From c6b485c7cb9034b1acb460abe157e68d91388fc1 Mon Sep 17 00:00:00 2001 From: Ian Drysdale Date: Mon, 21 Dec 2020 17:46:13 +0000 Subject: [PATCH 1/4] add layout for markdown files --- assets/scss/colors.scss | 8 ++- assets/scss/ct.scss | 1 + assets/scss/markdown.scss | 116 +++++++++++++++++++++++++++++++++++ layouts/markdown/single.html | 21 +++++++ 4 files changed, 145 insertions(+), 1 deletion(-) create mode 100644 assets/scss/markdown.scss create mode 100644 layouts/markdown/single.html diff --git a/assets/scss/colors.scss b/assets/scss/colors.scss index 4f7ce6a..5fed2c7 100644 --- a/assets/scss/colors.scss +++ b/assets/scss/colors.scss @@ -46,7 +46,13 @@ $palettes: ( "mid": #D6FFF8, "dark": #00B3B2, "full": #178270 - ) + ), + markdown: ( + "tint": #fafaff, + "mid": #e5e5ff, + "dark": #7575f0, + "full": #3333cc + ), ); @each $page, $colors in $palettes { diff --git a/assets/scss/ct.scss b/assets/scss/ct.scss index 6a6e27d..9f722b2 100644 --- a/assets/scss/ct.scss +++ b/assets/scss/ct.scss @@ -17,3 +17,4 @@ @import 'logtable.scss'; @import 'community.scss'; @import 'actors.scss'; +@import 'markdown.scss'; diff --git a/assets/scss/markdown.scss b/assets/scss/markdown.scss new file mode 100644 index 0000000..f11e1f2 --- /dev/null +++ b/assets/scss/markdown.scss @@ -0,0 +1,116 @@ +.markdown { + margin-bottom: 10rem; + + @include md { + width: 75%; + margin-left: 12.5%; + } + + nav { + ul { + list-style: decimal; + font-family: $font-mono, monospace; + line-height: 1.75rem; + margin-left: 0; + margin-top: 0; + li { + margin-bottom:0; + margin-left: 0; + a { + color: map-get(map-get($palettes, "markdown"), "full"); + } + } + } + } + + .markdown-heading { + margin: 4rem 0 4rem 0; + + h4 { + font-family: $font-mono, monospace; + font-weight: bold; + font-size: 1rem; + margin: 0; + line-height: 1.75rem; + padding-bottom: 0; + } + } + + h1 { + margin: 0 0 2rem; + font-size: 3rem; + letter-spacing: -0.04em; + font-weight: 800; + line-height: 1.1; + + @include sm { + font-size: 2.6rem; + br { + display: none; + } + } + + @include md { + margin: 0 0 1rem; + } + } + + h2 { + font-weight: 600; + line-height: 1; + color: $col-greyish; + line-height: 115%; + letter-spacing: -0.035em; + font-size: 1.6rem; + font-weight: 700; + + @include sm { + margin: 9.5vw 0 4.75vw 0; + // padding: 0 1rem; + padding: 0; + } + @include md { + margin: 3.5rem 0 1rem 0; + } + } + + h3 { + font-weight: 700; + margin: 2rem 0 1rem; + font-size: 1.3rem; + letter-spacing: -0.035em; + line-height: 105%; + color: $col-greyish; + } + + p, li { + margin: 0 0 1rem; + font-family: $font-mono, monospace; + font-size: 0.8rem; + line-height: 1.75; + } +} + +.log-callout { + padding: 10px 12px; + border: 1px solid $col-black; + border-radius: 2px; + margin-bottom: 24px; + background: map-get(map-get($palettes, "markdown"), "tint"); + h4 { + font-weight: 700; + letter-spacing: -0.035em; + margin: 0.5rem 0; + font-size: 1rem; + color: $col-black; + } + p { + font-family: $font-mono, monospace; + font-size: 0.8rem; + margin: 0 0 0; + &:last-child { + margin: 0; + } + } +} + diff --git a/layouts/markdown/single.html b/layouts/markdown/single.html new file mode 100644 index 0000000..24df353 --- /dev/null +++ b/layouts/markdown/single.html @@ -0,0 +1,21 @@ +{{ define "main"}} + +
+
+
+
+
+

{{ .Title }}

+ {{ if .Params.show_table_of_contents }} +

Contents:

+ {{ .TableOfContents }} + {{ end }} +
+
+ {{ .Content }} +
+
+
+
+ +{{end}} From 885d09c91587fa7d8fe3e142c1c80ba3b64eb051 Mon Sep 17 00:00:00 2001 From: Ian Drysdale Date: Mon, 21 Dec 2020 17:46:32 +0000 Subject: [PATCH 2/4] add shortcode for log-callout we'll use this shortcode in our 'known logs' page --- layouts/shortcodes/log-callout.html | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 layouts/shortcodes/log-callout.html diff --git a/layouts/shortcodes/log-callout.html b/layouts/shortcodes/log-callout.html new file mode 100644 index 0000000..055d864 --- /dev/null +++ b/layouts/shortcodes/log-callout.html @@ -0,0 +1,25 @@ +{{/* + Copyright 2020 Google LLC + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */}} + +
+

{{ .Get "url" }}

+

Base64 Log ID: {{ .Get "base64LogID" }}

+ {{ if .Get "expiryRange" }} +

{{ .Get "expiryRange" }}

+ {{ end }} +

Operator: {{ .Get "operator" }}

+

Contact: {{ .Get "contact" }}

+
From 40b06ee94e58c54e0ea304cd4d9cd6dd86aed482 Mon Sep 17 00:00:00 2001 From: Ian Drysdale Date: Mon, 21 Dec 2020 17:50:59 +0000 Subject: [PATCH 3/4] add content: getting-started --- content/markdown/getting-started.md | 91 ++++++++++++++++++++++++++++ static/img/markdown/chrome_scts.png | Bin 0 -> 72317 bytes 2 files changed, 91 insertions(+) create mode 100644 content/markdown/getting-started.md create mode 100644 static/img/markdown/chrome_scts.png diff --git a/content/markdown/getting-started.md b/content/markdown/getting-started.md new file mode 100644 index 0000000..720a32f --- /dev/null +++ b/content/markdown/getting-started.md @@ -0,0 +1,91 @@ +--- +title: Getting Started +url: /getting-started +layout: markdown +show_table_of_contents: true +--- + +So you want to get on board with Certificate Transparency? The steps you should +take depend on your role. Are you doing so on behalf of a website, certificate +authority (CA) or user agent (e.g. a browser)? + +## Website + +**Most website operators shouldn't need to do anything** - your CA should have +submitted your HTTPS certificate to a suitable number of CT logs and embedded +SCTs in the certificate before giving it to you. However, if you'd like to check +this for yourself, you can do so using Google Chrome. Open Chrome's developer +tools (under "More tools" in the Chrome menu) and switch to the security tab. +Browse to your website, then click on its URL under "Main origin" (on the left, +in the security tab). This will display security information about your website. +Towards the bottom, there will be a section titled "Certificate Transparency", +which will list the SCTs provided by your website. If this section is not +displayed, then your website did not provide any SCTs and is not compliant with +Certificate Transparency. Otherwise, you can compare the listed SCTs with +Chrome's policy to check whether the provided SCTs are sufficient. + +![Show Chrome SCTs](/img/markdown/chrome_scts.png "Chrome SCTs") + +## CA + +A certificate authority can generate pre-certificates and submit them to CT logs +in order to embed [SCTs](https://certificate.transparency.dev/howctworks) in +the certificates they provide to their customers. So long as these SCTs are +compliant with the CT policies of browsers (e.g. +[Chrome's policy](https://github.com/chromium/ct-policy/blob/master/ct_policy.md#qualifying-certificate), +their customers should not need to do anything in order to benefit from +Certificate Transparency. The process for generating a pre-certificate is +described in [RFC6962](https://tools.ietf.org/html/rfc6962#section-3.1) and +implemented in most certificate issuance software. There is some value in also +logging the final issued certificate, as it allows CT monitors to see which SCTs +were embedded in it and thereby determine the impact of a CT log being +distrusted by a user agent. + +The Chrome team usually insist that any CT log trusted by Chrome is operated in +a fair, open manner. This means they should accept certificates issued by any +root certificate in the major root stores (managed by Microsoft, Apple and +Mozilla) and have reasonable rate limits. Therefore, it should be possible to +immediately begin submitting to most, if not all, of the logs in +[Chrome's log list](https://source.chromium.org/chromium/chromium/src/+/master:components/certificate_transparency/data/log_list.json), +so long as your root certificate is in one of these stores. You can find out +which root certificates are trusted by a CT log by downloading its +[/ct/v1/get-roots](https://tools.ietf.org/html/rfc6962#section-4.7) response. +However, note that it takes around 6 months for updates to Chrome's log list to +reach most of its users, so relying on SCTs from recently-added CT logs may +cause a certificate to only satisfy Chrome's policy in the latest version of +their browser. + +### Testing + +Many CT log operators run test logs for CAs to perform integration testing +against, e.g. - +[Google's testtube log](certificate.transparency.dev/known-logs) - +[Comodo's Dodo log](https://github.com/Comodo-CA/CTLogs-AcceptedRoots) - +[Let's Encrypt's Testflume log](https://letsencrypt.org/docs/ct-logs/) + +These are typically free to use but require that you send them your root +certificate first. They may have additional requirements as well, e.g. that the +root certificate's subject contains the word "test". + +## User Agent + +There are a few things that a user agent can do to improve security for their +users using Certificate Transparency. + +### Verifying SCTs + +The simplest thing that a user agent can do is verify that a certificate is +accompanied by a reasonable number of +[SCTs](https://certificate.transparency.dev/howctworks) with valid signatures. +This requires [a list of trusted CT logs] containing their public keys. + +### Checking a certificate for inclusion in CT logs + +A user agent can confirm that an SCT has been honoured (an SCT is a promise to +include a certificate in a log) by requesting an inclusion proof from the CT log +that issued it. This requires having an STH (signed tree head) from that CT log +that is newer than the SCT by at least that log's MMD (maximum merge delay). +Requesting an inclusion proof may compromise the user's privacy (by revealing to +that CT log that the user visited the website with the corresponding +certificate) so a privacy-preserving method of requesting the proof should be +used. This is an area of active research at Google, as well as in academia. diff --git a/static/img/markdown/chrome_scts.png b/static/img/markdown/chrome_scts.png new file mode 100644 index 0000000000000000000000000000000000000000..fb27bc8421ad7424efbec3cd242acbc68f5bd56d GIT binary patch literal 72317 zcmb??Wl$YKwC3P0!GkBb1()CwAh^4`LvV)+L4pT&clY2LB>2T0g1fu#&3pTHt9IX? zt=g)&)pKWBPEU8AKIi*RhbhWSq9GF^0|0;~_4SJ~06^D5ejr3>$P?JCCMQS&<18wr ziin7~yrJ+H0LTHUFCwZQ8ON*Mn%EkTJm>RsNK~+SNR0W*9=G2UO={2VZsCVtJM@DOW!YnLXc_k--R*cQcnh9QhvX^ zlf-=2L*!wzKC!hWHa?o+Ny8rR={%k~lq2AM3y30q2ztGQZ)|AbKO(?{{JTExxUPT^ zhCBv4LpehSL7qVw%7gyBq8LT`m%sun_o)>(ZD*Z)?x!oh<~2=C{%0L`rv^h0S9^oe zBz!rJA0Wm2^(Lrkcpy3O4SXE4->X;YKFkD)K1 z&5bW~z`tVqrC!4FWCW_K!p7RoZ7)wG}=EqmHz2(f8*a#0M}2&aV3A<^i&~2=wV^ zWQ>=aiU>X=3W#*cKl(#Wop7Z{%=d^n&PY0U>d_B!|5Zb~!>EP3Y3b9(8H~hQSaqRf z-_iMmtfk)(T)ceMXw#aF@|`JUu?2nt!z%?wRVz;A%VSkEeqC1i*a3#;Z5rA`-{`{W zLy~?PalHBvn!jUJf~l*QY+SFLIPq)mZG| zM`>srTh!C z-ep@ztr$!k(F7hTwLvf=y{=L|KTPi84r#iS)y(_^YY+r!6t@ctzG~)`ctBxq$2An- zunKTRz8U+d&s!9kmhn><=kuugy4p)iE4$4^%&O`{A4v9scd zlp;w9^c_Jlsk$mHBDu2DlA6uS0b}n%LQwsr_Nhaag& z-Gs}`n?tLdj3)tM_fOpU*8AAQNTmM%(d%~FroP#$hY_SxA=R2t?=#Nkw^am%^deq9 zFSWYc2psh5F<(%<9l_EVqg!4?d~!nx#% zyDAkTYX<)OfvGQN9jRGl_q||;Ug`K_XBi78XR)%lvP1Ru#a87fTIGv9aU@Mxpr#`* zm*RQiasd;1|=)aRr`F|(5&TUYDyV=8n?`(N>h6-@wH%F8-hHJ2u( z9rP3PLnv}iHS<^eJvI8TygDrGl$zf(d+g&CRvyRe<{I&}Iqky& ztDndhG^o_9KyoxYShYNo^z$lOK5suUnYnV4DVdmEqhr41L(^Ugu2W{G66|V1S{Li* zQd9l@?Z#Te%uT{vsS&v~xG>@6XRMZT^@j!fJjHkGb@Ndt7}FcNd0#S)ezjVBbiVu0 zQz`$zR^M7F_KQvew>80aU#7)h_Xh>k?B>pUOj4RnKr5Ee`Nx%31GsL!W3Dl^r%59x zfzsFWkFnp%YU#-qIS8WhN*DvGRqUt4KYL7i3luo>c_%z9V; zUGwgk5sYK6t@CB4L2W(;S*L%f?d?E}zF_m3I8_%$R$o{%<)@q_GB#HNhCB60#385Z zFAK{)J~!1Z$K*5$wf(aU4j4~bXdr&%gqEoc1M9uFSVEyVGP-+nyK`A*C%J$?lQNua z8|bIvhfrzh_>Whzt0nkUH-z-dDje}lBcrkUbJHzQxf`7w*^=&Ssqdye_6qRcIi7t3 zuBQr8_)p7bJ6~)mDHvp|Q##qT;KU1&b89=kCs0f7LS-xJs#*mc@G?J>Nb;%{GvnK| zxa^1rCpG*<2n|JSt!$>|D+S@>?}&5TJL(roE1dB9+h;2Y?|F=4U>HlspAs)Pe#|4U ztj`oynRMl99Y^sUj79J8zvmZxfNQL5ih=nK-TimMfI~y6Lh(D(Z*a=n?Cy+-D}0Dp zcX4^|Jt}ZhU78;6Y=&%j4)ak6ExqslW@ORZw#gy89~!(PIU%_FvPDfMekhbTqQ!M+ zfP1Rbv|J!A^Zhcg;DgQOPGyae+jSrdyCb~G%UuKs;4(NjI^y(b{#4;djofiu5kB*W zc)V;@R0imvH1Z6qom8U3E)Jt|inAXyaRZLV1(EG#q=q{dCY8vpT0UC4{tP}2Z5Yk- zLSx0W_?<71P0q>5$-q!vQE|M~XcN=a$$Wb2k;wm^P)b63hegTO*f=Pii>6T+3IGa3 zC(y#=B4eE9_UuPW@EOAuB2jj9$A>B@pR~W|D|kut(^O?iC7R*?K@!pQ38INVc>k{J ztFRhg!JZ4E2G!{gj6FKGek?ivkLrIoZBH}LN*UMp?^y()$S36AjdY@MWc`h8AWX8dXL7h~-Wx;oZ1Xv^NBGU3Z-T-OEkyD5*f>*xM?IHYIk=omkuu|I1&Nv6)t(*nYu%I9p#%$xv4)nU07 z-I31QrIWGaXM!n>hpxy;U|07crh_zY{Mg~q&$+map9_7oO{^m26e}se`SUk5 z5Ne;6vIE$ zIid(PZT0gqNKFQLv{aQYs$Xq4HI&95SBOiCCay}ZGPU-Z{~kb;F+gr(dLt|H<~?@J zCPk(4_jq@7TAFe-+K%a5Y<{qR5War6ZHK8R4ceIV2d!m z&EG9fjuN@>9C4A?5&6AaZpWHCFyfoKEoOHxPvd#Ry$zAl=HF~LqZb~2+e}R%Ck$L> zkqN$RY@aALxnHftNAUtVJfqqqT&YkYWiy=bE1`7WuClMcx?O~j(75IZCN*mfN6Su( z$ixtGtygoQSK4#MS)i*eJ$1dbS-9WXB=cb*(c*G?_!BA%L1ivte6nH|n zT}EFXWidj_&5f6s<8-gf8^1?q_zre8RtUL)Ud|xm8^15f0c_9aMT&M}+2A7*^fhv@ zw89Rocz;Oi4MVOCg%QimT6LR~RB00Tbg~#+Z=BF{sG5rLGmGKpCuB`nk-duruS9hW zVGt``AXVg#h)c8Y`s%7f*GPCZh&fI^FK{G=vBjn%$cW}3@wY6sMF2=At7AKLw^9ghHK~Qck zKi?@tB z;BgZ15A5w{hNa;w51HK;E*5;xIJe9p7C9aBSE=&dQ4DeHjm*&VPT*E4{>jBw<;s?sr*8n9tjrMB z*CWJ%#1mY`%WX^;AIQ#w#K_HUZYEVo3T$IZ5v|9IxfJmv#z_}}vmK-`lb{V~N{)5k zFE6IbQI*)z2#&ZU6ceROD}MGt*UJar`jWbKvcqb0&#Ft~0ylMpD5MTR6&n?&Y(PAf z(cY-dk>6CEhpr5ea}_*Z)U-}T9W(e5C?PgbNYYiGmYLJj)3!Q%-`zwB8b-o|<71b~ zx%@J@0cA@MqKcVNUcG9WlhV@vNVdZ_9V-v99cV!e$w@>L(cXeSj{&$fR!<*`TYV?5 z%!9u8CmIyP042i$@M~oE3yQRnQqI1bJ5#)R53H#t6%Rh}fQj-#vC%227#XfIfxKY6 z7Kij1_QRS_qv{f(qMEKeHlpn#F5ilU#f|VBWDt2V_$3ucuLPNfVJCByXgLh&5F_+B z>$55R$tuqbxBtWzD`a!M`o28gOhfL3{QU+Z-;0H!pBNA*Omu7^@mk?7{TjaBiJ0ay zs9$iuqrqY!fOkJl>hWcsdcl&z1YZT!1fGr!lgZQpo?cvl|ghbQhyw+t-{*T{eRX=BF zdFca~FK1>f)ag@Z%arViL5H2U+T3G>ShI#+F};KHBQ57SVy#3k6ekt>@?_+QzMkfR z1^Qy5q3Ytutz$mk?*KqfC*5lP9u99k0sWc)tKnd0fz z&Y%6IH>%&p)8;JSsxwhZ32LslA`uon+f(9Jtpb&g#nauV5vu5WbX}=LH58=LA^w5| z_$)p>_)6XIWst(mFr}z=vvw*r_2Q?<$N(8P_0!A1CP%Lejv6sOr zDw^4V%D!pat5*@Z#E_lj^WnvG;j8`$8vfHR9enl;rA#9C{*87<;oLTA*=1A6z;*=y$K`9=@f|Jz3hnQ?% z8GG~RoJ+{xjO3&x$*v~l|A+5>-?wYkz8a_zr|bkH=?Q zOLOjoZGLQBSGfdDXDl6g&UEzu7{>nA=h*^Bxe$EKN2NF{eaQD|zCtf$TFX#L`JJu1 zLY-t`+FD13L^+kLx0NNOEK`Zs$%#OD?0ggJXUJ3$Gd;IBdT>$1v(;YKxXKJJ4DQsH zA!L3jP%q@((FCq1OU|3?1lL(@FE)ozb6AL>Uq2i0np8J9p6=&zJk^}6wmrHIqKh1H zk^pD`YIrMejUxbj&#m4K>;%KEJy+MU)wz)0H>}f%81O}qgW8`^bCj8K?lJGp^Vr3fk~EiDbJ;1#OLYb`rd(UN{-G=c6b(9zDqr@$)R zO$9m`AYL@C0|%tOiU z>UQL&wbOjrAfAd9Oe)OG{QRLh&wvS3L_(FCiq#SV3m&1GihzwUgL12CkB%D^g+nS( zj?iupIg~(ITKXwr?Fvt&Wt>=C#J+LOW6wu=%?yhNy11wCGu(|Ap#0%w z1EI7oIf{f_)$iLmt*2c5h0p2BPx2pJYI{{h%NMc?GHS$vM4;b$w9;m(q{+zVir!;^ zW5!5dKH5iVuDp?6>kABPftSa<5?o`wDoH_>4tWQGz#N}4sV3%%|elJhy|OHea-hqXYqE1 zH~=qC5p8Ap#;lpc8$kH*COrIODRg&pQ!B}WM3Q{faoWl;G8(9pm%AzCWS9TkonTt~ zD&Bp2z7!2;Z8aGzv$W-cA#R5Yub6q3AOTfhNUSxIQ_qCb zmkP z?~QNr*@7qg`}a#W)i0ML%m6tK@)K_FbRpB?ubS;!6qJd=i@arK&0fV=HVTsyV>IyM zbLxlDHuk5r>$xZt6^LN@TIOm;t+O72;x4_;q$8=rq`$c04X-rD{$N~lgt_c2>kg? zP5UwAk7`amT+ciAsM2Cy_)wJo&7d7)fu4pd+~C`z^fDbw*wobcI`s-`n1~I2qvjt9 za5dP$PsPPFU(DlF@g{_HO(lVEKIWIoeKtaP(=9%89cX(lO%GSNR_|FOIJ+CJ(9m{N zpm;$Cll))_nu`9mH6Mdxy4ZaW%SRNdyB3c*!zN zmd?g7z_*N+q8mKjt>Rs=Q_h?#@s9`aj=bmiXe(SUo(p1xz>hVzIf@+Q!0)D|bgbf# z?R|J7<#742xz0JT_j!66`(wWsJp_Sa1fjutlVkLM3d*O+{xt1@d}{4e*fxftX8MEs zOA(|W>q323J?T;>JN$%V9fs@-XKMG-18tcjG58L7Cu1j@%Mu2Lu35F}{;a zr7E{hU~l5=`SL5(p)=Q)IU5iaW^mi2_d^N=vG_*T!GR5aF?8k@J@QQ*B{{if61{#~ zhUq20C$V|GK8)ewNq6TetkD53VcFLwzkfsiIV(3e#@k@~<-TIcdLg#`!#0B_11iah zp!%c|npYcZ_vNriY8yPnzmZ2t^7l76!O zAT9uCUFM(cZ%9b_+8Zd4A%Ehy@J?4jME-EkhEvH=rgEY5q7*#r|BScaA^&=`k#6QUrY= z4%2j7@;9E0DpuH-Nl}oHeGukjIR)p9CtPyNYs^AJU>4l>R(f}X%xQ$@E@4q1=3+E2 zS1i=6Yvgb2R3NL#z|7p-E$uO<3<10OXg+)hrYJLX6eS(C3NvDuhp`>3Wp~Nde9*CC zn}6#;HCO^T@9u>8ho8TQ^Dp@#{6oGU>w7bRe<(MQf=v!d{_K~&s>f zb0xoT{UaX-J)*YM`8UT(X`=DEM(Yfz|MshJJzmc#E`}YI`2CgN3XE@Z+*OcqMO1`Ce}`k`}n%{)-2- z9AGxyz78ES(slf*;bjyoYGJ;`e?x{Ml)_Pw{lO*9?rG4i9@mO2nlR-MtYU6yhY*gm zQ^kf2*}UMtU%-ix(t(a>Bhfu$Mo-h)iVuJ+eo*ud%_FOUmz6MSPq?`oM}NgxZFW-bq4w7-=wJ#HD%9P^r2UhxEE#5L{}LlLvetSjk=h!4tbed1Pv!BvK%+v4rfZW{g>YaAVey%#&J($bOelmCoG!Qc1b_|z zQC4J+iP-yS+^0;ooDDZEpmD<-)D|0@_x-Z&mAC|-R6;efpT~gKX__NRxlBuQ+NYg) zBd8Dd)k?J0a=y#`=gXzM08n$2cG#T*pk^PN-P%ZTcAs@6>85Y*cofUul(t{x?}ib- z#|a-xhkD*+XXEVeS(JDDrHz2^U)hwtG5dJrF#lInd{yyN_GEUYBuoVBOFo9gFqTl* zNTTXora&T58{_`HO}dnxoxF z-o;~{rzm@?fyTE|oeA4CZVQ#Yqm5sc!bIF_yUXFN&gOMSpVHTfu{?9~CKXKxo;t^{ zS5&Y6$PSFkN$1(Ewm6stEeV@^_6j=HC1AOH9bxI1AD~mWmwG-Y*Oa?-+)3wLDOQ7m zC>LLW)eOVt{F6q0E%pUBH!|IXOoVi}Y8c?RD;vXAvWr+$r3McgKwxf;{rk=?W$8pF zZzK6styX|q>DRNx+s*(t^u2o{f4c+`ucz2!os_#P2cLZ2&f6X!l1|V~z}F{|^(OFa z|Ae=ed%nWD2UoF*S980D^r<|WiT}uImWr=}!bM3b_J^}Bd=g!fv(`rpA|Y2z@ke)D zYe4Mk;LQDH3K3w*c#}A)#d4Y=5(_Zq4%3S@czi6V<>5c+pLeoNrL}$vYh{p&vcRyF zPh?%YuJ@l~g?z$@GJ_LX)nSG^bh;d6{R3~LdMTMX#?=nzr%lY@p3wo%!!$Iq6;e_j zm$-Ra_Td?+0YSfknf?8d^j|O2{_z0=Zb({(&S!8db0fhwS7$1j-m>on`FM3>e_r=Q z+OW9H%wSMx4y4jJg(jhA_Q3=7QdPS3HrV%fN5vA%h|YI0_!-Ns&ixq@xIt+>{}l^B z61>CW+dmNFnQ{mb(S&ejYU;^hLLf3urYp14r&DqxXv0KLvVF3v1RTLcL$mjCx9&fu z1hFW*I9{x2zL8wO>%YE(s1+fEXEaKPlKj6Y{QqB@y+2;~s$bZ$ywDNtYhMCFl1DYI z-#t_Z#xC}YNaSYrr)l0 zkx5GC9}nAX4YWf8-wN~Q`d%;UBlgs`Y8}v%n)r`sF-0ekcVYJx3byW6VBTETF?l{Y z-gJE;+Ab_#^=E7;!<>*^xy`osPX>MPH~72!#MMzR(C4Z0htIRH3kCocePCyFM0eNA z@m~7%d<1EM+-}g{n$KRtuXgipo>&qM9%y#D{kS@rq@GBw{ZkPI0Q(t7-34}_L5$#) zl5R7h?=Q|+Q~-D_g{TQUKQSTj z&FFYT!o(0hljDQ*KMC~Wbj?ReRHsgqP}+n2)|~TxWh=W&tjpx)J_=i$=ea(h4IHZO z9Q?=IP86zL_hpj_EKAGu0wKuL|4e@ekb$ozA~q{pj(w8hC7vBH&RAH zOukw!)>{x^j^kNtA7OIh8yyd=zVKq(r^*VFvM!yr(z%C-QHri(R8FC~54RS2%nmpJ z(7>H#Q}bf_w(%nMX>8p`$M*HMsNMCHBNU_WiDDHfbFW;T-0ZsQj%{apEz>hN?tldV zSEt?3+aZdYFWN{ zqZ6*RwU=d zkWDcbhx&%7^K1X-5+FB~A0>aa$CCn+qM*|-rzp=pL&BSPtIg$}@fpXhoxd*x(5pV=16mYQO|K>C<<3$eKI~gA@`SQ#YP>9rh4`zAIh{O)pBJJ8jG}G(a|WXv zz`xRhROvA8Si=D&gKuF|`;6TEXOJfY^YQ4tt&!11g^92wXhp#ES4T{XR}F!2k=ifl z_ID4bLRkK<=DSJe5gXGVU+^E>r|hWp?1Dp1{P?JvFPEARssSJ+20wB^O1;(Zbq6iP`J}xo1{U-rYs}j+g`Qc-bq^Tkn%DL-(7KY6iHFg&cv<0vlQ zViumIBpr1Po@HN^m%8if(4K9;8xNS_Y626Cj{kxi=xb_+DtK=Vf9Hm7XvK*$bBMPu zK(jwyV9~>w7(J&p@ihh%3kGaoP734NeL0A5L#K_w{TbT7>`G{hj^Q{vka_{(u(DiaV^_xR#~PP!Wb+=3TM2{ zCZkGAl1M_~?r#KpCgM;4a+H)xX&dkH(YXE;lwC@TNaf+EuM1kD>+o&v9ID>*NlSv< zJZREW#LmBgVM~!(&V9#CfGK&nT&-iQpTNB82)R4QdWuymat%d?P{$T}(=9BsH|)F+{9q|h1rJ1B1I&k)p^0BEw5F1a?R!iF*g9R*L$6ML}#7< z494I}F?Py-upSifhf&RZ>uN=B&V8n<4SZf+s0BOTj$Ctwq45Gs{t6J>(iJR-q>#$U#?y`pSv0PX8Vv zwyYv;=%t9-(zS&`)foR;t^=U*W}&jrbL{W=H7ukFqj1ysi4>c90xDBv?HQIBFmhPADOMz(;{ z^|9~TC*=Mws}&F+QimCTSYdsKyFu)!@Oi;(h^hl!rpD>6iAiCVN)5U}^>nDD?&i+$ zMtecO@htww_7*+hOc*5rmDxk!b9m}RCF~u~Awbu)QB^i;p`c0!H9F`WQ$FLIL z?sm7d^TbTxrAH@fN&fc=3GBS*m?Z{Ij-7_qe|TPHs$6G`$a2~{D+JEzpMN<$Rk8Cf zdF=W7u_i(Pz3E@xOD54|k+-O+ad|mDv8wJlgOiMDK*k^UsJzvEDrpLV0#-^Y73=jX z+A_Iy@x6EHLXHrDoEEQz>6yT=U5qT#O>)QxxRFc%fDAtOr^=Pt0BEoWhm~`%urU6^N2JCb4Qw!eem^d;a*%`8d>%0S#5M>kspqIaK$GYXsq3WlF7#h4B_C z9{%S^SVNKHDZ2}X?{_7%j2e?=jnf1`q!!r&&Hz(Jd&DknLsQ6{;QA+oY;G$XK`$MA zf78U}-oyy*0sm`tW4wF-LqRi~8^E~BKxi8O+TN1oU= z!ixK|D!n~>bnvqDJ5d-zMH!T}s7QECdHM0Dv#z&_{ALWX*Urzz%d6fQWMyMoH~w#e zs16-(+|;1c<5%CVwov5CY?mNNFe|DdACxFY_p^>hpcoN1&2{QPAf~7SX7v9A$bMnx zbWw&+v?2Irxne@HxA(aHw-K-ZZ{{+8uQRHYm9nX}fWMSa3dN)v?Sy{)hwPO1ZA(o} z>-4iY)V3wpk$RLlw+wyOj*$x-KE9YwLzU11G&9yWi3}P`%gfoWU2Wc4LP8 zGZ?xbf?B=rEr_}}EHN9@vVI1z68|Fx@n?w4T1tH||* zNeN5?@^wbD)6VdpSPCnSrFwMOj&2uTJuxvD2rMWNBKg<>lU_S_Lt{!9Ktuw7DtJB= zMv}O5K>Qv9@Dsl>c=g!XK z#>UZiMp7r-{eJM;S~L>WAq`!TYYwX#3@g9=-@~b+B^-rjGId04)nEyUvDW&36n)lOMLe8 z7{kL(!If{Q-Vr*??3o=WXD7`2&ba>&Tdx|)Lq77Mbdz@7rB^k|yPHy>4^5em@1pqU z7v;}~$@^m+IzQ)wVO%V45}LfCS?{;Z2bqB8n?bU^oYQG-?WKKN>%mGP;4if+t?y6u zayS{F+4X9UY?YyTa!R5x=N}6+-vB zV2Jc!?DIbpG|e}y#dkm1H+4^f=uBFfR*Gzn2(A%I+iss)OvLxD3$lFvJT9DK|6p(N zgbwFqOTXx=8wsdut|TRP5k zRj{%{e4!F}WRI{%bIsy62A6-*|FxRjnD+6KI@&?2(?`tw1k;-+FaN}-+}l?oX#eIi zVJ8CL;ZMuPyI1!;!H~?ii!_UpKdt;!)J~q#R)d)B<$tSXGKqF*QsRAnmFLje1PnGT z@*O3F=6Aqw%jlzpOTo(IYTOFhC>lGCLK0ph zcYp$!cwoJ$dpFg7ZvuV3c;WO%c@KL&ScyIbc0}nuJ(D_mV`*?-fd*=x$c-onmWFh` zGwKN~ZC_lHH_z&);dp`*kcItA)N+LIL(0KnbxPWrC|d&nK&v2S4I>=`>*t;uX&t zS#~*Y4Me%cQ7$hJ=?pxeazp*aTlC9!ezl)E)qN@JB|T6B+RngZ@V49OnIZmkqFFj=s2J_X`kAr^I6XYO`O~^s>OV(XgmA zS^olUA`kK2NLTAjL%{$1=h1*xHvs6LY!2=e6>?B=8IAjVic+62Ak9m}a z0|={SU{YP;J$gpuO*6Oxz=^BY5#A$mamy3akNc{2xPn?grA6yz%GW=>daR(Tp&E!z6p1@}K4;qs+FjmP0X^k4!6Z?cbvRfdjpnJF9z;=(WJSc-vLAwffuw zNtVVT_O&MsvHA`K61|+1+1I$ywA34$v+LR-@F|7pz;pPErZWru>@fEEpBz#7(?N>@930u(l@c zzHv+iqCc=A@w}bCbW@z4DNE(=`O|h}Z(Sg(MeupP=bPL7QX<^nM&lQ4A#JH%{L;o8 zequ83FJpQ&hY@hU$_8vg1h;Hfi0VJ+Y&3A#&kEUoI{qQ`$tE=9#lV(VJiW`zVk*#x zvyIDEXsh9RInjZwo1Vq(4GT)OsB*a~rIp zhCU2B#8OVe4jXC8G#P*3@C(K`ksZDaGB&|8wzM^em-uv3&svq!!DVB%;&`qDF&w!B zwm1ovmeEd_qNw2ZTyO@yhMevvaq=BXFt5fn%=MqE^v;L!a&L%g#sA$(`RXrWay$MU zvUY2j?Z72!`IrCD7hxi92+`<%PmtO5%v9K4i9`Wh)f%t9tXY=(k*xPrgFV5#@c66hQ0dhQyBd5bc>ivtvS(HCr)z6u$=%7_j|*UrfD5oUpHKyaJ;e0 z94N6gZE`zB7?!g%UghR}G8#Pl^|&K4$pbzDZ5*2vBv4CYR3Q>ibQ9+>bF~#~!VDUb z(X^(M1gp4vZZK8KAC3g#PwJn8B)azO(AFqscLLfjN0v^YKx}j_C*G&jz$_dP;#_)k zX=D5PYM1ag%O0xEbZa@D8?waAN{)IJo+0)Fnf-H;Is14xJV(zhML%ce{Ntnu*;pDI zw1ocfINnG#D0gE`;Qm(3HJd!>aZ7v{>92ZdZpW4uLO>SE?kB;jnulU`>)q-d_)zzb z(?k6EQdP>Clk~0H>iTZ=N;XIL#^A~>Qihg-tQztuQ=O#?Xzi#Twh86*dkJb^<1)8-LWCR)7RnT?RyG$Z`Hi6|KvCisMR?l9NqoI6;3qjrDHWa6? z(gK1UeqmnIr~BQo!#|{;7>q@qv}NWE!`8Nn7GRmu6K^K7DkXhRu~A)!{@6g4ob`Ng zIJ7I=h36~2#y^C<|iM~tdR&P+@ z7E%tl!qyf7PyndkjLuq_KOWBT!XU9UG}*CScOv{dN0!x$PfsIU647G#NV%X{6RKXg z6~1!T88|g+1-k%$th=}Vz?9ZYfW#3VVK?&XyU6>*f*;^1vZ;Q-iaRnGyC|~?0Mw|| zXcfA~@n4RYUBUF5h~K3vVQY>*->t49a=@dF5^GTUjI!%D({UtiNShpeog8Q0i+gATYMkPO>X@B{9WYW^J+(@T>i_A~_t!od5$e|Pr^?Q;hOZQK3hQ?<- zfQv&|)4Rz0om1RtOHvVRy>2geH+Yaqf&h@hjwlwti45ZGPAsy4A69gRzb5VzuFWPh zGl;9PP$_yk{Y&bL02^;66g@BCT{@z9cVm^lv-w+aE^4S=h<|QS;<^=qnSYHa5Yx+p z8SDWa)SBOd4EOC4tYE!-Kq}BFqO7~_WHCoF!sE0NuB}h~>h(m&324SNS=1PTlTl`ADXo{d%TGOqPf?zi040PvGG57#Y?#D(sjVW;6P|&G@9s4JGOs- z022qDVMgfpA;c!6hF$8+$|Dcyy=BcthiUggN}*yqtZWmn`{uP}0%4+)NA>-*&lPEU z7v9VQEL>s{P)n|tgjyH+wGBvK<|=yW;3Lv6hyqqA*g5!#EfIHL2tmJbs=e(?*zbNk z^A1b7nqJY2aGlu^o}58qd<-d4zQR<6c4Kv~hN4t~>|*0W>C|`S>(^Qx%=dk~cVkH_2&?3OG4VEp>R4@dTDP$Xmysc- z1FL?7sE8dNMYjAOedk!ogTURr|JxtVVxXp` z<|TRcB0Wq_O2WgA$KMUD!St&7%N_xC?ps=F&CSj2cnN-JG`S{bV`Z)V<##?!{Z91m zUv!2f0VJ-#ah(iZ0^(%%@vnBm-1O8O`>J7NVF(l*4RZOWPY=qF@x6E6THX}XUJcWS@O#l{@dR7T_gvMKAqD#9n4_$Oz(|5qWOqU-ddsjsx0Fn zi)RN7&7sd`Iw#EdRb7uxN~0%TC℘(acYExd(ffFr{@{Z}VKXQ%BWl(EB(-zJ4zA z$%Ua91})=tP7S#w!&m+-Uq}R2o~a<7Sokpg?;qR?4atD&-Uz4q7LWBsc=d40nh!65 zJWXg}Nk)eqldwTb>Tgowd8|kx3i_r^AigPEcunX%3xk7Y7P;Ta*u673qu50c+7j z(7Zkbo)(LDao>zSSvMp5)N+lSER^=j2I{=EJlrj~7FZlqFz~h`&NhPwq_rfJm6auK zd*WpJXx9kfp>h)Zvg_!?+wb;EA9d#Bb!CuM3w-L1%DQb(afO)|n`y7+IGSSR7PIYm z-EREhmferX7+cSW7m&o{&otANN}oE4&bM#gO|KiqhWD--*vXEJ@_V%|u8a?bNN{EF z&w$sQtPQ44kAJJRPGS=qPyrmc>t_qEv!`Sjc$p53n^8o!$imgZroU_Th_I*cOv!|9 zgwkNL?Jn3rMUQ`@3&z^~`E|YejgN^a#vG*LK6dhY9weVl$sDYaas@dK>Io1$mHfjS7U6aibw_fe6F8exs zfoqvdCk}!DP_hv<8&Ini0MVdl%0xE+{+)F6Bz48GztAmv#8S2N2r5g^7Dvzclt&c& z@5GR!(RbCIr~r4heyg=$?<1}uUzB~hKs79Rxx4{oy6KKIP*QDe$`?g4eMkA2;&@!X z$NUSrA&c38d}r#)3-CShJV|lPSQgSM=822*bam<*pXtMmSMz2MuYx8RH>W0{GOw0@ zzMJ1bkJ?NyAq4t2a4rfRbC;E|yL{3iMO4H^fBUOU5qiGUaeKCL{kb^Qkf7r0cS4i? zNx$};om{j5tNgf4^>@-DKHxuGO*+Up>CgP(XHXa0$WX ztp#6Kv|j|{<7)wy@Pmr9M2p(_+%}1hSZH!_!An8V8cHIZ)e~P)<$s7IKRoK6IRjWC zPft;*=T#1c*|ayV7vnx-06Gbh{3S*~#@?kMJ`-pNB;&jRnfUjYdevTU z7uVikOV!L@XojQDboFfGrc7(qMIDE1>t=J?r$X%hTf>EO8Yd3Luw@@822}uHbl_5d z-N5-E&?=G2zkfU8C}!?Cru}Pl)&noFVu7_f9;U6jtm)erw#6GW-zud(YpEo&_b}Nu zCyDuZDUeRtNQm|IL`_*3x^#X&H1eeVqp~fm1GI3yvO*)llqXanpDZ4rN<5<(*{(N% zDFZo`b94Uph<37GIDaxdx>;}H2)kV$q1lfV08M>S!4VLY)$;&5XPiqI>Hv;;46M>Trh^ygO` zj1^*tqMt~|-+F+xj!Ke9>6NS8+)a5?8D@Juej3}A znGcQpb}B2h?PqF3{~-h_{b7P|hwTIMpUvtg>8X4KP9h+UaH0$|oV$Y{^t=2EKg2Wvj9R zna!kkuKuL;&cl$k0r-C~_Lfm`1Y6r^;}AT!ySoP`5Fog_yE}usCLu_0*Py}OU4pw? z2+rW{+{robch`E?_v2pvuvX1u@O2I3MjR=_WM}@VToS1A82g`*Uc|QGPmcXAbtB-*y%mF34ks)37tYdUIh}M zQs)T2cU&kURhUpdfRZQRR%=EA`1G*9f#Ct`q){0#ru;u-C{wFVms%UmY*kh|>Deodoy9?_27)?WDHj{CPYa3royr>h{QB*Y+W=(nQbw z@#3Yv#hzvbpS%F^JJ1Oao}0^NF723HmBa{>0%gGhjmB%n!+|t!R6SGFGBUrJ&p_HC zg$XGN&zlFVmPk4H27sdO++oLl$3kiX;Qi3Ev*aqcw2xfi}3T5P5D1@8q zsWqRzGJCTK1({1?ZJ6(;KkWP!lkJ@zjr9Qj@oq$}A#uwz1QNna9#xk;61{8k7qRO3 zDHzy=0HBn-92skBWR$|(bp)s(6c`gj1x&{@JAQIbjP_oW6lv4 zPs0X@U;0a(yhR!8QKkwiB`0EEarL-nj}b`BHys6YDq?SCW!GA|yq6*4(!t(xKmwe? z5sYMHbZd>2v@firzYrq^HQ|lFi3r>1oPt6QuiwP`3=V*68#nzzo41?}!C1S$x@7RL zfJq272GZ}Mk8!z}$|{W^Iu{p^7>sf7Ewwo1 zea-rZJ|X(Yo$Cz$EAvBp#SS5HuZwK#-ByPFV{E^A{`v491~&j$OG!zc{fGXI*x~!( zzy2%0fBjeH-u*8Ecb?{dx#Wnzf14ZrH{H7g=f5m)NM|{oK_d1^Nl9k{u#oAG4Z#ii zIt5}|;lD`nZv^vy@cfU<%l}6&e`s8x2j=f_m`o?41b7pvtG+&NZ5X|u6QpRtZ?jyS zA3XKs#XZ%<@~yc&k%DxC*rCutMyIT$rj}etGMQB0rKP1ddrySQbqz|z;Y#)2&p-Y`_Af(Y`CtEEis+9=IgnsEx~0bMQva32#Er*to#y0YtlX&%^KxguRAPqT!L>$S zeuvaPyCBa#r|$)d9xkF<{`MI@{$kSHvg9+_{`EqJ;U?TF)Eq7?9rgY<>~e}27+d59 zm^Tvco!g6weFt9Y=C#Aq=2pRftIh$;m8#KoL*zIbvCrA{;a^s&FHBVTb z**)!vUI(^RK*_IP8i_oTwlWLW09iSG5)nA~&obMy1MMAOP@YO{dytg@Eu z*I3P=p{i=FH946NEF@TIaTr*0UG#@uCi@@k*l20jkND_lO#;W>U(NLQUo`->gh#Q3 z{&b&)hG1R(ooj9mN-W;@dTRVN*l1`-Iz|gG3epTEW>C?ve;V^Eqwk;3kH`l$zWb^? z2T`W(`tyUs_mV@rCL275=Rru8^|VQ+=ZBp|o|oTrmA)lsV^utrs6Q?=z7Y2RofyZ^ z4NL#o+Ah8l$;TyN`L%-=@#^wtpMS>~w>qIEmXN~PI=u#WvSFK*KmccxlA2mh-fS}L z(w&AFI`g_dD!01&RY#_sEtvwDS+430!Q)roO+m>l&L1oJZ<@~j#i%C*wnt|CH+6Y9 zi{ES^ZUuc(=!^5p4C*IvIE8RDMcc*8V7n6c3Q^M6W6xKs81V9c??#Bt+i5%5@+5W- zPCrH@eUG!iAwm5ybzoYvOc%)2(Tgoyn3|eul`gb*gbK1ur=_2>WgB!92vCAbmw@Ig zPbcPmn!DI`v9q-a)h~jbsGd!cC8B)Z2y7{m)kM`bjN@D`NYx^w%Z;*H)RguE+_N=*$r3jg^_jAs-ktviVnJ<3S8UU@{};X&oW-{F?M z>JokSlUtjk?#M|21Sd zQM@`SdTv*y{&K9JJa$%T6`I@i7aL zDDxoEZ4!rOmYak)0d?ROmbaa|>+i92;sw&%CWY{rYj@!VZlCQr=e98*{F|OSifEH$ zjr89EVxd#{r8}+`tA~mP35tu#!x`9&01v8yxS9lNu4JLQvaH79j4ii-fx&}0HkmHd z6!%=~obuw-oV~-(LLC`~bUgtaI~4|;cZFqz6?7mVNfz#CYV8w`r-MP3l=aNqDxqe5 zrR%}mFIoi&gA*C_qjYy@Y=w6??nreVDam_!GIqDK$$nhp?Jr()ZGx4jX#0UHhqJ}| z6IoA{1^*&fS07QuDR~}{z^_nQioi9Iy3LvLI6fvH#`XL}KH+&yJ{+-|<3_6}kXnr$ zn30A?>(&{TW&B;4okh}LncWz69GW3hHq>`0u5&3n*(}QExGn-DN=-xa>s$XYak5mc zbisSy*_{}dNm1giy|{l*zo*WgJNIFr0kW*+p%d@HPR<;hwbJ{H&79Ja|7+_i?V5%` z-XKm=o%Z<=mf0HyK#&d_)7;7H`K~WU`VgU$h&H5}d6#{?P&%HM;O9r&L92wk9&p;@ zR%PoQT2>j*CCE{c2n~>5r`k7)WO>OMP=!sk1-T&{2y4B*9DQll>o;zyxxGFL$-HLk zqu=|%rVo03%$CH9kDo;4&i-pP5D~0)N3HY%Zu^9o=ZOSa;se^UnM#hnbud$C)w*KSH4flla?AJ#ttuR0P&)m^7;{>nK|f7vZI` zAy1t&Q&8-zVPvKalxqVP2|)vZA`v~#7&3kEM7hw__>pi6$kMFXi(t_}5pmTo??i-X zt|A117@e&$ro?(PxG@_2om1cM3)aE8tnd9lRUyf|krWA2ZgXb>2?+Mks8Un|sn#u{ zpsS6U=y)64gKIGmP**k0C*%x^Wt=-H+Ux&42lo2U6AxJJT}d9~pqtT2hwm$foJ2#mZq{#>bs$CU1}(2)u>yFpEw$fA7Wd)HICbv zsJF0dK{sAm2oi^FfuXdGzv?iB39c)o+tAF#pZ@m7e|PhwFGvHMQQAYi9NaHsHfNA~ z3Niw=SmYfcHQS7E2;Z*?6BbL1x{y9-p*|>HmVvxq!xU(&K_UTCX=&|qkHF@}Gnxp% zmxbM+%SP06Knx=t7Wkc~NDWV3m;YS1B3N36xu}v`;8YF+zzkKba*_gneE2SY_nQJ- zZe{?WhD8PKxH#XiN%@o(fGK{^7xJ&qG+mvez7xTRrrlGj0|@<+iuMe{t9%vQ3y<;T zXa{iD(MZBaL`zs+%_^EI6}CHz%#&osh>b;7E7QKJD{NT98Q+Cb^HI=YvC*sGR4_xc^RZt`=W70aNez65 zlk1{}GiU{t^C- zREccGf`PON!v41+y|pinBbC@rzp#L#te)^DZ@aoIgf&=vs7yNC<{IW!>_AnEgD@(; z-M69_t;Gz}U9O)cAa&`>t%m}F!YcQ0z2#{fxot;?`e5yOGIqniLD{gF_1_fOXJ_Ck zrV({dft)_v2(AOOWji$|Pp*RE*f|3N2JUkH>bjC>6MQ)6k|Kgx&I9W)8+CNHe>d6; zR1YKs=$V`}iBK-Q3g_){vzhwnd`Rlag&~)F95unVb_*g%?5Nd(Xcs>wU2aKWD6F# z)3dkSzz<^CL2CUJ7fO*6389kJnojSBuTXtZ{SO*77dL#Lx*N^HrEWZ@BHP-|>@g2f zs^ZO&(w99VrZb*&W_F+J3;3R%lt>B@fGKTVMjp3gh{lh3f06K9$i~_8tvwpYqg^`X zijlrRMNVR9H0Dgir-1as>DIJKwiKWoxGQF_Z~Il-={GECQt7!|Y~$~Z7LEF2<@@v6 z1dfYO*Pe1Lfw5^FIj$Vo`pme&c~;idL~rL4IivmZQ8HUUm`JXH-@V&<+p1BLiP;Tz z`3Dvg_6H@%wW~H9f=ULMj7!Oma*M2&+?0Tr--+{Bc3t>rq-klzOQxfsH)yRK|s zSPMRm?KO0?r+VEru@}MgFt=X8#45-fA>khffPC5+2jiKvo;=N1bn2!;e9p9pKp`h1 z?HnS(5%js6^+bVdbw8sc*iN}?;)Y8Wkf2)DLVh9tc{n_^APUja>- zF2;aux4cmRG-#S%PkYSgc*Y<~dGd6UmiMG-w^vy;mIQ6p`n9R~Rtybfri2>! zb6T9vV<#4dj?hkVZ6xaXlSHyw&4u(0e_Ld>fbr+dk`JzRJVCUbsV@$UPK%u5QElK; zX!SR3Z?Tb$fWh0Rae;Y3#yWvXLG}4T`()SN=HdxGNfhd)^0zudhz_H2ltoJ~OO~e& zZ=QJA20k}~-^Z`tp^eUQTlixE!6ZH)W~ixZ*U#lJzIkNVO?A06+%er=>tJ+(_wdHF zyW_bf)paIhhyv8Ey>N6{Pi%P5`>*P6KSm0_QkD>6njPI13`eG*HovdiD%s07pi96i z#!5q&9f2}$K_aR{>ATDR(B#SbWZJu7mzAx+JR18X5RJH$_&U3xz>4naC`1bYE*|=8 zpt`B7{eTq$$3(I^uC5`-Y>(J6v~fh(w@0*3grLAjTv>(o*os_$Vz3PP4Y)MB>D)sU zKYWUK&EHr#}{)%%Y9zI*kC?-Z=R?4%PV?3ZW z8`B``WUL<6q5;33|Hcm-;3j4J{#s-M%D?PtSTQ9f!D=FONE`+Y@~ySW)%y#c;CBb# z`Atv){B-QmYS`1Ht$h&g4d;lLsR`K%i!2wCJF7*S^7GgfRd9tQVfl*Y4gVSw+-MxB460dhS_%nwmIRZS3exjFKbFm5XAn|fVA znD*QlH^qu7YHJZ@U5oBo11dD2ZqUe$2rJ8^1kuN}imGNk?InQ#`qID#aP#|l}FHoawn;X`d&oxPQId9G8*f7v+-d#h;mo_-_-Ek$bYV>!_ znFl8uzUJs?v|_a#&rF$>txBUj?5Rc5t?t}RdNBS{b)`jL6G1R940J@n%5EeOD)7f! z)t2xun7+jzYsuFw;>dilhcTE#mJQyYZ7u&pYGiw>a)#^h-d;GO`4Kb7u8(9zHJC9FT`3-mqTY(2%NPs-fL! z5Ig7Ii9pHzR^jl%qB$7s?Irw{4->s*=zp43(n0|j7cae#QvA+v32t`PAgQ%YlOCZ= z*6)vW(vbNevKus&Rr2&rI@KZrpaJT%zDt_`BjJ-yjLZp}=3$Gi+`F|Oq(lBYJIAhB zG)V4TCsSRRasWYuA0a~_W7Sl#a;!oXir$ep(Ce|NtW8AYIds?P*ozw8n3D$|HZBWZ z==<7}?nW8EvjJ3YvwwB+q(w`*`y#wp!NEo!JW#TmGShVWYFc#BZd)2* zB^||9O>CyVGMxk?Wy@(QK?9OM@>i|u9t=DWF103@`#!x1_A^Fr0?bzSzOi%f|q_w`O~`OmV4%U?N0(O2)^>n(>r3Rd_M zk25ztgttb0TUzhiA!a9!7#&x>L>OV#je^uD`hp<|@pxZL=pC9)YP*&(nLzYiE7KPUcf;x)DR@dRZzpFhJD}?X z)nKuIZFqHP;(Q=5$Xo}C%7m$x9^mYi0;U*#%j#U4L4kYBu&({j>u zlxcs=qIyGMcJD`SfP9p-&Kh-;bg@|qJcCJfWbC5@n$F*RtcBm zn#49FM1LM7%Neul4xhkvl+vBmmfnwFR~tv;i*-4mx}Ou`9tcKjF9+0KTuOjEbQnnP zalODWJd&TG;m(@@DSJR$_4ZB?cyz09w#J2DNVz^f3h)WyDqUZ((6~3ZWQJb*wz1QwgcE{~gQ{fvg zVQHmsY=R@?&HkH9CfY*|ore-9EwzG$`FL81n=Gt+jZKHmV&NxvzLca`&|xCP5cp(j zb>?|L++U9k5++*T)j3}h*?oi&0ertyFoeP@>x|L0Y*Z4%qXz9Cs#iBPmw&ZdRcVt^ z)*q}j`aN3=l`0Usg=>zj72|?)_3K*tK^vl9GyQ&-%4wZ^9%U=9Pp4OH4d9w(@*_R? zeeG~i;s8morl`P99|q*XCMYUn&$~r?U`s+Jcx`1#VTzwIL2w)&J?_V7gAbe8^WJLv zaB!}w6YTcBth7@Et=#d{ZO61WDC@U2fCI0Dp%JqUWXpj6?hzotxa-Pq&9!nmH~eR5 z1zJ6Mb&FB?6hP2(#Ea;Fd7t*KWzkqdv;s^*(lAGp?=a%C_$ZH63Lc7J}S{4(KLo3FQ$o`kn{Oi!U0l}YNcS6UoI z8Ma{r!KJRV*&B9klMF_x?4fCNd=5R4tir-^0fo>a>S0=d1z8VyILW^A6OsZCT#JQn zJ7!U?MGsdg(+CbPR9vrIX{lCOB6B5+UTR?8cXjcEbJfl`hf&{0q(5xNoB^F~51tua zY$fr-VAy>R`>x;F{C3oUv#1B{1j+qttiZdSzagQKffg~ORtqgf%gu)pQFr!AOi56` zPv7EG)vfn}7bz*Px4K(k!Zz?CDieh3IMuLRcinM^HYQVs0HCn~6&!gTmarjL3{l-A z{Inw3_yL6?QMqrfB>@;OJ>Jj#v^rjuf{xgj7@rL?MnFPQ%RqX)We!To z5H=1VCSY2>$YDW7*HQtnXU(p>+yJ0g#9hMcIIuIbu1j{1y@rUW#rvYV(hQ?0C*a0u z`8IWamhaog9PkIXs}wa~FGPCr1L3ecj!#ac8$;(#VP(&|tJOF?*)tK#mhRqOw2b$%+Bi69n-OI2H{Q=q>ytQB;5$mVHAC;;#Xh0 z&`f*)O-?1UnU6Uv+j#4!#e25Ncbn0zSUhRf1IH1gZ&`JNlex|6HEJNji^6g z7(kJlSytYM$@;B22!k;nO+I=s2Mzk}qtjSzU^8eF4^4(Z6G!KH8L2OnAu+KTr4W}gAUhRu( z!d+G;qwO4TZitG`$Afa!5<9X!IZSOnkbmGPCfnW~^T}j|)7W>oQ+=-}*FlMO zJ5+URE0C2+8#dUx)88I|YFJe#*C~Il`>ZEeh#>~OMGdJ`QsDnI!{~LIO zG=2StMN(6jlTrz1c^S@?QmI&qU-m)3PNa*s>dMa|=}b_PF0Q7eS9MjM)So8Vot|^F z4KA8!$Cf~URL9$5Anc`AStrx`zyq(dV1IQ&S}HI9!g&WJb=5V6C{gv7Y0>0WFr)6| z%>M!rO|6+*-RpAB?0x+;5+atvCPh>YN81qGfBmr3;0w=fR?`-=Wv(hakAV*3`z3FW zUI=3foo*M!I2bmy$ zqwt^f`x|1L!^!^Yj0qgu5ew_BS395B#zqs+?ru0|m2FZL&bd203)EFqog=qImIuTP z=7+}SNpeu{q&~lkZ^~lUZ0w{M<-9$8%*$1La5Q^-`myJf&d&d+Z?L-hB%K^>5T^|d zfFvU+@#N1h2~O&aZ+_%Airyf64L;5J(D;(kz9j&NIoO7o4M|ls?C$`8GTr^nebXp3 zUqc5Ra9D9h^`8R;g-xwG?<+{D#Y+U8{(2*@jN6vs2H{5IDk$6OIeYT)X{ptb75+@u zTR|At7}>)Gtcz?y#8C;!L}^h{SH@Xb07jaqiWhBqxN2hi;bvz!?HTf&0PfXB7d4fy z%38niZ%fg-sQ_ym%`!l2ekQ;4c5b9|CEreVUoygg7ENsBT6;Csx}ty^Uu00Z&|Z^! zLyo_;NqY|QyctdYWMyUAHcGJoZfqp%L)^}r)o$SGosPigbW%}E9ZuaR$J6-ITs|?Kgq(E4fr~7Ms@Tb6uRixo ziQWplVQ+xed`?Wo92{8{xaFP29TTG_soVT;>_@#oNgW{(cSd1ueIUdRK zkrl+HBn%Crr}`}9>~nkymwdh8;2xCGRwQY_Lo!_X9yFG(0_WTLK)QD#!j;@yD{Oyt z+at{z(>KIOeyw=(c%|MJTa;g>0_AY^HSdgvPVGhDAz)X%+%6h5lp9`Sv^Z99W6gXL%*j^gJGIjZU{%NtYl%EY; ze59+WrPo%|=pPg8=T%oZi80>pFZyLj+R2q~N_}T2LjNF77;@^*)YL(|fHF^^_@8SY z-t+HYP|UDPX?vl1EM>x(A1(-4MBS%eM92N z0FVe8&^b)GH|6hh4{NF_mQ)Lv*?PK_vs&T=Y-`aosn=5;bsFA`0$bS&XhjbZf=}AT zd~t`B6k0#s=^ga_NHLI|WGtf&HnH740oy>lkTCEHX)fRbp`*Ye%bSX10CnMV8lIyj zBzh&;;_^n3mKzprDG0Jq!o!6GuzTK0S6dta_4D^R`_AUHo-IP&#OV$RzYmiU(}(wo zJmH6j{1)$xb(}$VWhgIrE653VxU>AOCP{ft)m`Du>{L`*GE9{u3a!c)JF9Qx z#VYAi?E;fnZ`8ha261V_Mc8gte=MU&ty z%dy;<_S5AhH1wrHEHx>eiHw8g{%VSVY6p_pSO_cS#Elo_jOh{9_Q$FvCFy*=)jqYM zRqKPNkp$R{+s{HrF-!Z7m8Q(RRG}@-GfVAORrL_l~57AN(J~4)cg65Fs;h zZL5IJ{8!K{tx|S9`QuXtCjbbjMQ*5B0o}aQk*$oGB4P(5V36Vzr?Kp(si{b5z6#w& zPR1?5?Yb}CRM~fYXe^9{r>T;`FYkPRzpE$44fmE+a?)*}WZcqy>;6(&AqT|`zp87C zM$Ds)kQ>hLl~~%i{24hK500+gBVkJ@jk?Z*n7dtTJ$xQ1qr#;5iKM~>NyoHm-Shy5xZgju-f`d?kBg{W zMfoG>ke)ervmuO!NwfUxyH{9$WMrwNKLJ>uPmu}by)x;xP1dpD35WcdrBiPtq!@h1 zw3%3}8Mn0#V_h4JfoKzsL0^=VX%wJ)kN@i0hC7*G%V>jK1$wGNBu#jHULDz*8M%^m zncPO0k0{2u!FbyGac{5HJoHm3_B%$<$VKaNx#xwrB=V!v$;Xpb-uch1%TgplgF>J z&ri>=vBaV@^_!mubklJX^IL8bD|g>#A8hD04mkG?hAFM;bg98Nw>ND`C@j~qcTUtWOO6CYACKo-MhJYjdv~YaR;32^LAu$f*RF6>HQpE zktmiLgfA)m7$sY(Os~O`J4YhI<*J^$lCTgl7PStYsGp}A+#?;8zn)SCRbS7|#31P= z$2IP1Ypx$eSYKbFD@L*s1Jl7OvDjVXycPMKIm%lER~L|tx5vIpXu@g0t0qtC-f|%j zO?*eA0A2Gnx;VYD|}TF_^chhmO=sJfG**9 zFLLqBuiuu+yfWR_rJGKxWGR`6FrhsMwZ9_S1sJCYm{|^jz9nnyEhxSAX2&nMnjI2a+JWLilIzyRId z8cbF4n<++}Gb8q?Z)GL`U`&denR2C&4d^>$pM+GSzu1mEI^p@X%56G6vvY}$n2YE^ zG9%uOvB&acOSt*xIjvXR!gjMMwL)v(b$K41rn92-L;xVs6IfJcV0hp%($`IIV|n^{ z!%70N`Ql@zZ4b{+Tvy-_nw6HT6Mwx{p-&g+{O$hjWjSQhURAiX)Tgmomcq#=icjNt zGuOnFt9L4n*Ti1ORf;ySQ#2L|MW7=GeEcwB&^bwXIYvMi#mcjQk9Kk5=X27?9{0@T zcQAyphbzN;tm7^~Lb$3lBP(Npil6R*CugB}gtNQU?X8KD{*(Mc44to~i0goxUq(Eo zC;zn1dUYt5Z!t~*STBa-j^NF*x3*qgC#SVpaVG>&|9JD$F;E0o-mK+yOps=N8xAVH z5R}T&Zsd3k8A`5!=$e!tMvHj%Sr!MBc%1BHZimv46YFw1L;ws2qwC!eBd#)pr&wM% zfZQGNARrY0+@)X#Xc3@-o{u8&!H?4RD$R13L8Al`E?oAI&jI#%~(!NBw%F)Oc{w)7Ye#r6N1I4Ykq;86(Y)i+Tq+zkvtF^k86C4tB(mEv` z)k9$BLQd6|2(|)mt0iRDI1wQ+PauktW#hVYA&S*GlZ+}&3dBu~{atdF$B!>MT|DQo z@8}3G)j?<+B_Kw|?SQ;@8dFVopsGg>o;<`QT;f5lzyfY$r@+PU-xCB`e;?Xc{_1Li zLj{=i*PV)rXzhy+(=+M>V$u|`_K7!CWS}$lPn?FlT1y@0vzI&T)?C*2Fx`PEG9t*9 zZ|ov2Bf)6{ZL?>Ic8;mrbx;6+2p$*~ELvfEa$VR9RJvRFggMBH+^KI11FX@2_Z^mq zw+NW1zE>1izFlsUvUUC_l$4Lf#9#Ggi810`$<>;MWT@h{s-@QkLqV^O5RZOg2nF1e z1a3}Wb|n7^L7+cl`a(bA<&B#K{&eFE1-Ob@+N+JcspafiIn8 zGFxnCl1CxD`Rly07I$MUDfC!tDa5>#+i(0I_rt^#6vkIqeRoHaHXsspTif+y@9d-J z1Ra`ME2FOWyM0&ET(WvOta=%D61FN5o`v7G_W}d1Pwm{VL>Sg;+%JM_A-{(Y%x9AT z+nGv-)keqFq(n{SWmrJjjlsrAN(VjG#G5il&ns#;LJKiT&~ke@gMv@4$(!oKkNJTbCZ!tR}Ifndc5e) zV>T)+rLhKU6h*{%X(zbC#u?y1k$ISfxo!n3aVH^@?#f$y(ah1-3U8qW5xy0VlE?LfYx3v~^E z^VNBTx$WyIS)kndpG)J#2r|iaSlTX}w#U`K!4$)#UHXdaoC(>TJ}=9<0HEV&|7i^- z@;8;Jp>Q3YpYe1=$=O-cyb8AYv*yFkua|D3?@AV5peU~SuHi-OPB%Jy?@kRMyX>g5 zu~w7}Z(IxvmUE_MpUfP5=6g+!3mu?N>+%X19|=nDIH@W~z#Zm=Cxx>rI#=`-PW5Js zHRSz)F@MG!05xl&t5_ zMffF7sNA;bM0P=1%Qp*()RqrKS8`+dU3z7AI|x*5S-4GCOBNLPf@Atbr&i;Byu9Mi zS6WelCfX9=V)uw%YWa(b4VJwX+ckm&KfWTfh-G$hSq9Q}kzPm0LxlVS?P_4L4FM7| z&%bxB1fgIOVv-|!6mrOE>#pW-@qq@SFl_V8$RE0WBsjmE2v5FcRcORmNpTni zSBrcYTIfbS$@oc`RyrwU!~`95a(7XuAK#8q~|0Ld~L9ko~!vxiUYrV-3h+l7d%E^I0G1V+e5UU$D zYjQ}nBU=tnFP0O`x+QiHxJuM^+C4p8Q&_kQ8JCl6Qu8Ta5#Y!~ybtsu($T~BFx?;Lv>T|al5qkW1J|PzJJ#?T8^WTe5*jOKFThfmR$!4 z2Z=fHT{o4>ZCB-p_>QA{X}c$)4CTW@UbxW7p0bEy$!(&0c;m~fXoXH0cKUDCpn^a5 z$<1w41?X9yH+f^z8hG|7m-`04C2%~AMoJTlwD7GYy`S@ZY59G*-Kj_g-Bg&fhWj%O zH$i{Kz#b4AHutCVe_5|dSPl77A3aQy6AyVTB zZKTN&B((8lquASjY$S!@Eqtr@Oc?FUB8qK5JzQ7}lHRFF@GbDRSnXV4yL{6c89wWc z4%qZ=Z{~YLo%$6&_ht8yI3b4GVADI`i)fYIgd%T70H>49@AsmL8k&|ANB|Jc^B(Ig zJdf#x<@cI?0G60RfUO7WBHst@r5v?{bwhbY&SRKRyjxxh0OP0C7lZb}*elKn!K+m_ zOQ`WIQC=4LHRtCee+GcvASDooyEX$>TsrdM8uw1)VpMtx;^KU{=TPlJj3U2dZ59e8$``9yf0WU7_jdibqq}njrgdcj22H2sz}#B^WQYXp4aql-yz~ z#*Q7Lp@L3?#zR%KmEpxOV81YtexnyIw%8;^^R$Fkn6!`k2;P79d-UPvWmPpq_Ekc- zk^sW??b~;FTci}E1y+|GFc`|{1aFK#n4C0CViun&P!}1bF0UeNVOv7tZqAbmn%_LcqS*r834WLWBk9kZO ztc(QYI&9fnl}OJ1O}#7lL5;*C$tM%@tD_WGVRX(WEWnpTU?_QL=IEu`_^`#uf~x%l zQSB~v9C`9}%&*;V4E|K0ki=AnQ31h1(w9CeU`@^!uh!d+FmfyB8`N(8Gb z*w4~|d0XyD@YYEVsSGv3tA6htEY0T_NXAP66Q>cHCI=x~=)6v_)jG|qi3z`FSko1y z8EbzjM<4u#cdz4#^y449YO%@A`sS~Xu;UZC@M;O$+~R1i6CaVq&+k)aqAwPu(c1b- zm*|rj?#(A1*~KV`+oz_!A=4==RDu;9_)+gs6$K7H6;2hbXP8 z8*>&=q|xwzD-cgjB&X`>P90Sw;iFr8ClvU6pJ8wQMVO@9{Q5&(|21)q5%_S~e&oka z9EAZgSUWm;iIZ2Hb>ziGYwYs#VenEZ?K;m&MJqB<{zO_;%ncV55Vz;_#u<3PH+0v` z4&m_|-tC@Z4v)4d&F9voxz@;|i7gV4<#3T6%_PG;Lj*4v?%$4Htr^~x`}r?pGCWZ1 z%`FR=ZPLJO`Thg!2Z@O2zI^-UqoyD%r+@Kf$_&t8gI>)&a2QfNMIlos#>!asPR+Z3 z@VR*V@pJukf_1==cHXwf6Sn&YXPtuWPOGw!l_#nXE=E>dc=iJAXKj7c*@Nj08E`{t zjxNmor9%q^8Bsaz&BVuR5%^H~2dp+6GOK#?i(mij-}9#L<64 z0+qD>K3<*|<_NqR7{s${I+%bB-2sCl!P_BqZ#4u54|*8(ot5=%-Uv#J6I;ypY>Jx5 z1;?abct;X=u)X;v;T7(vFJ>9-@4bF4c*<%(Zyg$MSq=L_{4|yTaJbBm}{lJiGuRFYd3lqHiOS8U?3g#;}^UB zIj$IPxs8V)X16my@hg|olmbxj#NC> z-W=pv5}Agm3(oC4@nBSiRWxMJgKg2UHCn5Lxo9ukYWN9 zJ@|fk*>6}*nvzX^G}NUn(59>Nk5_fYpS1zUN(ceCh@nk@Az-luffFdZ-CK5pZXE6= zmFmmZ%x-+mfZk_&dnwf!qQ$CoF?ekW5dc~a7Oy1Pr;e8~5n8Xt(#DX9Oed2+L+$(( zbq(+pV|PacUTW$xNADa&Zlp=zTvbl9`;F2n$2kg10&fA`l2!}_1pP;Pkf`$XLr2MIhoDZ>{5D|ES*gh+ z0=jk<&%bDO#^Qm9kM-p%{-4`nV>@_;gn6se542ZbvW=7WJ_)^e>))0+xp2Od*e@$Z_tpt7 zR#tpjzG!hm8QA%N5FSgHiaXiAKv?(pai6lL-Wru9B?u zKeTR3^IP9-3q1K=)dK>X#-abKLIRNIID}gYSYD=42!GjwnZCB za1U+?1lIt;Ed4ZowUbdvJI6#{DebZ|`&VclVF`+-IMgf2&#P zuCA_CHRc#&&dJt$p3k2m(ptxjRm%}(9>ZbiY^Z)Z{wC@1^y zds3r!&RRjYV^Y0;(+p>GCQAE)3YTp4}ySuNwQFjPHJBXCrK z@N?KI6u2P~+#kuK6JDiYQTV%_hHk)fa&n$bRij>r%caj>DW&dk-M`A~#t?h2KQjn3 zGU8v*%H8*kNYF=S>%|Y5YIw#L-#=KXi7Y^&%F7BbRDiob_j+yXY1gKodUNwOnrkY_ ztUVG1#-`{4&`_*7>^`SO6R<@lkl^vam%9fjv-NuXP<&APbl?5c^oSJeXuSA^Vr)`K zuLgS_H^sc?9+88^Br@tDM`0U36?Jb)z(NJbR3Ic)rg>hT!+_nvX)KoZ$Y1!T~_ zUjFi8Sp%-&|DzDLhW@`Q5_qe%My=^Szc@dEv;dWIZu!#(e-J2F$;{dLYC`jbOov}6 z>vXE|!9s;Z8|w{tLtDb<bu&(%y#$KzdVGAX_ zB#*|}Ioy6>)exnrrUUGOcQBCj^}O!_3^hyb{B=f{%k}Y66ZizyTRP9x&P+`1Dw2iM zB)hHcGsJ*IwC;Jm#sJG|+vktRiQo~SKJuy^;)38r@<>M-e;&S#C*7+h*Us->$L52jqVb@khIP21oq3swUM<6WvWN2G zM(ZLdKk3=Pe~yQXqp{%l@d5uW#_nR<&HP%DfGJ9`kAS%xi9qW&iFN7I5voB;qWI;D*@al30hwnoW{|FfAfMkT-5E|r(Kj$kL+)GYmYLDnDr0V=N1Z8pHe5|q?^)W}^Xjw^n zylX@M$~k>STu0-|%Lm$h9wmO}8FBbK3RAW|djIsay^Ir(XQuD2f2Z5%qe*pde=BBo zyX7^xLdaukg~tg*ak?{Z>8E&DKBtE}l8aC09b z;Kezz;JiQh(2~`{lWZChn`pA-j(J)%nxFQ&CiWy~dgpkgl5zGqu~YfE)q7Y@U|b+q zv(|p4)pceU7&AMUT*+LldRNx4@vO$2;csK6tJzinZ}-pv{wui)|?0$JTx}5Di5u z=x~FmsQi&_y+tO?X0;)x3F`> z#%Q)p$GyrQjJ8%sA$d0bskt^;F;-|$o9OU>U(k^)%0C`+$-iyFvi zhrY?^IEUv%LPF~A?;oX~hnsDC=3*bgdLX5AUtYj##sim;&Y#)sC+E0zy)G}kxw2t0 znR(uVNA)TJEtWpxjYiHr6Q3@{^9jlipAF4zLct?cmYVZQwnsG1?#(&h2RiD=_U#wp zKdg+{w~tkMyVb9?Ev*dB9Nu3`pFKC7?{Y{iKAaDbQfjC4hLAFe<0T=2w7@yz;}V?Q zs9CdE3D0D^2`5u4{>3i7V}JXgwM3z&HtK&Sj^r$x^)h}71AWY(ivratt9vN0f%>yL z2|+mQ4=2Ji@hN3vtOc6!K`c;qPB|Fe*z+J|`2}a|oA?};G)mCVXL+^JYaH!flvc9| zO`4WHcvODXQ-&R%EW&5Xt(-QA!zc^~rw9CZF761eTayxmvvGLm`Ll|&?zoHK_F})e z)1K#rzDKB2^6ZXW;3VY{AkYQzErH&R-j z2QN6T2jpQ$6L?X>(^f`rmL-aGIp8{I+>pD4@Ff{9GP5Nc&)DfF|QjG3eJ{~W|EvO@d$r0X4JjCG=J}b<(--mS;Fpi*TDv_y&nUs z=Jd;YaoY zjLkwmY6e>C_C{UQ@C}C*p?0{$P8dt8%k>gC6O0EuoUb82h|Fj%7-JDP6KnEgrv(N&LL6AKnB)3A@k8gh%Y&5FChvX1N$>(YgcDI zd|8B-+Ep_Skm4fZ`9-0@S-6jKY#tbEb9lzwHO>pD+RPLG2)qDTvx|^klrn?Q|5q<> zk-qc&QWft>H-u@QSINL`k>p`{D_TR_xY~0rAAu>NL-G|T8b71q*2w;XB99ID6Qipa zghr^*M0*Q@fRT9s3o=Rj!kBV`!sBKtT|g z0SFy8{|P)I+u^`aKf`td@?rv6 zpDr?JRrBDI-+e>*N>nm~1E;m-W)_Q*_(IkDTshni7@rG=g0PO|WkDo|7mcE)`*)zj z7>;svPJvG;uSyq;R@a%8dAt%CcA>oBg8nO6s+3iT{`f-nS81nZulG#LPB942Q)OHq zX>4Xr&`>h)ofchqKG>hDt-v&rhN(z>Y@Fx+;v0#UQfLC5Xqiv3a>pqo~ip51bafunfD3`$^+=|JL!1#p~`RJ?^? zT1a`=^)X*>+tbM17d7GCCiB68nOAp1_1e8DgkD>)UL537i<;I?1sQn2$^8ykbC9ev zegsyEKtdNL%*aG!n6liG1VeW&D(f^B4(WMSFAaw*N_z^BexJl`h&>Fb81T*=*+SEg zcHaLY|1Pksd3!p`uvF7pw%qQhpuXZe1%4*{;|fxmZP_G5;dcIULq8BG^5Yq%RGKJg5zlg^ z1*kdxedvCp^-WIl29NMvyF*0DIQ(hA2OB(eOV(6wVIWKXy?-=5>=gWF!1mz>b>D;1 zk29qmt*}3LTuSIa3%R+CSgsZ885RE!N@9Wsv98no@)!{GH$d`JWw&@OO0C_0YvPmH znbLADSv?cfPv~%?Y-g8;;W_zz#LV_-er5$+G*h>0NIV3Qm`zValW$>c*E12CEUllnyPTb!~8V15u=R= zyFKdId^6QiA9pZfrII&11houczb195t&y@Y2YN(epMts&bzc?p{ZQ)szC8+N5>WEE zV9#<#Ze*ThwWtQyKikp(N5d1{F5zdWuY-0>^G+8g&BPQ`dCIki!CmbRcnk@IPBt!f zc}B#KDm$wq!cXk;4zsA>R&dRAkqX+rlzJ`V6Cv)<9NwJD<<}g3ZBQg3O8wojK*zuB zHz$ACy=bTl)Ej1Jtp=B1jzAa;LZeHI%RaVSe3t$TCHzjyr}D*PP`l>hlIF>X64>W# zJxw?#;3hT+@7KdvmH~o$C;b($RnvSvf2l%;2=fm(5eY_{`v3E?d5qEN)=Z4)ag;BD zym&!uJd|nvWgINXK|AT7cS4E@S2D&bjn>nlna?741VsBM{3gHU?lnTu_p~P4F3I@@ zHk!)!?zCV9-YcXY$P5>;upByveU-)KKaoX*tc~--yc_k~(l9d%)0slToNlpdldzpo3mxS{6VZA76$cZ_U-4}0+HD+I zV1!E2BYUbi1a;{)fSH$Ji=1411-kg?nQ;X%BnPcpYl?ZQYDjC0>?AhcgD$|j%thZT zNx^k_6hbsiOiT=ImU=R}3UcFFCBJ|FE_nz|X!>5>cRRTCT(vLbAXwhS7dmt^*dL?V z8v)XzAEz~xkp+!8XyGKd->y#_7S$|=SxslkPWscuBga$kIVM^y9HsbuFpuX44vec+ zV;oTXPq_$H29Y@A%UWM*bdX+iG+C2mVO(+cI@Hkwv?^^7|DnLjtqGZ<$e-xv(NB#Q zCUz=bMp3$`aF*{IYOeD@;#c^K`)}LSVp9z-~5FojT zH=b!cxq>4&z#&=_($6()d){6^$|}y``t_K_P<%}0+GbNkS9BO3;D!0vVUV~yz&^vc zYg119w}nlH^f3s70#N@(v~YsTJlv*P;Hyq+ax^XU@<#zzRh#weq04zy9k0p^xcVN~ zY18d;9j_GaiR0lpu1#wp-z|u-u`ac|MPDC17hHa|+YgJSb^DqfhmE{>QaTOxMr7>k zy4Ti^Pc&?@igP2m4vUg=noVWkK2KejMpl7S)sc6l zbB1Ep%RO&#$-}3>T3!dB^*K26S_B)PKLLASHwH_qsG%fm|v#)wrkZ+^|KWu@g!7|1&d$@ za!@C6iwyBFBjj_t4BewZ%!Oi5Y99>z-p2ZY&)u)am=FRl^1Ry5N+j3iyw6~MGX|zu ze1!=SwG2f8BY;@h6G~3;P(<0hY%2TvV6Ph4zsp=ssEWM`$Jc9KNx3%Nl_`z@QR?aK zA0AhRnu?jeq3#o-wlX{4R8ef*cop7c-+$24Hk}OeKGVQlqi%lY@7nF{s~=Ili^OLg z>44IO&-{=qKZETNI7Kr}ID)KmB}Dh;n4%&<s5YhZBdNNB6mOHpE9V_=;h{}*Wr~tO@je-m4`=BouOeTaQ@yyO`j0S zfgAcT-^gi~a}$A!4N|DH@D6TpV!MnDu)ctRFZgapz;YJ&YNQ{AnwJ%Hp4FYF8{H{4YVfcyIp8&VA5tFv=Yxo*pXbn`_g(jss*pin#vH%^~^Ll!xZ_wUl@N-gmRC z+5Jbp>w*>Iu7vj|E!g$3ErSY3%;==J&PI+Da#h)!}hSk;8vFFlma~7=oe0T*5f%16x z`_Q+j$ap%82PtHt}>_$7x0ArlRGOWmvMC$_N(!;917)~Q;!l{_5X{k4CT z{9L)D;y|5%U{np49NJt>s``y@l)BqkyYl&)Z_9Bm)HeCJ8m^`e#$jTda=7YLkLI*- z$Vrp!fJc}X3k61)h;>EkTD|O;Q}5#>nY_@#2S&DqFH7!jrxl9fG0|R}DKx+;v9(ov z;5=07&KrGpglZz{I9z=V98CeW>#i+nJ3Bs8b+8zXlLqY zJRCosrOfVfOi4m@^vJhX0Yzq5)%Rs5l8aTlAR62Fw#?>nU63f1)xeF>fu@99xN`K} z#?kp7P=4_YJk?=TTAeQ2XTk10EWa}}44!%?r#LzRA=T>3uBFTp&H5GkxZ#lH#!j^D zAe(ic!mCEjl$*+T5HBM{6q@opB+W!=7+Ov$Ed^=SL3N!?`jzMkJ^m!z5Ms9<*W!T{ zn1kCEoH9Q5gCx{PrgZowgG!0g+7etnsX35pL`Wcj>!M8bBco|fyYY3K?~j{C`NGI6 zpK7y(w4Kxo$&SEySR#GDUV>eg)TgGByp>PFx`Pskke-*vck8bv#+B2(KYh7uPxrgQNYDQc{E5j@ea5 z$I${u#_DFbPM>QpRLP|K=`Bu(-K`oDGGFkPXK2YCw7G~_;Z$ba|G`mFPPk7dtF5W% z*Bx=P{bf)6ZhR{AQe!mK^`TbNBMeNodrdE|w1*9zk>lhsxxn8?2w z_2p~l>3yuks~qa>9*03Uq#3@ul(l=-Mgje7)1DES=9*plo6U}9b~?b4>zfcd*rK3; zdzu(anG;D2)BZJEu_qx3^mC`4n(-FeT`;G9e(Um|UH}!hXS}5nq2ylxoWlJFPA$|f zd_*vuq=y8XD;{vCvm)aG2g%(NmiiX1@l>BLNV_st9cJF-@gO{P$$Cy07@;hQ(TAQU6 z3ua?9HTWLKJ7@P6ezdTC;7rSEbq#NjYomgQ+ zGMHX|LppBxl>MRUI34qYBe>O7?0T27AWG21p3_n!n=UyyepqYawI>`xrPr?$hQ?6d z2}CT3cG*mxxi4Nzs7VJkrOi(U0tmJdmnEY^x-Cx}P5DdriaUXeM-mnMSXdx1+SV{cCS@re z(xIeZNOp`QrgO8HxkR5kK~ccZM_3-<$^Gb7(l@+7@aLvyhjez;hZv#O%N%`_nVv5e z+nTqc_$Llf7&4(`gj+eTGL5C5ksa2#i9JJh(XHFcV{Nah)4yL08=TGo`aU8hNTron zERaclk|iTu&gRD?wXD8YTY2heSGzw_&`-k$0`U*}Q{!hy#bM<0?0dEPX2qSOsa5Ii_J#=0)*`e_zd?JvXri%AwtHR?mEt;rmJh9u-5U@ zlmg2VzpyA7T^YmCXuNXSB;0+g7T4o>?Isur3TSN8o`q(|jE9p&IXEh|5S6N3Zasjew<7I-l)dTC~Q$-##JT#oW9`vH`$WnWH?43d7>UZzrpoh;^<9DupJC z=->vG45Ct12`1%}w)Qj7P{}Kb%I|u0YJWt^&lZ`gzc3Qkdxk#Z)8~gCCw;5@%8zN( z>`3y>IX6X*w!@G3IEg#!T#w{>HJHb`E7GXl8$qv}?<(QHLM@{cn)1x$xEkw9bM?+~ z@kp2jtM#Xp-{0sk6bJB+oBQlcn%IdH*v0=HXyuJ5D}Nm~fB^+nGPB23=UTcoA%Qhh z8rz=BfddWr_t?$V`j}s8cVifU&Ws!&bCO5@7|Rbn**_W9?iX6veZ#7a&APDXYPRN7 zTvvWSaZ;r(^W$3Q?Cvq^VG-w+cn6X2A8_S|FI0Rc9y?B-M!T*)A>61X5&Kl@lvbU@ zj>`OVg>%v88zb!b7}axSkCeaGs2+(!!ExZDF|ONE2u*0coBA0w9E}}z*8tJ#{nIg= zZo-!J*%%d7;v$~>n~)uM`$k!}<*S``H|r}`f+GT?ThkmMAW8Ji$*I{=>aHP^5xTo~ zB_?(w?Fl74spYtm#y#mpo2{QDzU#SKQ^1WpOX35I*l^vyXMd&aTTqiRBkk)UhWYvx z3QK~M97deL5p!!n>s25jsJD_Iv^=!T?NJ-K!9zwN)b03KnC6PUN@QPW!`$321Gmk$ zha7rovg+)ls%2nCW0ch~)cyGtnn`=^V@buJF5z2P%J@*t;u-Ird0lhW@yHJ0brKt_WlRJR z5UC8_fh1o(P;hW+>2*oqeAk{SU!a%?aZ#!b1{r7Q2W;r*3-`Uqz9q{GWDDM)Mv8WC20J=&&r7enSQ;F*>G)-@%|TmfX&u*Z2i*ljb$6 zpzZXVwavFI+h$)n2CEzg4C z7DauTq}GY2=U_JG7GKZ}ZvVmKt0bcM-~C6>>AE=R6oOn)RNW{JTvC}1j?qwPT7iZ~ za6Gqw0c-2pyG7ID9HmrN?dr?V9feLP@%kU~D2AtToo&|j>-Y-tLdX%Ej-yZ&nWbBg zGb@}5-(b>lQr*gJazX zrbgk4y&A%S;^5Ek!_s=Qz64(JSXKuZD+n7vNWT#E-sUf?zyB=2T>js<>>CuW)6C;p zylt+2yV)BFym=qWnzLMgKhYJ$^i!V#5x|f|l*VX*l z|A7_QZ2eJ9d7EgqT))`2UOo7z(9WfoBiL@VUnvZ)&50SCDs{>sIO95YYQ)ymL_>s{ zzG=p7uG9(@1_N1Fd~0uVHnL)9E-R zT4;WqEE>@F-;Vs(AVUV4=S>$oyTi?L43Z|)*`pDSOk4+VGzGfJ40&y9fkvLsrmuzy zs-3|jw;Ov^1BbSP&#{#06`Z8ugT{%u_-fl$j^)cu%70{dBCv61wa;VTMpIBe@%cE(;t>2!1k&8nfZiPN&vZZ*p&26Yyml%x%- z#Meg5hD4d)G9pphq9EEEy9JgLBpnp*8_7)Hg}|IK4sT=l^{T_Pf7B|q#be!ogUh$A zlQo$I;uhIK+8M@6Op#ThN^75Ajk)N6Ouv*aF27oP5!*beV*Q=5Or$RbkxTq7(zm=f zUfK>gpjDzGC@D*QW_Y={g5oL{MKW z*6Dn|R2(M({&qqL3kWQmW*h3F*XCyH&v#>wLzDcWLTWYZ8}bE7oiGKNknN->_`^&) ztO1_@e@b$V@O!*Do#18)JlHX`xzRkZ2xBdf0o>gqpbsT8yz1w z5*}EhQku=GWipK#4Eh$qbzyr=wpM}Agd-hj((Rm@WQYCQ1dajecDLOC2zjj|7UK8Pg)}KH z#*H>xw>aKs9A}Xw(GXC+6GHy&ER0ClGhk-|;x|1m5l~s`_Nx=&#eRET~Ae=f%A&_^n~}ytY#efxaTYfKOofh#3%JKOfGGzgoW;} zKsLV~L7?eL5==~{LF3a`c>oQgH7s!9FaKWXvj#s6fE@Hy0c2iW`To9y=Y6NHcgDJQ zajXn)2_|AU#p&t?f%olSl2rco!z@N*mvntxtY9BgcWa1+6BiH{@nrmG`X~{#8v0MR zGr$!1RB=EL^fzfpNo8|)S*w$c0Rt6DN--t}$Xtl9T*pdw$;I)|x?0`S*?Nmg9MRCD z{Q?*hcQshME(&ED;Q7l%=Y|B-It zf2RD?GlvrZ(!f#hKfMHq9(yLCBT<=WM7{&)L@3$p+=?ccf`*AIC)dhfoaINY-+tet z(c@%7%H7PY#&DybfAz%AHe+}cfXCZiv@o|rZWTjZ~ zgt2Z}roQ;SA`V`597E1}B$v>Qn_XbhQi@Ms^5tR<1%~JZhNv=HhzU!dz*V*#TJOd` zkzOwEtz{4{#z!6kd|Wz=3>r1DZX*k;XR+nJNMyw6H>iU_3@h2lh;z;`T2hD2`X?f% z&E9>FXgR!1Km{A%q|6BUz-9xsa2tHgZXf%L240bhY7CCD%f!t(CApuS#S0TV4U=Lv zd_n?57;szvcZ*{nGko$ucJY$I736(u!oYXyR9=9tm3on2qM)AG(TA>cm!?WWTU;t= zdaq1!z<{QD^XxY#)Lt|w%l!)A&(FJWQ|$0#uXS1Brsox6YewuE=Fe{zTAbYe77u|^ zsuD_;rMBETsmX#M^RNMiX&+!Wk5XimD?q zZ#{ntd77tWdNh`>x$!`Sc>Z#VMBn!>giSkh&}FJS{raZ)n{P5Y{;LTI=kkc}aEL|> z@1^Wz1N)o>5MtJCJE0vnL8`uaJxj*cUK9Zt@Zpj`NhhhS&VKUkbl{7qY1Z4_3Ayg~ z%Y?kl7+R2&;PE3VQwto6o5uV-&22q5$V0$MOrnbI@87D(IF6LS5#kH5mZ0Jk0RCm% zwszFb=*-k_>^Xrei`Aj(dJkzPuSvrtbbR@scn+n=V&Q*%YdGY4O^FX(+Mz z1!%0q!U>wr4BHM)TPDs^8i+TSb3U?Ka4EiCsQt64OTKnJQS4mXnc_fnAjeLoraybPDY#<0G_+s(70RshxXN zbJb7tHTsyvfj@N1$3S?OoJV)Q#0vCQGue%wOTf9+QSt!2Wn4h?g9^OQg6|i?g*l#0 z!DZJ+>1vDm0U7vk3>~)AaqY2%C`-XQCRv9nI4y0t#3*y0CJ=0)K?u2~n$2(WKekFa zp)4QfqNWvdHee|!a#7){@&?REry8@mtY{fO!k0&7?$E=ED&6M)iRxT(S@2T$OW68w z`_~QpEHITEsI<})l}DAqSCxPbNOL5(G3Lo-s<3P zZma%%(5IF%gx&8=NH#3s_IXEE=0xouI$Ftf<1MZyt>)4CWeQ(0*cw`!`Kqesggh2r01d3 zp6KvSO^az-70=E{AXk*AbKAYe&-(Uf=|eJ%&zFlY0&K=TMqRf>ui0&m`8D<9UO^B~ zPBzqWPG|{#+58zX82K|7#R%0TYm+}lpZ>!}5o5dhH8_Bp(n2WsYb&RAL+)ht{D2Urr~MP##*85PUC*&62vgzG5fHvid<&Yst*&qI>4$d_ zm|~bppxock;9DA%yXDlB4g$+GzW=cW&V6>C7iZ>+%|-GDLSaKYT#;$f`VX*D?euv! z2Pvu3cSWyfs7?_0kl^L3<6w>z+^_o+$Yj z!+vC&O5ykC*LbPnCF#y4+9p-b1C3j?barF}LuZN&k-GJsxRGT#^|r@+2y*Yp8SRLx zPSzTO$lq1{v53r^fLkD7U6nvy-y}c$=;_aYi!hJsHhj)c5D4R)l8(F(3pj234%Exm zqzf2~YfL~^TX|{xi>Z~m%`ur3UL&wn?}U)hmB=wH@|HOc?h_)Pr1Y85L9DM6icO)H zCAhoQ7g1-APixMPs$o-#`#1hAmzu3dU`L46>Xd~+uczNu77dXu#CUZ@;f?EEct7dX z%t81}p3eagsYAetGY6vD@=wbm-dxG`Bj@ALP9MKyy^%laZ=Hy`aXsLz3L>5Qxn4zW zm&Ie*&U=h+p)q1)d^`9r7tgkjn#6v|J2y8U zM??Kkk%6h>kcAo+R&dx#i^av~Zg{xUs4#agatssyw-|vWcoBr2{!X(N;(hHy=ODlK zsNy0a@k`Fztd1*w7Br;HAG-G4ByX9@u>IfP<|LTILP0MI#+;q)S%#6-cwOD@yYpIY z3Z|KnI47CUYGpbtt~Gy`p3EEk+7-vHhiMbG_ zCFQ)TEU17Y5&kTjI9>HaRrWjvR?iY;<>L=Xe z=l1>&W*7x&M+EN1TZDic$QdlsV5_|!0#G*nD7iT)(W}ffHY}K>&l|kuJ`k76*x)AP zR6WpOioZz6qgX^)BhiR%O}q9VKu6u`7>eJ2H@f@5AmlXCOi$YPNIwAkEQd0T%3#E( zN+6~^Rb77leJ%N>Cko&A`!bOcm)@&j?>R>Vk+bN1s}tEm*K2?jbY7vBstf zQ^8#-RTAm!P-U@~J@H3%-Qj&>sCb|I>*JLB5|0(Q-IJz;iP`TiyRn9x%o)shk5kSl zV_tQoOUsjWr0C3ov3JBQ+6PAxZG~s{hHXPTF`4!**w#9N54r~~D{r|#n76Nj%l3GU zT7d?*6Q5yG1JtR~N!pia2Y9u*kRCQCnxvyR>_A>QIy2{@b(#4^h9Bi+;xM$c34Uh? zB{`H0nr~UZNq$ZTLOh&HLihTvVg97+_^itD& zab|FFzcjsht5pCH2$Z)XW!Xxuy+_p`8H2n%@SS)V%NkX}W(%H1M}*|3c`Ww2FTFb_ zbEg$v=bNd^IXoBA_B8e_DEK<0QTpieJ-%IE=~q=t{o$9_@CK%5-|?|Xr~{ZYR8*ZQ zat7!z2ThpJ(>J|MFVn?iA6s-?wJpBsJ;o7cKNr=$bFS#9+&ZD! zib@EvDH6zMz3cnYH2ftUK-=10G67gm=ylLk~&M zQdrPG0M`@-a81_$>61|%_~w$VVCnXxUhqT|@m-FX1p?r56>)&XPW-^6M?{1qzvye5 zL8~?IJnHl|S>C_(Z}$G40fg0ln8CX;P((=o|B#*PbC}RhaN1QmnK*P;O0c*!qtVEi z!g!A*;+gxxgD10T^Tu64a<-mc57q!6@MC_ACa5Jbax<<*sG6ZRucfSP2^#e>f2_>( zN@OKpMa5}wKStf~nW=g}bfzM(JV8XNwQGwV@DbECp1Z0WTg_JclJOK*ho=>XQo{hs zFA3Dga%@sLhs~C;7E-*TURq;P)CUwHHhN|SQ!)a@1ZpKJ3`M5Dhi!WG;M}LqvlgPu z5vbc|RxW(Y5M-2p*@wuU#?1kO_PtY>cx*viUEapU@-Ioi)zlzaUDtf>vtqqX6xsWa zT}aXiI)|>wqUs@)O%3>#fIx)Q>vVB`a6%_qU(V8In!kabo?3Ika6zMui}4$wgX=7& zYiRaXM@&=dSWE#DVg}bk)VA#o?FiFtFJ$xK$t?` zIR~3e|G&g3ET3AB+sj}XM+LRh$l1?CpilPar+u1}#nl#Q;yHUdVYNAS2-X2K_~xTK zy>417>GsawZvXy2BNO;B<%eDcx$|m;L=_Vji61+ zJ9jh86+u%Ss&N-6>IvI(KsxmMR8I}-t-WT&CrW%fage~2UtI-2whjqvewyUFFF$P* zIQh=DKo+^)L|4u#=@y|1ExjzewKi%OzU2 z&babjocZ$298rf{XjBD0I2S4xLLSg`21oN{`(Q#v!}Db5cYI=%PI=Scs4vkHSuac9 zvZNr&rGj?X!e$TGZJ-A>!NPRJQKoC<`SZm<@>slf?R~CyVcG8#C*5YwJCFDshJ)V$Xw#@}@b7fbK5< z;z~YI)wLh5UCL#$%4mLXly+2QS+?9(Gh`;Clgw!Y(8Es(7M1`sX%sxU7<1E_3tb`? zn=L!vKF|gC`!)yYsaM;s3-gLp1~(b9!NF!po(5OHO_0`OLrrzV4 zuPaK^590_Yjw3#=QtJ{i61(#-@h34b5r5nMPFpO}_ptXBJ6ht!Q)g;bGNi2J$CU7& zUVz1kzvCDedzz>?%>uo!m@Y$ZZgY$~A8ZNuq^?r7Qk$I1ZoqsOC6itWVL4p{Av>sv z655r=Zr$B0E8XMz;nhQP;B~y|M6p;QsfCsJ}txFu$Zqcr4=;R-odB& z!fMN<*JV&t^xFopdvX~s`LGwTFPn~75C0-<$Fp0zL0g)f&DXv0PxXy@)p%4V4+oKQd~so?0Ul zmXVgpB0;OC1J_H5@?<=Yy8s%p__pfCcT@r{^{q6_gdUT*Y!%{o2KQN*EoR^t2h5$+ z>qte)7j3`QE0L4nk`QB3mgwF*$h;cplz~lb+o8cj)S_HgWWB5@#W<`(Hf6auVl3PL zqy{16)5Lwd+D1IveOh|Umouq2IGN%xI8MOx zkU4?3Nd~f}3L1CKpAQCAfiUB)&Ijj^3nv`c-DZy%(%;_UNp}{0nYNH=+e`?QS;Ww( zmZEF6*9ihhe1}^qx&|7k!^BioL8=d4NU!?v=loXk&`vntWUT5rsB(df3x z3_fD-1CtI2#CYjV4E3Vx?`#9LJZV^*>QvwjXt2N*t2yM17TCyC7^N1d`MdWz=AKix z>p1-|dfJaI5+A-eIG8McVx~89`+4IdfUWk4cEf-2qAJ!=Cfr^w`T|Rz-U7_l5|70E_OepBlXTm-RvkECID9mlXRcuK*xV9PT z4&01*x@OK`gJ703{W5_mE304Jq{@8y1!5(3d=+wk(3}_~O%5ReImW*~E<#zn>lc~1 zUyvP6ObrL6J;M55(hQ>Um)ym6-_donQvCNo0>)heF#T0O@*llwurc4XuS+S(&E8&6 z{Wg3D-A~0t4#H#G_`I#qkWix_WF>X#M}_hZ;|1-IcM>Fz!XI3ZWE{gWz@W#P(B)co zX9;thIwy`l&bf4)>l zG6>PV>vR36sze@VB~6YB(o_@*lj0wmKD0eW2Yhq;lC`F6xWh<;BJ);0BN-8`AnUX; z9r6Lv2#pdQ@NUB7DAHn=E}5Po<1n+;QIVXh#EUQDb6n_dtN`o^8WJ+Ifb@&V0F8)J z4Cjyo*-}*wR5;z2OU~rl#6)>5dVg_nT$$1=4XAYZY`G*xJ+>S)tJ+zebc_D!ev0Rs)i3Lo}|i}^vj3i*cu(?ebV9JDkMl2W?Nylo8j zYt0QdRxGRxf>OZ*3AK`~@1wC^iNi9quF!T#lm&;QEX0`?EK8$aUyKu7OxWL(XZNZaPn&O&7g7_^tp64qT%fyJg!_SHhEh?ne) zVRCd5P_XS3W1xC~lEG{C+jNgyZ_LDc{6(miuA$yK9MhlYG2AQ&1$M>0u6!$A&$8M^ zZkA8h+?Y+b94NvZhQnn94d;kx?vt7uDrKNC^$MOWEzIP*t=n}L+`m|Cq!D`%4scYYCY6nn}(c`h^z-_!J&~{_V>J}gGmcAFrw6d*L-dq zKey)oG%|FT)e9z-pS`c??Rl8kp+B!3`C!y-wEIM;;8SRObnds^B`-)~4pAc2l+zi#g2=H(f0CDtsy@?Mq+s)8zPn&xeNbre#^ z9&$Me*0zHwZRjNeY4H)nmbIXP4z~_x0h=Dg=|L=%1VY=&xClnjvAPywsNeR z!!3!s%IGb;USqH%?Nvd|HwU{)6ltSe90!f=`}M{O!@IV`c)#SeW)i?l%6%HG_+;mO zCgOTXk*8D^x~whm5Ngr9+#!pC;fxDIQTK|N!yd~N9*_U2c3OE2pv%{J(#d zUu{Q!laGUYnnv6s7Wg}pkWG&40|d)xmFw1I;vUu`&Iet90SVp+dIE* z=9YNVGIbD0H7uv?&TlG=+~U-S*4V&nAu(56T!q3=?M3qut*r)OVZ2{H z`NPpN3q?a)ydAY7Gf4ACb9JYc;o9E1U8)4iz^hBOTtN(M0~FMJU*rjfdy`y$Kb5Lnb#84U4I8HN*{4S` zNHuwSdp}wAP(xR3B7bo~EwLAx>0;1t%7E z8D#`>fM^4)L!J&AcFRbJtAZKz7s6|Zz{gmCU!Z~)3S)^V0dAE-TckO$QX=~NIfuWI z=|d?0_VcqrdS%m`hE3^_oK1Ock%X<}>>@nCm%KEZ#PN8j6E33wY1;(WKCW358*6Fx z8$C04xd8Nj!vaXu*>4svpMtG8wFytC0qDY zFgYYB)GChx$x9SV!W5*U2g+T2{o|=P57`nC+hSdMyu5Aw6O{XhZ(?5p(kXN5x#JsE z(s1(abW%bQgsO>yW1~R*<9>UK%+@e%8==v3AmP zFLGVbOnZzN=3T4DZPKJf%C**_dnszm$vcnjdrG)_ zUzQ&N5Dr+=rR8oSGEMVKkJKdWg(MxvM4phQJ?YfkD|l%#zDgoct)#kE#?9AMkD2vQ zp1>W@O%y|;K!W|sBHpv(4$=|+Yr6)1)ar5WL>Xyxr_<`9IozfcJG$^uZ*uxNsPu$e z^k7y;#nY|IT%=+CSP$~zI`c;^J-aaOP1bxzo-fe|!>{Nwfm@@ul8-2Sy4n1&kg+O) z$W1NWUG;PY_Ov=C+|M+vR{c4I%6?E;jBcLyqy4;gUXJ{G5{PjGzJ-Hpi(4;)Fi4QU z1?G2C1d4X{agx3q{)B2OlAvXr_fb1*Y_{pHK?~o!#)SnAp7y4xcdNIi{i%WsAy0cl z9)-k8BB44QDI*haZ^L3JHFom5vjcI!^70Pbv_y-WdSLg#fcwN-#6EN%V?9gn*wQSy z_Qe=+4>H<%uuQ6zIcw`89o@2D>ZVfE3pe*n8DNW38#)XwE?=W%c3f)MA=#sWnG2o3 zGk!|)XSIdos^Hl9jzXKK%x{wE2%6X3P(=4w?#!DjU?A@_eC5UWRLce@f?r|=(E&OK zP)+=od0W|apMH^kjuDxF2NWOsxV1~Q?>)}fn^tB9!GV!P1G5tOwLfl^%C{`1N@(zd zNeF`QF*(MuM1-RV~pC?#POnk7t9=GGK7Hix8T944N=1 zkiJsvH2_8F*|>$bI7EY~W_7)J!pH#=aytOJVb%ZoGs2q|xmNa5_o{kWsC_XRxx7ka z#O`paygsa=Wu#CeGCRNX<^jtEQ@_U{Z8&buDWbLT z)2{&ztAdIw&GNv^P=K`dAg6yG(*<>Fcim4w0~%wy`5_EBcTh0Ni+%Wcj$DmOR(!XL zA!j!PC*q?USalw%d`O>%UmJb(rX7y=7?>Ga+>@QgmCR#w3NHP$ zOw%`R0jW9yysZAz6;Z}=fA28wf@$u1QKL-N(Rp2;*SF_$Sx5AP`HA>Xm_-_zQ5#H? zeqRFmz{c=EKmWX%8cJO<SMg3 zci5-6VL`g?2z!vQS(T_wqWO)YGLGo5S(iZ$Fn>w3;Q!`F=nh)N{FN<3@```)H63hYu``?NWrdx|qrIZVvvNm8Uy(6nJgMM@6aYA!C1Ypd(_G$)qHy=P73`pU%d_xzn*;Ra+*e*qoaRGA|vc8 zor*e4mS`VfpY8$&j4C_2B{{-iGA&L`VNx(q_`M}xcwlXldE!4T%iuj`9}G3DE{L*b zEV$%KF;4Xhd}2kmq4X>R-2b^=>3&Zme)h)RLK0UL1m`3ciZQC178LfwW_py_dFfYw ztcDF4La3OY8YFzQXPEKB2yP5Q!3cV1eI;Q-KCEsHcO`V0J z7nw|q<5dAhP0olQcX#3$2!PM2WQOtP;pe;vcipR$zFI|(^xoHX_l79231l-Ns<vTv3OtcBSK4}b zE6cV`6AOs5Z~(pn3Mp7ks#{Mb3{#5focJL_nW>G5nIjs#&>Ta}HZNe*!>H4P1`Kq& zQ%jtEjdL5Q$G6sphAI9gji^cW_ifq)*8#6@=VYBRwf1d2=7GGByGXiz5Xe6#ZC?UC z(8<4PSDp+~G*6j3tN&xy-}~!kfz;?TNay_q`6MN5AD*CwNq7FeI4q@^ots)*V#b&l z&lF}NUHsRpX4v9U?oO?u|D-(0Au;$u>mjLFMtApe3X5i!p zrO|WI=LL0ukFETt1|b-xghQKZv6=51f*C%}58+GF zx#t2n2+Oa1`<*ZB7TOtON*+>Fdc0r?59GH^ZaxwFX2O0Ug$wY+zbPOkUJoc=C*O%e z_A#LxE;>^ip60n=f*4N%KH&9Vrm`9?E6k|~puT9`&DPXR=cXk20$=h&gwPjtN=%^> zcBH+>AYseV%ZmOe`Q?( zjR&K&{uykfWj+`JF!jJeIt^`J$TGsW1?B{|4`;gk;}=L|yx!9drFma|P0}O7MomBh znLgw{@@k2Miu;N1m$eAmY)<;A2Vu77$bEU|IW31(9J-&s<_7;W+9(x$cs7OQKaU++ zu)svw3qRxFk};<5)uarE#xM{m3kUlF_Hys!-F{N{0al{J06oVl6aZ(#x|K%sYy*yF zpN9X)D66|ncO}tg^6jK1(y*QuN6`ipGv*W($@$=&w4<|TJFuYsyXF-5M@=kaC;F?jX#5St?`XwLZ^PMP;E^1inJ<2Ud`Vu zml}xt%EZimsX67m$ZiN3l794ivKVas@8as$INlUEgZ#XO7Mbyl+lh(gPAqJKNNB14 z=GA^MYOCp}tH!@J^^nkH)6wMoQRsS7aMmh0g<2U#(LUBd{rC8%kY9~`TRFxuE7{l0=cYJ<#Fze!$y`26HEg~kQWG*s1ulor=qPNJ%5 zo1L|7tZHFqd{lWS8q7E1f~Gi1hUA%JZb6~KbUcrR6B_>oc4MiCf~Jt&e-trCo>;V0 zmd0{|j_>1B%ZIG~zq|7d)x#N_nK;9d!drSzjRCbld+v;M*=x)kVJJ`h%V7kEZAhr5 z8Pb<4NeLaRRXZvg_vJIxF=0~tVK1)$kAo%QnYdNBj5Af)YS$~<_R+o_>NB}0tXDJR z2J-cqnu@>cs>q|EXdxoUQ!2So;E-L5pUkkT3*IY*@#rUVsFI1%SWVsE=J4C zinW%)NS(^+R(;bENtFzNmHq>nMGpq(k!wU5=Ebfn)R5IjF)pNL$vl)lj#LgXAJ@m) zuF1deQo8E5XQ?ioJ920RhxRT0hqx$-iHV7ggM-J*t&Y%LJep?fp$%x!e%rk+F(GKJ z0eMdSBk%REkVXvooD&oTz~qXWH}(s`_q=Nf}*efV$p_)^gJ9NUr7%f zIihjbVZ^c$p#R2M2z2!HW)>C(i*_D)1n%m;iOux&87Ad3L;OHb)BwPfF}}ZT6#(0+ z@sGCae|LHoL;hC?^>1!IU%CJH;m%(zvVR}!f9+u3Ng)_t@06ydCQ^>SIz9%VHOZYu zN=oYA-~OLPcmGLz_Ba0D^YUL04gYrsXR7iY^EXnlJ$(kruAY)hhpSOsJ4QdzhO@a_ zWeWFi z)G`&ZeYBBY-6X@ZAl8zctkgn0y?RLXWzyauAP0{yD^<~IA=21r9!LcQEa~UwKu+DN zpyk%Rk~w|A%KOW2D_-}qJJpc7 zS+*j+%vy{`R!ojD^@mkd0zL66yk4_rBqh-K^J%lR@~qjh|K%yl2*j2pOoiIGQnE?Alzo*xPB(8y9uj-^ex+-$M}SO>?IdNhco(sAE(GvK#`1B&7ayg5dLOF0|3TO0Vh;VeB_ z`mOChg-@)os)sy}Y30L3g^$k#*fNm0dZC~srV$tn$BIDpYgeqea}kL#$?HM|OgID| z!%e`K7T-2uk}fue-1@(eR>ekdvum#YIkRyVF`h9UhWT$w2TMCm%OLA>{ zT)~iUn*;O?Q)+asY^6FmTop4(fRPWs9$f=>bKgd#%&zKa+l)$#+QJ@^t7>u~N^Pmh zygkH&#p>>Ipe_U_$5z*EuT=v*lECD)ekaae<0Y~G`gbmXxU#Y1RHbp3{N6U~Xd@h_ zq*D%i@>r0ue){Xmw{Ue$1_~z@eocSsB>4Wi^J0_RjN;e?C{!Ddwz|h2KUBm&VQAA5 zv+?}P`Y$7#6!m22b%&Ai*B$hZrR5~of^P*$;kcX%R(M0hdWZVGWHW(wmHjwulDa-* z=@KXjatlTkjdMhkA)zcoW`QH9H0eJjODk+0P&-D0C@?C9hW23ew$FaRfeEymfieI( zrnvpUN3LuiFfeiHPx642ojAAPPgXL^t9+&(bIiIk%5_lVkbuOKo%fFbNI->(5Zy}P zk`U(W;)1GsQ)!Pp+o4cDlW3tK%VNodjnT0rsK^iBrI_R8dg?HEVxEcZx4fiXH+`~V znP0!A%`TUR*1)*QbxF!*h~gBGzlhJJlRN{jW~yttAp|`LJ<3Scb9v{_ z9k^<>_7+va18Zh1S#7I(%At0`s3{ zXUq|qT*Aw&gOe!r>qXV=&bnkHo#{9{A|I8^)N`sv8?RxYOIGnY&3=4ze*}SI9aBht zFjGfdn9TMqdk#Dp$kIFlpkM{R!m!z!mnSDM3E)FD&|rZDiR6{;`jUOT0y%j?jsdJwDe2<2FOjjh`mX5*P_I>4cFk{WEN1dWR|=` z+-8bACmWdJbd3B!1_HK=P9p#ywZ7U;U3qj8H5^mQYjq^u(HE2x_`C;s5NNE=ED5M; z9FmUcSBR~Rk4o$5(={Bz!VRVEvBNeA;sfb zIFWTovEq>!v)z{w5~U2vh3wb|Wzd^QzAY%V`;mF-3tWh4@=x6ny2~r+M|Y3D9>)xc zEXfv6CY6hEztR60GbBCdj`!?&o}dEs{2+i#&RPK7X9>+>8}1QEmF&55s(U&_6(HWR zM|6ZB@Ku=xz)g!ON@kMXVA$Ac(9w38$s~Xg@YWGgpP!)Vpn|5;yY~@G-@({rvW{6J z1kbIy4&>mm3XvvV$}gq;(snTcH|JMwRbuV(lM|h*;fpv5r0pn~Gw!~R;q3yc7}+^g z-+mi6R+@WnZmqziRLQ^{-FJLIw4O=XBIRfn0N()RuahBb7+7l)VXyC46n9kc*!jdu zvT~{-9_T!pd;dg+7-0c2#R@7#ZSS2OZ2av=y%DBRVyu>+m>UpUNBE!^hmk_FcQp3r zyK!a;w&rcX64gq}sr}vD9s!EjKI+kt1}Po4!Q92Fu_VdfWB-R3UL&idrRek7J55gr z-+d}OVsmr$kL=Ck__tt$0Xhl|eIHvlMpQ`8AH*nTbjZ2o^9U_HW2ShWcRL-&Wv7T% zq?u;>Ka6RS_D~wecjqJYQ10r3f0W;;Og}!%yUB}p^G3CNaaJ^vIZDRjk`&J|c_qbHVSc}spxzPXFDuis_ z7{7+nt(QO38Bmlo)n2k3NrQu{~Nn8ftOutHAYw8tYT91#R6HXpfp?N zW$@n+>V~1q?w^F%|98=xsiR{ujVC4-_<@SWLP*3Wd*|O6-@;TZZn#=Ga=n1zD^s4C zXAwBCT3DLph6lmoh>L_MW9Di98dN!&G$~HTB&%F^o5|%W+r2PEuK3c8RL`r-Ejzu^ zprBeHH1KKoM}n~7Y|DW9jN10ev6_tb@0wlL{+N3oxXtEh6!)Z?6*gUktdm@I*KKOa zzlEEaK>)aKrcqJSl3Q(>m%NfbZ81Fm*(76(Ug(Xlbmt`b{u3yce`Osn3T3>*C$~{? z2pCX6Ma9E66y^@j!H(EK0sa+nrF#2U4k%R7xW{B*O#Y@=mnPXOulMxCSas^%=R@5Y zfdPJe>H9`^Hr1w$XdS|?0)%sZ5{)+}@M3bgzWf!JZD+p!IH7C>&vWKT-aT&EVu3%g zT-2R)c{K2X1(VORoz$$gGxyP6(ut`?r@zZPJ7Zam*e)>52 ztJUn-cF`rSx|QmF@e%lCy*8f1it9Gy5mDWv-M@wkw2|pyA9`n5Tiy)1Qwwd6j}BwV zWIqQ(j?lMxsLQ){4ve~tdNAs=7gJDj6(&|awfeRTL4cS&r>edug0$20Ox;TPJ)T+c zQbUqLJ*zwRKz7+7FXklNZ zN-E}UP>#|My6JWBZ>&y_^Y0uWV>(T*5IB)li|0Mu0qbwHe}vDe>R9Pn7?PGdG_`sU}!R<{7v>!xa)Xyh`axwy+*xl7AyW8B zP10xW4jT*2WtG{zQ{8qwlo+ZwMDWsUXqZ$nV*Y~D#h+zPW1ojpbFT(kj9(L(hMg!- zyD%k<@UN@_OP??s>l8U}se_E>U5;HWc+ox|(MCND8-y-DS@@uCY7RT7g_d?gD&4)=rfhWg>`zIWMGNxcLYkk{~T=roAqD(i;lW|7fd&<`hlZqD2ma z)1*S=TzPw76J4&HPSb`8$3SdvG=c&F$D6BK_Y1EAiZuOsl{3W+X_Ay_br@7T{ z`PqZ7oY>2>VXotA4~LqE4P|@dRUS-OV=h`-`=EeB`g_-y#`VPyMG~mWYIC&c53@ki zQS1U*0N1Id+Z#>&*lML{8Q4KlRb7JAhd~;)l-CTx(+RWrx|RpLQlBNKmIKGC1`;RP zO6QH>?w}|2Cxxi&K!(~4WMoHIt^f}K{-$@SD4(H2NaVGPr5l7^ge6AK=woWayELAp zx*rXTEDb`#y)u5MCH?QNR@2GWJW7sF6CbjPdCEM`>RPg^5Al~$+i#^A>2RFCYjqaB zIM#C}4F*~PmeZXFxEyq?2bOE3VMU-^D3)&o+MxO=(sG#0E}1z0sO<$^#X)K{*|f?9 zHZ_c1MM>5w!lvWsd?7QoiL7zSMku2sw2lR51nG&HUBt78o4hx<9n+>BgvEnlCBmp? zx*Z2Cg`u3yF`PdG!<@RzwG8=yuFdrYE0bmdhALmlFijCp(!oL#*(EU|Xi5s@4aEDZ z3Fq*BTd|&T;vEswaHvDZPTrlQ^JJc~H{>phD|Pm-aVZw$svlNXOg^8f0h!qHu4{$C zIj=-L>`xIG>KbVCJ`bbR6rhw(Rzh%8VFH(!rDN%dn25^R;B~2s2UuqPy$Ky*za7r+ zZ8ibkfOSv?e|m5f^x~~U;?pjb8%2b3N|xzz46Z#sQ4XaD2XPeVEPIV*8BzZ%7OT+e zQ=pelDCFfDTKJccE9h-g;xR0hE5uIF6#p>3hD|>WftzB(KuVFY~ME%{O`t9Zoh;tCY*U zm8=_|?$M`+UW|~O8TUDZ@l?A(j?X#qWLW2b0b*^6zYDMNyWpzR#9V^&2qGMYEZH}BS>8{fzyb1zv{cvocaYjy_v`KlLV<4|;Mp~cC z8?s)m_=q&p>;sx7`nc9uTW-)6f?QGS2YdbV!fDkmRb{=iP$F?HZ{VC2zX4j1}` z?NwH(I*xt4Bp{+Y3xyisTc45llwUvR7x-~crQDC$*OhgRz%GpFu zPI}3@qUr{hpgGml|H>S)r*{5$W)N4dc(!aO47CCUnyg^P&Eoi*Twaa{u5eqBtfu(vg#o z!c=csVs~n+B9F zLAlDh{~2-RA+c4P)7NKP zoWFH~c{gvAbpOkSh6D|59Q**dHtvbh~ zM`8)SS?{Y^RcCt+{3;HwXOwsTa}kXMO1zDZQ7H3Tr3P(*f#NW>r!j*w7FI0A!!Jqm zS!{B`)l}Mw3fyeuU0n))RJd1j;GQZRy*63#IN}>)9YB}+i13G-0+|!PiXA6JhZbj& zQ$qxp-@>YtTTQM%)C9A#t}&Z$TZerL7I3DKQxygQfOga~7M6dg6{b-VFcaEw7-^ZN z1igdq`ZmYx61`2)25}ld+L5V%lrd2^!!IO&O=MojC%ecWA_59D!ow5|Op$l)ucuzP zoDnBws7K>%onzQu1i!Kj7E`EeCY}bn6=<>8(fD&)9Gz;0uDp zLr!j4$sJQCPRtA>8p@4Dr7YBAbDh4&e zxc*t`6ca(PM5w+p40K_tyM%Jy+(XTouNR9r-1T2o+Su4EU5Gk~0EBqvnq{n{QYqMa z@0lR!*(;N(xsqOM10Y z46qz1;4=Yjk-k?)0dr6rnbl$zvZ@WjAB~e^K!fpK__Y%IXkijZu-|#6{-QU6_Ris3 zde^yQ)2GL8iU)Z&xAVH~?{Cj&AP4xbHM@a#~9|k+faY~ht04(zCt9Y)M(TwRYg%e{1{W3o}=-^+Bwk3&#+}`SYarxMgw^k zYKv2~@OvM(ZS+*)P_dl`jGHng{O}t;ZI2qas-itN`S;V7^#vjXFkl~P;@bEB7Aj7Z zOBWn=?RS0AYnqY0KRew2OR4zygz+!HmwrSNwn|3CrC-#qlK(H{r#O4fG#XCpj7iDpF*|@xT#xkb z1LFFDnF#nnQ5_V43rFmxiT)os!6HxAxWx7~RG{f|IXglhx~P z`UDva3p|x3WKUPC?Xlj$nKJ%!LiZ0NdD|Y&JF4{)Un(3mP#O;*g7=?FjHHd8%2r86 zH6p5PHCw6sZ0<72HtZAbPR(s4M=F05l^#~pH7Ky7A-jzcAHhHr7+$hl}=vj2u;kK7YtjDx#ceff(FZ*1iAA#J9G zF^QYG?{=fNKNc(wna)ovlt>1%w6aBt_x+8)M8|~#w~jvRyjOl7Q)+O!y%~%t2p0t3 z!&+}GA#c&!*=ycw#V%i0j>AY-l2U)w>Cnvv1Db~JDEaQP5)KzMlA9l0`y^22R~?N- z1!gdx<93}3~MfPhAh;9%ei?Rb6)TLML&2F|q z0;IpgkIT&BrD~FlXY$&P@efT!NY)|JTX+&4-jSo{97(YY#4^0;EXc`>IRq_NX^h&`={YD__vIVc9=JX4uf|z0L#hR|Zt`nzKR~y7E7!sD(!BKP zJ}jyKlkNrCxB1TPv8`@ZFc$>4CMHbO^()sU}H2C zP6~skWkhufiQBw@{B#90)OzMvk;k@g|Nk-DK3#9wokk9dClR)wzOqDu+D!s)`x^Nqe7= z8Qt`vcNMNFZ5KL)GZ3<+4d+nHnav35ztLICtS&EI!}H1oV+uq;fl=b#NByz8IJ#Pp zO)PKX2y{53lLb@94}usxAq5<2UL9_l36I0X3~p-fPOP?ZaGg=Yth2)OVQ3VNLCN?( zv^KW8W)g0FOlacf9maSfa|0=ej6iRA7r?N|>isE*jm zCFD@@OUXo%#(C`&%D2#2$2)>CGoj7NCA84g{#~Z;ZkTYbniapC1w<+3+>;1MfLPBUCfLluNpy`FnUX)Qnl zfQI$iTub&1iBH7f_=2fH3whQT?v2ayj9GNjlM-fRS~g{ckDSFUUkl|B0X$K(swF(0 zZ)|ZHHNP#gU@$6domm@Q=`LNpQjh@h`P&T74L;v84w5^_M&tEG#b+L3S>ipWV}BE& zO}BzOuMNV>Ey{6bP*!Mm)*_AjM6CPLfoU^N%a()xs)D`$mNWYaTKFJ{!+q@s|9OaY zzzOg3(Phb_{t*XlvrxVz$@F44FJp*%}B zDbe>P5G(Is_q*W{2{P(uZA#AQs5p-+&*N1c;NbKX``5reE27xH*!Sfc|ABoU+%}%R zjrGN~+xSDxZ0Mf)*Q~8W;_qMKQ_COQ_~8LP>f0nT*Qqb3d`ISi=GI~$W)f;XXNk5+ zxq^}zpSF(-BP;RDU_dSv*Q-_#lXWcvr&np_<;K(Q8_17$${7jxUwQHXV65{7`Vt_q zQL=EU$QY2e!Z;rs}JX*KVCrH^(Xl+Z1nznFMJ%>hv<6m`i+ zdBPIEvsxR))NNObsGmhei{Y4)<6qdWp;p!Uo94jfFW6*=^AQd_rc-Omr@ekh*mCPF$3c zf6ybzRTLFtYYn`9oyjG`dj*^EU{P@|)WfWs3~+zPw3caE7_wMW-)GvwxPx@W`uR@p z817NG^YM5}6-kG2pwd6MjG#H)*Y$yy?;|9_=bOFp9r`qcmB}d=34>S3XI2o(#+!#A z+}wyG_&d;(;MCepBQwF~@bHK;F#Ps&%L~hwc%VilqVQhCS#(%#?sZbV;StmkG+evm znXEQn2%*QMcgE5XkVT6R8#E`$;o3l_9(PKq4YHxN8s_rS?B;Mru!}g#1$^Ijc(A

a>ixhu-q$Ek%e57lFeIm|Q)ar9}E{ zJsrScs+#|KLAx-y!pe(>`U2+r52Pk|V1!DQD25PJhgOVft?qq{LB@ss5?D6O8mKfl z&djjpX<*)&-(K*DK%Rw*9@*FoALU5co-_J&APO=ws2_PXJjlRs89pbb+=Hax5m9?k z?BC&blcMD1H@f@>MhJuJ97`C;i&3VDDgS5xj~C=Y#?Tqe5JsPAkk+j%T|EsZZtKU) z%L+Sw@CL1Ul$e2s9%h3Hfg%EDqfaEHlF`n^5Xg8}^j{mNu-?1Ak|3n93HG#EubdT` z=Oe8c+_HYbI>0q$)^bghPY2n?>tW%2m*TNQJS&IVNBRo}KX;cVhgP%J+=IEFuQhmX zpP|1g5hZ?2=N0sNyV=#e2RpMUPcM~+r&`BP2=F~L=fX+Qu)%B6-&pnizv&j>u?GKK zyWvs_0NAtQLi|bqAMs_a68?hfI%1{;NA$Ag;V~&B2r-`wO?n!!4m)`%YH=Ry;~I6f zC#9q-FO31VtI{SC%AQf|y$%gdGXF-_VZnRfa6I-Q#Vx*W1SIflzf5!h1|G@nLD}A8BB76v> z_0=JBluOO7k^=!++q7X|fS@6qCD1iO!oOA`yJKYlM)Fc0sG;T?FFBs|8V8cdhdHPF zz?Z#A={bty!SF@_pr2k_x;Jms>lp>IbJE3;E(ncPb}yH5N$~?JE#)gTL>i-c4)-?z zNS2{qAHh8r7J?0riz@8*2pdmG1L5^eUcXd*2GPA^4hT@*`Wfccv+1O`wcs7jrscNI zz_Dby=xjH=`FnK7h_Srd(jJNb+-uZWN_6gJh(-L##<;d2%Lz>0f33d&y1aPn zKlB&Cl*mt{s%<-G`+Pb-$&U0#<&h^lhl`*3QUezn4vz}vtFCAHkQZR}2K7bb3w{+( zr@os6MM4}lwd{;-z{C_ch!sZ-Jb?T}{v-dNXmjZIb|Q7$PYEWF{aS7kV&wV;`bF(a zNmWFOkY$CyyNv*@k7uyUyNw`xaO3Z?6Y$TkSXFhzeT6&UVIGV>i3h2$qIXvB)aM1Y zEswxrmdJdl2J?0M9zu|Jx>WU&iS*!HbwP{*`rhz1)K8SUQWvAtk6hq@uOpJIeVDA) z+4$w?9{l5zddQ}cc$D92pU6fvbsb33MN7bcz+2e!M*z%4?%HSDyS&I^4;{4?(QnOj zw2L6sq%#yd%2B`AU=I?*Kxo6u6E945SSJL;jtuHs=Eyfkvzh!KOc~#$rvp*45QoE} zgGU(D+?vsPYZcBHBbRXIDs%A2uujFne9Q7FQ@fWw?Kh%>O0_zPwTK7xTgTwrrOsh^c;(VkG1u?bRUlb$hzK_PrTVKzZoiGiKMaB{{3mVUDrk5E#l_pUroUL+ zFLFBq4%u+ydxYBg)?q+y>agMR|8quw?2}tt;?T~Y8V(%aW);V5Kic&7AEc0g9(I+t zwUx8oyiot;k$E`}41OD}kN~h+fRtXX@%gHY81gT6&!T6%heZdSTrNp?PtHX$@pQB| zSeBv5^;#z85u*67qr{)lbTXqBHeJUymuEaAKELwVCLYM?Nbm6 z%t_VxrT4V40*2%Bw;4l#mgw(j|D9DT$~`&P8HqxY*8oe9ro`LuOcpIq5=t^0$5m z^Uql!L7+0KY3jb2k_DYZJdy_O4Z50b)f8(0yo1J{? zJt5~*fuf}}BhSZ|&Boe@iJreSd?uNu#N(b=BY1CKD4mq6x{LPRmv8TeU;utaZ<0ho zTx~Tg6JApm!T9^GyYO&(`K$Ha(0PJqzV#kp{rYfjp$SS&TnxKBx9K*V(*S^|Xi00V zPjUO3CU4nKdELj52(?#1t!>(OIdX!rFHCzc6?FS&+c^e4GeSZ-iLF;%(d}z3YZ=8W z7LW4n@=u46;oPlx8D0bmLvL#Cqle}7XJ8e)YoTF}Z;_Pk4xug4J~^L&%tE4_io3fG z_j5;^$oId0dEO4nZ)b^cK?;~ChX>_tCfF)bsgi|k#+7_rjz0kp-2%f(HuyjV@9S~h z?K{P|(@3q!{f^5zgkH* zv970Lvf`S4~D%>O?8j_WNfSo@FssWC}r= z=iwFv8v|6G>Zpsgr$gO(L}e)%_wd)lH{P=j0!)pJC8JF`nn^+?{$HdVK){5}&r2n@ z1tmAN^IP~dJ6$GbpNIZm_0ZlgIB=kQ<}}0m(ckJl+Lv{(-aT=dyZn)wu1&}8oWlh< zm1>uFb#-llu{gx(B9Vi~@3m)@G5rQ+n}6B*z2{JaGmnza_axozkfG*6%oP^1`(AFHeL4ef_*`%CENtN!V>% zK#n^6+S(jQclyZVBb{ge{F?i9?J_S90II!sKh2+tm$x&+i50V2*&lGfzwC|^ysYhY z&MZIjVy-{F5-#^g8bvtPZ_?Swco*-VS(TMbw|?sr;qnNx;YE?bt}xi{e(!hcKW(|4 z>#y6LgIsC&y82k1-p2 zW&@!n`+Oa_q_EBUZfW`FN86s5Y1a7a__SWoVtO~O-fTPfYGeAQ-f-R(z}y2H{O7IszA(1uGO}ievhS{XbnmWmsf*~B z?+0g{7K&@BLS66uJXl6HUvCKi@^mI1zLZkiv)0*++t^FE12(^rqTk~#+rv92a{Rlw)r^Nu@_4md2#I^2vFd*^B>iNmVM#gPK+h+%S`n{|Hv$70H zDxWI(u4jF(J;CNha9cMeRR-s^bL&2rXEu>k>J|QT>-iJ`@3YZRdu!uiP7<+ixM5$3 z>ui^-$1rcw+xitJiqGrUj4!RLZb&vS_TwFlq29FXrgN!oR-2bPbZ@Qe!E@e3Wc0AD z51{tHLsAat8_nzgkv|szwd{5NGc8vS^;4l>x=YN(cDIL^Mo?~DKo;)rQuEMo88<8x z?EBH36vPGlPptR<8j<|}eQyDE0seQ=lP3(SJI((;$>s+}GwRV!2QQ@{7MS`9hYxvi z?)Bo4>ynNuipRP4{^Lu@IM1@~+%1>6Pv}~kM=h0)kBZ3L+e@PbeS|R{Mow|(}oWY zxa%w|4~MVCWXQ~kL%R{%lQZyJ*3;@FY(uPUV^|4DGajC-Jaezb7)Gr5u8>rio!oP- zO7yGeEq_{Ujx0&A)FjuFk~!{R`v&-qVY#73;3mQ>t6n`O?|_MAcYB-g173mD=eHdv zo%D$ceALkdYL+bsK3cEaANE1JY`c&y%7}$3!m@&m!-ex1 zNh6O5a{FDjx3?QTJ_(gMNI{CwEfrhJCR}w<8;DYN<`}rT=BM*QloH*bU%&_GsMJ)k z-4`9PNYy%CBUgL^Zp>*DzK!YTsT-hGCY(1z&_cCpBZf{hvmWSNQA?^Ojd%y4@QsIG zlNb$+;U}6O?iH^)wiln>90q-MQMV6TZEn+X$ahX#Eq_?N7obbmA z#b)MB=_-{ms7EY2+G5x?;#Z`&qHJ2oP=2q@xVvShplms>>>MA01-YA?&@z5_m>ACG zjc8Vtlu2)u0Ie$K^tU`xll?4gmeXS~&%@R)F@aqr_~p!C4!>#=hGjBTSM|RiEtj>m zMKJzyUp8+ur+c;CVC!6+V-Q|6VzyxF?QtH+5|rJ4jAk&}*Z!yX`L-(g12ExHyjd(* zG}hcve{*qLjntt))1~#$f(rtwy3ZQE$1Isx`yx7$VZOQX*G?t>fRa5hMbE`9;{(q zQ`*!N6mqiFqt|`5&RBK`IFIl-Ru5M`=GN7j3n`RH8hzzU=U*SD^yl#U>jwuPgWqoF}^l8gFIr%EAuRhUiBOCOb zwvRzFH0IHoEB0=6-1?*}f~SVFsyNNv>Zz&j%agmQJF}+g?~zxaFL&J69a*gEQJMQk z!s%0fo0SBp)2}L5b067jmfh%R6(o~uMBv^!J8S#oI2zteH|yA`uWJ%h*{hy)(gOdt zfxPWp1G~HQI#^~3GoM=(#@VC%?kcm4F$uxeM=i%Rd&3?4COX?@wf<`LW93-by0XKj z$oc#F*rN|iRjb|0aDR@>I@u2#gzv}7w?H!t2>u$WqHI{fnN#CjYwszHU%7xJVg(MlVz0BQbgz5IuGXq zwo_G6+2RSKNAX5sB6A}~s9cv|K-qA<##65%H||_Uo0tWcV^N^J?C=iDe+!WbZuZQK z>XxlqkS5wJ7j1Dl_tIQTa*f^c@M4SCw0>_1^VyA!>|@-t%13k{rHA5Ab7po)`c(Sk z&;{@s#e6N4%$OUwwA!`aR~(3G3LLi_005_9^AoxVorCjO(N#ABoH}mI$eKT<6;i1*ya3N%1WYuMd6pRG)U^5hu@t&; z;m?H8#vi4wvSPk8Gx7e1;s-}D)}JNEIdy40bHhS`f8yZes`+C^r?tvQ7oferTSuwv z#>@4^h;5Y`-kAkuDZ6fFjc{uqDIieW|Di+r7_S z2M}PCac{7kfbl?yXtP=rAz?y|`aPF|U2h^SH629=D>GBrZhgA^EsmBqs%g1SPHxx*sJQ06@@|R-YuI2#~1C*zE?c7a$b!NT*9c(3i5$=VQaC zq`Az~c?APtRTceHcaVw*YJ8w0`CX*lvZ>dq9|?(+7Dd2IvnkbU)Y~Yg$@J)`1K>1l zG@*&$)IJh9nUHwIOEdAPGe~_#8&Y%yBLpMcevYK+B9DODhb^S1rbQl5bULM@R{gAz zq-jwe@vl`2w?yaf$ddf&C!|mbILB4R@>jQXh zU--NO4rB0r;!}bywT(rv?+}UT z6yymZ{z>`GtMb_~r~7x+NqkN?-;9aEnDcvA^0RZd2e>ZCDC6E>IRWDv0dw4V@^TmA z6}*lgnOR;A?R5XbhyG5{Lfz`q0}YYMfh z6-?xrp_BkH=8#W5dlHV44FI%R{JkDt&MeD3ID2n)0`Hd8?S&@iSEdc>Hm&V~CFauF zxs6V>u-A>Ru1yPw)^|2*pSSgU1UQc4I84cfw$m=*c#HtWbeWX@tkJ$~NC3cLE*yV4 zv_E2q+YF6rdjklMairHfyCS_VL1Wz4yJOwr`H^@o8Jk+nB!G76h3)*l_`;CCunS7u zek`@}{4o%FZzo@@%Nc$6yz3HsbL<|L#i5)eU|cTY`nGq6l!xOm zCntW$=$FrZN;-GaDR91ho>kEv@wwRbas)t->*lT-W!xWZ?SS!ZfMWUtsqNPt55Q|5 zTIHdCDyJuvoo%b>Qa~IIg#Z8qRl~=X@)4mx-DcT3>;TA`Olp;;OTlvv3Og0s2O)w< zyV>@r=hQ#iBc?A1p^)D@9n4datjT`sudXyXoDu+%wOFTCZF>OJIkMfGWup+Hgm?fz zec$f`^gZGCS0CAY(fDTWW2Tu=5J=d-^oQnjq@G^ z^NOyxANCq91<$Egj(9CD0RW0=vRkYB@{|MsAZjXV?jN*00NQEn?KRw64P7v*?M+UV zb%oZ;hYkhWsaNV$)s-*F2`=3jbaF(%+)B4v*e)D)C?FnlXy9*z5IrS#p5oG@()PQO zO#rwtjDYqB7p>cBb|}!!VWmN3H5L@8qBa4|%3+5B?bM5Tt3igX2aQXZP{Zv%YaI&U z*^QH%HS&rU>wG9RT?#<#1FPDmch;##?1Rz~q2Sr&13RK?!O7Nj*98~_>e|irH}zVG z2Lr1UFuoCZ#YiWL*3OpYBSDTEOP8|_q&!~McCELY1&RcD#+VTSU^czbD_UsC zS`Yxxq_NyBSZ_BAfF;dXm=*x^x#VB@?f=zKM3IHyiO&F8*SP%7mba8!o<$t)kE6vPL7Ob~h`&iOcNjRZ{if$x=YTH}y35=`r>1hlA+QPD1u-&+$sEKMz>69Pccn~{QCcg-kt z8++EttenI6Ua0VI@=$a#{t0aDfWi36P|v9y*bz-(2?2w_cv!HUfWi2x&}QNFFI6-%ud`Vc zgTZ)Uu(bom*N3egFc=KRLxj}{7z_r3!C(NeoPfb#Fc=KR0G1Ol7z_r3!2n=60fWI{ zFc^#hEGJ+v7z_r30l;zs27|$1Fc Date: Mon, 21 Dec 2020 17:51:07 +0000 Subject: [PATCH 4/4] add content: known logs --- content/markdown/known-logs.md | 102 +++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 content/markdown/known-logs.md diff --git a/content/markdown/known-logs.md b/content/markdown/known-logs.md new file mode 100644 index 0000000..9cd877f --- /dev/null +++ b/content/markdown/known-logs.md @@ -0,0 +1,102 @@ +--- +title: Google / Known Logs +url: /google +layout: markdown +aliases: + - /known-logs +--- + +# Known Logs + +The list of CT Logs that are currently compliant with Chrome's CT policy (or +have been and were disqualified), and are **included in Chrome**: +https://www.gstatic.com/ct/log_list/v2/log_list.json + +`log_list.json` is signed by Google, the signature being hosted at: +https://www.gstatic.com/ct/log_list/v2/log_list.sig + +`log_list.json` and the corresponding log_list.sig can also be obtained by +downloading the zip file containing both of them, found at: +https://www.gstatic.com/ct/log_list/v2/log_list.zip + +The public key to verify `log_list.sig` can be found at: +https://www.gstatic.com/ct/log_list/v2/log_list_pubkey.pem + +The list of all known and announced CT Logs: +https://www.gstatic.com/ct/log_list/v2/all_logs_list.json + +Both `log_list.json` and `all_logs_list.json` conform with the following schema: +https://www.gstatic.com/ct/log_list/v2/log_list_schema.json + +To check whether Logs are currently **pending inclusion in Chrome**, check the +Chromium inclusion bugs: +[https://crbug.com/?q=component%3AInternals>Network>CertTrans](https://crbug.com/?q=component%3AInternals>Network>CertTrans) + +## Special Purpose Logs + +{{< log-callout url="https://ct.googleapis.com/daedalus/" base64LogID="HQJLjrFJizRN/YfqPvwJlvdQbyNdHUlwYaR3PEOcJfs=" operator="Google" contact="google-ct-logs@googlegroups.com" >}} + +Daedalus is not trusted by Chrome. It only logs certificates that have expired. +See the announcement post [announcement post](https://groups.google.com/forum/#!topic/certificate-transparency/GUgWzCSN30I). + +{{< log-callout url="https://ct.googleapis.com/submariner/" base64LogID="qJnYeAySkKr0YvMYgMz71SRR6XDQ+/WR73Ww2ZtkVoE=" operator="Google" contact="google-ct-logs@googlegroups.com" >}} + +Submariner is not trusted by Chrome. It only logs certificates that chain to +roots that are on track for inclusion in browser roots or were trusted at some +previous point +[announcement blog post](https://security.googleblog.com/2016/03/certificate-transparency-for-untrusted.html). + +## Test Logs + +These logs are intended for **testing purposes only** and will only log +certificates that chain to a test root explicitly added to it. + +To add a test root to the Google test Logs, please email +`google-ct-logs@googlegroups.com` + +A test root should: + +1. have a certificate `Subject` field that: + + a) includes the word `test`, `dev`, `demo` or `staging` (to reduce the + chance of real certificates being mixed up with test certificates). + + b) identifies the organization that the test root is for (to allow easy + classification of test traffic). + +2. not allow real certificates to chain to it, either because: + + a) it is a self-signed root CA certificate identified as a test certificate + (as above). + + b) it is an intermediate CA certificate that chains to a root certificate + that is also identified as a test certificate. + +3. be a CA certificate, by: + + a) having CA:TRUE in the Basic Constraints extension. + + b) include the 'Certificate Sign' bit in the Key Usage extension. + +4. be in PEM format (with a .cer or .pem extension). + +For historical reasons, Google's test logs include some test roots that do not +comply with all of the above requirements. + +Google's test Logs are: + +{{< log-callout url="https://ct.googleapis.com/logs/crucible/" base64LogID="w78Dp+HKiEHGB7rj/0Jw/KXsRbGG675OLPP8d4Yw9fY=" operator="Google" contact="google-ct-logs@googlegroups.com" >}} + +{{< log-callout url="https://ct.googleapis.com/logs/solera2018/" base64LogID="UutLIl7IlpdIUGdfI+Q7wdAh4yFM5S7NX6h8IDzfygM=" operator="Google" contact="google-ct-logs@googlegroups.com" expiryRange="Jan 01 2018 00:00:00Z inclusive to Jan 01 2019 00:00:00Z exclusive" >}} + +{{< log-callout url="https://ct.googleapis.com/logs/solera2019/" base64LogID="C3YOmouaaC+ImFsV6UdQGlZEa7qIMHhcOEKZQ4ZFDAA=" operator="Google" contact="google-ct-logs@googlegroups.com" expiryRange="Jan 01 2019 00:00:00Z inclusive to Jan 01 2020 00:00:00Z exclusive" >}} + +{{< log-callout url="https://ct.googleapis.com/logs/solera2020/" base64LogID="H8cs5aG3mfQAw1m/+WyjkTVI6GRCIGEJUum6F3T3usc=" operator="Google" contact="google-ct-logs@googlegroups.com" expiryRange="Jan 01 2020 00:00:00Z inclusive to Jan 01 2021 00:00:00Z exclusive" >}} + +{{< log-callout url="https://ct.googleapis.com/logs/solera2021/" base64LogID="o8mYRegKt84AFXs3Qt8CB90nKytgLs+Y7iwS25xa5+c=" operator="Google" contact="google-ct-logs@googlegroups.com" expiryRange="Jan 01 2021 00:00:00Z inclusive to Jan 01 2022 00:00:00Z exclusive" >}} + +{{< log-callout url="https://ct.googleapis.com/logs/solera2022/" base64LogID="aXqvyhprU2+uISBQRt661+Dq6hPSQy5unY+zefK5qvM=" operator="Google" contact="google-ct-logs@googlegroups.com" expiryRange="Jan 01 2022 00:00:00Z inclusive to Jan 01 2023 00:00:00Z exclusive" >}} + +{{< log-callout url="https://ct.googleapis.com/logs/solera2023/" base64LogID="+X6XuNM+96FZAqU6GeF5kOXcQGoDGCW6rZPpj5ucacs=" operator="Google" contact="google-ct-logs@googlegroups.com" expiryRange="Jan 01 2023 00:00:00Z inclusive to Jan 01 2024 00:00:00Z exclusive" >}} + +{{< log-callout url="https://ct.googleapis.com/testtube/" base64LogID="sMyD5aX5fWuvfAnMKEkEhyrH6IsTLGNQt8b9JuFsbHc=" operator="Google" contact="google-ct-logs@googlegroups.com" >}}