword("digidoc4j-password"); MockSkDataLoader dataLoader = new MockSkDataLoader(this.configuration); Assert.assertNotNull(dataLoader.getSslKeystore()); - Assert.assertEquals("keystore.type", dataLoader.getSslKeystoreType()); - Assert.assertEquals("keystore.password", dataLoader.getSslKeystorePassword()); + Assert.assertEquals("PKCS12", dataLoader.getSslKeystoreType()); + Assert.assertEquals("keystore-password", dataLoader.getSslKeystorePassword()); Assert.assertNotNull(dataLoader.getSslTruststore()); - Assert.assertEquals("truststore.type", dataLoader.getSslTruststoreType()); - Assert.assertEquals("truststore.password", dataLoader.getSslTruststorePassword()); + Assert.assertEquals("JKS", dataLoader.getSslTruststoreType()); + Assert.assertEquals("digidoc4j-password", dataLoader.getSslTruststorePassword()); Assert.assertTrue(dataLoader.isSslKeystoreTypeSet()); Assert.assertTrue(dataLoader.isSslKeystorePasswordSet()); Assert.assertTrue(dataLoader.isSslTruststoreTypeSet()); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java index 1078ff231..340f20307 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java @@ -1,11 +1,11 @@ package org.digidoc4j.impl.asic; -import eu.europa.esig.dss.model.InMemoryDocument; import eu.europa.esig.dss.service.http.commons.CommonsDataLoader; import eu.europa.esig.dss.service.http.proxy.ProxyConfig; import eu.europa.esig.dss.service.http.proxy.ProxyProperties; import org.digidoc4j.Configuration; import org.digidoc4j.ExternalConnectionType; +import org.digidoc4j.utils.KeyStoreDocument; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; @@ -21,7 +21,13 @@ @RunWith(MockitoJUnitRunner.class) public class DataLoaderDecoratorTest { private static final String KEYSTORE_PATH = "classpath:testFiles/keystores/keystore.jks"; - private static final String TRUSTSTORE_PATH = "classpath:testFiles/keystores/truststore.jks"; + private static final String TRUSTSTORE_PATH = "classpath:testFiles/keystores/truststore.p12"; + + private static final String KEYSTORE_TYPE = "JKS"; + private static final String TRUSTSTORE_TYPE = "PKCS12"; + + private static final String KEYSTORE_PASSWORD = "digidoc4j-password"; + private static final String TRUSTSTORE_PASSWORD = "truststore-password"; @Mock private Configuration configuration; @@ -56,7 +62,7 @@ public void decorateWithSslSettingsShouldApplySslKeystorePathIfConfigured() { Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuites(); DataLoaderDecorator.decorateWithSslSettings(dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(InMemoryDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(KeyStoreDocument.class)); Mockito.verifyNoMoreInteractions(dataLoader); } @@ -69,7 +75,7 @@ public void decorateWithSslSettingsForShouldApplySslKeystorePathIfConfigured() { Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuitesFor(connectionType); DataLoaderDecorator.decorateWithSslSettingsFor(connectionType, dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(InMemoryDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(KeyStoreDocument.class)); Mockito.verifyNoMoreInteractions(dataLoader); Mockito.reset(configuration, dataLoader); @@ -80,15 +86,15 @@ public void decorateWithSslSettingsForShouldApplySslKeystorePathIfConfigured() { public void decorateWithSslSettingsShouldApplyAllSslKeystoreConfigurationIfPresent() { Mockito.doReturn(true).when(configuration).isSslConfigurationEnabled(); Mockito.doReturn(KEYSTORE_PATH).when(configuration).getSslKeystorePath(); - Mockito.doReturn("sslKeystoreType").when(configuration).getSslKeystoreType(); - Mockito.doReturn("sslKeystorePassword").when(configuration).getSslKeystorePassword(); + Mockito.doReturn(KEYSTORE_TYPE).when(configuration).getSslKeystoreType(); + Mockito.doReturn(KEYSTORE_PASSWORD).when(configuration).getSslKeystorePassword(); Mockito.doReturn(null).when(configuration).getSupportedSslProtocols(); Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuites(); DataLoaderDecorator.decorateWithSslSettings(dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType("sslKeystoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword("sslKeystorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType(KEYSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword(KEYSTORE_PASSWORD); Mockito.verifyNoMoreInteractions(dataLoader); } @@ -97,15 +103,15 @@ public void decorateWithSslSettingsForShouldApplyAllSslKeystoreConfigurationIfPr for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(true).when(configuration).isSslConfigurationEnabledFor(connectionType); Mockito.doReturn(KEYSTORE_PATH).when(configuration).getSslKeystorePathFor(connectionType); - Mockito.doReturn("sslKeystoreType").when(configuration).getSslKeystoreTypeFor(connectionType); - Mockito.doReturn("sslKeystorePassword").when(configuration).getSslKeystorePasswordFor(connectionType); + Mockito.doReturn(KEYSTORE_TYPE).when(configuration).getSslKeystoreTypeFor(connectionType); + Mockito.doReturn(KEYSTORE_PASSWORD).when(configuration).getSslKeystorePasswordFor(connectionType); Mockito.doReturn(null).when(configuration).getSupportedSslProtocolsFor(connectionType); Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuitesFor(connectionType); DataLoaderDecorator.decorateWithSslSettingsFor(connectionType, dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType("sslKeystoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword("sslKeystorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType(KEYSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword(KEYSTORE_PASSWORD); Mockito.verifyNoMoreInteractions(dataLoader); Mockito.reset(configuration, dataLoader); @@ -120,7 +126,7 @@ public void decorateWithSslSettingsShouldApplySslTruststorePathIfConfigured() { Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuites(); DataLoaderDecorator.decorateWithSslSettings(dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(InMemoryDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(KeyStoreDocument.class)); Mockito.verifyNoMoreInteractions(dataLoader); } @@ -133,7 +139,7 @@ public void decorateWithSslSettingsForShouldApplySslTruststorePathIfConfigured() Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuitesFor(connectionType); DataLoaderDecorator.decorateWithSslSettingsFor(connectionType, dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(InMemoryDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(KeyStoreDocument.class)); Mockito.verifyNoMoreInteractions(dataLoader); Mockito.reset(configuration, dataLoader); @@ -144,15 +150,15 @@ public void decorateWithSslSettingsForShouldApplySslTruststorePathIfConfigured() public void decorateWithSslSettingsShouldApplyAllSslTruststoreConfigurationIfPresent() { Mockito.doReturn(true).when(configuration).isSslConfigurationEnabled(); Mockito.doReturn(TRUSTSTORE_PATH).when(configuration).getSslTruststorePath(); - Mockito.doReturn("sslTruststoreType").when(configuration).getSslTruststoreType(); - Mockito.doReturn("sslTruststorePassword").when(configuration).getSslTruststorePassword(); + Mockito.doReturn(TRUSTSTORE_TYPE).when(configuration).getSslTruststoreType(); + Mockito.doReturn(TRUSTSTORE_PASSWORD).when(configuration).getSslTruststorePassword(); Mockito.doReturn(null).when(configuration).getSupportedSslProtocols(); Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuites(); DataLoaderDecorator.decorateWithSslSettings(dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType("sslTruststoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword("sslTruststorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType(TRUSTSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword(TRUSTSTORE_PASSWORD); Mockito.verifyNoMoreInteractions(dataLoader); } @@ -161,15 +167,15 @@ public void decorateWithSslSettingsForShouldApplyAllSslTruststoreConfigurationIf for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(true).when(configuration).isSslConfigurationEnabledFor(connectionType); Mockito.doReturn(TRUSTSTORE_PATH).when(configuration).getSslTruststorePathFor(connectionType); - Mockito.doReturn("sslTruststoreType").when(configuration).getSslTruststoreTypeFor(connectionType); - Mockito.doReturn("sslTruststorePassword").when(configuration).getSslTruststorePasswordFor(connectionType); + Mockito.doReturn(TRUSTSTORE_TYPE).when(configuration).getSslTruststoreTypeFor(connectionType); + Mockito.doReturn(TRUSTSTORE_PASSWORD).when(configuration).getSslTruststorePasswordFor(connectionType); Mockito.doReturn(null).when(configuration).getSupportedSslProtocolsFor(connectionType); Mockito.doReturn(null).when(configuration).getSupportedSslCipherSuitesFor(connectionType); DataLoaderDecorator.decorateWithSslSettingsFor(connectionType, dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType("sslTruststoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword("sslTruststorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType(TRUSTSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword(TRUSTSTORE_PASSWORD); Mockito.verifyNoMoreInteractions(dataLoader); Mockito.reset(configuration, dataLoader); @@ -244,23 +250,23 @@ public void decorateWithSslSettingsForShouldApplySupportedSslCipherSuitesIfConfi public void decorateWithSslSettingsShouldApplyAllConfiguredSslProperties() { Mockito.doReturn(true).when(configuration).isSslConfigurationEnabled(); Mockito.doReturn(KEYSTORE_PATH).when(configuration).getSslKeystorePath(); - Mockito.doReturn("sslKeystoreType").when(configuration).getSslKeystoreType(); - Mockito.doReturn("sslKeystorePassword").when(configuration).getSslKeystorePassword(); + Mockito.doReturn(KEYSTORE_TYPE).when(configuration).getSslKeystoreType(); + Mockito.doReturn(KEYSTORE_PASSWORD).when(configuration).getSslKeystorePassword(); Mockito.doReturn(TRUSTSTORE_PATH).when(configuration).getSslTruststorePath(); - Mockito.doReturn("sslTruststoreType").when(configuration).getSslTruststoreType(); - Mockito.doReturn("sslTruststorePassword").when(configuration).getSslTruststorePassword(); + Mockito.doReturn(TRUSTSTORE_TYPE).when(configuration).getSslTruststoreType(); + Mockito.doReturn(TRUSTSTORE_PASSWORD).when(configuration).getSslTruststorePassword(); Mockito.doReturn(Arrays.asList("sslProtocol1", "sslProtocol2")).when(configuration).getSupportedSslProtocols(); Mockito.doReturn(Arrays.asList("sslCipherSuite1", "sslCipherSuite2")).when(configuration).getSupportedSslCipherSuites(); DataLoaderDecorator.decorateWithSslSettings(dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType("sslKeystoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword("sslKeystorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType(KEYSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword(KEYSTORE_PASSWORD); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType("sslTruststoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword("sslTruststorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType(TRUSTSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword(TRUSTSTORE_PASSWORD); ArgumentCaptor protocolsCaptor = ArgumentCaptor.forClass(String[].class); Mockito.verify(dataLoader, Mockito.times(1)).setSupportedSSLProtocols(protocolsCaptor.capture()); @@ -278,23 +284,23 @@ public void decorateWithSslSettingsForShouldApplyAllConfiguredSslProperties() { for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(true).when(configuration).isSslConfigurationEnabledFor(connectionType); Mockito.doReturn(KEYSTORE_PATH).when(configuration).getSslKeystorePathFor(connectionType); - Mockito.doReturn("sslKeystoreType").when(configuration).getSslKeystoreTypeFor(connectionType); - Mockito.doReturn("sslKeystorePassword").when(configuration).getSslKeystorePasswordFor(connectionType); + Mockito.doReturn(KEYSTORE_TYPE).when(configuration).getSslKeystoreTypeFor(connectionType); + Mockito.doReturn(KEYSTORE_PASSWORD).when(configuration).getSslKeystorePasswordFor(connectionType); Mockito.doReturn(TRUSTSTORE_PATH).when(configuration).getSslTruststorePathFor(connectionType); - Mockito.doReturn("sslTruststoreType").when(configuration).getSslTruststoreTypeFor(connectionType); - Mockito.doReturn("sslTruststorePassword").when(configuration).getSslTruststorePasswordFor(connectionType); + Mockito.doReturn(TRUSTSTORE_TYPE).when(configuration).getSslTruststoreTypeFor(connectionType); + Mockito.doReturn(TRUSTSTORE_PASSWORD).when(configuration).getSslTruststorePasswordFor(connectionType); Mockito.doReturn(Arrays.asList("sslProtocol1", "sslProtocol2")).when(configuration).getSupportedSslProtocolsFor(connectionType); Mockito.doReturn(Arrays.asList("sslCipherSuite1", "sslCipherSuite2")).when(configuration).getSupportedSslCipherSuitesFor(connectionType); DataLoaderDecorator.decorateWithSslSettingsFor(connectionType, dataLoader, configuration); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType("sslKeystoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword("sslKeystorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystoreType(KEYSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslKeystorePassword(KEYSTORE_PASSWORD); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(InMemoryDocument.class)); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType("sslTruststoreType"); - Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword("sslTruststorePassword"); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststore(any(KeyStoreDocument.class)); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststoreType(TRUSTSTORE_TYPE); + Mockito.verify(dataLoader, Mockito.times(1)).setSslTruststorePassword(TRUSTSTORE_PASSWORD); ArgumentCaptor protocolsCaptor = ArgumentCaptor.forClass(String[].class); Mockito.verify(dataLoader, Mockito.times(1)).setSupportedSSLProtocols(protocolsCaptor.capture()); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/tsl/TslDataLoaderFactoryTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/tsl/TslDataLoaderFactoryTest.java index fc60dac6a..7d2261f6b 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/tsl/TslDataLoaderFactoryTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/tsl/TslDataLoaderFactoryTest.java @@ -64,8 +64,8 @@ public void testDefaultFileCacheDataLoaderWithProxyConfigCreatedWhenNoCustomData public void testDefaultFileCacheDataLoaderWithSslConfigCreatedWhenNoCustomDataLoaderFactoryConfiguredAndTslLocationIsHttpUrl() { configuration.setTslLocation("http://tsl.host:8080/path"); configuration.setSslTruststorePath("classpath:testFiles/truststores/empty-truststore.p12"); - configuration.setSslTruststorePassword("ssl-truststore-password"); - configuration.setSslTruststoreType("SSL_TRUSTSTORE_TYPE"); + configuration.setSslTruststorePassword("digidoc4j-password"); + configuration.setSslTruststoreType("PKCS12"); configuration.setSupportedSslCipherSuites(Arrays.asList("supported_cipher_suite")); configuration.setSupportedSslProtocols(Arrays.asList("supported_ssl_protocol")); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java index ff6b0a465..323f6b9b2 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java @@ -1,6 +1,9 @@ package org.digidoc4j.impl.bdoc; +import eu.europa.esig.dss.model.DSSException; import eu.europa.esig.dss.model.x509.CertificateToken; +import eu.europa.esig.dss.spi.client.http.DataLoader; +import org.apache.commons.codec.binary.Hex; import org.digidoc4j.AbstractTest; import org.digidoc4j.Configuration; import org.digidoc4j.Container; @@ -10,10 +13,9 @@ import org.digidoc4j.TSLCertificateSource; import org.digidoc4j.ValidationResult; import org.digidoc4j.exceptions.CertificateValidationException; -import org.digidoc4j.exceptions.NetworkException; import org.digidoc4j.exceptions.OCSPRequestFailedException; import org.digidoc4j.exceptions.TechnicalException; -import org.digidoc4j.exceptions.TslCertificateSourceInitializationException; +import org.digidoc4j.test.MockConfigurableDataLoader; import org.junit.Assert; import org.junit.Test; @@ -35,10 +37,10 @@ *

    * ...WhenTslCouldNotBeLoaded() - uses TEST configuration with empty SSL truststore in order to prevent TSL from loading. *

    - * ...WhenTslLoadingFails() - uses TEST configuration with invalid SSL truststore configuration in order to prevent TSL from loading. + * ...WhenTslLoadingFails() - uses TEST configuration with failing data loaders in order to prevent TSL from loading. *

    - * ...WhenDataLoadersFail() - uses TEST configuration with successfully loaded TSL and subsequently configured invalid SSL truststore - * configuration in order to make TSA and OCSP requests to fail. + * ...WhenDataLoadersFail() - uses TEST configuration with successfully loaded TSL and subsequently configured failing + * data loaders in order to make TSA and OCSP requests to fail. */ public class IncompleteSigningTest extends AbstractTest { @@ -209,19 +211,19 @@ public void signatureProfileBepesShouldNotFailWhenTslLoadingFails() { ); } - @Test(expected = NetworkException.class) + @Test(expected = TechnicalException.class) public void signatureProfileLtTmShouldFailWhenDataLoadersFail() { setUpTestConfigurationWithOkTslButFailingDataLoaders(); createSignatureBy(createNonEmptyContainerByConfiguration(), SignatureProfile.LT_TM, pkcs12SignatureToken); } - @Test(expected = NetworkException.class) + @Test(expected = TechnicalException.class) public void signatureProfileLtShouldFailWhenDataLoadersFail() { setUpTestConfigurationWithOkTslButFailingDataLoaders(); createSignatureBy(createNonEmptyContainerByConfiguration(), SignatureProfile.LT, pkcs12SignatureToken); } - @Test(expected = NetworkException.class) + @Test(expected = TechnicalException.class) public void signatureProfileLtaShouldFailWhenDataLoadersFail() { setUpTestConfigurationWithOkTslButFailingDataLoaders(); createSignatureBy(createNonEmptyContainerByConfiguration(), SignatureProfile.LTA, pkcs12SignatureToken); @@ -270,18 +272,14 @@ private void setUpTestConfigurationWithEmptyTSL() { private void setUpTestConfigurationWithFailingTSL() { configuration = Configuration.of(Configuration.Mode.TEST); - configuration.setSslTruststorePath("classpath:testFiles/truststores/empty-truststore.p12"); - configuration.setSslTruststorePassword("invalid-truststore-password"); - configuration.setSslTruststoreType("INVALID_TRUSTSTORE_TYPE"); + configureFailingDataLoaders(configuration); configuration.getTSL().invalidateCache(); } private void setUpTestConfigurationWithOkTslButFailingDataLoaders() { configuration = Configuration.of(Configuration.Mode.TEST); configuration.getTSL().refresh(); - configuration.setSslTruststorePath("classpath:testFiles/truststores/empty-truststore.p12"); - configuration.setSslTruststorePassword("invalid-truststore-password"); - configuration.setSslTruststoreType("INVALID_TRUSTSTORE_TYPE"); + configureFailingDataLoaders(configuration); } private void ensureCertificateTrustedByTSL(X509Certificate certificate) { @@ -315,4 +313,23 @@ private Signature reloadSignature(Signature signature, Configuration.Mode mode) } } + private static void configureFailingDataLoaders(Configuration configuration) { + DataLoader failingDataLoader = new MockConfigurableDataLoader() + .withGetter((url, refresh) -> { + String message = String.format("Failed to GET URL: %s", url); + if (refresh != null) { + message += String.format("; refresh: %s", refresh); + } + throw new DSSException(message); + }) + .withPoster((url, content) -> { + String contentHex = (content == null) ? "null" : Hex.encodeHexString(content); + throw new DSSException(String.format("Failed to POST URL: %s; content: %s", url, contentHex)); + }); + + configuration.setOcspDataLoaderFactory(() -> failingDataLoader); + configuration.setTslDataLoaderFactory(() -> failingDataLoader); + configuration.setTspDataLoaderFactory(() -> failingDataLoader); + } + } diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/MockConfigurableDataLoader.java b/digidoc4j/src/test/java/org/digidoc4j/test/MockConfigurableDataLoader.java new file mode 100644 index 000000000..cec84cd7f --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/test/MockConfigurableDataLoader.java @@ -0,0 +1,96 @@ +package org.digidoc4j.test; + +import eu.europa.esig.dss.model.DSSException; +import eu.europa.esig.dss.spi.client.http.DataLoader; +import eu.europa.esig.dss.spi.exception.DSSDataLoaderMultipleException; +import eu.europa.esig.dss.utils.Utils; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Objects; + +public class MockConfigurableDataLoader implements DataLoader { + + @FunctionalInterface + public interface Getter { + byte[] get(String url, Boolean refresh) throws DSSException; + } + + @FunctionalInterface + public interface Poster { + byte[] post(String url, byte[] content) throws DSSException; + } + + private Getter getter = (url, refresh) -> { + throw new UnsupportedOperationException("GET operations not configured"); + }; + private Poster poster = (url, content) -> { + throw new UnsupportedOperationException("POST operations not configured"); + }; + + @Override + public byte[] get(String url) throws DSSException { + return getter.get(url, null); + } + + @Override + public DataAndUrl get(List urlStrings) throws DSSException { + if (Utils.isCollectionEmpty(urlStrings)) { + throw new DSSException("Cannot process the GET call. List of URLs is empty!"); + } else { + Map exceptions = new HashMap(); + for (String url : urlStrings) { + try { + byte[] bytes = getter.get(url, null); + if (!Utils.isArrayEmpty(bytes)) { + return new DataAndUrl(bytes, url); + } + } catch (Exception e) { + exceptions.put(url, e); + } + } + throw new DSSDataLoaderMultipleException(exceptions); + } + } + + @Override + public byte[] get(String url, boolean refresh) throws DSSException { + return getter.get(url, refresh); + } + + @Override + public byte[] post(String url, byte[] content) throws DSSException { + return poster.post(url, content); + } + + @Override + public void setContentType(String contentType) {} + + public Getter getGetter() { + return getter; + } + + public void setGetter(Getter getter) { + this.getter = Objects.requireNonNull(getter); + } + + public MockConfigurableDataLoader withGetter(Getter getter) { + setGetter(getter); + return this; + } + + public Poster getPoster() { + return poster; + } + + public void setPoster(Poster poster) { + this.poster = Objects.requireNonNull(poster); + } + + public MockConfigurableDataLoader withPoster(Poster poster) { + setPoster(poster); + return this; + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/TestLog.java b/digidoc4j/src/test/java/org/digidoc4j/test/TestLog.java new file mode 100644 index 000000000..8bd290b2e --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/test/TestLog.java @@ -0,0 +1,58 @@ +package org.digidoc4j.test; + +import ch.qos.logback.classic.Logger; +import ch.qos.logback.classic.spi.ILoggingEvent; +import ch.qos.logback.core.Appender; +import org.hamcrest.Matcher; +import org.hamcrest.MatcherAssert; +import org.hamcrest.collection.IsIterableContainingInOrder; +import org.mockito.ArgumentCaptor; +import org.mockito.Mockito; +import org.slf4j.LoggerFactory; + +import java.util.List; +import java.util.function.Predicate; +import java.util.stream.Collectors; + +public class TestLog { + + private final Appender mockedAppender; + + public TestLog() { + this("org.digidoc4j"); + } + + public TestLog(Class loggerClass) { + this(loggerClass.getCanonicalName()); + } + + @SuppressWarnings("unchecked") + public TestLog(String loggerName) { + mockedAppender = (Appender) Mockito.mock(Appender.class); + Logger logger = (Logger) LoggerFactory.getLogger(loggerName); + logger.addAppender(mockedAppender); + } + + public void verifyLogInOrder(Matcher... matchers) { + verifyLogInOrder(logEvent -> true, matchers); + } + + @SuppressWarnings("unchecked") + public void verifyLogInOrder(Predicate logEventFilter, Matcher... matchers) { + ArgumentCaptor argumentCaptor = ArgumentCaptor.forClass(ILoggingEvent.class); + Mockito.verify(mockedAppender, Mockito.atLeast(1)).doAppend(argumentCaptor.capture()); + List listOfMessages = argumentCaptor.getAllValues().stream().filter(logEventFilter).map(ILoggingEvent::getFormattedMessage).collect(Collectors.toList()); + // NB: Make sure the correct overload of IsIterableContainingInOrder.contains is called, otherwise the matchers are wrapped twice and matching won't work! + MatcherAssert.assertThat(listOfMessages, IsIterableContainingInOrder.contains((Matcher[]) matchers)); + } + + public void verifyLogEmpty() { + Mockito.verifyNoInteractions(mockedAppender); + } + + @SuppressWarnings("unchecked") + public void reset() { + Mockito.reset(mockedAppender); + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/util/TestCertificateUtil.java b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestCertificateUtil.java new file mode 100644 index 000000000..cb6f3e503 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestCertificateUtil.java @@ -0,0 +1,64 @@ +package org.digidoc4j.test.util; + +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.cert.X509CertificateHolder; +import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; +import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.operator.ContentSigner; +import org.bouncycastle.operator.OperatorCreationException; +import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; + +import java.math.BigInteger; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.time.Instant; +import java.util.Date; +import java.util.Objects; +import java.util.concurrent.ThreadLocalRandom; + +public final class TestCertificateUtil { + + public static JcaX509v3CertificateBuilder createX509v3CertificateBuilder( + X500Name issuer, BigInteger serial, Instant notBefore, Instant notAfter, X500Name subject, PublicKey publicKey + ) { + Objects.requireNonNull(notAfter, "NotAfter not provided"); + Objects.requireNonNull(subject, "Subject not provided"); + Objects.requireNonNull(publicKey, "Public key not provided"); + return new JcaX509v3CertificateBuilder( + (issuer != null) ? issuer : subject, + (serial != null) ? serial : generateSerial(64), + Date.from(notBefore != null ? notBefore : Instant.now()), + Date.from(notAfter), + subject, + publicKey + ); + } + + public static ContentSigner createCertificateSigner(PrivateKey privateKey, String signatureAlgorithm) { + try { + return new JcaContentSignerBuilder(signatureAlgorithm).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(privateKey); + } catch (OperatorCreationException e) { + throw new IllegalStateException("Failed to create certificate signer", e); + } + } + + public static X509Certificate toX509Certificate(X509CertificateHolder x509CertificateHolder) { + try { + return new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(x509CertificateHolder); + } catch (CertificateException e) { + throw new IllegalStateException("Failed to convert certificate", e); + } + } + + public static BigInteger generateSerial(int size) { + byte[] serialBytes = new byte[size]; + ThreadLocalRandom.current().nextBytes(serialBytes); + return new BigInteger(1, serialBytes); + } + + private TestCertificateUtil() {} + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/util/TestKeyPairUtil.java b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestKeyPairUtil.java new file mode 100644 index 000000000..9f7b03821 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestKeyPairUtil.java @@ -0,0 +1,96 @@ +package org.digidoc4j.test.util; + +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.generators.ECKeyPairGenerator; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECKeyGenerationParameters; +import org.bouncycastle.crypto.params.ECNamedDomainParameters; +import org.bouncycastle.crypto.params.ECPrivateKeyParameters; +import org.bouncycastle.crypto.params.ECPublicKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jce.ECNamedCurveTable; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; +import org.bouncycastle.jce.spec.ECParameterSpec; +import org.bouncycastle.jce.spec.ECPrivateKeySpec; +import org.bouncycastle.jce.spec.ECPublicKeySpec; +import org.bouncycastle.math.ec.ECCurve; +import org.bouncycastle.math.ec.ECPoint; + +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.spec.InvalidKeySpecException; +import java.util.Objects; + +public final class TestKeyPairUtil { + + private static final String EC_KEY_ALGORITHM = "ECDSA"; + + public static AsymmetricCipherKeyPair generateEcKeyPair(ECDomainParameters ecDomainParameters) { + ECKeyGenerationParameters ecKeyGenerationParameters = new ECKeyGenerationParameters(ecDomainParameters, new SecureRandom()); + ECKeyPairGenerator ecKeyPairGenerator = new ECKeyPairGenerator(); + ecKeyPairGenerator.init(ecKeyGenerationParameters); + return ecKeyPairGenerator.generateKeyPair(); + } + + public static AsymmetricCipherKeyPair generateEcKeyPair(String ecCurveName) { + ECNamedCurveParameterSpec ecNamedCurveParameterSpec = ECNamedCurveTable.getParameterSpec(ecCurveName); + Objects.requireNonNull(ecNamedCurveParameterSpec, "No such EC curve found: " + ecCurveName); + ECDomainParameters ecDomainParameters = ECUtil.getDomainParameters(null, ecNamedCurveParameterSpec); + return generateEcKeyPair(ecDomainParameters); + } + + public static PrivateKey toPrivateKey(ECPrivateKeyParameters ecPrivateKeyParameters) { + try { + ECParameterSpec ecParameterSpec = toECParameterSpec(ecPrivateKeyParameters.getParameters()); + ECPrivateKeySpec ecPrivateKeySpec = new ECPrivateKeySpec(ecPrivateKeyParameters.getD(), ecParameterSpec); + return createKeyFactoryForEC().generatePrivate(ecPrivateKeySpec); + } catch (InvalidKeySpecException e) { + throw new IllegalStateException("Failed to convert to private key", e); + } + } + + public static PublicKey toPublicKey(ECPublicKeyParameters ecPublicKeyParameters) { + try { + ECParameterSpec ecParameterSpec = toECParameterSpec(ecPublicKeyParameters.getParameters()); + ECPublicKeySpec ecPublicKeySpec = new ECPublicKeySpec(ecPublicKeyParameters.getQ(), ecParameterSpec); + return createKeyFactoryForEC().generatePublic(ecPublicKeySpec); + } catch (InvalidKeySpecException e) { + throw new IllegalStateException("Failed to convert to private key", e); + } + } + + private static KeyFactory createKeyFactoryForEC() { + try { + return KeyFactory.getInstance(EC_KEY_ALGORITHM, BouncyCastleProvider.PROVIDER_NAME); + } catch (NoSuchAlgorithmException e) { + throw new IllegalStateException("Unsupported key algorithm: " + EC_KEY_ALGORITHM, e); + } catch (NoSuchProviderException e) { + throw new IllegalStateException("Unsupported provider: " + BouncyCastleProvider.PROVIDER_NAME, e); + } + } + + private static ECParameterSpec toECParameterSpec(ECDomainParameters ecDomainParameters) { + ECCurve curve = ecDomainParameters.getCurve(); + ECPoint g = ecDomainParameters.getG(); + BigInteger n = ecDomainParameters.getN(); + BigInteger h = ecDomainParameters.getH(); + byte[] seed = ecDomainParameters.getSeed(); + + if (ecDomainParameters instanceof ECNamedDomainParameters) { + ECNamedDomainParameters ecNamedDomainParameters = (ECNamedDomainParameters) ecDomainParameters; + String name = ECUtil.getCurveName(ecNamedDomainParameters.getName()); + return new ECNamedCurveParameterSpec(name, curve, g, n, h, seed); + } else { + return new ECParameterSpec(curve, g, n, h, seed); + } + } + + private TestKeyPairUtil() {} + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/utils/KeyStoreDocumentTest.java b/digidoc4j/src/test/java/org/digidoc4j/utils/KeyStoreDocumentTest.java new file mode 100644 index 000000000..970ffd776 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/utils/KeyStoreDocumentTest.java @@ -0,0 +1,287 @@ +package org.digidoc4j.utils; + +import org.apache.commons.io.IOUtils; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder; +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.params.ECPrivateKeyParameters; +import org.bouncycastle.crypto.params.ECPublicKeyParameters; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.operator.ContentSigner; +import org.digidoc4j.AbstractTest; +import org.digidoc4j.test.TestLog; +import org.digidoc4j.test.util.TestCertificateUtil; +import org.digidoc4j.test.util.TestKeyPairUtil; +import org.hamcrest.Matchers; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.FileOutputStream; +import java.io.InputStream; +import java.io.OutputStream; +import java.nio.file.Files; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Security; +import java.security.cert.Certificate; +import java.security.cert.X509Certificate; +import java.time.Duration; +import java.time.Instant; +import java.time.Period; +import java.time.temporal.ChronoUnit; +import java.util.LinkedHashMap; +import java.util.Map; +import java.util.UUID; + +public class KeyStoreDocumentTest extends AbstractTest { + + private static final String KEYSTORE_TYPE = "PKCS12"; + private static final String KEYSTORE_PASSWORD = "Passw0rd"; + private static final String KEYSTORE_EXTENSION = ".p12"; + + private TestLog testLog; + + @BeforeClass + public static void setUpStatic() { + Security.addProvider(new BouncyCastleProvider()); + } + + @Override + protected void before() { + testLog = new TestLog(KeyStoreDocument.class); + } + + @Test + public void testKeyStoreFailsToLoadWhenNotExisting() { + String nonExistingPath = new File(testFolder.getRoot(), "non-existing-keystore" + KEYSTORE_EXTENSION).getPath(); + Duration minValidationInterval = Duration.ofMinutes(1L); + Period maxWarningPeriod = Period.ofDays(1); + + IllegalArgumentException caughtException = assertThrows( + IllegalArgumentException.class, + () -> new KeyStoreDocument(nonExistingPath, KEYSTORE_TYPE, KEYSTORE_PASSWORD, minValidationInterval, maxWarningPeriod) + ); + + Assert.assertEquals("Resource not found: " + nonExistingPath, caughtException.getMessage()); + testLog.verifyLogEmpty(); + } + + @Test + public void testKeyStoreFailsToParseOnInvalidKeystoreType() { + String keyStorePath = "classpath:testFiles/truststores/empty-truststore.p12"; + String invalidKeyStoreType = "INVALID"; + Duration minValidationInterval = Duration.ofMinutes(1L); + Period maxWarningPeriod = Period.ofDays(1); + + IllegalStateException caughtException = assertThrows( + IllegalStateException.class, + () -> new KeyStoreDocument(keyStorePath, invalidKeyStoreType, KEYSTORE_PASSWORD, minValidationInterval, maxWarningPeriod) + ); + + Assert.assertEquals("Failed to create key-store of type: " + invalidKeyStoreType, caughtException.getMessage()); + testLog.verifyLogEmpty(); + } + + @Test + public void testKeyStoreFailsToParseOnInvalidKeystorePassword() { + String keyStorePath = "classpath:testFiles/truststores/empty-truststore.p12"; + String invalidKeyStorePassword = "Inval1d"; + Duration minValidationInterval = Duration.ofMinutes(1L); + Period maxWarningPeriod = Period.ofDays(1); + + IllegalStateException caughtException = assertThrows( + IllegalStateException.class, + () -> new KeyStoreDocument(keyStorePath, KEYSTORE_TYPE, invalidKeyStorePassword, minValidationInterval, maxWarningPeriod) + ); + + Assert.assertEquals("Failed to load key-store from: " + keyStorePath, caughtException.getMessage()); + testLog.verifyLogEmpty(); + } + + @Test + public void testInitialKeystoreValidationWithWarningPeriod() throws Exception { + Instant now = Instant.now(); + + Map certificates = new LinkedHashMap<>(); + certificates.put("expired-day", createTestCertificate("CN=EXPIRED-DAY", now.minus(Period.ofDays(2)), now.minus(Period.ofDays(1)))); + certificates.put("expired-minute", createTestCertificate("CN=EXPIRED-MINUTE", now.minus(Duration.ofMinutes(2L)), now.minus(Duration.ofMinutes(1L)))); + for (int i = 1; i < 9; ++i) { + certificates.put("about-to-expire-" + i, createTestCertificate("CN=ABOUT-TO-EXPIRE-" + i, now, now.plus(Period.ofDays(i)))); + } + certificates.put("about-to-expire-minute", createTestCertificate("CN=ABOUT-TO-EXPIRE-MINUTE", now, now.plus(Period.ofDays(9)).minus(Duration.ofMinutes(1L)))); + certificates.put("still-time-minute", createTestCertificate("CN=STILL-TIME-MINUTE", now, now.plus(Period.ofDays(9)).plus(Duration.ofMinutes(1L)))); + certificates.put("still-time-plenty", createTestCertificate("CN=STILL-TIME-PLENTY", now, now.plus(Period.ofDays(365)))); + + File keyStoreFile = createTestKeyStore(certificates); + String keyStorePath = keyStoreFile.getCanonicalPath(); + Duration minValidationInterval = Duration.ofMinutes(5L); + Period maxWarningPeriod = Period.ofDays(9); + + KeyStoreDocument keyStoreDocument = new KeyStoreDocument(keyStorePath, KEYSTORE_TYPE, KEYSTORE_PASSWORD, minValidationInterval, maxWarningPeriod); + + String expiredTemplate = "Certificate from \"%s\" has already expired (%s) - alias: \"%s\"; subject: \"%s\""; + String expiringTemplate = "Certificate from \"%s\" expires (%s) in about %d day(s) - alias: \"%s\"; subject: \"%s\""; + testLog.verifyLogInOrder( + Matchers.equalTo(String.format(expiredTemplate, keyStorePath, now.minus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS), "expired-day", "CN=EXPIRED-DAY")), + Matchers.equalTo(String.format(expiredTemplate, keyStorePath, now.minus(Duration.ofMinutes(1L)).truncatedTo(ChronoUnit.SECONDS), "expired-minute", "CN=EXPIRED-MINUTE")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS), 8, "about-to-expire-1", "CN=ABOUT-TO-EXPIRE-1")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(2)).truncatedTo(ChronoUnit.SECONDS), 7, "about-to-expire-2", "CN=ABOUT-TO-EXPIRE-2")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(3)).truncatedTo(ChronoUnit.SECONDS), 6, "about-to-expire-3", "CN=ABOUT-TO-EXPIRE-3")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(4)).truncatedTo(ChronoUnit.SECONDS), 5, "about-to-expire-4", "CN=ABOUT-TO-EXPIRE-4")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(5)).truncatedTo(ChronoUnit.SECONDS), 4, "about-to-expire-5", "CN=ABOUT-TO-EXPIRE-5")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(6)).truncatedTo(ChronoUnit.SECONDS), 3, "about-to-expire-6", "CN=ABOUT-TO-EXPIRE-6")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(7)).truncatedTo(ChronoUnit.SECONDS), 2, "about-to-expire-7", "CN=ABOUT-TO-EXPIRE-7")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(8)).truncatedTo(ChronoUnit.SECONDS), 1, "about-to-expire-8", "CN=ABOUT-TO-EXPIRE-8")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(9)).minus(Duration.ofMinutes(1L)).truncatedTo(ChronoUnit.SECONDS), 0, "about-to-expire-minute", "CN=ABOUT-TO-EXPIRE-MINUTE")) + ); + assertKeyStoreDocumentContent(keyStoreFile, keyStoreDocument); + } + + @Test + public void testInitialKeystoreValidationWithWarningDuration() throws Exception { + Instant now = Instant.now(); + + Map certificates = new LinkedHashMap<>(); + certificates.put("expired-day", createTestCertificate("CN=EXPIRED-DAY", now.minus(Period.ofDays(2)), now.minus(Period.ofDays(1)))); + certificates.put("expired-minute", createTestCertificate("CN=EXPIRED-MINUTE", now.minus(Duration.ofMinutes(2L)), now.minus(Duration.ofMinutes(1L)))); + for (int i = 1; i < 6; ++i) { + certificates.put("about-to-expire-" + i, createTestCertificate("CN=ABOUT-TO-EXPIRE-" + i, now, now.plus(Duration.ofMinutes(i)))); + } + certificates.put("still-time-minute", createTestCertificate("CN=STILL-TIME-MINUTE", now, now.plus(Duration.ofMinutes(7L)))); + certificates.put("still-time-plenty", createTestCertificate("CN=STILL-TIME-PLENTY", now, now.plus(Period.ofDays(365)))); + + File keyStoreFile = createTestKeyStore(certificates); + String keyStorePath = keyStoreFile.getCanonicalPath(); + Duration minValidationInterval = Duration.ofMinutes(5L); + Duration maxWarningPeriod = Duration.ofMinutes(6L); + + KeyStoreDocument keyStoreDocument = new KeyStoreDocument(keyStorePath, KEYSTORE_TYPE, KEYSTORE_PASSWORD, minValidationInterval, maxWarningPeriod); + + String expiredTemplate = "Certificate from \"%s\" has already expired (%s) - alias: \"%s\"; subject: \"%s\""; + String expiringTemplate = "Certificate from \"%s\" expires (%s) in about 0 day(s) - alias: \"%s\"; subject: \"%s\""; + testLog.verifyLogInOrder( + Matchers.equalTo(String.format(expiredTemplate, keyStorePath, now.minus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS), "expired-day", "CN=EXPIRED-DAY")), + Matchers.equalTo(String.format(expiredTemplate, keyStorePath, now.minus(Duration.ofMinutes(1L)).truncatedTo(ChronoUnit.SECONDS), "expired-minute", "CN=EXPIRED-MINUTE")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Duration.ofMinutes(1L)).truncatedTo(ChronoUnit.SECONDS), "about-to-expire-1", "CN=ABOUT-TO-EXPIRE-1")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Duration.ofMinutes(2L)).truncatedTo(ChronoUnit.SECONDS), "about-to-expire-2", "CN=ABOUT-TO-EXPIRE-2")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Duration.ofMinutes(3L)).truncatedTo(ChronoUnit.SECONDS), "about-to-expire-3", "CN=ABOUT-TO-EXPIRE-3")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Duration.ofMinutes(4L)).truncatedTo(ChronoUnit.SECONDS), "about-to-expire-4", "CN=ABOUT-TO-EXPIRE-4")), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Duration.ofMinutes(5L)).truncatedTo(ChronoUnit.SECONDS), "about-to-expire-5", "CN=ABOUT-TO-EXPIRE-5")) + ); + assertKeyStoreDocumentContent(keyStoreFile, keyStoreDocument); + } + + @Test + public void testOpenStreamTriggersValidationWhenPreviousValidationHasExpired() throws Exception { + Instant now = Instant.now(); + + Map certificates = new LinkedHashMap<>(); + certificates.put("expired", createTestCertificate("CN=EXPIRED", now.minus(Period.ofDays(2)), now.minus(Period.ofDays(1)))); + certificates.put("expiring", createTestCertificate("CN=EXPIRING", now, now.plus(Period.ofDays(1)))); + certificates.put("fine", createTestCertificate("CN=FINE", now, now.plus(Period.ofDays(5)))); + + File keyStoreFile = createTestKeyStore(certificates); + String keyStorePath = keyStoreFile.getCanonicalPath(); + Duration minValidationInterval = Duration.ZERO; + Period maxWarningPeriod = Period.ofDays(2); + + KeyStoreDocument keyStoreDocument = new KeyStoreDocument(keyStorePath, KEYSTORE_TYPE, KEYSTORE_PASSWORD, minValidationInterval, maxWarningPeriod); + + String expiredTemplate = "Certificate from \"%s\" has already expired (%s) - alias: \"expired\"; subject: \"CN=EXPIRED\""; + String expiringTemplate = "Certificate from \"%s\" expires (%s) in about 1 day(s) - alias: \"expiring\"; subject: \"CN=EXPIRING\""; + testLog.verifyLogInOrder( + Matchers.equalTo(String.format(expiredTemplate, keyStorePath, now.minus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS))), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS))) + ); + + testLog.reset(); + InputStream stream = keyStoreDocument.openStream(); + stream.close(); + + testLog.verifyLogInOrder( + Matchers.equalTo(String.format(expiredTemplate, keyStorePath, now.minus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS))), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS))) + ); + } + + @Test + public void testOpenStreamDoesNotTriggerValidationWhenPreviousValidationHasNotExpired() throws Exception { + Instant now = Instant.now(); + + Map certificates = new LinkedHashMap<>(); + certificates.put("expired", createTestCertificate("CN=EXPIRED", now.minus(Period.ofDays(2)), now.minus(Period.ofDays(1)))); + certificates.put("expiring", createTestCertificate("CN=EXPIRING", now, now.plus(Period.ofDays(1)))); + certificates.put("fine", createTestCertificate("CN=FINE", now, now.plus(Period.ofDays(5)))); + + File keyStoreFile = createTestKeyStore(certificates); + String keyStorePath = keyStoreFile.getCanonicalPath(); + Duration minValidationInterval = Duration.ofMinutes(10L); + Period maxWarningPeriod = Period.ofDays(2); + + KeyStoreDocument keyStoreDocument = new KeyStoreDocument(keyStorePath, KEYSTORE_TYPE, KEYSTORE_PASSWORD, minValidationInterval, maxWarningPeriod); + + String expiredTemplate = "Certificate from \"%s\" has already expired (%s) - alias: \"expired\"; subject: \"CN=EXPIRED\""; + String expiringTemplate = "Certificate from \"%s\" expires (%s) in about 1 day(s) - alias: \"expiring\"; subject: \"CN=EXPIRING\""; + testLog.verifyLogInOrder( + Matchers.equalTo(String.format(expiredTemplate, keyStorePath, now.minus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS))), + Matchers.equalTo(String.format(expiringTemplate, keyStorePath, now.plus(Period.ofDays(1)).truncatedTo(ChronoUnit.SECONDS))) + ); + + testLog.reset(); + InputStream stream = keyStoreDocument.openStream(); + stream.close(); + + testLog.verifyLogEmpty(); + } + + private File createTestKeyStore(Map certificates) throws Exception { + KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE); + keyStore.load(null, KEYSTORE_PASSWORD.toCharArray()); + for (Map.Entry entry : certificates.entrySet()) { + keyStore.setCertificateEntry(entry.getKey(), entry.getValue()); + } + File keyStoreFile = testFolder.newFile(UUID.randomUUID().toString() + KEYSTORE_EXTENSION); + try (OutputStream outputStream = new FileOutputStream(keyStoreFile)) { + keyStore.store(outputStream, KEYSTORE_PASSWORD.toCharArray()); + } + return keyStoreFile; + } + + private static X509Certificate createTestCertificate(String subjectDN, Instant notBefore, Instant notAfter) throws Exception { + AsymmetricCipherKeyPair keyPair = TestKeyPairUtil.generateEcKeyPair("secp384r1"); + PrivateKey signingKey = TestKeyPairUtil.toPrivateKey((ECPrivateKeyParameters) keyPair.getPrivate()); + PublicKey publicKey = TestKeyPairUtil.toPublicKey((ECPublicKeyParameters) keyPair.getPublic()); + X500Name subjectDnX500Name = new X500Name(subjectDN); + + JcaX509v3CertificateBuilder certificateBuilder = TestCertificateUtil.createX509v3CertificateBuilder( + null, null, notBefore, notAfter, subjectDnX500Name, publicKey + ); + + ContentSigner signer = TestCertificateUtil.createCertificateSigner(signingKey, "SHA512withECDSA"); + return TestCertificateUtil.toX509Certificate(certificateBuilder.build(signer)); + } + + private static X509Certificate createTestCertificate(String subjectDN, Instant notAfter) throws Exception { + return createTestCertificate(subjectDN, Instant.now(), notAfter); + } + + private void assertKeyStoreDocumentContent(File sourceFile, KeyStoreDocument keyStoreDocument) throws Exception { + byte[] expectedContent = Files.readAllBytes(sourceFile.toPath()); + + try (InputStream in = keyStoreDocument.openStream()) { + byte[] actualContent = IOUtils.toByteArray(in); + Assert.assertArrayEquals(expectedContent, actualContent); + } + + try (ByteArrayOutputStream out = new ByteArrayOutputStream()) { + keyStoreDocument.writeTo(out); + byte[] actualContent = out.toByteArray(); + Assert.assertArrayEquals(expectedContent, actualContent); + } + } + +} diff --git a/digidoc4j/src/test/resources/testFiles/keystores/keystore.p12 b/digidoc4j/src/test/resources/testFiles/keystores/keystore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..5f2a1b7489dd2fe0c7173eccbde37fa7f03c371d GIT binary patch literal 2549 zcmY+Ec{mh`8ph4S7@84d$u^9JVQe!Z#&WEUC2J#DBTIxZmWVl)p+U-$J!H);gcP!5 z4aX9)l)aMX5suxVx$b@LJ@?)}zUTd(_x-;2&mWEo-39_cI4ZP~1&XB^&<h%PnP+w?j>_!&e-X12n96K_W?P?)B@6q%zs|7%fCW_WUpOlG04K%5_8%n-(|agrF%yR2x96s2UEcVGOR&!?VP z=sVgx#KFjFRR{7bu+$|msaK#xd&Rg*wQe3&QTifT^=)&0zi0by#qJ~T&j$13q$tt0 z#z2_5ay_sw6`;x?z4!WHine>jqNzysiXLs}M7reH9l#uSm7)=VRV?eaYOEn$sGN;p?QX6fU{qwm(mgWAf0A5M31{1=`O)xXG z2b~b;;kG(6Hm3G^Q&Dxkf^I32qU)cOtN+4$^|)f`*5rA*Iny7{>}=nrGzdh_cGL9S zgS!H4p2kglaGOHpUf3#NV+5>iB}Yxw38d5++KW2`9s7TwAe|`V54j6GYmQ326_SOE zyk&S}*X*Q83+~=?FX3~`B_YSFHZz^kQgV0}-zt?sxt`EQPYfZcifcB{lVR5-0rRW$ zNpm5}kFP|ei&=1TJFw)5#$)w#DF=l`7D1(rX|27H4{iL)wWUM0x2KAkrB$n!_%=41 z2+FYu2(KY*p*TWxZ*)|RKj15)hLt*MvPC)Jf!m5z*&B3A+>3Q?mS<#hjEw$qT`3E$ z5J1J!=3XJ-%xFExUwi;p@h>ODOD?Y zof!xsj__~Q)ngM|-H~+tKQ(VzgzKw&Cd%m3MQ?Q93vE}e{1PAZa(muXE=AU1gIOa7 zmt!YNMZk@?uc%d1vN;tqe&eybnLQeMNv`lh`zfcFQ zprmaUUwN=&hSxGWv>Mol>TSe=qFQ|mN~+d?Q&|aQplk<_k#6V{ z`-G3~6|)1zIIaXqd&G;hr|IlmhJ>=o!n@eW75s4Qv2nn#OcPS88=Lqecr7hGN@ z=3JZ*9g*}PqEdfmBPdcJ_Svod6=}wYq?%AS4C_$wzM_To?OZRABfkwBNbbAGu#-B@2z^2e`F-AATin`uwyAP<3o(m zYq(fI+f%6+Ff@`8-w?9`G;9Ya_kpPL!$NCgf*eltJ8wHWvrKA!39pT4H3+|}x4B`T z@#l=jv3qdwT^iUYql z-0;&b`Dqq@xvnQc2O$~ePrI?E$i4DrG%Uy;#(wE$6gikw-}xF^6QRk=(V~;Lkd7zf zP=BKm%8lnnaxr-``7*gM-8xf`vn_xr@PAKu@Z4Z7%R6`7MDdsL$_h%#1QjKfON29o z3jN&!VL78J?974!0ZeBC{BHvIKhCoJle4uaDj&k-exu0Lrx)dVuxd7rbq!y%{(-w)0FS|9| zrt){+Vu~lPc@7{e3vaSJ9<5>op_xs*i35NryH-I;q*ZID)dfE7MhZuE~yi(l8FfcZTftNTH*OknglZ?a9jSYu{zt>!YW?*2cVF zY2;5tz1-_sh*48$LYKw8wb6A6?f+OrrU)u2(RZ)A&a^ZjHP00=E{0fR-Y}*eaAtwx zSBnXiL+qg~rR*CU@xnoN$O_j9FKKiCB?56B9da)XYt(xA)3uyeOKSLlXfz`vC#i?V(L!*u{AB`x-J_d}HJbawWMXS|W4bZ^tC-BfD zdZg2S<(*kaP?{0gU2g%&z4hns&eaN%<4yMp0-I${it%|WH@u>hF_D#hMTS@*sq3%l z+DeqJc4@)c_+j}tQ^n%ip@(hSe<3$%*z;Sp>7}_p!jzf~KhP6P`Pv#RJeo`oHS5-= z$~ttlNpfBuUDL_}-3$%))j~<*Wv+P;kn%J=Z|HVxy!k5K?4;7HsKNfEdXU_wzJQ-y zDrF*xdD6^u9PGb*49hhzfDuP|svt$2*5P@xw%!8Gj7^>;_x^L9Ye#F>it`OSIY5Im zkktTtkDMdIA5WUc`+MfPWAwC55hn+mwpowU+}jv(1q%b+`sj)+_*JpP+|R(2-z1*U zh>=oKrYjxV9WCwQlan)JKiX5L!<0k%qqUFDWr&v!-ObNhZU&KLFXK(v)QM7p1 zx*I4?bWCh)Q=Ocyu9s02EMX*3 zv`cXWNt&6yer9^_uGxW8I(hN2y{bO1*c{({ZyD}490~_zVU~u2fC9`+U~XfbW;8Cs t>EY(Y)bmHf8n?s%76xGMR@@0`)3X=9|EyWU1<)}Ww#Y&Qf&jFFe*osbl#c)a literal 0 HcmV?d00001 diff --git a/digidoc4j/src/test/resources/testFiles/keystores/truststore.p12 b/digidoc4j/src/test/resources/testFiles/keystores/truststore.p12 new file mode 100644 index 0000000000000000000000000000000000000000..998a774fa5df87fe34bfaeca8f726b2066cc4c3e GIT binary patch literal 2549 zcmY+EcQ_l08pg>$NYv4&nl*~1MiYAztF+R_9*17LwO6ZZONkkKCDdxoQgzHGb}7fE zYVXpTq10#<*S*iZ=ic+j_q^ZpzTfx$`9tC$-vG2gBo0ze2f2yY#UH_F>1p$EkZceR zl6hgLB5`2PzeQjh5Dsj0VVhr!F&)!?zMzb>fP5V21c?J3ArW+p|Ftj5xj=9w23(~7 z5Jk9aWH&hP*|WRYkn80DAkBL$2nXsJmvx1aWgY7iVY-L(4$7p7aC!-|;hd|tJwZGBbOJsV{v8LHr=Z$77{GBy#wUWs<&eu^wW)&YWGyz^^0!?F{0lFH z+XJh*`k-cSyG5ssKP8GH|4i*X4K8NqSuYLcCaLA!KDS*8#avz$kK8Z@ihIeJwhE8y zCRftmW3xCPUzLlE7Xo_SvK(-oOkdm#-w_HsGr#+Sr2S)ZFN{+Byn|^?IDQ42+Jkp8 zjo4-w`6`DS-5*VWtZJ;PM!t~KD{4*2ozOKL>|c8vSEM9gY8y#H&8tmY2U(lfby@yo zt(mNC?t43NZ0Ady`@N!@v-c1^3l3&fo=n)i2fMS8O{Xu78p5cRmgY;ceY?s2b9Thv zim(67f*0+2eO}K&YdciEL6XDx<#2%Sa$ZNK%z$7}yM?EDWQPyB1SJGh&k|~ z4Us};{cS|5P{5KdLfWp(A^N)-^zeyCVcwxt&Zz0at))=FN1z5uo(L|hLm20U zK#bWz6JI{db4kY-q$RipMDoif#AD|t#PruWEVp0xN!3p12J0=J6#2>}S98sV4rPgW z#OkmT6^I}#^9F?0fjz{Jr!i#}L?Gs08UU`eyGVuA_i_|GF{${nST)tXG4W0GX0-=Z zB5xv|c+_Welf+3-98%ms1*CF)8id9&jP3K{wcA=;TNP))<4#HGwPs>-r|uca>NH>b zO2r&XJ!x$<;xuDd36U|4hl}U9>ErHGKk7+>Ou4Dg`@xklFZsz@2TdU{?&02N$WHDL zwDwE8I^rr_y-%83kaN_+vhf+p(ZijqP_C3T=Y0Ru$y_s1jJt0OH>yyrd@URkolIR# zy1%ty5GhCB@kYL&;aU$_IEhDUWog$a&)IUQeBG zoT4@{@cW=wS2ma{CXrBUnUOD~CSVy4?SNXsF+Ntxba*-MFLD`foGL-jQ_2p)e{Ej>O)!C-o83xGQ30<3Xf z9f7KQgzzEaaJ6ZaRuNI>E3HP}%*Cza+ zR~fqZjO|#4v)oQH&G;;lHucZGk`E1YhP!2wS9Lg}4ekx7l^92blMlG?d+4CWlIHD- zPS+{EBoULmh|-$YKRxnD%>oP=P0QUKWuy-E{xB51?GVLD@W^j65NYGViY2!(cDN~! zZRRzaJ}9P?M8!IB+Y6{m1iB(zaX?X0RoT?^my%fs;*`MDH<9c;h#S)6i1-&6E2?WyYvzjPbq8QWWp1Gj!C*c^cB zEN?g5A0oxZD77M(wg5iV!gDCprFNKZjOy(E9gpv~qJ)0#S-iw6M~5~!6o0hN^Tc4< zVUM9`jMKi{w_FR89^pvn8OKt0UK$Vn^tPBuY$*XO-u0B@D%dah{!oQ4qwQXSddu%+ zp=m4-&syQM&wUSs@)d#*=O-cNgbYN%nW|n*Hq+*Le>SAvI>2v*quWO{S5?SDi0_HA z-f?j#Ooc$B3xDTy`mW!lL}$H?H5Cn+9tuKORH|@y61wi8CHo~Nd=mw!2%W%sr|M=RJo zFLHvyfzizImg$l4(V@pDGpw|ntGTHTU{_GKgjsTO@r81Z=_t> zH?+BR0;5_BbyFya5j1vVrm?sZ#=h#oW`YL$y1(aJ**6H!RW#nSp*mCIABZIoJd#~Sm7d!@;b_t0oeCO0!A;nH0|3(E^ZyAMII(yD literal 0 HcmV?d00001 From 3e52306c1142d142eeee9094be589beeb3d9685f Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Tue, 13 Apr 2021 13:20:31 +0300 Subject: [PATCH 29/45] DD4J-631 On validation, try to extract OCSP certificate first from OCSP token and then from the signature --- .../impl/asic/xades/TimemarkSignature.java | 43 ++++++++++++++---- .../digidoc4j/impl/bdoc/ValidationTest.java | 11 +++++ .../NoAdditionalOcspCertificate.bdoc | Bin 0 -> 7303 bytes 3 files changed, 46 insertions(+), 8 deletions(-) create mode 100644 digidoc4j/src/test/resources/testFiles/valid-containers/NoAdditionalOcspCertificate.bdoc diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/xades/TimemarkSignature.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/xades/TimemarkSignature.java index dc58e4727..1da4442c7 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/xades/TimemarkSignature.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/xades/TimemarkSignature.java @@ -10,8 +10,10 @@ package org.digidoc4j.impl.asic.xades; +import eu.europa.esig.dss.model.DSSException; import eu.europa.esig.dss.model.x509.CertificateToken; import eu.europa.esig.dss.spi.DSSRevocationUtils; +import eu.europa.esig.dss.spi.DSSUtils; import org.apache.commons.lang3.StringUtils; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1OctetString; @@ -21,9 +23,11 @@ import org.bouncycastle.asn1.x500.RDN; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x509.Extension; +import org.bouncycastle.cert.X509CertificateHolder; import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils; import org.bouncycastle.cert.ocsp.BasicOCSPResp; import org.bouncycastle.cert.ocsp.RespID; +import org.bouncycastle.util.encoders.Hex; import org.digidoc4j.SignatureProfile; import org.digidoc4j.X509Cert; import org.digidoc4j.exceptions.CertificateNotFoundException; @@ -31,10 +35,14 @@ import org.slf4j.LoggerFactory; import java.io.IOException; +import java.util.ArrayList; import java.util.Arrays; import java.util.Date; import java.util.List; +import java.util.Objects; +import java.util.Optional; import java.util.stream.Collectors; +import java.util.stream.Stream; /** * Signature for BDOC where timemark is taken from OCSP response. @@ -145,11 +153,10 @@ private BasicOCSPResp findOcspResponse() { } private X509Cert findOcspCertificate() { - String rId = ""; String signatureId = getDssSignature().getId(); + String responderIdString = ""; try { RespID responderId = ocspResponse.getResponderId(); - rId = responderId.toString(); String primitiveName = getCN(responderId.toASN1Primitive().getName()); byte[] keyHash = responderId.toASN1Primitive().getKeyHash(); @@ -157,11 +164,19 @@ private X509Cert findOcspCertificate() { if (isKeyHash) { logger.debug("Using keyHash {} for OCSP certificate match", keyHash); + responderIdString = Hex.toHexString(keyHash); } else { logger.debug("Using ASN1Primitive {} for OCSP certificate match", primitiveName); + responderIdString = primitiveName; } - for (CertificateToken cert : getDssSignature().getCertificates()) { + List availableCertificates = new ArrayList<>(); + Optional.ofNullable(ocspResponse.getCerts()).map(Arrays::stream).orElseGet(Stream::empty) + .map(TimemarkSignature::ocspCertificateHolderToCertificateToken).filter(Objects::nonNull) + .forEach(availableCertificates::add); + availableCertificates.addAll(getDssSignature().getCertificates()); + + for (CertificateToken cert : availableCertificates) { if (isKeyHash) { ASN1Primitive skiPrimitive = JcaX509ExtensionUtils.parseExtensionValue( cert.getCertificate().getExtensionValue(Extension.subjectKeyIdentifier.getId())); @@ -179,19 +194,31 @@ private X509Cert findOcspCertificate() { } } catch (IOException e) { - logger.error("Unable to wrap and extract SubjectKeyIdentifier from certificate - technical error. {}", e); + logger.error("Unable to wrap and extract SubjectKeyIdentifier from certificate - technical error.", e); } - logger.error("OCSP certificate for " + rId + " was not found in TSL"); - throw new CertificateNotFoundException("OCSP certificate for " + rId + " was not found in TSL", signatureId); + String errorMessage = String.format( + "OCSP certificate for \"%s\" was not found in neither OCSP response nor signature", + responderIdString + ); + logger.error(errorMessage); + throw new CertificateNotFoundException(errorMessage, signatureId); } - private boolean useKeyHashForOCSP(String primitiveName, byte[] keyHash) { + private static boolean useKeyHashForOCSP(String primitiveName, byte[] keyHash) { return (keyHash != null && keyHash.length > 0) && (primitiveName == null || primitiveName.trim().length() == 0); } + private static CertificateToken ocspCertificateHolderToCertificateToken(X509CertificateHolder x509CertificateHolder) { + try { + return DSSUtils.loadCertificate(x509CertificateHolder.getEncoded()); + } catch (DSSException | IOException e) { + logger.error("Failed to parse OCSP certificate: {}", getCN(x509CertificateHolder.getSubject()), e); + return null; + } + } - private String getCN(X500Name x500Name) { + private static String getCN(X500Name x500Name) { if (x500Name == null) return null; RDN[] rdNs = x500Name.getRDNs(new ASN1ObjectIdentifier("2.5.4.3")); if (rdNs == null || rdNs.length == 0) { diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 9192b7c98..fcc53b963 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -581,6 +581,17 @@ public void bdocTM_signedWithValidCert_isExpiredByNow_shouldBeValid() throws Exc Assert.assertTrue(test.isValid()); } + @Test + public void bdocTM_noOcspCertificateInSignature_OcspCertificateInOcspToken_shouldBeValid() { + Configuration configuration = new Configuration(Configuration.Mode.TEST); + Container container = ContainerBuilder.aContainer(). + fromExistingFile("src/test/resources/testFiles/valid-containers/NoAdditionalOcspCertificate.bdoc"). + withConfiguration(configuration) + .build(); + ContainerValidationResult test = container.validate(); + Assert.assertTrue(test.isValid()); + } + @Test public void signaturesWithCrlShouldBeInvalid() throws Exception { SignatureValidationResult result = this.openContainerByConfiguration( diff --git a/digidoc4j/src/test/resources/testFiles/valid-containers/NoAdditionalOcspCertificate.bdoc b/digidoc4j/src/test/resources/testFiles/valid-containers/NoAdditionalOcspCertificate.bdoc new file mode 100644 index 0000000000000000000000000000000000000000..d764ce2faa0d77ceb91d8bd57eb2d5488e500412 GIT binary patch literal 7303 zcma)>bx@3)rgaSScEfISK=&5#ntPoyptJoVO;&j<%p!Gzi zQ(yHkI6dL%SLtU~h)^BD+~`_}a3wa$#nQ3LR+Z&}eSXN&yVWEecQxC-(*1D*CQw$! z6EU3@Kv5t(3z5$DRnAjp#XU((9*7)0@xBlpweazA<|nec5+YLad~jF&pMmtCp`iZv zkqM!={x!0PosF}ZrL>~HmVxq9Iwbi;& z7PKvLFC#2-%BJmMtz%uAGHmk3yR_6r)#2s05$GQuB)#3Mlvy5oL;v!7tMvh6CQRCK)XRDHqmiF)iM^^-D$ z{cUwi6K>dN6`!a+{z2|E{yy(5x=YL?;1ihCrw%ac_AG!s8z&H5h}0=%n$jN)T6-pimXp1RS!Nou$`>8P1AX$bjEa4mIY(_iH&HfBGa zwohP#xKS`f!6D?=-IBJye57zMvm;i@soJ>>1jZ;<8?AaC-Rb&lzdiQ~!;Z~Ly&k1F zPy6$iRl68ltyPV&D^~gDzn{TU!=W$#Iu6vbH%VZbd1;zY%&XbG#T5$>Rs&u7LPTo5 ztnu+1_H}4G7PHycJt?SxGT?zaWRvC=^2CCSRUO*VS|L1RAQ+#IiGvQ^KFAXJaDLu% zDbD*#4HBfLTl*wFt`XC+#tK;=(*v^3%)+ctw?OMnj?wGZhGb1Fguv}QVjI7dUs*_M z6?fy$%ms1V}j?}2kn$BRkY*e7!x z4J$C^o`%Lv?+LtV6k&htK`U+J{vaU&*^mJU+BFW*Vd%ZDpb8p+<@yt}?3ATiO9df?mnr=l z>AAVCV!WhFe5cVu0>={ObgRqc!>pQkEM!Yxr0`<0wDG6Ti>lShtztBxl$#tU*a$nB z+CyO`jy63@IbFA+0OanXhxT}#o~#ibmZ1ld;i@K<#Bwy4l?W5xa|r#BK@aBv2>45P zv;_IjovJ|k)o(>S3+IB9hbjw0xC^z_uvIwftqNux8fGanTzzAuYAtBABQp`aBQK6j8LM>2!@8co(2 z4TW>g4#K!+Cu08jCqaR2eqwnw#!Xyg)GzX%AQ9Iys>+-z>GCxF)&3(Cp$wtr!xRmo zAUiP#Pt68(bBG4{sG?6*z^Q6EEwPR?VOo+=|IG$RM7C(|an$!P(@1w>bYVPnK;;Kq z@zRAz*!el|XA4~7pxPW2ue8#d+>tcaO~=(nSV6z$#6eMx>KvbT1GJnnm%|mj^N({z z@Wn7W$N7vw#QNfeS`=|A$l@yni#_77vfP@gzS(B}fp&;qoa+z=vN~6wEurYOEQOMQ zmX7IprB+WCY&=?f%?*t(Z==4jeMdS z4I`ip#WnamtHKoqbu*c7|BBHg^W+2Xv5P*7(n9Pn@~MyQ;#o@D#|B63z6D(2MDSlj zo~k#5e?SRNg8A@cH746aFLc)m_$rgSfWo}&Vg5he^USg~DX_Z}B zgOH9Z1FFf^TMjO}sLH+P@(8=_PJYDR9UZ09>mcNM-Xjy~=)ZJC?3Ul7EW|!x^04ip zVCNPz$aBo{&MdC@<=XTQ=Fs71D_!m;k?(n;h{KO`qm+75>*o|@01=?pVdlU9UjYo; zSxBqfcOVdK(SBk5C3|h^$fIqDs-f)~u4Y6N;b%ePHPJ45i z-dYR!uV0(riv;Hcf7WB?GO%BM4yuYG^wp?^xw*(zo=XslGhjC+UW1EZkXmxqL-YTZLl~wa|_*z z&{S;V!%qK{AnfIFgiNXs}}Ij{1~^YppjmE)eq3 zDeOFs*1>kFy-$xk1c?}H_h1}6s(IiWmrNY+(a`UZW@;a)Y0d8^4^coa?q?$Tw5I`~ ziJx1{n!>9nP`r7YggKk(5`6u)3EIEfhP@3sw!o4y+Qr4pK}EcZAG|ic7lPi`%nH5k zd*KbBYuEaud1)XgE${;CG3d=zBC?0QaKx%CmCT*$CMl&xZVPQ7w(n|Y+!NO}wMI7S zJADPBE9y`8iEALmx%cUmCog29Yzvs>AJl+&KS;XdC5d-?SiF&A{XPbpzIO`ZRR^cW zxV;DG8B;FDQ|`80!dp{{L1CV0(`vju)-f2qX!S}VxaU&MLcZGc*5})VehLkxAdP;A zlp?nbZ{q<|!Muu`KE1z*XM`Z%y$WGM&N%DxPd0pANW`zIyH!Q^7~_J($1w<<3%bPI zPSs#gUnPT`?}Jt@lAknh82z7~VLaZ_#M{!rPg>oh`T!$T;nICZ-8jj58JFNKxys|K zBqCSx*}BPISdduVb&2$GXMj6*k`cLXo$c=ub@T#k!rP?bjODJo=Xb$w*iZeNy@MLx zAOx?85c%LuC()M>SzAeZT!o+ednU@JaEgvd*sleb84qc9$mthT1n_qN7>25wTIJ5` zt(Ta`A-B4S+vy>bmFq^HTjRX%8%OA}wM;M!uAVV9K7`N)&;BtBk(|JzhZ;zbyw{mFABu|n33z8zQMHp32kv~vwt?9-%Yy#P^2ic!Y1k17}MS3DF zcXhxZv_N4A_G7zVB#@U^&mfl3+vf~uF>k_$+Yc{h1!A~8_Ek?_OAgam^VhQ&Zk-(0 zo(H3}63*i#XV*PHrpK6^i!ea&5Q5V^I?>+RpKCW|ct0|Jrs;ruI~FFDSikMOsTAMSJ`Ub@mK>VA{>pKMPb1(Ioo)Ltc$Jdzr-FAWM@w@R#+t3faT zpOgk5C)Xwv@w?$$Xl|LlQ?T@%cJ)I;3)sBh*H58hB4(dQ>!!Fnec8n#EvmZ99fwyTxgD z$3}w$0s(dxj~59&Oy>`gw+k-$YY4$(Wj)WP#cP-q;v9COH6xgHeFV~CiU$6Hlotf} zBq|9tMU{AAFsm~OOOm*3D#z4pl{)5`3vo6lHiztZlrIyT@L6rN#x;c_?czi6vh7+D ztt%0^{-H=O_yH){sGGfwUPJ*&I`wDTZ7&XdoBS<6W$mQvef+Bx zweJ_Nd97-SUA7Ifz>JB=emP-+|q<%=H|U63x@$WzkLg#%F#m+jCWb`yB2XGPKRbzxoID2-P-^d z3|&p@0HZX)J-s7&Oa#8pDbeoJhN=UqvbjAWLv~%3U>2v?TV`IHuck^7nu#&G9iw!Y zWjaj6C5emfWv|5red!m6K(01OvNTb^hHK7ArI>pE5_;)u`(|D70XIxvO8)2179w%K)hNA^dlYacGtQ#f&Pq43yUqGXpw9O7_ zQBp%H#e%JSV+Wc0prh(M*Wy?AaK44y3g?s#UBHBU=n|{?V&f9w4DR5dVcd16@MXA0 zdd^HI_Da)WB2PdfA?>gz`AtxERf)O)BDZy8gJ+bLPSGY*bOs1S98wVzR#hP&c6lFL zR6cVX3|0;CvrY>am0q-W0%(Ee!(uTJ=*W*0*Yc%S3Ahh_-$1rBEtNDmf+uqKoUd;OonX0vrLXK+Gy3Ebl>+FrzyFkYi?K57y z&K+l1l)70Vl&v(en>WU&4d;n9v&0^f9pf>?XJebLEm4DJ1yO)yy{6v#GEJ7y>~_-B zGbVW~xAwWSZjchw`r{RoM_iAu@lnA5ByFhh0c4>#~>jG`4A=sHpJi$;KA8kUnmLCK13mwV}=k z3_KLZ=>g8aL!_qPbwOUTanFSp`=-&?jt<_-Qi9TjF6!Hl=koF&Z$0H!cx@Ctu?hks zZ4B09IAxT8%f2Cu+rd*BO;XsEGay4?N@Hm+&$tzxlD}-feY<|hZYm_=jNT4^yLQsI z=|O#Cl{$jlM_o0^xZsYwigM-Z)J0v1yFwQDMeur>NCG9v@QnR8BE~0nS}+z_-E58X z!O))u_6{z?dPW|@5N!s%XT&77?eF0sf=3L$4}7X$`6OnTOmOy%!ky%tFfLPh;Y(gq zDc_upC2Oh8+WOLYrByx%f8PT>XA0B>e#{BVe%dJhfZ8KTk-8js;w}ij*WC*3w23E} zTXyWOx`)QuD&B(|syPF^Z;DE((pBQyv;uUH6`GP2@>^N^S_mapwjrwlm)FgK3G01q zGtAqLdS!t>%ons0A7Aa!)X{XLxmt|^1-}k=sI<*tjg2-M>vqvZ9+{7;>hHFF)Y3Zb zq-zqlakmiVTYqi*00%7bz*pY=aqhp#n4A?&XKx(j_)9m~dzYiu&!{g$n9vnZJhPW+q>F7<_CYyXFoSaX7Y4=JE1E4=1NbKf^4v5>Q#aVd>P4AH2 z_~D@U4-W!+;Jv@ibbOQBmdpy~GTcM{PALw?uJ7 zM@w4A#*l}A3WxD9;bWtrvcf3yp0`B#cW;;1(^70Os?<=D$)KMB8H|9q1ZG?LGcUJ( zriK7i>_yfMbj2%_r&|5KQV85fl52c0bgDqq_9X&)xnEwDl%y4|u2VHvnq80qSO^#! z=0vjJuW(vu0tyrP22o$P!Ur8FMMa@6U)%{ydKXnn)W@_FMW>#`Zce8e-#iDiV7yvJ zCu&lUi8$N;#-?x~=Uhj>FxQYCmoBJzNW$GfJgWueKeDkKF)aPqKiGE+;O`wg+~;}U zPk;KQo4#Dxc)QQc?1NvYqZ?bVr`JIognp*=6I@+rT8TePDZl;L zUO6`po+2XC16y_ulEBxn9Ub05mLh&?>r=MwU6#W7as~bpI?+oJ(azUq|0C>8H`>rYv%S%~CRBFL7}65+m7I zh&Ji&-OG-Se4Ra;gxRBdF;`N4o=z2r_=K6j@t8Sq|7{YPfx<66fOR5eXmT)WPK%8E z^;0toD(!RRfXB2-e4AXdq(Sm9GKCd0>ZMJ_t!Ak_%o7ErVI@pwolAr(ex)JbByarA zOL!Qqi+rTj%-(Ur}169ka%h?+Z%Qt z_w!;*oTQu$z)5i4o3s6j6A~GTg!fyxShBs4d7+;cA;;$j$6QOu?1An-@9vkg(#FqGXZ0COd)M30ZMtwq1eE z)F8j>^g{eI2ne&h@{BS0<;BPpG34IIR1lpDTQeJR_(VBA8_ps>T@#lBYjXv&y9cZ( zC9ZFP1}GK#ViQS1u>N-Ll=ek;s4-|~3l&oy^TZQTnoRz)Y=~*7ZD3&9&hK&pJj`Fe z&#r>xB~aSg1WMxX4vK=%!`LFp59-An+k|_ha(ZB?U?O06#Ja6K{Cn*BU*Xo9>JNc^ z!y|oUh~dHG9STL~ES^XYp|S4?x&@V4)uyxgJP&bKfykI;OK(b?kM!~0SSvTmLeYib zf;Mu*JALP0sac-x4yreE6-8(tKJ~RBURPFT8Ek904NC7l#;HbvDd;Y62{oIT2a-eu z8CDE=4o=SyF|HhB`?!L=%3ofX$!J(x({civF~)91PeYX^a{Uu0;~6Ho-Zf9~95I_* zea%hD5+Hv!HvN6iS`AHH6pa)o$0a5F*Zq(HpJRn*1h5bLi4^w2nrJ$qMs>1bJjWb( zGp|5xr_>7Q<3V80Owb1I;)j{{3UL~HB-@Uc++a2(;yRDUI-yTT)u@^#^};4? zt8cBWx0Pc);(eA5-b;mlyd^`wJ|Vy`Hr9QBd>QcJ&>G15bl-Y^^alHv#v}loatMf^ zpaj|fFBl~D>irKA1r3Gp|3jeuyZwJp=Wn?G fvOhxnuc-f Date: Wed, 14 Apr 2021 13:31:26 +0300 Subject: [PATCH 30/45] DD4J-659 Fix DataLoaderDecorator proxy configuration --- .../impl/asic/DataLoaderDecorator.java | 44 +++-- .../impl/asic/DataLoaderDecoratorTest.java | 181 ++++++++++++++---- 2 files changed, 167 insertions(+), 58 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java index c183474e8..ec62d9740 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/DataLoaderDecorator.java @@ -52,15 +52,15 @@ public class DataLoaderDecorator { */ public static void decorateWithProxySettings(CommonsDataLoader dataLoader, Configuration configuration) { if (configuration.isNetworkProxyEnabled()) { - ProxyProperties httpProxyProperties = createProxyProperties( + ProxyProperties httpProxyProperties = createProxyPropertiesIfHostAndPortPresent( configuration.getHttpProxyPort(), configuration.getHttpProxyHost(), configuration.getHttpProxyUser(), configuration.getHttpProxyPassword() ); - ProxyProperties httpsProxyProperties = createProxyProperties( + ProxyProperties httpsProxyProperties = createProxyPropertiesIfHostAndPortPresent( configuration.getHttpsProxyPort(), configuration.getHttpsProxyHost(), configuration.getHttpProxyUser(), configuration.getHttpProxyPassword() ); - ProxyConfig proxyConfig = createProxyConfig(httpProxyProperties, httpsProxyProperties); + ProxyConfig proxyConfig = createProxyConfigIfAnyPropertiesPresent(httpProxyProperties, httpsProxyProperties); dataLoader.setProxyConfig(proxyConfig); } } @@ -72,38 +72,44 @@ public static void decorateWithProxySettings(CommonsDataLoader dataLoader, Confi */ public static void decorateWithProxySettingsFor(ExternalConnectionType connectionType, CommonsDataLoader dataLoader, Configuration configuration) { if (configuration.isNetworkProxyEnabledFor(connectionType)) { - ProxyProperties httpProxyProperties = createProxyProperties( + ProxyProperties httpProxyProperties = createProxyPropertiesIfHostAndPortPresent( configuration.getHttpProxyPortFor(connectionType), configuration.getHttpProxyHostFor(connectionType), configuration.getHttpProxyUserFor(connectionType), configuration.getHttpProxyPasswordFor(connectionType) ); - ProxyProperties httpsProxyProperties = createProxyProperties( + ProxyProperties httpsProxyProperties = createProxyPropertiesIfHostAndPortPresent( configuration.getHttpsProxyPortFor(connectionType), configuration.getHttpsProxyHostFor(connectionType), configuration.getHttpProxyUserFor(connectionType), configuration.getHttpProxyPasswordFor(connectionType) ); - ProxyConfig proxyConfig = createProxyConfig(httpProxyProperties, httpsProxyProperties); + ProxyConfig proxyConfig = createProxyConfigIfAnyPropertiesPresent(httpProxyProperties, httpsProxyProperties); dataLoader.setProxyConfig(proxyConfig); } } - private static ProxyConfig createProxyConfig(ProxyProperties httpProxyProperties, ProxyProperties httpsProxyProperties) { - logger.debug("Creating proxy settings"); - ProxyConfig proxyConfig = new ProxyConfig(); - proxyConfig.setHttpProperties(httpProxyProperties); - proxyConfig.setHttpsProperties(httpsProxyProperties); - return proxyConfig; + private static ProxyConfig createProxyConfigIfAnyPropertiesPresent(ProxyProperties httpProxyProperties, ProxyProperties httpsProxyProperties) { + if (httpProxyProperties != null || httpsProxyProperties != null) { + logger.debug("Creating proxy settings"); + ProxyConfig proxyConfig = new ProxyConfig(); + proxyConfig.setHttpProperties(httpProxyProperties); + proxyConfig.setHttpsProperties(httpsProxyProperties); + return proxyConfig; + } else { + return null; + } } - private static ProxyProperties createProxyProperties(Integer proxyPort, String proxyHost, String proxyUser, String proxyPassword) { - ProxyProperties proxyProperties = new ProxyProperties(); + private static ProxyProperties createProxyPropertiesIfHostAndPortPresent(Integer proxyPort, String proxyHost, String proxyUser, String proxyPassword) { if (proxyPort != null && isNotBlank(proxyHost)) { + ProxyProperties proxyProperties = new ProxyProperties(); proxyProperties.setPort(proxyPort); proxyProperties.setHost(proxyHost); + if (isNotBlank(proxyUser) && isNotBlank(proxyPassword)) { + proxyProperties.setUser(proxyUser); + proxyProperties.setPassword(proxyPassword); + } + return proxyProperties; + } else { + return null; } - if (isNotBlank(proxyUser) && isNotBlank(proxyPassword)) { - proxyProperties.setUser(proxyUser); - proxyProperties.setPassword(proxyPassword); - } - return proxyProperties; } /** diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java index 340f20307..6529c2cb5 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/DataLoaderDecoratorTest.java @@ -2,7 +2,6 @@ import eu.europa.esig.dss.service.http.commons.CommonsDataLoader; import eu.europa.esig.dss.service.http.proxy.ProxyConfig; -import eu.europa.esig.dss.service.http.proxy.ProxyProperties; import org.digidoc4j.Configuration; import org.digidoc4j.ExternalConnectionType; import org.digidoc4j.utils.KeyStoreDocument; @@ -39,7 +38,7 @@ public class DataLoaderDecoratorTest { public void decorateWithSslSettingsShouldDoNothingWhenSslConfigurationNotEnabled() { Mockito.doReturn(false).when(configuration).isSslConfigurationEnabled(); DataLoaderDecorator.decorateWithSslSettings(dataLoader, configuration); - Mockito.verifyZeroInteractions(dataLoader); + Mockito.verifyNoInteractions(dataLoader); } @Test @@ -48,7 +47,7 @@ public void decorateWithSslSettingsForShouldDoNothingWhenSslConfigurationNotEnab Mockito.doReturn(false).when(configuration).isSslConfigurationEnabled(); Mockito.doReturn(false).when(configuration).isSslConfigurationEnabledFor(connectionType); DataLoaderDecorator.decorateWithSslSettingsFor(connectionType, dataLoader, configuration); - Mockito.verifyZeroInteractions(dataLoader); + Mockito.verifyNoInteractions(dataLoader); Mockito.reset(configuration, dataLoader); } @@ -319,7 +318,7 @@ public void decorateWithSslSettingsForShouldApplyAllConfiguredSslProperties() { public void decorateWithProxySettingsShouldDoNothingWhenNetworkProxyNotEnabled() { Mockito.doReturn(false).when(configuration).isNetworkProxyEnabled(); DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); - Mockito.verifyZeroInteractions(dataLoader); + Mockito.verifyNoInteractions(dataLoader); } @Test @@ -327,7 +326,71 @@ public void decorateWithProxySettingsForShouldDoNothingWhenNetworkProxyNotEnable for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(false).when(configuration).isNetworkProxyEnabledFor(connectionType); DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); - Mockito.verifyZeroInteractions(dataLoader); + Mockito.verifyNoInteractions(dataLoader); + + Mockito.reset(configuration, dataLoader); + } + } + + @Test + public void decorateWithProxySettingsShouldApplyNullConfigIfHostIsNotConfigured() { + Mockito.doReturn(true).when(configuration).isNetworkProxyEnabled(); + Mockito.doReturn(8073).when(configuration).getHttpProxyPort(); + Mockito.doReturn(473).when(configuration).getHttpsProxyPort(); + Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUser(); + Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPassword(); + + DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); + ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNull(capturedProxyConfig); + } + + @Test + public void decorateWithProxySettingsForShouldApplyNullConfigIfHostIsNotConfigured() { + for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { + Mockito.doReturn(true).when(configuration).isNetworkProxyEnabledFor(connectionType); + Mockito.doReturn(8073).when(configuration).getHttpProxyPortFor(connectionType); + Mockito.doReturn(473).when(configuration).getHttpsProxyPortFor(connectionType); + Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUserFor(connectionType); + Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPasswordFor(connectionType); + + DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); + ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNull(capturedProxyConfig); + + Mockito.reset(configuration, dataLoader); + } + } + + @Test + public void decorateWithProxySettingsShouldApplyNullConfigIfPortIsNotConfigured() { + Mockito.doReturn(true).when(configuration).isNetworkProxyEnabled(); + Mockito.doReturn(null).when(configuration).getHttpProxyPort(); + Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHost(); + Mockito.doReturn(null).when(configuration).getHttpsProxyPort(); + Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHost(); + Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUser(); + Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPassword(); + + DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); + ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNull(capturedProxyConfig); + } + + @Test + public void decorateWithProxySettingsForShouldApplyNullConfigIfPortIsNotConfigured() { + for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { + Mockito.doReturn(true).when(configuration).isNetworkProxyEnabledFor(connectionType); + Mockito.doReturn(null).when(configuration).getHttpProxyPortFor(connectionType); + Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHostFor(connectionType); + Mockito.doReturn(null).when(configuration).getHttpsProxyPortFor(connectionType); + Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHostFor(connectionType); + Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUserFor(connectionType); + Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPasswordFor(connectionType); + + DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); + ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNull(capturedProxyConfig); Mockito.reset(configuration, dataLoader); } @@ -336,12 +399,13 @@ public void decorateWithProxySettingsForShouldDoNothingWhenNetworkProxyNotEnable @Test public void decorateWithProxySettingsShouldApplyHttpHostAndPortIfConfigured() { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabled(); - Mockito.doReturn(Integer.valueOf(8073)).when(configuration).getHttpProxyPort(); + Mockito.doReturn(8073).when(configuration).getHttpProxyPort(); Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHost(); DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); - assertProxyPropertiesNotConfigured(capturedProxyConfig.getHttpsProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNull(capturedProxyConfig.getHttpsProperties()); Assert.assertEquals(8073, capturedProxyConfig.getHttpProperties().getPort()); Assert.assertEquals("httpProxyHost", capturedProxyConfig.getHttpProperties().getHost()); @@ -354,12 +418,13 @@ public void decorateWithProxySettingsShouldApplyHttpHostAndPortIfConfigured() { public void decorateWithProxySettingsForShouldApplyHttpHostAndPortIfConfigured() { for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabledFor(connectionType); - Mockito.doReturn(Integer.valueOf(8073)).when(configuration).getHttpProxyPortFor(connectionType); + Mockito.doReturn(8073).when(configuration).getHttpProxyPortFor(connectionType); Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHostFor(connectionType); DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); - assertProxyPropertiesNotConfigured(capturedProxyConfig.getHttpsProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNull(capturedProxyConfig.getHttpsProperties()); Assert.assertEquals(8073, capturedProxyConfig.getHttpProperties().getPort()); Assert.assertEquals("httpProxyHost", capturedProxyConfig.getHttpProperties().getHost()); @@ -374,12 +439,13 @@ public void decorateWithProxySettingsForShouldApplyHttpHostAndPortIfConfigured() @Test public void decorateWithProxySettingsShouldApplyHttpsHostAndPortIfConfigured() { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabled(); - Mockito.doReturn(Integer.valueOf(473)).when(configuration).getHttpsProxyPort(); + Mockito.doReturn(473).when(configuration).getHttpsProxyPort(); Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHost(); DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); - assertProxyPropertiesNotConfigured(capturedProxyConfig.getHttpProperties()); + Assert.assertNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpsProperties()); Assert.assertEquals(473, capturedProxyConfig.getHttpsProperties().getPort()); Assert.assertEquals("httpsProxyHost", capturedProxyConfig.getHttpsProperties().getHost()); @@ -392,12 +458,13 @@ public void decorateWithProxySettingsShouldApplyHttpsHostAndPortIfConfigured() { public void decorateWithProxySettingsForShouldApplyHttpsHostAndPortIfConfigured() { for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabledFor(connectionType); - Mockito.doReturn(Integer.valueOf(473)).when(configuration).getHttpsProxyPortFor(connectionType); + Mockito.doReturn(473).when(configuration).getHttpsProxyPortFor(connectionType); Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHostFor(connectionType); DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); - assertProxyPropertiesNotConfigured(capturedProxyConfig.getHttpProperties()); + Assert.assertNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpsProperties()); Assert.assertEquals(473, capturedProxyConfig.getHttpsProperties().getPort()); Assert.assertEquals("httpsProxyHost", capturedProxyConfig.getHttpsProperties().getHost()); @@ -410,45 +477,85 @@ public void decorateWithProxySettingsForShouldApplyHttpsHostAndPortIfConfigured( } @Test - public void decorateWithProxySettingsShouldApplyUserAndPasswordIfConfigured() { + public void decorateWithProxySettingsShouldApplyHttpUserAndPasswordIfConfigured() { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabled(); + Mockito.doReturn(8073).when(configuration).getHttpProxyPort(); + Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHost(); Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUser(); Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPassword(); DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNotNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNull(capturedProxyConfig.getHttpsProperties()); - Assert.assertEquals(0, capturedProxyConfig.getHttpProperties().getPort()); - Assert.assertNull(capturedProxyConfig.getHttpProperties().getHost()); + Assert.assertEquals(8073, capturedProxyConfig.getHttpProperties().getPort()); + Assert.assertEquals("httpProxyHost", capturedProxyConfig.getHttpProperties().getHost()); Assert.assertNull(capturedProxyConfig.getHttpProperties().getExcludedHosts()); Assert.assertEquals("proxyUser", capturedProxyConfig.getHttpProperties().getUser()); Assert.assertEquals("proxyPassword", capturedProxyConfig.getHttpProperties().getPassword()); - - Assert.assertEquals(0, capturedProxyConfig.getHttpsProperties().getPort()); - Assert.assertNull(capturedProxyConfig.getHttpsProperties().getHost()); - Assert.assertNull(capturedProxyConfig.getHttpsProperties().getExcludedHosts()); - Assert.assertEquals("proxyUser", capturedProxyConfig.getHttpsProperties().getUser()); - Assert.assertEquals("proxyPassword", capturedProxyConfig.getHttpsProperties().getPassword()); } @Test - public void decorateWithProxySettingsForShouldApplyUserAndPasswordIfConfigured() { + public void decorateWithProxySettingsForShouldApplyHttpUserAndPasswordIfConfigured() { for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabledFor(connectionType); + Mockito.doReturn(8073).when(configuration).getHttpProxyPortFor(connectionType); + Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHostFor(connectionType); Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUserFor(connectionType); Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPasswordFor(connectionType); DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNotNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNull(capturedProxyConfig.getHttpsProperties()); - Assert.assertEquals(0, capturedProxyConfig.getHttpProperties().getPort()); - Assert.assertNull(capturedProxyConfig.getHttpProperties().getHost()); + Assert.assertEquals(8073, capturedProxyConfig.getHttpProperties().getPort()); + Assert.assertEquals("httpProxyHost", capturedProxyConfig.getHttpProperties().getHost()); Assert.assertNull(capturedProxyConfig.getHttpProperties().getExcludedHosts()); Assert.assertEquals("proxyUser", capturedProxyConfig.getHttpProperties().getUser()); Assert.assertEquals("proxyPassword", capturedProxyConfig.getHttpProperties().getPassword()); - Assert.assertEquals(0, capturedProxyConfig.getHttpsProperties().getPort()); - Assert.assertNull(capturedProxyConfig.getHttpsProperties().getHost()); + Mockito.reset(configuration, dataLoader); + } + } + + @Test + public void decorateWithProxySettingsShouldApplyHttpsUserAndPasswordIfConfigured() { + Mockito.doReturn(true).when(configuration).isNetworkProxyEnabled(); + Mockito.doReturn(473).when(configuration).getHttpsProxyPort(); + Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHost(); + Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUser(); + Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPassword(); + + DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); + ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpsProperties()); + + Assert.assertEquals(473, capturedProxyConfig.getHttpsProperties().getPort()); + Assert.assertEquals("httpsProxyHost", capturedProxyConfig.getHttpsProperties().getHost()); + Assert.assertNull(capturedProxyConfig.getHttpsProperties().getExcludedHosts()); + Assert.assertEquals("proxyUser", capturedProxyConfig.getHttpsProperties().getUser()); + Assert.assertEquals("proxyPassword", capturedProxyConfig.getHttpsProperties().getPassword()); + } + + @Test + public void decorateWithProxySettingsForShouldApplyHttpsUserAndPasswordIfConfigured() { + for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { + Mockito.doReturn(true).when(configuration).isNetworkProxyEnabledFor(connectionType); + Mockito.doReturn(473).when(configuration).getHttpsProxyPortFor(connectionType); + Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHostFor(connectionType); + Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUserFor(connectionType); + Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPasswordFor(connectionType); + + DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); + ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpsProperties()); + + Assert.assertEquals(473, capturedProxyConfig.getHttpsProperties().getPort()); + Assert.assertEquals("httpsProxyHost", capturedProxyConfig.getHttpsProperties().getHost()); Assert.assertNull(capturedProxyConfig.getHttpsProperties().getExcludedHosts()); Assert.assertEquals("proxyUser", capturedProxyConfig.getHttpsProperties().getUser()); Assert.assertEquals("proxyPassword", capturedProxyConfig.getHttpsProperties().getPassword()); @@ -460,15 +567,17 @@ public void decorateWithProxySettingsForShouldApplyUserAndPasswordIfConfigured() @Test public void decorateWithProxySettingsShouldApplyAllConfiguredProxySettings() { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabled(); - Mockito.doReturn(Integer.valueOf(8073)).when(configuration).getHttpProxyPort(); + Mockito.doReturn(8073).when(configuration).getHttpProxyPort(); Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHost(); - Mockito.doReturn(Integer.valueOf(473)).when(configuration).getHttpsProxyPort(); + Mockito.doReturn(473).when(configuration).getHttpsProxyPort(); Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHost(); Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUser(); Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPassword(); DataLoaderDecorator.decorateWithProxySettings(dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNotNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpsProperties()); Assert.assertEquals(8073, capturedProxyConfig.getHttpProperties().getPort()); Assert.assertEquals("httpProxyHost", capturedProxyConfig.getHttpProperties().getHost()); @@ -487,15 +596,17 @@ public void decorateWithProxySettingsShouldApplyAllConfiguredProxySettings() { public void decorateWithProxySettingsForShouldApplyAllConfiguredProxySettings() { for (final ExternalConnectionType connectionType : ExternalConnectionType.values()) { Mockito.doReturn(true).when(configuration).isNetworkProxyEnabledFor(connectionType); - Mockito.doReturn(Integer.valueOf(8073)).when(configuration).getHttpProxyPortFor(connectionType); + Mockito.doReturn(8073).when(configuration).getHttpProxyPortFor(connectionType); Mockito.doReturn("httpProxyHost").when(configuration).getHttpProxyHostFor(connectionType); - Mockito.doReturn(Integer.valueOf(473)).when(configuration).getHttpsProxyPortFor(connectionType); + Mockito.doReturn(473).when(configuration).getHttpsProxyPortFor(connectionType); Mockito.doReturn("httpsProxyHost").when(configuration).getHttpsProxyHostFor(connectionType); Mockito.doReturn("proxyUser").when(configuration).getHttpProxyUserFor(connectionType); Mockito.doReturn("proxyPassword").when(configuration).getHttpProxyPasswordFor(connectionType); DataLoaderDecorator.decorateWithProxySettingsFor(connectionType, dataLoader, configuration); ProxyConfig capturedProxyConfig = verifyDataLoaderProxyConfigSetAndCaptureProxyConfig(); + Assert.assertNotNull(capturedProxyConfig.getHttpProperties()); + Assert.assertNotNull(capturedProxyConfig.getHttpsProperties()); Assert.assertEquals(8073, capturedProxyConfig.getHttpProperties().getPort()); Assert.assertEquals("httpProxyHost", capturedProxyConfig.getHttpProperties().getHost()); @@ -520,12 +631,4 @@ private ProxyConfig verifyDataLoaderProxyConfigSetAndCaptureProxyConfig() { return argumentCaptor.getValue(); } - private void assertProxyPropertiesNotConfigured(ProxyProperties proxyProperties) { - Assert.assertEquals(0, proxyProperties.getPort()); - Assert.assertNull(proxyProperties.getExcludedHosts()); - Assert.assertNull(proxyProperties.getHost()); - Assert.assertNull(proxyProperties.getUser()); - Assert.assertNull(proxyProperties.getPassword()); - } - } \ No newline at end of file From 7953e9d63e9b405e2dc7552b257b9320c38295f4 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Wed, 14 Apr 2021 14:49:47 +0300 Subject: [PATCH 31/45] DD4J-659 Fix SkDataLoader tests --- .../org/digidoc4j/impl/SkDataLoaderTest.java | 21 +++++-- .../java/org/digidoc4j/test/TestAssert.java | 56 +++++-------------- 2 files changed, 29 insertions(+), 48 deletions(-) diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java index 576d41f1a..03a71c912 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/SkDataLoaderTest.java @@ -21,7 +21,6 @@ import org.digidoc4j.SignatureProfile; import org.digidoc4j.impl.asic.tsl.TslLoader; import org.digidoc4j.test.MockSkDataLoader; -import org.digidoc4j.test.TestAssert; import org.junit.Assert; import org.junit.Ignore; import org.junit.Test; @@ -39,8 +38,16 @@ public void ocspDataLoader_withProxyConfiguration() throws Exception { this.configuration.setHttpProxyHost("proxyHost"); this.configuration.setHttpProxyPort(1345); SkDataLoader dataLoader = new SkOCSPDataLoader(this.configuration); - TestAssert.assertHTTPProxyIsConfigured(dataLoader, "proxyHost", 1345); - TestAssert.assertProxyCredentialsAreUnset(dataLoader); + ProxyConfig config = dataLoader.getProxyConfig(); + Assert.assertNotNull(config); + ProxyProperties httpProperties = config.getHttpProperties(); + Assert.assertNotNull(httpProperties); + ProxyProperties httpsProperties = config.getHttpsProperties(); + Assert.assertNull(httpsProperties); + Assert.assertEquals("proxyHost", httpProperties.getHost()); + Assert.assertEquals(1345, httpProperties.getPort()); + Assert.assertNull(httpProperties.getUser()); + Assert.assertNull(httpProperties.getPassword()); } @Test @@ -50,14 +57,16 @@ public void dataLoader_withPasswordProxyConfiguration() throws Exception { this.configuration.setHttpProxyUser("proxyUser"); this.configuration.setHttpProxyPassword("proxyPassword"); SkDataLoader loader = new SkOCSPDataLoader(this.configuration); - TestAssert.assertHTTPProxyIsConfigured(loader, "proxyHost", 1345); ProxyConfig config = loader.getProxyConfig(); + Assert.assertNotNull(config); ProxyProperties httpProperties = config.getHttpProperties(); + Assert.assertNotNull(httpProperties); ProxyProperties httpsProperties = config.getHttpsProperties(); + Assert.assertNull(httpsProperties); + Assert.assertEquals("proxyHost", httpProperties.getHost()); + Assert.assertEquals(1345, httpProperties.getPort()); Assert.assertEquals("proxyUser", httpProperties.getUser()); - Assert.assertEquals("proxyUser", httpsProperties.getUser()); Assert.assertEquals("proxyPassword", httpProperties.getPassword()); - Assert.assertEquals("proxyPassword", httpsProperties.getPassword()); } @Test diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java b/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java index 42cf51e90..8ccc0ed2f 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java +++ b/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java @@ -10,31 +10,16 @@ package org.digidoc4j.test; -import static org.apache.commons.lang3.StringUtils.isEmpty; - -import java.io.File; -import java.io.IOException; -import java.io.InputStream; -import java.util.List; -import java.util.regex.Pattern; - -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.xpath.XPath; -import javax.xml.xpath.XPathExpression; -import javax.xml.xpath.XPathExpressionException; -import javax.xml.xpath.XPathFactory; - +import eu.europa.esig.dss.model.DSSDocument; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.Configuration; import org.digidoc4j.Container; import org.digidoc4j.Signature; import org.digidoc4j.exceptions.DigiDoc4JException; +import org.digidoc4j.impl.SKOnlineOCSPSource; import org.digidoc4j.impl.SkDataLoader; import org.digidoc4j.impl.asic.asice.AsicESignature; -import org.digidoc4j.impl.SKOnlineOCSPSource; import org.digidoc4j.impl.asic.xades.XadesSignature; import org.hamcrest.CoreMatchers; import org.junit.Assert; @@ -43,10 +28,18 @@ import org.w3c.dom.Document; import org.xml.sax.SAXException; -import eu.europa.esig.dss.model.DSSDocument; -import eu.europa.esig.dss.service.http.commons.CommonsDataLoader; -import eu.europa.esig.dss.service.http.proxy.ProxyConfig; -import eu.europa.esig.dss.service.http.proxy.ProxyProperties; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.xpath.XPath; +import javax.xml.xpath.XPathExpression; +import javax.xml.xpath.XPathExpressionException; +import javax.xml.xpath.XPathFactory; +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.util.List; +import java.util.regex.Pattern; /** * Created by Janar Rahumeel (CGI Estonia) @@ -118,27 +111,6 @@ public static void assertSaveAsStream(Container container) throws IOException { TestAssert.assertContainerStream(container.saveAsStream()); } - public static void assertHTTPProxyIsConfigured(CommonsDataLoader loader, String proxyHost, int proxyPort) { - ProxyConfig config = loader.getProxyConfig(); - Assert.assertNotNull(config); - ProxyProperties httpProperties = config.getHttpProperties(); - ProxyProperties httpsProperties = config.getHttpsProperties(); - Assert.assertEquals(proxyHost, httpProperties.getHost()); - Assert.assertEquals(proxyPort, httpProperties.getPort()); - Assert.assertEquals(null, httpsProperties.getHost()); - Assert.assertEquals(0, httpsProperties.getPort()); - } - - public static void assertProxyCredentialsAreUnset(CommonsDataLoader loader) { - ProxyConfig config = loader.getProxyConfig(); - ProxyProperties httpProperties = config.getHttpProperties(); - ProxyProperties httpsProperties = config.getHttpsProperties(); - Assert.assertTrue(isEmpty(httpProperties.getUser())); - Assert.assertTrue(isEmpty(httpsProperties.getUser())); - Assert.assertTrue(isEmpty(httpProperties.getPassword())); - Assert.assertTrue(isEmpty(httpsProperties.getPassword())); - } - /* * RESTRICTED METHODS */ From 2a19cbd7a2ec996e2c8b7c5f296aa323a8903469 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Thu, 15 Apr 2021 09:07:07 +0300 Subject: [PATCH 32/45] DD4J-631 Add additional test for validating an LT signature with no additional certificates (TS, OCSP, etc.) in the unsigned properties --- .../org/digidoc4j/impl/bdoc/ValidationTest.java | 11 +++++++++++ .../NoAdditionalCertificates_LT.asice | Bin 0 -> 6494 bytes 2 files changed, 11 insertions(+) create mode 100644 digidoc4j/src/test/resources/testFiles/valid-containers/NoAdditionalCertificates_LT.asice diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index fcc53b963..5d1c59954 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -592,6 +592,17 @@ public void bdocTM_noOcspCertificateInSignature_OcspCertificateInOcspToken_shoul Assert.assertTrue(test.isValid()); } + @Test + public void asiceLT_noAdditionalCertificatesInSignature_shouldBeValid() { + Configuration configuration = new Configuration(Configuration.Mode.TEST); + Container container = ContainerBuilder.aContainer(). + fromExistingFile("src/test/resources/testFiles/valid-containers/NoAdditionalCertificates_LT.asice"). + withConfiguration(configuration) + .build(); + ContainerValidationResult test = container.validate(); + Assert.assertTrue(test.isValid()); + } + @Test public void signaturesWithCrlShouldBeInvalid() throws Exception { SignatureValidationResult result = this.openContainerByConfiguration( diff --git a/digidoc4j/src/test/resources/testFiles/valid-containers/NoAdditionalCertificates_LT.asice b/digidoc4j/src/test/resources/testFiles/valid-containers/NoAdditionalCertificates_LT.asice new file mode 100644 index 0000000000000000000000000000000000000000..be72402971a26f5b2f3dd377509bc4fac39f56a5 GIT binary patch literal 6494 zcmaJ`Wl$YTx;(f;a1HJfTyn6B99)CD9W=N*1a}AocMtCF?hxGF-Q8ZYRd4UDt+%hI zrsk`e`Fg77XSaeh6f`0L01p5(2Sj}dBYOmq004kL^Y<3O%G}D>(aqM_z}D8%+{nPu z+{T*O*&6)G*wMlKlYxV|5tA{4ySc5xZxSp3JUslrNPhSI8`!@qS&*_2lcby&vz39h zxrwoZ<0n@u%g7j3)NU4Jkc*t68_3*11f7nM#urMo2q^)B#zK3>-hB#!zPEet{r2>J zciSAX-F+j5uKJr-n?K@WU(|!ihWqCdsI;XqR`mknnuB|Vc>Zw`bA2Lp@l?96^$;~U zg+{_>IfPKv2j{K25~uF#j!ktYlJ_R?l^o3K*+C46ygQ@lgp za&orTCZ9%VHxcQrAW8YTw9X!7JyD_Kb-t}!U?tXjaCvV;{Dl4KQe;ZhDvf(FF}j?> zJ4etPuRkl)zt}34nI!dY+voL7i)ClBLi__#eY&YEi|#Y{0bptoq({=w?#UNzbkE?Y z{ruv~1WK6KTzLE^Xs=e)| z^G#^9W;IiHY~z|+hd}j>f7VKbGPjZbL427-BzH>AHUb1HZ>>n=a(ONXVS!SkaC@j8sR zI<)TuYa1o2_Hw#Y+7{J&((-eVz-{r#PO1|RnMoMzH9Ss7!*{a&sK-F7!923prn_~H zr-JTq)n%~v^o2w=GD$?&GR(bg4wi`@>!XeumbZ>A(O;LyGKffQeYL8IgP7;-Ax_`< zDGDe#n$>)nQjHTGG*0dchHCgy5BFH?3MM?LPuPlbcHy(f6EHfpzl~5YgMvq$$42{- z$pkcYLX^VEL!zufaSv?cz-!+nH*%t{xi0C^3PunvUXNU8Nz}`jd;{AH%XFq7+!|4y z{nBg5qMDuWF3^Z?87ShN$O2l96@gZWPnJq&K}v?a73ou;Uyc`Pas0<=yUq7j5Sm=< zd^iWqTX&wj?j8*huq{{`9{n5*r9|=v>NJ@NAJM2+A@Vjw?>{mp0ZB6*zDd>xr<*oK zSTS`AnT{piS#jYDjw!)^8#kG-OR#Q&tP8e}c#4%(STi4J2{;2QX#?WMaw_Uo)wvv= zM>)R5;(rFn@i^cHRimXH-ju{lMY~8lfb~?3KOxoD+Z5}9!)A>?h7d7ZXnbAaI^ZMo zKXGX^%cL9OW4w6$@ZTfce5?TM$fF0Hof6n}&Jrg)}@WI_ed})*FCW$(7>xSgiwfzTmOC=mLEUSr56cDrxUC@w) zH3tr>qkNU6xnSX#oVYf@#o!lhv-w5VqkQVep6)8QyH#Mpr#u+xW74>VQE1R%O(%qc zF3GqoKR7L5C{exhv{WXB_^n57!rPKsru@-aekRbYnvnznj1&p>DjOTc7*%$vPNpAC zesl!epzCInWq%>CUg=&sGAwEij1sQo_iz3qeZHnutXw_v;9T$zXU7q1O#t_kpBq&)h46_ewo~MpfXasUQmy zwmZR;^6r*^>+#9I&>I>%RZY)~6az$d;_DH0ISbSt z!aY#Y@!EBco5pO+0tuazPt19_NiPx zdh&hgfzy8veiYow;{W9#rHch4my1?x1KEEYPt4NH z(Et0xvg3JwJN=uk?9TJ6$eU;C_xH}0*avj;iN>d0D%2#r=UU0oTN*au`OI!;T?~$o`4Hol3P0W+1m&4B4H0Cq z9DC~g+COw8$~-LR2*p5t^Q*94j$-5Yfb0o8?f-Tc~MZs4B=fg!2~PT^<2- zHv&3yZivtWBka;0E+xL2&qE>h4WV{87N=6Pido5F7{xzQkQ!8QAu{#!HyHzlHei%p zuwoeiZd8l-Wv@s)>g!{r)3_At0tnyTcQRR{m@@#tBs?|?KsYe%eI3e92ksQ}mptZqC~S#V4<*0QdxELTK!(QbmO4%E`GVSCamg9p`|W-r zI1i|_{OC(MJR&VMVFJdU|(nFHcTxh!{4fs!K5gM|T^2aS1CA0Y5agm*-5j^~RG0Gj=S3Sq5Y8EAn`J zawE6M$D5jW@@vUq7AM8%(TO2d)Yz9)QQvXd_*H?j>yvCpU1&l zzAKHpTIhgW>4R})ev@GRt26GEB1-ls^x=5Vj`(_<{a*br9)nYg^|1>hY!J$lC6y3!(Um_Fi@RUdz9rXX=&5ByeO(pEeprf zl&I$3Lumc!kYJ6}U5i8yX)kn&VuRcysSs(piW1e?Ns&gEeOn#G&&}tOWZTk6d(=39 zqQNQi;VJtql4px-5B=f6o&!>(t{!d@umq=`#DeroJH)-D+FBeH?<^j;Euh7jc-A#6 zXV?l3)AVsg)0>ir%fwfDWwF*xK8JnXCSY@8XbQX`(N)#QYe)qjBOPCdh<3x-9ejMavGyY36m)r!0sb+AG!%lfKoZ;eKseb+euz4d#ErM#<4@T} zgb^}&s?3_R%ldLpd9*n#KJ&A?KSiF{D455;`>Se68U1h(xy7j9FgM?gDNez)+y>hr zYQSumaAW-BQA?IIwJ9G)p%l91d}J@trQa)^z?mVZSt{Eu$Y6~6X-b)h3U_k`QpX7+Qg*vY$rS zhNc$pyxP<^gckvlwx3urhwX9nHHbwmRlUEmuk!jtM+kNTwp+ZT+|*oSUIGNE4^;P_ zwa0q2%aCq(HPm%?)W6L)RPpdYo+XnfWHkEzm~UiW+mFSuv|;3@QfPS5R;1*QSvDfJ zY%=LND-6Oun5G`7$7MoLcj}*yGvBsjY))99XeMtFJQy+$?_DEnPua*=*I#RtGYP6F z=860=Y|;i)xMGT~pu%XFC*ViOTbsC~&ipVMf=Fms5hrNeu3RwkPV#o8GtR0%j;=or z0aqBk4bdbDD%%wpfEfYm;xnkNMZf48DG8@=5@J-M{&D`=rdw#)YF&#aSi%Z&1~)#i$FH4IuJejaNdQGQiBraeXYtdk(? z5MBlw(o)>^185N5BPy#9`g9ycodl-Ni(TH#hj&17%J+2)7E=&*-c{!zL&%5hXK!jUGF5u@*?R&1Mx>IxvI1ZBW`DZa0X#^1+c5wkDPm;p(~NVS_g@3&5~A#HI)w<`iM(D;b>YME}?_crkWGB^zT?1(cfcI`KtWfNf}OOj8ohC zN$@a9n%*pek6~?}EYZEk4AGlX8-NBG_dib4jcX+ETQ)96GPZtQ=ii^}S7@VIS5={% z=%zW#bnT4?O0IJ54?4J+nU7=UskGQ7e$}$=3BpeN5}RuN=MH8A%-+BcL3dDB;|Dm=SLHGY2)D`0h~y(k9P$;q>BFYb78#75~HVdn_!84 zdKwkObtl~9>eXu#2mFFDYhs}#Z2#@tVI&-O zpYqsN0J_>&HXxAUX}IoGQC+)WOzXV<>rxXjh@h$HIn*qU__hw+Z0F3AzBmZaaIl4a zA7CW>7ZM&f5MkRSxZ_g%Q0n~0HE8JZt+4>_(VHS#>}H!d^j-RK+uwiUDTld#*`Mis z()oSqu7jDob%%3z;MJg`{}=JaMf;*X^JQKIJq07j)lsQMvm!815Uz@0*&Z*EE}dK@ z(mkr}0kauCH-V*-m#P6s=KR)t=SoNvn}wA0SWt#q({CB-TNOh`;53KsflfY)IXspU zps@BPb7PEZyUlnLlxJgmj`&wA>par2HkU!UbKB47>~TD8iU9MRtfPaNCe*!U8mt|~@o;@|LX+n402LqP(m-B_WZ0L5 zekw)*DMXF1QQDhiQlw)6V+S3ad$U0+adb#!71$6I7=YhLIPJ}@Mf~*H4*UMhhny!U zJ@B&;nZx8#af1sdQ$Sq64=r}7V%}Z{CfChe{1S=watY#>1YD1Kf>_(g79sk>ox%w9J>I)5aEt2r%BOOY(|| zd6($kWwO)$xfTW1t~e{hXL>YpYLC*xMak5|c~g<~~`X zuMu*qxe*oBWCeLoeJ~)#I$zR4tvctmu}%0nd7_(;yCfThuUELh6oyVF?rw%)v%E-Nq zXO~E(xa!l1YbXf?V9$QpC2QGbl3G#zrRJLV>BM4tFd}7g-?cP=Pls@Iux8D5>3AnS zRDadLUJpU!UP4!1qhoKeuP2RPlWot+Nn=_^2WmS^tiC%Uhz1$5IZ_QS@VE% zrbIEA;T8d9n8B*}es*@5od|?bVrDu%9U0F*Y^cD6k3y$0G$X4=b!1>;tCbzN7z-qk z&G;w=4-w=+vfFoupDxRj zK}_onCDxzf$Hv&|$k_IlNYOT9chz?+*=MRI6;y8ogWXf&oC%w;bk?=z+a#aE=OQG6 z85+7c?SlvTr6gfgD-Q%d<0MwDoDHG>d^2{bIIh>cRVP+3#f~3{X$kb;TSn=zJ|a5o zZ8FkuS;US^EtS$Lkb|*XRgG9KEuKqY5HR$B{}lYklm8pQ-~Ro-DgMKu|4){GO8fIUf8!qa@2^sjhJpQa0{wg3{$7>- H_2B;iSja{s literal 0 HcmV?d00001 From 6d4fb7d64d603d3cc3c211b6b812a1200cba5690 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Thu, 15 Apr 2021 09:41:57 +0300 Subject: [PATCH 33/45] DD4J-359 Fix debug logging message for when an AsicSignature's validation result already exists --- .../src/main/java/org/digidoc4j/impl/asic/AsicSignature.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicSignature.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicSignature.java index 3aa5d7cab..17282481c 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicSignature.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicSignature.java @@ -199,8 +199,8 @@ public ValidationResult validateSignature() { logger.info( "Signature has " + validationResult.getErrors().size() + " validation errors and " + validationResult.getWarnings().size() + " warnings"); } else { - logger.debug( - "Using existing validation errors with " + validationResult.getErrors().size() + " validation errors and " + validationResult.getWarnings().size() + " warnings"); + logger.debug("Using cached signature validation result. " + + "Signature has " + validationResult.getErrors().size() + " validation errors and " + validationResult.getWarnings().size() + " warnings"); } return validationResult; } From d9d5fca1e47ede4e4a9b1e46d82cb19e7b62047d Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Fri, 16 Apr 2021 11:46:41 +0300 Subject: [PATCH 34/45] DD4J-631 Additional tests with OCSP certificate neither in signature nor OCSP token --- .../digidoc4j/impl/bdoc/ValidationTest.java | 26 ++++++++++++++++++ .../NoOcspCertificateAnywhere.bdoc | Bin 0 -> 986758 bytes .../NoOcspCertificateAnywhere_LT_liveTS.asice | Bin 0 -> 7181 bytes 3 files changed, 26 insertions(+) create mode 100644 digidoc4j/src/test/resources/testFiles/invalid-containers/NoOcspCertificateAnywhere.bdoc create mode 100644 digidoc4j/src/test/resources/testFiles/valid-containers/NoOcspCertificateAnywhere_LT_liveTS.asice diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 5d1c59954..606ff0fe6 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -592,6 +592,20 @@ public void bdocTM_noOcspCertificateInSignature_OcspCertificateInOcspToken_shoul Assert.assertTrue(test.isValid()); } + @Test + public void bdocTM_noOcspCertificateInSignatureNorInOcspToken_shouldBeInvalid() { + Configuration configuration = new Configuration(Configuration.Mode.TEST); + Container container = ContainerBuilder.aContainer(). + fromExistingFile("src/test/resources/testFiles/invalid-containers/NoOcspCertificateAnywhere.bdoc"). + withConfiguration(configuration) + .build(); + ContainerValidationResult test = container.validate(); + Assert.assertFalse(test.isValid()); + Assert.assertEquals(0, test.getContainerErrors().size()); + Assert.assertEquals(1, test.getErrors().size()); + TestAssert.assertContainsError("OCSP Responder does not meet TM requirements", test.getErrors()); + } + @Test public void asiceLT_noAdditionalCertificatesInSignature_shouldBeValid() { Configuration configuration = new Configuration(Configuration.Mode.TEST); @@ -603,6 +617,18 @@ public void asiceLT_noAdditionalCertificatesInSignature_shouldBeValid() { Assert.assertTrue(test.isValid()); } + @Test + public void asiceLT_noOcspCertificateInSignatureNorInOcspTokenButInTsl_shouldBeValid() { + Configuration configuration = new Configuration(Configuration.Mode.TEST); + addCertificateToTSL(Paths.get("src/test/resources/testFiles/certs/SK_TSA.pem.crt"), configuration.getTSL()); + Container container = ContainerBuilder.aContainer(). + fromExistingFile("src/test/resources/testFiles/valid-containers/NoOcspCertificateAnywhere_LT_liveTS.asice"). + withConfiguration(configuration) + .build(); + ContainerValidationResult test = container.validate(); + Assert.assertTrue(test.isValid()); + } + @Test public void signaturesWithCrlShouldBeInvalid() throws Exception { SignatureValidationResult result = this.openContainerByConfiguration( diff --git a/digidoc4j/src/test/resources/testFiles/invalid-containers/NoOcspCertificateAnywhere.bdoc b/digidoc4j/src/test/resources/testFiles/invalid-containers/NoOcspCertificateAnywhere.bdoc new file mode 100644 index 0000000000000000000000000000000000000000..5f0162fef2651d6a2bd6aa903509126d6cb53c00 GIT binary patch literal 986758 zcmV(*K;FMlO9KQH0000803={VM$)4Y^9=tC02+r402=@R07PkLX+&>hQ)O~?X=7zy zb8uy2UuAQ2E^uUKyt`wRZo#rGShiiY%eHOXwr$(CZDW^hdzWq7wtAm)&$)fydw2AE zJ$j7(^JT2aFEet*S|ex76&WP*!lE<`v`kPWLr3>V7iACmvqK|L%=q;9c7~Qv+}!wd z(k8ZM&gS?me^rY3bfOm4&L)n3TWbSn6JZl0J7W`kUS23CXGaqQ8z^_cZgnZAO;(tm z2esX{b7}KC63Omn7kD4+%sW}H)5rL=DlIZyt~;XMUOWgzDvm_e+^fY5aTF0>ApTw8 zy1X+QA5tYP9GcoEx4PYJX)=(ImS_>gm8@}1NjmIy@Y*vXTF7jP|gaaTOw?mDLMz4zXpmN;rgfFeZw+XsEkSQc$ z7c6&&FD2ltdIUR)xz0@{*(Xif3du;1^GYtSAWJS$@7Tgouo-GjV70n_0jHo84{oXz z0(1NGQLE@gG0Ucq1xKvY#G&YhvrfT9akzY`ZXc-UAee89@boG1is7=+m!a!zbf}wA ztJ+3Qh{AxBnGO3yW#M!2=2i&@g(_`Zdb9agh97OsePt%Jg1Y$DHKe)~WQ;ZiMQ6Wi~|TPC~_xXMHzN3ut_5;#yX$y8x10V$gku+ZnuZX}UR zl>HPtde1yZ7$DcTiw~aQ@cZ049(=QyeVAbJ_j$8}crnvHwwzuL%4q&$hSEj&;P4uC zQk@GB`$`@P*~;O9iE&^=j`2gg<73H#^kPe?Q-{l(5`P3@WDL?**=FePw5S&Eiz0fp zVv1G*be$`O^6Ug}nMUNQB=TLxGZ^e058DG`%9(zPwulKhrU4HTWk+(BU91~LC5rlSaM<6% zh)ked*N66+r-$!@`?7HGr}OqaXl(AUgk=EtGzPG?6_Y}C-Tv7Dr!U_OgY9Oa(Di0B=Xbw;wuh39D_iU3Ff;i z?3Gbh)Ju$HZ!RcjShVP-LlW%9?B{Z8BL&0uNyp=?Xw7Kt%S*5vR?ceWd0Qwa;A}aT znpNgweC(Tk-n^GL+dBxp;`+L4eB9fcJ3BsE+ToXuUq{uV^!Wo4dAP~2(0S8l#?`j$rfAC`}KVoDfrKBmrDQ%B;^z1Xlv_HvB1T z!9!+~$}@bRtxi4nHq%|W!oUi}aMnIRllA!T<*}ZY04%D#T@~y;3z2EOme-I(#aCH` zplQ!M2Lxz*oiD8V5M^sf;xx|F_VtDl6;i?nea2#!y>_qEaLbL4ly0IT1e=I!53A+A zu6^aP+uLXuu?LHFwQuuv);Eiuyu9}AOO4D4%1U?~)w1qUXVt5P3U@>D!`a2`XkuW< zaI20nn33av1*RG0&R1j0o%je+%psuV$vL}SY``X@KkltL&QR(|+B-HSB73O%dNR^r zdLsoJFjk~kZ?{{2fM&$!p`c7`jsFD%f2Dum2g|>3gn@;L`QJLm|AH;b9`+{qbn*sf z|NM0{v3160`VX8@G;y+XaWpbO8Kt`)Bq53v{{UH3|HOazE*EyRNDA~o=rd}?okE{-$s0O6QN;VIl7ypG!8QPRs7&DK+AX5<ihW-wub&`HHExe~SrUHZiZaPZ7j42AJcd zAHo+pnoFCOggm;{|7E+9RC5LR_7v3crSNhNeSfXM;gxyXHG@cGpg1Ju3b`lXa2Q_3 z_Z@59B~?@Fk_MY_7x3%XZ3P<`BdvX#6%(UVcGEVgAFn^^-ax-7L<1?ie8{cuLwFwJ zq7Q5QeV+>ITPBiPT0&^mqKOWVonGxhM-_m9N&0X+T#elKy)?V_}V}CN?@r8m2Co{#tm+g%XM~1jyVO(K)fW=bC zzfs^h6~cWfYonFTcAvlf%m4> z0c9XSczY#3gC*tLNCPa^ea^92GExt50yYRcGLYSpy+_VT5+{<38@a4upZd8|_QnK! zuCanZEJ#r&i(rodEk)PgZ?bYcAS%l+(6vnDJ-2I_66O^}hIsl<1G*~~czw`4X7F7m z{1J3!*Hud8|GW$EbKv5$@d~GrPaGx37b%C>Jg55weN@z?Tvh-ssE}@|x=h9n)Z+IV zrk?WRdecj$6xJ>Q8tv0S9>1JwY&u~L5IS}_ga94(oRqNrJwnRPot7R}&dLs}VE?TR z6SrK0rL>7?eE}l_N10`&5}Z@3GiWoy9)Kc=7wK z2WhtvH^t`$&Wq04qWj}mu!8zDJRTP8BWX*E6CZ?Y((lq2U)h}^cnLFuG1-^`vMj_1 zNB$Resb;^PXC|ekyx(er0BT6s3svn4Y5*Q`n@%q=Y>6Nt`bNNzSO9V=urR{)c*yrL zruHu#?GO^Fnq-MfU3Vd4as)Q%mSa<27WZ~n4TiLHODqaDnKXFW-6V~v?oX}}L}@UF zR_j9~WUC`>Ox&^K4^&z%8Cnawm;C%Gq#R1t49)BucgEhl!po(SR*q7sOS9($CZwQXX_#>*Qt{>~cAKf3I_UH4TJN zdmy@V);lomU6=R}Bn5JTTx?Wg1w0~t|T3}orl?&jW%8?X|_8BAEArNaaYzt}ta2T3bL)ZVBL9AMJ ztd=!cIA0PVU2Vq36pDbQO52*hKy{~Ys3svLOs7imb#L87{g)=h(2ggtjG7tMAmM76 zwO{lmAIC`z?o6t`jkI$*Jt6;tzH_+ou(mWmlnfy#HEwrW9)G`b09*OuEO8d?!+1I8 z(CsZQ?#EbMn|u<2nI*HUa(yHi!71vYZRfg zFnLs_@f-SG3Y2n;{Ve0J-=-`K*%a2QbL0b5GY+W0NkI3xteIvwcg8TknW|)nW!JMG z`uPq=NW;+3yYUz&OIeJ~NZ>~RM5J53jpu2#^}APTIXn2 z3cS51S>tlC543%AYN;>%5mZB4cDRE%`pP{EsSiKqD0+xNx3NFJWb`kR;Tf1(9dWTR zY`vFv0wSD0#FOB1t5V3F#lhg3BUu%(_>7|4_zfJdYREi{la~ob$ZceZ1W}U1I+~ib z_Z^=j(hHD1E0&L{vmi3vyQ(s0Fu?WLuVP2vNL$9n{pPS=QA+Te5Skb%zgy89N#6ok z!4|u?oHS=c3Ij&7+gdB=NWLb*I*R;`u#YO`p7a|IuJr$m)uyMi)smUc4wu#HiZui$ z6p-qjKw<-)2m0bTzr4?kQST=aq~wrr)h^&0r3!f^mzlvu!+<32*Tkpi@Wb9 zK0|+Ju(HOl76n8NlP-RTFlHU|e$ydCXa2lf!{N_a@LTk*AoSfoxmm`BkNJLA{7CqdJ9h9tFRZ2Xee`PO-JE?)1c73dt98E~XwnqJL?c zbKIbIdqc=g->cl#M9Y{r=~vEB8*R3vaaBJDf-3*+Gp*;%7 zhvS)2p*2VujkQkO(78638(!o-OVKlb(@9$&QgK8|A>!|er(XGfZhQh!P72rFoWT{v zoF)qZc40OI6e)u3K(tIBe5)@By9c3qUz_>MV+oJ|MtCq_On>i8nCua+K_17lxF`&K zfWCsPZy!--ZvG7KML0(>FRsdqDuJ;0c~Jy2=%xC4q=|taO~BL`l;Waibg~bjjoFep zcr(i^qY91Lmy#R6L|`A!pu(SNvyn0~bDL$PJ9(IUv;l9ozexUD@I`7d#cgO(#=6P1 zt=I)KE^)sqa7dkvzB4HK47MGV2TAgcVSS0edqkv7wXze)u2YC zAuwoa6aAU%#D$_a0D#|h74}CKw%0@sr$@vkJO5z;=u|8-i7w3alON+A>csy_(f-LT z{>jTYI5_@O$@1Tjkbe;|*}oKxPT(Kh!1gaOz^4;7akVfqQ4|yW-&2MVl^wecWfa~B zJH=u&K74htu*l(B6(z0qUs%;6U=m3sSCVKYXRDONhn#E?6~DkY&RTxUc?Gb6eFE~Y z0mF-P6TpHQdaXV8HAyIiQT~1bUzFlAi0jdN_^T|eXpBp9PktN`R zjGd*tK&^)80^{ylHKl7c&;!O8OWISh{nbHen$TFCXy7=rM;GVN%J2hEo8|I&sS~9B zkzLYm)CM21P4%qY6T!FA{D^%kRi{_mE@9vY`Wp8>?+xURr|?*j=;OS7BBrNTjj|24 z4eB*#Uj{AnVd=u)g^f`^_e64$K1Rg8;$nu>Sd8v}qx#ykYIK@VKBi=`Yp~ld>GL~7 zFVjKwICyKKQ8Qx_h$zmuw`}UrAKag>sk*BibZVZHjj0grUP{f%wx&X0y(Uvb0s4zE zgG)DVjKZcfWgr=E0{5{+AhYaUI)g)+K~gKW9H2D3qfOCo1KF z5BbwWmz;|-8mFxM{U^T8ln^D#}+mV)m*VWp3nok==ATE8+$kc*Ax2^+_?nF2| z+JFlruorf_8nf$)>-9w?=WhYCM5O(EW4x2|?R&GozYD)BY|Hh^(HD2PEQ2w*N{M|a zeWqW5@eIzP#)y_UjjdbVCjU*F~xQUV*8r^3CYR&C>)qN$cD+PY~PC};VdX;2 zt6N+5KvWTNPY_}3slfI}kBI9QjLo%{aM;fP*M+LNRynfI6~a?5)_UlztoJcfVHEgN zNB90ok@z84f)Z!l&Iit!)c%%p>zup)i^>d{Fc%&h)=v!^7MC93589l`1D^(fgZqE8 zCH?!;4Ff$h+kYzmos-bQr;`v85;Sl!F~(>3kF12wfBuQ>zuC9g|3B|rIjL^SN^59g zGu>?6vq*&aB#&60kofal;;0}B5fc9LK%v2;uEL#zwVqt_vA}G*7frcxP z_XzSM{R+Y&M_bWWkT=yV58IhvqZ&JFC#@@MW;Z@79RTv5fgl6U>VW>t1?ni*7ya5u z$P+^^Ko|&saO!}4d#0u!Vz0tLi=W**85!l`BaP43wEo7O8`Qn>q)y8}ehGwZLd0MI zP$EmL+`gpfM?lF+jl-CXKOlb|Qz#fi85q$DAPcJq4~A;3pUaM^I>*z~NDm9JG^R1T zm~*2$<+n3Q_KKoG3bfNncFl^s!A-iAB{BhyUdR^~UbCeE=utBCCQnEUtRomjP%y6} z?tuUxl7~3D9O0tgIL!a@hf=e{NRS8#!&1bRbc>_YG1K?EMx{4H2CC#inZ0m#>6ynS zm{@vr|603L5kL|Rn+)@Wt7`14D~;u2^S9o$9b8|fFP<^a50yL8%b8q(=v<8*>&q&- zZZv>rV$Cd^#-0=vfF>I-{-eDrxf^_ddr*L;?d%8KP;1@9p?w%K=%~v}YbU@wD_W{k zwvW6(yFb0594{FY*B`1}rRaPCL=vb>CL%|rWu;QWlanxTX*0%OF9<&eeH<239(Yis3T^ml6JQ7!M%< zd3F@wVWEh4ghc+gS<-S0%Anr`Lh?M1M9x?p5IRBc`QWqo%wS)DKEa6TKnn)2s{k$j zYjs@M5Ml!pyTb0M+2H7X8+(#%XuNQ(1L%9dZULx6^ahe3_{SiC=S0;Ze%%QR#;X$p zA`)2rjRJuxL^9*yihs4oh$lE40)vGW7^GvMjbI*xX+-ZCsv0aCO42W-8>OpCqaU-H zA}|HK1(p~t)t9Q1Rq?q(vLa^1&62h9YX7n~ zb`vCxa~g{|VrcN|%GD6(;p>sWC-TWBlar#zNn(o#uE}ypw)1=NdkB>%!j{`Es{c;! z$kCMR7WR?!p%Y7DN_$8<7_UyMOt4D1Nb@3*OI}HHOVgvxBhw@Bll(6IYy(p0=kHev zD5_H}5Z!AU;0cis$t+AU3^&X)j4%w^XBk!?=}HVpY(0H(zKmR7M_LRrfBZSz}hk=~Nj(!g@f@?(j% zGG?Z1#w~XyN00gE@H6bZt|P*;?cMTe@SNv72`dw;2MZHR1uKntgatFxHgi1lDD#AQ zw8>l(x*0_CNb{swmp&!qdQ#bxq%n%4pt|O&jAo9vc&n19+Niuy-KER)2XxWI?Y%u0heB5z+62 z$~np+%_6Q5cB2-D$UEKxEz-J(9En7Um~k1U)x~XP{f?QY85pZ$b5iC?md??_x=js@ zD$(V9jzR7*?;?+^H!5hJDD|iuv@J9}>MLp`nhRC&y^=IRQX9oOC~AFfQDx-GO$+0L0~xM#u-(hml3o-p^YZn&3KXIJvhV4o$# zi_^Wf>AUCya568l`UQ!yog9s6ifP#CB4`-&Tl7U5497W#y*6ye1X^R-XgzoPf<={$ zlmpF+_eq(Rm=o6_o1v{$p0%&G4=Q*m_yn=2(d4qE6Ra6%-SD(pwFI@=*2EXX8_SzA zUQXT!-WXow9@m~qAG%kAFQ6~i_pOJO+mrW|4>=HakSfSisA3RN5LIwqXhujRP#2KF ze!%|DKs>s6J!0)eG$6rGA=eOYNER3!)ORNgT59Gh(o2sv6?b2EHxL>_5n-XBPVu<0 z`7yDm7&Iv~H_>siVUZ;<84)j$G!dyZb!v^qL(yo>X#7$hG`wG^Uc|1B6)*E!Qeg*| z`%nkhv`pHmjhE|=%|{gzGd1yg{TdFGxWDjlb`X9dkOwM`q-!4a+TD&oR+2iyJ`ztx zs7_+;bY4w96F|~}8-nMA(}r{+j3jC#P$dq4jGtwPo5^ zZMl&~s5|#$II$nOFGsSOc(J45qxQBn`5b)JUGiM=;kN4v;kLPT*72a8VW^?IHe0i+ zQ++gfUwGfzsdm|;YM|wy4{s4?9M{BH-q0;sYbmx=c3ylQfEAZ{+E&WnqJ-Q_p-B5zeKU^8s6xmPtfb5VHS(QD?X=O=t6ewQ#K79v(MIuPfw z#I?A>R?e2pIuMgMQh(quYWKDKB;PQY=uKl+MylMBPW<`L=h`;6=> z@401GGg7l)d2>0UrI^*iOWJGa%zq&VXBvlwFYCwqG5R?pv+<9a)J(!OYIYV!o}2Hz z;7G__R0Mh$rmSIjbQ zXKt$ArLVOpmE52(+{yUqvQ_H&2NQS497FW@M!_iNf7uOHn_o-?2A zuQ~7vcwN3pPxdeKFQdzYLNX{h%G}?4)n7}mE2b6QkC*u?`ZJB;W^tiyLUcbVZ?$rR zpfeRSRH99y=VH}jGtqC+Tb}ig!?zRBX$uD-y%gUqFDY}CdA@ER-DZa4L$_9Q7a4q# z+vPnR@5|3NC&s6T3vL!SrDc)Zl|6jV0bd0lMvtQjXP0uXaw&N+d~V*5pZD&hHm1ir zFToEV|4mTK{%@Ym%E0(1yZPue14z%s#e7 z%%iGA((GfLjT*>EkLS}0P-0ka}>|=CGhDSMUh3)lp z4|nBh@2)iWVz72jY|89Z=Mj!y?s?`Py&Dvvq+ zT4x3MF46^WnxkK%Ap)R6ND)vq@Z)WDlv(pMU49w_pphD)rhinAODhz}2r{u&598Pok>rbE1CdV9{&!4cGSsai>;Mx$eaVbqiN|n}c}H zg!by0+tKSp0nJxk7|Uq%{p&M&Lhb=|wHe*<{PCh~PtTz^0bLem0&0eN&M zaC5+HduK6^(<72^Q;gvB{f{5PW(9n&dV)WfZW~FkfLkDUrX^N3vP24|HXn2l*P@Gn z)#KG_b|02tY^h8L%x&D)j!cSDz(E)D7NlUND6+5{7mm_{vOw#5NQlU-p1UBz7Q*5i z83V19Q+9nit4&pETAErU33OF}?M)bEllz2}gZ=tu;1fWs9E#*8c5|2J3 zdvthr_Uk`mmn|7p@@{VW4js_k zyw1}GtKmO$dNXeHN$z6Yf=9^fws3f_G3HWOExp_^jr`6-+BM&>IEqCe=OKQM@-FSM zYPLt*lhNR0z(Ng#Wj#4ZlA01BNyUdOFM0t$mYqE?ktgMm{EC9^4C#hv`zosl8FbHJ z-h$G)a3rPa$cy`&pbw!jPc$CBWKz^#aVC#FbW7=ROvt(^CFRUL zbC((6E)n*6x!v9+wzi})F-xzFqD`?0Y|Lq{bDKV?HP$U1Xq*}!*^(Csr#u80`?1vU zt6#IOlaA;J6^jHFl9(kxRDgUyt5nkF0W)LQsPsYaeQloBm2ti$pkgJkDP&C@`mJw{ zi|X0)6{QbA8H5R0#m^hXmBPe>LMXyT0};usQzGL|`g5WV0(mx7ElpkucbKzI`shC> zD5{X3)bC?65WNPJBE+CN>cr$QT!uu(Fx$ zF2QY<WR9B`XIPkoSqE`ALjYWmbCUxvaMnJ&)sp$HXNCb9N=M z_r#|aXUqdoRfXIFw-@)V*HPvn6L>1YWOk{8D4y*4m+(is;?aP z1U!v2qk{Rpr(0gSQsY&z|CAr%)&~OC5OU0rdWY>&876r|s)f}H{J}@RIRnEe8@1I1 zF55N5BYZ6eV8#7amEIObQQS|EF^TAq*38IN=pD8?`FIR{GolJPn#!{YKH@<<-oImZ zlNloAV`Q8^B`2`n7iWg|lc3`TX1tR7F$n}d=J(q=mjW@eS@$u#JeplWVAmMc$WKw4 zea|}F@7XL@bvZ3H_u^s=?zYcBVQ!($RF*D{0|_c1Qj@E7Sr)$p)4E<37{hR z!`x{t2IsI|46#4v-{(R=LJSxc{PUbpLnkh}O96RUCH-e51CoK`p@xI8NrsEYsG#g^ za*y?UK2F}K1TjlHAd^TVf(M2^#D)oq>@a#i>z8gS*<>MN#?QX_{_jB8-ycf&W)`J} z)*0EF#2ML0iK*G;7wlK6^Yv6_s-D{W2Fn!t;!oH_Wo>7eCX`?elz9=f0cR1k1fYdK z$4G%2+UK-^@MWg#GWez~VO|h$A5>96n@duN*|`rXkg@E(7R(HgNg#G0p;rASp;igT zp;F?Kp>m^23yS8_R-tL^5~i>~ECWYw6ogrKsCMK)G#tdE8p>2$ani=r)-f|&VJODBe(N2q3Zn9L^TV*-mWr5q1r?1wC z8SP7}aDb#Jzq1R6o+0cu(>fGtEaWX>O^TsQ*Ox_Tyuur5;WI)ko}) zx5BmSDh0gWbQHc@J7=iP4c(^1kUvNt^b@Q_t}iyPM}0Pm?sKsEKcHBC7SBv z-7(SA^8(T;q&|;ouH)$#oc9s1Z>@Muf{!3tD4QT*LNhAXQ$RIjs;RXM0!$PtBPH&4 zoTl-38k>_c&;>y;KJxWMUA|?}uU+`rd7efdHwa2)tRn|qS^0uc0q@k}*|psas?e3!*P%TV|(aC;RPPDq(V3}aX8&= zPhCbkcF-B)hpvji;VEe-&Fm|$eHK3+lRkH=z+XHc&l$~fb!NI!Can2acbbM~21Pib zxJ&y=;EWLPg7vQ8#GnT*iJmYZgUNrig{3#nf8YqW_%4|^l3*dMGb!F+;*BKTCk~t& zyttprjTeAimdWLaJT3%J=TpfdlEW#gGCGvX{pEP@=0lXvk|<{j_FWLA7bs%k$i2XT z{3e?BHI71jz&%QNZdY=B3F2~-DXdn=_K9{382a7%_PTy;XKfj*R^d-0DG-{6Fwt!; zHvV>CmHN7z`CMmvs=_P4RGN9;G`-IOKX@!>bSgO#my;3DfwUA!YC@=s73d@*Q^PZD zdtV!f%J;`)A%PQIxfhrHLNgFFzIkvPVs{OEd0YBbsA>v5$4MTR6Un+hN^Q0^C3BB6 zU$0xRz7+vSQw#|a*DI_8K^STx^SbQCHO*c(b_~di6A{A{5-kHxc3GA;&(txPCwJ__dyk6NEaL5O}8ait;&Q1&mHlA^NUyZBkGN-_CmElDr zJyT4XL~@agh5Kuv&z6c|IqJc^(hxSgpkd^%1LzE-qr|BMy}lVb6N5`(ekFvhY2125 z37;8oG$FeZM&_tcC*juc@THy5nrJS}C2p_Q0F#eTac{UkT^)vW8XOHzq3jAsvvieP zEQ#klkuAK>%_#*#ox{M$5NU+cj)Jk2c>P}JnrQD6_0w5H3d0_>oi9 z@$Qc((}!Uq!qX_ZAN>*3%;FQyOtPc@dLyI&C&&0Ubky(5EvT^xTbB_R_@p@O0|1;s z_Tu5tmsQ;}rA-0`k|{ZA$xLDNwTd6!bo^1)%Jc!ZNj0?!y_C|- z-aE=#l+RwVzgej^7ePM0nra#XW7f;S2X1!*JxM*assTkMLpCE#qey1^K+Y?=KtaP) zwza|CH)&{@iE0kxlK~WyQ1x0D7E(>m15HjzdX(LPY%hwUAH(1ZSs(9oUe{QO6D9(y z`iG-Fb6O%p+%a5{R8p!w8tNH9eZiXF`}RWv;v-gRw#H#|a_&;k1-=|#;xqvrch-N<)OuSAIusm5^lePQ8+VWh_A!Al+m(2CYk({O zV}&sr1Xws1s)t<-YWQ)B{UAMMjh%l@M9Oexqx962_JVU7A&*dYYt2Yi-5c#Tx|U#{ z;{7NZgC-FcGx;P#&rNkW|>JJ7dNwDfXH_z(y8y1pcIJow% zm3x1GhHa{bFmz7>vLSUkrITnz43Mcte_r$G)}e?fe8%?PC&N!M6rqucR9V@=rS}n; zFVD}w-`14&fzJL~iuKXTwddNR)Zf@VSI3yxw+o?ZzswxbB7w7hU-xn`Qs_)JV`yXb zBT2$ZF6c3)d9KbKsgxq^C{jODR$*TT1bQ$(r^j2QZK@-7?{fG_`LKprCc^I z;<-*SOWGGsNq!I7C(vsceUsljB+zOj9}6h7&@d8mlCb(E#><>JP!xytn!rJ--9;o7Cv{;c z?C-0V=@|3opiKoqZqimIXHG{ilGHjg&qdN$h@F-D{OlueJ9I%pv%s#>yPWZad>u8; zrD($S5^H2g@{X6S_Q_ec2oT)mCm5e3@m*8LQj+mrb=+a;lpmM3iPObVRD+A zIQD2awGQ~^3#@gqHi_jA_AxS0>dJO-z_E-|)Ytw|ne3#8>wq0&n@{m<1DeaCGAXpa(M+jXei=#)7MR zyKC;$<<|9KWFKiyZ{JqZKWTk(1|hS|QdEwn+`8`5z;Gha6gZ+r0Zs@L@b=|3HlUY>~QMj$X%QCt)gA;tUUA5mi0!{!~}zQ7Zvosyu74 z**6$YL_*VyKAwZ+I`b+Pylf>`Xow7z%Qak$caVbz&`zMwqgj6|#&wCAoqcGagSA(ya^Ifxd*wG!Ft@Dx$T z61Ks^=M0R73u^o1bCkuh2$0N&J;Tl9Q;`>I$^9gtRHb1Ba3y{L)Vz(NDjU5ALSN7Q z;XfA`U1MUto{dz_eWp|v!j&RfXi+}kImFRn`h`asU6ZwI{hw(4OIn!qVMm~vqfNn4rX7mU3~NX3Su+b7FWw ziSdFkkvy`>%+^Xg#=Uo3<4)OKITLt>L^D~73W2A#C2VYSIM{aKOsTg;JV96811m(+ zq%F12M0>9^^%ZZ$D(S}Z&P)yLtQxrnLxyRjT3gbpU9qnOnb4VtW52I@tC*U_p&BIR zH5)P+B{|Eqi&&`4WvryMf-bFFC1*1k>@6M6#wiIv8+@lX_n}EKKLUp|d+v@pW(n7s zV5dc0FH_@IMLN=9!@^NRIJ9A1kt#6T_M^pMxvLk?D@6Ueuz)l83}+?%yuN{vK{ z`zCQPvrb1l4Smj+PS=|^qw7cGdRivrqi`+`Jv)1>P}w&)|Dw$_A6k;>-nC@HF%0KU zY~~ud;onPBM+fm7LRu%qt?)4k7DYN-HBv!}W|KHi4dTt`jFvt8z^)c;K)sRif6%wS zacj>f?rR}VrXh~r21%yh?WHm!w@T2Q3mrKR71QwUVbj4o8KWK?Igq^zEKWLqn@09b z^#X>2R&*eal3@WPe$p~D3k0Y9{ru)bZCAUsKFqg-u}$)%e0rl@l#<0#YdQjpvGF}s zStole!wVzTJ#b!jZ|9TrU#RdG=~0=NCalqoM)LCgH3dy+vvKhN%;+mhp1{7gIa%$} zXQ)x(2>~9yOh85!sm0e5(MyD|`?Mwwb($lYc&3|`vOkJv?#em2(S_PKiUr<{@9hH5nK4P#;lIMGBa|L-l}K8<={tv^0r9TZzeOT0I}M z=032;Yo=;f;Kl*5vtr4R0c%q$^O$3*BM(->Dnb;H4bIx0IzL|czC3I5(S2j=1b8$S z1?yRB%%uqZkzAZvPGQ9)%1?A39;}csTT(6*p*^B6)mbaQy`v%8GqO*sj_6Dj3X1&prclYIx`>iCrKfr8-AAd+>$Mg z!(u14R^tx3)ju=XHP4k&_!Kb#$+)HoIY?_YAXcT>^Lv?mldrlBpVG=BDaC!&SDZik z{<1cb&bZSQJrdKnKaE)weTBUIuvAGZT<}3MI4EnB0@bIPq7BYAFU!A!s!Mn%tKJEB zi8WZjl@iX8>vaEId3oey zL@sDMfeNn2QoPd18;bmNwOq%pI<$;FHm`e*$)Q_apgLO43&NY&&;)|oi4e<@Hlk&Y*+X0&@y@x#a31lRB=*vJVJg>+agS)_59gF0pfH&V7A8;Kb9u zLrkSR={>V0-LzD+s2oIiYR53IIvc&8aaC#sLorh&;1<~%{pO9b>CK(I?3 z;COOh8$(GIjHXc2er~&i&&QM#q;VGQVGBxVVic-gv-G-x3n$j>L~=CmiTvHLhZ5!0 zWet`aC$=gSZS=tF7gYr{8S3&S%gmCy4xA^dgyB)56O_6jc_xDr4mKq8p;X>K^l_p- zWLQ1452RryEUI+)Xq^od5{D1k3-=;9d2Ej(Q>o4$b&E4T6B}TX(fo4*|GuW+B;|EO zjgI|ojS#VybZ$42A_9jqHStNrn?(=@wxxZ6q@S$G9S;N({rV<^q=Pcw_Qv1r8YSB7 z#KBpj4^$@P5eM~B*i>)n5Nr%^;>ywVC&|QHGhV~T;wUT8f=vk8*Gp_ke@qECQQ}Nj zzO4fC=GSK*l%kl!U7GgQn?JETj@w$t@|`^m?#xqn4~0GxT~yj^t?7 z7ih{Q!2u07RmfKK**yXzCcLKEw;y{=mOs|D!B(d{ldq=5X2)Dr1&WX^6tsqdQj5i6 zL!J3Dw`ByXD`@sjYsw20v>rcALDtREMz)jVJHmq0e^UusSnTi=d2iz^61SHz+(#-T zqpTODlGNp==BWwd-RMosHA!DT*0i4ItDLb@_3}K`-8Bkr8Cysl>hfPx!yW&Gw2bfS zd;Gmcw1ld$ZZu_1)?GBQr1D~V^Rv^~<|Zj8C0#4pz8SYXcM#E z3@l%knO;hm%yc;c!ie>-&ymNuX$5H>GwJ3v{zN)Dc*d+Nd!sEGoe+s0hPgM(Z*G$C zjXR%1X1IkwRs4EN$xDP0vcTl_1Tg*|k4()IXxzO|!hGuYql0*Mkve?>jYP7=yR^lY zsIIF|<&*{eUBE%VG8?UF;rRt5>8yoyw z_#F5gyA(u?1jqvMAoi#_A_WW#5iGDJM{)Q4{iFV)%ogVAXL+%3*T(nk!j}CK=Cp

    e}w5 z;OFhOvMA&8;?iAdciwq(zOxH4mf z?Wtt@>#EfDB4?ZLn*k+vYf-1!%TZ`yi|6I(dP&Bo%8idqrbNaY$`!y9$MPF@{Zz}& z_B?4(t!WXi2ad(_$H)AK`Ew){NGXq!^!?+$^jpg3#cM^7}~SBz!cAXCD^N)0s^aBVWn-uObuPc}#8Shn7FuczzJ3!7cuw|wursxH@U z>aCvs0XCHJ>+1r#%-5?}-4btc^Akg#$AeE5WS>3z75HsTylHX1W^y2Y*sY@$d|4?k z+X+?sM(Y6io?kJ%MWw9#^X3X&d{Y3K>Suq{S5K{Z+%xKj@!?df@Uc zy;wZ{$PX|ZfQ<+gyG1aEaK|NsMlY!R8E-cQ%W2g#Z6ZIa%AVN5BPTQ z72tG?;u`3~mMB@@RvA#&G9RiUR&nvGJ$IxEnm%DmJRSiLf;u^E&pCc`07F2$zoOqg z-4(AQMj>8rOP-I|P)ZwRb_K2G5BsG(Dn60|S%s(Te{?ad&bK!5k;)m4Sc_mXq2JBR z4|bJFR2bWy+Zfw)bkM6ry-r`yi%A7#$66p6`+jeyxZ3 zQ`w98@m|XfS{TO#=LhiowqA9it-wpe*UR+rI>i!WHt2e*Kw=|Daz0IypvQ*$IG&9j zxXzZ=={-Jh|?ZAPU1zo>hsSY3dp z-E%M7wr$(CZQHhO+qP|6dztU@+RL`)|4n92PR`6E-(1Ya-1J4IJL#k=ou{jQU6sA} zMZd?}SJis@%+Yiqb%kD`P%s9qTEzCF()+mQ|2JFusf_(WqQNUb%d}_zcOUwb_q3(s zN>A2rwthk{ayAi!Y0rV$ZRM5bmrlVNaG(;#zc%~ph5=TY5$F{JV5epJkfDJGkRN{> zF*AdRQw$?jd2766q^XebM^=@=&Wl1Aq%RHCO$4DdHvnxDr_|MgkKyQout%R*&_guj zb(Dy{mDE718$}K&UiVHtQesl>5w87=j{VJv3>e-X3Svs~aS8Dkq3U%e?N7+_jsx^M zZ$cb5U$vdh^gA>mOUJ(+4ZI9nQzkzj{7ssX8Af2fG8Nm)Q!wGMp?Sdl=T@~}H>u4Q zZ!W?CCP}=bLj+dR+jyb&z6V`p@$LP(%S(xJ&!(6qI45E~`X@$CfP8);8?N3xgOBD~ z3}uI?)Pm4FkmcFvduP76H0%u z{ENB6W>}|{w7~WgIjWtpP?yL)d4^pX_uyrkHz?~>C~FKYMxb@va!f4oKKo}uYSsK* zH;i@q%%OO+i?Ki2eKAfym9xR~w4FU$Dd1BjWj-RB2C1#y#%9bHf$Exd`kA%_SKVoC8)UGe&yy0Y%U+xm4x^UAnM2|Cdz;`!!0(+c+;Qrq18(LvX4diV$Q3f_^5kO< zJsrO&G=%|*{H#^dwpVAYi-fOE&t@SwyE}^oxRw-M0(re79lg?pxmYXm@EK^1YZJY; z4iVfC7H#wzc4b}h7&~E45K9gwd#BUptAn)#^=2gW&33_V_?sLnuRhXtH`BXCtNLh_ z8_`*P2@XY6LMT3evrXtjU&C2%U0)t8jlslPd}u^4@6AyHF2ls3*dUFbmH5#)gV!1S zh7GQpSn*ch1JJ;WxCUf@^OzH4J&hVMRPXXxlDLniNW(qQL_0Kl=yMwZ$LCM{ z@>`q0qmwt>-K<*ylB^a8-lx8MP6y+f4UQ6Xghok$Gw^3y^nl6b8w%LsU|@;~Gu87A zE?^HQgvcQ*P0~detR<()WUFwwaK4#;Ahz`#Ob>^6x<&<&PF#v(x+U1(_O5Wv+*^br z41e^=?wV-PPv6d((UGN;sPpr&aJEZJ#JUFjCi|PndLL|oXnCv|^E?B~*418l@b+w{ zRtOt|MB&E}`T5^WrL%5F*MlS6OCJQ(*Z69#3`2GoVNUZSfvF49M3jz7@?3vSLX2Z( zC;}?kKSiLT9Jp#zHFmY-S<8cby3j*Q^|MCO!b;3C2_bix`C^$mj}v8q@O>MW#d<7V zqRx^7#~lV2PJa|2bs`_4EBH4XtJfJ4TLoLpmdMCf-IfWmT_@p65?u6yF|sZ3qWr1a zfAWyeTduZ@oj@Qa8(h0W?#kTRhust6B#WnT|iQ#X88UR2R8jm3}} zJv=S@^cMa{!YA^touY$;s6kD zEu>FT=F<&(>1`|}wgo?uLO9_8U@Pj!XM!3l_J@5oXb=wCiXtplXY^CrGM~38CFsWmVr85ku zQw$QBWWr3%Jwmk)aN^rIM1>n9M^UwcWTt;?(5ga~GNagz-U*_wL=NFElgtBRLO0;O zZKuw&5czTIYk$(k`qMM`E$w?R9<9(_l0!0vi8?$vb?0l3Pj4oj`WnY%wivh+NoV>i z$?7g#Yini2Z7A187^J#PJGCD*Q(-lv@aLe0-1!27RM83{pYq6CH9l1C(Zv655wunrvD0@J{8SEKQimp{B$FBVaTM z(8D%b#QP1)kqo}aU|A!)BjPFaDW(0r>YXO{4TwprPB+N^o^;h8t1f3t+bVE2DQO>1 zij8QYu5aOrLY_>wx!M-|Rb6q_Us%Fjs&!%ML!v2~nhf$r9HrQb27-8M&!tUXqmqxA z=<2lE?NlIsPMm&wYw`>NCSqKi-J!Rn|tK}mO!LF74T6i%?W z4Qlg`CGRwGZXTVzuyj|+qchi-Nz!ccqm4-v<-<1;6Lta-;BP405W_mC@!az|YkCXJsawVfB zX8l(@#(H_4IZ)3spi-*muH-&YVEUXKiNo4zG0yQkOJ8E9Q?&f~V{*TLCW#X(^5w2j z*TOeZbdPGKFcE=E5Rriu)Dyp}wmCqMk{1`McPgY`rd!1g{-X_mD{Y|ifzZf2;Wku5 zEl7*pkmQ5v=6mrFe{sRXq8XWSzfj|(53XI_uG&dtTwY&&YCdmcXOUs$7bp>niJ;>& z1eVSr+B3@CNl_$>l|jqWo2j~wusS*aQEhmnBDAYVE+Vo|2SR1FZ{*##fZF?!mWv-~ zP2D|}zT)+mkje(xn8Pllg?1=@QzFGpi7s6Bk|vWWhva5x;kb(&z}m|Z2-#AzHSVklsn~=qhd7rJ;Ce_3i}oaIdx=$g$ydb6Vu;jR75iqU`aZ_VkQ9z6Lgv|g|y*B=#JHXbyaM)7j zL0u8nZ*t2i4kbF23lsYtJn_il5O2Q!P9)m(Hsm!^0BQCEChxp_LKqU=JIB5+zGw*Y z5fTB;x~tP|y)OwQe0s#-;+pT{ADemg_Q8qxvlNK_BbdVv71(^`IEyDEfrh5dr=#KE)L-wb_>?{*%mXo&?9`fFF&VD3jf2K|x5G$q5de zvTy83VO20F36gk3o(uszVOTtL_X1A>PRX`k$!I!33{IHx$LznR3}FJWJh*VdwI$bz zQa@WjDcQP9%_dQR%S>_v6KE@?a!PAGLtldQN${-*S)&Fec#TE*_nE?=^i#Zm>~k?j z@;q$ySv8Mz8k#W0kt^|;W+T+2fBWnhwoxmH#Yw7?Y*$ze5{~o1=quX%->y?aS!8Y8mqF=e#iW_%NEh z1`k?~u8%{VM0#Ivj?`~&<{=H&DESjmFgemFa_v&uhY7F#$8$ul9r`DI)$Bg$}5ClJSU3iFBF=uwy zhm7KeQ?7t8W46c#X+ywYaxD~f;y{yVXl?OZF%3Z2OVS!L3BiR_9bsF{hNiHznHLZA z^(g-_$OeLZcHn3U?xTJVHIo>9 zWGu8;I=cwZjA2gjS-fd>{=DT*9Z!co(l|A5FUqQ$(}w$h)$p$|4)ehz*wyX^=;*41JsxHlN$tS>EAB=$oLR^5mBx^lx4@AS+beadnKhYBgJ@0CX+qM| zg_m7mYN7nojykp;QJX_ZZwM9NO0g$xNgT?3!b~jGue%6qYqwI|9NMiTwt~tZnq>cl z(g)AdewdjT!Xw2t{kf$KvZ|@egfS|p8G9S_Fe3XW<^odM7>10`$jIv|mrs9ljaEbu z$jO6y*R0*cc=D9n0b9UXjy`m`Zq770fOObmb4maIs(LZ@g7G} zy&a~;ClZtxmM&FL@_gv_^#GDXj*APi_yIP(d{W#Jy8R#;qc4`h!s+!4<%|RuP-hbd z2DW!kB+oC5Dvj+OwLkOj2Yq(|b zC~yGg3-U9u!sR&Uf~%b6GhCzlQXw(;ZCBv{BMM4M?Y+zdRAe=d61x#`_1aSR8tWC8 z+;ZW8YzZ{3iYNKa>_%u7abVzXtSMbL2o-%)Kv500SiR>q@!%ht!igL++R0^K4&v5JzqpQI1svoCLRxgBrNP!Hp33%MI5_-5(@{s!6qAM8c3U|}W&}8>3BBm`9(ZL9(7aiLFYO!L zN(ih}HbVrhezQ!vT1aA%u8N-ub80LlZ^WsHktVU611V8A87Xc07cs)#u-$9BR+E2EiN>J z_rpvXtT1K?Y0zQdtc_gDrKdAOsz>jTBb>)_obed7@bwuC2*CVJFfC2OiEL!92*IA8 z2Yr11j5jly>VY{Cs`?@`6H?CBQiAP?6QD@5W_v@qUP|wFqNdH#txlLlB~tPfTsE*E z&o|wp|3|h!Ms*WN6RQW=4be!8f?s8HpmfmPwAAXVX=d8YH3V^VYT!ZGI5nK}5Q`q5 zt!*(P=kq5RGC9o3x-1-nC|YK=F-~M3}k^r(ciIJkBrV@q*<1eOAZ~3xM z75bTln@YNAp66QCxCC{oA$!$CETfQO4>u-cNF$_PL!?iazDp*L70UmfP13KFm4lw-k#A8YWR%s9 zF2fpP4rKZo8jD0o@y-mOdjvM=fVh>3gAiq1*R0I^U(u!=QGunbeayL7dgR)SL3WZr zMR}K6D7BH{yxOMD8^2Id_an{!MrL{bol@C*R{16)a+}fTDeYCAusx}qu zaAoA~L8(1#wE6l3+f~=7Xu{;4N;=6k#VRH*B_6HYcCFB19jzNYyavnFpMleq1%8<0 zN$m~nKAx;AH!@uHubz{JDT(&!m2rTI^qjJQhm0@fD(LG>ODV-^AuPTg{3mh}5QIdoA)AFiS_1$4{oAZYZ7Smxf5& zoMcz*vKc>lVQ&pOX@~gg_L*RnCp7j5aw{_uc~R z+3D`pWV+6mclM(g358~fm%+W4-{mPDGwfz};;jJZ2cu!zg;6>S>~jKoOm%)TtvRN7 zo_YUFsA>s5Oiye&*!5owg=vW0fM>AWFB;pu0yo{|C6Q$m~ zrGZpMMn{P8#%!mTa(P&c6U(fh?!6j0=nv@1F-8q&km)H@yBMeXY`&FoMt|ums0L7A z?0pR(g`p{Y;56=E<0D+ztG#MIWB9`ZyHd4tY8Z?67G`I^Dea6H!*UvZXjtJ3Q9DQ& z>6K_=6{7l}c2sFW#VA&h`~Yhh^d8nkrSs~n3{$q*FsY=NJ}@s+AbZS0vg0f_Xt@(C zr_jI*G&HyCt-W@cAMHH^yv(qI8Dpc2v<3rXh;s7&f9#tP2*U+shM5goa}EW)RjUH9 zmus8~8{SwQR$-}_+Ib*YC%!l60l68vc(HeB6H5EIube+%V_DcO1PWPTS(K-tNePgQ zD9i`ic2MmK1u-NTjJ56zw+8$fUpu3_*}2M2kD2fA#snSJcX8VRS?Xx8KK#U_LxP={ z>W3KaPd-LGs6P_Awxg^F)}Y-sF5+{2BEct~I(8vy4;`H%W!2VxrR1VSmVIlL?H-nq z7@!i}fmWT7u%?uDMAQKjY<$<;7*GR$cLZV-S*&{qzlqbua}f!aq1LH|y2K=Y9jwxM z+9BSUgM6>#5tT*yynOZ_6+qZ-qWK!5`*b;r8~9Ma20H0~3r<#TCT`}OI1SoCM6hV- z!g!J?x%R@kr6^2tJbd$doR1wMAN+c8H>SCPiB=b$d4rA&iIS|#QOQdOX@|$L@8Dge zq%Jc9@@+bEu_z>~9sc#TOW7Q5V}gi+xu0lkTX$%OVE$1{2qt0K8Mz!>+uL{B`Tqn%rH6~rbiVd*b)!amrie_Vo_S9M58Sv{MIjx>F5n zg!CApi5Bj3u;9mvX?^V#g4C&p4)@+K>w?S$!-|z50QNh@c3n}7)fg={?+l0#;Bvfr zzqlRw@FbCjWDufc`MA<%KGS#2;I#LSnhDzCwPd>c>F0X-@c#OnM-NJUDU6ESE%g?? z9?i1U#dhE2<>si1TI|Q=J`%5*}evp-wrS z)H3}!>Ir_|+n8<%P79~|C%;3ka%^02O}oD-Bz@V3HQX8`AX-`(|Na9hn(j}gGyX+G z-jK}TAPZq)llMj*rN8)Yv1gh+^Okv{t??AZ-2_~DDK38#BRhiFCXaM>qssB8VgEqt zRY;ge@(WaKBh9(xKYonuq?g@qQ^1U&r%yyu>(Z@msgK1`2NS6I{~kdY6u`e<>}x|x zP=xp7g0&GCp4^N2bV4$3C#V2iVQwcdx(+PeH-1Y_kWkU!cb`!#;EBth+3E}9|29e(HWyzB{@%+jE-gCU)&xE-&pj9NIs-0nWSj+aJ44 zKQ7;j0pD|<<^CW2dlv(@1%DlStbAx@62j$=j5e-bR+l-R1q7-fY%V$|94;CPc&#qV z{U1#HQ~+xV`fCGT#YYQ+n>6AIfd7NHp-{N=Up)9SN7M;s z{Jz$qSlH$wPcf-5A2TM zbaKXTZ*34C+kSvKt2076{|x6AVWeK987$VUX2<=lUjnGJjK9y`wGf2MaoFMr4Uruk zn#wYVvhxW?>1J6HryKyvpPW+?q3b1#9heXatYUv%HtK zK`f{A$T8=;V(-%?F0e$S8CESCS&Xi0-XtG$LkZ`$zT^*>=IgW{8YObeOWt-E|FX}6 zx*C_GX>pgdymse^UZWorwISde_bh5mD0wjsY7|%P>#XZEZhGp_t;6Su7;1g7Vz@%L z+uK?5Fjt_`RDspg@rtM_?|-i(55nfKXBjW#GE4~PmYtVXCQGsLz##WfS%;|+@44oH zXeAevpKOO_9{gSU-BB+iYXrpQoCYSrw`9q_x^FBjRTeD7_wxr}{#jOWg&&Uh(2RMY=TQ&f75aNCNcVI<0At!_uQsb+!Uvsao zG-MDGWXttjXGdBRdp_18b5J6>Y7!1L?%HSDu~5ypv5TRnx~r}ipSf?Wz5!wW?cR+F zz|feNsnPC{kbi0R?eGa==0dXbI2Ap92qxtpAKhm@Ks6GXJ#WTtQc$JCj;R+ZcmMt; zLXpasi;(viTLdr}2>$?2xP;dmJW1X*uwUW(oT>Y8G^aMu5@{S!?N>bmKQ4W?3A>wx z*5s)2LHL2u4#V1N=i?7lo>9tw^azHeolN%(ri+(q8Hv#OgO+>I)6CySGJA=%95cAK zk0wSu2CL7;LhLl2A))Bj(0XFc&jP#u+OrK!fC9enlQT$&*X}Kbl)O5b&cMB4f;W}@;` zu@u~eaG1tVERS697OH^0zYJ@W%rc?6Dp`df@(C6v18YFZ z4~{T`%w!fR=Gw(GT`pQv{Vs5E&$XIQh)+x?A0Dcd$L~|)AYhL<^1!=X#sAET73k@@ zs*d4t>rmjamBAo2jK7Zy(Kacd2i6JENSuSs+@NqhXN^sS;TwKG)<~oBjA|Y>Na3oF zEK|y%@rHk$J81jB-n1Tlhyg31xGKzxOkG8mi0m^W1RvEV)LS`g9D_e?1VKIE(u1Sx z!KRKB2Q{hG;S--&)FesfVGm3p=NJj9n|)y(>$h-B{HW0vgJ{$&&fF19q5y=R3~Yu| zlP`oI7(#fjT{vxINlFxR@fL!_%$|Fh^=-?|@8$ z;!ZrJ9qwv_YP6sW#!PgHX;cQSPMP}l>930<_YW7xmUw3_|&XNa@A$E9aMJXDvset zp!z`)$uy4yYsx&n=X1tf4R%pn#)?FD0`6ACtv!u`c-kSvcuKIOP@V7BS|1aM(5brp z4dkafiqUErcih8|EY~QwldEsg60$)jtR14XG6s1LV_D1yTC{(`tBfAjrseBSTUCWy zTo!j?9rs($*6HWCRZp`vr+-+62c%gdshGhw+%|$w0#^q>FUyp3B;iS2DE9&2vCDM` zkS3l6H_r>H?!QLf=YblFMG^F$5Uyy3h@Ck+%aT8nnH z3Aud`oY7}__G!L@+r7JQh|;}4l8-CgxOfZaG;Cz{_en2;qfY>5pZLqH_Y)szyoV_` z0DJG7cyDBAl|F4!0o8#k^AZv=*SH5)$i1gPG!bL6_m-Vh8ua~*HJJ62EP9elfTC;@ zmp=(VrTbNp>*{r#{*Ym`v3LeoD#q{GOv_h%&5`LJFUl^t`W*H%-9TsG;@M8$RbOPz zB=mx_x5c*9d2G|bQ7Jd=(;hfaqhNs4;h^}XuW#OTWXc4L!_72%w*$7k6PL?WAX;Qf zh!{mk$Vm4k(m*b*{;lalPOZ(N{2EDl!X}Ii30XyO$CJe#GIfR&GgB6tEv$am>`}7K zG^_v9{b)^NWg&h2m;ZP_P%Am?jXU2L8bJ8ackh-WC%X2FHT@cb1H@e8;NDeyANhp& zurE}VcFkRy(8QAlB+(;@vHtMB!L|6D#NHNHtiIE$tP_>@bI6`Pa-fNvimIk%r@rwS zZ%g0#wD_p=7(%F%LO^}-A#E1oZ|2A$*rNt!8W!}NCq0WY@TD9i^o6hm_5CaPz?gU6 ztG&Mnv*ke_A(Hm<9?wj9l*Jld$T6I+sRW%ni~zfg@!Ao(TPgmkI8KLe)(x13HdV2w z?n8p&5Rv2+Ze`6^iOk?II`jwXeKc?)@F&EZ#2g_z>Q50rBes;FMCX*ztRq|B13tjyBgEcwecpuWc^Q``lbL_EFxyR*)Ad!8tTL_ z7P2CXpV=iLy^;-#p#Kb5j7nEnOA8e-X1^g!Ya7_XvkQbHdNf8dD%(f*LnRZ{R3FC} zYHK7hgzlT&IF%g^1i_7>jQI9fv0WmyuSZZ?AE=cacc*{tw&YST&NhL z)Q;H#sOOp;ykjBHaYpSsk}tL!jfP7-vwSsZe4;Z_+xpUK*4s!2+vAQq!ucIqc||iD zM7W0UUYcNItI52`$3|3Ui1EFuu^8+8phb>^A&eJIpPv~^GCJV0)th}ZEK1mpHQcg+ z`j32_9tza0vS3)Xq-BtI9kIO$rQ%EPIY(`6&Bm!I4dO_c#ViN!1Lc+;yJ}``l^UN7 z3-V(1p#^iZlE$yyk63o;Z$NOIL)sw_SBmN%J6L-Vn}lOci%oS?0_2kS)2?iXJORtM zuI(&QrWP%JqkDtB=(42Sg8mFS)ts6P6uD7&nvlZTM1$(z^SdSkQ}80XC@H1FnV9l7 zCvBPf5V@spLwA`VjhHN1k!w<00XrhIX4JVz*8nYQ!i>(>MVP0k@cL5hdAw|HIF6B$ zokO8EKns&0t~&YnP{e^XTP|n@oI8yd1fI>Ajlha*I9-S??Ef z%7g}k)wr5|cxK9FYi*~W>^=1xrbR8~CuUE4=1}iQl;zHSXa75ZEM@cB3n)ZU!dwcp zfvt<>_r-u3{R)eY(Sf*lfXri@aUViII#;GJz=|$8?99a3R-+fv`i{zWU_?z&gE(Y` z#1DEah<4I&qbiT)HcXJtn7|p#Ob7PfRA*MMeQZZibQtLac1nzm4nM$5S%IGl{#7QRku1f9^! z-X#ENt<^BYNUWZsk={~srv;4-wjUZIsuVZjbY>=A9apC`r)D%Iak?O0VKuL#FJGfO z!FIP6@ja3A1QcH_xV zkE4~=qNc*h*`i#)1)h8*bi7kPs-@Lt*Ei01zg;hhk}Q#$g>Ccx)gJwy7w-D7w((#k zgpIZB*aYM__9YFsQF(UINt1Ye25G8?&{X#n1*Zku8Yxr{t(}{J$_rz?l>Q9^(0}x8 zs~{EQ0r6+~GH)*nJ$)&4v|J#Eu3Y*);=lo!#+7T<72f-9?*NU%E_o|(iSQz~0P6Q~ zr?!*aWzyrfe0mXzuQb$5r!beiL!uDa|!^};GEgz3-%YcwVvH~COb{#e)A3S#SYcA}q@$Ytnr zM+uWPe%XiBXQh;kSCpWUHitUqI9px2w++^~o~E*~U^*>Vd-T*^QKB|~()faGOx1}s zwc#qs^F=1yK%RkYM6eSavK&Hgo$TbSswc7`pSmV|7*xdBMVC?_h^y%yF~j5to{xpZ z;Bhz!UAA8h>%xc5fdOi%2@r?qc(EfDqlku%>ac!c)6y}w6hPTsj^nT}PfRR5-QIWg zGs0qs%P4pj7MM`{l+%~hV6>V)8HJ`oVqXG8@o?I7%*_enIG<{|eM6g3OdEG#c{{|5 z&Y>b}_MZ|UX@S{zNx`DocMxBHNf`FHa>ikHuqCfFxhqXBSF|!GJyr+jm8B0zM~fR7 zA)CSN#T9AecspG$-?CJB7W!u>i~I)(OI&{rq!C~qfarZu2hPRxp%NnP7`7W3@s48d zQk(IPzJ_l##296mx}faY*O@X{RGh!D4hBKB98Drm;xx z-G7XHC9$`)5I8kF6@GQ7{PPgZI%A(SB%)8^Dgh9E|KbyQ8Tt!49{DC><#mdu-^?vp z2QZ9E-4AIMQYkHYS)7#Cav%p;h(L%u9p7K<#^SaQMm^$=))W;I2e#emJx*~-z5`2- zG_pNZM5OgPb#cPE`#Z!LhA0~}34{4K?3z;Dl#78TuBUva9Psu}P%luv_`q0$(apNnCUU+NPyJfF#vfQKQG zvb@Ob3{2l0v&k70wlK7ma+ULdL7EZ66LL!u{GgQj5s}ML0u8{ z36#PxO=(#?SNJ}OPwF-boV$IFOE8AD5ng_!szb7&U~3Wv!QXyFg9JYG3x{v5Qr!=K zTEYHUGgnJo#c6j*uBSD2q9n&PmhAORR_6OkoC12)u{=3S{jxvA?2Lm7x(2~fTfo~4 zO}WCV=gq9lGtk6D@2stqf|GmKGaSXd_d}5$Uov;ji~J{tq2R5cz@K=jtvF(;-q@+- zgeQ7|H>r_H&s*X8H&soCH%U?XGfR~4X|p2#sYHmy!15vUT+H17<+mI1ih4oWjptx8 z*k@dQWG{kpeBdVAN#^v&L91@l&GY!lN7^=W?EIfPRE}MYNQ^}D{3T}AT)M{cUPjrT{rHWOF9l6qMw|1Ro!%6LEPtRM$yC#JqtJ_8K$kV-|SN0D2cr+m%R&Ncdh<_B?4j#xAdlZYNSFy<#zh|vb z^2PMTDLMbf7(I5&DCL7Z6ZvzPj4ASWMq^QhGXnw>kFYE-2|XV{hmRQ_;8>FBS`*~eU;xN&7ENR^NxcI`}0|?Cn;fw zUa|LP^Zz*do-tcXHpeNY`ACdVPpi2!HD^P6P6#IMxLdq2`x=@Gn^=`!^^!_%0iA7L zmYpjy3$AHDi@b3p{}|$Y1y2-RxjKuO2=#*ncT_jx0zvykYZ|Bd`Apq%For_$DglR{ z3v9i8XmDoO!k@1IKenT!4{FZv z&e7T2C-ixqQNFcH5oH7+QX}w+3@s$v?mk;sw|`{^!+Z>;6q_7@ zMcR_ei@}KI>Cg8ty*Pcb2OiSEIqVd$5z@xl;lwOr$kV+k8aESm9*P7+Vy@$V&S-#` zy&MirnlmbBw^4fVF?I*@V@1==MGS@X)-5w_eg-o{M$$Q1?(CHt{(i~)R}`&`2#h>C z!Nd_81i@Uu9u6bEMGITBvP8cG>B}52iuNwLOt5`=4q*?;=uM(iC9pN8omteV;D<@u z>vaW2EUMCjE$Rw20Prv2cY)k2)?J8)r>+oevM1!&=PQrjMA z@1VTqniJ`fL17r`kwHSyCWWwF-p?MSP$URi?siXMp-w}xJiz6yXyP=P!7(`rut${O za+@jE{z~vI2>T&nUqWpM`Ts3Y7+17fPXTWyBdtpsn+k8jZfF!qlW} zOVK(==H-W^Qb|B1SKvik^nlvHsV_;BH?Dn*1BjK-eHqUWIVSELVKz&^!Ck}>XCa6A zGezR`kXn?=Qn8c8EJNPJEZ1a62ToW}qEG~5G;?Ab8tfixS${mZnQPeWOxx6#we*WV z{Ra+kG)WvP1rO0+j(3NRXt_?VgZiAHW%w2!TQ&;GCcDEZf2GtBD6Ng{G$ku#o$!XpkGrS_6*Z(e*W&c*>i zFmttPo>8)V26pC`h0pGo1S8ARfBzt5n_w=(hO@DV>?^>2bZe#1&R>eoE1CDvTTXM+ z*l?y=*t?4fmtCaw#o_9+f}^=aJ#U8HRh7!U^x~Ow4n-+zTa`~P7gSP?A98Nx3FG3& zEOSnw#y$S$%)S&swPPp34pDKcX`N9P5JU(mqF|{4RRY0>ilxGZ(S$AHg_T_)o7&Qs z|0N4S-o{bEFW=XowoOot{t+^E0TRaNYmUsGXA-_!LxH!-pc2L~KUkukAnI*LcT&bJ zXLlCH2X=ucqQZt(vB95WiGPBj?`5Wh#o845) zqNEM#Z8j?Dl;Fo}j5Pyn61^5zs&)a`92837czhGYpytMy%ZA|_<#@zab~D^Ep1iT; zK@)bD>oH|DnWV=vS?i*!qE<=ipcs)YDgeJ`ojcsUuLjvejaY@~T~xJmjRn-jY;S7P zpbOSIOp5;vOomd*bwKXwiSAYP}enpdrFahH>538U=Z$bez0Lg{)Uvo&r=$L9@R9S!?8 zFcjUH+A**4EVrSmA$w)Sf_eOn)z7{tI8$HhnIAoY!=`xCRP!h5m=x|fA-9D{hn#d- zoKrzPGSn*TIiMbCN@YWvybWi~4m%wEjZc>Pyt^S?xyoxMyzNaz&mTng%(vjfTOxLk zzZs#+J~iDM>lvU93;2!NA(Z&`SwTxeXERjq9Qbnk3{nDfdd zY^MSv)99lgqwZH%vhZL?nd~0<*U82yH2+KWk}X4qIBcOTrE#zgtz$zc#aQ*BB>8Y5 zD&&SMd?k`|HdmRNp4tx#B?1g1(*rR6b7Peb9a4QUrsy#QAS4OsusL$)?0Z%-O~H^i zfA^G5JtzV8N#=sOrBh-CAJROL8Z7rz48i2)hv@MZ3rq8}9#bH)ZC^cq?{p1dDu+Ko z5@Xu|BzML$k30CK3NL%*tqUg!$%`w%lE|gbX!$U>Nh5uHf_vn7D^y)6qqrrCR68XB zu@wg*F-$&A@T%io$dn1VdZ6r^`=0Wi?d+oSWtnuevlcr!9Ar^=!C{L8%TzOUS>=YH z^Rb}1$h#eFtLm4F>KXbhm{_!)p6dkM>9?!sDneo;UE`55`T>!ILb&}tPVY|#7>pTz zfX7FCAxu%e>ZIoh8W~lCB2=?XeT+7XCjo>TQDRa}*(l{vzZtaAzB3~ILVb-AlcbNq zGo8RY*gL_t`GGVWX)TR9nwH z@f;xLFvUzGGINey#51!Y&`hmpA+Y$gR&PEMwRc4AXwhk-gvKax7}58sprQ8LA_Y}_ zA*`5x%cCuG$7PH+KSwd;fJxescqa#vnTuj0C1`yLHhw_IS0FIaOR@|#zo_R=P)||U zp^nBoh zbqY!l-}0*quQR?#Wgfak#^()Bon|eP4K{I+_T_#^#qB><{DLTVgBJZ?Q2>_zv+@N8 zCnL-MF#gYF?f*L{01M0if&#EG{Wnp7|9$2E*C@dMQ~v*dLInQbwgPAQzv;rq!v5b& z|Ig)ZC*w{yh2MTsZF%${4Lg3YLVQM}n}V4sl^d_Gg`L14Y9H12*d)0FQ;L4*lnnw3CE*>Fw{V%KBk;7=<09Qb$zuP*P4!j=ibg};|d-r4~a&XSY2A>{NE;>aryk56n zZ|QaLV0+Z)V zQ5o5~hz~>g%EvdpFfZocMLBZs*|Kvi4`HW%eR#JHnqd~k5?TJic3-waWV{()WtIJA zyPEf$=-jStUuN%-Fj90&C|B;OlenNbd_npSHf}($&65Vj?zdR3_)jkFUHeo1fiJDdNW)D zONC7T6jm|5KhWKp9?A~gAwa=)UXxQ8}e&G6IqTe)|j8_2co}{ zNGM9wZa_?#cLxG08nvdCk36bUaf1`Q6+NlnAQnzGiC8da8YskxMM=f!8sGO>fdXG} z@6%sk$IeaFE+Hc_hPe&<@$2$fcB2VX0hp)(ZxDAYAuTR07sf=;ZKKOUop7OB$dDWA zDb&947L(o(bCw;`N^dX25Y8E91^s553YvASds-@fb`f36rR?Uz9(DQhYuSyC*<5{z zqrnRn?&vj8L8y{3SaY-6i>xd;EnH+4d|X(5%a@TKu8+IK*px9oDREhztL&KZ>%oHJ z*nAn9fSe$pW4`HQPG(qQSXzt&9d|ohu}vl$JYs_sa9av9EU=xe;a(|ONcjjcI&jwh znnX|Ii>gK`o&ynScu&Qplb#OU;Gq2D49J*Ru4VI|9NvVuO^a;t5y0oU=%m$kc7*$D z$x89NUX2>G3@QOuH@8lHo5<`fVnw9V(?n9jcleR4lPanzsK#kETmLkqk;3QFTW8>< zD7us#`2LE?Bh*Lv8q z!;UwqFhb3pGS>nOE$IXmkAb2zAyW;mPIy!iL+Ck)@9u>*CQ_d~9J*yUw5BWt?X=KuGOVbMo_U~17WQ2mQwP@dB?EH>DJ;iK1vU&zx zV>hAr_y`O11(Czm&GRWiE@2#_FeAwIixh3O?ENISB(O90A8?T{Ut4>pCbmfI$ry%S zGr8f>qKi{2$DeAwOw1J@Nv0JHp&`?81jdZn%h8q%3ryKH<8IE@D(X-OG%bZI#jnP_ zitv~FDIwCi&J$yrj&QH^-pt;k+&QxdcJ09)fo;Y$>!F>kA3qP6`Du~!QiPvLnY$o_ zEagP~177farsRKrLVpFG>g$!ZNYIQ5VBe zL}?Kd)OAc)ADvMUBa%hUAc2$1C8=;4rzIF02+ZYa?!xhufmnL@5D_|pWrIQhuRuQ^OFakT+A0LQyl=C)yEm3?01{T& z?YQUIw8{xogWXp@7%;?xFN(dO%E%ARt0A?^9FI1Tx-@_VPA3o+_W~Pcz~`Ve;v123 zgO=rSIqF#Oia2?Rl^K@HST$y^`=mcB3krPcsno`X zSf{N$n2k>?h95v3beQi3E-oQ+4Y!%;r1WKN8Y(ZKl5}XZO^K<=ntYmpbXH8y0NRKo zY~X-Cr(r;4IRn!Fs$@V^0BJ4pZ_K!3PiKARXn&@j+(V@+FQ4bcCmf=cVoDG9gHhnR zpLE|DOa*S7Ef{A5;vI)nP%2X3wUyZij%1l+*bD}#12s1I@PI@pbj*S|wGxPj+n~Z? z=J6XfJSUA6PODWcmXON~(}!~o2kt&+=%ONNJT>@+RfQGF2!qO+Xj(3I&Hx{3`qKjdmWT)J_w38oHRcBjya1J2c4 zNZMHo?@B2oRk~0_FS7*aYUXlj{2sC4oX{im$M&Ikkg2Ht6ZzNYI~^rcLb+*LY! z3}s|?VWQ-6zKvvRxt@+bjaPdJt^R+>fQ%);gFPRgz_btHrgS%Dh!}j{3>9yOz($fv z@%RJ3Pj+k$k4}AOC{m=FtU1Qt{nH7eCuSuA@9fFx*@9?%E#Qs!BSLGAvdgmEoO(G0 zqEu*CngfRppvg>CkxdQ`iIbzn)y5kHvmhm?MrPf0I zD5cXkT_aAZwZ*X5XjLVKE?Gili*?7a6v;mcCR2Hv<<^Ohf$G|?70Is=O%Dwc_l0FuWEF;*b#o%8HI5YaFzX$cOYs5Oj$`Iir*6gb z#xhDKo)${0CBx5G#?ml09K}u)()VZ|Y$89NGUejdr1Or?UpXEQ#}Me5rrIe(C&i}^ zhxJBe#GVeBi3*T_elCacq}|2@TL9D;%RN%j`Ga-{C{S6%j_ z7FwKM3-KwW7YQ9fNZxP$#i0Yht5j&E2Hjc&(aKO*kAyO9b{;Te`(1#Pf2tgeGK(); zg)oMDBnURD2iZtyS6Y<_v!DvEI}PI1iVCu9jeOy>;g+{%Hed#o#(Jy*BI;2dL*2G+=< zYv?6&##hVBi@4!gn7}7e3?9yLs;$W+j9yRMc+Y@nGJdT?Dw&URe1#nys;|g|o*kN$ zn@j4be=1gKRY(!ju+%Q-c*fFkeW#!LlH2hP5)fBw`YdZ;eWyyoa-L*lNB5CGQ(_5K`0w>lGEC+FlVdk=Uy4Edg)mlt?yPm=3{y= z8;cg%bw>I#YnEg#>E=m|YnDJ95T7tlcw=!!AB*l}LLyZqHKAsPnnnbP&Wmp_;iXwZ z;e~HRP>AP_2Z(4kp|-Xe{X@ZwPZ%0nrM$#>guzQfm2$EWi)b@LM#iJL`70#P1t{$q@H;EO3qh_z%5zZSdZgsv*w^*~KKs=>>ZDb)W2AvA+ zV2$NEi!W-`UZQHJj8(M^R{2ser}nmG*0Adu$9(YfFo}&Qe(U~Qpp|1P;r-{Bfc_qZ zX#fU?GqA;R=0cc>pBcAZM1ayqqTtC9L12 ztLoY&P%Y{Od^AB`pA!r*UJT%?!2<{{J?D1gxgi>V3XmM{UKG>y0HoBP{*p!=O|KZ- zBC?-&i_vqJp$UkR{5lL`H(x-6c8M_Rz`7B;?twV$u%|V-WkFS0X;B2hV)^V$%54Aa zZB=`z5z|Rl&-+3qwQ1q|f>cNfRDjDFAKL2V1szxtBJx-~Z#ffGvx?ju_Hhiz*+g#Q zt=H@Gf+Ttz*EGQz^e4>_)qIq5<;KBho{Ih97-@ynC&>>Xd3vWpH!pnwk9bddmj+Q7 zeNq#Jc~eDiJ}t4?<@4mudrfEDWiM*KEdpc4Xr@@yH&P~5w^S4#X0_CDL6l2QwdDb# z;>_9*(!EigkDR0qn?<_!#Z;gMRgY2eAXWp|d=-$@;`)%;uN0>O;hPc1NvC+rJ0UkPd_6NBzrNDnYP$=ORQ`3GgU6RhiIOaI zF|X~wL!zdwKodVagxt*jG#&@{p<{TozvT}?be4Vh08J?c5@6YV%#yhj2tzmNE&d~C zN91YPG9LBV&^{TfnyqyF zeoAgqcDCIXFDKAzP@iMx2@rf`&9nOY5&(2|w%6#=Y`Bdx!m$n0FN3J|&>DhZ-Qcmo z!Cdb^%qSsR<2XLA&@s<4Z~(xJE_$Zmyqqz3glWstV`BqDTy{X5P4_}Lwokwq>ljhp zghm>eBiKH{efNX@SGkl9n1QPD3XQ!ZKS(Ar;FcCxK&ib@~p5 zCUx`>C!7Z1@Lru0hPc8gwnj^ov+1Qlwc=>4)xo!#>1i^f5{Jb_`bCzfQS7miK`*05 zk3A(`{AyaDjJwE-d;a`r*Uo@(OtTMYdsfg{r)|8B&RYw@D7ymV@V4 zYNnB+fvUl$;kKU1sfC*$cgb1+PKo2d7B=tgUkAiU%{8Lby2k@R6hY~= z6{M2ctOqV(;APBOu9g4+L_(`iFrsk%Z4-vG?>~-6*ZjVl`&IMKkYK=e_8fhudq`ah)Q)8MFZ?(uRQFiG7R!3@5Z722dL6ehLbH*NKUd zoF!ZK@71k5+LkD7twKM<;Yg{=9f3m@1D;URrCe-j`NOG-f(!UT>6Hbbye3iupyY7T z>xw3fv!xk935Fv1g6`{S(WC^7O)j%)L!@pOF%L<#=bl|HUece5z{5VV=z|w{U)Z?S zRr6;}%*BE6ghJt%g~E22W^8!9vW6scj2S$P@bsEXxdx^;aHh{+PBHs{4kOJliAw)? z6slc;ur})%iIxk2167k|NOXX@ynE^3*Cmu`&1dNB*S~M_W<@nFRFg@8*rX2OzYF4U zZk>=^Mh#hl2AOc^QIX0~_zOtnM&SQ-#ha12)ft^EukR2cRz~ema;R^(9OR|{#$C)! zlkw);qyzVw#pbgkIKZS41%^!EXu}2jgz*stQlJJ33=7>t-@Sr%rAwq%(A1Gk5j{piP7SBKcJJ1ho03Hk_5vfH11qsLQ z(F_-r<5;HLxpm|@K$Pm(QkP-bovEPFK8lIYiGOZLG{wdlk{jv$G!R-AW=Nf;9TJCR z?Eg8~1(3b#vphuD!l@%Mo=8MdRASsj*~S(9jCA1)`*kjhfz;>C{=*vA&+hc2f*Nc1 zmFfTMq?4`qQ`pN#e}4Pc=eqVY+_tyX3;8XND{7Y>(M&m3R=1H$!KH<8ldONjPE%J? zXMix!NmEVZS`|;@pT%)#=>xTd;hmy1;0YB5Ky%R4#OD!1?E)hB_)^beLW`(eLB{vC z&T2u&Ix>LWSm9_od|akb9{D4ppU_QS3u3mWSKQuUw%+@tE0u$qpz<^7n}Bmw$Bp8h z^VeJLv%SwXR{DFm8-p5W$hndT3My7h?An^BqV^kV_;Cl~AV}tGXs%3|m-5R&xdD(b zK&{Q3+iQ-`6M_U_K^kCCX$s<#92k1y&g1M20$EZ{0C6kwkDJI#04NV#8Xps$%k#{i zU?}cCsyjnIUCtl&q5sA`cp|2HB)-h{?vR$MRNW6Z`AvEAh|0nU60bSA8#z`2zC!}b z>v=2N{nCXIimkgo;|5Mv;i)M*o_Ni^8TJlGN9ENjx>OqxMws{4x$4We&G{P({jp0( z$18ofDtBS>`qoY}dp+SToNC_YHn?c}>~-v)qDU*xgGPh;gF;h-Lkp*YMTeA4_TT`J z;VH`TT;@T|#bj#a`dD@z0S3Wryh_9x5F23jfQU6^12zrQp(M<@9B$NnVA#*_Oo@<6 z_?KQBCv%LWAkCv1*9gZjmuR{;GD#qFmnNKNrp!Bj%>rpt#udosIw4+rjvfr4y2$y! zvCKZHIQCija8fgzU8oO~BN>;#`{3XmqEj@5{|A3|<%jk^VVnPLqM4n6f#JVzvizU2 zP4@qhZL6d%3H-9Eke7xoq|Ga9vrJ^?eccRn%Wq=U>6sxBOyu zdEG27Z$ouCmso;*Sy}4DZ|3a799gCCQ`YD4a@54Xj6O?u)z)9X6L-(@@X~Z&8A+Co z(%Zi8>h*BejDH!S*HolL&RgV$=vm2G(;Btv>8f^5(pOx>dKYxQew)+!)v7BjnQty% zMegeDtnRC-`^|k&AN+IrzOh?}+45Dt140hTq!wm3Q)`;OZu343)7-vkZIO+xZ@N%l z*JKo|e?lLH>DyPSdjjp#n%SVZ!}_u1?BdAF{J0J`T!P&a>)cOrbYdXG9L&Zm6seVA zNu1aT^jGAlBFNF-?)LP0`rP@tN`J{lSF)9+P2@*CN`kWSczFBA($H+^nF9Oij z_6$u?*6&uAAQ&641%t@~_F!2ybO4h~g{j4rhq*1PRj>Z9v&{;#>uzYK5r0*Gx@yv7 z_4w}DrvMV+3nb^ea9^B!s_Sa#G$H%((+Kmh3iNX#eOtD##DgrB#R&9cRm>u2u%h8% zL%!p&Q*r`*ckIIK&2NNlM7TeG+t*>bNbxa+RCub4*PYAD;npeeGi5t&vey=59#6`o zb_xdP^Yl#y>vrrjt&)?E@y3(2JHXd)m!}IYyRPoTBoFy}Q28?7p`?iR zS&mCDw0g6d&8wZucx*>%JTWn829pJLvr_O2sr-P>rzMyQPOJz%Xf5WWlGbhx1<2Z& zSui{qrlRM+IJ7uti2C;QWsg2%n9JMnTSI=)@O)3wvE^P1#Q!4w{j}S5>My)E7oVpx z@EX2SGvui0Bxx!$;h>%3<`foO65?AI6QHVQD9DyqTWIpv`|Yb#^Ha03-2Jmmp8EQr?d@WtwA3lXVwp zv?FS0g6aco`Pp_iCp=$JOKF4T=Bk9!=JXdKmJ&Gf>#H&{l?=^TO1L8!+M}A=k3E9Q zh*mPM&Jfp7ec340((8B+YqpM?Z-2r{*MW1I?)ov_KS?Pye!%U7eIF7_xu}5%q$O9a zov`VuO#cctShEe=gj33Vvvi}(;UMBRp>B`dV!RQHb8HIhr{uzAY%-9HTP>vru6WcG zBRQDo#I0=*eNa!k(V=1BcLhodp=Czf(D8=^R)_v9eTHM%JkiP;Thp=i?tz)9Ip+4X zcc=C(_|H+pE1oIkvuu3@mj$eP1{{;EJQkBkUJ2N<*Z8#trM;Nv=&30WPJS>E5hjLX zCT_N*tNvIekBOQgI!-3;8fJeY{*0QAC-tV4_MwE+17?FyDDSijI(EV-`Jp+J=)XXw z*TXB|iobd{C0f>mA^xFWt~q|BM=?OQ6xwu8HT!{=xZz+ zj*Eu$%v_*?ItQpK6>Eq>t6c;M)g;~4C{4`NtyBP+h4RUK3uJRgi<=8;zU6y_xJtcOJLaJL! z4(J$jD(8N#t<_Oa)Wi*JZ+N(je7a18~qkyvJ2}lJLfHZcUOk$NKA$Q17P8fi# z{J^r5u@o{EqA5@;;6Q*_S{#dWW*I(IbCN_OOiU467bXM7os<#u*p|4~MWf!R5yJK^ zepR`uzWb(R!Q1OdpfsRz=#f~-0;n@&Kf*XnM{_X0z%l7<*&*$t9EXe6^B3a5N8q$( z+X1zPEs9*UpuLC)_EwrWngVzHXV~7V93(az*Scpf3}ckYLH*ec6j&6{ITs>q<8&>3 zih60QnjS!ip5(r9|1ebz4E;`=09mH~>T1vO(9rD%IvJQEojt**+T^w3Lk4O8D0ao_ zt*drjSX(C)8Hvzl1WRvth@e^#Q@T(R{W(M#r26 zgek)et+35Tn)%VH`B++d5hz;afvIURE6$+4xs(mMU|&LL4#|+qnq0v4=mNmIKcqlm zuu4N4fG!2D0CN%Wz8R*aDj-3No2bk$SSnAzrO#RyVShO^2>JRy3I8hYU*0vn7lQ(woDnD z-0_$sO$`~rRf6^XS;V}OI}G?OkAGQFcYr45G<_SR{#dp5vbW1m*2$A&$8Ot3JSFNp z9ro<}Ta+_U8JHBRxjPmg2Tm9Xlw~^wgj)B!s9vt%p8E@;L=mpo?eB3*2685Hf#kYDkJt_#`c~wzGlc zrmHs`r$=~tH{sZn&U&0~Gvk7wMHREH9bDk3S8%_#GasQKhV1=6vsIH)q(BgLekx^K zQ?THHvbuf3f-q^=Hhv<&&5dOBEKsorfNLakDgQbm)v?ye!m)NSyYSzc9D44{Jz}$E zhgGzBu#)dqA1@I&=-Z5VfCYVRy6EqOg5(FrMPWE$0`LvP96btq@C!yqXH26%hE56b zC;Xz#q51KF0*W7KM`=jUdZDEE8zuz$DLd(kYH?<3Yq}BFbVL4@SA~A;-PE>NGU`l+ z2S7Fk@!ML>MjxUV1(f7218x*NKeM;Fn^Smxwwi2y)U_M9Y+Z4aN`vK`R*!H8#?8=IU#Jtqf@0-U=hlWR<9PHFWZlw zO$lR)J+aR>`cfCRC8gB|)x7 z18HMAP;$(g`!X!C99~LmJ9h1qj&D65&aj`w~V4c-S775Pt$$bmhC6jEz=eSa4L{+WU za+tK<3_2fB_6%ijgJ?@{2Q*S@E2xMu@hJ^EZ1ZbSahr)i;^SlKd)SZ8hq)zwNujoF z3YTweQqn(QT4Py13vBB99Pmf&wWgT)%{HNqyzJH^NloCXZ+wWQ8~BQ$gr~oJvoDyx zpaq}@{7ouDN7mKnDW%o6f?Uopjd+|8eH^lqc)=0oc~x?%QX5faYY49 zJbOABeSH3qoR^)2-I{-DZubEvbp2@P1Tu7+;O^+EGi#0G-M z%+#;jmnBWG-=n?-Oa#s`yiTASnM>9hwab)hRBFQL<7u$pYW6)wWx�@Lm;I`QCjQ zMel~)G*|Yz1xVmYcS^lijadVO2A;#% z@m8V)p*lc0_I>qtE`JfY3&jNrrNy8)MJ4kooU+wc3Q_m|I)X$WMO{>)o*$aATATCg z`qCrM2e-e)d)&%q@*I9(QV!$XiIJ?|3mFXQ?)zYy-Qs-pXXT;qUlvh2dmtKRMxj3u zW`SK}X7ALJkOefv?9^l@xfv*;4?9sE&GZV6wjmEL=}B48JUbB`8R})yGfNwGrp5Wt zW|syjGPPzhm^3_4xm`4EuYk=sF3mWOF#(dkqUaFi=Q*2lb!;lrgk!)txlm{MeAJK) z8$|4_gZOFd7RLxn_nr`-L4>a~w%Pz11jcObK91S97;$zM8?SMMbn8sXA(DSVDvtaPfR)sf;S379*nc>q$4WT}P&Rm6aC@5;{sJc4e!- zqFhox1t{5h7T4T5^Pvjx8TyaeXhpHYibS>5SKzctvoiGn+Mc* z?_+Nn2WXka=HWJ+CS%Uxl*MFqWqsme96{8Y+`%}(K2pxfB|({=&_5uX z`0*7^?lJdt$00#!ZP6^?qrCdBThjHx+wVYwr*Z3STf--EIw@1?r@j-Pz8+pxk)s5g zCWy{8SwtRHyA{n#7tiD$Yw!!*%q?q?mi>;%#BLr%%Yhz)NTcab)AetuxchVD?mO(6 zd8u-@TldvS^o%!Kxh{FPM)o#SFH_sC2EQn0?mj1Z56BU-3@QZ#`(f4fJ#|jHPq98z zyQi}oi9~Qo6O8jQ+Mj;aJx?xxrU2J!+6ruI z>p^L7<-`@ZIy$Qxhvg+JZ~^#IVvh3GA!+5^e2{Z3a@_kS(qc67dLJ zbRtD78@v27hQ?%6b&fAi-!ndadH0D~{DlKv$RDbHCdRvEm}*?aA;q;hpd8s4-}?PP z9K@qkE|Q=+#^WKBp3`n>!ZxFRQ~ZUiJ|IOJ-CdwJk8$?LpnWDhR;Q>IbE#^|HZD=% z(i%=qW?^&aNbell?5`4mN$;;_q?i7a!znqZ=-#CA;&)e$Qix33Gl`D`GzNthSFSXC zy)}ffu=MhH8pZeC{>7_1s`*N3FNl%O5-g*Oc~Dv$q^kWAQb*dAI`})xk(u+2HuNO? z`wRUeHkN?ciNQMo1QYTPvlmz!5j%K;HC>C3a{?|sc^m?&hN#lXNg%_T^< z+3K_Gazs9R2NWjlZ2h18ppUmo<}*#9 z<5NO@<3XxW@iM!<(r~TH$aqf#Im!u75@OV=ZKKs07oltBR1`BR^*K#KVhf)yfxUP5 zl_<7Ym{rKq2*P1Grj1b%Lm=LqVTosF!KI&3Zcqi|?!;VrHO~6ty?ShIyN;}~j{DZ5 zfE??r@Sy`DBKPFDd#t_#QuE?bdQ$`k@2q)$PUTzzbr*=e-OA*q4>85jpB;1ekg)FI zxQIzT@atHJgS~ht(b`H0Yf|^6v@Z}vz}f~eMscc{2rwu}R3mGpM4=W*NTD$X1p&Z& zj%cmK+Gy(Ar{+>I;=h{HMkpp^j=yJY8U6H zeiaOpg0q;W6zNZte`PdAt!By5bP=My7tM zJ54^6%ATI@vYy3eC^SM)*9BFapi}IhX@CBgcf3mhT_?b?%Z+=rXIVqtiT1Xd_|>At z$$9@wi}_d0i-AJ|kf-@S)E2Ec0{~VNTB}?)xhDApOrlhupu|uK3$?CC8Y@JUhqJ3` zSQ`a4Dsg2ay-MKU#2!NECEi`#n&(aOJJ3R!vEH1(`eyGg?zn1 zh~Hs}+p}8Nmo!8@0KFadC;`RK6H|{uk^QtSr#|pcco<~;s{KoWz}Adi%PpE^KtF=u zyo{I|PKS``_2Z50d<^%X#Ig?D_T#Q$OS#0-8Iv&gvLbPvWm2w8&PIEWK1SL&U_f1vDX`$D>V25 z7*1xqnt|!p&eLR|YyjHtGX2WO2`WkOx5B9(%ljG7JMV>!mc(o{zbE+2} zYh@o7@%e#Z1s?uXx6azZ4xxmW`{jqsxkdscvH%06+)z=N++%1+gzlldr&pk%wIan& zCmev3J&YAbhX5k8#-8b#q~k7cI(tph1-R`itMdUw!u*r?2-=}Kz?)K&(5hL=#l7fr z36<|tv;z#3c%lg`B{8wT@39y}CMnuNI_tyAcPr9YT8T9MPh&l#X6q={{^Mr;(fXYx zcS|~3aBd}0KTVy8!#k|P{**#qaMUvMn4+$!K!eF=86KUDWKMVZHdhevAbO3-hDpGV zHC9Xns2wzGR3i@RT-t zxQ@65pOi?fxD{B;XJT8QN?~U4SBvCHXtwhAp2<-@o}Ek4(Qo=Cw?(yeb0Xq1RFfo; z(QX2>yQTU1@$%t~gdx{e?!P!*&@6j6M$-GS=hij$?PzsoUSoPsJc{AF)~^|3YdmZ0 zHJ@&f`F@D(kaPFL8`U^1pNL@}o$BJoY-Bayyz9}u3pELYC)ge?^4lKs61Uvb6Kl`537tKtnvoNZdHRfb(bU9mnZnvvqgLd9EZ;sJvfpp9ns>?KJi+ooi!4;|Q zyopZkGCD+9@hu@U zUj+2t@eW|!pAx#72OHo~Zi^1AU!`FkoQHAMVy~# z`^XWO)_DjP9ynE07LD6sF6FGiu=Ir{xZZw7tPrTC=2v3vZVRsY``%=9bzRXen#yg% zc<8(gG%U^j228gN^qb=&oF)F*l7`IpS~lOQW95<^&H;g^JiX$ezRcOnxF7en9n6T|5a)EEMIY77Q5O<^rf z*BJ2M;Z&y27*d%sLgl-dyK>u6H+PE235MCtZNV?ivUM_;2#Ga8&01=FS-<{#g#nS; zZcu7R8V&$VuG*2R=tEjcfDIwtX4qq_q4pq&0Myj9%r#_Kdy}Rwo6{fnpmfToXX>|* zQ~zjBh&cJ7$bB;Za2s9kq;j9=z)=vyTIMwoVFMyLtg%!S z%2oz6@P1oWGdH!k%Uv%=?_rrla^{vJjkxN)?@)fH8_b{qdl`~7l`$XunjuAIJk7Ui zVYe14QTKXWAwIS@$OOfiw>_*kM{AKivL3m5hCnl>Weg*J zQ$AYcMYGhTLO4s-4NYz_4}Z@XQ9do{j&+KNgow{P3Aug&q(6ze`Qtipssbo;rM9@6~15pKDcL zRsFR&zly&PO$>jqSwe&7LtjuF1k27szt^JMaE6>ckOtIY{#Et(J)O0&&&wCromKVE zpLb!3?)KWQ%gYN^**d!qUHu;q-Mh;wdQD|(k1XVXg}Ggj$oKkoo` z2gkm>Rio&{rVI6P%>jb(k5EowdWscrKfyY-WgDQItb1+NFP3~vzt^Gqi!fVbiguHn z+!&G}izVWe@l+Ay%x(OS^pK{g!H=#jeEn^|Z=b(!-Jc`utJc!=34MekBq$S)=VM=G z{$GGrtRby04B#Yo{!va)jMlFifL_GK7&Mh=ErjR)A~)`mk? zEhxk2Y<+|?mi2YTmjPn6+ct|4bRNcobha>3aU(1QQv)g{@i!RZK&+- zs%P>}sUy}-WTwX=jP;!+9#`0PDU?lC9;ai6ZGu~T&NE6PEJxcLfA8M#mt!eF-t@g9 z=YGJ{e7t(B^ae1VO)J}s!>F{4S};Mh(qhs6&rKJeFvMDcLIxYO+N_B+Sd-RTeW|Ve zG>w1`+mke+>M`OyNMj$yJ~myPC}@1EkkCoWbh|7)*RR1-Om3*K!tRY%aB*wf>gmvr7wCF=C5pDXDSe1XgwZ!*tEB+Rs*OTrWUa; z3|!~M`X*3Rxhq(SC&l96h7$q=BLcB_3WV}$vJoYXzu67X^;whxsnaGS_)*<<@W-)75CO zFtbut=X-N`vk;Oi2bh+OEwDxCI}O9v{FE`=w3*+HT&yD`>b=`E);GBN9ri@jP*Jr? zI3|I{2|yDV!YBBxVBzU%@>0{^JRXs=lORd$j2)c7!m40z7nRs?38XleApAB1D!8bh zi$$uqQci)Uf-JdUkenyd6>DJ_p<(m&Lb2!CTuhFbkOproW&);asvb%@C-v#cFk+Ox}YTMVuE%(91QI0_4QV7MT+oz!+zyz zNPk&gJxn*xWp96{^;CASM15Kyrb&&Y!9Fe23nJWw9XBzBNc)ECHaa4jae^2sz?;wClnWtPl@kdo+VBlB& zxK-v}M~<{0-vB^{1qTP!ZV>>4HQ8>cXXjQ(?*?qg3+Z^UJ<{NP2vm1Q^&oqm7LXZ> zWM;m;^K+ewt;7Ev7(tWu=NZd|; z@e)Za>31lUyj%*#-w08j<0F(|r76}-sbs8cE-PigV;P%-sT>_oWfZWMuemYEv12 z21U2*G^7ew8JwY89E+Iffr=}pf zq!zh7W4{pVw`2?4I>g@QP+v6eA{M@ZtCp@joy{1RpZOBj$h^ADiV&I~OXQuRqynBX zH);I6teNQbXinNof$;a1pGDabzXa@YQBEh_Ara(I^pza+L=n24ZZ=v9nJLO~noUSY zkD?f|#DpAKN128oJQQNKo8GHKu>-7jQvODf*@%Q>XD#0@-yd`at*P23@72!^B9Od5 zerU|tyG=?Ez}^*@BZ367{-qwXv0Z|maM@sIkU=Xl(ewTh%kFXtP&O$pDW7s70^hkm?32(yZIhXak zxzVr{omlsUq`b~gTw*&fWdC0-5Zd%OG9J`#I6PjnodwBZXu14~Dn?&#S5GSJxEVtE z5i^CQ1Qgfa6prP(QJf9*(Ca=8#dTUw!}DGI$_l($OeQDAy2~`2A`@jm7MW;DK_>UL z#WZ0RJL3SuAfd(fw7>I{-~YwiJ4W}?g=yZgZQHh;oY=OLe{9>fZQHiZ6Z^!rlaqOR zrn^_qOuy^x{xaWc?W(n__FYxG>R!L=x;N7pj|ZxSF_X-KICGYV%q>7!M&=est0oc} zy1+-ux2O z5Sb-v6asPUi&Kb$4ehb#ItJ~sXJv-)1hF_&+O@4{_N&?qS!K-?qc0z9V$)zH-{cR% z(d9K<0Lp+3HD31Nz0pRA9_S~FTK4o_CpO{h*G~Y6AsLc&T?CIt2u`V}bq7hWE^^)z zT3WOIr-z$t+QxWY=_Wz%*myv}di@gS0!eIqB%bPdw%PT}m9w0!3{=5F>x zgVVxCk<4PqW@9$r^hcAJzhkUeig>i3_}6d{;By-L?D^t*;_xTP)uLQ7{NBlIYPgMw zojaN(h8TeoRkCIMiD>fzzm^{OTk2zKg=l)1c;|%@B>u_19IE@Wm==6RM#K_+D7YG($ekiZ zlj0_g^oBs(;1M%_W$6UxG!QY2hUV96B|<&67v(Wd^xj1835JhCJ_;Y9cfWy}&QeiB zoitK&Lxs#qM_RkMB68=`UtARoH=bV*=WpbMMn*P!ZI|djCyY)qy?WlzCPk}qUmbEq){*p3d@gB6b<`h!WVh>IogqY-hi2ol(Xhulh>O;|+Ds%y__8pjE_=d#;};L2M3oRAMo^lu4U4jqVLZr-b7MgzN?t z^@=P`#bqNy8i9{PtOgV1@Z}v)M z{Y|E*PXptTBB*h|butrK8khUkM%k4u511oPpM=#>VnyQW&3Z%p2y;5oiv27B&i4l!j1;w$*-gjqNnIX6ymo{29ZIFUDnoy#JD)izA zP>x-eGG)75OhTrg>B|Yl5t8(>>ZLm)&Bf+;4Tet30TTx0KVArd^~QvT6<(8cGPEk* zfC}2Q*?#6Onh!!s5Q0?Qomot}L>pOVo>@A#_>Q3`>=ZuZ9zmVM5S=ZFQRuioK-kwj z`+*gZ66Q=UJbA`<+g(+7eP!|fLCs>SH`DDZGjbfv8$xopS1d)EV-aHh@mFfIqQI!v zJ(h6BloMi;OOfI((cIn)f3Ps$woxt4oHWX?jPfmGB89UrCcPv!L%)}9^Z+Ie$2LNW z_Ra>0x8oeUt*a~UO#aBr>b{1S=Y)G$<&RMo|-$>v=gRUn8p&Gdz@ z$f9Tv$Io6ef5#^X^+&&7nx7}!Fs3+(zxu|Ll!B)SryVI3*SNy&PpuOUM^7(*G5cG7 zLwguRqPRH_!tC5qwbSF&eE#Ac!md2H8<=r8+OgE9*cQl^IbTYwb&xTkJO8 zGzeu>AW!xhJ~qc5KM2PdF@q(2{F_(Z}p_(sdi2^a!4H#J`-9dJ?rf7K~E}lMEZOR27Al!p~!;jWgZy5{!27= z^dV&rtX3C%3>O+YMgf?f#2PA3_(eg(2n0uq;!&L*-k7Mz1>KzvFjt(T z_*2W+p84Ey5tcMFm(K)xq_VdCkh|$WhxzoWr}D~8lCCMR8>*`}Hao(;h!c~>s2R*W zZm}9fer@q?%-zn_L}bEO*hCkj)w)ip-KQDHBwn536f-IPYZ~*zlz9p*OiN$|-2-fU z=b_U}d|IQl>44dF*iE2&4*;Fvia^&Fg|?pn5($8H?+Kjn_oLMx?7g5D%AM!qyh==z zI=}cUqDj227qCLW$!p^YOpCV;XWu$!ToC}tYcefYqP^H%M}_T(fg##8W1q&Riymr3 zqs)J;u|$Z0>zI3SZMTi6ce=~6AqT@{jPHi3G2_^{`aXKtfQt|hE($_yrV;Gh zGF2Y9v^RO>gA0QP68KgbO2QI{zJ%T9kQ#|jggx;)qtyZC?1^gcEqMhH3xmXup1_Bd z6JV^BEA9fD-(8droMsg@&hjt;d!~!9q(|l)y5BS%zrnc8 z3mhIsiJ){g!Y$^1`b1eTtqk&?8T`n08wVLx4@+1e3ufszVYs?T+Y^x|=~7Un2S1?Q&HXsZlB(1{EzM3!_I71KmNTbgV~ z?3v3_`wNC^Je%>)Uy%042ttfnT5nHtB77XQoe)KjtnKx61s11-IjYb}3zy^L^&EmK zfrkPIiYfI|z7`;Fq6azcv3-QZXtudc&3O*NrTdQNti#P}^AQj}JrglPqKk|Saz}>C zDb}63h@&m+SBEr7Bg&CNVxCQl7BB_Z}(f#-dAD8wxRq^Bss!Tk(LQ0{+$hg_;7W z(;hhU2getMTOh&T491cLw_ySBop#T0!4L+kuS@o_wvm8t`kM^IiWpS7ZD;P%>TG5y zJ~eyqz^|z@M_xVY!8ylhtSR?APF(G6A$Xi(J6vI9-ySID?mKB$5da- zIF!8ld7Ia5P)Y*FK`sQlvqxF-Tm$Wx+I>(-AY&j1V9oQ|c!@lRNB;E=O{8m_3DX7; z>SH<8#(|%-`yr*r%G&;Xop)d)Tg-^fRD+$GgF$fM66!%m>MUF7y{8&|lxK=F7)vc< zv|0+yxoFISZl5vmu^6dE*i{~*x%8hAX$s!1^tXPpr|nPtAxTyfSCiRWn$wFRbum7M zv~G~z><{3L?^(p8d!47OTI3C$9KV`Lh>al>2t;{TwSI6T%z-h{LYTuoefkPX-50mU z-C?TaezE`5K+0;iU{E}SGmmBMpi+tX5mZt{esLR`?6=3HMEW3%%dTHQwEC0I^s$71 z5yerYGPfD8VUdPVi?F=KLN#NBjLlAqX(9=LJ$AIFoFss)>cUgQrUf{$}bIS*JaGLvY1p4XYUct2?3ltZ^RFD=vq?StHWJ-WConE z0nx%W@~a6gMIiILp*s`wCX0B97ka4xK|JU@uptvBi-i?VaLuf=1=9#o;*BnbQE>|0 zelvVIr)N|Js9TI$L$G|no1E^c%y2Eme$?R!KOF5^6o`^*j%-qaZu|oPNoSmbH%Nf7 z(L`g61Gk}k+2fk`5i2l_XC=$*S!?#QfGPWphc^VPO^_M?7LKLA^rx^LCv93`%S}@} zR-<2v_JKz=a1X~sJ*1qun(L0FZ&Xo+c72Fuu0MrWdlcyEl8gsQP-3d)&y4Ic zF(YLHZr|&K8?YY*0#3UFhM?q9Y0pcsLE%e=?yKFNlE|M`Ow0=Zaln92Pd%yn)(En1Y)|S~M-nO<5OSb#8Fb`KpniV9wNi=b$6gG!1T*)C^%O)kx=oF(D&Q z!NDsfgj1B%4pYGcrS0vv5;xd8GIqVg7>LtyWeJsX;GXuN2` ztM2-&sS074K~Lt~yG9mW!HR}sqlusrBg1wFFJ9z(7gK?X&UVr{aAd&os>Ug;K-=N( z_M&5I3HjRf$p>S4uKe~l{9F8xTLcW%>`^_LfR)nxbG&+{B=MinZAG9L*EIHyLcB^D zm$?z675KzH{iRMbVav#Sj}1)Q=(iZ}s8jk&H~|ZIoVYyX_6z9&uNVN+l{=JCXHk$? zha_vik|4h*7t~;NNH-ALJ62o*ec-NC#3Jl+4AU*=qQ( zK($id`=Fp+F*_%nifG$JA2o=PaUdQK;yr#Pyw$9zOL@gJOUQ9y9R@muq2OPn2hCl$ zEFF8;Pp5_5;c6+H4Hc|taai&#>f$K@f|1!8PS6;|G;U*zGVU=^?Gs~jn_XyHzeGA^ z6Ue_;v94o3Q$OXMVgw<8cCPeha@j&gmM|Y z#Fe`XYUsUAz73`!MTWXX!B@<+5-|9u|Hi|CVz1uI^j$inIfFuk&v#(};3E~(ubXR! zrhOL-;TtE{#jXg)FqDosqeMoE_spwsKf7{i7U>D@-T1G(T%`|x|8hpH;y!+O&xVEpHUl4YR&^QzavTL@ z4mjX()wHQpJ$~^#G<({-0r~HPsx*N}#U~ISt*(cE6x8|_q;qSsb7hJ?x8%(geFMu;M2@B-*~+dXkv^E|Eh}%CC%c&NOmUs zJ=pmATWuY=3EF=e$>C3>9dul}?@1udL?cn}(zSDz*Mw=R+{#D>f6>*oOi@}Y#vlC5(mA{V zX^6tqV}WHKK_WJt@2Sk56zJAOg{h(OnKBua#*m?bEvlXQ{g=Lp3}i)Em;Q%kFq504 z&&)orUh}SlBDwKx1{8fhB_ky6P!%e)`nge(w6|>i4iYC^eit`cGH~8ZEPG}*&*w&? zq!ckq2*Jpnm#Ys<2&w<%}($Z_Hz9@DHY54E?Q$NPpO-CjJJ+ z&iYY*vfF=p?-m&+F!i9Z!l7XuB6`|>}> zv_yAzA|{3cp7`|^`0A>JpWb3^_hFP+4)T108jrhux7sc*Gr4QSKHa+DiT$a=KGXLZ zc}4Q3Q>Qoi2|M+<{eR!L4KDs&S~kiqvQ({{aWWQ{$p0u%_o%+dkw^l3a#p`P8e@cbI z#VX=6=E9EFt~%-eorXB7qEv+${2*Cxy|thO!J_*)k2{Y^1bvWz5L{&EVg$dC)=2_pi?%NPg(P ztN%nz@NZ?yIl0)m{=M-()?oiHsR=m#4>bWB+kaI}@E;eM|9_w+`2SK6a1*g{{=0(U zzq#@|+ka9Xf&IT)9wBEdX>vI!1uN0K-$pg@37xfO!PopQWe_zPobJ zo@yiEWq!2r?7Q-ktxeToow5RD`gA zR8+YRpEn%Ui{%u$HXQ|c1xps)h?{R9s$udaqH4#0C#t?Ja6YJs+dg;@3_4K0btzDG zg08`5aFw*dU%g~Q_w&z#w{2A+uOL8I@4)G3UBk%MyxgPaU_yMFw&?RA?M4(~rh{wn zslU}$ryia+^x73q|s_V*?a#?9H{yJ46H{P_RqVaO0S;I^stj!Q{cQLOczyF2^PMAX)4 zQVq6CLaoIX>!*pe@2GbJoAF?gsxZE404nG(qTruD5rNxv zTd&)by~yC;FO*D8(>qK3Iw3p_G-k_cCB#rivoTYb3MLl%bj*eOH&ma?@?wsceW%(s z4%T;w=fMvm)?fySXR9I2e251oJub`irYI>&zgRPo<4mV~Pqsxxp>{xQam6z{wCpiZ z2P{K$-mCh0ItJ?#Yxk$cpBWLFYqIFtZ_ut#w9T7qMDu1!Y@QcXcltI?298$b4fPCb z<|m;E0~sP$Nn_O6es3S7Nq@f(0AvqXX+v06h)c~tvb{8}FL;`ql;4tT=oohSzMk%^ zv{&`6qggEIamIZ){XM{M1m8FW;juR=zs6I(z^KTj5`bJzL5CI)S`bP*>kL zX^;y9wLn`OB%TP9``fJ3GlNBp{_mtqlokHCGtl@#dW!H5jy169{j`i62d|h1uj~64 zO$mO!sM0^bcK!^f^7{bV>rrZXvT|DPjJhu;9aTVQkpvv_XniaWMAxp1Hpo_Y@g9jG zyXV4(-hmXvLAgmvtGlgqk{tk5PLk3nnrjrbdcF0E@sd-fw%IQkDY_+?f+mO2nLr4R z>or}Kpcb@s-PV^@dxssYQD%6o%a?d`UwtCZ8R!aG!^11wJj=ER@STHz#mqRVd!WDE z4Tk&UF#@%$kzPm>acQg^^r+EN8I*eEC$p}uTKhSf*pvf^CvRXgRU4>V?dMS8U6?GP zXHN|2sU>z0N1KDm&V{v9QaeGLWhPyDAgIBBppC?&?Y+r8wokbX-GQ)A9oR8~WWv1I zXU-5doNekQ2YDdLX7+h#D4FKWC`))ZORKVBXIde6Y!vSZ^>slmU-7=PhB zpuTJ)QBQQE$({C?C(+?4$`O|^NqBAa>=9?iMRC^vx{^L-3vkze^Zaalf^8{zfDM zUDixLJr_S*lif61u0ofh3ghg0Ofc@7<=NfaYn%cP8Lo?%0GnSS9b5-1lT;K83JJTH z*olh9#oe^B8)ryD*m!Xt`y79HqU?^1jfvXI{v=cczq(pA#Qthb<=-9SzKlm*`N6&W zpwPX|A+HB<6|WJoB#9kH6FuQ>D9X+_y|;OqSgV;A-%DQtbdakZQJ|x=58fcpiC+wp z&ZL?jynX_v;=84_WsE2=Fov zoMYnQRJA{`H1YOEe_bmC7SHVZmIv+VdL6%CK1Eem2XWNQS&wZyL6O!dUOB9RXzW}( z%RpG#5&I7*-bh-%I`tpSU3Of(_ku}7x1neMDHcsG4$>^l$OBFc3k6xK!Nb78rcoR< z+p^d!tJ0!y7}^$L8QNx=GgMl>@Wp4ejgg7$EL^Hts}E578zx>nj5LDIyAN~PQS?{$ zfIwrLQA1KjlEt8J3dbT z?KClXZsRGCVJAqeZF0?Xn?6JV!#V5BhBE zqlF^vAOSntjI&O2ph=+hv+$4FTEaBramzi1kCf$4sX*v#j7vL|pwp6n&27WeK{@r~ETcl&r!rec6dbVG z=K(`X^T$hU3QXI&!EkZJ7i1ow<#5xA*+WWB(0wywuOgzGhOxc)o2nXO$In^Y0&sO2 z*fQdZ>aUk0I@u_)CkZlCkZ>ueJfcOd=jsm|Z)I_ktw$`L#OlxF_Gy%om!0kpZugWE zu+6A?gZNDZGtPZ*s2Fe3qxh_fJGG6R3p0*aUJ`GI2fI^nLC=f!55^tR-_7ARaF9lZ zzEwB|9v?WDwXSR(H6o17&9*P5h&_X>@-wBRr{RVBd)Z|qGEJ!k#|{*?%^jD-0~=SZ zrIxx%+WyT~)I0e<$U*EigI-rre%iXj>-*!R%7^<0)FD!I)P~3=pzI7Odka{|C3=5p z*_s(L-q&};2iH`LHB__rKyY>8`^O!Z8Q;VGZq z;jV~7KrGc!pS)~Qf%u=Fer0v27Mh3;Z*?l6bCjzGKeK#u9>74vcTR?N49?eIpHEhW z6O-KEkj8n3WqY>#G54tK-9fZbg%isGhU>xfO>3iRsX54lw}EditaHmQn+(i724(E~ z_647`)qCz4{h{M(0!>?Ef&>dbEaTOupZ`kP?eFyn4U&3WkNmA3*7S?KC1L;vy$yXe zqXdU7s`Y1(lr_fxL|mtK=>d&a$66+>o-kfW;2&1EgAM zT7z-PD%&4Q0WyTzy794~Ua&7J1H9-#fHV?e_uyDzmywVRMC}APNE)tlbZL(Y{F9r9 z)GX@jX@Iz*)QK)nKSVfcB4)1^rDFPkIzy0mU_G|a>aPTA*e$4+CSM)|+!c+sBcOvc zYL|qlJjh%mmS&f~Yk>-OgsHamWmm+f9HAy2*9#x6EUuGfzqTGR$Ms?C&ny(;S|wzo zFWqor5{#*XlPcbVjHOnczI{`}Z?T$3I$8_u!U5Gu=}a%&_;3ceiVTk;@N07MQH zX#=nqvZr{x8StN451IH@D?$T`QEXU&q(9M0z;c1Qt~*YnVUz!4b`%^|W@u!;JO6s7 znu{z=S;5<1bJ(}po_gdTv}5}(+S5iHV7$T@Z-VsZVb%_xztUAfm_S93p4xPH!{HKR z-4J_ZjN3==@5@eR7gU~t-TG^rXz^cdNJ3iXDt?K@HC8}UWn(iq+Qes`LrwbEJM=Bv z;iZkkty7Zx+D#-bHS|RI;in%Bn`k{!YamWRW~M@n(ke3+MeH$vUA%*3g~!^Zd{MJ{C+2t#t{|@9+VZ>BcbZ=(m=c*Ww=J@H+Tz~%Q^*~U zYw>Sp#}Yf>o-Q*BQrw$FTOV@V)n`n?;^b@ECNf!bj?7%HXQBMiZ8T!3_Jk_*hXgy|1ut=87<6O-y zXcY}OVN@f)NP^xm58{x9A%31!xAv`#)srG5`*|P5M+jE$#^5%?<4Mu+k~OzoOh{?m z@l5h9k+8$kn&OH_0|?WZ@j=@}bxhM{mc(G^fZr>)UD9R}()pp9(m?R$+O*k{D6kG7 zPP0bKmO6zdXA;upvh3NP;J)2AK5ljFEXs8G{{6Wxh~Zrsu?{JaDFL_7$pWn=^_0{l3E zQ*`E#bb~EoP&&VIz=J^a1r2u03s)x6idhe9ZbCTQM|1{#%z#gj!#hpNQsoVdxYZ5g zvN>m&2p&XCI>a%pt)Ev{m)Wa@m=49J#oHwdG&pb^;pWY)3a_}}9TF^&gfsSyohzW| zYB^(Sb~m+e9Fa(d0#>IQeyHj6v20i87o;W|Hzy!3b5V?+?T1%2X*q33Fhe`R2PfbT zD`Ek)EJ>t+5N~TlDAqQTxB!)euqP-1M+L~wryv$bHs>5@n!8!LDEZ33lQb&S=prL- zf~}<>N*60|Ot|D@19wojH{imb0h;FpP9r(5z`oM zBlyX*?}Kn~>a&cY8R;2E1O}BgHs%w&gbusRyq5lo87Pg~dLwkpJ%<3ULt~7@2an#g zbc^Zxz7ti8W_#!~=YwmLfJU^ezUudN`qGax6yXRtFiC0cF_{8Gcimc;pUE&fR6>H( zF-aVyD!!vlU1VlA>*IA1m??tts)p1Yh6-LGhv_d0KZj9-vk0A&_SE<{%|chB+(?L} z0;s6~o!W1KvpUhUeSkKg;Xy##s8PTGtYs|lm@c9Z^&?Pf+Rqz>gA)6NS>>l^m-$hw zvUyR5l`A6b&{<5Rp6*X$B9J%L3VRJOd7Ostb}e70!KXk(|^tne`D$3z(jS^b%IS@-_?M3@nDQ7s=l6P@nhaCa|Gj zd#SlOoW%X$Yf2+8kDjdOp2f-qFF^+0N4CnLu?Q!l3;-#R8QiQW_|d|npt1&PV$nwM z0z$z0>a6`qn|F~3y{oTJQgv@6E^Jxva!7|M+*c{}oSTr(alPrn<#LWYU|(faBH0CX zg{>RNy#%@$gCV-rTF+=Dm94>JO0>4^+TIO=Y~4k{xASSYCzEpH`4on6GWypZIEvVY zg+i9lHHS`Nhn25B)D(w>0?-aa_g{a&GUr1IBF8k%LhTL|MPPH5ej|i1;~Kw@+=O#A~erR{^1<~OJ?d1%UMGC#~fABIjpw`I;#a;(@1v>(%n}w)a>+9y5 zZ``)k@IaXRQFPaM@^6pXllfKYt$s|H8E3HG+)Oag-UHvi$$cF``)%^D6TpA!Ps{cc zXUIsX0G=K8s89>HHSmWjhAe&m0%0lYz0H+KWwf9uGYdgpCk) z^tZ)~G5M<$5kPbl1!Ne``cCKad(0M^=aIt-FfNT26A-)6`NM#JH=?uPm!j9xI)H^}?dwp5#1mNF?us+m{Y+^`77OBe7n7b41H|=snWN3WU#QwO z=UB#+JFzZoK(B!YR9q@=4v7!M3nkJWA`-gOtU0))=N(*?;bb<1vD)m|Dz%@RR0BR9 z?`HL(LlrC#%xtT>*bNFySckT@NPO5o?}kTqrSmCX(zKB|pn6L8heu-lGv0oH{-nAw z{on9~{okyd9Ly~2|4tMByH-y2|I^CJ_FuJfvj0D^a{hDbe@8C=T@v&E@8$ewn}vv- z_5Y?a?EevB{Tr3}S1k3v!uoGLGOD;5yZq0V|2aA$Mh#2Te-370=OSX1G_wR){1bFm zmVfsC6JI9>`+p%hFfLB6X8&6ZnE$nF6*(hkYa;f49gc{li?gDclc>F|gT39q+&!-U z6bZrnMZ(rDGC@-sk^wIxmR+Rt~b)@B0~V@b~>u0sL=&%|N?-|2~G|#?Sj2;p2PUeSJUI`=htq z%koPb8kV>M1}P20H#?l@8@~i|$>Hd`v|W#eH^|^Vq9-`VOdNKpIy6vlMbttI@z%=z zQG6}p^aJF>&Q)JBOyDkBQOVxVhXC><=&`@#7d|FeH{U2%~|+ zjRkXYe{1XUJTiAOe0j+f$$EB%YR03ySd*Fp8U`|N0`qx==ddDGlqq`yrYMOK{1(3D zrqy3A@R$|k_}GrC9z5VbkbUEFfJfsXAjoXgy-29FhY?DOQz7$|ob2&2e@o-nto3_K z(`;xJ$pGgb=@c1mK~Oo{eD9s?m3)`4OivpB+~A|scl7+RdT=rn=kcl1=%Wr7YhPwh z)f2;sqTU>k7ynMaUgc)>MqY1!EMCbL$KRlEcGNM-AuuB=jS0>}$31P?>2VJmB1{RG z`mdQ}0GQzIKChMJ8~aBDc!FlRQ^G&KqWUqMaqbyo*6gKqJz8exOzw+xSCmXOslM}( z!?r}pkSJE%`o=B>zcA#d9M?2(FA5+8nGK6+XcODa2g*lBNL^urD9=4%tXi=_?C+b| zhFXM0)iC&k-k|~-B|}cd_UEVs$(1Ma_MK9#)fgtyB?tJT!dpSIpVDDd3hbtd))DDY zgs^&6E7p==C`HoA-K-3imsCLol7h@=fzmgS^Kf<{pZPIgi&ddv%@WH9nFQy`L+7p*WJi#uL#faXqeJcLP~)C0v?i(+}M{W_OD?&TA& z+FXU7-c^#v(LNKVV(Zsrw&wg&=rofoN$;Av>q6DOT!+UhD#qj%F9cogXp~Q;$uo{# zdn4%?e^fuIeuH+FS_wC)JygXmvB^MS%DzrgR$C^!h6Tzd_{TgQN^_Q8{saCj?_bB< zAXd3Bfz$xus;rAYPfOrU zOSaOAk~z%ZN4{@9=*qRlKUT;x-(5DbrPXY1lsomeF(D+0)bsv3n@&P0>vs z0J`!tf_pqdJz2@qpYPPGlOkzUO=FwGJ3n2|TrJml&KUS2fIKM}Zu?p@8@^E)n8HNa zAM+6P{%pWUVLiaWUc{zF0C|Qqp9sHmbfd9goryp_ZS)k%E`6&RaipdOOCgWVXs6k5 zzFBeUOz6-BYEm3&iht;yh(#pZHV_^50C(l$T^)JUS)#)RT7O&$nMtWldHqnr^{`Fo}WkWxLp-`J+q;lvHvh5(!jI&t*@VvSk*vL5|a{ z|C^WEis}fM!YQ`C5$m|oeO<0*)q}-d>w&czjpK!GIxu8SLt6esA|-g1FAt62F{1^` zEz2sYC1Wc(?nr#ebmZAcl!!|5<>+SxZ3B(Vhu&#kePj2iFw z>=!`2i8b(36gQi&G(v6SbJPyxB~6a*EqE1fL_u@^__V64%S2XU|v z_gumuLgkKVC*}^ypjZ&9Hm2kH1w`!9KWs;bXc>YPS$7V6CgdpH`4}#|G9yj0KO>i! z^GfOIFVszb4t8oZmdV99c;Rxt!u~2vqps!DDbJ`KY5fu}%0*HVnw0!>U||dDg2zIz ziIOBum37M?Wy_*5o3ZjdVAZP8XjZzm*!R)Kaqh~8S))yW*$niW>-U{_A1T6jbk;HH z%V4m#-_VZQm{`4?;u|ftFTY9<9)H<h*l z+3Eh=`t|C^S^&^?Uo7p8PQ`bV4^s1nY1EM$1!SnQZ3p=Jc(yf3Wgg^ajY{D)w#?w^a+97QY{y;p)iB|QJ2r% zc%KmB^6ixAQy(5Vo|+JnbZ|B2jkFbeL}5=9XrfzGe0< zs`FZ#7{^KnniPF*d@$T1@@eoH(jJ4W815eBPr|Mv%B|5`O>>^vQU-(^Tc zq;g*^whV+U#-9Ie$~zrKhsYBkagTp5crR&z?Dx+%16@@M-!sb#A-ary42x$ZOzVzp zs8Yloe!BQ-3F_5Fr5)&W6fi|YNTl528bb7S-;>yDAaafYf0czN%$y0i6sdR5-Ab$U zn$8`-ADPNLrZ$bzf^Ho_t51X3Xwp&F1BL-e8;9CJ=6PXK`Kam@4QK?V1MOp3*u>ep zUPV)HPX6A-pxPO!fmep>h%-I`zFQKnC=KZYq`*W4oowYmj`T#OZWl^d1n#81Wj)=R z8b*d7r*%CVW>Lv}=3Oba1JHDTM8585Dr@18UM(1Kj=+(HOXoM(QftKlCHfllHK~r# zZcUk8E@UieCHZQwM&%6j1ImGBt^{6+VSjA5L)$J2y+jkw=@jSL- zm#T;Kk5k6bK;_c5=e3zcM1gujF9O%aj`NK`EQ9=zNUVPH;)_=|N!S8oAG zvzJDJ8(wv7|K~xxv^shQzLwA@Oph~UXvrp53P`#@xzf6wp!6mH(yiZeB_u;sG}ek{ z+tT|Mr$ON$Z~E*4dll7xtZ`d!EA!4Z5gz)^IwI28U_9!~3KZV(VkpBnT*E?m#^l_~~7rDGvR@)|5JCIws zZu(qfI$BH2SzU31sGSsXzy~Gud^3oK)^9-z?kk+rTujrE3KNhSf{?Of-?CUJy&Kj8 zuEKbv;48HoSgWE$gUc}NkYT2kI2E8IeJfyW88cn}!dkoRXJIvKYa~^jh4d^^i}78( za9xB`|7=|K}u~`V1dV2$0)Gc*+`mTGKi zYH6^QytZBu)V1++8K1l4#(@XXv`kV|dHS3qx1|JwC~y0!-)NP?bp@flQ8}`Vc^-)k zlD zmb@%JAWy4-jItkJL)U{@%TK|^^m}kgsctFE{)WFFru z082o$zm0I~1)AZE^7PVHNGJKXK>0dfp5bj?+-=M9FRd=u9CAH3-vz&QoR|r!f6@~D zIa`i6A%?>JfpmUBN@ytGaRCb9r1`|L-(>;I897f&5%H|-z9{8DaDF220Q0ry!SeK~ zL?4W*JZC_#j7d?<5pak2wi^sk8{|?S#z46g@c{!i{)B&M2xQ2HPoLqSW`+tNY~S*N zu;Ar13uaN!n`hbWlo6jfcJ+X7YxU1bGa2s+6 zJ?z04;L83?kPTL=(_>cKlr*?tKcds7;lSO?6RWphq9MPfkKrh|qgUz0xW^rj`9i>@$%Lltm>so97So`-Zcxe;zq31vDZIHT_TAMw#917{Ftp~&3qMLOIYHpY zMc!Zu?`A+p!RHR2QF??v68;YW8$jg0!OHiF<^RM0;szB$(|`dOxve86Km#h47+_T zW_*=J_2ltJR01aPAB;y_%NXX~8gJ9c9>RRJo}XVD_Il*8abAtYmp|n#Qb{5Gx5xJ~ zw8;Lf!sN{P$^V1;d;$JfmyEB8Kd8o86ZC+Ji8jzN$wV+WtuIafTzb0y@3QdtJWc_Q zn-7=zgh#BmgVkf5xdo^s&mis(yLV=*2|i6bF0{;Csl(#&Iqg z^E_(hZu>E|06nmvU#e1`l|br{Si=+{ZdnHFuw+CESd4-ywE>S&FUBbHoNh)@dq2)E zs)y}M{i>eHbx-C|+7KvIiZPEhbAwcTUPj#xcZTTD{#0t?#YAdu5`@c3vCUT6QPCUU z^WBb!vJq_*zL$M?UIxqE5M+r_+A!QC#m29&6G`5@P2YMy>zpKMc^ zKXjI=VH?^}xMdF|Y>9UUiiavzwUGD($tp~v#B^NDvFb}2r@h-4J=3j%%EQ>B&hjh` ziG*$Gw7I-f<-zC9PM|4cgj?AorY@;1whtEBnQ~tSkG4$0*!*!h!j$RA5T>Xc!V@b= z3)MpEK?nw9cb7eKR9q{+PXYHDE~6IBv!m6D7MujoQH^?tcTla0A%ixXN#su1x~yaw zbdcks_n*NWB!z(^ZY=V>wlD80=(nZi=Az&dZ!sa*jk+ml)tkchJ{}h045`f^*}J)7 zJNOOr>R65B(X;9Oh}cV%5^DUbI_GoyQk>?TFiB>4`ef40Sh~ImZDru4HU|w#QH$ zu^|L_uD>tnhMBf0%tP(&tQiKpI>&1T0H)Wr)y#L5sYA#Hpv$Yy%=#Zu#5`ba`cQ4n zgPF=du z?ZBq;>dS=3>f8tjn8$H%?!*F5k4RxKSQYJVO}h}_Tx!A&!O{|jLKs1qbA_06bcggk z!K-rIbg*$>JPU3a@ybz4_}u)1@oG*(X|^WOHARYQSA}*vgPrwPMA@ z`2(*lxQoyNprl9eC^eFg7v{7u+@uW7v3Rw2WJt>550x`qC);>M^s4l*8sy}mgKTRC zX3Hz^`l2^#2O-1cyu7{_Jj8&o$1Hfy)eI`mVwz+W>O~qP4vkC)KfABKMIX+p5=0Fn zw0ad=#xy~=wAhgzhyQucM4E!3y)CkMp7V&yEhr3n-gtR!?iLpAty#!JKiIfmswx;7 zuOdvtAg^&}E^BeD4m7Jdvfs3H@yi$8vYghO%4;5%0QWdX`VK}$rog2MjkzqylE0|qMfI2>Z4Ain6~{vN-V>_nu>tqcK>0Eah>V zxpu#iDKh4~tqpSKJVCnIPDkmyNY&=TTZe8Sqwomb7RkVT#YD=K(H02M*mY>a@?n+L7T_15yil5J^3mxb(M%NqonE!AQ+xx8QV? zFEXXhQMC$LH|(84$dS1ehO}FjVF13RvL8DA^Nq-QIxaf|db*MbbZ-6DbEJ9`KTM<< zEzyL29Xd`^gqy-1L1CG37$z19doDR0D95M zQ|~oiw5+zy4#8J#1%~5nuBuT>_>2pd2(bNh-?I!mVzJX$&r#K7Vdspz)^@r$i_K`2 zA2%EmW&<#t=H%o1j(-sSksm@>(ji zp-VY(UwSq0Gv5+Lnoj{w&q>M^xXF>aj7|NC4 zV8T8ODJH3`HjNvFoM0P~t4BSi5?!aD2u+Uj2uqKaii64s{k2k-v zUSZA5Se~>zeZY|8_)6ZuCfpPaRPiNf90$ydx=_Qw5N1B_|69h_T?2!CF=^vjind4T z>e8Vr*;f)W$g5PD7E2t@N& zuwNkDy&D18oeJ^18Lj}NHgR`rcqwhZTs^8%EjfjrqtDgtT4FeWWn|(_&Puign3=SG zfMNHDBW4~?4Dh6ua+O6xxU-|QG(q*w(C*XT>|q^V?k|hLvR6=~4=RpFMza@`L@&$p zq*I#FBL_r?v{zds(zW^?7QMl^{~0Lv$g_I7?LWZ<7$ql9(Dn2CFvH^U@13MP0TjN z+Y3mI-u+G)jxlCSOido)(29Qap#CCv89~l2dSZqIY3}IMln&nnbY4hq*`5f0MTdqR zEpnst_E?yaaTbL9QGqiMT}(UpHr6qZl6H~pI1`kmj9?&mOA5T=woA_kHpc7Q@s#(- zosw{CQWp&gVX1lMBU>lEQwYu9zkRD?_s^eyD)6^f;M+I;Z+%2J`W$uBmYVCoFPH{? z^!9tt<34r}^1J|lobEmj74G-H?$4hO%VPc$lJF8?IJFi$q3UH&~L zP`Klj*C}#gr~Sv-eM$Rc_kT6q-;1xV`=YDsLGw5TXG{A@q&vJGE4azeh*x?7;4YG% zI|Uz$tfu`0a1VR(iu_Nke$h^5^Q3}$?unJa@*EBL&rIC3*94a~PP1j`Pq7m7oL^o) z08I2hW2F13ElCc5ikX0~=j9H-rPKB~1^vF%w`h%ZPv*<^^I71wf8PA{QmQu`wK|b} zE918|@$92vj>!+71)J}=m7QQ%Ub9|b+-ja1QRRX$+5@G#eZipe=4#Hn&Qg_j%)y+p zX?aBdgnZ#dxDQz{mL!2TNz#&HJWud*ZkQ*);L@ewIQ&4yKk~$wx@)E{Q5a|nV zuqW{HNXKAqi+C_!3m!BBE{60qAtv{d2y^uZE+M0l!?1d!WVKx(fQM1;&I^RghLfv| zUWL(U8Ro3X+vl#p1G50%7QpEcwqtTKr1%#BSK?p>1C}%<4XdaQk zm^X*Z!pjMfFh_qidi6O$&C`BG%q7nq#S<*8@8`T0^Qa-&bfB8^GsTV%gez8QD1$criE}c%zlL0)nWyF{HdGK4q8Mo>=rvUe4wzN8vmjyU~ zBVvb7=c{}5l0Uv}jFVEAAA4T0;L;;b!EUrGQ|XK&*C$3=caYmNH__;gaKa5!}zzo*8W{ zMZd+5o!THzwavI-rv3>H9y-45yTOiVu$NF(o&vwX@YX%8+mD9lZ$v&a-L&(_K$F)v z79N4OFAf4k^XCD1I|V9T$v#q;a-lNJF^YL0gTXrp$L0*4E=Yo>)W+Nb)RRjE-ytk; z?!GY=U;rYfjGdRR-o8gmCEIa6c4s@+$>b6_L6{f1T(}t z`t2^qD@Wq34I!k~;g-BahE7B&3r>M<-TTuJzPgsZ0QoG?KQ+oascSsM}Gf$&N|AA}=a!4XCyP3YV#I zej;B0<%`g#&PASWu=c^@GRIC0L7(Fp;-v@zEMe$BLSObTVg+&|hOudN$q>3EUKOZI zw**eXbSaw|w|BnzJl=@>!#)~YcXB-=d}F`AU+`$)h3BY1ZaTlMZz8RHvY=pORHG*V zC0u^?>d^HuOrdEHa%ed4_DYg568xAuBjy$SD(lkN&niR@XgpU*8A5cQcIK8Z+0V1ZxMeilFdX zym}x7(0AB~47OgKOUOGM6_yAt;Jl)otK2(>&_t)ew`;dC8~!{6+t2%+GrxJBzm$SxPL}@zhk1Q^ zo`M!OALP{lltT7rd!T4{p_CEWIJ&B+Vbuh*VK3wodetoywY?(_349^`pvqkvT1HXm zPdkDrTt)O59pWfRW^K*N$hB=@gM?)@3(1;GTVH}r0E=G+XhX#w2^xPF%`zNoEDHnS zr`1@x)6CRV) zJgX>v*XsHJ8RJK!90`aJSFH^AA=NELA^tDg*?ysfJ#R}S{x9hKyk-9ai8cINP4q7) z;s+n}KaNAsuT${$&f_DqUdIuLUr_td)h_t1HS;c`wx$8N)Y8Yhid>p)T+)$SKNvPM z2w|~(CWua9ZyU7y=S?-0vl)VaSIdY%)`=*m@{MBfs~D_mT(1Ocm2rJJ0#fScK1-+- z#sg+@P~~M=lHW^uj${b#rZK1EZh`EZ-LqEMi_hbse+ZARC<~0w--vY6?w9;|!#_^} zzY*itRDOfT7lF9{>&pcWMU43@7!5~`BdNl%q{^;x*{xA2I>Eueta?d+LT;d`KM4nb zIV)!0fvwSYao%3W3qarN(mcX*Uv$Z&;FYp9|DmM2&9ZtmPd&+b&K+gzCP}@NBv!7; zy2xU-bUX@ZLPf#qL8YZ-Q))|lVXjN)86%jB3I&;a@9RCBcli4h=*Auog>sKpKjwO} z^nX6km~QeY&YkQ$n*hL4&ymY`(WotRE(u#l`vwD}M|}Lqbg7_W^gO+6%s`j1mSB0ekANGXJ>phcXQ;hh zLh5>jF}FL_V(zhNAt}aMrFa;HDJ1O%Xp;C(Med-;C`U0Il90#=vnr%!C70bimp$>u zz{nBFA}HU8`X`;ax6jZ1XIFnX1$$EBIM98L#@zge3Qqw%FZe8Q$~EzPs?h)#XKc;b z4jWxwRSy^@Yc_jT<;RFq=7w3XSOp0Rbye@s=_rKGqoYdg`H8_j>Cmf#i1%!{#3I3ii^El`v*tJpmN75u<<8h7M7=AU*@NW zTt(?_t zo17OFU>pqwXO?%!0lW5vQXekJ^x!vPO|DNWnWar!E$76uN(T%gXYAA<2}Xz3sw=z` zY3M+wJ41)C1`H?>dK{0s)P ziTpIb1eCl)=4#v3{5K{#&DG9MXh-QcXIi`kM}1D(JLrS(@cnmP)hTfQ_x)VG-ShJl z;D(QTK1RI)?df=6`eDJpl`FO^3pa6!(>2Gxpr|^dT%P#yv|yXyn6$m8gXA8`{SJ4s zHN)d`lZz_D0fSf@5lD@Tc?SJpq030hIXiaj6buGg8XTP0B6S(CBb`Sbl5mk{iC#)!o#8Ehr-M$FDJa0J`ct40P3uq~zjG?VV zC>#JyqJlpi6T@)9ws>ca+=Z#GLsuXF95lY$79jpLUB2hfc`*_<{Cy(K17*H4;K_n0 zY;vV@*C+nIz;(zX9|@|MT|K4K0L)dx=1EJ~S=Cu}8!+5Sm_KxW^c$_BF8RJ!oXSnv#231?eD^NFix9fCo%^z<>$IDW{`~<-S|7*bb^>uzn5+P3k zN_UNuasx7poM&-LKbBxrI$MXaZ>@Y5CW>o95=RNIqt6Y<$*IS(4`Gs*Y*bZC^J%;% zn4jZjai)0%N*Ke9+RYJSp5qy=d_e^g=jEd9BxP$y5H54v`RJjxhm0F`sZ#DobOZ&} z2mF!CBPhh+6rkZ}bU#-o_q+i4Ea2-69|6Rom>)i`cCpqdfPo49C~ zN_SvbfWOs_*HVeZYSVWal${d?%$H0VY);|17X=t93NT*xpS15>mE54G1@;^dJHiZU$u7eB-w;#UL{~w+x@Zhl^Ds$YTP+qgmnoe z6Le02-}ZSNbP)O`Ux0iT%s1kCM)1uiI^0GtVd6`^UuE=~b5llDrQfGulA>KwVdRJu z07G_>luO#+v#$c}E<1*b-M6j52dtQFe_-xh zP!qt$i@uLqnG*~r^>xGoH1-7Fs7+ql( zWLLGPNz3^JwT3i4=jhL;{b@<$r}@`jxoUYk$%3dXTt!A_UfVOZ3j%E2&iWKjFD31` zq@@2B=hbz7fvFzuzU{9Adbgi{3mwmb?eO-(cV2z-jpqWtVh>wA0`?JeG1WEhdQy=AZ03}BvZV{=9zB87M8XmorP`by)kEkJoTcy_8Q~HnFH{P> z)v&Od;FD*0M9wLA>utXCTz_AHer~+}7NGySZSMJVcKkJYCi7^(DVQ<-O=;L?cNj@3ah?Eal992t!}CzKQw^HoRYEIaq$n*MOd}Nyj~_e z^&j|10XkP$xM!UY_rd`77%4AH;ri4>_zia!0rnl``^2}!GL#ODO59>95i+Cz%q0N6 zW_Ycq3!+nS90YVYdbj}bEa-RpvEz3kd+oDhd~I($-it6!xXzbZjOG+vfXz`EZ3;;L z%6F=l`6l7|ju+#K!CqZq@Bjt?jM@dZiuVYZ6p6gjH!&yDTR>VP!~K$nHgNAjuz8Te zu1aSC(h)Fw9nnt>OEvbr9A;E9nTu*KorPtb#aX1}9ZC=)NvsWov6NJ-Nv+~jV8x~2 zvE*u%V%icn_P)>Ku734xoC4kO`4)t3@3CF*!%>gNDbT@bdp9|16YAqpzSh+a~xrV25JZHRHfrNLhH1lkx&5t`8i7u&3GhD9FaSHmTt#1Tw>H8EM{qJs{ z=YozBZvHw=Si;NFJXsEf&RuEZVZn`1O^(Yl3d}0iWhN-EGQyGWmzNp_m1J2&Mc>C| z5->v@RjtPuh{b9tzWKpg^X;RPdjTD*B?PF0{y3y#bX zLI8ci?9ncXtX0bp;Ltn(3j;Hhu)M+M^eGjD7T{P8G!t^h>YRe<+ivM<-5QTJE!Ef_pkBa|N zl9rrrBFbTt@ENIKyMN$4Avd<|v9|7l$ z{XPYAQt)*^H-G&VLoM+rk+7dE{IbmRGU0SLh`mFnRaNT`JN#{13DYj1&bt?3r}1sq zdI`wqevRb-;0y*c%i+m&cw&0}x4E?_@^3YkaPznee*((NA*7FQ8?#veqz*vI;m^|&a%)|{-oGqh9 z0CZ_P_L{50v=V&AQaM*MPgmmyBK_3U4cs^R0>rbxw|B$(4nLpn^E@5;;@mDc4mB1V z_Ptd>(m6ID61miJDYoONfH_e~^Gt}V4!eVbC4jW5Rf1bmXmu>*%$unZ_U*F`Z@IY9S;u}@5st4Yj*p25-qQ1diWv^Bw>M&bj)QOG6W?KLnjLD>2l?A;lW zP_nQw9!WuxG!)VmNEnO^iZTkhN*+|q*GfDAGRI=mYQ?HQ=NExK1?X+u%nNWl3+8*S z@A;hQJB1F#93_6gz?=u6*tk2H8WNnb^+bs_FKLDa7$Tqe%2&IL9qFnD11?E|rIX~? z1uZo`!ENo{>y_s(Zjrs6Uko(e( z<#-l29ms~x3fHNjIFjwlT>`+BtjkB5W$6(32!Anb-9&Y%vbLof!m_i~%?}L-bRLlI zjQPq?V>gd_&v{kbJpXj)L~4G4`)f#Pn7B_8uVSfSpk-)r+OepNJfcqsG`Yd0#5_J7 zUhUAR3FM7JMBh=$&BMvlo|d5^`Gjafbc+(q5YPGg4sB^hf9i`ZZ{2R=0$is6OLN;F z@H`0kLgmvD$BKWaJYOG*Z3RHES{+geP|E1N%~AHPRaltpSlrA+x^4=0*ptNb=R_nR zFRAqh^R2UXAy+X+|EDiBRJYV0JR{12!&R2v*0-MQ-Yac$?=4vUzly^pP6r-99VLA| zcT$l{hmV^NF9*PRg!8e2Y_@vxD|88i433Hjwb;{|b5g4b@EjAt0KN%@Sq52%KQ94m z64>WfpoaGoq2K5A&hz+QFwHzJe(lFu7oCn2C~GGbcr=;=%K z5|(@k4BRn?`$34*KpRx)Mf|Ki@)&UdT$(MTPB==>9^QGJ`8COsSZcK~?c;u74rE19 zpV)4ECEFWOBY3W)Y`pAH9*!U>+WNz9$Gm&%jcDHgtJ@23J`3FZ*QCw@o+Erf=p6N1 z6CNBj7Te}BnO?~@06A)P@kk1GVX{P+qfwn;x5s=~w<*GMI?A(RK8fd&nM>-b)xLna zF!+O9a-J3l#;P|oeT!{ZH3viTbkO;@^XWGKr;z5socOULRDE>m0M1tU8CPdgUX zeCvUkPpk2Axy%o?e;+#v&KtXK<8!(HtgiBkQ=nGI|E}r&G`juY&Ce4ga6CSW4Mo64 zbScheD}ei<>ej0>_8gz7ElIE>%N7=#+8ywG8p%IOKnotTU6;iJ3*Ll5+ZH7P{gp`d zB*<%Ce~28-w2T+$&c)rHtB*O@%u|8*W;Nfh`@KkgiyAJnsFVU^A4@-q4sebjfu0)i z$moNh9|yQu6SwE_Ig0NJ)C6-|)CNZ^@w^&0N>T+O0aJ=f=jHV#?&<}IQ-B-$@f3*P zg>)8h3V5vMO-Y2s*3q>Km|IUxMvnkWb77GYa_1QKqkv;~sT&+f*jYm_Wl%MC2_QJ! zYnSU!zY@T=mh?d*%7XLjQs=RFAaY0S`zT-IxTl_*)_A9OT8@28d4OGBmxfs_skr&aSx__U z`)r;Ki%+P@L@Us)-1Cw4fx2IrDK1dS!B5|U&|o7CZ`Jv4x`3bugkbR z@@lFe#~VoB_sXcx8U;pQHTh|Q3-96jO9!}j9dw(*ynOMey@sa<(}H<@DZuLT40w?M zNJ+6BOL4hpXHtVs9PJ8y$o{Lpq}QL0UZ-G4zExQ&%Ilq^Qj<=o#pwEHt(>os_9cF( zVC)g(3PHP-XfPPQh`9EZO;o=K{#+E9(c?=~u%% z|6u!w91Wh^k(LpLwtVt*Ue+KDdlMEJPnFsJcdM zH^yEv(vF%evv=phD?9SY@#dV4D$U)x`woK_82q-=H}e8~I0Zz?-RFXjfNB2uegSel zS#BAYH?k{S7uKIz9eZbu&seVBUQDuuBk)_~St=#Vqd=e{;c28hd?9A$wcWn))}$^; zBB^MMWTpjbhYAdReDZJ2qI;_X_OfhSK<-v-8OD#uMMnQ)FT8{VeOasc1AB+4`@Fin zLO3G;Dsdc>8c~GZwb4L4vR3ZM1!L=}&jhLoTV1}3k%f4BVRDTIW1>}PMuXlsju+^uArU+&mY@JlNVR^uI@k+VMhk zz^LRch1Zl@g9`N?D8wA~ak(rtkjpvbaHRWaKH`psRsQIo76z}JzzgExg1N@3|Fo-b z-JYP~@4q$E0qG{6IgZ1OYc%L!`nh%CvW^Heq1za=S*x`pokWgH zYp?)MoGGG&eUlOuvzW`BI}!K-9I*;nfA$o_*Vr=RwqJnj6c~?ZL0|S41T=h3y6qc- z|7nZ)5;5VJEV91F0&FQ%uEj`vTk@k!Vebx6xzd+jv3l=Xa%S|23#xKq2Tq8cTZ8SV zhHV4cX{pP!OstMFVwlTdETA3n2}dA-F%l%jkBKiCT0CnHLVCd>J&4P!9~wH5iiNRO z6*s-8T%n%ZF9c9d*D_Em@}xUo!IPV3@JF%AO1_V#0>5fcc6rsUA5%}Z$0?g$z_lwinWi=|6?Ti}*fq(>HP6kVjj95%4R4Ecq zwgNn5Cn0>n^Jz5x0@S5H#?-`|%9>*KS%5aK2CfPJzutfPc8q7lJOUcb8~!+s(Wk>l zgS54ZCZ`@Lw3xCt04ZqoC8HCNZPpuyPhpb56-c9NRb`nul&l_=3tP5hl1IdK%qRl% zD(s+DlN9aYDEx+l*EJfJ_7wIy&sYF}N8nZB)i0J1T7aYA4^LkKnSN$5bFXgE z%D41i%wz0YjoquLHqvP$93y=ri@*MK+s|M4>fb{6M07tF;O&j5@ALDvQ)B+e#j^Li zP`jT;MyCK`+y=1`ucv@pb7q=ZbfH|vnIF43^+A<>II?bLLv1g96KZlOETcCIj_Ll) zT_l+WvU85B%0+`$U8einynRmrSFPS_5)E^>7ga@xK$PkzDGA6EPqsHnOf&Ge`0?6m zNF*%9Z2V3}YKxr7M)&3X#fnaW`}w$sU#9>kWqUiG1z{9}-mLl=G01Lml+mLnqY3~g zbrpPzKVYP`U{loupU8CMx>i|3`H~ZkHR7Yy6>wR6SrdF-Lyr+{1FGGuVL&d-$PDHT zOt~N66SEpX;xPo!y)5_)LmMZ`%b3XFd8tOqNS+hFMOGG9ILa6X=sYsAV7W7wi1_Xm zfXuqOZdz1*+wIDZh5bGS)7W}y;8lmd`X@&H2sk-mY2$qgra0LZ1e97=0P`7H9F#OM zss@XhHMe8LLd55IZR>^$UtqTE#h-e7#9%LBwJLcev`f&Y81A@XHSv7d>Js=XGy_2c zg2FKZ(M6I>1#OgphzfdW8!9NI27qCYag#mST4cdOKxkCDnhH zfHY^8sFptQBn-adfd*C{FfEbo#IGLMV`te#i65$?i{$l`3Jt3yd1el&s852?Y$i;G zgcabrY!?}s*H~x|@yS`pzC@>;BT23tABi;o-;d!NQQ!R8y10$UFGc4m@MFTwuj9~; zHsa}USn$3yhfY1Iq9OM^m2X>cZ78a`TY&0e)1Ghs&u_=^UHJLc67Th(A zyc!_c>>^#3=1kTVa4vSN36bFoSljVY1?bgoeZs11&HaLYvN5;Z>H4e~a*{ z$K;=L*~BN%l~>k^vA_wiM;Ws+^qtfWo&lp8&m7asRdwQ7!}iTj268=7a9kD`nDAN| zFv@Z5a0$mtgD>+G;8z{J(y)gM@bVkc_J8*_?(;R7&-~)Vr^&4Hb*Rr8P60crL<-MMOYxP&Ug!a^~*M_3&VRBOB^wJO*h8cRtymV{xxqizW1 zO#QA;GPs`5-%BQ$c``6Z2*c{@9GdgakonrtlUZ$f_?S~(P<2ITI#4Ue-BbCt7glo| z5kvs!Cq}l==I2P4O_)G+r)+Pp8 zoKfhZyO)ru8lYDNMoC*?T7>LavsB|D0EFifcjq)BcSZ@e7g}>F)@t(-7<9RSWIizv z;Bd$Yx!@G&HqM(l`X8s`JOy}b>brWMg1*V?1!->h{WQT-004edAiliN&Gu9UB3!mXoRjAzzoAm{-}&5ubT=aZFbOfsMHzy_}! zM;I>GSL6!|+BU-L97|sPnLBoMZ})2ayJ)s<0bZU3*WI4)JUB$hs4w08OSEosiOD*+ z&JD;;@a{N4l&I{Q6rtUFZlnWE*1&Z1`Ji+Qc4bU^hPVp2?ozu{=bm=BC#SSoFbF9R zp?@+L2oU(Bs0k!Vfs!PRJaTPUT_qQj&V7sU|#I^9^UtPz7);f`#J^sdx4|d=jmVzPLMBWqW3H8!m$^T?C3eq z?385_6gc-c=SS`VCd1^O^R9_uF*l|sQL%d-gmg)Kt-@Ev-B4Mcn^G-N~M0#I!(Aypm>2u9S6iN^;OOcC=$F;9 zixtx4Etgjkx>sC8(O7n- zASy7wjN_ZadVYP7V;M2=2=aCT zr@Jm(wm2ZfQWC}-JG#sQ*&U0cQGmB+0aph(csxq<4^7R3qXEJi+2oTo zlDZN}0QXmdw+Jd)Tii>L@@+Rm#6>~6Az=jPIWCXOSb!7LJn>=ujd_#T4D(rjSR#e5 zqFms*9045~b6MJ+mb62&!YQYIz+fR1^NpDyxyFz{pTs*1HxTBZ$We0pMx{@K2!V$MSV0dpTA0*f2Z9^`I8xq zu}=XKQGae;nNd2TIKq2Vw#Wjbp0q1U@zXBY<;d>x>gD(;7vl$jtU;9(Kxhgu6((T# zFehQGQfFDt&|APzzBvZN?HE)H7tCvM0ZnxU0uPMAP#UmV7!e(%c*(_%3b#n{(*hYX z9!U+!Gbm4izuxu{=zF{G;pZvPe{>u#Ir>6@CrFO{K+%Wx2{)$zHGx!(l|}t=adxMo z0x!mK-wGHkTDHM?34F8R124^cRdYrZ083lRvf~&&;|9s$WqVCT>&=3&8}BIN`?7j+ zE(v<(?T!k}U4h6VNmzstyp9(CmdN1}v}JDweA4cDP1NcKOkVH8a#bM~sc;Cr_6a&| zi57Lo_6=Nj^~bkkzVj4de@)%Fzha*clw?D3AY3MXR0QV-^c^;FB~mq^hz-t!cr3Q#97pLf&BQw&0zA1UPMCA-t2KuGFN zRy~X1)Wpi{^vh| zmSOlBz1*5-n#|L$Ty!p271hdWn!|Td7skSl^ z$VW7XB8NK?&Z8P45zMwC~~Y78tfBNX9vbfEFQ3BL|^5t{0>XH{Jj zl%1n@Y8+A3MoytFmt-@^Vo(9|WbrE(E0jI!cH|DQU=%ZY8sE0 zj|+_N6%Y?r9gZ$%H!cI1CC^@2PtMOGubxl7(nC(@pK+su^VC57Kw?RuQ5=rLf6Nu} zszBy~YCO}tEE(w11BNy#am@SDnkAT_Ar&Jq7vPg4(g(BV74FD-d{Y(l;1uXiK26JS z2khYj{k0LH zm)}K0xg0KUTxM3dBbTRRS@20mZ&u{eG6D?RvaHA<-$YCcdr+Y)WN=(%vG$W86WJ(1 z>$*{AFxS%3%1#SXaP%SEq|Bd_VK9d2jFB3gavIHm@_ve#zBAV;@Yi8=ET0aKZ^!(f zTWr|8_CH$Pj}lFAOy;098w;rVyHMzX1|To(K1+eTWCWO_sIYOUn4`e`iUQ=%k8mfm zk0gl zn9wA^OF$N(=lIAAs|e(vHm>HAyzThBO3Fs!Z$$X-W%hq5g17g%u~%E>v%pUc_xABD znD5uZ_(1Js4qd0|bdFl-jVNn-q@%OILg7;7Le{QNl6bys_PVN+TY&kg_LFjlfDGq_ zZN+HWg*kM7v0tHcL&KQDz;Nw$nnTLYibHZ;5LyqqY{&tMb z!f26mS>Y<3JN?AhJX{*-kL_TvT@zNIE)~Lc_`=fs$?SPw z>rEeb>MU3;g;$f~Bekqd;3>d*j2xb06<%)u%9e|x+)_{9^^(rDSPwXTDFz55-bPF$ zgM0M2MBTV5UuvF90CWm?yPg|6P6Us}c?#mM$@rJZ_-Az(=_nGNEc`?3ISAe45>we_ zDXiz25nws8GDQ_^ZPaJeS0gPly>cE~-?2`4ed$=~6>|WdzH1)_UYgCZGQ_J9F0~ZC zC`%_UBQ13qpTjudmVuArt|gX83w{+7DXhDrpHvGA012-UQbNwURK))Y{0f`6I0fk2 z9(B{6Uw*2MukQtIIbV2=%i-a_HPTt&`P%OV=PeYw164KWF^M7&P&L8F?#5K*r(#Pr zsdeAlYXI3QKVRFcV%R3c+MUwwgSK7#xny5Tu1hIjd2(OE!lYNa%>2*>B)V53QI;z& zd#xS#E8Gwoy!k@sCt)cAf>XAH6&tlh6c$s=kOyNft;MnxB9~ZLv7xGS3ed^X;XDg% zFF<@Rh-U%60>H}*Is(J+_|Nm_+woad)U$P#Fr5Ni+E{iZ0?l13Bstm3J{xq;M_?2u$f0KnO_4vLJ@67EJ`q5IMw z`QDh5r&f=kh?~ip5EEpVBq|_Nt0jeIcH&%ZrV`JM9Fo>10LVSA-Q)-=7j6*$TeE2X zcnWk6&oBJ(EZFmcRrGmxzP?bS=f{rYfHxu@jXG0Dn%1wB8*paVQe~;hu^pE?NK|k* za#S7GJvdv^btyf&G=Sw)B?%Bevm0Rz29Mb;i|sRMZAA-XjR0#*<;KuuFbKybc{O3p zRk!3!Jf&V<$}v~d3q@HAjLC24OPTaxsq`0$w7TDvG)F8Gd+G*X8~H zc_+V~1#0+w+mAyuH~csPaS-O16dPq&SWP_F8<8!Wn(Gi?)a|I=u+fqgo0O}(3GTVN z4uM`qhZ}GUgICnhYPo&F&_2o?7eR9=-6=_Gvme&6_yt&FS~5)}IIAvZPlR`Lt_n{j z5o!Vf515<+cKZOR@i1b$7VF+g{&} z@n5B#<2*9D01-g$zw^7#>%-gr%z0RR(E3(yG0st0Q~?`sdwgpkX8twZsLG^v{?{+x`W*c8=bsAv-4)22_O!ISx|_Mw9H)Rce4G&@ zIf>5iM*|-L@r)?8I;yxA`TX)y2h*!O&UGumM`yViaO)Tg?`(rc5ty>*v$Yyw9nl{V z-ZBRH8jG?`b(Sv6_}@OSuIt;SLcVoeJ;xBMrRtSvt%AnbG!-lGMtbtwSMHanuk}TdN35YrL9PVZt-=bnrT@oxw>ubm1 zhnIaf5jzIqZigyHi!jVI#DLKDm60ySN6OeZxOaA=hdf9@+vGA{M5kaI z70sEQ&)+t?^K}aRcL8s2MDTUz>;9iVmS*SoF{uXxoww6D(HAwYW#V~#6KiQhq`yzLUOf#8+) zoGY%A&Cr-bImTU;<65Rl)MlwQd4?Ngmk5GAW+I+TKV`@(RlUp$Hlgk1T&C-)Cyx&r zQcr&kcC9ShG`uyuO?d0lEZ?;t|obbII&ZF*Jg3@K=Mgw23 zKzwfjK!;`881FO15Z{gqb|UXfG4%ak-;NogmOlOq3TQr(Qj>3yU74BK{<8a1y#@GE zmEn>uJFdb(11!q`WR0HK<+QZR1uKg`0Q)j0xup435R#V{0MAi`bQI4z3Q(4V+?)eo zF9Dn+;Z6;oFi$V5tqDHmo3NZi9xSyrp1itfm32NZ%Xdz}yp8akB##500&eV`;GG9g zg!2@1CtpvNxXh)VA8$?buqd|YjvO`jz5Ob9lwy;ue3kO{?b9MoI-2=Jl3|Q3DL)qj zjtl_UFO0GuVusK|ardp{=!WT(TPUkpFcOVI9C1?7SF=DLq5QA7|kirF@ORfC09BkoEWZ+YFdAT@g zH$PUPzrm4$9U1xx5gHnRKq?@35OK#4Q~3IWhUYyTKV#xWoj+-!jiRT~1)?|NJwd+L3?${QVW^ zF2()1yVRfVNjC7^tKG(Ujj2fqj$cYiB>)=UBgn-(K`V+LIX6g^A16{K*|Z5onZ{x7t?9@i|1sU%s67DcTh}h=}ru}MyO)-DS{^%8$m&A)oocF5iADJ!Va}mDq zy~7Pj8T&K;>{(;)-PpASBP=Zaw`>*Y@vrINbyb*c0M6cyWy9$ks!0vvDJkTo-3bJzEL+w^8vZMm zR+R;D7SBo4>R<2z&(HYc#+7j|uUz_a{__RNt$Fbp0S~+Tfm@tA`)@K&&6lKFx>s3w zJR|Pki12`zLh<*{Bm@;KbNFeDoyJbFA(dn!$M>KPyDUC}1mJ z-`P0)*3DnMwF=BVYNJ~Nd}nK3qcC^XJaaKV`CTiomL=y`7AIawWw643Jj!1pJ|o8c4lW&flk>|o9jDP+VH+;-^41}T@szsw^d zQoeakjB_V~|lJ^Al?Hx!(OZz*|m#M9Qld$Y&^8~Tr zvhzZozK>r@k1CnXlWGRcGnbm%=t%%@RQYHCcnRgZ50{sn(qZ=ls0)STjL@DdR@2(+ z!gP)!z+SLicwjs}nZL$6%Ee&&52Fvio~_bsw&DQ;o@IKXP4!;O`^I3lXD&}m-wL8` zm;SSc>XT6N#M`1+AH9@mXUBP^gV&F{rDy9SE@1#`Y_1Nbd{8Mm^R0tV#XV-PyLmo7Yp0pxR^X_JHx2sElBC8<>X^go~hQ*PcEKb>Ves@@t#ceyS>Mxdf?S zkB2;!y^ODQX6^%PMMF2YR=U2+wt|{O7hu`j;QlH_Et!>vP+eh01&JhMn8`K zj%`#Tiqf19cflC-sj@jlvJ771QvggD&Q zs7zrCg5vl1wsZ?S#G?*p#|8=0EEgmdz8iFmt(-sjya)piTxPDFGGU3Y&vgo#v+d!c zipeoJ3%PImQ3}Lj#7jx=hwQiQAR&qaRjX|`wAFrERTn8EAt!eTL#8{o632q&IXbSR zJTYc-#KfqiSraO8bYs9^yP0hP^0H%f$JxzSj1_J~^lI<&*2k-#;(o#7xGxxYop*LD zt6X~*anXw0+^}1%C(m9QUnF?{Qkt~I&?HdaA*QS6QeB7QaBSbu3~hx32`s@jtJ^Z7V{KflYI1< zdOQoVj7|Q12RH2 zR1;`8l>~F|zQjyuRU=>UydZHYsQ4)rdfj{1xhIFb+8s0oVZ;m5QK}Q#cjDG=f(JjR&s-rI&@uq-+-rWG0=cgX zVCa*BO%VqG{N_jv6AN>X(7@Lwuf~fGp$1fEFEJ*ZEE=bv|=J+zVq^+Brv` zWVzT^6Sr1*DCRh*?cs}98gXjwQ^1?j@Q+ud)8yHB-~RcJYN~u+{;3kpj#NESy)Gbs zAJaylq&)bpFt_ZFe~SENfq!c8+po0?d1SmDG!{$#S2jA!c#Z>ebiUZySib$=)5U)r zcl|ea*Cmm_<3E>+G5^ClJMur)Qxt~-APIL#|2f{ZN`U^$J}}(l_^zY=GecOK0e}k@ z@=OSqDpB2zrmEBbY;u%z?Yh0tK1C)TMK*0~Z~;@EvOWL+Kh-`hu@M=|Y==>?T$W?? z0~Jg6SS5*aaYWmj91(@-C22tDTZ!=S?Oot0sH(d7m~@jDAWwn7?tgmWbm)xKYTLO% ziU=iNkI?M#7Vi?BIlkgQ`L6vzvP%=_z8rjR766|{t9qZzmPP%$XfB}c{8Q(B>CM+g zYyodI2+>L+sTB6E;VsPriN1Q29n2T9FNJ>r=y)DpW)9y1e4#v-cn?I%kvKvS`LLVc zN@^Ee`R(w2+Opt}Q?LhwUorF@VcdBrdj9-hoT%(d(s^KMaUuigtsDzm&Z|?a7GETn z5iS@3d(P$3^+~+v7r&yUY($4Vj%KsFEvW(Ns|fIoQ-H#9S(a|)#nTDr%7&B+@>;j$kRyWx@_f@)Oq=Z5lheU zD2oYE=QnaQAoNqfCwn@pT}^VVHdnJso9I&Tu(T z@vuYrg>gF9V`wDq`09&c#uCrB+`U+ zU{(Jqc=Wcmz5LtlJz4H9nXE7T~Mjf+db}~C_tP7F6~=uzOsfFHnDtH8!AwmE&G}yQy5F6 zCY`=rK%x~O-piiHHP+fhYYPQTUh8D3K4}Pkk%ZNjU~1?1*m!Lg(p2%scD@1 z4CXcVrx~ndXwfrINk=b@%jJ02L?Sbd_u+nu1w-jxjFZnp^| z*{wfTv+@;DM(@t(k z+FT^YiLCMjgGb=Ts6;Llj7R;&VDg@*CP!xqnIuGNi6mmUk%FZ*R~2!4NhyGh8YJn8 zSoqn6zNJKkr=RsMT7Y;KaH-yZqW|r_t4-){#}yqPm6VsZUlUZ|Gk_aG_X;pu;%lCcQ-9U%{5rtD>-3EUPikUzzlz}s^nR(ndS89i_6hr8 zjz0t>XBNTsG@9)>x$r!6lY+s(>xEg-;Jgh-~Yzr zyi?6xsH&|mUnB1;8PIRoQ=6A+B6%cCuzAuLcx(+yw|XwGxLka6=8JoV8}~ySEFl9a zERU98Ii45(jbb~0&O%-G&AfZQwkb}*d`H86-McpZFC!lAc?!0l)vlF=MS618EiY4f zvL)u4e?i+zs!V#V{kbYj(&jvQYL2BG6Mz(S3Uue;4S()7T}*$@8;<@>0^f+-RFPB) z>p8?Lg;auhmUmYN5BDXRaErmEk#m{RFC><@gQ1E7Udd&=G2wpg<_gf^V%#@*-i5jI zxaK{<-R3$4+LzfBY#BGp??}5}I0bjUmvUXU$ePcmU1YBsE<E_H>C#L`^C#g4~i z1Tr~jslkAYT$iT(!ab?B{+2paWq18m*x7=k|6^0euD?pamxX=cG9orzBkJQNmRE_? zC6*GvITT9p4HH8a7Bzg|5p0dJhKvJQOW*`@MsCVzcnK8tI}yoy2{c}9cf{QV_i)vm z<;A{Sr@#+leqZZ-0UphdE#pDJDL9f%4K%6>*d9-)N`k$Xe80Ag4w0PHM7g$f;j^;(kr7pnvMl>DH2RC~@Hw%t< zvg8JJM12^2E?d>e!|FS1Fu4R5@Z5GpIcXUhJQo{~)_^0R_Ze*HhA{X9kbg*^Y88SR zj*s&-^{Tq4#z zO3bzI4v~0rBCZ^51oHL7^^*5-91#w7R3=BA0@QXZj2HW=_H_!hLA?>i$f*6o?F&C; zkDgUtlD_=7IGYIY=9#26_gFn#0-w2aE|R?L(6X0c)@_VC2d$05FW~jYICzr-j7!vi zD#^z&ZzF8=Dk&e$W6#I*Y}WTU1tVt3Au{T~T^RdszyI>UB!2$c zHnz?IA9c%$nSb7^i?FJJ=pg?hRxgb^@H@hOjRJ$P#^oQWtuWXyXNdG2aEr8;x~mAM z;C%noH!rktj|Ip#qVsPG3J{-pm6~Tn8;iDl8S%_(jjn1<3Zu&dFm_j?*+yZjJd5D1$LI@5j~OM2Pf@1dRJT^ z-^Zvwyo#_Y*}Jee9PR>6M*)sg!0p(*828*SEFBxf16a}hLH*B>RT@ms>mvX!agcM# z7#KZjk2c~UUwIIB!+}Jh$#7jtNtY3GMFg8Uc?npMz;WvTp_qKJjN0lxQ=5g|saL6D zxRqyPXpStZ&+AXUqOh=2lb+9cth3N+;qqs{c;F9?43=sYf6C?8Z~Y>ae-MQLAq_y3 zx@?$Af%l~fUE$#FrHYF`6{Y47V780LV5q&QaEY3eKX$pO^lWAG^HN(-fb$f*Y+1k7 z_P%WY<7lK#96D-4+q{kM;w9J{QHgNBuxnA(W;h!%E#M~)HbOEO8a;rB*EsmqaIKz~ zPuLX{dolHoKF3Xlubo{_KB;+|YNYDSYIl)SSk55{mKo71!1tJCoXaXg>#Pnx+q*7% zX-Fz!{XzHor2L=uzV=F%95;5o7*qDY%#b&-<5?gp^#TY)Fi2)qSKqmNG_&eHb#jp) zJ_7)mS>1P*Ok!x7gs(8`C3-)+R0At!YniAqk%eWaqy6KE)^>VzY$~<7?L=4+B!!>c z%(cVt0jYW$0x<#(}rst;>bx-?5nkR5-R=2~jux$UkPv+P)D!3aX)bc~CJ zIu&h`iLCJ2g>M-^CVOPcB{17Kx&NTs3wa2{6rfnD)RHgGj8AN0oS^c{x^#r) z*K@(f^R2`vGXYEHxIJXbW;^1Q!jze78z)_>^tE4??#_SjdTDiP>Dr1z>}DB^@CSwi zESsEon%M+p*3|`q{Z(-xMouj`Fn5}m4nEbP!hN1$JI;EJYE#uT`vEi@Ihxzfmo$yw zx^8vcuz%piori#%d+s-o39S&ZfOYYQ_!pP zyi|podKHJabtMhma@x_J-pTAVXDP*+W=2-5Ta~YvwjeqI9J*C(fhx3PQ_J3ZE#&sBH+SnvNi6~j)7*=d;#o1`aBE#VeF1FTCh z#B@6ZwkepuCS{-F>}JoiC@u|{XMrk!j%U?KVQg{cqYLA2^ipQCaIDJ9l26WVkc~0; zx1GgFNx4|73X+xOm3C4FF^qt%sT(PVtMK!GNleNb#ZR9^jz zO%=;&ZvE5VVSxz8fBgd>8|Q~_O1af*YtlIE4@fN&U*a`Zj%t$a07x^iye=7J!F=Po z60wnXv9x#_Dr@P9$=LE*poPuy7`LD|VXbZ{JXv5aj=%BO^JHVFXQAFw)|tyO(H~Uo z1=<3W(=8H(_h0^w$Q+F-UNGk=!p|yuz61pE^QWBZGaR{I0+(<~@=0cJmMNl|7MR`Q zsO_Q1qAWWIfS*0`tx^h-y7Ug??AV!wt(j{UAh4YU3;*ta9t}DmRKb}e=o%;x3?@0x zG~*O3mYJ}{&)dwX9JNedZDb<^W189o!p^~er}83xSXf#ugInUyFB81^958~eP6Omdx|&+*<_((dvSo*y`F(I}pez*q&F{$k0NcAhCV5@j$yh=3o}B z*B|Uf_(8rr1gl}XON+ZtlQUYT*w0SQ1U>qCwLQJSAe8+u z7RA}4;w@5B^Yi@GqtQGIvHw*O{R2$>1DxU$oC!dnIbiyAn!M%aS+K?rVV}sKe!py+ zRKl&ZCT9SQeum#oSWCnf7FhHV>c8b+gb3#Gr(%$ia;Fj;cA(3p1xxn;j5}sJ;uZ4R zY6$gg$hV7d?ycUbxyhSY{ja%L+mwc)W&9_L8RVIx z(pkZG0BAF8p#*<+oe+Z0zl`lUF(XMck_?sPW<3@w_8f)#kA18G-Q% zKz@rLE#^Oa|6jXM3o!j+LM%S3pJNvq0l8pma}{&>O^#wEJ_s;U5_CbjVFcM{v%|>^uo_20&y8#n6tS1J0%AP?guV3g-S9r`qKP6Q)Uz zyZmNt59#HSBZ*q9_&@Q&cw}ewQX4$0&{NR(6Xfgd81Dr-1y~vtYi(RT3#eD=GSmrp zj|3_6$GKaK{0cQ>yvi}b1o2%D!n9y(+!pWvyv-L7c>F_3xfu1{wHDpDArc!$5159F zwS(!K4Xh%73W?LInH}U|P_MCF0Xg<4Xz>GgX^?(z&O;#(VMH=?GP&BE z48BbHLwVg&tP*dIZ%;>(f8g7oBLN|Ul-~ldDJzoGT1KNHQ8~tGaDX8ZRx?-kaxdZ) z0&y11XtXffp0yBNWg=Zy7ich1cy-$`Z`-~z?WKu-Z$B_`4&FbNpqld#;F*F|zTzFa z9Ft@+RB`~sLBGq4Bqkm3=s$J;{z3jjVO!3hBTtlUF+thh&*UPD0w80W)t4p1YF_B2P)cH}g zD7X7oy}cC$0{0YHrMDyge*{cXWTeIcx)p$Ym21+Br*GLj|Lkvu&#k+YazjEF0{EE* ziw9SlrDUzP7Yf5Z{Z7;B`)A1Tr-YO4fOCoJ!->_|@H-3oA_w{MFq(9<1#LJ83YZ0k zI#sLfH3EZYA}5f z*RliMfsx_u5qb&Tf+_G1=*gv#A)g$ItyOpLB}uH7ZX-D*?rGvsKmd~9kECE+iftJ( zDX>D~^* zolM-GuMAt3Et57KM&@YAA+ir?&48G&mz$$;b5hHxwLmyp5dN6In?b zTh_M(u3d3BxXZM*_7_?hMzVT1}rJjpOf(DlUX!ECf_$8)0vABVxB#Q3gyM z0T`1xFZet*u&<A%3T!k4kY>YJ{QJ`aTRN0azQUMb_NB3D=8Fi4`5+&{ zrGBe4lS`+4b{(}~M<2#^T)PVHu%5fw^YhjYQJ{N=r#Q4MTl0KG7z{2UMO|f1Rn2oo}B%aK@Pf!c| z#1s&>)#?p(7iGh?I9;8RhlR~iM@S9ToZSG%D1(>2w@2nEW~{sD&B*zuaywdlvroPxdcqiSmt zTMxHWAO~ZjQ$Qqqi^MKXaEJpoYWx(lL#-Q4%35mZ{DecaN0PAjbvW%eX}GiQ=0)JJ ztLw<riJnJ#ZbY?IN5I%NBsN|FUVw<9eiGWQ`$>QQkf=)6BJH{ zq-EZe-*$8e`<5}JS#ll&V>8g;h;^Kxi2wk>&ki793_R!9-TR-x})N@iR}WFs*K`O!h{+fD}rVRqGslj=_1_xVaIWfq@!(luVxsIfvZ$J zb60|pxtI1TsFU@~gQ0-HeirD9yW0Fwo%I&5?O=U0K-Xa#G2>86{Xvg;vjx<+WnKho z@T71)o`ol;%qlx^=?oc1ywhR~O)l7d}v{`x|0A+S^?*K>- zC%2{)W`q%Ex$vj$tdOJ#fl0@bw2;^HEN;yE5y+4I?sgv2JAVqa9I3LCc=}4({npVY z><83<7eB@)ksL`)U)?%)(!8Z#bCSpo1)+*cKVLS6v3C`B@CR67_mxq%CAa=Iw3ur4jLAd$J@^0bVg;zT82G16j+fM z|4eY5#RPL*Ypdajpts;TudibQ1)4~9%f-xiRD~5-hYdXO!;KV6+_Blr2%bN-Q|T~~ zHojJM`-k43y#$rbh4y?1z^q+V039ub%T6QATgC%{?N;Hj|5ttYOlikqPaWG=rK1=c z-fZUC?R%@Kr<&&}s6DE+x-R=BHWn(=C=D@WvgMtT#MJ>aHebnS%u6OJV#`Bxc6Lq0 zV`+hA;f};kZ4-8u1tP4LCLb!BR#rjj)7r?B+3o;Q;15XGF9HVMISW{z5-5J0-5bcx zMSc^y%z`mvm0L>PQnw#hz^q%f8EMuFw6j33;s;GwUD_5#W`E{cE`&^}?Ni_YV4OdU zFm)+|RquY5tdJPLuZq*rZV^&mTClVBa06Z-^Kay?DOg(*D>6@0^O!VW8KGoVH5ey= zD?)n@*o{CT48A(;)a|8{>8x$goF*0s?RxCni|SIYTVU*`HS-k!Yn@kWku&krLdQ_6 zHYg+H7=Laf$7a$)q5hu})=#7x$SW^mxc9&UA@X$qRVIhGHzAg4Rn{gEr>3vbAX9^5 zzKwL^Z9}UqlN{5=lN{cXzOV2F0savD&$&5vmA=Bp`J}9UU;X;;V906LO$LL zMk}_aT4r)Q6dPhRx_k>Cp%*<{)aK7W$IFEu7W+YW59E57ZAozAsi>Hwj*ve z*IB@)pz~P>!a5p)fbqkfZyEFS4}oROfh~jQEHBB&nkpUGr+lFl1_uWk&#Pr<_R+YR zRm0Z0VH79mxY? zva@84jnR40IOMG&B2xfFK(gP3aTR)tz&}H4W?p->g=?umrWe^~Y|Q;RqYjcOvwI)j zjsc?^a<}Z`H*K(7JJ*Q-?*i1laNg6goY zsQhWCbe-49rSo!B6hQ0dPjzxzL(Kdsu^norz@AK9wkw4BW4I0%%WMuBW0Njj;Ckya zJX~#O;C1dDuw$vn|)4nGRmnKJ(EsvNDp35T5pj*EEUaCB*UZ<@Gmjt&_cJm76U!_E$z#*h)=zg`E3 zXPgV1kp(XVv|8tNTbL?uC&fhacZwRvSYx!dpcY(^?=P|IZ#G^r}Yy7Wh+= z{Ky4_*S{9;r6no9iz8ipDa4=oLY1lAULY?c@aq|@7|b^jOc)PTwHHm3*DVBM3M{~) zaCaIe->m(2?=TD9Edcus;%Kvq9G&SR2 z`I4lV32CjRRW;Y1SwY>zR%&ad$OiOQ5pV8=1;WQ7uA1&8h{c61Q7t+Ek0Ja>OkS4wzwQ)fBFq zzc5rV4sS(uSfC<co_vqZEDYJ%Tdr8pofwux3wpL0ie`GK%+ zN$={6JkeN~bfyMm5n%xl;%8jw*`B}ZO8K(MPsgyZbx6Cf5eP@8H7VYvCL;>;nZhdU zv%oeUkmD>^eAiCJD&bYlu59J*NFs%WrxJh2$YpH{47;r9Glk$SjY}obusoQ=d3jG= zSs3|!R~%ntLMwAoJf#>$#*0^FaAn#YK*W9~{zA1k7WF@vd*{0fQ=sKK0?Qza)>1aW zNvBNH8|+*q$a^{~DXda4g#A2I!=N9>GqF)VbQ8d|NqS`@gj0q^Tv5@iB(b`TbUFx1 zt(({`8UouC#AcO>dQxTiN*#rRu01Zm9Rs5ho|Y^EOX5E$24W-D@=)A#X-DoRaosLq zg+b0(NG9Axbw-gf*zbKCDqDdlDftWkb0^`9JPpD~7Ra*Z6pGlHH>68Ol7xErV3JQl zSK3*+1S;V&$LjI=fN1@j-?DER6E2V%Abl+)DW86u<0_Zd{>et-k}-)Y9Qe<3DFku~ z^u=B8PV38xZhj8PI^Syw7HA#P1eqx~RA-IV{6K*65NINeoE%Gr7SxHr21}SS8YL+U zCG3zGWGqcy;PfZMI4o>N!a^y|6Hz1I-zVhv60xzwSJT9t?+C4uAgAk%?)X7C3H-^3QH?Z2? z^_5ZY=Q#zvHFeM9yj~T7h5Xg$&@j$k8hAS@(9XJOg-6L*%HW+5!8ugY8YSDH&5~Hx zY;3uCSYqXQsy)KXx{)CiAu;7g+BGn};Roj#g+zPm3<8@MK z&Y8Plbnqrt|y<@vL8QA2N$R`e$?u`J;fyB!!MN^ow2uQ|5tl#94snAuB{5uNVF zy9&7xX%N)g5V)qGO?4Xfa145XdH#M9A^msT883V5{iUce4l6|xro)|xfq(jZTH6bRN{ zhRU$zH^aE;$)bbbGBQ4golFfhZ>jF9RBF|qUNz$aIP&tBRi zmzFS{#&cfxg0yh+9wKaK5bAb-x zFd%nq%f4^hi`&Mb&IokmD}|1KmTbXEU8bnGoVGRAdgUtw29w(wwep%nt5$0VW-^NrxSOZtCvojXf|uP(kmo-qzMln!Jj>LR!ii`t&V~BFE2v-SxFr~~B46kc zDDk(v9BmSo1VMVgP91k76v(I3w~~W!t3z>BJgw1!WR~ka48W^yAJ}!vTI6+m zM#Ba}a>x9LL&=*16n`y-xuuwd%qhOnVpkdadYjI12>V^3F6@Y&-t}gb*k# zg3llmjU&{)os4AXuwSc2(!^7l?00ZTE<*7NIu*xJBAvB_-mCG(vAQenbvZePHk~ILV90uwxh-$&{dyn7Kl6_gjfsh zE%j>LXK__w{)73Pf^nKb9<*X+R4Y5>3qG4_+9u`GRLC2vw3(KfGFKNYX_<7}KNWk4 zAyIdQ2YDHpXcc^gge87LEF+wFm{eam1!&;;G`t#wg8G_*sZq;sonM^Utj5~$Uk`w( zpPvH(K(xSj6=pw~fAs2d=vkDo3*^J%&+YdS_`@f1?=$LcxB4{&@kGS(%>z|buy(dn z%m!<+LS^I2yQWDG0G8KT^FnKLYMCLTg&e>s6Jf6~@tMlLK7v|6CmCZjX6VRR3?szhnU-zqu-1cEJijwglO@7Q=1O_Xg zh}!I3jwP?i-D$J*8VU&1hn7jll_eON;VZ|!eG-U{k|~PiQ=B*@3_3sNka&gLi1lBU zSbbF3JTH=h%>C(jDzzrIig2k_Mu1`|JVA!~7Rm50=w8>QoL;MD7Ev}is)OO?v2nYXcHEtgrft51bHljd&s?^5fg|y23Z$Y_dxhr;R_^oJt&zDb2#VrM@}11* z^1HPO#!(%_w=kset#We?FK=&&iLW3QN^Mz7R~x6K=n@tJC;dt$`SX&ZQ=0*7VSHf! zkca)WbFVf&N^|e_%q8O-{)Ndce{*c7Bk2z8zU6I(iolL3Xn3KrZ}mO$w$}DDovFwj z$<1MGulSDq4Pu|kIE5nG+B-t=+*+CDpQNFV7lFF^MPLt%_B&4Qu~+q#izE4%px^1e z2Q76)Ej1bsGM^WP);4)&v^D?j!Zn(u!;Z>i#Z#UhL(2jnM8|)sx|y|fPr;IhVvo;J zH3p-QXdlqk(|!j)t)aJ&78IqmS(u8`8q*w_Hf?8IR8shOT8)ed8g%uW&>!$fYn(zw zS|+rlASJUK6jqn|5g1_{CL^zF8>gDwhU0%K1j~=IkPTUO1Oew95HuPN30g>YbTq?e3N!j z?0UEF;1SsJH4gw!zLaeAMx{{cKl%#4EB)110t6i9du9C)l^vDv;|K9PO@W0s#g%6J zN`qW7hYef~9T=L6K)XR9L-xsv@ z99dol3&ZkjMcryfjwd2nu=gQ`PpvDFz~@k0k!Ta6z~U>m=BNGH126tUQn_Syv&}}n zRbMpE$&p|1y`#RAIn?`h8j?%o4AjE5UD#%Y(J(UX*%ig?G&|IhIq9`mP#`du*Round%_iS? z+Sj;f*QAYhh14FGOhi~_9T@0#Iu`nN34~ahO5=wq$5}@9be4-f@x`}y>+X`Yxm^!n z6)+>@=D+M~by+Y+jz+O>p~%leB9?EcEqM??0~}tP$ep&AuzH*YX<0awu3oDdJRSYd zKlcCV8BG2B90>gJ$A8Q-K<^>0xUele19SF_(C#DtAOHN1!{*QJcM-_HW9bs~pvCzD zgZaDTt`4i<2~wGK7W72aQ$z)W>(A#60`qUpdM7z{=EAe5V1VV`GCK_SaFpx^ z`up~M7vdIF*K-PHK;paEdFfys>q=8U1^TEug?}}6;JbUtP8g+*3p%!+n)k`T_Ej3y?YovK)UFDBAPMbu;>|SwyCeZ zyzhaZRaZgh?+k)&pQoU=ua-oyST7y{u3Zs7Q}A_v8voi}{Ou5FgIV2BaZ{U7JZZ;0^A6#mu%GX>s)falrv zy(x()Y@-YS62HUi^|RIdh8{ald%qoAQ$T^J&XkOtjsH`i zuL}hHXV34>pB>&H$2e@~h50{I@H>7Xr4zZ&;@)%C&Qtr(izx`n7@0KkvrTQf-!wqh;{_Ma*EO;ZqCjT*S29+1zsV{cP4GOf;2ps)IGGW={) z9}I%d;(i3Gtz-KL)tCYZq}b0Cd;s$M$06@U1%CCsn;!&`Kh6Sf^6RP96=A(r5zExi zHud#3HB(T{PgJ`EIScA}eJ?%pBEWw@{u<=ZrhvZ@_V0x?4pobD3N$IPJLULnrTkL` zg7Sa<$8&<N}zSp|#`~s&@-M18j zU#(t9Zk^Bm=Tco)jvso5%Huyt_yp2dE)Jmb_R-fXJ0J4X{)Z~>#kStA&A&elb?-lL z81Dt(_p5YI4Uguy&O?-pe7`^$D&PAs^~nSc4t}tD@bBBtv3e!!x>Iy#&-X1F+qRPq zJGPy4Y}>YNJ0070@`-JyW81cq)88M?_>XbU823Kir@LQjjJo-MMvyra;+be800g{`2jZo7UbRn}CF=pGaXS1Zl zzk~f7p2LD*%HCbN4+j~Djyll=cS!eDG4Q*My8-XGR+3Gt%Y^Urrx``?U-;qRrI74a zlRGU+p$qiLxT6P;+_yFG7E$Smy*YiXZ$&RL*@bt(SX$@98&fy3g6ojhOrtIA*iRT< zdb+C5M?S}#)2Bj-wye&%(*}dX;nShkWR@U<#DZB2=6CX`4eXB$!Y1P>gwjO zBF&A!HvoG7X~qrv0yzJuo@(O4J3^auI<@{qT9{oC$&smoSrh1U{W+ncKH5gX5rzRY z2&v)s_wy3|o<+bN%U7L+;kJO1Td!oVi-f<2I_dx{qq(cKxsvry=sDB`xr@F>oRb!+ zQL|6WKZwbY_HLYot#-=b+<9>8_Q%2}z7#dYd&fRCuMWW4R>HvB+4Aw&cN7!X$q2&E zEIr&TL{g<0`gmow8-f0K)@q^QpnA>qq{8xk_oEb;_ImrY)buxo@CVsFh6-KkcESJn zJomDpT{Gi=Z3bld$&7#&yq`J6iHp^uQMu|-`QdVMcx19H+_Rl>qdYxPp7;@f&hEYT z0H)NkwxV7Xs~}v7XJ=H-vjShU`#q8C?0=6z0?Vi<*M9hpn(f~@@ApB*x^R;E!%8*V zbwZ>ADKMU9CRIu*{aK#|Ym6%bea~8%4g_-gnu7$O-N;N*G06KpA4bL9_MR~c8BGjc z(=^+vBgk%1z(01%yoDd%kFOo2#eQ>IcekmaJI;)mhR$UL(uzl^1ZV=p#Ip3(N_4>^ zpk}?)T_80RvEMO79ChcK_9OkuMCtiJUhdLr{9-7+wp8}qb@bAw=Q?-L7lz7d`Q4^= zyW$uQLZT;o@?|lhXM9Z*|`$8Umt>9%HiM-r;pr>_JhF+wT1R2TG~pjd{2& zz#d>(*(Pz934c0h*}oTK%-Qp!#>BSb1o0=!Wn=>x{B-d8P@M3+9Kz^)fEC%F!PM<~ zIul8YFfa3xZd!jaFDo9u(DLQ%S-jyw<^ZV!4J?5|uJJhco;bXE*g3HIQ| zISjd^O+k$^?AZ8i|GP62qU8b%21$4pKn6}UNv?|@XE3vP{YONFUTLtg238C{#JGf| zLV4(gu2f<>XcEk0${8V?awq4&hKqbepjhCK{Mh<>6y%gBHuxuE_TBWAEjN;V6ZSEU zXT_}i%)8nLCZK)qU4uc6+a=H%vd`OXjy0oSrS5MKL|vD3HN#=HIFn5iMs^j{!$?x^ zMXswQW-%4oTvOQ{)gp)Rw>amO?l-S_&B=WPqQU1Ml|WXA-acc;}R%akCNOPM4K zoWj&nUSVYNVSwdF%6N3Bb1o;g)iJwuHh%!p7@rKpR@QB^l6m#?lEnB?Hlr(&RXMh= zbhuKgKdvCE@i~)kKJ>ZX={G~QvjuMKD|P>X<~-2x`e`HV1Yx!$Dp%yBE*;=2N7h50 z-BX^B4&r}dN)ZrB7{56@HQPQCYb%?AEk?)#%A2#9x|N*}QN8-6BI8olWl zuF(YI66VBi&C4&lPA4SnsV0(Tm=&^8my`Z2D)q{HsVo*cXXo1%d{2o*kK9)c9QWH} z`t%Et44_jCz(E-8!L%<{zDCX7SG?tdD$djl zy;99CcRcLqg;#&s9h|$yDlclgyseBr_$fDj+&S}Y+r07&w6$)>zCO-b z|8iof?PKhT_{%xk`6Iq#*M0ljzmH)_vO(~Ib3vcovcbKE%p zzGE{OzO2AN&voHwX6Vmc>!-9E$={28<{$natfP8-`%~+y!0+wgqqi~^yy15qi(bkb zoacj;<4Ey7)ioink`-7TpOPUxGQaIEgIPfERecovWFA z=tDsP{LrI%B3G;mDW_p&Tir!bk;>`zbh5cr+cdKPqQle_ z>Fs4ZjTdkOu7*7at1m#f2R)H9?Bc8I$;Yu*kp2E-_E{$6Rlqtx=yL+*`&CF9ePsat z&YPS4+VG|>8+`sur}oNYCW?(lwX_C(vj?i3Klg$MN3Ikj{d+eV>{^MX3k+DGUsrSt6e4;A z5W>l$xY9eJ5@YkiV{K*Y0S(+;Sc>ET)5dLTr>+TB6X=9@@?P#PX9XNI20?a7VR2c{ zY!J73Uw0}+Q7`c%3?oaM!XrgvOEL!Rq}0ohY7&()S$~$n%h`=Ihpcc|F|}YWhdS?F zKXoojJs3k{D+@UAnIS8%2SX)M{UG7{6t({E_L}U&w!uX;;B`le6^xSHckIyKCp4hl z(*q-z5bd2JPrmh85W zUOw>oo2=A!N4&G4Y84jDR=QlU$e05Hquxd`d#ubPxMRPetyS0C{+~KDmRbYe{y@&Xb}K~4VUo(v#o%P z5eY>;i{bRyIh-0aZdanSfBYW-hQNsS~aR{(l_?wT0dVqO(!^?6}P^t!8jLW+8Zgw zejH(TKULm%!Cnm^serLc+dqIziu5bHB(*om-$XSRy@$YuI{S^5{T? z?#2svqezbbm?}fz(&RSgq1bS7I499`l%_f?Y|RBrXM@MQ;6D@cui1w5{vknkCE6SV z`ot02R`168OvO>51gJE&5f2M|8$`w-X{*Ug93%2GcytoQlG}Y>@|qZZ{N@Qwc1`RK z*{*s*L#hv*BQK*kmVcpjv-$fA8XSBg;Keq^VsHDs)7u3x1loZNn%3aVi%m z{aU1Vsz^}_AmiM#N}5wcS|2dueK|y{+bx~>yW3N1WfkhuvMkWi0hbzRBBeBM)=u2vJY;0jiE^ z>hc1J{6+vH@>VZZmf@IW2Gf}2+p?+!aV;R5x8*|1R(z^2h!Uu$Brl<-l!$tWB=%}2 zi9iOG%Z|vJlR*zWYljT}^)G{&TOf`HNN%@}SZ*<4R_wfa{9M?NEYnXQ{$4$HohakTae%_uWs1EpdxeTIONuWu$6d2dRwp9;UI zbE$4`D=y>WL_J2#GpBxOULjsu&{J9YAyANuJ+Ex9gkkpBh={b>6#QI~*KPl;f*qau=^4jiILa9aV6zsoav$u;P}_FG+zwd;Mhz1>a_*)evq?(&6W>E{xML7Lbv>@+ zgO$P-HU1jH11yDjb*S=zd1oNjsh0XCrpl8bcf}9lzz61m_bCgrW}$2z$`4YLZx<@h zL#g^2^+6OSHJa?tSTXm`0U12^U#dIL!*OkgkI05}MHXL*eHX1MHsIMOs ziGZ?~m)#`bI=lo14@tGujam&7y}bVmysxV6D=~oA@UW}wiO}w1?IyqB@9I!m(eDY9 z;bTD;lf8vRkp0CF1LQ_bJS?bwQxgewlMbRkJ)?(yKoHoo=Z^DA#siM1CDZ)O2kv`O zUTkAo!8Md6_swWboY3uif(yKRP0Gq>y;cgkJG3a0|A`6S*8ldd+*6TvwV4~Po+>*e zC*oE4E@H3aE-+btr^Z`#t@@#N0QY5UjT)-CnC@d5Ymw8r68=>%rE2iWTPpD0_Eg;8 zqqJJm+jGdjMP!Pa`IjHS+9`cU@%nY-Gzv`V;VOJ;BxGzf%DXQezX5jrN=-ZFzoYD( zNuDDZnn%U6onTA>ZVF55!A&LV3@=J~wS-U}7$6(Jl-eu;PeCocIA z!uTGD*G4MJoA=_KntoPr+W4~Bc@&&)j@5YwQ&+goPv9s@82SQT*o zKXN~oBN*h~N6>B%Wj=AUu<&d(y7H%TQJQbJQH#u;w&QNl2B~J(eU}T|aM`>Gfrl>c zGb&v^IbnT;;~vpi`nz_koIJWyS7tz@!^A_)*kN`f!)IImby#Qo@xD8?EA6V-|2?LLzD5l&W4dBe>=jabYAfDjo}0&U+fE0ukI z&vi`w>$$I@EeI44cyaQCT!pp?i0#*x$&@@0fOxh-sy}hIh{YTzMpZ&?&IDGzU4%)$P84$ zANh##T+puBu=o!3VhB^>%BCAxrO>(8+?=>^Nv{LD5v(G;!F0`Oht~BF$?)9;TU)|& zdVpsbCa{TN{uWqsWSFCzAHKN0U=Uy!hPnL(l0cw0XE&*NNU>$!rP+WCMdmZ%#9Esy zSzTm<^X%_!vASDKc26<_V*K`$;-}q^z+P!_hPqZFU9?1s z3PN?yX=6on)JWJcuu&?oom`_-$k74rVB0+nHCXjyz5K#THYA^UD0s1yR}()mBs5ql zR0_brq3cQ3+Z0_-N1x3UQ6!}+RWc>{+Wc#U=Hd}PNDVSKQKRy1MQf^4DM^(IeYfx& zZa+b`gsv(+nUo`$C15@1h^~e`L07tmQG(PW>|r+@ESa+Ylk{_Z)<14A&E0&nl1Wph>9MkXPGVsIS zv<90ttMG@#>kb|u3{I8KeipmbBr*Nr-)}O{B1vt#Bs!HqP3aFvxex`%hx`{(9rB%- z%cT^|T?Pn^ZHJOvUm>imLwo;4MTvB}k>RC9e7y#$;>O?>10nj@gCZ)r0E(2@XmTpR z`C^MJt(Egav#!dnRIPIU-4Um4MiJY>LvtP~7)A|HX}HAwND!f#drv(PsmG$H)qCyf zBGEsXRWHV3oWJXn@=e)-ul3$=wI|R}NQb8>)pL2dF)!P~C`eF-yUr9i!wTLcFGVc2 z+wDqLFOr$^Y*XgFHVHu1nkX*%5oKPQDeQ5tgzr538p)>|tEJVwNM*qXWrJyr71$=Y z#w1du^-0xF>OU}%S{VzO$o^@5iNtMtd5iw7&^!4IX49S8ccx|t-}>eng&O1}2Tbnd zXC6C13EO4aFGaC7A&iVpmwL1&4e?5&#>>XDexSO88hOecjgThOS}y((l?z{mZ|ZDg zmfAL)`(6ZOU7hHld=wAOm#Vl^qEvE;oN|V zGB8SR?|$B?_?6HCqgMU}Z8P*dhzxz1ik0B@%h zaLH;(fb-YDYX=CF?9O4&sxj_B;#cn=heq&fJN!BQIW0t6VNVL zKpJh*T`VRLmFm1MfLJOXt43E!s$gcWELEC~+z3^Br+a%3Y z3=;YIDV8|yepu?C8agV^>G+^7RCJOxawH9{0w4m0vDKL@EH6YdChjiJR|>TJsTNrK z*YO@vz~9DwB9<2;r38GlX_c@tYmMr#r0J{z5MQ<1Ny&~?J2?Rdg)+=CMe_z?4Ph$| zR-0PLQbR@M{iSOwnVg52N``+4-fp95QAh_1f;3QQb`{ZxS%qY2W9gJEhm`n7v>8b% z?8FCCA5r;FPxzO#E=4bA%valiM=_2I-1t%ivu;M`xbGeaO7jthTPKFT^tU%cpI%K< z=eZ!^do7*ywWcZMx)jgzOcGs|1{$RXC6z1F^Qu?*>S0RkMczF@7`RZ^aUywbIZsk>U-MpC=8xgvt_AsgoC;u-7#WCn)y4;QuXYYdpMql3qreh%)a>G}ic zqxKf*U1nDp7()(u0TVHobqn#5eA51(Bgq16GmUvKhbB3SSSaZpIv{Wz&1EaHCc!1f zPI`tg*)CBIE~%#y#$ZyY>(iW|UdV8HPQhR@YDeoxE?kX}2>9kAG4crwPj8xY(_h+& zt~$^Sh+4e&tTG1Wt*${T_ZlPJ6=156^~I|8_3-Az@PDRn4ju3=A)-!u$s{G_cPL!T zh^Q&=e(j%esUNQ*X?$YKhwO1_7i(2H5IA!dbM@K4w7ev<5 zL|+x`U4yywu{%sGP~);jsA7xGb<>f)mtKsFBzU90xqqv8`{Eh zOeU+!RopRQP2Wqjl75621UU_7SJG|l+lbgaRzCUsDL^~xCD^0x_CUE`S6MA>#2@1mUcO>NlJ-@GBg+U&4T@W9xIpTHQXIzjGX=~=f2&}$fCdQvp=LLrL(*ma%n{aMCl0yK7#5Wi z3sNL$gq*eMtx@HCqVg}ah+|3=;QSnN{^lsmJo$4Ggk)m*Y9ikzXWbN9$&W--JqRdP zP+Lzmh6B$8!@DUpSYexzJUKC`qFVdoc_&-1%orB@OT&W8T~lgo(^p?n@TZO@WhUx} zstj(zxu9bId5UW&y#SnSH3jWj2Q_$r>dy?>>M4aPO$u7)gFD3pCEo!L`_XF}^MJc( zC(%DpsRFnbh6AN!=cEs0Pj}bhM7`d>-94xDZs7u?m%1-RVrP(3S_wR?w1Iv2`cwT85G^g7Kz8I4Tg}NAHIq))i)C80)fX?lRjR&CGnufX#ksMn3p;lD*-75SQP|GL-p!kM`Oj3`fiGtRfc{D_P=eM|7U!$G5kBe{-54;SGH6J9=oIevrFVd z&D;CJ(72k(@2&y@*fk?b<^wZ&GCIu*4ABT{ONka|NL@kL>La19s?0s)E&lrm$$ z@IvW0CKFP)8<_t^kD6cgm+s=aDKpDr-MWpd&f?Sil&hYLmM>tv#M4XZ)6GST_w7PQ zhu2Td=CQ|Z#>1||f~zAXDI+yhxM%fJZAMQmm#@;(>MYExwo-g1XHi9m_dQ=z4Rf(E zw}L*$;+xt2DRS<9nP$gdV)JRS@mOWq%FUM{JVx-NMAPr$rhJkdbmkJ|IIdv<** z9|^1LLh-w!caBn^PuG=)9bBR*^FHcI@QSceN2Nz$oy+sjh%Fl&WVBDhOW}1@(Bw_G zMJtx-;|RU($kfe}O5JqbC)Y2d#~>!zd$6VOmD%X0$00|ae={$Bi=>ewZuk#EN&Sj#|3 zf&w>LlWPaAh!rfu+}em7qb}ved|8(|Q57;kSGVeA$ndo7W6kFR4`O~zZoA)h?&wj} z#o{R$)+#dJO7*MXy;O6%TyiHC7l3UfPgp1JgAQRvVL={biLk|Dd&lp0 zUJxhIwXMYnr^SgxcnpgJb{mBR-t1m~u-W#8YYlXEe%~}b2~*&q08_bDCm*O$l<`px z^e$tcYN;kIK<&#k`yDJ8kmr;7L$GJl_RNNtdSbw4eD;Fz!Zw~9Va0TyB7(sH^5(OQ zmBhs)(F8O8uwnJ7^6@xJJx_Q5b7||ki@0Ww*RJ9yj7@Fn=(kXdlVQDQv#-%^C|0&E z=?|Rk?$*Xoc4U~)C`dco3-?DKZzM*ILk17ar;A~(L|tM2(9@MM^sdOSNpaQ7FCbt8 z2eOJ_3$yU{KPQ;*T}+d9C_jyv%2v9!^$2T<8!XMjOS4_CXL!N zqK3tup6fA-|hFUMFjcu3Ly*e@qWTGfMB- zk;qL?m|r|)wonACDvOzj@2I8o7>XR8{kS|D54j1F9FNLew=(LB5(xC@GjBIwwstGc zwsVt-MbJTuwi}|#lwgt&%*TkJoa@BSkm-uT=h{7P{gqgBAXpk>R>)kcPl_fU_i;4r7$1}gSF zqs|pZS}0a&KUK(tgP$Qw>L%nK4l+o;Y8P{Ym?AP*Hiua^VXK#3h^_{!j>l-wk%%i1 z^kS+~&I_nkCv~r4caEy2JPBl3PFZX15-kSVs!u0~O^~D|STGd>A+Qz^*Ia*(~>-zGsVf@#t{yNI2obi=l3aHX;Wyx8JGc(sPDP99GX&M6* zd1D~(1!H9acK5+0p}4~w`qEwIsS z8W?A;u4iuJm1^Sl9O zRsf=^Sn|G*FvX^edkR=unk?R+2LGF^G;oSYG!SGxF<$Q%iZI!deWwK}3-y?d-+eX` zXxEE=%$&Xix~%*qMZiKy$mn2o0(x1+AkpjZZS(ZO27ek=2e6|u`cS3B|_+)!( z&;(-`lm!jLD?M5k_>MnSFwr;i=lOmrWMijtYU0-7hEk4shTZMhlh-%lUF!E>$Z0YU ztb@`UoaJ~Xtf;7anlN5x2eda<;s!Yw0e@USO=>|&J${;Mxn*KepI6g_9l1k;SD|nV z2dJJ4`CyLiES}hSjVC0)p&0ZfU>hN&vwF9ENg5{_b?(9| z%J0cokYyd%+vLS=qcPSH8*um@F5{>>^>ElXccTG6=O_E6JoB9}ccvB{!d=&rf1^mY zbzxA6fy)SFox6sgBEsjIJB6kn8_lDtE?mlAI!hzY&zF?4G0QJW`8LcG5aT@rR9@XOAv;r>ME{J`N)|@t!`y zJ=JghKt+AjhVH(ioQ2aObAeF_wlW2|5NY*&zhn;vG8;{M=~8vGaHGwt+ZKOAqX`5w zve~gnmwYjv$-8FMTBMO%LkXawp|%u<%d`Pn>r8Wg`gwWGvKP#o9pdGuhnY7e=( z>Y$&$QcF#mFkxetwi~PZOOU7g*nfB**>Bop1bY8nI7O-3GeLd^&_H`tg6cp)JKdtm zj!TDw@p=xXpDTbAJ%BYDxLy4I4FSAH){C^A)D2qUDV!CSqc8b@)h-O)s%v3dh6qyi zY?zhAE%Aqvx6~t`7%`^B0u|BM7roN6&~f6>BSj--X9%2APlXI;F0ArC26&vE^t%gf z+^D)E5@d@#KSj5|TBNIO%FTa5ip8hjKQH9pn(Cy2Ot`nAiO+S8)_3|h(_v%=^BbsG zoPaCMpTRweM}Mrl7@R;^t>XtC#0fQ(34DRKq!%Q7l1OH01w`s&!5X>M(Ww(RQfKu- zj?p9WOT(pv=Rrsff=a`=8FCkxNtGAVhFl(}_YFV+<39J|pL2GT)=;$!)6Mm-t#TW4 zY}E4^*?E*ioL{+VWoE;mQZX;~urvvf5a4QtvOF=na^d&Jc@n0w3i?AaYIKp&kh$`v z7)OdqS{DUZEAlmlhI!=6Y}T%v1?t6af+3 zW|FBps2cgIs0JD3i3HqG`-tt*OI)`4rr$F%OpOu!nT?Em2BGE`t$H7Yj`I#x3%VDf|7oJTn<%Yx@011{-+$+ z?@0`R?JJ#=6B8CE(KIUY?-Q$r!5VVjGThs2C5q(WhX(!FH&5n^bVE6R#%OYjc~nMh z5!zv4vD+MCkEw{W97m`L(jX>X65Du#jdvQn0Gk14e2qH5yK|auV1{grL@B zQr}6qgJAT`m7cg!c~|Yr{@fR+`g)Q?D2W^e%V~Yp#E64Z`+^43l1v!tWerIXVzg~WEFVurl`RPHnqtJh_R zrbgZinpXQAIc)JQi>zFmHi-v%PR3>^3~duxi4$ZY!RX0olur+WNP$*;BXKYjJu z@#XfV6O}3L3s#o&9_dL~1}CmqPD8r}OlsF>Q@-o^lizUqDABAWgMLDRI(GcNPnS}` z2uoj46hop>3hdHhOfMD7zQc9KHToEag=JR7BDzbz3QQ>s%J9VQv`Gl>yhWJ01)PO~ zgC3(#d7t7-2igD9REvFxMoqvQ(AaKBHyMAsq7gmk>D;VYv!)Rlk`a|+UL zNY#O6r(E$nQ8ib&A2?uvG87xH4XoFHb~al})^WFfKbt&PjdWP~!SB;K;Q>a5JM_V4 zo38|RJq?2lu{?$)w%MbrsDu%uZ8b(<;bu&7hFF{5p9D$@gRma2tC0G4B#|_T;>k>D zEBUYV6QFcni*~0jm051k|L9Sy7dZFB;5}g#Y4;VHm3A6^JfUDGaMI8U_=>=fGmK(H zTOdY+7AsV^*H?uu(uFwwI#g1>XY__ay9@J&mJ|yK1Z}2~>_Iw^9{q|63B4*lF6b#Z zw#u`f3D)la6AUE&R3QN5u!m0pOM1U!Xg?yvmCL2xEgw9IQ3$qO&p$g|SP=R+sED}x z{QD;waq=#5C?y+nSbs90s9|X#kEnvBnY$ld3ZZRim~@Nnngrs(mS`Q3K{>iFU!z+P4$=0)3#&KyhRJllV0OwHH%{&djL6Xgtm`JMq z?dT**PHsl5Sf5HT9 zq=EV)$IJ-sK&D6t=e2Je4YuG&NE1rQ!=V|$g1!lpyzZI&$F!8~G86pvvT%P8$>FYh ztl~irlZBVyVGDl_+MvtoDXzD`9}1k%?2`nV9R=q$CKcHd zp(;N67(HI?TNoY&RA{t0AgF|lO0E2Jq4Z?2X3>i3J2wxvqr>Tep4VK$dhqx7N!a;6ZMY?(|HhpG}%140tpcf+r_c zc23Ydf#wpI#)35XFN~)Ra`W-n z^8QjgDXlmB` zuuJY&o3thw3LwYPG>5CSimvcGcpiBnYK6+`c^W9$lb($ULcF$SdSpW#-(Klg9RVgn zGEdcZ17>I_Z4TVsqqN}dbr&t!S5-N?E-)DF3k`z_0oY2NH^!Y_I@+HiDQ&pw?_^Ov z154{02f$sjieR3PhEpytUxCSENdEl357enqA<$X8jrZK_DHOavBB#RcZDZDQ5<@IBl&H%* zjGyT#aU!J&0AGtn&#_E6&%d?P+(~E4n9lKGnqwiHXgWokh1~ymsHdBUnm!)IvOwPu z$7h2ArRR!9rQvq8$m8Ln9zbctDpBnf1kVjpkW#eTbJOXg08OUP3m-eSa1V2Exc5OP zkm?^d;y1sUF*&r`#GxIFXv5t?h8!Rt1Wx9!#KYFZF`JF7jvs%2%3NsM+d5<5zG7JqK1DIk-US(6)qbLpX!ki2&!}IdNY_r= z)4^*Sb35?0S2(nV<=DBij`-VSqWTKTM~KOT>*5KM z(Aa{sSbhknKre5Q^nUD!#|^;fRHuY7^+i8&A;%io(IelIt)jTu>@mjx;7p#M*c9U; zb%yns=(*sXL6L})1fg=VS|91HiwLWj8SKNB{n#n#H?DDT9O?aknU-GSi|>boncbpV zEgP-#kel?3^y==3LAUifqI?_{l^JEYZZm{+VW|s}nJ_k(=EJx7O|}qNht2?NS%#ud z55jFX@(gL>Dnl?qg)v!CzP6aJ-_tpe4w`5G${gA|Xq-kw`X$+yYf5Rp7ONQEZJAWXwgV zXzcr~y}pO*d0;(0Rb10Y>LiRvMse#S&!p7fIovTU^MO@_B7e(Gv+zKixdm4%M<4teLzMguOce|4&&Lj><(z$uCHRqOB5k2_P?9-915M`Y{GY% z1ik^a>lcO%3L2t12yC6bn#|Q649+hGZ(Y z;_NpSMUfv8-~=&~i=2{B2|`E`_>C4e7BIZo*Ks^o#UjH&tn+&j_uVitV7e2_hNP2VEJZ@bjUfo%33^E#UH}meduM&B7%+ z#v)HlrWB3yj8~63rUmr|+ZQkOa7Qy!xUL6lIuoTmb0VH>Eh!JN3P2Ry$XenQup9{v zvpppO*O}F*wuH?gNjU~8=3x3zfGy%Mt{7kxPzI&k;fxvtW@7fq=c6CNp^D>L~dXhLuH!e3P5==X@_pS^`m$W!Qa9f4Wbx%!`e0Hl@h;cmRd`4z2<^&Xs)Pu5ZXWH@vpF*Wb zy6XJNV&;YPW+NnY45|lm< zQ`E1hWcb{mAjjfDxp6&XqJzA6+_`l^$1AS~kn0K$Raz}-`0#8-_wTE zUo5#Ie9wJXq`@MVK-TfYeCFbXcAC9JOLA%cwCJd}>?J}tvi26a1~=CvKooL_uaiXQ zH#hrAB4*XyAxKPp8O-Pn=T7>U%ZBRY`{Ni+CF`zl>?eCUTi`UsW6k$i4FWjv7v|g` z*;RFq>IP%t3ND<_$h6RbDL+qs>bILgQxe*KHZmN_dBH3%>F-==YOX%$p0&ELEgaepJW48j(@AriY88WE{;Yf zPDE^s|F#I***gEN;Y9Q=@%pbp#>CjdK*-J=M(dxBSUFjVI9Ql;{?V%cI{?Q2(U-iV zosp7>Gm+L`C?fW^ZxeUt|0GQa{ihWEPbo>H^FI?Ni2i9V?8Hd)&(IZN`1pwE#r}@v zUuI=xP9hfe|0HH8GZJz97cvtuGW{2`6EU&=7qbvCGXEDd!TftB|9JdwKF2>!C2bgq z7#aS1>wnCL`TwHYv;4nR?I%+3012Vbk7%47S57O%<61hVsx5~h))ONHcayYYx=o`g zA_<#Ct7L>iwRs_Wi`#KfM5rpz%5z0wT;o+DAOQj!$N~l5TOZA@Uh}r?k2O}V>zAI~ zET64gewkrMmD{{6Q}-jLs9#>*vK>?HxEC7ynmCsT`<@+oyghcl z?^W2<727$R?0URjOKdjx7hy*gZMHd|8y{a9Cw{=weEJU`zTkLB7Vq^QPo3Dqv)S8l zhGt0LwQX;2hb~U$HNKs;?MLIjexDRPJUzB=i;MGC6}p?Z9c`X&o7S0?ag7xfsM~?~ z{sh8f>+&O-T|Kt0)Orf@Trb4QE7xlIUpB478G#md@TeVp+U$N-IiCTywIbi%ADgz? zahX2b7bM6cljE~7X_cae2${T{0Z|>BC5$cMS(oy}$1o6r({a(*o`U7XH?W>A`NsI> z%c0w<4O06WJI4&M=e`?FLjTe1MKXc&MQWs362>+I{3JQl6ga*epRZmw*PjV(_1Ld< zD^^2Q6MKk;InhRM7TKR|?jLdMn)#I1-?0)p5Ba94dRtek#cyKbF`D#M76S9aMje-< zJ6cu&@2Fi`ZYaq&{A*z?)vofc{4CGrYooY+-q{3UkF%X@U3izza#M&UbyI;Lu;VH9 zpk-QwEqVYvK*PTRQDGQX{wtDE^i2>B;qB`TnGPKUf&Xasih_95&RE>5)VP-yw++C; z+4|>vexsnRw!MSIk3K|z?daD}6N$=FtghB>^-^ZUhsU=+P$$ z3HxZLm;!VW;k+fmh3ZUG_k~!<$)yrBbm@XeI^@X}Z6CrKbtt?P5WG!Yz1s1;rKk1B z8p1GBOs}7!tV_#hXC>0{7`0oZsGM~~mQtjnzxOk1>&=7Ru|}IxAA+)L^m-E8-@XUoWkPfB7wNnCJ}LL!gVSQ5`4rU zmEtEf>GOkQ%{9cuGTcE_m@3~!ZsC6_4~i#6xk}M;TPzMSdC4K}n5cQ@xHTeq0ek=i zP&-0$Npm*rL#JUd)LDJ5_PCM0`x`-x_m4bSF<(jen`Z zLE^l{ZBmDf9N8i0Onkq-RLuXP$VZs1GclXz}ZQHhO+qP}nwr$(CZQJJjm)T4< zGs)~>4|S%Gt|`slG3eQO9sUy07bB`B2-%t2SGHDxMTw=}psWZN;SwLV z6ATVQyvOQ@H~l>>Y%Bza$<`HLv(?)ai#Pow@ok_*T15#`2>l z)C7V@U@4QOUuHb>aesJ4wFqf$BV=Gbzl8-le5qNc)SAGVF7DA3odtN-VhMuV(^BaY z%yhhFiWlW@HlNb&cH~Ox>eW2whCY^j6)J9?s8p1SrxK-`4O3sr$0JJ}4vhf2eHB*$cYf(=>Viu1gKkT(fRpDIVzS%BfC zl(z|XMc2q+xGB(j`)Xh-=36pm@(Ny9w?WWfteLS7fbgK09Ewdl1argFcZZ~`3*Zot z_u(-xnfiAX8jwtL>M|NFjo~yAzd>Qqdg^1}vZX}`&N(Qp+0Lq{e-0& z_kwR3L@v60gc@aj9l1YVs;=Wlcl2-OJ0%m8BO4}C+@m*{)w-AAU=7L$TTO+a* zC#JK`K(OH^E|^N`r=qGpUJYUSz#ru!ZP@wL%v5-Bacsf!C^cn@pq7o6s{wmYZYiMh zxP?BVg>&1H-;hyKnnt#;SNpP7mw;L%s)Hz;+Znw}q`eA~4SlC585B@>eVgIQpH8T# zB##>(bUaTPx{aF0_#^F5jH>PGNI90cDn%NkjZ&o3r|Wi$#`HFv22Bp=E+Rxgb`>Oq zL8haxXZ3lG-tr?vf>7VZq7|$PB9@i0wzRY~iHSu=2Zt=ExTYglmdD2pgizYCvG@C6 z)nRaPHkN31Nh=`q9QQg!B73}5NMk$vPHuboRElDM1a77Vp*;TA6@Fg z5czq>#qeu}zjr0DSS21et$ad-nuJ5iE;gPV5x{2#uFzn$_`EAw8rW5ml+`RL!s#yM zQ{ eiTRTb{p~Jw-wUr32LJYchtJ|tHx>ErMEC4oZlg(jPE+UF%&zsy+@y~5G6>n zmGf`%CDA+Od9mepVVRegfe;jGjigA}n|>ZVNcs0TZSlS%S?|+H~Snk`Wk_ijJgk8$B-m35$ku-Dcw1S-lu~1hbFw zw|a#%nCI#UqaJF7siV1MB{T(eD4rWvstQIR42uCoMn7Nq!A;k-(ovBN3`u47ZdK&y z3QU)*?(*}Vw|uOUSL__(nyt&{YPq~35TZu7?)=I4xiuK7WV`817-c6rgsF8Cg<%FE z^$nIHi{}RC^U3ayX#Kvkx=FcnD^Uw8uIv0$MPR>-))x*h-o)Ix0iQaAWV}h)k*lzf zx5*vJnsCro&=zqH1yH|u$q>OS$J!2ls}5Ge?CnJp(#{RdVmUbymSrcQb41;BO|k6Vy!@afbwROLsE5~$4W1qI z@dHQ~6r)UTWf#ieP#mu4_`Y@qM*^F(hQVSPGsBR4{#|H5JR_ew8Us0uP4xwvs~ynYDDXWnceZ?7E6DD{KJ}-uYDKYZBqX>(4&JOmF}iU zr7+JK;fvdWOidegtL(!|9QQZ7)6*A&%TY@o`3a1*VjsmII$jjS&xEcCrjd;WV>AKl zOybd9(O#8UGs7j zs@bc+Gj^`jG~xX4FKSndIZrmst5oFXh>9Ymd$y}btvmxJ77ho(DY}1#*^j^jQ~d)p zn1T9HSC6In4~usfETh%Zxqx5WFgFNTlcnXIIM(`Ivj#!ecuSre9H(0Yg^=u@9oa?8 zP08*lqZDRV;?f=;QAv6u**5c0kTg7ISuwr*lk@?d6koDa8>aD*NZZ-57J*tzkRtT| z_SoQ=r3s!*x$EHV{3foC;%wthY^Q=PHpqSB5jE0~q%1K|n`aoQ;~FK#+xFsJ4Mi#R z(}O8UKFBi)K*iPHtHG3$)EGs^Y;fd(3Oo_nYN*yi7hhav3S8$ z!NW>1{N>n%^*bWb*Upx#@_saNf-^FE4e8bDRvyA6X)O9~a!c9{z)J>`r_cDy*C=U+ z@>%cEL=gNuzzf2vK-lOHbAY434rXNp%RUmf5#sKoo2yCB75P@>OQSF~z#ejpQ-7-i z#4xLw%BO95-Ow1VlSe~W7pCcm$$5eM8Za=GQ!S%5^G$T35V+srH!d|=O@+eT@i=*X zA&+aR3B?==qc*WE@N-ZQO-gL6()taMR_7lA(xToDzweY>2}t!xifPvYmJ`xFQ4Q{DzR#{u9;$yrTiIwTz$9qZgvS@zv<*0s7$Be<4dkH-Rgk>o znk%l}tOE?4hOnQ!)8wG{l3o~JY1N@@n0KBb>rA^Lk^)bxC#ZWOEq&3P`$Y|p=OqK6 zT7~n-&I7%>FeT7r;PN4i{ODyA_r)2W=>-@21H_L24(p>+Sv_(t^VDuA4E5S z_${OYuizBbCJQq;MenNZ?(|Viv6d4}!~qoVRM#9D!N!&XzLfe0TUP*tFTEkD4i9)Z z5_vs6r5)$Lf6QGrlkUz66wz@$_n*M?INq&MNGToR z)M#E(8ZI?^#W5$ap`DgzKZoye&ML~?jL$zHse@FYnRHl%lv_JJ@2=49Y!U`fGxS^O z=dxo?&9C^!6o-0Oi0PwEA)&33_}4ny+}hgQ_>L zzLV|ZCna~oUF|D&-0x!u^R)l-Lky%iVt2&1kYZ7yi11DMHS~3&r9@QRbwAIG>WouVCh27@2)&;MJc9AZ8i+{wOn^@&sM#aN;8BJ z8wK62uR8oY>{~YyCPJ>5b?=EjKD?XMKk|pPY5XNX zKob;~LuOy!xRx~x)0WD`2rJIY5~OB=?EKgV|1aE#CAI>>Jz{hZ5I$K3`w?>2J+zT0{(BC?}+M-Mr6t&<=Bu5C1ep8=jId!$u{q>K%LJXExlxnaxN0yvezvfJ&hSL~!l(sru zRAFX^85WQ{DTb4h(N4+UTB5TNVouv8Z5`K=o-r>)G!B40Ca@C3E za@_pEJ}5ya-VDiV)S1ujx%v>t|EEgdt`s^ahG(d~-mY)2wy?ihuHM*k2QchBIx*v9 zvGj!`RHccCc8x zRj`6l0hw3mo#_Lqi3sg)6`{2x-M$0*K_mH{WK}b3K@DbF)^QMCf*a^Dr4ET=ei7oT z8#U$@w}7ef=caOT4Pgo9iegcwJ8d{+Yu#4zk~-lhW)j%S3x4z4LZ(C^pGLn=j*eq= z3P|d>LawaQEnHU}!`IKyuVM3Lqkld5@Q?Oi^U%YSzGlUCaHqzaIyZd<-jX}t+#&2% zPcNN`Bf;hj^upk89FmGR^-7S2HetQVAy4u5szfu)(tJdm?ait)c-Ao}SHd}ygVp$m@64>Bk zt(gcuk@w7xza<5=$zlHk3*twIczD#v-6W~gLsPx0kbp53Hf$VW0PDc|R1xO^i7@nW zQH){l`sjBgV0Mfjfy!nREh-vb@_sKlC1-@sc4ZKxk7ukhmeX`J2ClYJGv-@N;Sps6~c^!In#e1ddepF||U=M?F;ktZgc(p;?ser(sXyIy^5jB|(WY86f^^ zabi#A>FWxKnh!XvW>ONZ_Xt{=pki!Yy9eR0GZO}oS_~Eu| zhwN$pj$}t*CZH5OO5?m5e}69?)Ho*h*jNE>3$ShmoMSU~RFE(z#5*_d^QWzc5PTwF zS3F!oB(HZ_a}xWXC@V}oBQ5J0bau;Wxpbn8X#;Yo3?sslms#H<#F7Cv3O3yl{38F0_Cw;*1B5?1#VM?;%@-vogam_Dcw}`jJlC<3! zTj@yUT)qFGe1~Ryl=Z__K9dzWQ@l^qD~A&6ILVV;a&6{K?V5o5%|Wo?Uut%nm-M>Z z5Snr>HhdU^MIAmoaJcLW`S6tg!vUa&T}^@fMrQhKM@vZ_ zhDzL-vEx9`tdZ;QP$P+umtlSLklGoNRv6q9POmpk#2z!Y?T=RkM#&M?yp(&+Eyuxf zvP_@OIgS%=r6MhcIxNa%xCG zj7J!~U9NLOG798INhCFNF#?I%^B;)f@K;BhLXy@lcuewHe*Kpsm!D*BV3Wa zdapxw(ZkRE0XbzRaBvju8u@&BJcwiX;B7q77)SUDRoIO^OF0hbxcHvs9U7UbK>`zN z4lAIf5pH1n$Lb{*n;K^kR3`6H+|MrlAxhBZl>}H$+fzk#_=55p zAu_W`RK}M8+TA%2VHp}YK#@*zm2G#~~ zs(&eRUc@dywtXsRJKaDHLN)ATcjCGWI}aZD7m(+jmv{N_!H;34zc9&NdQK%C=vNEX zLYiyOR`>=jYW19HN73C2kpW}h06`%>6$8}Q6X8~i4zo3@&Qhl$SB_24f*fbuHYuyX zrJa^462N6DRT^U@{4ku#eYvuJ(nhdV=Y)^hAKo*SXZ3m3GnSch7;AB6r0|)lxZJ;5HV8^eUgJXVh&b0}kf3wbr~W#Pj+?{vIO|*96xER_SmXSLEKcfY{~!sdK>7Eey0__!I5S4J$DWY*a%N2R&8YFs2E7 ziiy9`Mjdb4sUvnk#Qe_WJjbqcF-B)U5|`^R)cfuw6n+qc7bV0ArI9zJ{1z_c*BUVT zN@Nu!Xj5zpi*~Hf%42Qw6nlnxyH%F5ox-F-s|BXxoSdieX510L{8 z8tVb=WqKhw@B80V6j)GAC2{Gr#;djL@}h=)7)@Gyh*MO091f)FJY=v!D(^nd!7a)>YUjXA1-zMndgKjM z#4J(55ZXpSBu6;0WPzvE2pTL_wg3-a%BWp}ELI`X0DF}Z=`yMxSiT75YoxSA4J)Ew z?=jT&Ie)&0oU%CTb>n?D*3xEV0aVqcG>n5Q^DPhR9R@~f#KbFRWmcCAFNWbW60Xd% z9MV;&qZrU|`-u2Mq5FY?)ck|fqY)~Q%&v~;Lf0yU-3Hb_BLi}I;dlb|0V3cFMYKL0 zW%!L|0+y|B75YzSs%Wr-G|20<2kWP>3bJ^K8Xci{k$op%(Li1nd4|MFg8%|qb{IMu z1X{nFl3h#0hOri<91P#D*}F0#PVCg4b=kV0)*Bjm=5yT8kiW-^^yVnpK$0krZv_p#rU3sH4lKh(vFNU9F}Vb4-&jj;CpQSUZm~X( zaHy!9G_oq3#s_Gc{VdI*;8~Z|A?y40#LKeJ(folQBFC_;^Hho_8&^PS*UFR~q2#DvVV3$1))(r`Pl8sLC;udNp zNdvi5GLw(}cxr5~>W!xCyrQQp;?ZjO=SS>Aa)w^eH);S=JE?mPng5OJOC?H_m=@Ay zngb}Jt|1k<%+$6Wuee=%F_3VGoACXEG^jAk^3x^xic&nVxXSoo$Sso$-#sR+KAjCODX7P z{?Ux!p!1Ehq_`gA*=J{gZq@oA9@%B$ zmy{R3ly!nxF{~!o2NZZrMX9lwp8J-Q{Q3-0~VmrLv%x=iAqqK+4l@kYIhW zwIdw%xC3pF(!H_=!y7+}DrL7!Eylp2`X-FBrJ9vrz+4&;DaveOfH>5oD2onjJ zhz|`5<3bm{cb?if^bAebb~z8Uq>Psev8xU-9=2w+!}V>(oX36}%v^KcwsiGhyouU! z0Z_rwcH95boh|0Y)HjuWGLWDzV)(h@17zDpHu&FIqyITZg`I>#P9}f9?om!u-m6 z&gk@N)2>dY>eAe%%%;-zX#bX^s{W$0gDjp`xHK1Tpbq#p`EJ_YwpI+9 zw#mSOo+2+`PY*wL8b?SF%3_CXYzTF~5OL_657S6|zd zUQOmQUbEY_zGhroQXvm8tN39L=C5&In1hRNQ^GRy7QoH}-P=1?OB=S2_}mF?GMBUNl|+&r=d z@{Jm9mt=AmTtY|*ESebFkEXEvoV38VukXk-a1zg3s&;gHUL&PFZ_wz#b)DDIR=gtk zg^9%fd!c)Y;l{p~3+F>@z@?8b#bFxvT^=poH}}bqCdBhn5oGh^lN~WA2zkQx90<@W zq6hOX=_77p8sqI|ufg`NlgG(&hMLnaq8?HbxB4AojDx?vKOQY@OrW!!Utb?$@iG<~ z=epJ~Cw3Zit)T|{z`mjo@EzdGDH?{mx3@5yS!czueO-h)TYC*pavyUqZj`c8mK3z0 z{gZXH)o4<*0e0-$xUi0Z2MZr7-rBpemEPxXjo8Nz6u4}bw+&gCdD+Jg(WPMWf}Pnk zg!RKMty17JPCcRL$U;_yEM~g!`D#`|cSNmOkc)Kv9fn9fRR^A#;7=B#JP6pOx`?jQ z{n62H-NcG^4?z*`zmp*>Cm&OFX8=Ou~ zUel?E@$(i5{X!x>x`ik!^q#-8xVnVjn<^?4>8*mmvIH;^L1s+&m5f-}J?Zegx;q>W zTk2b1;!-Rz6ocUV#=1I@v>9dw77eBgDSo;cK*Uih(#)aSGOz8aQ{^b9r?G4CwPSk3 zYjl70tM_f|c%+6~^r5G}&co}hmmf>7Zh>_gNrVm1l4Hy`H7>G*cQrj-1-mXB5?E72 zkFJ5k+Yc6wu&*84CfpE-o}!mwf$MTS-d8bH!MTUxcSDQ;VcbA-U?ls_m8&>Yg9Du+0M zZKsi4AwY&Z7A(DP7X@0UeaPxrfhJ(5bc1-^lmWRp6p#x?Se z;rJFsXtA!DtRBk>exGTMdX!2tfnyf1=Fgk?KgfH{0Phy;0G*2ni2&Q!Y8jm1u68N< zX8$#2@ZS#`hsvY)t-zi%(3*yEb$Qst^F^0xv=q_c1S;De=nKl+%J^EvRA`B%9UHd# zDX#wpG1rKNO?G-@2GmOY?lL?0MrX)x8wEAY>|HA9f44S`Kdv{0MQQodh{)gJ%?>^r z(2UvD)j4BxOReMl!|6m?15cs@Cw7;0)VuE3{tKva3pJ!7Zq-;#ac5u~=z!U~lfT3v{2iGd8$8 zJ-^{=sj0RXgE3F5F>1r)p3RNOqe*b@w=T0cwPRcfMH#JAh@5S!Mf%^u*i7`mX)IX+?|cHTIaJpc$|nZXCqz*F&WLntDBYg z2C|=y4ObRDN#3tzR|glMj=dc_^-eY>N0k?M-zbosW@IR4ArD#9-@o)TN@+3hW2qkV z)olKNWUCjoUSDOkqc5HY)ilO+F=kXk(_T6sabplNgb*$g*(tpHMSpP*I@xxd%SXar ziENKpdNbl^@}U@~Fz$n8 zVs7q3Z+jg`?_`pSA6E2T+I!ukVQm@=xf(ussOV;nGTc@JDP9Jd=h-k+I;k)_dG~mq zoZNk0r~SUFHYoX_M#4|RU7>sv4Apj^&}O(d8B20jqcx|`Y$4AenSEWTi!}XABl6Ay zc$}rn1m|BM5`H@g!6Bx-HuCWyPr2+-A=Ty#@m}uSenupIVe)+i`=RoE_2cD*z8v*l zExJnL@k~muI^JG5vucUp{qKkmZ_$CeQt2pqwa((jU9}lLzEj@~&d-{eFyee=05lRY z%l$us!_hjythP8xob21xxr!#;G5Y>Dy8>ssNVpAzL2F?HOcyChfW8iIR+VadaS)E$ zfKaa9rf{~!OP*sVct@o44l2en+7>5w%%mQaL3C#ia%iW1Q!5=Xf}fNa4ma7-)XG_C z`3&Q4&`@b`%>R0*CWT*SaoTwMKvzs<+V-Z0 z_7{X}v&3)7@cib<9i0=9y-buQ&RqYXlu4_Rc37l;nml?kN(R#_1~sF2=LwE)fCYLZ zj}El^P6wR&f-H6)%`Jf^|UuMb;~(l{E@BiNZkE|OQ?PMUN|De*m8&&5}!NCXH(#@yeU%bAp7ihoH6zg$41AxjwmZW{@u@G7{=DGpXKtm%o$~}qzk%(QyY;srv z-_*{ZeIgRli9Kd`9#eyUg*>`9{S_zz++lWaG$p2B&9Uo)30hqRTE2-0}S6_@zD2M5$-*cRmgsL3_=cH1dJ7 zHX)srA;Jw=P`lF;J9fV>|C=OA6+`>`auHSpX+Oha_0VKCsYDH!>+sccV?yrvc<so_lv8}u;Dn#f(gmmiv^5!zI_C)=Ui%!Rsvf~9_!=Hr}P11=?1$%y*vbU#1AZ@9iN5? z>7EW##~DS-4N;=B#V3RmBl%f5ydGStiXPD(zt{9$GXQsFt#6_TLX9aC$Qk5ePONR`KpUX|oWu zEfOAPd6FZ?)x4+w9Tn@i^5e?sMMi$2bpNJZtY!YT^y$-BQVfYn91lW3Ah+GtFaC-5 z(Y@V{ZAXge`l8xGwG!LLcVEA8A-vT*+K6q}B3aPYn-AEawsQjA>JzbRvJ=d(+bevD z<_~iNngJNdbKJzy9J^b89uRNAxwhPrzFsk$8|!us8Cn5dDq`B1XGO~K$G*53tpBwF z!Bk?ek$!r@te#Py3AY}~5{yeB=T3aN`aT*1Do($O!xP_zMxj)P1vaI1l}Vt|ow4m0 z3dp|H`^RCEmF0#+#7ZS45-SI8_T*iSAhp$!mpydFF_3YA*OS+QF(VXb)&!c@EUoZu z_xHSkzwVUAI*{Tp&l*xhPQA z*_!56*-b~2J>%lggT7L}`}caOLvv>Q5zwE@cliXwQ$=->T)7fKJd`lF>tkuCe{7eg zYYm$=MXdKvs4h|n2SqF+1m+t3HvGLz=(IhXd{J%!VWHzr0%(LgR-T1>*^5yvysTbh zz70U3j}%v(|Edzr>*|84)_BMu>XGh!D8{DR--ftk=#baE;yDZse^~mTma~M>RaNlF zYdjyv#)vy0k8~*0DRGdmiYDA)`J415mt|Rub*fR}AbcAGaNsY8PvN^fA#1aIhN*1k zhYL(0`chBQ7_7EyW#ewHoaRX>$czn=>x=@fTK{Y8$i-@t1E@&T-))9aI1c16b0%iK z&kum8e%+4&{KKTVy?G#Tru~r=J45pltca{$y?2z<|@_hw#b=N zT#g7A$M_LhQesf2#PE%z9~TYo&E57>UV^3Z&=bYyP%&vq*m;>!4%)dL$)y|JuFQC) ziAudTjdRPNxbg?wz!9|1?NHJ9p)~vA%AgCI;L)Wm<5Yz|qs#z=}k=A%Dr- z3g0VT3$S3k+E!w*Zon;M!ypcvVIzzbqW>&!`R@dkrvY&g&!P(dOtqnd>{S#DPLCAc z*;H0!7JIZs(~RPgrL;S~536O1OsOv;09O~TOvjyub+Z3>$ZKk2#?KpOS8XWJq&pNm z!8>~R$EqoDjeiEnN(GA2(1T4Y^n!a3k|f9Ti}j#)CI%n@2>W+0wXaooUFG)XddQ#4 zrB3LBchv1Mac_9AD$i8U5n)2v;Khws1nw|{+4MP<`+@mJ1hSujnlsz9HDJWoTUG!7 z=oF_aeacy-!AT6AW2)SjbwRS`jPi->J?gPVJaT-9zEHh`h%k9H8I;D305IG^tBkNC zPw+9Qc|Sww)oH=huvnW3y0&2GZE|%Xpp&dDP2lr$K7_e=`=ra3o#*5(-%~`i%|!SL z={_CQP|rt%V7PWaw+E59vHSBUs=Ech!1>`K{W#(1=_6blnlaq?svue-UJiAMtK!Qm z*H-KyM4ln2ACLl=nN;S_A^>zn8W=1NQ>E;`EKGvAwD_Q0wJY>@;1I0oIPwzynk}QTH_qWvGZ)O_HQ5FAoeoh zXli_~@^Ol;#rz9k>mUH`6T;;8QR?n3``>><30_}*mMUeBA5LksjNDlRdh_1Z1(h0L z=+geWnQ@!4Z=AC?pgeBt;Pf82l^tD{!NkI?S2^tn>-J7xhHDYmzqMmJ=PNK>^< z*&9-#s-c^rh6vl-od3FS+r2s~Q6LbyZ%$g!h=o)2 zME7jrmWd>|N7?h;#J{m-u)c}yuIsuW%RZ#LT^7$e?TbvAETYcK2mCNlpPOUi2BU{8 zJ3g?R9J(w}pCre~N|bM+jyp&$jZ>7kQnemhoHiRE=_JX7hSsQi+C0?=O91+F;<{2H zf|Q)_1EDaTCY#HLFk_^jySR{20H}b(N!TTd(}s-+RJjcOxcB|nk~Ifft7-(~X&e_? ze@%L}K;bH}Sirmyf#b4`@e7)g#c9!Oi$%(ZBDRp+_K3!MS>8A*PwH_*lBVkC5>&f_ zxuFhu2k6%dYV=kCcT=rk5=I?q_K zIxej|2TzleChOdAxv&?NyG%%9yR%VY3ILFiL_7cEq#c8-O+-$vZ7l@nipH)>gVD)7 zU6@&g(R3uQ8E&S%1`*el{7>V>O@8+e{;z=8K_ty zcON`UJEm#&FOr2c-ME!^$-2f?l@&`wvNS&ezk)T!^Vn4vE7^w@Le7F%hZDsXVXZUy=jlxIc<1M=&VWK68^*q#YQ zSTS2nU!bBBTb{f?2EckUQy!9f-J{+np@04)228f8((*vRC_@jc)kS9ZyV}92ThHZT2oOf|39^0lYu4^laW_aT5^!_n zgtuxF2d3*TlQcJb{yZ$2Ba8*{D6F{Nmh=`P82rvD}2oW3PB*s*#exL}jKmaD5ob@o7Zb8qZZ#E+)C zy_FL)P+kzqZGOHH{v?wPxXBGlf!ylTE9_hxp;TVgwXxvnpi``4wpTXsD6<8nmUViQ znX4NMwqV^}=YI9nQ#A^;aSNr#GQ3jW_1@V5b<%fM-1<}CKs)!e&i6)q!tT@RV4j%W zQCkg1^Z=l!R4hNMlhykTIGmujv6h{Y;L1}{G1FEamV54e;YJc9HI70>O>}*5mgL|H zhvaA=v8EqJi)*wF3(w^g-%K5LUCrzW)+p5LR-C~*Xsm`gSV|Uudqo-f(_psd z_~2Y~{jy$^If|7fg4<5BCTY(Shx}0o$7v$;MEC1ZVtb#0Bi3~l<%EBcC8BGw@?b(0 z)pNdd26`OXeqI$uA~}>%;~Tv1EEC14z#4bU9AgTTB&;TZ5Lz^nJ_ymJW6x1%6L_}3 zA&dr&zcI|~+0^JBRuT;@aq$~x4@aF(=PgVhL(3p2Hyai`dzBI50z)P;&18N&L- zFvO@B>bfM$aGvUh?*yqUW?bbV{wjN1diF9}syWeXt~ z2krRnL&rA_2e(&EHg@VBzDOA|5(G13;y_T;vDTDDz+ucem07c?T;YkGI6 z#gv>n1um-^V{iv=(qXJVb{0?aWN>&0i42u7_vWCQVRT~_8VwR6@@1`b_%Z#=B@=;& zr3OTT`ju-2JW>eIzETFfL%|8rBGKftc%q}Ok;}j6;-+{XK~E&%)u&uw19tFM+7tZA zWfPL<5%6aSsets&lnH!FbOX4ON4!FP>$DqqkY+h@{EZX7VWZ^9ao`f<*Uo(liU{~^ z6B^-+H=kc2WdB=798nGuX`fpmY(n)*qG;fGBo$Ff!s_RMGG1bk+-cVId6Bf3drf@f zLm}WPHR#|TV)fObe$Y*7#7saNMR0ONAaQxds|E7Zm+`4-&-a!_{EQcPk^lNwL1dNf zM~p&%D~b~E0<6^qJlx3f@OOrkzgAonuQg{-LzvAq|WBRHQ<3p?3HSrPC@Kre}4K#Tu}fS^3;R* zmU$eG@B}jC0<0HivCu?}{|=F>)H*laEpP!R&&?R`)Vd{X;VO8hfNPMB5&(r&orvLo zQ%3MGQK~7Z@&+vG3m#Ow0In*YV?!oT!Xi``HN?M8fqUoIrP5B&3$X6hGY_ zyB$KFh>;Nvp!*`qI%G*w8oPExlG-XAN{l&xh(RDvyGpg7hnCs^Oh-)>qEDFOG>#p# z1~{;U-r0;T>^3n?>4e@HBl3^y$GaUg1?fZf0XvlVJTu*rBhWR616rXUA$HopxP}OX z_+SD%)Lq`&IOCc_&{%MIV45+J1i_ylPEx6)&({2~Pg1X0cDDpZ+d55yJdlh|o8dO8 zV_dvXZMQ%t=-fW$MZ4{Af5gRkcA#NaBw9NwKDjN7>iNnzpq1WhVaTUpom(lnwCQkgx(4r zN-pS9yk8;DeMj(L3VuY1S)?MwH35CJJ*ILmC5Y6lJi!oF`0oyUA%`E34)FjO7^Nc= z0@$gj7P^{};8b!d;_0=H1vx!F3R602SrIm-aLU89ObQ2(4u1IO^T=h*5L5pJ z705^vGUC-*Mv47oVX{qlD|Lu_u=x~iIH9muBzz0Ch&fmxQBXi)2J8gAAgPe>xr39+ zy=HN?guJ~p(cBBiZxtePcj~YZ?;^P|!l}g^M++H5Xf1VmLho?SMt}4Uv32hWF>5>4^^$mwRbO0Rp$z4ceJi8XZJW)mJpjGDDpy=)}0= zNZ1si-yYEwX?_%}BvPEV@5WqA)4GfI&@XO^vY&@GW>~D{8L+Qjz&)8f5J3z$0R|`~Hmk-r}-qv1c>h^gN#bb8jQv;(* zmJ;UdCP@D?80Oh0$m3AHFNA?YW?VvU$)RfrT}Y~d*g$6THT#7WDJ(D3@4terAkIaV z)#Q`y<3zR^RcakcWE6__2Ob0EX5DIaaQXWIvnz*(4@NfjYD5L^Wuz;Eh18IkXPocV zgwD}On02rE+Vrq{`B2Uhv-IvlaLQt3LL_G%MxG^SVMDjQ`tiu&xVVW)L6Mj$7po#9 znZ>cKVoR#Iy15|PRs5pr%>1fS5n7eJLrX2g6K}$t5`DIULt+z1Ra|x=d% zuuBiRRC5jC(E_+sNK{o^3j$8y#q)`7VI}JqoTzDykvn~^+zh@h$X!0gj3yW^o}RBP zBEsatNslITa#%n^CaC=nJ9jKuqoBdcb$wz$z@eT33EM+$Vt2%>r(cFX=S*{sMSS%$}z`}%B}##v4WYox|vEr1OSA3jD+!R%O@Gwa?TWKYzMFgjynL@M7 zMNA84UNhHAGD%UyD7JqdswA0QvRq>=lxsa8aYD6%v8{;YHg2K0k!Wz-t7)6bBV!{v z}O^$&l9%L@{`e*-zXU67|!on@dcD=p2oNghoteH~tLKk_a zelSXMl_KUKDC5`{k2Mt)hsODad;^H{fWm4V_1t0usH|Pl%p$86>hpuVF5aij__x%A zUtu?r5r^8h^jTEmxxhM`?905Uo#lp;##RxLuk1M&ilkX0SNDI=_7=c#1O zEQ^_$nHg*`Gcz-TC9Rm587yXIX0(`@DYEZ-_rI0gd%fF2y7du3iTi7J`bFs^ZvkhFUuTwyVA%ADD7driVHXgSLZS*|VkHSbJ9f}|Z z{tRT3d0lN+9zU3PmTj0OG<|-uf97f>2Q$W1S>G}&SuRT+H)p1znQ_k(^#H@UR%3Tg z9>-EM01qP-5{;hf3=r-dmb?whmXf;_!J;p4$;k8LZGDv}Cn?pP980Z$C%&J8Pw&dq z6t@8M;X!wr6J(wyMEzc3|n$jTQ~R@8++0o`;5b zj#U7@XrZl_l3ZCfr>ut)I$~2)R#M!cj-l>ogcXQ_UZDQYzLUKZ(6ha@W5{dvTZ$%| zp%wKTixq&sm3?MKTlTlJANqGRwW8MPE_e^-SO(m1gn%cCex(&cv-xw(IOh6<`e;RT zrlJgv0ri4XRkD zR?#?Z!GnI0xa4mW)LBvrnVo3+EeO@%6j)6URcGS!^0$x@E@@fFkD<}y%8Z}P07g{} z1bL+rY~4V#A@Q5*v^GmJ8eK4!NkeRbCPB=7y4>oQAi7#jr3}P9-vid^Jx55dtCn^5vGY&LL4J+I#~trEF%cAyjKsAX{IY|=C_02HpQBTN zFtEox50(Wnh{onS1(%R_l`BmezX#G0SAG+rz>V-ntF5aXoybMiR#B4MR%=J5+Z&hK z83=$AN=8S3P_I`sCJX81H*1K$-NJI96;c`CNCl%P&`4qV<}ZVjmz+VIyFbjW`XJ(- z!+j-e47qAS{zeb2FYkG*c85{mNGRKF9p{WW(^v@L;URB-7Nn10}QkhwroH?bN!Ouj~0;nDuqsNF-iH%R@SrQ0K( z%0`lWBkK6#$~)f6g)aeTDiYgZ{b&r~mefW#F?e8+_CvzzkH>E8iD|V89Hf*1gp%e- zi!yJ38S1fAXxUlg!-E2yYealU@*h8vEPi0x$hgmtHAgb;!i!)no<}KiqRXi(EE*SG zQcCIp_0Q6Q7-62L4s?TPlK_ncQ-bwF)MnP=4sa&eOXikaY^$IH0KxVP%1d3dJ7jd2 zJ#vhM)x<~CYSDM=;<3r0-oW+V=`aSAZcW&L#!=nkecQ=Tdk zfvea;g5clnb;op)N9uq}>gXPr5&A->73R#jrc?pe$Sd^lgP$*onS@k;Z9B>1 zqLc0jDakrU3v=;&Rt)mpOmZ23n8eeT|4wKVjCoOEt8 z5p6cE_?c>XncDiICf2Ap><3gGRF)A{1Re3b7qx2f5F&}rub$-6H+xnaw#duG7$riU?^zbf)NO$reA=xOr zH%G zyl^-BysrtX5gPGFM4ST};IS-N75O>V#?t`lZO{rVRAJHbIIWB zzV{MH2<<_EHfVnVGjUzv^)AY78{i~~yN6w^=F=A6+?6o6$svqvKpYYyOs>?w-@VMb zk?%psFF{W8(?-|Ukq3bR;*B6a|HRC`7Fgo+Kn)d*T5n4F(pLCcoe0iOu+OCy@Btd% z>8Je69XpV?2)X4=N7gKz7cDbjiUl43eWU0Nme&M2Gph=ZUE)+brv&}~t8c528) zNn7Q}s?`*}tvv8mYXs>m6%?InjNzMMMaLgRkr1BA1iN^3Ep3c4cezchX1ND+x~<* zVAeUnyJ_tN()ErPXC)KX7)x&`iKp$O=wY6bf#b-Tprq5ouqj7FbIl4WwQyJ{kGoemtgrqm@t~_olKQfc8 z^OiJ8CjD*$3>M%!?(M&9J}YQ#*}=WdR@fGzpn8nIu~*_rLUgdDSh=WJlw4Oe;*?bN zPv5M3jGucOw_cFXIB#a$AZWW-$W}4wVJS|072$q2mj4u8FNYxE~LVvH0ykS{T%@ga<^ExF0jBwxSv<$k$xykjs&bPCL!e-7m~CZi+Ri>laH zqvXM=-^42)DiE(Jc6w+6a(j~Bi_5bt;XPg*9Rx|w2~(vUjNaAvE=kwF&e>-A4oD8h ztiY@Zq>jFFkloQ-KMo_t5XrHFPfAez)M7uP7Df69qReRWIn!ma{Guojli_K1xI#4r z0_t5P9+G7To;uAS`|HG#mG18HqRNb$A!?b?!$|q(3N|zEHUvcS$|~&X3Iax#erNCX z>j=Y19Ldk>toY?;bOklA>*Nvgd9 z{&#)Wh{;*gt09VwV??tP++%KLn!95~o^YyEH8nNdIJX3Etl0f|z`ZR<+{cT3-DM`b z6#vXL8;sB|DUc3tJi|- z0fDz?&=R@H?kK%f z+2E5E5=itn^2K$Ti~|b2G#r59!O@=PA$N@D1I(pyRh7?kU|=S2znIkkvJL6wgF;$i z{Zti{vJXaI_5-m8-+8O_-C(-2n-;t82NC>?W~~F!nZ3=Ph!APhaYcK-kVCZdhSmwS zbT}IqBPkn9>u(%OuN?})ls18-pb5rf*A)$Ib#@TAJ8)77cFyS_xr;BpQp9gF?x-kW zhq70h=>1)33lT8d#=27vcn6v$FUi6gCkCa@?)V0BWAz6D8q4n#d|`RA1C{%)%jf-5 zEl9??&0c|$dRe&uPK^;g-|Eey=Dj4E%u_=om?O}Qs5XZwSb28Xmwbmu)K)&iUrw4Y zcW#ef(zg@4xMc?}BPbb>dt{SGy}#wY#@D~y+d><~p>BKe z)tlh;BQ|80KKCr|ZZeNT>$Qt>N)IZpz6zuU=xmc6&8T@$Ikm)YACww_98Wh_{Ea+< zwr$SkzKlAlLDd`}Q|Fv6yEvcqY-C%p>>VZ=>6*O{J$0Ksx%t``0601l24Lstuy zx_C*9ZE3m(QPHknljeN5yYBK3o!R`*3D}VT_%~_$?EjH{&cMLV_|MZRSy>7Gck}i+ z{`*$<}=Bef2Oo$6+CYg-n)b60P~1SKlGMStjG^ zbjAxu0eW0AUqxaI$c{8z9Hm_hqh_ZS$}O}!N(J*|gf_O!BlG$rJ7!p9HfU&Mk_;bh zIQm^gx#%X%^sW>v11fP?GGRsfN6y@VA{1%h9dP zHZClUhW#k#^}Lq^!!R1NQ2vOiY`>?m?_KQ4^ZIvne zXb!BZe(BxqU7MMPYfIpXbKW4%z7BqHtpxH95OWWbr(nee^qJFq)j$8mbYad)kSQ>}XE_xHM&uF-3)m^3_`#%Sus997 zzrJoz)y=4bGuv=F=P+mLJXNa1C}}=XZ{-{;!oiRZQzmb9psL$d!{%wh+~oJjWG5wH zSRCw``33YBxMT0N?aU1SoDj~dHz=?{+ z(4?rbBoqEZo=W{EHLSK3(+fpHRbqx0^#z%cm7b==bVDtyndvduPRG(<$J!a2t$7j) zlD!fO(oje!C5H5A$|uX9Al*aKT}7i^3fkL{eLovm-5-HGUm$b=LC490m|9ALgWBf1TlZ~0+|2;nc@BHlPv&=-m#`13{`EL%}X8YecY@3OR z{-1|!Gk(tgzaFX${f|Sn|7EBQ|1sJBN9Sy(PowXWM+;BBe~4XBQZ?qz_57@rFo2Ck zz#|L_bo4t;IpTfm{3y$U4E6nAzW5`$J`NWJvPD!GkX%!Jwa$uuxSqTVvR&_TzQcNZ z9UD!w=mE7pB($99{6BvDck6K-F8RY74dt0) z723DN9v!T4S8ARiNjXHoC=7)Wl3N_;pME{+(WZywtZ1Yo|A?(~@2r}ezAC6DSobgyHk8H72YYB-*Q?}eH+@E^XXrMPyTAGJ77XmzY z&b4S!$#(=Yp|MIe5!!traAuKvtRU0LGu&mQBaELNxbxQ8!=>uhnQJsx;A^7JtOqEM z2kw5)@K3Cbf$D+~M9dLaf{A=Y1&Vu`gz3}}ZzkQHh^WIW*?V8yH^uu3&>o7p#M?BW z*4J9O!0OlHk5^9s9@F6iIA~?Hx`R|5lhp#?5? zlX7&`bJ?B6WFX;r5N~j9HEV%+&H#usNgcAG`c(wk!3xnrawP&tA9wl}NnQ|s{H=|F zn_}&QFBKBBW>ZHzd+ec!sasc!HZT5!{UN$OXaI`az_n`T6t}H>pdtjfm}PZ$9v=FU zZ#+v8j7)Q{8K|Io4?p)@{BXIw!=Cq&QW;4mC!s)Byfs#ClYv%!rg6AgxP;$k z6wT-TBPFr5<*ED=AMYp}Nu#8#ODK4T&s5`}dWL3U>#c^fY96 zYhEAP(Mm-Z=4cD^KU_xlBF}Rbm+or-w}hC48Qtcl=8%l9gE}Hykd{9aU7`ZDpBD{v zdg-iv_3;^-fZa1Pij@Ydx|(m(X@p!8{*rWG_?rm;X9GRDRemRd1xMann@H=E=}U+< z&s~{s?^e2((LHpVBqbz9W{3(=3Yf;{_CAUL?bNBAQw4{#WV!a$bIJZbVTxB>peMDY z{WaHHqP=PdtOLF;at88U9wmY830yNx+Up_tMgA^6@giax5&D&aiO4oZwsNG!{a9OTyiR)l{Dt2IUkONtyb zT%r*)k2b%FIIOp2`|6_5lGXjoe*ax-RR?8+FC@1Jf7J`c^~xg36wfWQw^77#m3XNv z0?>Ldo_m9)LPcz>56R~RmubW?uCmGv^=G-RkI`LWTt05!`g7`C5Yhi-86@a{iK>}^ z-cp)xju6t;E0?R=>ye-iolt@zUm&+qSvH!^w{b5;?%+#Hu^=y<7SDf-;~$&4h4Xh+ z7C?>(ZOzFfHj((|QNLY>b|F9keDpnOtSNL@kn2C&`1M5oi~{VrUYzLGj5RLju7rey z=!XZqT@t*fw->ojuORz*4FP4SZ7q7U1zEMUf*IWxdUgqxrE?a|Y4o;BQNL;`_J*E> z11a))T{bS$Nl7>q6Ho1`nrKFl$I*IW?XDTgpcHZgJvxCWKfZW-zxW%@ju>?W+(;e# zsw&YN!-nmc%qR*vBS#tpOU49ev%)H9Y0u@)h*?+tEn z?izf^P+q<-9`i8W_i;mpJxdBpq?u77fLpJj_At>D!7f-xrqIEnVh$Xw5X%p6x#F?D z7g*-0%B<;nD)MKJqir99X`AqMF9bLQFwOs{(J|ZLu<|r0F^PJqW)mGO25J-VY-wqmr#*vRY$P0@PbZ7{YKH@xJTxs?C;0 zHBqI}gbyTOXT#SVpdT~7XPvOq{G5sRdvO|$xAScae1cHYfu6kD{~D29z=9>uTm zw{)@In+cn@)hL__;|Iad${SXX0_Gk@%nh1P0={It2tP4!Pa?i&9C%j5!~TjiF3lme z9Kf9LMY7uBA}shW#gtuk$6CkNOOu!4Hh|^su^x~Ll@Mal%fzYCQ9Hi&X~HqpIU)$02#?_d?No=F7`#Ol1EK+wlbR>uR;8nG?L_Jvklhx zQ08V6hV}yvm)hjTw?91@_kfB#`dY>HBqCL?^ja{>9rCV*TH>S~y^LvM8w=9~;c}?a zZSBb*E0jH@2HaMulYk6Mj0hhjg?$((g&86XlX0De{3{~l-X9Z(rDKkb8TuO(q%ktU z@C}qPi6-yp!Y~VZKuP?8;~au)T(d56zZ*%r=I(&!vCqp&J$o4ZsuCpP@67G0RMzSA+6CfPnhc2K>AtO0c| z7F%y)*X~OVh*CN5opZA&06i$Ibe1#1|-JR@0G7qNaQxaJk0ELJj{qaGh6{h zNcwh6o{4f-tpI0nYA_=T(~ZaRvAF3rJLfx3Ki^JRt271dMqDeKu6sOYV?6dNxb^3s z7_NLL^huJ~=%veJ?j_p?rBVMJ0<7qmVl>LD`pV;N2r6AR^_HNdcs{s>W^MLEuPFIk z35SBMpH1?EZSG&>A$N)VRvh>OjB$Pz1ON)q+#vd#M~7xV8RV!O`e?orr7^j%!AX0) z!7*X1@t}%dk_^E;P4i)s^p^W0M$AlOj1CA{zuq1$5XaYw+<%1e|B+HLG#eyNt}dK( z1eBXEKp9qQiYjdi{GqMMUxmJrez;hk$AsSTh_;B8Wm2Qf(*PZ`GVt7Jd{29_a#dM^ z1Ynfk0y0dot^A2J zb+W*MDe>ij=Ej~WH8!Kuj&3HA5SSRs(~EjxOf3qOhyYj#sVj?6=f}*+d$>3-QgXsd5d;%FJlXm@~nF~MlBf*Xq+Yg~1T7S;kb zhyn3(6d{9;&){Y8^`T1HXh>{4>{~RkVR!QrM(7G6W2!Tlh}{G00U|AO5_2SirMoG; za4!{tQQ9nNF)Kt&WreabC^l%1$hB16QysK%9sHYP59Fre0Q4$0$pXR8Y33O;WFSOH zj4&x|(f}C*xL{M)f+RgUFR0Qe!NV0#Mg;@%$jq*sH$COoDzh!4p+xN+D@rD^+5m9d zm3U+3Gw5(^Aw5t~&)$S=6hIR*mQ~;ul+H*oLyR{THdd5)BNV2Po+Yv3?Exs`=XyQ4 z8APDHwpl%Vpwh5r45Y;WU3UjrHaWGdUlofylWwQe5`RPHyjm>=}~FB-=)cq-*rKUD!5;;9tt&%fQ~rx2K5+*Y4$_7QwH-ABg~Mok-olQG|K z8rM(mor!)RBQ**BMIe>O1;7B-FLpq7)?&c~a%-gFVZw9;4YfZHU1B{j7L@UUCJ$@* z2IryY#M|KD_^BO~k&Z3Tjn0oDW5|8ds0Iplq-{@bm@2Zde5qg;6Q<6@)4&XjIQhyn)_s4ZwA z>KH7onfGVUmKjsCnConjI;_*CS7Bnxr}4=Cj&vtLdV~KdSH$U>_(yj89|ofH+nqq} zopd<0O54@X@oM51WXfWvoOPJ1f0WIDuBC$4%I_)%r6wmRFew+tzbqVcA09wP;W4I) zwg`$6tVIo`JTl!mn?@31BL*4`wN&4NwQEs16>~Udmhv-5P4h!aUF6FIh~Tj?(ikzv zATYXt4A|mD8j;<4w!GdjW%`VNyjt|~n4s7m)p=T%5;uX^4x>L4eP7qXo z>os5u>xBsp$^F$^*c4m#i5~kl>iJ zRZ?b>kx``#fRM_<1LfVdisyMBy^Wvd<_*OjLb-%6XZ22eUwn-r0~BDo3y(`+oeCk? zUsV*;!Gr23!LwcWYg8+gqU+P9`4z3z-@dFBS#FwCghUo5Qt?4Vv}CtxbX>fK!PzN!s&A&I0Q6Nqs>6jF})cw2dsLpI}g}W zMs{GWFvHS)T9>aUjrltwr4$Qy2fNWm*l%88gp3e4d1G)(&lIO7sZjf2O?OYuQ>>1T z$?trB#_WwqA6%y=ER|EX)i)D^$jzeR9UH78VCeYRK{2ui{4#caD9p(I2`94t^ z0JT*``X_dQwSIS6jctTQ!j#xLk*YE7FefoZ>GEr22@n5_z)7mowO#mbNRHp5lm$Rt zm;YEG(hMsQu+1ncnxE`n+N!eVmF$fm0K2cZK!HF87GWobz!@@!gxSY+HCEvSkX0cX zF@Hf6fvnRD>bx6KB=GDl~j*r)fw8KEsp`JMX#2|=KxX!?ZWS%^;e5!gfzmaLOz<~j z`Obt`EbhEz=#?NnyIES24z>bkD@i_{0==EyqfSFXub*}jdzrxpO2q&4(uAUXj8@p9 z;H*3aNX)2RlLc7SS4N3g-N7dDbY{%^GyW*)pQv;VbKl3bWbXeD$%I`e zsYp^c)PA<=nmznB-Daao?@GU&uc|WY^=e&z6q*KniS7dRU(U{-vVk(B{ULg@TDed* zuxOR%=Fu*}GR^(h38a|ha&S@T)E7^ z8U6UdB&4fA*^X38jmo_j2ZjVKP+O*>iy&C$~~srC zD$+pq!h|-jVDLom#fBIu=UZo{gjLsn>YWM$-h>Dl+z$V0q;9W}2~-p?X2F*`FR&#n zgwl$KySl}~(LeW10lo~HXgk}Qjx+S|8~cpxqc9)>Lg<2;iD4{q%}3aHxu%ivf5HSt z-~n5`NN?t)+o><0-gZ>fE9ml@iEk7)7e2y5r=4rjVC@k1?m7q+tXltwf+Dw9Fc}C; z^7VE?^~(-o1$4m$!d1S4Zi+SxzR^}>p#NCB-Tyx zqd!Dq~o z!E&QQERgmEzP>_18Pr>xz-{lg4>nMRdfHK$wT-NXjIsLqDHKvHp-C%TC2WJf$GyHf%Xp{CuDt}9g43<`Ct|&QbQ*UH*OZej` zq_iR7KhVXFGtldOn6LLX%Sya-Ii&$F1r(|1`&=%MZRwjcgCf|tTh&PXYDD2m%>xPl zw$^`=^4Ju6M49L2`EwYjizT^qxYwW{KKSm`iZ-C`E1Z8Yb)f%-n9yN0#If1jcYRLK zkbW;Do0qjMx?dh^@kjLkcq4r1-$tj?@@Nh#jl zvtC8Vo-O45-Z-wtQ6kRCMLC5N%71v40bAKf)5!Me>PDgBTV~Lt6J}%~$hR+a9jM8E z_<26KAMYRh`Dq{WD6i$4w4;jgnBL*vrT(rXQu5C(QZ-H{V^OAUDB1Zq2GjvJS;P3c zp~#f!F$Y@*XMNZpyNNuFrm{aS6kYT)(Bb`b!E$X`bIM3arYL_Lb76Z#?w_c*!h=5X zuVNdtdT(0)k-T*{c(@GyfoWS>&)d4sMx*w_TY5tP*&o*(RYmba1w{B3F7EFQoMMqU zed|&y0Tw`!nU;RHV_USbr z6rbUZT(AphnI)&I;rVddap{-==r-+V*J@n6iN$XHKY8;Cu) zxI#^CJ?H3E+{Rhrs$yv!+?bDS-{o-7dl4)oUnZhh&Nu7~(CNmwDSde{A(`TLA}#HT zCUsJt4~mJ592*K9dK~FY?43Sj%(c#=E!|!nWs=zz5KI zy*5zkcvsKt^}*M<*?3a^b^pUhxs6$Ry#zmE@nZDjsr2-8`tk1A>#4s?O+_Q2s)OcY z8thA6yr=50{);B_DLEnnzy|V4)dh%gUdBe*^XJIen z?QJh+d+_9?mf~D{Av+yTM~XN-s= z`OMAGI=NquJ&BbDd!lq5Yr-E&pZx=TA`*jmKKMz$?bvn?b)XX3XEi~un~WjLYB3}A zT(blwma&q^0FYB-MkskWB94;!mGqsaPh+g_DUA(ZyYp#Oj?d?<^7YcB-Fcs8T8CiA ziVC(Dqtjg{LFZlE1}-==nx2!K4sK@!_;8}PB(Kv!DojP*P)$HRWXfL4Sx6;%{?T+j z!yHNSF>8L%oC;jj*>d!uygr)i>Y#Pc#KU~lrID8FEF=8C?L*l}FdP-@u3rguM5wIy98($Un6l?~EUsxoq!HZMSV~AE;02k> zZ?v}}T-!Yv3fy^8s)leynGq=iq%nf(#k5; z3nfNUv-Tzlw`j4Y^G`rcz#g(MozT#7rS^9o54|nSpO2_ays(*{D{8z*wFfcH%N1dz z-ympKFG_Qs+di*pY_^Jp_X#qN^nKc)&M0+|PrvKWuk_B@xcTZZ2UbzfiIM7E$j*!2 zne2wgA9$o<>_vT%Z2wlRmSTNQ{6*pRY~a4olyz>~F0|rOMxR%`mQD-m? zrWM!xT_b}Gf%KXE!<{K`fh|1@EC{hNPT3t=wUO7#x-Ac4zH{K6VEspK#jGa}GERPX z_GPJ;xdbEKeL&85d;=@I(B`-h3WuV%DXWKKvV@u(&5G;qDx%|pH}VFQyH;GvqwTAQ z)+ZMp+3!t-@w9yTvEWAd-jxycQ@2qYHdDX?r)J-}!9}lO4=6GgqdydxT zQ@lx=ff+l@HEPMyi6onHOsSeO>sI3Vx~*mp zzP*v2&Y62)FX_vQ4|brFUPR!j*rIk^g>O4&K5#DvQ`deUGBG{gkcJ2(p^y9Q@;ydYQ2QTd|EmS5=wppGH(F(voJlKGB6oGA8B7Tk2GJvO;*K$ zm*s3~m!Gh6z1sgw-_*jM3iIk5BD{S~-6&~3sPc`ZV@^7B9-M}dN3GMYuhhy2IK>_{ zlyRHYcgd=y@S<9pBy2sNnv?u;&5@&AK4Y!=I8})+6YVnd4ce~N*&DeXdF7~3L?bE+u~+uP zW@+oA@Q620t8kF=S*wC7AXDiP7cQ z!oERwJtq|M%i%3;ky>1(81Yv$^6>U)8z_~t_Tg1=liq``dz4OMUYdAhpwukVFs>vl zo!~W?iJV$q5WF7{+=D5GFLm1IcVSZ*YZ*QCW-^mQ>vF}dK0f-#`CQ(_a{YKSRyLFi zAVy*%N&{`&opOA&B3%QyH(qYXXIshEf(;k>o@!<1ol>Em_7!V@4xd6bhCl_?@LHEL z#6k^j;2zI!Hm?BX#i4Yf$zLi3^aSW_OnR@D7ej7AL;dIgsAJ?juZ5X+FWg*Ed49IOcGLbyXgRte)Z7^peA<7KJ`R=(wUVX98O*&QXb<{<|eK z2um5O+LV^iaR-M;??XLU3RFrzxheGdlPp^Cl#HQgBz?TDTX1Vibkl|+H^c_-m`COq zhdVNQhEZk$OV8NgG52B+%QpM%gFDw;3_V*~9J3PdeM;P1bhgpWA~ zF>Ts!iy~%Gg6^O!=n$E53KEwE+s_JeoNe5M5N=A+6EtlVr;fYUd*)9RejF(l7G;J! z*R9fl04-<5GwhZCD)PFDv^qpvOu*_vb3;-bfb5QsxON>29<2m`VQlR z%_vJyv3rcyO!|>ulfADBf%KUKK$B#;TJ#?a@!}AcOf;H|P{Z*LYRL){!eYk!ZrAVT zf&Snezv9%JY3*4}=E*ZYo&*E{0Yt2`+3?_?XLQ#k189}&%O+jnU`~lpWKbhYxfBW| zWQnXGBk@uTGe`x*WUt={a4UE*u{X!z(+=qk+4C)K_d=~Bg=BRfXNT!#kzUS7H}pKj z3)kqQIT&i$F+&jT;yIGAWUs-UQsM)eiQZZJuY5g@6ym{JN_uFfG2lSW@NsDk`~oe+ z)yCJwfJ%xI-qppg(otOoS;YvwBoEjdX2`SpU9-LQm#QR81ftre@VN#HazoQ%wVbiz z%HE4jp%rBqvo-GqGqs4&b79HV-jJ9k$Gk*G8s$1IIh2OdC9p;5ik z1Kftj6UyF)n&v_533+@opNXGzpnnbXU(exFDZe2Ri(r$ zuP5*+-mb#GF~E(e_~sohLTkze*w5oLT-WFG8S^(ELqis|i1E$k3v95jk zUVbiB$<7f`DFd5tr9)6s1VQ1~n$`)GQ0YGVw9K-A=vA!_**?By1C5UJqgleDXUFqe z&vhl>#W`N=GD0#z%>!twj8aYxeI12t%}f!nZseF4Crnz0bMltFQ1&+SmB9ERv7c(N zL9Hr=b(ND^;yZ<}!_1}r$*^nYG|UC$+;BYl@LVS7=3^?IVCGBn{Y||jV}kTJV_SL1 z70Qx@SeLML$)(B=1H1PGg>@zZ&jJ?eGm5L^1aX%FKpAYES;}8@p#tY7X43b&r>*!9 zY`h!J@mM%K_U+;!!Br6VheogkiO3DnzPmj^a%n%$j(h0Vep`BKG=iv!w~!QI3~s0# zhIUJQqg&mq44(cis-V?Yant6q_VK%{RILBYr(d`BO$jJXy5WW!aR3>6cPTeVOBaXF zCd)JWScOwei2KRyb?}%~+@Ad#RYE?KOJsgq&~=yJ?RjF^ES@^sN(H$LO{z2K$9cGp z^GYBV-05+AHn+>2tHw)W@(C>YWV3!z)CZ`A7BujGnf;z15el&cpD&x!Z@ znaSlE8aeaI5j2dqCH&@wd+0-S{+LZE$;+wyj=I#R!?h@buHiI;i6eoLv;I-?9|#Y za$oALPOhx|15ELi@;J0g@o^xIzNJL(#qR16IkbSY8ee)?zB_saWii;&a{`xViLwIS z(l`ZGhOTnZ4he}|26RIfr`vY~iuCtiWU|6Bti>N@;#vH;%b{QTn2+Q^amnni>oY)w ztcA`NNl4VZe5XLTYg49g`od(eMOrB4Gx~;S@nrRZf9NTi$N$u{>oHrdb`cl4W)_pg z=z7lFMylk-j~8G=_DTBMuESBOnH#T*JX5X2-J@ctnrxzrY$mSk=Dbs_$T0=R$gN*s zH^v$+XFtVp%oLM3}gu&)lx`U%>eTnCx6(BLfaJqrDrNak=`IiYLRn%WvA z0cwa5r2*Mft)YO)t8a3I5pc$^u@n-y>QKvMKla7vI21Hk#ZWsI@bZmlFcd$7GGnP? zRw{MpSQ2tM#U$Rj_=8lSJ&QAe49mLFkpyb`Zu!Ao2WqNvxYA zsO&GtgJsYEAFfpr8E%)8LO$p;==+1S1GMJh)SS0S~wo`Z99>;?2~?y z(#hH4+zO$xwUooNb#he9xVPG1aq-vgIdQVllx794>ZL>lgl^{fXm_;15BVo*;Tsw(B1Tx>fd0I1$F?*5`y8nN=%7$$?}Vi47{cM!zogpFd#I4f>^Y zUqF%{04D0f(}em;LMpW1OhP`nt`_BsV*%Y;Akd6VAWM^umlgDd;!qD;#r}(y8a<+P zo}~Zv8p=H27W4baaQ?wa{3m)R zjIDKReD%R!R*#m^k2bxe^d+HLrg}mh^U!oo71sh)gtA&UX{(PA_!b+U z{5Wg4IBFC=uQ8g4_~(m0M7KnpbqDP4-0AhHUzP#xL% z@iD*wx+;=u=)+ej*~wCuURXpf}Id7{2-%=c~ymT0C#G;y_F_y!XKve$jlH znfQW4og!djLo!5zF&cP4uNo6UQYHm%R&tO)!X^VS3h!HF3*wbeQ%?cRHvuC-*767_e0+aKL zX!vgn$AYf##l?hLSg83@GyC7a<*#{Zk|ZLvEac6~Oq^nYkck(h3!p zVP@6O#=1e%i_+3c6XrZ>S2NW8^-^ocdX&&|bAgN?B(x=CvdSm}Prd+;@n4hN9Y=1+ zo%>*usi}naA;q;hh`S*N<)W`3fqeP}IT$jr*jitTmlW{5VM^s;?3!edJ+thxYF0{o zswjX3Ik>Zpq~CsW9F+=UsJrTCGgONzLEWa7;uW$1_8FAR?Kh+5BEE7fdSfbDG)eB! zDdfAZfs;Nn@CLIaIFTHnhSrKlW0a^co5f3-hSq9;SCaxhbqxw$(Kr`4ISUoF5G7Md zOPujghhq&!dq?ODPfJSRW$uFk!7Bp84I_dKT&r?U34r?mmU!kWG*}=ae)udQhi9b% zHt5ftdm>|s&v^qHY%2{^ZDY*>LTxdxLiYTeZ13K1UqpE4;n;p3S7d@P4)qLs!);2m zEquV-u;29>@B$_=1J~YAkAn_r$JjP4NA2a@2`b`DaMv~o*t5RK?p-#0)F;`DbP}8? zPyxg+oAhuAn~E7}B&wCDpPL~<+6|B;6i0oor5$&CrPJGE^qi5Nu?)j8F+^YAwA7iL&LwyzUhfRF@_+t@Lft+k@ zYGY7EfBJC;!WIX#y+e~XwwSVF$$z*>H*^4p_b8rXGG==pL4~(O2Sigy#rJpPE`CPa zz6wa`U@7@so38pnoAI^0$$s(Kn!~_F-ylx*L*KHYtNDECUt|+XX4P?byI!)z2hFe> z%gy8=h*_$9XNE~F17@<}Ma|Cx6w&VSh?TGbCtvjKj&WpRB?CCgldE(^3Q_EKvE<9z zhb^^U^CiO>R;9wkBeQoaC6r#gmRgG0Ge${Gf^@AJN&SY4(e>GB#HjCeIgGLub+y~0 zxAQ|Gngar<lCnGX4G9uSnvEw_zx1n^)1aoA-<-8+& zwEzd`bU0%f!sqz_y+9Pf@A!R6L2mI1w?a?`yotLM;^4!tDB|g#4AR8}ILSMo@y=k> zW;G=QILJF{_z4xOlI~@qxA|8)VZ!=uC2g1gG)g4D6#F3RLOh)04HdhBQjQSGzj`9a zM?CoYj~V365;qPqmm0ppmAfL03RL3dN{%NrcF8|K+u^jD5qacP?BKZFMwF2$A;`tz zS@RhDbo8~&oR4xIas|#<5)oo7VZZlnadDS{1a4hY#UPc4rX~X(C26+|B7#Enavb+{ zN2-k2;gMCF=wpnMTmdeMGYy7PT(}2V%&Qkc$-kD$r#z~<^d7tpbW3a%1eAz9AR;`= zOtIwP5-}!95_pk`vO=5rzU+3Kw<5POX*r8q+zny0xCe76cij4`Deo@0e&*M^t_%OD zVY(Gu&B~(FA6t5R7dofZsfbv){qkUZDJkxxvE%7(>MM0^otq&R zJcq!^E;kp{i*_*R9{e|>fbgn_M5AJGV%z9bJ({xK{%u+`MdxJb;-Vhl(t7=d=X; zE+L?4laLE15fVlk-76uUONmjVdvQ$>%p8(bCKo5)Z&8jckQsP{!4Gwdzn}Dw-a#HfA z`Wm-icOYPIKO0W=s^9~*Asv6&tidZ^&O%8D<)dRU0B1J69>Ecd*xada($)lk}C-7Y4QLhFLp~KVHb0}U&Yq@4Oxf!Vm-XeWvE}2iB!H^ucXh)cp6MEb5n!{o56d*yjwz`rH|*uC6L{v&ei_Ifyo*zWTV& z{eW0zp4Ffz0F?~1Fz`W- z$p&BGY)xHHB~-{DOlIbCPaPFikf8w0@c+psyg`I|jS177VJ!qdzG-vgm?{}jsm7>& z2s^ltLDiMQ(KvEPx57GscHXWcqX`#sRPeubGNTBx6AFNaTD1d zp*4GI2kC-GmWT`M4B}uR#iYBGK}luW!&K8F(4qeflu}J$vVm|wY*IY;F(s4%Rhb}W zA{h~WX4OqXr9?9Ky9+sdS`MjPyW|xAq{13THurG__i@aTrQ;K~gW$ISLFo%WV&Wqwoz>#DKPt9K{{6Y_20q_NoJ^2O;FR6NiE!a0vTow5sDX>gQ}v4gRj8$b=GN zSrjClDB|3fj4O81#(OM^r<+=lmySX?0*EXKEmcy7~Z`@~T8 zv3on!b;3Ft)Ht!&tV=GrN58{g49Z`SjjU^K5)~`Cf~lGiiFG+8@w7RThHD2|qdA=r zv1iU1n|KUU$T-3-hz1i1-e9qm$;zy|@;66wx=^v{Kem|6=uKsJ43<1{%J`eg@QYH zT%rPWZK3m1WXjE?4gVN zsvYnWm9n;vf6rYn)0rQi&!duq|4);FdmQtUC$h2YMdS|=mj?});vpjdWqS&9J0LCz z7&Jmtf>e)5XM-I_sMy1d<7R`o$b+trLWy({l(GX)pinu(8`3*%9q3a&(yBsH^2TX2 zu#*e^lOX*!6~=kReR>>>qz6p*_(gQ30yxQ5pXwn++Z+ZIuoI0RsniU?Nhf25CFpN$ zh3xKF>*&I5L$qGUcbmd*w?F*CS8Qx$1T^=PD`Oid&CH!`g_KPYZ?{3L0fg`ZeB44& z(sx91$eXStc{$(>w}E7mqNipF=lw{aEJ`4_IENTQ+<{b-;!nioD-Qc0ddl%<|CB8v zjv2C9evy3%_?%MV?=a3xFmgmj>-%8=pwIzgvAYr*c$6-m@ zzxeb2{4fdURl&e&?7y{#AI>brl_ecSDhu5e-sa-Uoj+zV3T-m|8N261*H)^p6a;L zZn6_vY^tL^K3uH+mgA4zA`GX;{cxok{MNE5JoS-vd>g`aiLmQgRf$@yQQQJfB`vA@ zA`>eC``I{>c5CPPE+8{Se!Yd*x6#$>=WFM~4N9?YirdS$;fb9yEU$)*i$_@GV%WWp zfK2qmjZIs4BnmFMdmnDg=+(#WfKF+!+QtLiDm2{&jh7E>lyW&hy*fTEohJB|$Y)d7 z^(~)mK^F+NOgWwih^c?I*?o&Z>Hhyc^PuzdS*a)->ER~g4I2yZNLMa_WlAC`E&3>J z*>`L{!lOehB>G5X>RT7`TfqiX)&oQI5dt!I>$isXZ8gE=MZhcJn}e$_t#-?BaS!YD z()nrlJSV0(YZRn|wd&~=Y}$WdHE^5m@@YJChM3!3y1a3F3#5#=uDj;$aLwgKsQa0qP2bV5 zsf}QVb>+A5`64R(+UYIk>xb9TXSgDdCNW@9-~EI$p7iIiTVqm7lOZ+5Rzk8W62eHM ze^7v96{dE*NquYC+0G~QHnXBKWVLE@`l+^UL{UWf(shYXwosx9&S5od`5w^_;TVJz zh=w7-^_T=2Nf&6Fe(+@+B*uWiA!k`3?A>eLKy;DufY2&X&T1HU#VB6%%^32Y?a`_h z9li7IrYGMdh`b@B@H!N*1#2bs`Kb`4(_Fu&2klQ2+Ui*KuPGpny2hbY5Y`=ESj$h- z1#eV9?o51eynyCTEBGGkR)d^6v7eUG3)>&P{XZZlRpd0or!9`+-f+T0!MwH@JE^w} zRCOSGOam{kY$F{9lhO4X`cVcEHb{OW{ae6Q6!T38GTi;sl8vy3y1=SccA2MEj zJ8@Mh0Yz5zcz#W~>qbmVarY8lG%o=NI?rRe{$&EA@7QD_ueB-U4kY z$t0$8Z^(fORCE5*6n;X0&~#I*%_lfcjd;K@7-$W0T4yh8o(M4dzAJZiTq~%=qdpLk za;Zl8s9Z3C-O!@WI9<$fcF5wb^^niNmC_!sD1QF7+C9#SR{h~#ji`E#WH1W-A6qp= zCDoHIh@;79iI+#tdVNZ%t-o;s;Zb89ebZFjh-ByzOVH0{b-Uq*iqedRSiOY6^x=FV zvJ4EEVXaJDDr6?>*&eyDF+M%bXv6P;P+*G@wSHU7FX3VuQFdzCOml42L$8PQqk7~z zFC(EvwryqK;%=<0rqS5*v!#7e|6n zveXwzM8l0sA`UJ!*leIZMYfCofO#mp&thR7fDW0DPw>G6w70^Z8EOPfPbCwdi!&5Ed_P{q9qs&;{Ch+jV9 zP`_6Byom@)TI~?MBG}4c=c0VdD7oUWu^IxjxdrsqjMWj?8biqYtKo~Pf)ndY#fd#n zd8<7U4=Q`3H|(L5hsue^m*z7e{b(DQJhpcgf)9LXcL1H=`}gYzskudQIVh?YJ#Xup zF5dxN=Ez-^Z#Rd+@Tq=cUZ};RR-;G0yl45}EYMv(bfB$dvl#nd(|X~5*!uly@jF|9 zuoz$vdxdCK4m%381~?#MiXs1IF4f2#$6=y400S_>@-ag7eVafIgR0KL;6gw=uKy z(++4=X1=1CW)<=1jSe>z2Xy?9nrk+F$j$BUCT=WHJYo;7A1>Wxp`y2j!C}^t> zbGl~4S11re?q=4#;eToi)Wcv2r)&|5rHDx9t^uv&=b$OdnXM{DI{vJ*8Y^wEH4drM zbXlAgYyvxeKS_mqsnS{d!yw{JM2+CL)oaYQ6u+(o zBBh%hv-Oj~aexVN!X@}FzoNoEp1o5X+?P6L{4$w96J`)ETZUOPa248e=G{U=2uTqf z)27#4qM(`nlIuC6nEnp0M8b;Eiw?aO%RqQ2pIJ(H8g~$FsF-BHiI%fA&q4V5ejmnj zBtB5^MYtJb(@8Nn;`%0FU7xVA)TpnHs3_NGv!eLMl7(Gda;HQI5&ip+GmY!l4(Y-m z8DGD{Y$RxH>H)I&XhfuNCGZufSRiF(Wi<0fejS;L!12M@cnwB+DehKGe-Apx4H%Xp zd2jA1{Ba;m+l)&Sx-Z=Er0;V+?tQpaZkiZwfhIbPlUQM zG54fr%ne!m7^-?ka@PXQpID#VmI^>_3&>Eql$RDX{4ce4=KyKv1^_U9!pv#g_5HDG zE`8ifbes=ZiXr5t$GkRpYP`HU%OV<$g?Ft-s0q=>v!Es6xVTP24^i`oNbnZ?ct5Q) z4};Ea2x2P(5@^tdYYqV_Va$e5eL&o=%_>oRYYX}TC6t~3;rVj&H$$I?&76&huz5X> zIE!4MWDssesC(S?l5JCb)V*(lSwHM)7Ar8ghc>g@WIj0bRp=ki0!ZSk%{_03uP4xkqCZeeM_i51>7X*Sw?Gd&}QZf9ByQ zFEiuAQZuY;ETEo?$)mh954;J|+Q3J3n|ni8d(EncQZbw}BfsC_vywq`NMV6Lw*r5@ zx9UOLI9n{JUO;*iIGG1?>yy4ffpW&^tR8U3_3`QLa#OL~`NEG(+ePI2Dae7)B2Ge2 z&RlyqR02zMFGQTg+J`pDukccJb!n_9VDsN9FpgB(5v$HLVD1`R8mPAyw3Tm>lM-#@ zRH!&o?j)Tmn;XTumqyaoo?;hC=&}~y2sP=@j)`3Ey%I=Uz}~W77z^!v1*YPdD|dhV zj-e{?{}-du{~evjz`)GxHW<> zdg~5_ou)zj=bPc1hvtFta-zvI zq+=(igs&uRcfil^A@4!YRc7UAlk(b=Ae~-KJ&is|!(indbvu8!W>V?z@Q}t5)q%7; z{J|H@>=?AfvVh)LB@B&5ybeO{@`8x3>5~SVj4F$V0dboNwuxw}LBn4L$t%gy2pLzd zAK^o3&%>|%kHN{yU0&Y~&otk*dIOH4sh>a$xqAH2GCJF+r**ILWo)o(Cua4XFYHn5 z{PE7JfF0b$Xf)y|UHC6}E!xFWss)>Rp1aN}W+BMmJKipu^Z2V4S-bnDP+UJBG`-6z z+1+tEES_Eoy-9;b3~*Lzny#SoDc5VYyMqpVOnujrVKUL6T#?SG=_ZRtPGLeb<_K7x z%CQ0p8r6u+`AZ8Jq8#{3+*wE1YK~;~(h8`9m#k#H98{o6TB;bU(csk+8#CR`K&0C5 zNzi`iuFLz`I==9CTC++)Wv;f4ji6L+pn)4GS z2*@UP`z%PX;aK;jVjd?bi3kR@7P0ir;&aIr@<-0ieHNaRgf-a#n1|ojyhdXR&=s3B z6s|z$*=hKWM^i4cvf!(**;1MZpD3!Q`%543ad_yTU7`o0azyi#ls&H?UPW~y+{ zc~&Y!^SbNMME$%ImWUd7P39$35s`dG2L!P}CAc(9}TK zJuul8&bGl@ z!gmw_4whk^QPQ+lylcku8=Qoyf8TH92bQbsP zjP|QMK!QCrC0^7}4MI}YmL!AXqr4qVmOs~MwPut>1WGR`D^3}9Ts}}2b?E~caG|BA zV?8PLoY#n}$QXie9YmTcFaPXgC}a~!KQ04-7IdKiZ#6G{LkLB~%pbJ*r+jIhM-;;7cuUCV}XF2p-fW&5mL8uX_3Rid75*A|Gdu|iQ{2@voIlEL~8UN z21xHKz(TempGyl~CC8idp!NgI-@&IHXhFypXgBAhoU+`WYzw9BW^)et*t#AHXLJI8 z42_C5WRvx3KmblCct5E|&Ez{q?_fl@huXwz3Afyn5&6HEbV8q<@I3AIY~V zH=&uNq;wV{>>yd95%-2qW>1fE^?D16;7sKtLkZhS0wFGep_Jyf^s$ zRTLz_oIbkC`m0Fm&E~WE)41!yW%_qxjWd(c8p&ZWNnz9ZGr5tihRu3>BP6LY(H;+V zF>K=Go>=?YyJT$ddIP)N#p8H!5>o7gfC%P$V{VyZUb&8Ua5xd+FHttbtYf3VtZl-0 zGIc$Q7v8pt=8l@i8WS^Ws14R{n@3}`7cWvmKJo@$t>6H)DG369szn0eDE+QC85?!N zQnb)u#ZccQN;Y&DT|*;v^Rh52Lx)rA zfMKD!Lum)x!RiCC)z)C`lLQaxlmdr3D5}k_(5w_mK6~T^1wFaHC<_W^;8Z;wHw`uVpN3U!5i~M5)71Dw&- zg5%1XrMXMeVumNBMI(s7e6JJTp}jQh(#=%M8rj?15BC) zI7E9I4m#aX%N-4^H8%JMedxZ(x37-=p3I)ygvId?RuTDfu%4(m6Qq^|s6a@Ce-4EW zW)&VFVx@sHN6(-OfFL29P#rb-%6zQD2@wMj5m==`)yvfisU1MW%JAcd0LfsZVIJ%z7#8rKMdFQ~x&@SvYEy)f9dnfWWpvcYS=K@Y$*KkB5w$>UaB(= zXlcW9nLsS!B*Bt_uXXCoj3ITW#;R}c=^DDTc8(}j$gU}mGh;T*gzZbqtks^A`#`ly(1G}uonMBU^8nqIG62hHK6nt_8&R^JND|E< z9|NSU(p@dY{9H013lNjKK_nVp#y?oDO#~9#6ZcP$8d6v;nTVHIVptyz#>QiM{dhjsShE696BHA43fXJLhTKDb=?ok( zmO|lp{R8}d@%Doq?GQ=xWvnoyAi%z*?@aaj$S{i?h*Gtfk{v*I?nCO6Q)57E1taF4 zfdT0|8Ph&Lchn3Z#QIreF=0e6Ui&9PZxbZ)03at7J7PKQc=0}Sp!3r?_-T;3_p`5p zsl6g(A@Y}}4HALL+MP)!&()3|FBVrpVql4yA*$`~&SD>#Z1!9q3E_&#fZ{Dw4V~1^ zCJd#HRQZPEU`1OFzcn5Jv?E$lGN*$?Cs(l$HcsT`{l|Bx312M3Xt#k2=0%+89IvD4 zY~5T!;nvGM+mBoFHCofyWrIa`b8(WEs{v;Z)mj*psMogqL28Wfk#<8e03*EmRy}2s zA#gB5WoLs~0IPrq=({Ub9zWa8hQlI{NkG*@U-h_JHCEi-LX+BzVw})&EZL{4S^J}C z0Nny|k0}2p<^xH9_)An}yhM!KF;T#ASr~lUOlJ}86=CNn`GFD2RZeW7wM~Ga59VZi zvocEv6BraAJ3%T3plR-Kchh;LMjSn5&~f|OzSv`WXk4|ah{eka_QJgY76Z7Yi+GZP>zEe*lapY0!cCR3+&T{l3RvDa1kKC@AbofO z>odD*Z+}fchkI{Wm@EE-0JBpcZZY~jrBh{By{L4cMm9__Box6yBN9$MW|S{uRUGLW za7-q=W!kW=Lzl0XGfVGr=EP6&#{-ga!gDQ0jD;{`Qg?_^)?jSN2fYM)=Rmf!WMJ3B za$OxjtF#$?9O-Q4{XS8}!Lg4Xoh)BEdIIR)O?nL-w59iMpzGxQzj%$Gg@-#)fb1=n z19oEv*cJrnj4X!grG!VC-l4zE__P)$fu{oBKHnEfW$!9aUjTlq_gVsvlfJRbMalA= zZRzVR7<`VyWM0NUfCo)1=pPIS2C@*tR$@=aHmz%3V^=H7QK*s-Ro`rCn@<3UNoDhi z#B}SJm++Y^UvOK0eTs{aA}Y3HZHRV1)#XGc37NS!;RcgB^et|UI~?mr*k@qa3p`~Qau|39W|{|n9o`+t@5kUgEa zCF=O!QZ_Se!^->Z>n!Q_{1hBrFZB8_9lSPT5lP}O>erXuQ8Vw>-Q{Y&%hH3Q{k7{4q5CVFcRIO=naw}G(4HULFw&$LYfu9d2gEs4FY@k z1RG8CB;LnWkaBQhKO!g8q99Ww;1|2 zgtd4_6}xmn#@QVhby`ib(Wd3>_EP#e2GE#+sLOkvz~y_oUG)Ycx1wwSv?L+hErA^( zKVL3Vclxeol0qTT7!IFz?jroV#Y znQ~?n9nlrgv(eWeM#i{^E!%5q3Uy2Xq;=9L?=bPp=fQRz72-lTj2l<=s&aky4R_Za zCf}{G*QeSot0W5~jXy<`ftwfKsL?6q2e)%;11V##Rd5DXa9XO+<<)YoE9Rc3agyX@ zS7-CC8{DG1w_a`{|1?sA1LKtTh26u9q;4J5sK-q@eI??Q1QV)JeTjNBogE9}L}qh0 z+hN+-+jXCOOtQNty53wv@?H!*IFT_&_ZuWf!bEtXdoL>$_gRty^friG*<*?@sjp55 zEigDI^f*_f+OVX z;}t|(@?32tcfql^^`v?~iXZa!aJOcY4n|h%HqK-O4%-Qvjz$W@*L%&v6hxZOB;V zSMb2Z9z^duw&;MySv5u2enYG`(IV|}6TXjjLhRbXtFMm@9Ph%A7Bh$@EUd!y=lZ%HI_r((l7&BZH(1BNP;hwn|$=rc>0pb@D-a6LuIw2@0(Y^LOx%Rgc z9zsMJiSNzbx6|!jjtE%euJcSOO0O{N<4jmY3`L|YN!e`oIW71#`>-5i1v@)4YyP*? z2Tj(gB(xm62YQnJ$#3p@rGl@Hq57*F{x3wz3_SbIK>opM9=}R$p8#KeRi0h&&Hk9q z4o0HHxIg*iiDC(z88s55I6^1Fd{DPvo!B>==)mp{;`YY$3S)^vkPZw~e&@%-e>LNr}T zSl~i?KudQbeWUGTIs1K$p@Qh2e~nQ4KxZb`8TF>-j-4r4HHE4Cq4i8*F!+Qm!YP2b zzon@KQA3`w6y)j(C#g9NW&rdwbn8`phGu0{U(6GJ0znl~aaKO6#smHYK~!!cQVSy0 zLUlighMuOBizVG1iA6Df2aDdmXacOV zxqs&f29%nNgxW^rx|pz$^+E^~MCvJCUhcoJdO6ugDMYx3X9Yy?-7NT)pfSg_l1WXZ z@rG(+dq@n@8EFUSY?;~nXctFnkJ zL#xIxW|rqDcNLBO#j+JfPzmauq%sR_<0Ox;iH?*X>68Wugks_f!7wokoVKS}n7f^a z|GfSU3eLaqz{>pw_DJf2v4H@NW_Z2JbeM`3rtg;x&Wo$}5k5Nph=7JxkD#sOd>Ht+7Q>ob^tD!8u z_VbxI;$?oUV`b&){@#p%G;Ja8VXn>b#glG4$j`45tc_#3OooG7(h9;9W5{lT5T#~5 zVpO>(LTsyMy;oYm*J~7INFzXh5YW_?cK^+W^naQx64dsS7ufVQTGGb>5syVd?9?RG!#R%?ID z*D<**wK2JjL`nn_@M^5xlKq@;*`;t=KU^z#zAyl{f9bz;h`aMf-|bSB+hkLg>nM}= zj<>}uhGqY%7jPsu3nI5$R6+y#tNAc%uGaDtH!6h2wnt|Ziv_|FKyXh~!lyn!x;YG? zjWQv;SAl2X<31w8)D`<}a;=j!AM4(BaDc0uzVf!J#AU@)-XQH*$B6+X5F`h|EdsYs z6#`;N_X`LLA26K+C{Jp)u!< z2;KY-WMLRXYlgSz*Kgq46w>%XB+%hSO>C!r4|WgpPb!H%$4(Yrn(rlim!Ecn$p*`v z^Cn&xB2b`9U9{RqauZg6_JS?+A!QPHRtM49s{~7;hncK0JK8Nw zL%(6u-qO8Bm8d4EVw7(A-xYhzkQAPhgoY^SFOk3F9?cReKaeyZ&^5okUc;-0o$~aK zuWjO#DNPu)+@7ot16aP@J6S1>O<0Khmg zP=q|9cvf*LoQdG~6>u&}#RIVU+iu3tx#Al=TRiJ5Q*y1_QI^jzissb9b#=NZE`?0E zMMO|U6Hlvtvl11P`~M zRQe3Eo@Ooe}7G#X z&HBy27(LIHRyxHQA%0``++Tq7+C(b7naPGlgS!GA2F&ii+R8@2o4;0K?+|tk2kLXt zS8I2ZnPzxlqkMQxYJnr`QD>!Mes1=K@;JKL5a@UC`Wu++0fU%o=Uw9-w(*iZZ8q?} z_VRI$5;^qRc;upNKx?6#P@EG%rdNCSFgh}%9lS%eUuNNYSqmrSzHS_Mqixps4^KCL z<7xPTDpak_My7d$0tf#H3YH8sR(V=4u^(xSk6`>bSh2b=P^H9)vRP>VMF-P)xE4c8 zO191;ty3sM-gM&vKmuQ5A9fDzFi|0j&0@z@k*={H>zBe-QLLCJ=v2fx3A z79X*Qa(bOMc9cM%5OzJX23&Z3&-rF|_q`qx-2$4JGWu0fESh2XB!bv0|5*`M)Kkz* z>?&K0Puzs6tae)vhXH3MDjcqI`BZmI4!P6|MvAB`*5kQbZT8zda0-`5_5{U?HhQjJ4vY25z%?}p zH>!2+bgE4KoCMm|4XNTwnT~PG_zRV5uN%?mBdRazN$KS;;T~QD&=R(j@ibv$`-9Wn z9Hja#D0XN=9sO)7-`hlLT8GkZ+%A(g^+4-om%7-c=>kT_BoKuy<0*%WD%bTw?ls6 z_@+>cSTjdf-BsO%!@mg6pWvr8deS4=VO__QOPOE-x@nMA#)M_*$ha|JcB#j6wYp*{ z93-&EOm~<9U?o0<)wIHZ*RGTFg7VU+D{dP2NZ8ZudT3P*z3xqkClX;BgxAI zC0g_#vVVFl)qqC`~x7Oqd)V>2X#~WBuE1eqeD>Wk0%)L$4Vna&5R|HJFno=6)-v6SW5~#>OTJS(fJOqVkO6F%ezR%UT$* zW)RBJH)9@Zg=W)|#Noh8B(Qx;h?O(Qx7t0uJ#N3SmG^)z95ZS$8RynCWDX}5GjRhm zpYX&YRKETtm6=s+7Hz6~P{O&n<11$XNI8ms=M2X0pRQO0H@ zMWz0n7xOjoDo@{t;S349r6xV+`vVc$kKk`02<^_y`4Y{lqWA*=sh)MIe44YY<0^c3 z#Xl&l`z_=8>zV^kbvNt!+Jv=+!Yyco&O_L_I#9u3Qq6!voF3LbIeaRg1x8)^W}H%M zqjJqgr7Kc1oC zd-w)dF2qhwcRk>BY0MeHEoUbfB|*DJOWm?Ohb`yyNg_s6ai5BE#z1P-seJF`3uAdD zaV8cNlasHhB3T!h5WUk!q|~iXt=Jx{-V?839SUD`Vcd0o)(*7xU?IYWt|_e>vqBwz zkj4@*i~1|MWj#0|E(1LjCXU5w4F&q-Y%<*@$j|%YH8$3**9}US&SGG4b`G3(^)B7q zu@AaKt#|kQz{q^%!20mY6^)x4h_n~!vUbs3k>6<^@y>v{ao;lCotk61xi~DA#B>R@ z>B@#;7jgr=V|DLdp}Tg~P5467KzFN>Vt|tha+^Zj#v#K#&4~WCCJoJp8c2=qXB73l zg}1Tyb_16y%A=oGqq1Y=(1I8MIY7q0NafH{3C<7(eVge?E?9ii(2uRD}9&%yTl(E(z1V2ADmO|uqQU=CbVj99@`(VJ)E&CO1vdvacNvo8*n+}`v zc*Po$L+G!!UIWMF#@v1l2?G(JDvqEgow+9|ciPR=5jWz)ICV}7v5bVnvTlw}ku9US z!|_~;t>g5ZRbjGvI|fVX$wOQaeq1gojP>?m{Z!~W&F!ROGM3md9)~s= z^^mH&xLaF)P}=mXKKh7~{W$oeuDorZ>{)$`@k&1Tx2|X&0kDo)N6xtt(dNf~DLG~G z7dhkp`pPyasGdVcildjn=zaIh$K-tXHrr%hkF8v5snWU5DaT5r_xCC{j_JUT6y+we z-P9*WD%;^yf<|Hx_bK6nRJ@4eyQob#3>xJ}->Mo!cGhzUP~JJ%$VOUlq>nQC;l>V% z>fs$qT2Nof-q7Grk~6tr+@7Z-Aekt^m=Z139Tnl^U?7gJsx4TsGrInh4dK&cb|O`) zWnQSlYJKEDMl#RB=cPIc%|%072kBW$cd)f$#<_Z3Q~$7rGWojRZ{__W^%(lh@VRoL`X6vD`~f93a*bb5zv`|Dy(DC3cha!xUEJf z*bb!aR%E^3QKO>Q9EuyhO%zaR9T#eoQR+`T5`iakGnO{T^aPV|lk139`@%S`ZxgPc zXu?P7x*#HCsE^qQzZdg%$LN6*oG@-#e-lJ6py>8!6LUlRq7*pubOy4ZfKhhDuc1Y% zS1DE}LUuzQ1+1nuf^k#Uiny_3D31J79#E~1kV0*_C_{5j310q-H#Sl=*CZ8&zFhiF zGKBhQRwB-un0*Md&hf^LtGIRY^BheRH}J^3aKWRgH71gaq8*M(-etTnkhD-nMrP#5 zsM8+vsdASq{fiV8(K9>DQk~WloDdW(8iQUDbOkkK9QHRh4H?D6hNBHY!T}P`juXO)ld(+FTS zkoMH1@zC1YBhOLFMCBn_o@JZQ(S$_J?{w|;4!^G*p7Evpt+2@X_roezQ(-@&{;*Ep zj>ZFG)7dMtsA5*-p~Wm=IKLVsr8#?H{+b?b)+di3KYqI0vYwd>>iY+bWE&0aiqY}P z$I&z8(%9sNPqA(}LU3Yu>)nK_D$62Q@FRV3HM%&a;+4~i%ng7r@sPhYk^-eAP!a;F z9IYdL1Vu&{C^_fcv?r)qvua>jqVqRpEf7SOYUR_Rz{=&}b>WJdCnhwahNf>Pgbe-j z7?GhgDA2NQ)2zQv1E z+=~=dzs@hu@V-Asvd!^2l0?VG7?RK z$ZFRJIN#uMU?lg!#MZFS!~z=Q#hx5Wl)n;LA6ga2;kL`3dVK zb}y?kRC4`V7W(4DJHQ3jR zQ(++kZYDumfkJ7#zW}ub@7R3uf8oegS1Q;T8?-`vbukO5o~6u;g_KgsC8Eq&4-BQ=90>xH$GU~auGkF1iS7DtKr2+;@__5Ewu5k4-x zc>>%n%}wmZBVQ~(E)|-1U8S+eAh#F-udC1sFwr=F*%BX8eES8aczr_&*^*tVR zlM~fS4Kz5XV|%$8sBhAd`_yo!5v^9glkqiOl8lA@X4kj}R358=gBZNHqpUoyr$e$Y zoS?d>u{{O)Q_*sFJ$LHrh z<}>_N(2eQ)#@?&@evBU6D?A(tnm`YmN;p_mxH=@X&i~b21i9!DO&~zv=Fj3_TK{ff zAeyls#|_YG-=@(!V1FvjO8CiYVCqx*^K&AJRM_WE0tJFEVf`q076hk??t6E-ST>R5 zTO@?hi}&>ObpPJ_0lZcr} zL9aq0C@B(Sc2~Nf*#759@XQZk*Gli}_D5xaGTd`We@F;CG_)59ihw_*WAJXFpK{Sn zu3pw>uh--JCquH(`9vM6fE2eMJeUX4eFF{|yYqcH?7#z%_)_ z`{s0t+3PAO@aQCt)W7-S&rxQ5lp6t<3X2=IT=SI*V4>Og_iB^zFY`6RtklO$=i~JI zp7+S->21~Z7lc9~Y-E>|VmR{9K1cxD4LUv^@Y8*Nq9=(t@VSvOYOce9U!%uS+H>SQ zJD;vG{Bi?h3e{9L@nDK6E|y3vE2;u3AOON7@gjH!?sp}GrzlBGdW-Q= z)oX8tJ$>L;7J5ED&*>E2XnK-FwJ|Bn#q0u6LVh%(GJ>Ttogb*gd34Oj?^&=H|kouOHpKNqrjhu1XiK$H= zk6QvGsG%Jnf01iyba?3SnfFXGfRZ&d-4g>OGEbIV_u9IHXU0!c8-RE1y}vrDCS6r) z4u|cZ7TQP~pG)=M+D+w*EHvDr0i%3X(tcJWMCAyK&YhUJs`dwwCpuzJq+qExgQjaI%0< zwSz}%%{GsV_zgp}C%dolbvh0tB<4CFK7V_ZMF7}$WcE#M-NQF@?Xdfg!hzfODmp`z zrIhXi*HZ~m%7NW)e;`3S+y1}amlEHnG$Jwk9SWa%dB(8$ zN3r)&5|WukTb@&*tG%)ZZZUZO1ss-hJ|$VLbmbm_vub? zw1$HGTzgD(vqIz}oE-H(eTcEq9mV!zC-;jc2Hs%89n#2&X%ZC>eNG#nNP^rR=B%^> z1D-%dNyZ;P-v(bU#~*Gb6Z&JuNL;#PE9I;k7@ak)NL}!=pVdfAylQ-nt)t$ zi4HsO@!`7I9>DA%cINS3U-PF||D!Z5atVf#*5Yj81oY38&TAC^*TbF8fnMMJ;iv>c zv~ms4NQ;%3IOc5P!nr7W+!R~k6yGDXFfG&8Z}CVI;4tFC{T7N)c8lF_1p3`~cuIbB|^jz%b%BcO)+sZgNr z^JfviJ|)Au_xu~Q@--@pw|h`=l&JA%8MV9iv*kIGupl1r?^vUi(6h~34%*hE5yQ0* zR=(i{UXIwS4R)?2M!r2sIsiWxK-|Ag4#=?)>80a9X+~0NMwKz!FVM(QX&34VaPkB_ zh9(M*)jr`i^6IR&3lEqxpXY2f3)ec#UnA0Bt3I<$Ui0N{(6#9(25}4LX$-Im4ET6@ zcPOev9uAXdo&ILO?xiP!AFOl6b;}WpB z)|71XgiP@ye^Sa&Rh&PMv;4Az`&ynZ{fK*%wA>+NWGFH|LeB@+z{z zOfe_SR@q#ql4EG(*gom3XJ9jll$ET8si9@>ENL95e3}}Oh91}@eSSUhYYgx(Kj}iV z<04WpY~E$=+Gb+G@1cu@{vump6ju+OsSig<=)=ru(6llmJjU6d&-{gtrIxJELwoUc zM7P$nvfY0EYP+Dzm7il#(I)U-3lie-5?NN|usUw8&+Om-1i99>=O5wLa1zvS`M`_* z6e%1E_`(Wk-HK47&&}KDz;sEPb&02KLzrs$s+XCqPqo|AUHC{x*T5nZZT<71)`}CM z9YT0oDW=S*19<97f)DIk{=D__LN)wb7qC?we%|i(D{eL*b3O7W1_3^^3{0tyNKMxs zTiHuo0xkpVy*$^Gu_H!yMeOvGk{xCG*sUq{tuHU}JY}Pu(@QtS3&f9&p!2xxlHrPP zFx&1h@!oIm)$xgN@6zv0?kPw4+$;YOjz-T9rXWM=?Wpz}9X;J&|6o>O%2~FC{7=C$ z4|wNl)6y;+Q=doE9E=!V@*vEZuICd?|LFbB&ofLY!(1?VaVg~!V1I3-Qrqbv;N`Hu z?K*I|{X)Tamap+y?EVFbwUtUp-fGqmK|=i#Ab$OWDo_^gK1(Np0XGsXycpo(;_u;g zu!*UG=gOaivDs1W|8Q2#a&9Sz+T*)BST!d#4!b-+ z3p5J43)}7}ScGL<%~LkZzwJuBzRtCPZ6Fe$_G4+hmvNjh#aEg7DLeci$Iym4+mguO z89(!ssQ2-%3~mN(uLY(5dasWW7L}C@X2{;XAO-I7-#k3LH3oQETvU7Ib&`N=*U@v0 zF7PsK*@99+tnv%>XON$0@~b7k)1;xCFpn2)hF9Ekv{YfI>Gz*`-*%S`2Xo${oaXc^Sb=q-T_P6}6)U%=f?E49q)+qMORjzpOM>2KZ%Cr1I z;4Z+`?|E=vzKS~{RK}?j`XimX=b+I<_av=e_wV(7FIn=4s^KoI(g|v_ ze@Izs7#U=|O@qUUrEHc>poO`N8?N2f2F~V+}8Dvba z?b6Oa+qSmb^R^rKF(~O4^47!m_IJ$6SyUjK85I|}#NgIy(Q!3Sb?;Td;Z!W;fMH}$ zoD9KF_5WDf`U%~LXK=(+es^zfoQl`tz ztex&MpXKU?okob@=g}hffbgH!P6PZ-C*k=Z2@(msiW34y9_sNK{#}33&~nl*p2%!= zMs+!#OXc)jcX{+3`Aj?BP@wpL%vbtmA@C6eY^}>Q)U63ffksm4&-O{|E1Y>92g%S6 zE<$y2`C&mWzoX+Y9VX?8lCrMN5{+9c}n%`E+utuFo!jaRyEwj zjT`=@o*>x<`T<|E!s&`!7|C+dK`e z0;PD9tmDQ(MwfLjE`ywUP1$%ozHePEiqtR0lm=5z7Qg|JHq;TK^%Mc{h1gF3Q|@w@ z{VPfSu=+j0TJlDWSfcgzK&bPzV4&-fmXngWm)5TvZUk;93<2QpI`wfFJm%f%3P z;LoR6QtZVoZPgllFamH1&si&JsMsnl&mmnT1vDMs^vHwOGTljP zbo}Z}FMNImg1W{Xa65`VUl$1XD5&=aJP%s=rFUPOEw)~MF0F>hg9LF-2xsFKRbLc5 zZk9a|7u=9I^9d7z)#e$^D&+BogDY=1Z=&ItY-{J&)o);#GQZ6JSbaC_M>LqycIgR% z$;zht-fHxRHgp*xmfB~g_VEB>44u+ebF(?xx6GFHKHc_4L^p2O$u>z>eR`TWirS-=8%!!?(Sen!R70 zKUW+@Lu2&Ao9&(zIv38EhJ3F~Ur8|74aD6Gpi`<7KY*JyN<*jD@f#(Bu=LImp9S=j z=ROhyzT;v?CAxR$|?QIt7DthfcCb9iaIMd=lIYfC&?jr@`B zME=wbO^hZ!8RjyvC4Qp{6C#3@-vN>0!G+R10PMPWjOSsD0@y0|9%M>`$vJlyM$1@@K30`_l~zs|&QO0=K^pbVlo6ws%v{I^ z3xzn}mNZyMju5H;Y>w=-f~B|Nz(0do)}f&E?u5VVF1^w9=wI3gZv~9JRYyh_Pdep| zLoC-n84&q-_e~2WHb013No(?(=oDWha>MDpW&LK}ZeZ|kvxhgAI$M4iW{n$}{`jxgtP0wi2{a_Yzm7@%!IxVbu#Kj>IyZeHX0W z^vqQ0@H~P2R(dyE8O%0DW>RBbyukm2U|9KmJT%>Wfg?)9@GZESPMEfv#RCC`#@T}y z>Ih{pgD@Bu-#LN-8v02lt;;2YP|1V_7>5N6%Xm6MMrdIk$?!pUmi^TNCW>I_gVxj` za9)z?6p+iqvYdvKSHpOm6R1elol(0kRtNyc094u)SuII5>yThK|No82}Nc~v&Z>Q>DzB?;tWz_U#j@k;fvG8 zzg&SZN0LBp_ku7V)l+`u0&y*S{-`^g#LSyu)%1#$Thf7&Bz$~K_NN=svdMaz02y=w z>KfSona=GfdULB*KAcp|o^LPHvsPrFcGD+|$UF0 zeG++?sQmkwuN!rA-Vm9|<|Vr58YdCZm&w$p_Horgkh;vQx^k&@`rgkg>REoW9o7T`USCIh$~qLrsH$x_H<$pb`VCwmQ-AKV z3&b#z?qE@P(4o6s<}V(4m{#ri!M)cg4O0*Ll+yp%==+5!(A4G9>c!ublHbv4J0mTe z^M~j|eYtYaQn^AeS)mJhmO5_#Puup&WHhW9W@ zl6;yLwo&q4>M07KK8St!svzmDnJba>I_gS85I7Sw{6N%w6^*cW&sCR*oHSKw&kO#H>hzJEwL-6R}MZR{nz zSwS!d9+tUm)a<9nKKvGyP+zGI*VX!4r&i}ZH1$g#9@=6iosJfyhxW7mQlah~iph}i zJQ=t{EIrS*1=sQqB4|~#7X9Z>Dl~e5>i=h_z4vwX;4H)B$LbiB`nUAVoS5ih`*pWw z+l%U!go$%61pNrV?XX%H#?B1 zHeOf;p+vOkoThARrb~m76(cAJVri7L=ooZT{$vb8(Tm_WbxX*(UW6PeZl&6;sSdHA z$+aTRIwKgVwc3VJBAKmdVNt9m?UAPqTtx3cBUG8pxTl3&JduLk9Tn+ppqSuvu~TE` zg?D$6FIX!qQA358c!P~ zkhiDkOsj5()tk=OcE3|)XzkPC;88G0s!<)K=)i6qTlvjjm%)Q4Mx!Qu3 z?{?SBvz!1AdmMC@$~6a{p{-DzSA*&%MBOGiAN<!wm&t)T1#f`J)VfS}+*G2ljlPJ$ITfoA`HVcKV-r@JWW!pW`!K6U{DA#o z+52DCpD!bSy*S6G_h#wzD(dcpR_;fwKMlKFsDmVzTc$ZX%r+HLeMAr)d}}nT-HIX8*EQI8O4oC9z659x4hZFGezzS@I^ax)WRd z3W;ZPl^W0PPVBr98PDw^JDe4y+VW9sDG;994hTIWBF^B3Zm4NGVi*Vfs4x&6{Nvgs zBqOD`)G0TDBot12x{wY%4m$62%}7-n_)+a>=MTY||EZ@{$0EBcM6npzy_S8b;XHfDGbm*{v)+od$bm110uKkpO#Bj1 z3H3M%0Ri=pTiTYqO>Ij1(m)~nyJmBEnA)`F2|J=+&GyL$VQ+8nYZk|u?%>d&F}0hN zn*RKT?_xzCPqXiXTXzIW@7l@|`f1bY$Ip^s7aQqzL-L?u6dIf12*w2*j{#VuRr!NPI*jGdPhQ$`h!g7^LgAB~o3l&=}c z&4w~|zVE$=&WqG>qEkgDi(%!E3gEA|y@|L!@O`G!x$Q|<^6EwYga%XbdqoTq7Q;VLwb(y7wvWHqb{=umDych|?+ zcCa|5=@B_Y!Z6WDcp1TqGC*?FgIjK}fujmldyP3=W^^>;b9R;g$Ag!ew)+Hj=lw42 z;kp!n9lS`#g0Y92s|xlxg?LN|o78O8Ks$9@`kdaQKzgr3rfS);pu7gN9Ne457U@o_NqR}*=&!iA6LjZ(Kk<*rcu^f zSN){rZP8Q5XHlx!h-MMN(QGI`!qs0T*6*7d70yBY>EN7dZoQQIp#MUHj&tEUAV2%w zGondIo}AiW8_~(ha&x$onkd?lEKcMIR`~TPS%Q^RfZk5ymG!k z>25PIt#h{{&Pu|Un}jSHObWRH;aa6nc@r1h@GMT{!WAlm5oJ{@q3MNAe=S~>G<{XH zEOjkEhqW;JUAy$1zFh*jg<~wXgN_5f3@}4!E4iW!X0F>r*K8K5F$;45BsR&2f;7lt zjx-8n&t0m1vi<{XF6w9{qn2uO*u6B1QtNK86C$DvnHm7&En|Sv+l{3RaVWN z6wRG`wTt+GEVh!#&7j+*pYd;kmjp3+*tu^q8jz1i%NH^Wi(9VXy2!WeF;VZmkc3Jh zx#~Tv)UDw=&(`3hM^#=4kTsKY7T7ZkI}cg+EADKDDZ4YRlG4AltvuFbY6Ye4a0;L( zsIq&&4jDQpC}?f76%6=nxl&J$`=PGOO_dN)hV^eM%7{La+rr)NH;Kh=Sx7gJ@lZYT zjc~F*%5D0U2+UPvZO;>r>rtR7eEX5@HxV8_vD3X(w%eo~PSyywou%%fs}*p6Pf8=k z)OayYr7wM?RzWdu(N}K{cA|>U94_RFCK}bMOCvWv@LO<^K5?3?HF*p@X!KV_Z?#ne0HAYCl$b)`Zm=(Un>!6XBWfwDZOX zw&V-uXZjEKR=IlUQ4YzTgL>S~2Hyq44L4^f5zCX5e%%>MGsC%y&bgeEq^?U&R?bpT z&PHreH|7DhrC6hBT2$dhkFwhy1+eiF?l3Wov`K-eoq~$zHH8q&VbdUzTb7@gA zY*6^;y@&$y1Q2FnnY6R%{L^f?`J@59OiZ!#SCiN4^V^bi^9akXqllppt2pkMj{+#| zO~52Mb6Q5gm;AcaXBvRypEm;hs1b$scJhD3%lGh>SE(vD^eJ0Kfe?Ln{P_YNKO z-L*b=V8GMWgP^Z-i!pm1B&v!V>QC8LDn0^I} zO8D5pP5`8Yb7IeF*X?Tyk1>NAsGoZiwKu{-Dk!H>rzLZBx$^sN+Z(5mDIAt4vn^<* zcAEHPx}#9bo(=kImNg z$lX@<8@$0Xth_=mMHVjilGs__XL04z?oNMCn;J=6^zRMvyZ5|d%@wWT@|c^UEaCJH z2StbV=|EB2*;$iPX3Gse78l)FUpf423n;pMa%Y3CC)bg=xabu#Ec|{8g}DviOe3;f zkN}_7d%C?)%>39Yd2)tx^GtHU(3V_FOA7b;cX6$ltiUWiB&`M&DYp&d zu~B}}$xz_n^QFF5;h&xB0EF#Aep_JDGl%zoIyEdsOUB8KZFHZ&WY~`=ell2r|RI#cb`=@jLhE0$gOAGf29(21 zb?aO0Y2XdGJ}HZbAq1}s?nsJ%&$o>INd5?&b|Gy~T+-eoD~kzW^#?Hnrv+cww%-Jm zJ4w3JH<~z0i$+sOf>un_(o%`eAr{NKxh^p1s>bbXZN zMh$#!V!czI9<29I?MRR6wn@}m*4StY6kk+~)X1RddIl{94FfI(ZPFw+{Z5JZhc#l| z+wWrM4Vw?4EW2DUa#|FrB{|w(D4kV}Y|@N_>GeC;0o5HX!nGW*!Eu|Vt;s+BWQ=Pq zZU_$(XaVWkiUlbL68>f7G|bQp?9MJg`)3w6$GQaV?V-agr=4D}i@Dh?G{>ERpr@(# z!U0%=Gg>%`V<9Yb+VocXtFk~JHzD7Zt*y7@ypGN%%e}C-fxoVefTQu>8Tt-pZtJSk z<3afPg*Bz4X3f!|8ES3^TOB74ns2)zo2t8gjp|M0$x^5ItnYA9pm5oJ@>AvutZXxQ zU7MWpk7;{^&RX{%fS_DV*?PB|&AZn0FrfWe7fVaeFrtEp#y3{`M?wbqd!2?(=;vU5 z2Ex`O8|tK^r7SF{tfEUgmpOXY>Gb(!ZKub}X|F5b{t>c;=J)FB>-#M6>2Vf~!6j=#2P}b~bQph8MO=J%oy+IM zJY{z>y*;k(*$g6Rq1SxK{?mjJjHnBbODr20@~JnGT%W`R!rkNGdoxxjWoQ_@K~^t1 zo%VWt4*80poJj?|Z`h0@7{Ugi3~ZcAs^RF6nW5WfeP$9imY3l*c3}b6J3VeEbMCVZXABz59*7hJQ-50 zk!MC;gPd;%teGrz^^S2lv^yRFKXlJflRreXY8boFMAO?wtZT*8*^XjiwP4g4>YIt2 zGdAgpN_%&!>9eDXPcTM?@t0pzMdg=-KVJ3sKU^QEIi5Bj2)}3gztlaC{`7R#eEyK! z7pkQFkl`KQ7kNAwF>+Mig>sTe?en-8pXCQ%Z9hLeCcK^OeF&8K1gNN{trxO##5s&_ z&>#aTCG1h9{1DPz&zPdMNqs91i}&Sgar>jgXuQ(XQV!G=Q6bxr`3{is!RK{HGy9Qrq^gtZqv22l*_W#o3_ipwTGjhZE8< z#=y6Ra8LnrLhEMA*Wn;e;6F$Pc**;*;rB$cZxi17Pld)4F2IeSu8=k6U#^hH3FCK- zHd}RtRl2B%mk!enC6^6*80i@WP703Nz>%q>;GTo$sEfq@fyYU|oANFCbnOBfSs-u+ zcfUp(p&vo}xa+iT>A&Fvvos4qIh5w~()FV2luV-!{aTenY&|rYk zPsnyKG_{g(kLN?w^+1oyA>2d!K*aI%jqK2L0D^XVP3Xf1WXsEGr`zNHc-AF)>k_8yzO8fiMYHT4j^F>zVBM10u58hHss4tSS`}n%D;-EN6_qQrNS-`gz)3p zN!VmzU7-ZV^rA#}_Nm$OKAP3IRiR!;?S!&`^q)wc??CfTe|;ff4L$vBCds%&I8p_Cwk@ z=wWA^qH<}A8xFgpx-?ccVg@?P6)!Eq7;3}O@q!7;@)yll?NK9#+a_ffDUc~L8 z5;j|UB=v7h0s3Q9;#$M7h}H<@={$1XN)gvcxkv`pP3|Yy2NPd=Uj+N{QEH;=Zr6}t zbSF$4-u|0IqIWQSI^+I@Imi(7`Tk_hg!WuIfX9c=Ra>T#Snu=rOb?@>W@WMR^Rd43 zme%@WwN^U<`{P!67v!}U01ux3ryFU?LN9;rm4%*9-@SzY?%%zUUJ1L=cG@_&?(khK zVC5p@^9-iTSoXD$kJ#CKeOql()j3J=vc4;=K?aaeu6TlB_fZq8Wju;tHFhfLxuQ2) zsub%5r)M-1izd}bc}uDo;e4D?UM#{Cq(&HVllMZk5GnHaBAGDJ(jFwT>f>mPh>ccY z6)#^(b06By%;~h4YcCQR4abNC3^T6rMm8{K1*n=g#}*_fEc>Nb?jC3TcD!ej~?zkTdNyYBWpvwGfGpf&-8t}%z6l~3qB9=m99_~;=`ditx8&s$Cd zAFp=1xB%h5HzQBN{@3+hyS;xO^&9&hn4IM|xd0pb!6)CVsL30T=?w~6~TEu-+rLX*oj8G za80WDA~K%-$Ha$v6`iVSl2EHhsJ=MW_M%IIVV+CxLv$TmEvyS2SD zGse%$Uc^rb1ULLDZ`kdM0(UFXf1!@7zPLCGkT`4TR9*;}ds2>~AEAzq-^8kgHuL!X zlZHV@`0cVaN%-UW{b?`gq`-@5;N>+!{$$>`*ZFv<9J+EIT(_IK*FVPHMFg~NP^`*s zoFl;OhyeICCs+wl3Bb|2UeV(4QV`?;+byt<3)mA+6s5J#S8qb+iMxw00w zDokAR${)-{;Qz#kY^~Jmnnz1`yW1iid>x}EeM&~T4cX}zZIM|`43?aU0u1BlVSSG6 zyWSsIm2*;grt;A%HkUSC_rG1~JN0?I+*vdg3IrhXdY=F3KeWo_zGAxGB+*`Ulz)fW;C+Ygv?1`@%vyL5)LAiMfyh z7!Ej6u|Y}L7uMhg|) zK*m=xg?U1@UFS*fu#z-I3`OENQ}z0g+H$*k&RHo2f0g+JQVXG={B|AOI`bn8tRk1I zySKeh=ZEQm{w~k=wOReAt6gyi+M@@dVwSD@;QN+p^S>VHS>8#0%EKA9^27JD+C#Pu{CCCE+RDE5JgTNVjloyQWnLqIdfV@+OyYj{95jm%yGm(>$ET=1=qc*i_<@x-k-vWR)x7zI!Y{*tF6 zt~v7GEGu{V`HjU-7DkD=scwBt2qwK=eU|S}^T;(%RYA0k1Acg9BAi1y_r~XqfXL3Onw1VQ9=3RlFo1zEnA=Yqllq|qN56uQ;9SiHfMU{-^eihR zh_X9Y3TCcY=dbqd7N2agc@!VVL&Y!W2Fx(Di{fzUB2(c7d!O*6({3;@KSo)*{^;W$JW^QC zI{1j;O<~ZLagq;bxYso^H((USYQSl!R4x+o{Xh_q@E?1^PfX+wHWxJU!dE zIXhQ4>gw$6=N)$#eZ@<1W@^46RqGU8^{o5ZeAJX(voQC)Pi`gnF|#rkWE3Kpceof$ zjn+U;&O2gJ;Bo@h+f@bO!|Kbq3dx_y`Xrr!ckyFC68N)ON#^I^X8C_zaMj*tt(rG|`>hv-7`v!=iu+MY<peAV9`1 z6Lyae8P^e?b&(=4kB>}bBjQ>TvHM+TYMvmi&_PsU$L}9W9IczgHROIJasPtQIl+*W zjo&&_Ig1+BQl{KnZv~K(U5@Y)>X9~#6;Hp~@xMDIiDmHWBfEe={AR-GF{B6DfTupy zho5@}&q@12^8N@(UrUt=#2lWku-Ci~*N89Hyc)00gYES%re7l~rm+)_=yQ2B!xQ3p z*0F#L?9C|3=19i#&-R(-AW3)@i=8hzKGW?H4exVEgY|o!nNu2r<@geLjm{%6rB`WP z4An+%;mFZt>==t+yY>Dyo0HVYdL+AUStSa2e&D!vV*=epxQ*D3l;^rq-B!9rl+(`W zi~@LahL&qrgow?aPLJ0=HDa8njBKP5jhOu+=Re&ViNeCFmOES9s)xt1h;Sn~-T*_d+a?T+9OQm38c%elf2 zqoHrPb*~!AMe5=j%oK0zsk_3V^ln99BR>=;zh9#0>HLS7tS~e5TpyS6AG)wkqZm`>yknomD(7{l%gRE5(5v~wt7vb2F z2H+XXACe?JqnR`+Q!ENx@Dmpk3j>)ET#gBns#Gvi*BANfG|_xYHTt> zo|kz4aMRdogJEY$ZEbB|eR+9vgNvkxrlzKgkEW50hw9to5$8orn!^a&x>G);>}a#` z7kM3W6s_P;JjTfOa8NVWV0nE~GKwtFEN>x!I=OeXuI89QQp+1MV{dg|W%U{-Y^XJW zzg<@i{{s}rTOH0G$rD4>XBu}h{P*kl)i44DMdhLXqONJOv;rxc+JCE~SZGBhto{|p z2!aU*zT#2y5*$*+tx~z>$edDy2rX$d?G-vH=n1T@i@BztLYX@C<&}0a53?lPB*_S( zUo3V?ZOz81CD-4~_h4#^%cTlSmWfZgC8>`&8mW?xi`U=KUP%NrnDGfs%tbx_s5PSe zC7pPacK%up$8Ufk=djoBbAQZf2ma??N;~K;?9T1ze6TV!k8v`vJMEdQcg~4YED6b< zUB7)%cbo~paZxC28)valhi&#*yh5^egpTuE1q>-(i_8RW`&YOhR^KU3Y+Od~B;9vE zl5G|@4&Nz&Y<)j+hYv`2U16e-wiWZZV!n6Pim(6fK7T#GtC_z0mD-X& zymYylSh~jOhGSXQdr6seKL%-0nF~-Q=~dB>$uPwFPXAnUa7RvF*`a06tKV|wJ{3uU zphFfdl38Y2b>13AbJ5s^65YMH*6mQq%Mns$YY>`wk?o6sBw(Pu5Kil_x~j?^ewUbA zGL#j0hPs$7AmJ8!9F0FP6v5`{9e=Q}Xx$kCL>VWrRjFL!D$gAXV4E9F*tUA+(C^zA zVvVS`50K?n2QL;WmgK-!&6C84f>8PndF8%}&!P(3cS^2;=Ga#@DOf0l9Kb29UOZE2 zB5|SYgp5_BpCi$qCFK9qW93`#<1%rptnsg z%8E)1uE@P)5!G_bE*8e>lo#Q|sk6NnC{%+(wBwRUF5uLgS3Sz&Q9RIRb)eMn6L)jv4&9&l{&h}-HBI1qW=2&Glsjk*9 z?oS|uMApM6HZyl27h2q&2gNhDOP}Mh&6oSh4+P((Uw&Dn{a&n=YA|y*oB zt;x*HjEsaMa@5t;m6eqZ4E#uK`#an{mtMnpsiD9nkpPfDZ@-c=rGX>#t4*c;WhpS0>bVx#Zlsv|_5>m=(^*kj_2fjr1BN}ql>NCDOE-|TXm;Hp*x81re zXL34=h=vz~FYe(Dditzm>$^6;&TeSM+ub8=&#kS`t!~Y*BB4AusGmN@MR)vH4sDD9?6Mr>2)+W(M!-*;G!zH7s4C3 zy{#mVw~VgW0uW+rojo<3YWGbR0CR~8HcCYEon9ICKZG9_TACPo?*D{UsZ7WE$6y)^ zt!v8X&A76@doyjhw*=1HUD}aBSW2*nEUtrxv7+%iiM-=*e{8%GTWviKC`o&d#GoY~ z7o1?a>N}i_qJX(@V|nFtc1kFkN4mwO&gELfR{&AA3Tq1siz^F5BjhZwG+?q^KJm7S z(#c=rc;XmgwvoZ|>yHTvwJVeN6jx_PV?TtKPeL?0D;>-7zcMMYYXT_SNkXrueNVfXg8e6w z@q&Jj_FEk&N7&UWetvFlZi)#ASqJ($I@vkesp?wHN_5KgH z6Q}$MOKx~&R!G|~NUar3n7JV%0HpcwrNj(BCOFH6eSe~kyW$gh@uFy`1^X*j-S+=Z z6?RQ9P|~;&`o2%<3glDRoMFz>vmCjT%#XpIa^_wTWSIRTIqjr*AFSqf+{S%_!BE{h zLRRP+8dpbcfCOxMUAtThHp>z-Puos@;+yFOF0p~W;^|m!d@J3MPKmXbspwvUT&*{Y z!_5#A6YCsrZtB50Dmj|!1;VmwijCRQ&0Lzn7@%hUqQOMvxHU4898^$P?LGMw>rfd} zk*>xLy>TL0@B(-i02BG)+N^t8y14Wdsu#;RkDsc$EfAQ?_&BfQiO;IO5>Uu!SC(a* z|EI&F&d}5}lG{D9QtH{iEV&*ZzqX9$6n*0-F$tr4h3;X3yd6VD!VZBRpHo9A3RQgk zhx`c4_c`?TOlu%ehRt7ZpdPh;ty5S+m>8}pTPfsz(@LKV;@~Mhd>I*xes#Y(Sb~kS-TCNXIch%P_Nk-qD{`?c4%m6+vV`z zNKT@F3-kgs0~f@~&u?_RmzUGj;^?rtKLg*YAEC{@FpEJ_$g%HDXsrQ_+a-uPa9Z7i zF0hR3m+wspXvWVO!W6x+**w7=w zV1AKq?bnVn+McHcDWDANO7M`&>7W2d`IE#6sXWF5yV`e#On|W~l z(MUae_J%d|h~i*7AflldXB1YQ1cmb=(Udso%8A1oe9%?`Cxn2CF-a2@4-QSkAfvzF zMt_axF41$3KtKq82?E?th!F0+*N> zxb*9ByI5xCIubLJ5aD)Z%uKc`6Cygf>(;Hq^ENd#p}f`A)db9yC53tU#hK-e`E5Ix zw9mGXY#wOtp9EHnvz2c=CvSqadH1soB|4c9zhIE1nXf($gX=xj4O{AftuP!9cq^L;tDrCeAk;9S- zk?M{%K;SFxib)oT=6Dl5mA{!=;r$AhA zV)eT0`t4o`r8I@7x`gPuhmE)O<`fn&V2zD74B14rJv8Tla&8^ z%KJxfWz3A*#WKs78OyB1%xX8Jjm|xll^6CKPW8@QDRAs4!u(zH2B}8lPLe{-#{qZV%iJx)AgDYD9ZN5yXmNAvI%p|-dL?|zAmzbG^ zNcQWo%rYUu?GiIfxFozXW>zOexrO-!85t#IE4O5K?6GCtE=5Q$(K=y16?ZR)S%ZLk zZP|5+IqFoIAe-K}nIkVJup6YI^H`(VBlT3{r>RCySB;oyr!~`d$Yhh@Gi))-qjjvc zbgVUXtTbTFb&Azc9m^r4FzE7lQ_-lU96^{w$4B&lP*p=wqZm1J1YH1>eax(B=5uw7 z+_h)TrdNvxhb$ScuB{Iim;xh0z>Ml?PPJr?4b47u6L9!h9edwNcHZoY#%{pilgfxM zMujD43eMn`s!c}B7VeyK$c^CV!yK(HJM zBX2%G(ls=`WM$Wf-~L3PHPCx^;L-g@5AO8$io*!ti$;qmT1MCSX7v^pJZHYNc=h)l z%n%u@yb4_0F4YVYB3Y_ZCS%CP9|;j*6*2S5l`GL)+-_-UZb5!-dU|2uiZwZ1dt8%B zfotoNWa+;I55;Ya_hCahx%v;j3FVy}t~#2jN&scMUA7IJLbvZB;Zmx96HWeWH*>%Jgg{1>S4Eq{t|a-n~$Gi&vn!k z>#@^Rj5Q{jVBtljaiYn1BRBMvNsrp*p76q!a@EE%%iVw>tMVZxH1k;uK`Izn+9`Gm z_#QNrogvX>z5#R16}}Ac$i-_8hh;Z$ehOO8Mq3<9XXU$;t+&{)lub$@%O>*_qM3;V zT*ii+BM_Zs7rLC~W(KZ)hO@oHlXJG6xCAT3)dEP4g$fViD|nJMvuWf13a*^GOhP0l zKz{q}w=!my%8O;DRE1@hEqkgNxLsmqEOT959Wir7WnpoCURGvdW@%GF*Uq4VCab{Z z);`P7Tyvkr#`9xovle#kXWqq<^3`(}6-=@98pn3ohE5aBJtkRts>jX(v7XZy0~a=$ z8>(wPlo>BXvy&~*RxLDcs*S*^COZ^IOj!w1<4rWR%{3??iY`3bIz!|;Y~`~sqp145&%b43s2g|L+)QAU zhsA)gkF6S?EteNM%QA;Qf-9GkygUbzgh*C1m;fomD%rI^aNq#SOJkQ(6)|<N|Y+ zV&849hWrG-HrW$ZG-&k;mX;|Qh8;aStdkEsfua_rK;bi z$*Jqi(lXYY#2&*n zms#I@myU}&n$uJo(|~KMLB9sLlgx)|V^_@(&B>NS z#v6+&@p#eVVTzQFiN_@7P2qVl+FUWe`c9LK-L;L}aNihY5l5-Rvk}u(qh~pBYmxXc z7-itZpTS?nq-9(x3WY0#FDgtxCHUHU^Hu&%QXU;^FK$H=TTHsKM-=k}rrZ1LSj|Ua z5lpddKoU10+xyROqP!drT;(`#94=3xjF@{bq!ul-*gL_%D`C1voUX?rBmY$H1R4`l ztvnWGSAO=R$dzv06D4PHsvyexf^q&YNPl}Wc!}TO3CuDfl5o??kk4V`WaUjY{b3*3oj8WYWtArqLVDvJL?ZP8^)9NK0e z)>HY}c`c@JL3lh?&jGk}ez}5mBqfWf*28senLCF;CYpjTQ!n_hCtJ@Kx16OXg$rqr ziK(b0V|?%|WUoXH+=>_+GA3)E1iz#T;Bs$}J;9nQCxkLBM_3r50&O$MTKX)Jn#-}j z=qy0-w!oEPmFYaX{L!4=!lXNPCO7h4I^8{1e{TGAx9I6E;e6H9BgAy}g2dd4*FX4D zbeGh^nJEwYdNIzJXlay%JAUZ_T$C4=Ev9EaUsr9udIBa}juuIB=AkIIhvo zm(yg3A?0CkBS<`_TaB7-;~t!xUe-0m$W?Q^;aGip4IPuA(`YnFWgs!c#OYPt%(H26l&z-C&bZX;%> zgi|nepJ+Y@V**W*Sq$6S>iqoj!s66|lA^9H$qk!;YqVgY!TcCK&&X+zb!B#Fga|u1r=Ekoo}bvrQBWKn zgm7k%tzT^C-g94Fe|r7lz|JFYO*3;HGFn%2iqQ~VYeYm@YPgUkj?$WBY3sLaiq!&& z!;oUh00qWj>MjrU9GXj+0<2RU{4mRO3J^>Us!ha&1ttuWD*=fau*q&wSu!@`-qV_9hr)7B zDAt&BemUHVs{|*R!j7jfg|D7F*I35fIVN+WP3K0N&WS)ML>qX<@j3~b-s~U)mmmXY zzv*`KBI05$yzx3SE!F$i{}w#|5nPm)Y*#ApV9P9(m#~Uz70OG(`}*sz%a~ctmqU38 ztFX+3RZaEPO?CBUC6zfjIhpy{m94G$jqB|F(ezZ+x!Hf~;lPbw?>@Zq;Kuda+jk$=HFZNbwWgqz0_aFx6%n$=1T#&w<^s#y zBboph15VO}hK@IwEnKR$83hmwJ1H%CimRP!?QQNEi>i{$YD}@f!{XwZ!pf&gZw@pV zXN)ZkdXitBLJc#^Uxlh-YPd?B<(rdNbk7cFlE$3j(^Qiz=6l5EyF_G>so@|v?utp0 zXdg-{->-PfZV}4cmoI`ls-l)Ub5=o4VO?EnMXRHKx^ynY67c1H@kZo3Wil`VSpnDH4=)T~U6oHt zN%I>YeT!$gcK!B)-hm%~?a!=SJKoS^#55Ik3=Hxx9c$Hs#NcJsWA&V&3|!dZqY0A$ z$~ZW=$|E9E?XoRJG0M)D!UeGt4FW_g@|vka=(K9;S`i&F5l*}^!w$6tH-8L!dO(~3 zN(xqV8Apr|4WhiX_DJir&F76ZbQ@>nK3tSs9H2}jFvZ44!s3huoDP&FFP?Hs^Tr2@ z{7&T+`IM`q&&n4=_ZU65sF^Mif~<4s6sHh`Upv`quA#$xa-~aez6(^C{uV;1pDM2? zaAm1Vx?SqbGT|j=Ryu$rL~=f)GDn>bAPKK*5;Zo|*43`4sj8z|l~b6VU0#}8(zqb5 zl*S(uL23LMdo9w(5P8Nhos3ubvk_^W@xmBA5)f_cxg&KgqEkyhxpMpa>kluz_tnze zdaA*iI(AHI0uZ*8YT*P!S7=gz8pEeL)mr7dRNo;GXDU{5X`7Me@RXVrV?Fx-L`+o$ zJwewbGh#C|7n)==xL1@Bz9=#fY1{EStVIjJEsVk%CI!AIFE<{zfzFqp%!{M+oyQw{ zXq(R+spmLM*N&&)HlMc$h*DJ{%e#}OIa9lUuOhsth=4v=p5FlaE|CainF$ZssgA)q z4ndRc1IfSmn@8!{&9s~A6`A<@`=5#3`Q@=1gBh#Gz*XF?w9Im8m~0~a@WT&OGi1U` zotc=KMPV%W`)zfJx=AEr=C-DWy2je-dOEzhMcEm}`7{xd3Og30R72KuK|EK;f*81Z z9+CXb{N)lZE?9QfIM9vYbHsFOT}yWz7U`I|jMY=|xoJ#Q5s`Yt1 z(a4P?Xp*Uiy85QUz#pe6ZDAR;BTjD0H;GDmEqme(z(9 zGchwF6#2RERDmm2stu|$%ZXKT;tk5Hlp?Xrvd;WMHKV<~wZ6V_MNI>>s)FL2jKZAE zvbwz5Zr{v06W;`5pLni@UJDt_@Q6S#H8b5JIfkCIHD&#Fg4NuKHgmOYyjd743X;aN znZ-mLOHE+tWGk_9cB&N)5x4|1D*t8EY!*OP+r)z_0n&6^9|l-pW7lxt5)untCUBi% zCEB&5QIpN*#O2Y!K|P@+^%pI`6chbYPbM&CaS#KJ*bo&eGk0z|=7->6sX_5=+z;q1 zs?Cpc?goDtu`y9G;gh~=I7txoC}_e_sx7y!qOEt##1Ilvd&CSB$Zbw zMZVC!rvoT0GaW!Iv#c|>t!iy-XsNGluCA&mEz8R;%3hvZmQ~u}v9tuNrhZFUgJ85^ zG4mm3dPM5ajhW%f)X*4OU;?gs)+l-9SabK$CgMCtf>oAs@G(;PagWX>)EP3#ghC~K z1PvWC+Jf}cZG97LycVIhL{PxRR%4dcv9a*H#8lLvu;CbUZV3d11uHr$2dF2E!m=AM zzi1*TiH&g$Tp>#lgClbIljynAi02z{%6z}ncXd8aT)10~T6u8puk`T$9NR}dHlZf6uF|*8xs8-3f*yKcnRk8yp6JBEGRh=Cxo7)@f zT7X+wT~Jt-zbvyLC8uG2N|h=q)12kH{!5{3Fh5RjP84u)AB2BXoP)Fpl^uL1+51ee zoj=}YF8a%=XFk<2W*&UhBlYda8#yz3ZM2~i8G)9r73FBIL$!_J8=hH*DTbpje7mYo-W6E$dw`?st58~FZbViz#g zjyiz=_3#`Gxw%*?V7gsuI7d|)*#fZC@!xlO{LD9TOU>4H7}*gGGsZ+YFK$; z;I&ZCGkOMLr&Gvu%(6=ea3QPBsi{_;V=O!-SbNU$j9_~l7PF(mBlK*iSbAtpo~3K= z8<;S^{tmRYGYD|;!Ryo6Os`(7zU%CJh#XT~@)@n&UnV?+H4Vyfbb zn(WdQOLNMji#kKHS2{)JSotTL%#SzoUP6#e+D^4rHp}RQ0udWXi4uFr`F)rjdfcc9 zAq@>9LI`Gt51($sm8}@OmK4z$q*v&dTpm}{DyLG6;p8dGQ%q%?<%}JU&1+$2U}_OE zUJ~jy%@(gsnSzgQ-qJGW-=cc_Uv%O)U~Z(rZ2CAHcqGCk^}&(qv*&0>I&wxcXAAOe z@;iAd&uixQfJ35TAc%0-I-MYu|L+Q4l|Q2V)bC(b{{})bM90)e$IMIDiVF7ZY4%>) zwjLwQ9Y@)?kFxd~&*|`HE^{N|k6pYhw&5UF7VedG!7mCqk&LMnw=3b28p|oKQh9N^ zz*Q_WrAQ^=m33wkA~9KgWfO4e02Y;319y304f_=YWj49R6*`1xnR-#pSV&gRfF=CX0D=#1+G4+7q&pW|B^ptT`aa&al;H!Z2qm8#;qqbE*YOL|xrEJQei> zD@<{(#7-2QXw;fh7jg}u{*Q-6=|m1|;*R46u_lvhh%;#-a8|F8n{vK32OdF|07*tl z&*3`2U5%B)d~p+=2=|^KH5dfh`g6X&OICbU{UZwB!QUosjOX_TSTO~Nu8qI8+5Cwn zbFfjI2R+Knb&M5!-6n{e#3wK*|Hy0auuuhUmFLjCOqN$0e9eZAONenCnt8_Tmr6;(B2KMHH2 zgJv^dRwEezS{w!^LK;tQY2ac8W#ug>t=c0lhxdrKvK52pqC7zJl$jeqC({|r=ReI( z-znH;K?0zmOfQcu5rhvF7FD!pnNiG)aqKg94zNIs+6t9q(lUi9^&w?aXGLROePkr3 zMhYP+CSWspb|yPFg92Aju<{aGrr1*P$v?NN|8;;;D}4XU_YAsEK0IrlQo$G9r|hM|n*>C6v_S6+zj}@a0qp5PQUzusWMK znLLOl3zIbb(`z_KjD|kz#YBnT+=I{&e?*W^6P%aN8wM<|Vu>zKQBUD*4ID*`G|N$lffI#9G#9fhNkQ}fYwt{e*o7 zzW;Lm=UnoHz&hV~?x#`aSxk{)2UBx2vJANN0X__@(qte2P{7g&NQs!da{)o|)OFOK zxIduJ^FF(Um0=WT=Lxf07p?QKmd^Z@o&~EsS1#MOaFyqpTdQlD0?&Tw8&o!%c-Bno zcB)~ieZDlfQfA@nCa+SFD6`Bi+z;Xx-o$Idxe`?!r8TA&d;yM^ zV9N6%+2_FB4BX}+l1obkF8u*;g@wc!e(};EOHqweA0@nA_o$x0=lNHCi2>B%K7VVd zYGAGAC%7JjV&SSySFfpY>)O>dl;EzdI`qV+{_`(iehtpP{4c-e;Z^v^ zPLUM~d`ad4t~T&>lNYn=PDL_EB%fJ%W)0sn0w|vu=CYi^sguVUB!aoou7Q?lj`g6} z1u;h;_5=ob>Ml^SQ-{E4CUqLD(u_nyXL7Bi%}KHue9QKMY;fdUcJH-pioVh08^k5zJN9BW!+vc;4VJSLMcF9nDPz$Ey&Koih)>Jfs)K$y8bHC zIH=9iEelK%tZqk3^!~@6`{zFp(waGg|N5FimIzn5$IAk@C>1GXmd}hbV|FzeL8(X$ z-p>7 zq}eI%EvYBLi;=DIcGvoPZrE7Abj$wh*6sMf`kky2Mk4opYic&|T&L<5oN9Jxj^hNl zL@S(7{)7bwQ*17lmxUbRxbeOm9X6Pv!#8g+urlbt?gH0v7CTD@8!yZFQ8mJmbFmn% zv4jHsQ12Vy=9pUy;-8|ak8u>Hg4K;Iu+no(4_tcNHH3RNZ=HAZRx&Dw(}T~x@FfWQ z>K`d+Hp4*>*5FHBB$k(daMs@_I?AD%Bd+=XBDYEb5#TD%>@In=sYngqBg+rmfA9Hw z&Y5XMM^E-oo=Wyl?MzMWN*}53JjxoIJCc*Tv&T4R-yR-dUKPp-xIheTnV5k6WfTdA ziYzYV1!8ROlG5FTw;$NB3p9b1k(c+bt_EE4_6)j#DgF|e!dxIuOh3p}4zh(TX90OJ zxWuF!K^gUC$Du-CIa0L45v%q;S$quc6fD@V>Rx+YToeB8DUy=8M z*g7a%5MTF%KM}ZmCxXB(Ddziytg#wP))Vo~yQ!2>gFUH{&wTTHWEo$3^*67)W`_5u zrQ$In4wU~!DF&vu2v)rWT)QcuA9@&?iZj6oZ433mG<(Jj^7gx00Sbca|ZOhV{ zgNw`e*2ad)y?Js7c+o(Q=gASN4(=ZqnP6gQT#FIcjPF+}$Hi|6*GrDCz-?ff*l}=*O1h` zTUf7MR(j2ft>n_lX(J#Dmuo`P9_Z^yujLfpCBI;nb!BJXI>?2^Dt6hId6r>%$|vV`HFP9UfbEAhWc_tHSIR z)pt-NoSu1f;QnW!HsmGRg~dy^?o(Qc;Z)|}5GG(%ji*G_)9pK{-Vt*#)40&sVtiv@ zUAS^9M|@_o8D=*Y_5!jOU|nob2HAN_D7nNFD+gJq1QzfPSg%}GMkK9?=^fyY(-FZ1x;--GPz+RlGOpl89w?p`jqkk_4Ow%H7g z04mRnGGlg`jPTS`Pki*F4DXt$_fFLu)5Iuwos4Gt_qInW_qBRj!gZ1EhQtsPf~YG4 z<%aAuDqRsA;UU^Qsg}a^6%_{ow8q!VT+V&T32FT>M#?vNM~tS5W8%`VN)?~ z%3yHD=msFppEHkxx>=$mJTB73i&j$;Wkzi214uUp6ulK^9b|8xznI-1%bVa1z9_cv zg>iM>cgVY^^H`;~z>1gDOOPbw4?!0H8KE}FI!>3P zy^3*WBOUYQw-~SZ8X}#W%aC9C554GJj9D+fZQ)IuZ>?;oYl}Vn%x8I6)vtcdbI5-4 zv!DOZ-~P+*e*em=>^z(eztUVS9(K_s%U15e+W9_x2q(lF8Uw z;bY@{Ad9IJ-1{4Xc?ge-K%%A(-QZXYXF8y=yg4NL(JSVdk=;Hkq_V_VtzS7Tx4yy68* z$!%87ySaQGsgLn zdzHnmoQKT;tM=Drt{Yr*n!bRTvlY2jN=05=6-i8_HC>;1=4r_L=%Z$>D#&~GEN<1z z^z^X_79s2J?&-Sa1!paQ3EBkTw5=JUTll0|)0|4FL(v*~t>~TTNgIRH*!443OsdZ>8tU1oY3So^tm?)c{Sg;gNplbf|iod&w+U#`;mzR|6 zZcC4yeeQ)9zW<{i{_scN`@#Qs@ui>rsCeDr4>H)sb?YYV~;&LS6Fp^X67{HJ#u7tbfkZ}Y+YZ%1UHHa4;&K4tQgp&_1lj)kR22?vS7?;A@SJuO}S{nU|}nma;_C(4Ze=qWp#b_hV(SXmv>0S;Yfol;w)L_ zgfE1@9NCQ&TV$!@B_g}AV*X9#@49i*6*sJzzjW=Y%KF66^b?=?@;ATz9fnq4{O|wm z``_h3Ffab}r$71L4}bCx|Mcr${(}F0#WTq$hyt2d|L}X^`^L{H?=}$pk$E`AjRp-y&clz|%6DLlMQ=Kt6HZ<7Zm+$WC%%wBAP^PmznYts~eK2bD znK~SN>FVfsZG3!3a=g;p&GZCPk@(4)rA{PEW{GpyhZDu{{l4@hnMvFy+%3QbXbdZH z5HINub)mt*dp-fUNmoZ$3FA-UwPpRU-_?J`_{L<@y#E9|GPhU@!Q{h@jJix#V=WepC@*i zC$jN$l;8dqe1G@qE5Cp350~Qh)1rPzB9yvd~T_M6!a39(c>l8HBdZ z%t2?Wh+}P0V8dLKhB78toCVoM4z0j~NE2A09;5K}@$shaQ^3lOCc|IpGnUsl%#O7M zU!~2_XOQKQyL^fC99Z$qIPwm=z;z;7W8C2^1|9!=!3PaKiz|08t=PXaI_Mp_ zi>Yuolv12fyLdB|?YkLepxQ8Z=Bdt^$6*b)kXSG@L||7`U`&m(G`GWC8Wv;cxWwCN zYT8_aX(0d(d?8*k!p>ztSj9fFx#BNyA1>V0+JEj)&uN~X!0zcNQ167_OKzV$@FH?7 zYsf3&O_4O_oW&Wi_-5H06KK=5mTp~eW7+&A#@thFUfb-=kB**u@ZS3$edOUMpLyaF zpJ%L`7?X-7Do&{wheYTk12-fI2}p@tu#&CkvK2a7gR3(S2 zLc=xQp-p?zrgoRf?4ARQw=^vC+`$6fR7i5p&Mb9GVM%9!lqpsz-9tJNP|#Hv0UtH; zZgPoEqF5t(;LdJf#eJHyutFBg$ln4k~J^Z1MJVizqdBmHH`eouO=DmuO+ zGFjO+u&zG7YKMx1iw&H0)SXGxF|~RT%jt zQLNpueU_~-UAqzF+0hx}=z=oPgD+)=3{&DVVO1r<=rEd05dsgg0oirCBQO-sGTT%n zb&kL~i|p065HEWc5Nh2_7KKuu%|xOs6L4IyEO86_-l%`&YO6re3aiqirXs4hh2 z#DZ%LD_l0aV*xo@SakxFfXkPFyT~gRFIu~uo$3OL4FH#@hpdHhpYk(=Z)@s8V0YzB zn}H8ZuUcu2b~l7wg{wy3Q*k9bGg5Ej(NwJbuy)bP@>?nnl<$jpV_m(&lVjtPlM^E+ zj!vAt^Z5Puo&ON%K4kDEX-{?+lSi@$^3v4g_8~7Lu%O^3?`6qy5xB}$6_vd5EBqGS zNdXbH8C(h1quLB*Gnn8Bc`>`pM3C9-?CgZR@kA&Z3x-31pg&;n^@p4M;eEbvZPM7> ztsT8Q%cd$kS?L=sJKVRvA>lx*T;P zjRnMuF|`m2P>$fMe!|ftBAl^QxJiLfwSN#D#@b?JZ`%{6G!Z5O93TQKAOf@*cy)G* zEEz>Od&NzguVAX$lG_(7E&0IO$_>@~cN~fw40UCD3PZ!A1BHI(NS>S=J9TvG?lUv@ zp1+%jgR)`7nd~1GO>jrx!X~^OY9~-;YL7);5{Z`uuJx&4E}Otr?G1v!H`93_uY363 z=9yKS!5|UjHHB3tPqJbag;iQ55@iP8L@FAOM{8D zLZC7*vduT-364~D3{YVOTS+5pAPJNSdl@w#oCFa7)rdLpA*x`?iA#HxBLcNq5x(?^ zN%iw>(qzEBZX+Fu5|Qn|hhe3_50t^0mk<_k#Z3?dTwpaKtli-(?;9yzy2Y8LxNhOf z%_}MzJo`Hi_~OA-zO#48tN}DIz@pXDV-u%L(r1DJ@q6w$2e`x?fD2y$7v?gZ2j(&< zk2aSw11_0EK=})SOE1!LWSRqrfk2tLBqT+10P&ga(h885X=3u30exqG&-(4`v+rEMS7}~@JG*)UpaZV(*W82mR63U^pC&bY@bS zTo-N9-#0KlIz7YxrjF8Fci(rfz-4VHE6W1c&0JW9!z`cba+#|nB(x<}-GBp_i$6FwLR6?nyP8aLIf6r2%I%^-mpWMa^##HaIZDU{t2e~ zLyq8RG1W`nG5D_C37XffuVa7T8Ww4x9FdU-zNFUZ?Xq&91V;fXl?Gz%qOAdU2{kk2 z%PRL&9ts`|r#oVaNG#f!iuPm^*`BVx{z6Z_Fgh@PeCp)%krO9RpE-N)Jx~MYy1|t! z6Aj^0$>u^^4CR|TR0@b}lw<=Xd@7S@c48uYD(LU_nfVFKEPkIvze-ZW}=p6!Ug)dp`QKv+jifu(bT}0-En{~An1AtaCQfA zoeO%-g|B0C%@D0l^lkhr9~09#BH(798wgl*%NABZx@tMIK|NRA?4d~J@0OP=SYKZ1 zsoQm+t=Sv)hGMZe9%V9}O5{6J=orjJ)9^VlUYIZzD}WRjT-s34klR~EDk(F5>7|!& zsHDl@0s&2KVs1!Rfh{jBtUA&AuM2JwdF=?GyEX%}Yn6E}Rb?J{fzNCgio~rV;KgSK z-#B*nPx1A8K{?Rs3-0#?cY7l>9cfm+tqKg5cT81y$2`6vDx*r9Vg$VS&o^u~umbMl zQl@oKnX}hOr~|Hr!{W<{J+~ya_!gbG!JX|VPFJz`%BBm}Ib=!0vM~pLU)NhtI5l7q?2v z%=IfK;*R82S$rdr2w@TY4SS9E>f!L((iJ2&q-u)D?E5l{NU@o*v&Ne~03 zIrPLJw%ARJtXqNKK$iJD$ZF%y zFCGC@HiKWZJ~PvZ&=92}xje;0_y(G6ViOvQd09Lk{#t#8ycpkDAP^0B!+~~xpv~)V zYxR4vzfJAIx?taqV1bqAD*}abU!kJC-_u&CYALYBKFfz{1}n8>W{ei}o z_LdHRFcgVItr)fX08XzOK67Mtb_*QjE6wC#GqK?3%>A| z+l0S_y;h&&p_mDdg5E%I7T*q^7Z+=PTWqhdvo6#FzU98&vi9D}!#!rDk&Zr7b{B=>-qC5+$>t8|Et=o>fWz^UT@+`Pcl`PD4l-XGcaO6HMiLkuNW)KrenISKcHI`SYNQpD+-heM&0pjco0-7bbg|Ai= zB;m|$qE3o@m2*zSJEPG!?sG8Y4Td^6;z#@aeqU>#wIjMe(6uwzTN&sr_x3Pb!PA;0 z5Z=<>!>a7?mqIlp8iPCF%jhDl9bRu zoEfyzPy%Yh98df}@I`{eUkwFFf!HAdqvjI97?DPgg-bj-# zwab_F1bVjl@)h2!r#)TTn)if;SeuB{u?P-h3!e%9rKZSjT{6L&$XiF-IU4 ztWxOY{Hf*}kT-VgJDcxcV_C+{t7+JG-*%x$fCumIY85MnQ^c0i>7?PqPqKKmmw=`^4ZW zrj5~CT2g67LfVVf7-WItQk-?;_`2s7+#-DWS~hEW5ehP#{5t$aoat$J>{gt?7jY(m z=60@d8&tTiF$KCYw@mU1y^=&*FN-mK@FmLubHjnwFkZAj(BTa>wTBxCkph_=;Vk0| z+q?s1?FIJoww}^Mgh(N#Es(qdR`%IxgU*CI5gDK__*dX7-^n?V6k9=tumabN0+2Dj zwTk+4O4F%9y?RBdDVJUCxoUMa)m%%r)RpXPs%`R-XNxECn^MHGfD5cWeZ7OjL);*@ zi9I4s!8+9-YeOCy#~N9X)wr#a6|^dCTjW8}{^G24qTYa{uL~}3T72mtkXQV*v^w2{z1)4_BS1^k$Q@I5Vhz26Xq!BbUASssnMEk>8 zumIWrC*blW;46r&I9u|9ugz)TIdfscmmY}y1z)5F!I6I@iN?f$FZW0X*2n@%#qDck zP*zwfZ5`=AtRocdh(`ReP%s({1^qxAZuf=vB>U^5J==r%Du3Rw#od%(fiFwivKW*w zg}(wCSmk0#r9t)rxU(bmCi5(aIl+TkbW1h+>_CshT;?EvFB77frShKD+m>zFwXL!F z4qqe`ci5WAaOLz*dMO?wz7scv6f+#aonn>nosa;xKuEu0r50%u(gKoVnhTE7tToC`@uvUKSMA-~wJ26jlmafs)&i4rRiTq!|KEgadJM9f3e3;K$WEl;}DT%{Bxx zJN%g%e^;e1zqP$<)8Q;BEJl&QSF#Msuoz^mGP{v=>###u4K6qZp)p zX$YH3z4YRe9Xwma(|D-aABhvbW-+m8dZWTvZUKt}tlSjH(v9iN+_LhDxFQ;*g|N6N zG?YdJKo-K%lJLcj_|ViyG0jf<3kX1QqgM3N{ZDUjZt=AcJMwJ&D>{yQ)$ zM_e$M?KZ*O5%z^!17CSr^knWDvBDD32t@QWh=rJ7Un(8Xr4yY=jBqj^h}Wa-ZDeyb63k zmKh(6`!LW$sSMyUFYM|ywJXZ%F|rMZgT5HqL@-Sg@Zb;f6pz9Ff#JcSiLvn$$BxgO zJayNZv#PA1KP#z73y`3&gjKvli(%KWZqURI!3$QJnvIqhxB}%3P`j*uaziX|If5_U z$&Ihuc?M!jVP&4_pGY*xXCzt_F0#T%mfO*iN-Gvd;xfI3OsvGPtvik&fE zP6%z#WCvU(eXz1zB@@1G*m{7K0gz&hY&6x0kDt$(L~*{SyQhC(WN3JDd}4a)2y@VZ z^`3KggY1)!KLM;bP6!v>8!5KIj+?OV!FP06Y_$z;X$yHl+`eu7Ql(w(>f zE(3kG{I&kGD2$7x{DwOO=I-dacv(=G_|8(8&;Wd`6&8iTmwZmXFp}#TpeiMs>FP`~ z$eoO&BY{*f9S+9Bq_pB4;dE1|Yfm6w+tKZ5%>gbu;>-{*`pnY=7~;n-!JjyO^w{Z{ zI|b{54}9q1hd%O&k3UUMhOoqjq-T{bb|)y@gcYnsI!v1jQ+x8Jc)jTd+?sW-Z zrLZ-@m<(BAqy{@8h>6{-6;_r~LrB~>5aT^+ln{t9#1>*3D*-VS#$6#+lA}eelt@P6 zu?R`aa3JXmbT$QYyZyP^0E7EOTig0dTDms1nGx|mM8vZg~Tvr$<= zl?6w$-$q#uWmk}w**&$6k=@Gl?Er{CcfWVvQqB(LnVz<#(ZBm}m|FUD-i+zc(}>Nv zBpbkze8V}EOU#Yn5+lV36v%R?MHxj|SegiAWn>XRYh+&+T=0GC*uCi|F9z4$i!8p_ zUzuP!9{37k@P)sxtI|M>DB=7AF&d?TB&9oul>{-4B@oM(F3M<;5Ky>;uVsQtl3J4r6bWKqv36#Xp=X)$J<%s%apdIHnb!+HmA#4daBz7YeK_YT5>!Jgvt$8-ZS7r zTgbb?%=tB$s5MNZ-nHtevJx3?QuQ4$eW z{xGmAH9_YTtg^5cR_>P@Csd@X+ZdKsf(vj~$QsYdiDadaYHh*fK7Ui--pU6q2A99G z_(~|O#TUNxJ+~F+%ITJFh>KL3$lXGWuO(kvh8UG5*vFT4tF#;~B`twC-&e@xdrTOT z&fra_!p7z-12cD4o6je%r^FR`gTRnpQ~+LYUJFh>dt@=|AxEW=;w7y+01sQ0WX zH}kbgHm<9`dTsr}HMWEVVp*ESR*_58+et3hjNK+(n&Eau*%Ll6fp@3Hrw)V1*W(68T%8Qs4rP? z?K|+7jeq5mxIFbej&h`Bg~8Xdm`;l#ahvpE)n6&yLBvN>SYMivFDOh@2obPf)|XaB zi&mv=Ax@!xu(z+@8F$EZW)j(CG#d|gM!czLG89WTM^p8YbagOG{JX8Sr=q17U&wj( zYl0zQ*15&V62JoSqP69VSXR`G!tY#oYwcBQw!d#v<4sk~xnt|Bqhbd&qYJS!EO59A0- z`g-xTdUN?yjWj-*(Gr74OmtOeILuLW0)`Io@g{uU?tl}jCUF>Y`<=bGIn z7!~5agfF*=A*Lsz(%e1}(+)~nDk8QS4>?-M9Z4-HEJsVeG(pGNW5-!abnM7@VRE#4 zY@}y+w0B^*uXiXlScvDlW65kHk&C7J+G5>1JK|fKIsljW2yoZ!jbnK??oXQ4jMr{o z$im&MrMa$}1qrw95AF}9{hhf)Z}&vk)OgSMCC-1DVmo*KLlBk}F@}Q+ zlZAz_m=(l_>qm>|t_pS(!*a6-mteIPmL`I^P@o9hB4lavzXZ7a%4KaAcLuJUO%iQ^ zrr*M1ZdQ&K5YqyRh>IY`5R<0EGg01>h*%IST+-+v5W9z#aAM8q;Xpqu?#$=XD0Q|o zo=yd$5pOWCt+8WsgO5j(P`t6Bx$D*g$*W817OeBUud?OlTJP4z=>C>eC}aj=^M$VN z(Jl=8#KagDV9vsxf8c=!A9~2t!*C@eVXWf>VQ~&cSYV~cy0gS|Y|B;)rBHJ>nmxa) zX8(8lu)RD^xOi@a&5f^xSom5;3w*IkQfVlRdr8KF=8~fYFEGSKNiDZ8jSY3< z^uWk)VQ8?s&_`)YwmT2R%w7q_q75Cf%Kg4A2SV%jgkbUdgPH5L@-*uD#Z^t~8v_j; z*=S<0CpSD$7#tZL7@ZnEc5M3ONygS^2)gM@!1~x@PdxeL$FLL-mM(|+Pyh>IWnqOZ zx1)3-N(EtIt9&P#f(C)J(m;1}xzGRI@VcxYa$lkFl~xO4p)4YEzlw<6hS)-kFO9M( zFOAkQw1hbWViE#CtfUr(7;P*v#6V2oIm(pCiE(T(5cl*Kx_Y{qm6Pnu1hV-?Z^Uyb zv}s>p^P$w1mMlwPk)JGU@$ZRbVm+AG>B*5JQzMMQjvqZXIWu$e>{+TN&XG66B0T>1 zlTSbW%qKs2Aw`UbfQ98ctqxnq32CAOi?H~XMGE}?Be?X0B76lg_hL~N(A=-wEw?R} zPy?}4THz9mu;G$hrQM@T7(tjNUki8o=<#FI$Bs@OnHrlI#~WhMoQeoi!962`;jS*0 z(=qt&_20fbP*NY*di>0(nY-`CaiVJC0fKJ&(lgI| z^7-dK`?=439`mZnJ6sz&xn^8JieAGC6hX*zt2Sr|-M#{DbG21kF^+ho5@N zRGgw1pa1+9zWn8{eD$keljFoyacy?A4jp!fInrTn)55BDaQFYe61?8VWpFR<8{wrJ zUu%fz+iX&4K`dWd5wWGPR2tJ}lUlGCmByXc=#s)EAcn;xwXl--TC&9i#Z>ZOj)#Z( zhDRy%pXeJq(mQrMKXjyTWP1AK*&|1%*r$&jId$s9-FKaP;J*7=nc~q8Kk~#AkA3{( zEMH(|b~qWQuYUdO-~86MW+NT>!{{)P4w}Pd+b~BrWu;g*t_FDASXBHKVJNhlK+ zGbA^4&9(sfUh8i#rTR4n z4jmS(m=ZdqEUdi|_YHD>sdjirzAxt57O-tXx7Q|>7QO@&h#oBozO)ZQ1jsqGyJ;-zkC?xrueSZWZV?5OpuJFRdDl;vvyF_cl>Qoa^#E?*0kmOCw> z1|YdxGRMd@Ty}4elsDli8(z2AO5dqy&Lh{0D@7!=rmLl8qcU?Lht zt3eGi0-tOsC)#+Ef8sN2^aqP6{Y0=@uSuA?39Bn{3$hz!H^lF3y#AcKv#mta(UNQy zU(rW|0%8fZBBmlP12n+B?#4esQk*5agxj#vVfaEe!Af7^cXa_ex}oIUUgw{4vwv%U zYa7irrrK5zbCj1QLu?@i8t{e4SY$XT#RfjR2~A##q3OO?%Fd%PYY6?6&ATLa1ZfA68AUQN3Fd$MOFI0JO zWgstDPhx6iV{{-dQ*~l=d2nSQFG+1-XJsHSS7~H)Xdp2-Fd#2TWoc(hpWkh9TZ)9a4K0XR_baG{3Z3=h++`V^fR%e>`KRYvTGMOX> zzdT{^A{jVQ?`NiWueDUD(ufF{J{uhs)KK651_v~Tw4zIMP%{{NWo^W@>f$Ba+3Gtd01I4Qxml6b_IJbwC+uhK%kv5cI5 z@bEF``OJmqYB6pWgrK(U)I7{NnM` z`&xYU_~}~I-0K}d^ zh|T~npBwUL)<^v>{ClAM>LGvLZ+}StoP`Hp^FuX$;E~XNvie8xJ3IynUeEud79zn( z{%sE*d=vWLo!?x2?fgGM|K;VRK61ss1^{4qqWuNAz>ie$hk9=C2KxNbeg33hJ%0G* zqp!by!W)ry9N&-cK`26=%mt9h`%V9)zMq5Vv+-E_k3ScG&--6L{qO&V>Zkwl<$dtw z;LC?k|Kszo-v8w1*WSM8>h5c1X1#c^(6N(;j&XeQ_~~<3-g^73tM6RDar>Q{_io>L|K0aKe*c3{Km6!tzxnOI{KIel z`S1VXpBVq~pMLkdfB*gGf4KkU{U`hb|LyZH|MmA@{L6p;;h+EObAkhcGn^-W_lK{D zfB)iZ{w&15{Kp^u?Z3YK_uqg0pMQAp-(NoZ{a24AKL7g3!uZ4erxJY0?;oi5ngrKg z)L4U8p{nHWi55>E@NWHnX!zrw@+=$V6#X~(>dS}Z6!7@+%P0Kuzx(3RzkdGc<6r*6 z!4ntSdPm|?a$*uPRs=;DtQ}0vtV|YL5a#B#rltmi!45V|O)bpL43-u)27}RRJ~+9= z)Y5E;fe%@jTN^BG`KZCl$Tu-qI~r`9tc@-@aW{&wVA1zMY)Alg%u6?RSmgS4LOzd1P6K5jrlcA1+~pt z<+a%rb)4a4VO>jcLt9B>dwEkwO>19W`#^KoaQnbS&(KWo=!Su@jRO;#rZ(-F*|vYv z&cizno;q;+;?Z;0PG7ot?yXzL&s{lr;p*8-*N>mMbpFcqx8A<}?gyX3q%Myf%!@7Q z80Gu^|9cJ_3Xdn4gooq>5#HbZC-07@CobLYST~zdP#c?4n3!3TU*0q{xn*@!G8c5w z5^KU_iNVs!-ojvKW$S2ZX|%8~f(pR_FAWBJD=P=!C;wxC?u?06%`Z`w z{54^TQL(9sDY+ThMLGFp1;tgR74_xSE#-9`5*78GL}f#lL``$A9(Aq#jU9t6-6O4i zW9`G!Z6nj|qca_2>$@gqd#5)KY}mGLcKgt#ox_`Vjc(mDv19+tp2M^Ik8L`5V)LPs zTlb&bap=sxV;2vfy>{~A&9m3;UAX?<#dkh9b?Mg0%eQ3Y{E1698P&o08%NJvJ$mxW zzC&k^ow|JZ_=U3- zT~jIfjj07q`Bgnt&BNsl{dwhWb!|ft30anQZi_AKObvD>=2m7_cIH-g2H3Cy4|{WS z`z1?kmMk%vnE{Etg@v7^rK7>%U@$mYTRYj>x*3hGc6J_wg~8Eaz7 zynKRud_z3E0=<`_604W_qYn{*K{2aC6C*OMeobppeMf0icX>;1 zMQdMWbAL_SU_;kvYyVW&@ND1smVwD_>!!9(ZaFZu_2Bv)M>g+0x&7eT-A6C(J8|XU z$*X5B-9B~U=7lSFiR(8%0+Q2bZz$8Oc^etOVS{(@U*NxIbz?pO@=L-iWyq5Q`;WW0 zEzd9S$*US{?A=<^u|B`5FT1RxsJ4G_YF9{1`eK8liG|V3#&MCQjk&FZrP0C4o~!I; zW8-RVBZ^U zGQ9TslApY8`r4Z+Uj3=bk6(TB)i=z4@}`Q{Oe|hAu_S)F$Uyw)RTJXJuPuJ%r>3vI zZl-;L`sgdKE%_#XYWC{u=C8fUdBcx?VoLm<*Hoxa_^Fx14_{gIqgPFT%$e8CUwy;! zCng4opDwm}-PHDVQ{$UvymuTHTRNH=oR?U+7>w?g{E6&52uD{xYomK?eAYkw_P<_a zHts+80^I;o>J)rCcwD-8BVc7@dE;bG)ktB@cy{@^{OY0F&J7LS8@fk#L?#xP8{N%p zT?~#MrdIZ_VQ#duG&-8250*|=1{d%k0K?M4(ZbvjHWV1Pu;HQDu=9cqw8GBO+rinJ zzml`NA7FU+tnl&;^6?8=x-7&$Fbp0-BNM}-Qo^E=B4W}aW7Ff4^46xzQIS(nQ&`$i zQqf#i)x5;Q_~v56Yj2pnzR29v+}hmAXl5`jHn&=AW@BP*vuKH}i5clnjV7ixZ!WPi zH8*me<2OtVZ!WfaT^mhIt(TbFnJuwfVrn#<4~{uwZth@iX0Lx}@gkc=Ce|j4tY0@V z{M5wo`XVa{jsXdrfQtCZ8x|4@FfD%giU~CG6Myo$*^gf_`N0o<91s}x`IifH1HUnE zOgZ>V{P(AH1HZv<_2CCUPf07SY1^1rJ(X2HR@}J0u4_wE-?r9u+q=egg~a7rI(nO0 zIhtBKni(ApjxI}VjONz%7FJH+vBcco)Xa`BGk35+I<%}|V|2GQdKm3ILBhdtsiTvx zqtjAH*QE|_-j42m&YphmOILU;3tSoy;BtD_RbVpC$0 zax(HO*QOT|NtwlIxuqr5&4m?p2BXtY7nu`_Ev-z<4T~%crUov(;zSEuI59P|S!8Bd zj7KsvEHO8lTG*JHtMi<}GMSjFFeeW}#bO%?j?K;NEX?gWAeNZgO2|tyGo$GeBa-#) zfVu?%kSd@T6yej%((VlkI)jlhcy$zBls1SI?8;)y+l&{)Z(u~x4Z0HK6p9pny^lWp zMQVCkY5gQ@5U^3*wh1=Y%^aQGdm$>d)abs#%+}4s((XFEyu#QUWsx4^@qw<#lZwwD%47jZB%_7+*6n{fWt96LZTqmY5SJ z<`zF)Y-(y|pqL^SFM$ffBGb8ebCEfriY!x0PVyo7v?Zq2ii$QTV(ns&{|lT8EpRQ$FKMW1mf>B zHs+dpx>md(b&BMag>0Z3$*Cpjg+0X$v)!Y|#y4La-f+5WbYI8d?%we|LE)KJj=r$5 z$YB4bx%CojOsUbr)=BAxfp9dlRKc;q#?{K`Zm@MDNU!8sql1^xk!<2)@8km*F5bQp zu0DS5zRNuP{5_Wi_=l`nu{ta;G$JTGDkL%{G&UhBF(ob~D?T+hDYGykEibd6A~~x7 zW(vw{s~X$Qtd0E5Uo%_&5;f(!py?j9KU3+ zwJ;c|wy2#g4Nf>@)K7wA&MY#uSr{gZttBwq%5N{R1rIY*1&Kb&d2@54g*k&aatZGR-KI_)M%0sRSy>DOy^wL^sfo#pD;2N7RTupb`@5 zSmhDRH%%=N5M0U|Cg!i3m|&k;Ck2N;vi)wxTxyG34RDX|1 z=s)WDY)B0&{f(b}_BXltH4g5pt)16c+65ULgI$)!g+v!;7Iu`?ty>xpW9{H;boR3} zx=SU?#lq1ov48{>W|j`92Qp%?aWUAsq8Nm&J)+@>|3onyoR>Pf_^KMyd%5e<0C&GY zZ=A-eQ2&s~m7y^~5%D2WYs2DGqmnXXQ*(%zlj- z9@rS7OGz|z4pcUEmese_wR1e!&@n{Rw+|9^ZR?2I)`8aEaiXnnqP>5zV_>Rt-89iP zxS@Y^+rZe)!LeOKlY53I_Q*Imv3p|u!KqD0Hf}q)b?p6E;5i_*al$+dNU8|f({i?-MUVqs%1b9 zILYVKbqv>cj?{OIRn-sGG>$bkPd2tqx3;fu?pQBlbL(_#*KAMU)`5}TqvQKWrw)!! z9%S6Q=lu447j_-Iy!Xh}Lnq%kdgk_t^Y>0&eDCz7_s?AZ;OvzT&%O20`Kupay#DE> z8=qZ*nU8*X`@>Iez5C$@pZ?;*&whF9-4A~8*MFxbP8Liw>*D^G@S-AF3)9L&z|h)X zoP5eeDl@IOZoVHGonF~ETGz3$v1b#}F|f6NY)}8#uC8^P{Z_`=I{Mi-_$)CvFCx9# zxsycRq!((iH={#t;|LN~_HOWCWPDy|O!k_n%<#C}gw)dXyt>?CsAw%H?SKu&vfBQl@~-l_zS64Rr2$brgPVGX zx3u+40!i1v`i72?nx?+?{%M6o>o8H>GDK804@xw2juXI8*FIX?HdfO*THP{I(>zk& zqNr%=*x25)si$vySN~QSd;53v4ecBr-9IvUU}EaX*z}>Xi9^E^`=>V_o7s9|g_=&k+7-#&c$_R+Ixdq8&7&2y1B^}WlhqBw^)2Hqoinvf zqcx2qwJl=}ty7I1Q;0@W=X6v1495V&*wVS7t#`I(-S&a8U5Lim`h&1BF?)Ds%kgb{ zFYG*UdHcSL2nf<~{M_ARXPH^MefG-x*YEuD-p9ZB;Aj8z;V=I2%C!$a`sD9F{`Bu} z-Tma&tq(r<@U!3i_8(O*`j2KYG$-w2q6k@&1{Fj?QfW$hRd!w@ zU=XBU0$MCN1vAqNQHMX9Z+g0gvACIbi>lPfDKz`(TX{_ zaP&YW2zw_lkkCWeVCEe*eEbv`%K~Co1|=#mLetl1(h(D1NW>?WB&AklWY>WQfoK$$ zwZj8clvi~^1%#B8xB0J(?prqt6`eg(K+@ee0~M$TFBv6}l$Lf-86zO1wPUKOb-cBG zy1jFKWAiwW;3#k!=tfQRsNkXGVm>+tHWPr+GqkOLbSG?#Oz%fG#@8R2*?e+#`zd1M zj??G{Z0tLFZRY_XxqR@%bqG0q`R>IVA6~!v^IPxz`r6x{-M;(FJNJHd`|i)~-1+3@ zt#^O@tH0B(I})M6pm>;%7lRF?6)BHdg!T;^Z(YB)Hm#(#brLoZjegSWrem|a&u`gtes<@nxYuNh87{ znQzTYNGeWAM>=Y<^XhZ*8=yk96bkB*3mgTS!06+*1|$Rnz*xuzcn~5f?OjuCos-}} zboI`HM|10BUBgIC-B4A{y2|RoirS&_nt`%f73Fp7D95TAhpU@L2v8w}8N@`-G97(e z2FLe}P9GYY*iV*0J&+FAKs^o|XQ{?~ayfS!^|)~L{Tnxbe(n0FSFe9`^Y&+N-~9Oe zr5hi9^qDq)B9>!bI+TXUng9J{GWQd{Gp9V4jpVda*k~Ep(KmTuc=p)Ljx$>iT-kBp z^5#8f{X>$LSi9Rg`I1&FY+TK)sY=|zL$UD;7-SRIr7D9+c&o`)R#q%!5!dq70f8|q zRv{V*t3uF?!Kp=m{Z-rn3hbnHECYyI^J`2?gEg=-R;8&@_SJ#EuFKWEM=Ro?LYGkOPs9j{Z&E z>$a~O+lzD%mOXb{{Dr_ zZ-4UXFXrdgp26cqVS|abhmX{)Q`p zT)8^M+{VMs+0WK-sjNw$;Ypk8yL7|VW0{1qpsev*x)MBm{6dzmh+4jaoDv%l7#A44 z7Ccal(1?u0l+v_JTxdP!Gq11-Hi}ByO3FJ5OGqw_P=U83r(ir7(T)DWjUo{o=*I&? zn49s~R<2GZI0z2U42jHM6P?R}9&#ou zHa|SJC?c+OO;llMbW!x$il~Ir(CC85_>#no>a^U3g24N#EgpA0< zf>Y<;yLjcJ3zt7Uck%A|i?`5?k3ahri_0}Oz~I|>{N>reB#UmSy&%+4kDp$D=Y7&T zUTbjT@TOfCcOAO1pMkD|a`KKwCR+W?CJbeVHX8R1<@KmmN!+ zRB$ZDL(esTRKt3$@bFoMla%oE2|)o!5CFjC*3u1n5~FEL)QVNHt3nb2gX4LL1qBIA zDQu8d_(B*M8Q%^D=m~^iJ_*=>im}O^e3Wr|!-1auS?UxmtxS_s0HeNfba-@ka%$De zRVh*NB~kH3QEQ8%6H8)}N@J7D2o87|nNY;Y%Y?K_E;^S!BflxDpe?7UE4R2ex41j6 zq^F>)uduwAD5~fysqRB|7*liV2pYKwX%$Q~>^*e#)cJRhoV^sL#Ut_)Kr$7H& zbVFjEknfF$g+J&!{l+tF(CmPXyut=Fb9n0Lwta8yJ$iH3p=;>I$qVltJn^<-!+M?# zTeoM}n9D5lU?3V|LR69RjcBME*4vN%h6-fv_PGfztpIp<;Am2Z@HXB8jGVU?UX@1uVJ&803`h-c3{}LnFHq zlPmmJB!))iM<>jI5tmXfA%wsN%)kjJ!2@MT%B)Gwtk2AE&&==4D(KK4>CP|hg^+@> z9tgqB7FKiv61tIH)DoXs4ja1qNEu`q>Jb7YrZ?;x9@_>a0t^QbBH0Aj(Lad1P{~fVb zSN7+YwDW1;ky+5p_go&7xNXm+Bd2fgKXUERiR%ZBUDD4EKSHzzM)yo^JiYJ8&7-H^J8+B%$M-K@{q)Sm_i0jD*?M_+2OAxhKEnni zNaB#Xm1B_$UP@a->v~bZt|W9e{QN`V!9Oq(HdX{hg9@C0$EuJxMo!9y00Z?vE=VP~ zP$1!8sb45;$T58kumJ`jK|@F-dhk6*>SMKnNkPfkhCYs|=NfsNGc)&*?zl3Y-a+~Q8uBfGGjui{Ix z3ek;<6(K1bx1Z(DhvReE*YQzW8j=-&n}T%{w2{Ll_$0H@)f1{-d{! zoq7Mr$vbB*estx=&(B@{knW|8(Z|at#DN(%qdRN-99hSuEXOy~C6GX%72v@EeR4__ ztyQkdSitb|4fOI2Cas8cpc~);5?~;l013fMPI4f+0UP)Yg4QU~(a=0dCPEf)8t{Nn zfW*cvhu3dBAfvDWEu#~=#;5i`$iUDR`Wv*(DNn$IoRXQ{5D`@nolu&PqU1ur5FU8r z^HM*d7nVleD4{(#l!UpDcYUAJSb)* zr+|cnCK2UJ?2_l0f@3~q;w*!a@8qzau40fSM}hgehI`#>U6pwuI$iBuwBWEb?3 zQ^13?BAJB|VZoD#$dHw&eMYB`Y~Oo%(+(zI&TZOpY+aLV=C1QiQHgeyccR$1I zF(o~|{>1jZZyh{-=h*3c7q9;8+KpdOp+`jL8Xf$W`mJ$vUdEmRSC?hzhGJvEyooy2 zAkjr*PB+v{ijoeEkX39tV8?-9067J}fo_0DSiq`C*^|OHgjLFEz(yR#BOovacgimY z8xX=3C(sQH2IUDJgLH!hBGZ{!u;k3$!O72@c^_MkCFYLSMsG6<7n8+yYm-a*2e*<| z8k)xFi_+!D&TUFeu1ZR;)!9&XLdzqf8{$A<169#K#C6Ze>&VFM0uL2%G9Oq|Y$~F$ zHmwF*LWIW^;5P=x4{Y9fe#6$&G{cI<@=ghOlw>-CtDJ^wRDdn>o5=*MW{U}IBcAaNK%ODsG@t=A&(RD+5U$7ye?M4Z~Y=DI3C?d5C5>A%k3`s--BNkLRFUbWq zkPDe{6G5Qtr4m6Ra2HrpNU$+_0R#0l;~OSy2Qa?!>XM(nVfgVYrmy_OoN4{3^#|#h zV@IiBJG*C7(`#blielr7#cw30DYu!Np+qAoUFDS2tUBd17K|yGwXl(%tIP(0BTdT@ z`+);#1`JdsF}*e}xiTTOIzFX}u88l7xPj4qSdR5uPHot6a&q&b$xVCTe(zIZLtqdK z$|%5G`%m0BcK+_w zTfZdm*x|7`G)3K)hPZnNI=L;Qh9#}A3RJm^Kh_FhkP!1JImLH5LP3S1sK91Wu_`+e ztTG68LRBTyBO$S>h7C)kdgY@bp=@f-QI;blwz|H%q@ty)s;!}Apt81;G&HqgcSq0o z^z5F_-U$n~)Y-Z@yDw*bJ0mOGS;NeFX4WMxGPV1`U%f{CH8Q?aChN&86tk=Zh>XdL zUt791sT@2Q5s;*m%C)JLv_3#3B~3vh$Bdkpk0J{IpiD(hQ+h5nOH*ogBQFsOQVD1w z7ZLG=$PNd~R;`7N*==XWHXIq*cyQg!&Y{^ISMPoFdu~9XtHium2p)fVHt5EwEtwFr zfQ>u9uB;vyp4m6P<;aeMmkykK`}l=BZ{7YmU0$Z1!(+2FHiBHeR@4u!hw%}3=Q_lO~;3(4y>Em+cUYfZ)VHo+wcFk zwgq{vH>zC=ka#KBnAm!B=b_67PrU;hSMU7dt(!k%_IZvCpH&OlV0rML%LZ?G`kYXq ziH7QKNvsJ^C3irGItWcBqGGdCGs>m=v5<|bx-L#`-hQ~Xb7X94JLX0n##SFr@_TjWgRqgGw=pWjY(s zBGQ3qh$n#xuD*^38X~S0DneuOn0WyV)PtPT(zR(|d~fHvZJi@qTLx!Zho{cJefJNV z`G4uy7@FQoPC++d1KqfC>t`&MWkQZV1NyB3TzAv&z4uW7nU|2IC5c>dmW5y93J1?(KE(p zg36En&zsjFHv2!=>P{ZOkUOG0`P3|7s%*|&m zkyDPHzkTVQPtRZdaL4}h!UhS&$=x5(Ab5uoe=ZwyenXo^VJ1a_e#Ppr6wC&?At^=< zn1LmI;8(Gr7}4VLW&{KnI0*(V9mBorW^xN_!RGA6Td*-cy`yJfs)hY2EdzAeUVGh~ zEc4@67UMUVcLNMrABY!)inz5bBARm-y1@`I7{zHUq=l1lNo9my*a{dRfn0D59!$Z2 z2O|L_^fzjnSP8$8l@E=*Gc{c!)m`gOU%mN~ve7@j6GzR04ZP^lbGI(s_?U&$Tlbt% zY&iO=gyOzj*kFMl@#nH3euJ)sWDQ1+Q4(y1t`%^CfNo=9bc0JwRomP?R8iAWRMx~uz5uY{@hvDxTh}OO z2n2-EI5W3$&wO?8>~%bVud~!b`-0Lsel2f zz=+cNh)XCDN6JaD98|TGx7ZAjKr0XjM%WNSNF`FFZ~!MX%;|kGOA8nU6}@Fmg9UY+ z`E{*_&R+iFg=d2uZ8SHuxi(d9-@Nt9;?l0xz714c=mzTm_n)|i-(VFJYy_@e>*yYU z*|2xYGc$w+g9#+S^V%r6C0&5dO%m`w{OK}bC!0H77TL@2<3 zz-iz&B4e`jAbp@4wT->f-vEPxk_LdmX;8d?1n1EW?wEA%gJ0uD#-_H_G^pB^k5Z(( z!o7E1HAOep4R5Wk>#uEKbr4I)#xbI-UXH>vM(0ZtjFIDrsJ!UdLZ}Ff$O(_klt z+JZpUD#weGMDUq73P~#*LkKS=cqv^Dq=Vq|!HEk^z95^R6?sK-wcTaXSKq|~rXw?PHdE8szQG?@yNbvsF=h(>OH3(LR| z5Y&URg^^=vXfR6mLrMTxK&QVLI$)w3NC#;}H#%E}pz}kDV8j8xO*UgX?mPsGYN~x^)%v zur4aC$o!gg$OQ%ki5E6in}OA4Qba?zaT5hBIfW!5euGgsfeqbw;63z{ND7%k`l31; zm`}t6r-9*|nAs_MvT55PG7j@ETXr1oA6nltFpVz-73}CMKQYV7tzojhrhb5g0v>Ee zAe&$|7$sRqHjz{!*#sFOqGAd}H)ITt$zKzxgaQUc955K<4njXEY#`HtjwG8`}?@$Bu5VDX4G;LI`ybU$i4E6(2qIr&PY~6XJt8a2<<6cI^#;Z$&4RQ)#FgCV~(Jd#W zPFYy0U_{XkNRYmVPKbyJi^M{sa>Z{*6N8GCz-*952-rYCRC0;P3J6K|TN%$Z9AL!4 zUQW&0yvn$o;;C(WUQ*qFjlRiUfHA%G*ycUTa!hYNJT$p$`KlOtUkuPkiIC{1cM>@MMjtrVCL$S(6#st8eF6m z{00Z)j=|AQ$c6Mb8e7-lH~NP*P_~RtZlzSAq@~@#NFyCK$SL@ZifSfvdl~VfCKM;6|DdaY$pjtGz3S=%h2%bHDOtJ(ZGfBvyvT76yf9hb0z9q!xswWRGpy@uIN7G#|N5=IAL^)q%Dvf|fq_`d2mVLw4$_ z8us>Qg=L-X{hM0)Hx5nhqj^5L`3T8naAJ4&;HG7PvGl&M91GddCS=u0@^9C$^Fjd+ zAylv2J2YTbIIA+~WpVW!T4y{P-rq%t8G8pcYtNFPw8Y+fRy9;nQZ;Lj2(gLUqiV0B zv1*pYs=Z1@Yea2YLWfqhzsLW1cVFIn&-k8mKX=rD2rWY*dGjS9)<$a|qx>LKnm0sG zvD6URoa?&Vlu&no%fYf^epJeEKKl3KQOh4jSHjyKtMh+2J ztIWTaU-BM?C}P+PLO9vGYT5_2-ZL{6y0Snl8M0Y;e&|*if9!^RbeYV3t~z9wW%8_B zccgK{!N0!I(wLP{OKcR_N58GgD?Xd0l1|Oc5J=A$x;`{zP!^i&y z2c059bg06JpQROOPP)qZNxEqU2-5z;RQ}In%}n2ni+KruR{MIMx}T1J$v#`HLZBas zg!|4#oIcu;D?`ehy8UJF)R{@?lYK~=R0)%|tudyeWi%A_!K3#S^ItPiG5F;TDmgZP zaWA^@f#Q|XfEH(Uh0q%|sp@8-Fd8r-!^6hIPPVW5kK?+5wc%W&rx#y_Op6lO!ZA1@ zQ8oI6aY9(Fx%3D8)3Y+d!12yM9j=QncMbL~@elsymJV%Da%O3>yrQPf6_xBve>!Te z{_NPxV+H#vlfOWfdGcQTGQU(uCbhK5zKDfb!8pPmuQ#$crK$7%c9K8(o7+N9l$%5} zlhi84!(3l%hdQYStt*=Jt|n);;Gy1R?fv~#jg3XkVUS&^rhV)8Ob+`(5Id@5*>@^( zkFzN4nyrj9b`w6nZ@=eNk_}hNcbW!=cc=b7ktoPYh-YUuq{EXB!GhA^eVQhA(v5!{ zLr3;5&l_Dg_SPzq(LSXW!znc$Yn1pqfa>1 zvfe>;qk_I`8ohftqkjSXxiAd8=k64y(6=q~N2^4=ZjS&DO0`<|D*P)sgdVWs-PR7o z7Z`K#*PZn{CdN7v)`y&F01=78^2_5%OCEon^ScY|elinKi>ZDaA7iGfR?}?lZqKi_ zBkw)K@MrSHMqUi0IXsPu*gF4HH@mUcv;V#2trz2s$TU4v6N4_)(cU;z`Sxp0*tq39 z1*=C(=Y(F09)9S;s%I^_5DG+T0@E>dLGX)`VAnnYEL zEy`w$u80#_cbMELDd%ctm3Meq980NJ!%ssM8j7Uz)>ecA$ldgg2T%@~FC&t6D8P|S zrQ(eIZv#o=yDP3x(z>HxsuejaPS8;$p$JJ``z`n>Th|**i3Sb$%kmJm)@zh9M0H4tF{n9)By4)m$|tn37W5@?ZOE>IUPpsg=9+RgrNF|CEmOr+Q^& zb^0P|85vA(9F@4g|DICY!sA!6cgVGMFu=Ni?XZT{+Fyu={uHb3sX$fKJ?|N)w;y(g zdAyZ4o|usI;hDR!&+fgD#?Hb#A&)_+24&Ehd_2pL0E)cz`?n{e0M{(k2121;-g~oFE9__fKxhAZz?q^soeh-Wagm} z9Fs%0Lf&&z$k;WN(J!H-XZ`$WA;Cd^l$iXU?DKs23Z69i8NtRk6@F*r?}^4=`*yMt zSLXK?<|lW4n0@ZJ4YTazk;fbFQ(> zj+vQAr-Ew0-?U-m&()-q2ayr}pFlT1?tS%E4w(!JO5He~zbnP4OCY25+eYbmutU1T zxqeeY43!Nhr)44wGEHZ{d}{kUviHQGGsEQe&Dv0#!ScI@PI=x`2#-B~n{wW1;EBVc zlcTMVclG&L<8RJM&<$1nHl^SIOKN0FP;2TJ+=rMGBaUXqd;>b#HBcNGt?Lnv47dem z7DLoO_C3wZ^xFW<@XJ^E?c^?ZF+P3DzxrM?I_`j&+0>ro`%!!n`~i=$N?uGwTS+-K}$LkCCT(%AqPd z{{YTU#dE1YsC0!4HX+haym{8&t3;Rk`ow-B%pyTaQlG|BkN>Ry9da99w0}4}spo}y zu6yy4??9~i*WyzT-4c(jGV|{PWet|yoC(ar7*Zx0gwy)@atb(PE>OXb{Hvv|An_CeTYATUZ?vL<3=Yb_eK){p8wrqOgG3D%L8hPc+#?!=Ht_<|jc z&LX3}tgX(HQ%}xY4m}MafwA9yon%f#^RxA>%n0}$+<)n?yxXH;z25%uz|D8x%zUdt zjgisyjXq@Q)$PHV(W@9r!E9l@{`!q$+*7QK0UWcd=}iR$h?40$@0Q{P>MOHCMtz@0 zT?u0oT_V1d%ct7I?-(gBVRzUGTI#A~Onj2Pcry+%l&twu;}H6~*P!xwHQB4;?^d6#rYTJ$nm!c>CVXpBmZ#Bvb_IQd?tpdN z$1_tg0+IZlM(o#5w#m0SAS7^*esD}nM(Mc=M3t5UCsmZSpA)Jfp}kr!VQhECf8 zL~Hc`kiqkUhM|40NFL~V{=1UjaNu|oVGEn&+j!Atg7`C z*nN1Lj;JnJ%DtFg$~U}1lu8c6DR z6C~GMA8oWMaah*KyJ|IST)6NxMC4u{gs=Yag;j5>#?WL;Lr*8ThR(uk+X;cyb`JRP zW=_7E0^-k)ZJp1Yt>d`d&z^gv!;Uf;LoU%{@yK7GhzfQ|EOLt>Yce2&=_ZPdVP6fP zzzmD2Xqf%FZ7614pW0b2wQ%VyRfo~__J%)Pg1%eUtrg_Own`;Xq~1mv;*8kg2M8Hb zshi*#14k7+i>#q2Wp;`l>6i?$n9;(7Oa67lyQbn{V-? zZGBZ4snp&!y!;eop{39s2NEAeXS{MBPBH4*U%}2{g_h|M#Lxbr3HDU=5uBoAC^Fy~ zcj=bKN@kkjA4Lx{x;C6H_qPY><)4oRQr+`!w_u?e;o&&=5dSIO@PV{qC&pm%9KKqZ zfPg3)oeIk-78EEe+6q{4+7^L!p)fWwl#w-N-Wbty-<0xZkhyy9zO7hFHHYj9E334lP_tWxH?Qg^ED-A|{rc`J6`&FnJ#8u(USAl(Cj9uMD7XEvcX`g{Gj2APBI zIg}-g14cj^8l#J4fArlUJ1sJ6g?g|zujV(k6h)iI4UJy?P+tCZm1Mc*`Z&+0OKNB~Y2K+jNKV=2Z8L3M-zk=tG|bOzd+`Ae#+6>+^4w zpS`_m6wk@rm-}dH-0jR56yQ5L9&C4{_^o~~SP!4~kxNYi-!4|cm(CmyZcT`&(oOI` zHy+TmuC6bwECQvnn}GW&+s?xwg?3gI&7IEv69ZktR0s{*t|BU?vZY#q-s*O|ul=0| z{Z)keFE3jJR;@MLXdzN)s5c^b|3hf+B`}C7=vGi9JBoUy1PmXZS+JAcm_M_GW86E6 zF4Yt|{?hQxwX=vKXav#|Sie$18Fnbhfm~@fA&PTA)@+OUVlwWH(WN@9wwaWfte&1b z`6P1=hT~-}e?cLKz>8^-MxJopPHtMh(PEkt0NXInY>w_wrDJr3eSgkq0<~szavLr9 zs@v-?a5QEFS-FEff4n(0@^n@%Sij{Sc+ zjkYs|!MZv-=@E|HeCa=180E@7L(5^Xr+KeRE8kH-IM2&dbnAP-6J3>$a#a5<7 zP@1-wjbR!%PfMQ+4N*nFg}6sOhJaveOgy2pXyHs5XT(RFP9g(xrw~H!7}WikNl=xhpm=SO289)z4bLC zc7T9rZkewTjbh;aum{Ho%jo$69H(_X9as?gw)#7f%!VACtZxbfI^2-*SmM+BA1YXK zA>}?p#yUDkKeBf))5FK2|2FY1_Fu1OcyPx z(DLZLRrQFv?>vxTsU_sIIiC@7g(dYxDzEayX&4UZV5Sg9DJV2bdWHsNlIvW6hk&li zlCrT+jO89vDR}5=jo(b~c*9-wnNaq+c&FIF&evuzgZeIog03c9CzXBdbW(Co1zhSf z4m7hONJvOV8-?f)>iItj_X;6A?7NN-M7<1s=)K#}NQ2P8RLhDobonUk$2=9~cEvH; zN21}YiLv4c-0-sSp=TMV8{k1>yU<@#vhx02-fWw43eRyRsSY=%C-D4_K_k6eViZsgyo12OEYaIqHE6r;Mh>b9zNxF^xQYTP`nLx` zdZ-*_z3?)cUc8PlI~WKiz~3j?O3)wW7U0r8FwRthH$4G^+U8CO9}|#oou>6W`~(29 zS5G`NaXvUA=Vle`^)eI3`~8bN{xY@bW3+bhDjyj=L%YS^XaClqOiwyV4b{r3EXTCG#|7l=^LyWzNY z*X~Zoz{76?gi7Z;8x04N?qeTE6BC0gAOuxP0e)_oz|7BZC-uLPGzxSWQ>LDJb)D#9 zMN9I}F?QQ=L97tPQ0sR-g;eE{LKOhn#}b^DPI@@VX@1lsKSW6Ifc7QXUD^pcCTG_K z`$cyRQcZ($UpZqaUU8S9SM+Xijdz0bfcN417l8Xu%aTsst+hr-K9N&1YBzalq^)eo zbL7hQ@x__0jw;H2oafmY)(KVQ8;ly`Vj59a?{)gf9YmkzdiB5DE?Q?foX=o-jHoYF zngi;kx(^rit=)YI!j*@S1542->cNM^EE(sSyhSrAQU4}H#hVV`ivo@aV;y__VSP_? z6^EA*3B36Y%=wep;xq&W$D$B5tE&`j?{*~xunMbfkZTV#Td40gy_0l9)HpGi`Qr@c zH$S_m@^p>%q)Dfe%hxTtPy&#Ha~}smHqwYj@VvV9Exl}>ode>X`tQHEjLQ`Mu!Y5t zTT7Ca;2=aH&tV!bgZU6JW_ZI%Q%&!pvJyOmwmdU)K4ZifLH}WmmAh41p8>QEg9DZm zK##*0CikotTW#Y9g;Sk4?9T$$v#H3)IIe)7OjUujwaXYrn(W^yv!o(XuJl)wMTYrh z?y9TlIHDyr|k@oD=)*`ovay?glG$41<=yx#So zRM-2WURz@1>4B1PCDIRTo%s)~JYD2ng`Sa=h%yQR4F2ywTeH`lPd$%fP2J4&?dW^) z4-aH>z3X{7*W*B!m78{T2QdJ{dFFrEwwA(+l`dK86&eN{z*hHX_@EBWzNGkL?>O?z zcrt(`J^>p?4G%NwMbgCsXtvUcLNA#_adAW~s!oMs9ei4I-W&1XCTw)+if`DGnji~W zR3DNz?K7=3Bs;nBt|zE>_3Mw~8|*kf-lsBbyW{*{4us31t;%~eHiFxc?$IeNSR<~4 zHsV^C#Tn>{7a`mCq|sily0cow^quu`PzGeKOYmJ&5IvZ2oC?uB)2XAU$*rf%8DH@a z`>oHmWtW{(#q3P5G-0(19PSgAG7Y|q_O$bD`5oBBvGt3hS(yvCbz-d_N!bl?i zTprAZ^EEoM50+rF-%8TbI3c2W62od)NCm8=K4&Uz2wkX*6@sAJu(4t?tN;G{$yfuw zT~&$C7&P>WW_i1t&lddAw(<1^|J3lCm>3>?=y%F$Ygi6W28L5gqUo$@W3Bla2+Tdi zN*u~NF}1^oN*}j z!DL{10NN^KyxmP@EwaTC(^gabs5Rb0O4d)c&Jaw+;mLAn! zvoA6eK$l=o;BkR76kg>P;jsK`?_)~y3tq6~Bha%Qb`xsfdr&Je0=eLDp;gf9H`|s-lRoFrKy`fkWQTE zk#t8jH)R5)D1wxT)rLdh47R`g7HRia3Rgg^e2a=upADV$TM1dl0=c)?-^d&ab)?!& z+J&Tfat1#>s_^S;ECW@nOIRq;!@UvR_ndG0AP&^@zW(=Xdt>EdKCP=vgR9 z@0eIOJUWQMJSVW3?Xu2&_|;L^T}l=>*`}ZZOlYkH+-b0;;xOwLRaA7A+pjE|Ffa3)maWAaa8)xWxoS8AcLhEYEgdWcq$LU6w;aZNt`PzIT!#I%e>+*r_4k{^{OgFT}`&Aw+`kN5SfF%Wy!F(NpR-3x@thuPJoSlt zf!T5^$`b;Wau7!O(SXwhStcNk0{iSQ>7QyuW@_;mKEYOm&3gu^#?cikuwIXvOSg!M zO7L8pke>?yzVzhxt?RLeICqVLgnec`*6UP3s)N@k>Yjy}1Z<9_W;bK46bCrg4eNbo z8hyDS)6E>*J1kzIPaSSNxb3j~dH&eGA|4?O0<8zi;6w`Pk=|s$%W{-9wT?40L9f5E zX}-L8T(&lf1C=#TC{rXPeZ`2#Idazc0_GvF_@w&l3?^^n zb_j>L>e>P~T?nMTvkwU8?@o#CI3UpRaj`xPj)t3pR{pm#Z`t>Of0SUsv#;Ojzz|c% z+Y0OYX#jbjoCmgm+5eczNx=Gl z*N4h9zi@h^?KQj{)X?|(C8|$cmeEL<9*;r9uZE3fKF8brXhb4AwQg84L^x5}mV+rF z0K0&I2ig-UpS~OwQ2<(GR=D_yfq;}g1Gw)W35Hy|4mJ`Q%rL26bg*2Ah@91;d64Ff zaW|Bv4*@7>tj-*nN$Z3-{2I-zooOfMVAY}kM-@Ym@!lE_pt_0)pnwO${EU7kPgL&S zL==J%59lBscc|p0j`if%2B^UtZ;!wAc@kFam+soAtKNh5sI+usm-W<)q4D~%pZtS= z248&t@qHIE>WUT8d$ln?{{lS=^h9NnCz8E+Aa)T>--w&{<4XBGf>0O&1|rMme^=Lz zPdDuK1}*dq^snaFnCL>orn*8i(_CzAL*jMK?#nOY74iGugh+y-gBYhcI`XX&B9xig zMFNrRhePE~^9lNv!vur|Wjgr&V}r1BE8TdDE4t>THQ!P#Z>XueocyZ^?|M*EaKZ2n)WR8x(-&la&Jy}mQ8s;aO3 z7SoN3Z|B=T_fj+NR)C+I9jGrt%V)+LX_xL1w3NvJqs$8PAd2SyJv`jY5=zJdCN=F^ zpZ}z0Xpwi;&O>H=IVcuH+1iIzaFZ-o=H~)bvR-}&WL^}K)c-=Qd)E0`Q<(5-D9e$B zid%!u=?ZOnfJ4_)r{Wbc{^jEA!KlAfn>FB|)U)PJy3CV-gE1(=k>`Ohgzz%%T4|Cs zDmC|Qe)FehT$LG->iLQ?#$VSC3L)nI1O|Wi4>{l0 zfk(S`rFxfhQ^MhDG?z@*5(g*{seM`6)U!>}`^XqZko|E<2_Q0N2={S#OYjq>BOydN zgf)usK~0|xSz4vRWR$U%C<4dLO3s88vQ-e~PXV=DDk#+W}a)WUK=xqfae+!{7L&sgo5dlHc;kUC0q^#@U zAowz?ig?LNL*tq|kT450T>5aqGKAKGr6Pr|(A_q{Is{y{@a=kPgdu1ugnH%F9W_lM z`kxMDBvVe5QnXa#Dt*?62Xz7^Rm#W2>RbUsTW;3Pb7_WtGY@`dC1%@U!4+)A@yuc` zG!vTsG-bBgT>7bUtG_~futH#!fI%qK;bj~Lp8VB;Wq40SOnY@H8tvM06s9o@eBnPK z=twVVI(}2hVv@Xrj5d)WUuR~v{l+sV?ir9$Vl_~|MaG;}e$vRWd;w`(&TS^EBZ%j5 zjZZxQ4&?3#Ba%hLD*Uy~@$;XdhCEpOQ>qTW12rnqTz;G{+MyH)q zOE^K{PKk{xT0OC>=R~i@OAe8{4Rsc$|0qr-(iPp|7i{D4?2)t4+ms$ngnyNQxB*jW zSBUgTu)Bfe{U1B$b*p3y6o%Ch7Ouv2q?1^49QDgM-TCRAz$$=?yM7A- zZt3E6AK76=td2V@J|BfI!svYRNzw z!vRwr2A9t2n|wWgbTQvwa5!WJlty%vur)g3cvU;#KJe+A{apt9O}_% z2;BA;j8atPEd#`of%kNJw}STiR*!$LkIST&77go^*e%qcD1P2vo!^0(9uAd$-eZdk zo~Ia!94~uUU?(ne^RuBvWRic7w;sklS>SkG;H^swmG<2I52eOs2m zI%Z$6{+*CU#O3edcLwqFxU+9`UQ0hNd=M<>T$3O@U@~p20)^hjiEF@yGouMU|Nib4B_0Loi)HT#5e|-Dxb28~ ziOz#qK#BsQ>`gMg+NbwJrZg#7#CRpE6~=eoou#>Ha3giAbylrra)tSwozD!&yC8&?nT2o}3c9cz5WuQ-lG4IN#XRclyyZ<`@fv%BurnOZU;?eQfucya-ixYW~?Sh5X z9J^Z+<4utZyt5TM0fJkFYV7}pf~Tw=E8Sixj!9Gn@jP}nz^2>y8o9};!W(m+Nr>zh z$kSUG%Y6A--1zEiv(%~g6CQI5$qX8c67Ka4%gxP?%1a;A7nkqc(dY=r#y<03*Iz>I z#9wHs&w~hBiuF#+Aa;O8wOza)_t*YbzF9wM6zqBT41L!*(Qo-9d)84eW=TOqn17M~ zQ4rmK`YlQ?G#?G_uVUyDp)}8IWr=Px*cae;s&;!U8dnte-!8wo;}hj4=ksLW(b4+% z=OygNbK&r^%-*MSFi0VY9fI3l8$GU2Z1}yr-XQk1=+W06yLB}Ve!Y-rMafZ?l%50N z#U^GyrnmP`__yzTn|W8!YaC2RdtrkQq)TiG3M{x|$P1yh}4u73E1)@ZzJb^yjY#40F? zqPVZ$wVH4&eNWU58#xchZ7&eEtBmP?1suC7?vGrzd6#{_|Lfv)NQpPE7RtO44$?|b9A?SMDT3H0v zW9H|xFY?UJzH|nIA&v!(!P_gF8~6VPypvldS*rM3ewIiiO&AwE?@}^QyW=A}f!HpH@?@#|bPQC$0nGw=&z8uIZKuMG zJ>A@U*=HL4aAQQbs*{(kZ~Bgb2$H?q_KS-S>LwN(7(REC zfXSO4u3s}mX6$sV$=nR?CPBG#Y61&uAReoBytN6ht*Y+MFge2Emfqd5Ywfweoj~Lj zxv!+(-=E0j)hHkG>2Z1?-S^YrhI6r(DfewA;N?n&jO^jxFE-Lz6t>>&wRhiy;jM!o zo|KBaJv_Op^O}ohZI3@i1`}U1-U4(sf{SH#IcV)fr?T}0P%x2I*2K}Tt@1J!GuAtz zj)nsbB8>)17Ds?nxXs853vy2iYNoW;c9)`n6wY^^wi-6H$l$X*zrT zyaa@(6IHyyrC!$BpsLVSz1bGa%aL^A{v!toaFxNVt_0^yEGI;r!$CIoBqRa$CHZld zOpHK#{2)2_8`m9rfk|K(F?$FN9CT!xZB^2XrQ9JpdYLo_PXFhGMH3>0-C0r}>C{YbVEX#~At)-_j4r2gL^(LD?sNQ+d%x$5ogOS}JlPr_`ide@JQlEky@oC5 z`KRvMQK~#2o3V_tTLEiPhB&U#`K!mPlRfQag?INQpLE|aeD_&z4nG#JXEG6k148sP zt;6D&g8>l3;CYg=zb-xtw9;$O=uxBnj0l4=gPt*soLR1WkB;3B2K10In5IxFq1kBg zwdG*ex@x6?mqvd*ygg+8js1OUUhu0MkeW6(m#lwPkt&&wq&-|R&6`MT z&95)Pwl>?(YkKI~zNx2}r38Fp7sAJB<0zz(frj;Q#K#zEOb3u>VbPU0kLcyD`D|s`ZPa?vJ0Me%)s8Q&X{u-9R;D3m;+n*f&n|a!Ok?>a1yeDQ`38)usbp;}f%Qe>f@YyVc zvO}oWiTw`42k~viU!EIBDzr1P8u7Aiw>Np~ds>+@K77KH-DZZK7T!br(=T>I_iO~?q9p8{wV*UmW^#svkBqt6C4z45Y(gXKKQT9Sq+P=K*=~)j68TCh zuZekMcq1iaHd^0aCB+F}I}aDBd&p$3lmyBl3eW7uXM91piAdcXHC<$ZSTeQoL>2L6 z(?52VCU>{TFs6ZW$szxn|6AGgN=zhN&nyI{iOEJd@F);%F`Jg_WOwtTaC8>iIh-)Xm`)(7*Ma9HGhm`~q4Fu91X)OvxDqgkWf6`T}{7+_z(wtz+iZK?* zys6u;D$^wJaYhMgo~7$QIS5JbL2OWnr?#52mFp)4?)!frp|5>gnr_g7dtOAi+c-+c zk>y`yjRI-E6*}I;O|piYUToJ-fDm+Lb<6&0q9VpB@PMv+tGI8r5N`VIOdxF(t0@x! zZj%$U%Nv)%7)(5eQ{4(=qRgMrA&7|SqKn+xL1pdKVCE7Da6e@xb?i&a zM6@(Ov@RbSbSABl=Jn<|V=%xoE=m6At~0brb@#Qj zL(jP}ORD+Xq^+mHEj%A;o^i_=#5`6(U?D8u@Z`hpBGRvt<&(JW>+-il1o^vpl7R_^ zAI6nI7XAk0fJ59W8Pnzc7j)*iplNEveDrtz=M(}i23ktD)VJX9+gQm1^v7Je-RJ_% zKMw4G_IR@jJbG{14d4aPFpNb~t675_oyVrf$`2gDC)YA3 zn|arIB51;PTJdH^VgYo=h7#by=fMtco}Lvl!B5Y@g&cc%BK*42lW2ADS}=3vKz(N5 z5OBsFfQr{iZYKxUQ_ceAgiEzD)rFi|7BBCJz)@Gg06H?#Lp`ULTm^$E=r}qDRs1F< zC)^?jB95+k{499y%e%UnFx#XJWpliFK>SM`bbf#85jp^J>61VK)`DT;Z__PW3L(bJ zOPUU=dCUn~Y{4UDe#~<_2BRnu2WHN-=l|)hcjskr#75s%dDUI%=`EDW)4T3#8Geet zDjdFfb99{qbu6KYMWH2yY^@+z$vC7t)&sOi4pyxsup>G?S0Ee*B%m^g`u}LjCV>h> zATdyjW`90jnnHoVJG49&Bm4bMxYaZrYsI#t{NF=aIPP7!HqCEPCRY35uQId~IRozz zatgU!QHAJM-hqaJiwj4&^b~VJ7|TO4*1!jxVCKwACxo{!J!E88VbN`ioI}}kI+hL0 z^?D<0x3lZ{eZ88uz`c;i633dlA%MeisgrCgOBP}>CTr*8lY26MQy2_g>izU@)v!63UC<1)WVmS?&w3Y zo`ApVRT3wwcG%X>%Xu`Ok005@=tYMwW7-DlN^y09Vw6hJI(;^8K;ta8=(7W`6g$l!a#ksDhYZJ%xef&ng^wUI6!9ig>Qc6 zw6v@47aa71UT|rZyEk^xYM5$_s#_K1TsZ<#Zs z1;woP%va`QtxG4us_hj)fN%JXwvmi`&KLLDhsF{1p7wWsfEh-MyInK2;D_2(1T%A|N7$Eamh zklMRn@Rkv%6rptb*p^Cz=AqbVD_jyzBb8Q=E%HMB5iO`=9`uhQHdW=G<3>^e&ZC?` zW)aq@zcP8#*lvp)iehD)G&qB49vfB0q&LEaA91j>^TwGDFX$$z3w(~`hDvo>vF2T`%pzEbvcH9T(*fSkP!Iet0*#1LJ2{7@jZdX1BC@=R) zPVTkz@rLL-zrQBxD>rLt!AShVPC~<4ISoc>VW-2iKpKkf^wLzj0a{}KTeraT@!5JE z4B)mcRj{P>g_uA?!;KHtT2y2jG7v`ubzm5y3cO=!+C0Rp%4;V2IhCG4R>|!rdk?vJ zHH@A@Y}J+jCPtGpndJy8Em2r;jIkWXf$VR2)~FJgS?T(AIUR-s5F|)93=VsL)$C>F z>}2u0$6*qfhiE2fX_9TrA*%P;#XPY}I#LMTv72i}871nw56*`-@nh%v4=P>Wm1Hco z{7s$mB`Doa$q1QF)s$h9=yW|ZI?#{Mho~T{XLdc$DE)@ePR|qNZ5qjE-eAinupBZx zvHq~hHkh+U1vk9@BG+oI&TZ+tQ>@3J!!ybu(fLEOGdZh>jrZCsvp@5X3val9jLku3-Eocd$9dAc>6*8u$g=y z6jCp|+jB7XTH|93uukq!#ac^eXt7R&Oouy}9M z3c`IG<4GX?*dl z{A4<19DsFmVx!V&ukx|{e~dh=*$jmgeFxir*wtR^MZwNqGS&iJgU7UUsa=khKC;?2dZfbC>_8#-s z8f}`;(l-40;Fm`Luo7zH7RY|pavh$pJWJ*)L!vAtKWs98YvaQI2l8gR@ULo@hHt8Q z(LWkSsf{nUEM5!FB#I!X$Z5S3FTtt;rP2Zf_B_UG+u@ZSUoKjv3a54O+bp&`br{_Yj@6A6a$_mefzfp z(j9i!q5fPJ9^vHft{-D$QBfHb?H6!5WWF2~xo}q0%CAJL1J_9<%egOu#bg&zU+-ZO zh%CvY-SLYDoyezM+us#v8MIRznSWA#EE~$+PQe{kJqfhHnT(K^i}e}%O^xMPT=6Uv zLVmbqiW+7!GSKxf;>ehI!${Hu9G9M^^E7+pH7C9M$qD1r1?z@FmdDfKCjFId$WMrT zXh9xexxC&ThfW1{ks->t;{v!KBjuux1bO4M7q}2hAE0ad5GsYjqRL)!@XG7IKbLY$ z*jN|+=MqvE?>HrDeluzO^^?GVQ%VkHSAfzPt;GR*k%QU!WmMqY7{zlM@R~@JUex^| zeL6tf;4yl(%HXBdEofOz2@N)i-kqX7TVwMH=iVw*dgF-kJajoT>M!|yo zq&RN{)iksO_>%H7dzlVHni;+#5%fWDH-ub7HqA6l4MAEw$_#8lc*6i*vaup*EF*+pJg ztBZ8qGq++&DB$R++P;rPiiw%KsksvjXU5IVrabP**aH{*#Q_h{92C|#dTKv!SF+WjH~(U-N2z8y@Z#BNp0GJU(W6hh}z`W%4AD~Tu~6_ zt#42`E&(+BVN10ng zHKL_M(^cklZZfuhz_>;mK}lX`z|Ihn)Pg@QKa-xgRVWe)MZ{5-xYzrUap(vU*sq0( za_MDUeQ2y8t^O>_%<7Q)wkM;a3~kUzk{}g?EQ`eVt|W03!{}T0tv|tSme1Ne<6o!F&XE(d&kN|<{eVJs?ebJu*wjZ zo}5B*cNJgwfBqC4%72526%<1T_C52d?#+<>)Dgdw$I74Ce?T4STL!EyEPmft|7YfZ zCEx2->9_#8%2;jROGs2sXhuM=gF+I)Aw$WbE9qpNxV-kRTwow;V+&D5eo{a;A zj(b}3o!f;?(>>tIc%Au_^@k-y;d3K+tzwb?=JP~K60_#1V@pe7xtf6Y3GBr+U~YpSuw~=k?c9#ZjNP3<>9L^t_nrT|V~t zxudrLVy0j+o;(chEgRc0V4yo97wG2kc`y$$OBLo7L8o~u%|?95 zi3M6o-r>*LQs9devz{FJ#tG05y#QVL`~8rImwa`%ilbm2E{yPUfwPIk^M{dKd6hc@ zzxtnV8cvL`h?%FPS-5K?a@!A5j_TBG+iU!C|6TU`jUCiq?I4=BR6=U)&HNAxOxN19 z<+%tV`0H}@o4B$^hI+?x+-Y8pobAGrXNo~WND+#7zxrrxD2APZ&H{C92&U=$cl1`{ z$P2|=fueEvEQa2NLi^Wx=WUzXjk*6d__{q7WDUsib;A(bbFQ*ES-i}iye|=p*Gt(Z zX^Eok)^W9K;sX+Zv!&1;@c!Zsp4Fciur(w`>W-j)b$Ib(ABKLA!hslSFhn$etYRRh?8i<_NYFi4HU2BjCI z%14cyLD$0u)0!ZGqt2d2K$H{t)!4b{M)L?+*@?zqAn}D+;Z=`Aq8o?_?kEX!ya>7;JP1RO2&%%sWAw<`EzPrNV@Ayx zJ7(UvvGYf_%o#Ou)_|t*jZNe0>RbBs9oaNsLQZZsR#%{g2m6JH0U-jyIcAQ`tt9p- zi7)HL4zr~d)tr#+msZ+SS|tq` z9h)4H%^0yYU}G&k0T0|_YGR-QBs5J*BuF6yHic3j8YhH`49k)YW6hkhF176K$bOwP z%sq&5L}Vx@>)xY(6KkB-4Qm`Qx_Q*Jl1{yH^D8Dynm=^-q*0@1OrE-kh?aK;y*5{^Oe(CJY`pWyG+VBS+0`9ytpw z0y&Oqaqv`W#JPR@kEm;CuI@Xed#?uG9&eJyn^am@N7n>0)C!vTCB-E>4RuHrDr8R? z*%5%IHU%)qdf5VleFK8-eLTgx_wRDv3JmL+h9Eh3Sh&Vovig7q9+%DI;>Gh9E}T1e z{?yrXC(oQce)`NYPL7{AeB#83VYefDH_aba!l$ zn~j_jWrN?s2ESEPYe|P&Kul7|3S%Y9aZB+zcPMcIUppH+vbGXUXV+4!4k3|I$z8hD zK}B7^5gcJ4zmQ@r_D^AT*$Kl&OddOa4v^@tsL)U_1~pC|JYe$h!80Ia=)h?M8z&Cv zKe4gjxQ4oM90xW`8a8-Z%ZRySTILTNG>NPlP6)O}D+F|-H@srf_{7vS#)x&ehbv}b zACkJ1ptF3jPN0@VdWtJIDLuPGii-tUw2a3Lye1$Tk+S=?NQW~r214#o+taFts-^naa6yCksM(lJGVT;RWg3!yn%zq z4H`0jWDCmxQV7cSIuocC#+r;6It?%eHBA`QG-*J?xcWXV)xCyrtnV|DW52$m8tTV3 z^&iV`2M?Mgc@LI}YiJ=SMuQNIi8yjm2lUYp#Rg8;lbRi?u{D?&bi))1O5`HztfCtd zlDNGKNDvr;!~Gp$49#OrIJRl$*R@C0KWJ0D*|4wy40R(xLU}+Hyh*rl;llaz=kX$V zC>1Bo-h1%So`Z+>{<7z%ef#$9*|X>8pZ4thardBs&B4KF zq2%|}??NJoJLq~wQji6DpRVUud=&^OY5*H57y2uuf}=dmn+>xEsOATB{vdUv3I;ZX z1|CumW|GyvvysaESP&DN-m$a_(Wvj=%n>{=DCkDZn3V_#t>B_(eEEqG__$sO&b*N;QP`Dw~ebD2FpL$Qfx54o4jPgF>(%G)Gvp zEy!uJI{<_054QEGtg5-kaagP0Tb(EymR49Q;f(~s;0=TFa0WNx)G3I-UZ}~yY6uud z4jnqY4`%gNsH zVTq0qsw`py0;B!>BYgZq+xa?uY+;U+#@v_hiQkCsq)TMdLlsjy%; z?Rgl>Auhzxqer2Ehn^fheDKhr0~nEg`=R1z+OFL{{3|6rV==A)HRc!PmN0EJo&JsOEnjSxrT063V({{4H!dhGof zJF@$iA9wBEvE#?B+qQ4{@y8#3_~C~wo43-}7Au)&QF1L8TD7z9T&FgUUm8#=N8 z6*LHu=Npz34?U`F!gbNiIqCsa*c6@Cq=cw|U{jP6wJf@Vhe}6moJ-lL?8!{G{x}r{ zMcsm(?d^e)+`M!y#|PWkA8IT2@&kYHYu7HQT|2uT0l?SS;pZ1(vjzM6hx+?Ftz$rd zGaw+$-yR-d*Zz&7m$lRBcTNI>V`z3qwCB2zz>m%dZU@wo3Q0DJmW?mDag46YE{A5r zGWM|hy^$9sZQdaz!eYffBE&b{TIUEsW zK0$)M)<)M`Y^d#^$LVE@4F$u^k_Qi^LY)?MYr#WPMjD^0y#NxmFZdoB(gFz@!klZC zYmlWpQu3l>(~3LxL?XIXvYbmjennPJ8A#ZJqI}VTfN&u3w?{Zw0wOFS&=KWy#)O1K zI~6M%h{~=I$u3Bsv29s=lGFqyyYfH+Hi}CtatcevO`3Y| z{zfaeQ>oB+M14+mI9u5fbt+USFdQD+aaiTTgT$VnfBqS(v2*7R6auaIVaNB|f7r5Z z`{vDCzW(m}Z@&BPyG@%m!N$7JHw`t`z&|lfR`|im1QPX2iE1%1T;V!1$OvR$gYTRl5fJ>1PG!B- za9~;RNb?H1U~P2 zztqxGiV&MZR)@(roG{~tcY^0h3Z2C_m`AVXk7`m=GtX!;jVw)uChc1I*$2NL0C!wkD~zwiY0QSmXv%`k$)k#nU*r9|67 zRRgsbZZ^!kNRYt0&CC8@L%fR57ez#AGVO$FM|0slexiidJA~46<|QPMiwB*uGsHjPJL8 z``!1OwtV;XhOgFrx&E^+zx?tG9_zk(Z`GRW-u++$w~A~ApPCbV49)|B!qwkUHV_0! zS)}F=rSb&zL*PNdaQhyfEC+;$fOyoy2ngv`F%~yThuO3j(I8*Sky}-kYcLClg-0e9 z7I%jYGGH|DAi3e=hX_RADj*s_!Uhc?vfO$CTZZuxG-#w@&b09ccpEg{kHs)=m4+VD z^dr;DegSkbE!4+G7^2PLW0Tg-Phu0}lfXk5fzEF30i4B z0S;djEGUF4Tz|;N*0Z_~V{KO%&a$M#L?GT0q33tf4XCid@Qz2Iq7@j245DdzW9Xs$g0b}dd?=T{ml5aPE_06{%)_w8GC!c=!>8GE5{`u#he)7dzZ?1xk zz`)Rez%a5IfB_PGV^G0&1uE!+I2FdD;A=+#_^SC<1rHOd=vS>rY>l@EV&P$Y55`lB zFJYoow8G4vl|>BH{oo2SuW6bABQJ`-flX0=qerhsbOSJON8y1b)*~X5qGDJ&+lBQZ zsL}Ca-V#E`2jTteXF>h+2B-H;r)ytpzX$vJhiJ3dFi)2Fv{i!#Uw;tdI)6~3m2h4H z#ZWu~9HE#G2~t8MgTo@pZ;%)uZ6rJDCa04P)0)7`3~f=KDYY~1{O7&1fgRz2kD+!% zLlUK;mD{P2h~;1ahEjoI@IWuNZQBMITef`r?dFZxk&Rz}@zut4pRfD)!?mkFFpsz2 zdXGtM6`gx}*bv=-4J->szDd4VwH?~y+=fU8_n^fF#swZMF!+&k3lE;D#>EJTEb`L| z52(QXKq%x$E;NQ%iFIIPWjSG^qz9%1(WvOk>Q4Sqgm$R|jf zL@_j9cjE>(-HIkipPHaU98vfOA#HqKnrdd7cJ_yS>}UeafCs$~W(GEKT#d7e;NY*u z>D|E|2W9|;Nw10I%$cmj*4s>HW5Q!RwJs?c=~-+l(lIgBHMF?}n{x5e6{JJifQnWU zad+KNFw~l;DKUa^3g=V(PqicJdE#K;T3B*n91QG;JkSdw5dq`dO?tgTXVB(D#PF6+v~#kVp%k10Rt`q280M3F)S3%pm}y!L?Qzyhz1^MX?Zn- zq-7N2ZwM0F{KG6TV8iq*ovw|JZq?*EU}(cz@aT!;uK<8%u83vfgzo|V`Dj=owTv2P zsf&Vx%5WsN3Eu{TDPAozDc#+uGiN*nFO)HQfWbkf?h9Y^`~`+S1rBvL|6Vq3s~g^) zrxlVQ8l*RQXfDe*7-~u+L?sy6y!o3=n>GRlKE}E)KK^{&M~KGCH(q(9N~WcA?k=)x`E8D!dQRO6vp=m6!!zc_c5)V%}Hyk%`e1# zVlL{haIn&an~hry%B^AoKN_K^v!ONxf5WmV78{o5sn$fn zz`?+dXhut|31Dmy)!6j)*I#Ye@Z}d@eu_2u?DLNhjTI~Y^3qE$EnT{F_UyUMBSvRs z=2NcY;}=NOFM+@K8^-Yn3^U$Zw5Wv1kSiNF^Qt5q`C_@b)EmK+aK*AI8nalr4jc)= z<7Vklzmy}6DE5UXfCtav$v6_&6p#Q6LKTb)`3>R`JDDgNJeU?BcyP-{h<_O1^u=)S z5kjKbx0K?O5UL31MAnp!Ns1uuh)au3$cQo3264Y2qZ|_+-7gS<@K8v|X;=vjf)s{UVZ$2?%nGK&az3qCRjmnlC>xj(2}_JM!Ipdt7M{oY z^U_fvb-=P{2>%P-l4+Vw_ensOs>W*?TmQgAi84T8jVi9A8PSUA7 zEM_`(2c#nqf2dN&;Hf5gL3mbqx@2fh=(JI+4#^1 zpfxQb7IQCS;91V7{#)W$ckE%Atdu#cTYw`l<( zKBjR|n_plkzv8^DEyz6CK_o&}Tmn^^Bh>o)C`J$iaNJPQ3ABi~L<(bg#q!GPGZ(M2 z@9McrG6MwrLYmZyYP|`$6B~embl`7j{u3%RD}EO?EQ3N|g8!-3MEs0Rn>=WIwSN72 z0+WwF{&@B3)o;D^)?fbe7j)yX#~zz8V@5+mLrF=eu+T_{BNXEj78(;88iRLgxAS9U z5b5Gj#6e8N(Rih9Mvgl1vo|Re1kmAjvcg`$Ks2&6IU_>CIh47!92+aaSUV_ zJ(S-va%zRBc%B#z|0*q7VspF8{NklZ5L}WtRdt^fmiZy5g7(^&{ zVncJ|>S?HG;AZgHym_;-0T{~0x^?SdgW&bO_ugB%awRUubI(2Z_~VbyoH?_(c~nth z$C&7NyFC~}C=q0YB_JRKJc6(?5~`S?gjizI43-;Z1u(uqjb!x;gbhv<0FLhX&gh0W z8|wB003>MR973!gIX7u5Wuq$#^{6jeUQwHxUW9953m_CV(F8-}cG5DE9;X3=HZxW( zRA^Hkj58ol;KU@UB(6~sEDRu-MskmaMQ~+OZ3{HyCP7R600U0a4LVg90Ax1wcim>|)P+{8VnPENQ8k6iv~%s0CD1*6|!X zSawxo=ROu=VXYokB}G7zQw!XlC#feHGiAihiIOmqLKDx>7aklYixq05Kzd&pz^epi zb&X(;3|?klF)b^uR>Txkr8xZi^aMY6atn6TJHO>dItBp4wK!RKsev(w0V%0=u~ zKoCD_&ip|izX#g*it7^Kc+kfmzm#J|W!1UM*AE{%ee~oR1w*qOn(nwq-5`ej$88GI zq3)=~203!rKsq?CS+fS|z#~OE9(m-E*|TR49nxG}gx3)T8{rW#QPFYurQ|(eLq&l5 z3-tgGoPT^#z1;vnk218vT z&V+G?UfmP3lXdOGtsv z7tneVM%CHU*BKE@;g(xl%*cq^ARQk;dD{As3JaiV(GCpg_=rNHoajYOm}?0K#XRDW z;EP7ZF}saLT5xz6sXui5^u9w!4;?%Cf5*l@%NJEPFe|X3#sxM$GY^Gi)v8sbzg~Rt zMZAtBOO{NUIIXU4gUgi@9v0;cjYK*)VqzGsVywypvjPbWI3qg{B&u#8CYA+Jp#Tqy z7Wzdwp|i|P{1jFt#hH|KYZ+}}A#{olV^jH+p0i&MOCRHD&>|vJ5|h|(w2L%mpJkQB z#$}QeC0kBfj9nOHfz!B*_zszDKuH`*FvUK$Y;)|O`hpynS|9(=huQ}E_yz+KjT3%s z)7H+w9EE%g!{LMwkzr`GNpxm&Xk)a@J+RBzZa}bIs&||YCvkm5NEl@;j6zBakBX(f zfwH-nxDM?*Bqb!V2~j$RhNLJ|gvWN^B)_f9dNGEjd(xZKB2LhH5 zX9Ue27=kGe3XagU7`Gw)PR0P6LJmanFxZfMma1b524x0XxR)V{-$q6!)1i!@g;50& zk;nj3TH1Z0%{627-ggPF)PyDWVa;M zU>7m*4OTtDCxHz~fKaz%DtS1PF4O1O{3R1kzrz5^z!5NjM2BmMi^C$@69mbiZF~xY zwk$ltjIH=YcB~_x&nmmj{bbOG!CcBV$eNNTPlO82y`O*w!tyM{)Uipawf&l!hKv|L zdD{0s?EHDp{{4rK+?@>zl~(0{7!)4FuvUIUOF;E#)$oww(A<}I!kqLM(TW*jbLU0X zDOJZqol+bR*nkt<4?6IB;^Lm=W!2PkcI#Tlm7MI(xq02QbGov{8(V0x;V(yUqJIq=(eyjrt?nkofi@jdk(dQMP!H^jiUweyA^4^5zWc7S@zhh#EL^yF+_(ufHGNoN!%q6wKM*zm z134x13k-<}4vVJ#Etn`q#yS~$60buOT zD^=$o7Xn_&o4H8^{L(6cRjQxbqX! zsNQ4C?ChLE7Bu5nTwGRA$flNZURK_m{m;d~i74NKG^X>;9z5mf?pMJS<)0VA2?%IPXIdD=MNoAdGu1B3V`Z4Ltlc;I4%ghz!%v0Oj`Gd-P= z#_=!{gpma#0!W|*0f7yx5pLiF%51poj@0+2BhHfZQA-i z@W4Y4{GpBK$jO5Mz_D#xe{_IMFXIAiip`?Rq#JVcit`IfsO2gyE-fwVQrV+--@1l@ zgN6+s(K2@2q%mVBPM$Jj?z~0w<}aQ#n@)e^>1USF>CZ2J;pIQS^0(LDc>A4ItKVPq z!J4&eKK$sbjSOWn(*51mZPeHO^z*J?e%Z5c@4f>BBeY|u&Yn1Po;>;a%h#@4y-q6Q z;>F7-z^^3D-AGs`9w5B_RW=k4aNGl{ zfCmrtLsUlK1os0x2x&=okVRj#XvxHhles}6BBOl$0;u@$@w5B+2jP}WaRRAeu_=;v z=58f@MB)g?!vX_Hh(|Oq;auDgEhWYOj7e$Fb_t1Dsj2KtUF2fBE4FH4h9es&u=ffn zbcSEq-iz9v#H{4x+yZvwp_(+8)enmBHd)evp!I*+__Xy2Xy+TiTM8nNKoMR_dS-4x zesM=`?efmuD!TOO*1cDco;AIyYI|4LRoB!tG!CZIn@5fvKVizW>2v7oIdd1$?{v56 z@#W7if9b`SURm+#>#whT`^~pjt@-ei57vDA>1SVly=lw0o43-oZQr?P@4;QWDZSlG zr|&;-=-{Cv+728%eEh_z6DLItPMe#JOKkF zXq?mVNDVerct(;>i=v zE4x{ncyNtXccfTAc7NzS{83x8H8r`uz@_e6iz)pLa1WWACBEhmIdRdg}PG z(LfkTzic!<2rY@ z^rk1TrI}AWPZWc7v`Bh;RDse!CQe^-w|iUbo)_Zp^AJQlknp-_2oIGJ42^|~5~5jC zixbPx;HmD~C1qfi9|9`siYO!~33%XspdOm>AZ(exU{OtN-{_dw|9P;D%^nmG6s%!8 zNAXJ;k`4|B4Dt3E`jjzB6h45e7_Fc~PY@IQQUt`LHPTtrI58#l>nc%3lroORZ(BMJChYuSyx@G*h@sp>|m^*nI%a|{iyWrs^k3RXt)64$! z(u&tszO~|SZ@jkhjg@b|^X~f}to`(}bsN@i#8iGKJ{7cY-MXC*xO3;v+#`GT@HOl^ zeflhtd*Xx^z+jnAa^>vV^Bh@2;PNHD=-+e=UQSrWh$}2Fz>x(gK!OvFumBQP@6$)7 z|2_R|{#8`;x+b+03`u1$tR`&8!~K5*3@Wl}Xuce$QD*DI09TI4P z6COI0uRe*E0C|@gTSbH3+5$5?kQat-(UW!SK4X-Ybo%SBzrOs1KTV%G1IyArE`c#D z@bC``4sb~IqqJZrqnVa33IHa5CAlo-D6v2m)z=l>YkT(@P~SLwz>v`+S|*R3Fn#JY zhV^F5nKNhM!iA4M`X~Yggv3XrXL&`!CA16w2TJjl*KgRk<-6^hHgDU^J-&0-4?pdu zkr_C0;v|m#!J|hGbEBU;A?*}*{IMe^kFs2VtQc^asi53I%m6*BUyS+EF7u_CC(ysL z!~~BU+_;|Z;Dp;9JwO%k2WXZ&aQ)_IigT!cLAyiy%e%{X0{`jql^g77g^xia^9dVV z=V{_*ux8^8i2R+68`m%2I~)3niih`6QQ^H=oS087L$`2(Tf!G&Ns3jJj<#5+K#o<1 z%n5!AHy3x=k20BQ8-56h)A!zAz2dc3QIA1`ht~F~>(j448m_Hj;E(}BM+_Y~X7o7e z@#(V`KK$4-Pd)p>(@S4`cG=6zUwrlDS5~qC+}o?xu6q9y+Uhl*ee(In^&2;T_4P)E z{;*>V6ccJwRCEiDr5xZ_U$~@_&I@U>7c4y~2(!SARWy{=&KQ7v-E4 zW%%xmX#Xn993t5C9)22~E?dLUb-(hpdpte8=zYcf>bCdg?Jp`h{LaF_bg}!%1~VLn z-yifB7kP(P<1I?ThIuF$H?AWT`X;aOA+BG$^85e)`_H@yx%FIy1y0P3BQcKkkh@6k zBliPx^nui<+9*O=mb{&wc58|gCK632X@sn;>?euA0j+cgB-U@F|{is_%i|2}Q-sp9? z;q)l?BVVw7&E7}v&iebm+JEo=;B)+=Z@}}7wf!{~`*a9c6$WN_ATPKy=nN0b!{LN6VywA#x|_M1d!JX~wfN)ua(d2>ysOrq$Pru!awDT_4iwy{8Rq;f7u`5E4u9`vc5X)dhJkp*?O`*L4V7UCs@DYM4#{7*S9`j ze{20Oo?tzn6CV0UI9ji3y({alS^xbWPg?y2>&JWi@BdFdjW6f6pV#`*yt~QjBmRp% zL4T|L=>2#8KO5fP#=rRd{{To!r@jhhZe(+Ga%Ev{3T19&Z(?c+IW!|vATS_rVrmLJJRmPjWo~D5XdpQ^ATS_OATLH~Y;cj4pEZQ5gy|QdFVlP&{ z7;%~hk({A996Dkjfv?~TztTR^ep!E_P=yB2JsiqZ2tXIIvhti+g#zYp#h;7673I2G zZL4Ct*{n8AQMbF*dRH`Sj_Y+*d^i;UU0fI6e0N(G&u@!$`0w^P{no3h(Qmsb>9pOq ztIcll{9W;zXGJSeKRtU_eDmyCS(L@I7sax;D4zXN{PtNGe+17iQ1txW0z42>)@||Z zdC|0CI6nzvC5-=5ET6o-DE7tjnX zzuLB|cD<{MZ6^d1<_zl+=3-Qs&3cD!(BgKxE~FL{XW7h%bAf^o=O=hZUP!75`a)h+ zXjui>mEl?~+sMy|KAW~()$O`865KLQG9$|{*)$j>b|urqCbxV3MdMs_#`)vn!}G)Y zk9U`Eix01@+nQcxf5D7%EQsNo@86ZhlN+ej7zXWQv{>Hw7^fVdU2j({^mdp=ykIfu z1;G!o<*I16Ww9%FM}D`e%uvGrcpu)j*dp0oQ@q2|TJHGIxAAAQYKph=%U0K~iWhR& zV#I+B%Ld*-RIT=#ui(W^Ni@Lh%!|*A1|5rb7Mn%8Sv4UNIiri%(6Ndf+R9>;xJ`bZ z$1u_fvF_n4H_*C<630~6LEL_l^6T?LV7*;c#2Ny!P9t1TP%+Y4lzq z5YdRH*B1+pM67UaN3|2@2$+ITdl9#Qd3RAfRy^g0KnZl!!aMXW#qutM1X?_}jRb>o zPdsXijyZ*-g)vucPB6DDikYlYt((;zujw!+Vmk{n$p6*mXePR2xWMWQdF0 z7s}0aJ<#lStNpI&h4C=oYWC%-T5ltr_cD}kW-PF=+NZ60fhL&8m1YG|C)&1|mOzVb zx0D1!n&%`sLuiRCw-rL&cxW~q?Som3CFb6&KK+AOfL#$7CzsE*XQMxY##C&#-`;u6WZ3pXl;xmGV71*vOnfnI_{ zsK5)S9T$!n1pp(Qx{ClKr22{;;S}V*2N;*=c#T`H_e@_}3d~LtQw4M9Y{hiwElo4) zntGy-x#fCt_5nsKmzS4lekz)m+j3QIYbwkX@2JKXr)NjIb&dz;9iuOg+~kBynX8U+ z5SgwD{9nRE<`SXfB&ZPYxb)Mf3&>htq5~T71G{zX0sk>)^wnlh+NTzj2p(wksA#jd zlD)V2Sq+65=g;S8D4=~HbtvfG)SaWB1yj!n{g}>9=|}3b@YhnixoV}xYbo_cAZ`iz zA>;TgvkpR`Jxz_n`2oyp7+kolHjqdKsBkHVKHQS2N$Be5J z_>tr1ZZI24&8oJ<=EU*W`}$~}Jiz#T)~wd#?IGUG@dwxt%48HVyBg4UmgB#_dvzzT zm&iRizI08@#08r!%*KVp?i}m24C~;Ab&&lipKEy5T(H)EL|dB9l=YTLYqQ_xY=5cv zObr_)UCfcim(OPXu2a?9&)ul&c3!3J%5y0E$*l<+hI$(VQdMY&{ zu~p%hzcWd8MZe_NQ{dEomY=_rSEq9AKo_>yYH8}#p~rDTf~?(HUF!l|Q$Y>afOB_6 zfWLf(S|sBq#ic!hcfAm3TbO0_gh%p1x7hyGUyiGxkhOS=a-8G zRX9R{CphIUF&sYCVhYBh)Iql?-T@UNwV2deA`3dUrE&Enb40wNKuFY4NMc8Ixel0_ zSb+Z>(>4YcoG2Rf(b(##qrgTiHS$fjg5E6G%2b;yyL-w@$Y0ZN58gpXH4JDZyC$=4g%k6%Iw{<9{*H#2D6#&ZOY2=lMI%zHtlZj{J8m_h=tK?cQ_b4@SGtE z>v#knk?dI>IU3>Qe1KT73jFR7##5Mr?T^MOLn6Y*B|7$I69cU%*bLH7@J~luV&E2b zYo~}0i?H7oggAYWG}XgFZB>C=CjYb}zF}i{NA<`-dH7@yaVU#$D8eas;yyZFziG=h zjN*KBH?P2?v8Ux5jFG2<&51;I6o->Ub_K1BgTZmks?BZ|;!53eegH6Ej@Tzhl!fi0?r_&qMR#p?(ZBqQ zqmY}G2ZT>$2MH3P!UjNf6S5AT1(NS@NlrvGj>7UN07YCDoQc}%Dm3vP`HR8v7di{T zp+&!#6>hb}g)h-5bQ%^zj_h=F8eS17Y6nD2Td%FzwyfB%yCUM;D0&0U_{)J%fG7Fv z+Py0{>B7Q?d*b1xuOg5>h=*NOXEFc?Vxvpy8oALT_q|bpoxxteyc1v+0}eNc31Zys zuWapXn)BKoEHv0|#(p-98F(2~O*)zR?WWNrzuQ}IGFL2{v-~#T{R)12Z~Dk(4MvVC zTC?POiM*MYc?y0rjO8;IE6sbt4~XC?y#+oy2>{BcEjajYTk@#BuYlH6c_$0^pO)Vu5u|PP8L`Aq zPx!S(ooYl@BF!Ldt|m_vg(9#k7?_QOYSn&QiNWauDxi^QWWTJ`;ADCTuvS0t+v*2S zFb-(E3Fp@8C$p4t9jQV(z&gQBY5ptXQO`JvlXB?moIr}>@Vkzx>*_R^nu3;kYDI^b zj3fTE{0r0);4<1(&B2j#?Kgw8BUa|b{SdR#K4A~_epM#V_D>fNIQe@I$Z~`0m%c;_ zUz=`v-LI>~zyEg9iFrkIO$s7|4IYavu^1*;QqRz?4@r)t^J4MD=c`svr;6O}m zaCB}nOW>$ri?wqt)9~ycS_tF>6v1NgEU;;bNWDCrhhBomXThmn>D~023;|Aq z>2{O|+pEx5V+mf6>FCjrBUKuU%8M2;FG1*Nym#$_6b9WDN5b#<2Ka@`gos05L5dPd z&xNaQ8bF{LUIXa*I>Ziwl=)LYhZW73`JQKHo0fvb4d5XUH>~a{>(xGaxG@%T@_F2H z1A(W_JjI)N;Q$-5m_%mfZHi}NZ7at}NIbc=)vrOJaq1#$3A^PvJ{DrSQ(j{+Ot-xW z^>AND)X6p4=7@~|3L}rpdK+dQX1A!FdwnbF21>0O5Ay&5ui%JBVE}5;Q7t4XdI?^m zY2+R+{uF5tC0OFL0o81rsVbhINU}-s(VVer_!_Ego{Bxttv2EpoA+pqOSalvQgs^CU~e``zMXY_xr? zM!lbW8w)yPK%~mi@4OP1{wuqMU%-NKXv0ZHPwudAXv^ywOT<9hWIMnD`RHkf_{h@}9IcCZe! zw2}u;%Uf5v;B`~rq#%VoIt`F#Xd^0hb0bi1HxnFT+9Im$e%0sr=)oTv31#Ehp5pKKhYv!Ix4^mY%qu|j-fz6 zF;lKZl^Jnqxbzbx0H7lg6fogJ*&)e^_~bbX{ioGs0kz@fgRrRCJ#;&{1A-*n+0ZS_ zn^DTv++5wF{FgDXX(0Odp&?9Ltc%~ieJ*R2!MXjXrW^aek}UrH#Hm06L&hf9EQeUK?Xw5@jZL=`0BnR7SDBb3Z~Zq$eS#(E^NUJ9O^MbhHj`gMh&RY z4l8+9Y81N#B$@;&nn6$xOVqdA-!ePSCuqb7%K8p~A zc?Wc93Q4<#U}KF5d~p13#T<;YxuoWW$Cft)iY5rzr?^=z$=5Ix2Vy2u%`^ z6>NKCUnc~Yfv_j46g806igf)%2ByfY_mu7RzDU0%s4n?+uQ6L@z*!(!kUh!D0^%7% zrYF7ubebu|rh2lP3Jm?{qe0DbWwyLHUJT?fs{JV0Y9Qt9R57&A47#hew@xD`73}!P z$=g;GbWc+;E8S~k0x$VjB1x%30JMun)dHzq2!oW?i*qsWzoP1ymHjEhOpVi5{Q6*D|dph=(_codg<>Nt=>PrP4T?1-0PWDF8qd<9w+UXL@V#ibVl7r2z}4Iq!D)X z1O%>0>Ac@%Ls2pGPPg~f2L(fa_WVANdzT0o`0hC1j@`lXAG1{QWLhyY>3wHQ=KVG|j$W&DpEF36la zqsrnI*-RZqiExON3e6zoFdA0Rw^br*r~wn{`0AL-HKmcn5+^p;6`l#IY4Z;;qq1+j zBsMz|Gjf}y^!&s5BpENI6(qp`y7{GuK4ykO6Mgl4Bq6Dm2Ls&GwHWQ;B;gcV<|aBN zt{z&gf)=LxsXng!4OK7m61!A^kSi87JJL}tk2>wRaE@$={F(5ZQXCEagkpK@T;FSv z9L1hY`^PU^d-g^Y1b@5$O?%VL%~k(`?PE)Z77&06d)(wdR%oeFxjjJnc0TQUwQfSI zA&#quuv0r7Ut4>vY1C0i#YB@!=x+Ae`LjBv-N!?7=qT3|3&M%P{B;q&`!@1vq?%6}tShPo z$+QnubDJJwMfEz+%csM_t^w62wr=?vVb~dOvJ+x5nZv04@_XJ@4`XR2TiM;WL@!_w zQ~2c=;yBq|S`$OzgHG9(0m;eLZnG-y`%2rbe{aP|fD$8@lM%uRR>(?z>rJw1-M13@ za6BDZq948<=Y8ka!nN7K#Knl{-A-?`Ht$am&~I|jQTj{_*o;!ZXk^pfH(}97 z0Sz?*kNzG9R8vt-U^;4aMM8hSRzK2s8Zjy{cLQ6%Rj^Z(Obd^+9*f-tkPfe^Cmk^* ztAjUTrG#S7vDk~q?ZtLNl;Bblg;5cjHyptwatAU?g4Mw0tyru!yepUlE9SJP_Z800 zX??3craYYh$~|9w+p$9-8$O!{<*5|qPfpHD^R~u5{@Evzxv9B-$B3se=XhI+c$7fp zC9}@CMYkgYN4)K*C_m|KeLWhzjTypMc~S$OC+2YBQDrPAWYOV9HwioQDUDSY1N&x( z--Wy@tg>WTxFFU3zo7z>wMU7Vxu+e{qDZn(2h_qa@^6y;z~Kx-cts#OPdaJCKBk?g z;h9XmVI4Kq>|)eHC@oHX2-r-R=Zu3-ah>qQCELj7tgcHK0r6Kz7#)FKMjLsgk$dgQ zM;b?8Dn?fXM@_+*rw<=#um%@GGXNAL)5@tDUY0NUh^T~`JTRMCvXh#i*}v?A8QD0P zqE(3Ds5RrT_{(cKXH2e+SH-C%VUmf^;&DJhw5B-nISp3KSeQM>6RYE)Gg-JuTi;iLMK!QI{6CBfa@-QC?KxVwd5!7gxd zcemi~?r?Fqz~=qQ?!RjH!+tnty84`+ex|GEnVIVG*||H@YH{}HIHZx9C41Clk=ZOC z5vkR>9M`ZjdThM(CaR(_@Fmn5m92&@BU#Ovk=^})Rye>rQmQss3{{YwuDEw=&X>FC zt<|xaCXr6wFeJ_0gJPt@E9(-}kF7#fMk{wPstt0*x>;dZ8u(@~pCGeh#^2SQkkA%_ z2ob~Le80Z(g~$D#+C$0D81Kt&^e-%wrk!U>!J(o?iEwySo0x8M#DsQkq+L5YV>Ltx zPk!XA;)TXOd>PBRf1Jd=~Nx zKLU~+Inf^qY;pAjqNcpinqa1ZRVGS=?_H|)?MvSnV9F&2Gw|M3aA&1Xo2_Hwc-?iw zqrb!<2=-UJBB-U8hRs`_bYqrupKkutEQvuPn{5@9>lefH?7BJ4R6gbXrF;*EwF`l- zs*XR(yZGv$EKV;20q3S)RL~qK7ewV`VSXNj$`mxoRv38#O8|!xoktsV7Jm_)a8kfL zNRsdxUL(Wzh4e?SGG9v)-SXFjFWkkA_>|vCu}Iy;|E%Rm$Nq`F9Ze$Rl$4yF58X4c z=!P7FwM{JXP~7zxbC%Tpl{U8~Ny*oXHZy2s=tVNw8O9A)Z`mg2P&d%cYQ_c8q++C| z<1i?pAMQ>jPlQmBeFy_fkw{GQS)ngnp|(RrP_$JL zps2dRUa5LqH7ONBh(Q=n*zfk3G`PI+?agLc>T9hPUl!)aFzm%CS_?E?ui zpbMXdS=3S2aoZ`7g_P zr_v0Tvv;*hyWHuEALzofy^jgb=s9m7Wt)EK0u)d!b1H=)L7eZ0ym8KyO@OoDywLzR2-@-e-pM^ zKa{}zKzVD?V@{JTUCw>om+W3i*giDw)@e@dx z{Fq^uQ~8(U@Nh=sKUR493hi{bn}1MS0?2ui0v?;!E*TWBC6!dA8VTx8b*0*f;0gCz z%$}^U7nrkn+k08bMlnptd0%6PWBk{bOv&*1OTQe}^~*knf3Hpy#=c{sh$I0y6Zeao zCw_%UrjJ_sPR>ll213h!80`_wA1e&nLHy;yv!)~G+~TV_4ta!DiJM^y3t)82rf?BO z^$gWrIp30;X9*E&S#l2Bi?l5vQf;?3+=@HrzYPL;Xa&45qcmZ7hv;u?8WpH$)Obvt1HEkJV!e75R$Qi* zy1)c{UMlPFRkJO1ECUeLurhRVXMdPQX%Acm(~$A4h+|A)1=ZJXwH8ylHr<4YTL#^Q z*Drg52^U~(j*8HNW#6NcB_dI#39o$LW^@e_Te|SJT>ObRl%|u8)@2*52F2t^h&eAX zbTYm|toFezp!S5}>8`t#o0}}H-jOTM7N7IQxD^a6pg49eDk=U-dP(dwlIE98&DO7b zd(I9cm5Ca*W>ZOt58;2B3v=G~RAPn;V#R!U3n2!7Ak(~l>UnWkhVIRLqEg_vSpR?2 zxq1GlqRqq0#`%9Mx&Dtbx4MtB1u2WNiPe9-T`e5lNx69cyX38E;pXJwYG&a^%J)AS zF(*g&e}DW_aR0YL!NT0eMAXR}L67yHg6m(;yqxR?|0#_BuP@&J!+p{lD)5u(7iL|GNy(*|nZvFXdY1L!$J}t!4FOeEeseAVe4hWjah!SwynB_>4pg z^B?*QZCjusC0CZ#iB?u@U}a$8%f~i~V>dfbTa_#>*5F1@TSwc=^^x5Ro&Ea<81;C& zkmYH)wEYq4 z`sB5&XZ*e|T6DZT(ovo{&(h8Jd3bz0GMW=4{CNbPpAqTFV>zA)^7wH6xB$QO6nwtA zEq^8y;OO1QIw_v?B~1+MzuXz+IVA#^Kf{OZtideDs3LC#YCQ9&;k{z5@NgFY`> zV0xY}z|OBXcQd1}yK)}^A2(4m(@MvvpWHxtrBYL(nC_+nuW5|Z?zamt<4bg&N?$Ew zbkHZy@n`>MP2L<{g^3LKiKj6C^A!BDJ@=9NyuBV25ZLM08RWw&f&))}2b)7|Ua&=V z=lLnR{Wo@I=IQtZd)BAz{YyR#KOFyOJof;O{N{$yjYreL^o9ZWI!VyWZ|ihseSd#* zVEZPw2*IE7q3SliEaJ9ez~QJa6KKK=4!^s$R$^l{a3-ShkkjxwrR5h^_h z^4vE-kLgH(pkEyYz}}QR5&vtc zuPOemU3aXloghJ9L9PA0WOvnlfRe~uE9&tbY9|-qsii|pQo)9}F(AbV_E4xmu~Top-Z}JB9QF3(=*RnQL939+c9-C;d=x+T)A;cs zO)Dcs8r%J|uX;J4X{=n~)`tWUXN#1CYX9)?>fx|?^!aXh>GHwVt1HM+;FDJB zN5QRdJOBC)qgcytSi+{vIxj$!Bq9KVeHw7)? zXU6V(y>R=@Xh6H5Ncq+xXyRRp#&N=+=k>!*iLUO2MoAFR@7Htua_2sGFx>z8cIQoe zdtxdIl9*KdYCfJR80`G5!^)fUtSsEmJ*r@ezRMfOP+z!H`3+aV`E z=S(&-HIBSK-%$gTB=?*?4&P`~7c~Ja6m7=ZcSATmV0PD_&xv%`-(@VtWb)EDaL5f@ zz}F z0;@Anndp-GT12a8m1;ET#Ym(fMOJfr7owy@_fRC@ncSDEF={})`!)9+bm-KL%Fz%d zs-K-TS)7wFMhsEH5`GpGEkgIkR0ZX#{4CYJ`w@aSb{46G2i;?Oc!PoaTeR|*518kJ z>Da}70^=VX$@NFEQK`!vPryLdE3l;$g{=}v$EvO~7WjJzBKL1({N9HD5*;xc94< z5Y1=IA_Xel&v-r}ut_VGZt~uWwD6Pt)#oj)>1B){2rN}Telh`hiDClQx-^f8Iz9M! zZNShy@%dcEO_+B{29a;Vke$bQ%3A>7pKx*AhkG z)`_#V2@AS%5_trfD&BKtr0*MP2M6x(g=UuQuNuqrd^8D01er^jX2?>V*@H~+A2~k0 ze=nPZ5NW%yjv)tG0Kx6_8L(k`5nYIDQJ=x%5e`E#0rVq=%|UrYLLY?%MpwiDv*zcs z)xGAetz&oHlL=$`*`1m8=Yd{0p5#f%28n~_5U%EzJGn@apoNt5OfBg-DfD+4*^`){ zSY`AD@{h(nZxku)HN})jf*|%FE3n+)ZjNkxb;Sjp>_&ejbMkz&bjdOstw)rB7k6vJ z=kcGN&v@|d(l|D?iVCBLJ$7TtAB>rdUC@fBFT!ns^;v>EdD3@kr123;_XW(g{hnEF{q)y%2$jQeeSHamVjmUOv$N15 zE0C~`MttCy2SNLeJ#l|xNB6dd{nXY+78Y%7r4v^-uJ6r6gUa=||JU2&!ez5hPt=JZ ztZsCjJBZhsVQ!zGX_7y(_m?e=SOMAaf%o`YRn>5F8j?yvAH8QI>mC8!^(cWR(pLK` z?N3)r<&(;RH8H0Ld0+ojAkM~%j4j^8$CLRa;@BtCseHUN;fv0KQ*DFZNs{Njw4A#N z_^{S*gNrN$ZD~qDx5o%3{3aQ|H#xbO_YpBEiTMN0;@BNFvyZ$A-tK$zWO1XxbF--d z5yd8hlUG85Nq(}IQRd;?Q^l9wqGhXNzrTBEjbAE1^&SP)LJr+ee{M@+PbQ9}p)x0pfP=_(EpTzb24f4aF1n43u7eRTC% z!}?6(&zK_#*c3V`vEjId<-BEmMa)Zwq4KfI!{`cYwV7n=N(lT+n4K`*YwHUtYWPuTz~*!cS|eP4|vJ z7J|Qg%Uco_+Wk8ltS(s|6qETmH52$VefhX!d0C`i-d|10>5X8f;znFZ1Y8ReESu=e zab70@P0@zBkXYTmQeq#LcmhbQTyn}YL*k!FY^-$3yz(amtq4oC;XzvJm zreG{aZNJn#$)aZRVD^g3PcD%n6jqh@+!{A+cCQaZB<)_k?O7S;+Nz*ic}!Ux-{K`? zdgDEBIgaXB4N|4OIesG;-qBh|8?kVbNl3EHq9=>yUOWM|H4Wl(gzMKxZtFbEsIgw(a zDcygs5s6&9yl#d&n7WqZq>uH>X#;mTNYwREICiQzTFp7}-FAeTp)8})9Mz&~Jb%`> zR5r$p(uhft#eHob@$nmSS>dyAK-bYP2?i#q`Ku7OrQd3nW zEKNNnm1Z|~@TOvb=oEX)LEyh!o_~u0giTm2Z`RtXW0@TUX6Q3DU=Tqywo~>Quy`+PqVm zQ;@f6H(dRMZvriBodakkiw(^)&;5_`lJskr$FcTZ$0y%@e7Wuz>~yLO)o``&h+i*B zOWQqC50FqJF05@3N#5WUw_WNxRW#8b0Oh6^b$V6MIwmVm-G8U-+cni2PP4BMFqI2i zCCx)-3EC;W|4ocrn%vcC??LJlaLdYkt&PrO8FnM+;{BBNlckPY|JIQgEz2y zeqx-rajxXNSW`LUR#1h4()9$_#1g+5vnOAjZLQclBrAym1VL7 zc$a&c*G8t#y=KMx1g^ zJ(}-0hG0W!YxQIx)HzZ6#9l>0^}o^RSj0U{(+I;}ry-4j+yOu8d#wuCy+uU!8MKam zsu2LsxvavAj8e4H-H~tov)OqN`of0Y>Pl%Q3#e9BE%ppj{xEC9u9svvwOWne3<=QW zv1u?HmAmly4CA^?Bi(UjPV8ceDR&EVaP`z!O9O#vc{yWa&+M+w)0Q|LG|%VW?SgK< zH94-lf0LP@bo=p(h#TKr6$o4OwNZE4h2NP0X)yzm;!q{VZvFtMY*hEyJC+N!9J_02 zbZi6v<^}ljx0QuE{DR&3IL&^{ou5=i3KIA98%2=nHg>yZ4xq~IwBxJEoY*mtQqeb9 zDcE~u+uhjUC-XK@bKw1#)2^gFKeFQs@Itea#A!xD`c&lV5becMuGw3Jz%S`7W`h0I zci}r94}prp(P=*h713JYA^HHhXzO4hI~FD@csBB zRn%T?6ouJ`(A(EBNRbpgY>Kw{5P!Z*W1$H-ba^NNITdGw=}P<-zKp!J6HB7#vXS}4 z#l~`~`FSvDU$39Sp4}9YQ%QD3>)X%jD#Dk^GJOBE*@LkTt+$Sr9-v8EA~80Ry@!HB zinB7Sb_*qeqKIP>w-RAua4GpSR>E$oe+ypp#KI7_$e@3}&2OUyoVJOZ_9-o1n=JGd zOKhC=)`uf~oh4uEF_rLsO;j9kg z{nx-vd7nCy=L|`Q9ce{uT?r5j;3d{DZ6a=OGqU|_xm!lF2m^CU8vK!mF)}?$nsi1c zc5Qmm`XW8|*yH2@nnGO7R`6SzydfV?U*u^m4mYXW0#2>H2#Q1_USG3&=E0GSTI+du znFke4jp{dXF^sNk56lS*ag*FO?V*d~jc;@j{L=Vam5{$}zNG^As*1m*7x4+o)>T$! z`&j=qUG!yK)wba3Ode0ZwnMq0d>G%_1Hj237hZT%a#0^vV}MKxd1b7zWC(ca=@>b3 zJnS>`h0L)1`q#%nF8#{844$E_8)2nd5}sLaWx;l|pME~^!`e&F{$l+Jh`o*JSW?MvN?rIgeX zDM`Ai5^d4#w&f+Rrr`S@(0JZ;#FosOeTQqMXnLS*W1~efB@-Pe#NJ!|OQfk8fs{(i zLpGyx_%B9utJ;exK6Sp9(8FJyim}F)L}(79cb6K;cQ3kZ@|6oXoPowzKRUNXcGh(0 z2`w?FxZQ6M3TD3KjLa&?hAxK;+4VL1NRJz&Nl7wcSLG-GXHx${M!kV!%wo&eJ0V@k z)TL@hf!vf_PDJRaea*>&_-SojR8(A&o5LZoT4_hLD8yAM2g&Gc0nChI>p`b<%m(5J+)w8Bd<|YA=jA zfRZq)=z%_VTJu{m=IhK!rtn7`!42@_+5Q~xYUX5o66ZeVMmO=4k$QU41^6k9;mjC0 z3+Z_U5()VAkBfj3X%vpL!Ej_gy!HYJesvimmiWBglEHnkD8`7znb1D%?t1nojp=9)&?sklh;&s#VbnxqR?<$f|8r;G9Ya~EQ=LKPM475Fjl#QwyC71} zXLa6=o03z6J#*1Ub+>wZQ1Okh=^5^OD? zHOBYW9tt%xotx&T1k8_+O_YS=r}1_24}daNUk6eg6nf-yJAo53XU?|>R2Nm3Lg6Kr ze~z%OR^ir3Af$iZ0lkToKloE(wJLB?mjET+%p3?L8TI^KqfeP!rVAJWt_B~k5U08!SR*zc{uWU)X^wL_OJ9 z;1kt)PGENP?OEyG9+q1cv_r8$$|Z7S85NzO$4D7WZaSwsftG7MDb{&gyE^uah2(C4 zLRDeSl8r*^hsFr{X=h&*Mdnhm;TYEwV{Rs;KbQJseOIN9eCB`BRI7Q9k1M;=wcfAr zmtpb(ip7!$r40po*F31LlH6^^ZSSB-gVO1GXJUV6Gg5Nol+O=(c~#y^>G01z6|4-;HW7eqI_xLUCBppvcUQ3uP75_rC>~dF=jfN~2b&aW%}vObAi(VK->aC>S=`|CNgMkXJ5> zYlTR+>mw`1r$@^ujM&^ImJ)A|wJH7n-ATY+7RbFlUJ7Nnn@}l1_oEmUkd^U}I5iAXH`?hXnX11%ttf=Br!JdtyDzJiY0AId2|)w!!r$7A zK`|jtn&an36bJWEvOXzr+V`-*CqJF8c3R2 zv9C_$8ZsbR-z*hxqZxGPZbPxsBxpzcUj>w1+iC9Z1CL8&GMdR3sC-aw6q=#$W7;Y4 zYPDiKimOj+)3^YhP3GjbO{0_pJGR0YKD+jaxn; z*8;~6YAkyvqLc%TV=T=aM$lbnWtk81a9L)$`F^?p;hl#^yX)=?D~E*Z2^l4yZpspR zcni!K3}DdQ7+xN)F4AsS*BYi2=rY;o{x>N>JI%FD8DJyZcOFt=7KQ8Bj1AOP_SbwF zGF)V%^7zvzy9yYi@wUBVliIcvrGnhUC9F_*=fTZZj760sQMpd33Lij{6EO+ z_-^1k3`x)7M=9DLB?<$$qe6G47PUXr1f|D zkb{E4W_lh6rscC*ceD7sUQ~%S6ILv++5+Q(!H2-pyAnt?vy5KWLT^6%;V23eQUAue zG)yc32g>-_Pd{1IYW!{Ow2$U&WQE%Aa#j+^r0;I(QeE;kR4x{wK^E92Zw1y5A!%X$ z(Q!sCr>Uos^0TtC+D785$z73d%4szVZzgjVi>Z><6)g$%A8C{UXm|+TYN5?0s$D?j zfWbe|0+dIn`eDt^T}ORc>1E83e2hO=WjNwW%Ib+JcV1Aq(p07#t*p0nhtdeCf7r-c zj|=M@Ie>kW+gF5)R(C8u1m7f50-}RUh&zTHWl}aFxY#?svqR`HNY!QY;BfQ~vr~|u z5aKQz7LU#(i*;vh7+H&>Cr16sz=#SLM3mkzYLHU~o8Ojj-CqtgIcP7GYZ&E!rmWCr zKBJ(V18_pSHw;%OyJ!T*IRw(dqghQ`n~*&{-Sn#CwI7hXI*uEDn$?&AT4!o|C9L_a zY`IE~&mM!2dU5TT!`LwVK?(4aU9}sU?LD6q3qU;2T}+&z3&1&MSmB4@tp}>;N?RIRUDS4B;eCefN{AAX%C>k8& zM%l-21tBM-Z`?6|#d(+w6{ukIuDe5tVX0EPUU)L1G?i2l+ON3LJ*9`}p;HUv$y&;g zCr$Qau}h-c-_>lvF;a}Bn$Aoz-uR;R&N6?q6HFznljQ%po?@<$(#RdaK>6*5q{U7; zA(qH6Iy}9f>`8)GBrH+iGYTvK0PM7s*^-$|M2A&lR=5h4pgr7AhjBpB<_TJ;&KOT zzY@Hi^HoKo?*y_^?qhF5U_ld6rzP8%OK2uRrHVXIeo~t?qk4tKL^UGRg8avo}nSA&$M|7_X z(q_nF%y{KvJi|T0HJUM|={KEUB9e22iw+-QoyDpovD_LNO6W0OpMP@S0B{9aI%-~C5%q{R-xsA{uI56?f_(3eRB4#HTdLHkX&pX&zX1^P2P4r@jC zz{W05C@B}NX^dp;I4jZ&&bU=&Nz3H#hV^m_-3a}^2}6iNExgwqWezHm7^fKDmcIE@ zJvc9Ni`6b5LC8pm>iE!K$gW8h(9L>jvY*7T3o^h=$VaV)K^-Mc`iiDBue?yzH^l~+ zO!eA%^GZR>xGZwC$3SHb2P7aJ;4T%Spl6A)H-(!orJ+aZBxelI+pPisXbjm=1TA<| zgG|3MQ+|2@UCo`-bGm4yBK1^=ml|{MCI3*uYtLWt89$NEB6u!Arv957txR_7Zpq?* zFtqjw%_IfFD#J|W)B$QN&lEm-R`fbiZy4AJD)Brf94d}5X z#0)}cci#v_6@H~PF?gRj00m`3L6W*R<|$svY0HI^Mr+#S(A0X23XpP3#DMi{DV$jW z;Evxp<|b9NKs^f+zJN;m6s^NV8mh&&6NmR4XTrkF&u)m(1$tWfo9b`bIi}ITU{xqQ zQVBli<#C|l-)q@U$SU$@7QE1^$7M2`Afg{Czw`DoPNXeJp~ZDR}2p(NT}`Ifnt^GFIMOttwM zZ|71ON=aN5LRnolWi!J-bpt?4E_AmS>L`IPqaaO=J=Xv2p7L@&-7voAF&=#(w$$ub zTCf4_CMF;nZ_>eIr(wq?!nF?QnUryaEdx!GOyw*fnx;J$YJo2>h2WWzvC|yIesd2n zUlK=6veLyUl~uiX!M*rdCNWLOL2(zO+0J3g@JG4*N$zz{|h!8dzIt zIh`~X3A#m@CZg4qPMsC1#5(~ zryk@gwx<*MA#2%j(*l(>OBI$>3;t%_#8lNe_)xF(?5MX3DoMdMA(sO1m77_o=;!Uv zq_KH8{Pva#ysyG(MKTwL@zr;E?hzAykDExrXl)cfMD!@mBvJIA$TV1m0-OE&f#k397xPX}v+Zo>cy75@A2T?pi=e628gsK!`m)h2y* z2CY%iNMGN;hC^gdqND4i@%g2PRy#|~uHo})NKJ7YE*%xE^N&G?L6Ymizz90&(zS); zi!vfMFGBjBTz*@xkHLw%m9Ha{T-I&dy9_o%RN7iHuP<_a*{8?4Sn{dPh64I|V+K7dzQXFQIgRe~|geWojyq|<*vXKBsZ&v*V#~qp@9|zs2|Bw=|ci?RRWLpnV zKxF6Y2E%t~>RKq)da&3690uLoO;*0k!nYtH?nW9PynlykzKm|+GtzEpormdkv{{`I z4}jU1?#Wdij#FRfuWNOA-I-n+q0Mg+=xNI-&S0{Qx`E>+$}c81q3<*plkLW*8hjJ z!_zEI&H>(T+{)pq+g&UTl~xU=v9y0+%CcRrGRmA*PFt95XD|NJ9ME6$O;3e2hIUh< z<{Le9d%3Rm5!`YEi5)VI3x|e6e(BKQLP6_s>TollGXZ?@OY6K^iQr_BP0^9oOtR7e zi+Ewmy~V*=X~S+XI<^Y|w|-^6%m(#G`j@9PW*4PX^JK@ej9m8o!ldI(7!$;e(jk=A zCYq}?E@<=lj^&@0sRp2&yX>y$B00YUnX(lE<%wU>Q^U0H-!_`8+HbXlq*n=#z6aK2 zip!D+3AxN1$2)9-gf88eW3?|F zc#V;f@QMRK_gw4rg6r&!(fJijE=HQxaor#xS#PH16}OET6|tcvTJAm}-i5*)VmVwv zvI~c#rRh0SSivLzrKN6*$6;AEm!6j?V!f^R4`;JA4=yzJ?~(RAevrBGDz6l+S~0#o zP+F-%+&;&ive0AJz?Gzm`dEN7cfb{fTMsct)NL)ctAhWw^BNCt=^7f!>DsmuNaWD(& z;6G(*Za1W`Y`-<0Ise^9+z{vM*Cr0t^5@u0s%%t+bYsS^p6Ay}u5!&3FAlwfr)Y;& z$G_y+4_I7+pv@6_EVpB>J^QO`NM{Da=?B^2K;KoMSQO9|8{zkzFKBOwSfDklZDs$= z#;K8QSl~~@MLNvfvGmDLEZOBIg<}M(B0hq_WlNj-JCv)nd|~W}XqPs1mVj?@{pP=! zOf}Nz5To0ZPduwrpgo4la{1_|-OmccGB))i$H)P{CBtDlTAE-81xDJ*nbtDXEbY^=v4-AHA9z|foJf>dWg`Oo|&C~nL*x1PBV443cR zNO)h57ksqLQhvg%S^2g|gpu1BC!B0x&_@R)QJ~tu@erOG!~uW~BXRw-jv>c6x(@Gmp<3+YYV>;4(V zPeC+2|6WJUnZt)Z^sNqyMsnAeK^+`T%>*fyMfCvD@mI(dc@}+W2;XlGdTOn=Ormt; z#(gE4@#?-_Jy-!Zlj4{qFr6Pnw(CKBxJ)3ro9S=O!V7W2G{PqBw zD@!#hlLc-)u+@n|r?xDCl7xb55Wn}1Ez$`k7SjW_w4Wf{YxoO8%*7;R~RsjyLr@l-Erwvaw!;veZp zOR_I}#GMTJG^l{zDAQS&k5r>99MvSWi0-k&HOq0~ zLktM$2*eiAGzMR+m2(QJOAIZZ!!If<)7{H&w7oR=LpRPfXbsm!LzxU#v+CQQ^#BF&|- zY1F-xE|%iwOylkyOjW?uBkw6l*j;D@gurr50ssJ7(1_n2;&I@wCNd)mta>U`Du>Us zJU4}y-!A@_;d=RdcTyK6aCPF;DgLyzm7Op0&k*|)S@#Zo;Bw*Gp`qARrEf&mYP?iy z1OrZf;Z?F{D|8v^;CFAzJP5zRnMA_XkFi_qm7vZXX2s}&mHj|v<%*7p1~Fc6#V&SZ zh;OMDru`2$zXaVE_}Lz(I%uc0N|Yz?@pfL&>&r3H1w!*pLtMoTOTsVbkDG>V%f^U8 zhP1CmSRZKhSkokdAv=ZBg`bx%wIW{b@KM#g0luR#&&|$?z?*ACC2`*}Y7-HW_W>HI zo|TDV?Y`wtN{#x&;%w^kKAuX`+^8L|HkI0fgcV{!0wE(u|Ac%J;g{vKcHl%Jhtoz* zC&kyv!_&O!$BJ8a#h&LQuwy3@_*Ft(=;b#km$`Ez|C4#&80_}Aw`>&Xse1fA^fVj2 z9q>?UYDxMsJ49l}*qO^_+Mo=aCC8i8fyM2ZEV1+! zBqla`*q=@7V}7%)MOggXmedJ4J&nlj5@xVZp%l(Dd7Pf2c4q6S^A<{UZ$Z|_j}cq0 z$0g8IPp~*m*~sePDsQwf@qyO!=ZSc-R`iNy%Ju1Ikd=FhzumhS%{pJ@<*bz_;0vP9 zJiNxJn(WPjIohnZZV_h*{)IU{+Q(v=I}5FF66~7{S?tUX$^0OP4uk1svmHt(hjwU| zJSM1(o{N?+ z<4G&zJc``DPXY*|e78=z;9fWs1~p(8=bf7G1k*$fJL1O}-KzTxH(ijiCLMCUg)sUucp5UyBA-9{#u&sAr=)nf9WXK+rzu8j@E?BQyurWGXw+ zG*Th4S2@4Zj1>SaK+?Z;j^=Szuuw~GYQ4G~T$ULL(WoeoeT|JDmmnM|A?f=;d0MNL zYMD!mnt=W1lV-^qr@8z04O7|2p~FBweUTkG(0RA2Tc}Hhxt48jkb+5KB54Ic2S1@> zTT*b4s;Z&}(rI1^5NekLK8LDhz)U{B%Dhayr0=VHTIQ&k^h0Bwue8WaGN8X-snj%j zK(6!AVAqzKuxX_X#ZopGXX#}yk40>zyDGDl=aTI|eExnP@kSU*!d>ZPCal)>#-?IQs@Cd;y@9hs5$8jGj=DPp@r%gg1E zmKS$#QW+Z(w6P>4EzPM2ep{Icu%1!~4g1R|{B;$1+9+#>scFb!InJs(THe`OgsGqE-{y`5ftL(07T3-KrAGJfgUQp9NzSa&z9t;4&a5Y(2BA5Tb%7U^ zH!nt*rtt=tE$Qu>DmFzEGfe;wrpWa^re~*Lc;Q#ru!z{ch_Jqp2m5o-qUqf6ThV## zJ+QWZ>DO56y+JShp=s~U$w95jUoFY}>za>)@>q+m0SAF&N+1tI6&?VTz! zHgNOqs4`tWC9`$RF7E(-UFbKTM)xS~JEYT<#-j(noFZ~m2#*()$Qx+l9fmsy5jJF} z9M^D__>{#elx+@2#Hk+FysH_8wPzwMW))UHQ0FQdhILkO=?k+y67%G@tx+RL+tQIQ zFvqTZE=$`;r2+k(M$Vm0 zEk7Z^y`FRUy~BDWNmuZmi`uPt>b}o;OopesVTd$ld89L$Urzx&xQuTw-P4&Ur>WnK z1xXv4BTbP0Hb;C~tU4l8?!DsxWmvgXlHN!L5(iun*>efsYLzIeVLI$9Vd!*(Y^m;@UYv*--DF#t&u9s1CJ(7TjY2N8PS@x3c?cYNC=(mx|J}jL<6vE;4 zEb}Hw`8ID!RIH=XP}7Ti;hBlQf6!p>Hh_Kv+GVuDu&(Iguv(JnpYCEHMxln(7$Kc} zgY|qLl3wLuWs}DlC>cqiU37t@dSz+kLNY^u@zZG@#faO*f^4l+^jfa~zSYYF#6Ce# zktP$Z(Tx?y+huTaNARNv#0nxNGVZy3RYG<}m=oEw*3qdGzif>P5TkvG&Vr?l!s z%16ikFCyJKD9+}I7EW-21$PM^++BhMcY^x@i!AO=aQEPr5Fo)>+}%Cs;=Tk}Jd4Za z{oU`YTlM@kHPuf~_c^C~rn-RRhrXFt24_j-_IK5LJLhy~lt43|#-&F#Z|%T1PTrBv zsf}v*VX#Y;zOSIiqEXb|avF3M;|+NcdEN1?F|%Fo?Q?-zII&b8N5NyMXMRV`$L)%GlT<9Z@#uZ)cPUi z#pTe{y5OQQ23*s+ltjsstjdIba49(A+YqaSfl%C2gt;(G7c%4B85m3z4=?@$U7A#) zyJdKZjKYhp^MY9b1s7&rO$RUmkc@vERC4|m(O=hytmo>z+~Lq9O^c}?nI-Ew>qAHy zc-{;%Irx;mAuxZ6R$WF~Un2BLLV)bhc)(EN|D&<~{(e}QGiEEIq~_+%xMfzt9zQ5t zD$ony5wb$CE?uaO7fLuN#MsmbM#0=@ zUQY>gT|-~KSn5lRZFs4D)21dpAYtrufzZJ|;7aK4AB!VwMCRT77>?~l1b*zBIyd~~ zO1)oDm80{Ci!t!puHWalWtc2ZQcU)iD2;F0Qm*Ze9CE^Mip`*(W_4$@ya=OQ^eH|l z7G4JBbq;p?z~;VjM@~FgMtVL zMx=8GsQrgA9@gtl{o|zK5i(9FvXF@xwiy<5P~kC?`%edI#c7_FSzb|=MwTtWosa7K znB!LUN0w@pue^ru>o37~_GUFKNC!<)ka`!lr9*B%lOR4_A0cuV_v*Up-w0Rp`tx9r zxHoR~(6+-L9a!pg)aY0t6nN(})fI~6l~I403g}J=>Rn&ij9I2r5a@E7a0F~^jA^a zYYu9ZgtG?~Jr1~%X4v7lev*Wz>9u)6^rk!X-T>jEkueW|{;sSejPigBV* za{o@i$8ww%@k_(3oGBw$KKrYnyq9x}I_piTKGS5zKu4tD8(0UVD^;dBcH)w!zlGqEI83^0jY2=t4TrYny6oe zdRgY0aG3qjUcqqayl261@8QvIA$es$>ptGB$H<>Tv_CXDLs53;$t=%8A* zKzQ0FOPXwBy~O44Sh)4(fPKh??QZplmhzf(#bGOF*M+A170|A`kt)}P^fAb~OfL1& za5;70Kt4R1nHg#;NU|%avMUfjcbb(MyriMVq8L=8;u)6TN;Fz4EP+$w84wPXTC>9AjlbXM9c6eFXxHa{BK0TlStl(q_}wC0gqS zHLBn>(lEres$$HC9Ix84;HTcpEgOyMdA)ZV^zK=t2q|=#&+Mxsz*9F{N|XMe$a&!i zsdWxYSHWA^sx9Hy4&9U?&AVatJvqzJq1NZA3fXRGz9p=#i75jfT5sm~4;Y>+hQ82R zl&?t89($p`;-zEPr!mG58~iR-HvgSOpq5?EgMXM}7^wRq6}^vN}jnj}S-9PEj+vP(R*y;+n zcDy(dG33!j(P3*zIa!X5O+AiAMr%r1o5X3Jv*SU&LBlF|3;C%Qls0#XEI%pgf;kcO z&Xj@4=og}*yo=Dc}8SC8crf}W325@OS00LDYlbCCh`J2EPIm6(D# zU=E>uOGkO@zBId)PJSgP<0B61zW-AZAE`X+>bXql1Jx^URuL|AcyE3h)@FuQcr(;j zk7#dlVN4x(PZ9NFt}#8GTX9chtWuyqt%G5$&m7rYi==ww;NboSmwqnt{W$y+`Z~|w z`l5rom1b-i5v-`rYA>^n7qJX?q`Y>TNw0*D-4sUCTL~QbFm%oH!Bw??)eA(c9(Y`7 zu&~t8g1DS_l*wS}HR1G;+}W~;4Hi}e{enNZ4_0z^P(uyc;TUJbvB`ZNFzE)LfaD&I zEl&{-$HQvO@dFXtldiu1KA}8xsoP)T00ge9-0`koj3oMSjfA@SlmrPE(TFx0;-3n( z^Mz8@l(Qi`80+d2sk5OZj2|O-`*O?r9jn7=Bxh|<95>CAwPXDvSI0f=Q^fyLkwY-u zBEHXx$I7*l;+X~=aDHE4cEA4}yfa9Xdke$)hI7fy(llcqH5c!y!;8hHPdGwT_ux;Y zy48bO%Wi_j*xgV4+PzzTn_ijxRmJ+OF+2&s^r@KR9^9H9CW=`vRB>ZjhbBH=wq$Qk zlHcPet>aIq`=bQ2;h`t~y#D>Bo8hpe0qpD~hlux36nZ&M6XDN}U{&kt^_v1vTG6}3 z!5P}qWvCr6b+1YTO@A3PYi%}twtDtB=X&iGA6+pu525OZ{hI+UDf^R4GleaTZxK1J zAs$Tk!M@a!7WkDwy3+9_0o1@QA~MLoka0@Y!t-M1;@mFHjel5AG3`N?t9s8-ffVvz z0vCr}KU;V&^)yAHtCXyomf$?kEbXsv{E&35sbJzjdD5n@4&gw#gDYUYCwyP|Hn{~g z9+P%GqUlBjEFW-fhDg={f72o#kA@`LD~V&ScbyaPm#WMD%$RPjtOi5Z+=aUArq2#VVB1& zY_XYXAKqRYv_+%k!gG5ZBYsaO!9{x?T?sVK(5{&Bj@An4)*rDPf;M&*3lHz#NaKvu z0`I8FcL!ET{(+bIHa|ROS?yA<(aBwZUEQ@l8?c`qD0Tjp*`2a+ue$kr6LQV|a;5v? zL;JVq`=fz&X^i8vLUSi#Tw(U6{-)ls4b{EeQ#Q8Q+zaF{aI&6c?|^RM2MbMfU%~Fz z=C^O1qB48&<9cE~e;>yQMs#+U-rkWvwLL}&c7W==v`Iq7mf*a?(GSW(kIJS;D1Jb^+G<%?rJpRDgBu=+} zjSahYfZQ9tW;@nxr}w*_L!8u8GSZlTOQ`=CBi2^I8<%M#0^BggA&4g6(6NCkR z;en?|u1mubz80%=dDqJuDW})*m#;#xbH|6#HKQjnQZ?~tCk;m@1{{1-e^pJ~4+;3Z zwBZj}ba70&ag0P^^&KQDV7TX#8nyDsK<7Y%L`L4vep|K97d~1PfB2xjE9T*RI23Jp8O@M_lQgPdWTQv#J>1(9We`#GIcAGU;ZRX_o|CsJ;%-^ zzMm?1Ay*u2YX-4ST#;edEv)}hI#TX#!2K=jllp#F_9^NFAlYOK95i<`;TH+)qd1`{ z*yuQW@VB{;4SB=CJ5RTWgzbQUDi9(=%^9Uyh)w|~AMXhA{flqIpIaw@${KA2RDO!! zGq3?sz-VSa7dG`Aub(a^T*fGOlDD%=e_7^fxjJ(2r4}^xcPmBMD(Fz8Zi$SoB-I$g zW`?4C(Pj!4G_N31->P2eNQkfm1S9>VNLs%v$jlb@st5heZVj1S>wyBk33}0YZ8QCR zR=Lr(P8q)Dl<`a+Hk}G^cPZ1U-gG8&!6B>{tUY`!Em#f+5yKj)PmLmTHcM?mydt_u zF%OgGfeyh-Gj4$n&Y2Y}1tE@SJzm)9>Pu>C&N&0CKiO_`PKTd4&&CF6h_#1hlV+Y_ z8!FDIH}-Nws%-yD6Y#0sG9dBaB4=ceN%uupTLn&D1V&NfAk@coV%^cG{w(8WY5t4x zWBd-85v^tIM}13ncXG}b%bLs^sCiQ72VId9=K+hATjFY5z%@!!Ct|Mn_N5?Lcy`NX(_rv z9C39cWZ!LtqUI7{d&DVLXxqC)(F=RIyoNQ_NH{f3!vA|R0*#D(e`{T1?)5u|S8HJf z{R0N1{4-HYg@7+l)tcVklurH#fVF*XaxcXFF}odEmD1&Qh0UQf@^V1DBC92!rVCrQ zE9wpgQ>pG12dAO9BoS!~)IK1n$^NSjW>;haMXO8sQzs#p?8lb7?X}02 z<(ku+H~T#~`=H(S+4TZV3D@ISIaTk_b#i#R2ie2L7$&sN_RElbjuERvnwsOJc468E zVsi^cF$+6b{af>#k;X4BEw#?7PvLXDDl{0AWC4uH`6qph8bS;IRa_v{FYkkhVW7|1HDV{L>8 z%OMVxNZFuEjd^$6KCE%a_M(M;oN$={_(#CUO1`?3$WIeI*dk8R`{dG~gSdJWvR)p- zkDIqYIW}X~awI6hcGOU2V%dM+BmBjf(tmANr-=P5T)<0;w`HuYOvaPZ`FQ!elGAM_ zyte|iKunzt>n?_L)%OPJ-33#;sgJlD!_o9Z8`)CzKHxMYF4&VHh%`BP<6wab((s|j zAkg$g>Vw^dnOD$$z_aaYA*D*uvBp6+7Q;pG^TKq@+g|VH=jU71s;ggt!js(m5Xo&+ z&v+3|Wamf+1F=oXKUe`DS&%7jw*%ic-)1Y@tf5+4kohEUIisTQelr+88FD7CW0Z4K zBnh3h90g*f@-@51x8SgZnJ#`Nyph5a5NgyKYr(PGleXN@Mb{(=1XiGzH689nVAPzLwOW1rg;$qp`sP=SiByrYT{&>8lNaI9CL!JG4o zviY!|LcjU9MlD%84Q%@=A?#)Me>YO0aQRU??HxnbBH23bNfKTDTo_y~3pGfB?Oxt0 zf=D(wDw1%w7a?DO`*^Wgzt3L?O+;bfZ$Z=|H9a7DIqs*Tg0uN>u71!seo+zg7pkV} zm~8@nW!7Q@@(XEfEebnS4_YTjc_@5Lnq1NiDZiY_a_70iMD&Rv-iF}vbwUb zzZpT6Su~wEB{*a>3^PGRr*ci6=?X)_R;u%nsbdK>IB$@}b7io6K>tb~bjY|%^7c^> zAc|ID`h-$*IbIiI{Sb+)=L#}f+5FOto}+Gx^zOJPkLGVh);sZePtjCc8^z7o(JfeF z?|W{_aIk(RQ>SPO`@4>zgA8o>-1{Cv9ci)wK(;;`i?qyukp?y#OSwA!Fu9R7CJVc7 z#}#mqB@}fa6~bRlwvknfo~no}9X*3KNk5kq52azXW#LWCZE@nrKCxm$J#ZO7R!-%- zXg%na$HrR;PL3X|9%IKGZIDalY4P#gi(In)&R3&=*~@mNH&k3|H42Ng@EVp!{=t2u zaEb$T@Ji3D+bv&D^3XgL(0vT2(M3RZwJlt59Ho*YX|zyS=lbT91w>Wz)IhFg#x3V& zAnpIaV6nTCnoc4xuMezD`vDO89qpG2*ME*Q#)DsT;1;4PM!EbQO0`@>3ISH+vuV1H zZh#`3HA?srh412s%&}O%OJlHjg&`-_axu_;W50+$`!1F<48u!lQ!j(42b$R^_lE9&I~7;xu? zppL1w@))?{O&CRK*;3N2gt~W3WntMpe84#oRWRS82@y0|nxC`1@T!&bW#I_5e`l;o zPM@+t*eHePN2vJOk@>+3oyvdYN-hDJuwKd#yA%^LQHL0)QyT%z=zr#anV@-h(q~*+ z3Bg=EW5&=9Rj0U&Ug{*EyQaaFZ?pQ&j(e!O=7pB|gB3ORFm^F{C`JeSx$`FzWqGE7 znj9$kzegNbzhq{#0WCm&wRP*F(+JQ2JSNBS1Lf8tUQw$uJT`tN^xfP{Xl#pl$j^@| z==EP3RM7u_-|6eilOZ|#y%wiCrb4@XBV>mq>O5*;^yTDt5^)j=Ti4A0;oU$R&Agf_ z+cr82Ym%)3mWv=v*lY}`M8lFQadHuH2>r3k-yyfhgmL@STJ6ArZu$!QwlE|Vr8@nz zV%AW-SJ$yT2F8e=ID+0-Wr$~lAr(gU~O zO(s_!+VH~}zuU1IhtAo^B4e2AEQu`5f2u5{$HK4hrvkSr5A2xgC}glxOgDiiSyE#& zX+Xu9qVGtvrSKL^TuH*M^IcP*J~+6)dQXH|YKIJ>kO@W!GL?sKi1!;ANe7FNF}`H&$ea=SUQR&#VM8 z7%X@)WS=u)+iB1XT$0Z@Bot&1WB-2F0=U+&FsS+sODK$en|gk7tb&zz4r(OpdNR6G z51TNrG6KCCOS(1BORs27GaVUo}pLrjGq}@Rp}ZOX5FnKr~;z=`P3CN zxvL^mawRm+bh_e8_wh0W=TxU~PPm?Vx=F%G{L53dv-u6^d5;s;*fmuHjfcH8 z^6#k*=o!pYkIWIS4!-YU&qlodmOa}>v2sS2h4`@KHO3BQ)Kz}{Y<#)jI>BSwy?8T+ zbtfs9koLEMYD_4HV4#yZ@35Uz$yI;{Qp6CKU|n494-=O!60fV(!owGF!UFw^Uip?E zDt}ZM6ZE$x*#fryVugO{uZeiS3vKpb~3+^ z^L?I|wfwB55#+f#LN(JpYE;%$>hd*CaM3NUDb_Bzm36N-bbMhuVb9A+cx}LbWWb)e zWjs!>ma|8()Ajk5kqax`F|0Y>=eyNaX~K(&pfh5wpuiKW$urb4WCwRc&g(*;0kyJ? z*nSbR58Z3;tO9%_P=|fS8eUxg6Iq01d}_0TBH)Oa+oZX{hXs!r)fM}LB~Z-;w=NFb z!CG@>SrV-Ep<5r`bi(SGd^~DQ5&wP`qPr@;pK`>CFlii)YzrlrH}_PG5K=Jt1Y;dO zFjwKN9H4aq@LK_J1;^uiUlFw$vOx7>p9k@Nq)uWN?I1A38J!R4X%7DlqsU;6M4Uk6(73f5*@{tQa|;<&FD^58gkvxAt|>Mf5KP2YYnAv zt{@N#*K>^=f=Hvagw&UfMeJ@^!|zI1K@)?hw&F?JkWZO8XFc8L)*7>r9J4TEU@EHu zkMUn*&a_+#5WlJwr(@uAcBs#k&u$Kx%oSK?a;7tx=mBgM^qj2xznq}CRB*0| z_2sG>oqgeIMQEqysgt@AsP&!8xZ86qj*AtnZIrj?+(B{JfCw&nHqpjT=6gAkWpuL{ zl!=uz@1r43k{w;Zc_f+^II%oo`~__{v{Z*A#E7(U2l$`bA%`*0hXV zf}T9X4gOnybX4XiG@jC&NKn;qP+B2_<%^UQP}cq1k&^9QkwUJ1v1%poot|$B-vZOA zV2%RDE)i%e=*4ier<#+Fe8kw7{O*CBVMPG8r^^J2Z2H;>BX{9G*jMEpPM@Iiv8s8G zJW5gf%fU_1WQ*;9z#YGW0l%W8z9S1E&5;}NbY*g_>AJ|#*!A~Pdp0>_!cJQh{=Ylv zK)Z-5Zv!$cV)N@{UQ_TeMPhq;J^5GhLoMay^Rf^iG>a}B=l|Ybfll89-T!ygi3r!Q z<#?6vi49#LCWY7CsO}r1)fbV|j#<$79s70iztkA%OMB8T+`qmffErj(q~I)LEc8+t z)zQe2w-hZ#EdNh$kWYmzw#(NimRou$Ru`|MkMa?1S^@`=}f*P?3_tE zB#zN7yaL?D%OUPdWf&kMrJ1w(OXDJ2SD!#rR zH=iBcgls~3qW}_%=66=q>%VBm5^eofX05FEefdZ~l+h9!p$Dh)=&m#iaoyk8xBNY7 z?-q8erVcJvoipOWGfNd@)^1Oi3VWm9qulU&%VqSe7}~#7s`e)*l60hKGye z_tK2W_~kfKfV7!igq#EV&+@sKLOaS&x!fa?ig_J>ER|cPC>T*4D%WNtGL{?D+ye4$ zOE}hCNx`&AgoA60sVt#9Zc_g-7@uk)VaFc!w*1mfR|{XjeI+N*V8V6Zy-KZRbEH72 zRiaH0&3!A#HClMLcTGj_zX<+sV&7?($eqV4L3@yynfVoj==HCB=P%)ymD5}X6ELu- zQ@LoCdM*@I(vlW?|0xrf`S}lp8*wek!@y3AIrp&0A%mE~nafBV&ckOd;G{8x?FQcA zAb}Kv!;BAsj^=ZWVm{=9gOlVCP?rM#tEPAbk_>P=|9;jUhqM{s3{%Fo#H(xk?DN4B zoK;=Zu-Vzzsa`*UuF#0@-i*}b#xFsK|oQQ@P*&)2#@J(t9m7GxlW4gVUXWVWu=EP;b~V%&<-(| zZ(C}GIgy_b{Rc`8i8sIN3ZT(1v!v--^_Tl{>!0nIR3d5JPsK)@GT%T+Lt;K3_6 zpWXU@LvJ);!M4-0I2`G2!Tk$szwdN7WH4`z*u96NdI4D?^5Ooq{#T0$)C4ct&Kg-Eaxj{3 z{qoe3wM)B~SN)dhtcQ$@$LiAsqmV6mnf?A(T69PbzV{&GA1|!gq5JV-u&?o{^=!{* z>w}AwHVQ?2LLI>2H?|P9ZZVmFC9KKqXI-JAaavwIzqw@Tg37gr{gW$CE;x9>xQk(>A>H_Txgf-`<{Xd+Gcm3rUqRH8|01ykNYp-F z8qE9orV>U-PlL)%%#>-g>wrJ5^?&isM8vBdxKqHEBTO!sh4{;rF%j7!fd@a68^x+B zh8!}0jPCUKAJrgpvX(}TX#HcReg@>^!zF6*RSJlXs`6yD7mrH8(?3ngl@Por-^Ps3VA~WB zxjy=c2hVTLyVii0SiYe)-Jp6*gwzg=CM?SwWg#f(#W8Oj+FuL+Y|GWx8tb2(u85)> z&~HRH$d=tWI6V?bwZD_h6Y(CpvZtS_8M|wl6K9Icw42w>J(j$waa@YqoZ)FG5Wdnt~W7@_~cr*j|yg{e}W-@`>_oR{BHplQ8_4pOrR|yeQ`FjM>QL_bo z<^N<2Q_|7a{Uci|(BxA4oqt7+1~%&UWL zk(bP?sBUeSkkz~XX+4jSIZ5;91oEP0b*p`qbv+WAM}%&~I# z2(6_e%8(i0y=@4@>Fp?zk z^Ru3%7rFbhF5@$E_&kmM;?fCLjKX)>-RV5XS!%zEeRGk7i@r0yd3EFWeEyVqakF~1 z5g92I7>nO_a4td>zk~sL<0@N!_eXuZCc%v3abAS8m^puVFY&^DHjsYH!=lb^00)Kx zmh=6mnGo5?bs*K(<-`iRC;t_Q$Xh{v*BbS}2bZ#%FNE`}`QtTrvN%6H?mB3Jwv(~t*Gk1^=KmMCk+4zFbU&&`v$lAo)^CTYYpH=YkCHt z!R|3K0}-z(+Rc;Yf5FuA#QW;$X486yM$LDCT;p-zvKrF7N7=wQ&d#&ym7i$T@2Kgy zCg6h-sHI3*e}qUZcQ3yZ&XfiwKMqZPuMMO(lx-Uq3@hsaX$>B4<$1bBsl@3DSeSI3jg+d=0LOh*7rtKv!?a>;W3oa7x^LF$jgMeQ?zL2!ui& zC8P5+X}cm=E6oSz#ecv@4Ks&A{~JM;vTQfL_Q~KJQrheh?gEIVN?hm-OzuKQD0VXd4tIrCx7x)i%BTTb=$2kBCT&mw@TG<-|dr*iE+9$qQ5L=9u>KS z!t*d$zd*ICi{9ZNrI5UFQ$l@_@J@M<_^#F_fTd-(PoV?#Tm%@(rnuf7#3GI3?L4de z6J_^e2f?f_t{)MDI1mFhkVCR#5TZUw(ytTD`|TQQB9jNTKko=h4aKv0>AtQ#JYSMj zWepQ}cPSv?P#L^MVIj=IWCl!DjdJ98>H{873~%ijW7eUAEl7YsLh)owMkf?Pl&-ODR3M^`5d4m++GTM`h@`j^CRJ&J4cU+5u7zW)c8w;%*12~x z3(chy_#$z->JAN(5qi#RXPAUG$1zZYBjUOveu`tr`$w!lx_mN^?+Ldv0!LJR;f3rH zFuBzI8nIPVzb0eyj~Rb4tqTC_-N$t%kf(6B*1dGj&IpIzaocv=@!=!7Q<`^v?t%4o zMx}MDI6spy1@}=|aPL$Gb7{c^E$udYR#$Ky3c20v>5l{O)974X^jm~fu+~fG2xE?I zb(!RMtcGPDI?mwPf#)Hj!s3NPaS@!{T*Y63v%sIl7qqG+Cu=?pnvh7%LH#^)fkgn z8=jzvfkaf<<@BKa(x!*18=nL9Ed!8aB$cB{h99jQ>BWbv|KHokN1fD5yYBt!rg`OvF#k5!^V|r-geYdhnYw)g;sUz)4%lZ zS~;4XE^lntW>G(92KH%csL=luNR2_Fi*z@(^5Z2L%#~ot4Rds(yAEI1bw~7HGA(ED zUkPrEw8AOON)o-cA^bNRKGeFACa@M`V{2jeDkmhfj_T1@18m1)ssG}A56boKQ0v(zHI*+E`U|?Vg@ea z6mHF*6oK^Ca0C-=rwiN4sH|HhOxpr9o_-ze1ojgsIG?;r+*XF$EhQM`6(5(kU9aj1 zy6HrqRScZbA@v<2y3_0oyeEj(>u$T)ym?Qz*k-H_96E<4A9{J8x|h0B2|eAL{S_}V ze1XRO9X#tAE_v2OB|{5-2}J9Dysl5f7TFNqye*b#64{(-#X6`V&fh)ol`+4Ky^2=Z z1XG)-1-sryqDSnFC#GXx=V#5{P^rN^20xERc46C(Xft3_H+`96%qyP@VBjV6#d!b# zOXe0KpRWvt8rE$nf1YTzw~{Ur0L7v8h%algHps9+gZ|m~Hn?Zo=5Zby043@y>I~mQ znK+)#Wu?F~3sME1D_neYf6qE|N2yXAS|H06w3mnu8kh(Bxb8SvfbHq%pO;qIG}JmK z&)r@G)+-bqDEJjwA)6=D5tYVXXvr+@-G<0{O%`=l(luD{D@Rp9x5i4?$dJj_$@8@K zQlRc2C6hN{aKDfH9iE`xmar|^&gTlCTlZi=-+uNGfMbe;NZS?Vf(jd|5Zn^q#n<%o zX9)w5U{IlZan*5&}{cr|1*HW-2^5zsaRFA~>M`n*1 z3;~j?GHgPsDqUCbe3p;u<1PGm&7IxS?z5%@h*uJBo&%If8eKDHgu|B&#J9FV#qM4| z{+V;S);GJ;9W0^CKKid+y`wuhYuFShQb1CFl)d1bTTxuhJVS~i}61iJ2 zbGzvJh#Qx>VVGUws?fLw1|YK5rEb4IZlQ19?D36GpiChF$(ZntxkahlDVN8c@s4<& zIO*XD=(qMAkawZE#&Jy+o_EDZTzk-Yd&xgknS?DOlV=2TnTp+|04z8=9H9C0npi>R zHu~dOwfv2ntUp^(u&_Y`pj=sX_1#fv!rljUd{b;hYVb+pJk9uwD+u||EMYfTw+%M; z0dJh9v<*?*@#E~=Z%v!`%ieBSW9~QF>?s}vUovZ~WmOJdR8{p0Pw7QimB${Pi_eA~(fJ%*mAHQ-kwgkmYK04k zn_X#0A8vcPMsu@G$;7IrZhXJ_I80_C^|1Z+=0gOZhO~EDph5}>c@KpaQbzsYkN)xt z$_atTI^nt8{uu4Tf5g`G?sBtSi5dbe3{bTYoS6U`+_K&R9Qq7~>?Dt|=Rd+dwpRfa+FIet$n?$SA=S|s8Dc52IVxng* zHYSz(_gseBLkRROpo95FJ{jlCI@VqaBsDhX@ROGF_E1NOf~$M&QM?M2FL6 zBU$M4c%Nk?sf6>q(VN3RcT~H47*;p28DIJg7+v7Ro@-NE7<0sO*E-nvy3#kywEh*H2=vlmwFL}8}|pRbW?_*EO$4K?33%2ml( zL(LpMKgTQ;jW7R7D)Ah1w06H^oI7AeA8~#}@lHrHbUGN@Uz5SXuEUo)RRuJauM{>JKxtG+O%Xw_~O56F8J>g>(o~a!o2$E)a2~1MSDr%V3j;bG(j=&2+Q)mq;WQHB|FUFn)}KnbmblP>a5v6 zD|qN4a96~YW5ep!3VVcf3*cl?!|~1JaPkX5p$iCV{<+HVef_zxSIE*B#!3Msr8fsk zDyGMxR4Do;;Oj`CCzW`1s?_?o@Pm>JMqbdzrmu6&vqQk7g;kQ~;*8u#y?W<-Q&@J~ zbt|HcJc?=f=ewAaF48Q_R#qlUXtH@KsFM|Y`B(NXK}VHd57L>wI9kDh4GX7=fB#NI zns_=jm9&Un%nJN#T#_2mT@ciLTq}Rs>is?aKlE-QS<)1i)|BDau1wtT;g>! z&_48`A#YYC+PlE8uIA;q@6D+PhNR89k5Ov5T=#w(dAg1)fInTpK)CmL= z4q-L?8mtRC1Q_{an@N+j4t*UVX+I+uOeS7bIfW`=UKaZ%np!8cCVRh0 zpHhwgOq6AY+}X>=j5*~YsL{1|*)Q7D$eKJl*9?hV6ag>CS?_)ImCm5-ul7hV`Z&jU zP0<`v#v@w5s=O_f!2ixFb&6Ui$f$&ht6xi0jp4Dvx4*fltNd7}eP(XmppKrM~iu5Pm=i1XZ!@`RjCJSN; zpXztavQtum<)C9Sdn?gAKbYMyqOw+b7vJaIPbVq`O3$0DAj)+XLILkGyN`-L)jqA@+rQNuEQiqbmYUXD!{YXb~N!_-s z+4qQ!%F3gAjUPS+;ZnohznnyH()}qf0ChaD=(&<3drmTGJ1OwqOez`!0G+gGM?0dq zPZCfN@`xoVoofe|%7h>pp{lS?Ufl)Ba++)mxG$7Xk)=(+eVm@Gq$`=C=!x-aOGEQ* zu8w?VGip?JDQSCnCE>Bv2$?%iDOKQbq*Kkrz=sFH^`ENHNc+28O0&Iyg9|hP8l{2* z`;Xc>^?oD0MVHMt`j3XrDZq=~FNT5x;OeYWiuQOvpY@$Os9 z4z($-FRr`MbNcph9e%q|Lj9Rv`0WLEE#2d7PHXySY$sLRzN&>=imm* z*@pP$N)1<6JIZM7!Y0Rk7HMZE)ADfV`)0ovuxmwdT+0IW^Nwr9X7GV)h2%umUQ(jI zwR<$@xG}5MRL-Z>eZJ0d>P-})M|dO_B+Ed|HqUy4a-_AG&>z z^fd~+!+P1r5Hfr0y(kO{psu=GPcrjMotBK_+T$eXPzkt9Dtx-d*E}F}nnHEgKYBcn zZ>(*L6sU#d&l%j!;X6K^q+icfd%Bj^I)`6)(o#{^GEE|cOEqc6QG)u4BoZIUt{~NZ5x{#e;S=GlJe@OeuQb_<&Z3cvgGn zRJxQOY{LeCB@!`3T%ttenAs-^kwteW21>3dEg;455<57LOtGfL}GE5r-Z$o-`~ zLO_8#+~HcM(!1l2Ko{?;P6u27wV=hg%#`n0e8vqiL%5OF5t{v#GXt|H(l1*-aQ&Cs zIEHXwIpJ+^a*MfxWXAWbssUgud;7XugjqS%Q~=tWp;EMVwKmB=h9*B|xNmkPkNB6Z52hTZ7FMz=bPm7+}d-fFwJe$tCqQQ&HZ0v??s2)`NWG zw2W$bdjd~K{@R05@ftC^(IOv|BT#yoO1jh_TLr{9LU11Wd07?TEpXm<36L_6X1MJG!IR^_F9vWP|L?8ZS@=6{h} z{S&7&uq0~T;s)eYrB~&cUEWKlj_wHlqWhX;2HJJ+VE)V>;fA*v`SOz(AuSPqdRT>Ez6x#>mUfdY@a@p1XYQ@PtsLaRW z53F=6d5f#@*{=DHHkmH!8_e`$RYj`lM3KiFQ))!RG1({*S(2|1r~F2P2zNowCqN4I z99~K5I%3p^aa#G`Hp0pubgmNg!we15IA+bKr6-_>Zhw*H$3>+w2eDejU6@f;lbdFe z_r+%GQLx=8MQ%c5TK9nq*-enb9m3K(u#fT2_m>wDUk@)6YqN#fXZ29YaBUJ*N-@e- z%wz-b>DRJ1g9ZJGYU+I5ac1XaJWcwl&-`+5(U|uBmdz3l{U4^=G9ZqiSsP6P!QI^< z!Ce+u++Bh@Ebb88-QC^Y7x$n+gUbdB?htHoxOtC!_xzcX>8g6Vs=9in7amR8qE~B5s(FQ>tg@XW(-IV9GZ=&?*ipCT{ev^U2!(C3QWYu6m{#33(yD+w~bJ;!V?w%g~T@|&+2(1 zLco<~aNs-T9?Z7LVdPnmxHWVYZm^03x544qT4bV#rx*?w9D#^&mId4OuN{WYrL0uy z|D2nMiT?5V!BWcfU4nZ$EA?0h2EI&v+0@LnQkMjCJ!|&(Fvr43p}DFv*Kn+8TI9j} z&U#KNmh%AIt>>LR(sB%-NaY4l<3qWyc*rruF43)5CycTI=z7oJs=FP(;V#72dLPek z*3%Os0vQ{#qlcznF@vms8I2Mdv5E^R|Il%3%i;=B==TWSQY*karbe_xAl6yrJ{eG+ z)63R*jzKV2{3R0tL{6Hv{ZoiX@|Sd8yZl6mMh9M~+DjlBOycxr&urOisc-6(KA9f|@+Au) zz9PORYL3b$ZrYhgk=E!WVX0y9OvPoEs3fIDwWbO^4rr{D9h`IPz6llAQPw;x8B`yA zkUn8ePE&bPN)axox>i<)AL>fz)x&_(=fCh;f^G0v4@99z2CdgDDx0;~Wk5RuDxiJg zyqzOEFvW|N@ev%If3DOKmNg2@#!l&M47coyXVX>47TJ;DIGm+u0x1`>Qialb01-@@ z^i!7qlLAB8<{n(-#A(}A3~(>m@UtkVVo!G&KswfXcWR!=P;urX0D3u1DIgB7X^%Ed zIF{=ZV|^~ck^!f4iqB^TJ>HdP_rrvkMI7oXFs@{;c}9Ed(B7G-}+KglqTF z%!StupoCUpGiWaT)o-rG$6#cX#WA-~`jp+~^4(QCEAU~W6z`0pPeV^ITpHcKvtv}mM7IZ|tC9j#%bxa3hItuPc@ ztIH4d8$8P+m?xD3IDPP_a#mK0bkCY#_8Rj_8-1E9w5)O9~ zO#3gu%T{iM8~X?Vc2Ss!X3kZd3|--7{qcN8642c|fHodt9XNrq7Ral=R_ELZJ<5R&CXisxZ{BWxg(rpUu6RuAuF zx~;P}BH&E1(DM3AdIG{$$M%^iOZ^B(PB2hOTLW@sI~-}LbRzR`gKCtv8j~i{MOGmN zzC;q8`O8jeOP>c#r2C20?iEiW2Bk6>6Qb*njeVu5soEz}kp9<%ykAo-T*lg=@d(sE zQGXJwSUJWzG1)#VrKt-%UQaV*q#ImO{Es?kP%Qqt}xAA!mVdlxL)hF(g?M z#9;lEJB4CV=se9Cr6MY^gDcez3W#+s%*olzx-ZnT(6-|fcPm#7UPfXs(0On6+^g@R ztW8k2KX3x}*7EK97s{5<$!N}YRjqG0frdY3kO7wMXNIoaVhNRxpUv|{iaz>s#kokG z^}7?2U1TDk-T>M!zo*5_C^+e*>>AJo_U}jhY(=JeS3CMi{l&+UysppxaA1p!v)(Zd z`{DJAWa!P7BbCGp`jblQr@^g&D}$H2{X;UQH%I~=vl7TlBIZtCdEh? zi?T+UYm>fZT~XRg(Ea zM~VtT(#RC(TxsxQvjA)qyMFSoOBySjfa?$2K^sDUrL?OY@-HuR1icZ9;>u=G4>4-K z{hBUl{KeLv^y5T`oqVF6XQv$ zs;!cnQmdI4WHeMcFKs`JNrxS&Q8wYz)7=>k{ZAOu<)0;9Hbt+&%y-{^^?sh!0(Zrz zL>e&s?M5J8FbI`UDKjwk_vrBx3aXTg9svZ_$c&Z^I#SWNYNM9tAi!KDzN0=Uh9a*b zGLZru2o(lj9fIj3H|f=tq#KA)o6Eg;i`bI7t$RM)0z)UHDR`di{n072zNK+LYQUb3 zes}#7ctrL|yAuv@?(j()yeWf?ZqXH;rCKb|{kxgD22G_M18%_?d7COZM0-PwU>%*w zep&!QhuYc11EYEqY)dVd;(U`CIDARo6TI{q zBDZpnUM|$;XuaMc$9X}PTHoW-Sh*zeXnhhb z0F#FNBs)|-QOci0!*71?aH6A|ZNX?gkIRb=7vy$B!ESw>10OXzBl=SQK^x0}7b)3R z`LG=`*I^}1hFz!y*GJ<(;w4`6dgnKfRMzgMXgP>zoTXvs8JV(>aQK3hCcKXm#m_i9 z7ySYm@k0Jr(mvNMjxe@-2A+jxT8fr$0Ju)~pe|&1xONLK^W`}%c-)`L;gH^eGB!Ik z-J)|cJ9CSbKmk>N(O?5G_I(FP{frzk*YhzkGgH{qbn_A$#RpmTfK!rl%RBoq2=~Tb z%emqC^YHbTNib6AZmtAKeG{8tD&*LIz_>5bxNq6$)&2v)I))iNEoY??#au zm>r>|K@!i>*~Nf8QCA8{>9lVoUEIY?emzWv2y^cdTxa5F#c45t`K6F-u0$~FUTu)G znQkG_hM@baSv?W`5rjBF-urc;P(PVDL2A`r9)2rU( zLjhvI5wPZI9#T34lde4A0A{-o8tC*jHv`tD z4Nrg8LYFAx4Za^cJnWd5c8VDEa05Xo!6l{TNX!R(QBJtSruSd+D0r^MxilF)-bm8Y zV!B~dOvV5GC5V&~a5oAd)ugMc3E1nZE9pTsh??wF|CS-91JnC42=?H9IJvPOczi;$ z?$Be?`Nj1Qb&k3CUdzbm$h1Y@GVZw25n|N}mtoyS2Rw!8y`6QBCK8$78T4?I^Waz1 zwyx)i?uG1~TaqAiS8IXum@@*!^Bv7&911?9k!UptjQn>~Z0`%y90)BvO z$Ou8v-1%(-A?R#A)dC%lf&`g&AZrj&lNQ^WEVQy%@e9J2dE_R~SE&cs6v;>4;FQ(4 zPl*Q_MI=D>%+`#SRMD2pZ?Gwp*ar zQSw@(XhBhO%P@XkJ5cU(l`w{gZN;!MOEI|zSbqYvWNdwuN$2LGo#zQ&El;&6^0tV! z03=xu4$IlVi6WFZz;z}S8ovfvae1SY1Z z(UU7!5^70gtI#dU#(nzN3LP&B=Vwx}tq9Tu2B>#BuDI0n?^pqeHK$ET*hqIfUDFhr z(E^LyM{kgdi9fM1UO{Az6{?8`0^GQ}kuh|6ic=;&Ia?&H&b^X1|K}ljV(&>jF>H!i z9_*b%OBTM2OD=u3nH(5xF*aEHU#j6osdhTv1HZV|54;A+ef~+-V1$qwync>%*YPe+ zB|Yy0>~gKVO`9?SGEkK+#qtk!fNg z?1P&uGIz4M$Fb-|e;NOXU$Tgu4(M&v@wLL5#H$hJ_7Z&mNN9^~Hg$ofK9BqOv5%>?JBq@zvn&D=Vda@fNXFGBY|H&v;dt?62hPA8ZyMOd6;y z$mB18t%XYKL^AQy#@(2WNa!>GI`n&_@{H2-1A<{W-7%2zB9l;)GKpS~&m3($vs6FE zezO1!{IF774_6I+$`sHraZ+ij1~17pkz|ZQhn87c$rf(Xm+;Ra zAr?!gX;GjrtTjML`ja)TyFm34Vc1VElFgup!25ZkOOBl&J^kF)(gzj(Vox?l@v%v| zrJau5?jAN<6~p~vxs+w+8Qr?$OQNBOV%lip-<0H<{4#SV5?b64hq&LAmiU+<0V2>r zJ?joyHf@$+dERH7>P054Xw%NbTV}J#e@Pzt-SCZNji8dtO}g+Q*gRpJ6}C?Vs>X4F zP|Jn)Ucj_)vnwU?C^v4P+)dfo(U=^HQ(>)0O%}RkeWbw&aVootjW~>Cd4wL_W+9eLR5#G(-%>KYx5{$wzeiO zItXVS>^(mJBTT#;a)&P#c6!6TfyZ>Y!03&WzHw{IA&ytNd_Z}P+F-bV)u+#Wxk@_T z%mT}ZM0wovhMG?q+d~n~lzyP*O#8~@l7k35KKUAq!9>x&Z_hAoz4YJJK2PYv zEQIh`GG1=J#$HbTY~aB#NN|m`6A0L6d`S*4oPGNh!?M9nq4bt<9Bk}w2;bjWfWdb% zpP;?!`n>bwZ_t|0a{Ya+=N)x{U8VESpz-A)PR_`!H(tt?vt19g?*~o+WR34!0ocJ? z9|(luF{U3^IZ|io%N@)OiIvNL_wfetH0;-^dH`LdxDN3)~A^-}X9CTL` zTq3c$K5k78r+DpGVLqTzW_W2(E+`wNkKnrD)TIl7+#ECJelGTaju-xB&lns`gj9Sf z%8wv{qGt7O+~vLr++O+du?kNxLc)nZso!|5))0*97>yrs3V~+!4)ra5JJqnlTE;sn z^R8f!ym1Q=|CRP}iyED{5iTj*%g@sZYrR>3QrR#(o0iXBv5O=*ds?obBWi zNw(nv_z+t75N2UzzY*;tVwaoUePu#8fcBm((*TCh*jhem#Q=f8O~cq38Va0_(e?AN z>7uXFiusEd8^KfbKyt{yS7Abh=kPNYym3UhmiatkHSFN}`I468A);}IygPz=nGBk&4%A;@kYU(aMK z@vfV1KVX&IqZt9`@3ED(Uin~%sz1({WeVK4v=2@N!IYeKFa3f zML&{f2zJ`p)AtiTALq$8GD0vX!DBP=&HAl;8yU}Il8+rBoKBsy+WO{CMP&X#<3#$P z16rL=Gi!PyfxRx>=;#o_+QR|kBl!YZzi|w3nvu&YFUVamM^w)~8`b&o(}4TGT0#H-jwTed-hmslc2wUd(Dz%77}N9%aomNZ!F_||4U^4w!?ahFU}BvMFd^C z(Y8f{1Xyf7HHI7K!Tu6j2fOlt_=ZJseza|-QV^^OMXr;0A*vr}Wdj6u&-%4{_K`yB zGJ-wEB@i>D#$AExE{$Iw-D{;rUCo@w4tSFl0~)Ek>Q^TEy!%#syvc6%XMcKaAB}jE zft`=Qt<`tg6GnF%r#irb-ixpO!W;9xy@tEILlD`jaZ2IXxUW8H@A|dtqZ0$na~cSb z4X8d7M?>8Uc)=^|-{@#njiap-K;G$R&3F5rWH;N!v8ZKpu4zJh#>@t3&3qUul4*voRY8c+J7S&ocIR+0-E zJ!`~kWS>1RUHk{y+xtyPSfC82C`pFHsHPI4)Xrb$3h5*POAQoJLc|ZC)ExM`JpEiUXMHC?XL(@_BjQ%U(|ZJ=L^&cSyCn*{r)G$`4T zSJL$5w1nbqt$T?%uG&WwLf0dAXMF7^ci1koXn z#NbE017%0i<-@fJA3WjenY~HETt@Df1U~<~p)@#9{7#0Q9=s0K%%NuR^_KNwm};E_ z%}>_`)k#A$&_Y2hrQRcbbBR6UIAw}6n-w|@e8^egvm7e{6M!J~44MUBOfG%-M49te zTaeaYF!T14B+=kcu|6!;_p}&d>cG0(kSTnpE)miIpNN}r6tE&V=7%>KY&r>S_#4gF z$qc3pI32UtneoQ&ob#FgrLK{2~u9kb%K_OxAfh; zN&P22+CPbece$G%IFv!}?Qj4Dnm>LHAbGNdlaxK~I;mghFq~FnQpS^pMN!)hYIVkjoguc%M~S+-%5BT;EY9GodTY~EzUKL- zFB*0o1Ry(qk|rWgSCEVkDiS)59F#{{3)jD3@EC%&*37!JXaYT;Po2#f;8i5Ql5WzD ztLtpW8)3h^icOS8>C~s!Tcf@4_Iz@8T#<)S8+ASqf*`%L;5~n9_#Ou6k-(*PZvAjx zs>!MqG=1ng=}l(oyuC2XzBTgXo-{dNI{8a??B!=3#lM09uwqg;&64c@9P+zi#hj5% z-?LxqZctn<@b42?x;8F@J5Bx>SbxPUiM{1^Sww8q<|MAm%jMql;;1-Gc;YgdLHL4I z=1o+<+hIVR@eDeYdjpqJuIT&d;>{c{oDtpsj{C#<&Z6R`KYsW7fVw=gvp-M>d$+Cv znhUlg11~W&!zW?+(OPWM%^e_&oSJMz)Y)!C_!fjjKbujE>i*@M?@<1wKVViyzgbK( zKDq{yW$xL(U;JLbGfe#~1mw$JSLHShCtN0=pgpV)=7fMbbzIo0US8c*z3`&2)-@h! zBmBhkYeXOcr|{*YrIQCms`>fPtGm#aGiW#o3d4KeEvi?&3$M`$#N$mickE+GX!*RK z+K?*UVRQ~)kC|lm zg8Ggjil^@JQ9;(Vmy!LJy46Lj#g-9Q=+EBoS{1J@86myNA-(Cnt+eO?)bIK`4i3Yc zdvb3c4-#*(n5PY+4SEvAb>HonrEB9P4}UZ2mg>-4NY|JKe?>a?9?YsHh8`mbv|VZg zLr-jrjdhCWTOYpxeF|zPRyUVdxC$;GWrVsiOKwDIg;)aa4&NO_o5^vr$hVRzl<uV^F!ot6YQQ*rWobHiFne@|%Q|VlD3AVwk6MU$5d;W%{ zKaaI>w}9B8f=SY@lZ%n~!kaq0)_eIm75Oj;lJH<_W7CNr0CVQ)nf>L;LT#NibMM5n z7KWsjwINV4&PoUF*t{F5^b#9X1M$y`yZOJ(b2sF1F&fQQw} zfm&_8w3ax40=Ba%&qU!URMtVROst|^&eA8kJEjs(9#5UDmP=BQgYSoEknQnTFcAyU z43&meSRj3-c)qgO7g-+sL#wmxH%)WL39;k3z?P*m*adMU{T*m5%H$*-@e^t;Tz(#mh3DlNbE_Hddd9N0kPngB+Ft3Y*4@ zDP7s|yDbt69+~CSW}@-t`G+xkeUzT@J5=9+45;1amD*Dq{r5LmV9>cHUoZTAJmqOS z-GpOMJVzGYk~t1j$QImVJ8=TRWYNP*)Ay@P1gS-2)>uaTGKJGYE>8Cfna(GrY`9t% z3vT_9ZNDqpJVFC#=_xqRk?|}&CIJdeSdp!VqmQ#$7Zo47-r6DCDiW3_wx%+m;)B9I z;H3Pf;_CEvryKxT5!|uRc(Z`hB}PD@%}QQfweUkqeq{Q3g2^Jt4?9V^bXbC2(e*vcT?OTM%GReZ@87D{)O4>Wfb7=@*wrQ0Q;d z?I8BKE_IZ3>4Y)@Zr*GT&ayzad>%n?;vXy>OQ+^~viLQ(JpHH`=4Jzu?eYP-finNt zEFunl_X*eD(!;)R*BqMDoDU}4Zs#}`Y0MQ`NOPjPU|O$Qn4wX3J&52+QnKIj1`!Z} zxAPkkX`NyXmTb3y^onak2Cs7UlA&#bT~i@P-g0~i$vkA)yYnG zk&J#FvRQ6-W{FQdidvT^){58DpHkGl_KDk1GF-=Yb~I&v?9$+!e+bgQ6=TOU#}yx& zTp3*U?^{VEG-e!)UO*T;cLB<@`?!anx7`sQ*}Cy`L%qFR>ALTqbZWhis+!?yLZ>(5 z0jYa)EKq&hHdDZ$!z3Lj>^OaCxSXNU<3Vm*!xbY<)sAwKR}PI>u}#BW8R?L@CP`H_ZKvT1ZHpvoWIT&hS@*%(J6rp<5TbU(-l{&;+36c!0U(rj z_9$1t$P*Z;ZmePL!@va-b1?s5T=ehLO7O1V{j(iILDr&20tbG2kip$GvpR|PmQ}BB z1?wi?(yF_?un(#M;T5D-?W`jkf2ZS?=S-Eb54zNtQ`@z_IF};uFha7QfQwF zA)MLNPN7?EQs`UubUOs znFxZ}isi+Ot$5=()U7XjQ~yD!__3ce#iXZKmTW@ciI*OyM^7+){XYjwTJ6ZV{`Asyl3L6TGnWX|aveG{hinP9SvuT$wADS!94>B5_RM9*W@mQ9_ER}*85o(xEs7E+$jMo6gyApBSP+k z&<2rq`W1b40_%SF_4DKF@LqY>S$^X^Be#YGP7VGTIY>+ zb!^gBHZbV)C4j74pkM`1e06EkpE4;?Tu?N35161Wi8URyQ(-P~jEGY=Je7tnzAiR$ zd$T#R$ug_6&>HvW+d9(Epy$uEx^;z4sp7sR=npZxPMW*8&X8vW$u#!m{71}a)Y@fY( zcgNP&9v=gtUNWgW_ao&E=!gb2hHVqXe-gNg|vK919)GH%8c?#IFOkyCx_>#SvjX+>1b zPJxl8grbTYl_v9MqCO&LB}Eo7XXTG=uDdU?->jT&_MusJFXYQ9zsnM~%O35R^uS3i z3fwcf!q-427oWAYmVfW=m0Wj}mZ#hGjlgIFJG$r*# zuj7+PWcieXn|R)WhX-=oH3NT_8=EpE>X*uF zs(?N@Srv{vSan+T(c}L{Rf;9BH@5z8Z+y~j^HyjEW7YUNm9o2RfZDramCSlzq%Qyy zs_oh6Ih_ysIB4cb`6(Pe&QPQ&wBrTUK)3I=tJ!o$dzzsSw7g$Of#%=!s)I9sdDA_s znkJ#S>NIJFSZ6|SH*t8W9MQO)@O;)PY5Wvbs5g3C|0%*;JNwC1Xy>$P-~~!dO!@TZ z*Jrn+P{(Jrfw^?a=dcAL6J@U6BSU2MxFHUxMy|vc$H-rt1fX;%Fw>R&-PZuWv zFB|A9S_SXMPQq;a@z0A-Qyo>QEx-8IVZzIO*F z=Svkv221xj6&x&ds}&Df`G50VA0D{9AJS016F2yBykw5Z&SacF2WUCI%~(1%IE6QC8EzQ#J`TQ( zvWmP-zr7xxNA*8`=Tx??S9ah_Lz?4!>d#+&e@ij19S(TkU#mH+;eAK*_TCM6f4xuN zb6uFYFKTGs>+kLL?(x1M5BE`1-gWmgi+;JRY5&r`pKvi;KNkbd<-8-WMd>3~GI+4# zJLqZeZ|0+nA{7Sae@8Ci7V8z_DkdEYwH-^>I#h*V<&6uh-?dL)&Srpdu_Ejo-{S}IT+(kQk za5cb#z+;3$*>F<^#RlO2p7F*>D1OZy##ij5cDcV&Ri$434$SWL>GLz^8cOR^f@br< zg}d%3IkJ70D-ktpInwo?W})Um748D=()MwXv!WAXOR*VNk`5wu*re=W?uR^La~|Iw z*nagH=x3G-@BEQva(M1$v69f=J-8%PB$0;eFdk3{%lUqH9`o51HH6&skGWaw%S1-7 zp>B&upZIH@o0Q$U#6QOZuEDEA4!5NRPPZfnN&y z(w08O0+I5ivKQd*BD4GO&9B?~&bn)y3>zi`L-BxU50e4*{*24k`$fa-Q@59Yo#FDd z)o}k!$wi0vn{qE#aNb=czEq>urbvbI`{6!fvAzbE#)Q3RQwD1CV`ftRtKGFXH>lItTph^6rT zW%>Z6o@bMF3gwoDV}V>)Pz@rxTn8PBi!_4JavNiCmO28sW>{Y{|&i$$ljAX zZ)j1186DvFce`2oxLa_v&?uWxe){H$f`u{_s>ZRz_h=ivT#EacAqDc6anWBZ5( zV9<$2o)9j7Z}D5y@r1%Qq-W7OMQ>Ne%A~lw+RsAB2-lgo2kCohMXe9$T1?z&xku*x zeoH||(BE&-q;K3`HjY2T`w>!kBkz6qrM<^z%lEZ6;km}htet=V(&!|PxAs@Tg`0;7 z!HfJ#E-$Qtb5JB(H?;zODyA z@AwFM+F+J(>|ChsSTo5WEMm_uYm%wAzq0|;lBhh&&ODqna9VU;m#g1AmxTL*LzJ!T zANk%9qfCW6g$Sn|k`5Zc2{bzyh`O)5;7HwhApZ#DtVLlA6j&$oKS7IFmaeD9Xhvjbk&&I^yt?wv;QV(vgB zJ#E@tijVj=+}ai53s@>MXRx_S%JaWX9~&z+^ch>iJR?Ga`kgoxi9=_U&nn0l$K8xF z`{qncpYTZO-mtMbQ_(FT1y54^pUe0yeS%w>_ z>;+h&xkJhqHF)==$W5#HdHs*PSJ7y zL;if0VN==&lID5yIoz)@h)Y4(CHLVEsqj`ogZs-W_w$eX81Hy!mG6(Y$$+_v9^N3o z`%B?o!FnAWu9Vmi9em&{(BJ#d``i1zMPM6}xdX`cyNkJr{eL(|QyV09HVz6livMt2 zoP6wj|EmT7{zoe)NWuEe%gLOARmH^ezn(7U4&N!*+1UOqP@`Z~Gk0}#b1^e_{iovm zZiRXVMP6~F8|K)ipIR0xD(m$Sq0`UI~xc(V% z{g?Eg7~0CFHs)sk9Y)rk{olL)ef590$oGG?s9^43`Q7T@!vAq8Wo`G}+~ps&Gx=^V zVQ%IKGXIb5|J2I!V{e{p3JI@!;N>Hui^GzMTa`=A1Xvji5&)sv$IC{ba|+!iGAC0( zrnid`-ao&7CcV{q?foo6(LSLmP)pm4g(xT}*h4A;-I@?i3t+4f?-gF!KlWTFUjrXM zy%w>q!K@4wu?TObziVu!83jC7F&OzWpg&z!;I{~zoi69^OG}n4bgq#9*ARwy|;Dz3$h;kg$JoSX#Y^=s18TQqZy& zvfQLu&@hpbioe)`=D&#b{Hl4nb;P}hlL=jBYdYP~c--2*2{3;Nn-wMx@H>HS6gf_) zQv_qUnjc9`nWkr+7g;)Fjw~Fj{BA)2)VPP`e#V9c1XxVXBFnY%8_m`%C-=_R&u?kE zMDJ#0&9t3D6+J3pKOe@%gs}g@_}#)r>uX+%sGR@n1v{%5Ve0V~x*M~GUeLeZ!zkRB zWC5>>_)brJs6sKcven-(ad|PY{FL~6QyTto`rcXgL)Vb?R*+*L7xm|nVw_5n!AUnr zUNyMkDQf-P)&%F3{8;>VG8=xqPV24<3~XiUX}EF`5$BQ*xaDQi+}iS-%A ze(Q3^PXJ@r8N8HV$rpj#mbZS%qjag?t? z_50^Jq#(W}jJu=iEI>6{44URJhP$q*_Di#$n+;nr(u%Z@<{SSgO+CuRz~m z)G)W0vy_u2p;iJ`ci-aH*KcP&o8Z+~{^wt(JM^Dm^Oz%vYge00LgvfDck21G;E9+g z{aows{lYv5`HX*cD=bC@8fHV`(k~M%^}BI0BYoEt${AK@6_$wEnZ*)$XWxl>oLd_x z_gUSCuD%ToS(W0n8#d;Qn}V#U7_Waz-g7G>B#M1qKHkjLJM$IiN-5^EO~&|* z3_zqhdM!$sW%*1Ojh4e}F@v}fkUY>iZZ#kRZ!5?!q7ZJyNJynzb)7$(xBPrVxRJWe zF7P#h<3s%vSBjO@+RfW6lrtoIZZl-);5cZjrk7ehEnw(U8CwP`fCpX{r&Pj_c%6bC zTP})BIG?sYAd{%y&nv~|Dn}t^E9z5!y>eq=mCv?WN*U|dk7To0;~#!zk?u_GR`C;? zCM=}gCFzePjW3AuGntIZ`{yDQBIo3M3o!jaW!=N{ZM0|g^X%4O>Ey2MiG@+CVj5Q8 zDo+4*_sZg--$t%7Ars+NQ$E7_j~uF>D1S@-Tucltb_+&P51<;I5m~B`Am)Sg#c}gC z-;C=K99{XukWReiZ|S;>DkUXr;m~Uqt%)mL`FV~buUic3`IgT_Vzg8WYz|A^@Mem{ z^3d-`Ys%l$)s1Nh6!{(<{MdkK0pem*=KWiMC88v5#k_&!Dj{XJQ&4rl=xq#?YcZ=o z6e#^9sWDi!wXiVseQ@KvCTB+LvzlY?9tbPH3PEug@&R-4rv&3mNS9wzu|gnUG@PaN zCloXxbNse=@S{Vi**BxTHT#$V}LJ}?mBT#CAC z*SIgZEfA}U$HrzVNl7UjvLh-;G}#&vvMK)!|AsYxwZ|MrC)j(H5zL<8RIvUsek5Or zV_L&o+~X@(*~Tw~n@SCd6;+}zWQV%afgd#CV7hk7oMD8uiUiNFdGd)))x~*=#kuKv z9p>mb4dXz(GDBz2@H%fB*8REhF``Ov9;E#v>-kt7v0FBYyJ#yT6qb=Dg+1Llq(vnU zvt%`uGj?<+uI5XBGUqNaxMcwxvagsTrZC#b^|gw;Nk93EZl@mJM0G2D(Tq`=iMq47EA7<-$0}OBj4UJf-IzXPg%V&l+bb1ozTaBvCluuI;ArN82e5MP~4b3ORD?9d|8oer?a zAIBvhWrG>OrQ$pf&Dw8xFUJ5DGBXq!cg_K<&q+tlQ+Q8$hF_3^(h#tJF(Zivc8WQP z#!-a4b%i}>wKhE4z zf861J00k`bcabW8fDNF&GDx>xZse`!Z_;AVJ72=t_0Lk_dnhHy33VI3(QW?PIEb}G zdv>;}=Iq3(dHvBfXnaiSj`3lnap8|c;w$%ygv2NR3=a)7Tic;}xtmCB%4CByLAE*s zxco%+&$N-BIip3n8gi@Eq;*E)Oyy0bKvB{X^gKcRzedn3Q8^umgZD-OFCVlGTl);YDZko~XvLnhsC;2KP5fJOxOmGLecnSz!((nAtLv}Y_v zPb7Kr74YS&`rncoaZ3M57Hn{4Xl@hMYONN27pwKg&H43cB# z%Doon93L?JWD5M{_31t~D46P%v|x^^MfWcJpxfk$9~C`Jq{VANX+WDZ;umqG+{pSy ztdlFE$g1TTFa6|C6D+m~ zPaUbE$^Dh;$MgrTYJmn|lh*h3OVW9nDy8>=`>V&KujdZQGo&ZQGbJ zW^CKGZ71jZ&pChXbxy6Sz1F_i7yGWqs2+XSqr0n~Y7WROlog;D+vUI(X8OP+G!Gpk z%zBu~BRVU32#TwK%^JG%Fjj5S&1XG{(((&_0-kKUI)eMsjY+EMaBl&8%1ab8O(D41 zd;JteylRl@0*3m#%t4}Hyegg;z#xa$zke(adVyxuJ*S`-_M8?6^&EEzOM!^}%++Or zq4WgW&png07B4m3SxKl$`2oZCyHEfsLgx zmRB)3d~tO;Is{hFbr30TX9}JbjZ+|}f95NyF#@{$v@(Dedq#_x9bak0DE9TJ<;vjV zw$T9UJ~$6DXykY0IAaAu-%5uhq;TZ;+@A@AV3abgN$5`5Kn(INv|G}A2CFootjPF5Q=B5v$g64P zE+g1Y=dD_{W79ZDq=b}Z_0RJ2I4~dE7ai06>h;%CRLHKwY~x+``QC&zy%0_AP!3{G ziAHNUM`yRDWhYpDO9x%IUf48$pRD@(hGvjI({Qc}ibA*U{G@&*hyPAHTsBeu)jO%7 zYDrTw;m-=SYQ=UsHb;+Xy>-Py+cvE|Ux3oWJZHwxmotf~!zyMVm?x*{-XaCF8>{c-sgB*HXx` z=G%00^ko5u{H}@bBZg2AYk;CLl}^KD!ou68Ys%oOKxctFMI4U4HuEo7mNcg6_Q`H$ zp6*+ItLC^0R#$eQPvKBwMZsg!WX!DMI;;rF@7k<2d~)RhDH|Dm!sDaU644hTZ7Xq) z8DPN+UqyufOFOFVQt^~^$4^$0MrU3p;1Wels;1cQ2y~kC4Nu0GXI*6oU}&}LPnxkS zNJ>vg=fQH=zsO^V-fjJBdb6HQw#XAB6+mtY3$FE>S|J zXLvXJO2@590ESMm#x5?60jDB0y`Zz3!?7B&Df3$=qhoF?CysY#zYNp_`D)?97?}ev zngfA!YpK|N`Rgu3A>{umZ)SgoM4-M`z^4gPIe~U8 z`~@G7OxV#P4^Mu}zMPMWpon=@-7iRm8hDW^k=5f33iBRkxZNx$|i zYjAoIlJof~CfUaQ;_I;bYK`k`iH+{gr%sRdl#3LhBZ9P#N7U_4uN&Fhk)|6Ui2>|^ zFP+EyeZ&1N7xhlMK<5=qK#YLnr((&sVv%xubSnRBMq>Mvu2$ zh_(RucE(4PtY2rKODC8lye^LPrD=n5R^qZ}@t6G7;|4%ZcN0j#FEd4Xlu5yN`}KHNW__+;-##j ze5**K$gQU7yRNG&gXQ_G83#vW=1f12Mv4~AKtdJ^8BvP?vdGEUMbMK63l5L``ZVGW zY!M5GwUGt}sr<;tSUcSQ?$YTx05XkxvoA_PoHizCDo;a`=8b9P6IX%ux@c34KT;!8 z0>))2#I4dz#MCwEWzB{T-GW|+Jp)kblT{R82yT)!2RK^8zg1@z3lEv-ss5JW&KIAyjyMXVTQR_YJRcMRt3h zNsujjtjU--_rdPR6w~O!M1qQ346OBf4;gI_T6D}nK!|!xugN+=lkgkqg~JMXh=<{DD;5^ZB0 zkX-wefJ#49df7gze(Z`Ott=(Zl#fDdF1!_w9Ku}W$6{1+PsH5Qx_GX3DZx_+Q)kNF zx934liD57b@#gG^%NDKJo4JnRERS3*m>s&0dNU-?EQZuK{EjC|oS_gOHxQD)CuA05 zGcoQ|S->xwT^!ciwqAc!lgp)m@Tac@D}oIw{LyTFgA@v@EhjlY#S|17kI%{D+-kE+ z(w6vF%w*G2cIe3jf*c6+Y#?pMb6s2U#nqzPn`~KW8ppeq&N9W*j=THh&cue0e%|UL zx*WvOrJf1RsZ>%M1I2+;L!paSm$||Ilv>A4ei9VB_o4tuuZkZxI_%1p(*BOW=#ZQR zT2`Y_BB-2^QByyY(Gq{yH0qy}P}M}PQ|MGljiRxkmfaJ5WWQVZp4IdXF*Gn2`pNJe z!Ha9@l~1D0E2E^>GCd2#KR)(brKQN;FQ7z;4Z;k`eXzaFS--1YIN>Ih)kBic3B`yJ z9S(1bOqq!Mwn$H~#kLm?I!z|xAe1b|=Zn|;kp%SKNc)79rXx$?ypv356%sxj6&eGb zZBva8B(lBuZY=kXkBtzr1`)CjV`OIV>a$#)sZ&}PG#A&~Q%5D#&P{w#OInb)oUg7C zloFevHvsB0NTY=E?p9ME`Qk29Pq9<4;nH{_(q~A>FJ~+@M2I0!Y35k(rRr-3!m4BRW47q_feA>sC-<0az{8OpR zBbq92Z8s6tT!=r^TtmG(=-9r|K^{!clBVOQRb&YD+Pq-ZMDAAY>V(VKup%&BgUt*` z-Vus}3*c6Nb>(^6s$^htE9KPChS6dHPXm!0hD<44iV1}}JE9BC1*Zts}sJrlMqKes`>wd`gl30Z1 zNwLVBzPbuEF+F6Kq>Zh=>tvTBQHR+-=Z-gx4vbe%+8CXqMGtNJvjwz9&5ja1vN)8J z6?XXq50D)LR}G?@jrj=Sa2TmI{TQ15?J{eptzb6}o42bJ^>O$+OM`%+lvMN8?uZ@= z?NslgO#Q^TKeWn;aQXUm9HhSEGWPD&+bgKj^E07qx%pU-xA>b9x>z7Dk+?u!EkO*+ zK5QBg4o~5aTscA+@yy-dPX*!S3{uz3hZ|J%1B4xF;~BKn?F)VYnmDiwxl!T-4cRe| zmQVqNm>UW?-#0>}Y`;Na{}=xYJN^^ACa7pxZr{k-Z>ZemSa*idTa7hn-F#n25}W>Q z^%E@H05NYwck`d%x`MIl!^3m8Kx1|DFr)BkM3N=94g!S0Ieem=n5D=H?k)5!HI1&1+yX( zJ9Bl|^`s!$J7t1Hdv zk{`FXH)c5QJEO|&L?n?p|z);4`AU@LYaGZo`cRdt8 zJJ5M2ooc*)VspFN1M039MU}x?IA>iGoGnKxF`J$E8TrTq>w704G!9Y1yb}+TWmW|1 zNr$oUsBKLfXkdUIBm@^l8do<)wv>2R(KPG(hj3tc&B!_bx|#O!Ya$2r(O1 z-N~d4Y(1!WdpW4I8lN}wve0myEV0uCk4iJll|Fbu{iNHLIG-{sn0s9rK{wJ5d|$4$ z&hq9nwRLnN)wp;E9Sl-OSuXJc(jYDjBGS!Os4Cbrx77x~*+fJm zSZnTAUb_r+7ji^*H?hR^GUPD*id>A&pYt)eT~zAlCM3)qZ5jGD?YSIOTl*QE;xf%I zniO*7bz>JbQ4Jkb1?5oZ!*qxGIimhS?g5&k?;>cit^$i+1YM5;cnefZ>_txC*S13> zD!!7>Iaq(#SHVUTCvU<(nh`IMI~e1u7`(8+5jsDk*?c=0rc+7 zSDXknclVVOO{f$Y`65i58y5@z8bNCKzBScbD4J;yue(C+#S99ja{t_URPSPO#u!f| z&N@xYid=RrYFts-Y{>-8Tn^+=7R{v{#sSE~Ct$>{8k{0663X$u)mCJao%LbD5>7G| zif$1Trgk?bdbgMufHLP6A?fM9$B6y)-+Fd)h0=O0n6Q$Y>jN^W=}#^YDs%VnY8MmG zlU|Rb;>1*%v%koD^V?cCX^*!yxBl_wZH0fC=77U?c$9*Xl4wjJJW<|1iRl?F(&66d zOyqm1g~sN~Y3ehD=h&~-b{9#e3nb|>A5oD8u);OFs^dN3Xn-&Z8^Ix`n!!XzNNooD1OteEpfD>$U ztMGkhFcDaEX_O4Y&kRPu-~mRw5bJ`UHJB^}9uDI|HgfMJDouS~LOprWRF!C8Y0{7xhA~F*~JZ!!zWG@p!#8aI4jeUmH;mAIO zw_!=o?u*mhm_=3+!>`S8>Y@SEr0Q%>MR#@C9+&j-pA#l#WPTtBh`+_@<{WKZp$obP z?~K@LqqJ{bTMd0!v}p8d-f~&3)a!yvjm8YOCFEJ=-D+xPE4F}B=$!>}g|OMbK5O;j zyPw9kjmE`16oScNe2lupPts}$0aKVT%?WF%G++dyVP<_BqhZU67%NHL7YhZ;IHwN%6PMNus#cKK0i=Aw|tWC2EV!2mm>j>GFTCHx`#5& zdX=|!f871LR~Hg_bWm|GF6d7{jpX+Dql=}9950?^_+p}d22?6?8+KasL-cK2epHaU z5Sq^abDet|MgHn$>)pwO22>sIo^WiW=vFY3|B+!#Cc&%QN=5Exxf!jhT;FRw7_ieQ zFF(i^M7wIksGTniKQ+=NqDSe^qFym0j~h*dut>{;7p)H|IcXRW*p$%+`$$adWT2>C zN1A6M>Iz1)gsXoVU2}`pOSxau}#83oIYr*QzY6;V68dYENrsQc+NmV6J zzr)JfFC;M_^^V(*bB0j65G{Gan)V4Yt{H8B;BEPc!i#_q4O)m2iKwb*=v`sOT*ty> zN!uG-w}=U|u=`5=_v=IFLA^jWWie7&hJ!Wl5OE#CGd_v5*3cpdT?&H!@CX9#_^oI_ zU!!w}5Omxf7<@?9AC`4KTuZzRHP((0Rfw^y(B=W=!!!iI2v}|`P9}A?sD!x`qw_a$ zj5FLNqoPgDyTvMm7-STMiMVHHO6Z-weCEgS}#XgZ^hA=->2*9mv7* zKeE98J_!1M8O(nKLG1rk5cGf7{%-_9{~7xE*O-Nnk@?@_{|^9y{ci&x#(ztz{|JEo zz54$g0BzPEusP;kpHq!>apG6jlpDrBHn`nI^({?^)3kea;_j|SGS6XuHvZL8twi5a zo1uB>`*TpMH=_3irXSDE&4apxUhcQS5n$ z`Ed3yDr@03(|tM0G0faM?Th6)Y~Y8Crp-ivA0-hoQzAwgPlGCBeCK_bi#8<#eT<33 z=lgooFL!<2z5Vr4&9Xi(c_25~8VrW*`*?cZ{{*!Ae_YV;?*p0V+Z70`r{hhKE>H_Y z3~N&}|0yBkwspkg{wK%Qjfr+0ihzP|=Jzz4Oy;D{hxO%&Mt`902XEwO&9<-Iy<=^6 z_v+Uu`Gu%ZqL*=LP4Dv>rk7ySrkBI? z^19M1m>gcS{N^MCKJV83=+VV~&GQ>RO%{dIxV-5hoetd zofQx{t&W-UkfAhh<|{)x(quNq_M4~iy_+^IaFwDh*KTU2GW<0o&9F>8-|gQX&FNZT z@ADpRtp!C!EFvz~q2p-TY*p32)S-K?cabY_MR=yezr43}WTEHFVnsW&^{SCIOevkr zTVr}*tk4f-z}?rUg8N;z2u|ozHy`IP4L>}bD!U0>H@~vnc_rk1n+W|oS9pcgpfv?@ zOf#^A1=jL&OM8A>Bc(wYWu;PT5>ZP@x$#`bR7q#oU~SrO>X_86KAyZw)fB{5+l#>u z7FKm1%T7cPCx?Dk`z(ziDz5sYib6<+p3`r0d;jsvGodVCK~{fXuSnlCkekt7cwK`X zdFoL9ISqvoc?Hhs{r*%5b^eLuR`Id*Vd#T1g~V13zx-Y9u5~GwV+4N9JcQkDCL&wGWmHT31sa|n zia?>;U!e)$sa^Mr@e>7!E>Nw{+<=-VgAJ^|MAd)S#GlAryZ^a>3ZbsL$~7s{8NxK#8RF;{ z-7I+#$rxAEEu^h&!FeY zkA%ZcM1^GbP|b#6(=bE#Z)>?8Xai@{U;a$~E`)PC?8-13RG2tVOw+Xz zfh&)uVl^EEZ2E5HhCcRS-P6|Qh!0Z*7pYe&4QX@fn|sP#z`Hoc?r`(rrJI^khTAmW zc28=0=CW>tF*RI+@+DEdJw-Qp-Rpi#7GQVAWot%d8|SDP_IS;eYYRoh)q5Qor3p9UNNc4-d_%<^9`7* zt(;c8pV=CeETh!Pp~rTE;3AweZxYAvg&wV-qf|58n&t$6@{!$&v=n&g*ser#qsY`7 z)?*PyZ^`M5^Um>*T|X%i<91xVMAqeE=U(z7pGuLhQLV2|APZVGeZ_R7LOwlXxDf<_ zNV{BXG9!%4V?nrYD^SP&8s}iQ7cH6_LFHjlY`2={`Y$T;P}5kZB6>=iX+4dwaOujq zS9zzyPZd02C_}r=*lZQ^knCP3Chmer*{W#kfugj_KREXmM=EhdF0<1kVG~;OiFrem zpR?07>1S$85xX5lEeKhtW3XWn&Y(tzrb0}Py(S(9^1vEE=l6vayRmEf?29K z$m9c-q}#nBtA5J$pOszFsroLu@~5N*Kx_JgZevI z8H>uz(|Q{FU|8;lOolE#!_3 z^mao>^0C|Q_*iD(7l2CnUfUVmZX@|J`TJDqZ2^(Ul+uhQijmeyv>N0rPRWkQGl$u^ z5?>GXXz#{qHDNH4nv^gYp+X&&-p6En5%QL&^~)BwGMyC?%hb#=9W&MR98NK|kn%=k zw)-c&%b^2SB46LQRAN+kI74xK10Yb8447-3YlN93%RBdln(ekVV7Ha(67Z`aJC+dE z(#X9jXznR9*6E>U7%ar_IXRsMF^A1ceI}b!IicZ>L3_1vbzjF0Lm0r@5#kw#;6dn2 z5tM(EQPbwXAUMqf*nqSADB|IptRsm0j6b2Rvyj8!SNyYgj- z;bO$Crud8N@oehLEUVsW+#F}%8GOD`6lZWq#e8V&)p0eP4xZzf&XD%xIOBI&g61VOf>g`RR{8D*$!^ zGl7bS0Uek1u58L>>0KQ4^R4uk$JCQs%e-}C9`3phWYAnGk9*sVyOkQ5Zooi|ZCS;T zd9glLbz?pAm2&B&|W|gLuMU!YXnOjXwlvXO}wI>Z~b2Psv>za zYGlr~IWX2t4mni@=7qfv71N|)LK2$wH+Ds-){f{)y7e;_j!E zGahtTA{8KunnW*nk2C&j`iA`Y2f5i&&yx%OfSOEqqc0)7-S&ulD6=xMVIGIyYp{sw z0G1@7#PxjsraJ3|veuM)xaEPR97;@+m%ID@mTnntC6BPus^O!Xuh9J6geEzm*ULCC zCTw#-XzFO)ER!{eBbRi#7RzAXN7M@)XMb2vUx+4$HwiEe6GT=@|2 zfy$fr_`Z{He=|gqA7$cCbMaeWDQBgTTE|isk<(72d-Id^YIsA@g?sn=$-M`%B_n!% zqb9VE+kG3t{L7Cu0N3os-9+I+cG(o-MPI6|FvXi_YUhtePeuc_I;6gv)G$lBHnO5Hn48|Dr{V0>P}t9EQ;adt^^ z>bjiM8)wYesn3~Q8etgFqNX#u8N@qt+!k`_)q3knaxyMq@Ttq0nVnXft0BVDWu`P* zbF;0mfJ6<5?oky;0uX!$Saj08{bwgHXtC?j-cs2hC4E@^Xjm$D;QQms;pT>Y`(9a8 zdK#*hXs3CY0ES)X{J&CC%?_s{^?hY+^bD}6(l}LFHrgolRSY=P;Dtq^%4nqHs`Hp} z43)Vi{GTLdX`NaAtp_&N2e zwpYG>-$&=q&w7QkN6KgZ%0{m7BZp=Au`X&R1yL?)Hw#0lFn|UUWA8-VogCEJyxXwM z6#vBHENEJ5MootM7|T%lN=LSOw@<lMo3i#`eDJ?GeqIVxv`Mv|cMRFvCjoVPXb}WagKYiXe{wgCYJPOztTKy*b0bObQ zI|Fj%;=v;J!ZIwq@FMIJ@dE`HK4zePsOoDyPg5okMNK zY;`gzm|f3+A|WrAe+0;F7_s?xySl1xGIs#NNK_In3Ku*c_rV{7A)bZ=4QUltu&O^E z>#Gtaue57mu1&(Y3S{&zq5v(|)*C{m+=zY)Mca^yW~G?Rnk;19KA(@5 zpz(DnUN9(#dWUUWY1eJo40;jq$(J|^-4KG}QmT^A{D`5@!ywSpqVOA9*KTj|m^-k; zZ#TRF<-9B^j}cm9x5?cxuTCyTav?4!4J(x4D3g{XB%G|I-}`C5hc^(t~`{gY`satR=|U% zuk>!(uq_f2XdEgLkA%_hq0K^=`0dayu`k#N14aDLJD{XqTzxlUcQ#FU(7((;8BN6! z>j(HB!C7>plR#`afKUo&oCuz7h50Ea)O`D4ia24iG zq3fff=3bEm`%mR*D`qw!Of-K)0UCCk#ruM|@Us(QKL8#N))p>A^}}bxyPXl_QU(vV z#5)030R=f?B5{)yavSa9!8P&bMt;Zz^^?mU1dCys`qdqqQ6nYk(Ifb=mg1Lc?@lo$ zb=sD+OMg@5(-#>~EAgxbj{+h)&}(t&`XtFNdLzfKK9t#WUJo*nDsh|tuodCXufq8` z_OBp_*BaUegr~btd-Wk2NVGew;S|QZAIc3HFR~esdjS!3pGp-FZ0X+Ht><_2haA`5 z`8=+-9tvGDsS||Oy_plz>7)_{y&q{YCLCWxbBB0F9dCgvd+G;*lsW$FKSKJ^2S_^u zHvM1)Ww&s#+L;h_vBX7xxuidF8?IS7`2_Wh;3nvLgdF!T_H+;77W|IjDT`GyXx381 zVxoH~+HYk|;HFb`NOTm!sPlbU(Hqe(zj#;4jL2m`!F(1+Z=m2imq3wc+g|GcfO6CZ zQ^{s2WLohyx(sRhlv1dSY~yCjG9DB1%+qG7&t~+%==P%PYq~vke01IxPvlS_SL&y& zqcehp`7_l%ZDjN`0W)Ye%0Md(YRR>JQ3f6a7z21YIz`BNiJz$JpW;mt>yKMCays^a z3`fZm;+asKXf_CMR|xeH%&mR)K^!M_4@9*izo=<7@71OCoT5-flZvAY4t*9F3S{AnVazdx zDQ{=qG6$rF=NbX`8hnB>0j8_(2&g&+0jYiFYiOw4!zkqLJz;Mqv~>+A-h<(cm6ZC% z90qAdXhx{qRfzjeoO}rR zP3CewI3Z*c^5zSMN9$UTEOaDzAJNOoCop?erdmlLT+aXiO~1`f#FC1upIk)}>%^io znN7wYi@%~dkFK{*Q1(m%S^1^z`sffWIy-5&zLlWJ;}b+4Qj&G+bl3Eo<1(@5QVKNN zq+}Z(QgcMv+)`{QpHrPuJjoV)M^ARwF`B1Feq~V%cE~ZZc^V2s4EEeH%Ld*8zfQbE~FSwzu^RgyI1qRj-?XwQ(X*q65~W;r8Arf$tX_g zMi4`5E}!s+=~#P=F=1QG4VCI-y53Ypy@NI~2*)qCDFgWq++zg4RYhsLwp!i@KUFm+ zryq$WlNIAx8dUV&c-$>B83*8o;Cmlu42B!5N#&|^6Eja96-n2;#R&|u85TLtUSHq=-dBJ-GZFGfW$p4}wZ3&n^0T&Qjh|ScHXx#57R30UQ5On zvKV+GxQ%X>^w4-pib;>{8>ewWNw;0mh&er>?wA(c4#+nSj=cIc74y~l1o+B1!7k#0 zI69nf`hb#OtWmO&pAyN1$GYR|jEFU$9rw9}$x>)8B5;J<46E+uWehS0<aNI z!P;#mStnR*5vWYbcAFD2pzn8L?O{Gb40ctq&uNK_Y%+vUjx_mOwS?aiqnzU(HA;}?+0EBI?|z&IZW8;0 zi6T%e(0o%*t3LE(qbrW!~LJqcIU}V9ng6HOZ?h$dh+YwCV6o`5}sKc_9y778oqQ@4ZwRgmXAB#cAWk zsCyJL5J~@$hfS*>&5(jqb0X7hdl`{%08>e+MjWf{!PG5^H+APyn$rTuL_;i3Qhapb zrq~EN@Mu5+wq?CplQ$eaSs!OjWTYqFoc1Nlmq=%6oPq&gEQT)6s)ACWU}#<$ID;*u z1g~m;;GtnUB&B*x)Yz0aG||Ly7+6kXUa663YbYZZ?kW9I)r;Wt4SG8?)sHs_$shHK z+j|tTIEs!LN3*2U^~0~;HXV*{;E4&ns!gXlTs`rk4ELcT`gcF=C=IiukU4IRMzn-T zFb?iJZX{OZ=2uOweu+9>3=IdMk@W&K&&a5ZvASF#b|Q{}k`3CfE#AniEDB*HIrP4v z!(IS!rYs8+j+c%MRi!Qv8h!<;QLJIScDSO6k)ra29@Orb@7AumV~Qf8 zeq2OTLNk!-ADYaH@tu=P);gAc&RV5H1nd&h1z8_`X7kov@9|NVkj_nAaAVpb5q(RH z4`TIY%k%7%JS`12Z-NmF=C~T>@w=??rIB^gJ0&=r`9=xPxPuf0Sa!A9Kb!AWMYGG! zSe0ez9h4EdrEQpqPYa-!&MA2M&QuUo+-rliVs()j8EZ<0r;i0OJ`;5?M?*II3%W7m z!2z`0_V6ha8}BUP@oWZq*UM!sE!fBODV6Trt(hK5?<{Ru_9;$~Q-IKe$uNWNSmA@@ z9*W-xULIC1Bb^6y?h5zU@Sk!RX8Xaxue4Az+k_q-AIt&YQer2DN;7!_+a;tj=>np0 z0NfvXI>|*mbpir?9(28R#O?bz*A2KG8Q3cc(nH*(WUv$i@KkdhwZaAur-%c`e)no{ z_MmRb5M4$;o`oC^7GCF*_vNhA3r5MUhg=UR!!gCFlbUJpkdv$Bgy~4CMeQjcK29X@ zZ{yZ7$vc-T(vxAjqZ-0edJ#Yqb5N47%OS@cTdMLU{ty`;Sk(8}X1VzmL(uC|YPf=` z+GMYUqg+&!lS=OF(v{h_6h6jFZ4K-~JedO0iGO|cAj526XxqH3opGmw+}97wDU6hh z4})Ovy+5d9>B#1L%p|v_D&ZsC>g~uT+&*Q2#B}o9HHa5CwB@Qr%i{)p3WOLKB8aW*FK&8iv1$bSY5z z0AkQOYvad{DjT?ZC+B^5>z?mS2F7BY&h{6k;o46yYevtd z52nmvt_`DDcQMWz!1c^evx+@@U5szu3UiG3ATH+%7@~0)L1J^UC5f*3dx)kIiJ%!t zWg-&tEmL^KLVOIfaR(LvAX?o5Oz(*+q@02Fmul}!nmTrbhyiR=nO^MR#wu8U!9Ul* zq+*%yA~NYgk~1s`3Sw5A*D*GXHh*1K0vTtDSV3`aCPh@1=(m{Eop={KB&1Rm29}(Z zPt(r;C^0MZfyHyQ*E?!*?koCIZ9J00RF%WQ6T z9C=Ie@2SHNkuEIvF#J{1Z2=PpSLH62zLghlhB=D-E{>n@6hXKl@XLpC8DYIyT)Y;R zwN?w}JB6x;8x%6K+3d^Ic-s8!9bho|Wz(Z8S{JO@{ z7*1X-%OM^)Z=M$4DfRQc7BW?ErNm=$l1Zq8TNd2ed2mYvmF2%+Kfe|g9q=aGgul{J z(tt0ZS7PebMRVZqk%r_NehGGB}Lxbp@r@3Sj2UatJyTc(+B%yitgHQnYzam7mH^k(GXoEb8iO8`X=rtQ}y_R%s{DB?2?C%gADd*k>$k}ykD2;cHy4}dkq>^;Oo=o@JOv2}V{Jl5`pT_EP5o)oiw8#1L2Ziw88?)0CkLkAvDBVy6#>FnEt^}hta(#V>)%qSGroOHLxm3 zJSDu^yJx?vy2{Or-!XlTS4Lx?#Wm>}(lq^xeC=Uy?`Ew+&8EH4KyuAy6v){c_K?@J zi5+RCz`{2KPiG(yJ4`g45(`(_!lfM(VaCKejUPowJ;?fxpi=ntjA3RYVl6wFw!4;c zCnK=tV9!RPe+LO?A>=*N=5YTJUTBMc>swy#GR9Tb95c?ByB=q}De(^@f>aTh^G6 zRtX@ex$CzxG06mWt`96|In463*0oAAxpvU?hTd)V=(++$OLDm-Bon$`Z(VsJOr4%v zqSRmV<4>loAFw#M4Z$4H=jtseiN_|X{i-5x!Ayk`9$wbB`trT6s?&MNv0nQsy5#wn zfE%|hxCS(S{XrfMOGtOq5VpgGzTS13yxyiet#S!5Fslm(AMzq8A$#tTu_aF z7}YLWuHZ~ffH@cH!eH7YGR^x`J{NE*=<=?yT7lT$#zlj0Xi<7q5Y1|rUZpv z{C{}RF*L4bH7q!Fa6ozNJT3JsRcNm6Nx6_ebymsbKPw9~d&(`G#a{xlb3D*et>n64 zMEo^`aLs(i4^;7a_%?-CN0BCqN*X@4#hPdQZ14PB0PG`iz8FQVk)q8x*yUNcA=LUT zUl>i3Qtg5eKZ9mNY0mtYbyJCM${uzsW@Uf{ds1-cV~n-3IAK39_!Ns~jl66wjUPc$ zcnZ!)l1R!hN9Pmbx(tWY{F%wadPm?Sj2{cNe!>8}b?dk@LaFR@Ie6A0{B4L-L8piZn(c$TvPQ!Q?|{N%oN*ZxOR94|j5&E*U?rHm7-wMf=$wG5P#mod%QQ}w z$-r~~?9_^BPykomW~F>>a;4BbN)P*7<{<=;76N`QDAfRpbPR|UWFl%fJh@jUqj+Hc z>EERiybM)+^;(X1{C;ID1u^hW?6?~JlO-X4z~gxxOS%(E+!E3tKE1@vgJTrg*)l_c z?9MD{tw;jp11y$8w|~9^^e|5gjw5Xsoj!x)o<$#;r!oF;Klna6{HEmyn`-wC8H0Ca z??1?^Ugc4E#N-J37gD_9@}#@WBrdt?vbuVs zICj*RR<`o#u>Kt(eRTv1c31ksf_|dD0}v=aZg5e2VO<8|BL6^cq9l=Jmm-@Pyx2$S zN%jmPFZuM`$Q&QsAdz)HOBluKgnK?Hb;-Zb!x2r3-|E0wHZHwxi~|-Wy6%Wp*DhP& z9hTkocdC(8H6TW67-mtO8K-G|$(FFYG4ma#g-QU9)1e~XvC-T&5aY=dTM6YoB<*Wf zR=?wJv?shXxeNm-jQ=_L)nIa0$yn1|Uq=XyasTuh7eOYBEPf4LHHTC2XdFNF)oj&7 z>ylk~!2EK)GO=+0=-NmK0T=~LARUBy^-BOsK()U!bfN>|#cTx@vkF!#@US^xDzFpX0@0z$tby!roKY}kUMZD}Ag z7X|OuP?4H;CY200#_{~gan=0vrkYjQk#=TDG6R~3hKm>!wdY=c;M}`4boAlap+(Vu z?pGQa@J)%Qplz|SAU6WcMb!*NxuZ7r9af8SDUlBhHP`O(g2N16DxcVTsP^1{dP1G+;cnHm6D@}XG&wSK{94XcZ7q4!> z?w0;tfoU9~E&??xh{9>f$AGU-{Mq=l31elJhxbcUp0L2aLMQ(4#76iC(Tk&}9dKJ- z$h3B2^I>a{V?zjieqE8_-O|vUY-Fq}LYqlDg^6mfhP+zjSrLv}*mWE%;}>@yq#qqB zGq$^b>RQ;(jQCQ)_hNyIA>e^zI6+}3 zvMN_hzI_q*iQg!OwgbKyi0)`4$6gmeAt>l@{27Uf#wcMx7cyR7U@RfSyLDeSQS(5nbKe2+PWZvSbvXZc{=e4}a~#GE~cz zJ3v&n=h;FrxIvjM5^lp zv%JhB{#*BLuF|We9$ffy+Y@t3yMT(DHLkfzopMq?3R0gLXEZx?Re&vw!`KY>!TWD? zbmxE{O>C9h_pgq9=jT4Ip|L+PRebiMX-SnQQeZbT;({ZN0dXf%{AICKfB4Nwi@|nH zpco;`yXwe1H8W9ss2FG!6Fy6(uNcrp7iJ&YZf1e#@X=jp|7t9|E?^{Bb>Y#v0cgxEN=-m+;0gc z{=2i7eyRuK3aqb^f2j89Zy_eADQ}hKt{0rAyc1w@9P`SvHgpYxZwCyT=D<^h90M{` zbAIF1Atri-CO)Dl@&dAy9l^ovBUEEd_KY73pyGLCq-zXb6PdaI55E`1O~f729SAHk ze&cn%zldUy7L^oB+VON@j1P>Si6HebrC0wm*V3DS3~RO`-qpXzVJPWu9Yu~)&4Y)3Mzc_6eH8i>;+(9= zJ7Kn~2jn$Mm2UF;s~e=z8XM|Av9*l<{^pL6fei@!A8E$_1zgMW|Hrle2CV-DT+8x* z91?2OI(!?`{?<-c`ON*yegD1)U3|0czItxo+_b#_ zuJ>=A&BW61s#Ust_uqegKm2(^;`3#G(Ca!?d)v;Ww`lpR6|0)U2Z?hTyWYN;|9)rk z9a{RiRPnYvpZXapmy7s0!}s~O`_%5ebotaj_kt8GhRp7TZX&&u|;#i!XDHfwOnCadhl{i4nH_2;~w;Fs*f_E`6p z-F0(if5~Wpq5>?*qrS8mau!$NIM8m6reqWPS0=7Oq>s!W7Lp zvXFn6sH@|uh0?8to zXZjmfOzlTzGnB32ft49W@7U9UalxPuZsV?7bd7`x7Y_Rr@W6ibTo3l^y0vXqhI%p^ zIo<2e<^0ReOnI+Fh!!W|n*nF))7hW~ITNI|O!~`xZrvkAeF&^DZQuUXGzKe7O22m> zEyk{_8t#6Z1kOY!&_<7%{s&V!9Xm*R4yOx^L+hIR^1`vuz5F{iuKTFSc2nf>U7e5* zwFpI)RrU-Js+H~MC-V(ywOFT>cy+BShbozwD?`Jpqdo~{-Ml+^+rw$F>#_;2p)T

    4^7l3{$(Tqx_%XzObwhpQek3u<7`glBeo6 z&nl z_ckkaUbBo51%wsa#0m>FkG<9Njpi$qf+<>(`w`CI)Q=>ATW+l~{Op26IK93pe$cl| zZ)(+V(HVa=>u(rqT|RGf=y1(Xf(lj0K2=#|Yhx#w6J(>>Zrw1Ix}e`%$#xy~5RL}e z89TQ=;Xx+Zdnonw*VEX&AHQ0XDv1)=Opj@f0n~UjUPEnU*f9_zxlH=QGcmxq=OPNj za_PTnT!uUryO$~0-$)-udOkx8bM$yojz~};wZG{s{ayWZ$#wq8U(!b>2XSNtZe#~e z4jV4RlMQVamD>)YG&MtbX*Q;f90xspb_9mFhA;sa$a0sWJW{sMUf$cC?u7;0*ewp! zgoG9QEgH%6wZZcQ0e9a!-`_Au&2v)NJBu)6>5<{DXH7%gm{K1lH^r3^B=Zdgc;>Vi zvy~jY4fF%8i%#&R1B}sIk9(Otbd14!`}Isi8G=cn;XwCrLJNe}3~_6aALHJlZ$~pY zoo67UD+Yx-)p^}n*Rex4HGsl^Qg-l|Hhu5cs)Xkqlm-|e%ZrQ~%`1F8dO&nt% zd?*QSTDWzsynHC#Ub|^pHra%Pfl?PyvGrWBHFqcH&Kl(I>iM_u{%DL~uoPyqXk|`> zt(-^Fgt|~+NBX>EoJ4i1(^#{`y$3D;q&IvrPNi#}figOAh(BPzY z-SpO@s_ooAn;KvDj{yfY1;ckWBT^b9RoJMOB3ZG>pi#U+a`pcTM^Fm|6O8a#J!A`( zrzU4u)R*@D^L@F9f@cY);hv&yQ{Ci}Hma#o&7^aig7Y(RJx4NGzmw<@4Cg**JX$jH zP2MrPH_zfAOET6J>k%u@HBB>ytHDw`cfjPmZ4(}NB1LohohSI&);HK}%2>IH50*r- zE-UFd<1lxwPaw;V#l1OiZ_pE;$`+7|Si91b z#y9H#J2*hJ$K=_Kv05@X%E9X3?Lq!HL-WU_vi-}g-{d*p@+hOY`r{aNC)DIaBH8-L z!+f=8-YlG#x8a{bjBw!gCNlTPeM>!vJz&Cha$~r_ zlQ2!JF)Pe8?c2`S;#avos&1Ue6?znCU50|a-}bzb-H|c})4V=~wYtnRUyl~b(yCJ2 zbqO5}XjKa^O=ze)k&?!8x!Y_}mwITU5mZ=s!Zvk8z#9X$7rosat15pPyuR-|P9k1n zs6H2vm7N0e=Qyo+a$L2G@+^$l&OSvfX*B~ACU){wJ|BHfNWtd5JNu0$&zgwuclO}T z$`|-5E^Ko+76tKvxqr0cT$J@I1?cv5_m}Kz^I#%CuLu&`gb@ldl=2!TSQR+%;{vq+ z@h-XmB^_BM9?6AdlZrz0&I*Hw!+V;q3^gSXCrYLCt89U7q6B3L!=8%!+y>;jLb;OT)ee>|9JJ;WI%5cTh}=`Wi%b&vnv|gROGYy_ z{*-WF?SY)$@b~zD*nJrV48p##>ow_^nl4#|h+=A7ig>JEZUG{G1**c2C~5`YFu9AV z*o*p{vAaualpHzga#2@=g}Q{y_u54NQd3lBs0%fVKb+5S2%4^AkwQ8Xv?>f_+hHlL zq8u`-=yNzA(J?qL41={zj7J+IZoJsBV0BMs83M;zZ#-0@0qNL)7@)#tvynV(Sg>D2 zE|d6dh0QpS?DjUth}Hvr%Quo(n}2Smu9;~ibf{pGkbrj_PkO=btzvV;6M(REwmLDK zsGK<<-UQWoq~OviqG>Upz7)r2iR~);R(Fr*(s0!!|L*CAy`~2kNSou(v>ZDK@li@7 zY+1+z3GqdwRHkPZ_i{!8r7)e+lPmju92W~&FhoJ{)>QLlriKrzoWUA9p{LmwP%vQN z6GRF2n}eL+t@%1!N5jS5u=~(mwsVWXH)C2J_w#qu! zH4(&)enTxmoXraPnEH1M^X3qFshuWpR=pKah@b3{|D}GTtY@T%>J>DmK=B{hb+jM& zvmH@0`*$_qUue#+Zg2Iv_KH*5&&h|OU6ze*W~Hyj@(oA)Kz%1E8tskcf>ECYEpcI) zpu8nb*-MGbqJ9ZID4GbT2F~>Uq|@mpx#0X0t|(CS;b?d<4kM- zKqk5Cb}RQ~oZ|x(CF!T`8OFA6_mA5O>uYO+xy>c2SZYi&^JOwCckH2U;gMJ~LNvIJ z)BBjl+6v=bsy&hW5_n7su#Yuoci&SgB*i2X0T;04hMRgb#uM`NDmAY;_H{L6yGb9F zm*R(=7UBWNQaN*YxNvY(Ve?sot8jrOaLBe|u`GJw87+1sK1wE;!dm0GKBPP4hWyz- zSf$~VR3tXcJA-sC$cq$E&0%Xm0Yl7Q0wa{kbr?l3WWorKG~u_vKXma2xvg5~6G1D* zO*5ihe8^4iko4+-H^o@CeOyH~S+)%{`UA zX&fCa96JYh6SJy)SOJ=ZaFRV@)DvzIy{M|n!=q78lHTAklm*B;{+oYKv!T8}MOKVF z3k?LLwqqhR3tYIW5RY+RHF-{1#$!x)pgA2RU$|mE!fYM@n-to*_m`>@UIe^$4|d2K zo5&;sU8Y^JvuPGu(tvB?)TD#l@vh$9xvo`2j zDd;27efpgf-QHc@xI?Fh+x&E`&QmytI`oZI-oLe}yhY+la&*55nH?HOQg@X~{o>P> z60~r9P~bpt^_~T0d)FL+fLusKoz~{2<)&oNEY$S?-GpXmSK{_a_pf~0uS#3XFKSgm z;XJLS_v>s*F(pRse!kniU}abgB=2N#M=DJAMgqTv%&#ki-~10@2=gzo2Y2oKlcq3f z{{!)p^yfDg`>}}+B&X1$K+Itc^u}~*uMeYx)vcEOm;@Tdu$Ke1qMP1zAXf9Vi6-({SRzN*V zgOxAM^R+sQ<88(`Pi&R)SbPFNVdd2R$HeZl7wnXtS7nT|Ob~pgWT*mk#(6Iq1kzw_ zZ;iG7xLS+%Eo1DLTc&Iby*Am-Ik4r6C<05dVw>_}K7IWpPz-tJipVA>!tzVcXx$Ni zT_zA@p>{^oA#`o(Yb)9|q!HGJ6O?|G#i~Td*(4OKKdul4(;&PMsY@5yaU+HP)_JFf zF|1mhha-LFJ0AS#%8RDUWHeh(i7DZQ|Jjams{EF6z#JMX5iNmUE zjyRktmfIpwla(`znO^#Xxu6AcE9UeEQ=OZgO zGwteZ+KLB;Z!1f2n7Fg5Z2i44X^?{A2Ij`#i`<*>`e(j}uQlrTm6+Nyr!2W{=C>tF z@0l4&&Lru2hkWCFRBcfEleYGE?dH2QXZP5dgL$WwXMbW5t2F0w?$r6m(RgxEU-iRm zKU>nv@;h(nK7M01!yW3l@DSn2PR>6m zqrVVQ*3q|1Boy4GYSgSH`X?G){IlCgUAZ2;8gZqscDxwm+oE-3YL~|1FL4GJ0mY)` z;@BH6R;kMULe_~M>QnZVTR(+!DulR3^yuY%K=$cL?kX2huRQLy_Y=9H%Pflfj{z+9 zz^Gw@e2^mK?CzNaJA}z*%)7{mPzY8Vd8jmz`aGJJp!!God7-vFmfC5@eX@@RYh|DH z803$d8+8@7Ts#~j!E}bX0ehBq92p@7!AdO|oD_vF9=&_KupXDfI(8~!S7!r3s8U?4 z#W>6z@nd3hO2kH2tQDYh>mHhqY)cXc`DaRMGGzX(Gl4aAu5fy&F!UY3^`NoWMjABw zGxMHvn5Z>vQ*%zkT;l<%f*)%cK5n~}ahFYT9^Tr2qoHjxJhErDR#!B+4)HmvKT2H2 zwicJ^!P_^M`Q69-GSUy0bW&jwiJ_0p)R4&uf3>A2gQiII>s?r!(7nhzyP+oo+Y4o6 z{yblRkdSB3m*`{ocy3x-W&Yli{B19^QVXvYUww}5lsvtus&Rc^-alrD?lTCIb=*m@ z{i?R$j4;kxYq?IaX%?}SZW_tNi5^juh*v2`GmbBY>ra7ZAmnJ=VvKQJ*?=?$Th>Hw zX!$N_(HDiS5}Bw&4N9|qB1`rZEwqA&-eK`lMI~LP+Ck@WS8V#AaC*o>ZgJkRSD+#f z?EOU$ck~3mZU`z8pGtaym~)t6AtZ$dC0SFB z`cq83Xk!FXC||ZnQWGu*bs3p04o8`EaveH{c8g9E9Xdwiy-!5qoNEkSk9$(6V8#*H zCNAOlNCv)f^xj@IH_3Rt>!xJrI|FrEa_cwH0J5Bj4iOnDcj!i*rGft^J%50;5HfE| zKQ;=4%GfE0QwOun0Jz$$%(Bvk1lNj0Ak^D2E*Mz0Xh9}L;T-jv-Yb)R_n_kcQ9FY^cNWdF-tnExl_ zy*;$6h<6=oE7AChh_w6t;sC?yKtqa(JTwpNf_!ufxIFH`GndIgow>8n=HX&j<1XJs z7At7=NLvNi%ARm-PI`a>!_=@ptrbxDc34UTswyJ3!;<9k&2$luR?}+2t-{T@4!_J2 zSdJytQD0H4g*`Lbt?ne2!>S{<*@FtQu%BG19}`FJt?8&{$?ZfR=s0nQwXBil?kSv_ zD71(oN~_+BWtd6VX{}+!TnFPqd*#+^gakagdr@{5^^Zewm{cVS>3;h7hkdBVff`bl z)7~$GTUzzbwU8fs2u<|Ta zU*x%ls9;ZWH>Y%TkhqGSrAuy(;meo>6kl|GlSHNbKVxwI{-U#h;wDl^Z9dX}`ghqZ zP)$nd0U!%y1MP*XKcTIX>8kSz=_xkRX8V&>h4P8+IY#Q{%h#4bsV60UoUibRf|`VQ*d!w-#f zyo?dL68=*2)x%94)KW>-6Hr!YwS{7z z1`Hj3psYcz+~XQhRRhA{>kb;m(}x@vTT0nK2BA7UH`Q6(~4#M?*|Y5CuEMOBtA zuUWBf(Uw73J|ckG)8^2|s4U-5QhXU;zXDidSsSVul7owp!U0qnl z?*=yJ$}oGN1D3~T;?HSuzw>q;aZ}8YgJQ0MgsctBG@cSHWB!s1F#t^uo6@SFM#Gv; zDFB_tCf}>)$z);7MVUUn>9>;o@|f2-4ocWxR~!S>RDS49N^NR_P9xxVP2Jea$ILg88B8q zexkSz<66iW?hLOM!E6{4rK~j4|2$be+&$2aVdjn)d6&gFUNkG%iY)#1+z`4;CImya zV3S{rcq}AjuuK*SE!rfR#*+Wa!IuqkB;5nHN1k_3)O9`+YW`w0IKR0h25nB~7y8$Fn_{Chsd;qg$1gNMld8%1XOywy=mEAh%&`nD|3*CGbO>L7tfDFfR8_u&gP8n_%2ppy{cELpH(hsd+zMQ6 z)yhN8@rMF5FE?=gPh2a+3M?F>Ao--c5*OEq2k(Z|K+xFBnnzIoA*-aNFiL^Yu$Dra9j4qTiY%KC#Y*-K7T9p9&<4Y7E#43xQ6#7vNom)G$ zWCuRqO0gc->9odz8Z1dFQuMHtZ-&O#;T09B1D$lX{6_2bJJOZ7?67gwElanLeA!0# zM1s9{pbyx;pC(@0E;FQhGqvPKv>S05&9yy@soUhhvkHkan=uA+n~s(1#CmIy0}sO*^fA9QQD>Ntm514LqX6 zkYGn;;?8;Oby+V>QRtii*JTsm7bOZVpI^rmEGGr;wb(9}i0`3JY!(ZWj3o80@~)q2L?Luy*uhFhkiV7Iy;ym}v zyLn>i*Gn$%wO7GinWQp~8l5+oMJ>v93+S%o9dlL4SLD z>3g|Y-AO7d5bPbhqHJXV9)68kw?+AEWlY4v|S3NXT|gLa;8g9qkAcV~-7ykNwKVWH)eUZM!9OOrDfxntZ2?W@C)$!GEz@mCfv$ znwSQv($KMF zgU|q?T2n@%O4CwPKRHGZq9(Lv=l_qVQ5#UF_u%su7PM z=($*|9RSCHB`au5M3df(Z?|u10!i*TgGEBIki|q;T4RhA&tzfD1eU^pn4jxlUX8y++Zt7vrf#kbcE4 z3D{fm?*dO-49}46GEm2MJ`F_oNC>EzujOAJ1PI_GB~>S9m=|6@)K+Yjk#$ubz$Bf< zEi`q$%UT(LN{~0_>1bRIeb~^oXV!6?ZDzS7QiPI^D?f%n@2~T9+bHuM-Fw;c)1FHQ zOljF4qhZrkksHr?NS;&|@{fGOVVP0vQ;h&vO)#dK)eJN)1;KjkZ_8@AY*LJi?9Ier^Xi5*+(8eRviMmTPRqS-K9PQV~_s(**2 zbs;8f3#{Xf5%Q-I@M1j>piE+3$;f##)iXkDk}o2uhf{eoeY`hO=K*p?PxVfV}EOcFwTnqSgXoF>7L?i7@qv6(R-E2?`b?^>(Fr?U0a2| zLGq${A?3a(8p?a#_=8w~a%z_={Se9|j>1i}ze@wI3ER}GKkk~(`Y^YCHTV9RRu!V| z{*7h_`;cDQ?LjV9=MUWdI#oz-pNn|LUwU<$;DwH)5`Xe89KRW$t~M!;#!`yJ!u=Tk zFwXIwv$I9UTjpKP=%a_Wm=I+x?aWmia($-V2#_>bcr&60QMZjmUc4P)Rdi#O$%uF zejk}mLn9BR6@hfE%GTAJ#Z*eyDiI|uY%$aPr+lLKY1_v3u!?2);_VW8)Q0b*kB}Y+ z*M!!_Q$InBDYmgX{qq9ZO^DnbKeGBENp!9=+ADr*bAtS<;%%eVide*j2eE@qCx{)w zC)grT#H@2nyXf+`%2QIdL%*L*O>)hB^uaZ%j;t@On&1ndqddBPfd*iWY%}bHy?@1d zK3DHv{Lzir(4t4%VTpA|S6#|%s@%nP=`DKZX8-w*XBn|%v@~!rmNXgO8i(;^oy|tW zK37{XYS}E8D1084$itl{?OVg+xVQ%gt(_+PTgf_X@NFNp(~M>SJS9hW70ote{vZ?7d$co=QWwg|@RnQlwNG5i zeZ7RiLTKL)2`EN1QI=CCK7Cb3M<%iM)7u|=E=hqz%dM1xnKT(<@AoLd(v&YcCqh`x zTc(hM$@xUG$rngFG})EM7qItnX+jed)R5;G09W9iDIv=Ap%GW5X(qFzX8v;qn=i-8 zc?*i+AC_VBy7`=$&Iuh9?2P2I%~Ks$Yl9t->Q}<4oQYFr2bjy~y2gziDs(Pp$w%mc z$$qFJ6|?ilOuZNA3M}3uVIKYT|ZmO#!OAdT6|taO8SK5 zotIZ}qCa7%5@dcXvd9?(KH)@({3KZ2G@MoCOc%awW_+}}iS4=8Rqb6JHfr-hj=9O& zlX4DbF))-PA;H9UlOdsebMG^MpQ>b)MS3{dA-{(TbQic!7P2s?L3HZ+)EDCl-x#!UCJe!_6`Y~?+~ePrkG-~#(jBQ0xxE>CnoR31=yHEJ zKD7fU?gi%I!8YjYklX=6h~$F?aE+PG6&A?H|76O?^&oFpl3TlxUaJMt>!%zRauk|o zu96JIOsyal2sPGm@~r+T<(d-UduT2=?3uTha_QI*tck3gMi4p5j-HIoD%QaB z<)23FpjJCR)}_<8d&AY%QRqvZS-m5miq0EoiiH()Nx!xwIW2+N>oh3iGmO@+;~Wz? zXs0mlL#Psmg(0DaaI`&=J*F#~r0g0!H)XjU(htoXe>ON1BcxwTEKYO=TD@nQ%6AI= zV;qe*ehUc~^c@5U$*tIRJaIyp354wSzM!(rgehk_yK~LZR)(7EzuT3J#bw^%xFqH^ zYWH?|Qj>w1?=LkqRZ5y_0@?0>R9=D97Y`(*<#f3V)jqwFe87+{TYcO#L9!^ z#7Xl0Ag!l#17&*%DM-WGistDXwEKKwrpcuvlUE!3P{5n@94fMKpatjUJCHQo+i__;;l?O8&i{x0$?Q(2{yM^?r46P?bJ(`2xS&j9BX)h942fS@&X0|!ld3+!W&&d z<=#?2@ozyI+|)$HUnrRbv(%(u)mEc#q5Q~T{B&6|Ty)b~hL4bnB}$(Loc#_E;X%7(c)FeAN$kX#)kt*$Z5Grh$~YBNHca~&Ac z)`mtFpx%z~j2G2;N%%x1z42l5yQMix4<-Bt(x$0W57IPVxN5-ioMjh~6w0J$yF%>i zRvNV{kJ*5rQpE+D)wf1t87JX&c!u6?i_thm|ta2JP zmHzo`s;A_?3UvUOe2MDxV%{%=e*Z=H|DR|6Ut57085vkO{@-WT{{zp=@&ED6Z2xV~ z{9jLN|KIY=|2xF|U!3#*?m{^9f6p*8{nwqx|I08lG5&WA^JN3>sLg2ata25#{>;Dd z%5MFKm6gxJ@79d!*0A>jhE19_I`qo**IBdPtnO@|x5d@T z^~Kf3kl)u2%4_t;Wiivw`r`SYwwzn|!9|S5IQ-cb;F!%rj79_ke!ZF0#!#O_4b+gOuVOdP|fw$epthirqZtfY|o{pSqGxm?~ zdun=~?wsndEb&(V9iGG2tCP>obz9d*VGv7(chn1krwywfC(LF~C+H z6gRI?8KJ{N?OQV8P6qynrwDh^UGYmJqc9%TU1m28+8=hyS1|nMBTkLmGpn1!3lfmi zZAn-bq2p#jN`>l5vd)fvNBW90gei|v=DYkpFWXtI^0~7;zm2Tga}!Uq%Wb29n0#MP z!;UZa)a9xK;CMdP^IeZVTdY7WQQzJ$-4W+gG?;WVzZKGv z{EczzY*z_ahRk05GMf)1k+aec%)3*$R(iJ2pO@=-EQaRhWOat?{oLVdkB2wn>BCv1 zD}S0BHN8t%CD5%q@?C&P11!2- z9Y$q?dV6L-YhE8y9PrZ9o1?aO%&tM@%&rH;G3m*!ikQ6W1vH2&e!RKuhmGFtIxFzG z!}?LZH=#ShrlL02LDrR_frsa+Ljej_X6$y`Bnl`a*U^j``1RtOnoQ(LESOG}+jvvk zQ)VcYBbN0U1R1Om?MR!d>4HDM-?y%9O`x`}pYIRh339d-=X%x%r$;PxEulsQpuGmc z4BMC&lf?Dwx2Iuv6D$`+%C&Xs>g6=d$(&8RvGeP5T;sxF?klq)XqDrlhPd#Lhla`_ z_r6Y6PC7H{Q9cEadXW$N!Qi%2uj@4x0ytBr5YxDYsMoGen!wu5UQyBvr5;j+a0M+* zRWCOtS811=(o+|8dGu_JXqDh2mYQnwooXCTvT9Yy)J{|ta&#DFJDRneXGe}ek_fIW zz3+!8GB7uwCt;Pozdx>0nyb{{)97L@+fpxy#LDJ_TiklaJri-GViQ*<M!soV2SOn5c4Es=c|Tt#?XFusXBOlX;fdTuu7 z0OCn7@wmlv`}Beb=YVqa?Zqn0tpUJRS!sMUGa{=dCBkuJcle( zI}lAyDcacF&SbI4Zb=B%SG2)mW8_+AEc%*R3IAb_R$_MtLu(8ZBn?$LU`)4=*&)1K zj=x|52P=@zj(z%YpS6rM?yWLDu*?apy%7iRF}i81(x`E?dlhBr;urjMgj@)3KI?3> z2%Ybiy+lNoas90OS89Z*$+ORuH;%0OwzPCkR5w;Rj8-JH3|>sp8m2@3A!Z3} zQ=FVZ@B3|}Q1><2(xfqucWgJaZtgg@L#!1*aR*w+0!Vw^B-U@!R8d@j?uF;c%>cE) zAzOY8y47Sb@@TC?t>|(B4ULKb6W;ySjb3M+3wevY$op4zKHOhPjHbxr$9W7igRNtO zDAYlUr7~S;K5jN8maz)OO_KSO(DZ^{D75%Dx3D5otcj_vkyS4c&qv_{a7s03yOX7$ zjXLnbL|ls3G2j!~-63z0M;95Hl@sEdvETycC*GYLRd{wB-bwWE@$5E%O->WX{w;Nu zt+-_ddp}b7id#zF!7hl0+}JD5OeXxv{*h9oa8KW)cs$h;vIBMS{y-LX#?Wh_kN6Y^ zarahRp7!DUrKHQQe?WE@+LsU~1&MMo`J`s2Be-&w)B8sw*@>|rM$rnUKV+?dZ|qTN zI6qn512)z@MlH++dW}LK1oMhNpiU#U^3#&^)uNg_kt+n17)ka4Q3L5AeWd8XBgnV_ zMa1>_jRq|RFb_X8%^U?TcqC!?#S9S%j;+q^P}2g<*BO~w+jJV{EV^rco&3^&cQ#BW zI= TYLqHap#`#@&7GY?=M6=j%gtBt}M!nrFfZBTEmjt$zx{d%=wxS)lVaiZCSx zDsY_9v+!bG<-DLMp*)`_?Yu~82(iJG_z*S0XGRI`cWLeBKBRt2-9fDILdY$4k4+2K zp)(iqh|e-M9*5l5?vo2lY_Q#tq5*Vl{ck0J&;j)gT>SpEyC&AkAD}Z$Ix%OUAV_>s zAE;_F7~E99d5x}HtUl3PP3#rcB4oE6x-nM^1_!MoB`)bRS8%VcLY2Y7g$gT9L(B)w zXWVN+8>?=ulCUo|MN*l1&QxhLFRd&J%SK2r zmy%JF3I-Q?!NYU)XjV4*<8?SBTl;@1Ukq z>m)*heZA`eMqPLR#gLs~z32FBvFNAvUEq+zo`sQT`NS_+M5h(pe64CCsO+S&*qN;|bWrZA|q{*KOV-sG{hp?wn!FKYW8uM`m)Yt?ZUz z3v8gIesSesg5Z2b476uBJhp#Q+Q;rfb2Ia(y5^(aO$0DW1N*f)errD|?l5;6Xh13QGl>MBjtE1|O^3gjC0cQ+{dPpya}xht@UrS@^! zr#*#!#qf26r>#(WSugi&VE>_-{JBUi$m}bsg_I?lfKs`ShR4>?S1=&*y&(B=ltQc= zOpRIoc5QL85GiLetsz(neqGb4l_0Z5h|-OlGFv@~y<0lS<B(Ad9M-vAk|8w% zi@3p0YG4idmCt?cjhN3NrbYL)b5?cx>!B!5X0GL6Eb3au7VjQyf^qoFbG)A%KH7OK zdcq3*NuB{}%}aOQ#dovq5HsDBdJ?HIEM=Ak%t_uLnpe5Nu8<2gzv`0$T4HAlz9AdT za5q*3N`9kR0WXqf3Qt~9peB`s@n9*b&M8NsV%WjfJdY%2glhfdlA!=~D!UiUwN4$eq+K13G_e*8qBE!lZhj)* z&Ru4uU3Um2>-%Ckt^Sjp6BsA)fa0^o^#Om;p>bbgB{nCizJ)&4cfi3dS^6b_f~i;`P;p@~-imlBW@2&Kt!=%iM?5G#h)z|f;eHjTjd ze$j0*oi{0RA^)~>iucr4WU-PN96KW~C0hUVDm@rQi0wP1|H7Z&30T+UuszPqFkCH~ zw(!Kz7)(?j@}rK(ICA=4p$gZ;KBWv`vptnrW{-8C)!Z#KPPm}K=du$#!uc{Q?ZOW}Z z9E;LLn@vB@ypS)oI307ViMs zQiqoeiU=r5Ks#GE%_yrjaTb_3{5r7*Kfhm0o;(wlu@ZwOsJj_bjWWB615q3P$DYVB=(<>th>9 z+!k40>}6-8yriy7mg5`_5zTC%5g6Ll1z{9o;8_%n$ZakJ(R5erphxC7KkN_oWCom^ zYb@h5b#{1a+H2i2PHb$N^%M)f&eCJ;V7fIs?!~^^N;G$o^d?rE_suS^voIZ~{REAX zbVkrv47TobG9@XD9B(19E^*Yg?DS3h z{8$RXP0OQ|E4;MJI3sQ#h9>KWq*E5o)RvFbExVL#1K7F2yR@tX0k7tT`z3U26#)=Z z0?hlzbi$lEeXp5IdUkHT4$HAiGHdzdb4e}_Up3uRC1JkfEuBb!bB%r5o6tcdy02{w z@z8@Lq9DCgFk6V?y606*J_176yOZA{P0eW*cCd~*?`zLcbiWVM{8_9E| z@++2DXhcOs@%R*nv48^Xg{cY4I+?gvx7PG(7GCYqJ3xM_0`(fubn9Yd6ts2sIw|Lp zJZaXPasW?2u)qK8=;c%DxX$>peE}XuE{ua)a>Ze^+P-Ikz&b0ej=KR>!(qv3|HR<~ zq2V=)CQcFLPEC$4)mtB>GZ9;4qdY5&!DR%|+7$79tz`QWR3vK)g#ZV?i$-TN!T~3q z?GBmF09xD}Al*GkR;miW9_`(*Sf^6gP zv{k|)6f{@9_CV)6A(|Xe-t+6xE#Rl^uF`{KvQ?udb zdwgl}0k3?L)k?i;;%A0)`>PYZ6DFND)e3rNoPL{%7=ju1JbsZnsgDjjhy~SfRDT)B2{13{N5t)ATvF@RQ&UMEg6O_BX`Ok>na}bUPqt zxNze2d5JFPh5LIxX;J^MhVZnNoulxk*`uyu6A%&1&(yrQ?uv} zDV!qSbF~Hzu5;XswI3aTPmrGB7iBE-?M2HKT0bu?q~ zX{VrM(NBPr_n#+ z(34qT#a!}aTfjErao~46bwH2)zQJ`fD#VHWkav7L5-YU0&;tyeeI zp)#1FxLWKVm{3EyG)N5?&p~3XQwo~}4JR=&;an~J4aaP?hwSL};^4sF?k3>e2Tj|* zdlkXQO?OU}5FY=Fb8jTWmRl|?cE2Ew@8|wmGCrXFC3D2T2>OwY4D9zTULXMd*VC-1 zzbZ=iwD!}+`~W^H#PWAa1(-`^LcJObPCzPc_ujGP8tos#i*9Yg)W=$x(=1*dM?E9| z8epLr(x1Y;(U3-!O|QgXF9isDr2Vg#pU-TWpBWyZE?s#Z`A98!s=LP|#xfLnqgeQP zG(eJWMxtu&Tu_OmIcEma*Dl!x==Lk+!UR0@K+rP@yQ3A8>$MnanHriicwOx72ANaU zF#;Oa7TF|vE2Z?x1{))S9$$1K-wGtw{tpaZGYu{p-#O+7+X-?zyY5zNDGe@h_DGb$ z!f~ao>cV`RYOHaza?wGp51`n7>yp9)1Kwk~e3H>N(!P0;NdfKUpbB zfm|`oQ=+mdLXqm2DrTu&4!gg*eM{H^Wr4zUaGomz2RTY6Ch9iX%}yo8yo58uid%Zo z_DQBoSq~ZF)txijW@#cj65`}p;Uit)WwIZVbE@5dyb!5Q=as&5c5$f1F1!CNL$j z1&JvJ5to!~!0j`OxMFtOpNq3s+wGuYZPr=aBszXi1|Pa{4SCmKe3D^a&QDg!z%ccee%|R0BGB!Ts|3Te7#0mp+Z-T$J?|rXr+qP}nwr$(CZQHhO+njG^(%t{e z^rCy&yUN*ArBXSm#V^mZKj~`hZG*QzPo5z@cbu`*(e?vrvD(1Jf@ z1B_Z}yx6iS4;!JqRxTNiUTZ!kjEpLVI)s|CafnE7zK7Pip)43>cnp;FEVVYjbB_N^ z8UCJco{wn7Fiw(_=7DZ%`2*)w{Pb@VFF09VEqbq|x zz~~w()$vgLJ-^C;oIDbNM9CG-M2_n#KfM+*L5HWl6xiH`eiQJ)7~uzT0$A#!#$>kbZk8PPDJo^*i~ z%oil1Yy@8IsIWQz?Nl${b!^bzy_=QC$JiQA-NzA)HBcb*shg@;-&W==AMPi7Dw8UA zo%>MdYEZrVC8Si&AHGTH=&8WD!ob`3UaN{pq4B?->yMfb%X7yuF=IazL?pSoby*Xk z+aDK`ww5@|&)>MdVE36TA9zI6!%?p!@eiFN0^L)BoZAlV-D5kg!ZBpZk*@x!8H2c^d6{cKF2E@|4al`}3`^U9!lf>g8)QV-q-T9sb4V0{Pq zo0fb?OxLRq-wml~4ZmB2sR+DW@LvqP&jyB?JJ|H2m@1ou;J`-vvYEb)gt5JupEHa~?11jp?)2XKAd(r;z202s zhnp*!Dje6c5}!++_6ica5sl}U$TtG0Mz3rL4h>c5d~13!_m^7ckM?_9m)jly zsk0xW4`Vp*fZzr~2y_cVCE_Sme8=QKD;{VcSq#?i3;!Wpfo7h(tcecoq7$XEOEsx4 zXkf)^C-c#;62~VYJ$M~ljtXP}q%nPt!wkRmgIYPou4h#0C>h72ZGs92V62OYMk&uv z991Q;E0a_Or_wZEU{8-+x)0;81Sh9pN6~2xiQ(^C5Y4~&5RZ>_N{K+@`X3CyU(HDk z19#f@=`>{;7eL(swp+N);bh`hv=S=QW>#X?hFx1A@ZBl0&>WFYDqG|e?>mkAR)FX zVb(~NDI#O>mNUZ@4R?~H){sxqT|YgGg>3_nO%hhu?5Cbh5$jKN)sK#O-ty} z)R<^}ht?sGQ?aOm^c~CeFt1}Vw@2{nW?dVtw7R#!eDXtOVm8>N@e%geYcIcKXDfff z(DbgMnXm>tMP)yTepzOZ11=(f5vI$CP(jePc~XwY4;Rl)8d;lR_2g$odm-#zEUw{n z%qakoaLXisHWJh2p*tMn6f;Dk2*{th1aqXOQQh4py;PdLr0$FWJ%$WePfwnRM?+yF z@9CslmeXMmIlZ}HQ>3hZ842(J_oAd#SLsl@vBZ<=+3|^?0Y;Ualb;+y0`U@^;svER z6vRr#Y}2GJ@ILU!7Y|q+8o7baWS~5z-yiq7-2ASq2v?E%2bHXV?~TN4#ocV+ZE>%= zHtBD+wyK>s5Vy*N{zKhQH<@%a62vYw>~7xmVpHSNxOl|5kHZXXqn3eqixp!uc4g6G zC))~Jx*WE?eq4RlZmi%i&%F?rzgP1;*`77~7ca-2xw3P!vXRWXa>+IwatKl14(!_< zye^JVKu%+6*)PuCFKRh^JUFk?f7fC~>mU82aR@4aO$}YukYT39SIHWj3wyL=*JJ!5yVz#G6 zv7oR3s~{VGwQwT>j&+6uaUmy-588&@61s0Fu2uu%hK>BCTN!3_4e=uUBO9(5G2J&8 zMQOSASkRV+QdQSS-pibd)uq?c6kr1W)p6rzjDM+pyH2x{Up;$@=hsE_?hqkACZCgU zN(t-;>x_FbfY4@6>(88e9SiLg+D8w|$CNN3P2RT5JYDP;G;GA$SJZx_V+yte%>_$w z3PwK~aJGF5rsHHISs?rZrJ3t2eH^u?*M<2YHDQ$E%YmMy2x=~ym9d+YK{VnzCF-7* zxb~e}g#j1fJcFyN=-!?8G**FWnUP38wp*2@A>aLdIZ(5ZEv5hy5sxnjTfpS5XWOhQ ze0>g+vT!1qY1_C=BC?L+Hd>N;VuoO>d3r%203fBQ2+*iukB}BLDrk7pjCBMRwIAX$8Pu&v+zY;T(rPMzj!h>-wxjD-!e37}3# zSaBmVk|j_R1$w$Cer?I%=vZF3k{Fxloe>e_GDb!0{lHaJt$t)tzrJ9k_23}D0y}5R zBkuter+}D(I7(?&{Cps>6lQ)P|JYkvib_yCfnLPXAtXI;i_ZlBi2SGUxTd(F2?W0e zCr<7=HBcFJ=+1#>olDf9^A_YP5pdPanc^Ujt|60vXc^FdjqAzCAv&vH#oNDcH9=C_ zMc6El?1y4bRNuLJ*s3IA!X#Sf+xS&&%Th1FS6(p9zFDm~;sfiY?M6(jZdsnj{tD?6 z<0W~Ph&{d@rDBM`AEtkev#|uI@_WQdbs4XJw^z2>=7L3Pf(Jyi-3Xe)I7+!ixAl0h z|0KVBc=xD7aAqjKEcNM$Ttdhzh4rP0q=W_($SF(j8B45W^Q}MH55t!q!dv{JF=w^R zJ`8#Dy+EmmI7SFb5~t>g2|0jhqD^KXggZWpR1vok`7QctK)f_+$+^kmMdFSKqvDy3 zr*nmkIkut|pu!Hl?To}c0ZrYi6A@1$h3++6v30Pb$UM}n%gIqD%%ZLdreX!~LlPip zgAxc{_fj{AksvjkVRVqA#CW{v3gs8H)1C+`)wiCd|d-jgOdp zS4!mz#ovo3?Td9GOV3qU6LkNL^_it6V?#-h>ZN}RRmMkn^H4rQsB%&xL&*9I`@}vpIPPGw2XB#-)(6VG`Se+!-R2~Z} z?ICH$4@p}(h{)Jv{G?#outC#0Lraq<=k$_)S9pUt4dqQ(2nQG#nz|BK6h7;1E@Ph6 z+JO_w75_it!r29Aw29s?HFx_Vxd53ST8hA5mk?llEoXyE5GdRqq+en z)9Wu>j@hOh2`L1c=yvkomwy1fC8AUR6Y9qJ-!eKmSXdbThdkr>-kRq-gQeSl4IusR(v9VRRl02@Vz(vm?_E(@8tHiwGS}2<>8;8okKa4eC^efN z@5H1G2_y+69Ijx-@(%Xxga0Jzee-!e0-?<7gw!Umrb4N($nz5>jAJ2bu=v&d$^W(3 zvfg;Et#;kG_S{_AuGg`Bb?({kSZ{ugWqtBpy}g|2?Xtc+ZFv^`?eLcEneM!*rsBco zxP}?@?5NG{t>|g51+lzry>xv(U0s#hUS6fWRQ8tF`IY18T)iXPzeX-Rx&5=}FTM!< z{Pfs?=gi)NF|FPxx5T4t-|tMtHPtZwCVYz zu%NUVRH_G_uUYk8W?j8n66s0$j7(+im#S&lvuplg>IqE+TFS*Fb@lO6_^assg+JAU z{CWCl>oVZ6e%0xL7Dg~cEwvr4CXLvzd##48YTvT4)IudNTS6PxXyA{3B0GiY$ycts z0`1YP(V)7){IOx_V$X|sxehbffz1+?x1VL_!Z?B{kbzekR2$8_Kfdkn8_!nJpDknK z{z=Iwt%LK-vm)5qXBvS zD?x(|W-YvY5gGXxQ_^>0`Et&IQraTtRnTVsbX(ZV>?1jlS$MuV$ra7=aw)3<#8SIW znk?YNj|c0Lo?THaNxEh`CvB^;23oaX`}qP`0U3|nND~Ni|99tywvr8b-PYye#4i!H z5nbuUbX|6?Y@n6XpdVPLPN2*d>FG=IxntY2Hz+M;WPE+{X$d$*STH_s&kjZ=RYk6b zvCo+ng384x75(Guv;IcJ;G1Lp5@xz%>xww%#V~mW3U@v7hOwED4|#kcf*eL3?|Obl zLEpaxOgq3ZOA?8SpdwZiQm&;oQ>_5JYlc(Jces@gC4Ibr;|`*5T=CZyWtqE^>D#t@ zuoUbt_r=__Sn$rK^}sPRoa;h1&8CRlb+KB%_?q7qnz+9GQpp}dMPr&<;mHM+hT52m%l8ux6XfNY$PLhz0?|e3}WrVVCWslA| zCxJ+{%bc?dmGEtg-`K1t8l_eR*a8_x-kGk-S!>NY^92qMb#?tvGc#OWqMHgaeaE!R z)S%?trsuoTlVkNK@wdIq0HRavZeM=e&)aF_^hP}z!uUPBE$syX;LBxAl?Z?$mMOeu z2nHpvtpTHXYe+o4O@-PM9!o#CoV{45-ym!P<7}VgLXV+jo^=HO!hea&`D$pL4;2`Q zgByd7wE+XB5g1x3at=EZ4!>2FzMhjTE8pG@g2S%6YOwPYU)8xGIvZtbL(&pWLvlrR z)JL#G+Dqhg+`xD_r9|EZfn$AA<@%@!aSDS4Cr%tDFEXtL-kpPo2|eQGqOB)H$~Z}- zjmFi1%fhpgW2wn57;kjvyZZ)?mS6zB8ma-BiSyMfVAevuZ>D!lIGDkNimk*c5YMUD z$vCFfy3b`&YlLgIT@ytW(?*J4KsyX0jpR*Dp_kW2sh9lFr-$%8u#!ZQ*-l-Hwf6jV zwoFI9#c3&Y#?#Q8)vke)9f$P+y^$SF*4)iY8P6d}{EPnKpdZyKs898uYT(3Qt~qk- zsNVDBF(j=xy`=3rZpQ!|vp-^}rxajou&&+Z2f6)2g(kokb46d5%;X!*AF zz=EN`tBZrOEC5$?u%SI!!!Q3SzMpRB8x) z)r!f06@eq$^LoY&hWaS4Nw+<73@noR;I9wYNy8b|KwY1S#N|rMCzjge`|DT0uWz9o z-sMY!Cz0yY7GKj#UH2B-C;N@QfA#5fFm$Cpr-?ffwYHNlf9>mznDm7#N3@&3*ZKI@YbUMBD?SyyU_68L$x9``=X zZD&zM&~0hn&REQOZ>mffCGdR@O7{(z$FH)5x+kIIk|;0n_o&5yxi1t-r0hMDaaO?f zr2UifC1#)lRzgmZ18Z1q=0;(xQkMxFLw$&9NAQ;d%Q;a76BMWpnTuaX`SEKOAt`pS zHJ7Uz1)&mVL6ZgT5-ob*hmO@zJnBU%VKE8&e>z@#@Bvw@rtI`(TRFh^n|R$`KF#`U zK79En>QA7-hnv^)uw*HEZ!&77in;zA9@Nx^#5l;*3kdXU7)><-;`Df4Q46I-q-}gg zfeWetEX-(Rt`+K;$Tu6;1tgBdSfZ?#t1~J!T`=?2LO|IFsfOgs$wK#%T zYx<>&RA%_184i)6QG833peCh$(HI7JYRhP+|96qOiIQG@`O(AG`q-yW3GwmVa2sJi zUh)jl_k-jW2{w?cOI7i+5Ja|md`Da^7XzqXe$CKwG}g z58N`a^w~|8T5o64){3Go0Q$zGbt&TpB8@U_unQPV`L0@w*SNhqSXRqR9*KHD${B!_ z+%b$QyPDa)G!7WSTX;NM0(_sCzN3L=b`F09YsqL5MG*@7Oyl6U-w-eqL%V>D#a-SM z`{dTSq4opdRK93JMYm)`L>}x=G71an_J|!WI@apfBcb9Ter!uqPLe(4Va0qJ3!;u>Oh4mV{V!s}edO8{?nY|)tVB*U6l;_U=N zshJ%>r2W`;I9f|AY46XTwQ?y#%goRPP%#+-G)d250FuSWBwaF>9xX=8O`6`er(>+l zE}3!(QEdZ(7u_fJ)>{mppiUX8@l09g}%JETXa z?Mz*te~bo9bsl9Wpx-8_mNGcvMXYIm)pO6#y-3U*E?ebz9fvC6xxAIXEn$y?B6C;Z6Xfp5b7Ddg zalPlA2b45Q-{AR)p=6KGlt3Nwn?{<5JI>atu&)oU7LCPkwVVwO-39@Ec?-Blv+i$o z&!m7|d=dUq?19=mn*KsCJ{+4l(JNe$8cbDPi)91}bH+agh5Jr>8dq2u2{C&O*{6+! zT%dkkGf7RNP$jKBHGFDs@2i(V%^L6TwaAp>Q=Tbud?Y^JUG-prI_~4teTnO z{=lD9F716?vMeJQ)H6DJJHAqv)29oKEDzX~PF6O6=Hz(1vasYp9fq|xvC*#Ov!&~)#EhhlA-QWbSfNDXndRavriy4VJ12`aZ*9gy<&(eaXOjdN(W>uF(pIN zLmC^n-Dm6y;Z$otTC5ugXL}Dlz2PI1`7ZjRWDh*4EIo%U2GOn(bTrrz}9pi*F0fxAJBS`Yu*kx4EhGFGVsKXvPci_ZxB+` zC%2iH5s%@R6r{2MNx#>A%DzU@`mUDh#ME5@Z@5nnNXuC(y^T?}!iMB*X!e%=7alQ~ zn}R;@`a!`e+7vcL#_7@t4A=97n;;{aOgzU(hkeq@Y^>VAb7()+uvSC3(bjZ;QG6(ZdLg=St+{^%GZQah9ccP>1Y#K!da?&-kJ83ONXK^;TjTZ(b zc4CpOsOU_szLVuc8ybu8gM!mUN!I4>8XSI&SEdCoE4_L?oFV<9^`Y|pbABQT#~ z?Lhg@%NXZz{)zQmZn}Cg(uCC3`dl^arBfq~2e@bgADTbT>MCj(>#Hg3sZBTH0>mt0 zQ%ViSC=T03!F1*B0L#+Gpm|0l#gn+M8ds9Uc$PIdmSLvE`oOZKA4YOHqu4> z^$&9h$Vc)-b2bGsTOJp>pjNglt5pmdraB36!V!hj7Hbj1fLYn)>iB-uX$pOeCrSSk zkD~*VYEb2I7tGRIwbQA;MGh>dk76F3-`u8Fwr1anY`pc&#v=V34K3B()ji8-I^(54 zokl_Xp5q*z)VoHrjuUCHyC_)b6bibMT}|uj{dL<#&Dxbij{w9}117i% z4H;*Sn{-Bp>)&U$Tw=$UI!+`!*LP7ppj0h<1rDt8u@VsRO~D_0HuuyTO&%IyA+7eH3>3M&z# zrl(H#sGX6Yy%CTo!XCMZi(4^9e$5Nq==Ot%D(cvH%7PHFEyGTP8F6LAg5l#_>OCs6 zb{M>Ht3@yXd~&Ya6UmQJhYxCUItT=6D0=2mDujj8|BB1QytQroz)Rj?x#(f<4=ug; ztt=t~NYcmJjP!bt+uqO*B77Dii0;CeHzW|dp;6uHZuv1jfGBG5cDHbj)ua0yMu`OB z4G9DEB}!Q8EA#Xk6uAX)ah@u+nPo4-QtN8aFGI>DARy_7U*JtbLWdZF0iv%D$rgjM zp^p8}ZQm!*{uI~Y@xm2c8)YN`&AKA_mHGOVvCI0RmK}MgJ$R6110Yk8Z)YM5{&1vW zs`%H>kJs%)gTGC?r?D}D8c?W-%N!bgH`(e7`RjF8N7Ly|G=os9i=(M-Bv2J~Y^N;{ za7RgUC;sl*ynBz_N4rlPdEehR-+byYgjlx=q0*s0)Eim44@bF$SMse4#1&o|ZHgzX z?26#8R`{aW9jWK;LlGIK_#v-o6p-C=1-*$rQ!OS1?oU$XLh=EFyS^JJ!2J})Q2-zq zT-FdAb**=FcQmxDo(JPXAnP}cR#;z`P-d9k;n>;k^s@Z}%R>72(l;Lmro?VezYru+ zf3yz2&fPSi8e`mklE#K$9SFdKh~R7sgI`ea?sN23;8c1H()!oBv;4;dNd222y9RIB~Xh?oWOwv`kUXxFJ0U zk+@=Oo>(%DsfSdOhp-`ur>vyd3BXICz2TA4u{WqC9*hrzSM}9S2kelSvNbK@vXRJ{ zKm8qx`CX<{1RNedpMQ`QbLQJ-o$?{@JWGrY%PaHR!#<9316aV=x*jD^HGbHPsC2w6 zcxz3pf4~mq>EXn(q62-X(1(K`U~n4PU=H@L6|jwO@1=z%SvM8p?o=)Ha4MThWkxs4 zgvplU%TT}z;W3G$B5U@6J9hXRd?H@hI_*t_ox5}h2wB8I)RsZi%;!{0H}r{Z^a9uo zaw<%<2L2f%11LWA!vp{sEhae0k`hehchw4TTr!LPaGO-fW*4im-38#T(A)Y~$Es9( z0Gdp*M0()@e{3K4A3DH@#_2-^?f;16I5`;=`P{3$Wy``?TBvI1D%YEm`iXSH@Kls@ z%~nLy5~-TOw)eual<5G?-CK&`Ar%eNsAsw(Ac5$kE>!piSs;*@jx=Ya7$ZU8yi*GG z5ONMQ$;=a|LduQ6(Z~6FqFoY)9iWH%AObcNrM110>P8MVJQc?b5MKBHr{iGtw<(Jb zm)y?+jFGfpdzNfYjtZrXpP?X_9f@BU)VSx;?ZB-u%yt!5`Sp%g&(O5?ImHLiXq9Nl2iV>7E?SQyE+N9F?zMMjE8lmBrjVS6 z_(;=ui7CPY{!6DPt z>Cb~i^?4=dZ3`HZA&myNIetFLp_duk!6CB{tA)!swcxrZJu6M36A;}tZ65A$4h(qv z+lrMFh>jm_mrk!ne)Wbgr62yfi?T*|Pnt`2Ag!RL+#}4vJQ!Bw3-T2&e$aE57*fBx z4WZ`Y1t?a0Wj2=Gttj!#joyh}OW@Qn9J%F1^_sbNlGJV!<^n<;(=RI&Crj!z1djSA zNF9+wuknsjTMBjuVglNP&BG$tzcOxP4WRIDg997x0@HV*4%#{TiWu%9>}(G3p`m{T zL@)sU%F=P*hAzvGVb7kvw~FNd6zo=N{&8*Y+1kKw<@2f0tl0CIH9RguQBc6IgYr(6 zA=SmFj<3VMjOo$Rnk80q6eQM#!!-obak!g)G0O-P#%AM$&ZsVx@fVx|>!;CxkDBP= zK#fY$_(l@}$kn@_HBBR@H4~y;xa;I}v?SHd-N{8A3i|m}zYqMZ0cIt-af;qZ2c@a} z8visU8J)C-zHvdSq{hRH=Zo8>yQf_d=^>A;FBhv8^i>V~-5IVR$L!F@$KDvBsfnUE z0i@5N5WAz!OSI_Ry_JC=61@$?qf&z#(FX#2s6Ta6DUS1IwdBAUlu}pu?&Z{tqzqok zHItIlNX8+rK4KKN=SL4H=qS_U@X}tP!oaPBYyBam0K-EJ^wKHU5lsQiqc`7 zYyNfIlkc4SCS(6djNH5Dkyu9fojs{E;AhMKgSSmiP8G+9j zZUiJP?hMKCpB?`3N}L140%8UeD}e!|{zJx(HUT8)VE9cC3M)rwq-97m1wmZ207BjD zog_~v+aA927e&vtMgAIojZNK0++ye8p&|=7h~S77v*w!(p>r#(Vy>-VYamJ8hSgn( zrjTf$R%ZvPiqb~R0)a@~FAi$478l&iQgh$cGN%?X$BSh0899^ zW;=^Yi1J=F%8Z@m40LRcj(WbUARe+>)M4yS1AT+QpWae>9NisNFuId(-GwZV{zKX6 z_apM-sLK{qQuF}QMkk1e&rP9ArQ`^?5z=6Qh#~qtsCaXojU*a%9H&*9FL0X;W5}X@ z?0kAaY^F>_-hJzYAZm@EH=aktIqITR75-LHOnu?qfSlsZvda_yEVv1dW4Rk-Ye#|G zgIQ=R{Gm4r5ILq=KD9NXxQ}fhC~n`c0j1O0Hg>92D&uu&yK%b~#}1}tuhTXvA&t9u zP1{uBZ^(&}^v*POmC5lCQXXwuk0i9@{X={W4Ym=j7QjBVGKF}yoB7qV!o6Q<@sO0O zUi1kXvy|w$ZCjn$RjohWQ@?sn;>6@>EL+_YbHZmYT|W(vRG5`-vnoFM2Gd*1XvCnY)CCA_Rm`GlLsO;4;tB;qkHS9&&;36UbY4_Pst+x9WfGA z+z~%yxv_60ykb|ww+cVdmQUU13vtU6OA35JH&37W=YjD%dBu!q|WLO#v`tgnjolJ>0L;7B<2re*6O{}*cfw5IR}1{mwz~)9LZ8~&JMbg9zE|s zsM4fJFh1y=a}Hn1IwpK{Rh|(n&QLCxKGZ9pIwm65KBX8A6bFb?(IRF>7M*opAtwM`FMRnI|FKK)I+pXhygsfiWyv}}^3Qr((%_nIdi+_W zy`n94kn^xF%6&99Nqq*u#rP+C=z)HnSIk3%Xo!fgN~jP@7+|>PkaTwCThjS^fHfUp zPArXxfm2EmMF?b9MIl}Z*?wod!=Gy+KgB0;U${A^$W*v%Qe~L918G>?v~- z^7z-k`ZD{QyzB7|^f7sPNv_}&0Ws?&=>>*uP2rKiG&MFQ$dGj_|6Vd`PI0zLaVj^M&mM}3r06V6+F<@Ei|*n2gAj059!k2j zk=##^uPc~{x(i-;F=e8#*bATSWKLI-`;$Jln?DAPU2GOO6xPpRrqn_20m%g%uN}dn z)@WN)uFq=W;O54QL6Bl+($$DHp*-o%9;O>46%e^gLBAZG`~&JWWb>S~bYJ686~Siy zz!So1=}^NyuIC-iPdB6~gTXG2>5UI7K<#wpXAQI`)8mX9CL`= z_E%fzf_DL1Ft@{OpN%1)8a)b$I?}=LkuV%s3+r)daTy6_*Y0D{SF~7+y7qqtUH)5m6FUnd>;I@S;s5VL7uNqDbYcEqhA#hgp6ma?(B;1- zQ~h`7!tuWbT~=~*60yY+_x7$(Ue@Vl)|5?G&w63Q<}pQRBoOh{Ob>bW1?<6y0cH{U z(=VW$KxT%tEo8icd&YminFt#ho2sx7We>kw|Tg?{|*o{Ud~?r)c-toY`$h1 z^zh)rW(?YJU(04*n|EzKx^`Z#^mMELJbp}nw)XmNR_FF=+dlWU&YHJuKXXz}q{NDj zJo-4YRp<2T_&hpywN(DxKRti8%H+CS+I&BUK23kjf1bx)j>(9Tn7WSMso(!O~P$m(MeoQN+V=& z=f0(mv_l+xUk=mG=zgDXf11?(b8nJOG&RG&%h6ht7Z2`8u?EMTDNOoMs2(@woO`njUF9scYfM``pB+43;`jNfExtMcC%q|^igg&y8ul|8r~&r5QryB!`gT7 zSvj7BXwE5Ug38bJcOz;U%_|8pZdpuCq~vOr zU6G8#em8z`s!jygnBGxWLgAl)5M8Q|13UhJ8x9;27aOg|r zaiiVadO8M;)AFbDzucr`LRHjtn1ffYw9iA_xa&ExSx**f$qxojR&KYfKdRN6&(Nh6UT`i8ah+@i^3Ygg}_jSM5I4*-7nMR1YRBwNj-Z~ z{Z2*wbsC@lymoWog34LE@lq-w5RV!Pxc%5~I*VaD2uY)~^BujlH34NTiRG`gulICn z{T}*rIYUxz*V*>2VLAJ5!2>rI>d%*|{1xp!UBUpf3(Qls*moib5-h)9+2Pi-2N%I_ zZX`q}0nSA@V9x%4?JvYGSxP9#o!X?5w_m(|`CvTzKdz~7LJQ@LM+KX@geUFo@n}Bm zNZ*C5wP+&M#P2|<4qQKr=(yj>$Y3pvYs}Br|6AA8x=CbReS*^|({_tDQ4GAl@ldZv z1wY_p_-<2&IO5~8*Xi5C4&y=Py%i*VS%jDbK`v4-LK-oUVVs$do2FAH!&3#WO4O>> zIUcI*p?X1E=ZY}GZYX2;gUWl7MdA1RJ?KfZwR4LUE{>eWMwww-wRQ}!Q1R(jJwdkp;V=GTB2Zn3#`I#iyXMO zO~)`q;I-y^XJ{V8G2R zg8#e^bURUwjxdYHdofP`Ft?4-c;sYURyHXwuzuc~#6L>PN!M$J8&$4VLf3^yEUI0i z$H98RTM?PP=i-~~$}Jf^@Gn~$sMVjcoe+}11^;_kEF%`8qP*t_%Vun4#hu1)kW(h= zPWdQa;$KDeRTDm}b;r5<6cLBGT9VcLzC56=dOK9TbEd4yve#l|>Cxg3e(rTWd+@71 z$Ky@e#%urj*yS#SZt)d_2K#pULg0Mjyd$A=;zhf?L&ov@#TYes84=~v7Fyb9_QhwZ z=gCUth50IPj4PYL|K)$zfeVd->>Ub7*AF61$OmTK%h>yh)Cg^%M`4|qXK4+a34s0h zf{#;u`n+{5mXsYk>b!JM^phg1JejSTRfaDXmo;!v^1N>*X2MtV$UHQNY)IyS0aq|u zyQAN!-Mbd=(l+&GcB4-yR{#Sj9HZp0&jDjtSRTIW+4YO?i#8EhsO)y_IZ40a2sz+fCkSy<@ z9Qflfi0$Tv1Nb6df54#vHSG3mKIEFkxEf)5O510!Yik^GxP+Io)M?dH)q{@MOmE#$ z71qId)p|@bw%|JD9kmsiP_}e%+qI^Vv5JgnG^ULaWcKLsgb1meTjM-X4?>5pQqzc) z72}44XB2CKRDAx?NbIBtO;HQOM|>%=X1-*dXFqte#ME77olIS^GiSC54(*&D3`;AD zc~N**vRJv&%!U@0U7XZ_sXf;mDL!nD6d4!9>Gw-)@UCrvCumzn- zF#<|*A*NY4!mwFD$zmCmSoQLjt+?%Ra)*Jr+gGLthoUL=IH)FM^lw0Ixz3_llNJ+} zS8!;7RFq+oP$~p@9XjzO?I3ule&A|2c1@>C0Sc)f?Q4A;F`cC^Mzhhok1a1U4OBk> z^uGGk%}<`rYHx!Elm&pmI>0Q~efP-KOVJ-kDmuu~neSVj0CX*kAY^{*vhv0v1ahH^ z48M$DDeKWR;0XjLA2Nzl+)r^`A{x+jR%#n>T`V~}TEd&}SO*XyZ5<$3GTSTHO@lx0 zya2UpfWD@l?XN^X-C_H7Zfxci|NKDHkcj`diR@V68G(qMS07+G3&0Z)#}X`c4Gz8K zY=PHIXEMG)ci)aD-!!-odeoqlW@gGP6q&N4T%_7ygH=Clp%Uz z-7U3gQ`3{xvl{Ee)-5P^hv64yoR~2!)RltL@3D(4?&wP(;zqf?-2hcUs=rhR6Nxd~ zcu$63HHKbn$KwiCrHR=fucQC+!$k7|uki_Dj8#vwq#8AauqIM*mMaok6Y(Evjkyh0 zS)aw5D7k2@N`Y!CV6tVV!4v@_4#o*Ot%dEL$k1jt?n>b#hMpr8 zmA2fm=RC=Gfs{8bcGGu{bTLI(VnBe)N4;mgXy7vyt-yYR&o?rjDL_1vV6J+T@9=$l zT)*HLU-IQ-MIn*9es)Qqvw;U5l+D)up1Z@Sw$>74&W^`^y*OJnmJbWBRkMpaP5l@z zl`{P0k#rU0r?5z>uldgdn?FDgrp=u!M zBUe-3E1`Ev2#;&l=drMB}kb{c0IsD)p3)BXol9 zwaus8W&YBjEP5nf}|s*9Qow(icv zyuPw+n!msxBVeCM^nLDAJJKih^II^G29pUt(Xy6Ve7Xx(K~jFwz# zh-lSGV+J@7`&^-K zT-d}?#v1KqA6PX;a5ns%V|4!2I#I{@K_(H_9bg>$7#k4V`32~F7XLj{1klD2Xjh}~ zV9ev&85@#x`H`AH`jhm_PKHzbS!x;Ajs*wbwP~ALiqG=x{^sb=celn&8QketpStq2Z4nI4Qfm@`9<-AU?xEJ!P;=jO`ZU&Y zYsfSX3$nBQ*2{Vnfm7JS-ugzcNH%YM_@$cxx6&n?1KnFKEds4a-cZI*R71NG^tvmG zz?p*~utdVt?`PoRYCI`%lms@&?$F)OK=AY8)~T-2JB4bx1R1Tmo+1Zo&6_&ooZPg! z;;pe#v1TQ8?#W{k(uxMH23r<>yKr$DvXJ&5#PLy$&ajYpg+>7pndM;HWR5D|LVArh ziJ{7fwRwQVgoxew)X$l0{^_ut$6lUb6^vBTXDITu#`soxBkE9fPOHx5{AC@htgWJV#dY zr9=TJhbZ9yxE2gzO|u%fL?TvsNBJc>7MK|{R!Q}brVl7lNSxxB1vzo`f1aOt^5+(g zHwOC@r=$@~c4gzz_~(Eazv&&@fW{+YEZ;HS5{&p$aK z^X6`~7a`Q@Atyjf2EdGvU{wdJc?4C2CbXH(>KFkI>4Fv^uLf5UWiz z&sAMj_fYgm2d_Va_7H!S*k84dm@^=@)*2{?E*vEkYHd4^!4z#IpibZB!f9AK&pe}4 z;n3C!-B5)mIr3hNgQ%=1cWF~U#iT;<5l z2pK2`AX<@WK)ZnWP869)L4wQl2bQPG3}9FZweA=Z`TK@@7t;fQwAKx?RaTkWXz)6t zA`GR`uIa)nUas=d!OP%Vr;QXP%2XYrL=);pw5G5qFxD!eH;u2ruxwNo&~JUzo)MG~ zhQdV<$|||Xa%4!MFnQr-tK6iWH=U-c`g(eYNdHDV$eDggR{nP>X)^U79Ed&F6TDPZ zQk*YWG5_w@uKEfOnm_EIWg};&F-Wp=W#|hWIqLk;STb&Q-T~8p4bN$4Yd7Fi^w;WX z^Tcfb7j^Ftqzlk>>6UHVwr$rbzJ*h^ZQHhe%C>FWwr%TveIvU2k9&L2J?vrbK}L=; z){c1AS|&Bhc>!+z@Y1ezu{J6H{vaXm3d@(FfQ`DX!!zF%XQqZ>C@nr>H6BKjBl_WM zzLccuvTmGr3g^PQT-PB_BeNhRg!pc3udExn&~@>0yZYo8g*3YK=N z`egtf5BZ>OQjE+;hQCc0Np5tOXU`!S>aUDJU}-6Cj*%Oa1O%*zhNAq)YWx(v3==>J zuj8zXuqbi!KhFdw`~5+p&h$te7lojt-A^!*)S*+L-klcVFYP85VdhYi# z^sfX_7vV$Ab46hpZV-J&%X(*;;6f6*+tdz5CMkhbyl$9{*I8btibMx1|D%d3RmnnA zTOWYrnH&%;Ob4OL4zyy{tm<-2cA>jG3nG?UvnW)!)H#)Zv3%N3SogWY*~t)kAR9pC zEw?GfykeyOn@F2##&-H2^|5p9Y%DCS6^wc9*MFT1KlftZ7>0@33(vS(s><3G-Nck& z)gwjgLvao*og=Loq~OQ3Bva&jQhd9vh>cKmOF-AHk;5l2y|>zb>bcJU7EPY#zI7t< zq?Y(k*!VY|URo6WVV~ST+|>W=&Io7gu$p{XnVnIKrDis5=b;$YF(kAl=1OJ;80I|< zFQDDK1d@-MGw16-@k)Kpg%A9GE+KuJItRv2AcFMkI2&PfSore-?M1#}H+lJ80)03W zyDw41vx1BmnT|>wNYM1BbMDOUIMU zO8+CzIHS-9#aQS=C9Bz+E(FQ&=3VnT^Dn`&5)eCA!w@p?j>nrsw0!Lp_@&!wM#Tk z-17yChPCuXm2oGCF=`9hZZ$n{M5cALVv^M0>$K8Tnj11)sg3%^H_|MZ&)|QQG0w0?7Rv_gM!xd{PX0a^3j!~J%?bf`D zeW~cm&%xP-yR%{D)yHvC!o7%44#lEb;3QjnlzO^;vmndsVG86XlLqL;&meecLT!*S9VV5^gSEK zqgtbnh8q)2gW>+*Nzimm?Q$k5_#e4l$4s_clft^G32WFS}6xv_W z&NvLk8|zS@=AiA5&E6p1B4JF&#k*7C)w7Y=9h7 zE(sBJC1Z37<9@M69-vW>H36?9Ja2Yq?J|GIPXY6vBUeCoZ$BY;=hGwZ=Mby?^)TVi z>hP;wPnr*|VO6ez_V$}jqD=t@6QgHKsst*YvkoFUCF^WZ-c}Ks8m~`*OPM> zUdTC5EboowcjRIx8&*L-X(R9_TxqhvWAe0S#BfY5ll5*Z zIu>mdKj^LHku~6ER(}66LkFUhaPEgx(3~crDN5St|bozvTAR^t* z?@{ePNE&f0JaM4F{&{P=Q;xuI&IdacF=f}{lb)*`Ow&+TOecH z+B}ndfXyGou9=LKNV`AETy8Ix^_L3b@Wao`|-~*&i8+}!9iIfxS2yD-G*Anz{OUzA?VPXU#d5uK^`Pyyel_&U4d{jH z6v;;n<~88Q!kACFg=p*%kc>F<8#2+pXQ-gewHE^e9a(Z99H*P%e^5z6vfQuifXiB)R zpka>4mQ)0q9aBab#~F$V9S+o|3gSIXF%o*pox4o5V8*Y!d<;jB-OtOC-8pJnP(6yS ze@?bPde2!3bIhTuWN=;0s-GfsxzE9zKWdhd;lDN2)sfYrKbAg*afvo{ARmR4RlYkr zu6Qs!&ejR=DQ%DDvZo?+jcgzG2!9Aq@PD1hmo(twbdZ}_lf{=#>Reqg01tsmH8X}} zz+r!+i6^B+W(>hXEKmKGu zblL;XCqU^RbFRj*nkAQ#PaY~ZAJ%A+Um4R@Zb{ydWqv-SK082p98D)h_DiwqZ_JdBnAt%T zcIH{^@(p8~QFB=Mccl^g%qkFVmDZE|}>zwm+-4Y2BPq;dXIx*hqxUy}uzI=_&JBcDQo;m???x6sCKB$&_x8s1z~y zpmwYo2wpxQ>m=|{thj6*my~Q)B#LnFZ-V8%;j1@K0}}2e-+gXrRPmnM24s4A zzOgenY-VEu;(i=rha?DNIG?r`eFTqdY_Lw`E`P(H9bF(|HDsL3f4D!Myq!ZpqR5>Y zgk$`yH_luWH%jcuZZlhuJ(;6}vJiveEaX^@Y_&xcZPg~wL#*EQ(tL$lni>52^&gEtE57n-KZWuOlRYFC7w75@U|~Tu8@O zk(|WmKLISOz@38WR8{jeKNsK>^~^AfHq?H{f{GL-j>Z6_02SJ=eDH41#(RqYL^J~7c!bNg;_C~wutAHt?7no* z@EHUz)%T_s_^pykDW(VUi})ZvpACkrHRGKr>QV^LentAtit*#0mk>C7)5lt|;7!-| zO4Atikd7+w3m#&6#js|nW43$&Sor=y1faEra=#S~(xC6K{E@kfSZ^jfk5%g@JWkIwiUcVHY7A!wmme> zz=@y_n>9!FXd|CgSa6*#O#qcKydMX3ovKuViB;k=9emz_6#Vuqs#tNkp69f&@rO7DVC3*)>qM|uDW~9!b@C%!?ZGrwxJFTE0_wr6 zH{C=9LY=N|A+PT54Z)h(*sPZ>`FnPaW2GvW@wIG6>ojxT%X@!|C~Vl}n1o&aT(A~@ z9m!0lTF%VSr2KF`K|7Ai9I$GxD-4WHc@^yT=6^OwOkEBlM6{eWmdq}%w z7`e+i0w|W^1)YleBNG-W3JI2}Ga;qTb)bvAEdE>6d40dC_aZzy}urKN07_mYM6W)Cp{m_?hJ^u;D_YplLRWiNFV;?mJnk2_*+-zgS84 zdsF{RW#_vJ9_-HKU<~(9@AI8Mtn8R&FX>MD>Bf&fF`86dt zDJei6j))_{;N@y{$+i%3yAK^Z2>y5cv+H7egi5V5M!Jtk`@mmnN*pyTTZ3+ntWPp< z$e6@X+de^uOHCM*&&X!N)+pa#kNgvVQ3VGu>IOrf4yFf<1{+hR_c-78Pj-k~?}3HR z=c6+}zplI>!NqY@Nm-6M3Yh%ufkUIWVBdcJGTGsoMxX|R!l@O2f+th~(ghqXZBSKD zC5elhqAF83uV^@O)CIp$NA_BdU;cirs9tE+zR z4tosmXE!0QO2%)y1gPL4D-%qV%%K%^h4;(EJL+Cd&GD;P=XF!G432(6U(W%ij(SLb zFXrkYw_p)~E0G7ojk}c7Zy}`VvBQQFj0aJsMcS?2=4#e-3ibV}Q~KnmKX)uKQ(Zs@ z=eB+{-6ST6%8=3cl-MJ-rS~UjaP2~ks-+JWz#H#`_e~x;e}5OP^a@BfbB1`|Sjl|h zn-SjOU@A}uNiFCFuxN0)pQEUfMqFb8Dlee@4XUuAI7Gk|VFK$Bk(kJQRb(7^T*u37 zQs;0GpBscu$-MLs2l)9GzW1WJf8o54VgIZ>UQ_v;N4UdNui8^UsjEDOtB^}{N%v(? zL7?qF6A?hcW-}+IY9W`Q*i;L&Bn$Gfk&)jkI6KJH>=u(>giVtV3jr! zV>O53gT|4wCl^vPIqrrzqn1%E-BEMSy!TZ+mf2K!PLk-uK5QmXt3EiiwC(J}W;7!J z?8z#IL!~V=-csR2b8yg9(uHw&qn&ZE;jl$XB!yb3Opw`=95tWnc~x}}hG_0sQX zfXn6hi!W+akmx}?Y$8*MxXaw7bT`?p1WLx>4lY%LxoNcP{;w9rlOSR15T2uzZy2r9 zA7f6s3TY0WudCem)WI}QVN_jn5Lty>sm+ zTmkQ~UC>F$$?JY38y4;t#~7Fw28<1C9-?8qKN-BvH)aoJ{Yn-9WdZco}i1 zj449fF@~YbJ1LUCVFX&YDYH1yIasUvGYO$ZNnOzZmpeAC%M~+w*Oy5Ciii=W%8>Ou z-PLQSgf+jd=Y4?8rM(SC5eu$r+-@*c=cI zInEcyT(iwYY9B9NnFKck)qoKU?`VpVb+NxQ+j7cE$)7qQs*m~DKj*t0!q?BvkDVS1LGx9B z^U!x*w4Y|%cqnkH#EKw)P{cV)tjk;_qC0qHeU$WmovcC)ZR0I|pDcsP4_tYN;xf)W zIo$|21l>B{AYjd0N^0vhWKEl81<1usWZM=0NW4lx<7r zotp_jfSG$&E%*ivdC3TwBVW37*L!^kQt#a1Kf;{5AVGol^DxN51? z&)>1UU@me;n2^Gfue$|D3?|MDnRrP43YiBoF5=gvyL9WqeRAjNL@*b0UO=GbETUJ<0GorF!uoB`6}? zsy`%wP8%FP!be*4P(2x!u_~LBjbCCovZ{obw&iHhOz#2k0cA6!$^DMybyH#O9c>;- z_gC^5bSmu($@{H=$%U)LqR_BR!h^h)NvRX_p43FK8L8umIC#{Q&lyV8ZKDqYloVZQ zqhtQh&?w6RGGUxn0G%$kR%-)WLuHSMs|`|0O7fG=s95f6tshs^$|?jzOr)1?`Z3@< zwk+M^WVA)39<2PGyz@a@;UGhjrSt_E#C(=9%3%WqoA&RiLpx7Dj?5@kMXmr>FbrbK zVz!i`o&?(Cb4%9LN3eKac@!7GV|X5x%mh(tm+n`w-e;hE%>}8Ofb-3>9mS){_1&V@ z9e=CU1llP;$enicWy%PQMy9wYBHby!2Qa0vunzQhnyi623DRmjTOiCzg{z?>|swwF|LImxRzuRSviDx`WvhDmp5dWbZzvV4OK_exYYH z!c9`U3yUe&M)ZzW<8vEC5V zm!5Z*jb6EzDtFipj-y(t4slLyzD2Qf=ULVXc)kuP<1fLe21lYgC4aMjBZ6_UD#tdl zz<23tu6Ap_g|gJlD#K#GTmfFX(nL^Kx%aQpr4O|x7Yrt^lk<2jwrk2;Xf~hB3cjdT z7mPe)N$De?3+4$5tn4`GKZ2R0>F1{kCg_qb%P&v_ch{x%5*X{0@IIbYK!Nk}1%I#< ztTD*dvov<-X$$dX-s~OmslPGd?k6+LioTtF=5@-tmHnAq^ws`NZrt+7s(56sIrKRE zSwqFNe8GX7V^QVh03;yVR!|LkQI(H~L}3RuNY!X$2#e7xPvYLf9;6}F`s^_3mcMbN zDSOw;#ydm#HHQp2z6%%NZdJ}sV2`w0;cCWCYRGkcTt`st*@dzOhBCnOXs}P_Y$mQ_ zECH7UC%c5D%w%oGVx}PQ?%;kSIpL1Z>x|;+dFKjG1^!$2f#-E3;tuveH$tdRW%m7bauqTd{bQ&s*kww5vIcm^YCGM^KYU8 zu_ISae{CFSszR}@ppAE@9Z&F%vH(r&XirkzAGNnsVPA?tFW8Ap7`2wovq}twFpyQu zgwLY0=RKH_YDqZt>#uIU_Z~sA>q~;1n4XHGsWG7-tUfl(M<48x8mB^axiVxQZ1nd!g$G3l;!!TZ!kZ>j9}TU4jYaefKH z!f8JSJ_ULwDP?KA(IIh9eID4$WF~+l-4nQ2ZH&QEx(&%>yQ{)>r{(sll*@8ADQYII#gHmMv-9Qqt?ZoBdcMG!3Gj` z7^9IvZj$f$4;8QMh08+qXN!bZVzc!lDor$vCf$Orhp!UyB?jmhBMOL+7>sKKtcdot zQaY1?H!>+wYtkSJWzvb$`GVq<|Dsx{Rw_X+1@DZQ^zD_>Q2*%5GEp6U^kYCaTo!}L zG6i{#9UmUA!6fZGmV|KQ!Ppvipv47U3v1rPlPu5Fl)`EGt_=Gc`*&O^;ygPMQ~Xbq>$jl;ImY;r|Wo9CZl2{iNRDjNN8p$`+XJcjXF1 zBa^`p2Lv=%Lrr4JT%mvk3@d@9BKE88f$xs{g7t>?P6<|ac$Sp90r53RLz z<0ahrTyd@1LI@wz@@de#uF80GFXz|R&gWhf*plg-dMV&6XVv?Z$@2N9VMo&kyol#*!|Lg?c~I|@T^L86ADz6T zr@QL6vF8KxtycC&`DgRG4risaW`}|}oe5Jtjj2+@;N=p(LpW;lx+7InHe0TjXa)wH zc!qEf+k?1#=Q*THvsR=13g@>v)8@oXBJZ22s>5I#3)%oXj)ioRY5fU{+?9NBh@#c& zXM9A1{P64Hy9<>|T!H zrLxDj(1H8xmGgNOr|x+Qh=UH-9TL#FVfTY5;jp_0&%}#6Y~~p>RIoj4%5VL*+p9po zX#zb$^@yqIq;kjxz!zswbl7u~*0?2liSq|Ud9}UmkmA_ww7t)^(=z6=Z>UViu7$%A z)1Jjr&?olMuuovN5EC(&v*2RcWEef}xc9ok^9v6_`Obv)3xmlm?OFN#zx7eiH>lXw8O9Irigxje@+{C z*uh`2t}E6Li%>ZWFLe<+xw%!Rstwe!`cKWFR$~eUsv~?mb*?$E7KI5>A7T7lLdRJ| zutf)dkaEgbq-!X`FVEG@KNs(XdN-?II(^Yb7;&|}do-FaZAu=4;Et2PVXx?4ur~nz zz)w7iHH4DIc>fDrpUIry_x(Dt)cq z4kg18Y8YuR7VUzFdnV#Je{dVn+yK9Yt7m_bnTuLZBr5FLA0(UjZN_XmHL5rHQQZ&D zsdRaEqc>d{S#yb4fve+4=cqMDw!gLRUu)lFw{Flm-@amOJH;tlrY&2yU;4$;XSB1E z;Y@}5uQBx2T);>e5(W@nw+}Ua<)ST(Nu4|M1H3Ega8$&iTEY#lp-=QVn@n59Z+Bhz z1xhJZsG+qEP%vF5q+Pjc_-%i^jbTY1ndhyo@eA!uBFZH1tX;K2_}2`Yi46~T+vHN| zFx7{sPjJl7J+q}HOqrKZ8psQnE~Yb~w8vn)?zr86X*p~vX-s|LJ-tvtT2O)5t{ zPFJ3ddckTvqh4h^19zx-#xQ4aAWSqB<_p z+{0!t)Cy6uT3E>$^u_-6hN>L}_qA;h8HiQ*r`L)8XAK4e{+UU;Q21njhXrOrDj(uq zYyewPW?!;9W(0Hc(g2Q=3jU*CHeTu>N*)NN&4F2T0l?DP<*mqm`&WIz>R14Vt0|vf zqxWtX0BzuDsZxHKNXoBzAUR}wWcVkg;1B$+-d`!%=V-$@mBo`)QoD(LAIM}79lSY6u2?RgVL1J7qxjP*>REYXZ5Gm~@(|Q#1IeRoe5Rhqim?Shg~gMJ{3Nwl;KByG6VJrD zUA!rdP~odssLs(1#q($8AnmOW;{-*PLvtX_zFDSt+Qa5(oH5U5oOswJwrsFp&}1Pd zTqx{R-Rg?CG0$Xf2k9W+bbzwN9uScqS{P3f?=pAV)l)IF8Isl*hC&BZoJ%npKqW{I zjD{Ih#1CcKnt>H}hrSI-?@)Ak{4UYdg7478TILyngODVJ>-P)A$QFH^xo`7-JgNNWn z|Ky$hyG2_^+A0Z6qyw*O+Q`J9*8alcrPclC-yfB(%-zhwSAoohZ&H}`x}m7Or8L3D z+%hRHX5uc9;}h*V#7^eCb@;#D&?gAt8gLcU%m!F5Y_`C`I$Gq3Y;t`27==|<5#+M# z91wc>AX$vEp+7{Ls4(i6ob!UhdFZT5xXqJ35Y5IJ6#Bx1C3ef}ofK8rI*J0vi2&nj z5SP$t!N3K5`^bUziKT7`RKrM!`zuu_D%<(j%4h*|$}egQ!~zgW2!ti#Y9VZ)d+Q4P zG&@zM*Kp|iY7wsZ(pV=H-P<5IIK1i3fp%rhvkKDRjpd+MjuMg?7z3=5|J-ZK9%}0V zJ-;|5VcDot+d&UY`;4AVPuDc{Qqz;OEA`yo+^WL{eFk8A%<7DVfPQOHKcZ0wCYYW@ z?k=9bzBrJH4z3R-H#C7te+P0BS(D|29k|iLbe%uE+F-8^`1K{$==*S!jBFr4VbM~Y zjUXm=vdCRKG$ZF{O9*VK8pF%YkS)DUtl`xPN5s?In**kf##h@Vwq9eco)M_j*LWV- zI&DHyR$mbDxhE&3vl8x|KFjdHO68klw`L2-^pwX!|K$6Ooeob-Y#hnNe)v{^gKp?>$l%rdv$GiTpJZ8Tr0Mtb{X#mYmVzKF`k_LE17&2m0NeBJuSUl zU0DSsH@{Mfqs&}SJ4-Zd`W0b8b5!O}bK+S4`e#7ky6Mh{$(pmkVGo&?!GQzgOg0WlFhEAa5t{5% zZTcI9-MB?maRMOBMv(8w5$uva*zv6C$Q=HLl1@NN2IlQiZTv%KJypV^5mg&u9=7O` z-NZuJB^!SjGZ_Td!S4A-IvA`QmTv?}bw6SduM*1b`?%zvIcO*Yhbot4f^}Nh zL?Q3a)&er9BG~|Y$!cD9QWDDV>r> z1IR{k7x%N7gN7Z`XtZ4omKSGjj++QUwS^oiIKn?-Bj|QAf8}~re~Yyl`&r^N)Ge41 zkr2{pXWXeH$!{8{Tt#-WS96ABB!xw!C<}tc&zX$mSamT-%RWh@xMX;OMVM$`N*y(% z>Y8z9_FP2W7$$p~Wb4C6#Ulv=kD-VJ;*Ze;WZ!gAK6mMd5jU4TMZfGh8s33On2VqW zuz7e1BHs)Q#VMn|sGL|syTOoT3>Z89Lea%|wSbR2=B8jUdr&)t%av)M(*h5nbMx8Y zgI@YV#6d*Y1SYAb)W_5zjnC=6a1yWMxECahlKee8vm|~3JT2R;E7Eh^t_&V(vEQB# zrM|{n!Gd>~EuVPhsg&@(^U5R$l?Cvug6ac8g*pxj*W-IPVF^0Uxk=#{U%()@q{#Hb289jH_1tp0-0ENqp1!4T&dVD*YBDbv zg@?gSojSp>e0EL=4Afna*^EnRE~>JVw}6Ugn&L^WDIa+cri5IBVT+_*Q=3PI&4=lu zaGv`HR+3F+h#4*DegWeshYhDEQp|&~{b5reK5bc8$#ek}D>R$PXhpKZwC+;HjpUU+$m@tJ zxW_cbIwF@U{7c0<%~)fjDqIh|nZD33NXs3T-N}i(aAnp%1QzyOkZ+zwY$6=^yR$1D zZ}Lt@*$QpAoPk)3M8(AUF%~XxOuP}{n(cyp?n(ly_-r~zXzdW?iYkAIEPn-vy5ZVU z3k_riQOIRAJGjcBDHKXfB^oLNx8e)eiZ77_39?!ne1P?Ul7kwRg|<-ekX4Em3OXGi zou+M=e1dW(K~ycD79$lln4@Kv@5FGhBx4gU>&kA6q^KMS!mFN!l!tfA=Ar`cX+jFx zP>1WN707VO?wU@2V9wPXJ5QHlbLS|*S+SaAL_1HX(h?|77kL9Dr8`F z4lqbG#Ys}a7CkCjDwvo954D!l<;+y}m-?;GoP8;BTrpKw)MtwEVxU(P<35Cn8Z&7E zNauwM?n`abK#!8iCE64XA$zQm)iRH&Sps!9X3a@4WU0!MiPf-}yraZYopJ!@O@KnO$X}NsEREtx-xwFNNEZ5;zx}EM8NgkL<+#PBewa^)Jaug?kX3^jV^i` zTv9P1SZ7(%Ss)#!6I1d*TZsWeTn2|gTqD3pe6)t;L5o#Bv$9-Fl6ZGc5*Vc&?)dqU z15;E;uc(y#*w`e5N5PG;fo8eX7Dmh58xQ{`GU_g*vY<3q!zl~nm^TZBR4D$J#i6LO+JhK?p(SV3q6H>v=AQC>}2r8m}A6za3J(J7|ByFBPIcMVRQ+$4s zIN$8-@LXB^lt`qL3R}fREZ^r8y+`*tH!o|WXW-8(qr5y@iPq^d3JBp}AT{ws^SyCb zas6>C%T_GDIK;GxoHXze`1aKt%SsRf zY?<}I{s==clNdgH!I|Urm3Hv2Uaxl8v;`C}ns~H*TQcHZdA1<(o^r)JE_&E7`vLfw;Hb?gXVra)@5*b6DQ3}AV}{QGFAHC*_X{78EeZKVLgV9`(@Oo z^HZ5XoQw(#>pOxRmj)r!6%+?Ar(u`IQcsh?Rj3ygk?ZOb*P6P}jLaYdnDEec;DDdv-vm(FnVVLcd_~-3GVeQW~=yGA@)rU`g6CAL~!=(4^ z%N!*j;L~F}MEgWL%VHG1#{)(HbaWoAt7j8F#(3b-iwOlb#u6G~k$*g(c8=Nm0TYMz z%$mvFa`Rz}CJ$8l*|CS=}%FP7{%WAC1J zdfJoRWLhCW;+FUwZgJA)f4wp`-a(l*;-H3>s8}tVuzE4-(h)?QA zhXPUX)EW)sU0H8m)Q^6)54cScJ(ly0N)^+Nn?aR6gGU3R*1z^MoKvto(a|%ilP~{Lhb2OjOq%@ z5G}(aFhv82JHT=%p`xpnRBF*eE*V~Fqbof?G8x!sY8f{ISc(0MNYG}mPv*iOEtgf=`P@5kg~iMCUZNw6yrb>e)8J>yB1429-VddfZCgOXkZj4Uhh)6&!XwAi{C7DF+Sj* zD3?x`po!I#Qz5U$SWy{q_1M=mOrLmV=>Er)AlM)y2f~LQ6G|s-#%pH+1G<1HT|xnz z8yT9f9>Uh8F#KVE5)yJzRZG9QvT+m=;)GznQ^dz6ux+Z=ixT>XTk5_M!+y2&q_v}} zQcHLzp=X*YIXl*>TLJh@En)+CQDmu&yEqRHc=aDUcBu`a0J%!CnP&$@=P`k@Q zYt*z+Y_Yzk5QegNGGim8E@hba? zhfuN+6L-jpVx`5UUF2Fs0fyFNi%?$>ixvXOF&sNfKittruA!6%P>^dzPzz7JV&5Mt z7~0*8gW&a?i{4U8w^XT#s^JvC`RAY1PYw?naH#a zTxnN<$urtJc^-&c&-9U-;!vQzP)9kBa6%b2{B^XMKR~z?nQ9n0*QDjlhRbz#5_K`S zF5f%6a~Vk7RIq?MI0zN73GW^2^KefmxuzOCY>7FhgSj^E(DvmYfo_(K6C*fk zV(SRBi|H*lnxJo>WO^Jjgx66L20A~6y*P9jGoG)-;&`Ub5nr?qY=14Ein}^!QVg^0 z-MEGhS|d$Up+vn~5~i~mf(KJEM(GQ39k`}5*}|gZ344aoLRinEU_D7O?LC!o7-q_e zNG%~ts!V>R8I#FCFQexvM?ow74ytQl&$_R!-{(Lr+Yg{cUTrRt8$g-Ei ztRH`+Tue**c@r-F&?t##$PALQYdZYT-96nMjPd|-3iiFlc**>*E0|vxDevlWAA6`B zPoQx(NAxUOnyy063>5MmZAe_a0hQp$=;VTuE!bQ^EMg^nS8rcxrw^Nl9;du7Gv}09 zbm=am_hDYGrKWSXawBn@B5~o|)*`L>J+JIhk&kZ$U6ij>LVq03H~+U;%a6TvtVvv> zoM&>XA|SEOeQZg9a%G8VM|}K^Z@wf5h&+&lHWk%n{t%3qx-OWQbDVoiHgKW3eO5F& zw%=fHQGL9<2RVq+UJ?!xD}-1dPt+5W++eJ|dr15b0fyrgQvopwL9BsnlPM0%6L6>q z0_1t0RHHl-*MIi21+r6IR7~#eGK_Pb?f(x&GDAJy_|`eo1Oom=HWR5Wx?( z@*n9$L>g#EaG`Y)r!-3}7Ah&@P{hkc?B*Z!Rp+fExx}h8EZ0#k$?l^59FK_Bj!2H5 z9rcpKc!oo98wuQ)gfxdE$1&1Zz?ug^bxGL0Tqv390$)9XMlHej>h?<=8`sU?9`?%OP8s{^fu&aoXX2iag&o7S}AD z3@GV}VZh@sX5RNSh`iVH&W{MnX)|SbD;QUtk9?jWU5kJFVU)Ian_T!T6h|$F{r&6R zTQCJ4cM4&f?VX_H0d3xc5zy7I_7=(ws@UMLGA#<9Qpa!TT3H#nKN(doLmC`J75Yeb z!jzKL%+L0|&{@fQLGx&rk2?6Ko>#=r-6}iJ zbW9Qq5^Q9jsnI_dfl1_~b@gS{Qg+dMdE+L5Ailr^Og)sJx^k>ZNi-33z&E)mE}-W5 z>%-K6+>~4YcT!6(OG%cn96YUWLrE2Cf62{+a+j0$UPnW_FIOe_8+xR#sVf`yHjpb# zpw5ctNsS7L&8ihCmQfn1dc_JVWeOv{Vqc~M7RHR!&itMxVg%1JjMIZF<;2i9Di#OeU7xiIlfqyN2A2d`H@; z{r}z=(4|I1xA*c{YBpv0>4;XrWR?SHz< z+9LSt*WU1PQNtf!Y&JF0slR;QK-2PYP-h#t-o}(wS^K3|shc0S>iDL!q_XW(t^uBj zS?gJ0Up{|SZ%O(JN@MR~*EHkL~BD`0cb#`)w6&dL^-xwr0KfuRFytLrZp1HpmI60YEWg{ENQnHR1mk_ z?vn2SU4_lyC@E8P`kc<#rC|=7w$q)g#zoTVTE7voHa940x!oP|D6D@idNB&D7gOQo zqHZ^8cxuzB!Q&1eXnwJzze2Ok%S}Bslc&^BhSAma2=6V^*{+l<7>(VGVEhBOR$L2{ z%$%$;c64zaIbJj2G-|z+?dB_B4RjP@6HNg8_4}FMWHbTVy1CuSWl%C?0@OFsXxnVaJ7M z@%s5}xcf5f!M<$;zudWVMU-bxLUB7SVL;s=ul@=mOAya23sfYqQJY&P5N_ih0wSDq zN|8lSS!=pjO}JlcxBAITH(>YNIkIzGjLv(!&oW#!!te~F$#`gJabmO>Zl>>B$97U7 zCLRAQl@p=~C`&|jKsb!*J!Id&u7L%E7_Xm?8iFf*H33Ihq2*&ArH5vIBvFd^2jLHy z0udO)2Z9G{>M&-ivc+CZ^f*C#EtXCr2sb4jg`jGM?<9i|q=1_X`W+^CsKMQ*lqX!<{#P}+<%XHB1te_@TCD{p?N&d?2Hdh>86TP@>N!;ThRP)_ zi8b71Y=|bRlt_lDC?sojdvLYV!>F2%hR>pUkE}mY3qybleO^VxU=v4gM0FZ45G5DV z+b|fPUk@ikJ`o^+DF9Z$+Ln0%Lbqr@0E}QeK;a)@PJuB1D!4+?5QVxfiN$hL-#aD* zD9R52NVvjK;WMs`-9v@Z#>0Z?OcQv*)(8ZRL=p~{Mxpa_gly^%Av46P9WWtE1Q{Nj z8od-4N%Q6kGkU4QoO>m&44QfX2@dpFbP<<;W;wzVyFW^60?+cxxW9(8u; z($c*qTvFBAOU|qNt}auU(%h`>$Sm2P{g*WPo=;r%%+Bz9G$0M{@E-BtjRHsbSsQOH zw4QvQipB8WLX{C}{>r;1OVXFLT8tfo&g)6mS(PC+OG z(9i&3Zc`I$6%d12Ym&lNKB1Fo2ECMjKbs zR9o*d*%rgfiCkA~NKO{-cL#H*t85hv7KWQXcNI$`tjswNVePdM)**x{wCeA zE~a#8@Z0GPw#(1<*qQ1B1AneKtE-ziyUV|XF~{54Fg%*VePw)}M1XNaOGvmVoT7F? zj!d|bEx3_UySt3U5-++rUfXWhNa~cC7bwY_BQ80bnA+M{Agg5yVAN`8LUTY(REW1G zTCxvK2~1r3k*D!cEkq#Ta?Y)ejdMbRkD~88CIX2&mZY19ssy#A=y}tU6au59nEO5Y zz5H=O1aY@KC|IXLqF5Og1f7328qd=ALdYANR&2uK3xa;HF=RXI%Oh6q8gg;(Dq~^l z=o#nn$D@E-Bzoih$=*mBe3oqXk>Vle~lxf?4!#!*^6bFG-FeK#I6H-I9K18Kj~PC8&bP7SZAH zUia;-odgOfM3$Ne3(g`5K2sE45IINS@e?4Tq>d=@Ef7I;!VJ@#kheAZViCqz$Be4z zTm8xFkdQE~hQ!T5E#xR51{Slo-?Q=U6fGG6{<~~NA@%Dc*HhQ_9$~MpkKgI>sDJ`d zQErd5KJqYP)n*v)BOG)q+x_jf8nq=x%xZQUoO;p2%N8JtHDN!%r_NkphIea3KSgri zKNuh{%#@0?oJS^ZH_nEovcf-IkWgg_az-rp|0!X^PU|@97I!NU#mh)(VSJVmJ!J ze&vsQ1Tm}@E}L`yR{tLN7RZn($l1)o+YmOwc#3@C6CxAsOo=?6u~BQ?2@H-q21O&t z4i24K8%rRDQ=FcB{SqaZ8R>k}(D|hu^7oY0sh~QQMsoEy!(?&dTQmo)euv}JTu=o9 zQ}~})Y)nX6^g&~?)F`53sbD$J9WV4tB9;ON@(1Zx+yjdl>Gm%k;g|g9?dJ<-dxEVr z6E@>p{5NfVJh0ah@=5WbHFEADUs$!Jf3${cZ(e@Xp3pDCQkYJ@aP;_}wSfoS28!<{ z0=BSjz(A4%RhXm|Ei?$cXYQqx(2ZeBJHwcIfu^1ug2b~mrZi985QHoc2v?0^P7q3N z^c_H;J9 zx2^$B=t~m(&I+q_1N-D(xK%|c@bSU(wZutMHovPFyf>HOR`6N*$@}h1;5A>TR{j84 zmEc<w3Esr9(Ae|{Zm#4FL(|8n*5U0GnJz7R!oY}l3KW5`t^wp6( z0I$b!1Os=&2sBh*h$`|c(hm|HM6LwXfd#A?qOJQ5w|?FbV=qof?S zWTGXd!!VU*mDF82hSp3qixCHSqHyT*^+PT4Pzz(s1WOb*{PcCT&#_Qu+)db6vW`S< zg^62QI`Q+l`X|HN=&uuXGkL2!eSU0h);{Wto~a3hYvE6Zdn`FpdM_)BBk3|vwZbb2 zE_&7($DVAhXF$b`!q}z6z&IBkHnp=4T?+!{$>(YkXf{zIi52}Ykg%VFzx|o#c6S!; z;6r<1m`tN358Tfc)6a|D){OkU51VP-s#vU}%~yiZXy5ATyR+EXTDr3r zuHoWb?QPI9`}>})*qA{=)^D(n)FBt)8#ucK<08j}@VYwTDNdF0WJ&8B9ZBrQ;vyrD zt*_JVwtQ_XefH+=FCIQNC%G#b8YWWDy89M<2{RsLF~7%-=}-nI56l( zUZN1Po#R1m)gs(E-GLV7zEgL%A|;!JZn5inAo+#V8NIFuOMnOC@U$%0A$Y1~QJU~z zeN9EgSlZ4X@8@gO0nU4H=M$%DvUc)-!idAr7S`-RV*di>#UC5ggbIryrYK08B|gtq zSQtC&@nSw7(F|^KU~Vx$L$de(hUnZ6B0?8rVBt2Ux3}mB1~&|OLvoAsGQ**yE zgh~lgRy-AzEL5N_I3fcg9#Ybjob7d=7njEaiM-L)A^6%)Z%IA6jCL&{{l$IJ9fx-P z2087X+%4~smIbP=;COEU$#|1598oc6zQDEUnf}d_&x&L|7|CIh0LSg>zXTJf5$`{ zBbA@3#hw=VA;?USpym=GNtf_{vcJtkP0RHUq7XiXhERH^@03tk#ju=IB_# z(UO+#i3n^gtfTj3CQy``XaRh`y6jU|v2ibotSR=00g ztOct@h&kvQu_p%sE=R)o%kJJB);`K-d&jpWWOWU-0YVNU=#@IHUxjX$82v~dfhaGO z8vzi1xd5CYZQ zXlNsmG3+d1j)mckaJ{hLb@&%GY&!HU7AbJ8AYZVhbG4Qp6 z@rJj{^EmwFYIO^tsw)DWmcNl~Pt2bAwrz}-i4?L@lSy(5lzH3!5PD=?-pr??)as+(Z#-*&9m>4JO1Tfh;s6BBFZJY(=6Z zZwMyN5Gn5HMz)|yG$1Ln@@cT9a(2Xio{_o4+A>(vOOOH~S2zo%1@@?bwk(?fmn^V| zEJ|N-Q+}hq^ID=v1QK%x4D&6moNB85Q9(47Y+JH>7A;|;j7D675(fvl-bY+yYNhU- z*-o9NraCrnOGN2lu>5Gq5)vc5|8mwfRs`jkW zDB_7)8Y`xmvkiZ~9-P9Z}cWj$I#WD&SWb$CPP z$tue<=W^Rl^c-yFq?`|<3^Oj_MaUuNWgALp3XJp zhbhuphH8&LgPk&K44CgS)( zWYXHmgu=;1uBjCdbq~b`Uj92Y-_AB`GR-#2wzZxBH;z?_NI9$7i_>)ciL+6DQ4QRK zWP{^lrU|Ir;6AK*wU<2~B}^&X-x!{8P$Y||L2Ds`L-M5{sbH)KVd?g1V3}UD=3`rRTQdR>JCjHom zJPn$d&SEhTr|A-*&UD5Su&GJwp(DANvX#~zy~e7j19^OZ2a3iXdFB7<#mU!5OXl?C zBTHC(ZabA)MXbOt6v-yk*+u5<<>?$=gBu_>9p?+ZM=`^H~6muf%IJ1)C*CVF`tpG79U_kP2m-yzdVj^ z3i^r2^vo*>8cVN}COU6HmXgoJg^0ub+^D@>hraiph1X27CM^x#WULT}BVzJ@)&yUl zkw?RqW^4nDY)mpL6Z;bk3Grt{DoLrx)Tivd`YY1||HHR3?*thNqiuH$7I9#Yb9i*a zcRW_GkCauc?zaSla0#O^t_hCGS>eun$Iy72{}40y32bHOA|&k&5yIX4Iws`SwQoId+KE++Q#Fz2V)BPY0hzkf^f zlFztyL%3$Vv+5q4@Q?bgDKqW9Pb z8*cGhtArQ0jLF?6?2tn3}6T$vS?rmaTklQPwEecQ5F<~i|d9K!!uYh^6iU>xr1&Fstw<$A^ISM8SMcH#Ju6TEB`^bH+6f=9H8tpWl~m$ zCq+N*1UoybiGk3bGK>9y#5uxZhkE^Z#0~mqYuNae^wqP-N=55s_#1*bXN3h$sz#d+ zNd-#^dXPv7MY+1J^@!rNo1hhA4d#|LDc~-vfTN|!0Z1-(mQcSmTEllB6m*M0&{5HZSgTC0iJW%of{d8YTl`TE@nvJOd$%gv|{ZXM3%WfEvXQ zX(3Qaz(E15D=M`7!aOUWAL^mM_SaM>ZFgm(Kc|R;XM2Ht1c`zuV{0dSGrLNXb*Vet zm1QyVH4&+JTt+@O5ZpZ}CoS}J+8~CLLV5A7>uwiBbLlr(uMpZttllgIobjOP`oW#W z$j?M`^d%H7P~3#$4=ff!#IEHu=zuYyAw3i9yHW7k^jjH?Y z$9Me32e7P8ZyoFn>2&Kyvn&CVVSR%NlU&>`M+Xc)EYW~~4_`4JajG0dAcHpuL~$E0 zX?f){=yT%27n#MWR7^j>xyUV+wb3H7%zpAkc)|>_{4Va>pT8%~Grv)k(mG!;nuOi; z0hjtN#n@;W9L}K3wFJPmQ{oT3D}k1UW_qE+i`e_8eH9CexQ@~ITp+GWi%eyr8MzDa0eSIGo;Ul=a z!>CLSrkNn-h*q`uF)EtcB>>yWrPxo&pfK!6g?k3y^O^?ZTrt?^)V0;q79>oOI)XME zMBXt*@ZHy9n|?0>$^v2c>NE=mhrYf>s?|{e5vavo%acOURKd~uvA`1-F+oG3c9b56 zhnC!Ke1yXA_IMrqSkzkyeXp!psj z3e_H$osz#7Q|-~ywl6XcHN$+EI_lbuPTKd)(_8u3nD08*YoEKP)~ z(s3NVCSImUW=JxMmRZ*QthL5FW=7XGVXuFZQ|# zzPR%tf8lVt)&%-d(m<$)2fPw!QdZ>7Lp5+eU3VBzc}#RzHukwHo(r~xJ+8`|C9{pR z2{Xi>9uOYJu2I=l9_N{#RIly|R54JQqH6A0Ytz5T_E{2ylo!T;=J&b9kWv;$r8NRT zLUCl`j#2xO*6%HO4A=+Coq(2F~5aWs6Vd#_Y3#LEUocHwId;z4dXb9zSADR>P&CbWC{jS%Vo zB7kaf$nLe1Ej9ebamH}Wysv(P10rM2dT$^#yt%NI%%B6>HIV#csZ5d-84V%~zGcyv zhftHNFREUu> zvZD<>ktPYwDKY~|;hzggl`20(-P|t0880g5QNc8Whz$y8V-nD!lLx73dRlr%FGuD# zW@pifL{MR51wlV8&Wne>^ybS5Nh4wN<{rfT9ni}zica)bASm)ah9aN}k8`25_*3#m zwi(bZaAw!vK3_WkiwEY`ZVbK5Mnci*EXcU%en{h*QhsbiSa|P;Ry=4#MC-m%ycAzj z3tmhLrnbn`XlmBz`Ic=PI=gJv%|C1HLC(#J1%CScP-$N`F=u+_ngEqZ;D=I>F-AdT zi@z;fQ(DQf_Jshmo@(TZR#tLkH_QehY@|M6m$FGEQJXNib22cJD6RxAerkdGl|~5o zkU9mywvb?g(i~$u_J{|YMCll0v2{D%z;Oe|fkozk65B%y-1!D0xq`XmLnS9zOmt>=*L%QL-0g%FHtXdF0STdHwG1R0b zbNq-~-wC|pUXOC90yx3s8nTOYWBMYFJqKo&{qWNT!tGi8nx%1g(i$l!+kUTbh&dsP zN_OM$8ca;iLkh))?3JlUq0qEBDLfyeng1}X(y!gj>K(gUWN|QA&t}Q8eS>YWe{p~O z2949)z)+G9Vmi>qAM!>+I!`je8B714H;P6~G1ziYvnzoq%P#&|*%r9#vW>6bYMqA~ zgu!d94@xlTv)6dbLxqOoPHRmY)BZH5>2F*~+OyU}`3>D2^2xrs%FAhXsfB5s-kkJ= z^|S+c8@LJ%v&)2KlGnxqc?Z0#kEq#t8}{_+Z{fuoc#?*)DgDiY(J#PCpRi2*$yCGV zLl}m251V00x>DZioZ*;a;l}6=jFnw;g9iVWnojnNV;rMyjOJ}vgNl9bpD|fEZWu`p zWUEdS^>_u3YpV^kO0q{ixvYcS#iKvUgcJ`J>R-G>=fYWK`_Oj+da1mKzD;$P2&LjI zkkk#pc+J^TCk@Skr06`n_?!lR?0Lr~#qR0(r^dHs{GyagE-Mqyh(TL3NZEcBtBUET zHc;~S4$V)9&tG}z)iI!qErSIWn1~HOKs$KBIhhQQ&B(#2doK!Y7a99Gu{E63Aa5GP z5a_fA_+=)CjjQQ>IVO#wLA(v-`Ev)Q5iPy-u|*Qn)zjIk1r3}L=Kw=tJtr+UT3WtL z*&MNe0r8pL-(A#S-;0lv(M0-}yHU~yrcG=BVBPs(V}SR(Ul!4Uvke_4@f-GeQvvHs zVbH9KhHiBFJq0ZDaMvJm$v8N1h@>Jz!#deRV z?&kr1bf|b_0L^)(Y^%q%NPVSmN1lEJ?SXrmmY!Aa>_-H=QNfAkX7{m$;LO-nNUhTftv++sjUk`cq?0Tt0 zCoE5uJ@XDRad$9sp(*+hmK%tZ^-IiTBrcUod9|dPW*!HhfHcO_$0Jpu>N#|!imE`# zn4EzGAA{Uo_UvDy{KArY_{L+O?3})2rqWfHip)=KYIE858iWVI-D*qs9e?w+`TZKo zK1EPY4#iV4?S;ERS1(<|;mW1e*nWY8`Mwb=YavVDO@W-15s=b0f0kdmvpa z9&puz4j&5uZ{;%)(MWJE%#`CW)jI<*0Ly?zzA`-zCET`ij+1TYH6b(>`#>$AFD_O^ zlw#?XQUbT<*&&y^CK;Dh$)6B3Ik(h6g>dWyc&J<#e1${*^B6mKmSq3uJ_j!NRBrlED!FiSt&T z9GEyhcVe`B9n#YcyCL`$U5LDOWjk(Ue1M2&Y`w;>%h$eoI=I+yKBT9w85Po~`-*Iw zQD)~~P9{|o?GC~W1<|RHq~I1v?GHU73g>asxh^??M5gyQGiD2B=v~Oy6i&)NzWw_E z<`@^7gSK%u-oL+|oa0oL@8kROyv{F=4F^kQt!IQQFuUXpz$}4iU*P-RmrzHk^I`e_B}y{{IvjGu!`5p>h5{6dL=#O`&lT{CA+xSpGA-_a77*3)8S>(L{2{o1Tk>KWPpU!qjBf5y+wAz{coYF3r=QEn= z#nil6{kO^Bre+DX*V(hqjmMl?z1&jQ&JV}A<&S3l0XTuxori@_i>1q^=7yJ$ysSNM z`}s%ZTmSRb*7AWRb;F{|WzCP<^AYp8e2m|}Pp7giwQQS2wpwHu%;*y6%*m2wY1y=m zf>E+flB8(H=4y2H%z^^-kKz_#`VN&Yo&$AT+AA|%Q~ApaE>ALJP1TjIindI`ge->? zj0-S_vXM$f>PoUMjqCSy$}=UZGyK>3ylZ_v-zN{69~Y6Zn+y|Av&$YZpln;;Po8Oc zeE{0ihCRk{P}A9YhZ%q>*=D+d_RyAtP)VB94%{N?kIhz%F4?yBYujAxqW8ZIeATp; zdsnS8`No#0`UlUNuUfT}PnlPZ3y+6S-k3IAhW%irVQv7&m%86@)$LPvV1IHo?<02# zNat^em}@Rv&+{lCWIMysRNfShPpU+&_nujT_TxS~H%RBmu zG*87`1qQ9yU5(Yc0FbMEfB9yhgL`&0>G2@!MHZ8rLa6a3^RFx2{*@x>JG}T#`^nQU zZ6}fcSX9^1#S;nmBhBS`R2PVLe~Tow z2yjy_2820u65sRG#|aTsoFBV^jUQA=uIu! z(w*yHaLT8;#pDX$p=FVd&{|PD<^iX2=^`TK81{@ThK}$mN*h|@(s@+ju)F61Bd?-; zeN-?v%MtvQDO#yIJsr}4a3_QpH50uFsrqNGTLY_mQ67dr+@eh*g_NaA=%w~njPl~* z1M{e}BM{l7nu*r113AF(iwGHnV|2;JN6h&C0sWIrAOb`0+AfQDy0M5lgp@j5Oi$g2+%srW6)_E%SG1lmJ7^Zv(&SXB-D-~ z6)mFylikjasGBGv$2$;>(>8FsRimgd1oJFbR4RM(q>Fby)Yf8Y^t%B(w`8KtCrb9| z{(O%LrM;a$dy((63SjE^pge%&{^GzaE_FLJAQm5-otKN)9y_nzF7Mf-LD4o{bQ3u= zP7=?wFjYI6a+OQxYzA0&6W}kBL7q!|{_y$rVkR@Fu|d#(u+*30s@BUP|LWg-&uUIc zJ1l1JVRx3H2_YOTJj(y5&cccAd?CYYsp@`ZV0OHXU;HDhjaBTcX3LGHr`4G|L37eMku z^#q_Ib)@|)9p>53fkUMMZo{;$R1V0L=TcLvp?pd^xsE3kRbvTH;hePU(mr$nIh9zE zuPyaD@O_d&jK3Tjc%*POH7nuBydr-AG&SV-0R_CEBClpiO&C@mzzAGsz(Hcr^BAOo zVbSocxmz^gh0gJc>$fxmP8Xrnl)S$O*=*3B%eQLVK~)2FLF+3O3?&_by^>8AE*Ei)|t1C{M@Mfo^DFYs-yZH;zaVBV(OZ zy~!}sM2Tjd|Mh~3I365-)hRDwb-r##ZnuSt+w2=_@@2t!qh8gfEKZ3_iF_|nRoZlh zO*gANUtnEV<0p8Kmlm3GPnmB+^ z>F?=fyE5_zg^>%xH*TdJl+Mh{&iaoj%SU#x3GL?nWg&IF0PXRN{hj!3v|}zChGC!=ytg;;tu!-}~pi9?oFC;!q*N;cN@*Vn4YY+tI(<)EFGTiw?F{qP1PxW!azsXW*1AI|Z%B(L zdG%(5-hKov2Dym891WgOhU2-o&!Dc#;4Y~%>10e#9&4@WIIa%o3@Qn=FV=NZb6oNX zn|Oivx#v2MGJy7bSGJe?_Vl|rGr6X$o~>HHbSWX!odzpwFKvxEs7E&z{lczZ!?t+y zIoHv;f{>kD{VympeX$YFZm5@?16;mEJ3QuVOcXamX`q;!WjbRT-H^3sFDHhx2>0hB zsl8Vtc~w12CD&;pEw+7qQBWs(RK<$6ZM~zNtKsOhT{TBoUwIt4dr^kgn}K>MX$eLxBdx?mBZ|Rr-HJg@ z4Q3&kwvlHMEH~xIt5bQDLd50a;+-&>q`E&UtVtnmR;0eofUnM!1bMp-gNJd^&Qse~$0#Fg^j7;r0K{Ru%1EesCxIV~vCZY+w3)@F+j)>x_o zE(9DJn3u;7gE*KzvF%*5SxGUrYlL%?Q<)rvJ8L_ecCa_lnF3o4^{gO0!J%`EdXOcB-ygzvMq-@jwz&fGq223bTD0AVFHvNaO&Nm(h~)b>aNuyq76MwA3x zM_;G^T1pPawqc2Iq%0OW&C3||b+hXx7VL$~KFc#s*`6c!Po~!)5ABCm-g>DjRJb>Z z<)iE*lewpM>fbe%i2GK&oMh9P_advd8uB%kKGKcj!t@EK7j<}g{86_vKB150JdqtH zfy9t+BLoVb)iG4PwLLb{h-)Qz%Cn;Hb_qOCL1W+#K0Zcg6Qip@y7p@)>0XVT>Yv_a zp1(})2+L-&QoOoG9Es0x;V2E%s#6r^`PjodGxH2g0|MPUs9&Sl+e6f;;};DiMVHcS z3790MtIzz3(qA`kVibkhdjz5dl={23;x9oG8M8^oc80?AW65WAeoC=2dr;eKeZ!o{ z?cU`ah{ieQoZ)QRJG0^Gf%ydEx)AhfEd5|SPa`%S4G1N74~f>#=nmjke0S)qxqo-| z-u*qWisWgy8UjCq?OO8ZXnW!bgczI;!2lp8J;e4qk}?@CQ}s2^?ro&x$$jf-6G#$} zKCHyK9299C&;-0jOFCcnhx5Jg<*XP2TUDQ)b3B$6eRU`_?ZBJ23BKy5=Y6jv$kAUL zY79VBbp~RnGa~c$*;*?|NbojCq=0VZ5Kd>a%=`X=J5y+js`sdp+a6G^VT4HEiME*lC0 zzuD{J%Vu|qVAdF-`9}1P<@e_EJ4_>t>NjDC0PMb_v#S2YFdMXQ@UN&)Fmg~>+V68k z0;a1#-p#+0tq1BNkUZ4~(ZR^mSwzvc#0kpM9lETDsPQ?>wTIbL$wLja0s9^9d5f{y zsw+8SOfzK0P;$_fk(m&PDsS9kfq}+kXY9x#kP!8ZXFiS80BkiYsCh*UWKJCTKty-bf?%P`K+(+`?U@ zERy+ubzSzps%|hQYKRxg7vI^uzq`)+#kqipCD3xFg zE`C}4oypXkwOX}l2kB3QHyTkH>Ztrq-MFN3B9l?r4y}6)#V9gZD z@}e?>RICJ?VG-7aKEun`ouZLHsQmN|6^wmG24*owP)E$gwg z`zbPw!H_#!tsn2E?M(&%{iS&iQgjQp4rccd#okh*N?0Rrw_wjGO9h#&NB3xb9)wnE z&ORYPtS=<9Ioj>&iDb2yk#}j$xhjZQPi{6baX*1p?})4_f?xwOs~R1ti5&CH59p#z zo+CC+Xb7>8TC2xy-e5n(`sYcg`NX*6QKkMIYaiqPKr))}wxKZk6lFGJwh(%(%_PtL zM1ZujP|jy2ML79PaM)Vxaj3$*Qy=i7Y%)Qgz^wLlR_ot|0IKgOJnY`%=hyCYVaZJc zoR+!V)JiL<{LkiCR;50Oyy`wOkhBwY`a?&yAE{f!s6w*`*tfx?n9^DJ$-B~Y(?`>q z!#NE47DJdo3MxA1tXObFE{GFrHSf=DkUP^JmocJ1yniYmW}rvr<%?GL!&>z&Iakou zNB=`MhQ=?N*6`-Zy#;4#=iuab<#ez=@uME&|K*9Jc1NV4PF|KxnQ0qv*VN?KdOXBy z7fzQ4sh^Vi?$uPBw_E53v*u5~G{ljUVZMIjVgSvG0;hUUJy?weoUNbf^|8LJASRA- zO5FM)Q9k%*OWsB!`jRc|Iid3?tStIuEVmY&}oD-R?Ddvv3}EVJi3Yxkthdgu6dby1amW z;loIpvSzeUy4=oO4RpS6U1bC#qhi42-J=_-qua{@COCsP60^G_gu-svJPw#+8SS-p zgPem;UR{&9=9|UTg!*ClFT1aH9(XjZrvMV6(fCSfa&z|i9!q?*ceZWMXrF6UE-dEf ze&>~#fJbPXr93afx&ipl=m9@H+NNSdJ7!pS#b08yg>IUMzbizX(db{d01e~qjvG#N zrz{R_cR3-#6^|jx37kQX$<5bf-%nH~39(3=;&zztE&6U13o{tHSavfD&Bdf-`5(&v5$_&6@j(mUs$D#;hZxw*(H;oHnYaqI=exJ9YNW8;#U-l#xOGomgZ| zU+`@lNR0eJ!N&zt(HUVYCNPUw%C3q;j{(v}SN#HcC1lvLle>MR5%`v~o7AmcP;C%_ zGEQqWP}@L;{Wy9chABjrc$z2O7>;|S?oQO$FJ?(!0UCAzdPFGrPI_A;J~VsyS7c-u zYgjet$h#gu|7Tx;hQYo=(7jkoaDb`@4XDRNVJ^D(C!7sJ z2b2SXF9s?K+$wN9VCAs^7DyPn$4SW77<}D@o(%bWJ%KZ`ehw!$Vg+pA-p0f+xc>=> z_6W*M$1vmU9h?o~OWa-^4o1?;f=5VsbiPwijrkGy(6QdH>pKuM?;yODmDEJMXm&Ne zlm8K??^El-a@k$v?TvILqP20kKa7UUx{}+%nYXp|Z@w2#!!%f!=y>2>U=oy&p*OgX z*OToRk}|#`rM?Bq zWLj(&S&C6Tju1Tv5c-0a{MsG9eSQ6u32I z%nQpr!Itra3Vn7h9QWCH+}I^Z4DWo3yoSFCo6R&3gM*+LqBFuTc7oD4)YCMd=SeOm2-%QNyn zfa4QF2%~QG_qka`b-e=jjfZCvC_-ZHUZFdqJh|9-!Bg$2qfP-SI&6%+ zHf=V`XEzM1rr$>xUc&Cr0jU`7(Jlm@3gmm0F{++VTDK=3!6dBr=s$*U`c&VzzhNZ?EbU{FK7Cy`f7Cyp z-0yZHzN~*fzuj7N@!78VLI?(R47NkoWuTlj@XxTl9Q*X!R%nT4>@*O}g~17D@b~{^ zOd$9P?fLv+QrdX=w3By*%#ZxdY139U?Y0dGS&M0&$vBO$4nsleWm*|2cN71WoYDk& z{Ppz{ZvML4k{t<7TJ8S4ye(6v+7 zI)|M>CML+t4dsGUH0j&5?S5UzofFfgN*`79%lv_1JB>Gv7xqF*Y&(ff-zza<$l6SA zqhojdbNNEgX0RCvNTcC)2Uq0hy7diG>~U5P_9r*y0J=u7oa&t)!Z{+g*AnvY+7vO8vXKX+LX+pN&k7U#n@=6*4-Pk1)2l1 z1)p!ggV7+rWIh^n5bOTz-FAo`P5SnDHP85zAp=Z*WzY`r@uAh%{TW&?$9 z`z_-#E)2-BZC_p+O3A@GS5c!$-C^>EoR2EZz7E&#*1>V7ST2c`>eVVbC6gb!VKU^Fu9*xSJVwOg)xjhv}MISvMe#TkBGf6*)eJvo;{ z4yO?5!aX6a7j0{62QmI%<^)_;yh7U@mSyo=XL*kGjas||L^vDSzmW2fO?T8Sxctnb z*=~ZJ(}=f8lD7D^QT)WVwdT2j?BlZ$1{^Vj!w>&t7L#V+w>_U&U*S=Y&-*51 zZMfcz*j(NDh_08m%r~)KPsF9{;2^<18Gc6(_BsW7kmy{e;B*kz%9N~BLIQUW&=O$r zDSYS%C;b;i&oWN|K4uBOo|_Oy_!O=VFWR*%Z;86Sikkg>dnt5>2hCq`NKB7t2+>bV z%{%sPLsrfu%5oq~h53Yti{A6I`r6Wc&6D7ztqamZAXK4X-uuRRwyKGqFG1{Fg3uTd zC(D*=E>+it;j`*58yd+`>&G@ntvh?s9d>c|e+C{4eMbeZ;|`L|QS)2nK@G>QlsjQ= zrlkUZ=fR+fjf%?WY4q0V_t9U$rZ5y}?LCZM??nvK!Vesqv|c}jxyzobM|Zo!LO8ot zqM7?PpTbtAr%Om?xs!au!Tq*usdbo0@#z^};fu6jc=~)SNimCb4{M8K5DC6gBXckZ zt@};x)o>&)Av`VY&TxkkfOy5k3tP$tzS3eX+2_&;{20c-H*#0cVUd9ca$YAtAr+Dc zu{164^({Yd6-e8=&}a6~{|9yN6r+n1ervXO+qP}nwr$(J+qP}nHovxQ+qS#+{Qi@i z%t>Z0&h1>jRdrEGrQXU)o>dDUqLGxGj27!}?7@cysCG_Z7`#F4*knAboiPYs=DAJHELb}1DpUk2L{UcA=RhHOfbTi7Ajps5z8cES%wEj;vJX+JlAq0zgE}4-U;1RL z$s|PLk9LMgcEvfur8JY9iOFqWkH%vICWIv+`{Jz+XWE=06smuh+rR3}a=&x->LDRo zYfEE~<|V30udu2dM#zF_QZXq&q93c97Z`qHT#xWUjYKC${&W?k!>R)mv_GU~HE{mE zbi>p1dBi4C+p&CyAe#~}$GxA_CDAJmn{syCJ_h!vD8dzqOHRvg-tORE0QM&xpYnbd z6oY)t(M~nP5I2d7>ppy=6V;0N@Xir&q?;ry8->-@tt61_uaD@c7bnXKyJp3iu?J!v zq^frMg+fGQbd0gI^cX&+Ju+VTg-J;R5j-2W^O&?j{>za6M@E@wyshB2ZwxD@f@JW= z@nz`6Y~1?TJ;R$HI44!!t_{@6~4#OW8`zdT$tP4v2s#>q%&-i(RM_&=J|ONnEEY&d<_EZ`PXMgC|5f- zVkS7ZoZbwTDvvBvTL-aB*lbIC?h{&3vjHJ7x$toK;QT*h_h^cUnD%q1%chD3>yU9y z0^=P?FBg}B+n&=#uHBtURt(XIwMx%3+- z@uqwbe?#P90jmDcRW!+fh=Z`O2KD(!nbACF#F`83Ziq>u(R!_lOi_cXD?NU6;7Muw zz%1{*}KvE6ce@v$o>Fs2Ana7@s41I+YYTQ{SXJ$&|xpP=hH z*{A2k?v>%nZFY3Ls)6QeB-r>OqxG3fO;j0)74A}e1)dD#`gmn2beg%T-gTIxA;0U@ zXCOF&GhsLK18Emb(SB@=k6u(HFx3W(7CX|&Dvfl3#)Wn-64?@t7G6X5^Q;5*LQ@s{ zW)keyh3%4^#*kAy3&&LBTxXv=&5>=TMLR9xw6)}cZ0?B5dhK~cj$nr4oP1AUd;;zh zuk%m|5#lK@*vL;ZWagracXSP^K6*$Z3gA^#e8EW0jTjOi+5J8mt)WpA4b&X+0e5Jm zeg_57CBF)X?|qe*RaG3J4U`m?FE9Nq105S~l13H6oK;h-cp%^=QjKF=1wxKi-KG?b zlv}FDh>qSU8ObWCQ9Z`pWJwc6Clr1wdSCRtB`j7E8$CBizGq^5_m-pW*~4m>jAgT( zIkZ1qf>S?8@$HX?8d_g$g48kNb-{vho46d!d>m14n8yGDg)@^bJc&No9CAgWy*)nf z2@yo@o1YUbCC)7&Q~Vq!*1nEZq9nLzH9m<_9U>-b@t+h{-WDuGMQ?LX0uV+dRmWXU z^&z^lkj5>l!5q*+NaAYk+xR=Qo;P z$Gj9?hH4Y2VS1a%prsB$=;b!lTcCk61G>-8c3h-zE zYwc0E_{{_sdrZXQJz30XA@Dvac?{HkN+x2gB>jT>=rU~6NLhvzy;EL(KUy*{Zc!yA zb(fVwo*;dE0jTp02KRkoBJLd4`!_XciQ@wLgpP^(2OBMft)VOxuZ8Qpa@8XdGDL2x zt(`U=mOw6HuI+?mqsD9W1JL?q+V;5b(K{S@tDT{E1(IP1wzIdeLeMJVNhddH)X@O=9ApbLB5?|DzlKFqN%O3MHJfa>ZWnpE6#*Y@(Q>pek#PF z>J-F^08%jhzezpE>1UAYm+vDF3!D(z*zvaE8uFaIIhDHm25hp}AK-RWW3yWGh_R&C zF5|2^CqWfrSH_iEa_^U8+R8YT##w1VYIBrOl}bJ0ZrWxl(_%E!?hb|8C3Nh0ZFfFh zA;b=L#E*AvHCA_VdQ)Mc%cOq)GRb{y3hGTYyB)=@{>HQI??QF@-=zH1%fr6T7HkMp zVf(zDwZq#m5M_?V;i=`NtIt`pWDB#)1IjzoLocCC}+4gbUuM?RLcTCiYG7&6BQGV*L5{RHC8JmD7#?B=#TAC(b4x3N+ zrJnLL)}0Ytc(SIBXB^niP`0Se zGCv7zP@kCfR<*)-|IOI(z1Er1G&XF)+R75ZU-R5zK9A2vHNCAyEs(N~zssua7u~s;lC#&qrpFNvVE8P%^*dpj zlA7WwrEyEAwJRM$Vy2rbOh!>v^dFoQh#au!P0Fa9l~y&!+@2#VInYtyg3F&H<3f#I z^uJ2omh>N(jV120Fv#hJ$8N4;rM)4?smgO&=Lm-nnBHto4gkx_-6u`PnZ&Rh-E+sz zJMqPp6mQ1ac%pY#*T}hQO%>PlB4eLo8jCB&I+M+?h^lWwOIS+mI}T;HC{M-W&^vPa zL>AvtEx|MW4HVg>IQpXpY;agnsw>I*BFsh9Kw{v{zeM&(i3g@Wm@&M&A!K;x-zeX* zPjH+YPxU)R#AZW|xv_SMpOH9nP2U055*1b)z4$#H!Fat`ytb8(_)5o2&>mcARrr0)T9u|LaI&*%*Uev}GO zmYCrXFmUv{pIPH^LZ=@t?GxsYMjaaI)OtoM`(pG7E&7o$spBb93JPSNZ7PVwg_+}X zjk=e{|ClxLCTWdFgoBhecj{B4 zDO_kTiYi0mpw@(wsI;C^@3ws&y`^;Im_cY_I-IQJ&OFFg>8R>9jMhlSzkqbok94mb zMt?$Pm=pIPnlK3!-hN=_xDS$1jr0haPIxY9R-e4j0#8op1Y`U-ZZEnYF+urGaD=Ll z9CNSS0fZHYXqF0u0U8b%**T$!o1VU!GQS{2ir;lAw@^0h!l&-Y z%zaIBbHymq$=JScut0}t)fo>5L&!U3 zj}iwDzSv{POyYJ|J|?;%dDC$hOrl>DAgP7Nb%Ak=e}a+&&JZ|c7y|Dy;ev+~EhG_C ze@=OI{D94AY)b`SI&}bp3yjheGKC*ZH_0|j%aACs52-JIrD^bo0ZRYekxy=}$DnS| zsCiPVPQ*o9gkkK`jzajPa~UQwNhdz@{_8>Bcp~;i0;=*cE-c#F#9xgdJ<^-GRni(* zA~0-XGMm8YgT*H-g_#9YN?=<46L0BHxTGVB40gH4%X0WJD@uLSPRVy1&_|&i1Mqq2 zxTa=?7&(_zQX)}1RhF}O^CWC!V)~}dqS~VysE-6aGKmcPT~!Tv#yE)Xnu~#^a>fex zXV@|#V3oshs+TO{VX;GDW42Ph`3_dr!x|4KgUckUTs?_{tl+#wSZJk_!ff`I3S++R ztR*>T1_4R$_7DXD8!psYfs|VUtA-^~UVJBz1%>T2svD_~$^DwpXsXI(Ov(1|8~LvI zPQBFjMS-1v$}3Vl5>{Av6XbIxA}K?xFmg1MFzjMu%4)$OeMU0m9@3Z0meKbbzq*8S6AL2q zj$z?gg-Z&=Bf``Ekp8j-!Gwa`;+TPvv?VbOLrJd^O@pv{+}N%sJ991@6^=Z1ONX}}eW8S5x^68ekMTYf;d?$0bhsc0DCO4Qi-E)tgJs&F0xCnye6pZ{S-G(`cjEm z@8nhOnd}$Z#WYa7d%6l}cbFzNy?xsIcg7s3CS?pRu$nr#XW{f#nt5@pJ;IzSH zW(XVWP<(PENB*@R>P+A~7hlyFEZ$2mE}OOMNlPKxa%ck-H_5y+A?5)KtQlM;U}Q00 z78y$%x+d z2sH&UY)=7^psLPD=CY>LNCFs?L|3baIVHVsa`W2R~wZ~8E-|NwD*)idp%l@$5zr}RAXQ;V~lM*tJ zH&_K^%vx~0=gsK+8VX!Yv78>vZeI^VW^-a;6hN{9SZc&Brm*c6&F*RHj@YN4OH zG2?fUADD+u{iosTpWD1~7b3hqj7fUNK4sPOH#5aO^;e<>!%hoJu3Wc7rA*C< z^kaMkFolr6d!73){$&%3<&fd_{msX4&TVml5~6c__Ue;4T{3Jl1toi*Bsy)$V?{nghq(MaWuCF-mWPePav8jnYkA^|0*e@fw%zMq14}lBc5&lh6;x57J$O z{46~ASn68;2~5j-k{oM3%*b*+Zh0yZVS@{FnBHWE(hIm^@p@RE-bu)lvc&6Leh=JK zB`V+k(-cpUO_&Y71+yZb+oLQLt*y$yh34K#6c8B$#AV?FSkdm1oJQik$7Xlpa=a)2~w1~ zT5$fLAl@5K;t(njMiFBGGoDc?Y#nKzsYIMj1!JcBaYv_<@ma<7F5*Aog{94&#VV%# zX7DvXi(^)p#*KM0WP_~_1f~v0dU5QB@exoD$dtukNTDm<{!ZQpm}os^VUR8HnhsRt znz>bq2ew>75w@GeDW?Re>V;l5J z?7PGgYcdJk>>rTe^`fPnB~eACKB>xVS!au#x;=7#%xz^%9uAVznM*2#|2$nWq^^V1 z!@5sV2hLtNy-s3#L1OlEL>9R0VW|9V#4-UPEj&#jL0DjshPnz*Sx`BXp$F=e#8clm zx)@VdLrGvYf`fAD0p1E?j~KN3{B!~CYIL>|9wvF8jmIRBr}TSS*{Z*_jMzG?7Irqz zq}Z!4dR>b^0=c_OWX<79`gY^&HvlwQw~_zjuo2|e1smP~61>KOz)^*;#d)hjz~tf@ z55j)6VXOK3GDBMooeXxqlkOg~?3rj6hg{&C*PXJJ)Dkkh!RD1HV4z?eI-}pjgnaR>R!_$O)|UQm5>dbduMz$@f~_<*z&W6d*KbY# z3ksiG>texS@0UCLf%L%y??lmnR+Q((&=qxH^!_mDC)a$9uc%a)X-N)ms5Y!B?c`iW z(fQHkXxhE3i)zuX!+_V%jO=XgcL9V>qGTM$@`Zc|q#o*-*~#jh!nM_QI^DaLcIo-C zDk7Q&c?wYWo#NshUn*0t$qJ=n_Wc%Vyf}-3=gy69dp?=cb|OI5CN)rw^^%U z*SNoRk6RzJ+>uI}Nw0MtccWsPC)N3)O7DDir*7c#wF)*f^%-$<9rLQfgrvAo?77_( zMmYcDjumJRBa0f3gbfkS1oaLfGd5pRl)V2Xjv_u{=q)A!(bvnoV8~Ng8)iBTy2*qM zu`_^$>0@GQC^=Ff#KevU2Q}JpUz?5%O-v>$Z|Lk zTAs%OF=I{vYZ8M6ie0WND*TNN+oyh9YZ{6!j?`zw>-cuya?3e3^tD<*tI+Uu0{0tiR$u*fqc`IE!g;eW_uuK{ z@LsPX7Fxwf<7d8LnN)DvtU~@taoCS$DCN-ogc$w&`heK{!jSxTCes&~-(GdB`M`3w zlinBj^n~9hG!gp_@x+(u8{F+cCt%W;^y9U9B-FTF6cJprT5u=S%X9BH#L zr`kABZQBH=uGJGhd%_p9djd;YhfZC2ZI}0)Mj~obU2WTWkn|~UuWXw+7;yIhnzp|< zwolXcx@xWN1Q9B2YRL^anwIyTf)874OrGV8r@u|FuLE~yTLJLAol*!Yw| zID;YaWY$10wej2pcXf43ss3HuWU|Zlhy@L$KfQ1Io7AzK79_t;PDlghDhR=D)r}~! zX<+z+v>3GsjAd4-H@o#MR>nz0xAjZEdroQfIvdwiRZx zi|3?%YT|X)-F$OJIkSyRoAXq1z|1PkmAK2;%l39^=^R6Dp>$Vu+}aMS8<$Bo1}C>L zH(N!aIn%M_Thw(V+Cw|thwUfytmo&D%2)w&cw70H$1%A@7+=aHIJgrE`Vc*A+7 zLZ?r<%IkB-hF3!~H}OnjxF7l@uO4V^vhmu{H1yeI{p}RAr%Qq*S%UCNNGF6?hHL&* zqS2)0lL8PU6Y%R=tOn?l7zqq>b>gN4hAs1iDB^kVYr3U~nk%2>>3iKE3R}WSuPoWN zVp+vCR_h;G=Ralpxu0Rwy40tm+k)cwwgdd+-AJM}VI9QJzef1cdsF*w+>Pf)R6eL< z^9_#X@8pV&hRwHrpM*z^lbJsLQ8;Zhn*1z*!w?N}RVP$&fDoqtElKfqqpE^jqvRFe zC|2f-QAY((0kN(iC5pLRl0tyUNj2#(_kk*TCvKd$f^d4?>X)lY?X!hlr=LQSXht*$ zVxx^Ui)(t-s*5n9_EFoGH!T$iLGhxqsoa5pG2oG`^2em zLy(1zMua&6_tJhtMAr}mN=2a*wWbz*vR)Gl@QDj!9 znl3XB^o}$46Q@6*TG13ru`O*#;I>bdxrbL3gH^4iHovaz8L0L6W=qSXidA2F(SSKGX>&Y78(*1%)~Svxt=O{}57F;9!IfA6Yp~CIt7eM4{2OGl z_h+_&T52FpwKC2plbp|ZEzjc{t#lT3v!aS}$16p?CDv;1_ko9(>F^#G)8xeYSbhZ% zSz4$w4exJnYFaVMVDXW@^Q+hyol^tq#AI61Oy4M36eH63s&gf%R@s`@cx(xMek?Ek zJBhi8)C@ye$RHaB26%z14d4t`VWVG@GIWQk>*ct*N9SW1oVdaB2oI1k(Q0Ycc`sW7`(%+CezCf&V!ufDU`Fh+_w@(F*hh*9$FxB7H zlgMj3Vq@>`mdm;MvA^B0g&(a9wMo4$C~J;#SDo`>E3Lk>77+;lSlXIDa}cz_#Yy#1 zHYopF@C>-^@YE`L>9xIIQ9%rtY3kt4Z+}9xGKpA1ppw-%o=5RtGR!Wsa zDM6Kw56Z4Sa#1={y0CKfK>9>YvTiPr^H2N3@Y)Nmf){m$>i{bsQqpy#isC-@lIoi5 zP{pvB7Xh-mF4}8BH7)@+p^e>JV-nLCf8+NsAgI!2=%RAIgr?&n^4R!VYQR9wtf;as zGt4q@YD{&)Aa=)T#e{)DE^D^D{>NZR%O` zki@hb@iGdL&YQ$Jv=vdp@CE4=`ctUkyw1>KpbxC7v2r0IUqinGhng^s!;At|Fq^;n zui0oUl*X||MBv*^ZD`hqW;hKUyk3F z9EYZs-}SjG?;S_@(&fk1i-y9Qx6P%2fJN`p-)RdQ{ZRlGrOGo7c3{) z`1$(g}q0Zf!_E{D~oW9c%bsW1r{u4ijH* z!@*qZ5)rO{%+13B_LmDDgA8(4ZByKNe(c!BN-Tu)hWr2*Z(F$q`&mvDOl4Su*}$cu z^|EXW6Gxf;%3KY*u;T4LC~J?VKg^23(=b;wtaabpK3+>={^qd>xgc zRN)~v|MljatkDaYsPTOUI~ob`O=`w~31KU`JPAh2*QEWS%U6%j9WvDZ>caRN&0bGX zLy*N+YADC#x--d>lJznp!3MS5;grn?(arK|34lMGCan$WxOM#F#Buc!w07P$bUIxF zHIBAb_dmw%y??x#GoAehj@#F>m=^_Q8MimTtRv-UeJf}%WbZtr|2ID-W6X)qQ4TuE zie0S4(5|6TLCccD)gll-5NU~aq6X@*GaGu#N`L@czI5t?4b8&uU=Me;Q?`YVGUrV- znGS=^DS6#|2Q5M~z9gI+K&jbHaLUyn(f$?!W|EW6*%eR$VT~ut*I^|t4g;*NR1Nqi zy>iKrwrstI$L{OjA9)Tr8%z~WkiuZJ>CTxDI9~`sett+{aX1iks}e*9^Zq`(jMR^q zb8&|Tn9=T?$9D8sKlre(k%^ommsVG@bQ^X?kAD=EylvldgoK~aj+mjC57hy=*a%+f!Mcz?lLN?jVu-YE z$%kFn7J3E73!y?9`GxpxIn17kPzJ`&-+y_rtlYI_`xzc)h^w8;*Dz`~G!4G1V?g+u z_%se4-PJz75X1d<#sc}_>eFy=B+>7VySUGPTu%cqdNa^+Kf}Nq=I{6XVfriw_A1vn zMkH24p59$~N3DF97!sKg$zJg`Hyj;#&B;znTX!2sgn98J^oH;!v?Z1S0MZj-Tz^Dx zaCa56XUMPT1gURL(jfC{(|2)J?b*LO!Ku&PLjteaOH!*XY}O{+Do+k5pIQYQ{ z{Hur%lGXdwnT@C)sv#>19~nc#(Rd z6xtiq$H@0|Vk`YFLb)>?V?<_l7&qU&@>kvYP0Bxe3-+ZWJ}?}T4_$o@H{;m2VJPm| zvoN(|9&Y0ohz!jgsq`KB3j|}=%;}Pi<0%=!e~RcS!_dk&vGatLujR<0_lnC!7Oqm` zkyyWZ4ASv6&pcm`;xrQr7rdv{u;JuV7yeso1d0qRf|XB10>_k4f=n(x0-W^4#xklw z@9|{4*HRL=?tE3M(dLQSWELNE%@Pghq%fZK`pjAc`0Al*(}YkXIre1X3=f)q1w!)(ZkmBIrP?ITWqZJxD5-P?X9Ig9o*OB0wTk8 zWR0ZbGCx*I7?p$-Ek*~<+8rD*pGe0;_;bjpG?mMqT#8v-hCJrP_+g2Ij8K*4a2K`S zU{SK*7qY*K0fLS+GtdgP+?sU`W^kN?(SnYvrKI}*I+Zpt*i6EYxZMP+|5%o+X4R8b zQvHjgI2?`&)BsRAJT*VR*w=`Ci{o~fF%|d zzc~`Sj5i+wgvLm@AT|(@BHyMJXUL-m}$&_{pwk1#?5HTxfZN#G>=+H|!(Pp7Z? zDw@~(9fiB!>h@onG`y|8M!I51`6l%p!Skj0rHXmWL{M*^!}`%~!lA^_&9so+-at9q z$_jpb$+-@0{qUtv1riW6*vrj0QAfM{Ek%I=#Vl+$qfMlcZ6cD z7*Dd#!7b|T8mExl(3+UF0yn7NptoM@E3uiYt2*EsW!$dAe4q0{mfg(X5X!tg!MXAR zRGf|FA(Hg>4@f#F3(VCBI*~U`_tS?*V|$_2Vr!( z?2JGYp26W~ml3);#kD-ye6}D|oqx@ENr=6dSV|(%g?2;m-D&{t$D7);A$?Hws7>;3AGuh6%NUA=74})C z_sg>lvxu#-o1TJh6Yp+W7u%U=NH_D0z#H-Z$z3DVUHX3DQH_u!k=D1Sb> z1y4tnSlI!lb#y$*aLn_;jqDIHO;af&g5WhtMJ`gQYtm36At(apUA214dbV?QMY9Se$ zB}gN}i53>$5EE+ll!a`7#Wn>1RoWUDCA!H=ye>RKLVQ)2w8&Pq)}hWk8tFDK??>lp znK1meRGC)ciI$nSCp~Y*q0vD>7NHRh1PE%yhzQ>|xkCYKASNL|7^V6+5*JBT^YCB*J5o6@ zah?D$;SM{2a?S{x?!C zy}5|nNXjGORRYapOV>iB!Z1uQwE4O6Klph~_kzKiw+B#9!nmDDEl}Er58-7N(wxL% z3aRgyzonVsFEbcW7x98cjqa_DPX{lMUg;|{|JYJ+eg7?1P@#wsX!E+TN-TWQ(jP1x z-Obr5itWdb?KSOZt#j9~(~>$7`UH;++xak07?$p*s5Qjx1u1+W&nkh?Y5xna!vK^+ z@A{5m*fjoI?wUy&eGNAXKH;r_yZKUB`Wk_>UR_M+PK4pvP4rwqVY46arA_0_lC*XB ztGnI#hM=)c2J~{PRMXr2T#@4q!YF{tHwt94SEmm5RuYASW969@M=n)eE0bf%q(D2yW@A@Vx6L%6hX}jJ< zLbL8MqAPklZgE%mEI)lDEr*Zlv@9xi0}u9L2$cna`=k~+CY&2KDb!1#hB(E>*p`Ks z;j&*QNsVaxZF(g4Tn)FvoAZo!5=+HDKD}m7a#?0{Oqvmjuvi6I(ERu%UB!l{vb`z> z|KbbaMeTPt+sPi0t;Sy>yeQ9#1)DU)T7*iBw^j@eh*As$^jP%MDVq_9KUy+!q6~@m z6Rjx{4EdMicGF+kBZ|VsTX>#|zOBZn<;uE0;rkC%X$r?n&)|tF4*6wl z>JD^fHZJW)5fSZ%3sTP}4ddv*Bf>%tNvpFjHR|GDKbnHzxGMdNFzFCA*f22kcBG(+ zSI=_@$EdL@7?fenFRVmI9EGz5YX?;;I@vUOTxp_n$)7}lnS9Z!sRG_l!iVI#k8~)o zG5LYa1`P}IXDah|OqgvTvW^jAyS$=(`p`t9X0fA!}95L3BIB2T74MHoeQ> zPvkcdb_1Zqh`Nl1wI;)_-Ql}MiSNE!XCoo7$-ri@N$k+sN!p)b;X89^H!NC*lnETg z$yZaz)D}m@VhKh*hBjv2$^6`Pvz3IktuK^jl07|a>&?_KtPp^Y83bi`sdbm^?F_(0 zlIprZPIP=Mj+899?xcW1N9pI>ub6}<&a!EYvcg6*l|YH4E?eL?NdPAKk_@nZFbGtd zgc{ny;FZR421CNA#m2Lm&M15NxDdM9;`4@Z%mEP-Y6a(0#O)|F;Z<* zJ3N@cB`8m;W_Rk$a`A1ATGg*JS?OIN3$a8-To2||%NkhyyjT|R&IbXG7=*$LiHU~@ zN55{eeQ-X_e&wzpF6=@ZnTNS3`d$r<##T9t4n*XGY!YrS(jB6-9Ji*JN5<^>lww5= zdm1(L$R-?dlQ0^rpI__ug;gqw_OTr3*;j8|^Lh(_3xk z)z?ziG}da^^3h*W+Sx{vFDAIQm^TR$R<#A%0S!%Ab502@;l`XN6yxQ0Ww^xH<&v3z zS9sBJNR>2?DY9o>w+nbw_fSu9ldZ1my=kpTu}+@^a;f83vo|;rudB1bs;fcsIz<`p zkK$>>x*$2rO@9Z9pps$0f0YIVoJ0?t$e5!WI5tiCMsG91JRp8AloG(LBJ6@XSF}jH z>cr{UwBNmpBk_^gAslU>c%zr&FYqqxA?V*w4w5R-|6>LkFCOIYC#nt~x`bd$3tw%L zyW>eXXM`gkPe3bjcVs51zrBWL1Z)Oy`}~azUra?AqANC`5SBDG;~Np*5k&0cSvM^x zAcLG|7`-QtD?Pf#JEWw7k>mD4;f@ND+w(*(=W@I*c%XOJD^El_^gf^neowDJB0C1E z@=H@-#OEX@r#;$GcqOwfFh$U?9!uzO6Af6=MFch2%M?h|x#L{&31pCIu%B<4}4`M}NYHV7Z5lu=-yTvplQfQ^wHm5Wg0G39a$_xgd z@c}nrpNPL?hv7yGWq1IwR$2P=uj#;+!lOrVGf?+6T|`8-7tpT+C;(PBZmoqS60lkW z@CeJtJ(b5Dr#o3sA>^K|^wXAg6L5+W6*(BZ(PrD0-yPBQApqHtEdsFLM=1!hRc z$UN_)5^h6q3p>Q5BqQcV&W3sdbBOP^!E>Z9w3>CrhfiU)BUJzXM+GB4t^J(BQJ&7sP$bD526L`tq``40K_F+1DJMT4YM>AM8OS(Q`=Mw#if44?a>)9Yj-c zuLa6o#;Na)e&8$3+Xo4Eb>QNp05yx27RzDkULWuxBN8r~^xL8OkbXMPCg(GJb|N5?sCkZE>X~G&mx^SWm5O8+?cmP!vtpD3{qu5HNizdyk))FOCjK*~iAf?i5Q+uu&|_7>)W;@iAP3l%ilV^R@01Gi%fQdgT$K!g=7;x436TTkTk_`*!*_zY?O7q%D&$gu zR-8vXl$zeMUuFyeb&%i~UKt${W{FF{Y8zV-X8JE<{+*Vj^=WB63yUE#-|Z7aKsZpr z9?aN-+9kmJ^avd`cC&~e6x>vz)iCbRRwV>z#Jyp_?ZQdKGJdfpyxb9{!mvhixIH~7 zl*6udXK-2Nl(Wy#AC|65fN_sv;ZB=8Mlu^B`%2suI|%=NqBQLv+{8;JI$V*L#RT~h zYqFFs??*75V){Kixnm;k76_lW-=;>*nb6s1$u2mu|QrbX?FzSKYpY~ubn{bijbwNd|4k)I1Y?vchf8;4~D{Z??gH)!+LXI}u)nKf6JWz9B}ZP~+`OV`|4VS4Xn6zKqU z<3Ff^!^$UzGvntXr(9a%Kfde)-S^>pcK#C-I>2i4(lEEY1GUaAEc7n)*X(p%aGR#< z$T))XD{|a6k25~tKOJ<@7l*P|Ijf*@+8#|mi{h%A%I&CSjurYTJnGK>M4tAnd%Sh6 zaD0MsQ5jf?tqm;`vXZ=RQHb^ot6P?xxV&vwiGQNzr12yu%0?iFx}w){)I_|=?rtUz zO2bp%{P-$amq`EMs%4?Y@vt{cmVSDY+%_`JQ+oUoW?Q%Q+lX2kW=!OXK8D4aNXcE2eB1hG}-n*ER9 zfyiZX3+1J)NQZN_JMCqS*&dhzc+0Ocs?7c;#z+8SZLw_=>W@<@ni=C2HX^o3bWk_* zG9vatk9dmt9Ih~Gu|!K;)Bbz|yZd}9bgHS{{ZW)MrYz54p+xHSsTJTPmj^RB+S1r< zrP|ip2g*HD#*!OJOfRGiMS_=3w|$;3_}BBR^T-j5JL=l?`wKj^b&lgwC*S`^NaN{) z1YP!eQO}W3-x7&oJ%Ke8Z0}XflvTlt;;t2&^z~D9QBNxNnVPsG?=}X~da<0i&cl1h zKQn%$noFxQLXV-rE0vuFhr?c9qx|ZuAE3imMTG1ttHEyCqA$eTCYnhrbfyo}WMBWE z)xM+;ixEy@D->IqY{s^G{bC(}#TX#D~8Aag$N|+G!%`(F->;xrUoDy8$ zBHt7=aT4DJc=yh@%2cDCu2p0RQ7yw3UG|B~E^;nQr@&X>dP{>LODDWO+E~%vNnF-;3Yrp5#GYmw7Kur5^8K1A^x*yr70|T<#=Xqq* z?~MJIbNot0)7QVMXxbdNOuzb|i~%&DL2yLSrL34~Ub(K0oiw2Fr*;xv_y`(vS*ksV@r}(`U_gTO$jp= z$8sm=fGJ3;8+)j?Bdb8nFbPTCPt}AJf0caOc!B^d#!*Z<`iSgScFGU7&$_rpx2wEF zZLD@%?GOn#V4(IzCOgCLV_M-Ss_DdqmlqaNWm8dCC@dUUq+T+E9c)avDO5Y%_SNZT z;!%>i2cbAID(Mh+j-Ni27A7XD_&E}Y@P0CZ`pe_%znU9}^W_kn1xS$Uwz-)Q*dCY2 z($>F*c3N=v`>!7prHG50-P|^117o*}1&ww*u?5Yrym6T^)=vsC(FkCpC<~6yz?fkK zX_&$L@0r`X!YsAx=ooiQ#~&KAF+7$XX2Z*jcW_XCj*tW*fk4Z6!kF_I!dnriV-)Km z95`#KUV5(z%nmRcat}vqVvqhbJ^9cPTVc5=yg*P6%bUSshxT7haKzi2nHPiQC*{VG znKdDL)~dCCtQ)&i7u{M=#X0I_m}c~$Y~oszsY?n#w}~jiYJU+ApHCXmM`E;+)j*AH zM|*30M+rg2U#a8)1xE1PV`!LcvY|?w4QbG8h#sX&42;rW!ZIkyXH|Rml=6U}!Z?L<62n`uhefCA*U0eJNHrzypAeh)Ocwg2? zKe=*;nDZ5AadpaT?j+bc9DKNTvxCVw9rBzl%?I4an1DJ3uprsO1O^eAVHNy4IQ0&w z_pd4Ybhwy}z9&Ma@j(?)t60Z}%OrzidO|%1JQ);sPCoykRI;lasdhj0QA}L)f``%^ zhF7otY7Az*?h3_u-hExT(tgwU&6YUQFMC}K=i#R)$C{@KaOYB3bac~&6aVDowHgKk z<+cxjC0x*D&^@^r8e%k_CB^JY!z*oL`MhtTN09kol5Y#_ocAO*j}SgcA}$XdJ)WdG z?`K%-J&FC{@{zc}>9c$cwO0qS$6woLVW{j!rMD;4pH6kq6do@y@IA8l{f;i`>pJnL zDh7BxA7=;uVn09SLmizDr?QX(5|4IB z`SUHQpE(R*f~ok!S_fw?wsiS0hK2G_&0)FT&KRfYwQuiY5UAb`spH;&U+>JC&ym+X zhq_-s1rW?}3ApbzW-P};no+Xr3fVH#qG!}~V{5=3_#a2Wk{QgiEmH(Y?jWXm37dm> zZZ7>xsFsq$wXXQM#>o+WqWNs8xI#K|(|rZS?pzvOD4J4H9@CD}FWs$PQaDD-yc7B71jt)T+CcqJo@FC?ZbvP* zLi@V+>R87RN*Czx>YQ*#!v2{axain}Tbt)80wYhI#zO~v90v?LD{Dtz z9A{s7Ka!cJGBmb62kgi)*4seCFK%(gv>yMWMht##@I>iv5j4-2@2>a%*kVS-Qx>zZ zCGlV^;*K}mO9*)se@6(w$nUYroSxuiy?ha39yaEmW7|jXl?9W5vsPkSw8+k~tasD%B;URX*Fe-H3S=g76a2I5bQaj9k{ES#xKW8thfN&1)g$4XywB1v1reC`* z`Zygs9dtT2-q^O)v7NlJZQHhOcWm3XZDaqxx%XP@tG(u`n(JUbN8{|NaWY2THGXwn zp52Y2)Ret+4DkvE{kR%UP}&_dv`5Pd+m1@99x2+Y)7HEdk2CQP?UY?|Y4s`P14z5ad#<&Y5($ z&>9+uLETO7w~!xNU86z`2L|yV%$M;9(p1C*;DV@K4dR=@#J7fI!YU#>%Pz>h`oMG& zn?;aW_?*DSdj#!+qy^XO{uzYJEeK{*rxb8#y|rLGx97jn(q$?f7W4^cA`nF|By4Kd zXILF50bZL3C^C(~LrdWQV~2lOw#ZVe7tDJ8c$m~5< zw*@GN48cPs$6(_H`&5{Ju%VYW`18GPoptHJ8axejiG8(NM=W$m=x%anZrktI>>#5^ zK-o$YD$KpyOa!NR%$Imy7SSc_VI(yN6DDE|{!|vg&gP+3 zU`y_!NfK)}A?AS?il5jopFMjW(D>VZ9KAAlx6D&~#i{CSxMi3u&0owxfRJPrk5@tC zUf;jQy%&+TLB@-DT-gzs$LBz6rCPvVBptmn**#4?-&5`wQ>=>wzj0)Jdb+_?Z)8TF z@YiLrj**N{y5CWczgEvgl-Zmhjnn}p$G8_V=?NDtuNd^VB)BxJ$b_AC*lQk^*C7#I zGn7oj?nO&)@0{AO8&3pBUFY}XP7N0Fg8+mFnBoWT$#Jf#)Gl@Dq8|z`s3xL$V<5gT z-;(H^>kdpEx33y+p8ph>k}fcjWy#Mh9S3&{4DX$m3Aq}Z?g{8y8MleZ>X|~0U!$>p z-O4Z)C+OTqi;P2US0@%QE7@#0HA#Qk^a({68wS>63fYK#eM0r&24T4Az=#jTdk>9Q%I+jdM zeUq}@3R%`3p=;6;Mxp-wUPwALw#1(fXDqvS^kxW0brN5(+zWhnM14Q{uGN&Gh z?W(k{4^t2f^V{xmC?G2=kbNFGxt8e|{i zvU6f$&?<*|CYnr zbQ|yb(<13zjd!}{;s;wrw_VtDAu$FSToGfk>Xwg*FuAVvg}onfb2V)zM=9E6U}|eL z;w8p|eWPv~0TxB+GdJh8c$@Fxi>q)rUnJjTJ0zauYLKzIAB=)pztDzmUfHM^W{6+d z=_o4BkM8SzFR?<9t)(I@%xbaG?x_iPS#&N`MywMHP*=JoMe*&hhCK!hmi_#_24c|% zf-BG>;7PCt5hmPmAhYzP$RXDE=2Hv6Ukcf;`g4D8$9`{0Gd+Cknd$irrr&)~$xB^r zJAUZgjn!QHzLG;#t;Yg1u5*|bmeC);SV#vdvH4C;(9L%E&$#_c@(3jt$%QGS7R$$5`6nJV3LJWYAw8-<0s`{vMD`e-=+tGgwzh6ju~vs}Zzxkg zM(X=Vo^+s~Ld;pJ#kn^MNF!-f=|ib;ywx(~gCG1cB4M9VRhj8O=o1%>H_~OKapzi% zj1(3rR9VyzE(C>OkB7UU)zxDdenkL0UqS)Dszt*k6&A;x^2>oFg&X5o#3Qg*s-0S* z%27SQB6+)&qCGp&#c>ZM7O;|VmX~oyF#||p4m=CyXZ)dYpD-3#yc#An5Yi&9ESAb8 zW)~Y6?nUL5#S9s)eCVyc*{C|~nu_v?qSfxZGlb=^12No~jr&j~`or=>@xL@rX(fdQ z3uOcZ9|w)M&uS!LH3o6#lrag4enS|9vw}y}{Y8)Kyrk}sji>U3$jX9o75!33BL0Pv zqvQs0tTTe6hJ0ir%E~@h zKS-)O{>_kVz=7MTM4l#rL7_S@(Rox&E`WL_EN0JG4F`bd!z$j&Kq?`u6DFCkQ21w} zP*lLk7o{vI)t+VVy*)&`B2ZhHt6@C&CS9Te;1Y4vcE!9+_3gyfq;!TBpD& z{H|P+oc&Uu1&GxGITj!)=PHIQHki-LEz~d^hbtQ4I=Bhvd(0`QdX@CfYQwYF zQj@ZwP>X$mBus_j>6nTO?wm0&DJ8;ExA63nyHxZU%I;{~p^B9I3^~K$ zu>VV>68zUhD$Bn|G5$}H%KTpysq68-#NxBB?e$9(`g5^rz%04 z+g8*Q^h3$QdV$FVW^>dx7)SosBxze>Irzjx6^!jTxnUvY(Gx$A{`sEyxDg-mKf52k zXOYhBoUq>ey}Q?J-Y2hGHSpgr)2AQZFML|hzdgR2zc2B(kUrV2-p5>3*VgZK-F4mg-SY!%EuY2hZthY`8C+ji zHr}n5&!3ZW$||F1HoJ&|*N>yy%rQxCx6OPb_tBXuy)AD8U*1KpIp?Ma=;=>O>~+&E zEuY=b(_grk*TP>`@5BApO`7;@pM?L)GBj(0X=taIxO@}eo{0$QZ)>qeu|r&kv~zYu z-unn+B?gc*Eq)2=6!5B-T|j-VXaB0_`T6G1zFx)J{zyR6YO=A8H4h&*iTVG5)c!CZ zMUHm)DZb6mo5{^>?~j`gr|*6#%I4z4lbmupDM*Hor_qc&pASUqD#X!Cr;C}6ai{t56EVMNAxF0hmykR@#Nh_J790_U2Om-Vf+{Y8)%|9le)09&p@bTy zzuH#s%dB)RPtVVvEv$O)aNugC7eKDSp+(>~b>!ZqFAM*r5xOoAAwTTSYVyM6eNlxr zj;(PVdRFP67I#oZ-J;^a2|<+8{G7LQRMSt#L_>~e4_d0$x;@_PemoEbbr`vbH={g52>2ckZKI^#SNvrRX3rd*r z@H|{DfPD4?8~y^x%|O&Tq#=D~tynuRjwxAL!cf$^2ae19Gn|g0mW?X8sEmB|fHQ`1 z=zk;{W;pn*f9kVj($CGN8?-IA?~`&ky{M?tB<|##5K6NJyLXW{hxDJdilvb`F`pei zoxvs<2Qmgbmr!z?Y8d~u`0;$Hh9!6Js^`I7Ejw(5GE@>(bqQ39Iv2WoB@lVN^oO#B ze7_hXnhC!87KkK*n}ty;^C-S+qR4N3rl79%fRM+v^IN9uN_3!n*F-NpEbxY7}2 z$@p|;xvC>J?Z{*`od_&<3g^~8N}?CSpbxNWl+*VUt4R@^fSTmEKq7!l@^!f;r9sQm zaOy)pv|8>rk8rRwV^9lzq?x1Lf8W%k;9EnoVA&Oq#he5myEM_dL=3r1YfL`3$8rrx zh~=%XK>~Cb(iuKq>JOAwl1t8omM%tRd~?@4t%Gy6Z)e?icFl~_s=L2_J}(t*HS{dH zX|@`wT|nn5&Eq1h=ZRc({9IX@<+ScGY)UW1%UqNxfL+c}AHI6a0O;k64jFc(MtmrA zwPo{1cc z((x{IWGn@kngeWulNTey3}`}$Sq$^1r8@@nE)Oc&R{_9hOjoWe`c)Y=tp#heuf1Fn zPWlTH4f@M@hjyo8UFz8@fsX6R<>FDFW4LoL`@|aj&vhPw(a(9S=TL^-=ss@YQD(kc zLz+sq3a7*RALNcqyMYEq-?t7J?$bNiZj2mbLs2L;2034(j(tJpc{SdD$ z|CZOld(Y^E-7pbI8YBj&tvT0x^iv z6K-iwU6++i;aHnDI|z~8PMXiQ!kCIpof7?E4A$&qH?=>-OgR4J<~Zq3jA=fC1&Mw` zcI}*uXtFrz!6qUF#butt*=FN$AR;%jv&rJnQ6swdC~ld-JJi_vy&*-r)Ie7}jHu>` zi~%zi1Z*=&@Gi#hz~Cc0Ugy$&i7~VESG&T_$Qky?AV8ehkpxZ>_sMt`gsm{IEb+Y* zPFLU%NG7Gdw~#wAN*KkSgh&pfSj$8Y?@f;;;L}oRCplvHp^q9e z^yk^&Sy-t$y8Edo@~5I;V#0+xp0$bICt>mZX-onc@po~=V90QO8auPno3=0Gat|); zH>c9>l+!RtC_J>gbPm=exGaDZhY7fZMlmX54R%fb_v4S5r-#3kjf%j7{EZJW`50ku? zb4~axL10LJuEd~7wodU|zOoU#-ddhpx*~KG-mrxk(M)^b=rA( z3Og@%g zi)7DQgw@6e!?BOIelXE8n@2XS)`Tu#4TbxjKp0N;!>HeGp@si4kMKZ9ec9+4;3#|< zw+hkhdAkGJ2e*~aNy}IYK8vM zi51VEf^=<~xdW>?(=pTF1*cH}gG@F_3B?SxRV>%OepT$ft&$#1-*nE1WECefJv9B(EpqTsV6*$)A)XC zCjLn=QXACuGZpHEzE2eDMj(zrZ;=M6ziU4ko6ju+d3UJyfIH2oTNf^O|ZilS9)HYg7@H__%>X zR6)`0`N_E5QQw-Aau29!sNzg5%Al5g%h-;Krg#52(INx-DfI}@^`Q2)5vfL{0Y&Vi zgtXC}&+%bW`ku<|@|r86>W-GvHLrUO=zJLuLAs%dUzq;sq5_N3!yb7zl${tBAYaec z?O{iw+?qg3#xTQjx#W2?S0*`&1{LGQ7a=fMMGko0(-;$am&1rGq1p|kd4 zI3WB>>1V5gJo0{_fIvECjc&a!13Uyu54_$Cq&S!-I}D88=y{>Mu>@-F0l_Z2WZE2~ z@>j4ZB{BP0tj$g#6_2&1rHUD|F)SuEGrTg?wP?eQu`AuZnI>2UWE7Q^m7Q1_^RASc zl3P5KPa$_71|+`nmzk96p#qLySwIX`m2vrp05N^@vL?NLUYyk;oV}1pakkb~T80|Q~>G;}{@tPT$)$VeLXScpo{i%kUXhJvn#bcFKD;<%CK@^a7!*Eiw(b$+z0nP9hfZcZjc2_MT#xI=)yxtg zmsDP%L19Z(@ONM)v-|Av_xk7z&~R2Q>2UvwKG@rCv66 zc%=0UMe>u$Kdf)Zd&RIaDVU0|nIZIn*z#iw*CuQ0j75~pj4{snG-rnryM$xs1vJ^O%8%@=J-;6mwdVESp_6KkzyzkpEHHGu%*vPX zM@wg%xZ)MN78fO3ghI?g@W z8sU<8vk&G*!qnWwzwK`?oT$&l1o@q)Gy_JS^SIt;s0ql6 zTNzUfkalrsD73cif*YoG9a4C>A?xRb}=)vv~Lmj5R zZm)h26~kDc`aH&wG50SIDK7yd#P|N2FhxPd5Ak$jw=kXVQ>x_se^EDzDtFCD89`L$=U%ad zH$q^f3>3r$a2=deC{Zl0!Y2M=X){=zp(#f{Z38r^7sCx(7Cva<00K|K=MrlmsW)?n z2;O8AeL+|diqMF($7jxwK-vAo-NSm&BortXtj!t_@r8wr$q)-lG&p2JN9UvB?m{?o ztDaO~2&cGmQ3XjNmv*%#PSpx`V7ZuT?~@ZqN-eZa_m#;6D#NmFqx1frDjwl_Qr;+i zNKE!h-_X;i>XTns!Tg@uPqaHY*#X9Ar!DB6hf8slm+q2QYbKxg%EBpI9!{X*l2?U8 zI$Yv8A7#pDq7=MWAse_X8bcX!Rsqp!*pF@s07`ppzCr%72elbRlKUc16iSsUSFz+f zb-c&ELJ4}Rnc+7iyX0!=yUF5U` ziN8@tiw7{sDUm86UU@UL2351=p#TO#dO+_u)dg3j{Ec0;9{Qh$#l~ zWadI0=gfdqQ6p$FcKAAGSP(z98lu~15lJeg{b16e)C1uF%o^!U3IANMSP=L}N3ki( zT>l(-V9XlXb2T~xTnK+Kv(_$|_3N1fe;RLk2|HykT+Ct=RgTfSN+IPKyG7wQ)YDzj ztTz*bD9()0=O;x^sJGc)*#GvxuhxFjIbHg~zp8GSKidrX)6jl67u>LP9G=rpQa?LF z7tzbC?`ehCV}c$tFM88g9qg9xAhQlNkc^TGifObJfbc66|A6A6+N6d-kM@u0Z)ueD zF!DTp(%d(d?AKQp0dN-Fd$Zh5@tyr55;kEiLej7kyXwPQf}*8~90`fV;lhJ#Z&6Vw z7ywbR3oV53Jhvs755$3+()h!6`B7D|$9FyYX*58RE z9QBH-PaXy3zZn#8i&Dx%{-Ej=!(+>1HuIJq(PGR{QM%M-*znM}w>a4A4&&fRi#w^l zcYDWH(>8Cfhs3A#L{Bysdu{e^jw_WgD998b*t2B3K-jLYzx<2{2NHTy*{6!d7`1u{ zIomH&y0{oPQejEn;jvXcf4&4atHQ6hwmM_!;z$MIp%-~(FKjMjN845C5`O578IM!q zHhUIoRdW%+dr+X?mDoe`)?BPYYvMnKB!kOJe?olcLP7-`tWu}@d(zNJl|p&)a#Ua)lPCWdbiu-Mb8+bB|&-o!UIiegCl)L&_I zfar}&JZ`$KFtgB18VW-n^;v6zRksuORvA6}y^ER55tW@&7!izp;=bP;N*&nxJMbFojYG?H z#-r-Uu}bdFqw9=myR-THU913yEHcB9n`+V77Zqjvv9!#WigwBtn=5F0R|#9eD5Z%P z7h4x7mEFD%Flt(0KNV@G;s>41-|vh;wCg&Wc)uF>F!1_z!vBVs7t;!rh|8mS`mq)V zxPhDIcjG6fn@tcK2^A9$m1B1&xu3~kOP=Kw5J7!pD$mX5BpyjS-Jiy>7d#V0o4YJ@&XxBs z%gF4}{30sR$;Qh&EDUXrGef12g;lK0g#9jta`U_pC3bgF@A*NE%T%FTPxaS&0vE{P z9%OUr(3i$u3+9ShT5LtHdmE2EOZE3l2Wv+-Z2Lq7$3l zH0(3QP$wvy)L#liq=rqLp!f19EYHd?Qy*${p z>XSpQ^G_aokFi5UqK8Fiyk{M#Qgr_X-@vOU0*My@IQD!XV2~As)>Xd-u)>RPa`N|Z7OR5m@Yf?)t ze^CSPdJ9MkF(RD?M_zpI!xkK0ec0CSalV|ek=D0f0x|H_IWIMKJi+d#(#XkT#vyt* zJNNvMFcA0whk4?tzwRikv&uAmlV*aPd`KqlRnp=kOfOkgMxrADKg!s7SARXb#N-dS zNHbyJstN4;5nP^lv!_Ee%GGjGWAq4Mg-d-JV*>cKDumJe)N%_;hUZbcbB5iXtcK+Y z4)Db089x<1kOzO%D4fc1;~^X3g8Seh%>m*z(R&AGwls}i$ylGvg5b0Kw60LypO7w@ z3#i!myK-FNX~&r;g3D#gGCcB0_bKZ7iXlydizh&pV`(5(tqwC#B5&$_9440-JI>QC z^Q}J`j&PyM{u>E8AHL`)B4oL;>;Asg`F&+1KEd)iFQDr3`H(K>S{J?8B0{#- zPIwNBLT&E2mbVJJgDPbt?v*B{0y@|0={x7MJrWjJ6%5;@JrYZc-C}f{M*BtKmSuZm z!lCQ>Ds1#Nr859Yk770XQ&~1@%B81XB-8g*kWa)T6BAPcoYb3QtmVbSMrFpNcQBu2w|3x}y&}w-GASw(9Kz!wcG9fRWN697NjfHyb7l+1q2p`7WI^INL7~;V4;K75@|RjB00sijw&Fhv z`ZN{ZbVj!yWWblO1e*O4JsJdELE?LMd~c$n{5(_Hc+n$()h>1nsik~!KOOJg|uZ;&S zkfl25b@XuCwh|J2Ytfb&&CEItQJpZhF}9vjP}1-@V9@4JbYh@}!DU~vxp!!w=M%_2 z=#c<4(f2!aU*J}icz4t~&vMbyo(;~HQVCOX@osh5(hVj+%O?kPT-_b|baC%n2IbrF zuL(DviUrJsj*R783S*b_0 z8zf5abHHryuDQ52Ouq;^O;FinZGMlMC;|fsaQ#G+ptzHn{if4$ujA7bN}~5W=dyFm z4`pCLo+)GTi9JO|MSXRbCDwj z0Wx%P*kE{n!6R!5*Wc&iYbgY8(*KMyhyry_?;1cmm8pQ&a-w%ik$EVgV$r731l6-K zgMcrV)SNPYN^~6yP}m57ns#5uSM}Igt6OvDLfCuQE`SdUx+V zAh-hnMU&}+#az_;*0x2K?pfI4VkgY$8uJl{$!q=%Am`uwbSRq?^>*4ZzX#|OA=EC} z<--yBEkQ=S4?Ci~G{pjB=?g&A0G3;52y}cyxCSz$SVJk0`F}fB?xsA3{49K7G-TP^ zPq3$_DVAgTNex2@NSHVXGzTS%(SR_>D{|H*B#(25M@wtrMi-v(qrHVjcLFN+R>?f| zAqXi!tWK;}*6%y;P=BAyGZ5e>n%$-xj-t};r5h(ZUnf6eiZJNqrRspQfmqa>EL~xB zMzo4F^y~SlB627adZ5O;em|Zah}!=4`Nd2nCEzFvDL@YkqiCmmaLY(jAYT zFCGyP_NKQRgOc9ySWs}0wq*QbDk@94O0+zTo*JT!0sxCIdXj9J3e^5&!D~spra;U} ze5R0EZPn|0G#GaecMwfl+&2O>tv6Sy@k`=GyJoCatGL=Y-YJ5Ax4-@z43qO}M}47v7V-xoC%U(Pk#5LupUCYiXct_2a%| zbPMAckRP^0;A$4mS=#k7F-Ijq8MH2T*8?~U1J$YeQs`_?s}BZ|!hI&*u^k)r=fP)U zKH-Z=T}?C$wJ6kM2 zWtj(r5o|T*;aJFwz9n;@SlJ84$+Wz;()h<}dJBg@#SD;H>MXJ*dA#cMBp%bb-;BEe z2QPg+cZ%cc^FMc&@i1zRjLEup*{w+<<=Gs5H?EGP%WM!4uW=1B8xwfJ&C-? zbA36=n)&lYgvdiC?}17=Iajc8!5=>B1HM`KTgZ+Iw#qZ(%go4BMCrlu1<_w59>+-j zHGkl(T)aM z9ByFaDXVJ06z&Y@w?m?Cf>mmV**!XQHuQ#-QhOjxH34cH=NeH4V&xs|m^Ox087`1w z&G*HLAt=VWHVw(9782w4(vF(8nZ{7 z*;zN(;2CFJ{{ToRtT7$|XRTB1sctk5tIlLEU&vF^ZybdovYa2V?Na};bSKwq?)D(=j#!4-)AEEa9mwFHS;~gaz z9`F+F(^GOD`_3oOCHIj<&z*p5eZ$(t&rju5Pmk&1S>@79mlbHJ$|x9u{T3j%KmFBg z85pQHp1ne@DMnhs5~^Epzcdn)9(!MjJXz`1*+gNaQa3tba z6gxt$u*DY!8k;$+9-GM0UBYS!IG^Ml!vLnjUeWuXiJ~Gj7aL_y_MgQpvRd=b92x$+ zw0gW9_OVIR&R}t?W2zMVcm|-LQ~Y`y@frq_^tOR|#d^JYn)0@h@_%kNf8;Re+w;ACk^(E#v_R;I#C|4w4GI-gO$G#<=p2#c{gpbhn1Rwo*LqHsn z5SJ=A%{!Udk@U@NCK+d^pLi(b3yj%N%lGu%(DGIvaxa{2oG~L+Qn}8jCEKAJcm0xv zi-N^FLt-9-k>0lUZ_=-Ddu%|N?8#n36A2|Sv__!GtAu+g$r?6D=JVFML>UXZhXm)T z8$Lr~F+>oCabA$gvYK$Z6d!#-Ok^6hmEdn$WA2>_hfneg2@W}q+ZD`kXgV#xwK~g) zVzs0Ys!n4rMEER@u@Xp%e%M?j8zYAwLvh*Q^s-4flzi{;b z{sM1>VuokK3a%w!bd^&{f%m|oaYLkops>ppCI~RDt_wqn`@vLG6}pf04cuHQy?Y9P z?)tVj6(0(RaAip6&KUNZwXKFIi+Qbn-v2B~@%D9)kM?3LKnXO3!J2{7yhwupx{>a% zI=DK6R&oc39PAcBG~dDh71%)gkrHThE}RCT^es33RHr+VP4!)wXK4PuT8jN1s%2Zr zV_zLx#C%GnZ_jomf4ykx&l8ov+AOhm*uDA-`OTz#{TdQ5$KU6RNWs;~C07XQLxCoJ zLxw4;1^MtZp7Lltj(4OcI995eS%CyLyzeutnE&G4#pb%JS%r2xAC0p<4tHZ7w06#? zJG>+QODI_h$-*|Ube}!0DEoxzwG&0>^%gfxN1QRsB5cRE6$*AI9nC_bFf4 z@B28C<}#3hK->|fD!}i4c5-}@a=-p0*f0)(nSM3r7drc?1 zVY`5(v_v2^1H_zAbCh1|s%W)sU+R^u=;+H+8u_SVoZB$p?Z_piXZfGaMJn!{j zhu_18Jb_XdQ_*AmmN+LGkazYCKOtj)hiqEx=p&tz+RL7BILTnzBg`ir&TRLWa`0-z z$N9U|N5nUO-?k>4CW@O-ck|F|`*isggWoIM_uJ^xwnlfWUdDhN(n%Ee)SA34p8Z}d zHQ9A9C{m8mAUeyj7K6y5*XJVo;vA<;G!0J0bgG!*4c1_f9A#}Y5edmj+$iH{RG6+P z4-TsIVZ%hC(aa2YU$7RIMZ(rUW6xBuTvB}TTqyS}dX_qb?xHYsDo^C11&3$F94A6O3tkKTY9A=;Z#~G%^gg4c7&S_DaMxs|DOpc zx%-Cn?#7tmxalP2Cxg{Un5?-P_pJzF391|^mB@+8N*JCxw_)`i=3C zl;kT(jb63u-P(TG{R7||$u=?#>Oa%5|09f*fu5D&f9Y5jMuPu)9n13n*Rd>2|79Kf z?{(P!T{`x^Kcki9-=k*#r-)_$uZr05=ELT=;$u%(l^9t%sr7g7(=^M)GZpoCW7B32 z`6mKWJnhV7MHBNXcgRjbgb&G1Ex>}V7N~8)2DjvRo8@m`egY!oA0Iz_4}2bcPQDAa zD_bh&oB8l!D)zg!@un&s|8Cd3YS*-UB0Yb8U+O+}e_dwCd@p8rSABQAhP$6HI@+he+Y7Ifd*ZSWu0zox#vUXsYV+!wCf+J|E(++C)( zKR1zL-VA-74V9I~2DDoPW^gCns*Ed_*2O+0?zkj1z_-n!KR>0%`4+b+D48#-?F_mB z_>VrPIUl%pF8SXoUzew~oR!nSGV_t++=H!KaTh3XoSr7Ep=-XYhh!HUC-Un zdMgVE;`#g;NVfpc2;DKEfPa{le&E^U|AuD<-XoE~Nwm5KsG`y(8 z69>0uEE*dA8&UICnanCli;R9vLHGHK=z7-)fm{~Y^2h0YkkhAS0`f|>qDuTfFzmjB z=q0?2=%rYUoeuoUFo*jszbkQlm(Rj&#PD4A;qu+B1G_Y}?sA`v!qH&Cm(YC)NhL+J z^}1V7{QP$3pA`ORt`-#2+P^z7h+aQT>B`V{n}>1xHXlDHD(kebRe$~q!!9(3G7fyN zesiA{7x#SLHm+&e&JoJkZJzhLNz36mRN!KY-ca%co)0O=Jr8_2YGlP=&F4l9b!_O; z(*LX8`@|MIKA~DUxjoo+J34679S7-R`grlM12E>=UDwoYsj~h^`RW;)_u)PS_U!M4 zxSl@~e&<>OLjb$@`)MABU2h$lpf~oIBT6N5Y@uEgA94@xwr`y$yGX2zOY4ZtbVjpb z-MT?ND|NjYj3S)J8u91HCQio1kjbM#0^sXh!RO>U+c53OO1uMv#;zB^ie6PM8SVx) zHt0Uio*fOZfe@V z)1%-1^IiULgjeNhYlc1F_ir{@6G9n%BsFKMR@`dXCvw{xg|=Fi+fp9*o52xOL!Y)v zx^=vQzhuD`TRUCFuTMd}hLJD7&S}ui`_puXunj!(g;XM;yuO#{nlA+Ssozs%fASH( z?9_Jm48k+u*X3t(7IMRA2Y6U;S7pKeXM&>g|{}hAF`@;&LBQdOTYTXLSvi0 zV%@}*_ZYk)ET@GqiOX{f864H;Fqww;_*y_mdujgpx81j}*&=ek*wY-C#Y|7S?cJ%K zckSm{Fm}dfpv$OL66QA#P_kx63$)wNNxMv{|DqZHM8bYz1f^i#OIdosAn!x4qtO~z zHLB~D$Zt=GgN=QHYbt(h;p;mT%@nNSJ5_vaW-A^A&y5loXmc-y48FETSgOa|xRj<) z?x*$fW-d_fgHPG_O{I8TLU(CNKd)c{f9(j122|T^4gP4E;OOorHK;l=GaIA_;h4sE zYW>X_-fe7b&?(yYfvhbxyLx3;V%tFz% z8l-*dmNxNMZ7V`-GXxCWr(U}IV+P(N&8)14nJ>@p4w`|qv!##PEEoT?8 z53tpN_PFOAqftE*cgiL$ucG(Z;h2`;iH(hi_X&mR2X9k|$Bd#Hz!|J%hI>jQw!qII z#_p_(wFQx?XcS}!C#bTjfPuy-d0WhA%YQ%Zk3hL~DsHslX6RivCfjYk`hfIjDG>lq zK(N1qsjO!ZncSC}TN5+Lgl2w;WO!eH&>$~Y_EwAS<3e*5j97@XPK*1`8!ATl&W51? zQCZ7p&h-d#(Yh5Tvpudz!q0~R%F%S8gQFwO?k8Ee??D+kVRbo9YJ;o=VNc1aZ~)V! zUCZEiDH!Gi__yI&+GWh~qW&=V4DvhlD?W2DA&VZeGSUWXvhT(>$MSCFU?^z>wFVUf zY^FaN1ALhC)wY}qBg(Iscc$}m<3^LeoDGV)^GF!9Y0-fBQVglv)Xzm^^nT@-TiK6- zwQ5{FvWqVMz_d8$wW^gs4rVRdOfVCnb?wfgMo?PGNPTGM*w&||rLJsmow?LAg@8^S zow?0>o%~KKyaK`uP0@KXvo)ZRo19QVLWd$W&hh8j1fsxPsN;Y5YO}QJ5qlF{661gv zap)*enF58yQynw(kR7QzLIpe-as+^`5%vNDPKnjcBR7#yN!Bv<96B$zdt&`BM6To? zQ_$|yjv|JoF*N&L9E9F2IibV{jb!(cjTvg@jrEmd8R3YhPvyQPQtlS@pbuX%oF*db)yh%7|*RtJ|9 zeSmuI%ZAdqIQ1+7#`!;_&zW03%BfgGjm;_Z=3X0FnDaP4(EEqpX7<(yXN30Gny_I` zK;;m@^;J=V$km!oxr zKuV+5y4={JC+UZ#_IHc0E+`%R(Yr-K8q#c-a8WpAi6)WUP+`5+eNr!FqMHl6DhGpiRKV(RE6LF)X~;y5Dj`GO%^-Gxt&tHAq$PpWds!6y|&3C%?Kc5EEQQ8 zs2Le6e!G&F$v92z6a{b5WzuyPB>B#Xk&TUb#)ZzyzFp$Nrxe)0GCbo(tKoz(jzSID z0we8p{nm4$DAI6O{PW6*Jp##fnoXLy_`X^jB0Q(cW3CW7+5Y#bblT0ImclM%2mpM~ zAWYDN(P4SjI7FQI*g|~g);~8@{*GGbY4^hIgJz-v zZyM1J#>|%Rg}MT1F_tz{-gf2$iXXon0zS2E2pQbKt#2k1UssN(#_M69p3xqURW8}2 zr50XRj%Qs_^1DSbmC$Q z!R3w=)m6cR&SbXNf)4ubTEjD}<{-0!A&%Y-SmB!e80}%P=R2KgV05Nm+p89pl{^#m z_3QbyBsx6Bx-7JPg4OOsEqX7;^V91R&T`V`u*!PUL3?WrW6G~8sfVE8*NE!-A}Sj1 zn1AD$?@*>j({jaL9*3K1`Zf0b4{*gC8O`EM)K(Ayjb}zb8O{1}1%_5fUjt(oLWPUS zxu*=gVF~$p1NG(H+IS1zPA<|m!J@5wDt`5ann&hJ!qVJHvoI27?J5J9<&DQTkU~p#MjiVD6 zaiP6&PqKDQ~qU>sqk9V{CPRBDuG6i#CSK zhG~xtH7qhyvCvlRG%7Z(;|b6(;s?(~|3BRPLvSx%^zDnr_BXa|+qP}nwr$(CZQHh! z9qpJq$^HG$xu@z@z1O()ny;Y1U3sru_w5nm<|9Ha zq~{7gbkRk9Nhw;Be}%iXIMs&;@mjHZmgtw*bM2kChAC5)@khFg-if37MzR659-cE>47EASo#3O15JMP!Pr-SpQ-pp-9B2CQoF>MMlL!2^29s z;+nthoRYW&D8Udv6Uo|Y;TAIo>SX7N9&G8h^}g8bfcOp}19{@Egr8>p(Zrp20bd@aO|fIE9?Jnh-4_Z$0UK=FIg+vT7CW z@jfW(AJx}=YIV)}Cc@%tF+NZNiX-?Ksb&D)ddm24_c67P(q^fiE1Yl6_PyDI>2=7A zl3FD1VQ%E&(Ne<;3hhADHR_L|=+a*(t16N#Be+2YdqH^n;eF%q6Olxxgb5v^(t;Il zuaYZwqW~bB`8Qf}b`!szr|=2r%p4qJloT9j*$&?2seopsxZz8(bkTS98LtmX;f3=k z+Jhf+#j1>?g8;vOqM)<{t6l{;_P-byP@{BCX#uS~zZ3KcC+UixsuRBy(i4`&{eSj3 z9Z91k&JpWoUHX)$9Nnqd+@;rsbZE;^X24g|L@3O9{x!C^QY_L(U&#XW z-j(9aVH;A!rI#;S3VG6(DHDV%E@rGuKB5uC8!MwjK1h+QC{KJWgG-5#%y@3-gMO#K zf&HMt8&vZ&jP>_MVkMZ==}L=f-`3pTPIKpmzL~B@g}Il@EQF7ba%<1?<+<%@Gw(e| zw_aal*u-^>x5U3mmxqa4t9m7rsotl_RMnoGvCy$zm91(e3~wt(tFYmQ_45PqASjyQ zwFwY-)z%4DkT8&22XX8_C(L@w@-DdXBv^$FIPrGiSMA?$YK=1qIk*5fV|lh*nx$;2 zYapg*rmJh9B+L?MpbT6rPjCOjLit*rCT%ZU10{=hQzLO_32Pmm2j?{L@MfwLf*ikh zbaK@yJC4O=z!Ye?o$NO{B!{@yD|*vcfi_2K4OE>yJEXkXXB^=z7v6pPFoP=bmU7;f>nJ@u(2itBUk)>$zv5iZYC*#nzj|3RkoXD;NYnlH^X|d8n4xU^`=It zTFEO?ybW!j)RMQR%qsMCWb2Fc+Lv)@nT6VQQara2bP_stU3!jw73=10iF|58>!Kwa z>R@SX_+sVy5O%SzTnPj@g&w^6py}w$HRr%~g0i7=vfh)I;qp5s*VnHOekXYN;o^Iq z-@Wt5*4<3LMgOZCPaGu9Y)nWOt@nCq?cii&>WNEMa8mb64gd?*-VX@+BQx-7>_$dU z)0xoPn<>j_KULG60w+qxZ<-e62nXK2M=yI64O8gYehG)I16tg=DS}qD;YS-xJbf8E zl0-x>H#&v|R(yPpbx?9{Fq!}6x332$IO&i7j+3Qjz&?SFOc|aJ#lo&R8_BUxttbfU zXy_2gC@-n(m?{GzsiC;jW1y_x0T9{1TMs^zh>aT20L24EwIn4RH$LbSPz;J4XKK6svvg>yM}N3+kC!2?Dp@Uq7(MK~ z?g&@PEJ9i?x1z;QZehjY`$NS`&QK7nyoFdX|JOkN-+doLjDs*B!$tYu=QwUpSH=Q% z&rM}5rHLbB2hTW(etaa{#=z#eIZlP$t-nrwy0*nX!}Odo&9*ggt-^%Z6q54%yu5q> zThGwL(T8HcIa3xN`ViXk;sSWBtMv?7k6)-s6uTeUNn?}&0#j)8@py4Q)MnZ;HefB? z+_yklHc**QN4RFwXV8&+_HDd`-^QX*eDPMSh-348Z3`cnK@2a4Jlqe!E^uTe5^PqK zW+(LOJ#(;5r`A!rvVkKk)exN`U{_e$5mo`-Q%0WwDeB_0td83tQ%YxZN%*{wf z*X#)FdtHe=;5-KCgkEn9+w%` zCLi`+xe~c4w5_UTYp>47aKWHn{_udm=VVtJGVRz*rCWcaMc zea@miQ<2etKgreWqpctsYuRy*(X`*jL6(TiS|%_H10Al*ZHx|pK-G)N|JDicuw za5*(+UNOaMHqUazX_9|bcfuAwq+y9Yuq}q{b^swvT8WJ6tSyBSZ9)y>Whqnx1>rQH znv$4Ba|I_A?cs1eDNE)9OL<_CmYbCuM{7Vjl}BEqV$O3?bC`KL;v`#|hM0g47B`6b zzi|Hd$p75hE)V6Y%Bqx~+7^{HEWur!j;Ww9iKVo|<_y+A_l9}UpaNhd0!re>|AAKQeSDk zL?e1!_(X|fTB3WYaz!$(d;GucT)5;vjc1GB`lA9BWx@!<1F}N*IiA4_I=;2^=pRKU zVdxJVIW*K#c$zVmFNB553*fR5e$C&^`o+~9f!F#5b~smxxc!;VNSoVvwMw*-$1!f;O7>kauAzB-XY+AO{ z!71SdeWJ*)&wXx@|4nZlwu$&4*W;_&>;>BrYEftyH~Bt`9#ti4BWMiwIqd(0HQ=f` z_D^pf{piQI{Sf$ry0W?B)I%@dJL+nrif~0put;)sqQe|mi$GnH6f^OQ`N=zt_70a5 zoUVvwHdrJ%ctI2`EZUGyqYNn?DOWhdC5;VxusprE%7{gckK}w747~ggu+R~aOed;| zi_Ta(+FxNhp`!H>NAj6gsU&zypL7bV-PLj ztr_PWxr+ZxiZHs46BP49o^lW&h53Nr-2SdDXXel@sxB9VkSbS<0;vtEm`=mtW^(4T zEUMXfUIq!1fQGRP6FrkCXVbG_6icXb%pPSQJS#0XN=xc`A*i2b7$=NSd9BYsSrx&= z?4TToy9<{ALy(C?Iu!GOnb}#>_$_Sz^NnG%bQ3Y;;4PgP_s2&Bn61B1WF#_!pm4@Q zm^F4E?2^VMpM%j2bqDmUElG{QDFTdEFwSOK1O+t#F^PwDK( zqzKW)Zi;fgB}DbM?AKosb(RUW%47YzKpw%Rlhap{G@DRPA1}jwH)%>zrM3MKL<;Fi zGz%ejI&b$QP0sA|P05v_`aek-DxKwL zDT*&g!#RitYX;QF=dp;5WtM|$qhki!z_6A8ae(i*j$(eF(bjn1fl6Es$~E~*ChYiY zm|m@W?^CH)AtH1Y*|(I*18}HC`gLNvP&-5|9zAS&e)|w;gX)FfdtX&~El`Hv$6OC! zJ&eUDv3_0F?^Hv1L1yAomD^K&F@J5(iL(4Bc=qKfr;a0)Xc04=g;={#u0w&N!X4M~ z9YnoPG*i>$nW=O5@+^;)I1&NQVbWH9A7m8IYbJVf;OcjjfRoH&6Xt{PDOzZ?>n$dp zZzm=^UxtVVLwPw)H@HUZ%CzEg$l)f-FQ~mS&!$W>FG?+DjN{z=oME{*$=vX=$M5k> zATsv$tI+vTe}+MP9iYCu{SszBH4VdBdkUfg+bZIoggwOk@oib&;}oY?gk4;1%x}+eC;P4c zH)JSfKJv-Tu4m>ghQq33m}!A4)v=9s^HB{O1U#Mc?~4lNaAAHl-{HgE-#-eZ$-DC9 zNI&H#?_zMD|0n_?+R`51z_o{?wbC36`kA}m-q^@!HhVk2{MjhB^DUCrG^%X{*9=@0 zhSv$Z9An6&w7Rw=mTr|G?xdC1X|xH`8Qbks$W&Jw(5=MXnZA4KAwHC=b_&yYsDxubCBuu(#@#yek+|iW(o0{XNLL`8LgXxxIu&Y_s zuEs1CE2Sgxx7WzyxUCWRRL9=%zZ;|}!!%>UQPs4u>!KkMZ@pV-4Pe1zKoZlbL4(cV z(}H>bp^+D|(LN`SJ~^Y1AG*BNc1`;+rqBNf*jO(vfU8D6w%mzjo}!wkA>kMy#v ziWF;2wK z(CT+h!ZZUWa@h@mpEdt zlf{nfF(GQTy-EU^TYAqn+#W`E+n9Sz&9w(X33Rsd<9)|!)V)}|V>Cah@iSxIED;ha zrbJ9}0mmdWXRvi9rR?U*=%%;=4jm>>3IZs;DVkmb7Wo}L$FLlXr!wf8BnJZsMl01n z@!e$ym=!2|Ml*WKmg@Ap@`hk)%r z36@x5%&4+x|KjG~$3IEPpTUmVf_1&kvugC2A1BPu3iiTkPUgFW%^s*he zGL$?68W^zu-VGnI_Jfa8K4IlW`}n<(nG2$%Bu2lBaupkS9rU*r3yTH2rN`_r6SPSV zvKXY{Ks0lbvOr$rqfA~^2h!gZAx2pfO7#x$8V@jwPsTTVOlvx&kZXWyW3yy1doo8A zU~*w$oHFrEj)_3Y$<%Bu4PGPDTl5#Tsfp2I!dtQ-oau8xyXfzbG{nX*0OG5fo%Byk zi1Ie%jK{p>p3cT~pWH^gvV6ct7C0O14|_-1|AaV-fHtrOU=*-D<%@Emd+I-V3$BDO zT$xm}*|~bS@Ly9hT=CIYux*^wYwc6da4mzdk5|09%b1!Lpsr<2Ty*3&_#IEwW<6qI z`<8_e#cMQ4Z9nD+!@*iIQopn52BNaJ2o4K^mqhn8yr?m)JBtW!FYT8m2EmgU6&8<^ zkq!7ckbkT^DSB@9^}zg~6raH071v^WHiA zJGP&qiqLRgro)1jGQZz(K;YdV-tw>k_AWnM*du!}_c5ws#C|w8RrNpElgrxGO)#2!d=-;$&=sI2@Ld zBzDowP)$DEbFcSQ7Q!?!^}s>D2rm=m2$?t>a@QDaZY`WPS=6`OTbZwe<=mUgryZFY z3v_F~uq;ElbzC^#p`JYQL5!t)__j0{iteT;A)6htY?Pu8Jgfv@K^{hJa!E?`p;Qs= z=vf|&DWrlty2`Ek5gs1brV*LQLM9`#y)-2}gMsyiS5>Sejz_&ou|#QFgY}Brt9#Ds z{K;fI;xX+kC45391rc$HmDPH`uJ@{@Na?yHDl1*F^+BlHI>h5?M_x>aVx)O0qF`Pc zTkYd8B(QzFqfge(KzsCNCPcx?Agi8uSG*|Kdscl6JCXIe)6KLy+KB>VgRiPD(T#UH z?+^8K9&0%Elk0kuK9w(YoVrMyxEfyh61|n@hb(Ly^>W{q_3q$&&lFSB_hGM&SF$+aN&n;>PZp5aZ=N+YIz#)18P7KZb@mf)57=sM4K3?3{4rO{^r-Cmx9OK1P z5hx>hELK*+wH*Q8CgQ$38%}-w&M$cJnkGkO(9ke-C<$bE+WQ$P8rO4&Xcv=b^9{z=B#b6_ z0PJHkGBFeZ-z2!BxrqcUES-4bF3=&ul@I)Y1Duh2YIPRCQ=A5uDKLGn(V#&iVgjv6 zkziHC2oSGcF1LY*W9xb1`CZkPbJ1<@&xn7H+FY}MJQxjOs6)>R|+27tIf|NdQ_&e({JOJ7QWy9kV@Ug3RfjG(s2;T!aV^SpQ)m zIF29h6*rv=%Rhyh3j!iKfb9GjClme+!9=7xl(9q|w*%tqK%hIl%zmlUPcx&F`D3|AYS zE*FKUde+)}ORNHR7%Ie$hNdy`Rx-bt(UUKL=XTO-DMY5*hrf9AaJ=|6jj$M)lEYAU z0|T6>{H-Qfod7Rs;>9m93-6|d>$pX`pI&&M%fZXV4vc=bHrfo2`NK2kv@^zj5F5uC zE{qTm0k6^9Og^=qD8m!ckdz+uG*@&pq;jys3B=y9WE!hdL>Qb>!s@H=VYJ4i|8Nzx zG&terxwZO_iD$szb#Ae7%*6H<7u_`FO6o~yzRvGO^XaKsi+x2(^mERlx!01eX{%J! zSEX9Cd%W^^Y1S7jy*RQjYmP^fES53r=a_HZntPwr>VB!Q+iX9|Gi^O20oYB&ugqip zy;>~z6BAv<^R13c&+b}E7B%}%S`#xC+E%Q5XnZ=X>-5~E6=cj)iz{l@PxDu)rj<+z z7I;zs?P=E%B{TtzRjQbV%9eN=))nCrZKbD|f|>M<+r`LG^rQ5+_*cr6I5xI}sA`iQ zmz=IHvmc3F(kJlzlzXb5gn=xPET{XNf8R_i5E$p4xYrcgllF{#TD>m}dno}p2U>tj zzpZAozA7x6T>YCvoKz$FX%paX@78;1>hbkiljtS6)g^`cDJ%w?0a=L{@~4B%P^$s6 zPc&T86>{xN_qQFuU%M2EHwPJeJfarI+q=C`6=xl;gT&lEcv)3>=qrK`$}c-|-R}Wu z^7{ROyn_WDSz6NLB%D7o1d3wBdi)28lVDO&#!?mMs@*PF-IR{GQ`_YM1*;AMw1#89 z_#|OPgP2B|oN^M_hO+Ij0*gh)Y;Xyj)(>q372A+V*})68E)s~LOQ|8L1#mfzu>4*r zZHW&5O>`=vERCT|DNTWYo11yjw`^$*j zC{=bc)S14d338BVoqb)(ZXY(Em0^{b_j8nD%7Qm2xn7CK$|pb~)m&>ir0W8W)#7_| zi`P7bO*5D|BCECaOQwZ*^vaCZ(bb8kEi=(|-q_DXPH&n35dc;3;D`p!fVU zVsBg=N!>hj8%|=AMSU>vnsUU=oJZ@0%m_{>rdYrx4ptgXM|h?dZmtkAy#p~^XC&)L ziFJOWn1D@(1fkL6g__+HvZyQ}lD&4#v|mF_m)aNn5s~+2xxy3_UxAKJ{`ol`VOw@u zp6R=S`~shXWCTr9>#B#s=(3w%wDe%R@N#AwqA#0FiK2quBD`6;JA0pU8WXW#l3}no z2uTD-;#PAa0B1;<^BzzN!fYO5G$3D&6L>slhcNVbYYlMnG8ryUaFGL>C~oBBft{SX zO7F(fJaA0C_AG7U3SL#O(9w>Uvg2{t-65nYJSw?489={qRyy-g|Gv<0qVj!0qjKh2 zT@A|6)6=>aHwDvR@NIpdEQF0CMI8Lb*>bi}=vw}=@LWAr1?0gEP5FL)?hCk|%c9hq z^nJ$1XPP?)oPJaL*jf&nvfOLW^5~}UK>?q~qPV!4PnOaOu`s{7&b5Ob6Hi$Dp*2?m z&MDVAR7;(1)sD=FrU{rMx#sAUr*ICXfirC9W)c1v1V(9U;_xT zwxV9Gwl=HF&`gJQ*E0!ELA#~7xy#k0)>y46Z)B2MrfG|4yUmTpr^SMYt+v*`s7-?# zm_(94BehD`Wiv=5S8YtomlR_e&cj8KlTh5MYA_|`RI;)RAD;pEuE&o_E-(s7M+mtl zn^L%-twO-@!nLQmYH#)+@~X=4d5S8DsHsQs_}W{Op^M50Fs5*;thmH9_$Nb_O4rs? zn@Ua^%g?yj>cYJjttC{U(<|I2Gu3;ri}(|r2E*>%PS@1SSVGg!RDIiW$qnr0;085x z-z#BnBM+>rc z>P>MKJ+woT;$z1ILhHQepb$SYH2 zHcZFn$(n+6%@T-Bv!YhD&9It~|0&s|wcpcQGxk`L)wra&5Ah&QD2$nXqC+PQoW4qj z#~=lXyuYX0<>Mt*{I&hv{b{*f&sp2#){m#Dj?z0*gu==g&vlICD z?zX}2vseFeu(4p-p>O9+Gb1Na^6jK~i!j%caof7!d<~168M+&=8fXUIk%u!3Y7TJ+vQwYf3ot}|!&?VxOHuMIXM;jH z+nBVC*sIo%ISpn1Ba{e35FWQlUD8gOFTuF0r1SPe`gYh20f=bbqwe{h2p!;C0JDFq ziBr5y#B96X(-*%5krls{_}^*eR?o&kjpDqYugyo%W6M5W+b%b_5Gz+1b&Wc!US3=L zOg_>>)y9|XaU7Eh+c7?D(7aA3>_%|iB(Ij1A)G8yaY!9oe1f}TJM^A$bKM4bSZu&u zhC5n`z(2p=3uY`AAYXg_Yj{k{LUQbT*GG(F6%Yqk(P1dQ@u7@+m{(p>&tKnHjUrj% zeyabIRSx&RvdY6xFmof-mF%ep?fB5!JyW#IaS>`xiWX))2b$Ihde+SQ6g>H*mH2fR z2lb5$j8d?)1@qCf!9<6)iwZ6V1MLw*!Ax>9IJ*NYA*^vSyIod%%X#o2sbMO1q;4we z>$8FZ&wQZ^-Z9V%*86ttb0NS71^d-!#KKst)5Po~&B71Rz+Kr~#V39wN%#tpbBt!@ z&5eGdtW%~B{|3^-Wju642={FpGP`XnC|?6x;hfgGRuIVc@!U~tJVs$`jLn1N?mTxZ zIM0hPMLhd?a5Z$2@Ve98 zyKJS|=XO%;6U5!V>%|+472{Sjg>vlasQZ#c-4to%jM?nnQbz+OvwcPBo}U-`{}%5 zA6-Vn7CsyXn}Qmp^EGEd9)~3sgUmc3G(84w4gO+KJB)?GA$cm^w|B3(YxE%9H=-OY znd0oAy2#k;*13f)-vGOS4Bm|g7EQDfgMKdU&=+eg?65hR}-8eD0~ zKrX1{z2wcsjdwzdR82l7Grf1EnRs*tW(>D%m}(aoL~rL2gl=ic^<)gEVx*ZTJKdkb zm7u%~1w~~}D~<#&Y)|A8Z={24d{z#mB!mj(1^^zKWt7S^+@FR3Ded(K`LM*i9K)mw zQo5G5RKFT$n}Ks%r)8)yUsFb@%D#oMi*+81{8VE1uSV_DNvYP11Ovq~jY%rg9j@dI zbyvexy-FLgcMHZb3e&HQ&zQGLNDJXR%JDW2iJ15xPsV7&5oqdhla12yj;0yE&E#qR zVu@Ak7(>M$J&??R6}Kb?K~5GCm3IDPhcD6Uo#R2VZOi2TQOJ)uBXh&-;KkuLuw0LRZZ+R2=XK80hNIzF_v;v0knL1RY9@w&<38|7LsiZ$*|Dlyn zT?gHn$$+)Ncdt$8g1dEiQ~s@&rodLS`mQObP8IH>NtXJp_}&weF;`zD(~8cJ)3hXY z1~y!cfuxKEuRNjyE`NN#3b-xaP#p+9asvtfLJ^bEi`(S0P3*uLnQdpfN!=88BOijL z3sw`1#FwU>MxWBj!xpwm{x%Rq#T{fG)th}in3_=bHwHE97#&+5R$ge7M8qUeZ;@m@YoiPKj%=)7PVDU9xJcyFH4Z}_*;QUefv<<& z6RTfuTkkQ}6bo;C=W!AC=x6+epPg$f+|u3MD~fmm!NPpWIf@jJ2FY3y)SC7pa5zmL zgVzAKlke2ko$by|Go7~Sz7w~Bn0I7yiutstz{~?zQc&+`l+)tycTk7z0f45~;)qCh zEW;Ic4w^BXp~9+E*+t_C31LEu5mF9K zeF34SK4`*9Iy2-^%G^_sRuo8A&8tUQeu)@q5IN7>d1;hzHZMYR^Esi1(okp?)Z*%{ zIw|DkE#RTq^}Gwv@?i>(diF1anSrVHBRx}V%FOuJT4yO_$_sb!)JM`;ql`ptscr07)(v|f_1{S@q?{#( z(po42t`bveEXc@NG<;t<&Qj224fCPWk~Q6BsJb*d$trffmrttX{jFp_Lv6UTU|-(D zDRiTC7qe;kPjLVuU|sUb7YHG8e;>*1q6 z3Vl3`e@qs4OTZD-S!etE`?{cO&GgT1cNvzA_Y=-+&)q5VN0_(M9@lwOpm%M<)!k)q z1Dk1rq)c7oDfiP!p|kd08|@kNzu)67rsFzf0dr+vU$4y%Jqea0H+y5wzh>b_kDMZg zSlae>H@zKq4*i@d1vzx#3=Bwc66>WK6j_-m@AqUvj6#bTO@+g?YVHlLwXeZ}shO%O zL$E)fL8T6@`SMLXn2;OJZk{sWlz&{c_koVeG#d1w*P6eCf~hxWclU{zgPxnOvhE`_ zHZnk_sWln^gwJA)O&Q@7+S+}qc$g5_%l)acEc(j}Tr~TGNnimx}$D*{UH==#xJg zsYaE_sjDDc-R772$+dRTTuUa_ztE0grUh5~SptfOTjU7BuxJ$(59@_YG zcQ8=Qc{GHcN=@|SWLYrYNn3d$loohaXH-f>S)C}xTs3;vQ_b$(T&gjRM!1Y`Vx=?;7n6;B{KIyQy7zwEG4 zfS+x2-8r|~dl5b@+!rZkd-iy)l_l*>wqkX^~7!qMn$*J_^Fsv{_{d&rc zL7Cv;(b0&hZHLj5M2EwcTb}2Gqoc-+Lx$j>F-{3kZJlLPs{34iJ|9hTJJpYdEF~Pt zR!@fex*&K{ydGO;v@nQ`Q>p|lI*(UxIdIIUQz%)lZjf~1w_fyysr>1; zCuw@Md=PtS-wP)tSuG&dKlAdShcPu5l{*{p)fLXJChAW}3jy?#zR$&v3Z&-gJ@jPg zV16AC24!aCYK{0a%QepuxTSs!A)$;A9hsPgDV=YE>7 zl6#??E@!yg?f_w!I)^f!uXkZniis((3<52|-^B`3P!N!DvlZ`>eiBtwa^&2!*Mdwe*tW}VXHNB>=kM9=cSa2vH~UxHjpVo+6_ds3#--uXg=045 z`J%~&+KnK?1*uBCjE8g#Y%F{&AP0l*0fYYqao}eS#2N=-fAZ%N#xd-WGNDuS0-a;P z96}v9$ElG`b9}@>asG5lk^Sz^H8iyMn-dg4NOb3eH?dFaN_EyrU5=*NteEo%X45J0 zlJ8xe{NCM~*$B=!zD78Ho=!wKE@;BVI(H%qB}CuN30XKCYMob^Z}Yqh2tUUgLBV4Py2*qukY-F26Uz;FLwlsgz)dKU<bAvC^eU#7AS6fTAau)#yILz}yip z5EaXa&g-gMP7sWl4qe7VXE1K21`{fbgM&~#>)R%4|_HZa060to=Q>WE8a(pCJg_~GedI@XyLzZZ4 z3^htlK3{DNx>w7T>&*9lECt;ADik&fqZBoX2l6YUY|oF8>cXBmQ05Aajc_%Ph9@w} z(cbL-`kiV6%MyY!TOG%ca@u2U@hiAM@z49gHK6>YOweSp);iIOk77x~qPSd@&0@Yf zL!Bt?z>tgd=NDmJjJkfD1-UUis12lS;=8}s&dZE9BBpv(BjHv^+5ktjC~*7T$mZxu z3lkjs`Zp zjJJ*nO*g=3hRJ%e00}T6F=Zzmaa-_HQ$L*}Pz6KO27W9z$imc-HlL_*{bfz)+8d_2 zEG~}~xq81*3nw8vLKI+QjV*-y`#7%++kl#RA6-%0^e+%~Kn~>4;rn6^l{BjmyOLwS z=a&*$POv_woSpyc1)*1&@I(O_<5{|xxQIc|Fa`y)z)uDgpC^-Jzu%wgxrH?=n;Sxy zQ?Bn+AYQWCrq|^&^r@X3&fTGu`qr;nA;#;XVZEAXIw@<}bs>*xEeBg)4YA7KWaqn`$pD0Q5%dlIkS%jd7r7;$58NACW^Ij6pU#v`(*?8*jo&BGL;=jFOqLu8@BqEEkD;xQ~O(cY`)7!cR0bVC*i?)HAGCd8- z>~HIX`!eO??tI@2AmfI=`2?fiU45*lcXXQ%xbb~c4~TZKrEUfA3A~7=4sdj_w54v3&>k3dgT=&Ak^!muWq(+@&!i+>w)1Cxu|&4ds!+{(2--gE;=XQG_b3lO`3 z#?rITFmF!!Sz66@PWac2&7E2BOS~YU?Q}Uo=yU=we0FMv;d5eV$5bhM4_K3I6oq8 z@cHCk_XN9IBF(4x{rEGo_EQ^Bg@a3^OL)q10S|E9gd#PZC@{Hlq!zI6*oA<{Pu5`R z0eA#P@y+3NB;uyYPtN<|!Yc43osaC)Q8S@zxpe=6nHhR$3GH>1m0ds#igK$-wGxSt zqJg5|eX|fI@G7{`+9df&;|QNo4FKVP4-ZIeaFFQZa*!yYlsuu8_F_7z^g5Hp&A!+Z zPKHaIX?Vi$i|J)C=-%#Hvl8XThEnOs=e0PXs8IcL!`7qtQI!trvu)g9OQp@rNXbaJ zVyS2a#g^hsGV3$sGs#TNJcC)vfILFaTS^Oh&a`21i(sKh<5sA8aV^422ojD%Uy^8( zk1$|?9l@%vMF&>2cB>y8bS~v5HX~a`p)fr=y{ti49=X&>w46S}q7T>A^i*hqt`r4v zy4c-Gq&RVV$?3`f2Ux!2VJ;$t+Rm}w!3q|9egM*}%D_^CN+0Ayy^FZ7RsTYIpYN{x z_+8|EmE|Mp<`+#72MGJnN$SIj==q;0E*qWQ#_Y*>?z7=&D(S8DRB~(Yee$8!{zz!e zx}?67<&H4 z*@@b(BVOm9dg)AF7NDu~Fg~b~iSfDN4@Y+8XmjSRDl~OQp9V{U`Ei}qL+O-1-yBTO z%s?$g2!>z_gr4wmY(hn>(aj~))8VdHge!^GU|ha0NYc$Pi1eJ6P=>sb=t=-kK(D_%(;!8z`gkr|j{3g8 zHR5rCsH0AY~;8y+&{IeQ9Iqkr5XSk6tKkt z^W4P+8{RB3JWl?>C^THed58?47DvS1<{G}HX=Mo)8{Im@p5xHUf#r5i3gAuMUI4nO zNKk0zavCYu+qz3sjBF-A?-e^hR_)P1@yhaYf~WFT!WuB_XO8t|z$%u0ucru+FzR6Ys;FW+Ez7xMbIw$BrDRWI{hNCg_DcmI)I8ZslCr zQBP2B7dv06340xLdctcG9`C>euanF}vR=!j$EmJZJ~pP0r}>2UKBWy@DwT{PeH@8^ zh}_H@D(Q9kS8ypQOH(8UsX^r;2N3@KN3$w@iPY#_N0I2SaD{KejTM-db7+jxFf6C3 z6;}P>@C#s#xpR&$1voXP1e>)zTU2*kR-ScEYJ?iY3coSLE z-`nSqCN{!;M1oGHTq7zgdQCcqB40IF2HEHbN^BJQTup@#SzetaN}M?2IK);76;U?~ zn~OO1RqW6Zh}GZK5nJq?bQ}9rkQB7hb0KH-o|h=u`jX>pJV{&$9hI1v)@e~vyowd- z&Hx3Ws}_m(o{H!c8ze}CAUzifN=%FB^h%l5gvchz;!(T4gvg2+#4>r&0VLB=T1eUt zBgI>`Fl==$Bpta(JnHfL4{|{zO9Q!o&e{v#NSrz-AdUSbenQ0}dF%3nwM=}zM z-crIMFeip;J}%|u`clwT5TM;a%%kM`2kJl$k4j*%6$p)(oC4CHlDG;UpwodlGHXSR z4kbW)O;nD>`@h=O{PEM=H-PVmotRbN-X*0us6cR2c#`_7=n%&Jj!J)n9Zs%a@PYFs zKBuBMH^?aXn$Z&gPVcQuTL9=BKy$;{EsW1~c@-OgygZx_RF@=B-P7`m`)?J<^|azJz1*!A+(`p!mF8m4B1_n*42DvP6Yc zx*25Z!%G@UwHfM5=}A^p1(Cp~6C35>bN5KnKhoY0X;OkwN9FA{WDdWW)qgO zu3j@6&{X%{XF!8wQ`teim!;3TzB>ud!j?V{7py1t%7c)q5K#NzK+*)C7HuL3Ujj9Z zvT|!3pLJj4ACfRqeAr!c{qvN&lyQ+_jET#-!WAsMsJTh%zY8 zM!RP6Zxo7#sC67?D<&4Zblh%B==6cN2|x-P0~g!dGv>65!0wf9)m%~zclclZ!cieA z2|Fz~xqlkQ4+%c&SPY4v{uo4Lr+xN!VmC4$#XEC&;#^7x`_d!F{_Z(g6;=sCxwK@_ ziy5j8WYu^8&LPc=)^9$F8-E8xRdPwmr42uG3h4tVSwj(7T-^oQazxR;Gh}yrG!!2A zN_kunT(n`;!19S4MX;pK+Yf%O8`3P(_3_q?u$T0xIysi|PLsZF2LAL;T+tpX|8s*G z4()Ah{5^?XV|SsGf9`rcG|sPFNx$c2_@C`2 zIL>3NK31EC0e(CO!j-YUjDZL~eF5t6sw9i!`S89MuMFBU+N5_}AFs0syI(A(B77Ng zOF4G85|{IMso++gLcs{)F*;4OX8#v=?-ZO1@cwzmwr%r`ZQJG>+qP}z#I|kQIB`yV zVmmoW_Ba2n*_qm%i`mQFuIj2r_1)7Cx<2)75*>lj5#P&O{uuYDl|Og)N)qn}sG;q; zXj6@(O7ww3HEKl+2ou>~vMteHQ+W{?1Pbr_lj-GQjZ~40uCuQVHTFbH>?t=(oS8GT z%^h>h<~)KAlRPT9=u_;I>1wuee=F(*%5uA3)ccBcgXz#0tJ*9J)h^XD`sI|jc>6eJ zC(cjwGuEn_O&uIV=W}}!`b}daO$>um`dvi@IbC5WgneJOR5xjzZ=)BIGGZ1AU?<#_ ztgB5=BE-^Ml8S>4%*%E&foE*u8Uf77&EI?Ybqm_(1 z29tEwFZDa3UpG1(^>D!tuffPEedk8hB`B0SiuBbe%}H z9@85|?5Y%KiE@H!d{X%NB1EewRu%MV$)!OtS$dh2f%bA)by%|1$j14MO%wzDS=CV2 zfc~Y?yiQCZW`YCv>!KwUT4w2XsFOA^GdWF&pQ`Fn17v1k-(}<0oYF>*!omj%i;mV{ zU13)sKe^<^n=T_l4)|zXiLjjJBs1lgElbp&Uhit^<}0Ge3NEjCY9Fz)qJd6{0Q@h- z8BvHqvogyQTUf&PlJG@$r0qn%46z@Enz8y@(n0V7%2c76UnTnvCVWFO>a0z9AX2le z{7A$dj<0udzT6Qx5eB_|@j_|S0>OBW&hI;Ne#W(@s0Sioz;qZkRSjRT^>-Na-&ygL zRV*qA6#aF1MJmI9r&{8!3+n*9Oqgvwu|F4jjxVKtwn|Yv?CbRy78D$Y8Q5#Tupecc zC2+oe!LWp-utBhO{W-kVFCI#Es8g%V0F@LuU^&3Wk*0y-RR#0Rew57`7yCiAmR{y~ zs6nB3BxL9bD1%)}2LYMq7ZEV}I!aW(MH5kjs#s$L#X0X4`XQ!!kE!}!05Y8aUA2^( zgPY}ltOEYu^D&%k|93v-zi^TNEk5SI&i?;^kNKY^S^qCShVy@yk2!DO8Fvo)IigJp ze9b>gfSR$pXVx{t(5)Gx=i_NoLK0Kq9Q&>Rgc1PxwMc)mk(h)%rKMNm3pHpgJ*FG9 zE$sfEW^b??|1S5n{lVQ$f#@@&?=gX$A;ge(ixx3Cts6NnWpi=1jSV2w5 zN3G#`k1MgV!?3L{{Uk9$wr9kmZC5KXe|@08jtlCdWBc@ZqN77$ceP`0UF+H1|5MEW zR&$$ps6{J=NT6X5oK&Hs%8~f@mt@Xk4$uzqC~!^7vp|16^5a5j-CfUUbI;Sr=3vQv zS3?WA9<kGI;MKWy7t zgs?9@K80g%yenLz&aEc?8KOM7uCjtn@C9k}&RULv+HKBP^q)FiRE#g;Yq9NW!ra~0 zXIFOn5qxGrxv_xX>kIPCTraN$m$wSQOH@cK2E7lYVh{I?Z!p~*E^Y8p#a6E(jwq(- z-EJMn_8LRRWY1Pvq;;7Uwg^B;>bbHWHdn@hpo8G+XNqEQz2yyk63&bM7w^o?uH zx~DCcqPELx#a0g}YF*z`&~f;1|D;xI_%M#crPRw9dMvr0j2eN7c_08$upxXG?C-m~ zzv)X_NU+J-)-*kW(nXD@4Vu^Cxcw*&JM`63dBS|QOm(U2^^5#z{e{oCZR=%#yRa>o z>v+3FmdJPF_i6Vpm*6jt4jUw#^RqeQ?)986oB}$(8h9+xJ09||^KoURMDc;`x);5$ z^U8S9-W@|m6diU9!YzV?rKv@_DUIMxCikL|M0r-z0VBefufaIvmAdc6+O21%CGX@y zKYsGyzEQy(4`ZtcZ@)zf61X*o4{Id5q-#XdA(lB;f;>`n@HVV+hh6r>uA{m7{XU3bI%cexb4HtY^|`pTae0xzW8*#gE=Y$GB+RTm^r3qdhc^dx+05y+fMs zh|U~;a1ar^v4M;9AoB(ht(N)*!^$~wisLq5Ylf-Nj<;VcR#vSa?M11%mEOL#z_B?b5zQo=e+FzPJ+e z$m_jIc{EwTM&+|IsDO`y+2S5)NrX|PqcnaW>ctBjlXS?0NeXgE4IhxKGj_NOi zn9-QR3iOB73Mwy}5?#I*Gb%{vqURQi{KPyM?A4dhR4zFY@+2_AMs!RA3ZHX}Tw7WU z+~pXSY@Z~^Bm7wyr1o8H`Y)9PZwj4J8U@%& zz8th{M;rpj&tCtU#g!i-W1?Aze`Za^9XOZG+@HlEfr}kCU$+mBN2JK#YYMc~`v2<5 z&(Wd--8EEY56wz&S`2NA3oXwX9}-nk2)v5HBhP=~DkRfC>I#dfd|E{1B{c?TG2OxG z{3WV?00msH-iG38zYDHH!zHzxoQl&rRU}9Moq?BE3L2L*+sDouokf2Ba$3M5u4cOH z0c~MmuV<1!k_nsO;aoA5i{pd_7LS5wpwIs|1;R$R?@4m2? z$2JK(Yb*a9*%plxxBOl4E=%xZzItJ!$tw4FrMejhPJ+k4OawH7ZvAo)0Z<)50#hV7 zZ?e-`qM|4UDuikz={HGoTk_L<5b3na82%zz9tHv^n%_oJ#RO&PeUwWf%o|N;NsJ|N z(1zWD&B5^D%*t=Gn)12lTBz`csgVhUn1JWFj~Ohh zc}44oADd@Cdku|;L4p&NN4r3f-DNVGn{7Zb#DC&%6sHDdOcvIDJ+P@bd1Jpa&wWqB z^7LLwTNXn`#M6xF3=EvlA*=crxrXL_gxV@g{V8W=553_XVr~WkP`a`x`2O9E_M~)H z!Y&)e+!#?- z`J=8v=p6R3kDr5y37_H+P@r@&yOOCQq$sE1v=K{SItStvmpXWC4otxIr0kmt?%Bn$WA9|%HYU>%F+LENgtV#?HG+>&VhiJM8^EEK6Pwj-xoa#E&J zJwVrxLOrQOS4A}+OHNFdmVh7$E@`|K6IR`iLcPz|20?Q}1eIBh7G|3kl^P<|!G8g$ z@Jw<`@?1dpr9nzzCE0C+33CJG&8p4@{WRCgYsP#<+Ywg^8C+Rd59kfh0^aZuXjb^_ za8~%JJpRQ)wjiJc&a@*rgwaqO+|Z+xCsS*S)7^P&&2yEuB3+l)xOT%qcQOc z%(PC5jani8lR06Xe=zA2$Pc$!{I?lkPFjCYGv<4&BKt(0*ysO=&Xdq||MX8%5?o~3 zhp&U^FQ5H)MD9_w5&2n4N#=g=_8te6_6Wvi1%;Ayltst7<_vukt&FBf?~SsC33xs^ zt?Ki$Z8Xvwc(zCY6kz0p`3Hi@xR)Xr4hJr(cwd2g2NhBSMJR%Csh-hGVFKKqjn!`U z4*@`W^I`d;(Rk`4zLi{M6aP>oi@x?=INGc)OgruBH$HGN!igftI7iBJaI(@VHNjb~ z5Up7yzfUsq*WPhVq^>D!Fb2tFn}a|H%o~Jre3ZmIMHJp}NY822(|bbM zhnRSG!lYaf>Vo8lzvs1i&T3Mmf$J3fNUKqPST76$k8~r%?As6%eD=_}Kf93}?V1bP zL(JTsXgkvHi(t)5RjXrFL9%oVYdnfz_O)!1RKJL~&t|*%a<&~yr}`>R8^^V;UpK1sF}b-63gO1Z%B?J97XYQwY#B!*A8nfBnlhVC>DdVy)?o#0|^ zn5fl5F(9R2;{+0+c8gYQd|RV$Hxk0Xwq;%yfJd{15i)Z`h!5srq&b9(%#b%v=HkL; z7ZJnCD2cupkx}^H_V-Z4nu!bh0QVU27<~)@16Q}jPHrsCL!RfeGb{6Cr$li!Mv{>J zZWaea$#Bd6Xpqq1Jx;VHKP;sgieqZgpQJmNuADbIE_w%=xR3ODc0Z-f`G!#1N$)h5 zI88TFA&ftTmWu_g5VJbNu~bOw*LX?6>q?mTt0?2p@M^6FJrF^tQ=AaMl!a_`R%l4K zEV)l)C`A~Q&}1SGDqEmTz2d6Xa*-R%@#T?V=dDj(+LTz_thvJFk=XSGTGlDRq$@}F zY0hUS%Ipt$c}a?l!peRjF%0u^Q-Wx24%S+T9v2mXmrp=UU|y#;QO2RzMS%9p25-Af z__jkgGX~V?L^36=TAoU{h(iGV5I5<-*hlA=vt-WLD`Pen@7blnO)sG|a6Dks!ta2R zBlEnpGSHn(5&(Lco!ODF!3sm6%_H&~5M4}L4s8I)rJuP^9{#LDi+NQjf5XE^U z4pvNTSu6?!$7S_@$96e+j1;-E&N2jo&D?sj@O>u4ttmGQ?Ct%&_k@z(HT8K8@0v2; z>`|Fnl(j7e#Jab{CZBPzY!AKmXIv_NikG6^{ay`8N**TFS$_pNmo~5Pv(L@cBp$*0BJ?iB`5wI zg%jg)rWneUQf%1KcPCzvHHjv5>LGa90ykf{VIWl3gQh`!79(mdq6?;Z(J(+A-!}sQ zA#J=E-h&XD360=xygwQm^G5=w8ILUM7bZ)X&RQr^$n5+)mo6&XX-*g^+|jR+ppAOZd-W20fAi_o`apR4$+k6^hkU51st)k+vK z4nxq<^H4z_Q>R3@p(Jy4;Ef`SR|mpewrtR4LhZx+$77!DHm?5q0Q&HuVBRe?5J)|d zy9pSp>d;sspeNK)pX*%2Y(}aOR7MYFHgmM6+lB5-9MrQxFRlpQvhWKeBUn&DF0xUZ zZb%=-npn2~pv&o@DCCY1#1Fvs+5L57bKUvmLwte3_F@gx4`L(9$tanIEDLXV{kPEA zB9MXqF!n$Md90q7P1Cfe6fw=K>k54dvFu_4TGiXhkLo>}lzjaqb=2(S8<_AG0`v&I z>_aax;X7c)vE17zKqtAsoh*k*41|t<8}k@yNh|8v-*b(lUSAvc@O`e`Qz0FOW{#-2 z;mHZwD!U_{ey4hS9Z9keQG(&el4dV;Arl>rEF97tn|;>9bk_L$!G>|MruLuo?4mk` zcVD?e7m<5*%7R-qH-_9eH|KAAUM);KGy>=~p&G(PWZ%;94I1hVIur&{KG2CPwMh9t z{jPZxS6@RkyQ{~X8%j%K|88-u05L@)p*Z_cq`9~DKckemYN+t4bQd7D~If{7^`F711HMsctv8$k0QAWJtmq|{| zx20>+icL#Ew?6a`sK8){biGJl{8zjqrxO2>CAZb@t4*dkG9h~ldY6?9C+>|8*l4Zh zZVJAx!{5yw2`{MZ1pHU8elkN__x+eu1G8+>CKP+pB*j5eT=OZYB*?{agw9t4TKL=8 z7&SK30)#pm^wzkYu?tlBq)WhTs?HgryxR4N0+hoM`pz^5>xSnzo8v>bRD87YCCXcm z9?LCv>kfO7>ptEuzROAjfnU*Qih_M+&IsV)JK3Y8$akfc%B*sRIoi4$A;YZ%W|dNq zZGh`lQh?t5|(5A2C za4`a0_r?Ey_<4N7dkOc-prz60j$drlrIgmB8B;g(?sIKSMDcKwF%ol zk3TkpJnsx$W0EhhMJR)4E0+#dx=No`(;LNO=Sikxz zHoq8XFElwvI~GU;xFMuowO>z}&zkZIin2wVlT@XIl)rPYI8CP==J?)q^ncV*E)BFT zgZq2b_`DcZLm6#;E<8bsvDTpzwilARq!`Z0(-v#}u+>2jS`)0b;j~L+723$=b^8z4 zARh*yQ5hI&HwPX?}wejVX>+G%ujM z`H7L9iq}SzFq7nhw2J65?VEunSq@B(ABn$l**WZ9bKg2=r~Muf7^0|OEUmTA5?QER zk{Av|(vglyxP1dYb4~>&$g3NVUzcO9`~EoC{rl+GEp@DQyRF|%4rJJ=gXJMDZdKavZ9&Gw73pJm5H zAQakLdnJ%H-a43ss%WxXVf+@}IOH-AaQ!W^44hIp+8Yr;mIvx<=ubLxtM0W8iGP#- z{-yrjblvIR_LQRq4KvzOOH2{*uIo4AQl-GXStequ)YsxTDF%Bj*($`KNg2=Ud)$3Z z=0W^aNxd%@e`iuH6JB#}!5A7PhfiWfFXXge+S=Ho%r_n;>x{4~~O zSS;>CLwC+ppavW*#m-fGrF3Onu%P=1qq%lnxF~#DK%{c(491Xc?lw3FAJG(wF|XD= zt~_dV3o8H6irATPwS|^mkR+G)gYJNMgu}F1w$&N}81v|S(Ik{PGtueIr+5zUa`orP zFVgule6?~&O#z;}1YBaNeG3k?fgL__Uq7C);`Nrv4CM@VwhH+O;CS$e#&*Eten0Dn znirqfAHI(17sok*NVS6WaEEO+C6c&yrg)wDWjg)2yNV-l-cf_fR1a&=X53wMf-7aZ zWQ8benWNsUm=Xfil}H)I6MA)KA~C$ziM>8HQqL|aN^hH6dFTM2=d8#T)I>k`mqt=8 z6_`13A;kys{(_@j&lbFvgBERZjqT=mWKG<5R~PvMY}IVnNhZ~7g6u{Y8P#jKg2f_= z$~c~uy{h4zCG8j2XR|ZR9PrzG6}Mon_#+bk!+v%GG zQoekw`ElRVB!f~i9#)lPN@Aw33q3*;_Ao%s#)3ugzxar(9N^>)UEKLp=ErLV4SJ~K zZznzwREl!Ah{=3_ubEbn2wqGB!bI)xl+<$c@3;Eq7n|VWxj8&fFXw)nE`rUtUsGBU z>v?`y+!c0Jzotr=VF%ubWj--&sJ5emgF^6GT#8~?F^`*UclESbvfUq^N^}g7mW(Q9 zXwJD{GUi2))P&kIU0d;jA^@ zeW+mmLH1|x5`BGKZ4Kss%x*euw-w64Yb3Mq!t#6uB+55NmcWxT8xR%*vYM+wlir%>y~!7Wvo$MNMEA0NL4 z+f?=U><9;ph%)=#N(w)bZi3NtTI07H==+m?1ncso)pTyc^n}<`eNbR_XEuCO_$-u7 zT9`SHH0Stjtt6Y%HbWW-^e^nsbj5Bu6UU*?q`XI_ONA7rYQOt7VKy%EoU6>}aipZ@ z{7%_4!K>Wo!pG{UN|=#jCBmoTMEHegc;x4Ep&je2z${RHe=sjDoO&LyX6-I2i#FUn zv3nn#-Z9+}MWH1zaH0Hq+8ZU)xzWij!h0bGh4b0$pbIx>};NuEO>D%eg(J|dDeGg+4s z>{9t4>OI6aGsq&#h|HN_KwI4O0if~DWacmIxBJCz=`A2!N?(?V%U+srTCF)^#g~ms z$mB9L32=&Y`8_ETqDUl`_j+umHj{ZzGf?Sc-(-<`iNwEi}Y2TE%iNLWWr`@pkiaz*15#HwnA{ zbBoSVs9nxBPIQ#1diAd8=At*#GaQb|kL7QU*TEO1)Qsz)Q1~QSh3C5H3%lgxgCNd9 zt+P^)IiIXTB6H&4TL5=@C!0VVj9(|q8&@P2E>qs8LX&8uZqbA$oIxhbt=MnPxQ^n% z-sBdMIZsLczGFs637!=1vFneg7BRNQ( zbh9knqTX=;yhN92>%`J7+KyuY+)DJYuhJR#&E0pU_^IC2o#l5&bVet+c8IZB0W2^7 znuuIL1b0El2*PM+6vNz~a~QuQL2ydHzf_j!n{J%8ioPE3%`5QcQ+({z=-2;OPL zJ<2mY{nw?Y+w7nOM;#cr#GP4q0}c}vx%i^VV4Dz`WLGRrB!V1v-TE`8W*f&krVpFLIU@BdQotGQy0>>Zd=Gdu`Q`AeiA-mi#KY`O z-*={NZQ9)Ke?_OmP=f5Z)s%GXJ*QW`HqXOH7OVp6gM8huo+$3xS3=0W9lGt?OHqV9 zJ7btD$31W3hTA-xh15Ac0jj@^2U4nW;HE9{DAoFR6M=2&qEF8WqYEZxyo*P=tC!#A zik}#hVR`a86@q<95I--L*L+lXf+oK>G*LK#X$l|S4uRyC|KfLC!-@Woy`Fa3Y&J%d`>=jw{kj zDe7isVPRty*M3l(Y?Mc#{C9GY3BkB?voW%O2rQ&r>{EJVMQbQrVx@jm8CI0NKIa)l$&5c8fPe@@lpWS0b*O#rE-T5!7<~^~|C-3*>pQT49 zyDt(S*@}$Xtoe~-C}aFU2d_AoyhNC|sD0ns$p=|_>%&UpzbyjDd7M044Zn2c<1{+nP*rqL~FbL>9)!{{-Xc+Ll74MA+ zrk@vCLPqZ&OzJ10JHlZnc$}H3N=THUlM@QTjv?nm#U{K*cdkkpsc7DxR2psahi{5P zclPUlDF%0r|E{cqmNapbdKjX{Is;w9Y%m{c`pOf%u!fh-a)dstox`PPKMZ@G%pg>6 zLHZQoc-OyOR%)vt*7!_PL}$_QOUqNsamKgLRr9@7%#r0>vlXiFn4wNcMA9cx&{}n)6pOI0YkglOMhCk;Js2t?iz3W<*$ zFC^}uUrYw$3E&Sqk7LV%=XAU;#_!MEUVnE>`nnR940 zgye%ooM9&f%SUuYeAKW0E+PE!)tq}44mErh@sslP0a7BBV9jV8GLFM5Bm@>R!*-g| z{lrl-sekkcf}vM;!D=5W5A;Xjo)jigmFT^(|FITR7}aLKg9THV_mkcklc;!@8>dkZ z6&Rq!Rg=_7#9|UK`EMmA_!~&QsF9XMZ7?qnBho(>#o~)3t#=!Z@F8`ZfjCf9EsokjUsR z*|*<$={Q=mtYq|Xhh~U0@tVx!MNYu=4}r2MWWX%QE1Rf7NDwj!d$O5iwBz76k+N`* z{rS%6<;!?-pGbSK7-FgFVLJxe;gNmXLpligaE-ShiE??&SrSR}AA;mM=@n-_KY(U5)+pp>2(1ccKk*F(OlJ3JI zgLCi&T*x3G?m{$Qa1$K_Y2XY9!p2}+?ZD-BVyjQJ$;LkM1`cBVO9ya%Z+vfA3`}v0 z17~A4H4G4F6}XMLRw1aX#1gCCdI|-eVrQI?qQe6CCwOVxF14IV%_j6?{W^j5dum-v zM>gVLHXCrchuDo&Z$3<6Wwj}HcAeNsj7LK*D#qT~xgP}kkmW&v8op~UR+_D}aRMW_ z=8Mr43^JHC+Gvk;xtO6?T;15}sS5k+FJQ}41ey72ba*4;>PZ!~ILtUOr`iXc=p{B~ zsd_o3-B%YgP{YKv7(3o=B#k8_RUA_4&F2uJ|FNJonrG1T6UAO0+zQ*qNZ+oVO*x=O;Q3{gv$f(cRa$_*L-u zBNwhJ)T*_>mUlfIMV0-g?^6VEhEFoj^2u4($j3tHI^PvqGKu!#XODeSbOM7_iUOC^ zRg1zMKVV)YwHM3nlAQ*HU~H6j0ZStR02fglqZrB_odf2obWyH}?k6b`vgEc2K#xf% z1#DkZyb(yD#^{|fb#aXysF5;4Cj>1xqnwuVZmQFqMJ)<$kgkLhoT7aD_QZ^o3xXpt z%k}(c$7!o_LwzzI@#v!Tg9ar&nT4=iRAruJqa}<~7!3T=79Gs&cT8Zts%R#plJ(K> zhqMGc$!`rBx2C}*#CJVMmcqU-{p!{kYq|=AaPH{PO2 zYk-U*j=l+61dT0bfaJ~)8$x&-;>r}xWtL$EPSKQ<<|k_1n{?PLq&%HoOA+0;PR?p~ znr?inbdqi~Y$ftIs%TMB+9yyJ|0{~telZPT@kNu5SoItSw*p^57L2?jpO}ljb}?8d z9^1lZQ{x;Z7A&_$LZ)m8T$kuN9?S2`%XSYH> zv%FP9GV%xJRxoa|NIW_dGjdhxiuo$^dum{x_#PA~sMk%yeId?+Tt2*;uZC3#OqwD{ z+gOf%kB1;L&s+PHGq(FTa3@)zH9g8I&%AEV9WFR^v7?#jrnG)?%VSf z?7BTCz)UB=&8k&MF=w~P`@a3F;`Dm7`sMkb{pb7Rslj&Jf>E2+wfpD4$QPr0+aES= z=(4l1Z76P%QvC9l_gIhIR=!U%6Q$7~hlc$Aeuu>C-=6FCdxrO~E3dj<&bvr+zguk8 z`?|+&UoJ-6du$s5=Bs512jDM2+$yxbYuz_4j@)}PFA;5;L$!Ru2Le|=xIWG~AX7bM zV1@P!Is$D9e(>KM#lIyhT(?60nbdU#7=T*RSmLHX{dEjJxKR&jIZDNQc;u7}!=3lILK`!VFb7 zic&wxzr$TP>vIPNzU~fR7Knv*d##0fGc5G}OHYeQg(PBOz;C-vX)jdwg|w|M5%w3? z-b5EH!2UG{_KA0Smca_kGI(C>%w59fiYwGFUJ(pwyx=_4Pa4!N!&ioTRP;PmKXOLXMC<;k=Fw+tjTUG>vo! z27B6}Ze@KRrBt9=vz>D|p*JwT>}~S|3aaF@&pm9j25r|d>t`KDf1`AcCbKt~M4{gH zKKI;Pj=?5&16BxurFl7K-5o1HMMXrv8d|KhecLz`c`k(K2kE%aufL6zr9U^yBLWPcy zzTyv5QTCcJ$t0eUq}m^^a6Eb-er_IbVCI!7%+-S%=xkUJuc*O5Fh8#Nf4p`*Pr^#T z%4$*R{#C*RB9&6imn7jira0zGd_&kIUiwdQK@=-89<3a)_{8La$Et-Xf@#1~?ut1vRFGXvKHYL^3XePKu73TV1fI%o{%Be(r9<$R)te9*cS%t zRQe;;=&;-j;u;*z8o&uHatyxOv`ZwILC@!R$Ow{L?=0Ch(_)Aa+z0w#iIF^Ez;GM? zl7vF29C5%RpC%&v3?mF=weh-kkQF2}IH^%!FO*TG$=K_9ygr9<4IMeX3rK?tI(ZtX zu-92G2_z(ASVc2BZ>_aruYrl&q&mQx*fWE2V+0bh$HB_84JR=)YwmgKsiYC2S(sy0 zoLeLqnAMm7b_Po7NyeIXB}WnTn@VpN_N4RmXxAcs5!80#tBLtszbHX&;>7*U!7-!6 z8)33u%qw4~Fu)2cECcItAkqK@QY~8qDhYxD8g`Ij|B+Y}&h@YBX!lv;UPn*wDGw5y z-YjM-(`b9>#_TS)tYPWpOAeu?MUKBG|Bcd`Io`nnLxtN`yf2O7FAu`u(8pRa&=B`; zEQ6qkL5l+@brzUuJEl`WQXP4e=f2M85IAun!rYw{X+Som&eOk4qkZ}e(Zm2e6d#f-+N8^+3=r?=0dO>o zA)`e7L0~iwt}TF@ZR^XqXA@DIzd@B0wLtCux68jh({y&ih&Iv|kgXx(H+{k4!4b{b zK4hK5V5zb9d);|xguHm)vXRW=!~Ws4@QFwhQ5j(IJ$^M@$-lqdLyp=3m4GWU!2^zr zbgh)+$bb&2HTM$xUBQ{EVQ)fwlvV4jGjR$Hbi^~z4OVg$76IoW4jV@z1Cjhf z4;M#al_d^#O_HE?1@&Z*h9w+nO=gQjMiK*x8mPSqu$c`5+T)oG69u92R)1w>P&egF zFP~E~zBVhX*dU~<>xbH;(OSD;%2>lAtRs~ab3NkgR-KIJG6QM@5>ygaw;MeZNMA?3 zgP9r%Ow&~7Dey{?dLT>j+>g->$P)RraoTfWfy3k>;h=0E#oDCiJ`{6O_;A~BaxqGR zlfq`vm#r<8Ep|XYGqs{)9P#r2Cf=Z$sbx9uNt&xzSu0!fAAPsN8`nRphj zb|9!5t})D%#SxkBFq|j&pv8VV)*S2?sKgEv22y_%p4^X_bA9NAOiz;9NYO|37AH!aUQ%)5$Yxo@y_SMM2Wb}D5P^c4E(~l z0P|vh4kDuE#@k^?0SW&`O|VsjFbE1dNbtC72blv*uH*1;_XbSK*N$#8J8oUn83w>| z{QvCSefzFtg`ZmUb@ItbGQo9D+f@g(q>l*+ zqgrj_B*58QpTZN+4Rz!KNAen}_{zEDC4xxB(9GX z3OfJ(MKb-_3ehgeessoDmHtztgp<)VM$E z5HhLDvaZZrAnydTh1c-*$wmWZ0FqT7$?)Eo`P3dNq}5oQO8kb8Z8AW*nbAivtS4hd6Kx6``Y^ucqPWW|@ z1(8W#fS{d>2Qeu`eyTWMRz0$l+6 z6835h?XSAv#utae#E}gX+Ivk8HuXyLEz}jfXv~YaJbjmDtcSi8 z=FWiRRLitj<^8F&NH3u%sfJ?kTDZmyv*k60S%oJSD-ju2M-Ug*-rRPY-3-a!f5;8>(Fnb9v zBWjxxj-ECcbJQ)fOp&A&IoAmQ+d?8o8mFin8!>KOS2&%?Y~3H8z9?f-!wH{P{*^ zA4>Sua2IZN`}6jKyz_&*Z440)%iNxmr7*4WpzD_TXd$?=E85|&|VEcj|Li|#u7$F z;t24nvEfl`-emfu@yB-cKkhuiv@(yarz}Cz4|{s8e05Je5n*8c&UUbv*46@QzE59T3qMR&cLq z4zfQ=I5aUbBa@+sZ3>Mj&UP-dx!qZC??MWXsr9g}7%?-x-Fel^fYViQ@aX=?wh`ew z`kgW|mLc_pQ2Uc@uFOL_wy-#CQa>`hJnvF8HTX)a0Lm$Kz*#`)Z(SqdT^u&blZ$b~ zgdc;X7tF_Sx=mYB55Ta@r*USd&2y4rDoFj}l1n5_k(-{>b{fxbO>8?H38yeYC*`;l zO;N}5*uBvTH#6o{f&pDtjI}%4pMzxFA{j%&))+RNE;U|2SrjY6C69_ zfgIb@u-BVFBnP;hSB{H9+q%(F*k_Of#OLyJJr630bEA88`ncl4;or45L1jF64Kf{M z+{lRkg17>xqa;ur>zO4|>FRVIjx?;>t!_@=aAWwwqM(u}*Fusq?j-lZcQ?IYrEB|3 z(qUq~gu`ZV0I;N=n0qDs#>JQ3l;ZRIb7Wi;yllFJ_Mdi3UFJ;Q@DYXs%4HTOO;7D(F)2++2p~>$oi{8C8lPJJO)d!HYy5UQnJ^d@bi!D$l!fP|=SzczXAorA zFG?&e_(@?AUsvNu@Nnru7cUG~gNCtMc*HS73#}N*;ObC|A<5CAVM3u|PkW;wd2}IC zWkWS!@s#UBacH5%Az|aj38PI{MPf5u;|SEw?h2WK02((sHOx1lyyr6-{*;f%(Q=8jj)fFh$tsA6?T zXT~pTkQr(%0-KdJi;9M-A5+Sy$tlGL#MctIWuFEeLaL>KF&uj@iczv4G;0e{`9wAlw|l1DnoaFkHm!Xp9l}NC{^@;!a0Ehc z5(tp5sRh9sae8vj(L9dwW(1zgOv9EJD9{JRwpe2l& zb5T|2autq1TPj1Mpf&J$)Wf}{+7qUv~R)As=B zsZ8j}BSVjQ1W+1XG(sRn06D9-OWI3R3dlt4KeNn#@o#9JI+5yfg*AvxD4+@Yt1HWI zUv-8onkdfBdc7Jh?b5OdlY6zqW=+y$F5NntA27Pw$f&t6OZ{FBb2cVR!M!yM5z4`B zj}G49{wcz6poCeH^Ms?x_nG#|)~pTo;BhBYGp{6wBkwY6;7RqjyQXf8{D_mE7f-@S z80qF$m(%<3p_b{-Q;c-?WH_l%A|JE7g%h~N2i#c4*v@uUEw*Y^QvGf?g)i7q#o}Y~ zUO!A5Us?zF6~H^li$JL*zrOL&pinsSc{AGyY<_&NX1iCYUV`Gw_{dh{0V{6DJ)mUB z@hh{Vxxvs-i^%6eH*E%%_2gY4mOBt2gh^ht6|4I$z16PLn+4e?j?AUsaF@E>l;)O58>jDNPrxoB8V_1tM8|bN$1NKL~00>06+~t}#J5 zN`YA1IJ|pkZf+(AF4QmiK*?@Ku0ZfiW@}sTkDR~oA6{wMs3pDHpW?{4yoi?7jc7b^ z|B1Qw+s%7R7REN{l5vVV#@g-feP|x@g4rqEV!GpR^0-V3KETllzQ4)8YqHra{T4Lo z3C1@&^U0c6HSY*83u5gMk&wQ0Nhh%f$^d+$h$jrn)sCm}SZ2&68I_eJAtG3bNO5qPslr=F%R$l+eEV zB;AVn9j&|=F7UMwK928BkARdN`d0*)5RdB{zJ~c01I!+B5S8rT)glzpttJOwV+EM8 z_k@`}#PO1XGoeR<(-$%WzZY|aZTQC=l6~Au6XmNzmbXqvfUaB&D=NM zxT@5$A^as60HTcf zUsCh0H3JjX@{#eT$8ryLIO&e5%y|yqDd~OYody+|vZ^PMym|H{p8*ha7FKZ8uprxT zMC{@`QAuVgD}#P8p0zE}b|r^ZaR{QG5mGsLs%&Hu_{L7BUc>wKHwY!8>Ie;{%dL3_ zl9>csE4#h0BbWHLqm8@~K)%LMqzqCfTQyTS$xTU*m`kK9gpuixV1BvPg)^G%(S-WJ zMt%83Am2m@gPSwq$Ob_S`@N!|a1_Xuwt?j|;F5y%CiV{#d5FZ_mE^C223x_J+QK2ZIo$49ktfE~vrxJTd4V5%-e7L_hvkCXul4=yX2utJu)g)gA?z zY3G>tMB4h1#b|96n}yQPX8!sab545ykp;`-FZtk5^c2i;jYUm+oCt^EIh9CLWqNA} zXu+a1jxEi-rr>i0^@eOmp-IYPa~5s!Yiv0)5)IFGmXBfRnMS4K|1hfv!|`cWOYjO| z^K=0Z0JcYt;)aht8Cw4MktDg1;56cKy;&K#+^i9pTUZ-Qr`z@`-*oFZtTYV z&0iDk*^(IoLp>ZCGqtsvG-|9|X#Z51mH!t;4UbCTKP9tbBqZce3>2cG793d!QiG8( zAj&Cj7|{$#2&nyqP+|qnbpRSXGeX#JD*go)8XU2r(v$LkaCc8ZzC7)o=-ak!+uf^e z+r8ShZQHhOYqeGzzqW1L#{AzsF|&8f>~rG1IX5TjE~DxqD=I28pZLV{rINud1)Q5> zDM_qk-z89)oC}36^uH%)gzW(X)sufU(Uj?1fh2ip-F;9H3?g_@XG!=jk=w8iEPvH> zriw9k`&$CHR(y07@Kr~Yo8AVB3`@g@97kn9QQaolkg?^ew%J@FtV(nzBT2kAzg#l6o*Bak0V$e&EB(L1Om)ZZ&*#g3oj;gc>OaQoJe- zM9&S2qDVE_KCI36ck6${bLcG&mPODT9TlG7YQ}q?V3EKacsUm@o>kP5MqRLa?RLQ_ zauWhQ$>fk~>>+-QabEkFbQdk`zu>|wZ%z<01;&O+BL#z31Es}T+Rk5iv;foPTK)wY zE9sp$B`vC15^}s%w(oNPZb^_z7nDr`qga1+)~e-ni{q8!Fb|}q2kpZlH1@blLT2_J z@!}{F3C3xf*XB{F+rz#?#U6%S?<43C2&C=QFxDl7fT5ohJdByN*g?Jlr<5?n%tA0` zKZcp)GzO;Kvy>wde&)K0-<8z;>+X$eH`hJ7d*6bhExBL$xVtV;t+8;`(qdD$T|LNET{nTWFE(X9lGknZ>IYbA>04~GRKcT0d`rZ^^NN=q_rmp z-F5kP#BtnzinXmH(u1+y^RMGV5Crzu!!J=hlYY?;HK&Nx`ZfG#@u9DnthzhqDYN+U zNmFF+ZdFX>hu4uP6l5tulDExEx-!h>+jGM!_HHA{`5w_NMcItWQ-KM2LHRhYqzZ$_ zmsQyi4>r(Qs6nZ?^C8lpB?mAnq`WvT;RWwZxmBSEQRHrMB7-v|Alp83}q!|WQ?3=oQ<@mfO2{J6la1B!)^>w#&lE!j_1!_t?=$A4s5! zhbG}kKEUx6nNZm7R%UJd$c{@&$$)%@DF6_&a4g$7Ej?PT`p)4hF zMR|zf2XC9&@BUR?*&HScW%MtTUE$!$YQSY|<2^TY`vax<#6&56l6L~tJj(S%n{-<> z0lF=?v!Y5jx_W)m5RXL=7p)??{+jDb`VsZO$t?8IP8uhG{>A&Zy|QMowX#Lw^KE{i zi9o*f^ylViU9}C--FBkcv+d(dgD|g_U^|oPSarMu8p_&$g5*}JFOJVbQuP)!6Ylfa zbvY$>NCYz00Q_=IkV=s1kOOF-11b|l-8gaSHS#KOSwqDJ#8B>ez#>@V9w|DW0W?Rf zuq06>EWngZ-NuImQ8Y5mAINtMXv|Nu#JE?T!>Ms}?-Zn-7D08~KPc_-vz zQ~K5MmJD+2>ECwFHd?&-mGG$~^C6_&hiC6K!&t(H>^sk!Bil>&6L4!<2S22}=PiH& zQvz1sRMuOffS=o6j&wb(KRbdoX02xFz;HPvCXZY+p)qf?BPPRjrVzO}E4YGmpm_bp zZuZK=R(~yo%7ru$K+njgU`uksL>3d`h%FQT3eHk@Qq!9Q0`LaUAt_CXvOqM9f)D^P zVB+V+e-lh#HcCk3e_+ zZVrux2{7&U)4+g$o{Rb=obcDxn9X4BgDiB`FBuxSi9(f9NlJq0>JB51p_L`wI5Z3$ zM~Xp}RDsBu0j>WP4M^7m0{S-$3{6x@cukU5==3 zuMr_f>RPa3;0;>n3UxRZqL*@EqNiSnlk=AG5US2>kiFckU|)}?B80@IEVcwLf;M&44vUDRHOj{ z6x~(Gn)r*1kH3&pc6Z11EJEl4%%`V>AJ;mqkg<%UM8hID8)|}Ukn{w39YgzwDeKmo ziVNoBqM=@E0rHd5Y&5BjV1Fq=jD6nOyG0<#;RKh#)m@?Ln7EwaWwHPY*)SMsSlIj^ z24*Y{Q%JR}w8SmK<|!g1(jF~dnsS9#T6p$6FYPpUixfW(W6DPDcwqMc+K4;B`rxlF z1h{24d0*p{JdQ^SutBG(Y%(_E2xFOk6-^2l3=doffQrziR=7r(F=4=ZJgYa;JWacY zGdX5;0xt%3qjzWEfDlR=-E9o03k2^8uGwnbY7hAtD3>3V?!RbJQAV`Lc) z3UjZ=$z22Ji`KCb#aFgPVgQo7|5Zmt2A~0B*8e+?n_W2xxN+)xT#=QUz%GA{Jydu7ol=DMGH4j4(F_?;x*-l0qp?PCk+aXy z>h4$g&(thC3yjo-x4-WElW0m0?z@HvV<1oLvgxjkgx&u6BsKDvOhxKm%R&h{GK&o$ zzRHK@Cu*brFrIdT5W$sOJtl`%j(sRPe)hyIL@Mu^C=IYc<|xEMn>6xwBXLB@O0;UY z-e8!9Ru!-;Iyg#X86HWt!9_Sb=6Z^qkW`T)T|8cWr1(d-CtyEyD8IdlHc+iilmtW} zh1uGPt}DqH{WMOk6^(9dUeDl8I!vtyQhhDS9DZ+_g>K{bH7Uh7$wmF)+y%MkTG~B` zOnZsB=62PHQBR1eXDl3`o{XTU4+U^>q-pgRhE7jPbNk#r{D}L;H*ER?JfF`n$>{kN z9al``zM2{FK$u8qidm(L4KeXBxR1to>bR&`!=ifZk?98&8Z z+D60dFFli^Z+!$3U9Pd1j2<(M=uWMgoW`2+apCkC9-!_}6a3GD+O+&$qC7`7wVNqK z&wgW(aDz)4CcP(ladipXDUEiR?^uHkg!$mrhP#{?_7cD@LM=C0OtN)c4pWHBh6QXRb1! z&Z{~}qVL_>!1uxbd?L^3zhP9I|0_oC7c(o%f3hYnqW^bB#qsO^VpNt!uYD-tbq))(YtXE zHsTdpnQI)Z@Rs!y-KF0>iO^8rq>oo!O~L&qm=Hz`3vOE0Rm0TO?5MH{;m6;l@9Mkw z!hP_W&87Un(HpPpYp;7Nx65(##E#QNV9Wid+ zZsFABmreZ1l>5z}KL0uVnkxSukCm_U;ppCrF3cTw_pRjX;hV0XC*hC$Kxg%sUhj5b zgowuvk(d20J6;R-Z&M`5;8*{yE^`6?Gls3L3(Bq8t+g9-!j{{uWV^mj@9&T*_m|J> zYd^1f{H`tmb+uCYZg3tT-$hFQS?=ZY6Ur^AJo^eue4l!S%NN|*A7z2!vcE0uVUfPQ z{_|hnFZ=n0{-mGwXN2Zx9nFrUCt4vYl3w6zg$ZpREFg%=a zNSB|aY=ewk?B^c+^+NeJsqQ`BZItCD=4QO3gN9uKmtI2s-_? zhy79J;v~-L>-;(E`Vjd1JUiOBE+;Hqi&H1@rx~F~TfMEe-+tO^Ml`VYm9)J%2soU2 zxk~`Sb1T34S3qG5h7Crm;1iM-!Jom(o9VAN>6^A-sHpGw=R(_T)EvI}EgrV3zqpLO zQ~MqGUF~J*kRM+nFFn*YoW*}Zj-al9aN5!j^o62F39JKFBQbU?;DbcpI9R#{9eJwA zorF2xh$KT1!-Z^8m9)|ANwKagYCoKkBpkK^BSqG4Qn$WMgZuiXz^)ZGgeu%5Ev~LT zP-=ApBbWWY@D4%;_!X{(K@4L(9uJb?^EK(d=<}cPc*6Tz-d$-gFY@r@OoX#9rX?@LM#5HZTZ2%Dg=AQ^a|LDjhb4?^>EHOT*t&jX>cBnf}FED-YGiKcHxJ2y)>j+%L67+ZTPZ&E_}}Np7!x~ zRIE~Xj~of)2N2SU`H{Q%clMYH)RvBIG6E$8-WI=p8Oum+1Q9Uw=u8ijUxpcWG`73s zOil9OB4($75>WoPq!*aKIkZL%@en?)N`n$j?USEiW2Vmq^#>euT4i79oq4b+?O8*q zTOPZtx;byCZcLj{ah$!K=h#Jmvc^gk5x5@4&lI4P7w$I_=XE^J zw#*XB^_=NeqOeFZBvRIvYEId`Uz3^gHwYX{)NDH-TnaSq_PAFUxU=ebw}0fk_FZdz zGRc1bBH&ZgA-GzNMLt_e#pHzKxLz#Z?4WK5L_7>(8Zs-M*~0hBGk|>Qm3<;oS^NU7 zzSXRf(}}fuILViC;(o|FXLLJm2g!CnmXCYCH?`cZ;ky6hk9>+QQO9pj8u$4{n|VlZ zyL@b=pM@))v~Ux2vk-_D#`BJi*mI|`LXhRzTsny|)(#T;c7LPh#;+yu_PmxnrIKXF zA{zcKz|cF`oVVl~67+eCGb&^yq~~2a8~iXnj5r9v2N_zhx6xeh-K3!=%<$H+x&UNk zg{`>NeSwX^rDJijCa$BOn?ORV`uCArF^18py^y{o%Okk42{Yt~#J=mGclg;&3?5_m z+v#N<$o=TMDF+fiH)#Dvx1$4LkN5)QGMd&B4sK)r{*aB%sf*T2P;|In8QA#nuPN*D zM~Azwd|9Et!F4xsp-lL*L?L;QHq8-42-8*FA-NNxnYZuR-qr^B5DH6^SsQTgGtaz% z->8Ct&Wwt#>@yGZg1%qh->H(UK~I5`C>1`%t38~wcY73OOyiYJSI*rQWYRUWgx@AD z*kw2R{zas-%y3)vJKhd^*YDq7GH6Dg7UIe%2V9T%l^DlT+#J~y4AzYeOMOiSBQWz5 zB+6vM>z3;B6GmxD6s8$1X3Axz*~`qa(Vg;{Pmm!Q%}Q=a+!xVB^5eWp1#%f!(#dCR z(*PJF7#4#R4wl+vOT7Z}1@7!;u|73IDJeAxjfJdA10HrZUJ54kc(eD{YpZigl|e(* zZai`M2Nc9=R4MLY;$*)g#A2icxl-`%s(1L9dGWGzjx$6oHLVS-$)NOE<)y|YvHT(o zEc$D;uO2dWFmZDIM-@Q2oAtfvo?ny(n#@NmU(~S@@$Yhr%1yi%J%+0};!FZ>?{JE* zNIEm$QFg%cc9o`cdiUv0RDcW^j>mj&>XLX{DlkJhf+Oo$K@bueT<~=S6_v-Fk|dDw zGqXijh!vNNGHX&qjjm(kJO%!+G;2(h7sl^Ev^vl85trf0RXFqc*8#8U#Nh%GD^4y| zIpsz);kiIzF&9N4i>Hz~+R_16qJ;Z%rIbbs0%)K#g=r}TUMZ%#MDIs+%Sq8H6euFW=h7C^Oc3l#jQ@|_ZQsdGjyy1usU`h|=79K##4m;+} zwZE(6+oHq6aCSkV-GD#douq@G>i?xKH@Oa0}9e+TL?)s zLWW2fsBRAb!HhWI1Y--SSt%cg>VRyY=X^E!rxSzZ@z4$d6vZN=?r_qKOM@H{@ua8Z z(%T0$I@;l8QJ-SPb zvDS4!j<&$RX1<#(uYx`P@l|Dp+2jES*Mfs9YD?k6o8Sf(`qB;D6$?*jrNz6F^^SDq20J| zaJ9w+;9Yk3rS%#0d={Bpc|^bA#nJ3HEa|seKLqlTr2hu;XX?@@sQRc1{ZF`KA7AcR z2w#>RCLQUQVLYqA`tX6Ql)hFyQCZX1By4AvK%c(?i&f|=-@?w8)}}4r>1*ek{6?-v z;%$5>yrvy~-HWFSu-Q<-58C)!?*pVCNR!T<=)Svv%nJ`|u03u;N5YshdhM}esI{h>RQG8Eu zT&T~QCdz1ybXCNREGO=i|#a|K+ zm5I|%Kn?5Lz4wPOf=0kEt%k+THgXiVi@|L4o2i(f_#8VM5=St>>(po(c~BJ>;CZ08 z>uTOFQ~g1=RKP?4go02?G!uCE*=R%>q{(z17%g4ka}(~*hGnW?3%+-(tXdj9u8Cn- zoEWJP?D@$lt~fK^5OpNF9` zAP)Qt^{33glM{;mIIC>Fe;1di_$+{IZggbda|nlj%{YqUKhQ}SO_XDyeRy2-W|5cK zP{_WCuZ5_EMAkUmV(c{XO5n)90zG^4nDfs-Q<=-s*MIEM)1Cn5AF-|9+s$m`&w#S=U_yRUJ77I3#Gax}~4x*!~ zv`;EWA+_r^H(}qvwE!qE(YbVkApe*dAyUC|I(~hVnRPvXatpE+_02P&h?RODlwdvj zm@i^+@aiBVPVG;K`lZOZi`lrd%B)`Pqej+q-p*~ZhcG3Mws)!cf0zuyLX34%={F$P zBg87-Y6RUWagYvKb+rFLfh)sfG{f8=nnHri?1uUHPPQQcvb*mHLImI<+e0xGKIB}i zJusn6bihhho)F-6^el|kcRpcQZ2VT)Yx5uH$_Hpf)^L9P z9=2yL+)KdwkMtZ`kOT+P@=}|$c()K3@l`T=RQNyJ+>e28vOfXdZ}+LFTWx+8*2Mu) zd2r0u_I(1x&#>s{RzR8@;b+fB9;*11bq?&cdolu$cjFw!j!f!uGOQy(-+J3zC;IK6 zcRX8g6gROwBw*@4#M@wJFrV%ePlVgNz`rp2LJlRkVkkq+*Js0rJ=y&Cdu}68cZ_R7 zYR%_mEFNQaL!lgSs19ONU3Be*<$g*MAxso8K}YF^N$tH$hAi-;L}DU1R^Zt)e)*Dx zZ#SCy7+Jlx*j>?=m`7Ok;S&UzG<)c6*iX`!-+evpRFC1pdD}L`uMbw_>!t2Bj|JA@ z`-7Uk7E8PAx&CxkeFTFfRxvjkgh(%es1H(kI|ip>Ws)$dNuzR;PHXU#*U7bN+9)P7 zj@3H}BZcO4%B4FV0_mh-gIfY`RE2d8qkS)^auwQ=83-G8v)nN;;tMX{rNearJ+>Rk znR3>VI`)*SVyn9!Wzv$>4ghA~Xg-{{ubA@zWyakNZd>t`@;3?|Jt*mASF?ZX%rl3K zZ>=k*+2}aZyjuvdBHC0FEL#rb&QzILk9;05IOp++l$=9f=UF#_#tdsnK0F@@mOyZ z1c?^7ksv)j%+VB70^Zr1%EV!UaS2j-XjPU%Tc>6K`&wyasDg=X)YwE_f2g4(Q13t zZjbqU*ZNWeF`*WBUEqAwX3p$QLih53?wjfZ+Hx(|lT3H3V#&RWA8PD6EN*_2j=|s2 z=2iumeqiLZDL^kK7tttWRny%o7aq)}sP*R7_>rO10LJD7HUQl=SlQi>-0S|T4$oZy z-~kC1wj?x2OR$hQi8f%Gk`8aVe_{Qw;cfGwi>!**E(Ce1X%U{(ne6W}kzBlwU8Iy) zI!UAd`G~(B0%AZJ`76eWZPRZdDRZ0=H-tYIeBi1{+OSjXN3P2GwPhatrE>hh#8{Kv)|6|6^wi_Vl&ws^}9Fsarl*W?JK-qQpC+WeE6F4m6 zYUIM0N5km3_`WEdATmJOfT15*0@b4nZ?B^2%vbK0yC#oSLg7L9&X*qf0HV&{-|wZA z{6ayu=iAO?Z?({fdOxQ0V+36GzFbM8*pyuK^#>_(IzLukU>F=d!Ng?&Ze5Up#g(A; zfX79XysAT|u^i&~Zi@FqRP4jIA5G&Ohdqkw18l;L{VpDa>@z+xje}?Xp*##V#`u{$ zfcomq-x?9_4xxzxKk8B%z*qFrEQc^`Q?%hnXAz&K?&^JBB|0F0C$5nQ*|lX7$5Z#hxu z_e2c6?lwmMW6CiUl5JGt&)v>3@9K|lf)_;d+7O;n>2;IALwAVMeG7Z(yp6uSbyHJ~t?n50E3V zVjs68s}ggq;ag>-W-KNxIP{{?NEVLJ9E&>Ie^%oj~I;rB`<2rlz!PEycVd0FCA27JK?CTRyR487q z&Yj#l){luPSji7 zts7$5JTnPT`2GLvZ2D+CIMfKEGlR3bw3nNN*bRi0Z1_c26krSybT=q)N-L>_7!fZL zU;c4eueDCd#GM?7is^GPPs+u1Q$KtXaLPD(&aS?CClo1kvZOt6nJndVkq;*$U`?Hi zbRN4HI#L~I)3u}+iv(zY$PZp+*X^g}n|`;6(3yEt8{l?yrN-7-2eSinBx-N@F}VmS z=&W(_C_k9TeQpPZ;UI4vonm#~eboF|QN}5DJvempdT9z+M;aMukfH`ks(Le{Oo3|8 zJDy~o$2sNF_~U^I49m?Yih)b?BVtn`Xvve2NnmqPh13+mZkX6yVL5{fv$JoQ_(E1n zZIs2D_&&w>2O5@#(PGid%6y*l0fnORP}-PIJ)Tn^fEa@;7d}vS`m7#x ze4HKA!N#=75s=pzSS&BB2WTwUzwVU>Cu7VYQO3}D<5uh6qVP7wE$l~Lz=UPy6_8)R z%IeFHna2kb!&+{=;04U1W1J`@I!SD$scagcQFD%-$bh&-hd9fU)r3hR^xYw;n{9Cz zu8;k3v1lhT6!zWANR`3uV=fAui&M>Gu@^^?Nw+QXlap~;yc<(;bkp=qW-9W7FGfJ( z`Upg&1qK=QW_((!IyM>9VemJoHf$Z?!z3A!WkXH%9|rifexUcQk*Q3eQ!yWk`=O#i zLE63Kd9B=pK(>=n-dF9=5cPiZAUahZ_htw9dkDL^|72|rHl@dP1rY*xQ+;QZ*QkX? zPaGKz;-mwz#>%(woEPN!*~^y==tc466~*yYOlJk`nq1O&K;olvAX!)|5r2HIq4i80 zPCLSTCU%|djF|H*zjb6ay_(f5&srlypk?BF61zm2+R}%mCD8dCjKX?34l%e5@K8g< zNtIN2ZhA=^A}q)*&C|d`M8TE%21qWza0sZ$VyOQ0s%NXdLB|#8)%8<20 zv$58wa3!7wEbLWCA_Itvi4sHFfa|eRal`?IQN`mz(Kki0OFLw?K@#Xvk2!(p>??h^ z4L+GZ3BZ;2bPS6KOHNU4!!hPd7)^WFIZ8-*&Im-l(`65 zN;1rclThz?MMC?9*GpHm^Sj<1T{rp9IPSwP?TEHSdqZ7R$~NmrV>(PVBmG42ObY{0 zZ43XB+GF>oUir79tPbhJb)YYsKi(bup*Wc6dxFnFgowt~oJ?*rcXvLN*1b>cCe1EK$JNH;USst>1*s|(a?fxN zwy8r(aq8J~tKU%$(zw)ZGRr=e0!AFb#1iRodZ&IjrRIB%I&AODi0iZD#^B9r>7h4# zALXvn)~8c>;m1{@)r_@iY&12~h$|E%DVA6HvLKae&;{6(e)R<1Pi*Vj0l7;zhJ(P& z0x(Dhet%1EniKH+Cdll2Lm#{qadQ>9U{Ric+u*U~ZG?@s?aom-tOJigJeqmF_WrmR za)<-Cf-ioqK`uj<0#lGyaniMeH~}miA~L%jr9|tm=-MOjWYQ-=a<6%vkiPMDxZO|?gMoft5?=UY?EmpMQ8Lv4xP z#oc+e)HdixH%u)F5OshZO(cYZ^;p&D!rlr6M1I|`s7x1^C=jsX`85EI8zcu(k?Blj zC%LkH7A^&_){yeKsNAz0L9Y1?K3>7Bb@rg45}cBpD^Kshi_R>;G-5_&98pAm%3?$e z1lYpV%amBSCC)r|he>tHyvViFXS;#UbPDv?dOBlLvJw2T)v9GRKIU$#V}8~Mdq>4J zrtR_buu;rf+DOxIJ0H_`fS1@z(E?X>XwK(sy zf4s>$KMefRSlUy$W-}`l|GrJRH)Mdwmpq=(t4_qSaW{Et11>A-^g)*^Gx_G~i89k_ zo-EVZm5XgNc-PF*G-XM)Ns1OKu88RaUdfUtv)(?^~HNUm#aQM0D} zVS6huy>b1IVsuhWLuj+;U^053__Gq#9Y^9L6*T-{G?`>cG-y1u>@exMh4dN@~&>`}R7b-~~ z9w?Ev)oDD}tQ<8*m4SE9?6b~f^Nzz4j)rwFO;VkShRx-U^TOlL@@$3>z+llh>zMBRs6hmeW<9AUGlXiCiGN%nC+)8#x;!#MU zTSynr957nnsMiv>{?=16GMg?*W4+|WwkE!?V@Y`ZrQYqPA_L_(NuGK+v z187*W-<8uEZQ#9Ky%c)T%|)fYY2%Aku?(1$1X_JXr{GPZ7hZ`^v<*` zJybK&bVuRrCerO_2Qp!8CrpAA<`_ZX<6`_!<>?|#rrNiYc`QNQ=XOTIn~?R>X%SGL zk&>qIMe^#IBuUS^59V90(p)pn-c7wP40Y4jw4%6PEA32?=*Eb}nhq4&c<6~9>b0X! zJ6qWbBsA?$G2_8DN!5WiJK2}l{-3pLD1DIO>Sb`A)@`$){%uM&83(|BNY!A2uQf(3i=t>2&VKzYia%=BoD=3qbowBW zL3TXJTXy;K1a6xDCDd_)tJ=%gLbM!C*zn#EOBXtoTi5cMyC%q#IobnDQVv zc-#z>hsr{ZLig=-UwCo)Wf@u6Ot*ZE0aYW39kMEkcGTn>OXIk~yiXmB!3C!zPsUcD z6tS0BEFCnPO+|yG=Z2(`Fx!}Dyx34s5Qqnjh#E^p8G})FYc$J!OMAPkh>aPf%G8a= zM8O0vz9f#RH8luEuvcg#8+JNq2oqCt;F0kH*B!+PkEQh^ge5O?l(=G0Vnek_qPrbC zl0}2EL|;?ZNnknL;pL6Z$wu<$v8al>FiTzD!IZZMc#hyRZSVHG2kXk0shjFWqQ!@L zP7o-fVklemDd4Z9YIO5uFyScvD6qA^OS2k^e~8LvF8DyzLGSO}J2fd5*Yk*Bp#!r? zc1Cm6dz7owCuG=UZXGH23v0VFA1Hm)2-$J}U7gTm`!{BpV6CdG&1sgm!3dlQ-SxQ( z(lHH7nfty;Y;YX(yLLPpt+DG>+jW$fM5dGm5yYgSJq8fA?J;aZy)}^HPiSXl-RCn( z`%6A|-G}{^L;tt;G)AxsMr%yhcslp|BYPoP$*c$4!*Bu^a|xD;6Tlk_czc3L_k3J6 z8EI#?(@v{dYb>Edl*S0~P{f07L?T&_#*t**Ef0a#gidjrm=#XFZycrjLweb=T;k06 zuXzz4btiNs3~g++Az>qGZDT93b26Z(ekE1yYI-(2CZJ;ieBg&VgA<@KAb8=Wp_tYL z0;B<6+>pl=;KsI>by1=WS~(~^I6SKeWT{0tBbsckl0XG0deQ#=^FuD3PN>`!3c@lZ zaA6O*V!H2lQI5ty>E@(jEk0(u-&jYAE}}D6KsjAivGI~mC3_XhIRvVK11t{(YPit> zRvn>~NXLpv)YB623N&2P>F1GuE4!)P$q_wNvI8flt_e2Te3SUp5xrFMA=2R$XaU9h zDjMk$oKCoe*Y2*S0m0X8yxc+!jqw*4A|puxO9XUQ`1U=`IkoxZ`TSGbB?q}gB-Jzk z=-@u$^20+2|A(_hIiycK`O0{C`6Yg@0m`or>4)~n(GbU=ktrXer|}|YjKVv1x9wbV zkD-v0XG`MfP)2pg7ur3*XJikb`&}+0)(3WuncL$~lpaIRu$I!y;VkBc$Khu0*vmxV zCtO9{w8I3uB-h|mKMZe#09o{tYLnpuSk#7jCoXlL@ipc|3(dC zT$dM#ndAI5ey@_Pe?XZbZ>5l&L3L+78=InrUl1htEc1y44-fFtUv)`6 z`Z9&mK#R#DWvDS0m=Xf)cFu4J_!k{tigLV%G`Ky(Uj=&Yqv5)kr`?MvN{}ZWTwr+ z{a}B*3W`sfus1~zhNhN$<{?X)LAZGhlhq~Bz>-4p=#_C|)VVrxG!)=yt1Fdr;eVBx|C<>8`uB)oPwrF_-l*f~%@%^93>*z2m{ny$%>x z{cI(?m+$iB;;U{8Vf5*E^_s)Sj>Gq3%lCuuO622gX2>*6f?d7)gPtIay!Z>w%S`}vIXs*i8!Tf!kudajuho(pN- zHvIXl*^TpG#4w_V_`6Zp_xrw#ueBPJ({`us^5w+7_4cxCi=Q&o5Cp-b1-ec^gz z2~kX~64kvBp}^hiNW0d!wztm`(W$4f%=NZauW_fo+{P{6EXXsjSmbpB$HKy(~P5da?>_$41$^fA$xg<GCs>d61E- zRmHQvUa!6;)jjvSjW(Pu583lN%&-TaBR63;%h8po40|9OUpi7R)2b*r9Q7y3iK8$_ zf7}1%@_XZEXQ#)m&zpLR<3HN9)hQVamg{$)t)!oWQumjU;bCSw(eP+A*7>?ur-8_Cwclr#1<(`ql#O@ z(_!^Bi|G9(;6eOWS3-e9{1&@{p~N0;ba&DJF%i?umZW@|oQ zzX!8ne#u%i_yCUM*^%5JC5DVYpj`J~39q$&YcO46xtyF=wQDLc>gXaXoZCeDmKrxp zWDdiz8xhQ>@~g##vHh7+RwfQ#-xIs)wmb*y?^AZZM$2GM{cU1n0YCmfU6%ixEbRO> z-6>;SVkok&ryTGORD$hYhlQd2Vndj=u+A-|E)l|?9OGGXpOh-oH>$yD0C1)V@a4{2 z$hAqEs()?yFxv)QcpG>KR>}_;SPu@4m#-IVKc9q>#p^zf$l!10jtP9EkcmY@2@Bzp?9pf0sOLAIIr> z{cJOoz1tJM{zB~{M{pf{ZCl0UZLdz_CH1WgDsF^6mMUc=jeRUi5|gp zgo9?3*x0Fjt6iJrA*|kcY+HRUuttA#rb{pxQM;Yz5KS3r?!u&%J36GRU@_z?ZMYu; zzn-(aagaD$dTB_<9b*Y{S~7R}{$$rqYNrP?atdn0@o6<-s?dHW+7y0e*^{_hO*vr3 z;`!#vK)5of2Z~b9cy#Pai!8M@!UQD$wM{u(rRO_Jy(nh z+4DNwG@)3`NHrUggc%OhO{Hxvs_=VMBzcvzmTSjvA0S+ITwrLGVDySi zQyEoRBQ>^SrOfH&sqNY-93d&n#}e&<>O{HW)2!e`8rLveD3A*QgRDQ3NULYS-6V_0)$5q@G2q zi!Wa@VYx)^G~)@`8z?!;DQzaW`k0Exx$Fl*iHiwV7~mKXfC|uo7%Wd%gGaK!oD-(e zMD1IuiFoUfJe3SeA|vg)N=^(^+}93j8fqs%O+mj}(D+$~c*<7l4%Do>py3!B@DtXE zYDKj1@O$~3eh*)DOqD=XhSwKbbzxG8EZ_14KZd-+;h8t%=Tk~8F!HJxe4T3Y~*09(O^A*OJYOD56SsTAo3{2QdrE_HPJXCId?tIVOME8h+3Fv9WVq|S*@?;%Fr74Nl{8aB;Bu0 z%8}RN>Oc5HYEA$f2m8}{HI{@Z(#4o~a+@&DmO(a^PEx4ZC&7^9xWr!kouE}HfRyQH zENQ1@f~J;7XK0gs2rihctoV_0IVql8Lv z4-Naq7H;rNfMK+5$ulT0&}bNc!x@wtNXT{DYus$=%)MwJ1OMKh)iIZ7NJ6MbRJjpI zhox<|zw%?|HYjH=4dt6!)sK0%5CS|v_|d{)zr(+Z7>%SH-EP)?GnL9yf_>DXt2m56@%d?;se4bA1!r>l+A0SW%9wiM-Cf3MAs8jF=>6hdoejn2K0JdCggq1 z)F!@F+j2*BDyxcPJ8o;d?R`=WIPYov`WE_ft!rbWNXB5$+1HH7lv;wW&8kWkPY-r~ zk6Ai!T)P$p@+PC~O4zYNQ&e0lqEOA?Xdn@O9yfKS9q1wdHCwHm^b3LZEUVEwfW&I8 zMhBt!x``Be$F`l__T-^&wz4`b{))~?n`6W|CrM*Pvz45UK{HfP+z6j|lAdScn>>*j z1E^V|V<0A+IYT@Kcsp#yKQq^mheJFb(k9)7*BDX)FVYNToH!EuYADui3wU3Of#A== zSp%0=U31P8DwmdoIE0=AG>e0cKTgM2TIVR)$ZK}=@j}W@-Cxp1jsukfW5%-<(?MgZ zNNiLyGx7C|`PyJT6|)gIt>q@mzsv|Hqr)7nb{=t;3@<%Q3lUVx<25T1szNTbW1jB| z3Uqd5!nt{L2j7yC8pJb*jDcsjaajV5drx>^g8T8QuKw#aFHP(D$By*JOZ8^rLl|cc zo72#ja5WjeEJasljH8}DqCC%u3lR(@OJmrP$d-*s$(#D@d2j5t_GYNy-{{S$4iL3N zVTRrFSr`ff_RHX>j6(4FT+fyQ)R2jBU;G{KzzdoX{BC(hbcF&ou0j~&+Kkd8n)l-( z{wV&rC}T=?WMU_0JBT8;U@W<8&;{lbPqG-Kk$C0ltjOqcS#@;TlH7d~k%c@Wn!kvq ziQ$WFKp`9%Jv(Cxk0zr}N&nUS42<)m_z%)x0$XKzaqLqfGkmedAVxG*%j7LqbZT}& zKX{qJqAeIGtzHA$gfyg!*jE97X@Y|qJm>Vb#j0qKiB&fU*)@nT&x@XE@>8@=N#OL| z0#0EkEbg~}6rfmp#mUt}YrKbwP4&I#-4ucZ=&%w z_PYVQu>ps0th1IS3@;LKnnV59h=n}i!Z^$v|9JUrb}Bc;(&WV@cjEyN`kyGzm2Y#n z3(5T+IOrH)Oy>T5ta0NYRt7rgl0G7g?%^Jv8Nnm%c{Lx;anPc>htjWJQrG4iexFAI z=G9XHZWAgA{bBm+BN2!nUQ8Ce5ucbwA~U&o2Q%o#H?GH+&#G4hGubNl&SAl!1?x!uTj!xQk~$`-xjV0uFE zLA6LzYer>NMHNkkgoz+pDYR@*x_m%FeRV<+-Rv1XAnBzcZLAESrV;QT2H5s0D!|!6 z+i=kJmv-I&rO`T~B>bY`4@U!EgH>P?+jq$h-iRizy7m!;+=s-HE#V5#pXZ<30}_7B zuuLnOaub4GLu*T3E&a&K)KKDkDV2-N%_nj3nc9MGRhOA_1+_i7ve7TUX#=*05eEOM(kZyDFAE3nC_Azd=-pWh($EsK!8|LPo1QfQg#O zHJz%#x~q&2G6o-Zj5tJ7i1iXCPz22{;ZR|mV*p@Hmv zd&ztJMl(QrQjfsz!Q+d!#zXe6ZXetE`DlgwBZvhIqo}mpHIi>bbp80+jJB@EZErq$ zO3UwsQ%tH{qod6GUK4_VOvcSQSX%d*<@?eViy>+ugo}}FZrQAj;u}tex9Yt(NqbDl z>yd_xLTxOq2A?VR5{zP-1z0aFkT#YRG4vVN++p_)8xZ##EUzSjA`6g#_;EMmS=3W8 zLyolI>5BgLK;25VAzyd3dl-hhHXAH}^p8y{=imR(2onSh&|$AkZqa^r=u zoypm1`BTjN6A`lrokxO45l_UDs6|>%#pz%NhTFQ*90S-TCorh{VDT(N)H-}S2f))A zCi0veKFi}n62$N(U`{>XVkZu@g(G`JaP%g;<`D(tRD&D0Wla6qeWbrEQBHUQ(NmXx zLsCV|sp)Af9CU}-_g-yK*7>p+maFtIy2%Fm80qj{Cdu~}l;B_68LiN;Iav~oJ-La+ zd7TT(gT`+#HhGMA3Hgq^#l-2H0fQ@DMWhPyXDLXld&;x5uJY>^SLb0YBCj!gFdCB8 zlfFv`p{^dxSsz&DD}V;ybV(m=RF$)?pLw=CE4>7_U_AjxodP+pFUdr$$@D3NS4Ngr z0T;E>kf^fgPDf~A1#43w| zvF`xn9}F3qdI&O&Y!l0;?(6D}6sB*g;hq&bq&>5h3_{H;`6g41G|n~Z&gvF09RiEW z*}aK4`xzR1ijsP#p!j)D`RY3oUg8wa`r~PI^Lc zjNza40A$BJ1(bMSdUnUD4kMez;_r-wLL=~@;$r#3{K1{9H5)DwLFGtTr0d@NPSX+` zLreowZjfcXZz5uI#V}cvx#sa&?S@!{%7%eN5DRN|3_t2yiA|f%z_Yc| zP%YFfxf}MBeF6=n9U52lNMaTips2ijfWb}oP4FW~HO3x6qyf!X^}5L;RvNUW_i{b3ReX8c+^CfC`N@b@?A2`LM#!+Me=KbtQ4+wN$MPR zc&n#DYMzHm*os$2jpfDBc31TZm-aqZYr(etrQ*495OZ4Rq0o;SIPF)p<9u(M{Zrdt zhuX4Ieo=WH$&5MaKvPa+sEXFPJx=Obn^J-F4YFVguH_0>PUsrs4Z^0X)UGso z0#e4~x2-b~x;yc>5-ukYnVJ&?;j2jSx+2Je$H@3o{s4JmXz~jW#pxYzl6fIiSukTXFhb%^6F`n2 zb~h~9izG$jtJ0bH{`L-+=_p63qo$_#z5PYB9u||S!bH{eqjqSXQwpA;bUB#|VAJB- z$BdOqWM!q0=aAx%BBF6o00czTy-JPlH!R@`WP-U!it#}C^R<+>LzAPc&|C)Vs^po= zyjc6%DFQo}sLsPXTW%MUxDiLoPXRBh2$spjyWwB@cgl(xve2fn9K1Qc55l)`6&3xs2Z&b>OdfCch_WSNJb zlLoGe%Xv=<9p1`J3?c9DXWvx>MaNr`fIegqiaSL{JXO3K0R&SUY%qcU9WYWyilWdSE_0Gh|!0LQNDe+emS4_ZBa_@FtEUe%;Y- zoJJqVII){uc%jF^y$`g}v~`cSc@M3LA=57!-MC5jfN167^SCOpV1JBy@T( zb?Vl?&Y?=%i~o+CM<@xke&dgY$wY;yrPaK6;pKeEH%N2!H8{=SF_ToGHf?+nB1qeh zRWN9&K0D2Xm@qdDFA~D1>!^p;pU0MmO2OgR1ulfE5lmTt0V*zS67Q=1IV8RhkT~MU z?dy<@vyDtauxy3`BekGAFe1Ad46_(!7~lrAHKI$Hl0v8_F?4$|q?XC(sTS1-GQdPD z_4I}H4P6?wyCWx;Ppr9)nw}bQ?;YGwAol}s3L4!trXmsHYYyb@#RXcq%g>m#6_Z1< z*qBK2b3)|=1!aY+U5aGvi6#OSI7)PBoE#-VQ^`|*jSjD9q^a`!s+e3CyK>M(<6*jL zY}Zb=NQ0|r{$jDAc?8sbf&Zu^s?~g2W>H4%F#Wb!aQ-IwLB-+H!nWw}d;|h`%m&xQ zNOBopF&uPi)S%1dG?;65NRfYX@5Y;_)=MDibZthjcBLGtSXV}L=qGh>nI(00K#~20 zx^W;IzUZT(D$P*lQ6!gUn(p^#a52d%)meR>)G$DRU3TNN3EHTi@G*THxOgiyujqK@ zzDk{NWp_+hoy3Iz4$Y+zWnFOcML*QqHf`aN6Tfu74O_)ejHd{J*ktR1+VkGlvEsJ& zvH-!>-;mn9GtgbHturOM|5~HNI zpET1X)i8vj3B-cZs>gTyb?}+uZawm@Bh{-8ZdKC|7cF=3yJ4O{s_&9>)ATaM-SGoN zH{w(|rEUmY;=~v}LEAJZKJc@l?LiyzAxJM`73C(6Al8f2t7ky^!*diRk!UJt(>Gz9 za8;P{HPP*GKE5bP@&5e|oB)8FA#8W{myS)Tgz6G}F{??2YPGAdH*Ju~AkG7IcaE|9 zxijgy4h$I`|5^Q>iq8Y|L>zr*Fwg}sf#!Sc4UC|rOR#mfqp}XqGem7IR?}}{>EVj( z!cy3RK_J2hKsp)=6V{3~|3iDsR0!t}$qrIL!5u8x94kL08#AhehGGOJ1xiiT$C*Ep z(E9F%HCAy}^~oeiM;;D5Pc+{s5!v%kK~F2D2W}6J0oh2hlH$G5BF!RfKk@}?u-rlc z>B5tG$Q~qJcaJ>QBmD?ktS?MrwJPah$xbHcFiz4VlxuC_@rVD`Dj>cR6!@Y>kl1~? zF;$1y`S5WNQJJ_oiC_{XP@H9cj|wqogO9H*hb$#@^l+p~u`K$dk|E6>3}2DlQwGs^ z8bw$Fw$7@2$*NLMVc!LK@NwkbrNwYtMSm%sD^YS)a(c>BSzhHC5j%aERbWm<8P6v< zL(+ZdM`8 zw(ue0jPj*Bya%{@=Siw|eFyQPH;&Teim70{i= zImp7yd>-_4I{=l?LsAvtaG}wvrKdlEGn+}j2*a{A%upX}+<6o7fR<;0VKsBE&Ystc zg)S8EZX6JBPbCn;{1c^b!<>D=5J|lPovLom?K!+LV;lF9P0o=GADlRm1y(?EkOxi5 z8X3)=Cfz+6)vd#uf2+sL(WPfI2-C0WQFcrhi=_%&H9cP4r~Vfc9_ueX_Ejh{RM_9)`ykw_rS2pzpw?Z4m_W5XGH2gxe(_HH7abd0_J9Peq!3DoT1RB-Xwp&~ypY ziN9R&82M--*jl~%%7zq2`~Gw{;X$_Q{Wt%kuc2A%K?cU*wZX0(tQc=*^^BD4 z;)Q3{3e$4JY23HEY?sV$T`^Abwe8$+LqB8Ax43lJ#u;Kli&{_V=(x<>CUIgfNAwZp z6H|Z0voV9v3TbJal~*`C%Y|Qnxm(NC8G$nCIiv}AoZ_o@Bn#cP#%cFa9<<)CsomuW zwC!B*speAmM+Fp?fv+?%utG?Rn6@F%@SLCZY|TfG79T%;S~jPIy}$zC#uG4PsRYy0 z7k;|&5xkpQ~-Rcf8SbpBKj|D22Xji_VUaMC2*g zl>0BR#4IJxOiGW649O=vrZ*LYXGm2+nhqaY0K)F2!UTG4epjaDsLQ06VeH96F0o&6 zwNa`Ic_ZQRq6P8#`UdSMKqf^TVHEVadF-jQv3uy{c z6lYKWY4~@UHD6Opn9s%r$VfeWK$SG~ia%(vJ-9-jE-Xe8xSOfkL9KPfMDvN=mIp1y zEbCxBTBs#<+4H6+Gsy=@m>hLymHVTZ{xqvA7*g)G7+iZG`LRE+p5{p^+!VOA z{s_NO1(4=x<3SowT68maI?LXuFzITI)?ks7+7sg`;YP*B=yBk;qt(rT$Ix?>x;^`f zx5|35xK@|vD9AJsl)+$t1*vh77?aB}O*~;A3eY_U$RCge0Y$Yur;OjuA;x`oXsUDE77*temH{)&c%u!KD>a`ZmY59{ z9S^Wz@z*t`umbcYneY}Wx)+JgTo9^d@iRbW(>WwAB)hZtVdJu<&vC|YUM)i6<-7|m z0vl&S4!b&b)QLEvLg#!CV|c+KDTit%jvqZ;Occx;vIb4{RPAZvuRE zx$6&ZWSwzSHU2~RS-j&gI!!31mtMN@Q#`hW2%1wTVIA(=c8|P(+HkSEw#d}|iJNbP z0f@ra{~Zp&`9J>Jb1<+l{IAvjE|2>+aR?5E{|^qq@$cdg9RJ<&_J0e9;3QyS|DS-v z{~;Oy{l8CN`Zv)Cj{hDa^i`-KEW zkf1T{*X(EcGw)jE`{zGQc3UT~DXQr*rS6%&z73pi+lD%1o`i zqrLyd_3lcg(+YjJtWt5*56tD)yKJ6!k;~fown}H(>AzHVY45?iy({ml@2ghOWPYTi zpI&au-(DY|FMGX!x7E*=k1NMcuIkNh7=d8UL9USXXlSPHO=F?u#=W%Uw&uD96LFSWUg zLe&#K*a2FikLyHWh+@aB23nFey$f0C(@2(UT(@=k@78-BXdyIM zsde?rXkkuIZ^`2cx*G`gL2E)sgIs}(v#rDW3>jXyxlfz@Pn}&`;I?26yV@1G% zpDMU=fFu{HB4J0h*P0D^vgN{C!-1bXG*Ak@YyZ>2={o7#g1~iCLV-VPz9(v!XQKz2 z89xdk15AW|<;qMOKv%P$># z)vsDL^eda4BA-=+K1^+zZwh<08qB~Q;k ze3s=Qs>#ay_;!Zw3X98p!+OBmF>HJR5vtv;5_j~c@47XA99sU-lHy>XJod~-&zr6X z?d;{PJ`J`0#ino3z3~?-L}Kcs(Q+?^HaEhc)kqsamP>~`wBaQ+F}`rHimupnK2 zL9K(|zjEMD&&rKnCD9;=V1gNMK206`*UYfzPrpbw2OcS#hs#RM*!g?AwnX?^|1Sbz zV}$_{v|)JhajK@*mlG3@$N1-Prfv|6ovwLIh$g_-BY}I}V2$_t8KN{=Nv>oO>TESmy(-q*H7t@N;p5P-RszmPCeJhLqRIt;x+Q@L3CS1v4(^ ztNLHTsz$HPelVg`KODI2ray8(*$+SGGNNA*Z$Hu@Bc0@c1Q^1u@iK8B-T-0`2+?C? z3F^1{M3LWzZwN6se5WW$6NH-yH<^F9deC4WKz?G)`z1oq<%)B5UU!>J4x^cT7K$-`QFl}p1kf~ zZE~|2^7{VVpU@Q94eS4-{fu|>z?rE(FlINlnvJ;{OyLBu@|w=XVQVc%_@U|GUe9U79@->R9|A~>P?v5@($VSQkD6)lTQRF7zyIZEHQHN5ZH4ST4N~e zP7o=rI6zS5mbua@z{9qa1XF6@DTtl%OP|T^{ta(55dIPtJ4@qZ{^FVk&kQKk)2(eD zL^OVMp`|cc1b3l5$BA-P#_%ZK3*$wzx7DzH-WeelqE{+}1zRr_28kssBFJLe0C#>X zH;&d6lqe))Oe=3Q_!3N;OK1eyEJ`#60$PyE)#;^RtkOVi zTRXdP(2}Q=Nb#yKMUm&|=*C+GNC7JfK_fynv|%`yiMEyESHC@VZx^?RHUhF3t)_JB zwg<%xyCLVQWM@008qSY>WAVRw;(wPB_TrHBMjldVz~n&*8yWg~?vi|nRRw&T5z-|q zh@_yr`_w1G!hst$4(w>KqFWG6J8iqI(EN1vs4F#$E^rF{0s#RN<6<(v&2khDkm^)C z9Bfgjd~@`o!W*!@w&-i*sdw6vd0>$ zxC;nk#RskdER5q;RzdR}0WAEiKZ*v#o~J@47+L)=i|5#jz8R}IJaX@)gRt!YZUKgk zUoelm7odvKX&tuhrrecWy$I%G&i9>9-^X6WF!1Os<2;=7FVld{8VeZxA;@gVOD0>3 ze6DH*Z*G5Axv5~ya`MlstDH!+3x~>Ye!yK_%*@kM+WHBG5wRHER!0qKj$ZWUA4t*a zFXk~X#D4yUg0U$ho)XtIBZ{j7r54k4(DI=}Vrg$kF)?*$1**n4iy)6E0|OjT(L>I> zqt|ffTWe^t1Q|}S&)^&ZHunj(;%n(NOK`J}E^!US?Za|GNEczXb8}cGAM#K*Yc0hg zNyMm2jQvqj-$zM9fUFAF)uJ;z$ML8 z>7F^);bk*~92YXt)SiQo1tDhMmK|0K0~SX~Dz&+5-D}%IyvK+Lg%VGnl{U&`mHpyq zu~;bN$@#g3_+B)JNBJmgZwkoH)o8!J;9cZXB<IuYoNU$%3=CHZ%MW$;>IXSdU61NQ5p|uR1Bs~oKcGh1f<*7TFiqEYTV0{#I zs$JmTxr`LuAgmh+naag8V^OdG5g*Jt9WqzoF{LK$h|wlZbuhH2fkaESnrv1YsSzd6 zL|KWcjKL#L6kvjjOuADrc5H-0_64+@?sm+<&e02^XgisU7+U5pLBrnmifxopZVMq` zeiCt(*emqTl(;3akw)ztawdcNrn(+YOR|;77_UfOYglAQ3FqAOnH!WglA0qPcc1~2 z&f%0@OA-Nz!W0-0uI8hNN(?--Lf=GJr`w7i)~smnsK>$jv)V#Mk;MA#QGvE`G_tLu z)eF&~&QLzqT>%LfBCY5lG1oG0g+9qS{;=d%RyH-wSy+86i9b zX(Diz1n3GNzLcwUe6WCrVazt^a&**!DT=u-@DKH;Gp#q2dC(jNB-F%Y=St&Hi^PS_ z7O1}>MCx#dgU-8NPsye1n7^O}d9@@xr&ShAfdNvU(_VAitsQFpbH%1h5lo{&%R=Mg zBDR1BW<+Z`PJGt<>z$RRn#`O^wbTP{5$Qt%=B;y3QOhEuOJ&$_B)$W{=-`XpO#lPW zG0kR}))`iFimm(9X@8rJqoy|uayh{?MtEMmWUNzi`jx)QVqMmLKUtJ=3{9|_p0IG> zCm0dZ&}z6iA|k=Ffx3V18HSXbmYD@;kUW|L>?#!`u6&r>w~6i3GT~tB6(GhYW#J=& z*35(5QiO|w8Q2&HX2Wgt@LM;muN7M*Jv?v3u^WvaRpTq8QScL#vU{O7JQwpQWQ#%w zstU2wOPZ2;5pmI(X8FoNzJBv^BeF}9)Uq(NK^fuDKKX=-z&d^Z5qakKpK$QMw;47D zIKQgQD(cTC&mDukBkgE*dF!j2H1g zV~j;Vz7%99U05*(_GUf9p&@QM26w{U`;`5oMddc)atbyM+JRJI@Rrr*4WXw-YO-<$BNXj1l*3XEN{!On;vo zIN$s|h;Dp@F5J4|JnCj7(p62X@Fc=0K%dZ=r!iV7)Y&K~)KFEOt`w6HO=+E^d}=gu z_n}V%I81O<8WIA77|GLw!X`v_XvLokBW)(jZ1>qmc=pmM(8J)ab3Sp9M;498ImlY! z(9&3aVD2izPi>ZBe<{o)_0!LC;NbXQz#rHbPhwKDAO)6-v@#OUl7F8Vrfo&_dT^`` zdPj=VFKWMF3)?gXc1K6aqz2%yu!+5Vz&rn_w^?2A6|au@xRA7PMAx_zP0l1UT$1YFT{}c z;y~|DG~e&`;>To9vgvH^;7=VwXlEc|CywrN72?L$v0W$0n>J~AH?uC$CQks%0-Sww zG$Nb?>f4c)ElYW}vOTv(f6&Ku9)7t)ujh*C?N! z*Vt%IYj|x`H`Ckfn%onyS3aA5?xF7wo3LUhc@Ax{;_kl{Do7>Bx>CnZf8Nm2LRO#X zGz8J!cy6twIjSKVtRlr+r**cI)^Al%M_*o)Pg0$KUg}LZ_`SimLH$aa_C^?b7uDVv z6*#iUD`>HoeMdfH@cQ_dP4BF@7@TC-(^23BFJH80dQahSq>=Y{@1S^pc z6VV;GCA?~dEwYq*2PkaJXHBjUF-~|>U^Tu|)Z6uwxr&X3Aj0G9RnLrIbgtE^V+~<# ze5sPs79d({E?D6$=zWJhBz#2}L(>n`5_g4jZX0DgVt`|$G1cguw4d^+x{(Z1lgO|r z_hsmM!0l2rcr5fN=IHv$2dA6OAkI;ubU7nxK?VDuvSWisZ1^-m8Q=$e^!J>iMA@Zub0X2o?qsGu3H4C8> z=0~ABNQg0QW{?ockWt4KMh$Kd?&;c#S)L;8guV+Lq<~)-zja>ZSg!OvkTDT=YTA_S zp(V;$zI%-Mdkz_mL;c>JP2vCY&i%U@^apzNEuoG$?~xm&w-tZC<*(Y?E4Ofn++OEC zI3~rwV1wk=FT$8%{6hQ>#J2E-U(k$!qS+knBSM@d{chh`t;l*&V=2?ew=h&xm^|YJ zM_3v`biT$WR!ZzGe97A zp!Bcdx(zW&?Mw|4LjkhKW2AhDu>1ZccVDdBIdE>q^wvR?+LYse6XugxLbv9U(naL* zy-qa7L?IkG(F0uMH>Lq%v`jih{joN>{sO;K9hoxhN5Gui^bE#h`^Vloknw(Cr~B{# zOJJk%!o3_z?!n^>xHV7pg4+c*Yh@)TbElS0ruX9o6S^ji;j~sU?aro5&%4G;LEl(`;W?tCQ9W3#wuSL+ zgPj8w0tj3`haH-4!TF=ppEsiPMM#|wmQ$IboW`KbPHD^FpsE-3#^BmH(|UOb76E*{5tuWqJv z*o(2iy89F+9kW=p$q=#DW!P~eOTpV$uR1p>AVM1leFb>jq84>R*iD2~;hxsUoSB~7 zmMZM7?B)?%VAP@_*JU!)j_k~{9BEnWU_+gU0J5?`URw(8jO+{w%;Ah0gT@GjPmpX1 z1P~rh!xUO(6kl{^NCdsJ7_aaUM=)uDDPC9#GIUb{-vQVmy(xZ{p(Rn0fs=H93^sLZ zo}b|@EPRJy$FL)zef{%u-VxtrEWfj7l8At`C3=t~?iaMCMVlz>f+56qYjR5Nn|LoA zzik_PFL^LF#%)=i`?V9OP}qg<6RbqEA8Y1=6Y!#6;}4X(4yFT;K~W7swoUtcs8AT% zn02on&ViE!h`?!3eE-xow0DN=Xr`oy_z_^T?cJ<5cHekZWVXAXU$lZ2cOQ5R;vC_6 zPeO-^Z;T~H`8jQMa1!l}jm#AQtpQh6_6Bny!jaz~wjyTv%K#Zxy305->=A{l?cB)Z z#m?bR)6`o~;X>L*ZV2y`8H0^lvuo<0bXL_uaO)g7gF(*ZaIHOhf>^V}{bb+Ql6787 z`bu=d+Fc(Y;1az8RjQ9o7<9P<$;dy*lPVQ0E>(a3GI-1^7O*YhXg(jdd7j2;HmIcdP~UQuLMk z${WJQI0AGCpoBFcLGBw?i3KnqtIymI@l%+@qCJ=MwC$Qjp^aZJ)*_$s~V1GLR$_r zxB)F&I$j1?wx5zFA^rQFZgBPPMeAYxZ#ySjZ#!=f9ULTH9DArYEzdlMBx09_Tu3b= zzQ`=~+Ka(j2Axstnkg>XrIosC*|J?2lymz(RovLe(O!tmrD!5p3AxLIirxVO#R|42 zeJ!Cx@%{VS-7S`%zo>!DUolDsMueLUPTc9zC{ANfiTujk*i^?JK1K5LKkr0f4(qli zoa^Rexv|Sicy5RDWWuN$rRTV@>A{0^Zr8-r8{KHKOWIQ`oV#YW*45_;K-ii}kDwvB zKKpO1z0dY0KD%GL8oE+rW$bqMn+k8{Y8-U1RT&$^&W^ozUJW4sb~*f7;}#VVN)CdQ z(Bg*Ufg5T|UlV?Ab>CJDoEwy!H-)VD&{DzHKhu(s>EF|mgen^OPs3$ea5UW|#{+F~ z;Qmt#tKpfK_zL|l(SQ}ZKv?&E5<|7`Kz&;{QfLoyGD9_uO}z*D6Ls_!8QUlDpzA^) z{Jhd9H>`r}hl@biRV^v3PX+OYa(e#7JjR@c{;O>JlT!26+A&}AdUWBjb6~62IaVnW zGTh?yb^g}m&Is$&B#y>q!~lXlTSVyJShN1}sRnbH3$tj?;sab}!!_}P<>I~Jf377b z(jOS9$lz1&2C~3`8d|VT_DR8D4t~X()&+%JVpknz8%dpgmqXkUNinrb9a63_G|#rn z9(08IHAD+{jTPge)08I}+Gx0(`0;{@-4?WTrhd%|OD(rry@e53&&m8Ezv~|cLawvL zk~APe@M#49LUiNeOZTd*a`;(0D>&$hG_WkC?-=}RSbulcui>fuC_hgyKRD)|OY!u3 zHYXO;e>uZjL}dA)F|4#_y1Uijdr0*qTOd3PQ6M}$ zcj$|OGayJH&$s>Fk!E|F6B;QI{|$14i(XLj)I* z5~$a84>WiXv>oyj4E-E@husR}7nNbzeL7~iKfwf*!YaH7El>baCR@3c!YRgvg3(bz zAaN`Dwh$#Pe>htytwO2r)0erG5-{+ot|$-?(5AZoFLHH*B_v5C)`*PYqJN5M1vD9uvhkwt=3D$DP)FY>ObhSA?eNI&YkCcr>-TiHHiCb5hC zKczyEZryrqB;#Zp;+isM9@dqE2cQ4SKnJ~@jJvhKCbs%xAlItAmqPMHr&W{B<1@wv zHZp^!DFLpSb+U=k5Zw3O#Y(a=mcWaZm5JQ!7}}uooOgdkF0{nplv{ZCJM7| z%I5w<6a9^g0j%|*5gjDPhhyh#beKLkkjr}}a{?_EZSx!>6GfH#Mj{6-7-IYLi0V;;A&BRS4K&OgyXW2_L*jfjM=Nj zDM+uf>baY@hO^@#1Id}$>Xj+QAcc51&RhB;kSCxV_xqafCO6ZHGP?BSb98NniZCvJ zPOtvrP`yJu$aS)c_Jn9*mBC!joj| z@PGC#Xq=O*0`5jbeVRdqFbWY!B{Oum3jhp29ZT7!{8 z6&%~cCk8&pom9G@EEoDl1}dvb&tyOhC2Z@eGE156T4ArYh^mL!I>Rpz!JrV$$HjUfPxnNgUC4p0eCci;;lDrUf zv9z-)1Q-jINH8#Rh&S1?Bj3@FY(2o--x{-!^(`5vZ=aqb@_^j*&aHw^Bw ziw%^Y%CfF1U$fE6G9uH@$MOBM^{kXF6A_ZD@Lzk8A6OZzZ2=(fh(09Ip5H1DDx<@S z*&tIy^z#j8qwbtGMNWL~5$}Rwe=T^tAVaTA5u9WkcPa;^@EVNqAA*m=m5wgI897QT zI9}b>67WooxkH%~uW?GuUR9?bH&!TwpbN6gMZ$ynkoNfofP|s-{w|Azqu=5dK<66O zgx!QAAubU3_vwN9hsUXh$(_Va^eg>cPSq)Ojy?p89~-krhhF*$)lDv^jz+cls+_cM z5SwU?sG2`PQH7tMcCI%{Ex`>lyFC%>)!b0zwl@ybwep-i0AV@HGPmClyU500@>%Wulh@A_FSitTO58kk{}&Y z&z|F7Of@mNfq$8f`HXR-Dpg`|0y?xr()SRBkm2&GCZ@nWfPzL!HxFr8BlaehZg}iH zc4+{KMWDX5PqM}e2Oi#@!7jr8+*6`GUrZRP2B15N$E0tOM)aH(;)f-SFmRDZa`h4K z-|L3?&jJM*!*LmyaL>dY%tYXJV*~>r3B&tSq{ayfcvO%H)PD-zvz;3LTRRuVGO++I zEb!coay3tm;$vi01RAZg)bPhF&k-BJNQMwjV*A*6Dh-zus zx_(?aa{b|-^O)3}XHKIaQ9*>35jMjKhhuZPQ;qH^V)vPK$zU2tv3R|V6VB@%jmmpeBvIW zab3L1*YBI>(AXdET0J9lDn#dkAOOqbDx9o$kS~l;~P+HHZh^ajtvzp7Y+QRGZCxr zmtcvfKV=^8N8I{RM@APC6yG@|_!0eprXNU+qM>h-ZX_A7BKQ*3ZJ@+6C!ykFlwwZP zm{286O@56+;c8W_cRuPt&fQz)^!DpBNd;l5A{Ca&rqOy}6vtjbRDPwcZhh}RF#lfp z0fKAvPuI0d^W*(Yc+vE%L$F^}9^TvPO1t%O2uG44Cnx?J(NXuuF9oEk08T)$zih)t z<3#^HQp)2BzcQ$I%{<~}>!$k@HEsG}rmo!@-)Few`!J>VxOL|Am49LA*}+}dCp`_S zf)L`*@?Xp*s}|ngzpihjX`Y{8e=#@L6J9vVj0)P19Ql`d$rg)Gao1-A6t!XPFf5q$ zheeI_+Nx1*t5S!RlBpK5Mc3vg-siECC+7LGY(VCQ0AIi00uL;rlsg5($yn|=Mwtwk zNMh6C`$hxr+Lky+Zy=4GRb7_k!b=FxL{$0r)6I8M!3M?v_;ZLqYtBE%GtSx!&d^P%D9f@=fkYnW0fB z&9_$8}pmqev{^mJsGY3KX6Niz+I&AWyG!NebSRV_N#tinq+D zDGi+jj}(KgX%&-0k>`Rd@QOV z2UxSCi@FZY=W?7|@|nDRq6n2~psu=RvuWm0JhO}?hjDOiAF(=2jWd2o-CoqImtVvb z)vu6i1$6_2Ab!&LxBKId*|dnu-z&W}KkDqAu3qLBgTB4nFD~pjZJkEjH|^K1Heb&@ z-!Jb4-+QOKtWQxl=Q-am+b|nftu}ThZ}W3!_E@bSMo$MaUrnb^`YK<~pE6(l52rHQ zOS8Z0*q>y+KC9mK@~nQ4?PDY7qu5dH`HTOCzQ09v;5T#kVh*hke2aCzoh{4wRI=-B zE!lK8?Be?rg`l&$sM+Lh%ey$u-grJdm+q`);Wt()lJ5lK`u8l7?^@zoJzbabjXgwW zuJoV25Bd7lJl#BEv4WL$vr1pS+bjL__*zNlGy>$3~NM>G{lirsZY6}Ly z;(LFVR{VYkx2{2`xblG&-*LuYMbTfwZ3TG+FNUHmH~kMgq3y-~+|uZYdx6`gDyYbh z*vDM!`7e_=pD%D3Z1=Ge%$5`dit>l zTnmS(YXo2wuGywM*X+Dng!$&Ec*6?>!wOKfOp2x>FTi14mR7od;=TUEPI%5m+O`}0 zw#|k7&%4w_ZxH^|XMYJay8@AEe(WYn-^Z>D>nZTZm%(N>!vbUGyz@=yAxaLFcNGkp;H?!$@ZS;nS*OC^IIW|+1I{aA zgu1qMs^K(Pk^c%0vLDbC`9t+;uJzm2QCvJ1G0YBo-w_`ak)25S~ga@CL0-r`) zpT1#sE*5l}K#o}kxRBs#ZdOU3zZF6-&?!5OqQk!&+>%y!yVFAVZ|p1xYRKXx>9dlW znoNJhoz9@ys=)v=<8PN`=|1+zH+n{nwz0P~*N26REYEWG-ztY9b!}I^ZVNHqLIF%|g~-s6)s68TwoDf@3IcKfe6$-E6(6{5Y~ zkb<3Oc=6=$aT9I7`b{-S;JSUC9*{nsIuV3ta=|g_eL2gL*|!|ZE{HXW>LpBWODfBh zt^t9#*5})bs@Tb4bdnm=#Ai?e=ZL5FSW~ZOS`JHje z_9Km}_e`Ty*6}kEj_ZRHTfZx+=1r}5MAMAI)W@r7ytBh`T28y zNT!Pc(9?A_K03KQ;)YoeSDv#VI-?K*On!fx)88~}+jNa@7j~b&e6?O|7-ma7mW}?g zSIEA`v!BjZjRf$iq=ssiq^$b8z*|F6Doo~$HUC}+Q)!tOUPc!nYthY#H<*zJEp#uXoG|(x_Edo@yPKW!p-mLv z$lWZYj7)VOCHi!j8^u98X_uS3Kpt0@o;oN^*`V@k%`e?>ZDE=))6Ex+vxPeQi#if; zw!aD3L}ctEE}Qzi3^+*TU53hrfclU76+2BzFdamJCYZVep$d|qvWg*#H9|XJ9njde z$1u%foJ#f=syaPx@VY&JXQPIk-lvY8J8F7xqPi}2XOmoCoi<`tu>P3{4wHPTg!Qf= zf|>RDT5iS^9zz7D6CQ=bC4z&vlT-7!NCh;)np=yQG3{S>Ti;vCc2ieouJwdTXQI>5 z#MwwL@C4*UQu#)J60a@YJkGjr0x?oQA5@6kSIq;oE2Zs*3b z%Tie?TeixN^p<`7;g>vRM(T?l@uA-{uI8YjfWU?Uy%s@(F%#}_Lwgoi6;9+S0M}K0 zEK8o*@O)TtI(6z#t93$&v92JRf*1M(nON$v)tpWpRXW@9S*OFNk3&kACJ(YWf)B!8 zXf{tlogy}vStPWjzjN`FU{-hnYW!^1$=Tr(>Dv6;2>&IEOTs6#-Ro~TEhHMutG}-s ztUmeD!wHk%l7d-&q;u^+(?gR;4_wi`_zNV$%oON&+J9~KAu?Z4Fc@OkZR zE;j>ib4}a?E|@OAo?&Jx)H#uCqDuHXqlmSs%0x)H2!5yrOwzUKTFqb|aZ;4Hpu~JL zC7)!BihSDmdW8vlKa3J3T|4-qGNl}o`gI{+DXJ9^=n$eCwU^H-AT@~B#)v|1`%#0C zp0E?xjU1I4{hgEmOzS7M3Ohb=wN_(>U^(I3C5P0)DTX8)mA2)sd(-VOyv0HwpHGO3 zbp8{DziDr`-L?-lh7DvlK`>*^6~;CH?+KT2QD0yUNW@F9CgJXmly(Y%%YL7SzD2Q3 zwREAoG&RoIx|+W>q9T1{ojF34#?!A0LVG@fWHLm#winq=jAz)!S8(4h^tk0LMl#fB zwlWLVGB_4ssqi9?z}TBhWtX{cSkQxc_eJ$*pXeiFS)3y8-k?(M-QZ(X}TVR`KH3c3{zJ-aYIkU4aWxqQ8GmxFYDK zB9!=7E<*a{#4-x`4AWr#<(Yjtl6<7Sxb<>B0FGKBOy~8 zi_XazYx8btlTav(QaC|NOB71>hEZwOWAM(IAjUT*3=9NYQ6@AWK^m$EKd}Gj=5@%} zT8RzEoNQ`w%s9~-A-)=ONs_W|jCu^?G#LE_y5TJnvT&eUOzKAw<>}%N`7Rw~^v|6G zhHy%g$Q*92g@`k#;dVoO4fhww2k=G49yVqyoE4dqH^ zB_SYiVNZ#iD%sQWu=r?m_TIPcwjgh`0A5ZO{Z5R_zNHLPL@~=N;q#u9v6Qy7C=3X* zL;$019a&0-b&WZi!cgfJ8qX?rIE~_b5yk?>RcTDY6$zb_G(z6~a8Wxrw zW1f2E3rx41JCV71lWR*++({=!>iqz-I|eMd@F^!|my`iRnOP18JhkVaFCoT;q#p?? za!635&x(l0FBt>$95g^VTNi#43wRe&) z7+1VQpRrX8dA5(i6W3IT?hU0Dr0ov;La9N#WAc*|^jc+BH=C1IrbLgh=norU5w_}As+XYs6x=?`7Gb~|ljlnv3~ z_%JH|k_;q`lg}qL(=X-h%7$h+XNafQ88Ri~9_HQbAe^`V#qC&@ym%H@;nD(XCE{x* z!pira=~PS(*db04a9u!8!a6P-FWIY$k=BIHOO!Sh!ATNOY8FgWNp`2kr-Nn+_uJLQ z2Jbg_=LHb=;s4^&`)+;ngM?DQ2@z+_|KGy_gQQ-9+0r#?P1M)MR+a%uI;@z?a%a-T zsldwbERp>6dQt#^c(#ASmJqrlt}gXH?MHH7XA5={|K(-787|*ocKioRAKfKtU!`Sq z5LtI&-Ij38t8hz*?qO970CA#&O=mhE>rHdP#ZEEx9&Pt6#Q)LxU(|~H7*9L7-3(ZC zNJG6DwIp5ca}$Q)lH+n}kvedcJnSYR!sI8Cm?Z_4DCLk$rox|!eM<83*pbYgiNr}o z8ByyJehWH2kP}&$gEo3CcmMW7n(f{OztsSSzHhuvsYoMZHVj}_+}rOvH-F(WI$=ts zRl_w(QSs#UH>g}8Kn#qPbM{aX}nO`rjYse>KyI6S3yVJ-%NHOw+(f_lIcR$Rtx z9*^5b#vsPB?`}1jK9?2h`{a|tI}1^TI)|6#>J1`A0Flflfa=+U^m>$Vpn{>*#s|t# zkE%TP4hjbIx>N$xj7SZ~8(>lxu)s?8QYYeI z7f0DDA^wDyBhsqv?iT;<(M3PXMv`X1^`E6Wf3zh}{yxnasp89Y*yT*i!Z&5y!`^Pc z9D1HkRlVw*vlJQSm)m*0rbWuK&G<|M`t41{E zLDd^D8U^>S4jRukzAna+`uZJ2XIBSp94jq%x+{}vea}mBaBnhEADshr2JdIaEnjmo zQ4yo}C;TApZ#e1aB<9l84U^@{mV5kM$91hdFVk7;TOQ=-bdU_((mn!RdCI0|3wBLr z{j(h1=cr6{Fdivqgct(+cONIyVH*U$Y8bIk6PcKfWf#5M3+jLZ2& zm9S6~Ox9@m78-Mouj*+iNCz;jsjfA`|tMZe~o4X3fS4WtU4{)ik-L$i&$x zPz+PFM+vQ&{#)r)}F+Y64?R~JAKpWKv*fDnv|;2zj61Fqmnq? zOd%Oo0T(Qbu#_uW;`2)g1_r}ezsyh>GrH|~I`~m&<_SMpQR{vkSGsYE+A{C_Dy-(_ zSGyPK9&<(=qNtQ4#Y}ls9TW4HJVEcA|K66lQ~A7X|BqIdNiF&$H2NSMG}VmYV#-NU zZ=Y~wco>{X2^bQ1GP@M>9nxsy4Sa3sBeXsMhNj?fNxBYn%5>4BSv)&*O--Sx4f7Z} z!ZIh?w`_cTOlt%tRiX$6cILQ#3O3bEmyXYajHHU>-(ug=YnYcQ41GwLachdgqo^fX zxD9~Z&4nf${_oqg0j7&G>ar!B4KxozkLB&TGn{UgKMGlRjE zOK?8fp=@owTaPhhkrUKOYK4t$q(J-$&wG&Goas*Sj2O6=rmAEw;{{=KT?n6Byzvdp^L}g3sn8lySi=mEI zc^T|KPcP5v*DahV(*fF^VTuI?Bjkr8ujH~kUcP9dX?}%D&9e&^lp$YMQZ!=pw4x%j zt56zcD3Dn0aCLA(QOz>=TU#4xhvL^@ad2~l(^`| z+5=ZZei&LM&o6EWZGeGzZ#39O;G|#u!Ew2;;b`6J-JWeUo#6Oc3Oa1}1dX)zDH2Z3t>(K9FI}pfH%>=|$=*X`N1+G9=#wbddqT zlT==@R64BGU5NIfSb5$I^bc-{s}SAI>HN)Ngl_>k9_{AQJ_Q1k5$6R(Z9M)a6L478 z^#MXAwHYlFk@`O~R>L$qo`}Qd(jqg<$xJweFWT=r;C1HxpNb7C?HBGZo#(~{Q?z=F zUstroM$m%-y&v4!ph#UJn00LqL=i*}YW4Ta%`ff#1(STrrYz+`puy2D1sgAU+@x`v61*Z&l z&p-L+?=iU`QSEbNv7=H_F7`!bcbpv8M1^=)Vli5oJ`xm_~~fE&&@693@E5id`nTlGrRVVF2ulm(wL6cuKhvQi|T+ApH$+*u$7s+Fw>G<+=TLc{d*UPw4JEA0p|Y>zk+W zH=3`}Coe!;vId>}FK@Rc^Amd!4WZDb?* zd7g!r?$d=?!6n1NQgQ{@62s<8bh-biWaY@Jx%q)f>rk+l_#-JmgyW4WQ$2-96#k6) zbMfuJcxgzi# z21an4C+y%9J(SuIRtzv+MjBluOABL!9r|vQq_9DZx;Um{0hYk72*$#&DszTZ7}tvw zihKfnj-ZjNBEZz~SZf*^4}J?hTuL{V*xbfqHCxM}T!`SAl<|H~$Qo=RdX1X12|E0=qcPI@V8SwuhC3usHpr<2~uV>5F_9-2!xWqgC+DCWIcVt;nTLgjJDPEE3y7s&X;F6 zyd=j0(X+f6{_>gsv09r8naoe&^nldy^o5|#<>#!$Ks|+6Kt~uKwF|T|Q*L!&2scJ& zx~-rXrc@d5o+MDsMJ4aXG+NAmPu$7ovaF=BT&h@))M`SA6fw7bMv;!kSVOx2$eMF2 zT#7TGzm3$3*HGj)ZAg1g06up%K;%4vs;y6ERpFEZ&%g!}x-E=Y;}Ujs0mFSpil|pB z^YEd>ZJ90a%6z7pzSXNntHO&*&ILlj%^1Fxy7Yo6(rGHK#FK*^zV<5-@^)e}&N`~i zKmz4Z)a2ar_~dgmU9H@ck6)OA)n0+5rX{F?lVSd(%hK%cu0(O#Zqpu2R)U^Y$2Nkj zQk?J#z?)QcjfcRg_{|i9)w2d9<0I`wyGHw3jV5PzlTwv!!uSWjGi?>lANq2CgnjF* zg?8M4=9a>W5S)KlvOJcWO6^SkIuzzzYA?1m;=nKxG2{+oWGaE?;wFRIvkbVfheL%2 z8g-`T*F`Q1q+gFng8p+cNAskbkve}8<9{BOK2FFmHFscP%#ei5bO69yXVkYGzx;cg zgx!WNzzpy1Sp44_wINJb_#{1(|EouzN5Y^Bk+;~+u5hTl=o3a-^+JToh+j0kd&{Ec zO{GuxsHcwkk8TkkGDiY(hf-nrAs$oe18AV?r<$1^xvkfKov6}Ghhg)u;Ut0G>fDHN zd{861u;bc;HNxhNfxQ?CgKXf(k5Duw6suKJ;5AdC)!IV87nX3uBo)PDm|*#AXaqd9 zBlyUZ(dq1bUu+8!?Re1PGLnlg()ia8epEkFhhphM$CwK`OrE3TN@doT+Mi2coFNgS zF+qJEbAK4=s>oDs27h<=oe$(w`b*!)B@@$gA~UP4t;O0L^pz55X~O%5;WfDo5^(YxJ(XD}IpbTEi^dW3W4x}cv#&cGMJ!3pe^@%W4L!mmiBfg%? z)w6a;UKG#$XD(~AwH)K2Ryiyc^VYKBUpR0sa6_bvVn3)FhfWB0c2*lATGiFreLVf( z83fK8(A2SIyjodeWHjS@E)SEhFd>AAO$e{B$;ph#>oLHMHep^gO#|Zp5bSK_ZBk*J z4pNASj8OZKCeha=)z?mB55-oUK?uGXwBA7D#y$Fh{2M#|Yp~7buJ3AR$po?u+|fD- z!9vLW6RaTE?v8_I&qU+g-wAH}#o@AdN>*`n{emDRd!NmBm!Vzc<25rF;OTpb!QFT4 zs<>5unOL@gqpFN}P4454NhZCQRFhS)BlT(Qw8L)4LDH(o=%j6O!d$^>*-V-dWN*WZ zip-tx945=eVk$HulE=#+$oD!@KTWH&j?gONZrJDhnvUF?kD~MBHY@Qa z)EE0!z+oA2PsaU7Z^p`k)X@Ji*59&^Prqz3IWUg%JETF>P5(?%-Qo4Qq0*!#!laDB zNP-fxg|h5mYR))+1sjhGk`FCoJ&*b)@JnbrTdH0Zl)3R7a$Jfq}LJo5N!#0ZzEDZfoo}C!7ZNV{~vMx-+DAW-0VF6Un>{s|8wFF{{JEF-2bYkLgX!qwsbuOHijH%kAp)b-Po;`&-t1>*JrFyIfjEM$o^mfI%Hv!Ui4VuUAHS}VG>mA&=luc8ZAN|2ZG_^*4)M^OPQLNKaRyBMwg^QU z%yPA1XK&~iJOBoF+ru?>^SeH+cijI|uP13WYIQB2bo03{AS}akfM?C0X!ft=e&5+o zfrtD1?fXvS?HE`_?ZgA3=+D{HcQ5VH-@r8pTbf$$3NB}y(*pbUsAJ29%n6Xg5wsPy zEBKdb?SzAEy%}gpMeof$^R3teNe+40vFfOuN9oJ40AZ(qyVuzvyV15|JgsgEHeb7~ z{|kQ%3F-A(ySGuKQR@97>Kd-0QTwx_=gDn@7o;$BZrG?7?Blj8R3<1HR?O-iU`8}W zbGs_dh44NSza7qY!Q3bvwU$#RYa8D6<&Em5<OCTIY8(0y2WetzW3eJejnxpEMc;hWQ|Thgpu zqAeaZjaH!WKSg_@w|$vz=AIu1zWn#}=YEsNSN-_$w_^L(w%Wo6spN;hDD)e~Z^BRV zg>WC=B}!7)MdH_I46sNCDgYsplSP&j{d>Jd_qIrQRbW4F(IJLX9us+cU`tf5a1?Iu z{IE^*dYlP8;%3OPiM6GznplgIP)&l*kHw{=&sZ>mC9FAlsh9waM?~-7zNwS3jdAqD z%ltaZP$HM-DGb%+>qBo&5B*$q%oKVxp!&Z3!H2ontbfx6?SLHL``D5j@va*ZMH_-h zh#+V{5=Pvl0eQ=Eb$gT}dN~ognpIC`^j-Hrts31&8 zv7n#!KMl#d7|l(b$pmP^SmpYy2xle;_<{ihX~_35KL++$+=tj!vtK1~o3E4d?)=%w z?Nc;3Zkvhtw?=7eCpQ&4Zngm$;a#qinv zwdaY9Emko|1_fRB?dWiX`je+&8h-$=1Xr{&X7~7@~6IfhaH#Aa9+rZDO)jF?rBY zMpU0OMf5*s(M}pG;fTBm6=9D>fyU)*Y*0|mMIb0=uHGI5 zQsHts1qx8x)_-NhbVal@3Otvnz;E85k+f9_C|j7GL6_YqOk80W$X1Hl--h?USkv3z zuGa}KtPR~2u8t2imx9^nz54f^l)9nQ#mDtoe-O7Jmm;eWFETv|I&;*P#UEM1)j5qz z7W)z(SOkvE2#L=aJ4G{=!*-B6Juu+t$<(&7kda7`IMwG_5$*jrp7+Rlo!7dEYv`w; zjuI;_U>!<>EdPs9eXtmfi;*?B@s5GwA4Z?-ADNow{)O)Z@JFUPQy3Gqx!M$UhTGoE7CH4_NMm zcST+VVqG15hLedzL#-tX)fX4bKM6q^9kPPPP1aOhC_B`hSHP=M=R(ogzP_cT;3rSp z$-USzEU(kDDdgziu7pAqd(2DjQxds2-S~KWuR_e+%YDyL)IgyWImwKz2%nY7xBne=EYM6!`&rc}{0`K`dP zNUJ})pGbq;0MKq0JyDo`tZ%vKf|0+g_?pI_6azT=W@7~NuO~9#>i+c>fc{AIM{uY_ zm1yv~Fr7)x94>xjuQ&0y1wI_yI2F$9>?N&7Q|&n9>bXt)tF+rf-h)o-mLoXC>@fk0 zc+GR?F5((A)sQyk{ph`aXD0rZZ;GTob;Dzwq<==(;#`(dHExXot>~03@!%p*RBnoa zsYR~Xq@E^eVB4y{kJVH^6Kt+)$MPsFgQqew{OosnX zvlNota3mjN0jVEgXNCwlyV`MsOQdXyCLmQF&Tj1jkQiSYP`6tlYiKZpJtdW+?SK^h z=a1$ivJq0cR8NH1s5a~LU1kJ!LV@UTdmOg|U@-V3Jwtr~Nn*VbuXvA}i5G?`c!B!r| zOv=YZCvI#GW2nIJ5bcO1(0&CawVg0p$&K?HkGtMK-I5Xq8yk|D0!8L5qj+YLO;N_H z)7Z(JUkmA3AH_EkVIbIl^n#EO5oH(c@&QQ!&}w83P4a=)kG|&V7rx+?p)U(W0VNTvAieEPk}pgVZNTB-X(kEmCOnq7+A!CL82Jb;fp_j?#?d9(7wfz z5F-11$Va-NHnIJl8i$cD?>3(%T3w=#2Po`eb9uDf=rj4y;A2va&|(LK???b!kr~u- zLkkx#$`ES;M8(gZnoCIh3VB&JN*#!n9?MgKuOcgcS#cYKc#}nkw-F15C*Co znl=(7X;Q7Q(n^1P?QwkfvR>tLS7}NUWdhu`I;j8rgJv4&aB_0^7~Y#_`Fj^U+MH3r zA}%O2uck>c>t?yGb(_2k%rQti7Gj&8R%j3~EydQYUn^t(dm?rkd|#t(lD^&F9KGEF z*{SQT|GUvv#u7fu)`-j-GGFrbHK)v!$2x9cTTc$aIU`~f16q~lIYT%cK*HKsi?Tlt?6B?5cb4%2rvI276ic3DSlJ%(X=g>j?8#8K?c*tR3(Nm-rH zK&3>qBZub5eQ9IN?btk=7F*m{;^~gW@+4khMY6C;mN71PY=_Z9R^2$)XX_U{CPdo; z#?Npc#-#^c-DorGuMIeZxi}_FCnO?|qUs;8EGDL~QMvlN?MV5d6lWUabkDZKTRm4t z?m^4WKXRWV_(jo-!DL8YEJ_`1C}H0a^6J!oawdd2Gbav$y^!G?XUXBSG*ZJ%oO!iz zarK6hi4tzcg%8!oRA8D3GZPt;yYZxMyrT2YwYu$N3=*p$FGP~O*o~iKm@Nk`goj2a zlEg`{ny}qVm%5Tsx_kH+?|QPr~9045HaT&zM_olZp`HS(bb&oPUqia z8Ni4ZuFGovy4&5Z_+zzS;38ogMM^7cyGJC*^sj{K>DTyeDgo2(o@XtrLkIV4p)W2M zB&V+F$PD>{%-{?x6jaq$1`&fM3mF=X89*TCiMs_STH1uNz5-SB2$QliqlIm^j$Ue- zXXghP(~Lg`nQ9FAVkW|q&5u|%X&KFP$>sqPBQjWp+4(3~w0Dv$ca5SL6V6K{T?0&N zwQ`0b-=R>>-TXWRzqm;1G1fjlTau4xo46O~z3;hzdl8}(>7lsbQicw#qj__8@^z3YEQklT!QS>roS2lU32FU^sO9 z-rF&?-Ay01$odnSU6xS@Q!)k^%8#$st7tkrl||UetA7Ic3SBP(dxB%m<9i_|BT14O z6^;h6D+-7pmWGePpQzFtr}+iV9G*txYR`hY$z|XRucH@2Y?8;}ztb?bu3$ z-m%3RtXvO8TUh@>^K*SN=M;Q}s9r*x*u5+MMZ_!Yqxez#djb#VTK^%AplI_mb?Fe; z@lEEZWSYE~B=Z&Tt_+}*8{8gCj~rL=Jh$OGY*VWK*O$(u>cW%!qSn*1{Ni)9s?`gq za!R3`%z1XdNi3Phke+9zS74kh2=V@L>k-z^hU7iUNQNf5N*siVk(%TLO%|e3Hx}*x zLWb`zMp#7I}hAXf89`sWbz2mg{+DwfUg5}UISid3ratO*(%q>V{Q zDb_TgK~2l&s;oMu6&Om2f@Rez+SK?C5lM^Zxls*c>O4~vUFe^1j{03OWG1TOJ6}Pe zds19D=4pqV+sRQL$=}erx_Br^gs2_gr5`-W`R#BO#ZVv_iM?>x>fSrvOUCAO@&~xb zmR>Xb(`Eb|uLj|^%wADq5x$*;Z+W3`=bgySM>47qo0(*bt6D$jfkS;GUZ~)SvoaIS z2qru%Xi`VqnhPa{T*_TaY7H9yNLfo!xlVj#F&#Nc#9)#byMY3--$nz*#R+L--MiK_ zbdbR1Bvu(w0(KaT=HAYYZBRqREVx5ab$x;)eS-;J}^mYnzu|5{c z@^`{2m2=Jc-ac=4qgM1G5N#L&AsdkUvzRPyEMDe z_+_V7kRo zeFuG9A(s5&?BAFyCd zMXH57wxB~>Ag41M#X(|c|0#PfmmUSSTy~;%%(I=dmuNx{{~J?%$6@7w*wGRECeL%% z;9cl+cGX`;L3ZVSES%{K&zRVvY?xb@zmiT`$Bz)HFiiT$jpY@wv26Frl%`7AsEo+r z&E9{jD)9B9Fe}bE>LpK7Xx{w6dz}+w^3i@Psi(=jVjTH3qeK$=Zg%U3QWKxP^>vaN>`{;2PU(Pj)Y!;FrXbB8*$ zu45#KWUi0yf$diHgof>T6!oUeYGk-J22=e-^Rj;WLc*lO21$%mo$MC;=~2!TLpoc> z)HfLNoeXR)VKz~Ehh9i$K#MRDqC0eYGw z#tZ+y>exZ5l)oj@S+qasGBj$`?p#EEq|2AlX>isqt^IWgRbTvZ)d2ne(2Et_q~0UE ztw=_iR)#(B9Xd9vS16O3%y=6NI-rQ$fdR&t(2%8LVld&_iNq6> zZ5D``+j+i^HrE>@qO9%pSQBbIg z40fgm;r0OwznZS{+qeINb+8(zKz zZ$~n|3CI-2g=2*U+IYcKT?rn z%%wxtTsH)u?_22bR^sqs0`t*CfE>gjct{o|5ue7nx@ggS=)xJ*$eC5dIR)r~NOS}J zg&f6CK925CMlsgdegFUssyIeQ`ZY5xWp4$41KTG2j{*UYLopuh=cz+RHAA{-MW~Gu zsl)$AkQDr+Fqs13^(95Ooxr<+fox9Lmd@LfdjLwDDi2|fng`n=WOxr)Em2(s0E{j$ ze9D7GfS8gVBE3h$a?mnt-Rgb@)v@UuGR+yWKj}N353tZ7yrm`sRqfYvfc< zQE5_ps+XgS!>qR0L^qz8aF}q#NYBE0OK2cI6~_(sI7=BauU7gJLh?KHi&h6S*6EswXC=rzk|WrUhwi>@d75qv4v4)K zCxXq7QV_5pzV|U-LEO(T;7Wt=(t3JFnOHY1n`xt99gYyS;h0IfTr6JhA)|N9;c$Ek z;c?ELSP>bAiyk5~cVx%BM0omf6vL~HWUEW?Vu`i7E;#<+s6&(giKu(fcol5?V_^p6 zgwcMCVug942)g3ik^YPO2QoHXVd0I$KhEhmDVgsEF@n+T!IyqP79*G^k)S|9`wx(O zc#G52z9o3y-uX?136YLnHPmpFQBupDCoZ!FFFxi6JsOlabK))7ZKAkF?vp z!7NNYax^W7O<3u%U+qrhVINZnBHax>(lVmX{gp@Rgm!bv+_bCm8le`xANicT>*=B%roVAqe&=`b< zwXwFwlnvPBfuZ2It0}eSki;D;rk!E@52}ZsFvhG1G1eG}JV5{R=~FR0>^q*awG~w( zS|aZ)%Nj{xEy+JulnQjXUM((`cc%P11lH+y*S^Y%;3_d%)QqupJx$lxDxtjs@TAt_ zOBd2DHZCgATP=>OK3gLZ*=VMxm5gk>%J8SwB1)%LAIVH&nN}oQ|6+UpZ>M>ro zj!RPy9S8;VvlHI^(a?VPx*i#Ocb;%3((;AK67#K-1t}`D`nn?* zdjMvByC3M*Iw}+(X^L&W8tGyEPk}{23ZHR0(jG(Yi!A&%w>blSX2-dg%Antgh4!~V z@EL{N;)>(3Kq|><;_8Rk{l~Y_kJLXw8h_^P**v+LLpWMSPZ@o_juDHjR7t$LTQ&3+ zgKP9-V@>Iq9*o~jR1)_;+Ooq$VDvHoT~y56c{-QmttgF zsobxPD%JfS^L%yB^`}`3&MDJ(7bsqKGPDi>eWWer7xr5y)ND38*4swP2nt^6K-!jd z?-RlJLqUls1@JUCAAy9jx&~F1d4@=obXX)xOl|mupvIrW?J2kfrdI=0u$*lMPoYK#=Qm8#Ke|3)po0S=^AeI+?(IJ; ze5yuL0ind$i>^a)db;4*ZrV~)9LB?5KQ^D{_9aFW_zqSVtO{%Fr>+h!7te1`y9kbd z(0N(t1cM$VVP$P5zA`QcMndG4Lx}x+ynlMIcA7W2+})n>cd<3+kALD1Yz=c7TOc@4 zB`M;RvS8s%KQWrvY2~TE7|4BzXZ5kQ~ zCFg03`|Y4MFV|7LEbeJ17tf54PskfOSCL%cAb4^_s{3g*lE})%s{NIztPWCJAmLPi z{gBy*8bzx(Rt5=j(u?-rbzrmiIOLCj)-(x$$92}$tCWP9U@$PM!TIEbTvhCd_EPUK z;!v+O0w^yeMyxgoN1TZp0421j@)je`KPXR0urz)lhKL7_NDOB4(S}NMUU?$*FOhfF zmb3Pb3&g8YCyx6i*55NLuD;`hggl(n(*E|iyJ4M`<1s}}h3v>A881{RxL9u~Nre;R zd%zkaO_G;kt%afS8qhy`8Jo`fxq&R9=X{d>Ks$b)jefKMIalo1y~@^4IEF36c5Px; z6^Lw#b@vCs6PSs`job$X=df4n#s5xEnZq^%ov4VEC)74&N$G)lmd>v$8vciJTS1lQ z=p{y$XxzW^)-ynTEN59T-){brek{xNr`2c(GQ}@q{TzJL(u>P7;47`k}kA`rzv5<9G+PMH*AfF@c8)FPUN?o_55asj`EGR}-% z8W?(U6B>u|$&=4`fPMpoaZPF%lhX?j7a)uXGW$UrC@aez_?6HJwNG9)!oZfyotSz_ zqZDFu@`~7aNS1k_A>`HPFA*~74aOPw;5+@aIs>T8|Ct(dIxR5_xS3vR*PxQj&pVH+ zxF!+lf~R+L^QZ4f@>suxObQ#lnbO4HNac9|>BrxF-agnnuPl6W;seL75Ul-bgRZ`# z)gNBFF7^t^B(N$?d)+|}m)FAEn+H_ncJqwxX)&`O)n2f0V?1WQRWJT8q_JC_N}Q>T z&dVDLp%pp=%@A&8yrU-b!0i(axuK4a1*H!Mmq3UCXGai;PsVma?DR)L)fnJ(4WbVZ zB_oZ8(pg!kLJw~_@^x}+z_=y z?8BgsyLes%U-)GF3n%&W-JV;h7`p0<*E7|ql+h}SP35=F_Y5zWk@7=bmAtt98hJ-b$k8mP^M7A(nHsAd>boJKoRmU}83}kH`ujUC1-g`ZywHQS-v~Rp1EirT3DXP& zK`Dm+^g8nJHxT6L!{|$r<_2*;VhBfv^HC+`-JS=y{z<}{W1l;r4Rs|Tv z)H-#UG!m+Sbs>)+GQ>ac0nJ_@`T4h5G7fgM0v8;*XGRLz&Kk3NMD&fNdXF zK+i`?H=rxNv~CX**?Wy$VTKXp4b?wmX;WeVK|sF0^JBdL(QxwRowd~=o?)F1q%Al| z1)9)jnG8^5ZN$-<0g?V=kTxLOzs3#k+57!)DWHT61O91Px>W!Za|9Sojh z3566NUmad26s(Iw{guP0JW7iae*_)iKMUEv71;mDc15JwV;uXi51C}ne_SSG+8}F4L&DuX0lO~qM4vW>fc3^B2eMqkK@+^Oiqsv68}daGvj)xBoL3hM?9qbZ&bm0+TTv(c#J zs}2jJ`*XuAaxW-}3RL?$qfqhRSL`(#HR-PUPI4lo-RkA|mhjY88Y{6``l-Q$;ri)Xe> zSTc4cMmS6h{eZ!#(9kMaSG1QBcq8Yhy-|l7MCRhpd@uhj7D>$Q8~aF1y49aa7r)x!fUmU5{_>m6`A%k!-ASfx=%cSE8(8wtNKBVA4F>8M8P3+34TM(Jq1juc{ z*cJ4_UGj562u_C6dtpE&mJctQ4(Z33-M_Ayy{*;yP&3esmPE$hIM>kjcePdI4B7>s zw}HXmor%_dXnbHI@<&D%Cw^cNx>HzU^fsY1U}fac;rU`;$#=|{Mcbaq;Ze&BlnEm&;gT&J!&9d(6|aO5KQ9aN8+Wq zheHTVbBT5{-M-$Ns8K8j-aCw|e5NY`#t-LYeuE64id?|)%WR(3C#%2F`WC3%y(dJn z7g+91r^Js{eob$=luL-oj31DNl|8f{JKsKVTSe%pgbdp|A5`1BA~0|y%1te>+E~T- zZ2t!LbVLBNs+UD$aALZ`dy|I!^qk9+OTzR)Ecq`#_rx9F58>BN+iiI>8>cKRyEETZ zdgWMNl>*P9;PaIEE3dymtfUn|)Gz>dk>l%VrLm z5tw!^C};DUDNm(M;m_>(0{j^v6hX>)3nWQYPZw`v7@lNz3}1+VwybT~vuYpi)P^P` zct!Y&KkWlRy(&TG%RG8vd)+8lF`t!}$KaPKkCgAGwL$iO(+nvO830+*F~PC|YX=EE zHj7XU*pf&+rmBS|l+cT2*Z`Un_lTa7o)SAdQ z4A~>F)-m@HJeYxm;!F}m%q08I#C1R6okvPE6(@BHQF1Cz$j5!MfTNkyS|s5zjW8c# z@8o!x6ni&s2oXPaao93H)Z()|Zf&0jeW<5WS&8lW1U8N~Z+{ zK{rZTNyvv31*AQpjR3=U4x6hyqhF>h@SO4GbNFn9WNk^%>VeU?tZ#O|oB9HTOKv?v z;U~ZJFJqArM$tbXEx%jks?-YTbAY%2CdJpx`fp3i*!qi|P(Mwl1(gPzQ!b+EzlSOj z7gCz4|E1n@dO(PeN)dD580E^1A@ZV(+1;}r)Db?Guip%T&{I{~qen1{qA42dd^;=N z$$s4)#_T^8@HU@?&vU)Hv>E@2=swq4wUk@_5FEdK&@M3m_SF+NhrYz~^eZ#e4Le{@ zik-$%36J(^M0c^}1deYJlaiv?kidhKi$Ced+*;gd7 zgc}kzcKbSg6MTv*@$xE0;;?^{BZ?>ay8TVkK(I*l4@8Zs@Ff2*L6x}YblV|qwC9MG zH~ddmYIOaEO#R^8NhBh{=e$1ve)eUejVKFfus@#keEh7S$>Uqtg<(I%9w4=w3FJZq7R72&Q z2afgQ3XH<;agmyx$DB+ESC#nLEnVYZ?J}B~g0>t9yV-CZW4b19&53wiVHg5hKq2dj ztP5R}IhHC=1&fsa03M7b6=bJ4MZwqv19Z|OsWgqKOO5uMU6*IvW2VBfq8dZXFOCCi zdpf%yW8PZx6BX{@8XhUhjFCqy;yH|isy$?7{kEFA|68p zKiYz!`W`T-aHeK{)kYV5uD(=#565*V8FHT!azpVzvpO9t#`=*qwvsrKx?A z+*zBzy*M}RcXZ-4A04=d2yB}_6*u%wiI}L1S|>PW(}PVo){rUTF|aber8FM=KVPE$ z*O;yyF7^f^0vm2sWlZ3!HZ?>mM>~6ico%9zQ^LOr&KGXwY9uze0RZpg1osmm6$})@ z_I4TmUu0u4;H#IcHM_cR1yzu9X*tTu!Psg@(_EgQx*+*4-F6P{>n{~5lef3p6^}g`~LG186 z5*mObWK@4esdMU>gEBti%RsL|)M0pQrYI;1uwG+=_#YAt*zoVyfa^!j{r?vR%>6$i zwwRf?*tq^rm&;A`zwCgyS^n=1n49Up>VUcbbDiV=E(iSog@6B(5B|T{-~ZG~3Hx8P zzyCQv?0?!{_Wzpw?a|vx0*pEN-PBnMdT~zUE9@N?acU+Eq8}mK5m`#Ed;bbLLRg0o zH^eaV0}Tj5^1c7zdW8E%$)8Tn{Jqk41p)vKVb$5u+VHBHuCD%@C%E#X@>6O5e09CP zIyPkFae86Tb@g1{xp&~w=Ws#ja1l^-bD0~auvob$G&tPTk>EY&Lk8kZ{4#-U{&Uixu1R<8^T%I#n z{VIrWVl=jmyc0aHD&NyvJ9$6PzUZu}dwp4I+w}C(^H^DFvI*4R`FHbvK6df0Wbnle zhJoD&cOH0}tN$i!w0`mB=9hATLG%___XPXnUvta&xI_#=d6R_dziY4-P@VsS_^Cni zll1ewjW zoqFA+ntSZ`4DA@uLL&c*>9W&k4;scCC!R%g3VGv^NoE~G9*x6`@4x`t;%M}3#X-P9i=G?=w^PCz@r(#g9Z?$%lIykN1n1w zWhMGJQ2dDcqgH}Ac|U7~WT!Tp5v9j~7=f79bLfe@_jg26yMBC|-bnMliwjObI@r&5 z>vtAdYaUL2@X@c`po*Pbq#vZ>b_XDWp*u?yr#F~|a_@vWKft}mo5Z9!3T~F>kg54! z)wtd2_9#K&0}=Ax;h! ze`0e^*T zKZc7v>udq{5FtVft7N(wjLX$N%5m+vH@S85hrh>Yh0}EAI)@SDecw~xg*7$!bHqU{ z_mDI%=Y-o$#8OTU&9FKv9rnOYA#uAs*SVSe&>5yVT6t6w ztgCrOS;Ig(Bq^9twmNCoFeUkAZRjV%S{xp0p%;@N$h<4RsXzvc^c5kjzgK^55O)iXh~uk)XqzJl(M89_^83d*DNv1>XL$e&uwr+%|Y7v=*NcX8B3cxGuNy zJ`(}v*c zio(W!v>Br0+Izeod47EuME+c5U%(21n>mE7uW2NtVb^dPAcyDA!{-Tk3K$erRV9%! zKMf3wU)U9xd<13e`s2+JFMiae*0v!kSnjgQeX{Ih#COJ*Z}Z5m$b+Tz*F=G95-Oke zic+MacM2-*42l)jF~8drVZtlF1%FMf@hU-odBUM9k-hpNtU%*GsHPn=UA~j@Ju*|8 z+fM>}(ZF1&lcG`yW|MZ8q)z77;hpVpOD*Hd_0lKIN6b)7AWVM#QQ|k%V>lyC4MK-_ zG7VDE`ijuEE6Bzr!lRYP5f79#PG4wL!Ghf5wH;CFZ*?uB4 z88DkpBW*tH!%Kulp@(PVyqHG*krvxlwQ3s)NvOcYKpMx<+8iKgUKv&c^4vLO_lOyx zy%z4c@jU3FaF?O6vbJG1<}pRvz@hA{{CuVxDD7zC^4RTND^MOnKpZ!4OCuh<8ji)u zl{H;8B%f6}MNGt`q~^3`bO>@(*~g#gEfx6+v9M%kRl;OC$ZUQBo`Z#A?w}lyvIqD6 zR6#Sryur&jhTpt`kgUB)Sq(+FXYdSD0Rmkq3@ zbkJw5?5{^-$Sf7q(7Wukw+4eiZxq9xf{H#*cWKL^Z)nXUUl9cZ7pr%dMMML!5$u*O zXL0ZrIM6}zD=I)oo%+){6Q=Q6=K||O<(``U1_FTFt0+TfHv3$CztuXZ# zI0R8&jd8{ovx3PMZ6K8?Jm8oZG@_*^ejCfmt1F>mf%!{4H{M6{F|u}O)(Rjd9Y z9`xI@KKrE`_Y$(srdG0(Ezvt1JA`UfbFMG5rMNlgtw7nR{R{}Bh-$AStD|6H-bnH^ zT1I&Pk=Sr7%3Vent~hIsOABc8>*I9?GaiR>vRxI6lf1K_$jw}Hj1q)cnyM62c|a0$ zit9K1{LY2~mkKS+zqxTJv?TLS17b*bo4tXzXn`)=E*+D0|MX><{0LK&J*}Kbbtkfa z|E{|eaGA`P7VlNjvI!ZD+Jo6-Z;W8+|E%-IgGzFFbm~KPzsMt8#|F}nuv*s zv)}Bf9kkUb)>4qjA7-*7<(RF})-a~vtrqRL6P)an&z9vpqjT`eF28!qRP;#;Y1^2{6=h~ z{GVhrMPJHTP1Q2DGN%R#IV#W&W`&FhsW|&`e|2t3gCPbDVK>tCz>iS9n8gkWBqDra z;Gj}`^o5))gWXqsN`izb4E{{15I3(@^!c&5PB00=(tZqv@|B9LVWS%d< z=nq;@Lg@i1zQOb}HqZQ>`J7uF`l>M8do4CIekUX<;bPa%$c;rMX2{opvbgyo>P z5voCvw{NAsqiTlu(mb}hQO`hJbk$Gypg~|~y0X~*KAd+lDz!wQZz}qqXJIKrWP~D> zhA}K}e-gdr2;{z<5p(zsyxd++ZGBnQGPu2nHB;gEE+`S(Hms%;E;WGx$OMH+vO za_eQ>4C%JS_qSY0iAZRrW@&avsC8GOQxVOZ{g1^@F-di*!Hii=nf%fM?%p<)v|4h2 z;QgSuY>Yf$JVS=_5F{df<{FxSHQB(eKm%IQ3LMeUO7J;}iM*ETe9uy5Qtzrxkz6JF ziS+@EZ#guzLG<&ijg7-|p295mN~7vw!i}|GFT|i4-XH4UB_KiS+hNs2n{@;Pp2`RK zusOeyQE03qlt2c|3R&jI?S|q8V4fonMh+vpZQxXIerNhJU{VKV2cW&c6wBPrvVF@@Lv@VG(akfgq5QAq;dkVd|1k zGf5KS$q%2-@Lfh50`Z~$lo2)2+-CfKU*b%r-bL*CcFzRM)I1C%Nw{voQ){*PjZro$ zVy}PDYb!Cu-H(4>%d`JT9mJW~nAh0J@QiAuV-Am4H1e0N_&5B<<5CxwXLw-_(%UC> z_JyTi1rJwLAmM&OR{kBzZ%qrbW7);Aag|p<#Eh~F;D9^5wFb$FqSKck{k=rGW(mcm z7G4tAjBD7RA?2r@?dYg}aS#1EEW11hgVv;dBSNofPS~_*NlVF5wZibb45K{fch{+j zc4Vup=sBzcgax{^@ew?!^$A2=QWsklxt_8~oB$-DT_I`y3gWshnNIMS?4On6nqe@C zBTY}u+*O67r%WsQPc%@@B6I=4C2Wwj@VvA;KJET+79cp)m5CN z?HWR`S=)gOB9A+9kqUfL5J|Mv%@LfL<}Dnq`l?>JNC>Y4kywFg!lZQ*^-EU!Y{tud zX4;Y7AZIk==t~8k&)Yo^s^J@4neg%+Eip3_y;ceP&+T|LO0yxO5p0t7=`&eWtOrWT zJk|g)_?zl#bh!BE_TOQ}1{wL|g^TR5mJFhLs|r_IU1 zV=z$B^CIt*uiZ=|O;+W=Ff9a5!o_@~`fIh$;%N41V(9US#FKP&)cvi}vhXZlpKv8Y zO}ca_q*hx)yE9T*1fnRFTS;>jDxW~uCLAo2W{i-!8eWm3;(8Y2ar#l!Kd2_CYH>qu z1Eo>J;S9fDMP-xD9cafFf5~Cl7krOfW@E#;-upt$Cx)oe&}~jHY@vl_G5{hT`UN8A z`h`hAb7pd)P(vhNIE6->%+9k1m>8VLQCZ_sOL{C^zP-%hX6f<}Rma1$6k5ahJRX`X zwJ$5CoSQl_EpfP*(7tkKfVLFY^uv_XNP>5jz?ne)PYpW5(-^HP+*G~Rj^j&RbvU$e zS1*PORoPz*5#oT1&0MIGWiB;m?tB4K30;bfoU6@c4cM{_SDh&uw$)CPMC1+7_Ewno z2Ecf=d`7!<3*|+zfwzz-!Eg1TBH7P|Fg|*8^uRhwTLCbO@t|)a+XDcsj=?P)606f( z4PIo>L5_B7qG!OWDq>ivq6{8aL78jjV>Jimlcr-V0D7ZZI+`78zHXH)-?^QB2`q}e zovW83(7i@&i(x&J``;qRdihctf>$RUBLPxtEB6)R37RubqN2L=PGjB^c{S(;QL-X6 zrA($QW8q|&a+*acHqx&nI+#fjfyo%m%L5)CVgGi4-XeEQKMl@`Ns3OFy&O0@EFOm3 zQ4{+L!Gr0!EMDGXZOU@_A6^W*QB?aZ`!>QrGn@?wvHc3=AgJG+=3ECt>;8>cOZ8b4)*nl(da_(F?Q_3M6H5cq&VMJi@u z3I;i9roJEvr=d=hcz)dO;Vp?Mqv2*P=q60}?Re&ugd*2pX@%W7;sy_Cuq+mn(6L@&yYldjUFg^uvlVX{ywAiIyMDya*T71ZQNW)=$ z#EKP=c`!p2>jB9!6OF%q*@?O-OSEcn+fSz^8lbRefczSz^ZqW`iep>c&#I|K1zz#@ z6{>E(AL+R3yIH7^*v+m(D`@%V2-?*5bdNQd^Rqb%=bBa%O+^Ax$X!GG>p_eXSg}41dt>g0&DX%*hIM!hy+v);j)FEY?z|o7D*lzNCVW#E>j65M~FOo zT(v_gDY&|X-5ef)Bq^`lQmRGqO`KsEY3bYRgKdomvpO@RUD5)i9T)|Vl7lZL`W$|# zF4DaaI;}HIE17E0kyr4OjkqXWx!uRV;vg7ckTHH*0WiVwxo-SzTtd{s`e&a~gcQ9{ zW0XS?(z-&#m&)M*aEL~t_2Tnz|L$Nmox;|Bip0e;U~2_Qi@QO{|EcW8UgHgct`WmS z{>Q3?vBw6LDg0INAl+4fkZkD;$#A%ZR9J422ugxEG>CQ;y`99^&xqIZPIq`K>i+1@aIJVu>g)_H zF*&C*YCHvDY7V7R0QM_Tg2`d=U~P!j4CHBUtPu+Q*RLyd|_RX0-Fi;ZEv>Y{^Dt{1iFpP;4<)L6h;uxY!_z{K@UbM2v+U zVK+yz4HoDTa!n$E0UDuF(W5rzW~Y$+)sUSB0;RXcnbviukW7pu+Wqr`FP(_uQ18_{ zQkP~#Mx1(>tV7Fqg3J_rxOhP3=gOw}blDi>=903)%UFoT+P{o0ISvz<3GH3Bz!pis zZyWH4>LI;n)RJo=DLI(zj_|o)?ggBC2U%97qXN|tN+`r7m_P$FwAW*tCKsc|_TO)8 z*w>u;c_X1ZYAaVr#zmuu&y4-;j4axjya((1!}b=4nrSJ9&9#8~lr~`|oG`+WyTJ!~ zyy|YZ%jJLb*NrM`2+u{OY_|<@#IyOvO#-k)qs$zqYij5 zLSwRKY^$2?Ez!+J?UO5_q5|o3Z2*~4MQ;c+4AfXFZ08tNBQj9OePbExc$Y z>1LQG_n49=KWB23LIPY>sVR$eR*5d&vl5hrYI=DSzC6A<@YZ=4X%^<474oethiE3@ z2w(p(Tk3kB|8AlUy>}%guor`AO20)o7CszdxDu*E1^lB zjK=Kl^_)-zm4m^n)#9?0S1PL>V}q*r0mS69`WWWH;rW)2m{JI}lRm3?0|!l0;qi4s z8bBGyQW@%9(_p@yM9#(quV<}Mecq7!!!qLef;cxyH=PE5C2NadLF);ZVyH0M_a7V6 zC7F5zBgB##-!G=hxV|Oz6WfL5yn5?;{?>2&Cw_|#-?eJ965tdIk(*26uS}%oai*Lj zIbT?W-L&-tC?ql8SoD2&epJs0lwQ8p^@q&An)fslNUT_rOcGM?(_#Qo9A3T@Y{+36 z5nhRr1P^JeXqbT}>>Fi6v3e3nb7F}QDB2<5OlZ*jE+%{^^F(P1ITKUYErChQun_iQ zU@rN45mZOz?nFOf(-+u%g3%Z0ygihPQGdYlAreu_ptqOSxw;EYqZB-67^b zqvVF%unsnaGoqOcSX^@XK|{J8Kq}pia=gge5~Kk8Nlrk7rO-W6K&{R2+2qlgs~q|G z_KZ`zSPue#M;N_98b`!n*M=KPf5~%|yS?xJxdH1$3cqPc8&My%k(p*5nLdMa1t_9qpvWSJNoMs5oNXYQ@UsKXpAwUkeLS@Bj9JaHOA+0mpj zl35l1N4i$WiEV`RMQa&ZISz-{9 z&gAHBUckDb1Cb0;xpyS9Zqz*C+zT;fBDdv4fTc=my+E;?TBFa50Gr_1>RE=d5p~v4 zDSLz{Bxd)?FECYxnT56=S7rUBqfuPj{St#OMWXNs=S(^d{3`L-a7Y$vUA%gMEXTKdiHC8S9z7{t6c2kimp!Bzv=VI$|Eqx+{UN&n)#cjYcrA^T*~ZF zU%9XjMe0Pg(Vcf|{*8%dq-~qDI)sXGOeFN2Z~jD^CyI^qw%@dA0X&e_v&{~xL|HEa_VT*~ zR+uT6S-&SMwV?Gq5Iny#9bw~CCaHg1)pcc~z+Abz56}Unp(-O&|Ls*G?W5@hi;i(T z%wcA)o2gV@7=oqqmG#L2Mg4T^6Fya=Fy9i7I{2zwS(7XVBu(JJL=Z%vb#Vpu7szsS z=T7ns?m3LXI|s-?(Ur}(;W;Q@p+9LSXp;()Dx_sbxuYg1la#R*!X~J~9^2$4;6`)@ zx&6|dW=$WRTlsP5xfm;615I67S;QWFOP3(ino1@rnp~||wCC%Y>KvD%OkGEI%{-71 zvhs7>oP4DiT!+gfy+VRYirbUDb0D$`3N|z*(|C14F2o_)HkiUl8a@+>CoMiC)gfs*alvIY z8O8*GK9@=&ync9aS}92%UtqreDcjH=ggZEwLTA%~9e-7O@zICj3@*W-zd~2;cMJs`!R(r_D6gUDE{0-82xH59{ zF{hEo_4(-j#!9$0#$t9x=QPFxCB?&#j!!XPEX0se=4tH^N*dVi&(?V|gF%EAoedV_ z=z|EEYIcUDXW2m{P&s1;Rk-zv?(ZxBFu*kz?Os6C&d!d|+#wZboWop?{=cTr6AYTu;R*O zhuK-tzLXq0o(E7Hra;uW*3BhrJbC)50NwJ&jaDatYfx8%Z$rz17ep>j~j8>~lbc=r@ zW4^b80ty;*_7IFFonmE9@^|5TL<-~lr%an*0taRQcQ^GIy}ty`CqJp!rY>41l z{EG?GCO8gPBu?&U} zX*Awfmc;o69&;Bk%+87+9QJv`YPF0C|nTQw|a*9YnP zBDKaf%G6o2O(=^^&0H?c`UDn9&(6%iZI_%Gpcts&_H?43=+FJe;YdY|R8>$-!90Eb zKvty`dg}0%nMqe+--@6a->#K==^SK`t0;)TJ%ld86N}Whg+R|Jp%;q}{<^E^UBgib zAKVNl0oEW0{B1oAp@VV<2cZD$A_B-25+Oc>^c5liA|cG3TsjWCaVQG^#@{W;mM=LS zJ%^p}W1L{)0-1UEPZ6oGx=2ULhsYi zyeUE}`3s>^k@$ZP^cQr8vbj+_EO%X1fw?&KFJm88G94wh{V45#n&=Q-NJ|npiJ3Dx zUcP(F<_$_|Hfuw^SM6AdWUDSaL#Yt~Mg|gSMn&L(h2-n>6y@!5jFawY#tffi%p3No za-vZr#0vj%7P5u1r?$DS|1TRZW!cAgwRZ812 z{WIxY8j)-ujm8+rI&dW^W)Sq4e?9jC0>s)teB+EUP2V*b*v0e6Oozt*jJX9pxRG(?%-K>lrT?-a(@ch2hT=Qe?3AT2v`}Ye7*TcW zkWs}2WsB>*ZixwS&738?JNMNc7^R#hckha3Svg5b;kW2ThH#cn~p!RpUm1W7%v(Z&#KeVNXo#r8Ux$ zP~jQe`V&XXLKB%a{%2GMM@ud{eSWd`*C!igxtf|Phn{Ypa$R0zq28Sw{7l3^?%I+y z>8!%~g-|=6%!Knu5;sclW~|UmH&Vv> z4Xbxdh+=cc8uG-ekF%SHG)v{sSB3S#w5Geq9+w9xHT42A7xMy*iM zsV)(LMc)TVoS@!`UlW1gK6G)Q$-D9yyS`9`a4AnopP)`JlZ=$xQ}?p!&Qt-kfr9tU zJ{7!L6Q_~__iPT%8Er#d1Wa&33N?x{+)u?-lPddnzoi)9Nee}aLZ6s?qfT$1WqYSd z({e1*c?_IDw5#Fp#Tk*$W!nXt#Vjm^EzZ;nT0K65aXbSp5fkbf4p~gqNcjS!|H%b%a{P%Qc556vqW=tiH&>bl9*i2A1}4kVLe) zFXq$MVuiG@!^vXULS8&%qm)Is!)M5hqWTRZp0qtS)S^ys3O zxuRMx;zW0-ZYCy=F?A(H+dFxNN|-)xSs6FL4oek!ytTfH1&sv{Km_^J_>3-{?%RAp zE7L(K384BY-E2qvjt()$S53~0^YlJlv6`AD@6qRGN$l<};RTy=YBo72ZDiFChnIG;S>gWm4 z$<`iuzw>Yf3Zsm7xz393dK3~)Xd8uhNra{O2~xtVx?g0G6TRrMxndf9d??Pe3lk6c zftyboBG5B(W-$s|Wl&=YQuCR*5};e7%^?;nK-=0zf@TVw_&c?x{C*`OH3nF?q58>b zaSr%;?$MJgfT-iZ8L3r*k(ph2Az380>oc})d(WHddTmy}(5)Qe?vNV_rrq(W-OwrJ zsfdC|*ny*fgr8%6@gM;&$$1F#@@U$u(Acb2x#26bA)vt!r2cjalds_Bu@U)mn`jjz zt29Ly<$R!m{`DVrVE41x^9W-U(#?Df>=7VneDyHJLtr4o486}eZm41^l=*_z;OHR$ z(mFii{|(Chk7P`44rbQ>^OTk7f8EJ({6Cx=+ke@~{pUKz|6NY*|L45S{~Q7OKg}HX zf6>h4ZY*v~xEI`9P|v&kj#)LJ`4y(k1BkQa^Z@|qckG;PCENW5C<3HY+Q&&MGrS;r zf*Id)FR`+2Y&!~mq5D^wG@~a79ZxhJO}HqS|NDtQR-6f7yXxJ_?L2nnyN-(}Bb@E} z>fpY7+qvmFj`%n>$ZDG@@AKK?VBF>O`Fi<++r0AF8JKilT0C{daUXj)9?3o?%wrGv z{WR6YIa5BD*CM~g_wjdwBR`Sqqn^uBx*ESH0#7>ZHPM$sWcv7*1rk!^-h1uyT1 zJ~bva0({mA_r9X?7eHD+L__s%)^ll6Vgb{YQF;h-=8 zZgdQKHaa~+#)|a8+9(`VzSPUy0L{BK1j@?^4ekC7J#!1EfUl;1TeU>Vd!$$O@_d+b znwfB7gzf%S?*IX@7Lz@kVGiwpNJZ{#_BT=?kKr>p#RYBhZR~?ke>>o3|KMS52C1%O zBTv03;O{6q`ugozGN;|cEB?ARp~}_=_I&r5fIUK>QNShw5HEp3V!+%T{gg{Ay~~`d zWu}AQAht`7GOFl@^&Q(T8!d;QFpD#$Ifzr=H#aI`r_jspz`6dzA*;@|p92j{vj9+t zFSK**{D~LyPc)ic=*kqmt{GCeNH=!coa-9VIx=To-W$1OFrpAm$7~sM#0`81zs0RD z=Mb#@dSICNsi$#^k>b-o7v@s2OQFJDDrWQRj;z=ngrfMlO_5n2e!bl4(Kx7Hg3tTO za)=RA_U33U&*X$DL%q*7Y^P{8TXH7%zqeG{bqo71+6w-a21eqw!I;eJ*Gr0`4QEPk zLObo;K{{=fX=Si?ei?ZfErTBh+x@qe%AXg(cn%j;;J)W(3s#J)QnLJuKbPX2)zJ2N zR2ZsnTqx5H_PLidK%so+?GH=rd&Tn9)e3B?Stv_*_!M@|A9dwjwZLp|I>7V8cmKZc zuHJ0Kbc_KA92E6rIUKGh@}9*hizwXqk_cJ^l_oFXn476!3yfg^`-D7> zf#`3XHl=@1ws|7TDB2c_S;@}8W}e5D7r|JoL*`LLAvd*YxgX3fYIu*rJ1ueHt$|_5 zb64TUKZA+shOcOY1|x0%8Vz=BwUWV`W(dw#&S&r?3riEkCkf=l-=@X*teuvcUXT$$(N-9SHw*j+7guMzAP z+~;U6E0ffkru<8k20Z-rFIP^y-8~(=kQP3|YZ%aXhKtMJ%Psya=x{!Kgya>iM22+r z#+~|rb!MWIAb#Y^byXcbk17~R_Kdlam{KH^D9PzqpwfkS;M??{vRIi8m8^*34OR(yohGS+s`|jz9@W@gKP1Ks$ZNPD45W%yV=1ie;(wP_q}Z+iR~OM z`5FgF{s#OqV&{>`$m-}CGXD@pS+}W`wgoDRv}!9lRx_C`|H<-vK(h2y{=8d|(1v1i zVquBhZIn1DbyG7&yW-SI(hd%5b5v&zm>fDCLSI_A&APkBt9nPQw%m`RIbeI_o_}$t zX^(LXqz-a0l_-q*ihHLO_92zzA;MbEO4o3l3YrKj-xYv4wg#w-74V1iNmvp@kR6(h1 zKcV{i8O)S6=jwK4SYpi?<-l&jnAkO0yBT)*(ovM1awa-iYAqpYez~lzaSrSCdO-{- zeuK_8fJg2-#XxQUk$tdaW%MVR+i@HoUu9#g3}i;Z@Kkgt>SOR)@U=DjLT;`A6{)Qp z$}F;^spwH(+pzYvn5ic%iC_{1-n8uMm@xjX6MMoSqOt`qVsC?lWHL)XeddkW$6}Uh zZt%`e!Opr;AK&A4GB&Kx4IbT3maILy$py^>^E}5oo)hy|bNvJJ#w`6Xxad_lLSGG8 zb!_lg`q{evn`?x>{HM5Kwq>NA(+m|JiJ#<)vcszNXGveCM5eM0)ykvr1)Dro)S7#R zkuQ`oY>~*O;YX;!Kk*MuLw&7bTG2me$M#vXhsv5vOX8XuWU&<~@(n3Y^kbY^77(q- z??piB#d@gbPo`s6ZTojiLy!VI($LvO+sn%-wW^Z@wuo$K-;XrSa8sK>fLvgV3X-|N zpmd<%k2=3pWcV>P$_mc7o3+$+xLsB_3A$lSglv#$LcCN6LEk-&6t*T&VV4=oAr{2I9q7AGZqCh;43zzl{qC$sMhbxWow2gNBFB$C2NS7IS-OTvql#chPh7k0t%k zcPvotd##@33Uq>}7>!4!CuIQOi^o6RdJeo6)P6C%Gea=t`{KI>W9xN$?EM{;zoh>I zZQs6LnW(`69=fya!~zgV3W{3>GP_MP1iq|s{NN3Ij}rGv(ND)ZTdJ>gHhm}pzK?6M zdNn;rIG8HulM>=AU}{BO2cz8aP^;X2dobn-^l8FLuIXUQxb9D~G?WUb9tED@y)jJ) z$SX#SWR3SR=NFCw0~p8qyL|qbG%sNFCA&PxDysM!A?$uZTvkM1Ox=8`=COocZLB#U zDD?M6aMASmSk=`GLuV3#?Hsjt!HaIe%WN?=SxgrDuV0ZG=xaS}2EsrcS9c7ab>c_T zB2z3#KbxJgI;XsS(!?Ia;`hNm}oUZHUn@m&Q^BsX<30dvlyLM%oY zLkJ0>YS33gwNsjY1U&sprXkdH(BBL%vAnwE{K9L@YgVcG{UF0$L+4?fC z3MLk&bW)#MX%6$wZP8%^;pa{T<2|-sP77zC%fajXO7x=>4d5rT&ziilA0T<8Tul)3 zHF<7n>o&!)$Y)NPHXlSiilqVtAwvpK33zG+tLZe6M}|bGiQI|)GIJ*@?S~6z?Sr=f zS08Mld`{yAnE_7?yQAI5I{R239v;_|X)r{xozp3yBgvO&+fPWCoPl^zz(h72+LXq3 z9Wb^gT8nE=U@gbIvg*4)f*Mr;k+oIU?%SZF0+7U%VnQeUR_*JTbL)s2`E8m&NSv!H z1Vd%0@P?XPs@x7@@M_qvaZ+Nw>gwKJ&$D2tNP4@2ig{TaVqXUIiN1!i%7XPK zy@SqHjz2Ga6A`^3d>rg`kgffK_|_I1QMQ>o_1+;6+aNmaQ2raxG;Oq@sK_rVw& zkWZ1f%{=cuvdQ;T=Hg9<#r0izob71oFHT6aK<(?Uh2mvznMqzAtob_G87T* zs}$U3F0m#KpP5GJjQyLoHl$&Y-K=U~AJ0BL8;3x9pHpR}rYo8hlQ;5P%RzjPxr;Li zyf4a~p4~1k21h*%Z?`}dHlSY};Fz>86<=on;EIi=olih8pH_!P+{I@d{I_>~@>K zdT|pg?~`$r(7=GJCIhdeTmg#bycMpT~8#Zvo0B>RR3qCtqP)77L>t5JuDB*j=*Rk?%e z5n-V#qk#4MdF^-g-Hn&p_y&qg=`)`;0gpN82~*% z!oMsAyGKZ}l&I5W&Z9!HchFEihqJfpS5V#qK=Ncev9v*$A{wd#{L8X@$gM!hq7Y^; zk8c!W%v_aM9w!AQzL)vv9m`jBSULFa z@p;ex0M!s2&qub+*wWVkaN)C*6Z$#z##v(&+14mpP87W5GfuU)wrcvs{bmCe1W!m$ zcs^==NEh!rBu|?n%7CDDm=rH#2V(ft`d0O&YlJc{>?JogyCUIpw98r`H%6<7?!!2t`=j|UZ4 zf421?cA^*rW-s|?hz%3@O-$0~h>Mlg?|umE)-i}Qd$0joYTPa?^`R1Nrss*PB=67!83U9lm;hS+MMT1Z zS2C?qp$CA9LMK7>o^#FHtd!GiauoVmZ2TlIcg+vR17`%nFkCo5_Dt_1Sd6i-;Fywlce&EsCP|M!CJ%A&UH7Y>6H?TX-mvQcyFVbZ3LWC{7Q>}h9CVE79t&uex5yU zA&#bs8cmplE52ZAc}8PHWDVRfDPNpg7+xWYN`*%VDT@XKEm-`TuE;{OTfj>2fY0@cq1Dxjr<*o}&m%b>&y8WRlIuiC7YLGB%_k2Tbi^r% z%^VLmo(6wRex~W35xU~USlR4;mv#p|<(x!R^4n{$zTaeUIIU)Uzm{6~JB^I%0(16T zzxGD*CITMx2T?kQQ);|{@jny4SugUYu#e;&MxUAUSjAX z*wUF24oDG*d5KmG%)CtmxR4ysi}aZtTuotKNaVdtJ(5Q|8ZjN{*A;s?ZKvd`-w^}0#S zcR$3`@}usVE~38^w|aWG)8B;wC{0>UT%>gnO_}{SxL!m01=vv81Q13tp_ZhtcT51S zP~~zh(yMnn5XFqNOeD}V^dGk72edCB&b@czyX=i$zF>yY*Z>@q;k=t+++qR|YSrr_ zIFpWZdNfbmvEj1h`~=>_XnhARn`=lq){2c6>&Q8~d!@01@-hkJ zTX>XsO_|0Ts_fRHS$v<#4B8CMv4XFt(GuC&j`~9+n_(CnqZCdoP#GOx&R@%{2pX%3aqJCXhL8MwfBTj5m*)Pf3m~ei%Z5DBzm)t0{y;S8!&|t>6RsRFBRL8bTD-Z6<-y< zZS*2ZxPe{Z)yT(Oj2OMNKF_buwPs!F!74rV3n$Y~9xf8J#${b11AeJV?3}J7+_ZvQ z8|acKSP4UE8ylA!djFYF?>i31KwuGa=hzd z^DtzHaJp8J;-xv*D||owC`&qgW1-mB?ZFZP3)l> ziaxz&1CU9ivpKe}W9cs8U?;5o%5TL%$`oTXsB$mjh53iC{Pa6h>JeXiobO(yE$?n+ z+>1l>Q@JB?SEc<#Ru?+AzqmgzY}ebObIj7YH2oj0ufEc^qk<39krB#6LCN8C>g+BX zBygXBk?NkdSL8tqhWe8hv)v;vbHr$Q!)x=`+>TUL=FiK(KDmZ*yPEkDONDrY_buMl z15%b49H%Z6+SmEM0_*sB88RaSSP=5-nxtxr`67X2n=BCM@T~5ZQT=+-YE+@yaKsas z^9_jJJwnG@NiuoBVQmdt@*-^^1OrR|Aqh>GPEprwY@0VwwWJ>;%UZO{KU+>ARiqF| zMYb3!)e=Yu%2Hq8m z<)?IXPxsFQk{2WXPms1!m}^BKRdPj6O@rh!?){=o$y5*W0>W~*sXuXQ1XWVb%3U;w z5V;tjQh+AE&_v6MV~g8)!mWl>l-Y3|8&UCh>`#IDS)2D{dg{^-2AKf$@)TJ*@yzr; z_F(v;IbaaB&{s<(tbz#!GRQyre4=?a*3D%KTY^t6Od;%e21h^W@*uD^FH0s>KRSy3 z5#yr&gS&eQ(&cFv1>dV}uI_%@T5a35ZQI?eZQHhO+qP}nw&wqRd!IQcW>3uQxi~j- zRZ&@)8BxfmGBbXWX`3056hUB+KmkliKp>2N^o2^IcV%>#aS{-yi}^R;J?yzfVi0@q zPhKhyZ-dPQP!}7N{V(mdKqTsJVL5fB8WJh-;?Ypv>+3wvS zPorA#d{g1LWwnDP6xr?2W#A3;dEISB;51%zbCOKjT|4kE@B2c5NeSrOhsh38a1e>5 zpNnx4RBSZ}v+(RmHWDLM%MDucrb=s-=fFHSBUK*{Q_!cgvv}L7ZTs{~8)_nHE%m5+ zqvlXF#PCsClohcckpz-bz&-NDIe4|?>z zsV;vyg=lERtPoa2y8TKjxLpD+Pqv0qSy=_?b@f^tZ+||+&v*BiV;z&M1+UleKOzfC zw4Td(0fW^vku{4{PJ){lp%IJ#~H7rkc>N8aeN>NI4)%Csg+;~}QElve>{ls|WvdGqJtUn4^E6GYK zfTTmAdghT%E9-k;FR+4RIi1`YY^CU878Rd_aevV^KH2n;M%&BuxS;fq%9$3q*zfOM zih`c6Pxc&Z?{8+5+s(vz3EYd`;Wy~_`Ynmxabnj3YU;j+lLfi{ro*Cx;$Y$E$CCVT z_i0lDO%1=1jEAm_E{=NrA?7S6=Bqfy`mPLAT+3GZn=LEt`8tZ4O*LvO-A^6rINh0u zmI#p23cs_(jGtLESQMgB)p90oy$8LP+~+nJuFB*P8} zyXDr`+R)|M+8ht;`QOUZRY{szo7sp&Ps6%^y=`|gkLE^?w@iK!AB^y&<`R_|XW#XN zdutm*ZcVrk=1phSzMH0VjuhE=TMb;kf?CgpDXnZ5BM+9b+WaZ?cRK`>?vo|NsF*=P z7Wh-w5i)7flyxUBpZ# zDp1eP`U2O8O>xqzIG!f8wzVs0U;NXigLC%DK1`WIdT5U06_7*el3`e@5;IskAxqsr3~l!Xu*z)UAaJ@*$x|3JfgGCc>}Ya z94jQl9ma4o3_!3R+%Qf0gpI`bSpA&&@M;4^qMnHLt^KNz`y!@#n+Nz56bBQh_oT)? zUwI#?8qN*O=(9-q5OVEU#SM3U0c!E8I57J%HDOEuUFBVpaJA8vn+G%E0h({#WA(HtuHKWHZl{a|& z>rhW!t0l+L-?o~0IqNOy)-;SivnJK(=d$U%CkqME_B^KdCfhdmEnJ5))CQ=(OG4JZ z8TbNl$T<|FKO;}Az%;A1dYtCeOCG*-e27FcrW>6;-J%YHx~`I9lMNdkjkGcL->Kh` zex)-Q=?IIAyc6+hQpPF&TG!AkNTagCSafwnYqa_AUc^4`5WZbM)|dS)@hid(Kv@g!J|Zefw{-p{5r+ zw#*of(BGCMCT{|<=gK<8K>y~jsYq~G0atw=s^tp?d$+;SsVM@DTtt$)NU|{9*U=j+ zkH9b?ZLgFes4xPq3)#1yRBHZ-ZEAcXo zVm}hMxmca&)%BI|N^y6!W(o%k@V>{j-)zir27%JW;l*0ZS!WJzy3TRFYG8d_kBf+u zPm8A#(v|*si6_*MjA~TB?Rhb=T9`9)@w0AX0YWbw)L?pr9|j%IE<1kJLIZy%n53Xf zZS45lgsxmo4E1mevV~6HM#Is4Op5x=Ev&C3Xt&?-u7fe+ky?E|kW_r7Ke=sZT=BVZ zy@eKYA3iTmI*M-gaMbqdGWe5KPxfBvO>-B3!oJ#|AkYDjEPV1*jM@h{)0#W4%Ir(pP%t z6h-#FTKtm2q4U6vZ0-AAqP9bLLs&(#JK`dhy<>dRcDo~eo>8P|v_ynFbZFjwEJx+> zAlN2;GGQB>`N(DB5@Y@8iO)7HXdU*JYFCZXUURrKwH+OGeyC$+Qs`;7i`~rT=<%`} z!bk$m2HqRHz({#14XT2vVFn^mWdjUQ2Rr?!V(3qz-oHebIfOQ@S1oV!2MMYSjTladh%DAzj0=*CvAvl@Z@nTc0MPB=7 z4-^PMtRxdAfkMe6{t}DIS{?_Z7mzSvT(?9v*Hv!84lynP0=t`fSgj-GhbfcXJ&|7C zcA{^nH45EnHylPuYgwi=h3rXYtEA5Ws!7AU zgHG9OXaGu<+D!$ecC5Ib_zEc`v~eCY3A(-L1)Z8eN1?8$syIjyoq^3DdK;J+dP3{; zI*>NX<@xKc7*+pY*w6mrg2Ll?80hr=pukL0WvbNp?p=jaNe^BlOi{QR2dqM`h*v)I z^?&E8lHE=UY&To0BRTo|dXKaJfTp;>?;twm^cbYeoH|^;E~@_0^z=(aRO#u(A@25< znCAG9kY`banMqFwoNv4j&PPlVt(8!nz{=>U!U7)SL2{6ac>A}@o6D~QEb)=aT*jU7 zg1_BrD9pdW6S~ItNETbA3In(-xhaM5Fcj_qWr+M8W`&iX;vB3pQn3;9ppdOFxtGCO zQa1iZcb3&3_pvP-d_+(=;7DgW_TWL_Eo_dpA1G6bF~a?>Fn2~X>J+O9G}+t>Y9i-% zZRZlC3bPLAyep^~yI}NOLJq)-2o||8KYM`2O~(*}3y+-zS>jBU1xD@PWtSe83dkUg z33&0GFzjK^K84OAzU#epnm{FS`oO&A%7@Qne-N(TTkrqxNb3Jsq>-MEiIwGlCbQ!I ze>JHLbaem4q_X`tP3nJ?{oid;|F^H*$UyhMQr`b`s0{yE$^WZEUCLUUHX4aby}2MC zSN+B^K(9Dow19<`ySxi+X4?;ia|5!Z@vhU{bjNaT@pS|1?$^3a0$+rAi(qD)Q8}?4 z51uMIpK)LyGMpF<9WDBH`jWly(Y|T^m~!jk$&txe(BHzL&A2l5TD@=Ex?bVs(*2ov zs(2d7>E5d9aqrkZ@3HO4-*Rr?Ra5_7ojdj9wvkC$Ql(w#@owkQQ2ud$xBt3ZDCu~z z`FfnW=y)o4TDV#E`BD17^K+1o>~?Phh7Y}LKX^Y=y%>=1c%ThvWexqY^m;km5WTo~ zzrGN?_ zcv8=|az}kfVSA3lFVHCQq(OoTjrS57g*ZR&*<&PDJGdF`T*f`Ysuf`oM zS)TxT&sBXmIZlirm@58QvK^7*ch`07MP&B83eSJ3)B_!>BzaBL6eL)e#pN&ic!b?{ zFqDu*r*WGfhCP=FDLt3%%OH!8!P2elX$A{ZJq8QjH{^pM-!BGHS~N(@!2(;ns@Fk- zvz>eMnK}o6RE2I!zm5FKQNfd8L&@(-ieQ_bd+?*N_v@~7(Ck(_EPC(`%IDKo`2ER0 zRe`NvXW(`&7f+Lwbvw8$sv^>S)vL{r481?LKM!Wi%wV`OCsWtqaqt%Z+Q^;O&{KoH zrQIM8v`1JV)du#d@elmT!?C?Un!6X%`O&k5-#CK+hTw=L-oId~4zusdl^Ppeh7`kr z{hAhSNdLcK>dKZ$4>xHxf0ZX2-z&kX#}n@7LGJ$bgg63%k#*gE4jF{9L4h+c~Z7DWxanuY+0a z>G$iYf+Viy;~fYA+XwE;lo!p9{kzH0w(x;wUQXKZRF@5L+NQ`U-mL(T?%#_K<~~?x zDN9>;H;L|Kds|KV)krmCFBqB2t#xOJ45&(NJ3W z_I@Jz2D6r~!GcsD>BXc$Q(fH|4oF7{P9~6h2l#OVLbA=HrgD1E^2iy+@q`8R4jtl*U0h63WXuSCXixIJ;%CQ4; zyu6P7uZqKSbH>3@tIMEvvV+#@B-?Zf2sstDso@#0o){hW%s)dKa0kq!YolszmvhlBt(%rV zs2G zot|JMC;#MzXr>Z4fIK``qj#UAc^Jp91ACjhQ2XA{_vn=VP!1?ToGJehx7r{)`JUN& zds@~bdoBq?9D71d#G~E<2*ul4j@c7eZ1E5Y`^9nKfeH8m1Vz2e=A=$lTJi%3oux_?ja%EQQX zdfido;PQ@O$1;AMBqq!aR#+lof zWysK9US9xw^`xs@^?j+$?cuct(N>^^%}DP zSJWvR;fp~y({4vR0g>%@oQd`L7MrdAt|#?aQo))hl7$r(Q2O>R&P5KbD<~dur>|9y ziUi~8Ux5(lZpV?wcFC~Bk_a60-%E=`muFba$tDhR{7k_}x9l)w7 z)}_R#n-l>?6z2Wb`3TX7b*wU^>#FrSzVHch^@1d@>yc{dcP+!eYiXC?OgHWP>Og?!e@4}PX!Hnhnw#_71AEYS2`cm z7;3Pa+jNJE38{>dcDeKf&0|DQ;A%}-6Bu4;nCa+}$M@H^kHF{(8e*Zix1uyb)y|lH zLhF%yoJ4vB-}>Gj6~#dg^T-SZ6X{4K8@%9EBUS?rl#f6psvR#e_(P&QKmV(R)#CT7nw*W%9@L+SNq4 z=Z^-@&@?@ae#Pr&3wuP)-A$%G%R0m14Rq%^Hnq>8gZC5el`Z_!E- zBLi?!G+T6A6YM$+2W@QntB1X3j>h>S>}WN_o=rD9-AWQK8Sn_tx}sip2f0Y(f-$eU z+){Mj$r>(t4sbHpll__$7AsR^OG7B|7;gVYgY88~wL?Q~U> zC-LNiq%?HH>MpNkr^~P<^6%Bgl)t@`IS3vG(FjT%A#G45+w-*{O)vxA`dFgID^+T3 zP;;HOO%2#Ui?VF4ALG(;K%kEU=Do#Ew(|j|C=n~ObZC&*q@YmjP--P>{6PV-pW=bC z2k-6-f2yv`-?ZoY$Oyqacp6ksJwy#4U zPxqKJwghyYP^Z0Pj+v-fDxNE52icW9QzgnzkgAf-0clK8u2N-`*meF(9vnn&~&A$R0}F-g&07_+wN0{gaSABq@S*289*;tlmM0 zV9#O_9~A=gfirXI-=OcxIK?5xBEx|-HGDiOo_hB1mZ#R8itl)1%*^k)Mgnlc2j;T{ z$1iPsE09D~>GF?NW;*WgX3c}T%dUdY0v1}f)k~d-GkYyWA>l4TH780CdXyh9TTe`* z(0^T(;cDcWEY}yx${i}H4n#7xMQOrG-KH3TFp zeKjvV8a)jrEp*~BmeMnU|${^LBfq>o~c!tv#*xg z@<16nYP=k_ink;^9V0AuiK7>cMF&Udi%<#9)|%6UT^@0%FoUV77wneiCo7u(IgkSj zB%=hj13YMx#s5S)ND;oO=vQt93T5z!1?bZRH^+5`%2GfPjc?n^NHOEelZwsFVY$+q zznaN#<$J>sorA*Wq{7x%>_h$Qw7^CΞ2J%H$W(IV;^HTpi2M5F~)zO&lxD$g3ZA z{T!;Ux0Hmhk>DO@Zdk9s20CVu)=TAaqN4Ram74th$atwnWj)E6Ei~5XpTD@g%9Wfr zm`U%c9rySgNh9evbir}GnOcmYd^F46t8m+1sRI!jkH2BxoEeHjcztiFR^-9cp9w%! zL>*foI{JZY*SJp2zCq-r2!>Q~j={BB2l2uLDFJFuGg<$m1WRfWl0dD`;KgoGp-n^# zefOP>C|ebeNPskB53@~lVOB<$eKqiOv|mge+eg9#aj;mE_(}2!@yKt}cudATqjvyI z7+zp}bw?hI7oK7I>-IDO`_@mqJ(dMo$zpB~#VU6eh(pQba!L8O?MSPsg(KiBrH5I&Qv4375gypxG>*=O&qU zl+n!Y1vbG1ORS!ICIE-|DZqiOj6}uvbHcviqS_{;ms6T}Jtrg2uoRWLXXL5kbYF~u z4U7iJxOS8_b^nOmIQmD%o*pQCz{DT-h3R^HsN!&jj#P$KpCr7wmI!nvb8hr7<1(ULxyd={$V;R?A}T@eLN_ukC3Nqy3Vck zocseU{O_(u)xK9(4(YV~Dl&v+1u+l-9kgsXt3JdLG@S*jM# z@v(9&ShA#rsOQrn)fUxSf0P_}=8t>u`}!4ekaF_cZFdbfJfL(FMX~42wIZba(*D9Y z!KSKYdcK>!-#@cFdAQ~HA*6`1N`X6MAI5>vUw+m`HNuy%e}5tsW7TkKGH<>B)!630 z@n;829SZM=yb|FmCpnQ%xSZI(`&Y>PeU9F*h}LRC2ei!E>6A zoDuYI_1zun*N6e1oD8daFGUvL=fT?um9m&7&H9@>L`g}A#}2c7bA)RxF2$qs>sK%{1G^8)Gs0e5Q zke-p%V*`0sI58aB=#BiwcaRJwaBAU zZ!}v@%<*`hlagvTfaE^tDvsIJhqU#|WwWiog@&(*Hw0Hb)L)2~l+O=H4d^vRpeZi( z37Ux=LsDBL#FL$gHtc=Wb6@*yg;VG>#N3T_BK@Fx!!cyRW{Mhf7&`}~nTWI=!l73e zur(j&lXi#*H3$>on&8h&EtZAj9#P%UvE6q&Fy){`7ft1NJ6v?2g(^cYqq+P#V9T#C z>%hVgYHWk-hSo-ZiL%ufrN0&S@Yh2|8pkpaOSIuAIaGg6J*sZgUz8TSpfB%9de9%^deAB83{2?vy{(l8-GLTi4vebqNm1WPA6fL=O6b3 z6WJcMI~T)7O-TKpK?tc-q%ar)yK?-4q9vBDf^2!i=(lFy>>JsJs|~>fIMD?e@4LK( zvdZQ_glb!3ThQQu15}u(vI@W}br-1(Y@}+L)_Q;3uugEUhK!OpS(6TuxMde{k1Xj9 zoa;Nbo}{I|k`7Zm$Ve4T1SRp;zy+)8Z*hP3f1=PIdIZ|~omfY>f+M+qZXjlqS}3Cw z&p5AWocdCIwKLlj)Sf8!@hA4M-|qt~6mR^KyWR*1MTG=CTW{Vzt^b?ELob^khmFnC z0HrLzI-BLMl#$lB%l#z$p|+rASB*W5(Tc#Az{2`ypTbx=Wpt5=aqnOwTMHnJ7eMocF8Cs zM1e)6riTdYOY6zftOJo#Z2BkE0{cVD6$zr~h!!=jItT30vF)Er@w(RzE8bbuKlyTr z*&He;MJ;=M4koTJ7bQ>moC!opmU}!xwBUsFcqh56CW*`~NYc^zS$(^v*ZZvl_0BaS z`HUFT?j4FV7>>4(&Y`xTPm7K37wb2J{DW90S!{OadgV8#Utm&}*F2Rj*RdB54kN$2;>)CB-F?YVFBH=~r4fClNViJU~i#Tr*xU4y!9G!lTz+T~?^IjXv zZ5kXRueTi?IFf{#`%)Kv%~X3dIdAMBdt67u+ODk8gV`i)j6_hf&euPew>wXAhQtlR zs1e<4_E=d-^SPZ6?Iyt~*Bl|>48eKHXcE@vVK48Z2_Gmz8JYxD#^fr>Ji3B1r z8jhy|06}mGI^DQ1*1UcusmHL1MI>q$j?bw4lPQ9{f~Q8wnqOFEQ>_ zf{se{MuN@w_K{%$Jb65LDh7t8$BMe_%-{O!bb{q@E>95473m|W_Rs3s?HnHY<;mMe zkF;A}qy*Mp4@pu+8R>??&vDd~T0dsS8%Tf8@lkpfuBS2wE}ho%`wjIP z6!E9dz+{X`5@^yV5Cz3Y>jOrGWW4IwJl!sMF*MfT{o1(;WVTAaq`S`QU-!O{lI z4-wRsuHHuZt_g#am9xUTS*dY(qs3Uu*_+_l9LBzI&&~4zi(Sy>;;E z)6v`-JgRFdJnqHLpQ(1==EIt>*F~&%R)#!QBrs4=uZkt=*@k{tk~i|0d(D; z*kBU+7D^RcicgSMDs$uQ?6k^F`UcOSdqi7#tvVdAddPijhin!Kt%DoHmb=* z5HfO-1S@s2oJR&@&L@HhGmk_zY9WtAXj1q48hHA?Y6#%-F}15EQA%ekHD9>K7=s!~ zb<-O;-u_n$mB-KK@#j+5!&zW9OD5@fqTccZZFNA4u$B=Dggh#`5$1UEWyNA^Pd-f za@T=dO)JjR0~0BtdRmuG+f7l0E1T)`%{PZ3>dPg_fR`Gq<#fM2$cbBsWPC4f?OJsW z`4BPtsB{5izzM-v+cjD(*qz(l9_DJGBtzr3$!lo;{1zYjtRjo=Zf<>=kQSepr3wPv zc)Ho_Bp-2K&sKel1$~?YId}35B5^@C$vp_1zG(KxIu2bRbFHKB@v|Yr%48d1Jp?Gr zojEQOtovqNnnfOEzVgI0Dip{h{awb}$s5jCMfHQO1m&;otH{2ZDTz=Vxs~6U7*C$K zkBX4&Hu9l2re5;w6y#&Azo3cqp~_cDX15b?5K)X_jr0aYu2h|4KXusF9FFgcZlD;Z z--e4l4zwE3W$JljVt}tnFABM8o7+FkkECKUQKL*6x!SsGe59=h?=YqCq?z;vi2AyVEI2bI9MF?b1O-UsSeF-EdZd0fv4*Y}|5^w<_Z9%hJD28!4^(HWcJ$dB7-2Zn$~B zcFW+OC8J4xgEzd`TJ>T~M14K!rHH*w#&El`OcnmIUk>Sc6C!<~eR^Qc`JN7*Na$Iy zUuG!1SyG^@HbSTx+q@KCu80bRdt_qBH#aG-MD79h=TY-mK(W*-1+miz57PWZE;b4N zJmEuMgYZ5Ul=k=OV-bnZEjyN|U#TsX5QMSA!OAttltcL}PtjSblKNCZRWje!TsZG~ zUY#!Q>a&uwQ~N7;?q-P-t`MvYCRk&!g;9EW1$D*$!YKTXM>Z=3UBT%?lz)uzYl5l7 zLEjoL6U`<6u65mxEh8X8U7^{W=_D>#{T1z8?Qaaf7UG(vJ1ZRFWS+VPUv>s_lWbux z%7R$%7n3SH=d+adt1&6D5eYQFZqw-kHDplKXU5@@266{Bd1JelWi`!ax4QO%qT-sq>zsZ~iv6N-%42Q>fCexsorJ)?0tYJ&KWw2`exw&3= z8vl@{Gf>U~5a^tsy%`EH(u8RDp&?+RHk!z?E|#K@Xln=I1fsx`fE&=S6{lsrB1hHG z4wJ(ECuDyJ-si37n<85HK5Zp$=UctQP#9nl8~e?IkSVSHk`}E{At|$MKg=k#hcQm} zSeLu0d4kuTU+YhzoPf?7RUr7?=PMw_pxH{+u$d4jKxS37YC>()Q9V}WH%nKnUr;BF z&}{-!(KTMbD`%T^$V#(XelzKDD;slpbYfA#L`|Y^PIfq+wM&hEz7m0EPC z7=bwk4>RtEad3Dr;nDI{BvF++>Gx(>v}@Tm@Nkd6_6gS0TqV$yh{jdg*k?7>Rz_~J z%d1@8m?9h7PG|3!Sn7!fcKosX7PS-3)6x=u5qqmQy~lD^NBoHehRw)3hgBZwHJW5; zjQ>3xq5xNFfMGwgE}+Y86Kv~JV^>I;cR$e?LMbW5yc&Fi&>Opxwym=!pgoYj>j8s` z_h@>TImf(d)=JC6ylx5RL&U>8gZ91%vvhjLWNE;LduV0FoDxZu(qv+?EC16p7q_k6 zWixWmz-!pPZ7FIfG4EfKX!JL&(G8l~8 zZ;XE4+|1PK(_Sqp$n|gQ!L*8N>6r&AdXkdbLH<8q=sV4?N3YrPOZ-3kapxLTGB#|U zpfIg1mlraB%IllY0+;~GSWp?0SO1Kl*7S|O{6)(K*0A+T@sM5j*4uTFTUEV&1B#;i zO1JiwxmmdWHOjJ4oTfz8Sj>~_gcT{%?VB|l-Y~jNpxY!)VaT8!vYvT|Dkv{#bZu4a z6C2UqP>S~Gzs0hs#52PnOSA}Za~JOE)YA1zK@48ki-!f|;rwg1ZVY@xpk5e8uzrr@ z50-I|yn{MZoGw3D|J6>4Lzsh>M620#TQc z5T3w~lo*p>o0yzW>RkZ23+EnkOzNp$qKA~y!q%ir)lCx>nFe$vtppyANUW%^gv<^8 z;p5ZnUhon?Dp1&X{b|CKhm8uExCJq+lglTiR!lX*CPY}78H)iqv}(AY5X8Cw=6cQk zH>FVE--UqM%|TAi-w3A*ZH6aehM>oZdGR}RKm_UBbs?tobZzs-<2Q2w+V!|gd?CC!9w{$0i&(wBahj#+1UjUA_ zT(Ty@l=7btaK?QL`=|cW`W+um1l3!~&$RzGmx1hTKnWl(in5KA4XQ(YD+Q46DIUTZ zGztl!)TjoY2}F9b1UO|-+)8P1{rjSyzMs)95`k>*XnkWD@Qg3{=P1W?3?vr}EDTpc z)KZ8pDlU@idPBah&d}3D=gdDxn}2f6rf4OCh?t2cMi_xK#8R>2h!O$Mn4$QYCZdW= z9sN@~Ac|C5W!C~QCV$len*EE24cj{3I}t2~;&#)HS!q*8;6_viK?|MMMC`P!;~g!& zUe=zj3T`trZbIJS%U66lnS3w<{^ylZyTFy9LqrtVh*C#4VD1r?zDdj!dn}YGl>vDI zaVGL}Q5w7`STs#!gdzJXGsuA+C6PwG)-P~IG|QEgz0$YPbE`v+O~tpz)_+_?w&aqJ!22B2Y`L$$y6k_uxfLmlCI+Ou6& zvgF2krQ&P~Ub(6K&VS17as6_x{u9`-YwUxi^V0qH(v%nMAp(|46?h01#*0ZD-NO9X zHE^8U)56`iP4oQsBY6L$Wr$Itz>TE*N zjh`$xKc>PLBWg4#L?Cp8Ygkj~BF}eK6A}BNN)=8WK@NB1ts)_;wt~hPF?Qk~fKZrt zRjBICgmgbYd*_w#UZsGqI50mU=Xx)!xgZmz?)Pj3Tc;Iy$b&f{KfJCE>rTIn-^We8 zi(-)6W=^BjX6VK>U2}%Ebvj{b zb0%FIB}+`ZMLS8G=|EBy30q&4py;J0IAPa@&*~R z(6T^SswO3^+CQw`a>*W=!iZlUnpfnNxzS5Z4h*erNnZCl`k%8LgCMy3!p%5=is?}k z#-cbA9j&pkod!+ruaI&>aHdCiah>V4rG9Y`s=G>NG!0U2;OK1M`h zX7uB(H@2~M3rZ{%=t-iS%_{nS`x7Q4U;G_e@tyc%us;HKc-dNYx6}bUp~n)p6PvT3 zJqpzcl)rNEHdKru^2SihE#(JPWUGH8CX+$^DZf?Uc;v^7ESFBw5(i{MhIxO`p^B6Z z#2rEQy%FPRb5f5b1So`h~v?W&@O7xTcYdZ9w67;Ecz%{NIyb@o~!NjV- zG2W>xtrSGdM_ew~& z^JQs8QEG692$y;(3Zd~=_+%@EP-ZHGC^9bO!Ke#t0OWJ=9aP7)Ov@S56jR^79s zAx8v%4K&ru!s5xM{&_V5MnT8^NQ>byMJwn<xehK1K1osDTNr+^}hd< ztNnCOI%w9{IsdA~hw@MSqj>wLOeetSZ+U@91zSy-C#%WbOc=8q;m6=fETc`am)7bK zj8^nwwVzT)G*h7!Tz8eWVA=EATHUoBhm#foow%e2C}rjtm+<+_kJ^VC@>y5C{m`X@rSD@x$_TcJi(;B;*=T31pWTd1 z-191J*$Es!92E=IB2vZKgGq6QEt6EGEDG#n9CUlNpUdr`$;D3ldTiT@C*#0GgM>-G zG-KrYr`8I@Nc50vrdlCv9F%RGiY%`nEP6Yu>s%EULc0C|xMk=IY|4wV%H!d{xTx>k z)_5r(h0!@avc0!iBmLN0<}J)LtusO&8;R? z9Uy|x-b+pHuk@}gRW!*L`y>;DDfxvRtW2AnSh}COU+!M|1N=@(2A7@LQ{{VMgV>aU z7-W?yKxKDAjat(e!VlRc@~Aj`AhKJKoW3PMgM!SmB#5Qq(76b+_@xOMWTiiC5|GEy z5_1Gb)&;*<^Y3it(d{AahAa3^`IWHGrFal0StYO~;_lLE90Zggi=wZyt~_MVwTxjd z_`;}^7NzY+EOzDGWdG^WYmQ?!DmhX3RPxDy<7b;8T*bhrZm1jfJ zZgNMLl%vJ7X^)^d&N1(K_VOaP)bvuwN^v$8=`T{G-u3;q0kvmKe0E5f%i*PtO;0Y@ zM3tE;{wrc<{=Xph|1jPEJ;ct8|Njfb{=eG){}ZvZ{r3?2R@TNe_E^-( z%?0_q!xL2PxYH=d6+HN<9aaO+V`bO;G(6olOq=F)K_RZVwVqC%u0GAD1k6X!v*`C2 zn~}205-Em9o!96mVSFDx25fv^=;Zs$p36WF!o`w_+bV3xmv>f<- z=g&8HHH4WTHZEA%;FBHL9@pzH-ChUBa2}r~AcVlmmX5u*lY!QU>wS_)Ed9@xy}gB+ z9N3b*y$R9*6W7_DobJ2+6WQRa{k=65K0KZKm)qOtv06Ob??qosDV`t>#IA?*8yu0U zZC(s`l^!4koXtwn9Xy zR8_SUI&}0P_UhT+&lGzrL1kMWt8w`axN! zJX|5>Ox)Ig;7smXhcR=VSt4#4!N>BqhK_4DXhmCu`cCte{#1Ph8qkC8whr0?K3+=LE4w5I^D{VQi7=D13=YBD{3C}leC1ECmQyR* zL6DXpt^sh!_<}pe4c-f1S*;vC3R6!=#j4v1!Z`e?`EjdHb?`g*uGPw+n;(;A-m2KT zi_b)RU6!Lt++~eKEXES#=0!f(tL3_uFBZqkau4ci7c@@Go6OrX51$TR7T0kM4e_Rl ze2r7r$Bvm;u&eBUZEa)DUY?jbmpk=L%>TR$2aiVkxMWezg*%=IF!?1P?#wzZsTX2% z0|`~kq?=$SSlX5hC-6sPBVUb<(F$z;8905-m9W-~32rBjhc>qB7XLGkeX+u;q50;x!y z*e_4nyJ&u<4GF{>J?=mtd0`hAJ7av&103)R<#-Xdi+Hxt1MLTzRMq6zq(Q5uE*@E` zRG#!`?D38FK>=5~RTBnCd)x)TgV0#S(rvXW6j8&7QQ_KLXxvtC96*X<201X)?D{Hz z+#i&hdrJTZ`I}qYwu}U=rGz`151qQl%|H+tu_zCm*gbLsFYxkQPN_-bCOHH)OwY9| zT{~8Z@$)MN`v2h8onm|OqQA}Bwr$(CZTDN-wr%^gJ?*J&+qP}nm|rIOXC|3R-ZyhO zmuqEbt&5#}_Op{G->?sX2N=05biQdlHez_t;;R{#VCM^1auQT+f^7s1?!4@H64Ux= z;Yr#6E0fVs@);4Boll!ffecL_=J=8^fGTh1QrFD6d6=%r{L=O!7yjatun;c$3<*QN z3C&in-49rM%a*Ba9WQX33VKH(PckHq6ZBJnVC1?xjymDH91>51g?ta=n!-BEtd*1eSq9xyJkMr+~V?YWH>zN1LFA#-C2*axdThpsHN>##!NF3{aU= zf8I4u+fkKtV3iGLx$NGiS5CJP-V_!$D#4rokaSfoU5mR)o|s@xLP#TElH6 zXH^ERwfXr4L7TL>Vs$-B(8mH?G2cMRkTkQfI>?5vD2IXEGQ-}{iffru=OklDrW&7A z^1h|gh!gc$;J4|`Rcx1wyAc}>F=p?=4|LAJ9KFm>yRMF)H!f@_O#Y z0xj59#83u}FNxnOgBYUpFqMB8CinyyJbV-_!F*HciwimE;|HB{xG=*>C+180Jh-ws zjuLIH2X_|mk!#vAsTI#7B_NR3qpMnx4R(^C*4YF)YUp;aB< z9{w&AE-N0B?}sq#TW%&=Z)k&1n8}q=PfCx1QF38`Q=F|O$+Ql2jBGfHaXX^DQQ_iW zrp0+YyhcB)IQwwJ(TwoSEa=zZmt5txNtmT*#<h^+i_@>C1}(5fbda$LXU2Z z^#PJ?2bacQKtrZ8Rw2V%9xxal~6*#3&whv=UeQ+dIhC3hk?M z($gj}Ms|9UpP#IZN7i)`__wR!kLO>G_6SFdBiA4PrmFF54k4sD?^8uF#oSfCJo;-k zYq@pSsQ$Lv-Modkm9j1svyT2F4+&C|nj;SKzLG;i=#$=ILW-|LPs-zPM-IVI1l|4( zdoobM@=c}~$|bbf1H0CN{&%gz^`Sd0)n0m(q!j_#fB#-y zp#L;9uZU=Y^qS$7Ro3ms)ScB|3ZyHVlUt&28l&cVBbLuzorD)TykI~t8GRmEec8hl zRO|hiawB-h=Baj1fgk^An4|vAbF4Yp{{dB(uPGndJ?ccMOXJ5_m7FtwHxtC8O-2s@w zw`W`C`Lj$B&wS4_ANo{IR`t^MdC6Egt{Ti<3>ebY$%hHShu8R+b?CL{c1?CHR$8n^ z*zw5@W3pppn4q3p8JB51$D$Gl)e+7Dst@c?UNn=DtX2q(G=nVEwaBUu4XzhN9Sl-x ziChz{2*}U;TUa)s_#ZFVHT9FKUiwq4^;FJ#Iu=p=$U(*Yw9M|c)4GFnG218M=VSNa zjPxdR`K}<=XePob^toU$)M;Jj`$c(GxL?8tDwsEzt zTK*Z8V)3msNihXSl^gI(4?fR3omH}omvoBOWpGE+OOv{g#Rg4%T9f+Sb`i_Or>nGd zZE8=NJ#@MH-dU$L%;5567<@H7Qk0i$vWyvu-~!reLm+j9%El0oZWdPY;J%q-;#$K} zd8JZ??3pUu9l5PSQbM*4thq80n;oCL234jC86G%9*IuHv8s0)Bgk+E+0}Hh^DOj)u zui9Rl?ih2jZOIkd5`kC{5?ZDZ6^u2E#_>{N4ZN7tI8D5cdj)O>4W>FXyf6(pzt}!X z3to))u8HtmlT&Ee1w>C_pOK0VH);h&_y-47*cO*Dls%&6Y#LJtEuT_?=&6GUCSt6eRba?aB@9FX z_wCfGWYxe=6M;K@-0IMa;mL4|`J;bp&|+tjJ~k-kR=7(v=4kTRfU_RvNQ1nQOFpi8 zVm&!&^v(18rE}M-E#|V1;imMdPrCWD)_3pMnJnu8)=1b{Ugd~5X$kU@rA}n|n7Ml& z1D>a$u86aIwA-rEYMdsRzUqA7q?pM_eiatvksRAm#w%IoIHO_8%z8^%NyfMUiXJvH zJA__{GsR%R5#R4)fwtO=d{>;qkL{mYVP8a#yOXUjCkzksH@Z#hE`AQLt>{(fYRsK- zuAGKmb0cjVX0t3`xSkdLp~^DQ0MrSV1v#05((AvuM-VN!R-4{eA7jh}{--#DZyQLn zcyR?+)i+hFkEPiZ%1v0ob*BB&PBA#vQb}emK*$Sv!%SolD10ygZ#aTaGH49;I~DoD z!ccRxMVtPd|)k?43nxBcjB7W zSR??DY4o)B*UlJWxm698v?Q0xJ2p;~;Sd?vDrCUVHD1c8|2i_&UL^lKJg;_y-XaHN zcdUr;yh0loCA)-Mhn;qkAw~_%VIVSedBULa%8pJ6_6;j*5#%7Z@SJFw{(K zZ`(yPBy}ihVcZ{8;GD$(CxR{C_IA|u&FN*OYkth>z|UppP6f%SWv2xb*VIm?L!q;L zf@p#S*o9ok2)|puen|aS^Ps{zvnKO(WFPC2vl|}QD5Ir!VbhgNtJFgP{i$_h3Qu~; zExGq7_Jk`V82hxEk_19~>pA{U_ojrs=frc#Vw0c1!#=0Oj_>^-re<&@J*BHAslR)4 zZi+{1%IPf~uISMF&477|a{=EF=FQgGKmU3(6xl-O_8?9O#hV| zo~)QkU;hm4)!50r`(P(JzRh->{NLrV@zV>^E(@I)z~KT?DC;oYdoU$EAbpyFED{pn zekaz$$eijdyx&thtRxgl;;X-)=4aSKeHWyXuF)g6t+AVdLFZ>YjC@BQU)Ka4p{Ke( z6s?3#Uy79%-6F0ZM-dLtfDg<11ah#XA|j4)nWWpzP=o4GDM3~aCCTI|osWZ#Nw)Gk+f-dL35L`l|Ga=P z(U#z;eJE?%{{Vx(U(svW`?QVcFq{uZa4>CSCX|@p4i9{Z1LV;2R&G-EEzY^oN@)d> z{c#t@M7@Y|8#UxZ&KRmp|K~4$-uM6mKMxCoRb0-f3}6w{&_>e9wit3^z$ctB4wsEZ zHWAu!1b!S6eZe^3bB0?dFFq#1V_*Bw{F81EUhZMye(WX26Rl(@k#~oT@5(9^mfqD#!RJH~LVjuC*5$aNi0lDUH>T+xyS)(A^1`MO3K$~vf<1ziMQS}ysVPU5`A z1C}f3@H;efxpfHF!bPmB1{yz(#wph?SpRVB_e`s<)LS0X|LU2>9-Kvj5ots=sExAvTXmBBXSZ1x|VOGU~0 z1JfO47H&B0^-v7+aVIrQ*A^$+TJ>WF)pg{*%yy~c*Gr`niUT)_CAQ~CY-Y1N5Sl7R z01g&&oF}+987&IrqXI()&!EQACj#IP)dkBt*@K(Q^zOIE(r4DgTOold_KT;&Xe`nP z1_M<%%>KPTifh#!ZTK3*Qjf}nDHW>*t|L{sn^BioDr*dhq{%u;ETyZQR|EzwKED5Z z);jP1PPFUpp+m4rN{j!mXTAZp_Sn=>MI+(I9R|5;7OJdizmhWrpB$Bmle8{9Rz&6` zv&ye)?y=Z9EAJ;5KvV}@3nd4!LdFE9^XA{dQ2Q({TALb7ni|OFR*3djf;#EvC+Hth zs|hx-q<4#PeQ|Qw8E97wC+HZ=}U-L9aM zWKS0dC9^?SMVBsOG2+mn=+-*feaRzyi_X|{q6R`c)<*WZ{femaigPr2Wi5{__fe&8 zGkw^?T6zm7fILS z1H#AdIuU6_C7JvnR>1v?>K6z5R z&=0?n&coRw8)u$!dV63@1rBEwL2`o8smb@_LSJQyBMB*TSR=y|-d^^gd4K0`J(Zmb zPSm2O6-JA$K-3T{AQ=*OXyeJ61C+ORS&L5& zd(>KilWP_$AbxP*!DJ2F!KK=h4gJoCuW#E$9J%d)`L4GO^5?{CRYehqEIK;o>K5-ku1 zMPHN4q?iW7u-SxW)6^qw`k4Xzl|G<-B@xRCj(4J=yFsUv;+sKOn}6bE#W8OK2OM!= zQnE`{>e!J`nhZ^pV&&qBJvd_ejXyS>=%_tMtMy7ebac?dV7v&bA_e~CtH3SF^V5+5 zle#^vJA1sUzZRuNRJWA9>?(-99-~DTHB$OK)98gRVRkiAqaG92dobRJWN55fR3%Ra zQUqbEj^qZH#ltab(xu4Fs*Kq%g&?RvPSmRM7Ng)JW$EE?c+*){iMrX9l36}94wIOQ zSufj&d;HC3qCOIu;A#sr=!|Gv5|Qkx*x--rNto{?3h`0VNg%$4f z45klFTpT!fbb$_e+=MV#bk&N`VmnYuoZaZ+^mn2%YW1MnT(vyQc&vXbLm-a9PRbJs z;@99e(HiKP5D~8%O6O|a@eGmlxJBTSWkG3S#RHU-X4L1|s+vmTNqVyk#&jkNPXn0L zFwv#*{rlYG6=YBBY7 zSJ6jbY`g-7q1*EQb+RW#2Sa)VJlKFifT*$+f4n&K(}tEgMHZ8&j21dM8dDkb~s!| zQLgsq0#zA~!E|GW+F+#$Ry&%qugEKVXCYuE>4R~)ZvH8uWHjuVF3xiK&uHOCsaFS(}HGpx7UKX-n<`ETOqozU-(|AC23 zwucyLz`k27_==il@<;tq!)YuiIayp45?(ULu_WyVV~dBD1TW`XClss2^{5 zA|)KLW@;e!Uj%Ushe6fa6+gv+ofl-X3NKj&4pV$c7UEKSe-b+n+wtl((|nn)1%}u4 zffIdgjt^%fT+~U4B@8Pfm9mzK8lbhbT9JoKC|(UFe&JPhtC!6fyq+VIkW0ISsi*UX zl4nHB)Fax;SvHAPF)n9-dE;r95#>Pqfq~;HNVF3kcYA;W6D5N^ZtGXD_)+VeKuR|? zY%~F>^3_w9LTs0!I}d?-|JAMt;u&wA$~_o*{Y%#Y7p0eob4-G&`j>Cq zVGobUule9Hq5_Fw-oi*TMOv^kxLkyM(D0~OseLd52g14IeZ^S~BlJw67ackbHKT+! zv4j4@Z4S9nk;e=d{nu!DupvvBj2<);U6B@Ao0{o0Sw^Fc+|QKJ41@}2q>nb6u!3&; z?IPD#s&L%fs!h49N`6x(o4fuEd|k4=B;PTJfAMz;BRpR8-ENq}U;S$-miMu%^=a|4 z)X2Vko+>+fy$jO9HL~=aE)Q<^DSyU~Kd}9$3f@+iDU#J33=Xdy1qe;Cv=*6!Jh*_s z1T7jR9k1T^BR-S*Pv{zw5F70fwbs%bd`=J38dHCkwJ8j!BzUhL0nYdaDP9igk{VM|R%|1wg=#Pd%5Q|1S4 ztowg#2~9Y*ojhM1oN-B|2 zRPKrQh?wky{6K{^oyVhY{L70E7ugV?1K*#r7#3kEc{%x>qo+(#9dBmtDQUO<|reK)LHd_Cv zZ@gl2vK@2oh$s%#I~ui()qf=ta#KB381PrB%M5s@lewZpqK{m&sU(Rl$9UUXX?7be zwHyaJsAP&52mtdvh-Z?<|4|JrCt=^^OC`}CIsOS^s_)WsK`YM{ z^ZC;4vq2HS=A5Q-!m4@O1Cg2Hqy``%v4X0rC5p0s#T@|LlmvcSu;S+#b;9FGy$D#d zA60vNQ;JG%l0!o%q}zUMjjsm7EGN9!GiDAEE4h*7_gwdL(3odaa(R2D=Sgnba{h=4 zvQ9O9zpdTE-cUGzC(QVTf7Mv=YW z4scR;q-4}%cAw%f%sUE3#cMaw zcd}G$Jt#Zwn?J1j?2CyO^=U$vq=y{^vuH%D;^+arBn+eC0*o$C3^4awap7QPSarc~ z?A_^a1s4Z-RG_T#^a?SNKzIyG#XId znrC0%Li)xOpVnMiVd6RM6wML8iBspWWrqyg2;>YgXh7{L6V5vsvYga*8E~FFONs+% zHFwlk5xeIm9dXtw%!TEoSzXhfx z{d0B%PK63Q$Oz11+rm594_6(Gl z2F63HJavXugskl_^%FNCDn2^l70{t78Tsu5mA|ST?4n5Z!Kq=O?@k8cK9Og>leW`} z*jJrr7Kuz&fZuOjPyf9x&W)R*iDqE@#o@uA$SZtokSh_lG-j-Tl!c4aheZqYQPW~# zBl5qZkT(-2wh&$4WV?fp2PqbnvWH2jnqh;82QhSVJ!#C={Wmye!<8c<8CJ_h6T6sn z!s%r-Re4r+2QIl=ntc^5iZFE^SOd|sXE~DA;jV{IHlp6hJL-lkQR88BumaJNp_Ps* z86TZdIN@6CB&9H%1s3udOiGq*=6F=kpvp8l&qZfJKDka&l5`vedPo_r=<_`gNll_e z`8gifS)J{}+|XfH@qk>wX(=DL;<>7c^KL!0(eVYuS|dy=hxz+#*)vIbmz!+feh+oh zoSPPxx;zv;yV?6-7lCMIu%Vub$oS&9GMFSUfe-5Q_%%an7-y^*R*SoNfQlGeV8k6g zP=~jy&TbYIjY;Ozhi(WGTjN>k74?A1?TL0UuTkV7M&gdJD_GyNlSJ$1Ia8s%PSnYq zf3$5&ZnthhYlRshnVxb8G3-A0KJbUQ?wgBdF6bouv?aN_99GI-sCzWV6wqz|hfM1X zw&@XX^pf+1R(z8p!AMf7G{hqv=)2RR=q!WbD4?is?TeKY1+qYh94(VrMQQP;{CS1Xi_qIzNANLT_Utd55a2xDIa z6D|Y#6NI6um;(x@D=hpJ080pkOO}sORFw4LE9)&TtSL^Q2Nrflhn6e^TXYg(-TGKi zu%e{DiQ3)Wnq54DiN%^?-GBOnko`-2Y_kS}fqquH#)2dlqs+CIJW-Zfj6FvXpZ7kx9=UHsGtakT zSvJJ>{Rv1dT0v=JhYG%0x(a|pUp}M*@_nH(164P}p-wa%O7%a3LE~0QXds4?$i^C0 zGGNQ@Pp<}KSmbc9AInJ_jv_#3Gr|x)7gvPdwvqHA7M?^jf2*PDFXLK;NNNCJuTxL% zr3PbW`O{0a21qpv|M4&}4onL?EOCKTNb;^;%yDbi(nP|x#Hokn?P3QryI-+&=f315 zcP4wkxlJMMt~8*%kkhZXrA&)BdYkUcNN~mDZAPHFw|Ukt@2$!7#f`p29kJAOws$`L zs+cqpP`IdRCLSeHhUNFA|slPv30L{nXsj!^60z|c(9wv$XPc$>HWbFJgm8@NV8asTA%rJLJQRQu;rDlw*&f*=`#_|$Z zO_6@sXb~y(2iEV9Js-pibV7>G8A^?<6`zFs;30O2g63}WI#%}L-b6OUDz^I|`*M3M zG5v!)fv74fFCWEA{;1V|!|C^#ozy!T)T^00{9glraU`g+{@*-CuK)2EnV49({;xL2 z{|Aqe`~TrFa{h07jNC;3fAAQY|L^+e|9Fi5v-E%EF?Q#jH*Af#jrJZ=Cpx&$9$3~* zqx@45myR8<#H_vgd!QCwT9%2yNF9?(Fp!Ywdq?}8^uViI>;uuar&3`FTpDyEs8ArF zTl+futodAUX})TYXy>#r^?dh)Sv3xQPugy98 zuJ7RARsQ;Xa!OZu6xFH(Ifv`_5OPwl;^1%*!dE+HMfj#ruy%XP{;S$8q0rydDiNh` zxV`kNz57G^TpRjp_Pse+hwnaGBLIdPngy%QX|9nnb>$(s5w5|9=iba7Q`dNoxu!iY zRQG6c0oS{yR(lQJtK-+8zQg{pnUAO9N3qdJ7;eXTg+ts=erRnb#}dlPFA}AfWl53} zf%;3fUnRoT>-%%qcq-WSeSSXqF^Z{TD@mOsh<=Cy&e8SzR#PtM4d46%KYqQ7mDqLe zpr;yW?6HP0hbx7uqcm+DbV1y(wK7;(o-lnca@$f375$U&QfRjfJVWsLfgq3Tc{rXy zz3%Y&QF4B4)cdOyU;(46NLBaes+?Eo`laa?y{XNi4k9wo@?ORUNjaPH8);c|rsvG{OWQm1>=-dRqV$xm*q&FpG- z3_e2nd_u_%&F6H;VGNgz`eIpD>};M)Q?A$9tI{s7&*&NFzUrW8DNkf!s~ZOQ_WLTx zxtt4o^%`O4G9V>sC$ZR#8?WkHaaYZt1=atr>HpLfcTv9g>-cYwOB)@~4vt@}!^VmV z&*mI?B2r4#lPf{m7~BePPY#2AJh$@WzsF(?OLf1?*IPP8iyjSvAAW+tUQj;auE*x! zygKH|h+tL_zWE>_Onr#Rxc+%X6~l&F|5+JW>drZ#_P}%1A6$3K+>wi89#|`*Hn|Pj zIEl2JU2Q(cDGD<#LyW%S(;Lt&s$1MMCP#^WypQ|PthYlP0=3)mFYOKY7CkCe{BaCv zX9+2L%{Uboh;0y4fJmN;gvVbYL{0^mp-0rI-wuU)6Fveop2x{|Qd+$jif!h<-0gbp z5FjmTbkn3yG%63CzVGYAS?L$DkV&B_YllBSMH%@MnT5pTC=R|CCip|u7sPOa2g&>c zDmBRtgcnoLcEeVK*U7G|+YNWs(tUOWI3U5A`!(|xTP_)`Xs^kFpMr1s`oL(ZnLI

    1!tsg;(Fu_1TyLL}SI&!X4 z-J?uu>k$X+AIAjm!Byr+X7l|&mlk{pwY@&nJjMN(pu1Wk(7+~9V-ULSqBbHxL2@Gb zR>$N5YOGBIWWxO#9?#XgqKhd!;{XZx?~K1iFfn{stY1$T$b{s*-a}vr$ zc3q3r8$m;^p;>0E#afN5aa}ge6q&;kbB@(irH?({@j8r(aDNPvbmBxs+CK zL(pN}jZ^o?Xk$!R)deUvuClLzxgFg04riWsQdqc%&5d>|{z@&l=yoLcM?YQZBUy{? zk*bpvZW}`m$5Zdgs?9G(MFvv{OKJa=a+CaMyAHhp+qa64dgr&p^1^09${!RM3x<EaIPYb77$&;=@)GyTK!-?dQ^#ZR6oUgvt&t3#3ABCJ;vs>QgYSy88>P zb`Hu7?*$!R2Z6nYjjY0BIfhjJcP_Dkix5KMEGk{q=Wmnf-!D>hb?=uOEQXx^8s&~} zR)+19dx`USS7L3QqZ*jrM4Uf&sKs>{SmL~kB-WlGG{~^v9<#C=kC<5V6%vru*5L~0 zNb@vs1%KroonwcTN84<{tx9O-k>6cn=~S@llH0~uRL1a4j4fv<;mK66umXiTYKL`j zzQ{mn4@1RZuoPn}^zA5y%xR|jk}YTF*xxkqH{ob?K{r%je z6bDZ+2%CpzJj$Bqd`Q+4)2eR;UJy-iA2*+dN&%>ANP&hp+-S{=AejvdIlYF_cz1HV zBoWI-i%B7?=a>=*;K(T4a-n_9f7-~_hEQB1e}Gv6BmG$Noe48$i9MwEX9&6?@WP) zAo=W|w4*wYHb9BFv%!qlSwmBYbC!HH=Z2cHC9&qisRP23j${hroXN+@H0^#x&A<7eF5MpfE$@kL${xa^XDv6Mc|Bia4fZmZu^2STPR3wE;q!Px_a)DAy<``vc#X z4xsQd!?CyHqp+Idu-KHdx@@D_&=^$`1axA46ruTr;pO$jxaMP*F60_zxP})GQE^0n zxdPWg0lm8Tc3;^-iNd1}S1)J$X)ZKIUUY!;U^v1`thJQX{&d6=V0k0@9C7qAR2CCM z!jdwSBu-zpC^(By?NH-nbEub1fxKQnAJwcPkYuJTU?F417%XgVDH;+}H3DetV+pN; zk>DnuMk5bq_zmv)_n*aMx`{CU4}#>-_oad)qq3}DImx?SCMo7K4~b4r72J-vNPU6s?yj<1 z-;lSmU7{GbhLgSrn1P! z-Q&GmEiZGA8aV+it%&W+sc+>a`C1oA+b9giJxxJNgk)BrY!eQOR?q|_xDV56L*wZb zdv?;%P03P0==XHlEYO940rM`=N)Jpy8BbirBXSFLi+S;u={=1l+6^sAE0($G8{`^b zFokN!*=-^Wa2f7W387slW44r}&1$oa|Ng0n_^7LhL>^NNj8zBTYnJ1sk;~pYP1m}V z%NZ)Q0`XHPE=`P@Oewbiqiv z*p-G6sEg#Cm(eb-f*Ta>;_Ov^Z9DZZvLLKF2-LxH`BC&Pt&UqMKi}byNOoR{uKDZe zDL{}zXo-Xx>`R#y_d7dl4x`0M$K7=r#+&4o+pL!hc~~zve@AG;;|Zn`w4WlM?2X>d z;>nTwa4?02!;I1mI$TFXuPYsl@tYNE1Kwb*6PyCFn*v*Vd*>}oJ9b*8la6Dv#PyD$ zhVO)M3r5^x=1KQ?9$8N!QYUf9#(4O3ge{w5{TnR`t%{SA=F^TCA~1P>qikYQQdm~EN4i}7Z|MN%PTQjyt1r=l^90KexL{F|X9?e5ou7@_&&uLkuqpDO43J*PiR9s>);R`I8%8 z1c$})f@CVKs1+-7Fw9+~vajt*rt{IybAgW@wH}9DB&HTx6e%>eCQ9`8uM&OU{aD^A z31iZK6GbjKAxX)2)25JAFltB4R&_g1%H<|*)uj28^{8*CG=H!&XfNwxozc&c3vsTr zMIz~fkZhXVC>$+E%r=CDl?C>WQfML!h|Fdtbs-E%2t+V%pG)x)sdDqwo;^1M$30{jWiG{wd2U2<6_1yV$p-GRTlLjMfJUGCc?nS)oD#PlWs;t@i(3j*ly zARoPx=9#Rq_A5=t(j^@gX93I~u(0*=MXZW^Wq48Xw)c)cllqS+;Syc4IEA3!n$^{@5`PXmO7f+J=E4wWr$0N z8~Pac3~BPtop&^xMc+^eLp-4hqC9K&86%fKgrN|l;NRu8SqeZ|$7@A>mzT$lghev0 z7}ssk4g|xd=eg6>03yb%>ukO(a+0dd)7pG!)S$CjGHs_?EXMUXf+pd<6J{%ybx*w| zz_o1}xqNgPz65;{GjU{ce3lMH*`znVydJ*EG?{KEw#B&(ASt6e(Pd;Cm$8H z_=VO{dTI&tB-kCfR^G1!8vON_Ekf2s&I0(Fd9d}huN`F@%lHYnD-tE=eXwdzvFa43 zWu1dxBfV@cAEd#dP|}b=GY}2pA{}_4UnsvWx@!0FV}=!X@wZ|yw&Hh_^yJ4e-| zfZkivdC?)w{MffL$pb7jIb@x`k0lzn;feIkGC(N3bwM2Si3?Fs&<(*5;{OpBM$b~T z*Baaa$DstjihqRKtb!VQdViyC6AM5~D7lALIrC)pKj?B<1R#YZdJ2JNA`?5GLgfzw zZ@p5G(CNn^kpoV0x}_ebu|r3$A%K<7|9jZawMhmiEqUZ^DOhI4QF!<=U-*hm-!14K zIN}JwW$gs#0cMk@YH&?J*ZUNXwu4h-1G*X6LV>|c!9hl<0#O$O7lC`zNyKCVSRhHN zBfL+<3kGBj7EtXbmk`>Mw&uI_O{J;%`QGEr zAvKWf=kXCu*=8j5F$JHxC!-O!IuK=ELZR>-zo*crvZ*gUXa}(sp+WFv^#D=b|Mlg9 zwh58lv?^uybVQ(nDo1}NHDUeW>{gdwl_)^5surDBD^{JawN}kmjbfQcNz#bjD^><3 zbvwUU^Uki>+KaPGF-dL4&3n@FISfx9&vlJYYEOqqj#P~UzBW)m%*wp0^;i~b6YFs{Ruydyp z4gR|;^?t`B7_N*rEB>{3nWG~E{d#PPM->1~K(fDU8C{(7THamH@m$`{*=jwwQJAUB zqZqA_K9ogV!{GEYPtlh9X08@qX6|u%ET;tv*32#gc*nL&KH??gw~WJKf0IgUyPJl? zNzHT7j@agy*J;kW*(V9an;I2`DRRXlABmGTcD3%hyU{Vujw}-~pWMd|49h!pn*giArb13dp(6%i=_t^!kepuIAL*QrzIm^3PkeTD$zn{(I`Fdo4JFjYQVZ z&F{Od%gntH)tzCfVDrrBokm1;Z6YVNgd42}pX7MSW34c$vgB&u=mc6E27k2iTPPcR zg)cUSl!2 z6{Jd61@p@4dir&jg#SW2!BKHkM1gi()z1}a>Oa>AFHY?UE6yFFTTE5ipH5{`vT7Ak zgl1Gk1$+6N;^qJ3u+m~Epb_%XTteVS_G%rHZsatNwXtc)|FzY?=S9`I=Vk9u-FAiw z&Ic>j>5{|cPH3SQNmg%0tqge3TzR3}sF|J{OjwDh! z^mw_>EhTw_>+zI8EROK1NePq`v~g6ad(-KwSg9e8=1fF zjm?ywXNfb))O+Z$N$D)r^EvdEc+YSG+J)c;3Ub9vCw{`4O7x7?WFR@OwD^=R`0;qW zmUUUZ9kU?htzhSg%+{Z~VfaDUOuNs>?nILgQy+6m0NJk-p%<7^x-|!kJP&+}V)QSq zhTR4oo0Y&rgZ0(`#HQV;2u)|#W&1hNda-QHw)C(&8Z?tyS@D%nQ~~f7mfSI?+4c;^ z9Yb`5so=B|$NB=NU<=65+R1*hTrE_O0F#cNF%k&a20`Dl@>#*Ae+3m(3^>II>pV|U z;pq2!ARZm0gJ&qP+F=@j^c6Oub^0RJFU2+fs0fW6dL6QTQ3=y_={$^VoBZa;s#4}* zs|0LWblJZoz_|cub&njHbt&6q5w>FSI=I1AO($Z8y$5u9qGKxXN zPMxqSVcFYj2AOd~gl4(e9D%(r*V z+XQJkw3G#Al*k@F3fv}RZiO;tXLZ=`F3f@n7V88EF<;!Eu+@2IHmUQiN2{S^MT#t{wsn~X*i{g8IE5UBs zfHqJ*O`dn?DulcZu%vC!{=+rjprsUe<*m~G*Q`@#-%oO#ph!ruLs(~@8{0x)D~xh9 zwxmzFucwgZxjh-O#}K=z3vH{+q=uXxWgvq&u2OrIM%Tb8?n}fRZx0;23`aC+(iL0P zJx@v~{gGeuis7|R;j_gQnPo?940_`R-QE%t$k56w9vRrw6e9%c_4urom@NffZr2_I zgepo*I}yz0??Yxx93q;a>o#`R{fYp$SyNm|5kgThUBsCFUQ?KcpvH6zVB?c>5Sx1} zErmDSS_p`KD|Q@?U*=jlvu05AN7VF%w;5jdDL;0hV}@t#{)F}VhKoao9tJVOR`Sk9 zzCM1%G^X_g%rb-W1^m5^dj5l7wbUyKJIkBYV@y=Wy~Ldb{wXuSqUhJ(lfUQ#0WGis zpfC4k%vp-)>C>q^Cuz5&0>J(9G22s4R{??XS>j^A+6$n9_iJ?|IUaLd8fng*v~xK| zJ|?XYQcVhX(L3s{p}o%8UvjFfV$i%6JTrbnq%F+*SQ%p`i7)A2i8S-*)h zAbT|h7pA?-ylCCFkOOQRWoBfP>?d>6icE)JdEHOthw+R@uIB>Dc~iaBuG#B+*6;D; zj(p@3E+zwzJBuiIFID<OvIv2>HB1#WP-8?>d(@CjF6kd9q1^HlB5|xQ%w^o7^i1 zhxSJwj#HWJ+NH_dzucLQVrbAsYzd9%B84Lj&(8W^)EC<=RK9d-y&Kiv-7^AN97SGK zG}Vk1(g(cDs>;SF3zYj5>Zat{_mhpHTxO$iMN>}+#z|T!Hq_^yXju8!I}RCdfsPA^@Jc*Gfl5Qj_>wFoiV0+12EWn7+8T@sY{KnnU*@MHiHzsmZkpz) zb%hQ`o4z8}XK2nTI3(I?i5#u{Cf+g3L6zijWDYS;#5iA>IW9JOAB(7zFoPtT272a#Ids zi$8>}@k6)VX)3PyIfVt?;h?h)g?7Fq73+?>l zT9aI?IwpU*wMHLI76A}bClr$qX>mncT@D46r zMpWn`2kBV+Z@Zm8O`p540kI_W8{1$v2$94vkNW-emq32GLO=uy#GYX9)1ryz}H zPn8`UclwL zYTcy*As`V{Ou48WwNmw{l)l)$nTwIQ9a|R1dvoYH*6AU=Y`ykB&)&7^x)J@bto*@i zy|%|7MhVKtilFwoXn$}+F%ob4-Z*_uk^aEm& zd>TydJX6Rf%DWEw4%Mw?%J3^yO+79 z#m(b6$)OXc^8`#}w=a$Ok7Ew0Y38WWz-AkTUHCnZF@iIq#m{V`xA9@Wa*EFos(5(% zEftKx)qSDHzFTDL8)p827t@)zvFA zMPMj0*E`L^R%6ci=JG2;zX?wT<4BC#2915!I(o}z=V(lE<^^N4v zk|MmGVY>C(X?R&_kg?8L5?w%M7ug~#Jf8aOupmBAZbWSH=8)6nI+-C02J(@R0YaV3l zqgeQSMBj`8@y5-!ItOU&zb<|3%4rCy= zxCA`NRt+?xQxi&n%%d>O@f@?I7+QvlR5o-_3sv z01D+457vP9#XAqjSn#Os_)ACqV~{`ZO##y1JPXz7d&!3}J=?yFOWtXw53?n**kz#f z0eNpAU6$TI&*lSlK9Dy(x*a&(j4u;EVU-rn=G!`Z*K|~8zM|ke139>!)OWk=(xUbZ z4CTJ-Y4$V)7JU^qGkP(WQ|d0yEW1`HJPoDW^_WAgUgwrREcrC(fQwTO%tY zV^Yy!W*VMgCQ68ri3t*M5m}HCtD3Pvg(gBLkBlcXc9T=}sgSX88IaZM3g6n~U#;(a8o7>t+x!oPBQh(O``or=6sGlj+xBrqUzk0X$D z$mSEgCFx-16pKDg_cRa8_rUcz4?+;q1uFe0SvhCS_vbeh+CGHpF)tAS9M<}ehD({X(QNT6n@X_N6m5Y@LO|NIO+z>{t52%?E2 zX&%4N0Ua{cB@zTivZi*hR2zieOy*#g?Z=5C=^#SnEw&@Y0V;yROu$9ql1V6=6?jXE zH#ZP8Hq~D(tAgvVcu}Bf3FmlR;0*z^Rj>6^n`xMOldd`=p*5;42HnuecdkrVrSt+} zw8=0f4_BA>;0sW~H8UD}*lUxcGf09o1EOnjy9ARg-O59XlLHubWe3AuEImxtE(RZ& z2)8HptT>1Cg-bF|!>@2YQ0CtHg~tVY6IV{rTQ3vZnSmz%DWwYe4H{6c@zhp$XiMI) zB4JU{Y|TtjAX{7|w=13Vd?`s04Cyaa=WnuRJ+vkL% z66xG@N7*gAc8p>NYwr6L_}A!W^8bRV{+IOmuNfB;3&;Pp`rjLk{|_w{6U+bIQvEMl z^gpsxO#i(j`2UYB)qjt+`#&ue`~TEZZ8U9=j{M)(RB*<(3-RQO6`@MHtAAN1DrZq=k?eI{FdzKsP*xAZS?*gORc%zBr|Mgzqa{3%6%=M+yns6N-=rAHUYs$ zx&nIr9&7MkH*@!34`&H~T6?_SU+jGB9eTU%JZ|CufO{S~-Y&bZ)6)k!HHW+>51*$Y zJ0D92f7&YPTu&JHKi;(py=&a7m$z+vlTYDUs{IGebf2%U>Q|WThMQqfbV`U(_=25N-*+_ghxtM{M4rqMnpPoLrCauC_keZSswm$A zId4RfF!-5Jmh9~AI`}d zy}*eYz&_Jt4Ad9rj6N&kW~79{9=q;>=4ZR^4VO23nAOXa`Z?WYcefou27jrcnv!eR zD9$m(%?yqj6tB|>dm-#UmQTyQ(S2DmHs+3$aiO=^ChUunlz~@OOc) z{4MiYQ22&7Owno*;tQkouSUH>$b7bvmVeB02mbR@Y}{6 zvk=Vqk}OIDrDT^uK|lV+?h$gVlYY@TaM5MO4dLa08Vm2`tHtuF`z+0P(F+9Yuzo9; z#AS!t1reC%9O!9*TgZ{T{uPnFp#_!U89Cu>2rZ01@Pyp}sS> zX%o(HL2AD$aXrHGf(R;szM;=pB*FgoJKWyQKp~PI1%i@0!hFn6o!RnZ3Xw2K0421l zWUz^5izFM4K3Bslj@=pB7B;*8I!M(n6xza}yGfqR+wS3o9SNUj>RfG~;0!k9E9={> zPPdNLWAaWnLgi+~Ax3wtQC#fX6+-&Ubi)?x5Rylm=^(NMhNuVTFvo4gRX;Cn2ezdv zM3mmNSf;QwU5;G>Ow!CoRp3cN-!BFn0VX3dFb@A;flZu@VO}F=Jhj<(9DQfG7ts>s z2H=pHVU(=?RaKncsQ0oBb~I~O5cn+FzrcQR?QJp-X%LVMdA;ZZXoac@2bBdQl;;`M zlGycmIE#kF#1lSA8(xtIuqrg;|o?EZw4CR-Gq@tt0H3InCl zW~Rupj-@JU3)c@R34bAHRQRAiaOSz|5CH$;)nvRW%x2eZ5!iH~C6QPv`k=2TRxZ5= zT@9{q>53q0SG$XYWlgryAOn4b-C>e0#C02(wrdU#WfC?RJ|Dt5iud{3`?gkNh#rRZ zEdhCPFrLhQ?S4*$+@OE5h_kGp(eJJ1!?aBZ2$xY)lY%* zNBnq5k$OZPAGmHC6l~vQH6nHzoC$+Y8fZDx&nw>#H?Th6jHLhP2U)Je6uM4Smy!Ab zwdheUm(Znbq!NYC8Oehi+?|QhSik&cY6O;i`6opWYH? zcci9()PqG94uHNf^o_&Htds znBU?tAR5)JqnoD!;2JT^xrMenDHb_X#$(CUj00s?P?4b7B9++zL={ef@Sf+Sin)Xs zP{eXq}@cAafbaC;-Uk8XK9r^m2vX<;8 z!oux0>=MVmePquh*;Y@xF-Z$3Y>t>I@yacm`u3zl7<0SO!ZwKKB~p~vZKk<}y+Ge- zm6j*5qG8E`k<^x%F9XDW|$u8pUb^pyAnq9;Sg?JFTl|{5W{tk4tE5i3UYj5j7;(xnO==5XT zjp%5?*pBKnFm<*gl3;gwuJwc=Lp`9AXJBQ%9n+0VBjp7$En(Ww%Gqo+r00Z@s<)Ks z&BXl8iYw3E)@oZD#{a`6xVnxDAD(c$?vjHLxax+jt>rgmRvNq7tqbSrx1&|mv2fr1 z)%niK*+tdCvIq$*EX^ADrB5gIH$(UF7lucVm+3%C{IG~6Qlp>*eiG-FYY zp(g-2p`y631e15WKv3p7*IUd_FmjU&v>y4-_9qwegpCxTbtHFuRTQSIoAn}NH>F?I z2dey6m&zz;g!JP56sbO@L{ zxX$UP`LT@M;0bj2_YCp88E=V|M?w>Dg^ml1Z@=TIWKK*{K__a`REij3&kKF$wH=4s zfo5qDKi&`sQ1B)R#WbYxI%yte%5IYKK{N>od@(Tw=JeyrA#XF8rrm0RSo99v-axPx z=&84&=%dPpY)w0NOOIWX?Vh>>?E1Rl+Xa(J*=vQ4-0VltYlR3o3@B681<-732?#mYvl750w?}u}{AhG^!VTyOBo8PcIuxa5g-_!tMsPOOn+<4S{gv6k&Yun#& zoDDzyR_YFd2T0@ho93+<s88En0Kc1y2KK!nD6Ikd--t6&BG?6Z9A|d?nQ2gMNSep|%M4Bip53XfRLP zhdBpXR+`=&Z;M6yOfpIdk_}@4=yV|(`%J-=j8*K1V;OfD<49&fM4n;*XIdqS^Mi|Q z*r7!pD1_Sl2W8$W_6;F8%!#+CMp3^p8N(9p__5MoQ+(_F#LKfr)`LRrTv`MDkkjEug>0)kuw3%X)OmwzAJ3!=WYXuM!*b-QAcN>O^K_ z{3EypPxFVmbeVytM|T26yYp_{8EeNoy%r9|?6fJEIZfuv^cQP{9JVYgYcatjEBf8mJ|49UJQElAkmpP z19K8oY9PXKu;!hIDsL#`9{k;*@x}k=|03QL?U^5t+{5tBcbL+|r}|B>0K9kbr}E51 zAz+^Fc6GU~w~w?c;8r2MJs^yuTKRBO#JBzFm_ODShasa6@eVg75~+U=Mp2H>aw9OI zV(K>Mx6RtYXJ`#1ZMXuxPbU44&ed5{`Oq5@o`tP6jP{J6&JF~Q~%4Aqi?{h9U&MB2HW`qj4 z>oJtIc$I8<6>CrFDmzKe{G)_j3bx!uE=5A!@l$x6fc}P?3D+A$`a~7yws@sZ!Xnf<5yJW`?s^Z3pvHz#yF;yiR!L(u}R&J zcqtjRE^QW&=jD_rEBu|kD#mLwTi|bDBE70ck(UQeRMKPhz8ihx|x zF1?<-sP2TfcU{Y^`U|m?>$OG0i4;DO`rX?A!a}Hukf$SQJhfy<3UFK$t zlF9njb}!O(5#;9+z(&3O!D0Wfq<%2hO2EA+&?s89~2agTLx^hqTkpul}h3xLVJ zE~7~8%y6=(^eT^neq)0wFM1>W%FJKmF^ax~xwtp7vh&@z>zDlcNM8zeu;hZMNwas? zx-6zhy3(td=(YIB)>$bv{D-hav~P{NAEV@i&lJ!PTv_oq1AW)oAkq>8w)zhUY(S z9#EuwGx3C8gf#rE)@X$9=~vx{QvuSIseppV!Ky3(RU#1uLSW~2Dm-ecRq6i&RFpyc z2xZTt6|6_W?w;QK1>Kdz!8k_0!ein-VK_Uy%>JKyVhmkxw4nQMmGLq&=Fu{4pKS*i zNDIRQvsmP@oy(BE6L+PTS*)iOZN+=yl#lfu`lk z0rw_K!PC2KAD{c(#|Eru2^1_l~qG$_o zW_yk(DV91JQY)=gvu+rg-UQJqmoSaZ?u?LRk~X&_;w3p1T&A*%7`AhHHn=ke7_6Lf zxs#_d_fP|?+2xv{c?&CE*44TqElrBianq~LbD<|ytnQehrZvmZxLHWz)tIJndRV*E z#XPXMbOd%RlI(~`@@(R*tkflFv19;uEOuExWj0!bP?6ejm$Y|uHy1g>anJqPrm|G`N-0+gI z)w5cbZ1SphU$Bx&MNx%{B30I=CLlI_Ux~c(gEsPnJwIq`CWrx_er`Upl7E&(GRu43 z4>xQ#f6qE!l2bMR&zF0!b-j$ik{WfQULoCM2e=uMGntqot=6^Mit&2d9kvP`-yH97L z3)gcf#J8W#rbDd`qN05)XxH~wC6h4V<-}+00&kER6~?prmGK+4tceW> zb-&eA>mEFc=lB%{ldi#2BF|kgvzcpP#fj}em~v-L$N2uXo9hk=nYm;ImPk1$&z;R1 zn<*}MuR?PTi|0hW!Gx^+xcEiJ{y|Zb?5EkSswS&^yWZ+gmo@Knv zG5UxNCo;(Yv<2aSegnCaXdaRXWs7Tf`e@GuTy8Al@}>Zw4`-Z}O;(0*7;-~23T^0| z5=1IsUM!q)+&@}?odLNZ>uI0^Qt{XnolbZ7B8UaYrH~vnx67Fgw1M|z{Aw9~op%1i z#Q#WP`HKbK50U8=nR*{yQk&i{j{jq4MMyK4U{pBm zrlHze9yr-6A>%Sx#(m}CJ%8S4TIOTzqA9w_!`ohb98#V!FZp@MW%gKaL zF^H4cFjwqx!@?Ka4k>1&#K=eiALFj1`VyJ2*hHq{vy|jDE$+$QltiSoRe}-v#n(OI zmRFMf(ng|qrHGatw&niCxQs>q_);b2$O^)$ex&-{ftrt`-ia1P6!e>x#N!*ImG6-2=900b))HFhS^`tew3qMkU93r}ef`F`ik9-g zP|#yt%qXqdjmHC!89z09U9{oe@C$QA{Z0B@ilOIld;Ql%^#;{?$F90H#bPY#5ZT-g zpFHldSL!{`W0j4gR9K=ZM#v13qwa|Sc)F(l6nO>=flvpIH7378VJNc>PRGVlzr++P zS4{L}#2e6(`aQesnY~9Hn#77_MDaB&bj&k;_rX>J$I%NUo<|3n z`Yi`Hl0U>gE;-~xEUh^6i!x}y$okV11cfaG{jb%zPXl>Kd}l{?oxEMW%qMBD5?sr{ z)6H_Q45OdY4ic1P8pM+)Tm%jfg`8(3K#nx|j*@18f@fd~w%pVI+)i%xt@c2JQ}D*H zi-sw7jK1clEU+%f#@C$4Y_efUZaG=6V%5cD`hmXtSwy0CW70&PXb=q+ORNXx!h@4? z;7TH>kZveUKDaM_l>hl?c#phDzQE8fHiwP^!ycwGX$MDiWyD*j(cX=M$+bG6(=tf+ zt2{yaXB?$P+?qKcuYdq!lEPc33p$PhlnGz!2z`x%l1XZ{S|TE-8>^|D4gOWaBWOL(n?{zB&mqZEa zwV_JJbT5Lzt0S^_9SuE2rN+bXJuIu7rD?T4vloLX?Qz4HKRFXe*djctJ#NW{G1d)a%6I5in>J>l)U*a+iPt^CcTb}@0=q_@&_r7^2WGms7c}B`%O~HU4a44xUfz3iK z&1-cvOnNSbU>GnNwPW={A`thy3qpFy7F^1ksQDAV-%SYl7`3KeR*Gz8JyC$(lf5@H z76;Nt>2$cX_tK9!tc!>}ebiy&FGmsKfP(KAM|62OM{ptg9-}Y7#9hEw7~bRALCNkn z$2=cD60QHGZ$y!nro^dc!O;-gguM(au)iF%?ihL1p4$m0npj( z_!G8+J4sgqLm#JQB>LJ&7rMUERyKqHXfU%HNtj;GoEzBE|C(Mh6(2*JK>zeTfMr`T z(>Uv`%n?I>>+py8Fdh2rE#C~#i@~zdmy*&eaq>>m0kN0kn`D#CTECd6=WKL1>&P-1K_)b(n@|BI^JXh%|mBs*3R7?huw8OPpaOA*hwYRo>FmQ^~+6>o!Xa~j<=|~W$_24 zPh#}qK5`y;H1A1iC-_9XW%S_w1a&$_j|9m2a|CdRs>C94;+=DBAmYYf(8Az~%0AUG zB2DJWW`exyXnd6&WDu)A%B#L9d{QHV{e>7eDye@6H!ve8q^J~TJ!4e60uiOChnSle zsvJYZ7^PJ821Y5>b?3pkq*BH8OgZ+8pIUhMmd|6}FFwiID+r0H;b zS(_tLWgM|_o~|D`k2ArjDsb$-*x(3uA<0(s)XmEus# zVrhEXbuB+x=8S9>Ta6GKyQ$BZM|9s~k+El*d*&haYt6oKmx`7c`0(*-DjmsXOXLVA zNi>IsoC+nwr6}whd0C7eXeGARC#V2f3hV24lv-D_KW1fAK<*`MN+zq)5Y=wgqH)@i z`43mfY&qRx-Psxh%6aBic&US>mLAIptUcBMr<7OR~pSWi_tH zRw>kVv18C>l1x*72V=K+x<^+lv1DEfRl%E*M83h4tN&2{!x)1|`BM6|?P1Tf-8rD~`%j5+}ldi_pdCF|d<^ z$Gt=qCM8tP@2w|Kbx9h0LZ^~2`lC`s-b%?WS$wY=x8|jFY~B*>vtYmxEJT!zg_T8O!w2vR%TS_bPoN3nNEEg)bH?9&u=91EMb<2Q8l2bkNSd zv3~;E@s_6Uzr*Dttily}4c)mnQb)WeA4|sSla|D0Qv89)7T4~;zDSD^fN?N$o>F{E zNzqmS&a7>ctB8A}aRI9C?OW$6o|sacxdoWe->cloZ_I{7g*NN4-kA}%)DO|JY2G&2 zrLXBKJrY`r=NiEv2BQz+Kc)H7vkw zOWj}U=0w5+oY>B`hUTPfbMtWa?X>m^KOxa2P6$NKD|O~N3*s_-4+=v|ObGkq;8;k# z!j(@jQH7!BswqQCWDI||KboTCuN2NLlFog`(%q%V^#`Rj}}FkXFVOT@wy- zPh5c(RvZ$JVk_RLSgR~E{HFpG9AY)amQ*t5QCROr!dJ^KQDcE!`cJh`Td&Q2lz4Tn zIjY@EX_KA7A&t=PB8C@HC<6(VAk0D&TjalwG^Wo}ci>FAoNHB9$ZSxoyG~`3B(New zXib;Cjkxy5zL7<2fR-|g3cWbNKSV}}{#q4Vip{%KMm*ONWjV5`pYjHEEUauvP&#$H zyYKYOglD<)+t=>eCVO=(Y$)>Rd)@W^xM@&Lrc@^HiCdU9H4jvon7xwhdMmIo4U!&P zZFRFMu~Rk%iVQhPJ+DmOi2HYQIDU`HrnLa4xpfj&Yq~Mv`}Hp`&RbZIwSKF{h!8Kk za{sPuS#j2vyk^Cy$0sw;$)CA3w~0Z$u&uX~6LX*G?A8v;{SxqWIRY!ciBQuK0Cl zpA1uJ??D+;Y0M~A&6S#mYm_l)Kmy?tPWn(PBdDJw6;HhC&TL>PxE<5rv|7WdH%ofl zH_kac@VOF6N`U?F#1{1JxLqcKYEl~R?Qg6xG45b#KXn)Rf8KGpGjlXQp^ z|0f)#5<8|k#en0in1FdKPJDAiV`yb$(;#JME-ddN)1m30&9Vd($-%*5(*3>jGta1u zk*XbO6NeQPrjk6PbjG}lp=j>@RH}6tILCK9CN1 zye$zD*zT%Z+xC7^OfESw_|X)xV>j^6M_Fgv*vuM6Mduu>NglG48!xNj>7tBOW*$=o zT0MJn#obXWYU5*Omn`ocrq ze2#zX%(TW+&L#o;%X~F2=nM@fq^j)J$(Pu2Wl**Zym>sL+UwUG?3~h6jnR_)>}Je0 zVD&L}qF*dL`Y7-i*|65abcqJNS68HP{3BxGil8iO{f^eyI_>Rx@PFHM0I;_85Roq6 zZNBTb6+u1!EInOudGV!Qm^!=i81xjgZy;ZhMN_7DIk!uE`h^EYu^tN3nd8X({T+|h zk=eMDUuJz5c(7xmyZ;6z2w-p679eD-c>lIn5IxD~k58`(j2q5A`K%o|z+THB5O=6o zNA3@vnu0wDKwO8e@8KbU%JaNnygmhe9^bO)acBvK6;ni@NQ{C}&t5^NB1NRX2i-d* z4PKB28ymTmR-KK!EBqoPT_xfFzX`+toy*3>#r)rdAuHkkcVWo!{}6_3|6^hJ-`lnR z|5zCQ_t3fjEex3%|EI!mt8IJKDg5pM^?qk}>d?|LL&d(ybgB_;s|lGoqV-UhaWPFa z5!Fn|HA!Qh=6$d}t6tu({|~0^Bn|hUB|*3U8ZQPrak~N5zm))$t(&i%N(Y6pqg&3l zp@Z(N{4J+Bx4yfrJA%ysn?5^%?~|=Mz_(r3TEL#ad@rDmfR0Xpn>m+0V&`Go_vasA zr1{mb#NX%jAK-qYx$b7u!l2FL#_#Jo`&DDEKqx%XHxGN>-_wll6&@7_#TQ=0O^uJ2E$$W)|fj5s%W#v@%XEhxsKvvK{0U@Ol4vin#Ol zeEU}W0>DhPQKYZuXF1J)vH8AFT-5>I;TE;Agm27n8@fN3?cD;0ep+}49UQYRz-EjY z=KUk--fj+-ThDHNSMJ<@2t&9J!P|FkiZ+9vtRl#^44PL&*6%qo!hP3B981;6^_yD7DFniy*Zx`t83cC zoOQw$;y?f8>z^QLy-6PCgbS_wS8SV6HVm$Om%jB)&Ux$Ck(Bohw1W4Igo2a4>w0ZT(uetXtQz zI0gL%j(gm!D09E2?JB%``*Sc1D>`YL&IMSHeBbWDSLW#kKLacViO*d}I+Jz-(BlpD zUhjA`{tJ4{h{ACKESv@mR=;KNHjg60=b4N%)|1C5g;RO60MPKq4MK_HEyIlw@uPl{CLs9D zGJtQ1;12cB&&IiCDC{5@u&a}KzA)vx7^ixEi{T1; zilW-&=R;BCwynl~OWlR+KXe@AIH^Fau>DKuXUoojPF}h=5(*MdzJei>EHv}+8Fz}V zdUNRS{s3i0EJ`&l(q8;#Yx?@HdL)5L&uP zLV@Hv$=s+a`b{%&iCsuW%uDs5$apZ!{}v89NFZB;r5FLhsZ|Du5q&IsAN% z<6~N3m@1#7fWIqD?&qTY?iR;7u7_p0pq>IRPu?~tLK7C@COT^Cnoz;g`dRGgkRld2 zd2L)z)j^@8zJL6E(`FfVNi}>%4VytbM1vLXBSdq!Y0o`3(h?X@fpwEQQ@Tm$pw(R? z{tdj%n5_KgAGdIJhnZQ;;OLUH6mvlBWE1UZ?J`UmNPtgvlcuwL>P!{27}{DBSz93) z)x+0U_$%X0=K8xvQ@R?Xx;xwCa8(VD$Rk|Bu|h`sJI_~I8HUFt z2URD>RM8s|*;;!fIy}C#0@z82SAZ%#tADoRP?DuQtgz%R_S*Q}wIx{e;FhDG6>1s` zT7gixcZ`1x0we{K=~AhrRedm>QpsOKJ!c;(e1S8^2VG64@9t({Ie18DJ(hY^dPP{1 zzN=RX-)YqY07yW$zYdek(_0XvzkxatoL6D$>>98V+^3m9I<(8F9zXzlMr?$DPF|QseFZprw64Nv5Q5k!Dg~wt?tgD1Go*~UMbjCLhz;tDWTdtNK5S4zcj3JfRTw+S>RABvd3Ey|a_}YIi7a%754jLHo?*#-Z86 z-Nh_iIVpbnuV*@KC={xMvJwAD%FiiIuzZqivP)HEEf{zat&vOLf19B%`Bo*GJpxNA z1`5eirZuK(lgsoUjWR(7yk1X%+dLu#5f3A%T`N`64zw;kjvy4 zOTHk-I_WW-UM2XoY*}?iow9(AgWP1%yE@8#sJk+$wWt3++D%>uYi-@PU~*E} zE5aWC5fn(Jw=f63pWNvd+GvT8opBmETzGWZjEpBz3E^c4_PFEyxW%JBVakZ2*$IYa zQSort^^I9qEEqFu)Ou?pgG%-r0>x#n?Ysk#A@{+8Fym{+1}C4wYJbNaL(LiAT${WN z=e>EI6QITvq0pplrBE!$D0)R{S!#UuHix=UL?u6W9%97?DQ%6>dyrubp~BrN@pKTj zA+Tw@NU3SdnHJAwO6ii2ouKx^j7OsrZ-i9@PurO*@2$4^x62zt;~+A|x|S)PS7nDn z8KC8Z?1HeG3xLBG!*g%Vvk<*i)Cay&!4SA>bj&0bJ~D&9o4l=~{Z)A){F#h4rPkTj zet}Ic6x+8UeU*=ce0C~YFm;)oYr#1lq0;3uVRz0RZtbg%bDVX-WgJH4iwE3Pwi=LN zt&};hf7~Hu9pIroLS_u0Nty1aYr$vR9bj<>PVO;!-$UX#0phsu0dX_RNZ`jQ1CyS0 zF-Nc2iDB)E=sh;djd^NIejZi`OOqF%=FR4Qzncs`nfiautT@ek1qN20uai0PN7B^B zdC%C6{@Fl?hwMQTU^7WK;>${bTiY8CZo3;B1H#llQV3e|rbUnL1Jd$-C-EZz!oPIt zlQUjq#0pE0{AWRAF$Yj(^?NH^cJRmt{*GSXuOaW-ud#2#% zZ5r?rKn%Lwyc9CJ*5vs18ckk<>Uf67xT0|>5)3rBf7gbZGenxP%YZjj+78dOJUQQL zwDF)<>fndIPVmr0=FllNFxoS*+;j)QL5%d~UK_JEOe~y@>xKaTs=I8POUj|BdS#xc zugoGw>PmJlhEpun4#0RF!H)f*@f}Iqi8q}Lzb>F+wb-xK7wm;&)LJQ9%nDx{uVQ;w zAsn8l7On7x7Dc>X?^{JwVRK1mG9a0}i5j}$OKFW%^OQbgz=)~(28iZ9a+S8w6377W zTlKhtJaK3*7@bxI5lcKYRiJKUF%Wd@pzcbvF)POmdwy^CVCe1Jc_7)~@v%%03)OSj zwQ!MLsd;Wd@pum(I$pKU%66CbhG*l^vMZp|kB`7xS{wP6ENwPwU*i#ty^-QLZ7yqd{<6Ardgx>3EJL%f(}pY#<6&5M8ezK9Vd z-0{+g={4FreVW2;*WcF+to09x$2KNzy#=|cEwb+t7d}&|gL=fcJ3?-A z-bZ3I7&QMS#SupZ-;(R4ew)fFT)+yS6!%%w$DnQtIy~q2qY%ImC`{~YIJ;Hsb4cLU z=hVVxhKyfl8hq$!kDfI_uj>C@>*^PfyixN_aT#ro2PB)^OfOZhc@BSFR9NS@d^gBhh>@kJABYan zA%4y{k;}vXqkO{wjwtb=K&9!A;;t^J=^R!mUlEu2yHw4Iz$QnNXiy@NOW)H#M7AKC zHCBHD;GpELIid3K{uTe7-uLQ8>vlKdZC&xqB^iG(ckRt1({G!d z&@jAIZs}UI+|@RyYGqxhdsvN$QO?zL-;2EYXDJ|=prwB2c<4}IQGA~L>3nJ(46+2eYb2r)nl(+m7K5BAMvad4Y{}qT)*|3Q?mK$wbNt_*+~|j# zLZm(M-xChMM4O`IykQDmSGk-5y|^s+^ok1&&XE*|u9k;X8o!L{#o>A; zDWh!^44QuZ(g=0-co=lqxWshbN)%ncMK;8LO+HVeE!;}jA^_Ly%!HnJQLt;E_R@U7 zhJA-4Y6R%J8A_yDVyB^?1WGYW!TQ9m1R~-_9NI>D7(Nd=%@+%SPUXDUrzPNuX)k|& zFs(Fmzar*w#)b4D#x9$j@v>wzjpQ+EyAB$|7pov)dQL4l{)r^ zAaNN)ge~qSs38`0JYs+dWzZ2ITHlm36wm1M{N1^vwHwjiWSGW0o`S+_s(EngLM9&A zI>8c+u9y0fe!z=%jqCsYaARLf6w$i{$1G$ot%b!^b#C!-HQh+znpoGz%GH^wur>uz z&Mv`zM#%Aq6^X2(N>MB%Ks&?8BjLSb@vP4aAtxdreB+6~9B;40wALqsor@LmFA?Ex zmV%#{N~TvU#LNY6wj9r(gO=yyJ@3y@^ng+yrs-CdKUOn_n0rY@fj>76f%xvHrIO;7 zV-iu}`TkUwBMjg`IO*rQom1rxYeg)^vtiw{IqkZC@uiu=(!<13SSc=sxjb5{NeVxD zNLfX&gZD6HL~_;PxHJ1+^L^(-4LkM+tLrJsIKK0yYOgW1xD*o=cy(p*Yen~)()WhJ zuXF@#Vi{+Jg?+WfXVWP!Tc&YKcNGDe2}kl8!k+KB=={fLtB*COhCl;JNPt>bCF}-8 zn@3+N^h~y0fVjxAHBYm#y*N%RBdbOQL}HU_qiSy0>7h=#YVM$ayD#03&L{5?yLeO( zv+M?Dd<+HjQTqV`2y9@4*$|$l8NT?bQ(Edj`wqcB|Jit{(MPa?U=;K_X3m-5TlKx! z^{@1}SmSvfz6Fv`FiALj=@H4+Tm9I>9_L91DXnLZ1tS5klC}QaCn;19xgbemvfjCy zyz)`h{}qLJ?h_ILOvLzRnFtb(2#baCXtgYxD6O58TS8!x_b)NB#IUUT~)`nZRsoNdhePgC4;`YNl%tJra;FZ>9yv#I^d8BRQR6khH;rm89HR@ z=a*u6kf66Wh%X>~-*o!N$u}f*mjk-Ua+Wi&c%hL9VHtqVfVTw4Gbe9(*d||*n5;T% zoc64nyni~Gww{k=^cv*X3dkN*73WtY66cR+!4~JgH3dK=1^Z3;OgXIZI~$B~7VJ>k z8Vxh`f&DOZec3S6hZRtCzgo=Ol!^IV;ca}9FJ|&Gwo>=HZG4U!$|OOCw5kF}yzJ4N zu837vCr>kY2c}03=?VRQwOFN@x`iVR58~NrpgkBY;|Zl2RmMSD@W2KMi7yYp;>H~b zD5U7K1I3_LiN0DK04ziXDv5vpTBQmm2kAm2bjUEzylcAOa?nNosU+AL8C<5FCe;Fu z5_W8n$AS6e1TJeo4%Ba2{3PR5&467>L)8W< zxFz!cM|N+i2OL2QT9B@(euJ!k*-_vPMWybucwJ4Iy(f57M@x98$4UaJ;yK+rAB#^+z_SVtpNXAWS}HP{#>oK$Uosjq`VnAuyx$0^9B!G0Cb%P%e1OrLc z#Y|%9Eywj3P1}NiHh)8jnQ5|I!HFS0=ost2M^~d5{leC8-y4W{s{peJ^cq-y zqF+t>jjo_Hlx&@D94rA8VhnovaP0Q_}nn9yD^P&dMs#VjB(p$OuYD(>!K7xdTE(4Dh8(^J{4x1*4NnUMMe z>4vqlq`{tlA9r@58#F7Cm4(YDWI{4GMNfK+I;}kRNqL7G6QXrr1rV1t8H6=Tcyo>E zvjZbgzpn54J0Y?!q*fnstkQ01aeU4=D@2u4Xi;%I}O@ju4cnSDq8e_?tG% z%=S>5g>zVc`*{j81LvC+sV>4|bVO;q7T*DC?f4GX!DPe1f&=Q{PD5a{IFTWLhkhiO zPSa1e8R0G-caDkPqAQo2@e0M@dNSFnis~iV(K;N$;hA^*s&|3#Pd09 z|2;G_baJ1}=aa`jo_G#}Z<>d@01;2@HVhG|6Ulc^X`vE#`Dd}{Jz?mq1rH@Y;xe|Z znSqSy!>K>}ie|w|-_=@urI2=uix^?0m?oGi*Z3oWR!fb-IX1jSXyR}sX4C#n3ML*fcq+rE*|;)}{33z3&grm&D>Oa|Q)$r= zYG-!Sn0M9pk?V7C|4H+?i+phQ=i(OdV5>3S?WBW}=5fAPs+bVIr`CZQB>qL7jMjOXE5tU)w3RAgvKbYIt|@S53xf@iLgYZB!E)Yj^FeV;3KZP9 zxo_(1T>zFNT5%)!g?q7Q$Jd#rOw?d!a%KaTzC7)Yswz0s0Id&M*fHVLY9xll`8i(h z85z-6W*TdmMuu8cLvY3ow!eR+3Nr5z5=sfBoAJGDy|}H}hl=ucIrvPIIMfTse)NO{ z!|9!T8pNq&?Q7BeY&ZQA1-Ljhno|=yF>=~ao@8LMo5QNJ#HU%$+gLUMnZ;z$7GwSC z>xg8t3ezANk4&f_*OuTXNJ+J7y)>5Qh zjlo->J%q3EdBiohtnmx|GU*Too^N7k4$4iL49Gt>K_Uea&#i2^%s z{EdycIz>NHH5LZ=dDn8@Xz;A?}XST``3*y1F_z|r85 zlv3hzr&zKvtIY5b)ygd@`Qv?-)={*GJW*EN$EfE{+Ai2jP^QT8hYE#0La*5681cAe zr91&SMfPLGlksRjP59_#077}4r^VH=r&4vAhX`tcr_;ZC6s{o3`<+J3USWgQgz;0g zOjipeLj3ZlW@8D;$eRCb{dmWk?-WD5~BDa>y1k=!ZdiQ*3_3gvpVk9BIxvY#5fK4K{~n}^*vp_*ct z9CgWSAbzYj8(!w7_||}G1HHIigB5|%xrLRLjGqj@EkUAx^$6jE@zoZC1?9f9U|H9} z#reI!=2%g}7niBu;~wEr0h-;-O$avm1)Hgno8xmkYAw^Fk#xp$10&u|G(EZ*unY=5*GUQYKH$vyl2g$5*#Q0LH%*{R|hZ0-z7mdrCLPat4Ae zrY&O2pMOx6*H z7#bCE$Kj$B;Q^1XT+aSPG&CrkIHUA7_~a$tDQDoiTE>5Czi| z55dAx6zJHwh@I5pBfj{#Cg|w@uDll><+Raapt1->WVkr8qTOI~DXw6#a$=w%&Z=yj z9CCaCgQtf}(#1hya9Q*j={@9ol6Yo$gq)Ht50@lQQ15}^yd;omq=SmiGwO`gBTa+r zvEG98NJ3*{GWM+G2x&f&ck<;}bE?eqzk9b;ip*XAi~qF>ml?x7(2OQr*Pj zT|H3POa%&;P4hmSrIW;u>sW7mYqq{qcV@#$0@uLx!fj+n|8f zm(9F#+6Sq76wPW{0qnk5Nh+%eBTzNZx{Tvy)oQ>ggcgAleHW(qn-g_F9?QNz_QS=z`^W56?mK zd=4HMGzKHZtOn1%)s_Ax$&_$eM=V(>t+mk+%{GibbT_N+CkyQaK~sO>gXf}|naX|7 zKm~&PPxOVe^nqVAs%RPsEE%Fi zPI{QUm&7`pq=k2KXh`xn zWyLoo(xfMPnqVgn;aQy+CL}eF7d~my*GQ*Q49)B*{=hy}yc40{SDdTBT`d3_m;)8( z#C8AB>cz_=I`3)zM`4W`3yZeaNoY@AyoekUI^0fRS09te|En$vx+*1|mXbE1BPi?0 zW=oaVjgl->#zn10>=z47`;jE^n!=w7<_xy@QrV+7lVzyu8aCMzdoURwMLX6`1-JqRB9}daK6zA zD09x0sAHwlX^;vM`=|!zImcnXuYWTF8|(-z%vdjp*;E5#pCarZ_W>WeE5{eZ9%U4n z#YZA+G}IqY*)8+TIc+Qvd8PhIu4FZ`^hUL8C>h>o?=iA<0kt+iuGjCBm}+x&L-2k> z7I;s`ASr%_7>~%%I-hu#Wzhw1z788Sb_$3m^wB{-l((rsts7^>w6$lkjvus#*z!VP{-wAdaTyuh~2Na;;DseR^9Npkf^ejt; z^_yje8Z(fY`-1w86i+25df!Q8C_Gf?$m!onu=Hk=BzT_~0(p-Z-)Ym& zND{i{O+Frswt8(sW`Ns^cKT+{FSIxs{|d{1Eza^fD7<`{%SMv8B%{@@q|SpH@WO1f zU7uPOLFk0v)SqBXoj$(LGLha{0miC(u#cYVxx|wyZt8kRNmmg8R_BrC8tEhif13DU zf!(1Kjx;W!bzJcfk*Z~q>>;A%k>Zqkt)y9dS5d>bz&cyakV-NU*~t-~Gv*O?B`KFa z>A?~E2sw#>Plfj$0dUeiSkk*q<)ohM8Sw zz>+uTRS7nNpMFA^LpKKE63i@eJ9mDx9?oM%f6=t1qWm?jqJ!zup~4Os^r;Nw!eQ*8K>c96`Fwm zyp`qu6q+pmRiSyFbTsN1@b^_&;F}fagbn9x^IJ3$Ix~ezaZ445R5Zv$8Xo>aICA_z z^apYUp(km`kI3Is4Gp{h>1v`#O#mYyHC5fz46ou%`nBtZLAMWUWvq}JAO3QvcJoI5 za=LQUw%v|R`1MQoHT=f(^@c(3dHb}kGxqy-`E+TsIy^V^SX{pJ(6f&(M=iha%=A?JPC%k>+g+aj*3H{?#y-rE zF~PbYD^+taV{ox<*q#$eQp_vjY_ zPg40l<&0{V;o{qhd36EJ;Jr%}FCUqMyBDm4VC6lmQdjQ}im&B2=izsK$Zu_*2xDJf zeVn#k#*l&`9sQk9&a6~Z+b1D*a|ieB=Q4D}Gk$G^GicC4IsAjn4?;@Z%NP&XPvcsq ztC#lPPBMPvPaT`LtD9eC7|2_I8`Du*VUwmI$_5%{S(^uslRlOiRm{^d_g#O#*KLG4 z`}}`TB+G0|$REngb`6AK?))C}?zjFhEh}LH-ZXB|I=6-FjIvKb%QpYb zXd-NXueq0hyUgFN1Y<^h=kJKyYvUzeS+4dJlwW%uj+|<4)wpjvU#5G1e7U}sx~|z3 zfxx7JbO&2#vdn=gJFD0H*FHEa6gO8oKX{iRsjw9BkBNlRR^xH zBzVuR_OlQ0TI>o38LirAZM!mWo0mF!FYWjt)?*@d+qiKH)))>8*1O(8k3~a#<2%t1 zgE;qR+2S;{9<*O{>fUkrLx$Ksx-flUQ_HR3~b|^Ci z{D<)`x{T)ZmSj_K;occt=bfPyOg3(p%su3c>PB7A%)r0%e|fd0L;JV)+izw$&iBgN zZ>GOl$jZ?gmf>JX{)q7V{x_s);g4U8vP?Z*1@5@| z61r{3N3fPFcll_k9&+#IYwdosI&_lZ!Ut5?(XH>#J>vT)glrz z9p?$PE3rSM*d%4{$YD!{3=ynut>dKFyba96=S_{%r~Fz?do7Y|em9@4n5UaR>-hc_ zVwDF9JlX;YahDFGt^*R>!x0;^cU+6+p0aYRh-#p>U$XsthshB?#hj=wN%T^>gXo*M z4rmdwOgZY&$R^v%_|`7pBWEt8^QTV2;XE0V*q!o>8};Bp!LP6DdTD>i{S`RrlMM;# zpHwpqk*8#YjDUs>cP2w(6yaoKfkYD)zzkb<7+zK5@tD7asDC6xUAi;z{e`1hrU9KwQ(J!dPy$ zB9{ISI#c;>?fHP|A1(rCDR@$-`VMp*c=)g?xO-bjyBmm%H`q$^9KnB0UNIl&2qP3ysqfv&u&EIXFz4kbpxig0d25ugG&MECR}ZMIq^%TR zUmrTxs=MBeMfIgKQBT&eeI5Bw)y&NjN*w13osp-kV5N&T^6%o!H zUJmIPq$!6AH@YFt1&7~3oFA>x#s!XMoDw!PsD5zgU~)Xc0F5P;Hl&^-A|iu}o`@WZ z(Gw7%TSF}ty~m>vInSJp(E@kU)b-%%W-NrxSs>v4!I zg}%QQthbi$LzX?eQnXc6SyDxGX*CyE?^eL0UsMg%z@seIAb^1q;P=l(5efTKNW`h+ zH;LAMuSgU7iO%)hCj7*!z?e;e3kSYvyewWB$v*z~tG(G1yf24~)y+K31MddeBQlIC zxbhxM*I+3zkL-1@bb-#Q!7{#S>>&pxU5CO`d9s6vs~^R}9pgHJedl(3 z$whKJ6N|U}zMx?7-l#>+5HcQLCU;K+`PvoMACtG|oDUg{^8IDTnt$3D^;K!wq3+@> zgFNW#a#>^)(ZxUaAE7m2Zhn-YD81p;99LKZI7q4rMAE3?T&3|m9ei`)lTEu&IRCCLfe!Y3DB1jF%5j5OCbO4- z>-h0PCgb=T4z}h%^hFtVEH2izVCv5cJ=0A4+MbMiXt+tf>J z9&Mv2-khJ?!yj1To~OmB*_1DD5JUdFLbLq~@vI(PHKZW4^LAEf8c4L#}q zK6Mlg88+>V9n7Qt4)19HsMi(FaL>eER;7=lZ`zF5&wGv7jQK3DyWNuTf7ffN=ZM<4 z$)wx9a$Mfy9!Gh5%u81#WaZKBOx1AER0 zX=|9kF#1i+CU|T%|0CL-kwtTVz^R_xUwSuL%Eg0;$v*=0chXa67P&Zy*p#vO9o%&1 zy)2z;mzi7VVF5=|ByHt+a~1n|(iwP!%y2#L&_-RZuI6O8#-+*1{*U6JW9N`r`*$T> zyu>?1@e$#a;oH?ty8iwI6}V4l+sT0I)O{Hvz94FqJCXgP&dxUte+p2?5Vo@iof^Oc zIzzSml~o1Y!j4pO*2FY-z+INMY>YC5a@^yfK)$5Q5T6BX;}v!5V6h7?Wb0c0aMWHa ze+|MZ2~~treFBc|;xg~F(ZnAG(ZEX4sL=wGz9H`lBs@ZqVXMalHmHC$-z@@p7j7?D zpFtJ}R+b#&hZo$@^CY*L{p)LtEXoKqIOFZCWx);uisgN+z2Q?rNns-f+q_?J=FSm$ zQt6ucKJkpkej$}$5_=`#1f^?(E@1x(T&}2Y1rc+m zLo!0zs2=cY0#-E#s5kPAoErkg zc^o@lnm%u+TgWw8DZ3c&>SlQ7Tna-PoKi1ziCD;0-$f*CeR{m}yl%T)Saxz^muMt2 zKV!pNb5+`q()a`>J?O=O*S+y};&U)P6XHvrr>p4SC7h}JEn+^8aAJV5MK=S>%LspJ z37qp71zx@W=G4s6eI3Ij!!h4t^Wn#V4~fC15InRcO+rGT*t%28RxEu$0Hs0Ng8Lby zPH9y}poGq!f#`)vuN^J0E3(na04e)Tf8iR7ZtB3VowXw-Z(? zvhQc?{eay;T|89=>dvSw=9LOe68(ds&_V9wtRs6js!2%n@|W+6m78=ouk{Wbrzp~XbrD)t>1dw4{@MQN^_~@?C&5OoGy_#;R+FG5W`L8 zHh%uX#Yd$EJFnNSGI1F?5G-K+cuA{B+w@K&6e+`&I&u~?h+bYigIT&S zfr-n(;giPin9`VpL<141?1+k4ENpHPTx(|9?||w-M-ylETtM4GiPs4*$c8K0wrU}A zY_0+`btUqM`~nLs4wA=B)$>%lR27u55~kNI`OZK=VYIZNSMxG_A<% z2cks+GWO7%j#GKZN7ZZt|7f zjKC*Z?vKeMU6usA9AP(SCB*DkGw%`!5rF6`u}Jo_D*xcS3bM+uPRcWn*XWKA>`!*keABWisQ+OdE}f;jV1i8lvJISeSd2c=`GfXHOEP zhCioj&K@E|Mt!qFQc#*6A5ey)z^u4_TdhMz9ogR$F`RHLLKG=wP$6U#(heJm1}!Vp z_^*P(L^g{IT&0SX95j>^_bnXN43{qj!pW$?#A(U6X|U9KsyTj%wc(o-9k?9R1BJx< z)j2j4vI{xS??lKPNqs^|lo5Q@o-PP$)twK?6z?0Y$Qaj{=c8_(?gjF*1t`;D(}Kz| ze%hufoi9N}uuy2h{-Koin&+e8_*J$S5cEr?uoW`2mX_GMOO)~p?)NCVjvvyW6atT! z2QoIv;G7^E!MspjSJ5CleKEmb;2Q;%~^=3;OnQ zPF~S?Xf2oD6&RF2h%BIa8^S)>-Cf(u9w|9p5}4SRkzU(egqmeeAde|*8~ zIh79X{hDBh^_aJpb$FtFSFN3bP)kfq5)reDT+L|j`g&n5zN9xMRQW;HnD?dznoSgp zl3Z=pe>*N^;>%?AEe)KdB&d@yaR?tI3aXOvBD&^ExeS4;`!=hKaX=xcz=#0_*}h(z z$y|!A?5!MmT;KK^qAexz-m89EUzpiO?f~I-i8o)t%0k~s*eaw@xLU{9Buthpr8!ac zPgs)l3feYFi%4=&vulJUB@f0XMG{7+n4}P4qFcp7JWCVO#`0BFE`6c|$zLtB2{sDr zSlHhx-&(!8y&kd75ekG@WVe*&?-9(aIym_{Hdba890 z;5|oCa_TYW_8L=qqVJ-A8cX&VS`#E-tX=B5+L$8%Xw4BADZU5aNA2XF$?)+z;$+zT zn9g477pq_FcakBYKc_~Cx-&oy`Z&5_sJk^8b(ZtltT`%>>0kxo=*B3}p9}Ha7dZ2r zM2@Mc`wn$hC=V>&9xs+Woqc`74rPBp{3Y1WnlIJe*Fl$dK;1eYFk!(H`4mj(r2Mo2b@IaTrO zNp{H7pvs4DpF$hO30rl4wH9jW`x~aYaZ~Mpf))rHA}SRF%hw_0HN>|?u~mR9=0W~Q z8nAzHM4l&yEK4KUIb|}Q1AFVUc@svl6LOuWTAjrSQ$K7SAUYGn;;J@LRKw%ijhrhD zrGPXcgbn0j&UY(YY-c}BXK`p|S4n{|zLS}aM(Z-KLoYXc2f2pl{nCZF)){=mJ!heyeE1|@5LDs61OI;$CTOaS?8XE zI1jzr#K*zJVRx(euo^?7VxmC8j;K28?xMhq)Yn?>NkU=P{sIX5=0ycbS|O@4sD=t9 zn;1*LvfIFBcP4li0SnuCRk6)Qd)voHFQTtsXbYv%gjR0oJ|fZ<0dAhdR}|`s(7ree zM`ry`#s!~nUzm&*M^X%7qFgwA=R*<^^i#JKT-P?XYuX>NjK~itHP&#SqWPQJ-bQOB zD;Fn=IJ#bco)ULfq+1#9dbVDG{p%*oslVcjKo;_2S%{4}K}mFkP)rl9S~$!0I2jkU zY~|bSh<<4j>UR-4GE>w_P;kXv4T#IMYl2SGEDfbTUx8Nb9#nbOqEnzXsJMvr$r_}{ zgvoj54y zN*jCq_c0c7HT(~CR))R_3YZ!RVy?xBAg(27&ApSe&<*I@Sv+I!WKu6`G$hn(W9edD zwj)TMk|7wKCR@w-zpqmcuiP`*>uN`I=ZZSpIi8f+PMs4%n30JOz7}5VmzpK4Esy|xzbyX*+darvB#vex~I}~3rz(Sv) zvTn)bqH*L99;_r2h;cX4Z$3S%m_S(ZISfuT;i~6yP<8XX9FVa8tp-s0md#=3Z0Y5{ zI|rDb4|COHmO#S5vfu>d4v~mqX#$HaNv%T8CJatqSJJ?{>XN1grksl1eMvFL&3|T)kIB0Nrny! zsAW=NHIc;pJFa43C^Ct7tSW|?8dernuvg!J9gGGyK#fyjSz!%qti^{;|F@Whg9Fvc z$v|gR0f!`Hje^IzVvOP-#3^zQEButY4fC*S^=7u~&(^4JK zzYU2xM_MM#9T7|_6eO$VYI!k~VCu0#6LxEnaYGs*k-tt%&H!$vI)nD!@NY3HSBHyN zYTc}uN_M_9n3$`__F^3_GLuW!RtZ6W^Mo7S+GTi2tC+AlhlkAq=CArYlb${9y~O1= zUu_~S=GfF22i1s_?b*|LS<8>aeH7I*_eb!|MKD_BRLZ5KysAti8GaJysTD0Ya{Tl=GH%V7Ljy}3;ebdy0u6%{R}02--w}u^{1S z)SGBPssBy59!18Z$R8D0Frxl|m!3s9_ep-KP4zo|PV-BNC@FVIFk}YN%fQ`7iC-}0 zZ?pk*Cj6gnF(GwKABxf;RAwhcc4Q8Un-e{m@y`;S>x5AE8sfAg&&c8krzI%q=*9`6 zCrl1vW++^}IIcozx^Q}&wtVc!Yso2a$-qd$9}d+za2kbb zfa3|0G8U7-*eP?OD#O6wP{4t$>;Xu3&SvN&Wm6X7BIS{lmb1K(G72DnO(k0}VR`n_ zVmO9pegv5>nk>RX4>b5w6e13R4T@GKl@&|;4F)yOKRi`r6bZSVPs)2i@v*NYVhl!d zERg}xee*lEnF~JT`+T%sxy_2XSK1|Zu)y5_BmR_uDCcr|NI64`<8f5+T48|0Pu9I+ zF?oy^f@1eGd8S!AO;FyDe5-%T?&_L*BmSt%tj6dNT-y1{N`7zchX!|9VNP4iy6Z;c zR``t+y>ZPFTh?;TxlA!^xuS&|Ehe$F5!3WmkgH$bYC>dkq-%e5r=qoim>5r@X;rn6 z3Ffq03k6YZY44Ghk~Woab5+{GVY1F2^Fi%O!@~lHWAn}i)POY)2u_U4Ux?JR)s2CY z)6hutLTLwhjQ4$w)DdbIAKFJ`WJ3WJC41~PV1XOIM2YW@Vf3dTvIW^Vo;Gd8l41mV zpn7T!xbf|WD({q9oXS*t8hH4Mk<>p-xj^YT_|(z$e=bwJ*hhdLo*zZ;J((B66(^SB z+A(4g7m*%0J0lY1Cjl=Q?{rfV?0JQMM{If0811#5j0%S@%TZ_hVp0K(A%wb=ia;Ro znZT_U48Z`_fP#d!BA1;a==JlxHgtL96PZ7oX^dP^1=fNaNo{LMtitip)0Pltesqo| ziul>&!8onKu`Q^FzG`S+@+?pc)YRIcsM3zbK{6OF3=|k&o{=HfY8!kgaw!p3pq{sg zFt669KN>3)N+_Vayx*`L7dmrEDD4yQj-6r(`W<5m+Dnzby1KN#rV8pDe9_8l&=_}} z?pD*md_yn%1f8W6?cNd)nVZfZiln;@{vtfI(1_VLo?vt58esd)an9Boj!zHs$U$(0 z+BhZRv4aOM|1wtZgcoO;^G+MZ+|tolfI7bEE<3aIpKuhEAH3L;nfv=c)~J!>^iRu z!@)@7L-i)1lF}TKoxW{7uQ7O8VCpJSlMV}Q43*Q_08>C_Fa<{fl-(*+qxoX~Hq(Ms z|Cnd0z=gC$*$pI`j1(%Tw}OQ-qVxg&_E!-KZ{aj?MTOE=Ok@lk3a^(6n+g@@bX==% zFC;PeHRh2~Wtv;Aely15dbYJhm5fOhhj{{xC#2rL+6^i*=g6eeTF9ar3m?khLWL)r zn=w_uIYLE{zL6v~pt%1;Dmp){x-3f&YrSB2xOcx?+LHBY@XvV`=26RoQ&GtPn zD&k!P<7KT6akNfo%oE#Jrqook3{m7lGouqVy53_~w{MJv4(FeYM5Bo&w=E*u#9K7w zSh|3QZ{lDGPpzfKg{teOimPAP1Dl_~cDE?R8bzO+WuwLog&#^}M1!|orR|w3<;dc) zJO>NcY)F9<4n8N zH7$g8?s_yWoRt)P(%8YFt&Z>S`;W+CJdPN96BGH5kGoNf^A+Xwy-uJSj?)y;`T-t5 zs{pZqe%6@8@sUpJ)u0irR8WCr=~=ag9jW}DV<9VKnoyvIM$;ur&m7a2m zOt`oj`waYJU59S0O$s|>F0e0hx(8)bnd?>iesznQy{thpF1eQN^+gfg{y=v(M>NuH zpLQXVEDF4MG-7l%)dJ&ttO&1n`QPA&4Iiy18TK(gjAS}c*t@)sSAGDAIZZm!X4Nc> zss~Gr+Nn^Ad4Ua(X|lk;Y{aF+j(HB0ER2tl0So;w6K4{mQqd@Zo&YF?{uxwXg+j#Z zj8z1u?M%oF>nCFxH^XlhqAXg1hoW{R7R(K%%vuEGLr6O((wkhTVIb{hsMA=3fw-v* zx}qhWcU_Ze9c-oq#SQE)`mnROmM}E2?E2L3aqNTU*kghS;a$a2X(jPg&eG>`Nxpxr^7I< zwPdT`(b>fa#fPo>n4|-xcrI{UwAmQ79x=F--p{u6P#ywdQ&{56@O*)z9*)ZH`!}zm zsZsxJL;j0MKRZm7(r4roYdEHqd>_QRh?ukBy5<-7^a_xaEc?&HH!=U)^{p%5qSB7Q zqX=);udlq%zu10PUu!*)AH79Ych>hsWSO!4%VV&(|eNH)RYc-VcaJsAdIine}gyu)h98SC%l;R24x>0-Qs z*?H0bF2-2AHLdj4LlVZMH$Me3Nf7Z`bcYRdFv{wL=2B4B4oW?UUls_lNjpRvFPbOl(lH>txf0h#kI9;f#4xXUV~j zdig}~C+>T6-xnb6Y7{zG3qrnn8s3;9fF`SKOJqp9ebqgd0WA}7e~#UgAqcb?#GLao zNyR&pXLpUJ50Oo7-ltX1yge?nY?ljzA#ci_9NH-x;EC{OF-e^fyBA z?^q*hg;-&g2<|E{CYk`%hEX(&w&%ikr1+PVkW8*=AISF2cnqoAnNn(BZ#o2*EqF%l z*5Zr$gmKA}PA~c*zr{u`%06@VbQ8VW%P^+!RUko_CG*D~;P# z*Q-+&X1Q!ERu(`CsHc8WlW*|`_LZS;|a%lCo(c%W*OmnNRfN4uHVhc!1dW&0s z#Bdgqa!jj`7?WCb(Y(6arlfoTMX8?@_t@BxO zp@eHT%aZtwG<<@Gs=Y`pxT@g?W9UmTKMlqdO{tm+bJo->i=>@N--B3|q<&PZbU|0Vs163i|t` z?wR1CZ)Lhn_jbdpZM(M3cN^~G*-ZZxr#4$w`>%uU-%3ASf1g)fWqx0E`=?!Z`SUi- zww}~uapCf9Lk;`a=%_gK&yA!EUOWJagUtWeTpTebd$|8{N=+5o1l0NwEG= z+#*ch;rHrWkbccdb*g*pcWahziMbKqhoOf1P#F@c4qyh^IEkqH97*bELIfpq3-1pF zv^iSHUVdSXJrj9p}^27wJjhNy7+AT!RT&qs(%_$Xm!tFgCZZ>nXC-CZC8;w2~}wz zNrWN@)3i=h$VN>~t@s=9MGP&3u9jLkL-eF&t=@ZOl{opj*BnJNYYyQ_+ak``5 zuS=U9BF3e_jAc99kbk5cdiNqI6wzlC*07Ul>5+N<*6s2O-H;2L1cjkZ9YzElPBc7h zh>0UpOSEI+$7%=tlShK4+12aiP%lB|{iI73Kg*?CQ?$p9lmZ{UgaJdt>|7kIETO!7 z7N|&Ii!lFe;Lmk@NT@hRdPf#P6&>lWMZ)6U!{|2GuG?Y8HnY=U1m4r#jcvc4-Dnbf zvI>XHDWA7Q|E`?!O0ssWclbJ2c#S;;p?OK53!wzZ0PK8r6pnMIn0D_UWR&nu9yRVi zeb{|pifCtXdi;x7G_g>(fuc*57nt#Oo3(Aa$_I0adw+*GS&$&yHov@9Z=qz&I9)(x zI9c!@+`8@JO&3(heK|7 z!2fRUt*Cx475cM|jiM<{(6{eda>VOErsQST7Eio|Aux#WW-JWEA+xoz6egr6bP$(} zf7ScIK&%u(@fzjig&QljVIA^n!=rO-;?zyf0j~UC+}%@*EbGs% zwr$(CZQJH*+va?e$-no`AoCy1!JJm5Qco(CN6 z5iOk_5JTl)E{80AeLnaEyT!=wEiN4G{L3vVa9_`Ex9F)YMgyS3kG=*9NLh(IB}Xz( z%$m`1ZM$EV7>9WEZqD; zMLc@zMG|f|kuDI2X*20X8s153SgsVHc)ho*S z`|Ot`Og`#TQA|uBD0%_z4wTW(nr}oI zbkr_1$*>4Jz*MECF#s+HE3srrf=j2n_&WO72ZPmnYOt*@Z*tTI@0c_$qeRm-bm432AMb+ndYIv%wu-Y-0v z){eQf8)O;kUk)GbQ+A8Jnm%Y>@HKmxC0>uCf&l_4bGcYlZ7u?RFD7589N{ld*9rpW7y?akFJ~tw z+-#YGIha`m61p7p7~1dmQ`%ct7p+$sX!<)ei+rG$0CxHSa%rxHVMM3c`Hh>?pkKlE z^d)ZxU%l0rm5W)*xSLN${4Q}?Q~lhHVf{-}g+XUpceF2w{0g+oL}QB3bkO8WlZCJ* zD0YTBaAsMd;2|`oe@?yne<2UX`0+y1A9C9k!<_n4^)Z?Vsq0H{ zki~Rm`I_8I0x~OwT0ZbyPF_cvyjG{|YK3)as$i5Oq)24tn6eLah}!aL`L-y!48l6; zzyawiy&LtAO(R^T{lRWb!ZdF>TnhIc%lu{xw zQ7zE5iJ@C@(7|zKiRBdK}#5dxg zlNgf$i5|ogoslVa++#RUC`z`e6Zd|$^8+OOSk_39I4TbIu#}y|Yl6%SKU+#<6oa%LZeeELZ)qz*czb#20a&v1S49 zKWfNL`id<2ED+DbG5np%upeC3ArmMXbnH1vTOpzld{Y^4Y1DsAN}afMO{?s85P42+ z@uol-U8_${>b4qucIs=#{b%f{!3>$+W;=q@iI&5u0Px>|M%8pkYFFTW3qZBw)M~-0 zw4G7an<|%4y_xQ}LrOwHDye3Y>-g*6EGWJuKn6tAk5wh1b0D~8mby!Yyk+STI|4fw zaH!~{Cshnc#;N{s9ZWp09ZaeR&lO)FDl^xys=lUjNbgIjyF!5w-0l$-GSTp-A&Ws} zd_3}Rp24aOxiIxk#%f0M_KhKXb_isXoQ2I;>h;>F+#5|{oqP7B?4Ygwd8#NTQM7o6 zmJK7x!;}WBU)WUIt$5o}2_5Ut^JNdSu_j}mY&5cfn`Z*7#R2^hu}SGkj$ z0eIOD(~TT=S|_{Ply%3%&M++e>hF}?h4-4@T1BY6%*L_RR;p^ghy+mFfM;Gv zM*&^ga;Cm5)3A>+yz!G0D6IAwkA+-R?JaugTwoS9?uZGedaR`S0bf8&@V(*?9a^z7_f&-F@`V+`XrH8h)MF!6vBa_}vSK zdMg(j&s%xEfzWqO)*zrGECD3jZ>zStuc5D6=2Ov9xhFV0K$7VLqUt#0b%w;T+U2PK;EZb8{v6q-xTzq$^``j_Pk#wGa{&UGmN^ZJAe=F`C)2$ zSDOicM@N;|z*(=?1uU^J@1GPDA1*LL9$OoLgmK~Nq85hH zIp{@qawvbMWRdKL4`ot29I)I!UY||mhim6m9)s%(Hw>HBUcvvOE%4!JVX5B&^FCUe zUw0lnv8|x#4m&!AANhQ1T?M91KIDTFZf-@lbM1B4$V{p@w-c`vGW1I`%rTXr^*eA# zYoGnWY6EesjAR?iBq5(gNwr7BZV}u$t;9*vqz6HwK=zC9de$Hi`O)>l?fDL7W|~jO zCO@Ih+I7-eYk7BG#A$6}K_)@aSWiJg7ip$3PoH8vTF7ubuZdwv`v;2x?05WDhU{5`=l zG2L*uoq~wosI>hm3tqNhkjvQh^Fni5%9nCv<`dl0O@gy%wl7y65)|1yq*Lia3bA|k z=Uh00_YBs#j?QRrVq@JyH=v?J0P>nKTP=5tK3{=$Mx)VW1f9jiDek5h}P*D8u4VcD|ZD)>S|HpNF~!0U&j6-?ALSR z%!ohyqAcxk-&jVCPYaIZ$b#mD4I*$Vq`_F-qDUxzz@eV85LJ=G_J6K=+L20PePV@h z;9?5k#LR7#4%!{yBxDSN*#pp`D#Woclwui$Khea^4;dTNBhENedlaIV{*MbU zKth0#Ho$O;x<$!&&~3THS+_e(In#YLg|y@e_R5@*(*KNAGO7d$i62_WR*5G*T7Xmn zkYxGt_(_0;6nu}5=29+QTUgRVT#5G=pK1*UHzlB#9OxL z);+_!xxS>i0)o?Ve4p4CqRdDGp_{c&W8FwnDn6@?q%83L*izx1cX@BwB4_Fp>=a@cAM#|Rw z^`xbUoL9>wON>Yj`J*I*mC<~-5S?tq zJQ7dw_<_m+fv=WcaI}gOdum85#Pwy0xIN-c6C^)_BVQe0f`^~RLH4ENuB85RFDYi% zn(H)WFp+#Ku-ch(U%Z&!;EA@w123#C6`smg^w=@TIzp2w-}7Ls1QMZLu((^m59;sk zAJdK=SoR=vIhT69q6$+E7g?%1^~nlY1fW1aIHbhJAVth8BorgU=vVVA38WKUkvyaL z3fNWt2-sN0ZR}`9$Mg!=R{jA4ux{qCf?_fRktvv=7ViFWJmG^tQUaq-DAG$(LZ|z` z;RA3L$RjeJWY?t8`++vu&bloTb5$F;3*cT{8R&A=^W<6R;0aqc(8*+C>K#!|9JvmB z_N@JQTsWifcqVhnP{&4?+mmHJg^;PYD99m54z)J8Azak5C|x#4WaThSEvX9s286nNK&ZB@`5?0@nspSykQv$tQ!V# zEUxKg8Lhm16%gGF1tn#ayu$x|Emp>yWViFMQS=IFbhW}k3H-@f321b&PcU+KbBole zYSvqKB`|hQGrEhsuwP9g^@0v}Q_BD;X~u&|km#T0t6er{Xe=^a9VI9eLRQw-!kLP9 zpBkJI64!d{;&M(hpyq7p5TWwHU~s5EsHDMo2MMzNE)=NZVwRBx(@@G!c4R=1cg4K*ZG2aWuucAgX~P=BOtm5!T6(ims#TPGU5Q$V8mzl=yTh zsH3u)wDN&N4xVaD2;Jw5-!5etImHo93?OBPsx!nh9eD!4iZ#9r?>4K_z0|klTlBw@ zsMzkYGO;K7j91773sX#snK9g;$;=G(C!@40=1A#KQ9j{jtM zHpA}W0Gx^@@TAJCq?Ci)?mHZzYFGP1ILwVh{gUl09rz1Y`d=BXczWNnxh5f)zzdv( z#w8jVeiQJ$I}MAV^M%apj?LLV{N;~vX@9}_NLRGF>xIr4h_9aB$)H7BcsmTguDZS=L zEk`^~rJ-WbHtaq{#G&WZDz}GlEx`y7QiFL3w}M4wQLJI)T+)!4ewiH`m8@AB-!q+zW6`?qn#h`u(q zQ+n3ZS6EZ3+HT9V*zHDSCcuZ>(?r-^iw-Le@g*K44AUdggZ$FzhkpEXoW2nTbz@Rc zIszEkXI-j&5Pg~+yA3u1T*d~=aTU!x zo#oNG*# z*Uqn>U^1h=4|Cr+#=Fr1m@#`^qqv_!L^_b)QD_VjJi-?hHeBQF8n+Z?iH3a>L=P;e zUpkhwKDgP3QULBK z^)z>O689ZCW9&Gu9yW4Vp(_Jj&fzP?n<46=QDXgIgZn*%trFubNXh+v@MM`{^HLaX zj_RbFvvXRAG0LIna$C5KGg`g)eUgEb{A1Vl=MFwGPsA57xWk?=lEAK)IFsX2?*6$( zo9s_-6GA}`Fg2B#D~uFS9o8QvOGC&eH{21#XYqKzn#bZdBJ5=M=b(YU!ZphABic;0 z)xTSMg_=NXT9gh8)LTbRR8VuiL9(6ug$)$Vf&Mm)Vkssd!a7(4kF;R_ z&CGDul#&l!M%<>OG)wA3ALUyDD7c%G9ntlQHTQYNt zR;5biD_>WEJ+9nz-a|4)bN#xYzj8z=`JWm~$pcQ$T( zGGm1qdEN)V)^OQ+nk7srnkOe!rzvU}o0fyud#Rb$0`%}x&oNS2#t&ov7RSKj{fl3HLXbaYi1vW+ z)#KIkw6Zv=A!m2c0b`RA_(ZfUOMWrw107(}0z~qOS<*!{X^q3k01?K@bTp$wz8x`Ug!ZrzX(xGG?$Mv(_Uoug>Ml#g2@8iGtsbGQ#w zC}-0mFtj3^0$oOQ-f@DH{7nC8UUl@}A~lQV%h^7r**xhod};zVj?|_%v@N`>&V?-( z8Rhh*FpXZl8tF(aAFp1JY!MQ#43o5UAf!kWu_cQUK6ATYnI*w<+q{{u5A;ukM_J-} zUC~Cz_DK+l$pB56?LKZ&yK9$Tf>?uG)8w7dS}DMxEn;{3u?AM|>fM1MM$7Z7MtEM% z$=7*p2sqXC^mtB1Eb<@23f`b{hBY(Qo9NCJD8V?&11hn?7gZ?|ln_FEAuR$e+kjuP z7H?8_-F68VmMGinv@Blj(ns{;!Fi z|4nhi!uWp?C!GIXal*n#^#5;h!t%cop8pajEG+*$aWa#$V~aPIGIo1P&8;Q_a^U`9 z#qSybj;Gai$?1R>1#9&0C=i1((In!p@q(bPP~Co1xAH!(u&%LR*-u$jm071}CPjlf z_DybWEw{^s_gY2eiC&}tnjiI~YRmTD5z`*s+N?s`wyBj?bAYy5Ri%3yL+>Bk$TQxB=Tc73$-S_vUNMEl-Urw`n7JCG{iWAh^kFMv#gv+cktjQCTQf{_7bSbIlMt zNY}Ln7}uT~U@}LbI>Ujsa%_#6e9Hpn7_dr?<+OO8C$p$AZ*%bvXgSPU= zlkWC-zGER(Cg+tw+$Zvp4IM`4G1m>+<$F^Hf!|v&}Y+a5THSEZ9 zUeJ>gs3_~|S4#jsA=L3h*(U#TQk$(K>Uokadg1}%SrxP#!Dj74TAJ`q*CpPQ*r}8( zYLe9K^wi61M>)oS^WNP?^PNia1}!@94KRr;$ffFd5!HUKF##m(z|OksGgr&cIBOWA zd;t|Uvr6J3ws ztRCnG>Lki=oSfRt?c*$bD1i@J1~jf&d-F^+r4mtUm}Y_1mM4gJV4N_Pu#uIOhjGG! zbnP&WOFwAbRic8bsCfl~*vsf7mo#sIc#!$wcy{8)w#^tbu;c-eDIv}<65lY8I(m?b zm83+hc}NsV%Z@fqx%`E?_zH@lqo_(ffeQN-wC4JS19>PT>-JF_BPo%!uN?8AZZGYO zb=Q5chY<92wNF2Qn6!dG_%4b?fzNcpJF{vL)M%lwwa;}~qFYo z!6jSGvWH-cY@=ZZ`pcY|QnaVI_dqX?RG_N>PGTWy`K8tt1xnr|WA900h9~QM1|n4_)xdgDL{XmN+Xj}-+1aiKHx>qo+t~cQW1M?LX_VF3;@#IK3f1-lcX#ewLb7kc4U#nKE z*8tY2=u?glvPT)SGwdAb(%PI~mN2rnb;&Pm*Wk=f7!X4+)|SMgi%{cdRYN2Uerx#X z#O|L^PTzi2*lgFafuOD;-G0BH9=ey)?Ypzz^otQk(C0|9StIJBQ2%LJ&$NBq`@A78 zkdv<$2x;wPwrVVwk{+|9$B33=rdNhCadkF$r&{_*Tt%lWqh{WhD~a?T4kN;ch!c>s zf-!4$EapuP=nAKxN~U0t>B9jS|7$v=t$ zVPOmnMuD?o(fTX%U5$_|A0$flE4#d3#Z&aLKZy9k@^2(!EgCkDI&+ArCHI-<^zlr? z^ZIFHHDtc*+Xds!9FR-a$0TRC4s^6>ra8q7*;u$N(|zMkbgbg8`k0D7{?HRU>{JM4 z9X<&!s~`nV^FaS*5^{LidX|7!2@xPP*zIVCn`~@);4?`I4@k~dxm_WFX7P@K^dM}f zn}s2o)7?z6%)p&-^sfC({NE0zaO|$*B&#}vms+CFrRa1tAe6iez>)cEsj*5W2Xk5c z_|$PzK-onV5xApdfkG+}aWZ_4mK=B)4Vb0Al?+5kc;9gy$TDCXd+X4!{fCc_`>r>r z?lSo-L86z2QRP@dEo9O6nlBd9FXr`90nS?xq96P&Qf@sL)r4r-XqMjq`RrLn!WKpJ ze6vcaviol)_r2lDdb8)lrwbE`uc9mATuslyU>SV&`Z~rJD&afn-@dYYWf_WMjI0LU z9|-W$`cMbMN{^%XXv(OlO6I`N_1i)1KWJRfFZ?E3d)lzXMVjSA;@)rmcY>v_#2Nc4 zgX*Vw|8{OIgj429iUqRzjs7d&)e@Qm2&c!~b0pe2_c^igE~QSiR<4=|=q39yJcnqzARFZvK=rv1 zp_lo57lO03*-P}t*Fwz|zD-}Ii?`l7if(~TEIykyUAgu$%D4jHVjtSAs-?5Ax(;x; zlV2Xlb3m7cm;_-iDiw8sY9PTYM+9rRxP**@wH*|#sTWV)hNuP;dR}qegcj=GF`cQV zCEsUQ2A2V@lL5$f`da`&S{YtKzh;%26~Je3l@tj5sBlsckXk5)t%o@%Fp(ts)!L(n zWU?aRo%Ie7yad2;(wP@NLVkb7?WXU|7fKUTV(Hq?a@q4clM{KJUUd z2wjvdBnf$iwC!snMGmZ7q5NT+4O2M%oo= z8Un&rqinLaTh$6c6kqICNt>P~#rd4@QQqEh#WX|W?cjlzSY4J4$7H*V%Lko+_@=vj zwF8$SKxG5XWgAZzo@fykHTOtuSAOe%uK*ATtbm*&3ma`FE40a(7V%mrpr5t}Va-7U zYvrr=innL0!+ZptCYrbu&oIl=PobN_Z?u6*fL=XTK|VsYbszg(yoTN3hb4PfBdj{G z3&JPvp3sWztVr7;N}(1v!eO}Akd1KPxk~Noq}ib3z}s~PF>BX3>tRByAi8VJf(GU2 z<|GN|wqLRH``03;u0Lsuj1tW%SjR(u3jJ!QxV)S7Mt?*Q@L{LYOIyonE{ckwAFneL zvVwKi+Pstaohag~;80ih`%M@9Ytin@MqPnU2Sw|5VGc2fi3)%y8+{R|mhJb1V6>mg zq+^#2-C+RL9}pp6K*b+P*z3wgeLoKA*j(O3by^>(hC9GN0n+HWcogI9>4E2g7B-(C zJxtFtc)Ro!&g= z{jhQ`KD|v6P#rO33KLnYXvS4SGXujj><~3Tg&0Cz@|$d$#i)A4_0ql+-ok|-5*z-^ z<`{G;7T*6GWiQsL?)wn-n~fvbBJR1i1>h5yXGIomv4YLBL1WREo1tm7?pbe@RWcpS zB)N*EvV&DqRu|t%F#k7hs7pfH&OsJfMq^$>WCWSVyFA~|~RbjYtn;mO(QKeh(@$(@)4-s$UGAhZ{ zyNo9p@vnXCPka0E2|S$0hD(UeS7?Ryz#8E886=qq;$aY0l{vAYX!om{z4#7->kPM& zxu`zJ#_+3PR296K5P9pkZDK+ofh zbjgo@W32E|a!$)asI9W{U@_fNLGyT=6UqjY*~+>h>X{F5gv9`RH#w7js2>&3{)uo_ zVRQ~w&rfsvSppmjqnm_vhOYy)7gJYnH&nm^P?15D7pc{DF9Kl*XDkXmp)qV*ktKx# z;eN!=)A4Lzp2WC3t$9qgO=NSWcOpNo|sJ zndIVNbEp&E&C3e1y+`Axrs3oM(?iDgaMNQ5361u%6z8V=j7OAhdr2{V)jI@45Fw?^ zy3({H_mCB&ogL+!8%otE&|HkL*@+Nzm#4QNt#5VfDe@ z(W-LaWS4uE%7j%;4~FMhb8t0kA$#RkF}y92Zd+WUh4eL&*S`LB$Iy=dWPbw3Dm4MA zUG0pmz7SIx)30+pqMbl_ z%WePu(JHuEUio2zw~2rJIP}ObMP_8}+w2SP(Mt)$>`J{T8(Ol1z16+~#Eoaq=Tpv= z!_U>hF-m(wKm1Eo1SScw#j(yGIFGe+7$U5oqPsL=39PLzhiw zj>`5@!3gt1O9k&}py!v0wF!yh)n?&lF8VbN3rW~K>Ng$2z_^2|Ng#TPDIk*2E{KBv zIPIsg#8PSZ@PU#*1=~m9V-uBy$GrW_H&A24 zo-ni~gPaKkJ=fiwB;7d-xu&q2H+mEr@%1_dMZO+aQ%4=^3pzbSq<0SX=jO+|l?irq zX7q+Ap;ST(AQiA9QM^^xmw8Y(`ecq1-G@XfMf^fyWo!QT^-A-oxD2Zbih+c}lFv(n zewtRLGl7W)!p{stjDa(ez{BsIImW@`4MN-xmg!`|fr2BPr+rSyV+#?386Qk*KDySh z0cI%6X$`=;p9~R>o!J->C6mc4GEJ5cZBu|Vd8#Em>Jt&9n@WqvMb|f;e|q_tO)MTC zc^;!NbAKOLwsK_Wxw6KaS&()4*-mtMF`2={5AA2(HG^7B)PkZfI$y0g0N9Y>8Vq`$ zNG#a%me{N}vc&H+nEQ^xRL;O$&`XGQp)WIWzGk9BZ4RCA3bCkEM_2dR1N?QuA0AS~ zm~|ZS5c2Un`D(JO&+If?S;U2phfQZo(NmM!a6b#BIC@q3`{{W&niUS3OO>eWJD54= zqNGU{Xop+$CPrAA*s8RquLGSGRo}k_wT2mS=w+lx{yP0N?;+H~I{AY>y|Q(K6*vY5 ziG)V;8|+d%B~=QEydB>ul{1w6wx7d8@~U*R(ho}AoMXm`!1snr6(#9u<6-q`GX{sTrYC<>R8t7glA6wu^LDZ2rm$nlr$d}Ec} zYX#CdyG7lZBYjinR!{rcOGaYQvMExl6~@zy01&6q6reiIFtyC6wHJT|YS{IRz@ADF zlCIj;;Eb~jlvh7@jD^CLPY{0Y#!q*qLY7yr0~Z%pCAw}vwJL8Az)p9`L05_(gxQ_< z7iz0htx%P>7&-!XWBHs%17Q@3%G@0I;Cw=YEj6tKB+eK?=d$>e?IAN9K?NRWAknf=Bi*)I zfJOE))pMA6?asc5#htKV3ozi|Me5@)DCEOD;S3|Ip=LGeRrx>cI-76ZBp`Xb9+Vce zG3#5NMUqNey&Enm#OB80Y6{*+bxA@YL*o7{MmLEjp!$cz-KZ$KT8*V7X|V{dl%b(% z5X7DyGM%ZtT8M)p^ozitv<81zVxE%n0y?Z?8>5@VC^P&I%yox3Y^PK9@bEXP*{8V# z2a!NvZ6URWyj9kTV(aO{bH?1#Zl%(0wAdIUZ;sw;Am75=@ZEphHIw{DDmevPf@_=C zR5u{29$s!r5c{DBG~s78PXsJc&qn{@m9nrvpHlYh=|VsMf!h46Y?Th78~3jUN&f*W zO9^q=(l>L5s#4lk3s)aB`0O=)P+IFenM!0MB&|_#hJ5knG+_cC7b|Fe8Cx(@w#N?h zxNYg9Zln_$sX_-rIbmL}_8)A~c zCWL0N$<@AZ>9CLdF&{m#7eAShP#=lA%n5cK-)E{G*N5N7vQwB#dN*ap8@e^W#C}RG z6TB!W*GN_jd>$AQe3m>s1gbt+>S;NQ7u7FwAW9;AyUX6ae?CDUeD>fRq>v3RyMUTw zKo(ORYY3<{@iU$IXO(!}1@A>AR*Nm|nZV&r)-aCibmYxm4}Gbz=AE|1@4yYjJ|l?< zFT5UC0P$$AqXbWlKz^tPV{ILwTO8CIk4(^SS1yYhsJlBDE_DnCSmf9MiJl-eMBwbZQvQU&a1Po}SD9O>@%wco8X* z8ytWeib3(7iRkQ)6RFs#R$0sOFa{Q?ILqR`rncwGX0%weH|o4SeMl(fc6z(yD?((* zsWE1a;CZe}`Ry?@ajG*z{Q#WcTOeR3-8)%Fgcar}!$diT>z<^S?CS^t>B&m=Q_2@nX<0r<*<{>JrSZ!XIUOdqacFunr z{iUw;tnIV5Ux>v<;kJm784Ywp`_`L{>4~MOV(cQuX*Cm>XwFojsH@eFif7oSVdJ1H ziCIzNQ6J2r_L!jLu*FuI5*TtWA2+BhE<_;kUKhBg`AUni2h#-&Y|nX_Nvbj53E^Xz zNyh~D+AZ?ajuiZU%IUd1xG}M%d#4jEc@^XY!Fc%820iO8XI{F?$HaY zZ%Ture<|@Fl2vl&g?mK@NzhncHu@=whYJ5WPGL$y_LpWXjQvGrIxPs3C_phJY(LJ_ ziJ|?W8bQV=a~(w6i|-d*vW|IdGacT@CdM2COw{7Efe+AZ7%tgRZm z3y)l%uo+Dubf%6O0#w?6D2T6p??GP0fpu(jw=1M*fTG*sP{9eTtFuq^m-?XG=?8tMUD-tU79@u7kAEQoMq+ zfeDohna!(;bGONRW->wiGVk>CamK@g@zU{b`a^5hH;Bl;h&Xw$qs#?dsb0JOo zGRJI8-Lu1Vid+kQfLiS4kf5lp8y-Lrwc7U$>?Q%sS)*|1%!RB0H4ULkWgdd*nG+zS zq|7<`tFlm))8FVLhNRQvjI4$SSoL?uVD}DquxD{~5>cf{9-h_Pz&44w2)LL7u4Xou z!rFw>SD|U!I*WcV(#M!pZ4MinrrJ?#|H%{UuyB>65g$d0kX(`5DA3({ylT6xskM3m zJqqzO52OIq#?avGA{2n_ISv4k2yil{+o8XV@7wZF3!zZhJHv^V`XC5v>6qaesrAk zyypAibF8OROd)Rz!6H%m`r?Mmq{W4|eBjpmo@0oDS(kDH)A!vkYjJnoI&dqW01u=0 zf1mC;Q*#-fxHhI#N682cJQ?8k@AVYPU9AFq{pUjxf>Ri80D2)c7+ND{!nM6pF3P2` z$iAK9ccS<4GtBEa$^3S#Q+0()g6jN2yT-+GdAJy(v&!;F?p;Q8Jc5+KMb(rQ^2rF2 zvh8=K`e&)>uHGD*S{pA;>X(*QBDT zIgc&HcYJCF`;Au7_!+c>OfQwcA8b$VrrX4+->C(U8$o;%MD?HyyF$RV(pWzJ`6PJ` z!iW|%3jRa>z4P#wlE++I9Q#67c3f=cJh4r?sE+rBM7V>yU1mx@BMNI0326n~5bk@K?9* z0#Fut+Z6!sHv@J?us@gq0BC?LQYN?$gkNkz4`YRE!svnnC=<%G-7j zl+79iDwTCKAM~7Vojbd_0_V#!ILHmrmTUzQdsGcI0arjR zK=43!3{UzgGvW@91kE+J16!V?eb78BK|9Wur-jqqCck%D zLt(dXTgKU!QV{|eRnPxa0Y^a|RdjwV14tUjjerUsFTC)hTXz`jrxgRO<1LuX9V(YU|qVjVhdM@iit} z=~TrXaHb&6FQ8g~-C21xAfWTdHUIAr6}EqS#RCROSe_-T?bEd#SQCd$!Z0$1lvV+X zEkBJ9;;Wq}`5OsMxF{FDCKnW;)plcmmEc0aPI?}%) zXxe@aF#zj{(dB7JlENSN;_&H2@^-kdJSA2nf70;A~P z_-SO{`}V78hBfU}sCmzstKY*^5c68x*P51__h7QXy>91st8O4_E(to_+ip(gSBb#* zs~p7I{nWWm-z%)~?_J+JPkq?`4U%E`uiP3`)04g9 zcsQEke|wJ>URNF!aQDl?c1dHF{MRBWhBDPsrN!Y7Rs>5ac>-#pBl#zkM@Y{dZAT+R z^WOOq&;rst82wu86wrb|+1xLe&;0z}pg^b}Y!YWoC2RF0GtDC-?FCis5bp`jm_@r* zh#w5czvE9Il-=v0^{=)*BVD|b4*sdQU@27^cSABAI5Gn+f=TNe7PTX$9vVgHDPkhK1?vj5nUy+c8a>Oc9h}k(8NCe7pNaAP ztv|{z(}GXU*rLX?aCt)VCFA~iJ5LDptMjo`86Md_J6LHF$haiZ$;^UfVoI)Zcpdj#I6yo7?iOMcSU`WK&%^kF)RWHOQy8Liqhn@pTd z#677f`7EW9f?I>_>oS?eJmqo7(yi^o+g+DGw5vrnDuevPY?~wp*JbtJO5GNkdm-8n8>a0$thjyQ!YYnFo9?uuJv$-x z%K1+O!w%0E`{g)VgQLukkSrQzZHF;QV1LRXv=5g_L4|a*atZ7ZLvza$Mm?7eSZR;( zw#)><-hN;Eq70}&PEAosVdXkYPR~1!3h|DV1#DU(Ly*4kAP+hnmzNU9tEeialP&8* zi}Y6YXB0GPP_U^o2{{mJ1UVf5!fI)cXI%K=*IbvE-xDzFnrgZw3t4Kpc;=LnrQ^U( z6F*Td5(;?7kA#wf%S~+)c+MtyJ31|6Yy%1!jj6|W7r7ttb1|5;K*+oa0N=hX) z#YrcEL(DF4gI1L;hALxqtLL*dE%!d@$_8bh9~o!vbLj%v+xvaBR^`VfM$*CbmQoXu z>?2Ea1xsf{(fMT`X=o?tk)8xe_YX9or-z!Fi5v;9y8441J-Jf$aeIc>Ze!Bg8FAj` z9}Z;o25ZBj@);Nb%YJhrfQO-+j5NZ`Bo1Z3fAoxjgzq_YY}sW>gzH3bGYXbInITwV z0=aY%0bQMMX6&&&U9xBOGZ0p1-m5TQ%Q*_b02FwhB7cET?4De^cn#94(cVUK!-dF7 zY-~G+Iqe!5dpmbu0cCbAPGQIwglZ88W#QusR3?*bRY0u02<0~o+qYe4XhIqobTT^& z_UY&1<;wK%U5abL*DlUOZ(HndWrC)FhFS-t%|q~?H};Vuar#5Qu&3|7v48`>ZYWgMK1V+}PX$YyFCB1Bivumq%{`JOoT?jxBKxI$@|844b% z+({=b0y5*)dWjTj?3HW8GgXVShx3(VsRxgu9yqKpLIlgcwiv#oIB+wt1|>9eMI}*8 zR2*cJOp86|l_t$a+uCTI&e&)afU9MS$||D5RU_X^YQmS19V#dOLpbvCcn{j~07|*> z)MM$FBhTAKh}~tv^=y)@*t_&(74#o`Vrw$hJ2ay%?ANcfe$b+&udzg*s<A zXzp`?U7=P5?jY$0>TUB2W7IkhWttlBAel@C-NWnj>89W73j;2Nza&EJI0z4gzd8Xc zg83HdQUhYp@Y%D!HZC`-&#dRgXB&!#MnhIziHd5PPsTGPrnjR&-vSre29wfnKRu(C z9|`pJ+#PD4DW;T^yVyqWK2c7 zlGnvnzh24DSGQ!$z<38&`a4Q3qu`sQtc6%M{PfER9G@zy<^TYtxJIyK;>#Y!;x7(b z{QOueJ#Yb#Qzg(M>IEz*n;xqjh<9zu1?`;UMkHol!Ln+rf}TXbWKiBri@Z{(u<5rW zL=`Nx3aM#8%Pz=q^h185qKJ-JK^AxTjDoxbO%W%?7%znFW&?s7 zu6$b;I!^H9r|p=|+G8}aL{j)8JC3Kobr`FU@Novz2tnb;xF{etsGU1-2>VGJ9~ zmoy42MdLo6s?8lDK-<`mlX&C?Z-D`i2pJ}>l$fUYe0#e|;UQzGYM!|liC|*5XxR}! zUG2gm!Vt8EaHN^5<&=;dak#&+`#5;DoK>I9AbkR@PW&|O|6F%Lk)^hL_&6CtYG)m* zQBi}QFoAL?b}Jd{H91NnyQ>ExK_9z;lK$yu2~Gu$PDYVTV(3&Tof$T-PY`(=46uZS?{D2anC+Uw)oV5 z)RXrp_I|7<8(99~ED{M6j$p0lO1Jx}y#STnF z1}jvrrC3T*^-hY-8R{!5HI!7$^0tg^$1*7vo5i7JH^zBGHDApb^Io3+PK!DS?ubWY zZ_jlFF-&Cs=XKLI@58553AFv-3mmdk{O`-5xhF|1^LpZTSkM?3=5|zPM5WuKD^Z~9 z!nbdfxXFpRV@c!7DIS?|LwJ@M#p&zW3KG!UeG%M^SokB(9;}JvP;A)W!k`qtDdzW0 zdg%o+o+M}+x(GI=GCuvh`^Gw(#ZBD-!8KL&gX!X)q!bks@}**U1HwB?4V*^`&w*=z zpr?k&F6dO;09t$QzZLL_qD1-;MO0=izXNPY3>8`H;Hr{9q`>(b$aG1;J{9u&Xg!<< zO8a+sY<5Yi;z-4mNI{ zVqr)5BU<}svk#>;)HBvf$g%Mp=P(&0D|@LMxt(TI8JO}xB z@D`+7jjC1$UDD-R&s~%yfG|F~7bMDhtP;@DW)iuY{Fl_EK_AO>ix5Q<#xt6au$K~g zUZHQUMNAdc7mV!oWgkHCbVL&t%(?q_-8R8H?&NSdl7>f|AMIQhvx96=vmOiMN{-}p z%1&LA4!fJkjEvcS)c$&(@j}j=q@zP4iNvrO_O7J`)2QBhv{PjC6_ICZ38{k`u>$%L>WL(R$!klmCVZo1Cy==cs^S!*%@AUo0Z!lB~yOfER zbvMLeGNon{S``!0p!T7FO4}7(D^n0q%l!4o{Vz98oS|;!y`(|OkJuRET)oC+*Dy1t z2A9!i4qfALzN3&{pKxUVdpYy)B_yzCP62gx3s$7NT0u2FSZRm-m&v5$!mO4Vr93w4 z2;?AAmT34Vv)*QMmu((HlJG8v+=lK(4_c88n4!wBheq=RnC>5Dg)ONXT=!tJ0b)Kf zysT@Tl`TN1VMk7>!9%j@wkoZ8+?P>L?L-vsEPf4-Yzd^_S|44q7f#$il}qLG;6J2g6BQfMT%;FVd_{frt1%mX%Ztk1 zJBjRF?+hNTydX(o;iih|66Kn)@1h?$lOk+}qLx@FbqtRFAfr>&_S6JNc@+x3h*|n= z5-90mq_lV^8**GxuFR&O;P4X8i+av#+oirpG#_Qj zqX+?XBo-8W=UT^7_-b6gTwa?=1dDndPf^NH9HMfx?$VK$+%F}j!RMmk+Fv#Doht0n zeX7W+?wdD-snhGiS^()=SK^Mlt4|F*v|Wy^K#N|x=a(h15$%PJ97A+yezz!@u_q6u z75Y3f3x={D5M!>r3In<)w)ehjXp-dxo8koAs`(Ity3_WhKz@|N2ORPUBSYGx%2!De zZ36NM)|Zq&!UgFIAYlTY=m>s|eOS6i)nyeI4(aYv8!f{vC zbJ@x+{pnFWAEycMH+>o>$CS9`l{YR8j+2hM5gQ7bL7WI-Q7cHkTMz>=Kt>QjYWA-V zA0K>(56rey9Oe=8keuzOhX=&NrGBg+Zx*w4pBfwli|rNqMU(U6l$`Mkp3G7_JyFdKV=WIS*$#n2XT_RO|H*@r)5P*m|fs&4&y>31l9N&zd2KFkOtwquD>61-p=6Trnor|nNA{4ZetJuBbj289vc@0 z758-AH($$Od-;#%bepR_dQg7`IROhnJeyE;LN|nw2cSrN9wclNpjxRGQTz zd8dPSO0TT?QBm(YP?V=}Mnt7XKYCxDcK7c66*Qtzu0R|FBBx^0=t9_0vp$R>BM85w zWNTFw=@AoM6$(a!V{6!-#*C<*OdVN97bX$Lj2m*Igk*VvCC#JypsoPTP3C-?tln$B zR8m}d2BgFu&E{`!LArkS{NGZ66Y3dAKi;{Keo^oG1Aame_K$T^NtxA?q8A|ogVFV~ zgECwp6-`i`0ccZ9$kk{_Wy^?;WC{qw?~pvgdhyAvAA#M;yh&Ocl7FVnCo}Wle5{NY zw@nfy98wv_VYI;}#D*vg)on8CC!9k2HaU>(v)iVwjoux9oqkDLsXJ+hbWQwLqqh_Y zLZh-;P}Z;&rZ_BGh71incQ`_E`b|u&1nR<;4?rdB&^7pjX{imRD5*4k4%{nNt~j|o+0O`jtx*os7~45IAaYZ#zs4rG*|Okfl1+%at zxPsO^#sk*H1i|ipU-wupqysuBlsSdtU$$8axS3VcvXPF}%rzJS?F$Hl?Lhwe%APmM zQ~`~;_!pV#(dor7XnIh1k59u5Bv{c-NJ7_Jd|XKv>HOTU*ms4ocYV7(f8DHX zO+^7u+Y{FY1(GjOv+Tx`a#ub@O zZ268{DiLa#i6x5!H2p`(?@+c1mp%swr5SL)We-J0HJR6&-N>@;@tiah-V_qte zpOg(~8-YzGP@2FXTtr`R)#== zHqhnD6XX?(97J-coKwx9h)0=cVBLZ;9^9L;dtH3!aI-p`V)V)HH}dhg(v>q}7hf+t z5{z3HU>m1&5y>uQqppkZO3T}$NB$73M)RXh=zMVVQvJ|P-q_o-=AD<_Tjern!Ep2dL0@`!x9Xdy?D$KVI z0tu7tD6fSV)YHP8VMl}vNO>n44PRm{;t#8h`ui4`>)1 z`@CXCxS4Le)@tI&joXr}`=_8~S8$AtYphjVWsOzjcC9U|Y{jT$8+6jw16f4#&$ly8 z)StfAb$Qk2Y9z1&tgVSL(T!WXT41=%0?0KZtN3-$sTjMvTonBXK*_99@xKT7{N7tr z0JS6DHD>*XykTGn1#z{sb!lBAZqEsk2jO*;E-_wU%+Fn4OjdEb_)HZ2t+oR{xPFJgi7zS@; zTzH6)0Cv>OzuQ(a0iG?MzB;yRud9!l*})WeIu0XF_64=h<2bM~!h@2E@iZWY+iK=9 z^Pg?u-fSO+9iQ!FV__IN*h$j|(>isU+l{iKa2P>&cV-#WT5UKEcPwKNXi5jU7 z+MKMY)lwo6tJVaH5696b*5+ZcNS1VT^ax#VqCn2CoLOCY)ud-+rfftqCnm zy^h1C+z=jNq-x2lv4b1f-CZtyncp3?yxtK!L#@kYQ-(!|MGzw3=K|`E$i{`}gxaV= z27OVVEk$Prg_@g!)1|z^!&?l*DMi<6M{0!|b)sT*zpO&&g0IWvi2dczqY0BBUD7F^U;!D-7pH{0Q3i_<3E4e-eE6O+bA*`Bns9u#SS#W_ zBR3|;tTRGvi$D+pj<|xy0y;v~tr_;H1H*a9kvBRj1p%KA|BAdWSWI7iJuBnR<<{@2 zL_ZKT9cFZU`*sP$I+y0|)r|~;*p5SaFIJNs?+#Rq&rHV~+W43`?`qz`hd3|z!D`TA z77p2MdTZ_lNcbSZ@HC8n$#SvIiYHcFT@MN~yj5A0X5L~Y%Xn`Fg9VJ%fY-}uqkLg$ zFI_Sf8alRR~a03g{CR2_Rp$i@c@1dmWCTf=ShOTd3(8Pw(7fS_}9}>|1e#k*< z+>;D7R4(ehQ~2+V3(ZYBE;;D~#^o)Ep!`~x?%$J@I@z2o6*I3@HA{7z$0JXIN_&l^ zOfV=){wZgu^y&>KTzojfNsG4vj8Q;P9RUNIr@k$OA;Dz*3q2>oO1x6RQ-e;P|9pHi#ggcnGf^^TGBgft8) zDj7bg?5(didy)S2ZFY>LJEaK3v;2{8;B=zj#I=S9tNMI`-@|1gxp@?nW6gr7x5|K3 z2O%hAn7yg@Xz8HSO4z+SSvM>&;I*x`vAKA>F* zcYc2tGWRlc#v6{y6-NKPS${SPlKEsAzfEP#Yz%BO<72i!c~VrpX~8zXew#Ebp7ynG zM!+P{ishH*BEcFjhlG5CtQ(jtQ1Inv5YV**u6~a&A|#aYzIDaUKp;+jeN%VCHsdk4 zovc-oT6V)UBXk$K5zCg|0{tqLySax*y{!+d4xeBCTD3Cnf2RKa-Oj?y$jtN~tN*jE zqkpFU{!7;p%fH-p#PWZ*>xhZrA6NJP3Bmtf@e%yLiVy04gW~&VWk)RkYS~ftrPDTB zs{ijJrN(>HV(QFkj!jzj=CGStcLxWv5|eh4r0s;#mZf$oj}>J`w~!to|I1phywz*S z3pWPq{Kei95q(pwOjqm7CRa@+-_&RGY{#i*hF;xb zUvb*S;Y6v#9Gj)x&rbHeUT#VY-<0ft^iJc%CLiaYG+(boHm>EL>~3jva&l3vV)DAh zpeF`i&m=x>#z*=73s^DpTcmw|2}Rb62~90_Gp^4f1nH1BU9USApLDvVptUf|47~I2 zCF(~9w{*3MfqOz>c(v^^@PDjl;eDOMrZCo`UjZ~T(%#Ns_*|YcTo>~i7R%jDHlKfM zGyg2>>_`Mu^h8GJ(Zes@E+zSe{fNBrm-by{R!@9VUE?4JXCN-7WK57SUv`VLNijYy}mUVaSdP>xE_u)_W~9#{G!UR zTrz997fGErv2Z9J3@b&^FIo1AdxQw(9$oX{m|$%`H83JnO)+fyRy zIak2Z%~(forM(!aafEEvIAc42i6s3gm&A4an}|eMYx9cW9$%VJu6XL&I&6hw5@-8w zK{I*ZbB0Jz0j^u7BS_@edY!=&?BLlCv^Xhn+6k5Zme}4K{jyu{L^M*P20>n-F9V)i2Bj4|4}cpG2Fs{wnJXo z4)d>IE?OpuNNkHN?x{eK9eXiI7snU}mSA%~K_^ma>nf{!$PrPSU1T&VNk$=6Q>w|J zP}7r~ptH(oz0e?W^?Wvv-Hq&L?86& z<{^IbMxlLEtvxPt^~h-Yz4kgFiZqdfUPAI0UV1_Ll-OY>Jk9Jb6{9CtuLuyN&2q5j zk`|C~dWq?Rx$N3?dAcJop{CXi(+0J`QM-dad<0wZBK!o`^;`!JX`(DM5h(Qqa7`G` zCLwz191P2Xgcw3B2pVM@&&3wfQlydpa~p7ok^VB{OAoeBV_j1#0)@pkS~_Mr&R4!I z8a*^s%dO^@iypG|$#);_D267w>nb~qw~7tEg|5+~DD@?a>{uzvqc59%z7K(#(IcOl zW63t%b8koi1?htsZ)kA)pd-owvvUuZh>s{c){K5Ue=d1plV{3_m^m(!JI;U{$rtSv z>Xf(So!uRkbAV{KQ3TR5ujCVihQF*aPEhMs7KsAp*mu26NWtXl<52LQbt(FGUXm8K zp=HecOBjr7z#$FEBy%J5W@Ciy%kd|Mg*EU1Mh*4zAA{=^^=9{Ub;2qCVWCye=M>wz z1u%c>+q(}3XCoG2Mtw}6u-ZNW;!GvXtGqh`xY30eP~oK7E!5VcY0BkctX_l>v5HKm ztPW8tj9EZ3aCt&$WH%@Tnc*G-q2d$GPl0f?WuIkmPb%iojN~1X^CH6aP$ePi)&QXO z?cF@&gNl}Q&W!KR;bbbZ#`nnW2K&dZ=F06 zJ@cm~HblJmRsPy7E=WE$rZgBn%VYc0%K;)N;3bsMiK01vVkj{n*+v^?sHGhE8X_vB zE&I8u9~c_h%(FfriK5*PRYN3L4%LrF#TeEhbnETKvu-#JNTDIXu|Bw4=IeE%XO^() zbx;aC_`b1;5J3#CI)!d9OGj>ZshjPvl3>jI=jUBW7)aQ>-+H1#Uc7_7%yAz4`+od4 zix;6l%oQe+=HjTAWrdK^9Z_p4LYiUMrzFzu!HnYm9#YU;*q z4uE};&XN0@bQQdf`x#LVA|a+eQ$jqKx)+XdZIH@*9@xOPVA#eQ5iH)-hiok~u6=5L zK*%eB?SCiL9`$BS6^45L3gCu#!PB^DTuD0_FDr;z{#i|K3gC^lz<^$k4EAKJrZD0~ zT{qnR3zP_ElN%*xH|_CkK9=l6hYdZyVdsH;%@d`0lbKn?zYkYyl6 zXUBy7IS+7#jeg=y*6Q^F2`R!8H&=0?48?FoD7*BIeB;RDvF(GVWxqA5>8?^Y434;M zra=8Q9X+2EtP_CKcHc?WTtdF~h3B?PpzY$q?~b=+1gF%)G{Cpm^5GklT&|%LK8dZd z?DMc=!^*pn#~`6;Q-b@%t*153E4#kG7#zh+7MD>+>rz#n4nt-9$8&6|yd5{@=>|&u zL%u3PqaG~~been;Sx~MyU9V#f3N`DFUL(i0@UsfeJtAuEOsWjNlOgXkxs#}C@kT5|8} z9s2Tt$gX@^dycicS<^yviTxhd%j2-Urj+|?o;1yUS+Enm!2kV zDi$STM|8wX3?SUXj?g!FU&YU%k$2b__!_tYDdSB8^lRMBlAaYSl|~+s!!xnc9}lun z1uO~?G^OQLOi+cjS@e;ug=!r|Evc~-XT9|e8ow^RFPsy9)x=i6Y4$#YbT_Hq5!&CagQ*&j}+}wW>T%LT|~g4Z{?JyLDtuHa!u%<91I|yCY=~8bOg_c+G05 zzL|}Y?DBIf7x77ckHflInE+Nu(9Ot{d7!+u{gnBiW>1O+U(o>NCf~QpZj~C~gacQp^(w43w~_f-RPP zAZHg=o#(;_k!R*;Z_Uk=>RI%AZn*b!b`(k0knBk)`=*%?VYDl#QYWF(eH#seQW($8 zg`}0|nU9r^t0%LRALAxpm&eD?m7};>e9!ASdVO7=Cr6Llj=!8TYV4w$9uP8QY;K$F zH%if#<5n=@Ixf+QMl+A+?`FlJ7v-q}lwQFg0{2v|- zUhbW}Z^vI>UM(9uzQ1nY_E~KkRxKV6ZyQY`QDdhXD-&54!l_OVEd#gdflD}8GpPXJ zN~#*{Su20NzU_KEyEeOfc4+jxAKy0aCz{UW(Z}?8>CohR8{-VKDmI+yIeX0;!q4ye zL&h^}=}eD01nfe|plSPcFJZyk$MW!LRb24J?^0kyX7OUo)?G19yX(0_k(5DHs!Q{4 zZ0yKN#mCy{_o`>@c(^esgHyUuL4`Q=`}Fo4`dMta3L%_oBOj8uzI@6xO!unw^>cT( z_3F?Jb5U`_P@v)HWaSw;qA`mD;e39s-X6{MdEQRv^m{!NCI*B!(R5M@jW=7~hScLq z+#3Y3B`bsAw8D$4Wq2R;MD)B}KW|R{el)PZFAPo+6jEOan!1YSh@E8@ZGF0wRB-5Y z@@nHfin%@BoNp~fJ-?f;soxsahcLcP&vG|$j#v~j-sZvVxXUeP7fq-_RhT92VG38@cAC}hp|u_&_3dDd>wXyl4$Q9 ztWBgW)kV~J5#jbG1x2;QP2#yF^neHj)JxYpn5F>88n@15Tjwv@lE2-0lxtZ>MiUP-gNTnnV4D)>;^nFpjL=oJ5LlBj3x7L38 zn#9KV`M5UlY1gso31E=QmHwVt{1v&`JVgJ;el;q7fN?A^0$^}%m)qIv{>xG(2!saj z?o~1?vU+l}dfe)V{s9O1Q2mEj%RdzPJ$ZwcIuRyyh*;-kipRiB2&MM57jqraRak!8 z_v`oI^z^%EuOpHjsi&A~(x!U?h(sT24`% zI}P#|{c=(9vcLQhQvWdYKfXEEZJm)vj zv-%hAK{xI122^3W70huIwQ2eg>PKl<(KBB=EToF2^jP&}ib0C;Q=J{usST4GYJn71 zykS#f;u(LG+opsbhsqoo+e4e)m1x_DPh?s;%K;VYYb^_*N%#@PO=jjU*7D8e9E5B; z6Kh6<-UXozhH2g-pue?}((qf7RZcGe?ejw7e3XY4x!^R-Lr4CiF6ymOlaZvIMy;|% z52kn6VYK*rg}T`aB{EX3u}qYrvujPjf1)k4H{2QpuI9{`f$9ZuL0(2< z@#_WF^DW1mnhyx`>$NbsVOVF($fYvHAAuHntNg|G2^b1_4u7TO0{=j7rMrYOUGfNl zzBiiCYcVPnvxhbgJFO>LRy>BY-ENpqc~U!7tOG42PBU_Yn1cU>nMNb)AVHjtQTuR- z>mFV&4OtWXbI>)_Syjb|Y}{`kiJ+kkVdhTCbg6K4anivc_5=~!koq|NRSx6vBN8ll zjXiUE@#1~%5h1wX6r!&%b13M(9ZDD;R;!PCH&vi1ZdtY4giT&QYdE;N`g!?x%SAl2|D_+Sw#y9VYwtn)5X8+m@09@XXZ)XhvjE(?k}n&BhCp_|`@r?9 zW~N3PXO~e1;vl`%#QU3cE1G1B48)r4@IgW$8Mv0kc5C31I1qE{?HoV@WVAAmm_V=3 z@@Rz_j@-N8_L{9AodJ_Zn}TP> zkeo8iL7~g~oanSl(lYqc;3ywZQFeHL(DG^bX~e625@_OA+7|ZTg~lMX!bd;*+!F;u zY*qD>B5imhGN6Iy@B)nZgt%7hNo^>Cz4)hi+oQ4-K-uQsoGlM*g=KJ@u`^jZ^PP1# z68Hf)Lac_B(LY^C(sa}v_j^e`VZxBAj44%+fG7AXIvVs`QL@GQO9q77nAo4*kGXgd<|SYGzbN9QUe!M zJzYPrxH(~fGRk5JuV;`&3nEh>Om+KGX7iAMYSSwlgVumfCAMmpnxv=g_>xZ(1fkMBFS`r`SzpZ8>wej1EgUz?uqDK}P1Ds-o;vmQWl za`R(zYD?R8dF;SeyCyPHpcgId7e||>XUAisWqpR{=I&SglDzE(Nh}aza{yDD(PF*U zjRcA~_4MN!IDO%9RI|jDnI!_;h+$y5YVAhgvAF3-QF@kn?Lj>wnMNBOsjSn!z>9#J zt3aigWWZi#xNE4U3$>7Y+v^f)0-?tH&}xW4{|mAs9Db9%KAsLF+HZlZJLG9gA=og) zvQFwyVkyb{P2wizzF+`GK)JsN-i&d)u_MlB!?kWCA6^EA%sX|k7VMrkufj+h-X!@i zlHfq1yMx>_>2zXXpLfQZx8Rs(o9%&7BI!#zA`uiNAim7R0*H(mUHy8Z;*S@G_H>is z2m4L;hZ(MI1c|y%d8+&yrQi?9JcAqX?@P z#_W>Hjl=ahToyxbj~_cZyGgA2@h@J{OT!ME()O2eFM?J|>0GK=qWVWJ+|FNpQ=aJkOsfJ(W+*YrdT?;xX2FI9XYQM?Qkg$XhmV8}U#;FB@r3h^Tx%W`A}F z9U_&?N;4swsPWc)Z@RFegS<{a~l5H0m#2kxUzDx{fGUH<$uBc z#`<5P_gVhs=zZ4z6Vdzs+3@z?XYBuXRye4Caxn70XoZ9N&v*XMGWl8m#Z3O5oXfzy|Q6-xR^hG%;HL4aQb@iLX)b>g#ynwoW_>bdPM^5@= z{kcAKhJHYYdJ^hnSR4RmUS8gv-hP1D-SfBN^n)Yl@ROzO9uNM7=xbke^u2xxHK8eNbZ>ixz(?I2P_-1mE*cmi$V7Lni#zf4%l>JFg2UUlk$9 zrbB9_(?^OKwypyj3{hS`Z7U2J9o4P_IiSHH9DgM863`Q^hCB%CxVASyHdGJVZmyL5 z$VQv4J7t$_sf`C%k8I3~G0C#fN<`|4GtZBI#`}u1MO9|^^!$EDo~P8^)#s*e`x>mY ztulTRXNCOyF%jgGyX^?x)T!8h4scoHtC%_Vm;ACk>_`f!V0IKi~?y zoVR;`sqLue0a}=;^&-F;qTJNjr|jA+fss7Lqg;sHP&r*%3{$+abZaje79llWUv%vb zT%pP3Dl7xrzl#U#R|O54_Lf(z%Ys+z-2XIff@W%5gUbWZ!@Ni~>LEa|9Imp%L&XxP zz1fQIfS&=#q|8|dXeW1gD(FGUcPJ?O*V1(h`IU9IL&x{yg1133l*jHXs*lb>CPH26 z^l&eAL^bN%VLi9*;51}Pa3XI}O(OjM{=DX=I|p3b^;N|ByIje_?`+*Lkd^`M{r$Je z<4i=LPQbtK2^O!PGlpSIF`F3WX-6wiDI-D+1veaI=EB$-bYQ_#1+*@237UpDa9KwM z*CF?Att)s{vOPQGe77YOx3m@p)(!INuRt>t^6;6UB8ttr-1Gr(J2w!JqdfGIE&+-* z_1kL@u4nT+C$UvUL(BZrkE-@rGp!Y`ay7TNl@8ZM@B(PfPm=R1aeQAfbojht)=>yJ zvissamkOc01BzGuIu0nH+Ot`jJ#}odTL+wLNS|9s4d10ZD;{$#!>Js^Pu$CB3TMNC zv@@V~vWP_1)xW3&zLL$S3!AKUbddJ^J}fX|AY&`-72zzcBKhm#h)? z*9CdG7n79T4_y^-)gVeB32e*5TWPvhU#e86E7{6rma%1piAz5ZQpLk57Cw@qbyiIoU2+mBq$rBJX7O@M>VX`aDQr=k4B(k()wXWazF20^Mfd4Ow#T`--!^zv zT0~7pZdTdye|SiuL~WO;PlNl!_p|k+Z)%N|IK0eLMQ?2+zMg2*Hw)lmLrKmF{Go72 zae4O4)3b2klwnk)oz^gP=-K=1*^dDMR{MoRPnM_>-sz46xjt8*V>&Zaq_%l97KbV~ zmSJ}_YP{ykz7lL|HKcG@P#^0$g{y99N2Ac&B+Ti6EU`|(cTf&)B! z*pi0@s)czplm=efx30EMRjRj6m$P6d78~qm;1dnBl5-A*Z!93AK#;d|eZ)ZNd&Qqm zm%D1aW_|?f5yw9aU_clmR})@nYC_MwWTp;NTRCrK`xqfcU`7$3^3l-u2vVj>S7cTY zR*OLSJs}LkX{w}Vmnywyt|2Dlg?z3X*6!7MD#NfVSfez{BfqYmzP9$~x=)>j+C68i z;J62k2g4T}W<SHUxSG^ltnKCUDrKZCc)Z7X!xtwUvix&Cm$foc^dv z-+1_-f9_upi@;97fL$>|Xw=`73mbx9fx)}xV;oI4u*XzPS7eO-)E6i<#$Xzr-Bh*L zS3rE+k>G$cBi>-)gV#@LCTGjS_B-f4eJRy4v`Bp+mECVSQ~bq+#Q3NZA|UHi)$dak zBwe6uiMArbQC(0Ja_+381RTknZJOMeiLaORj&NL1MP*E=oU3vLASg9t6l~|AmMs6C ztjR>1jz3g6K+R6~)E1b!PQ2O3pd<8ZyH+3xkN8tJDUKp&h5x%a=lhMV>)T%ZDJxu< z>~}KDRZq0to*mX%%4q`!KG>3tHdy{wxg1;|jPa?@52!7Av@WPgXatUsc?^-U;IUne zWp*@8XgpY(i-_FG9?MZR>Ew7tMe~HUI%_083+MgbVY`Z$`YzAy>~7BqnnVx*X0WCC z7Nvfhx{bg}Gh85=3)%izS};zwJAIm-qkuV1R+J-5If3q%dVFQdTL7{6>-e5-+jb}+ zcNSYn*Q1L9RdeS z%tIF(C3MEFm00R#8&~MKhd7s{GnRnBc{$O4p3oIA(5wMS^%RwefOs_76mfNCpFv5Z zkI7k_Vy&|~HmxnFpNswE(B%3~Laf&G+99ohu_VE<`9dD!3esL{WehfWekz_Kd#Y)K z=RhBwg3-^4s~jdAQ^o3sr7Y1^%F@T^2LPBY!NF)eVQFa}74qp_Hs3x`8!IQ0$El@B zgVe=xU~qIWV_Y~fXDlIJP*c`s;HBy)mxttATb2fH3&gxS$Tst+J&Ww>Q|7qNE>HA% z2tYxu5j^DL{Ow1czh|2D!GyJ|B6d0_jF?|x{D8*7(&+?Ba+2UgqLd;A)k#RKxL1eJ z*=WE$j|<(r-knZfK`i_6H+bGo^F*VPe1c z3zx0yx;^U@P0rbRsDdPEH@(JeEA)WjrUKAAuM% z1^`V6x=TlbAdCD$`z|!R5XSmzGAcPQ>V*LFTWX<_{gU?%YHHMQ>Op)F^wtC=crBe@ z8<^!6Gd)cDNAENNnfWnYe(vdXq0Id55h4fxP1AvdH)z9ua~r&+1K6r+x?8^H&Y}w! zkr+yBtW@ab4*^8gT$dHJRUN4tCqB%|Rc7VuDUg%VmaMA*@gT=I)?+)!zG_d!i!qt( z$3S*uh2S;$3L|nBAgdwlU%!yV$$E~zZ8P+imQ3pKL0)K(a;0v<-GPz9PMoNVs>dTV zbeNM?az&v@CF1yDmW?y73=+CLjTd<8_;elKiS$`R|AV)4jL`*H&~)3jZQFLAwr$(C z@wIKc`?PKMX`82Q+uS>u%;xUSBzq^>-QV@6Qb|>+^1SsvX{9FYU54oMM~pF?T@{+U ze?$5T5#^^w&AbQG%dsW^$Wq#%cLc|>4JXN>B zW-Vg)W*%$hQH~1@do^|yT|(|sX$IF;LJb1|o7@NSf;V?9U&@m{jmaJ~Y2!T2>8PgH zu0ooAqc=V?vCCog=E>If*Bx@Tip<|_=yowYe0xRm?>2x4GGn$}v0(u{CU`Lj%Yt0v zOh&(JlugORoCF^#!H(*FIHf(!#V=ib!HlxXjt^Y!9?b!n&Q*X1CMvyA>_E2>-Iqsu zM6VC+Y%)*!Q<6|i!RU4t(VRctY(yp|zDr97wYf}+3j3+LygTr{?UIGnm6TZh9TR0( zoC4gN;{2fZ4&OW}Eu~~zPR-6kZ-eBC!Vk(P0kimRgn9A%^aP>@R*F{_@vQap1dpCn z?V9ft4{L+0Ur|4uN`w-|W%j-FmEu`^dw;0FE*PkS>wR{~!e!VP(PrSz1;(S~(7=ad`8?`@*abrZIJPuxu>|97$EBSI;!ZdI+bX zrIvgXcd)lkVJrm5i5NP*ZAP+eJkf{VoJDZ?@-T)(y##*ej3e2J?dXvBgTh-l)?*Ez zXijyo|1J(Pn*sEU>JEUJvDt0J$9laVjLKx4U;ejzW%%L6 zlGHV^b6;enQlLWRYq@F!q!8Co8n7fkM|3G3cZ(Ep_=)7AQI)6HgKTM*i5Z|*kP^s2X$}$aUK=9Qo8ROgh?1bWf-DZML#|ZzA?B{Jre}tA)%|XPSs2$=96>`hD1WLf~MUJo5ccZ>NgQp%TZYQPeH%f55)O%XR%CEPj zCg;0;_8lD7Lvig!GsQ@#z%ZIw!Iek7;^he&k`ZD>Goy@o^Yb7WPV5;Ow121HS5_ST zGCeZLZT;OFO=r(hx$eHce!Rk9VMhRi>5=_MYmI;wDsR#eqdI3KFvDn7Ox1s%o}f?z zsz!s0p#%-?Sj4n`Z0*lZwOl^;41h#)p=Rfhe86NnY2Mm69k$jbVAB;615_QgIKL^U z!7X=r%w1|q%*TCO4yqZ=F@g&6sn{v*lqfo?wQR@3`xf@`9}BJ=WTQ%+GSEpC5Mjiu z?a_{SPCv>mXE*+)cYv>@$n|19x>loFKb*#&eyNzHp?fU#e0@ZM|Cd|ZJFc{V95ph< zzqKEk@#JpdFOD&RFTGox8KLGh%uQfZrsgi$^%v==2`NTgheGj4f=9BbAATO|{;PNz|v8z5;!vzO87jPF|W?>F{g~D<)KAN@R887XyUs2nCvB z1+KO3)4t2RGBvowB_J?Sm+ZX#*QmF#QuCt@e&noLz6Nta>6}n08J1Jg$9a(d*oJp4 zhTHJ(>EawCDYaxvex)$055ltdIxL~gS6|pvTcBB%3?sWP)@;L|^mLE5L13}Qx&GSq z%QneQq>WP--wXE!5~iJy&N(pYszr+JHEgDnod!X_sT-O<{IC8qZ9aZ=;xp=> zpk#WNdW>9?eJBd){1q^&pEI~^Yer0*KoKW$0GB`AB{K=6J8sRr7uIwnmCAr@vbHK7eu`aPvPbbvvLsBHk>*hd;43S zhhHK$6?-f=<@}n|*&S$`y4nV0c9R3M48~6D@PisNzA{Y1_}LQ+XFYuPA9{>;AqWVg zkzl_MkFdzC-5$f7SCZCau8eFTf+n0u(ND4F(Bf%?IaEQ+jlJQEv(U9j&eHr_*#M(k0eIE2{oH?5CuJ%4;y`r?^d@@71a9TaronE<_za#7#7J)?@BGz`9D`sFM* z*B4g;T44>BVP>Vna8drY#xk)Ovz*n4m<|cLtN3c+rmEY(6Wo#I>A*B!C3YRpRx5d? z+sx7dWe@xoEZ*T9Jq7_+)>i<_*3qjkSBE3;8Jd6W)zuWu?gsyToSrSN6c3fz`dmSk z&a$l3N7j`>gt%1g4l;@MK|!LLag&+ zQV~9|w4%wCkRUio(d|zN@}w8iqP#xbD|kZieueEmH0!SUWiZUzn;qG?AEn zbh+45SA7_TGCXT0Q9+(N30V!xJ<~wzbsPNe+?p*d5};|OXDQlI4UxJ!ecx|8 z!$+LI``nuY7zfkLscLHcAnpx2UEPmcx%S4c-S`RC{AJW=f%d}HJH)gsl}n;X`6n8( z50^FND~A2P*O9GUo#LP;VT%crqz65;UQd=eI^2W~z4@9&Zm(tHY{GqZu~7gEjr_j? zIYFODU}0Ju%3jIB6dn2ys)DHlBDMq)8?8~fnPK5MY+5brK$XVUQ*qIa<59Uv*(r|R z7;ONl??@y4PxOzBmpvDFEg2b|0)|_iCR^6DRA`=tFAnB7Keq5`a8PXvu|VcibO{3k z-Hp2~M#2eY+2kw?{<-Vy+lRfUtEO~D-PqEjT0CV({PhkqLVsbV2j|vwtvGm>bkY;z(Kok@Y=R8TTe#2g5)=AUG|0k@{zXL2*+j z&4*jz&a8VhYWvnxRB3Z0C*r>+<1Yb)lW`l+VOW*eYl?P`lGniO@n7(r=45) zN?IJKi%cLnEdJvp@wt-d=ldz)Pc0dXCXCK+Hs@KzE0+5?N>C3*PL9OjA+{4I-YS9* zfyqM?mzv!OMf2;c9GC zkV`*(S*KMnRd&_tuVHH}Z>t{Fs5^f`J`?B34BIf~r=P!qJZFRs;lzT#TR0fbUH1#| z7Or>j3P?O$N_V7f0^Y)jMxR1m_#sG%F4&8x)eyZKK18SX68YJRYAn@=fU<~+*T{nJ z!5!``274#%cluh`1{!^jm%~s;L97>T6DRrxed2H!iXW(_Y}KI z)+OeUr2i33KvA_3N=rpGJ8mTJ0q@zG&J=n`Ez3CJrFJHoG(p#%sCtF9gnI$VP~?@d zG`Ntxu&0ELgp#DHUBn?sJoEtTpu>de!eVN3+Uu{^+<6xI+*kkE`k~?1S$t-E!7o$K zEt7^yG7aRq4iGhb3GfEw<|oT@f(F2{vv_X>v=5a?lIin>zzu)fe4?J)( zu`dbI1eio}{wb;WIi7UT5>57rj=bbolQ&fB{#gCMi7O>+z85 z>+!@hWRv1doS8diqQJfk{*D1=bzh@{0ZXJzb((rM4mRhEKj6XBG=bz7y~%DQ+R2f| zUK4^Z6V}Y{BXD4Ox*wgfi|{(2lDO5bmEh;OyGQUB7XyvDw`Zu2)K^fDgY9JYOliT# zo`4CkD1HCf3CB)9b6U)YFEdJ1gKLtYx3Vwr_}87`^i9AgBb915|4=s0^9TgnZa99v zFFdpUM)}lLQf6S(41?&Ir`}rm^iH%0H4K|F8OA01c)@N^=?R=}dt7Xs7Yj@X&4?V9 zjdQd7f>eDM)5TauiDf8D6nrnxM3s!`q`-syY7gBgTWomxxMlqa#k~?%tYdB`OPN<1 zgb5MO2ubW7*NBpwny)H2@GL-cqi!ezj+`ti>q$%wOIro6WYFlytAP13*N;13(?@U2 z-Q>+NwpkX3+qA(0oflVlLz=#{xi9{Ft!O@-U*HS@v%JmKqm!;J6(@=N2^R9VTRSUQZ; z#HXNHA%|e%1R(`jMs0}hS3L%G$%UB6$d@vbnOadId4`MxCh@q=RW{Zf657O{DJpQA z#8}rWw^26M$X|_-2}_HPL+&^xSrVi{@>GkHiwq5Z>E*V?=@#ABr9lC%FwjZeYI>Mz zHK^ctb&&i{ILJjsUvBRlkivCl~0uVaFU$&i>M!}$UYY78uHwz|_( zua{Ffs>UryB9f64XAIdAFk>!}%5C0}S!XLt2Cio&W&I&zcC5$;hDk;{>n%5UrB}=S zaP?@UPBPA{JqJ(;j;c61eRcv8_Oj@%s)ltUUbhZLeFBL>;QWe8_-fn=jeyX&HRKTEY{v^QqNQ7K|}#P z{S18!Qw5;xwU90!fsl--ly3L= z5i7+a+1?{Zyr@v{Dt^&yt3=jgY@CKwfG`vp$^jps$xU{m-N1D&N9d8JnZTzqRC(r# zX1O>HHWqNNMC#pM>{d7nnT$4p%$C6k?qYZ8ZE!Tbv3sgBmei2s9l72ZK`TXw)H!qc zgisqA5{H~O*Ew0)ASFCQW79M$^kYc^L0&WyO+HHku?m6TAu8A&h#3(LI24hVQq(B= zPpYFXSyjdf0;duIX_tm)+C1QX9zvNrgU!Dy4DM9a#1ZNA`GmyssZZ%3*PR1) zvVLYhV{x3Fb*Fw}Q`6A<5_VeBVTMF5Z2i*}l^N;a`Bv$U;lKS2o7JrXSXLd^A&GPS z76n0jJndG}ve_0-EPLm>lY%HvfS;XVhG=@mU&z2z3K3*W@8ww}d)ML<)yjz&TX98; zJ#!Bv6ii~!{I9OcI4*H|$>1fM70c4gHJpsVFD^`Y`cwtccBAWLG2{&m`+BHYU_fgp zvP0Jz%8?Oze$nMA{h5z1HP#=vbBq&IcB|0<6%Q2L1`u^D1Oyp@e1~J(4tAJ>e;&C) z-f|X&OOMi2A1t`HyxaAep#3acP1u zHTx2lgPiwvgW!WVgcpVy0u|W>HA9rQ6|GyyN=1x8_+dfr$Kmsh6x?Yz4KciC#g|2W znB_*ACU5HBr_*1r72D)f9LMv%Z=3Yz?zBS2E>5mKd)Ob3tZo?4)x2@c3;9m=NKdd{ z$M#4}NRTN*A2evn&OsLV-&f1hj)nR>?N686VQ|aZ-9{THJz^i;+-kJ88c!bOII=~b z-PsE^x;lW?Q3}4QGvTFgJ)s7dlvs}h%g>7$5R34yB*CG7Rjv{)3wIDnCcX(P)p<>Nu~BqRP9zw7D-Fd%Vv!kECTJ z&}{#eugJ0MV@YS&dwxM$_Z|CiIu4PMn>xmgk?sEUAG{zG_#$F^jVL!dewlaJ4So*z zVMeXq-xnO59xEIs{g?yqSr4UNC6V#{!g6V2PwYp*@Q#<07_eGnk|*DU<_1#vVEklP z>iDzkloa9mgNk25?`8@td9mu;5aT?M#O~xp=-~NfHmN_W{AsY3(kxlP4#R4%Ox2H(b|juk$_FGu zIN3O!3`MDzB#6LLBG;MZQbjpl?ad@K`FCP{5b$DH4d374ScNORtT7=UHXfh`m`utH zsdYS2+wX?n5ZG3KaE-yL)4nqq!Tsr$z)#vFouDPAf#p#?dAHK=(ZrV{?~e2}MPLIX zu%OU80Y$t8^#riuG_KMC$bp*Skg&p)>yTxY=AyC!Ob7SLaX z0*$RFVPwb#Tnh%l58c8d72LRHKuYtUZQ4YEY~$^}>H!ISt$P?C63IXlTBf?I9M(Vv~M=Mq^Pl_sIJqeyM_d zzl`grM*{%=k#maXxs#W-7W+#zV$59$be|~W8A-I79NqHHTf|-={Ua|-w|!=lr_8C{ zkn@0U2|hRb8eOoy_;2G$>W<(_;XRul#yF9oJmdJL9xT7^?2FJGLV;PSAJP|S>)B;Q z%{{i+OXmz9A*3-`@_gG_FuMEr(?=IQRbx{mnlYEK@>SFsZ5WEtZ%C-CrS&l<(uMw>6gzdaepULYnFSza!zl zm1lza-#&W(b1>?^8)t&~U;lZtbNp9vCeD8`&ZPG@36Im+udc3Q4q#4Dw(fQT2v!fJ zTR?ui*4{kw{HpIlEY750ukKJ}75xPh5nvc#MEE=|c*uA^&i4mQQBO^ee!fg(IrdzP zBoRnnKd|bp@YC;2REz#%q?2K_df9k6O|DIgj?=7b*sY^xGD7c-@JR3N@?xy2+m|l= zedmDuoF3C{veCCv(W>VPqgu|%OXvH+Ydw+8H)khpc4oG^k!E%$jq=FK>wES7sH0V| z-=Y{rZyRG5RJf{)c9wCnb@6x*l6&Rwwfz2Y9J#*eQv1_!sn4FQA4O}>EcW(wk}vR#xm%a1G0iEcr-MV)>1{Rn@F8LkNa#wpW7 z_+PGOpw1)jd13tnwtAT8d9{KIB$p0`E;lv%s_E@coh25f$AB7vnpR`@Y5R?P4BFpA zjD?;DBkuEQoVw}weE}N1N5S-v81;@?g*S$(jIGrQ_0fM}ECa15t34@jG%=5ox9GZ- zi`2+q@aaFp-O#;Htp{kHIjCnYn3{_Y*zr<-uPTb z%M2PeS}mx24c2|$ptpm;eh1Zzb_U+G>Fpt(`j!&Pk=H?6l{Rogj{^I^NQU%{Q<}zuAmiTl0|xTnAzwQDs{28 z-r(I?%w`QD4dI=3`MGevqjgPVCVlB$r`rYR>^T5eWw8^lZZ_3h>HzN!ckcKss#ywi zL)u;i4aqQyoCrucJQ5YV)i|4iq0Q@Elt;6?1xu2OjI_>mhBUj5+P@>_Dl66M{H@;e zAUB-$;)q)9ooWT4)OFywNm?Ct&v?gX}y*&2WSoT2U2Gh}$1=gg~T)eZ2IC zq;sIAC67{<#w}w)&<5nfU5zqx2s?eN;Q;*)A?{BJfkHhls|BzC=;>`LEhKz~G9=v` z4AhJ2S~H&hIw?2y!#775v_@S?;KFN+3v#*#UHzWD2p#46CL^$M*}Vm`#o+p zKqr(q^KYvC)hFZ9a1Nvu|zgvMhLRVIip)Qi9_*xZn;3nG@R zCxpL@HX*O;c3GRV8?CjW6&g@>&xv!GRt3R-8~6WSZf~|Oh{pP%lN^#BI`Gzt|9euU zPh27#npTf*upZ1{e~!w8@C9SYw_Zo=!5`cpg&Zpfj>?8Y8!-b62mmDu(SS674}_K) z@c^O;)-lBC{ZRuoTmbqtqt1jAgrx`zLPWnWtPU){uMr=5w?$%PBu*iu+7w=#pe_-FG3nMZT#`LW3%ub^w4=`SmsWE$1@p7e z+VlB{VH2Sn z(Ioft=Z7I>;xv*C)Nc}z0%(N3Im>$(Vd6q<70!WV1nZu#_=amHv`WV>voyx$ZH#W+IkSc5no3>e2c7BS8Oahhg^isV)NBy~f_8`P>#Qh*pXlRAgHsgm@HccAxfi^oq_TD$Uom;CP{Fnz1_R+P zve1wYHrR}PstU|NQ!e=Z6dDj?5?o9XqJ=!hwNF*gDYeIiGjUj`KH~N0v@oemsZDc2 z&6gvwK&INdfJ3`thg>k9gr<YT$65bo;hXgO3S>FrV2MOy|+f;1X6B-8^ye^7VZ;9a68kUE@omwuaX z#q*(;=b58#bQ9vnT2=)}!W}asxFS<@Fv{t0wz9GJOQo4pxj50fH;mfN8+hrvV~{Cu zaYc1nwYJMqcob+{D2|=65`=aVg%72r6*pzyLOntwhIIZZMuf8F%Z*s1GHw=5C> zm7b%-T!V*$4Ps7New+5O*a#efrMnlm#?CQLz5hcFP_*EKYyKTKZ^O;CN4;dkV6Wj< zaREH|x>6#d*QL*9m3L5&xJB0>V>jx9cCOsJevak*XzXdFZ940%_yW6WiB2kf4_q?X#insK`l>Pd@!VjABrt9E zY#og4d$$bH^%tA9f%?Eg#<=$qTs4H0_>{L+$ef4|A$&Jl7xo&c;SRqQNMo0;w%>O% zf7IeI>zp0ITag5==Q5d)8MOSC8)p@d7*D}=4<|1&KDWI{j|wz@+RH5VG#Upo1h;zO zfC}n{Z2y*M+}MV)kthuZwme?>@f?a|0M3@gnj0jHXIo-$$ZF{>x}waPY816j4xwDZ zvt8gxf60PqejAgvNTk_AeWn?i>yf;raYd;-tJY?MG@b5D8foZu{X9Wng50^}Ro5<| zn$1^&;e8EEk~AvKq)6no@afgsO_1%#XLx}Ly-}x+WuTDdbBCC<;K=rGKOx(!(!%ir z%H_V`f=_AuS4ap6D2)Yff!Xujt#K!;yT2<&M12Z3*|KwxkSH=)pPj zMOx05FD45ZuVPHml6v+NDI*z{T{3lT7*wi18;^t|b}Uou>c@=(&h?Ev!|(hfm>g*H zD>%pdNamJP1ss)fbgdiVZ0fveEv-n9>I?3lslhh~NXY8hfZ=VMJM&b%B8E?_rGX>7 zWwWF1)hfn|(0xi+2|K-3XNI=p8CGH~Me7!1V~+_nZC>F8`yO-|oM7+EOnX|q2CQ3G zqe4k{S`FufIrF0+TjB+u69?EpD^^fhmELvR_`F)Y@5|X|pt3>>U|CAQUzKMga+IsfDFQqtb zp(f<3^Ys(zc#kf<-AA(-SQ;Lzb0Q4SCy`62y)*%mN`=K`b;&9eDCvYkjQ+xBpD0O*+%B`I~Q9GXL zUbqudUesW9DLi&OYUcBZ(tc5{T<=?WVL)@o9;XbWfYlcyAkz1+ZSOSQfKV9Z{6j*f zw2E<>ooei(+^sk@#sX$XQX5y8VJxc6^{Y8Ig-ZYgbDNYSq}yldoXRyQq%bbtd4)Dz za!s|$q&YI8(&N(#33RY1@x|MeHziA4!%6t3eZdq{Mr<%-Ee0SeGg`cXS)!n}b=}nj zlfGdoFqipUQ?N~EzBZfOxjbD>O1}mLI)^0E5MqtXbDaxps8U?6m^aKts)n@F?pc8C z{ICJ@7@b;Nl>~b2%+P9c#)rG*p|F>mwQyily+fH5Aybjrl?0O4;fNiiC0#sxY5Sl* zU~0F{=yG*n4YP?L^GqEFK#)G*fQb7M3w2(EheWXnF5& zwcXu?^rUuaPMx(8u7xi;nHkka(D9w35kCGT6tw;{Q1kj0m>ei(#Qz{KHyXUgC;mB) z!Y8Y_z1GJaI9DA0!e6&+dsy|Gx~pjo|{=#7D+WZ~k)qgIk+0Wxy}`UPohdI*+Z z-ak$v5sk<`iu8kq$-T#*@>@s0^PUO?>Q3TwASk6w?MQE?t#-NlXW8S_3^tYE)tOQ! zs^^V?ta>|A^?z*4=s{0YXoN*3r1D5~lyQ_-{RJZto((V0^y7*gZ>>C4sEIF@9;pm7$c@hAJ`aRL9vev!-zl|9L7bD2M| zA~`inCAG;+0I~l0CyR$kZTE@(nCic@Vx9{dy;!0;e)h`QY@WIb8`tz^PdGiRe)g9w zJaa)5RPa+GA;5zjJVo0zvS;iL*LW=0=y7Yj)h0Og&X=HYSsdA}q>)CRHf}YP>KFvn z@_U)#mw(3cEK;>P`DKxF231nenm9!z1#I6V9u)1Cr}`^XZiwW;?fJ9qw9RI{x!4n4 zl)<(iYKmqvqM0dqRf!(`L=lnm5JYrHVCO^kxNm;=q0gdNi1#TKzeHUStZL-blN?9< z6qS?0={)nQ)%@`cOTl)JE{J_HJ)#_>ZAF*v^B+BALv%#6o%G^KY3jV;Uv=Ad=>M7?=eg z=fj-6Pm5U*{G@-|x>dxI93;x5Jr0vo+TtP>ud*~RL-OX}&La3-25k*s{&Mx)y=rGA zOt6AjA-8R6G3t-nToEJ5`8pTgVssoAiykH&TDTBwPp(rV+Txy*ySMiS7un^l7cSxl z$J>UyBod7{Fl$HbR`OoQ1+6{x=oow$Wd9BBD*QVI^cI>eV39T2>n5kzRuV z%%HZF!M4NLGno}Vmrp3d87Bw_bco_$*UX~O5}S(*b{oSnrke!Tn^V1fHVFyGaDj$#&ebE`MRSRCX1Dadb-dYuKT zaDft>;UcYJjAR*myDWQK{awB`kCD--jVI^R=s&6VQ^#Ql#%vT$1aldecQJl<9cF&a zDmWKl1j2E>x|Mj`h>r$CUtEH}e?<8pz8v}NBD>f77ooT&MSTzXq1PN@qYi)VR3v7$5n-c{8$mK~Qa+=_4$}Fp-eM4q8QbH7gxwWT)e2ek z4Z(P@VLDm>pJ;prrUKIkj73d3-L%-_^5q7-d{`P#BqbI?Hujml4Si!RbFr;W@T!=z zh6I{SnHFe!F(<<gSbUcqFNwmwhhKgI*4i+>wVY-XQ#R&}F*Zq$k*6Ca>#R(dIw0B)P{ehN&% zqoQ3Id{j>ISIZr_J$^dDrBUaM6e5Wo7ccD&y%-fnVfM)#0O%#nfy7a=q0&nOyDbw$vn;cCPt6FOhbq=ypvd71c$n6xqg*554>_Q+TQBR5 zh>3CG%ia(7XGlbvY=@?@rc*Wb9YS;OW&F8{H~5?!iO4Qz9K)?RN(DlnqQ%Xqr7~eqhGs>%X2zW&U_S_V##r{M14du(Y6Bj;H71F0XKor-N!p*$%Yw z4onv@duIsBWSP8u``~?s>qOjP&Jm?ZJ$QM2bo6_v{XBa<24n-eJboV6udkaJ@8o9+ zh`;%m$8>VG`$3oRx80}^UwwnQxBI^ai(=|_a+ons)q4eI?8Jp27pEm>-*4Lu5>)}* z)Hgh8N?DPxSj}!#L`HYnj@Xzqh5B8msm23#1XK-Abs8I@Yz@CwbLi1ybXk&Z8g_!| z>AV6@M_%|7h{0>34JRWH*|jp^XMdtN|3SH2m@dlgTvb5vy6T+G zW&(Di0+(d9FvLCym}vQX4f&H}zZIWf2_Fd5i67wyK6OdrfL zT*DPpyd_R?P#t$*A<)E?Alt;)@mH+EBI>=9@<9umQ4cAyF}dp&Sy7u9G)c+$GxgFA zw+za<>t=Nm=3b>@WQLf`!t;8R=0&nl(FKSogoSLkIQhG3SpMA)#C``$C=reb$Dsl~ zrJ~Ou2NCm0ls~sY{^OSVdv}5eRlc8y&78!b+YNtfz!}w|3rC#91VSfe?VjecZ^^|8 zR@W-rl8S?LO_Fo=L2ysd*e-n~=!CaN+C8#G2%Y0I4i%XbTnTsJr@<{iu}I?ALG`8} z>ics>ztH%tG?_Xa^Qq{Ns%U{dGy(7rzZ5BZ6gNg$Zj$r*l<8!lZlR4EywneRS?kc! zjZ44sas=Rmzo#*zvpZWTqr(H;W)z8;*MMPh$2S#T+vh*y<2z+7{u<18f91?QC7=={ zSsC&X=lT>`9L%JDJR~mvX}^myOAYn80q!WcgX(%d+u@l72z88j>_OgSyL+`QEP#sV?k?{iG}l z8UNy8pzl9y(2T=6_?oN;8)z2+X9Qg)C+{xF{Fj4S-N z_ru96;N#o;Wihly=Wz9wqE3N~c1q^2D!)Cencw@{mwnJG8v{cxmBH3oGXvwzOXS@O?qC%tOUlbi!Tnd@y&qKv&*P-8et^kO*P~P8U5ko2VBH;zvI8cmH$z* zz`@1!Pq^}*+o1ndT*>vHa3#mTj4S`SoB970uKaHSN}~VNME!ryJpe{Pxxd8m&s7uu zK`1$x|3yNXv+lh4Csk;FjO!?I!8hcN8JoN)hh$t4Qfx`+L<%Q&Xi6-ymFa zY)m>Mbj)EWVvmN; z(*vt)FNj}o>vZzWC<7dl5z)%K{+OGuof~fQcGsk?vf0Xd070lt+xfR$&FYqsrnHxk z4DRmlw6zC?jc>6!Ihi1PdtQJz7<`BhG zQwKQfL?czvqNsp+)^Uq9Y$BqyH{`56%$x}|{af1QBq^`-)238a`hW7d>#{zhm}C)m zk1PFpoKQv0tx^AMnZRb7cpG{@cJ=e~2yjN;&XH-$&@T$88Wp9g-#h&~N#@%Ltb;46 z{ecCZ#VIf<07|t_L(|_D#AXaWP=a28Uo>f@sVc2W`4qP$UP%@G{cp7j1;I^j1p3BS z;OyVt^S#GP1o|0z7|)*qzBUlJaai?2)P?v$R?Rehf#@gD+dwU-wECy;I4DQ-5g zcZZ-*|2QO{ferCn*JdPuauAz;GwMf=FP(L6asI?ZSloE=*=w_O@xl_|2$%q{kIa__ zd7SbeR2+H5i)B~ zw5`yz3qhTynHT_a9oCLE4Cta;J@i1T^ZbSYYaK?2t8_skS?F1W?c@dXf^d6K6usGo5fZH;(n;K!?<+g{f&%3wxA6I67 z9Dj^-rJT~KX+M8ohE}a42~E00Bf<@lGe5o#F2N6)&%48Ye|!ONwC}IaYd_Dz*N8s2 za=%1t8Rc~`hQ!m}I}pGv;Yj@8!{1wL7tCIMZavmz*=V-$B9=sOselaNmtn8<&r}syO?!TeG3x*^|if^xuC1P#(cGcajxK;qI zFYD@#jxX^xCHF%g)64H8Uq{(b)6C%UMRoC;6lERhGwWcx9VR8fs}g9k4cNIfjof4kvVF)t>c zmbVC!X)_hHR2fx@Mh|5JIIKMvagu8qE94v1xL73W9Z-;b)M?+ywwe=rL!DU$RP)&# zrf*5dx<*U|et~~SWqCFC@^o$I7;N!(b*yiGT6Ob|>(wYca?egI%&kg)@@$iyGsZwZHk`OMC?kD@SMtLozQ{eKQ4 zuqm3)iR#l&FJmyJHMLRfFpSngTNPDj^*>*iIVoQ-Jy`MNve#=7e}v)4n}vX5iV;E3 zEara!A+w%>#2<0bn9;%SQg?@_sZK?bPe%zyYRQ0KI%k4%mY-&trlyG)i$CF48%j&# zCG;=yQuFofG#Izyq^*WzwFbj!FAly3X0(!hy>dlqRwS}EV_@np_VYZvV5oo8gFZF} z4K(_}#v6L0XQ-Q{EV&(Z-@ch=RS(!6r-^F^MI|RUdfCVZWP#7-z10!HM%P^)3u36F zx}YNQo4w&eTZkBgu4vn@Ikz?2xeNhGdS-z> zPcgKR@mWThR*2KLlW>TWTH1W{ByhC2lhZ+D@#|zGX8CZ4Y&X-V-ZZnhDxnhnjU@44 zVTBk}T(=7?YvDn%rOasx7S|a^aqEBZTGwI{OzN4L$k5F(Wo|pfR4~7lBL%6sv^9wW z_z+hG4py@^V;l8nVf^HVddU~$|DGtqUG#w8U(T8NBLHUd4b~h=uJPJEc>ks7jd7xop z%&c6(QTX>1T&i?$v+kSc7F%DWQJcimZ`2ruLDH^TL{Q>YoGDgyo>*oKFBMWGko7!d z#~Cr)!E$0#!=DG%PmXwj4yFH>Z^#!eo=GH+w9O_&{i|5%*!eZ&I?@Vri)_&8Um~@qCJW&X7 zDh>@zdx3ab{gx|3J0v_)9o!P*?Yp}&~+ne4zjyQbQ>XOT~MsAlO@ zfCF2pS3FE?!)Sn4hw%^$@8;fq48M1rtqVJ-rW~IEGKO1{mZ|eY8QW2@?ArijEdwjL z+&RE#Ix|T-k2ff&jSP{(@Au`lZV+x2@t#DKLz27y1BU&foCWS7W;Aai2pSwcP9Q5q z>hB_&^xte|?wDf3UK}m`S5vzpNJEh$RxYT+ot&fSo0(+yvbCYSm__g<~hF_R4UV4(+LdU2jmfO#MEO&A>W0cj6%H1O`blOMdd# zy$O4p;SeFVcC>*nDT$QWuuZ8`LHwGHOxdxl{N@SM>>^yR;#lSyk@JQMaS)onQ~N!% zgQ4V+NZBkTWnjgT<#hn^N*@aJ!ZKX-hDeIE?;BJQ>%Wkg{C=l5JB+q8BrvvcY1P(H zV9jsn7~rmYYefl5SXepGBZD8zL<@*29aPCf$bRYuNqr9KN)dQ^-<_$`Xv)E;?;3t= zO%T&Q<9<2V@dO{p3d|vL?!nGFMq6-&G53>}46daNdHkwLmveG&>6NO^9ll)Gh6#nZ zk0Kyt=EDCpKNoedwCbseH6pP`LdGT<7ALi;npi+smz>$aVqTeyY<8w)Uea4S@Vb({ z6!){vZ*yw3In9NCuet=~OEiRgH9ni8$%{xVMY@(M-07ane&nSJ>bXW({D|@Z#iC2f zmUWNWmFu1f8hF|=+Dms0WM&EOI)}Kb{fV&4;x*Dg zaS*MUg=2+0ZuBVf)4Z8O=BE#dQPos#KyIXuG<8@TwQUvvg?9xa=pUFy_eCK$+hyTu z*Cr**hNo^0H;$A&e0i~;TzMwYJ?jh)v?6nHN3Uw6ijeXzo1B71w0`ak?-zTT7{@PX zn0c$lfl@8h^hE25hS^olV5aIcsx(?0*j9@H1NNeqZkf4>tM{XX(yYskr;I^#n3ez3 z!%{G9;V>sW%jVY+Wh&X$?A1k+8h^ zEc)9^qfso6OFDVR9=lO*L!-(8<35_g_gfpgoJ&gz!4dmf8NP$jn~y!p{E{4_(PHNS zd0_37dx}_9)@oiCCQMd?<7-XT^nqBarHQrysWUQW`jM(lzrO0qhTIcYyQsT4<+(GV zaJZmw^m0ntQao|mt(`p2k41bnaFsB^f95n1E&be^Tyj)*{bVY=A$OeDtBowGn6DbZ zbOV~bdoSceroqvsjmd#^=Es5C6zfcynTj6D3O%=N{Sni=J5L3b<}VE$fb9rL_z5aX-bmxVX)L?SC?(uwv8^^wrzCTwr$(C?doE8*_iIP``q)Md(Jm=@65kh zdsoDh*cp)#k(sMjMC`3Mk_$nDnY-__Rt^%(ciFY{HH>fUeetXNz{`>4bdmkon(NFU z<_&*zwXii;PpsagIKvhUV?YNzu!VC zDN6KSEB^=1kYvJ)h>Vuu!EPX!$`6(|x+V9hDS$^5~P z_I))mNiREKA>d3`{yDr-hFg@b-C{%esCuNgt91*kv<~ln3NZ4{q59d+Dr7;t>e0*H zjmxC>UyG60v>!1@$;_X;exMw85d&y@B!3%TfP5quV+1r9^h>}piQ}P5PO1%)8VEI} z@@LwowzD?mIV+4Y)-(#v94eKnrIwK-pj<`p{OaJ_zXH}9%k49NFiUnKnvKU779{*; zUrPaEhV07RqXuGRm&~-;j7?TD94CLwwJ}hp-$Lj#`Stca^5hV?Ki9!}zbmxU##yCu zPW>5iUqtaj`RZs3d%Qzs2aR3EkF7HLyayK+72IJQHf(-nG&8CqXhAk?zR1rDNI^^= zz=S{sQ$Q#h5w>iyCB&w2N_xx2N5EzVS)d?`*X_+@zG&OQ;Mwy#O(4yDQ>MOHB9%SN zO$hs$5|2sl5}0Mhm0BTB~UQJ3SljDbdkmg5GaS5gp?b{C5-9BMnB7b z`R)5Ny^coC1j&`GQBuBm97EH*`Yf>sZGp~rgo4-+OK^mI9YF}1W^s!~Qq_u;*WQwF z*xR1)Po_6C>U(DKJAvU_C`MyookoqqGd;p^bx>)XDN^d8;l=?S>}#xT&)5#L8e*f` zSu}+YK1Afn8c%Q>_V3&Pjekrc6fUo(Q{Nuj4hqS z=7RbN%i4jVMGf)02PzIRw6+odd5p7U?UJi#P-^HX1tx`Nlta&WLbNmcDrv9+ zo3x;Tw=>i?2B5RSPRa=w7htc%)ZBXs4HEKWv`Dq*Q0?BFslIwIQC%iI54r#ZlQTe? zckI4egqK>0S1fN0xHUT1&a)e{nihBWZdiJLAqc`!nf3FXo5jz*AT_`(k=)bbby=$? zSxZgWUMF+zB=Lc<674+Oj-1+s@z6V)j!DWyeXdwuI(vSPocyM2ab8=NOoE1(j?KRg zX03=w_Jtbf=TT$c6!DGZV3-jnrC;Wpf+fRleKFLw_hflHEHsR?WpZacb&Dgu^;~jC z!+y(d5ETJfH!np}X6v=5fD(bKG#1_SNk8QVQbW*_#z%aoN}1}=`EnA~vhMvzw(NQP zwBb`c|63|Yp;)uFts>orRJCWyb}Z8qC1uQ@pO+eMDU~szX}jJ0)aXgXgttV>I-rHO zjnQa>gVp_j;RZ*@hr9%n6eKLy*)hriI;h9IK^$5FJ7~cCxxISo6LQGyK*TA#<$1?k z%QPKsuY_;*pqzHCQXCxrlNq=N%t2z!mN!M7SL$0X_@}Yrj`MYw_4O~EJ}mB^hUzly zD(XLxa}>aADKs?l6NqAUUO`y}2P+10>digtwC!A&m|T8-t!wKmCCh`$=)Y>HTg}nP zfLq;1WNWn9c?#iU%=UMQ-L0K$ckWbxAxz_+o`Hpe)5s)D*k3L3N*A%BX}(`Vh02F% z`{v-xIE>Uq52l7W-}11gFqVGL@{|?@YZt=;y85hra%+`>mhnDdH61LNP0+u(gNYSL zlMSV+7!F#|PeU`LfEg&wloAxbPscj-)1&5&}oA zH3T=$zPd8H-yxr3O`y?`u)^aw(>j;kteoXGXc%7?vZ^9A`t;+$Es)aG7i7L9S1SEd zW(!`!rlYbWkS)5QA_UjD0tHLRTE>ge;5A5V79jN1RJ)i!1)o8W+kl@bXi4-P|! zk*Q?42S3N=7TNsRuqFs?0hT#$sCTt`Fh>;o91!xIpe)dgJP?$V-39bqFEK!Px?t)O zGsn{Pf&d-s5ryc8Mys}NYZ4r7=3uhB7@G?Z2Pt?&PD*NN`DxE4c(A(?@(lSHbSC9u z()xuhx^~OWC^G|pDgYEj@IoHddzZ}2+t*ws8$H1(BPA zZXaX{;9gCIgs~O?%v{qBD8&AfzCuN(*hvdkd&{C^{_7ZDaWffWx+yv0HBW3F0yE+ zx1C1orjU=^c--@i`~tV3zI=!ItC8G~Or^nL>~`Uh8C0o-ZnWNdeYYv4aOz6%K+`+O zMnd6_frXdoqCnd7;BR?BT_7IH-~+yH0&5gs2--@lA-eM}mm@?mBo^R)(54MY%O$n? z9s>gjc^y>hgu&&1_Kz*ts1bVbchn`v!~R}Fw1w3`mdIzfQj&cWoLFjVJlB!dUsM`x zBKJxh7|D=@{9F=T1f-k@7RTzcFgV*M<72_M83uqpJnQ6-)h%iF1Q5sLc*sg~e**uF z^sdJzeow9M;{g*KFlg7mH=0B9yFXnJV!DI5beAF?Cc?MP~PGx4(pn{IDI+>$FuoTBb5c#} zzFKwLCLJghdT;1OGG;V*6s1(Sjvqq)Ts6BHbv814J$z@deZTAC!&4P#I zKlo8t{*mCtLdWpWuXr-EAd1&i{Y+qx>V$?q6l=@K52g zF#bc5PCtumc(jsch7Lc)@tZ#VZ`yyjXZ)Q?#`v3sKWh2&`P4rz5&yfS|HWbTzasu8 z6YYzf0`Q|3;mj?(ZI?{}p-m-?OHt`#m^4J^dg27ZphQ zKT@G*VElvs^kby|cP<$Jo@w{L;)0&>_oV2V=>A})KbY+|8-Hws{*Mch{?8JiXJPtx zHdy}iBKx1P!SY+P^sIko`$qxvY`^tE&-RB+wm(u~|I?41_21ZFp!?5X?EN3G!9e$0 zxD0f^XUp)%+8OBonk^&){ckoI7#RNG-{cwogHnF)DE|vKSpLZdrKh6B-sLm#TDG!f{iT;rc4gvw#TpZcT zOU~4*K^HQh9JV;x$xtZzF#2K%UMl_X)D!_9g|hQ}Ks#Tgn%#4qNPkltkY8)hMre;??7 zNUIop`yw+M#?LW()hI^JDRiEI$m_-@L23sOKl4RCU!2^de|B#Zj5t*;Ogw=K|6QnC z$fF`^j{-@uMv*A!aTV1PZ?zBfehq7|y_`nRhr|N_3=r{!v5L2rHx_f%Zpxt`(Rb4~ zz?aZh5dfPr>I|(adPQ_#iib$pSE5It$NJ~&$$hiDLY0hgZNm`AhbaLgynL06dsD!0vfGcxR`#PRS{0w`gNjXX*B$p$Tbz(8cXheK+Vnd*XmYL>`n9%*#ry8zoX8 zFnSOgdVC>rksY-6!F_SH!8`KFF=z5f9{_~rcEhysP6q*~2cY(C1i-Fw@#~c20Bi?< z1K0x)LsvkC*R2NL0_l(x0cPr<^7X^M=(TuWiOo7T^hu0=3x50B(sR{+zD(c~-$`-J zx@imMBj1wI8`KQV#02u+H09^na z&+*2;tL@453TBa33x>Q^gm{u%i;fC{=2c!=%#y?R0LbPc(EtS-y6Czjn9a6-=Z__w zUH<_x6n{L)>32oseu1LP6;`zd9zi-wOzC??)TWD1mnCE}1sq%uz4@WZHmt+qKn$a_ zy1KYC_vaQeR=ElHq`u+VT8__#i`pz7yuNvaSmmF_{R~(P0O1R}u!=T}P0&b44W#t5(i$WK z=vc@_CYLgzf`6>NMbxnZ+>BV4gtj)>&S)R9E+?tEx~*UILe0@wnIJq7p%}@T zeNfN#R{pGuwo=E-jChEGusw5=pMf5sJ@|&xy=&_BVYb~PZ~CQt?j%|~3A!}@kVt}X zWH=sH9!Js>R9i>F^PK!(kh|-tWpWFN`Vu#X#e13OW4R0IecICt`dEDX=6xIN*>G*& z2aH+v;->pzeb=Y5WZE|kHP7qws-G|3<`2vtK1WXcZJ%Hs?jLP-R(U>*x0OC5vQ14T zSu|(;;*1}r!)PvL`)|s;!e7g&q4=GUvNhpWkKI{ zT6i+BR~*2nNC2f76qLI$fkzyHfz}#0pjgPE%<95W8U8>^;uH>aRqr6^wZP=TuL&Vt zbd|uNz-nXf=~+=Fo1KD08@@PrS5ISeTy%RcvM{uI&m(cfd^-zLy>=Q|EM>MLOXg(R zIXQl_QQ6GQg4pa}P}t636qn!8^xREEomW@LasMOxW!rQDdpu(M3u`m}yP>f`M+#xs z#8BHK+!1IR#{Im{%slhr%gMIe(n^g^n$U+lW5}{(d>JO@+4Hd{zbMe{kDP!3Jm5?~ zD8^z!KtbiW?^{G#AP)gF6O1$HkwgT?1S0u4@#Mv4-@%uaTtZ@fhmi5G{fqjMTVjsx zz)cCn`1a3nQvA;Z4*5$tDY}>^q4x^9@E@dPCD`R@mA=nw*8x z{#I$d#CX?D752C7FC1sx9Tq4)s^mV)N_N{m9pw?MvWGt?_J7@JWzxt$2n2>qm>n@k z4u;56c(Z;O86zDu4q{qnoGUHMAog+6A9wY70Bnuz4`5kDXb8mbD+45-^_BHeY=LC% zNwX-ehoo#k^96nVNcEJ22HBBi>})8Y^9)_}qrLRXo=OZrSPy^I@Wh#bF_z zW5VgPw68JOXklQi(aS)#KiiT=C*&K!JbijXW|t7WO}32Gm;Z_^-O6&sB2H)^#_j%s z_Wc#=EpF5IOyuNCD+@h3|CaK#*Ob*YUo-byS!}bQK4OtHKpxi$Q?RiC-va#@g>~e^_OCg&Vv1kHf z6x`i%XtK_%9}C{vJ%d~fYDCTP&QI46y@h-C*UT|s-}F80(#VBY2828b-Xl4KEX&`s z-Zvh^)fJ{NDVN1y6fz$#vY4S(nH2JlqF*Dh1M;9!x{$Xg4ks2TBqz*sgui>J?r*=| z@Akg-MhB0~+~>9jy9c`?`4F6>2v*>L_fpKfC~H#EZM*RA-N!VSeCim_d2&ST{G6dC zrZVH)29eQ`x+UpD^8D`b4AgS#;STB5#E^Y_L&lOMZOmw=)w`z3nNiEBM(dHB8Gjq6 zRwsF)(8ct{JZY`qZjO0QOF`3J@mcP<-ck7(MMZ#R)SF!+YK-2ktV3=KZ=2SK!l#Uh z+=eXsSgLKYO~cWvt-HTGwII7NyV7Q9J9oR-XMG0f#50vkGAjTi>tl9*4y9DYJ!xY~ z!Vpd%Wt%SxHI8`B5mekLdj7(a@xn;YDBhYNUCbnA-u`okcjASy$*PbUM`galC?pHX z6Q5SvD^U&P)6f4^x_xWkKxMZI>Sr)l$TNd(dqgQhqHn)4sYi+1#5@!lDADqYy_2Pv zgu~Vh7pTSfqaKP&07FRd;`1i2ofuzJmE#ZGM(U9sxPp2iI_u$37wL#YwDdCK2^-A~ zACT0=z4<}&MK{Oe&J$lN*mIKSF2~D`=FfcPI;7C*qRH$UN*dRqO1wuT;q{wMoTp1n zV6tblO8UN-ssAGu<{;FP09RZ#|3P$Ry71)M%m`Ks6lO)r8vi1U`T(Pl{~cRPf`}tq z=wQFbdRcPN9{wq^hC;f=>?LOtOc$)I;H1P((4HnpbD>{gBmB&I1p*zh0gJ;My<){i ztlApqj8GC8Gib3_W)f4-VZ?tR{~&8X!T!shi~_hv4YeJ2)+5_f;08ZVu|`N0p#_3O z7uaT(QmK(>!kQ5Nnf{O3*7K?#Q?xDExz^Y0RoMo{B;?caG*1tPG^JAKQXRl2Q$azU zAyoeT?m+pkKsG5Pckyw#=oOsul$C?7(Xp#x!-(GI1mlS1BU0BuPpR7YmCtBLY%)F} zSK6X$D;WdsrBeGgD+(L0$0XXl|Y?}Re}gRJ@$PJ&vzG_$zCJjY+@GYW{gfZyZpsa#Gp zP0A*~YtyNm0Ui(Du`T7LE<7uU`Nnt|u-zJBN!YTr=F*pW1ua#+_Q@jhTym?T zKA<@(24H63@OA-<_EHN(WN?Q?sbk{--9h+$^xV_57SceCD>QP2`8FaR3ui&;MpiUS zDyqy9MHamNZoc5e<3zKXKl*R!nNdZaqbc{U( z$}D*#mx0Tz)0VR}r0+hcSGJFa>ok^k5?ajP4*_L178|MIeRQ4sKRvhyyh21qx`KW; zid{>pQtxmlH7<*K*|TeEti_jU-b=KlBGgwJy&~@15*z=@w}F<1rM}dd_en8+7Mawc z3gX_-(DVgqSX@Lp$3k0>46XV$7(=7nYtyX2Vv5;=TfOIIGpWztdNJ0}vU!pxLbU>w zz)IJ>PFmML!@$X5$|32RCzvLf6b+6FHir}jKf;Vlc5NuWYH*((@R31l~vdz^R|MnpkAWfL;Rld3u}g%?uGBuclUEM(us6uJ7S1 z!Mm6(cB$V8sZZ`Y3LOd#UoWWf#q4RLO~l(;p=YS z;w9zhwI34-4m(tp$Z4=k|Y_o7hJO-}VipFn7$-c@wacjfU14E#+QCo>j&qsDmRR4yqIL@& zV|SGz@X}-keQK;p)zWIr<+DbC4&?32wWuPhOGKvary-i1VLMX0t74)o!mx zz|s&Q<>N+6-N4RUH*v9WeA)N}^HMvAu)5Tf@THt0vu?Xmvp7BJt_{= z!FNgqy4nxzztyfoSfJQ2mM4&aYTzQcKpZ9~I=aV`RG}z(jCOipm`QT__}CJe%22K6 zsvgK^yBGky8weV`%M;ANOJDN(bp!4-har0d&NPm5ggBJI1i$*zLM}D(li@RE9kwmf zrIoLFRz2yc@{F=SNd#8_JXZ=OaPMfWj1Vti#r7zM{M$$Br8FUyX+}3DZTn6!IF`rk z$8*|F^vT7gs7>5^j?zg-n@=xi zM{mol>zZStTT|gmn(KsJBXiXC@PNaC8q# zd`)8Zd|cS^g6k6f@Rqe|sup6mtxD>mQ<_AXX}{O;TCYqY7t#?@^G&TYV0=WXB-<%g zgzlQ4y6nj{UJdI-hCwUUsaIF)q|edEh$LypF4b7LgaF~B_d|b|V&(&$0p|a7lznj+ z2(;V4H+A=Q^;psqLTK2cYfefNUd&->faLPr(w=A%IRLre^#-6+D6BtaR4f!|jjNl(Z9G zZRY*dT-HS3lhkAy3=aF_+T2`H_3&(T)}o_&(T{5*9^QN|@cNoho(UuA(+X_XQhtkD zobP!GvB?P}H+{3CT&%RIAq1mbjFhSEj6zk18jEwjb&{+3VhR9xo?vdi17VsVF77D) z2lGPW5IOd!v5))A^}03bvT!NS%?Lw2fYg#xzC|Q=J(i&LxN+N79loooJRThQ=aZ2a zXB40zLF6dqc!`MyBFStLSYSGP{_zROZtw;T1W6~ekZV|!^QxKZ$xlkpf zBf=-48#_}aXB|giP}35w3Gg`@Qi(`;!u8ey_`w2qUNh=DIE$;>>aW6cmxG(;&$L^* zpXTUU;V$H0R}|LnE4{rRVNAOR85@r*aWHGh&Zp zRHk^4j-^@BNmJXehFw0INW{34PE9`iF4h>-a(6!`V=~dr`zk$#y ze9G{n#(C97u{qf0>xNn9xVMVCa&uI5uDTvw+FqnFTD}{TgqXI-S4}RGuNSl;6+z3c zF0QGpdkrYYheD=8b^@nUrsC?I29bL{azk(Qv*rqcB0G!KP=N5{*NMfzCE z)gb!1ToLB*^X6y8*f5swam|{W4}NUb{LX^drJV6k8-NN$_-W0})3q=VBOWeaY`4 z)I3``S%6tQo*}^D&hMbDebS2IGW@XgbSZB4KxC&b5!f%mG^G7lqR^$&*5i%CiyKzw*Kf`Gx*vc?*G&ydx#OW8$7eDXxB9Bimb zBZVkWYIofR`@CN6R@=zKu4KCryz4%>K5GkpYi#zsnb(1NyTN((xGP(yN#Bsys%JVd zk4)s=XgW%kOzLhObUwS#pvhKKsAF*1tH)%;I#K;VZ@x$-k{RQ1LnL@%P%c46s~qx- zW+vpFPRrJ@#!l8g%8c=`^R91X_X%=x^BzB@Iiq%a;P^4_+LxBKp3Js7z6k5@tZ-v{ zEFUR13#a?D)5W#J2!lmqRAM*Q%#r*Msp^q^Krj+o2j3JpP0kVUf~G`zfGwmj823hb-$B=Cu(p!;gSL>EdEKUigz2cJB?36-e)j6tXm2k)s6LPh7*Lkk#k@Q`otW{>Mkx1HP8bVY`6-7r$?dGPpMdp(G zXo+-j_p1A>>$6^!>|~}kQ{~}xDykNYaAqPKISgMO zip*8&opp8u_km-lU%d{kYH3I#P}CxL=}zx%vySxXeeRJyGM#aQO1gQ2T(^zH>F4E* zh1RO11(ap4bDk6JGs06sbd-Qa1NGh{Ny-G6q{bzgv-~8J$QP+;bt;*0>ZIsY!*Oj> z9fR&!npN^Zxpw0Q)k=+-N-fo{XoE!-#P-dI$j(@v=b5{jNjxI9_3*2pNqSyk*Iq5D zV=OF5G4RYGlXPQS2KQQ8ZcicEw`Yl#G!~fxRy%@DIlebEo0Ht#Mr_55&(TLt{eXzD z;ci6iHQ%Kybu-a82YThT3s|yyvTF=$bRri9O|sb}6kAp~Y#JYlB#}2$i@o39XOho& z)~_bO-np|dQ7wJ0W7AbOWSZNuI0YC>Pt3-e&fR9(?H9*wI$!1hMHnyzI|L$YKQc*QvnpUc0+ zPwc-3Zl631Gf-q8qdTEnytThR%TrlmA7=Cnsh_DvHnLpkZyOaoEfp@wI%acB&oZ(k z7D=+yo0Dpf1O%ka<-UJMlpuih5c(3$QF1ziMI9v*at>Cm<~29yRA76y2X7o%o+~&^ zJc6I0weSvHu+!2%#2$5x+6NBsB#}O0GF;0;>R(dqbX9ntZD!a1cmxR^Ot0 z79`j|h&WGj9={d;g+r2xPrTF0I-7@%Ew69pn{y!4sqP>Ij|nmsmM7pIlE`|xxQ8v( zvT})qecw)k0~3RE$PCl z)h`pyRY`>%PtUYEULTW!o>Qka_J;h^bMz(-%*ol0a|jH~l#@g54(SaFY6g~!m~*X} zpZh`cCU;efqKnzde~^Ehn=&3TP#|#~dMr~YGEsUmE@pB&dQ?|bHfeZfIbkWxHZs|y zhh^#paa=3T|hjJg-xo z@v}8iQGq*fpeN^hW;T%VHrtS>ME6d(7s)H+S}tqBzgO(87lJu!wDmq2k@`fFLJkeW zn5aaDyUg1e&zn81v>L>SoX+D4Bx6G5tn3Q7@dIl|<~D2$kPKCG?j90h9GZK&9@$g=X{MKDv!^~M97LO5O9mamFmiAv1{DIS+h8k z^-B)fhonoS6~WLJRm|T{9!7AcqBo#@%!+y`)XsU3q)loYl+d?P(wvKD8-&V8+6fq@ zRK5qQ?MY!Vb|rjMpZG?*DO@7DZ@xEMA%_%40u-aEEm+sO7Xwtg1Ua~Slw4qU*Zby) zj5?wNUk-k-;h>-Ey>j8^hl9s&k5UXB8XiI@kPEe=735wdQ0eQ#GBfe^0{M8K2n?Pk zY?)HT;V9BM<;$$ZT;v)iX!5XEK$g^P1Qp3IyOhW#U?4e^M6gCl9;^mjJU=fvCm5Br z*{;ZFz2<5b@8WrtaY`s!;Nj9#O;y=Rby!@qmL$yC-HC`n?`GO`%g#g)elX9h9==*p zfSf{TmYilW=Qt!KYwX9KrVLNP8ZFsApqb91v#qOb%wzJb(q^Spf@h*&sxVc^-VTXF zHWLjMHC|3t!n_P>aeegZ+adKbEiBEH1^F?REAKbM%kY^}tdQ|i$sY!rovmF;ovPvs z0O-<>9CPB&qw-UO zyFk>Fc*25ZV<*#D(1 zUNF|qKt$H|2iLlLu=u2H4x6mdSYlR#eGfyffV00rNvA(gvb}Kz1-)oTvA!Ho8^{2b z%jh*GBBemMGGO=jxY*lmv!%D!JyxBYY8^^q3k1WK?(A97Y8}?(GI~3@u*Td(``AAz z_x4zaTIN~19|rTjdg6|@?s~s6soK1C6&yMjyNdf{bfsZ77~-PXcJqD8M#a;~a9&a2 z-R1?Z>*>0j)&Z&oJ6Ag>^xNG*jdPG4Rx=D^WP1c0+WwIDKK;H~eiqu>P~(uy{`cLo z{h`3w16KXFrEw{S(*jJgS#plmf_c%;1V55+WA^R4JvEo^#*2+a4tza76RQmY5kz3c zIHZMJz&aQ8D6S4{Q$SVnYbaRwLPKbP9cWArxKT~hNqq{K_6Sg=habBE$2pDNP!Z_p zTWzi4PU2`H((1#g?QCvVc|VIK+%6cOwb}X>dm$}0Hju)*RU8U%_2RA>yk*1Yc4ma9pWNH zasV8HuPE98)h-Z4tqzjIpFc(c@?CMfOUP@=1ND_T9Q#cUGpai|G#R)-wBo^n`0OSen8U`f^8> z{Jq>TyNW4#TuvFM7C2u4`dQM+vJd&`=qe30&HALSOtN;5P}uSvHO)4>)+U$QaBYV- z->g?7xw{>UckWiTLxAs-Y|_B6Gi~)^PATX(J9`=<3w_U%P(S3XU zJZW2MLJRHE`vuJq$4OHa>PSBTX-`F7jeUnNBcowjCbQp^A?0?ZTrvN$qGQ2Y;!1(w z{-}n2S%&UQN}^+m34#HeK-8S!$ob0sOfZ}VPDWvx`;CgsnX6RPyQ}Qv+R0!#80QML zN@Z2s&15fX%aU@x&1f%`dRR!+Mlx)-v`Y4vfm+mx8`XL*eYC0AY&us`X`5N_Q=3S? z!lr#du2NedB(nWWd#e3yh?F}GmV{&^n4`8pnEHm zY^q7yMxBJY;+j-B6-lz}5~nWUe4n*ps-@?sG(vb~r~^2MAI5GMJOTq^ zxExk-iXKe#ZM+1Xr4*=(30;rSHMhW^i3Wvz>1Yr^M z^x!?p2Bk*mc#${_j01rH&9{*#m3Ohs<+r;f13};ykEYGJdY7{%98dRHhnJyTUKpJB zvjxCENwRvjPBsVo zqqUwYUp;>d{|Cfn;w_Q>!z2=wc$Xl(LZjBUwZ^%1Tvy5q!G{oZ8>37y&R8d|7;rX0 zd#T96=tRWKB?kT z+AGw_2~@fG6tRSOjWxb5cn64sh)Yx7j0J&=)uKD5#=yh^A@Gypm0ow>p%XKT7c=6n zrMR6X@AL*IrNepAK@nM2?L=J)x< zUdEMLj8Z|m&_!Lo<9*u$098P$zW|E4tg%JuW6UPu+7=N9thrC)CrzRx8?BZvv&fiH zTFpCA@=>C!*6ydZci5YPY$N3B5AF^hsyhRB3>>tbZ=5XzVZX%3Yc=?JYGjYudZysFiOnNS|Y%iCr= zgV%)keo2T{YlwK)Xw@_s;+oJHm5o7!o_LFS*XB696hcB>-SPTWJf2jxgMeBxif4t# zs?UI3ky2v`rfafQF07>)QxlE4wc+gGyx|;TNHSt^_i5E?bs5u!bqmXz>8{j2nW%g= zao0Jriqdtt(A7?2XhGlHo)tYULb`~=A--_5t*@r9rLUo{qpz-S4fA5M_M1>Y`)-Hb z?x!M=o4Dh+jl0~t-Kk4BDc;(R)R%pK+(_?%+rY!!4ADzm)oP*4l`&4j3CVkKf0!df zX;%;grVL5{V8Y*bs#jQaLqf&%r{IjxK_U~7ypuXNC1cR-(~674N(0RDlF&x>M(fafT#*|`(i&n+3T@hA+9f7dClgTF|-Zfkp2Z5@Kdum{0lc; z8I~!khVKUH9_AXC2dN2Nc@g4j)l+6UlJWxmwc1a9PYHsJ`;>e2-2HE zxrsZEnA0Dmb}+FHo6Zdy(q5IPdJ0FEs(!>nz;4;zqO8{$g{zXgLX2}g2&F5I3$2W^ zqB>j>86vySaP-5_Ch;Uia`*Zyev{w!@k$m@ESmHK7>rkmI0CL9XOPICDA zOoc5|cq<+5-Sz!ig%#H=TKhnwwW{(tFNRaW^C}5lv3m4wxJavcfxFmDMr|ZH)f_Te zNo%`7_rXZkfg6VOz4toNqy{0&+>Pqm(4Al`#r7ASCD zU|f-wg52O2^U=lZYKES`Ljl1#pIKa8%Fy(vv#x6a72JuyTwGt$qAa$4U^4IXL$YCf zDeQ~}+R*SDT8^aQ?kEP;x){R9`m9p)WMwM#FSa+69@$w=b7 zGG#i+${Z{` zR4%=K%;Fs0AlSV*WAsYiy8h@jKYxHfAAZ2@)qKKy{q@A_I_kvcz+j&BAfgnYpT0G0 zK0z|Ch+$qTZ+9PvdQh#bhng0fhk{X`%kvn-iz9!vH7Pw5+>M>qHB&W>T}6mm@pCx3 zy7H|abO#_-6n0c>-k3yf*tf+oDfa+;eWpV6ND|9NIw~)-6>E7Z5~{DDzy?aitmwo7 zi3FZDF;+87F!H2~_wqmLG5V-7m=&vyq3I%x(|JFzlVLq==~lQ_GInv;df^W6U=MAF zTa~XT1>aA4nh{y7b))pArP5)45NR;Yl{gJ%$@|^mZ zp z^z;l2Z2wiw^zX?U|AWYOd1(m&QE5s+8z*}+BYPPm7db_00UJxh{}|=|C;8|9MU?xm z!asuC@mT2SApbQW{NGa={?7s7|F<0f4i0DhXK*;A1~ol910FRiJsln^9RuD^k^Ra| z_|LK7Y`>oTuh?+LUm@K8j16aIXMp?@8&3DnaBwCj#=ixDv;2DGzksBnWYIySaNY zbn(MPX#nxX698!tL`15N1R$Rm_`C!>;TugGpAkGYKFflxr>j=hs#jNg9wJf5t;04g zmp7@;K&b~!w075+EO`)A_4;)Lp(&gSi=E|+&XL(_2VHUZ3LUa&>Z5q0~iZxP- zt>UDGTFnV3KvD@?Eq2QZ<8kwadYSm~L(cec^(Bh)@Nxtx9>jbY4cyBNr_2E4R9?W zlQG7sMd7MKwO*_;Pht;r`dQT0FtORDUMEHZgvM;o)jLOSM^13^msear^fk=F`bIu| z1{5&IG4;+t2M6p1%)4fd@A#t<^6!yh~8#BgpZ)<{CgUx|sgG?Er z)b|jHPBo&eM5M>U$d}Ot%h{P>Y$U8R(#WfZQ; z7QCR#>3L}eAMJs-77Qkm;mayenQ200gN&F98Q6YUV4ldE)4zhj@(Lj9&Q;GrT7fq0 z(F3^gog)^Z+q2nm6;cn%c>t=;;Q?tyrK=F_kJh6H8bff$p?l4!W1xxx8qN72VfgW` z7N8(5oji8M{e4f(LvlELA5Ej0YF@4l0B#4Y32++Ncm^w+sCZ;QN|?rZnu0ml5n9rs zsSCXh5b=)N=`Q7g-1HK_yXSZVDrM&Z&7TXj$N;U6enJ~#%&G@=Cv+AFRY!!zQ8I~^ zFdV}qk%l47wEOm*_(F0doAe+b!c9Y9D=kKa)KFAFJ1ORhth?YT%w1dnBcIOInD}5K z(2>MYMxYGBEdDxNtp9v#&TJ1#N=MA|E8`P+@C$j8JoQ+;hP(U^U?yGg6(}Ob>OA=Q z5IF*xD`p)jX+uFQ(ZX#@JEiA05N}?;ZP|it*_{U|N!nW;KHy;A&b@fCYt_aDO6%U! z)=#7tC(B*#vaEILivQs_pe_jQPlv4*p zCIjm5J;_Leuf8%i7w+PjqK$4?(^LgTpb7v_;s>e4MS0n^=)P^l?YiGTe!KjIC3Q^9 z1*pP8mDhbAzZ7i1SAVZ^nve{v|;#E?5o+lucO)-F z%^p2fC~>4%6H9G^HXjP_TduWOGg-{_USJ00H6f}msp#ikNrWZiSUYKWx01u$BvK1S z`Sh=AN{D&jhf1zv0U0ptU)UlzWb!c3lZlsWF={!H#v;_}wNae6gl-DLyrQekl}j8O z*x>B4LXK~QSg--uqNbxJGKk^Eqm-11KWp+z%nu56soP8M43C0NUB%4f4HFkoGZap+ zj7YcvnD|N53qu-neo{>IUzO=yDA?gD)^%6l3)jG%fw~36paVHaCifVMz&^v?u@Nqs z+PWg}iI2Ku?UdGRtj8`QBiD<|U+WJ5`0&4A-0rql8HMBTPf=Lx34lH|z?4B}kPhkky`64~H(d zZKdT&pfgMjs4As~vS2%83kLXj60B*tFQp%D4l#5T%P0boZYZ6NV))QgaWrMCrf zfuRedYa3Ww(!T>9KuE>j*8#jnu_Mv5QvwPm=!RVbxB`x5P!jxM{#gAJoOENnm+$@p zg@0-utCRlJ>~^a^yGVXmKf3gHW4>?B{Q{Rif_<8Ae*)Im_T6pjx1Rv!SC1Rp?me1C z{vA+1Ob~1Foj4F0_!hn$AU{dOzYr7%jreZ_-$L{o@$JL`+xB)ty=z_mh0D01dt!{kI@ppK;N$(f9uvA)@*=(0px5@YPCn{tDFO)8irI0 z!Rjl`1=0X8ZZxi7I_^8}M`<{&ZwiP9P8CZHGlStrvcu32*y}*-x<(|6#-(=|*o&0( z8-dEIUI#w?^$=hHX~eqOU(Lj_DXe@JAZY*r#pqm9SIV32izEqe%B${mz$k6%UkHw*+wd>+ zvpViK(!Ktx6Iv`Tm-qk0$vXy#)~wmOt8Cl0ZQHhO+qP}2vTd%iZQHi1?%v;byLb2L z(>MBdWaJ!)H{TgKBY(_{5%G*20K{QoW25<_@Keo#q8Hxz4*ExWhke~bSB z5yxKw1RHl~A7Iq+kH-KAEE>CZ;@`4sFY&ho43KdAB_ObA{|X|4jNOrlC1)?#4G$!u z*{w=%VlK&QDX@85gn)K<(3ZdZ$xOPv|U`pm#2*=R?)IJ}Xtr0z0 zCK#Gbq!gLJATk;ycqj&NPYn0AFRXfq&viM9h_c2Q(mHS=`D$H=R17QpMN_a7f&Kx1 z0Xw)Exr#>APbsV!8yp{fsK4?~ZX z4gg&zu?=-=>Lan;nXqpE9X5aYrHO`Z($Q8! zmuf1Mu?C4$tDB+C`9yO$PjmU+`r`5WqP~r#iA_Z(>k}Ha=+^Chy_=)k`SbPSMu$?G zOR1_`X{t+Us%xq4W{#(UTLo0dIIqzVy|;4e%fvlyVG&ZpXD2n>#66@2>V#s-5wa?_ zMDZbjE4LwCUt65WrEmBQ(en}fjPRwCHC;W~SS*_;mKV2SFJSdQCZFK15I#WQsfeC4 z;7t&`IE2rjo(VTvp8-NV7Oe5sS5~(h)i#(vhFWq&wFX;+Tw_|Q>rXb;FBfd8?~aEY z6l}xuHY6`QtwZio1Kp(-+72DYx`C``xi;oMc2c+Fi(5zMv+T}tY|o~eA7z^#*QvXc zXbzHwNi~v&iHnJ2Bqb#o$tWba|M9N|cN*3WGQ9ER-nayB%FRWuSY$gy#4e)#OkRy26}Xk7;8LvP7-cT#JbfWUah~ICV&Fw7!a2VL?5im!(l? z!m?-%<01tJ)Fr&3tx#yV&~R?zQbt&IB$|vBO=ZkN_jtHonfXN)ae?;Hq^3V_@H6kNW&U7bXsk}Z**fTRXZ~ug@j-?nO(J| zw*Wu;IEJn+Sl;JhEuRJg+8&nnN(uVrEd&e{q~Wu9P|3F5_)b5%;3_T)cNw1rKOdVN zio?-sls0gJUU}IQ>B|+_CX>=s&bd-@qn*WTv5;1W!03CnpPc95 zG)8N4d2l?wI@2;1;q;}H)pgU%!F07Vw?5vpaQmggD*i;h&S%$MJGBSJ;cde&-f83` zR?_0pUI9DLjmpxYEOQu|T6;=wEVc0~igTT^$s-oBxmOq0)3&!|`?SVQ`EkKh&nVxo zyS187@uvEPLz6Pl>+>pi>15W1M`Y#3;zx|JddvQpq3!d&?Z&>Ewc`tP#WKjMx$o%Z zog~dJCBdgT;G38dDwQs3g2(%jyy{)Pg-1Qr;3}I=Nk5mTk?TXG>zz-g@F7SuvQSzI zB>Iw^nueOCBmPx%1)aH+q=T{ZWUW!pSdOft%3Rhh89{Luk5zBT&-W&AW8Kf_!;QL} zYOjoHp|xWFQqQ-Cp`hlo`SqwasJ4y3(yFrqJRU~J>H)&(QU>BE1X56ikeS5z#A*dJ zW;pH6)THYP{YDMirYh?GLBlZ7Uf(cir%m*>3zangQWJ_xNS{f&JA4Lr%O26#s&l!| z5C@R{@Wr~6bAO&3fStFvYGPz%J}$tE0?RQ{T~;al(Hzh((q-Zsq8>qe8*Z18FZ&m8 zOA7Pk{jBNb%YvK&Xu!sqt1H$-V)e@$Q#{sP@r&5-u0_%vWB5(~%sg`wUV(Qop=e3PkZ^pI*)u!qW^SmWgekMjkNKLsmhCgJPdp`i~ z;dg3}Qsud}#bHU1k6X!7x*d_W`Cg|8sl$$sl}|#i@yP(TdEdd`q|N!Qd7!IK1*+`| zI{`#kruowJ?Ybh?T5cj9%0q%nN%`Z z3r4>4Uk3bmQ~DQ3>$Zh@3%VacD)m2-wULI>Z5MXt{KQbb&$UE1GXB__a8xB;?IR7@ z-KH!HXDEjhrYT@GE2S^bDy`;;B#W(Ly8=}1qI^2`gxH zq%GBfwnTN0Y!6u5z_ShCN@OcXw`O}c`O}WLx9&-IQxx(F6GamQrch7X8uJY>GqlZ@**^H)J(4)p zF}kvJMtp(G8PC*jU6MTWM%^j*NNJN_Bk`%F@2j*>*$vJc#SMWPiaF=uF3K5tPn?;q z3%<-5Jrb*KLfxX8s8|D38cC^xs-n{<9lU)Mfgni9787@K0v(@ZpS{fC-qLh z+`)+yx~p~(KS%gThBnAs^iz6EuGtVOb+i+oZ6Srp^77puB!n4qv(mV>+s-vUJv>r= zd3>>a#ecII*GPh>r$xmpvB}e^PW_r*Xi9xSY{H;+_Gm>kak^|H`}?y2R5DTNAqk9@sx>-wX*)yG!}>{ATvc=p8mPY#K#{ zoiwXAAIRP&w?&gPguaQO8(bMjH_1+{oK#v*_DaziuN)^h3N9aSnsu(`*zzv*$kGlG z{myP?z{>;r$p%UIc|{iIJFvSIG!C9@{IPFO@sY7>V0;gc(ND1(`WAWz_Gn5^Yy26K z^i0+nyf)!#|C6<#$|~&Bq{Kb3eZsboGy0A3sFobWzCGnSI=3^XSr#WV;E81_b>@MqLaVGhOj#|QDjVp+!`29+o(1O=lDluG zfAvf>gGxY!%m4gLASa3N^tLE+R0TWJsn=*MX{J@bUdwN4E5hArj)v8@lM`C5=%=uc zq#K;llj9qG3u;06rQDn4JC;fmr>9?dYVaP98g4WWyvY(vnIyxTGm^R>&>g!yj50y_ zEuJ8*IiM-PD*qIl+0%&Fd^BqM`0 zQ&Z-t1XHQ~jBr7EfjMa_*+h~lreAHFkK8Lok1~#mjlj)}94Q(3PE4EcV<>1J76BD1 zL~Qa;W;QkQH_Q*#4>F!T+&#fJ^v)o&@LRxl$#=ePW!fp)*@0pG>fNeU{Z@V6V9UsL ztWB)Tupm)w-sixW57~ztZ(k24NBG4`<>l2X#3s=4nbaf5yV_{$-Mf#c#O1GzPzFv5 z;I}8*n#z~GF7DWNm|e(|qcnP|p;LCBSPW0Rub@Zf<<(~7f{Dpj-oS^PsL3vl`ic$v zY9C0J04Ekyw_k9k-T>2Mj9nTKsbO4K7mrmvO3Zy?z0w(_uXgE}UeWjVDeagqrI_zb zS#o}T-+i<5Tx~PSHEngrV(#f%#dI+=Lo8RGn998U zd7h)4_;s%hCBvcb9hyG{=TbZmQjsU^bh%!0AWo(;nHqbEuLO?2Jep?Qpz`FR;ltc0NR`w$( zH_sIJ$e&BrR23B%wjO{lrL8Iawxlk4ZyJBX;pveVF#x#0mL<2O2@!k%DZ z#4UO#hDedZoYJn*Adcyf9I!uyZSK`CJDCQcqJcXqZQ|6_N(Et_1H|K{;lb-dSs#q~ zN%AOxJaISf{kq(?o;#S(F2)?@;c2bZ)YI9mGHSdE4bz9`wWoGd4fUiH@F9~$nQ$gx zC-OETzY`eJ3(5XXr9!i&aC~~&&KQiuST0uh4)Z)(B(W{J9qsyrXi{luLlSPVvzi!hOeW&ybMl%xrlsgpBCSu@X-y92`fTx85He zq#x(sBuBa5#Trb*Z=9Q$6R%`jHh15dpkgq*{bfD5@`mNh%(+TYFIY&C9zuG83&Sa3 z!mMnmtjxJI#&oLt4J4&9@(@Mlkw|=v+GEu~sl?PGYyFFoQ`v;2=$Tx62>N z`_wY2_t1cmve$*pNE=b}sC(K5Q#@YF3|Pl4W(S~65|tV`o1M$e*oidGM1ju|y)Mrb zgCu|80}%Y1U-d?Q5q^?#HdC9CYD6W;DiWf4_{^$*MlbDu2td^oqeJ+Tnkn%!O`M6y z_R;g|q2ug}{dpbQVkNX=@#FO!o!^CvflkIMIlY9z6{c;}<*cpy0}xYGa?E)v6je{Y z1V2B!#>BQ^00(=@={Q(+AbcB-)L0YhDJYMlIpAE#rZzQvgrAHxXaLxf(nj_4sLZ)I zo+~dm;osxYF4WBF2`UmgdV2P_=Zh#e5AZd_)zCc76{MbnGZ`a=P}<-NwxPIkW1@wb z3JiLOqr5eb9=;pU!>x?UtmvP{28t*pe;kHwTn8Uf4z0wcZ|!c9#0X+%PBFW!xp!XYi8~wziG@VAwL5zh$3?zmzD;Bbkj6^HBFuEbpvSwyd&zMKG%f84x z;i+;zWI4g`9ytyfD_w(`Yb*D%i3-%?w6K+GjinY-g^lKBm=Ke_rD`awAH3%-DzpEK^YriVBvwX7 zwtrE={x`mpjE1P9p!nZdADX}2nE#vQ#K!Qyww(S6+4}ziEBzBv^w0XQ-aljh756vF z=<*zx&zvkGP@&AQS`X^}VpY@+TRt5%qw!d=xE7L!1rN3hSG4ih!|7bz7{zYf| zj}Rut|6}dHgO%w2D}?E<_CGTHqy7bH`e*x}@A~gyO#hbYZ#2|DTmPj%{^$OG-2ea2 z0{LG?{*+LG7!f)JcZylalLE~jZ@mRRx-7g zmb|aqc8b+8=|pZG#F>}vcQ!_2l8Ga%#hbS>@kA4}#q_5Ll`7dp&9*pSm*ZH~qQ{JB zG8$cGJ?E46JzBC*lo@qqk~QDCXwjQg8ns>m^-7*VhtXLBNBMJ80{j4PCU-fW&tNDm zzLu;n{*p0d0yq&R1!)q50oJNH;r_^s)U!pzQkt1etJ;tGMqXQ83SRc&hsHCorlqx?mP+|@ z-*anaE@E!WSl6q2=a7cu7CzX97_2^D=oi-|;aSXq`sG5sk^E{;%T?D`Ps^F-Jg=$u zm?!dvSj@58#!3y0TnVWaqslwU!gg`j7SUC6rN>*sbE5Bz6yu7nfg$FLwzZ-06tnmwF-I$oUA#yMmpZ+`$Wsuin9n z+q>J81SAE7Vsm_jKn02-jW}1i;FOI?-v(!yMkP7aGb9W|sy-bI3=}FMjG>+yJ-2!= zk2XECx&TD6@b75!h?OV>XU=F%FrRaC@1$n0q!eeX%+r;mU3hoJ)x*+)d1E|1>TXZJaK~Huj>t4#sFm=_ zGdT>@L7P}$D+fn&0kC4RK+W4@eTxKN3y9uF@j5wsjXE^D6;x_z-Ws#}t$Png;#DBH ziRC;+tZZwQD#@YP-chdS39jccu9_4#=tQ^2G`HjluJ>^+&k3%`BOC<}v6?O-C0DE* z(Is;x&1llXIdl3*QBz`3H?e&tnsJgL8+i{y_&0^c2g(BvY}%JZ04(JG^t-9{rI>Lbm4q;c7r@9>LTS%0$* zv%1MMme&Wpdn^qql9Md_|FGQV#e zf6z=gJsm7N8_r^F9PR$X7>Xdj-W|f}I-Q8Vs>oYK_abbhQ0-@mm@Ii;osRfz5tH+X z@veL|EBnqYmx;+0BKR(S1*}Vl3~OUqF*194B@S~wca4#opK}*i6xvF}GR${=C7fxE zHn$OQm3TETNLawHa+Oe(+aAhx?D*lC=&EeX;;^m2&>|%T&c(E zBW$7b^m~y4WeJx1pdd}R-jIZKzfy<(v47`&v4t_E2LGu(Fyg5`^G*p9ZrssE+6rSm zxMTa|V)A%BcJR*FgicxYAvDnb_g)C6hy)8TOKdbvkx@_+VTYlJk~4>{#oIj!TDQ70 zNNrS&zrUo;VC~I^IR7LOuOOnH;ZJ1g9Y}=TTl;I`px&AuK~0zv7ozn{f{`(n1=+_f zm$))z;+iqcTI5dD;f*nrNBE{FT*8qtjR)|X+1Z0N#pSK%K8e)WL=hVb;!RTND9fTG z^q|BxF_}0}J57B~M|j5T7<@ytGo&53pQN|c#i?Oglrv+pG`?7{-B_5iF%WTH6So3z zXHERdCRH*!d`6lcsD9;Y&W=jslX)9NO7Qpj;Q-x6o(WAknD@oT4abf@T9^ zw?{~q3@>3`Qr?*{XPU?wu|YX`!~>#5gpm7*v?AaUYhpC$wK;)W(glD0$C$u#T^-H0 zR1il(UYXpaT$Svl1h&*CnmH!%n=$e=M~t?tX}+3T0?Z+314f|> zp6^Q%&!K{2uyefZyvR4dY~l}~>N{HV9O8PO>O%XYWCy0_DLs$mPGPUvlr^YVcn&;a zKQi|R0{D=;Lw1|?r%(1E)xpL-*uf2{bwtbHMT8yVR=z1b^9+bclsHjF5SbluYeMJU zAlVoI;y`VbH+1$3o4jnFT(RwWF-H>_O~Fu8c5LCn88T;FO}^FX)1zuf(6-D?A;WrX zt4BbOZ1}l}ZNEI5^z;V5dHJDc`Vi}8^U}14xTr1XkXJ7S{nAn1XBxlkJ{n%ofey%L7X+N}P40$p z?mwG{Hu)VfMJZjvxb)=KV8cFKV@3lKdYplAFdwnrFlY9&n2sQaMOnPm)%tMr&HZYV zf|%xPToNBrRHNGJk1$O+F$miwrT88*0ea_W-l`&IiMID3KH z(-YjOzR}*vefZ{vz6B@|?I4m49!`A<@Eko@irg^BjY;M9-#_vho)L%~+v7*H`f71c zSwR$a!KPRuwPpSM2RDCFrYv|fhMFXWSjS^Cw(TK3;>!`Y5z~?KoaGID&BE!d=Syf# z{Q+3|`cP3(eWanHIa}y#Q&TW#$~W_k>)Ol~cV$PO9G?`2d-d67j@vkLE_2OVGGwI? zUBfp}rl6>bS!@nA^q^s2pkwrQN1zik%{LqtL7}OKuQ;c*L4vxwFx_1wpXTVuP{q*ZP^jfx2JkX zhY}859{xnoj@$rmZ)P$b8IG~5!pX#iWkW$3K8@E%$YAJ)aa6Vw3_XpDzz7{Q{$ltI z!r&Zc4TD3?-D9E^CTZFtOw&lzXeMnH4Z&m|x1LTEc>){bv66fLr8+nj0LiN3&8oAi zc%cQqAJb~Rh8%f?v*SM3d}iPqRzkW7w9>HIkxJv@{>TcA@`Q45^m_47L(IiOrZ{1x zSpz7woKtZO z&WUm?RU;*zvxPLW(y);M8p?1yK9$CjPZv&cK0UcoR8Y&882x$l%#OA?BcX!fu!0ZK zH<4)s1T<<6l` zq_}vD^_g*8gIFtdb;!L$thrc$m6d0etrk)TW8O2+4kP2Mey}aBpL}5!nXJWSFc`)< zcX@q`0&9_p{X!phw$&vxLcv+{r67$R(msizT;G|^WLci%%_6u)Z7a$XWH&d|bfIpV zbug!-sY{)4PDQJgr6pyc%@BktNY*>BMAId_~7iI7>Bpu|$<<6?AS zh&n=SBhk00|6Ed5Qd>AyOG-TRs>&JV4=<8C=Oo$0WC zA%7Ib6L903M!twQG|5FyB*k<`+ejwdt1SeX26@!K`M=?%hE>ZfyICh$@2sj-9N;7t zZgI?-xNIHh-avS^l)^}StafgYeZandee;2cf|`QZ!VTUD|AKP&do>U?VZ6sLoSD}} zSIAIlLXf!3?}mjKBz~AQko*)48k{luJd1ZVIft?@@~gP6!7a=!$KBGAv5Z%n*_$nO zTSag^-1j$!<3K}<&08RLObs49$R5azjYAt2_xr_`Z1wzMBe#)Wg;;6=&Gb#}HjB5B zab-3yFoSLC`%%!`LvG9WK52pCSGw2rawd~S;grllHBKc76YQakhU4+$vcksgH!=RY zrZRDGU_qqw3gmN}Gli#%bc2TXCh;l$2_T5Xb#S1O@x917RsToWZT&g1o3*cm(A8zk zi6zPe+Ko6e;}4)ESdP0ryI(|JrdZx_?Ocv$gz33+TZVN!(b3?V8p>%6SWV}5!-=hi z01Q={lwbHw+|9dL*U{iHTy1gf+(6!Zf-~qlZ;oqS=^EiIS5dh$jsaM(7qO@R>yS!N zk`7Ptw{s+N-u1$U3PNh>N&Tnxx&yi_8wvIV9VjPi_z!qB38|`-K#6Pp4jOtm6Fw|0 zWi@$O|$L}$|2=F5AJ#(7-EjC-En&=Sx`T6fRFjqrZTHDld;>X)TG zw6}$MJsyi1NYKdJpV6|tIB?gY4g-EqO;wz^Ol>m3a}y7 zW$cv{vcE}Jb_TSQ*7{gmPHHo%8UtiY4RaK=aXV+6^Oh}CnkCLrx;*n-|9WI!q5fPG|LXPU<3Gt8w+Piv8Hn>*fkJgLKYPxKeR<%I6Zy~(M z=D)&*fb7b)e)e$gu60&=n1gsPFAcE07wS;*Xf@qN$`nkWuX^9b6BGnemw||!>%3s+t_V>QERvYlMd-*7yR{n= zsi4(@;l-HZ{S`c8rv@u0jW62hy#WGhL3`h#fJ*D%04dXNoteN-j`k4(QmRWm6i`^9hFtAFH&`!Wva10-QO|9k&bj)CRuukcpjlZbH+Akc1sMM zikX*F5e9=`qTYL=ALa^9rSWyqSAG0hIh{FCF))&dT70s?*+R?f2c0d(+wr|x*!`#( zOq&mzr9Ly3`=BLq3E0^9jqn)X3jNsi=Wi#Or4Qs&ZcsiJIi z%^auavR-N3nq{#ByO|U|P1v|ghltVuYv~wz+)~?EjKYtFGNDX6Q3o?djn(hck9MAM zygXM2)-k_;BFKc?j{)YM$*IICpa!XLdCn3q9?q_;=FuknIPT$*5N~bY*6s`cb35Pk zx*d1GH>~&b47C1Z$9&0?>EZ76nfKx9z3#dqCoLT}GDC2`nq^zqpVs@`SAX(-vmN92 zy<(>a^pIFymt%u&!Ud7A(VVai&zaE&H;Ci-;ySV!KD8+y{sW9YQf>HmOn^`fxRfPEH>?6FQZ^5{6?Qn$U5pC|NFfKKxNIG{I?dhLdZj)aHJ2H>jVF9Fb%}__{oQJCC}g=>4$RS2z*q0WtK}&a+RF)sE+h~5S^*QxQ@`D>Y%A6;nQg6EHiMyL+uyU?bd>k zj+5VJwPZca!30YL_p)STft#H8;{$=rmA}fvw7kS0)UL8;+Lhr1hc9K_I+@T?3^t!Xvj((51RQLUKST;0)nG-hk@S1H=JgJY^*d(z{j?{~Zju|<`|XcgpL7uAN~RS@6J zJd%L)0N5VHC=&m2sXfwAIw#c7+^|a`dOmqM+P+U6P{=0)W7S%8 zl$#5q!sbjK08LuuQ54B`PHEhd#d4x-nSSMylzu{o0EgcVe;WRD47UGiCaxRy(AhOL zC^U+Ca5xE@P6~MB2}lBPo&6IkZOLs+2*Bt0uF^R)?)Bb-`fFxY*-11*Y(U_C6Fd`J9mn;5b<1m(jqMz7MT2@83Gqwg;YXAHg1CgBL|o09yV)(fFVqVA){fEwRO$< zz;xxr;Q$u#$)kjRsAW1mP9T5sWYUcj+mxw}l7SMkzb<}d0CDL2SGa{AOqJ~N8*-f3 z-J7dqMj98bGvh04YvqgK5K+$NJj#2e>>M58_}>>{xGE)9~dVU8i|jk4f8 zY(%rTa^fdI*4ly6lx|+@HHA-q2A0ctSSn>GtKP(trt_8GUE#aXg=Ta6lZY$}AEk>7 zx{epO#;(j~MGXMmxP7iX0R=mM6~AY0ZcV6E2v`xbAtbdmBOtTAMn`;K5WA!M5g)F& zi3v${m381`GbT;zboK%QOi&2V2iU(5X8YPy1;hL$MO69jOL5VZA*)%2 zF`F#YlI2t)hCkYXJd2ZMH7eBbw&hiRuO&cK|0-uBK;vyECF+ER$nxP6 zV-Rky#DxSh_pg>na@v&+C{U?{tvBRprmED-p@&BWkfnCbgF(LO81?zkYMdNwwXM{> zVBWGH^JS&4NloSZ06A81l`j;Pjv>zpZlUpBu?qd;M&Q>LwcNNW1lAl!a|wEdp?%AlOLy&paI%9-!g7K|ZwiQV55q%1)!0YGq5z;^Sx{tko6USCR8xWOG!Xf2 zEP0*ApBSnsPj}PwXq;m@*xxOlEW^A&M(?a}ds`xR+X~eF1nYVsRDZ~Bz#qd3 zn2zp~cTP&TqpIb|dS%j$WL--+Q7F={q@*4^m3ZC&<5-)rX>wed60D@6F>`f~%UGPz z^w4k53K4Q}>U2GObCnrSjwy6)Ke!`!e%aR`QiEf74qRa-jyN2+zQSzE22$#Smrdf~ zbLS(0#i7+1NmA)X7R#3B4X7P2Lxe)&4-At?NOq_QzZ7*#pj#{~5tSMvdOAsB64MIZ z*8FOFAViRzj|_l*#bUMrkU7Eeu-)4^FdKQwR&9Sg08t^5Jg((#esi$&tFaubHhS0D z#+*s*0KL@P`Iag2TMDJQvnxA@rMigfRD%Rb^q7n(Y&u)RcDwYaW5sb)72rK54zVBH zbwRP$xF;~$Bi5U{c+aiUre;$O1u4#s{4~ap4Q&r1eGsyB@R-9f?XzV;Lw;r~dYY;l z$5&xyVuJCtEh3kpM}AU)ui0OoSueytyu31YJy9fca;=+xmMqSP3!^0Eu9&&V00}_- zGjNcZnWKj~ewx!4$+SK5N-Z>cs;{+Cx&24JjIX~a=ZqJL2WHN?do;#L8KtsRnWrJC zh!{*#ll=;zdUVYpJBGvArK(YG zY^>DERLA$pt#jQ^Q!tOMlk6(Hqt(LvD7+yJuMBs^UMrCMT?+dGBD*-r4#Q`rYQ17S z_5D-8ZN{2szTrKlJaUAWo>5=%>^8FeD9Ou|b@AwBYs+ydD~fM_QOT6>Uzgtbp_ifV8eH4n!MXJZ5ZxAbfnG539~XDAt2=$+E?&gA z!5@NlT(8TOg)Xvi@C(#s;p+u$p)+~b2wB5@yWL8ndf_O^LF7ObXerTFVhjX{NyEe} z02=_3v)uqzK&ihm;L)b(vJ72TR|PuTk4Do3LFb%d+{9d#FvYK1utnRQj6W7dr9P#f zp57uOL7U!RT=?za-u5NnKcIB!bl*b{a>yGcPiDuh(_bL)hAXYDe68y2H3wQ&-VyN2 zVkHQ((^v~llY7R% zqImgA@CdsAWWnW1hy$P+EZFh4r>+UOzq*oR!5yo`IT4)sJk-%`J~vQt0k}fU!Q9@y z)7<#ExwQd^bP!5xi*yh&1{fa-P2={yv$_?p9yGaaW8 zq-+iN28&>ZhA9tB_B;>Lpwxqn?~-fN+gXMIMTQq%A2Uj>d^X$*BGzvC@>CmFh;) z?(@$!qlADowJYR_DRG%iYp&XlC#c=T9Vd*jG`0v9LDa|`&=74{tRm46Tz0Z%Nmjy* z^?WSh;CwGNeGF4-!Q#MOtmfF-^0rK(Dc5UvsMzN^(cu}d1lww(9A!a=4?b+rQ^-{c zkOw8iSStso)8it5k_X%t&xHcrN_D;&p8$EfH#5EBX8tb006INP$kk=BO5H-`)qI4%ESvUr5E6pB)GjzAUmYhKyIf#`F z`(0Yd-b(70UfRdBVx*2$61Z?R=DJ6cBPbfH58ix|Sj*-IKpn z6`ak2k!*}?wrCtZ^-3!=KDz7v2QV%;XCxP=N&A6{6R?87Xw11szn(x$4G+d?`XW|& z(-1nr??bf!!h?QKwH#B{vzJ2Je$% zl%9Yxxfooh3vjk?AGv2kQmNe%a3*#=E<`ZeE(&Dc${KzyZ1Hksv;>btpV zJsbGv3d3Xm=qe@Eu&gvb0iMkbqTL(h7@HQ?x#RHbqnI(EUa>X>8OM*H>}!2bm8Z~| zCVuc2VVFYT_YCjdG&IB~CaYKxGR+KHKBgu-W*WRN1MMh;>BefjV0}WdrEP+N0rLaV z64Q%7(73p!ldMJP^5A&5o~}0we(Qo~g>pS}qG@_P<~NH=F)?uSSlYF{uWMN|vkqXo zn?@Op)>5An7i@Mt5ZEpxo^Pb=CagglQO!;UO213{m{*9O3Q0;V<#=$cG0zxYFJ0UCY=;ErgCeb4Gd2ZG zhr0|4k8qZFw|WM9R%q9`%%>CTFca?uJ#v`YiUC~UVR*n%+%cVmORexThHk-X=SF%k zZ1Jj`Z6g8of7M>Io|0xsQG^=^(SK}@xb?Q5bS~9SY50(TUmM+Rhp0tsvwf6cnZaqc z>A&*Wkny=kz^;2mKZ!NHy^&my)%xwPSlL~*KE-MG*ZkrEHCX&2&cePSHkcIv5D3Ip zF$6tls!mWEiqGp_YF(mx{~Q36Zw~vaeXsAYo%L4HSK=q`qLF}u?~}lJmQE}*{DL4- zcV>shs47EU01Ao4neOIik!3(`8r8K2{WX21*}-Kz8D$)LnaQRsdRgI9{zXjALQiI= zpUAVTeY!497B`LkzA5E&L9z7-$k~H&RMk+G5`+<4q@+Y4Vd^kp0IP#f%AB3)fiOID zzrVxNd%olWr|5VB^<%^J66F3+bu4s;t$s8GrG{MymCfeec={DHGi%`0<6$-#oc}ZZ zu`=I`kvi3S6_SiEN&yW(Dos>tp(bpcDd&}0d6-m_WIHDIkbNWzfJYBrAZG75KaV|% zG-lWWZaNg2Q3jp>pPf3qUPeO|{t%iPF>H1OkX}VG$#YfKad8 zwjsiq{t>U{;f2*SC4&C3D1!fid|2}8J({THC2VXZ+v+&f|C?ondYbY{Mnkc(l0oQq zCu#NUXL?~7Ify%`)tGjZal3LX_!J#)@|*muT8Fpl70jLm(1&W9kDW=+Q-S?V%T{$G zmFZa_A8B2AsXN`1Vgb8)x9%67TJ|j|2y08Q37#T-8tB_?FHKM=8!$yL zm8nVw0$=}p^By%84;hn^t}}e9IQ-jF0Vk?2z?KK6X0DEBu)&YCv$?=zOusxasO578 z2OjER4#LUYGXuleHWwi;0?m%Gk{(0p3VWT%Lfu*bc+EW8vNrJoDoGG5c~-G)S~mP= zkZN0_uh@pmOuGOMxKlGTC@RM;L* z1Cc1BU4F6k!wMsq4LQF>S*RP|tBl5ok-R*<*A56@RtJTl)4LV<0Ts4QuFIBIc1j#b zmMy%@S+T8kl>y;QvW0vS^Pwim8VBHNCS6i%#-5A#lQF9pD+9AU7Tyc`aMQWrO?&)| z-6w|Q2a&{CxZhdfDlS^p6;LfHS{hXBm`*ULQiUpOHHs=Kk<~2A7gaYJB1@dhoLe1( zl!TCjHFJ@G^v&R}0XsSTSC2a|)q1~$oBLOqJhAdo>Kv}WZAuI=URbl}aw^5A4Vp@( ziE$L5)hTO|uxlR@9k$PsZOZ+9ogNtHH$4-EQb2+?5?xW}Fm27%raes8V_L&(*}Ev5 zUS~6GoFGdEx^mMwJT4l>b+%gTuv(6iVRBc#J-ZMmxqb;I0&yDgrlMMvj0CR)(}m!H zDD2g2mhF!>)Q@`}`G|m14vpg;`8!HWkb_bqB9#A9M5H`q(ufUToU$@?SjQv|%8tX( z0W~wLFDv6*$`^Zu@oC%hyz@zj$XwGUtvS?n z@eYX>x%5q(U&NtSGL?2-c23ntbX|pVcK!6Xx%X*l7$1sU9=pRb$#KpX(`Y9BFr87l z5TH%YVKD2ZX$Wd39TQVv9T5t(Dpk_$UPL?{CvoFs)pB@*V0BTMIqN7v7>;n0rVuH0 zWxq2axJ5s<2H4en14@!@ixV=BP~m$Gy4ZSAZZr;3G)*Ebf)6 z5RlhPI9jMBrvnv?`NzaNWAvk&> zvqgn_NSjJm6rH=Gu;s`IC|o8l+n0GFDmfcuCkz=d14j4aJwwPfITJ;o0x$r?@p8nN zIZ4A3wg1(mGz%NyyHFLXZ3u%-=osO(Z2q4QKx`oNptCS%8|+OG5r#}@L~bS~B$z~h zyVc3#)Pu|kE+ow^u5&H}} z(vKuTot~sD%3X~O2+IrVHdUhhXqtep(j&*E{`WF<;z;bbd0`N5ZUCQf)CqrKa;P_;Z zAZ%eoEvmdZ0VdxhVRVyOFap`eJn_N+IKN@aoMr`O7*eh%yjdNqZh3C966iAaY;U#_ z%;s~)c;#QKR^+X$=w(}Ujom9A%GVMEdZgus`=+L^^&hEl#Qg@IrA?w$m9MWCp_pVgg zcJ5m{R}L0;q*n&fE>`tPvs5C$6P1D1i$bsn^e+O2kBD@kgV2R8=4-h)K&58OomA|7 zEShymP4nrt~d zmTZnl#jFj5+KiTlIh|ZuHW3)LA2-`0~?kMY5_e3bfO(S|q(Fi_5 zpU}vu5705qm{>+vZqMjR2F9`sJf-<3;*^idK z6>9}6O^$g_qg#oh9t#9q7FuYNDoTCNUIAb^yQ4qcc!~MS7VX;XfmP31Bju#S%-XZ# z55gT|dL4PU21Cp_?VtEdJ$6|cY4Qu;s!z3;eA)r1fnw_qj_dR?wtOl1bPy@pDb(ie z84(Yv>(pu;Q{CAuO)f&S79V8}*|7_4X19&W&qYVA0o*k8HP>s5-*686>Dui$slO*H zB4H(01Q5C>A-yvvoX?}YxzzK#wQ2l3&o%Y$F`l7?_$7GleG3T8P;uvwj`42VI@XJL zd=p?1jM%m{TtZC+2aGYO4ROAl9EK{Pb(+Z|GeHbtOIkr{1Ek@lW0x^`X| zCiY?ypf!+Mr{}pXKHQ)8*jKmCT3@fdJshcbnkN{v!9n6?3mt; zpU5=Z4Hvurhm?1Y@$LKayl>fc%XQ1PZQQbL+qP}nwr!iAvTfV0ns3jfGf#K_CexWG zCu?P8?{hY?c6QeJQKf?$pQNpHt$VFTMa$MtufD#z!^{rKM#;n@T#tr#E#mxBq~GgK#{+nfNl%^^R@ zKH?5GzckH8KS)yv>iQJ&ge^faj$h+t@cULxkM(*F(@?J6^=>yraHD8dyr;KxmAyBw zAt~$1j^Lx{Vlz7oh2M#;FT=eXY{$jdh67=h9&nhVrFdISjziYHvJ(09s7@`3OzWJ& zZQ^U@UDAkf%gh(N2N(N0L%LufXaf<+O<8cGrG9LRQdf*XJ0EL`i;4)F45eeCz zmyr8rX@M&%itPETVz#*V{<+HmwX@q~J4DBpkSG8f)^9}U6E0~$ZH57}sQ01U>VZ0#cbZ3}Wntl;V%QNTx)L3Z6p*BUj7n!~_a zyhP-mhO}TQHOeBwr{f}NyLfB~Pw)U*b?9ei)BEAcb7+mRKq6>sSQ1n1y)R1(#8@O> zTiAFlmeeDk*j?D=y2D3mB6ADO4_KfBbWfJ9G?cUD(^ICYt%Iww^w^(9?}S4PKT*-;>Lxi)eH_6t>Fg}l>w{>U;WoC_7|YrJ?dSBJAsMXYS!~~! zZ)nOdBBqn$Ewbn6Jk6; z2~bxy?j$6~vGVlvAgSXLL*{XW_V)$wXK^G)^$_R{sB%`=Itb@X61e_;Jw)Z^->*P$ zQzOQZF3>fF!?Y`2=Bm^8JbsRN8EG}f(K?x;Dcg1rEwuHqKGbN@!%D6R*X^wSxSem3 zV|{PM^=gK;boe5!seZ)zn#evTx<_0{&6)9Lw5xR}JR;r6zRxZp3m%0V!7YK_p>$6+ z4>m5IkrRttq8x<`J?&?U+7`>$$p+VS!wKPJn6od`#=b z1}If;6LbC<3tUqB90Nhr>b$7rS8!bE@CmixGGgZFHfCN&L8Gl&&p*fsmu@aijxKGC zalS!)=!k9cTJ+%Rl)0I~&D()~B=b8t@xCs7j!ML+D)mkKpA?9ds~&a7BBPbF~0l{ON#)ejJKOP?-mujivJ0yUeBjy%THe`3_guNHF#2 zOiNRqt^8ODi%)LK;oSV1bbKScP{;UD01P@^rdO3aqEG3AZI!NcIWM$6)|&nRQXV&Y zZ_lr_wQdq$-R>}Fx23P=Nkis6GFc*1TE>Yf&>B(mg%$nV=OcoTp_f(1f;{R}Cdl>R zl*+9FTP+&b>oCRZF#mcdiZlF?78nDgDqko6wki<`cB$V84~2&KOa7#EcVzeN3t zU&_cI^1{Dfi~Pe~Mi#!0Y`r_Xu)iTt?Svky9WNn`D6cnUN0(wc$9kqi{gLaQwna7T z=|6U+e_wY8%1bq%3Z`a$o5)-2ugCMVU7~cHJChZ|8%sXz2)4gLR=0PJx6em?dy|X; zxY?Q)k5bz{o!WI|&@~SpL;2%T(FxmmsC`a5$~(yGp4%~_KLG8hOaL%$kaMJ|&kP_n zIoDgU{2O}NCNMm&s}N}xZ|4`ynrTsetZ@Mpxzo-3)SSq>Rw?`Dpf-HJrd?M#Ydn{Zwi~Vtz_F+|S2WRrFu` z|My7$y8pkn{^!;Hi#PwvSpPrl|FEwA$n5@GUjEz6?*Adz|5EIikrAJUmHnS7{|OlA z85#Z`#eUfs{*~A-<9}c5myHGgKcl%U`2PaUWySvwXf6{o6C?fq9nDSZhSF17TI2JY z?sk1n2V{Hiq#C7MQpFvCi^(DUHHJZe!Uu*119hb;6E>2UTdXLX?NAyfA@(CEn^mby z(a^FhUk~UBQxPtwQ_vg(yl}aa#_3)Cd@*J{<#c90T+TSsPS&(Jz|SS329eEQ1~Z`} zzs*<++v`0mPX@HN=*WgyY!yeI&;puiUJwh^=w17pQ;*kkjDr9_gIyd$Mm!I}8=%>1kcE>DlABnMZ@ZVO)103ylRBLwy!;vZb zyqC7dJPoDjx(sA|IWh!7oziL&B@VLjg<^OJ3Vxb;i(;6hCkdKi0d_*f#YTh#pC-db zgn3gjRFLA=KUX+RQBOOSEEY}(_hOg8Z|ypB-A{HZPd9J_;?B@pnC{$Ieh*2q&s(x# zw<0RZ-kR+0?~q&*-y+WmP;1?v+cn|I3cn-r9pw#6*y7b>={!8<79w+W9+~fWg6?M?xH=1f zxci@NRGaoUOxSj$8^o}E$$C?Q?5-joj-tHUagC9_u@;QsfCM^+1q)qH&0*v=#Uvef&4q?u(p% zUn~&*`A<0m(HZsZ^_y}^qbE97h|(^c;?04Pue_45uCzTcH%yX`>_qbws;oBk0mFe; zW;%6JGAnoojuMz9z8%kUM=K!hX1HhJTufCuTyan|IByr?az^r%Wp8DSZC?yz zy9B6xXyw2gWK1$XBW{FXihn)wku)KqRuuQJQXC^8h#9vWMBM+P$X*9?CV2#B-isl8 zUxUB~r@jF8c=A_k%In;-qh;qOP`Ub`HQ7NtXB-+)^=^wR1z^O4YNWotSnMFq1fNE9 z{h!1pWH1wqB8rc)*h_!1+hEiE>OkIldO~$jS5Kts?$IiDRsEA$yNjGw0=gD8bP$j1 zb_lA|+>6Q|4RVT-z$5k%4^LPRMK@%GV!#M}7ZA+eD~DU0H0m9xf)-8|`OjuC*+ZnI z33S>KUN{|5mo$I89Hxp;BSdFFA6U8tiBFOIsP-q?xZS0E4I z)TY9?`$9X}qw66aBttPXEg5bO;_Tu&aT?vZj;~z63DS7_SYw!vM5{#KuoD7yf^~s= z1wJEgVGhs-=)!b=@$sqHg7{qAb%OM6+-ZjHXjFwfwJ+wNuoZg9Ki!`{EoD~bR&Fa+ zuTM=4)dpU~H4WK7NHb?HUYo=tk2x9S{iHmY9)3b|q#kY(w3lMR%d&N`ZrS}f4e~6& zDVAVO=h~QM+mL75oaQ$Yi%#6iPt*|@rzJ5i7Qrr22pUhsiD6_&H$}^kg5M`({Z4&= z=J-9?9xHRrh%g1?gb7s+bk}6(d0NtEnvd)60%imCR3^WfWhp(0I;eIs&981|gP(m7 zeiC7JDh#BGk9@WuB&?{Q@zh}vBB1~$pIjE9EL{0d{P@WwzX18vRD>x$c=lZfrI{HlBnC`MlGWu*WDwow5tJt+Ee`$PcS#Ugvf`@ss zL&bx0im2q0FsVd!`+7Xp+WIn!VguCU(-^eA5hbp7Wm12*<&6bZjx5? z-YxFio;d6~zEdm=^`0Hc=s@hY%HF3YB|5U6kZqbS_Te{XYc;_lqk|@-x{XvIcZvRO zT6^FqAbAup6}xwIl1ew{i?c+4lrS2k6nbci$3BwVx#Ek1{1IyiE_IT%2ZG60F|TdJ z>}|UdcA;@Bq`^r@;~2-uxuU}|v(|2)Lf;k{m3LDw*e}Do&0zV=tumdpAh;6=z*yrT zWMpi!Zt^lPV5$#$+aUEPzv)S0RCyY|xby`a%U(1Lu22G&a&Qqs* zX#G{jP&j27zdX*Iq1(}9jS;`%dX^lt<&7~Zv-2o*C83o?ivtN2wB<017c-ACPNHRV zmW(pfhkG!w>Fz`^{8tOSly>sP{}?itXiJ!z{Ogn2&MJW?O*YrW27oj3XxzB@@rRor zS8l8s>JayFPjvKH!U2kdA1#4voNi84{6{K>7>Qwj6=*;aIJ`T@idZ$#b$sZOZx)L% zHqKT&1D4>S0mFcBQat24i(7z$Rk0|hOYk@jPKzfOsR!6zYM#-DsyiL!fD(DEd+6`; zLBx0!+Lg`p=+Z$Ilo1}EVD@y1ac`k#@JeIjSgkqFOU^Cz8#0H)An^ERf_COsk~c!d zfc^H$%ZHV_3&C`T80T2>AvkwG^gX?MV2eH6X3nJr_W}y{pu;`)nyBKhGI%j3bc08_ zF>fPu_wdWm?Y+Y^HMXHPSokmT+k%1ZlIiMC z^$u#?DhY16?fZ4v5Z!JX-W?_qFltBaaC=}J`+{vrbe_UE(S6Z)XI~fEF2tU-Vh=B* z?y|wE(Z_e9+}!?ZO};q%4%m6w?0sb~`iAa7(h!E&HbM2p+CEAB9Q`x}CR+`1*dx?$ zzpV&R)hcLHtrx#**k>6|m5}FvL&*3zIt|Tw@ZI;JV!nqNLoj%mi?n-j9R4&Sn7$Zi+{M}}acFhG zIkbNV<`~Zg5$lZb4cr)*+GT@sg^GUkK1J^hrs(6BjWd~-!m4+bz-oP4q~Ek9B5y7t=WoY{T}&vRn-R>IQ}*i+4CV9_<8WVg%V9)tMR8KCJcUmOK8F zt~-6*ubr%(RsLFm@D|*Lm7}j&e`%-4q$X$^l3iPDd7gz>`r}mRp6psiLGa|3F5BS= z)&6l&z9X71)T)pycqMp+z$it){1tpLGE>LtDBmnl#o?jYA-fs55PZp=o8To~$ z+h3Fac;Vx6gfRxNm+DacxD9v_VA2i8xBz3p$j2@qjqnJTEgOjNmB9pxcGM?G zC&O0S1e||zecoAVvL>bHlaF~x)eK%{ft7R#jT$WKLQg>Mk6+?i5pS9WZl{? z|9xT>+MWO&WaKjAi8cvz5?2wW`xT@Mu%a8#&@Z+twgY)x5SN?M9M?Vsy63V>6zy+? zW{5q}XDtnU20+A;2M*_9+OCL&1X5;48Xk-j&o02rjZ2Qtj3LQwhmI{6VX-g%0gMi_ z-zYd>yr%{TYRlSye%BIS@Pk~F#3r`3m9|aI+S?xJ?A7caC;lD}{jBT~B8vwZu+Zmd zhvd8kTMXb@F-Qhxx7B{e*`)c)o%gNWr@-&?TzToaM)v-E;1PSUcB24Krb{6jN5~kH zgRrSYz#;df%8AX`tT9p zK%LU1GG&S2KF6dYO~PuN{%JSSQiRwnM;Qi7QIi70W51Y~Y5Wcih}bjOh6j`V*}Qlp z5gm_ZF$y*XPM(B_eh&rREch0ofNa~SC{WMSMVOL2pN}yy&ANv&Ej+3fwlQar^Lzvu z$QJgKXjqr|7(GeT3+0F9CZ{NBnFVXktFW;!j`e-!wUVX$3c>0HMD?y{PRw$xJ!~4m zR(m1qJ}Q?EA|g#rZN#jI$=mvr^i-#qUOkCPFn;+(q853F9#&=s)Gi-Qc^~4M%yW495u|B3>k;L=6u>#&Glp+p-q~87UU8k zfo$mXNdl#o;; zz_N$T&u?t57UBf}cp*33e+j}dvU9*(dzex#rAsj)$Vc~O>|!qSL1`yIRrTzeHiM$OErszpz-0-vCsLra(}V7tq?8sGgTYK6QO zkNPDlle>)wL~I+1@Hebl5r^+s1gMSu8b(`j=U7EKQz`Q~?p7!($oR2>kn&Xsv#*M=DKZ8=cDwYaKOkwT!Xw zV4Ds`uPu<>R{_>Y-B$(WiZ1>0NL|(gNwi_CM4Tb5&8RT8aqVJt$BH!bWMULep7K5Z z_mK0ZVxjRZgkQL4JVmMYn^E@#f3c3%|VbnWn6x+;#Zwld3<7+5zmB+uEad!T!_}<(D1jyho%h= z*4jVfuLUwfm|@G|!+9Qf#6<6K$5!X^L2(O8h(V;$-wG`cN-4JU_4EQ~3;N4b zs+qC~NjkBQ_GQt{u0wLuf_6lwtI28PXCfGc)*J_UU5RW39+L2yV2$7im<8wa2#H4x z$(#BHw-e@~`-hT>LwATVQ25i8MkNI{stN#Ckh1KyIPZQ4j?>$1f#1H9+C7-qc>&}2 ze=Y5|qG1l062rh8Z^rzHg9F97BOg z7jOh~pd7p5A)y!(M?!fPP+4~9-SegDibiFOkFf@ez`a%xmu$v7o}2HfJv+iB;k+gh z$78-?xMIU$_O?_=^C-`@+mzh07#ri+EaaM4jMVG(^6$i}eEZFr!>+g={(K-h+=F~2 z8jCmVxET55)^g8?xt}~C#;)U565!cP8Az)tCw?-aT*_63usz*&;Lo3hJDyx8<^#NO zuR3tzHXTGv=>iO!dvr}WQ=@8nq!|n5XMFnBu8DWeC6y5a-?c?{IZr@#P3X1#(mO6k z9u70Bbo}cDji$dmIpM+e(Apsk8)WPn<@Cp)m&6uJzwAhfZua9>2Tb`5pjmRQdBZ%c z!L_`mB3Q#{qU$ESlaQO{>?4nGe|~^MLY%G?iF(tasz`G_u^Zc-ianLylS;EU_ZX9V0c%ZGANUR8b|}*MRN*4%w^L0(aAz6b%P4g0u-AT-nlYFV zm$8tKAEu2#lg%esGxf)4TSxv$W6%fQxXf{{5;bTEO;U&jv&;GXZ6Am<6^|;Dv}5}* zrAM?$vq$r>jz{k?!+Vhl*_ya+ajoTcq3G!j3)$&!%upFYXP(DqoUWR9sfEW`TJA;W zr^sUNqaC)V*{uzoJ_9`4n?X)I()%uIbK6jt?A){r%r}lVLGJ}=+(gMqo`OcSG_8o! z-qIm0k#6a`pu#@mMWA!OK~LX&y>({_?~)CGIZ^l84P-9QwsMsWv!xu}1TIGz>>IX=jELs3%c|qX4uMNT zT}gPQC>2q^Y*e%Trh@Xh{)Wwk@mM!b!`Lkm>jDXpbGI&f9c`NB1{T-VJ6Yx6oB=mt zz?zjx6VCGlv?I&Uu(TuYA8*O<+Tl}vYrquAcYJ~OKv+?w*;v^|Ym^vAWJp${4b012 zX1Xu8*I?cGtTtR?N{_g(%I_UzKJ&LFTV^4xctC!4XU(^x;3{fyemCp}e4vpJ!RN2( z`s&H5=SL&oxF}K*c}wmD(=PWe(b+$q?PTFOHVMoHI<_df^JN^%h5WJUlqlHV;@PU{ zN+z+*=q*ynY%lHwvt>`T(;bIBI@2FB~jG+G4IMwJM zF%gVwmYg0*8Gsl9p-W5p-xSUYcOM6Izb%qd<6TT6&T#)8!*thWLG_|Bj+N)yz-KkZY6BI}o& z^~)a-ze${zFy8Ue= zDUrlUyrPi)i>`)xnDS;+Uqr#bJC-qg|dp0Qf7$AOms|4bXjKrd1|Olb*Jd6nz!wi;Zp3% zRl_6av--38j-8j$Tjhb}WG~K|0y39vC`(i@(~}-pcNy`bh<3%;Q0o5QEFr`@q*OjN z6xq(Y$F2T6jx9mkn;14Fw7gAy8#xh73y-qD^Xr&ywXTpixEkw`B)1N1JhhH+mrS4itghzb2E2GPWzu%>V|dDD@R# zLNw5sLWN8A;Tm9#Lj3%7%xrtVg|$BtI2Brh){UpZDgKHCLyNFj)X}Q_X&)qLJybp) zjmKs>q?xSw=rQd_ClLuH*I?suT%lreZTZ-uUEz>q<+U3;?3^zUH+7KddG??3%^0?> zUT3&S&6TA?o+?;qdwd%eg=z@>?Qp7@ z0QAW{_9h6e+h;l2gu8b3&~3!F4&Z4LWJE{lGJ**aaOBvYu;)gH?i*vca?e3WA?WRo z^*{&R#fATzI59TUBNKUCv-bM!8fjD%5zx-7>-XmirEK@+$VWuLDWeDkUS3rV!OFv~ zvb7$2F1h^Eff@sb!BU*ZsH(@~jvn!Xz;!8dXE73As9|?W)fTfrO*!Gc{k0*He(3F+ z-`m%mnod(daH(lNDRV%qs5gO3D4A3-=-z9G>oNO81H{HPPkEZDw*Fo43}D1*NUH00 zE^BqoxbvbLu7iVmFB3)sbGN+tD89N>%{!CEHP63mX+A94@J2+t+Cmh8HIAA3ty zyfWaoGUd1WJB%DvR&79U@w?5u51o+Cpuiw1MvoO<5>q!2-%Om_MelG^tts^T$$d^48@cHV-^*lr1UFQT8u!X_#^06)zx9#4j1@%R?*;)Q z#<*bL$paO$7Wi|c{O_^+JMp;!*EBz^9DA~bu7I?=JOuu@TaJ|SI{_QgbbO)@p=@ew zPxaoOYpiweyXlFfeW_W)XM^Rz_NeNngXFAUi(?@M6yo&+01EWG<)9g_!myd3bIrKt z>uG26PAc-W$#FOe-rp;Oq0>e#9+IL^R{TAojzt6Yx%893w~Nga_;^OPIKVbm7J%%|*Q_A|M^pb)y5vMj1IYEF-unT(yw$@+A?ptv}4vSY9_@#c(g z33o2Dw1VIyZ?Aq%Hsgh6;n6p)LMs9}geII+^$eL$8Pouorl4NW`-H*)%Y6`Ami zUj!_L9#?XngH#s8rO?2TN$_hDkq4~PX}|+srsG8>-IvK;Bnwf-L`#?FU=U~NmJvM} zrcdtLK?Gle+1)XXqlrxQ3ALoJ%k7-!kMqU4>9)^n%UkA2P&93$pyia+2lwOhG(@hZ z>*NCZQh><{Dw2mDNuV#gtg9Uu)EGndotp8H`h&!7% z|CgVQ;ok9L;IQnxD734cXH)n4_9E6gUkUZf{HTCdd-ETpzo~5dH{;*UmDCFJnO{^v zk9aMai^9TwHN7q*kptapwc^wt#;W@4Lqiab6=Djam`G5?wfzO;)^eB#9rx(sQpA@A zUH(5qTeC)ZrYDy?k7Y%bu&iOZMOe%=5sgF6)K~T;#*8Su13{SX-o~3WRJ1RkQmlWk z*dR#un}K~LmExKwQS|tLkm=V91y!nOlf^hdAD9H#4aN9U`oy`cbp=xR!FPle*62D2 zgb##!PDAXbB+6kMng_yD2Es9oStcx?OOBT!}e z8ol0_HrFS1oHif!LSF!{(#lV9FecS&y}nabcY;4XdJBQ6Q|oOEg&L2ig?yd+;bi=> zMq7!wU|S1<6C}~~lQoL2h{f(~kKX8rW!|AOCl2m2eqF6mA#HYi`M z+r|#+j0a2yG-am*On`jLptoD*hW4r}1>rktJ~3R)#WKfs?*VqEVZOrl#Z9B*DO%fY zuLXD!_zO5#5N|T04`CgwIA@R^UA8z)fj0_uyxkj>NDiOb}CdOeIeMwMmJ z2)K;Z&fd@9P!0pqEO#pkEnl-#j=GNLdG1^K6!}qladuOqugT8LHssX^DAzXmdJjy; z&$dl%@5E-}7L_^Rn=&w{3aZ*BDaGq7Nz!x)l66AgMdhhNH;%ng%_1!9liPV#6w4yy zaTZuyQ&Dk_KUhAR$eX82V7_f)0Su2#W`Xtbw#x`1Xts2;pQyV9u6 z606d(AiA)?u0|kjdvhr(WUfYOe$9H$z_ZECE2Bg=FLyBijZ*orN(^B>Z{e}uZU7W< z%zEG6q`?9h(QuzRY+WCL`2j&)3;9C4Q)-sh3KOwXfjzNYsDfNMEus`fB67)!MP0Zu zk2+d)B!hWMcnG6$27iQc1JydSormXf?+FqtUQ;gizV zU9Tk+dvrpPM1w~2B8{5pLRgAMVO>ha(Kxv3kZBz>ze`T#Q<`IV$A)SAzLODHQ8&hD z>3%^={Nd^M*LV2_EzVNXeM+;_j_b{zL^FqFS1ZikhE>m=(>Ck=LG+q-fCYsG}Kh3KY_lvku%Z{LwqHYckc@`Nr$WQ;@ zvkU_&n&2Bf>^)SMOz#B4m?xx<&xGOS;^*P%D|qYb))K2GZ>K5d(WdiB?1u_fj~lur zl@zSN9D0G!MKBjpYhn6*Hi1Cq3&IV>W3_6V>fP943wM7>bLjo^7&-21-1Bg(Nsy!B zBk3c7cFVB}OUKAWWMlm;yp5GnsicPJgu9(AY^qEO#}2m3l-cg_G?^`7L(alm^lL&L zG1J{lDbNSw-ff_ZtQGTA=?G_MYpJUKffr4IG;HW1lLGQVw`8PcF5tNX=IH}BeJEXR zZDVlTL%uP4jKn}iDGiqwfVhH}TYhT92D%lFZA1E1Im}KP-_^b&t&Vp6{e!YCw7(0dVXQVo6DtpEZSvH3OKCgQ$G84hoVBd2RX z+ZOM><3E47H7dkLSjn>1lnmgXE}b(sa;2Y`a3`vcb8T~C(Ia{BOdXQ*K4}|u>)7_F zHzk5)?@==Gu1!sJ@mF`VB$;_OOqM&oEYE*u%AiS`TYwAu%h=AN0vK_rqELsC82*|w zXijA@qDWd4k}#V^Ce5ZXC<_c8^NVjw4M+{TgP=7Vu<5C@#l5yU$=)ZE?yOb}0&z@Eokrn@lH<7JG?D!Bm{Ccw zdNly*iy!5>AwyV{&s1=V!b9t^q0~?XMz`2=ZqrIE&-!Q;$tVU3@%z_>S&C6ZS#=O@g^zSc zkj$Z#5u1}Gv3e|lg!&}4A*W}wyz0UbHA~Bx6n~)s;L<|go;-nV6u2`MmEJ!AV583U zS6+`&)(BCqApD7=y_S$V-D;UZMO(t&@oy_NACHANw6O_ z^b{QL)UPexHr);_8FHpZK@C9#5lt0We?k9UF znDg!?ZQgY}Z_$P%SPzU#*ylxI)~wNHBsKd=M?*pJtSGS=9c*97`75@(Qh%wSaW&$S zIRp&RpiFA!&nTZ)NcSPEVT01dVHuE3)N__1(aA1?eiUAxdqy+DY%eMF>-GE^oj7ng z`NvUA8IM)$;{zUj9?4Y{Pg6wpsyMs+RIWy^;L?`2m@=DasZ1cN6 zi&DLbeEZVrb1#Y=hZizBpuO;`;$w#sk-DI{Pk_u>4b}x!<&kOC{|CMbI_{--Um;%z zaSj6RujQ=DIn5IrCFPUxGNWc<>$q=^L6A;^L<_^VeUH5l)`mA2Z&7XhmJDw+6@F_s z%g_ZJLN3*4s#Bl9anOBvwuwvEtcqd78h|vH3Bfh}fR=1@cxj|fq|ihl-yFM3wq~~@ z@JmVB<(0|aZ``u4JolCzPOTO1t-vRW3tt69c^1<3M7^g>5LTOA9Rd|ob`4@rMCNIz ztJxoOE7l!rTAQ$$D>9qq`q<3a+1PrjY_{pRJs)gJHPpsThp5`TM|XYkQ|saS*gF}G zsJz^&JWGq@&tQ4Ra>env_z@l3m(Kb|)pHQf(Zk@wCW{5~O6i4IXrZzW0cYAyFb~<$#hf29$u6YFxvjV65 zXpS)PVRen8qtSQ#U9kPa<@9NmtErHo8I?tt`Q~nIS!v;XC@moZ`bd<&Vg72M$%^cc z3k@ja!b8+2s7a8is$$t%StwKvw}B$|hIZO`k{>QAJhLZ1#$Y#nyuLO2E1)QRS*#>JA3qTCl_-`W?+-&qsth|(1wADU zFbr~N=L}Rq=g`z9D{SW$?V6R#;@Y7}ld91^53-?J^4I;??;W5AuFkN-TG8F8Rj>CI*0tXakDDil87j5Qa3_ObE5TbbT|$nxS5V}JxDH&S6SGfS!5X0uL|lz$cD zpUiFw53C8UwrUL@cGD)g1+kXUjRjoBdi^maCgCs{SgaL%+$huY2!veP*+b?^F@hLKk7#dY5#~B>%+dWZ_@I0r1!UkA^6!Yt#3#nn!~iZ2 zqbD;F1^`=A8}WD^Ue0bfGKgDKz$m0OTXFo;Np&49?C7j_*gO%apP);!SbkCo+P zvbojl7`O!Eb*hj8bEH3tak-gI)01_27|FP2{C$3q1)v%PIMmGeVApcfRE{yT2<#k5 z7{!`Gc&@GJ7;=0?9l8TR&{w^%N(?1SHlILFj2hnJT!tE2*J)*yIw!o{-G zWaTQK!?1Ih4q7^EQuoeDAY9hvS2(DLAd*j$Kt+9*@My3ksf|s@TRC}9oR(0(t|c0} zdC;5#vw9Ne^o6|>_vu|h57nO`i+=Xtac;)8jr43wm> zZf5a$g?L`z--{X$4xT~1rcgqW2oA3h7}v6<*3x}7*~=d=JiXZCjkoIgmHoH<$%*fX z9JNcw{{WPnX+^?CG7h~ez&Fdd_bBg3Gg8kU?oC^#0cSF9^$IDLQ(92M@n=0XZ!JfH z#y&!H6QRnXTMCe1tgXISEt(CbXLd-BXEuZ4W%k@aq6Cy^2AwmwfNe~#lM~z&Nbe?h zFj@)(S^MimH^7>g@0sh^z9r%L;_XKt^2JW{SlAvJWE_B}&RdajY>tS~F1G?_>2}zdg2+I65Y~CT(P{~no*U`0EiM=FWJSupF``0wV zzX~5HwHE3RmgJFNc^DeWys&V26I}`FAwh+NPBD^O?y`0A#;iX!JXIXWx#^W%**rS* zn|Dtc1TD|`i$|3o={Z4)5;xkzXrX*r^~%+w+CiU}T6~QlWQt5>u|@96Zx}ZXfifeF z2xY8=gL$U;$oY!}h=qx!&LF|C*ig9EG*dM+^<~W%bKUmzyI z&nRUh@mYWRLHR|#<@a+hk)|Ahh?E2O6)VRhr5?w4qgdApdV3%ToCmto{KGZ%Y8lgFI z{BC&X9y4M-$a|=(QLB!U7nzMq)=Nr+ohqMs~c3b%ga}O zqf$*JKj+IhCrF-24ySRL&^f~kX64(*t{PuAIIVGBd1iIfJ~54$4vzwQTeuB87r(O} zC{jHdj(|No9UI+ZjSIj2o_x_dM-~q+8{l1W&#)}9D|gLS$*_lFT2eQ+5KKQr7Y?H} zYLqTk@JPgR>QgtNtmE@^mgTklfdiK3$orFKpwWXrB48f~nYI<6w^doqkX*UJv(K4c z$gdm{nZ>bWG>8O)Rv>xU>+&p$Z~-x{7pfhZ#`I@b)~OH$(QV1vg|$EZCs0Z6iFqyC zMK>|g7?b|O<`0P7siX>}N5f6F%>|(9tJ5aw4_Rv6_D{`*p2a^^uEUXiIX@li+Af)G z(`&r^v7aD2w$`%4c)das%h>}7?9Yxkcw%up8va74`c>3Sb#Dr?o`Uu4ZZ)doZkKWSC*ZS>e@qqE@>SB~v|gfnrBU_6;Z|%h z;`P3VThDO+I-p~^SwI8V+{zO2bafva9z{3bSZ&1Nf(vt}pDbCC`&i1@o-g z65mO@&~0kvbCz$P_K@NGHv6B!ecfOBE+bFKMwXhZONJr%0<5A~h1<;*p^OO-1Gk1Q zXlX*i$U7utvKYvovFg*{BF{FjtneC)q9oJ;$v=I^oJL5c6f&(|jZ@-(B31ei>Ctq9 z>sU{n0zo#W6BrKpE7Pnh19X`{*Ia`efgjblSL+0WVX_V>owTGOGpuaWRPo?l+<=f<-SSqQ6`^eDXKgr=!td zhykoBDHOPn<}nke*Px#s)esGDqK*5}JD;Od8R{UF-r=tI7`D6eMCtQ1L5>bMdAUix zPTkhmA($YA&k=_=p|GOMI4wm_Z@kR>(S~ouvoX~meC3UFHQxLwvpRsFe5?d&sG%eJ z{&oDbaF~T?rvb6Glhw-U3ijBqL;jtAd3QzO-OTd~dQKUY8shncW`?--9fZU;;rL`% z6b#DS&nxEEG>y$TF8$R|{A*G0rq;{uJYs`H|=Rk$aAP@>R0xhHZ1LL+x`F zmcx(TReS%kNsRwc;*>0`?~478~lG&eQ7fe(Y0ZSOl2|_P% z)W+{jry4hJ?_>&A;OC!&=3wReS;)3u&`ShsP;ywAd%A}wpVumuQk1cx`w9;QL-#}P zL&rmoP{IRC_i}V_S@O3d1Ccbi#@JmuOtUwbr-5CmuD{vu{iUf7gE=77W+{kvO*Oyr zX9lcKPSV6VZf>VB^z@STb8Z*nDF6*wv5xy}$8P0oe^FyU4Xz4FPMozmn%x~X;&*(V zU@}#RvDdzC2WMJalD1x!AJ1;M7buuL*3P>^$%SWvG*@P-+Ugkf?%$zTw7T?n&KX@! zVUCH?z9&P`VRJ89+v_FmkLYv^64pFs7d+B)wh2h|SF21yq|LJf zvxQoSOhSBV)Ju?ynoWu*(siVQW*Wp`!nWnDgPl86f4Zf&?YA+uhx8IcsG2%>K{X~@_aH` zy@O}UGWr_N!*+8vYS8AN#Yg^%W!vqZG;?G7UCJ4pAljw_ z`PuJL^|^T?uwyKnvkyq{aPm*ik(MZ48y}L6UlqbKt#n$ml1ZJ(VhTe+SQS75EkW3q z%xG#zvk)_b1+N}4olxfy8K!zzhF4?On-?R_vTtOy`5)BXQ;=<4pC7BN1 z+ctLEnLBOUHg?*!ZQGgWt*-M`ef9O*UESyI+^mT8kC-dwj4>kCZ;p%SVRzsYN8Uxe zh>Wad&qRVxz_K0}3Ld{ys~EO0HAlBdwp!{JzosT2^bow67|&`;w|3*9bNtc+OzOWP z(UE7>n$!H?n3QqvG_C#MOK+AFrHjx_p-K~^?YO9R>Hpo%$)%`P0l3N)I67T;H(TCN8pil_)}Ojt(VT6tJ!_JR298LEx?jDOj4otitG=#0*3vDl2e-vEd(~x>t2HEH;zy6}|c{GeokHd4Kj^ z(7IG4?AG=g^LGnf+7ywo+1R_biboGiE;Y$b;+uaZ1@O$v8JZJjDZfQ7O1!Z4api^y7|(MzVm$4LRn z;ax41@lz&h`4pVi}~z_g@vsr*_#8XR4a3X9Ch+$vd7BZGx@i5sT(#213ZWdiP!JY}$f zctZ=z9-4{st6*=rWWrv%(EG2GFpHNlGzd_I_|UlZ348S+>wd}%A=1II1rG(A2C;`` z!(2k)!IlYKaSgxK$Hn966>d~+6!4UyCRVQ;;lgI^v3oESM$&wXdW?Ci}DRhg# zbG;Rf#?%JJQaH3(|0!^v!;Q}L{AH|GFZ2Cli|nSgkfk+PV}QS1$Fj>9i-1PJIUFwOa+y0skYb3 z%qFs8;mC2-#-K)TP)Uce+HN?xX_b4ANQMzqmtRZrPFKH5vfw^AD%C^wR92K6(Pzfg zB#%Y(ocLUT<`1XCEgncpARVwP*Uxgpt6g%;83b;DDecfKTK33r1^&^(gTa|&454)U zw2yMjIx6MZ)sTIoCDFWv0@2kU! zI)0v^s7}EGYgk{Kd%f>=ET~3%8dWn`Miz;fOGt~n)}IReL`4c7i%$+048ftmp@MpY z-L%RgHo;H7d+X}zf>8o5>&k*tuo#>sW2;N#o0xX>R zfox*hmcudzyt1BK2^x4q>X0CDL{k@>SQ@kWEe^XkPNj zOOwFJ^_SKeeZR4B48o19(>HAJ(NBb(fLv6m#l5LvWMIw=3yV|Wb9=tp?s{IR^ubuG zwKJb0skt1_ENu7bIfT;P2JU z8~gfYeB3tbA>myeM&y4{Po1QrYS2U=xYZDULgnJlBP+I2(-a!Xda0Q!;HCh159bUS zBBaVcdtONm9CHL|9ze5_Qby@gVw8t=L-;u3vRQTzfy*35k$i9*N)UZej}x%NE!!nyE1( z50t|vG`OEnJ--ZQfKy1A+Icjvg zPR^|0b)T_686ifs_`cj>0*zE^%Zbr^%Xs3w=!u3H??Hteqiz0*z+HVA0_oPEr{ zW*+N~{W5dFzHB&JJ0y@^64A=8}SpsozGAa!72&+>94V(jfP@tOxEF*Kglp94{$RwC29 z-(aZ(qkiMYgyJ>B0t`xlATW>!c=VY&E>s8BaM!Quz&~n#`Or<1kUZLl&&K&6>IZZm z6DE`zx2ix5mSorZJsk}C**2pRw%1?0XYh^S77i_cNjD|vT-$EA|B)f^JXjo(EEqRN zrXg3FKA#SB{J55}%JF$~{fXEuARJWYKS5nD7a{R>8-W&~^}vy2H|uuVQsSG!6*tGV zQ#;o~9$_G(0@aM0_-qf{Y~R0Jqxv8(;i!bIDi+yCx|9w1dc!%BTT!@Dwoux%;#mhT z(8kygvH5N?(<#QBxJJ5exSqk@dsN=-i1De!muXyyJEs&Iy(kS@Wo9Uw(>V*0>A2HO z0s8phHe%2OHkt?llMWx3NP(0q4LQ^uofAP)Rwm3y8+Kvws4nWGrQ5Y5S!Vs~N^8LU ztUHT#`}F}&t)^Ufpl9uF+=IU(z1lRZGtUkcL{e0vO$Qb~MeiwB$A%*VuhU3i+;OSD z_UkweCm07PEx0iLt>_N@+>qwk;UsHiIj_GiA#Y#d@Gv}hutCa9P1mfIsIJga$57-@ zD4d(7g}hn$=?wX-Eh2fio^7U_&j;KBRJHfD7Di z@tZ+BP_rs*r(71!Zh;Z(igVJp)b8pmekNihWF%SKOn3!lm4FkK6CH`Ty8K{5;14wn z(*y`q0Fa|Y<0&Ia8EvWXmOh)m;fS!|57g@rVz12Bx>N45YX8sHafD-lriBX@4f31h zl7=+{uaV#w2v>r(xl2#*h_MQq{cG24(h7rmq&(m!ud5revj^enj@{U8cd66uL!INp z0>7x9j=A3B6$^zN-~Cm&Ps{e#F#neCJKt3kgmFZjRo~6Spa`OB))=7aj#pO|BEER#8 zjoO9$r@-T{vs|r1)eKzbO?FKX)hVt`i{KbLy2iaTf~@7Z(wa)|mQSaUuofpub)=10)y9*#wpaD8O>uh3DYN z^7LP`>p#Q5&hzwK5U`T;B#RmRM@BG{C|>KMXC4wj{o)MlYb|}B@_Y&SMB)h9vjmbk z7fc+FeO|(Tqi*5{OJdzq?({lTbaEzw$^t9C*+h1PF?)H7$rIEb6%w4_NdFkS>=T0Z z#7CA5^=BG|7&;<&JQgAK+&>$xM;TG0)oY9?74@{0`XiSUQBM7xXttR9kXdQ;KZBU>X;rKLBadvy-%Z-_Is5& z3Q($dV3jK)9A|8A1b>fJV?1?Y9@ zc4>4iuAi&8FXEdbKLKZ;ak(J)n3fO*xwK&RvW%fzJsLcV=89BC#dK% zFuC1?WH5st(I1G)q|GrB-FNW-rH}jdZgpQLM!hyLY|G=uA^B};>%Zbxo{Q>xuq`*h z2-tXa)D_Y68tT?nL?+Dvyp;^94;^5h9noYo6YAoH>&r_$#T%)X;>^q2Cpd&f{s*p@jk(yrUi=-iB=j|DkG+Xw$ z7lBq5o?ZJ%h9o6|4)9X(p+Nh7*J4~1OQvZiCN-%hC8?+eM^==}aJ>qG6|DsTXR%uw z{zjU~bu>VldOvIps~xtK7}oeM6*lyw{T(*kcdE{c9t~bmQOO7*b|b+l6(@Yd`wOy8 zS*$7o5)R?s)25$i?4{QEuy$|HIei|EB_qre^RQ91SkMZ+SO5MeEmvK8iY*b-117p! zRq0-UiirxIiZ@z;Xt$;}%n0mNgL;Ete|UOsF)Z3pXd<@Sr0pA`p-Cp{Q?W092yWA# zJ-0d|pk|62pH&+=rE(Uc)fl1*P|hF=jE4=7O-RE4quZYxd#MM=dD4#I=H#lbSy1Nr zwD}e)KohF8;D$5op#-Z{;IjZ$@Qg}u_B`IiY#9QGV0Mk2OJ}i)mE}Jj(d5mcr}7w* zM}@{rvLIw9kfi1nTtj@`ib=e^?goCeWWe7g zwRg_i$~{#N&KDy5ctsDvKx2C}&a#q2XdooGEG#SUtO<+E!|K1_M!+!Iu zO2L?dCf%crk4jSBR;hdIm7rV6(@4Av^eU6}bWNLvfj4SIASRtVUuEuzf~sK#Xw%7rYg^D$Cx-%R=|XlC zDBVeEiGj-(3E&|(qM0|;zau^EUhdJnKG8-5uI0xe!8UjfU$39N4$UZ_5rMh)dt#L z%0v~htu2j1Xy;l>9QeQbA(u-JSU7bPS+s#r(qNeM^x0CG02H4<{As3>wCZ7me3#Pr zQE=Z)E~<@4Lr*X$lA^&T27A_d0S0h|5&8;!;Rq~H&^ok4sNki7r*m94NctkoKeIdm zTK@X1gRZvY>wZXEjK%W_YI;aRm6N_gprk5KLL>MDd*7rUC3;VVZM?nIPoP(#9@ij} zVQgL<@?-9i(S_`kaIO#&i`F%6J%q?iqwHz(0TR``KNUIGL+%F;VbaZl&ywM@R9Pgq z=Ic&B#^R+iw6KP3u+?-kZ83@5{KmK(NnSKiQkol^n_;=_EVto9oHrPXpy-_5YI#u~ zxy7WP$mmDe?r5{i@KLu5$@+|cdf>T+Eq7OVt4(%QdTUJb=3gngmc5ddqfy&7pCLbz z;rk{WGm*LZT5Ao%1U^h5+MhP^zXqyQIE8mVxq9E<-X@e_MzQ{k&f+MhSbv` z+UZC)CvifsTs%rObM6eVw-gtY^g19?ecR2rKmGBQ|DbAHI=kJ|f_k~e2axemA?4z; z?R})Sk2XJM0yS6rqt)KG*x=KUtbpFK*Ip1UfFokgGwbc7Gh~YX{(85i8b}GMunvqf?xIIFcf<7R^Tfr) zRCQrimX5`8GOb2MQ~-BB_8dA#+$ef|A) zZFd4kY3@yo&A`_BRi=UvJ6+-5hmx0Umt z9wGhA@)E_%324o)=GB4=fH-gGph|hew&HDNIpH+1gY`RMdH8l-T8j* zgSe#NArR7rp4)73zeW!Ux}3p=I7eKUud2dd{eBENt5gI!jh2v_!!4+4#wIdorZXHm zmlnqBw^{WE(2e6ed$dKZo>+{DdQYUBneX;_3KjYqd?r0soa;Plo?72ziI&PpIM<(B z|JX&?g-8J3NyKQL9IhM68r+dybDO9wqa@1uy|^y-eS9Ch5j1HNxnJxciuIcSQkWp8 zw1>TLiWx40&+h$A>-&(Q!id4g`FWl7R@LUE1iXy@>z+=CghYrR8>t#!^Qj6awsKvE zx2xnV?^f7>A;p4QnC6=Q?h4`B?-|nCjobQ});c8+eQU6g?RIcV9HSXcPd!O|nekcL zvsFQTLMKgg>Qls01^w))?7I2Ozk{MF&!zOVE}5X|tJT75e7>rV!s%kxV*SBp9@Ol6 zXJ>#7b0jSTn7KM}AaSmwSmJvzon zx2f)ur~}IH542?Lc9T3Q4tS%uTjFl+9MeE|1tA`mPPTD~_(h8Y)@cs9?m zY(33Zy0v;@K|$dXJD@LG5+*zjHOUk*hKJuK!US)@7nmp=8WE6d?hDP+`00{Pv%KQ& z=mMwlR3$Tvpgf#eHa=G=J5-5t4z znr>Zf2ff{IP0*64)n7T-Bd<;NndF@EPE7a>2Uo=lZ*yS z>UIB8-(G-s-AXD)I*7qw@`J0F5F)Btp90gix#J{$9Y@3UoGpaDH5(_|N zTFf!h5#Ha8`gqiW&geN?1Ci)dB+o0?wb3C!p9&GUVLay;1~lrUJENn@22+dW}R${oG= zv*V@3`mDzOaYRU}T4MC4hGQ8`v&wk0LmcuD0ijVZv6!qMr83hP_=;U+w4~i8u5LSK znIsKF^Z7dWclBNKhv~M$tIy+Sw%)^M3ySXiM$%s(Jeo}EVZSclFySk@P#*A_+{F4q)?-=mzFcbCG_mjP+j6gsqzQyQ zvdqGR5()i6@9b$i<&I@%} z?X6DNvK{W)$y%p(Dr%6MJI6j85|-oXPdlxKJztm=_i-;jtz#+jwJ0mDH%@wtq{}1}<>>(cdg~I&iXSQo89Z2SDIv z@u72wdUimotn;_0*gHJ2Zk(+@rCyc;cE=Vg$c$!j?GOr z?`BVlRxIAtLy4UXH%2+N0bZsMgxaXk%(WAYFPlkhv7msw*gU&1rK(ob@IK~+nYcHz zU17R0Q|oqmxv}YXA0h9y2;Z1FqiE5sZ}oKFA0$D5hnakARq|VjQ*62tEUNHOb*rN% zrf_P}b^l~p#*_ps-XOGw?^mUzb#Wljnp@3})3o{V~B}7yY=JrW%SF1B7kinxFhq;3E_m8Pjk^+Ikk221&W~g@u2^LPT5-u zn18CLs8kP3oA#0kku>V9M3-l8f2t?Yl9YmB+$+8ys;1X03B-72w(scr8168g5k(le zp(KZJpV=?VPXq`i1QlelTcq3X(Udh}LKc2t$x1`8h?|zYMBr72gjDyB0rT5hhFNB| zv*Ft*?At$I;ucz(e6Ep&awQ?M4m^BoyzkV?%z7q95oyZ=dR^o&w6_Z({KhwR{o1ZP zUO&mt;+FYrh5c+*ZcV4rCx?%y-lW!3)_?}0ULS>Oehm=lnGOT|TKMTHKo_SuGWSkt zIC6J<{_3sD0WBR(>A7?OZAffEj6=D1pD`OI280KS#7__8*@u$sr^#CU9`iFN=Eu{X zvOgZ4gn?PQoki_JDQCi7xt}2?ZjSA5WJ9F*YPo<}veiQejkOZEH`THrxM5}}w zDa6w^)UO){cuhx4Csd|JC_;VL7(09}>viXB4-GA@V7T?|*1`4#@IgJjx}BWnRnwP= zEzylT^>4KESMYVrXIfpCKb$W1#`V9#7jJ-82qD5+d~nvuZBoE=7C^Yj7D67wVzM$u zspmNFnm%0WlE%h1;Jr^YH0qh77BoVt+{0i*glve28vmf1F%eGf(dNI{0Yzp15|GFN z6F`YQ)@tU1*&#jgoh{lj9*~95Vg&LU`jb3Q2D!15wht&>q^gH)L{VH}^Jl?h6X`|$ z%+7>TcS=Hw^Jt)3!dXW`A&l&bNJ!fb07lB7s!DDK?sJe}sKaYD!`4{(MPGNT?bUZQ zwrYRq9wB4*oKrZus*&i2tC;!5-qk!Bw~^bQP#|FqywJeuXr{ND)6w!a!7a4!`;00pgWO*gUTL8JAIViRl9Z@v2U=e z$gQSpmzBsz`+&=u%b=Dv$6!k-0!8*wOWPM;H(OoC_VpT$AAOzJx{|jNZ{|xdSNuy7 zSGqZTsRde@x24mb?B&#+t4ojPh>!Ry!XwI)#Gcd_&EvT6#4h45XHHpS#XXIK4LB`2 ztGlT2a}OGZ%>0I`SGW7V^p8sqzH~j|HdLWO?{0b4dXbnHul}V*8XHX-`7zjl!ag(K z=Kk;cZ=r}Z<{rP1qbDqZ7Ad*e5~IgQ8%-Y{Nfu|iwlp=Ax2<`nD#Z=5lZf?0U<`>~ zM^FKB-m+cape0}iM&7hP9>84r(lh(ie0g^aAot?6I1U_mLeIlMg~!^Z`9neD+J?Oo z#nL+LLijAHi;wb@CmPY>+g8|yRBl=_8-eL;PRXWd8RO}T>OYmX{Y9nnfc{jbEvby? zu1{z8;*<8WYe2a`*)_Q(dA#Au48aZTSc4;3<~c}(Qunh<@Z-h zs;&C2UUUxB)G_Q+tcZDU^X-Ms&c-hYui6ZnZ60+`PdZ%%+v1P)4!2pDMW-@=|L#@y z%ESeOvqCJ3dhn$65Dcs}qL%0s<>4D1pB11#{TXv`xUxknzM)@1h-*{A_9nhN2`BBh z7eo(OP*yJG!72O39zpP7msH^MB2>g*Sf*bqxQ_amy2_WkZ_8)xS%VG;wANXo$xS^2 zw5k=5k2{9a%C(VOYuDLbN9m&1)HZTSNBm~9uw5En;Bw-r%>088+oTQCPz7-bqHu?>11`3f3rPlKH!~ZU97jY zNYy0kUB>>b2wXRW)DD;UWGdswU~`h!}YNvV`T$qVW z_Bk~hg@Ku22vWFe$}vccqVX%NAa{~LMsW$HQy)$)f+QY!$NbC~`Od0U9K&)LH6<#0 zz(`W4y}j9uI_qnd9yC4iGfy{6D_V@0TXBb1=6li|`RNo% zDiuan^tG7Q%^~ICf|!Um-J1WkFwV}6Xmq$8(d^ed1c^Jqe*a3H8I{V7aNC9=#@^|d zD@r2MiT@m4Nvse$!;doeT*a3K2P=A6!~FD^>(Ij6q?~pECfgSnKMB5Nmh_a5G=Jg8;Pd}!< zFB@aTWTyZ$NNdbUiM$DS=l=8!4!wDvZc%pIs|T>Ya_|!o-06h7zstUo!3T@ay3c&Q zfGT{!sW95YHx+!?8TLP8EqJx2<|=(T;fM+w#1448x;%5#g8OBE0M5(tU2A1aef5nz z^QL_v{(6C6L3di}&4q@8w`H+Ur^8esbNw*|nvxhV>O`6GXNLWjr1K4Id`4+K>o+)jE8_JP;%ygbll_mg|QI{SxWKo z=^0$GpjNf~&$QZ8P9b`MxC!~6N#O=B@nglLPL)9%q+tWE*c-@a&6uWKRjFmDqO5Y& za$A{Owt}>b6Ku4WJIk!NRsa$1`8#5c@h@rCy!F`S$K=hW!N@svk1lXS`NX(TmB|re5w|A zYSpInip2u?Ud^WNKIaJ=D&x3ciD$!79Q5EK3M)m8NZY_*Gs%Yo_!@JSQO=h?z1k%z z#nIpftw8#WYYzI|GDI!Kvktwiq zuudCS<~E}8W*i>E77^o8bR5gnTjZM1z7fZtbsT&X3y1{9yJ1sgxss&?v|u>SX-IWy z+A{80#qibe^|{H~di^kv`5Aiq+)8~34Jbr=R?+q`Wiesj?*M!!+#~84SiQWqDL%uY zzT0hA!|wc98?zueNy^j*;7wT^Z&aM<25XzZOOf_J?#+K_cR%Z7ya$i8q8vWj>liX8 zH#_T`>N+ZQTq24)3>aV1N z*wmB)z-KkNe~+q5MfqnJFRQLR+%!lj=GX9&geb1{X<$6KERua^5f)d?dH7AKI!`%4l@nJ4Sm{z|-CkZ(kWo=WU$tc|(skX>sv)TO zF*vXKJZ6*0ajZ-ZO-Fq*2bsaCF3$l9qO4DmXrdB4L1aSGK{c?%6fdmsWND`U9L$J9cWv=z^JrFLBFA(O8&P?V9gsqL-0zW4E|9xLX3M(}hIDus4+mKw5t;8jH{eJb0DBqpS2{*ZfKf*)s^4Z==os;ZY6s zAy?9;0+UEJrQE`$v_4i==Edg*WNgYHXz}7vYRs9VI0oecFd~{|O4pxqTj9EGUHYxtUsRvM%kW>&BqEYg&F|@P(n_2)4!vBj}048>} zf9?ff|L0x+R`!2Qw*UM4{rhD5f4$9rPqb(L&qRAdEjlK44njI+PEJB5Mov~j05gXU z^#3B!o`aF;pAzl=?UH{=v}gaf?D~ICv}a;u`HxKdzaD_&-{<0lEP#JXw`b#E{-<<% zCPr4~{~B)(_@CnK0e=^7&-pL$_8g3?|9!fBSBjTA>LS+AHcLYTl%QZM6;nD}HB5cn7?I)mt97a)%<*ty^$GsSyVfG}t>P9EMall0dyis!qdHnyCxA_xbr={fR;mYX!Pn6;308BQ ziniW#XyR)d?FlZ|d#w!g=z6Po#C5VfkCBrltLZ+f)Aa&Gi=T0{PnI#`Ywlv_oa`Bl z#Tb+HA=?;MxT{zr@gvoQr40H-rVPXmM(*_t#18mH5JV7!VGQ_%9S`<2h+_C9c*9>C z(eq>`n3`aik$tQ1kaSaY(|n2W&~=k^(`6%nQ+^42biHuj7QUe4i*Si~!C>JY%dBn{ zUi9O{>&eY%>Lz$g^AO_?5k0*{AE*rq?FrnXEq+;z_8=pKP3|!ae(o_0qzvXnzTY5U z8R)$4X|A8+Zfk0@?upQo$J%gMs62Frb!j7H^Uz}zPiks^z=DkOx`SSwuwM+#kC<%O zN|(5_?73P5VJKU{PCE%BFs){bfg~$5u%|SVu#qyW$4X7cJm5l8Ud!j?giS~At4>{F zieAT(+9iC3Vt-<3G?U-i3{r~PsPJhOL=u#4qem5g_-tWeJf3~>MmKBRxeao4#N6U} z|JooOZyB_s>KFCsq2eoI%1L~N(l+?mk60zVHrn&toYx$zL|M+~AX#qq8L`qK8Rr;C zA6P5v&3agOIml0Eu`z4aL|SaOTiP>ZJHAHctvJ+(CO56uUX=3qw)uvp73K3%9bkKGM8`ld z{C)Kmct_hOxani%bXwO$Hvn=n+P$oEDwukEwqE728l1aZ6YEe1a z?=x3za+MnAksO906krTktNm~#LUW5Tt{bn(8H6=8{(^tfQgsoOF(!t3gPwcQR54e3(+aa-3t z1B!C=f%--Yb{RD&kW6C4)ZfeI} z*QU#M2;vSbvgIJn@~D31m+B;v)3JOZSgm!ek`Xv}4$w4n8p?^u>yDcr*PF;X$i#3G z<)XMnEYFgP+6Z*(gqw1m5;LpWDr0ZhcM1sCMOyO0nMqnaIfJq%Yy%MNIlQuz?d-ci{YQYxTEL(*<|sAFeE;|H_i6`DfC&EIcYhy|23Ab zVzbfoR=|KLd*{Ws%rpXBJeWBF}VFi*@yIEHi=8m&yYb-r2!UwgCVNR zcyw!CU{PTqtotVQ)Nd-vv^lELtN-=aK2DP;(m{vw5lXZjfsQf4+m9f|n$@?db?w_& z+iBHbt!$%}ro$s^n#D~9a5Cp)B0~-K&HiDlBgMuW;<>cJcQtUgNyNI6GuEe3noNY059k}`{vNbvhp)-MV+vCfH?i6FF3EHK zg-=%S*`Ax=gM8J=dxX>RY~)8_7Qk^&{F^>YFpF6zOR$KqQMvV3GD}rPydr~NN82on^mV*je{UUPGDFWe@ZPa$!pN z z;lF+PhYAVVSULZz3jfE&|B533^FMy^f6pPExH{VbLPTM&Zo~18y`W2MA`y(N1L9FC zS-v0rYl0CNjYGlTd_OZI6AfWZk9uqG*7%;)ueAgg+J z6KlMfZWn1G>+@5#OtwotLq-P{p2} z=)VV3V;i<(jXf=upB2#wH{Md(bPB2c|7cV)w!0qa%NY2rq=0Fo3rfP6mBGYz41DGI?%Mt zvt-3D3xf`k9%)@59^lhR_3UsvSfhcMyAlAkt1%(K{w^nWsL7b_Rh*dbG#xxHd1Vm1Tdl7lk^ecuFgZ+UAg8* z@=A7_yF&h@$wT-h>8;JeM)J^zm6nrh72ZFHB~^JG`K`5Agp)=ON~-PHE5vWC7Zurc%>yheL0Lq3i~+v9OaRww@p(^OlrSby>Q z^WS()%t^aNA&XHGt~97vr5t`>c#H24@j~WM50J>5dBjllY`Mc2Rm?T>?mXxia4_t? zGOaw|9%R}xcSr;%;{Lj=e1aeCAIvk%cJD}y%!|Sz{s*psy8_7&kXZ(QVgAuMby!|~ ztgjz0ugoOcioj2tMN>oScl-SLbsh;;h-+hSyB6t z&MeEU;p53-Ru>~!^(?^1;X&wPGpuQyUeg|>pJvfAqVC~SHP5L=)rcP?t?O_PT#=DR zMPZD(^~I&&)o>P7XyC--)p{CuxV3KRFlN8@Wv^-yAKLHCK0rHM9HRjmlCIu1PKNzb z=6g{VeeHpd4~YbXD7X)3Og~>aH|9-f|FLbr!jWcQn&*zVe%b^KSOMyp);D`o;WKy2 zochwjNfxMopKlDfLKicak2++s(h6m)2C!2MVp+N7ty(Z!wKB8JY;*YkPC;^g&d2tc zny0+y-C3acA(dHDJ5hLNqkOb+D1CaAJL?A4-$k5_#Na66*19;=7Q~F2>S|ikm*W85 zpShbFDKn+5>iH*=@qL2oK1L}(ZBk&~AjSjbp{WP#eK&tO#7EZuy4hy|1oQlD&-Wdt znx9#tr;B>h^g7Jq=o91qih&qI>lXAAafnK3} zr;oY7HF_6H6PW6F(*5iJ?f~SmsdiboVsg*|${6w**k)%Jv``-)2INQE@OG?l1wGNX zwC_WngePuN<%vX13h z?}Dn>5ytN^d2?#;U*CPtm7ji~A9fSdFg!+l&Hg1*;+nY1uC})-p6joCvOjx1Z24Yf z@{eEQoE{!#wF|R(Jnv58ws?hjSp<27lK7ly9YFBRxLZgI8+&?Iax5Bff@B&PMn{cf zwqC=hM6Gvdwo*Lr$eylS83%$wg1sg15;nVvJpzXsyJp%V|NKQJCVG1LAISpO*BWM*V#{EsQi|0hSwiYSRGiqfcA*qZ&@ zv8fZCqKTP{wSnW`kecm(CN=y2IjLFM0RKX2_P>)6$Nwp*du{s(VMDHYf@3f9h)+#0 zf>>S36Z_jOR`LD)6Nu^jaUDn2r)x_STz`arKbw84>$a!RzrfyQf^r&gq= z^frVg6e4O42QOy(Y&kbM@fWH~rs}TmT@BA__MD_3GsD84IO3z>Q;ccjp-`X~Sv7TP zH1+MjEAcQzy*Nl0+7`8~v-J-umab)q#t{g@FC+&H&af?~n71Lkt*Hl+uttx-^2QUv)cb^Y-laUzqHK6M99R##z_d^)G`OiuWx@Ac zN5{M-+@t9OnVYnL`h^s$!x)&1dR3j74QyE9(9mZ+b`Nhmu(J;Bl&?HZ=tYac40xWB zWZfZL6IeuVs> zr*Se6Hsy6?YsF3MDr*NVWqrje>~t-o1_{;)#whoG1V&s4nIK<~A3*LP?r`pC?qHbU zF~CB9VEzc~SnN>g|5yQG1}3QOa@NaegempmJERfE=N0^wZKY zCw-%soO|KGlx?+~{8~N%XVF+$MsxwE={3E2Ggqes&HPm}JGtV}oSsg}$?`P4n3Gjw zAKQY|RLTI~w$#|bp*^inrv0V77t`eQ5hvJCnfW(LvAvN=HzfnQ_cdj~&)MCUbnMw*0UAbmpw?O#CSSu)n6ae zF^jYD_MQB$ygEq-n!!3&FREE!>ywV>#8lDL1uAYUJbf&43UU*d;i^Y%?bMZfs-Aal z9dcs>A(RCG>P*q1RIpT+_obJmRC=r$B<(atGntM%x0;7mx%xbd6qqAx>7rM|Pdyzw zzjJfRvcz#4l9${&oko> zK-|%=&-1?Sax?2kN+aI>A*aMzKTgdE>Lhd_Xhr zj`*h++o}*K`sMQ#btiX+9p%$AoRt^Bm6l^9UF3Hq)~eD4OUBGs#5uezRDv+G>4a-c zI-=_nHRB_j;Alj-)L&X3ON&g`9j_vC$7pT^cMeb0_0;y%P1CiF;PJ#_OfRSn%(9U^y zJ&Jbc`6|2MtC}6h-z(`Tq6nR2G6pT4;n-5Ib*h#<6qBt?jwgFTpk&Ie%7yQM>l_8x za?@5kF7-I`9wBa0wvp#vz<&(m%JZ$nlhI08%3jL4Dk5o2)$KXr^+oG=hx08d2!dYW zya@3sq!m6*oo2dH=AK)74ddi$`bGCg@-v)X(gHPkdJg>5^-Mm!5cZJ;+i?95VpU2p zEN0H2DKsnIaIVlOsn)XResu&??cFeL!tL`pWe20j=XF z|Icae7eOwm*g4&$K!hovOUjI34)>^Oqt7vxIVKNzXzGqt8FhgcW_n)fadUWC8W?lF zr*^@%AFtzMl(h0YG6#5pbQyD~7{TFUMPOxp$19lLMm8(`a`IT;)jZmzP;G&D}h zEF`=#N_Y{p4x(GRND-&`l;j7*1?_8QXQH?vFC4H;dHtyET%spOP7bZr5f3De_iVp? zx###%Mz!ClH4pF41cWepU@!ri)|IijT@3odE=(3pc1>%Jzl$aU_HK8ecvH90XTTy) z1(41xq(F^;a#D(z=PIJgmz;A_6i>0tO>@ZvMb#pLsZ$qs@^&InDQwU!QJX{wDJ@}n zB3Km-7`KSe&PaOw*Z0HUIs;VLaAX1|>{RQ}1XWZy`V`2ND{#7Wa&ga=mA2-?e<@(F z4Mt?qiAsIMgvITRAfc`f8df18T3u(1JbQ?(-bW+-RyE1`e<*baD9xHBUAVi{Wp>$i z)myf0+h&(-+qP|2b=kIU+s6I+JLk-t`R~k{`>)&)8Ig#@%Dq=UI|5!>_CisotcVsq zB&}n|{v`yN8+FJ2D&0mRRM)GGCWizu`dGh)Tc4zD_aTLDhAi&2ea8_2PWTtd4~O~) zM}%@9BBK{#v=%dlu?8qBCch$Lr(~Mh2=RPsTNUVVr5N~zswMl1oJDW_(eB^T7w~8cWt0urHrNYEG z0yvmf2d%0kj} z!+_jzD{s-O6B!K(6lxlWP-X9|z9Di_=lIbDf?obuVK|^D;*`LJtThir z;qoS>e4XdCn1n2^np^*jo#}UUY!`?KHVy+XervySbf?aK7NoXPZD#6#vq=@(eaK!qd&&P^7 z@wsggf)rTN4xl&8tHhDgnU~H`U%U;Gdh!GE?#%t?Wg+{Ahm(TgZG|OMoC6PHw7dJf zi>T}G!KeMsix7|Fsv%)Eo!!-h9%EvsePV*W2#ePyrB{F#>_;juMd?_2;!Is!ghb6O z2dUZ9DO*~tcE+`Mt>cl$dohR7=s6?#!7sH<(&+RKn0kfxxO2g(bshLUqhntE2~j|3 z*X%(3%`u=_Kz4&z@9~$G!olNHQuJ5^RS-}6@&G|n(4@`9b5t+jF-(H;m7rdk(DJ>%?O37zu zre{gbZ*6HPrTBkCCANQhAO7FMQ~tz@{0CC{6hZE^hf`j{$A9- zTKpq?gNcdxeuhKs) z0spnnKjnX)@4xt;vH!vUwEQ!xf98MJ|B?UDpV9u%pYlIB>t8GVSKYtp&+7lZ-yd6m zf9(L^-`DovrGL!he@uT{`eXGU`hQCQzZ2yD+Tx$-pF0Ei2mKeI{P$`4e?@rz{rUXA z;*uaWsF~?m@u(SC{@P-|Un9~1=ve= zrU(4**sr1;!bMSNkw;U>`E2d2)9B>VVOA|ICdL8WSJVnm5DyrHPjXsx85Py9u9Q$v zNEunP=T`_O8T%}eAH*oUN5?hecpG z-@9yb_j=)niPrnalgaCOe@u95nRYhMw=8;krr3z4_^Yn3PdE2g;?Mo_YQ3rXNA>V) z=#|KTAX^whM?Bx@UIwkOLdi2QhgQeslgQ+U`zOdL2UyyrvG6N$3vW4>v~j!xGOyM< zeeHLLWaXi9o(&~#0vL&)L_9iu%wZ{@^@s-S6TG+xSS~4Ufm0F0 z0MbAajxzz58zh(5%0+5UUwreH&hYtYqMRogT`HLvYcO%a`_o#Qh4FN6$)Qnr9N;7v z6%KihS*rr)SfV<#r3=vyQ6RhM-Ie?Rh-k=YhgE?`_55q7I*d>VIC#uLqJU=Wv%0f} z-(6#e6m#Ymy&VMzp|J%3-+KbO_DAWQ4KcJb76%l#8L{PQqlTmvId3HP4hZa(01^(H z!q<)}Pv4exmuEM#)=^LwKDyaenEhld^!jhUeS-mP7rqH;U8b|=94YMxFHkBT1 z?eWKatL0;zQ-g~CDU)CD&t2QfZDJ!INB$VY8uZ}ROni!BW z43NTls-Iqb(+<1USMpNr-e(*aS#`j@m45u|B@0pNoiP_ay8T#~53!OL^3+Be<`cb& z(DoF=i2S(ZCF9j;Hjbp)if8bH;HmxLCMw`+{lKcUhG#a#*Wjf?AAMT2BP*wqwSUh!Bo({_yC3&Sgck;A|G zD}MD${&@t8nf=~EYQD=b=SYXzaG4<~$54x|#U5E6oPhAX=wCY=q9i&0CEN26;tZe3C)k$fN6n8KEE{i= z{YY7svr8b}E!^`4mlxd?%FLTMUr91+yuC5BVb%_#M%QzrN5qkSN^Y=mP>;}uIIM1e zAFpohriAwIEy+qT2tHFV-8%KCY~l4sE8O(ZHRW@oZ87JHtjinZ_ScrAVp~i}0osOB zb;V-vO5Q8zP`f+vTD9vj7ohFYb)?I)lNB-bi^Dj%Qujm@jxl{$h@|cf^>JN>5=Y@X zvT$p?O{SmX)H0NdPT+;Eg#(2g0XEt#teWVX2vv>s9C*A<3>7*}5KH2S#@jeVFlJC| z)8xt|7HYMrMl)bxOu(woOp!su_k0+%U)`p2bS`6mXX?H)kP*td4X0?8-KL*Ibx{N^i2xyV)e^lR@5(CrjX`kHh0&{eXx_^r&Xc&OM zM0R0vfVi(5WQ06+{!g^RZZc5e(x^YGZo(;=o^F6I0+_Js5I8U)bOZp<%Px%er_d3a z190A51Kd|-uf0VT;4c;uWeb8P;$s_7xlD*v z=7~%e>|+N`7VMB9z{>{mhZW>w0gdA4U}2!KlY*F}Xm39PHKVq4uv^jExcja_t!ra9 zqcZ&^mG6=G#)1eVqKRP>LPQV&;<`mo(ZqC#d}HV7*nMWcN5JYj9HU`(AAb}60bqCd zqkhX57+MC3pzi*|*auN`Ex-R^GjvVg44?o_$7o;K#X%c_>Cnp-Y8=$_JLb2Iuqv^A z?Cr7VGdoiwu-KctR*O3i1@gg^qLRTW=GZjE_`ny?N~`7_@ZaNOjPa<2SECv*|N3_3 z9c>C-G8A|z=N^PG8^zUWtyE$u7Ho_n1g`9h-8#88d&nj^jfohdR88ojXhrci#7uPO z8!}aG;prjuGzw2G)PSr?@lGml>-Z5f4&7X{2;FZGxYdMQ(&VLwn^um}6y(vI^cKYV zerph87!nSGB~%)`72&7fsJ*h#DPdq{oR`v(^yjCJTC0wI#Jk{aMK47xg)T)Sha(SA zM5hE&k56K_9!33r7fT?jS0KLoz%S*%4y_JXKaH(btsXMEHbVPt6Dsqi@Y_b_OZ>O2 ztMP2)GNlvlxT!{hR@CrQv+j+|+FekeAR*3&LoOEtj0wTTfzu_?Km^qWM@1T8PC>#sPSPeN zVN1+09^5yIBm-_wMEfrt(}A#_a{}ptWvTo_0?xsm!ros%y?$KW5YFM>t_~gN%+l!Y z^>1ipe>2akS?oX5@|>glh`~MuIqm-f=L&J2Y4^;16Yv*s{^^V<>%sBb!DpSv;9%d9 z&Q-vU8OI_8p|d#OXE{z^R28hoW@>ecu$J;` zT&P{svfM(rG2e~JrXG1gl>0}CF`7_sJI4M9nKq1lLKP}7`>7BsFIRqG|GgVszECx( zyteh!&UH#Fm!769X>?4VTV|i@emna%+V!|hw;Wjj#Xw6A zWMF4;7n$J0U>q@z@(5;$yls_u;AT?HW%MV8SC7RysL5Fil$75j$(#g5 zV(XFkSiJ=5^z8)b>5bfwOcD#g5Z{a0+LFHRhrH;G^{_wpyh^i@wA=2_G1-XP54*mS zK8v^NjK-?8!p7>J8*Oxn!iyM*f~AFJeu7FhE;8j?Ua!#eO^-d6oTglUYI8>9BRP;; zM;+}l!a|x06CedT4r4>^DfiD-=_;@60#9Qq6ZT*kQ?l=fZ$~RT9PIa~^C!lIF$Vk| zz2fkXrEi#4f>4CLo0YZyNmx&8Epd}H8r2@P8zqh|^K`+hXZmAHoI}D1+|cZOwZ5O% z$&4W+((2|B=VW|*7V~mD)uo-yi+bV2vFS5fmUieOI$!|pVXN`=jIF~Fa&NRAkKH@$ zMYOpyV(UhSJ%7({k{wZ8j?%Lj^=2%ZXT3+MA=~iOjCACuK~1gb*GxTmW6c+t_aOco z0}&giC@0K2`v}9nfjVzrLAaNU$37#>G`=BL%N@ruQkxj=Z`8vNMLS%_I8D`j)OcG( z!A#cQk=)B&?O&93-+za5u6}WL{Psr8vL>mHojdNqtuauJ3oY@cOO@zEDJ?%gt{yNm z%h$jdB}u3fk8DV|BD9$&y-J3iBz?a%?G3GYOaOX3$A61lnS->9l=s`)@XLCnupqeI z_vY5SW4CZu`eas7>Z|XAw(r#|3*#jGp14%9HUFyUQ{*)}u!~+e$cF%FW|GPd$~ClI z>{Ix2Qu(Qx#9-uS!#l-9o*oA90FVCnrm#vxZajawRg`-t^cCs2g7|Y%+8E%RiK}6R zTQ*`y|O`hwP0LP-o&Zk zQu>4bLHq0OSz(MAWZj^NL@ zPVudL??JL$+ie|K%%0QfQ++3xV+V$|^bP;Tt%EFBR&s75Z@n$ZxEMlc-+&ls@`l&$70uJ-Hlp3;_ry=eU-Ow{7tc%W$ zwHz=#W4Oh$2fzVfMLAct%40<}sg^VveT%hgJ7X?U7bezq(c7|YQCV*RCGe<0;Clfl zy@kCCXnpc6w~Ib?&X8>Z&Vg_N2EEC>w&Q6s<0#3YOW{x990N!FPX*axDmz>GvwWp0 zZZhnInX#!@2@D5_uCeb0?;=9VK@^drU zvPr)My}seSlwfjIjfW#ISAoSD@0I>bM1Zq#U#`5mC|) zE)IguUK+fv+)75g%b!(AoB9a1j0H0&j|A?%Q3O-9=FE{?MDVX{P6JatSCk`M_mFPX zu4y>MeJ7C(aaAO^^wogCD*T0yX!_VP2P`hWX<)l})?iI9EATHmf%5IlFNz1K8G=u& z+tT#)V06zQ58-TrErrrA3sIKuv!)~kM@Ki>x;*Lt7aoq|z z<=e9|@VU7G2bm(HK1Vy_JGst#_iK+3uL!Te@pp1 zh4!E)SU=PG{mSfHrb&#&2<-SabpsT!Jzit@unxeA5*zHP8!vB1>WR<%Ay1}@RL5ua z!>tR9k7j zUL~%1L?H!9O0#MnA#Xu?!CY8dmP_Adp=LBp&~+tdHm+yDe^)3F^rg0a-Bg+gYjkpS z931SOyL#xtj{Tgue87^v3`{6V&{vM$RI;IyDI=nhWI)y7d|BTMH#5{P^$59vq>rrZ z%Pi9{WpAQCKYM;&)_${Vetwpz(VnT4OH-;W{72xBVBd)IY2J<%yC;1`=>CP{%%RO~ zOICKyQS-4Y)NL#{e6PVf)M>BSDh5t`g-)mLUdm$YE}uj62rE0gTUD(K{E7i1z6C$c zNqEymZfC6G6ksc5#~qDM70_=8P-h`Q4*^21Mz|du&xp6oSZ6GvAw)Ez!AU5{HxV%* zhFJ32b3>+Aw;jBaTCcazWSnQNJK$Ie2Xy8BM!)(-GgfZBp&DIe z-6zRp6HhT>^~*|pR%3=JB9PNl@#LnEI<sDd&) zbM|hISr#qFSVrVm1`b&FH-;`wXk2Dt`jUOmMwfs(+ed)pH?N7Gsv~SEv4LWa4rjt| zHri46vjqtz(LpR;65Zct_H@1)3=erjGfcjcu7fjVCTrE>COOk(2KPqt2qp?N`$#5Fl(_tc;R(3GaAq8R>{hAokgOh#UW5Khxr8Y291Je!P_KWU4Q^rS+iPRy^ zi5Ew+b%Ew&I8pCNFHEvC1gspmxPD^p8H*&b60PK>On7-?})n(!DkT#H-)V zNH~oR&b}=%OMZ-Ky|R S4~J|1Pj_h>z)!9kizsn9lYir%m^&g0xB-7o&swGTJn& zfc-96iaKrMIlIZu?D>mXm;hMfaLcw8xzAN}X3r5z(2o#h@(8^p38Eu<%9b>_hyMsRP&e5>87>?^!XkBmJmwbCmgJe7K1emtKfw zM?xm$fn)D`6r(J_jg;Xyn%<3(fAyg?PdjI8D#%@oRzigzow&YDt#!O=$->HtCa4!~ zN*TE!RjUB=1hQZToYy$d68&}wXp>r7q6nWWOfib_J9&@;`7AN88Kf@tX%~41EXTQ{ z9qz1TfqQ}3zV?lbVY#M|@r_;k6?6BS++$69_UfNGioXOLN=n2()>cdVCU;gm$;k3j+P$ETd-~09fq&eD7j|9B+ zaW=r=IIE03zd;BYr5JYOl+W9pcJZWD)sDW_Yx3Hs$KI!TT{tn4C?9S6U#~yGD>#AP zNKjFvBlfceD0!>kOTo#bxZ2Sk6(IPN1#)Z?1;R`51afPk{i^_2NybbSwXp?Yt6*OX z{P8ba-uYioLoSe+ykC*%K3}k>UmeF^WdUct272|MUw4?*UB+Z3_8hLbtE)J#$o2Jz zO~D^pE=rmNMFmF(BezyYiTL^{C28~igJTg_sp3-Q;|O;ocWp^WRNf7#7bI`SZ_ZK0 z8QCp%T2C#(E!8&G&QC6G9fTcSPf`yuPhZT}!Zw!IpU~ucJrPgz*^`hazs4Sotzk-c zOb8ZY4JYqS@!W`#4^a-ICbcr$H7-NjPh8!%HH43dCOLszOy=z)iVO?W7ffjY2I6?a zLXvWbfMNMC2-;aRIlYwEP#!BDr41FX8Lv7wejTP#zD+N%Wc)$|k^b0VD9)9AN!4Sn ze6jr>h$!y0+qt$#uf!e%h^+TP9~BuXs;MX};_7$_HDdUoVskKkhQ0_&%vQ{D3f-tb z=Tj_0$n_&2=}4|jp1RE(qm7N%=QkxmF#u_;rMZ;119R7cGMp>&Tsy~dZ#VZ{p^tR- zXPu^ePv&K$%Ws{gp>X7d4~`FxioCR-Ub!{);zOS}%EJ%m5~~SrbyL~u62PSfss<_r zB=w-PKU8@h(i*#)6m-FmO}x(g%~*NupLcLIA>0fUzx2ESR7qiy=f+QtY*{USbHxWP zTVf6Y^YhE)7dgHt6mPweIMP1=Ux^iMn|KSz)QzmEZ-SwAuv(}yW5z3GPt=W*jL@!Bkkrr6 z8tn)Q4X%!}s!6n&N!pihPH~+crIBVa%I~?QC%Oo`?I6wHVpjz?8xAt5DZ=r7Iz!CfA_v z)s5`c!{{dsrBqDgr1M-N3zPsXth>9a0IW~-lzjC@r8uu32Tk4++6%gIk>V^9i}d@! z$AI`57nn%$-^^OqN%|8Y<9Er$KbUq*aZ^lsZ{j`Y<%Fhp@C&O#hN#EHKc{mOXVy$} zOjqtl!-wh~7_Sc>nwtZYjVF8Mn8nRc*qdS;b%m16V&%(v1S|Sqo1pY^72yNfM_}=F z!iK)zgi^X{h-i>3*Gh^2xB2u}l(d!@9KYCE+Tw3Ga zT*5Cr=^VIefV3M?FbWiu669}SECWccARv)ajy+v!>tW)qz?;!tD|7biwdgOQ!cn}EhyM%j7&8`>BnoGaF z0;uvgA!62>wbWnW$uI7RUC)5puLn!{4*#G%o6oTE$orU&gTOn!c}C27cI%&?qt9N_ zQ`t9#wOytRezh|ca$4@#yrsAC>B9-Ht=p7jR#B!UTNQ&1 z(QZs)Snlt{1AZ#UbKj?`qKf+xv<>(*Sk@hr{CvGv6Nr?jLRa*r{M_Xe6L^Mm80!t32!gcGKa9BQQIEKNb>cq@_39 zQ5Uki+zPGKwmN9(IHMtH1|kdB#k2})HC!X~y61M6jVwWw`t)CF84GAf%rMXaB3dbg zC7#g^bmmPrHr9-WG;|CM*&KJU$ptu%ZaYLdL}+!`P1U--=k-V~^4UG+;C7PwIvyi( zmh3l4#0#*b%66{pfj{6xmA$Qt^TVEU=Zb(Q%&QS$9w|n)zd0xtemqUM8#23@#~aHt z0HIU$3H?rnq3!)jGM+?-iBE@(fli4@6;=BX34*~~luYK8mlZKAL8{X;6(T?Zt>1^4 zpr-YI`ff=$8fMBJZ+-Rrs&cbqpPr6_Ca(ilvePIdt;3qj>3GUdn<&q-F0in5QTls- zckGC!75{Fm`Sbn!yh^Q+6w|;XiA1;3P&Wy3gj9WneJUNtN#L+ZvPr;2eD!3L^gQ|T zxA)l>qwaO<$;IZHCzW4Lv8X4FHIZR$dgKP93WH3Y>_pv4FBQt^MUiBEpe8ZR;qJcU z#c&K>Wbs9#e|5KaN-_P?(;@mZR}O7Rh(69cCP$EB!Y3?r zkvh8y!E-@vO;JWtXP`!ns#K4WFbf)tRrpq8qq&yaJIT_{h;r@Umm8Qz-ZkbHr{PaJ zGM+NlkyI^iQfqnH?%b#-+Vq`f(q}mu%{r}zqYt!N={LKTw1v_hQ4b)yVU9WF2(Q;B z>WOTYrScQs?bkU6JOW>$jbB;4r5=Hy0@=7_4t zQUoD3E!QhYH~4<$^~%7mtg|4J%&V2+(>Q_Z1d~wKnPe`_Z;~i2V6wn&W~13Y^J$Sj z;gsYUK7pD-nzBXbZJs2WX2!S4%2*Aleo6Kuh&|7@Qr1bjGS#)&OzTL{n0}azh{Iw3 z;#?}D%KX7>1T>@t8C4$R#7nc>$nVc&S>+IA8wIs){SxR{e%GwLaALzo7*%qoOxlmo zh{gw6+&449&RD&$+oVn{ou5vrkAaMFf&$*2U9)t@?rfx*6C}Arg>MiVi_S)f;k=#+R)^TX{*`?2#QM#I&&9m*k=!mF5z5IT22ECmM9=)6Xa zKQ;~=n6Eu_I0_@t{1m@Y2iYdTRDQ`yoQ@KKnv^I>cj1nG7dATJpq=3Dnuvkv$K88y zrtiAF1V@KVmL$|lJT=~Schm@aT(xOuQjfV}*a;%MqAyq|aX3r@FN!?N7U$fqTtlHW zT5*(BXHVyK?mk@U+|?)kgNXY5QfAkgyWzrqDAa0^v=vgZq0F!I<2TpS{ot>7cE0oz zFgKRWyWZ4l=5_avqKW1zuw-q&hqE8aX~U~HSU44JtWJQM+_4SF1Fy@Hjb$1DwFOE*(Jr7+6OG>u!V3UkhLizPh8qAfM#d7$k zff$B3c>~RlAs1Amr_FTPm!r=r`i82bxnQwJ2pJB;Su+!p!D%a59g(Cyq}V>wp1~78 zE!50CMjz;@jVQk$vNC4B0+0JV-t?rB<;OPV1(eAU&MtW>wL-_wqL#F9C2%Qs>EG<0 zFxub=g${EK1Ab?{k9#z-u6?T^mwP$25!dcN)3=|mjv-w`aiQW0e& z7aLTkeZ2g*!q%8~`#4qH8nRx0y}r#tkH^q3k<3`f(46rYVUkEcnnL#Q$2IeO&yU8* zZtgH04rgi4RDZtfqtq^rFV^NZI4wZ0^hBlVco{snvu^ia%Wq7UTyXzrUkj(j%@eDc~Vew!HA}Ruux0h^L)4m5w+~3l}N2fNI1nj{3dt zHk5bK_3m4CP4T_QS+ zLDRxf!6bZp1D(t-4??b?OGO7qm?$6VilEki2zgfk8uT(q3%cflp57)7nqL+cCT^BO zX4Q{lr1Y~d?mUTTMR(p$jWDtuLIFUjH*VmE7yd3;WSodh63S|*2YB<~JFa7}RfoUo zW?qK%7GxP)n2!;cSa3=yc~hf7kQ0Crn1f59$>!2seE`K%(QAHvBe6pT?S~ElA|0@$ zNju57zmIs~AyWjlENRy?8Ks-t_7nlt&;90RrdV1w0nkvm`RL?+^(wKdvMpCUi zgB(Kc`U|Fkj<$)SWp(zcPlOS)cDL3YL)|2hl_5k^phAc3yJq4~5y4SDoIe7hhp;C` z>|3GroN?ac(O-VqaRBYZfWEZh$McGLbj0~k*kD@D_N;CX_Eh?>fi=Tz(zh7Y;B&V8 zxuEou_u z|HwsCb;6QAyP|c5RcZOYoInTdnN^-2TW8s#Z>V(o}fQDq0DDVQ7gd5%~#At&Q zzBx3=^LF2Q5^hqlF?&0Fds8~4fTDhVOB?RxB-Z!LcXg3B8TDL3zUpW#_Et~R<~{gs zvim|?m1VCRI?&y}B;S=VFF{k$rkeQbCQqqkKh`go+!HB2GX7~WdvIM0G9t3t-*^i4 z1a{@rQmmuG^OKv=ld{Cs-1m34{4vcvO?*pO(1KB#(B z{W95dXRS2h7W{`&kGv&f);nzAYC?=W0%lVK(49A3Sn?=njw(Y zBMgD;izyjLCETZZFW7rsRFDX!x;%~0kAZ=a=yr5Af2DAC^1#SPEi*|j@j>(4e>=44 zm2dDulVp1mTD`rWE?r&pWYxu~<~@%(VF4P+=d_1m2UlMmbITht9gNd5tYEN z%8{|n?_Qe8_q0Bb{28t35(WA~mMl9d%w2sc3Jk@^C&@4)8nS_Ql;^Ixcvs2d*o>kw znQk*yG4#fr1DgHWZg(DWdP-Rwu}*n0715Ew{v`x8-zTS3oJ+TC%f%JVMc z6*c^c|BKBxHf~c(ltjiUh)A8{B1kt;k#F3;yr<+a6`WuT1_%@CiiZibFG)Te ztWQv}58k#ggBU!qpe2NGJ~?#?M2`QT8k zYJW)SR6t9WAn_(sto=;WxX)qptbFeU<5nGK(SUKUophT}lRIxSeVxijMQ7QgX9_F^ z$0zhCSET&jLRF23RWoPW%voSzofqwew@-^vI zoXFdjv2Qepw)3@bb}_b0wN8Du9x%NPJsLQb$B+lVn9uR|P#fo8G*yF8N@m^wSY8ZJdPQ8nh(3Zn^(On_}a-7Km3oN>11 zlXF+@L;kJH?wa=9Ey*a?rr>Ks1WFZ~S`_=zU2b*DIcC92XUghykNL;f>I++h7+$zL z_#&T*8i6nJ^cwQST(0uoBXLN9SfqTLgCPHTo|1XIw5Wa?2>v*TzHTpRLJScbe}Fbk z^a~_s07tAQH7pxP>Jl_`p>Q-D)o-wL6z7~xVW@(St)+b2C;z5un*d8dw7=C^j>a6m zBI)88G6+fdTD4Nv6a555fAavYyLJ>6!{)qUAQk-xS^WrMWbtr0SB_6a=Egzf@X^z%B*CsMx+alu)9cs zi8tC4cCrDyF+lhciQ&$IBp#ljU-DW`4mw9mfgzYQVrPet6*<}ghWFxTyoYQ+2n_B+ z>|+(Ya?;eHR&u5)C_;`|6uO)koPiqts4P5!a#{Sw)-l<(x^>G%{A2TYgT_j(8B<4L zi_vQwHXOG!8!ft)c3^6O2a}p|K5>90X*Ni+HhqwxNhQ=mONr_7T1TCiH_ zUjS|W7QtWi6kZ0QOg%y25RL)0gJm|&X%%I{a8O~~O6WF@fxKk-6sgFCl1*u2Ia#X+ zVHS+4h$LP!B4(f_=!_O#z5TRgZld*f5hHjueG%ls&xbiiOT3J)VC~)14f`!00wwF6 z6fO$FrURzLR2YhlR2TbwN1%iBzCBw**BCui^u~jE^2h?i;yb=|4mbA3ZwN>`K)bU^ z4Z7D-scA8zKc&=u!yyV8IwZ0H6q*;uusNf&jO6ScEER={LyK>Uou*v%t75p>3ll-+3#d0Dy<8PYP^!S@5RgI^xBpTrzR@A0X(YQFT^YNZt_S$g!K zYR^t_pZK$h#(~Cp_CU$_^RU}PxV&z;&XH_%aP01pNmNp`S_;h=i_ zXmeES#3qcU)MhmyV5JJM^xdhaYDE>+MC7Q%tj1liKCnCWv&u=B%ZIFo&WF!NzWQAd zQV_1m9FF5B5M-5FA()?(ek|V2v55H_Xwqj)>Me{CW9Ad)W9Cz*!*P9Tq;;xETwVUM zI0pN4;#Kd4Rc;3vxA_`=>!lpqeBbhEeX)~$Mg|+x8*=$d(kWTYNDc3f>vSf!rUUc; zx)&=K!WOv6mmkN_KAykK6;JVa2Y9*|YG{~vux4Pu72rry2mP+y&My7@{A4IbxH5i@ z@(n4jg=EE6Hg&C=-@CklLKS!DypQeAh~f-i5T`%a{N9WJ9P~u%6v&dG#17ylAG6}n z88ykO9+s{tzR<|@cVt2lKlgF;Ergm2bsuT@g#d%6Xt&7Sk^C8@POIK%vA7r-zUgr? zvoR*3!`+l8uzD5g(dw@C#2;LIWpHz#c($$97zsu7yawM|1*Y|**qdO#!O1@HSH=aR zQLI^Ps)!*+-djbmQodzOB)9((>%6*kWivTg+o_Gl26MA#iDStH{~G<7<0D)|QR3-n z_ie?)>1+2YmD)qAQvC$`Kc~3NetYf(yP%BXWSeTW|Z|j#wh&czGTb)&igwUXVNhkLKD_8bH0XMAE3=g-i3tev$d8c9q_SqaH7uolV6EYqdY?c>u*Tzen8(1gqqA4kBjOOo!-~+sN zQNb!VSE?NT$M_e1I3muAoqkJTp@4O+zn;%$O*5+=dDlWCvmVmJ=)6PYy@ADW`?P$h z@w<#WLMW(1IQ7^@=CjU_74!oRCnvI=TxJ${Ny*7nEKl;I!jcvu6S4cEjP$&(_&Xjs zHY=*S{lk6Xa;i{M|Jok;WCr%uVR{y~%!Ahqn50Oyzuq%ynZuSG8ufiFHVgn5)g~4( zsd)pQ8|y?hXm99%SL<>Yw%o&qCCzSDM;bbbB-jL*6O>_v*Q>rJAYK&^9V%v-j*0i9d{%HMXiEtXN+_CRm^mW31IKg1s+3Z?MYTc?2naa_Pk|^@CNjG>Ll-c?3;Yu*Fb_REn!ZIMIZ8MA< zq&*#iZ%VQ9adadwUypi|StDD=Trgm*bedl#p}dlgUo6gA z7q&P9qt!gbPixKwF|9FF=uOe2I@`{hyzBrENAn{0bK@LKIxK8-G<|F?{S9YXzub*B zx3=o2Qng|g5{D^Mofmwi%Ducn13!HfE@H&ERQn*QPEAAADU!q^%`x92H57%45XS^u z5RbkowU7=hcytvGq{%67=l1^)nZC3=gRh8uE-T6WrAGjT_L?O&rV`Nc1Q>^m_T>HC z2D;jx`JUQ;;koJ;neVsuc3(daa`QMZcylmU?7i&`bZB*s_WM}L$8tW1985^*9G>7b zFbGQN0MRk+gZoW+h<+J44htSgiyj)M48rt>{}FWGUMowYvlGOwQwrjxC5E~$ z*OZl!jnAEHTRKXLX1aH08J8%OxHbFx`CE2{orxaO`)+s5iONLRl^VVmNh15l+FP0l zx64hLLXMj^&wXwwTDD}RRtPbAi%S1U<+#%?a~qeurE3IksyD%R!MK*ZHu+WYD}$%- zwSo&Ue_lzuP+!Wq${=J#2>5DEQTV4vC=(d>eL+jFW5NU=a`sTf1mpw9PKNmigj+|xPjd7sta*=g4*aNF)Q zh0pC8Y*SAW$cuJ$g~XRfo%0RKuJ6U4hqz2dn>1}zGEbL*X^hCDj6f{wH{);u+iiuc zX1*e+YrNz0&T)&o@pUf_E?YbWA3W^@+TV~+GHg}MnfGw;0vXMX?8qaGNt6(C!Lq~X zYU6g#)4C0dLgKK~kHk*+_*)o0;4@AtgI-v72K>Pu_l7iFWNvT~>;i@^MBU!M#a`M? zY29B9MHL!TCVRYooXfbT(>0tdtyRp0nHPw;#TVukH6IhP-VoNqhd9KE@A^N>ht4WL z&|$S>fXi+loFq+C@E{BIJRC%sg5DKZ4AlT(<>qbfrrdl3MV>ZxuL3D!h$D z)zth=*=A%%AEPs!{U+? znek)lyA!$#tn=S`AUk(@Eg(2QCCH?w@DGn4@am4kc~SPqLSjzhu#VhjDF}g7HB$tv zjzv6=*FT@%t~!@D@C^40KP~GhdzXhaaCiV0J#E?_YJ0murT4eF-jkJ%Z|{*lqf_ zwiPiab$QkWGQeTr=#-R5{^rNhL*FSIMk8ca#n3dMzm&UF zi8Q9ff*=YJJ5Kn?k`0wSVn`^g(+_VsRAgv8?)NmMe{c?y@yWV{tsY4aF-4>8T*9@G}&NtgEBp1z-8Tzo6+t=E@!95?-8U zaM_{;5oq7LVMMCQm^9{IlX`E@C zVUulB3$H#&|ma5J? z+pOT$J<_cgiU-tFuFu<}^Rqf~g{yVP?OX}e}hj$dZEaD6mDyW0N!N5tz=3(mR zv`T$lpPD|88m1`|WLx9Y;8m`@S8(_m35+c?nQxfRnmtdis$dtPb=98P8d3}IyDYIV8B?g z$7mAHBIE0_8_wgOKy_F;^*)DPmOa#8CiO=ejNBMS!J~~Gi7d1Hvz)nr;4qz5>MR_< zS#pZgH>!G4Y?;+HY(JN;_Fu0$d4>IwI39G>m07VB$H*o7Tx>C385~Pi@T56-$GimpSEq=wsqRJ-^};T+&lB`yf-&D@1K`dsgV`Z?-c2Q~`q%Eg4{TRPy83yG}sYx6whjq*M5KEi)mx}DLt(EYlCk5MYwEP-U7 z!C~dqQ|G*_KeLpgr}Eg1?{f2n(*0SYD~H?au%PaF^jIMt+nq82%a7KJUR&GwOG_9h z9xdF!YjuvM`JFV#eRhUN7u<=v3$6lMuSea1Wng-uk+S*boY_tdIRHa5>gP}J+5T&|}$3@hypQ>m+(OO-@yKHmFI|5(M^C#A$8Rh=M;eB>q# z>iT69#*(#pHsh)ypPv}TwHYCbn$zQ;(J`ilA<{NeSHC+gLKgO?NYz$lxn(=Dh-r?t z5kZfF^yxgYq0Ydv8J=IG-1KMI(rJr{8c27}9z7yxO)*%$w7Y?x&Zq_S093=KNp#4Z zu+UJ7&;bmI-|h*+AB5z2G2e#yfy1&=T|=#3anz%SvUbU0_u)rHLyFaBXF_7IAV7jL z!)6H)1h+Ecla9r*0_L6O!*V_M?!fU~A5Os_cPigx;oMuNufBJW>1eF8gBUrv-W7R8 z`nmvl`Z66{Bee=9Xg7qO`#WDl?)Rak30fo~K%Fu$P4~BKluP z5~~ZFLMsC;)YN{r(NuWyw>zK}f$Q0njE^>>vz2^(jWD+~PWKpn2DY^<9>d=oi+2ha zr1HN^Zcp{(lVN=vb(zt5JA4kT8@RyZK=u)P#a-wmNNTp9)+P8zS7qZDN(f|q)7H$|l?8|Lp7=fukACtLO zH0l*mjl!JwWhQ2>?qA@eZrhd!ETEzqv^XYUk**`|$Lpl2wITQd@M$NKgX#LiBdw2t8#?MGf=0eNy7W`Z~ zqBNiN$+g4ZX!dp5$+jMyK1FrGUVie477S{+9v1Qj)9}qO7ll`tYrqPt6H~%gS*|8q z(#5g;5K9)atZ3J~6bK+0h2m31s*SYp43;6FoeejJJg$rW(U&tOULxj*Y}m`dKhnV{$Fo%(9^R0@BNYE;A(nJc7|fSOa#MV0F&%$6vJT%qwBdVh(YRgsIzP;Mp3FTt z4e1G1GcfN>7?HmX9f@UF>kdrGD?52OeWf) z*dgPi;3we4;mhMOUubZ)d?~Qt;mWqA=V^`BFjSD#Ll~CA@La& zLe`B}H0CKAmO}OMWJNNVL^UIi1783-O~C>e2jLYBmdWtL720znI!$mo6X^CI#G4hy zd7Ilgm&XSHEAvPQRR>NETz?PZK zKE!HsiN?ZPg=C2%!kS(xBKhGT#y!YzQFLma2>=T1>YEcgJB)`UPDj@we@A0KPVHfJ z(eHKzVBAoNJU0ujA1@&C{z6!#HHYq~SR?kDf+RGMctM`yVjE@{)FLyrBoWL6}nxqR{`QSqvN9&Rj#2aurf@CW_pbAh(kG}%OQ#WWA9YhIdM^=!{ z!>9c*Ob(V|EBwQW=uF(ADFQ0f^LR^5^ZUeP0*}^za(q0O$FOgAvF;)xzX>`*X=HFU zTTZ6yWxtG>u3}?(WzzJ+(Ef2%=D7%?!q5IK?~V2OIUCTAfQXvSXu8w5GPT0Bm~o#p5_HNtX;!*f*xb1X-Wzv+o%-`kUO-t z`JDq&o9K{E5r`J^x_$jJ79l@l$NX@GZ<;c@_G@)DUE@p;ZT&3$Jeu_>M{cscp?ciJ z$3%j9j%{EO?Pnz06Ym3ihD6uvqfXg1+x(4>nx4;f*I#z{6K&Ds*h)2i_brRmR&Ti< zLy2;(JP(J7-kq6>Y7ttDy4)Al;EjC)+D1B)=?LXCD%B!l*$mT6(<-UAGcd^;S7w)W zO5^;@H_v28_m|E!W5GRYj?1!cD4JExXrPdO84tzbLK2*oNXR3!`cvL znB2S|O({0qB2BQUHNfLPn_Mznjq+6G)O#PZasOlulB+TgOdrZdjhLc)H!wHlhBj~* z!GYV-$hRF9!-OeX;{V#(Uc1fx2(Jii9z^^oY$qb8Wtn!OeV~PzoCqWm$MwdZj4h(I zuI|eAyU@T;dwq%OnqX7Rcbf}ZQkKYWb(!vjwKARVq;?^_*X1zzbhRv5H7eG7V-PBs z;cfn$JG=tVJ@Pu_%Hk_sH2apU(ytIvq0T0nN=%Uy3U3%|?_K{r*k_i>X>6J~^=YbV zloJeJ(Y^*%C9hE1zjwldwu@}ogaYTK09);9>sF6By)?ZwEi5}{LH;tCZZ$wQypCvW zz_MFfKzd^;=sX7(}xfAuqR?4;yd1Cjj@Uk%`*jU zp(N}&3)fvNuBWiF?mZTQ9@SbZ5@pj>P`$s=*VLitH-I5sS8$18gy^Mlo{a0b7Vg zwaRtO^}L>?<+wDyiqW>svduK6ijNs`qGan^Ij@blSCs!n@nna?+M{T#(}0zUG$s{Z&vBkq~68H&`KB09lg~-ZOAk zl-rj^%`Sp<&vsnLGnJb>3hl^V^n0Ltf#YWiTmfm&N#2D7Wm-j+n6nnBS0bDOX&3YT z0zkmaxNWt1R-bR-I|(?7{wD|%{4acRi$vjyILhR*)M3X^u`^;Niv~M5ofGbm1ynvV zFk;TiUK7TKz+ITZ(KF~D(Slf&Zj`lPx4GD4W=azYQFsXp->&G^l-~4t!gwoZgV zbbDsTr0q*h44%o~Mzo@pt%vp=kx{^rEaPu&Cw79*uZg}ytRr{EYJaLA3#d!N>8SPi~ z$(*HHi@{q1d z6j3^_8Et4z@DXtRHgz!s_o483n7PF}QJA^5mcHY?^Zc&86Abj2QHKS1Jzj@6F`P2c zcmh{pT_<$_Iu_PFW!!3rA>|JD%$3?HOobpCVn%@Mj*1(y^L7_lC6r)Ntnlmi`1e-` zyIpWJ4?nM&eU9C!2`_!HW}F48Y6F3LH(8u63>W#q;GBRe1b2?xsL^jUOHlmwXKLKX zy;0nvT%Wyg=Fy~WG{p%cH+Ocx5x6J+=E4A--p@wuF;?r_#CL}l*>+XB-owvtu zJG;$IE##_-80D=U{+p@moZNmTWu-52ui-}=)uEj=8A*987tO@Aqw{CfA8tfK`-&_= zhJ6SaeFV@8t-sn?TLP*Wnq-i;kuxJC3ppl%3Bh0N;c5wfPgo%BUBL)k!r}v;{Q5|8UXIStVft z??3X8eRH?~%F4y(yi3yr05h5b)C~^yux6!N6^#cfg}9#ry*rq*0GQnnh-z$J0$<(p z=&CEPB;Vf(OZQkt|P;Z`W|s_lE_cV{Tbp05j&5YLvjJg{e&sl>h-TMg9qjNX`i`{rxjh z`NlaJU`#kQfAr1R-`UCekcO!O8=Rbvic5fuDH(x2!j$_*0n6g!`b+AJZDDwZ4zCtD z`|RLpe4W=c-^6s%KKk`Wqmnp@JNtUsf{W{5a&tW=J3Wf7yF1|c75xH7 zgpDPV@;d;B6l6-nGnDh||Cwy*xpNoG4zG0(ZBMeKY~ zkN#1ocRtq)T_zh@H32h8Y<5ZVb6XRk0Ix{~xcgjk6i9#2-~-JFT1ufdGA;rQ(Gv}s zs6$jc5+Xb7SYibXj+kN)28~Ak=SQ-Trc@;KZQ{j}Peg8f z98p*vRT9TB7S@m>gSehhN!oTLy-Y%U%BZ=>z5v9Rb9*x(`AxjOiVIyo=VPbw2r_5& zMP^}i^Y|btg{Cj+FAqbtreiA4FotX7Intp1q`>Fs#Jj{X|J^%1;1rjlG#7RChsZ?c zsk-t`>`GLj2dQrq@Zt}5?T(w)oFLJc3KRY0qoY*P){r|Ke8BJa)=@yOr#Sv30mP_h zfx1qfXlP%au=5CK)+DI>%q>1hL`C9QC~j{74gLa`qJx&D9oLn3T<$QWE*qm~lG$6n zr>~KV1C(NTKZ)XQk!Lt{l0+q1blYe4=!|rQCe@xXJFpZh-^TM-Pa7e5ljgK$k3r=h&_4XJ6cM0XIjW9}97DkLFwm$j zt%!v|1Vw12YfZvCj&&iV{!*zZ~z-jO| z@)tpFr-QH;@j|ZqN(Y=2D~)J4tSwtY++1dCu=KjN*kA{OV7jn<;MrACUvr1ZEvN+V>yqv?3Ek}2L-&Wp5s54&aaq!6s@ z&ux|g0^ zfgfiG!rC7R!G1PEvNmpqLrY0 z)PN5u77cY_ctFO!8J>CF(Co?bvrDi$h~Jb3uWJ%lxp!=PUHZJvd%5o+zNY0Q!`F_; z+gUEx38fpwZj=u!+-HPR(eO(6$}UXY5kFkK-oJ?L#Nj2ybZqy2;1VN`zAbF_nU4;l zbuc#v!^BwrnsVH(RMJCorE`&r>-Dwbog>2xMsE!G*u>Vf6CwB6PHXAIkm0%Us;27| zD}IMc0>rPrX|qQt;o0*$5#G?5#h|XDec*6Nh6MeqK4$sdU&l8+7J9tKUb>?@d@uai@$dgFiGePb}AHsILD3`CG++`BBl z;U;XdUi{LD>2A==DL}Z*x1a{BI8!fy4|;H8c&2K`QUy!a3aSsO)kcPJX;@l~#28^w zzqF?8xOlRw;Q1ZXezh<)7IlZx0nR2@!^K$o0C3y?_%lV0qqgd`#)gdTG(=Am-!zD} zf2t{Nj!G7r@FA(V84yn9&2|i~dZU#>?4V8{bcM zKZjJ?dasSyr;Qd@+a0TsfYnvFz*#T%SWr;x=H~{icUro;{gsv)Ai7Xk<+Kc|Kl_V25)R4>>9a z=Kx8y83I@~N5l*4*k)Z$rJ*5Q$h37QCD=*a2%reW|6_DC!98f80U8)D($y&J!Xj{B zrKm=#XV`rNlTwhl5iHE8`)X;BotbzvB8My0C%0Lt_zNjlOJp>fY3@t8zHbjHT9l0? zUtXqg>9HI%;oa=Am*Hy6sX`^a*rz|^+XYIq`=!)a?e}K!RX!RmD9@ge3gh6Nezu)o zkG;&lTJOK}GMJeDlR?PI{4ZDgUstUD>qY*r{EYuU8dll6bf{`mX?vED^^q6A|A_c#%yjKD2=aro8QAYY8$$gs5m8#zF{EYwP=vQAdHTl7b7t~AGMGy^P1+A%#NMMn4bCCU}_ zz$Qh86fEjd0Ob{N-T$S)IMpXX^&)L7taD;>pBspE-W-&h@Y{AEbw@%l@&izh(P4~fE)QpkG=DV4Yf76rQ$>>}JcI2Ty`98;2(AY&Ym z1-J7?IQ2%dje*R{2i*~+C9uQM$f0SJ^TU^jNMf4@)4nV<^Jm5#2CF}Z#yHCvsDtx6 zgFZZRn1@emsd8~G-@X*xf_@LApq&sw=59SSX`%~qLhTNUq%?Zp4z_EF#HP+(f`bEL zfk_H00kj)}QbzK|sBn8d+6UE5$S!d&Iz=Rfhf05^BBq#8-V^nyGMH|m zu~H0+7OHH_y9O$rj(jMh8g=^oU=_(6M;aHZc#ILhK5U!fBH2#7nOwQQ9aKkIcJ zX64nJ2B?JH@D;Svj8btVjYtT~Di?A~Sq#&nB_d-mFzacgl-g*cVm>IPs+h9o^E*T_ z1qXW1lPXAdimVH{7X7fsu&bZ(6!GFq@xx{Jd@a2#WTHt(Qy<@ulgef_$4!6qnx1wt zC$QH=eRzzUQvo_0w!$i6lgOObUI=Apgu&mrHT7u1I+@T?^HceKRozyiv6$g55LFZBT1+AcEQbw+)1)% zglhZY`kq2A19{Pl-K+A|`6qJ^yeP1XXF~7m^EYwFu!}n2^ZAF}ZkBH#c$cpCH`M*J zLln@n5wa9tpX}RCeldHm&U(3%U$Zbz$kb>UUnxs*(24%FOEtqL?d zcJ_E9k2^APsKSqexZFh>G;QAL^`;HBax@iQBq&0dL?%HLk&))}5*JBz=a~9)ys1N5 z0yhO+_0fxw>jAezJF}mF*B7DAQ_Wtk%4qtV0~Ub(L<|4Z2sBBA+-(61M2Un1g8d-? z5fgqQAP^G#<$y$J5F3by1QAw%1z-+9BuL~B14e*F`kNU5{UNDf$Uj7hNQOX$P%M%J zpa3KSi9m|X{vpX=us=kGh=qWKkRkE_JO?kr zkMN1~rwKer|7rId9m#y()cy~E^WYM>!G9P&fe+H379@-wjsRVZzN)M56>ypSr-3%B z8G0G4L0i`hY6__TRY(Sae@HSI^e-Ys)Ddt7oC6g}75T%^5pZ!J378IT2`_9O8IsftdyAngQb?;r}P`v5PJn^+X z4s4@0d0x;nuuG6C;N+lj0Z{^a3Gn1&Q~)#vaX42G3?BR>XeNQ9q@0+U!9|pkwSmOd z=}~IQB!Z8_Sg*)llXK1i8_W=#Lr(pI~WIFy}_S-g_TB208%Zy5=Lh zk#8g%#^HFV&xerbO8UG^m2ybSvg7E;GZ)Gv0}X;`E~J6}e3u4*$?3um3va}4l!Nb( zNRdakF^DRCF&>2%U<*a~be>SdzPuN1kX|2r&hU=XH^-0J+tF`m4?~^c59E&(k5i%w zwcXP{?|4l!wyRT5szk{jliyk%$b3@xb|Rl@`Q-R%`hO8X-|&JzfH}MK zitWLkuXrLt3so*$FUs)hrpMS9VT_(FHy;4L2~iEBh?>~b8O zIB%YmI{t8Q$05d5;}qiv_RTY}B%%8R(9A#4F$AIx`@?j}CJ-JLt ziEL@fTNp7RIv;E2i2S}{AL9J>Z4K}|9Z|622SgoWpXYhb+Hj`;yxaY+^$ffm8g+)* z!e)E7OPaar=0y+#SH%niR`P+UJJ6u?h6osg(9d5|X$CR-t{(mabZQK%Z3z@|>ql(~ zzp}@Jb)F#$n~OID0I})kAT6BwrS#GcnxgbdWBbj|zvhXUDIwJLa~SeG^BqUUs|9Q2fWXcmid zGHgBDni*$5>({iA=~$($cx71oBuqqm{X%M@Q@uf{y8F~ZPG|_cRirjoykA4w6<_Y4 z^?dg#<|~uBEmMEG>>!-DDyr0C-BY;-!#fzjhB-P0shny~DA(nA6(5>bPjQwaZO90F z3sTQ1nUDqqmyhZlqEmI62_;9FKIc(6T_$a21zA7mNeMeeltj?UfWCfkuJbg3|O zY-cba$8+G=qn1M!T%JYRL=bJXBO_TB*6C9CKm;~Hxe47d;xn1IkIKSrn_N5EJ4BdA z8^=;;xq|G#+7RG`yeYsrRXd2@J%~tqdwZZ+G6sEj02)>Vjr7IAqLCZ znJJigq_$L)R&2su24tHrx<%y9+uzEDX!=molK~rAA&iNs_wO{{+#t?7q#}5C=h=}a zzP6kDrBApj)03kaCCx~!b&a-6GDr~;oeD+1{`Ar#wcHPfMvCN-M$j}str;Uz(Ds!d zP?;0NqO(AURlBzzE?6ClWT_=_RXhPX#y27#flbKkBmd!bYQvU+iDGa}5!7w0QJGXd za`pjq9PZ;BfH!d49gk;L#sXC`$LY+gWN=UjzM8Unwkqxn`}wnZL|6aZa7N%8;WMFI z1jMh8-jq`&>=VbbI5r8M0^^;L^VAnhNXZ;cx`fOV+Ao(dM*KwK4YY&%iL?{0$mOIa z@Gl?3E(~rt&^SE$!lzSt>n$L zPdHc9_oXP9>2UneC%T^Tx`p4rdTyK5v30~7_Fhrh0x@aeG5sRVZkxQT9J8v2&5w!K zRT`6NpcVwVM8xAV`4#zndPD1Ro@kr>c_+Vykza{?f2Cm^Md!Lcdd%UG4d zw)tcbHRk#X_l#5>?wmRm*M(a%ZVb~b&&b|_@FmRb(tbE(<>aaqQ^Ql!mme%qJ)%9r zKEgNSud{Jx-~b=H!SOKNT=Ztvp&Qy6UXm1k^JwqVRt+HvhX|ajDB;COD3h{~W8v4SI zafx})>gkrZ-=ha+sdewg`l)}(RhO_#fGmed2N)kI{J_QZhApxwXT}J2ZC#F}o$Z#mTGLr?qREyv{>dy-&%x=qwJW~LV6#&)Y3=zMrVxm8Z2Qk{ zFAInridxCm>~Hg3N><4(?02OkypgD@BDb}fQ=En&SpzqvT5MK>R1bi2AKq{sJHG7( zw$50MRl$_?*g0R*5nRtUpYrz5=~=%y@#Y|P1(j79ejN3`!tU^?V^Q~D2eiaGZntTR zt!{_C{Z$-6Tof|H*tbHuKvH8D1)Ll_o`5er;YTW0Ur_Zr7#~Z9LDR zRh~T8X6Rt_33(>+71O67J0*&Su)y8Qid+C{jt7k+mYc3E2D-VjJl&S}#aD{ZpT~9O z?)vZrx*fngg?l_eZ{|9r1R&A|`;otuiRaiABsU^6yVFPJnIO7e0=sL~t0A%CK-#f-H=)zL53V$ZIiKj3PDz$2FixEO)K&5~SHvX0lpUn~45q+(0> zglR?Co;B9?m8-J{Ft467AGv57GPiZyIH`x2n>bB{ww zIr39g?3TnXW~*kCuQth7lz${E?aWdfHvZI(g}OvniP7ZlSNPGvNHi@qEoFCm>8u)q zsk3j6TauY^b-o^}p}VZBs;SspZN5brWd=7VrNd9^zSG(b2-n=_u}Emxs2p(=YFiEhO2wdsx(7vbL}l)QQs#sC zEUQrPKbF-otz=Dgs|%dG$#=e0Y+~jWGTR0bhH-J9u~n}pd(~<=+X}+;5qtn9x?J*O zxLSPym{sUwl+pC?Vbra8wfAdxlM5qa>3tJ!Lv7hALFAIn97d)Hf5^Coi8fqK!kU?7 z^49r|SF>_q0q1B}FpVHvmt$`8CUKc=VU96HS5mWzhHPm{@ziaNT?rC0o>mAkC*Z9} zN@hTp`7RetG9eZodwR!e4GRIsgYaN1h$yhg{fY@eW(0H(grTrPG&K%Smd8DtC5v>0 ziPvDO`OV11M_dUobE>4)%mUlI+O=**l4O{zt!as7)lQ+sm#ZRAkn*z-%P9h*Wc=-= zpnpk$uWzAX&(;_SE^yI*lMR#{o%pk@%`lK%^e;cL5lei`2sPM^1mr(V8KYq*+(898+ac%wlJD-^ZQh^ zcHBj2tI;7vxAU-*DjU!I69(qUNOB4#Xwi;3+fskXLy~BgqkmrznRntsp%q!{i)9yu zR7a)?s@Y!cQs2*{l@7e3%CoqN<&kv2VB>_auCZg7@mN}oqdrm>NMFdGVb>kpybZVE z;#N~TyR1%dah>sq>4=vWQes)@?J}~+iNo&qlv1toLbVIT2GFWC-$_^X4zN;VHg&kma#B#msaSfImzMc(wqYS9(Me_$$tkP8K=(*@VKbN{qY z(SI@g$&Y*j)ct8I0E*2etNju*EvWL&iCxQG&^iBuIFlN0w5i$(8MswKyFcZoS^2obQg6S+(y!o* zO0|U(ZjXFLl5W|YjD&>avXa9g6I#DK#(N-R7KH4(lyI8uN7Cu1H4~ zeQS5N+%>j?tT>U6>0^-T2Wgqwq`P!siHeHkuOOh((yQJXJ)6fy6GIAkEf8iuR^lXu z8%5;jNgN*F=2vg6h1#|ZuyeViILV@>aM==Ubmg_z8EO^UY<7Q#sluAY^VhFvMxYM! zzqJJP)5g#bT2q|qc5k@ioEsHbtg79>QpL2Lk&nZ_!mp9ry!d;iCS~fU9=RKrVQj6v zPL$}3a(S`c1BEilaC@~klGs>_y{eO{dH7kJdyRliZ^ZCFt@d)GL=Ks)yJj5&%1s6k z&(hH}QX&qkd%}Mq8^CnW931%ND28$(|Imv`SIk;YAD(IqW$C8BTwuxh9aVqaj{fd_ zpGprOGomR9?{4_|;Hv$m86FZ#zw1{5Z^B)uyoVjj0lP4%e>oYdnd>){P+TOcGLb@; zu?(@~2h2tHP4uqs>=$CDE~up@@E+GFGI3Fq2K=# zgd!s==l_OK{69hW{u7+|pXkJY#PR);{y_Qt6>j+V{r@hGe}XFhBLeZij`Vi~;(yNd z=h6QSefZaF{}Fr0@E_2_|0nv}NPnH_pX0@UgsuO(Z0!HG!ha-WoNWITk+HHd{27rk zGIRdRh>Vu)znhV<{yii6>lFVcBIEc!CS-rP5oTtne@e*y5P zrzSm)udcV9W_X{ooUUmuJ3Z*?^8iCYyuX%y64^}muSLdxNpc1w&}B4Omst*0F$M>( zb`Gu3vg}J4rTJw=$IA{ZLIDPdOwP4&PY51pZ zx0+AO`%;15j)yeZVS4hvLF}K&G@wtjj<4_maJbzTkV=Q`69dd>ZgRSn^4N-vG7Vr; z;5baJ!S`b@*$J^>0D;WU@+**L1h|XD1wzfToOmEw2;&TD@Y&_Enw=NBXLj919VQY0 z=I_X?s}0{&#A-8teq=zSPXSUQpAerPX@D&viw}_(U@bh|TTRQbfy*O=(;U3ZY0fP6 zcR3>^Et(tIiPkO4VZSFG67|aXppg$Czd=Q~Y;s4K$emPRn~7vTm|y<@o}$&AV*2zg zjA0(@HMNTOac0W)R|WKj6;MFs!3JalA_3qq4kMo+e<Y zt$3PqFo*7C1lR?Tpk3rN3~X>$3+A8vvUg4Mf+6i)e!|P z407f%jt+aa4nF4l%jpq-Zm`{ay#ob60b&8}UNivW`>>YM%60e;XKBL})_em** z1@n-YkkApKkh)o&r@`3^b#vEBT^sA%N)%2vabIlena zWhxSULfAaWJltJ`UI%|A0EWby3$RrvgrMTqyQ?|OLz&VQ8Ms=`rGX4Qy2XJIPxYmN zGx_upM6%dI6ZvCC^HWBVQ6o*&4Trr}i6_W+k$R<7$^_bew0IV%Xremkr+k+86ID%E zka92}l>v&1$FfSW2(>~s|7-wY07w8p)HtR_D1QQO9$)~PBB(q>ed1m;e;)v(bx66& z)DGohSVdJp5&)22af&~a&uo%~xQhhR6!Tc52Rv<2gRwNQaN&0>HD$*4w7_;06``E{ zD%jNv65pq!1K8<6b$d`adVxN}1G+;flexZ#ijtQ4)SiX>O)7EvCqnJt5vJMg?SB2j zhfK@im+XJIwkq-zU0>d)R!vO|`J!FjA5EuiKVv3s(kOkI&HD-)U&+i_UH|rPs zpKih^P)sllaT-`B<6~qC~V*r}BfM&7*-T_XY zJ%UrN0$tfvRr=q3I`XJ@>Q{F8y29MU0*bNCGXg%=MJSx$cBTE@08)TAK^TB{sr<40 zsR5+`#~B^*MoJhQ=!PpC*o!fUF_G1Q@ZcdVN`&X1kl2Hb>$}|optnD*?WSEAfIeWx z_ZXmd`8JCWFf{WHa4Di12zdkD_np=5q(r0 z0G1a$%`~~n(Zh`&&cej-*)MV{+whsCu0!O44xyva(5-njo7A-=a?8Rn;V=nhj7)6$YTiW=y%QB{?+Ilw9(!f9Jbm7Y4bUUz3m_UxKkrXvJf31^r;j9@XK_kFZ zrw$+_-Sfo&dA9jKJ9OcMX|&~lTI$%uLcvoY3z-M#nhHYbsG73d3a86cA>&mps%{QT z?KRJ;s#2jXVMB%GOYrgJLCA_4bmcS1E=4AN$&+v>|GIo9vhj?6_oYB$jF4A96Qg$K zMrq5M{;t_;TXKOeRz3(V{*4Ez(y|Buh~Y{dDSnz|@EGm6*#q7s+#~ecTzV3vJSJVZ z_EycKP>Ph!JOrw%g2C2iPFSxYPCpz{{s)MDr;F&USBD>b*bQ43C^U&ySpA*YakQyM z?|r2MHpxa$CE zx;!X5@lT3jR|KqP1x#j%L;(f>p#Y&GSXX;lSG!nO+gVpzSXUcaSL<40*iPRzRdsSV z3c_0AfHfJHi4aRUVWa>4T@KOji?xBv@H&s2C@pF0W*i=PQYBvSBWI z_WARK#1{&`i2T$oYw$C;BX%Z2t&f{oo)HU>*h+XMkMxA^0l^cI7^gS!cEEdXh})lx zYFum}f6~&KTr>8KU?min15<9KhpZ(r=xG6-Jdh+vIYIO=l|<|*u1B6dTcl(ju07ng zxMt3c6I^YI)xPJqtAltj&)zQ%?l1R`n(*-O--Ec}x#Uk|x>B8)FWl-wswaXFM+Kk) z=WrM+RC$LBC!#NS0@sD`bBMLS`9Z6NR|7v=QDR4wZdkmDuLiMi#6AFgA$lUdC4LMF zCP)%n5Us?s9s+PmP@kYS=1%NIv~t;!xdFE%X$_$FxdHj%_eAeZU+>D@qJxyw;<`Sy z(23Fc;^gA%p?zNmQyNJBB8NhTMl$Oy{}Hy98C?yW!2`tN0n>WWGYjAe+6Aio%KUIe z{IGLk;(AQy)uY}D(J1oIcvR9+tOKubal z7;t&yRbE)D@ig$F?V;^&ThIvpK3IFd-LJvVWbw}aj+Y;Nsdl^9N8m4?Z)rAxYNKej zNLNT#Xn5#vqO#7BCi~g@p0|j%?EASzB$OmJ$xr)=7(x~Xq{+s zL#mr0TJlKY1v~b*#yro|_3{3eV-ZlO+EE5?B0Yp(ffq;XZHjQfHfsLcO)=ZC@v3=-j>zrvLB)oy?f!7_sE21HL_A`1DwOdc5c)48+KMtL*k36E6S zm>O}{0~q(;&AHiW7>U1Vb)~xw;aM`Z!@tL-$e{P-4#c#D_=*N@k?K)$!7B*BIZj}i z0-}Z~^%u1AKYIY-bp*Zzx;E)gKEq>AV_rz^c*YOS^4$aqAkC51f_en619^N9TZMqq z-%->;bBfsWl^U}j5+h%&E2Ju!I9r<@s}s?;-tTK^~fS;X9RUSA&`z-tGVMgrI)POEVY_{L-@id# zcLPrM1Vgt$&YhV@CwK|y;er-9AYbwG8){wg#l#`SWcq9Jj!R~x8M>X+g*p@vFEH8E zrOA=Z+T8qIXYw9V3R6W>86vcTba$V_3um81I7c5dXBiqHFZ;z?ZB9h1Jj+#C&&J28 z#Z;px=&5Nb>9BOw<8o86qhTf>&CEo<(FUCl36dC=geLW9>*NgGF$CCa}Y($mJzra~+6lNa+2JN>B3FiD%P zr42=^M3Oz)EOjKJyL7M>-)|=+rx3b(*cJ)?21MyV+%e+G{RiaF(qnIr$u#U>F)Wp@sQV!`XqqAV9q^ukN`0(h7 z0xl?nm+f7?*RYF+0iD9;@RYEN1Df^6S58*iBLxc_%0wEMct{RQm_7mVs?in1BC8pQ zJT4zChUHLoh=n>rqSbmwQalZ=M7WW63X)>SG(pB~BahLENq6G-deT3?FVsvQ5N zx3qb_W%uT^z`lIZNB;AN$a$0GH{=p^THH^08}re+__=&ROyMY<+rpPvPqWhkSS3M< z_|P)uj`kn?;}zfzD@!W)isv2c9j4FZs(Q$Z$?_|}BEu=f#uO+psaPE?bMgb!P>v)+@9;nFwnDw56q`@vPN%<;noe#$D|( z)$-Cekse@srTocXKEvr>K2JyuxHJ0Y#9M^dX|8I_d3KNdSt*0mC_<1qV*KO_{ zO!#3mIPDg7kdI$7kt!;a8uHC+9{N=qiwY1^9EU4gh%*|lt&dLH0J8;jPlW##-(7tC z@y++~Z3V1Pc$RBe8(a-0eS@(r!(|TTlf^yYN8CQBd#dBnW6|6;&-B08d#4~@qHSMu zm2KO$ZQHhO+jjlSHdonLWgDw(+jj4BPT$kF_u1X|#C_|Ce#(rIk&zK|%!iy`#P1u^ z_c#~nt!;bLP7vPx6Y#NS$Ym z4gsLwT*4;zJqi7(PObOGN1{irN1-vP70?3{V4koHu-w7%w4Q+y@Op}8ePD4CCrJ}< z^;~vCHe>Ynklm%CFojNWsJ4@KyHYCk;ZQw!_9B9Fey27SK55mnW)4<-P7N&wpwyOl zxcaBi3%lOQ9QXTOhe@v*bKA0(tl@ydKeW>!BT6W1;Mhm(Xt9-kiLb00y`~j$C>7^L z^L-$kZl<50^5NhGVGe;-o1c@0Kwrua90gF$IM#!9%=s{BGFS%WvgJGDz@rae?QoLG zq>x3C&xzTHW%$#wRELo0N{W=P9sx0&ya-W;{*0L>l7t+C^GXrNikLgY;jfb`Q1>RMTQuo5z(ONonGmnNjPmx0% zCT^2CJVth633zxPXt?oe$%i1T~$!1v=7A+lAu>sfsoGlhzgm(XvbC;_-ejH3jxC{v0n@;{md=J0#@4qhVZX>SGAT7NP;K-jbP*W!NP9l*xeD%T1B8MoHR6$wU#)x_Jhg>354b`T z70*2M?%Z(_+zP!xZhC+e`cU90`?95#6xH1 z(s5DCf-~cc8533q*@8O@h2hJ9Meob-XQBUvw%h;R*tk!uXaT0Q3yS3FfJ((c!vF%t z$&*5q*!+5ewR7e7G1&m9i_FhU3SmgmYaeAl3DO{dTuGm*sLYl4LGrp7Oz@amUDN;A zS{lA{;ppkMy9qxXn)$qIss+*6jT*ApBw@6m+Lgondn`juKwheB)vjFyKMOdHNSCrH zky{|SrYLDz=t#K{W)~U=w!9||GT_~((YP2kf8n(Xdhn+7YI~G9b2|HTYY+ywo*ke! z6r~#6NeOE@rY;jlVFF{cAJn;J;uKyB2>@BE{G-qRhoIcrJ)-4TnQ=dLGZJ0|*&+h% z#e}9|o3W|d@0gnE8Uq~^_5SsQx`mX;fS|N)?#u#HvJRe1ash>H@xfblXUH>_6(-0@ zH1b-vdNeh-#_@|#vyEt@v{lnHSUA(GK3{f3MO4v{Zc#`xQ;T$JO3lL&sq1}Wb7Mwm zm`##9hmx#lCp18K+sw}Q{PC>%&ht5(C%U}PWob-llXbbed=^)yuM--_5?`_ZVak?9 z9&bI__gQY+*A-iLo+-b}o`;M>R(nCY%U+6w(FbrH%Kk~9g`6n)<#HK5puxPq%BGycdkqC2ysTleFgW*?}6oVJM-L7Q`9fxz9P@3;?6Rdp6UqnvC#rKY2OA(0J<#!Q z;Dcr|LbA9s^MqFDi_t;_3*E5Cs!O6=1JXveHa34=_!28!4OIWYexTND zEN$Aa5=|^UqoKG3#q-Y9hDI@3DmkWHCv%7ql;#)=RXM46C{s&!$jdbiRg(Fjm-$*< zcNO_(Y30sgKfoJh_UB>8$zA$0!^7`HL7@9#e8a&%lk#n6WcEN?*BRd7jq*B005@DF^ zOEyFdyd%lWWFl|Oq6@Y#s{&LMHLWQobT_=eA1nlkj*5Z6@Msgz0M$q-<5m&BoNb?+ z2K7=v@7v}m-O32%Hzs~nWD5n*o%C$jZj`=6f6+3{&oPEtZB!DSX{lgO%BnnKc`S8Z zaGoHC9E-gY-8WN8tdR0W!%KP2)@LE8zeUKxZ{Q7imY$uM)e3bh`=IR&w?WV;i7?w^ z_bN3jcI<6e(q@2ppu1{CvrMg*?v_Iykuss3c5X6DaxA7)9V4NQ8&D&*AbKEGf+dzg zru1waPcdpG&74NhJ7A`iDoR0=r85^s>%t5iz6b8W`HKS6fdcPsli%RQOI1H~J?FeW zH9BRQ%4J0E&hnkLM`zwWAFI(1ITfR6-M0xDx)Xxc^=y4jZAh6IP0p|}SPQnf#DF6{*S@*~ zD!lvdAUUXiy8BZx#@dVH!wzqrmN)Q5@%1g4UzK^-PKU75~)0M!? zcj#6zJ~8DyPZnnzUtM1gn&7w)pA1K&#k#rMeP|DS)B0ED^CTEIAtc#_MvD)sa>AfPCJZ=!TENF?r8{ z-TJN4GKJ_dAwQKFe&v@v=uT$uXk!%W>|^BHAA0Vje8dXqy@3x10gf1d~%$><-B zT>Ebpt$DmZzrnv-_G#=^-zyO;BI%;>w@2Ll2H=}&!=O6fWmOx~5P(?Ft9hm}98w{W z?SiRc@MssyE{pPL!#RNfr&Xd5>hb94Y1t#7FqV?-UCORLNHfPQ$uv@Mje}%P`Gp5# zWv+Sb2QvQdd?-qJ<{H!&y~PiHVKpLdE*)VBkV|Il`m7JI|T*$nw>;b?s^pZ1`p#07e0m zfMF1sN5!c^Y4$G8t&;8hGfA)nDn5Lq>=N&~bp?_#Y@gT!T%Zj$-j!bNrvv4hR`ZjP!&b#tYnI?dp5TE zW=F3Nuj2!C27VuC5>7)nKLh=0eC$WpKi+%UZ5KHQqjHx0oMi7pZvCq?;tZ9JfSYcd zR{oyu+mTuQ?ke|*F{LLsg&H5r^vS)NsVM?Av;cin2dFu5%+pwD1<0=8de+Ki7R@f;noblAM~a9m&ImGuL;V<+gwl<1Wzecb^5r3j zX!H(!NT3kgyoPZSxR>vnfOMF%cL2d3Zr2+DU5 z>$A&TUAz8bzj$s^SF~Pb&uQsz zd$2D9#1=86>jUTnzuT&WT9bXPWHC#u6lvn5LRra?7BWN`p$DZePeJ24TAGk?)(vfJ zAU2eY=+5iZ`vO_9z)LEF<6f0z*^L{MEEY}p*iA|s?HNPxAmZFK;n9UDK~mFF(u4E> zIVo(We-7m~`yzYbb5g>j?t)+Gx4_mtZGyE4ilEfMVWE)dwo;Tka#D}v z%;v?7W6t{jR5Gut)puT2e%gWQs;u4T44ZkB*G=z994FkZlqXEvJ>TzH%6~(yKpKdp z%(}qQ5bMXRT@La#deV96pR<&|epRhOyl2ij;G4_bL4_rmI%%$&8+WmHG<)3?W=2L- z0((EiO4th8^CLHB%eeTOlbJD$|6=Kv7_q4eU}eV0=$ig(uRaa3E5g)8IA^+Ty=}p7 zhCcoEsy1x^Zre!2gTjRxan5jqc*S z+eMX4Uu44dq5%_3OQ~C5UGhQDZ+JGhWoK*gY4rB_G1Mmyr4Grv3k*30H3fsTrmr>Atb?H+vefu`=lZ*6 zPL=6v*lgu+2`%<_-5kZmfWkpFd7Ux@9!mqB`!!Ubu))CZ%sZ_s1Y}Q@Ke#Q5T~uoD z8Js7Yx5x2EBT_IO9~~{`POx|+vuJ6H26G0`3Ud~x)sKvP!~{%Vss8l&fZ0scpovD? zs>0kyd2dyI>*VCKI@9E^0bxm4DX?W`qjpZ+Dh%tP`2|?V+o^*SsFj$9Qnmr>3-b5+ z*ZN1FW;h2Fe+TdQ=a`Q(pu50Fe(qoaLV^W^j+eK=fr$Nx1)pP)Wx%V;d*yA|YuF>* zPt9$vtNQn{>cA7gOdCcAi8;qN+Y=B4fx#4H;;5OA+V~DxJj2MYvB_pYlGgIgPb@C(hrG0-7%Ee*fVK51Y`b z7q@Jp{*Qn3Qz6Gn*=03inET717@3w`PUHRieJC(kCH7 zdY{iRO}839Xg?r{@YiKT_c(sJJ7pb+mfeX~xb#brO!yaFv#D&QV4tv^*p$r# zczqvd5U+mT$N@6_m4Xq+zanLlLeaRn!1ELq;_BtuXXZ#5qN->5D~PJ;A0`egDHf51 zyG@1vQR% zcu!JJCPq{)FLE3e7zg&+ih^rlQBhTib@32bVn7H!_@+0%yC74A0;7a%VXU7ur!~F% z*D@Zti4Tb_16Cawnz)k>Du;MiF=;2!%AVAN=o1_mEaU4h3lG;|N|WdGYqnq8<_4|3 zu)zwd9!bKV%sUlV$bhE6LTpB@^6vYI7X&LwvAHGTuj4a&Q-z#MHR|1GE)jK*(mpKa zq0hiPHEPv5lrI^q=lm3f*VC>^eL9PN%K?`xcCJz*8G_$1on?8&iS8 zgC1IZLR^=H$VF`v2A2!Z^g@4ElHf98Hbb->h%|^tyU|5nO7Tk$`3dQ>`929!S$0pp z2=L5+_8#82^Jm9LbuX`h*Mg7mn!`nb^hLT$b~dAfS>exZ=ou7E`VkdJs?KC`J8g>9 zMC$^A>`k^n^Zb?jr@=np9>Cry+&$eR3>0vPc>#+;hF^yfQnzTFE@w`K@7QeyB19ShI>t<1TC72<~kqr4?<#ZAR=W?Nc@@tTIat z>$BG=(dq`^_^q}P4e#Hb#rDSv>Is3SwVMLNGlkB;{ft0&63n=-9foW>Wmembt(C>F zNafqDW(ovKMF7ayU;3cRy~B_F#(p9GjD{jiJ3*-{pFHWhtc3LEj|g<|xjl|mO?Oz& zEZItTW#O>b;NDfo^ipWl$x+pH`j1rj-Bk;s=t8j{WHUyfrv&FMOOL$4m*&0rr4Rf$ z^C1a?B{8BJ#d?l&ihp1$ojI_-t9i(kW}}(P2og3uEbqEo0lBHQwzkSSKd*;+WJYrbYWo8%bEkJ#$DVsx zA~qSYu)fuNPcfOrZ8Qme(E2)DeCO%AMMtm~?$t)e#a-<(y&2axzvL)5U121VZ&{;7 zI;l#0Q!YUl&;$vfs&6yA(`;01ZRu08w?nkZ*uae$8XnO0{dLuL-PY^ywRzsG%;6>K zJ2xVS!Vv`;n!OYbM(i>aZO6V8pM2>KYEN~`$_v+tX(G<3k=anWR!eJ#Tu&^ROpM4m zU%7}|6}d6Iv|F@Yk7AlBm##U>7Hs1ZV*GMR)Yaf)`NGFk(VS;@1)6}EcLN!uDZw7Q|o;{l<@F z8{+Rch<*ot1t7-9qZsiaH5lnwZ7*qfM)W8ek?@M&B`mq_7~|OHP42CGoE(mZC82>9 z0j~vrhTAH22r>T%zN3-3>0Hi@2+0!QOqpNxMuugk<%VU_*!-#P+G1zz4De~R5I_EV z*}7Twc{I;9KizsYu2ZbzV)Eud-g|~0*^~UC7roOCQUT5)oT;_8TmqTH>kX`L`vTr= zw=HJa#dwmtn29X~3fs7F5@#JLA)fu5li%-{l-LRpW3KVN}-mkKwxQmxnHDnUf+CjWYE=;^i| zyehB}$=ywYkdHryNKfxZ$Z0U=^hA5$KgCRgAN;c`$LQrJ)2n*p64`ppP?}wqS zOsx}GIR%t7p>9O&B8aIbNXmo~VWn!D8mN)+hPNsXUTd@kY*xGHXpZ^m(|Pam7&DF#-+IF4Gv@#;_bIFUJ zw!ur!!IyRHRJ|BOzU}|9RLx#9Ly(DH3wu&R$)%ysbaV_M;E(KS;j-^ib)Rim=PC11 zmSkTtO8HqIF({CZ&q#1|YPZR^xwXK@-+p9+G0ACNny>)!$aXE_9gO09O5F|ucfwAr z8yQGO0^PXlhQe`!h+FX4fk#n#Fp=J)5`2*H!^z+8N9;H%n8bhlIyd@wTON|-NYkW-~h!jMPD-{7+=rn3=%4^I1yx5*pItMF?*CL!vVGHw~Gkg44 zQP+`@Lmg+t$vi%*Ukhye7xg-l{4cWsVBI3MTdLjM`pHXAnvo1hUp@6bI!?JkD5OzA zjvX2Epb!z@Lc;7j9i0MwrW~xlR^!K0_8wDwyJg`7wtar<(_Jr#)r!#a=IU4~hTsZ0 z*PtPn>PH5I1l?fe3WH(kRYJ#X;1CjIEQ1;R@!en)8D6+%2t2;a=UK3n^s%Y_uZ+FS zw!WPLlWO|9d15ichg+NULh8wN2R z1o11s9YLFh2A{J}5N`T;40*Q*_2gaF=5FrR=|q*OYZL2avj`O=y<<=G$Rjc(_1j+$ zr-ium+1!46IGw9IK4dFWvj^E|G|EILc%m6dr;$xE5u4dgux_Z1@?P+6w8S4Bnr|qN zVvo{%0v)l<`W$9_e5I&V67uNEYa}nid)QX&BLno@c-2>6B zJ%azb8^^2sp@iZN3KT=@-(!tRGHqJPH}N2@+t=)w@S2kXo}soV1_(PXbxgdq0JuN; zF>nrbzn848a^XtsFdMlLxi`s)Va<{zVSS!q+6yR+K>jeQ7br z3^#2&W{A%{H%PKONG{V`wGX7g;=+2-1jd{f^-75;Ffw$iA+!2bM)ab>_4z>RnBLaP z>hn3IgVLzj&@fS=#vTk-{vZO;%8t0jRDGV`L4 zLB_&BXw($ju?MG?1@_y6wn|)ys}T`8Rm-N zkIEO^mT0gTaTFnkkl9tEP?YiHwg|-N^)+@rFgXYPFlfoL9q+!oa))Fa9Osys7Q80r zfZ_t)Z^qmGrs*|%5aM{>g^?C*nF&I$^8#*UNbh?R~<@cl_SN`cRtD2b^%BcRZ@ z2Tu?jAYW?S{t;O;iwv8l=*U48;&Z3OYx-UENZ4wl6rcc}1D*C93-+hC8FfnK5w$IU zdqe;sD>?FdE;!DaJE zSvFE$ED(vd;DoSKgwxA;kXpbyw zyWy7w5UzlZFM7Z)gzq;Niy1+mIY#LmaLB;`-|s~VIAkhg58Smcae@iZR;th+_rFEl zU-{Y^K|kiix^_0gfIbT@INEru3aoECcZg4qD5qkSKtE9N>G5e48|!j$2@m=VKNJ0@ zBAhzBHrMAkm}A+D=x+q%w95Pc8c6$(q|Lue8d(^*{?pjV$@DK{O8<*QnwW;Bh^qR3 zCy~a&$VB*0+C~;eX2Sn%ZR3Bu{9jT;EQJ5Rw((zR8~TA1(RsM$`V^TK(_Q zGg@hAmWoWeX z_kJ*fyPlh#JI3{rn(i{%CpwW|z!o0j_0zV1{Y%b!F87J*Ql-k$k{Vww$5wX^vK5OI zs%B?rO~@3D4H}`%S-5<9s=`8~?Rs=Pj=Ij9krDCH29CO&uF+8wJ{j^#o$hw))Wjm# zZfGi^rWZcKlvYRQLxeiN4bohL_0@uq-?HD>Xr2AXp5ezM(|s+QU3I$7Gl^bbaD2-J zPt9j!-Sns2B*Yb$WJ){Xpq6gW;UT}e2|%tO^jL^gsGD198(|IHlDl;o0COb)!NuJx-bu`Cg0pF zd)n5t5NuM0183sWwp#X_5e6k$TDdAhhQ$iy)PXRnDv>>?HOMtlmP!)tPolY~S2N2e zOeNBr_#-c&T+H%vn(aBDY#x4&Kqvz!5j|U8E+#D%3r;QuJ+5i)qQ%jb9$P-t3(XSc zlyZ!+He>i8JPlQ?tMp7!PJ(A6@i{0y_#5&aM>5D@u@dqxD0GN>AZ?|Qi6;jiw|VmX z_G87;-q}2;gp^B*NLF-oc~PHgyG==~b$QWxrFlc;Jg0<|b=@`te>`ZF3~gD_f+>HL zx_WxIK`s@)P@(Z16PVz10pls=Dd;IIBuP{=PBThLA+?vW$CKq9`h;7|;7CT6Z{J~z zT+iyE9{CM+^O_i~`#gAx7djiCj4&_Gm>r)HPhm8_PCoVX+H<9Ggk1!6maSZsWJ4+J zgmM*z3>%~(9I$GL{&I$hR!HQEB8??M1wl!Ottu(`9C=~^YKeRzQ6(_jKNiqE@LkY- zJt9S}ONPBB(H8iO5Qj??%h}9a&#a;xHi$~31P&{Eo!U_@TsAAdOS}pR#Yv%0k9-30 zg#_uvlV#IE&v?6g=<^-fW!2EwJHXXVy)-J{EEUV_wG$Fk#A$=j9&_lHFusLxAIAW? zDYEWwFfz=DmZGgt5*RB)Iw>aN6CC$JOU|A4 zj3=E%cN&ZSBv#!~?27Y<4cGs&9D?MG6R9*twqjYpv;Vk49-xFOi6isaUjEB{;KD5Lc# zqv9x|^B*@niPs=cK_!#iM5%a!e>SS9=lzd?+VA7$VI|}cyz0On=rSyX+zrufXF|TA zy)j&2Ea5DHEWs<#UEwNVS(B)qK=X}~*88(NvdPS&O@br{`S4;~&k=og6D2_~D6SKl z5yUn=NZvRKAU=VQCS~R0ovWj;Te92JyK`XP@OOQ8d&PVeidW+!>p*W+ha!I6-AjH; z_BBfOz|^xQ8^Bt|9BP2n#(3tttB>9R->=7k9|IEFKu*MbUqrTy`!^%&(7DRh1}h}L zNoLML@ujYe8El)zZH&p^hPERgx;e;QhTaq$WH0%4KSx#$KdTwcPe5j7eQ|O}A54Nl zsAgV9d#-#}zFHqzK8a7Nuj*k*IX^ab+zqbCd77*LBygsGTswyU86$9PefOOKGcn1*ahefgxwQdzen8;F znSX8W53hTA%XPEtUcP17|2@ND16u$NZ^~2Wlu8^;6)!Q{q0W(luJWC1%}ba5baS<+60GWc?!Pmch4lT~D!r za&_n4wPl`uH6Z_N#PlUv(B~O|(8L8>KQ2z4-7SL2i(EpwN^i+sYAsSKKF`@EPV>Ss zqUsmVKEG43mR$$)%qW1$T%!G>Y^}S$Ff;u$#OePmEO+;}K5bnxj*bm0tDRxwFY*vA z2lOVOrgRzHCyMJK526Wz3AG9ie+WBQyqjOt3a5&>O1T`i(z4RCi9n428T(Y|E z0__YuH29CRs_EZZrbFjudQ|Hn#BBG&;O^RVXV^f!#$4TSypH6nvfNdhH7>DEqjZN~ zm(1=-i_I?Pm&{kD?3do_dQWbA^rZE7h%MRdSNNR+W$8Lp5b9i#u+_Pn)|yV$7Uf2z zZ`0A;`Wdlez$o}a`c1?P35;?RJuFTLSU0bE8M;^}KMcLy zWj%iOa2)IqK9{N}RbszjWnEllnJmPWk5ly4AkOs8T%>O!nmrZb(suh}dZ`C*Dh`W= zDG}F(x;agq16Vk9ip)bYp_z}DO+7}g)*#IGx6I+95GmlQpsQi3;n0q|mAsgTs6wh@ zHz>NA5bm#qQbG2KEMGo4JN*611HMwDZ(2GRb^}hRihKUdykq4EReYNRxK})|SKi;b zKe;QF9;WU7PFOI&K37=(L5ExkBgFBMB9|)rO+gR8s*a&8;Q7Yma4q@~sbi@7t1J9h zD=d%!lqGHjrm8A-9}I6`o5!!Z>tEX&K;6wCo+dZH<2hbjc&5KL;Q>2D@DS2myAOqj zn3_O$>HkHY$zUQYC_DuUCfk3_r)uT1(O^I;4kI^b-koLwi{;@ zM}%hCkGN)&UMX@V`JJL59Ovb*TYc1DDX$8@O-N|5c~du~d(9Xu=CtHX{X9#%r5NTQ zE{iu#?exX1Qsgm2;X5?@#Ti4iEfM~VQ-@Jj1&DV!1-}E|^b;&X(HFeAh63*R^CcAK zY4K}sN@ulBDHI1utw(}cWY-FO`#h2dlG`O1ibzwsW5VZA-=Y4DwhdpcBrJ-)hw+O1 z@bJxG4MYrTLwrHx1_gu_>C!H1sNmQYX{?ejQ74>&an9%^ww})Rp`;!cZK-$WexudM z@A)?&sT3ae3?iR-DO*@xreOzUeJec=P&}d{=!hw@t50Z=>!2QL}Vm zO;zUdUY3@z0lrPXG{oOIn+(0gy(B+kM8k!!YR)OZrAl6c zXBz%y&s=M1Mw3l74O?bi8?BS*DrRhQxdq#m+jabv->QB){8QHrH_ZgX4EJ1sCh+_K z6wWaRLka#65nqNjM`RDD$Z#luFI9btvPl7?4baxK@X8wDW!MydaRez^3cTS?SKN8**@IW@EPD9KUM2sQ zQ~e~8+LN8hm5u#Fj#DHjN%%=KW|CH%hMP_W??m#s^abxT(!A&;XO6tF4b3u}A=7v4 zSDh&$h?D3B)#1ewS^G3~NA!2A6ux-1BE82*YVTYEG!E&vPZIjVCRRbEBQ|g0OcH_> zi}4RP4AM4izGA)#2*1M`Wlj8I2F%y+n^fi@8s)t9@ZRJN(T~2_j;PTXl?6_H2JSbV z9O!$dkZn{JF*b`m+5FJ=-agz;!GQ9}&&bDu@2F-E!&c8I=M=F=dUaNuX#i3{t-o}L zH-bm}<;8R+noCWW{B(*re=E4$qyb`b`g@Lj9Pcducs0-b+j|LO!E(Erdno=E_Dl&W zn)))R^)NNBs7Erji+}<6Iu(Jc7bo_-^bpPT@7iwi<%K~_2K|v}XP)H-_NimFlrfw; zP||~V*~AWo29$p1sO!ZFL!CY0BXcIMfdVNWi<3cF zX@W~BHq;afRh0Rhg|@y{b~Sg`lb?8%$*AjKz{dgD~y%qvcF}LGn`~*lA3PXr#LQI z{Qm7?h3md#1BavTz7%l*4bx6R)U&M8#oJRK=)I59M;^Giz=y||!yhIGo_!?6$5~2V zn4q0jUaLR(SU_2o`Nc(7iYM~02n#o22m++xm>RimylZLWK@ z3S;#cSY2MwYhyDdBs1_mWR_=U7ZaTIH=O&tg~-2Ir@VB>oB5!NmU>kEew(IcOh52Ju|VVJ3zjqD9;7rhb1{EJ)&Epilbt%*sIBEG>TE^k8U1CmFkxlco#@t9 z(VRQLG!|>3;4({;lI={^ikH;k2Cz)S)jG`_IX3PkSzxoLW!Y51?N_HgCGL+Yr z9z}B3A{M8#!Vb>W4ljjw;R0Z}gvYazFK*jAXOP3UT;5}<$?QUqb!rc2v7}9$b@L3d z+w}I?dJP`lV!aBNjS2S-P+1JrHS3AUkA1jt>3ifoEO~@Mlv|rjs&UCUfTB8u*e9A)69U(ccVy9dWI?dl&kPh0^(l-uCIp}Dc7ln^$7{gvT=8)RE!WCN+EH4b1L z1zURbeC=7|1L|?O9x!C!w{5?+ffBC=sexMw^>!|RdG3q^E>qP_!)B)^k%)^eCnmlu zqweAmY+h?ll?%!=h<3m(n_>=*wX%}cWR9@HfDVJc8yILqE1EY($Yo4~1U9kXo5iL? z39>&VQxRT`>78}b4aHsd{ges8;ZCJCK>RF{i;HRsf>l1mAdA*G!pLO4Vm}fivU2jv z-}UsZy*ECh9bHLfVNh2_^Be^uJ&4{C*%Wb3!pzfkl={K|hW3-8@7TEo!yotJ6dS&q z`(j_INTFuuM-1zu{2d9e6G1I7#e>CjgY|bvP8qOS!oHThuPxTJo>Q;#{ z-CxqRGNHO_*uDiJfBl10?ka{y*g>jp<9(@ZKYlH~(jZwP?(77_X@ETHR~91E*Xs8p z^j@mnuD)zty%$_A0QbGo#@2h-mUyqRp;kbI0 zDcP7rs}v6@(eO~qhm@UstzZQ^DDtZ$T4x55!^NWi=t_*jjB`%YsvAY+ zx$BWwZ*Svy^NuJz1A)d=j1^PeU{H%IaTi6WntOHeXk>WMCUNDui<7{`fj*i?{;H4D zQ+dUA=x2Ac+#6!C7S33U$w5wnNO%reLK4%FZHeS-J2^}Th+q5yE18Pl!Yii=_kTfOwbOTuipiZw7==@KTaEZ9HUjjZ;FS7Y6Bgr zh5}-&^b=F#e_kJqVc$AN$*pyQKd7j*)PcV*1vkrH{q9EhOFg+p8uBXrfA$rzpbKfw zULllT_I>aDFvw}1MFWU)3Z3>;8t2LBam-PIr}gT8Yao)mx~ht#G>wRnow2i((Z7J|?Ee+2bNu(A zIy3V>Lv@aS#XmX!yHI`BdWaBlpmojZ4thl0z<-=avO(>l)#+RPcQr&R!4fL-EgcRba~ft--&_zPZpSv`r{@~ z?MHWh=KIC#CJHcxanW0xY4IQ%R*dODY>|qz$4WIi=4S5#P%PjN7P8)krM-GW-@c~y zu(2vxLLPJR=TqLay(n%qeF-_elyBe1jI!*}k+=V^rE4d%f7S8-;doQHbOdPR(2LbW=?hvLKY?_4n64qr-?{xjQ=xIXa1j&`oGKd z{!gUN_@5LVn)TnR|H;nT{|&qUCp%~6`ZvV>KeO|H*1G*i<)8Ns(?4t77+D!v|JPgT zO54Zx-zFb@_GDlis1|YsPFAiU4f8pktxwj*rfp@4 z&Xi5owtp{JdaZx$O7N`fJXvP;0OxN2i8W72_m#Wru0^@OvRy$Zw$s#Fvs^7+3v(S$ zEMH80pCM4v*l5?;LX5I~u_KyYv0atrf<-Ai&(QKP%uG>H>bIZpUx*}l zo5-@Qpbg5K#?tVcxKt*E9ooC800&f$$}*(jDVQF$S$K|A9x%CKdz1ol2x8VJ)(5>y zZAjusaZ6Z_3vMBSp=@l$E0P=L zgP~n0tJ@(Nig1P4oO-cLUe4!*)!Wsv3_Clo;OQ76gy0@fSP&9+hdwJDf8#?asl>y3 z)NBYipI0hUu)SPZZdl1v_Mmh-Cm$_mdKr3;4P!AbaM$7#B3}=s_~w}VAm&|SLoh@U zhY);-krKTivips}Gc17rgH9rjgS5wvr^@nVonX)N2BAhRSjRqf;^az67lT35UDoBy z6UrjFUMu$Df*Ro!9?I4g-j;@iMU6~vA@igQU!s~m<(9|>P!xI4v6Iv~{Z*oSvdTKO z9pD-?L6UC)-8orjU7qh(8R$FVt<3IApqw`*e}ZDsBjNcsqA$idzhIQfjm*Y7MOBX< zqPt@uug-gXGZ58siB3uO7`%UzE67?ON5&`knQ`Gyt83wGdYZCMB6I#KM><_{Cs~~^6i&Ig z8PvDIHAyu=k-KDA5QI!JeeNw$B(V-`xwsqUC_khZD37p4IBpVYj=lLWJifRLO}|Ex zfi=iLADJLXJ!VDnC$V*^GBk3j6i^c{ff@gWmojvbx=J26UorL^NFZr0f)DK_zaxIB zi(CN0r-@fe%m+ou$HZc(?;_*IVN;(M_QO=8`F&=ET5UIDkrgWTR-F0@tZP zJ&?juB1;7$Ojg~Tf#osKN(yq|~*5u6`1KSIO>PdXZOXiCWSkH_H2C=gxI*!rX< z%-Rz`v*I#~GAiITT@ZY;VK6o8ROga5L<2f9&sH zRvGh&d`1rkFGZC2;b*=Q8WE5#`hIEp0<&)rHa%gWX92TM_pR=38=O$`dyaj1dG(BD zOaAMEG#Q>m!RaCtSB=CE4np1JExM6H$mJ<2eY4tfQZL^kmOe&S2S)IL=9 z0!|UdP=eQRiceAs_)=zKUN5fl6@5HCr0VJWuy4aW&M)`&n*`U?H3a@RxNyJvTshYV z0Ed&zzx*xG8{`E(;pa38W~is>?Q64vSaiRxx8b>Nwfbq;DzodASO%UwMti^R&{<~R z@%!0Q_SG@psM|0trDMX1OSsfaJb3zA`6UA>Yy7e^+3Z4KxYMh#z;`nXaz#s`-5oF^d4ba&s)1WOK%txI$QJ|=Wa(}VMeww&T-BKK4CvE#0o2zK#fsW2U}VJVdt=Bz0xXfyN-v{g)W3Ez(sFEK+tAG;3l;$StrL6KL;9*p85(b zF^}U=)>g$$RcXL_aw@jJb8YsgV*INo;t2u&RSsj{Wm3FsD^|%)5MwlOg`+WU zYddFpOLhZvGhE*u%-r>()28c4rb|nXBYR`oxhwNyvw5n+%F1OyS!N+QW-&+1>MqQR z3CzmbAA4FJ=Zjejiw-l@xtvTcKaE#KW@0gURtZp6HLl{EoRVYO*map4pr1UrbGCDx z4$z~Tc?FGNA!nbV+PIYGCCp)J%xiKdm&qH)9d{e&q?#$G?oj!r`r_vr5rSV!^5xGZ zAV}8PuS@kjQ{?e{~XN-naChv+<4~rsrYgEDgWmEk^ONEs12z4!R_78-}m@n z`Lg;}4QLeDCOAm{I;>-`Hx{?XTVhkgM8SMbhA!5u#z{;SFP5xk*}u>U_KUTH5welY zZphDu-8cq$|l}H#HB8Ebm3XXScA%NL)Ziv)3%N z8&b(TEe>I!XrCX(x!uF_C^)!ntvm%`yH?e(NEeCOsFxvVp~R=jT~wm?6wYAr6%d{? z$;ZhS!*=j&6f)#dH1sqKBvPlZV0oM5GL`m_*_u|Pxs3>=951(F%C`U?>=h1yZFku7 zK}O6yCaJFdrEo$9Sy(`(bugijvM>NH?!)Li>9gpAbi{pyafIcB_J#a}@@4oxtz4+gYS|e7j$~kjpWo1=l@SJZ}NsO6-}~BizID1JRqoC(b9$r_86zr;3j_ zUlCs|Un$-%xYOBFxr?B;#J7Vt+-|v@YQ8GIqUZCChw3-fZn4-?x6`dRo40Du)E z2vU9xw@K0KK1t-Wg~HpBNvy1dFo{-G&(3g_+Z42eWSaXsp6u3L>H=8ogG;C;yYqH3 zA8a3NdUAe^XIM0Jb50LZ9V)BOi@0y;XRl0e94?ECO}Pbn+u5Ex~ZN?~)l;;nOnnm_B8<`|?GSWd&t?+kz7H<5F<03n z-R3{jhHaW)IBZf*#vdKsxm$PC$C-}|o?uCQu$Hki( z$X5hHoMA7gwVzf+Gug)4YFJC|(7J3(og9OISp7jSlqb=b&eJ1sg522khFk3C@Ym`% zq*tWR`FN$=cCgvn^(l;Jd`|J;1LbE*PAT6c=w0I-*WGAK9nA=@@i)TfCTnJo%no0t z$_A!ZSattXT=g331}_YkIigOu)1x7G#c?P$B`Q>P)6>yNn#-%vs}$Gw`w|NK zv+d~GgHDz)vbpVwn)gM*5zTb|?n2236kVB?a;Lq3jEaefN1pXx@6gwiSIOCIuF|5m zvO0Xfrz&onAImhOy+{w4E4OLVgU1GYhroIyz{lnS*>+9&kIzy(zekb%4$|N51!yNSQ@B;aAP;(y4tJ^2D-~s=3&%$ z9_S%tss$beeg@RLN#z$Q%0V)GR83F@kv_%W z>jW*dZHQC&%Du##xzjv!;72Tz@8~1(v95vy73+jkWUqnNvTDDvFqAE;RW7|z3M<3q zMxKc?7vPc<2xA6O4BN(vL1Ws{!u0cs2^MRv<@jstE+ImmOWE@u>_Qfq*x)(Mm?hBKcr4B#T-*!%t8W z%~{IFE~K)duQBcxBpXbZS9)IDBc-lV?MKza*gV8=K5*e~D_<9%j}}&z>)H#~`l)PIqv+0n zxK@PT4b#6^je8X&630O$7ol8v3KOGJTeFKXi6@t-9@E?*E}K`X!qA~wBRXZ@YFoeD zOSaFLmFp3Qa|q7zdbJC9JU3YRs;pXA0wW#q&=gf}i=Z^BN}ZW47G}68)LwoESe`lZ;8mk z9~-b-5m(NLqhC(|CyK9)0(mPTf}}s>$+l)zDH+U$dBH+zNju9_2QxEKX$7sScDwXL zuAGtmTD{~Q{jlTBfn_pSj`$lL4zZP5;R3UuGB0Q}EYV)c8JNh@^mxzmElM?vaZ6|( zHwE14SB5>YVj(3#-Yy9 zLt{Ib?JqLsrW@rYa-8b9U0NlcVq3Y1HaOY%TDD9t*h)Mv|LgYf3v$!zp|e9(%NK

    4+6oteI<*@EamRZdqOh)|%9ONzN3XeJb?y&nYx-vMp@Y5m zax;8>Dh2uu%)t2uL8`4!@&Uk;*WYLz+atG{lR8%w@Kjr`u*6 z2?Zq-Jib*1&dufyhSgvWUj@q{0z<+_B+8%$t$o@!;?}8R5SUo--uV28NN!Sg1|nJ& z4+$3S41-!|*p5$v;pD){m&b?jqjN7Y<1z9k6>W>g_D9>Eqc5tFu()2SvoMWr<*OZ6=IDxwD!hY2-u+r|V0JJ&YT^+PzY5~w zhjQIS7Ze2Ob=^$l`z3<2H}FA+a+SKy!nXD0W>ro0a8G9Iynw8 zOSht7`WXvzg|!<7t|5{;!OHdkx_V49-S6XmtH{a*`c6Ws5=tfLqhtVerF26iZhpH( ztKFZxDY6GzVPsy7=LdiAb>#zCKx@$aBZRzlPpEcIBsdI;7P*=@u{_f4*%&5 zcRze36PJA#s0y(T8_;8arXWtdeK>gLLLn49l~%S~Xwl5Ikz(|sxcmkcbeLxUqlva2 z>e8saPnBlCQS5X+w0@=70A&jw>@I%0MmU{8&jd*=BRy*YS@_L=RmI{Gj z%=A18qafxrb6aGrxWbK>dA?^3LLwGU5l^aH5?*9cg~+}G;sFa{SEf9$4>clq{#=`a zu-S)4FxPTKd~5lQB^1?|f6RJ{KEt}>Yj)o~m<(6Wd5bo;asY_6vBA)H=PuSxe475y ztY}bM`(;`Tn8Ro&JTk9`!n!eMo?Yr*U$~SbWSJlaHa)%p6DZI zP(*lSjiCW6Vs~@(OFew`wZG`_b&t786UxaE<@N}Zf(>ted^ZtGew-#1~GNSmlq1syb7&YyE_LFMzrOG;0iGC(fgXr;U zo8J^NH0dU_1!U;krw$_D*BD<&IA7r>!fQ-51Rbc~FIL}3_^lh6=A1_gfXVVYeVHkG zj6R~cM>4L+GqmGQQ#rrKsOqQFrI?xm_kaCBN?>F%Lz_@$RZfcSyo{}dK`Ab3fY#%s zU5T?IFJ5I)K72a}7yx1|HSTe~^7fFGsPU9dK(3rg=W1;;|7(Sc5JJpBLqjB!J*db{ zfxXbqaK=<>df1UTc|rxM)VM$R#YJhgek>=Mb3Uu&xM-+!ZK#(W9D@mq1@MDGh43HerB z1mp!p=q1)GDwTysqfNZhy4&%HrBd@73qYEt_kY;XXZR0}1PdGUzjpK){+~p9G=+tg zg~a~xzxn@(7s2pPUc~={QV$~|+ka8&`2!{vmVZ;@`Lor}z`^jh;?3XqqkzNC{13~2 z>i7JIV$MGS`ETX_hJV@r)yBW@uSkFJN8RTS{whQMQNv;T%lgmnzrE=HVfV-5kKWJU zwtt=f+wY%tf4B3;@1JE3X6Api_0RMF(Sv^|5B($dzj{bd|DSsLukxSxf8kI4U*C{_ zV*l4G`!gDU*Z+qf{Xdk7{%-T1_@7mO{+FK7|Db#HUylEEXa0-*e^DZ0`cG;||5wL< z(=_@=l>e9ke~-Zb!T*oVe@Y56{NK<-{@Zl_JCXHg+WuQ6i6F*7hT{{P^HRCRmkD~q)7>8iM$b-%m1c}ln~_;6)Ai(`t53!*|CHh_Rc z3onEG00CSRPVt8-081VY4}@xqhP=unBmji&$AHIJF?c9Hpk;)uF-mek9}RK#&F$C% ze4O^$c^;*cQOVX)dEVBX;c%HLS4u^hRGT4DU62MTnAYXCqL}{<6hD({q|?hMt+nwL zJd{YK&TeJ*_}zoNk~-b_P$8ADLJ%K!k(uE;r7fOf?nOmeD>%8c*O)Qqs=c$eptH2SFM;}w@=dT z=L8ogA(;D=#`p2oD2U4u&==g*;%@rlA4g@}0t0J>BiOWcMBxa1L00B&7=T+Do{E1d z${viLkS+*O47q;+pMl^?ge~ZfBR~qmK&OI`f^RLv9)J&(E-0FbsTz6&dDg~;^XUS? zdq*P(7sx*l4h26#G$p(mTn8htd~usa0G7npf`mleBHU(MV(i_6K1;5E6O1&;U;u=(?#BDhyL2?h}ne zJpFs93yGAvTIZHVlg+C7(~q?ndk6vj+}&rjCpAYLuKrPM2b2NUU?GTF0`DmNMx+;? z=p6^wEcR8gB7l5I1Jb|ib_mf|#llgZ2u9I)j_px^jPM9mSHVx0!NYMbefX~%pS@rk z*)}F9BVkYZyYNASofQ4)(txzL3t*o_H)1{d%Fsja-rEkyLq$F7GM{Of*1ELfS0ESBXQ-(>9!KHtQVV8O*wb7p0GG`*Wq-1Jc1V5R6mX6gq$kok2y< zAPF0&USdBWTro_0ttMwj!?!Aj@9zeuvzuNu*0}>%`Ghl17LKhf?lIT3B{I$Cj@fNy z@}>#atLBe`ny`iDrJK8ZJF4bBnqE=XyP{ax=8w^BX7Z=knly?{G{K{qVgQ#2%Kw^p z23e=-MLuKl_ITh?`octguMqA71Vgn152tFFl;s-Z6K4cDrp+g6B(?8wl$wl}+)v!L z-nff5+^^^YLm)hG%$~S#9=Nei_%(uQ5%%bNTEVy=7|o4yu`-^Q{M!EVA@oRloWXVo z#@!q{1r*WL0#li7T6XGy`;@`AACWwKl|p?h39q*+J>$C=iy&F(<}Fo;bTg_mN-J!+nLybBTq#t(C@`M(!!Bb{ri?Hz^-& zN(Obxd?5K4LM~heDmUyTW~z<7ie)eTeNY91X&`xA6Zn8e@B{nkq`8pfm;K$wQa?uvyQY~k^ z+=}XuN7m@8eSw3tbmjtn>h_@gI0pQH$6a2_g%4f4qawHaIxrXi_;|p1irkH>aK!Bc=KH17FKdU3St`)l&}$9cLmu~==Y5#!mT@WjP$i-{WCb}}r4^B3iX zq7{p~^4_X@N!as4d_f#LCJ&L?`^eVx6$_jSK2joJ6~S=%5HRsjU6LTM2TIS$=Tj9( zMHO34ts~M;8Nmh?PaNDmh8Co57i%*46Exu0-XN#2(Ss%*`_Id>C8xrrnECT|h?r_N zJ>H$2b?^F$t8|@Ns9&lC%kHA34 z`K*}RG=0$)9Jt$T;Syo!@&VnCF1ngB0PA4|#lP+8nw-hwcz}z2tblP5RA1t!xcgMH zaCR+)_T6^u)cFp&BbY~`t;PQqM|rKq!T#a8fKyHgx;ArakEmDQU_o-LMu(pMu@cN@ zT&+G{N{BJ)vF-OElzgsgvn)=l6>Bw}%U;ubK49VE1r2t{`m;)GJ8zpis<@-@#GbK{ zj}iPfGSI$-aJKT$gH)+v-)|JOTV`zJ6x%<~p)T8!pd*lZ3935ZArW1@zsLeT^lb5* zlR)ZLq@WxZ$GX5_{ntD5HXIJ=ICh{d+hZsSm6E(AwQ7-Kx200nP^M>C(X)dCuexVZ z>{2AVdgd>Q1q7gl17e+Mgi}7ATq5uO#i76)I(H7aH8p)_oO1p#*oG)t{LV1~$Kad+ zoz8K^cDpI$ENA=|rf)i3kK)xTZZVL}N-E-2oLxHdO9HAXba3*FHHdo~r?ae1oIbvglhyFK; za%}Z+0O>J1^*MG$ZeF~^pZ24uj&QGO+qUas%w5G8EZ1a{m63RFSNaj%EE3liW9^VEbg*X3s%qFwHz$?oSo zMKPD7wLu>_U2@e6N$hCaV`5ofiC(E-=72bJ zWDPv5e|Yh$%SO8&0DK(Bfudh`-aZ`g7k*An=px~w<|6y0Fd>n7UZ%yPzv8s#a*NrV zmP=-yK0esIv9ShD8}}OJLbye84YNTv&Rt*_Gqi_rOMJ=bG-c_E(-qvGS$5=Xi(coC zo?bjau|~@nMy<9EcpIeOcsa29A`O$?f>~rcH-3l|&^j>R>P7fHBR^IVp#kA7=RInT z0iUh`-eG#c^~R2qDHotxj>;7yaHi|V>@+{1zQJz^xGi+MPhLDAy^*98`OW8IsA`fn z;s@i=0*S0Sil@0XysuilbkFpd@e%Dq&g!|Ne=(a(r1 zs9Iz;33)1V5@shPMdI@gSo`)NHvjCn+RId_XOl1 z8KGaMtFyWEVpT88KR6X`h=UR5m6t`z1yH8omFpNXn{VYi7+0H6^`v=MZAoAq6Gw@Q z{~||@bl6k5>$zcI35QF76J~mxr+sRZhoXMzW>>BtLfGTIYpRRZ6?&?-6rAG2Vgrh$ z%aik`lP(Z>0M7?EyaDYiVBE7i1ZxQImg?Xi#TwIb{>dJ@DH(ZYdB@=atsGCLLwYia z`^Kn+-$Ku}C6(5O)LogkrX0607SklqruLQ6EvA~VBFw}=%N?@ZJCcKHIi$1z!ik4$ z52GQL@>oTnCgHM=<&2APikv`{1K_4bgB*cSv=UG$4KB9~WQMq4IDFxeZf$)|@ovYRyK{A^Tn)ytZ2TM_xgtt zQ~Hh*1%_M>Nh~HY<0SkjcIyJ$+)m}VHfz3F2t8Xpz(L)Q!aRc})xht~qL?&pi!@ah zXYr$50hA*XV5!I`Fl5w+>lL<~+!Zpmlti5A$g(|oQ&IZ3t7i`$3)@sBhgBQZs5N8e zu>^8@$v0IoF_wzz`VmzIRG#ZD-w#esD2ztm`1#ceLaSf37flr(JsRY1Dl#xEbgwcp zG#W}=T8WgFB;}VYYSlk0sz*gdmtZ-64{-LiMn^AKR_kzT7Y=5+tb(y4_QO~<`+bQw zC$m;8RTt9c?kH}tH|Xhgj2hx1;4rLg*3zvRwE#2$SU!rRUgh`XD}$%idd}gBMzcEC zv%uqMY-QjMSGz~YDe+jzTKx`jSt1IG7x(GysdgT^JRPnMmXdVnhQ!G4Em6Upx17@} zr1g(pl(bcSe&E?`s23tYV;iY{gPXn6P=}y|WNtx%R1?_*3bY=OgG4M}-6CBPC8}8&IRB+$pzPKx9o*@oI zYiW&AQxQ!hcfy0YHLGcgb`)f{HfO(PnIkP8w7LW#hGqgkCzf_Wl|n3{g65mB&)U?} z+(=(xoOwyoAV#MfI7%@NxW|4~7@^Pvi9AA{PTsVR50zp4^AgVwhs(*mQEOftkUM?jmmKmf`#szk z+cfs-D*$Qi^H2#Fo9G6Fn8Ax@Y!QSnAy z%5#jjM{9Mqhc081Lj}gpAd>r}ZBJ+qLq@s9d-relSPX`8S{52kLHh+@Sc5RI*gZxt zK`O7XDfrBAaD!;(kYDqU#+Y7#RmTEj#2GKh8b3Ydc0JJ-WPS0@Wkp}m^AQao1pxw1 zmhh(p{jH@)3$Flu>2m6m_{8Kg$Cxc7<=D2HRXpRh18)F!!-jg}aU4N4qA$ekX9>(3 zOuArm8dZD)H)B5D<$19@;P9&lAA|f$4|)cWtr<6gwyYr;2*$={2c2w1cR#04GCjW{ z&0<8Bz>5tbLx#=+hUXNAbcByIb=R_?unu zkB~sCC4*UqN~Zy)hlQu+cB|&zE{6iLsmL4<*ba%|nyB%JDQF|W38Ks#nL56bAc|7S z$4NQnOdSa(597TN$$SU~pTdY$A$ZEdkrNRaTn zqWxtxWkloW54p`vjKzSRa3O&BC*!WI9UwF|=x2wSFwJ4)HGaEc-6RADG))t1TqkWo6ft*W_-&T>We^ zjosBadtD%V8+nN>Z3VXkss-2U|0N5{gMy3sMX*2F!Pmj8HC{8LoBXN#1XUlnDSrj$ zvpu$v=%?UqxRceh@izRfH~*~{(lVd~{8d@j{j!e8c|%uxKOs3;30{raRo`GVrX-|` ze)lTBIQJzq3ft{*x|ffqO0x*9+5Plvz@%R+5=Q*f8^}IZI19lHmQdY!97BcOTQqTO zRu}~?Xh@t2-W{n550U;MgNM9xbaA(pIMv|jY@*!{6}(hdD4Q~wCQBVSdiNwp;v%oM}C9onWF4I0$H-1xQa^5 z!Y2lG!*4`rQ{{4H%8LtdQP!b1u$eu?<0*F1qJ{YMhV-f#I3=b?Oa{~Q z+^k{|XY43LlA*tP7g~HCV+{Sb44@-Tdu=lFh&hnh?VKHPB3VFJgw zSJk$4!`iel0_4*-H#UvO!a~-hYzu!92ut$AZQa{#-SIM`(Xh)WGkZ-h(s~DK*<}eW4a84Qgt#EJ|7hxOG)mT?KmmYTJOA4y=7H2YS zj_1lRo!Xy;+e5h}w%G~p2IrET=GyzQXAcoH&hw}pR1EQ9G!Zmfh)SnO5foLCv_LA+ zXJ=#`M+UoPz~US}Qj;1u1%?JY3k!h?@#FF9fuRc_1DAm+11Rw&ft6A#Vi{1jG%8@u z57>SqiU^8JmkB-IlSQ?dG#cjAv(K87%67g6LxSAP4S*pC`xH^gs6B=>QjMCEkk#>w z^J>Iybz)B|lFH`=7}=Kyh{m1kK6`8jIL>*dviI(pf35u@4&CM&SS@J95L=INxa!ZkIKXB)G~=;T;Bs{3NPb7!jSQ zy1L9VmsS0V-)ZO?Hr;>NFxGe5)CO13bM zZdk8fx`Jky!@RbOV7!)i{Marf1)ehGXkqv{Q#t+44LqyYW;~n}3WL^6*X8$i^d)Oz zyA|4#h^p#+{~iKWli~I_0LnJq@q4;^rd*8Gbc?lNejwC66ouE}Y>&!PN2!F}lGc~e zXpd3tIacE;E2LG9_a)JycT;R_j^4*bwspl-Z*f=+*?wDl#YuYtG#A21g|1krDOJ@Y z#Vhq)^-)iyZsuLRUu>w2<=%jFG^8Q`FlOi}68Z{;hQxA{r=-;fC8@&3V zmU*EeCX;oP{ua*Jw!7-Ccg||Sh<)mMvaTvF4!`PyxX>??FMe|?P`dD+z{2!?5|u|| zYy31lGR%;gd@)W%MeE-soL^wfwccfteLRaXJ#&&N=RFw~DITbQV^jTn91-cv&EffI zes9H<{K&?9E5@VFqHlez7><~mI8QGeor)B-kTLxJox17y8Pe%Go#XR-?#1d&@9dvLDV>MC0kd(*6rKlBfe#_aalKQ<*Y^HSd*sE9lQba~Ka!T1 zC{%CVH(MzGcALVtBJJfmt;X|0UTlKy9eqy=I zTNOJXZ5o1@8qwOG`Ux#MA-8IAM6+xdyGWqXoK@pD?65@~P10*S%?!VA|Ebd&bls4{MV4(= zkPWR2GlZyR3JDZJWQOP>>^NdQcjS>%lxZR^Nyeg%;KE|6p>g}Fyi>-cNb(j;vife{ z%MF}TSt&P$yg26OuHb2)HG5QadjkQQd&T39Yfk1iY0ME(`N!(rq#ANH zg4>p6POIJFB@Ky>-E=G5CcVc;sMd(=_Afr10nE!9oqc=&RMfD&#IPxh6LywTA5R;{Gb3=@+2av5K z^<@#eo&H6fh{>BAGQ`m{m{l&uM5w290&(65g0dyUj&QN*ri8S;G!kXR_DyoO6#HNkh!?Tq%@pw)SMBjXN;ACE)JUND$*AJev7%JlT-NANcb>L8LBvK2}9~?V|Pt|Y+M4oS8&z0PES+9e} z$~gLnCH%G0iGrqw&_zp+;FE1nrEBk3iWp^zaX22ez3J<*5xEDo<9$+InyH-LdAj3SUg(_=ta`$94RATjy%{|np{*v z>SS?=i|p+Kq$&Z7224}Vkr$zb#K+$yN#;=2R=ZCvAWv zQK|lQ%hsczy71&dw^Zq`TO}O{M4m(%!XEkN9wHx}8p?P{{sT||!L2SRBRSoN*S(%I zpENXI6{X81dURA=0L{(}pXb-LbjlXfZi8fF0^XhQo^doAR~lGLh; zv~e~yR>ffnkAyL}-Yf6S8kC+JWo1W4B4KOK>T-j0dX#`;sVlawBy0C9{@GNoNwSR@hPBnIMkJFkANnk42_g z!Y=ikIxYpd5=W=K`JN;&D^Ad$LKDWMjR-PP7>B(=<}BswWx%BHEy zfz&prQ7fluG0C^1ijU)6VQ|>PV}`g5gVs%&J%#yJ<`&kxY0#>Z=A<(#ElN6sO)7GY z8rH4NBhR`hL?xsn7@A%ln7W8t+H-q@Qd*09CEAZg=Nu+EY?oStwsSIsYIqG$Ic7O= zR#Ne&h?vQoW#>@|oi%udAZ8l#iu}!zvq2w2lI~f1O77Bx8x577LR+aj zY@dZzkaKg78<<_HwA%EI*0;yh zAZd5m>n8#Q7_~rv>jPKy5QNikg!@I)mcTsD@v%K(=%s8{ri76dLb?o5xmHPL#S=6p zp;ObmI0yiG=sTmy3NJBiTlA^l`;)1W_2r5=Jull@|B5}$je!H2 zuFDj{l?#n>l8q8V7Q$fVA_3!DhSDLN1I(Uy>6k4KuJz+DxGKzpmPPlV&3@*5aM#|g zm`a(dz8c+{)!J$Cg=fy#^!4)Pr$>UZF6{F8oGHhG)+rb2RNVqudr^kVr_0kJu|q>?`>ZnVVlPL3nGYsx!L~ zaPznWR77dlc>OLn1cbJ!hd9aMXt9e(VlI4b4tyyIv)R(Ny~;;xfEqFL@=~EEn<}vW zhO*|by1AJIk^@c^0hqvVeRs|CtnK-^t%Fr+d)aue`lS2JbYR!@o1Uen?dU;jt4YJ6 z{qi|NYzZwxtD0+p@BM%A@a|QGypIci+CSj)8W1{c;=afz5%IZmGZ#a$IK74-ZFWGk0#P0yK1Y zff`H|qOQJiEe$IpbF;V}jzl@)w4CzR={U1V7PPh0#iCQBA3AaYs$sfWo}p3^6URNK zGsl8Wg7>Pgrf(@PH9_N8g5}(6Cr5OTE_Ihr?uz2TB(B*<9ug8X<7beVZDS*5(TQ*; zu8+R}s$-)}c-I;4Q6LHHhhLJ*uGdC z?!Gd6Rv#7I)?T#e)W61r)M`Biv&{9>)s@&EGU3eFNWVTsrB<5luQg=ccv}y~(ql1m z%C6maueLfF02=$QyKWGh;)^pr%VHv5MxzUUbVVx}5EK@STUrHLq{EH7`$V9s_Ze6- zer89HZq6DDq9l+!a6-hM=?inBIuX4zO#HP7MI+yFvWT_<^M0(cKj(({)GM)~XGAa- zYWj6VnMrcFk#>rycFvBk{XLsGlyx8iuXPj|?0eb)ZmyN-O@X@ z^9ynb}wVr6o(#oP! zXl-KxKmf&5wyUfrAXAuPQuGq_cP+oj_YlQ$o+T zo9SrHMXi@M#PL?Q{rfwfUGHH{SC1GQ_eKy;=3r({VdC+Q`{2~tg&p^zQlrO*(ew&m zeW6E7|vyIX~J%cL52 zy4w)gqUHFg_Qof*sY}y79J$+*Yfbmmv>YsCPPVcRx?AeG%5fY!Je{sj4LS<|?>~}^ zb^5R;z)}t!ZKIHv-RQiR+a|CJwXY7BmB#X<+&t7~Gu<C}?=v+`lm_-3^phmMXt) z=ajA+)$nv2Og3hgR=CBGNJ-Tq1xb=c)NS!s;7bgtahXf3r6$?GgIV+B+GSyF zZRthW0f>Ie`(3W4j~YxFNKmDGS-+rKfy$&{QM;+*wq!N*m5CW0Gv1TmBj0P^^WKx0 z1`S)Y-MC>=nrJjcrH~PLFIy^BZ_!rGIKb7XVMMBV+F*O!Wj72(y@XZ`bA5U8y+O$+h>_!x<$-9 zn1(+d7%u_7#%v5}t%ulu|0sX1LD}U=Ny{MHQS)Xqc( z?fTB|l%W{-mCxZOJphPjk*I58nb@>>ky3Llr!Dx|6SD|_irSyxMSrsl#Xm5}+C|?b zP6s;;%Q&j4@zNR-8l>tM@4`&rnP`xBl6Gn0>fM4lMBsoe4d!^Ha_IElL=|;2BjS&E zjQq(dCU2<5WDLqF0I0(9^u17zu@-cq%e(+~s(D+T2A;FS#vqt^FbHA#wF@luEOrhI z(nr_$N^e)wU30meVuEY`%b=rJ?Rn?gZ~nJlJsFNJ7u znsqk!JljUsevj%0LR7Tq8}1hSw6bLEdi+J6}ah+NlZTQXbm)DU^>fPBJl*VFpZ(OwK@G>l`KP(ThFVuU9DVX{smqs=u2)7i|%% z3uKz0?ERC45j5KrSkbHeV{R0~wvw+8xtyWWEbB`0!+)rM_|4Uw3%$vUSYciRo7J^B z1ib|WMD;_j>Z*{e)9-oL>jCdMdSZe+h0_mHBv&Tdc=2=@SZ&jhDfO)dh^==>n!{y! z(8oVKEpdKRmnyQbK&c>AI8&M};}A3;c|j5BCEGbjWacpg#Lw1uEYpIqT_^wJql-Hs z9%JCIRazO5sGoGp-6tl-TdV4n3D4Sas;I^>5gpd+BB0^O5i_mlc%q}>GPG~l($s|p zhpxLjja8nVsrXWR?8GEPsrS4bU>B{UZ(#BfHNZP58t@G^Kg@0aBFCsCEWFzY0Kox} z*TOip?ZJ^M9SHSX9>!%SdwUSrlAD(EBq=MauK`?rBY6xmiHvSNIl7!ex~!;wYs2bK zwM^RdR@cQ}$0w|$S9wCqNwGL==WpPMcyq%{hD0SW8BHcehN-_a{PeG)Mm%$Ycf z5(qb}?H^Inrw>P_rVn+`B=!_G01aw?i)>sR8Xxm9WxJ}CFfl2OrM|P@GyS?T-$-gI z&!ITGFBVBx>$G* z5uz{7Ou;a!j;KT+1Uk@@W?3XEetl>@^(gNrIEDbEmMemwx32K@4 zlb*DGu{;=iD4aCYT%C<9!?}ntokKKTKU%7SDNDeg1au&M;v3`f3kLgF>2a9uFQ`w{ zM@93o;%npy81i5;p>lZU-OH-r#m0iHE4Y_*Yla}$sldzI5|1ri0a(Z$2$wa4*BA_h za~3Wl_Knc#N$-#9d>Cw@y>S1}aAvTNsR-m^>xTBe3GmZcIoZw@Uy()7N?WcL*7`8j z&8JiU^Ndc~Zhf_VImJ@4`;RE3S{xtl_*ITdbG0-7b2_~D%bnMcN<_E-rkg}-)CQ6J zF~u=+X7q4;M@F_xK~%%wCqHzt3LTPAi2?Pcs`WGueI%Lh6NUrlcPqzc*dFo-eomKx zSt+vB(2Pa012b?Mkqc{FXhTJ*`E$gP4ESlZ+fIp$*NMxfMq5++@c`DS-Ks0| zt1=!08 zbbAf9iF^P}jFUvhBO_Wi=D~tdY6;6dC5sWE@$ZI-;yF1zo&ew8UH0umLo*c{A zSg`{H2uoNoK?1)`afj#72ic+5N5aoj11|?jrW^HinXhBgrSe-Pk9J<>(@4<1_17cmUS>*QIfRC=^2svH?o(6-~)C_VDBAjVEZaxC5-uJ zMY76XAwH7cnA=tYj-ZinL7etTL#pU^kGVlhe20w|WQ%O&NWxFA3}svLO#b3xNll z1h0YId6`;?i2O$gA>pnTAUGag@=XUDnGzy-W@1ta__nTYp1*cB65PA#2~0zlk}`O} zi%k2-85+pKa;Z}m>*M|dHP-R?O%sk7Ntxp5e**)`P5m_UTU_e|GXXu9H%e8`8eD*3 zLk(iNW|S-ns7mftf(*{}E}1KZmFKsALaIH)ey)t4wQhiIaJvH|?A>MP8FX!kDtYWQTo}IZCoGjIg8!^ z#v`{hj8v{A!^4D4K${Y{dUa>R8Q(`=B67-TqcwJ(A>+bo^+3Z8-hJr#Z9vQ}I9=DMF&df$g zKl&o1^H@pNzDXj)c+7XP36}hBg`{ss1tGw-3hR@4zH~-&?~-s9&D#v%@vE@YfdQiD z*|qTDG(2&U#de<&06%*HvBj@h?K z#$gAxlS(e{4NhLx;GN!R-X|`bL_Kp%2ElUhCp>A+8_LHL@r*)ymkP6u7*+9>P zQP@PA5{jP-`yhTK`BLqH-M*ax?Qw}5#MZ5#Nr?rDTmp@NR`LU}W5}97z4vU#$X8{m7gnwfYvo#jyS#xn zNl@V;fmxbXjMZ4LTM96QJ1Cdq%M|MDvJ1#XU72c&}Jj7D4N=zZ8A-5K8kEM;c z-YBffpN$lkU7Y#@n$XFy^DB%nI4a(L{~a%~zP_xT|DH50>+>I%viTmp%wG!@ zZKp=IWO(|Nn6LzbV&w_g@5(k^h=%MsUjr&%{4<=q70FrtcyepYQUBsTn3gXZR`Z+OJGbIpn#&X zPP_MASkngBBNfG>l$1meY6cKztq^QcSW&XFXr^gl(I$yP)B>1?MstN={e#bqPqY&8 zIr&Y|Nm4qT@gDR9;IP#p5sTaQTD z58=bzuvK#~*jB|!>~NW+uKqQc>(+kWR_RO5l}_^LDCN;2of4fCGOgP6$9lxvoT{3k z^GLJ+#eU~)41}7e)=~?;kpQg1H}t#B-`vX;JJr5s!9n!^Fp4Uz-U>Ku%HPR_}Wp3}w6%N~iIoOQlB|Chkf2e7ToHi^rouG1Sm zU;6p2uT(yEU6yaq*eE0To@+uc;ORa#sB>?ti78B8t@K-(M>;9+UY|c(DwrYHnLSbnfR5Vba7RP>Y|uIQ8VbCr$;ak<#)*U$QR|u@>>OeJmH9B zFN+2ecJbDawvk^%1n2IzMnoGC+bBO-5tj}wE_#+>wUgYd%v5?RCn=9=PG*Zh=Wr8+ ztIPFjw6+ocJAZVE_BYB`qFoCpbwBd%;$#qNA^%JsJ#3-~nfn(+C?8`V`W8#QE*Qxu zeRwi16eo!3G#sW(K>F64DwP}kDUgKJG=SViIy6B<2hO}B$7$zSqkraJ_S_>eqdj?4 zt(T_rbxZNt51N;il4EXcPv-zt$QrUz#S)}S|BD@@${3FkMCKO)tS^V(r>N7N zU3gtx`)A>h^XJ#y0%y(~DV~p?{^5}}6xMAKD#wVE_+btR75Q&Ace-EAlij_47^|0st5a)y&dFcj zqD$h?PZ=x4WJ7tWaG}9>AK`6!P30w*l z<7k9YjM=$rxVUM&6mG?GcA2^C%`>t#-br?^cSqo1X&}xXfok;e8&CyIr}XM<5Cu-i zd`BdKle-qhZY6wenk*CO4$cxd?=af3&VQL)q+Fb5N>f5xL|>#9PCx3JY8z^twTfz{ z>?hU8S~Tn%S~zVKR!w%}9XqWn4J*h}k>FZ=64R*BpfU|S6bB^q`$$n>!}o&JV%9&k zP`fC`12}ax`V{P8rxJP){ADf2bgJcflqio-pIqo+J5_`hKu40mGTMCZx@3O#O_LL? zTQo`_uV(~&i-C5{<1FOd&>jq8U|*p3B5WSWtGRUExYF$B7l|oCs#?<67fRXZ2?n<2 zE89Qs)TG^5w0KsL2|Sr&X*OLsvS9XFO%LQJppodf%AS_~c&$@^Zit7h!h#GPI&^soCrP>7c zhqS3VRot=3j^vBUx_e2dPlE|jU&)TXm|4HkHmA~SG#-YAH_rnR()2nEcbj*&-tS{B zN@YfCv#a3LlNVktGgYfU-hWXMe!IeZigaBjm-nR!D^G>Jnh%X(XLKI6vw{3I4SU{K znNg$Y==7J&?t3TH`c_&Gq=Icw26s0g>MZ+STx<~`4Eqd^hesUtc@~yys;W|X396G& z?Ncx%U*)xpfm!Bgv9-hF>R2?&dl%h^{p3AlrOe|CGb@nC_5kuMw|!^X=1^O7{HNI4&+QDsUixEH=8d@{2o^L!NX%Wkrv0iGdNDm5iX-?F@58&|w2o>Bw?MUM9*~FoC8@WZ?0M6B)JuLoblDLC}`ff-g!d z+E*qqyCu7(-gFzK*zO-o9Tf}J*rNF)WbDh%{zg##d5MOxn&=Y_IV`L|5*AmdVDRV@ za}C1phXWGXO!B0p0zc*&IICJ1C5ef7wt0)XH`#_q37ipmd!J5+WhLTbcb%sFR)r9e!%A0U}S5_=ICR|7e@pwCtF6jW?}%t$9JS;#*ds!~vobN^~M+P{srb zxQ|?Y(9ztoWXV=2N(QQ-hYBW(Sw=~a^ zTN!KQM`Xm<54!YWGAUNFD^;i)gv|4^463+DCFh0Mo3*hT^6hDzHzXC1;eBt#0zydQ zcSC#(ZB-80N{%;9m(lF8nkU!}`(?h1W{!dS-o>$#9l}NDIUdyGEPe8wQ!k~+w?`b* zLh88YiLoz<*YQ?e#tkP!UHYEEdP@B`s_=K-h1jF>`1_W+pC_qDcrXMxo%+$I>CYNL ze*~gV64IIHP@mM}mCQn_mia@YU1J?$Ue^*TX1Uf>`W)LHY{e}JS`0(L7LRg~Du%g~ zuq<%TGDu__^^P-$XBy}ptK-!)>RvfW;M>&N|4lpXcaeYQUp1XBb(o2YBA`hkvH@=R z53n1}jTkp^bt$y9$*aHZ`Hp4JIyNJiagS z;Pp*eGKKKa`O}fla#ln#%PMBmC9RylNx;2_BZiVm2IA8-lcnQ2a72IT(!J|r0Q2b! zV44=9Bc*5{dLgj1N9wfet2X>(HBlGW_Un8EtQ3V)c@zuxMKf%`$+RXN1y4=y93*1I2TgxF zVZ<{jttTwmu8_c{a46B(0SL7xK^(XawC;z#0kFjx1DC*))cQUgT?=sbvc9cg9~EK# z@Okk$Yzz!nb%5z>9h%HruIOt2=F;Na!IAX-p3QiLlobrKS*x7I{(czzgD+cW?8jr@ zDmyV?l`7MNo^m?rn6k)Fh>g=r-U8bI@0{E=P0PxP(d8LjklQhZc~Ft}vk+dT69rXl zV|Y4;@(c+X8Rikjm+s{~r9uVA1lN2=o@16n!j4{|UAj)vc{>7Q$w(H_U?_=;a_?uoqHzbjh*EFD0>E>z0 z@PJYJ0wmLB<0R$MsJ?$!`!;QdKMbX3;SNK=#HRyMH{2(#FMQw(?Fb+jtN~oNW>Wmk zU;~7X!N#|3QWS0AJivhuYK_>S30$#hRnRoBP1?9oOTyPj*q5!*3Sp^I1rQI+V{qE4 zUq&_p+&&G+sYDIS-w$MZ!d&Uz@Ls3spQtw4n?`xMn4f;sldVwIQwG7g&Z)>yP0T&z zL^_xz_Z_f^ZG!!kU+Ti@!~!@spQ@?FF-m&yyili@{5g0yv$wCVX1N^S$RbI2Hs|GM zoP#a!uBug+nFrN^Zj&!lSD>5z3_?Yaj1?vg9vwxthVyRVhd6Sn2XgXjrwzg$hO;_| zhGGZN2OKbc`=r{TtAqCf^9Mmha85hY@+-I0tc8kVWo8OaoR%mVnI;@1tlA3WX@mE` zG4%J`N|u>pLrjbB9-wi^eWWS7CWS<%me$}eJB?TXBsRaz+S#G;rD~wW!Q7X$HZ@zv zN5WQ9TahcV>av>s9;f*MTMb1@c2eSO@zlH+{8=|d93D8|KD(jA-vjy3X#z%ALWJZI zTIjm*_1QbtwP65gfG0v%*h#metB-oR@b>6EX{T`{NsIwYqRBEIFm4sHWvnoTmRr)^ zA2$xvz4E$dB}DJ)M}bC9sX@d1djc#-g-fl?xSxO{Kw{kFPS1R;xvPRS8S>$bY*$9`;i4Xq%vUx>OyUtA#8I_W@Und%Daca00{)r;Xxg%7&Z;>wo4dpz?x^*4wni#n zX(dDEgAWo8(#+XQo?~YZaHr&lc-8^w+&HjP=POIxvNB{gA1&XRXAl*VIb6O{mBqHS zW476Kx8IZuUeSPx13jzbrL!**#tJT{mn$xgJ;w}bS~RlU)xA+OY+IBXk4mi!u~$_Q zc%|UB=s;aQl83@Lih}oJx?s*WR)4fICgV4p+bJblEm_zRM_Ls82$A$>%dOP>t2;B} zbGs5e z^RYB#Pp8cZ{3+|nav+fyyQ7or?;U^&Ru$fxIDg^|+5ZcFuEg9>Edlx>&as2L2M$aT zni6O1^B~}T?>|+$jPP*WU}rVQ{ba^ye|q9+Fs64f!D-}n!)25{=4NCoNAu4&Ixir4 z@vsn~OeW!&gR$M;1nk2?aT1X9JRJxxoY|xOg!1U;spA+X2BYTYXHvRx=Uop_hpUj| z(V4ji)b|(~2Hp1Kp@-JHbT+4iPk*Wu<&r_L9h(TtHL^|EsY~Y{2Q^so7#l0USPb*> z+&%^C4XJoBg6m!YVki5;^RCx(>Tn>fBi)_soIdjV zq~+nAITeZ^RN1kA@XiNj-- za9j!hf|=jv0H64h{?$|HSrOl8f?lL>TUi5u(29c~`i;vZ&iG5@#5dP9^w*KklQh+E zWUtZi)2AHc>KHvEUAVrjZk&-f|E6y=_mtGNiV9Stw6|yi%inZ2sRs>xQNNzaUho~j z%X*2;>&~m)K}2017kCe;+ZRDzK6NvOKjR{)72zXOGazM+$m0r`(+C)#Jb;2A1lw9Exm%SD~=&|>>3!jH$>o1WG zIcxVdoNI#V+{(MA467Q(7H$$%KeDqA)@gX#n^O)qoBx?bD*~L63Qq06EoyU68nv<( zgYSr596vR|SHch0jF1zmj0uE)25E~MrPpUSfZ}3C?l6!*jR1x_PhxlqzP4q+*t5D0 z*Pmkp$`1iadcSHLxPQ;ewmuvY%wrQqxt@q@WoZUJr_#-~q5F|s^z-ty34e7B)PQk? zldCRORb8#OwU<7!olVY2=jH^^(h$WWYKTCM5*jF|Dr|(-fdo_S{zXCO-Iy*o_~p@G zFo1)nkJIfl(UZV?`OJqv%!NVFne1@}DiV*sPF2W-M_;|@5-&A+RJw25PPZL@oPQm% z-KCJI%z};>Kf;E5q&pKO!u9TBTD&-ggRG*Y`7j;{5#pSn?nyh-&x@tiwi z4Naq*+ZWaHtYyP0P#IMd1rs9`w3O;L`E)wqTEis|8Iv+|Dn_R7k?%Yv0cV~^q4%&4 ztIJ)tMF~X>ePF%e-iTimckY$UsM6fj(UJe~&3X(t=~+j)>s;_=zQUesF4%RRtfH z(+GEiy6u?Yk-%XpaWECFP5PZ%8%$S6i%}ehu?6mmtPwK}7C6jK7VZtb%Ncr$&3v(_ zGztvMI3}OR}T9IxIi@3?|6xr#*c zM(TYM`75Rtii0ap2{jA4(mr;k1h(eIn!&`O6wKi9JYs@u_Zb4Kc$1u3#4Bx6rSx#x zIhYt37@4RUs2}s+^N-MTZ%$v^wI7C?Jq~roc+MQ(4Cg%OjBa@^^=#s{aK-LFi5CuN zyB9T#tC?}Y%D3b-tIGRV+zrrr(PqfT5<-fhLIW0QclH<~>h!Kv%bR*aAh-1!a%Bx( z2Q23gfg0PL#T+t*J7mPjg-61SQxmTeaBfT3C$M@XPft~Ev&wx*!w3~!BXTU-NYopX zmfXNuaW#Si!En)0{(C!g0`^|k-DzfUO6=J&(PjFtkp8C9G72*Er zJYL}T`SQ0Ax7u!&mbLD2*)ey~Hr^pj8ErDlY}X$h41a^t|2^cSz2h(gF>!;%h{$nd zS=+3MOe8(1c!hdovkqh)pB$3hH0}={yBu1d;k;z-R~uVhhCki(gEzzhecgo(acpSzxj%n+rHLJXlDc zHpSsg)#2?4FPXB%@UGP87CVnq`~O7^&nas_AHH?xDysD5gFO;uFQZ{N!_h3;@;bq! zKTUSFrOk0WPF3frU)##_H+hfLob6Rq|~MqFdt@=N5qiB$dfSf$&?ooXS1}X zZwVZ-mWU`NDPq1-5@ow-HmR8df8vrBtj__>--m~Y?tI}Whz^w=7a5rKJiO#;ZFY5H zMkG9-l&+v#PO%_GOGIgOgMTRLQkjO;1vvtWGid^vp>^S? z^JxE`1js9jGra$9t!Eu$sy8a^$Zj6QJ?qyu! z&h5$lxqgkR^Mg?%0YI!34<;StQS((W5vwLzB@Yc0Z2;ftd*-=NJj`X1cdBM38!6|X zJgm6n89B1YmW&A*wq_tOXydk_zLa(WqoGVp5IF5bH;v$Gxby#yVH+n@UjE~J(kLaR zp9Ewcqq&-RE2>LG5+^&!M^eM(bq2CLK6pGXxE~=O2i}jiWw+4sV8!spNwt6uVwM(Y z!F*8d@Sk&Qy*l)+QUX9X!vx3qK@HR9QsIF7DW&K_@sJ=J2n?JtA;Dl`b>HJX8$)u= zst&6TCWADAxsjq2NJQfCc_U)5?hVP?zRQmS(*1X2W zzYP{XE)t3gOVQKrDD~Fp+^Wylsr!6D_=pVL>m@;vy<}4BE8EM~X`Wn7#ii!byf>a# zDe043L*1aewI-7SGv!H6vj`!w#8snfDKa41R=GE+UdWKa+PE7m)`SSFW>C>0$Kb^> zFdK@Rimr+mJNDlm9y`v;gxfcb@=DpR5^Yx_!sezGeN3}iJ<}DAoK0h4omERqz7nL5+6<5;dAg zp2BuF-f6bKBAX$caDa{+kjx{y@^UEfWD<#p@57OZjz^pd0u6JG%PHJU5cax;>3KXf zX0eO*Sc^V+*|2xNB%RrLTF-iI{T?-e<8^t=AoulJoFFS7Av2{kmA%;YCaw6`^BcMC z^!;vk*TL6#Z!Ub*tfKFEf3&1o*t8=$lO0lnY^Z`ONL0GGL9|2BYPWmkBv{sajWyv# z@T+1+sEVWXdkcaWLW(U?f(v$zm#eAvUCO1jRMJG_p^=9f^aIo;KN!WMfJ7bB)8M<{ zoSU7Cph7BqYZ~JxR+bAQLGHe=((=y(bp+?-3F;AI9l5)cEA7;Ea&Ducp@+4FWDVsQ zP||=kNRjcfKHzTJ^Y>@N4}l9d$TDP~Ln{nL+S9h|NEHVjZPX4|*xC3Yh$`K?`HLLJ zK_3Yb6OP`Zf(`&E2xuue*O5u|bCit--M}FU4Ye#?Jx*fQP38Q<1NDq>8b~Ys?_hm zu?isL7&vyBz(hIUp|VNJEK$2?KekNSBvFiCTr|j*OuV6vN?I6y!G8Be$Ovv0!s##> zvT8LE9*VsxaEMiVA?S}$?%nf}z&~^7(J>L#vRoi(D5jk9Xg^PprKP1^JPU)%ft4gR ziyN$V;|rV&Z28Xp8Qfa6&nKJ}R6=e2b`V1;Q%>!dbO8f7T@dZ>F5fPlat`a1mivsR ztv?s=Py{6}ve0%;UA%e$+X+w|ZBz5Zg6zy`okWM?(pSE`*Q@^o0E8D0xdjG|WI%h? zAb7t5>MXFWIrW8F1?!Ka__si^99O~$csnWQ+c1Qps){WOdcdQ=-5qI>OhINzP^rfW zm3S=GmdRA{f8FS}yvOtTit#pgH? z*P)S6B{E9^tP8yCDIZj(Xz47Qg1wSeqB;w{yr%O<+H=Hp@Tu}!c7;uPycS=78!s}c zC;r$O`mZ>#!D%&NEVtolofSqSLMRGpeHV&FO`wLzG@k})lxRLhNCXzPieN?^90w@= zNP8dP0#k7MUkwESx~2aqf?q!Unh%`=)gjo<8L?(R5Mt+S8uB_~$TQ#R>vze&;}%{M zSx{k$L5MZ*l)`X84?Zidbf~^ zgCSiqdBZVaey69foX#JE{HJ=A=dy2n2^q-Hhqb@~F5mt=t|n?J{9i+}L0|4gQ=4aC z(tnxPEN=h2MJ1f}mIre`n~m_i9)@DW)(F#Ic&u(U7WlMfc9sJYpJ2F2AglS;*5Y2d zIsyhEEO%m{2EQ9RM}4oC)_j|-Lff=3W!S-#Y}&ZuI7`5AHnU@sofsEmxpT^iL-|1FOso2}8m3Xaw7j$q&Z>FAfgK3~X|1;Kg>%#-I;M;Z7ADqM&5y0q800={ zZvx9x?WQ2FO1KY0c%>Z6)O0(ja=ki#JC7^ z6#kGtIBvYRJjiIplARNdDVQ=5g1Iv$w|e4f$)sa7(HpnXc;rcDBgEDN&-# z`@Kc;8cG(F|Jp}T2X+3=sW=<5TLZTxPnRHsz;sBXn7=kAclO%)Nzm_c^2@>%X z@Z~l=RN&TOIOp#3JCKBRDeKo+6^S|Yket7ertctKWS2WippUVM?l2SdaIP;hzZQ7O zZ^NkZv)T@Omp9k`ekyiEnL}xQ+fpl<=yw#TQ@*XYQ`F^sT*r1_l^zN})mMM5y}o=7 zYg4Gl{tk0r-6Yk=&pttpNT+REf#kxd3HS_d+4&v6Y3ENlknIiVY?>|^{;6eL`##w} zyEijam89geW4sQX8P?W|Ke_Mh9#XtD6>gs`cC?i^*+C=g&TcJ!EZ3kXGH{NM_R!{d zX>$IIU#q)&g+S3!9 zC`0TV2V=W_sK_oDD>O_a4xz`@ba(hvxPQSy(|5kjxXz~IfnDdLC_O_kviZ@wg7&+MYP^!DGa0+& zHm5EsGyVqZuNvMa)GAJ*s24frSk)G)WVQTm+RHk(bB^+p@$hgBaSHcLXJ6!D_R@6D zcPQl8&^^<`%*F1G3sp{CWZViUg|qGS^fQieifiw$5=lzF4j6+(A$#8>?GFirnwbi7 zF@ZZd3J}a(7Tdaa#Q5>=5^&ywLE^@!L600%34$RTE6V{dUU}0^9OKLJ>S0-4>9v5aTO~<{=J#oqGoPoXz&v#J6oa@|=M#5W7 zFVond8BQo=MlsBcK=$1rFJp`7Tj|7ekaOo&O-eK#=i){n#3ZR9y0o@NgH{ex`H3O; zVldtTO?I%(0-oSd-GWWd*;`FBx?oeBZDcVdU`*1a0x8UTmey~CVhDV^88}u)O5jW4 zb}2jxq$!F@5!0KgTnbZG+kV>~y>5Ed?K!*eJ{nb(?f4YjHK0=G`Fd|G=HNQz(0{uR z26u7Y`86M1=cKK+=DAq&zfWS@^*wy%K@4E8Fs?b^FtLP?T$$Odj#RI6b4lP3*E)7x z3coZkHqd@-J?5+gT#ESo*7w(g0Nf3;23R3AJ+7VMJM`TA4Zl=;HI;8j(>R+Ah*mhn zp^3MbML3PP?c9m-L-}ESkvPb)C+XF%PC-M6hNi(^lD|3%iJC1oPUMiP$^ z7}x$|8k;)N(ED{;2*dAJ+mc^my7meb+_7CIIOX6NivnQx23MuM^VvH_=jzpZ9&4#% z<6YFdpPnp-h>sf!e3If;v-AQos6=&YIL71_MkCcB8 zVl5}?mx(}?Tv;4hZ-3FU$T(K=iL5No^_PEvD1WYXNC*sNr^K?h?hEc}AO&xcA9QzP=6@_cx7%)}>7dJe;AXTyRAEiN+IE0ia zM;HAvn}^U7dLgpT>la(@&wSf?9gpvLS*pWeaz4+e4*XD>7?Lfr#HYvAn^6D&p%hcHL+!G?Cc+ zt9X@u>oIvt`Kz9Dy^(w?D%qNHP3zV|5`)-!6@l);64i}4tOfIfe?jttXMOi7AJ`L) z;h|xp@%!z!kg^!9k$iBLlvt#nj#5S_XHb*N$%|YW!!lGKbsdHq(GjCT)kfh)OHyj+ zGBN;PK%l?81|260b{J@|g~sDd9KoQ7B75BxO^k`4x=puq1s_^@Hb*Q=Yk)R8rX5Fq zN+iV8Lk!91WDrDACV(|20yYLLIS%oJ`q&>~q(-QzEsj&S?@s+{V*v*43TfR>FO?r% ze6GOI=NRSK#T9<{Ow-xM#@|W8ac^fAzCyOOTd3zm?iT#$fE-I5*f zH#%sfJGH5?hr4(!4bs-D#{t_nb4s_ENqsT=&m%B92o{O;D#4(VQzMqgkd@!Jx;B}_UECG@@cQ@Q-RyY z{_!`dQz$H5q$!oS9R|CjswNe;<%`S0l&Q{YA4LZGd}I}!7PHaj>Qo*fFYWDj*ZS56 zfTeq(Qb;JHhKf)-I1z<;wYa7=NGj_o!XR0tv1NKEZl?iSpwRJy*><(ET4>df*+kSp z{$3!F@qKn{fYcrpeyXm0W$&>ZBbLf5erZAcv{Y zXRYd#{M56;z7Bmk{S>o9NeHBSr+^42kd61@Sqpmd@fN5Y8qL--rp$ zYHz9!{1L?W$~8KoE(FpcWNg$@_%(81>kUZ}T$=_GlGt7fiksW%~BJNeC zhUIYqwt3U6kq)X*;I^J#BuONC{GV{Ja1Nm5vhxTBL#-Umf?LEijBzFd47nM#GKaSg z4-em4-JQCb=|%u0m#A@&N^_tWFAZKe*#0g9*(wa=aX4A9s8O(OS_l56)XB!{LgA{9 zjr0OT{_D(7MB2Ecku?V^@D;Z~;B&HHr>D!%i#sTYwx&`E4hcV&gTNax6ZS6`G%oWz zEzDeJ2hRsW0v{(njL$Ffo!L_7+5C4&+j$oXiOdFX`C&3u9ss?H_E&s24vBoX zO9BU?GYJwt?trwoux{4j9T2XJ$TBjbvvct~!t$Msx{<5-cbrT5y26p6aE@J`;Pdtl zR;gjCM(r$+_-)qp01-5e{}9WsZRso6q7Vu^E2l*jk3$#@JR7TJHAN@FiiQK@MqdCE z!UqP$x=CSB%m%7@j+Ihz*>bJrP|KvQOG!YesZ&y|Vza~KzvheuSGp}W3EV8odT)C(I^NIeA@hdU`d|ZxWd^D z>%|M z2L{7bWGSe+f9&s4>3EO~s5L*-wt z{HH5$noZNPieO6y$QBaSj_Hjws=72?8m+cd?CItVz#&ks9Q8}%FatrP!jE<)aX0tNB43-8qr@BOXYO46d_k=^f7 zt=&rTY)6W%FU!ZmR2&%pr_&Hyfd}ja{W}V#e|y5iBGW82H_vpAVDcYs6~87WyqLb7 zB?CM(Sp7>;oygQDnPi#;vp2N2l{f#Z1)uDo28qLZAYohTs3W>+F_0*=bs*Lw>BC&^ zkAsW`#5H1wh%3>S<^Yx`^8nk<9w*o|BENU)!fH$Afo$J(lA`J8*_#<6pa{b#G^ZKQ zEph&w5#te}a?20dly+|A2<-B}oJ*`#?fmv6mtPaqnPk>@%Mih1c4r4@ z1#t;tvA+(vUNaY>MwwOQg{d)%9`0o_q^sCtEa(KBWzg5k8@Lm=bxV2;r=JZ1$NCP8VlTQZ!gKvuf&9-=PIqYVQBG5fy}U z+ck$QUtq19YE|Cp)38p&d@A4gT>D)6dgZt8etUj9-(;W4k8ECO=e$nGGW(=E`gtF| zqRYW!L4V=e$(NZp-axPmIw1JJ>E4dDuE#8zk5Bn2D*9RLAEt?rrs%;&V+3QToQl-9KJ;YnUKYaeP~y3;R5 zQrT}bsL|N+>BYZR??W!9mtKtnItITnxM%O7_<1|X#+Bz}(V7QP$+P?|2QA3z*2Q_| z=S6j(oFGASwYnF&0|2}QX(xteF%hrp5D(5EXamyWYK7k>c*gvs>V+uNcI|4ciRBKUlReQ4n*+XofzSrH-{%ZSi2fkX!pU-B_yyw99 zmwwT{!^(EP$<{Nb@30gN6cCUS8K>J(A&DAp>+FIc*eWtOWPSz)fgNVy=LpeYK$v`K z!;!7~kDSb$VWU9d7lpLe@fRz?Ymh`JP= zULZ4C@2)yi!2yxl6}ZEr!Lig*6ibRE-Nuu_Ql|41(#2T34sMDV*yIY|`+*vUoLZ_^*#%>GNk;JmlzF*j`*y~RNS`TN;XwW|A^cu`SIs9(y-C=BU zBy?vpt>+SBsOz;3J^t%T<)y2Ls zoS47xlq=rpGU*;SG7|V`4QM}X>2B)2>ao!ypL+p^38&dK32aSev`$^{=l$bCv^Wak z3Qjkmqb6t)+<@v>XMI(+t>gyG1chwN5%A}FGNM7`Kb=S+vDSdE4|g zc}A9^6=}Gnk#&;Q(`oCit(jF!>-JPZd*Q!=4-a`gGdr#AFXH`%N;|E!$5B7G2|!M@ z3mIx|!I~}w*J+&iScLs10^LEMI3#*Udu7cXY^$$h)XukhZXhxgZRMk`opLoD3BBIY z{9=JN`-(!-iFmo}MSx0RUr2ek%=XKga@;%h(V>KIjiUwALzMpTUWUDR!WZEe5a&zI zMZ(UeH|U-&Ai3DP6B9#6^Qd_azYb8V0*P_4?s1RiMB`kAyuyhU9V8-StAEJvgEB(z-+dkVT2!XlbV$7a z99YDB06Uv{2Ww=Qq#AUTstuZp*a0iAh9#1BSyThxBTJmruoYh6+3Xe5oOa9N;dQe9 z%5ZH|e2znt0a*+D2v*6Y`iArU?SERtwC3~2`J8pScCkQYnIt^c2CE{>Rlw3kI4Um9 zhmq<))T)XQC>pc(|`wL%+SFJ?GGoD$8Vo?5;`lTYkONs*>7Je-7e=qzt6xb%b zg9z6?sR4Yj{kZjSSJT5rn4>ZaIs`HiRLCxsfsV8t!9@uI6a@<`fQCE5t~X&uP+tcmW67-|3F70_zqraoa-n$k){ya6;Hm^*Kn-_VM?YGbSlFJ(VrjoUYhLQmU zbmH*gF2F;B4;NnJXeD5sngx7F{74M=p!c!s|4#fN4(QO(%|S4$cnUHSF*&Rwk7>I@ z2$Bbb9;&IID2x2&6cQW##NuwYUmgoSa< zv#UM)(DW9ZUn?{Sz#u<3?q13nX}uM!U1G4h()-<3asBLA z@AJF865lHZ4x2e|W&A!Fai(4D0gaQ_IM7{}s!8gX%%3=t^ElP`?iTW+;-P_mC)NguV9BR{~lZT7+DnE~nySSlR{(IUoMS#i6ES}txf zhemyhW|$n@F0}VA_JtQkldw8!G!}inw|Rs4#!N1|RaqsT_k9BWY*RiPd~YhqU}XxY zAX)>-Ik-Vm3&Yu1yjV%0$CLDN6*z@v+J2r#inQ(>W;-|;?-UJzTa4N@O=Oe7t)X(f zjEc5Ex0{Hm3U{5u_&2}Mx!{|4Y*6xLO*fkgCM4te@kKcFS=iriA`x(8fx=ZZtfVY& zR;g0=6PVxW9tT6BeuhrNL3N(Na63@^9t!NRo^N;wSO}pZm%)=VvJ=CBkdQ=Coljqa zkhe{M0tH|Yf>emoyH!ufjxefcjUIsxg)07cN4*@SlA&o0;wSib5WpZ`ff{Czt~`j* zX$?A+K?Q>h23-t-I7D&K`~b-S=5(=Pki!@|2AvEd4H7v-a?scy(!PU1)qEI_Xek79 zJ@nPnAfR5XU2~n_TV$Q)8mV46u3p|yF9wr|lbMy}KhsRC|5qaP|3l-d3k%CB%l$uST$cZ-YpU3(+FJY% zM3b43^?#=Ri-^noUqsyh9{eYW`#-?e{}VF(uU-Cc!jtVkEB?RDPThD$yCDLE5I5hE zm}vx~s^N|gkj=8DT#@P8cI5)T2h?)QE43hXId+x=d5L1PorZ;J`?1bdw8c*xPY zI7diotq{O+xguU*XEvMis!dH1LZ%{iS9u|P0+x2QLaW|*A{_8 zYbAA3eWUJUn3RIV&0t|hy|*jF?99aDk-1!HK6$OmrN2md+9KmIObfp%jROZrF`{fN z1q!l7D=(FxiC<Q3|C`Ll`0v(eFieWU7$64UdoKsjy8W^6`;|A@c@ie z7>DlkbL{+j?PdNuPqY1-rQ354eDI=~SrMQ9S2RaEV`vz=8fy zdw~p1q6B5?mKMXRi_4PD;}f9vz%3&3S_-K%imjSJX>u28(3dkMbYt&d&oY7YGkU#l z_x#VBPSab{yw^Qmos7DevR2|_)os8f}r-b`PiG>wNxvb37AzsMWdyxo=(QRnXJ z4k>opj9;sFVp5sIkRymMZKkT{n0z8Wv@Q`uCU}5e%brkkT16%>?Fijy^wyZlW}1p{ zItyP@`@ba4nz6IgnnW+1lr?ml8;Y1Ur+slf02Nv5;Fp{ND9@eF$Ey-i{2o3m!XCt= zND^Wteu|u*+14bZg2T?VBE1Suqk#>JT8UVG&NuZEQHkUHEoNf|2)uV!C%_r}-+g=M zd^;PxLxNB4C`Qs=a&1(E+(|ud<@( z^<=<2H&G2qXrH$piquD?T#||`BQl^C*yI+6lrbp@Pf;u$9uiELm6VUP#4Neg_}M^| zR5f^DQBt-@4qz|jD4|ltFeEBTSo+f0hOiV4!y7S1+F98{yIt_tQUnmM338B+&4W0o zec(0!S`R!3c|erEO13Ch&_j!RR^pIe8Acf>8c=7zV4r9o*%$B`g56j+WBCC!5aBkk zOE|xgrXRQrl3k#eQkTU;1b?X1gruj;A1$6yj(hNorYb=)(qkLyf#eirHc+4IHpPxdfvEB=yniAXnkl zhYc8+HqWF5iNj7Xwhc-l7s5=xs6B^ddrV~WO2L83B=$1ASvlgj)@|c%JY2Wq3Q2Ok zT>X=V?t?n}B=*{Eh&d#9ChWk;BT8K`{}N%)0+NQ9D}iu+iSWEUl+8`gYp~a;rjRTT zNLc|&ns4Sc6^Au5PMEFDWN!u9@_*oM9Nr(Ha|lClKEQ?@Ii4WGH#?Z~hOs%8Wecx3 zjZPF;!yh`1juZ&}kl|dF) zxTQ!1P~-q9)66Oa&nd7tqD+wnr~*g%^X(Gp|4>zr8{%onVu5P<$FacnkMdu_nHGf= zot2d59O^#mixi{|&}bluC5jPogi50yNw~b>`c1jf$Vr)Ic8Jwpn5?K&PhU#1kwlzr zzq=6Z=aVVGsKU61SD)iphwu!4v@w`>$U*$EP)s_fru(B$1m_80%Uq& zO)G~UP5dIBXFr0WAt=*gJ&Skj^?-4~nHZ&WVEU1Xd$)_&tKvS?T4@eVMSCY8k$#MG zrLm6_?sCbL-t~=Z_6W$#AX+(sz;Y@R6)R*Nkb4c48DE%aJBQz5c={!)aVq+2-Au#(t3 zKsRPwSf?KZ_60LjZm^6UNiPiHc(ht5@|ZU~HjJq@l9O^_Er=npB-y);k^yL}dyYoG zCtFm!x;L3gSLaXcoZhoGzu596c3hpjI`A~BEVgI`%V(X37n<5ibdIKMJZHC5D_h&F zny)BLyZw~dB_C1TY}i@fuz|N?dRo?RPn@|U8g+*Hr_&&!2CYfeQFt2%$ib9kHjkd;y@wR+B(x{3k# zHHzBXTU8K8^+f@PoqU{|+BuYe^m$=LAyxSRH>pYl0y$j8{ED1|3GM-J5EaDG*p=m- zYt5;;@ab1c^IR`H4}wcgf)rwjF6H|l2r}QT6>aL7A?d^DnjW_Bgh;p@OD8xXZWMv7GY^!xWaUp zmebTZCP)ivIl9(1sX@s=#+rCVuuH;i-x&Bmj!pRL7CGo2nb7@)#n3T9=kPoe)8><$ z(_?Q)7uTh_o8k@-%Tj&C&QJK(qi5EEf3?hOlfWE2JA~H%WKRma?e|WP9em=_l!Ks5 zS%~>*0b-;06|R{@5g?|BI`uonnO)DQsz8jZ$Tv^&6ieGx)nOD8;~9fHT5rB+vGSw; zq?BX47_E5!&kk)Zww(f^MAf3c8kV@rw?|x@ zIN&H!(}wi=MK14%Vc;U%?iJs`JVHIfSWWk75F=9W6+oOEKhTit|Hg8=d45sxRa*=f z-2=LfbhdP`PvN16d#+jH0MPkjjYw)jdIedK+_Cn$_sR!w85u#!YxFL=cuysI|O@EHai%9xa zImy8g+6?151COkqyLd7E;Yho z4!nABX{0};Qv5XV4fel< zJ)?4Da#|O$gcBsYa1X=dlyexnV+XEJ)KkhT>5xMNm-5;&%BF;-*yxwlkJT7mInc2y?shNp+XHC$u|m{kAph}o zrRgTWK%f2ro7B5*nN@)?40E7T>vVXtl{|Q!g5_h>H!u z2A`dKq`Nd_fojb}G{xVp70(N#w8*^G?8`eCQ(-PPcF*2=)_4s1(X2tIR#zr}oQd{q zm~$X8W|b))vle4pJ!fOezOI<<;Jp6Z1^vlo3)NwEkIc@yva`9JF`s(Me6W_>YtF7Z z*LB0|R1bBIW7;^Yw`NMQ`QAfSp z(*tc~__w~mvCIh)!~~C%>fEcST(^hJ1PkvUolDzm&E?>dv5R?&tLhqi)8Dl#98wv+ z)s=+1uBRy)SNcviuFv*onO;_Mp>h*#ib~3>m%n1UTDTc4;v?iDStw+|ICq5W zVgA-D33rfKW@@ahfRh!@yTHXUcV2x22vOi2GL7bfTvBzYAbB~gCV6dul4>4HQFCoCg%n=Q7S!M3*INQ|J zQBzWL8iJ&CwSsq3tK}eyb*{cMYK;Py9pY%Cm8$KehKy^zH}1jw_)bgMqAcL9ySkda6x+ zcClb&%8Au3$g+w)H0ernj5cSehvvlXwr&@<_9yE?%ZP73PDC|yYw*?8PCDaL;oZvG ziGU#2H9DODT4~&n=#NDncS-c{LAts@T+EaaW44C9P~jF;CarGP64pkx02Jarv7WSc zwu^5dJEQ6@dZ&+T=aeBYNl(z}dcJguVT-zJ=-<0C%TD=y_CM;|9+y zElsDhPOCdCEbi|x;l5$aW{TSWJJ!nauSAiRk&)rwv>g8}YW?4sx{RWtpbWLLg^h`m ztcjbVosEI5ywZP5*E#Fo#Q|C!p_9>*OQHn{a>YjNq_gt@K2h*C016pf3^He zg8rXo#X!Kq!t#$1|GECVzki#_-!u5T{HqMj{;%@Cm46wXnS=A+t^P&(zb5E^8S8(u z`>%g4{`S@XGj{)Ma#;@K|ssQ!2VAJp5T8V@En|s|B1k}{S$$Q zW@BUecLLAy?*yKJh3P*CJPQl^zY%z5wtpt@4F5NQhyG^*&-C}6DE{+){6q796L=;@ zg8xL|nOPY)IR1A8Kh)*nt-SQf?>*iAJl(UIF(z%wl%&BVl{#ijMlFFc1}A|4iIGeT zL~MX4uaH=$EHAkk=`VTKgIX6^I7=_A4r@;OrlM7?Y+bFQ1*5rcnUbn`rdBDD``nJK z-7|Cj{LVLX{<@!$)kyzLllPgOwbX4zM@}{`4q8al<7vRI;1^&8Rlu*;@Obya1m6$l|w+bZjM6GU&@9Run z!1FySHF{i17)o)PZuiZ4{d3X|F>aSBU@47w=z4kKMzT|_Mzfl1tUB#(@@jix+V^{LwhuBr=XWKC zkSSCi4uT{wT#PJ${y7fF|2eo2WCrU(YT(qKU0 zULK$LnxxvSmlsncppM9IIj8Q2<%u&=aF!{Q5N_<4#?yc2hW zSnSbeMDvLtr2Dn2{sr=@Grq@IK+Zq~ke`63OZ06(BI&?*!;WEdpDc(=?Rv0YOfMM|G| zgTfkxUDB{3V?7QE)fk+CLEu6tuvnphqmDpk#O1W}(Z^G88RC($yD+aHO%)nD#3m2{ zAyFu3mW&3WxPPty$i{~h_)tj3$E4Sxl+g%>DVISKb1MEQ_$c|PN(|ak5lfU=c%kHU z`N86im7Dd=SEe`B1+z28M@*0nJchE!Fxwy*ShJ(?7R>Vmd7<%0Pu0anqLoN(YDXwTTZG|L`3&YjQ| z{t2mFXa!3_IkbV885bkGlxne#V0=&*B)2QlVfoLkHU96$A7AioN%p`{eR2b=ebvFpYkV(2Psj&f zpzZvGHuf;PBuy_+>so+&N8La7ZhaD#7bJ!k+=u$1*4F|)CR+Q-@ta`w+`FI;-RPIk z70r$HK9;`VUzDu9aD27B$gy#b*DE%l2yGtTI5!~naDVmJ0U){SU_hTVpu5KO{ZWH$ zi=Ry~ImoP*KH(c^M!!LwOm*aF=HI5h%jTLTYnz+_#i0MYQ{~%tX{YK9t^!|yMrkTf zhLxXv=_9E8NJvB-(LyAsQ-!}61A7Vrd&(x}XitpUbApu6&{TG5#Xirs>J7czw>%M< z$q$j~o7wnFeDtFzzMb5-hhS*q)xXm;wdhUkYQamzui|V3#i;MYv5$vc9}k^@J@eEx zk}*D_;#$pz{`s^NqIycT&@a?iGII_e_ZK<@IHm#!7gxM3EbM$jz(WXRD8&2*;)fT3 zkJ_%r8<>g))~7XrBiHOn@$m@?B2Da<6U_%ij?fc<4;p|eI4+4LhREBRzz3xEn_`_m z{2@*vAhy*jcv61jI$vq=13#wO%RS#2ar{i(1JJqQVu%IRj0`1uR z__#X_EHdWB6)^CDGm?7=b=>T@;3YvX31v9i#R~XsY3N0Hc7z_FZgY4sIfyUnPuM(; zSM+9h>z^OD8k2VLiTJaWAYQsbH;Tsb)0mL3De!0V_EpaD zbHV|i>IblAOr9Kdwayy5oY8WM}XSk;#y9GC0eIN?O5Wwuod=p`UHGiUy^V^D? zh4eK&<@6Pu;|tX#_Dv!QKO;&{VANZpNSs^CqY+KQ?& z%}=pPlsh#$e{qX@)w_1JC}z!qH@|A;v5A|ljB!Ox7c-wYbH&ImGUCo1!p7z*?rCdJ z%#|r-fg5KbDa1?=#GpWyNjgQJVc3)JBWP-zPe!m9*^yQ^l9~P))`Dm*N;9_Hug2Vp ze!YCB>@ET+hwXHUPt>>!a!xke+M8ORADXMXZC|A8~GwByhk$d*Mhr`x|)8v znvn@rTbijND{$Z6O1>84OZh2Dr^$=`Khv# zbXiED1tHI%8g?pw%suh)&Fb(v^o`Ct3j*WUYwR#_2uQ85pE$JF$*8tU>tyzc3he)s z@|}SR#3Wp9HotYmqwC_if4@1L${+s4uQ^VG>} ztRm^IZaVDV#>iCfc&r@N?kqLk`rX#VbTyKF)r>5;eqZWTcfB}#)u{d>kEDz&xi#xD zCA3VN@6-|_b7$5C@bL6SgYOEbu`e>tk-EvrCm4B;e)?Q1B>3B4?&D%Axf}k09l0f& zOE*6d?UU6t7Hn~;8vXpdCA?PX@T&SH)M2&1l70kBq9>&b0RK@(Dc0H9WW*^sUJ?^G^`_gdwiGdQ$I&t>=$q)W@vCd_5;z6 z4*rM(#RwjOZNjuf-8*teXiX>TSCHnSJhXYZ>U!G;;+N`!j*H8w60M~S(U+qu?+H^f)unCL6=B*b^-dO@z8U%rs6Z<2Rs6s?IOqeOS0 z-MPM?YZXz}sFg#sMQRDR2MDilHlo&C8sy#8{Gg}1VFwDCQek3pv0ouP5W1e6o*fCB zk%&Lz3028hB)BEwhep8;h#C+|RubIGf>L3|%>gGva}e?Gps&fpYZHNJ`{7BH#z5^k zJb_E@QQ4ss`o&8R;?6&F*-v(gTNzta8$zqdeK214%{$X@3J#mH4~6)Q(+wCiVj66W z(YO8lv-7K)g5c+lLv$1^iw#)J7CGP2<`fi#))@zI4?Mc|abybMw+T=nD@A+TG%GNA zfS9#~@W{wVu`x#Q>#n|u@)nSIt{bl#V~U)_-QvEWjOGMg%Sh3aJd8;-q4>$? zd7TpYg!K%v(15DGsu2=@2)%Tx6H635o{SB%dI*eZH{fvJ_*6aRq+i?KA$f#wSwxdD z6t&KNF|*~e?t3J6Pk#|?5?LenCi*fsS|02t(2KYBJuSkvS&dlog{Zu6yBNR@KS*{& zejyTHn?Zm@5x^J}Xquy#Lg5Zn4{Qz0gy=~Ge!zPNj=E&UM@Ha2m}>T9Cphi6SwyY$1CwI{VmCF^23nq zM`lq~JgEk*>G}|zvCRb%&%~-E&sJ4h^)NhdKYShW1#Lf}h@cHRH17b&fFC41q#d+g zxHJuFlA&fcF&(lUk{Rp5i^14(Va|N<&f~OzSMIO<`lbAr_mII^ibahoq+D47A`I z-4>BHp*HJV8AF5*T~)EuDx)R=Xt8Iyqb+ff^G~n593wx(9A~umaI^^iV!6f?A>^PK zAeP6KLZvQ=H-u&XokY);0QmYe{q_!vhtgu*by+#djWui%id;i@MSCR$#2ykg{jI#@n&H3h7p?P102v4F*CYhf?_gIK`m#R`Tq@CZ6Y98IAd%eCp9ip) zgj)}Ig|lWSUd{+ix3&N%u9%EEElktj`})?LbipTCfdS4pjPn>y^OzSjS+qQroP^54 zmz;vWqRUDFzkhHa`w<^t>Gy3_A+S_~Egq~i1-6a( zoErBMJod%#11!k-{bQ~u^lwxX4WE8v7=BD#)QtH9%nU~iqMGf49hi-QNUQ-r50#W6=nMBw5r zAme^=bRaXY#M^lgFpob4*YFUf7|#eOoPKKZ@GxaixcdtD3SzGLGs^wQok1WEy4&XV zBsFyhb6;e+8B!ZXEqYEMyVxQvVvn&Ug%QKY>_)-5nw;Cp@3j(#_yxB{;!?+{s9gmd z;}g;Y>HEOlf$HqV>;46@pGUwe+!Edkc4>{#ZS%lh*MQc4_x9stQdz#X za%`v0HYtQqk<$@zgP%*{1U!sOf)3BekVOE_`1J%@e%ow}t{QZGLHuK$uJ20Kfl|t# zYj{XBX|!8;T`-)<;fbciU;ym&_R*zz-?E~Tih5jWtU<)0tGKO<0WBsNMyTJPf9H7W zzRgL86TVZXMRSs@NU(Onl0?CuN@pD@cM)}RsDsInhR4G(uyhb6q5eh-QzwI zmTYu`R%Fi2lB%rzp?68Sfi{P^}judAS#||C>;ZZy_UmotP~bQ*4bMWDPpv=YfzX*O#nTXyxaqS8lp;&da4W)q9)nmHqy z^sk;el=w#O(8;0F_6`Wd7C((-n>RbVQmr+#qYg)Eg9=qlp`P|5qkGD&qO{|@F_nrj zDXGGOw7x{^z5&d6-t1-o^;j~h@2DFgcv3wOO>k*j*b}B(_us|AAmJ@g+>wm3@(W85 z^UXmt$XBUBkomlcnCcrLxQ`Mvz7#{PZs++zXoLx;oo&2X@QI?^K!qd)CiQf>OwK(+ zoLOlPIrOg`9%>l&-UvL|2xemF?{70yoj9};=gfJBoHC5AuIMddm-OwN5q zlhkE8K)&=jZaw_D=IpmULuFzi-=smBxIfgV3i>55+pQdzuNi`cj7}c;S+Q_?bl)P?ZPR%Ds7#Mh#CIj%RvL4usNJui#PI@zr;kW0vb z^rJvxLcOBVrreZn`|EDd=GtaqzcQ#ZdG<@}4KtyH)0k?2VO@=g#y^XuMu;OU81V_J zHHnf4^Aia`(qtvZ0q3%T(EDRL+IPOn)|qjSZHRt$5fOWjtPQQ{9oS_`h)*N10q1~G zmwtoXLQn%2hkZ*JB`nTWL^zHJHnDZYaq;5X9X1T=1RMNXnZ;Z^=7wRuU%vTcmH$XqF>#whn_y6sH4X zC-$4Xx8b{9@y@R*;SJyF<6EIX+vn8X{9J2v;UI3d^b4F8Kzd6=DefuEEW-`K4vlu^ zhKYvR{iplLhJqVc5+~WX& z6fXckK)=67j4RZ!4~~}1(-XBjx^4f?>=f`Ide{E&0AR5Y(Eftf^`J6_Su4CLlOxds z3n{2YiSUNP!2;&dWo`)Dmh*-8@%yc~+Rx>v=M43>NjC!(mtQJE9jTg=gVRDyR-|s{ z0-o(7+t2w+N*~ZlSI1O2@_A!)#j(A{>C<)(Yr)~Pt}AZywApcoa#_q9dxkaY6H;#< zpo&ZvuA;W2tlE~%nQ4{!c+#wCw3w@;yQ9hMu-1~mTLQLW$}#zdpAVX`nATft`q$?sATIzWc+45x-JE|*LQWnI<+DP#ST372u6D@YOj9=L z0Q1G0!a;l#GjpsMK(9fkj4SEO;h9+zd|*rBFf5J|qagnv>C>!hQKp+;%Kh;EAng}* zI{w&Io4f6vJyXqtsv@4314SxPQeRb7e+#xmFGZDYEra_h@2;sC+ev}w=&WA=Usz-+ zkXUD$3Dn4G7q5xh$rm@2jG<(xQ=e0>#K>s6zm^Kd;A0)!Z$dumPwtug#yD5s%LA{o7@n1q(_XnyAi7K*tcvX7PCH`K>$f4`QQO3}Y+#${-8jTuV48i$|1s zEEr=NR6QgdU7;>6Pv?cU2oJdXCRyqFtt0|vL|XFZZdpUzpzdLZH76{$8U{A`aR(K( z<)5Y1x|}sQ6D2z>-r94(Iey3EN|bIJ;0#^s%+pf!eL^vzWAE+gY)r-aJ*??6@eeM2 z%*DI$!40pU=U1;7-=^Qpz;<`j)nJ%vi4giEjt2&}0~$eXe`Ncpk7VrLmE*N@o@3Nd zb=#UIh4|$Bi9c@lcfAU*U;eVpBaa-L+BHnm~g*}-CvW?Mu;g7T*%1!9q;tY zd4;RAXqASQvKs7~@73JZg-c0Z$)YEx^}{ixr4wedAnI82a2D7QJ6w0Q%zATv!~2J` zWEOIz#F`cp4(*OP1!quIne;y(P8yvpM-zISgI$(7VAsucoeN(Y#d|gvwa(4vC?@Fj zW_q(YYJ;k`Zxb{jp1r^->=&FqzSf>PG^R#-&ZyQM1C6>U^YwCjL zK0mk`j{F!Rkqwb&C0tTjrHWzGP9o)Dm|?IfEBtMmU1!#>R!ZOu(W=*IEKYOg@mZjA zUGkgnYZ$b{e0WpBLmBIpNs@g2J+BLJ%gQUR>)YtJ)_{+X#i>P|=4ACHt^bO1VFs4t z8jK+(2bX^K@Zl)AuDnua$0*Izf)-wTZsFiyQ?IzB^60r#Uh&OjE`e&ZXa`$M??vTE z;@EVN(vSp5n%hbFY~C#@vxuy5kKcC9FZ)Fnbny^?Oqq#=QUMQ@cu`m**s(9)gCwVV zxZm{RZ%s$%8A=DSvC_!D#|QJ||5)kepTiT+sIWkADehZH-~WcpjZ72pAq>-m&G;<% zL_VCaJeQ*)tWpJy77ryy9cu)CbffGTcn|Ohbjn=Fnr6=7UCo=$UD%~0;Jsz;hBM=u zSv^nGz*1I9eHejNRZv2J4kIcs|F!r_L5jxohl509gy^E3D2*|Vwg}uClZ+)IT>3p{ zbHakr2skPGZt0#n{b|Gqu6LF)fs4bhrQkp6Vs!CwO8C=~9Csm{cy~EVbhSHv_eD)xiC#U0=afC_r(MPav*pPP{E6sVQe0IL+6Q>-4jqs2Ls zsN_xt2PS+o%W(P#?I?!zCC^I;^IB-(!ag2y$r|6=1Ai68Yu2pJH}B4AYAj9T8f>Yf zRhFSfln0CgbO!0`SXVBvB4(Z3qIrI$JwdVix?p=5W028Hq5*BM0HVo6J|!27h??DA zYH#e4*(}+PcF4AKYpYF{3f2ZLb~k5LdYb3CcF0;t?V_#~3|f87UX)iOsbN*uOx-wi z+BtkPN3+2t!=Z=8j-f)h=} z&mf`EZBY_qK^ntw+Cn}rdqhfxex(_l_IxCWIe7_i7fsMhkB(^*6s;6qMI{N=>FoQ1 zKx99_c2=JIL&dM}pRGMD7jG*qblz98mY*LLfRzh$*@|o?xBF^rL#L8M1*eTTzZQ?% z@=2vuUYAp#OuuwlJPUl=ZI;IK&xo;+tDXC6f;#>66N_wLnV`v+4@B)F9+y5qj(=rD zn`2sSgfoKbsl4*` zaaic`BG`-BB}{H*QsL-hfogr5n>3vootbS1jDgT`8qjf&?ik<}5Dpw|0Q75i;`0n! zan_d-Qx%hGzlXm*vtJTht0qR96V8F`w0_v(nTMx1cRMx(Df*b?Hx%2O9KHqe8ReDJ z*UoquHPN?}+(|swbdeWANJHG`#_}q?BmzkH?WX8x8RcU#4o_hUP!C0?6r`xTW44WZ zhVMw~qsbpp)a*`@3&EUy0VOGFiPWd4)*2V%1BWRqbLTKCsk(aYGMi+N7VpmN>$XjH z6Kh8udR=O6t(Us*!ZjmC{FEOOhxzX6&k47+zvF1|QGJyas#woq&LwcGtK&0WhLY7N zDsr)(`%N6eIC~X-cGN%|IHd_`gVUx;G%HRepVge@ER|LapWQT4AP9I#`s0Nv z*CcM_Q6G3##LoA|AflD=nN63A98R7(X+Y&5{~UKAfILIJE$;0*LUNfl{{=0KvvNdV zSi(sf^(zAxr(OUw>cPo@=Sq@>NCLad?%V4{38b~ZstWDXcD$E^F6uh5D+IYny9UMk?R7&&p; zz-x|v5%l0FUu0O)R;w-_*%|4EmPdsaM&2mc;uGe#vpjRP(#@Ct6?_R9pE+Lq^0>^6?g*30J9g`WSmoBR9bj(DbC@_oo< zf!lX>t}XxKy@x_enE0K}@A@>LTF!Ru{t$xr+_o(dxBa#-Akj>y%eQ0J^+4$ z-dG^c(cm7L=Oa?5$3sJ=*Ni-wKg3*y;6!y8YN@4Sr+r~8duE>Ea0;tWNRfwaCSC(x#ad|X1Y;o zSF9UmKR%!o@>d{e&Aj{U8=$d}g#paqpUK*|_pe};)5qiF0k+w{Wpu_sy&ABRgL0ut~;G(g0thj*NMA!nlXHb3?@Gz6-%F4ns+jZGo0elPX;}_ip2< zJgGJxbk#uFAdtc}zgPMuco(S$MV)}1(1_CaAaY+qL&f9qVAyNBZwnuCVWN{B;D;!% z;OHJpOo?W5(H!5rm6>hZvn9$axSRdn+99!XXRMalmqSfau9@Ophry&QRvAM{wopg@ zGbfq3RHY)EkN_nI|9w9ncpD{VI`gC~n|~d0y5W+;9LC?#R&$cc?UKtVJ5PVz`)Ejsg*qWr0#lYD8tOMwvQ%DlEv4FL5X@v!xSdxlk&2QS;8p$e1;3fk zlHb~A-FES{oEm*#-euZKrxiv^n;+?FYJ-}G_(Ud9)c7^YK}J~e%vfs(CY1))P#2o` zDu33K<0W7D0QrP~+XGVEoGAq&?cUI7AopGm_6)(zF>a-hSM!LtC>x|`^s}*De-AO=7#Ih)WIe|shbUTy_eHn z^t=jjN-h32&)v~je}de*m+LXk`sa0#-e=&nr)k3kAOtGSAuD?55fq)GKHs^IF7q4Y z74Mb3p-ELYt5Kq7=hpuo^_u$CZk(%iDmUpGy-Bu%@>-Rjdfoz97ubVjmo;plolq`+ z)R2)`4zZ^H-20S`dn)leS*Kp=seg_i=g7)D59!GAIXKkv1h}8!65h#27&6R}6&@lh z$0|?|lCL%sMqz|x!n#FlYVqJ!dg>`K#K;RF4A&fk0on>-vFOF@>~|R#@CvfEi_0bs zsPEOpy;hDR3;9v&+tDl!d6&1AKKvsWkJB_gKf1ivj|<+EC2tRvB*f%pdHE)8ld|Rz zbr-`VD3n$E!|d=0HID8?RKWH$*vz$$ukqA1+w^O^YV^n5MVHE)LxIXbWK943NovBe zFYjIH@wWCsQIfsYAK|Qf&MGy-wc6oGh|&A;@%RC948@m4AxVX1@}}9AVlnia2KfN) z-R3Z89w2(SkVl|eT9lRzj2gkgUqfl*Mf*~Rh#pFE0XMS1uKHi(!CcdwN$FhN@dJ+tNU@z7I{E+N4Mvk?edFJAtfXexXo z5dvm%a@VVhMjqJnJheQ-pA_Z;E9YR?#Hy1Kr1SpJM~)G>I@}-9ma3CBY@m`#l*@{I z%twsafw#&mShPQD&{b(*JT7cmzm~Qvvuovn^zUq{tzg8|zSmZAq+FT~eFN zU6#(RVliVgUDS{*(Y40wv{|j$I~#&kOt?!-c-A-&0^nZO==ouF*7$sXa}*gkCz4lCS7OI1|6=ZvK1ELF>;l}(#? zWbsWplLs&A2$^p==pwT7?e^pWMt6*K%O4Z=%Mayimle(`Dk{YlrgIRZTSs2hSLO3@ z688ng&3$=Ktt{LT%)>O4L?|6Pc(q#l%cvt=A^R|xVXJ^N<+%Gvyqf0~(y#^H5?P~V zPu4I06fQGI3%37 zx;Bq>(gGwDy-=>0G!!I-GXNJ<91d=bo27{WNDMeRz}48q zhjRp{{RpNckb$}Eb0-h#w#XEB55u~l%*cPY+(hcM{o>o``qud=Ip#cG5lv?zB=-Xy zTZURH1$>jk%KQ%0Rzk$jN0Zb2jd_L0#bwAtCzK4E#;Matkvo{tSTT2XDVD2sR(G_gOh77T$EiEgbnX~%4*+I!))h}tK%X3?gg)pD3D zyFCnY=6CdV_Oagk9)%QofS{y2s6<-A?6`-nkTbpBxY=6^^ABg7#uHH1g!El>z03?t z=_JqHtlME`Vm$Qu5jmkdgV>Z|1F1f<1G#w&Izwtu8i1a>EVRGzA`2>kY5+&e+4<>! zZEi*u`|yxs=*ylZ%W?JZ0fM$XWmG+rvY0KlM(kuRLCogkhtZGoYsR#zw)gHTMrJKg zs5Zy_@fe+G%HV2tiA?QPZiB_kSR*k6!Y(wPby4bdd$Oa1JPAY1!lk0e6_R2|`L>E) zHnrA)?v>6}XHQw@C4R0;_Q%=Se8G;p?};Z{!5!*^iAa5ixz65ef%00{02OrS^n$J%ZAnm)lX zk4u-v@-@1r_w;jpa?~BYlzK?lYkNQ4NNHAgA-ensCRsSY-e+k57TXM8<@*_QBpA3C z-}C&TiDz^_?{MjbRBkAZ71qYV7F`k9Qtr2I8{UoT^M^<}oI76sn%`z^0TSNeXC&{=QF^NdH*k{ZAq($4Xqb_LnQAAe(a?b zu2fg{yQd+u!HA4m#^|NU>el^x!~5TbF*FGws7G1?XYj6Nd7yA~cPLOWDT+&IH}Cwq z0m;I6aiBtZdUInsn-FuU2v-XZ>BD;gD-&&}s|Dz<3XT-Fm-hDn**>6%yupVa>rVA?l}b+Cs@0*BK}*f-=dn!4%mY@SJD`PGGd9&C8;FX6QEU<6&=2Rfe5ma0DvJp zVs8@u1`^IaHiB?Ci)0<2?6yq|7MdZ9JO5dOMy}0iOkf8L-?>o;tH^)w`4^--{3<)H z5C|PCXu?&iuA~Yy?Y)eYsZ{k}7$+5fZ*7gW^>jjTcD2@cTLOd6{SHob*;MXLs}AMm zX?X6;Tf05XfD5dTzwnu}F?3zrVzb%wk0eQYjP9Y6%v)~;)a=*qC`H7+RZWG-X$}8Y zq#oWd$64Gshd3iS5|*)+$=OB2Xv1(rKcu;}Bxy7zA{Bbtw>+?Xu$kkgBAsPG_6>jTt=* zU)ahHfL)HIlU;gQ_r%L2ezCfd(d=4>bAJfCQ`}7feEVQ9i!HsadE6;7+aF`~Y(pEn7d*spbSLO`;H5FPi%--*s z2Zdohc`yV0KILkLdXcU+9EPwy0E~GG}UQ$aiq#`eYcUwnI2ni}rz?3Pz6T~W7 zviw6EzAm8aECCnl{)=a(TAd#|JM^YUT9N`B;RC!y8$($>7{bD343+)I@gPC$LI2E zP;Ab|`umI7s2bQe(`+Jw5Wnt6J{pb>drgnsVSQ&w_WO8*b91{p5eU1z*W%11t1fqb zgY)1*CPg^{2tg^aEu|%KMMwlXc_ur*kv8--Se!G!{?bPkJ3fYcm~U zNz__R09*yxQl1^@=-E<=h_fhh>58^Q1TxAuLBGbZd28cZGOaGy86WPUCF1WBRC4mf zWXr7y&T4GSek1|@Ko90Wl_Wm(ZOkerijSv%iw;j5cS3$I?w)2wiuJi{3a9U+XV9xPkR^lYinu|2YcdF(J-WR#GuD$-Z$TC8T( zGO0HSDAEVFV3%N)D!0a1RpdJKYacKk(7b2DvEfuVYO}Sg=NSlqTr8+0R5)qa7o20A z2fvzO<8fBiGNEBz(9?`LJuNj@goOXO?T{9fhg;4NR$Av_e{WF)R9QLF+0{D1NW6%u zOZE`>1%olk7AG?gHg&$`yA)twuu@1X0t)H@6apwZ3W^r2=@k`qw|WK;%#BpJdpm}K zzYn70S_=Km^_uu7Dd!s%mNAMI($yk(2Q%!}CZO=q$_C-GO(J$OtEg5eQ#uISv~pGB znjfoD98jDWgG#I#!d4eIa8A&F+PGnLTG(>%V?Y@Go;1p44dmePZvDwUvtS>5ifyZo zSqUFa)PS?$r&quoGM=6>LO+429Q_zbFw(Y`p&5Lu69|pu0_z7ZDQ8_40G@Vz4cjt+ zOY?5}=Wkc>5U;7D5~r$$b;Y|TMgw+x&SF6zMi-Nxntg*6xTlJQS!DF|U3Czuy6!6)WVKQ$OQZjSFE$ z!AQtV_?P%^?ust^Zh0^K6qCm{suOOFc9|IJ+_9s|nCC#_{a^wAWfP}6vh zejSW$>|gD=T~6OSI^J}yMj~vZadqbOwfgUZJKj#B70S%4v+Lrcr^lX!mSc|QMVp@W z)isWUow>8KsX`w5u?$EIVatL|yn`I)BDrb-*enU=NF zRQ5^sfEz@eI*f11$hVI#_GK;zBWOE~2?nHAf1@s(U!P`6yZ&Qp5bi11du}mf9K%x= znbOzVpPkU%Mu;WWS}_G;&A8-uqE9385Q`Nal7pUi)bpx$kKM0vpNw(nDVGc^d?B=; zPW~=kaJCnzMVNpWLgI`yo00rfgcHXo!9l(6)>8MBanwkMJq~<`eT2K!yZRTr6YhY_ ziIs7N_q5}>1cRg*+wpm(pX)L zc>5+FACe=Way>&G#oQ)2-^y& z5gMY9z&V45eMR2g{s1_C3UYcrEC zn*+k5JNLU+z3+F+JWMXr_264Q$S}?%l(jXPKZOJ|oxLhLHg9= zL^JGy@~%7Fr(*_W_TZ06~m4y5(N=KZ`Vf| zCz4YqX{0krrk17_8{JpDSBw_bf5qMfA-d_nr9+9tP-v@Win ztm}97PFtTk2|^p{=)8XEL4HerFwKf}EcWz*&nmQr$TZJ3+rk0ho`YvYnp+6H(Q}PK z_kam8+xVuS?4a%D(avEQkQ0OimJV0&&O`ljq3kDj%IDVNIGUJ$NQTC8+Y3BsN?urv zjqoX&pE;!$Fgi}gct^= zK8N2b?}Iz<1!6rp{cxI_n_q2`^e+8EAQPscNaDAgb?3SVV>l&JW;3n$v3glo=GghG zLM?ykwj~HRtZ1pklX*%g@{NZUk= z7AM-g9Rq{|b=;{OaKva>bVA7eD<^;q-dv!W)qzh-K^zrFO>?3jsZ~y(J;9EWKVYN_;>}PTOm+1Np?D*-&mtwQ!E>|r{*uoq;iD|cMhq|UH(Da z-YCT4nmevpd%H8-js3ZM5Q+VS>t3*m1g(Yi5QCoDy~mx0MdWJgW-6|vWwNneLVQu> z5LPbD^zwAXPUUcE6>}P{S=$`_s9o=?@c2xT3xzxDOn?9~EFM@BPCuB|LVwGyNq=z& zTK`i&p0U{NpDU!RNz#$D83l98rVqU7nNLBr!r9y%Tz;lP^>bx48hJ@6DUbjL{wN|8 z8v<&j%Nbg=T&r9u$hLQ#sVDn8Sh$ghpAFUF!BTseqVg&WqZD4j3C!!OAvl}wK#QQA zo`XXL)idI8aLV+l$YBv31LhJc_=GmdT5%k>1>|yN(kN}s6LREVc4$5JjPoEzjUb!p zC?dF^d$<&y+|`OB)Lb*k152#56_umT$!M2mGTurzJWp@FHC757nW0nGFP#HL;?9Gpc9lK2V$R-AK` zLN?1qWK2>!7TDn~mRQ_NbYjY?ovbq9xc z`L=2HJ&g!z4NStjLh@m8c*4)ooJ)krdxX>ne2d0SZCyKH{r2S4d#(|D=n%sGy^@jT z_R>-IuQTINuMBed!vLUXuNFvZ+8mR5(9a!{J$qa~qpEB=7nc#Lzx9SixSRR;bat*D z9pY*;S^7`xN~80Ud}$OfccJJJ zK?&g5-ELbL*K|i$UKQz%=<~c~PAKn}HFTVctqQF&rR=gN$IlK%)xS7X7OWSu|3Wp$ z_Q$KX(gqUKMqmGlR3gdb(B9*-T~k8$p`=BO1VCv9HKJSY5ziaZ(8zq3FpPsy_B|S8 z(eU@3h{3iI!N4FtLqbApUo`J60~=o@%Z{zfBfLU!sw1ewJ|3-WZXV^!TtTn|F)lCW zQ$m<0C6C1-(rlZ;uB0akXJf&OSqXuNIO9$s+F>*7PM378HPj~&WilF1K3YoFpI&6q z^SKAKa5CW}d)wQ2#&a6L;P%{<;pfMnO}_FWnM zVgKBn9Lzkmk$9%ANq0xV`B^_-imaVp`{XUY@se)tb*t#%QLNnjb3R89Y~8Q(~=!rQKd#T^sdEFxn5y>CdqAT#S5l9o6ps2x+ zma@d9Ql@9ovKR@z3ZkQ<;%{9KFAgiS@t}A+HYKfIS;dYZM;Kk-_*UFekciP;5nR0_tr=kTC9uKM{?bNZj)NL24&jK}>uW{#JUNn|(74!%1~? zo|Vz(bq2NdHv^o`9*QNuTzB8%{aDMTdoaFmrT^$Vr;KMC!URSIjj7gZ2dMC^KCUkrY+Dp=o+PLvqSKc$d!qLsEh1AFPDzU6 zTsk{m$Pv6;*1qcRe019j3=Jyz!%_xBhWTQid`%j+5}X7=_TJfGD?Xn|@4%H)H+^=I zg7KU=&+86Oaq;rmEYzP{F1}ArMji1#KpY}!B`w7+ML|iK4=YLGjor%5I_Yz4ku&>_ zOdzfQY})do*eW=>pnsd81!6(6!u;SS3}EvXwK+Ugw4lwm6kHeN7odn3#s{wm&$kC= z@e|&&4bPY?7O?ccmA_4VW~)0|@YO#~L;C?CB z-?`ADV8CjhW9kH6mPQ=-gRjfyAe%x0Li~P4NggJj)fMG@lCcZaf=-mba>R0u9Z_r2 z*nTLwQ-aD2eoV7ayhi4Mn{Zq3SRBZ1p9wI=vx1I;DF(() ziA%r4OYJuXG_CQBiB+J1qESE2_KwCiv#K<8o@_H!T8xo{z zc-hA_9kT9GiSSA+4LwGe8gk95`H~{Cy&;4iWUW1wjgSq?lYxjlQ-QKk2=6yil$mFJbWyX>_lMoUkbB$}6Pme7LC^#yMxeCcR4KvN;^@%UQG1AT|1 zwP55bM)ofqd=kV!YQ2orift}ez3W$uJ4$ayegjWNg!C$V`@|7)|Kptu6w)`8bxnvh z&O!8Bv%UwQ1yF~jENX5i=C)pq@6k{F-X4JxmNnq2=_lD5eBp47d6EK@g9M|Zf+tGHE(XC;i6&7Lx;!EW z4sR_^iyBZhOJk)9fh~2FU}=|>R=$8qFL?41wsH#qv(c$s!>EPM^@<%^(JJKcWt=8c z&{~!XO>fvPK~%sh;r-HLRya9w^T9}4%S6-Y{wM=yfChhbkaN@l8Y*dRLY0bS1zfXE zTxPX`RaI?Euj)kAJ&1uytLHfs2?z;=$H{-_kZom zRta!WsUS&PbHnmhkAs415A)naj6)R*y9mVbPn)CUBW6m2?ezqfXTW%0ynOehc1^Fr>w6E@rXWU-6`A2paA^s#R0Db*rc zsz_BcDZ?3Ey-Ax#IlWKd;Lx2vb5e&SF*5d-D`N)nJ63#7l+ScX5IcZ$4B-{si-yUYpR=H~fU!D>b=aGl+&<5re^TL*#LhK+3<|VwXhy)d{hktBW z%LY=~fJzXL@K+Oea;9)YD^wW(t9B2le9Bgk?_kG4JHPJl%MH`{K1ezD#j&m#Z3G_Q0x%_tI@@NSu?EfN zeD#<9TM_s{(0{qV^d)`&AgyRcY`_$aU@9uGTVoi4w~?Bc@IE~Pfm>`CqLmBz8y&uE z{s8mCa}*~ABulwXL7{(<}OfEov&9HqZ@emW76KNL zS3DlC1P)*?K~IbPa>*0PFJ(AIV9Der6XPpU45cz9s~)sD9St|fJLw0JS>l$jf?FC; zAxm5{ifK!B!vl{|%F1}J@L|i|E77^OapmJh=DkSS1ljW!Q*qiIJl^qm@B}hzFr@s; zAWdUMx>pv*(*#;(Ha)P@v3vcBU87Q`8cWQfjgcBfpr@FC|Kly^eju)-l&)6$bn+HK z%`Dath*2aZIT9Nb66kpTYs~#@&1sLPSRj^VAzCSTm^ks2)dDB4C9Q{D^dwpYUIoel z^z}QNYYeIhd(SUQ9Q_v2UCZ8hj|pZ2oEAAfzdN=}2J!9i$MRCsZ=-DX^IPp^$w)k-El z5kKUWeVcYjp%QRA)trN)31*B03Spd)Vok7c`_79V2Na&^b=Ku|>C&}j@z?jx!;81? zOeNuW;sa&aPC7m(DKR??_+4c!9G5;Xn&G$_J>5WkAZoMHHoG~L!%J z%dxUXyw92ccSUa-#{MjI47yoFEEvAj6)mT8R~qd)>LrJAlf^Zw5CQXowUqL^#K&&Cy~Lw6dZFQ4mg9Yw3kKpPYbuNbd$`$^eNFuLLIv3EX){J9 z&O~QXmf=z7%$mhvq}oqnZc*I48*936t&|)N2-NsnA#fnv$QB5xT3rXXL(m-FD4Nq! ze;}%b&QW*zH`J3>Bdt+|>(({}3@l34iLUlI<%|U&j->?>vkY}kzbaq|OZ9J-ix@ys&dh3sS;}hV8Iy|`M z#AUe&4jT=JAlXBgTNYLN8P-LCGZIHQ(g|7)#PrQI2cT<{@ldTWvM?MfV}A2pzEN3> za2;%r@*!`cd5|z^c`7DYTFPvc0bp&WHp>9;HZzyVJU6AWCPNmpJpLHgbQ5C3h4=Nl zVni?eh&t&^FpvK0jP8|9GA?REE+V$`T2w5?z^H1vc-WO65+b(dM=! z_>|sr%DcuTt0W+#hyyODfE_3#3ZSEthrL3aWjF+A)4M`~V;8uv1MQf=*QCiihxV2{ zqR~6gJ12rQCWw5$Hi^MZyS@S}C1bLJch;&hESl;Rg9^;)gi{GA<8sV)-a;XsoG4GQfI(R@QA|R{jy$u0DVwl{A_}N-J;eQwHHc%oftQ9ADh?tB6&50Q zF7HL&yS7-o`|c~0QZL7(#qd!xfBiW|7S%ut;zKI5{HkAa;`)N4=IJu2W)p_)4g%JE zombm=jdqpX)Zm?30F-^AmP&F;MR` zgZw~{;o$TIx?Zu5;wSt;Xjj;i29~R}D2^J@^5ot@>`Y)r9sXdlBE3?jvpNO!B{258 zSv$y(@EldUTcA{pFN6Qi)FndTdI7Dd>FFrcJn{91^pzE->`*EYUwwbOrTdTL40jT^Dpo#rEIq9HKi#ykB z?iu$d213rp-CAPoB(f;38*wsnyXxn820%)9^gxXr^HOJZ9y)?SqRvb3IMRr*L7Rpr z3GS#=XF3xYOe(Y>yyi+R@lb^r>fV1<88$nv9sP=%iWM~p`-th6E)#+f_RhgY8@$sSw8hGVsj4_v^rlwxS#*$?a8iwo!}v@kif26OUM#J$!8L-Q&}V zHA;+Va74S(6OeFQ5&8ilPjD;LI$Gu-0vA#;r`_fpT)V~ zclOuTF%Osk?lGCD-Br7jt}ci>d|$7o(WEmhSM)c9;hJxg2QmM;m;xTtlo(A`cIL5I zoWm%_F)R~1c0o%Mw{LF56dxc1onJ$xWRIZm38##MB0e7Rxw=C`M1AT=C{I*H61VRx zi&F1Zz2US`D|P{Amp;Y_7BVZR2=`W?Z!7_I1TpF>b6jVbT|WICA=|PmeHTCU-A-^5 z{P!#5{e^8Y_)1h;QmKgo#R%1SOlN5mm|8q7?f{5)yeda{XHrc`-Cqs3=nWvl;YrEV z_{y>Z#naQ%RLq7QAvRp0fI7}sq)*xQvfl;Ehoo6hnwgRI?%G=y4sFXZ)sCbcApuzj zft+%A=OWjj7;im>KZL$4V|sA#2cF%dEWtIleK(KfHDc@nLLft|<8D=oZzxGj9QOAlZZ75JRm=Msa1HpXR48+=NJCLB;Bn>YQ=} z?wV3%;lcq9aj!UX88Y29LI(uHfJMaEgF|cLLUtzjQcb!dl#k&=IhGfU1sy_Z+Xp)$ zo~8y4b@9EF zN#5}bhjqM~e3M@>sfba=C#$&LKLKK6x(iLu{D+XZUtmiBfy53yTW1gpV;8H`>D6a6SpSZc+V{u?z zsTxhQsoQIkjUO0Dpytr8@LXNqprLb3v#e%cOQ3m%e0jmBRQ&DnxX@$Fo2$({Li;0N zv5o&sWb@1yXUwyYC82th5CuHHua2PyvFSi9_B&tt!=c=(e_BMb&?b5k#5F2(#gMxT z{h$qUD4NCyBM58{^e%r*@_>h|sEuCY4yO2(R1pkchstiSo!*u(kPt-%7sLRH12H!P zS*MtgIo#duimRkF($iFD%ZD;ZwT{_HplkZ^@W`uGib{i`UNRVB1@+Y$(>Iqb8mA!W z5Q1bBsE3nn#Y9&(JiemI@KGo0m~GBPM{fpYYMbNuIALJAID~6t4}+nH3Y;Hm7mI;k zQ}J^Qbtit`w&WF~_<=)!0CfMr>@-O*e|-ZHsql78K=U*P+ z-9fLks#FIBR!q2GIh~FV`#NA;i{@1b+xNrtiY{5kTG}nrJe-M%ZO75{W&pc_Oj z@(&$iPYg~vwOWOhp$D%B(T!Pb@>(V;<QoT)UI%G88Qv%M170H zO+%{fW_M&D3E0fg4Ss6Dsn*wsG-KDvuaus#KJYsizk!-nG3mV7xxl_S1ehMP+eHM464ItXJZN-t_mfl%%Nqdik`O0CyLcpP-(an}8|HU#Sq z6MRF7>)U0q!@GqrwaaXqb`NzD+l`sCuD1@ima)-)q50cWDgm{epzb%o{vEU;`Imo9 zy?k91y9B}6KFJzD`Yw8=60>tLr}vAW*oWbL!H2W6~geTZq;eba7dHmBgH5(pHk*a6Tkcj1URp>0wK z*JL$4TAIT0IT;Ot?b7Xh=DoE;=*i&d)s#A_9lUPdXQnS#{Totxu6*a5=iiN^JMHE| zvu-!h-7bzum2KA6!Sa}<$sT%+m?O#YC{dS|#5B}MLc^??-BF6v9Vkd(@IbX0kWQ{9 zMOYG9NhQUjq?wOBwD*X*iYsDJEfJ5*{X8^brNmtAalg97CHN_jGgb!f6=?&0*FD%Z z8_uKq#r9z05%tY`6rbOBYI$gRS7+0xsI|^e`c!#vdvjjgr#MS8vZ`YQBy_w3)wA;2 zSe=C@6dRF3|G_h#!lCD3P#1h?m^Xj`Q9!Q0l5SfZN;f_YleWV1Fn?<8X*$YO;?r4M zS;niauDG!5MT((pcPa>e@&IP5UUT{$)?;LIQoV0kUuLuE-5;s#bpfozlx-^TdAQ4E zL}+#EWCGM;T*-jB&iS^owA%Ix==eTvv}h&s@aSeQ!e{+bH&z$nWNoZYvM#5F0>Rmc zqJ%?OaBCdDP=ah}EeY z!dnyrOvfLO52CD5D3@9uGCaf3ACIHMi%Px^w>9ANqaKQ$gf85+kKEl*pQ?#|NGnOX zPUUm0E*huem2Qx6kZotXw~H-TivUi9i*xWBW~LS+m8CLaFg7PJWT>EJRL}irAYs0h zS+T9F$8gmzVtTY~$#d!YAwzsRK#w)sN6icGbHU`s`ZjWY@U0j^1>;np&rLM)E($#{ zF=OL)-iJ6cZ*fC=FM!>^1%+=+hqjf->?*$?aO+y1t)Qi+cmUJNwY;@tP381;p}-1& z9Nb-i4t$TKE@)l>-Lfi8=)=l?jt=mBz1ZW600JPm@kjCRU|%oAfsU6FOPOwmPUHQP_CX)#8Ho$kRRaP!LMe zpuw!dtYh@g%cWVz8(i3!-iI$9dmP`~{l+HF8=F++N~+S6^?6gZt=dU%w|?`0M+^{}=>_Jhrs*at-3VJrsN0c?_5wYd|Ea+gcop9C zuFY6&!dzm`iT|s+oHvv^+>|v`aBSQCs-d4PhWSG+U)$nFa1#2nY<;UDLZd4sJzhQ7 zNB!;y(TE5*%1hXdP;2N>Rv~um&tr2l5YmcSMMy~sQ{QKjDIBYXG}dB>3>zoh{42-e ze6_OgfFQl0ojeWEEJ5z?s{J$S{iJ4S!CX%{rZ`Y-cZ?e$1_jltEyoC011|Bpk_R8# zp_`YPRNRWoCy)sOOq>${hN%jC$Pk`_TxwE$T)GRT)@4LddiNRX<1 zOGjpfVj^L_(b(M?=~=THxg@!O+~)ii#6B-d>P`KMMu2Ko^Rx%S-K?-#Q~IIw;>tV5i^h-HLF>Ct2l^ z&5SO|uK^h>qL&hfIqv9zt(`R zt3-^*968dW65$??-7PA%A0F3SSkaeHkLo!fOgeh-DYS87MVWjE>7;OW^tn<@c?A%$ zRhy4$+U#3sTlfHo$j=LX$v^t%>dOD(`eJh(f_c_k_HDfU%NLWYXWn^VkrS;JzG7;$LSx&V z!CVN5@Q7*(0zl%z(MDr(D}o4!-fx_$Y-QPRf%6oXW7}`J(M)&LIe@Sv!Y3B(q<|3w z8@R{h&)VIMk@wjafF#k((&dS>E0F~H^~?~GTLRjlg&fDh2Wf@wf-0D0&My{tpNBSG z{GRG~S@uK=qi*9Ul?LEO`W1$u)=Yb5Vq-`UV$8doRi0MU4@(l8x;;;#7^^vUWwXR_ zawfZ;e^K4G5zBGoUss1Ke0vI@2x=)+)eICft1oDyMwkK4krri7i#y2FM;M5f$WSqr zZxdk?=euOM?B4#K67+UAZNHw|+*>*%Fjgzoiptv153FhO48OLP$alX~WTMWm0HX}| zDeyZ??%JlNvxL$gz;S|3Gi)p?Z7pQM_LC-35lXT~?KT{?sG^^zWys#v=c3oSfKg4K z#NvXJCj(XK^G-Sva*1X7jo_U<9@Xb4pCIE7M18}Lvdu=})H%_= zyY#hGj)nO72)xBPtM?GJDuN52RBrMYj?Qjfm)1OuFlQ+cZOSUum;is0=gqI|Xqi(= zME}j8se)liwME4(Ra6{ad=7oZ`GT;;#p7GZlaOWo?YYPBQkX+f$+wIz_01&7_AK#% zJX^-M;uD``<->Cq{wT4}RBg08c&e0hnR9uxVVK%1gHc68S^w%YSl7~?)eHyzw#>X# zqTBAy#hGb?R*Jjv=?erqqUDoM2&yo6-ef(bH@1!n% zZb3u>wulM#l1>_1at@_(^(c-MD<)~FxqSdWT#7i@G-rVh-w!~}$~YIv!auht3?k!q z&%1t>sFi>}qeakvT1ksItGaaIyYK;%nYq3%+hC^DTLDAp$;CZ?ntK6NPHXY(tZZ^0 zQA6YYXMK5YJbC#u4d_^VXR$-|zVLQvW0ML{0b6&4;Y^BKos%VnuSBd2M_FfBw~^_a zD}X0`yup-EYq}`8WbSy?{BucX*#H?0T!|OQa}nFf>p?Zpo+Z1JuwR+)8P&Mxp3pxlk`HXp;3rsI0cpPpA!;I^4U zp6H}vw=|^cfJ{`p`K%ypO0ST~!p^|Yz-qX{%D~}dHpY>x)zKX)icXt-Hxu-?u{D%x zj(BjFUSNoNfXli;?x3&yeXPm?QUEK!Ezca;C?bZGj7OC_0H%I)`KBU(YWXZ-Us(uF zt*WhVkODZ@G*Zf)-9$1Z>fZ!PRTL2&GsVB}iY|4p1=vK{h}J4IWA;n`Uj9pVifeUb zM``{X*|J=;I12`9a)Kw8rd7~rq@Pzf$b3PU3NfV^%CTFPju-76O=HoX=3V~k{RpfW zT$_gRE$pMZNxpIIx<$T&(X#b>2m8Cl{KMfD{>~-!%Hxi6g>0=w>9gk(v!q$SyWew8 ze}$lP)aC`I$I8TaMDK26&d28*YfrPp5@&nAHTqnjGV+AMJ{Qj4 zOA9lYhXFYe{cw7%bfdPnY;N<;JaZdutS%>f;@ldf*qmsuxwh>G-uJeor#?J$28Sl( zUYrVrHSs5V#t?mo?)_p!_Ay3aURNFx2Fd@JykIT-pPhRW#%Xv;5aYYeBcw{coceF- z;i_<I#w*LIE6;kn@H%kEg_=P?H4c5?VRRbPoxs$hl&?8_c<^^t zTTh+OVS*I6ScFw==h=BCUB~;f6zh)Du$t&fR25p#4_LEsgT((0zVq*H$iEbO7WV&6 zoiot?ADQ;bQVL?y|1YNfzk4h9_}XdhcJ2g@Ru8ConGVbGERpnwtYG$DkC}lbHIo^T7evO_ ziuT6R*@>(~0{crY46t-ZO@E{QO_9levb_oR+r0Po)7Ren=(FV1nY~q>--1@eYI1ta zT}r$U9DI6=?V0%Y7sncpq*A75T1uaS(tHCOQVMQ7t@o3IRw47*Q4@XRDDSNb$fL@N zlBCK0Sy5+*p=aE?4RhZkLFAruO>5s%iS&0d62y4_oX^D8Zu1@7-?%!@D1`S1C>5H| zQrTtu$XmiAV*xSCYMk=y7AcsqAX`;CAeJRE#t#Hy; zHA~g=%xp4#?BXkex>BRLgT5IS>4-zb8#Bs4=c|hJz?XwrU@Qm}8HsZW#yzYxIZE8_mMiVam67)e4<^JLKFGA=YjSR7A+EUFv9jBbIwp!!cSrvf}Wji@I0Gr|Q8 z61;g5xr^+h)6UW-Rr^&YUxRe^>>Q5lbqd)R?d>>@82nrg_)g|U0Dpk*WJY?%;&I#~L^^9yHS!C0ly2W&C7mwI!h3C25$<6X6UjG9tg@@xReq)eFn^7M6^!h%X`H335U_gH6cs4$?LuaELa^)A zV^_t-dxdjJ$Uh=vnV7jvSs(ezQA%69>7#UPM+z zD$dD&1LP6gL})Fv9+M;toI<1)|ND}DK}-B5URNA@ft>_|YdK=Hsj;y7j%csn=GpU^ z^G<&xwr(f;IM_nM^ z5Nt?%>Tea|XpxMNCNzmr_=eAA4FhtUdteS&Z1_gi`(k!p0el8TYajJU1TbJxH*^9! zC_-Zd5&Q@y8lRPJ_9KnYXD*;SYM%#me(p#;PY}YKVT>Bkp~ly$H$OM@Tt+y=*?l8& zAi?Dse6OB7icQ-~U~DXa*@}KjO+U3xphic?*d_Ki>CSjp>`SZ5O$=72oRrfAz6}Sz zmTnOZiuojQlL@PJdrr$HzgC6$WO5U!fL1^gsjwFF`aSSfY`J;9=Ekfn6$_m;hqRW< zLW=1+aw$!4Q?Xx*usL6KwulxT*wUUnF}x?ZV}a2;Pbw_%OMN4SDKm6dYydf~un+1V zni*#1h(j~%55dp0-cnEJIa6H>ff!zbRrd^|MVdIKXXOa=>)c8V9fBaE3#8~R5D(TIQq!!63y%3 zF1n#Cr4)QAh*NPLyXYAa4@WXoop0YIkd6xvT#T#v`lIz}!&fWZzAk=irX_)!dZ^{n z-s-~Deb2>1&gwJxc30bj4QjlPQ&VEU332qhNF(coNC1ScmQdgsHpZm7f4psK8=DS_ zAdl5&spriRF`4GG`6Lhulr-HG07XL{c}ZRS6efSa|WP z|9dYxRAdoH-d@k@)x&2MLl*}ZNf!|nt&s^$jrBmfF_e6$G)QdUXE1HsXH=_ zp0p%~&u<=&NiT8{C2{vLtjf+9k&~dTCt^OUB5h6#A^9M;+;}>J8utlbFY?($d+Pkt z-3?SM(NdnBAn|m?JRP|Vkua10^Z`{I^VACVTJQE{4F@-Lp{sFK?E>$h3{UW^*FdJQ z%1nK?IQoH-c1w1j;JPGRCC8h+5=VW&&sm$#`W6`;U;gxQ#&^1wVeoOb^Om3Q)5{$8 zU1$nSmkJJNWnN}onkd4BobM~fr4I{lZswPq68aa0u%)x`TQX$ED4lbwc2fb$|df z6p;|h|3%F`#^?gO4}+dFwr$(CZQHhO+qP$(v2EjwZJe=f?(bFJ#Xq~BH)+$mchaUQ zl76}_D1;VBCBKWK&fe`8N?Es#(qZK6kra}ddy(us!?!dQ+*=#-MRQ`vAAaFy@slOz z`9N^Ys;#0|rp2wLce|YHI5wC`kT>|6gET~wm3yqlraQkl{oI>~*nKpe&22SJ zUj?0Z0#p@_S3pdL-BT*rQZ76cR?HD>@G9VHqT~ox8!SdTqWuMYR_QSE)tGMjd2Mj} zwZH;aA^$Usx0;|Hf3RRBL76~!3LR&$NtPS0z{F@2X7twz}yNb#5tVd>QJ=2!c>|X^Pgdd^C)3g4R*bG-i+L81W zGjPhxsytCaXtLSCR+-#oKR~Wj^rYE1j05J`g)@2{hlhxalc|WX-JLXa21#K}E{(iC zsB$?dqzl_@WP0r~caz9jnbpTo4eZB2_eAe$6j2KCDC+{}b4h*s~OK4OVx7PtA|AuhcJzZ`arl>88kS@qD7+a{0}I zc!0)yrz_l!WBFPixcQBlJ$~v&Scs31PntpP`K97=px`Q%1W&1^+?iTV zql>mTC>DZ$J8<_mnm01(nnGgo^DUo{KqV}@5^fJNZjsv?uWxN>>x{$|!Y{h*AJzET z_>)XzX}|&jCMn%gBTyq)0K=#vH7{e z6YPhrnb5*%ehmW7(Aa?wS$X{H}W0g9dNzwo7;J7@bmHW z@k^X%o#)S|Tg>dhy!yo6BQL}KFa$oT9l{k!pULYQ-Iu}8cfLC>>@2c4^8wYi5PM@A zD;yd{^>gs1AXiu}nsKJJ`o@TLFLp(2Ih%7)=7Q(hZN<~%0&rEbeqs4324ma)@jQ)l z+9z*!aSNi_`6TKhl3wcPWR%66qYl^Li{pq%h^8p-Gpmz}4zT+}%e2Bj7Y zpCwmZRxQ5jS%Rm*z^ln{rdA)|P1=H)jYnb+9r{E|&rmf^$v;Skz46oLD2r2N8T%-B!dV(FMRG5Q{{|Pvx#NJ(& zmt0uTv9cu>3^nu{*iRJRI% z4ldWGIE*#$(iyg0FQi@1$CJ3EqnG<<3_YC42Od_|ef*AeGYFmnP#6{& zF9MScVH8<$bMg6<56rRU0*mI)lo^&!lRtM>g&ovfFf_~zR=ArjT6hCfOrqJU&?}mz zkNuF0gzg`g1sSq)>1WU@0Z96j_ea20Wam%xoLQ2j-5#fu#RSo8VgwLTkNkYn>TS)M zwo%ZZSvYW}xF_!3!-2}O0jz&9-d5e?rU#^&%zXV$c!kYDwWHLbce2^;v*YWsx4HF~ z7S&w-J(OcIcE)WrlX6%^8oX_&dC1Rf|B<@*=~tbbU0#!qT@hxBU$(XXYixI2T99XU z@g8cttC$g%%q4PJ1|)(Np(%*miUrqM4YhpiEu&07qCk=8t=_#0RD(*!%FJ8I9yfgi zS8mBF!}41nv$%Jb89u8NLDV@k|-7d!6}mn#fn9S7$GPH-#((d zr6W$A2_ar$juhS^R4H}oq@+KoK0CG*H}aFJGC)?|gStMYIuUFiGyveK6T^No6PAq%BteT2UQDfv2=ugA$j0vZLoF@~6C0}KHKA;qN7 zO>oQao`C(jp?=XNGIC&F4n=l&VuTbZx-x%M60kC4brGdcitcuOF83Mti_AHAXS=aV z-%{Mlp3S<+wkb7huTkGHcDws}_@+j6zsJi|RCna1=Z*iX{hVCB{H<^JXV z!TkJu_rGysA4iQyZ+l!S-yUz_;`oXZM64d$qw&b)`;ziR0!h)EeHTxl4RK97WUA$! zn&?c;71m6Z%fj@jEv0@v|2KRGVZOa}&urC#o1N+&1+SYR5{dYIs#5yz&MQUk299)z zOLvd}iWM9307-RSqUseBTZMoH^Y&(LcuW3jw8RiiPbeoH+6lUz*wmqP{@^Rfo4EqS z_1ez@5AFz_^S3;Hn`UjWySNjUoIhNVe`O-A8}D*6^g50eUTv4ee60~-p-Rnu;6jUV zCZkLvc$~v)wkFuKI5zegsKk3WrmUUCkM&P*urpIx*gUEngbjoIgS^aVhql4`$_K37 z>P6zl zAD+9qz#JS5HoAN#zS;@=EuQf{3$&Y0Dgku{E?Oi$Ie(v$EdbY2WeEV~N)7kjN8WF@ ziyIaTBd6J4^Ih=18;XWN0mExq(+u<^*6I@Dpq_X;vsdhfQK>jl0OMqZB1}nyT=6S8 zKe;eT2Ri*WyV~etE1-W7*H|dTSjf&;h-oT2fk9&}JM#Hn2X)4}Ua`x(I767EVKM7~ zg`iN)mG7Q>tOCG@CD>Nu0Y;%#!c#5j)(S}GrhflQ91~?dnLmH>`*^w5nDw{B`Fbhs z7NFOoH{h_8d+S7s0NgjK34N}a*b;qsqi4jzuUyPbF05#6EuC)S!vFCt!BRt0oG1(B zjP~{nQH)#*4`yEu4J@44+JMOp%i_hqisZ(O3B{ZJyXX;r_XSDCH^ZYd^C+S?38KZk zkI=%IC(EnIvWXYSJjYd;mB&>>e{^8>wOiZ4MuFCxwesgp8>RVeFMrG`R3Je>j#u`Q zM-i*SM~Le`^|$L^T;Y$hOo&;sU65J&wf1Q%S39SHtN+C>tK+Hzm!&^{1X#mh5+Gc4 z$6;T20puNy6T4CSCsB&+%rzp!UxV?C1N0l&3_L)wDSX-eWj((UKKdHrR-Yf3xO`YX zYjpX_3#WO;DX(w99>_z*Dq!YdT?cM$+_)`%@(PG%fP8#)2g_6d!c;-E@-*;TEl+I) zz=NZ}mFsJkWY_X6yS`c#;TY_OPC7tUC}33@H-(K2?NV~@uX*3+_o)i>?DkRImrL)g zHvsx&`knBd3AkJMoW1IJ?ZP1_{B-I29^N{Y;D3K0Q4!(sfUnEmaQZG%sMo%WfnYzy z_4}>PdsgUwTQ5KF4Wdd}Dwwo4ln!P$#hAT%w8o9;6%yvEBB$jn+A$`t-Z4hVlHG9@ z5#m~=t8i@|t3j_%K(+v_iC7VPa_Woj@#;xsX(1{5lF3b5S-G%!W^FirvbnICm3~$% zj-?=sQLoY5S;f8tuhu>6*luJdlyhWIJ?%E{)X>!EX4mBCwuj=iXQM)jy3NjCCsE%7%otCm^+K$hjEtXHi=CAP+iT~|ED^_$&>kFT;#w_mjDtBu zs~~F}!t(LI^43Q=T>i5IeCzl*EP=EL;HKeazf;(&Ey~|c*BKqOXo}4?&ys~o4saV| zF>$KZSeSDORT&x;s&};z0Sa;+X&W6s{4oaV*p6ZvU>=rC|X>S-YR4(ixzAKaI8E_AP2`At1WO5#!_HT|h%6pp!?uF3jL zS!8^Tf$In|O)|-*lhT=^)R$!#4OF&)oI7<{k+daHT(-$u8)|bj(Na?|8kt?3L_qYJ zns|W@p`pyJOa9qv^~dAXPjn0XA9n6z3zN2PYKY~+{V9(A%DN!?%lv)Nw)M4n_DC$> zZo~_enE$wD^{bZWR0kneT+~jhanpR0X=pfJWG4u*x_9Ew(fOThJ{W3erSCdCSY5oz zQuj)flOG?d-srF!FfB_uX|p>Q7n$o8i$`hb-i2^|R3E^jz$+mAEIUhhIZhIBQ+HOp zSU#T_^nGgSRwCqmbT?lQ%@P3k;7Y$$E`JacrhY0OKs~RHV2=$M;0~J~qzZ*{s8Vxq zT%BjF+NPW-EnAg}UxoD{;{<_%|8{Jjstz3!Bvw2kQih<2a{%^x-ILZnG*0biyJ=1* zb2VshwfG@1W4ZKoJo-(q%AS}BfCy3q@vP&i*0NGu*3CUOoORi|(MXGr@8T`nuG!6- zH(GVGua_U)v-)NxA#~+p?rylsD`QsNF4Wc3g-G@PQ>1&UGK!k9i0|!VI1Nhu5IG)b z2-SYow|0NUY1e0aGd2B*GsGd8XCFrdaq!a0;tXK`?AYGqs5Qh$u?ly*T`fq}PD~qt z>dwWTN>IEBM_o_zpa*UY$GhEkV{Lgl^n1!*%hy-mv!~;`z7h~@wEfrHx7=1SUGJ+R z3EOMjZJRScKepD#%ggTqJ^m7xQgy9yV}Fl>PmhysTy4`Y!>(Cj+p9%EMu}#mYt@Y7&?6ZXCEX%Y5oz&(!gNG_`NXf`~x`IaX%n#O?%@XFVm zBi_Ts$~h^-&?TFnnqeRFnu(|2Xo4@{aDs2KcAa>hkmUb}VP(&+jDijyiYX}-ouY{) zX_Ee>!R^U7tbzT8oo@%+hk-7!xIbqFr&-B2wKr&?!Bi3xLVQ4rJH2?-kyUL;%jV96 zS(csDy~sY&zSKNU;8T`$aVO*mEHBMMzmPIZV^iLP@1}cumS!0_KTv`)0Y&K1|d&bgSl4#=g>H&`5Ml{X6rv zUpQDXtp#JH*0|_PZi@JRhN8eR;}xga8R~KT9^SFu`8FohVYn7@l-x%>;d zcuB4wng)R8Jy)yS^yTx-zL)RCxZfVJAOF*IgRaUAo3J|h;O{pO%5OXvNglO3g zjFy*r1ps(|0-7+UPg$rg>{6@qAifjW&!zb+r%{-mS!^Hy89-AMZ%UVZDkc$nKga_d z=y8;9TMGk{F9O2HHRKJgOmz6YTl&uzY7b zql+Of!2G=_!}to!;zzqnT;E>PTHjpDsCU(cW<$1p0tc2O)1l3_VfVyq>RvmZg&=hi zJNE6J2$||Q0v}28D@D6PXGB<7-&lyF?X^_knRMBAUNY|5HolxZ`&t_myFU-P+uGvA z-Fv)`*}+A*82Lg6CflVO^|HT&`3p;IQ z_fLBDi7mF{d0Q06)wHlG?18 zfOi^69%BW=#fUqZ>}velJhhP??-Ln1m;QQN1P2Szv!?yXo{N12;Q_tIdqd!9;xPsAA;(25e(v z)LrUOc@vUEi!w7rvmlyy*3OAkko+pZF@;M$Y%r0=(P~ouHTxW8E&fvGv#-H&FG2Np zb9HG=@AFk6pKo^8*Y~|@6|h?4mnpAW-|M~HCBV?=Nx@JUE>KW-;a91k{442~zxlW= zRC(~@7lFSHoGyd;G8wf9gr}ll>pIJC-8@Vl&itCtMtfH)h@P6egw5IH$X{NqBC22Y zqI`;Zf}OK0x5)kscg&_2;jPYwlL~GtoS<@=opK>S_uKNbWS&abq}C?2KA~iag&rsb zSknQ*Y1o36Q1JQCnW3+_jodvDMoSs+>{}Ud8h9se8V#$CB@$x_bxp3zqg#lLl=@K) z!AQm{G)D~6a?vI>ZPU+YgwN@sFty5&H52u+I&n&e|AvZbnGvS@(rvv=xY*$Ki^)F^ zFbcR;a5M^>^^<(_GCF+oqgMZ`qjxNz=T{}o7q=%~W$94Znn@*?1e$~_IU+H7JGhT<=yvdVO zCPXp}+&d+p`En;p;lDL3jRYOM^|Iu9ugx zhhAfe4 zwD^2UhjJ?lHH5P;Iu&Aaob|RpR+Pj5#g~x+uW=!`B&A;7AVxMW?1#VgqAV9MTOcb9ToB+tB`Wq-}hppkDx| zLLB66l4Y3HDX-dF;w%geB-!3@BpTT-IAQvU&ddlIxfLwjh^Z@AICfE>sS&+V2g{#I zkNTqO);?vy1WggJh47}?(`TQoS=*+}8gi+OOZQHf?PPjFui|AZkrOu1l4Uz*Q6!kq z_pA6hxR%CkB)Z2AzPrxO%(zkL5;LuS5Z3Oqkf&~oa^1a#9$ z*psvfyqh!_80p1RgK)6caV+ByghJ&kN|V%lP;Ba03^WXJGAK`9g%oDI?)k(6HvgPp z!=dpFXg$>3xY zu-FAks>H;oNSf(p?K0>T)p?czrw*tORBr$9Vf%zW3J~PsUJ%ywps{bo`f&U*Zf4#*rz8=Gj!}v&6L829Y)h{rjR@RMQ89h z-|`9`-bJGc-Zor%;C&31bRs>4rzXL_Z9xiWsiUR|v?LrtyB17`LD02eqA-@lL~x_7ncC#+}@E*!?r>g!_Vnxw*Z=EjVQf%w(cfkM8Fj6m;}BNQkO81t)0<{TZG1BCT0whdqKDpsA# z&Xsx>$0y6K4slc9$4;@3Kwqj z=ItBaRMTaY(?EPR8OA`C4YCaih1erGgNCeGGwRhd;cJeuHIo|$rn4Zn5H+v6wbCQ= z@;)}?F$<^*w3pM%zCa-@N-WlzJfX!%RSqM4qGfkM^8WnAtWR)-~JJJ#NvANKOMdfA9Dnp zkraFp0YfpO`Nr&5-~Ti=Pd>dOf!Hc0qy6rs6*`6 z7@7n1Av0qOir<3Y^`akRR=&0$E%5sA0xPdN>COq3{rrnse(CKmQSndt@VKC?EezsY{)$-!U{z9i1b1sTVysuCO}o=NHfp!7 zx`la%$*}7f60Jv$PnA(JaUOz0ayjBPdVm4*0ifXR?+1l`^6y|DgiDY`oWqw%6o%tI)S8VG%1wHK8=`lf6Gl&|R=@ zRWv&|O21JL7c-&~%!a`duf_BL4Jpv}te5`dT^_>FXI!Em*vS9!Ojt4qI^5uU7ei~n z<=;)wQ2nzP&p8B-A+h}HrJ&ENlJHWDFQH$r2VFStu65TmA^NzyU%bzJNWEqK>Agh$ zxw8tmx_)7>E!a}Kn~xm6apt^&?;br9O)cHCTO6!v&_=CaID2{XBeGp{HEko}!$+RM zxIBN}yk-}nwD%DlSIU{P0>Z+B7?7eXK#&9+maMUfL#Ly*ph|+h@BZ$w%^Ldnd<0xb zHU{x9KkyAZ5^WCVFoW*%93Mv`TZnD6$`{sEHK|_po3w1(}io6cXQ zxw{1pa{;lzxmNCrv^^QH_SY{a-B!C2Z?qVeW#0-zlN_6W{k5FAkLrH=cNSruhLYmV zT&N;jn7)n~$v@3b;C;C{?2tfThm*$t>b$d(@fx}Mlg8ikQ^({XkbO~xi}~5Tg3yzp zp~+}2W=(bN_n7`;?sp1Z*|T?n04>=3Bnnu?$-$Bo?`!Cy8_oi>{v-YR9o0yQx zKX9w&cl1m1PrHkc;2h}NmR+-c8jjSRjw_@%9uTK~rro$PsPhw#zh=FMkk#fRnw~7RiQ(8lq4{Cil$5_eF6@>VSMQwHtGm~-y!d%yEUdDpVR(gV0q~N@kIAG!GQl`2mCnD?^I4_rB=~!&wnOG;+beCPLk~1-tvR=I3UoW~W_DWiWHeyy!QsZ<)+KmhM!*N$-d~P_ufkSDrw^+H3wo?^fi+N){vEwfzL*rr-(w51dR=*7A zhuV5YO**=&=ig%b+ZOwn?ne7TWt~>L>T4pM&2nDTEi)bvgpA0OhI_FSSJ3_3^r_cn zyCE9$B_|HbTw&y|bA{W-AL#BW@3YubR)JfHN-E|wFfy0+^9xsCf5@eJMriG?t{BSx zF?TF!7}I!;3Qn?@i9fk0)_(#K*jNH|gFF#u143H{ta!SGo6)R%6IhUM(e}_Zs5@={ zMM4_;ITQeSKQhl?2d6YQl_cBMm!|EXp0*5r#peq<_*)GM?I_{FTvoZsTA;+@4g=r5 zK*Q7HPI4E)T{f5@*wbIp>fQe6xl^~n8a7j?77~x^TxFUIsO3c|2pqR~LHoRCU8^XC zyvVSG{*7a>KXCye7^8aiPb>?=W$Ua*1*iHQ`Zo&a=eIyu$j-Qt2g8v;fgVA#3;u5= zE`T+;%KW;Z|8f**hUAl$lRqMT%~rdeo8i3oW1TK1A0L3t_s#&$#{y56uia+3yDf3x z#jyexVE&znGuC0N9w1b7eu1CCO8ZRT+p3=9uQjJ;5uh0$74V_tq)3Oa$K7-u-I$>Z z61xi&3-6)>?IcLI`K{Wx4wK3+9apRxkz#}nKTLyyi>!;hi@pjsQR%EPxWoB(&(gAG zbqi-lxS#*lk?POZmmz@K|XxR$Uu~;HKWU$YQj|Y6rUuh2mq9C7tUPKahjJ`X|Zr*=}bG1(HNm~TBH9!Vp^PbKSebI zM<^yk(E&Ru6CyAyNWXh$XQ)VUAx%h_>Ic4-z+hb#?t5-oCFhqpXR068B0=dgktL!J zBxvJHFia_Wc)s<;q z5HR$11gb6XG(K#MYt;CvbIrfk*P68B+so%k^}gD8uMKwTB=mS)wUQVPA1)e50tV~9 zT&3OH8;06u<*&`F{>2rOt#)8}cJF^;>j!cnRX|akBPckjw{v~n#G~2nW7s-bGj$wQ6^1{oIr;5+l6FUM z&cS?EUg1@7|8fHa2e1wtbkpIgQMV4hapW0zGB|r{rpAM33|j9|{e|U?cChz{K{lW=l&6JG{T{UAvE8O4$-}bIR_+brB#i z=zR|_J`8&kX48%}8&Ha+ArdE630ax8bS>(d5n5^db^L=<8>CC1Ya{!(>@rz)x#!l< z?xA~1yEE?-uU4~wI+pzYcYd_gQ}_rJfBCvrfBEja2~yqhjo&rYi* zxA}d=0+dEY_0>|&$Z3?9{0#v4Z1EXDEHK8w%jtW5%P2xNWYR5>uQ#T3{2|i*oHZX z`;NSj7BY*Ibk0Cg58+%)?k&w;_w48K?(Cnw-NC`xg`dH}dwEd?Z~za+I{-rCT>UuT z;2g{1y32PJF&kZYO@mNev!U&f6Jip$+or?7$qa5PZ5D`r=Iuo^rcn zkn>Zq!Ul-Bi2gs{>=@ue5f*f}dP(BY0fMoO{2@;;0qc;?Ot__nZe6;08?YUkE_G;o z+8TNDGDgG!EMO5qBFO2Ph%t=|G6m0P^u(`VE6a%6O5<1u}a{wO>uM|T}=o!7P=I!=rd z3?2E{M7^MMHbi(wm~ADS8``z9P~g|)*a&Oz2m&9&zAY*3NaG&L34pC zX^?Zh5{ZTL{-99apimErkVwgIYT=+>H2By_WI{j!)*1I;547z|!pQ{moR$LC0!9j3 z#|^!k{OGb;HFbDTV;5KJP!jk@u9;Am|NiqsiAp|Jl8=sJ(gKT0AwDqw3Bl%3$U8-1 z)iiBH@~pzf5BN8&b@A`UyXXqlDD0hGa_@mzp};v}{`e5%mc*cSN|)XBeN#>!M=$GZ z|7sjf26JZye*Dy_N0Vtt< z$iz_-mtJbn-CJ>?yMao{a{2G4dTCtCu;fmrk@_ikqtQ~S<`MlY7}Dci>&ZS!gq@&l z@xt6z5o*3Qf08(c0dj7@l$x2~x-Zh{>Aw(g#<7{GIhBQW;&c8>bD8a}9Vw4Zy6&v% z#PR#!o`r~JOoS*P7kOggT%QC_2+l$;Pl_h$#2|s}iLb_D`7?UR)M1x9X>xq|v7`6_ zX8n18uMt>XY2EMM!gpuyQ7#X0Q&o(0n=Cr;oY``QmUG%a)@&|c3aV4hxXOM9}fvUI0Qb0F4#Vvhi)hi23zmImd+^X z&}#FFPe+mNWsM93gPMozhwdhe>qfjryf(`yChHv|>&Cv6IEzCcVGKslL0*5 zPZ7FYKf_M(85~5H6k}hL{9>?}`a$u0-ybm(mwae`%;WmKEaP88vZC%p^J{gX_tdvg zV)!vvHN;_QWR6|{v@aJZeV9aM$l+U3M2hwvg;9}EcfnC(3=@Pk`{s2L)PJ-uky?bt z=#fDRf9#X9fPt)t`2Vx+;Mk-9ehgg*am><8c%f&`LxOlLj@Em;J^Jh~Sl)HHHEXWu z(kUaJW%p;4^T*ug#dlo1laCs8vo`e_^>e-prduh8O&SSU`kbk2P&wtiE$gOD+BV?& zLXrAHspdlQ|CCH{Eo;`8GPcvlGBogz|DMVX$SC^nZNWG^Px?A7QuUCyHCn4eErpEynCI_^s^Uem4*2OfT}l>kVWMKMJU+KMHv+|t5M^PB==Wp z--P!dFJu~&c)TVbMfC5UXvbT~wNIge8k>7AgJPx5DPuM)Ip2%Q3MXqTP-{-Emi4iY zmyA%Oj2CQWp@wE@u<>DovQT3}&0EF!Kc}k7+Rxym8HK<1-5x8nSbA-3%~^IG-V6IY zdl#rYv%`fDXhvwYBN7-_Q)o$3T-%R>Ua(*729`6p4^hy7-J|B%`8ZbDRW{6%vlA>> zv3`ywMrbyvbaTwPq0T)(*&oC-jVK6{&8>k3AS7GGqhDQ^Q3E- zSrMyFmYudGlUH!l?jNdSYDmZpOhn5ToJ213pK)~Vfjt+lX;cEPc^}$wtRl7d zydP@?dOl8!TrEwk^KnO^xsi;xM7np1UlbXXY}7irlVckkOLNH5HPUs`IY=F(Om#*W z2UrLlvrd}?L;gWesm?7A_znY4@wz2h2o;h%v|W(ri4oil&`7f~Vm)f$P3tF;el7WU-OQM@gHJQe(O~ zBfDz5dGNj3?|R_nj^*Bech3&%cK}ttW{%^nITE6L7LI zHMP!nMYgF(CcLiRu{VcW-Qh`GX<9+obF*))Uu~yr;VV@=QU$FN8Fmf_GwgvdKbeMQ z4bv9BJ==BjFaKP8NYl6;d!UQjmR=oqroyq$8aiowr6ceZa0)p8q`f0)CXrt`j%c-9 z>NM0t%o$gYcQkp<%&T&r*)?@&oFXc!Al}cYP7qcCLz&o&b}y>f3@eUaR5d4|1~k1P>z00 z4V9b2h^Q_RXhxLj+S7YgzL-8}uMcoLC&^o|&|nj2v^kEJPmEWW?j%nJz?Ll$+(<-f2~Ydzf&T7iAnR)TKP?y@SMNU`3$G&KBhL zk9l_Ap9E7l=TmuUHDUAl*8?={CVlY90zKi&)0I*@s*I|fs;sKKs?4g~`i%OV`mFlA z`po)T>2}pk8KN;z(OfTe7)O^4^U(^_dU)G#w_N%e`3yUo-)@o(p1r4^QjZsk$M0@) z>&JE+$1U2*9=m~Tk0I&rOBwE~g*tmD-cqXZOKap^`*4(6XQ zy8A=>YR9)1#~SGW)dC>+&$6@XMF)d><$&c_L^3<^HSbrX_<#bI2bFOq`$Pcg&KUWu{I6 zwEG9%beAs{bsY?(E#_u}B-qDs1y>K0011g%i-q+Uv}ol`1U?)OP*d_pG@niDEyjshuSXlXAjtsw0MjK@uu~>~= zoVl1@JGi%@l_(#h!CqYD!4HEr!<4;EZ`=%v4dT{N%6v%hnnQBdlVwEBN^&~^!d z=sexv<(*N|B6Y+_d!dSTn73AZL18rW!qBrI6VOHP z5$}L~+nPZ-WIB{8nchJ#W(p+`hK#Ri2S%43!%0fQ5I4%f3~L_X9D8L!N#Fqk4f~#k z3itYTIawM3{$mTLbDkV?)ky#0ez2%h1t%Ll`|Cs9PYr(|{TwR2Iy zIy7Cwcn4b)W^g@-1gnL+a4?t6gj!2DI^p;dW*%xLzdhmTuG`($VF4CJ*sRl)WNfmn zD)o^mo{UsJ8Hw(|xQtU@tkLKd?lq=%gzXKdW2b4>GuD!1Z;Df@^OOUd6W34vih0Y( zCxg$_E1JJ{%ib%b&xS{Fo83oVkm*l&DochLKPj_aZj8+F%o0b2Jv74x=oSv5(ph*$ zXB!)ike>&*Wal+oqXa||s8gH-XF$27&qY(3MH@4P{7Lsu9oQzslfsosT)ePOjl$58 z^$sbTw{*seBmaUz3o$+zl8-fJ7BXYP#4O?Nos1k1Eki{*dk2?W+OISkbH`q<9%LIt z70hNDV$F8=xk$)$M~YtCSl>8%&F3FA!4s@W!#L2#O%p)qw;8yRad&8q@iWe7Z6uPO za`CLumFFs(D?|S|Q6+kr>fbHs(vJ7o<+ZpkO|wOLZFQv6@?8{rBWV78p%O0w)r*q| zK0P3~>H5J6{$&sidV`3(aokQ%a$byh8ts2yN&IIDiWT*nST!1O8aMh|DmNe?D>o#t zE;kmSvz!8ckJ#e`JAFieXZ$cxx_M6`9w!B>&+hOsw2<p z|I%0f8w&D&XGqxpD}aOJe@*%SE^g>0_S%mSB8K|p8&AnN4Y?;l6NzEu9T5ver$7ue zv?b2MXdeza5D?CaNjHMAJPtNIEDF3Hp-gzdyAOb-P>gqk$I%T%Hd8FP@At@!S6aI> zDNVp4d}ceITR|750woe)X`$RYdOI79L=^WnioCE6pIico$6Egpx)Sbj2k1y$yTZ;U%2pI0iOJBhBwTOH(j$< z1DxaA{H#$~z8~}^?_|2lpx%YPs*NH}g}C+oam;qa{;$rO8 z&VMbr{67x(ze_Hx|9^vAIR77z3+I1zkGTG?kPAB}7xVx3tqRkE@l;W3)AzYekuYGT zo444^MZ_+(qC?LFuC?1F2dk9~Duz-aD^t}5twg@Vf}yboup5Cg${anY-y<-L$Fw*0#v=dy&du&{>eLL?sv6 zZ6mAIGu7=Z2tIDD)vX)5wBiyyIhpE0r;l2TU=aU~4vVSpq}88m4tBV*bkIYrUqaaL zzX&AOw?G+?@SxT5ck9XjBdDe(XN+|RamUkU+5~;!)8od6I!k-+nI`^ zKHh=gud~te87csaRQ}QRG~UW&q8P6=VRT<)B&Krw$gVo`ZxU=$!qO8h{gR?0M7dbB zmv(sHnH{H?k*WU}%Vx+Bdb*=9i6#qp-+jj@*nT+_#?ewyl4JfV`*TgZ5`v-J8z*ni z<5f$?pWFhg*OQPvs?~dgJ3hE$OpEuY0~6;NmGff+Qwg!w)zf5XC5Nktx3^8T;;eDH zkorv75T^k`(K4ShbOpQ%8xmwIkZ(X}Ko*p`mbw9T9T@k|bg|%iN!74AkN8os9sOz! zeUlZ?{2w9sd1ga!Muc@B+dtFc1L5OWhk;o=#5`S2yeIj1y(@;jG3XgME32NZ z$H*m{K2D6YfVo(gJujzrDyMcA@{tvbwbA#?WX?HSYJ`%<-J_O=pH14NFfntZ1HHo7 ze$n&Tq!4^m5-E_50ads-4bzu+_Y8*(5>(@07;%`1qE{Gnxhcwexf5=JLRsfKhWEyf zFoH|Gbfvzs7hnI>wm&{Vg9*jH(*oryUy-p~mT(PV>may5;6N+_!Oob+hytSLUnJBZ z)`4CF=!OW4K$>q7h3r2?)0iRBo#6XlB8oV_KvN$;ta<$i=YBtZyK{Td>az5=ET9Tn z!j7n9p;up_iCJp+hYsQjv0~z#PJkq(?h(qW@_S>|mNQ%l*(1?vZak(Rsrm~iUQM3( zemU#`rj&N3hpkdzIYG!X;OWHOpeOjSAf6zIKX8KSL7PBnw;=iuyG2fc7?!{_Uxui| zBX29OR2B-CyUu-{3g9cy>p?(AbWZGwio2cthcDDQMcg*W@ zUtzloS@6B=A-6)Hc!g$yaEu_C5VkZs57xI|K?Jy#r3sqMA8AkrwGduhq!4h-7h|AaTZ z{|WyOYVI+}v*pbbcvTm>%j~jk+je!?wrzFU^())9ZQHhO8+-fS|IE(r%*5`?-H416 zC-P*R7nx6FJn?<;F<}z?7J37biOD@EN55xZxL9~s24C>6A-1D3B0!4FKID-%Fc7kA zTxDWeL)ab{=u&r0h3cIgxTfZc0#&8ALxI{EAIME*X|f}L`dE8S!}2``lJV-1u{5rO zovIxWm}R_Ujp|%yivR^M)=N-wHCRXIhLgok-qP)8xXsy{+;k|bdCPYoB{&tD_K@%2)?g(j@?vZD5%cgu$pGB?zpaXZr+%yjsKXic8T!4P=s0Hc_SK{ zdxKtLrn8LVP!@0Ov-9^V-Lr4gGX-GMT!>7hT_zu7o+Sr;dOp6u+OWQ^?-bYQoEC?9 zNXJ__vkmI~$ZS@P7>R1Y^l$wU345g2uNvIcUpsrc4M7ZTnI6gQw6%k;Zk5&uA2_3fvO=f3&;K*avCroIQ zt~G?w@X2DHUS+;D={%r%JKmByqBK-LE@Ez3IY;7#VSwtDsJvq~PbJ+2dr#*q3a=hn z6;5vs+n-FMWO3Ip{>q0-pIGzw=s7Z_?%_cv#;!(bVQZ8UuJax(fN ze!uVfqh30)4rDbBjK4zjhdY0@+}nm_1M&1wr}5B7C(mPoVGmzcv9ZpZiFilxBba|A zy>rZtD8<_k?_o5$XSEysMDKics6FqrJ#S%CxUQMl9$NCyFzBw_e4;*Cz1gZFkNT}8 zMhsA%6$&Rzo{g2$6P~xQZ3WP8S><#WjGm81fdv3%D@TK-z5;kq8Y;kfP>amkIVyoq6Xao5J>MUcja6MoiO zYb7Qx@TkmOR^u0jqI9$1-5Ljxjn$H0rE}Ke;cW?bf=F9dibj6R?7>+Ms*gi<(ZJee zxUxItN2Rh(wTt;&Kp5kox{rDJcj+!V<+yW8KP-#VnM)G`C9yk2cI7~P8 zhJuFK027JSApVR@x`Xmk$HOZ_4I~oGdGtz-TPmHI4nO<%jLv5rR+{3(s^}&H8E*Nf z@SmFRsZ9%{Q;U)6H|HW1#)s>CfPrsT!#@M8N26(o2XN=!_D1V+(h0Bw*$&8@l;o4* z<89xkH0cgOnRDlY{RbZdZ!s!tC38|Ut*78^?f(S`&xtD z`jE^&HqQNEKSgdcpjZg%z%Qn5d7l_vM<~i!W>b zzQy}$(tQ*Q=X{za*|z_lwS27q9p0*-NR5egwiY{PggpWiCh^mDZkXcwJ-io6KQPzSuK;={o1^{9)AK zDr`1=b{*4{=uMd?O*=P41xTntKPTWxq&dJrF3>cm zaF0D^7`H6-XtCH+Y0^}^RqL_r?HuhjY2n7$l@1pIYggc^T_TuL;Yi7vYR$4?{^?0a z_dL7(1?^pwbjCU-wcm#^{`qtdq`W8!am*dx=NO-&`U5j4mw_~`uToHLz}f_^uHyWA zBX%B^q3Fs_S7NWe&Lh`3d&a4u9Z?)#O;2>0WS5(_XW)4Mcb)fuVbr_;Q7L3401W!*X-J5c}aPwALwB6b5tB9Rp(jh$@YyqTyrdgv7h-Ttq$j6Oa27IZ48iPxm>gAMn50mfDorIq zS^$amPu$SFU5y)%uu39ISflt|Wv)?0qs&?XH@+9Cm+^Uh_lbKrhg!GL7h{L)@6hmk>`OrM+n@i{avI(nEg90b-Y3cLyE1@ z#T(3JXP#BZhL%{BTBwueU6FE~9gXLvc6lk2NJ|##-J^a^Ccv-E0L6my0)tWO@(Y-I z&j$8{id~RH#jxE7CUlehqye@8LhZb#0X<_moLsng!^DZGn;~JO+HJRjRb;%PWh z?>XGHNx$Pkvl;4HHt7J?J)A?-DmFThxgK z+&qu_K*zw&7>OF(^;{hQPSY%}DTtMk1w>UIji*Fsu*usu1rT0c^Jz)9fUY5vJ86?m z9ig_6gK1v5%$|%AmW$kwTbhYNj1QI%o8im4>b_0EJ3HME5Y^oHF`vE3@=eayoqy}}a<{=CZq_d8w)fXzS7E|1FAuJZWAKF3|V2@c3 zo3HE>4V$T_4rLTYQkjbMcD>KH4uc69TI##xI39~=E;FV}WJRZBRMkgE2Zx3xky!Lx zjD3kbRMgDG>?7v%X~;e33C~(E_(~4JOam9GEES52S{1+QGYcWjC=_8#UQJ6amwwEl zXKK4@KQhYNtj~Fj#;wd#lu}U3eb6YaT{)D{v$z-o-Cpph{91@YzjYMsoQs~rmB8r>JdM<2a_BIo50c}w z8=N^-ZYavbM>gx8ZrYJy9<6I0TmlEd&vZ(Oi^nj@2&0N~aLfpf%PwpzNfz%8WR{N2 z_d*n2CD{Sr{=rZ`i@F`IDCM9hlU_evrB{)lV zx35@gR_-LW$c0nUtXddSfb)dxP|k9SBq^yp*gUpi)b~{PZkkQf-^k2X0KMbFaRAfF zd|2>OY`T-;>#9}o@*;PexMMjXI6KR0h|Vsm-Yb}>Fd;}|cJHrD>_)y zRueYgTms>9TtuEWM6G;SLa=Whd;&EUwW!Cii1B9p-6vB2)ox`}mzPvqc_=)r zYc{B0SnU52dWs(P5-P&4$-pToiBWALLI6Y4fR7kfKX`xbnPl!D{Q4aJJ|LEa+or{3 zr~f*san}&E<`<$0k>)q#ub>48uSi?jGdeS#g1O%zg>}+$z#B!cf?ELd5a~lbRtRkm zN|dZnl=!KnTpXhpBWKP0e)rZcq}Nx9_9JgINQV_#YyCTih!s7~(n`=fo1=v05woMc zmp!1w2A0S=JO=)DMi6!fm*N<_%MTWwKYB#+Sr&kfmwp?}BxaW0aX`zAM}nMwNo_l9 zYmDr>t%Ci^kMhCmDt*sgBGFZ!Cn`zOiI{KlL&=SCf@Cs&pQ3C*Uk*7YT{8jMphZqH z;rlteoN!e^=aY2Q(BlQ5_Lp>mbfUqE>qlf3n|D5=ukXkCwD;o-=3AuXSamH!W!tCFO$n6TJ?pSd#9;r+j7U;pp_`tS7X|GDmufBpCO|6RcTZ}e+A zy#HFj{x{K@?mr9I|E^#EUkTWM@9Y0HkjwoAD3Y{=WpLjP!W_IXGqf7q|ZJ z0yYy16W#wgIgM=pBVc3m@-SX?bO4$}A185E43U=k@V<-U#SS6xwE+H2!0re6PEkZ= zs$m0W!$l?uiS|pfwD=)=+T5z+hY}a1ghm)d_1oL{Ie5***VEh8<+$foyW7>oO~=uj z^UCZ&T}WU(e5ffSs*HwIKWR1aKpCSlRk$&rf=9p+sY;#8L+^390cc2NO565AX=QI4 zRv;*vy{>R#94F3!%wvjQ_%T^Imnyx^c4hRu=1VYsibj=*(1nK$b?5=AsA8Nu>-uh{ ztcW^2!DKLj@EkEj>70iJ`O5Sizk3)&wxg44f$2;jWrH&fE;wD`Op@LqE8Y7m1% z!A9nC^ZK6MgUsfQ=q9{3pADVOpT|9?Ov>8xrjR9^i$4>H>O{9j?}<$ywAe`fJn+;Ni^M-%oUkGr75XF_qqnRk}m&K?@JL6*uafIa)g0k~s z3abay!*_kyuq9!zLA9_eF-bVT2jQI1rPu~m-lXD84$Hzjh&>X}dBgRcD$>oVpatDUq zT0sz}{0bG1A18{D3Kr6+h`RM9Nz~gyBn_>$Sspn@ceV#i$aPw68=V{c)x+b(_VWxr z*__)LGILHIVY$J~vgG@ViAHw{&(`cct_F^eh0H2$>*uc+cvJOY)q zaO{I2>3z&%5ndshM!34FxOh!CWHD1Ecd%T>x z%s3weX9#-4U$;joKZZXOiWyXF6t*E)1tX!%`o7yOxG7t&`bbi)ryrL--fDYDA{sPk z#4Xj#6(Zkoqi_>(a$@tDHr6eb-CM?Q*TiNcM!ZboN)3<@lTa{9pc^WB2b{kqNMynK z>-v*Je@8de1!q!HMctz_W{E(ot}rJTSkOuSfw1uz+JbyW;25s2nMxv9k>^v(t%_Qh)GSK!JCT_S*O=gua-gm`i~!l$IXmzF zsSA$3>SYw~WV#h-Z<)ZJ^OhkWBfsRYlK-oULN7hTE9q(>*{^nKW@;GzT5j-+;DNsN z&C`IY@SqHzxdb+;F`$@RYAAqFZ!y@FYkN#4xMxPD;;pmJ`zs>>4FY53!V+p^NWgL; zK||eV7*Idwp^h{q3Vt}#Cawy;I71PeEllJ@`4KuVw!w2IzMD=;PciDi{!X0b0@>}IU9pD{f+d}ee3KHnZ~T0{mbBs}+# z(;1Ut6H;hlyW6=q9NE77Qw;?JH3b)u)YwQ?b0vas0tY=S84Eq?4d%Nvz;vSds8dY( zcvQ@(QHj=jqEigc5kCd2Ew@ffU^nNcx>-*v%b7!za$&2WY6&p&w3u`z`9SX_lvM?H zx&dCq&%6wc>OZ1OcMM(YiyqRmk;z_3+%oTQ7H~ZWoI@T1R_@pLYtlFxNdzWBQ$(J| z3>1@I4<0+_G?`yS3Q#yH71E?I*E~W_%o9?WPBM!pVN4WZsa#O-Hf^>>mOfv!i(eQ`l4?0NRR+dLL%y5JnctCJqD78tF%lI2wBDG|=}@ z5_}AJX`v~Xa1x^y5=>gA6|zhsBM-vWYv`sLoGVKM?kJX@()(Z7>C9v)`5v#V#qyxzNvX=gE9Qor(2Fo`$Sjw{dpBRf*Ja@I2;0U{{r`J z1C0yF$_Rp<6jMI&IXfODbkC{DcLV%ZA)DNLG|1fJGX84tvt}E(mC!{(xPg!-geZyH zMq9?S!6DetXW}{Ae8s*Kd4+4_?DGgh+FW6^9$&KwC+3txPpH&*egBVvZJrjylwGM~ zlCh$>mU%L)>?~@;`;UR`w9r0jI?nuVqY3XNz-(;7iyV3M^ov?5DdrHI90i9y#ur5@ zJ;E%Rq2)gs*!dF~{}|Yde++C!YK=^Pdxsh-m9WAI@mR~t^w`NY;uphEsquwcBGoke z-_J4MM&tTvNg>a(#*f5wt{J#l@4$GcBp*@Gv^;1KYW>gi9Y$pAquYgKcS^MkdCdql z!7v1H@K~dDVjtiw;^gXLB8F7>KWIyM=fKDI^&rQCNA&7D($~dc;o%;PI*H0g)K9E5 z8xmE;fzibVV}_OkE|Q)Oo}bW8d;cQjCpFyoKQO_c8AIN%DsER(oQb z->7ccA7(J~dz#1cQWOv2)dR%{Qw0AQ*t8rG1M%c3aw&cN{wC%9|88Il-|{q&6)^ye zWDt1CiIeoXtoEPk1tqd{;wpRE$&(9c@_(41#%x6|4a;E^bs2>ths#%*jyk2dgrwaQ zIUQfbHQzG6Vz(h|EzFkPPLJcExmk>0dp3?x?%Oc&jUA(LggWVkFAL7f>vto0>~bO< zZj0E%U4E)$&+r)QiROzQnC#cJzTe+Oz);5GJ;gzc*p#3UM$Q_$BY7ox_k!1zoO?gk z+)KWYzW`p%&>j*D@mnIf1UvI&R+FOgRHoVQ!CNyo`L7CsPvl;~Fo#KMU(PkmqUwd* zEi&Av{(6{}|W-e+=wlk7pdhe;L?hkux0b z+?}km|I@%0J^9DLo~wh7O*~PBAB9u#-L)iV8rP|XSVr&!)K;y)#i~$5$I8=|sGCQl z=BS(%R6JiMe3C%y6WW8{X;!WmSSmP^O_9-(7dfJSNJrn;WO&?rF5US^$K40rYn?1Q zY8=`S!C63_03(%SbYulxag{%5bvJA6TbcK)gPE#u{Eq4$mnyhBMr=i7bc5;u@X)+| zTD*QUKAF1LxL+9+$er3yqh$$+?0J%438(gDa3-}dxT?h^?l4R|m(QG6!XROmsLMB+ zZJ5=PmvEPS6?;|XAk64vB~057(ZnO&&*zfLq@Yd0jpa?^RVgI1p~yOwY7K04YIWY= z&0c_>1}p&PSWladpH8;unSeQUNIXUyy1Sup-8Iz-7bN}|*aDAze;e2oDdds*e;e4k zWu};vipr<2b)Sw*?8KyWOI5X2=g?=gk-3D&pbUVA@y%aHiCN%^)Ll|CqqMqz8`!5* z_acuKlLG2Fgi8FP?!u?|qy?-aZ?p8JNw_4q!z8B#q$_c=s=7Vlw?GA%{rM2XRRzS3 zC@W*;-{~`$Ex~aBg|hy%Quzn>9^@d*u1wX%fcx()DdQ$S_@w+pn8O>6gOo(X{07Mg$Vxz!{|(0Sa&HO~SDegcYGr3hwYt zT)nPDk&&YK8%J0&T@*FZM8m~siv;%ID z58W?}Knz?u6Qb)}Sgc(h&nw`pXkUH@{=Fps@Q=*;6OvkI28|jyTWnYJO(_6r9HVTs z2V>pHLJFri>$U$w3a0H4_P#=G;CZ&i+)~^C9q|^36+khlmT+`hinTGcV~C`>&AYQR z`GVk-P-o}OqI?|az^zvNlQD(QoFR?T=bLlV@4ijRLP0%lUpa4oQs^WOF=2P6wG4C$ z>OogPj9m&TBZ4`B0|V4B+U++t&8ld#SE5BW;jfSzZCT@*n-rtj@_WtkKGbo)pcQr4 z&pJ6wO;)>XWybB;)6b96*T)kjHMz|?QMD)Qf{{usi7+JLz#BhRCd5fNFc9yorMM$! zcI?s(B_?f_)*+=WFYCHXaz1Ihs;a31K#fkxh2}HteFWg1p3Wx&e zu;QXA4Z$BpPzr2U&|Kk@jb^|qKX=uPQNdtnVF~v8pgzoogo5LB#PdD!PO7{-6Tbg| zfqZKZd55c%BaLG^atm{7TfM>Dp>u+ijfA@KpovVHd{%7X4o(BPDB=`$?5(y-@6#N< zHEf3E$AF3dY@zzrI+;zo+1#tC`CIdAcqPo>Gd2c>Eu7|9SP+X9MwqD0phV<$t7}+= zRk7?$!yg2jfWGwnxmMjqZm!*Q6b%&#ek`GtzATb4r7z}{* zD=RQ~zpVGiU8-3NhE~k0O|PsySIcj6a*hfl8REE-N-g%VV+aH3nIYiaW|gK{lnW{x zo$_AqLlF@4@Rp3l=_=?s-0&N)&IT>QIlE|cbd@absMwPp<=h1RCS&P$Dbb^pb`I~t zg1hm+v9#UpeHQDf*!FmQyB!l1?#fm65Bd2!A9ij^5AXhfXUO8gnN?|N_Hu0c8xzr$ zJ5K?68@42W`O2OL`RJS|K`OG)IyIPT= z-wZZm(X&$S^GWSGo%}~^OO$b2#_3nxUY65TtvCif!ru&b{m6Zt17CwBE$sx#9|pVT zcpLc-gS`V0mq#lL(-R*=-j@=ZO(3@cKaTxbu1Du02f~BJ*_HqcHnm=FX3E9ks4!P( zc9D{Ja#M`4RiD+-uf1B|jJi$}&UTRk(gdy`$jYiacsT8i2PXo45j6+1=WOBF7clbh zwzC^zovgYwN`|@4RIKNMKe=!PK+FwQAGB~Iwn03AFa#aI(@5d3hr3*YG(#{klEaTO z>2AY6t&RL8IuhZWSfRkVMn6BY!XZ6>b7P0Y=&J8!tp+M!I|~A<7YyFC!vQ`E+>$bn zk1bd#k{W=_x9gM_U5L*wOYCIYrjruSUezvADc~-qB8-}QnSE(y4;O{oeFJTT=mvS+ zM^?0*Iu^ayLx3G_Pc{o#?~;Qhq(g`qZ4KUzVg@$Gkt9Nnx6luLqJJ0{XG&MG+WWH-=k^=j~(^hSd-gIG?$2 z_!@DP(}lvAaLY(Yl(|t37tD)KZk^M&Xm~vVv?ZBlmR#cIGLPqSGi3x<-8+53H^}ly zFPhF|*vU1X>P?u>Ts7K^V7;}wuo@NG1|EmuENvMJc6@gl6~D3ido4nS^!crKobsU? zAM^}^?R-81wyigOwoaHX^Y>g{%O}iHx>-}VEW!8jD5~&F2YMZ}U3L_eou}y z7PN{tO>VB(S+YinOXUhp(Td&w$Hwkfy&U^vWA_wrc&NmCa7}V0oa}-Pd`~(pA-lTx zg>>_+qtg0wZB3<~29xRPB6zFiG3rBh!?sUBcEh#LDDvEjVoowMqm?wnjWlcJZkji*1R!r!=gKplo>IjmnctwI-*k# zv4i!79sy&Z!ST zVG_CP1*oFXB9xY0o!fT=sP>?pnynbesWWwc-nFbaFKi0VOloi!HbZ8s%;ky)<=k?u zyNPu3!)}G)l7lD^6mC41QU$9S&mD!y~(Oerz|^BdPkynGZXdix6B_dY;k8#Va)`b33_s{SL2q zuNwvZ3_>kKiUcu~- zJ{>y79D$Q;lb%gI=xyeTUcEUFbu4Y&18rQre!|&gp?~g60;IlQt+Q9Viws2u^K_Vh z(&8-dbKGvKaGqs(@6^D|xqnk2G2)5i?v5w28m3NPxte1`eG>? zVM%G-4-~X-mJ~bDkJO;%;U%6VQ-v!FKSlCHak~>jH!%$!dro32GdG`)I~CU*8&O$M z$xu4YF=UtJL#+_1aW8LJbW(0vv}-XC{)KU+mObe(bx+l#eWq=)vA>Dtxo$3>i?}6B zpGK{mR$k;vb1;^x2Q<|ub|Fw+uaY(pOZo;|Jrt5PF%vc;3ARzskya$~Q&??&h@O2l z*G2|%Gd`OrhXl>t^OfD3q^2RQD&x`Wp-UQWy3sEgRv=SBu*cNeTpLk znE?1K#HfE;u_kln0JOv}&{zE=7F-1v?nq64=iZCvcZS9APq{08nO(3@ajO`e37w9! z7$p?K4H*ZAw^la?*0wc$oe%c|%)6>ox4FgppI4tOf;NvEZ9GnMFmP?S`jjdY%_oT( zxgI)c8ypU&ARB$Oo0~D8PbRuG(};#j>_DH!1>Y;0>NXjM?6VHY$IeiV@|k8|CDrV| z4TTDmo}k33%_2dCe87l1OU6>EeXmnB>bU1(359_#T4P3vF=E2EN#1vMUT_H0pS>ka zD3p9;BErJ`xdg;k1E~78 zW?@m3HX!AbA;t1T#5J`p$^3y)>6-t+@gc=r6eVlFwDe&kjzMhDy2+q55U`&5Vo_H2 zgX;x2#^t9fOTG>=c&x| zoym|f@a|SXW|DovSq(P0oJHcEXBa960g~?*deU3EMDsfcVg@hh=yt%&0J&?G);{64 zr9+$1uCa&wGo!J#L^wb2yfKqAjOYmNc$`C!Z3Dz&L8p}4bebhhmbSG+`?YiB=#ax* z>>0~7t8wEx3pb{vlB075ue3P0=2X;!4F@TupCx4r)TQNqVxE7E_-932L6bV6-8BrS zPCgI(sC^Z_($0#;j<0al>JAV3ns*_ZNO;5aqflQKj?z(#9#olfR!3P1Rbc|OtZg?( zaYE%i{aWCPW_>sMKQ?yD!!#(O6Yb$f+je1NMjGvw=I#8&dB@#UWXnMmthuW5+R0W% z5%p=I1{}A&&RH@B+}lvy35vq3$>;SdcEwQ3BFhiTB#6u;+16Ql_R60%bCB!Rh%ku( z%#;o4_=x@z{L5C%f#l@!^k8Z*GB6%WG}j$|M{YG-za22vcU)l0svIi~_rxE55$cRs z-+efSXpdp;;v#08r=w-iPRvg+jXO+6&@fWLRWO%Bby&C#?M;iagCU!k38?)12@Oyg z=>N{mD~A;+YVaQ5|72gDkdwv#`l#3$t?NEG$)ixsFd_bk%3P+8uLOF`r_)0w!#&g> z=22ms#lWXmJ}*uZ7YXh*2r!#q~# z+PIl*0bpcVoBAAQYPHb;&vjpME&JBS4y0a0CyYMR`&)w2?kO(&%dME!ut*~ADKLnH zn1+I#2N~~eji8l(D3UB>s|u+Iy50LDe5b;x$h6j!=RUn3nK?zTj4Vk8qUk8Z@`KQO zm&DNO(0Ah?IJv*slrhONo86o^i6eAhdy-`Ru*iGgo1Ey9;G8pA`^U!S?zW2k-p$8L zHw{%*3_+;&$Hvxe0DM4$zvleM#(uh-R8=jC56D=o{>R3i(~Sd){l~_x4MT$H7jJ{B zy^a4R3)UTj!UyYB(8~q2RCn8teFyq_creXs5vXYx_8XU2R+%4rM2%=FGzxOh-vt!t zYWTZeiY?##LFUwg4%cJ4a`*pgV-x*jV_*DZW1k%4XmKUE(@1+7ztjfnp93F#Qn>rK zk5~7%&)2TIXFMs_hFT{sp)V%e)Rfn49(s-4l#ZzZNtnS1gS3Z;jJeKG{|NQbgmMX0 z7h4vkIv#wyyf4ZONQ1*DsmYjFoHwk~3K!UGQqWhq7~hn+T2{HVkP%nxeOc^1Y?l${ zNi904X|Ld>O=c?Mf9u9Dg=7coQCmUEyJZ(y5wHUm%zBnvex0^o(c_&$CR2vUXrYZB1 zgSD+Q+Pu9DHR?FIB+Uw9Y7fIpa5lat%A`AtO(>X@cO7UN&o9!;*00~+N6Ba;?ir$K z-Ylt=?XWw55@Zhp1KWyFF(iQsG=s1eBwV9Bu=mGu1U#HvvrEJs##V2j)sP9ex0Xx`_ku+4t=f6bM7C*o|V6maDL zMg8*OdN`VT1&Hp5^Ky%oo&Q8Tnb}owr2*&=Q(sd-k4NeJR7KguYG(G#Ix6Xg@~z^^ z5}p#$N^-@yJ--+GXdR!g(Wi0Q<0H|bDh*Ez7+Nm0$H(05%d-JY)b6uveh1}HLSSU8 z-8<5EvLHX2vr3odq}h%Ybf6nr#5%GXH&4S#VB6}zkY}8f~1HB?e;AR_3D0|&Z@Vxro-&&=;tM;=tGq?yW5A;m+St@(@GkER%7LL z9;OVZ5NZCb5~t;rHk`Us{H|n&cBt50=QZx0cP^{w>HRfZ(e0~K5Y7^OERbje?#=|; z`Mo8nfc75JHR)cYuq?5_yfkh{+*eyr71`mYn%`B94<+5F7Xx0BX1E6|I4qzZR|chI z=X%FMwzs9Xnp8F({J6?pKduLoml0 z-OzHrb#!BC6=l^a$Gk%6N;Z>jpGP^zP`dn=(M!^U4ojY8Ohv79Z($6R)}b|-DKyrbN70m#1yxB;R#)^VLY|LknO(V7 zfX%^sQkaW~C5%rBZVYOCJ*5&GM-@ecQjBpdPNs3|#5AbqdjU#qpCOqQi%rKVpFba6 zzM!8VjmH21S#XS~*Ja(`bflfO4JSg)ABeoq5-vxG9E%<{5YiJEaqyE%7t4ZSS75Q# zs|+Qp(-FuSccpu6OPfZVN3wZ=`jQMgk2H&YX%1ddzxvIfZP~s2=I6C?%KD$qO z-4EYC;JQS=?5?K$eg)cZ59Qnk-ovw`Y&LwQu33Y9i!NixqNI#(%8~8pZ~;$Cn&P|G zBFhfkciBIZ)N&$@ zs?0GpOm>QWyKNW$WFLKhKg($1xQe@M*!a21k88k*`65~*Y#nIe1 z#?GXOa~bLT$VyYX@cfPVIJv9dK=_VrBu?mx73-uN*oI=i)b6t=2Fb>Q z&SpKd?p2x~Oz2pRACC+E$TnY{fi`VK7zydHj&=Y`nim@GKp3%7&e4s4P>dV0UnaMc zf>=R!k*)*vHIJ^RmvbnJHk^CN38Zh{b$w8w2By3wI~ zKY6b)>f8PvGdCv+%bg;_%Ut1Ua+TSj!*jFZqUF~AC7`?Qt*eXRWagXAnLLylc9H=8 z(@7#Qkm&HfmcUQ#K#FDbkFAZ_C_Y^k5l<2p{v$6I6qnyFj!vRQAa0M@Gt*c1D!c`$ zon*MmL{cNn%+8y@JeLIjS?aStf|3Sro~%L6^%^6GCbR0W(^m$DG_<6j-aGxvP8P1v zDFh2H=o`L|*sL0&xtumZEFH35U+b{R1ONfBfg)(oL|Hl{=PQq#htGJpbis$pGN_;b zOMoP|jc&@kfnr>Xf68-k$M0Ba{}~mi!FedM2)sJgfGVN)O^6Qqy$~tZ1a||b3LnN}z zXgtU&cy_Bv>P!$@72vN6W$}9n(anN(ppj`$W{TU37GZLV8zo_-Rs&$EHcPBA7+!1S z&8G4CEjOTCg)(nc*(k|R>6^l)Kw}(o%-FU#4ixJpc`jRC@wx=jjt29cu>Vf#!<6@i zIOIBIOaY{HvNaI}+dScI8_Z99UM|oIYTdO+7|BHCtf?B|XI#Ac?N=8?HrUR7HM~Jr zxW|Zdw7gLn$JMW(arBAtl5yR--lp%KJ%Yg58e68sShZ{~W&_qS*M889XcH{@bPRE7 zLmn1ExVY?MPPjHk%KQykPOm9lS6D+W=WNZT{V0Z)J5?vgzW_KF+t&R==@8w1L?`P) zA;$x3P6SCpG~t>EEx?FM;dd#zevIG1*uB?WGZTtQ@a6QpjlpPWp0&emJ7a!3aGBdH zul`5po9`dzn|q2xk5$|#j_Kc=@5jaf%FmHGqwB}tNArsQ63@E2e0MV;vMk>8#T6vu z*0y!o{MveICNJ29v-Twi@@@0NG_{GVrv;SzD2oY=56b>2C`fZT;0yyZ!>jDp%|-XvJ-~%skx~}4JoN`y3s7=gXoK}JvIR+@C~%eI zU1C%zb=Rg{PzNVk_)DVsRPe9F@UL&7%y%EwX`zyD>3QcFUNsaNW>Rcpj}Ila2~P;y zo7Tk>f3+Vl)6m0+uGyFv-OVLKYi)3m?7Of5*c_Mq(DNwVT;9)v#kZdBvz3k=_S@&Y zS74MM0`z)kP8-_3TR7Rm8y%!>mHDPE(M@VZQ|_qu1Y3scIL{UaQz87-!+? zx}okj*a4d#x+ZKMirC-m&An*?-PP&xbaTOacX865O(XjyJ;_DGCc<-8pum=IfK-W} zcUv6Is#Y`Kno}u{t)Nx{#(!gdh`B+;+fvE8`O#M@u<1wSvi5CPQAMX4ad*bU3 zg30wF$>p8r!{iZMOAObO{Np)zXm;)CGfL)D`nByIL0#P6qxj|LiEJH5x+l)E)xe}{ znKH*1{nms?G2yyOu}ZU19av*^q^p-^5h1uqFHizhGmW!ZkA$p+Ko%WnE^wGmx5+I$|f1Gn2S)1&ouIpcW!KaSa{5C1slE~fVT6n(vr^R_g!e>>;!uC%DymZJ7%COc5H{o174mQ$YXL+Hgq zZsxN5cEpzZfT#VRD!t+460Ye&p?5wjaaqHeq8@fQ#Jqo;^I>PTfx!{cp+huI$@R`u(?cYQB{vVbNWITB@doa&^%gN`% z*3BLrM9O%Jb4PV+RzbGCkH4exSe7t=4VkThh8n){;AKPsw3pDRH8q#z$xu+AKffyN zP}jbG@`gQa#VoL}JAoX$(AdeG+-F_eHDo|VuB(&URkoH&oiiD;VzhK+(E2={YEGsE zEaTIoGkGLvT^!jy3MzqU5fBAY->FbP;TQlj52dbN?z5cBX{z+tyO1MxB4jMmDQ$bbwXQ+%$%Cuvu(;m<6nc%K%rdCaP+Sr# z1%gW^or)eVi3B0TQfJ~Z9~bTGXxGjdg*yxZFV*~ZRm(0$`YlMOp|Jivn|_gQjSVW> z4wY|@>i3{YeNMYvD6`z~kAmIYP3Lw91w{=Ob`ElFmHKY3DUL1Y1dqfk^*g7Ffe z)=S{5;A+*w1{bI_G`YfI5PsM7i4U#;ZRmY^03xXfqVll8a^IeC5j0rsb1CDl0ec;mN7)Dx7w3d1C?R%USuPO%uN|%{?c&= zhJgdUEu$S}bRGd0nMaTA)hj(Q$e%U6{qaZT3O-HdGjm9TGACKubk>*Wm|rhrqCToc zSk+ga6c4saIgGu(&ehN z0xisnNUbBaBWJ7AnvvGZF|W)w5LvZ52@WkXKBj(HyPBtfuaj7>&m&3L7eM?w{Z$@f zA3U7!@}L=v_AjjrB+7-8&(i@nS!~`YSHez1v!zjrmePB9H`fy)LBU&!zV-bdWA2uq zU%DUoC&vnAd9~`wswdQd7B7W1s?*-qfKf~4M(ReZ#t7*Z<29o<)J{!=Cd0k(@e{~y zGirb+U^(Dxsc;Y0rWQ*n?l{LgWAR%%ZhqskB2MhMR$<8;lme32uxc?-p5E!~>D}SQkjkvGRRx%#*I~ZA zoEdc+n|n?4WD`~041=y!2d8Yp+sp&6tG7>pmX1f)qfe|4S8V8Wozwck@xGmGRErJmb<-=HoYNWA-ybMkp+1s4KMd2*!-p zesW*I;t}u}U^bfQ;3ZQdPwt7aY;+`FPoYDUXOrIqgB)aRo6f1ZMa5V-%&s~T-&CZa z^1*Cn#*U7K!AgJaC}qn;QT$Du0}5?fZwhf_@Q|Ma)+ccJKX&xIXcBi-KSW%yw;8|v zL!2l4N8&u5iXTrk@E_uQJ4XL+;ye;QcO%nMqt)ZJl34vUi?)+4OKEYVW_M*MsmfKE z-S%@!W6;tqkNv~ybpzr=3*yY0`~7f61y4HV6t+TMDU6t3&86kdE8OtfA$FXR#3xPDs9wA!ND z#m~a8X=Gu)BWr_p!^BI)ws7DcLo zwzjHK(i!xNt3qo{@YyGIx}w4s5<3`oSnS-HvC)_F4NYJP%IdG)xzP`AP{mY6giOGs zIKLH_Z&tK|Y7;nHJpWoXuaMy$SW3T&OzCFE*G1KqtWVSZ zSR^NJ#QAMiX8X>`kada+r`DO*CFDd=p$WN0-Pz9eI~Z-($E75z9Xcbjg)=nr$u@oQ zssRa!MtFI`BEE7#Qk%-LJ0qhlq4e4|J~htzpvi?t@XFE7C*ne-{*baXME3EPZQzEyJoy~Iz8IUxk%1i zU>(yHtCA8kwkW(__ebVt@^RX5(1UJ%nTvWsQbmy}K7RS`{hHA)@@*Td=QWlG3rQ|9 z9b7jWw{k-U-%PDUZpGw^ti1{1rjh6n5+YOz zj+S>S-nAV2@*ogTI>udo0S{kZ<-AGAt}gG*=%-r)4-W@rwDP;vGe2xt;DoCVX>E~S za5qvbwcga>veZ)(v84`|1Y0asX4>i0md!n=6!=wLN#3(KZQ_H9NTjdA_?T}1pMo|o zUqA&ZoVGl!$9zew*q(H=OGg3{2h+VazHk}#sq~3c3LTt-tQo(h{9ffD4Z*LmL6 z6Hl(hD6YT+55^UbwHYM`seU~4+$5P_@>u2;YRdbO^!ruH&&~T@EFGF0OYJ#RfbF&W z{HeHBsZm+S()F^VUYP@c7!PgIT40_1!tyuMbMCjM=+o5qqo8LOJa{Tjr1J29f4MdQ>|U=*0;nxljb!W63DIKN!Qps zWU@QA!ff!-O$jp|x9tUCtBa0YN)$VHYD2l=xa@G()6Avo1yM{IWvP%Su!B3A&(7hZ&)?qXSn{OkRYjU48Vi(`zWz zLu|%GtdY5gKt`;;!~nBviMFS}Gi-H>@`*O{$oj8;y+5VT#|exT>ToX?p8oRmUi_;v z`=u4dl2)!sCySN27kYNBNeun8<5iRXwZAOVuCe6)==l+Cd@$E|@2%&)jVZ;Q#bNqq zm$l(}l}mShGkl*FcN-7A^K8ya{}%2JQM_s^$Juj;*I#xzr>A|5wV1Ax+`^6d*H>}{ zSh4FGCq`-)v^|@BCY*cdDBs{xQ|oNw`U2GE`sgL?)eq9u=NXRN-8Qy;ti}4Rr{$C8 zj;LcnfmK66_f<}tNI!DDKW@bAo)X^K`M7 z>)!-aZ)dpI$}U0kWaK>$wa-4aX>)B;&^6U1)-KCiQ#_XF@kL1%3?7&jXB7ETua2R) zf0O6iEaAd4`_jF*tQ%&gku6o}wF(*%eJgfP?QAHuF)}b~9xIJciWWICaMMER=Fz4x z``pjH{yYOm`wD|hmdq+jU2=Iv>;1l&0-A1%A zb(;6Z-idc&8s3~tm{ck{n$yewo?ritYY1A-*?W+S`&5jJ$<7OBHTl>1U%piAwEyzX zG}Da8wX!05CZ=LrvZHrj=M{@0*7W_+e&TaUa(jX5Nj{$)F2;$C^E6S1GhgoTUg38? z@m=7PSFNp3yY9(2p{GWshOInVDn3Rl{1sY9Gz_>dFewIJ#N6d3y4N&Bv&5v*rw^*V&%O)=%9` z9vxZy@nPboiSP0IWB(a({oiSqh8JJmP2K5VypQ*%l%VEqPzLW5I7^M^KiH2J?7dwll8tIrWfSMa_O zN^(o$UlCz{^>TiKVU%}K*YVyRW9Z>~Khnnr#vGgaGgSw>>c>hUgd`0-Hg!}L7zqOia zk0|;X`}BXgLQH?_S?rZ52W3+$R=9N`rS>XRrxjF-wfVy z>d|cX+(Zj$RnIH4ui%NV^X~a_65Whfc7^QUyE?xTt@L~4>7P)WFBoY4VUv&QJ|C-F zeUoDyNlq%$rFRwm;sRYJDoY}zL|vcFU2gv2=8nV1?dvai78QIh|CSf}rg-pzR766A za>2c^V2kw^H^p79nLnxB@Y(R8^06V2ylIZ#sf+xGL9c&3pDXqq%Wf zbiR1?=K*%$v&rl_S!dz7B=@dC=cdHNSa-?#GXtl?Jcatc?ctXQV5X}qNGki7%Jk-~ z`ob2B}h?&iBcN>-iB;0AV=mFfn3_r2$3 zs@L#*h?;YLlCUQ1uLO2A-Hn;o#yd&PITzh78*AitdeF0TqrZOsWtn3-_m&mSOv%w#BwvB0P--?!sc8WHL4vE%?_9>Mrbt*L|4Jp+qIhkF()3P@~dV^g5^8&Yf z>5r9INVe_nqf2uej$8RWa(AeHo%*nMF!rNNO-gx0ho7ybj#sKrjVHU4NS zmz0(Hq$1^~s#3F{`{R|xhrSbrjn0gP*v`6D7Un_KS3dXfdma#&jH@x(T_-OulDleT zjTIum*E=U?hE_X|t$Va(xA<|VhnYE(Zi#ul^9tTQFS>Fw#X=_eugw>33vKo!3}zga zoN+WKBFeG(gqPv`i+%>)+T<-6R~d)yHisQs%2*!qtF^PUYkOxuQhao>-z=+Mtzh3H z&w6EFL$?KYRj-7$uU<7G?eI=iV)dVVet(o^sz-awKT+l3Ddg8}=r8vtms|Jg@;14X zf$gXIl>7YEQ{tj@M{mtnGw6=rvcq(2x$kJV`2c@OLr8&tCsRR0s44w{p^nMEaK7Ly zjTP6n61G-^kWH>vq-guFy1KYQ_3dtLQ7j&OVk9SRQO$OG!9Vsi z;tSVh1-94gPC932*tEyZGjCOHMNa-n^7@7iRC$P9xZ#-NS~wMOp(y0|U~iEP-^eGQ z$}>jt+dZ#sckGEIGlpWLTj=8&3x&P()E$*Yk z*~dE5!UjYZbQf&%U(Dkgi+aE6{>xoqW9>xLVWZFG%ccEV^|xiJy$jx2XgO;@@Pt@l z*&Z<-zTM!k#be-m~ugmMOXJw%!l%#MQ2ss-BB47;x*t|eJf2~ zx~Ti2vhVi?=cPIV^U`_jl}qfMum9lv_zF*&F2Av>P-(8OU|~OJdXu7p{ieD5T*5NT zOdGp9uJES)DUeoxe!S|>7gMQbA;~(bAhb;+{fp>WVOs(}zghYE+oBm!`ZJuT+O%R! zGF>~+g(JbuPaS7hzIFH{BA<(v4K6LdaPwA;mt$azk9McsMWKxm@oP^S%*^FvDn|;~ z&T@aWYmKo!ztGg1V~t*oUTxAT=Ur8U_H`t*Z?00@l2DnmvLs@_Iy8K4N~T^|SVR7y zKc^kmN|u#ZPvdF~)zQLcLkFoqH(_4eCi@(-OLEKC&R5sSogLiN&c8}!@#U*`oiY#4 z+*Rdm7@EcTf_nKMxl075#x0-XcBj}Fdc?OL8qPnI_ubVu`QT^?QWV#k`2Ks_3y+rk zxn_8#Y-~gHzTj)}nF?!v7`bGW+*%S;ot&Z|vNMd&A5D!+N!oRBg5Nb-g71KvV`Woz zyGN1eRsjj4wRLaroRwW&Tf3F#uZ5e2nFEd`2f!s;! zYgKSeIeywIYEacZVo<0dyGytsw2Pc{Y3S=(+%Vpye?6mm-SzCQKhs4^k+GmkL$yWM zRjwl%r8NR^4F>5mjAT6?^Ngm=Dxs#GH^e2%rvy(I&F>DB(=9j+lsh_Lw!k6i}>7&wXUGk+DN6nQDef(%i(?>n6Ge>3Z zy!@^_N_JeP#I9}Ge%hCvzjooE?&&z>3ASh7-{a1^yov{p+B`b)b#{c_j4We|AcI4O zlS-LcGYh2d7wvegs2R{a&*smP@|1-Zi=(F$irR^FA(;;+ho`hOFH$?G^bsvRh;u#2#M{^eyy^-10L z+s&8<-c8S(8DQG;KL+ox{++Rd5EzO47iRqfOY1q>xVw6|+H)BuuI{#sjSLM(2S*K8 z8v{FcPe&U&OAj|Y8%xv@K?zGc53Z$+vz?WToUN;k%zxj7{pVd)HVl0OhA9JK%8_y? zW9MNjcdid(hlZBAs|(l8i~Gw%|4!kSrk4E$|98N-w1xu8L@*}CL=Yy%#@Kt9%yr=3 zFVughdrSX<{X5s%jA8Mg+3vs2t#RZ!+cEy${w{|64tH1E!!~x**mdl0L>*|4nq~91 zfd2xHt}Yr@T)g9Xueu00^;QnQxj+eWg zy#N#ZffQi==Zk@}*m+XET4t0Kg(>JSLMG^aDT3V$v{z zjlmen6!X&~%ScTc%+g65cNe zO9YLF&~!!d*zkTa66HYqB`^+x!fUVz45O_cKrv;)h+ zB3W=u1U#D00F34{03(peSu0z>R3N8KndIx){xN!Lw{w77*Dv zupNNn7LIj*hr)4);=!?w#R0VxtSb^!lyn}-f%gk|wDTni5Eg&OFzVRgy^)||gU*-Y zAqWiv)h&bpGbJFIsd5PR4~hrpJb)2!{KHr%*dC2XavE)C zpmU>ma6APV2kr;iIEupcI2#BE*QXQ@wtIlF;Qg`*pej0#4d-);N7E^Y#5BEdK)|B& zXns!d;2aMy792a-z%)=;W)6!D=L(7k_f`PI;dnrR3J#9rpzvYQbV{`ga8Cz#uucJn z(QF80bNF5b@Nl?(rg#WW!!Y`t$Ist>!$1flX!0RA2i5_wXN1lJM4Bu(0owsig?o5! zRP9LHFBMSfJoxSlN9nyO4ze`uJSbIRFa~Nf+WT+X{2Y5fA#C&M`f zU>x}V3TLCV9)~(3+J31G(=n2k;|V58(*eQcz;{qMfzWy;>JEi=R|?8C_+ABI7<>;x z-SNQjilA32c2-kypP@Ve9u1+Aw;KvJQt!D9Un42SKH@?SVcfD#0Sdkw%N;a->G z!S|;Gb*)TWmqg(B0x%9uS16NqUrhC@@c9A^hwB`IswZKY0gt9(?b zn6?IomOrSw5!eo>+bcM}01SoW3&kVgb#c(T!21Q^ly>I8DB;=`U?2(5d2lTSFuLwR zr$N&n!N%Y^5nwp&E{M8Ehwl$S_J;dLfc+eN5A$eu4^){0?SuN<0G1hGv=|03lJ-6p zfx|U02ULWxUjmGlSE+jt+Oupn3D*LYmYM&92j69YP(q9C)Lj~Ef57@^{W)ckG#wBm z3g=o1gZpWKv1sxE3_f!TgYAlHo#7sb!mwX3uDg|^vz`0TPsa=#eW;JLNQV3_S640r z#sB$GOvlCEm4W>8vj)SAp=3i9prBi~wq{vd+u=4gh!q>PChb|cEzYsQQ5AvzpYr#A zFX6$pa_9d1EDT5ndOQIsDNTJXf&T+gO9KQH000080BjRUM`Pgt2hacj0LB3T02KfL z08K?yK`lv6MlWq)ZfRy^b963vZETg1L23gr3`O@jh4D6crr8yfNjAAb4lo#7P6f6s z#+o7N>FX5QNoh9O$?*Pv65b!LIjIGviiHNf>)x~i@+BZ$20cqO@A`Py?6V_`P{sZX zs^zHuJ{vocEv{m<|fsAO^>}16PU(LH?_JTpfhq~7_?(f=$*7R z`-MUWQn70~Z(#e0tk+bWQ!?!2W6-@;{VNiItMr^4((}F(Uhq`>8Kwn2jFrKU4e2<< z7fp}ne5ar3s>_^UymzgN{@+&|HeXOn0|XQR000O8Y*>&|=EDoO=M4Y=;~M|~7ytkO zO+{2eElEyBFLP;UZeetFa%FQdE_iKhy*XKPvf8rm{EAe*s`KJb7#;ZTPEIXGQ307m zefbKRWJW*{e*J}*7?YiRXP>gj%8RryaCJ{G~FTb03M zR`@W2k>~_Ip^w-j`s4nU+$pcbbzMK!_zNk9AP9_*a7W{mfq$hwTaH_PvpPy5c)vRS zi2b}5vcmmQl-5JJx3J;pP2Q(9FM?Fp zbBk^>-<JN$7m#doWp}YbjrhYQ3Y=K>YN|fytqOAgC3Gl4;w_52UIrY4>UU!wib0v zDOsRKuyZ_;%Oc$$TX+ITf5$^_d2vbe=MSm(!gH+!0^cbZr^LvNWsF}?$I1&sfo@aW zV)Ky`%8pxT5duO>3gMlORgx+2!K5m4WmC*y(t*t=+%2n0I?zOgXl1gV2zX=QD!%eF zcY__-fQ-*fOrNsm5NN0yj}yG{LZ_g$X)FhY-8gEJ;j&>*oM98K{BgD#?@<^eb0&$p+-jS_C;v5$lh_#;ckj%bBc7LGrHL0;bF)r z$!00p{u$t+j*ugLOPX-Y@(oYv#aIxWy{K8_LMw1X7}kc)&t!bE8nkpshe9gkb~}j= z$aFS~;bJp|xpUzd1vA)UGsKJz6Pz4yp*=ZG>W$52`_#+1sPN3ScXmHR9T0youZngXT|YJmd2plr7L1g=p+5T&I! z@zzRNl^z2m%8w5FDB#H&p@3p=fT2oARLYuGHq1&hEf?w>5Cya zi#odzsSQtS2VN6)IHRyL2&kKx%~!cHm5N2OibaZ8GdkOdj8Mxu+lqR0mRDI1!+V&h z3uj4>&<ZxwatR4+#TFYu8b#dn0uV=c!X_|(Lni1=ws?@CiB8Y?7y8N)B*wQr6#NLeA zJlhKUlPv*-r6>h3zRz}_9bPHv?l%QQK7_*ay5Uw@tYR%ZqX}b37l$yK`P#uMmB0@mjRiKN^f!Rj012lIA?qD@((l9}_Aw8IDG$t(g6*-}gdlp;M zN8i|&6Vwc~#1s~l$^_JEU1FZXkxV3wA;&}HjHWj@7EbD;TC$}k4-2Pu3v8=UNf26o zJ=S$C5s7%?aJjP|<;7k!gp8|kGMYl$T(_5lv$|PvD43E!cYBY^e$>>;98{cgNXnr& z6>ECd@Poic^BEG=u@Cl!91hbKN=GTjvk9P15yO&(o=oMu-np4vO~(b7iM0|Q)@8d% z^~Mfd6lS@JMh;c8p>rQjhiB-Fn$&4?&JN3AwTPR%$q<_2m-CoULf_}PF4-twzXaP< z6&Ot|GDbx{64X^_g0%!mnK*eAx_TM?+ksjXy-T+qJebWRG0JVew zPxK7Ko?+`#ComOy1kw}Qb^jfKolm75L)}%1t7PD_CTH#u$eDuCq9Jhyw~sbf9=E1( z+Tc{XXhC|hn`H$CxW0O>HtSiwFweQQ7LPlVJMNOWfEFQ(DEun6aW%iBGjef|ub332 zX`7k1&cNJgt?1$kerb07S-Eyu|O3ugtWQ zRlUQd9CCQFaWyiulXJVk)!r0uyOxlx8AmT=OdEE%`g3-2uh~gKU@_o5*COc(n5N!TvK4)k={Y%LT3^eM z40AYN%3O1f(=Oq6NZ01O#mx0QDvf}-#a3qyrX_1HJ3E4aU|d3)%%POTtZ>?Gsnc|%+fcD$qv=> z*WUN@Id}zLPD=RwP`wg|BdUfv#FCaU}AKVQCoD#va{@tSVhd++()7{0=F z&81cNZuQbF{`W)LtJKe3=Ete*WA}N>acv{MWBr2Q;~JeYdXTu!7=jKTP~-ub=otPJ z8~?p=|1t^djAd8!#=!R+R}fpah~NTvQ@j(rHLfpu2X4;scNw%L@B{{2vG=r zupDl?_Hq05Xz_*W7m!ev$FB8ti@=KC`?3pEvO4$lqy2%O{z`k>A4x{W~pke`5dr(Jwom2M|53ChSV zqht98{lv1@K)(@vRp+9fbWC<`@r+{R7#k5d-hGZo_-H&qFnl;3p(AvRlPHdiM+lCN zt_yx(zPjR*-SCHvhW}$kyhmXc2X-SkZranlNce{07V{U_`vP~Doa}x*-OJsHR2r(( z#mKQpe`bO6vrn^8w+lq~pj|u-`%k3Ly+`zF+pRY6_d>6*sa5X(!C=Pq7|n!*c9Maa zC5}L@x-vZy0E}aU`}@~$D>CP3_cv0@ z*s^bGSWq?3#_pI_N0fL(h+iY(S5+L-=vUSG_Fq<#|IalGdeS$(WmZ;JOlMA4QE>vt z-iU7CR}opadeOY(?(s#^b;TRZ7gl{%`NNS=s9Ag?BeuGt?ewtnE8uhJ1b)!%)E{?v zSF;|G$F5TJ&sCKhTIdVlryaS9zlD8u2z^L=*Xhse%i;V5$vcwEio~k!E-%-sjmt&N zQT(>Q%o>WaFm`B}pMK{Wb>Xe-a-z7Td>1>dB=-;)2qf#102 z1I-QQRSzRAziBI8Fkkl-Z%n`GEMB>P+ghmZDZ5zyQira*pW*KuGOaByus8kL)VA{S z7|r$b)(vQZo@mJf)R#H+EXx{K0awSUV%y zW;h+`QbsI1+MWfcjOl%K|5NRB3xObIpIZEt!sO>a_=So2iBO97m!xk-PIGY%f zIKt-GQ~`~+;t3|_GL02I+?$IMW#}$?IHv9aZ{joIV%l71C(CfWh4!w!gJC)46k=m? zh@!dr>7>{@%~i^YPp(Ijx=%6ejIIY8yPSChCW_}GvnJTl;jI-7!BjF;f&ooTw>9rB zujkg6Irv_BZj%=NI`glH-&B_O1^-&JuKZt3UzZv0QW~E>{qxhmfAufj^Zx=+O9KQH z000000BjRUM~Wf&MIQhF03QGV00;m80Bvb)WpsIPWnpk|Y-wX*bZKvHFLrKZE@gCc zX)a-NX=5#AD|%^gP)h>@6aWAK2mnTkE=Ou|ff!W&0RXTR0ss#H0047gZE$R5UuJ1+ zWiD`JX1u#qSe(JOHi*+$=te>a0lJZ3fyN~epqs{n6WkqwOK@)-5;O#N4Z&R#f&_O9 z7Tn!^$lhn~eg1RinP=u^Zq`?_7Q0oiSWaPB1&z&d3T^ zNC>LxZf^>PiWxc^THBf9LKO|oO`X6TkNwKHP=u+IvlEz;>mM~?VO&#NlfPD+-2c=3 zuhm~$M^jtpe;F&AI@!568b5k_R8w@cGgdKubfyh`gaU@Dnz}iIq0%;wcJTlDiv8DD zS{D~8?&d71;%w+_`qx&H9n8t|F9=WxyT=fZtrCx|y#I_O!2#yv`>!G=n3Mlsx_{N> zOie5e;dX9dZT81z9syo3KR3r?1emR@-CsEW9>PBwaG@$LM$Z4JzW_Nv#=o_+eUA%; z+c}z;I{wp`UH9*xjGe*STs&;t?0g(xK7M{S0X{xHFb6-+V}Y9w%+Jor#v{Nfp!?6{ zfuY8aa37QMh~=?K?4Om#lnVUMlnVSOr4p9b&W|yn64s9iK$sfanLOt9t*NcKvjv!g zn?r!_(GKk7>}YCegX@-B<2_qkBj`AP=M(;b$@%RB^(}aBVefqifjdfEEzXu-+C@mA z^Op?nu2%yQC1%FA7h1+ex!2BxPD$z<`S+ZAZ4XA1ZL;NU_h)u(cinc!E87Eon$$j; zcJqA+sXlib54U^1x7Q+j7w2nm>ASKz-&&EHw$-+W`=Pcjk^7THpPLY0-nRR_hjWlq zXc~fIz3dKKB6@|I;Hp66v9GOK`u2LI%qCTs>!vSHfAH>lhO12g zMAa1)sa`~Hje_lWTRHff0H`2ZUiKww5#@mZWy{n$>UEgn^T5 zb`QI@@lOWZ982}gzqm$GIy~5NK(f)$$k%6+EPU0WCx>gKM%83K7$-6U8+Zz0URR1^ zHj#7kpJ&x}>}#@G9SLp{e{_*j{l7FAtifyu8?7uiw)Xh z;hUWC5c`!!&$kvRx={0t#A^n4KICPSNAdwfPu8X?!O9NMFk`)-j;CMf4S$Ayq1-f^ z3iT;K(`O7;monSH_Q}%Fn|SUDqkA~6SWrv(Ex~jHe1bC599ef?Ic+`5qB&|>A<&}J ze`D^jjvzTHF5Q1sWA7&`$QM;0h$igQq!z()9#FV6Ve95A7O(!nQXfzF{a&Nz%!`Z8 zFX7S0;Tu?Cht-k$QnzPjeNf$YxZv?1 zv&8TIbZTy2LS-li`=$fyBK(IwXzSfqr+%Nk!LU7ilIf@4^B6-=&V$54g{bq{@t)87 zT0T53KjAyv^{GXlzCA>(@9n`o;ro)?s=NIw^@p`KsAaiIbd##yZ@LSWC=Q217YfjD=AN3|ZeLq)qrs@I4Y>I9clI_Tp#WOT!5{{yg=f z9)pdyTS~_?hf|q&ztu2w+9F1fp)`RFZkpdh%dp#*gou=2rRJXis~!>`N36sX-*a{b z8NYjr8WMi0u(K4cT}d#K>#l!83RM>q*_PWNupfW_j)ai`&t>R9+M9VLrxlf&ZXlof zk^n^=<_V8$ejvmVHkIq1UH9|qwL!+x4j8ulrkeVzD?AtV+Zsh*;>~1;P!vrBbF98XRE>KeR=G{sVt0bG`5kDZc zE>DEAu0QufhGTP&Wsfv(CPD3Mt}Q~FzQ4{0gSshuJLp5?SP}c#jAKtqaPHeb52qgz zFAW=PhvFyO1pHDxUJwE*)M9IK;)=r}zicpa&n|J)iTARix)>WV@2zV42wP8Dzi zjj`ET@&O+5H&gG2ypB}rznA6an7AS;Rw>*O@TT2_aDyP$)0zjhPb~QgzZM;v%&Hsq z!BQNFTUJAFtI@2;+^dVZH_v4aOlH|bSVaKHl89+QG_K*S=hJpmvEOrQs>^2- zE>OE>o2Rqh)eOjw8|v^uc8G^^7?9G0Wx>ER6+Z5k$^ft;Zw;egpiIf4$pvFH>~!pI zd?NHaD0!cf^&ux^F!2Ke3i2$UQx$N>{+i>#+dmW)2wp9NmJzM}7?Ugt0~dbf)~pxV zx;7`-V+mQAj-zPOz2Zr5yo${BPNGW6`n3FJuro8J(>x$L=Qj;$T&UXn{-CTR zVy^}p@U3uu0a7p<#iTc57kwU2i=jS_Y~0?J14ryJNdn~S<`?GMGf(Jy{7I(@TV3Or z0EVVba_ZLRWCChzm&5^0Y&CdPkiyG4=o^|9`!TpDs27av@Kp!KDl%U)3a2kG-uC!J;_?UE^Z=L*P0efpDXDO^5J#fen6c=eJWK>xH!fd7!LQuIQ$F~ zhqanDSH6;JHhh#FTWKwkqYGCo-K!dlFMqQgxXpadqO@qvR?H{~2J_2!t{puUv(%as zXF$ShOY)S2>rW4}#aMqf6p<9YC3e9AyKRc6p#pkYIYL99Uu-?atzrZG$RSTz4hNd( zCZl4KP38pvIguNPoIl|m8S`?PjhnyauYmV1Qi5ww($(F%<1}%Ex6R*5pe?OLMc0#k z8`y7eG&#XPhbz4udq+3Q{Uu}SUHY?EtaHjyevaKxCVGo&DOF@B=bdU1#_g$)EuebE z1QA{Jra2W^Bn)`%f(c?=sA+lvB=5+3t7^}hHxC)yy#;^Em-fB;{>C_SaFl=Y-G>Bf zU2_2l9SL8W=_T)YgBFE^bMqkgESr#@Vtsbu?p80!>}s50?L@&1Z+&rO+-4ty@9UCJ zcFlC@?Kbjv(3G(kTg20|3*<015dDqlFVZnp1y3&vHJw+bp{j)+mLM2c%IK`mKb1Qy zUeYuYlma9xs%aXZG!iV1&oUbQJaEmvMoq2Xmj`^4igecp`vWTK%rukE8ag6@$0B)B zKvldkPKXFlHJi?a47@t7$6VJ)u9KA9(g>wbF5N)g0z#)``NX#B8owMiQOZz@Teo$m z=fGBv1ngve-t5LJj8`#keF8xCx)qjI3}1BZJMSD`ftJoM*=>89>K%?jnqHV$&Q! zL?%nYswHfAMvX-}oP;OIu8q{;XR5XMyPPlzS|0@2N~#z@B1ggjHN)t+L{8Uv*onKh zA$PHb#C4XCw_r zxUn(yQT|z&I3VW-4EV7B3qvjn(m;KaON&zu$GGw1il=ji0yF_eDik8Cy^~i;X8e(Z zpOS&F#vhdjJ1Pm*ynfMt>?mRO=%M(pT#H(bq}6u<=CB}XOh61wUlAeNL|A^t24~!_ zogXloZz0*Mzr`k5!^jr$1AvaBC5)f(vN!`}Pty#<4Nw84g)foOZ=u>tNP8~|Pi3{ihYhD= z31FYO+hK4fpc3*{2+)kx{z~x}tN|3qz_GJ^pbrlD0ukEwWt-$vl666NzW0#2tX1@i zVx}4HVqp5pfJUYjhHKlR_fia=!xsJFPzCqHL%G{*%|URE*WuYuM(1z6iGq;&)%{)( z$foEn(?Fo6PS1o`|jvTqkWa|2V zrhgsE6TDRbL{$b%KyykAT<%hvOc|yK8?}Rv`?ANX4ecn#bfMx*-iAKH-+L3+xJOc- z5-tah8QtV9R}X{wEVGC;(y?+m6(HiNt9*WcODFBLyEA>$V zsKLGr@omJ+h|sbb(=Nq}Qlt?o@(n?Lch$DOk{77lrANo;&7N&9YZ9#NwRSTe;72qb z)G~+x*^7xqgJ8imymWb@my?pA!2;ql;P%pkT02NmV34b3!q(!G#vzv^dE2 z)gpk)w%-7-R*auFu>sX)lSw{%!3i$sqKaluQ9Zt`jBzZSU+;a_h#uIb zV??iG_4SIynYxyvMq|p`g1EOY^Om6MHTkMN0`SXh5@djh}vZD{dr;oSKfG<6? z6ajD>9GJW7PiX!pNRPcAxNf=?U*0vuRPnf{+I-7cYS8b?Jyi#G6c*3~AQLKz+Db$^ zh*v?h_tj}EnY+Ef`9o`9IWMQ`<~RhY`cxA6i*6!soI;ci_voh(uu?OOTp{~Ot&-Hl z7rneb6DI_q0WDk-(1dnuFK+`Z{>&3p(Wldh;vp)9uJPl;wR028A3TKhQxw>bIZWgs zy@6zTS}P61K|c;81oovu?|R*p<*oeUUAEP!J^LL+SW#O@;8sf0*XIn#lj*xDrDAcw zQ63RQ8I^8F?AG*}?|9NDL={xKwk&!dOD9lqlqBaFFH{fI@ptY-kYRsiLa z%4=8g7!&}gHyx}xVx6D8{V9TxXx`J=eeHLm1fW>LA3)G zuy(d4zMfOP#s>Ic32)6MWYYTqvt9}&-%PwPLIAY%Jg5ZwF(EX9;e7X;iRW%)jxWihYZY~v5fP>(vLtdb6mwodpA^nO6kIda< z!YYU#5zneGf!5K**GuUDNJibzOb%|&1$E*bf`#2sPxWgHoTak$PE>C~ z0pTrNKfTVt{O2EmB&ED>11Zpc+K>M7nO*n)s30QFM+(ua@u6#3pV!x{el4O_@yxsC zt6G2Xr6R{Q9{Kw(Pe{)*w$QFOYHYDmt%31`>dAXpkgRDiQn%b+0wN{?G9uf>U!Hy{ zck?Dn5p+i()8!JY(bAVq5B?g#a2@U_4!EL6i1Kxpnv#_y1q8`kkdn`+Aq1wLK%9GL z2Lv(jT-bE4YrDgx`dzs;JpvWC;o<=4W+F?U^mpfs@t}t6lg=;`SGYy|%b7D^5}y9= zfl-w#Xf*fU%WHoZ7BtO8N=_N z1rCuybV_?^k?$#HW3t@?`%x^s#j{!@@0*hw;Ev=i&z<4R&`nhIL?yZj{dT!iaoJ-u z(L;J18(9cO&~pB()87x*tn{5`PaC9Y-0STQrqA(23+v-f^daeh5go*+ z2qBJS7Ba@jEva-4YR?7M|GhS%g72~~^SQn$gVurR^5jJf^Ca6RGzLHBw;@Y;jc?Vh zVBc}TA^y~Q%xNyM&kdI$t}EyAyg=l(5h>FC903PR#n8hq8hb|{N~3O0aJ5x`Dz-Pf zWUnXd7J+7;jpL($Qg`|6@(Kk?JBWN}ekBv(z`Cm>>8(-Trf{HuGbSRnhSg)unxh7z zQgQr?h(Vz7!Jo7NaHAw#(vjpdHcQ!B9n_2i zF%YX?`EsHK2`*ZSi#Z=)4NtE7HYj>pUjeWa+&5af&u6L3`4;6`ht99@z03B;9XVfl z0Jgt)K&J5d85nob2et90g9d-4zF7O>L4osX-)$(7!gd;Aw!>Agu-)OS8Lli=D!A}l{$ok!*V zArqDI#&z#9FFdFlhf4ek3DEzUk|}JO-HVE3F70V?fb%!`0~}B^UuI#}w7lL~n+J#G zN{p8$>wN+iYTkjiI4@M%3 z8~QM;DhC^&+Vc5_7(UxRwJO2TWh(mn{iVip;4{3X#*AV^{DFQ)D#JvUw+pH&d)n zAh1^}<46BBZ;it^)g)gu|5}&BM30`wN%db^!YajCkI@237cU>a(~opwxkf%`Q#q z%hXKpccMZp&%bTpb<8UV;DstXv&w^EjrIwj@ZEBTWF~IRL zj9aoOS$(cpFZIAI>`Eeewr8phku-KS8q(0j*my${;!Uh9=2H-ao6NF_MqxH6I-V*< zQhG7bsA}6r5z0c;T{X>jmeL8;?!tmK^;Vj0>TC6Dp=9+2?kUqZ7l&*LoWl z)cev)XuD;piYf^)ayaNs$N?3G5$o`vXE~HGmuu`p<>K`@mlu`0z;;L<7Nlcd=xhrc z{y^dRJ0)>* z-E7%A+A?UQf7q3is<;u(cg?{Xn{qjs>!At+Jce?lkc?##6u3=!O6ZdzD%j`uTE6rh z^%InH*DR1c63+=X@5UC@I~YhdsD zQ$UtDUlO4ttcQyjQtd3GNBc2AqV0TAFuFP>`b!?lah3oXE`R)u2HnB3_|S~Sy@xm*!?Im}uzdwS+xvR->_RPwY|Kb`67 z`dKXdXpKNYQe1=>hEJ>&(BDoujed|CqjkNd`v@m%o869HW=->eY?6Ki8!i(s2@n@^ zlg)`v=h;cz(bqtm_8gwTBr1q84OC33$h$9`JsPQcJnu9%$$nMQ^s=XUXS2->RDHP! zQk2e#`^AfU#{UGc#2NDuY{HUaIB?BJaiRp_qQ#e0O9EC5vu6uVK@P=_!PS3&L6` z52z@`YP?{=nfPd(VbfSBt|?+;d_4f=2(p)A^m_wAu8+pIQdQ;Y7mYHJgG)xlkG$1Q=+6w466cz>h?S7S^{(8BI z9+jE0>eq5$CY*#Eq;u=|;A9mn>~%An;mgRfI1y`(zf4ObRWN`Q&A2WZtc3WH_8GSh zpyLgFlJ6n(L(8BQU)(I{=9wGTF#HbyRRs7i>oUz^MtErSn>QK4!Dz;3FE_3Gl z4Bgbn426|0SNdhSBJrWf2hGEEnXPRnx-Ra( zKhsoM%i2Zo2p!fVIG8zumsRa$cb#2D4@hWvH8z;PpSaL-i8NpdQ9R)mDPEL%^o{g- zG5X;tc+lt`C{CLHrY_+b7-a;ZOkRgOPHGSwCjs%~chWFf2X75(6&&1Kj@JO!DUc~Y6 zY1t7tf-fm=g8_)39lfad7v5AOv;iMolU@#C`|E1=SGTr;+#*&rdv(pt%dp&O%FQd2 zs9sXWNFLsIeNvDvneR&H*;pfnU6f#*h1H!%nts)da^@>lI?E>S^-St3X7h%uzJW`v zoKzW?4GJ_p-_ip+sIfFt;)DP{=CO@|&LZIx5p%!p7bSj_|DeLOxfqhtvQE27C7YD4 zAHach2jBpfygmq)F?*9}gW3l(-U1zGkxJj}1Ebm20dSl4Z5Edqcw2IA;V{k;qlGNc ziuiMWkWxlzH4i3Wf>Nv3uQj_a@?P{80~fC1BCt=SV1J)#02_#VseLbShPA!-t8wfP zIi~Sq#~dLUx}`TNWUeO@j7(+n`CL6xSIUjR0$hO0F|L5cd`7_Zt!$5({U=C8ZhbgF zAnErVx}gr^8&{Wkjw4AYj|H zNl)UoK{y;^4+Ud`$W1(cP=+P@5>cf2v^0Z5DtgNO_~G>I-?=56B7? z5e$Sm@5?M7>v}|X4zhp5%k5`>a#p&t>~%fk$NlO-4k2OP9AzA9@TQOnBLG0w-VL@(Z{{4x^B(i! zZp+IJZ=2g{pVnL$FA>w0~ds-?YUsOr!e*{x}p@zWdob-TamJ5%y@?pH20Aq-E zeG=*+@P9d}sj&l#?(8Sn=?Tmniw4GUgm8cZuD=f5>t4U@+tn{P$?$^NKQ<>SHCE=ArWef)xZZ@6hifNCPrFYfFD3(Bf zrvv~?D@AP5$lxE6!BC{yt6N^&b0(dN!^DP5P5VD+I8}fA245d3U;K7S+$v3Ho^=*6 zp+-ag)HK&Uv56;KD#4OJ#f}ROS_wbuaCuG$Wr+=!Wk51xr6g^BEt3j&a!E;-XPou} zp1UYiW%!^4$YMYw&#jfS?U)=)(2>m$ZEP=P>tjXYvZydCQ1&p+N5F17eb0Uvomjm#IYHD*j+2{h2>pc(Fp z3B|2BC`F3un({H#@&Js;=x4oGmITsMbUQc$nw5mkDUViPBS8 zRh(OYFPL5UDOSd;G(-=^=T{dg)a?a8UI+olc|BIvXP-HIu4#z`B^I8DDsq2L8%>Z) zV;MEvLE4**?>=!|l1V3xVvFXSjkE>|`NwuS!l!-J9^aUuk+gR%+8}{$A^5a_84esZ zh89;T!v=cj;bZRjdkDaHC)hO6dWMy>WkZ1>hEESB0o{cm-c$;u8Wi@sz+@nlz4r8xmH1RK_R5JnMt^0u zhMw&up#n(fqS06{X4_ov{I~+12hUNi$AL?V-qZK0T%T-fy&L;DdM;ZU*7iW(D_|;& z_0Fk`yMh4tLL3HYELk_sQr0B5x#m=pNckv*5Z|$Cjq<;;qMflu&s2Y3OEQwE%uFMt zo_dDwf++JF8Hm_^8&c|)wAHkC71Y0d zP)ZejI)0KnE|TMnjtaQynXfDqc7lcYyOGEP&ZYn{U^l0*cbVEcY|)xIN{i6tB=(Iw z|Ks1=XGdT~Hm{8?8=z`dU%zD2FjE!9Ij{C9Udy*%+v@QhbECGPZe4ZwDMmEIBw{m{;FT zf4$Qo0{}KorqKg_Kc9Dnr$3(4{(!7pu*7#N?&2!>?A;sm(hQrr>)#wh?fU679N!O60B)W?C_Aj5#9bm1`)S^KSH?@Fj|T+#p7kW>;6mUchh z!-!<(7mG6d7F2Mb;3N^56a6%e- z?WH%{iK-gGD-lwrX3XJ(4SKy>NH^{!>8GC%_cnHi1^9a>SjQRGK@5<=VflKCVmQkh zwLg?3bf`qk*pL$=t5q45Ob)BjTIul5eVZl5xbC_#8az}n?OU7+sHzSitnc__BSY@f z*?byZ1U5L{C+*NOm#tkntxjh#c@-@TznnZ)fsRvgOINURb1T|nJ8>xX>h5G)UA1Md zD&jB@{KE+=bkkTWDE0mxG4N|={$93Ml0u@B0A~7_$M~M#z-m;`kG0R1_^;x4nhH1H z_f)kWU~-_#@?or-o5Q~|#PDVqrOXKTV5gO3%oJX|S>Ry4cJ!=atys{n{S>7V<^eWI z)hYfWFBNd!IpIYvPA7OoYX=;EAzmp6nG4~kMdI0lvJ^Vqo5c1jX=dK8ud+=X4CMSu zXjNZmDdh#!{Ir^zPYe{3s(r9&sGPOMD;g{RkYt(`%tN`nkR05&Gp`+`C~&^7SaNVf z)i$ax?y@4tNAU4lemi*!$8e2@7736Z+i{zJ*&=r24iL!;MMna{j;(I@tffr#{S2Om zsGfH!6;|3=G7mIR_w=pi7hgoeP@F#~OBR-&fXr0up+Hj(K^ml_oJS3KRi*4R+v{R| zEi}c!7EzTX!@+A1PD^vj5nre?ars7q%yZKwGV4|x_cw6*w401Z@}a|5-gQVB{ZMC6 z6+Zg5jt5evqE1{=MTyN!q?TbMiAMEv>pif&!$uw0o*tH0_O+Ym+&+&Op2mP5Zm2`{ zDmpiKd(Y}5*RJtP81Q`>m-9AUiuwE6SEJD;@(d^nLyTlV=1^CE>=Uxi?{vsa9GY*x zL4+7`z@Dgm*;#O|-?LmUR$y}Dvz+*EMwf8u%k?OITQ!rzYnTdhj zNu~^P>{BjHN5)h}dTzt4@z94^iA+LXZ%%2a*a9RVH^zK>A^4B{t5B4YEINc@twknB zVRdB=Olnq}io%8G&0ucoTiT0x>yocdd%98YX-~7ppTY}CWy$w`oPM*Q54=Yz4v~dX z_$ft4W5gg=SbXtmww^~f=7}p%Y)3r-)hy`OtqR_XE#e&<65dg?{1kC+ZQiliiujBi zrOG-K9j07qhW$!B3{-w#J1;X@2sX^?xCsPLFcAj?bb(+~6Q^Y&p$eT;@)(*8V{XfJ zHGhJ5SYOXRduC|RIzWq!Q1sN*!aL6K$x{x)?G$+aQY>r>5h78s#?k@Wm?=k$t+}Do zAY7mO8nNAO9N{_MGI*Qtz8dIuNWts;Dkr;cI&x?D8f+rB106$M>Y#s#R8XOZ)2Te8 z>CnyCjV9v*h(8a4;BS}gB+Q9VP4T(fje5fCc@0DXYu~YHI)bSsonTzjoPaEyOazi& z&gbd7dY~2$>uJkQZ@=EuMFf%#1?lvM0M2eWQ5H)|u_`vIl=z`G1vnt-)3s-vlWDp9 z)11x|--(R!G6vvabsae{(H5hB6;6RM&**->(iBNk*QB9*YDb5&k7D>$9uBy8Zv^L` zfBo(3HC@T@X5UX{yYCfHk-YB(JL{jbeHa3E8L5iw?>%31-Qv+rgXWvQ1sC5ZK$>*j zXzBu3>Wp71p#iQGN6XUNF_N_C%J(ArY0NT++bKQFBg>zJnI-R@{e1q7Vjg(*lezP< z(d(N6Ut=VYIcFmbxRc;AopxqCX^iqmO_VrZ=Y@TiGVd_=?T)_I_8A2ES~wxbKSxCU z4HgPmwQT4Uekz`8=W}!*yQfUTIh9dv+lVD5_Lf)7Ge2AMiHp*BgM%5-Yv;UNYEi~L zsbu#r3bCcxEhKTBIVUH-BRsVu{c`N~)?k@TorEeIf!~P?eylw68U(@eN$T!mbHsvq z%*Ff^Q#ffDZ9RUcoieSGr?n{gN2$yea@0cDyFBtqZ9)las2jn>$}#40soE51cX?({ z4W_VTdUfZ2w!wtYn%_XMBpqa}R7Ac_8==6hK3@Q`NYC1p-1WJOh#@pcVvqiDZRb|R zvPj|^YIoghpX#smPeA1;CRtstSeKXR61Z3tCDx16!b@EKkh-Q?UzNQTt>zNcr^fZgF$)~ z7&@uakBLd=D>`Kj5dUBlOMBr@ABwyue5;s7Q?oB>%u*c#X^~b?HRNy*!^?EIgV|;MqRaj(rDsq0eWHy(YCI z(O+~58=sh2e$ND$QD8y?-i5u(uvKXE$HQJkRd6LTk0H)dAWyQltGHqYW3c{i0n(N4 zi?z~wp;TMSDvs7QkTjYxEpM{k6kW(bF>rv@asyBDDVD|R95jH~eS`P8e81jKEPyS3 zY2Hbnl}*d8=kDx`vG7m23DWvZ?2aa}%y9CPRr<@(Mha^?RIbH2nV_Z22e9QxZSO@PgTD;Zr2&Sv9ACag05lEzt(Q+k3j_Ll+eWE7z)8PRvP{SofXtF?!O2cgufh`a zu{6U?3>p~0*uPLpHrZ*KHVUy@32oGG4-apC>x$W~3-~6=?=6cdjfx4- z;@m08bSEC|1t7;X$p&84uWP<1T~9tuUq^DU#p>x-@)6+wbx2*Ade zTY#eQfGa!<2SP^-;f*Kv(BlBXn9?k-l9KjS)nH&|qk8BcKOThQ z1Ag{#Q4TuzyY-hubB^~CSCu+>%-Ms&JA?tA!mA)aJpp`+*3{P7h36m^m10avmIiL! z5sr~{d{UKpkM#qPMyi@`7gySR`u-NJhn5eqh}8mrBP!*Y^k%efOL@tkdvu6xE}O86qMxLZDS6Uqst>e?lsrpI7no-*KmBgsj&DaN$ipvFD=#iM>*1ZRPSZ zNRx%Oo7&rH$_|06mM>Hl{P>S#TU%(AM~GJ`s*_|SFyX=`swfzrlrEM6y-s>U ze8VZZWuDM2D%N{my`E2ScDNc&cq-=<(}b?({4HD4(U#%z;Ln$$;y9}!{C8*0tO;3G z@^y8+iagM4y4s5ZMamT$m$GCPw$+hx(G1H}f}&au;oMf&piC>JG(pzy&gNwdW^f=iKSy<>q+Dew6#2qV z%^64XXPw2zi?+_g_J|_ibO2PV#a(D217oejp!7j)mXQ~xokXohRUggseL{Bc_1S7n) zim>;WBJkuNihp8@1Fz_G7!RG~3)E&!V4Gvbf#~d8OLy4;zKWWL{~2N&cM}33OYf4N zeD$SOvJVE_M+W3wr6tkSU!!((bEWn(>*vmqi%LxE|DCH? zA+_in*Ws=bEz=A>Lx&DQ&BS?erpP=`U1J@E+E(%nxVp6AaWlE$uUrLYLQ_Dn?3PY< z#RN5{o3-8TMhN?`z1rK+ZpKzm1zvdr7pe=+eT~jBvdN8?E8K?nQ;S_9D}8Fjh|m2M zl*U)EL7pB$9jn>muB%VJcLPKEJ)d4r4~dj=JP_HveUSWFvuF024X-b4C;E(UZ}alQ zr~MU~g9QV=-?k}VQcg&9ZZ=-rT%}0=A$Psc88RMC|6^`sJ1`aHGGJP-KlFTRvH9vS z@@9P^JFPBk?ZWHfuCC38Uob0*G}~G0(l7{t_3@y1WRpKRrkOB6>jm;IQ6tG}@4C>8 zX6R3l4gOrMty_F8N4bg5mevV+X0tFhiflqK0gd7zmsCggoz89uLqKdaIt`=M_N;PA zca6P5_00Aun&w%)b9$>c?sY*Gt;!wzr5xol{H1ns4?}@i+h^zel8?o+jGLC4l<)We zoNYb~s$oF!cbZxw1p!LzxNF-23c&D@ezB^S{!ZVu2)quml4r9K(@n;+G)59Vn~^)h zA?QEE!((vY?P%HTu?fXg8qr|xOoh3lq; z=i1p$wKxx6C5YxiwMKD0ZCJcVg!z%>B0q*1r5K+EM2i@D1hI`JP=zdSv_w`~`REFZ zPW>57M5q1!`DW`FwZr-u)KflOh#rS~tSy?v9S)dy`a~>o?qvi_{cGh9(|A3L-`996 z9x(-9`fTFa@f^0A2_CNwlutUe9kmhHp%~I(tw4bn?RB4?d7MP_Nkk*R?^y2Br!Sj6 zeWQO^tB{TC`u;L=-{^i;ILv4SXNrYZ1`=n#fW1j;U!}c*xoqyv<*hA?&52YTT-qHe z(GTDl1XS6OlyE>kWT`}FikB?}Uk`q=l=!kW)p*HL($vGP^dVNZ&WYJj`3==h`{&mz zaa&b#W|I;H?<*~hA4czQe1B66y#Gtu`!D|8zvz2B|C15KYBK_b^fdD1lH#IOK()x z#f7Tcy|cCaOE?5`ar{q)BH#a4462qkrcSh+?DD3rk5bvr#?bcvJtEHkjp%>TQ2GCV zMa2ET5%K&_L|p$t^k2kJu=YRLvdUnnhNc$y-^5XN0XANK0iM5{(*KzMV;cT%2J~0{ z#p7sc?`-D?=K3$%>;IbVe-B(t8u7Q|uMbY#zcp1mNojX24cPD348);iJ zyT6QDWm9v@$7SsfW`sS$F=fJqD*PqC{!IT#veZoSbYNy!^W0#~$r}$K&DtPryef|5oDV2lMg#Cm0_u znC~(CKYPLa9AJK~|8(;6JWezh7aKb}-y=Tue~;$B0pMWg{ttrxWA^@UH|c-o?Vs}~ zZ)jus?+KHzHZ*qv^Ws8be;1oGSb&{}jgyay`(Mk?8O+JS!6v}L{rKlld7LS=zdsBy zLwhMxOLGfnFdqjm8y7qOqrJ4Vp|zzk%+}o6^sma_K=6N%o>_T$x!HJl*!jV%T%6o& zeC&K+PWH!faj-vz;^z_I*8Qipgr&79Czy-xe=KOO|F-G>$w1}+^Y99A|Bdngz*6Sq z;^E}{KUm7UE!b|V;uj)5X10q>Db~O9?Rw0}Vu5HltUyD5q#j%$TGY=^l?hc90T`u~ zQ^inC4thxh=fEIQ#ekub{y;-x<^{sU<3HaBI=S*83!w)$K5Y*h51u{>AFk%O&IbFF zoCZ^qJo!*iQAor60zHho3CVX}&$vUs`_a7hI{D$B6LPxm)xh+f;Rq%8Lk_mE5U*Q- z{Zl`L0qad6M79V;|{w~s(vm)qLtp8)7TQehf@2vemY!!mw*096Yst^5^e#oj|Lv4 z2TBsY5OhH_y((#Z4&H|uc$1BeT20^{Jg)T>R{<@obIlvMZwQG`axXTUE7s1@&7z~8 zy(G8)kbPaQ9Q_u!zEFutWP zsUu68`;zeEwQOfpIsRBi_wA1_wM3Rrx~2^3sVBc~;IWLNg_@8+j6Bd5HgFc*-aFXA zXj>I;aJyq8E_VICMA?|o+5~Qfn!=-N;r$S7LpFiJZ=GJb?C7%@KSx1H!oQy!aN(V3 z8??AZ4t=*LITu4b548tdjj2P@g4?NbnfUL87aVAxw6pWB_i`9Mcza*7G<)xAkWQ~t z02t(^TE&Z1x3pdQ3xm&fo|8Z*!$KvTb0iJ87jXc`?;8$T?eQ6tA{ESm7e|=Gm@61J zGh)+ESTtUYXi8>%Nb#job5hU3S(kg7xXh0my?6$i0tek=^kn1ZXL*?}-xbiREx+*{ zUdux9FuHMx$v;}$=H#Z}pq_2q-5_2e=qgxg{?J`(%MtbC`VG*=K`$Jbqv2bAN7CiQ zdywlY{`&KqPo~!#1|IcKUI@lXtA$K-dp3AE)}KEKs?jh*JwAJ(Oa9 zr~|zc%8*Ou$kQJ`_Ipl)dS0EIetlSYTkxg-vWRVw)}`SgDJrf!lp>cU@WvQ=r@zeq#(fT({#x z5i+mw_1ZnxBLau>OM*Y#Vpw#)!3n%%iSD5n)y<;HUvewA#%Te}uX#rYJI#=;^nD#M z#UI7tginX8%pq@uP@!Oj?jr_^7rp_2_LqB-sJ|eF#A(GL5Ad&nyC>@$kMFhv5xECD zQ3c$TVKduNHUI-RL3b5$3+Ws)E;fBfGA0WW4@C%sy^52J z?ten<-zwbl@gxiV{OEngehy{V)qakp5rs`!y{`5U=KGyaReaxIV6_YXehACd_=|7t zb?GlJrZTV~qb_oOg3h{*QZQJJielPF+{gRigtn8DVoaF56wX*gxk5L9I zt5Mq`KZ;e4`d{8V*px=k5>~V+zi60tue>9G#G86FPaqaSS&u5vT>n!)AWF|!W$Md3t zOQw?`N};~AljKODA}Sds8H)6o>GT1J+Z}nH#DStUBRYIKkI3R{fJ0@1Ml_Wd9ouLP z9PE;^`5m%kQsT2ZtX%-*eBIZbpzhKued?^)s0;BPExk*I7#1zc4e;YZm=yrEe(WF2 zr3aH9<+7pX5BUeF>fWg@GKUm{Ak>TfUd8RI0ga8F+S@I^ zvEE#g>eOmMc^iI~Em^LiNiTvOW4@2~c|790|5{ZBl6;o{-*{L3>WLZp0bvFLR;6gn zEY&AcI6c$@Hg8akNBsR1W+2U2Uwd_=%l|g!P&4=f=5161X@y}Yq9RA~X3zbT4z6JJ za2?OAiom9Ok5dgY3EM-DL64nZL8MwuE}>_K3DYrk zAgK?(UwjZ_CNR*>_`z~Xq{)>brw_}L% z!|k3^`h}@7NBfuB_or>}V-I|C<>TvV)T0zKSW=p%c^RLiB%>qh0z`7woakFr0O0dJ z_*D7ybnytq913^3vQ#ThD|gvv@RS=@1-vjp zsO^m!H@Da|uZpm=pM5}C2WWT;vwF>!+uz=kk(H=4|W$`>Sj|pO4AG)3B**1La zBQ$I48l{Nnqp@O2b9w#D+F$q1!@S~D z3IuFF{+1WnnRozis9(2^ik`uUqvmRvq8ru^q6yVbyZp+5v#Xu6$` zjt&yhJvS_{dee^n5f4m7<8>cURXiA{>sue|5Uj#*^)UN5Y{KvfLA!%8{qakp!K8up zUuw`taUbR+Z{14Y{@=IPY7aWlrU3hk353(+GoNr^=G*Z-apRjoKj8bhKw}EALY0NY zY5IZd&5ugsS@_!~ZoiZ_7fYk}dCs9w+1kvX^WHq;yXrkoxZ---4S>B41^cLeB*5{V z@;WsElx&v*aG*YXJ(#@vf(*NU7gpF)X&F=XMTbAlCTJh=R~HjWu49DXeF|K~7?|{U z{wQd{S!2`d0C%olk8*$ZD3WF+j(YI;{(IC?4Xm$!)}H@r+5bMpe>JQsFBe8E3kAwO z7e=65;#JfRe$!nwxqmO)z5=RdHI`4mtv9---t#%benO8Hrf~dxmjB*^*`V-e0Xzd@ zw4MdN_C2|}2S{pTyAQO|gt`G3P^u|qB_7{&D_eov&cn~o&-v}dT4$Lov4Ue2@Qn~n zezqsS8gWj(ZR=t63LB}?xiz|=%I_>>249dNYcjFY;<4)liz-LJ-MjwFNiX}jJonNM z4Sd3w8}d1o<4pI{zrRtvO4fS^tG?p{twLd?>?EU~rn%O|P1bYO^?t7kr(IWmPLW9d zya&6MCFtWFu!x2+5&SPQl;H-uuS1-#cnPXOs6nhfJ9tdJG_LQNffQgq?YzJn#Ra}e zfq~h6*6)uTAb8m1=r`A7yw=dQk7GAn6jMv_#O&-eEAy`VHs4z5{SvTw$WY~}h#xhe#UPr|}8zB?Y3+-sPOaO}=!J`EQ4uRgy@ zKxIb%)MguV-SD$-y_xvC5X~gwG3i>ktkFeCISnqb(4) zRqnSV@Jx85yHBH0^SU^F`Yy`jK!5fAVcAeiDg^iWx(Z7YSNS}+jeU3c1b7wm--hh> zd-x}OeNXHTjiq+Tr$>-I4LG}B%$dwE5+g!3yRW_615F?QxR}3?o@{BC)<<%PUcvrdi3m(T z2bvJQwf${Q4Ylcrk1f4EpT>pon+B(NeVtJU%y-@^um;vv=jtvW`H(w(p~V>q8jy6v zops(BfkZZz>)9IqwYC39r*WP1wJhptm^+`5y36aVn2}n6zTLomFnr3dj_PeY|8tKI z%h6ifJH`{xtA~oo8qd9^>Vih+eTMh|UIL7Lkd6Ll*_|r}{C4HKe&yU)aK`n63cl81 z?ni}gPvG^PhI94X)po?4pEE8+{ubiyW6=0>*jS6kb2`7`&On=IzA|KUfzaHaq553` zc8++L-&~vB>`Ssx-!a?HU&mZXw-|65-Coh3Myx@UK4n#T*7KkVoR0(2KP!K}l)8ER zHfnzd=97H88Cw2V-WxvDn*KKO9{$cF`5ria`S11%a5j$lzen^do*^zVu1pz_ceWlh zigI6<-boVN#Ukgl>Ph-ryJte*_Htjxgra&rYnurJe9Ws;P^|7bn_+T-9%vx1Dw`ZU zRGeY0qo0M4fC6jk;Sv&#j=EJ2gAR`C{J!>@cK1u&AiPtb#Xal+kFBSN=8Q`w=`)F{ zn;6HM+D&xFZHAn7^)B)u0V$BdD3KLmfxuD=*`+fKmO$ssmgpOPV0IMo!(&uPwXlC3 zTldt}?_uU1B!8&2Xx|@tmEy%Q24evDY`09Gi<%~zDhHJAfX8;w{LGWNNQIRc-~h^M z@B`YSKZMNtl_nTmFZ0J|($?F3XTk>`>Wc@N+6y-H4T>0b3&!VOvz22#(q|juR_3bx zk*m{v9)}oEvmAh7GOa`$$`^Xs{%tbEp8xT@vVB;G^K9oDLP)A@n0#j9%T{x4yJNho zn$8#(3fjZEIETZHJWo+1{Bhd1KQq8RcfJN+`L`_dctAXbt6d^Vb1k2DhY(JE*++< z961>mej`ufIy%=VUEDT&Eq&Jc3L!aP%yzCXO}C{$}Sq$Fq^+D#5dPD zo3B$F1s@NNTY#IK(arol!zX2pa$%aD*AMNZZjYJV`+pv;Ur_YhyWWK6I}Q&PM%Nf0 zL=t+kxJ9ZS{l~}O6#vC%6teXS@%I?8cfn1BOFk0jx4P5-iq(e0c($`k(^79+^u<;$pRA9mKeJ{mMd*4TSX~+(trbA)+{MNB|ro&ITI?Mx5T|M|) zt>;d(57J6}d)WY!x=^vT07Ro8Zuld>e)3^A9;Fi0mD@b{Ok7mfjnaw6{S)fSz8bL# zu~{qJbM@Gf1K{3?gSG85fBi7-=+g#pCgdSg19mSIUf2G6-EA!;K~C6^oR9_v2s!RS zi^(@zIK|Agm|SlNUicWMW(#GBo`t}@CQeq@7HnU9;y)Q6i2-TCCg;KQAhcg0y#2nv zx|;pFIMFX(=;}_dzl?Ielu)*UK<5J=j4%*F`PiQTO)&eA75`y8Mmq`7m z3NlBbd;Txt4<3E2euO57p%n4ZVROio>h5D5(!z*HG(K_DYb-n)_GyqC&YbWELptnnp`wV z$>KJ`4S?oZ)tCbj=PJl-m-`K-R26wjG}H+x2jiEBJsZJty;i`e8VBV1I+FP{#`!gR z?o904bk`@UE2)AP&e|R!xDT*j`IH*chpIcRi}>_<4&w-9f9GxX_C9Z*KmVymhhdRN z+#=d|4|*0_c=tv0Q&|w&de5=3|1uAMd~>!#(FoX>OBa3+Sy%CT8l&|ojTudy#u=zs zt9&qRu3g0cXNkp`392n#25on+EUtJx&cnJ}y!xgbE6d}3efxJwRtkl^l^#nzd-LoY zT-$t5eUS*Omw#Oifwm4?Ej!mZ(tLzi#C6PtT?q8Fo+1gFFmQoHx0GwkX}F#C-IZ)4-^~w?&n@5nfu4g<8x^ZNE$`Quwyy~v?ti*-4}YjJ zi+vMGBwu?VU3?Mw9=E(*Q`1jd6Ns=_*k&j$E+alU@LbK$Y+fKb|HRt#p*%|7=GNvShSo-!*|IzdU@_LEwW$+nS)?kwb82_dO*+(@ZKn%_YAa)imTIYGwT_0 zoHnIxZXCx4?JlOR5gR{i(le*4cVk_aJu$X5V9`uMg8HC#D@G!WO&YB*G9y1F74eA# z$lc8@1nR>~xz0JyU6)dp46ByyjhnS~Q>*_~$1yFtcQZ{trQ3JdcVD(%CSNvOR#f*9 zTgCnBxO}`ox=_5tdpdej@BzN#zH`3MKM_5-yc0YzAorr}!FmkvZN#?6GRNk`e#K_Q zS`wb`TV>(m;NlSCVB=s}M#+cEN7~}>usVb%@lPs+A?PibyJhI-*T8B;Gi+%LFZQJD z;vdqxOu9|}p7anp{I&1BsBuQ`ap`>N;kUzo^tSPsEzp1I+~RWF0n-uIF5N!7fTw?) z-@bcJcz(29#6z$-(YpF!F`k*h)3Wt(TjFjzbBWyo1o>6=={U=G6kCt{6!19Ism?Mvzl>%&5m!1A)hA}WxcNNX?!^Wvd*2ik>T zRY{I?EG`+^8%5Qv+F#nO3U49RVXeBaA+IQ{bv1t4bXdUnu--Ax=GZ9L9&ExMY?{2= z_~=kwGYW70c7Jf%i0jnV8|@%H&^OCk9PapN1<&?)0`BO$Q(a?sXm)UG-d(ZYU2z=f z&&zEgImd}?9WLXAbs`w@JX5#f`TT>sn{xg4ILXZux83=>^850L|M~(;GTLK}=cHwa zIPx3UFXbH-?hS9j$^9^+Id3zC?Q$usWeaDC^z&t^77^$G>6FpEfw!~A8EyZ9oU&`O zG8i8viUYy&ml>a>0tX2vC2CIcw!kT&Bb@pWJd=T!N4|SX(Brf6@tF9{8Zy-I8}73t zSM&3sPnqvHa#{%5$$el|dMd?G@J=z?6@i6WpyTUejzfOBN+_tKlcTn7&9Z+wS|BL( zNCCu=!(nZ?r`*Dq{hNQ^?d?>mbY5v$Alr%m%I)EFX8vGdx|BKRZFixiw9BGNiHNu9 zc_FiOCR6b7syt2Eo-gHh#bSAC>7Mdnwo6t+j^Wf;)@t>;y<>rzFpCgPb$qIiG{YAy zH;T#>mCZ=+Ic5L8#@vHzcZb^2m+9v#VrWR0_AO|wQq46!KaV}@ z8^ydGH+1)Rr*U%&mEoDv@2+1@X?=v9upGwN%Osx**GAlo!8AKiD}OYX5eG+B@NO{m z0t}771fwcR0_L6YH2b7pko-d`>#z+%o_BuOg^IG`VvBZ6zzV|0^8O?CFU??9WesS|2PD8pnAMcPBQhWpjCf%T6Hw9R+>?YTqqRqT@1VVsE~wr| zbPw#&mB@_{lH+C2CAY}lWjQ0r>IdYus9<*ZH~!S_5|~i9?~ytmkb1=tl824HA3(SS z6H+OmE9(s?#wMVQN*|cIWch+07GakwqRWtHg*lGG)oc5TWw9`$;zULb4DKcEq2JQo zTHoS1m%miCDum;tMKSDP-SXXf-9kARx60`;)u1g$vP7~(ute2{pTD4e$T)*qMK@?2 z&<(M8qG}^_2hg1>wdox&TJ8&9X7`YtOJCZxsjtw-2RHYKZ;@^looic_edT?1eWf>8 zx)_L2Q6jG+!Up>H-uGbk&~D2-6+Ys-2e*$HJQaTg!2aBUG(d$^jfd1xfegxvB#9u2 z8Xm;hlf6~H<+yddMYv7&{Pm$GNRfjz9bp(@7_}XKJm@%hJ#alpqO#8tjx(4$Aip<# zK>3>ND07_V+qXOc7?`eohe&}rOh-D%!wU&Xo?x-6ma(?#w!QQk$q zsc20tFqxJLj(M>lR9x@Q1`xRHKaf5hGxyqu&IehEthk^%mUu44`I$ns}zO=dVIfglY zYfz);8m)bzK?=8gt*mYlx^?AGdi$hid4UC3F0~l7!bMyz&87_cW3Ek4~VYL7IZ5url^7ss}^ zEQ;eXzr*)Kf0vvMLt@h7`{^<`n}WYZOR7nW?KY9Wls{ELc?Lg$YAofCi$A#(4M%0DT3)LJ7f2b`}dA5t}mwg)J8 zG;K-_@sut}8{{prP~}0wI4WXvhqTI2^lA}fKl7mz6*O#$sPRQ0$}^y6jqt_9W%co; zm?%RQ3U@gJrRHey6-})eo74#29PVc!A}AhZ>3=73;w$SfDB8}haRyM&Q8opvsR$M4 zXmkm>Ec(8?QW;JC-||J8n2qdN6;Nc8B*` z<*W21_x0;bN|*)60Hgu3e3Kf+vy1^o(++YE$M3LSabC658D4o_D?U1W6~Dy4)Vr9s z^IT5_dl?}|c@A~O>QKqIQyGF)$Q0^ecNI(T5p@UL!%9AeW3@JwRI@sZmeoKA1m1 zr<7FIirJzjUtUc~8zGmdCLNBWC)c2+C98Ty_n7jNO3^xx^Cv!CObWGJ``k|_gr;N* zxlotfIX&xq&*W4&hT^8gax*&n1;fSd$GyC_CftF`D^S4l_6dkq8c;<)EKIH+1(#@ z1-u#q4JlfR6xA`SLs9c+c1^s}Xf5~@xG@QHbbS$=IY~D*zeMJI<=N6x4!80*0l!q{ z!tqo1H$uOhE)lIcjWO{vu1Azdl607%`O71`Wplrx*HuEWLL1DKEHwN9pU4y zgRZ@ZO2mshlmX#wpo9G;kKZ%~siT!t7ye)f#$3Ar1NH-aBu=8PdO zB_fs-EDHR7h^!uyaRaLcEjlrdML`;;7A^J>0z$}OANsDfF`c&pL-27MrEziHFHc!* zmQMO)*!7TXv9>zh6^70rpPc6q(>`gv1}D9jpS)CASY5kk2-^raA>)0HeI$K~qWwe( z!Tx@ExRjycyBm^hYSDwA2}Ga|UN!@_sHQ=Q`dDqPs$nin^+9M8j12*5QO*@)q9D#76K_wH*`luC+3G9xD%|T)l<@&T0-3yAN@HP{}i8jN{3WxjqFb*er z%ZEGZ3!0-Ss6AHa*7kmxn1Wd&L{?}5rXkw@T*}goz?J|b=6CdCG*Yx;G@eu(+x*JZ z%4oX%h4lp66UPw&LUeyLMRef;M+vMtckXvCS02o@?5w2Ep5%N>j>Hp+7#2#om-`cCSe+TL-jkX|%B3p#CQz$ zR{Q+r|{6kcSu|>As$Gw95z6f!{+X>~`%G^qE8T(%0 za8`Q5tRsS50n=un=U9W1*8jNUjZcsG7yd@z)qskgDn>);@Ko5J{zBDxR)cD>3K}mC zKMoJT=`WG1(*5Vq32tjh{|$W(96KS^4Bab{kxV%uEH7F?6-&Kp)TSZhf;xVR`F zQ;)i(Jhi-;u6JQ;p?6_+VKmuFj(w4hD)a2Gn!=;PqvEE*rlOF7kRnK-yo6KTQQcA< zM_o(3nO8K6R#*b1tYg9DcT2mppSYj;X62Rob^*+(&jYHE!geXi48;SjkQAVZWH#>9 z**i3+`1nNY!S)SFNV&Usd-hs&=~{gCitGW?+nIZ6im#P7`KDJafEBX1t1_O+O+15y z^Z)@u6@?!@J9vt=?LEXJ1cDYs0xKO{SOyo;2Wd=xHh^nf#Tr{VxOjx#DzOkF9YWV< zT84A4B5;)FE*P-J9wWbZmKQ5HO6B^y4YP(=D_8z-t`(a0UMplf#Fq9O0GAe=t9mv` z``lZlnCxB23r+QDkigt$3E5B@E$uSwfdK(MU(Y< zjbB)7HowQ|-_2^DxEzr8^XTZM53sxQ3*ru@FRvF$JXDy~?j<~-Pzu0nanX7kfbJdf8twp-Pxi zSPDX)O5v)@qwLUC(zIyoPsr3O4Q?d9Ap8kFrAZYa>y2hr&7)4<%$)FGanZkOwFCFQ z#Qz?7oR(p%;-6UGqr+Nfs07Eun%0Dt9DHe!8muf#;!G3CgW{0QQEKDBsg;GrwlP&O zIOuvoRoQX)bMkkctpoEG#JQSQ=EolQ%7d?&$uP0IUCh+jBpunmI#~e%ID!-pU-2v* zMk-)1NW!_<1(|_3Ax<4bLl1nD#5q|?(#zfYn3R6pV1r}$l-3&Ua)Kxw?;jUtWCx&u zY0fmRQ-G#zO4BtytzH)b+z+g<+{Q@8JcoEL>YvK+RZ13BmGsmTEh^Phult2;EXMFc zuzo0Kz+SIn9j?C%+!8%q4<4RDLE{t)H;?&gm4CzzyTIjO_dYZIw%2KChdT6|nnc>G zhmj~XO-e!N>z9+PnwqQ$IR;ue*A(4TeH*c3x}K#P-f#Zlzn3!ce(^D#MCt3CP^;HY zb#VR#6A(eHYHABi!vrn;c_(T&MU;oBGrp<+rgJftq7E@%UFj>21ymDT&X22%sTw-& z4D(je6S=Ca;p#u4F37e%VuiAZIvywMEwPT@J=g1x_1PT#lg0!M%P5O}BjYIgk>O9C zw$Ubk(j)wniLDRz*afKKoCUJWN|i6Dhl3O&_`0*7|Jpk7eoe}muVHD*(|A<8w(HDs zo?dzW>)7-7J*_=q9OlJyx$@7^xqi1s5R=O>=+Y08irD*z_o7-p567ki;XB3p{V(f* zRGMeJd9@B$GQcsB#apY_%8(ZapunGW-Y6=rrMEF;?Wmq*C|IY!fPc`KnLXHXvi@+n zSFiKx-%B??mK)A&%>lsi;)>>!EY6#;sZ5%bV#m>_w<2u=it+<@sJUgi71j3SbdGky-|?dyaGCZzaOiiWEv1+umP z;tz6eWggAWuY|3pFA2F;$i>wpwvGPi$fMEn$rR{&+9hTNnTX)}C|JAgf40Eq&@%TSVe%a5cQyb`z)^@2(UzLRpehGvRd ziF&M!j59u%yk>ut+SDpjMG#>Md(gMbE++0|)Nc!4z+m#j1kD6XY+<}UnJwHp92Cyr z9UF$gqMsP*hr;3~MzbyzEw@+*0h;yq@^;hB)nmEbn3U&O_le?q#ID@#$<%8}Nn5Je zFYc{bAeTZaS@2_G%7TKi?v0HbWXOLfi$|^NwP8k-Lruo;qa$Ya)a?}by=V{%bF_y+ z`y;bCj-t3EZy^=BVs;!Ak$WRh@9tl%IR zX&;~+vJ%A`+8T{ITgxA|wW#w@KP5u?iLQpqgbMNBe|^x>(9l28Yc0J0uF`yt^)aC) z=L}V5dm5wFJ zzdn6{@D?e(p7;3e4O@ZQL%Bqslxg?R}&_&Wn zy3ehsOA!@c&buWRC)qP)%#nd=`F`b!oQcHps~izoVLa_U;)>0i5;K~`-DAf#vg5Zf z)rasHv{;{|r(T{2Xx|cLg?j8T1`fk{!wjAfb&d*n28nbwiy(?zi0esN!J^3z8xP~0 zE{pu{7DAJjkTFw8fCSReFo#~+TP3fxBWvgNb)vh1ws}AJ%la{FW7%jj)}5nFWb#tn znrt-Ja2c`PPy&Mv^4Lw*Uc*kO0SbAIKUeCZ2lgZwpJpYCmrd=>&2-9rTB^-)y|AkU z<%ncqc$~@X!9%<|$p%KEx&Pp{!&%!{D>znRYoFDaGSGlkEh()(rr$S{n2ymx1H)JC z-xmyqlGN7W6jmGOpJXQl*YlIv@zkGM$6*s)It<*j6foA0`n_jQ)9VWsxKk3cn}JU2DK)*;Al8Iikl zlSw%)ST8!RR666~9hFlsrMMK;s8P^qR8a6yW@0i(%ICY(*`-35723s{>m+++jFE<= zS|1C_Uc9=Om3`ANTpXiAdJ5TZ_gvc~ zq=0_VgtTN(L*GE-f3nkhMfF`I%##OgW%#y*2i8hDG{}EBzkJk{(Y2q-9f$iDzSkT%cQebFRe5>w6c-- z6MM$QRUlPxkQ=#Ur1n5g^N9HlfufDCqxI-ux$25B+cqa7bG<(LVQD-d`y=pB#l(Mh ze6*GIpNmmi^_B}m=b@f9$@m~g;2|cIo;P1w!O5X#-@8M?mX2A@ z7P|CRa>Q*aTlRe#TXsLY?Dv(WOl1*eL$%J;j=$Y}%Jl?(;0TMC$y{A{Vu7gp`%-UP z*Jio^aAwCi8ktZn@tiPGhkYf(dV8&Ed)w^UbagT-LpR@0b2_W~Q&5~;KGW;3IUkJ0 zk%MjKX5Ov7{bZ$GrRdZ424m)C6_{1z{c`btah4HM~v2X;`h7}VHG!QoZA8C$@Rm);^c47`5Oa#0`f&By@TA&~=t z=7$@j?8R(-5tR2oT`D;B`_*{4zi;zDxe)w(98L5U?8eafY8pu8$BnEb_ZVK5Uvp0i zt23}MXE)cwhvle6jG47eE?1HY=uS@8`;rS;22;cO^azc}WXVImd|ukKlOeZw>)77e zj0;!}_6H$J9+w8_L;O>J`s4mfr03%XbA%P+lOQh${*5}?vFg~)`LupUf?JJS^VxHU zSBx_=lk)nbj+i@Xw+`>AZ~XwijwZdsNPrcG79%H&?uK)s*SwmgWFqM51&j658ok^; z3{yJ@VI7}0(EPpUCoK#@#EgHiHEWbWY?DO*++H4)SwF6}2){K(K1tT0rHJVXBubyQ zTG62uLKD@R{0;lX-qyTB5WFfYZntz}Zpd`we0(%lPQam4Dx<3V9~fP_zC@NDPwn2r zTL~YLjsPL29`O|zV*Y-#hB)fo&9I(l%0PwPU;Fw73v!L0+Vs$OMz~dfT;}2%i;?ql zmvjWcvF-MaJI`HcL$Y6(f_QciOfYM#Sgf^3(a%JD2&dh7<({0eT1vGVMPlJbiXml& zv)FE^34>80k~$@aVWr44ZeWv|lu0qq#91yb`Kw-uUW1g(m6KW_dOVdWwDIlb4zR2c@xqR^@AUC!u$& zL_Xh$RRal^fu=Wn{?mQS5~TESJuE)$n^A(1+vR3pI+Xz1?bvExnJ#L;UgCp5o2+wj zF?o!I^5xBW(f(||?_Xi%xKqns!0fpmFU~NPGg2EOa~eSq=x;yM&^7WEgK#8Z$aduT zr*V0moHmOc`WALgxYVh$-aer9aqn_q-I6}f#9?qQaxU_6O$#;DHM|nWp_RSv8RAv| z{Md(1ZUdWFDSD)XHc{qplF~>9m>DFVG_jP@6eYvRxc9apg-^VEZsPcgB}UBbyIvZ1 zQMHxU$5W~J39s8w>dfT>C8$?6YYfW8SdV-;b$mb638PiIwO9}C8SI(rnad-lBg8O< z=Z0H2*5h8*SJ(dsAi;1HI1OZZz}Uj+!a~}!a&Fe9{t7fubfwchqdt_4D$1UtaS`?r z`ysINSW)X1@4Df}9JLOHV2w`_p_^VvI}MTd=UhQm?bMq+O<1aV-gDQu9?xE?y$5S6 zrc+o%Yu2_AZ#lz_QpgDModmQZjd;jIKDx6VApb#3xUSlH-(QfRP@E=7k&J%rxVL?H zb}PH_egox^D)WKQJ4hhI+a|H>yh;n@crzJ7=;SorZ@a;JhkKEy^CL9#&Nq3V*^FW> zB!@EPW7PTt+C!AiX2K7G!-(<|kvX4uI>b^I?E42}Fef`ySD2Ox19~vbpafeqVL|_^ z3BFh}#34`J_HmMDA6!0b(t$I>!1#k}I_$6~MAojs;1)??t#kG(gO~?9BG(REI?{gQ z=}mZiKTv`AN9+SM4iLF|9g{i5gETu-vzTP9F}rN@&5in(7&re&Uv_D+EN;-7NKcD2hL#Oqla`=~ zTr3LIF+tQ#cS8*8v1I9YIzjpD4n6XLy(V}P=S}T@i(hXAkRRYM=zl0i&<^?#z=$1I+x%JtFO*5vU;P*X(gG9<=&?aaXCf3XxyPVU z<9(+6ewyX%EcW#~xv?}-mKeWTvE$+iD+$Yi3AdR`>_igb8Br!<;&Ip=?qA(?GkxiO z+Wc%bzMR>xalfpbU!twr$u77MvW=OV=S}*fao@T=MVPz??%X+<;`mYJ!g%OgW_EYQ z=T71==LD(^Db}c~Yh&D-8zV~|3+C(>h=?3Z$3~=15XB^Tt{l>V~%8okFPt+}4RRz@~_F z&E;#yv~bRX+g5Wl*&|!8w3;J*cEd>l;G-HbI$~}Z_AyISD<@5!gIbU2(WjcoP}UEr z2|VvSf1$+ZWt5jPdCY9*rVS(lPMZsh<;I`#+GQg6T*x?7@~sEdG5B0|JMKdf#`&pE zViHpGY6Q;GE`Xem#fb!61A>jS6$JTbO+89AmxC+s%`i+M_Vzx0Hd~SPCx~pNxi*vI z#C!yj>t?U}o!;>h#$2C@;g^tVi!OEU&%#oM<|BnNkmK0JJ5JNCg*lS#th31XL~CqB z3qj(cUygNdha)U1Eexsa4(wFhIEE-kj|c~J4{kcN?jOUL*UDEegOUUNK#_pg z!A?+$qU~0|dK@#OJ*HR~9MMbQMQX`>*SbPb6$~-I6A9-m{ zLL`(I5F7)E2D)_buIj|%$tgHu)zs>(Y9*g_LagymCSb}%qrv&4tPPlTxG|nw4V*Hv za&r8EX%xJ~+yy7qdxqC;Sl5&d0)8!ykc2 zd?gAUYI2unnQMG?q=9GwYkbqB23g|A6|N8{P_U6jQZrTYO2$Owy3)^xr#MS24L%Pt z)P@p8v8FdI=VekWIT`XFg4=&7^cBJP^frA`9QxKy_tJQkHj0&p1;f zFtKRBHIsTx9x$MYtIhezpT8KsZ!7F|Fse^bqOe+Le3p#t^}xG3>Q{@rqM7ffs;YWB zb!1+fghQVL@(n?xpztRa&Kw=n$?D1E^?+X4t9K<XIqJ$Qn zkk}6mdWPnvCcU`+lVW|`oH@z++k6d5IbJxQ?JXGk1S3-KNuuHOZaP93peogC3U5dH z!l$ZC>fTGCLZ-$gng90zx(NZJ|d-s%*Hv1OlE|GAGR5cl& z+h&0`W@}^X&U4zbTPdRlu;v?i+0+~cQ&(@E$0*Os&A@k(L`5}X7YPf8=97_53k7u= zkSi3q8ck+fW@Ju|KLxK{&A5z@@rO^7;=HXX`sxX{oJ?@TfdfX>rUeSBwA9xnSU*l= zjB05f`=T9?0>@HqH-k&4@CYp=XN3CL;yP6b9X4aIq>?&xr61X1QBhFQhy(3^ccS;v zv6L?O?@8O%+cZaNGT36z!ML_nm!Fm-GGUFtHAVzFCZ^@1;%F#wkL~J)Lfu2`aRWnEjd$6BPHJ^=5)kOjG7XlxBD2L9Z`9rb2 zevpg`Uc^eT)DM0Ea5ye}`2IMGmW-;TO*j6PUWLD&(V_ysX29GKv!%R#Ded=4VcS2# z3#_Hs%1(6VIk#oc?#*3x-i!9yS={dN9OCwRL3cxQ1_&nd2=gps9Xas~;XP+slxtGd zZc54a06X0(*^oRyt$TNGhjGGRf~#0}$I`>KO}fudYyL}AAOxi z>Ze)krdC^zi`yX13yU6>y7rl9>0~LFd7N#`g2QeB6IQD#WxWhKe!mN1 zOvzjL34`V%Dk3q$*W`u{LphsSGmDk87FyX)a>cnL&^rP-rZ#;#E;AD5o2&d7tJSUQ zera?24BWituM^=I_`KYVBh||{WITj5gft{Bm5;GJ`oK92RTv$ldO+Em z=Yo!_x{BiJOFMj<1y?pZAiv?zPGIJ?py`9ybFU4FOz^_a|L|Ls)zict3DIBP>V{dt zd&kl*ggrT7h&bsW!j(Hdk`SqQFd#W1$p+s3$AZFTa$yyFWl+GqfDTbRMPBs8GT$f0 zFTf_Mf%y?t|3|h?OVCjz-ZFdO9A47={PBX~o~k)G1VqB-n_(5(?q8CuSn6YpxWB1W zgH)xizIJxd9g@sS(5bh<_(C@A^|S(;C(fk=`zGJ8_;TOm0GW0g5R+(DRK$fx+}-A;IZDk-|y24 zDC43jGZJYSIoRj7cv?&SD78qjMkoRiE-(%v*!~@?ve6tWGm0i=-`1z5{WD=Ht>I=o znBkyIRUN--6wsDJJvVQTFaZ>f-h$Z~i!Z8v_(|24MbO~7x57`hPo=}9JJ&d4Y8hCb z|MhYvf>6h1kbTzv6^sH)f+5V5h0;>j>4ad*+!;OOD1XQN$eWu+&ox}i)84g%``g}n zE?5zKK0}YZ&Grt&&cb2}4@UH8NWoa81#*)KAq?`vla1HXMZ87y9ERKx<_i&E;=8o&G_xj?%>c!$2SF)$Z8Rht!#$HY|IO1zx;c}DphxwqbLdKDrfVrJOXx3>ydPm2QCt}BB^Mp85(*8ydByJ z3@krhG2G!r(c%FD)-i@{u--gQapkM1^QT{*+V4;C0CRR*3-tHHjucy9ijv;Ury=$Y zsp)YMjoow2-mB@hWN) z%~{}~z&n@Eh+k?->LhlJwOD|RZOVS+wM1K-(~6{zz3uWJFfdM1(oinhSWBNlpul-> zbyiVOhjgi5hE!2w)>XjBrirann}JO`dM+;e%o@&K75 z;pq4y6WpYAKXg;N83h#P#SZD_=x>bgD}-X-3ybmO03qUW2MPR3V$eNy0y1O!!^wf+ zQr8=l-}fOLN}5CZ-3tC(zu;@H(!4N%ZS;vy;z({b)e#of_Ro)Bw|;}o%TF#yIqPlT zudlRQv>Y8X#u<|xk3=3AaoIQ`$(ZyOH+s-$UK_T>A_#dC!}=8G?~KX1)RnFN=l6fU z&z2E-nQ+2ZLe`m?pGOjO&z;^SjRkf3c@8B%x9o+QAQNs9!I@)QdFk6c4czkIstSf_ zi+!NN)ntk`N^7qk{&oi?Po>orBf4R-KQzy&a-|#a;|}1)^nr$Z9u0x-ZI2V< zL)hGR-uI+!2`x&zLi)JUs-keGh?WFwN>klI zm7&=#E4Jv?<3=&UiHD**NU3=`RrP|?yfU&`w<2ewAD2cp`-q<`FQi)p?|> zRKe&BavRuj^JvE-b$E7o&dyJWVg2x*)hPIHVR7L+&n<=fe0}B5_xQ|E%jr&JaqJT< zs;%sG+wE@ID04)}+r+s$IbF_$Lkg`|o_K<;?BHbsB{9BIRjF^c9hsdED!Y;4`U$|! zZ@Pdk4i|jM*#-(TPv4vHDaA}GkYL&AjYd?OZmh5KZpud!M!VYxiN6PG?2P&fKJJi09J+ZF*ZSjU z@@7j$dr2mO(9XKd=1R?VGG!1OtcMBOgq-Pl_!b58*^7Cnq;B z?UtB^eISF>61>mMnGCH`I-YQLKj56=QuSY|c+CDQkY6``Kod7nu_8B@>)Yn9d2A{D zdsXi?K!q54-CAX^{_~uko*PkNbEC|EDX!M{S(^O4a@I#Ryp)23@5KlvpH#h>Yh&p^ z*e|M;sX8Eydij2C4bI@q&C9xKQJ$ipQ+G@vsVzWXo6!!9cS`98cCQUBm@t&kirvPA z0T|gzY(!K5MyEfnsZ(&=E#MXJ`(N(uvS7O{xcjG|F%yuz1^(Y`96b|wV5;55OZ2+e z7hqwSu<`A2CIEizy;;S-5Gl5vq(&7-Rp4xvRk^x%!>B7hv**6%7gF0p`jVbcxw>5{ z6GxX~HL+gJ0!y>PGH4!WL_*-CTMkY; zF|jcr>ET;E+LtB~UF}$TB=0GaI{XPPGZJn9O+d20>LLiub4gDmiO9kEU&P&0lx5AD zFzT#ISK791tJ1dZO53*Wth8-wrEMFPwz1Ore|!I@cYoczM~`!^&KPr!Siu!DW?am; zc^}zAU3BG!=G3S*u&7>^HYj0=NQBXZY7*}E}~hV<|@trT~mM9ris ziwg(HAvkE#fa=L_-D#Ggtcs8Pg|V&)RtWRuc|lU@WYQ+r~XysJc^q z@yqQZ`^j3}kYHQ$q%Cee{co>)YcnCbfUD^-d<}1Gm6%I5&!EbFKCeUPjUjivQ#ew~ zMI1!A$EdP7KKCI(XgzckxfujHv!$wrzm`F#ZvrG^^l_PwssnckWDwkqb|2n4ONwKv zwyZ~rB1V2typO6Sv8@Aza4n4~y|0+sK%Jg(U*adVF^%bn4B@bErViM>Aw87-(DWk& zBqEt3atCjSk}b-9yaom610qFT4h?Z|95>(w^Kxl+ zx8PiN$j7a|!TD|*{|Oa01v1}U@I&+vv8rGT3F~Pz>iF=#TTgW^u4Sch$f+++zb2cU zK&H2)7lVf=;lD`W6eN0Xoe=VWT?R&G=HgbjF+E+jWD@YSD^vC~KTbqyGtiTk5VY5{ zN&&AhAK2$+czDbOZkW8C%HU!w8cJi0l#oee6(gWa1_zy$3+smGWKlLKj(*=Ei>HTD z9Ieo>PswQ*deB=2QB}17{l#}O-v98md6PLBUuGwCT3yHSs=e*kF<4FfMmI9O!yJUb z#I2%q^-qf!B##BZ z2Xy%l8gNthkCN_^rD9@cI16)=Ze`1biGO2J;P2(AJmhXPrOT^|jngU=vodg*x@u74 zDg;+8yn<(=mx1GC>9|lp7mYC*_1$r^3xmM>T9usy^mtvl>Fu0*?{Kvi4X>jzul*WX z#7r7BRhx>;!^ez0?{VP^52xgD=NIqPMv5MGxB~ITX*P62I)lpTA!--%CE7%BSr&0{ z6ROP7|FCRshf5BoMaEsHutPGpE(8JK3N5sZvG3aB*xm20cGQXLr}P-<9q67Gkp>sb zNycY!Dn~fVjK%FITySD`Nx4bMWz~p``7gGW8Jr_cw(EgA6;IlTwR4x8&E$$_bF1g> zJdZBKolIBRkh>D&5Cq`hRaBL?M_uFJ#_@LXVs{oAjttQN8T1APs^Q9;x9(GIx=P({U1v`=O25pxLDjDN z@!n4qD+#$PaOq+P*yWQ8HknXNd|} zI;d*xqmOw%b>&pPW6&Qa|H&_G3qkJIaX8R@De@M}Ngb-&qymnUx8r7}NzxoRT1${u z$B#jo%)4+YY&R72_Eiy_b~Cz6MF{J`e7jc};c{esKDJx{GOh$&tc_NwCG&>ou;2Oo zace6j^wCe|yiJN5fe`3$+uxb?GM4f(wcZeT_g;x5L3sZlQP1HSltrk%K+e+Np-1(* zneg+tet@Kyg`tCFP=VJg12bviK7(mgh_ElU0C)f#OX&>PE#+vSGmF7&VoTr%JANo? zhChi#`Wb(&J8@C6qqjn03+oPT_0`Od?{)W9C{(#~V!~X;yC&-=kkON(MEG*KJrtxgoigS%5ZVPMC|UfHC>|7mJts1?GMKq_j6(Q>S!nnUpmf9TT2gxXR)cOw%(hedmNR zvy&Ps^8`NBR%NpJePF6Zh&=VC^wVyPQih_mI)YY6ApNQ+G-SI0S-A5Lu|N~DNXX*i zJcrpQ%o556?-#mpSx@s_U^A^b7Etfu2iCRWb(`BdjVHJ~TIoI^+OR#+3@)2%WVR_W z8I2g{hs$DEkijBbqrpn_vYqE~aUoH_GE#u!@0`S9nwpT6*LH*h7W+;WeSLGwM`wDE z{Dlx4aZ0vPyR1az8b_%orK>vB6vt4H34VzF<44TMbM46*DU7vDmA!R=+x;<{uQqQZ z>+?u)p2?BYZf~QHIkOU9Qrxv3t4Cw6l22&b3lK07yyV}b7Xv2{rr)OX)Va!V)rM0f z52GCw6MiGBF^}sV#w$9j{Z^|o3}K;<3Y1Kc5jc`zmM&0DtelkLCB;V{8IruMqLhuq z5DkdPaQ~4bf@Jd38^!FI9C=5C=84)f-maiq4y8@11?*2|8JY*>lZNd9J}Fsx6iBHA zK)1=NZ^caf%;Nleo1=k|khbWFW192RcalwAl~@gGQV?A45D=oB4S;Rw>21;8dGiU?S@P zxd3R~*`Zf~ZKI?kjDWgd{^#}sBv5q0w3T#k+c0cuu0i=wKvn)_=C$;r;MXlD-?mYm zB)tcoTG+x>^z#_}he;B9gBXrxq0KP14J(y4xZ)ovv1M}-tKj2WXRD?Jw)I&pD%hrk zz75WIv-4XLlpyoppHaR<`vMmPK>1hE9!YchTjW{>`8J*5t3EgEqDP1zXEe+rb9?mp zavZp>5pf(Z7J=R+X_KOr6eFp{eAm2eSG~4h#d>4K8gy!FmWhj&8tu{^3C*i@YMVxw z-=gsP8pFWFcty~qsp74^8jW*pc^ib9y%`_b zYogw2$%ixvhm6#wIYbE>E1i~x&Ky-Q7Kho0s-{}hQ`u5jQ?`^+=in_!m{ zEezu|73^s!sYCI>*ocnn=`4s`riT@5mRsgqR%mSVpmdg`%(nA&$8cf1vMWhrXTT?<#4rs^L)94@W`xhg;#ap>upzl_!M4P@z&9m-d=NXaMqNY0di*K~B z(JKp@G=7=Cp@2fl!Nq2;HDBFAtlV$7cD)PPJ~UTK-t!<->%5FU$me!?9_|vf$m=rU zecTMz@_#Nde1X#4`XU~95ej2?33x8>a;S^yQMH7(Mph0@8ObH1ris>5!naC0FeZg; zguhHyEaErWONSgC+2;2@uBew`5!|PhRrV5+GDA%Y!a_QYX%vw*Ku2{;pfT{>R*Rlx zb$lwJ3kmGWX@45TmS11HU2z3;jqhFko~D#IWjcTi>Hb>FOv(mYx4ool+phni!l;ak zrnU0R|7CGJe6c7#8X^}yt`AB-$?;OqIru|fw9_%nQQO2uw7{tKF5OZ8zymnp^tp7P z;4Ro=_j$*a`#f13Zwq6I()#*F>m!xhJhN`)c^x|ZaX9iD~ z0Az(whNqFle6VvT&AHS1A_#lGnL7tZ2F((Snw*KUb`iskMb2hgt(qmE@X!{pmXz(m z?q^qF=$PcqLB$hAFh%1F=qT={UNR+ay}lxaC)c(I!)S`>w>s-#=9^%wC~R)`XXe~u zLo>L)m``oqNi~|uHA~Z}ZBhCEnB)LwTVjLz?mG^wwqbdu!+7v%JeyvL z!ryH661Q4Py8ftYwNl*LsoK7u=3Z&@VQu%CJYyt*g%c6WFsEa9CFvn9T%*hq-r(J_qP zhPSXiSnTKb(Dh?_7llvmr2x6@rOm4DTE7SN!-WNPbyKTGD>{K`0f=0_7?7U59JpNZ+c9>oE#xO&1PA4H}f85+Ks>pk`O!+3SDVrR;05M+WXUz+R>(7(1ArwTt8 zCF`-LWPu4wP}QVL>wmHUC{TtfQI;!ueqRYGNbmCI(FjBXd)Z!_`-K}Egaj_SbV}(6 zmFQ~?`Yp+v!4y8KGTE?AMZFav)u7Dkf_715;a5oRY34&If@b#m*P#qpH5 zE!Nw~!G_)KWyRfyat?eOoesyxeaPSzn$ptJM_v6>Hz77{u>Qm~<99*5>F zrsgR`%SiFI*-PFM;A3D=?>`LNp>Adn!SzB1k-Aobg$@_#&kf*Wi5h{WWz>8h?U($lwpf%g+y7oZ?cjO_ZMixEhDNi|<*% z9TJ(O8JO>fWdP1u*a5zY79q_Hn@@q5L$UFv^VdNn8$)CN`drtRR51?A#bpherrA++ zkcyDh#43XAl3l)7a>&@j&XWYEmDiI{CO@wxt6#G=tlO7AvjY>%5znkc^)H}zri+Zqul$oHWH0Ir!o=K#i)uHE@vm-Hc7K~x+H;J+rwq;xpGovfn_5>sz zgd>o!pLQknM`g5dE1W52Wj)!X1lH<7iL^1$RBtid(ED6sbf#rM!@Ti1o~q`E^-(M( zT;`+S8CW5DBm%M4-)urT3Br(o$^_g3EemZ4Bs+YNA6OP|`K?TQ5?QPdVsZvCL_*C! z1#qs)d@`dQ{M4F_116eBCe=iGVIVHA2;ORfU9Mx zk|tqE?K;FYHtWz!$m@s?zx&DmfVU(R&&#mm5uDFhFvebjGR6nu|H+YgM2Hy*aMSWd zJYAfXt7hlYmWH(pY=J3L-r3+u7;$)78>E~@=JKuvt>Rx;mSrtmCw)kihArf5kUU|_ z+0Mb18rfT6Au5sQOIR`xvpD%tW86NeAs0o_LX;Wsi;yX~Jx3Vs56yx}&`F4L-sOp? znUP%uN;Fssf1N}Q53mykRX;v+|OYQT;ZP9hFqZ@gp zS?n_6(5SFYM~9j|)Cxyoq?dYj`$5&vKkl9cu^}I$H-$uc8)yAlUrBbo`hSuL{{#g7 zpU~m|TdZ&vR>uDlDO@*E);5R{F$BmTl6Fe`Jrg7*I9|z|4E;mV0^#QcQL{?4>1g1_ z%H*ud+4otq8JwOG&WenV`d>$LnFOjZEY~qh_$9YzXg4f6(WXL{W zGAyt$m*Q%uS>o4*ZW$l_ZWMeuyRo9RdO;jd{cgFcIBfuKAROrG?~y9n_E3Ij&#O&o z4v;v77CYxvj{63LjGoB2p>JuUftzKD0|(sT-HjLqqPQak2ckNqrHKJcUr$5iJixQc zdySl`!}@6HA`-<=Qm3MUfHGokVlphH48$#zVhO=ICGzl`aOxrzL_XxXQ?BeB#k3Bg z^URU=m0P;}JoLa#$urW?cFtXje2_res0{QmkMKxt$tbqpn+1tM(Z~e&<_R5OZqdv} zDixE5M=6`te%=7AR)>m8pkboBkA3j@O?1cxoKvB;>iIn=i)CHuzj-&z|L>py&i@V# z{98cb|6g|CZ*BlH8>22E6B8j5GvU92_%pE)YX4RKp9TN75$8Vvf`0_~=lUBVz`{zX z&C1F`&&kTc@t=eM;lEUYfBpDZ4HM&EJ-Pm78T?}&|N1Y+|Jjg}lk2Yn#{V4RKhpm) z!oM>A(NC9~N{&-@qJ;P1M@zm$W&m2v#XqWptMVEt#+ zf6)OdkKxt9u$?Gx_uYG6wbag zV#wjMTd1flp1K8)e!&~03s|g9DF@9LnSn@PrZ&iCF&m{f(e9J>UL=65p^V67c-(J4 z(v28;YQx6i^0+S6`4b2q8ExN(bHc{*YX0@L{lP%275CeH!kp+aiU)+90D{tv$@45- zveq_y7(WH`TTv>>ubHMLGh7}>Mh_(a_qA}zff7C5r$J5H4hTY5=9}&)P0f`}Bl?ans?1DfdW7Fr$U@p2BOPoAG)9Gp!;5hU);ga z69@CSK&XeezcL3g0pzQ9`(8?^Ab52=Q1V)NfLLAyu4vhPICw+&(Kcg*m(5w1lO3*J=S|s?JMGask_}t26YbG6(3FYDq9E3fl%L+Mk!DCc zFk#H|(gioe=`Wfl2$setQi8C3dnG0;_J9xqK3q1H#`T9_y| z&Rg!etX9C=_sj{5Dib6i%guY!XK^G7LJL|>=A6j)hi-5xWBR4=OV76tpZFHR&#I;4 zKXLs*_KEZ$)Yk#1xYGP?>Kyr%oCgSF?p1aOcg%X6AeAn!L@{Xmqy=qjAK7icx32l>l!sbA&PLgXG}=1t2Q!a5#9RXf)&<fv-}@GBsUe;{yHPol<;{o2zK4CKDGvJhc#i{x z;q4S6cv2dUafa2?-qFewA(Em0L`wYz;Lm}iirfE4151{#f$1>992qZ7ds&tC^M_6# z`~<1K{hhr>{-K%Ofv*qlkcHs6rrB0wpzFvC28Egk@W}G~Eoshh^8OQVH5_BRxgE4t z`K)xJN|Pb!@KYGt9~a&Mv}yP$+f!RNKRXfhc8?H<(4mV20$9a~@9PLe`#|d0WEf{`w+3Bi z0Y5xLcn~;uJ%8#u{xh>N{5-Aq7Q6wilFM*y)cz4aevEk?)V+Q4$s2v=3RUGTn@k{% zj}3BZ*?%cx%khi&JL9D6h-pmSCJx47{-B(|p&A8kA?P14x!=_wSJ0dACb@!CUdSVM zG^=ZfIz7PM^;P_po2${v0fkBU0s-{>72;oommDaQfmmV<3{3juC9*?~kae*mOxgRk zv`(m}jrMq6FvInH<^$AM3m*q1wAmmUE32nmdlBsZ2g3twv|jXq>5TUXxV^GyIN=K17RKIc{dJh#)^=hJQpnEQRi z4d1A2JB&bq;G7xE_kaYbSQIoW-ex-^q#N05PaO*C^ZpQnGQ3ke!ht1_jP{4u4ts}n z(^=<>N~TrN!ua_hPY_@2CnP)(!aYewXv)WIfbe>l#oH$?dd@2(tRT*z;WkBbU$8(} z@pgQ#;C@{#QWxwrmx%B);+ZPgOl2C!u4lv_r?epcFe|14B0d}!{sJU@ZKv*rFuv37 z+uIoFh13=dtEH*55c-eyYb`vc2v1=zDO3 z=U;ZMq9CSdhJq*TmR_4dW`$E+;RH)MzL0tJP!@zWFr4>i_PT)gZ?9n_iF04P!_`6^ zP*i`N_&lTC_PP7xYtV>ieIYf1d%4d_J;(LB{oBTrM-DMS=zaEvWaM8u$e?g{Cd_{? z@rA91yQ3@mn|eQPhV5EN=nvUr$m_bC^t^)`5fwn)#)mDd61sOp+IUZ1CRkkve^oxz zJ`sFTJzlbSKgfH9`w4G+i9b{TLhataB3_@6SMsS9$g><_V*4vUD8`AX$ zhCj?hrymnvxxg1(F%`;vpyggm!o$AZy1-HO`#^pC(m8j%=aoP(;KV+y?Pi-Q)&43n z{xXz(vkUvW#C{RbP-X#8+64AQ0`sdewm36thQ83hnq0r)R_=N<3UO)|zBcOYvVnq^ zAir@NCIC@|<+`sFJbwuKzf6ulH|&)=_w~avSIN5VmEWlV-m)GaQ3m%({J6(nciiXB{_~rptYQ%dEix}o#orOqkBQCYQZ5t`vqbfPOZ+bx2 zLHKB%C}&c6;f`2Z(L>ihAFKg4qg7(u*?V*^rn}sO_VP`~H=S051hWo&o#{7()9|No z5D_+`M7ye&ZIq4A&~B(+V0%9zu(n@N1O?}Yz=B;ym^a9fC3NatPNW|#C)X-ZPw%ui zZ)f3o`dMK`8s>o){B>)L|D%gRH;+*veK+TTPZ~NNxlhFOV{&?zr*xp1G9?#IGRi&c zO>O6;o)`OEKluD7`trm~_Y2lDZ2Dw@gU>1ydj}-gH5T*pbmGeks(x(|FMwb;^nRZ| zK6>U$-3|A$El0m7HSu$R9Aw3mn>rH-`S zebxe--o)2Kl=Ii=)y`j^E!R#DUYvbS7%Ot9d5{8jB5lFPy+i22MEquA!Z}hO zwi5*RcYH0^({zaw7y>~e>)3OFxsc~>nCA~Xyh|{C$pNqc20!_86SVVvPXxEokgDdBPL7z#by|cck|4 zd_69_vuthM$3|gqy$`Ipl76P_un)eOl7jA=8}S($S^w`A40}EYW8W9QW`yEbkpqiz zX0;ez3~O<+c=q*>aggg5uTo)EhL_4_RO0Xy6x z_zA+`PQpGfhNavfTVmI1zFq5Df%W~7Hr&OXmyp0`g`T*wLD##e$XtksX`xVKE-2g@JP*Go+V zWx3sA7sEcM2oeqqm%hCy$46e;I=W}_`2;|WtGVqPXuEDv^qmwB<{GDOE8N0`&6dn(@8+NM zP@M!qA>s;t)q;R0EX?3B5acUimk%HGl_-~Dtu_dK`^~Sk`>&0l8kYaD7xy$4qfvutbdW|Qm<3Xv4jHTk zQjGFs2vhX>)PMF%r^ik>Gbb?eoIHHTfVXGkjz7tnq6x+IXKWmGZ2=(YJO=ffWLYW9 z(s5oTYj|$yQmcjehLzPE9b(We4kCl+A%tRD^hy4X`mGmH)7)yM#0ww(I(q^1ezn0N zQ1^X$tW&&IYRmpZ16u5qaQc{ALYX^I`K<7IH!5Ru%k>XXUJ2{SkKhvFdRsR&A*|To zM$y)el^>y(ec?Gf!?)JukhfRZ$K~dYeI|QluEaHFCf3qK`NRyYo85b+aH06M6G6@n zhu^aqFo(8&?q;0%;3ggISFp{0>&5GvcGPHAJQhwm2!=^l6ZWlNxGl9d=$j+|dee8z zcArqIs%?Dz!lAd>X#rR6UN*Gaj)eCGaN8$t7d;dT@7GHrR*^Uw=`HMFxXJ##BC-_Z|ZUw!=U zz61V(^Gc9gyo-But-{t2R@<@vMH6W{8|&nE&DU8Fb8%8>z7JGp{BqNKjp5jyG>tir zEP0r@u6-YRqxBQ?xvw(pW^1nfI^#>XT4=BWP&kF`!MY# zhs_w{qL};~BP!lcF!*(A;hhcyUDystADN7wZU=S(5BuBcbRv0tQk97E`8_c6wFzoQ z_)Reu5TRUG{hT!O+DJ}F;t8NnaNB~4JhRZ`LadaZxu=J}b4lt1p z)H$RNwW2YJTtR2BgcWiAyCZ^m%9$ATyKwVH95G?DEamLOb4B|5t zW?u?^vyFChmz3QjCovjPyRDxOdj8iro6@4tQX!oVwO=S#Z_i$QDF)~p`yHMT+!0g; z$H(Xz@<;`ckbb!u0$$iq4c8YNkmZy%qyP0#$wGQ9WH%F2om=2`PDw^7gYXTnTKtD+vPMoE<0 zr|a%@qeJ`MdH@RI%zSw-FrMo@C-7<43mkCqn8R28<~sAayoGnJyKr)4K{oQW;-)Qo zo%eZGbCSC~@mvaI{Y3pt15(NEZ2Xns{AAiZ=swK78ds3x_>t4Y0o8Hm2F3Z5xyj&| zhdY!P>pNyusVlC&=e-5_lBg>XCv#i%QAX2#g&pCEXya?=0|;4h(cM0}Iv>MlS<7pkKW+;@*U_uwSu&x@DlzdRy}gl|k%IZ5#@nzT{&r zij2QQnrdUA8Zga-?P_DC`prCMEB%(+a~B^cKJ@Tha*rqDFPv*{&Zuc>B$*xzMf_^< zEhCbRnfpV{^RG*ow!y-Lwe$F)6NJXez*(7ID}obE0KSU|^WMyfP{3O&q4{J4_1D=i&|uA9DSP588OCwfb+3e7 zODNY6emPUtuyOUWDv-`Fu0H4@&;Z#pD!{1eIrJIeu4klFhf1Yc>^dKlsGWn#$L}fh zP&sEO+G%_=#Eaa>epH$swQOM3)I7Vsz`d$v1lZ}*nm*CW1eg0 zH`~pWIxJOxwCcb5XEj{I%G$`<(RyXou)Yv?(a>QvyRF$CI~(0Bo@Em2FxshvQ=7{v z8zuX2`ej;lnr!+lJC3WB(<-Yoi-B9;se7OI;C=DM#oM-vrrX$C^F91|?iOXQv`9v( zor>;(>P=aieonfY;ZX0)p6W}fulP)QN5^pmt|!aw<#@v7G4_?)Eqf!zx>=A6+_F^o zq>(oE(U4`W+M3_-TJH&rXVMqtJ(%Ap*ge->gO?(phzMvz+If&Te!xHHznO{oq2=rY zJD5xYq&D_#31pkJY;V!!w&g2a{sB>O$4XJ8@EaKI8X?w$-dd=Rvg>s$8%r* zYI8G!RT3a-z#BRU5+@OX#(eLMDMYh zhUHguFuKBMjExiUorusa-Fcxt90ZgSaChH6j~mm(@%h581RCSGzwGCal;8>bIMME> zpKC1Fw-si`q2o{SWjHlG&Q%p+iKD~~6U5_r5o zttW{;;c5DroG0{?;KdyfMDQSc4f>KE9a!cZuhMThdSR6wVZR`~7H0Y7auhtBVEX%x6VO@sO$iuCi9@0cTuw zuOb=;b@u8L@P=&3+3UX^Dwq*64hGDWoB{zel+mim82@TcGtEI1AUlr$= zU$`zDk@JT@zt$>PPw$L9K7JV84S5&*Os_rWw+Tbit`Ke@+$sX(u8lh+d@o0vn-2zj zpP@VYa4&*Afj7u?-y0)(chG`8LUfn|<2Uj?k#yJ;M(~n8m2`L(1N6z@HG33q7>lxRoUFNvN3+V=%||51`vXdJ-tcJR1UdMcETe$H*IgTNBO1n~kX{iB?F$X)*N- zgcSwSlFuYunm~HwEFz=alJJbt8fOWm?3G)1i>TZ zf-IjDwnYdHngZ!S^$t6NRFO1eFy80Dr47ojH|++k9vP=TN#mdN0fk*c>ln`g2$uvd zX)LECFP8{>lG~WqfzREy3u5RZa7j{0dt|u;gyJ6-^-UsL)LS%kNvYC6Nt&X!V#p%M z;*@#ed1@v(Ejm6}oFefew)w(&EsJawDn4>PdOjjPs_Ha$33=%K5a@ZaQwxivCe3wX zJ`z3}o0N(o%W|=Gay|+fRC39UV!Zi#rRpZ-bus`UfD%9opuJ3elBkvNDpoIEDe{>= zpU0WcocBGYJGD8*JN0)~;3maGKMS4^0{lUDK%rJjhzO*NOr(s8EQ^FtOxjM_PTEf6 zPv%eLPvuYGPvK9Bl@KqUDK?&WI1PRXc_@BJaaQ6c^P%%0@riQ!^g3;F7UQP*_{mR9 zkR(4^dcfi+0uxWy(1S||IWFi}hf5qbZs^#COC>%w=NN6BV$+}-yY#)8kWPceYNTm@ z9r_aHQu>nSvdC5HP3vvgefzocHt?2X|9UuTSRgtr+GTiR*ptN8OIE~n)S*E+HVx$f z-LW8xlp;!wP6Q@p;*jTn=dknOBFBXGf!TrCVYOq54&BP=#=-HyrB*t6ji`BoRx*0^kh$7a$y&3hT!zqL{uRNB=w zOK8=vl+`GKGzgRk)HEq!$*SX)hlYnprZElEBC?aDHy_|!;=aV1UBjyXDnJqbHw zqIZyz$}Z1rOsLH9XWkyTHd89FWWZlc0#E`Tl{ZBeJFh zVL|)^`;}5xdZnDhqQ?@WX{TxD6w4;4MbArWql~ZGW}e+jdyw{$_#@zR^vb}k9^9I! zGmOr3V)f%fuqA^pvNQPc!lLCj-#|-)WlQ#@2}8a5Dt}8ZUf%I)=Y{YS)mxTNpIrU* zs^$~PTg0b`UrEpG{e!w^z^9lW#zrKU5zi&orKU~gQ<$q{9LzQ>P90pjSPY7& zg`qWC!7kMZXk4IunO#4Jv*rTh!KY)jg*@ zc!#v-z&34fG$6lSRM?=KX2o;&bG^F=FTL-OR^(22=@7w?{@~7_bODZ=7_%1e*O>l~ zWT7<+DxJt-pF}vD4-G20$TTepNu|hSa??6%DrHNu<{>^6$W2J+H$nMt7EG}8YUMu7k0ST zUE3O#xQ4jKxMo>-KDIyDLK0@im>jdR{=tH%wtj;h{0TQnh$#|e5)T(C$c71<(Pz$x z^$zCYI>mbF zgZ3-lM^4W2lOWsT><86o?SGJQP17!CW5P)S4)Bc{)Xhu zN#tAf^@$N%S$Mgo2Z6O*w$oRm8-@KBU!j)Z%e?GVU*RC zIh5U$6R75rO{Cb1)0Jc`N}QEL%j3#x%X77AF?9GpME#Z3}9x zc$#(BVb-J8rPn9cZEfP7e)t4+O9B^KPc|O#JpJ*D!cGid>3!n5<>Th|AHY5WeI0F3d$j39)2L><-s!}0Xr=XF%YkGKq*)lP5l(~coD^4mzv~grhK;hQ z?lqXD`(7Lfq)jbovrX$#X_HLr)hMrzhxCVFDBsKm8}|?>Z_$%qK(@)HyrWt1i+uxG z6S9BpkWA+V9~VZu^>aB1y$ih~9}5yshk|9njTxCy30p=q4n(k!pdAZ)QK@&tnl>(9 zV7TJDan7d@r1g=_JN0fo2Svyrl4&Z!Wy~FzwLC+DL4bz^hlYrYh>4D9*gR>7XR+|- ziyA38N?B@oicL&bsjXFSG)-Bo@B=&GJ!;-#vw!^HaXVeF_EP*OTX4Ej`{f@H1c8wT z+x{7v&yku67qm+v7K_dI548Y=TrPvx^sMQW<=1qE&%#versqahd+Q8M&;E4h5ks5T zZh;pyI)kR?b;BXBy6r0fQk}oa@^PT4eLyDPrh-pblbua6iGV9(5&){>fmbtOvqN8MlexTB-N3BBl9JUQcr6v6;PBdXSo5uzAJQC$4~~O!qcK=#VUJP&7#Lo2uPZRhudZmYbJ$nmag&y+i={rh&{3Pi!qE$) zr9HD7XgLW?+@o#)!D+fZ{xfsn(V-YCgs;rLtyav<%{{CZ%`gxUQC1e{+q!B+OsvDR zML}3FtHzYKYFIlS<(v#l6J7xy80p(;4db@fUn?gmTi){QwW@V#_T(8|GMu9bXVD=) zGwmb#f&DDy9*4W7fLmcrV!fJV1j(kM`O>BmIxs@;GEk-&DBm#6#)~z2`!HLwkn8V zR$4MyQ>+?Wj*f$DLhvBC4Nqf{7CYIx@p407y;o%jI>Imss-r3a^HJ0W)QW@?|18ucDU34Bf zE>4UYK%KmUgKc>fU_??YZ7{y%* z{9Un5rjKXqrvNuV$iMnrafL;L>8cT4Dhe8^qJmi?bsjxlQBcr0u-slyWu#Hv>D@N) z%R%L05WKO?$kOn)-LutJC%U+ri=I*-0#j;}@Lb7k{kkCfW3_97=tmgpbrZ-cIviz9 zpN&*$LoC^nL%LemLg=ezTrqE|_?>?YWM256suMO~c z{txHnpd*T+Ai=S1+qP}nwr$%s&)BwY+qP}b?0vtmNvG03&`B5Q7$T4c!)Q=1&#=mK z7h<6|{FjlopP(YjFwh(%SsPlQo%BHc(sIsE4^^CnHN zj!ZqR3A5#44cZUJ3_D>H0*p^Qfj!{yPVo1y@^hr^9GPY9O0ld+m!xo_uG7_Z+)s>| z9W<<5%}AP@=<2-af7$;98i;J>;Ux2DB6;%EAeS@49PTtTSZBh3xxNSUdlW(!dN9mj z{0(#59Zx^>7H`;)*N?Ar3Ne*u*iML#%&6|x@W@(ALvei6X3Ej@w5MN;xJuXNx%K{h z+EiVrG7y?biJzYJsk`WTS#e8+I3Bl!mS|I$aV^A$pAE=PSOG$a9c}?iF#usbBCFly zif$E}jB@|6X}0KToyRbj!UQEDV21|zlOli!vtNl2otZ>S+F3H2X~!(dqEMAA^#gj{;Rnr*{&2{ zu+&SrBn(9#GxrZiUhsa;{&h%$|M&*dWzG@5kULBUgUN6_qyuh=>$(6`7rPKX=)#d4 z;k&Y-mXLNRTQ4l(`PtbEPd_UlXty8A__lXxd{m&murz*Qq>6>arpun|w& z`})?gJX~SZSSsF=R|6ZT)0TAtGm|UU)v2?GjEATxma~s{Cn{b!>XvKR5d@gJ^CE(0 z7$roYtialE*J6chr|BM=y2uexPl+dFnD}4_DQW z(g-)ma7UZLH#&FgXsdEey}(;2{_bW*zhX>#;U(3ud_U~m$__%VkFfkZT!7MuN+?9w zhJg+)*mLH;^(Z51BLZOu?G4y4_=5FmpQEK6GPS_83Q0iJG6Vibk?sk_QUH@RD!Qv* z-12s2mvuSP_1%_2@5s`-v+wNeqy*q?0zEPw0PeJOHTx_%f0XWiln(nKucAS@F)SGD zq_#`TUD?s^$U1^<$fDnr>R*@UU6+dAlv=tixw`4mL7mk`f?d>(>NYC5cU{?aOE+cd zwPk^6%i30#`XFmc*SnsVcQJNiPv|~AIiCVCm(wTY6#!Thv35kN=_I)dZL@ZKNL*Sw zbrE#vBzK`r;InqTY3q}qNA?ycLbE!O*L(~d^IVYK-_z@TB42=IC*}%sfn9)&lgbs# zuO9CXJn;vf;E&!PAynOe#|z^3Y;!Hj#``a8+sVpKI@r7nGWG~V_oH@ zXn`WTl`ShZ?r6oz)DCv1T-V#lVjBC77L?Vx8&JW$bZ)C$5yug(uE@cxY1~P8Cb|QY z9U#LG9w(*1t>SfL*W~21fF$d7tY=Ia*q&wB%?zBkwiIu*&a9?6wscctYK)!Yu9Da= z?iRS48f5FTV4E;ar4r4hgii$@_d0oVO3S6%IyK{vf>Q!Ui9RUDLt+DvBe89&T4anTR%*`->}~Du9RrbE&mR(p9GJ z{8Vm|p{r8**3#FK9q%H+s4j?FNWxKw0iGyA6Mg(TlOrVc8d#E)Iiu0gQWA=)dW#7x zIB2hg{=VaYH5ZABk1;@G=Afsc&kyjIIS;V@W2(#cIYCa_en&>rZD}m`cU&nwPpXu; zbrerWQFT4wUdwU8%2Cp&PnJ6=F7_brNR^|$9y^+-0VRdqAV`xNu}PSMoNI+O@??u3 z-Fmj+eYT+}Z3qQjX=uom@s?!Ig&Z-j%e9OttL3l(y1E>KG%I36C|g4nH}+sl0hc#D z9Zkgy%y^lc7MrJzKFqAlk(*9BJl3q-;$ReRX^PG5{*Y=My10;o&!SyoUZ_f)I6!K0^1zPlP$Xib9ta17gBL$s@gXm1^C9lWci*cVq^F7Ma^ge&a; zT)AYc!o2T85#5~b0@EOKlP@3l`dYt5><$?)l@^xmUQ}e93OSIh^rZaci8L#hdpsr| z(Jg7%*48F|ON8Aci5Bzf?h;}GL5-t6e{Vk;gUQTkHX|kGep=1IYey!h<^5M!IqSop zt(~f^aY98+LFmI_=ES=J1Z3R=izW#jrk3{-VYN})^V&kkrVY~ zYzU&&1w#9z0wKbIpc(NCfv6|?<~yt&p^pHx9eVo{L5{HH0V8c%5o&k@q+^ zFl~#uk!fq42#0-B@DuJ~VMq@@GcyMxtd*Q@I?i5nAZvi$X-~)}>=XYEOxP%sR-w)} zMchKlY#_!oa0?7(=43ARD3cU}H@Ly;Eat@I-~c#=*k3(yY}EnIWQ;~Y?I4g~K*s9^ zM$Z z*twYWI+VA3f<3=t2^=qg&HSImxUesDeFb1=%Qk2wShQEjNq0azwn*#XFX zM${n&#DF)H0o6U4^Y(6@Hc0d~Cu0gAXJ2z&lq~5tA?~-91(fq3#PpUI0g84Td^^wJ zT#-ZcaC>DQ)mJ~5U+e5?pKn_%KD=$)b$y8g15Q4X^O(E2X40TxUaH(dKH#+;mybmB z{0g!yBCmXFfvX)pm!QBT{;T~9+XHiLQBh+lryjyv2iV&J>xx7z2=?%R>l}25;f3uz z1tckL`b5sb-KB1Hy=>n+OGe+E>6I9>Q;?D-bSwcIe?XE2lqD$^ZPx6&SK1GOf1nq2 zfTkUFvf&K7{u*svQY$Hq1?5IKNfIaNrYA!&?+nffysOW# zix4uZA^d6|)#iw2qMv6SDB6@c6vMDI!}9~qXE3oI3~s1vJ>GcyP5;0>DP)iSJ+{uf z-n-}v$pG2uKpZK^SAyhd0_G9*)rZqJ?t>B9x!xvi4y+!jHG;Q)*91KDV$ke> zxgncFW}61SDo^LHwriYMzfGRxS{w^7nTZryZDTUoRycRUz`# zj`lk2=bq39&fEbcV7+1PsQyKg!WDYF=UrE}H9>uxuQAU@knWy7cElcfGwXCgu9+EE z7=8Z@&@01Fq|a2*2IRJH>Y*#`#vrdS4Gp9%BXY0y(CC5k!nPxHTNSUiTiN~9Y4Id! zYV5LrukiQtGxeoz+5ZUdxEJ*6E<{CQD3@+nuT~6GCw@0xd{70^7GK0zz;l`@EunyEVFC({k@q9B5J5R?@wyn2CFgWM*{x95!hRFJ&-fhWTdrj3!Um_H?3}GL z*>4yq6S?Jvfi1SiY_75A8rV%SUnnYp?ieaKgmF-JknlkF0Qn%v0u_3s;ZV!54u!HM z2~6s!M0HW^Lc2mP?U>J^b~ceeVJ8Z?Wd-|vd#lcinnssP#4JK^aORm~HkyG=RYwAh zXpDp_K-T1~@ojkF7^f+5P68BrjI2G+Am`%F1`1QeJz2vHb*o{a9%S2u`6np1Y!70< z1mGvG8R3?AZi%uQ`S!eB&sQG;?G~v|RQk=>Li{X=*9E^TdgsIsax>C;!qJh|7u{wM z5({F?QH{PB-moCp1xFWVM2PwUDMq-LpLRFq`&Ixwk>oY79!-uB{0G!som$ZvhhQg^ z!;5%^FkA6RkBreFO(wYFSkNI6ef+E#&Gs<%nsPB1%dxq#JhEA^=?kDK89oD0$^&1L z2bRqDoRce|hXU7Zqy2^x=5C-SBoQWKslU!EBZhe&Fe`wo2BBr*iv)RapK$r@>`MO_ zOZ!_yC&uX&Lpsne0Z{m2YaZ@wl=2&GXeR-(O92dB5KI@;dHckK%eN!hNY+=~;o!~ABU>RO z+V?i#sXKlimGw^Q&BJHVv0dz?pVg5+#+e@^$Km?3}XTrvZMpJ1=EkvBngFIugOyQ!jG2sga* z_=Tb?I&^^r_$wQNkObG*9$}3&X7AcRkY9o7R0l9tU|OX62(U{0)(?_kWk09^N5B`S zW|##&#u32Jw#VaXuDV43UJSsozM-FyDi4SuuxW6h!uJsjYy+?qt7Y!yIP2%wV}W}X^3|IQ%* z&=4Rv3;@Oxc0Wui!0-rAtQVZ26u93b7#w*EP)1a58Uujg$~{2)5b%`l6aTQM%F(<3 z52*)1I&1&FZ>)P^=AAsH%|eVhYazyrr3iE8|651@2=hsx1Y!>Pc|n+-t4ohTKba&5 zmUdVPpjw_!&M+`cZa3rzbP|VmGUNgiMHD7LoQOk6wds!aW^YV6^R}Lx=#C5al)~kv zV7mHt_9EdTk@9CpUza=H?*_I)cm)gueBHUkyU~FPa;6#<|0w;v+8*%ytu#tLhp3Pw z0AMb~`quf75+{Sfw#TtCy4n&=Y6D389)R*_34S%#>Od6Z+Su*SIhAN|AyTOyM*ppT7$wGwu)rBBw zA$@5>Dhf;w!iO@Y1kga5kN~)Wbi`yW%;8$W(!rbdwUUk(t521fS;NC?2IL6O!e6_2 zo@rh$Oa$N_;2~xXc!`&Q8l=~YJjAPMIE{{)v|DB;VIbj>$l^0gCmT;;AgnfO%U#D9 zr!LvchUu=5EtG#Ph8ynr*hH9fO`^(4&C~<103T{SE~Dt9>tgs3>4(3b zEc%o(fSwF6Re~T6W_3xx@Rz5yntEu2%XH5@SGmt~>>OVR9OK&8IjA1~P6MPGnW>n# zn8=bO10T%F(D2dlu;fU)_W5zDm4+RVj>CHqh(8Y_Y&jxT<{|4r;KLn&xjyIo9LOcb zl@@UWYk)TQHA2JQ!4-XWL*Cia<`b%?S8cVvjvTzeQrz^JoFz80IOA!&{NH!E$$Hc> zm}_39Gn!-C{|&o=Zs=++wCpAA{yeVTRPA|{`i%vb>3!7vZe40s-dZ2x)I3)FsNhXz`6s!Ou>^JN$}0SNJWfj&iz1r;&R0F z1!u+tBg6ncHciE6%&3%zsGt&?)<=JbZFF@2eSc5W{awR6@jN*>muNDChu;=D9v7!~ zOmy(ln#(^zre>#K&5f{w`|)av`^n0!p1n601kTd@azLMjVnSz9k z?yObKfX;Ea%`g@cLORju$o_7o>9ARY7EZYm4iAx4F#DW?(J11*Y}@pYZXL1jYv+HS zsh1b#hvhcxqR@eXg(F)KYRACD!9&8s!X>LJ(8@sDq3V`?=Pj7Banj%@DL_0Jb(k0) zte^-DEqtB~45~ouDyXa_FxKmkTGmQCVbU6oFg-BQeP4CJ>WwxfJW8`8UdB+CPV1B* z@ZI39XK|3)?-n4ePaCfl__a4K*#=DsBS z%<+>*#j@QQz3nZUD}U-m;$<=SBs{03Q0+XYhsQnKIQB@lpbd66{&wK6wUF*+PCJAE1%7WA|CUXAT>(@3Jck-O39irw1Ld<%jpW@AkruY-OE!~Z<~Img^--@YCQlgH8S41#z?&nYS1 zczMCiHl5Y_^a7t2kNNce`sr*-OZ#D8_&lb`2QkK+{Jahc_7;g{95?BINWYemT!)6m zWi8q;NSI1O)++1LLS^k*z7na{hiPIV`ncj5r@h2Bauc(a+RA^^e$@UXvH8}p#~Hhm zGOX2Tq8*KfR$fBhhC54u*;2jYMy4esAwjFz#=DvNZBOy?zokTm~l1f1S3x?S1P?st#nZ(W>1f5Zpgf@q)Z1)omy$bN}hTX%1Sc) zOgFF#*wVlQO`T(p4JLt)%RF3;doCxry|M68l8>AB?s~onkn;i$cbSWpmu%MntyrUL z2+!Po6I9aWb7Tx#p`#eOVn{Lu)7OpGkb|+@Qfbt|h*i|t)_CIO_g!ic_kH1P-6bRK zAI`eg8YhPw;ithykF*$t9AB+(qw5axox{E7xVReLR;|}BaxnL8mNuWO=+A|>Sn<{n z@wYvkD_N}HIHIAf-p16bx9%GEBpxQUOW)bRLr*wQed|fwR^{!wMgl@kVT5N=tDDhX zVe10zqcIHo>>aP!E?Di5Er+)I;W<`62!5AVNJa!Elq?;ybEafcBFI#^1EjKOB!t)u zNYDa_gc$N{C53uGHONF`A%kFA43viK@H3ER@M?_MYKII_qKaq|iXsD6D7pmuKYA$4 zn?;qC>2a>sR7EvuKj+Xy9$&9aNzBVCWHYlg9j3&gAFP=I%Z^WolS2@pyEQbsx8svy zZHJzwe=Rz>xmS5db@CaZmJ@?IQ`XzoY}txMvf@pqn=VM#_wMgoO_FFxgKoDP{+{$X zte(EUIGq0WKSL%ioLx3xC<|`w0r9<06PgcYO#Z#|N9Z6G+AE+nmf;w?b z;I8{19qmIx)HlPk)Q%Nw=_QLovvc&>sCo7CNODCR{moUCG;$cg>RJj_rklyh|5hM(J#V8AuFFW|bVQS~yxk zWbroXpmYOC%j1U+Q1p{_K!$D4mH661%i?G-xqI%Tv~6;d&LSkm=r8|Nd)yw1(IW|7 z*PDqAZwfadxhIh~pXXwvTGzEz=ell&+$xw@pBl~&_$F45G%W5XXTS3L#5MJ`) zh2`6YMAC}gK+-FwRV=-tugmfhDMn01EP4O=;F3N%Csfgi>#EpgII3)OM=W?X*s`Ytj zjRn-2*NK1Q(?fj|ElsiZFsB6}tNS@I;T{r1?OboD1fMvjvQkqRNUv7cooco<@D%Yp z%bIw4iLNf{Ul8Rv+c5K@J@|e@Lwv)0H^)j5FkwWP79dy&hf%N&SU7*8#*v)TEd%$K z_Sf(>6NxB@cC=EGu8{4t&dSKeN4~%#rWlmzy5uWTh{Kap3Q7(U z(gM6VRR=_Ig<*$I5LOHk?%?N8s~Iw_E$SSXJt#)^8I4X67T|ev1defb)Xb%C?dK=V z3q&H<&62(Gus!FL<@q=to>uco9cFd&P5Ky56lBEnV|p^7P%njo;>Kx1ROr1sA~f z+u?0&&bK-|<0T~L?#3yr9yPu#KhlA@y?k&#Ivs<*P^{_Y1gKeIdv|K7 zPGO`zhHbJFcc^%Y>5JUOEJtx%8#;H}`3@r`SoIjQzB5QeBHgM4ru_oJe)X9&OeU{s z_)PT(1eLAF+=R~@z>3peoJF~GBC%?}5b}uB@#D!(Es%N`c9|%TuTo;Pm@Ym%(rHPF zLrc2_WE0{Fm(8+$VQ)i|=wW)kTR`z&zMCy6kjt+K?jA#Rmc4}|$LgVG0PQqC!arN> zC>Rh66r&gyD?&311!EJ6A{mzvWK$?y`iapfkj9%VL2RqoV#Rs`ZF5s`R`N;M%}%c( zou+a-9HGPE@iMc`y&bf$iH%6Pq< zA42Tl<9#1XiqrG_diYAt~xSi?p|gjHlvM6@MkP++|>eIW}V zFbxg#JB3iOP=}_aR3un5%95OfAQh)o0-t$~XXk;#;fu?h`7~y8e-29zL1*Aj#MNCXoG@4D$_}{OmPffJN9I122$}XD87LaYD z-$cZRJqm?i&a(`1+VL7eTA4Cgt9iz@ceXbcX-nIBhI!VR7|J=!x;1_ z2D|4Q8TNBCL|4V9<2BU2_>r2Hx|bf6hG#R{X6!Y0WBjO3BR-I)ET7ua?2YNN{M&S5 zdNGmr-ijeckaf0chA z|Kx?gtuFl1`C}mqSx)~9uch~o$ZmhkNotCFS~jJ|T?yWb|A2-45 zf0>JRaD4B4`TWTjW6VfvSf03h`;5&_=7j;yaoHi?tkLx9m+a!h&tiQXkbae!Hy2o! zh1q5pB~kOPp@;5CUJ}ieS+x6ZGGbeOwL8Au2L1W|ruUnV$EYy305H1qe;kX8&Ar^# zU1YnB=hM=exDf{DBm^?T2ABQ!?hx#F)`wp5|3p~x^d_B9E=*F1fgmyMBjmUZATQH! z9Az>nKNm9pc=#866@6Ez^ex$Z$f5SC;c7EJ_P4DrneTi-^!A z?`+So4jswr%-98}QL{f_S7i|aGTsuz;DTY!i|v-9uKGLgulXG3fA4F>_7KpdNY|Ab(5Fz^P2S+cS9?PFes0dzWVI!JBlkb zo1a3bY_(WI-2xRn^=$Nf%Km8I#jbA_@egs3gB`821-do@_E2Akc_`f(_t^Mbi@U*U zUuvXxWjR3zTxx=@jD&TEbd7c4-5!1m`)cqBB#+`lm3x7Plw8)aZ>e|Cy69ikB9%Lv zYkzBFm&Lrs8HV8;g-2?xRe!61h7M>Os*=`9?9A+8x3P9rv93NH4{ip-8~jIofV*|! zFjgW6z4QI)0#M%I&C zcA5BmoNj@Xtmu||ZG;iB21f``bw*5%XKko|1v2yzSwloA0^GzgvIb(ws)}GR${7#< z|K(Xe&|JAFRW+h@;ojA#HOCWZwL&jbbp^rSz^ioig8PH1I1r{J$c_JV=1IQLx5Qw?}H0gXcfWplo17VXAAlZ#Du$52_rxS1Z1CU(Y72?cF8ccWs z_W_JDMQ-3gr6*NVDg=Snv4#{IibT>4t0CpWlt?#NNT3h&pilxjVCz&8!hp_{=FMbY zts+rF26}LCaY2cR`=_)FfZf+AWmaTWvb?$=*Nr-^r_=x&x_N|Go$P8k!--X&k}>|g z>#yx_u-@gLfk|BxpC-{-{!1y^E6fGIqYoYyq~@H>T5}A++XfGF|mhv zEul6>P%^_923;?JdLHD{=Ij2R{c0Ztek~tq#ut-|w=1E4*Sq>;|9q2Mx8VMTUzAr8 zi?%tcP$2pYU`ufyM2sc?uu`7~CGZZDQJjvaaLZgA#PY9rcjsZND*fp>jz^C&ygX$srP+>KLYHM%@dS`ZT)Pd?kbY6ht{#YYZIIzu8cUO(_C#L-CqrWx2Kw0qUZB>Z%=n4?e`Xz4 z$s<9(^*gk~x{>v~?O2~X7U)jnRfhc++B?^N*X9B^%p6Kw*^DS+F3>ntWQujbB-Dud zBGOgHxdf*HC^Unb^gORZKbQLU`agU&Re#UxomGdpm#WXGTd6kRub*%Jiho0I`h64- z=mPZ51D=F3SF{rN*TTGdK{r~mRXRxBWFGzxiWd!sO(Vppel7MHxTmd8Td~I17;Vve zrYxh!0ur&qCjw%zk65<|dMz6!#sOyz>Xq%G%9K)Oz&Z*L3Jg*A;^iQClgEN`{cw1f z=n|?X%n|u`P@uc;V8Y!GjJf9cRfcu&`yjRPMGHN=xt*7`?X2&{!x?Z7wjG%;B z?!YbvqW-2Bm^dz=5GLgyOjJOaRD?+Ji3L%KqZpW#>%b?(@EVA}z#<8_Y|=yhwx3;sWp5U~H3NW2gs8sLlcth@`i8sNVY0 z!(ZEqg{}i`UI2{r1z0{Xtu~Tr8y?$c$aC7N{=yQjz3wX|BO5&xRq{R>G-fDu{H=}S z?KhI{6|^suz^qSxEPW-pn;0>rmpxZWdL;~Bqo2l(b@{f%;(X|GBUgQ$-Fvb&cBruw zdKc{A+PM;_WQH175%yN>OkztSfxYZcGN&ig+RyY%_zd_Nat!1$qlQBaUAVCi8HO=C zp`#gRGNWiw%Cu>c8S~XX0nihGby$WA`G;xEg#DWlw=h$IAy_je%4EBP7!)kaU z^Soa;42)4;v6Z9E{!~ zTXj&eGHg$IMF};}tH4;9n;x8km1qJ`G4}l!K&42Gb6=sT5ZINA{)1xMo)6DGF@7NZ zlW5e?FNS|`iQH4;`0Il(ceh{uA>1>|{N9r1LelT?c<=4NTCt=y6oOg59Hz?n5;2vo z^5-%^O1>go^>T18|5r>`rV~dHc6r0AFL`zr!L0x5-T#h>9j>n(TUSb#`^l!LtZ{^h zwa-;_Fx-nlIVNv~z5RD0T@v>VVX!)kT@ik!gsgeu%66|!Q5~QiS4URYeoJdxt)uqG zbBS5)R|-JX%n#31ox3IK6NOdmW_h$?XES-#x7A!~Zu+O>Mcr0y0mc%0L@BJ5yFacK zyx;gbnb3!nK@|2FOgeh#N*`Y=VT4VJUgOswOqM0pgmZ zRWSj$l2vh;yITHOKLcPe?vsT|8n7hmrtU42i!cBYTNN~=pozaxu!U*EH5J+vfYww` z*oWx6wpnL&!XSVBxMQo~))U)g+CE0ylZQ{dB=62ng^H7!x;j^m2MwiX4~?~i5?JpU z-KZK3S_UI94x7Lb$x4MLi*;WrR?{FPb+eq(-+Ut|_kjtwq1J!&7J);SgG(M|DCoNf zemeDse?^eEvKHDTlO{I98wo@^BoouoMSi}NiFf$S^9%5@s1Nvr;!dnLM#(f@#~K>N zpu#TIAaf2wUFGQiwaQaSje(}c(-;Iq5~zy*0c zWWx>(7RcUzxcc**nSRkFH805}y-v#e_{FqgA=e+DOuDkl$i=m=Og_+Wil);&-H^wv z+N#4BkRqd$jAZhu>3yc5L`ihOwM>wGfzDAEF!ZImjwPx%t)O+_jcuokeI8eixI$ql z08P*ZL(LbUZ4B!S=?v@C-KgQIcs#NO{=%VRZ_-_p(? zBA*Rvf&yMN^Qdq!HOzK_@2{hKftU|H2^|eh8y6RW6%(j<)aI07DENREyR`x;R(ebIbExb{^qh3_m zvhTK+4Bsm4@lX0a=3abdd@ptZ~>eE&zDcCf6vgRX^%>3(@03*4awcPdi&^3 zNjw9jKuf0VZO6M{)F;GOM0pW(6&mq6ikPf~x3H~;ReDEL8>n5!T~D$lg#wKwl?&30 zQ^cr!=BNzi!kPzjzLG<`KIcZg6etm)ip{ed=v63=6+-||Mi9>@Xs2Nm=Cqq~e@CbY5Ix?1^&)~$1ctgLcAQIZ6 z+ge0*fbj!~A8Z)J3K>263C*lH%qllOwVz(ev*}T^iyWJpr08+grAmp(duJ7fqB|U)NT-*|+xD6Tyx~aM@%*QA+NSfs2&ROHSE7>iPQ~Jk@ zgt(BAxeS5T6o6Im&@QIyp;J_N9)N<1NKB^~Ljd;^W+u-ECM!l<4CJTBvS`9Xa|jhK zj2IO}HV=ek{)J=Vpm6fe7gVAciXk}&YXJR=_3-vnOI5;|#q^gl1+0vUQH-dVIwvHs;9tUI1O>9szzeMm$pQXPfbxsD*}qs>%I;| z$*styI3_w6mK>PPJRO=iGv2kUHFIkT445N)EYE?=22C6eBtIpX4sL}9Oa)nH73W#e zg8cCo=bp*J-OSvSFB}8I63t|~(qnHS?#2dOavu>Fs1di65Z=C0U;VHC*YBrvkLOPx zoUiF=mO9Vp7oVHoxV^i#+Y%K-X1^vwT_?OM4X zZw_W)P1ECMi6CC@rM6az(7&abw4T&M*oxyXm7q=5i|SS8axG9Fd@rt{w>UwbwDQ5K zky~}TPFgPwXEy$1h93AFzBE`mxbN|Y%fN#K)E~!t>dWoA<~X|o-q=PVI!vh>HhK{v z1^6G9XwYhnn4rW&Ylu>dg+59q+P^N+lZST7+#}I_^l#C=Q~X!#@8~C3evoltTK>ec z*WfcD;_cP?lnB3O-h?UnLF-(V21^&TIIH`ueWz=Dne*QP zkXQK2Fr){tLy^eJa%+X_qKJ|nLCRdI;+{yP7|;c}3v0>&4+1T&A@K%}6E;~0;s@j# zGa|zhY}f)A0<_Ht$Y+9W3Y?Maj1PPgnuljktcA4Vvu6MJ;5{g^v~=@a(a#N3fltie zlm59e|DU4Oh22Td0_i(Vm#0Z3eplb0OGeC#GdWLaU(j0G9q*l?a9e2E(z^JX9`g$1 zi_3=OK4X{&YOV^_EctIKw9SGXrltPbVu8(si(ucBg#}hfbc^sU?yVn}fDHoMd)s?^ zh6SM9&bl}q!yc+5UB#E z@*v$%PBBPoC$1donXsk`Eahj^A<>TVS*p28nnpS+O-nsnUE*rFy4esD3gy5g9mwXo z6tz#aPw>rI`W$_}J}1AgPB?5^wz8a40WK@G&d#NgT1Cg@4rVuccY8zkhr~gZ%h0rR zW@X*6PMx#+9KiZaC>}WdV3ch*>|C)Kt&TcY3<%pa;DdW+!fmD3oii&z62pcL8Z_Ox`V zStTGdX|`k(go{nvi?sHL@pSrnQi(?|gv=yeX1kdD{&Rv>V74s!Ry`t{X#;KmqFq2@ zFQCv7nvE)%1wGmV*ysj82^=tvv4(#87H2UiAMS3c}jsV)z4T)1(gv>Ye z8f#n~@fzqFXni>PGCFu&yi;f^*&F3M)@@{u;d_UGA_I!+0S(@u`7Yg9Cnc2e6oa!B zNh>L5EJH90J#E?MqOF(UF~>>J)Wz@aLfkny{4WRE)Hjvb4w17`*DC7 z9YO7>|$Vda_9MKO(1yz!A}$>9rfkCgom}lP8HKG&8+^tG8@y zr4v#eAqJYNzILY76~{vlZq3m2RQ4n%1s1u^dq)~~A znrDzH%GPMzQM)GQ2MeAJG+XJ}_*r?rl;gz-tE5YMJ4Su`KKc)z$2-W@vC=QsgoRsW zV%p)lqv26s6hXVFAQc`{)>eY+mvrCuHH8yiplJ!vHv=qUh5?IXR_WBWgwNAxo)O~p zQcfK@D^z>JTHLgDSB8uwT>fLpvlS{KL^yPO8ab4Bl+42FgaMUt11b}S)CdYY_rV#t zbCS(b%b`5Zp?Bu8I)`tTT5Ow5V-EQwg0AU(OJdk3R>4Ou1AVXCR&p+n;Z8_aQ>T3! zo~V|wLVWxZ-KY7&HPy72Y(E#D=(KC^Jou&9-4A)Fc6`6Pk47 zgTAoF0)Mdhluzbc=Q91D8*folJ~+%&^--S!(=NK6le4KrObdz8Bj=OE%r^a>owd8K z@BTfChf(Ll2Pqqu)5u4PEV`hegEG)0AiaCUY47Xc)R^k)X|io)=XCQv0ScFKiE|0wcf zW2&E+H_HpnzmQM(+57T4#=kch@bxlI6EdG{-;}SouPwZxpY3*Eo$fj2S}Zze`$s#& z*340rA+9+r`@T=gSEkweT#9mvC}#SeXC$`)1bI~f zXFy;WfG%x_bz2@T&DSvC$Kwgytf8R>s5wW(;^)Le_Iet!{iv~MEX-cz&f9I||p9y@6u{51>BQYUBX(DcburWl?)pMKR zR~#5}P=uQs<1Q{GN0o(;5MfYHvV*H)q?CAbPZRSMD-ul*v6i1?j89mWa7uE9>CN27%=nAKF99nzOHLlud81vex9rO)cUkpAPo=QF}PnJ)I z+l9fV1@oghvfK+Eg|EbWrG3&9@s)~Q{ir^bUqilCY!v7qBC!+=vQ&B$Gf2^fa+j)` z2_rMY`lx*M3))w_TT{K+0oo31s5TQfw2Y2Sz^MQ!?4sUsbGI7z3V*vKR9#PuDSs(n z315mi77CWZckh;F;>0o>ff?pNj@zh!yqBkTYM{tjk)g8BMd?@|ccEmh^wU(J=?W>q z2#$~l4PXZHRgFOCdOy$|(oAX4q!lgoe5(MN{(a<<0D8m$cUl(^E@wo+i2i@jgE&U6 ziSLprLDGs)o-2SDjlqdl=Hzif@4kF#toP}w2DHEgKt)hAgHHztIAO>RPI-ze_PgwpcmD)#22#Z01a8f!-l)ClD0OS{-rB!3D-|a7CyQvhM-^mIc)L8V{R%N9ylG+aSFg%<^-%bX$gZ%# zU*IN8yN0hJ#nG;-=FDSNp>ZnabvJS{x@Fl zrtQXaVlEIT-{lQ(GFa1mM8yUujLBy(5{>%zwY%Y2GMn(h&_^iH2sIj?et zxrUKHYG!3Gl*F^OOrr;!27EkY&5<1u*iLqaVjYHOHPf=&8BdD$A~9s?3l>aJ-H<@bQl+{UT9NFTMR4H#j(l+DBj?FIuk|oj^c>c+ zeB?JS&6GeWx5vJP&e>ic1PvnT#1k*S{ne0%&YXhhOK+*DYOWYS@g4h|N^mfNbl&nbZRhAe~9l$z#v)MDt zl^lV>js}z$E|f}DQg}X4T)(t|W~4D4+ZcGM;~gbb;!@5}r2)o?#;%O7fb=HPHNh5G>jBq)uTZ!$UgqX@H<6xVR$yP?}d6#qg+R_1|8+ z&JbwxfP_yK74A%#!Gl-f4h(epwrt?`^ooa3ZWL5buGOy*4*`*A%!jf2ql-2Ba8J0X zY$RTtA)6Ypj9}@QX$?=QABm>ATDIm9>>C`QB4|S;r6Z>!sU^71U1)P!#=XNn(GO-z zGiF~>bFz3+wYKGo!ak5G-j5eLADYE4wEaOCTN*9J)2h%9RIaKZ(tV+e^LFDx)Wz#o zhBUlLZjB`~D}0v0&6-?6nKFZF|Gh4vMS#pT;{~rSsiLcO1}g?P6*cuF8^v}< zmT9mSicqu~)l&5%I)MeAH&3k+#E5jkt`M9bPeE0u%or&^2x)`dbgt(T5J1AL``GRu zrJ?<^0Tn-h02(JQ0+7DXk}%N+LlCnPwa*$mR3jJx)NT=OFqHiK)q|#svoIqGM0H+? zZY3yn>%%<2ac&_Fl}4tLEoUiQ^q9Qc_{J8v!?d3z=^s>)-!|IWWp1+R!DF9D=;uVX z1KPsXXioaJwmRq=*)+Fp=ll0NA#SaY5P?qis^c!_uE64X6Ew2J?Bi&S-c7#6 zZtr^5m|f@c&i8lGQS(%*i@W9NNRo6j*_P^DHMaElZ<_W+-R{!OaW!|g>ud)U+}mfP z;Ia@FK!IHTACDBjZ9B4u0L-t>**Ezh*z^FNm#Z7=u-!1 zp8d#~Hcb*bL&`!VWBO1D=7J?1I{-sKyuZY7teGo7Cct`?qBnU_7b`?wZ*nG*o|sH@ zzB=##$vmxv3$zPvFPJ_y8wQeN0CUf}DpF_#I{)n6+kvslM|_z>@<>tycZ7gI41cI~ zIM$xKgnS&F#a0N&H=1|A&fJfr8BAoy>VO-mBWq7;N9yhXkBoo%8Jbglv^!}{&uqPQ z?r{qM**@U74Cf0;O{3wq04(Mx!f`Pyz7`LF1Y@*l{i}9(&5@cJ%neyJOFfj@h?d9- z<&`0|x#;$viu}m`@!by4nRH#7aBSPTbT={Y}?lK^L}_| z=9~XttJbM=YG2z|?OMf+;pbpMCWB~>c#OK1-v51L3#jGfUTFeFW*C#KkpEjpIDZiC zKC=jLEoCMXFCoEF_-)1<2|_3wk(zvm*bGnY;D|pAhG_N~Kp+Ow#pM+{lX9sjJ1m1F zF+Uh?f#$m9xYhgdj_>B(`jx-vDhAiGoCj3zXz2K~(qB_4FDi@6{hXMN^)s!ijN1HK z6!RtF=1t0Yk<&hrm{#D$wkP510-2pbE8016uW6xSAF1M$+3H$_ly^HlJYNWlbTRT;!r6MF&^(=Gdd! z3PEM2JyA2Ds_p0cYTqirEyA$U5Fxt!4ds}>iU8D)35RD}xJ^q7a~*{+F*H!Scy{|@ zH+#xqr0t&R9qYmUUg{a_o#aVm3;KO_J2!bx(Wsna7w-n?1<91olWv>~Or0TDbKQwBy zG8v2Nrts&D=M9P}fr6xiA_h3oL9k4au^?o&d3|m*w_E$AuOIet#IIEOV(4-8D0N_! z#z^2i94t>3r%@e1RC7M0*x1Qv1R_Eblb>S?C8ZMK$Nb;eH71)#o0y$d!+U5UZg}N} z@UyeC>yl(+0}DYStO+e77eNxeM!SG8!oarLEY$U|B}OW@}8enH3kJjwl7Yv%nf+15I~ zLxJt{p-pvo*qYy(>vl_REQlrz#bs#`)Pe??h?{IiA*|9RZxFofk9La^aKKDE^b&L; zMKVPkk`<%%RdbR<2&gn3XH6i=Z>o6yAe$5y{kfCncRbIG)!xt-oJ{Evr2mf?zkMRA^^^AqgHk1wKve z(B$?Ye*ke3F?21xeqb-89IO;`7!HHlU28pEHB|L|d~$=JH9SZ(&py_axVktgTCzb2B|$w$%!CIi39AlWM9#7LluV6y|qAbp)QnkbOPu@ ztH9*t+(Cn~(*_(+pkjADpui=0<BLBikIcSWZuut-{p^meV)#3{S(HMpD*&_OAq% z|Adhj2^fdOX6ZgaI3B*%^R6}4*SUVaM$rDzZ!q{1k*XI6pDOUmMoO*Fb@vb=B;mY| z`Fz;5W4To<@Oo2=BDUw@PkRiz4My@h3?)|Tjy&gvm9>pzUG!uBy*&!gpVJ~3Ot4P? z;NuuMDy=h1z$uRC&xPV< g~pjrBMy-1KybIgmRnQRwNt9US?U}$Tg_1laThbgc| z4!uHHjh@7+C>B1fM4omp-V1>@d)!d4{wm1&K{1Vf7Ty=_nK89^bPF} z(Tq`KuXcB)(okO3z|pmRpUG1}N6ap2l&F{fn>Eq8N#oc~qpJJijA7L;Xk;WLv(?eY z0;*s8H7`Smb9r_!2<@ABi2M}c23mEevw^DVveapvMUxX6Vxz%BN~UvN1r+*7b^Lo; zN02#)n=W&n0?-y@6Sy8x{oQFBQa%A2hV8m-6!&tcopZiNXA9bots#30esl5;;rP2@ zvuhWuJ$)aezR@BXv5lLuv*MFfbh}9u7sHSX!p6B>iCPw2;dsTa+-|R~JiVsxDHe%a zc3Dgx@vmeqLyqhFyU0!`_F-I>5UFif!{1Bg?CIRd_Q1sA@C7QAt0M8&*EYP?uR3sB zd9LAkId=CAiv;VQY-%rU=dmJG*GG<^0Ys>ms+&o0Di=g;D~%hC6Cz%*ojS&xCk|Pq zk?#zjx;a?xF%otI3fB_uDPOU_fBR>r)f`t*V%fNtAR}4_%GJ+~SkHv!4u!wYv2*aY z2I$1Y)_I#j45pxF#k0rQ^QT91L`r=Fo(hTt*FBnX46NdIX z?TmwrFA#?ccM#-7FC^y)5ZN+|RioFcu@u9PW0QyL#Bm5P9oqEw#h4MWB1pd{OY$`# zm&o|7;R4@Nq2QoW4JRe*pWdkW+Sliw^uXTm?1D&Xgove%?zwPk(`GRr>(aV!@)URF zb3E8f&~|l@PI!$Pw7s_6vrAd=wn(qdu6MTj!UMDQisC5nBEPh%QToUg9QF#5R}1t8 zHKFe5-?$-|Rp&yi%qFO>1jnUb))-xzi>Gq1Mtyk5Wkm&+$&pvpLN{qv>JFw|0)R>qMh#?Tx7LQ14tfFct>Jm1IjXIK=rU=O_< zDkU)#9W_D+O+7jlm~A1^V~m#A)T}%gW5b2j@v$6Lh!}q zm}~BLhV=Y0YKsd9S$B2GB0PG$_KHS^LFS}%6b}${v=o^LMZny*c^i07CAHU2%PjJc ziw%7W&P7%>l%Tr|N%u8*$I_lF2s+?O@`v$8%X!*oFu9gjBEAZtPnV+p@ka$O(lzXw zqLXl#sh*#URfW=2Jyq|Ir6;ZxMe!kQ#eoC<5P45OyLDy*VM{%`{v&Qial1ID8rAs0 ze7JLj=~__a6I5Jm;NhGA9Q^r9VzZFD4 z5pckc69&CHIUaU7%Oc_)1ypwQ)+u%UddI-~F*4n4uAHl<+iU5PxZT=Do$H*QKH)%A z58hXlG1J4HE-~hp(j7y=ANtdkmygP$1MWf02kFwrheVD;x&h#t*&_B#uXtJ)J{=VJ zJ>Tk)n8Fud#Kr~dDC}8zHNCdFVqVDa#-ojVrsmk5hfJOtd4$>#V6olpCf!BFI{#bA zOJ~aF>J#RbdeMeY(&T)o&!*2D?SXoVe6>K==jf~P8MyB+U9@jCt{&YxYwwAVS|IMn zt}ap_&xeujyZM+@^LW|vsR_hUBFwQLBBXO74!i^mGKi@enygEYL&R|c#HD*l*8v|^ zK;v&nP#4FIe2n?Wp9mhD`bZD8kUVE3C{ymT;irF_T}<>U zU?=pz7y4k*l}2UIVeB04*6ikx>L%Cu(rYovV9+k|^0lDV3|*Ottw(+n*raNcJZK%l zZd6kE5{_GF%^{jc|JmLk^P}xOv24raK}vR5nArqY1KP=5O0~vtyDn=U#F? z>c#OnIDGsuB64jMpSA?e(d-}3CcaL_km)7U#~sC19fu>|`s39DLq)r)n-{cfi&r*9 z^+}2Cq^e?T5e5w0IAK!MQfLj3s%Q*S^06R3+7E>6^~{RFj-=oN?NuG+P-^thPvP?B z!8Z&v&(I(lbd@ZY%G%+k@C`fzud@c)h3ZIsYQPS?j-VdeAAajZ3^O>T6n2Nmc8p9a zDCJ0mTh7aRfX@C9L#eMlSw=S^GcHJn6-vqIbLGa5VYjBz|5iq& z#Y%PBXik*BH$LtXM$~0-{3|-f46%vNN$#jW?2vwP+>)8|eO@ytQ{ZC}opHTk;k?Wq ze?0x0Gvf+t?RxKd!AtS$7W}Uox#^2H+j8%%t8K26PAFTRGF*+qB|Db7sL&ClHZ;{# zksX{>gC?Y0j)ofC@3ub+u@!k*^q%@MxC)mpG&zovrhon!j;dc-!~V%f z1V!UxAU1F!kifPie_?q%tXLX~tIotFD~g&?gu|aAsTCaD&6`F=ejZ1Lm18m}`i-Kl zCD}nlm|i`RtBeH;zFC^$Nznee{n49_ zFu38+({+eTDPog}m<^5|yV~4|lm)(Wq6Zn_TI_7Rx<%zXZ;9MIdD0oGb5)6E znBBjbNo^DlYTvG*%WlV%pBr^*8VmEABj#)ukPT--Hie&J4SNEYW%Q00w7!*0kpyR6 zICvRVIdvtaA7`ENu1lF~EN^iwa7AY}$(LO#ai6CZU1X3Y%7i7!kd`=WXrQUi?+lUK z%-_yRvutT2sUHeatRRhQlWH8;!%*g80An+^gJD(5o z0irY8@WQcAP9#-1_&F@QIK#l4I^x0En%d{N(dZ=?HmT`(r?ha3aC63Er)4}WGM%26 zyY3?d=qz^S@0HW8RyLGcIqKFQ_h@b|LfwD=<|$T8dpiw+3U;Q_qiQmHU%fAQ9#QVecPkOj?}k$W6~xOJvoq1i2FIVgth!V@4D_|;0vyM^OdPi)HnVdlkpc-LB$5QrwUBFn>BndOw-g2&6;H2+$iuT^19gk##Rq`Q4kM)Ccd{(>-pvs$6nzWU z;R3Y*WHq>??w{A-zQAl^^2z65Kg9`UZunmX=GXqV#s%hnM~WBmL{&fP0_}LA!i)y% zZn~ZT_kou(qO2YG{;UbQ0^19+oOU@cCphLODtdXCuTy)h74pme$BN zztPOvJ65d#5v9vgW{ttmua9)O-fYLz`SGX~(z9+<|60W?HK9U*#$kE&El#FRKTu?@ zj+KFrnlK4rZu5B44$T!XL108ASmCA>RxWwBtC>-nG8hyya}|Dx#qZRgtn9q8>1!Fm zE4p-&a(S7Ol5;uzs^xX&baV(V&Tx)gVm)KphVC~rKR2hVZl1iTDmwa^qk271Yl4}} z$Bs~zgntIV%`nIy+HB!oM{@L=hKe~bi-o9n@2$?C@+XuBkwxNBW`=U9LUxN>+e&2B z6L&j=DnDsz-niW;1xwFRIAa26ro547a}n$Lq)ahiKrUP!lMjs7MKA{v+bBzt1)ABR zsYxfna|Lk&e_B7E?pc`z&@172p5-I`W|FK$LKxXh1ClV>^ap4&!PJZ||4$Xqq@4v` zVqXf^pYwLsH;~CqA$PLEnP!+Eb@s=Z7ha=EOsPNk=wF$v;Ax%t_a0tnpHEd}bo`#> zX89>6_TZXmQEDgLWb-jY+@YxyJ`pvempR&6Dei!naa>XswxTF3&HxyXVKXg=UKidgvga7BrX1w8FPR@D}X?RCneJ*F*ASH$>j$L<$?DlmLrA7}k& z`aND9QTsyr5aPx1Egt|w0K$Yt{=|KJgnyrOgZ^+u=EX-dop0`c2J4AMTLOZ-NoIY` zpO30D%fc=BL*dYL*&o{EPw6;XUp&>Tz*YayPrKb04G=hLK3@gSI@UPe4Z@E3%Dokop&PTY?-aPg?0@f;s-RI+rMiH!3gsKE5{ z^747m`p_I-Tq!xxTz9?ZsSXWFKAYNcRcRB*@XsyN_ehI%UfcF9-`qXl8-5Rk2dSj; z)5=#47<>Z!ecIsPvA=IWl5YmDn`C2f1Fxh$3BE>$cSAs@fb zFS_;!Hp58kNMTfD*C}tW4}5dasZ%m67{F^A{>-`N=&xI@m-L-|E;#whK+r3ch!<(# z&CM`2|Bci+f7%*+ZkRb)lc&y1ivT_#Jt9qY))*#i=mEJnDgUiWCb%SDFf$QzL4rdg z@4#~ipYl&?lg5lX#|)waT!jaL)6fVGD>_%~w=Z%>-rQQ(oMASIKL)%`Ff@6}paMm< zO{#%}N=UOO7~Ty6=M!XQiP34)#>>G8(k!bvboXil7k7f7X$k8QGz~HV$)se~8o|l% z!f*-?N!jsIO0G!&$r2=xuB2-+n{*S8MQir@@LM1LF%t%@VY&rocwTERqx?{MWzLel zhs%V#{nX03$UMYwOgI4JKGmo*l!zZu?7_&Lif>sXH*BqslFu_RxLHEn0f|O9^$4cW zodM@D4>9&WOWt81YU|zn6ClEabqyV5IciO?I?|jM?QTK$$-p?RKc8{(_%Ed#9|G$cy}Kxk^<*_ zQ6c3R(zbgi_!=GOR$LL9Lsrrm(1(1K0N8b)vDFHp$A?A+)seuX9t9TMs9W!_KP5Bj>bSk@&P z2p!p*XkA6V?s>|A^=X6Ws?)_s=bAY7qV+}TAt)(?Qg|HiM(Fw;s9k{PaZ^K*rR!bRZc46jK6i5sL@6pEDF!sU0Ye9nw$LN_rxjF+Kw@cVJ}h1Lgh(V$I;`3wx@~bE9K0uak2nttMu!x7>OG~i3fI(pw^|ovuU>4+P2a0{w`HD7AC&A-%{fC`DTtCm zYnD}nooa$~(z5=+g~PwYQd&0SlRGM~xd+z4(t$GRK1q@2NjF7?X_%?reqNk2F>M7|30 z#k#DQZbtJKyfFW#Hyk zD8@_+2(d=)6%*;_+kBEDlqHAIs#`o~4SZW}wY;mis61A!TnVXG;qq8PREXlIOL~gjyxsIGmtt4=NV37CL5xs5kTD zK`IhS#O*_yOu0SBzB6*2>V|IaDJYzfEH)D^$M|RRIQxN>zyI`JovnAp{d3dipqUh; zcyP5pZ#n_>haG3c!ICkLiVEKoQgHJ{u{tz_rC<~GZ0@I3E;PJ+5AtDQwSUX**wfP+ zMQ(7k+lL(>4{~CCCqTgKm|1iee0gBv zbYoobR(m0<@3$FHD6bd<%*|zehNfVQd_HD)mL8pB-IR{pr#uF)H z6K|=?#uFo{$_DLqSz58ms=7J1xB1QBNekRXjV&@s_Ve@*i8k}drQtYtN7~y@aeAb(qVpw~54p2v}updRY4#wh0i8hqpVt5ec8mRDS#KNw1l;tS|(^d5C-aWECyogggx6oDWBdK>JI4>MV*z()@0Nonqw+6 zgmZ?iFlV5|i%_0Q9p~ognOC5P)8Arzx(()6I~|yiJy?JpLO*ERIFn(Nm_j0;0tOv> zPAm^MG@CKDeW#TVnwPO(JsMiX4p;Lgjl9kB-<}fYV958;c7TG5Lpc zCj^U)+GN12H_kbh2B#(%&}aSJcx3&-^D^cu8*W1>n?x@5+vN08SV7|WkCaJ~@~jKU zjowEX7QjGG$h=rX8%;15kuMro0MQpDv5@vS5jAK0lWSe_Ys{eHv#K0l*-BM|t_s_g zJ59T>jz{}UFGDx?qiJt`rSjP()@CL1C9Dnk*$=1s*JX2Yz%8b!_*p1qj(o8gRiJ8* zHkmv`P2%@>mA6DgrZ_YpO~x4f1&RRduO0JSsg@SC6;|7VP+8-W5xJ%lkq}abF8_l2 zy{1KG%w1;%zF+fsNG?0UdPbA+5d@wLj96jI;AeaX0mU}%AG1V0J7dBjjkh7j&Ol!S4+=wSMMKO;#6N*a9DS2~Omw#}0g_G@=tUZN2HU ze}t*ie|E=`2cSqvg(3!>$-ar&79h7r;G4(-$z$o!@1!UNMJQcixlrMn_HPVRGa=Bz zvuu3Eeve&9ai{N+!^cRTqO^#VBw*fd)q%%~!I(oI6g<1aI$xOWxssWRa>Q%g7X@b# z4o&qf514J z1aap{g&tbPlcb6{Q01q~jTY`6M^V?wO;Yy;@~P?JnG z1B}Ppgh9mwIen$Ms&JC??*~f{EsiCfw)!Qd$U-DI6j^g{J1$Xt#hxW z^%eEI=pt0CCq)#mhM~odge8&3AWpQeWEX{9>`=_OJKGg2U)DZ(X&W09lM|3H3z zDS~XJQss%o*q%PuSZ_{XTh!v>w@}ArHuhgbxP}8~9fC(0z?yQC!?8sewAZ;AB>Ae# zy^S(cE z>bj?d^Vv}khV0rXg#j;QwKc7CE_iFaRh;KDw(A?OnR`m9?gnT zPFQR$Ky+WBN}!%FnlSq7+pG9_^|{xi*X)xKvB_^EdY-fo*~{T`hPJ3xvAFgdJBDaT zw?o&1YIi~ubepC+A>~Jj1oZ;%_{X-PJgR*e=!VXiPPr#qH?gb8^k30zKXnr?XlnSUfT)fV$B=RKVniqlOWTCRCX^wrlpB+1=K3KkjL+1E%^OZ-Lt(;Mnr9^y9zIvW;fJ)0oG zW!$VvccqXZ@I|n>PcH>w6$*hcR{};gnF33RX^l{DLuhp2dFIL$)8>rKC`W|jN=Jm) zoMr~-3U=Qc>ROy?(|FvOrN8tx6|=9)Iu|^o&pZqQVO&LOOD0*?DA3oZ#G9t&>-VAa zKIcp@f`X3UiAvqnsC;?s<69u|jCUM!q8t#yH(9Mt5Es@e{7NDi)O>7dRImx!*0At8vH9muAhf@g-MYj zq!w>JNukiwuphlYd$DSN;fmt)sUhl^R`edzh^;dGIm0+(BUZjq-J(CTXC%_jUKYLj z*sJQ8ph*g;;p0rSqVX$_zY&g+Em4v+6_4vd8Ot5gK%$(hnIeVPDIL{PM^4A-GjK7o zYez=F6W=F1L&-$ai2ced%U7=91_M2=EDlr7OadCQ)m! zi1JD%;5(f&2bYB(G8~_0uNrTaO1i z#s;_C@5tNB7&XtCn8c3|XjHd#xEU9q$32sf*qwkEZo~xAS6e3#JeXi0O45>GQ(k{L z{tKOlQo&c&Z_em>T(}&=+eGV&)ybXyewv+ld;2=xS$YbJ)x8vNU%cIH+G{}3#;@V|IkCvV zs^UQ6)w_&0-KX4*rZ?r9zRJGnLZBuj&9pZOD{6r-h;S(Lkj{rZ=V5Rk4JTEW^3>oI znfxCvjQ7haN`EW55-v&KRfMk$(6ZkIi+l9Pg@rQ#es+V}n3b>6?fb3vl82IGgf8)0 zvM1CDnvk$rJ1g?O%?4xmcF9Vo))Fk-?2NrF2T_FT2VEA2A+L;BlkabR=gy}EF~x}Z zr^2~NKhaT%b_ zO4~1t=G$d#SveZ=ca)7rDc1FE*c+<7#kjZRN``Y}nB=bc&r<6H3V@U?(JK9fBXqcY z-jGF~R#?;#t!o-1U@Eve%teF|i$jSU)&;~a=0GP68kB^nq(9C;kjWoGNXq(7F)5=D zrUaAmL!@>YO>#yh1mDe-unX{JMgj%#7xMFifp^|t1jsi@_C1HJ0qz9lDo zl_pA2h_c%U@S!_I&v+&PDHAlG&ot^so{{VYoK-na3t4CBpmUU23cYn-cKJc8PIg~H z6@Bt-I?(XkcMPS$fLFnpOPJLUApj?sFf~j#PslsUnn4LJ!>oBN>j}yZdrbj**?d5u z{k?eSX+l!VtKWXhCX?TbB>Qqb%p=kQi#kJfO<^zZ-2|V>)OeJ!6I2fql-pAaq=EP0 zXZ`1+DTbRoH0Fo{rfA`OxH#r1WVSdmPD~$T!#=h)!4Ksb@!4KKux-VsdkNx2I7u=L zc`tq~iX`Sf{1{YBU2|7d?Cgm#ZY`K~EX~L!z^9s|SpO4OGS`Q`0t|hZlO(_?m$k5M zph->Zs?f*8a6lTuDj$9WGj;kP4v&m-F+ZGH>W1c%!FX|jVpmM8^Ihio*RV&)%bfR? z(U}?aLMXc?2&U(GD?-@8A>S7g@m7-CGQ_EOb$+_w;ivqO6!NjgR%K2KUbN z1@i#R7zEz8B$oM#)SV_h2A#6hu_8V3LeCTXc%^yo{sulr@V?&f?AC2UFIhWSBQ@dm zQH+`6N^I9GJjFdHN4CI=WY_0oB!>i1E(-N!STJdva7qarhyH4NGIV zAIxNNmb@c)IH3~plQg8u5E{MHbaKK)IqYe929Y1VQ#A}NF?%pqn>R<25u`MKuayPq z-Gr`qQhH4l^0o3G%Ms^)8W1%d_n_JG$C6xPhm2z-;NdJqJ#LUQO2kkhekcM?M9wJf zS2=HTjfxxsutr5PU-Jbdi8CN1qo86Uo9v@NV)myliDRc4X)uQhQzItkh>HJYMd{nqHNXe;T zGfz09q)V;Y@m6hzQ=w?Hs6l*>V#ACGIKGd>d7u# zS$0@3+$t@x)TrO5fOzL9-Fkk5+HfbN$ZM_k96 zI0e`|24~e*8M7Z$u%~1LuZ{`5eyK|>+k#XK@t28=4($7*n^1YV8w^$0>RU_Imf|0E zZnTY0p&JV>@z<7W9*F7DKUk@)QYki{qu{yka!ttQ-V6~nF;`u7y$IbD6rba#^z}L6 zy<(EHxkg&?v{;GOueAztiz7aVF$+5po9WF#3qC!I-=Q?VzTltcE(b>&v$nyR3#7dE3 z_pG-6a|r*0@W?%Ppj&jAlM zH!=T~n>;_ZwmkH7#}vf$uxQ*Fj@~`}tIZ5m9-HY(O!f?|w~*hE#H%MM1Wh^2ZHG4L z=A}J3*u*QacJ4xV=_+gLK-e)^Qhw|p`dfsnm{i{)V5C*5##PF(|D2p4yyL*NRr@kZ zyftLtB41G>;vvMa9_eEm@xmV54{#=nrMyfTrff&_ z<=mxAuNMf10Gfp5WbTYPyl5 zawMvI5T&x?L00mgcnrUZ#jQpaaKC(Fa{sDmkKK0vS=)HJS#cbTRnATz8ACHR?Pjou z!|gN2V1exxHOX5xbCI3q0qjL9v`sh}2(VA7SwJ&@a;McxZflroMcsX!uOI zEq(ACKl5AWZh#*~*EW%Hv%I)^E^h1$q+fuRpIKTW(s+aZd}6XFyrO>mk^8Q?-0Lcb z@o4vy$K%$<$Uh=R5-N`J@%@SB9j_*D5);%|XtV|fI{|EvkXWK7uREx^Mh6Yg$9jJz zoQV|si6RL&(x5pW;SpFL2Ugl0&LEh>f-1c~P@qVpPxSTJ_I&&N`$l_j*WJWYUkN3o zn|44ZnuFDy9sXeDi|P@TT42m7P|ts1QwQJP|Do+#o?v8_l@@=4+KM%qPm%G>>z-7Y zI>QRJi)n{I<}h)Z;zG)q(C>wXsV_a|wuv>912~4vF4=R02{4IMe*K6&$;9o->Q5h? z@{wYawG8T)MO(n0DZ4Q2uZwGVLc5$U9=cZP;#|-2>cVU-Sl>fBhk*{tHo8nX(|t{J zu)ECnCqe;JCV4${{QUOd_q*!ms}l%BuT017pxCZiLVsj6=${o}|Fe}lQT@fjmm>3U zG<;sz?o0cddmd9L?80{k_YD+7ym&naeiL)2LY?=DcaLwLGUt||#YY6ie2oY_C2Lno z$O)@^*Db`nO8`wYIP6`a4J(t6P+{4cXo2_W!P$$2Xx51^wKkuN;L`g#u4)y%((0Yw zb_Uk2cH@vR)OYnY^vsL*YGZS!?B&jxJ2c{AU#PhC3mTSXW-g|6+5|~;LhjO18N0+Dsh%xv=?l64oQkG+Z?x!LOku3Tt@O%4>Q6%yG353v0H_Co04S zk=1pJ?;f&_P1PGwr8O99bM4YIj z#ateovXq4|tgO?5ae^7KW?!|hJ{gW9Uscf6FR&_**=6U1$JFx$Mh@iE@H)`j@J?{s zHThusr|}9_KL-3earv6BLv?~=jG)ovo1g7_tGE~PP^Kn}35Ec-ucw%e$B_n`dI0r3`@zU|tgqHEF zMe)Yy!ZEF=;R)G2$WgW(8STuxy{amU=B1Axc>5PE<9LW%re@uwk~B=Qc#SKhNvi(# zPVKz%7Vvp?KP|qSG;s%urRbZ{w+&fp8nv66Ay4HS-0ZH-pQU+=J7sG+MKm`-(aS7j zdUP>ZHG2N!AAF0_wg~d7-<*Q#G?G=j6aMJf)bV2YXna^*F#xZCUHWBmYsnXSd(?qN zVwzx4)2P?hUa~&-(pgo}kg`}EZ}rOo)5sJHO>Is2fj0FnKlx7ZMt|)XlBLbYAYAr$ zxrs32$)S=ag_m<-6~2e^yo^PImv4@&CDq|1T)GNvg@ZJGNof;gvoKOcl!=o5Xll3` ziH8y1OF>6G2NB8Z`O#e^#pN?=oYaG;3%}htX9XT6fPCe?4@64#2c$^tabrnC0)Jb~ z&ya$u{T(uNWtZ>DtjkvW*v)gWjz3)0Xv>On37GGSJzQWdO@3f@CzDDv2bSaS3vNnuut4lFW;ct4yI#N>Q&y7JAbha3Ru1 z9)JIr{d>5>1M4hPDk*6yO3NGq%;d8f{iMloVqE?(-q}N@0PXx=0~cRWK8(C%98{({m=)~X!YGVWUJG%0s;Fn+g2UGu-7ZE;xhL5T%( zA@YQ~2zsw!3ez9n3OgYp#B~Ml2IY%XJ=#y2Lu9` z0RL=wc^Snmtes6A0gU3-hR&vmH~&s7&Q?TC0G zc2#7Pt-6SAu_v@u1LYYk2Ij=ex>;($sxNXB9x?8E_Q=numk@TbnofS{$k!%iuN>xu z0lVBkI~NUjoD4Isy7bz5V)hvC4Je1Z>5TDKi|4F>J#2hT#HMS~j7J-+cG$mxdsajN zQYJzhWkQ24))>pfI(;%+N2JCyj0NO(eaC)BMnAK)ALcb=k#)FJd7a4Ninjg9DZWc3 zlZC)4*^5R#iWWslVqYahW`#SKqF6|%42u@gk`;9W#_J!NNA@>w=1FvamnRk>xkr$f z1s7F9rlT(?)OqqM##cb_uwW-Lki-QBQc353+exSz#wePk?lZvI9J65_D?I*GUT;aN zq`loS+uNKmzCJa(U~%&P!D-ELIMugDA3J!ga`^_{+0kzC|L7I#zk8+PVQ>1kQ+Bq_ zaQ|9GO`VJ#E$p4`909CMe_={+jKYRarvHclj4Bp3rcPumO!B5~e^(_t8$(+-Mr9Wx z=YJUykrMp}_K!stxPMM6b`nyea)$N*Mky0hTW1SrkAFQ@_Hc4GwUM$lvjhAMK*`kH z;%|5!0BWJX!I{#)F)BEkm^xb6nggi+OO56qFZTA0A>I)8-Rt43Bb$_VBrD)fj|Z(CJs)(-(0oXnEuIx3BbEqwh|69WOKP3N`tABgoopKfw; zF*7hT1A%ai{}}n_2@5kj1CWW6{cqF%@Ox1Nq0Tu&|vwK%1V8jq@*tjSWB#WMXGvXJz_J38ueAVP;}sW8mcA8Rx~hB;RcI)L29GGWW{1B=wD!EfN<(%6ckLJKsrn0!4%q~qp!9einz@WH*W-+;}jV^WGpuOD9UFa^u?#{3!ZTra{Js z<RUvCSKumd2V-FCPtW|~{sHFa zJ~5*4TO@jL8=E@#Cjb-@-2}Wvv^}H;id3;2UTT}h0wmKQiV6J`!e3O&X69|K&AE`n?@ z9jfWzom~c|2$B8}X8=lOD zph@&q&?SK$PH0^_f1 z>HDWX-V^5}H|&my*$d&#`@J2{EprjL0)fMms0)I!R1W+|W(I;YM6rw*m|xG5DPVDl z>N}uCsjwCXGjA~#_rAz{OH@UC5A3=iT`^rg)%|Oto$h|(-VvPVcG_2WeQS$&AjXR-j@;(XM&n&e~dHb zh5VwOq$)|^2YKd@sEyG9QT$+#iQp>dTTHUrv1!#4M5!STOb{c3Q47@G;0`#c(e}GI zwl{ZULmolC{5{J8SFqM2%(6ff=Cp|v2K~Lh;0LFiyLw~_k<9Px-2w*dFhkVm>Kvj} z(Yc{4I)z95?;5roy#yuAiV&&YYLW*wF#d7MApE!ilA^)HG~w!~QK+qCW`GJ0JUR}- zc_*&)KvT86t>J^938<7`Bl&UquEO7Y=ACixey6*Pj_`-$h=vC{O(2t%#O&XNOjPmf z+cVgE>^J-}r4(%UK6C8F{rmRp8*fGqM?o7f*#&L7C0DC0j2%QPx1i6tWYkP+0#jQ- z7LST*KjitTz?zErI0aq^c2w*Gf~Hj&qUbS>XpY3-V?tT!8kIa@)_f^+z7+`)vqMS; z8_r}d=6_loK6u2z6A#Yc%h`|dxTN><53I5$$KBz*7_(@u!%mYh5)RmEL@h9Q%i0W# zh+=Sf`Jr&kL-IqcS6gVuXZLW*b7_ryl`*MDjI(>K0fcQ{Luj3YW;}PjH_Q}PQ zbtX}>*A~0)8GF_y_}bD$@kQAN{dS#R6Xs^Dx7F1G&eH&IEoAh^(~$T@!?adA|J#lbgfO6w0i6$`8e2#Y|)y>Bv+cl9 zuyMz7zmLK$)SwdmT91GF*&Yu_PmmDltC?^S(BHt>)NWOH=Kgg7!LQ#DBvkS1os;pN z{rVv^HM``lg=73j1X{4w1P+W4FljA)-F8weI6pTtmR8&FrvP2QgcRBbk)=Dq__@Ll zP;1a@`Prqnsrde!p@$oY)90h_L`L~Mgz%8gTo^FlR?R|=d$8b^(ZhM-p_kl|;bzMQ zCz#*$hLk3sNN#};d%nZ0_}`JRj5kG{{a{Vcxu{X>1be|v9}tV6QT+_~5!LES4MR)< zDV(dGkh;BNtup*}whwN+!_PquY!J5tZF~t3u&wQ0+Fe_kZon?~Os^duym{r!uY~sJ zeS-%jGNI?R4S`1BA7FQv!H_1+Zuqy&68QI)7uZpv(x54Khp*iQNI(7&&3_c$3p zK4wteEVzVY-SD9^!(Ks2Aosdd6}S9ic0`!<@q5$Yo?zxl5)i>26>MJB`xNA9`8&R{ z`9C|i+41yqzgoxN+yeGGQ5@Q*z7XS!CuW{F$xN>*_aSklkUYMO&V+WaUr6MSjy~EL zUPfRCQ%`nmhLKH+(T_aV?47Y4A>M699&+C`E{p!aj0%A`GPH38gQpSA{;8z{;|Lov zrQ7rNlj+7DL^%%kJ|#iuZ}Il&A$E~uht3Z8WW)KQUp)@T`a;nW2z}m90{5^w64bNX z%hTWU#ps7JTnF&^pi0p8s5$jCWb@YM=o9DqXSEU%Pr?sawe=8y;&<$=&HzV1xWD~z zYN?iOMT9?2gfF%LayT-m9e(BdI~~~!F%02kU8j`hZ^~p zgn*dqfpK=CZx27lQuA0v(2#-F^4}fU%Kf?%$V5a0EYVcd^^$hGN27Q z)=*-495V`MvLgX1LSim_Mx-aA?AreS7Uyu!c2<=@O#U29Qs zzWfRTx`!akrl7xiPTthKa{byzU=@>zo7rYkS_vFGfHXpKQ(^fB{Tj zTpIqjzyfPq9;Y|V@}6FFKmTw0PC_!BU}uuF8`3}nUea;o1uw-=3w}XOo`?>rVC(zO z(3XR5NFQk!OU&djS3Ji^LfLO<9{q3l|BG{W>aK)QfNj4{(y`I8ZQHhO+ji2?if!Ar z?WAMd#)?;*v+w-}=Zu=8Mm^29THHD3JklwHTy6R5z^^!-*I)KU`216Dd;DW0kH0@& z!T}wscvo!i*G9+@*JgVk7!|0~{WEU+Ccb*Udi4}|g;ewSt3o_snz*}h=l1btvCU&Z z@a<=E_Dk{0{w7Z2+b1p%rT$}Ull)hpZVqN(-}T#dCRdK*ua->DA8Mz(G}xuye5g~~ z0tEY0XQgSs$B)u5rML=cr6v>=<@gd}jaQJqhue|QX)lg-tjiyl)biK9wP@QK5O@CU z{puZ83GD={mF&-KtHLAd({x3&_oj`Y&9`*k))amFocjl|cUikXM%*a%goK-DDDfqV zW=jnFEq~)JNE>7GZ^xXuWKX}bcEA3=KRsBZ{=0O2d!m8R@1n1~DAdq@^KA=!bMqk! z3Gx>%W9As>mzGj4EvKoOAl7CML@>{(@mA-KA+Ide$>&36xjny+1JhAw<^adpMlBuF zyfjV$HU9uXDm-=IR=MYvdwr~T!k==%`SOMM;NPsr|J@AFm5%p$7`Y7IaYG=P+wJrRrS>=1@?CrsJ1?+VB1mmss9f|TkX*x#S zzVK+AW&?<~%I*Nvgzb|-5q$!LOj1^kT<~UMD0i& zvptKLU>=?A*7k$}aFft`AGrkIAdiJl_#}->O9Lq6nNK;b_45AVX;5)K(^j|GTyk+f zIVf?c(f@PX8S`oEoxXNnQ&M2cSwO2{<^u1%a}ynix=YbD-W|6)w$nxTw);CT6kE#! z@RO@nvb*X6y>`M%K=SrVYO}C6{u5A-#0&oAZgAf`96PTIB;8cg8rQP}IumOFO@D+4 zE|?y^7_o@vMm#J{d;Oga_lr%{u=zwc#;_Xp9EHL+f z$eKE(#)-G@AV0u&p?fqRk1`Me-pJpcop`2P=M+iDfr{r(-K2gF@K<0+7tkqOTLeOGVlrV(4*TK-E?krveY%|cnmDW$E01`{e$K3gL!kc^#^MgBxp50 z`kJ%-2P^NBadV-co~b8r%cCG*Gsx>VsDd)#&|rucpZd1G7eC?lY1DU5RPOFW@UEOz zIOT0X&|rJX#})ZRfQ|7ve9xUh4r#n8yZ>(V_vHZxz!SP?UK4X}t7m7g4gc)&Q&-o} z=4iav_mSAppReCwjUylbsCP2oBBg(~w$Fppk{JI?cF%2oO_G0a)ph?2lCNem_{qC3 zT?D>N)Y$=WfH&$b^YQKmgCJQ0>fC_QFDFAqQpuTn=W|$qYY;t$KMM6M;57t4ZnWaP zYc0U8QaTI1Vrzkg%WG_3y~u{+9eoHS z6`BEIO4Prefeubo#0eCL^K*1;bfW6JLr)zJ5HCZ*hK2I0p;sc9O4^qHRq|SW?r2QE zd!m`a=8Lrdr;b)ALlAcW5=v_LowQ6kubTzcoA{F$)CJ!5#~*SY$2I`|KG@K~sor-r z?0kHy2H4pdyNclcW!%!g;DNd)^yNobSFZ15e+z%VF2P$?oj@QKV4Xl0zqoe+Qi?MX zoQK2^47wEw3kamRyKO@X{2|L7`6diK9@y1ib*gcIfL3yFY{`N0i~b6P@ppp!VmgBcWZXY*ZOjYIN!U8r8Qy;-xf%=d3uL@WY^gS z_`PG}eRIG3S)@gAkH~{=(du<&`cxfB4!~!gz^t2-4=`w(B^1DRrZ-7q%p3Q{eBbsH zxO%rtVnq01kW{wjPVGgye0=ly%+|%9ef>zjJLVPMbN>UX z>0jgjj8^Q$eenqCZY%^A*8fhQ&)Z3YSO#~Sm#)=rR1 zqc0O?;cv_?N>}0kd3N5$dHIAGoqh&9DLmr6n(R${{0R7{LQb)71eoLF`hUM@)i-+${Z%Xtz_*nhZ3sSs3&e9b+ce}BU7_suG~3LRe0lXbF}Fw%$n^xBIb z4cMCdYZPJh>YP>-1-U-YaYkkU2OBzxs~D(M&~4Y{aO_6 zn41=U>m$68fcU@)dI|m}pu{x^11?qyN}d~@qz9X8{+zn6CA@$K%z6Ya3JcTztd`@~Z6fy^(oJgxe5 z;oT*a)pxcSF}~1d5OQV9^_0LUN|5H&o=DhmBRUXjY9n@hr1khU{}{k)gK6^LVL-sQ z&u;JE0bdtEjPas4-WcB)*cMAeu???nUnM%xuNQXo2yo)4z4B3)cM>IBcF+MR@^?VG z7cAN9T;CPA<^H0Gmb=S&i&a(>)?Ak(NHo#?S*-h(M-npgV$)}69vdE|1^4qi@_ zS0*dGC;0$Eui+(oe|%u;$iHK_dyLPY-r2j{S#rg*2ikt_eK}O$bXP|A(!Q7bV*j`) z9`XGIz6zAy^u`8ujo&MNKkoK_4tKK{w}Eu^feyjQk$dC$v2AO1z+WEKAi8N#K)g#y zVcfTPI{AN4WwOVfWu=3g$o&!IPRK#PAZ<=pC_q@-*pc?{myqg!plExLHq~$ zMfv(gx#x_59RVI!KiQE3*z|kl7d|fj2jBYrhXCKeV zvoQFy$l?*kesOFc2e~t#m5K0lurpjA+_w$!i~x$l{_%l6tv9^mK=4P!Hq^Qw_lP;< z`qm;z@TYt`kwAhtMy}1V_MZNYvOVC5Z#!NyN%L+T#{ChuRCb$E3x2hI^8h^k$S7Orf$ybd+;~*I%Fg8`Gap!=E&F(n_<74JJ1)}8nrB{4n|GTH7@JmLajE9Xcwz)* zlC&|hhwCh&6Mfqo!#50Gx{>MBBApL!4h`;0Ad&#vvMEVq?P|1|nZG(YS3a|_%L5Nd zj&}hghIB@ejau}*bm{@Ou}ySMe3stB50NLb(~N0L8Vvwq&|+=pDg*s?cFeY}`HqwD ztvUsQLKl2zdsUck;Y6>NZc)B(Ynw9QOeHi8PnP&)ZZfb(YuajdGR;V!E`*K>*WPH}Mq9 z3V>vf6#N}PN{4@wqZYt>ea(9qA|?1YZBEguG{=Z?-h-zL*&nxGd{7X_o9)x;d?BHD ztQb(dxlmAisr**qrp7lFw^)2fN=VPuA{NLX@N}k$i=^)jf5r3k*$DR66m;bI)hLTZ zFX*58Nv!1XiVRtzMV<#O9v@I`ds>v$iy1V_T}_`N@1%J(yP4$g{H(8rzNI^a(P z6ngk3_@I5kyahJ(FMaoXaepkmY`u&F%OR8)9z?CF?#3Q8!q;ZklK1@fp57@--zdAU7h%zxIgF^29^?*kQ`x-fe-|v z2F4z|<>uQ=I!MvRjD3znI^^`i=G;m4sEY_vq8ef}{W`fZQ|n|3S>!iLif&<=9_9-m z2=6uszYoyVu-M@9HGk7PV6+JZGW2QXagfs;LF?RtcAkJIi%W6vRrbzE{Zd&1!V}>I z*20{xHV@%GE#^8q-jUdR@X^LFxG>cRx*aeMA-eklUSI^mTY=n7FA^PS3PW>FwA~5sJo$@`_x$Arp6dCA??O|*TL=k{9aJIVLNyDxB7eG{0*3S zfawFu4t#-Nq%Lm1;d4d zb*o!^i-cU-s?60s^M!$RuUo!b|I^xAx|+(>K!6J8a@g>1~w^eGFv4#i*SpG7vdM>*5yx4Pf<@*Pgzf0 zPkM1fR+WP$X)gcs?LQpQs7Md6Etr_`rbH!U6#e^P&1e@g#&*Kf&-3O6|(hA%Mz z;{2q!iL+z4CPlbpd6x=2ituR^ml8a3$!TVn8azhI2@7uJwh0Yx={D;FozOp(VOCHr zA)CZEv^Tal4IW}25+52LvrbcY*#|8Lp2LIyL4-i;S*%%{EchA7?H8O#yYyu9@aq)S zV>NDhg>?NQ(dfmZ6Y+=V2ZV>%2NUl|zvLb@1ByL5#&pL-&58D@_DR|k^@p1W{D<5J z{fC`97`znCVao^p2OMvDn?_&d>>bKIMnNLS1i}=;B*HYppt%FMbttHP)mN1OwE(#Q zyrD`2I)T&ddu%+RPsu{&kDn7LSDSa}6r79Qo@JdxFK~qHL4J=}vV%SxB zRcf^CQ%ol;<{c~|*p)FVHeubZZ1noB*4R2_X{F}2+?$|Hq|NwE<(rIE;pvr!6y4OV zl+-Dj6OR+b6NM9o69@BFm-r?L?dlrUTlH01B&^Cr?BCmPIYg9`b7q2XVV^PziA%?x z4^VH(pW=GQ@Z7RlQmm6gTX0l`DJ(Qfi85+susJTC}hzR zi&RPSE>>)@g^g@+V@nV=Ws%Fl9NVxhqIMlF5}JJl3%CrPge@T`h4seJ^2c zid*&gYXOT2R+OpwY#|nlbXoGQR!~{8k5-adio6T6Q`u9xPc}XXy=exLnDb$7D7|^R zLXIWT7pN!pK4|(?J;goM*BZO3FI2v%pj4z3q}2G7_*BId#nic!xm3m!|EYiz*^|F6 zO57!WrGB+|8gW#6RC_dg)O)moG?J;NQ_d%pC!sDXZ`yC8T1B5#IVu6F3bg&SfmDGs zfeYqO77Jtm8q1VslMJjnHtHFZP%LVR$b~4)->DU9F({_$Ww2EhGF3G+RaKCcSvEqx zv<7lQ+3dT;;|MfwQp!^=+WBC%@4%U0|XvFb<5UhKl`)sa==tyR)h z@~ybyD}_8O=?}_yro3 z;48wHM(zYPB3VF%qT?%wo05;g#u?!z(D4Qtl}_)o~i*6{aiBmtO9{KAk+u zxg}p!3L51Vsw=e1)|YPX03Oxc(pinO3fC3yCk-E5eQC{wtqc4o1s}}b?7CHj1>bX= zuC%&h(BkuxfRCWRP_N2|Ja6q+-Is8@_5WfMZ;RVX*&@GbaU;#F_>ufArr2<`5o-sd zJLO=}-jsT+;K8XoeLJi_RD2E7mdQWb*5LC(w>9O_kiKzsP2ZNCX9jGJ-#ELLeZlwu zd=11kqg`9Rvwnqr%P21Fom;>2eu>f{cSq>Amba9*(r+4WV&BxPmay9zyi1Dr!%BRZ7*RBF)j zQS#B+BezD=M>L&*k8vH6e);B6gi-lXA0r`$#;d}g3Vbwq$blGvm~#;Z+t`yay&MOfj8u)oVClpT@#+rjUezB?l_C zYzkRa@{4(#$RSor2oj#6H+?q=?CW3pUV>fV!AaVAwz2tqt9sZ^pQ(wjNE(v#Z<5c*= z)+g&u+HW#=z~D|Xn6KC|;i4|%9k2WsK)PowR$S6N#ujvY9B5i`P*gpcB@M@Z&Cz4I zZn_R5<~?o9?@}Tn+@tS z5o|;)ePO?Mzeh;f_8i?g^yPxHh;|+6sW)G0+dgzFK6;z9*z^!Z!0-EfyVP!I{_{&6914NJ zWpZA&+7_VC;Wsj&+*)k>Z{7KbQcu8n@t9h*K7+%5?4Ne?*}q)R6ZOaXzSGUCKXiI- zUkIEG1};mB=A4ZE=A*UkwR-L!_@2A&piAG?8hxlMVE0cD0+PVf9cjG4%j*~=hrNZO z!1GgDmyhBw>zn|{?`YM2%W(bvP?pyaplRs)6|3*q_x!>OybW-iGw}KeK@xm_O;$X3 zWPG{#c^DXcY0mn;;-@`lr9+kx`;dX*(qO&THa&Ru4gb-F_t?zR+@fP~Nkug$&a9h$ z(ngw%a%6mTOiWT-A~ZZKOC&fJl3q&POd1`FJVDtQsBBy7y1ELZ;9GByx$Q_8`>R;@ z_wuSXbH(`H(z3Sgv)O8Yxtr+}jJ-;iKlKhhb>yTDbXX?#Dr|SFgJVqwzR8n>)Nd+GBpyQ8P54KKQSEqLnM{3wKlwLm~h zv>Z^^W%Uu`gQ_p)1{GU(uA?Z-Y*KuAczuH5-uU9O8_aWBfyG}}XJh0p?(L_dB5xsq zPmOC!s0#J6*oB;)2Ql?zb6L{Fqg_A76A6NJXk4|t*6S-;fH1Yu2ROet7l&)EH7>CC z#3^B}>Kb7BKPP6m8qo38)c9Cmt$VfgkXR(8`ld4)+SG0_HFUY#p$4ul8)0Xp^Y|*(njorM9`f!C-rhNP4F*MRD0Q#Yd@KDAA0}J5*qo=YjOIVd z6!mg^t3k*k>RRbYm2H$O7~@;E66uu7k^>LIkGLi~tLy#aW){oYBK|S8NQn2m@MEiS z_w>$PvWm0%{!pz>X?K4%e2ayawa0ZD$yYqCReuG>F#bI;g=4}Fuz^0U!VM>7sZ^k^ z)_1s^8utF?Suk$WP5%L8m+O4on+76b-ykL8mF@lI?aXP3z!`(uc4yGk_u;`r>4YCg z-_k1icw}WgWnYB4W|h+*n-HiF*^R5a$cnvIlsN?VlP$&_D=2qZ7_iCTgEc+m-=FnZ zSzgc~Xl6x5^M;AnMvt(bG_aMF4v-MEh^t0Q)2t?uE#oY63=micK zudGI$vuWc^iR5hO2jqMNvN zsgjN(KwpHD4#7vWBjXYJQCKif(O%+q2Rp>Xg66ZAc#k`A*0d z8UaTC3POWaJjT<1JA!SAe+kMUhM;5YOZu3S2>^rw3;$EJ6Nva5ESrHXBQV=CvfCvSxEY8aZ`0Bi;O!T93&!X}}b!1xVGM1X9D97=>F*J?K^q9q!(tFpR3 zwOC2XPOlk%H$r}VJCN!^U-I`icmySlLHsX8>&m@_%7HU0skwjrT0?ubw5TnPs ze3|%O;&!s4N=|h!OZorNnxF&^Li(ZZ04468C~=00z3%tCMMR$cp!m7*{o^22JK`|U?c6&X)P=ba{V?aS%<78^U)Txf z{1jf`$s?di@_wxK%CnmuxT#^Bn)`2ck99WKp74Co#e3`<;kUl4Yg_X- z597NporhrqC7*`p(_Mu?CygyM>M``zf6BV$PEeY{bxSF%$ndi`&OC^XktX9geUI2R`31u=0AnnydD7Yh7% z8(NN7L6tFn0ahdGJ?bH{$g-#{3i_~X13<^GPDF{08TX6AuM4F$LOcQ?A~zx#8vCU| zu7(m#^=#i2r3ld(nRs8z+=!Qji6KV2Q2JNHfJoQsPAXk!m>IGD#2;9=(Xg_x!YJOo z#Kfz-e}vkfiBa*ht(WlbiBm3W?K-6_$u{cN#h&Gow^`vM_!RClA4L!2Q~fmBT4(Bu zG?};5%n3?d5nMq=4dEH{mLmC+y(u@;JX&r=5jT~5THZxTH{4El1Cii%il>AB&@%t& zWACxIKT@&e(vi_d8WC@lWWW;*QE}wbo6%+(4f3lpPX#Mg&&>a^rjvBFRmWkq)`+cJ zkS@54&MtH3eRniKb zQ}3EC8NVJmGuY{u0j(Xn0&YEznq@pU?lXt=p}W7cry-`_z+C+b%Z~zh1zbA_jU{is zxdAf+XEYF{`Q2!C+>^IvHZpA#s!|k`$&# z3m2~&7U`G^raBb>Ds-)?&MwtGyMYqxyrE=yj%cQ`oBp&BQNa(Kfp^j3=8tySM(0tK zj2ec|iFVmS3UIa@Qy}}=xyWt0{714$o#1?9Hv%@NX#brwd)0e3;Azz zo@_ciI5YUMTU0g_E}4`N%Qq=W(*qO1d>7(r5@na66y7xWQmA~X_iS9nrPN4xdHUM7~>TMTv)uc)n}tb|UY2R${oxuRIt}lFm8S1L!38yyeQCp4Nn_ z^k&E$p4^+tnDO(>JQ;%_ctvxLq>H>MKQdK5@$N*q2Xy=cZAQvx2=Z*Xziz#y#r$ZC z%swgoq@+aZ@dSu(K9l_XsX65QUc}@QDhEI*Zt5crLTd77A8H3hA4Ce;hZ5dIH;{AP zJnLXs$v|=xA4M*IC5ZHl=Z#kC=;#qldd%W3_&V=tCS&3-GXX%hz*-0<%{Lbr3kzDq zffV;C7U93(OPx%1Xzh_=%P2_4f>3C><(5TD^DV1Lgn!ohcHyKMF@595m~>4uO*N&H zq{Ur0Z2gQ-^?Gzo3(0sALgCrTG7o%5neKz(nBKa`7{Yh-rsbc0sB-NqWp?i_Eo50x ziASi;W*TcU4>lNDQuue;XeVc10^#bIF+bNtv18sjzA>@o1Vv#mbu|#2Rx;PVz2CFT zf+=pSa59s&abYnXvz(YVS=m!$HC^%~oEEvBIL$ow3X`rYQNCwgIkTqA$Ku~^?$oy% z-iP)?@XWAC>LZV3b`eBB5Me?PM1Kx&$&A)+erR_kC@fW3ZP;>=KEtG{8!|&NN#m8> zC1y+*pAbD((Q{NW3(p~=oI;VwFi{D{2th5OiYkGIRTuh&vvAIT>~RmLf|B$t=q3#o z2-~$a^5Y7zM+kScDU2S4TifNdn*M^Xr?a-P(ysi1SVimfT&r5eP+doP+=jE*?r^4c z&O4^#>C@1g2ywum)smjn)zCNZDP;{$QCB?e#LHdMmFVRiM}GflWlf8m)Oft=rQl1~ z*;)o!bc!*K9*z;_aiJU#Bw72Tt$fP^igfP$K4o32z2)uba!BqhV@T)iInC;GxBh&! zrp=Y1)J$y%A2$}4c>#rYjvxCw&KZQt+R3+B0XVTB9 zqKrP6yv$Xgvkp$CtekT<3HGt9BjCT&bE{%}r#5_2ETB{(cm*yvb-p&>sG313-P?-9=ka`W`8Z-{58w>}T_AN<$9;_fP||9j1_ zpyA5f_;*j;H!CADf3hU#%zftg|Kr&cw03pLTaofqTUDo7&{AgC5znDS4{a%H@24Vf zonkGKDB#{jK1vs{NAceVbXIlQtPx`^D~Xqyg|r1s{1Ej_aq!zhgCLECaC^zCy;-r~ zROn#gi%JHXDsv^?&&=3d4!7%l2wxum*7y~c;Rv2)7(qPDX@PCr_h8ETX+~}M`_b9J zwku)!bow8Q?y0IPT3T8Yiq!F9l)Zr)2hABfr%peNF1^3*CiU*3f-;;>?9?>CqbWz4 zz-lvIcep^t!vu!|px9La;~}!nYowj!!fuhMxSi$6?v!Z8%fK#pIATL?rY|d!dDHCo zpSvm>=(f9U&pO)|J%VczAIIl_M}SfB!k{m{(XbuAN!%>f=j+gO4Flc8O45$|Eb|s7 zx8~d-T&}+YfH@db(6a98GhPr~y}=7tYb1aNbzL7BY5xn>8RFjGl@O@y47;99>5J6p zq_#FG@G6L?6$97>HQ*Qoque2G#$u4cRS6R@BS%N|!aa$+tTR7`WM2ID6a*I z#x(rq8Hg`|(u`<%W>}s7vj6Kf z#-aPmen)ium(&bO9gXt?o>yr5r)yFFk zjMI-187PJx?=&$CWb=Z~3;7}g95=H-OFX)AJsj$+52-Z9_U>C;Z*jOFYzzhW#v3{E z3~Omckho)PNGFfXjU?|@6T^S3q3Cwu5d@_lsB=Y?J`;(qW6X^1es@UF><7cvSTk=! zD3YET3<7P*Ldg<$wH~IA|9gv)H{COtj30L9LI_MyV~M0I7=40dZolvWHt&xRbT!88 zI#J7oQAQ?rOqyqS^7kg~tsBiXeu-2$4e9RtV~`Edb8r8b-CzhD48Nm}(?n8{7AS<% z3h_z?;n+EH$c-4#0VIuSKPAM9P{AXKG?FBFOy}x|c_%fO(a231H1Y% zRgRAuzG~u(#iVzO4X_^Ex?^e0JTLGc5&m>sVW@@aOycY0J@NcN@|Qo7k*1@%BT%E^qnab_qohTe zU8+7(HYt7SA;$_X7+Iy9(~1*YCtppP(!$4PZAN$wWw;xNK6|az>ucB2KHz_q>LfiS>0cOn{sTr4!X_Sq8luPUe^#Qm zM|YcZO#Wvm;~MbD)5 zokQD_f_C-UW_-~tzckHYu1y0AuaU^Vq&fH?!=0A}Dexo3t^OPy_%HiKI@Je&T7I4F zZ;7zX7VH_(UO^9sigKN9$UCy9N4u`a9<$L89>lD&gZ`_FRfeh;)*pSgVzLvK7NRej zJ1=g?UQdW7lrbFO(Sq61BI8;wc0+k?;`~j!{VQBcu;!U(SrMj$G|la|+)#j4?;eL> zFu5E6jEcx~f{AK8!yw_j7fkmX>yo71v%|Aii?nN>e=%NcNVcNaBq6$5y!DN%%n$PH zK;T^5Aqa5l+<>;0igifTNhLo%>U~J#octQ|TGXL?`Jd)NO)sY8y)9Q*H6S%c+~5KQ*)g3232-1aJEr3B7lSLGV3hrspG#V< zvlXnZFz7`C7ql zDd6=Fd$^{fCgcTR>$p&B73jxcijZ3X3j+Ua2X*huXwUA3ITB%OuBqe{#~bzOq{JFA ziDKR}6(%ff@97FrHsX`PY7QHvR1tSHc~Y`AVi2##Q$&z~6ZLmernO0c(r->hU1;2EF~qcDTD=e=-)Im|isq3SS^9_aDan zRF6-zsj=2#{2MDt-pz$LkCy+(dGteCK=w;W4*BgzfLQc`HKm7UGFHwxJcO!eib(2@ z0XcHD)M0f>uaJxoIU)b`>x9Cran8xo1*dE-~Eo8E%SUWQQZJf#G(1e7fjB84 z4OW9FvcyK_{F?*vTpVTZsOA$dX2u!uCyMth+}$a8fJO{~eh?Lq*$2M-8e=EgDvN#W z3}^VNfA#~RTRjJiV~hK3OcWwAVS?iioQKM{UKV6Ma?*m-)Q<8# z8#i^JR&I1o@FPWn9BQgp%7V!(2WB=>=I=*B?!wrSZ#uE;BI_r(5?ZriNiHEjKT876 zTmommkxCTS>@Kq-DmH&zJ`vy?G?wu7EJ@a$G9h3h;@nmLAr?R4!V7;?_s^absjY~CzVVio@l#RGRWg~n*?)Ji<#8es1&{Uo8+BW%Ngh6 zBzJLQ$vj!1oB=O66Sjy$_Y&eI1wcGT1>M*dNw2@Ydb=6S9x-RLwvjtbdui_Gzgc=H z(NGihN&#PGt>izwe9-iBniH?5Ua5|@Mu7I^Xg>|cbH3CHk|HiHG7T#=n|8z+uAwt| zM^a{!3Fb2w35ancW;ysaVj^k7g%V_z;t~?`PjuqS7!6r9%RWReeN4m*jGdxVQRHD| zW&nus(^GcTLgGqa_n7IGe8o5v$@gpp%`|mEDD5)3EcLhHh}ZX;sU!CCxcC8UQ=VBA z8~}XWiK3VmrXTWc#BFfcMA`n3NRFoY<4$MYKQdpn7%E9#yIHI7<9|-;#WfovV}uOc zwAo~%WRKza!`GQ6J{*6i)y`cK2jZFa;tBD3P|Sy`cZ@a9J`<#KvFmae+OlG@Sp*Wv z3DiU4sRRm|Qc_a#qnqhlikGbC6sKYj!D$|l;S)qfPa-P#`r~W;I)7qpZ>}aSzi`BH_7OWl(I+k- z;RU?^3zb2Tb9A4$;PndduL~Z|#!Dr_M&N3QqN!Gk^28|)#v>x%7mbGT_=`iy6XD3T z^rn=A!fHGs=Wi!nfj>S$aX*PQCRyrQ66(r`U2di2V&Kq1KxUAY6lnid z6n{4J{mOzc$<9eVeM9N5PL{NIdNM zhureaSsp$9(XmY6M^DTZDPA`;ru{KIQc&;H+52@QV;cWz5l3}&T9mTzEN`A&IX+a@ zG{n3b+m2(@2C;1etw|)fl3q}NAf@47D01_t+>E$PoLrR|iDCM}mv%lu?qs==F}Y=( zw5HXpOaznou~9! zCA#=uXulI5Pr~=@k+MjQOszM!H|vAOiG9pB+u_o=V{u@-#u?O1WDm!cg@~@ugxi_=$&955G8}A?_bs&Oz5bBTGs=PWb0hSEkPv|tQ%`Y*dG!jO zX>%u}$N8N)V1pci>==K6j$C`jnu9lSfC!g(5nYLMXaq6r?5 z!G=>TqvZz9Pq*@xbVY?2zaz>;BWF(M8}yU56{L z%vz)&-dMrqNx&dOED@cE6P;Ak*cos?A2ux5De+G%m)qpD#!k;Ox>JPx0OVy%Ri#`f zFBy6nwGxH~#LCF}B-=NqNTk)qlVAIX@*0#$mV#tuP{AL)>HJ^ugBzpl)ERgs5*wkc zz_QlCSm!Fwn&3PFzHL;_XbmyGrFfoQvENmh$!}V!k+WS4@UC&;CI&UVopZ7AD?3g#hid zcZHxX_j3^YeIt3Fa*Q2&a9<_PWGvQlj#Wn+f^~Mtsn}7A{pBgHnm=s+><%#wH!xZmtfPXry$8E^M%j_%L>ua;+_s-Z@pgoI<*?QSkY z+j88_+us__Fb_4U1m)?~u4jtg*rk|9BkCH`s~Fra&Ln(*#L?r)R)&pEV>FWpGg9+~T-Dd}Y{R zJC?KMFK?6b5-tqYjy(Nr#cXa4A`S+%Y!v$0twNV2AcKy=hNj6*iY&4*Y{#%blnACP zS!@2LA~PuRn?BCpm^j=~N7B=|Go>_DyAEY=Ezl){zP&76)$pzE?1=m>EG>>Y} z7=PJit>D=-Q*PPQ?dHMnGjUsR{o&@|5|bp|xa81IRiF5JCQ%z5* zhdgf#(^|N3HV55v3V=R_u<=d$nf0<E@pBCH$>0T`Tsf| zGqGIA@GLW=-Su0S&lg~RS>Mc5)s&y2_{dJ4%cr*Fl)FZ)dGR$1aU4yiB!S{d{B^4x zNkLzuB}-;=$R5d7UQnc}K6rFT5fK-va4gfoav<|4-@s;E>0Rqx{3iKmXfYfUEc$yH z)dHqnEF(!Ck(rE+jE@YA6AiI7*)1-RLsvtydFk}5sFXGzY(vAfZ)W#g|C9mTH5h|j zkeyh7gqWCs#~o~fjZz|GCQ^te6D=cbM7Z2freeuh0UA#IKOW4H>_aI%<#~de0*TfR zFaiGM(2+Qw5ZDfcY6%HIWLFo@!y$5a4BeyhyXr7!N25DV>C1=4y-*eb|%t4nk)3$cpsj9{a^AcSC^NURUm`j_g+nQQW~O5QHXQA1&hdA$ve;G z<5(toFBV~F<`3QEk?bpM3L#X4LA=*JdP0T2Ur$%ALu*`yQ`Zm#W>r;NNrTaV_<2Q`MiP-|rPk1%5XLO`r;ck0m3?%Q z!Z5fuSi84738fgHXSn&@TE8BL^_|ku zE&Y}Q_V2;|>g7q(TZBy;x9hmOj%i~4?*SAU?D>Zquwn?oWXu&XLvR$}2D*GtP)|Re zhGg;;8QS?71{^}70GCt2Z1!GXj==hOY2(m(MLKRqPEVp}+ zvSA(MT8N{v#TnZEP`kL7P*}O{s@+IjsQO-qTf=#9``uh8*Q(5^@tsNZ+ zvV~xoCkb-&!Qx~=a!k5XC}4M(&NK{fpx2t|lz$%dS{A$rUkoXu=NP42O*hm3N&?iH z%<0BpywY(syg?ychv1&WCq&zm3H#*X7QNBBxx0|;*p@%64Om~&Y3ew3qIq%Od+awJ zcehXc^b@~j0?y>!k2M;I;@tZMrB1SI^(?--pv|wJBPr&PBUP@mOO>FJMp8xmOn(RT z1mwHyGT@WNZu3@qGkl0%P`$Hs?lPpe%g$taW5~PL{BqG%>TYRgxt}=H*~Hz;Jxkno z(sOcbx#Q}7#t~WwT-ybfxMB=D##x=YeG?<@H|k+u7&lUx~DURLj&kE0sgrR_JB zkABsXFXPwDVbN11oOjqHb=QOy-@OTSL74kOO!WCfzLV4QO^k8&8g=@ERt3K6BWMAg z364m6(%cH03BaN4$YydU)svVz*OSxA2G`L@wOprJ;0y&TV|46%K;>qhkg@R4E!$^N zo7AeGfI%1}_wM8&C=ZPqD4{_#L}l^QIhp&(7B*>%R!_Db$5 z>ux#V$O$L1tRK}vx$@DWyl1?oLtvJ&wTWz*F(wm#32?AZVkY?6xsb?xtv{{~Vfgm&onm=Qoq&l|}5EC8DfGMMeM1io>_CQFqyPgM2-QJE>duIp)E0F;~r( zXjy)G#-ok^zBl50vEUmCU&+Ul2TVAdy~=JDE8~Ts75bKAP$e<&RW47`(DAm+N1lRX%Uw!WV;_eT1Vn>pUBe z$5gB|bR-dg+Q#-~>-LXX-r$6sGU`B`uZz!dNo?AymdBng8?WOmvokp~q+eCvNen?U ztMab6f_H(iK=K{3D!eKS$}0vI++5$K*5$qh^menP)B3@HNGL@OPf95H0bZ8!XFw@` zWC|#Y=?nRb2BtxcqJ{R)n&h5%npE`xjhZlJe9E{VrzOVO~v;SW37b;`!Q5=~Ie4 z#MAOseOvf!uwS@G7Xde@>h5s1-(h;zpyiDMhY*!uGL7B>ika6_`S9R_7)tjeMV=H8>Hnwh~;w z?_bVEny?=>2UncVOrnSxHa;CXO3I*!AP1n+Z9f^B&AAxd<;dkPv^)vQ$^CyX`aOb$W?c?d$1* zxAbfHRd-2tQ4_p(&gS8op(}Q45*wo{S$FX2=xP^#KlYC9wtIV0g=Yf(wqkg&9@tZ3 zN-%Pza&S@R=Ox4`C0e>)#$;-+AI>rc1_T#|8}+qR&%MYtygxL3=C?9IYH$oW$Z|Ov zRrGSIg^*Lyl|cas8HQiY2tP8Y4(0EdOai}Q22K!74BNkRD=V$RH!xYe{dD>Hp{a9D z+MQFO;;gD{(#Mu1Ds6x~r(~*x{OcBo@7qr!rRa?zX^}vN7Q0?$KQBvob9w*w)6x7p z!533cz11A>@6fd3)1Cta8qggo8pm=d%CqHhF8l z>be~IX*G{}J@!(zT3mk0X{*W7K;dfi>H{GA`Hc!)*M-+c$H(1JQJP5Vo`=_Q3IPmz zUlh};^+!v}jgut=c)(QAIsUM1`Hs*lfn~yPm2yKh1fg<#LWY>VGRl3T*@DDWz)aq3 zz+&*h<+)G_rSXE5s|&p+wI`7$ndKM8ufs1m^jW5+g30Fpx(2+;#%?E+$SRD5;U_2wEPp7Du3j>Bun?Z=>PsU`^%1oCk|l{r2IRz*K!fqr0Gqp&mkNWq$rMKb#Z)`Odm{ zh^L>G&Q-Ke%HkAzE>i@#l1ih?@v-p|jc5`;Fj-6>4T*Z~1Gq7MYd)7<$-T$asv^S^ zFBo_}2uO$LB9WXXXNHDH;t9szH6p0;PMF4TSaG9z>BqL1>84A0Ov|GTaznI}jv2s7 z=YyMrFwm|c+6JVt14r7GmYx8Q4)MW?Re4y&IJnvujKHA9qNW#Q4Vfp4DLo{Jnm*_W zFo*SKfabzYNIQPZ?54`dcGv zD?Xxq4l}7B$A{S41BUKISH49YZ0EB|n*WvnkVLt1C6UHcbP zFx^`0bBqf9lXv^;iN!GR4lOwd(jfQQuTNCK2i57T>ik1&gAB`jsoRH+VPKQdq>S^A z523(Jjc;lDt1Q58iZOK5X`7v1dMnFKjcYl}O>UayD=HdJ!($h}_{!91pUbOG7^_~# z$64JCwh^j6f44mvHh*r9aK4S>vNdd=NALf%>0TrDeK?Ed&2aG*nfulRzQ{E2C zd(<{Dw}*Lcb@vGR=q^P$-ai37Avxu1@EPvC@!9qid;aD!UW#tgu%@XqY-0?*>$x)f zY<+$a(|q3jl;QXu1%GGam{aQCSML=oe?!id9Kbfy@1 zQ&)|TGsRRAUIW~Rz@v_9oKOyI3Ic_?m;5~R%xN#EHEMCQ&B1Y%&ofDyno=TZTn1o~ zD}m(W?_CaP2N)AFDXiICxYOm5k9~tf09`sNfgoYua)gVdgO!H`7Q~YVedp)x7uKo^ z62Qw1A~jX(^PwZj(Af{`Pa+q<>to1m3O&q4&4b=IE$|D%u%}yN0vK-AI61C8K<}0h zJxN>XvOXMdeBHYc9Y`k`RzAzhUbQ&fEOZs-@;siHZuV`m;=jI<8>@c27D76ZeIs;1 zbYlh0QsvD@V>n7ljOrmwoCqfqq>ZJY;t+11Jp7iJgbu2yz`~6`ES?_7j-Aq+1aw)Qi)a86QNI8<|8UhF*e8=VKsXNuivIB2Ng07Oo^>Z7`v58^LZQnjkY5~ zPQ}z?iiJ>bX8{u2rNg4Ry^f{N(JXA=fZmEQs? zR{b{&_4KTulN@qHjkM)ew3d_vN}0lFBMAWTtBom;JL^2Fk;ydPOmTxaYf;wHRprwz zE7w@tFI^=pF4xU)UzgLvPAc>ibO*4^<5-il=^DwBM;&yr+EEg?R22qS?d}G*t8`gv z3Tlg}bYhuaOGF9S*o)4btT=V<&ZrO6i6SJ8FqNIug>l6K1W z^OFqML|+Yq+WAcE7LzLF6UJM5>-xir4!+AI-eLSPTmY|@n_I2&g%oYXN)x_ zp_w{r3}0tSwk-@Lg&3QY&lF8IJa~T{#lx99{9e zhyamR;|94xclNjggw z{Ge1NM`DACC9>0(zEPXlsnK*>iJD}O)r@vlT0i}LVBFkR(_2X!BI^jPm1IFUs>Gi_ z$A=^<@NM-%McDKOl@)DW&AxlrM2OV|*|gXBC)hZE+#=0jl3+*369jVvgIUutp?|$E=z-UauPYOzGas(I{11pm;yhDdo z?BlpyJq{jMcA%mv1!1A$f(9c3&1@$WTQPjj2oc}(>ttbnoLS9pldR|xBCf3DaXk+Y za7|HxguN6lfdBc+E7@eR~PSpTwVt1dgjyyIG$(#DR{p)i1fT-WAWa41XE-* zj|hIfUJ}(Xl$I>1?CfRBm2!x%<@9_VVw5##V)sjh+=DX`M!ct5Ajh?Pr3yf9l@oG_ zpk?TLNvwvw78~GGzt$oJ`Wk=Q5402?rG3g70NV3>07&EbE zu^#3{zb>EY$fYkV_BS$=D3Ee&&ONlKmHUxCn&+h6$Zm%#Lc3s#Tv`p%BZ5W@u?TMcUM0O4ryGnTh7F(xEoy*!H zl?xCV#cAeWro*|xfx7wINQ^AK#TObG9O;?mZtuj{4NAq6s!X_>jCQKMY#%yFo_kYc zRfAIj>(@ur(cTs;XRr+#I*T~Lx^Mo z+2sC?LFt?JDaza=FqJ`)`ha!ZO%yyBe2C2cy$W;c>}f@wH{O_OTjisZDdgwJJgw>d z>BC-plsl=1Tzw8$h&M;zp7Y4~{Lj2FDV7V&ILZo%XJEGGLqS%|5&hE*1e zp%tN(mGY`BxnEXlUv*4wU!R$-bQ3?z8HgkJeWU92(2i2Enyaf3E>#v~o3+*KOoyHO zJIBj8p+GZ_50GU{mB;GsdU!{vf2c*Wdq=qg89tlHoXEWx zDrGm47TvvZE1+~p?p*2`?^<&2`Fy!XKMxJ=-zCmZd{pc^+r1KoC$1@AM{!VYjq*TX z2`ScEOr$}rML~t3>>^kqpu*st+KVmOFQPLi6wy0DbnsFrEZmRc6QP%hNalUe$Sz^zFqAW2I2k}<2c)jRp zM!$ur9>sBzP;fjH(49830T63Q7fLKdQ1HN)geZ%+!3qCNnNJn{dksj0HY_nRWS;7S z=--^ACJjN7K(L*X)X%Ah_FQZ!je6s3KIcV-YF=1@xiO>*=qHPCrWeU1={UE3t-0g! z=(^vL)xYQZ5P7m#j(|lLUm2ne%Axa=T&zCrH(u*uA5XOYay*)TlKPP0+7j;Bl!M-! z_2IvH;_F6>5Za1s_qkaB$>@ z2Ikph-C5dMP$W&;k19_sQ!P_%5%gcWnzV`UPWeC2i+;vY8{^jm&%;b*@KFroGk6)I z!)}&!pQkf9o<}YrGl3WC1|u|M$K5jiluS-#T0Tfnj+`HWwwVt}8MRR(O0{pPrA$lW z-kY#2*$pnz0u4G1cO^M!64DYIyA%?b+;&r#iejqfO_$TOS5&Y8)tDqjBRwz<52DmD zi%PHIwmLqTt$j~n#oH5pRIKG{#o=F&ic z2eXcjUwc;Ijum@C!|8BM5TioiYlvE#>{D9oXvEiq)$Y6~oN_H|EP%|X2J?FVZB6g# zu5XSe3R(4-_ZW#TIpU&-^ZwFkmi_YO8zafTJ)yCZn@q zE9MfrsTMC4wd?vaQFX>Jj2)>1lQ3-inDt^C^i&)ak5*(t>PfAQGgn{A7Fvc{LarFA zYjaMRY4sNEEUkPGVFp03u@(jJv-1?XD2(sZjw^dK?msd3urfeqfTwRZTG!2&#t2K6 z0+id)?%xVNarXCL?av0YMNbnF)gn|Qv$e2Z5vJv0>oRx>dgv;8CUMX=Qmbx_@rpyGn^Ng7zxHs18QJ+Q}BM_<27cHbyR0t<7|PR`t*2ZpwoR8BGMS z?$K@5k*NHV(tH)5WQ0a)RNbbFDHE^uT4^wr3@$X$2Pamj&&$6fOG9@b;+uK7%B^9^ zWY@|=oEyh#gI|^>C+m9%# zfW};u1Ll+yrU}%lSX6~jbSVwwGfj@fAdL7ul(c1G1WRhizQf)sz$#^uE58bwdD|P} zfE{}9Ql~o9&lUc-Yr8k%2o-*hkZ%)&U{jE%6lr#fU zGR*zX-B5_3Qx4{X(}#)eqCLs^+a*fsvte{Xv#?B`rO8rm?xjwzCqzyl^5VBuYl^ZN z%VI~3lmkFLnJ!mciUcD`4mlGkh`B5r99c?$6DnUutyVeqViqTZ?8Q8@&RLF+b{Zc@;iylT-_|hE;E6Ll82zh1)}vInQFnPV?c=Z; zqay-)LDspOJO@B}(bLh5#!Jm-cqpR4E*WrZ@DVN{ulL6p1kXlyAh3?e^FbUSwq#ux z8!>oSsDEmvyLo)c+Mcd`txivMzDRsPb@#8TE5_}>58@;w}G<_#+Mxks9! z)BRY>wYpO8V#LsGK^(@zjrIut&NN2_D~GuLM1&_FSVbfo5Hcd(7gCVuh>pCiPAX3D zWxY@~4DGBd1xpSE{y|m({Z31poKl%JN@!xQ0voE;nBisluzZUvvcfZY3sZp+6xlq11 zwbid)X}v3D@rjuphadJ#b#m&5B6Tn~>qMrEJ7Qv|5kP|e!^lpV1b}`rea6XBDc)Gu zkwq|Srl*7@9jk&Z!d2MYd%Q&g##Hzsm@`cZ=Na=IFAgsZUmEX;3(1$+ef936$TA## zu9TM@BRPYcn1fZ&P=|od=GxCx@SxIH7nb*sjwbUJJ|g2fyYYc)apQUfu=M#6U5>s4 zsBG_IkhhU3_r}F8>7G@GD^ie}=nnrty}`1*RElW+Tg%Bu*pl67pFoK$|%Q-t)@P_ z(Ld{SAHr(j92Y)jAZ zqwav!jpR|23)2X|*KtL&5`kF7R`x)%MnLt|$ z|8l=evYR~FuB$mi9TG_G7jXCyRl9}`iK%#xEp?RU3x>JC5L=d8lhR=@ zNU&Ou$B+TA!^=Gio`*is4YLjZBF?BY_|eQ~HL;=J$!qU>i+Hw0I#gMLq*6F(c2uvk z=5S`rBGXvLGNepiSQr(>pzcZ^KEfj=+eNLsaa>vs0eY~De+SI&#!MY5Fi<0q>?z2` z9MfE`a9w&8OPk7&&DvVjFkUuoxNtzTXE{1LR$nrKclkr06sU^Lr^Iu8RsyfRsV!|6a%=~=vuNhJq7`;8Lq z9%s`E1{bHwOw5Q~aJghf7{R1xa5VDSnT2i>9jytS1iot3%P=Uxqv*N<^#YR@d z7B1(0B!GDC3n!33qMCahvKq3)rU=3&Bo-z$5LG^*Fn-&2;MXqvjv9?L&*))N9_C8` zoV?roQ}D2SH}Z)W}AThc3&jWTD4LCq5_10wid{CJ~mQ zG&;ze;AUqdO)e;zC#Q{0o0~kN=obTnj_XF_;$Z7FJPPWzue>=KW~@UmG)); zX@Bo|EN^?&nVsvDMrb=cp4DV>3Qf0tFRG>sR|-*9Zz}VR3 ztT)zwr~k|ycs+WIuT?Rb!n9ZkmB;bDp-c+e#08HfV2?MNXsV$x)zoKVUh6_~Ct<{6 z=rHuiG~L}#(vKnuKx{QGJZ9<8?_(m93V;j`I^>rm@yn%m5Rt5zwrW(9=YoUTMo67g zwF@T($^{vi1|B(r__Ml>AR7K&zyFfWigNnDg`!@f#-x8p+&n2sCOpH6_q>SX9+5kH z<<8%5kIEi4tj#zmguald1_IGfk zx{Sc;eQAT!a!j$2;ZzW(9cOUz@To##)#u`ue96t@rNoa$Zc%5jcI8laGz?vPSR$!BZNd1!GVH-CC1RQu$O3?<6U^Iwf%>K^9)I z`v?{e!-X3^j=F`l#SsHwcUv*KHuPm9cmw>>E1Y-{sy@fgZI$el=R+jL38zLDiX{lc z$UplIE*BF9LJUIwLyu6%fM%2dMg-<9xQ2qQhT$7@;pl)pq7m#@b4xWzsX%iN6n9K> z4OHw5saWqYycp((^IN9tvy9c)eRI}fFV4y38<+r4fv#s0N?z6kzD5&aCpM@2w_$i5^ z`l#b5C3%bZ}0U+DqNBVGZ9XX1jx_atm(?c>sjE$X9@5UtqK+^!EVw z&4^eF5Uvoda4S|2pdX(Io?`TdcW-@!w)A#``WNSS^Pb#_%%{Qka_A5in=1TPc#~}C z6_*wkr>7Y{D&$d1Ggh16E!zy#1~FKyc|dKuC?YJJSf<&A1y_;l@M`32Ekr5t=?`Uu zoUi%$8ucF1gln$23y*sA_byRR)LYIz5AL^~;5CnEbW#cRfk$DV{9C6FpEFEz=55=v zq_HQKJ-&|8!*>k7B5WC=9>sD-60pm>m4__3VzQfcRh7FQByp-y68CK}bw|5`M_zz$ zuS7DCut0{og%j~OVGG}sHUEGuewie8p z+HkkZ=Ufh{qTuyEY^hi=WR96d0(Q2XGWfv^>t*UoXG@P8fZe0ivss8T?XzVZM@&0( zN~BAjt8no^qsX#Z3I~T|PaANnS$yC%hQQD^59pOo8h{tl+$6B`*9|mE=D?De016p_ z4pUBiC9o9Mt3u|;JDDdfG9cAb&59YJ4w)zT&Z~Z9(p$w1>POuomhVeu(O+1VH@by@ zPs@fO-{{5X>RGHWfX3c`JPc}@sr^zf8C~`jH>XN!fBuoplEy^qZAUx9$F>gQjHGji@7uA z3SZxg6NP>r^8WqwhDP++Q2dPfdbm%%jc>Kq>4dq#@E0L7Z|v7Q*XP~c(BL$7sy zTE}aXyF=~d*a2cu9>`GL5o4+L5Q<8X$5_m>LS(w5|1+JjD07 zopPb;*dlBBRzTJtU#DB4mQ7l9_>q2_z_zyhXJ%inC)Sjuz^moKUr-Y@3vz9smvBAa zznc-&40)<}b}j~4Ew0+1n{1p&e@t}R1Loh4M;52#C6AXM1uQxJ=b$t|t~Mmz_%G46 z9Z9)FS2uu3-<)`06{iwZ%JYqID|rRRQ5zy|Q|&y+lPKw%OqAfgb>N>|`vE7U=BBL4 zr129h+A^Bvk;F;{`yO#IA7m|@-@d{JP@TBFU4&9s6r4~yss(*r+%~iM$A)#>#?e*{ zcn>ypUaM&0eBM19Efrj$qg+{Wh3P6efz0VTc_CaI5D}{GPp?jwG?xpSi=%Un>u%%Y z;pJ>D3mLD#F{zZOs&hS;h94}CL{~r0TAgYiHrd(X6*n;RxwjZg*6?{fE-vsdRL{8Z z;^NH=G4ro7vjIik))k#{b*V94ep3Un_`iluCh@l|@RQH|ax4meA8*(J#1w-cU8b`R zEiU3RIP-?S6h&ewoVW8REt?-G%fVgXqRz3;717{f;Nf6w@lNoU)eD`@m-Dq|efyi@ zwZ~As+h0ST?jIH_F1ml&rv6@NR&6!d{yE8+{HZ-=Vr=B*XuBny8QM$*qWSgoXacRt zvp!VdkK0Le_8Q{KPg9)#vq|Nb#zwcXo8D5-V*L5wZ5xs|LQY|@aueJ$9+>JvPFEF}DcZQtzJ1xXkLM_%$M?TkY_{(=t~=-D#l=zK;77J+L37 zv%NWr;)64}bM3X+D)WhY|AVvne0c*pHU@^G^P?TiwFjEz>O8pQHNOw76tucpK4~Qt z{(QYw_Sfn34{ug&*_^iJ#i^B5{54XI&eSOP7Tcu}`Y5<(z}3U`vzBIM1Gw_XbxM3! zW|&#X+fHRCh^Ol%#xmDe@yyAjhU!}gD#jI12h{Hk;=p#%q|GkwpjJ6k&8?VT_~_$= z@^6&w{!>B*`gF>k-!Fz-@-{n+CM%sbb;=eQUpM0=7YwhAe0z9?c|cC~d>_JIzse9R z1K!sBHbIQ{!#7gB4A>hf+mFW>1dg7IMPJC&{4S2U-NrMo?~6~X3u$!ARLJ)^^9Cz@ zl`m}aAXQxgQ5Vn8i`|)W6H{@D`B@sUHDDuQqeDQ!7HVef((_*uY}MXW&*qGc8d}hf zC6`E6xgg%VjB;y{KSHE?7K$5<{HioF5nsDU2zpHa3)Wx2zsbKk`L)Q1UD5)gwVL5ln=Z2$-I6pN3jg;BSATV*mQa`vBndN+CBw^v(Kt_%$hzH&)` zrLMqlsH2xvrSf;S!*oJ`{0Y{&4x!54L-`a&|(5UDi3`qus{#WW9g(AP<;VGJy2&|x&B#Gp{aUj=T!xk#uq~o zorN;-Gg(j5+n?YlOB8h6J(&j`*zCcUx3H`#b*oa?^?XC?x=&Gwa1fk?FlNcH6k9sRbr z_kYEL@jsL3%ITZ_K|oI5;V%N*e-P5rDHuE2Iy)E|JN`wJEazZrsA%luNT5k4CnQ2Z zr)2ErL_jBQ{l`z>pS$2ccX4efI$<{_QAMXe;Qr++N>9KD_(x1p1_GvkN{j@||3Q39 zrzUG)VQlF1m$4c>0pMTyziFTUIxl}Bu>8YMgn@vO^`9am0VCVLY~}Qw{+ubBzmugW z_@}iT1HnIykWM!je0RWf?nAq580Zfbp41e+evatXNnCTg58JJoB z{sMyk9@@~!-1aXDYXUlD1#zgqJ_snxoSf`9=;%yr9h{75jf|~K%xR5{>1>Q$9qF9( z9V}h+9rWp(t&Cmt^^J^aoShwMjLc2VjchHQt^a^)PV>jlT3_FZ#=ywdkj6rv#?jcy z%9zI3*vj0|*oel?LEqTa+3_!hBdrmyxe+%jJp(g6I}0o2KN>^uzg0IAfR>q_^$)i6 zY_!bGfAC?ar)Bw5_@7~Bq@@S2{TpRl=)36ugT$G`#n#+Ni-KN@^8Y9&HhNk{04o6l zBQq@{6YC!V0H6i@DV2bMiItWOz{vh@B=t`$TwPsh&5izo!Q95k*p1fC%b|BvIw@GpAl|1@O`jQ_Av`(wlOe_`Sn{x#13 z&&G>|otB=NndMJ723mFi8#4j>pLt_tWg%dp|AQ?n6X4&6^dE5kjUqigJuBIt+wqUc z!p_e6UjWMRuN&z<5dE(Jb^Oc2`A_?ppy(vcjs6tL_;*VP{%$nE-={#~f8;V}C-}Es zhztNG7Qp}XN^JC2pEhcZ-|+m1cn2BlS{Lu3-=2LmiJ}J1Q7vR3?oCS}H2>tC*!G!j zHA-nKpMn2SJ``uf&@#{$y7m}8lc=WpdMYpf!maf9c%Dn`_KuHDY~9qrd{YoPX^!db z{`|bs{d_vBe(`)*WO=k(o+kUtEQyX^i}F$gYMSEb`=54>lmH^fel;@Rd9nXd)$es*!{ ztOZV`^i|wBhojgp$C(fTj@!-FX8!kUcXzdMNvn4EcPfju+OJzLBI%$)^{EQQlb|?3 zNtv;5zRiPTBWW#!Q&ul4cU#r(c#`h5gGDkB>?=xYqR>o9B?zlMjY-oi)&=UG{+JGr z)*p?xAf_XOt_rC<1Rd_!sWOER?)d|akg$Gsopgm0`ZfH6$SuEh2REC?In=Uzh3`g}h z5>J)jXF}>9E{iybpVnZC!>H+?ty{eNU!RYI d{ zyxx%RqKCYn_3!z#q`rq&hq?#j-A>ju_XMWD#5BHMlS^aV@jk$#>4VP>?gWy*(6i|i zQ<}?0lE)uqZ{4ZzDUY1K#10-5cO&uaqrf*#jh}U?=BNxkW;>TWP zUnZUp>N~auLsJx@PD=@#^J0tVsqVr!>Pquk|;p{J(c`Gl>U(U*W z4{QxBUvdjqJe7Ul6<_Kbk2^0nMsj&GFK_m8FQqf4@LuY#r8JJLbK!9hoHrrepB{si zc@ht@c=# zyix$bFBMlI5A~?2w|JyKq|MX7`9Px?*{%aYXR zSvw3iT%Jzn+lCD@jsW)o#LPmEq5MKhALH(mR^2!3fdgW(4xeQ@4}99Eu=*O9TPU}o z{C=i233)9L{2~3i-us}!$0!fe==4L_RDKo3Ei!HV)ZE%b>p2kJ5pbl<(d!$jP3)t( zjT|@Zd|hfuK=#3cXxIMU6{M+eq>tfU*xhme7+Uv@{}JpkV*lE!*d71g$k{Y`4!qVA z3v@F%&QxZn*8`1j-t^%^N$w)kF^0Ml&#oP=8g4oCS-+QBA-?^*4$tTL9EY$LTKN=D z7I=^8**)iX!Ci=@U(P#~sMFXFXV!~l&+mmdug_uqcY`5PTm7$p_QQuK=a%QFK*!%? zUw`zQ2M;Cnz3<`Emt$w2`nklp*$P(}55o_;NuC2c9M0<6o_#wVt<*o6f);_JStHHM z@drq=uw|yY$#I%er@Nnf&}OQ#yK_>ZSyEHC_U?C`j4Ellai-^W>|*Cc=HeH=$Z^ui z>;>^XYJQun6f#i*SU12w-JOjuA_l=}L8=87Wq2c5a|cfgm+_zMtX(B!zCt(GW zAC986i7hg<1S=4nOpove#5?$AGDcUGAw2E3@RYMLxe3Z>T ziJ+OZj55Gm=LsFAV51n3;@k zP#Me^UC{<7n>ZOhmyflBWGbV{gc0(*fqU3#^>!Dw-^Fdflx5sd9lC}gqL0A(yQ;X~ z2$j6sD~%$DRBVhZ8NSn(RR}8!zK207uU23hIxU?d&{`qvVZ8GG1m z`bMUWU^LJge~dI9?HDnrHc{x|761ruwD~)*EIG~cPb2ANbwDk^7eg4<(T7Wmu$rB* zQk_Y_!gya$1kD4;BkeDjgDgW1B%nB`yi(S8-`T936I1gP`0+z=GZ@_a228|q)Q}Y) zigSjNtrp_o*QRwc7|fP+E;K%Bs0ZBrFc{6+L%dJREtg8VoJe3ep|zZSaGOdS)yLzO zQ;5mt47c3^thI0;!+PnlAg=?7@s8#_KBk5oxNhn3gCSATa6EYqY2}DUUJ&V!K=z*z zB4L~HACr|}mDww6lQ05Bo)0XSC-gV7+aLlX3gFPx4MESNg@omP07Ezom%sn zkbjRE&MW&e@Xv#$A_?i4*l)Bx+n0toANCqR6CIF%)=@D5odNeY2yde{q~QAzJ38!! zm8cL-k3)>wf_qMt8x@qFDZU|l$35AkT~dM3fr+w2X&_gO-fXV?9Skg)lay9*AdeA` zS%0J>qDeCN0!qn2TB*3tg|OV{HQcvnz-QOiy|g;N#&(#rIW>&X*b58%t?OQHxtU5Q zDlo6gNdwzKGhOd!Mp-YVVjf**ZRHtrkIV2{WBRV;*@DppvcXnVN^(GMq{A4df}s^{ zzIS~IjPg8&0Y$263m=YxxT?}3+cq_JHiCY{B%FdAMnpZc`gok@KDe#rpzBzKM%J?e z?cE4oL_e~K4~BB>MXj@gU0PMXsr;gWyFg0CAtTkSeM8z|BWGm{$5Z>^=UIcsDq$5q6zpU(x%{_0c6cJRu^%uQwFE_p_W4%1C>YBJ|gC8e2|Kg+r z{~n8o4-vpgV5?yPO8nAFydG;zJ_WXIB=&l*X%D5!?JOWCIilH0S+-Uyam{6rBe0iQ z#(^1-5hM}Ce<5lx2PEi?xnTVv&SVisiuTKl_pPgLBM`$OO!5@oV1_W~$zU#ue6p0^ zB-5Y1h##)fl^4AiF$BD$%Y5EMs5xSRy(-ooeWA@Pz-+SB9|ut z>Tk;@gE?6;a8e=F-;#j|BD^#b4xmR-Flh@l<)n24?TZVQ`_;^eNR1io3RlQc5-QT6 zt+@+F2J2{q$Fw9{v^?-_h5O!e(tUndur^wKGBskFR509!b>(Z zYAh4k7gh*NPeCTsPBIbb5{^N#l5%E$B+D!bqsD~Ntf=pN9I~5(7ta0OgU@MO*mO2O zwN~oQ$#Tm$P%8MQrP%4fN}d9YgHSkt+-9oX*?IH301EdnJjlhW8)~G zukD**++oEm#*7Mu4P`D5kG~6K!lb*lAd9SFD!s)#BgNwQLfl;cYTR>WkOtUe^1)*9 zx;-~1LjpGrWZGfo5{AJ!yN!hQr-yjTnk&6gA4~B{^_Ie8RObiUqImkpi{>_8hs{>s z4KXm)!Zk#@*6IYms%-QM)C#UYL#c1sj_{TXsf%bmI@sapB_B+i7g{^96|$f7Io{C< zoO`kLj=0*{U^(HD|SRIOsF*6NY@xizf_wS(WOK zE;@DIp^Zfh3A!5zm-1>lR#?`gqM~3*xKcORdy^ zw=OLrnAYFk1TYVzgtB;3XinOZWEy*LO$p}q{#P$t+S_X{32w-2r^_NY5c%`y#)twI zwGoYFbNan&Ue687`4>bD3iRLTnM*Op8;oUY<*pG5rI4l5FvTWM<;ztGl##nCT}Vjb zsxB{<-10ZFtC0nsjQk0-j?6w%92;!92ia?zZRORK0l4nPvG=(3#wQzgMb);4 zX;VN3qm57$NspteZy6s1GD%9@HgIrtQddv??7;G9TAd6CRefWSC_$I(*tTuk zwr$(CZQHtI+qP}b9ozQaFLvX--P2JOC%PlEPyg!Zu2Y!<0i1GXT(DOd3)6XS`Qf$A zil`pW_GXsNRp`sEzZv-PxB4%1V{Wp}BXo`0uP3$PCsxgu0Q+j@1EK6QJpR_2I}Tzt zB8K-$w@cP2Wcq?nhh^u?eIax*;}097)=b0JkgL(4#L+`wWw+w7Ams__5Ok{8i zEYrE%%%{a5OgnCV?ne%yy0aXv?$79T%bsI)K4XW)Kj<1A3dw?#s z$5>f1ix4zmMJeb!j`T1qhs%=+pMv@5bGG6Y1it#Gw&{t^F-z$Av=eJY3Osp6n*Ubo za}?suugFi9z3=m~Zdw&`b1LwmFOlpCfXZwpXZn1rI<+n(Kjq*ZnFmW`B!<%9>bWa(nLQL(JM=4NLYq$1x4qrClraoB;Mmarlu%4M2Nws9sNDfCT}OzBZhcJTLj>8 zdvS(sT+Ls3EyEmR#yLg7uIRF_;rSiPQdozFDDgf&P*8(c76S9~_1Okxdml*DC}F~e z@D*@ThA6#=v@tkiU#>2`k6qDHRkSg9{&_?ctALN`FvgpL9{V3%kZT(tlvbYZLg8&@~xyhV5DIc?81jdmdM(MTs5yotnAR~R~bS6ZxL$1HI z;v%Z3x-$Rwhb+4SfgP*`KnTCkGh_q|fjGT@(3tM?AgeC3Y?fW>lMlH=ZErn}Wd_V; z_4p`F`s3$KV;KuV>Tpox37R%~t8U#%Wn6OWS*O8pDRGqjaz?p}uR_|llH2yAKf__w z?8+(>V$orpiJMB)p{U*;s?lJpyRk|YuO{+O=5}j-Yx0uxP{0G|?F278gk4!#;}}eH z8F^JGmzULQVNTt~y)90l6zyF=AQ@zOifwod5IWImzCP)NCG{qzJoVi9l&IdQkmr%< zLmi^^no%ibXW_IaEv5tM>+t_e+qhul-;U@BrA^nCtLILobibKe>-U43~wGh+gz% zSP$^Z+kabO!tb!}NN&SyJyae!!UrM2(ej<&?ikW0*=@mEJ4`0!b3d7ca*-+kq(jsj zRpZC((4!S*LWCU^Tefv&4!VINT#7>I0c&$^DXFGF~(a*W6K3+=^mfN_Ym3 zFvwxWEd$7sEaTzgRg;)o@zGxjm(-_7GeKfz$ZTO(Lu)a;t={4uZeT?yG>~r#v!zCi z#LxzmY#jmM3ebv5aK*GZAp+Y5E%hw-rORrL$9Rk14GOv{tAqi=3)pTwRkry zyi8fYNBz?p%2gIw;XEL>f@!tI5LUqmL_@4SOT|vbL?^J(Xy|-ah>=yg-o`X}O&K%k zMdi}X@&YjX!(ea15BfBRw4`8l3Kn%0eP)SNf~Y zLLUrzkxoKJIi_NHXCr65XvPwgw_~a&@2N1Yo;K4c&j=!BA-0IVDKvUwoCLG)EN7gA z#Z&O;(kq6a(9>9i{n*VN04$r7002|oHM7kdGFCWKq1Pc)gc)Ic+{p6FJNiP|ZChw% zGcRQibcBookni{SlVw^Xg2?Mb$yGfA*H);HK()sJy9oozbdh7fg$W|Zk#xA`-lQC(&q&t_rlYw;`sNVx;95oUpC_ie{f;V^FDgX%^V!= z-XjwTx@XtsKoy8b3`QL*L>tY1q+Q*sLTynzorRs+xeHIwovQGb-Mth7cK2w6|ewce3)tJ1Lt3nPltyvWnilq^?Z zIjhFLF!`~g2y?ci{u&Wsjjt2c8*5#UQ^{k;dA#r2xNa+{iZjDeNzIu_4^q$@p@=Bd z=bHkdTdKmHQOSiHj%NWwp@l?WZJ2J&lu%oMlx2@r6TN;Z%6hM?9GzWZ_gcl=u8{8l zd>XyjTsoY1#Z!4m-wgTqGaN>S+k4Z>mF>9jW`1a_9ero#FUu#HjOU70 zM)D@ShB|W8C1#3hu;MEr#j8VCg#5fM;p|;%tbmtiYKrNbQSDJV)J$=Jv z2BBAO{aGkwk<(sG3#z|L#d1}UL(DU_FIDvjUl+QpOuRn=HD>z~21)mLIBRL9BfPPB z@iRsslN6Wi>`L_lVjVgs99Q7QY3{szqrO}XY0>%Nz>U|yRv;0@X8{c2&Wpy)IA1ew ziAf^i3k|^cLnCD9)EE*Fr+u>j7y$e9j=k{wuRRYk*ZhcE3&A-su zpZD*2@B#*}7-#e-42~{)_Dm#%Lgr|v_a2*5De5jD4@McjcN<$fFW^i;CJM&3lMb!S zSp4>)elq}}1Y=dt<1PKXVTk5)<|+xY@l6@AkRM%ejJZwg0jTakA7tu5j0COqYIPi= z3^Q?1fghjDVz!_75&QMZhejR|qUM49+xAatbIn!yt3G3-)YWQS9Tqf9)0R2KbL&%u z)%~hXuvr&(bD494McdN8i8dGTY1Hm^s=kP(?~Oo`>h5vv%F49dBYyU)!WqdVKpq#a zCB-}CGfRextKonGAr?rI#HH`+&r_#8nYtQjh4)8QbpsK3DuZ*{cRVilEBA@a)(xFb z4*c|7LDq8?*JvTYG&*6qyS%}Jb(J|-Nczc%{%8smYiczl*)OOUE+?bBuPJ!v4wH0z zLN>2f84maQV7d5la)OuUY^-I(@3V-~++`z`r9D~{8hdk{ovueF)kebBHT-N=dRNbx zeLFS{HQ8+xMHQr$D#NViS=&ntjG@M zM8GKSv}=KEjj6nQ2OXcHe_0HcOgc*9&r1FP(EZ)i>w}pZ3Bhu;?ype2P@2WFX-F+% zES;>Nb1w=go6?l98#^Ru2wjde559@)$eiJ+S6Q{ck=s~EAUtiRd7QC{yX{hL`%t1_ zl@xqhf}1?Yoo577I$anZlVsc-P=7GIMt#@%0jr^erc@ zqDeS6Q>`wZHP{c<%HYM=uwQ%j&ZA%uri;V6B)dJ@{%Zliedon9V&Xh6gw_|B`s`!d zsTs63QHb6tO&^IvWi*PMvBB-+>2977P-cNLtOZ<^v{TQ_<;h^>#WxD!8rIXk_eEtV(7Uf z$~Xtcs8AjDKxz~GfRV0#6ct^Jz?s;}L}JvLWE2iO(1b=w*eaSdmiz8Yz;4^?IhK09lP zqc<*RmA!J7{@v9U+by=6+1%RF(iE0yp4*8R4@<_H0KfVU2tt)JxrA?n6P#Hy)Dm`r zs0dbGmFlu@%aLnS6G8KFiesGRp3*Z*iav{jrmI$E8X=w7WX{>{Bxf#)*${sh#V#w! zQ&Jlh8(uB&xO>efnz)?@ZP_);hiK2e`QVQQO7E@c3t>T|NPE08J`DE6DkmiXJ+89A zWyl|oPBN?oc1}sbrF!(U4-b9Eeh#?k%^fQOpFo1I9=i6{9$ z4@{qivo6%aj_{0Y7a5TDI!@EFh&;Lt2MbDvG7+Y@dM^mZ=XekBVW9VVAg1ERjvjS5 zMDnIS`QMfLo)j?kOcZtk47h=dw*&!>K9Z)-Q1(7S%ocGp6uV&ml%sqez+Sp#U^up_ zp&(J$pM{CBhdksbb0UXmnIKF19u&nE(5&7h<=r~Y{E*C%=X#0f0aW0;1L|WdJg$C)9 zm399G9*78T9OAViRA>B}BT>po<{2ex9|Q|Hc~HErZ7WbtR=G5-r9zfV=b5K#dL{=4$yf6ran4*O=9Z%=F;FpYay|pD3%#6( z>5VRVJ1?1sY9%|NNzt8T&M_!5&KL2`${}D}&6>F}_m#-C@}9714sltS!e@>?AG0pwM40t} zbC|V*D7!{9@KQxccqOay2_UjI*#WvHr*xHtzH<|OYdn7sc?nh9?b<-C#Y@e6{z*I+ zi1bV*W@5Nubm%%gZ&!-_{7ipUNSWev*TknE1{7#?YJCqtXx1kFS&5G;; z0bwRX)T+dan2ubNJb#iDW8q3qKRSG_j}SIQt&_?s1aCoK_~c%N@N{Du_Et?BN>7dE z@$zAkPa6pU9+4B)vp13sifN`SI#N-zF`Yz0kROvQ*JfX`^dLFbM0vl`b0cDi97e+c zCQcY&{L@VR za~fAO7vE7s_+{e}7Gx;r7)iq@dh~R*Np5rjg3;ufbU_jX4pJxiB4f;Pl1Yl1DbrJ- zD!3^Yd|O1kNneb=NQVJ!KF$+4il46I{sXd~<<=a^K7lT>D{uimY8gLJ&J(F)tT>t= zt+V|FFu?WsavveuJT2e{m>b*8i5Q3QIZxf=V5R^QAC9}|mhSP^=&JY*8zuo$dCwHt z<-;{|2dILQ-C>~YG4gX-aG2ouBIlMp4<_#O1Qp%=ONJpBi3A;$oR0u}<rca`MDd)3d#uO7R(FY8Qxs*Xxz%L)SPbBcsk8>rY7D+Y zB=%b+NKX+oa@7)J<>mw2`8s!g&A^4zcbijg;zjOn}K$Y5b@x39SRA7i!mHO&XwzeuK7y()1|_cK%;Ve;}{H^MvO) zcMXG<%IRMa23D7n#@UDIYA*HlV!X}yDWhL3CSiE-%vLyEE?F@RRUK3};8TfK4XXLk zW2#@~Ueq%`oSOBsB^($8fF?VGE0RZ+|C6{!9m)i;<6g~sRC^BiE1fq>do7dyRLRQ+bfXwD*<$Y^igBLr zk0r+ALA2~6iF4MN!`LH6gj_myH36wt#~x)PQkH6|$JZHNbUTNvsr6QgK#V%MobfIb zBneVbe7AT_G6Ydkn~@oaK|;@PZF~wp|93|h zd)H43>(j(DF^g=!D3m49?+UDnBAF)~>)3D&3fZ{m{ghYTkLlTsyWC0L%VG(7b$8FI z9NsS5KI97$)s(#LPV|61k%&Ux(#CBiadb=5Nu*^X zgAbB~BR&$EY(Dm(s)wg5TUc$v7lk}f-eBmX?+P5P>qw+~U&Xk4^m35^hJb8-6PQ`& zV_COOMJbkhZW+bUsyVIZ(GBh5Yzp;YWd%JRwK4+~4S+yMG`)iF79F2?n@>46$KI1& z)c2Tm@3lfe{;x2513tGVH_io$rZ*WKKhW6Xs|!Hw9kUxqd}5?wIqe;Y`hnW9LbjFr zZz~No>|P_%N3u?~=y96718dT?xFN|W;1kb2Sh^I?y!M_tB|30r$@>v4+o@qyjXxHL z9OzunD}3aNPk7c_p?oBKV7s-v!(C-?@M0q~4Tx}WnNx_SB zTx(Anouj&+7omlMQH#lTyaK%uh_r}o)CZSvWn{zvdsS|84V`6)=h@Zy`gJU(UOg@{ zP`ct*DxNEp_ndX=-t+B&FxJ*sfw$J>ya2sZnV1z#$K98AthxB9Ti z>x#-P$0`K+0`FtXZy})GRAtz%({^NZQGVU3>ykiN7S}7wJQmg(v2y}g*E|KXTB)$0 z*MGBBPcO$z6zO05{^~L8zHeS#D~KVKOfoafw%IFKH}{+?)E7Qg)Q(yLNt#$7n(y>X zn2t)gPQIr5+0{xU`qAz=pF#4IS-bwho30V?PNGxiR%Je@Z|rvEw>g9LJHA(u(pz?S zcx6XXNDLq7=u`-a1dhb-YTj&J4Z9jRV6R@Ps82GpX%z>#9w#%!fxbmypQV8*C5v$0 zQhDIfYja+U%_-ubVHH%3+=Gvu@Lt!r^FrpaRSOBv$>!+MYk)P(Zm*%BZO;J*AKh25&p{pToj#%WiYi${m` zUe^#!825=AJy%%w{BJ;98W-$Wox;sYPwG$h55|NwTf@@AF!FCI2Mgtw{fXeg+ne2~ zOdXfUBMt))?+cf86&iyOXm@YIou`u~shc9ZhJS2v7=Jcz6vq?+-lNC^^T>C(QL_rz zNztLd58y35zmz0!>uq)K)L!$narLw(nj(-o*C#3(wU!Zh^yDyttoqpaSD%kMg7Hi< zw>}xFGj$P2^Jbq&P^T^0-&KV!s-nBI2q=7y>yZWBV4S0&k{$7Cnf-qqREdC5-c$#q zErMl%l*_?_5DjSU%F_5}S7>|P7H;-Z281<>>%3V_&ob@@=s;Cyq>stHsowL##VF;u zv4b}d7~O(Bccqa;^VGQnW%r8wjj51`gOjcs$K(Bg;NC@lvR0;Vsi&l7JL8mQk&`;F zG{DtQ(vGOcJTAPhA1a9&k3p#U>3^!%+B4j0cWMERn>p?lDlLUuO~Ka4+(OJ=z}O*$ z-IBzv$GDVU(qnMvJo0vVoJ^#h;mbOmsi0&yPUXQb!uVW;fs3uix;Zo!Ywa&Iu9Zp5 zYth{!S2W*fbVH#d79|l?eQj=$nzyhwOgQxzlr%Gt=4^@;y68bC1{2-Pl&5f>;!5bZ zJ&q&f$rNc5BfJZRdb{b-!+;~R%Xf_ANK5d>g?Ut6_A?8BKjz&zxEYx!-P=Y5KH z8O^)=*Q5x~JG&=|7$y(6bIx4aV=@3Ic@ehYX=j(rTsnY{>*5$P(6&`Fz|9vKnr`e- z$qD*_*~aBj;cp3$t#?%2%^ftcropZD^gaEBLVM4z>*IWH!zvDcgMlpHs zWD58h(hG2IzwNI+d-zy!;3>M9HWD~snOd~$zi5x$4%&Wt%r=2BoustZ-uQx%mRx@B zew6Qd|MbZO(g6_@t@~bz+Jqf!ijS>5ib>_Ghv{TSs^BaCn~$%@YESc$$di#qh9;G* zd3?J0pb$2FS>X^x72 zBD4(KE{<&w{>^cgGOT0F+b%?E!~*WPU^!vzp7L4Z2fWCv1m)j{tyKUC-jSvfLq_Wp7EHJZPlUj>(YtU=Ja!h%c~^yAuKqs3iagt?Y%d# z!-LRLi3i7|w(1$pi=S8NVmfq8xij@-`+nK{BUZ+@Vrkl8Zjy?xtm2xr~$MYS#XNE^F+R7>Eu7y##(4m0j3}BMkn%M!eocN5>aKS>lfPdlcwC+$Wh7 zxhf8ioqfxgmbpW}Wh8CrhE7a6D@SU}^+QUzyPO9j_nQWXy}1;`tOY559jsGPE~TA; zkFlvVU?}~J=qL5<$J6ufkI817S5|Pt&C@J)=1X9-8|p0kIo1l>IQvUDoNYgguHrlv zT%Rn*iBg*>G5F*Z72k5uW?R$;g^?RPyt4+M4)4#+_D8EJq#Y|- zrOzLSAuVnC_>vN;)tS9i{_tahS}$)ZrT#~&Vn>uh%rX8zutq$*`LqE3Kbqw;m)8!mJmcZ3^isoIgl5#~x$T zN>-yMOyW&9vizoJ)7*Q!yB+CvT3e~{Kkm-sqLyhLUWH=N8~KlOq*~*$+6Ml{r6YG4 zK2vZj%zbLlYbOFgqZ^eVN&~|vNmEsef>Dr9^Mlv*&l-YJ6;E`*WhH`%iwbKH1t?ZE;fz#vMq^q$F9hX9BImHZWv~YY z?Y*umkmJjzkm_&(S71B1Pr3@gqkvzBth13Vuj0m|`yAU3W{{W3$7c1>=qfN>`Z)7H zEUS^7aTLoC0srOY>`2c3$!ay+uAbw^;x1k#4PX6x)@QV~R<9st#3WNbTK=~o$2K8S z`gU0=FZzwGTOE4%ycp|Dx52H$W{oQ4c3|5NSZ{Ix7f*@% zJM8H2JzXqFO+-mbKAs2;jzzUhc+bVnN#=6(2$6Wp&12tDG_fP#!$4Zjqs^VhaW3=& zj#p95>gIBPBt5pS|H0dr)-Q2fWaIEBbO@0VCg}4p^Ush-p7X+onC#En7{i-VaQ;G4 zhh#40qj^FmkBMLZ^AtWJ*NF&+8UCY45k|nqKyen@v31xQzR@b;%?#7U^k6861PuLVAa*k=$wols(Q@eMS!mP|KsRo%RJt zDtZIL_L_V?P=)B}m@CJdaI>_V8*-jUVQ;Y@_?A4k4R}%_s!pk%2vaBt_SE9koJT3; zJC+%NKgNT)RK*QF4c~@>ydAne#@1F9ZtPIUfjBk~%*Rh$NA6ys(g~1fX?-zjmnS-0 zi9?sWVYpnqE$yhya}K@px;)9wvK-#J@_2x1PiFlvPpJHyQktuTBWWaBdln74QZc;{ z{)>?$zSkA|_>YHxV8EkWY?7(PG^QKi26kwz`z1-!1SW1>e)a%?a&(((z0U|$kO`&` zc0)g$0)gckn zuT%T3-5!M5h-b+V6$I!1kzZ9RJ>suK&lI$)B`{x7e#!IYddFx+g|9+#l-ILH-C{;u$bLL`H+H%6_ z|GS3uo@7^u(swq#+ty=xXC&s_khZ^zi_D~@9VazEwUn=Fak5;NXua`M}`)*L2p1i-S%n(>j}BeWD;sh|_er&tO|$$46FQ=>hCN1CvMT>MbO^J89Kv{|6(26Lo z22?CF)>Sb&A2j1^n6V!y<&c45{oi?3XIE9O_1Df4??5>qH9mmYY7JlId(U0VtK>G` z7}OkhSALfFEEqAE( zFp*{YrJ_JdF@{Ppt^^)h(*AjG)R#|w^jCTCN}DwM_^z+}-q>O3;X8iGIe6J#XY~co zAE19(;dne8-?wDyBmWvpe9zy>{K9|XE(45P`}&hp+9S+-h$CU*BkgIaDCou1_BE@s ztk7bfRblGF|HT*$ZIs)^&yTo=DJW{C^K6%35yDeex32y0WyWgfu!oYBg)WU1O`YFZ z{gTI6Y9jI-Dx&P*3~;ieR&8c#^BIz0Qkp+)r*#E*S9-ZIk_hYtK|#xZ%~;LT;bK*T z3Jy^;y@SfWg;a)F<`-^a!BC4`_=vp1GxEx=ML)l_DUGVR?>Im zP<4{Ti4>EJ)tTKiHPl^8I+2xxiHns^^l$&{L3p5tu>cM#Tb|z8 z@XZ9fA`LZ@_)e{~dZWdSiQPT%Y1Qh0pLvYX`$%dXvrJ+Sba7N*Ooed7MvsbMkDS-P z{vVRDTRaJ_o&^d2H5Y(i@Ml&68X6t{Z+oMb(1`Swa$2B91GAWCer=qR&OEo79;YgIE(c9H&>;Q;cBSHgU%e?8{9+;3XUd3!de&%nD*x!()_7M#b+ zC(%oB5$1Dt+u!=*;3tvGn$vttREIW@H`=cp$@@-xrMS1Zyc$=e1BcLGMG!$uN&^fO z^D+jAW$;`Z0g8dn=@8={3`D$+hwC2^^9i?Z^^IXltFf?RiF+o2I84F?6%p+OT?+GF zeSI+bE)_~*b!j_dh(DH_bAX5nJVY8*Mt)uLRkQCe^OUN{X55k{Qq% zQ}U^lmB+e+=Eg=}vT&BThz==Iz=Xsqp(NfY^jR*RtMnVpAfownaNJ=2?Ih*p=_pP* zq9IRX8<9ZOxl4I^Hv?rYPdR_6-@@Nx;Z_p&3W(kaWH_bxJbb*Xe}bi2dg5>!(Rd_5 z#pE7@*A!wr>pG_?_e^vkj}WR@f);LIt-?ige`Ph=#;}(nh%$-;UP|(u^L^K|DX&z8=tD&dnlGj83ysRyPpe@&X9{cNNgJl7e=X2tMKEg;(RhyDhukrF6B8x9p z-QG-j<5vsD0*s621v;<5+UQ4kNs=Q!N5-_;5)r?sor^dv*z6;!xUMdXC#1^HeEGU- z)svH3MQ70Ti|NM2HA%uo|8AA~@)|=1x5+|o6nT`2p60Xa)49xHIdJ{YvL1QMauVJr za~&0ekRZh^-qrH2T{wslLMPYd;{bM=cirezrFra(76Lhx&A-9$1k89ZQ10rp&*B5)3mx-Px7@saYR$3aQD!?C1S@hy$i;Y`IL9k_f#iI3_m(Z z3StV%r3R=+nP0^@6Z>8xIfON=R#f$X8&ggakkabZYaFVr?)_dKZ(hIp9;2sJ0YfPC z0eXBpadk9p^KB*6U=q|)aO==FHXjV9Rz|Pur{jtUM;Bs|Beb4Hqh6iVw{2tl)_Jr! zcPBo948A(bT#*mbF;+?~svC2mtE+K)#P*@`u<@!i#Dh<(Gsf>n6E@sep)>P6xjaTM z30CG;wVJnT1`MulglkO~>xIbqL(Dc8#$4_bup`NQ{EMb5%3I*24o*ba=gDl%a7eHh zE{)aKJ8#UgMh~2D%?mPmNQ}mL`d1f$%kvjiN<)Px@9a}LfIO-$MZa*Z&jm?6AH8sI zfm>1N_zlBK88P9;qc0)GT_{gdnr?uXs(6qcOj^QYEMWeqy)jf08gqY85q@>39nTLy zC_{lXT$eNO^7Mt7$WTSB31>uH)j|0%Ks*1GJyA!ryNh0h0buohBX%Hl%~v>&7J&Yb`Y)UOM{_PUM- z$TzflWG^^MCCXmE$j~d{x3KX8Qo7fd}M!d>A2b>4V9bolIiNn=PsgWs9(yT{_w$STRYB-J_W} z3~v|{9m%h0)1=_>Y^yY9Xk_V=LLX>)#f_dfh9rczlwGB-PxNKpZ{GagN~F0K^)zLV ztU*9dDmGt6JU9>267M?@t>{!I$5{*DtCtlg95g02+Bcg!M#}==jceRd8-8km)Kc;u`kkOL|AsBOPVbW&{4Jn@qyF$uyt%ZqL)q|f$mUC11t~|V zL2$!pMP(%?0VXudheq6Mi*feiO9#oxr}FjU@+;wCkXSBLFq9smGbvaoB75g!FQo+Z zS_d4`XnOep1IA}vGJxR5;OfUs%Ee)_>QvkwAC!4*iKRl^Yv`xJa?UDw{6Ig!7eZJNjOh$I#*KvvG7m-^xSjS#)lCxBghx!(_QvyN^V%TQvFC&KiDfrk!FyED5`BaOC0Z1ry`pm0va``oQ>(po9g%xrc|ggNp)YnfaTtX#QmgLmzcl z0_*+$S?@)!(WrO+(@W{3&4xnW{3dc+?VdCT5Pp%Erjy`Ml*Vp)I*V zv9&*k6-%{Hk$y;Zzcro7unvzjV}3@>VLXeHS}t zmk@&{=H}3Tc9w){96lZ%XWA{6>QriBi5|H2OSwnX5hVeJBYV%A0lL8j(bECnkO_h* z2ly)ESHDfzs7*_*-(%e0WzVm5-rfhvF#QZgLd-=`(t;oLUq_HApdF8|E5EI8{Kx4( zr9)5PP@cs)YXh@S@cX10|5O4PC2norlkb^%SN(QFJ2L`|mR(vp9GUGLoErf&GB{T@0%8o%A(5%Esi+V?6=0)ao;f

    sUCI@LzQ_}f06gZ;lOew@Mj4d(SJD9kR5 z_0oz>Q-CL)B`Hw*@ecvyFb6S<0n1|yTL~UN3f*p&){yp|5c>vVs;r9pSIT7|<6`1w z;oWB1D3ewjiOMH0B*P%GBi9GwZHdwPS^BG~icEM#Df<9>YQ*H&Xpb)FmOY|>hpA<- zzTNdWf5<&Ro17RO8|oW>_XyFZCx<5i0|7KOGBh|iHGYL?PWcJa9{Yr@ZpD7^$gZz{IK3Pedc>I2* zCw^DI>qt%S{;j_L5@`ks7W9=+tF`{B82y<4+qF{vJM!%<>Aa9D5Fl~55vu;(v`L}k zX~^n`qKw}NLV`BvKq~_96R2C2T-6Q*G%oqJ_|@5`P;HJJqac89%~&g)@S$rvyD?V5 zf8g91#`#2Tuhy{u*}BkVPT8|`smUlaOIPd(8>vXI@*1;M{p{SdH8 zd)CiXKd~7l)yIz7xl%Iwnm=tzKwRHbgE)@!-X0uG8RTf~&{EQT3Rp0w;j4?du8BP6 z<@EYuT1SWTNCWWe>;h^T_^M6X5X3hbpW9gf6(&8~o%8yq#dAS51ex7Ex~593YoLdU zAFfp{fhv+X7z8Vo(^7;x*q0bdbLL@;bE<5pJU>%PL4`uICsw$B|8;{2)OV<$#@zj72+8`dMy+nCgWF`!g$w==K0&T=1!Qi4vT2AIy*&TSughK@&0UR z7hyxv<@}oi=|slO^n{pS^VS ze_D-wy0WODwv|5*B{Z_W>S4apU#LQy{nmM* zK4jaS`P&!$?yXk+-Gih54g3N(GY1OfK4lBbztA zhxVf(1be_~y%pHaQ~jy zSj*QWeMD$O!W2IJBMISb#~1X@fhfbOFvEgw)@Ku z4Z$3mzMEj=FZflU_lnqW_UQq+wdKM28*>6h23O{zg{e&^efx{cj>0WJz)3eE{(Jf9O#_007kgVfmN-3(U4;kzjQKg@py#J};M`0qkY;a~x5Ep1I*JRMB`_r1lU=)|p@ z0x?v600HVzfB@kC8}vVOf AmjD0& literal 0 HcmV?d00001 diff --git a/digidoc4j/src/test/resources/testFiles/valid-containers/NoOcspCertificateAnywhere_LT_liveTS.asice b/digidoc4j/src/test/resources/testFiles/valid-containers/NoOcspCertificateAnywhere_LT_liveTS.asice new file mode 100644 index 0000000000000000000000000000000000000000..3210f2d3532ab66ce35281426b0ae5dfafb260b6 GIT binary patch literal 7181 zcmaKR1yCH_x-Blj-Gf^g+-YcZ`cGccp{jJ(xSNH0!wNw<~5#GSSpuoT^DMft@rM{D{FK1qJ1QNM7sy1%lTZNLpQj zRZdBU-PXhoVqxy&%;s)u6R$F4*TsSU5HCL0>EOolqoMT}Z2^me+?>F8NTvi~zpZUF ziyfV;>E{Pkx~!9m?(ty(LV26@oMlP>BQ@nm^L6J(bzy;{=Dj2&0N74SZLDD_D*$2^ ztDgmiN&{qCde~nMGCSlOhew2=QsDte@P+al9Pm*+^I$QsF%q zYn#&>KdZi}t^KamaF>UE|AbQ5P)hG7hpYd-{P0D0kj77EXDwJu?P;^;fkj0D83nE8 zU1Z~HXQ{9-F#o-G;(zw;1hKR;advSucjEZl{)p~;Oiq8yQ+(Bd?D9KT)P*KbfHoo+ zM|ckd8;ndHCGP$7or|TK%erw{)Tz&A5?$)OJK$t}$RYA^vwbJ;*xZjt5`1oBEHxmLNi7Q1QOoH zjSl1^&@Qe5X-?~J>lq~n64QLGniTFA&4Ym$9^cgt%hh!EnOnsR^OU{yfdqZZ&_1lu zr&Qm&+jD>G0V80B$7{R!U7ePKwmiQBGTI22d9|pS25ls8 zh(818;Ma|iVgp6lAe@_d6``bSGZ_{FVXPt4546O^dChvX4= zS)a{UQsXx)vd4mecEvL7z2WxzxT+<;{z+~!F%8HMiICNFUVFd&(S38k|)@fEe)58&JIP(hK|ryER#{~Y1gVBhhkj+P4=y~F#@NW)O~Azq7zEcNZ@ zduJE`#iy0)+*Nu2ZD_IEP$BK+$s~G6V~%OJDwBYWsja3ty`o#d2Uz*){D*6cDW89hn@ZJoS~$c0HEg*jEfunc_c)0*s)5xnpIcw(>8y*Lv$Up{+szy@%6^T?D_ zE=koYkC#X6XQTkaIy)U;8ZC@tbfO0GD2696_tQ8ADJ-i6Ik;*G!r^g$>wg`}^WTRghk4!PsPn5Dvm&oH%K}}M&ME`3 z5&)fYrW1^w9H2Hv_lUmAdZ~_3Hj9ut>j*X>GhI}R5gf^I4EoU%dc6qL6?}Z-0C}2l zOQ&L^>E2@A1ax;0;wu4}&9m33tG}1T{zz1yct`y zLsTpw)D8a81t*unxQ3M1CfeaC zrr~3U^zv?KDpF93H|Eil4Tkoo4JRoA_Ri(oU4A601{T$RuW}ORC-UbN_bjql_G*<9 zAS!ejYNXbPzC0!fYY=Ag<~i#OWn&Ng0n%&%otDhfs_*djvqqGvvP6l0ELId&VG|1~ z@DSkD@+@Kv=$+jH?;AL}5NKd{`x~rA;MnQF%G&oR3O$ab=34l1f&zeSEhQ-NR-c`f z%+qp3`F`G7BU19FU!v22Ih97J4UkBQ8ij;Guckjw&tV!Fg}dp)7H zD&al%3qoHMO<|)30eEDeylk|AhpV%b2r6)yuzws}WqonA&A75a{V@YhHW%Zsq-ztp zDFBi)RUKjis3NwwWI9alT;1N5zsd@TdMM?DaN*BZ#WbdPOut#V@!>b(3Z^v}0k}FO zz2kErJgUznySSqSPY1s&97%;2RWz38frMW_lngo;>3S)Vs2J&nxbef5`ibu6=Q#rJ ziLr@I!jc(bDe{o5l(nv_wdVRLV-NGsaJC+jTK)n)aDi_J9MY+(&bn;l;iC|Qjg z4+Fk@&y`opjGgR&UIdLA<97|&HjlYX(PE6FO}`EHuN|=Nxmh^{m1!_wg0229+!l$M zA-YIF6R-FN*(HoX`_$o-JyB}`Z2UZL8NLpg{e`F>w*gH;pmyr>?Wn6bl;H2day~T) zWh!tJSD+W;qkvj_1}W#9^i9H|^(UKSu<|&`F2}hWO=)X7!#tfhUmD45Kx}**c4NI$ z)5MluEv<)NlltvG4|mLVxu=uPpsRU7V?j42_#QDlS-=ey<)fA4ey1=w*UnSGpXS!g zlM)+>EdK09l2rcmEuCckdpp^x!`3*Xv=jzMh(k=gSkHt={L@F;I$?)Mz-v@TlgKxN*#hq;)>;JI0sm+T|zw;f(vK*Id)w9B?3DN#74Ht19m}dw{uFxFv^+ zKK+)1lL+B@{pjMgJuJ6$>Tfy+p-%E6-14S*(A@I(pGTwPWH=;^3rx@}$Oe;SjBi|Y zuXYVGx?duxwf*wM*j?>k#r-`ZC=Gv39vYp&afFA2!+9qh_@rcq=|?3t*-Ck@#4{!u znOEPQ;jk(un|1m}2&JteWBc6?hZg-DzRX=(T|SEmS*7{GbD3gaBq6`0X{Rs|^tnrL zej-hgk;#Zt&RdCeN)KjGb_VB<%nv)<*CaqA->zAvYKgh?6zU0#%7}AkP-&r`!#$B~ zMH<%fKD;+7*UP|)&zH%bXLE1ZYvczV@Mcu!b_%#)GOG#mWupzHv)Hax=iZ!u?B`TD zDAn-UjPDRb%9sq7o|x2>BanfQNiGXtI)_P`nFwQYhN(~_)`#o%2zCPjinUpqOhV(?DT6>1kkF#Wrq&>oN&L|bn}GYiTliEdTzrv1L5ZA^REnsm zGli=RH9by$P&Qpm3Kp~K>s*iz+o#EP(6R;S>o$v<@!mm-OP#o`Ko zo%c3$CeJo~FU3@;SM4OOLqwAHDZlQ(M{gkE<*SIwl=zLJ7^sD@Q`9#WajVqzNceDp z?Ye(JyU&y$U!H5~LSN6=X0aL*ON8|$D*ug<1JTnsf5MQfGI0r*4IOFp(0^$lX|S<+ z89blN%B~`+iPi=_-UQ7ByvKQulQCv$0A*BV;ocmsH>+(ro3cqlaypExF{B92qz-KX zjBj#|;LDH(2`h$u5T#0Vpqnk0U^-VRH;$mPvaQ0bSPFoMmz+#(>;1KATOBck)LGrCMTm=&B>s-1+rR7-o!>xS@ci-a8 zf`(vEDA!T3lq->m4Ft-gi>z2dSy(DPT|~9I|1J^9Or&H>NNkbR8NWVhO62u7aRJB| z(5wdC94FkGav@M*Oam7T3C<)YlVa3~1=v}4s52_!Y@7s$A2OGUaP-OTd_{#u#CaxV z)QAn4GrYZ3hOWBm*k>cABMb8lz4iFfpMpAee(K~;y+dq4U>@y4Y}Qq+3H@djQ{{fM zg1{y z__~%ys1)YAJ4i5xpJeY+4i?S54P+|npdUS~QQiJ-Jje2|cBJV~e5#MT=-HFdy1iGh z!a|MSdYp{wK+RVb!Rv4HGe-l29rxYd7C{CYWfe99$v znG_US0bgjH6}vmQtzMIoesWVi1aS@<12$r^XPI8e19TUX5VYG2!zjg)U2Ilxw86o zl6>h5HLF=DJ`P7yj>q^=Bnznay48JNx1KvBG8$@{ZySgq2!%13C+MqEoa{RBGD36e zd%0=T9Ibv*3l9sbwDIt$o^T?cH1>`)A&*H+T$q`_QO8gpb4l0V1k9ynoerhn9r6qi zQ0Pn_=GKk|<;mbJ702ei%@J=WUvomQ@#yp4Nj99SD_{g(KgYMB!yl4wnpteDTs3G| zkp#9Tad6`iSnLl3w%=)w;(N0hvqujB7bCkIUP=MHa3$Ed zmJ=l~iIBRK6+_0cJNY_qg@WeFy4~g;*O(4@<&ZE5g7m#=n`9_09A~HNBs{q@X-`k$ z+vE-4eN#E2CE|VX$hyqR>F)8lU8U6K@Ucz;n-C2OS31MsmgDvmmA0sho4r_btcOP4`P4SrLDcx~h!0_VYX-sJefK5@S- zT9X(f@}mS5W)X{{TnihbEysnM8c)A3pq!dC<7g|2VL+|I0-DI}Y1Hf=2}5QV2Uf}# z)o1aLb+is!zCbhtB0IkemEm?bN7H??b+N-FO&AUmR%WQuXG-kYzqtTrAT4D?qzQ{Z z(!pSp*r+<%w0(J+Bb|yJGpG0@wnKOq;%71cr+Hzx{k+iVknu|GY0GvQ_1+_bELV2K zKaJl=c;nGEinz30M0d{M`coj*NnojDE!?`^j2|ku%i;J}I&trudH@Er% zP1&dJHOoEjqEA|>ikeW9Ok>V< zl64OjpksaY`mVu2BKo`{i3T!F$=cbEVFjxdfk8`l=W9Z>6OR57t0}NZ-_vFRD=B^J zc3IwKw~eG#X(zc4XF>bluMJ2r1KZcRQ}#cdfpbbnGd}ksZjO`s+3T&hhOyGa%eHvLE$$0BV2;yJ zn7njB)v2IV{nt{BpsiW=(W72Qb=KkgLmBY30^|lcHN7?fy)4uG4a$096gjkR>Z(j) zv~2??l*Eo*kTdL;Q+;f;**8@x)^q&NIaIYJXgzvl7vHKtsrF==B}(8rSF#roHL~0( zg&pH~X4&03;|?Azb;4iC*Yi7T95=^S_*14-!=}5VvklqOb`*`XS=%u^0ygp@7Oo)+ zS2@(Bl73Qp=PQy(>zZCZGrGaiHG_>U_qd1^@VrnrQjupvD+;lZmsJhP6(Ux{10+q) z!>t~;#MFK-FO1Ic?Hy3PWsTLJ+gE2E=%A!PK&JJy=-*sCOjG`uQ z*v2IHx+IVNPU{t&H_}i4sK3?r!kYq(C^7VSpPR>7do-~qD8f4=yhB4j1yeb(j5#3o zRv?TeczAeDV?E=t>x@B_cMr%f6dv@U|n<2I;_Y|B@ zc@v$)`m8kQLg$P?jWac^cmC$n1_ukZQJNoY_cb&kv7}e9t#|kZ3 zvGmUmwiQ;0T`gILDkn-op-SVLZgC7|O-?x0DkeQ( zMjl3#yBRQC6^F|G=nxC=l5Vlcg5W4tV+|_-Es4OW*$|QQt14Hv{3csHVQoIQ81t5k z?K;$<*zOA&==1PNn@*3ysUC}@uep8yYJn(Cdzn5>dmEugo4iLO(BtMa%GrhGi~9Ah zAN*e*)eTsz1NUkXM>G8YeAK^2wDVuv*xB8gMG2(QKc>bc$I2$BFgy(VYQG|*h$DVY z!Fjz1>vjBhJN92Rul8%H)}qoT2e!{H3m`1N2xMG4S*C)feAa@yjAfq&agf{ScP*mn zZa=+^SzCHzum)ROx9e^(noQ#6;RbMYg!vT!(7F_A%tnxB<5oSPG4-o$o|~;vUsW?j-^MO?f!>$7gFs$h^LMBPn2~G1?_?m4&;uzn24gA;wKiKW z=3`7p!c3z?l1P3%5yH!nC;`(2E=Q{QH-nvrxgs zvvWKGc#-CIL7`~kV z^jF2oh^oz|$41}VB>M9MCka@$HRlW8_dP0PC=v-EoN@wZuA6GP0YSt?%l@=y3vW10 z1H&i2N8^l{yHn_fnIL%zv@!&n_kv1O)K@5VRH;uWU!Kze;)%1>SE6><*~jg6srP*d zLMHxWHngSSDefOfXic`&kdF6)5Ya69c9(a|CZ5g99g%5cTlQw2cY3sIz(dwbpWf1x z&97uHfgXogwO@sl(UwPJv{y*3)!{)}{@GmY?qQfCX*S9I=BV;=GnYA$o)Xj4wlk4L zPc<;g>Evw|-rc}Z6YaKZn+G2=WbGm3$MhuAUFJ$aI*!*Hu|Wo4q0hkb^Z!UlK32=u zUU(Q7+Siv~MFAG>4a|Q}vtH%lANb#F>u(i4%)jHSe}+4Mc|Fi0!H{}1W8voy_R{>N}Kt%e>hxmH1 MyzXh3^zZ8b0PH(~@c;k- literal 0 HcmV?d00001 From 08a1a74f06940dc5d4f9be9bbd99c4ac7ef75e7e Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Mon, 26 Apr 2021 11:04:44 +0300 Subject: [PATCH 35/45] DD4J-696 New valid RSA signing key/certificate for testing; updated unit tests --- .../test/java/org/digidoc4j/AbstractTest.java | 27 ++-- .../test/java/org/digidoc4j/X509CertTest.java | 26 ++-- .../impl/bdoc/BDocContainerTest.java | 132 +++++++++--------- .../impl/bdoc/IncompleteSigningTest.java | 2 +- .../digidoc4j/impl/bdoc/ValidationTest.java | 4 +- .../impl/bdoc/asic/TimeStampTokenTest.java | 3 +- .../bdoc/report/ValidationReportTest.java | 26 ++-- .../org/digidoc4j/jvm/JvmParametersTest.java | 6 +- .../org/digidoc4j/main/DigiDoc4JTest.java | 62 ++++---- .../signers/PKCS12SignatureTokenTest.java | 67 +++++---- .../digidoc4j/test/util/TestSigningUtil.java | 4 +- .../sign_RSA_from_TEST_of_ESTEIDSK2015.pem | 38 +++++ .../sign_RSA_from_TEST_of_ESTEIDSK2015.p12 | Bin 0 -> 3325 bytes 13 files changed, 228 insertions(+), 169 deletions(-) create mode 100644 digidoc4j/src/test/resources/testFiles/certs/sign_RSA_from_TEST_of_ESTEIDSK2015.pem create mode 100644 digidoc4j/src/test/resources/testFiles/p12/sign_RSA_from_TEST_of_ESTEIDSK2015.p12 diff --git a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java index 4087ca3ef..12ff3c3aa 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java @@ -82,7 +82,7 @@ public abstract class AbstractTest extends ConfigurationSingeltonHolder { protected static final String USER_AGENT_STRING = "test-user-agent"; - protected static final PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/signout.p12", "test".toCharArray()); + protected static final PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/sign_RSA_from_TEST_of_ESTEIDSK2015.p12", "1234".toCharArray()); protected static final PKCS12SignatureToken pkcs12EccSignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/MadDogOY.p12", "test".toCharArray()); protected static final PKCS12SignatureToken pkcs12Esteid2018SignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/sign_ESTEID2018.p12", "1234".toCharArray()); protected Configuration configuration; @@ -205,22 +205,27 @@ protected Container openContainerByConfiguration(Path path, Configuration config return builder.build(); } + @SuppressWarnings("unchecked") protected T createEmptyContainer() { return (T) ContainerBuilder.aContainer().build(); } + @SuppressWarnings("unchecked") protected T createEmptyContainer(Configuration configuration) { return (T) ContainerBuilder.aContainer().withConfiguration(configuration).build(); } + @SuppressWarnings("unchecked") protected T createEmptyContainer(Class clazz) { return (T) ContainerBuilder.aContainer().build(); } + @SuppressWarnings("unchecked") protected T createEmptyContainerBy(Container.DocumentType type) { return (T) ContainerBuilder.aContainer(type).build(); } + @SuppressWarnings("unchecked") protected T createEmptyContainerBy(Container.DocumentType type, Class clazz) { return (T) ContainerBuilder.aContainer(type).build(); } @@ -287,7 +292,7 @@ protected File createTemporaryFileBy(String content) { protected String getFileContent(InputStream stream) { try { - return IOUtils.toString(stream, "UTF-8"); + return IOUtils.toString(stream, StandardCharsets.UTF_8); } catch (IOException e) { throw new RuntimeException(e); } @@ -309,6 +314,7 @@ protected String getFileBy(String extension, boolean create) { return file; } + @SuppressWarnings("unchecked") protected T createSignatureBy(Container container, SignatureToken signatureToken) { return (T) this.createSignatureBy(container, (SignatureProfile) null, signatureToken); } @@ -321,6 +327,7 @@ protected T createSignatureBy(Container container, SignatureProfile signatur return this.createSignatureBy(container, signatureProfile, null, signatureToken); } + @SuppressWarnings("unchecked") protected T createSignatureBy(Container container, SignatureProfile signatureProfile, DigestAlgorithm digestAlgorithm, SignatureToken signatureToken) { SignatureBuilder builder = SignatureBuilder.aSignature(container).withSignatureToken(signatureToken); if (signatureProfile != null) { @@ -335,21 +342,22 @@ protected T createSignatureBy(Container container, SignatureProfile signatur } protected T createSignatureBy(Container.DocumentType type, SignatureToken signatureToken) { - return (T) this.createSignatureBy(type, null, signatureToken, Configuration.Mode.TEST); + return this.createSignatureBy(type, null, signatureToken, Configuration.Mode.TEST); } protected T createSignatureBy(Container.DocumentType type, SignatureToken signatureToken, Class clazz) { - return (T) this.createSignatureBy(type, null, signatureToken, Configuration.Mode.TEST); + return this.createSignatureBy(type, null, signatureToken, Configuration.Mode.TEST); } protected T createSignatureBy(Container.DocumentType type, SignatureToken signatureToken, Configuration.Mode mode) { - return (T) this.createSignatureBy(type, null, signatureToken, mode); + return this.createSignatureBy(type, null, signatureToken, mode); } protected T createSignatureBy(Container.DocumentType type, SignatureProfile signatureProfile, SignatureToken signatureToken) { - return (T) this.createSignatureBy(type, signatureProfile, signatureToken, Configuration.Mode.TEST); + return this.createSignatureBy(type, signatureProfile, signatureToken, Configuration.Mode.TEST); } + @SuppressWarnings("unchecked") protected T createSignatureBy(Container.DocumentType type, SignatureProfile signatureProfile, SignatureToken signatureToken, Configuration.Mode mode) { try { SignatureBuilder builder = SignatureBuilder.aSignature(TestDataBuilderUtil.createContainerWithFile(this.testFolder, type, mode)); @@ -362,6 +370,7 @@ protected T createSignatureBy(Container.DocumentType type, SignatureProfile } } + @SuppressWarnings("unchecked") protected T createSignatureBy(DigestAlgorithm digestAlgorithm, SignatureToken signatureToken) { try { return (T) SignatureBuilder.aSignature(this.createNonEmptyContainer()).withSignatureDigestAlgorithm(digestAlgorithm). @@ -374,7 +383,7 @@ protected T createSignatureBy(DigestAlgorithm digestAlgorithm, SignatureToke protected String createSignedContainerBy(String extension) { String file = this.getFileBy(extension); Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); container.save(file); return file; } @@ -403,11 +412,11 @@ protected DSSDocument sign(XadesSigningDssFacade facade, DigestAlgorithm digestA } protected byte[] sign(byte[] dataToSign, DigestAlgorithm digestAlgorithm) { - return this.pkcs12SignatureToken.sign(digestAlgorithm, dataToSign); + return pkcs12SignatureToken.sign(digestAlgorithm, dataToSign); } protected byte[] getDataToSign(XadesSigningDssFacade facade) { - facade.setSigningCertificate(this.pkcs12SignatureToken.getCertificate()); + facade.setSigningCertificate(pkcs12SignatureToken.getCertificate()); return facade.getDataToSign(this.createDataFilesToSign()); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/X509CertTest.java b/digidoc4j/src/test/java/org/digidoc4j/X509CertTest.java index 7aaaf4a7a..b6080e9d1 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/X509CertTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/X509CertTest.java @@ -27,20 +27,20 @@ public class X509CertTest { - private final X509Cert certificate = new X509Cert("src/test/resources/testFiles/certs/signout.pem"); + private final X509Cert certificate = new X509Cert("src/test/resources/testFiles/certs/sign_RSA_from_TEST_of_ESTEIDSK2015.pem"); private final SimpleDateFormat dateFormat = new SimpleDateFormat("dd.MM.yyyy"); @Test public void testGetX509Certificate() throws Exception { X509Certificate x509Certificate = this.certificate.getX509Certificate(); - Assert.assertEquals("SERIALNUMBER=11404176865, GIVENNAME=MÄRÜ-LÖÖZ, SURNAME=ŽÕRINÜWŠKY, " + - "CN=\"ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865\", OU=digital signature, O=ESTEID, C=EE", + Assert.assertEquals("SERIALNUMBER=60001013739, GIVENNAME=MARY ÄNN, SURNAME=O’CONNEŽ-ŠUSLIK TESTNUMBER, " + + "CN=\"O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739\", C=EE", x509Certificate.getSubjectDN().getName()); } @Test public void testGetSerialNumber() { - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", this.certificate.getSerial()); + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", this.certificate.getSerial()); } @Test @@ -59,7 +59,7 @@ public void testGetIssuerNameByPart() { @Test public void testGetPolicies() throws IOException { - Assert.assertEquals(1, this.certificate.getCertificatePolicies().size()); + Assert.assertEquals(2, this.certificate.getCertificatePolicies().size()); } @Test @@ -105,19 +105,19 @@ public void testKeyUsage() { @Test public void testGetPartOfSubjectName() throws Exception { - Assert.assertEquals("11404176865", this.certificate.getSubjectName(X509Cert.SubjectName.SERIALNUMBER)); - Assert.assertEquals("märü-lööz", this.certificate.getSubjectName(X509Cert.SubjectName.GIVENNAME).toLowerCase()); - Assert.assertEquals("žõrinüwšky", this.certificate.getSubjectName(X509Cert.SubjectName.SURNAME).toLowerCase()); - Assert.assertEquals("\"žõrinüwšky,märü-lööz,11404176865\"", this.certificate.getSubjectName(X509Cert.SubjectName.CN).toLowerCase()); - Assert.assertEquals("digital signature", this.certificate.getSubjectName(X509Cert.SubjectName.OU).toLowerCase()); - Assert.assertEquals("esteid", this.certificate.getSubjectName(X509Cert.SubjectName.O).toLowerCase()); + Assert.assertEquals("60001013739", this.certificate.getSubjectName(X509Cert.SubjectName.SERIALNUMBER)); + Assert.assertEquals("mary änn", this.certificate.getSubjectName(X509Cert.SubjectName.GIVENNAME).toLowerCase()); + Assert.assertEquals("o’connež-šuslik testnumber", this.certificate.getSubjectName(X509Cert.SubjectName.SURNAME).toLowerCase()); + Assert.assertEquals("\"o’connež-šuslik testnumber,mary änn,60001013739\"", this.certificate.getSubjectName(X509Cert.SubjectName.CN).toLowerCase()); Assert.assertEquals("ee", this.certificate.getSubjectName(X509Cert.SubjectName.C).toLowerCase()); + Assert.assertNull(this.certificate.getSubjectName(X509Cert.SubjectName.OU)); + Assert.assertNull(this.certificate.getSubjectName(X509Cert.SubjectName.O)); } @Test public void testGetSubjectName() throws Exception { - Assert.assertEquals("SERIALNUMBER=11404176865, GIVENNAME=MÄRÜ-LÖÖZ, SURNAME=ŽÕRINÜWŠKY, CN=\"ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ," + - "11404176865\", OU=digital signature, O=ESTEID, C=EE", this.certificate.getSubjectName()); + Assert.assertEquals("SERIALNUMBER=60001013739, GIVENNAME=MARY ÄNN, SURNAME=O’CONNEŽ-ŠUSLIK TESTNUMBER, " + + "CN=\"O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739\", C=EE", this.certificate.getSubjectName()); } @Test diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java index 1dc08fcd1..badc0a09d 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java @@ -71,25 +71,25 @@ public class BDocContainerTest extends AbstractTest { @Test public void testSetDigestAlgorithmToSHA256() throws Exception { - AsicESignature signature = this.createSignatureBy(DigestAlgorithm.SHA256, this.pkcs12SignatureToken); + AsicESignature signature = this.createSignatureBy(DigestAlgorithm.SHA256, pkcs12SignatureToken); Assert.assertEquals("http://www.w3.org/2001/04/xmlenc#sha256", signature.getSignatureDigestAlgorithm().getUri()); } @Test public void testSetDigestAlgorithmToSHA1() throws Exception { - AsicESignature signature = this.createSignatureBy(DigestAlgorithm.SHA1, this.pkcs12SignatureToken); + AsicESignature signature = this.createSignatureBy(DigestAlgorithm.SHA1, pkcs12SignatureToken); Assert.assertEquals("http://www.w3.org/2000/09/xmldsig#sha1", signature.getSignatureDigestAlgorithm().getUri()); } @Test public void testSetDigestAlgorithmToSHA224() throws Exception { - AsicESignature signature = this.createSignatureBy(DigestAlgorithm.SHA224, this.pkcs12SignatureToken); + AsicESignature signature = this.createSignatureBy(DigestAlgorithm.SHA224, pkcs12SignatureToken); Assert.assertEquals("http://www.w3.org/2001/04/xmldsig-more#sha224", signature.getSignatureDigestAlgorithm().getUri()); } @Test public void testDefaultDigestAlgorithm() throws Exception { - AsicESignature signature = this.createSignatureBy(Container.DocumentType.BDOC, this.pkcs12SignatureToken); + AsicESignature signature = this.createSignatureBy(Container.DocumentType.BDOC, pkcs12SignatureToken); Assert.assertEquals("http://www.w3.org/2001/04/xmlenc#sha256", signature.getSignatureDigestAlgorithm().getUri()); } @@ -119,7 +119,7 @@ public int read() throws IOException { } @Override - public int read(byte b[], int off, int len) throws IOException { + public int read(byte[] b, int off, int len) throws IOException { throw new IOException(); } @@ -139,7 +139,7 @@ public void testAddRawSignature() throws Exception { @Test public void testAddUnknownFileTypeKeepsMimeType() { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.unknown_type"), "text/test_type"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -149,20 +149,20 @@ public void testAddUnknownFileTypeKeepsMimeType() { @Test public void testSaveBDocDocumentWithTwoSignatures() throws Exception { Container container = this.createNonEmptyContainerBy(Container.DocumentType.BDOC); - this.createSignatureBy(container, this.pkcs12SignatureToken); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); Assert.assertEquals(2, container.getSignatures().size()); - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", container.getSignatures().get(0).getSigningCertificate().getSerial()); - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", container.getSignatures().get(1).getSigningCertificate().getSerial()); container = ContainerOpener.open(file); Assert.assertEquals(2, container.getSignatures().size()); - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", container.getSignatures().get(0).getSigningCertificate().getSerial()); - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", container.getSignatures().get(1).getSigningCertificate().getSerial()); } @@ -209,7 +209,7 @@ public void openContainerWithoutSignatures_addDataFileAndSignContainer() throws Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/container_without_signatures.bdoc"); Assert.assertEquals(1, container.getDataFiles().size()); container.addDataFile("src/test/resources/testFiles/helper-files/test.xml", "text/xml"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Assert.assertEquals(1, container.getSignatures().size()); Assert.assertTrue(container.validate().isValid()); String file = this.getFileBy("bdoc"); @@ -221,7 +221,7 @@ public void openContainerWithoutSignatures_addDataFileAndSignContainer() throws @Test public void testGetDefaultSignatureParameters() { Container container = this.createNonEmptyContainerBy(Container.DocumentType.BDOC); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -236,22 +236,22 @@ public void testGetDefaultSignatureParameters() { @Test public void getSignatureByIndex() { Container container = this.createNonEmptyContainerBy(Container.DocumentType.BDOC); - this.createSignatureBy(container, this.pkcs12SignatureToken); - this.createSignatureBy(container, this.pkcs12SignatureToken); - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", container.getSignatures().get(1).getSigningCertificate().getSerial()); + this.createSignatureBy(container, pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", container.getSignatures().get(1).getSigningCertificate().getSerial()); } @Test public void notThrowingNPEWhenDOCXFileIsAddedToContainer() { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/word_file.docx"), "text/xml"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Assert.assertEquals(1, container.getSignatures().size()); } @Test public void signPdfDataFile() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/special-char-files/dds_acrobat.pdf"), "application/pdf"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Assert.assertEquals(1, container.getDataFiles().size()); Assert.assertEquals(1, container.getSignatures().size()); String file = this.getFileBy("bdoc"); @@ -264,15 +264,15 @@ public void signPdfDataFile() throws Exception { @Test public void testAddSignaturesToExistingDocument() throws Exception { Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/asics_testing_two_signatures.bdoc"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); Assert.assertEquals(3, container.getSignatures().size()); - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", container.getSignatures().get(2).getSigningCertificate().getSerial()); container = ContainerOpener.open(file); Assert.assertEquals(3, container.getSignatures().size()); - Assert.assertEquals("530be41bbc597c44570e2b7c13bcfa0c", + Assert.assertEquals("6ec00b8b8c54c4f76082bd843e3a1526", container.getSignatures().get(2).getSigningCertificate().getSerial()); Assert.assertEquals(0, container.validate().getErrors().size()); } @@ -280,7 +280,7 @@ public void testAddSignaturesToExistingDocument() throws Exception { @Test public void testRemoveSignatureWhenOneSignatureExists() throws Exception { Container container = this.createNonEmptyContainerBy(Container.DocumentType.BDOC); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Signature signature = container.getSignatures().get(0); container.removeSignature(signature); String file = this.getFileBy("bdoc"); @@ -294,7 +294,7 @@ public void testRemoveSignatureWhenOneSignatureExists() throws Exception { public void testAddFilesWithSpecialCharactersIntoContainer() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/special-char-files/dds_dds_JÜRIÖÖ € žŠ päev.txt"), "text/plain"); //container.addDataFile("src/test/resources/testFiles/special-char-files/dds_колючей стерне.docx", "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); container.saveAsFile(this.getFileBy("bdoc")); Assert.assertEquals(0, container.validate().getContainerErrors().size()); } @@ -314,7 +314,7 @@ public void testRemoveSignatureWhenTwoSignaturesExist() throws Exception { @Test public void testRemoveSignatureWhenThreeSignaturesExist() throws Exception { Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/asics_testing_two_signatures.bdoc"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -331,7 +331,7 @@ public void testRemoveSignatureWhenThreeSignaturesExist() throws Exception { public void removeNewlyAddedSignatureFromExistingContainer() throws Exception { Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/asics_testing_two_signatures.bdoc"); Assert.assertEquals(2, container.getSignatures().size()); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Assert.assertEquals(3, container.getSignatures().size()); container.removeSignature(container.getSignatures().get(0)); Assert.assertEquals(2, container.getSignatures().size()); @@ -437,7 +437,7 @@ public void testAddingSameFileSeveralTimesViaInputStream() throws Exception { public void testAddDateFileViaInputStream() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile(new ByteArrayInputStream("test".getBytes()), "src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Assert.assertTrue(container.validate().isValid()); } @@ -445,7 +445,7 @@ public void testAddDateFileViaInputStream() throws Exception { public void testAddingSameFileInDifferentContainerSeveralTimes() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); container.save(this.getFileBy("bdoc")); } @@ -459,7 +459,7 @@ public void testAddFileAsStream() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); ByteArrayInputStream stream = new ByteArrayInputStream("tere, tere".getBytes()); container.addDataFile(stream, "test1.txt", "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); Container containerToTest = ContainerOpener.open(file); @@ -470,10 +470,10 @@ public void testAddFileAsStream() throws Exception { public void setsSignatureId() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); Signature signature1 = SignatureBuilder.aSignature(container).withSignatureId("SIGNATURE-1"). - withSignatureToken(this.pkcs12SignatureToken).invokeSigning(); + withSignatureToken(pkcs12SignatureToken).invokeSigning(); container.addSignature(signature1); Signature signature2 = SignatureBuilder.aSignature(container).withSignatureId("SIGNATURE-2"). - withSignatureToken(this.pkcs12SignatureToken).invokeSigning(); + withSignatureToken(pkcs12SignatureToken).invokeSigning(); container.addSignature(signature2); String file = this.getFileBy("bdoc"); container.saveAsFile(file); @@ -488,8 +488,8 @@ public void setsSignatureId() throws Exception { @Test public void setsDefaultSignatureId() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -506,7 +506,7 @@ public void setsDefaultSignatureId() throws Exception { @Test public void getDataFileByIndex() { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Assert.assertEquals("test.txt", container.getDataFile(0).getName()); } @@ -528,7 +528,7 @@ public void testLargeFileSigning() throws Exception { .withConfiguration(new Configuration(Configuration.Mode.TEST)).build(); container.getConfiguration().enableBigFilesSupport(10); container.addDataFile(this.createNonEmptyLargeContainer(container.getConfiguration().getMaxDataFileCachedInBytes() + 100), "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); } @Test @@ -538,7 +538,7 @@ public void openLargeFileFromStream() throws IOException { container.getConfiguration().enableBigFilesSupport(0); String file = this.createNonEmptyLargeContainer(container.getConfiguration().getMaxDataFileCachedInBytes() + 100); container.addDataFile(file, "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); container.save(file); try (FileInputStream stream = new FileInputStream(new File(file))) { ContainerOpener.open(stream, true); @@ -553,7 +553,7 @@ public void openAddFileFromStream() throws IOException { String file = this.createNonEmptyLargeContainer(container.getConfiguration().getMaxDataFileCachedInBytes() + 100); try (FileInputStream stream = new FileInputStream(new File(file))) { container.addDataFile(stream, "fileName", "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); container.save(file); FileInputStream stream2 = new FileInputStream(new File(file)); ContainerOpener.open(stream2, true); @@ -581,7 +581,7 @@ public void testAddTwoFilesAsFileWithoutOCSP() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); container.addDataFile("src/test/resources/testFiles/helper-files/test.xml", "text/xml"); - this.createSignatureBy(container, SignatureProfile.B_BES, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.B_BES, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -592,7 +592,7 @@ public void testAddTwoFilesAsFileWithoutOCSP() throws Exception { public void testGetFileNameAndID() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); container.addDataFile("src/test/resources/testFiles/helper-files/test.xml", "text/xml"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -606,7 +606,7 @@ public void testGetFileNameAndID() throws Exception { public void testAddTwoFilesAsFileWithOCSP() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); container.addDataFile("src/test/resources/testFiles/helper-files/test.xml", "text/xml"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -617,7 +617,7 @@ public void testAddTwoFilesAsFileWithOCSP() throws Exception { public void saveToStream() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile(new ByteArrayInputStream(new byte[]{0x42}), "test_bytes.txt", "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); File expectedContainerAsFile = new File(this.getFileBy("bdoc")); OutputStream out = new FileOutputStream(expectedContainerAsFile); container.save(out); @@ -629,7 +629,7 @@ public void saveToStream() throws Exception { @Test public void saveExistingContainerToStream() throws Exception { Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/asics_testing_two_signatures.bdoc"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Assert.assertEquals(3, container.getSignatures().size()); InputStream inputStream = container.saveAsStream(); ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); @@ -643,7 +643,7 @@ public void saveExistingContainerToStream() throws Exception { @Test(expected = DigiDoc4JException.class) public void saveToStreamThrowsException() throws IOException { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); File expectedContainerAsFile = new File(this.getFileBy("bdoc")); OutputStream out = new FileOutputStream(expectedContainerAsFile); out.close(); @@ -670,7 +670,7 @@ public void saveExistingContainer() throws Exception { @Test public void containerIsLT() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); - this.createSignatureBy(container, SignatureProfile.LT, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.saveAsFile(file); container = ContainerOpener.open(file); @@ -680,14 +680,14 @@ public void containerIsLT() throws Exception { @Test(expected = DigiDoc4JException.class) public void signWithoutDataFile() throws Exception { - this.createSignatureBy(this.createEmptyContainerBy(Container.DocumentType.BDOC, Container.class), this.pkcs12SignatureToken); + this.createSignatureBy(this.createEmptyContainerBy(Container.DocumentType.BDOC, Container.class), pkcs12SignatureToken); } @Test public void nonStandardMimeType() { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/newtype"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); container = ContainerOpener.open(file); @@ -707,7 +707,7 @@ public void twoStepSigning() throws IOException { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); DataToSign dataToSign = SignatureBuilder.aSignature(container). - withSigningCertificate(this.pkcs12SignatureToken.getCertificate()).buildDataToSign(); + withSigningCertificate(pkcs12SignatureToken.getCertificate()).buildDataToSign(); Signature signature = dataToSign.finalize(this.sign(dataToSign.getDataToSign(), dataToSign.getDigestAlgorithm())); container.addSignature(signature); String file = this.getFileBy("bdoc"); @@ -722,7 +722,7 @@ public void twoStepSigning() throws IOException { Assert.assertTrue(StringUtils.isNotBlank(resultSignature.getId())); Assert.assertNotNull(resultSignature.getOCSPCertificate()); Assert.assertNotNull(resultSignature.getSigningCertificate()); - Assert.assertNotNull(resultSignature.getAdESSignature().length); + Assert.assertNotNull(resultSignature.getAdESSignature()); Assert.assertEquals(SignatureProfile.LT, resultSignature.getProfile()); Assert.assertNotNull(resultSignature.getTimeStampTokenCertificate()); List dataFiles = container.getDataFiles(); @@ -741,7 +741,7 @@ public void twoStepSigningVerifySignatureParameters() { Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC).build(); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); DataToSign dataToSign = SignatureBuilder.aSignature(container). - withSignatureDigestAlgorithm(DigestAlgorithm.SHA512).withSigningCertificate(this.pkcs12SignatureToken.getCertificate()). + withSignatureDigestAlgorithm(DigestAlgorithm.SHA512).withSigningCertificate(pkcs12SignatureToken.getCertificate()). withSignatureId("S99").withRoles("manager", "employee").withCity("city").withStateOrProvince("state"). withPostalCode("postalCode").withCountry("country").buildDataToSign(); byte[] signatureValue = this.sign(dataToSign.getDataToSign(), dataToSign.getDigestAlgorithm()); @@ -762,7 +762,7 @@ public void twoStepSigningVerifySignatureParameters() { public void testContainerCreationAsTSA() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - this.createSignatureBy(container, SignatureProfile.LTA, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.LTA, pkcs12SignatureToken); Assert.assertNotNull(container.getSignatures().get(0).getOCSPCertificate()); } @@ -770,7 +770,7 @@ public void testContainerCreationAsTSA() throws Exception { public void testBDocTM() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - this.createSignatureBy(container, SignatureProfile.LT_TM, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.LT_TM, pkcs12SignatureToken); Assert.assertTrue(container.validate().isValid()); } @@ -778,7 +778,7 @@ public void testBDocTM() throws Exception { public void testBDocTS() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - this.createSignatureBy(container, SignatureProfile.LT, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); Assert.assertTrue(container.validate().isValid()); } @@ -786,7 +786,7 @@ public void testBDocTS() throws Exception { public void containerWithBESProfileHasNoValidationErrors() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - this.createSignatureBy(container, SignatureProfile.B_BES, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.B_BES, pkcs12SignatureToken); Assert.assertEquals(SignatureProfile.B_BES, container.getSignatures().get(0).getProfile()); Assert.assertNull(container.getSignatures().get(0).getOCSPCertificate()); Assert.assertFalse(container.validate().isValid()); @@ -806,7 +806,7 @@ public void signWithECCCertificate() throws Exception { @Test public void zipFileComment() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt")); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.save(file); String expectedComment = Constant.USER_AGENT_STRING; @@ -826,7 +826,7 @@ public void signingMoreThanTwoFiles() throws Exception { container.addDataFile("src/test/resources/testFiles/special-char-files/dds_pakitud.zip", "text/plain"); container.addDataFile("src/test/resources/testFiles/special-char-files/dds_SK.jpg", "text/plain"); container.addDataFile("src/test/resources/testFiles/special-char-files/dds_acrobat.pdf", "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); Signature signature = container.getSignatures().get(0); TestAssert.assertSignatureMetadataContainsFileName(signature, "dds_dds_JÜRIÖÖ € žŠ päev.txt"); TestAssert.assertSignatureMetadataContainsFileName(signature, "dds_pakitud.zip"); @@ -837,9 +837,9 @@ public void signingMoreThanTwoFiles() throws Exception { @Test public void signatureFileNamesShouldBeInSequence() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt"), "text/plain"); - this.createSignatureBy(container, this.pkcs12SignatureToken); - this.createSignatureBy(container, this.pkcs12SignatureToken); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.saveAsFile(file); ZipFile zip = new ZipFile(file); @@ -854,7 +854,7 @@ public void whenSigningExistingContainer_withTwoSignatures_shouldCreateSignature Assert.assertNotNull(zip.getEntry("META-INF/signatures0.xml")); Assert.assertNotNull(zip.getEntry("META-INF/signatures1.xml")); Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/asics_testing_two_signatures.bdoc"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.saveAsFile(file); zip = new ZipFile(file); @@ -869,7 +869,7 @@ public void whenSigningExistingContainer_with_signatures1_xml_shouldCreateSignat Assert.assertNull(zip.getEntry("META-INF/signatures0.xml")); Assert.assertNotNull(zip.getEntry("META-INF/signatures1.xml")); Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/DigiDocService_spec_est.pdf-TM-j.bdoc"); - this.createSignatureBy(container, this.pkcs12SignatureToken); + this.createSignatureBy(container, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.saveAsFile(file); zip = new ZipFile(file); @@ -882,7 +882,7 @@ public void whenSigningExistingContainer_with_signatures1_xml_shouldCreateSignat public void addSignatureWithDuplicateSignatureId_throwsException() throws Exception { Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/test.asice"); Signature signature = SignatureBuilder.aSignature(container). - withSignatureToken(this.pkcs12SignatureToken).withSignatureId("S0").invokeSigning(); + withSignatureToken(pkcs12SignatureToken).withSignatureId("S0").invokeSigning(); container.addSignature(signature); } @@ -915,8 +915,8 @@ public void whenSigningContainer_withSignatureNameContainingNonNumericCharacters Assert.assertNull(zip.getEntry("META-INF/signatures0.xml")); Assert.assertNull(zip.getEntry("META-INF/signatures1.xml")); Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/valid-bdoc-ts-signature-file-name-with-non-numeric-characters.asice"); - this.createSignatureBy(container, SignatureProfile.LT, this.pkcs12SignatureToken); - this.createSignatureBy(container, SignatureProfile.LT, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); String file = this.getFileBy("bdoc"); container.saveAsFile(file); zip = new ZipFile(file); @@ -978,7 +978,7 @@ public void containerWithImplicitPolicy(){ public void bdocTM_OcspResponderCert_shouldContainResponderCertIdAttribute() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - BDocSignature signature = this.createSignatureBy(container, SignatureProfile.LT_TM, this.pkcs12SignatureToken); + BDocSignature signature = this.createSignatureBy(container, SignatureProfile.LT_TM, pkcs12SignatureToken); Assert.assertEquals(1, this.countOCSPResponderCertificates(signature.getOrigin().getDssSignature())); } @@ -1029,7 +1029,7 @@ public void settingUpOwnSignaturePolicy() throws Exception { Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC).build(); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); Signature signature = SignatureBuilder.aSignature(container).withOwnSignaturePolicy(signaturePolicy). - withSignatureDigestAlgorithm(DigestAlgorithm.SHA224).withSignatureToken(this.pkcs12SignatureToken). + withSignatureDigestAlgorithm(DigestAlgorithm.SHA224).withSignatureToken(pkcs12SignatureToken). withSignatureProfile(SignatureProfile.LT_TM).invokeSigning(); container.addSignature(signature); String file = this.getFileBy("bdoc"); @@ -1048,7 +1048,7 @@ public void containerWithSignaturePolicyByDefault() throws Exception { Container container = ContainerBuilder.aContainer(Container.DocumentType.BDOC).build(); container.addDataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); Signature signature = SignatureBuilder.aSignature(container).withSignatureDigestAlgorithm(DigestAlgorithm.SHA224). - withSignatureToken(this.pkcs12SignatureToken).withSignatureProfile(SignatureProfile.LT_TM).invokeSigning(); + withSignatureToken(pkcs12SignatureToken).withSignatureProfile(SignatureProfile.LT_TM).invokeSigning(); container.addSignature(signature); String file = this.getFileBy("bdoc"); container.saveAsFile(file); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java index 323f6b9b2..fcbab4034 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java @@ -171,7 +171,7 @@ public void signatureProfileBepesShouldNotFailWhenTslCouldNotBeLoaded() { ); } - @Test(expected = OCSPRequestFailedException.class) + @Test(expected = TechnicalException.class) public void signatureProfileLtTmShouldFailWhenTslLoadingFails() { setUpTestConfigurationWithFailingTSL(); createSignatureBy(createNonEmptyContainerByConfiguration(), SignatureProfile.LT_TM, pkcs12SignatureToken); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 606ff0fe6..0abccac0f 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -123,14 +123,14 @@ public void testValidateBeforeAndAfterContainerChange() { Assert.assertTrue(result.isValid()); Assert.assertEquals(1, result.getReports().size()); - Assert.assertEquals("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", result.getReports().get(0).getSignedBy()); + Assert.assertEquals("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", result.getReports().get(0).getSignedBy()); this.createSignatureBy(container, this.pkcs12Esteid2018SignatureToken); result = container.validate(); Assert.assertTrue(result.isValid()); Assert.assertEquals(2, result.getReports().size()); - Assert.assertEquals("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", result.getReports().get(0).getSignedBy()); + Assert.assertEquals("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", result.getReports().get(0).getSignedBy()); Assert.assertEquals("JÕEORG,JAAK-KRISTJAN,38001085718", result.getReports().get(1).getSignedBy()); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java index d07982490..3a0cd4032 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java @@ -15,6 +15,7 @@ import org.digidoc4j.impl.asic.manifest.ManifestValidator; import org.digidoc4j.test.TestAssert; import org.digidoc4j.test.util.TestDigiDoc4JUtil; +import org.digidoc4j.test.util.TestSigningUtil; import org.hamcrest.core.StringContains; import org.junit.Assert; import org.junit.Rule; @@ -175,7 +176,7 @@ public void tstASICSAddPKCS12Signature() throws Exception { public void asicsAddPKCS12Signature() throws Exception { String fileName = this.getFileBy("asics"); String[] parameters = new String[]{"-in", fileName, "-type", "ASICS", "-add", "src/test/resources/testFiles/helper-files/dds_колючей стерне.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test"}; + "text/plain", "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Assert.assertThat(this.stdOut.getLog(), StringContains.containsString("Not supported: Not for ASiC-S container")); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/report/ValidationReportTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/report/ValidationReportTest.java index 07540ccc0..dfc52c105 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/report/ValidationReportTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/report/ValidationReportTest.java @@ -30,7 +30,7 @@ public class ValidationReportTest extends AbstractTest { @Test public void validContainerWithOneSignature() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt")); - Signature signature = this.createSignatureBy(container, SignatureProfile.LT, this.pkcs12SignatureToken); + Signature signature = this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); String signatureId = signature.getId(); SignatureValidationResult result = container.validate(); Assert.assertTrue(result.isValid()); @@ -41,13 +41,13 @@ public void validContainerWithOneSignature() throws Exception { TestAssert.assertXPathHasValue("1", "count(/SimpleReport/Signature)", report); TestAssert.assertXPathHasValue(signatureId, "/SimpleReport/Signature/@Id", report); TestAssert.assertXPathHasValue("XAdES-BASELINE-LT", "/SimpleReport/Signature/@SignatureFormat", report); - TestAssert.assertXPathHasValue("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", "/SimpleReport/Signature[@Id='" + signatureId + "']/SignedBy", report); + TestAssert.assertXPathHasValue("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", "/SimpleReport/Signature[@Id='" + signatureId + "']/SignedBy", report); TestAssert.assertXPathHasValue("TOTAL_PASSED", "/SimpleReport/Signature[@Id='" + signatureId + "']/Indication", report); TestAssert.assertXPathHasValue("Full document", "/SimpleReport/Signature[@Id='" + signatureId + "']/SignatureScope", report); TestAssert.assertXPathHasValue("test.txt", "/SimpleReport/Signature[@Id='" + signatureId + "']/SignatureScope/@name", report); TestAssert.assertXPathHasValue("", "/SimpleReport/Signature[@Id='" + signatureId + "']/Errors", report); TestAssert.assertXPathHasValue("true", "count(/SimpleReport/Signature[@Id='" + signatureId + "']/CertificateChain/Certificate) > 1", report); - TestAssert.assertXPathHasValue("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", "/SimpleReport/Signature[@Id='" + signatureId + + TestAssert.assertXPathHasValue("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", "/SimpleReport/Signature[@Id='" + signatureId + "']/CertificateChain/Certificate[1]/qualifiedName", report); } @@ -55,7 +55,7 @@ public void validContainerWithOneSignature() throws Exception { public void validContainerWithOneTmSignature() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt")); container.addDataFile("src/test/resources/testFiles/special-char-files/dds_acrobat.pdf", MimeType.PDF.getMimeTypeString()); - this.createSignatureBy(container, SignatureProfile.LT_TM, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.LT_TM, pkcs12SignatureToken); String report = container.validate().getReport(); TestAssert.assertXPathHasValue("1", "/SimpleReport/SignaturesCount", report); TestAssert.assertXPathHasValue("1", "/SimpleReport/ValidSignaturesCount", report); @@ -65,13 +65,13 @@ public void validContainerWithOneTmSignature() throws Exception { TestAssert.assertXPathHasValue("test.txt", "/SimpleReport/Signature/SignatureScope[1]/@name", report); TestAssert.assertXPathHasValue("dds_acrobat.pdf", "/SimpleReport/Signature/SignatureScope[2]/@name", report); TestAssert.assertXPathHasValue("true", "count(/SimpleReport/Signature/CertificateChain/Certificate) > 1", report); - TestAssert.assertXPathHasValue("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", "/SimpleReport/Signature/CertificateChain/Certificate[1]/qualifiedName", report); + TestAssert.assertXPathHasValue("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", "/SimpleReport/Signature/CertificateChain/Certificate[1]/qualifiedName", report); } @Test public void containerWithOneBesSignature() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt")); - this.createSignatureBy(container, SignatureProfile.B_BES, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.B_BES, pkcs12SignatureToken); String report = container.validate().getReport(); TestAssert.assertXPathHasValue("1", "/SimpleReport/SignaturesCount", report); TestAssert.assertXPathHasValue("0", "/SimpleReport/ValidSignaturesCount", report); @@ -81,13 +81,13 @@ public void containerWithOneBesSignature() throws Exception { TestAssert.assertXPathHasValue("TRY_LATER", "/SimpleReport/Signature/SubIndication", report); TestAssert.assertXPathHasValue("test.txt", "/SimpleReport/Signature/SignatureScope/@name", report); TestAssert.assertXPathHasValue("true", "count(/SimpleReport/Signature/CertificateChain/Certificate) > 1", report); - TestAssert.assertXPathHasValue("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", "/SimpleReport/Signature/CertificateChain/Certificate[1]/qualifiedName", report); + TestAssert.assertXPathHasValue("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", "/SimpleReport/Signature/CertificateChain/Certificate[1]/qualifiedName", report); } @Test public void containerWithOneEpesSignature() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt")); - this.createSignatureBy(container, SignatureProfile.B_EPES, this.pkcs12SignatureToken); + this.createSignatureBy(container, SignatureProfile.B_EPES, pkcs12SignatureToken); String report = container.validate().getReport(); TestAssert.assertXPathHasValue("1", "/SimpleReport/SignaturesCount", report); TestAssert.assertXPathHasValue("0", "/SimpleReport/ValidSignaturesCount", report); @@ -97,14 +97,14 @@ public void containerWithOneEpesSignature() throws Exception { TestAssert.assertXPathHasValue("TRY_LATER", "/SimpleReport/Signature/SubIndication", report); TestAssert.assertXPathHasValue("test.txt", "/SimpleReport/Signature/SignatureScope/@name", report); TestAssert.assertXPathHasValue("true", "count(/SimpleReport/Signature/CertificateChain/Certificate) > 1", report); - TestAssert.assertXPathHasValue("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", "/SimpleReport/Signature/CertificateChain/Certificate[1]/qualifiedName", report); + TestAssert.assertXPathHasValue("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", "/SimpleReport/Signature/CertificateChain/Certificate[1]/qualifiedName", report); } @Test public void validContainerWithTwoSignatures() throws Exception { Container container = this.createNonEmptyContainerBy(Paths.get("src/test/resources/testFiles/helper-files/test.txt")); - Signature signature1 = this.createSignatureBy(container, SignatureProfile.LT_TM, this.pkcs12SignatureToken); - Signature signature2 = this.createSignatureBy(container, SignatureProfile.LT, this.pkcs12SignatureToken); + Signature signature1 = this.createSignatureBy(container, SignatureProfile.LT_TM, pkcs12SignatureToken); + Signature signature2 = this.createSignatureBy(container, SignatureProfile.LT, pkcs12SignatureToken); SignatureValidationResult result = container.validate(); Assert.assertTrue(result.isValid()); String report = result.getReport(); @@ -118,9 +118,9 @@ public void validContainerWithTwoSignatures() throws Exception { TestAssert.assertXPathHasValue("test.txt", "/SimpleReport/Signature[1]/SignatureScope/@name", report); TestAssert.assertXPathHasValue("test.txt", "/SimpleReport/Signature[2]/SignatureScope/@name", report); TestAssert.assertXPathHasValue("true", "count(/SimpleReport/Signature[1]/CertificateChain/Certificate) > 1", report); - TestAssert.assertXPathHasValue("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", "/SimpleReport/Signature[1]/CertificateChain/Certificate[1]/qualifiedName", report); + TestAssert.assertXPathHasValue("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", "/SimpleReport/Signature[1]/CertificateChain/Certificate[1]/qualifiedName", report); TestAssert.assertXPathHasValue("true", "count(/SimpleReport/Signature[2]/CertificateChain/Certificate) > 1", report); - TestAssert.assertXPathHasValue("ŽÕRINÜWŠKY,MÄRÜ-LÖÖZ,11404176865", "/SimpleReport/Signature[2]/CertificateChain/Certificate[1]/qualifiedName", report); + TestAssert.assertXPathHasValue("O’CONNEŽ-ŠUSLIK TESTNUMBER,MARY ÄNN,60001013739", "/SimpleReport/Signature[2]/CertificateChain/Certificate[1]/qualifiedName", report); } @Test diff --git a/digidoc4j/src/test/java/org/digidoc4j/jvm/JvmParametersTest.java b/digidoc4j/src/test/java/org/digidoc4j/jvm/JvmParametersTest.java index 4942f35bd..82b2d8f7a 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/jvm/JvmParametersTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/jvm/JvmParametersTest.java @@ -54,8 +54,7 @@ public void dataLoaderHttpsProxyEmptyTest() { ProxyProperties httpsProperties = dataLoader.getProxyConfig().getHttpsProperties(); Assert.assertEquals("http.proxyHost", httpProperties.getHost()); Assert.assertEquals(8800, httpProperties.getPort()); - Assert.assertEquals(null, httpsProperties.getHost()); - Assert.assertEquals(0, httpsProperties.getPort()); + Assert.assertNull(httpsProperties); } @Test @@ -67,8 +66,7 @@ public void dataLoaderHttpProxyEmptyTest() { DataLoaderDecorator.decorateWithProxySettings(dataLoader, this.configuration); ProxyProperties httpProperties = dataLoader.getProxyConfig().getHttpProperties(); ProxyProperties httpsProperties = dataLoader.getProxyConfig().getHttpsProperties(); - Assert.assertEquals(null, httpProperties.getHost()); - Assert.assertEquals(0, httpProperties.getPort()); + Assert.assertNull(httpProperties); Assert.assertEquals("https.proxyHost", httpsProperties.getHost()); Assert.assertEquals(10000, httpsProperties.getPort()); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java b/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java index 01f30a96c..559d04f20 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java @@ -24,6 +24,7 @@ import org.digidoc4j.test.TestAssert; import org.digidoc4j.test.util.TestCommonUtil; import org.digidoc4j.test.util.TestDigiDoc4JUtil; +import org.digidoc4j.test.util.TestSigningUtil; import org.hamcrest.core.StringContains; import org.junit.Assert; import org.junit.Ignore; @@ -55,14 +56,14 @@ public void testComposingAndSigningAndAddingDataToSignFile() { String dataToSignFile = this.getFileBy("ser"); String[] parameters = new String[]{"-in", containerFile, "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-dts", dataToSignFile, "text/plain", "-cert", "src/test/resources/testFiles/certs/signout.pem"}; + "text/plain", "-dts", dataToSignFile, "text/plain", "-cert", "src/test/resources/testFiles/certs/sign_RSA_from_TEST_of_ESTEIDSK2015.pem"}; TestDigiDoc4JUtil.call(parameters); Assert.assertTrue(String.format("No data to sign file <%s>", dataToSignFile), new File(dataToSignFile).exists ()); Assert.assertTrue(String.format("No container file <%s>", containerFile), new File(containerFile).exists()); String signatureFile = this.getFileBy("sig"); parameters = new String[]{"-dts", dataToSignFile, - "-sig", signatureFile, "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-sig", signatureFile, "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Assert.assertTrue(String.format("No signature file <%s>", signatureFile), new File(signatureFile).exists()); parameters = new String[]{"-in", containerFile, "-sig", signatureFile, @@ -75,8 +76,9 @@ public void testComposingAndSigningAndAddingDataToSignFile() { public void createsContainerWithSignatureProfileIsTSAForBDoc() throws Exception { String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, "-type", "BDOC", - "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test", "-profile", "LTA"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-profile", "LTA"}; TestDigiDoc4JUtil.call(parameters); Container container = ContainerOpener.open(file); Assert.assertEquals(SignatureProfile.LTA, container.getSignatures().get(0).getProfile()); @@ -86,8 +88,9 @@ public void createsContainerWithSignatureProfileIsTSAForBDoc() throws Exception public void createsContainerWithSignatureProfileIsTSForBDoc() throws Exception { String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, "-type", "BDOC", - "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test", "-profile", "LT"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-profile", "LT"}; TestDigiDoc4JUtil.call(parameters); Assert.assertEquals(SignatureProfile.LT, ContainerOpener.open(file).getSignatures().get(0).getProfile()); } @@ -95,8 +98,10 @@ public void createsContainerWithSignatureProfileIsTSForBDoc() throws Exception { @Test public void createsContainerWithSignatureProfileIsTSForAsice() throws Exception { String fileName = this.getFileBy("asice"); - String[] params = new String[]{"-in", fileName, "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test", "-profile", "LT"}; + String[] params = new String[]{"-in", fileName, + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-profile", "LT"}; System.setProperty("digidoc4j.mode", "TEST"); TestDigiDoc4JUtil.call(params); Container container = ContainerOpener.open(fileName); @@ -109,8 +114,9 @@ public void createsContainerWithSignatureProfileIsTSForAsice() throws Exception public void createsContainerWithSignatureProfileIsBESForBDoc() throws Exception { String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, "-type", "BDOC", - "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test", "-profile", "B_BES"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-profile", "B_BES"}; TestDigiDoc4JUtil.call(parameters); Assert.assertEquals(SignatureProfile.B_BES, ContainerOpener.open(file).getSignatures().get(0).getProfile()); } @@ -139,8 +145,9 @@ public void createsECCSignature() throws Exception { public void createsContainerWithUnknownSignatureProfile() throws Exception { String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, "-type", "BDOC", - "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test", "-profile", "Unknown"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-profile", "Unknown"}; TestDigiDoc4JUtil.call(parameters); Assert.assertEquals(SignatureProfile.LT, ContainerOpener.open(file).getSignatures().get(0).getProfile()); } @@ -189,8 +196,8 @@ public void checkAssertion() throws Exception { public void createsContainerWithTypeSettingBDoc() throws Exception { String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, "-type", "BDOC", - "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Container container = ContainerOpener.open(file); assertAsicEContainer(container); @@ -216,8 +223,8 @@ public void commandLineDigidoc4jModeOverwritesDefault() throws Exception { public void createsContainerWithTypeSettingBasedOnFileExtensionBDoc() throws Exception { String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, - "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Container container = ContainerOpener.open(file); assertAsicEContainer(container); @@ -227,8 +234,8 @@ public void createsContainerWithTypeSettingBasedOnFileExtensionBDoc() throws Exc public void createsContainerWithTypeSettingBDocIfNoSuitableFileExtensionAndNoType() throws Exception { String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, - "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Container container = ContainerOpener.open(file); assertAsicEContainer(container); @@ -239,8 +246,8 @@ public void createsContainerAndSignsIt() throws Exception { this.systemExit.expectSystemExitWithStatus(0); String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, - "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; DigiDoc4J.main(parameters); } @@ -314,8 +321,8 @@ public void createMultipleSignedContainers_withinInputDirectory() throws Excepti FileUtils.writeStringToFile(new File(inputFolder, "firstDoc.txt"), "Hello daddy"); FileUtils.writeStringToFile(new File(inputFolder, "secondDoc.pdf"), "John Matrix"); FileUtils.writeStringToFile(new File(inputFolder, "thirdDoc.acc"), "Major General Franklin Kirby"); - String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Assert.assertEquals(3, new File(outputFolder).listFiles().length); TestAssert.assertFolderContainsFile(outputFolder, "firstDoc.bdoc"); @@ -329,8 +336,9 @@ public void createMultipleSignedContainers_withoutOutputDirectory_shouldCreateOu String outputFolder = new File(inputFolder, "notExistingOutputFolder").getPath(); FileUtils.writeStringToFile(new File(inputFolder, "firstDoc.txt"), "Hello daddy"); FileUtils.writeStringToFile(new File(inputFolder, "secondDoc.pdf"), "John Matrix"); - String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test", "-type", "BDOC"}; + String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-type", "BDOC"}; TestDigiDoc4JUtil.call(parameters); File folder = new File(outputFolder); Assert.assertTrue(folder.exists()); @@ -347,8 +355,8 @@ public void createMultipleSignedContainers_withExistingSavedContainers_shouldThr String outputFolder = this.testFolder.newFolder("outputFolder").getPath(); FileUtils.writeStringToFile(new File(inputFolder, "firstDoc.txt"), "Hello daddy"); FileUtils.writeStringToFile(new File(outputFolder, "firstDoc.bdoc"), "John Matrix"); - String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; DigiDoc4J.main(parameters); } @@ -359,7 +367,7 @@ public void createSignedContainer_forEachFile_withInputDirectoryAndMimeType() th FileUtils.writeStringToFile(new File(inputFolder, "firstDoc.txt"), "Hello daddy"); FileUtils.writeStringToFile(new File(inputFolder, "secondDoc.pdf"), "John Matrix"); String[] parameters = new String[]{"-inputDir", inputFolder, "-mimeType", "text/xml", "-outputDir", outputFolder, - "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Container container = ContainerOpener.open(new File(outputFolder, "firstDoc.bdoc").getPath()); Assert.assertEquals("text/xml", container.getDataFiles().get(0).getMediaType()); diff --git a/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java b/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java index 6266a0a01..451cfa80d 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java @@ -25,44 +25,49 @@ public class PKCS12SignatureTokenTest extends AbstractTest { @Test public void getCertificate() throws CertificateEncodingException { X509Cert x509Cert = new X509Cert(pkcs12SignatureToken.getCertificate()); - Assert.assertEquals("MIIFrjCCA5agAwIBAgIQUwvkG7xZfERXDit8E7z6DDANBgkqhkiG9w0BAQsFADBr" + + Assert.assertEquals("MIIGuDCCBKCgAwIBAgIQbsALi4xUxPdggr2EPjoVJjANBgkqhkiG9w0BAQsFADBr" + "MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1" + "czEXMBUGA1UEYQwOTlRSRUUtMTA3NDcwMTMxHzAdBgNVBAMMFlRFU1Qgb2YgRVNU" + - "RUlELVNLIDIwMTUwHhcNMTYwNDEzMTEyMDI4WhcNMjEwNDEyMjA1OTU5WjCBtDEL" + - "MAkGA1UEBhMCRUUxDzANBgNVBAoMBkVTVEVJRDEaMBgGA1UECwwRZGlnaXRhbCBz" + - "aWduYXR1cmUxMTAvBgNVBAMMKMW9w5VSSU7DnFfFoEtZLE3DhFLDnC1Mw5bDllos" + - "MTE0MDQxNzY4NjUxFzAVBgNVBAQMDsW9w5VSSU7DnFfFoEtZMRYwFAYDVQQqDA1N" + - "w4RSw5wtTMOWw5ZaMRQwEgYDVQQFEwsxMTQwNDE3Njg2NTCCASIwDQYJKoZIhvcN" + - "AQEBBQADggEPADCCAQoCggEBAJrWrja4BY6nlDXf/46So37NcJoDAB8d6pZr2XxM" + - "4cCv3MqAKAuf8oew38jc+/20oBiMo9bSWfTrjCtunuyJxBi6/xX1SwXqXpCIcAeA" + - "tL8SA4NRuWQGEFxGRJtPUNpzVkiIBI5u+yENpxvGFOW7777u0E7E3p/Jx6Y6HflI" + - "CQPm48zjzeBytJ+m6v6EdObnOpeJtusaZ+Yg/hmrCRRgJeRtnjJIw5LmLrjqm185" + - "BFtgwFH0J8iAr18FSua5yLP343s4vZx8np1NqmdJrlHt5IjX2D3+QAObJmh/U+id" + - "oNdThlJlst/cj5/y496vR+PhSWIWzqv//xYH41qIkXDjD+UCAwEAAaOCAQIwgf8w" + - "CQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBkAwOwYDVR0gBDQwMjAwBgkrBgEEAc4f" + - "AwEwIzAhBggrBgEFBQcCARYVaHR0cHM6Ly93d3cuc2suZWUvY3BzMB0GA1UdDgQW" + - "BBQ27kyYhup5RKLxTM1gxY+BDz/N0jAiBggrBgEFBQcBAwQWMBQwCAYGBACORgEB" + - "MAgGBgQAjkYBBDAfBgNVHSMEGDAWgBRJwPJEOWXVm0Y7DThgg7HWLSiGpjBBBgNV" + - "HR8EOjA4MDagNKAyhjBodHRwOi8vd3d3LnNrLmVlL2NybHMvZXN0ZWlkL3Rlc3Rf" + - "ZXN0ZWlkMjAxNS5jcmwwDQYJKoZIhvcNAQELBQADggIBAHUUiGcIgXB3INd78mGF" + - "yIz+u8+TLPON0va0mRuugy1TEH0eWZqNhv2+7vvzd8CLoOp4aHrUwvx7zGaND/bO" + - "w4dC1dO5zsXh1EziNAfaNqzYP2QQ4BckqZeGl0+d7OVyP5/HgZOYI90qYLvkjWSn" + - "eSFXZ2BN8Jku6l0dUnhsQqCoLKl0j4F+1u+GwC9pjzm2aVoYRs3CcNgkAa1O3SKK" + - "9PXpz/chFE1dfvT8xPagroVkzDCZ4o6Rp+8OPBPYacQhdIH6DyagPcbdKz1S0EC8" + - "q+7qm1C8bM05oyYfkoBLU6afgRGHcpRMFQRBnsu7o1LQIMsRF5dWWTqL4FLLw6iF" + - "exZA6z3HMilu+yolLxURaD3oWMcWzLKi0Ic88T8LNyz5ksWDDZXAoso0ZDTAh/Da" + - "FEdeQs9MnOkGzrvswrEG2MUs33XHhp988TWgRQGAJU/JZQR057I/UxfikYRhZ5oM" + - "7qPBy4oDh3VlhMsY5yHuK400Xi202xoXVS+VG33xB7KCvbwuemZSlVewxTX0ZJg5" + - "qTcwIXRMlsWffqyVWpnxjnvWmqO01nrbgjlpBAbDDT2R/JXPOjVpgjhQGEmNmVj3" + - "OvfjvLlXXP7CZ4Vxwxy0aBPPvVHoyWjFycsqm4EFGSGkcB17NcP3dlj7ZwloBobg" + - "ittrqXcLf8qik7sGgHnaa7Cc", + "RUlELVNLIDIwMTUwIBcNMjEwNDIzMTIyODUyWhgPMjAzMDEyMTcyMzU5NTlaMIGf" + + "MQswCQYDVQQGEwJFRTE9MDsGA1UEAww0T+KAmUNPTk5Fxb0txaBVU0xJSyBURVNU" + + "TlVNQkVSLE1BUlkgw4ROTiw2MDAwMTAxMzczOTEnMCUGA1UEBAweT+KAmUNPTk5F" + + "xb0txaBVU0xJSyBURVNUTlVNQkVSMRIwEAYDVQQqDAlNQVJZIMOETk4xFDASBgNV" + + "BAUTCzYwMDAxMDEzNzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA" + + "r8Gtz4AS8HoY2UpUvD9/OxJzymnvSTR5LKcG7+rLdXszEgdyRCy0sHg1yRseZgXu" + + "XQsAG/IGKQFUOBND6LAD2Puv+wk4HenB7EZmeiDQzdKGE3CoRz+UU+zz8EqQTzZi" + + "l85R7kK1oDi3b1RtB4flELSQ38ufeOFAli97K2hhYGVtPDOcJIbz4jej4UqQnY80" + + "Ma+5niQxsN9pf2W/Fe2r7TMtqmo+aKbaWMr3uLESbPGpiffetcWnllmLQR2lcx2w" + + "aHXp3XeUQXHBbtO0oypaxpgDTcRBLH3ZGuElj0KGfXqRaO6dwOjjHG5G8+Tzvy/2" + + "pvGuqbr9RvcH3QMmG1mEswIDAQABo4ICHzCCAhswCQYDVR0TBAIwADAOBgNVHQ8B" + + "Af8EBAMCBkAwdQYDVR0gBG4wbDBfBgorBgEEAc4fAwEDMFEwHgYIKwYBBQUHAgIw" + + "EgwQT25seSBmb3IgVEVTVElORzAvBggrBgEFBQcCARYjaHR0cHM6Ly93d3cuc2su" + + "ZWUvcmVwb3NpdG9vcml1bS9DUFMwCQYHBACL7EABAjAdBgNVHQ4EFgQUNGA6HJQi" + + "W4kukHbhN6CmD0Js1McwgYoGCCsGAQUFBwEDBH4wfDAIBgYEAI5GAQEwCAYGBACO" + + "RgEEMFEGBgQAjkYBBTBHMEUWP2h0dHBzOi8vc2suZWUvZW4vcmVwb3NpdG9yeS9j" + + "b25kaXRpb25zLWZvci11c2Utb2YtY2VydGlmaWNhdGVzLxMCRU4wEwYGBACORgEG" + + "MAkGBwQAjkYBBgEwHwYDVR0jBBgwFoAUScDyRDll1ZtGOw04YIOx1i0ohqYwgYMG" + + "CCsGAQUFBwEBBHcwdTAsBggrBgEFBQcwAYYgaHR0cDovL2FpYS5kZW1vLnNrLmVl" + + "L2VzdGVpZDIwMTUwRQYIKwYBBQUHMAKGOWh0dHBzOi8vc2suZWUvdXBsb2FkL2Zp" + + "bGVzL1RFU1Rfb2ZfRVNURUlELVNLXzIwMTUuZGVyLmNydDA0BgNVHR8ELTArMCmg" + + "J6AlhiNodHRwczovL2Muc2suZWUvdGVzdF9lc3RlaWQyMDE1LmNybDANBgkqhkiG" + + "9w0BAQsFAAOCAgEAn5yOThHC3o+qywote9HYZz6TgGUin606KONrUcbsP9UMZwKF" + + "HhQBAZE9ycJ3iOIKtEk0VlH5vwL0MvyY26VyHgkprozEcX5OCQKBCTn/ZKR+IIXQ" + + "wNT0ZadQHTAuCLidHH9bI4/CofTWtr6udYezmQs7FIXbcazQ6cgkb937HulVHt4x" + + "IDZ8kp9oUaqbpUfCSu5zOspQRM2ih0MshPmZvkS9qeFgbkTD0D+RPccxV7jjHCbH" + + "xjHzYNFrq2JJuKacxx/OR12KGKOtcGlYjFxWl18MJ/n3tvoEcWaXKtPZ+BmStbPH" + + "RFb29fkSIWtEzFRSbbLYeHkC53m8lWQ4kXhMJ10aZs9nXRVJ0I4/wMjZTpO6lMkq" + + "Exm77nyycxPv3glJWssFp5LEKgJKxWt2aT9ihHypqEPVjBZGfppFOJT81gxLLF0k" + + "MVxnRqpNbi/1thY5IIxFgGzxIHJlIMuw/HECMJ+/n19dF+Z8tqCoxhNxEQm409jR" + + "v6/RsRhtQ5IIY0PR8eL5xzwgET5BWy5AjUtzGeQsEiywY9+kNfLgv0GQsdfiyhyG" + + "z5oX/8t9AlntTTLpUdWRs4IU3M1yLV2qxc/zAyXRZYJ5nbkwg1oR3wttTYcQ+uFk" + + "0qCoYsLHPmNmFGYZrt00lbulpieIS/YGdFmdtQn7vip/y7LOGEU02m84Lpo=", Base64.encodeBase64String(x509Cert.getX509Certificate().getEncoded())); } @Test public void sign() { //TODO know expected value - byte[] expected = new byte[]{40, -84, -43, -95, -8, 46, -27, -2, 41, 80, -96, -74, 125, 37, -11, 85, -22, 64, -87, 122, 41, -29, 91, -35, 104, 60, 86, -98, -65, -101, 81, 74, -10, 35, -24, -115, -14, 115, -58, -53, -28, -53, 47, -82, 74, -21, 88, -111, -31, 47, 112, 71, 41, -32, 120, 119, 109, 34, -96, 124, -61, -5, 112, 114, 122, 1, 30, -105, 112, 67, 116, -32, -44, -123, -43, 26, 63, -28, -41, 82, -79, -32, 98, 93, 20, -76, -94, 105, 40, -95, -1, -97, -33, 88, 31, 92, -115, -114, 118, -94, 3, 126, -25, -100, -84, 72, -84, 51, -122, -59, -72, 0, 123, 68, -116, 91, -105, 7, 81, -106, 10, 58, -39, 53, 109, -48, -121, 4, -111, 32, -127, -74, -3, -73, -57, -12, 114, 126, -20, -40, 76, -58, 119, -108, 85, -124, 97, -55, -82, -120, -94, -40, -10, -96, -60, 29, 84, 55, 12, 77, 27, -117, -3, 84, 39, -24, -66, -89, -5, 51, -64, -53, -16, -43, -53, 63, -59, -32, 48, 82, -85, -124, -107, -85, 43, 37, 62, -63, 42, -8, 86, -79, 42, -119, -37, 30, 6, -71, 30, -63, 98, 109, 56, 74, 69, -14, -44, 104, 86, -87, 37, 109, 91, 59, -58, 33, 81, -69, -50, -82, 121, 69, -99, 18, 51, -63, 116, -56, -26, 96, -81, -17, -106, -57, 45, -15, 11, -39, -24, 121, -59, -38, 83, -3, 21, -104, -102, 116, 44, 108, -7, 79, -49, -106, 28, -82}; - byte[] actual = this.pkcs12SignatureToken.sign(DigestAlgorithm.SHA512, new byte[]{0x41}); + byte[] expected = new byte[]{-127,-10,88,-97,-31,-28,99,55,-33,-83,10,-18,8,-83,-34,123,75,60,27,34,-41,3,62,-100,89,15,6,-38,82,-52,51,71,-14,-66,-92,88,-107,79,-22,125,3,-44,-11,112,110,60,-28,-77,54,-49,7,89,-66,-43,116,-67,83,-31,-34,119,101,-68,-44,105,-58,114,-2,-99,80,98,-21,-72,88,1,-103,-15,85,39,-50,-17,-63,-121,123,-121,-66,59,-27,-59,-6,-55,-32,-55,43,-126,43,-39,-33,2,-22,40,-18,-15,-83,26,-3,14,-29,-20,36,-17,-119,95,-63,99,111,109,25,-96,13,115,-113,75,48,61,-34,-75,86,18,76,-48,-96,-111,68,-58,-104,110,99,-19,125,34,14,3,82,-48,39,-4,35,-104,-43,-58,-35,-83,-18,38,-87,19,9,-74,114,-24,-33,69,76,105,125,78,108,-84,43,104,-95,124,38,-125,33,108,-122,-121,-104,113,98,17,-81,-91,-99,80,-123,58,6,108,-59,-41,-33,-39,98,125,112,-58,120,-32,-99,51,-29,-50,30,-22,94,11,113,-107,-119,-49,-52,83,-83,-101,-52,108,92,91,-78,17,-78,-42,71,2,-125,73,112,-72,79,51,2,-95,-88,54,-32,77,99,-76,60,-2,-90,100,50,101,-58,48,-30,-119,-76,-63,-21,-55,-112,76}; + byte[] actual = pkcs12SignatureToken.sign(DigestAlgorithm.SHA512, new byte[]{0x41}); Assert.assertArrayEquals(expected, actual); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/util/TestSigningUtil.java b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestSigningUtil.java index bb94e6496..aa7845438 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/test/util/TestSigningUtil.java +++ b/digidoc4j/src/test/java/org/digidoc4j/test/util/TestSigningUtil.java @@ -28,8 +28,8 @@ public class TestSigningUtil { - public static final String TEST_PKI_CONTAINER = "src/test/resources/testFiles/p12/signout.p12"; - public static final String TEST_PKI_CONTAINER_PASSWORD = "test"; + public static final String TEST_PKI_CONTAINER = "src/test/resources/testFiles/p12/sign_RSA_from_TEST_of_ESTEIDSK2015.p12"; + public static final String TEST_PKI_CONTAINER_PASSWORD = "1234"; public static final String TEST_ECC_PKI_CONTAINER = "src/test/resources/testFiles/p12/MadDogOY.p12"; public static final String TEST_ECC_PKI_CONTAINER_PASSWORD = "test"; public static final X509Certificate SIGN_CERT = TestSigningUtil.toX509Certificate("-----BEGIN CERTIFICATE-----\r\n" + diff --git a/digidoc4j/src/test/resources/testFiles/certs/sign_RSA_from_TEST_of_ESTEIDSK2015.pem b/digidoc4j/src/test/resources/testFiles/certs/sign_RSA_from_TEST_of_ESTEIDSK2015.pem new file mode 100644 index 000000000..bbce0b991 --- /dev/null +++ b/digidoc4j/src/test/resources/testFiles/certs/sign_RSA_from_TEST_of_ESTEIDSK2015.pem @@ -0,0 +1,38 @@ +-----BEGIN CERTIFICATE----- +MIIGuDCCBKCgAwIBAgIQbsALi4xUxPdggr2EPjoVJjANBgkqhkiG9w0BAQsFADBr +MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 +czEXMBUGA1UEYQwOTlRSRUUtMTA3NDcwMTMxHzAdBgNVBAMMFlRFU1Qgb2YgRVNU +RUlELVNLIDIwMTUwIBcNMjEwNDIzMTIyODUyWhgPMjAzMDEyMTcyMzU5NTlaMIGf +MQswCQYDVQQGEwJFRTE9MDsGA1UEAww0T+KAmUNPTk5Fxb0txaBVU0xJSyBURVNU +TlVNQkVSLE1BUlkgw4ROTiw2MDAwMTAxMzczOTEnMCUGA1UEBAweT+KAmUNPTk5F +xb0txaBVU0xJSyBURVNUTlVNQkVSMRIwEAYDVQQqDAlNQVJZIMOETk4xFDASBgNV +BAUTCzYwMDAxMDEzNzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +r8Gtz4AS8HoY2UpUvD9/OxJzymnvSTR5LKcG7+rLdXszEgdyRCy0sHg1yRseZgXu +XQsAG/IGKQFUOBND6LAD2Puv+wk4HenB7EZmeiDQzdKGE3CoRz+UU+zz8EqQTzZi +l85R7kK1oDi3b1RtB4flELSQ38ufeOFAli97K2hhYGVtPDOcJIbz4jej4UqQnY80 +Ma+5niQxsN9pf2W/Fe2r7TMtqmo+aKbaWMr3uLESbPGpiffetcWnllmLQR2lcx2w +aHXp3XeUQXHBbtO0oypaxpgDTcRBLH3ZGuElj0KGfXqRaO6dwOjjHG5G8+Tzvy/2 +pvGuqbr9RvcH3QMmG1mEswIDAQABo4ICHzCCAhswCQYDVR0TBAIwADAOBgNVHQ8B +Af8EBAMCBkAwdQYDVR0gBG4wbDBfBgorBgEEAc4fAwEDMFEwHgYIKwYBBQUHAgIw +EgwQT25seSBmb3IgVEVTVElORzAvBggrBgEFBQcCARYjaHR0cHM6Ly93d3cuc2su +ZWUvcmVwb3NpdG9vcml1bS9DUFMwCQYHBACL7EABAjAdBgNVHQ4EFgQUNGA6HJQi +W4kukHbhN6CmD0Js1McwgYoGCCsGAQUFBwEDBH4wfDAIBgYEAI5GAQEwCAYGBACO +RgEEMFEGBgQAjkYBBTBHMEUWP2h0dHBzOi8vc2suZWUvZW4vcmVwb3NpdG9yeS9j +b25kaXRpb25zLWZvci11c2Utb2YtY2VydGlmaWNhdGVzLxMCRU4wEwYGBACORgEG +MAkGBwQAjkYBBgEwHwYDVR0jBBgwFoAUScDyRDll1ZtGOw04YIOx1i0ohqYwgYMG +CCsGAQUFBwEBBHcwdTAsBggrBgEFBQcwAYYgaHR0cDovL2FpYS5kZW1vLnNrLmVl +L2VzdGVpZDIwMTUwRQYIKwYBBQUHMAKGOWh0dHBzOi8vc2suZWUvdXBsb2FkL2Zp +bGVzL1RFU1Rfb2ZfRVNURUlELVNLXzIwMTUuZGVyLmNydDA0BgNVHR8ELTArMCmg +J6AlhiNodHRwczovL2Muc2suZWUvdGVzdF9lc3RlaWQyMDE1LmNybDANBgkqhkiG +9w0BAQsFAAOCAgEAn5yOThHC3o+qywote9HYZz6TgGUin606KONrUcbsP9UMZwKF +HhQBAZE9ycJ3iOIKtEk0VlH5vwL0MvyY26VyHgkprozEcX5OCQKBCTn/ZKR+IIXQ +wNT0ZadQHTAuCLidHH9bI4/CofTWtr6udYezmQs7FIXbcazQ6cgkb937HulVHt4x +IDZ8kp9oUaqbpUfCSu5zOspQRM2ih0MshPmZvkS9qeFgbkTD0D+RPccxV7jjHCbH +xjHzYNFrq2JJuKacxx/OR12KGKOtcGlYjFxWl18MJ/n3tvoEcWaXKtPZ+BmStbPH +RFb29fkSIWtEzFRSbbLYeHkC53m8lWQ4kXhMJ10aZs9nXRVJ0I4/wMjZTpO6lMkq +Exm77nyycxPv3glJWssFp5LEKgJKxWt2aT9ihHypqEPVjBZGfppFOJT81gxLLF0k +MVxnRqpNbi/1thY5IIxFgGzxIHJlIMuw/HECMJ+/n19dF+Z8tqCoxhNxEQm409jR +v6/RsRhtQ5IIY0PR8eL5xzwgET5BWy5AjUtzGeQsEiywY9+kNfLgv0GQsdfiyhyG +z5oX/8t9AlntTTLpUdWRs4IU3M1yLV2qxc/zAyXRZYJ5nbkwg1oR3wttTYcQ+uFk +0qCoYsLHPmNmFGYZrt00lbulpieIS/YGdFmdtQn7vip/y7LOGEU02m84Lpo= +-----END CERTIFICATE----- diff --git a/digidoc4j/src/test/resources/testFiles/p12/sign_RSA_from_TEST_of_ESTEIDSK2015.p12 b/digidoc4j/src/test/resources/testFiles/p12/sign_RSA_from_TEST_of_ESTEIDSK2015.p12 new file mode 100644 index 0000000000000000000000000000000000000000..a527c04ec65f7443bea2c517ed3a67a132cbdbc5 GIT binary patch literal 3325 zcmVep{IUU^H})i!1LaL6k(R+QGibhP1P;*QNxIp@^Q-Hf!owa-=g3G)>Wx}=WyY|u9X9?Uflb~#}84T#~(+=13nGN zBF6KUQ|7E5qG7#$8aBfHcb(cpO~bg@RyJOjI%}5uQ&-}H!Yhxll@l^a40)>EYsi3f z-l$=fwq?T+W``fm%fOSKV&?nm%dU@{An9$`930P!?!tl(KJ=basI`$W;^DXEmIRd(bFe41DM!tM&|_PnQu9<3N~bwLX~n{l@HA#gN`3wG&T zI}H3@vN6>FgV<$>G+Y#Q7s1puZl7*VkBbJJO)d9wbXIjasnUaSp z(1fuAkn8RP0m(q3yh$C@^@IlLe;y%r8i)ldI}KYA0Q2?)?o~0AU0~xR&3|~5x(^Af z`FO$Armxp83~Pcg_&-IVrl17S}_AY8x9yNN7!+4fDd_zT1sqRDau%*x8OW zndHf51IfDw40Pk2_jcFA4VTC?3k8IwEUrPG4m$@qimdR9m%bDGYqy#xLra17IheG{ zXQ5i&v&VoZLN=3c+66Yt=x|>Vx#{sh|4lYGxku?BJIWs|XRS^(Y4!%sC5)K=#MIPv zUbjQ+(*0h^mU{=3(`2@{;JmH61NlcI?pfQ_X3^Vq51$8|PNkMeA89q)tnYj=lf^Gb zKwnJ&sEBl-K9s5egv)OKqY5vdt4c_iScud)JOjiCyk(9-GtQy#)k_gcae&&h2zv1F zOSQ9|;_8>>`(vNy*_HdQnWoI8{p*aSJn04ZdG(|_$Np1CdKRbVI6Hg=k~~qtV?yD6 zQb$414Q=R>8-7SxtOSc2!($c#ac(+%5Bd|0lhX&*KMh$`tVAPO9<%h*dG`Ut2UAxb zb0oJHDjkX94B2$6D1V#8?W0_KNX6+w!woKmDnyopg413wdivtpb4dP*w>Rv6^C8Q; zB~@(S7Av`tYMIQgy7PAxU*TTo`}p#_8~3Uh^>??&>OojZD2=Z&jb;WZHdLM*37ObI?Zym zLYiMX^qndu7ZuG90Y~}c6o1t~(3yhls*)Wt%0l>S{5un^aV9|zu|}!?lptGN2Xe^8 z{1~#!t`_(u!;lkvn?-osxO`2+fSJEzEnDp6r*k4y!jfO3CM1@8AFYX}d^&cb|I%P& z-$&EqC#f~?oLyn*7T9BeNh;D!Fm2Yp9t%?kwNufrcC^3?iw9CK|lXlry z5z|qkzlAm(`j~lKF6UKzN>Fk4=}Mpq*(EMq>C4|US2za(j6hL}MX&;|)rug2MPw)3 zJB0{W@AY9*<+p!f4Jn#?ebdd4bg@iUBA!6Z-a+I@K4&LNQU}lEi%R zvmZ-xMq&T_fOU|Lj3vvYz!pQmz(_x_N+;-O)SXUQ9!TWh=;ih)eI1N9 zY-F&LGIe`9dq&*Ud>GEy+Z|L&pos7UwK~fzbBo{`!A^8O@HJkb4IceRMi~amc6*Mh znHKeb44*GlY#0V@oPAOfPRZ&>40MtTg!HjH=e*O4P<0^va6$cYcY9xh#_}yk0Q*xu zB|0`*AN{IK*#Z3oScYAN)Lg=ys!he@Kdt|f=7$A>AZ{pAR5&@9IBx#!ybG9{2L-YU zusFc;+Zcp!026(9oR~>2|KW;Az|ttwN<`lm->_d0!TTbH#&8u0EW;nj(8|p}+_DPI zwDf@sQzu~p8jFR~=%mXQ^En@*k35J!`YNdzWbx&o|6cF@T95Ob`U6Rj&4XoQfUrLX zk&@f}$Z929q)r#HlCW+2(oSX-m-%ARt{RhxmNU@84kg2ak5jZ-0Yi}I%`k)X&SpR* ztJHQ=FsUzcWQ%%9x1K3V&I_vHzBJdY;FO0~(#RMTtLDM=Fs1K9qg;p60UOC!5Z6|f zl?D`zQGE$np%dHP+LKIK9~!lYuTv528{XuP?+u7eDF-VAFbb<6f8Vg^@P!15p)jmP zN*KrB0sQUUbalul#nx!?gvcX}#7^0KhG!UUF!LC}es=E-XRGYX3MGBW40qXds-eha~#a!ZJ{(U@FRws2htPs~2?0gPHnt4;TCyjYl z<*`_tXKK`ancikHrKw1XlUQ0duUpEs z2uMEEbfSvoV72&EcE>Csn|vKFN8L`5fryKrd)?!237FH^ffu0YJmLF!Jc+t}U zjy59*48tC@y4!lCW~8G5)mILfnqq;VwstcMx`&(z(vGHai5#=(Vy5Ua2Jp*DJs$_i z+)RIEM^iv93^^!tKj8fD@p+55EP{v&1B8wFqlCZB^d=0>9Ok3@* zpzl#V$xPf1?Q@XV&0}*iNg3a`Oxfv%{4oVC+3N?d^13ugs;%_d0^C`?2fhm9Dgc7B zzPX$R>cE8+q12St2?kfFT<~3x=L-rA65o-9sUK5{*R=LOSt%}EX4Xy~<5k=eeA`NpH#C-SnXgQ!i<>jUJQL+JSI4a?j zCL8ID1c%*Q_5FhAAM;pkD_A-0y1og Date: Mon, 26 Apr 2021 16:38:50 +0300 Subject: [PATCH 36/45] DD4J-696 Fix unit tests for Github CI --- .../impl/SKOnlineOCSPSourceTest.java | 4 +-- .../impl/bdoc/IncompleteSigningTest.java | 2 +- .../impl/bdoc/asic/TimeStampTokenTest.java | 2 +- .../org/digidoc4j/main/DigiDoc4JTest.java | 35 ++++++++++--------- .../digidoc4j/signers/ExternalSignerTest.java | 8 ++--- .../signers/PKCS12SignatureTokenTest.java | 5 +-- .../utils/TokenAlgorithmSupportTest.java | 2 +- 7 files changed, 31 insertions(+), 27 deletions(-) diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java index f2775395c..e469e7c07 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/SKOnlineOCSPSourceTest.java @@ -126,8 +126,8 @@ public void getTestCertificateOCSPTokenFromProdOCSP_thenThrowUnknownCertificateV public void ocspAccessSettingsInvalid_throwsServiceAccessDeniedException() throws CertificateEncodingException { Configuration configuration = Configuration.of(TEST); configuration.setSignOCSPRequests(true); - configuration.setOCSPAccessCertificateFileName("src/test/resources/testFiles/p12/signout.p12"); - configuration.setOCSPAccessCertificatePassword("test".toCharArray()); + configuration.setOCSPAccessCertificateFileName(TestSigningUtil.TEST_PKI_CONTAINER); + configuration.setOCSPAccessCertificatePassword(TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD.toCharArray()); SKOnlineOCSPSource ocspSource = (SKOnlineOCSPSource) OCSPSourceBuilder.defaultOCSPSource() .withConfiguration(configuration) diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java index fcbab4034..323f6b9b2 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/IncompleteSigningTest.java @@ -171,7 +171,7 @@ public void signatureProfileBepesShouldNotFailWhenTslCouldNotBeLoaded() { ); } - @Test(expected = TechnicalException.class) + @Test(expected = OCSPRequestFailedException.class) public void signatureProfileLtTmShouldFailWhenTslLoadingFails() { setUpTestConfigurationWithFailingTSL(); createSignatureBy(createNonEmptyContainerByConfiguration(), SignatureProfile.LT_TM, pkcs12SignatureToken); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java index 3a0cd4032..d4bea3a2b 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/TimeStampTokenTest.java @@ -166,7 +166,7 @@ public void tstASICSAddPKCS12Signature() throws Exception { "text/plain", "-datst", "SHA256", "-tst"}; TestDigiDoc4JUtil.call(parameters); parameters = new String[]{"-in", fileName, "-type", "ASICS", "-add", "src/test/resources/testFiles/helper-files/dds_колючей стерне.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test"}; + "text/plain", "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; TestDigiDoc4JUtil.call(parameters); Assert.assertThat(this.stdOut.getLog(), StringContains.containsString( "This container has already timestamp. Should be no signatures in case of timestamped ASiCS container.")); diff --git a/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java b/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java index 559d04f20..2a1634443 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/main/DigiDoc4JTest.java @@ -166,8 +166,9 @@ public void checkAssertion() throws Exception { }); String file = this.getFileBy("ddoc"); String[] parameters = new String[]{"-in", file, "-type", "DDOC", - "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test", "-profile", "LT_TM"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-profile", "LT_TM"}; DigiDoc4J.main(parameters); } @@ -187,8 +188,9 @@ public void checkAssertion() throws Exception { Container container = ContainerOpener.open("src/test/resources/testFiles/valid-containers/ddoc_for_testing.ddoc"); container.saveAsFile(file); String[] parameters = new String[]{"-in", file, "-type", "DDOC", - "-add", "src/test/resources/testFiles/helper-files/test.txt", - "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test", "-profile", "LT_TM"}; + "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-profile", "LT_TM"}; DigiDoc4J.main(parameters); } @@ -273,7 +275,7 @@ public void itShouldNotBePossible_ToSignWithBoth_Pkcs11AndPkcs12() throws Except String[] parameters = new String[]{"-in", file, "-add", "src/test/resources/testFiles/helper-files/test.txt", "text/plain", "-pkcs11", "/usr/local/lib/opensc-pkcs11.so", "01497", "2", - "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; DigiDoc4J.main(parameters); } @@ -282,7 +284,7 @@ public void createsContainerAndAddsFileWithoutMimeType() throws Exception { this.systemExit.expectSystemExitWithStatus(2); String file = this.getFileBy("bdoc"); String[] parameters = new String[]{"-in", file, "-add", "src/test/resources/testFiles/helper-files/test.txt", - "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; DigiDoc4J.main(parameters); } @@ -290,8 +292,8 @@ public void createsContainerAndAddsFileWithoutMimeType() throws Exception { public void createMultipleSignedContainers_whereInputDirIsFile_shouldThrowException() throws Exception { this.systemExit.expectSystemExitWithStatus(6); String[] parameters = new String[]{"-inputDir", this.testFolder.newFile("inputFolder").getPath(), - "-outputDir", this.testFolder.newFolder("outputFolder").getPath(), "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + "-outputDir", this.testFolder.newFolder("outputFolder").getPath(), + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; DigiDoc4J.main(parameters); } @@ -300,17 +302,17 @@ public void createMultipleSignedContainers_whereOutputDirIsFile_shouldThrowExcep String inputFolder = this.testFolder.newFolder("inputFolder").getPath(); String outputFolder = this.testFolder.newFile("outputFolder").getPath(); this.systemExit.expectSystemExitWithStatus(6); - String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + String[] parameters = new String[]{"-inputDir", inputFolder, "-outputDir", outputFolder, + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; DigiDoc4J.main(parameters); } @Test public void createMultipleSignedContainers_withEmptyInputDir_shouldDoNothing() throws Exception { this.systemExit.expectSystemExitWithStatus(0); - String[] parameters = new String[]{"-inputDir", this.testFolder.newFolder("inputFolder").getPath(), "-outputDir", - this.testFolder.newFolder("outputFolder").getPath(), "-pkcs12", - "src/test/resources/testFiles/p12/signout.p12", "test"}; + String[] parameters = new String[]{"-inputDir", this.testFolder.newFolder("inputFolder").getPath(), + "-outputDir", this.testFolder.newFolder("outputFolder").getPath(), + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD}; DigiDoc4J.main(parameters); } @@ -865,9 +867,10 @@ private void assertExtractingDataFile(String containerPath, String fileToExtract public void createAndValidateDetachedXades() throws Exception { String xadesSignaturePath = "singatures0.xml"; - String[] parameters = new String[]{"-xades", "-digFile", "test.txt", - "n4bQgYhMfWWaL+qgxVrQFaO/TxsrC4Is0V1sFbDwCgg", "text/plain", "-pkcs12", "src/test/resources/testFiles/p12/signout.p12", - "test", "-sigOutputPath", xadesSignaturePath}; + String[] parameters = new String[]{"-xades", + "-digFile", "test.txt", "n4bQgYhMfWWaL+qgxVrQFaO/TxsrC4Is0V1sFbDwCgg", "text/plain", + "-pkcs12", TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD, + "-sigOutputPath", xadesSignaturePath}; TestDigiDoc4JUtil.call(parameters); parameters = new String[]{"-xades", "-digFile", "test.txt", diff --git a/digidoc4j/src/test/java/org/digidoc4j/signers/ExternalSignerTest.java b/digidoc4j/src/test/java/org/digidoc4j/signers/ExternalSignerTest.java index cf3f74cc5..747661481 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/signers/ExternalSignerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/signers/ExternalSignerTest.java @@ -53,7 +53,7 @@ public byte[] sign(DigestAlgorithm digestAlgorithm, byte[] dataToSign) { @Ignore // TODO Fix me when possible public void testAsyncSigning() { Container container = this.createNonEmptyContainer(); - DataToSign dataToSign = SignatureBuilder.aSignature(container).withSigningCertificate(this.pkcs12SignatureToken.getCertificate()). + DataToSign dataToSign = SignatureBuilder.aSignature(container).withSigningCertificate(pkcs12SignatureToken.getCertificate()). buildDataToSign(); String containerFile = this.getFileBy("bin"); String dataToSignFile = this.getFileBy("bin"); @@ -72,14 +72,14 @@ public void testAsyncSigning() { */ private SignatureToken getExternalSignatureToken() { - return new ExternalSigner(this.pkcs12SignatureToken.getCertificate()) { + return new ExternalSigner(pkcs12SignatureToken.getCertificate()) { @Override public byte[] sign(DigestAlgorithm digestAlgorithm, byte[] dataToSign) { try { KeyStore keyStore = KeyStore.getInstance("PKCS12"); - try (FileInputStream stream = new FileInputStream("src/test/resources/testFiles/p12/signout.p12")) { - keyStore.load(stream, "test".toCharArray()); + try (FileInputStream stream = new FileInputStream(TestSigningUtil.TEST_PKI_CONTAINER)) { + keyStore.load(stream, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD.toCharArray()); } PrivateKey privateKey = (PrivateKey) keyStore.getKey("1", "test".toCharArray()); return TestSigningUtil.encrypt(String.format("NONEwith%s", privateKey.getAlgorithm()), privateKey, TestSigningUtil.addPadding(dataToSign)); diff --git a/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java b/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java index 451cfa80d..2bf148cca 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/signers/PKCS12SignatureTokenTest.java @@ -15,6 +15,7 @@ import org.digidoc4j.DigestAlgorithm; import org.digidoc4j.X509Cert; import org.digidoc4j.exceptions.InvalidKeyException; +import org.digidoc4j.test.util.TestSigningUtil; import org.junit.Assert; import org.junit.Test; @@ -75,7 +76,7 @@ public void sign() { //TODO know expected value public void closeSignatureTokenWhenSigning() { this.expectedException.expect(InvalidKeyException.class); this.expectedException.expectMessage("Private key entry is missing. Connection may be closed."); - PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/signout.p12", "test".toCharArray()); + PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken(TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD.toCharArray()); Assert.assertNotNull(pkcs12SignatureToken.sign(DigestAlgorithm.SHA512, new byte[]{0x41})); pkcs12SignatureToken.close(); @@ -86,7 +87,7 @@ public void closeSignatureTokenWhenSigning() { public void closeSignatureTokenWhenAskingCertificate() { this.expectedException.expect(InvalidKeyException.class); this.expectedException.expectMessage("Private key entry is missing. Connection may be closed."); - PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/signout.p12", "test".toCharArray()); + PKCS12SignatureToken pkcs12SignatureToken = new PKCS12SignatureToken(TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD.toCharArray()); Assert.assertNotNull(pkcs12SignatureToken.getCertificate()); pkcs12SignatureToken.close(); pkcs12SignatureToken.getCertificate(); diff --git a/digidoc4j/src/test/java/org/digidoc4j/utils/TokenAlgorithmSupportTest.java b/digidoc4j/src/test/java/org/digidoc4j/utils/TokenAlgorithmSupportTest.java index ca8f2ee6c..cc97cc080 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/utils/TokenAlgorithmSupportTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/utils/TokenAlgorithmSupportTest.java @@ -24,7 +24,7 @@ public class TokenAlgorithmSupportTest { @Test public void getDefaultDigestAlgorithm_shouldReturnSha256() throws Exception { - PKCS12SignatureToken testSignatureToken = new PKCS12SignatureToken("src/test/resources/testFiles/p12/signout.p12", "test".toCharArray()); + PKCS12SignatureToken testSignatureToken = new PKCS12SignatureToken(TestSigningUtil.TEST_PKI_CONTAINER, TestSigningUtil.TEST_PKI_CONTAINER_PASSWORD.toCharArray()); DigestAlgorithm digestAlgorithm = TokenAlgorithmSupport.determineSignatureDigestAlgorithm(testSignatureToken.getCertificate()); Assert.assertEquals(DigestAlgorithm.SHA256, digestAlgorithm); } From df1db8718111e73dbf1c9cf8db8076ed3b750f3c Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Tue, 27 Apr 2021 09:42:49 +0300 Subject: [PATCH 37/45] DD4J-653 Fix LT_TM signature policy document hash --- digidoc4j/src/main/java/org/digidoc4j/utils/PolicyUtils.java | 2 +- .../test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java | 2 +- .../src/test/java/org/digidoc4j/utils/PolicyUtilsTest.java | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/digidoc4j/src/main/java/org/digidoc4j/utils/PolicyUtils.java b/digidoc4j/src/main/java/org/digidoc4j/utils/PolicyUtils.java index 956848e94..c03180c58 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/utils/PolicyUtils.java +++ b/digidoc4j/src/main/java/org/digidoc4j/utils/PolicyUtils.java @@ -28,7 +28,7 @@ public final class PolicyUtils { public static Policy createBDocSignaturePolicy() { Policy signaturePolicy = new Policy(); signaturePolicy.setId("urn:oid:" + XadesSignatureValidator.TM_POLICY); - signaturePolicy.setDigestValue(Base64.decodeBase64("7pudpH4eXlguSZY2e/pNbKzGsq+fu//woYL1SZFws1A=")); + signaturePolicy.setDigestValue(Base64.decodeBase64("3Tl1oILSvOAWomdI9VeWV6IA/32eSXRUri9kPEz1IVs=")); signaturePolicy.setQualifier(ObjectIdentifierQualifier.OID_AS_URN); signaturePolicy.setDigestAlgorithm(SHA256); signaturePolicy.setSpuri("https://www.sk.ee/repository/bdoc-spec21.pdf"); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java index badc0a09d..96bbd524a 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java @@ -1058,7 +1058,7 @@ public void containerWithSignaturePolicyByDefault() throws Exception { Assert.assertEquals("https://www.sk.ee/repository/bdoc-spec21.pdf", policyId.getUrl()); Assert.assertEquals("" + XadesSignatureValidator.TM_POLICY, policyId.getIdentifier()); Assert.assertEquals(eu.europa.esig.dss.enumerations.DigestAlgorithm.SHA256, policyId.getDigest().getAlgorithm()); - Assert.assertArrayEquals(Base64.decodeBase64("7pudpH4eXlguSZY2e/pNbKzGsq+fu//woYL1SZFws1A="), policyId.getDigest().getValue()); + Assert.assertArrayEquals(Base64.decodeBase64("3Tl1oILSvOAWomdI9VeWV6IA/32eSXRUri9kPEz1IVs="), policyId.getDigest().getValue()); } @Test diff --git a/digidoc4j/src/test/java/org/digidoc4j/utils/PolicyUtilsTest.java b/digidoc4j/src/test/java/org/digidoc4j/utils/PolicyUtilsTest.java index d5c218816..578c6dfd7 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/utils/PolicyUtilsTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/utils/PolicyUtilsTest.java @@ -31,7 +31,7 @@ public void createBDocSignaturePolicy() { assertEquals("OIDAsURN", policy.getQualifier().getValue()); assertEquals(DigestAlgorithm.SHA256, policy.getDigestAlgorithm()); assertEquals("https://www.sk.ee/repository/bdoc-spec21.pdf", policy.getSpuri()); - assertThat(Base64.decodeBase64("7pudpH4eXlguSZY2e/pNbKzGsq+fu//woYL1SZFws1A="), IsEqual.equalTo(policy.getDigestValue())); + assertThat(Base64.decodeBase64("3Tl1oILSvOAWomdI9VeWV6IA/32eSXRUri9kPEz1IVs="), IsEqual.equalTo(policy.getDigestValue())); } @Test From e1c23cd3b4b33cd08523caa9c59afb737393ce24 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Wed, 12 May 2021 08:52:25 +0300 Subject: [PATCH 38/45] DD4J-697 Limit adding empty datafiles to ASiC containers and signing such containers; validation warnings for ASiC containers with empty datafiles --- .../digidoc4j/ContainerValidationResult.java | 7 + .../src/main/java/org/digidoc4j/DataFile.java | 55 +++++-- .../java/org/digidoc4j/DigestDataFile.java | 12 ++ .../AbstractContainerValidationResult.java | 40 ++++++ .../impl/AbstractValidationResult.java | 18 +++ .../digidoc4j/impl/SignatureFinalizer.java | 17 +++ .../digidoc4j/impl/asic/AsicContainer.java | 60 ++++++-- .../asic/AsicContainerValidationResult.java | 42 ++---- .../TimeStampContainerValidationResult.java | 16 +-- .../ddoc/DDocSignatureValidationResult.java | 13 +- .../pades/PadesContainerValidationResult.java | 25 +--- .../test/java/org/digidoc4j/DataFileTest.java | 108 +++++++++----- .../DetachedXadesSignatureBuilderTest.java | 20 ++- .../EmptyDataFilesSignatureFinalizerTest.java | 58 ++++++++ .../asic/EmptyDataFilesContainerTest.java | 85 +++++++++++ .../impl/bdoc/BDocContainerTest.java | 2 + .../bdoc/EmptyDataFilesBdocContainerTest.java | 81 +++++++++++ ...tyDataFilesBdocSignatureFinalizerTest.java | 18 +++ .../EmptyDataFilesAsicEContainerTest.java | 135 ++++++++++++++++++ ...yDataFilesAsicESignatureFinalizerTest.java | 18 +++ .../EmptyDataFilesAsicSContainerTest.java | 13 ++ ...tyDataFilesAsicSignatureFinalizerTest.java | 18 +++ .../digidoc4j/test/MockSignatureBuilder.java | 4 +- .../java/org/digidoc4j/test/TestAssert.java | 13 +- .../testFiles/helper-files/empty.txt | 0 ...igned-container-with-empty-datafiles.asice | Bin 0 -> 10687 bytes ...signed-container-with-empty-datafiles.bdoc | Bin 0 -> 7780 bytes ...igned-container-with-empty-datafiles.asice | Bin 0 -> 1252 bytes 28 files changed, 745 insertions(+), 133 deletions(-) create mode 100644 digidoc4j/src/main/java/org/digidoc4j/impl/AbstractContainerValidationResult.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/EmptyDataFilesSignatureFinalizerTest.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/asic/EmptyDataFilesContainerTest.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocContainerTest.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocSignatureFinalizerTest.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicEContainerTest.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicESignatureFinalizerTest.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSContainerTest.java create mode 100644 digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSignatureFinalizerTest.java create mode 100644 digidoc4j/src/test/resources/testFiles/helper-files/empty.txt create mode 100644 digidoc4j/src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.asice create mode 100644 digidoc4j/src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.bdoc create mode 100644 digidoc4j/src/test/resources/testFiles/valid-containers/unsigned-container-with-empty-datafiles.asice diff --git a/digidoc4j/src/main/java/org/digidoc4j/ContainerValidationResult.java b/digidoc4j/src/main/java/org/digidoc4j/ContainerValidationResult.java index 87c714ad2..ee4654cd6 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/ContainerValidationResult.java +++ b/digidoc4j/src/main/java/org/digidoc4j/ContainerValidationResult.java @@ -19,4 +19,11 @@ public interface ContainerValidationResult extends SignatureValidationResult { */ List getContainerErrors(); + /** + * Get list container related warnings. + * + * @return List of exceptions + */ + List getContainerWarnings(); + } diff --git a/digidoc4j/src/main/java/org/digidoc4j/DataFile.java b/digidoc4j/src/main/java/org/digidoc4j/DataFile.java index c241ddcac..fdcf469b7 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/DataFile.java +++ b/digidoc4j/src/main/java/org/digidoc4j/DataFile.java @@ -27,7 +27,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; @@ -36,6 +35,7 @@ import java.net.URL; import java.nio.file.Files; import java.nio.file.Paths; +import java.util.OptionalLong; /** * Data file wrapper providing methods for handling signed files or files to be signed in Container. @@ -73,9 +73,7 @@ public DataFile(String path, String mimeType) { */ public DataFile(byte[] data, String fileName, String mimeType) { logger.debug("File name: " + fileName + ", mime type: " + mimeType); - ByteArrayInputStream stream = new ByteArrayInputStream(data); - document = new InMemoryDocument(stream, fileName, getMimeType(mimeType)); - IOUtils.closeQuietly(stream); + document = new InMemoryDocument(data.clone(), fileName, getMimeType(mimeType)); } /** @@ -105,7 +103,7 @@ public DataFile() { protected MimeType getMimeType(String mimeType) { try { MimeType mimeTypeCode = MimeType.fromMimeTypeString(mimeType); - logger.debug("Mime type: ", mimeTypeCode); + logger.debug("Mime type: {}", mimeTypeCode); return mimeTypeCode; } catch (DSSException e) { logger.error(e.getMessage()); @@ -189,20 +187,55 @@ public String getId() { * @return file size in bytes */ public long getFileSize() { - long fileSize; + OptionalLong fileBackedSize = getFileSizeIfBackedByFile(); + if (fileBackedSize.isPresent()) { + return fileBackedSize.getAsLong(); + } + long fileSize = 0L; + try (InputStream inputStream = getStream()) { + // Read the entire stream, but do not build yet another byte[] to hold the entire contents. Just skip and count the bytes. + // InputStream.skip(long) is not reliable to count the actual number of bytes available via an input stream. + byte[] skipBuffer = new byte[IOUtils.DEFAULT_BUFFER_SIZE]; + int bytesRead; + while ((bytesRead = inputStream.read(skipBuffer)) > 0) { + fileSize += bytesRead; + } + } catch (IOException e) { + throw new TechnicalException("Error reading document bytes: " + e.getMessage(), e); + } + logger.debug("File document size: " + fileSize); + return fileSize; + } + + /** + * Returns {@code true} if the data file size is 0 bytes. + * + * @return {@code true} if the data file is empty + */ + public boolean isFileEmpty() { + OptionalLong fileBackedSize = getFileSizeIfBackedByFile(); + if (fileBackedSize.isPresent()) { + return (fileBackedSize.getAsLong() < 1L); + } + try (InputStream inputStream = getStream()) { + return (inputStream.read() < 0); // read() returns -1 if no bytes to read + } catch (IOException e) { + throw new TechnicalException("Error reading document bytes: " + e.getMessage(), e); + } + } + + private OptionalLong getFileSizeIfBackedByFile() { if (document instanceof StreamDocument || document instanceof FileDocument) { try { - fileSize = Files.size(Paths.get(document.getAbsolutePath())); + long fileSize = Files.size(Paths.get(document.getAbsolutePath())); logger.debug("Document size: " + fileSize); - return fileSize; + return OptionalLong.of(fileSize); } catch (IOException e) { logger.error(e.getMessage()); throw new DigiDoc4JException(e); } } - fileSize = getBytes().length; - logger.debug("File document size: " + fileSize); - return fileSize; + return OptionalLong.empty(); } /** diff --git a/digidoc4j/src/main/java/org/digidoc4j/DigestDataFile.java b/digidoc4j/src/main/java/org/digidoc4j/DigestDataFile.java index fb2e0d3e4..3b624f798 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/DigestDataFile.java +++ b/digidoc4j/src/main/java/org/digidoc4j/DigestDataFile.java @@ -4,6 +4,7 @@ import org.apache.commons.codec.binary.Base64; import org.digidoc4j.exceptions.InvalidDataFileException; +import org.digidoc4j.exceptions.NotSupportedException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -67,4 +68,15 @@ public String getContentType() { public void setContentType(String contentType) { this.contentType = contentType; } + + @Override + public long getFileSize() { + throw new NotSupportedException("Querying size of digest datafile is not supported"); + } + + @Override + public boolean isFileEmpty() { + return false; + } + } diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/AbstractContainerValidationResult.java b/digidoc4j/src/main/java/org/digidoc4j/impl/AbstractContainerValidationResult.java new file mode 100644 index 000000000..882ca81ca --- /dev/null +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/AbstractContainerValidationResult.java @@ -0,0 +1,40 @@ +package org.digidoc4j.impl; + +import org.digidoc4j.ContainerValidationResult; +import org.digidoc4j.exceptions.DigiDoc4JException; + +import java.util.ArrayList; +import java.util.List; + +public abstract class AbstractContainerValidationResult extends AbstractSignatureValidationResult implements ContainerValidationResult { + + protected List containerErrors = new ArrayList<>(); + protected List containerWarnings = new ArrayList<>(); + + @Override + public List getContainerErrors() { + return containerErrors; + } + + public void addContainerErrors(List containerErrors) { + this.containerErrors = concatenate(this.containerErrors, containerErrors); + } + + public void setContainerErrors(List containerErrors) { + this.containerErrors = containerErrors; + } + + @Override + public List getContainerWarnings() { + return containerWarnings; + } + + public void addContainerWarnings(List containerWarnings) { + this.containerWarnings = concatenate(this.containerWarnings, containerWarnings); + } + + public void setContainerWarnings(List containerWarnings) { + this.containerWarnings = containerWarnings; + } + +} diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/AbstractValidationResult.java b/digidoc4j/src/main/java/org/digidoc4j/impl/AbstractValidationResult.java index 93f23b9d3..ae82f20b4 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/AbstractValidationResult.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/AbstractValidationResult.java @@ -2,6 +2,9 @@ import java.util.ArrayList; import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; +import java.util.stream.Stream; import org.apache.commons.collections4.CollectionUtils; import org.digidoc4j.Configuration; @@ -78,6 +81,10 @@ public List getErrors() { return errors; } + public void addErrors(List errors) { + this.errors = concatenate(this.errors, errors); + } + public void setErrors(List errors) { this.errors = errors; } @@ -87,8 +94,19 @@ public List getWarnings() { return warnings; } + public void addWarnings(List warnings) { + this.warnings = concatenate(this.warnings, warnings); + } + public void setWarnings(List warnings) { this.warnings = warnings; } + protected static List concatenate(List first, List second) { + return Stream.concat( + Optional.ofNullable(first).map(List::stream).orElseGet(Stream::empty), + Optional.ofNullable(second).map(List::stream).orElseGet(Stream::empty) + ).collect(Collectors.toList()); + } + } diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/SignatureFinalizer.java b/digidoc4j/src/main/java/org/digidoc4j/impl/SignatureFinalizer.java index 19ae20515..f2aed3d9a 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/SignatureFinalizer.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/SignatureFinalizer.java @@ -17,6 +17,7 @@ import org.digidoc4j.Signature; import org.digidoc4j.SignatureBuilder; import org.digidoc4j.SignatureParameters; +import org.digidoc4j.exceptions.InvalidDataFileException; import java.io.Serializable; import java.util.List; @@ -32,6 +33,7 @@ public abstract class SignatureFinalizer implements Serializable { protected Configuration configuration; public SignatureFinalizer(List dataFiles, SignatureParameters signatureParameters, Configuration configuration) { + verifyDataFilesNotEmpty(dataFiles); this.dataFiles = dataFiles; this.signatureParameters = signatureParameters; this.configuration = configuration; @@ -74,4 +76,19 @@ public Configuration getConfiguration() { public SignatureParameters getSignatureParameters() { return signatureParameters; } + + private static void verifyDataFilesNotEmpty(List dataFiles) { + dataFiles.stream() + .filter(DataFile::isFileEmpty) + .map(dataFile -> "Cannot sign empty datafile: " + dataFile.getName()) + .map(InvalidDataFileException::new) + .reduce((e1, e2) -> { + e1.addSuppressed(e2); + return e1; + }) + .ifPresent(e -> { + throw e; + }); + } + } diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java index 4a3f20b6e..59a0a9d83 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainer.java @@ -11,6 +11,7 @@ package org.digidoc4j.impl.asic; import eu.europa.esig.dss.model.DSSDocument; +import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.io.IOUtils; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.Configuration; @@ -28,11 +29,13 @@ import org.digidoc4j.exceptions.DataFileNotFoundException; import org.digidoc4j.exceptions.DigiDoc4JException; import org.digidoc4j.exceptions.DuplicateDataFileException; +import org.digidoc4j.exceptions.InvalidDataFileException; import org.digidoc4j.exceptions.InvalidSignatureException; import org.digidoc4j.exceptions.NotSupportedException; import org.digidoc4j.exceptions.RemovingDataFileException; import org.digidoc4j.exceptions.SignatureNotFoundException; import org.digidoc4j.exceptions.TechnicalException; +import org.digidoc4j.impl.AbstractContainerValidationResult; import org.digidoc4j.impl.AbstractValidationResult; import org.digidoc4j.impl.asic.asice.AsicEContainerValidator; import org.digidoc4j.impl.asic.asice.AsicESignature; @@ -58,6 +61,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import java.util.stream.Collectors; /** * Created by Andrei on 7.11.2017. @@ -167,30 +171,32 @@ public ContainerValidationResult validate() { } protected ContainerValidationResult validateContainer() { + ContainerValidationResult containerValidationResult; if (this.timeStampToken != null) { - return this.validateTimestampToken(); + containerValidationResult = this.validateTimestampToken(); } else { + AsicEContainerValidator containerValidator; if (!this.isNewContainer()) { if (DocumentType.BDOC.name().equalsIgnoreCase(this.containerType)) { - return new BDocContainerValidator(this.containerParseResult, this.getConfiguration(), - !this.dataFilesHaveChanged).validate(this.getSignatures()); + containerValidator = new BDocContainerValidator(containerParseResult, getConfiguration(), !dataFilesHaveChanged); } else if (DocumentType.ASICS.name().equalsIgnoreCase(this.containerType)) { - return new AsicSContainerValidator(this.containerParseResult, this.getConfiguration(), - !this.dataFilesHaveChanged).validate(this.getSignatures()); + containerValidator = new AsicSContainerValidator(containerParseResult, getConfiguration(), !dataFilesHaveChanged); } else { - return new AsicEContainerValidator(this.containerParseResult, this.getConfiguration(), - !this.dataFilesHaveChanged).validate(this.getSignatures()); + containerValidator = new AsicEContainerValidator(containerParseResult, getConfiguration(), !dataFilesHaveChanged); } } else { if (DocumentType.BDOC.name().equalsIgnoreCase(this.containerType)) { - return new BDocContainerValidator(this.getConfiguration()).validate(this.getSignatures()); + containerValidator = new BDocContainerValidator(getConfiguration()); } else if (DocumentType.ASICS.name().equalsIgnoreCase(this.containerType)) { - return new AsicSContainerValidator(this.getConfiguration()).validate(this.getSignatures()); + containerValidator = new AsicSContainerValidator(getConfiguration()); } else { - return new AsicEContainerValidator(this.getConfiguration()).validate(this.getSignatures()); + containerValidator = new AsicEContainerValidator(getConfiguration()); } } + containerValidationResult = containerValidator.validate(getSignatures()); } + validateDataFiles(containerValidationResult); + return containerValidationResult; } private ContainerValidationResult validateTimestampToken() { @@ -200,6 +206,31 @@ private ContainerValidationResult validateTimestampToken() { return new TimeStampTokenValidator(this.containerParseResult).validate(); } + private void validateDataFiles(ContainerValidationResult containerValidationResult) { + List dataFilesValidationWarnings = dataFiles.stream() + .filter(DataFile::isFileEmpty) + .map(dataFile -> String.format("Data file '%s' is empty", dataFile.getName())) + .collect(Collectors.toList()); + + if (CollectionUtils.isEmpty(dataFilesValidationWarnings)) { + return; + } + + if (containerValidationResult instanceof AbstractContainerValidationResult) { + AbstractContainerValidationResult abstractContainerValidationResult = (AbstractContainerValidationResult) containerValidationResult; + List exceptions = dataFilesValidationWarnings.stream().map(InvalidDataFileException::new).collect(Collectors.toList()); + abstractContainerValidationResult.addContainerWarnings(exceptions); + abstractContainerValidationResult.addWarnings(exceptions); + } else if (containerValidationResult instanceof AbstractValidationResult) { + List exceptions = dataFilesValidationWarnings.stream().map(InvalidDataFileException::new).collect(Collectors.toList()); + ((AbstractValidationResult) containerValidationResult).addWarnings(exceptions); + } else { + for (String dataFileValidationWarning : dataFilesValidationWarnings) { + LOGGER.warn(dataFileValidationWarning); + } + } + } + @Override public File saveAsFile(String filePath) { LOGGER.debug("Saving container to file: " + filePath); @@ -286,6 +317,14 @@ protected void validateDataFilesRemoval() { } } + protected void verifyDataFileIsNotEmpty(DataFile dataFile) { + if (dataFile.isFileEmpty()) { + String errorMessage = "Datafiles cannot be empty"; + LOGGER.error(errorMessage); + throw new InvalidDataFileException(errorMessage); + } + } + protected void verifyIfAllowedToAddDataFile(String fileName) { if (isContainerSigned()) { String errorMessage = "Datafiles cannot be added to an already signed container"; @@ -407,6 +446,7 @@ public DataFile addDataFile(File file, String mimeType) { @Override public void addDataFile(DataFile dataFile) { + verifyDataFileIsNotEmpty(dataFile); String fileName = dataFile.getName(); verifyIfAllowedToAddDataFile(fileName); if (Constant.ASICS_CONTAINER_TYPE.equals(getType())) { diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerValidationResult.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerValidationResult.java index e48153b2b..628b7b8da 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerValidationResult.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/AsicContainerValidationResult.java @@ -10,32 +10,26 @@ package org.digidoc4j.impl.asic; -import java.nio.file.Path; -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; -import java.util.Map; - +import eu.europa.esig.dss.enumerations.Indication; +import eu.europa.esig.dss.enumerations.SignatureQualification; +import eu.europa.esig.dss.enumerations.SubIndication; +import eu.europa.esig.dss.simplereport.SimpleReport; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.ContainerValidationResult; -import org.digidoc4j.exceptions.DigiDoc4JException; -import org.digidoc4j.impl.AbstractSignatureValidationResult; +import org.digidoc4j.impl.AbstractContainerValidationResult; -import eu.europa.esig.dss.enumerations.SignatureQualification; -import eu.europa.esig.dss.enumerations.Indication; -import eu.europa.esig.dss.enumerations.SubIndication; -import eu.europa.esig.dss.simplereport.SimpleReport; +import java.nio.file.Path; +import java.util.Collections; +import java.util.Map; /** * Validation result information. *

    * For BDOC the ValidationResult contains only information for the first signature of each signature XML file */ -public class AsicContainerValidationResult extends AbstractSignatureValidationResult implements - ContainerValidationResult { +public class AsicContainerValidationResult extends AbstractContainerValidationResult implements ContainerValidationResult { - private List containerErrors = new ArrayList<>(); private Map signatureIdMap = Collections.emptyMap(); private AsicValidationReportBuilder validationReportBuilder; @@ -137,22 +131,4 @@ private String resolveSignatureId(String signatureId) { return signatureIdMap.getOrDefault(signatureId, signatureId); } - /* - * ACCESSORS - */ - - @Override - public List getContainerErrors() { - return containerErrors; - } - - /** - * Set container errors only. - * - * @param containerErrors Discovered list of container errors - */ - public void setContainerErrors(List containerErrors) { - this.containerErrors = containerErrors; - } - } diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/TimeStampContainerValidationResult.java b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/TimeStampContainerValidationResult.java index 3c51709eb..12b312e42 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/asic/TimeStampContainerValidationResult.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/asic/TimeStampContainerValidationResult.java @@ -1,19 +1,14 @@ package org.digidoc4j.impl.asic; -import java.util.List; - +import eu.europa.esig.dss.enumerations.Indication; import org.bouncycastle.tsp.TimeStampToken; import org.digidoc4j.ContainerValidationResult; -import org.digidoc4j.exceptions.DigiDoc4JException; -import org.digidoc4j.impl.AbstractSignatureValidationResult; - -import eu.europa.esig.dss.enumerations.Indication; +import org.digidoc4j.impl.AbstractContainerValidationResult; /** * Created by Andrei on 27.11.2017. */ -public class TimeStampContainerValidationResult extends AbstractSignatureValidationResult implements - ContainerValidationResult { +public class TimeStampContainerValidationResult extends AbstractContainerValidationResult implements ContainerValidationResult { private TimeStampToken timeStampToken; private String signedBy = ""; @@ -31,11 +26,6 @@ public Indication getIndication() { return Indication.TOTAL_FAILED; } - @Override - public List getContainerErrors() { - return this.errors; - } - /* * RESTRICTED METHODS */ diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocSignatureValidationResult.java b/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocSignatureValidationResult.java index 0289c5c7f..f7faf6bfc 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocSignatureValidationResult.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/ddoc/DDocSignatureValidationResult.java @@ -14,7 +14,7 @@ import org.digidoc4j.ddoc.DigiDocException; import org.digidoc4j.ddoc.SignedDoc; import org.digidoc4j.exceptions.DigiDoc4JException; -import org.digidoc4j.impl.AbstractSignatureValidationResult; +import org.digidoc4j.impl.AbstractContainerValidationResult; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.w3c.dom.Comment; @@ -33,11 +33,9 @@ /** * Overview of errors and warnings for DDoc */ -public class DDocSignatureValidationResult extends AbstractSignatureValidationResult implements - ContainerValidationResult { +public class DDocSignatureValidationResult extends AbstractContainerValidationResult implements ContainerValidationResult { private final Logger log = LoggerFactory.getLogger(DDocSignatureValidationResult.class); - private List containerExceptions = new ArrayList<>(); private Document document; private Element rootElement; private boolean hasFatalErrors = false; @@ -68,7 +66,7 @@ public DDocSignatureValidationResult(List exceptions, removeDuplicates(exceptions); removeDuplicates(openContainerExceptions); for (DigiDocException exception : openContainerExceptions) { - this.containerExceptions.add(new DigiDoc4JException(exception.getCode(), exception.getMessage())); + super.containerErrors.add(new DigiDoc4JException(exception.getCode(), exception.getMessage())); if (SignedDoc.hasFatalErrs((ArrayList) openContainerExceptions)) { this.hasFatalErrors = true; } @@ -166,11 +164,6 @@ private String toReportString(Document document) { * ACCESSORS */ - @Override - public List getContainerErrors() { - return containerExceptions; - } - /** * Does the container have fatal errors * diff --git a/digidoc4j/src/main/java/org/digidoc4j/impl/pades/PadesContainerValidationResult.java b/digidoc4j/src/main/java/org/digidoc4j/impl/pades/PadesContainerValidationResult.java index 235f58e9c..dd1c3eaf7 100644 --- a/digidoc4j/src/main/java/org/digidoc4j/impl/pades/PadesContainerValidationResult.java +++ b/digidoc4j/src/main/java/org/digidoc4j/impl/pades/PadesContainerValidationResult.java @@ -1,23 +1,19 @@ package org.digidoc4j.impl.pades; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; - +import eu.europa.esig.dss.enumerations.Indication; +import eu.europa.esig.dss.enumerations.SubIndication; +import eu.europa.esig.dss.simplereport.SimpleReport; import org.apache.commons.lang3.StringUtils; import org.digidoc4j.ContainerValidationResult; import org.digidoc4j.exceptions.DigiDoc4JException; -import org.digidoc4j.impl.AbstractSignatureValidationResult; +import org.digidoc4j.impl.AbstractContainerValidationResult; -import eu.europa.esig.dss.enumerations.Indication; -import eu.europa.esig.dss.enumerations.SubIndication; -import eu.europa.esig.dss.simplereport.SimpleReport; +import java.util.Arrays; /** * Created by Andrei on 20.11.2017. */ -public class PadesContainerValidationResult extends AbstractSignatureValidationResult implements - ContainerValidationResult { +public class PadesContainerValidationResult extends AbstractContainerValidationResult implements ContainerValidationResult { /** * @param simpleReport simple report @@ -51,13 +47,4 @@ protected String getResultName() { return "PAdES container"; } - /* - * ACCESSORS - */ - - @Override - public List getContainerErrors() { - return Collections.emptyList(); - } - } diff --git a/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java b/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java index ded05819e..fdcd2e2ef 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/DataFileTest.java @@ -25,58 +25,102 @@ public class DataFileTest extends AbstractTest { - private DataFile dataFile; + private static final String TEST_FILE_NAME = "test.txt"; + private static final String TEST_FILE_MIMETYPE = "text/plain"; + private static final String TEST_FILE_PATH = "src/test/resources/testFiles/helper-files/test.txt"; + private static final String EMPTY_FILE_PATH = "src/test/resources/testFiles/helper-files/empty.txt"; @Test - public void testGetFileSize() throws Exception { - Assert.assertEquals(15, this.dataFile.getFileSize()); + public void testGetFileSize() { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertEquals(15, dataFile.getFileSize()); + } + + @Test + public void testIsFileEmpty() { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertFalse(dataFile.isFileEmpty()); + } + + @Test + public void testIsFileEmptyForEmptyFile() { + DataFile dataFile = new DataFile(EMPTY_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertTrue(dataFile.isFileEmpty()); } @Test public void testGetFileSizeForInMemoryDocument() { - Assert.assertEquals(2, new DataFile(new byte[]{1, 2}, "fileName", "text/plain").getFileSize()); + DataFile dataFile = new DataFile(new byte[]{1, 2}, TEST_FILE_NAME, TEST_FILE_MIMETYPE); + Assert.assertEquals(2, dataFile.getFileSize()); + } + + @Test + public void testIsFileEmptyForInMemoryDocument() { + DataFile dataFile = new DataFile(new byte[]{1, 2}, TEST_FILE_NAME, TEST_FILE_MIMETYPE); + Assert.assertFalse(dataFile.isFileEmpty()); } @Test - public void testGetMediaType() throws Exception { - Assert.assertEquals("text/plain", this.dataFile.getMediaType()); + public void testIsFileEmptyForEmptyInMemoryDocument() { + DataFile dataFile = new DataFile(new byte[0], TEST_FILE_NAME, TEST_FILE_MIMETYPE); + Assert.assertTrue(dataFile.isFileEmpty()); } @Test - public void testGetFileName() throws Exception { - Assert.assertEquals("test.txt", this.dataFile.getName()); + public void testGetMediaType() { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertEquals(TEST_FILE_MIMETYPE, dataFile.getMediaType()); } @Test - public void testCalculateDigest() throws Exception { - Assert.assertEquals("RqDqtqi3rTsWj07rrWc5kATAZIw7T1XHP/NPLCF05RU=", Base64.encodeBase64String(this.dataFile.calculateDigest())); + public void testGetFileName() { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertEquals(TEST_FILE_NAME, dataFile.getName()); } @Test - public void testCalculateDigestWithEnumTypeSHA256() throws Exception { - Assert.assertEquals("RqDqtqi3rTsWj07rrWc5kATAZIw7T1XHP/NPLCF05RU=", - Base64.encodeBase64String(this.dataFile.calculateDigest(DigestAlgorithm.SHA256))); + public void testCalculateDigest() { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertArrayEquals( + Base64.decodeBase64("RqDqtqi3rTsWj07rrWc5kATAZIw7T1XHP/NPLCF05RU="), + dataFile.calculateDigest() + ); } @Test - public void testCalculateDigestWithEnumTypeSHA1() throws Exception { - Assert.assertEquals("OQj17m9Rt2vPXYrry+v/KHpf98Q=", Base64.encodeBase64String(this.dataFile.calculateDigest(DigestAlgorithm.SHA1))); + public void testCalculateDigestWithEnumTypeSHA256() { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertArrayEquals( + Base64.decodeBase64("RqDqtqi3rTsWj07rrWc5kATAZIw7T1XHP/NPLCF05RU="), + dataFile.calculateDigest(DigestAlgorithm.SHA256) + ); + } + + @Test + public void testCalculateDigestWithEnumTypeSHA1() { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + Assert.assertArrayEquals( + Base64.decodeBase64("OQj17m9Rt2vPXYrry+v/KHpf98Q="), + dataFile.calculateDigest(DigestAlgorithm.SHA1) + ); } @Test public void testSaveToFile() throws IOException { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); String file = this.getFileBy("txt"); - this.dataFile.saveAs(file); + dataFile.saveAs(file); Assert.assertTrue(new File(file).exists()); - byte[] testFileContent = FileUtils.readFileToByteArray(new File("src/test/resources/testFiles/helper-files/test.txt")); + byte[] testFileContent = FileUtils.readFileToByteArray(new File(TEST_FILE_PATH)); byte[] savedFileContent = FileUtils.readFileToByteArray(new File(file)); Assert.assertArrayEquals(testFileContent, savedFileContent); } @Test public void testSaveToOutputStream() throws IOException { + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); try (ByteArrayOutputStream stream = new ByteArrayOutputStream()) { - this.dataFile.saveAs(stream); + dataFile.saveAs(stream); stream.flush(); Assert.assertEquals("see on testfail", stream.toString()); } @@ -84,23 +128,23 @@ public void testSaveToOutputStream() throws IOException { @Test public void incorrectMimeType() { - this.dataFile = new DataFile("src/test/resources/testFiles/helper-files/test.txt", "incorrect"); - Assert.assertNotNull(this.dataFile.getMediaType()); + DataFile dataFile = new DataFile(TEST_FILE_PATH, "incorrect"); + Assert.assertNotNull(dataFile.getMediaType()); } @Test public void incorrectMimeTypeByteArrayConstructor() { - this.dataFile = new DataFile(new byte[]{0x041}, "src/test/resources/testFiles/helper-files/test.txt", "incorrect"); - Assert.assertNotNull(this.dataFile.getMediaType()); + DataFile dataFile = new DataFile(new byte[]{0x041}, TEST_FILE_PATH, "incorrect"); + Assert.assertNotNull(dataFile.getMediaType()); } @Test(expected = DigiDoc4JException.class) - public void testThrowsFileNotFoundExceptionIfFileDoesNotExists() throws Exception { - new DataFile("NOT_EXISTS.TXT", "text/plain"); + public void testThrowsFileNotFoundExceptionIfFileDoesNotExists() { + new DataFile("NOT_EXISTS.TXT", TEST_FILE_MIMETYPE); } @Test(expected = Exception.class) - public void testThrowsExceptionOnUnknownError() throws Exception { + public void testThrowsExceptionOnUnknownError() { new DataFile(null, "none/none"); } @@ -135,8 +179,8 @@ public void createDocumentFromStream() throws Exception { @Test public void createDocumentFromInoutStreamThrowsException() throws IOException { try (ByteArrayInputStream stream = new ByteArrayInputStream("test".getBytes())) { - this.dataFile = new DataFile(stream, "test.txt", "unknown"); - Assert.assertNotNull(this.dataFile.getMediaType()); + DataFile dataFile = new DataFile(stream, "test.txt", "unknown"); + Assert.assertNotNull(dataFile.getMediaType()); Assert.assertArrayEquals("test".getBytes(), dataFile.getBytes()); } } @@ -170,19 +214,15 @@ public void calculateSizeForStreamedFile() throws Exception { @Test public void testDigestIsCalculatedOnlyOnce() throws Exception { - byte[] digest = this.dataFile.calculateDigest(); - Assert.assertEquals(digest, this.dataFile.calculateDigest(new URL("http://NonExisting.test"))); + DataFile dataFile = new DataFile(TEST_FILE_PATH, TEST_FILE_MIMETYPE); + byte[] digest = dataFile.calculateDigest(); + Assert.assertEquals(digest, dataFile.calculateDigest(new URL("http://NonExisting.test"))); } /* * RESTRICTED METHODS */ - @Override - protected void before() { - this.dataFile = new DataFile("src/test/resources/testFiles/helper-files/test.txt", "text/plain"); - } - private static void testFileNameEscaping(Function dataFileFactory) { String fileName = "file-name.ext"; DataFile dataFile; diff --git a/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java b/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java index 62e471a09..41a84d30e 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java @@ -6,13 +6,13 @@ import org.apache.commons.io.FileUtils; import org.apache.commons.lang3.SerializationUtils; +import org.digidoc4j.exceptions.InvalidDataFileException; import org.digidoc4j.exceptions.InvalidSignatureException; import org.digidoc4j.exceptions.NotSupportedException; import org.digidoc4j.exceptions.SignatureTokenMissingException; import org.digidoc4j.exceptions.SignerCertificateRequiredException; import org.digidoc4j.impl.asic.asice.bdoc.BDocSignature; import org.junit.Assert; -import org.junit.Ignore; import org.junit.Test; public class DetachedXadesSignatureBuilderTest extends AbstractTest { @@ -95,6 +95,24 @@ public void signWithNormalDataFile() { assertValidSignature(signature); } + @Test(expected = InvalidDataFileException.class) + public void invokeSigningWithEmptyDataFileThrowsException() { + DataFile dataFile = new DataFile(new byte[0], "hello.txt", "text/plain"); + DetachedXadesSignatureBuilder.withConfiguration(new Configuration()) + .withDataFile(dataFile) + .withSignatureToken(pkcs12EccSignatureToken) + .invokeSigning(); + } + + @Test(expected = InvalidDataFileException.class) + public void buildDataToSignWithEmptyDataFileThrowsException() { + DataFile dataFile = new DataFile(new byte[0], "hello.txt", "text/plain"); + DetachedXadesSignatureBuilder.withConfiguration(new Configuration()) + .withDataFile(dataFile) + .withSignatureToken(pkcs12EccSignatureToken) + .invokeSigning(); + } + @Test(expected = SignatureTokenMissingException.class) public void invokeSigningWithoutSignatureTokenThrowsException() { DataFile dataFile = new DataFile("hello".getBytes(), "hello.txt", "text/plain"); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/EmptyDataFilesSignatureFinalizerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/EmptyDataFilesSignatureFinalizerTest.java new file mode 100644 index 000000000..2016c0a52 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/EmptyDataFilesSignatureFinalizerTest.java @@ -0,0 +1,58 @@ +package org.digidoc4j.impl; + +import org.digidoc4j.AbstractTest; +import org.digidoc4j.DataFile; +import org.digidoc4j.exceptions.InvalidDataFileException; +import org.digidoc4j.test.TestAssert; +import org.junit.Assert; +import org.junit.Test; + +import java.util.Arrays; +import java.util.List; + +public abstract class EmptyDataFilesSignatureFinalizerTest extends AbstractTest { + + protected abstract SignatureFinalizer createSignatureFinalizerWithDataFiles(List dataFiles); + + @Test + public void testCreateSignatureFinalizerWithSingleEmptyDataFile() { + List dataFiles = Arrays.asList( + new DataFile(new byte[0], "empty-file.txt", "text/plain") + ); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> createSignatureFinalizerWithDataFiles(dataFiles) + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class); + } + + @Test + public void testCreateSignatureFinalizerWithMultipleEmptyDataFiles() { + List dataFiles = Arrays.asList( + new DataFile(new byte[1], "data-file-1.txt", "text/plain"), + new DataFile(new byte[0], "empty-file-2.txt", "text/plain"), + new DataFile(new byte[1], "data-file-3.txt", "text/plain"), + new DataFile(new byte[1], "data-file-4.txt", "text/plain"), + new DataFile(new byte[0], "empty-file-5.txt", "text/plain"), + new DataFile(new byte[1], "data-file-6.txt", "text/plain"), + new DataFile(new byte[0], "empty-file-7.txt", "text/plain"), + new DataFile(new byte[0], "empty-file-8.txt", "text/plain") + ); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> createSignatureFinalizerWithDataFiles(dataFiles) + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file-2.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class, + "Cannot sign empty datafile: empty-file-5.txt", + "Cannot sign empty datafile: empty-file-7.txt", + "Cannot sign empty datafile: empty-file-8.txt" + ); + } + +} \ No newline at end of file diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/asic/EmptyDataFilesContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/EmptyDataFilesContainerTest.java new file mode 100644 index 000000000..0894826b8 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/asic/EmptyDataFilesContainerTest.java @@ -0,0 +1,85 @@ +package org.digidoc4j.impl.asic; + +import org.digidoc4j.AbstractTest; +import org.digidoc4j.Container; +import org.digidoc4j.DataFile; +import org.digidoc4j.exceptions.InvalidDataFileException; +import org.junit.Assert; +import org.junit.Test; + +import java.io.ByteArrayInputStream; +import java.io.File; +import java.io.IOException; +import java.io.InputStream; + +public abstract class EmptyDataFilesContainerTest extends AbstractTest { + + protected static final String TEST_FILE_NAME = "test.txt"; + protected static final String TEST_FILE_MIMETYPE = "text/plain"; + protected static final String EMPTY_FILE_PATH = "src/test/resources/testFiles/helper-files/empty.txt"; + + protected static final String DATAFILES_CANNOT_BE_EMPTY_MESSAGE = "Datafiles cannot be empty"; + + protected abstract Container.DocumentType getDocumentType(); + + @Test + public void testAddEmptyDataFileFromPath() { + Container container = createEmptyContainerBy(getDocumentType()); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> container.addDataFile(EMPTY_FILE_PATH, TEST_FILE_MIMETYPE) + ); + + Assert.assertEquals(DATAFILES_CANNOT_BE_EMPTY_MESSAGE, caughtException.getMessage()); + Assert.assertEquals(0, container.getDataFiles().size()); + } + + @Test + public void testAddEmptyDataFileFromStream() { + Container container = createEmptyContainerBy(getDocumentType()); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> { + try (InputStream inputStream = new ByteArrayInputStream(new byte[0])) { + container.addDataFile(inputStream, TEST_FILE_NAME, TEST_FILE_MIMETYPE); + } catch (IOException e) { + throw new IllegalStateException(e); + } + } + ); + + Assert.assertEquals(DATAFILES_CANNOT_BE_EMPTY_MESSAGE, caughtException.getMessage()); + Assert.assertEquals(0, container.getDataFiles().size()); + } + + @Test + public void testAddEmptyDataFileFromFile() { + Container container = createEmptyContainerBy(getDocumentType()); + File emptyFile = new File(EMPTY_FILE_PATH); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> container.addDataFile(emptyFile, TEST_FILE_MIMETYPE) + ); + + Assert.assertEquals(DATAFILES_CANNOT_BE_EMPTY_MESSAGE, caughtException.getMessage()); + Assert.assertEquals(0, container.getDataFiles().size()); + } + + @Test + public void testAddEmptyDataFile() { + Container container = createEmptyContainerBy(getDocumentType()); + DataFile emptyDataFile = new DataFile(new byte[0], TEST_FILE_NAME, TEST_FILE_MIMETYPE); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> container.addDataFile(emptyDataFile) + ); + + Assert.assertEquals(DATAFILES_CANNOT_BE_EMPTY_MESSAGE, caughtException.getMessage()); + Assert.assertEquals(0, container.getDataFiles().size()); + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java index 96bbd524a..339ee216d 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java @@ -572,7 +572,9 @@ public void testGetDocumentType() throws Exception { public void testAddTwoFilesAsStream() throws Exception { Container container = this.createEmptyContainerBy(Container.DocumentType.BDOC); ByteArrayInputStream stream = new ByteArrayInputStream("tere, tere".getBytes()); + stream.mark(Integer.MAX_VALUE); container.addDataFile(stream, "test1.txt", "text/plain"); + stream.reset(); container.addDataFile(stream, "test2.txt", "text/plain"); } diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocContainerTest.java new file mode 100644 index 000000000..098f1b1c6 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocContainerTest.java @@ -0,0 +1,81 @@ +package org.digidoc4j.impl.bdoc; + +import org.digidoc4j.Configuration; +import org.digidoc4j.Constant; +import org.digidoc4j.Container; +import org.digidoc4j.ContainerOpener; +import org.digidoc4j.ContainerValidationResult; +import org.digidoc4j.SignatureBuilder; +import org.digidoc4j.exceptions.InvalidDataFileException; +import org.digidoc4j.impl.asic.EmptyDataFilesContainerTest; +import org.digidoc4j.test.TestAssert; +import org.junit.Assert; +import org.junit.Test; + +public class EmptyDataFilesBdocContainerTest extends EmptyDataFilesContainerTest { + + @Override + protected void before() { + configuration = Configuration.of(Configuration.Mode.TEST); + } + + @Override + protected Container.DocumentType getDocumentType() { + return Container.DocumentType.BDOC; + } + + @Test + public void testValidateSignedContainerWithEmptyDataFiles() { + Container container = loadSignedContainerWithEmptyDataFiles(); + + ContainerValidationResult validationResult = container.validate(); + + Assert.assertTrue(validationResult.isValid()); + Assert.assertNotNull(validationResult.getWarnings()); + Assert.assertEquals(2, validationResult.getWarnings().size()); + TestAssert.assertContainsError("Data file 'empty-file-2.txt' is empty", validationResult.getWarnings()); + TestAssert.assertContainsError("Data file 'empty-file-4.txt' is empty", validationResult.getWarnings()); + Assert.assertNotNull(validationResult.getContainerWarnings()); + Assert.assertEquals(2, validationResult.getContainerWarnings().size()); + TestAssert.assertContainsError("Data file 'empty-file-2.txt' is empty", validationResult.getContainerWarnings()); + TestAssert.assertContainsError("Data file 'empty-file-4.txt' is empty", validationResult.getContainerWarnings()); + } + + @Test + public void testInvokeSigningForSignedContainerWithEmptyDataFiles() { + Container container = loadSignedContainerWithEmptyDataFiles(); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> SignatureBuilder.aSignature(container) + .withSignatureToken(pkcs12SignatureToken) + .invokeSigning() + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file-2.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class, "Cannot sign empty datafile: empty-file-4.txt"); + } + + @Test + public void testBuildDataToSignForSignedContainerWithEmptyDataFiles() { + Container container = loadSignedContainerWithEmptyDataFiles(); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> SignatureBuilder.aSignature(container) + .withSignatureToken(pkcs12SignatureToken) + .buildDataToSign() + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file-2.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class, "Cannot sign empty datafile: empty-file-4.txt"); + } + + private Container loadSignedContainerWithEmptyDataFiles() { + Container container = ContainerOpener + .open("src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.bdoc", configuration); + Assert.assertEquals(Constant.BDOC_CONTAINER_TYPE, container.getType()); + return container; + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocSignatureFinalizerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocSignatureFinalizerTest.java new file mode 100644 index 000000000..eabbf0b19 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/EmptyDataFilesBdocSignatureFinalizerTest.java @@ -0,0 +1,18 @@ +package org.digidoc4j.impl.bdoc; + +import org.digidoc4j.DataFile; +import org.digidoc4j.SignatureParameters; +import org.digidoc4j.impl.EmptyDataFilesSignatureFinalizerTest; +import org.digidoc4j.impl.SignatureFinalizer; +import org.digidoc4j.impl.asic.asice.bdoc.BDocSignatureFinalizer; + +import java.util.List; + +public class EmptyDataFilesBdocSignatureFinalizerTest extends EmptyDataFilesSignatureFinalizerTest { + + @Override + protected SignatureFinalizer createSignatureFinalizerWithDataFiles(List dataFiles) { + return new BDocSignatureFinalizer(dataFiles, new SignatureParameters(), configuration); + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicEContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicEContainerTest.java new file mode 100644 index 000000000..47dd3080e --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicEContainerTest.java @@ -0,0 +1,135 @@ +package org.digidoc4j.impl.bdoc.asic; + +import org.digidoc4j.Configuration; +import org.digidoc4j.Constant; +import org.digidoc4j.Container; +import org.digidoc4j.ContainerOpener; +import org.digidoc4j.ContainerValidationResult; +import org.digidoc4j.SignatureBuilder; +import org.digidoc4j.exceptions.InvalidDataFileException; +import org.digidoc4j.impl.asic.EmptyDataFilesContainerTest; +import org.digidoc4j.test.TestAssert; +import org.junit.Assert; +import org.junit.Test; + +public class EmptyDataFilesAsicEContainerTest extends EmptyDataFilesContainerTest { + + @Override + protected void before() { + configuration = Configuration.of(Configuration.Mode.TEST); + } + + @Override + protected Container.DocumentType getDocumentType() { + return Container.DocumentType.ASICE; + } + + @Test + public void testValidateUnsignedContainerWithEmptyDataFiles() { + Container container = loadUnsignedContainerWithEmptyDataFiles(); + + ContainerValidationResult validationResult = container.validate(); + + Assert.assertTrue(validationResult.isValid()); + Assert.assertNotNull(validationResult.getWarnings()); + Assert.assertEquals(2, validationResult.getWarnings().size()); + TestAssert.assertContainsError("Data file 'empty-file-2.txt' is empty", validationResult.getWarnings()); + TestAssert.assertContainsError("Data file 'empty-file-4.txt' is empty", validationResult.getWarnings()); + Assert.assertNotNull(validationResult.getContainerWarnings()); + Assert.assertEquals(2, validationResult.getContainerWarnings().size()); + TestAssert.assertContainsError("Data file 'empty-file-2.txt' is empty", validationResult.getContainerWarnings()); + TestAssert.assertContainsError("Data file 'empty-file-4.txt' is empty", validationResult.getContainerWarnings()); + } + + @Test + public void testValidateSignedContainerWithEmptyDataFiles() { + Container container = loadSignedContainerWithEmptyDataFiles(); + + ContainerValidationResult validationResult = container.validate(); + + Assert.assertTrue(validationResult.isValid()); + Assert.assertNotNull(validationResult.getWarnings()); + Assert.assertEquals(2, validationResult.getWarnings().size()); + TestAssert.assertContainsError("Data file 'empty-file-2.txt' is empty", validationResult.getWarnings()); + TestAssert.assertContainsError("Data file 'empty-file-4.txt' is empty", validationResult.getWarnings()); + Assert.assertNotNull(validationResult.getContainerWarnings()); + Assert.assertEquals(2, validationResult.getContainerWarnings().size()); + TestAssert.assertContainsError("Data file 'empty-file-2.txt' is empty", validationResult.getContainerWarnings()); + TestAssert.assertContainsError("Data file 'empty-file-4.txt' is empty", validationResult.getContainerWarnings()); + } + + @Test + public void testInvokeSigningForUnsignedContainerWithEmptyDataFiles() { + Container container = loadUnsignedContainerWithEmptyDataFiles(); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> SignatureBuilder.aSignature(container) + .withSignatureToken(pkcs12Esteid2018SignatureToken) + .invokeSigning() + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file-2.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class, "Cannot sign empty datafile: empty-file-4.txt"); + } + + @Test + public void testBuildDataToSignForUnsignedContainerWithEmptyDataFiles() { + Container container = loadUnsignedContainerWithEmptyDataFiles(); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> SignatureBuilder.aSignature(container) + .withSignatureToken(pkcs12Esteid2018SignatureToken) + .buildDataToSign() + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file-2.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class, "Cannot sign empty datafile: empty-file-4.txt"); + } + + @Test + public void testInvokeSigningForSignedContainerWithEmptyDataFiles() { + Container container = loadSignedContainerWithEmptyDataFiles(); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> SignatureBuilder.aSignature(container) + .withSignatureToken(pkcs12SignatureToken) + .invokeSigning() + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file-2.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class, "Cannot sign empty datafile: empty-file-4.txt"); + } + + @Test + public void testBuildDataToSignForSignedContainerWithEmptyDataFiles() { + Container container = loadSignedContainerWithEmptyDataFiles(); + + InvalidDataFileException caughtException = assertThrows( + InvalidDataFileException.class, + () -> SignatureBuilder.aSignature(container) + .withSignatureToken(pkcs12SignatureToken) + .buildDataToSign() + ); + + Assert.assertEquals("Cannot sign empty datafile: empty-file-2.txt", caughtException.getMessage()); + TestAssert.assertSuppressed(caughtException, InvalidDataFileException.class, "Cannot sign empty datafile: empty-file-4.txt"); + } + + private Container loadUnsignedContainerWithEmptyDataFiles() { + Container container = ContainerOpener + .open("src/test/resources/testFiles/valid-containers/unsigned-container-with-empty-datafiles.asice", configuration); + Assert.assertEquals(Constant.ASICE_CONTAINER_TYPE, container.getType()); + return container; + } + + private Container loadSignedContainerWithEmptyDataFiles() { + Container container = ContainerOpener + .open("src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.asice", configuration); + Assert.assertEquals(Constant.ASICE_CONTAINER_TYPE, container.getType()); + return container; + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicESignatureFinalizerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicESignatureFinalizerTest.java new file mode 100644 index 000000000..4848799c8 --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicESignatureFinalizerTest.java @@ -0,0 +1,18 @@ +package org.digidoc4j.impl.bdoc.asic; + +import org.digidoc4j.DataFile; +import org.digidoc4j.SignatureParameters; +import org.digidoc4j.impl.EmptyDataFilesSignatureFinalizerTest; +import org.digidoc4j.impl.SignatureFinalizer; +import org.digidoc4j.impl.asic.asice.AsicESignatureFinalizer; + +import java.util.List; + +public class EmptyDataFilesAsicESignatureFinalizerTest extends EmptyDataFilesSignatureFinalizerTest { + + @Override + protected SignatureFinalizer createSignatureFinalizerWithDataFiles(List dataFiles) { + return new AsicESignatureFinalizer(dataFiles, new SignatureParameters(), configuration); + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSContainerTest.java new file mode 100644 index 000000000..ead85151a --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSContainerTest.java @@ -0,0 +1,13 @@ +package org.digidoc4j.impl.bdoc.asic; + +import org.digidoc4j.Container; +import org.digidoc4j.impl.asic.EmptyDataFilesContainerTest; + +public class EmptyDataFilesAsicSContainerTest extends EmptyDataFilesContainerTest { + + @Override + protected Container.DocumentType getDocumentType() { + return Container.DocumentType.ASICS; + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSignatureFinalizerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSignatureFinalizerTest.java new file mode 100644 index 000000000..57366661c --- /dev/null +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/asic/EmptyDataFilesAsicSignatureFinalizerTest.java @@ -0,0 +1,18 @@ +package org.digidoc4j.impl.bdoc.asic; + +import org.digidoc4j.DataFile; +import org.digidoc4j.SignatureParameters; +import org.digidoc4j.impl.EmptyDataFilesSignatureFinalizerTest; +import org.digidoc4j.impl.SignatureFinalizer; +import org.digidoc4j.impl.asic.AsicSignatureFinalizer; + +import java.util.List; + +public class EmptyDataFilesAsicSignatureFinalizerTest extends EmptyDataFilesSignatureFinalizerTest { + + @Override + protected SignatureFinalizer createSignatureFinalizerWithDataFiles(List dataFiles) { + return new AsicSignatureFinalizer(dataFiles, new SignatureParameters(), configuration); + } + +} diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/MockSignatureBuilder.java b/digidoc4j/src/test/java/org/digidoc4j/test/MockSignatureBuilder.java index b2d3a3818..6a0f85601 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/test/MockSignatureBuilder.java +++ b/digidoc4j/src/test/java/org/digidoc4j/test/MockSignatureBuilder.java @@ -21,6 +21,8 @@ import org.digidoc4j.exceptions.SignerCertificateRequiredException; import org.digidoc4j.impl.SignatureFinalizer; +import java.util.ArrayList; + /** * Used in unit tests. */ @@ -31,7 +33,7 @@ public class MockSignatureBuilder extends SignatureBuilder { @Override public DataToSign buildDataToSign() throws SignerCertificateRequiredException, ContainerWithoutFilesException { - SignatureFinalizer signatureFinalizer = new SignatureFinalizer(null, null, null) { + SignatureFinalizer signatureFinalizer = new SignatureFinalizer(new ArrayList<>(), null, null) { @Override public Signature finalizeSignature(byte[] signatureValue) { finalizedSignatureValue = signatureValue; diff --git a/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java b/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java index 8ccc0ed2f..325ffb79f 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java +++ b/digidoc4j/src/test/java/org/digidoc4j/test/TestAssert.java @@ -79,7 +79,7 @@ public static void assertContainsError(String error, List er return; } } - Assert.assertFalse(String.format("Expected <%s> was not found", error), true); + Assert.fail(String.format("Expected <%s> was not found", error)); } public static void assertSignatureMetadataContainsFileName(Signature signature, String fileName) { @@ -111,6 +111,17 @@ public static void assertSaveAsStream(Container container) throws IOException { TestAssert.assertContainerStream(container.saveAsStream()); } + public static void assertSuppressed(Throwable throwable, Class suppressedType, String... suppressedMessages) { + Throwable[] suppressedList = throwable.getSuppressed(); + Assert.assertNotNull(suppressedList); + Assert.assertEquals(suppressedMessages.length, suppressedList.length); + for (int i = 0; i < suppressedMessages.length; ++i) { + Assert.assertNotNull(suppressedList[i]); + Assert.assertTrue(suppressedType.isInstance(suppressedList[i])); + Assert.assertEquals(suppressedMessages[i], suppressedList[i].getMessage()); + } + } + /* * RESTRICTED METHODS */ diff --git a/digidoc4j/src/test/resources/testFiles/helper-files/empty.txt b/digidoc4j/src/test/resources/testFiles/helper-files/empty.txt new file mode 100644 index 000000000..e69de29bb diff --git a/digidoc4j/src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.asice b/digidoc4j/src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.asice new file mode 100644 index 0000000000000000000000000000000000000000..753fda97dcac5cf60cebe0dcd701b37820d78990 GIT binary patch literal 10687 zcmb`NWl$Z>zONy;yStO%?(XjH?(QstTY%t!5Ekz4?(P;`7w#-1xP+T`pL@>U=iGYt zmvd)oYNn?9|IDwu`b$qestQohh!7C)5D>>9Z9) zOmfQ7EKX+5cGgxNp3J^Zj!nr*_5-Zw(hourbIqgj&rnj5)75mgsI0On-lBvE4#el# z-O3X7@*fLl&#fa>E&)hR%@#3JkT3EXS^6yui{vlF(I#1IU4mzHO&8AG2;c8@hq9xr z14r&0yzGxxtxGkTB>L@#)(sOS?j^)=UxZu|lr}>*H6(>bp3C%{CF0tHJNc{@+?Da+ z8x>))Le(k#67{x-c^m1!t?BhUbbc<$pFF^Ugub=0-W;dz!A6WXmxtc%sb#~-P`>I2 zielM)SjG-&&41h*a{RSN^ARzvJPSF1Jur%{DW3sk$v|?go z_Vo2cl4D|4lbxPnkegzF{8I`CU(`9Ig8HW;@}KMPQRshKt(;sv{r-c+{uc}CAN7A4 zApWHI$MN^||2+!F|Hmkt|GOw$|C=cIe@6XZi_XK&#@Wo%%iYR@^{;ie8K9R^AX^VM zu{#Ug*NoK)Z9WmkJtr46$Lln-NY|yNPSg#2LrK-r%h1x}5IVYF$>KxHz*I)BhN>F;6r|R%3nRt50sWX|&2^yasqY=uA1qFGNTw}fcQZXXSnlJ4JHh_YJO#**k ziu}g)D%o#=l7(3p#yKkO0o8-)bm!Y%oZ9YQW=6VQf()v_E%P;cpsc{IjToF54*V{E z)1KWP^Pbn&5ztR?%W{c`2++GG0d?T&OjM9;Pz~ECZxS(0u0!K`Vn*cS$)!lnPZeE4 zwlid!3~CG6xco88l)aB(PPNDbJeNsL<4PX~TuQb!X{sgieg@&3H_LT3r-w{)s_ z>FZ@8+#<)2&Hb}Qa5?pCPpPK+Pw6>2mm^mt4B}%f5>E?;&Z{hX$=-7%VEmnhXOAN7 zG#j2)^i_}27L_3L+ML>)Aa|yNhn)G+1mS}c{+IB#wS>0`>Z=mUv*)1t*jlKb&a)*2 zCSy%dgUEE=$?@=)L**aHnM3EAf4g zVlO8O$mJx`6-V%{6Q8kh6}p<%IJt&V@18m=L;r08Y;CQDVs%_~8incBc$xpgLd0>s z$&U5Do}TdMIm$ZS!3xl=>v;Js`X}x zh|@uqfhYK8qUvPJ7jn-5b}+qZqbobZ#|^@fCEKGhPJp>u(J>jZr&m zE@{kx&DQr9lmlW?ymSN(L7`{pV2dz7J4<*O+e0D9s^&-B%L;B-bMFNzP ze(x=-Q5&)OK837vwIjx5k`|iQ+K8Px(Pf;6;pOTUpNhf;hNLDsMURTL>+m!$<$=z< zzFdJ|PN3z6*hC4`O%XHesCUaR#`L->y(_P!fbo_g(*PZnkCOZboq{$eX$-1>l?3CQ zSjc;ym22iafuY2-Ud!11Uxo~f2CXgqoFVG?bPzz_-D+g37vRZ8;`g6u1x0-B!fYD8rep}l1#EfhgwBGy!}c0wfrB<(XhhaO zQMZWK@E6=Fkd9at){6fL1VS z!yGgrxob(^|az@ z=)Ag{ZM36xGWmBxk5Jcx%OT0n%79SIn~I=!#k*{n->A&G(UjK=sAJh!n=zG9(c3d- zA?ay7QaCC{4>O`MEsLG}c{O)kOb}5=z#r#m#6xu|^mhmnByo=@1%U&jS1uKo6J0^K zoBQ1xdXg@GzWWx00lz~azta`m`4T?n4F!t)EnWLdf-Duv`6g=Dbq)1}gVsqHx&!oZ zBbD#DDb%sLdV#%Iv-KopE9r{KyXPZQo0Y@-q;e&p>PtLy{N5i_6i5?f#ohBBN^2`^ zjV-scf5Sq<`hkWU8sS~_G3&8r^YZ?lF5-Qxd*LBs#76}3rKc4Hv!f*eYP>IkVtHc& zD*-ouo6^Tnz(1lDU2%n(sbX={OK&5G?cqy1+M0(YJvw+@X1}ptJq#Fj8TBkCr2E~e z*y^M)3tU*4d^XuV6Tpkiw>_h}=attWJCKmi`}VZR%GVi#Se%xZQo9`E zp*oR+OypQ|{%1+&{70;e-k?cZDq##>+yWxb%|zYXUnW7%k3X4qfRau=HF;KYpa;dr zd84pIy#8s?O=IzcM_FW3+6^f+Z0kc_=Nb=m<@i@*?3$0p;@buhSsa_98cIdU` zqfc1hy&;7{R4s>8EtvzfeM546>qTeP;7SLdfR<2ouwe+79l-~>%nvn%vSmcc#VlT* zzs5wS!UHbRAH;yoPbh9mJA#|6i1aa1Y#-QK^Xo1@1V*w}V#CU&kQ2|3L@+) zv&2w0#tfda3)u^{cB@k^V3MRW;}RYrG@1EDI<$Yc>qtem10EsB$fnybw?KwR*ZvMt zJo6+mG(O&8y~?(&ZC^zBi4?JMQ+c|ARiRIOHuxC*IdUZ8)W!@ic>RrKJC>sAC6 z&_{bNDxcLEuXeJhAAx;csgBz6gA56`pO+0c;5-hs^T~S?`YTsoq5w!kya;+oK>#oM zyOa#ZSAISNr&gh3*Kf_Q*V8JGb3K0v~$|@LpVvuK_6gM)r@qdi+ z#Lv_Lb%k#~a@uY5JAIcKuj@R451EF=v@xME_=2#7t!WBlPkC4Mu}3u&zfW5BrMd&T^j24*f|J&>QJpU+IQ#TM|;*F`5UUm44p^H%M?FR$Dk@`Fn*(WQ| zW%Qdqq$X{#^EyctrcqP%f-D=iThSg}32R2{n-eOJftOERgfDs$6x;T-G3vn$`UT8y z?F$s0AM}IGMx*oP4%jsVcZ=*SC5u(gaY9ma0V_r^Q*D}3tct%;WG3=(1eyXlzgea& z@wv3va#bC#5>EeOqJk(~2{y>^QR}W*d=!+!z%Tc*B8Gt)SShZ7X)_tl=vDU(0K+?MTFKc+GgrP6xNSM<&9Q^ zm@F-dKlG;ROcaJu!p1r?FX(gSr2cLTGO^pvWw z@!y{SLVX@)eaJ#g$aVsKRrDB6<@8br(&*GF-{cMIBnfvo4xzxmobxtjsOXaX!nvsQ zNe6n0_G6XFR14x~mazTfNcNBsYxJt>PWL6hjjg_pZe6M7=-EyigfJ9hz{87I@eZ~g zca%=SmWZI6Rlzr((eBzENWHKMovU-T11o@d5nP!k1`G`Nfj74s>S!)K?MvrWP zVeKjGq07kuI-EsK*7>!VO|NncEpj)TR_Z##aw4=EG6y;q?52?`8T4c>Gf-RcMeR4B zhejY15x?N2QJg&&f!a zew(b?)e_}ihhtETSU?oPCvC=4ihhSHJ)QUJ8N^go$nJ>-(H*@Mh8XdB&-?eQ}Jl&A^rKw#Jq%Oy5J<_kOzewrUShn}u;C6jyw-&{(WMRWaC? zjrHbt?Okc8^U6W+KTRwUtbT%8`}$&v%d1}Em#o2k#+Bs0 zcJruD=?18p3llwU`M3#;#IdF>LaEciN0uVjdV1}VFxgrmhFT+rTq7o@@P{bP$lr|m zl(}BuR&p|XJ>{Acd134}*ts+h*cnSO`&3g{Ddp(OYut#A6Y9`~vhTZb<#3{Fx^{5}p0}D2~Hd9=mq(Lz-GcYd63PaX<3%-mjti0PxPH9a)R2f>LDC z;_03&UlymEDGWnLOBQ8>_ppd~xBSpZO!1oS-oKi&6W$60$AK`B3V# z)OQ-vHk#Tb@7Xm`r-l}YqnR#joBKv_tycs8F3)h3VjdAvjFQlh;Q=_WZ@1`dBYt}$ zalVeX>Y|f$QK=Hn@fJjjX-^m(hr1?J+r!&_;W94ZOgLL2^0!0Wqe`YZ@y>BPyxip~ z2{P-XU0emn?si<_kfm5qhKoM_e1(a=vl3JOk$3P-9q~i5zP$IHjS;nM53}x9I_1!=S1`exPCJm? zxp8jYp5+OjQ#-w*ru0YxtqrU3zn$VS#-&E)W~0-Ap6h za9@{V(w~A?p8&3-msIi1>yL5DPrf9NE@FEih6%Ur+n*vZE5y9su5sf#T+I@Ox~hR# zJkJj1YO%kJhEWzRZ9W$F_IYoO-9U~5FDL5A#>UYs$(pW1kon&(EjMK9(bf)xZPQQJ8=f&!zfQ5v~htE=tx>yZbwsZ3~NgEwo)VzCd=P-b19zbD%PTw_5zKZ7# z+xK0WoiW@xIQ916>I7O7)lxabfTv4ll<_(gY2U)`EOn!79N~iqwNFKR#hKtzwNBTn z>!1b9iG|=rHJY(Lny~E&`ZsY~MU(@xy_U%8g|CikLZ#TQ7&Dn1IL{7(LdR3x;+zZ( zwFLrv7rsP%A2=q?BzjJHqrKX@(QLavV8|E=P>?jYRE0IJJo2XB7yA0;=YSnjTwTQ; zXZr&2>|ZpPHPEeXNl71c(laW@fBXN0QLDY(0(g4UxwM!32pH;*ZTs*Vgv?BwYEfsR zX(dM!TElmt@Hp7vDtFu_d6qD4?tKw2$ z!IHW9CPPr+t@HB2hb&!~Ts1zfozCgS)Jt#U)tY+UmXf5mDb?!3(X3`A==v0Z#(UtN zeR%;vkcY5>^wG&nD%nf4CjuoO^%jOZ0GVJb2kkA3gG@WX?XJ3(1@g^;o}x1X^L5>w z(boVh#QAg&OnM8Lh9A*#cC8`%X11w*$HhVTZl3HZH(`^$nB-NEi@2+Gh=Sw(>pKr^ z6Hb9EFT?U&55kLWVWYjBMAr#N^)6ec zNJoX7bEIhjAPzs)F-A3tY1O9w0bQ^{qb`;gd+eB`WMa>9^+vUp*Ex)RTbIbjwZGBmbf@WV2_`TOX)c_wx}L*r zITGnk+||852MQFlHS*K0yyjeBWqUeYBPalS)vRS3YUwsVP4&^^Wn57*@HKyb2faat zhps6+DcitA`mnKl^^=Eu=_n+AD+)9-?pQGj z0+zn@74D{ z)+H%cO_)?DSXAq)+fiK{E$ud?OXKBBk_o7UdMSLX7+8d#qT6%OeDZL;()N4H|<3(Nh@HYZPS zPw}vqJhzSAXK9R_uOYbxOB8^|Uxlh+R|B@z>m13WV-{@u^QWt@H^K?$sy<0irjabe zVLX4|RTwwLV8-5v2udu^GA>;UD13^@#|=RZIWZWmLPk|^f|NW+8rupv55=#g--eKd zG=Ms8+qOZX_G}Y@8iSdum4ubeh44nBcK@itbTAP58A4BQ|5%-wAZ-RwbR;110M5%7 z?T+S^>l^Baw|ynz{D_s2Gpw<*#-LBI_0%iOW#1ZWkNWhFR3hA9j_Wjoum>Kwhg@T< z-XPbrHIm9CK=diYyv!ec+1^8x0AK=0N2bCv#F?EZ`SK)XB5Qjd$x1NzUOat+JD{KB zM|~Y7>S~&@w9dvGL{}cOi@%TzQ6Q$GMa0{TTC|6UW~Qt88%5HFBD{d9Pvri8akqFrWQx1owh3AmfN<9 zcQw$a-3cnVv1;87p2lYK9ap{(tC*q+lr*2)NH;^lhpA+nVgAmjd*1yCVa<1#BNXxK zT)or2I^HsJdww*#P0C28dl&(TM7YbyCSC>Vw|_5r^INasZ4jMRs&B^*Q1bu2shHpB zleiWadgZ3t9EqW9FT{X&!#cfLq)&!(28pVf{mV?IM9aDmZ*5~!iIBtMLb0qo4B*q@ zM0WAC7PBEI0S*kVo<8ccEyfC(xg9_7Wb8r==lC+84V4Tyl4Q)nvS?frg(1){Ru+?!_kuU)2Y=j(o21Ddt)Mct zKY5z5a2^`)Xm|Qpe0n3-<|!~pH)y0?al1L6ABF2z{^oTbLHjWbAx{xna!RTVx27ox zuS{-5h#!EwNewF*Cz{>@$fp3>>b^j~%?i+HaV@d1JP!4VtyZ++X-Rlx z+5k3I&y@f+W{{gq^*$^c_>M*j_aS{Mi@45I1 zZtV^}jNrF?I_05)=-4BnDtr8a*1>BgTq<$!Spe5@gTNbk?(O?~ z1dUYaLGYk5OH|_o0)hib4>uSyF&R2|EWWRc9BYT4Q~nEjJYL%!8yQ~$#uQ}_9#>S2 zs?T8RIlrmyK>F|=W7)_!85Pt0;{5RWO98VQZe;S^uq_W)rckbt*^@BKc=Q;&k;mjG zQOr4MLk~s(tsn`B&K(8GjH1-xi zI5gr!4L$7VMoVMc0}-rB$dlL;8kjoPO|d!&*(mR$w!OH|*vZysP^yhD9uHv}MPxA5 zX}xKVo%K=TxVX6R>o2eBXbrH%^~b@JAC%YOO%V{4KrlMQs@)u2t|rkrN|$h>nLbjV z-OkqLZ$EsgaWq?%xwL{iwnp3ua|grKZ$s(bgq#<6PoY^3!PTEatsX$>J%l(uibe*K zQ;8(bfhOX&p;qBMyflRqKeNKg{0eJ(w-vhmv%L^H3nWJ}Ha)^Ch3JcT&A#py3fbSv z(!623o+F)D|xdOU=wI=t-3#aUY+SnFqhbVT~P)Aa%hv?@BNI2)-v7^)T=9ta3& z$DQ7u{U&lTzmCj}&>5uW9MT8sq?ZXaD@A7(@kC{5c9s8N#+tyiF25CLOwynXb6a0EJn_rd}3AX#6JdP40-rQj2S zJ7Xvf&FM?31Bp8xOn}^CwVsc87E1ujx37eOE*3r6R2!L8{h3}^B&|CN<+V*bYy%4y zma0=ThF^=ir3LW1@7)b`TfZH(et_C(w+WI{FeV;<@#OA1LOo}4U&VuI$j+-l_(WMO zpb~{FGB2Cn>q@V8_jFjic|qR$C9RP@2}C;Sof(dH**nJ|qecHG1pr?l0H=zPS(BaYio%JZU+r=(_4!q-UcADrycs9E@gWR ziDY3MZMi6>ebSwh2m&gPlU&`45*wUYBPUB&StU~-;oY3Tc92a-oVp2B^I@yiCw#4Q zeg?R9P@J8d7EYgYr**8ErAoUcYf;&^AIaKcOrz;YeTTA()TTtKpXE6yyB++_@6rdZ zl%D=NV{UQ5JILoCwY}Q;?Lfj?KA{RS??l@|!Z9cIqYsm=)B*q_cc%l{ZbPpmnuf&N0@Bd4=Fn!Y>Ig>{DO^M*8Ek?xqD(r68j;I-7x%5f zeIw@gTj5iKR==X=swLs5Yei+*o39Uq>RX(=8wVbpLn$6ROBiyxctBdEf>Gi*$^2jO z?D-iW-Om771e2|BJ&&dbM1&@6n%8`K;vhZ;F@;taPfTzo$?xZw5YG~y@#}Kn@(d=y#b1ULp6cI@KlW&sm!ytw)R0 z_IjofyKnPP<<6=zbw{S6HhIhJu)b#Zw(RD3l|%_GAvsb`gNkS<*K}W3F)=KvA`6%G zWIDf8(MHho*!_&TxtH11&Vq0zj>x1qA(E|zl;t_}x6V4F6)w9_S_sp%K?XAp`ZWes zqVyRK$u7V&2X&DrxOeG~wK{<=S1#P0!hS~%xq1C!AeLL|GvzfT76H1KsJ_gJu%(%3 z!E4OWcX>;WczbYe++}JWp>w5ROyvR){Mn<1xrO9%5-MUt0Nl!9w~S}w_kxoeT}x;l z0T7UvM94c1h?Tr!h8q1rllNSpH>hP|hO=0$-Afb^+UmHv~JTTd# zF6#gM)Zblqt?fVQPh1@eJ;;`M#!rMz6d#7P#0poig$R_UU1xbn38@NM=u>eu5r>-Y z-Acd7K$uW~jE3`m79JE0MNeC9+b6=D>j^FJIbv(|MM2djAzR@;JQfQ?C`e^AK;DIE z?Xqy5NqRxQ9nfQ29xeUS#N{3EOb+*}$Z`5+pf-&2re7u^4|+b+gwhu;S(eZx8lgam z#(LZlHnhfVDH=}||Jj%T-JW2DCHEXE^M3VG^GQiV(g&ZudCG;jib|OdCw?@&fYv1` z1cJ*e?^BO2keU8kwXbRz%gZ|HD;0;m7}mvTcfmsIy>nNJoo(|{30odTSBZw~k2Q zj>p{|8J+KwSQv|l`4t$>cKbj^1n@BO4)d3tRjMM-FHQ{sA))e@odx*;5#sM1I+Xuw zVg1MLKaDy?IdO7HI~zMm7Yk1NzYy3E|1{|S)g$}Mp!+96>R;8SfA#79E$?4tvcHtC zfAaJo{~s6a-;(|s#D8jKf5~V6Bo+Q4{ZAF`-=h9L)c$`9^$#oU-;(}56w9Bi{}SpS zQrf>o{e38xKd66Nd;jp${w?WWm&jj2+COKi{SWEy^tAthgn|8QZ18_h{Xa$Gbbn#~ HTbKU>GgR$0 literal 0 HcmV?d00001 diff --git a/digidoc4j/src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.bdoc b/digidoc4j/src/test/resources/testFiles/valid-containers/signed-container-with-empty-datafiles.bdoc new file mode 100644 index 0000000000000000000000000000000000000000..b31909ddb2ed6f24dece96e83d7499e913f88b05 GIT binary patch literal 7780 zcmb`MWmFu?zPE=kcyI|8JV1hn0D}YwPJqDz!3j15m%#@HCs=R|?h**WgS%UBXCSz{ z+e`L+@7epDyY~KaZ}qBP-Cgy6)~~AT+oL3h48#Ng&;bAz|3Z~u+Dl1l008j2KYRjM znOT`QxZ0W+*xFi}85ua3*;sQpSsSyPI6%$V4WMR5Y$hyjX0}QX5F!9NI{F`whq`|? z;)f>%$#-wqWWiD#RtDB)5EG~ayNi`&Wt4(>8z-LB`D_2-s_wT}$dVF+-KF|KS0|`*vhhbS&83hj@UB69C(W+({r@5vK)K8gd5ZY#{+_mP# zNI28zNc{wXcb!@|nr}=)^53zEx0-j%>O_d2iHnh3zqScinD?1im3ZBCRiJ4t9$M>F z&u=nj4<<#gkVi@JQK55<&|IJdRWQfSXtr9^d*o&IuM#5xPfQ{6z06HSm|=!*fxnu* za}g(k59&NWar`=;B=Y=`d9mDKdAv;TM6D!;hVFm0BRu@D;!^FoA{qIqD52GelwhpfU#d`Uh zh5SeT!vNqR#UJhO>;F9p_y1v(SO2>xJpY?0qz|k9*P(-&nOYk-INF;)Ie(wKd6;H- zl1%xozTFS%)9HS4ff-@t4ps~XDGWVp8qrWObUbwU?Q;eg%tm`}X>RX_$B=K8#6%2_ z@tT(GF5+(6sTWacpvJWRYZUg2{_aj!<6@oWd8Xn%o9YFp=lwV9db)!nC_daxKN)d9 zxsIq8IP{$N_2LU&8Kk55}^Ba#b|1*rwdAK0IH!`(~xs# z5Fu!)zrWE|y1yE^l3PxPo6R`RcZJpRG1yUd9iRkk0UZf$kM2?^-QCiF)PWs7I39+3 z1NFT<7REdkVMDyQM)@Fp@4P>ycd@zC|$# z-%21qqCZgf#a$Y>UnF!m?1Sy>QrI zO-4o5xztFg!N-m(TO1wfe z4xEI~%HP`{AZwqjAb0n3kaCW;G$7E>TeV4O?zl=I-e8=;;MQcJX|A58NaV(h!$w_C znR;lv0DgTT;;=Inu6uVI0xl*D&nD;H4cexYr*r4$0$A6 z^7NW(tidlA7IM90(WUQctyU_|oggb<{6jk;I&NPkPIj$_pVIwHgJt+adv4hqfmF)- zisx#sf=s#E%VMustoXUGdbZ>?e+*#RK9%Xihv0!$CG7iOV^uXi**PJg-jXyznU!7Q zO$hN4|MBbUt4~rGMb2GcXrscC@K?2|rheO@MJyc6?mlEes!V#!eT56nNE7QXWvtCT z=ngM|kwu%)AvRci(ll=o8(a!2SRLRNOsU~#gChg#qoD2sNbX6ss`BH zdVS-zT;R1Lsj_~A67mye%(TQ-s94l(C{f54eqPu^_~Hq6u!q!3GSBXnBy&i6r?7LE zw?50_FjFY8dUet43lvk*0$yM+oi=g2_Sr=5%}h7&<4OBWul?wn+(*Xw?@OY230~?7 z_f>CF6_HM|IDX1XHIzD97;GRnsir%{mt=x(Gty$tiAZ11YzA8&_LFQ5GmDSWdemW? zDhHD}zQKG&dZ|C56~I|mC^PCsS%3jp%P{4@>YOV5qN#urTGq5_p=zI<(=N4er9fSnFvfW-ALjcklTI0C3>u?krT}$t>=j2_vM*)AOfR~6qf;H8Rbf$gjC5s zX6{jT%=68B!b2ww&0gEW%ak}!r1NvdQ@>ow!v*~P&|-_7D3Go`O!YN3)0bInR{6~L z%O5d4<(G7jBGKuwvlEfMF(MjqwvxykcP<9;X+Q9}wTCQUde3K3gNLA=G!Kipf{pyi97{WpQ80p4Hu{|bL_0qtL)hL|RDU?SoEv>8so8G12Z$SBTmqmO ze$TZ1zPH zDr8p;Rv=fMv6p*jfp0dVyh9NjjC}p+4E@cFDC)^sM%fhFKn(#j2M~Y4)fW}@?U85A zYaqoy2}?OyJ<`!^#I+8kqLGQ-y3VWR_hW_c>x^=Xj8NU({F3)mwn7e;oJ#j8kJcgr z;K!HMu#-ErI=U~8JNSt=B#0)Z2ADsh1%+NYTR19kCsB{sA6pFQiGw91bw{N(=Znzy zCMv0O#SlYW!E})nhUCFZrUXnuxS(V2W(A+CSVs6WyK}ysE;pN`M$I|t9%i@OYy7i& zTD(>^(!}zoSG8HMG@Nxd_aOClb9~^LNb>6Nv!23P5L!ttBo8737g`5zmt9qZMe^F z{pzzXiO_0-X*|6;-Mp1r6Sdmhx*nP=yf{q;HifD4+{&b@F$xoG1adCxyT7UoZ|}?2 zGxNE1Xnzv9GJYuHA2E;&>a)n2_nN;X>c$eBn^q1Uc#+xGu!>9G zK#p|%wBdVND%uWiIKkNyAx+Xyz1yWW&!WR(dC}}{i-p%zdLVTBVNYJw(@Hs%%eF`w zxOJ{l$wghoQt+ZS}=$KNX~maqqGu<|*X{krD< z5C|8+HQ+t3ax%&EPRBK}&`K!mP8+}FdIibr^;a#;6CYm~vK2Z%jX!*+ z`8G_sdW*%MJBSx~Q{8^OPka0#bjxmGBf-)^b6NA%AjNd4_{-xiw}V7h4>}lcCn4Di zJf?KWSh3S2EwoRV%ojF7eV#3{C+j&EeRsihd#HG|oOaSBvZ=V3T69}}OA3!^VX|sM zWYw|y^GbA|&;Bq4F)H2ts*%;3?#o{WhdRnttI3f(VM?s_uOzN`lPmTNr5gKF=&_?p z_9zibvLH!4gB^{Vl#>%aw!fZe`hgb-adRmrk{pR2#BGcvCoz4>TyPzU(sx9Dnn6&7 zsOG%H%}Ey={^@izGa1438%0UG#TPT-tSK)Ye)GyX{ftKw0}+2ymvs> zXT=sG6#?Ya{&`H+G88y%*vq;W!320yc7m3|S49!Ke0tw@RC|f!Dbi^OCygHB-hV~{ zD-Q#=L+Nb37^y8v;cCvuR|I-q{;3ha#%xC846d4 zB*G<5HSyV6Vo-R_u^Jo{`S+ro_R@|zXTQdV2yX!ABSbVswk9!Go+L|p&DsMlCylFP zwtXZ&4tqOf;v*;gFxO&z6|wt~aqys)On>ntDjcn+BNv;|r*jmnHK4slQ|&_h4j5egdI6*N+k#1@_D72v;SV)D zk*!~8p*TGhJbRCe>#~rt$-k-iDU9o^juuo|+r3`A=$%aJaP>*COVO_AUnSvakP}F; zWU+)h#DCqibXH(@6{~WB@{kV+af&BC64T_J?2yVBeN0%-L+cX2Pk*irWhU0v-AYJR zC_vqxZ~#+pe%Z2npUPU@cK0^NgIR&Dw{r3mPE;d8GM>I#cXy~dYvy8(t#Zyg!TMD( z!)a8yQBgvlw9syjQRZ8MzG5LGmXlli0tvSq6ImvxDDr`PpAvT@TjE7R1y!kZSh7x6 zV++0}li7J0wjT~hw;|z+J9}oyykEybnWmqD)LUmAIGD>wJrw4o_X3w$Pu?5~yS87` zrb6ilgD6p4t0&>wd-B~y0Q=ok)DqFMW+YL{?*JfRO;n|GpCIr;Ll`jpNRKZ!#*7B} z2MXQm3DeFiYoInwPZlNh_T~IVinllr>s^z!lg+ZfOd~^ua>YT3{!WRblL=*@({hMY z165;}1ZswloDw;7m*k4;{lJBrshnY6l!id#8o9o0|0Nq*E@r&M7RsVsZ9P-d?b6)0 zVVRa{;Kg~+-5t$yHgXucpXA=&*qBJcVFJ2{t)lzPJjCVu2$SQ}X~r%SL*atS`DRN2 z+!qs&zDYRGvb&S#TgBQguzCU6Aop3VbDdZu@hh6+{&pUT|dpXhyYbpA*)*pu2+@Inx<*_ee`vO){k+M zKp3CVV_fi-6CZhpA#tTX{mgC}KtENNJhl{KH{*Kt`JRPO60?|Ojf#` zKORl9bO;@QyqZ9 zcE0}9pjsZHHQFBBy#WNTb5|y>a$4ep{dAzADmM5ky)$DkO@Co^wvSkwmD@&7Rm3?J z4;?|*S5mu~;^o+=ELfv!_yx`WJj1)t_~Zn1#VeR z9s|#7$p^3^A&zBBnNyX|1HPzLr^;EZ;&|oHk(@%eE>#N!R5WEh>`o)w!)Yl#pRc~& zFbw`U?}EwzjGpAC3Vrqc-W!}qqo#33tPq=lH!A{-PJYJxG>?C~?i!UYp6uqMw2jF% zf7GGkmZqZdAYtOY#F?eeZV;;*U0-VVprY|9q2{?nfJo%9qVX}c36~2UtW3T1M&isE z+iUF0}C-isnmq1DI$gopEg7Zn5TZntdX35$bA^19r%61dCN?N&haIE|(H z?Cqk92{h#>9T9?LbH3}rzWfz#AK|Mp-q~v#&aP9dzS1+k($l_~OHXI#w@dibZFt1S ziQ4w#!U6qu5tnfYys^rgMW@Kv>D&$uUI82W311vu0R|&c*Uuc9pAn@n4ObF(O3v3a z3;d};-J$%b#=E)Ma*FtGsuh=x;L{!XeCUfVO33xi#b;VINAnX4<*m`%MF%XmWWC<-+Tq;)IFvYj16}eqdpFKGg3?b!^rOhjIFn*6J z7~;z;^|`jEPuzy-8eCOdSqiPbu-k0uElTQ1JhLH(mgV(%Q0#`nd6@y81E#dIngE(T zKU)b}H5`^o21WmPnTQa**GYZ4bJPV4-VriZMJ$Ouj$*5gZ${S?4z!IvD`Y!-pDQlS zUdi$mE6t5Btx`-_Ep8qc(nODQJ9=&5b^}%l2$E9p$nihehMs!uV z;rG%*r@x-!Wc5m8;3<8|=pC(&Jh;bwjm@~updSY+1g+JQOyZ64EmGuN%@r~fA~GeE zN;Nuxj0}hFtS7Dk`CiO+md2|*vN~a$?+0FXQ*hTLB6Eb2Oz_*FeNc)4Joi2`x4VO!Xn?RyCTNzh3?ZM8?yAR2KU4fd1FzYunor! z)`cZC`O4TmKZqxzmK8Us3X= zTe?3#Gx6d2AY>VYy|9AWH8&Wa{B~>3oAs$#wg+~$2|HHbnW!1Q{gtQXdq#AB9BSV- z1ukM^RdjXSD!$%#I7oZS5MkqPO{k|hj+|OE@_31}leZ@^XzM1!yEZ3W z9jD7)UA)avm9zs{s;R&mc#*9nqj<&@_qeMvHOC>KV2O2(eRDYm%l@mG_sRll9NT(t z{bN-FFu}a~yHmqD5$*^!ozf|$k(H^Agwj~wpwR2aqL>^ZM9C`acE;5API4s9b`J>& zIw0uLX)#7WnoISb*D}vX!-48-+9UL<3F4%F1#=@sghYeMlzh}%>fNtsjg8mdOkw^t zJ*}+v>bL+Vt8ARl7GamN8}$Qq;*!0CMsM>ep?uz`7BpreYnGk%z)~G-_2qMcNBE2D zM(k+gL!DPlG=ttEy~;4>e(a2W7>?`-5}jN}lAYtaZIflstth+UKEvW(*v6dhL`n7ESt#xQmc=oPsl)9)0Oc?zFQ&!StA14_qtB>5mKWnaVldq!w<^ z(Ty6r?OCnexQuE$|Kl%>`CCPk>hen8g$=)4U~?xI*Ngn9)sa`(Pj@^sFvX!*{h?n8 z>*p_}lciyHu~(1IKMrapC+RD$>|~#GT8+bZ{>UIaO(n0bFCNPl=K2!ffo%}-=I6K4 zULDkqVDlFH`J*DwB74HoZyAkjKjaH0Q^0-`T!8D|u@K%=$^fg#sm=6fhnOAPK}Kn; zKzt)J5a^TmFZE{PX8y*b<6dP*{9s#>yf+qvL^kIae+X3z+7U^-l+ezVJG;Kt^HB*E zotG@lBm&RL$TLd_Fm+YRHOj9IL%jBI7^w^l@Mpq;1-B^#IV~cw(!6_YnD;Fg!Bj# z@b{t*`@c-l|G)pY_LG+tqmeK(HIuM0dS(6_K?L|y^ZiwJ{nmVcA|xN){^ei(D*gVE z_gCZf+e`h)(?t3o!t5VOzgO|!?(4T9`;(OYK>AN#_K&E)54G}dq5e>3|491#P#h0g z{}SpCbM}v@zYk^efcjG{{vpx+k@VLi^4psIxl^?dq<{Ux|8QvkfkZ+5y*BiROY5O% Lo#Hp<-=_ROmK+HJ literal 0 HcmV?d00001 diff --git a/digidoc4j/src/test/resources/testFiles/valid-containers/unsigned-container-with-empty-datafiles.asice b/digidoc4j/src/test/resources/testFiles/valid-containers/unsigned-container-with-empty-datafiles.asice new file mode 100644 index 0000000000000000000000000000000000000000..710e142f4fae93f4e75d5d2409387c3015e7d7b1 GIT binary patch literal 1252 zcmWIWW@h1HVBlb25UO7l)TQ{-Ri1%?0fd1<47r)PsU?*Ksfh&zIho0cC7Jno`ek`3 zdZ{JFnRT+(KdIq0?$K)~xDb8$}H}m%SIcIrkF1hd~t^ zHFxf|m*mCrX#WO7(V2c9cGtJ-Kl*-M zq<+VuACHgbe15E4CLiF<&e8hojon3{j}J33FyIaoexQn!#F9kaw9K4TT|>Q+iV|*5 zUA;h$bLX`^&uTLQwX$<8-E-8R52%m_h;bVw0F+J5Ehwpkm}LYqiy5pRD8T@91sLGg zkLna-Dmul4GN+gl;}k|FE(Y9bmlx`L2n9>YKAuhrE}7|>F8RqOSpnXROd<@3l#3jH zpp=U+!WGEFnvU_Bha8EZphlP%$%v5#@R|hj1S~p1k&ZBF3D6|;B!Jf_+>UyJ;wW%x wz-tn2N9hCIisUG8V!&$@Zb#( Date: Wed, 12 May 2021 14:17:08 +0300 Subject: [PATCH 39/45] DD4J-349 Remove Qualification and SupportedByQSCD certificate constraints --- digidoc4j/src/main/resources/conf/constraint.xml | 4 ---- digidoc4j/src/main/resources/conf/test_constraint.xml | 4 ---- .../java/org/digidoc4j/impl/bdoc/BDocContainerTest.java | 2 +- .../test/java/org/digidoc4j/impl/bdoc/ValidationTest.java | 6 +++++- .../constraints/eIDAS_test_constraint_all_fail_level.xml | 2 -- .../constraints/eIDAS_test_constraint_all_warn_level.xml | 2 -- .../constraints/eIDAS_test_constraint_version_fail.xml | 2 -- .../constraints/eIDAS_test_constraint_well_signed_fail.xml | 2 -- .../resources/testFiles/constraints/moved_constraint.xml | 2 -- 9 files changed, 6 insertions(+), 20 deletions(-) diff --git a/digidoc4j/src/main/resources/conf/constraint.xml b/digidoc4j/src/main/resources/conf/constraint.xml index 161c62d29..fc07cb365 100644 --- a/digidoc4j/src/main/resources/conf/constraint.xml +++ b/digidoc4j/src/main/resources/conf/constraint.xml @@ -43,8 +43,6 @@ - - @@ -186,8 +184,6 @@ - - diff --git a/digidoc4j/src/main/resources/conf/test_constraint.xml b/digidoc4j/src/main/resources/conf/test_constraint.xml index 161c62d29..fc07cb365 100644 --- a/digidoc4j/src/main/resources/conf/test_constraint.xml +++ b/digidoc4j/src/main/resources/conf/test_constraint.xml @@ -43,8 +43,6 @@ - - @@ -186,8 +184,6 @@ - - diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java index 339ee216d..ea2007db4 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java @@ -1074,7 +1074,7 @@ public void containerWithMultipleIdenticallyNamedSignaturesShouldFail() { Assert.assertSame(1, validationResult.getContainerErrors().size()); Assert.assertEquals(validationResult.getContainerErrors().get(0).getMessage(), "Duplicate signature files: META-INF/signatures1.xml"); - Assert.assertSame(4, validationResult.getWarnings().size()); + Assert.assertSame(2, validationResult.getWarnings().size()); Assert.assertSame(9, validationResult.getErrors().size()); List errors = validationResult.getErrors(); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 0abccac0f..829a2160d 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -283,7 +283,11 @@ public void revocationAndTimeStampDifferenceNotTooLarge() { .open("src/test/resources/prodFiles/invalid-containers/revocation_timestamp_delta_26h.asice", configuration) .validate(); Assert.assertEquals(0, result.getErrors().size()); - Assert.assertEquals(2, result.getWarnings().size()); + Assert.assertEquals(1, result.getWarnings().size()); + TestAssert.assertContainsError( + "The difference between the OCSP response time and the signature timestamp is in allowable range", + result.getWarnings() + ); } @Test diff --git a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_fail_level.xml b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_fail_level.xml index 00666e286..b950855b2 100644 --- a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_fail_level.xml +++ b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_fail_level.xml @@ -36,8 +36,6 @@ - - diff --git a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_warn_level.xml b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_warn_level.xml index c0a1b1d6d..c8eca8901 100644 --- a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_warn_level.xml +++ b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_all_warn_level.xml @@ -36,8 +36,6 @@ - - diff --git a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_version_fail.xml b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_version_fail.xml index 2ad120930..fc7b92b18 100644 --- a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_version_fail.xml +++ b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_version_fail.xml @@ -36,8 +36,6 @@ - - diff --git a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_well_signed_fail.xml b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_well_signed_fail.xml index 402b43482..be51a55f1 100644 --- a/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_well_signed_fail.xml +++ b/digidoc4j/src/test/resources/testFiles/constraints/eIDAS_test_constraint_well_signed_fail.xml @@ -36,8 +36,6 @@ - - diff --git a/digidoc4j/src/test/resources/testFiles/constraints/moved_constraint.xml b/digidoc4j/src/test/resources/testFiles/constraints/moved_constraint.xml index 25030217b..d06cb9665 100644 --- a/digidoc4j/src/test/resources/testFiles/constraints/moved_constraint.xml +++ b/digidoc4j/src/test/resources/testFiles/constraints/moved_constraint.xml @@ -36,8 +36,6 @@ - - From 0fc650f6f48817796a28c519f79bb6d46db8bbe0 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Thu, 13 May 2021 16:53:31 +0300 Subject: [PATCH 40/45] DD4J-456 Unification of validation constraints --- .../src/main/resources/conf/constraint.xml | 17 +++--------- .../main/resources/conf/test_constraint.xml | 17 +++--------- .../test/java/org/digidoc4j/AbstractTest.java | 7 +++++ .../DetachedXadesSignatureBuilderTest.java | 27 ++++++++++--------- .../impl/bdoc/BDocContainerTest.java | 2 +- .../digidoc4j/impl/bdoc/ValidationTest.java | 9 +++++-- 6 files changed, 35 insertions(+), 44 deletions(-) diff --git a/digidoc4j/src/main/resources/conf/constraint.xml b/digidoc4j/src/main/resources/conf/constraint.xml index fc07cb365..35b969d53 100644 --- a/digidoc4j/src/main/resources/conf/constraint.xml +++ b/digidoc4j/src/main/resources/conf/constraint.xml @@ -15,24 +15,15 @@ - + - - - + + @@ -43,8 +34,6 @@ - - diff --git a/digidoc4j/src/main/resources/conf/test_constraint.xml b/digidoc4j/src/main/resources/conf/test_constraint.xml index fc07cb365..35b969d53 100644 --- a/digidoc4j/src/main/resources/conf/test_constraint.xml +++ b/digidoc4j/src/main/resources/conf/test_constraint.xml @@ -15,24 +15,15 @@ - + - - - + + @@ -43,8 +34,6 @@ - - diff --git a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java index 12ff3c3aa..e3053cd2a 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/AbstractTest.java @@ -550,6 +550,13 @@ protected void assertValidSignature(Signature signature) { Assert.assertTrue(validationResult.getErrors().isEmpty()); } + protected void assertValidSignatureWithWarnings(Signature signature) { + ValidationResult validationResult = signature.validateSignature(); + Assert.assertTrue(validationResult.isValid()); + Assert.assertTrue(validationResult.hasWarnings()); + Assert.assertTrue(validationResult.getErrors().isEmpty()); + } + protected Policy validCustomPolicy() { Policy customPolicy = new Policy(); customPolicy.setId("id"); diff --git a/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java b/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java index 41a84d30e..8248b76a8 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/DetachedXadesSignatureBuilderTest.java @@ -33,7 +33,7 @@ public void signExternally() throws Exception { byte[] signatureValue = pkcs12EccSignatureToken.sign(deserializedDataToSign.getDigestAlgorithm(), deserializedDataToSign.getDataToSign()); Signature signature = dataToSign.finalize(signatureValue); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -47,7 +47,7 @@ public void signWithSignatureToken() throws Exception { .invokeSigning(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -79,7 +79,7 @@ public void signWithMultipleDataFiles() throws Exception { .invokeSigning(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -92,7 +92,7 @@ public void signWithNormalDataFile() { .invokeSigning(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test(expected = InvalidDataFileException.class) @@ -149,7 +149,7 @@ public void signWithLT_TMProfile() throws Exception { .invokeSigningProcess(); assertTimemarkSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -165,8 +165,9 @@ public void signWithB_EPESProfile() throws Exception { assertBEpesSignature(signature); ValidationResult validationResult = signature.validateSignature(); Assert.assertFalse(validationResult.isValid()); - Assert.assertEquals(1, validationResult.getWarnings().size()); + Assert.assertEquals(2, validationResult.getWarnings().size()); Assert.assertEquals("The signature/seal is an INDETERMINATE AdES digital signature!", validationResult.getWarnings().get(0).getMessage()); + Assert.assertEquals("The authority info access is not present!", validationResult.getWarnings().get(1).getMessage()); Assert.assertEquals(2, validationResult.getErrors().size()); Assert.assertEquals("The result of the LTV validation process is not acceptable to continue the process!", validationResult.getErrors().get(0).getMessage()); Assert.assertEquals("No acceptable revocation data for the certificate!", validationResult.getErrors().get(1).getMessage()); @@ -184,7 +185,7 @@ public void signWithLTProfile() throws Exception { .withSignatureProfile(SignatureProfile.LT) .invokeSigningProcess(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -225,7 +226,7 @@ public void signWithSignerInfo() throws Exception { Assert.assertEquals("myRole / myResolution", signature.getSignerRoles().get(0)); Assert.assertEquals("SIGNATURE-1", signature.getId()); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -242,7 +243,7 @@ public void readExistingSignatureAndValidate() throws Exception { .openAdESSignature(xadesSignature); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -343,7 +344,7 @@ public void mimeTypeValueNotInitialized() throws Exception{ .invokeSigningProcess(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -358,7 +359,7 @@ public void mimeTypeValueNotValidated() throws Exception { .invokeSigningProcess(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); } @Test @@ -376,7 +377,7 @@ public void addDetachedSignatureToContainer() throws Exception { .invokeSigningProcess(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); Container container = ContainerOpener.open(BDOC_WITH_TM_SIG, configuration); container.addSignature(signature); @@ -399,7 +400,7 @@ public void addDetachedSignatureToContainerWithNotMatchingMimeType_validationSho .invokeSigningProcess(); assertTimestampSignature(signature); - assertValidSignature(signature); + assertValidSignatureWithWarnings(signature); Container container = ContainerOpener.open(BDOC_WITH_TM_SIG, configuration); container.addSignature(signature); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java index ea2007db4..339ee216d 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/BDocContainerTest.java @@ -1074,7 +1074,7 @@ public void containerWithMultipleIdenticallyNamedSignaturesShouldFail() { Assert.assertSame(1, validationResult.getContainerErrors().size()); Assert.assertEquals(validationResult.getContainerErrors().get(0).getMessage(), "Duplicate signature files: META-INF/signatures1.xml"); - Assert.assertSame(2, validationResult.getWarnings().size()); + Assert.assertSame(4, validationResult.getWarnings().size()); Assert.assertSame(9, validationResult.getErrors().size()); List errors = validationResult.getErrors(); diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 829a2160d..9f09fa560 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -176,8 +176,9 @@ public void signaturePolicyIsPolicyImplied(){ this.configuration); SignatureValidationResult validationResult = container.validate(); Assert.assertTrue(validationResult.isValid()); - Assert.assertEquals(1, validationResult.getWarnings().size()); + Assert.assertEquals(2, validationResult.getWarnings().size()); Assert.assertEquals("Signature created with implied policy, additional conditions may apply!", validationResult.getWarnings().get(0).getMessage()); + Assert.assertEquals("The authority info access is not present!", validationResult.getWarnings().get(1).getMessage()); } @Test @@ -283,11 +284,15 @@ public void revocationAndTimeStampDifferenceNotTooLarge() { .open("src/test/resources/prodFiles/invalid-containers/revocation_timestamp_delta_26h.asice", configuration) .validate(); Assert.assertEquals(0, result.getErrors().size()); - Assert.assertEquals(1, result.getWarnings().size()); + Assert.assertEquals(2, result.getWarnings().size()); TestAssert.assertContainsError( "The difference between the OCSP response time and the signature timestamp is in allowable range", result.getWarnings() ); + TestAssert.assertContainsError( + "The authority info access is not present!", + result.getWarnings() + ); } @Test From c5d2ae07115fef41cf96723aa17f4cdff5c8c996 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Fri, 14 May 2021 16:21:53 +0300 Subject: [PATCH 41/45] DD4J-702 Update dependencies --- digidoc4j/pom.xml | 42 ++++++++++++++++++++++++++++-------------- pom.xml | 4 ++-- 2 files changed, 30 insertions(+), 16 deletions(-) diff --git a/digidoc4j/pom.xml b/digidoc4j/pom.xml index 090e169ca..4cde628a6 100644 --- a/digidoc4j/pom.xml +++ b/digidoc4j/pom.xml @@ -22,8 +22,10 @@ + 2.2 1.2.3 - 4.13.1 + 2.12.3 + 4.13.2 org.digidoc4j.dss 5.7.d4j.2 ${project.build.directory}/build/util @@ -72,7 +74,7 @@ org.apache.commons commons-lang3 - 3.11 + 3.12.0 commons-logging @@ -92,7 +94,7 @@ org.apache.santuario xmlsec - 2.1.5 + 2.1.6 org.codehaus.woodstox @@ -103,7 +105,7 @@ org.yaml snakeyaml - 1.27 + 1.28 org.slf4j @@ -199,6 +201,18 @@ ${dss.groupId} dss-pades-pdfbox ${dss.version} + + + org.apache.pdfbox + pdfbox + + + + + + org.apache.pdfbox + pdfbox + 2.0.23 ${dss.groupId} @@ -229,7 +243,7 @@ org.glassfish.jaxb jaxb-runtime - 2.3.3 + 2.3.4 javax.activation @@ -239,7 +253,7 @@ com.sun.xml.bind jaxb-impl - 2.3.3 + 2.3.4 com.sun.xml.bind @@ -261,19 +275,19 @@ org.hamcrest hamcrest-core - 2.2 + ${hamcrest.version} test com.jcabi jcabi-matchers - 1.4 + 1.5.3 test org.mockito mockito-core - 3.6.0 + 3.10.0 test @@ -297,7 +311,7 @@ org.hamcrest hamcrest-library - 2.2 + ${hamcrest.version} test @@ -315,19 +329,19 @@ com.fasterxml.jackson.core jackson-databind - 2.11.3 + ${jackson.version} test com.fasterxml.jackson.core jackson-core - 2.11.3 + ${jackson.version} test com.fasterxml.jackson.core jackson-annotations - 2.11.3 + ${jackson.version} test @@ -345,7 +359,7 @@ org.json json - 20200518 + 20210307 test diff --git a/pom.xml b/pom.xml index 889841430..ae8efe527 100644 --- a/pom.xml +++ b/pom.xml @@ -227,7 +227,7 @@ org.jacoco jacoco-maven-plugin - 0.8.6 + 0.8.7 @@ -318,7 +318,7 @@ org.owasp dependency-check-maven - 6.0.3 + 6.1.6 false false From 490d2c4cb546eef70eaf2944e98864bc40ce83e1 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Mon, 17 May 2021 09:07:30 +0300 Subject: [PATCH 42/45] DD4J-701 Update TSL TLS truststore --- .../src/main/resources/ssl/tsl_truststore.p12 | Bin 40866 -> 28186 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/digidoc4j/src/main/resources/ssl/tsl_truststore.p12 b/digidoc4j/src/main/resources/ssl/tsl_truststore.p12 index bcea473ab9fffbfba38860ddc500b880ad3b56b4..57df1d700d882efc5c79eaad2c782eee12a3cdf1 100644 GIT binary patch literal 28186 zcmV(>K-j-9f^HT90Ru3CZO;Y?Duzgg_YDCD0ic3yzyyMAyfA`oxG;ikv<3+(hDe6@ z4FLxRpn`3sFoJEN0s#Opf^C`x2`Yw2hW8Bt2LUiC1_~;MNQUXEfJC0K^DLt-;MYZIt;RY^FrQ9nI}o=FLP$-}YVmAi&a7z_-w z*m}u~;S#{~mpQBND(USA>}fYQX__J>BK;ZKT(QB1nHwB4&v%sLPb!|!K2!qHQFVC? z{~&pLy-}r)3-{-_@Wq;XiFS2#DnKonJ?o{Mh9Fdq$1n)$9mOd^olVL7#lhB1k0V(}MA9;h$r<2K zj28ktMFeMeL2lRPd^Y{;J|m`G7CD_QALu za>_mUh2xiQr)e@eEKvrXAg8t;vGh>Q1yLxR zU&Daht-!r2Up+vVha6Kt3^&k!7KZ%8{fkSmJQ}M&*6WPlxThdVA4|q1#cf;%At;QT zmIG!*P=RVUWy%RC>!0`3RTnepA!};I&CfvyejwK~HYVoL8ml;)i6K7HMdSac)4WKjE@Q2EO=r`Uvi#g&@%&c;JMXoM((Ljw?p}}k; ziM(uQzp8Ea9VBEUrks7CD$|*}hEQ+9UAe$f_#9dcwK3+v^+K80So3-CURL4N-NA z9oh6m(VR=pY4Ca(WSE`tE%NQAYe=mtrqD*XfPGu_x(@owV6n%8ty5N_Wmw^h)K>Gf z8S5$hMe`YPdcd60RF~w&@^(U+o;{A%UtH8Ld=~}LmZ8Y#S^F0Y1zPJI7jsVqp$1s?+cVLZgip^&QUwN_8~W#Au{`m5#~YmCJQP$C4#I>&yG1?B1=O`#^{ zdlV<#KG@+6XLqFH<7Y-lEV8X201SY4cs9AAxx3<%@&2vqSl8N}45|UGraz2qK&ME? zYn}7>W18QGmTWz~863e^7024RD)R}5++s+YZ+C}DSGuIwj{%gx%y##E@cQZk`|j;} zOsebjolC^TN?ik_8GrhpGj-v8{XMly!LgTXIQ<~_hhL!w@RX`Y3(1Snr~WX57EYpm zUUV{Vo}eAMmqo}CFtuY`6K06wAvJ~WN*vlQu%FO{knvy=DLvGjxqOI@A90%=-C~f= zDy?>5P54uIe5haBFBDB$+pcd?@GX7+l$J%B2<7W+^%3|}DVqqXS;X-{JP!<<&O`@K zXZTL64c((d)fH?Q1UMA#o3Bs2AOn$aNE?H^9q*uP5j*LsZ4Wj-y^yNbUNxlanG;o`|)se=;hU3A#?IjF)q$Tv`m# z^hVXoh36wN9`dZPVdBscjOJ=zVF7R1{la=^wBjwuf@xP>YnRMzJUku;n~W3lv!;t7 z6z8{FrBK(b+TUVS-w~59X5;u8DZF$Hn=*;o5zjsZ0x-}^6s;Fo4uv};^!$Wm{$&n3 zE=zh%0+FGpF@<0=R%q$DyPVOEkDiu$abRILS)JHzUdt5kvFk!Z{}_<`QSqvnFEooMTUDkpqIM{Y88G}uFwnSR2GLV#2qwW|f%$4ubpbPR?mgJyNH4F3v`&5N z0h?$yhApOqB8gD$6L;(sz2;m>`2AVv`8jz%C6q`BLWuOPDw2LxJD^&=Y;4-uOq zciHm3vfPwYMFyg#rK2}eVj~;p8EzfC$+zc8!0)<7c6!l!KvlqvQ-Hr`Y%PCGdNJW7 zYci5bu&Lnp74#3f9dhuE3Nxxg{-Y7Xn7-UKqlvtAZ2KJR`2;Km(~^CK_{<|0U&vK= zdRo)?3JO{2W8r%MY2*(v(8D4$N`ruZ#or{Yb%#%#(zRHXx0+;Lngp9pik;2urLp{MqP zE5YIpF^jS`1d1&@{d^Ip(*-Um$Fk*2 z#i;QYI0z+NDmJI~5n^V9YETZd7Y$e7G8j-&YI$-N9LE8xVvqEY#jG~XjjJ={nR90W zW`DXm*XfHw9ZA9m*@nV_AK8vq*+q&Hl$@ zVB#uJe}gAL;vZxiXXCs+_+3mp4=^&vD(HP|i^;1qXl+}3k#F0y6r4COkE-3)yS;N>f1A_X58R zAxTb>(z>ZEs;`SwcpHujNPLTmTGu<+u5D$71e|wPPhKfm6n{64ZocryYyyf4 z(S^Yf&1wB zJ!CAhnLS&e6W=ag}Xd^r;)&)?kot{qR30UBn|<}A)w@2_{4epZ&iJ+cxX+$9G}&m!L2e9 z&3X#(Tzm(`2QC7no5*d`=G?u_UbERWFXlB-D}KcOb&?}oc&WktWC^7q&67o7MLxdp zlbqL$Uy0b$)D`i)={%3Rvhsy=P9;J%*f)bouCHba!U4#1wr|1*P6@d-@aGfAiSiNe zxzt3b?7_n&28*qwmo!jyi7g2|B7i-@=4fzi4_f7zm8qGKB>BiY(~hj>kZCVF#=eY? z3$9%tu24!oBaBBME2fcr6n57OEKC%ax7ZrzscJ6+gb3MyNX12ao6Iclc z2P#}(R>Kk1T8(r>C5KY9yWGYyGQm#H6rORpTqb}Cg+;faHeYqL&gj^^8H_yViJI0w zzC+zy9nQ3HWb!p-5x`Hmg ztt`K-U<=RF-Rq9QG8}Sr;6UNs&k-T6Qt_UHv3LWs=o1p@o508|=TfMh-bJl6H?9nU@9owykcHzyVDU^h*`|IdY(bj0I|^MYhSOgdg;T< z=6VI!*uz2Gh~^-8N8#~dV`}D1Y(r@BQ-_PQ+D!GB2u({aV^gx3k%NVHymJG>!Pdwm z=^Rk{Y?1?Bs2I}a8j!UdnS)oYKE0?$(mh7=G-eTQdNOuodL%Tii~gC;bOpPTB{O+Z zQ$L-x^J^98JE67QhEs=2ntvqJpPhrd6AbKKfu<;eaPk^}Vg?s)u6K^sOTji^ohkUf z(-dd<>1%Boh`GU{Mg9kG3<+LLW85;H4U zbUH^gG-s0HUVI>u#yl*Ct(Uy39|7|>1!}~|rzI3z+XC7c%zBnFUcsi)@R3K;%p_K8 zCe-fH4QvCMldfF>pqm`!&~QUpzAi%l(N%;z>@po5_0cNPWIu~Wxh{~ukWYHsWN@%9 zo~YSx_cP=#A#e|hO_OyP`m#0R*Bz|KAzh>k_>(8^NHM8KL8+9xuD1LQix%J$6Vt)# z4X7ljjw}Yvj27{j-D>Ce`$8(Sb@RU(&fWWWx1;^@YBG0Tck=#Xut=7^XUj<^1$+(~ zqgA2bw4n7u0Hi+*v)6=zGP2+Xe7vhlxciUw%McYZCJd4Sb-Rd#8a(LromjE}w(zD^ zg-XyB!__TBxhxuH-$~c<8RUpP>Kf)g?|xMD56#t}tp~6Sev{zRff(JU+PW5bnj<~( zTEP6bY^X(sgOs`XK*`VCtQzJGtZ65kg&&C8kjmIo$2%!C$}WJvEW+ZLO&+T3_IH9M zAaF2Cb4q4&59(ucGk&co(YbS@B=4VVirZ(WTpY6X7cvKrv6iTO-hA+^NZF9t=A1i; zWo3015d@=_A~4lo-%HpCc+=76T~Qu%AE0kcj<|42NwpWT66kM zsD;Eu6?7MWgeKc`#F+pDlbb&Mj3sF9$+hL!&AGYM%aTZ;--z{-HVo@Z+r*HDcL%*% zrOIe{AbCEu8D?pdvv{-keGdd~FYMTriv9zK1Wvy+Xx+Q(=|oPK9H>D(s_&WiNTWObu&eA~77Hdn&I6 z<}^EuvfGFyf?f5%$qc2E`+HZLxfWz-BV8l!B6TAkbm`n$#ZjJPV1_5}+@33zb-TfR zCISoFTDq+`K{VSz(@uF;9n2v_wLJ}OHBLL zTKlioV-0X7ho3h|-Tskpy$jgsFdcWUIZf~W>ZmeViYoWAMp#eaZIaoUE-`Nboe8E~ z|I$d^a+%6m2cJYDqeehBQq#8h{VcfPUJ#g07PPUSZ}l=!zQGF34Ts`UX5g!sU}Q&Ti< zMxrbjt4VKcf=h+M4g@leYjvzTKya6+czqj{)O8%KE&Wub&Z^^G@je>$iKFSI#Bk(v z{V{UB_3zsCL^)%E1SNoTnrh8b4OhPi)R_-a<9lF|X$kE|zv}|=ty2iYmz+@^OKJdy zoMc8CA9m+M?w5RHUqt?@?cBd+@hWgLqC5jVKW=BQF-+h1hHyVr8$GrZQB zudvV_n+ZgPuyJmx0jL*sF4veLt*;rQ})@_+Aj3S#l{-xCj7p|xC z@qD?W%DuY?F~ZdLfb0RmsRQKGz>1ez=wCiW%8xq5lm${n6NpW4T4L#qQl^LQio2kEGlLE6{z+;B^G4#jjH;Sk8jQ>}{Yk*p3ixkK=FX;?bT1R;!EB`Z)z5$0&f zWPkwte07Hq!=Nr1q^{J$YV#aOgpKO7wo~jrwc*UyLo`BmC-M_iabb|H8}+-fOWL;H z(DF<1aTz{*8F|t=-6(w1`HR#1990GqA7&*$_CH;iOZI=kS!ryLO>Xy5>x6Y5DyZwC+RC=j-i=BpmXL$;Bxo+GT_0K%n`0 zZqDC$Z>0F=(u|-^P=!m|1FQsmmixiekGz~cR5Kco2t|h45T;O~v*VSuMRBZE&DOO# z{zzNN^vaFX;`0Zh!_&oXMky}uqbt5{yQxGJdwyX&cyC=;e3~e;6%?q54jMQ5iglE) zzOKrn?Cf0pnV`nZ7Q1|!BeVYX(tARN5%OYm190YVJ18_$Utq@TlDjYYkZ>Y2KzG`n zvr*nBMu~TosL>tH6N^-g7s@js8|R_2*BhiYCaPMrW2iJGV+J@T|oGO^338bt8th<`#=Q%PW4 z_L{!Xn6`FMX4@F*A8PTpn`eA0p(IlL1s2UZ7M4k*IXm_k@&?VR&4>~;nxYK~jkrC@ zk$`QeyT7v{xc$e9dAZ2S&&va*#zFtt_jF(CPN-p~#bcV6J@FT)OoA#N;C!4E2WsE@ zHCg<^vW4vM!7nFc~R>Sp}Wnyg$ z;rSs${axCiS%A1S3F7R}gDPm?eL+W&Ng4s1uX^2Bh70W50$HuVM670U&v?$d*%yB< zO?*AQlB|Ig0J<$4+RuwO@|GJjjY(3_dy0p*wXJ>6XCmN&mn>E{rx8@zV~k_O$@GA^nJRi2(iAhvR7qx?p5ro40cq(txO#_ukTr zUS(+}KK(t#udeN3<;7AQ3f-v13WoRC26b{DrYstZ;)bOUX&g9*>Ypn_0}qm`kII*L z0Q_I0r9!TE^t%3q!?rn)bB}sRyFI3dS+xDtNMj`L&p;E(kbzI>P&_z2CN$d4J|yc| zwIES~RBT1WG^iS*<3*lIs|82qQ?xB8X3Uuroj|RhgD~)JMaz5;qtjw^%`Ud zTt(wb1@^|r?41aL4FAaBlrkvrgX7%yPUa65_)+!_#$wAi>YC<>LZCF_kOS{p(#`7n z#dh7fbQ*jQ=)e6|tXCSh@g2e1_8g%HMe@BVe6{tZj!tbvYp_$ZVUss}K^X~D=P(LmD`YfJsDV&o8x{B4hJ*xiH zbMiFY%J`=1dHM}U8-`zC8tx~VLY(BPuR3piXDP(;^l&|~wI(#8ZHdYiKXzb>6$pG; zU-M<$G@U%;{2_phS28aO)EaTzcqoRu8qj9wrRo)Hz~)yoVq<>`#L<8f*Od^MRL`{$ zMCQ)yBBFs_jOivRl6XG@GFbFECh5_sKbxWoub^`aupGj#NRdvu$qQ;^H$z4$6M`!t>UdUQf!aE?BEy#Lo z0b)k228VN2!TX49q8RB}IP$>~>_ym#(bWHldU}1^K*dzo2?XQa+B=P4fkmosA~CCk z;P1F(g^>vtp}Yf5YD+c(;(;fS3`F!9^dp;eUF3o4D&fZnO9wW#IsC<(K$vAJaWcKm~99jbJI*>XK2hNOT#S-5XR)63_ z)AW-!#Xs(r+P8A&FM_7H6qM3J!M({H#)>njB$!3Dv0xX%r0m!HaUO)cpVbl;>mrtD zdbjqmh412?_{wj1Oc+FR>uDNB6ICM2trW|%R3e8n)-J=J5j#JUvHr#pa(|Fy5%4J- zt-@;1{oe^DPl8PR$fMft2!iGaA=uh38>CQBK z1%&3AoneV1@Mbk(@pk?b=y>y3=xrHKk|Y@f(Y`?n@;qT)_7e}~dMWzL>$0C!_m=g2 zW(sObj^yhBnr_$JuU`UwXu_9IEpN$~VRwh8021RG2HQ0Uje6pSTyg;bI$tHC5S;ay zMBdU7H&yqRY@JDU2k)p;DF$<`IpKS(1L1&X#T1dX11`{FHnHbmwXoM;^{k!t&F2uc@v{HvnOorXS6QK$Wy-`U>-;{129J+1t0B zkOJnoBBOJ6vaJTNPITtcCPE16NAP8keLYO`j$5tHB0g=i{W-jLNmvE%Hvp-5HZFE5 z4tzkg3xJvMs+PJX{jTE$dZ4JxLPmPKa9Qy)5?#U@Dy=18ItYDteBI5A##Qu{N0~vr zE!8xz1u0KRsay;qh~l}bnZaSwxmcmlw?l6f=D64Tz@N*Z~$nyF%7$EDy;Z&RVhWI{&3kC1M#vHZguU z*(Qy9LR!waf5Fs_#OQTrf|q^uYUFQ@(}N?9?+jSTk_tm!(*HLPbfLK8(csmDQ|P`% zjhIK8DUzpPhHC?Z8!iR29BfNOV59C#Qnd*}b&(rY>q%=0B__a*ADF;+eseiab-iGPsI3O-_NHo#KpkH zAB{e6+wCVjZ;^j@=#V5wiAwboOsEg1rnw+*2r!e5#A^(q*6^-Q3{K5pWBuS(||NN!N2xda_ z2%H)g_~6q`7IMy#>LdMn4bzS_D;SyP`R#ssZ{Do^|5Wtp)T>}?-BsW4YS|v;1rWc2 zwGz%e;N4IrACn2-$O&+eh!A}&lI z(KZpB(@IzO)-y+cYp=t5@bGmM7tNXl8-T`}VAGUCNW+l_1q|hlK1VWP@NME+KL)^c zmF$7zMTBz?))-?)ybh|D(7x(eTI$gUryl$40@8*5CYsjfu*Ti}K4csb=p1l73*+p9 z`msQa)iaGacIEo|&ue+OgI^Z0jx8c%!a^cao=Op?Lg0Tb&VkolGekIfH!g=0SmYH{hq+Sfl@O@ii zYFI7Sdf77+O(zZ)XyUp_g-q&`mkg7=X5Cd$0*Q2wk0dgN5-5Ww zli}9&Gsd))z-1^Qr2wT}PP_21P-E*phN9F{(I$Mi6KM#!--MjxD3$=eKz9>y!dv=h z9&?tEdi-x_Oz=VOq^MYg$S4Kmy{_iZAwkBurV77ULD+B8wWA(Y6d3CmM-05j!WReW zzi9J)YFun|_pGWMiwh=oK{gw%%4;QTRh_?KiD3BO-7Ugm-fiQ(mW( zug_F&C_|E5%SHf#2fpEg7{*ak;jqG_=s;C4L4`a$xgRxHK@N-W6URir5XId77}AT zm6fl+v0AL_=zzUYn~YOBTy|L1_}0x!GV|t$_16BkPD|P!AFx7B_Y0fBSG{_*Bn+S^ z$Zns}hFl=bFt6$1;6VxP>HJ73%q%gb&j2r+*lC*HkkOG`z?ik}JMMbD( z$oV3aG{}0gTy-u2v`V1kz&$qICOXpKFzMd|m1*2b4()YgY|m;iZ@?$38#9zyfXq2B zG>*Tly2pymz)ecHtldq0^8043mljeAFGkMb`47Q_2K@=Sf?Ds2j&v=bd2qYkZi>DM zP3d|ds%aTP@AHC6NQ@?)#E|AI1ooMF*&Wa1TL%Y{4k5sRu9_?;k2;UIUaU9Ts?@qF zwTF5pAB$Flok@NKI|D8$3A7yREbMz&e{hIQBT)hx9Qkg}HjWIH@TweNqZij8rb)*|NsHX?^ zDnRMdkk(ba@UC-fbm4CCz(+ z7*KPuN$g|$uCH)nc%h32M|1XWyqJgf$hIuXH5x3lY6TNn^ADpw-D4S#{sASOwSIkf z5M_=t7fISxU^uiRDXW$9U^|IsvwR&48l+BaZu$9A3B`RsV3i#z99Yo3w>{_mA)2d5 z_T4>>wYtXOX!_IZV{+O$XvQU~?|Psaw#7J%Kf31;O?RYnp&wMTSL^mNxs7edTNkvD zH-%^R?=8^+#M1R}>uh!fP?V4~Cd6WrPySYP&y%KyNX(2G6?#~CP2d>qP)hQ?XfsiS zmmtJw#ZMdgCsqXwUdP>Mu-t&@D3!ZzW!=NnNJ(IE`%tUTCS`mJd*=8nt5-)6)2A?) zD2m;J!I(EgKJ%-x&tkL)G9nm#f{@ucqEs#ZnhXj72x5h@@L7|Wr~F^j2V4Y$B0%Sx zDD}?y%hmd)g(0f$h8P7rIZsg<&u4F*0{B)=?^!s|lSS@gfo-GI9SNNpH39>w3Lgrz z``i0JL*1W66@f1xTh<5t422O)!?aNC#kk43STUV5$Twc5Ih%T*5>lN(l!yBfVJXf6 zfs5{%y!xd;5%}bS<)uL>%kYamp~fFag+oL>|BdA00mC!vv&d6I2?s^`PvJYYkJ3 zX9F9?Iee^05MMep9CwqYXq$398s$A0(TQRI`_HwrLL3EDr&h8Jx?(`W5(=-s0`gpa z#&C=swFYboOp4(~Vevojo%ZSSCi63oNejT*ULUTnE@ugb8s{hET#s5q78+O9n6t4o zStfeYB8QIy+5<*>9K3(nDQZ0EAf=OK!uNgWyC%{Hj=Xz$`KQ>JaeJYeg|c63Yg8(| zTc4^o8SFnwHxqf{$+0}}>7RO`A3BT0dy*AdF_UU1le^Nq9|DC9-i6p1wv)*Dpbf5; zCt%7ht5jGOsht6*^gBx7(jlr@5x4@0RnAc{1*d@u+eq}L!6m6g$@AvsgQ#BU7t}EXyhUNbV56IF=!*Ovy-$T z#s?f>5<9=w4Xm8CoG_r!Q0F;vYs-2H8pVr?Wq1_fumlam^Cu?f^?CRi?RV3T3J7+U2{0J$2tZULnDaVE5ljRUCnY151g(StrF@ zujlZGlGaOU2#Jx_X96swwAq_MayiM48V&R+50-u>aNjm_oYExl?3$EDISa4YU69KeTeRcOP($AC|X|@B><=UV(loAd4}L+ z)D^PCv5lZaJK@GFkE`SjEY7^PJ&_s97t(z^eFXK(#+(hW>)FmfF*k?shRYEVp!zlf zwW68Mt3tJqd9HHKSnrK`*kjd=yU|{T!TGiER`Sc!Nx=e2ZE0`f77LPnd;Q@6OAXJp zw)oD25k!=ndhWsUBub~bFU|Q)QPWATY*7zM?MvR6w&^QBFI^5Lw*2%=iGV%M1$v%*eFexKk@rXfV%Emg-k<#ZFZ>gBm*g4>V6X`X!zjT<+@J z(0=?^K6<*7cV7{X!{3~ET~(Eux_%keJj&HPDK6zbM}4~c1E z*|{wH;)trOE=9Q8>Cp6Wj#e}gf2%)~=D}4$_0LhR8V7cUSfoUMGBz2aWQOWNbwE-g zcn?7MS$e)f(avK2-}<|kxHoJbK^+Lx z@63M#FOF#5`$@L`m^lMjj9W@m0C!avALKGT)>{0KHy$P2Tm~X9{rRUb;An8xjKzd&t2jf3;Ofn~fE6{!djIsW*wqa3I9|<$S zHKI_`x8^E(hW4UA0!z_bw7}HnHdF}bNQymYL)iqjiY1Q~&9c@7os4{wJOUU<&NdW6 zuh^v{AYo44T20!VB^hTt8IpVjU~4gc>YpI~?WZ9CW@E#4i&1j%rL1)c4zZGrmq&75 zVta`Z6g>g>FD=jBDxbv@Ups~-%kv?f(?Ka{&e%O304S^Ef%G~ak*z)73%-zoJt78> zPcHTAso^|Vk8~Aq*NYXRrLH|T+#y%j&_=qgK)Ik_wV$YE>z3(o4=jl~Xzjh6#E+ds z=A^uNB_#1gKT+@hyG_bAg}9o)8GzvX6C1(j^r*)T)Os_m|Jr@Osrnf$~-hz5;j`5jnXprpZ=@YltQr?(N zp*|o?)#QqNXFJ@VKpPk5T!7QC7Y~rz*!xs3G=TFM03;`0mbW8pv4|5&A72}2n}BaY zFb~hVEBM=fT!cdAa#GM6#hUOSxCfK;ac{0mYSoak((Cs^WpUeinhkL9m*&_*;w*Lq z^zB=@jUtlU=e>_CeDp>6Et(8gxX;);CO7B-z*5@KHDLR^R>%jLInBBU@bIy!c?1xy zTicQB0ja`fKrHeuWEdu=c=Q(TRW-m4kKsvcKAY+|jt9%W!Li%p4a5cq{v7`Fydfq-lHVIfFhg96S=O_cgO(VopAWjc9G-s7xo$iXH~; z*5I<-1_us<;#Qvv5CaRilt2`rDB0h;l{KzR-tg*1PF~?_W%UbmodK*Jq9&mqya=OE_n!ZALXCSnZ+-f~XPU!5cm$e7+QXvR2LWOp(0xaV|y&M3Zr1A8w%lwCzy zEDu3@qg@oe&{c#}BnkaRn|gh02em$}Ugj0O1I(H3Jc{#SFfne`6gAeK z%6VwK%z38o^@fTjB{J?~JoC9hSO>!yUJ>Q8Fp-D9I#nrnOt>!#QR2+#&IGh|qSlb%jHvwO9S%{WSb*L8S5s z^4r;*uRX@z5?`>VaI6m3M2;tnU4rKLV{NLZN3F`MFCUMJWr5n9)A85z+$Riy1jxj= z%dZve81D0%5BwC-R3}R%O}u>_(^yodbApLDw55SO@g6w3*+B@n9e@*`Medj1wN*rm zH0ezM26(7I;bzcjDWd_!kToyu{-7}Zq{JNMfG4$-6HtA6xpaQz3(MG2fiQ%nJ;Uta z?-~WsFF7S!oqi`~qR=a)9ItzGsTGqK9K(iurt+&F>(mgM&%nZt*! z9nm{4*R{hprZ}Meg@#`}QIHJq#}$3GmULr>r-W*>F4x_uLatHlwzatvfy|t+{+vit zuR|a+JM-0@ebJviI1N`awQ03`fIrTL<_XP!(G|y?%}{}kqWZ753Mq9~0SHb`KBj9F zr5g0X8bt*VODNA+J;CV(JtN1Jp!X#yYe>ClM;O{HSHgO$SfwNwb$$pYSak#KL}gs; zoN!FN&s1Jh+J1#Z7`>6s#J%eJ8IvQS&c_p@ay0K;c9iAvWhb4+FOxo zSPqW#lr(JRWZ=H1-|hoYYt~1TdDVH)*ixR(;Ykvh3|@w0n10DmxDg!j2|Bzth6h8Ee|`ufw?|9ZiF0c_%U zie0)5rD_{!ubAM;)P5S%O8|xkQwTsq$yv*J3r?!vbug%XQ32w^Ov5=Fwwngxv=*}Wwip;V(8sqs(;r>i=0};WQquUUYC71@KicztMP8sQK^sU&dy)YWiHv&L zYv2#(C#%4x>Tz#dTWo*>eL={|&^ze7Vo zF+QJ_#_vL{Vso<6eOO|(tRGkEQdsH6NT$E+-{K3t?x~1DWQ!_2oTzgKVp)p!yDDwq z>F&QdQ!ZdiL-UNo5|Faoj=jGH*a6xdhdeG0zBe&0pNUj1L^4{0-*)OlcA;!9@@;D} zMoJRLf*F`)fo%`N!lFi^y8KJBjEP`I^LdQyZ}mMRSE7Ej85Zv{4EkiNz~Gl05QFfr zw3JJGQw7jpkk)NPfUw5fP1*+ZP&G(NPv>>Yxx>f8R&ft|zqA)*{%UVH4-e3r=|Fm(ukO9$dj5_%-d|hI~?MXx3(Y}#Np=tY%T_9`_p>P&%8I0yUz4fjqN+<~rVVf2v4*s& zF2_j`P7hYV!@)r--4sZ4mI}?pX5C)l#o#}0BGz3fu}wr3v1Zc017bv9Lf5*+6`Z3% z-N(V#lm`Qdhr1 z;RE2j4jIV{9RdF(tfREeL*HZ#NbU@11o%Gb^oO{Q@Qxfg$44tIwi!bkP7#`2_)57w z3bmO*9Y0*yf^j?aFeYxhiJC8d0Q=L+Iu2ei9i#}GSNtsd7`;hU!t^18Tt^homki$R z$SKR;-%j%_P+ecOjQ!xTT4Vz(7ngD*(6y@y=^PujtH%Gp{}yt=!9R;gGSxRBL?uM- z9<+zdHAq(mn{+IOC;Hb51JC*r`o7mINH%1Qf_BOx{{zC(yWd1{H1==_%eR?#xy>%m+(niH+l6l^Cl8Ot9u=GyvZlr$;UE7&qtPH-sU(k!vWRK{~)@Wo5Wb%ezOd{V) zxH(bGJBGxc&2}9)=Ti;8@0=u%F=AKPOlY3yM9-?{{H`h350HV6snad(7Ncb@aoMu* zyY;Q@5>P`nrg<&!5KpE#>x9jT=O)$5>W9b5wD*p#%DQjbMeD@^OC|0|s{sb5F*#ql z0Vp(t@iHq*kg{)cQQbk8ZIPS`f+LmeTN}shyMqcv2us@DG2IcUfb6v7OXCllwK84P zID9SodgmNylKa;Nj+B60|KzEcC0nJ-=D$DV4!@YXbOmjcsE!;Mk9?*o?bew$D40ZT z@)x@p0#1eu{+ z$vC#4F-QxMOhxQBWi(gn6(Mm~9$`tCw_j*Lgat9WP6fz(ze8OUi8H+#)dMcFV{e@SlDDIPUG7*xtuK$VsZy;RmpkA5v?er~O#{_uktF1dPw zrU(rSrCo4NO|L)fK$owFmQ zH)3JJk*w7G5W6bTHbYr-Iq;VUx`BQnhPnLl z1c`<-pg8=GRgFpSx{KVvGKm)n7A~EO{tSV6KTpTQ{DP^rndY&o>9!I|>&fm=N+2v~ zOe{KnD~Fr}v80t*QhetE^j9Y5Q(+~c$uIwyP^(})GfN%z5x-Sqo`k44uxb)lgC!n5 zpE5;jvMGFpC(*;ESqt6+EwzpE0YX(62>lN(bVASH?$&P7#DH+Xx!H)Pwj`FtbZ$%r z(sJWLV&g_BRK1=S33QLt*H1@3lmOS4o`nw)Jw=qrsNi&~EvuYJl{!6y-(Gu59a&e> z&gUM?`dg0($708B0o@JMXnG!KS$S!yjCOggk_$vq{iK^)AB^fOj_QW`VK0IAR7o~2 zIQ3^9SL8@@)~!Z!KZ<9#-`y2~K0CBW=e{kw=1t;ll*1-gDa_&$TMQ)Z-1+hBb3e%Y>=|z@hh~`49 z70LuAm<*juyZwtQVewB)SBVwMVb#a_*sv&+sX6XsdjS+j!sCI9zY(lR=q+0_Tv~@1 zxwkn29+Idnb-K^Jum9w$IEZXfHl z)Kro7VI)caFu%%<>|Qct5)}CPoeG0j5YgZMK(f94UELPXf`n8xh+drRMf^RhEvRi0 z6t8s3$VF}Hr}tu4L1k7EMOW*;oPd3vO7pP6#O#4~HcV^1&ce16Rmoob=d$*-`w^)L0GR!7^V*i?}a0GuN zAA7o>+Qae8adz7G`7JG*5?)k^$GbU=Z|}xMZG#`j>{(>(e9As@04B040>pOD_PN&z zDS3Y=1JxrVoxtLleJq$MF*7i3F;Fb9+(poDgmVkDeQV=zC*J@j;RbNUWB{?FDRPh*DnsMEmuif#nKb&^hIJY4{I#Cu%iAg7t% ztADQ_Av=F&Ph3`&%MpjMv{pLk${@oAU+1l28%vXky;_Y_dd+-U4@kzoNDBw&zyJns zu@MsQEQirW@i%?oMbnMer|#!hrGTD#Kv*fT@CYmokhXT5^nX*`Gj_#npF-!l{-lP} zZ0{bplNwDl&PU&H6s)Viyp%@2nHk8x%17lzZ4(e+!EccD%2hpFX5UTOp#wSZhS+f8 zb2cz&Z}0xX9@o3i)7-Is|-ui#Zv96xaKP!_QlR9vg8(N3-f_Qo7&JHXkSL+|*s)GUZ zEez6b2O`CW^%3lQ_r&WIh!zPxvj*$?{pD;2uzOsrB^eTvLBFrliaM8^>j z3F;awvI8KY+|A?;+Rx!^h!Ll~tRz$PhKM4gZ8KVMZVTf#CwC+3o2ayfbpHdnssqck zCW%qYsj)+LE=w(3rOtr;COIu-Cp7GV-Yucximvs9qk(^XC*t>9*<$lSbe5NVYinsC z4<0PawGh`nq(%aULE~sN7Yc@Pe}Og72Btp#rweWR2xdz&IU!TNt07AYC+mYlqDT9U zs7`}7AUR@}GVgW}W7u1tAza?s@%JE+CoG!ZC+}(V5IWrxd@hIg%U~j2le-~|fu8(0CxpufWf6y{l`Bgr$qTaDTq%&!-4;oB+6E(5q-}d_6{uM96CVBD9IZGC5+43 zy;!sI^H&EEgAV^>BXoKPq*X(RN0%7Pp9Nkr~Fq9_h>I~Mz8>eDGnCTu! z*9~nuquSW9#%JxG>+yMXLCE9sXh$nygs`H{Ka(xLnijc~{NyeU?O9p7m9AuZ<&wZZ zOz{{R%fBJ@yuWa2DZyD<8bFrV`=8Ro%|5G=5Cho$%)TbZ-df&Y92$_`jO#4b@o=?uzI>AW1Bm+8@X*RwG~H(`psqJ;jO=3cTbpe1$$O$ZB9=wq9^Sq~Pgv zGUjL^1;lT8IgGQZo!y1~W!R5W%@EtkvspXPm#p*05+5B`GL zV)pL0$x5CWlx&263ZrzHsh|C-4&fZ)lwWlcAtP^Ar>U}0O~UUDij=u`(gB$O>_TpD zVWdj^>7N@VdN;5|f<43Fq76ZyAXlXzAPTbkkiEGVCt-h3OJ^{P2YKGqIkNISR5r%H zaF)O_53esNNf^=Ncw_`AMq4y?w`Gl+4j zK)@gMp5^g{Vl^9VBgX`DVoqm&Adc*CEo3AQ%uaxOft;y)EfzJ2>$kYc(vI}SLPfq@ zjs0dYc{b=-N?M|F`vS`0=y28n@ko~$e7+f(@@UAQp8Q3il4Im2#&yG#QO6vS4~$)8c-z+w%2n@aXl{})Dz$9jgD*Q8GEdb~6mN5c|_O9)%V=p(+O?`^gJa}r!u%O?S z2!6eINFoUzarwo4#1+C)3lI9dzqt8bw@7xzFP@!7!04qEB{x6PYb_w3@^Y`??l@%< z{Pl7h=LjaX>OKi!8C^Y4r)i_<&v}TMboR<#FN*0c&?_MSXQ_A_s-u{@Ck90V{FB~L zquorIV&k&Nb_x*fSR}c-SDHf>Ho~oOXdu!2XcluIsvg&!8(4IL)*Xyi@k64JBFYBO zZ0Cs2lP$H&UzlC{Qi zfUW2U9MjX4q`lBjHPB&6!@axh6Z=j{67ep9SAg)$n)U!VnjH-*-nMB}$G7ov7+-Bm zd$y7A-b5|^u@iH*^KGs4{9mc=0-0QDE<{x&k^CupEZhw@w7a(kO<=VRC#=znSumxV z!d5GZJ15i9>5StB;An6;0k~qd3kP6D@&w)A+vek;;NK%Zp5=VHB2ecP0FXFlf+mv8 zg$>@y9H=A9=`Y+bT!4}Z0M>>m_)Y~xUV?iXYH(2-5nfmi<~uJNgcr3aQe;O)QG~0< zEX{Bw&NYJ`kcR+|_Kgi+MpX+(2zHMi@r^|DXs@FOnma8>g}Z1N-Sb|oG@tzOd<&!8 z94MQC%017iX&6M#RbnO)N9(Ffei^W47F{A^wYR@FZuuO0p-+riEiu&3QD;GBXoQ6r zJFMD9KF9`b$?VD0q+R*ry6!D52mLZYVI8{=cVWU7{AWs)xiToT7=Z|uiqRhLM7^xp z?gNAah^{I~vhuJdgIS(Yt_q;P9iC_Gd)mlN&X{RSs$=|Pf80!ZiNNDR{`~@J%LReE z!%h)hpNy5~S#|~I=mlj(`*RXDCfn*DHJ8qb&_Gj(CN53N>9=TLXa%$L_ohIOrnL$- z7rKH&q&kFs3NqivK%NsC5V(oe@TPapirdoGnQOrxCH)G-qUT51nm!7|8&UqL(DvQK zp`Cp`ipR9xUe_pzq?)M21U=bhI-X%(-9_HQ_f zMj#U-TwhGPB@Xr-+9@YR_DDQRrG)YxuHWhp&M)v&{k7{QhymegFH%}9-~OW#sB^~{ zHS@n>!XAw;gMWd+2FCNR6NE~PR}aK2a(1~^p#IdG@@PMfkTgMO^?%t!P9knj@uyrW z(8#_P4A}XoNB{xW^oc~-WZAXRQtOV->8QYk{Tx$~Uj_r%*B4QMx zUk>YQq5AJ1;b7`>&okg)4z!;9Tdrvr%(T=T?iT|CTYpl&l+qel244onO3q?v1nBfi zhC~VT4N~CXj})>FhO~#$n{7sxubJQY=Us=A zX=gx@F0iZ3`u$i2NqR@-w)wz~s}e9ys?!`4zE9G}OVH!j8Q3Dtl(E1aI~LdK$r>#< zQJ=&TP}+>D-R(KF>};KVOC8xDqnK}!-Zqdk@8Ql=Tg<~dj(Mo?>;7MoFrf{teH}!% zs#@F7F3Gm5W#Vxf+f1l<@E2svydJ;_G)~PHdz+2rbO;N7JYMVUkMOTMW3o{r{_g)i zu(=o06OTe-1}w3mr0HHgYD%4=^cPIji$2-kga3k%8xaVraJxu2_M|#iF&8+;&~5=q z#jh2gs2(7k#0MC_>Or?4W=JUFj~hjQ8@S*IIElw3{62UK=qT8+RJVc{fIp@&uGqDIK*uyqnHi+tmmK{4PWW8-uhHUu zkwC`YKvC~oth}pY_dFnQ;k4pWH7Oy}j7QRXS)_?@f9^Jpq8u0h$e58hA(2zCyTGwd zgseVD0aqS33`DW^xD?)+siw9%SP>~w(q1H@$wJ{nPml^VcKPOCL#w zVSm!NqkSnNjx7at6Iz^UGehcomUT9@Fn3Rgb!)Ig1}lpzGeA99&X3st*t|Hg7!^3p zKax9;PO;r{oyR@N_PgzLzO_$rKL1b;Gfw`IiMt4%=~S<<=Oa$~8rSzx_a!2m^S-Nm z0IKt;$MI%PZ(7Cn67Qj}x4w1wdvUq?+>5+N#Xf1*CZOnTQ!W>O-dx3d)k%zw*`yZf zAscQ*cr?X)0P)?XCM-s`re{=4iHW13#YrUtdn8=$xK@RNqh@a`06Yn5jLWBdz3E`rjcFd>;tm3qh2IIahQVeZ`LJ(I!Avk?-`U44orlY#}h z!6Wn3?=VpraFl7Jp~!ZF`l7UQNM(KQCo`-rFLTdStjB3zYk4TTrW@j5vApZw*5mj{ zUV(dP`~-V%2M_u8)QS`hefu}iCt*DXE~ zo$hXOWoL{usgv7Wh;D;Os$2i*O7F&XYhMVh)%dhE$e>OO(#5*Ma-ze^z}tSdAwN!$ z=*aETUX>wY3q@)dd*#Rz*9nPzb)bC`NXwgVi$lZRscPNu*f@X||ot z({XOZ45LUv#!9u3>G%wue*aeOgZXR>)O?7J)0r0QmwI??y2=`g!BKq;03H}l!_=J{ zS~oJ-Lz!r@Law-BKNwuH%)QK9CWr>vrRT4uQlr9lsnO|kFMqJ|_2mf=%I~?Qk7$X) zmvSqA`GCcJgaSfLnTiq#Fh0)x6xqvdZfJ0Fv!=A2jrBr!6<&T??6h?xh$2iqAFQ%U zgVj4ARfQiA%dH+5Sb%oEgF$ha=}PkpA3=BF4U`QI{;@9|ChfPCDZJ6ks0}OihR3em z#KFEgjUQaduY8s3dvfPmG{v5uv>(4htHPwf=@t2N>h)O%elL_a18;F$m0VNwCBUKd zddS)=rQuyLLL{y$3+xcNANK25J-qKAOf;$BAw)b2HNvak@mH6tOeGF75i(!y98#Eh zIY6o0U%;<5>{AsO?qw|oL&e@WqToAU%pD!HuDwJ<`9WwDo#rdaB}2T@^aDj(xoo%n zH`jCLoRleM4C+O2H3AIGT#~INdkJeKAeuWwyDpX?7~CWH{bFF|%|(prtKoV;&-D|YAEcOaa|uS7be{fhUZZJL2^ zX?;gIlJko||^N2<*bjJ0#DO4e%az4HT?ItX6JM^l+AA^j!!Q^vNG`Ww#A||VNOielhYhJR;NJ$Qy6jB3ai50 z+tgWy>eN`3qxpeE$FeF|pP6bN(siT3BHB7xwv?yB*!CIXSWEE+2NP1TKH!xWD zmecNkx(ND@kaY1OFTyUrPqE?E#`Z|4#USau{W^cYdp*eKDpG1142dEmKiq7UsFLLsiR{_^T|Dt#M>;f~g& zVdiy@CxFEMX(25Q@v93(`6jk%zfF)zAc7vN>A<V338z_is2Q6M*`~&J;{C|y;bm0mklyR;W!bZ16G^NPdkDf{T z>ZdiWbU^YY9ABnj84BKW0`+6Kh|*mhH3@mV2oW&L)Bndewgr2cE)yF;An z7hM?~EW>~_vPPp#}bxpRkvO0ZIW%Y3Y zTq-WLdiY1AKyA_{iW=`y#i&`Gp9pV&5U)l} zN_oFRgze7X`31C2(Lyi_=T;N>8pe#NxE!;+`RZi_k?LL&?M zIQ+~(7}BDDTzR6439gOEZAB+4s}DZyVDn6pAd5nhN#s7;S+C!)y%uOXlVi$;)#FPu zSx+pGTnz|PkeghHhT)lu*spa3>QmfvYCSG-fPuwtvC2{Wrh{yP= zR-BMAn}vc7MFa8f85TE~-16;fAfJ!pxYG`o20!}O5Nx_U_)e{KnV>Jq=^Wc?QE`vE zQt3PMg3tnW*_insdm8qW!~+FkIMeK7Ns0zGaq_R0>gDYKE2YS)rDxi8sXH~!m*Tvn zw9XxSpcuH(7L$NXf3tC~30sNZ1ZbZ3_=P+gUSwCss#na)Lj9P;QuLJUIov5UA=31K z^+h7S+&dQ$>#xT)2{WiO$ittsZ{e8gUSpc$8JZ|wo&Bu91S@oM)*af}@l|M#qK?U2 zZxJ;zhpM-~-FoI&M4_DVMGVAEBGh;)WV{DKJ>F|bW{nF(sd41f|3l6ZmOP1*KAxfQ z^TEF-su!-N?zBd#vhc_>=64HAEQ>Z)#un28-^agJ-YoYaom0c|qANkFXW5Gol znOd8Uv9!YBvZCk+2zm^ET!CSIdE920o6d0Z-9A%(JL0?Z34|^f^&UE;wDq^Q(Ei4UQ-l%|q%_@dU>paQOr z;q(Hh^JoUW+NL>?E3;1-wbl5N$zRKj<_5oDquMPUHN|RU>ieg3|A|m%8s>P^QKUFC zam8|R0;J_<*++xp@jpwsdR5_3z=>cD6Aw6C)~RGfh*Am6arZK2(;FECO&);<@^Q^2xBM(Amf~Q4@oWa)fCnkWMYplti%ACUg^|S` zMxy%(s*#S;sB6mLgWKPS%GssIgxjs$D}+{Ze#qlx>m*tDwY9?S$M6XsRFiG5i;11V zFo*Dg8=NR+Ib4Q595vTd^Yt{)07tmnpSeeP6YykwHUCz}z&}u;3@DbBS~gm+1CL}EKVn< zN6jR;HV(ux!yxz263)W$Pn>i}p66>EZv_75T9j9Yf%ObF%Ne)$qgo(@2Vi$3jEWBr zw(Dau9L{X{R@H$555TT9e>o$#0SZeK+$hCbTKjv5D7D7Cpig(}roJrNIy=^G`Py;C zK3RU!!8HCeu4mMy^f=|iOXZp^Ux0q-H?9_*U6^3%!cJrfNOuTAvJ3iVG)z>s!kb^` z_7r){UgZbw4q&WJ2a!LdEK?dOpHovqVd~3INveZhAS2vRS1E#S9rJ^%B8bz|f;o(e z#CWDpuNhf0{c(xqO}x$})%T1wA6=qTV^Eeph{|R%ip7W!rqQ0>wxz}awL%d=iqq6d z<)hN!?;K(<6)S(oFj9<@WaxX>8*VvuRNf;+y@M6B(<4(MuO2Ci&iR-gv!&|qydq)B zI#;)GnbDuRFO64griA^I&&VuC5Fl|AGAa+Z;2M4^Ju7wkU{T?3cZxZ_Jzp&QwzH-7 z%E{J!9?OKep@sak#4&ajL_XTr3zeH)gPX(OrgeLU=?R-5_2!2*X0Y%KkSz#$hPG*S z-sU8uJW%gCEm&AIS!?LG3xmbbXwqu8aRbkv2(up0OHnZhI4=96?i_<}pNJ?83WNlr zRrGxwWITq^upUee{n2a#uA5i7UM`|TL0U@s#8-F{`Y%qfBjL$Lu-w$^GUoa`!0K&| zrmmJBB%K7AX&mT#_I%QTuMUhzYP>*m3%+;)uS5h&Dho-SKk zO))n*41pS!y)ux<5~xD)A2x1WojH)co>-s$*@dyvD1Nha7zu&7g>$^#fL5f?`Ru+R z)=;I%YDE*Z!#QsD>q$!wYrYfHJL|aZy?;Jv`h+nJR~1GY;=NM`cElZCeQ?=yfs)uw z3sTa`aQ%)9uWNm7xRah|AI#yOEPB0TZ+&Hfwas;G=RtYJ^fvIjDgf`ReSrlb65g+j z1aF@?(|P_Fx8HJQFwWv;=?%4`2O23!!Rv#$kd;$5TndjyhV=@>W_4O?3%joGl_|zi6ObaQ){b8ATqzx8C42A`7PhGBp?1+&HTVCqPyE z+$LxI1!mdLkPs377(QhdRR7d{_43iBy%4_Qa@?4Oo3A3ovqTpg?rIz{fRmGP39C>s z#hbrU3yjAVsc4{moaB|!IJVqhZJ6U;U`ax0zo7X87 zpci+S(ASP(x!IwZxpBNJ9`T;(VeW`?T(@M>n>zhBvG;Z`_A`lb*rYdw7^YdWj&Cr-(UXNeY&vOF(}+=WM0vnMNE( zb|`4aeq0Ed@%ffB(&ce^8sk9bQ=;-(>gPq?;&f&3k z+JJ$EB$(GEUXnM8$UMTlZo217uTa?qv1uQ`S~X3fFPTNPLKl2sfgh&${c!=hfmrAokV~){ES-(lJ{M5H59@0+R`}Fc_uYaZpK>v>yV!Yk!vbOo#rd+R9)^R#0O+L!ASPo z<8se6JBryt;7e}vyEQZjELo4Yyvsx!8RV!u9cLQj418Iy`1GX~}{LEhH+C2Z-ovY7o zVE%rVeNhHZ49i+|@JfvptmSW;=>KBx`2wbq?V7~ktb;S48f49*Iq>%s6jwOzS*)A1 z4DUT3GNSu0U<9QwxU-aZ-7Fmvk5oKQ=w&4WJJw7IH$+$4iMR0*E^Nnb@lI+O@G{;h z!@qQ+M0PN{YH;76?87?{aXOSf52y7suXeHOzY%C9d+;7M=$Q7UcT?A4O5!Ao{0LG^ z>PHw0ssE}KUh2DGj1J`7wmY>s8ijvO=svSx=*$<6jBM!fSY=sB2}fG%0Y!;|)Nbwy znfdx0TK0%Zr5%eIUm1oBBs?(K=W%1;IfWAI+Q=Eqcz%baU zsJ(6Ex9oo+EPqd<(0u1w@#J4dTt7dXf;oh(xWA%|iiQ4YaS`Bx9&}_)&WhEA4=)G~X1j;y^|_amPt?*4F<>qO7Q8^6cNct9Ym#nr0bx?vBxp}&AIAEJNfoiz zzbCB1>bV60eP?~jlee^G;hFP9j3qpVw;2mVKv6|nIMO`*R!de<@5@`MS357A`hX}J zaTwH|VH1m8pewkcb!@Ib^2|t+31%Pm;W()2wX`=IvJ|u%yMalS+m&XmWI>2uX=;YY zZlN0X>5w1OubVSo$BEq+x{kIpM0R-ouEY;USGj# z35N(co^dnZaS>Uil;J6-rnJNNRw`8tmO!cB@o z$U)`-tDU58+69#>qxl?tiMF`@7@BNh7?6;OP8dSp~!zO6vySh02?NB2P4`CIe9`rPmKG=hTz;^57}4p-~&kPzj8js&bWv?Za| z;C`9L0-R6}y>Hnap3u8G#I$`FRthEktEg0!oY7gMU4O0<*2E z(~wsk{aIhMqqP|r;c|-&SN%LWR&{^}wx4O-P6e8Bn3{vm%D0{9j~Tgrnl>UY9RE$S z#zo(UB;qbDRf$YXV9Dsgtzb&xd8fXFK4=JSV6i%Fcok^(lipTn18rLRTB^$E59#IX z#W7y>o-;HjoTjsuV#4YQ51~$WYZiJF^I!6sMvL8}u7F@Hw4^##sSuc?S*a=l8C&hH z<(uWK{fJ~-mC<+67Thc7`*VeIr@k$lebUx1#Fg)u2)ux7@#L2~Z=wnI4tris92JOHuqdejglhM*umCL@04+Zv7eU+_Wk2s-dL!PS5-=o-lu8+U|Gq_`XJ1Edd7c1W^jN-}uJBu-MmZV#FCnsCAEZvFxb9Od* ziKnXJ z-js~h_p8B2ie|90qTJrArqn^_V1o^GN-so+ETi}l-bR)dx;!k9_#_WAY}2|%=}7e6 zc1D#zX*zUw(RYorgV;BzL{ni(;Y6(~NE2%H8t``mD6&H0zXG}L2U9A@gTH8~uU@^$ zCfn+s==N0a;T9Hr#U5a>C@fz0b^5hqz8uFatnP`Y4k|o&kH~Z-9V+@vES}k)n@rNz zzhS`vZYcQn5zquYeUW!|^d&5$%u3UoDP1YePhnM*pEidjqSK&7j)}s5*0X-}@HFhG zc7#~zp8p@LBJsi*pmB9+Wo0<2q5HKN^SW}7N(XaZ;a%7sgttD2Vp9wn{in( zT;EhiNHsxKY@E5;6r3?qs;K6U*9+sG&d9di&YD_D?ur;53+RcGGUYz9>v@q@E_}#` z&ILBQ*lklk-ks8}s5LZp;8X?N_4jOq?>wvsqp9;%& zDvb$wr|Y(cW4*e>e^z*~=QB~E>IOzSurGnl?$2-pANZq93(Q{$;19D?xC1}E;y2ub z{92sYkf2X}TVEW+XiP4`Cj>6(1T~Ie%uHd0IgDZM@*Me;j!BjkmE?EEWKr9uxS|d2tR$iT_j#A7 zQ_xYeoa=H)=hu5qiwhxrGOt@9DK*?-f+~haN~axhuA}2^uf4hx9`TurEG8_QTZ0?p~B(#d&uL{`M@O|>t5PQeRtSs z`U^Ega2|Ox5}WUqbQ;ItMeO(y_sH1W8%Ao(uWf#o`0>8p0yOAx+%%xH2Ewl(C`%ZADYZ(g@Zdn9cvUu;>6 zShTWuof#gaV;?=tGs8@25Ii~RxVKcyeW)017N9yGmNLA_sc-)Rx~NTJ3kGj|KX&{~ zekcDoA5bPtAxSC}jL3fS(&%yF-!Z>>+M1ER1wivfK+Db&Zg0)3JpYdmgEU0$hi3+0 zjZ@&&(emg7^O924n1tM!3$)Ge@_0u5lUfF?D}CB7aT{}`YS z=k#W{S$&otPAVBmu&a}OOiCvar?>8aW;uM-ZWl}I&ULy+$M5?yTgKD|KbRV&K1Wo7 z!{ZiwfXUBhzJ@1E?iHZTw2S4a_j;-ks^Cp39Nq;%TN?MII;_Gqet>sapoQ=Gofc7o z!Mn*!BasM;RFE|_;{1FmkJ*BL6kk;rMU5b?8Tw3jW{EMUc&9l|6)jE*(CUu3CKdm+ z?1wjgc;YoWB;Eb)vuM7Fg!>XLc!aZzccIqY+T-FDuqjc19GzKa!sR_p`%WdH;^?t| z)oNmiaU@xHa!Jt1VYorG9L~YRSY)sHxH>Qujlw^z(TQhcGF0VB#>UDsGwUK0g+&ViRj{ty#OmD- z5>3;L%{o$!S#WhGu20DWy96I?PESxG)BMJejrUW|)HHVr8!L{@PypV~iC4_N6Co)D zsmFFrgms$(5E4(s!f!H~RJ`*dQa2C+oT zJ{B-OFd;Ar1_dh)0|FWa00b29q7nnCzwxR|mGr(-DXMVY9-hGj6f}&`yh|vVW(oC3 Re;9(@QCIbh0s{cUP=JD-=)|S?_AMs`OEu6Ggq1(;|GL)FK$kv^hGBAK zxAIYSR-Ug==hyZ`^CB-GH=S4-3csi0J+x$2D}tpUSQg9fgY5N$$ou1zP=u|qehZpY z@+f3Au^?H>{bNi*n>;N2cmSeWm-ouJfL1VwU2OBx$vS)PGMOJ6PG~kb%e^nBN~{C3 zTiavWn8BhU4P^$$g$v=2;v?ov%E!v=M@t)tVoD?s)x6%k=<-r2IAUCd!%|KEXdRs$7z1i>3F@&GMr4ta<3}K#Z z?A$Bt&!^@o`1!)M;AM8`XDf&@MfQNHy{F>8ErECyYB^%S_0s5xoK95V_)AkBjHP$8 zg>G{qZ`gsVD=S9RG~zlMtoni(O8BN3tD7RqI3RJ^L41H&5OhAFUw0Z5fjgW!)T!UO z$sWW&`)z{sSkqV@?VPvFRnEvDDrqBv;(pZlH0kKw>G+e@(ioGh{#LpjQS&WDh}V9uAAW6!D%SRuTwn*?}rQq8$4^ zH6aHvyJf5Ix$5lc*#b4{x6N?fCOBKr)o-7BCWN8tCa*ImkmCtrDVflYzRnwcUNkUt zk%sTWonnkmJb=+Z?PfN}tF4q=mXYa5a`lGXs&SeYZMetfe^g1UGDhiu@HA_aib4`C zV=_3@N=&yQT?p_o{n0Qzv0hX-Y(CMzhNL}dX~8y~s9DWp+l{e4tH-^|ou+O!cMKnJ zeX}i_x2C?Xg~yUbxEB0qPYAyAWGHNS!VM6AeUfPZpwr2%ffbHCQH7kZ1=#ZaeZlW6 zuGe*eGnVSfTCZB#4edbA!Qd8pyuF1d?`cf0z$rarop5s8TjPSrugqbLJmE@u<*91* zMqO>}ouNAnYm{GDAy*5+D8a!&eC+I)Ttgc4!L5xB(%dd!RTd#02!(#2=OV^`K|;&z zPwP|w66X-@Y`X_t{=wQ|Y@%CqYT`j6=XAEx_&K7#kikBG)rMcxR>wAZO9d{3hUS&^ zWH&bUn6;2jMQr4QXBOhR;9}L}oH6pqxP`79(Bfeu0iDXk`Grg3I>$WB3_PNG@vcGk ztKEfnb<1J~-zME)fsiAQ_YoK-lDWT67>B{8W~!e6FtvOvxQBm5o-O)TWf;gvk}IrX zDwW|X3@BWVVyBk@hg-VYEt^x09Y!beEWl_F5T_QDj^CfT#xGcT?7G`#stuPPq=D1P@x;S>$Fb(SFQV!hInxxdW~%q zIh760mup)jd1g*#xhFcpi}1wyMv9%j#fyefM(SsfRp^CIcrmQXzY|e708;5YNJxwp zo+S$e5PxiH-1hpxoDO?w?E zd_7?I4aLh$x|2TO=dFpXUvKVK zTX79I68dHMscrL%bAaZMut|dpn#a3zIVV*2hV2*=TOOUfSrVmii}-5J_#q{cwv0o} z*ZA8&mJ7-2y@JyR8Cff|uM zCzzC0DbW-cm!u>qut+AfrVmdF>p8q_Z2ngJOBStaP+ZL({f|(OMcmO}1h??#AOXOQ z6Xb)wms;nFUmDYo`n4ZUBPDRH|4B{(xFxg>d@7csHWS$NPfsYDVeUphAYl*vb7&$! z40EeT0fMy|OeqkN1sArNjKDbe79Z!oK`Y0<7gxexI|W*(s8IF0zCVGZD%ZiU;5B<^ zYjc9=aj~KiNep|2liOmVu|$sq5o{B!&v%IKM=n(AGsVfrF$A`-Z58Ft4T}eK$ZP1I zPjaz=|JqqB&LbiU*U`OuMnJyoAlq%7uzWGSB!yaV4W<5~ws<}e-RifGZ^GK0^GZD9 z1T`%eC@7NrFpuqVya76i3EkI=*oT&MnS)vf?Qg1KRXW(!*^Bn`=G z^9c7Dq~3*nxLvr|1N$m8NF6VCPCIRJ{q46FinWd7gf8U9RKVm@xHSkktx%M==>53I*+1)d z6a(_6i?0KrT!ly7F|CatDk}8CU5en_CQ58TQX?T|dHt`A&|I$q6$IcyZ-L@ZU45$e zb85uu${DfDp)^}5a)O!j-wY&B2M)yIzFiWVTA&CZ_&_4V&E`&G>Zqvt44Wc7FzC}_ zE63g-QH9)U4jC}YUFgkksa`FU6xaf;ff;gv$apZpX%w}OyTHk;uZ;pqvbKI7pbqDV zB7v9bpKmm|M-sSHi?)jSqfNzdb8{AS)CrQWvLG+y;TrT&;MCT>o*LdHC>))Cw!C-a za7fGarKXC%UL%VrHlx0$y44%X$a>S6i#x~(#ezFPiD?}dlSRgveT?G0TyupZtI@x| zV#zLp&_=q4;kwE|^#W^2C={~x;0C>?qFm$**rGvPw9Gi;g%D44_oYmuX){Rxra3W} zdVd0e#@!=Suw7HOWnU`->lt-2@uO0L+YE3GAgT&*a^RrE^e-pyTk152VOM%#&T&H5 zkon<^i~gm4-v9Nj{7?SRrB*GbybjH~Q4!hAJchWym8yE;YIK?fY?)gr7Z ze^lj_&7)h`z}Er4S0(P0^DgH?X4h+=CmDM5nj(12us%_+idsN!!*HqRoq*>tZZVxd zEpxy4&h!4<*%2;v{bMH4EpQ^!6$JdUrZ;`K?#tQakTBZtfZ+|>>%X+6 zmuR_rxvVJ<*&J)VmYqYAc-S4~?B$GQG?Y%B4E;|1jvlL!@tn^!nId-gY4swS+TCub zH?@&XmE@x>p7KOM3wm5U%28YI^v~N&4Q3~#I%cXy7c}u#e-`Si@8(|Jl-Xi=r5A$Jn<^&^A`M1*<%fR=6e*F8+6vlc8 zZ;-W34IWZX*I*98(+e`|lhayvI==Z-3EpCxwRWZt1n2i5FK#qKr94Wqj#>=~~ ziV z5Wm5+Ub;+5c0On%;gYbZWViC%SM}zV(5{b;DE_+eq}uEQiGq;@P{_OH#85kL`ZiPO z2tkuNY+MN-_U&7wzL^@Qnn5E}%k`k{0)@NV1HGfk8AZlBf}`y(#FfJi+?JEGNWpy% zBzWF00%Y|_D#+!RE#IQaS`WhL6cs|6A;h2+O?JIUvVmctau)`}Nd}@0=PA^(l2-9; zrmCA+`neAGW4i2@!pQD{JWOx!jg&@KV5O6vD1wy z)%6Yn%QR^A^E}`)5Jgzsmn|6gu*ajS*XjlE!hPW4K3Pm@ojo4)!gf~%TN1hcjm8;+ z|9z);VW4y5%BQ)Cj^ak}H-(C6n-q@IeJ#x&U!PhL8Lvlup(E4MRXd$JLND*Zku;vM z!x0%u0%8)=HZD2CUQs6geUG4AX z_Go8#>{dJA646i#s+JnAYeqS<;55bxV0<9RLs{5CM;%O*fJFMth?mmIV-lCH9bcBp z1pg+qTRM`8kK*nEfa?v_KMyF95s_ zm<2bqizWdz&|7|@b9(=Z)Zz?6S``Sq<_~wv#v^eo1ZM9cKw3thNyJlkN z5!^KeNY)> zddbSh&v$PGD2stXS*T$D36bm<&2@PaxHjDI_mNf`(47}?Si>cfdoNSfc>O)5xC;jeS~cQBoj1su|J<4etXl<7BmVfMM-Y+2oP;TJn3-i1nUi6UiT zAZj=DiWlh90N;Yk%$4pYfJQMKkziYhH;8YHs^%T(>jTpK+v)763;9F%0XtGe4x{++ zN>aD>6ghkz`+87`JT!QWmkSOa(qiMVdqQ&>dn>j?*1XKq!>I+t^ClF2^rf2AZ~d!ehit(Tu$|88W0_-mohM;@JA+hCLez=8(uZ1=PdQ7Hn)shxq5+TJVluH3mwx`gDY4 zQI6A1eGF|N}x1me7OSYTX|7`BitWZf;7oIRqyhgjvi#sU3&5zdy_E)LSPBdd07$WH(&H0fka2&(Alm)wL}Uvvp9gm@d|e|gP^yYw4; zjr5<+jS$=tAIa>TCkV6F=Zx9lJN&{;i-I^L8ZPxaPYC-kwDdIEFkg(3z?>lV30VNh zp(V1DOVK_l05Fs7*_s955BYymrf>GVG2Z&dhO$<8WESs9f=$p^WAk%C3%?|np6_d0 zNr-ny1Pt^eyWf(pSido}E8XeeX)nAgw)|J;Fj#z*(ezme%RB(%b@+y-EU+X6m=j`d zvODhF`iU0H>-AgbymLr8hOdN&c3~8OCpNk4E7{qk$t;5|QL^^UFXT*m=o4Y{Lc06> zgUOZAkPC5++5{Q^^4y@*(rc*bU+ZN(FBB5>+mUTEQ2$aWJ#`f|-{Cu;GZkOc&p%|| zG2ybP7@>>cZ!XtjxeI+-sj8F6qXJ~*XrnrBQ$ODDW_Ytr|-Rkt&@LE}QZ-W9!;iEbHeSPNFHn{hGNG&BsydP>{- z!q19TC#8PYiCxHuAxo_jXMc8cM9dRo1tsl5BR-d=#C%!2%%4t1scJf$joWb(mx9Yz zY|0cvH9Bl!sTWEVPbpyH-JgQ$7%MN_drH;@^qDma{mFD48g09bU%*>MuA`Ku$o`16aGr0=E{l-(M(e zP;J^re1IaG7$DbVKIW)KNnfPDYdj!Kp+6 z&YbdM(enF^kA+Q~qCxR6peLaz5$X71tnm15w1o)Dsd#DNQJ_Jszew7*$fcnaiXb}S zqSn@m@n{g|0`rw3IkxK8JMi46_->wze>p_=_8p7RraT9w?^kknq+WphQ;Q9Etlar= zKAfB`F!%&$@x21OEAC5q4VLJ&)KFAu$RQdtcF%apQMIM9bnQ$U=nuO1x#kNHKh|x> z7W(z~BdMvGLYSe}Y#I8)N8c{iUlwBJ_xT59;JuqP)Z6^!KkceRuw@aD1uF#sdQ80J zOyTAFa3w&e+2|(K_El;|sa#lO^|OQ(IIJ$HGY{Q!CZ*WdiWKAGpa6ST^FV~71Qh%3 zMu9%{CvJRF>e1|VSGj%hMfm@L(oG+hMhwJd!ugl8TR#0MM+Dpwqzw(wpN$``QJ`fZnZL_e(UJ6i1A@L{5UfgVaSSm8bt5b%U(Cr}fw z;V72l@Y?nXX|nItuFhEVc}+Z}pH2`Ch73hC#26+Kd&Kf+CcGbrJ%L3sea273S0hrI zS%TH-4xwnkHo*KB>L$!;S-)|k!pB$+Q6 z5j`v)`pEz9_^wG1B|JTRh95&oKh@>K?Q|aDc($wkv$h5Aa_72BzJ7bg4WyT66;k5v zH2c3PWBHoAJDy6|EIJrm?r^?3=MqScEc2s-4?bL0e>%t+KgkMVbCW(rPlD4y#!h}c zZOR^2VQkVD;yS*-#wCS=@kai1(f1e_5xaE>xp#+1)Z-4GwCK>&>3`KtUsXRz6f+`l zP%=(keX4)=2qAJCuDd|UY_HuXWBgH_FH?X8C$dT#p048JLNbEp3bYa2L1oTo;AAp& z?j<3DHI2-&Yz-S|weqD>hNJLIH+nlp8^tq@<4lktn?(*441EdHp~PQ9aOo;9&o7Ok zg|iEF6&IvZu&EP?*->kyzqHQOh6+pWXJQLe*&a+tkti@}p6ik?q=ovr{4=x)<>z{H zwfr4~^X@Nx;Pk9@!O|i{H~I!-Mj64WxC}#x(7Rv}NTUnSvl)#8h(mBIEz-tQ-gnI2 zj@c`dDI$mN{-A2_|Aj6J%>2Fx8t=5p(3oZpi1(65Wj->MyCO<$MALe_BAJ?}L)m=b zhns;=0G=s=iyN*py)}c3HNTIJgqEFrdcRt~$k>&g*!E-fR@59>%s1YN{2vAMj-VtzF4egiwM~ zQ#>Xkjv&rG_Y9;coqZ~D8$3YRLR`dX%F#D*Y0(O7teKE+Mw+X0`>_$@vJShz&22Q? zx_o1{qA$A3=h_*D!I4@L%OT=Z6%FMho~<-*t1ZXQ@;-l=Op5P)J-UcPV!cB zSM(C;IQkW+;nNs#!73ceb=MN%lE8wJ7LGw!Zi(x*DY(P^vd{uOe|urLO9X66EHI-7 zDXR+Pjc{E(fncg(^|;wUf|{Nv-ND&ipF4wO^xf)r>0_z+$l@brlgI^=O$pAu=y(oh`=WO(1W%@ z89_!8I0!cCS*}uFt@_ZR0a84*Keo|C}Xr2FeRnE*y<5~g>}PbPrUyK zGYcbH*S^R8P}-1e1`LBGB7&CTn(NGDemq1MJ6i|!Dk!}JaL1dh@46cfcdyK*5`ROrBZ@u;Gd z>vRQg<_nr6lq&R`CEDh5-EG(BJ5V>do&9YEwM_eSC^++xe7_xc)U6F{jO5LkJDf1n z7vsQ$;Tm@cDuS~iZAWOf>$NO}$-ce80C%d89JcsD2Oj zQGjhYsvz6fM_xwNC850rOcD7AwfNRHMI8{kBLRX#M8sF)-Yu={JcSd;ChHZa0P^&7 zI4j(?)Or&DN%y>n&dWDlJ;(kS0^+Kuyo84#Ql9Es$e7g8W&Jljj``+)chaOTE9$K; zUhOtnC^AC~8^6^~=DSocR)Xdn+8mI3v&s3y?`<7u*d_1`shHt^eNmcky-wK|sZ}_B z^iRMpP`=Th310ZW#s+$#{_VSBIsUq|<`a0uDQvwv>`1i<+|UEh!hX2X5?zm9MsNOq zjTC(X>?Y2u8iIk>3i=K_=>+8}wdT$n71O;m6;Ao{_v!u8KW*in#_s7j!y050f<;IU ztN}0UQTh#JDf7>FI--PQ#Z4utL-xd%yLsoK?rkkbh(Kp+N7(fo5zUo({@?-2~XS{Db1JrcEF zOR-ARX;#v$_SNS%l1&_Sr%HxPY*3z4l%h|+WaEse$zF(9^&nBsDt;?C9ltjgJ4ERKI@5TAR#Uqd3eedhDd9_J~=47}vrNGA3G=wc(-97cfds>~(I-)NuT zJ5qyvoG0Z49i1BItAb@j<_R>Sd%3gJQj%z6wE+&TOI@oDxzzaQAg z&zLNX$ZZniP*2q3gVyP|cOeVadCVLW)zw>PJ|Z276lg73L#HD!V+M_=Q0q~vmzbQA zo!$kJ=^&^-O@ZhaJG#;n+jH25h>;$mOS4U+Q2^z3W&Gd#q~w@|UA>u9xjUeDF=Xfv z6*Y@s!_V|h5c1)qcmJTZj@gcs4a3s0PK3VR6RjNnxKzFI5zH>xFse)GBeCIR&glr{*5*KaAF>$2BA%)mO5~9L;@$ zdc*1}#&jAv4h?FUA}2e(aYRU9)QSIAM!}7jaxg+&H-9F@xx)Q6Y3VQ)zT~ptJ89}@<)-2t@4%D z2ji8|g*^o7w5q@9FAp|RM{K~RHJw#?9NVZAxWwLQ!TR^R<9xw$*R{zu;GaKpTBcNN z6Tj~;KRugwziQ!dt;2f(0Wu9oYD_!W^11P^#seNpZb(-%rk>r^(eax#3d(rVcR~~y z^N_OTT1S-*1r8t+UTPtZ>l&0)12G6)v`bOi@J|;wK!8UeO&_7<^->qIfj*;|9m@4m2$43~l*wsZYAQ;t+dLXz z&`V#Z^9Pc6WkrvdGFMlK){1wbI5*aH*x-;@O|a+4tIS4IHM&ZfCaj_uef?XQ_L=uu z<<7V+N!JPnPk@2sDn>e>spQSC@?)IHMwHTOf2GIr437PmBDjX>=U2AiinbSPU%Ik` z_g?y7!Z7=ivN3R6Qk8mWERl{W}BY~@LGO^aMGbvT#oiMDywL}M( z8K1;rOih>Y!-(ieF87VW&omj*tY=C_pPbS*cm4jtVQ$FQM5KH+Aci5Dvm{-d>q^i| zm$Twz2upv$8MoS9K--?VDb|NWg)ARd72yaEb6(`E)(V1{ijATTH)A#R146f=fgZY1 zN)=8DZ@Y@2)wd?zXu~#d1CHPcwCXa5eJY+cNkXG?25L4Vc?||sOd0``QIp(@QzQQ| z-hvm6ds0d35%#b{Kwu@)!e;pAm9%t1$Os3Z42^t_y)EPwGXoHS!u=d`yy29((7_}} zfY>QO)RM;L2Nq%FLgW+Cz%`R?&KGbyilUE|?rL)!UqSXmb#sqB#Z;*69Mq9&SYSD{ zumS^ZW|Uo*75<8LQYIJ~mRoGy_(?~x>spb1O!<=3H5*eZK02Vs^R*#g*xt2WLD+1p zp21Mt^D^NNi-R2?Dm$2F56@SFEW^-t!lAeNKn1%0j$jf@DmFz>OCY1e@jG{VC`I0I zj|n@zgDp?A8jWdFrpSz5WlE9nRiYVxbsbdEmH1ZPiVAAo<0p?9G$S5%nn9~ZqhTB` z3%mjpKRW~54`iBD1%N5)-oR1KRR&dyj6^kwu_L5yOo6fC)t=%ZGi90Blwft;N1haW z*I&^x4>usT554(PlVv2gIw+7+LmKy&hBdw&C1p1g!2$R~N(xO|{o+$tsFiZw#SzZ!6#R=oRfzpE@ zPv&FGDKKp_=|pN0yt?fB4GqeC$pQw&p@F#M;o^;m*YjEKHqzID?w!G%>|&Ld&P%_W zPl(0ax0O}W++t-P)rAx87J4paO$L$SUsEsD8j6sU5|OGa7{6#BzcrpSdL>+t%bV4L z5uW;$#1{D z6bkqL_=3Zc+nWRSk-_u>a1}EIOpF>*|*%cVNNe4T{vX(9% zzDSG=FYXc!%K8U)V2Nx?tI?WjGp~z`?lR2Cg)^)=I}|rqaR*Km;^2*<^#K?uT~;B> ztWIC;A^+t-5d5N>b<^NHwzQ4GOGqWV-X@4bViqeKb10@D>lJ~7Di5wrJNg?YN&47DtHpXjzU4Mx_kYp3u$`eeoAgj;S8=b# zc_5SRk!r2^Z4t1*+$PCEH&KBPaG|34jg`88a_D9YO|R+{M15F7J$>XEjm1l=TyXMa zfjl&tDC)~JRw>dNrc&j*F;4t`9|T;gU?f=_UWin=(9wMssA;T?fq;{^^NiUdvBJ!`N@pfQkNGRE#fpV=R?#5~aUX^6bgjD{Oah%@!b!Yt%RVWY&%_ZSK&<6__Fq?VS-kyD(H1L^g zKFbfg5{37st{QvoOb6m)^>PujllB~o{oM}q69!W(xh4~69n$6M4hPGPd!`fE`f@Tu zs3Sz$CmNR1tpE$0+YgdZKTDMXGe^EVMU{uqC?(4+HtOiu5GFz~`8hEtay9wwZ%(}j zRk|GkbzVBkm*(=%u`{zgoO@vh(3y4gBNMLQ4sQ_8f!|`r2=9?&L<29je)eVOxn`y7Hrc#k$pO~4_sHt ztFOz_yV2TWz14>$ozFOdtwv8r*0niD8w9MQkyRqe=3TPAWxXKA6P9Yb zX=xF~Dg2VOB56@E+=MfCG3|~Ll8@e(aarEEV5Cd!IC3ts-vh5LwV_H|UqegHyqtN5 zv&H744tmdgBBj7?{oU|F8kS^8(t#Us+h#a`kejSy64Z>zGDYUulm<5jtE~329|dTs z=|(Wkk`@-J8+7rfD6RTwEqZ?Q9=>Nj2?paCw5IN);>>>U41w<+hR`?Rfa!6201r_7 zyb+fbMaj~`Z&2jR3KdJ)6oaAte#FMdTJ@z#6E6sa#pyt&wA|L32!uLcPWGFyIph0*o)#q1V-z-2tSx7 zUUK|Xo`vW1)>9J)Io7EM5~jTM6(lE8gaImgY{kl;HHNaf3xG{68V_WsZDviF{1gDk zyH$m<8a3bp10&x`@t~0fv`HW)J+C;q)Fml6oY07RR3qA%8$bUwx62)F$MV!Zu*mI& zJ^=v9j3}*H)C<3IKv?errzSUkAJuk}CitcKcrGF8g_5q@w7kKK)m)A6Y_oRJdHZTI z>bfjnGsyJlrpLq6O6}VtYd)Zg#up&+3jJ)X^IbcBV2}d0;*}?;qvWr4P}d9euZ$%c zG+DHR1X~P~-917_zsEx&Q!d8mb&C>wiG|P{l`fQ>IV$IAQrlrT_lT}S*$yh#%O`a5 z1>C6`V~g`WaaNIn$|erH*~cnwk8K9VF}(Bz(~Cul6}B_JA}HSF{dDGsn7&RAv!0^dM%WBH=7m|L6devi^_$|O3 z#gkTFVSSkz7U+S_)FYkmWZ2C4w*CZ#jCC6MbDZGdH_m+A{&Xtj-=`mm<=C7oje@h! zqM%M`A-P@0ON3Ka*WH>k6eBcc$jn7&I8C!O7d}G;@pU(7t=4djcGDG);=42`x};NB zs`qxnBTXa-m#rZCu?5jeFtvmvzMuY>j2ck3z$^X^&{q&UHa|r0hpbkWp0D(+RT7bd`z)>D z9Y$XP)>h5K?gk%BqX16UK8GCv0VX6@TQV|3%)RHDIi(Y=9(8VGhhCpXUBPuc`8Whc zPw3I~%n(iVe|xMQagjEgMEADP?y_#BI+y8JNs`kLlXt1>1GL3OEJR=>xlrexZhq(g z(;Cz6y;$?WNguaB?tWZ%O67UK<)FBVJl$74`rX5T%Z*~RxTO9F1K<|%R-XCwVB{oH zV+xYKfF+6pEeCx=3+-BeRIeM?uBu1cR>RbmwqU7Ym$5(R!YnZl4uRIODT8|x^3KGgTATZI#Y z`;hbR75B<^JRnh~%}dnvLvlb0r3P4lFqV5bZV`(+g9Y=)g1l$v4I#6)>nPF;nzl`62ui)kb)a zcLzx>++sKjGpBD2Kt0y60VB4b{U5#H+B_YtAWa`2sqr*D5+G^#h*9e0fOaV2K*{c| zk?I?3aHGIpetfMR)~F(B^ZJaLnauQ4`zNLzX}P^cHXjJR(XqB&8fE?I1yDz0^h+@} zX3B!iKb|=W?CQOl2WR_TIk>Xki>p)3i6;obNLP8yg=~DXSxcCP_!-)P=$I%c$~)4= z_stgzL(WQCFPtiwi7n~ zZV4-mZ7FvQz7M&@5Yot*L$7v|Eeak-siXOZ8NoiD8AA80G6Y+69%_}u^1ZbB3Agc? zbj{OK_3uAUt$pB6hK1xDkpxp71~vp%V0U;PhU5EX4qxSexCh6di;<;56tADXGXH6Y zcE5CrpQk~_b)@cCY@PKH9qZ9jnkld#fw00e^WbxZ(wSBBH_NwKc(d9ugojO$nF$AL zv1t@oc^e{b`rS_BHfM-f^%6Hc7 zw|dE>t@nvsb2Wk4`lw`WM^YVIG4Q^xc1hvqR$LZ_N$ywDnC=5$W7b_GuHLA-Hq+Z6v4tpjh6Szj=a%x8Yk> z*Cq#c_tlgft=Lv)yhhIUhRR9~2b0fTu!**4zaQP}`YOV!J*JWb)Zy>uarY5|!^|rY zh(2(F7n3Fq47|c$PQwJJzP+4htjgo+^Y}cpIaSl`7bcAJqH1(V(Jy<{LN_t_QdOGQ zGoJ@Y+E?*SPp5{rzkXU1F@HBtKhwydQ6n>h>(1p~OWV*QNi~Mkx-6N`t@&;$6#AVx z1Txy+9y}9ZyBPC3n7uojYSXkZfL4p^y9iC@L<&t%X?BDmQ9IO->pl@C1^%#PK%lIx zP{rdnhSj!3{$nvXAu*d!$X}uZDB6=!?>Iz<#Sn zZPI)V0BgjQS$|7E0+NN77(`y^5X^T{2z&J|XuB`*|E6Rf&Q|66>^VE;JC{M~N%m48 zWsA!*1@VkpPsdrXUxC_n5{mk+ zBv7(r@LXQBh>(p9{ZT)cWdnRu7_i0NCt}ADaJ%NQs}qG^(+V|N`?8)LcR(%DmXEu6 zhexg(#?^hJ0|HjEF%~k>{kavEMMN#WK`8oxE3QX*PBC?Foz(`?kbu1M`k|nrj_h{g z7=w$6^YcG??@k+)j08J@bs0$o@J^S=UdEEWyUW%aw#n<7 z0~l-(Q~}T87!hFQ|Jst!H?fqIo##$C5uh+b=slcoM-MjY+al&$oS32QOm!FTY>LWIw1}89wt?Sx3LizuQq}@K4 zy@(-@w|iQ1n)yl^7~l*gS`0h=Rx)4czEl zB&I$4BGh(}WZBB_GWM8qy>Q1R+qbrA-mo*Hzv=#c&hrfmySG<#*-rs+Ul=4yO0UrP zu2-7l5fmu+y=Kd&*d>;B@lXu#kUK}23h8rYf6?7m0|h=B=jZdZ=Uy|>`pWZl2Nzr9 zg{zgn4RR?8U!wH5n@2ZRaCJSY8BO8e948E5@OQ0M|3x)B&1xrbj`aW}oLjQGvL&1` zI9s3bD?ZqxQcI+3Pe&GLgSQ`tK$=nVu@t|I!&y}bOlg?myVVCDP8Qn2uk{A{L?V$u}SgX?K;yNk#^gKKsH6a#uySC3g{&t zR(F0sgD5j(G=F8?l@$4+-#0Y?}MrmB*#7YJ(BWdNi zp)&k+N&j9uCYnAm)2xarE_a_PfSN6U|7Am|9%$Y;4nm%@D z?8uJz5hR_mSxIC_HjqDiY!J4jSl_gA%-`j%pw|wS@$Z_M@SDZ}E4ozB8twO^RtBuN z?*0V>xQ)%obQKcWHZ{^alNf@CcwR+}%vGQ;;jbN~{V@hk-&D{02idpMgr@v(NaK#= zh`0O6+A2^8I*3E_|`n=y#WAzWPpL>w& zxKi`@lcXpztCqyvdz9d1uBs6Vd9EJTj~wX!<7{=;azbeY9?MM)aSQ<_OKSs*(htiELEz& zLD8$_VF7N^+mN7`>!;Kwn~gOY;Qm zTUWyCTgwPUBWvI-yw_T$*eH``=g&@oWjer8DqIg*x_Yu*!#!Y+tP4LO-|tQUnB4m?`~ZA=O?a!W$Z;4mpnV1a z+*0X5iebbH>>wRSf>#YCqsVPrE>EE-KbK&sb9;|8_EA%G;EGt1-$d-NqF{6<&DQ%#n_o`DjeB$8!Nq#$l-JH~{JMeE*GX~56pd+ni zN)!CBT}J8PRZP*VuazeTaOcH$R)8dgT~Z4%wi$(5~Scm%4Az;RE zOEM{w2$sLfF@PX+(f{5!Jk0F8VmuATUbHgs^gh$Xh%PuWf&;Xm{qZ9|06<9^aPxvZ zk){|7`45C7f4n0$o9+#(=+U@`+p|9en;W#zrMam2j?)dmWlmf?I1|HJ7mU zAGd!FbzzU)jD$d8I{Wd>s3tvj;#(F~$u$R0BZr7O$dq!8jO%6ve(bqjq z%mW8{9~c7~M!geAA8t{Qd+I;<$L`?P02=iFo|ZA_0$76}P5HlVjF4a4RulxQc5w!4 zgre}oFCpM)%NfHRGUlzDc?HKx6KF-K2u+Csp+0DR)+hOdz`m&*nifO(yikdZ>{?EW zGs_VJg{SyI&EiIx2K2)|2apTWoz@;?XOqa|u?>%f?u6a#bry(-&jrdSlW$xv*4g_+ zy}{17l#dPtA*E=A;AjcpI&yLhv-2E(6f*lmEmkyalJ8lr%iiXTZRJRxT>au_Bn)Bs zk^Sn+qpN$87buKNb1?LXga?&;q3C~}Gz=Jv>+oNwOdUA2zaXvcr8@PRavx)%+eE&g z;2tRVE-J!91fyTdD}DBi`f8dF2>?qQl;IKwLKrPima^WhT^?DuTplSXiU{6g8;0Di z`TXvrU3R7jP@P%RCsDQMzFw|&1!L!`9<^lvr|rrhGz`4pDFC162{ul58dJYV8^K6- z){O%=sOI$~+CEY^SG?qq8Tu8y&Lo`ZB{ssk$<(=?q%EhCnBTVyX}^~EA?#)KEga9Q z%=~`-*L5q5z;i2d{)4QuPO)N?&{reDzkDQkv)jgV@3Kfp@^cjmKu~)1P6XXQ>TpAt zKDN77oYuGm{OBgE{27ueZrt^~YFBu_&|$LtHooT~10Dav-%qR|foQ%5u!7;j=a=5k zvS$?Q3oSl`a`7iV4q!+KQ2w>~iQQN%E4&evN|Bz*;C#_vBDJKo%#xyp{S ztl0q0SvAVqo$f&epJ;UfNNSBx=3Hzd04PA$zrlHtG)A{e49=Bx+0nOG@VfddJEfn%%VTg_vA1Ll)AOe!ajGs{viO6OP!StExTS)*c%Rb*O7 z7dEG(k{P?MD9GkK(m)3%7;CQNe+9n>8V+sS-MH6|%$?T-QIz zu%oD5&KZU)i4seNLrWmufpS1t3nBcX)>)}vz08vaZ>TxKGB$RTrEG?^VeiwXOV{V~ z0dPf&zHpXJZBy{$&^Bd(Tk3g!?s){^GAmTo7G5$Q&_=7NvRs^Q*B;NwH&b0g9R7n} z&_}+KfO`u*Jy1%#ljkx491p#&uD{+XD!9F%h*Wmz28Zgm<J`5~2fNn`DHESG+xls+FF|n$YN)U8hBrXZ&J*QT)e}c66#B1F zRJH~l_d;xlILY*`EU5Gd1N)1EN1Vd;rv}}s1}OHKJ*)wR4U{KPBk5yL53~A|x)(0( zI%$X`6sAXRm4dzV&Pq{Baj-R|CV(PGI)l{_c+237RG-B3+F5E@^aCht)=y7+&jN<* zLq22cdE36;n+u@rp^H?((<4+QM)vn3vwOyDxs{(beY;0oOcPpUiHk#4SI)dxoY8q1 z!au8!wqcVp7E-$z)xBc^PtV6|GAuIR{8z{LF^-VYInF}x6N?U(R;YQuBtLI}UszIU zjWQeJ&O@(A8#Sb2u3{ef9kJ_&?5Y*a%F}60Wt6!1`NfubxS%wMD}iH}+lT0j^Szj~ zSvM_hbZTG*_|bHk=NCi2z8S@kT4Jyj5-l7D*?WQ5eX^I!d(GY)sT{4YqPx1_3@=Y5 z1_NGDh8Z~5Bq#9U*xCweMP6JmrjoJA`1L9lMp%R>>8{s~a%%dH^JAO3KM*8EAmjEE zaFJ+W828|_J;HkxQcsTNZawT%>tsXnuTK&Qc{g4LVHYa}C+lMpOaUDa3>b&QSI^Ed zCk{p z0R76xTzf3AoV5^Yo7;cv$a50T6D~YK?{QKkZlVhffk~x?|Btb995JX-(t5F;7*N_bgBNFX698>zr@T6SqV47#VF9Y>(9fKMVu!!Ye`V?vC@gZp!lv~mJa@Ir=NLU-zfny@`|g>J4aF?`qq z)7Uj(%mns}2tJs?o0;p7130p_p0cm7Eex9%PtEt&_UjY{yiYb3lGkA2d{gAaV*9Lm zO0akF{WZv^acqDThUE}SD^Gy}kQW+bUZ4fjYc;$*yaUz|IzIUjB3;1ie_0m8RSo1B!ali_J#XLZ*k8$yXm zcGvnCKqFm6hQ)5hu3wbc#9vFPw!GdCwMFWns_FpUr;K>C|FEpeUnDb|GFkE-MVy1) z5t9m|rp)2cpl>rh{0|3JZcp8vYG!KUI>!h16>m1u++Xreyl{8&-B7*VwRV zH%g>~K5@?rb%yTELoOEn+)ng~;I5TL2kR~|MydlO0q9m^2@L0}tghfM8&1gNO|)B6 z&wNv{hjUNx*obpT)hrJGS>T-ktjwk3aGCpo3# zk!)p!{M9Ngs(AS2rL~kGaaP_h&s6!b1Qs+`xv1-!O)V80hSnV!fE{XF<2~c(}5LjkWQ6q{IMbBA1E6rUe zpm*y5lDORCYe|8weIjLZnuhX6s2JwrCFaT1FBPe4`}}Szq}$on9BNAB*pCv!NLvPQnf#`lpLL)LG(oI1Q8Rd zW)Iz2&==iqx(OT;PIWf(3z z-e>00{d1i3@;?(^q+2{1jKqs3DNd7fJuo{4`S8nBV4MkOFV9$t%KG1Z6^XPaa-Kg| zsSD*TUtkb;GblfKG>FrPk z->QB(hCRatRe63|LSqeczlg$&&j)FeqAorpHQ9U+sO?LOgn;pAGBU?o`b#`_H zQhoWKU1Tk)RC9sZzdc^aMqa=XkmyX^WkJrfhv!tv2KVd~t$M3lN{#SE{SK?aIAp+= zIL94-OpkT_8#)CKf&oW^obJ@45?6QLh`h763gw0*X=uy&%gezih<%!-Yz{$vWDs6x zo3`SV_s-9&RdDpF#=zd_TDx(%4SkQ$-Ez7aLhzg#CSZMo?Qf=XMarb=)eqdQ-;Zhf**a5k}&xD1DROph4ZP zf7JP;p1$xhjf^sEhR@{`u~qpj?4@-;e!OLKr!kZ+Nxvbnxw8+hqw>Q$zcp_;Y#8RH z?4&&&oe4jyuQXx%d}meuc5joF_ABVCo(vG$I+c7L3v1WIum`9_+nUVNXhws0p_@9n zkfst(5HC8V0!Gz-J5|?-IOuJDIThb`nr?g-%Cymw!oVd zoHS6)uC0Vohw?~9)zB36|H>Lh{?R9lB{*!85P-c*{L3c0n@ALM6slJl?I13S_eBcy z!X6VauYgtb-kcbR0#mluO~@7k8N$_{QSKI+(5#$M^VrARkt9uQij@hC`Pf-78XC93 zptiv&6%`*j>&)gp-Nw@{eK#lEp2hBNwV~$Hm)XI48&6?PC!Rv>3r)93eGxb@-|0y| z8YlCTeebF&wY}hJS4^g)gQdB}vYB0qM-Gr(P-s?9IB#m93(VdZTzmJL4-C3(Iq zV37R?ha&Ept3^vq0Ksr9SsJPrZ-#E~_q>Kd3i*s>gW_>~5&l4rB%@yyX^+Xvc>zGO zZWmhuoh@}5Mw~vBVyw`Xzbowk0Fq|(792ovBpV-(GV5avl&sog(?%2p zOvAS~>4`$;@VEN5*37K(0o3E=(^odD!v1Gi=grGiH1bhc4;_4{=(z^0MAJf^y?sN| zI)MK^y$qlAR9I_sB@sa++z0@j5B@3gn1iY5e5XF&+r8sEz-Z+0IB*%jLyGw}2D#lX zbwTyI5qZ11p?(mLB8zlLVVr_;q&tyWXee%-;y|T(KkPM0fe2g^>`h-WH5O&fEdBEg z9mw}p$BBnPyRX7#K53&3N+<%mT01x1Eva{TGurxa7)6Yrz6y!f5$j9}e+-U=>4d}s z3}>3VYJ!&)heYGE1C9A?H2g|V$2#4MJI)II0P?;5IVY|g2tah4K?B3#fkET)Fw_ga zhyUjQFhDWufhWWZ=3wn+(|j20CEZ%hQvVc|YhUI$MK==E~e{Zixgk ze91}4^F#qhadIH|L>*$CWL(SFDgj?>cDDyF5cphzJSlZPddGNkP1;n6J@5DwBL;-K z+L=cp^yGxd!DY8O>i~czS{6WFfTZSAF*?bg5IO!T(Kw&}ZIw;NH;-jD*J7^gO@+io z8{=`bC6JAP=8Nz;?<3T-9#9)x6MCrd){E{-Xx(ZT8+Qz5JpT);*o3nm&ty*C#Qi`K zxXGY;c?-Tc#B;H@ckFP&*wK252;?6G_2~8$0vT%qANg|A^8;{F!AP|Z3UvNu$!r$LF6wnLcn$Sf%I35-b+x!j zN2rBYZ3W`+grv~ILdwOjVB!=Fh%iq{KH--BlbNt3_0m%zq=!19f3JZ>Lk0q7op5fN z=>#AsM{6A&BE_N3kvARk4}{t%D=vDd^X5RQN0dkC_FinK@^+M?bsBU!YloPeA2pQF zFfCZHK#`I9;-3V)_kiEeYD7R=e}?F~E9>1PW<0XK3C*SoaQd#YCi1ftiGI0khJZi2 zEG^Q=yK$vTb$5(t#%EJobS<(^5uK?v`hw)~XaWalw$``c74nt#@qX3xoOplkyjFL) z(ViENbWc|OI>t5mUGhD!&}lx+Fs;9J0n$WO_I_~vq!#cy+VzG(9m~xOF1v)a!B28WaT4V^vrw>WA+Fp?`jh2 zGUC7^bBzqh@a9~4m^0_*METjVgpIqY<@nf#9pwo26PDfS*oF48^Ucn}gLLN@(-XlAH0P{ z;9GJ|TolbzcvY!--L|m)m{fpL0;X^n7IRt z!zu!NiQrioln3-85w&9`kXL z0Vamk2!;CvSafek=kb4v&buiN1rBOu~~NC!1l z2J!{IC6-fNaLKM_B?JO3Va$gbGlk&C+03Q|ZXx10TYz_VUCUv8SOf3-^F;By-&DVTaNha=$TUq9oA0;%;R_cgB7yo1<^K7ztKgtT5 z;E?GmE0K6#pIW+>5|CT}v@mX3_oGRc#25eNvrA0+3dx zd<>FK7F?nisim!ri>BgTSK%fH5>auzhe6u{D+d|S)Bx;p*}eMa3iSJ_OgiZ(V`f@{ z#r8n8y-o6^oN)8w`&15U(h%RAu^AuPuBHC`M+rhig=+p(&_X8j6eP$CEtk163b#^h zzTRb6AKlf+gQ-_o$DYERzQ{L*8~M5HRCUV{FVl*Y7BB6HC_M)<9VPdw%DHf z#^hEtwh}1ZO=dzhHSMFGi3Fo!U?6MW4v5Ma!$-mf1B(h^i1!!zer$jw^&3chc$%W7 ztrfeq5AKd95$I*2v^Em(J_B+QKTCc6=F)iH-Iz7Tc`(B-v2>DK`6;1eP#C7X!jt=5$;e?v$U7ASKlxepMaF^d z23h4Sx0YUuQ(TTh6@6G^v-dk2C%odI#W+4^a;E^g(JeH=5O_;Fm&3WCGoJBB>wz08 zlg)Uax~oJW)v8gIvPCY+Er2aMv6CaHrX17kVb-l1ttVs#O?yvY7mi!W6+WT)+*9Ay zT%|g`98G~HOF6jCbiB-~p0(glDxJ@}4zZZGFotq9Kk+u)D7!cxx8i5(49vIAw>0Tzz#vzJ5P0-l4=mP9@LK4D#H&Z8+kv%K_wd7vSBcOmYmPlS|-d z4dzFhiZSJN#C)M$&wL2?`f^a+6qq`!{YTZKO1jI?;$h(w_ zH*&A(r^vP^O*6Qv{S<=KP_+*3}+TdEA380ab|1g?>wj$}MoF77mQ)&I0)_ zCDe-JqE@A5S}A2xZeN|eMP&18-s)K*f77;^1Es1LP%k_wN_}=5Bc8$g6KEuD3P(h3 zK?@unv>7`NTV%yp+#&z9r8lj|+jdpF$|OuHAjkx>FQwlL%#Ni2e*7El}6Bi&LR)(AC5rBy8{eGP-?G}K#DAZQe?PX|=*Uu9z zB#CvTn{OYi0fDS?&f3D4_`xKdX*O-(zv=A?k5*3-7pdD5Z&{cc&rns38U1vs$TUSX zdpKm}zt7e+eq_yN)sYympZJDECokpwtNalDt1{VVX>52+qbR1rp{YFgC}oy9w!gBy z$)t?EGHrT1DWo|re)?+=($XB)D(KI^v*kjl?>gXY^Kl2bUbo?}t2{_np%Pjj@$*9n z_F3YA*KS3;titI4eCOTud^+=yZClH^8Jg_l`I@-;3j$OFcL8p$aorZtH!8~?&{!+D zL_>6*@Ou+Vb>5WLVVU$P51?yGO(As}A z)_5@0WPF=LDvC$?h4-CN2$sv#iz-)-hWD zHqUXByq8+De=!A4pThsP+ThhLGs|t^Xa7xH%z+Mle=kjHeq#TNfNCJ6kbe}%Pdjjo`UK*zfG_TLke@IrTqupLoK?#(#oeVO^+-a zGtBiRyHGIdvXvq*%$PXhVTAvdZMv454nbi4!%yD(8fb zLY(k|6^udjY(Di=ub*Ke4-EO;qp(YOo|kp?-SSWroMOy{EpPPWmG;XifG^8awwh@+ zzy5YaEuAdLbxiRU^>qRE#W@%)#MU+w7RM&M)E<^%O?{B6<`U4D9wP-XVOShX#)F|d zKhY_9@y~;Rs9gtOMVAvq%6u)mTWM<&(1(>IXV>!Y>IVG z<3rX`ebvA)S0|-1(t9$`-3kqYa*?>>;;1iC2O8_@xL*cVKtz!??ue5OM>fpAaI6Pi z8ow{suK@A$v^QL}R;i&16!hwI{<19YH~iNAGD|Lj-o{70+La8}MSVQR53sF^Z`~yM z=u&za8F2hW;gk%mz#4}cO?hP8hS##|!w=vq_``Uzv_ ztDod7C_QTr%;3qC@&rA-d@yK53x z?Xl$R2Hc6225lQLY9EOT0nBdgU`GCut1 z(zVTDxNtBjJWcvDD~LGD88|t;1iKT8ag!=`ZOA&@nsXMMDa4&B(s1jlUuAIrJ@TZm zU9{9iTz^4I?0aUUuNkq#a+pcfD)hmZE8ptc$~g(+wyb#xo?wY5n48Z{OZ3G__gnao!H{P7nQx=s^To^j}sFG=No0*`D#@{5=G-LAPj=CD)wcs4D=X zrŠgJvbxbyzj#~8v5S9qd~kb9KzHD=3&Yc+LZ@2`wt5?4kD99;2$3@bVe-MipEw1sedlW%&#A z3k+*?W3g^N>s0;>xb-fy`XHReqISowrK_e6J!*xP0jU~f_RRj;S*a|FbdJCEO|G{BD5>~%;$F^eb~u3Bs*2egmkcq}kK z*Q&S^`9f;Q~VVq1gUbRP_IPa0~-b@60jzLNsGY!3rfzKMB7fmwHkd$-fR+WduHpl zeFk`^bXzQxOvteP0uMFI@vLnHtRK_BkH8tq9x-9Qrc-VxPq1c;zXLRuVbLApo&b;p zL?KwT7R2xXN@WR19OZ^}6>b`-t9{TC(db+Si&W0zxY(wb22z1?F#Qm9U-}oIu?W@x+2Ot~ngbXS`2JS@+2`!Hg5b=0#-A+l!PzPH| zlKL@Askdo3qrsebSoluhBSc8mQKf_0znLYuaED&Lf^OWokJI3In$cRgT%8VxUSJ3S z!pU=(-~Y7vwB}~e93R`7i@Xeb6+QTKy-FJ}gnMSWS>yPB=M26;l?5JXb!|+XUrF)h zKYQ~>&p<;H5%~9Zu%M=EgDt1wJyD?PE@L@cv35@q2FN@bctL6Q^w}12*IbXHo?}m5 zJ31T;C#AHajX8ddab74C>X>iw5IWXW9=UL>vr(`-P2g+xUeXf)pHJ63om9;oK-(yi z_qyBqP6R^wruHovKMY;qI%T8UOb0e%^D+NoN5w#&qiL+UCLNoT9=o=lOi=1?R*IB~ zd*J9fEnEu3zdWp89)=Qxe6f|1AT_>F(v8JUsB z*EKbI>%a*zJyT#mpLov^SP=#-N0z*a7DFa{xrtQzEr4MBYQD$@FmuwxlWC$UDHzE_ znq8pH5CPRbJtUy$Ma8Rlhw*&kxiNcAY! z?8~q+X>(wwUu)#lsidQHUQGm2q!k&iNctiaM+trSV&;Z{ga>nYC6U#1$7IXjBnMTu z=Z4!cM0YU_Zm!5;TGm*FlpdL9`dOOTaQ~qQV%GUB2vwqeHLn*-_n~u1y1IUbML+BG z;C`bM$4%2*EA)Fn-$urLeNVy>c`Kk^n%O+k(qf$h?;*~p?>lt*q$lOiE3;9Jhj|Js z8VTET7x?Z@SppH9$i%pgq-QIDj9&VIo;Qp-NKKI*MY zUlpx*RR0ubP~cGquAJm9dI+R)1Dg{Ko#pS6PRx=3V(w)P*hXv1G~+v1erXeofHrQ* z6!=Qiz9QYj2oVOL2zfj|LLg)7Q>qDmB@6JaLoI>`YA>XSZ^a0R)oeAI;#wWaqo_ zD54NBaN7q}Q5p#f9JRfom)*-%X)E@WF%m9JZEZkwcTgz){z1=nH0!-F0JQ%EWJsaJ zXi))NCDICcq@RX1j&-TMOf!- z|08Wt8czW~G+AChH;m7dqE#;=;pT7Py(&5v)68ZHcL)nYGdZKzk*HpP#9;X}zL}_^ z1g$0u58Ku#w~~m@gZVLU!Rcp}oFIkdI3%L=JBb%wgySK_3leBs60VAD(+xu1hd+g*=}xJ8zG5jobnfg zv?>Aw-X)8`MN5FEN&alRS>6gISBuXjv=iI&2imwe#Uj*Ix#x4M}fQ4bGmp%vs z^{;Lzs3~DNy`2h4#BCTLDLjn&p~NLeID|Nb&s~2nT!`S0VptPA*~j)o(4wrJOv&3$ z^IN*j!NZ%rJBDL`t0<1N8SOS}AXoD79qne<$iR%C{4v8oU?OQBoHNuC2Jj|}$Zjp` zzZ=c2(7I@x*{T$H8oK9tD&|u!>ln%9G4 zG++42R}*tP3$2|Qam2nC3JD>Ba4Gs}_r>FBd~>_wUexl~0dJp|8ooD)U`aMmiIDbI zqB8v7X2v+tY$~K7%sjZlYMI9)>o(^A2i?r%3lu((s#Q|d{UI4v{w>=SC>kZ7_E7EA zn^!71D}UCY-d|Dh1r21_PYHzRxO%5*B%=_I`6#}2uznb~F}nhLAy8Y*`DCl*+j-x) zhp)&fEU9-JbB28!rHk>iSx}3T13(x)b}H%V^v{{_|7;=a*{VqmZ#$Fn-~tabQh1_9SK_+8L|ls^VFYmPqC24w$IipesyD_7OP?o#E3U*0PzrihKU z2ddSu9p${!j$_ywU8^eTx#6h+iw+gOXB;S;A-``g;^D5I)=>%SI^R#1-HLpt|2GS~ zQozc~^RGThVGsnm#Hw~noTdg)5;Dv^2 zuFJ5$Q}3X2?2rAYUsg}(819-#v9E6j7)C55CkD7%@6x@@V^L_dc_ z3jlAG=VzuCGMf^oh#RURT3hfdyq=Kyz%re+V1DNf!>0cRv4qTm7JI4j<5o+8j>6mK z*CGf<3U<{}UuS0tRGvz-eT$Qkga>_hw^Y6+Qe&tVRKjoLogE*pdgy0TY2}7AN)g;1W&J7~nEcO~5IN+~MBIsbq6~S#Z;|pGx|oV=qRDgf-Sysfw{- z=sVNnGNL5t;@`?Nb6t)#MxrVg?#Zd4i?ml19YI8Fw^r^HXy&(p>cnx(1By+unp<;_ z7`(q`MtDa+Dl#|qDj;ABNuymqrE;y)ql&vQ_BT>-30F;}Oj;W~n*a^LQHSRg+@lQG zxaVeKuH&HfBHPM{lSrQbRzbcz&$n3pO{u+<2)et{U1yxrQB~VVLe5LJ2aA!7*88D2 z4&VpQozw^5RhwrO0XV~H?r8IVFRLHV?DG%p1c)oPNHyC|0Bg^a1I#dsy-coQTJrT!|_o1`r97pj7FEVH1FCfSR-;q zsAR1sl9JlkL&B>etyj(kG;m9DJrJW~-5If}Nka_xfrT$;Jl2vfMuZiE zzkEl2`xP&^a-(U_>t4kqK!oycjK2j)kb?3;>s*?E*Rc=3&*zj#U-IJOvi=mJ>qoDI%D0W0B$p!cqaN zNbLA>_HHKYm{jz}3Z);t%aph;`EzREN29G4h8k7r7Cpf_e)}Tw=ehc0rk(w5Fidgf zZ8*bsW)MwU9Km|`3xyI`dcTW>o{&hO%c;>40Dtta=QA|VeWcz!+gU6uZ73-lx@S9w zp($CTWYn+Oj4hn-qPnOROYG*CB)kCC&6)Mj8;P;}NCoJs&VyX%P#ZpDZFbq>J4f`6P>G8FbdYEpM)ABL|*O`B5(iWTHY zj`>>=qYET_X^7faCF89Eu0t=zAoVI#1=nQ za~4*CIP3X@3U#?w*=Yemghr%2>HvJztA$3IX>Q~U?m0^Exx~N6{g=4A=u?(pBFM$N zdYZx&q`g@6wX4mcz~#ZsVWB!B`gfQ%C^*)L3Vy@0n3c^bp&8tUzTPu%xUQ6-LHRPr zt4HMN(RU(JGvSgkgdnjrRM!gG5(Lx8ha%Am#n!rT)8-c%=A8sTrKdRdLTc!Z`E(Gi zU`S&&n%6h~y3Y#rla~!iCM`m_nyAJ3H+@-82HZx`PiyW@V~jJu^S&Yd5$>VbQ?sUoA|wYbvJzd#g66SKj#N^=!i2*q{y%S= z_C^1U%DfH4l~X>>-TNeHsLz|yEWbr8z?iRoS$Q{JiL(=TIzulYvK|$Canny_72Af; zsqWD_6T|B{&%jHnwZKHHRvzL}j@n4tP0&UpG~|Ah`L-$1|V%{kt@xG`b2Bh zoQB^(zmWhG=Xmg5gxc%W|3Hiw&FNB=*=hEH={Zb*)KAD3Ht~iano=uK^K>ZDVstwW z{jJqo=C$%-6ktwm2$Ms=5mw127zriJaSGk0N`{b=LGa_oT{Yk z<*K<()khGK7}`VjqW}pz??i-spWIV>hiWAyupKq>%Zsq2jv{th7tKoBYp=J#dVSdO*er@tuU^ zz~1*2FhOkMTw#b9zm2q!4nR?z%&3gm8b+UF(Jnz+j^VbDkA97jWw3kimBM1=SWtpx zCohXnP{c`Eo)Iv$;9(9x3T~CIny26oKoy|n%*r7bm?t!)&JY9{|Q) zXqy=4&PdNfik_m!I?|(Ej3-N#^=kwCCMh^yV`J=lE%M%da`ViK!2t7flq$IX_)Kl8 z`)jlKxDLLog|6qulhXC;#nK?%KbUi6@TTVt=vA};ne}Uwr?4YobOkrbRoE2z{!9{S z^-0QvFEq*tBMJ*@OgSdC*TQGmTM`AsuDK*5*G1^$dcIM2AD?3RbLKRtU#Zdj?Ex3% z$wKF5=x7BxBjZXaqtl|b&OF#xe`kUv>#8JvNZXs3fDQ6XuWd0D-^V;>M|G1|g%FYQ z#rhk@Ek5$J5bg?|4mP6f1kh3NKCT&i&T2N}G}8p8Z9XLF$HMa4+0M;xDRc+ug%ynDT%>By87G{Cpi653tDY{buZjojzix^hGi9kn zJrnRmf`K&xza1N<#2DdD%TB=U2A-jRi$vJsw1t`Iz)854**tN`i+r9ekldMvHCd2D zUyuI^Z)x7F1NJ-#ENh)=XE$03FJX3UeV;M8mzmZs5!;xbC^;dfciwBhx#BKu6myjz zanQDL)(R#h*TK0sD!7~qp=AKC-g%z6(36iyw0VBV{G?_5QStmWy;`9dT>7Oxnmo%8 z^iji?`{!sogx?)-!8oy@&^RL&h)t{Ni&5bsHU;jpr=w+X@~2(d$=mvj z^}X;Aezv~jL|99SF~we_k9LXoi$&m!%U?hQOGmIsvT64C##VT(ZSta)-b~z<1sY9l?tZF5wt%xr6frEa>QOeyQ@SHAo(K zeM~Zn=bcaI1i$(9mmX{-c=h03pP98)zMWI;NiWP!-jkWYsSesj8Q^>l`-`dS^b%B@ zyHn2g;0HSuX)^AHVhJsCwb{%Muj>IjeA#-gLHgC`cypJTFjscbvR1r3!X zY@ArtY{d;h9k`1d$y~SG#YT^~m~}7oHPCkr>^`q|=E&Td%($|Ud;aC85sM_LN`ReU zw4dd1y}b0Ar9}>g#ae@)Bwx09FG1*hh90qH+x;l54QCfH`pbwbYX8FPR#t46z1Esc zorr}TKOiN{jhGOV<0gER{^Y>nn}2y5StZdVr0&9jsU-VTfz`jgJy3|2DbW$^#<+}b zMw1oH+im%;KQ4gDgx}RdO*jJ$V~wLno0A%0dP$&mJ;u5WWqnzbTNRe2_Ss>c-zNc+ z>Ze2KqHpv*>&A0Un>GyULj${$!F@mV_U%BBPOY`_7OCxf=S1Wa#Y#F0ZsWs(LRmPy zd^$zLL;7k54z7uR)E%w;{s#V%A-#1`HU}6g$&ez+P=8w zkA*@Nu2vixpzCHs4ugqigvyhCxm^d~u6y32n8}SHir4`xHB?(}idkG<(W9`*JvSVVdckn5F;7_MGy*KBa zxD*0B-KPR~_|@+K1Rodi1)zZbtF1H(B3?c>F?K;VHO{=a`(JJT&;B8cUw;$+wUf~P zZjTXzD%?O){4{W7c?|G0u}eV8Q-729ob;tlk^bn##hLiIO0q!eQj>@nU#d&QgI%vB zu;-S&18Af%TLy)V+5jyxcYN;{;XBE7VgC|c{ke7b;q$DqLF*LkUgH;Eg`Q-L|HnQT z!*uH2%r#|?)?X>-Li@La%xn)x%i$!BC#Z2FEN=2>5}~HLAr3X44@cn4zabPo{LpbX zT}I$e5`4Lcp(e%`CZnDWuu374_9Cpll!Ppdw()frW{W&eS6jVGo+$Zvv8zP>GV;}m z7}y5Av;MueU}U%?5Dw(t6h?k+-;4>92$U*}VE)kHDKPwhHeg>R1*JJf2RX~|eU`ip z;b<#ycsy1fkd~(lFS*crHj#W;Y+RXieU65-jeKTtN)+_+K=^Cs!?|3giqaTxY`DO) ziDPNWl;Mr)GenvUH=Il?s>#+}zKZ3%nr5!By7Qp0@Rpr+I8IPrw6a3}EFgg@MZ$LP zp$oc{fhIN}#p@C5&Qcq(EAflb1o{|YW!yC~O~eP;f2-^ zs@os)esjcPO}2}=*3ZoDvs6ZGOeg)qBt|>7 z3Xb*{CKV6B3>GO)P1N}*ke;EkEH27q#rZXN@E}%YFpT&NjEr1_dJBTnMI3MMc|J0t zCTOI4%nQv2_Dmj7j0ID5TM&2_y#kzp7yvk z$4!O$z#N!XY(>oCV z=WO^><;#JJSMw3V($)X&b{Z!-Ud+oJ-ou@ECXgh&ZW6Df-XjVjfsxiL@|&G9BCM%5 zeyr6xMYR4eS=uHi=o_OR#>x;NZV;X2j66JRr&KnChfON|mJm7ZwsXy<^26RYQlUKG zMJum>0Hh@li`~Q<4(SDX(l*0r7yftc{k$}jNQ%f|DZjq0rXF~FTzQBK|9Mey59p8U z3KFtbaGG|mU&`vw*(*^yB|B^_F(=qa>+jzVVkd%0RCk5nh@I3wt=?)x!-vOmlGgNG zw?k%fQACoxsl(yxNjx}<1L*SW`aNQMdZcqrBj8))Kc;RqDN4}<0hL(woDP|yr=hJe zNdYg(Al=P*((6$PhzKeW{36MqkTBT1+n@?Gta`N$8S^s08uWImaY5M!c9xf%q?i*Fw)L{8bLsI z-8~Llv~U?=H;8Vg%aT&nqzzKM!#RExpXSAVb8*2gCmFl)q0s(+*uEMji+qtH0vZ~g z0XkS-)O3iNEp3c;<2PgtSX&!I0J}G|@5*9W`yR(0-F+^==FZ3M5DHf(h`otxc3}LCWhf92MD0Y1gz>H7t&w|Mlj_8 znd{mdKjX^l@G96pq(~r2a|bvn(7Rk7b)j!Qv92XIbkftN?Y{(Sh2SuyzLV2P46Ao3 z))=tut7=ylviSVHhCmeSO;04m^NGrd9Jz(TJR$RrsBY;M&%@LTvupAcx?}bP+8DFv z4&cq$swnUFFn5iTbBHagFWhlD*y;Mf@T;$iJhghn>0;u7IDxK=pNqjWNQGu0MVV7U zeo(e>|T?WJtfEaW_xgwm@zLEV*8qkvjb}uZw?G?U5^9u9N!Ne z;gy{q3x}yxr13Ya=`bL_m^twcX8}1M#^Cb!zpYvD8DRW?oCjMsJE9zvu&NFNXdDh^ z!1nxIjYFZ@y&^ymnD$6(X%+ZZb3Fp!4?{}vig$BJ+tSLKD}Uq+sV;p&FG6hXC%LnCBsVq})tD-~WSg=tw}9#(CcL|A z&hfcdMN(6ADtNG9K}VXX0qOULdV`=o>H9cPNCbVhtKi^Hdf_Z2LH_mbLa-!YXK;dW zMbkr35OP(~K_2j(%6TM00MIV1>`FG0ZYxDU_ef!8$7Q6EyEy?3lS@<#f`ZFmrwvEu z-PP(HKH|Ob6-@ zh`Zdq>k3tEYx0&02|;`J#$x;vveY;vPH=sIEwj0Q@ip#`yY<%yRg8Aj^F_dUApM`^ zVxk%OX7O_ZwJ^Hox1PIbG*@Le7^9%Q#}iJO;-}@!pZAJahIBFiG9W)#jUA^o=}y8j zX$7KLOZJ}IIodX7OQoEbzRSI|0YYzZSIoetqAhDII$y>xqJ}a)yR14CK+Q!!bSFhC|dZkkh zomK{$1GTlM(M`JN7HD*B+Ay&vIXI0^yjP3Q8tM=S-5X~6DcwunFUMsYzby& zK#Z_=Gg3Ql>qg@+2p)=odH2dp<3rf}HY-I-A0+Yz^?9lNgUpah4PGG*dL4(Q&%LOa zI=-KgR>NbGj}^G}?7G!C&u_$rm65cU_N5Sd_pB)C`_c>5Qoh9TNkH%bqxC^XR^81v z2N6Ih}OmRkF!RW5*wWkF|ZC5+<|Vj zt#D_V1ukwEmC-A?nfzh09i4w?Nk)c1ewJbby&?dGuhcUi%%^?d2jr`&u?hEl-V5UD zZktBQuVzbuJx~#?CzmA$$r-75JE~_>>l6xX6YylCW^Ffxh4RlTum6*u1@54=*^-gK z6q^w!J!jJ*bOknyw9(qx@m_iEmMdNRQtNqD<92ugdH7RcZ

    d0?du zZk6Y~01WA*N}tjb`sW<>Q)(kk-Qw&`26AdN^NbNwz9HQ2t$s~TxdX#DuQyK&y;3#X8mi@`#qhDiV>H~f#IU&zmxlhNR$gLU2rGHCCg5Lb#dD!~U7BI- zdJx`pe99kJ08hWk+96q>nc&3<@JnjbhdOc6^{$m)fB5l5S|1i5kyyw9YKY3)sW|@; zzqgjcDNjHwVxFUzA)G$25<3rGfCwu}kJQJdU^!LtY-IVRh883?WCEVx8{Z6>Jm7#0)KGo{;qH>1h6Ut}nkjpBzeVa7!t!d#_E5W`Wl6J4_IO4qD>% zs10(HX@Uf9){v2jK4D@4^{MP|sU-yKp$BUFh87uuaWM`^ORJY!7NtQdeL%y+Ra-HC z(C6gKz(aDkHC#S?qx$PTV>{bLN8-@2_>|i%V|v^}*A-Oj+)`>@v`^G83e8u6cJ+#< zz`^Rtb^0kZCimj07vFr6U zTa0$`&m|iZ*xDte;o9S^ssAL#Yz*lz`Y~~D+D`7B10pGZ9osy@+*skSXL>J@A)iam zqzz68vOM3Du|g4pre<&ceXkG?ObiZz38W zn8OeBPJaU|rj&W%J|+MohC7e5<7u;&ibVi=uoE)gTD{L%Ib|I}xQ05l|IRAO_hpw?l!M{h+(P8t`Uz`2-!Q!TJg+2~Brl4vikIt)Jb$Rj|~%fj#v6I$S<3@Fl8JlXUZ zJq;@$j`1-&=~T+De2z|TdNEuRjxTUq!gSiA=<)%c-pfpNhXDSZ8{=l8^mjZ=v0e4U z2}vOK=M_Ggs7&r)>ly<6G_g)c$RgXCGHTTvmEFw@mtNV-+!7*-j0Or{;F8!y;~yD* z@%Q5NXZ=#X;&Bc*7AmcWEI-OX#Hd#{?>f+(35QgfH4m#g!t3*06$^fUn5E)KW@ItT zKjc(PlY!?uszThYAE3e`%6W>{ zn9kc~H_f}D0^O#14kFspgUjO$jreD<^F@*Qu9L^(%=8M&+DknZ?~zk&QnGP6zHKpqNW;&_Da#K}4f#PU3ype2i=lx* zJn;&iu(LhWBjEr2Gv(D|({I^1S};x0+oEV5z&)^hdrW^)$ETGV_Q!-W^cJX>jkfwTeT=O!Dx(zHOB zNfJC&)L|$&ytd#B_1_9#o?4F9R+nk3w(-Y+A^YPn;9m>t=imiX&Lu!;nEo@ zMmaZWydkSrg3Z7Q?K5b;{_fdw&*Nfi)|?tV>GJzK(Yiq4u#cqfHrc*63k8r(0hJnX zr{$*0fBq}Zu^=KP@K_U#D>E@ji8~SaQ((}EB~C2^H>r#ZCj{Sl`vv6oC7n=V@Yt6w zpXJ_o1%66U8ZIo94F`GQA~PV`XY+q%TA&+%pey;0swivCT>k78m~ne1{Q6j4S1MCY zD+pWgf_aN?ZJRVwDZbf$VQmu2(k;k$=lTNo3<$THd;EcgK-f6tr#*N8F*z~sVEz{r z85rT5Vw6m}Z3+)F5IjnEO#GqZg%?e%3n7fX1v>WSadXO6%YN6D=pwbw{us)FqcD=^ zUVH~Jl*)UWyj&=ZZpN9GCpZ3Ct%o#TJGw_FCyDfZj)Hve6Y^6s9=ooD`od?oCO&<{ z%t#L2<&{53b{Z@Y)o&{o_tIm_2B^CQQ%eSrDz^WYOp?!xo8G18VbyVTY4!MVl?!vUhoqpmnt&5RYa_<0qgQB@y1ZF8la4 zPAtK{yG!`d{>X`4PC1TOyoz2<4yyO91sYe_=Q$hrXrPf zLbqbD=1voRTCb1hc||C49H!5-I`~V+2#^jqMj`B}brpXa%#0TreVmpcL;UZo{3!7| z0740TEi6G*j>zA^tz*YJZ~(@x5)jS8s$6b6@TgFD;9g!3Hv)%43bLQ|^xWZL<%j6K z7VSn6i!&$4Xf|w z;a)9rG}|s`a(sxU%C15}nTt{C8^dSR@(Ls+W!l4gfTB88spC54i~#>63-RKbGp8th zahVar-;)f-T2mVtYU(*B*}Jm{!8@V^RgpfKH`IA?w!(CxHYEuQuzxEB+lFGFOY0nK zOIF3|{%bHh(l|$_OC+vT;hp9izGkb02wTfi)mvu@aAO}_%ypnZJ(=J2bGjQ10!O>3 zlg?H8)f@{awT!V6d3skF6MbyL%`x5|QOD)Xi(&2PXmZ_SYVWIvY@_D^uccCI>_!n& z+!xew*YL^zURk3Or`5;gHHjLO8~EjvM6f0bGUa~MNEH6?{YRfue9tqZZ^0%@1xK1a zjNGOvPC#F>35p(xIA7)lWcnU1on|Z|Md~?&uszWcY;Xe9KEuIO7VY_SWPBPVm(pAN zsOS{mU7~Jg@&S~kD2DHBI1Vm)m&H{G&08$P9kCup99gB2R$1l*cPI?#CGuU?V~?j0 zyVd57$`JZO=xq<`Gx;D`F^|z#&+=^|rxvZJ=4aemx=s!7PGACWM>;LTH=dbEwum+? z=^*O66wEMv3+#Z?+`{TSN)=Sf-;?BgU#N@F{vh5yXOBaFUa_mhJW21Sy`CJf7#T8h zjpxH_FoKz9-3es(q=bar)SqCmRN}u0U6HC3F_SV9Azbz;9w_fx=eQT*3~m+}*Y$v6 z+I;Kg`|M9~mi@{Qf}HZcp8vA~)|Avb_&K1?_izTBj?`35ju{^P?KtoR8REz9EUt#2}xnHhec zfwvR4sTa}#hUyD5L0Aj^;Ck8LFO_!KjnMJtp-`(fHvAPl1XP@wS>IxF5WxhIn=(2l zr=h2G^SNEsVwQbuvl5)HbrEY>cz_BK&K}?ig3DV)bM*n`ua^*OiaAiQ z`A?SqLhn6&+n8!)&jK4M(d@f=#W2345$>$OFOS>IQ(&-b9)hIV#Tb8yXZ?HPI!z8x zF=bOdZA^mdofdxkCQG?Py85l)E4R|#dL%|1Afv$Zs8PejfoP!Bm_*y; zam?bS9IBUq$K`X=So>lXz0#F<#bhq5IR7D`jo7aeTPAGA;6!i5t-CB9*u4P!*|XkB3I zemdpy(2^}q+qAOl&g2q3OCZu6^@{%05{TX`m8U6klVKu34i6R+qp;ckmR{03C)C}+ z_kG@05YSboF46Y5oHufKNb|TXZ!z#ymrX^o!tV3$8N8&T2K+|%x!Hp<-00Pup-=3; zZcQ$16T{&V;FtYaY}1eH=PZ`)te!t(6Y~TvMw(Zn-Ef7--|1SN&F;n1uv#=S0ln{! zPkp78caV06h@X>!^fhBLvXCDbp}}Fe|0w8tFp9^VW;4nqnrKrJHePZhk-<~5-?H49 z@4FO5w5#oLP<(BL{td(s)M=B*v_>Br2uNBkbDfqjp%<+yqzy%%!YIv8rcAAN3COf_ zneDwo3Rnzd>5NUu5rlLoiDXF*{0v`Fm=8_&SApHU${ho=g)VZhS4YSHb`*mrK}{=R32T-cWQ7_aPJm|h;mao5T^G{zSlDJZ1F z#UQx;f{W{>{<-}Dh3cK@f*7{$H&0QC#ysHDcH-V+g<>JyR;Dz@568>fs#KqiF|LIBSe{AION@=Tqp z>+dA9N~U6?w4yneMt4Qq?%)oh-ztoJhxxQ!5pm`1OT@cv-tHYShZ=Wo30_{)7LlWr zvI<7kv1Vj_3-v@GClr*)#RE{UC3OIuAhb-r;FDq}&ZV0i1bdtCB*+2jrg;iB#9F0M zGsoMR?d3>Y;=r+u4=e)9`qtIneIMiU2Mr(UtjL`w;Dr2CLpvCYUt=_xFn`;S?Vk6! zm-~XJ!NJR{s&B~oN}m5!)Uo^;8QrpJ=n*cN;4An2kiRpxQ-C*?v?BiLrZKx0p|Q>q zJQh{^LbD!%T7r^H+Hw&-&YofJ`|LEz2v^C<=ayUyr{hp*ZcA? zf>*Jy`?c&aAt}a0Ru+)f;uuW3PJ(0ptYT zVjls2B~xI{yx<&qilrG(ASHtQnr`7mr|Hf&paM%djFs?EFXq@xDcs{nG~P*$n*T}C zRRr2n%1+}AadS$-J%rm5#Jr15GXmO5h=eC=3xn*{u(2;^rVS3iT*1aW%j<=2W9yzv z0N~0o9{p(VmI1l9Ach$UBa!_Qve*=3hjCm`zmvpd*zT>g%|)%4`V+1231UI(ACs5S zqPJV-Ln9Qpt{Ton{&nlH%K{Qvr!~St&l&D`J{bsp?6H^L z{K#l^Okq4*CcFD)Ymbnj=yFjsQX?XIKK#WEa(z>@azne-*`#@F0(K*ib%@q*rr8|ild=<{ZGY+}c8kW0 zr6-uHf0}|i+*tbC*Py}&KuXis?Yh%^MO{y>iO`@Xb00HF)UJYQz z4uL@x10t_fUw1XAKc;d$wi3P^`x~|9nl;{5bD76WC#%U|0uF z?0J&!6%R9^r=dqSR&lya0uvr9%S(aC`Xd`Xv?)Bhe(8zGV&~~>0}klcR~TQ1yqZ^ zv?w$1IO`5=OZ70dPoU70J;N#IY>RgA$@QT@2QbN{cSqH~ zQ}%<)xF{djgBtEg6z@z$QYcI zBbV5YK1(^SYs(cXt>}F4FTAp{;AGdfc)zk0HHA7ZBH9A#H8YRT^HG9pxuf!^-1^F6 zB#t@C>%2q9<`7p}x?I*+hF9zIez4{9+in+*u~(Cy0Bj)chxq!76r^57;% zQVwQ1_grbr+D@P^{n;Fdm*JV&&t0h+%CMKI5D}$e<#H-|tik+;JK;F$z0f3-4v;Rv zfo{Q9w}&kYumS-ya=@6&2ajpF)mZIz8uC%4$r|SCzB>8bVO&`ZVzr`x9y}}30>8!P zs<|9c{@dRehVWh~nxYYd+ithOkl#xZvR2d;+FN}X-?s!W z(smGvU>aa|z@w6%cmsm{2*JryS>ljX+186Q?nERgt*)j3a^Jc#*=rO*CWSxjI-w9jC5|~wmzBQ_gOuk^Jo;r9i<^X843*W| z$tmYSM*Za8KB$O$mcb~(Lbr1c;m}Hrivg2&iS4)erY~^$FqdUjpEqN3Utsw51e*#Ww%7bEU%4V+ zeF~f1-3Q7Xsgf{sfmA-t4(N5mP6?AxTCNvfNwqy0dqR51F<@$fl)|u)p;=*(T)=A9 zK1+w}MFOSz7k-_vBC9s+Fq_APxDZh-lCGYhD3&k^tya3VQ)C>DO(R%u#qJXzT$!pC3=iG_6qjwO z6;8AzR>p}tYAD)H>0yc!YrN)-63?R0+W}#xK)51K)WQ;PNyDzj%ck{0}9?pY|95Mq3Z~Hv;mCT zlo`z54wm`6DSFZcmxer>%eRBAeAIW$Mq$Uy6;rkMT9(B1bnV)vxX7d{HYx!bMTply zUbDZF4Ul4vJF0*w>?Jx%g|2`(vw85ted0dBE|<7l49RpU@==Xy^DQPJgs2?&`GLTf z7-RX{5Qg&n3L%$CR5?cVC3HZ2oV729iyB7_t}XgpO%RMbS8CssCeH!G@3a!@FCUWx z&5__QgN}95osP{9rq@0C=FNs7t@rXcCdi+n{nd(O&CT&k=}QQ^AA~*&xf$4 z-^hC8p1&2yLX4!c=i?!zMc&Vm?{iA8SXee%tLu`K!yuT~PBSR=BNl7#iQ~AY9F?#z zJ}@CL2?hl#4g&%j1povT>+7`UzykUs%9h(%OJ$kHjf)S#1Qc^p$-FG~mlrSr^BSY@ OfP~J$yKDjj0fwO3sc97e From 1bcb8de2cc69d082bef9033dabcc32aa0b5ecbe9 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Mon, 24 May 2021 11:56:21 +0300 Subject: [PATCH 43/45] DD4J-715 Fix unit tests affected by Estonian TL update --- .../digidoc4j/impl/bdoc/ValidationTest.java | 31 ++++++++++--------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java index 9f09fa560..f5f0be7b5 100644 --- a/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java +++ b/digidoc4j/src/test/java/org/digidoc4j/impl/bdoc/ValidationTest.java @@ -382,9 +382,9 @@ public void invalidNoncePolicyOid() { .open("src/test/resources/prodFiles/invalid-containers/23608_bdoc21-invalid-nonce-policy-oid.bdoc", PROD_CONFIGURATION); SignatureValidationResult result = container.validate(); List errors = result.getErrors(); - Assert.assertEquals(1, errors.size()); - Assert.assertEquals("(Signature ID: S0) - Wrong policy identifier: 1.3.6.1.4.1.10015.1000.3.4.3", - errors.get(0).toString()); + Assert.assertEquals(2, errors.size()); + TestAssert.assertContainsError("Wrong policy identifier: 1.3.6.1.4.1.10015.1000.3.4.3", errors); + TestAssert.assertContainsError("The certificate is not related to a granted status!", errors); } @Test @@ -448,10 +448,11 @@ public void nonceIncorrectContent() { .open("src/test/resources/prodFiles/invalid-containers/nonce-vale-sisu.bdoc", PROD_CONFIGURATION_WITH_TEST_POLICY); SignatureValidationResult result = container.validate(); List errors = result.getErrors(); - Assert.assertEquals(5, errors.size()); - Assert.assertEquals("(Signature ID: S0) - Wrong policy identifier: 1.3.6.1.4.1.10015.1000.2.10.10", - errors.get(0).toString()); - Assert.assertEquals("(Signature ID: S0) - OCSP nonce is invalid", errors.get(3).toString()); + Assert.assertEquals(6, errors.size()); + TestAssert.assertContainsError("OCSP nonce is invalid", errors); + TestAssert.assertContainsError("Wrong policy identifier: 1.3.6.1.4.1.10015.1000.2.10.10", errors); + TestAssert.assertContainsError("The result of the LTV validation process is not acceptable to continue the process!", errors); + TestAssert.assertContainsError("The certificate is not related to a granted status!", errors); } @Test @@ -783,18 +784,18 @@ public void validateSpuriElement_UriIsvalid() throws Exception { } @Test - public void validateBDocTs_Isvalid() throws Exception { + public void validateBDocTs_Invalid() throws Exception { Container container = ContainerOpener.open("src/test/resources/prodFiles/invalid-containers/bdoc21-ts-ok.bdoc", PROD_CONFIGURATION); SignatureValidationResult result = container.validate(); Assert.assertFalse(result.isValid()); - Assert.assertEquals(8, result.getErrors().size()); - TestAssert.assertContainsError( - "(Signature ID: S0) - The result of the timestamps validation process is not conclusive!", - result.getErrors()); - TestAssert.assertContainsError( - "(Signature ID: S0) - Signature has an invalid timestamp", result.getErrors()); + Assert.assertEquals(9, result.getErrors().size()); + TestAssert.assertContainsError("The result of the timestamps validation process is not conclusive!", result.getErrors()); + TestAssert.assertContainsError("The certificate chain for timestamp is not trusted, it does not contain a trust anchor.", result.getErrors()); + TestAssert.assertContainsError("Signature has an invalid timestamp", result.getErrors()); + TestAssert.assertContainsError("The result of the LTV validation process is not acceptable to continue the process!", result.getErrors()); + TestAssert.assertContainsError("The certificate is not related to a granted status!", result.getErrors()); TestAssert.assertContainsError( - "(Signature ID: S0) - Manifest file has an entry for file with mimetype but the " + + "Manifest file has an entry for file with mimetype but the " + "signature file for signature S0 indicates the mimetype is <>", result.getErrors()); } From c1a2697b562f54238ca2fcece44cd025dcfc905f Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Mon, 24 May 2021 12:44:06 +0300 Subject: [PATCH 44/45] DD4J-701 Update version number to 4.2.0 --- ddoc4j/pom.xml | 4 ++-- digidoc4j/pom.xml | 6 +++--- pom.xml | 2 +- publish.sh | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ddoc4j/pom.xml b/ddoc4j/pom.xml index 15f1ee887..933877488 100644 --- a/ddoc4j/pom.xml +++ b/ddoc4j/pom.xml @@ -6,7 +6,7 @@ org.digidoc4j ddoc4j jar - 4.2.0-SNAPSHOT + 4.2.0 DDoc4J DDoc4J is Java Library for validating DDOC documents. It's not recommended to use it directly but rather through DigiDoc4J's API. @@ -15,7 +15,7 @@ digidoc4j-parent org.digidoc4j - 4.2.0-SNAPSHOT + 4.2.0 diff --git a/digidoc4j/pom.xml b/digidoc4j/pom.xml index 4cde628a6..577f8a39f 100644 --- a/digidoc4j/pom.xml +++ b/digidoc4j/pom.xml @@ -7,7 +7,7 @@ org.digidoc4j digidoc4j jar - 4.2.0-SNAPSHOT + 4.2.0 DigiDoc4j DigiDoc4j is a Java library for digitally signing documents and creating digital signature containers @@ -18,7 +18,7 @@ digidoc4j-parent org.digidoc4j - 4.2.0-SNAPSHOT + 4.2.0 @@ -45,7 +45,7 @@ ddoc4j org.digidoc4j - 4.2.0-SNAPSHOT + 4.2.0 diff --git a/pom.xml b/pom.xml index ae8efe527..6cb71bf25 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ org.digidoc4j digidoc4j-parent - 4.2.0-SNAPSHOT + 4.2.0 pom DigiDoc4J parent diff --git a/publish.sh b/publish.sh index fe6886c35..27692305e 100755 --- a/publish.sh +++ b/publish.sh @@ -1,6 +1,6 @@ #!/bin/bash -version="4.2.0-SNAPSHOT" +version="4.2.0" staging_url="https://oss.sonatype.org/service/local/staging/deploy/maven2/" repositoryId="ossrh" From 8269b914c766f64ad260c55aa97ce8be8d109a55 Mon Sep 17 00:00:00 2001 From: Risto Seene <39149669+rsarendus@users.noreply.github.com> Date: Mon, 24 May 2021 14:55:16 +0300 Subject: [PATCH 45/45] DD4J-701 Update release notes --- RELEASE-NOTES.txt | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt index c11d64cdc..b620d0777 100644 --- a/RELEASE-NOTES.txt +++ b/RELEASE-NOTES.txt @@ -1,6 +1,32 @@ DigiDoc4J Java library release notes ------------------------------------ +Release 4.2.0 +------------------ +Summary of the major changes since 4.1.1 +------------------------------------------ +* ZIP-bomb attack protection +* If not specified, create ASiC-E (instead of BDOC) containers by default +* Search BDOC TM signature OCSP certificate from OCSP token first and then from the unsigned properties of the signature +* Limitations for empty (0-byte) datafiles: + - Adding empty datafiles to containers is not permitted; signing containers containing empty datafiles is not permitted + - Validating containers containing empty datafiles adds additional container warnings +* Changes in validation policies +* Upgrade of TSL TLS truststore +* Dependencies update +* Bug fixes + +Known issues +------------ +* We have noticed a decrease in performance with the introduction of properly accessing AIA certificate resources +* Opening a container that contains signatures, triggers TSL loading (TSL lazy loading does not work as expected) +* While upgrading from versions older than 2.1.1 be sure that your integration : + - doesn't use Xalan or XercesImpl dependencies + - uses a patched Java version (JDK8 or higher) + Xalan and XercesImpl were used to patch XML vulnerabilities in older java versions. They should be discarded with higher versions because they override default Java XML security. + If it is not possible to remove Xalan, then you can set your system property to override TransformerFactory : System.setProperty("javax.xml.transform.TransformerFactory","com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl"); + + Release 4.1.1 ------------------ Signer certificate for the EU List of eIDAS Trusted Lists (LOTL) was changed on 25.03.2021. This resulted in failure to sign or validate signatures with DD4J version 4.1.0.