From d0227b1efa364cd95e271395d87a6feafa55f119 Mon Sep 17 00:00:00 2001 From: Antonin Stefanutti Date: Tue, 7 Jul 2020 14:46:39 +0200 Subject: [PATCH] Submit secured monitoring proposal --- .../assets/client-certificate-monitoring.svg | 545 ++++++++++++++++ proposals/assets/prometheus-operator.png | Bin 0 -> 151171 bytes .../service-account-token-monitoring.svg | 585 ++++++++++++++++++ proposals/monitoring-security.adoc | 168 +++++ 4 files changed, 1298 insertions(+) create mode 100644 proposals/assets/client-certificate-monitoring.svg create mode 100644 proposals/assets/prometheus-operator.png create mode 100644 proposals/assets/service-account-token-monitoring.svg create mode 100644 proposals/monitoring-security.adoc diff --git a/proposals/assets/client-certificate-monitoring.svg b/proposals/assets/client-certificate-monitoring.svg new file mode 100644 index 0000000000..5c3ec1bfa3 --- /dev/null +++ b/proposals/assets/client-certificate-monitoring.svg @@ -0,0 +1,545 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/proposals/assets/prometheus-operator.png b/proposals/assets/prometheus-operator.png new file mode 100644 index 0000000000000000000000000000000000000000..c7924b77417b029560f253323660c8bccce5db64 GIT binary patch literal 151171 zcmeFZWmuKz+5k#QN=ZsBL_j)}u7w~eA>A>6ba%5rMU-x71?dp!22l`DK)ONcmTo-H z0-Wt^o$s8V=f|Gw8bH?j-p}3r5UivibrthECISM&RT*gsWdsB?6a)kmV)QHEHv&o6 zz6c1IS1iQEm1M-lAxe&R4=t=s5fG$;O6l)55 zjU`7^LL-KHhuLr!CI-9I=%ne$FN&XS0W)~BX&P{**CbeO(L!& zd`z^LaJa{oG_X-+dl=U+kNL&UZ-Af{furl5#GXbdBO0{L2_fgX0e3a8v|tcomC#4o zubD+w`BJzX{^;(ASDzxtK+s}fS9(yNG!bed2~J~=!*J12bP%wXcyX4Pu9^hYL(pbn zEz_j8P>H6obC4IBP5el0j{PetAv99SIR;x6 z`2%z$ef)t~4mu%PIacg*CP}rIiApIsBK^XIB-}wq{;jWa%`M8Vj1sOr-Md%X6TGOm z=i$r2Z) z_U^h7WeIH9d=J`O&ljI;}MWAzmIv%A?vxjPJN2({d#4 z&>rDs1bYS3y{G@?@{MnkHCQ5wjx1V8=0T=#CPA-9uY51c60(+mfoug0TC~c?ppWIV zY+K@6I+%}NNta}zJcwcpy0sfa)uGbiMa2|OAAU`dwA(h7D^)$!C{?2lMITk4d6Kn` ztnNb{iO0rP*Cze};i2_Gf_Lpf$AQ2>>jCjW?uo$3`iaBI;mOsL$^$bLd!%Pbu1H2m zBS>Z_o+$LWxAG_ko^-rg&rnw>R>?NkOeFXmOf27-k&XC4(5Wf%1nr4O|eg&oUr z=~m5+iC`)@_H={v@Lo|&8FVd-$5@nvmIT*{wF!u?RS@EkbP?GSQ{kW8y21Jv0|Bk0 zM5g>~@GWgswSJX5@;fn$E?@XL6BBYt^Ss^i;>*U6>{rlE6XvCq`X2DI`u21f@eR)|;V z$gd@(@aR?C(m@;39YYjE6f~$+uFc+iyJvkYdF+9P97Ktu7e*>Y(ncF*tU#c^lI@x8 zVMe=<(pAr9LSh%M9B)>XS41(Sz&reTWG!dxK=N_uCi&PntTy`i!9D|(ELAX-sOMk8 z!a|)wX^bFbl9I5-aQe& zepiHZ;)U9$$4c2fTRk3eS6BE}0NI)khOMi#+>H*LA8AP#y~iF4@re;8x4_q;;3qM? zrgnW-V3f1wh9_gIa2C%)x z3@e)+Lv}Q|KlQ%2Z|W&y2jf)c{mjJdxYrGe+j6xDU1?NllZ|>V$IWYfWP4;&YtRkD zwZ*QO_VFbCl0HkbIW}{R#iI2I$J$ai#WjavmCE=k-iI5CTBBNzwKnz+H&#ByeVmLI zJ`8Q)4doZ&Pfjj5%{perNyn9-B<0I-`~JR}z1pa{a=UE%*|x}B>6V>e{!&XY?dFFG+=aZCUo~!C5z78K8zHP?Lj1vq+ z?Ooeqz)3q$y{;vo{7`RDmrdXIjrWqtaQj!4xa>rxn@n3wBB@~lr|G>f-+_-vc&>MdNids(A(C@aY-$JR+FE!KD!?GD?gv*Qq3V1u=iZewVnXo5jJ*m`6Y zqz$g!dy}EZ3i}%&))ZvdcPV{1h=p2x@b(PnjaFNR!j-96MJI2Ek#+mL+s{16J?P6z zQ}eZ*zwXGcIIOTEy6wB?9>smQ6`yG!B5x|1EySK0msphcC8hd~m8jssUwzMW<1yId z7aV=(ew3fYZsk+^mYx*)i5U7Wb1&?6B%M^=u(O(4YFyF(uIXMwT3J;WbF4q>GlA9` z)DV6~ogLpN@>L|(Tm5kS@WWi^f$VsPEK+of?sKGDCQbPG2z9xr{sd1=g2ZlOZ5Egn ziEd%Fzc|D}zf$RFsMF zuAjXetvci zE_N<1R`3L?lZUOdkvprc6YT|%pKv5hos1nV?42#_Y$0&CMt|A4I1Asn0YB*P|1R(} zb+`D>Nw!XxWB~%%;h(T`vT?Bg4I8{F1plpol7+jewWfrHjj62@I75V!m!C)I{Dt2> z`p=QSysGufs~mU!@#-%hUA`*B4kzIkk}mjl{#(E>5lkWWznL$BnGli!47UU z3O3$dbd39ZlxN*e@5mlTy=Y%`>Uz=L7yrpMZlNwsTzdQShQ|}1na87jcf}D9QShMu z#}_F~Y+5|$*(%2e=n#Jdq<{ZHii8p{j{fhTpTEtg=@0E`4(xnQ^MAsEKp`K6|L-UK z{R2_aQ7DC~bg%y(NWl*UXd(X(t^aZBr<(jvx8RobKTG`Eo&C>20QdMmclvj5`~Rtf zm_C5M$ykWlNfG!gO$#^S_c9PcVfo&!;J#*lmY?43zoRC!A1Mq6B|ofEPDjI_Uz*}P z)I+M83LL7V#F$7af)(-q9R6W9G57@V#?||xZmKIh2ghZ`HTA#JZSTyy&rvR!l7H{d zNkc7qrUc}mq5841a)ePl=gTy>ZrPwvjcZ!%#6o*`#3iNvd>{lB#B&w|Qd7HUiaCkW;X0I#F`8*N8`wn1uI&!^y6O?5!qTXFHWe}Rh_ z4mcbXz;MpTub6n~PncWxeqrjbjD~)L<7n4Kb}l(|Ai0OPs`37eh5Z`I-cSQRKm7P3_3zbO1`aIlJH zRkbDn2B`oqmh8@&|C>?>!Oi()2Pc39BgBW`-H(LLbNv}`(;$FVK_wypSA?4yfGyQ$ z$^T|a=)fvD24!2#9h(E3_^77O~-4!49;-E0m=E&u$LZPY96w z?68mr$2b9~aqFYVz+d(JS1olQg5ZTPv!lVaF&U`w;_Bwy@}F&~i40KJMJiQ<1Q+x( z;0Kh4`5FK0s~~uB;B!q~>k#;1({R9r%}&f%gbT0b=D!<>)w&myYY2ELULB>kI^gHx zu{%iLub*067G`xR6rQy6NUeR_n+ZK7Dd2Y53)VSZD8AR{=2ItAgzXo!>#>nuJGM}M z_^!(b*L1vKnM!slqkaKtV#9MaquPw%%f5LVYtN}|P=nNM+b@&1ztl*9cMYyw=gsy@ z!Q`=RKiQ`l@iRCOc>P2Dz^-|nEdPg3iPO}sIm(d$QO6WXzHjK&*Bf8Lbn4E0q$Q>T zLzDU%6;Q8Nn$$9EPf6zch0d+0&i?Qd?l~=zPdRfFj`ABrTFa<6Zzln4KO^ly21?Zg zSE>rinwaGSn{6pM3-p)6%Y_V?qZ8a8v-)EhD?d|nFZyio?(o(%PK_>}#w~bwSfs|p z&wJ?~dnrGdxIr{fcqS4xruHM~NR$kARD|o^{mj8PeC2e$ekI(qaYv}qX-b@oH@_yR zci()Y+I`}7@S<1Q4Dq6GrTA0^S*7{L3-gJLrP{Msgy!SPXD&>`Rdm}^K_)+Zg6F3y zO!kFi9I%`l$6juHInl#)Z4^A+s8MTdrT>=td_EOpZ$tdX5ta4%dp%WjW5O}TB>;zw zZ1dL8VwGk;d~W^q;Hrhy@qI&s?7N4@1nv7bk4Op|_rGzTYCL-=2DB3k2UG7Z(5O{l z!RGOivTMG}Ka5=`6RgQnuGMvHoITUdE!ZG^q?WZ;U+aAW7k!Sa#Z@fIdxlgxm1(v zY*bz452G3p*XwEV?uR@jty*udw8523WDDc|4xvg95b`~EL;5=1g~uL zX-`@ViTTEI?9d){beWR`TLPE*+uH%f9o+S5J zhy$CT!C$?{4J-B;Lf_vLr}=vC);~8H)ztM-ayKFa+S-YYN=bItA8L;d5s?I1`(N(w z6*w@2fTOGS8hR_)Fk{e^t{OwQZC=#O=QS~Qi{{xI)%D&LRjSg`SO!fKlXPhY^U%v(1%igRK+j>4)^p9lUXVFaXHCSX%*kqmfcdk31Y+}JmAV-18W`}*RY%c~~% zG>Sq#bw)*7T6Su?9-K3E+zdIRZc5zPCQWQQn&93V?`nzSu};wCc6+7E z<>YNH_%@cNXMB=X2Y0aZ%vfHMJ0Az7ehe+HDsf&i`U^&JDHP*_A}W1{&9akbs&hf7O>raN<^sIMJEkJ#CnTl#n@uM8$zNBUWN z=;)96eRBVyhsDr&9Cv@;y5$-Q0p0h%=I{@9w`-A7*8}CuIyyX}k$k(*zJgPqEPNPj zhsWPAL9^c?AFLnm)+hOR)7OVwTnu_lc{<87uWa07Q37}<$|PJ5BST}iR>Q71B5y*)8eduHAtpn3WZFhb<6%=*;OS&a-1 z&mHpmgClvl%rbk4D6jWR_~-`Hn?rlg&lGu)n!le0tcgKL?+0}k!2M-xWIFY4$;h+> zJm`lo!P13W87=Bh!h`f92D_+cPNt5UlwWW#@y`1!EeX?&;qrcbIrEvx+dA@^rQW+u z%g}dG@4R2=-nl!UEGRJR#FOVU#iwLv-ROSAM;4i~K2o{gZ!z*J>&}En)q~}vu>lts za+Nd%)rD%4R`(Y|^VY*7g;~;t!)nH>NwJaiot^aVVYmCQx#`54E%#$&Y@6&odLUAJ zry@rrPqsrTk(pP8Em43cM*h@x#&#pB(o*4LWOSk9jzkiL-Fn2U0P7cASy0*7wU`pr zs1(lejRx4H(5tZ0?7c_$gw&SSu?1f(9M>1U8Oc(ZofwFN*GmVk!wgR(A3-^MD=7F~ z;h9?Ltn_cp@o$0x_XE2z=q(R1|Ljn5zqp}t&t;?#iEg6E;Euey9v@wn&zOprGL?3t zPFVFA5|!Kf`@4tVO`S|k(8Z!t*|xl_DoNXpI>JZ9-h-r+}ozjvz#KeOVF)j z#hv{x3&^7ESwyw7`MfM!+cMuPoj)G!>;-PUk3;Sq=p(T=rktE8`K#hnnku0^`F5a! zOL7~JM*D3+oQ|cw`Pzo?5wa!6&bMT5Swav7_R%*z?mOWU{w>S>Vl_sCJj;?z{ zXmuo0Lai^BnD{9(yLcF{i*$J&>75~;KCwQMsrsHA^X=8?ga;=ZvFp`U$EvvXgYJ5~*{@ySbkP$`YnjNFzuyU@L= zG~mCMifop{)UcVcWpeUS*TQ@~LYe2$9W_+3A+`jTZ3dF7n6*OWS2t(* ziBLoeki;gO?Oi*2xwQB`RLaVm{neer#H;6!9hentsohaLQ6=G=PLkt+7C`OScBq`q zg!`lDuKdJKf5t|#0h6gErs6i~5rvuyLntFVnnFr$_u=CK^33WCowxmEiK2CDy)@ZF z{jpC)bt*seO#zP?@5Y*JErh#(YjZjv+GxE>U<=8~7OR&kJkH718(=k%f8p7=rS;a_ zvZPycsmVddC9q(!N@s^KJFUU98R9pCupAz?u79}ESa;(plXSmLHRdBbU9J{00rgYg ziFO{fwQ9M&JVPa3KbrhaF@iG?1gQmpHCppKuEGPBS$pJfjt~I`12&3$ui!8d+LJi* zSFZk&(wdZ_O{_N2fqUg$qFFtDw^!N*c6E8Ag0<>t`#fiF+yd9{^_jsw01jTXU# zxyGoLiuGEoejcX9o13hi9U)FvMh6A)gcRkuYqpgF@gFTItzvSsnpfF`Cf-m{tj!%; zn=74r%TFhUyE)O=$Yw{$Pt(%(q#aj8m5tVsE5LSRqs1JlnL6KL)bXLuUCMFaz0t#{ zG@>fpH9g_C;%Y2xsp_l6%&lIy^>5^O>RjHt`wooDIBvgvfmk{4_3MP6w@hOH=;Ms7 zx3go^x=dP27KoLK{b(owo6+=mA!)2qVTDi|m3U`YwA8!&6=pMkC?uiFAnO`6F2F!p z<5ZB@FpbCD7_`odB5|eMyN_kz%A|rS(m9amFqE@g`{ht;ehiVCT4`lr$>O%lag4U{ zMgXGK>ecZFiYV%Sk)S%*zt@RgCG*?voX_p^qE=H4!z3I^tgrAkBWj^Wf^D1;opf z(QG7h%i`oWy)G)($eYmX9T*c`vpMPd6p4?n2og9U_KH8`Q+GkhiLJ&|J%*1?KQ!fP zW~Xd5BV0O@UNEIbTbLp&ayq2u5Z}cViL1*czLV&3mYABiRrJHB3!O;H#O!0BTfz4i z9lcW`NA=V{WS>hC|+aEMU@Slw`YK=jPDl zg8gHsm#SR-tC(@^j~d^|PoxW6sX@n5nXqYEa^|@a%Ak?t;E zR&bi;pG~XJ9pKFIs|t<}=Vg(urETp8U-Y(wp(8h6Z9+qjG zHZ$kwJmnMLxhMC0+nlHQJyp4LQ+ZS?O>Z-NOwss6RweV!0A$JG@50Ofzp5w1|n{z8{Q7>ksjwU_`;?)^;kRJ9A zY@gbatS1?qZg)y15O6|GckX*nJye;;DLb4(}$$-!g~?U1Wy z%diza{b<^H6f)0A>vQsrmc3(heoxws_pS`30(~t$daE7EC#b#UgQEMlq~mMZSfW0C zMU-_%a}H#BhX|<)$p<|TT@QY~-+Lk;t=sehO{s6lCh_Yj>aczlovFCShPT~)bBg)9 zh$J|g)ZeKsF*_P<1ZqRgW;jy4*LJhL?|I(28V)@0uO zaF{4CdunHd<`c;#CW@ff(d>3Ub7py3Uj5NKV3WrTWadHnDepslrEcFe6D4ZA0OJ3`}F=)#5@R6`w0|rV9+3xoW zN>cRYdJP3~n&)zkErJngg}g&$?R{#e`)O(69$2slRQhVJ%#uQ>yf8OuFU8r$S-dTb z5xn0Cl!kXOtZ)Tj>E&&0uJ!rDJ`%pQzVYydTq97is=cXbKF}@R+@H{i`>=C;h6sIG z;cWAR@LStsv5ZDf;rgWyY%_;x`lGap`Q?NzwHwIs((O4yGai|K64%j1Km|JDQuT#z z%}mv0J^*pxMdZ%HOA^=iCzWBOwZ12m3!NWsx88G1$lMSI0;2g&g1%hpqbpB&-CDT$ zrDuQt2t%X$X_fPC-j?xoqz9PerLTTi4V@B|D{D>R&wUyGQ@61x4fGvEiB{^QAm%A0 zZ%h3ZwRpDGf#3A-7C(>9_k|>7TFym$$XvB=B|SlAV3-| zI-HY`A@oO}7fM=0I`)U!_baF|pV-BH6b6M@u1%@ak_A`e@&1s>vS$3a^QLnie#i_ZSEar zw1^z0K2bRA?20zpXv0BA0TUAJn=Qw`S2WNaq-%OF97~V*4b?pp3)CAI6-%>#7`fZ% zmg;+7^oBcEWe=Y8*(5VdiDYGkBnxFV*-a_rul?AZAKO~Y@@ZY*f3dW+hO2+0DEX7v z*#1sxlwHBdP43XbRx{7*9Xj#xGDV{dN`fPUbV1h>?JvNRwE~nYoo(R-QbC@!#90IK?zxlT$G(*VcFSI0Lzg|dUoT6OMN+!oN2Y?{P=jOw zarYBVAZmbT^j5F;uEAp8;xgl1>T&0g+`BWpCX5~?NX;=6u58zTvs8kcN<8#B>uekB zI5lpkUrM$b9e&CHivuj+~$SgD~F8&g#d9j;eZ2#WhzZ_V?NL zsB>QUVC`}yLf{Lu`W>uEvZ@dXd&%e`>^Mrqw=H zd3mhkdY$;r#X6R5-$_N^%~hO{%yqQVB}N(cB)uD+1(@4TnJQ{{gSjPnB9k||*ZIuH zu{63;ZdI}{-*%JvI8(D0)bG&`xoR$m!_yJga<#Pw!u`Sd@(AeT%Oc z*uZ&ZEHR1cv69MqJ@hNBb39lbic;D$B1d@wRFgvXY4`6@8uk$caN0__*;JH(;QorQ z)#G_w8|Qvdu5qXjEcRrm9S8>Sj)Y#ch}d^1f|+eI}dsy<=PkO;uog%l7f% z$krF;uG@pl+rCrB9(BlKK5X?0Y5K+8)}Fy1&}{2fB^Qoy`#!DR^$DTJ>tE$lw4}wxAe0{azeGE}ETDRg5r0g3UE&OFh<{e1!eMYGJE>k9|?$H45YU zrWLkCdQ|?GYDi0`yE{?j%vQ5$Ox6NfOrLhFHnIYnF=)4EJ3OwPnf ztMp#qCl?wB#Zvn)l3lDdJ+YRPDn*W-$S|aq;HS32y)NvjEZ?|D{%r}bbU2n-&MZuW zMsq2mXr7ZiQ80wVSwlXf%xyQ(&Wmb$fbiuueORO$D@*KOYQhPNl8^**he#z*q2`x( zw9L&g5n}gys(SippT={ZP#8yBx>XkBTgKH4o?*^Gk2gh-UV@6{$*cD~fACBupu~%; zrt@S+YL<9DcH%97oo`{SqVm{PMoO_bk&R2|8J44}i*7|?@9moBeX(Xz3T3%JwCR|Q zt2im=hVl7ng4DjGOjLWVM3k4j7Pp)@oyp2R6moNJFu|d&(PmDNHI~cnPqvQDs!%Xy z>UChMD(^^yH6ML8D9nYf6Q@LB9CGoAt@r`S>Lh1@)m*|F~Tl0p5$xfQc)IyM*6 zyfsWAm5>_2V-p+GXw}+U@4XpRq?eeBE-bbE&Sl|sBaon~@VlnQf`3qun;?6NNQi0x zV(ks`$AP!#_lVGW@%mRVCOI2>67KfbSyEnER~h5nIpSiJIJW9E zQ+<|&P0&I<_KAdt&QbY(Hp)O#hlmTT7qQE*HfX28Y@&x9%kF%k;MXw%0@4EzXeH$n zB9KA1_tA@J_=jDDPjBM&6L^mH5ak_hkmL!x$=6_Y=9kcUHAvJ?6!@a0o3o-HmYymZ zW7$kIeK1T5W_~ZHF@Dd5@l;^RJ5DCwKHeuYi1_eUlruJTtr;{FR@%RSh5{^x;OQN_ zerZ%Ki{4D8v%5BI<@Nf3Jq5)5Muv|Q@2YB$_2QArf@b|K8j(Lt2VPwR!;5PZh{J+K zK;8~>bJIW-{7X?^VW7~)GBSTsZZ?EvYrh$tD9l5hc$IzaH4UCLs8l1cH~x@rlz?_~ zNT_jL*j)%IyH?owrink43rXyA;_ECNJ$}$*5%%1x40A3wyyqf^nd1~33Cu?FRjbG! z^luU1^HPV-SPrS#B*#esXiXChQadJ!e1oz^)&tg@Z0do+qH?K0wQ>%PYK-?8G)hH- z`PS>JvCoh{_x211V*buae<%g$#LW0#ZxJUzZ^erihj#;W=_6L5N?t3L%^&FaUx`zf z+9kx-7^)@0`2dIqrf7%`#kakZUo z|ITO|4RHS{MLA1cm4i6E)tqPUoq_V>Tc@4z(4 z!bEccHlJiQ`Wm<__s`T_U~KGsM(XtV{OMo6LOxPsVgab<- z`3h79ADcL5Nx~)HYK?P{xIg@k88BG^FYjuBf6@oYl`aC3a6Apt6?Ryr|#9?D)M<^#7q@Sy|(s~yt{LRKMqW%_GtF;DbQredpUtm;^cmZ ziv85$Pq2oC@%lC9l&vs}n4H>gYCLg>6u{Qi z88LYjcvhU~w)V?{3LF9WI?2TsLo`@$(fw+VGxK%@#po$Jn=W z;;Z_bc=x}+7T&@KwVLRBjClQ2T9(T_YNn`Mr5v5pUj_oeV!+$#ELLJ&3ff=RdH%-n z9A*Ro@HB%|4?z(dj$04kPhw%6E`#>GXH$VqcUaJ7Lgg9qbo8vkIYV=NGe^LrwI_8( zviP?|uSw(_4)Z_Y^h1?0fNR<671Gj;S|LL&)mGBL>0JfJXkNVes`6Kcog-r?3NNO^ z$>7Cw&?MYH#Sz;(Ld@UA=iQ6k9Stzv?hUORPw|n28(HW0BdO*_S?w01ln zX<9#j%ec4y4~vBxa1-3S4^r{}idzIGES(>rM*B_Oohffdot05jJ+KPH6mB}{$_Gdv!O<|H7qKP(xMmh$ZsA@VU&-79TK{) zJ_GW~tbyjC2F$y&KUl$Be%5@yyer*S08dwAfW=ebLExI1ZJLtcmnM`|8^HAIA z_JCawfrWPzu5>5?IOIxf@Lr8{CN%F#z$l;GV;J1qJT!_EE6PV@&eJhM>ws0$GI_zraLs;V@T++jFR8bIl-?(>1DS z7O<{3i#WaWo6M)pfy}+I!IFY-Yp^~%yNClL^i^tNkbPw1=@n!Va3>WJn{+v=&{hNc zY2RH~{T+ri97f20!PudUI}etc5wQ=w(}xIw-QFBnXPdg}5vv582lINA~kCv|$8 zJ&_w#`34?Knl|L#vSjA@%<;YY^p~}(t%%vgbF%sm{ZMtSyQd2>VsoMPYFhuvu)eKl zIst&17%V=gjQHrG`N6@v}M4n!UTvlKN``$W=e2>zhRolf!_+u&`c<%$uR?oeZ?HR^|Ug3O5a3 z{97?9*8tm#S1_yk69e))bYEpx_sc6%YQN0Fn*iqg`W`*-Dlf>r&Nbto zuH_~AeP`2-&tMA<-p868CGB9djz$3jzM1YMdja+d!7b)bTv_ z`Ww90&w10#{F{10A#q5i#&74=w>Dd8HuU`N#0AZ3a>CbiXy}9Br4U%jh(m&h&e*;! zQ+}m=?-I#?*E2-XGlH8ClmG<^wIYn)+}Gt|3Hl^1QuDNkH#`EJyD;bSX#zFY zgj~?e&9`2>6Cjp{iiSJ12Ba0A_sVb!J)^9DNl#waRU?56ownpakr%47Hd#(0mPc#UkL z7jR@8?c&#b_n{hCaq;u*-=cK8V_yse)HrewB@G}ovvK202oPO3<#U;C-9GlK?ubgs zP`LyMHm!kzu?ldQ)!YNCW1BDCEvSJ*B+J z2Bl?yq5j%@{l_j`Ld!+X9AS;9$EvBHxUtkaSmO%!rn$? zHE8&}?pK(FxCdM^IQSZ0QG+Po$y#Mxe&%7ce0q@oq+|}cAoV!!G?wvi z^um5KCm4K&kkO%CI5DtrPIOD9Gksi7WU}hWYlvF@0qTkY4=jDR?J3no z*9MOS#zll)1Tv7neN*4lWhn-3Br%3i`k@PELsx&Dy#P* zPn*M_b^bN^f`i*0*+2k@u2reL_-G7x_aAXBT$pTA1JLe0NTgo~%+aD_?u8QL;)9%!)ZF^X<#qMm|sHf&p`K+emD0Bd4nA% zK1affUsJFuWg#_#f-=>z8T5P~uxbujhCZu(3D!1)2)|;3)(hGAl&B$iYiyv;j!j)9I8j~$ zOI@`xft~eO8e%^3@}=u;gQW7zk;0L#s}37vS88ozujLELB+f5@ zKP~=wAI!i6i?SYgR#mL?#z&u8z)GGr*r_*tsek197}_%wsBr-vVh`@vd@n%lz66f| zGY1Ni@#XoC25{f3azL~3FPby)Ph{X@*a6mk){fY^`yD7V>^6nB7vZI?w_-NW-|g6R zu!5LAAo=L*LR5y7pqf|-K@}Fej5}U{@7i7`AU*b;8o$fP`0>r2bPv2I-1Gzq*S3J$ z6O;@s&CegiKL?erWpl~$170_?w2}%#Q*pD9F1(}`IBO#_E})-pc`}4C4V`z(fYG&s zZ1?^X&&7qCc-RxqSkLY53Xld4g3Q-=IgoAE{KcVCcsnNv2W3c|N9&dL_lm=e*E(vf zB3lmwDc*i8%hJmeo$zU}qA0F*k;I%5(-pXIH0|(3>r`R0pS?CScvHtq=zM#32M3tm zn=)VruY(xAra0v`)kZ1&{96E*9k%>NCWHSZfbtJ(%|7tW?Cfjw%bNN~an*j~=l##M zEA&6e8(zIj|609+qGjo;jP^nYW@(6p#OHJM%p-Ot?+d2SPyt1v(n9iubcf-Un27Pc zpO*uh5|Q|q7CuU7WQC~wpi~t_d!+?$X(Z0vJ$L;&fLo(~B}DbMvv9jCc32#874x+@ z`GSD;VB(ucN)Bk*1V_yaUBdpaW=NC3&pcByXkE{*Uw|@$0p1l6p}4SQbbt#7MPdJV zh3e_U;k>svnS{- zgWccrrviYpxia^)u+*4An2g8(-jBPTziihyeS&Ift~0pHzu~Vm$Nl!3C1`c>qZjskoJ&-cJJP1--05 z%{HhM7TP8Oo1n5lX7%b%;%XmPn`}hyFkSsFHAr1TUh~c`J&M z^ONq)3xv_%KL891tKt;8^J{k*B_NmQTS=`xC{yjhECyan2QG7bU&g^Xsd(^FU#zho2G!<+#D)dZAhnI-ve4e|s8-cx6NvL5xglk&GV0mXvUfi2}R1B0EQT60=S`ZLxf$5C8 z%r5d?s+y)e;G`w(w=rrYF#}xv^V0MY4X9JE5GP5pO#jjV#uj#29POab1!J+p1W@*> zl+awjU}OM-cNFhJy);>9GQfETg*>ALj9bv7THsDQ7c`6$o@J!gS*02z(=unzdBKUD zU?PRPt}818!pyB?)R&oQGmreRnI2RB>bl^XQv-Kp*LRQ4KkEwV5J2l+$^2NC=<@*u z?in?{|98Uf{~8!FtFTbms%~7OfHUZ_d;%7B~_U`|UmUlKZFuV5Ay>#GR633vS?nsmGCnAuS%ot#?+J;`t5)yE8cb zcl#Qzp$WL$aUs7llh@hp%Y~s|sr`is!2N{;yoU;KOW}iS@{1YE`21dY0_X9z>gG_N z>3P36F%;SpGySv4b^;JRQu!);c@Pxh413Et;^=nhZX5)1-m5-R758%hrgy9P$pCYv zS%9&bg=Xs&XQ`eNC+h3iTkF?2VEn9uP3yqQ_R7azy9;ptUu{>e!&UaYzVa&av(l>t z!|=!-x;%sKmv_~^d#8S4(8~)bsof}3BpDnRXj$N9zhpFo6X<`i!#vBSJDS!72zrIE z{ zno&F;b0!eVhTnTh1|8hRM-QCmxi6c9pKcqaH*}=giO?tEmTP|t$i*vr&(VW%K|eOY z#rE%;)DQt+{);CB<-9P%SDE~{aCU;L6JlsMd4X&)8dr*#m?OY0V5{1aWpkTrYK+VA zxJ)DPsy_$jz-Ro|SQjr6NJhdMV=5TR@pU#CzD{Q!2KPg)z3m#xAlG#3W{FtcIm;Di z4tM)VUCGly+~39~%rP z_+lcsMZmSGR=ys%(KW?^V=E{sVpg3m`VzrsS9UWLQg$ ze(fw@MriS$+G;2bqu^%ldms6Ns{taH7tKf87eOh%c@;RflPl9(z%^fHpT<)Xmbh)?a_)4}qJOQfj83G$dh%CLR9gi2Qxv)rg>L?x2$&EZxF>06Si{nCVLCzz%WE z5>yE-aI=8;Cf=Q0kBj~p*JGk-nk?c*awJT++o! zvO}#;kE#V+QB@@hWDqLO@Byh@A>{ZXT;ToJ^%7|tIMi^_KSR9|K(9NJU=0TB&RzC1 zh2raMhcgweH2K({PXmPs(697;y}Z~@0J@?Hns!}38&zG`dPK#mYrX3njP{E}m+P>c zKN8`i3z$Hvv4M_4;Fq@H$@5oCuzk9`4GNt6EE3SIevsN%G`2#l2cLU{l>J)UzK0J% z_Od8``e$Wejvytu9DOj}?3o;3E?yI*w^(?p%VAnzVz#4^m5GNKZ%GU2BfqMS>BbFi zf0!gKcEkv>GZCET=!okS=Mh^+0A+lU^k`T5d~VMmlMcUn_GTfWZldSLP#0_Dw}91~ zyN~+l<@~)MT3gAyUjXL8#0%a(g>nag_X@dn;a0PrLeq|#$9~=-Wv1fg(rDOje$D8( ztD8j$*Iz!%+@S?cFpwQpyRGYZx*8c(2)dl0R0no}TdN%b?IE1|(t(tA+-LRHb;T&- zxy1r@^i?+l`CI05h|k5Rs?fgqchIl`2W;MM^zvsf%@9tc7dB`h3%9lt)UW=(Up|%F z87N8_cBy(m<^I=m#r?*k$$MNjEJY%>Xd28dH`Kpc29>$)NgMfA5E9LPwBJRR*Zz6E z<{JZECsb+wEeG#J4lxV!a&cU*N{~pyN@l^>0?y$LxE*6w89mO^^*SreaGZ9}SIx() zSf5l;j!C04oxz;#;Gda$tMwu3W#^g&K1P|_emkmx-`$$yE``wJ5BUop_2NH=EV`>t zEWHd>>m436b+-F5dzUedpT}H-cU_o13Fi*!SjeaL2toD~DrYZ2zXYaz|CF|;4Q>BN z&MNE4&Z{xdo{^L{>+a;$)4-CTd$TgWn>Zd5!{RGe)mSZ9{^tG2sK%J1)B63+;n%fz zS=)!62WWC%gq>sOuxfESTPrQ+48=>s1Bz@DIG7ZRYR&Ull7(6qZtF{2P8sObA%kEE z;`s43$2s7zH^H6()rQhQK-+-xE8%&1M6i;A+>3qK9Cp3Z`?!5=YkBPS<^6QZtnknA zXtp&9J=GP{v?@lLD3o(0zr<_*qxKV2{b(*2zetN=}IVa-Vwm;N9#-uv9c0v#@ zbe7v0xVPyes>g0eC17NI+d;Lc?)&RlvC7KhpprT?{ZS3}6k#9bSK|+f!`}#onjZOS zpH4lA&tIOyO~QG4c9b(_ceY0Gf|Gd0{tAea6s#40UthiW`yD0U1VQJUg6R3~(wuPl zR{nykr)O-D@0f2gvxelnX}b(}xoKgon)7b@h_k!P$`)6(dn?~ID^&}gW@D{nD%i2^ zeR4HAe_kO*?qL|N@kaloss_s0w-;+$gOO*{{iuBjPV44}vufKn8KSwb2l8LtC4)^X z-SxIbg@HM~#YMj=h;Z<6-vZpPecr}0)v{Kc>?=P6Bp{?=TO&64%Q~}9 z(&`{Kmi2lQ{i3m4uWuQ&);eZp)M`u$jLsh3_bYn-PPF2$EbsXaEmbVb2#&FbY8d;a z3(RV$5A*BHnya@C^XEzDji_3Clf2LZYBE;Tn%s&o3r_wY&i(=_%BTw)h7|@FLKp-@ zKwt#vF6kH%P`Z&uX^`%g0YO^2TSB@!ML-&*L|R0;hlb(15%hW9?|uINU+Z6M7Rxm= zo^zjl_TJaEPk$x-29(UCCM9uEU=vQjW2BQK`uQ8zrYK2e4!}{1x z)oaNZ3SZ*ESjOt{m+~z9u^9{L*rKQv}(p5ryO~_HkTX* zW23&FM5R5J4d-$BB2qojT0^dS+xZe9A2IYCsUNt2lyEHVg!v|L{Y5V|}pRJ`RdTI%RBURz869rG&)I{B9 z!Fh;vDybm4SrilC z9N?wUNAL0#(NcZ|k(O5hN3?0ntzPBQTOO|(lQ5~pr!A&b!60E`$|V9}zm8D0%XB+J z;MyOKv8~IK36=^;uT<>Oaqr*uiCk$wZ(Ky{5hm#3;||3Q_(CBK02;5T_e=u;UE=9u zzN5b()-NL~M&NG}sRV2X)*n{SVJqQ>*v3@oYFB zr@3rBJK3k}^;5st{Ad|>>1I+p?b7jtB-Z1QIPr-fnRZU_8xnAfDY70wf`yEcfR@W; zqCIz~Y#j$A$jzb~AGq7VI;v}&RTDAbbKe6AjLwJe30Cz4AqoT5$1Yf9&;o=RhDhJ3R3dm4yy zTNiCFFw7>XpND>d+QVHITgr_7;69m)mI|sl-JQk zs>*x6FEDKD`mZ7 zfKZ(^5H8$O@v&L2ray4^Z@>qi5(FcgwY{sA9&c`^>jEVsPX*u@`@r{q6n=*eDC~F7 zO*NU~19%yNp0(Iz%zpRWMc8pt3C>g&;)d4bGswA6SjU|Hc6QR8=^D)= z7;|GyBX}@#;P1Hk;%(p*7EA;`X1Y_ z3SA~EF0gqa%wMFVPYUkZ0_Ets(S3t3G4=%9^tVj!zlaTQOgU9b_4bmm_Nd4DH8k6O zkdvd>G6kS^r)1}Fu;w?#LtJM>tL8NwkS1wJg+1$aL^!m)=o?5a??Ov0AiMJy`@j*i5ac)PWhPi8T^<&@dno^i~XBq*TTR5VO}pfKM6Sc z6$p&1=Wi+-RyU5b0AOiRgcVw@Rn&iwaAyqAze`==?)yik&g2JzR{0ctHs@Z+O&)qd zyBB3?QIAI%#1HsX^S!r<_|1zP+!Tv@_>{cnxV7b0`J{^X)kP}#9%<+vSfGp4=AZc- zC$)h79+{J@QKaU!l#X?`m@AnNOaE}4Ms-hZ+g#gL%qs}p+SpVX;W_FR z;n`}PtQ)!?jx8hAC%7C3B2QW$YhJtXYHAHLT(Y1z8xW^cZB-!krqmId^qg{it#s+L z@^u2QSG{`RrE$?Vk5?;en)0KG!q(`;QGhrA2KO}#aFCAP8`t$IApT4MxNNRJ55P={ z`B~#u$BxEZSR2(cK1>~iwAR&1&T-BJX z)KcplVpmi;Z5t`eMqw`Gqb5glk{5sUJb`DSgK zFUWNWr%@`OQWCimP87tKLp_8q4P9wwH7GB@!l}jw2QYRzXM!J51O2&-{c^koXnnz_ zJ}-*$a4#0e(cMZ4o;QqbpnY*FxtXMjRyS_r{Nvh9=Vr#}Ig&6^L)#-Ha zqzQ00C{FjZ?upfhD_jqM72b8b0f%K77aLi z2gy)ejxLFGU(B;T{!(be`^Ar!EsBM)e+*_p?>q0iSZseZS93*lM7sCAGq>}$XI*_| z)eI?%g!g)HpZr+V4wKV6=@m5Yf5%MpDlJB#$XlW~cH`1xdU6r_myfmHM&)=e&}(6b zxAOile6H!2S5jHJ=uv0kX#XSA2@G=AH!m8Jx{>W8jZ1k$8lbG$O#%?KOKB9y^lAGcv4{UShnvk7P*p@R|4*BNI3;;xc>F=fB0|IfQ7kgN3w zJX328OVqfb;DO5p-R1=rH}B<_L)CHl77gD%q1Y`Mf7#8&{iqJKr8o1=I1VE^UD&u8 ze+UU4yZs~wd#jh;$zvQxp6}_oxocOOu5&v*d`o>Q6F*~>Drs;?sWB9fofo?MIy=4T z?`0Dn|1O)T+)X5IUc<0V_o;i5G}UPA=v^aZyS@h#9sQ95+yj8zzvI(Lw!KPeze*{x z0-Tw3oqrL1ex68PK)SPmH^Zq)Gx(s!2!$HayR-0y94R&RwVJ1Drn62`MWuW0%5Jai4Sh)Y00* zgk&&KL;JK%psSQOVat_VGXHf%$Rr1&^zq|byu&(^KG?~RORLy$uGXj7g0&dL)UjTLWL-41LiVI;KCyn7!10ia9dk7q6h_m_ICc=l+Ba98y!IFdy)(vkuy zGIRR!QJQq$dL88t4>gW8Oy!&-eS(mOZTbc)&BaF!+Xd1-w?lCK1~0d}n_Wl{IyQzi zwy5m{Rx^9g)h0jsaaXQxchDAQNNMajArQSa;&eGm10@EJb%kqAv-?m3TK17rhb&IkUsy4 zhw_D+(3Wq!D&!(^?i3w=|)J8SxsR=7WP9k=Z7=i5Ud}PJAy)O=gFWf?Mb$3-sA#oPi38^;PY8-|!|M{kQ5; zbOKbw|6Emr7)?AvT16*$=Z}r#eYEhZu_Ts_JBbcCM;f$OzI;zN^bxxA5;&)q>sP5A z7uWNIXDQreM3m1}QmuY9Sdg4sPIW}td$Wrs%jZ4e|6iAj;3aswPUVQpmwsfz_o=Z? zwre?JNo3vDx_=xf&?V`O93HBAJ^j`0P$7`mA zHvJasSI!2lLtSHP;|48WmD<7Ckv)W7ZIO4j&j20JNFw#CFQVn401o?{76eNx-tr`6Zo4@jD=6h~_`uh_cO z&B^84EqH>2ojU%GLK~byxwkCzwyR zl+_H}1!QKBjuSZ*X7-u&$#YV=95v^H3M3EvD^?AE9TjA8MmaC=rXl<-0nxf34~-2; zWxVvrZ+ZQ!NZbqR>qCF*W%IG%xm97|j7Zb#Bzy$=S|P5PV`rwdfKb!XDVpT{mFDKO z+1)9Ht(|G6+K(UQTWflGjd*H#QQOt92V*Hc=czc(&U0MSOhY4QxA1^tniOh@d3p91 zomRwsd6zo{=Y}3~!(xgGktbW1ZsXu-1P5YwyYXe_idfHUfj2G7m$Nb5H4ivvze!q( zI&@~NbJQN;g5nD}#@dt9L=O8V(rje4KZ;9KULbQW3K$(4m(RbdmPzdY_Q0v79zEWsU!mQ6S6Bok}$-(iT{hT`4&Fx|o*-X?88x zz6|7uh+mNc>J*;=y!roVII5+N`G?tgHPXdco=w`BSbHTYf=b1uyn1S(IUYWQhMk~__s8&pQI0a33#FX%gF8D% zf>E9Kug~_M`s_Gg-ztM-7&_m~=;*jQPtX0a8e3|~xTjXMj+-`?3^_=?AF?$ugYSy|@% zC~z{LvBgk*2ZhszFr$N$#K4*_pB$o{r#sNGH6`}T(nf2}dh83PM>HiKZ8aWEZ<83O z%n2@gUYdKHD6AUN!g}dhG8N{XVtPcWfr-UgrsPO(l1M-xSwK-nB6ihs;`hpIbali)XB{; zGFCS@cydZIJhYAnV^`GS5j}v<7vY;1c$RrOr#EbI(}-9uhPwMhzc+sogKSWUPTxU+ z-nw~_-Uh=-F%2mmf=Rhp1NIAoIvXd(iH8fw&(vztX5017jm~7ZNL+AD=MKVZO@&uV z1zWun&X%7~%9f|wM>MOXxNq=B#B-*!y4e*oYVh;%`+9eyWC@O7!+#`b50WZG2jrOB zG&&ajlx>{Se<9v|O#E(eJPxP+E!$)twVbi<=5L*D5#d?ZjY8;g=PW1dy7`cN%m)0d ze*2|BJa{vFb77-ruGRW-!3rE-+pzwV!P@7;$hc;6WdgF(>tUzPf#PV_+qHZ)G(iTY zFzX(tR1OH^Wq(ZxEjUfEfKBctOpz1x5?Jjl!F$TOhhX<188QYE?Qau>6^E`LpV!mo zfS1DuGm`lUtb{^rQzz%tH?yQfzGntJ*B4=!{GJ%};!#%Q_qe%%MGPCAOBV$;u!Vzr zuj)vbtH5uO2IbhKn9v+2msBaQSGuAIYD<|Qr5=-*s1I(~L(UBBZdx*pzeDannhdIR z^ZLmB@bJr09^*sRt{|{Lr1kO!C&%vYqJFwW zq;Q1k_DAdnQU8&|jl6L~yPh0^*tTM_EWI_f_Q+LC1m!(V;n;$hjR|ZdBC$7Q-&+>U$CTqYU;qI%64S^*LWB4sSt;k@XHQPcdVg)t z7S)k~#BSZZJ_Ww}7jAUM z^HQ;Es;Yk+64P^zip@mwyreSEXxd3;;+qz0BmE(gZBUg&V=XLDG)=oU-n+IRd24W8 zlz*mpXN4IY-ZS6NM#1(ft@Kc+)XQe-$7xjD;J(*qk{I5LGcKpon(42IX#N%-;yno* zt(NAe#$SU_mB;sEDVO;gzb_pn*RjnXAse)2=rrA(6s`rO!^%cJ_%y^JEmrW%0bX37vdQ;qx~2I4dFRt!jqbOUgOQRFz!O zyY}hdjZ-!m({)V&yQgxW8x+P9*0fS#3e!i#ky0gE>(4s0ru9?84KnI1 zS_H7+T9WzBGb>VH_)N%qT5vD3Xkwgv9-dqV&s(0V*WC{biflG#fBheN_D0Ovf}5qk zM^UiT#=Ywf9|*SC)is>f6Wt$WULA$Tj$ekLZAN-~&-N4;eLyxfjfdz)Rl9UL9xc%w z9JQP+)gm}d>4Jsr2V|w?Z7-hI=|N;=LNm`;MF)!cKBmu&te>L>n)h&e#HGYYH7|rl z3*Zn_)Lt+}tkr>*-?Z2{UM`IYgzg^trzvT;gJ&;Km#6W*&bDsz5~oRL*J-?Rkz)&( zb=ozG=Wx=?ep~rG=XL(~(8vq(_6I|v>ilz*`A1RajCP~1+&v%KHIJ;A#D+IjJ@C0NNoUuvAek59iSXZ{uRVu&K7LBny#yuCT(> zhJ3m;<17zjzE)adsRoH&nBl`d6fMVO_MDDvmhxm$r&iYKH5)shxhb%XJ1CUvS06m_ zSgBB1iBdstd{9CR$^rfMs7-zTO|VRm7G&yi4! z6HOmWX9yPVpo7^qkL2F$6a_rWiD5GSRc#u7uy>aiNu#AZ2V!u)`&+%v&k?f5RsHp6 zoJ*$;nga@aD&Hn`FyY_W_5%AAPZ0+TL&HD`vwJJHL}z;T8i(mgn?22Omsg2Tu5^BUvy58xT&D$0!} z0o0)OEs5uBV3WfwiHJ0p^VUrWdSmxJ7r$HJH-BFK7y!ooe#ZrZIehLJ*0Wv|@v^Z# z4>*jQ?4-AI?r&>xJVQIo%RdN8gNl7kkPBWHA6Z-PWy*lqG;)F6N6hDX zu-Wny^({XVSNzOT?!%S-e`4RZU@QbAi|;DGsK|7RH2sZUC`UJV~<(o ztm0!vyZB=llhfBN^sL>jn=RN=6C+y(5|9+zp{auYg8qkRE;LZf{YJslD-TiF2seP% zTeJX(C7~m7EWk?rn${0sFJ`M~utf9SXG@vu)Ko zV%>Qz=jbMt0cww^B_44||9WRnT;8e$?o6@xD?{Z61C2mSD9(_=I zQkTi;Dp%oH)LzG!sI|aI9;IiBm)_23;OLL>%kGmT-tBHY`OGOkZSEM_SMzfk-eY=) zYW_bj7h8OV`7BY!y-;Ss@Kd!9q51Fpl+~*$z5O7dgI_xhf}kff;6cifz~2!f$Xk8E z!jIh@x?diMXT>xEJT5igz2%5&@Td09hJeK{Z`)U*36T;m`t#qXT=rYU9ap0Z$DH&p zU$}0)Xy7od>zhKQ0pE+67}lJYQIz$6j6aPyT-hT>Ohjx>y0Og&h0x;JrILSa?H;kz z|C~{ISr>H}GnQ|z-)Q_;?*8aS0op|6mpT)dL^=&&y%3W~tFsGY=lhG&kQi9V+z;tX z^^@391!M9?CPWA$F?-oZf$m;Gx=t$ zBE@&yl2Zn!@EMw=H2(1gr@>sldoLN6*Kt=a0|YyP?Gg_yDG6VG8EI8uzCZ>q3Y#HN zW=ZJoe6TdFA0*syW;#7-Q07F8n`(^Udq?SRENl<`+B4`*H#=~)TDChv+6WV=KTyh} zY%oF3p{?8Q_~luOKid~kuHaP{Cc;LqwiQY-9B3`*LM4Hyir?UZN0=OC7Q!>UTdBbA zYrJ5Xq5^hlqd4?CJi`++PS5w7taeeb2i|k_j254VfUkNw+URlcv&WUSoj!-`Kz-!9 zGyz|fa$HN}_VZoVP9z4R&`Rwgi>F^$=h> zn?lccFQ&YaF8g%DJb8BxI-LSNJn=y}J{bsn!n1{b=7x38?hV;Mv?kBW(7rb0Ph$^- zaIIh&}nCj%iG|eY_E7+83V3sg*K<1RxqgC$*M~mmijGQrep_$om=^_RKnX zV;#p-4!6H>NqzX*YR!k-Nqjup51+@F!X0K|d#$KlAKE!BT9!YhhE1q3fOlHoCFN3eNsS(gR{+ZW1mN^n5*7wl(mo~@oJZ0zDZl{9tHtZ!@$ z@?a1-X;(iDKGP01c6jaWyww9iow>c<<>rG4Pr^R+_A7lYT9n#_4+72~Mspo7S|)$Y zsCa1Lb(}Tmp>-MVAucj8PPUhuf{#dc5LExlUJ0#xD}&Jcrk-_# z*l^T3^)uhvX%MEQFZlt7fOzgMxH-~*aaU(TDENmOah7`<)ZP6kQQ++N)6yw7NdFq) z8y}w~i|5!58yAba?_2Fe@gblvvgG$3w8os2IyI32IW%95^X}w*NfQ=0SlvD19f`AH z8m&V!O?k>yv3ZF934^Y50xF{->uhLz3fDWbe|n!ebyIZ#O|*SH7Uo9P&_C=B3U z5#%6zq{B+nm2H|ky5fxH+vwRWja$Nc!AJ3xmXL-^gZD*?A#_-vxcvPUckbxl`p@X0I|jQOaqrki9}U{?NMY&yxG;#|fWJSE=iM#yc=@O?sgP zc?GVSZFMlIZv5hJny}_i?XpYMHsz{>z8IuYQdqRFd8M4iYqKyJ9JWs(+>A%4VI}v^ zb{9PkGPLvZMn2=5&F#*<_hnzXLlb)Yuj!Ui{h_>!SCp4wMXwj{zQVh@ZsE(%r!<|z zayp#$&kEL~80L15U3h(DN=xRlySfp<85kuglFvB~kgR4;i^S#|$cX`y8c z7MycJTi;W>)JHEPH*BHk4O3pkqaG7SQx9ppkyiEX4=MqN~1!@Z?%*N z*lDx3^a0%zC=bEEaTT&o4BcywhNu@G^WO?3l;U=*kvt?o{P^{RCY#L>twTn9qa9{WyFd>-XE_Xpc2{A@Gd;vz@c4)$Kx;J{i)^ zSDSOCf??=&kYv0EC3HO-gyk}?+lv+)yWI@OESE+5ftdcNqduY}!-i>N?$T?Mg#=te zYI>tf1Rx0LvTUpc22p4w1^xtq)&^FO?hoKR-jk1RRqA# z?v+DN&nCD05TBAf3oI)x%NS@HBoXU!1ogbSq}cwu%(!Y3wTcpQ!b_XXxltX56hc3L zS}mt;C^bzDy_)~2F`*(eh390agzwnSAg-q0;@xbh_V|^WmET?G$380Z>068olmYUJ z!WbUi&V(d9%)a+P67&}XKI6)r_^e-JA1GkB4HY+G>|R7Ml%Vkp@Y+Po;DeUByD?_J ze@`Q)vka#gmO4O2&jy$Wm8%Z!p5`LJn~eNV$$p%!_l&IL>2gJ%c1hGb?r(n!i4et0 zdj9;|h!h?)NX_08$8@Gjks-wPEfEi5p@!-}GeOWA0)ztEjWqL83y1U}zEl(;&l!GH zcHzLQFbuL0`hM}is`GKfMJw6!UP%jDW3eGJUNPgY9Q*Coq^^5+?Ib=o zC^*NPcYM)3k+6F6PG(sY8QCimxiMI&Z4>l8=<%g+I0dtW|UQ@X{Mr>Qk?9ffpZxJEQCDFF&v$Q+m!P<&Zrkr4M}L zxc#VRM09T>E1@Y~IelW_OV;aqOi~rk)CXvOwfF;RlZqL@@xGGi&!xirNIAhm+*!-O(j`-DmVpM3Oe%7-=CbM0UurANd z1F%i9n4tnslg>v3dy=eS?(P1*+;ui7?)fDZxj|?hq+>q2O}nToM)&GdSs*&qJpE8` z+^$c^>{-DJhslLwq4<MRa&_*JJZ79bT45c_i-9LRjh>AdgxiJvsdA{#-9b zVc=U4w!B{VGoQJ(|4MQe$s3pj`xI=wNL9%{#DKA@{*tRG3G0kC<@bAS87Zt%##QUF zOK@v0Ss-Qb!8-DzmsR+a!D9~*wmDeSw~`<+8qp7{EQy^-WXmZZ+z(cV*7Y&8ATiY+ z6w(pvBeLGZuE$B5%(V6QMyl*)DH^H4y`)t0Eyxo+t!l4yMzyiY1}Z{5UXPgG6$f5* z|EZ(;{&hip@4iHEIL*uV9BXEAhDwW%!$bd7!IJqX>U&~n78czp-KR3*y9z474?ZN|pwWC+|~Li9-#=FxF)DuNqZ zR$d=pN1oP)Sl7PSzdveMoo~ zOHOAOeO%AAdggjLrLV+bO0*`|B1&N>q4*TmEcakK5N&!Srmj$wtrQ4ld#9rgjNKq_pUlh{TmA?Op8R04QqCD@%2t?;U6!^9bJ`jX%*gk=9 zJA2|RrW#>O-<#i3*7k@HXm-FCmRG$%Syt%HdWz)e){drpJ^qV$#Dn>9tX)9jJ|5p* zhy3NN9k90kiEg{+`P;V!>RxEV{p}B;ou!5*klCGe{DoRj+h$ z@l9XxbHTc1(X)*Y%+Bl}*zV@f)(6{#6Y+)gMa}CES`P;{!=d@*(V@Lk^>Yh*n;0v$ z+K*G5<-)%a*#CaVeL6Nt=a$<1i0Bq_@9PBPdeNuOxl83-6Drfi86l5Ha((vt_9E{A zQFPbVY~*#vZ9iHiT6rBcd9q)hEfm)_w#Cs1r9XSWeL7S$lkIAjqhEc|qttRHV=^z1 zhm*xbi}zK3ZRdx+PIb^ju*IWK`zy~OG2ZPysoN*}E5S)III$Rk{|#>PARs*?_yZut z7DC5!B@L_HVpxy^cUpJ-AgHd|Ka z-L6*Ao=KSP18UKxXEx1u2h*bKo+l3ZdM$p`P?!+*Y%+fIQ+szotDwYEHRst`xh>g7 zn(ypsu$?dUEf~A)YmQ1E%wtAyZ^WB@siWL!{BEvy8XM(blLc{I_?Z-2se!nZw52&N z6t>z(yCj5XC*fzr>cP@{iEcmH`OI7KqaZENnUxxIH$_fI+3|%1$|ZpUN94>|W2K;o z=F%)<_?RARyyj<5t~$`g3iA1ABQ{=i{ZA+jFO52cXg?C;ltx7L%j=}1-l6!!301OCyd+-4DSlZYx-kS;sk&(t?abbKSl{L zIZ`Q&`xWcRkj*B@lXNd7NxH|se#qzVT>#~WlzB&!NoK2ESW$*9cYrt?^QZUC$UBt2 zgP?ZU^T;Y!>*b|{_4?ACs4gL-$iYyffrqb@QgXdS5!Citvm+igK3HZ>1uT0$=^`|rz3f(M|TdmF-m;@ zCYj&7NxVvUI3uo9N(A`r1E4mBBL`$ZGCNS0e}Ek&ATjm^8gkEQ@zFZ>m`GLC4UBbV zrd}iY#UKbgseY83+!qo$9|onL!~f;`P-A@bl)Tnxp0?(-vYdg{0=`Cv?Vn+b-^TV#Ts%odnL@SKzZX?PD;@R@ zPD=g&_OIag_Dz+pWLDg<*zuuX$CdC69$bl?0NeFvnix=Ygeq}wAAT)Bu?b990P%{bPJ3L?2e>&D&j!nEoh8pY zBp_%!(tJ1Hx&`(}{S(-5UIjLodRK41d3YsvqZjir1h-v)%zNegA~F78wXxc7Bg~-R z@w|Kk^Ov;{(8UlT*UczzNeDC*`m7AkT1cdA&)VG| zrj~nSEYleONlE5Dyvl`S0?|e|U%SkeX0Sg3o+SVWJH?)A9$?rJPW9ALX2_M<*eFAf0;RptmKX%q;m8>TlnOZX8?}c#LD9tr(a4lV z6=Jz^;-gV6dHa3!e43j|YW$ZG-uW{ZQ0Dtz zE1K+4azuW48kKi&Z5J6aXIQZSNg;A8!oGQ0a!k+@NQ@d3%h@Q5>)*KJkFGYv?(P5B z5DV(}gkyfcjp>w3ls^cJ4BLm!&WE-UHCjD11!`))9=<`n8D&@=stC_u&bYM0NrZ2H z*+u!AIca+ZLd?0{D-|&-pV2fGgn)_(WHvxopTgyD!3~BZ4Pk7UvLp~0{zN;%v5_>Q zy6P(5G%bCL1Z7Q}RgMdNG5W*uaXf{24*#3vlW*H_OoHwAT=OF^Y`7}ZZ}IB8 z5O-j6#3@l-ZBxYLO`3YKMh9Qhmt;46(z19hEJ-sa2V|Sr|6_lAzyTE~J@z2wO!DuD z)$DP}+zfH>4*EZ_QT>6`_kSSO^^Z;mT;&jl7cj||IiuY_7KyEr(5tIYebV&h!KGn@ zf&&J+Z+5nQA_Fr(M0dz3WCY_=ALLY^NDvY-Rqzz*`R1gMue`njvOECD z6usU2_Ltr_N#V7>H|Wl~*@yWku`)E6-K&KSoL>1LbtF_}*!YF*-GB1(|06H6|65+= z9~_kLaq}|yK7|kxyp-canQ&+ob3umf`5qE93XuHb{|$$yUQSyBDj9hvJ|PsLoLA&QtxZ zo(lUag5fCSSq9&I5V!tnEVDTD3blV58@JJsRvGtFid@d>WhzOL|g~fs*kj6zA^_+yeDK`7=J+{}`VywnsE{pilnM zmC_Cv!)Tbwh685>ARw0A$Tr#=m4O<7p0I#>yP#O;%uNaR{|*cV16zxJyMi+A4Ri(L z9dJqm`2MF@KrXgnp7Vz+7q?CA(%U{xvnf_KeIkt|%5UCY!-pGa1icjcD|zDE01JGg zb16>BiPo{s^={@bfK6hqw036%X4qu|pj%h&Yx+kju2)i_q*CEe0MyhS%|g>xqQ*o^ z&(>esQoErVNc+!x3QWF%p|(9xC>0oMg(MNP%0M~zRZARYuvSC)^xkBJk8Zp-H*Bjf{6!oI?4m(tQZU;m|{`T8LD)8+rc#3FlAf^Nno{{l=;{! zwW{WXu-#Wm}1OtSK zvQG>kT6?dhXP5`c_duK4wd;c0#tmCA7IZrAIZk8hzM=>XSsDT~Shv=E3XcBWi? z0HFo8E#P?uYMC4Zwg8)85N9;i*ap>mmcG*5^WLsoMUudSL0@n%+&u9M_#1pQ*zHCG zWkyr%E~YLSUiIN0pQz*J!{n~J53Zg+0(gFh&j6|9{|REd+JUzBS9Z_I9N@wj=<_|Q zNNk`cZrq`?jnu+OiCqyL=;AZtV7r+iA^nXKpu*Tn!{_O28-ES(Q_vr8{-b2|5NNad ze-ke**QmtN5c|rX48p8W>a}lFcbw4n=ph*W0mr?+Bz@#Adj*tUk$7-0VN!(A9}+9C_;D|m=tXb00V$~6;9Hm0&2Ad7qDT^h-qJpWIe6vH zv)step9!F7UEx9?m?4lByn^I6nOAht(e=q%iV<2c;>9i zdk1ItMe|ZHZ zeXKo9ndf@}igm*;fownd`+3mcwS>OW1i@}U`v2m}Ld5`AhMzS*ivfmjP0n9il^EUC zv!KxTv&v`=yG=fiNhJK}%$hZ^2PgfZtVOAO7r_5u%8;9OnKuiV3C|&f2@te9myvM4 z8|gxvK_8-gJ*8H=FTeOLup3?x(*C+Orav?o4UlmzSVb|Vzb7=00rl07N)#8h#|3)6 zVa!+oKLBeIKzTuVBbiXSw%72C;ePqB+_(HBSg-3$uqf_aOvoDglr50|S?C)Y%#^my zgpGrQ&}!iem*~zyJkmaX*AaOrGpIe~Wl+prvac=XP1hQ{gXgQ!TA)gBM`Z z%E}MutHtnuUu#$t{v!sl1pIfKV;zc#@T*RU+f`N27m9icPOcXH57M8yVgjs03q@ES zN*YNa6Dj=uq1g|p^VeP35)4r`!N?D$880-gLVB^7m$LBzJjBmNNxuQBHa-wg4Z!L= z$@Ull!ZN~P+b@JMb8g{wasMFkQ=*uo5#Cx)YY#~$;G}5ord^a(L08#%M_2OTCt zi6Tl!CQ=~yW;kjk2ei|8X{#G({KhDnr5k6V*7mi?+KctIYD>xcpLqHHs?~yI8zayUwK;CS%3a>t++C?A0W*c! zI$Chg#0#=di`0C-_UmHz@xSYhiyakBZQ=sbL99W!IPY>& z`uV<9{4*$%!~yAo&&c@{G;obZu2+!+@q6~qOjnbA@`wGMOyrNvxG7%S%o3UueL5Pf66imxl*IME z*$%OJ%ol)f&~jH&ETCrA)P2RE1f+}SFH_sFu7~NOGC+qZQb;yfJkbvhUx8iDDjPGu z*~v`>SdTNI>pvOEiE-YpE)om-9Pm@1m#K(`%LL8B<2^M9CVb~VkT6V8mIS5u0KmT2 z>@aNgqjawJb3%V;{w3lk&$Ws0LD>DE`JFG#q(cwyN}*oqP+LYD&0q9-e0#N$_dn*a zM)blg@~#R5v?8+)iV*3KOcx6SGwmby@#~Dbm zbse6tQv-g^Bs7V`E8suQ4{$?ZtlK?U{R6>yn5*6C^T2YHG<{)q&}Sh4kli(7{>yS{ z9~l5GjZZR((Q@K5jIg9hl(@)1FfJ*)mTT!AU(ryuQQL^CozYcl=l{D5R1_dYX8a2l zEPb_+VIJsO1OLUgfvr7`coT~T%Y2kI|Fa&Ike%rr;5IIfCcAHPVZWh(YXW+){o(;{ z0--qu-&nHuBd9UVq4MrC5Uf0R+>nvlR`>|JDvJeZYPPa`u7|l4&wKw>$fu?&5Nv63 z9sma(x&B=c@EdL@>Hy^a4DAPLu`@{Ao^i|wPkW(3`k?Oi3pBXFt&CUF*K4>*`z7@9 z13-aA3|uw-=Y8KT`~*&DoIU5_vp%e8waG7;&l^2zwrV4`$6eH zAhPDQSn*o{AMJAs-R&M24nq%Lx^^^Au43{p;szubfK+H>zJqT(Lml0F3gXNP6fS_n zL3UT?mN1Q0o5KjbjI%0!$23q+beumQ~nwq}JBYi1h@rF}qBD(?OaL@rLA2 z`po;7KFz)RsVz|f={^jXAmZT_Pb`EqhXfQLOgJF5egF&pI1F^?dw}x+NslN54q>6S5O8HE zwv`JI0>21!^G)b5$!#WVc!f(deVwBrS}}{zH81$kUYUpF9CJyx-ZMPazKBwlJC}zS*o}F{mKFv@u#RJ-xb-WiH@? z@?&IPzAYqCf(V_GD|zjIwY`IR`1j~a0PXOiKLI`MH>7UwaJchGeZo5eb0Eql{j5fF z?fYo+AKiwPCHr=7UdtyJ$h!kXnX9M+2$RT2`Tpj@W(gp-6?^@Hq4eXU?y|<9l4Wn- z1#3w{5DhI$cT2XqI(mdx_u4;r6l;TksN7SY345f7jmM*I)*WOST(jEGJ6TX5Iyx^z zp}ST~_%lE)AuqK(8Nl#+c1>F zwdwY=8wCAB_Z>k`37gnlfZFova}x;KL+~0r@J}Fo3*{x?&kbJq^V28$L+=yzzxW&X zpDREa3NTF3XsC>{-4qK4@I4bBC$K~ z0s%0|Bat&gNrc_x&%DM%^!Xg~p5iN;jwk*fSJ#=G-ApR1V4}$+ex_l`$6F-ebyDB<=aH&v z6Hm~H?x@b$7g_Qea^Dy<;Jf@ed~diPzUwvj!{)yOhCjr+{otCwgE@hDVCdEhOMvI* ztNTuR?eR{)&#q&Y9;&zmBQ(}O!MEhTRTq?k4ZtS1ibtjXdwpa$KZ&OQhO&V09U#LY z@S6bqq0sZzo0s-6^%E~?6yYLJN)DWv{Y)Oa^!xi-sHWrihP@fG&HUBn3pDD{D-H9cy(V6t!T@e#8{#^Di2bLk$91!K zR|zN(dLLXBU3ucsVvE|IXh&-t8NN3Kc3OD9UF|=ryAmq)m$yl;^yST2y;d%C+nLYEF+`Zn;BjXc9o!mdpsQyQ=?>5`kj%pbYp%PbIbq=N^^aG5(Sj~)$Y&#f-bXCP|?OSYt)z1(TVpM-~jU2 z{j$&ozE6k>AkGi&-OK6nG~~v-ChkjGU!of_^J5c6;!0W7exez<9TbQcdY|s8w!L+D z)!5IA+r#C0$W?^FitccbgN4nG{Ga@l;Cw3j;$V5wV~CH+xc0`Vx9vjm0R}z=@KPv0 z+TEzWAUN<+pww{}{{9rZ##WuTw*J>W|L*l{ zrV7nXLUe@Su}bLqYvjM)F8o!%x&9L#j5Y0t@jJiO$O2WhZ0P@^6B|Oo=HGDSJ{-M= z^e^nK4bS&Xwy^(?{A)yN$@pNWPCP@Oi3nY#F*X%58oEWaQ=SMHfn)goCZExgj*{Z8$7SX zz8o|0Lhrwj(;y?ZDl9nu=?C z83yq-p#NjJ3EqFY&3zh_Uer@Hy}uzJ3S3*w+~)Y~0#x}urW-e144|D)bpHdW7Byjy zi>$h#(N+LAa>+8yp#422o~39L{LBfUU|J~-<2^Y1J!7DV_$Gp$40n1+V`hRZ;3R6k z>u{qu* zoGcLLkKTd&wq%W?`j{7f)QOXwYr>xBy$$(KT{DRRc^WEzkV2g!bxs2SXvv5l^7suJ zSq=v(TNX#hGYag<8ST!G8$G~}3*ixA140{t8gZ?(H9+WmR~7p`QB=d%(Ti}K8)(*8 z5&WI=A6u{sv2WubZ?%((yXiWI3O^SCNbmHMHscLvGy#ZSzE6X(>jh}SN}+S(mw1{W z%szrhM#j8DHZFsK1kC**N=A9aw=)23AfoLGobtK3Wj@6SCYe1UZt@6tq#fB{k(r+xaQ-8nmmDCTB&!I>ln{B>ff#^R>#Wet zmW$!w=C2`|1BNK}e(AymaEMQ^b+3bk*t`hJKs5ey656jF;xU&8o$%1Z-vIbEuFZv; z0=O2tYp()4d&9|YH2WJ=J`)QFHmq)0wgy;apFp&EW91F0fDg^~SEy;yFjG~u=?zf7 zcK{oeeDW40?S0^lQdI)nATblX={59H<84X27_q1Sy1o_28qW z-Yx@KjaV4^Es9n)l6#V*++5*~g1$E)RIJR<{bT6JOCWo~p^Bpq&SZv1w%;QZMRKgCA`*F&74ytIyKX>*PxR7Wj5RO`wb-sJu9KDAi?acP` zc45yh$kyGHHoXqbdtFDL_fg}Uh+vA9TFLrOKHMO(;u4a=4ftE4um0^iqJ2#$8@vyo z;~gJlMnujV5=TO7aNAfdwkv=u_b)l>iHrsu^YHrig4mv@uT;)G_2sWr+3pOD;QmK& z*e7hZFmPhv89AEg2lBaX#%drTN>8pc1XtUq?9G_}gtkKhe(s!(fX*^Z@@pdnu^J)+ z#~Y7#MgVR`#x{M^e;Tq{aZvyUpVtJX_7fX^3#uY7VVV+S>)%fD6vu8_FQx z5hUQzzP~LC2a2A2XoMQr@gN0fQy~hfJ>G)!V%MD#csT0&_duXiw*z?W|JH0!XbT~{ zG+xJKAt&zC6Qx$%R@uVOO4*YIL07y+7wkeBm_*?87f?QLY@;R2mPF|?a#cSSTiuio zZQulZOFWs$K7y;~?mJXBYmbKzDq)BJ3(Yz)slwWKbLi`fdW}#WNm#&leWg;r$^FyJ zoN$Br^6{%SzX0A$9(Xm~kXx;Fi^y2f)u;Bml3!mZjcA5PV#{QqDR6NJ!sb#a)q|TP z_TWLpsgXvTD{zLFJ<@0SL2l6U`TX z%~hQ=c6=ix5IM-mO^6au?G_~ZJ=6eB@-U>LIP=THkDdE-rxvxb)C^xyJB6LFH3ZzE zaZzil(7X{OXZi&f21cyIQTF{0_-H^ZoS0JDoCClq8GJUxYG5!M8et~ahtU>63>S&B z@~6DH@{_cd(Ikw##iHcU`>%h=;s5v^2WLjGu>HS|O27U#N1d=(r+zxdBkBOV@&IbQ|CQ?7t^c5BS#!!1iUS`xNMR) z%V+(*y|o0vN3CcOFCm>DGWgU$h`++_HkJYU-{OzF)*m_8Y+e*}|KoXp1ot18T0EK@ zc%vt%x5ob!F|bj?6+~qHH0$K+{6nB{!e`fu`kh5A!Q_e+moN^}MQrwM>_9IQhp1jD zlDah3J2?XfhF$pQTUVXwy+r<)^E)(-NWs>YViP;QZ-A!UuF$16!Gqf=FpYt;!dPW1 z8WK9apxq1ycF|Tam1_dtLHL3X%K!dPTJZ%T#1M#*@gvI{O?aaUa4e|-gy2%aa62gD z6pjy3OI@$y#&LV~ z0A5eD;u!5@15Wk>!DCFg;(kbj%^)HVs!AXovcWHrVk?BTHFcQtSo6`@ahNPb0q;K& z-aq~yT{ngEnvGsb@4>HS9)|~CuS~OS>F)EzdU%2eQL;mrPPox^v7yZ10*@}zN+eVNWxwV)?nE=HDvSj$Mb=`pLn^xcg}9#E&wWUpZGqCJ>0y| zdRh|Q;EU_>kNJMxWv0#hpg`{R=e(F=1haSZi7+;7OW>LOe~Q;`AuK*jCP2QbstXcg z$TW8#^U@Z$BUQVcO+gozboT4cY5G@XtJgLyqv4z4UM20e(La08 zJit}flcRO77oV*7N}iOv>_J-iF(2aU!I z*|}*VZn~B4jc`A%B#H7-^=ENvtQFVZFR9*#9Bh$3GYH;%;kOpYceZmYZwBL+;bt1I z#dl~dxMTyiUR!|K$umqf)O8&slHV_BaP|8 znm&~JEl8V_(oQli3+f#T4$0@vg00$vQwByRBwgB!my=8mGjTHX57TT~?rw7-Yj9a% zQx|?%Gkt?4GFxiU+O!d+cNxXw`i%04N?4k;!s4$G^ zUih#)iVb;8V)CK;;xfkS;NiG;wbMfJqa^xoVWSlJba#!5FIlJeWcV zY!l+;ufAAZg-)3mj+_vcAQ~g_IUv#1U-QQQWPXY_4!H*uGK@0N>7NmS*Ql$H=< zijvC)&~1$~O%&0LU~ar-wJoz-Rm+sgZd#lHJ?v*hw}*ONSmHUa7MgLW6Ag{qR^sut ziL=*xwD3pIh^mO`yn4N-1$=zdnyagFyCx6D z^qo)kEFvln=0fy)pL?i2cTvsk8y6%9&M?Win_@7G-*aK%kybAn`jFo3Uh$LMhu_n3 zcV=A1Gt<8f&bn`OqA~qsj^>UxZzr8szK6%YbL!!qJvrCElQIrk@hVe1v(UWQKMNX; zyAix>@7*%oQBzxPIVqLT? z2Vdj#Ly~jSF{xM5(2DT^iH8CV=o}D5*uwX}J-)UZ@t$Ca&GEir+pO3RIX49nnY?ok z%7o~k1P+RH!Rv~x)%zpAzJky+Kk)VnIiFTsYm^%R)J%(wXGO^zpCIC05mGTC$QWqk zqACdT3hwK!J3Ry~Y#Su%3wCQXPgRKNJ-Yrk=E#h-Wbv&FK$P5z2zr+oXj`HY9M`EtTADtIH z-Kg1Nn&8!^ZR2K_!CogB4@}39qG`P)J!eN9CtZZ!^b+su@h1k65jFHr3*(#&-4k|8_gaAmRCSTmTVg`#H9B;F`p+%*;!CLAm6+6MGg; zjX323k|BZewFnDzG(o)F*05hR5L&VKG=+HO)J_2R1|~hQ4?JS1W2IGAM@h0Uh7l%O3<zum`55!#SVo)g8>ZTvoWE3YI#TS3TNFd$csKBCCw> zB|PkWmebx!woQHW{KD1jj$g`$q%8}9Kvw=rZ}OM?2QY`Ste2@A@XypR7I*g5GJWu&(LTH8}X-DWRbEo zkl@zXUkZu%#Ta8--bMOcIGSC(NvmFX)@j%zZdu#TyRAZPCr6#-+4#42rWDAHQilXitE<@v{j@B^+&c1@gJ+TER3tNNEg@Ac9{M+<8>1S5kYR$__tKpQ=; z-FxlF2%v$$_jkJ$@-6)ax_@XD{DTTxJa|I_D}gimkjyyMXKU-3Z!(S-?k(~vN{FP` z7?=)a>8s_lE9$&1Xut5NTyq7vQI)FiRjYVw1Kz{uNJaV4xo%+c$5>P5m4NP}i``sy z^9<}>G0CuikEEY|#yDhzL0p`{e5NklR9nN%6vjbIoVF>0S*fCCt~l4}>gt|7>AEl+VAo80$COjCSw(F*Y6e%aJ|G z^uEAaD#q#BQAU|ozb29-_B|Y@^RMNv7PVYo$&J}=J&Agoyy*9U(U@4NTk3+ZrVItH zAU~ww0NmOGQSijN#&9p;9AFjB;`u0D7FE_$rv7GJ@@l50%{{%sigfLA0D`#Ezvx^5wAl>6XV~9#S%(xX=l*+BBVD4tH6-etm=24 z|9-7R4CapmubE;VX<8g+?yxD3`7Niw)z~*Hi~TS9HVgy;LSj8>=c%R4-&N_R&l?@p zw+JGty=oqp+?=Epaw+=W_9phnWq`!uZ;hppJuY<(^!F6UXHv51pwVfk;xOd$g2=66 zFPWHXZZjrcX4%w3tu&DAMB9(w?P6ai+csy9aOtSLw&e5FT!+9n=K8pnG({JF476|x zx>{0NW_LBcL`ks~1BaxgGK_rhXO6lOK**VihCZ1Bgdkq1s{j|yLKIjmKPd@DD1 z{)+P}Ek%q+=%>m2xqR}Ej2r}n*O7=^o5K9%x< zW^AXcy9{^=9JmMR1O-!zp{b`qbutqK+b$j&dA{xLdec)Q^z|-&rV|cq2JeUk_kOG- zOyNRAw%1S>T{_;~%W%KyQrYi_MOa7*=ZWCR=(3;eD=mpUBMYd#3gje}{J|eGI3-+e z&U#@!s(f&GkQ6UFk9s)7lBJuBBocGp?2)J2Tm34J$_?+za)sWO!@&Og_rDbcvFyCT z&U*^(OWs6bASk2TjI8Oy4s&*IGnogY4~ZIO68zE?xOi-RVIcJB2-^0hq4f7xTSae$ z3!(n6w+(F|2TsbVH|65Be{!uwU_EfZAVU9LGb8Hdt}0R9m|C7@i0nr(ti~Q6YHh|f zpRz9e&sQNe)@|5TMu*~(Qee(WRW+DsC|O@GtT|g(lUdDIvPW6y-$Sz~$<)`p5;Bf8 z@@iC)k0-b(jpy~dJ}{-FaY=Qgs$6EIYVZ7;?PkU8Q@zQ$I{)YNE7i1V62hvEW#d+3 zKJsW@e_QR%#p`R6tSq1g0ufD}KbXuVX;yN|JM8P$cQ2ebSx<7x5SqO? zDlxpK`ZK&cNS|_7vq8_Qn{Y6s=;g+h%s~FEp$39J=tVevrWhQ>KGZd9__xOh0U?_O zOoYk(^6Wf3?sfgtw|zfG0gux=%TS6}NHt*Cip5NKdb*Vsw51M`?~1P=pGX6Vhpdu#`EIS81#!HmDB@eU?;%C&w#-=7D(n zv+vgBG_D;#$&Lb&8wQwp+;A=Y|G0gS*}{eI&9>z|}Xa z-g@dcWeEdgSN7^zR|Z)F_-(p3?3!hfrC97;G^&9YxIJ2mYzz8d>3Q7wY2(}z1>V?5 zkV=`}<=VsA5{O@0CBY$jZaSbw0ot@*2(ilLO+CMwyBOpV5aJU2a7D@+=0dRurUQCl zo!T$I$U4F+=!94PSI!$e+5*!(>4{N}(him#O6-SkkEy+pK{c~`rKur@bAC_xtu!lf zVq$91D43ndam*65F%^8Fw7)&B#m@_ZQDO9qchyOg9Z%BpvwTPxc;xR2E8HizFVc$E ztG*`K*Iv!uK?0v*H7v6%rWhu#l8Z z*Ra&2VjQS6$lW`x7O?VzlzRW9Jc1z$T20deW5T?A@6&UFhx&Q{!FyE@ z&=N6e;ta2bQ4mU=(!6nbCPH6ZRp$w2xVh|~{(eYrtI=gB`SvsRkR3wVDa~nJah1VRd6DOc67@ucf1}R;|9SF3 zcmrWlJdui|2ERaX`o($Gd>Rpw$mlf2=90swvlIWk%6Zc^@zt7Fnxmh^Vh_)b1_bFR zNUSaY&ywGgX*6vcRKJ9D`DpvnWmu~jc{_FS+(|*IwYnzj4us? z(MSiFWJZQxxLqo2IgSXZE*{57qecNG-BZ1CeSAZwj&R(U49G6OFNTF+v{L> zgW-#ZYf0^7Kg8U8n3X=#x#fAU4vU%U+Z^gvvH@wNC=-4Cej}<=qYTS+1lXWJ;0hT2 zlZ86`_7^G7hxCsf%ikww1xtQgk_uKkqi*my)|6EVQ10^8xgQ$FV%BY9JK0TzQSfr` z1+WOWej6?030qWo+~-kFeyC5^?CGh3gx^_qJKAn^h7Ds#1yf#)P)5Ll!6q$C(jqrY73x<{K3?YSi z{b2DFkI9)41{!&2$edpC#*H`oyA-4v*x~*dZG6IZP@||qFxoDt4Oj7ZB*`(5vc&l$eEO=q_LG+ zLQu{KLQ8mzDK4NXU>WDmH;?BL+_qOHB$;V>L5)seuoU09Tzvle*AK8JKa=H2*7~%M zE*oj6T}iy}SrS&GpOVkzX*&htjl6s%;&GxaRn05N#+N8dJQC%bP7_*VKC}C!$YX&S21Rr}p*h6Nu52r(8|)P)F+ z4Lpc^^B;5@@`11dl&Us~#*0&;u&8SEX|CJ`p}RTkwulZ&h|qV+4ls)MWoCXNe>lDt z*B3?8dbP3$Fb-AaV>P`2(#7IL*n>>~WhydqeY-B_B}*gs6V-s5mk?lz8SHeTj~=yH zlbXl1v@*I)Rz4C-xW9+4wT{nZ1js* zBJy#XZ67pG9IAVms1120ZEj0Uzli1r$;lG22OkU3Azor1ykKsQIx<3T6=q4hYz`CJ zRmRQYAye)rW_)J!xyj@mWb<~Dwjp?Pln_UW15(3Gf*lDIbZ@oasLLfCnVUS31nxep?~4%L&yVo_yaTT7e>0tK zAqB}mMH@ic?4`A-T$eqcSp7mrgCxsUJ~;dz-_xf?e^>hXmzD^ zygM@EJS5Fdsl+NsR?c@}tXHkEZ(rduPuA5-02Ak48Xxu1s`L(B90oiQj*ofnkRaT( zMV@NS;_v)MP2v@OXH5CF=>gPUh2YM63cAtw&_Q~ducHFOanCMX95fdP!?s9NKU9B} z`GEK3fU4`*=E!AW_Ef(rw)mMt1et=OJq<+JhQ3Es!$U&O{TDaAKSP>=-bG#@D;WI{ zes?1%Mm0YUBvSmG^5Kb;3iS;ewd@YB$Lr^yu*&}7)|l_s$(A!icF7gB-Iku>iImLK zVVVX*YzQTc>Tc)2NS|aDT4H^N#QdgOqJCckj10oWF}<|9gP3I7GkZy|hnNbxrL9ZFkB042&Lj1!UinY;y@ z1G#5oOkT;N(6;B2qvGEbE^t@2h7-gP)jvq1Vh;C*B&o?!QU<_dOq;v~x=yWts73k@ z4Kfn0M*KF?sJEVYFlh)2wx?*9UwD43JKGc>7HCkY2tQFL!b-cD%ws&bfLiZxN5gql zTjiNxA^`hz=u;P``p!l_%8fVJi6r)qmBNe+16*)a+AQ-&G@lYAKIuuTSF)4g+PFLl z|HX(%Hv2Mxz^YZ&;LO+Q{J63^Gr2}gZxfAH&P#hLpQ9?KMQU+{*`_GVK{|CW9CK^< z{;M7^XfUM<_=lnvm-`rgYmU0+aFkW7m|~x)q9cpzefSYCJp9D@hy9;O?#-ML@K z#LmJT>+9e0A1u*ooSTJ?9t>Vej;UC^Z)zdt|LKOtS@B}_7Rw&*BWhT)<>(8GynwCA zeVIyPAw5UogOU*Yf+ubV)KOfMb@c&lAp?7Lu}UlbA~jtlI7D2J4k||Iy%eS}T|5XQ zFotg3g5Hu46?x@F=N_xCZ|`9iD;x6ok}^3$cB6aLAm!}Hsv;xX*X_5oqy-aw8G#IO z3ov9LOEh%I_wSKP(FWQ&m6dRtGhVo_b1$d zBc(xWiC<(~g%(c?#+v#nMCcz0#Wila*&*JKRAE%vsxidoR+WIlJnUowcK7CHe;8;&}fvS7=kmL#7~qd8OB??e64XuFROea#yz-+KN%u z+O0h(kdm*vTo3}|g|srcAE|A?C+FOb>VMEtA9k>Ag`hOV^-cSA$|-9ikNd5JC%<;e zIV;&gQ#8aCK4xevCAU9}w8s9FEtWHzT#r5QcZKG8wGLHFvF~Gik7|2{ zh2U?2q}EAOn~rvP7Y@2#_^GiHue8PRJLfJx8J&|%q<>{-YiCW7i`G?KQ;3MDw0?mm z!72e7_Rm?IXbeIFJ}}{v4~FHx)v=VmdUPpGoyjzyDYzkcpAkfE?k-*|h18{2r7Lq^ zhNwteGiqnwKK@|~T%cH%cfNLnUdcMobTL}U=5T`qRONB24XyDt99QM*`O9*Cvk4YE z(?*Q0-*wZF5i*zOxR}{z9~ejfVq{=-UvPgY$~d-~B~kQ8{|06E60+WYUzLV!H1abQ z`(_Eml`++n2P~6EV@oAq1oyy@TU0{&X%8QU<=*1pfy;7&%pvVZcl$0Rey0z*&x~*$ zkvolVro_>Y$r+^4_D&MWnR{$)pyQ}Uc_@imc%0njF6F*wZ&&caVYr)21`j2pqH5hT z|MQZQ+q2tw6UwP|5BSwhUGPYWL{z#7ML4S{lB;5A376bY*BP>B`_SKd)Y#)6_y^u; zE{arp#tOk)BLSg9@xv+$ZB;XqxLbw+4+(bmNTJYsmP&z*3J#a$o-tAv7XO@h4kZ2B@l za@3+$Vzgg37ZO01S?=$B)-#{_Nystm4m~UD7{`t62$$bzTEsSXErK zgnG+7h3E0;_@fnq5begIg-j~X5lz9B;iY)d;rPWeq~A5Do&hjvTAFN z1iP0gMzt7|XkHvI?w=hW4OTA;C+%3coC_pPiP}p0hkP~0k4`9<>~f!a;_}{|R})+k z0ZQJGdMVUEnDrBsaPVV!-LbFcRSmR~R&HOtrS`Usm{St-l95)o+b*|Tjhn|A_R2zJ zOuV>+)#q1@TH<&3bPIFGE*}L!WXiSJ6!c0;r)TDTG_lW5oM`(UyI#9EO`5-{D=l;@ zajldvXQVgEF?r=RD%X_=&A_y~w<$F4_9^kyGOlVXh@FXWk@t@82HvV>$u5Df){~?c zFOFG%*X{J~Z*y}B4BVY=^qSG#BK5$Pa;SEu*QyGZ)NyzW#t2)qWv^H;mRmhePDtp$ zYgKh6a+{+|abQv!92s5p`Ci;?&==7^>7jZY$+>b_bk1m3&_VD+>wQsQs5l2j+=*1H zNEdX%rYBv}vh5%%KEVl$(cA6&RF;+rrsO&l@5)3!v0Siyc4~x@!3Fve>UmG=>9fK& z(=8~9t~#(~)=ojqSJk(suA8z9@H1Bg>WsO7S*}9tbW_yk!8<&-Ndc+)`nJ|a9}lS% zQd6oYELi4BD^UP7Ao-mJmNZ|O8AN}O#iFE@9(gC_#BatUo zUHQi{f^qSp-FTT(bWIQ@s7id^-sODaU%{aI`DIoAC=D2_yP#9*{yA`J;_G`MIj`i$ zem@siY6SOZyKouiLJRVxUnh3QMDkeC=sz}a{+l=LTyMfm{^I;7@qYlVr9 zFp8CGn@b(fpst2ZEyZyPXUj`^12Ps}1x0DekVJupVMUeiGtQsW)0o@~CsU?oO^`BZ zi>-Iv#0#ynRZv&nWACE0Axoj@y?7Y&!9(MlQbMKeswKb2+ZI-?s#zATJ8RWiWjwr_ zAbYAOPhd6ug1(vozgv$XA531S!IEEh-p@3YW4 z32NsXNg|GG_1Zp454NOhVbGPr8n!B1!W`@To*d2iSxE!3Lq2|})R!bY()M&wf&a5G zs)N?g(z!}oh7KNtSPI7$BE;o^p!r&o&lgK1aufFn0TM<0aliOa7dqSr6^3+N_fM|Z zqvl>0Zwi)=fVv5+)o7|7B;$&Uu3^-i%1KG)yRyM4>-#@3>r;@%{PH_k)1)1uBp8$4 zNXmRjpEcSUU}bM!!~K#tgsW2+?ZFv3<)k;!Miaxxm9|41)A3wVhq&>#0|$K=1IF*$ zr#kA9HiS_wA7>vw)!=Rwn)tD|uDg@(VEX9pQf2DB9ARn651R`w(?KPJYL8i(EsF%d zC%G+o53R3ggO4h_9C@wz@dy}xMQA!lqb?^}N;@_El=?iXd@5A+R~(r0cQo8S6Z8#o zK^;<{CxnwH`pJLcY_rysA)~UIC5!^Ew!ZR{=1Ip?{K+cOsIiO#`Z983SjE7yJ-&zN z8J>bEW)$*9c5O2?N7{P&h#gSSWGS0$1e6Y?%{~3}0lkg#tEn** zf{pP0{W{X+Qsr!OTx-X>!^)$sr5a7Pag8pgq{f$ZPFQM?#h95@@hSudI zp56L;qphW1L-?0U>%E|%E8!~VjFWP|hy>PhaWKiXGKJv!>g6mv3T)|w(&;Txisd6B z*`8zD{&8wniwHfEDGN3HzB=17G}o@jF3lRI*;^>l2RQ;J!rW&|D@8G5b*6_S0?gVW zwGDfAL|qob>c-3}eAe3Jm7Pc*zQl53mxP?m`Gmb&Me|;dQV`tajIf_}HS~GFE=)f# zT3hpW;&@EJrK2b@Z_t0T%Kr0sXPuvSryN>Se_8Zu zE4gq{Th-5Bq|5E9n_0h3(Ju}#=b@jPTKA2Td?G5175p%Dmd*}H&X|dyK|>$ zs7dU9JuE(l729#fZ6?~xv7P)3`Zknk*VVng^v27he=Di@X_Js(b^Bye;-ERb)LBJC zi`LcftGZe>9gU+aAqV$g)aVF^jeFqMu_S&M*O`T{&Up{xe9gx2T^*f&El^+W&e0UB z%syVL*oxJoYr!;{ylQZ!3YdO-7m57MH-$uv=_;aKKUs2W6*&^pCJk@$)8o~nTxzw0 z{>tVZg!xfb7mw+O#Xk+#LNmy@+tW3Pe-vdUOj3n*KSTDq=?C)?s^9^h4!aAI4PC$LvTd$V$+tz7-q)VXkht8^1J9(5; zo~oBkG+K=L)o~DJi|DCuKV7UKl7+`_rDF28YnN`*b#u0Sz3UN#7B;?LrmLOb^zhxS zc~P82GpP5h^nM5l!(LYswxhVD<}f!|q|Cxup58N))i}NSQAR7XQO%sbR|1yts*?6y zKPgYPiBi(4vocegXrL5?aU=$5nx0U$gT)D)zsC$hlYAfchA8ukc5N1iQ^d7kd&Qh+Iq`;an7@6sI3ryMq}_8Uox?Dd}QxOgwxF7A~ z*jznb_jdc&qs&5B%^9Mmg^%>d*Ip;OF12NG#Wj8g9WZYPkzbXG61aK9>G z%wsEdDbKe)I#>dig;}K$4Q~a1T&s$qZF9o=I$hASsmKINrmrbsV71c{GpnziRX6bv zJB$4$TI?och12lu96;c2+qPdvO?D%tGT!I%+euANj$t8) zly_lV+_^`Ajd5?5`|tJQpPXTiKcE}zFzwZ)j{=mQ;QriHl?HTJGBX#0aEp6e3OX_b zNrRVOb3GJ=SuW2_?((uPvTSqO^bj>3w@`QnPamz#qvpJk-3;}`&Tmxm7?u`-{kzU$ zMF@>c(-RM|>UyeJr%IdV^$vd?N*P>^yjn797)Wv9Ia#n<5|`T}Gzp{zF;>G+)@hZu zlN{}@sxLO1(Q$DtJJ0G377DZ6gGyzHV=TUxDe4Le8Z7}+{);v7HFI1$*6Sn4;|z)F z%5D~EisfRogB?oO9=C^iTW8>kAT zCoE8k$l_@fB_YIS&vs7U$^juc%&dbFQ4sjZII!v|xSg5j*H9cdBr0rUJUi@yk z^C(K(&MnNYJ;{C5v~`QrRdvwtbpMA(4U?WrPM)GWNBQeJr^idQPo~&!Z-z*J$}t;A zt{b}iG=%ORC<)}0fdx}G1zd1Uyi@s)XWB^dIx}-hE@>sX2UjLyfzK!i^9Wn0;JkCx z0C&W$aV{rb;z6nmSX_I<7A!Wx&!ir|)$jgaxQ}3GXL)o=~ZY|4zcs_e^rYNfgKEF=>9IfLEn?6$piqh;|kEI0G z$*S0o$VLii*buR%rbZ*&Xe0MKwN&{ub6RS^UDVFn3EHx~+xK@U!cR&3;xx3Zw z-9BB`{N-$U#oZaU(SF1l7JEA6@o5k$@7*X``VPgbI>%V=@(1f14MCT4`O4WEG=09# z6y=3v<;9gc->Q0@8s;JBwgszMWX4dqYI%~YYn|)C+;P;Z>t^TCf*fl}mjMR@|9ok{ z()ly}m_b%jHGOU#0V(&rQ5(FX4&x_oyK|LDUYhZx9cz1Ds(Hd4g@#U*rn#BjPi~0? z{oP}#LUKiBNET*CxwHHmWvW0GrJsW&2#poTyhLy*Ztw;-S(C+cMcKzdd(!acea%-m zVjM19BI4QT=O30J1_Ofn{`&a$|R4r^R(WaER z`6j8cJK`&Yom1gfA1iN!uJmKxpiWCn#IqL66A>kVpOl$btFjS>~eOc5s|yv;gNoXqZ9#OQoSI58)4JSZA~WLC z_l8G8)tZ`*r%|g{LQ|I#xuk9LQ4YI4qbQ10jCUxFP7yoVUp!u`W^IkeIdfZUac|Bezima zc{dH6_Qflu=m8PO{W)+{6Dly)9>cVKWq5x)zX9>E5_Chzak12kH##$QRX?oP`i`h^ zbdoWHpllocQmEIK=p_@BBKoZ*`E)R}rzI@z!xyEPwwf~;qdGiet}nQ(oNGzkrt)|nxnKv(6rge;=AjUib4*TtwWk_T}KJsVWg1NTH7R{$%1b4 zs-`))r9>)3XTN;$;*gKO*%P7i1qHV^sS4_-+NUO1Zoe0?C=i)FD3&c@IQ1gao*I}r zq%ZDRn=h!Rm1)UdUDvhCQg9hnI1{`Z(oHPzYB52$(VcN6=fL5>oFRLh~bxkU?0K3n>AUvR)!BoAT2H1bW!QKpSOQ;rFNNqqxj zMsQ>u-(&*0k6V7bRQ^cCvqUbPFlCDs6N7$jOT&6i4wpU%pN+ImhLm+WCH9kno=4?R zwx6om&EHdGcGzq32l6%r?K$jc=%|moAm-WP??D&pAe3VWp>-O({`JO^@g^FA)=Jj$IIGjmQac z9U$=;8G4*Clj#DS6@(Mq|B?YP_ocbH?;o8{#8PN^$i|5A$``qNT^tZ(_!0IiWMcUK zp)|lS>i3z_I^-gGwH_Qy4sv6Re=8Vbx<6*<-nUh#%2Jepu^FeEJ@4FH`}?aePu1`F zt_#1^7f0qp*5Tf#zeOJ?pI{1zAohK-(~_wTkJIC}o3f4Ro<($)vMU@>(%wZcb81x*vT18``I(A+snAX5#l`R#}hf4*PPxvA~ zRQ)zW1Aa75DKsF^S&fyTV2m+MZ}9L1n#&_>X+mm(r`KNA2jFGBplL&# ze1yH<@Tm7W+@R$Fq}w5=CIa;{Nmg$h72wKnsm zi8v5vv*u-1K%yB+VDSlLP&Cl!*@`ox9vGW`*4ug|rDtaIYySA=z`>tL@fbGuRfxmF zxX#YnNcAI=rV`G$4<&CPlnvn#Xf6U@*^U5;g zTf*st05PDKVF@q(-yMFC))v()>qt_f<5Sgm=c1It#6TZawMg|j;laEDu!!HSu4TZ} z02x@j)oHZ+m?uzYeY*(Mq0PPA(rEzzagK=eUEyMa3lMqOhxRl)xM<1Cviub-h&cau zs2(l$?{+`9uzfN@(1aju@DW8M=?X9O`T)|i#NVrW4}RzP9MG1L^SLk@(h24@+JgV^ z$Lk4b@G16dZ4_)S)Ypu+fM7$MbrWlPqyX~jz;zP^bW;b* zSnl)xqDBgiufV5m6u2zI7l0k+=?klp&QyjN6FO$7(!7d7mr(*PcLdkbH4`iY0Ta~p zzn@)DVDDc(;6Q-0&I~NmC}pWx;SKKp5+OJz~T%rBI%#mu+t|2mIKYaLh9Rz$=dZ6b>aT#KBIVhl!{>y`ygMxYV5ARg~ zCf4XfA-ErK;|wtTbrziK9S1e(nR8@M#34wEvR!w9e|#IM53ZsY(YAXx(2(4?Vld#Y zw0J3i<=IV@T1*J&`ggy{O0~!pw)AOrUGEM4M-z0G3lbN<+t4oZ@&&7O>Ytnr!Afky zplr2p85x?6^)takpkIMJ;xV@!ggyjB!cfZhhch2YKnw*NC9B$EH$!-Q zF3XT+N1$X|TKvrE@MQpcawtHfF5mFFMCW{mCZHlTN}oUG(1(+;7%Tw5KRiBXgho+gYi9UoKY%cD zntm7LS4R*Dk$o_EO(YQNC_yuPo~(=lOwS)*-@L$BTFoP#hvuI`qQHaytxlvOrx-%x z0Iv-JoC;BZly&jS({}@)Jr0U(p4Te^@9{@4$3(OnLGqG_cV+nq-_ndEP*N(gfwTh8 zDVAG}Qu+ZgJO#ibC)u&~DQf_G9m$3M>6Lhdy>xtWD+PLj@}8>B)+yKCf0 zrGDS797d_~SFJxxjw-?FK7~?@z~1v*Z`>8`Jnx~&&Vm+m#Sfi%@DJ;O^*S{ZyAU8l z5V`7Nruq}cgdHOX1fKq?$vPSGk!&}9x04-k%o>}@hz+4Zi)_D9^~xaNFw-!>L{By< zbsE#Mpy#J<60<@|h261lacdr~oaeBCIYkUnRQx~Ylnj^fa}+bW0amedjg>_$P^u1g zTfm_g6tu;JlaB)JS_$fev~_<=+FgDMSVJItM+0u5YAC@TB4WNKA$hsp05Px&STF)H zO4ol{`aa4KH~ETVa^TcMxUTQH51x4o77o;4`g=Yq^QRQiIQ<1H7{@_`-DAf2D$jsM)xNe;k+IG?$^*t*s(UkSkGrh+)V03%Qw zW;L$g0RbGNg3f&^K@aL!V>vU9)5}psXqUPAWw)RCOJ^@msPCE+Kr~4aCacJ3H70r^ zQV*a0faYNg+!48pcmuGK35a3I1p59$*Mxrb60GfWY>XQ-LSsjwhZx*q{iFsy1OYj1 zhPZZP?!%!3{2S#;UuAMUzWh|Z^ds{u)|?`INr0YUhMNQ49esyA2c}FH6l20nvqnyV zCwM5v9%x8Puxmr~Ndkyi4A*!oDI>7vZk7D-BVhvQt|eDsfwI&LEzDZTlI(c>wg&BMit}#zynp9ut zLWA@(A~dq`y24E&#f;Q#RwS>gUC&Fwlo!e>PL>-&T3z1cDBuwLslLMi?}f&K*YzWH zo23B59~2Piea$?;0LU>rHWSM#)n59d+Me2tBkyRPkA@`3XJ$)$EryuzhtH!sx1GoM z4ABupt_SFr#K%el1@~^%+6>U3VF{2;C`mgBqni;n6I!Y3M%l%7L-g&)22i3+>%mhW z-)R9$)&km(3PEIvCt~TE7%>z;?V=UO$Fk!>(wk$d;pC_T_-cQl_M#vZ5Tt)DIS$|$QeV`QK;JI`}Qx0)}DC7F?FK-~z z4B72^WUoIK0o`#YyY}T9Me&R@CQrv7|l@mkqa*yY2hRa`t1TZ%; z#Uff>z)+wl&I(@B4+&fTc0H0;({s0XQv!qxc+Kkt0Qt)X@~6n$b@7KX!Jfm2jqr$+hw_)@mm1@pxEeS3=7R$bMO$LogZoBo z{xdjx;x}fH0uQ;UDqw$E-`z%s3fp!zmA49H>>6h1;co|PJeJeeSFp%3=VfZ2&Wmgt z(^tVL+}Xx4>htKdE}^z*;n&=`hKxXXUQ*92KrOY+Bbnj_JMJJJ4U$HxMb&MsvGtrJ z^wdk1UX6$EDJEV=gDGa@ZhyQz`I^Yk1P?NXyXpD}+jgm@hw%^P#XmK8sXohPWPYQ` zLc+L;2PUAgfLL-8xxvj}e-gi4fa3KA=YO1bxcmNROJFH|z;;Bloc!99q9BaHd+~=< zo-Y8Y1o^FONv@9w>>ipUJN6?C>E0;s@f$Jsgx=tgv~z86fWvH_{aw%>@O#aZTL@El z+ixj&;ZgiJz1~u0%~BP~_Uu|zxsbn#mj~gmN_E7KT;J`iIDd?dAX48+H~$9 z_T}MFx8MK85FtuJvSkZdvP9OAN@Xn>>sYdrB|Bpq6|EH6*T}vb`z~eQ_noruvQ3QT zcaNdx^L#(o_4)ntT-PJs^ST`>zvn_BS_~BwSbggB)UYs^~qIrgC{IeJ8kM` z0p{_G@9^W_2UC*39~ju`Y@SEPy<>lob+XW3U@s_bny7HEycXoGjwfSEqoD;e3^|** z)-A+;>3HpHIlvQ$um?ap=r-=~9j}n-9(X&NpQ5;;29oqVpzTBfsJ_(3VA9&Kopw)i zt;L@-oZj~YbL)c0xcTk+o1-*sj_ugGzFz~uk>yGwDWL^JWS1b25 zb=s^n}cZb@T*AMBcRpi4D<5QJljC)>JG^(ZjF8jbCtErM6mJ(Krr9 zbQ0@Noh|~-rPS)4584mPUre%k1bcu32mpTVByj_-9zt^T5L!+X^jG|KpHP)~Ca1DvKH%1M2)N5`KvM~>U(mGicSICBL> zr;nF#tjNmg1diiHVRP6=JGYpnep-ou-7Ph^G>3nDK&)y2n5CBM91|kSB*i=wJ+WD_ zg6!=A9xkI&nx!R8-IWdu$LAm*2VCi>y&}`x%FY+(lRY~Hwi3c*M~pKlcdm&fXbvbZ zv_wYOJP5_5j8bZ*8ppprAqOy-b2}F@u58wC?8M9AfqkO%ZeTn1a;e_hc;LGz?WbpG zU+@@zgT{Ie(p<9-qlPo@maRT`wfdXw<wx)kuEkNyVCYq{^tbf2by`UHmWVbT6dIB{@s_U^P%qaBJ| z;9p5L*7S)1I#i%w4aK>j>SVn6v%uwe?7n(>y!A$L)yDx^cpU_20hMYxS$2xeI*CsC zllOWA-s_&I(sAsNg>+F7jY$~hD9}b&a*m_yiZaGDBbk4ZVsROEy?datJ@(T z^F(ctTKYWciQnI;F9&z!Es%Dag#D*E*t7t15Se+Sdwgx6?}1Z0p{7pZ(O&(y0JS~N z4dv0DWSHsBqH{*Ch5mYtDu4~$3{8lE*HHe)YaCOdIGbvqKt3TniTCn_`5ARj&cKXb z3;cbCG{}P744wXe&miz=^SU;SD;Sx+=KuTWRV1Q^F{m7)&~d-T!QX&8bXu4bJvPrf zS5-cT@&x-u7+D%u^awM)nfm;dvD@X(YoUTGR?e{?&K4qCNsbTU{s$-*Ud{QLRhEC? zve_%7^$y~J#pe=|<469{1Xqy`B@g!BHU1>1Q1~6A#W#~@-$({S`Ez4*j$OD5B#@ry zTuW;pAlfwl)&$@ivJZb3Kj%GuD3dlH9%%bpJYxRAqpO0E9Q=4A)zKD ztlSh)$JB7~v7NQ}nrxof83OBelyCfRw*wWxlfil$%@c1!^b(MJq|HIwl=NW>G4~5d)ojv~i7dvC8kN8Ys&=%U zCnPlfsd#Ka4HQR975ev5qrjDVj%SBWi@}CVQNI?Vh!RZ7))91#Q)B+KHuMn1p|2<& zehe+mY>O+>9$k_^C5+CN<6Il|zGLZ^6D#Rt1=2@++_q$3?P{se|5w*8v(Yte`Vv3+1{|nzbKs3pa{^=f3oG@i0@n=@^4=? zS34xoHGP$OVeeh)B^^;jF=@*(`<97Ujkcn(KA_|$zTn!euy5_o&0kr)2RAqQB3ubv zp1ZhGHu-yOqr&~e6QpyTXyIZj(D zUra&Z7%Of7#6A|r;dTOoZU8S-M^tZ)J8YxZP*Y^w3UNyFs|Ca2?PhA{#?tjtTfa5h zliLPTe^9AX;QrsfuS1jR2nY{o4(s-^qQg{j@>Xn3{nl^&eGK=}V?gohf4NZXV=(ys z4T}t)?nMvE+G1_znVIUHdV7k$4?2T=P|MZ-`=EYh2Br^w0S&U2TyRu!!1hs4J%18Z zKUyPe<@}pSBDWh5!NPX)-wgzcZQ322-(Zq8yjP)bYf9ilkZ%M&mmwBRG>Y9SYcbT$ z&2<%9ol$kUf3JlpfU6ZZ9RIza&xt8W{=&*DZCgECpYUH zfQL4W`3I>24w>dmjJz`3nyWv?3lUmghW_|D{A?k+s$=+gncsWHE_D;-YoG0vuUsE3 zb9!#RIy#;yMj02oU3(bzu#d$mdVl6FSX94rPpdiRC70@6j@15Yrf)<0l*=_h zysbImq4GFrvIC`?DbrB@iyrS2&1q7;FrD-o;aUnsOv3&R-p>KgD7vQOw6IIBW>-IH z(~!Pe;4AQ@RK!HZW@o-$DOA;Wi^P#=)%mLJZ@!q|Rz%vc|L!E2Y2%<_?HLoRGl;21 z0%>io)o>NfVb0q1sZPFF>cUyZ9jiAPgO%fACU*{XG`E*YY8h6y$SHT|U7pLo5(?|E z2zyQ^QXJ54-ZgaiVykt%Y&vp!JiVwn>&0^D*ChaFlRjL&HeNY(F)AS}Q3Z)3!}F~s z#|Sm|78p`9#IG!;UcvcOkTtnHhI)Bh+^KrTxil=>l&0l1*A;~S+cg;w98xu;?S1jren~Le9ni5AuEu-9x zx8FP=saqp+`SIl2e)|TUBEbyvPDg6(w52`!pRDx;S|YATZ;1c+MpkoabWbGy@lPI- zYI+Ii%W))U(yu2kGL&0IWjtMee7z|bbBANC4s&Me9eKr5H9}u;)k6$=5LMsc%qz(@ zV&Lwi!1RPk)T>X0Hg=rlDF+!I<7iH71wPBAN$9bsUW=>-)It?mqxvK>#b&RA0L}3~ z5Mf&e6@F;1(hD$8P@yGkUa1akY_tT%jh8rpNP{RKn@Z7?vcVi^xlV0a*{$X&+6`nR zCpSY6=Ic<2kq3*SWXMyeL6^g{G@veS}t`3TIPE4CALzL zOkeaNyb5Ktsw}yj6%fPDc+10RNu>3o;0pqu`p8(@{^{E+=32ym)*>Ei!gc8ye_lE2 zn>ykfVAu>o6~LDN&LEO@E+|)N@*b`#^J!Ov36;n0ZIKAp!uG9(;5=1sGdv~x3!Gij zMTiJQ`|>E4{uv*}2#JxikG}EH?fyQ5^JWJx2fb4y+W1Ti2Ml&>uZQ1dfP6{KdB?-n&@uvt4+^^CVf^CnZ1*)nu(?+q3?HO?}+G`dAcjw;6N*InV9qjU|{ z9)2Y-_aFzlw$Xj2G3tg#Ef)Z8pZxk^Z&#@PVIn9x)Z9}j95&EkS*@$?`XjBh=VLeY9J@%AAZ$f<_YzY7qJ13V(Sqm8 zAwVB`lZfVjb0=RF81J@;eAw59S7~!N>9{j%Ih?`0w;rT=SJp<$45^Qth?SDka^Q>7 zSA0>OsC}-ft5q$&{WxG@JtVeJzH-10vc!L7S2_B96pLq%6IRjekg#rINP=_E0yOhN zkJE5)knu`*LVVSIi0NF6`Qq3(pUrZ{g;7*aj-LN}x)HfL@_BCRs3+G3M|}<_Z6^{P zce>8Bu6qt)9Rf$hMzkV#>j7%pW3VzC=0u+nq&ui7&~+W-+}S8=y#2CoHN#`i&~mIO z1l7~89((iK%g37Aat4eAv zJV)gZ&oe`u-)HhxxHjc@_GNRjVBWzb?{;%3_71*nMHsyZPcLdp|N5omM~j-CWmXcM zeKe{qf}Y58GM>1vTpDGd-eD~3$ZLZ^iJvt&~AxN2DM?#%e(_eq5g zx8(V=5Kc8cc;zZ!U>4JIMMU(fdZwGlPIN`z$1LG-F9fYlLGNl;-iI<{KTUz6vK@ba z-Z?`!#<2VCH&_?@q<9<#QfY8NDjfFl>rdNvLSg%oMPaUowQqS~;{|EUfp2QRDYdH2 zlnvFpo7NWGDH%d*pggMP(WjeNgSrEX#tRuNFGpnBT4mmv@i5F77v8T_VhrX}50?&- z-Q9lXTu!GeVVVZ9k$|zeOt$2%FUu=A$rkAh`&C2NMjm-g$qN#mSm(xY6P8hd3oWLHmYTL~LpPQ&eXZDNM6RSBtS4w<~?{di`Us`)wb$R*oZq}a{@ zi{%sn<;Y8mQoWy`W3V(zEZ!?cc4*9bC475}grnh5+$L&kunvC4_&{1ObW1#K$lpr&`l! zzd}&IVpzJ21uJr*3_;%Lu9~{FTj;TzHS7LmoMUu$86t@OIV8(h!7c6Lkm=YUKVJ4d zjY8WLFN06wPoNorVUE*d1HGMI;qKw(f_VvE+VRt5=F&Ogu0D^my)o6+)bFs-J#aAb06XM4+>xlioF3hGq=N^-Hw=4 zJe4B9IWL`IIsNe_S-Phg*Trl}7WY^2f)qVD<_B!a4U>ybuX!hvd+$1RBen#ZRbYKW zT58_?kvTR<;{B-1@-!tA-ra07VfCEq4%dv05>%RiMs>VF2WOGgf<$7iy=0wrC!r6< zGIHu&Ql9Dyp)yBd@A}9%Iqsc>Nb=^=!V#URcUOUHSHA3|Hn$ryX zdv-)K&EnL4gm+g&s(BQf3?CG}eMmMK;{F`gkoFKn#nm7fv62X8g#Knno3SjqPpBc> zq(mjNLAzi=V5ig2=C!A(7zyOCGOgw8T7&{Y>`lqTJCq&K`f2F=+jf&#T)7^?6umj< z2tj`v6p{NcQV8SW!cNjc*3hoh{8jbg&!8=#)NUJU{6mB;x4o^pVd9^Ntz|L3%Gx6km3sSVSFSDa{ zw`#m5MOLhGe5yYnMsu5>bC1@DPhkE>spHPq+v)fu@=l4_EF-u6l?9zTosH!}JP4)d z4xJB5w1h}=v<-BXclI)#$2XJAm^h=x{TF^`uD`JB&5kWPFsMoR}ux| z7~W~ORY%jNRxeMr7#Bmi0jNr7L;0S1dm(|R+x~EN%u|Ag+ZDpzx@+0O@iiZA3cD?F z&pOitc$5oLNHn*k655oyF9AUKL#yzy?AG4-lHF10&Xue2usjNE_N zcUkEN%1>WFXIV-NzlLhOWZ=oWN_M_*Hmw4#?Iuo^Ob_{b1`_zzm1t@B?adZS;KPd- z9#!j=1-ks zmdDNl;98OrE4VN8ht_)A`CYy_K?fG5s-0T6b$J`IGCo@#LI_hoGzs78d&NQBbm+c7 zI$OUSBaUD5rWW&Ng)SM9ZtmhbE2p$bAzCPYtAQl*@ovwmcIaV`$CAT*lkIZ9$(!D? z0G`~T!QyXljz0dmgRV?FjMrEWZzh63YH!E>HX+>YS8ZtG@@pPqH3JWs^l+`Ezt zOu}@D$#O@3f8}6&%T((p$|H)JVXG<_rJ$Az8(;8ZROcy{SU8+r=M)-(ho7m1W;Be+%1+9wvLIA-S%Qr;i^ z(@^$!*x?Qq66SjAxrNWmn z?NFLti+k`uhn>B5K7dVk41){jaSza z?Z7iNH7UdGurQM=2%rOC;Ny|myz}uVR;eMb^{m^-z)0;vunwNh+AFZLY`H2%&P47}H zNO1)urh9`gGk%7o^(^!^du>HI(vry@8m5sOn&-No!CMV_4dvI&a?*=N##JUa=U9lQ z%b!7H-bzoUUbs+i>c2ij@pw#6oT8=CVjrc|?|#S4)Jvr%di~tW2^)oI0fx-WN@Yl2rBtPXWe>3=tbwvo|F5EA-O zo>iOCQQb?)CFX z{XCuJO0X=ayD9r6>J0dYd;42S;eF)tE{TWp3(53EVyntbb3GG(c`yoW2UK~0wiFwM zL$g8$`SESJ{}w8SCzHwFVFAsAT!|g8eET3B4-sa;oGGP|v+2Q2+JjUDgH1Pqv{5i? zAWv>ZFSl3gSGy|}nT&&G`+S1WYLV#~`WK2+{nD)r+Mn`6TVtM%ixyH30bm>9{wM#F zjIuqUPbp+3s7QyY)LCCb5kCf-tXTkAPqO)RIP5NAA>9h%(ZiM)KR3NhyXMtVmbH(s z^@i`c-TsOovgl2O=~hkrNgPkDbjO2ea9#D zGwHJ$Jeg6xbyS@SdVbNSQua`@NcLc}1Z7+|*H`fiU>4!xo>QvY#T^5Kp(4&O&F20E zMCtdXDg~D-1My^#t-YYCL!0!4N3m7*{k^*sj_;<$DO`f?fTljX0?Yy_WLc7JxxIW{ zLsyM2baX$XKq8kn8S`>ywe1=?Of;!B63S1%F!Hzh!-|b2gP_g&U(p0K6!6{Z8F;#l zp9UHVW@xf644Us!PyG5+0nR|zNuhm2-C09-OqV4&V)`}-#$lC$aN!2TCyhdHxIB62 zY&?TtFWiZ)gBy$x@+dSDoqM)RK5II@^LZmPCDyVd5vh(ZABN~ZF; z>~D_H*UdF!`-+;+3ldxfxKhPp_1)~A#L#T+OPSc6+ILnzGYIoa$Dfuj4Upb~)gP<6SGNm2f8xnF#%{i-&**?*(l)X- z#x?C>8(R$vT#H@~cZc_v>bdJx>Dzx|?nJN#GY`hGJ~kipLzSo6k3+ zXZP0KdL}F`nT?xbMC%a?bwmZEz`P>~8Hw88ns zE>0n-wO{npwK1@01)CMw0zS}2Nup4}R6U5vLM@S=b!gVlP2zW1K;d#(aUJB12cFM& zg>#Ugd5dV7a@bpG_~o9#LUrM$E}q^zw^`=&3o6_M(MJNu>5@#f8O8%e&QA%T zxs3n9S`TfEf`B~#Lf3~jShuYPd*nl2D_PLEQ<`sbRXYz)W_dE%Q;&}umxWDIanm`@7;AYU#_$T!of3{Wl&Z{c~kyXoIjgpmYbE8E*S(JF1^|x)&$)* zIBj*fTK;@}i==jy&z!!&W*O|(@bfjiV_KEswH9!t7J2zmpvra0$@=Ya8%yfN`%ggS z&(pqcldP0=Zjt>|4->zw=3_GaWe-r3y3Ugxat{^21o|(lP8(w^ruSkctVUUr5sMez zBb_DM-78zKBwJ0Rc|Xb2`xI19K6Q<5fv$yGoq^Kl0tzHei8Y=})ns$=)S zN?j?W#MD1;EMT@s12{fu74-R@?Lm}WGn&^@FPc`~>%b}mxj&?*u9@uVuJvi;_fO7T zout}ZU%)=8q(jQWgm2=f%Zrmh3d9@->qh%3fUkUtLhECU;o=V8%6~VN1;bJjVxuLU zKJNYYMTuRRnTD=aEjl+*GrIk_++D8_hDauMOt8Xw$Dco-Dz%5o`_`}K>>7u%guP~{ zBcw6;b0D8i5Sb)Bfo4o$fYOc9x7mo12YU(^IPZXeys3d46w27m11)DQ*}7KpoMmoHbO2chsWL4zM9^)>DEXJ*&0HvxM?+|FBrLCx%o^Io>0I$Oh&CyGJM6eMj&O+bk_%u?Ka}=B>BU?}}cLKxE-% zDDcZFWOobT2w!5etObdmQ^8d$zh*09Ek{``P_Y-WYSxceqciGt|dG9qp1^zAE@`%FkRzydxw*pobYtF z@IWON-yUVuW~NH!;?CIF1TE_oVf;j8lG@&tCmWA|IQ2ytOw=xJHv$@XS&5nAS$*gH zyK%nptM6iTZ0M7NO{B}8=IPurzSFP)vmWIZ89~QuhHSldZ1ISdl*g8}HeJXrAFekc z`bqn$6ck-IaOGD^iAurr_dT`7;gxtyA=Nbz(9M*k+xS~0?BZXb*wK5nD2 zQd>zQ+IgC>O>fvUD$u)v#u^`UTmezp*`!3~lHUrLK=;`$)r?tW6*!Te)taSPzF_n= zL!K|y;#gp#Z9#O!1)_z6FCyWq3Yo-X1^W|kAJ~n)r(7~vqrr;g-`ht06+=P5=@5Ds zFR>xxn%Q5j9G4xTPYJRjC92OV0u>OgP)qlOa{4Jp8|WxY$DjjeNAI*FJJGYz*v1{r zl-V|ZmC%du^0fHcFAyL4``;>aJ>`PkH&)Z{gnr16k=me? z>)MaZc!QBcU1#5xa1}GXq*}u~pe_C>a(ECSvA*jxZ+`nGT&P5d3m?^cZcW^d@7c)GtMRgOr?-yl zx0fYfZmaU0@ezaWXDv9xB4M{Z+pd3b+nM?)UZ>hfm{7R8|BZfexkDpCBk-gEHvUeJ1R5PFXJh3 z3N`y&+OkF{$1bIdUstxdWwuPBp*cLVf@;&%G5l74%WyrT_Vz2}E;CZ!G>~4p|6y@i ztgF1I4IVrEZ7wPaLFNgv4!e54OD-HT5mjM0}Qb9E02+z@`vCgE}44(gpTwK^z~ z@uC*#jCM);&-*aH`X>;dMdvFYxxFefMk~B_8dKMqDf3vv$1bex7h=W-4bj%{sbxmJ!9fFB3=m`1DM{kvdgHK&4QwopP)#UM@bO;@Jy!Re zb|wZ~SJO}}>{JQ@|6I#*U*9A6g-u6Qvf>^H^3!$VA*cAs2hSfdhKmS~yK(5yq?`eb z*c0*YrF~C=_77h1tba=yjmNYS+{}~^vut7F&gpK-F&nZ>!dv4-3C%|)UG3Dh?s2VL z;Y%^-O;*(C?0@3^$}*J*vUQ+-IP=0|i*U+Bejd#mvI3XZSh=ag$g*=i2HH_s343xd zvgG_{Gg5rII@dxJBk0j1$=uE$e!ud0XCtUymTe?_Y_bx^f>{8NM%AW`{-i_Z6&~QEW%MQjZ(-aTWqElfQ(mZ0~PO@P)_4SKuSNjvfx^9O?#c1vd z6Pef;0noER+a<#BEZ9H-{ccMK-nYFBKa=U{e`TQgdi0RG181kgv&*C_qAHd=(WS|y zW4jyT4K46b&pSPCCzu!COZbtC%cs_)PWW$%@Z&zn#lp*g|Gw*VK`v1T;N9t|5sG81 z_L!N!SUp66E`%lM444ZZ%}ZSRtHOeF)aiaa{6hZdEB}huH%WWCL5lHU{a7hEe;%}7 z28cVK-26ij2iy#K|J_b_m7-y>Q>~6{iMiWv`mL06;a1tA(O_9`-|#vfBJ_7vjge>i(y>EF<(g;sDP^>sF*aHBwgFbA~VHZ|hZH$WYN5B|U6#{9qA za8Ba^tpB}6vNbSHGEuIG*DBUxpwP*=qC77FmUda|`RcIqKEB;v3b&+6wZ zQAbPI2T+%G>>zV+!KYE_wfKKVfgYOMLlLfi>AXPXW|lX{h1*6?st#jGj&mypYWNn{%!*!+@c`f2>;ns* z%`F5o>wuOv@3^BrUx0s%U!@*o+=~i!$L9YA+oN92seVF6w_KzN9`{TSZFyq5nnDa2 z6&Kk&5;mPWtw%B^5Es-E;~hkZ{;V(WlQlfbWUTgq_{M8&f4%KN#_i6tHFsVi#hCDF zUMg@?%N+3^Ow3@Thz+K$p13Y=(4&Bn$Mz%sZAJg1RDJIByYNPGudNvHf*`@9Pb`a&9h&S5ua#7W*~!MkrcD+ru0OjtkfOfk0W;?i-~ zg^~?54IwX1iy|(`7lD5y8q>h#N`c%UQPc7o2PmsycM8bc%Evn~DY@lS2Xse(>Y86>vE&QWAT~K~CgE%*!v&CrF z?Bo2+AE-BU4WA_DuSz4A=sn*Y=Z5Jetz_QogH+9Iq8tQxwC9ODjebFC`$DIe9{Pjb0DzU?gFL*NX+>PbnLm`j?%!P$q6tshuFa)Q__`(~U116AB-fMh?b8@e> zfw5ZO<~{M!wAfzX4}4g0&~ama7It{XbUtf_>UJQwz?I&2U6;9+i`0ZQ!6hDrhvs0| z7H|LjN4GaB26l1`Oq|g~wL0Q<@->#CcM}BjZI73O?MhZ6LrZaBCn$6X0&A|`0zb-% zjSmykFuLgzBUwj!56IkQ4Y59*H+2hrG@8N_KK0y;kNnKZu0vGT{pC+^Zi_dDpbq>o8u@|pX zD45cuFaRHY0JHVNT{bD8b=s@;`PuVw@T7oxO-6}6vCexM)%wOX1$-;)q@ z3i%rFNi0tvVr0PVhFCl?>^Zrp1BVi6FM`7=AULRyozfe8w3x~!!xBy)j`#UGRL zfp)2uN*)srm}nX^o|EF-eJU2Od=PZTxz|&t504}i*8kuYTdZ!DJDJTa*@3V6!3%^| zl@NtPp&~n^$K$jx>852jbnWXN0~iuo(?`)wOK5S12(rJcXsC0vrsm(oV@h^upTwdRj16Q&>gQMNGf?EUp=lrLLO9mQ&vMTNIuUuI5}cp9+iWr|E;oQm96XO$LKBfyAC zFh^*5xL)+gX3MdfPm zUfEBzhq9p9+Rp0{qX@u7we0@`7ad^t04;IhZ|~iN1-Sd0%F2&)3l*-6$g-1LSFzUC z_+D}~mdh;Q(+_rydDBWuc$4uKSCwvw+}MEH;@PwR79%lHOuaj~&_t~Fz!u!_Z!A3v zYHLO%SZw+6G_ce8a3eUOLm)9AB&w^~WJF*$!`Ni#1U&IgO=-;9yKt%Nm}hvO98fH- z+uP%gbOe&KTZ_7hc};!(Crb~DVTtM*chTRu@J^pIutzAjyHkzT(ROC`o`i}*oDUP0Oqw>;%m zzQ9I;dE(vA5?H|R}CIXXM*6nSuE*CqS_inRrLTfLmjFSM+5KVTUSZN}{HG$AX?c6#10s>&SS5mR#WSG36dBCT#FE(t9 z;GWAw!2`_N>_J^2JzmYgZWmUI^RWYb_!qKlUShH2Yqc$eE!)L8si<~9V3@QL89h)T zkMP#Zy2eAZwt0!r0w3aYnl=@8p`nkl2!CsBW9{VOz%kWaV>%~G3Gu1*Zs9p%rLgKH ziM&_goOwoe{=zR5rOV!eTnL5b9z%dg;^nqr7{7|Pj#?mhCfs9vJ;o%}5>>yRzQjy3 zq@jAOqt?L6S{{cM9v=l0EeJ%>H<}Fvu8#Z`_?|htlCT( zQIYKO?4}4TMygg+v-%bom+RWdLX2M^2e1h(wHA(+U^)+0O=)n^^=R@0*wCC8;MM8x z)i^T(o$|0PAr_W_X9|FcB-C-dXG$IH{Obeb9wwlAocbK!_#!_K5EuI)F?40dR<0fm zB7jW_e@}wjh5OjiV_#`47)}NTJjISiF`OWZ1k-ORJ~m^+ywRomQ&3x_M@dwWkcilo zyP=R#t#0P&8ESc-(&q0oCzU+LsvKvY<;5C?&MP~Q6O-rH z+k`Fuj^;bId436Sduk_J{>r+40~=bF1lN6=0Vl5;&|>PutNGS)5yX7|&*8L4F~JTs zq4LgCDle)pQ$Bp;D;M{bUltbnq0su0HBAcjxa$EV{R3lmcF0>6`o3A0!+T6LtLG;U za32^2v_lfcH5`A>;{sUo{mrLdJV^be4<%Sx^~W5%Hxxt`Yssk7p%E3Q9Rr}~yzc7+ zX~0S&6Jix@bdBubf02av~X!cJSq%vZo6 z^gZXD_%0&AMI5r%nWF+9GeLBkr z2m!2wQFi6^kqLTZHEYpATANhZLk13Y>6(fdul$OJaOc7heDU0H?z_!KKw7O|#yLTr ziG0xO2!ZS4RTG#zP}yJNDs?w}6;4*1nikC_1Hblscb`Qih>0JBSy8CLA~|5*7#PGt-{URAE7tpBv>x2hj)?|e5Mz{>%+7+}zC?kv#Rrq6 z`ae^Jvt3oL7>};tn5z6xVA6PhocRsmeG-LJDcIbEuXHNK_pKP+$ERMW(fle1%#*u8 z1x1D#Zn~pAY|*10xfW7WP6!2cF~o9r>_ULuR(ntSdCXbN(o=bHmJY0KvCs+=caAU>nmj+f9ylca{g##=C=lvw!P zP^}(KZ!FZqVyRhTokwZ%KTNdg1GZYAq5h*F?Wp>5qJuql&RCqn`nGyAcmEKf95109 zFL?$GUHxG8KE||r<+AIuN$XofBP-~0B*`Cwh11(U-ln|p_%^lKv(>CLxSLSxJ4Ty&*D2Kpq>J?mkZe2oNw(i2{G=qoA*hzYuw}PGxa18boK>XuaZVql#3V(HV;3?rAbI#h3=5@6ORNFA>w+&P+ccCxiN9Qg0p>NHoO zJFdw?US8}Ghc-8{FC%_+OMpv6)jvFuC!J3Ft|@uxTVHjNjO)SnCd#(-zf6hn7RS;9 zsf!ptUqrz^_^Qpeh0}cNeX_+C*Sx+zD`?YR1s^CNB>}tegm#nIrmb_ksdb3JTBBNk8ZA;f9a1)%v$We3&$ExU`xS>Z$*@l+~c~ zohI&prrGvbZkEB9quEp(e#+4CW<3dQ>roX`orMf_9*EB+**jG`BoM(CDWql7+m^1_ zROa!?&gFWezf8MGRqnMFTZA&_3& zakiieGr*osj8~(=TG78nMdUBSJQ19j@a-)AmJ+~)3T8cX`$<=hpt+pr_abR(t%uHUL9U_-nEc*I)3-Tbc%JeU>hEDp9yhzssPHeC_5I z&|G$AajLr0gi@;T{)@p-+xWo*Tf0Xw3UrZt_R4gWDQ}P)TQfsNXolQMzGz{YbyOE& z+g60+RACsKVi99TC`;?|Oi5{GqH=N=CQ2L;uR!O_wX}3o{%h9wBV%}Ec+6F9c@DCC z$~jp>?f&Yn)S$YlCfcBT2%X2{Pj}5sG6+ETxWLpB?c|Hpg#sl*poG@zW%BbcX!_}U z6Wmv3Ly|nB-C{h>8-?BV)c0X-W~icb;Z9C45e=E&$X!^Yg5sy{x~ayg8@B|!nlw74 zh7%pOHyhCm- zrPSrvFPjyXZJ)XoY-to+Tb9(&EsYfmm2R5h*Q0K>O$v~)dhI%RF-j`A>3d2rn zD`NVMh_iO+T#UD6%b0h%61it#R24#Uvk9}_wfzELjXiSEf$c8Aj zRu)BVmK_em^_MgShX{Gs)@vjw_J*cOjFI8FK(kafRgxKuU!dCZ;^MTa_Bh?JSZ4K7 zGb3-%k8a5qWg<@WAsD>@lio7@EMii1S3+NWvQm$^WpQS`!+ke%>(!7Ou9|l3WZZsB ziN&=LA8CxX7t^%Ue6<|e@NUbqdptiOJ_w*1^OCM=Z6RDL>UQdCy7@bYy&h$Fh0RujEV&cChN^#L4v2V{68GEDA-C zRhU`SWr1;-1B2{$noAvK;9g_b)W|aN+XZVOGNF7??8e=7=ZMP)xd{HO#S`Os+2G0W zT#kZQl|Q+ph>l833Ln@o35jeg?v68ms~NIBtjpJhdK~TS+`7hTyMF|D^$!@No~Fra(2*eRy=sN<$5}_zbE|l;eJ47-@a7A zvk-TOPN7BnYgMURMGUT^rK~+5QIM(VUc#g_XIV4~$|vbotvhH6Bn%j42-%KkX>yQT zxhOll>DHDiw|!mJ>%F6h9>WC4jeiuQWVO&V$NQNc+PbabuNJVV>p`A1%v`3xpYlVy z!6KT*cbw}SeNb8K*!B8W`?d&`Yejm`3%@39R*67-I_XcTGyVBM!ruJr&AtpmXw|lg z7-Ff&fB(5Zh*#JQ`&%{PywKrKs00a8Ut+67DnAeai?1M?GTColHvTBK~- z3nruuL8Mj^8z8RK?Xgd{`yh{TRp>&ys}(Y*Y)t@)=uD#>a-yD%%6<(pFionTofZ(#$F}Z3r_p>^MtnKUyR){ zeEutpShQ+?RwP3+qO@hnIZI0J>_{CF%3r#0nW&9EmW?}^`r&S4M{hs9g@Wis3;v#g zK@PL0Xt0MX}_W_XQ1DSL_Jl4F{CkM=v6&~%hh9{tB#5XAlH8`fAlD7hG&*Zk5s zz-EMpZ&g$@=la)lRa*8nP4n&dWi2h0bU~r>VoMvdk|u`|@SCd5>MaZiQ?emLo3&S^ zq_fLjF1=b=b{3B+-TNW0E8ilR=F&F!LU});Oy4_ukjn$pRD2_JhGUshlj+7?bhZr>Hw-tkd{{i1jnd<;KD{ ztaK{fH_{RV7fgMVU^-~s;Jr5RMPNUM8Q%82q1jJbZ3;M84=F$=v=Nn0PMT`VN0ws0 z9s$m>-kwG4BUm?c-@2}$f$l3o{aGx(X`pYia9=RJn?VpC9tP%|6MOz`K>sIDbpr12 zeWm$zEfDTrS>P278g17h{vU7O9Zz-t#(js32qhu264}Zg2jwoZBYP)%XLpQ_M8izk ztE6nQ_h^v4$tHUq``Dh(_n@Tv_j>+$UeD`w-#U)(_>Ajw?e}%L_qwa+$4hAl!G&Y) zVTLWs#j84;D!)Ks`dNa~4{Ik9S<2W^?MbY6#`QDJr6&h}IH<+&oe0BLo4#c5xqS zDR{nX*P%|trKVo4eW{I7Me1%D>dNhY%*w@+-AkqNu_Ihj_SS=g#{B{F)$(giuiD1$ zmfKX8T+~`-fXOi(QAcEJMytY@8vRa`uuKoi!W@+mzb`J&kmL&*I3Bvri?Pa zO1^}XZ#JZaI8(P(q9(6p-*MM1>(=lakxn9I)Z{;Eq zb%ofMT@;~b4~za00Vn@qxOS?kK*=HX(Vkt-9Q5)V|n%lU4ztX*A**!i~&6_v!Iu3uO&1&n`Q%}_1G z@idmDWz^lU3GaIJmS(&2a)ze9(Ic}LeZ}J?7vT(LR-Y4b7_p8#C!AHzzSnqh{N?x-!C5!nuu(=3j6|KhS}zk6d7kX~JVhcG<{TCF z^i=@eL>AWu|8ivgny=ukTV^|3s(6Oj&#%&ZR*F1<@@8*;g1ASh5EPG#OF7 zTi@TEEi~%32rwIaBQZ8mUTQ!s3Io9nzyTUp6(SEhu3 zcJM|bGEI8EO#i8GT@&Hhl73R}kIpN)n#Cf_sLkB&*y~(uSC}oYNM8mnpzEzMO-UDr zrn6e!abZOhW1E4}<*@2N>%+PI=I&xSz?GdlxaUqaXKeov4ubVGFv>Nz9k|bE{*0p< zY?)Um^=)n&mU)KSghN1itXBD@WO=Zg3PKw`s!p|{1O3*ks;IU|L!)=58zbgIV*=Ts z??RBe@N^lPXmdA0R6bxz@R)&1LWG@~`8&zs(SY?sa@3_XI zx=B8pGJNQoEc4r&NZ2jKd{TH<37$WjW|@^NceOs`em;fg-ptRF^~40&Eop?HV)X4- zuJ-rI6UD{p!st1!2K?=tum!$#UrILxP=TM|1(OTQYDB}7qJ%&0g`os$oUym7NX=CT zS{Ud|X0uUits4^JzYF`oP28@>sc|I)p(kq)*|+G^m71Q;8cnZTpqH*Lx9r7Zr(k^0 z#_Ro+KCy)sKF6AD@o*z_7mDU3NPS z_+#Y1!Xq@;)61~T!p1x}HsKm0F%|3QLpa1QQxe$PMZlzOS@m@^2mhRxja#!1ua6bp z2&pI6z1kJUCEcoo$&uiU%tlIXl*Na9_9LqgCQTsmc?J@@**D-W2@bBC>lhoT0FI#c z*F)mf7f%;aKQp9D%-@&-eu_0rhgbTn^E-XaN&M|}D43?z>QF3442QHaY4IvUNx(1w zJLXJi2Ux!vVffnd5C~tx?)r+I7NAe&Uu&j_9&{Z&JvBK`WK%kaZ>l{THwfY^LTb=> zbL`CbLvZg)KJ+(g(@gdPr&E&kOi;gs(EC!xZMVBP7e)_Dll~GRfG8^vpRBMn*?UiMQGA=FFT{0U|DMwSByF>1$+hno%~F;#kp`-M_|Mo6NNBRKbI3aQVgv z5uJ36>uu(_e#PdaU3<=5f*%d+m%ka;hAX`&>Fjv2$zG!E@|877P--dLH6W=8`@X9u z(8DSY)&_D&uMxD12r?10?+&=Q?>(#*)zM`ml@MGZKJ20S+iU|=Pz$KwF1Fu8JLn(T z_u~UVu+j`DTr84^3^`+Tc5oIi{y|W8q*VzX?y?Mjd;7p;3C$kE9k{ZhTdL*IqID^# zU9vDAhlh!LWD&ozvf9-Cy+I~8AeyHibkXwcZj&{>+?ntAeYnce#Ta?U#nL#pa1YnK zsq(IXxcKcZKLcu9GlfT6dnL>gk-cL%?}P;`VhX#2pRDZ!OPAu9rI(%D;(8^P*<`=q zvxj8sR_f)qDdu7b$XnZOD?MFJHv0Vxmk!)K!qC{^iN$sO*pPFek5)fl>g#KT;h0^8 z9_y?4y$|ADXti#I((g1=1mCJozRIB~*g)|40+-4g3C+=`mRo5~!#_8aMmI?l(xoky zLG7v{@f&pH+VaJDj<-w^uSroH$k`lD1z8Y5+%#(8_{*6lNe`U;@BjwLqsBO2YR=8I z>~3xpXxTp~s>G?_bG=n@blNa`^c~kntYqdlMpc8zE>&kQ)%2I#ajiCWrRT;BYsfgF zjORKg-1~OyQUQP>biVE5)@tDkt542NrzdK{gpv9YDLR>=K(Ak=xiBQMI8Ni@vUP&u z-^pD33+K`W_Uz4X$9A0>kHgMyiZIlP?aq=ff^P{YPbtQygVZfXZebk}_^UqWVXdx< zz1u*8oL2yT>8>{aGyxdFJtYvTC{tg-`_q#Ne1&Ik#o23x^nFV9*vc&KjE+!yb+sw< zYSRt6u&b9TMkboOJq7V?RAomhXdLGAWuz%g=g8Iq10iVmn7IU*9nq6hrIg4$B!r7ea4DtJmsaqx_ zF>iD=IGi7kt#|h;CZr8czi~0fJM7z2fh<=b_Uv!m5mQx-bZDSfAuozg*6AsJr0s*_ zJ|2GMCYcNcBdzwmOW%yv;((f=XD{&-Y-o(5Iop}fVmw!fb9y6hc^o|eXrCxu5ERzB z7J&{&_pT^@$xPnl&Aw+6YQM4)F?K2YeF0r>y?$c*wreMOfS_*frgNAgF9A{-3 zHHyG@l%kLqRL$1YyZo^e1h(@#bLxUgW#!z?Vce+pr=mU#f&HeogAh`Ep3R_J;iKj# zR%3hNFdeHjvroxxX6`{U?6~fo8l09&P$M2OF;Hyo+MwsZr!XD7!Y+n|A(`a&(+Pe{ z<$o~NK(0_uH9yw$NrWEV#YVJtvJT~3-5L2oV)(859U|`h$0h>%(-??2Y0udI5bP_! zY>T(P@bWw!mcd)8NN|PNE1@+mh$R*@W(?ezKTCm&#c?-%~%1<49I zQx#r6*if9AdASnvgIZ+w@z*jA!Z&NktFVLY;-lnF1!7o}z9$U499|PrKKYI(PguvFI zFUK1JB7xGtSiG~sslWu5eEVjL@Zau;QpmTji{?p0=-gQgP-oU;W_Yo?@Buz1si#=; z#7qU=Z^AnKM8^z?0)1a~pxs@IPtXV7(?Ox|Xuhg>eZA0bmW47u36h6R6_uC8>G;*W zkbf=1V=;S(AZ94$I>A3|QgCpE*jbR{C1{?B;{&-9{knxXTk58>uC-czZt@vS3dZ!) ze!g2EO#9a~=!n6ZRu*L9xG7;&#w8`9LHn7) zqAG*?9^xbE>I7zRdki8yBu zE=BbBE*D}XjAV`aE0d(*6qxtxPl!l*qN2n&D{;cAp}66FC}&f;|9h_^5oT^K4sX|$ zZ!w4`V_-}#7pRXC?f(3p#Q^eHVKwMJ3!2M1m_q3`k|6Qz#unki5a&YD3kIeP(|l_m zgCAU=82`^!?!OkA9-SZ5SPW?55v*I8Y zPcZ_37rwUWBGixB01?gcv3eoItG&c*67eMdY+3n0FFS`#5ny@=_W-lRL*|a*Z{#u|5<;_fs2*u^-WrVBA2mQyu1K z9HG)nq+$0}j5lSv$!nyfgL21KgLtb~uYslXJ;T}nF~1rprEKpm`+hj%DQ7dv8L*qY z;e%w{qsNi>G-ApiJHCa$@+)W}$9X%G8_I&D2Z=g*t`gy#oX#E~#VjrHZ-WNc3napl z`}ZtpgEQ{h*#~I_l2DcG_0vrHdM0Zi&&=iSVG81reZhsA0NndDoF-4lUoy}K6_=H~ z3f)HVao>&FX=EMPI54s}2|FHwaxKOi*z^mz`AVZ|KsR25C#vleyh+HR~_)r6E)mPzy zieVJwB`}2Ef=c^;h=R{hwwtPzbNXdsDjMT?PiWad!r0KlX%>CG^-j=Tr`PtdHN}zf z6HCTjWt3HUJzA4E%dM{4eKt{WVg$-PV{}Hhg{Jp}p5c2*U++O9NHN^7{nZfr_Zkez z@9SG;@07>V9ej3_$F!)xQ5bpFlm<=YBbZ2)J68Xfiu8ezhkN6Krn9pzcl<~u2?3~u zJ52a6-|P3Ne#ilWbQJ%YD-LoK)%npZl-L*00H@S&7X=kI$czb$=!{vQlxbzb!wR+^ zaV}g9d5BMcwyOt zS%)aGW}T56*3cCa5CiZiz{QNWmZBqfQ_}d4z0?A?vE#w_WL}76g59~UB=G}IkM8#{ zB!)=-V3pFf?~Iki5kZs|&4Ns%CYtMTY!zO|?v!A{Iavp#PLs zXjL1T=C+_3)#v1(Bx-%7x!_wb>{Z#!^6l$Zy8|e_fpF(FSgWnw!@(Ut%{UaS)rmpT z$-^yRG}`X-;HOWICcH-mebiQAVYV+jgyKEU&+blKiJ4#A&8Dd-w_Kcu(~pdgmThgJ zuC(mMEb&4h`N6sc1&sZY9|0x$8ktxcMVs%tX1`79hzO^Mu}5nU zxtn~Sm~iB&85A|S@KB3rdv=LQC!mM2d;UUqxgH-c??pudT4JtIfn)K+r>}Gsv19c-|WTSCodTVm_ z-bMh?>Yh)VQ<~81#?6HWUJN{HTwaG2DT#myi+_5*x1E7BBLvoq<((#OsW=J0?)X$* zt~{wzZE0(Gmn^vW=6}b)20He(+U<2Gyzi8LwRqn^nC_fdMtPf<>*pWSJC z^d2cgzbBGtFFaT%=7yYxT?7JESQodf`!?NM%p1K|(W?N2-Zril5c8XR4@@o+tYCg) z`ip^}&oC|!jhw8!?E8Q?IzbFCM2qcvbVI_w6awM}sF`iAH`l&=_<9dSJh!XojY94{ zOXBtW%ZK`lBh?7438U+HiBX+|5_oy$mLA+vqJn=xbI-rWMHd8^D~XG}3orU_ny0j& zTpGE?Pn);NP3kVbQ~FCjL9Ch{YJPU}G$Rq(s?l>oWc{>g=|*VaV$O+ZtQ^)9|AU7i zz5+8v#@BX~3H>z{of!G#;~Vc@{`d3a!1FN(nFG+7U5}$?+rNZI`Oy5&>4i>R^~t7 z-GA<9DE+(`q}BjqFv)ZdFNJNNm>13!WaTKFKWFSh1!6d7Os8j;`KzF=tA7q?0kW%q z1?u(jiLt$9tDl116B9e34Rsf$){5!vX9c-&*tFw^nB?DkTLAX8NPl6!ArQjmBoJk_ zkmvm^9T(;ol}@E0Om1aQJ|R#YZ5rZ%Y&VgB9gB z(}GCZiy`xag|7^o4C+zK4g+y2PbJ;o{=yQVf;@5>zPi8VH}HtDvA_Kbbyudlgz&6C zw=tb%E7IG1MciRZ;cso^&-KKBl5;gSypiYmLCese0E~G9JgZ znkGJ)MVAg5X^4BL#@#qua#bMJ>a#vB~wJDDn&}J^HLaT(ps+#yv8+tzA^gY?U zPW$g5jrGLLU37QhBRhh451q^V(DI$Q8AN38Zmb{a1(=H+*z_n{?<*DvK5vmIKF)|JWyB#6EhoaL^wj z1Im@_jBw1BR}SuaM1|I}p2bwWNq7q2J1p<9k-g6UMhI@*Eb^{Bwz#-ZVuaqi0L~^K zXh6iDDw1DmsVl!S&J`yozs7hPqV5}blc1-BmPz7RVShtbQZie6UE)4^3q1$)53!qo z>KIlQmTb^32s-te)c7UX+neO%Neo@k&Q;=1){8}7BsT*G^9>F!?djF))5mz)K1K!) zRw9h%S7P*l9|TR>Lbf0%Xmm_R^DEilAjgY-6=i42CCQ01Q({RK|kr`rhf`HU6Fu`2(s3`-mWl3 z#DVnOOY+LxcU)xQ7B(h_3HL{+6)n;-p97gJi|uIz(T?0X8%5BmZt^Ri?{AdG;kNA` zUT(-e_EwS-B8XR~_?d`Hj0UbUvDN0>ei4qiv-x@H#~;`K8eb9^-z!4l0H}xMzv2~4 zpt5$tNkx??OW1XNJ?`5vyvGNI9-UYP)WKQq0^248rzpmzAehm#+25XiE7dVuFSRMro>Y8mFS{pzN zlc*`bVoZ^GXy{>(pURd&TSjU33(s>X7N~%5nH;K&pMjoKa&i_V+4vwd&3ncGuFToa z77YYPTm`SYeIkhA*lb<_%bjz|I|>J)%6E)O;d z@wppEbU6Bh)sq8JY5SgMExHgj-NtYvz^Z$Zeajff>>@!XRPR{y@&OHU7L7=ogI7GJhRzs2^YKv80ea@*CdB7|s8z^8v{X?3NwYJg zt5?lG9evKdpxotjsxI^|zc~;+g!sK4AkqYF#J^YdLdBY41gVyD*Yx!ul{H{tssP3vHKsQ&UW1I|UQZ#X&l3D2K z)G2lhc0V=;Iz6a)mgZ@kXh;iGtV9Xa&P<7bYG zn1cx;7Qi|DVmHE!p8aLcK2U6j0`l*+z%cPJT~7Y5+lIhxPwd{I`({2SLktsO@nC5I zc4zMm&Q)mT(67E<$3{E^d3A9Je9+Iuz$Z`zY=YdGHSzC^rhVF72Qyo_^2HV!9^x^^ zmovC$v9YPJnW3rQxssVoFR$`uw05`3Dm%c!O%WzUw6E765Il6k3cwx@*V>}Hd5YDe zi0z3m-)!ysza`MUN9mpe@(p%gaIybI0ccu4WPFZjez#g9X!kq1gO=$FP*_Oz zsll=1g}V+}2FNe_-8@AxJ`rGLTxAOchTzP6J;4eWZWMI)D;aQ-YOtfKj}gJM7l7jL zk()x`c1bw|NZj#4)NF_>wnLME8u30h+_tF zInWE-bBBLY_&WII$S#O|1>gVn*tHNsp2Gv9ci9^v1yN!4=&{0lf0UY9xwqZ zE(0;^cbT9Jc1lK|`~q_{x=R7g(7t+kYlKnow})Rw59cGGHhJ}hl&>FC;_w>1%HDYxGQS3%@8dKUK_ zuF-pc&TPzT=?@!I%=2#nF-t%Fj|eB4zK$v~VxRG`PGN;cB#1feRaD**uk^#|9o;r9 z>`VexNeeyf`iIQ^!|FO9xM#o#tapys6w)CiRS;s}3{oe;aW`2mK(1I$H~|ex)$h2C z@_SSD!5qBtstwWKT-pW2Z21&WLV;hL2qa-E1>`|-M- z=E5@kAtu&m(ghxI8&|7jSJTBGfe}~E5j=kh*#=^*rzREKpHeWjb~|aAX~Kg$5je-g z+;r!FlBtlB_)^UGh0P)?TNZI{hw^Ywg@M!&STjt?lfl zNtYAogv5o&LR(j4H4l;##n6;bQ@8F(?wJ|M^Ot;ns}C=vILB1za_DUA0T0 zpqj%lz>X_dYm8=SuGMJ5&DbIi;AkxBVa{@qxb~>E8d;(elT`*$A?bzN@OHdx>@};I(cwHU}-Ue-p_dn0=WgzX4X+&PTtj^7QVk zb^mVTwD(tO$*?R~Y%2FB1)aF{T8=Oun>oQ zo7f8+Rbt6|`;_pT3iUuw>LEJfvPY*}H!4FDaSU zzre@f&1uKsWAWh$;~IhvtzlXM2CXIm($ktUv<)(~dQ$pw-cgoDMNc&^^cIiqBx4KM zrz#Wj<qd#BcM3bv9OmSXT;=X|}S*YeNAAqLF9K30)FmJeRycN_zzX+(-bUPO)0Yix|n z2#tl|5tNczXV;XW)+4h%=Cvg6{swz1aJdM-E3&Fj`&`pi&xoOlslKrND4zvw@E zBDSYQHOAR4zvJ0FUP0CD>4NE%A>+D@;w|xv5)KYaQGNx(tZ-RX#d~y53#T6DB#ARO z_*V9OaGWW@md$sw2;zyi9KztB?Zd3h&@NLrA4XvwP*Nrx)2kt%AoNXG@~(T{YU!u6 zwo~P|N6jfI=)+%TJFfv6qnukb>QN^31n z_4D$xdv*y;cZkED#W!#rH!k*7y2na@TSp5%{L*f%Ex4R6YW+IdyAvVQ$a$lA4FBVu z?wn8JpVJXiCqzn2JSzqP%JC((aTf;%_1OUvhP9ILu@7AH+$ItCLlU;vI_mz#gz0_* zaJtr8#!`OaF6-~{cycFO<7t^#f)um8KBk;5t)7oC=zJBbK9xk%Fb&&VeXIJuFkbU| zLt$*12*=P;gdoXc`QE1vvk9d-qZ$b^*<};1Fb=bwG>J`AB|a#@XsCeX-V&M4O3_%V zf0fjgA*>xze|3$V4VFI34h7ND9fq)83 z$1b&@ey#5}hU?j|wFh4%@^Z#p*8BpH!k9mec)MzK1N1s~TxY z5x`#w%bL@LMe{1stdA1ZNKsz|NZSY6hA+7tHe~tDPv81ooLPeX0)Tp(EWGu}J zy;+*1+_~7a$|98p-%OsN!ENM{_OlXIFg~e&;e|Fol3O=)LwL79{gP5>fBV_`v#$@} zTQ?MyZh!Z1b9^&u{Bg^ox9hniMx}0;ZO_Ap9yd>0l{>nGj~Z^yi^Ej|EV#JNhc;3b zwa2G;`~q;T9ssxs0I%y0RrhJ{gfaIiP;pnS%$J-ss!j?f-h= zBscN4$<$Q=yZinnj&X13I9;XEkBh@Y;c*|T^}yBh)vVwMLW^FnhLbBzB?30W&XtV> zCk@+m0balBQe^QVBqI#A)_5VOdSD3Ko}#gLZy`BXYpng9>qa^ru^RvqHY-o)vTM^B zH<2SZFSIs2;%b}E^Wpn$%N5VwT#YeI*||S!cRM zg|6`!zIPp*g{xVF;QGCH)iaXc9eSRh%J9LjF4S5l_nzWTeRKN@2vI*6?shTPxmUbJ z@J#$5HivjhKGXNcOe5^Pu<#fMwz+rNH?^acstK)J{L=k+lPCT@hQ5CY;CEUWkc zmZe|~d%t@C%Oc?;uYT!k9QQD@tb_GhPxNGYBMxy?f*y~SyIa@AY>sgn^Q3#05-8>N1QUR$fBCxkq!t{vkvvkIj$Dvd^{CN# zRA_#=1WI$T)<1V5>DOHF)Akv2A$e^2cudDWqa1McW{vBuI|c5JM8)=={LpJk{iJ6G@E`MIqvE!)Yk?e&^n^@l~m(`4*n zeD8}M^=%fff?5tkQNj$WWqVV0KJ9pGkBjeKh2y&KJ?Cq1f3~xQ>USTzFVH{xhTPPa zNW9#o<7|e3;5rS=h&PFyGTHE3)SZVTPwjA2pHDfR-r?qSoFkcf+>vDYL;^Im2Me1C7Nd++^-J3G{R&^8gt=Roml9uqG-BdkoShoxGKggh7%I=tOVO5&Sjdv&X zCc&Nd&Cd`nXf)&bjmqk1O7n>-f{crSA5i^8Qq^l-ReG@098uEoA(z&wjXhjPLT4eJVy}V~ohgrua-kX^JX?UtCAzGSyle5uz#C>8D;N!{7pW9pf!nz~$6Jt&{9d!}ReD>HGs-0pBk^iqHmN^_@U zX9co#V>(m0!tIJVUl!xAhpp%MFKhYdiFVm{`7_kXgp_hwtQVYdG16C-2qwpbk9 zfr}X>9^Z>rq{*V0ChB8|<+$=nt4QBX$2{5Fd5V82qT96B$JZ9r5jd!c_78?QFn4?c zZ4SlAp-l`NeV`cK^H;^5>?vV_*Vhft>Gs$v&}i(HJ^ipXIpzN7Nu8?uR#uMvikc5l zD*oT1rY;qhr5B3tf?7N(BqR;>6|@l)o`AD~wpn~5r}ha5jQaBOh}m!R4E^;e6zXlX zC7MohIF6W7!q9O#KuoEWQgVbbvPdx!7LEsXIn@l-v80WFY8T(jJzVd!uUWkWSSjk= z|Hewe>O^&gbwe7N^F$<;Gy!Ocea@w8ByzL>&o;NuwZ>JQm&?Y3yS@FV<(_bK%SMC5 zK%oEp?mu0V%ZOV^!cL3}o&X2LK&)Q)MQKUEJkMtzyl!u65?>o}y7P?d-|x?{}pD&;EQ%ps5)HS+ji!CIY3WL>7Mup z;v)Ls%uzW$v_dCO9xe@Fn*V@B!{dDR>5&&yYy!w$Nln$gS* z0p@iBC#3qAj&-0}MGrd1hlisyxt>_e?CyqpB4Q+sHML7ELbUA1UyCUxwAQb0?QEV3 zSg3Uf!oGLGsxb6j3G2qsr^~6On|%Sr9{vt=iKte$P5W{Y)fTq%pxL!BMeqbn#;yZ@ z%^1}29uUXuV;tza%wa7`_XM}p@y3(SJQK0=PD!$-t#~BiMs*@n^K;845}_9y*o3A9 z-wrP>b$=-)_{dJN*&FKgeLg}-KQTpgz}@J>$B1q(u6m2lNdt0rtdhWeME5okoryur z1Aa-o+j=Zif(Aw~wCG7JB?@XP7@wHGuK&_JKoGUos(4#t>!f=hYnNJJ^t^j5(pX#P zq4=#g+YMf_xkldM?oJ#R2;?rjVIkuPyEIWBF=vh(c)Y8Q>BB%%?w z@pQ$+J2yiJldNWG`5a)DGBFRr4An0)t+GWcI;1K`^a!RUNHT^EIToxD5PTRc%FxSo z3BAxz+|$=$xf#Mv(vTg%gM5wM@OlzbZK{J*4yDqeZhsg#J5st70o9L}SvWDi_}>@P zT?8V7ikCfk!tp<@MPni?1z7DN z{Dci~QT+lc{e6SjLnvPcwZ6Op{wDS>c*&VX+iU;BS+ToT-Heg;#DhuX+c+o$ z^>`Ul=k$5)V?o7CKk#NtZ%==Swi==E|3Fxa!S8)K`bkm*40)8&E(V(8Gbo^4{$6il3SBGd3U2&LYY_8SxN!gRQ6NWZa{JmS9z;t}#$uIU4CS%4 zJD~l4Fm3=M#g@Hw3%V5n0kfXmT0fqQacE8c019riyTMI#_G>jDIYFbu$%7jOw_ABH#7rK=o5SG(`r?P&VcP+eUWU?Z_KXjuGi6NHH(H z<^&P)SrtGX`aU5z=!^uGBQYs;O&#lAcS4Ek+hLJfyu}r#FavT{Yj>=v{WdM}u;S&U z{(P*M7NEtE&yBKxUjIxXW&~>+b0KZz^_hp&wfASl*bqZZ^EH{7iI%vlyAW~|xPW8^| zEFFEL7v~H=O1a;DVULOq98VWXvYHCfX(O_})!V=sz1}r8lGaw_Gql&;S`I=eA`pxx zG4-6?4lY2y1aJE5m`*LZU-kekkYgFg6V!Lo%;rNHbwr5=Xgm#$jq?j|Uh!MB_d%pC z33yfIS4yQA=$Fi5F;>jVw zJT*wQv!=2Lo4KM9zmZZEsd5&^SqT4No?+HZecb9Gm$5aGU0qa0 zxKa4=t@Q3hKX$;#1$*|`S1d0XjHD5G)HtF2;}M|^T(nkmi~M73#H=ihuU;CBzKpTs zkm!Yvb?l^NrR9Cu;XG2k9Ae8@7Esd9lN)jPV0wpM;S~sxWt0Ax#dn$P>(ed!5t(Mk z<(fE4k6^sbfkm1XH}|_iQ6aHL{kO%7V=ee+9T;N0jV5A33_7-=O=ljPwkfNG*;u{7 zqivuseVkAhFHhqPDwrSr9?cUx~IS0owEg#h2*z%7)wWYPX*Y)aC=k>Tb zSoPS)jE*A0I*`*%((IR2<`izo>wrD9B_WiMTinE|E_m~H_*Q6mvt`ZuC`7`Yz1|XXS)R_Sv&@U4u_IbuDL${QaW9nIfupE=fQ><`eW`KS(dChGTg6ld z!&erjS)wMIfgU<|Ky*Y9pF)i*aFL?guiVNtDRA5y--ThMVUFk9li&_~%KEXXVZKIO zGFX3!O6z=h95UW+v$y%51t(;C_zs@WJehNMDuw`Daj(8SpD?#Bn|1}|WJ8w-zaV0P zp@8c4Plvl#)<@Yl+|<(TW}cC4K8QR2k|dcxlEuNQ5IWEb_yhgIel)Yi6wRJRF$C-8 zvhg>K`wMXl(xtiM+T!NJ@VYkZ?-g9)5}H@A3)mjapV3lIjTJ1G|8k3MzVhAtAnHms ztEtg6ZqoHG82_Z;jAwAUDRs18;w|H~{t@0fg@BV_R?aFxGW9dM11lUzzS?4uHB=jX zXQuF5r|-YfE$gx4Iz`(PLt+3Mdz(wBd5Z?|F`(gf%EVfeYdb}N$3Tmy!QCyX8^2}% zojKxXP`5DG{cd4HCV)vw5Ya}Xh4#WF&equ^r{1OeHJm5H*^4*oWF>^n++3#kDJ(;} zU3=>{+vZUAqOg8AlJQ9hS*d=dNw^5J_@nx>QBLJ52A{KoM?l7LKHu+p7$@?TNxsC&*PD5^T34KiuUAdD&<4mck&@ z^n(E|+lto(sZ;70cvt-BBP|5!=`Ye_oi#fJ%Td65i(^q_${S|odz$^>U1aNP7^>#- z?JRof+m{>E_KI0dxtD9*%0Fs9aI-g!YcTdg*mC(eR4^Dk9{wj#zV6|?JpXuU`;=QiP*l03Xp3fU?wMSv_up}gg z9gDRAulA`~zaOX-(*NjXbt(~Sak{~eet{x5y8!X5Y4qo>?m(BrEBjMFoPr!J?kFz` zNNQ3*jcBgrzj%(mW<|W>q{CqTDbX&Gm1u{CB0!oN&Q@;1`Emo(o6pi+T+*DrF0YZN zy_$Xe>dSRi9{#$|{9X5#&zh6eZc>H?&O4H~ERktTZ~{ z#|Oz`-?~+r;^fK?d0}0=ZBGqoRdT04Jf%#J4=oAk{WS2ooHRF0C$XUCCLe0Jlf!;w zZ;dh~j`XyZ6diy6=eiNLul5FX%vhk8{6fQnt5Y|1g3Zu?k zqqN&nfLVTHcwRFqVR0q=0>qHTuusV_H)iFoW|cVXoDbnkm_22rxjJB+ZwG>7?kex=at9gC%1jlau_B;v4L*h=?XFy+zg_L*^bm>ZoQ#ASoo}8 zSGonvHD@2p;E?`J8R2Z1>NuX(8Of^VId<@v`ZDc$D3wtXqytv2lyKBT*5D7SljAb% z%~3TQ8Y=zCl;sTBl^f29^@rux?`ofUJ{8A?U&y) zj!`Bos*1HrtHe$r?z2`bL-oYQ=o$=bz!PFoUT%V4HJs=5(}eq-8<|hj>gt+K!dk}K zfR}4wwtEht(z>~g5S6E}sGHP_{aVSl ztou&kS6xU;`)(f?R%Ie1BLgU% z%9Yb@nHOaw+gsi#FII(1-$Nl2rBip3@QDDe2_C044rpg6Je&$3$^A=MOwx0PA%=F9 zPL-I6lKI|BwP1h1COE;KmL0GuXD4W5hFBYTSIW$}_*sdz)8)<6=SULWfEbljbwh!H zd^Br$+1qtVrX*&)D1aKt<=8iB8ZgO>8WlL0Lep2ve8!2Um!`4MQcFmYk3Bae*5S^~R^dch_5?X; zs%~{x?pO8X&qqbL*+q*sJR#lt3U>{%0ytuplGh)rUXv5Vrts}pG^B?xbtds@2Va@vmS55(j znI0|lX?#fAT6wC0CtA~&#?1Wee3`rK=dWey7z>Ii=Vb`;8;9?zgoojtBx!Qm>9M#t zB%8+`Z|)R9{vT{U9Kb5Wx={h$M@(YQR4i;EV&VIdm*%dgmuet)UYzgWylt32u+K>6 z%rQmwY@g6%Gnd48JJ58{kSymmy?1@u&vz&O+s*24jxjEE(VeFvnQ-)9=hkF z&h(x)6-xQXp49vKV)4hiG5petrZRzl4L;LgG7(F}rDPLdi%ed9qT;1vl}E(9flY2S>1WV$L^&pqKr}EB zQ~9F;%pu^zk%L7JHHLX>JCSb@^8-z zsP4C`J@hFY)ySdmIDLUu?$gpRu6WE|IWh?7oO{PYg&c|}wEmYzZJ*s$aDs$(s@r^# z(#JeCzj+1v6S+H(pkI(NcHfRp>`#^n4fP9fUfGcMTd@BxT+aS;^&n^gVL7~!^azm! ze!>7EpF5jXHD#uE<@?Vb-%>(`FBXh98hLpcb+0nDd77!cw?QEKB1TI2C_;5EYlEJEesQq-T z4p4;+aMn;YI>nkFagfn{0XxMt>wWE5{{=)21hanGTS0&Hjd4(8F1Ne)DUXgAS}Z|e zc{#2P2_5}j(g08ycbS09pN>w+v)>6fd4SyhX@NSUa5rxd9+mUFcGe+Zd+BP1wUQlu z%=YUL<@_GIYlU5A5%I}+M7Q_A7`G;GH0L z>7S^37Q?Y85%X}q`>Q-J(zFvyzM0)(nTx;gcmIv~xlaLVZfRuL%rx11el9oO!e{Nm z-|htPZJ*fKW?#?#rD0F?yHuiP=A%o9GTrS@#n~SbPzvV*LG&JQ|Ppc zM5yTLX7#3=K?Bkom6(4lz7yiomc)lGAMhX0ZY7K4LpT2PX+`=yHlHh;`)<*|TK9>V zvo3l2(u>y|N)I-CUZkqMn~Zq#qC@5CKy#d$(vzR_@r5m0HiMecv8qgyVuE~Fb1{jf z=bJx1OW~|<49c<_YpTh9+$_>J(&xHyO6nYyW#y0;(<%Shcd3iPX~~?k)XmC7?5x&V z0k<`LBXAL*mV&YHam>jf^`hyR0FL+-t5D@F`^vJQcTq;HV$0Jf13oM?_5o>ziJC5%-g;jaE!({;5(* z(P6aI=+cVWVQ(GU+9Nj6su@9TVl*7pQnae^^xc6zUVKl$=Fi1WsU`_c9DTnZ89>-#54Q-Ffn`4~?tJM`Yq|Gw>!_#P)cl$O723aZrkA_5xwmNWjo$6D61+vNdZHR2*`|_R zQD^+SVfoWP0g;CSlOtMT#_j{kF~gt@)2`ipmoXQ%k`OG?%Qrg6|1jOYt2(mvE1K$} zd()sEU*Po`t$A% zj2HZV%EHSO4+l;#2c5JHYb?Rb-dVmm_U8BBzp52J7i)ZZ6G_oTY1p$q*KO;$sEHNu z(d%l)2AAF&-1TPZ&8$sJKi{c{uO+R}suLf65NRRo_CgmzD6+;ry}j@DB|epZhfb-V zEkK(&>EIH^wiBW;ABb><`P8w-h+TIZu&X{#V=r3zk?yxriP;)!?A>yCXPz0Tfh)>h zU!!mbBCPjk>-NvJi2I58)B;cHRd6$Z-def8_h@Zj* z^GEV}S+AeH9LXi1=KuTqJPEXg#Los_KJL@}dt+XsYD+#0NO~E5@JB`G>};_1?9Sb_ z^_dabiDzdjE)fJPq^zm^g|Hu~?kq8AmYe1?{ZHTe{59LMCCP^|RoOlHTKxwm?k6l- zsUnA3bv&j`n@4RN0<-L`QY|#{4ILN1;}_jq3#@=qu>Zqdy#{EHV~*8(#(zjXc(Wny z<3K(3f#_g<(~PVg^_;1w>?w>f`f+eTZJ2~nh(=AI9pbGK=qRH&s%q$PbzloCW`b-~ zTGYs^^DhlcO5%Xi4+gwSl!`XW`D6eG!NUWX2Q8JT9)(7rSSrmm!HpP!$K2x9a!)_~ z(eRN)1Ix)~e(}$6;=ecOqCG|aL(sg6l1AzOwxUJvx4UunF&uD|B{dIK{%Ci7 ze_+-ddznLoH)C3FCijpi#=F|J2fQizZ}Z0MtRO6q*y84R-pE3`0dRWo_WWx~Jt z9WB*qO0lvw=|8xdvmhXQ$#;M4`MXP&$J3MvJMLv!*m|!+Y&~~)8$h~zqJKp=|1hjI zbe#5GbYZ@H(4q^nTK%hRNsbgi0=t43Qu zs4WVU|MbH>{rC=u4zgam9ZOqrLA2~jmn%xgeJIKnzRHOmG~Uy`PKs7suPA5_i*N4i zK8FW2>AQv14|V7+rrrd>XMDi03)SYDQCki@^n(0tNkDj6%wF&EU;FXDe?lArJF*-y zG=p*>RM>iK>xvjzq+rUQXtEY;+_)X;ARH$As4JMt14 z+0es^^uU(A)YZ#`JHd+$#YIysZF-eiiZ8cb1izLlBFc`}y)VMW*+8%O8W`x_?q_S= z91Ow-*SQ?e7Wa0K{eO&s`ENYX8S;wtlv)RPw%J|B@5t5GcR^w&?HuO0{hMNWhhD)4 zbW1+5tH!Tzgm?Csj2)~M!Lbi(>qBOCIH;ZD;9&kLOhnePI35y*^2n%ySt#8wVpHh{(@b+ZsdefMeMij_+M+2-=(`OgMQpimeu&|XRrBX&;lnSn&JID-=hQlgfwW0 z?<^GhOh>7{jbCMuG63RhPIsHVF#*D;Z=j)R;!VB_^Dm{g{5#r{W)vUoz2W!KBj_Ef zbOjScb4Rzx8z~9fX&q=@Yv}c9pG6mo3XRU*^Da^Tv!XPV-3wvDT)#iRf1Twolf;TJ zuqc<5u2G~vs@6oWC2QnmJv}!xYDCPBIgnjYUfez`j9}siX%4O42sRRdcwe)k?^pB8 z_Ax3C`gGmTR3TjZ4FQaLIU0bhT6|7N3AZ_z-QpF0smz?TX=1TdlpGK7R*dr7h2&$>V$F25XZxL~iC06HC z=C@7Fk;{bo)vS9-yxPD2{sg7gHR0S_%Gs)6xj(AO1nH#{xmk*^Ufyo-Vy0J_V@J(_ z-Bhcr{7bs!_~}EVF4w8v+~OJCMEm4@%wZ=*-GxcIK=`LLsYgQ^Qdd%1O1O9 zyAxyoGqQ8$VYP0b^cFzb6X@wcrw%DE|1JCU>nlDsN6e={X4+ac*K^?n#|~Gm4a0~0 zAK2arcNUh7wbU%|Ghc?kF2W6H(lZ`thlUTQTEn8KJaqZ`RsCnE{H+d*J*l~By52tO z%hzdZi^*+3a!#0l4vm+mi!W@`1%vk&h#+ZmoN?|&fLRK_}UJqK@CGQ0Gdq(zrPuq<)t0N+5t`L*zinU$Z_aG)%so5F{7EfT{DI@EXjL((7U^FvTb5o)y81fL^O_>YtYa?x@h3Z zg}M|WF-TyxuaU$ar=Xv2s(WSh!!@w;K|?UVPX}(P+|?#oP4+DNfCx1#v0=Q}&juVR zWo=XCV$SALcIE8lHwi7be?5ZZuVJPE)F7w><05`HF7olGRoLUu=1M*K@b)3XHV~<~ z+GI=Uce^4|FfTG#X;?1%MY|7rC`Z_0j;i95;SUP&Y(kaFN$S?CIMDvwk(YpMMDo(? z%gSn95wSyswhp;0kNdEul}cx$ixT5E_4rB}dRGmmQrXeUqq+widZ+;q9ooT0J%}T6 z#w02QnlRTw%Lm;R1W6uH)2j4qtwj@{`O2q)9D(Z771`|H%YKMMpqRDU5%PzAANLwn zrRzy|8otd|z<{iQ8lb44`84Ae4I=4fv)sPU6xZ6+rl&q_uk_Iq!iXn!TzORMx~Ch< zV4(Yedf-i;`>DA@H*3DHnWH4_yjNZlM)q&ov^~8M55sRz6yruTZxHv=_i?h2=MVbw z3f`|X5JuotU>Y8rTBW25#7CmMS!(_I(ludA|31l*%4*nGo(J6GFV;W(lqULh^LK$J zXg}mO?vDUgg;m_r@B_}|@Z;Q(Yv|x8yej><{jK~K!sHHGQfTR`5NIjITq^5q@%thm zhVEJ2zZTqxR?Xp?asJGuacCvLBsH!>l^1H6{F>_BhhQhLiBt8}-mrU?O>6B&`gxxu zlt9NZxC8qBg=_YNk8Nv5sJWIS^%bVu52Al*0a#~?-zog|-iQ7jzcvCZ-Znxu11klX z-s-=6DIWBQqVCGx?Xf=?^PPZ)e;jdZ0KX1~DqT0#v0yU1lj9oZJyZeGWZ?C8e zvt|2jvm5@11$Vu=!lU%%yeg@#-qBrF5n1m9EWIky>L{K0)?o$`(;YVA zJ>f6IDl96ul`|f?!9rtbGfr9oN$*HoEP1}^`*_#0w0DcBv2lZl<$j5Er4KE)pzeOY z4ZCVk%(z~uXtb0AVQ48OIhwKb=!%^?B5i((E4|Tb z82Sw{L?y)(KKLoLcuwfnccA&L>AE&nDthDW<+)_a_CNH_e2$&hjV*?Ozbo1so^pSf zpA(dKRL#Oqd+w_A+JYfR@P{nYR%mh9fow~|YuoidDDNig+R6tTR4(s)N-2wvSccDWQQs=T9=oIgJzm+lTSbZJUMPO6@ox{Vl1 z5q3WRuM_^=jQ)xn94HzFPWZrrq_HEOf$`HaIr^>*@AElGZG(!UewuG-s~y8uW%mN< z1+VvNWaEbp({MqDxwcGni_WY*>t6N0Pq3`aQq%plQSF!9b&a!k`&YKd(fsmc*OJSX%bRcYrmm}Y$ z)07w712DhekN*bCfBz)UMsvB!B0sB7Kz9RM^HJA39}HD;6TK99J1ybNaa*s_9%eR6j9sL= z)=?}k+`kaEl66W%+69Hxt9n?76k$nWcqU=-{Y9}RQLGEj zKx-Ynmlxh>{PaJ?2mjb?QiMD%Q)y=LeR}VZoob~O=SMc%sqxy>uu}eRtwl{7OH!aA zqU!>_D*CmOz1|2~?=d#&Be*_v`!KT^C>3A~3x+sES6?j1`DQmN*+=;GcuX0U#lpu5 zb+bs8ML!%*JTKWd2OrG_*&6NROT&I>;Pe+H@7I7uEf>myz!Ih}pr@lfVE2gzeZ#KB zkv{6&v3Cp^{?FFSy1LoX+kruCl#c5xBUAA!zUe^-gDabL%ot-3cpaO3%c|xY{}{Q_ z*KC|NA<5@~tGjU~328wKyQ_VJSf!6RmwrKLYY#dC_?p8*cBWeiDQOWMU?8vcGI@M^ zv^NVch0*HvThgp_LbGOU?q%@y*MU!;n&;dVcq|~kV1$bvLm=Ota@nDSYB}N-8J}?X zSJ8F+iO~2Tmm~l*2BubH1nu@O0Hq+Wh6MKRG|5h?kEy&vp5zmjszj_(M08&gR({d; zp{`(YaJ3LG5W7y%&8(LlG@4p_j9C(h@G2lz7%cb8>Fk-UI_1CUan9&|0Z=cwvd`|G0nx~+jEk8b%e)tX?)oV>*c)S7K9 zULul2iKI1E^%2aVp9!jy^b#aFqe%6%$c1Wp6vp&*(5V;Q9XrWju@ zBbM6E@NMpYK28pJ*)FZVg7@RvRa%Gm9|Ku6um@=_g zHZFnl6h7i!&3XowyUGyp!94GPv@}Jx;k`Kd1naXMHn+4BWS9)sKWAhlETBl(xUe2r z996vZ0|*4!Y2UGt0h4Wy!xiuXi8Sx2>E++gTiB7}e?;VqwU_@?D7yF@0W`5UcJji( z@F7S~(X!_^0qGcq&!Bz(h*I!3F(EDM5VTjK<`@66ug#gX?~?O6CvB?ihhkWbSlhNh zlqT@Dj}AxqLKP(r=5F-iqq$y2>cY0r(^-V&y(uAn!keWdg;bc8&0%wvg6C&Ggqh(1 zlkgv6W+c^D@&#fXrhkOmDlFnQkKW=u_G*yjyD`B7gNWJlG`r5Lkx;baTDUa$aQs8n z`KAOmrtk-o9c{&PwPu*1&8dc7#!;;apS~xeLE{elX+jk)cHOvj84+oZi1_5PCZnLj ziNGt~otiH%oylDeA!@e!D&>e^9Oa5hH zXRp8KSSRnp%xw!?m)Mr71O+JgSxt8qKI@4q-XK;yFzB}Y#@afUD4e^k zZa4l)lIq^9NoX=AMZbKH3%wuFjuTDU36K*)twO!W?HlHxQGWYz2eN*7Sz4;jN9e%> zL9jI2?ABrKaGh15!{KS7#^|$~Mtr?m7?`#5_2?q)^E6rSqEG(TBz{#Z4>Uv>N^boe zLh@^05UDJ;+8Icn1g;?~4xTC5RYK}%4@3y^uGC#lEGce>`K@z zKu$a94>$b&n2>1W7ZS_;hw;#^#nQ=SOj{6!1`%CA1L+{y2`YJX?ntZ$nHi-_3+i@-*p z>RS)@FM-5&j0q(>KYfrZ=-mJ7Y?uuAIQrC@(5M2uY*nw{MG|z%%QGIR$CwD#SiOkTKT=^S7g$v``FoXVfj))lD|E-!o|?=sUL#`^bX4*Y^-Qd{+7 zW&WGMF@uxIWI1n;AN@2yT0vLok~b2!35ti{sdwZw;C=E-eIB5a^g^+s8iT| zHgWIwo&Ram-m@W22VU`Uo%t|Y$BMT3KH>n*o_=uBr6;jzdhRPMq%vJ*<5}Xg0E#Q+ zn)AhfT;A7vi2GU7(7l~fJL zbd9&^A4XTFd)yNdkPs8Mfg}mfn~CS;Nhsx#T9b2bEcP{Yh2yTy3rDq|TF}7CPVy{wS1F^N7WlCOUc4|vgI)g2)o_08#UI%@V`~tO0w_oG zNx-n_>}?T|vkf=-Jz$rcbL|`#Qvz!bZKU8opuM6}bB%%EUae}2fCbrw3zYuJy6+Eu zf22S2akIw&2qGvl`PcN-S{~XL)CaqZn+jl)b@~Q559JT4((Up~)1@bOZ>oSt&t>y2 zbzY#}UB2&BseeCl&VDyNJ_-I{Wp}V7_bebm%u1t{l;uCsp|!b4J$JY@SCZmAb|08^ ze`Tj@;(w-~e+CYsQ)lM^FPM-DG}|maw9BvmeGOhCj`Qhi;WR};jJLYs3gT+M-wU=g ztTd;xRJ0GfAi7~_Sg8c??_Q!?AluC05Jg@5IxQtkw7TdCOKlPos5$ixhqK*tpRL8* zR^={}*uU;f|KBsGIdcI>;-5LCm#a|X&pEctMl%0(@9NEz9D&?bO;r@z&|shLK%{(u z@O)qF{`>k9HM(LYHYVl|RzmmBwMV;u*mJz*X%I8~9&#b1h^dGb6@L{3U|vdM%on6Z z^_1+5COKwu8Oiq?43_+sPY(<=Dovdd`7S%`bq7VhhO~L>wdcO|&C1zj>7M&F%QZ(X zc6NJsX)^n_zTU$#zo;$T%oN4VPOjFICIsUh=LS8$Ve%4VuDG9ilS>UNB`!X-GM)eI z@JvCHXiLtFIsJxh8JSIFe~U90Hwf*B7i1ly(1)x%p5k znR^{hcvUUGykEK`y9DJX)py)41%2<${4x0%9&Th8CWN+oPsdbo%2)eo(RxE%=BOLA zjfC8RiuKFwoMv@Os_DBprC%_s*efSn>J?zliN1puo55CK_k$&7RKd|9 zL+dlS4NYTiQnKU-h_WW_lMmxjPm^-c$ujwZ#W21epi`n{qB^J#7u}o|02(=fD}CHB zW1M5LQ5fm+<;q!=pyUVBe;5oOAa0w#aDn|w!2nI!*LLvtg%`}OGNErWpRMWLv&Fpi z9OaRr@)tCga`SrIXb|;m)v>|(TbEg4pyyV#NhTx8FhXpN^Cq>wdw&H^&f!@KYScNs z&cEcc5%n!i1yT|m4l53f0JB#P)d(TRlH6pd)dc2Uq}^Nd%~kI|*y@+i9qOB0LCYwi zZVhv$nC`6_q73Kvy;gBUVXeJS?mn%|HZ>kiQDW)iscHSSEssCc-tG=AAwaiKi<^8* zm|QLCotTeIiN!)et~DK$xc)|9YchsAyn#?V<3P0VwIN}|shlnOF#KRV+7wEICn}vh zeC2=FO?x&R6Dbs#Nta|OGM4p!UZd>V>WEd>+DHlqr+nIW@aHNR*qhLHE)?sQod4aS zk@QI|VoC69Nq&l?)g~#7_C9Nx%%K8Ww+EX`*bT>RI{C;3dknxI%eHI;h<4RN_-9|7I~= zvDv7oP(zEgHe7S#=}kNxoyphP*L1f>yp1AuBNrX)_u`V-JB%{N&E2YGLNDNiy4=!> zs$wvO%bnQk7Qei~996Y6O6OWqndZjUzR5}>z9+dL+{&^1MS&gN6sKqWDuY~RI6QO9 z^0tv!!RAtpW_O4>Xmt3!TZC&HpSMwa=bL0xw7kM?gxTQ86`nu9x&c7@SUhL=(;37S z=C2*A0IGn!Ew7+@7i146nUvD) z9&T99V2wVWR4DCI){Wcl+!Gny{FeO4fUgU)aHpA~esg0l-^&IK%5$}PzRp5}5B`i< z5`B7uJd}=~s91C15OkF8Lhfcomy}*uV3WpgB8kK1C8Y__XI{D36Ru$O)%C-c1$}>(XsZ4#2;~O#@vUT5FW1A3Q0dj_tlFH z2*f{v$I4%hpvdblVMa|^-w-KAR?9^*dhW<(a(^dhnOPUrJ9}v>X0QCKw{LsVQJR30 z=_E$&nwj}e^+`DgvxEAwEps0eU4PPAnUVPFS_7wmQrspFv`in9L z1Soc0VkBmL-5Ukp!JB>fg$oF{Hg;%avRcb*>#@wzU=&Y1li?#B(y^r1ZY7Hu#~ck0 zUhS{=bjSMv-@;Z#a&qd|X2v1EmrskyD*pa?&dg;$Zc0p}o+Dm)2RIqX8xu)_o%9Fww-&E}b~S9?C$ z+eylV?PU&KEba%p`zb3H_N0bUtBiuGiLW(lzMvv`Vd1m`_jvl!*7sIvnpofEERY|R z5Jq5ja!7W9X?EL`*{@Zv7$KMad~=rH4eXMkVBD$on+_`MZ_3ZpF#L73>GzNup>WLb zWwKQBmp7!@cO({txo-Pzxs)4z>}?`T*1cu1PPDI!W;Z!mHyK=EC5!B<2eaddDzc^q z3OU#0=h@P3Q2Uown&vWs;76ZF!Z-P}zeX($lv$gWU$y_Cz+MHk3OhJ6Ka?vtR1gPU zZ(`_3G6PfEPOo z{fD`#+F!c(kK<|?H!r16`|TU5h7-~H83JfUkY3?5(MyT>lXrf-)S`_I82`}Pr$%6< z(Mv>TE63J;yQ)W{55~Sx%_SgWBEfK0=D!Yr%pksAA;^P$hGj`9bHaX^zu@7==x z3jDY;0g`#qVMqNvG2{1B{)MBDQo$2Ga32xVKKW(mA!caPZHcOd(Fth2Ne+}f{vz;v zP}|N?epR89j!Uboy*c>uszfVwL`n<8kwZ0CuY<6S{JeDRk%`VoO%w>CO z;H!p*|IrWo8RK$apc=;e5l5i!#9Ud^%7xLTKm1FQTQ8Ae-$l-Wp>C~9sH z#S{J($2mTW6HH@Y(kmhLih-m|53|r!`gY{Ac+u2+6Vfh4V_2W(ulOOC*%4v3VIik8 zQAyqHU?K&z8|!G+>J5YE0Bw{gA&d`frYAUKngrvj%tR{tr99qI0zfb};J0yQ&$ssS z{N`UUCpje*ZHd2;7e4X%4^Y<62hi_LMd3T!q{}<=C?Qj)rqC^+D%6f#xE|m$$VXdo z%D>40k~W(@*f$9$9k8ME$a{wTnnr3uo(s{F^2;48TDoY=Hrd9WSX7JtN+Bj@Jf=$= ztd@lUN4ng(nv;UI8n7fhISWIjTlx}V?0ADLqs5ZvJ!sKh= zqap71Fo4syMzl}@^3VM7kyXyve`&}lgzm=~KEd*7E~G5e3f?fbb! zSxZ+T!X;e?-(dlSr=-l4#h7YH?BN~AkVt9C-aF3iJ2B}oI5(O58V>q>6SH`B;VDh ztIXys=!0MvWGh@#EyFw3k}5W*Toe5}CVf1A74>s3EQ2U9`{nV6a11z~-n&JEbq;$Z zy78^=@JpC%=}TY4Dv-+V=$20l-BROt6dX2;n-n;1%^I2}p*%{C8c)lK$u#}&#V9v8 z1?OAj7`Jo^`6vxkw5KX|BJTdGMEzTN05GQF4ZRIR&Am;|6VZKq8wwU3D5NP)@x{zt`D~)qJBWrHht+H%&!FLI^Gp^{Te0HI=U+{kRdy|0lWKVfBKB-Y3 zI<dQ)PzaQ+A@!rsd7D zkXtS7=L*NV3}Y+IT5lNnTt;+FfLBLCqC{NbeC#f+0dcpDADXRoGa`2}th}Sc{aa5e z*ng}I9T{c^$!k>0*Fr_u+{uht+-0s8)_TugmIFTo`danHn^(`y?~OcH{=J(1^Raw= zfkHN#`HY zQ~@hx2mYO^@}#Txh1lt4Zf(6X*KwS`v>I;b&|RIocB%Eikmz^+7^o!BA!}Dtym9^& z{-Ydb9&>=|P*nGOR_JdL!E_PIWzKWU@UYO3MLKfhwcOO(Oe>g;uu}hHugy}Zc$lqhihRoCz5rA{HqvKjX@IJE4Z#mj zD4|=WEwWQkU_bK2JQBhTFDH&vsDJHFHDY#atpqNtskldr;(|nBmCQ6P-N50FS77{A z_Ctv;Xc3Q3RGy2BkVS__F+-AwZzqhLxJhAB4hB_8y9Mns^Y?(NSMOUO8=5gjb@TCy ztH?qCEqJ*5_JG^STU@Hi=PzI0)^F;iM_9gFKJ-h2w}UnCPn(k(H`5mevr0Q`Tz$UK zX_&}+<)UHzoytat?^+>naRXL;n@`1PL=P>X2tu&i3nn}_bO|+PGKPUN8)BQ z-KB1yFGlf%<=RkW&6Z@jE9Hn|%|!W+YW%*CEh}&_PCZfw&d*~{QUP%XZpZvV@a%d* zjN&s)ebFXP4mDfel(8Fsops6aIoV<|47`* zvLDK-knao(nKAqtT_bCp=MXyk_6F7|DoAjd?;C?{G)Gfl$YS_yduiA+VuVS3HSmgt z+7p*ok0K#oXR1;S?Km6mL(Hog!(?&1=tkaP}aRXp?Tpn^BACLIfNCnwlGOR zqey*!)xQUyV?lZx7zU`akjin%u5KnWp|7TpGfNxa@bBy^wtz2@I-|#kF`E%Xd zB#OFzJUBSdG@lgDyucL&jk36s3csdl)+7^o6j;ohgmWGjw%Nn3%m(#15?yKeeT>fS zS=_d*Gc}tOr#omI)Z5a`lFxPhaEm`m4kKSZ?7f7N!*s$wc|Yp{ASnkce#}08scEoY zC)b0ekZ(iYgH8F0onoF+q1$!Ic3~4PKnSl6|4P4k^X%}ezi$3++qq4EGF|sZyRZu+Bx)ifpoJcdWDroK99P0NVC^k`#q6f^10b?HM zGGute?5g}czHsm4u(?d$Y-yoE{N3f^f7Ws@WgP~hqd3m zz35&1)M3a~_?HE;2KH2ZHP=YTeG4KGxtF23Bj4U=bvqrC^57Wume%bz2Cmrf@TO~j zP9QVo>Zf}E&^uHwuPw0&$yeF5k|i1FJ_0F+U*`9ljpby#8!7ZpuV}K|gB*1m$mpY?6nh(*_-hvt>nu4%puj1Ds!TpKaq11i=F{gG z%{acW-`fp*>l1CryjGd%>IA7^_W?u@d>{UJW&B1g^SUyShw<5zftvdG%e)uUy|87z zdOjB?XcZ;RV?K;V+b{Zg;Joz@^BvbquC{^pu3ua@$?*?j_x&BjYo(=V@@0NW~{#^T5oZWLQ`7{WF6& z!L#r9;T^ro`;V*h?4VQt^wNIhbKWvf+ZA1-%sG^AYIIMqgPSyJTJTa|#f?)7uk z$LP8qQSY_Qe=Ps>?3S>zVx4g1T(wCN^n-!zj|93V;|ldsSz=b09l7P6q)>)`0YpUC zVg|G@eB>|-bD^g+X;Bq(y6>x6(s}23RY~tag44%7j`;Hza4Ti}%#ogm zU&Z5>bi-apsxP{qRWiqgJh}zcx}*GBXIH06FzCuzrOQ0O8I+|E)4kzl{NNWHirF}a=iRjei^UV zYiq+uNcr3q_%{RiqBnx~TD{~AhjQf6zIlV5fcCu`FS~ciMYJWIEJnGL@R(crqPbOe zj>|$4>FpP>8%*S-!wR-!y!y&?J5-TzGO(<+7c0^xLlS5Hv`*i4kfZ4w)5|!?TWNld zhC!T{`d@J8Yg6uXG>g>_5u2YLWPa-;p0hkoXVwJ^hLIzO8(wfDZi>25^y^iE3IpYR zUGNT2nuHVH<%`S_A(ysAb?$pQ>^d(#;ND(qiiUR0H6G44R;i!2&VXmt?Sj6*y?VWoSI8&_e9wW!(+2lBR$2SiD$^HphBwcr$ znQ19mWQ9aTSMnN-i)DVc3ORl1QP{?ymStPNYPH79Mx3_S>KQ4I$%zJ2SF`TBM<3{@ zN6=3mR%kSxFG=6SeM+s5XxH_a@o}9X6L2gWwL%{NuK6>$zf^w89Uf<`q!56<4~gtQ z1^oP&3+Pd-m$O#2U5}usE2O%TSlIFyYnZDbzWgm26WzayD&@~xKg=NvVeQ*7=Vcyt`KD9zn45z(C4 z*`u7p-WFywO1Fm9esSjV{d_OyUHhLHCZWu+-MFqc|p->DT+aqod}Mb@|YDq$NzgwlcDXQ8H2Fpc*Ks*TC!F z0j3%8gMYbZFWM%7T2QmwIUF=XpAl}(B)q@-1j^s6^$9$0$3Ll>;=mZT!%NG1y* z7Z+=IR~y$B$dXwFCOLGr#q&wjmRva>odw?u)jVdE#)59R{0SPU?L6jgqvfoQPw#K= zX<_Ps@6d+q@2;e^kdg3>P~!_)c9vJUjeM4vou*PiDsO@ zC-TH&ru6g|U79n%yqYojTTW+=!)gFF603E-7gKsmZ$u!5Z}YG|5_63-y@34gzjfD*zKhim+*EWBtMP~TugF{#!8 z?41*!p#Q#iLx6{#v-F>tpPL4V1oX=Z;U0~318egIMEQTx_8$k<(g!i+ZY;5acAJeI z4v3L@ndllCh+4kW%;n7bh#Fpqf+k2%z&z|yscr3a%pqzQewf<-z0{&bn6a70kSfiu zaSJsp5gC?|eY0-DoKa%-L#Eypq(L#WbV&u%*u zSuv~iFuD@0e{UR2orO2bskmw2o2*D3d-Q~;VK&(xiRL1;KjbDcUHo+*wU&T1URm6T zh9JNR7d@uEwH>lJBW#Yl#gD`Sa(^zU%{E=-^E9@Zg zLlps3NT%I^yt~qA%0!A^1+%mLt-y^CD`sz=;(k?Y31~`|4G^CT3Woxpc9SfH|0c7m z*BU7~);}eTY=||CdcV}@J?C=M4G~F{p|RjC*a>Psrf>CAkduvaiw>2W_m zkE4HoH6mC{jCT>qLrunqiff1}P_Y2y9>;f_CdMe%Xt9j>dEjZKPu2drHJ!(T3W+jS z$G~*ahrpR=_w-XEQ~`<2;d^46KgALrqidt6nQrZ+l6&?$<*MWz3lw=VZ0!#Nba^jc zt_U0)dTpp7dYM8YXm}7w!aG3;gP#W3hugYLE+%06Qjck+%|-H?gE4)%mDT730qSX9 ziaNy0$y>kHAa4k)A&anJb_e*R_7M;#i#`2visno#aBp5|I&uGeFDID9ZJM+=3=aP~ zE+KXygExJXPI~NDUv8$-(d8D)d)*>qe&40x&`h2x+ec3V_jf zo`S97?}ry$3y7u6PHrb4_sAILTz#2aGxILz>2ke4=UL^H>OLR#FHKs?4`ucP-iw=-{Ap^iU-t+GWN}lRD?H1O+~V(FaUJ@Ckj3O zj)|CH-uLfw(I?76s<`~+3*5O(|5YKmb3B>xnge^pBS4ak|2;3l?1`Fule$n>zrRMQ zdkdAndzC?E&Ym*$NyI&7z+`r_e=hmCr_uuC71F zw&Lff>DZ(1!1;Nqubec;j69f`vW2@N#$o7yRc#VbnK^o+9pygB3XU_o4da9^OPdj$b91Wh(`Fv9+x(zxLZFyb2jbr*vF z+m-s&Q!@B6(G>y6xyMp~%_^z5q4JZ}%>Bg7#rLt_s7QW1R8R*+mwOfV1d}zLdJun; zIlLz)!~tyf0?r*9e>an;c?}hV0`SJUu3h_))c*N=xj_4>7I{+1n=D4F7MIl&Ez)vu zD19-2_P;Lj_z`j+W99CMXCH?kvYGNcl>Tss515nLEFOCJJUsZgshLChN#o*oJ$KH5 z)a9lbT~sxp_xUsK_pgB?xAD-9J%4<0!nt95iwyHWbr zR6PVLgHml4&PO~&bJqy_3u(s-ywl;_-lo@XnhgFC)1hZ1-hn*XH^{zlYG%t4u-XUN zapZrXH;8AvK*yEeL5daNVP4{Ye;Uw;l?v0Xh?>d`28O~l@ZuWM*D zrw7iQ3!%Od;2@#Rr3mcil`k{L6G{I=;d4Ir`3S3TDO8?0<`ae#v;@$VKFBVV=CT7g zHQBQ+RgjY>lD#LgklO(5s$`@+zBKJ25Mn#b!N^;H+T8(wg`;tgf0bRnY5;%rOw~&jKs)s{`uGR|FiQpi*YesTJv5q`{2)lC^mSOe-AwQ4 zr}iD7a@oSnXKEd_?d=N=98IBGrPEKJGg(pJOBGg*Qay)8LY*DT7TuU$?1y!mzUij_19UX<(a$ z>wTl_zM(DBfpc^fYIp%+%eASYiVK^V+Z6?iZ5`l;dm8(tpV}=biDffm6Sv%<5Am>1 zfC|kcCAZEQKrIaob?jpgW0!H769t}cqJYv*O4UVi1ji!_^35S7osAhTKD@^V zD*xQQB>+oo3(R5AepYkm8&Ia1;_}OKa+A~8s?p1)nhHI+b+S9?+Burd6K{|8!H@0g ze-J8w>uW8MYV_5ug!c#V&Mwq|k?Sahs&(Kkqq3PvnHK_U}dXfO#4 zh=g@BunOYecZHTKlPlex?g1D)HI}C=2HTMr1)>cFa_zdR9Q05ypR*#x{7QRjpiUaP zs*g=UV6@j*l`VMV{F$(3y18Xo@V#no<+t*8b}kBDhyR%HlCf|u`t&m3AK^2&qt_2@ zRHRjE1}bSd?bh(DhdnZXVXlUV#<{=V+NYM)J6#ZtCYF)6rORIxSNu>cqn;NR945oc zQbU&v8!=UrAdNn1urq8OSa$5MkMgQ8#ANemb+diAb zNIjBd04`=FU+Ygec#0Il*`2q`eo2M|K5e_Dt-hTj$t+x})RrgPdTzbDbnR8`GRxP$xNZf`P#o#ak`sM%yu|_vF-d87Y!(~Q_+JD2e07ov{OhH%p7{^W-M&X6q z1D#|-@zJq|K*>IAS=dvGwX!WvYYa@hAx9jUprvERU~Bo$De~Z+Fi>Jjo<1qveBRf| zUx?nD%d;fH!OES4Wt>ZR-H+Hb2lmoA)p!kqMW!sTGM zRcT|e-5;Wd01|u>l4(Q)-znl*mKHcEYAML?1K?Op3v9o;ume1GH>Fs{pSDk(Vlnig z-eLj@H*}a0&C02lN9eUyJ7lz1m)czO1YR?h|Dt=zdml>o#0fC9B|!HO6U-?Q>!m;R z8UpOfzT6qne+hPX6acSwVe!24advc&}d z7aBlgHK_^pzUx|emI5`{-KNHx24+FCCBGy2N(Er0YQ{q~qj{_CQ;E{5!1SlAZ=q&v z{}_02r;785!+3ctfcn`r`!G11;J902MHBw$**})RN+)X}& z9``V&0rkC=W}v5!pG;qZfqkgeV2l;RYl43{qXkXGqos{Wu94txwnCy&M2b z(8i{szPK>Q+4C3o<^gfha($&5b)kcQbY;0{@>|fCAy%*_`tgOK@(sq05ueD?M7om> zMHANzt9WoPAtu}&Uv|k(M0Wu6St5~G?W=~>wb|*@>-AcAG_v{4{Q0xT*=_vbugKFT z1QN6Ehq%h5=c~B;E3xv9w|XRg>OR+IpDQ!NP^fyZ00J2#T`Zx`H~zkBg~Qdemwmo* z0AfEQ3!(|+h%PKj$ES_T7MNqzFf>S15q;k`w?+*pbG&Sp8o&3jg~#Zkey)?zNv~U{ z5MvrS&T9Yq)CM4+_=mGn`=4WbOhR@V_eWV@idPw{BegC0jAl!H;k)Lw}yN!ByV)Y*}*i>!JVO0Q>yr*#JMDf?%W%8?uaqqy_N(& z>|3{;aCVw;nQ@!=#z^KD&fnt9{(KWKv}JUyKdEmiaunK6>+#mjk_4iAm7yu1)sVNw zp1kXvw}{&SF|38?I4uUQ#=M)ek7(O0*Ke>TjJPLW1+WGlFUTv_da6&|R0ATY z8q9p+79kyHxu${B26_^9e(%bK|Jm7#?ZC!<-dS{B01}?J6tkRwXlXovEcjlCGtERN z>)9;un84e=lo194t05~-tfvlXR&8ic0q_G>IqgO4Y1L0cD+DS_xwyNyiEzP~nu4q* zT;?%EqtCW`0bZw#Iv+&Zo~y5Zbt8!01W6|)s(&=5v={A3aL6xODpikh_mTkY6im^? zs4M9;RCCU5q^uppB4iqXU3iE)qIE^3ECNBICM1zcCNg zr@-w?A=}>VC^z&@L%-rjveGa=n@{8C5k^DTl`lVq=8O zGf%OoW3J@uGP{dLvaTeCNes`sDxqB%9OnhfoQsO^((%YLr*mb4V%jhHod`h!?onEKr^9n7)DYM7(9i??q zL|#^}uWPWD#%+EU8#lN-PN~`%I^$CwsaW2(7&8g#t2w7s-(d<<@#6VZ_1B6j#aO{X zF`FXYU$KB(`MDtp@cMjIA${vKt=S7~b=dU621Rg38RJn{oi;K{QL@0&8~hJN;bNwrsknH%-{A3)ps53R4Y&GOE5i7m)K!o zq($q!o6PvfT|36q$uYWyI~-mJ;h7AI6%-q6R*jg{cLHe44=$OWIXTwP9p|Php@};g zhs9-~TO!3Gg0BPrK~>?}k7iG2xo0w*EA${o6fWf^7gTFI>@U`9?xy3d!4ubxRuk(l z(W}(Wa{e(UCw)<2oKhmdZr=y`JO-x}!Kc<~823yZecy?d%G8{DR6n7g>9F)DiIren z!@O)|wpfu&XMl)v+;Ax!&Iz76`btyf+!*IXQ1Iw#)CioxA3$~k6Xxl{`PelG<*Ba{ zO&*2iM#8|3YBw8?w}fqxv{V*tnKxR|bd;_y6~)y5PC zrCH|N#8S6l#C_!kbL95iE99gkWcym*0E4D2vK(1YJrG;Fz5FPDV8th&1Ne@aLot@E zLH|VDZtPPYM|m~;2lpx$JW_4zW`V1C>QX^rA^Ue0DXOawb8RU2m=`!BMFu|dkS|9Q zgy(9x@zXgMd zrI!bU7;Sev{xl*eya94QoAceXCppAph5~0EM-ttIq2>EXv}|DEoA*s3Wna`7hxV>L zYl?!eS<1iie2D5OnQP;ECUIMec?xDJcx?z(x$cE^{N*qLH+ft4?36mi2EuPb`5|If z8>4e8JIpeeaoa@$1jY?!M8dW~hTmw=@lPRZReOzPTV9B4VOw3shseNFicKm_AV{2n z?xY;yu8Q)hR@YH`d9iA7KgHJ}^6u?Yk^LPiN7bY{=OKMZ;FjGxXL{=QEi0nGE?ZD| z{nOqVV`>|w(0Sd5D%YC-kyc#R45aAYTC8jioKA8 zRO?raY=AFc1x+$L{*4&@s6N!vsWuea*^?h*f570I2rCvYVDN;g^IY|})&UgicU(q) z%Nz)5e=cO5jDH!w5~j~ctBZ4zM{4vSsn);O zw&t0@b-p59N~IFMP#Fevo0z+!J%vyJVGY8!m<-js)=ye`>Iu-I_i8|Cv8PK}UqnGb z6Q63L!m)B$btWzEP(^O_v3^T;#8IUv3@IqOuH2>oYl7pebuvIk#+&7cqf&GC2w(UL zw+?^J?>%}8XwTdBj;FsHwO-MiqLjhc9_-l}lUrk7pgiLBF0xf?PMMq7S%UEKFYbBi zI<@?`Lq*=iCmn+H4DP1ZAiiZ7awlhe-G(pgU-mTEn@*)(Fa(wEC1H9(hrhqPY^Sa$ z9T>7&T~NWXv?d>xYZ$Tk@9_ZeNybSbp-W+y5t!qD_2htGir!I&}5(+V}`f>^h<4p{k`FJEuDtb(Pfm5#)Xj1DFAorWe zGa{(Be=#lQx-Rv|bsL_} z`rY^)Td{Fufq{kzV7$T39|NkQVzHo9gPv&%VV`W(gP!ma*GAT^?rH(!=gwnqQWO2O zfBDh00<+STPONX(WBTzcMBK)x$s}~Itcg2uH2U2AUo$)K0~7a)sSHy^$89w5n?7!Zx| zes2$Vy=&vMt4ve|#sS9a$i26M>@< zYul{K^X|NF|H+21-$(Ps7`SNtpRb>cFZ!oSp@c4+wHsb><84#?G+?~v#$F5F^1*iL z2z$-_LQbkDu5(YitTiG!L{j%T_Bn=MpQlBSz(Zvnkj)Z&A(6S-Jx(LuLHIr?JI6wY z+XF`W^g*RRSI5bYVgwULLuGIkh%PJN;63ZP#=as3l#?=g?Fyqza2bn;W_nccxTy4{WT$gjpY@Bzpl9a~!g}uI( z(AN)Xe63?|39RVsSn!?3;axbtU4B&ASO3+uR#>z+sko=d_Izw9={1E@Di=68$v z8ZY>c6!j3lX*v$C(}rtX|4{y81D#JY@4a6hzQ9iuJ}L;D3HL+d{RC6c6jTXAtWpIL z>S|!=?s(N8Z#hA`)M*6L*hi?*sB#3~1Uz98uY@~qg!E{6`jYt%DP*^I>6A-mq)Alte+53;Cjvb&~F?~^J{?bf2+u;MUj~oR$giAG} zYeEuES2Kk)jjt(9e=u0%d{_$~xA|oM_e_%>NUAjtE$?6udANAy_)!i>`_u7ftS>|} zN;<8{wT13|0>sxb@RgJOH1!e{m>=lq+5fvy^euf@D6)EfAd}=y3fV6zgOVkyoFz5C z2sOv5ir9Dd3b+aP`OB)A9L;9aEm*qdC49{XZuL2V`GX4oI~|+jStHP>=_LAgB`lXwfggDb z539jikJ*!A|Au>3l|0D2;FAR^qUOSyT|a?F*CcXNg|I7CsxYG!+DHPKBPe@GVemoS zT5#=KcrfZCIAH+Y@_@0n$dM(>pj{X{Q|6u-0>6p!GiyqgouvwEPJ4cT1<@yvc0 z&$`|>HrQVxhsi*LVtlEpVE)0$6g#^uVvhJu&&1MxPuqxW?YUYc=zi2urK^E)YKWY7 zoVUEu%lFQJ_a0MuMfyF&_n%Y+Zn)x1MZ53b%K`Ib-<)OvgV+Vh=y=ULAJ3qcA9y$J zrKKT`pKpodHLAD7wdA=<<(~Rp7oI51l2ixDc_LEcxOp#io>Qk}-!JtI?jpJY-X7nY zB;oO~S=`f3!;r2qiZ;BQHsO!*vY%8ohb)JIqV6~PFdo|Qbp@lV731*KJO!dqS+)cDMD8+kIMZGQ~GOCF0y+fg6-)$r8s-~kroOXr znO?>HYxeK=YQ21Cc!Q&ySXEd{S+To2^sLhBNN6$L-`ecH!!fe{eTOh@FVQpQ3U^@L zoX>LVmCBO&Si9*nqTLy6M+5Ig#>$0v*wU;$t;7eEKutO?D%LR39rQ`;k|MmI>U3z!a{3!FQYNk6dJzRDOOY!2Cfo?RSoSpo(DFAl_wiK$)&S z@kXOaE~-#Ucp1}THaeqUNfLc~ecZ1nPQpGkfclbV7q-S`+ z2@kkhjce?aMp|O8ti!UdtU*87&a*kwuq3>eHc+m>6g6sSU;G!WfM86L|-y)k>hHE6a)y+HggV`{jQ)RsSdfk<7VU zeka%Y1+X&WUL+kaqv-r#E7GnqWYB$&*{e$GU}apd)$d!~iqHKRg?^Rfp& zF1@dp!piGwavA~H`!$C0-;;TG?$hA?`_gMDIJFuJOro#53?Iw3LyW$mbc3bVLutm- zHF&?2Ln~?ZS*~a`LhfwUMsDasJ(NdX8Fb_HUCNOjR8Cd7|H11q_SdNUxlhAZ3jcN( z`uO1%tV#A3!drLW&nmK6n(xqsp=!f%H31M#uwMKhI@>LP19NW~Sb=q-Y8-q(5&yaA zYI7n@9?Q!_xfU(KQ^(|3WTYM@{NC`9;eeRS|rnJ**6Dij#ld4ZPaWD((UFy zF0>f z!awsW5&;4NZ&xKJ5Gko?14=e}J>93NWG_VC7d?hWiNkp==VTD8d2Oh4+%?|JKXVj1ns8Oo@P=rNZ#(x+VQPi|z(@gl{J#4!g^z#Hh=w z7wWW6Xq~#B8RV^($uYdV!L@wfw+rKEcFX-6HVN8tb zahlgJF(z$oo+Jse+j%3F*`4?xho4#Necp`Hzws)NX^jJK-qD}LdosxS^~uVRR}U5y za)Du`Z>9gwWVOWnW_z#Cx#C_%IIp|ZEwe@4`L;mo5iffK$UQcjTMTr3nx>u~{0e zS^cs;&O>R#S_rm2fjcSencFpG`VpVSUZDL_^@TI|Q@s)DyBVoE&zx|VdmvsVS9i0- z(N6K@Ebru-{ifSj%b~Wz!w(#gpIHhG?t|3UX91LnG%)c8W%>jpxE+zH5hqT<6DYjC z;SfHf@);-+F7aCZMkN&J7{({V7vmg-BQlV0lLm-s!|rlPC11A-i(KHNOFr=XuHy9w zy?BJK(3_ECZ{-#tsM!babliGA*p+MBXuz)JD8RU(VOXd_p_E2it#y#IU|)nHITkBe z>NPiATzU!vvMjjI%lzh6`w2hocMX{5Gk_BQ%_SoO==Q&Kl4!UNzdE2B>YG`tCz%0H z;psXO)>Ma3Z8Ql&CRXRPq`hD~)8i}fJhMfw#O8jY<2fIq(l`6YcrVP27oUE}CDo5z zNSbb`NpV>0l3?hb&y*w;)IQKYV2{dFxOe_s<{#nZ0@_9grELfW0)|JxtTNzKj>R)(@@UE!)PN zU=QCEJpOI^x+`4y6rm&;q>z37qq#t8?4tTuxbcho^K5r1u4Ve7??oj|Tn&*mK}9CA za3tfnmY#w`$8-3lM~0<;dsEJ*O=VM2?3J-VJaM;l+oXHx8YHV&airnqy&XDU=JPDG zV*e*o<#~IuR>$eyKR$q}J~-(d{}7egfBPhV?K<^&`M2KC@L9IbxIw|)b(~MO*!q&T zt|b>(ceuY0^KS%HlGi|!O(R}gu%z_Z0K%6Y`Rd^KtP_apFqQMdKxyjQPaEWL@~JF04N|2BKI%L&F`Mrt8QZAmA?%j*3&he6#Cp=o zR$a9J+PyDf2pF}eUfTu6=AmmgR#hMxzeE=#Z7)e|u$Z>j4L2bV#Tzg&B zW7~1A)Ux0ry%*D;K+6f>vAv6m&`1aL5P3qS2?|&?jX4RS$6tC#{uV_T+tSEwiy%~g zval5Ew*}7aLgnr2#dnQ)QyF|UhQ4}3PPLu(2I6Wqq;ZpmGZvY)lH~hBuSm}y2+Z@t za_8pMK~@Z1A_7=d#v`A`fmNO9M}LjVAG{l>YI-E-CY&EO+t|&%Z)a7kW$|3(GHYsg z0OKhnI^a-YF;QXA%H!xJ^OR-l!#|e770`+i`#a0Pet6rHUF=ckA5CkW1+Ht#RXUNA z^_vPjai`0|D|ItzmY=;7=48lJcV}dX^{TN|>s&znoon!yGqdAZ*!q=Rk?1i7lT=IB z5!K*wn7#8%eNn!NGUkDC>5Z8;^Yhh?u8~3}9}J?c*n$1ikqU$EZLEJ@V)LY^!L1|( z*wAYL(e<6xDINdhlXV9Ap*sJr!BT*~G+nNg#@Nj-#Lmcp1K%Os-|DzT!_)ia<=jrWKIBJGngMDOl-G1KOsppY?L6U99I zniq)qW?z_6K%kzjBn{&tSXvqK3Z?!{nmHh|R<40{j9`NVu;a=!(dX&R7Es~*0zJcUl*;iwI?*6p7dJ`wd=^t%g1ZvnmC zi5M#30Uvok!F-gz2Mv7REauq|B4>k2F&ukBmGpa)pwQHIeR-s4kFB?(-$F2h=;i}3 zdmO7%eknkxld^sR!4qhAL8mm9{Uo9DApyNg`z{A7-=u$Dp!xemSWMUdx3Kj5>4j-) z?+q#`)}vgeL3D0asai*NS!Jdzz0*RRO@8TMu2Ay>rip4d4&5YvkI$9n)y`iZNUj#t z%zej9CpI(8_BsI+z;|iw8VGBi%J=0Kb(Y$ZdPA2Y+9jg_0hkYS(1Rc?^*&~HXeKZ! z(cofKU6-cj{J=(k+BpiduoDf%6>Fk{uk&jhNY2g~F3`9KC?2ClvTjy7oUeX$L@x-* z6tSidiwgJ8I|7>&TO^~wi<+c`iQRa4`+oL)GLFG662vsje8S&TJXQl{PyWxVBo^&K zC|mX#{v`UmY=rS%+e$dGtX8C<88Cs<2w|-NaEaE59-hv4T=)Jjbd`#UDr%ZAYP-;5tLy9KO zmF|i&sqTF{kw=7qO+d1Mfj&@u^S>=ZvE-|IbKmUd{i)0SUya9zX1W*=D>uVE{C?DY(IRX)Idp8LKe1mO*oY2+7pw9!_l_nah;e6MG0;vAq&OGO7$JkI zx?3Y5H;+H#r-{&8%szbVu&Hr{!T5miaLpOEP^3;e970XPwr(S*Q(^(M{k8!!~p=O}t5asgo=C$pK zXcN@0WW9zHV+xhv$nTs~igK;5+2Lq@IvP!x?{v5O{)zjRgs8;@slAk-9B_?uVKWtj zux(2qb{$GSgfAQ5{g&pkevqT7ic)^X)W22HOo8U(KyTg7FXEdcg`#6|MOKnYoR|~~ zB%$S0fgvXBfmgb$-Dah$OwOjf8QQDiumoplUNSPAnyTj1CAE8~ogKWC)8DVGx_+l= z!~f%PM7HpU3(_hvVC<1fi-R{BAx>SA_&`iomrqE&i#ZbVcF;;LM;|=a>$)%~##fK` zb$1Y$2;z30c`9SZ@mSdX>j@B{^7i`eHCpy_v}ibLdA;R*4fg#DA3I)%8i{HxdUhBIt=`9pE(+)>3%T@Gi+lrhEb`RiU&bI^u0o$sANCnm7Q;&)Rgixfdp zcd1?Lir2m~mc1(XLlrjfj%t+O-6TR|yh+Y3q_}U;dpyT;8z%)R5%W1;>NQmg6Ld%y zbtv~M(!V~M*WiNq8~=H)&u+CDWj&HV+312bAzgW+>N252x73&p*)_rBG^r4>u0pR$ z71($$)<7p&)ySa0YFpRHjFg^U7P|-bdl@P?n^im(8`*O)vrSC2>HXaDWc-;6ZoJbz zQic#+>Zd0NJkl>angSt|cwLjm9MvY(<@hryGMo~=Qk#Ys>Up2$^@PkiT=leEUw`ad zR;t|tsPX%d+%bE`tnU4gB@4-*W~5keb=8B26XZa(!YM5tcf~Au3-R`@sIt6!h3cN; zY)F4LObmh&5_JlYm1(N4!#X`g_6<9|?iAf269Y%K4deU&Y0|4m8@A}2D6fhjWb#cK zH^Cg1jV7pK#jnSDvPT~6FSi_s`5qkj@~*X@w`&+lX%hRnR&tKyr3H8fDS$=I9Zl9i zu@9YJ4W%k##6gd&H)QAb4#dVl8)jh9z32uA+FhL=UGF0BolDBMR<>S@*;QB%zwwZI zAUHzlcij`Swb;O}hE{DL^IZwSixGDP3#YuNJUajRN?qZqhZ9us%V@}2&9zcH--##+ z2qW}pR5Z;hD97X&yn=aHx`Xi?Nl))yaw@gW2t^Ow1pNAeD-baK&!8koIbdefyxJ>p zjp><7$>2rlHSE&Uc4`E$G5LKX+2oQAlwOwPB!BGd2x5mjgq; zAV8O|5nJkRNb{@qH!RReuGDU~w{SNODV5@K0=15yJvm?78a?{3@-hc+80JScD^d>+ z!#$ct@q3$aiEo$5gav)M&_@l}FX7Fd>-$YI$KR+gs>KhP_Jy9H?unTKq>0bFh5TG8 zU$+;d@LwnFaY0}1E_PotH09qv-PgWOUPEwq&+~I#+Cw`^$WebL41dsF^UF#V(u!!#gjqsNV4?_51^vLy=kF_xV;ckOWV{087txvW z*`;9?@!ndqDNpoiQ&m+tKDX4tlvGs&$}tAKlWpX%)n9s}nY3`(ZdsJ8|7$6%g6+}OEvj$DdbQo6(jqUeMH-AK750?p z+8Zk2N5%|iL@FE~G|pDBi{+-4ca57*E}@5>0srxSPFlAF``qnDV@K%7M(|?<%Cc)+ zH&f~nsE=mRW)}j%D7t=WiE0;P_;S2GeRKcGsZz(uIH|r(OZ1rzCmtv@8g*m#V&3|6V5KiTomwfnmIS5Osya zxvJ4(+Iw6ULM}(iuRQ8mA4U4Xva7W_|FLk`&@#Ef1a0~zdp^PHBt5wEUtAROhG|n! z>S~jns~vbdpLMJMS71^q%PdSW+Vmh)xe0gL)BWfX-q3deV2?Dy%X|l#~mfvcJ`aKPJ2n9hE&iQibyvPVc>>JXrnFJ+C>h>%h(bqh-G>P+nRZTsLkX zj66SOn!(1}-Fr9L_K=DAt=mo$P7dBBY8~wkN9)|Vw)c`G(b$@b4%xs(2ASDyrElvb zZO9#eTDMskZ2&XfHLKT26Uq=ZNKM^ZA&<0`H#}abNtla@)lFv6l+d!WYjq%oDHl|L zltsYR--=mH^T)#7@Ky=XIqdN$$f6NHrP>rNh-n6qN00M^7jw8hk8+SO~*6CqW> zaUh5-XN1R+t%0281blwSMWcO|7A?zEPv8N_CLd=Pfq$Mvha%%uHQqDzzKw&?zLSF< zeH`>H53Cww_S>zI%>rrLJ2k9QMm5|A;3ZIgSd`6%j4B2!1ojp7 z5$G#38ElKRM(aRW#j}rBb{Ykg$m8oDjN$jIldm}DI`(0MG7D~`opy3PS5t_H`oP*^ zTw^0!F#A0?x&1gi4LQBERuAncc{gRBYQTsZKs{JCXXI4QlwhviY%Q7XpJ++eyYWdS zB4@(nqJ5u0$5bdD!r{_3Ff@ zNXXCgwB%9eA#W7XtwunhDSn(Hw=>n&A5wH2HU^{aBV_OrvB zIsM6YLGaAU11G*2mL|WEl5dk0HyGIYoqaciI3cAUQAglPhp`XXn~}YFxLLaJg}^a< z&6m)-GbPiF*qYjzfim!%ohFzuAL+F-Ea4EvrLivkDZv|K6h<@_)pot7;3w~r+KoU~ zl!VNbMsCfHZd%yXVGJxfRziITHW+Ewh`gnhGESrmUW0GN*F|)`uI2BJeZ#^i674ht zwy*kq*;rok15vKx&Ho+cIy26uoR#k>rmQWQrf7rr=c0+K&@levQ0ezYdKMI(e~G}EuVlN}i+CLR0TPG!f z7&0;8GGc4)MU`LS93fP8H=l890TBZBJRLCYx^mzFXw$aLumxde1!i$1AYl<&cepw4 z2v>TftHK%dMh`viFf-GbfKP#6?g-@vZ&Yedi*F8C-&I)K_Ln)Telz7Ox{-HN4z@AxFyEos??E7@h|#(V;70a{#Uh(E zN0a)MeGCvpY4v3z*m0iCZvSz%U%x}xta1fxp~j!EbI1ZQ9LNjI`0H;8=H}3i^%p6a z+32xZ9qO0yNoKhnbpL_!x93!Flv_FZ0CAeHKLfHWUJm;iOf4gyc|W@s=-w^hpi$wm z0e@U(_Ni~T&b1qbXPP9AZAU}ecj`&eeitluN$cEm5aOt(W)Y>xyou_8XFN4k<)#bO#qkw{$}OfMa}eqM|{k+&Jv{s)%GKileKxX84}DP7Rn--gu#+vmnLfF zukKfNTai)vgkp-zfhI%Ul#`TlLh!5(+|H13z0CNfN4ie>RjIK#R;j+(LJVnz_Dx;R zX)Avyz?q41$rN+vaRj<=4)JGd;JH2PT^uUAJ_28b0xBUb-~=li-ZbJ}Pwh%?Notw# zpi`KGV@)xm`*eMJl-~g{)Qo9+KgU^+RoOw{dXd!!gMo>ilsaN$g|>fN_27@lU??Vv zm$k$=_A7h1IA=km7;CR=Ih9@3)ec>(C~PF@^d!2GXE^*$=6A6d+fi|`I8Y2y@|qN9 z*>Lxf$uOGIuT+5`{XMKNETRK#u{%{ z6qb5A^R*j>q$k9-Fql(f#d`&+o;oNpPq=pY<0ZkD$RG0Y#(uICBho)eQ#ua{ zG@B_q@L#RP4ZQ-n@jQn4Mjq~?jlDWU(eMg+3VWS}K!Bm(Y_pys9;3Opd(R-^$6(!Y zF4n6AG-e#^H}xWLc5##VFi_r~9EL88j!&P)Aux|o1dJqsY7NCScJ9%I?`^0VQvKII z=Anps#$$7W7$NT?@H}CAPt0oUGw8Lmjb<#cmTjs2#(%w?4jbqjxa|Eii}`gEf&TlQ zdKFKhVTM^g?`rz9pfd+&vQwt_O65}v0o&ItR(eThxvlhT$$lFOUoM9cX~u(aBTd_{ z4cpdkZ(z2vK-2K`=KB53#I1ovf*(y&r8KDna6T_u4wg6rBVFy=>hzJHq3`RNfC;Msi9 z8@OUVFpr_Zv*pKMjw2v=O#RW@y)Ra-90woYV7WmF*%yzZYlif#W$*jF?=`YuycBe^ zenr5iiM(56O3^YSF8`#rS}I3_zm=n7(TFWsrY)5F$|t@Ns9pthHbaB@w@>?x2KP#i z@n=QyGN@%vl0( z<`ny_C_0e`$0b)gff?y47nVRM^UY7o|dfw0wO%9y`$MkWt%dJ2HC z!>ZTDs6gsKx%JLNG|w4SkddWHwcWCr*0qT8SbO#7=SjDt@FmpJH;V z4lm{yTl7_mxz>BqBv=9_!~dQAjl-MKb0uL&cn`#JQiUOYT_(3)kI^|bDjg%q`~Ci! zB}mxLKo2YQI7Blde~`5T82=E}1T&UrDV*l_!#u*eXsd(qkBryU%m#*)_$X4|nNV#g z5+c|l=@~d(o3b7pCu?Hxv8iZ*B;~qlBL#ISu%DfUo+10vc$WsDpOxC8A=Jpwe!#`Z zRicED!(#%T?xPeJ8|=;6A0~El%2Hz$W)W~oRyrb*F<}}~8KWYN5zAEiHAGL1>7=fh zM@TSVmv)Eid6r>%mZlcPh3_DjY1YYOj8G;ZDnGNG3_zmSCCb_VQ_FA!aEnUC>{pom zsdjQVRpMw!a-&7{x+reyXT`^gR*o4sba&Tlbs~L~QYOJHvo*Ty6VwG>L31Bi6IQQz zt(JpdN9tjZC|yRx(KJw=-?(3<(=PEG!mCe!UHSw{05AQV!qp&j6My(|uQ$sa>@dtV z%TKSi%m?q#8SdHlU|oGnhL{ReiGR01ZP2Yn-)o(WdNec(DxX$8ghC!I{sZvZ^XB`~ z;qzJLHn{aIVnU~sUbu=B#*Fkc*hP4IvDe41VWo~@cl<%;O>Hn*VbD*b0P-dFd)&v< zQwp1o)LAorYTss*NrA#Z=&w%(yarwm4fUU#-zn=ZH&9%=Vw2b}uOoP#m-=!oSAsfUxg+{T;a-)Ku7p9Lgbv71txL2ZZ zK!sc52sZ@q=aDv$7-MF87B6fwiRK`|6l}0qeq*V{{YFBhthN)=^6}hk=>~IyL~Ue1CS54DOsQXB zzIm;(58v(Cj+X{Jkw-@nr)!z<*K~tWW9g%YyZw(!;-I&&VY%9ifzyh8<~4! z3RAbix?;*@B`aP^=UaNmeXN)X<7$hR6~2%{VOl0>8D4XO*9V*qC!m(uSM+Wr+q%}j zJhDZmkv`a5nsf=$0lGF`8oSTZW%`>vqhvvaKaDvj$~n&FMgD_5Du;N4A|MJX&Tc%w zcaCJ4AJ4AdHpIY-M>dZ_EnQQ+Y!>}6<-MOv+E$Ia;g z46ap2bWNGs8;`vxe~F!*uvvky#X*_kKf%g~k6kfv+pSkQS?w({_A#}jN-NoSYKt*X zc>)$uY(1sA^53(*e8Z0-NB6xvy8m` zm)_{GYu)u~`5{EorI}lVcg4K|w6gtImb@m@` zC{tE;aiHAnpWkbPNM(ViT626RTQJL$zJxjlc{4q?Xr2C)_o~PKNn~M%$tU2R-i*^` ztO0?U5~h^`8esQ|s=5lDPA5{jag8rl=$%s;U>rl74j=F@xh^$>-tX?*M`7mdM%1$p z+w_U+_U@GNE4ktSK5fFBVKBh;ktI!emkp+r2|fOqTdobT3zG)xSImP?tva^(QF66go%B3SVjsDd zZx(@qI>HPVRq^hp!yMy?=1$}z|6c4h92yv zdkz-{iw3T5|Gel=rZcRIBIK+G-TB_44gJturWHEodj_F%U3BEO_FKsjMECd8+qORs z8+;-3lU2tXW4gARAYOJ^Z6TUgZzdwR19pt^E3;9wAdj8g~}HU{UT7_t)2Wh&K~K)A54vPcx~=TroWUDym#HEZSm_*`xiKN9};|L zzh9%53$m4WDzDCjee^uz$#~RIXyAL`C9C?YV}kpbBWA zo`=cOmEs^mFtjVwZT*a+9Z96IzbLZGt)@k0k9yN#1?-3EN+Fc}@G~?#?_$9~i;_#74rn-X7(>3ILKx-$AY+i)W`TDH}CU4IR7{ zx0M1H)Ay}gW=)z++u^aURe++rLElx?VhVEv0>>jD*Dj?4T2nfJ@{NrW2Z0O(&ZnFi zjxOD4M%250; z)9+e&OD&v$U!dtb)^ z^Dh(tM8B5R^Pm?iACYQY%qqsYx8KPO3Xu0Pnyy|FHFJCg1^0k5O1>U8Fd>ef(6 zJLiyhP<#2Hx+DM9OT-((m9?n9g=cDCPPDaq2%D2jgGJnVu4?Tr`Cq&pS4(m2BG`tzPp@pR6JN zHQ_lxwf(%HTnLnUhShOvHNLwd(m$E6Z7)anhrT{Xi$j|6Qd|gMB^~^9;zJ%gIeoFL zC_hEYSw$HKSH-A80GtjS1Fkba)}clRe8S3~s`w7nZ?Ec_#dF$*MbRj3G`{2*0jPmX zDBuEUCj_MFe7#o6+M}>}3%Mn!RthbX{a`h5T&rS>ppo(z^=%bsh zeHV+?YHd1rnQLJdQ+LCVLEF7-2yCXxc#$r($9x(tBF0+TNecCqJqx(Yaru*?@P8o} z1Svmu_CPci3*=mr)oI*yK9p!@>wV9sdhEu4bSzD5J`4$jeYftaJ{>HByc;${6qQ#k zUCQ=~_v+(3PJ$*pCU`$dq_{VNepj;UO5K_)_T*Q-1Z}vl#2TG3w1918kNXq?C}jM= zMMRe18Lr@%opp@yxTZE>3E8~9#7Ec-HBX|{&3{>k`>bGjS9b#?PDlh7@NT&^#b%xT zTU+%n2kBZq1T{$@w)mKDbGzn*0*fUj&2IJR{^ZTSY|xBJ1`GQ8vr*zjus2HU z-S=bwSzVltnM-K$_ZIQrsWsTrh0}fjd)GYZBg z`tpUe`#I1#)A65+=C>Wp_i-wsTZyo#I|;|zAO{T6fBfls=z=!UA>$IgxyO!Ne@cd5 zr3YjJecbKs)&3PBy(qQG#NWdL!{Gc0+7ryAnUz|qzaLhlw!4XgD?r1K3k8cv#{p-$ zgRkh$87OAdVS2o9t6?jR!Y-rwNuok(S8adggMU{2deDLIwW<-fS-;YH*Hv6jPh{sR z$%UhVWbW1ZLlhTGq};@o6Ku9+j)0=}Pl<)|tyd})Dt#6A4(=-AR7}}CY=TsIuA)KD zfWBKnq1sA&J+32lgxs5=2GW~}mOAka|Lze$UVb9}B}&1ejUW+Wcb+$u(2U7-soeS< z7x-ex;TtwYS9MZ%oZP6~DR9p>6&{jEk&J7ErC@Q+)f*<% zPegkTd+$n*Nu?EiH}OcMSrbaIcFW5|ZGK)7@1KM|z|k%G!{jXFGM`JI4lO&lauV37 zpeRDBJ*PYSE%+ruj3}{z!ah=X)%c}FmwGXwjYF5v2(#BX>PmKs!eHt@R9=9c0zCas zPF1nQEAhg4zD}+g({~2IqO19eqz`|C3P1)1e5z}Yp0J9(TU_<(yj=0^o7vvZT1!<} zt^p@kedlJQ*bd>EyzV*h6`b_?o36|AU(gWTSdB&pKY^RKArK|6RZ?$r+2YHCPbO79 zudg?2TOeY*#`mOqv=B%}KVU@cf@NosD=3cWQc9zlPt zKDn&dQWWlqN^54z*}tqQ2S=t!!Yd54Kv3MX8tyG3OpUv0z&Y{lb+Q(<`(prIcsjK_ zc6GdTk5Umpr$TrsG<7ADasSiCSHSw&$OC~_)#nbAvXcJh*3`&g)-AEoy;YpXNs+Ba z6M%onrmAieI`I=F@a-+IncgOL2t^!d+UTSV74^KS+spD)`L9aygIl;Zi*!jrN7mxSS6pS`l;bGHo5g70lsfK|XTX=Zh&e`{9Xc zr1Arl3F~7uo+Y3X_`i4?&KG7Squ1|Z4u2uNJrSlMaamqJ0glv113Ht)T$Ca>?(G>1 z>X$&SgLD8v*vrzKTP-bTnl2=ez!frv1OU!s?;DDmO+;YcQJ3{UEyj=iFqYz5`M9f> zuX6cqq;!SE`51%9T=?P>GxE=wU7+jLZXt&NH*k-u_rML0*YQ63htht)vu=azZmI|? zwn3KcR0NaXD#6>vOq9cNPrI;QPY0QljRugAq;rG@n5cs)Dbpb5cFDwK6l}Z%Jyl9R z{_>SCF1s$loWx10@SV*#$DhSWeH*#xPpZv-YGUlr*8*CF+y)6}10B45{fjUYfq~^5 zJSyW;MLY(&;X6cnn7^VTvu;TK0`yxwS>*;?ED+-U-~1NO7nOhg^%u{3^(Tt@Cp<%~ zz8kg6H(e*y>fym_+Frfa*cwGiTsgtN%o~n77_DaenB+J-*|pqx-dPNq>NIW&EWVR$ zXz=ay&M_*SfJ&II(Y~nLNahaVhc}UZh~?zR4juZEKpI|PJ8j}%Cf5W4XIA7fyA1!T z(s}pT5f~*E&vI}RP>Z&Pnt3&3K`pjW)je=^x}q@9YEA!n-XfG-=rBhhRipt;7-MJ_ zS72PgOjTN8xI?fkQy&JwywQZ(R%loxbyi?6Mh)FxAE{Faea9j9hJE5gq$vurb|n|9%Mi@Elv0q_hkf-h zoyKf)piK_K2+Vp~mhuU9s&oz;4o?36+Pm_2sMj?fi8`)0Eyxm5DYA63FUc-K(O@h? zDN77uCS|gAsN*C`lAU6t!K6$EF-fVWEX`mvGL|s58OIi3xbGz0?opk4|G1xX|L~8` ze7wKUywAML^Lw7>{eHi%t+I#{5V?b_b3h@V1khm!*wc?#J@KE?;`iBUovfJ~1m_*Y z_#K*kT~pa14gWeL=wA-?<=ImJY7D2 zjG*VJo(OMNY5pasR=Ie$aYu01K{}Pkrz%lBFjcu&C+ha@xsys zvO=Zp!*^$R(yyu5p+TlknERvfJP_0!V+m!dQ<|MIWA0WMz7Mwm$C;O1+b{cg|3Mnf zUMYAYS%?VZ*}A(uc!;_^xTx1$@Z}yICPjiEQz7Ah$7lcf6Q&JDM50+Qg3qCSNZz;E z*iwBV0Gtyra_tCph*`h-$^GX#7yz~c_xGaA_P4pjMB({x_7$oK1={aG)7y2}LSq}} zBBN-!lxMd<38tga&%Dg_c|B6RctAwAIqRjfsQ-akPLG+#4COoiZL7ik1^jt4c{eTx zNqTa0q|Z*>D3bTC5$1){X5eM#)jVQt%1+qyQdJP%$ubwT1Y@FZsy;(o=z6hY(9qV& zh6^*MN!`@I*DW!-c+ET%6cbKr=AO!q&a-8ydDW<3bRSo=*OP^t^0j+K7;bJ~w?=wRWS<|$HBm8Y%0-DoFe!Jh1qQ4@ zDj~I)S~c506TuXT6jXIYW-*d3xw~LJydig>W$-APiA#fn{6>Vs>s-ygw+=lNm<3Oe zC-baB#$^;TB7#xz`PDbknruPK~#brF>Nz$eI1TUswLhX`5@XIr$Q1q ze;*FrKJ4~rb#?n>N7OiFp~7`R(7rhfg38Dq3Ze=dwXqMa=sSM+e&z21<;HDnJc3QW z(14k|e|f)O(4|5Z%HeVDNR&7t=TNG$9@=7VN4Lo^Ud9Cx8-3W$^np8$Ja708+A-Zz zXx9TPly%Y$^Q~<6A-)nxcW6QjO+J)2_EA)upY`%;%Rb}0egwrF2YC%yh9yfEdze?? zXtSW!2XC*58ROFpFOGR+?pJPJFvIi{O6zv2ujPtNOiT=z^fJ+`&TC6DjWfvz&H#uA z`C}choEr<%>X^ec`=)T$4*ZzH#-L0-?HX_u@ z+mKUl9(IX@I~S4j1$&yfb(!=%Q=`7chlj2Uq1BsRnEO8n1AlYH&&DMV^d#&S#{1i5LW z1CQ=WVJhNusPqXAtO<~e{e_UxrC;Rp<14ebu3gkf&>-@tqiD9hT0x$HIbWBs2Ei!G;Wic zP~xk4=w%>50Eon?XC6;mNW5@WBf6mU!vwd6vZKbsc<=tUD$3~EA~Z`?Z)??f@W;7I zwGjHyo1k#9P!crYUNlDV(!6q?oW{b7BlV%88`lEoIM_&+D6^U$k4sG(IBH{aV1k*LgHeRfpPsWWjv>}M0JF3fMr+z$We10qF#uXc zGx0uiC^qDBFUt(bm(9Exu>wcg-vFBUM>nFcq-pf3K|uyo;!A-A1B_MP6)|BX4*;*f z6ml+f&4~WuV;Ftw3K>R64c3BsaRDMG%{hh-}*-LaX(}r@gQ3R;;j1-B}WAyZ6Q^SxqY) zx;HY%BDE~Pu0?7%-|ZwvPE?pGEVgh9KA(Olx8eCq>+PRZlEW?!NG*B|fJH(9fcl@a?@z{n`k=~Y zt!?on5X$b>(ROl5VY9*BhLb)^x;+8jdgjRYY~YGKVpA;5xmzC4L`XF?&vKJNsFA|A zt9_B_BMDOE?~tj$IQ)%WE1_mKvAI0yEYy_5cGg9oEt4K^fl8J&xbZ{@SsN*LFbs_4 zgoIo0XDWF_*1}d$9R4$Dq4Q$=ddctu(O}HnTf@oiIc(ly;?hm=@dALhqPuT7Gv|9W zszp(ph+o-bp1i!M3FbX#HPDhg2IgvuY9~T1AAC62OYd3aXl*wHliYA<`Rn2_zmzy2 zRsMsmyL^u$ui_v$6FVfUE3+tmD=7uOCDeU6?}2h6@ z?c|P>uySVOxOPrDsDBP4*FH7r?9XPTt=9d7H$EbmnZPxC2gt*SDk=O+mCD$4=Gq1* zgvgJ-ReW56t@_Xm_)Io%Lwp7TpzEp;Lqe=2bpZmna*7+=48td={rM^z4la_hs|6Id z#~zxZ%F31o@$v!mTIB}so$U@nC(MEdWH=B0+**aY>eG^eeUQ@`X#F{O+;!LiDvz~v z+Wol#{Q*)GAe}wyKOnMHt^tY>O9BdCf8vUK2Lk!;G%hye6oY76 zgkQn=%Wqf`C0Ii5E*b+=hfv?L<*WZiD6{2B-dE>(|3#kyUu%VY``P$fkS%y=;}Ks3 z55F@eoO;ZEH}ormJ~xo;LADjklT^eOQu=mxpBfHGzR>yc6X6F$*g_4Xog|ed(T?Ta zeHy>DTxCFe<2#Lu4W@1&_fy{LR3809tHM`BNKXC56P#XvYH+jmf;r_c`jiyt+4^Iv z*g7XGi|g~mtt>9K^H^D2U%bMK=VI@S70>nMmD9PvA^Emq7gEmcFhD7+I%s5RSfuY7 F`A>Frkf8to literal 0 HcmV?d00001 diff --git a/proposals/assets/service-account-token-monitoring.svg b/proposals/assets/service-account-token-monitoring.svg new file mode 100644 index 0000000000..9c96818a5a --- /dev/null +++ b/proposals/assets/service-account-token-monitoring.svg @@ -0,0 +1,585 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/proposals/monitoring-security.adoc b/proposals/monitoring-security.adoc new file mode 100644 index 0000000000..58c0202e93 --- /dev/null +++ b/proposals/monitoring-security.adoc @@ -0,0 +1,168 @@ +--- +title: Secured Monitoring +authors: + - "@astefanutti" +reviewers: + - TBD +approvers: + - TBD +creation-date: 2020-07-06 +last-updated: 2020-17-07 +status: implementable +see-also: [] +replaces: [] +superseded-by: [] +--- + += Secured Monitoring + +== Summary + +This proposal aims at enabling secured integration monitoring using the https://github.com/coreos/prometheus-operator[Prometheus Operator], deployed on Kubernetes or OpenShift. +It focuses specifically on securing the _metrics_ endpoints exposed by the integrations that are configured by the https://camel.apache.org/camel-k/latest/traits/prometheus.html[Prometheus trait]. + +== Motivation + +While these endpoints typically expose read-only monitoring data, that are only accessible from within the cluster, making sure only authorized Prometheus instances can access integrations monitoring data can become a security requirement for multi-tenant clusters, and reduce the surface attack in case of a compromised pod. + +== Goals + +The goal of this proposal is to secure the communication between Prometheus and the _metrics_ endpoints exposed by the integrations, specifically: + +- As a user, I can run an integration whose _metrics_ endpoint has RBAC enabled and auto-configured +- As a user, I can run an integration whose _metrics_ endpoint has TLS enabled and auto-configured + +The implementation should rely on standard https://kubernetes.io/docs/reference/access-authn-authz/rbac/[Kubernetes RBAC authorization], as well as the security mechanisms supported by the Prometheus Operator. + +== Current Architecture + +It is recommended to use the Prometheus Operator to set up Prometheus on Kubernetes / OpenShift clusters. + +The Prometheus Operator defines the `Prometheus` custom resource definition (CRD) to configure a Prometheus setup, to be run in a Kubernetes cluster. +The operator also defines the `ServiceMonitor` CRD, that is used to define the _metrics_ endpoints that managed Prometheus instances should scrape, based on label selection, as depicted in the following diagram: + +image::assets/prometheus-operator.png[Prometheus Operator architecture] + +== Proposal + +The `ServiceMonitor` CRD declares a `.spec` section that defines a list of target ``Endpoint``s. The `Endpoint` API already supports: + +. Bearer token authentication +. Basic authentication (username / password) +. Client certificate authentication +. TLS encryption + +As excerpted from the Prometheus operator `v1` API: + +[source,go] +---- +package v1 + +import v1 "k8s.io/api/core/v1" + +// Endpoint defines a scrapeable endpoint serving Prometheus metrics. +type Endpoint struct { + // TLS configuration to use when scraping the endpoint + TLSConfig *TLSConfig `json:"tlsConfig,omitempty"` + // File to read bearer token for scraping targets. + BearerTokenFile string `json:"bearerTokenFile,omitempty"` //<1> + // BasicAuth allow an endpoint to authenticate over basic authentication + // More info: https://prometheus.io/docs/operating/configuration/#endpoints + BasicAuth *BasicAuth `json:"basicAuth,omitempty"` //<2> +} + +// BasicAuth allow an endpoint to authenticate over basic authentication +type BasicAuth struct { + // The secret that contains the username for authenticate + Username v1.SecretKeySelector `json:"username,omitempty"` + // The secret that contains the password for authenticate + Password v1.SecretKeySelector `json:"password,omitempty"` +} + +// TLSConfig specifies TLS configuration parameters. +type TLSConfig struct { + // The CA cert to use for the targets. + CAFile string `json:"caFile,omitempty"` + // The client cert file for the targets. + CertFile string `json:"certFile,omitempty"` //<3> + // The client key file for the targets. + KeyFile string `json:"keyFile,omitempty"` + // Used to verify the hostname for the targets. + ServerName string `json:"serverName,omitempty"` + // Disable target certificate validation. + InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty"` +} +---- + +While the Prometheus trait already supports the auto-configuration of the `ServiceMonitor` resources, it does not leverage these mechanisms, and exposes the integrations monitoring data without authentication nor encryption. + +== Proposal + +The _metrics_ endpoint configured by the Prometheus trait can be gated using https://github.com/brancz/kube-rbac-proxy[kube-rbac-proxy], deployed as a side-car container, into the integration pod, and configured using https://kubernetes.io/docs/reference/access-authn-authz/authentication/#service-account-tokens[service account token authentication]. + +The communication between Prometheus and the integration during metrics scraping follows the sequence illustrated in the diagram below: + +image::assets/service-account-token-monitoring.svg[Service Account Token Authentication] + +. The Prometheus instance triggers a scraping request to the integration _metrics_ endpoint, +. The _kube-rbac-proxy_ side-car proxies the request, +. The _kube-rbac-proxy_ proxy presents the certificate generated for the integration, that's mounted into the side-car container, to Prometheus that uses it to authenticate the server: +.. On Kubernetes, solutions like https://github.com/jetstack/cert-manager[cert-manager] can be used to implement the certificate issuance, +.. On OpenShift, the Prometheus trait configures a https://docs.openshift.com/container-platform/4.4/authentication/certificates/service-serving-certificate.html[service signing certificate] for the integration pod, +. Prometheus verifies the integration certificate, and compares its identity with the `ServerName` field from the `ServiceMonitor` TLS configuration targeting the integration, +. Prometheus sends the configured service account token to the _kube-rbac-proxy_ proxy that authenticates it by triggering a `TokenReview` request to the API server, +. The _kube-rbac-proxy_ proxy authorizes the user identified with the service account token by triggering a `SubjectAccessReview` request for the `/metrics` resource to the API server, +. The _kube-rbac-proxy_ proxy forwards the authorized request to the upstream integration _metrics_ endpoint that returns the monitoring data. + +== Risks and Mitigation + +The use of `kube-rbac-proxy` as a side-car has the advantage to encapsulate the authentication and authorization concerns, so that all kind of Prometheus exporters can be used out-of-the-box. + +While passing a token for client authentication can be a security risk, as the receiving server can use the token to impersonate the client, it is mitigated by the authentication of the integration using its certificate, and the validation of its identity against the `ServerName` field of the corresponding `ServiceMonitor` resource. + +== Open Points + +- The proposal compatibility with the ability to migrate from `ServiceMonitor` to `PodMonitoring` should be assessed: see https://github.com/apache/camel-k/issues/1555[#1555]. +- Quarkus serves all HTTP traffic from a single port and does not support having a separate port for the _metrics_ endpoint: see https://github.com/quarkusio/quarkus/issues/7893[quarkusio/quarkus#7893]. The ability to use `kube-rbac-proxy` in parallel of another solution for securing application traffic should be confirmed. + +== Alternatives + +=== Client Certificate + +The _metrics_ endpoint configured by the Prometheus trait can be gated using https://github.com/brancz/kube-rbac-proxy[kube-rbac-proxy], deployed as a side-car container, into the integration pod, and configured using client certificate authentication. + +The communication between Prometheus and the integration during metrics scraping follows the sequence illustrated in the diagram below: + +image::assets/client-certificate-monitoring.svg[Client Certificate Authentication] + +. The Prometheus instance triggers a scraping request to the integration _metrics_ endpoint, +. The _kube-rbac-proxy_ side-car proxies the request, +. The _kube-rbac-proxy_ proxy presents the certificate generated for the integration, that's mounted into the side-car container, to Prometheus that uses it to authenticate the server: +.. On Kubernetes, solutions like https://github.com/jetstack/cert-manager[cert-manager] can be used to implement the certificate issuance, +.. On OpenShift, the Prometheus trait configures a https://docs.openshift.com/container-platform/4.4/authentication/certificates/service-serving-certificate.html[service signing certificate] for the integration pod, +. Prometheus verifies the integration certificate, and compares its identity with the `ServerName` field from the `ServiceMonitor` TLS configuration targeting the integration, +. Prometheus sends a client certificate, generated using an internal PKI certificate authority, to the _kube-rbac-proxy_ proxy that validates it using the CA public certificate mounted into the _kube-rbac-proxy_ container, +. The _kube-rbac-proxy_ proxy authorizes the user identified with the client certificate by triggering a `SubjectAccessReview` request for the `/metrics` resource to the API server, +. The _kube-rbac-proxy_ proxy forwards the authorized request to the upstream integration _metrics_ endpoint that returns the monitoring data. + +The use of both a service signing certificate and a client certificate enables mutual TLS (mTLS). + +The https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/[certificates API] could ideally be used for the client certificate issuance. However, it seems there is no convention about the CA used to sign the certificates, that could be relied on consistently to easily distribute the CA to the applications. + +A custom CA could be used, along with solutions like https://github.com/jetstack/cert-manager[cert-manager] to implement the certificate issuance flow. + +Conversely, on a typical OpenShift 4 cluster, the service signing CA can be accessed with: + +```sh +$ oc get secrets/signing-key -n openshift-service-ca -o "jsonpath={.data['tls\.key']}" | base64 --decode > ca.key +``` + +However, the service signing certificates cannot be used for client authentication. + +=== Network Policies + +`NetworkPolicies` resources could be used to isolate tenants, though they are not supported by all providers, installers and distributions. Besides, they do not address the case where an attacker gains control of a pod, from which it’d be possible to discover sensitive information about the workload within this pod network policies graph. + +=== Basic Authentication + +While the Prometheus operator supports basic authentication (via the `BasicAuth` field from the `ServiceMonitor` resource), it is not supported by _kube-rbac-proxy_. Not using the later would require direct communication to the Prometheus exporters, hence requiring them to handle authentication and authorisation, leading to duplication. Besides, username / password credentials lifecycle would not be handled by the platform, as it is for tokens and certificates, e.g., expiry, rotation, …