From f3a8f96f1c1df19e90a4ee1e203457100b452ad5 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Thu, 16 Jan 2025 15:50:08 +0100 Subject: [PATCH 01/17] update deps --- pyproject.toml | 2 +- requirements/all_requirements.txt | 20 ++------------------ requirements/dev_requirements.txt | 18 +----------------- requirements/nlp_requirements.txt | 11 ++--------- requirements/requirements.txt | 7 +------ requirements/test_requirements.txt | 12 +----------- 6 files changed, 8 insertions(+), 62 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 7afd794c..3f3d8ef3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -35,7 +35,7 @@ "matplotlib", "numpy", "pandas", - "pdftotext", + "pdftotext>=3.0.0", "pikepdf", "Pillow>=9.2.0", "pypdf[crypto]>=3.1.0", diff --git a/requirements/all_requirements.txt b/requirements/all_requirements.txt index 13693653..6d30aae1 100644 --- a/requirements/all_requirements.txt +++ b/requirements/all_requirements.txt @@ -20,8 +20,6 @@ appnope==0.1.3 # ipython asttokens==2.4.1 # via stack-data -async-timeout==4.0.3 - # via aiohttp attrs==23.1.0 # via # aiohttp @@ -136,10 +134,6 @@ docutils==0.19 # sphinx evaluate==0.4.1 # via setfit -exceptiongroup==1.2.2 - # via - # ipython - # pytest executing==2.0.1 # via stack-data fastjsonschema==2.19.0 @@ -428,7 +422,7 @@ parso==0.8.3 # via jedi partd==1.4.1 # via dask -pdftotext==2.2.2 +pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) pexpect==4.8.0 # via ipython @@ -714,21 +708,12 @@ tifffile==2023.9.26 # via scikit-image tokenizers==0.15.0 # via transformers -tomli==2.0.1 - # via - # build - # coverage - # mypy - # pip-tools - # pyproject-hooks - # pytest - # setuptools-scm toolz==0.12.0 # via # dask # datashader # partd -torch==2.2.0 +torch==2.1.1 # via # sentence-transformers # torchvision @@ -778,7 +763,6 @@ types-requests==2.31.0.10 typing-extensions==4.8.0 # via # alembic - # cloudpathlib # huggingface-hub # mypy # myst-nb diff --git a/requirements/dev_requirements.txt b/requirements/dev_requirements.txt index 4d6c5fd1..c09140a0 100644 --- a/requirements/dev_requirements.txt +++ b/requirements/dev_requirements.txt @@ -18,8 +18,6 @@ appnope==0.1.3 # ipython asttokens==2.4.1 # via stack-data -async-timeout==4.0.3 - # via aiohttp attrs==23.1.0 # via # aiohttp @@ -103,10 +101,6 @@ docutils==0.19 # myst-parser # pydata-sphinx-theme # sphinx -exceptiongroup==1.2.2 - # via - # ipython - # pytest executing==2.0.1 # via stack-data fastjsonschema==2.19.0 @@ -291,7 +285,7 @@ pandas==2.1.3 # tabula-py parso==0.8.3 # via jedi -pdftotext==2.2.2 +pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) pexpect==4.8.0 # via ipython @@ -508,15 +502,6 @@ thinc==8.2.1 # via spacy threadpoolctl==3.2.0 # via scikit-learn -tomli==2.0.1 - # via - # build - # coverage - # mypy - # pip-tools - # pyproject-hooks - # pytest - # setuptools-scm tornado==6.4.1 # via # ipykernel @@ -550,7 +535,6 @@ types-requests==2.31.0.10 # via sec-certs (./../pyproject.toml) typing-extensions==4.8.0 # via - # cloudpathlib # huggingface-hub # mypy # myst-nb diff --git a/requirements/nlp_requirements.txt b/requirements/nlp_requirements.txt index b6646873..314dc84b 100644 --- a/requirements/nlp_requirements.txt +++ b/requirements/nlp_requirements.txt @@ -16,8 +16,6 @@ appnope==0.1.3 # ipython asttokens==2.4.1 # via stack-data -async-timeout==4.0.3 - # via aiohttp attrs==23.1.0 # via # aiohttp @@ -107,8 +105,6 @@ distro==1.8.0 # via tabula-py evaluate==0.4.1 # via setfit -exceptiongroup==1.2.2 - # via ipython executing==2.0.1 # via stack-data filelock==3.13.1 @@ -341,7 +337,7 @@ parso==0.8.3 # via jedi partd==1.4.1 # via dask -pdftotext==2.2.2 +pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) pexpect==4.8.0 # via ipython @@ -551,14 +547,12 @@ tifffile==2023.9.26 # via scikit-image tokenizers==0.15.0 # via transformers -tomli==2.0.1 - # via setuptools-scm toolz==0.12.0 # via # dask # datashader # partd -torch==2.2.0 +torch==2.1.1 # via # sentence-transformers # torchvision @@ -600,7 +594,6 @@ typer==0.9.0 typing-extensions==4.8.0 # via # alembic - # cloudpathlib # huggingface-hub # panel # pydantic diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 826b3ea8..4b985619 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -58,8 +58,6 @@ deprecated==1.2.14 # via pikepdf distro==1.8.0 # via tabula-py -exceptiongroup==1.2.2 - # via ipython executing==2.0.1 # via stack-data fonttools==4.45.0 @@ -154,7 +152,7 @@ pandas==2.1.3 # tabula-py parso==0.8.3 # via jedi -pdftotext==2.2.2 +pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) pexpect==4.8.0 # via ipython @@ -284,8 +282,6 @@ thinc==8.2.1 # via spacy threadpoolctl==3.2.0 # via scikit-learn -tomli==2.0.1 - # via setuptools-scm tornado==6.4.1 # via # ipykernel @@ -309,7 +305,6 @@ typer==0.9.0 # weasel typing-extensions==4.8.0 # via - # cloudpathlib # pydantic # pydantic-core # setuptools-scm diff --git a/requirements/test_requirements.txt b/requirements/test_requirements.txt index a6c5d71f..adb5e3ac 100644 --- a/requirements/test_requirements.txt +++ b/requirements/test_requirements.txt @@ -62,10 +62,6 @@ deprecated==1.2.14 # via pikepdf distro==1.8.0 # via tabula-py -exceptiongroup==1.2.2 - # via - # ipython - # pytest executing==2.0.1 # via stack-data fonttools==4.45.0 @@ -163,7 +159,7 @@ pandas==2.1.3 # tabula-py parso==0.8.3 # via jedi -pdftotext==2.2.2 +pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) pexpect==4.8.0 # via ipython @@ -301,11 +297,6 @@ thinc==8.2.1 # via spacy threadpoolctl==3.2.0 # via scikit-learn -tomli==2.0.1 - # via - # coverage - # pytest - # setuptools-scm tornado==6.4.1 # via # ipykernel @@ -329,7 +320,6 @@ typer==0.9.0 # weasel typing-extensions==4.8.0 # via - # cloudpathlib # pydantic # pydantic-core # setuptools-scm From 2165a661fdca61b5753164e5eb2aaf1619ed7c85 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Wed, 22 Jan 2025 10:48:00 +0100 Subject: [PATCH 02/17] refactor auxiliary dataset handling, heuristics computation --- .../dataset/auxiliary_dataset_handling.py | 253 ++++++++++++ src/sec_certs/dataset/cc.py | 289 ++++---------- src/sec_certs/dataset/cc_scheme.py | 6 +- src/sec_certs/dataset/cpe.py | 10 +- src/sec_certs/dataset/dataset.py | 368 ++---------------- src/sec_certs/dataset/fips.py | 132 +++---- src/sec_certs/dataset/protection_profile.py | 37 +- src/sec_certs/heuristics/cc.py | 86 ++++ src/sec_certs/heuristics/common.py | 132 +++++++ src/sec_certs/heuristics/fips.py | 42 ++ src/sec_certs/utils/label_studio_utils.py | 78 ++++ src/sec_certs/utils/nvd_dataset_builder.py | 12 +- tests/cc/test_cc_analysis.py | 48 ++- tests/cc/test_cc_dataset.py | 10 +- tests/cc/test_cc_maintenance_updates.py | 4 +- tests/cc/test_cc_schemes.py | 7 +- tests/fips/conftest.py | 30 +- tests/fips/test_fips_analysis.py | 20 +- tests/fips/test_fips_dataset.py | 18 +- tests/test_cve_matching.py | 18 +- 20 files changed, 873 insertions(+), 727 deletions(-) create mode 100644 src/sec_certs/dataset/auxiliary_dataset_handling.py create mode 100644 src/sec_certs/heuristics/cc.py create mode 100644 src/sec_certs/heuristics/common.py create mode 100644 src/sec_certs/heuristics/fips.py create mode 100644 src/sec_certs/utils/label_studio_utils.py diff --git a/src/sec_certs/dataset/auxiliary_dataset_handling.py b/src/sec_certs/dataset/auxiliary_dataset_handling.py new file mode 100644 index 00000000..4efc823f --- /dev/null +++ b/src/sec_certs/dataset/auxiliary_dataset_handling.py @@ -0,0 +1,253 @@ +import gzip +import itertools +import json +import logging +import tempfile +from abc import ABC, abstractmethod +from collections.abc import Iterable +from pathlib import Path +from typing import Any + +from sec_certs import constants +from sec_certs.configuration import config +from sec_certs.dataset.cc_scheme import CCSchemeDataset +from sec_certs.dataset.cpe import CPEDataset +from sec_certs.dataset.cve import CVEDataset +from sec_certs.dataset.fips_algorithm import FIPSAlgorithmDataset +from sec_certs.dataset.protection_profile import ProtectionProfileDataset +from sec_certs.sample.cc import CCCertificate +from sec_certs.sample.cc_maintenance_update import CCMaintenanceUpdate +from sec_certs.utils import helpers +from sec_certs.utils.nvd_dataset_builder import CpeMatchNvdDatasetBuilder, CpeNvdDatasetBuilder, CveNvdDatasetBuilder +from sec_certs.utils.profiling import staged + +logger = logging.getLogger(__name__) + + +class AuxiliaryDatasetHandler(ABC): + def __init__(self, root_dir: str | Path = constants.DUMMY_NONEXISTING_PATH) -> None: + self.root_dir = Path(root_dir) + self.dset: Any + + @property + @abstractmethod + def dset_path(self) -> Path: + raise NotImplementedError("Not meant to be implemented by base class") + + def set_local_paths(self, new_root_dir: str | Path) -> None: + self.root_dir = Path(new_root_dir) + + def process_dataset(self, download_fresh: bool = False) -> None: + self.root_dir.mkdir(parents=True, exist_ok=True) + self._process_dataset_body(download_fresh) + + @abstractmethod + def load_dataset(self) -> None: + raise NotImplementedError("Not meant to be implemented by base class") + + @abstractmethod + def _process_dataset_body(self, download_fresh: bool = False) -> None: + raise NotImplementedError("Not meant to be implemented by base class") + + +class CPEDatasetHandler(AuxiliaryDatasetHandler): + @property + def dset_path(self) -> Path: + return self.root_dir / "cpe_dataset.json" + + @staged(logger, "Processing CPE dataset") + def _process_dataset_body(self, download_fresh: bool = False) -> None: + if self.dset_path.exists(): + logger.info("Preparing CPEDataset from json.") + self.dset = CPEDataset.from_json(self.dset_path) + else: + self.dset = CPEDataset(json_path=self.dset_path) + download_fresh = True + + if download_fresh: + if config.preferred_source_nvd_datasets == "api": + logger.info("Fetching new CPE records from NVD API") + with CpeNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: + self.dset = builder.build_dataset(self.dset) + else: + logger.info("Preparing CPEDataset from sec-certs.org.") + self.dset = CPEDataset.from_web(self.dset_path) + self.dset.to_json() + + def load_dataset(self) -> None: + self.dset = CPEDataset.from_json(self.dset_path) + + +class CVEDatasetHandler(AuxiliaryDatasetHandler): + @property + def dset_path(self) -> Path: + return self.root_dir / "cve_dataset.json" + + @staged(logger, "Processing CVE dataset") + def _process_dataset_body(self, download_fresh: bool = False) -> None: + if self.dset_path.exists(): + logger.info("Preparing CVEDataset from json.") + self.dset = CVEDataset.from_json(self.dset_path) + else: + self.dset = CVEDataset(json_path=self.dset_path) + download_fresh = True + + if download_fresh: + if config.preferred_source_nvd_datasets == "api": + logger.info("Fetching new CVE records from NVD API.") + with CveNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: + self.dset = builder.build_dataset(self.dset) + else: + logger.info("Preparing CVEDataset from sec-certs.org") + self.dset = CVEDataset.from_web(self.dset_path) + self.dset.to_json() + + def load_dataset(self): + self.dset = CVEDataset.from_json(self.dset_path) + + +class CPEMatchDictHandler(AuxiliaryDatasetHandler): + @property + def dset_path(self) -> Path: + return self.root_dir / "cpe_match.json" + + @staged(logger, "Processing CPE Match dictionary") + def _process_dataset_body(self, download_fresh: bool = False) -> None: + if self.dset_path.exists(): + logger.info("Preparing CPE Match feed from json.") + with self.dset_path.open("r") as handle: + self.dset = json.load(handle) + else: + self.dset = CpeMatchNvdDatasetBuilder._init_new_dataset() + download_fresh = True + + if download_fresh: + if config.preferred_source_nvd_datasets == "api": + logger.info("Fetchnig CPE Match feed from NVD APi.") + with CpeMatchNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: + self.dset = builder.build_dataset(self.dset) + else: + logger.info("Preparing CPE Match feed from sec-certs.org.") + with tempfile.TemporaryDirectory() as tmp_dir: + dset_path = Path(tmp_dir) / "cpe_match_feed.json.gz" + if ( + not helpers.download_file( + config.cpe_match_latest_snapshot, + dset_path, + progress_bar_desc="Downloading CPE Match feed from web", + ) + == constants.RESPONSE_OK + ): + raise RuntimeError( + f"Could not download CPE Match feed from {config.cpe_match_latest_snapshot}." + ) + with gzip.open(str(dset_path)) as handle: + json_str = handle.read().decode("utf-8") + self.dset = json.loads(json_str) + with self.dset_path.open("w") as handle: + json.dump(self.dset, handle, indent=4) + + def load_dataset(self): + with self.dset_path.open("r") as handle: + self.dset = json.load(handle) + + +class FIPSAlgorithmDatasetHandler(AuxiliaryDatasetHandler): + @property + def dset_path(self) -> Path: + return self.root_dir / "algorithms.json" + + @staged(logger, "Processing FIPS Algorithms") + def _process_dataset_body(self, download_fresh: bool = False) -> None: + if not self.dset_path.exists() or download_fresh: + self.dset = FIPSAlgorithmDataset.from_web(self.dset_path) + self.dset.to_json() + else: + self.dset = FIPSAlgorithmDataset.from_json(self.dset_path) + + def load_dataset(self): + self.dset = FIPSAlgorithmDataset.from_json(self.dset_path) + + +class CCSchemeDatasetHandler(AuxiliaryDatasetHandler): + def __init__(self, root_dir: str | Path = constants.DUMMY_NONEXISTING_PATH, only_schemes: set[str] | None = None): + self.root_dir = Path(root_dir) + self.only_schemes = only_schemes + self.dset: Any + + @property + def dset_path(self) -> Path: + return self.root_dir / "cc_scheme.json" + + @staged(logger, "Processing CC Schemes") + def _process_dataset_body(self, download_fresh: bool = False) -> None: + if not self.dset_path.exists() or download_fresh: + self.dset = CCSchemeDataset.from_web(self.dset_path, self.only_schemes) + self.dset.to_json() + else: + self.dset = CCSchemeDataset.from_json(self.dset_path) + + def load_dataset(self): + self.dset = CCSchemeDataset.from_json(self.dset_path) + + +class CCMaintenanceUpdateDatasetHandler(AuxiliaryDatasetHandler): + def __init__( + self, root_dir: str | Path = constants.DUMMY_NONEXISTING_PATH, certs_with_updates: Iterable[CCCertificate] = [] + ) -> None: + self.root_dir = Path(root_dir) + self.certs_with_updates = certs_with_updates + self.dset: Any + + @property + def dset_path(self) -> Path: + return self.root_dir / "maintenances" + + @property + def _dset_json_path(self) -> Path: + return self.dset_path / "maintenance_updates.json" + + def load_dataset(self) -> None: + from sec_certs.dataset.cc import CCDatasetMaintenanceUpdates + + self.dset = CCDatasetMaintenanceUpdates.from_json(self._dset_json_path) + + @staged(logger, "Processing CC Maintenance updates") + def _process_dataset_body(self, download_fresh: bool = False): + from sec_certs.dataset.cc import CCDatasetMaintenanceUpdates + + if not self.dset_path.exists() or download_fresh: + updates = list( + itertools.chain.from_iterable( + CCMaintenanceUpdate.get_updates_from_cc_cert(x) for x in self.certs_with_updates + ) + ) + self.dset = CCDatasetMaintenanceUpdates( + {x.dgst: x for x in updates}, root_dir=self.dset_path, name="maintenance_updates" + ) + else: + self.dset = CCDatasetMaintenanceUpdates.from_json(self._dset_json_path) + + if not self.dset.state.artifacts_downloaded: + self.dset.download_all_artifacts() + if not self.dset.state.pdfs_converted: + self.dset.convert_all_pdfs() + if not self.dset.state.certs_analyzed: + self.dset.extract_data() + + +class ProtectionProfileDatasetHandler(AuxiliaryDatasetHandler): + @property + def dset_path(self) -> Path: + return self.root_dir / "pp.json" + + def load_dataset(self) -> None: + self.dset = ProtectionProfileDataset.from_json(self.dset_path) + + @staged(logger, "Processing Protection profiles") + def _process_dataset_body(self, download_fresh: bool = False): + if not self.dset_path.exists() or download_fresh: + self.dset = ProtectionProfileDataset.from_web(self.dset_path) + self.dset.to_json() + else: + self.dset = ProtectionProfileDataset.from_json(self.dset_path) diff --git a/src/sec_certs/dataset/cc.py b/src/sec_certs/dataset/cc.py index ebffd912..d93752fd 100644 --- a/src/sec_certs/dataset/cc.py +++ b/src/sec_certs/dataset/cc.py @@ -1,11 +1,9 @@ from __future__ import annotations -import itertools import locale import shutil import tempfile from collections.abc import Iterator -from dataclasses import dataclass from datetime import datetime from pathlib import Path from typing import ClassVar, cast @@ -17,19 +15,27 @@ import sec_certs.utils.sanitization from sec_certs import constants from sec_certs.configuration import config -from sec_certs.dataset.cc_scheme import CCSchemeDataset -from sec_certs.dataset.cpe import CPEDataset -from sec_certs.dataset.cve import CVEDataset -from sec_certs.dataset.dataset import AuxiliaryDatasets, Dataset, logger -from sec_certs.dataset.protection_profile import ProtectionProfileDataset -from sec_certs.model import ( - ReferenceFinder, - SARTransformer, - TransitiveVulnerabilityFinder, +from sec_certs.dataset.auxiliary_dataset_handling import ( + AuxiliaryDatasetHandler, + CCMaintenanceUpdateDatasetHandler, + CCSchemeDatasetHandler, + CPEDatasetHandler, + CPEMatchDictHandler, + CVEDatasetHandler, + ProtectionProfileDatasetHandler, ) +from sec_certs.dataset.dataset import Dataset, logger +from sec_certs.heuristics.cc import ( + compute_cert_labs, + compute_normalized_cert_ids, + compute_references, + compute_sars, + compute_scheme_data, + link_to_protection_profiles, +) +from sec_certs.heuristics.common import compute_cpe_heuristics, compute_related_cves, compute_transitive_vulnerabilities from sec_certs.model.cc_matching import CCSchemeMatcher from sec_certs.sample.cc import CCCertificate -from sec_certs.sample.cc_certificate_id import CertificateId from sec_certs.sample.cc_maintenance_update import CCMaintenanceUpdate from sec_certs.sample.cc_scheme import EntryType from sec_certs.sample.protection_profile import ProtectionProfile @@ -39,16 +45,7 @@ from sec_certs.utils.profiling import staged -@dataclass -class CCAuxiliaryDatasets(AuxiliaryDatasets): - cpe_dset: CPEDataset | None = None - cve_dset: CVEDataset | None = None - pp_dset: ProtectionProfileDataset | None = None - mu_dset: CCDatasetMaintenanceUpdates | None = None - scheme_dset: CCSchemeDataset | None = None - - -class CCDataset(Dataset[CCCertificate, CCAuxiliaryDatasets], ComplexSerializableType): +class CCDataset(Dataset[CCCertificate], ComplexSerializableType): """ Class that holds CCCertificate. Serializable into json, pandas, dictionary. Conveys basic certificate manipulations and dataset transformations. Many private methods that perform internal operations, feel free to exploit them. @@ -61,7 +58,7 @@ def __init__( name: str | None = None, description: str = "", state: Dataset.DatasetInternalState | None = None, - auxiliary_datasets: CCAuxiliaryDatasets | None = None, + aux_handlers: dict[type[AuxiliaryDatasetHandler], AuxiliaryDatasetHandler] = {}, ): self.certs = certs self.timestamp = datetime.now() @@ -69,13 +66,21 @@ def __init__( self.name = name if name else type(self).__name__ + " dataset" self.description = description if description else datetime.now().strftime("%d/%m/%Y %H:%M:%S") self.state = state if state else self.DatasetInternalState() - - self.auxiliary_datasets: CCAuxiliaryDatasets = ( - auxiliary_datasets if auxiliary_datasets else CCAuxiliaryDatasets() - ) - + self.aux_handlers = aux_handlers self.root_dir = Path(root_dir) + if not self.aux_handlers: + self.aux_handlers[CPEDatasetHandler] = CPEDatasetHandler(self.auxiliary_datasets_dir) + self.aux_handlers[CVEDatasetHandler] = CVEDatasetHandler(self.auxiliary_datasets_dir) + self.aux_handlers[CPEMatchDictHandler] = CPEMatchDictHandler(self.auxiliary_datasets_dir) + self.aux_handlers[CCSchemeDatasetHandler] = CCSchemeDatasetHandler(self.auxiliary_datasets_dir) + self.aux_handlers[ProtectionProfileDatasetHandler] = ProtectionProfileDatasetHandler( + self.auxiliary_datasets_dir + ) + self.aux_handlers[CCMaintenanceUpdateDatasetHandler] = CCMaintenanceUpdateDatasetHandler( + self.auxiliary_datasets_dir + ) + def to_pandas(self) -> pd.DataFrame: """ Return self serialized into pandas DataFrame @@ -164,38 +169,10 @@ def certificates_txt_dir(self) -> Path: """ return self.certificates_dir / "txt" - @property - def pp_dataset_path(self) -> Path: - """ - Returns a path to the dataset of Protection Profiles - """ - return self.auxiliary_datasets_dir / "pp_dataset.json" - - @property - def mu_dataset_dir(self) -> Path: - """ - Returns directory that holds dataset of maintenance updates - """ - return self.auxiliary_datasets_dir / "maintenances" - - @property - def mu_dataset_path(self) -> Path: - """ - Returns a path to the dataset of maintenance updates - """ - return self.mu_dataset_dir / "maintenance_updates.json" - @property def reference_annotator_dir(self) -> Path: return self.root_dir / "reference_annotator" - @property - def scheme_dataset_path(self) -> Path: - """ - Returns a path to the scheme dataset - """ - return self.auxiliary_datasets_dir / "scheme_dataset.json" - BASE_URL: ClassVar[str] = "https://www.commoncriteriaportal.org" HTML_PRODUCTS_URL = { @@ -256,12 +233,6 @@ def from_web_latest(cls) -> CCDataset: def _set_local_paths(self): super()._set_local_paths() - if self.auxiliary_datasets.pp_dset: - self.auxiliary_datasets.pp_dset.json_path = self.pp_dataset_path - - if self.auxiliary_datasets.mu_dset: - self.auxiliary_datasets.mu_dset.root_dir = self.mu_dataset_dir - for cert in self: cert.set_local_paths( self.reports_pdf_dir, @@ -271,7 +242,13 @@ def _set_local_paths(self): self.targets_txt_dir, self.certificates_txt_dir, ) - # TODO: This forgets to set local paths for other auxiliary datasets + + def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: + self.aux_handlers[CCMaintenanceUpdateDatasetHandler].certs_with_updates = [ # type: ignore + x for x in self if x.maintenance_updates + ] + self.aux_handlers[CCSchemeDatasetHandler].only_schemes = {x.scheme for x in self} # type: ignore + super().process_auxiliary_datasets(download_fresh) def _merge_certs(self, certs: dict[str, CCCertificate], cert_source: str | None = None) -> None: """ @@ -780,164 +757,38 @@ def _compute_cert_labs(self) -> None: for cert in certs_to_process: cert.compute_heuristics_cert_lab() - @staged(logger, "Computing heuristics: Deriving information about certificate ids from artifacts.") - def _compute_normalized_cert_ids(self) -> None: - for cert in self: - cert.compute_heuristics_cert_id() - - @staged(logger, "Computing heuristics: Transitive vulnerabilities in referenc(ed/ing) certificates.") - def _compute_transitive_vulnerabilities(self): - transitive_cve_finder = TransitiveVulnerabilityFinder(lambda cert: cert.heuristics.cert_id) - transitive_cve_finder.fit(self.certs, lambda cert: cert.heuristics.report_references) - - for dgst in self.certs: - transitive_cve = transitive_cve_finder.predict_single_cert(dgst) - - self.certs[dgst].heuristics.direct_transitive_cves = transitive_cve.direct_transitive_cves - self.certs[dgst].heuristics.indirect_transitive_cves = transitive_cve.indirect_transitive_cves - @staged(logger, "Computing heuristics: Matching scheme data.") def _compute_scheme_data(self): - if self.auxiliary_datasets.scheme_dset: - for scheme in self.auxiliary_datasets.scheme_dset: - if certified := scheme.lists.get(EntryType.Certified): - certs = [cert for cert in self if cert.status == "active"] - matches = CCSchemeMatcher.match_all(certified, scheme.country, certs) - for dgst, match in matches.items(): - self[dgst].heuristics.scheme_data = match - if archived := scheme.lists.get(EntryType.Archived): - certs = [cert for cert in self if cert.status == "archived"] - matches = CCSchemeMatcher.match_all(archived, scheme.country, certs) - for dgst, match in matches.items(): - self[dgst].heuristics.scheme_data = match - - @staged(logger, "Computing heuristics: SARs") - def _compute_sars(self) -> None: - transformer = SARTransformer().fit(self.certs.values()) - for cert in self: - cert.heuristics.extracted_sars = transformer.transform_single_cert(cert) - - def _compute_heuristics(self) -> None: - self._compute_normalized_cert_ids() - super()._compute_heuristics() - self._compute_scheme_data() - self._compute_cert_labs() - self._compute_sars() - - @staged(logger, "Computing heuristics: references between certificates.") - def _compute_references(self) -> None: - def ref_lookup(kw_attr): - def func(cert): - kws = getattr(cert.pdf_data, kw_attr) - if not kws: - return set() - res = set() - for scheme, matches in kws["cc_cert_id"].items(): - for match in matches: - try: - canonical = CertificateId(scheme, match).canonical - res.add(canonical) - except Exception: - res.add(match) - return res - - return func - - for ref_source in ("report", "st"): - kw_source = f"{ref_source}_keywords" - dep_attr = f"{ref_source}_references" - - finder = ReferenceFinder() - finder.fit(self.certs, lambda cert: cert.heuristics.cert_id, ref_lookup(kw_source)) # type: ignore - - for dgst in self.certs: - setattr(self.certs[dgst].heuristics, dep_attr, finder.predict_single_cert(dgst, keep_unknowns=False)) - - @serialize - def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: - """ - Processes all auxiliary datasets needed during computation. On top of base-class processing, - CC handles protection profiles, maintenance updates and schemes. - """ - super().process_auxiliary_datasets(download_fresh) - self.auxiliary_datasets.pp_dset = self.process_protection_profiles(to_download=download_fresh) - self.auxiliary_datasets.mu_dset = self.process_maintenance_updates(to_download=download_fresh) - self.auxiliary_datasets.scheme_dset = self.process_schemes( - to_download=download_fresh, only_schemes={cert.scheme for cert in self} + for scheme in self.aux_handlers[CCSchemeDatasetHandler].dset: + if certified := scheme.lists.get(EntryType.Certified): + certs = [cert for cert in self if cert.status == "active"] + matches = CCSchemeMatcher.match_all(certified, scheme.country, certs) + for dgst, match in matches.items(): + self[dgst].heuristics.scheme_data = match + if archived := scheme.lists.get(EntryType.Archived): + certs = [cert for cert in self if cert.status == "archived"] + matches = CCSchemeMatcher.match_all(archived, scheme.country, certs) + for dgst, match in matches.items(): + self[dgst].heuristics.scheme_data = match + + def _compute_heuristics_body(self, skip_schemes: bool = False) -> None: + link_to_protection_profiles(self.aux_handlers[ProtectionProfileDatasetHandler].dset, self.certs.values()) + compute_cpe_heuristics(self.aux_handlers[CPEDatasetHandler].dset, self.certs.values()) + compute_related_cves( + self.aux_handlers[CPEDatasetHandler].dset, + self.aux_handlers[CVEDatasetHandler].dset, + self.aux_handlers[CPEMatchDictHandler].dset, + self.certs.values(), ) + compute_normalized_cert_ids(self.certs.values()) + compute_references(self.certs) + compute_transitive_vulnerabilities(self.certs) - @staged(logger, "Processing protection profiles.") - def process_protection_profiles( - self, to_download: bool = True, keep_metadata: bool = True - ) -> ProtectionProfileDataset: - """ - Downloads new snapshot of dataset with processed protection profiles (if it doesn't exist) and links PPs - with certificates within self. Assigns PPs to all certificates - - :param bool to_download: If dataset should be downloaded or fetched from json, defaults to True - :param bool keep_metadata: If json related to the PP dataset should be kept on drive, defaults to True - :raises RuntimeError: When building of PPDataset fails - """ - - self.auxiliary_datasets_dir.mkdir(parents=True, exist_ok=True) - - if to_download or not self.pp_dataset_path.exists(): - pp_dataset = ProtectionProfileDataset.from_web(self.pp_dataset_path) - else: - pp_dataset = ProtectionProfileDataset.from_json(self.pp_dataset_path) + if not skip_schemes: + compute_scheme_data(self.aux_handlers[CCSchemeDatasetHandler].dset, self.certs) - for cert in self: - if cert.protection_profiles is None: - raise RuntimeError("Building of the dataset probably failed - this should not be happening.") - cert.protection_profiles = {pp_dataset.pps.get((x.pp_name, x.pp_link), x) for x in cert.protection_profiles} - - if not keep_metadata: - self.pp_dataset_path.unlink() - - return pp_dataset - - @staged(logger, "Processing maintenace updates.") - def process_maintenance_updates(self, to_download: bool = True) -> CCDatasetMaintenanceUpdates: - """ - Downloads or loads from json a dataset of maintenance updates. Runs analysis on that dataset if it's not completed. - :return CCDatasetMaintenanceUpdates: the resulting dataset of maintenance updates - """ - self.mu_dataset_dir.mkdir(parents=True, exist_ok=True) - - if to_download or not self.mu_dataset_path.exists(): - maintained_certs: list[CCCertificate] = [x for x in self if x.maintenance_updates] - updates = list( - itertools.chain.from_iterable(CCMaintenanceUpdate.get_updates_from_cc_cert(x) for x in maintained_certs) - ) - update_dset = CCDatasetMaintenanceUpdates( - {x.dgst: x for x in updates}, root_dir=self.mu_dataset_dir, name="maintenance_updates" - ) - else: - update_dset = CCDatasetMaintenanceUpdates.from_json(self.mu_dataset_path) - - if not update_dset.state.artifacts_downloaded: - update_dset.download_all_artifacts() - if not update_dset.state.pdfs_converted: - update_dset.convert_all_pdfs() - if not update_dset.state.certs_analyzed: - update_dset.extract_data() - - return update_dset - - @staged(logger, "Processing CC scheme dataset.") - def process_schemes(self, to_download: bool = True, only_schemes: set[str] | None = None) -> CCSchemeDataset: - """ - Downloads or loads from json a dataset of CC scheme data. - """ - self.auxiliary_datasets_dir.mkdir(parents=True, exist_ok=True) - - if to_download or not self.scheme_dataset_path.exists(): - scheme_dset = CCSchemeDataset.from_web(only_schemes) - scheme_dset.to_json(self.scheme_dataset_path) - else: - scheme_dset = CCSchemeDataset.from_json(self.scheme_dataset_path) - - return scheme_dset + compute_cert_labs(self.certs.values()) + compute_sars(self.certs.values()) class CCDatasetMaintenanceUpdates(CCDataset, ComplexSerializableType): @@ -965,7 +816,7 @@ def certs_dir(self) -> Path: def __iter__(self) -> Iterator[CCMaintenanceUpdate]: yield from self.certs.values() # type: ignore - def _compute_heuristics(self) -> None: + def _compute_heuristics_body(self, skip_schemes: bool = False) -> None: raise NotImplementedError def compute_related_cves(self) -> None: @@ -997,10 +848,10 @@ def to_pandas(self) -> pd.DataFrame: return df.fillna(value=np.nan) @classmethod - def from_web_latest(cls) -> CCDatasetMaintenanceUpdates: + def from_web_latest(cls) -> CCDataset: with tempfile.TemporaryDirectory() as tmp_dir: dset_path = Path(tmp_dir) / "cc_maintenances_latest_dataset.json" - helpers.download_file(config.cc_maintenances_latest_snapshot, dset_path) + helpers.download_file(str(config.cc_maintenances_latest_snapshot), dset_path) return cls.from_json(dset_path) def get_n_maintenances_df(self) -> pd.DataFrame: diff --git a/src/sec_certs/dataset/cc_scheme.py b/src/sec_certs/dataset/cc_scheme.py index e099f9de..e6397827 100644 --- a/src/sec_certs/dataset/cc_scheme.py +++ b/src/sec_certs/dataset/cc_scheme.py @@ -49,7 +49,9 @@ def from_dict(cls, dct: Mapping) -> CCSchemeDataset: return cls(dct["schemes"]) @classmethod - def from_web(cls, only_schemes: set[str] | None = None) -> CCSchemeDataset: + def from_web( + cls, json_path: str | Path = constants.DUMMY_NONEXISTING_PATH, only_schemes: set[str] | None = None + ) -> CCSchemeDataset: schemes = {} for scheme, sources in CCScheme.methods.items(): if only_schemes is not None and scheme not in only_schemes: @@ -58,4 +60,4 @@ def from_web(cls, only_schemes: set[str] | None = None) -> CCSchemeDataset: schemes[scheme] = CCScheme.from_web(scheme, sources.keys()) except Exception as e: logger.warning(f"Could not download CC scheme: {scheme} due to error {e}.") - return cls(schemes) + return cls(schemes, json_path=json_path) diff --git a/src/sec_certs/dataset/cpe.py b/src/sec_certs/dataset/cpe.py index efcb3ded..c93ddd71 100644 --- a/src/sec_certs/dataset/cpe.py +++ b/src/sec_certs/dataset/cpe.py @@ -9,8 +9,8 @@ import pandas as pd -import sec_certs.configuration as config_module from sec_certs import constants +from sec_certs.configuration import config from sec_certs.dataset.json_path_dataset import JSONPathDataset from sec_certs.sample.cpe import CPE from sec_certs.serialization.json import ComplexSerializableType @@ -19,6 +19,10 @@ logger = logging.getLogger(__name__) +class CPEMatchDict(dict): + pass + + class CPEDataset(JSONPathDataset, ComplexSerializableType): """ Dataset of CPE records. Includes look-up dictionaries for fast search. @@ -78,13 +82,13 @@ def from_web(cls, json_path: str | Path = constants.DUMMY_NONEXISTING_PATH) -> C dset_path = Path(tmp_dir) / "cpe_dataset.json.gz" if ( not helpers.download_file( - config_module.config.cpe_latest_snapshot, + config.cpe_latest_snapshot, dset_path, progress_bar_desc="Downloading CPEDataset from web", ) == constants.RESPONSE_OK ): - raise RuntimeError(f"Could not download CPEDataset from {config_module.config.cpe_latest_snapshot}.") + raise RuntimeError(f"Could not download CPEDataset from {config.cpe_latest_snapshot}.") dset = cls.from_json(dset_path, is_compressed=True) dset.json_path = json_path diff --git a/src/sec_certs/dataset/dataset.py b/src/sec_certs/dataset/dataset.py index 218936c4..ed17eecf 100644 --- a/src/sec_certs/dataset/dataset.py +++ b/src/sec_certs/dataset/dataset.py @@ -1,10 +1,6 @@ from __future__ import annotations -import gzip -import itertools -import json import logging -import re import shutil import tempfile from abc import ABC, abstractmethod @@ -17,33 +13,19 @@ import pandas as pd from sec_certs import constants -from sec_certs.configuration import config -from sec_certs.dataset.cpe import CPEDataset -from sec_certs.dataset.cve import CVEDataset -from sec_certs.model.cpe_matching import CPEClassifier +from sec_certs.dataset.auxiliary_dataset_handling import AuxiliaryDatasetHandler from sec_certs.sample.certificate import Certificate -from sec_certs.sample.cpe import CPE from sec_certs.serialization.json import ComplexSerializableType, get_class_fullname, serialize from sec_certs.utils import helpers -from sec_certs.utils.nvd_dataset_builder import CpeMatchNvdDatasetBuilder, CpeNvdDatasetBuilder, CveNvdDatasetBuilder from sec_certs.utils.profiling import staged -from sec_certs.utils.tqdm import tqdm logger = logging.getLogger(__name__) - -@dataclass -class AuxiliaryDatasets: - cpe_dset: CPEDataset | None = None - cve_dset: CVEDataset | None = None - - CertSubType = TypeVar("CertSubType", bound=Certificate) -AuxiliaryDatasetsSubType = TypeVar("AuxiliaryDatasetsSubType", bound=AuxiliaryDatasets) DatasetSubType = TypeVar("DatasetSubType", bound="Dataset") -class Dataset(Generic[CertSubType, AuxiliaryDatasetsSubType], ComplexSerializableType, ABC): +class Dataset(Generic[CertSubType], ComplexSerializableType, ABC): """ Base class for dataset of certificates from CC and FIPS 140 schemes. Layouts public functions, the processing pipeline and common operations on the dataset and certs. @@ -64,7 +46,7 @@ def __init__( name: str | None = None, description: str = "", state: DatasetInternalState | None = None, - auxiliary_datasets: AuxiliaryDatasetsSubType | None = None, + aux_handlers: dict[type[AuxiliaryDatasetHandler], AuxiliaryDatasetHandler] = {}, ): self.certs = certs @@ -73,13 +55,8 @@ def __init__( self.name = name if name else type(self).__name__.lower() + "_dataset" self.description = description if description else "No description provided" self.state = state if state else self.DatasetInternalState() - - if not auxiliary_datasets: - self.auxiliary_datasets = AuxiliaryDatasets() - else: - self.auxiliary_datasets = auxiliary_datasets - self.root_dir = Path(root_dir) + self.aux_handlers = aux_handlers @property def root_dir(self) -> Path: @@ -89,7 +66,7 @@ def root_dir(self) -> Path: return self._root_dir @root_dir.setter - def root_dir(self: DatasetSubType, new_dir: str | Path) -> None: + def root_dir(self, new_dir: str | Path) -> None: """ This setter will only set the root dir and all internal paths so that they point to the new root dir. No data is being moved around. @@ -122,22 +99,6 @@ def certs_dir(self) -> Path: """ return self.root_dir / "certs" - @property - def cpe_dataset_path(self) -> Path: - return self.auxiliary_datasets_dir / "cpe_dataset.json" - - @property - def cpe_match_json_path(self) -> Path: - return self.auxiliary_datasets_dir / "cpe_match_feed.json" - - @property - def cve_dataset_path(self) -> Path: - return self.auxiliary_datasets_dir / "cve_dataset.json" - - @property - def nist_cve_cpe_matching_dset_path(self) -> Path: - return self.auxiliary_datasets_dir / "nvdcpematch-1.0.json" - @property def json_path(self) -> Path: return self.root_dir / (self.name + ".json") @@ -177,7 +138,7 @@ def from_web(cls: type[DatasetSubType], url: str, progress_bar_desc: str, filena with tempfile.TemporaryDirectory() as tmp_dir: dset_path = Path(tmp_dir) / filename helpers.download_file(url, dset_path, show_progress_bar=True, progress_bar_desc=progress_bar_desc) - dset = cls.from_json(dset_path) + dset = cls.from_json(dset_path) # type: ignore dset.root_dir = constants.DUMMY_NONEXISTING_PATH return dset @@ -193,7 +154,7 @@ def to_dict(self) -> dict[str, Any]: } @classmethod - def from_dict(cls: type[DatasetSubType], dct: dict) -> DatasetSubType: + def from_dict(cls, dct: dict) -> Dataset: certs = {x.dgst: x for x in dct["certs"]} dset = cls(certs, name=dct["name"], description=dct["description"], state=dct["state"]) if len(dset) != (claimed := dct["n_certs"]): @@ -210,10 +171,8 @@ def from_json(cls: type[DatasetSubType], input_path: str | Path, is_compressed: return dset def _set_local_paths(self) -> None: - if self.auxiliary_datasets.cpe_dset: - self.auxiliary_datasets.cpe_dset.json_path = self.cpe_dataset_path - if self.auxiliary_datasets.cve_dset: - self.auxiliary_datasets.cve_dset.json_path = self.cve_dataset_path + for handler in self.aux_handlers.values(): + handler.set_local_paths(self.auxiliary_datasets_dir) def move_dataset(self, new_root_dir: str | Path) -> None: """ @@ -242,7 +201,7 @@ def copy_dataset(self, new_root_dir: str | Path) -> None: shutil.copytree(str(self.root_dir), str(new_root_dir), dirs_exist_ok=True) self.root_dir = new_root_dir - def _get_certs_by_name(self, name: str) -> set[CertSubType]: + def get_certs_by_name(self, name: str) -> set[CertSubType]: """ Returns list of certificates that match given name. """ @@ -252,22 +211,22 @@ def _get_certs_by_name(self, name: str) -> set[CertSubType]: def get_certs_from_web(self) -> None: raise NotImplementedError("Not meant to be implemented by the base class.") + @staged(logger, "Processing auxiliary datasets") @serialize - @abstractmethod def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: """ Processes all auxiliary datasets (CPE, CVE, ...) that are required during computation. """ logger.info("Processing auxiliary datasets.") - self.auxiliary_datasets_dir.mkdir(parents=True, exist_ok=True) - self.auxiliary_datasets.cpe_dset = self._prepare_cpe_dataset(download_fresh) - self.auxiliary_datasets.cve_dset = self._prepare_cve_dataset(download_fresh) - - if download_fresh or not self.cpe_match_json_path.exists(): - self._prepare_cpe_match_dict(download_fresh=download_fresh) - + for handler in self.aux_handlers.values(): + handler.process_dataset(download_fresh) self.state.auxiliary_datasets_processed = True + def load_auxiliary_datasets(self) -> None: + for handler in self.aux_handlers.values(): + if not hasattr(handler, "dset"): + handler.load_dataset() + @serialize def download_all_artifacts(self, fresh: bool = True) -> None: """ @@ -328,301 +287,24 @@ def analyze_certificates(self) -> None: self.state.certs_analyzed = True def _analyze_certificates_body(self) -> None: + logger.info("Extracting data and heuristics") self.extract_data() - self._compute_heuristics() + self.compute_heuristics() @abstractmethod def extract_data(self) -> None: raise NotImplementedError("Not meant to be implemented by the base class.") - def _compute_heuristics(self) -> None: + @serialize + def compute_heuristics(self) -> None: logger.info("Computing various heuristics from the certificates.") - self.compute_cpe_heuristics() - self.compute_related_cves() - self._compute_references() - self._compute_transitive_vulnerabilities() - - @abstractmethod - def _compute_references(self) -> None: - raise NotImplementedError("Not meant to be implemented by the base class.") + self.load_auxiliary_datasets() + self._compute_heuristics_body() @abstractmethod - def _compute_transitive_vulnerabilities(self) -> None: + def _compute_heuristics_body(self) -> None: raise NotImplementedError("Not meant to be implemented by the base class.") - @staged(logger, "Processing CPEDataset.") - def _prepare_cpe_dataset(self, download_fresh: bool = False) -> CPEDataset: - if not self.auxiliary_datasets_dir.exists(): - self.auxiliary_datasets_dir.mkdir(parents=True) - - if self.cpe_dataset_path.exists(): - logger.info("Preparing CPEDataset from json.") - cpe_dataset = CPEDataset.from_json(self.cpe_dataset_path) - else: - cpe_dataset = CPEDataset(json_path=self.cpe_dataset_path) - download_fresh = True - - if download_fresh: - if config.preferred_source_nvd_datasets == "api": - logger.info("Fetching new CPE records from NVD API.") - with CpeNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: - cpe_dataset = builder.build_dataset(cpe_dataset) - else: - logger.info("Preparing CPEDataset from sec-certs.org.") - cpe_dataset = CPEDataset.from_web(self.cpe_dataset_path) - cpe_dataset.to_json() - - return cpe_dataset - - @staged(logger, "Processing CVEDataset.") - def _prepare_cve_dataset(self, download_fresh: bool = False) -> CVEDataset: - if not self.auxiliary_datasets_dir.exists(): - logger.info("Loading CVEDataset from json.") - self.auxiliary_datasets_dir.mkdir(parents=True) - - if self.cve_dataset_path.exists(): - logger.info("Preparing CVEDataset from json.") - cve_dataset = CVEDataset.from_json(self.cve_dataset_path) - else: - cve_dataset = CVEDataset(json_path=self.cve_dataset_path) - download_fresh = True - - if download_fresh: - if config.preferred_source_nvd_datasets == "api": - logger.info("Fetching new CVE records from NVD API.") - with CveNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: - cve_dataset = builder.build_dataset(cve_dataset) - else: - logger.info("Preparing CVEDataset from sec-certs.org") - cve_dataset = CVEDataset.from_web(self.cve_dataset_path) - cve_dataset.to_json() - - return cve_dataset - - @staged(logger, "Processing CPE match dict.") - def _prepare_cpe_match_dict(self, download_fresh: bool = False) -> dict: - if self.cpe_match_json_path.exists(): - logger.info("Preparing CPE Match feed from json.") - with self.cpe_match_json_path.open("r") as handle: - cpe_match_dict = json.load(handle) - else: - cpe_match_dict = CpeMatchNvdDatasetBuilder._init_new_dataset() - download_fresh = True - - if download_fresh: - if config.preferred_source_nvd_datasets == "api": - logger.info("Fetchnig CPE Match feed from NVD APi.") - with CpeMatchNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: - cpe_match_dict = builder.build_dataset(cpe_match_dict) - else: - logger.info("Preparing CPE Match feed from sec-certs.org.") - with tempfile.TemporaryDirectory() as tmp_dir: - dset_path = Path(tmp_dir) / "cpe_match_feed.json.gz" - if ( - not helpers.download_file( - config.cpe_match_latest_snapshot, - dset_path, - progress_bar_desc="Downloading CPE Match feed from web", - ) - == constants.RESPONSE_OK - ): - raise RuntimeError( - f"Could not download CPE Match feed from {config.cpe_match_latest_snapshot}." - ) - with gzip.open(str(dset_path)) as handle: - json_str = handle.read().decode("utf-8") - cpe_match_dict = json.loads(json_str) - with self.cpe_match_json_path.open("w") as handle: - json.dump(cpe_match_dict, handle, indent=4) - - return cpe_match_dict - - @serialize - @staged(logger, "Computing heuristics: Finding CPE matches for certificates") - def compute_cpe_heuristics(self) -> CPEClassifier: - """ - Computes matching CPEs for the certificates. - """ - WINDOWS_WEAK_CPES: set[CPE] = { - CPE("", "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*", "Microsoft Windows on X64"), - CPE("", "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*", "Microsoft Windows on X86"), - } - - def filter_condition(cpe: CPE) -> bool: - """ - Filters out very weak CPE matches that don't improve our database. - """ - if ( - cpe.title - and (cpe.version == "-" or cpe.version == "*") - and not any(char.isdigit() for char in cpe.title) - ): - return False - if ( - not cpe.title - and cpe.item_name - and (cpe.version == "-" or cpe.version == "*") - and not any(char.isdigit() for char in cpe.item_name) - ): - return False - if re.match(constants.RELEASE_CANDIDATE_REGEX, cpe.update): - return False - if cpe in WINDOWS_WEAK_CPES: - return False - return True - - if not self.auxiliary_datasets.cpe_dset: - self.auxiliary_datasets.cpe_dset = self._prepare_cpe_dataset() - - clf = CPEClassifier(config.cpe_matching_threshold, config.cpe_n_max_matches) - - if self.auxiliary_datasets.cpe_dset is None: - raise ValueError("CPE dataset cannot be None") - - clf.fit([x for x in self.auxiliary_datasets.cpe_dset if filter_condition(x)]) - - cert: CertSubType - for cert in tqdm(self, desc="Predicting CPE matches with the classifier"): - cert.compute_heuristics_version() - - cert.heuristics.cpe_matches = ( - clf.predict_single_cert(cert.manufacturer, cert.name, cert.heuristics.extracted_versions) - if cert.name - else None - ) - - return clf - - @serialize - def to_label_studio_json(self, output_path: str | Path) -> None: - cpe_dset = self._prepare_cpe_dataset() - - lst = [] - for cert in [x for x in self if x.heuristics.cpe_matches]: - dct = {"text": cert.label_studio_title} - candidates = [cpe_dset[x].title for x in cert.heuristics.cpe_matches] - candidates += ["No good match"] * (config.cpe_n_max_matches - len(candidates)) - options = ["option_" + str(x) for x in range(1, config.cpe_n_max_matches)] - dct.update(dict(zip(options, candidates))) - lst.append(dct) - - with Path(output_path).open("w") as handle: - json.dump(lst, handle, indent=4) - - @serialize - def load_label_studio_labels(self, input_path: str | Path) -> set[str]: - with Path(input_path).open("r") as handle: - data = json.load(handle) - - cpe_dset = self._prepare_cpe_dataset() - title_to_cpes_dict = cpe_dset.get_title_to_cpes_dict() - labeled_cert_digests: set[str] = set() - - logger.info("Translating label studio matches into their CPE representations and assigning to certificates.") - for annotation in tqdm(data, desc="Translating label studio matches"): - cpe_candidate_keys = {key for key in annotation if "option_" in key and annotation[key] != "No good match"} - - if "verified_cpe_match" not in annotation: - incorrect_keys: set[str] = set() - elif isinstance(annotation["verified_cpe_match"], str): - incorrect_keys = {annotation["verified_cpe_match"]} - else: - incorrect_keys = set(annotation["verified_cpe_match"]["choices"]) - - incorrect_keys = {x.lstrip("$") for x in incorrect_keys} - predicted_annotations = {annotation[x] for x in cpe_candidate_keys - incorrect_keys} - - cpes: set[CPE] = set() - for x in predicted_annotations: - if x not in title_to_cpes_dict: - logger.error(f"{x} not in dataset") - else: - to_update = title_to_cpes_dict[x] - if to_update and not cpes: - cpes = to_update - elif to_update and cpes: - cpes.update(to_update) - - # distinguish between FIPS and CC - if "\n" in annotation["text"]: - cert_name = annotation["text"].split("\nModule name: ")[1].split("\n")[0] - else: - cert_name = annotation["text"] - - certs = self._get_certs_by_name(cert_name) - labeled_cert_digests.update({x.dgst for x in certs}) - - for c in certs: - c.heuristics.verified_cpe_matches = {x.uri for x in cpes if x is not None} if cpes else None - - return labeled_cert_digests - - def enrich_automated_cpes_with_manual_labels(self) -> None: - """ - Prior to CVE matching, it is wise to expand the database of automatic CPE matches with those that were manually assigned. - """ - for cert in cast(Iterator[Certificate], self): - if not cert.heuristics.cpe_matches and cert.heuristics.verified_cpe_matches: - cert.heuristics.cpe_matches = cert.heuristics.verified_cpe_matches - elif cert.heuristics.cpe_matches and cert.heuristics.verified_cpe_matches: - cert.heuristics.cpe_matches = set(cert.heuristics.cpe_matches).union( - set(cert.heuristics.verified_cpe_matches) - ) - - def _get_all_cpes_in_dataset(self) -> set[CPE]: - if not self.auxiliary_datasets.cpe_dset: - raise ValueError( - "Cannot retrieve all cpes in dataset when cpe_dset is not set. You can prepare it with obj._prepare_cpe_dataset()" - ) - - cpe_matches = [ - [self.auxiliary_datasets.cpe_dset.cpes[y] for y in x.heuristics.cpe_matches] - for x in self - if x.heuristics.cpe_matches - ] - return set(itertools.chain.from_iterable(cpe_matches)) - - @serialize - @staged(logger, "Computing heuristics: CVEs in certificates.") - def compute_related_cves(self) -> None: - """ - Computes CVEs for the certificates, given their CPE matches. - """ - - if not self.auxiliary_datasets.cpe_dset: - self.auxiliary_datasets.cpe_dset = self._prepare_cpe_dataset() - - if not self.auxiliary_datasets.cve_dset: - self.auxiliary_datasets.cve_dset = self._prepare_cve_dataset() - - if self.auxiliary_datasets.cve_dset is None: - raise ValueError("CVE dataset cannot be None") - - if not self.auxiliary_datasets.cve_dset.look_up_dicts_built: - cpe_match_dict = self._prepare_cpe_match_dict() - all_cpes = self._get_all_cpes_in_dataset() - self.auxiliary_datasets.cve_dset.build_lookup_dict(cpe_match_dict, all_cpes) - - self.enrich_automated_cpes_with_manual_labels() - cpe_rich_certs = [x for x in cast(Iterator[Certificate], self) if x.heuristics.cpe_matches] - - if not cpe_rich_certs: - logger.error( - "No certificates with verified CPE match detected. You must run dset.manually_verify_cpe_matches() first. Returning." - ) - return - - cert: Certificate - for cert in tqdm(cpe_rich_certs, desc="Computing related CVES"): - related_cves = self.auxiliary_datasets.cve_dset.get_cves_from_matched_cpe_uris(cert.heuristics.cpe_matches) - cert.heuristics.related_cves = related_cves if related_cves else None - - n_vulnerable = len([x for x in cpe_rich_certs if x.heuristics.related_cves]) - n_vulnerabilities = sum([len(x.heuristics.related_cves) for x in cpe_rich_certs if x.heuristics.related_cves]) - logger.info( - f"In total, we identified {n_vulnerabilities} vulnerabilities in {n_vulnerable} vulnerable certificates." - ) - def get_keywords_df(self, var: str) -> pd.DataFrame: """ Get dataframe of keyword hits for attribute (var) that is member of PdfData class. diff --git a/src/sec_certs/dataset/fips.py b/src/sec_certs/dataset/fips.py index 77f38754..f431dab7 100644 --- a/src/sec_certs/dataset/fips.py +++ b/src/sec_certs/dataset/fips.py @@ -13,12 +13,18 @@ from sec_certs import constants from sec_certs.configuration import config -from sec_certs.dataset.cpe import CPEDataset -from sec_certs.dataset.cve import CVEDataset -from sec_certs.dataset.dataset import AuxiliaryDatasets, Dataset -from sec_certs.dataset.fips_algorithm import FIPSAlgorithmDataset -from sec_certs.model.reference_finder import ReferenceFinder -from sec_certs.model.transitive_vulnerability_finder import TransitiveVulnerabilityFinder +from sec_certs.dataset.auxiliary_dataset_handling import ( + AuxiliaryDatasetHandler, + CPEDatasetHandler, + CPEMatchDictHandler, + CVEDatasetHandler, + FIPSAlgorithmDatasetHandler, +) +from sec_certs.dataset.dataset import Dataset +from sec_certs.heuristics.common import compute_cpe_heuristics, compute_related_cves, compute_transitive_vulnerabilities +from sec_certs.heuristics.fips import ( + compute_references, +) from sec_certs.sample.fips import FIPSCertificate from sec_certs.serialization.json import ComplexSerializableType, serialize from sec_certs.utils import helpers @@ -29,13 +35,7 @@ logger = logging.getLogger(__name__) -class FIPSAuxiliaryDatasets(AuxiliaryDatasets): - cpe_dset: CPEDataset | None = None - cve_dset: CVEDataset | None = None - algorithm_dset: FIPSAlgorithmDataset | None = None - - -class FIPSDataset(Dataset[FIPSCertificate, FIPSAuxiliaryDatasets], ComplexSerializableType): +class FIPSDataset(Dataset[FIPSCertificate], ComplexSerializableType): """ Class for processing of FIPSCertificate samples. Inherits from `ComplexSerializableType` and base abstract `Dataset` class. """ @@ -47,7 +47,7 @@ def __init__( name: str | None = None, description: str = "", state: Dataset.DatasetInternalState | None = None, - auxiliary_datasets: FIPSAuxiliaryDatasets | None = None, + aux_handlers: dict[type[AuxiliaryDatasetHandler], AuxiliaryDatasetHandler] = {}, ): self.certs = certs self.timestamp = datetime.datetime.now() @@ -55,12 +55,15 @@ def __init__( self.name = name if name else type(self).__name__ + " dataset" self.description = description if description else datetime.datetime.now().strftime("%d/%m/%Y %H:%M:%S") self.state = state if state else self.DatasetInternalState() - self.auxiliary_datasets: FIPSAuxiliaryDatasets = ( - auxiliary_datasets if auxiliary_datasets else FIPSAuxiliaryDatasets() - ) - + self.aux_handlers = aux_handlers self.root_dir = Path(root_dir) + if not self.aux_handlers: + self.aux_handlers[CPEDatasetHandler] = CPEDatasetHandler(self.auxiliary_datasets_dir) + self.aux_handlers[CVEDatasetHandler] = CVEDatasetHandler(self.auxiliary_datasets_dir) + self.aux_handlers[FIPSAlgorithmDatasetHandler] = FIPSAlgorithmDatasetHandler(self.auxiliary_datasets_dir) + self.aux_handlers[CPEMatchDictHandler] = CPEMatchDictHandler(self.auxiliary_datasets_dir) + LIST_OF_CERTS_HTML: Final[dict[str, str]] = { "fips_modules_active.html": constants.FIPS_ACTIVE_MODULES_URL, "fips_modules_historical.html": constants.FIPS_HISTORICAL_MODULES_URL, @@ -83,10 +86,6 @@ def policies_txt_dir(self) -> Path: def module_dir(self) -> Path: return self.certs_dir / "modules" - @property - def algorithm_dataset_path(self) -> Path: - return self.auxiliary_datasets_dir / "algorithms.json" - def __getitem__(self, item: str) -> FIPSCertificate: try: return super().__getitem__(item) @@ -108,6 +107,17 @@ def _extract_data_from_html_modules(self) -> None: ) self.update_with_certs(processed_certs) + def _compute_heuristics_body(self): + compute_cpe_heuristics(self.aux_handlers[CPEDatasetHandler].dset, self.certs.values()) + compute_related_cves( + self.aux_handlers[CPEDatasetHandler].dset, + self.aux_handlers[CVEDatasetHandler].dset, + self.aux_handlers[CPEMatchDictHandler].dset, + self.certs.values(), + ) + compute_references(self.certs) + compute_transitive_vulnerabilities(self.certs) + @serialize def extract_data(self) -> None: logger.info("Extracting various data from certification artifacts.") @@ -219,15 +229,15 @@ def from_web_latest(cls) -> FIPSDataset: """ Fetches the fresh snapshot of FIPSDataset from mirror. """ - return cls.from_web(config.fips_latest_snapshot, "Downloading FIPS Dataset", "fips_latest_dataset.json") + return cls.from_web( + str(config.fips_latest_snapshot), + "Downloading FIPS Dataset", + "fips_latest_dataset.json", + ) def _set_local_paths(self) -> None: super()._set_local_paths() - if self.auxiliary_datasets.algorithm_dset: - self.auxiliary_datasets.algorithm_dset.json_path = self.algorithm_dataset_path - - cert: FIPSCertificate - for cert in self.certs.values(): + for cert in self: cert.set_local_paths(self.policies_pdf_dir, self.policies_txt_dir, self.module_dir) @serialize @@ -247,21 +257,6 @@ def get_certs_from_web(self, to_download: bool = True, keep_metadata: bool = Tru self._set_local_paths() self.state.meta_sources_parsed = True - @serialize - def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: - super().process_auxiliary_datasets(download_fresh) - self.auxiliary_datasets.algorithm_dset = self._prepare_algorithm_dataset(download_fresh) - - @staged(logger, "Processing FIPSAlgorithm dataset.") - def _prepare_algorithm_dataset(self, download_fresh_algs: bool = False) -> FIPSAlgorithmDataset: - if not self.algorithm_dataset_path.exists() or download_fresh_algs: - alg_dset = FIPSAlgorithmDataset.from_web(self.algorithm_dataset_path) - alg_dset.to_json() - else: - alg_dset = FIPSAlgorithmDataset.from_json(self.algorithm_dataset_path) - - return alg_dset - @staged(logger, "Extracting Algorithms from policy tables") def _extract_algorithms_from_policy_tables(self): certs_to_process = [x for x in self if x.state.policy_is_ok_to_analyze()] @@ -283,47 +278,11 @@ def _extract_policy_pdf_metadata(self) -> None: ) self.update_with_certs(processed_certs) - @staged(logger, "Computing heuristics: Transitive vulnerabilities in referenc(ed/ing) certificates.") - def _compute_transitive_vulnerabilities(self) -> None: - transitive_cve_finder = TransitiveVulnerabilityFinder(lambda cert: str(cert.cert_id)) - transitive_cve_finder.fit(self.certs, lambda cert: cert.heuristics.policy_processed_references) - - for dgst in self.certs: - transitive_cve = transitive_cve_finder.predict_single_cert(dgst) - self.certs[dgst].heuristics.direct_transitive_cves = transitive_cve.direct_transitive_cves - self.certs[dgst].heuristics.indirect_transitive_cves = transitive_cve.indirect_transitive_cves - - @staged(logger, "Computing heuristics: references between certificates.") - def _compute_references(self, keep_unknowns: bool = False) -> None: - # Previously, a following procedure was used to prune reference_candidates: - # - A set of algorithms was obtained via self.auxiliary_datasets.algorithm_dset.get_algorithms_by_id(reference_candidate) - # - If any of these algorithms had the same vendor as the reference_candidate, the candidate was rejected - # - The rationale is that if an ID appears in a certificate s.t. an algorithm with the same ID was produced by the same vendor, the reference likely refers to alg. - # - Such reference should then be discarded. - # - We are uncertain of the effectivity of such measure, disabling it for now. - for cert in self: - cert.prune_referenced_cert_ids() - - policy_reference_finder = ReferenceFinder() - policy_reference_finder.fit( - self.certs, lambda cert: str(cert.cert_id), lambda cert: cert.heuristics.policy_prunned_references - ) - - module_reference_finder = ReferenceFinder() - module_reference_finder.fit( - self.certs, lambda cert: str(cert.cert_id), lambda cert: cert.heuristics.module_prunned_references - ) - - for cert in self: - cert.heuristics.policy_processed_references = policy_reference_finder.predict_single_cert( - cert.dgst, keep_unknowns - ) - cert.heuristics.module_processed_references = module_reference_finder.predict_single_cert( - cert.dgst, keep_unknowns - ) - def to_pandas(self) -> pd.DataFrame: - df = pd.DataFrame([x.pandas_tuple for x in self.certs.values()], columns=FIPSCertificate.pandas_columns) + df = pd.DataFrame( + [x.pandas_tuple for x in self.certs.values()], + columns=FIPSCertificate.pandas_columns, + ) df = df.set_index("dgst") df.date_validation = pd.to_datetime(df.date_validation, errors="coerce") @@ -333,7 +292,12 @@ def to_pandas(self) -> pd.DataFrame: df = df.loc[~(df.embodiment == "*")] df = df.astype( - {"type": "category", "status": "category", "standard": "category", "embodiment": "category"} + { + "type": "category", + "status": "category", + "standard": "category", + "embodiment": "category", + } ).fillna(value=np.nan) df.level = df.level.fillna(value=np.nan).astype("float") diff --git a/src/sec_certs/dataset/protection_profile.py b/src/sec_certs/dataset/protection_profile.py index af7733a8..c3440c56 100644 --- a/src/sec_certs/dataset/protection_profile.py +++ b/src/sec_certs/dataset/protection_profile.py @@ -2,22 +2,21 @@ import json import logging -import shutil import tempfile from dataclasses import dataclass from pathlib import Path from sec_certs import constants from sec_certs.configuration import config +from sec_certs.dataset.json_path_dataset import JSONPathDataset from sec_certs.sample.protection_profile import ProtectionProfile -from sec_certs.serialization.json import get_class_fullname from sec_certs.utils import helpers logger = logging.getLogger(__name__) @dataclass -class ProtectionProfileDataset: +class ProtectionProfileDataset(JSONPathDataset): pps: dict[tuple[str, str | None], ProtectionProfile] _json_path: Path @@ -29,29 +28,6 @@ def __init__( self.pps = pps self.json_path = Path(json_path) - @property - def json_path(self): - return self._json_path - - @json_path.setter - def json_path(self, new_path: str | Path): - new_path = Path(new_path) - if new_path.is_dir(): - raise ValueError(f"Json path of {get_class_fullname(self)} cannot be a directory.") - - self._json_path = new_path - - def move_dataset(self, new_json_path: str | Path) -> None: - logger.info(f"Moving {get_class_fullname(self)} dataset to {new_json_path}") - new_json_path = Path(new_json_path) - new_json_path.parent.mkdir(parents=True, exist_ok=True) - - if not self.json_path.exists(): - raise ValueError("Cannot move the PPDataset if the json path does not exist.") - - shutil.move(str(self.json_path), str(new_json_path)) - self.json_path = new_json_path - def __iter__(self): yield from self.pps.values() @@ -68,8 +44,8 @@ def __len__(self) -> int: return len(self.pps) @classmethod - def from_json(cls, json_path: str | Path): - with Path(json_path).open("r") as handle: + def from_json(cls, input_path: str | Path, is_compressed: bool = False): + with Path(input_path).open("r") as handle: data = json.load(handle) pps = [ProtectionProfile.from_old_api_dict(x) for x in data.values()] @@ -79,7 +55,10 @@ def from_json(cls, json_path: str | Path): logger.warning(f"Duplicate entry in PP dataset: {(item.pp_name, item.pp_link)}") dct[(item.pp_name, item.pp_link)] = item - return cls(dct) + dset = cls(dct) + dset.json_path = Path(input_path) + + return dset @classmethod def from_web(cls, store_dataset_path: Path | None = None): diff --git a/src/sec_certs/heuristics/cc.py b/src/sec_certs/heuristics/cc.py new file mode 100644 index 00000000..13a7982c --- /dev/null +++ b/src/sec_certs/heuristics/cc.py @@ -0,0 +1,86 @@ +import logging +from collections.abc import Iterable + +from sec_certs.dataset.cc_scheme import CCSchemeDataset +from sec_certs.dataset.protection_profile import ProtectionProfileDataset +from sec_certs.model.cc_matching import CCSchemeMatcher +from sec_certs.model.reference_finder import ReferenceFinder +from sec_certs.model.sar_transformer import SARTransformer +from sec_certs.sample.cc import CCCertificate +from sec_certs.sample.cc_certificate_id import CertificateId +from sec_certs.sample.cc_scheme import EntryType +from sec_certs.utils.profiling import staged + +logger = logging.getLogger(__name__) + + +@staged(logger, "Computing heuristics: Linking certificates to protection profiles") +def link_to_protection_profiles(pp_dset: ProtectionProfileDataset, certs: Iterable[CCCertificate]) -> None: + for cert in certs: + if cert.protection_profiles is None: + continue + cert.protection_profiles = {pp_dset.pps.get((x.pp_name, x.pp_link), x) for x in cert.protection_profiles} + + +@staged(logger, "Computing heuristics: references between certificates.") +def compute_references(certs: dict[str, CCCertificate]) -> None: + def ref_lookup(kw_attr): + def func(cert): + kws = getattr(cert.pdf_data, kw_attr) + if not kws: + return set() + res = set() + for scheme, matches in kws["cc_cert_id"].items(): + for match in matches: + try: + canonical = CertificateId(scheme, match).canonical + res.add(canonical) + except Exception: + res.add(match) + return res + + return func + + for ref_source in ("report", "st"): + kw_source = f"{ref_source}_keywords" + dep_attr = f"{ref_source}_references" + + finder = ReferenceFinder() + finder.fit(certs, lambda cert: cert.heuristics.cert_id, ref_lookup(kw_source)) # type: ignore + + for dgst in certs: + setattr(certs[dgst].heuristics, dep_attr, finder.predict_single_cert(dgst, keep_unknowns=False)) + + +@staged(logger, "Computing heuristics: Deriving information about certificate ids from artifacts.") +def compute_normalized_cert_ids(certs: Iterable[CCCertificate]) -> None: + for cert in certs: + cert.compute_heuristics_cert_id() + + +@staged(logger, "Computing heuristics: Matching scheme data.") +def compute_scheme_data(scheme_dset: CCSchemeDataset, certs: dict[str, CCCertificate]): + for scheme in scheme_dset: + if certified := scheme.lists.get(EntryType.Certified): + certs = {dgst: cert for dgst, cert in certs.items() if cert.status == "active"} + matches = CCSchemeMatcher.match_all(certified, scheme.country, certs.values()) + for dgst, match in matches.items(): + certs[dgst].heuristics.scheme_data = match + if archived := scheme.lists.get(EntryType.Archived): + certs = {dgst: cert for dgst, cert in certs.items() if cert.status == "archived"} + matches = CCSchemeMatcher.match_all(archived, scheme.country, certs.values()) + for dgst, match in matches.items(): + certs[dgst].heuristics.scheme_data = match + + +@staged(logger, "Computing heuristics: Deriving information about laboratories involved in certification.") +def compute_cert_labs(certs: Iterable[CCCertificate]) -> None: + for cert in certs: + cert.compute_heuristics_cert_lab() + + +@staged(logger, "Computing heuristics: SARs") +def compute_sars(certs: Iterable[CCCertificate]) -> None: + transformer = SARTransformer().fit(certs) + for cert in certs: + cert.heuristics.extracted_sars = transformer.transform_single_cert(cert) diff --git a/src/sec_certs/heuristics/common.py b/src/sec_certs/heuristics/common.py new file mode 100644 index 00000000..8a2b4769 --- /dev/null +++ b/src/sec_certs/heuristics/common.py @@ -0,0 +1,132 @@ +import itertools +import logging +import re +from collections.abc import Iterable + +from tqdm import tqdm + +from sec_certs import constants +from sec_certs.configuration import config +from sec_certs.dataset.cpe import CPEDataset +from sec_certs.dataset.cve import CVEDataset +from sec_certs.dataset.dataset import CertSubType +from sec_certs.model.cpe_matching import CPEClassifier +from sec_certs.model.transitive_vulnerability_finder import TransitiveVulnerabilityFinder +from sec_certs.sample.cc import CCCertificate +from sec_certs.sample.certificate import Certificate +from sec_certs.sample.cpe import CPE +from sec_certs.sample.fips import FIPSCertificate +from sec_certs.utils.profiling import staged + +logger = logging.getLogger(__name__) + + +@staged(logger, "Computing heuristics: Finding CPE matches for certificates") +def compute_cpe_heuristics(cpe_dataset: CPEDataset, certs: Iterable[CertSubType]) -> None: + """ + Computes matching CPEs for the certificates. + """ + WINDOWS_WEAK_CPES: set[CPE] = { + CPE("", "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x64:*", "Microsoft Windows on X64"), + CPE("", "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*", "Microsoft Windows on X86"), + } + + def filter_condition(cpe: CPE) -> bool: + """ + Filters out very weak CPE matches that don't improve our database. + """ + if cpe.title and (cpe.version == "-" or cpe.version == "*") and not any(char.isdigit() for char in cpe.title): + return False + if ( + not cpe.title + and cpe.item_name + and (cpe.version == "-" or cpe.version == "*") + and not any(char.isdigit() for char in cpe.item_name) + ): + return False + if re.match(constants.RELEASE_CANDIDATE_REGEX, cpe.update): + return False + return cpe not in WINDOWS_WEAK_CPES + + logger.info("Computing CPE heuristics.") + clf = CPEClassifier(config.cpe_matching_threshold, config.cpe_n_max_matches) + clf.fit([x for x in cpe_dataset if filter_condition(x)]) + + for cert in tqdm(certs, desc="Predicting CPE matches with the classifier"): + cert.compute_heuristics_version() + cert.heuristics.cpe_matches = ( + clf.predict_single_cert(cert.manufacturer, cert.name, cert.heuristics.extracted_versions) + if cert.name + else None + ) + + +def get_all_cpes_in_dataset(cpe_dset: CPEDataset, certs: Iterable[Certificate]) -> set[CPE]: + cpe_matches = [[cpe_dset.cpes[y] for y in x.heuristics.cpe_matches] for x in certs if x.heuristics.cpe_matches] + return set(itertools.chain.from_iterable(cpe_matches)) + + +def enrich_automated_cpes_with_manual_labels(certs: Iterable[Certificate]) -> None: + """ + Prior to CVE matching, it is wise to expand the database of automatic CPE matches with those that were manually assigned. + """ + for cert in certs: + if not cert.heuristics.cpe_matches and cert.heuristics.verified_cpe_matches: + cert.heuristics.cpe_matches = cert.heuristics.verified_cpe_matches + elif cert.heuristics.cpe_matches and cert.heuristics.verified_cpe_matches: + cert.heuristics.cpe_matches = set(cert.heuristics.cpe_matches).union( + set(cert.heuristics.verified_cpe_matches) + ) + + +@staged(logger, "Computing heuristics: CVEs in certificates.") +def compute_related_cves( + cpe_dset: CPEDataset, cve_dset: CVEDataset, cpe_match_dict: dict, certs: Iterable[Certificate] +) -> None: + """ + Computes CVEs for the certificates, given their CPE matches. + """ + + logger.info("Computing related CVEs") + if not cve_dset.look_up_dicts_built: + all_cpes = get_all_cpes_in_dataset(cpe_dset, certs) + cve_dset.build_lookup_dict(cpe_match_dict, all_cpes) + + enrich_automated_cpes_with_manual_labels(certs) + cpe_rich_certs = [x for x in certs if x.heuristics.cpe_matches] + + for cert in tqdm(cpe_rich_certs, desc="Computing related CVES"): + related_cves = cve_dset.get_cves_from_matched_cpe_uris(cert.heuristics.cpe_matches) + cert.heuristics.related_cves = related_cves if related_cves else None + + n_vulnerable = len([x for x in cpe_rich_certs if x.heuristics.related_cves]) + n_vulnerabilities = sum([len(x.heuristics.related_cves) for x in cpe_rich_certs if x.heuristics.related_cves]) + logger.info( + f"In total, we identified {n_vulnerabilities} vulnerabilities in {n_vulnerable} vulnerable certificates." + ) + + +@staged( + logger, + "Computing heuristics: Transitive vulnerabilities in referenc(ed/ing) certificates.", +) +def compute_transitive_vulnerabilities(certs: dict[str, CertSubType]) -> None: + logger.info("Computing transitive vulnerabilities") + if not certs: + return + + some_cert = next(iter(certs.values())) + + if isinstance(some_cert, FIPSCertificate): + transitive_cve_finder = TransitiveVulnerabilityFinder(lambda cert: str(cert.cert_id)) + transitive_cve_finder.fit(certs, lambda cert: cert.heuristics.policy_processed_references) + elif isinstance(some_cert, CCCertificate): + transitive_cve_finder = TransitiveVulnerabilityFinder(lambda cert: str(cert.heuristics.cert_id)) + transitive_cve_finder.fit(certs, lambda cert: cert.heuristics.report_references) + else: + raise ValueError("Members of `certs` object must be either FIPSCertificate or CCCertificate instances.") + + for cert in certs.values(): + transitive_cve = transitive_cve_finder.predict_single_cert(cert.dgst) + cert.heuristics.direct_transitive_cves = transitive_cve.direct_transitive_cves + cert.heuristics.indirect_transitive_cves = transitive_cve.indirect_transitive_cves diff --git a/src/sec_certs/heuristics/fips.py b/src/sec_certs/heuristics/fips.py new file mode 100644 index 00000000..4abecc4e --- /dev/null +++ b/src/sec_certs/heuristics/fips.py @@ -0,0 +1,42 @@ +import logging + +from sec_certs.model.reference_finder import ReferenceFinder +from sec_certs.sample.fips import FIPSCertificate +from sec_certs.utils.profiling import staged + +logger = logging.getLogger(__name__) + + +@staged(logger, "Computing heuristics: references between certificates.") +def compute_references(certs: dict[str, FIPSCertificate], keep_unknowns: bool = False) -> None: + # Previously, a following procedure was used to prune reference_candidates: + # - A set of algorithms was obtained via self.auxiliary_datasets.algorithm_dset.get_algorithms_by_id(reference_candidate) + # - If any of these algorithms had the same vendor as the reference_candidate, the candidate was rejected + # - The rationale is that if an ID appears in a certificate s.t. an algorithm with the same ID was produced by the same vendor, the reference likely refers to alg. + # - Such reference should then be discarded. + # - We are uncertain of the effectivity of such measure, disabling it for now. + logger.info("Computing references") + for cert in certs.values(): + cert.prune_referenced_cert_ids() + + policy_reference_finder = ReferenceFinder() + policy_reference_finder.fit( + certs, + lambda cert: str(cert.cert_id), + lambda cert: cert.heuristics.policy_prunned_references, + ) + + module_reference_finder = ReferenceFinder() + module_reference_finder.fit( + certs, + lambda cert: str(cert.cert_id), + lambda cert: cert.heuristics.module_prunned_references, + ) + + for cert in certs.values(): + cert.heuristics.policy_processed_references = policy_reference_finder.predict_single_cert( + cert.dgst, keep_unknowns + ) + cert.heuristics.module_processed_references = module_reference_finder.predict_single_cert( + cert.dgst, keep_unknowns + ) diff --git a/src/sec_certs/utils/label_studio_utils.py b/src/sec_certs/utils/label_studio_utils.py new file mode 100644 index 00000000..9c70b938 --- /dev/null +++ b/src/sec_certs/utils/label_studio_utils.py @@ -0,0 +1,78 @@ +import json +import logging +from pathlib import Path + +from tqdm import tqdm + +from sec_certs.configuration import config +from sec_certs.dataset.auxiliary_dataset_handling import CPEDatasetHandler +from sec_certs.dataset.dataset import Dataset +from sec_certs.sample.cpe import CPE + +logger = logging.getLogger(__name__) + + +def to_label_studio_json(dataset: Dataset, output_path: str | Path) -> None: + dataset.load_auxiliary_datasets() + cpe_dset = dataset.aux_handlers[CPEDatasetHandler].dset + + lst = [] + for cert in [x for x in dataset if x.heuristics.cpe_matches]: + dct = {"text": cert.label_studio_title} + candidates = [cpe_dset[x].title for x in cert.heuristics.cpe_matches] + candidates += ["No good match"] * (config.cpe_n_max_matches - len(candidates)) + options = ["option_" + str(x) for x in range(1, config.cpe_n_max_matches)] + dct.update(dict(zip(options, candidates))) + lst.append(dct) + + with Path(output_path).open("w") as handle: + json.dump(lst, handle, indent=4) + + +def load_label_studio_labels(dataset: Dataset, input_path: str | Path) -> set[str]: + with Path(input_path).open("r") as handle: + data = json.load(handle) + + dataset.load_auxiliary_datasets() + cpe_dset = dataset.aux_handlers[CPEDatasetHandler].dset + title_to_cpes_dict = cpe_dset.get_title_to_cpes_dict() + labeled_cert_digests: set[str] = set() + + logger.info("Translating label studio matches into their CPE representations and assigning to certificates.") + for annotation in tqdm(data, desc="Translating label studio matches"): + cpe_candidate_keys = {key for key in annotation if "option_" in key and annotation[key] != "No good match"} + + if "verified_cpe_match" not in annotation: + incorrect_keys: set[str] = set() + elif isinstance(annotation["verified_cpe_match"], str): + incorrect_keys = {annotation["verified_cpe_match"]} + else: + incorrect_keys = set(annotation["verified_cpe_match"]["choices"]) + + incorrect_keys = {x.lstrip("$") for x in incorrect_keys} + predicted_annotations = {annotation[x] for x in cpe_candidate_keys - incorrect_keys} + + cpes: set[CPE] = set() + for x in predicted_annotations: + if x not in title_to_cpes_dict: + logger.error(f"{x} not in dataset") + else: + to_update = title_to_cpes_dict[x] + if to_update and not cpes: + cpes = to_update + elif to_update and cpes: + cpes.update(to_update) + + # distinguish between FIPS and CC + if "\n" in annotation["text"]: + cert_name = annotation["text"].split("\nModule name: ")[1].split("\n")[0] + else: + cert_name = annotation["text"] + + certs = dataset.get_certs_by_name(cert_name) + labeled_cert_digests.update({x.dgst for x in certs}) + + for c in certs: + c.heuristics.verified_cpe_matches = {x.uri for x in cpes if x is not None} if cpes else None + + return labeled_cert_digests diff --git a/src/sec_certs/utils/nvd_dataset_builder.py b/src/sec_certs/utils/nvd_dataset_builder.py index 08f65d30..4e7162eb 100644 --- a/src/sec_certs/utils/nvd_dataset_builder.py +++ b/src/sec_certs/utils/nvd_dataset_builder.py @@ -16,13 +16,13 @@ from requests import RequestException, Response from sec_certs import constants -from sec_certs.dataset.cpe import CPEDataset +from sec_certs.dataset.cpe import CPEDataset, CPEMatchDict from sec_certs.dataset.cve import CVEDataset from sec_certs.utils.parallel_processing import process_parallel logger = logging.getLogger(__name__) -DatasetType = TypeVar("DatasetType", CPEDataset, CVEDataset, dict) +DatasetType = TypeVar("DatasetType", CPEDataset, CVEDataset, CPEMatchDict) @dataclass @@ -320,7 +320,7 @@ def _init_new_dataset() -> CVEDataset: return CVEDataset() -class CpeMatchNvdDatasetBuilder(NvdDatasetBuilder[dict]): +class CpeMatchNvdDatasetBuilder(NvdDatasetBuilder[CPEMatchDict]): _ENDPOINT: Final[str] = "CPEMatch" _ENDPOINT_URL: Final[str] = "https://services.nvd.nist.gov/rest/json/cpematch/2.0" _RESULTS_PER_PAGE: Final[int] = 500 @@ -331,7 +331,7 @@ class CpeMatchNvdDatasetBuilder(NvdDatasetBuilder[dict]): "versionEndExcluding", ] - def _process_responses(self, responses: list[Response], dataset_to_fill: dict) -> dict: + def _process_responses(self, responses: list[Response], dataset_to_fill: CPEMatchDict) -> CPEMatchDict: timestamp = self._end_mod_date.isoformat() if self._end_mod_date else responses[-1].json()["timestamp"] match_strings = list(itertools.chain.from_iterable(response.json()["matchStrings"] for response in responses)) dataset_to_fill["timestamp"] = timestamp @@ -361,5 +361,5 @@ def _get_last_update_from_previous_data(self, previous_data: dict) -> datetime: return datetime.fromisoformat(previous_data["timestamp"]) @staticmethod - def _init_new_dataset() -> dict: - return {"timestamp": datetime.fromtimestamp(0).isoformat(), "match_strings": {}} + def _init_new_dataset() -> CPEMatchDict: + return CPEMatchDict({"timestamp": datetime.fromtimestamp(0).isoformat(), "match_strings": {}}) diff --git a/tests/cc/test_cc_analysis.py b/tests/cc/test_cc_analysis.py index ce83d705..9a57da1e 100644 --- a/tests/cc/test_cc_analysis.py +++ b/tests/cc/test_cc_analysis.py @@ -10,9 +10,17 @@ import tests.data.common from sec_certs.cert_rules import SARS_IMPLIED_FROM_EAL +from sec_certs.dataset.auxiliary_dataset_handling import ( + CPEDatasetHandler, + CPEMatchDictHandler, + CVEDatasetHandler, + ProtectionProfileDatasetHandler, +) from sec_certs.dataset.cc import CCDataset from sec_certs.dataset.cpe import CPEDataset from sec_certs.dataset.cve import CVEDataset +from sec_certs.heuristics.cc import compute_references, link_to_protection_profiles +from sec_certs.heuristics.common import compute_related_cves, compute_transitive_vulnerabilities from sec_certs.sample.cc import CCCertificate from sec_certs.sample.protection_profile import ProtectionProfile from sec_certs.sample.sar import SAR @@ -32,11 +40,14 @@ def processed_cc_dset( shutil.copytree(analysis_data_dir, tmp_dir, dirs_exist_ok=True) cc_dset = CCDataset.from_json(tmp_dir / "vulnerable_dataset.json") - cc_dset.process_protection_profiles() + + cc_dset.aux_handlers[ProtectionProfileDatasetHandler].process_dataset() + cc_dset.aux_handlers[CPEMatchDictHandler].dset = {} + cc_dset.aux_handlers[CVEDatasetHandler].dset = cve_dataset + cc_dset.aux_handlers[CPEDatasetHandler].dset = cpe_dataset + cc_dset.extract_data() - cc_dset.auxiliary_datasets.cve_dset = cve_dataset - cc_dset.auxiliary_datasets.cpe_dset = cpe_dataset - cc_dset._compute_heuristics() + cc_dset._compute_heuristics_body(skip_schemes=True) return cc_dset @@ -66,7 +77,13 @@ def test_find_related_cves(processed_cc_dset: CCDataset, random_certificate: CCC random_certificate.heuristics.cpe_matches = { "cpe:2.3:a:ibm:security_access_manager_for_enterprise_single_sign-on:8.2.2:*:*:*:*:*:*:*" } - processed_cc_dset.compute_related_cves() + compute_related_cves( + processed_cc_dset.aux_handlers[CPEDatasetHandler].dset, + processed_cc_dset.aux_handlers[CVEDatasetHandler].dset, + {}, + processed_cc_dset.certs.values(), + ) + assert random_certificate.heuristics.related_cves == {"CVE-2017-1732", "CVE-2019-4513"} @@ -75,7 +92,14 @@ def test_find_related_cves_criteria_configuration(processed_cc_dset: CCDataset, "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:zos:6.0.1:*:*:*:*:*:*:*", } - processed_cc_dset.compute_related_cves() + + compute_related_cves( + processed_cc_dset.aux_handlers[CPEDatasetHandler].dset, + processed_cc_dset.aux_handlers[CVEDatasetHandler].dset, + {}, + processed_cc_dset.certs.values(), + ) + assert random_certificate.heuristics.related_cves == {"CVE-2010-2325"} @@ -148,7 +172,10 @@ def test_protection_profile_matching(processed_cc_dset: CCDataset, random_certif pp_ids=frozenset(["KECS-PP-0822-2017 SSO V1.0"]), ) - processed_cc_dset.process_protection_profiles(to_download=False) + link_to_protection_profiles( + processed_cc_dset.aux_handlers[ProtectionProfileDatasetHandler].dset, processed_cc_dset.certs.values() + ) + assert random_certificate.protection_profiles == {expected_pp} @@ -161,7 +188,8 @@ def test_single_record_references_heuristics(random_certificate: CCCertificate): def test_reference_dataset(reference_dataset: CCDataset): - reference_dataset._compute_references() + compute_references(reference_dataset.certs) + test_cert = reference_dataset["d1b238729b25d745"] assert test_cert.heuristics.report_references.directly_referenced_by == {"BSI-DSZ-CC-0370-2006"} @@ -174,12 +202,12 @@ def test_reference_dataset(reference_dataset: CCDataset): def test_direct_transitive_vulnerability_dataset(transitive_vulnerability_dataset: CCDataset): - transitive_vulnerability_dataset._compute_transitive_vulnerabilities() + compute_transitive_vulnerabilities(transitive_vulnerability_dataset.certs) assert transitive_vulnerability_dataset["11f77cb31b931a57"].heuristics.direct_transitive_cves == {"CVE-2013-5385"} def test_indirect_transitive_vulnerability_dataset(transitive_vulnerability_dataset: CCDataset): - transitive_vulnerability_dataset._compute_transitive_vulnerabilities() + compute_transitive_vulnerabilities(transitive_vulnerability_dataset.certs) assert transitive_vulnerability_dataset["11f77cb31b931a57"].heuristics.indirect_transitive_cves == {"CVE-2013-5385"} diff --git a/tests/cc/test_cc_dataset.py b/tests/cc/test_cc_dataset.py index bc1433aa..c501054c 100644 --- a/tests/cc/test_cc_dataset.py +++ b/tests/cc/test_cc_dataset.py @@ -6,6 +6,7 @@ import pytest from sec_certs import constants +from sec_certs.dataset.auxiliary_dataset_handling import ProtectionProfileDatasetHandler from sec_certs.dataset.cc import CCDataset from sec_certs.sample.cc import CCCertificate @@ -132,9 +133,12 @@ def test_build_dataset(data_dir: Path, cert_one: CCCertificate, toy_dataset: CCD def test_process_pp_dataset(toy_dataset: CCDataset): with TemporaryDirectory() as tmp_dir: toy_dataset.copy_dataset(tmp_dir) - toy_dataset.process_protection_profiles() - assert toy_dataset.pp_dataset_path.exists() - assert toy_dataset.pp_dataset_path.stat().st_size > constants.MIN_CC_PP_DATASET_SIZE + toy_dataset.aux_handlers[ProtectionProfileDatasetHandler].process_dataset() + assert toy_dataset.aux_handlers[ProtectionProfileDatasetHandler].dset_path.exists() + assert ( + toy_dataset.aux_handlers[ProtectionProfileDatasetHandler].dset_path.stat().st_size + > constants.MIN_CC_PP_DATASET_SIZE + ) @pytest.mark.xfail(reason="May fail due to error on CC server") diff --git a/tests/cc/test_cc_maintenance_updates.py b/tests/cc/test_cc_maintenance_updates.py index 9c89c748..5a24af94 100644 --- a/tests/cc/test_cc_maintenance_updates.py +++ b/tests/cc/test_cc_maintenance_updates.py @@ -6,7 +6,7 @@ import pytest import tests.data.cc.dataset -from sec_certs.dataset import CCDatasetMaintenanceUpdates +from sec_certs.dataset.cc import CCDatasetMaintenanceUpdates from sec_certs.sample.cc_maintenance_update import CCMaintenanceUpdate @@ -29,7 +29,7 @@ def test_methods_not_meant_to_be_implemented(): with pytest.raises(NotImplementedError): dset.analyze_certificates() with pytest.raises(NotImplementedError): - dset._compute_heuristics() + dset._compute_heuristics_body() with pytest.raises(NotImplementedError): dset.process_auxiliary_datasets() with pytest.raises(NotImplementedError): diff --git a/tests/cc/test_cc_schemes.py b/tests/cc/test_cc_schemes.py index 1740cb27..b776d581 100644 --- a/tests/cc/test_cc_schemes.py +++ b/tests/cc/test_cc_schemes.py @@ -4,7 +4,9 @@ from requests import RequestException import sec_certs.sample.cc_scheme as CCSchemes +from sec_certs.dataset.auxiliary_dataset_handling import CCSchemeDatasetHandler from sec_certs.dataset.cc import CCDataset +from sec_certs.heuristics.cc import compute_scheme_data from sec_certs.model.cc_matching import CCSchemeMatcher from sec_certs.sample.cc import CCCertificate @@ -219,6 +221,7 @@ def test_matching(toy_dataset: CCDataset, canada_certified): def test_process_dataset(toy_dataset: CCDataset): - toy_dataset.auxiliary_datasets.scheme_dset = toy_dataset.process_schemes(True, only_schemes={"CA"}) - toy_dataset._compute_scheme_data() + toy_dataset.aux_handlers[CCSchemeDatasetHandler].only_schemes = {"CA"} # type: ignore + toy_dataset.aux_handlers[CCSchemeDatasetHandler].process_dataset() + compute_scheme_data(toy_dataset.aux_handlers[CCSchemeDatasetHandler].dset, toy_dataset.certs) assert toy_dataset["8f08cacb49a742fb"].heuristics.scheme_data is not None diff --git a/tests/fips/conftest.py b/tests/fips/conftest.py index f2da80c4..f9377c7d 100644 --- a/tests/fips/conftest.py +++ b/tests/fips/conftest.py @@ -4,6 +4,9 @@ import tests.data.fips.dataset from sec_certs.dataset import CPEDataset, CVEDataset, FIPSDataset +from sec_certs.dataset.auxiliary_dataset_handling import CPEDatasetHandler, CPEMatchDictHandler, CVEDatasetHandler +from sec_certs.heuristics.common import compute_cpe_heuristics, compute_related_cves, compute_transitive_vulnerabilities +from sec_certs.heuristics.fips import compute_references @pytest.fixture(scope="module") @@ -27,15 +30,30 @@ def processed_dataset( ] toy_dataset.certs = {x.dgst: x for x in tested_certs} + cpe_handler = CPEDatasetHandler(toy_dataset.auxiliary_datasets_dir) + cpe_handler.dset = cpe_dataset + cve_handler = CVEDatasetHandler(toy_dataset.auxiliary_datasets_dir) + cve_handler.dset = cve_dataset + cpe_match_dict_handler = CPEMatchDictHandler(toy_dataset.auxiliary_datasets_dir) + cpe_match_dict_handler.dset = {} + toy_dataset.aux_handlers = { + CPEDatasetHandler: cpe_handler, + CVEDatasetHandler: cve_handler, + CPEMatchDictHandler: cpe_match_dict_handler, + } + toy_dataset.download_all_artifacts() toy_dataset.convert_all_pdfs() toy_dataset.extract_data() - toy_dataset._compute_references(keep_unknowns=True) - toy_dataset.auxiliary_datasets.cpe_dset = cpe_dataset - toy_dataset.auxiliary_datasets.cve_dset = cve_dataset - toy_dataset.compute_cpe_heuristics() - toy_dataset.compute_related_cves() - toy_dataset._compute_transitive_vulnerabilities() + compute_cpe_heuristics(toy_dataset.aux_handlers[CPEDatasetHandler].dset, toy_dataset.certs.values()) + compute_related_cves( + toy_dataset.aux_handlers[CPEDatasetHandler].dset, + toy_dataset.aux_handlers[CVEDatasetHandler].dset, + toy_dataset.aux_handlers[CPEMatchDictHandler].dset, + toy_dataset.certs.values(), + ) + compute_references(toy_dataset.certs, keep_unknowns=True) + compute_transitive_vulnerabilities(toy_dataset.certs) return toy_dataset diff --git a/tests/fips/test_fips_analysis.py b/tests/fips/test_fips_analysis.py index 61f56848..54954c41 100644 --- a/tests/fips/test_fips_analysis.py +++ b/tests/fips/test_fips_analysis.py @@ -2,7 +2,9 @@ import pytest +from sec_certs.dataset.auxiliary_dataset_handling import CPEDatasetHandler, CVEDatasetHandler from sec_certs.dataset.fips import FIPSDataset +from sec_certs.heuristics.common import compute_related_cves @pytest.mark.parametrize( @@ -104,11 +106,16 @@ def test_match_cpe(processed_dataset: FIPSDataset): def test_find_related_cves(processed_dataset: FIPSDataset): - assert processed_dataset.auxiliary_datasets.cve_dset - processed_dataset.auxiliary_datasets.cve_dset._cpe_uri_to_cve_ids_lookup[ + assert processed_dataset.aux_handlers[CVEDatasetHandler].dset + processed_dataset.aux_handlers[CVEDatasetHandler].dset._cpe_uri_to_cve_ids_lookup[ "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*" ] = {"CVE-123456"} - processed_dataset.compute_related_cves() + compute_related_cves( + processed_dataset.aux_handlers[CPEDatasetHandler].dset, + processed_dataset.aux_handlers[CVEDatasetHandler].dset, + {}, + processed_dataset.certs.values(), + ) assert processed_dataset["2441"].heuristics.related_cves == {"CVE-123456"} @@ -117,7 +124,12 @@ def test_find_related_cves_criteria_configuration(processed_dataset: FIPSDataset "cpe:2.3:a:nalin_dahyabhai:vte:0.11.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnome:gnome-terminal:2.2:*:*:*:*:*:*:*", } - processed_dataset.compute_related_cves() + compute_related_cves( + processed_dataset.aux_handlers[CPEDatasetHandler].dset, + processed_dataset.aux_handlers[CVEDatasetHandler].dset, + {}, + processed_dataset.certs.values(), + ) assert processed_dataset["2441"].heuristics.related_cves == {"CVE-2003-0070"} diff --git a/tests/fips/test_fips_dataset.py b/tests/fips/test_fips_dataset.py index 9b18b754..81ad019d 100644 --- a/tests/fips/test_fips_dataset.py +++ b/tests/fips/test_fips_dataset.py @@ -93,18 +93,18 @@ def test_download_and_convert_artifacts(toy_dataset: FIPSDataset, data_dir: Path toy_dataset.copy_dataset(tmp_dir) toy_dataset.download_all_artifacts() - if not crt.state.policy_download_ok or crt.state.module_download_ok: - pytest.xfail(reason="Fail due to error during download") + if not crt.state.policy_download_ok or not crt.state.module_download_ok: + pytest.xfail(reason="Fail due to error during download") - toy_dataset.convert_all_pdfs() + toy_dataset.convert_all_pdfs() - assert not crt.state.policy_convert_garbage - assert crt.state.policy_convert_ok - assert crt.state.policy_pdf_hash == "36b63890182f0aed29b305a0b4acc0d70b657262516f4be69138c70c2abdb1f1" - assert crt.state.policy_txt_path.exists() + assert not crt.state.policy_convert_garbage + assert crt.state.policy_convert_ok + assert crt.state.policy_pdf_hash == "36b63890182f0aed29b305a0b4acc0d70b657262516f4be69138c70c2abdb1f1" + assert crt.state.policy_txt_path.exists() - template_policy_txt_path = data_dir / "template_policy_184097a88a9b4ad9.txt" - assert abs(crt.state.policy_txt_path.stat().st_size - template_policy_txt_path.stat().st_size) < 1000 + template_policy_txt_path = data_dir / "template_policy_184097a88a9b4ad9.txt" + assert abs(crt.state.policy_txt_path.stat().st_size - template_policy_txt_path.stat().st_size) < 1000 def test_to_pandas(toy_dataset: FIPSDataset): diff --git a/tests/test_cve_matching.py b/tests/test_cve_matching.py index c7e7da28..ed7ecc17 100644 --- a/tests/test_cve_matching.py +++ b/tests/test_cve_matching.py @@ -4,7 +4,9 @@ import pytest +from sec_certs.dataset.auxiliary_dataset_handling import CPEDatasetHandler, CPEMatchDictHandler, CVEDatasetHandler from sec_certs.dataset.cc import CCDataset +from sec_certs.heuristics.common import compute_cpe_heuristics, compute_related_cves @pytest.fixture(scope="module") @@ -12,11 +14,17 @@ def processed_cc_dataset() -> CCDataset: with tempfile.TemporaryDirectory() as tmp_dir: cc_dset = CCDataset(root_dir=tmp_dir) cc_dset.get_certs_from_web() - cc_dset._prepare_cpe_dataset() - cc_dset._prepare_cve_dataset() - cc_dset._prepare_cpe_match_dict() - cc_dset.compute_cpe_heuristics() - cc_dset.compute_related_cves() + cc_dset.aux_handlers[CPEDatasetHandler].process_dataset() + cc_dset.aux_handlers[CVEDatasetHandler].process_dataset() + cc_dset.aux_handlers[CPEMatchDictHandler].process_dataset() + + compute_cpe_heuristics(cc_dset.aux_handlers[CPEDatasetHandler].dset, cc_dset.certs.values()) + compute_related_cves( + cc_dset.aux_handlers[CPEDatasetHandler].dset, + cc_dset.aux_handlers[CVEDatasetHandler].dset, + cc_dset.aux_handlers[CPEMatchDictHandler].dset, + cc_dset.certs.values(), + ) return cc_dset From 6b0a27ca03c5927be7f2d4e19ac248328a6f711b Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Wed, 22 Jan 2025 12:27:50 +0100 Subject: [PATCH 03/17] merge main --- .pre-commit-config.yaml | 5 +- README.md | 4 +- docs/_static/favicon.png | Bin 0 -> 17151 bytes docs/_static/logo_dark.svg | 91 +++ docs/api/dataset.md | 2 +- docs/api/model.md | 2 +- docs/api/sample.md | 2 +- docs/conf.py | 6 +- docs/index.md | 19 +- docs/search_examples.md | 91 +++ docs/user_guide.md | 33 + notebooks/cc/chain_of_trust_plots.ipynb | 5 + notebooks/cc/scheme_eval.ipynb | 295 ++++++++ notebooks/cc/temporal_trends.ipynb | 5 + notebooks/cc/vulnerabilities.ipynb | 16 +- notebooks/examples/cc.ipynb | 37 +- notebooks/examples/est_solution.ipynb | 8 +- notebooks/examples/fips.ipynb | 43 +- notebooks/examples/fips_iut.ipynb | 2 +- notebooks/examples/fips_mip.ipynb | 2 +- notebooks/examples/model.ipynb | 6 +- notebooks/fips/in_process.ipynb | 6 + notebooks/fips/temporal_trends.ipynb | 5 + notebooks/fips/vulnerabilities.ipynb | 469 ++----------- pyproject.toml | 6 +- requirements/all_requirements.txt | 20 +- requirements/dev_requirements.txt | 23 +- requirements/nlp_requirements.txt | 16 +- requirements/requirements.txt | 13 +- requirements/test_requirements.txt | 13 +- src/sec_certs/configuration.py | 50 +- src/sec_certs/constants.py | 17 +- .../dataset/auxiliary_dataset_handling.py | 3 +- src/sec_certs/dataset/cc.py | 130 +++- src/sec_certs/dataset/cc_scheme.py | 8 +- src/sec_certs/dataset/dataset.py | 85 ++- src/sec_certs/dataset/fips.py | 31 +- src/sec_certs/heuristics/cc.py | 8 +- src/sec_certs/model/cc_matching.py | 107 ++- src/sec_certs/model/matching.py | 8 +- src/sec_certs/rules.yaml | 22 +- src/sec_certs/sample/cc.py | 58 +- src/sec_certs/sample/cc_certificate_id.py | 18 +- src/sec_certs/sample/cc_scheme.py | 650 +++++++++++++----- src/sec_certs/sample/certificate.py | 2 +- src/sec_certs/sample/sar.py | 4 +- src/sec_certs/utils/extract.py | 23 - src/sec_certs/utils/helpers.py | 16 +- src/sec_certs/utils/pdf.py | 4 +- src/sec_certs/utils/sanitization.py | 5 +- src/sec_certs/utils/tqdm.py | 2 +- tests/cc/test_cc_misc.py | 143 ++-- tests/cc/test_cc_schemes.py | 16 +- tests/data/cc/analysis/cc_full_dataset.json | 4 +- tests/data/cc/analysis/reference_dataset.json | 12 +- .../transitive_vulnerability_dataset.json | 12 +- .../data/cc/analysis/vulnerable_dataset.json | 8 +- tests/data/cc/certificate/fictional_cert.json | 2 + .../maintenances/maintenance_updates.json | 4 +- tests/data/cc/dataset/toy_dataset.json | 6 + 60 files changed, 1838 insertions(+), 865 deletions(-) create mode 100644 docs/_static/favicon.png create mode 100644 docs/_static/logo_dark.svg create mode 100644 docs/search_examples.md create mode 100644 notebooks/cc/scheme_eval.ipynb diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c5c6f238..371e7545 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,12 +1,12 @@ repos: - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.2.2 + rev: v0.7.4 hooks: - id: ruff - id: ruff-format args: ["--check"] - repo: https://github.com/pre-commit/mirrors-mypy - rev: "v1.8.0" + rev: "v1.13.0" hooks: - id: mypy additional_dependencies: @@ -14,4 +14,5 @@ repos: - "types-PyYAML" - "types-python-dateutil" - "types-requests" + - "types-dateparser" - "datasets" diff --git a/README.md b/README.md index 258725c2..41529529 100644 --- a/README.md +++ b/README.md @@ -68,8 +68,8 @@ df_2015_and_newer = df.loc[df.year_from > 2014] df.year_from.value_counts().sort_index().plot.line() ``` - +![](docs/_static/logolink_OP_VVV_hor_barva_eng.jpg) diff --git a/docs/_static/favicon.png b/docs/_static/favicon.png new file mode 100644 index 0000000000000000000000000000000000000000..05f420f03c059835d7fc02022816033607f73f12 GIT binary patch literal 17151 zcmd6Phdb5(8~4XSR>mQr9CWCpkW^%sW2Nk5CS)f2gsdZ#gAgetD&z;%a3%T@tRMfLi~^t-CL-4t7@ zJJWC9CmdPm#OJh9Rc0-idh5=8zk4GGh5rBGCz3UMqNk{X4~xZ8xN+M&osi@(o?=0x zBMFk>-L)=pl;IQA7V%0r2fb1zJ}kRFMiP_ZpMODeV{|}4NNZ}W^PA*GQT6`bwrt*q zwSks~hK4dT*XHAY4~v*=w0}zc&O9%@QR6|OL~g(jXVr@_Jc~|71lmk zF7YZHw&HFES8QcVByIQ8K*9vXLp>ak$dDf~oY%?Mr7_ zIf>FbAWBxc-vMSw9%`=Ow^oELezwQuBS^^dFcLl?S+n&muT7jMC5Lh^SlZ%iF85*( zkw_G^ANQ-{Rcn&kNg1qTmiHOz73(-z|Mhn!-v3KoZ2hTrRD zj%OQ}!zbK-4}6pHSGdQuV2U}y&Vmkpd$^qA@lW&7A5>o-tS^`@{9EEs zxy!G-V`HVf9$^8!M55{>zFszy!(#Lk)qr)|EA6+aq>PNFOZz)3?PfujPoqZa;(1um zk+hkQs-(;=uEhtd&3#Exc`UWhnxY(b&R_VmFwJ@e)dTlRqAKwQ^&V!uRCF%9uK0TF z`R3=S+xvUF8WW$x+RZd+2kgge6xeY%f%8H?avArJuVEg0&2_yE)HN}gSECq{3}2}l z-R;=9@HiuYM!(0ww{}i7yQMb&WRYuH75Cup?CYA`XC)>>SNPaL zMX%8>aPM2pOFz^qxp;3tQb|cE;XifTY;bPS9ASb5Ok(QdGO^u5*T zF9{xdpptJSobKEAWSH-5T^Txz#DFVEkfvF`FE_{LYiqpnt395QhG|2GEZ&`Qj+(Rn zVQAaMAGw!cFm^q*^wQl9^8%1?d^D>o4F2qQv6+iTsY$22NH?V zhV%?r{6k(b-J!C4A0#qZ`p18ciEeoUfPndat`|0Ed(8@GfS*OLjTgqocq0A zv;Sf7-=3q6tB-z(C>6fbR|E5nxoVgokhO5dp z?}p!&CP)iwv7ynIYSTzp=QVpG?hV5IaM>p42 z68DEvS45Zpw2Hpr4dg7rD@fpQ78&Oj*!LdyCpz$tf&k|yfBlL*j8IckYk((ck5GDQ zbnNUwSyuy`Me3!qY};%O4g;hB%Inhmto+JP&&nSbb8riAL!*Pss{)4m6ZI^+b#!#% ztXf|huJ6JzYuvh((4BOda>bIhu9U&!_%(E7Q|5uEwR^ZDRre>tB#hR#RXisnRoWud zo(|d$Q5WKH*dGqJnbuBr8kBCXOc}3ls`QuMd!t)*|K7?3>qIGH`-G_4gs1t~u$Ri! zdjIdYo5t(wjjOF@dtZ0@>#Of6ou&;@RZT;f$8xtK#Z=$3N9 z+&b~}3=BEjYdTdse_Gok3~P;!E%6eG8-mmxvi@^yw~`0cML*mbPLF9$ReRnRVR&Vb zHi;FB<;g--KiO3i(f%Fh*5UGJWhG~O_1s*4LCR)ycy8orvPWS$Nzd7dk%u7nyE>!}zGK^bZSzfm{ zyTb@U#J6C2hhnxTv(A4fs5gTy;6CZlP^K(efgkx37)w%7cnRyx(n+Jwx|#P*?fHpb zZJ8pg*2A$E?t)@$XQ$A%eKP%Q>_J0RMyLo!%5QFGtw`MOGxcbAzXBfZv-Dzhx73sJ zO4MR99z_*~5UZLx2d4wDzjSnU4GS!&r{X;l@P|5cOsih5bjl~z)?S$t9N*$tkfPY^ zy<8uzj6?~ud(3Fz_l`NY3YXOvuF%+yRA1WNUM~wjCSOj^8TgX%uv#`pzFCzCV_bCf zA)Dr?rc`)c+|@Kl=xvm~l9pE*8O?%@Nk zxYH?%2%fjBd9>rDJ**doDtg6GKP8!d50=?%{`uLfJ=xfc%#ifw_{QbKkoxEe$-m$` z=OjCts;jH3I_39wBDAJ>rS?I$?qZHPpE`AFXZB`IVfeAeURF=G3=0enCq#0Ivtdf~ zHZ8Ia6MwL3YtxlP6$oH9{$6+(rzxw-kLWsO?!Bd(vrF>^9YBub6Oa7_Hw7ecQS2~jiZ|>|AU8j5StL=41 zzIk1oobQ$-ey;a|d~ieB?r$gm(@r&9ry(+3@E08)0KK1Bo&Vm=CFPzW?)B%6&FDwp zG(R)tup>7L<4Y8LaRTRrDA+D}VmG!&_ZOO*x4`>rXlR6sTh!C0`|s~*>~8&S*L2l( z033b4BDAplJK0@l=?kx{3ozx}k@T-8qT%@tbls+v%hKTfkHI~T1vdyxD8E+olTTg> z8*g14sW#j^EVq%g>CIYlf7N*p9+mNyzvZ*sVEKDx zA6t-uN5<1no()cMT;>+HK3Fz<|IMQGXt5oexJ}2MmgrM=Y;0CGrxGV5!xy*1Lbm?S z6*&$|*?)U)g*kryqC>wz>r3HNf`a+stVV#A-?~k8+_AEXeEnL@+WN!=`<^8qc>pxU zcHK`zYj*xj*9aZRrE)hNM;O zKDYATS#G5CXHFjLkX}6R?^N4!M8a`?b#ZjR%h^wB|Nj1Rgnyi1Utf9OVYO?vRD8Ea zNWNX2VjuqY8V@8>i2Si#NBlBzvzffG!9uag(=kw=eugmVW$n;|R); zUNDLn{q;lKq;W$7hndL&L*R~%me$zheSzh}RJ3D&; zh+DA_?XxwL?l630*Qyy@sD`7Xh)sgmJA8Cktb`MfX{CEX_>YRuVMlql?k9rygP1TG zdZ$dX@;TVqT|QBBS5pY;ocxY9g&Jj)|K^n&)-W~D>fZ*Glvdw zuWKKTT;7_?i&^*NMx^4F4jzB|4o#RA;@Vm?NH9x~^Ob_=ymC=nb@J!W0?*}f{$Bq6 zGN(kfmk@woikfL;>E~Qq<5hw@`3U8KgZbf??d^pCY|4!f`U1$#vGi(j;U*)Omm;P{ zBiGw#z6M|yb%L9kcVg*%p3i*CiuubCLE`@K$mPR>zo_lco)CcyYId4VojK#)A-g_A zsu}LfHtYsS+kBK)vo{dqD{PQYP#5_^`K@JE)PIvfet)ymcewGjO@dmw zMm&>mou;~a3P}9pg7`J=#<$?XeAd3(un+g#N|JqMysXD6z>a)*{&3qlJb`^!3;YSg7;ixTYXag&}UmzNXi3DXrco}WS)(^6COJ(n#+s+X>a zUgS8fGHRD^`z85Yo{og&=YxfXg+5m~{b6qc`z!MMy1ApWKcjWaC!^Gv@M~OLTyghf z^$Uc5NHRefJaO`5V{1DT)vaaMz;RL7!&ll3ZjW|<%^}xT;p)Auxm)){N`WnCAF6O; zHr12#-}3>G7qPt}`(SnKxuzW5S@WIwfs)X7*WVOEWO%;k06C(ny1I1F50BZNV2~K~ zvvaW{zU!vo1gHL5*H8{{@8sbK^aNWky7KN;M*a7C!N=8KcIBE%i%J~z2G3yy8Fi2{ z9gO%HpfS_#E&$H*+4oro**@1jJEq7f=d%&9w=?}?2NJ($QOVtgcKC&%*8teJ3uYoo zHQNQ|%L#i8I29VcpcI~!xyOlntLaa9WC!NjPqYM3(!7%Qmm@nhh#fndo&KfahZrEf zCIeV2b{gI5((+SQKJa(e>muz-$;Fy|h+nJAcUP3k%TCPI!`Embneh7W;#!aJdSvPGU zxjXMTBuN|&RwY#8=RUW+77rZy>6pYmHf*mkeku%kG^mA|-Jw`p9PNadhv`|s3GnH@ zyGB>JLX*L`lbGZol$MSrEZINV{w?3t(0sQyyBQps9blSgRqSY9{NhObOn18R{1&nx zNHPkIZw1ft}&%|}qnf@s&Z0MK+ z;0sGD?hjEt2!1oruKS&#vLI^UN4V`(B1ES+o`wwAGUJ;3?u@2>6$d&Z`i$Hb7aGqTa@pj^eu|1RP>qVSG~PZ)hpIwaiXhT3KunV%`uA+J+nh0x4+|d;@Yd*7)4xoA%qpd zy}>rrfKia@Id-IUp@>OKKSFLxFnq!QWK$=z)^Dl3>){oFCkS*OBE;L5hnmMZVp6kD zXv8)Bi<62t0svt*I3KW32TYnw=?{^IFP$&~!RJx8r%qt|Hv^^V`LI9Ex=(jy+}}g~ z27H8dU*$*c%TZSv2MOk7>ZZGXw~8@rWKk=IBp?oAj7kN9yh54SVX)*uQjR-k;)x-i z0K9Vei2@@j5pqZVcJPkTkD1J|sHLJvpM7yYt5yJZ+u|-kI;LuoV^DwTSyTt}nSMMznc!I~^-$G9c5h?CWn;~3JRP^Au6<~RK$9oEu;YKG?Tti4aq)RL zz~DbWW6ZvSNa-0YOQIZ4oNWaWg28x77}G3$1;1>Exh&wqoNGgY3!M4@FRn)G`AOJb3hC8*F}FcDbI-Wnt%&=`qkQoDQr@@+QUeY{iY^Fw%?DH(eJhj5-zT znIS`;+F9vLha^KPWK@Jku7D|$>Iem`Ms{D7h>*}Yv;RgQ{$OPP1Caaku1&?Z&KKs% zXu??bXH%49DH%3_X4-vC4Tc>WY|duoNiJ5eMCl+t6w?or5tx=Uhv+rM>^w%INO&-N z3WQp)QqQI-khVf2nMf5US_e7!Cr=j70Vx~{kk0=>N3N_Yj8dD=?%%#Rj}foQsVQR> zy04;ysT{@ncxB|_msTkSEwVoq@078`C<po#r>d^czrKb{R&R`bE{X+*HZpVX*4m|XqKYu(IDyG1};6~Uq zWg_droBp$!Av-FPe<#I09EmMtSytc$;~var_G;s>GlNbwX<(0P!U(cQyHkcIN_Nu{ z_8%D0!q6g-Nol4n}Oa7^A;Fv zhaR$VdO4zWr;c~;*{b=q$a9+uRg0V#?4$8d^Hp~)^=JwqJ1;hv7s*a^xq$;5Gw$=! zkGk(gHWB~#iC|0ulfs4DG+M(_#1dc@-dwobt5sru14Q?>^xoh_U_;)a#%Q()x&igs zf!qRN$VNIphz$ZRB_vRVpe0?~yNmvL9s8;m2%&IRFX)kd+v(Y}bx#;m^7FeuEo}jH zg-s>){aJ5Ja?8|&Ri7M|Qg{W7~vVol{<68MRHs0AE%`ndUy zyehBR%=Dg3UNeRvxA&gc_>sLPDr=)4+7u9b!JTH-Fcguy7!K>d4c31RxYT=WT-nCl z-^3Qfmkk)Z!+Y_A4d~hV1ivji{NBmF5h(@kOk^oYF8k!tbV|gyWH|U`H))TB$?rCa zCE;jlsq`%cYJ&W#xop5=297^@{=2PGPly$0e&r=#xr`f$sId223Vn#DDE0cx4Tv#x zMXRgs*6p!Y7{&TFz++?rXs~R~+#@X?li`HHI-W<3eR!9#BA*FIwgQZSQ6r1k3h;@U zE21B|2}L07FnVOMq?Cz;Jwkr398ZO218(6dr&z6&a!+vq6N`ipQr$NsrJ&~nmJEqA zs3je|FWcCgW1M4&yDkpGPC=2p+p{Tg&Hr<4S}=sn?rL|hSaQZ|JfU2hV(f!;FGcbl z09I#AD|_HXZzuTgd6hbRx4`g+oUfb}V@F21gNmcU^^rLuyTQ^Na15lUyz(PbSM)9v z{cjy@QVNFvI|R8*d|n$|Q11F@5LZI)(;ry)hAH3JC zA%!t<{zToYoqWZtPzIulv5gT8ZAwvxR4AY)G0&yjWV3J^@tP9zUUS%5Uv$D8r$1sy zLu3O1d^P%}QnC6~y}7yh7(aiVREVlAP_dyBBc6ev0a{R{nv*nt=awC$hj^;YNpQ*pW$OdWPFe__J5qJ#OA5`UOP3(+GE|}CkGGU1FF80*!??sgZSz_rz0_2k+bhT=feJ0d zN9U{UTk?#f%?Z9N9m}N^rGhN|gjU;q#~YB$*&xp&dAt=%4V9o()k=7B(q=2E2U$@Es6OjPBiz0B=oR!h1uSr9rQ$_(sUS zU%$74*c0Hej4KIX3eNCjp;*~{AkIm%h55t)H9Cno@bOj2MMn_&D=YjI)y{@>|C z!2Ie95!LJ0t){!)g2La55N4-)8#VGy1^Na4>jfBeHuL^nk}6{-{&LEQq4EGpIwyd= z_gJ+%uqWc+0CTJVTm`+-p;v!-<_B;BCnY2x5F{E=m>C2SDZ^kL`Zw%=nS3qp|53_6 zlD1;0mcg*t77fMelJN19*C{-4)C3QUmABmIZCQ$}+mj88tRb+ZJ|$D%Aci{N3W0ff znZ9A*`@Qf`t7cGSlYG7L-H6b7#j98818JCl0a+e4@n=Ztk{5X>`W#9<-18IHUx`^h zNsv3i%HMa(TNu1<=pbb!lK~Bp0o3ADK9klhvdt`yH@MICGy|6PoCio@vo`;I$a5mB zSGzjO3BxBs7NaX~OO$yn*rHb6Em^Sm@#m20h(r1W5nS2ce)8s-i20bD{4e(iBX$(o z1x(sTa9C4-sDA>oC=G{hf-Mkv`R>{vq!?BB=s)&M*+oofnj;iT8h74*Wx`0Eh140p zho$Sux+x0vhC@G3)ii~bK7mlQh#ObDPC_Y(?(Y zOH*-mKq`~jDj1aREtj~p^GdtK%I~sKBb8HO_K$WLZtB@mk)){=3h=}f)BE48fQidk z;fS1=?aes~W=pOwOSLo~dW%P7zz0h=keKFJj$d_Lek0>`4w4jbOW0!`y@oc+;Q9X) zCGNIKwFEoRaL=*0yahWS%%&t%9o{f@`oJFJ?WZKb2j0fACqvu(7L&}Oss3^;a2$)- zlqT+9l+J(+%;nXLz#-xEnkhfUp0~5W{IvZw)h`LoUATL872K*#Z?<8v!}qU{=G7~J zx`7}20rDsdca;PkRHY`AU3=dRoP!t;#Cwq3Lp>(l0LK!^Y2TGZ0or1*H1?@i`zmZ% z5qu20C;kC>>CGn-oguxU`EVDlMgSs{?7VOJ{{42==Mxwq*%zMfVzyad7$&<-Sy|bp z;Sg06Bj;JZgIUD)$kH=<#EJTx%!{a~T1sXa5>)Q(V2dnOhtNO9Lq)Ckb~a7$-)`um z&r^>b1FamGUuUxK%Wdy3u=D~ynOy3V4x0fs;xO$B!>H+$p2_P$$`~LmH{1 zHJI=FYzznkq^LAldT)2&F;O-1`m3`6KxPyIb)0nnJCDKPo{n)ywnke1-mL>RntXP% zJ4yoQbE_7les#pF1I6)h;Adsh{b(xKdC5_a%&VQzCIQl5+xETLGe6%c;e@h*rfrLt zmLN7XmZH3OM%1Eg;|&&vQE@X3PmWx4XsTNL*oyHO`qA(Uhx5_SF}mRRanl+K>EvYF zh1=}qoEcN~SmTrDkUWhT&owBMNeA$q74wCy)%|fqV%}9Ag|!jyMQt!K`TGSO5n(5w zDPl1vYx)5Aw&r8qnb0m=HZ+dsK}VAQ z7whU;MbFPw_Y-#j39akD{LArANbPSLsX0u>RCv&6aflukknhL2eC7g*k6!do6M1$~ zj{Y05yw|{w0hb!n zqQQri8ffU^1hmLqKi%n?kYz8N>dX^ukSz-VCEKu^3EnHzP1k5kluv{9RPOv>93t0-FNBqzH$lrVqkSnIbZORqO zhg{06Xu241ednMm1MI3#GVkec_!~O+E4SL@%_yc!AXtzowY)SjC7i{N#QmLgFVb6ia^l42wD4R2 zl-h2BK2^aMrwnbNq8|lt++{AO?3`6gbd>y&gF78(bsT0~NIY&(#9L|xXERbO6-rd? zi31ZS!zys|=OBO+-je!CGso5V5jkh>^oEXjX;EJ3`}0k0ZEaT}!+oc7yuB2fGaA77 zLdzV72bSc4AuThs3Fc=<_F^gBGa>JpnVA8%_oA)s+SjjNGYpH~;V+^iwYI>PU%~mB zK@BLjk;i-f4?rPd%6Uq7@d5qD&oBP3Vq>q)_2xjKjQ{oP*HF;;^6vUkVY)Ne;3DsJ z$CqaeYk`4l?&z@Yh`Z!4Tv;-i7euLeaH1jh0k{7!QVpu*0JUyAJG-EehcG!9)(dtQD8P^&1m|2Er2ds$!q zaQmA%eFJoG`1Lmz3vPdUsEFCiHY^IqC+;sxmQQu%oZP;AiWgRH%vii?p$G^_&SD@5 zbPupgd+7C0qFxg?7lXn(bl<;!50cs$8X5|5a6R7jImOfUAk4Uab4*VDqDk6Sb}|DE zd@~3*m0a|3=`xnK-$?{ftujDD@P~Ax_8CpOHq(}{iPhCv$r8n zd;UsSfu)L+$HFyefqOXcfmjbraFs!&`^;M=e~8mQpjUp2r4nbqEXE6fx7h!N`bc^0 z^X%RK6+bcrRW&u!{dTtwYeQKNS{OFroWjes7NMRE?N-nC3q95-{|4xoo#nGiNAYp$ z2DD}?Mgv#g@D@#$vXuLD(&G>u>-&csvzu0|UBIIZWg@hn^IR5f7}Ed)bf>Au@Q0ve zNvZ;VkcR_pvJ5MO!fUo^Rj*WU!4AjLQ#`R;mxAT#8i^H%t~3~K{FsEqdY94zhQnuW z17JUN=#W99P}s$C4+>(0yE1dfgQQ?Q@sHHRQ}OAcilW0ptaO>+JI?veG3Y#nWnt9zr$cMEU?=%yspO5=Q!dD%eJE0gm5vEFJk- zBa4rzKff@riJ|9 zWBQp~UB;-_bHF<>@$v28>2oX}t7(o|0&Dgb1#DG7m;&V-pZUATAp%Smes2?aOHp9~ zSLXQ0-+C5Q9_6D24uxFtk~)un78&`;F8%l~9r|EmifB)3bF(>AEqe=+aX0sAu2Cy2 zJwQFrQN+ClS>Giu^4`Gtf4Sl5*#}5>wxU3A$E#234eJLOYKE)Grju;95FTULPwQ)usl?M7AE`SIgk%Q_s9DV+bb3_P;R$ZPGlh*y^DP?a z=Qvq)0sS5)17+p7u*>oOWA0Wj!Z@-i>$UCe-$NRFDv=|HQXrBZIjSB|K~C(c2^&g% zF&p+LmMZW>0Ue6lQ%=1U|9wnN$UBd<2jCmu7hnp{;_gxt&A`1|pFG=K%I({1VVr06RyrNGAZvC87Qe>UK1s4&k9cpA5+SdL$Uz>rQmCcjY%*E4hE-xr!c-!ddAUbbm--r(5?!V@!qfZ9-^CZz8ja42IsCWO>Z zMogP?vL{1x>}p6?ga2DNSeahb1o@!eA@!mV8rmckB5oX{ix;c=$qe~Da3td#>_~!F zixdIEw?cUv#RF6h%*PHVQEoQ|HP+SZZvk zlCFG4B^m;!52k)=pCb$v9ZX)M5Ym!E>$}Y?3`@LwX{i!V6#VjUn+g@XYzF3-E8*8+ znY;Vt%nVUFS``1L71<7W+k0$sLl1d0cw~%gjs;pU6$JG55J(x0HG-Sk@ndi(WI|I{ z9stRs3Fo#Ca5`eHXk4>tTN-5C$%8onn1U!3Uduk^ap8F&ge3pqwMB~b+~i7pd1k%0(apjkIbGk(PnvU6{%^^JbV9h6J)@0${Tlz5J!>df?0 zE@9@kUL_OIGeyiaEqB{zMZ@?%Pmk>z1ks)*OF9gRZmBE3xv!4PK!^!8F6oq$5QoUJ z(6DD(x;e+9a}nN1=iKlB?pC#b`ky)w*o2UU%N%=3;T^BO6d&4%2lnJYNs;Jw4{r=f zJ&KNp`sM@f-4yAE%E(nwd9#RDf{@2Gmayh*a2QHiD&Lela{u3VV_N)w6n1YSd? zod`T_CMT3i%Xm4RmuiB6d+Z0oPN~LkmlLo~_{zk$RA}2!hZt51Et3boDh1LL_$Mb4 z+|~?fB15z(SeRS8*eLPnF|llLn|krv3&T}FF7d+5O=6*sQgtbu9|aMP_Z~|fcmMn} zLLS9y6qKKeCh$YIv$s3cI)NpBIXi`EG>3ftf8b{;PQ*wL;XX&V@f=UP{Dhvc;q08( zwA&#?WM@Z28eO1jDhWA;WnZqT)!uHOnSVS4Kj`LIRFn$N&mqN6XQmc__1(INk}qO1 z2P2h^_OD}ml`hWu)r@)0qKkrx9`)J4|B4 z;K%0P*H|&j0|4~S7?-xK`#!#Yg@Hg>9`B$0QB@$Ap5Xb0aR+FBttfX!61n#Rga#yx z2Wr>}`bXfcYDn_~7H(dXLE4I$j_s*+aEVtaBch;mS9FvSC_Sl8b;NJ(xV;IwyZ~YJ zjbr7h{K%lQs$;aIERtEaBC$pf5vUVYCAFBkh$2^iZEvs6SneT-QD-1x2=^ILYCq3M z-A2=WjF(h{Clz^?*vREU`35ig+nour(9I+7K3X{nZ3Fz-Rhrv5 zdBvymm20t+^S=3F0n>O)c{q}N>q9KCxFZkdgy#esi`{2*AY^ZBOhn|QY@9eoO>#_< zSSrD@(1F_AF(i6>-+l{|)fXUwUM5ccdDWx9?n4iT#m3T)UTvR90xF5N9An^s!97et z@p;Kn0raS4b`gS&^h2|U5%m6h&q=1~7#K8>%k@C`P*Vq2Y@ZidP&vIDEbv*ke9pV^ z-S6*3jlqGyr%Ou=yFcGt&Q@)0YI25>{vBUI*=}ePT(O+B^k!89HeaAmQ6by$S9l#Q z37GJvrlzrWiP7S4onvGo>A!?&R4U}8g$(ssrj0N>Em@H(LIMVz6BjWI+M);)NpVI- zN7Q3PfQt$S?)?e0vPJ_vXADi6uMQ);l$0)=)KLmTNK_6|9`H&=Qm}=Zl%bu1y)bHK zw7tGKHM;kE)Dzl^P6-JWhU+?tok6TAcL}?_mvQy_rhGKp6;1Rdg22BeiUWDFoc$*k;IWdB&F)5}-RBkul26 z!eO`M3k_QCaCNZ}`?Q`%tFLy%j>jw#P7`kQUT)#HuiJ;bF&(yi#vq?0bv5ZKkHzYU z_m|3vGbePBtbi=Sz23_L+eKUv~5DmO)LB9qrQw+Dxq^*koVX16!4 z2ZZn7mo3!g8gQ7%twe5%i8^%lFEw)x?dbP)` zFFA9G`O{}aC(r_Zzw;>{4>{dm?Nx-2*81mb;3kd#{`P223b!tm z3gSvwuP%yB%M(P}#aujw@h<_AGKMo*zSm^WeR* z*Ss<3itQAjms7@-exdMF@5wUDQfNptTt^2v^yhz?0ldB`7VKIDEP6aZJ%gGTLEwT( zJFlV(eUTo8)I;Z~`O-=_rWtp>Ni`KbvZB8Yt&qSz21Dnyp-ONubWA)?Na!fEYRyhT zB4496q!<2t+|CYEJ)eO*D-@*Kqx5|COjbeQ;D0-WX6#KMzH(CPYeDxR*8x8?QV`C% zh9Xh$P%Ka|aoV6Gsiq^guh%_j>ZXW;!+Xuhyf|7jS^@k*Tf}7(W4N3m4rPIKxZ^P| z`wy1+!=tpeLo5w;ckbNDhk!_0$JCx8 zm<;)Q8_8U5xlT>c>#^r!*r-2;>!Ma@_St`Ty|P_O6$s^H!op!tWj|0k`ivcn(UdqH zSS28%hY&eR$K`DANG^2U8GC3%FA4Dh7!Q|G-*s&*EtV#^pQ=EIO#uJOv}%6k*eQg2 z%y3A>!`~)O2{);-g_5TAlv}N35MA}<*#K_H2EPqW-Zj>_Dog&aF*kD)hXaq9>Xo?vwze|1a zfKTF?^@$?{=(K)vkgFD2PQRCFhGsqf4qOWiaWt>`Pl)KCgdp-Kz-&BszD#^NK9uO0 zCYw*iJEhv)-7OoxGF)gC+MS}pJm+Ora_(ZyVa7^81%W=8(*!0Wu^z{Gn`(izHX-qR zQDLEs^mkEk6m|o}nO-*U^!M(!U+9wrI%H{Hd>OdfGa2(K0kK3X1zm(S+81tEF>ahq zo%wbFA=jJ?4Gpu+YDS*_4i00M-+2a1N|Ec&tD2=8q(da8A!*wKC@;UoYgBrO>e6RQ z56=%@LT*uNog4LU#CX_#lt1xtW1N8ufVLNFoG@wU_ZZh7%14p_Niz(77`d&ajC_PJ zPvUqPd7Iol2KoDqjSsMN1%_?aF&OhqbQxk$Y#Z79wU9Lq5FS}r1PaO)*-Eyk7l@Kf z8cM<9t&A>W`T6Ow)2BnB>f^<$dS$Al?-u{*(^)2Sm%x}L0Sp&ty+o720@SbLfg;*^ zb+y*|NA2U(^z@ibx^N*xApGBCr3kr#4KePkkN?AaL*%Z`5A~xZUrn|(aw&~!pCh#sAtPDaZBFDsMJ5AM}i+eH>F&H63KJONP$0~ zyego5*1ktD_rJ)v&9)b({J&|rov4x~>6Zo_tFEu?x?bDg>Z^gyIm^vI6Y@?f)P#CS z4TB$BvLl0KPE)aWbHDi1#Pxs^m>wuOJ<$lYt|m`W-6Dm7fdQ$;~$ z0vG1^*ufuR>ENOy+!qS~ES4Oead7PjNdEulFR7iN;bhvO+8B`x zC30psU=(nuvZI`|PvtlErFnNof48v)tB##V@kO06Lz!;8U7;~xOy&J+gJpGtHAh)u z7s__o8#k(kNsJ_xB*`W%tc4;qL3QUv+xj}i{pj&2N9sSQrsLQruBWRc3}Q!WOgO~Z&J*S+eZfpx5~RwSXObE zZ`|fk*HNd1MbY|rxpK<>sZVP-0Ri&JjecVqV{${`gX(#xo5&lPkz69DHjKi2l%O6E z<2%&oki>SjuhEyNssNAUMz0Npd-);T1GMfmx9D%1VaI_Z#eTU+U(VgnJtnsjQ00<- zgo&!$4808J6lvQ+v(Qk=#zVbIReIz%gk2!lRaYIT9w4GerjS?RRlN#IjuMB^l(59) zw8<;g5XYHxBdLRM^+b4m+Vkh&%#o|S+@DsC8t9REl-TI1Bqm|Cvwa;ph~Nws`v7h+Xoi#6b$6gp+zF{ z_VxPTJ2wqz=pyq1&Wt6(-lBl;Q9Vn}4-o06MUTGt4cTA>ysmlaY)-=us|=$4ZfD&^1TKP( zkH<5T(nz**d}6By7U~}La!s)WGlHl_1P!~aKjNQp8b9^E-f)sUI#~l6UYxP3`Yxr4 z@}V)ImbnWe#I=Zs^da*!3(Fh*sxyqWzWLAoPC>^B(DFLm^aLkoCtWt<*Q68k^333e zTmeq$+%IyT+MY6?K^J~0;lTa`z9`k<)~EQz(K{F%)8>I;-(zqESvw9Ti5y&;xJ^vw zLFfzit8M8OaFd+L`iKLy$jVPuBJTr=!GirEhzwfLD%cb(TpMq>S1(139#B!R8FQQC z!he$Y-3M z8CB=t-wlxM_x}iP))uCnq)~V7i%oH=MjRbf?1+j)}uZQNp4;~2$&!oD?fljp`@@; zQN1gon115!lr}YiN<$Zk!m$O2km%?5EF3Q`T+wvP2_#Yh-Vz87lwKdC={Jv4saK!kSkg&Maz zO(`tV0;XW~cn-~jx4;IlmPZyE0=C-77p*hUgh+*-gj>(+HHF87K|8SHTr~^?UlNIQ zE3DqIx$aR2_$jQ8x!+;LY+|JM_;}jgfOs%tbS6s;Jz<8#Me&hI?d2Nj2uOz*{f3ts zuBKjnCVGW+=KSq*V3D|%hE~*Vd1sIO<>Nne0?f&;o)XUkH6i3u*l?T@L;3-X!5!L_ zWTfdp$3dy`CT$Ul-V}%;sd_?2$WyBK2NH}X`#b7=Gsw{-^0}ZBg)_3A;1HRgd7zp= z{)kOTlOmtJybYVJ$`!qCeg&o#K(`nnXQ*Oh1=vqjIg)@!03A>@q$h}xPF)mJYWdC0 zM*}*KRRL6>Mf|mWe83(xLEforQ!_nbk&s|LgR9mZ2qLp?kvJ$|FL8AZiNq2`{ZR8@ z6-0rdWqN{ybI^6A@oAsi)Z`gIg^M5|E`9o%1qY9_5~N6gtca>tFt?C-s;z;~Xu6&P zo)hHY$oe)FF`zC6E4BEk&&Ld_h~ncS(I}XLK7AHB& + + + + + + + image/svg+xml + + + + + + + + + + + + sec-certs + + diff --git a/docs/api/dataset.md b/docs/api/dataset.md index 71ed9f76..714b3a79 100644 --- a/docs/api/dataset.md +++ b/docs/api/dataset.md @@ -8,7 +8,7 @@ This documentation doesn't provide full API reference for all members of `dataset` package. Instead, it concentrates on the Dataset that are immediately exposed to the users. Namely, we focus on `CCDataset`, `FIPSDataset` and their abstract base class `Dataset`. ```{tip} -The examples related to this package can be found at [common criteria notebook](./../notebooks/examples/cc.ipynb) and [fips notebook](./../notebooks/examples/fips.ipynb). +The examples related to this package can be found in the [common criteria notebook](./../notebooks/examples/cc.ipynb) and the [fips notebook](./../notebooks/examples/fips.ipynb). ``` ## CCDataset diff --git a/docs/api/model.md b/docs/api/model.md index ba8ca387..dc040ab9 100644 --- a/docs/api/model.md +++ b/docs/api/model.md @@ -6,7 +6,7 @@ ``` ```{tip} -The examples related to this package can be found at [model notebook](./../notebooks/examples/model.ipynb). +The examples related to this package can be found in the [model notebook](./../notebooks/examples/model.ipynb). ``` ## CPEClassifier diff --git a/docs/api/sample.md b/docs/api/sample.md index fe46a4a1..e404fd47 100644 --- a/docs/api/sample.md +++ b/docs/api/sample.md @@ -6,7 +6,7 @@ ``` ```{tip} -The examples related to this package can be found at [common criteria notebook](./../notebooks/examples/cc.ipynb) and [fips notebook](./../notebooks/examples/fips.ipynb). +The examples related to this package can be found in the [common criteria notebook](./../notebooks/examples/cc.ipynb) and the [fips notebook](./../notebooks/examples/fips.ipynb). ``` ## CCCertificate diff --git a/docs/conf.py b/docs/conf.py index f21ee733..ecfc0e7f 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -17,9 +17,9 @@ # -- Project information ----------------------------------------------------- +author = "CRoCS MUNI" project = "sec-certs" -copyright = "Anonymized | 2020-2023" -# copyright = "CRoCS MUNI | 2020-2023" +copyright = "CRoCS MUNI | 2020-2024" # Note thas this inference won't work from Docker: https://github.com/pypa/setuptools_scm/#usage-from-docker release = ".".join(get_version("sec-certs").split(".")[:3]) @@ -61,7 +61,7 @@ html_static_path = ["_static"] html_logo = "_static/logo.png" -html_favicon = "_static/logo_badge.png" +html_favicon = "_static/favicon.png" html_theme_options = { "repository_url": "https://github.com/crocs-muni/sec-certs", diff --git a/docs/index.md b/docs/index.md index cb204514..f9793343 100644 --- a/docs/index.md +++ b/docs/index.md @@ -2,7 +2,7 @@ Welcome to the technical documentation of *sec-certs* tool for the data analysis of products certified with Common Criteria or FIPS 140 frameworks. If you're looking for general description of the tool, its use cases and capabilites, we refer you to [sec-certs homepage](https://sec-certs.org/). If you are looking for more advanced knowledge, e.g. how to mine your own data, how to extend the tool, and so forth, this is the right place. -There are three main parts of this documentation. *User's guide* describes high-level use of our tool. Driven by this knowledge, you can progress to *Notebook examples* that showcase some of the API that we use in the form of Jupyter notebooks. The documentation also contains some of the modules documented with `autodoc`, see *API reference*. Still, some dark corners of our codebase are not documented. To inspect the code directly, see the [sec_certs](https://github.com/crocs-muni/sec-certs/tree/main/src/sec_certs) module. If you want, you can run the notebooks as they are stored in the [project repository](https://github.com/crocs-muni/sec-certs/tree/main/notebooks). If you are interested in contributing to our project or in other aspects of our development, you can consult the relevant *GitHub artifacts* +There are three main parts of this documentation. *Quickstart* describes high-level use of our tool. Driven by this knowledge, you can progress to *Notebook examples* that showcase some of the API that we use in the form of Jupyter notebooks. The documentation also contains some of the modules documented with `autodoc`, see *API reference*. Still, some dark corners of our codebase are not documented. To inspect the code directly, see the [sec_certs](https://github.com/crocs-muni/sec-certs/tree/main/src/sec_certs) module. If you want, you can run the notebooks as they are stored in the [project repository](https://github.com/crocs-muni/sec-certs/tree/main/notebooks). If you are interested in contributing to our project or in other aspects of our development, you can consult the relevant *GitHub artifacts*. ```{button-ref} quickstart :align: center @@ -21,7 +21,7 @@ Each of the notebooks can be launched interactively in MyBinder by clicking on :maxdepth: 1 Sec-certs homepage Sec-certs docs -GitHub repo +GitHub repo ``` ```{toctree} @@ -32,18 +32,19 @@ installation.md quickstart.md configuration.md user_guide.md +search_examples.md ``` ```{toctree} :caption: Notebook examples :hidden: True :maxdepth: 1 -notebooks/examples/est_solution.ipynb -notebooks/examples/cc.ipynb -notebooks/examples/fips.ipynb -notebooks/examples/model.ipynb -notebooks/examples/fips_iut.ipynb -notebooks/examples/fips_mip.ipynb +Demo +Common Criteria +FIPS-140 +FIPS-140 IUT +FIPS-140 MIP +Model ``` ```{toctree} @@ -59,7 +60,7 @@ api/model.md :maxdepth: 1 :hidden: True :caption: GitHub artifacts -readme.md +README contributing.md code_of_conduct.md license.md diff --git a/docs/search_examples.md b/docs/search_examples.md new file mode 100644 index 00000000..0160cce4 --- /dev/null +++ b/docs/search_examples.md @@ -0,0 +1,91 @@ +# Search examples + +The goal is to provide a curated catalog of search strings over Common Criteria and FIPS-140 +certification artifacts executed on the [sec-certs](https://sec-certs.org) webpage. + + +| {fas}`people-group` | You are encouraged to contribute - please create a pull request and insert an entry into a suitable section **lexicographically**. Thank you! | +|------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------| + +The sec-certs started in 2019 with the goal of providing automatic processing of certification artifacts. +The extensive collection of keyword search regex strings is already included by the project in +[rules.yml](https://github.com/crocs-muni/sec-certs/blob/main/src/sec_certs/rules.yaml) file. +Custom full text and title-only searches are additionally possible via the web interface. +This document provides a list of read-to-use *aggregated* search strings for different domains +using [Whoosh query language](https://whoosh.readthedocs.io/en/latest/querylang.html). +If you will find this list helpful, please consider citing our work as: +```latex +@article{sec-certs, + title = {sec-certs: Examining the security certification practice for better vulnerability mitigation}, + journal = {Computers & Security}, + volume = {143}, + year = {2024}, + issn = {0167-4048}, + doi = {10.1016/j.cose.2024.103895}, + url = {https://www.sciencedirect.com/science/article/pii/S0167404824001974}, + author = {Adam Janovsky and Jan Jancar and Petr Svenda and Łukasz Chmielewski and Jiri Michalik and Vashek Matyas}, + keywords = {Security certification, Common criteria, Vulnerability assessment, Data analysis, Smartcards} +} +``` + +### Format and notation +> **Search string goal: Common Criteria** (hyperlinked to search on sec-certs.org page) **( {fas}`network-wired` )**(result of search visualized in graph of references)**, FIPS-140 ( {fas}`network-wired` )** +>
+> `whole search string` (for manual cut&paste) +>
+> Short description of search string targeted domain, expected results and interpretation. + +````{warning} +False positives may be present, always check the actual certification document as +search hit may still be 'out of ToE scope', with 'no security functionality claimed' etc. +```` + +--- + +## Cryptographic capabilities + +### Multi-party security +- Multi-party security use: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), [FIPS-140](https://sec-certs.org/fips/ftsearch/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdef&status=Any&type=any) ([{fas}`network-wired`](https://sec-certs.org/fips/network/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdef&status=Any&type=any&search=fulltext)) +
+ ```"multiparty" OR "SMPC" OR "Multi-Party" OR "FROST"``` +
+Certificates mentioning generically any multiparty execution, hopefully in security or even cryptographic context. + + +### Post-quantum cryptography +- Post-quantum algorithms support: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), [FIPS-140](https://sec-certs.org/fips/ftsearch/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdef&status=Any&type=any) ([{fas}`network-wired`](https://sec-certs.org/fips/network/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdef&status=Any&type=any&search=fulltext)) +
+ ```"post quantum" OR "post-quantum" OR "PQC" OR "KYBER" OR "SPHINCS" OR "NTRU" OR "XMSS" OR "LWE" OR "CSIDH" OR "BLISS" OR "RLCE" OR "McEliece" OR "CRYSTALS" OR "Dilithium"``` +
+Certificates mentioning post-quantum cryptographic algorithms support. + +## Vulnerabilites assesment + +### ROCA vulnerability +ROCA [CVE-2017-15361](https://nvd.nist.gov/vuln/detail/CVE-2017-15361) is private key recovery vulnerability present in Infineon RSALib library used by smartcard and TPM devices between roughly 2004 and 2017. More details available [here](https://crocs.fi.muni.cz/papers/rsa_ccs17). + +- ROCA-vulnerable Infineon RSALib library v1.02.013: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140 +
+ ```"v1.02.013"``` +
+Certificates mentioning confirmed vulnerable version of Infineon RSALib 1.02.013 library. + +- ROCA-vulnerable Infineon RSALib library and similar (wildcard) v1.02.0??: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=v1.02.0*&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=v1.02.0*&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140 +
+ ```v1.02.0*``` +
+Certificates mentioning Infineon RSALib 1.02.013 and other similar library versions. Versions v1.02.008, v1.02.010, v1.02.014 possibly also vulnerable. + +- ROCA-vulnerable (likely) Infineon RSALib libraries other than v1.02.013: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=v1.02.0*%20NOT%20%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=v1.02.0*%20NOT%20%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140 +
+ ```v1.02.0* NOT "v1.02.013"``` +
+Certificates mentioning posibly vulnerable RSALib version other than v1.02.013. Versions v1.02.008, v1.02.010, v1.02.014 possibly also vulnerable. + +- Certificate IDs from Austria report 163484: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22BSI-DSZ-CC-0833-2013%22%20OR%20%22BSI-DSZ-CC-0921-2014%22%20OR%20%22BSI-DSZ-CC-0782-2012%22%20OR%20%22BSI-DSZ-CC-0758-2012%22%20OR%20%22ANSSI-CC-2013%2F55%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22BSI-DSZ-CC-0833-2013%22%20OR%20%22BSI-DSZ-CC-0921-2014%22%20OR%20%22BSI-DSZ-CC-0782-2012%22%20OR%20%22BSI-DSZ-CC-0758-2012%22%20OR%20%22ANSSI-CC-2013%2F55%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140 +
+ ```"BSI-DSZ-CC-0833-2013" OR "BSI-DSZ-CC-0921-2014" OR "BSI-DSZ-CC-0782-2012" OR "BSI-DSZ-CC-0758-2012" OR "ANSSI-CC-2013/55"``` +
+Certificates mentioning certificate IDs directly or indirectly mentioned in [Austria report 163484](https://archive.org/details/incident-report-id-163484-austria) related to Estonian eID platform (ANSSI-CC-2013/55). + +## Unsorted diff --git a/docs/user_guide.md b/docs/user_guide.md index 8b137891..9d330c6c 100644 --- a/docs/user_guide.md +++ b/docs/user_guide.md @@ -1 +1,34 @@ +# Advanced user's guide +```{important} +This guide is in the making. +``` + +## NVD datasets + +Our tool matches certificates to their possible CVEs using datasets downloaded from [National Vulnerability Database (NVD)](https://nvd.nist.gov). If you're fully processing the `CCDataset` or `FIPSDataset` by yourself, you must somehow obtain the NVD datasets. + +Our tool can seamlessly download the required NVD datasets when needed. We support two download mechanisms: + +1. Fetching datasets with the [NVD API](https://nvd.nist.gov/developers/start-here) (preferred way). +1. Fetching snapshots from seccerts.org. + +The following two keys control the behaviour: + +```yaml +preferred_source_nvd_datasets: "api" # set to "sec-certs" to fetch them from sec-certs.org +nvd_api_key: null # or the actual key value +``` + +If you aim to fetch the sources from NVD, we advise you to get an [NVD API key](https://nvd.nist.gov/developers/request-an-api-key) and set the `nvd_api_key` setting accordingly. The download from NVD will work even without API key, it will just be slow. No API key is needed when `preferred_source_nvd_datasets: "sec-certs"` + + +## Inferring inter-certificate reference context + +```{important} +This is an experimental feature. +``` + +We provide a model that can predict the context of inter-certificate references based on the text embedded in the artifacts. The model output is not incorporated into the `CCCertificate` instances, but can be dumped into a `.csv` file from where it can be correlated with a DataFrame of certificate features. + +To train and deploy the model, it should be sufficient to change some paths and run the [prediction notebook](https://github.com/crocs-muni/sec-certs/blob/main/notebooks/cc/reference_annotations/prediction.ipynb). The output of this notebook is a `prediction.csv` file that can be loaded into the [references notebook](https://github.com/crocs-muni/sec-certs/blob/main/notebooks/cc/references.ipynb). This notebook documents the full analysis of references conducted on the Common Criteria certificates. Among others, the notebook generates some further `.csv` files that can subsequently be plotted via [plotting notebook](https://github.com/crocs-muni/sec-certs/blob/main/notebooks/cc/paper2_plots.ipynb). diff --git a/notebooks/cc/chain_of_trust_plots.ipynb b/notebooks/cc/chain_of_trust_plots.ipynb index 1a3662af..708502a8 100644 --- a/notebooks/cc/chain_of_trust_plots.ipynb +++ b/notebooks/cc/chain_of_trust_plots.ipynb @@ -1,5 +1,10 @@ { "cells": [ + { + "metadata": {}, + "cell_type": "markdown", + "source": "# Plots from the \"Chain of Trust\" paper" + }, { "cell_type": "code", "execution_count": 6, diff --git a/notebooks/cc/scheme_eval.ipynb b/notebooks/cc/scheme_eval.ipynb new file mode 100644 index 00000000..7ffc6f16 --- /dev/null +++ b/notebooks/cc/scheme_eval.ipynb @@ -0,0 +1,295 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "id": "10337a8316f35aeb", + "metadata": {}, + "source": [ + "# Scheme data matching evaluation\n", + "This notebook evaluates the performance of matching the data extracted from scheme websites to data from the commoncriteriaportal." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "initial_id", + "metadata": {}, + "outputs": [], + "source": [ + "import pandas as pd\n", + "from pprint import pprint\n", + "from tqdm.auto import trange, tqdm\n", + "\n", + "from sec_certs.dataset import CCDataset, CCSchemeDataset\n", + "from sec_certs.model import CCSchemeMatcher\n", + "from sec_certs.sample.cc_certificate_id import canonicalize\n", + "from sec_certs.sample.cc_scheme import CCScheme, EntryType\n", + "from sec_certs.configuration import config" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "1fccbff4e5cee78a", + "metadata": {}, + "outputs": [], + "source": [ + "dset = CCDataset.from_json(\"../../dset.json\")" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "2d711cd0bebf1daa", + "metadata": {}, + "outputs": [], + "source": [ + "schemes = CCSchemeDataset.from_json(\"../../schemes_new.json\")\n", + "#schemes = CCSchemeDataset.from_web(enhanced=True)\n", + "#schemes.to_json(\"../../schemes_new.json\")" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "b5470ec4719da0d9", + "metadata": {}, + "outputs": [], + "source": [ + "dset.auxiliary_datasets.scheme_dset = schemes\n", + "\n", + "count_was = 0\n", + "count_is = 0\n", + "for cert in dset:\n", + " if cert.heuristics.scheme_data is not None:\n", + " count_was += 1\n", + " cert.heuristics.old_scheme_data = cert.heuristics.scheme_data\n", + " cert.heuristics.scheme_data = None\n", + "dset._compute_scheme_data()\n", + "for cert in dset:\n", + " if cert.heuristics.scheme_data is not None:\n", + " count_is += 1\n", + "print(count_was, count_is)" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "4d6b6db4956b4774", + "metadata": {}, + "outputs": [], + "source": [ + "def build_df(dset):\n", + " df = pd.DataFrame([(cert.scheme, cert.name, cert.manufacturer, cert.status, cert.heuristics.cert_id, cert.not_valid_before, cert.heuristics.scheme_data) for cert in dset],\n", + " columns=[\"scheme\", \"name\", \"vendor\", \"status\", \"cert_id\", \"cert_date\", \"scheme_data\"])\n", + " df[\"scheme_cert_id\"] = df[\"scheme_data\"].map(lambda data: (data.get(\"cert_id\") or data.get(\"enhanced\", {}).get(\"cert_id\")) if data else None)\n", + " def try_canonicalize(cert_id, scheme):\n", + " try:\n", + " return canonicalize(cert_id, scheme)\n", + " except:\n", + " return None\n", + " df[\"scheme_cert_id_canonical\"] = df.apply(lambda x: try_canonicalize(x[\"scheme_cert_id\"], x[\"scheme\"]), axis=1)\n", + " def get_from_entry(entry, *keys: str):\n", + " if e := entry.get(\"enhanced\"):\n", + " for key in keys:\n", + " if val := e.get(key):\n", + " return val\n", + " for key in keys:\n", + " if val := entry.get(key):\n", + " return val\n", + " return None\n", + " df[\"scheme_cert_date\"] = df[\"scheme_data\"].map(lambda data: get_from_entry(data, \"certification_date\") if data else None)\n", + " return df" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "89cbf34713ce6c6a", + "metadata": {}, + "outputs": [], + "source": [ + "df = build_df(dset)" + ] + }, + { + "cell_type": "markdown", + "id": "8a7976ae31969150", + "metadata": {}, + "source": [ + "## Evaluate all schemes" + ] + }, + { + "cell_type": "markdown", + "id": "f2e5c8d5-e08a-4fb9-919a-4de0718f5de5", + "metadata": {}, + "source": [ + "Let's look at how the threshold setting changes the match rate." + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "e8a7140f3738166f", + "metadata": { + "scrolled": true + }, + "outputs": [], + "source": [ + "original_threshold = config.cc_matching_threshold\n", + "thresholds = list(range(100, -10, -10))\n", + "rates = {}\n", + "dfs = {}\n", + "for threshold in tqdm(thresholds):\n", + " config.cc_matching_threshold = threshold\n", + " for cert in dset:\n", + " cert.heuristics.scheme_data = None\n", + " dset._compute_scheme_data()\n", + " count = 0\n", + " for cert in dset:\n", + " if cert.heuristics.scheme_data is not None:\n", + " count += 1\n", + " print(f\"Threshold: {threshold}\")\n", + " print(f\"Assigned count: {count}\")\n", + " df = build_df(dset)\n", + " dfs[threshold] = df\n", + " for scheme in schemes:\n", + " country = scheme.country\n", + " total = df[df[\"scheme\"] == country]\n", + " assigned = df[(df[\"scheme\"] == country) & df[\"scheme_data\"].notnull()]\n", + " rate = len(assigned)/len(total) * 100 if len(total) != 0 else 0\n", + " rate_list = rates.setdefault(country, [])\n", + " rate_list.append(rate)\n", + " \n", + " print(f\"{country}: {len(assigned)} assigned out of {len(total)} -> {rate:.1f}%\")\n", + " total_active = total[total[\"status\"] == \"active\"]\n", + " assigned_active = assigned[assigned[\"status\"] == \"active\"]\n", + " print(f\"\\t- active: {len(assigned_active)} out of {len(total_active)}, entries: {len(scheme.lists.get(EntryType.Certified, []))}\")\n", + " total_archived = total[total[\"status\"] == \"archived\"]\n", + " assigned_archived = assigned[assigned[\"status\"] == \"archived\"]\n", + " print(f\"\\t- archived: {len(assigned_archived)} out of {len(total_archived)}, entries: {len(scheme.lists.get(EntryType.Archived, []))}\")\n", + " print()\n", + "\n", + "config.cc_matching_threshold = original_threshold" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "05ef5991-1b3f-4fd3-9f4b-808ddb51a89f", + "metadata": {}, + "outputs": [], + "source": [ + "%matplotlib inline\n", + "from matplotlib import pyplot as plt\n", + "from itertools import cycle\n", + "\n", + "lines = [\"-\",\"--\",\"-.\",\":\"]\n", + "linecycler = cycle(lines)\n", + "\n", + "fig, ax = plt.subplots(figsize=(12,4))\n", + "for scheme in schemes:\n", + " ax.plot(thresholds, rates[scheme.country], next(linecycler), label=scheme.country)\n", + "ax.legend(bbox_to_anchor=(1.04, 1), loc=\"upper left\");" + ] + }, + { + "cell_type": "markdown", + "id": "62df8d488e204ac2", + "metadata": {}, + "source": [ + "## Evaluate a scheme" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "ab0d21164906fe3f", + "metadata": {}, + "outputs": [], + "source": [ + "scheme = \"DE\"\n", + "threshold = 70\n", + "df = dfs[threshold]\n", + "df[df[\"scheme\"] == scheme].sample(10)" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "709598fe26cc4371", + "metadata": { + "scrolled": true + }, + "outputs": [], + "source": [ + "un_df = pd.DataFrame(schemes[scheme].lists[EntryType.Certified])\n", + "un_df" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "11c70f74ce9c4d56", + "metadata": {}, + "outputs": [], + "source": [ + "sd = list(df[\"scheme_data\"])\n", + "unmatched_certs = [cert for cert in dset if cert.scheme == scheme and cert.heuristics.scheme_data is None and cert.status == \"active\"]\n", + "unmatched_entries = [entry for entry in schemes[scheme].lists[EntryType.Certified] if entry not in sd]\n", + "matches = CCSchemeMatcher.match_all(unmatched_entries, scheme, unmatched_certs)\n", + "matches" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "f5fa79176664dac8", + "metadata": {}, + "outputs": [], + "source": [ + "pd.DataFrame([cert.pandas_tuple[:5] for cert in unmatched_certs])" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "95a6e048e53601c7", + "metadata": {}, + "outputs": [], + "source": [ + "pd.DataFrame(unmatched_entries)" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "ff67f13e-bf99-4ba5-bef0-37c85dd3e2c8", + "metadata": {}, + "outputs": [], + "source": [] + } + ], + "metadata": { + "kernelspec": { + "display_name": "Python 3 (ipykernel)", + "language": "python", + "name": "python3" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.12.7" + } + }, + "nbformat": 4, + "nbformat_minor": 5 +} diff --git a/notebooks/cc/temporal_trends.ipynb b/notebooks/cc/temporal_trends.ipynb index 5e377572..16cbc162 100644 --- a/notebooks/cc/temporal_trends.ipynb +++ b/notebooks/cc/temporal_trends.ipynb @@ -1,5 +1,10 @@ { "cells": [ + { + "metadata": {}, + "cell_type": "markdown", + "source": "# Temporal trends in the CC ecosystem" + }, { "cell_type": "code", "execution_count": 1, diff --git a/notebooks/cc/vulnerabilities.ipynb b/notebooks/cc/vulnerabilities.ipynb index 315f35a8..176b3e69 100644 --- a/notebooks/cc/vulnerabilities.ipynb +++ b/notebooks/cc/vulnerabilities.ipynb @@ -81,18 +81,16 @@ "cpe_dset: CPEDataset = CPEDataset.from_json(\"/path/to/cpe_dataset.json\")\n", "\n", "# # Remote instantiation (takes approx. 10 minutes to complete)\n", - "# with tempfile.TemporaryDirectory() as tmp_dir:\n", - "# dset: CCDataset = CCDataset.from_web_latest()\n", - "# dset.root_dir = tmp_dir\n", + "# dset: CCDataset = CCDataset.from_web_latest(path=\"dset\", auxiliary_datasets=True)\n", "\n", - "# print(\"Downloading dataset of maintenance updates\")\n", - "# main_dset: CCDatasetMaintenanceUpdates = CCDatasetMaintenanceUpdates.from_web_latest()\n", + "# print(\"Downloading dataset of maintenance updates\")\n", + "# main_dset: CCDatasetMaintenanceUpdates = CCDatasetMaintenanceUpdates.from_web_latest()\n", "\n", - "# print(\"Downloading CPE dataset\")\n", - "# cpe_dset: CPEDataset = dset._prepare_cpe_dataset()\n", + "# print(\"Downloading CPE dataset\")\n", + "# cpe_dset: CPEDataset = dset.auxiliary_datasets.cpe_dset\n", "\n", - "# print(\"Downloading CVE dataset\")\n", - "# cve_dset: CVEDataset = dset._prepare_cve_dataset()" + "# print(\"Downloading CVE dataset\")\n", + "# cve_dset: CVEDataset = dset.auxiliary_datasets.cve_dset" ] }, { diff --git a/notebooks/examples/cc.ipynb b/notebooks/examples/cc.ipynb index fe53be27..84308596 100644 --- a/notebooks/examples/cc.ipynb +++ b/notebooks/examples/cc.ipynb @@ -9,7 +9,9 @@ "\n", "This notebook illustrates basic functionality with the `CCDataset` class that holds Common Criteria dataset and of its sample `CCCertificate`.\n", "\n", - "Note that there exists a front end to this functionality at [seccerts.org/cc](https://seccerts.org/cc/). Before reinventing the wheel, it's good idea to check our web. Maybe you don't even need to run the code, but just use our web instead. " + "Note that there exists a front end to this functionality at [sec-certs.org/cc](https://sec-certs.org/cc/). Before reinventing the wheel, it's good idea to check our web. Maybe you don't even need to run the code, but just use our web instead. \n", + "\n", + "For full API documentation of the `CCDataset` class go to the [dataset](../../api/dataset) docs." ] }, { @@ -129,7 +131,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "## Dissect single certificate\n", + "## Dissect a single certificate\n", "\n", "The `CCCertificate` is basically a data structure that holds all the data we keep about a certificate. Other classes (`CCDataset` or `model` package members) are used to transform and process the certificates. You can see all its attributes at [API docs](https://seccerts.org/docs/api/sample.html)." ] @@ -207,9 +209,11 @@ "source": [ "## Create new dataset and fully process it\n", "\n", - "The following piece of code roughly corresponds to `$ cc-certs all` CLI command -- it fully processes the CC pipeline. This will create a folder in current working directory where the outputs will be stored. \n", + "The following piece of code roughly corresponds to `$ sec-certs cc all` CLI command -- it fully processes the CC pipeline. This will create a folder in current working directory where the outputs will be stored. \n", "\n", - "*Warning*: It's not good idea to run this from notebook. It may take several hours to finnish. We recommend using `from_web_latest()` or turning this into a Python script." + "```{warning}\n", + "It's not good idea to run this from notebook. It may take several hours to finish. We recommend using `from_web_latest()` or turning this into a Python script.\n", + "```" ] }, { @@ -220,11 +224,34 @@ "source": [ "dset = CCDataset()\n", "dset.get_certs_from_web()\n", - "dset.process_auxillary_datasets()\n", + "dset.process_auxiliary_datasets()\n", "dset.download_all_artifacts()\n", "dset.convert_all_pdfs()\n", "dset.analyze_certificates()" ] + }, + { + "metadata": {}, + "cell_type": "markdown", + "source": [ + "## Advanced usage\n", + "There are more notebooks available showcasing more advanced usage of the tool.\n", + "\n", + "```{toctree}\n", + ":caption: Other\n", + ":hidden: True\n", + ":maxdepth: 1\n", + "Temporal trends <../cc/temporal_trends.ipynb>\n", + "Vulnerabilities <../cc/vulnerabilities.ipynb>\n", + "References <../cc/references.ipynb>\n", + "Chain of Trust paper <../cc/chain_of_trust_plots.ipynb>\n", + "```\n", + "\n", + " - Examine [temporal trends](../cc/temporal_trends.ipynb) in the CC ecosystem.\n", + " - Analyze [vulnerabilities](../cc/vulnerabilities.ipynb) of CC certified items.\n", + " - Study [references](../cc/references.ipynb) between CC certificates.\n", + " - Reproduce the plots from our [Chain of Trust](../cc/chain_of_trust_plots.ipynb) paper." + ] } ], "metadata": { diff --git a/notebooks/examples/est_solution.ipynb b/notebooks/examples/est_solution.ipynb index d7f507f8..fd0f98fd 100644 --- a/notebooks/examples/est_solution.ipynb +++ b/notebooks/examples/est_solution.ipynb @@ -5,11 +5,11 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "## sec-certs Python API demo\n", + "# sec-certs Python API demo\n", "\n", "In this demo, we will:\n", "1. Fetch the fully processed dataset from our web\n", - "2. Turn the dataset into a [pandas](pandas.pydata.org/) dataframe -- a data structure suitable for further data analysis.\n", + "2. Turn the dataset into a [pandas](https://pandas.pydata.org/) dataframe -- a data structure suitable for further data analysis.\n", "3. Filter the dataset to certificates of our interest\n", "4. Explore various attrributes of a dataset and its individual certificate\n", "5. Learn how to go from a single vulnerability to all certificates that *may suffer* from the vulnerability\n", @@ -80,9 +80,7 @@ "attachments": {}, "cell_type": "markdown", "metadata": {}, - "source": [ - "## 2. Turn the dataset into a [pandas](pandas.pydata.org/) dataframe -- a data structure suitable for further data analysis." - ] + "source": "## 2. Turn the dataset into a [pandas](https://pandas.pydata.org/) dataframe -- a data structure suitable for further data analysis." }, { "cell_type": "code", diff --git a/notebooks/examples/fips.ipynb b/notebooks/examples/fips.ipynb index 6d9edee4..54849f83 100644 --- a/notebooks/examples/fips.ipynb +++ b/notebooks/examples/fips.ipynb @@ -4,9 +4,15 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "# FIPS Dataset class\n", + "# FIPS-140 example\n", "\n", - "This notebook illustrates basic functionality with the `FIPSDataset` class that holds FIPS 140 dataset" + "This notebook illustrates basic functionality with the `FIPSDataset` class that holds FIPS 140 dataset.\n", + "\n", + "Note that there exists a front end to this functionality at [sec-certs.org/fips](https://sec-certs.org/fips/). Before reinventing the wheel, it's good idea to check our web. Maybe you don't even need to run the code, but just use our web instead. \n", + "\n", + "For full API documentation of the `FIPSDataset` class go to the [dataset](../../api/dataset) docs.\n", + "\n", + "If you would like to examine the FIPS-140 \"Implementations Under Test\" or \"Modules In Process\" queues, check out the [FIPS IUT](fips_iut.ipynb) and [FIPS MIP](fips_mip.ipynb) example notebooks." ] }, { @@ -81,9 +87,7 @@ { "cell_type": "markdown", "metadata": {}, - "source": [ - "## Dissect single certificate" - ] + "source": "## Dissect a single certificate" }, { "cell_type": "code", @@ -123,7 +127,9 @@ "source": [ "## Create new dataset and fully process it\n", "\n", - "*Warning*: It's not good idea to run this from notebook. It may take several hours to finnish. We recommend using `from_web_latest()` or turning this into a Python script." + "```{warning}\n", + "It's not good idea to run this from notebook. It may take several hours to finish. We recommend using `from_web_latest()` or turning this into a Python script.\n", + "```" ] }, { @@ -134,11 +140,34 @@ "source": [ "dset = FIPSDataset()\n", "dset.get_certs_from_web()\n", - "dset.process_auxillary_datasets()\n", + "dset.process_auxiliary_datasets()\n", "dset.download_all_artifacts()\n", "dset.convert_all_pdfs()\n", "dset.analyze_certificates()" ] + }, + { + "metadata": {}, + "cell_type": "markdown", + "source": [ + "## Advanced usage\n", + "There are more notebooks available showcasing more advanced usage of the tool.\n", + "\n", + "```{toctree}\n", + ":caption: Other\n", + ":hidden: True\n", + ":maxdepth: 1\n", + "Temporal trends <../fips/temporal_trends.ipynb>\n", + "Vulnerabilities <../fips/vulnerabilities.ipynb>\n", + "References <../fips/references.ipynb>\n", + "IUT and MIP <../fips/in_process.ipynb>\n", + "```\n", + "\n", + " - Examine [temporal trends](../fips/temporal_trends.ipynb) in the FIPS-140 ecosystem.\n", + " - Analyze [vulnerabilities](../fips/vulnerabilities.ipynb) of FIPS-140 certified items.\n", + " - Study [references](../fips/references.ipynb) between FIPS-140 certificates.\n", + " - Analyze the FIPS-140 [IUT and MIP](../fips/in_process.ipynb) queues." + ] } ], "metadata": { diff --git a/notebooks/examples/fips_iut.ipynb b/notebooks/examples/fips_iut.ipynb index 506c114f..738020bc 100644 --- a/notebooks/examples/fips_iut.ipynb +++ b/notebooks/examples/fips_iut.ipynb @@ -4,7 +4,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "## FIPS 'Implementation Under Test'\n", + "# FIPS-140 'Implementation Under Test' example\n", "\n", "Functionality to parse FIPS 'Implementation Under Test' webpage. To use, download pages from the URL: [https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/IUT-List](https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/IUT-List)\n", "into a `directory` and name them `fips_iut_.html`.\n", diff --git a/notebooks/examples/fips_mip.ipynb b/notebooks/examples/fips_mip.ipynb index f46ba23a..131a5d98 100644 --- a/notebooks/examples/fips_mip.ipynb +++ b/notebooks/examples/fips_mip.ipynb @@ -4,7 +4,7 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "## FIPS 'Modules In Process'\n", + "# FIPS-140 'Modules In Process' example\n", "\n", "Functionality to parse FIPS 'Modules In Process' webpage. To use, download pages from the URL: [https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/Modules-In-Process-List](https://csrc.nist.gov/Projects/cryptographic-module-validation-program/modules-in-process/Modules-In-Process-List) into a `directory` and name them `fips_mip_.html`.\n", "\n", diff --git a/notebooks/examples/model.ipynb b/notebooks/examples/model.ipynb index 1714364e..e5e8966d 100644 --- a/notebooks/examples/model.ipynb +++ b/notebooks/examples/model.ipynb @@ -4,11 +4,13 @@ "cell_type": "markdown", "metadata": {}, "source": [ - "# Model\n", + "# Model example\n", "\n", "This notebook illustrates basic functionality with the `model` package that apply complex transformations on certificates.\n", "\n", - "*Note*: You probably don't need to use this. Instead, you should use `CCDataset` or `FIPSDataset` classes to handle the transformations for yourself." + "```{note}\n", + "You probably don't need to use this. Instead, you should use `CCDataset` or `FIPSDataset` classes to handle the transformations for yourself.\n", + "```" ] }, { diff --git a/notebooks/fips/in_process.ipynb b/notebooks/fips/in_process.ipynb index 4e0be8cb..fb04ea79 100644 --- a/notebooks/fips/in_process.ipynb +++ b/notebooks/fips/in_process.ipynb @@ -1,5 +1,11 @@ { "cells": [ + { + "metadata": {}, + "cell_type": "markdown", + "source": "# FIPS IUT and MIP queues", + "id": "6212ee2f4518283e" + }, { "cell_type": "code", "execution_count": null, diff --git a/notebooks/fips/temporal_trends.ipynb b/notebooks/fips/temporal_trends.ipynb index 10b28460..2e91a976 100644 --- a/notebooks/fips/temporal_trends.ipynb +++ b/notebooks/fips/temporal_trends.ipynb @@ -1,5 +1,10 @@ { "cells": [ + { + "metadata": {}, + "cell_type": "markdown", + "source": "# Temporal trends in the FIPS-140 ecosystem" + }, { "cell_type": "code", "execution_count": null, diff --git a/notebooks/fips/vulnerabilities.ipynb b/notebooks/fips/vulnerabilities.ipynb index d00cccde..3b3d21e3 100644 --- a/notebooks/fips/vulnerabilities.ipynb +++ b/notebooks/fips/vulnerabilities.ipynb @@ -1,10 +1,21 @@ { "cells": [ + { + "metadata": {}, + "cell_type": "markdown", + "source": "# Vulnerability analysis", + "id": "3a0981d008383c12" + }, { "cell_type": "code", - "execution_count": 17, + "execution_count": null, "id": "41674b9c", - "metadata": {}, + "metadata": { + "ExecuteTime": { + "end_time": "2024-10-17T09:37:51.724995Z", + "start_time": "2024-10-17T09:37:51.033775Z" + } + }, "outputs": [], "source": [ "from sec_certs.dataset.fips import FIPSDataset\n", @@ -21,31 +32,28 @@ }, { "cell_type": "code", - "execution_count": 2, + "execution_count": null, "id": "5ee5dca5", "metadata": {}, - "outputs": [ - { - "name": "stderr", - "output_type": "stream", - "text": [ - "Downloading FIPS dataset: 100%|██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 107M/107M [00:12<00:00, 8.88MB/s]\n", - "100%|██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 21/21 [00:10<00:00, 1.95it/s]\n", - "Building CVEDataset from jsons: 100%|██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 21/21 [00:15<00:00, 1.37it/s]\n", - "parsing cpe matching (by NIST) dictionary: 100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 400508/400508 [00:26<00:00, 15291.66it/s]\n", - "Building-up lookup dictionaries for fast CVE matching: 100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████| 198239/198239 [00:09<00:00, 20313.13it/s]\n" - ] - } - ], + "outputs": [], + "source": [ + "dset = FIPSDataset.from_web_latest(path=\"dset\", auxiliary_datasets=True)" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "be466617-e182-4bec-bdb5-a479703faa50", + "metadata": {}, + "outputs": [], "source": [ - "dset = FIPSDataset.from_web_latest()\n", - "cve_dset: CVEDataset = dset._prepare_cve_dataset()\n", - "cpe_dset: CPEDataset = dset._prepare_cpe_dataset()" + "cve_dset: CVEDataset = dset.auxiliary_datasets.cve_dset\n", + "cpe_dset: CPEDataset = dset.auxiliary_datasets.cpe_dset" ] }, { "cell_type": "code", - "execution_count": 6, + "execution_count": null, "id": "530354be", "metadata": {}, "outputs": [], @@ -62,350 +70,40 @@ }, { "cell_type": "code", - "execution_count": 7, + "execution_count": null, "id": "0bf3a0a5", "metadata": {}, - "outputs": [ - { - "data": { - "text/html": [ - "
\n", - "\n", - "\n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - " \n", - "
cert_idnamestatusstandardtypelevelembodimentdate_validationdate_sunsetalgorithms...st_directly_referenced_byst_indirectly_referenced_byst_directly_referencingst_indirectly_referencingyear_fromn_cvescve_published_datesearliest_cveworst_cve_scoreavg_cve_score
dgst
1a42d5267aba37d7735Datacryptor® SONET/SDH v1.00HistoricalFIPS140-2Hardware2.0Multi Chip Standalone2007-02-06NaT{DSA algorithm # #159 created by None, AES alg......NaNNaNNaNNaN20070NaNNaNNaNNaN
bfa6b4fe534027ca3075Samsung Flash Memory Protector V1.2.1ActiveFIPS140-2Software Hybrid1.0Multi Chip Standalone2017-12-062022-12-05{HMAC algorithm # #3126 created by None, SHS a......NaNNaNNaNNaN20170NaNNaNNaNNaN
3c4ee858b268931a1336Microsoft Windows Server 2008 R2 Cryptographic...HistoricalFIPS140-2Software1.0Multi Chip Standalone2010-08-12NaT{RSA algorithm # #559 created by None, SHS alg......NaNNaNNaNNaN2010316[2012-12-12, 2010-02-10, 2010-02-10, 2010-08-1...2008-04-0810.07.286709
e50b6b02d6d90ddc1766ProxySG 9000-10 [1], 9000-20 [2], 9000-20B [3]...HistoricalFIPS140-2Hardware2.0Multi Chip Standalone2012-07-27NaT{Triple-DES algorithm # #1218 created by None,......NaNNaNNaNNaN20120NaNNaNNaNNaN
377adeb4cd4096ad315Motorola Gold Elite Gateway Secure Card (MGEG SC)HistoricalFIPS140-2Hardware1.0Multi Chip Embedded2003-05-13NaT{Triple-DES algorithm # #82 created by None, A......NaNNaNNaNNaN20030NaNNaNNaNNaN
\n", - "

5 rows × 28 columns

\n", - "
" - ], - "text/plain": [ - " cert_id name \\\n", - "dgst \n", - "1a42d5267aba37d7 735 Datacryptor® SONET/SDH v1.00 \n", - "bfa6b4fe534027ca 3075 Samsung Flash Memory Protector V1.2.1 \n", - "3c4ee858b268931a 1336 Microsoft Windows Server 2008 R2 Cryptographic... \n", - "e50b6b02d6d90ddc 1766 ProxySG 9000-10 [1], 9000-20 [2], 9000-20B [3]... \n", - "377adeb4cd4096ad 315 Motorola Gold Elite Gateway Secure Card (MGEG SC) \n", - "\n", - " status standard type level \\\n", - "dgst \n", - "1a42d5267aba37d7 Historical FIPS140-2 Hardware 2.0 \n", - "bfa6b4fe534027ca Active FIPS140-2 Software Hybrid 1.0 \n", - "3c4ee858b268931a Historical FIPS140-2 Software 1.0 \n", - "e50b6b02d6d90ddc Historical FIPS140-2 Hardware 2.0 \n", - "377adeb4cd4096ad Historical FIPS140-2 Hardware 1.0 \n", - "\n", - " embodiment date_validation date_sunset \\\n", - "dgst \n", - "1a42d5267aba37d7 Multi Chip Standalone 2007-02-06 NaT \n", - "bfa6b4fe534027ca Multi Chip Standalone 2017-12-06 2022-12-05 \n", - "3c4ee858b268931a Multi Chip Standalone 2010-08-12 NaT \n", - "e50b6b02d6d90ddc Multi Chip Standalone 2012-07-27 NaT \n", - "377adeb4cd4096ad Multi Chip Embedded 2003-05-13 NaT \n", - "\n", - " algorithms ... \\\n", - "dgst ... \n", - "1a42d5267aba37d7 {DSA algorithm # #159 created by None, AES alg... ... \n", - "bfa6b4fe534027ca {HMAC algorithm # #3126 created by None, SHS a... ... \n", - "3c4ee858b268931a {RSA algorithm # #559 created by None, SHS alg... ... \n", - "e50b6b02d6d90ddc {Triple-DES algorithm # #1218 created by None,... ... \n", - "377adeb4cd4096ad {Triple-DES algorithm # #82 created by None, A... ... \n", - "\n", - " st_directly_referenced_by st_indirectly_referenced_by \\\n", - "dgst \n", - "1a42d5267aba37d7 NaN NaN \n", - "bfa6b4fe534027ca NaN NaN \n", - "3c4ee858b268931a NaN NaN \n", - "e50b6b02d6d90ddc NaN NaN \n", - "377adeb4cd4096ad NaN NaN \n", - "\n", - " st_directly_referencing st_indirectly_referencing \\\n", - "dgst \n", - "1a42d5267aba37d7 NaN NaN \n", - "bfa6b4fe534027ca NaN NaN \n", - "3c4ee858b268931a NaN NaN \n", - "e50b6b02d6d90ddc NaN NaN \n", - "377adeb4cd4096ad NaN NaN \n", - "\n", - " year_from n_cves \\\n", - "dgst \n", - "1a42d5267aba37d7 2007 0 \n", - "bfa6b4fe534027ca 2017 0 \n", - "3c4ee858b268931a 2010 316 \n", - "e50b6b02d6d90ddc 2012 0 \n", - "377adeb4cd4096ad 2003 0 \n", - "\n", - " cve_published_dates \\\n", - "dgst \n", - "1a42d5267aba37d7 NaN \n", - "bfa6b4fe534027ca NaN \n", - "3c4ee858b268931a [2012-12-12, 2010-02-10, 2010-02-10, 2010-08-1... \n", - "e50b6b02d6d90ddc NaN \n", - "377adeb4cd4096ad NaN \n", - "\n", - " earliest_cve worst_cve_score avg_cve_score \n", - "dgst \n", - "1a42d5267aba37d7 NaN NaN NaN \n", - "bfa6b4fe534027ca NaN NaN NaN \n", - "3c4ee858b268931a 2008-04-08 10.0 7.286709 \n", - "e50b6b02d6d90ddc NaN NaN NaN \n", - "377adeb4cd4096ad NaN NaN NaN \n", - "\n", - "[5 rows x 28 columns]" - ] - }, - "execution_count": 7, - "metadata": {}, - "output_type": "execute_result" - } - ], + "outputs": [], "source": [ "df.head()" ] }, { "cell_type": "code", - "execution_count": 8, + "execution_count": null, "id": "3d33b063", "metadata": {}, - "outputs": [ - { - "data": { - "text/plain": [ - "278" - ] - }, - "execution_count": 8, - "metadata": {}, - "output_type": "execute_result" - } - ], + "outputs": [], "source": [ "len(df_cve_rich)" ] }, { "cell_type": "code", - "execution_count": 9, + "execution_count": null, "id": "aacaf7f7", "metadata": {}, - "outputs": [ - { - "data": { - "text/plain": [ - "513" - ] - }, - "execution_count": 9, - "metadata": {}, - "output_type": "execute_result" - } - ], + "outputs": [], "source": [ "len(df_cpe_rich)" ] }, { "cell_type": "code", - "execution_count": 13, + "execution_count": null, "id": "726d77a2", "metadata": {}, - "outputs": [ - { - "data": { - "image/png": "iVBORw0KGgoAAAANSUhEUgAAAZAAAAFQCAYAAACRVyh4AAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjUuMSwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy/YYfK9AAAACXBIWXMAAAsTAAALEwEAmpwYAAA250lEQVR4nO3de7wVZdn/8c/FRk6CoEL9QkDwmAgIusVTGKIWHsJzgqQC4ekJzVNJT+VZQzOtTFMzFUpFpcekxDAUVPIAW0IQhUQkBRURRfAscP3+uGdth8XahzWsvWevtb7v12u/9prDmrlm1sxcM/c9c4+5OyIiIvlqlnYAIiJSnJRAREQkESUQERFJRAlEREQSUQIREZFElEBERCQRJZAGYGaPmNmpjTi/gWa2rLHmV47M7EMz26GOcbqbmZtZ88aKq9DMbLiZPVqP8S41sz83Rkw55n2XmV2Z8LtLzeyQ6HOay3CLmf081n2Wma2ItrNt67O9NQW1JpBoITJ/G8zsk1j38MYKsti4+2HuPj7tOOqjWJKPmX3NzP5oZm+Z2VozW2hml5nZltFwN7OPom1zuZldb2YV0bClWdvuh2b2u3zm7+5t3X1JQyxbnJmdZGZVUYxvRScj3zCzodFyWNb4zc3sHTM7MvotN2Qt54dmtl995+/ud7v7twq/ZOXLzEaY2cx4P3c/092viIZvAVwPfCvazlYVYnvbnERbX7UmkGgh2rp7W+B14Duxfnc3ZGDFyAJd1RWYmW0DPAO0BvZz93bAoUAHYMfYqHtE2+rBwEnAabFh8W23rbuPqee8G+1qwszOB34NXA18FegG3AwcBfyVsLzfzPraYMCBf0Tdb2YtZ1t3f6ae8y/aK6emqp7r9KtAK2BBA4dTeO5erz9gKXAI0AJ4D+gdG/YV4GOgEzAQWAb8L/Bu9L3hsXFbAtcREtIK4BagdS3zPQ14GVgLvATsGfXfDZgBrCas+CGx79xF2PEeAT4E/gX8P8LO+T6wEOiXtWw/iab/PnAn0CoatjXwd2BlNOzvQJfYd2cAV0Xz+ATYKeo3Ohq+E/AE8EG0Pu6LfXd/YHY0bDawf9Z0r4imuxZ4FOhYwzpKtM6BLaOYN0Tr6UOgc9SvY/TdnwLrgK2i7iuAX9fntwSOBOZGv9HTQJ+sdX4hMC9a/vsy6zzH8l0JzAea1bKdOLBTrPsB4HfxbTePbd2BHwCvAK9lTz9ad78C/hvFPjPq1z0a79RonbwL/LSe82wfrf8TahnnNuCOrH73AzfEt4M8lnNEtH3dAKyK1vMIYGZsnN2BfxL2+RXA/0b9L43mPSHaPhcAlbXM6zfAG8Aa4HlgQGxYrdMC+gFzomH3AROBK2uYz47A49HyvAvcDXTIPo7F5vvnWmI+Ktp+1wCvAoNjv9UfgbeA5dF6q6hhnf4F+BRYH/2+q2PHqCuBXYCPou3mQ+Dx+m5vse387aj/k8DuUf/TgS+Az6Pp/i3q3zmKaSXwGnBObHn7A1XR8q4Arq9zG8pjY4uv+JuBa2LDfhgLcCDhgHM94QDzzWgF7RoNvwGYDGwDtAP+BvyihnmeEP1AewNGOBhvD2wBLCYcMFsAg6KNKzOPu6KNZy9CZn88WlmnABXRDzc9a9leBLpGcf2LaAMFtgWOA9pE8T4A/DX23RmEg8XuQPMothl8mUDuJRyEm0WxfCPqvw0hIZ0cfW9Y1L1tbLqvEjaw1lH3uBrWU+J1To6DDmFDPC76/GgUx2GxYcfUY7r9gHeAfaJ1fmq0nlvG1vkswga9DeEk4cwalu9Z4LI6ts/4DteTsFN9P3vbree27oSD5jZ8uaPGp39T9HtsFy3b/tF67x6N94foN9sD+AzYrR7zHBz9hs1rGecAws6diak9Idn3rem3rGOeI6J5nh1tg62JJZDoN30LuICw7bYD9okdfD8FDo/WwS+AZ2uZ1/cI+1LzaHpv8+VJWo3TIuzf/wXOI+xbxxMOjDUlkJ0IV6ctCSe0TxKd8OQ4jl1KDQmEcDD9IJpWs+i3/no07EHgVsIJ2FcI2/EZ9VmnsenfxZfHmMx20zw2vM7tLRo2KvpdWhJOkOfmmkfU3YyQvC+O1usOwBLg29HwZ4CTo89tgX3r3Iby2NjiK34fwkHTou4q4LtZB7MtY9+9H/g5IQl8BOwYG7Yf0VlejnlOBX6Yo/8AwgbYLNbvXuDS2Ir7Q2zY2cDLse7eRGcCsWU7M9Z9OPBqDTH1Bd6Pdc8ALs8aZwZfJpAJhDPHLlnjnAzMyur3DDAiNo2fxYb9D/CPGmJKvM7JnUCuAH5L2AHeJpwgjCMcRD4hHAjqmu7vgSuyprsI+GZsnX8vNuxa4JYalu8VakguWTvcGkISfpVwktAsNq8PCVdCmb/T6pjWoBz9diLshJ8Qisuyv9c9Gi9+hToLGFqP/Ws48HY9xnsFOCn6fBrwQtZ2sCFrOVfHt4usaY0AXs/RL5NAhgH/ruG7lwLTYt09gU/qij82/vuZdVjbtIADgTeJjjVRv6epIYHkmM/R8WWg/gnkVqIru6z+XyWcFMSvtIcRnZDWtU5j/e6iHgmktu0tR2wdou+1z55H1L1Pjth+AtwZfX4SuIwaSjpy/SUq83T358zsY2Cgmb0VLejk2Cjvu/tHse7/Es40OxHO5J+P1QUaIavm0pVwMMjWGXjD3TdkzWO7WPeK2OdPcnS3zZrmGznixczaEM60BxOKswDamVmFu6/P8d1sPyYckGeZ2fvAr9z9jmj6/80aN3sZ3o59/jhHzHGFWucQityuB/YkFB39k3DJvi+w2N1XmdlX6pju9sCpZnZ2bLotophqWr74sLhVwNdqiTdjT3dfXMOwo919WnZPM1sQxQrhKuup6HNNv2lHQiLNtV1m5PO7ZawCOppZc3dfV8t4EwhX0vcQTkImZA1/0927ZH/JzAYQinQB/uvuu0efa9t2a9r/MrKXs1VN8ZvZhcD3Cb+xA1sR1mWt04rGX+7RES4Tf00BmdlXCcVlAwhn5s0IySpfXYEpOfpvT7gSeiu23Tdj4/VY2zrNV43bW3STyFWEkppOhJOHzHc+yDGt7YHOZrY61q8CyGzz3wcuBxaa2WuEq/6/1xbc5lT4jidclp4MTHL3T2PDts7cHRPpRjiLeJdw8N7d3TtEf+09VHzm8gYbV5JmvAl0zaqw7kYo7kqqa454IVxu70q4dN+KcEYE4WCZEd+4N+Lub7v7ae7eGTgDuNnMdoqmv33W6JuzDEnXea7YnyYs8zHAE+7+UjS9wwnJhXpM9w3gqtiwDu7ext3vTbBs04BjGuIGBXff3b+sbH4qPqiGr7xLKG7JtV1ujmcIZ7ZH1zHen4CDozur9iWU8dfJ3Z+KLefu8UG1fO0NQjHHZomS14+B7wJbu3sHwgHOavte5C1gu6y7z7rVMv7VhGXqHe2v36vnfLLVdOx5g/A7dYxt11vVsU5rW8d1qW17O4lQT3MIoTize9Q/s7zZ832DUEIQ3yfbufvhAO7+irsPIxTLXQNMyjqmbGJzdsg/Ew4w32PTsyCAy8ysRbTxHAk8EF0x/AG4ITqDxcy2M7Nv1zCP24ELzWyv6A6nncxse+A5wlnKj81sCzMbCHyHULmW1A/MrEt0x89PCZV1EM5iPgFWR8MuyWeiZnaCmWXOCN8n/KgbCGc3u0S3bTY3sxMJl+61Zvw6JFnnK4Btzax9ZiLu/jGhrPQHfJkwngbOzHTXY7p/AM40s32i325LMzvCzNolWK7rCWes46PfPzOv682sT4LpJRYt9x3A9WbW2cwqzGw/M2tZ13ej22xzHkzc/QNC2fRNZna0mbWJtu3DzOza2HhLCZWo9wL/dPe3c02vQP4OfM3MzjWzlmbWzsz2STCddoQi1pVAczO7mPB71scz0XfPidbHsYT6idrm9SHwgZltB/woQbwQrrhHmtnBZtYs2t6+7u5vEeoFf2VmW0XDdjSzb9YyrRVAFzNrkW8QdWxv7QjJbBWhNODqHPONnwDMAtaa2UVm1jqaVi8z2xvAzL5nZp2iea6OvrOBWiROIO7+BuHOCOfLS6CMtwkHyzcJZ0hnuvvCaNhFhArwZ81sDeHsctca5vEA4RLtHkIl+V+Bbdz9c0LCOIyQoW8GTonNI4l7CBvGEr4sQ4dQMdU6ms+zfHm7ZH3tDTxnZh8Sivl+6O5L3H0V4SB/AWED+DFwpLu/mzD+ROs8GudeYImZrTazTDHSE4RL9Vmx7naEclLqMd0qQhn976K4FhPKgvPm7u8RKg6/IKzLtcBjhLPYmoqssv3NNn424sEksUQuJBTtzSbcnXQN9duXuhIScU7u/ivgfOBnhIPtG8AYwnYfN55w9ZrrxK2zbfocyHH1iC1XPGsJlcjfIWxfrwAHJZjUVMJ+8x9C8dOn1LOYJ9rXjyVsO+8BJwL/V8tXLiMUvX4APFzHuLXNdxYwklB8/QFh+8+UGJxCKI7N3LU5idqLWB8n3Fn2tpkl2b9r2t4mENbn8iiWZ7O+90egZ7Rf/zUqcj+SUI/7GuGYdjvh6gVCMf2C6Fj1G0Ld3Se1BZapBE/EzO4glLn+LNZvIKFiapNy2KbKzJYSKr03KSMXKRQzu51wVTg17VhECiHxg0Nm1p1wZtCvYNGIlDB3H512DCKFlKgIy8yuIDw38Ut3f62wIYmISDHYrCIsEREpX2q3SUREEmkSjad17NjRu3fvnnYYIiJF4/nnn3/X3TulGUOTSCDdu3enqqoq7TBERIqGmdX4RH5jURGWiIgkogQiIiKJKIGIiEgiTaIORKSp+eKLL1i2bBmffvpp3SOLNKBWrVrRpUsXtthii7RD2YQSiEgOy5Yto127dnTv3p2NG4IVaTzuzqpVq1i2bBk9evRIO5xNqAhLJIdPP/2UbbfdVslDUmVmbLvttk32SlgJRKQGSh7SFDTl7VAJREREElEdiEg9dB/7cEGnt3TcEbUOX7VqFQcffDAAb7/9NhUVFXTqFB46njVrFi1a5P1uonoZMWIERx55JMcffzyjR4/m/PPPp2fPnjnHveuuu/jWt75F586530R88cUXc+CBB3LIIYdUPyzcsWPHnONmW7p0KU8//TQnnXQSAFVVVUyYMIHf/va3yRasHgYOHMh1111HZWVl3vGWKyUQadoubV+PcXK9/rm4bbvttsydOxeASy+9lLZt23LhhRc2agy33357rcPvuusuevXqlTOBrF+/nssvvzzxvJcuXco999xTnUAqKyuprKxMPD1pGCrCEikCn3zyCT169OCLL74AYM2aNdXdAwcO5Ic//CF9+/alV69ezJoVXiL50UcfMWrUKPr370+/fv146KGHNpmuuzNmzBh23XVXDjnkEN55553qYQMHDqSqqor169czYsQIevXqRe/evbnhhhuYNGkSVVVVDB8+nL59+/LJJ5/QvXt3LrroIvbcc08eeOABRowYwaRJk6qnd+2119K7d2/69+/P4sXhRZLZ47Rt2xaAsWPH8tRTT9G3b19uuOEGZsyYwZFHHgnAe++9x9FHH02fPn3Yd999mTdvHhAS7ahRoxg4cCA77LBDjVcrZ511FpWVley+++5cckleb6iWLEogIkWgdevWDBw4kIcfDkVpEydO5Nhjj61+NuDjjz9m7ty53HzzzYwaNQqAq666ikGDBjFr1iymT5/Oj370Iz766KONpvvggw+yaNEiXnrpJSZMmMDTT2/6xt25c+eyfPlyXnzxRebPn8/IkSM5/vjjqays5O6772bu3Lm0bt0aCFdOc+bMYejQoZtMp3379syfP58xY8Zw7rnn1rq848aNY8CAAcydO5fzzjtvo2GXXHIJ/fr1Y968eVx99dWccsop1cMWLlzI1KlTmTVrFpdddll1wo276qqrqKqqYt68eTzxxBPVCUjypwQiUiRGjx7NnXfeCcCdd97JyJEjq4cNGzYMgAMPPJA1a9awevVqHn30UcaNG0ffvn0ZOHAgn376Ka+//vpG03zyyScZNmwYFRUVdO7cmUGDBm0y3x122IElS5Zw9tln849//IOtttqqxhhPPPHEGodlYhw2bBjPPPNM/Rc8y8yZMzn55JMBGDRoEKtWrWLNmjUAHHHEEbRs2ZKOHTvyla98hRUrVmzy/fvvv58999yTfv36sWDBAl566aXEsZQ71YGIFIkDDjiApUuXMmPGDNavX0+vXr2qh2Xf6mlmuDt/+ctf2HXXXTdrvltvvTUvvPACU6dO5ZZbbuH+++/njjvuyDnulltuWeN04jFmPjdv3pwNGzYAsGHDBj7//PPNirVly5bVnysqKli3bt1Gw1977TWuu+46Zs+ezdZbb82IESOa7DMWxUBXICJF5JRTTuGkk07a6OoD4L777gPC2Xn79u1p37493/72t7nxxhvJvHX03//+9ybTO/DAA7nvvvtYv349b731FtOnT99knHfffZcNGzZw3HHHceWVVzJnzhwA2rVrx9q1a+sdeybG++67j/322w8Ir3J4/vnnAZg8eXJ1kVNt0x4wYAB33303ADNmzKBjx461XhXFrVmzhi233JL27duzYsUKHnnkkXrHL5vSFYhIPdR1221jGT58OD/72c+qi4MyWrVqRb9+/fjiiy+qrw5+/vOfc+6559KnTx82bNhAjx49+Pvf/77R94455hgef/xxevbsSbdu3aoP7HHLly9n5MiR1VcKv/jFL4BQAX7mmWfSunXrehVJvf/++/Tp04eWLVty7733AnDaaadx1FFHscceezB48ODqK5g+ffpQUVHBHnvswYgRI+jXr1/1dDKV5X369KFNmzaMHz++vquPPfbYg379+vH1r3+drl27csABB9T7u7KpJvFO9MrKStcLpSSnlG7jffnll9ltt90KPt3NNWnSJB566CH+9Kc/VfeLP78gpSnX9mhmz7t7qj+6rkBEisTZZ5/NI488wpQpU9IORQRQAhEpGjfeeGPO/jNmzGjcQEQiqkQXEZFElEBERCQRJRAREUlECURERBJRJbpIfdTnduK8plf7rcdqzr3hmnP/8MMPueCCC5g2bRodOnSgXbt2XHPNNeyzzz5UVFTQu3dv1q1bx2677cb48eNp06ZNdf+MoUOHMnbs2Drntf/+++dsXyyj2G/BziuBmNlg4DdABXC7u4/LMc53gUsBB15w95MKEKeUmPq+X2NpqwYOpIlSc+4N15z76NGj6dGjB6+88grNmjXjtddeq24Pq3Xr1tXrffjw4dxyyy2cf/75G/Wvj3Xr1tG8efNak0cpqHcRlplVADcBhwE9gWFm1jNrnJ2BnwAHuPvuwLmFC1WkfKk598I05/7qq6/y3HPPceWVV9KsWTj89ejRgyOO2LSlgQEDBlTHWR8zZsxgwIABDBkypPqqLbM8ANdccw29e/dmjz322Ojq5YEHHqB///7ssssuPPXUU/WeX1OQzxVIf2Cxuy8BMLOJwFFAvCnL04Cb3P19AHd/Z5OpiEje4s25H3300TU25/7kk08yatQoXnzxxerm3O+44w5Wr15N//79OeSQQzZq8DDenPuKFSvo2bNndXPwGfHm3AFWr15Nhw4d+N3vfrdJ8UumOXeAf/zjHxtNJ9Oc+4QJEzj33HM3aVYlbty4cVx33XXV48Sfdck05/7Xv/6Vxx9/nFNOOaX66mDhwoVMnz6dtWvXsuuuu3LWWWdVryOABQsW0LdvXyoqKmpd3+vWreORRx5h8ODBQEjgffv2rR7+k5/8JGfLw3PmzOHFF1+kR48eG/V/5JFHeOihh3juuedo06YN77333kbzmjVrFlOmTOGyyy5j2rRptcbWlORTib4d8Ease1nUL24XYBcz+5eZPRsVeeVkZqebWZWZVa1cuTKPMETKk5pzDza3OffaZBJFZWUl3bp14/vf/z7wZdFW5q+m5ezfv/8myQNg2rRpjBw5kjZt2gCwzTbbVA879thjAdhrr71YunRpXvGmrdCV6M2BnYGBQBfgSTPr7e6rs0d099uA2yC0hVXgOERKjppzr1tdzbnvvvvuvPDCC6xfvz7nVUg+dR3PPfccZ5xxBgCXX345W221Va3LX1fMueJt6vK5AlkOdI11d4n6xS0DJrv7F+7+GvAfQkIRkQJQc+6b15z7jjvuSGVlJZdcckn1elm6dGn1mx7zsc8++1RfkQwZMqTWcQ899FDuvPNOPv74Y4CNirCKWT5XILOBnc2sByFxDAWy77D6KzAMuNPMOhKKtJYUIE6RdDVAi79JqDn3zWvOHcLdZRdccAE77bQTrVu3pmPHjvzyl7+s9TvZdSCDBw9m3LhNbkKt0eDBg5k7dy6VlZW0aNGCww8/nKuvvjqvuJuivJpzN7PDgV8TbuO9w92vMrPLgSp3n2zhuvRXwGBgPXCVu0+sa7pqzr381P823nrcBa7m3Iv6WQKpW0k05+7uU4ApWf0ujn124PzoT0QKSM25S1OjJ9FFioSac5emRm1hiYhIIkogIiKSiBKIiIgkogQiIiKJqBJdpB56j+9d90h5mH/q/FqHqzn3xm/OfezYsYwdO5Zvf/vb1eP++te/ZtGiRVx00UXstttuGz3Vf/7553PKKafUOq8333yTc845Z6MGI7Plu26aEiUQkSZIzbk3fnPuw4YNY+LEiRslkIkTJ3LttdcC4Sn2fJt079y5c63Jo9ipCEukCKg594Zvzv3444/n4Ycfrm6Pa+nSpbz55psMGDCg3r/TXXfdxZAhQxg0aBAHH3wwS5curW6zbP369Vx44YX06tWLPn36bHRb9o033siee+5J7969WbhwYb3nlzYlEJEiEG/OHaixOfebb765ujn2THPus2bNYvr06fzoRz/io48+2mi68ebcJ0yYkPMFSPHm3OfPn8/IkSM5/vjjqays5O6772bu3Lm0bt0a+LI596FDh24ynUxz7mPGjOHcc8+tdXnHjRvHgAEDmDt3Luedd95GwzLNuc+bN4+rr756o2KkhQsXMnXqVGbNmsVll11WnXAzamvOfZtttqF///488sgj1ev4u9/9bnXDj6+++ip9+/at/qvp3R1z5sxh0qRJPPHEExv1v+2221i6dClz585l3rx5DB8+vHpYx44dmTNnDmeddRbXXXddreumKVECESkSas49aMjm3DPFWBASSLzNsUwRVuavpiuTQw89dKPm2jOmTZvGGWecQfPmoeagFJp0VwIRKRJJm3PPHPBef/31RO17ZZpzHzhwILfccgujR4+ucdxias49l6OOOorHHnuMOXPm8PHHH7PXXnvVOr8HH3yw+ook055fOTXprgQiUkTUnHvDNufetm1bDjroIEaNGrVJi8e5HHPMMdUJuq5K/kMPPZRbb721OkGUQpPuugtLpB7quu22sag594Zvzn3YsGEcc8wx1UVZGZk6kIxRo0Zxzjnn1Hu+o0eP5j//+Q99+vRhiy224LTTTmPMmDF5xd7U5NWce0NRc+7lR825J6Pm3MtTSTTnLiLpUXPu0tQogYgUCTXnLk2NKtFFatAUindFmvJ2qAQikkOrVq1YtWpVk955pfS5O6tWraJVq1Zph5KTirBEcujSpQvLli1j5cqVaYciZa5Vq1Z06dIl7TByUgIRyWGLLbagR48eaYch0qSpCEtERBJRAhERkUTySiBmNtjMFpnZYjMbm2P4CDNbaWZzo7+aG80REZGiVu86EDOrAG4CDgWWAbPNbLK7v5Q16n3uXtzP54uISJ3yuQLpDyx29yXu/jkwETiqYcISEZGmLp8Esh3wRqx7WdQv23FmNs/MJplZ182KTkREmqxC38b7N+Bed//MzM4AxgObvqEGMLPTgdMBunXrVuAwRKQY9B7fu17jNZXWkGVj+VyBLAfiVxRdon7V3H2Vu38Wdd4O1Pg2Fne/zd0r3b2yU6dOeYQhIiJNQT4JZDaws5n1MLMWwFBgcnwEM/tarHMI8PLmhygiIk1RvYuw3H2dmY0BpgIVwB3uvsDMLgeq3H0ycI6ZDQHWAe8BIxogZhERaQLyqgNx9ynAlKx+F8c+/wT4SWFCExGRpkxPoouISCJKICIikogSiIiIJKIEIiIiiSiBiIhIIkogIiKSiBKIiIgkogQiIiKJKIGIiEgiSiAiIpKIEoiIiCSiBCIiIokogYiISCJKICIikkihX2kr0ujq81pUvRJVpPB0BSIiIokogYiISCJKICIikogSiIiIJKIEIiIiiSiBiIhIIkogIiKSiBKIiIgkkncCMbPBZrbIzBab2dhaxjvOzNzMKjcvRBERaYrySiBmVgHcBBwG9ASGmVnPHOO1A34IPFeIIEVEpOnJ9wqkP7DY3Ze4++fAROCoHONdAVwDfLqZ8YmISBOVbwLZDngj1r0s6lfNzPYEurr7w7VNyMxON7MqM6tauXJlnmGIiEjaClqJbmbNgOuBC+oa191vc/dKd6/s1KlTIcMQEZFGkG8CWQ50jXV3ifpltAN6ATPMbCmwLzBZFekiIqUn3wQyG9jZzHqYWQtgKDA5M9DdP3D3ju7e3d27A88CQ9y9qmARi4hIk5BXAnH3dcAYYCrwMnC/uy8ws8vNbEhDBCgiIk1T3i+UcvcpwJSsfhfXMO7AZGGJiEhTpyfRRUQkESUQERFJRAlEREQSUQIREZFElEBERCQRJRAREUlECURERBJRAhERkUSUQEREJBElEBERSUQJREREElECERGRRJRAREQkESUQERFJJO/m3EVEuo99uM5xlo47ohEikTTpCkRERBJRAhERkUSUQEREJBElEBERSUQJREREElECERGRRJRAREQkkbwTiJkNNrNFZrbYzMbmGH6mmc03s7lmNtPMehYmVBERaUrySiBmVgHcBBwG9ASG5UgQ97h7b3fvC1wLXF+IQEVEpGnJ90n0/sBid18CYGYTgaOAlzIjuPua2PhbAr65QYpIEbq0fd3j9OjW8HFIg8k3gWwHvBHrXgbskz2Smf0AOB9oAQxKHJ2IiDRZDVKJ7u43ufuOwEXAz3KNY2anm1mVmVWtXLmyIcIQEZEGlG8CWQ50jXV3ifrVZCJwdK4B7n6bu1e6e2WnTp3yDENERNKWbwKZDexsZj3MrAUwFJgcH8HMdo51HgG8snkhiohIU5RXHYi7rzOzMcBUoAK4w90XmNnlQJW7TwbGmNkhwBfA+8CphQ5aRETSl/f7QNx9CjAlq9/Fsc8/LEBcIiLSxOlJdBERSUQJREREElECERGRRJRAREQkESUQERFJRAlEREQSUQIREZFElEBERCQRJRAREUlECURERBJRAhERkUSUQEREJBElEBERSUQJREREElECERGRRJRAREQkESUQERFJRAlEREQSUQIREZFElEBERCQRJRAREUlECURERBJRAhERkUTySiBmNtjMFpnZYjMbm2P4+Wb2kpnNM7PHzGz7woUqIiJNSb0TiJlVADcBhwE9gWFm1jNrtH8Dle7eB5gEXFuoQEVEpGnJ5wqkP7DY3Ze4++fAROCo+AjuPt3dP446nwW6FCZMERFpavJJINsBb8S6l0X9avJ94JGaBprZ6WZWZWZVK1euzCMMERFpChqkEt3MvgdUAr+saRx3v83dK929slOnTg0RhoiINKDmeYy7HOga6+4S9duImR0C/BT4prt/tnnhiYhIU5XPFchsYGcz62FmLYChwOT4CGbWD7gVGOLu7xQuTBERaWrqnUDcfR0wBpgKvAzc7+4LzOxyMxsSjfZLoC3wgJnNNbPJNUxORESKXD5FWLj7FGBKVr+LY58PKVBcIiLSxOlJdBERSUQJREREElECERGRRJRAREQkESUQERFJRAlEREQSUQIREZFElEBERCQRJRAREUlECURERBJRAhERkUSUQEREJBElEBERSUQJREREElECERGRRJRAREQkESUQERFJRAlEREQSUQIREZFElEBERCQRJRAREUlECURERBLJK4GY2WAzW2Rmi81sbI7hB5rZHDNbZ2bHFy5MERFpauqdQMysArgJOAzoCQwzs55Zo70OjADuKVSAIiLSNDXPY9z+wGJ3XwJgZhOBo4CXMiO4+9Jo2IYCxigiIk1QPkVY2wFvxLqXRf0SMbPTzazKzKpWrlyZdDIiIpKS1CrR3f02d69098pOnTqlFYaIiCSUTwJZDnSNdXeJ+omISBnKJ4HMBnY2sx5m1gIYCkxumLBERKSpq3cCcfd1wBhgKvAycL+7LzCzy81sCICZ7W1my4ATgFvNbEFDBC0iIunL5y4s3H0KMCWr38Wxz7MJRVsiIlLi9CS6iIgkogQiIiKJKIGIiEgiSiAiIpKIEoiIiCSiBCIiIokogYiISCJKICIikogSiIiIJKIEIiIiieTVlEmp6j2+d73Gm3/q/AaORESkeOgKREREElECERGRRJRAREQkESUQERFJRAlEREQSKeq7sLqPfbjOcZa2OqnuCfXoVoBoRETKi65AREQkESUQERFJRAlEREQSKeo6EBGRhlCv+tVxRzRCJE2brkBERCQRJRAREUkk7yIsMxsM/AaoAG5393FZw1sCE4C9gFXAie6+dPNDFREpLqXeUGteCcTMKoCbgEOBZcBsM5vs7i/FRvs+8L6772RmQ4FrgBMLFbCISJNwafu6xynxZ8zyvQLpDyx29yUAZjYROAqIJ5CjgEujz5OA35mZubtvZqxlpT6VeKCKPBFJj+VzXDez44HB7j466j4Z2Mfdx8TGeTEaZ1nU/Wo0zrtZ0zodOD3q3BVYtDkLkqeOwLt1jlWcSnnZQMtX7LR8hbO9u3dqpHnllNptvO5+G3BbGvM2syp3r0xj3g2tlJcNtHzFTstXWvK9C2s50DXW3SXql3McM2sOtCdUpouISAnJN4HMBnY2sx5m1gIYCkzOGmcycGr0+XjgcdV/iIiUnryKsNx9nZmNAaYSbuO9w90XmNnlQJW7Twb+CPzJzBYD7xGSTFOTStFZIynlZQMtX7HT8pWQvCrRRUREMvQkuoiIJKIEIiIiiSiBiIhIImXVnLuZtQa6uXtjPrQoIiXGzLapbbi7v9dYsaSpbCrRzew7wHVAC3fvYWZ9gcvdfUi6kSVjZmuBGn88d9+qEcNpUGbWBriAkPxPM7OdgV3d/e8ph7ZZyuUgZGbbAzu7+7ToJK65u69NO67NYWavEfY/A7oB70efOwCvu3uP9KJrPOV0BXIpoS2vGQDuPtfMivZHdvd2AGZ2BfAW8CfCBjwc+FqKoTWEO4Hngf2i7uXAA0BRJxDCMtV4EAKKdvvMMLPTCE0WbQPsSHj4+Bbg4DTj2lyZBGFmfwAedPcpUfdhwNEphtaoyqkO5At3/yCrXylcfg1x95vdfa27r3H33xMatCwlO7r7tcAXAO7+MeFAW9TcvYe77wBMA77j7h3dfVvgSODRdKMrmB8ABwBrANz9FeArqUZUWPtmkgeAuz8C7J9iPI2qnBLIAjM7Cagws53N7Ebg6bSDKoCPzGy4mVWYWTMzGw58lHZQBfZ5VPThAGa2I/BZuiEVVCkfhD5z988zHVHzRqVw4pbxppn9zMy6R38/Bd5MO6jGUk4J5Gxgd8KB5x7gA+DcNAMqkJOA7wIror8Ton6l5BLgH0BXM7sbeAz4cbohFVQpH4SeMLP/BVqb2aGEose/pRxTIQ0DOgEPRn9fifqVhbKoRI9ehDXN3Q9KOxbJj5k1I7Sp9hiwL6Ho6tns1wMUs6gy/RLgwKjXk8BlpVCJbmYGjAa+RfjtphLeZFr6B54yUBYJBMDMHgOOzVEPUpTM7Mfufm1UFLfJj+ju56QQVoMotyayS0V04rbA3b+ediyFZma/dvdzzexv5N7/ivLuznyV011YHwLzzeyfxOoIivhA+3L0vyrVKBrHNDO7ELiPjX+7oj5DL/WDkLuvN7NFZtbN3V9PO54C+1P0/7pUo0hZOV2BnJqrv7uPb+xYCiU6w7vG3S9MO5aGFN1zn82jO5iKlpnt5e7Pm9k3cw139ycaO6ZCM7MngX7ALDZO/kWdHKF6/5vg7sPTjiUtZZNASpWZPePu+9U9pjRFpX4QKuXkCGBmM4FB8TvNyknZFGFFTy//AugJtMr0L/azWGCumU0m3N0SP8P7v/RCKjwz68Wmv92E9CIqjKiYZ3sza1GKB6FSSRS1WAL8K9oH4/vf9emF1HjKJoEQnma+BLgBOAgYSWncxtyK8MrgQbF+DpRMAjGzS4CBhAQyBTgMmAkUfQKJlOxByMz2BW4EdgNaEF5E91EJNbXzavTXDGiXciyNrmyKsMzseXffy8zmu3vveL+0Y5Pamdl8YA/g3+6+h5l9Ffizux+acmgFESXITbj7ZY0dS6GZWRXhraQPAJXAKcAu7v6TVAMrMDPbilAvV9RtfOWrnK5APoueKXglei3vcqBtyjFtNjPbAfgN4RkJB54BznX3XBXPxeoTd99gZuuiHfUdoGvaQRVKJlGU6kHI3RebWYW7rwfuNLN/AyWRQMysklC6kWmb7gNglLs/n2pgjaQUinDq64dAG+AcYC/ge0DOO7OKzD3A/YQGFDsTzvQmphpR4VWZWQfgD4QGCOcQEmVJMLPK6CprHuFW8xfMrFSujD82sxaEurprzew8Suu4cwfwP+7e3d27E9r+ujPdkBpPORVh7ejur6YdR6GZ2Tx375PV7wV33yOtmBqSmXUHtnL3eWnHUihmNg/4gbs/FXV/A7g5+3ctRlFT7isI9R/nAe0Jy7Y41cAKxMz+7e79svrNcfc904qpMZVTAnmC0JT0bOAp4El3n59uVMnF3iVxEaEZ8ImEIqwTga1LqYzZzP5EaN7jKXdfmHY8hVbKByEzOxh42t0/STuWQjKzzG9zCtAauJcv979P3f38tGJrTGWTQACiS+m9CXf0nAG0dfdaX+rTVGW90CZb0T9kF2dmBwEDor8dgX8TTgB+k2pgm6kcDkJmNp7wHpf3iE7cgJnu/n6qgW0mM5tey2B390G1DC8ZZZNAomKBzEGoAzCXcEZ7b4phST1FD9ztTbgF+0xCxXpRt7FUTgchM+tMaBTzQqCzu5fEDTyxmwPKUjklkHWECthfAFNK5aEtM3se+CNwj7uvTjmcBhE1hLkloeL8KcIZ7DvpRlU4pXwQMrPvEU7aegPvEp7fecrdS+ImCDNbAvwFuMPdX65r/FJTTgmkA+HNaAcSzmQ3AM+4+8/TjGtzmdlOhIciTyQ0rHgn8GgpNZdtZjcQ7pz7DPgXoRjkmVIpVy/lg5CZvUt40O4WYLq7L003osIys3aE51wyDybfAUx09zWpBtZIyiaBAJjZbsA3CWdE+wOvu3vOtnqKTfSMy5HA74H1hETym2JvsTYu2llHEIpB/p+7t0w3osIo9YOQme1OOHH7BrAzsMjdT043qsKL2v26h1BEPgm4olTuNqtJKd2PXavoLO9XwDaEg+yuJZQ8+hCW7ZeEM9kTCO+gfjzNuArFzMaY2X2EyvOjCAfYw9KNqnA8vM/+D+6+P+GuukuAt8xsfHSFWbSihyO7AdsD3Qm38ZbMWauFV0kPMbMHgV8T9sMdCG9dnFLbd0tBSVRk1dNO7r4h7SAKLaoDWU2oBxnr7pl3hT9nZgekFlhhtQKuB55393VpB1No0Q0CRxCuQLoTDkJ3E66UpwC7pBbc5psZ+/uduy9LOZ5CewWYDvzS3Z+O9Z9kZgfW8J2SUTZFWGbWg/Be9O7EEmexv5fAzHZw9yVpx9EQYs+65FQqxXPR1fF04I9ZByHM7LdF/NIzzOy77n5/Vr8T3P2BtGIqJDNr6+4fph1HWsopgbxAOEufT6hAB4q3uWkzq/UZgRJpyTX+rEs3wgOTRihjft3de6QXXeGU8kEo1wORpfCQpNXwKumMYk76+SinIqxP3f23aQdRQPGmo88Abk0rkIaSSRBm9gfgQXefEnUfBhydYmgFET8ImW36PGgxH4Si3+hwYDszi+93WwGlUAwZf5X0ZYR6q7JTTlcgJxHuAHmUcDsoAO4+J7WgCiRXUxilJN4Ef239io1t/JrlTQ5CXtyvW94H+DpwOXBxbNBawu28Rf0kelyp73+1KacrkN7AyYQXL2WKsJyNX8RUrEr9LOBNM/sZ8OeoezjwZorxFEQ8QZjZucWcMHL4vbvvaWbfLrHlyqXU978alVMCOQHYoVSeQC8zwwhn5w8SdtYno36lpNQOQi2iq/59zOzY7IFeYq9cLlfllEBeJFS+lkQTGNH7IzIHnZ2iJsEhVDJ7KTQFDtW3uN7o7sPTjkXycibhSrED8J2sYUX/ymUzW8uX+18bM8s89JnZ/0rllb21KqcE0gFYaGaz2bgOpFhv4z0y7QAag7uvN7PtzaxFqV09lvJByN1nAjPNrMrd/5h2PIXm7mX3/vNcyqkSPedT58V6G285MbMJwG7AZOCjTP9SuFW51EWvUDiT0JQJwBPALe7+RXpRSaGUxRVIVAxya7E3/13GXo3+mrHx7cvS9N0MbBH9h3Ajy++B0alFJAVTTlcgDwFnu/vracciUi5yvV65lF+5XG7K4goksjWwwMxmsXExSLHWgVQzs9ZAN3dflHYsDcHMOgE/BnYntIsFQCm9cKmErTezHd39VQhN7xBaiy4Z0Xvfd3b3adG+2Nzd16YdV2MopwRS1O/9qImZfQe4DmgB9DCzvsDlpZAYY+4G7iPcOHAmcCqwMtWIpL5+BEyP2vuC0BbdyPTCKSwzOw04ndDK945AF8K7Tw5OM67GUjZFWKUqao13EDAj8zRsKTylHWdmz7v7XmY2L3N7spnNdve9045NcjOzvYE33P1tM2tJaG7naGAxodXoUmkIcy7QH3iuVPe/2pT8+0DMbGb0f62ZrYn9rY3dNlnMvnD3D7L6ldpZQeaOnbfM7Agz60c445Om61Ygc9v1PsBY4CZgBXBbWkE1gM/it5ebWXNKb/+rUTkUYQ2Hkr5ve0H0xG+Fme0MnAM8Xcd3is2VZtYeuAC4kdAg33nphiR1qIhdZZwI3ObufwH+Ep21l4onzOx/gdZmdijwP4SXSZWFki/CijcdbWZ/cffj0o6pkMysDfBT4FtRr6nAle7+aXpRSbkzsxeBvu6+zswWAqe7+5OZYe7eK90IC8NCM8qjCfufEfa/273UD6yRcrgCibeTvUNqUTSA6PmWh939IEISKSl650JRu5dwdv4u8AnwFED0it7sIteiFO1/C6Lny/6QdjxpKIcE4jV8LnpRMx8bzKx9jnqQUqB3LhQpd7/KzB4DvgY8Gjsjb0Z4M2jRi/a/RWbWrVyfLyuHIqz1hOc+DGgNfJwZRJG3NwTVD0j2A/7Jxs+3lNTZeTm/c0GaLjN7krD/ldzzZfVR8lcg7l6RdgwN7P8o8pZN66m0z3SkWJXk82X1VfJXIFIaSuE92iKlRgmkyEW37v4C6MnGzXwU/Q0D2c2dU2LFj1L8zGxfwq3luxFag6gAPiqXbbPki7DKwJ2EyuUbgIMIzUSUxAOiJfzsjpSO3wFDgQeASuAUYJdUI2pEJXGgKXOt3f0xwtXkf939UuCIlGMSKRvuvpjw4OR6d78TGJx2TI1FVyDF7zMzawa8YmZjgOVA25RjEikXH0cvzZprZtcCb1FGJ+aqAylyUaN1LxNe2XsFoZmPX7r7s2nGJVIOoqbcVxDqP84D2gM3R1clJU8JpMjF37UgIo3LzA4Gnnb3T9KOJQ1KIEXOzJ4gvINgNqG5iCfdfX66UYmUBzMbD+wHvEe0/wEz3f39VANrJEogJSAqg90bGEh470Jbd1dz5yKNxMw6A8cDFwKd3b0s6pfLYiFLmZl9AxgQ/XUA/k7UcJ2INCwz+x5h3+sNvEu4rbds9j9dgRQ5M1sHPE94mHBK/OU2ItKwotaGXyW8xna6uy9NN6LGpQRS5MysA3AAcCChGGsD8Iy7l3UbPSKNxcx2J+x/3wB2Bha5+8npRtU4VIRV5Nx9tZktAboSKtP3B7ZINyqR8mBmWwHdgO2B7oTbeMvmrFxXIEUuSh4LgZmEO0BmqRhLpHGY2TzCvjeTcAfkspRDalRKIEXOzJq5+4a04xApR2b2XXe/P6vfCe7+QFoxNSYlkCJnZj0Ib3jrTqxIslxeaCOSplyvGSinVw+oDqT4/RX4I/A3QgW6iDQwMzsMOBzYzsx+Gxu0FbAunaganxJI8fvU3X9b92giUkDvAVXAEMJt9BlrCW1ilQUVYRU5MzuJcOvgo8Bnmf7uPie1oERKXKaYyszucfeT0o4nLboCKX69gZOBQXxZhOVRt4g0jBbRyds+ZnZs9kB3/78UYmp0SiDF7wRgB926K9KozgSGE5oP+k7WMAeUQKQovEjYiN9JOQ6RsuHuM4GZZlbl7n9MO560qA6kyJnZDKAPoTn3eB2IbuMVaWBRS9hnEpoyAXgCuMXdv0gvqsajBFLkzOybufq7+xONHYtIuTGz2wlNB42Pep0MrHf30elF1XiUQIqYmVUAC9z962nHIlKOzOwFd9+jrn6lqmxe/l6K3H09sMjMuqUdi0iZWm9mO2Y6zGwHYH2K8TQqVaIXv62BBWY2C/go01N1ICKN4kfA9KhRUyO0yjsy3ZAaj4qwipzqQETSZWYtgV2jzkXu/llt45cSJRARkTyZ2d7AG+7+dtR9CnAc8F/gUnd/L834GovqQIqUmc2M/q81szWxv7Vmtibt+ERK3K3A5wBmdiAwDpgAfADclmJcjUpXIEXKzLZ39/+mHYdIOYrfaWVmNwEr3f3SqHuuu/dNMbxGoyuQ4vVg5oOZ/SXNQETKUIWZZW5COhh4PDasbG5OKpsFLUEW+7xDalGIlKd7gSfM7F3gE+ApADPbiVCMVRaUQIqX1/BZRBqYu19lZo8BXwMe9S/rApoR3hBaFlQHUqTMbD3huQ8DWgMfZwYB7u5bpRWbiJQHJRAREUlElegiIpKIEoiIiCSiBCIiIokogYiISCJKICIiksj/B/N+5oqUmMkiAAAAAElFTkSuQmCC", - "text/plain": [ - "
" - ] - }, - "metadata": { - "needs_background": "light" - }, - "output_type": "display_data" - } - ], + "outputs": [], "source": [ "categories_cpe = df_cpe_rich.type.value_counts().sort_index().rename('Type distribution CPE-rich')\n", "categories_cve = df_cve_rich.type.value_counts().sort_index().rename('Type distribution CVE-rich')\n", @@ -419,23 +117,10 @@ }, { "cell_type": "code", - "execution_count": 14, + "execution_count": null, "id": "80de4629", "metadata": {}, - "outputs": [ - { - "data": { - "image/png": "iVBORw0KGgoAAAANSUhEUgAAAZcAAAEXCAYAAABh1gnVAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjUuMSwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy/YYfK9AAAACXBIWXMAAAsTAAALEwEAmpwYAAB56ElEQVR4nO2dd3hUVdrAf2cmyaT3QkJJAoTeq1RFwK4ogoJ97d1V17V8FnTX7q6ube3dFSyoiFhAQaRJk16SAAlppPc+mfP9ce9MJslMMmmknd/z5MnMveeee87Mnfve97xNSClRKBQKhaItMXT0ABQKhULR/VDCRaFQKBRtjhIuCoVCoWhzlHBRKBQKRZujhItCoVAo2hwlXBQKhULR5ijhchIQQlwuhPjZhXZvCCEeaYfzLxFCfNLW/So0hBAzhBCHXWh3jRBiw8kYU3vh6jUqhFgnhLj+ZIzJwbmThBBzWnBcjBBCCiHc9PcdOYf9QojT9NdCCPG+ECJfCLHV1euto2lUuAghPhFCvF9v26lCiFwhRGT7Dq37IKX8VEp5hgvtbpZS/uNkjMlVuopgEkJMEkKsEkIUCCHy9B/hX/R9pwkhLEKIEiFEsRDisN0+6w2lpN7fpa6eW0r5u5RycHvNzYoQwkP/PhKEEKX6TfQ9fQ5vCCE+cnDMaCFEpRAiWD+2ut48C5ozhs54jXZ1hBAfCCH+ab9NSjlcSrlOfzsdmAv0kVJOaqvrraVC2FWa0lzuAs4WQszVB+MJvA3cK6XMaIsBWJ8SuivdfX6dASHEFOBX4DdgIBAC3AKcbdcsXUrpC/gD9wNvCyGG2e0PlFL62v0tc/HcJ/P7/RK4ALgMCABGAzuA2cCHwHwhhE+9Y64EVkop8/T3y+rNM9DVkwshjK2dgKIuLn6m0UCSlLK0vcfTpkgpG/0DFgLHAB/gaeAHffspwCagANgNnGZ3zF+Ag0AxcBS4yW7faUAq2g/8BPAxEAqs1PvKA34HDE7GMxxYrbfLBB7St5uAl4B0/e8lwFTvnH8HsoAM4ELgHCBe7+shu3MsQfshL9PnsBMYbbf/AeCIvu8AcJHdvmuAjcCLQC7wT33bBn2/0PdlAUXAXmCEvu8D4J92fd0AJOrjWwFE2e2TwM1Agv65vQYIJ59ZU/OJAr4CsvXv+k59+1lAFVANlOjf8yxgr92xq4Ftdu9/By5srF99n8Huc8wFPgeC9X0x+vyuBo4DOcD/NXKNbgBea2T/aUBqvW3ZwAK7c7k19Vto5Pqt0z/QF1iunyMXeNXu2tgAvADk65/J2S6edw5QDvRtpM1h4Cq790a038I8u+vgE1fOZ3c9/hdYBZTqY6h/jc4DdqFdy0eAs/Tt64B/oP0WioGfgVAn5wlC+/1n65/LSrSndFzpC02AJuuf9f8BScAcJ+c6F/hTH28KsMRuX51rQT/v9U76MQIPUXsf2GH9boAh1N6jDgOXNPKZ3oj2+6pC+419p7dL0j/v64AKoEbf/3gzrrcBaA9duWi/oU/RHqJAu24t+jVVAvxdNn1fvwbtfl6Mdu1e3uj14+JF9hXazS1Xn0hv/fU5aDeJufr7MLsvcADajfRUoAwYZ/fjNAPPogkELzSh9Qbgrv/NwMGNEvBDEwz3Ap76+8n6vieALUA4EKZ/QP+od85H9f5v0L+I/+l9DNc/5Fi7H2E12s3HHfib/mG66/sXot04DcCl+kUSafcFmIE7ADd9ftdQK1zORLsQA/XPZ6jdsR+g/3CB0/ULYpz+Ob0CrLf7LCTajzAQ6KfP5ywn35/T+ehz2KF/Nh5Af7QL6ExHNyR9PhVoDwTuaAI+Tf8cvfTPMcSFfu/Sv68++vzeBD6r9yN/W+9zNFAJDHUwN2+0H96spgSC/toAXKR/HoNpmXCpf/3a929E+1G+iPZA5glMt7s2qtGuPyOadpWOk4eCeud9BvitiTb/B6yxe3+mfl1Yr9s636WLwqUQmKZ/bp7UvUYn6fvn6vt7A0PsbsxHgEH6Z7QOeMbJeUKAi/Xv0g/4AvimnnBx2BcwDO3mOFP/Pv6tfz/OhMtpwEh9vKPQrt8LWyBc7kN7MByM9jserc/DB01o/QXt9z8W7Xc8zJXP1K7/JOscsLt/OLieG7veBurfjQntnrgeeMnROfT3Tu/ret9FwGC9bSQwvC2ES4T+Bd6lv78f+Lhem5+Aq50c/43dsaehSWlPu/1PAN8CA5sYx2LgTyf7jgDn1PthJdmdsxww6u/99Itosl37HXYX2RJgi90+A5pQm+Hk3LuofTq8Bjheb7/t4kATGvFoTwiGeu1sFxnwLvCc3T5ftBtTjP5eWi8i/f3nwANOxud0PsBkB+N9EHjf7thP6u3/HZivz+Fn/dxnoWk1e/Q2TfV7EJhtty9Sn58btT9y+6fXrcAiB3Prrbcd0sh1cxraU1oB2tPkLmtfducqqPfXQJA1cv2eRu2PfQraDb2BsNKvg0S79976uXu58Bt8G1jaRJt++mfYR3//KfCfetdBVb15rm2kvw+Ajxq5Rt8EXnRy7DrgYbv3twI/NjVPve0YIN+VvtAeXpba7fPR5+hQuDg410vWOdA84XIY/Tdfb/ulwO/1tr0JPObKZ2q3LQnXhIvT683B2C7E7v5JQ+Hi9L6uf64FaA8BXq58ti55i0kpM9Gk7359UzSwUDeeFuhGweloNwiEEGcLIbbohtUCNEkYatdltpSywu7982jLPz8LIY4KIR5wMpS+aELEEVFoqrGVZH2blVwpZY3+ulz/n2m3vxztBm4lxfpCSmlBWwqJ0ud3lRBil93cR9SbXwpOkFL+CryKtoyVJYR4Swjh39R8pJQlaE8Rve3anLB7XVZv/PVxNp9oIKred/kQ2gOFM35Du8Bn6q/XoWmop+rvcaHfaOBru30H0TQQ+/O6Mr98NMHRlINJupQyUEoZLKUcI6VcWm9/qL7f+ndQCNHP3vht17b+9WtPXyBZSml2st82Jyllmf6yse/NSi5NzFFKeRzt6fQKIYQv2s2kvpH/83rznAUghHjIbq5v2LV3ei3T+O8RXLw+hRDeQog3hRDJQogifQ6B9ewRzvqKou61XYr2WTlECDFZCLFWCJEthChEW1oOdda+EZzNPRqYXO+6vxzoZdemsc+0JeNweL0JISKEEEuFEGn65/oJjc/V6X1d/1wvRfu8MoQQ3wshhjQ2sJa6IqegSTj7i9RHSvmMEMKEtoz2AhAhNYPhKjTV0Yq070xKWSylvFdK2R/NYHmPEGK2k/P2dzKmdLQPx0o/fVtL6Wt9IYQwoC3fpAshotGeIm8HQvT57aOR+dVHSvmylHI8mko/CE3Frk+d+eiG2hC0JaiW4HA+aJ/psXrfpZ+U8pxG5lJfuPxGQ+HSVL8paPYG+/2eUspmzU+/QW9Ge6JqU6SUx6Wd8dt+VyOHpQD92sHQvwaYJITo00S7D9FsEBejff47XOlcSvmU3Vxvtt/VyGEpaMvfreVetOWlyVJKf7TrCur+ppyRQd1r2xvtd+KM/6Et8feVUgagLce7cp76OJt7Ctrypf117SulvMWuTf3PtNH7hQvjcHa9PaX3PVL/XK+g8fuU0/s6gJTyJynlXLSHnENo90GntFS4fAKcL4Q4UwhhFEJ46u6efdDW101oqppZCHE20KgbrhDiPCHEQCGEQFuPrEF7Gq3PSiBSCPFXIYRJCOEnhJis7/sMeFgIESaECEVTl1vjQjteCDFf/9L+irbmvwVNPZT6/NBdWke42qkQYqL+9OSOZqupwPFcPwP+IoQYowvsp4A/pJRJbTyfrUCxEOJ+IYSX/n2OEEJM1I/LBGJ0gWRlE9rNYBKwVUq5H/2JDe2pExf6fQN4UhfW6N/bvBbO7e/ANUKI+4QQIXp/o4UQ9bWTk8FWtBveM0IIH/23Mc2VA4XmKrzO0T4p5Ro0I/HXQojxQgg3/fq/WQhxrV3Tr9AerB5HEzTtybto1+hsIYRBCNG7qadZJ/ihrRwUCCGCgceaceyXwHlCiOlCCA+0JfbG7mt+QJ6UskIIMQnN864lvAP8QwgRJzRG6dfeSmCQEOJKIYS7/jdRCDG0kb4ycf7Q3BSNXW9+aOaMQiFEbxo+xNY/r9P7uq4FzdMfciv1fh3dt2y0SLhIKVPQvEQeQrvJpugDN0gpi4E70dbh89G+vBVNdBmH9mRWgvYU+rqUcq2D8xajGZnOR1OTE9DW+UHzytoO7EEztO3Ut7WUb9HUwHy0J8H5UspqKeUB4F/6ODPRjIMbm9GvP5rEz6fWw+X5+o30m8kjaDeLDLSnpEUtnQzO51MDnIe2zn0MbfnzHTRXV9CMqwC5Qoid+thK0T7f/VLKKn3/ZjT1PEtv01S//0G7Ln4WQhSjCTrrg0KzkFJuQrNlnQ4cFULkAW+hacyuUiDqxn/c08Kx1KBdnwPRPN1S0T53V+hL49fSArQ5LUN7CNsHTED77VjPX4p2zfRBs7nU51LRMKYn3MXx1UFKuRXNcP2iPp7fqLt64CovoRnqc9Cugx+bMYb9wG1oGkkG2vWd2sghtwJP6Nfco2j3qZbwb/3Yn9EM3e+i2SKK0R6mF6GtDJyg1vnDGe8Cw/SlqG+aM4gmrrfH0RyCCoHv0TzK7Hka7YG8QAjxt8bu6/rfPfqc8tBWKW6hEYRutFHYIYRYguZccEVHj0XRcxBC7EJzcnBqM1AougoqwE+h6CRIKcd09BgUirZC5RZTKBQKRZujlsUUCoVC0eYozUWhUCgUbU6ntLmEhobKmJiYjh6GQqFQdBl27NiRI6UM6+hxWOmUwiUmJobt27d39DAUCoWiyyCESG661clDLYspFAqFos1RwkWhUCgUbY4SLgqFQqFoczqlzcUR1dXVpKamUlHhLBmtQtH98PT0pE+fPri7u3f0UBSKZtFlhEtqaip+fn7ExMSg5bdUKLo3Ukpyc3NJTU0lNja2o4ejUDSLLrMsVlFRQUhIiBIsih6DEIKQkBClrSu6JF1GuABKsCh6HOqaV3RVupRwUSgUPY+NaRuprqnu6GEomokSLi4gpWT69On88MMPtm1ffPEFZ511Vruc74MPPuD2228H4I033uCjj+pXqq1l3bp1bNq0yen+FStW8MwzzwBwzTXX8OWXXzZrLE899VSd91OnTm3W8c1lyZIlvPDCC0DLxusKjc3pvvvuY/jw4dx3331NfvbOKCgo4PXXX2/1OBVwtOAoN6+5mTXH1zTdWNGp6DIG/Y5ECMEbb7zBwoULmTVrFmazmYceeogff3S5plEdzGYzbm6uffQ333xzo/vXrVuHr6+vw5u+2Wzmggsu4IILLmjROEG7ET/00EO2940Jss6OlBIpZaNzeuutt8jLy8NoNDrqwiWswuXWW29t1XgVcLz4OADZZdkdPBJFc1Gai4uMGDGC888/n2effZYnnniCK664gieffJJJkyYxduxYvv32WwCSkpKYMWMG48aNY9y4cbYb17p165gxYwYXXHABw4YNa9D/+++/z6BBg5g0aRIbN9YWI7R/kn/55ZcZNmwYo0aNYtGiRSQlJfHGG2/w4osvMmbMGH7//XeuueYabr75ZiZPnszf//73OloQwJo1a5gwYQKDBg1i5cqVAA3anHfeeaxbt44HHniA8vJyxowZw+WXXw6Ar69WSl5KyX333ceIESMYOXIky5Yts83ztNNOY8GCBQwZMoTLL78cR5m33377bSZOnMjo0aO5+OKLKSsrc/m7SExMZM6cOYwePZpx48Zx5MgRAJ5//nkmTpzIqFGjeOyxx2zfx+DBg7nqqqsYMWIE1113ndM5XXDBBZSUlDB+/HiWLVtW57N3dM6SkhJmz57NuHHjGDlypO0aeOCBBzhy5Ahjxozhvvvuczq20tJSzj33XEaPHs2IESNsn6GilvSSdAAKKgs6diCKZtMlNZfHv9vPgfSiNu1zWJQ/j50/vNE2jz32GOPGjcPDw4PzzjuP008/nffee4+CggImTZrEnDlzCA8PZ/Xq1Xh6epKQkMDixYttedJ27tzJvn37GriVZmRk8Nhjj7Fjxw4CAgKYNWsWY8eObXD+Z555hmPHjmEymSgoKCAwMJCbb74ZX19f/va3vwHw7rvvkpqayqZNmzAajXzwwQd1+khKSmLr1q0cOXKEWbNmkZiY6HS+zzzzDK+++iq7du1qsG/58uXs2rWL3bt3k5OTw8SJE5k5cyYAf/75J/v37ycqKopp06axceNGpk+fXuf4+fPnc8MNNwDw8MMP8+6773LHHXc0+vlbufzyy3nggQe46KKLqKiowGKx8PPPP5OQkMDWrVuRUnLBBRewfv16+vXrR0JCAh9++CGnnHIKoC1pOprTihUr8PX1te1bsmRJo+f08PDg66+/xt/fn5ycHE455RQuuOACnnnmGfbt22frx9nYsrOziYqK4vvvvwegsLDQpfn3JDJKMwDIr8zv4JEomkuXFC4dhY+PD5deeim+vr58/vnnfPfdd7Yn24qKCo4fP05UVBS33347u3btwmg0Eh8fbzt+0qRJDuMV/vjjD0477TTCwrSEppdeemmd46yMGjWKyy+/nAsvvJALL7zQ6TgXLlzodFnnkksuwWAwEBcXR//+/Tl06FBzPgIbGzZsYPHixRiNRiIiIjj11FPZtm0b/v7+TJo0iT59+gAwZswYkpKSGgiXffv28fDDD1NQUEBJSQlnnnmmS+ctLi4mLS2Niy66CNCCDEG7gf/88882oVxSUkJCQgL9+vUjOjraJlhagrNzVldX89BDD7F+/XoMBgNpaWlkZmY2ON7Z2GbMmMG9997L/fffz3nnnceMGTNaPMbuSlpJGgAFFQUdOxBFs+mSwqUpDaM9MRgMGAwGpJR89dVXDB48uM7+JUuWEBERwe7du7FYLLYbEWjCqTV8//33rF+/nu+++44nn3ySvXv3OmzX2Hnqu7YKIXBzc8Nisdi2tTauwmQy2V4bjUbMZnODNtdccw3ffPMNo0eP5oMPPmDdunWtOqeUkgcffJCbbrqpzvakpKRWf+7O+PTTT8nOzmbHjh24u7sTExPj8LNzNjbQtNlVq1bx8MMPM3v2bB599NF2GWtXJaNEaS5dFZdsLkKIs4QQh4UQiUKIBxzsnymE2CmEMAshFthtHyOE2CyE2C+E2COEuLQtB9+RnHnmmbzyyis2e8Kff/4JaEsbkZGRGAwGPv74Y2pqaprsa/Lkyfz222/k5uZSXV3NF1980aCNxWIhJSWFWbNm8eyzz1JYWEhJSQl+fn4UFxe7PO4vvvgCi8XCkSNHOHr0KIMHDyYmJoZdu3bZzrF161Zbe3d3d6qrG7qBzpgxg2XLllFTU0N2djbr169n0qRJLo+juLiYyMhIqqur+fTTT10+zs/Pjz59+vDNN98AUFlZSVlZGWeeeSbvvfceJSUlAKSlpZGVleWwD2dzau45CwsLCQ8Px93dnbVr15KcnGxrb/+dOBtbeno63t7eXHHFFdx3333s3LnT5TH1FNJLdZuL0ly6HE1qLkIII/AaMBdIBbYJIVZIKQ/YNTsOXAP8rd7hZcBVUsoEIUQUsEMI8ZOUsqAtBt+RPPLII/z1r39l1KhRWCwWYmNjWblyJbfeeisXX3wxH330EWeddZZLT82RkZEsWbKEKVOmEBgYyJgxYxq0qamp4YorrqCwsBApJXfeeSeBgYGcf/75LFiwgG+//ZZXXnmlyXP169ePSZMmUVRUxBtvvIGnpyfTpk0jNjaWYcOGMXToUMaNG2drf+ONNzJq1CjGjRtXRwhcdNFFbN68mdGjRyOE4LnnnqNXr14uL7P94x//YPLkyYSFhTF58uRmCciPP/6Ym266iUcffRR3d3e++OILzjjjDA4ePMiUKVMAzUj/ySefOFwedDan5p7z8ssv5/zzz2fkyJFMmDCBIUOGABASEsK0adMYMWIEZ599Ns8//7zDsSUmJnLfffdhMBhwd3fnv//9r8ufQU+gwlxBXkUeoDSXrohw5MlTp4EQU4AlUsoz9fcPAkgpn3bQ9gNgpZTSYXCCEGI3sEBKmdDYOSdMmCDrFws7ePAgQ4cObXSsCkV3pKde+8cKj3HBNxcQ6RNJVlkWO6/ciUEoB1dnCCF2SCkndPQ4rLjyTfUGUuzep+rbmoUQYhLgARxxsv9GIcR2IcT27Gzl065Q9HSsbsjDQ4ZTI2sornJdu1V0PCflMUAIEQl8DPxFSmlx1EZK+ZaUcoKUcoLVa0qhUPRcrPaWYSFaXJiKdelauCJc0oC+du/76NtcQgjhD3wP/J+UckvzhqdQKHoqGSUZGIWRQUGDAMivUHaXroQrwmUbECeEiBVCeACLgBWudK63/xr4yJkdRqFQKByRXppOhHcEoV6hgNJcuhpNChcppRm4HfgJOAh8LqXcL4R4QghxAYAQYqIQIhVYCLwphNivH34JMBO4RgixS/8b0x4TUSgU3Yv0knSifKMI9AwElObS1XApiFJKuQpYVW/bo3avt6Etl9U/7hPgk1aOUaFQ9EDSS9KZHDmZIFMQoDSXroby63MBlXK/lrZMuf/CCy8wZMgQxowZw8SJE23zPO200xg8eDCjR49m2rRpHD58uM72MWPGMGbMGBYsWNBY9zauv/56Dhw44HS/fYJKReeg2lJNdnk2kT6ReLl54WHwULEuXYwumf7lZKNS7rd9yv033niD1atXs3XrVvz9/SkqKuLrr7+27f/000+ZMGECb731Fvfddx8rVqyos91VampqeOedd9pkzIqTR2ZpJhZpIco3CiEEgZ6BKkq/i6E0FxdRKffbNuX+U089xX//+1/8/f0B8Pf35+qrr27QbubMmY1mbnaEr68v9957L6NHj2bz5s2cdtpptszUP/74I+PGjWP06NHMnj3bdsyBAwc47bTT6N+/Py+//HKzzqdoe6zZkCN9IgEIMgUpzaWL0TU1lx8egBOOkza2mF4j4exnGm2iUu7X0pqU+0VFRRQXF9O/f/9GP2+A7777jpEjR9reX3755Xh5eQEwd+5cnn/++QbHlJaWMnnyZP71r3/V2Z6dnc0NN9zA+vXriY2NJS8vz7bv0KFDrF27luLiYgYPHswtt9yCu7t7k+NTtA/WbMi9fbV4baW5dD26pnDpIFTK/Vpam3K/KaxCJCYmpk7ONFeWxYxGIxdffHGD7Vu2bGHmzJm27yA4ONi279xzz8VkMmEymQgPDyczM9M2B8XJx5oNuZdPL0DTXA6VtuxaVXQMXVO4NKFhtCcq5X7TNJVy39/fH19fX44ePepUe3HVtlJTU8P48eMBrZLkE088gaenZ7PLFLtSJkBx8kgvTSfMKwwPowcAgaZA5S3WxVA2lxaiUu63LuX+gw8+yG233UZRkVZRtKSkpFGvOGcYjUZ27drFrl27eOKJJxpte8opp7B+/XqOHTsGUGdZTNG5yCjJINI30vY+yDOIwspCaixN/54UnYOuqbl0AlTK/dal3L/lllsoKSlh4sSJuLu74+7uzr333tvkcfY2l9DQUNasWePS+QDCwsJ46623mD9/PhaLxWYfU3Q+0kvTGREywvY+wBSARFJUVUSQZ1AHjkzhKk2m3O8IVMp9haKWnnbtW6SF8Z+M56phV3H3+LsBWHV0Fff/fj/fXvgt/QOadgTpiXTFlPsKhUJx0sguy8ZsMRPlE6VtyDtGoCkQUBUpuxJKuCgUik6FLcbFNxLyk+CVcQSl7wFURcquhBIuCoWiU2EtEhblEwVZh0BaCMrVnDCU5tJ1UMJFoVB0KqxFwqJ8oyBfEyoBeUmA0ly6Ekq4KBSKTkV6STqBpkC83b21ZTHAK/swXm5eSnPpQijholB0AizSQklVSUcPo1OQXppuyylGnqa5kJ9EoEeA0ly6EEq4uIBKuV9Le6fcf/zxx3nwwQfrtNu1a5fNFTcmJoaRI0fa0u7feeedLp3rnHPOoaCgwOn+lnw2bUlhZSHJRclU1zQMWO1pZJRkaEtioC2LGU2AJNDoqaL0uxAqiNIFVMr9k5dyf/HixZx11lk8/fTTtrZLly5l8eLFtvdr164lNDTUpfNIKZFSsmrVqqYbdyBVNVUAmC1m3I09N2GmlJKM0gymRk0FiwXykyF2JiSuJgiDWhbrQijNxUVUyv2Tk3J/0KBBBAUF8ccff9jafv7553WES1MkJSUxePBgrrrqKkaMGEFKSgoxMTHk5OQA8NFHHzFq1ChGjx7NlVdeaTtu/fr1TJ06lf79+590LcZs0XKZmWXPzmlWUFlAublcy4ZcnAE1lTBwDhjcCDRXq2WxLkSX1Fye3fosh/LaNkPqkOAh3D/p/kbbqJT7tbRnyv3FixezdOlSJk+ezJYtWwgODiYuLs62f9asWbbElFdffTV33313gz4SEhL48MMPOeWUU+ps379/P//85z/ZtGkToaGhdfKLZWRksGHDBg4dOsQFF1zgcqXLtqDaoi2H9fTcWVY3ZC3GRbe3hMZByECCKssoMFd14OgUzaFLCpeOQqXcr6U9U+5feumlTJ06lX/9618NlsTAtWWx6OjoBoIF4Ndff2XhwoW24+3T7l944YUYDAaGDRtGZmamy+NtC6zCpadrLjY3ZJ8oOL5D2xgcC2GDCczfTbGnhWpLNe6Gnrt02FXoksKlKQ2jPVEp95umtSn3+/btS2xsLL/99htfffUVmzdvbvR8KSkpnH/++YBmo3I1YWhj4z6ZOfeklLZlMaW52MW45H0JwggBfSFsKEGpv4KeHTnUyzWbm6LjUDaXFqJS7rdvyv3Fixdz9913079//yaLdvXt29eWdr8pB4jTTz+dL774gtzcXKBzpN23SAsWqQn3nq65ZJRm4OPug7+Hv7YsFtAHjO6a5qI/pORXKLtLV8Al4SKEOEsIcVgIkSiEeMDB/plCiJ1CCLMQYkG9fVcLIRL0v4ZF0rsojzzyCNXV1YwaNYrhw4fzyCOPAHDrrbfy4YcfMnr0aA4dOtTslPvTpk1zmAHXmnJ/5MiRjB07tk7K/a+//tpm0G8Ka8r9s88+22HK/TvvvNNhyn2rQd/KRRddZDOKn3766baU+65yyy23MGvWLCZOnMiIESOYMWMGBkPt5bhw4UL279/v0JA/a9YsmyvyVVdd5fI5AYYPH87//d//ceqppzJ69GjuueeeZh3fHliXxEBpLmklaUT6RGoadn6StiQGED6UIF277rbuyEd+hd3LoJtcA02m3BdCGIF4YC6QCmwDFkspD9i1iQH8gb8BK6SUX+rbg4HtwARAAjuA8VLKRh89VMp9RU+ipKqE5KJkDMKAyc3UIKV8T7r2F6xYQIRPBK/Nfg2ejYVhF8D5/wFzFfHP9+XiqHD+deq/OCPmjI4eatvzwXlQlAZ37IR6y9eu0BVT7k8CEqWUR6WUVcBSYJ59AyllkpRyD2Cpd+yZwGopZZ4uUFYD7RN5qFB0Uayai8nN1OM1F1t0fkUhlOdBkK65uHkQ5N8P6KaaS0EKJG2AUYtaJFg6I64Il95Ait37VH2bK7TmWIWiR2AVLp5GT5thvydSUlVCcVWxnrAySdsYXOtdGRgyCOimNpe9nwMSRl3S0SNpMzqNQV8IcaMQYrsQYnt2drbDNp2xaqZC0VrMFjNGgxF3g3sd4z70rGu+TjZka06xoBjbfveI4fhaLBSU53TA6NoRKTVbS78pdYRpV8cV4ZIG9LV730ff5gouHyulfEtKOUFKOcEa72GPp6cnubm5PerHpugZWOM2jAYtNsm6NCalJDc3t447e3emTh0XawBlkN3NNmwwgTU15BelODi6C5P+J+QchtGLOnokbYorcS7bgDghRCyaYFgEXOZi/z8BTwkhgvT3ZwAPNtLeKX369CE1NRVnWo1C0VXJLsvGaDBS6FZIfkU+NZk1tiBBT0/PJl2xuwt1Ylzyk8A7BDz9axuEDSWoxkJByYmOGWB7sWeZlpxz2IUdPZI2pUnhIqU0CyFuRxMURuA9KeV+IcQTwHYp5QohxETgayAIOF8I8biUcriUMk8I8Q80AQXwhJSyRYEF7u7uDqPbFYquzg1Lb+CsmLM4K/Is/vrTX3lr7ltMiZrS0cM66WSUZuBh8CDYM1hbFrNbEgMgZCCBFkluRcfHJrUZNdWw9wsYfDZ4BXb0aNoUlyL0pZSrgFX1tj1q93ob2pKXo2PfA95rxRgVim5LubmcwspCIrwjtJsq3dQbygXSS9KJ9I3EIAzaslifekG5bh4EuXtzpLob1b1JXANluTDa9cSsXYVOY9BXKHoiWWVZAET4RBDkqa0e53WnJ/NmkFGaodlbaqqhMNWhcTvQM4R82Y1q3uxeCt6hMHB2R4+kzVHCRaHoQDJLtQSZEd4R+Hv4YxCG7ulq6wJpJWmavaXgOEhLw2UxIMg3knIBFeUFJ318bU55ARz+AUYu0FLcdDOUcFEoOpDMslrhYjQYCfAI6JHCpcJcQV5FnhZA6chTTCcwIBqAgsxdJ3F07cSBb7R6NaMu7eiRtAtKuCgUHYhVuIR7hwMQ5BnUIwtiZZRmADgNoLQSFKLV9SnI3HeyhtZ+7F4KoYMhqmHtpu6AEi4KRQeSWZqJn4cf3u7egC5ceqDmklFiJ1zyjmmuub4NE6EGhmo51vJz2rZY4Ekn7xgc36zFtnSTdC/1UcJFoehAMssyifCOsL0P9gzukcKlTpGw/CTN3mJoeHsK0jW8goJjJ3F07cCezwHRrdK91EcJF4WiA8kqyyLCp1a4BJl65rJYekk6RmEkzDusbqr9egR6BgKQX+xqkpBOiJSw+zOInaHVq+mmKOGiUHQg9TWXQM9ACioL6uQX6wmkl6YT4R2BmzA6DqDU8ffwRwAFlflgrmz9iTMPwAnHFV3bjdRtmtPCqO6V7qU+SrgoFB1EdU01ueW5DZbFLNJCYWVhB47s5JNRkkGkbySUZkN1qUNPMQA3gxv+Ri/yDQJyElp/4q+uh08WtI2gcpXdn4Gbl1arphujhItC0UFkl2cjkXWES5BJC6TsaUtj6aXp9Pbt3ainmJUgUyAFBgNkt9KoX5QOWfuh5ISWguVkYK6Efcth6Plg8js55+wglHBRKDoI++h8K9Yo/Z5k1K+2VJNVlqXFuDhItV+fAO8w8o3G1guXxF+0/z7hsOkVsJyEpcj4n6CiAEZ3z9gWe5RwUSg6iBNlWnZfa4wLYMsv1pOES2ZpJhZp0WNcjgECAqOdtg/yDKbAwwuyDrbuxIlrwC8S5j6hCarE1a3rzxV2L9VcrGNPa/9zdTBKuCgUHYR96hcrgaZAoGflF7MGUGrR+UngHwXuzmvYBHoGkm90g+zDLT9pjRmOrtVyeo1cAP69YePLLe/PFUpzIeFnPd2LSzmDuzRKuCgUHURmWSZebl74e9TWLOmJy2J16rg04ilmJcgURAE1yLyjLTfEp+2AikIYOEfL63XKLZC8QdveXuxfDpZqpxmQt2Zs5cdjP7bf+U8ySrgoFB1EVlkW4d7hCLsIbQ+jB77uvj0q7b41gNKWV8yJp5iVQM9AqrBQjgVyE1t20sQ1IAzQ/zTt/birweTfvtrL7qUQMRJ6jXC4+/P4z3lp50vtd/6TjBIuCkUHkVlaN8bFSpBnUM9aFivJIMwrDI8aM5RkQnBMo+1tHnVGQ8vtLolroM9E8NKL5Hr6w4S/wMEVtU4FbUlOAqRtb9SQn5CfwKCgQW1/7g5CCReFooOoH0BppaflF7MWCbO5ITelueh2qYKW2l1Kc7S69QPn1N0++RYQRtj8WvP7bIrdSzVNaeRCh7sraypJLkomLiiu7c/dQSjholB0ABZpIbssu44bspWelgImvTS9NqcYNClcrHapgoDekN0CzeXIWkA2LNDlH6nl+vrzE8343lZYLFousf6zwK9hMk6AowVHqZE1SnNRKBStI68iD7M013FDttKTlsUs0sKJ0hN2bsg0GkAJtZpLfkBkyzSXxDXgHQKRDlLdT70DzOWw7Z3m9+uM45ug8HijpYwTCrRsA0pzUSgUrcKRG7IV67KYlPJkD+ukk1OeQ7WlWtNc8o5pRnWrHcQJNs3FJwRyjzTPY8xigSO/wIDTHWZdJnwoxJ0BW9+C6vLmTMU5u5eChy8MOddpk/i8eDwMHvTz69c25+wEKOGiUHQA1gBKR8tiwaZgqi3VlJnLTvawTjpWN2SbzSUopsn6Jn4eflo5aC8/kDWagHGVE3u0/GX17S32TL0TynJg1/9c79cZ1eVw4FsYNg88vJ02SyhIYEDgANwM3Sf+RQkXhaIDsKV+caK5QM8IpLTFuPjoy2JNLIkBGISBQFMgBe4e2obm2F0S12j/B5zuvE3MdK065OZXwVLjet+OOLwKKou0omCNEJ8f362WxEAJF4WiQ8gszcTN4GZL92JPTwqktBUJ846A/OQmAyitBJoCyQfNAyurGTnGEn+ByNHg29DWZUMITXvJOwqHvne9b0fsXgr+fSB6utMm+RX55JTndCtjPrgoXIQQZwkhDgshEoUQDzjYbxJCLNP3/yGEiNG3uwshPhRC7BVCHBRCPNjG41couiSZZZmEe4VjEA6qLZp6jnDJKMkg0BSId3mBFr3ehKeYlUBTIAXVRVp7VxNYVhRCyh+NL4lZGXqBlt9s08taca+WUHxCE2ajLnFs39FJyO9+xnxwQbgIIYzAa8DZwDBgsRBiWL1m1wH5UsqBwIvAs/r2hYBJSjkSGA/cZBU8CkVPJrMs06G9BXrYslhpem1kPri0LAZ2sUDhQ10XLkd/02w0rggXoxtMuV0r7HV8i2v925N7BD68QNOCxlzeaNP4/HgAcnKD+XxbSrdx5HBFc5kEJEopj0opq4ClwLx6beYBH+qvvwRmCy2nhQR8hBBugBdQBRS1ycgVii5MVlmWQ3sL1GZG7gkpYNJL0mtzikGzlsUKKgsgbLDuMVbV9EGJazRvtD4TXRvc2Ms1z7VNzUwJc3QdvH06lGbBlV9D6MBGmycUJBDsGcyKncW8vi6xTjqgrowrwqU3kGL3PlXf5rCNlNIMFAIhaIKmFMgAjgMvSCkdPo4JIW4UQmwXQmzPzs5u1iQUiq6ElJLM0kyHMS4AXm5emIymbr8sJqUkozSjNhuywU2zT7hAkGcQBRUFyNAhusdYEznGpNSWqPqfqiWqdAUPH5h4g2aUz45vur2U8Meb8PF8LbPzDWshdmaTh8XnxTMwcCA7jxcwIaahDa6r0t4G/UlADRAFxAL3CiH6O2oopXxLSjlBSjkhLCysnYelUHQcRVVFVNRUONVchBAEmgK7/bJYQWUB5eby2gDKwH4up6IPNAVilmZKgvS4kKaWxrIPQ1Gqa0ti9ky6Edw8YfMrjbczV8F3d8IPf4dBZ8J1P7u0xGeRFo4UHiHcM4a80iomxjQe49OVcEW4pAF97d730bc5bKMvgQUAucBlwI9SymopZRawEZjQ2kErFF2ZE6XOY1ysBHsGd/sUMDZPMRdT7dtjC6T0DdE8xpoSLjYX5NmNt6uPb5gWWb97KRRnOm5Tkg0fXQA7P4IZf4NLP3W5hHFqcSrl5nKojARgfHTP0ly2AXFCiFghhAewCFhRr80K4Gr99QLgV6lZpY4DpwMIIXyAU4BW1iZVKLo2jcW4WOkJySszSrQiYba8Yi56ioFdCpiack0ouSJcwoZAYN/G2zli6h1QUw1b32y4L2MPvD0L0nfBgvdg9iONeobVx2rMz80LJsjbnQFhPs0fXyelyU9Bt6HcDvwEHAQ+l1LuF0I8IYS4QG/2LhAihEgE7gGs7sqvAb5CiP1oQup9KeWetp6EQtGVyCxznvrFSk8QLmkl2gJIlNFbqyvvoqcY1Lpra0b9oY3HulSVQvLG5i+JWQkZoKVu2fYuVJbUbt//Dbx3JkgLXPsDjLi42V0n5CcgEMSn+jI+OrjbGPMBXFrglFKuAlbV2/ao3esKNLfj+seVONquUHRFjhYexWQ00du3vj9L88gsy0QgCPUOddqmJ2RGzijNwNvNG/+SHG1DM5bFAj0DAT0WKGwwJPyk2T3cPBo2TtoINVUNsyA3h2l3waGV8OfHMOkm+O0Z+O1Z6DMJLv0E/Jw/KDRGQkECvX37cvBgNYsndh97C7goXBQKBTyw/gECTAG8fcbbreonszSTUK9Q3A3OvZaCPIMorS6lqqYKD6ODG2Y3wOqGLAqStQ3NWBaro7mEDwWLGfKOaK/rk7gG3Lyg39SWD7bvJOh7Cmx+XdOCDn6nxa+c9yK4mVrcbXx+PIFumlPChG5kzAeV/kWhcJn00nT25+xvdZBbYzEuVnpCIGVGaUbdVPvN0Fx83H1wM7jpmssQbaOzqpSJayB2Brh7tm7A0+7UUucf+h7OfBrmvdYqwVJuLud40XFkZS883AyM6B3QuvF1MpRwUShcoLKmksLKQoqri0ktSW1VX5llzmNcrASbNK+h7mx3SS/Ro/PzjoFPGJh8XT5WCEGQKUjTXELjdI8xB7Vd8o5qGk1L7S32DDpb8wa7YjlMubXJ7M1NcaTgCBJJTl4IY/oEYnIztn6MnQglXBQKF8guqw3sPZjbwrrtOpmlzlO/WLElr+ymdpeSqhKKqop0zSWpWUtiVgI9AzXh6+6le4w5+F4Sf9H+t4VwMRg0b7ABs1rfF7U5xZIz/BnfzZbEQAkXhcIlrO7DAIfyWu5NX1ZdRnF1scvLYt1Vc7HFuFjdkJvhKWbFprmAtjTmSHNJ/EUTPMEOY7c7lPj8eDwMnlRXBnWr4EkrSrgoFC6QVa4JFy83Lw7kHWhxPzY35KY0l26eGdkW4+IVBoWpzbK3WAk0BdZqdmFDtBQw9jnGzJVwbL2mtThZwkouSuZo4dFmn7stSMhPIMCtD2BgXD8lXBSKHol1WeyUyFM4mHuwxUZ9V2JcAPxN/hiFsdsa9G2ai9kCyEaXxY7nlmGusTTYbs0vBmjCxWLWbCy2A7dAdWmjS2KPbnyUG36+gaoaFxJftiFSSuLz47FURjIowpdA7+7nEaiEi0LhAtll2XgYPJgcOZm8irw6y2TNIbPUNeFiEAYCTAHd1uaSUZKBh8GD4DJdeDpZFtuXVsipL6xl7ovr+W53OhZLrVAPNAVSWFVIjaUGwnWPMXu7S+IaMLhDzAyHfVukhUN5h8gqy+KbxG/aYlouk1uRS35lPrl5wd0q5Ys9SrgoFC6QWZZJmHcYw0K0UkYH81pm1LcKpaa8xUDLL2Z7Mu9mpJWkEekbiSG/8RiXZdtS8DAa8DAauOOzPzn3lQ38eigTKSVBnkFYpIXiqmIIiQNEXbtL4i8QPcWpF1paSRpl5jKMwsh7+96j2lLdxrN0jjXtS1lJWLe0t4ASLgqFS2SXZxPhHcHgoMEIRIs9xjLLMgk0BeLp1nTMRZBnULddFssozag15rt7Oyw7XFFdw7e70jhrRC9W3TWD/ywaQ1mVmWs/2M7CNzaTW6jFgOdX5oOHt2a3sca6FKVD1v5Gl8Ss3lrXjbyOtJI0Vh5Z2dbTbPLclspeTOxGafbtUcJFoXCB7LJswrzD8Hb3JiYgpsVG/cbquNSnjsG6m2ErEpavZ0N2YHD/+UAmRRVmLpnQF6NBMG9Mb9bccypPXjSClPwy/rNas9vsSNHjjsKG1CawdMEF2ao9XDviWoYGD+Wdve9gtpjbbI6NEZ8fjwcBhHmH0CfI66Sc82SjhItC4QJZZVmEeWl1hoYGD22V5tKUvcVKsGdwt/QWqzBXkFuRWxtA6WRJ7IvtKfQO9GJK/xDbNnejgcsnR/PbfbP4yynDAXjgm83c+ukO8n36ax5jNdWavcUvEsLrV2SvJSE/gT6+ffBx9+HGUTdyvPg4Pyb92LaTbeTcNZWRTIzpXskq7VHCRaFogpKqEsrMZTaNY1jIMDLLMsktz212X5llTQdQWgnyDKKwUjdYdyMySq2p9vUKlA7ckNMKytmQmMOC8X0wGBrefD3djVw7ZQQAc0b48tvhbJ7YKsFi5sTRPXB0rZaospEbd0JBAoOCBgFwer/TGRg4kLf3vI1FNvRMa0vMFjOJBUcoLwljfHT3tLeAEi4KRZNYY1yswmVosJYcsbnBlFU1VeRV5LmsuQSZgpBICqsKm3Wezo41xiXS6AnmcoeeYl/tSEVKWDDeedlja02XiQNMrP/7LIaPmgTADx+/ABWF1PR3ngW5wlxBclEycUFxgOadd+OoGzlaeJQ1yWtaOjWXOF58nGpLFTXd2N4CSrgoFE1ijXGxCpchIZrba3M9xlwpEmZPsGf3zC9mjXHpXaXHltRbFrNYJF/sSGHqgBD6Bns77cfLzQuT0URBZQEhviauv+hMJIJFxnXUSMEVa704dKLI4bFHC49ikRab5gJwRvQZxPjH8Naet1qdnLQxrMZ8j5reDI10rWJlV0QJF4WiCaxCwWpz8ffwp49vHw7kNs+o72oApRVrzZLu5jGWXpKOURgJK9M1snrLYn8cyyMlr5xLJjReNVIIoTk9WIWvhzciKBovWUZhyBjiC904/5UN/GdNAlXmuktdVmO+VXMBMBqM3DDqBg7nH2ZdyrrWTLFR4vPjQRoY3WsQbsbuewvuvjNTKNoIR7EpQ0Oab9S3aS6u2ly6aQqYjNIMIrwjcCtI1rIZB/ars/+L7Sn4mdw4c3ivJvsK8rTLLwZaVUogePQ5rL7nVM4ZGcmLa+K54NUN7E2tXV5MyE/AZDTRz6/uuc+OPZvevr15c8+b7aa9HMyNx1IVyqTolhUY6yoo4aJQNEF2eTa+7r54u9cu0QwLGUZqSSqFla7bQ1yNzrfSlstie7L3NGus7Ul6STqRvrqnmH+fOtUjiyuqWbUvg/PHROHl0XQK+gbu2mGDtf8DZxPs48F/Fo3l7asmkFdaxYWvb+S5Hw9RUV1DQn4CAwIHYDTUPYe7wZ3rR17P/tz9bEzf2Cbzrc/BnMPUVPbqdsXB6qOEi0LRBFllWYR5h9XZZjXqH85zkInXCZllmXi7eePr4VrdElsp31bGulTXVPOXH//CK3++0qp+2oJfj//Knuw9xAXG6Z5i0XX2r9yTQUW1pcklMStBpqC6WQzGXAbT74bIsbZNc4dFsPqeU7l4XG9eX3eEc1/+nf05h7UxOGDegHn08unFm7vbXnsprS4lpzIDWRnB2G6YrNIeJVwUiibIKssi3Ktu4OOQ4OYb9ZvjhgzaU7Sfh1+rNZeUkhSqLFVsSNvQrobqplifup57f7uXYSHDuGvcXVoAZT1PsS+2pxAX7svoPq5VZQz0dKC5zFmi1V6xI8DLnecWjOajaydRVlNEUXUeSen+lFU1DJp0N7pz7Yhr2ZW9i20ntjV7no2RWJAIQJT3AHxN3bvKvBIuCkUTZJdlN4iqD/EKIcI7ovnCxdmSWPEJWP8C1ItpCTIFtVq4JBdq+bvSStJILkpuVV8tZVPaJu5eezeDggbx37n/xVdKKM2u4ymWmFXMzuMFXDKhr8uBhUGmIIqril3OCzZzUBhPLwoFYPMhD8566Xe2HG0YrzQ/bj5hXmG8uedNl/p1lYO5mqY7IdJ5cGd3QQkXhaIRpJRklTdcFoPmG/UzSxsRLtvegV//AWk762wO8gwir7J13mL2AqW97AiNsTVjK3euvZPYgFjemvsW/h7+YEtYGWNr98WOVIwGwYVje7vct3XpsDn2pJSSIwD895JzMQhY/PYWnv/pENV2af1NRhPXDL+GrSe28mfWny733RTb0vYja0xMj3W8JNedcEm4CCHOEkIcFkIkCiEecLDfJIRYpu//QwgRY7dvlBBisxBivxBirxCi6Yx9CkUnIb8yH7PF7DAf2LDgYRwrPEZZdVmT/ZgtZnLKc5znFTv6m/Y/ue7NP8iz9ZpLUlESwZ7B9PPrx6b0Ta3qq7nsyNzB7b/eTl+/vrx9xtsEmPTlrvxj2n99WcxcY2H5zjROHxJOmJ/J5f6tHnXNyR6dkJ9AsGcwZwyJY9VdM7hkfF9eW3uEhW9s5nhu7Xe5cPBCgj2DeXN322kvB3LisVRGMCk2pOnGXZwmhYsQwgi8BpwNDAMWCyHq63TXAflSyoHAi8Cz+rFuwCfAzVLK4cBpwMnLa61QtJL6AZT2DA0ZikTaYiYaI7c8lxpZQy8fB+61lcWQtkN7XU+4tEXa/aSiJGL8Y5jWexrbTmw7aYWxdmXt4tY1t9LLpxdvn/G2rXQzoHmKgW1Z7Lf4bLKLK1nYSES+I1ri9BCfH2+Lb/H2cOPZBaN49bKxHMku4ZyXf+ebP9MALUjzqmFXsTF9I3uz9zZrXI6QUnKi4hhe9CEyoHsmq7THFc1lEpAopTwqpawClgLz6rWZB3yov/4SmC20RdMzgD1Syt0AUspcKWX3SpSk6NbUD6C0x+ox5kowZaPR+cmbQNZA6CCteqKd3SXIpC2LtcYQn1SYRLR/NNOiplFuLmdn1s6mD2ol+3P2c8uaWwj1CuWdM94h1Cu0boP8JPAMBK9AAD7fnkKorwezhriWMdqKTXOxj3VphBpLDUcKjjTwFDtvVBQ/3DWDIb38+OuyXdyzbBfFFdUsGrIIfw9/3tr7VrPG5YjMskzMlBLjP7DVfXUFXBEuvYEUu/ep+jaHbaSUZqAQCAEGAVII8ZMQYqcQ4u+tH7JCcfLILneuuYR7hxPsGeySUd8Wne/IW+zob+DmCVPvhMoiOFH7lBzkGYTZYqakuqRF4y+uKia3IpeYgBgm9pqIm8GNTWntuzR2KO8QN66+kQBTAO+e+a7jpUA7T7Hckkp+OZjF/HF9cG9mxLo1v5irS4epJalU1FTUSftipU+QN0tvPIW/zonjm11pnPvyBhJOVHPFsCtYl7KuWW7njth0fB/QM4z50P4GfTdgOnC5/v8iIYTDbHJCiBuFENuFENuzs7PbeVgKhWtYhYIjzUUI4XL6fWs/Dm+0x36DvpNhwOna++Tam791KamldherMT/aPxpvd2/Gh49nQ/qGFvXlCgn5Cdzw8w14u3vz7pnvOl4GhDqp9r/+Mw2zRTZ7SQyab9C3LmE6Ei4AbkYDf50ziGU3TaHGIlnw301U5E7F19231Z5jvydrDw1z40a3qp+ugivCJQ2wj2jqo29z2Ea3swQAuWhaznopZY6UsgxYBYxzdBIp5VtSyglSyglhYQ1/yApFR5Bdlk2wZzDuRneH+4eGDOVIwREqayob7SezNBN3g7ttGcdGSTZk7oPYmRDQW/OesrO7WNu3NL9YUlESADH+MQBM7T2VhPwE2zJdW3K08CjX/3w9HgYP3jvjPXr7OvH6qjFDYQoExSCl5IvtqYzpG0hcRPOTOJqMJrzdvF22uSTkJ2AQBvoH9m+03cSYYFbdOYMzh/fiPz+n4lUxkzXJazhScKTZY7RyMDcezAGM6+26N1xXxhXhsg2IE0LECiE8gEXAinptVgBX668XAL9KbZH4J2CkEMJbFzqnAi0r4adQdADZZdkOtRYrQ4OHYpZmEvMTG+3HGuPSIH4jab32v/9p2v/oaZrmYtHcYq0pYFy1KdQnuSgZgzDQ1097PpwWNQ2gzb3GkouSuf6n6xEI3jnzHfr6NxJhX5QKFjMEx7I3rZDDmcUsnNB8rcVKkGeQy04P8fnx9PPrh5db0wb1AG93Xr1sLM9dPIqM5ElIizuP//5yi8eZWXEMf2M/h/VpuiNNChfdhnI7mqA4CHwupdwvhHhCCHGB3uxdIEQIkQjcAzygH5sP/BtNQO0Cdkopv2/zWSgU7YSzGBcrQ0N0o34TZY8zy5yUNz76G5j8IXKM9j56GpTnQY62vt/aZbGkwiSifKLwMGr5uwYFDSLUK5SNaW0X75JWksZ1P12H2WLmnTPeITbAcWVJG3aeYp9vT8HkZuD80VEtPn9zykEn5CfUyYTcFEIILpnYl5W3n4lf9Ux25q7luV9+b/YYc0pKqTaeoH9AzzDmg4s2FynlKinlICnlACnlk/q2R6WUK/TXFVLKhVLKgVLKSVLKo3bHfiKlHC6lHCGlVAZ9RZciqyyr0USTfXz74Ofu16TdJbPUSeqXY+shZjoY9VQg0VO1/0maXcRqsG7pslhyUTIxATG290IIpkZNZXPG5japcCml5LYfHienrIhHJrzEwCAXbp75SQBU+PVjxa50zh7RC39Px8uOrhDoGeiS5lJWXUZKcUqzhIuVAWG+fLn4QYzCnfcPvswPe9ObdfyPh/chRE2PMeaDitBXKJxitpjJLc9tVHMRQjQZqS+lJKssi17e9YzbBcc1r6nYU7FYJEk5pZrNxb+3zajv7e6Np9GzRZqLlNIW42LPtKhpFFYWNrseTX3Kq2q46X+/kVj6B5V5E7j1/RP86+fDVFQ3IbTyj4HRg59SBEUVZpeTVDojyBTkkuZypOAIEsmgQMfG/KaI8gvnrnF34OZ3iHtWfcCe1AKXj91wXDPmn96/ZxjzQQkXhcIpueW5SGSjNhfQ7C7x+fFO81sVVBZQZalqqLlYo/L7n8rr6xI57YV1rD6YpWkvyZtAj20J8nTt5lmfrLIsys3lRPvXzTw8JWoKAtEqr7H0gnIWvrmJdek/IISFjy+9g/NHRfHKr4mc9dJ6NiTkOD847xgERvPlzgz6BHlxSv/WRasHmgJdskklFGgVIFuiuVi5eviVDAkajnvYCq77eB0ZheUuHXco9zBIA0NCes6yWPdOy6lQtAJHRcIcMTRkKFWWKo4VHnPo4urUDfnYb+ATTrHfAN7+fR0ADy7fw5RZk/Dd+wXkHYWQAS1OAWN1Q7ZfFgNNWA0PGc6mtE3cMvqWZve7IzmPmz7eSUW1mX7D9hHp1o8J393MBCRPRJlJL6ig8uMaUrw86BXgibuxngE7J5GK3pPZcDiHu2bHtdrAHeQZRGl1KVU1VTbbkiMS8hPwcvOij1/LnQeMBiNPz/gnC79bSLn/cq77IIQvbp6CTyMZjivNNWRVJRHs2dup12F3RGkuCoUTsspdFy6A06Uxh0XCpNTsLbEz+WjLcQrLq3l+wSiKys08d1CPZtddklsqXOq7IdsztfdU9uQ0v4DY59tTWPzWH/iajDx9mR+ZFceZn5utZXX2i8Q3tC8D+g/EO6QPCeW+bMpyI80ciPTtBX6R2l/sDH72Ph+ABS2IbamP1S7VlPYSnx/PwMCBGETrbnsDgwZy4+gbEb5/klCyhbuW7qLG4jyDwr60QoTHCfoHdP9klfYo4aJQOKGxvGL2RPtF4+Xm5TRS3xadby9csg9BSSaV/Wbwzu9HmTU4jIUT+vK3MwfxUaIHFR7BkKQLFxdtCvVJKkrCy83L4fin956ORVr4I+MPl/oy11j4x8oD/P3LPUyKDeab26bxR/YP+Bi9ODMjHmb+DS5bBpctw3jF5wy463v63f4dr0c+xbSUm1hQ9FcOn/4OXLYMy6KlPJ8Uw9QBIfQJ8m765E3gikedlFoOOGfBk83l+hHXExcUR2j0StYcTuaZH5zb3DYcTcXgXsCEqJ5jzAclXBQKp2SVZWEUxoaBj/UwGowMCR7iXHMpy8QojHXza+n2li/zBpBfVs0ds7Wn2uum92dSbAi/VQ7CfEyziQR5BrXIWyypMIl+fv20J/U/3oLM/bZ9I0NH4ufu51K8S2FZNX/5YBvvbjjGtdNi+eAvEzG6VfJz8s+c7RGOt3CD4fMbHDcw3JelN57C8wtGcTS7hHNf/p1nfzzEb/HZpOSVt9qQb8UVzSWnPIeCyoJW2VvscTe688TUJyizFDBy5Hre/v0Yn2097rCtNe3LmIihbXLuroISLgqFE7LKsgjxCmlQZ90RQ4OHcjDvIBZpabAvszSzYT/H1mMJjOHf2yqYERfKOL3krdEg+NfC0exgKG7FqdTkJRPsGUy5uZwKc0Wzxm9zQ86Ohx/ug58ftu1zM7gxOXJyk9UpE7NKuPD1jWw5mstzF4/i0fOH4WY08MOxHyg3lzM/PQHizgAfx0Z5IQQLJ/Tll3tP48KxvfnvuiNc9+E2/DzdOHO4k9QwzcQq/BvT7hLydWO+k9LGLWFE6AiuGnYVSVW/Mm5QDo98s4+NiXUdGaSUHMptPOVMd0UJF4XCCdnl2Y3GuNgzNGQo5eZyh5UeM8sy67oh15ghaQPx3uPILa3irtl1b3h9g72ZcOq5APy2+pvam2cz7C7VNdWklaRpnmJ7lmobj/yqOQnoTOs9jcyyTI4WHnXYx9pDWVz02kaKK6r57IZTuGRiraaxPGE5cd6RjCg4AaMXNTmeYB8PXlg4mqU3nsKwKH+unRaLp3vTQtsVrPnFGot1aQtPMUfcOuZW+vn1o9R/KTFhbtzyyQ4Ss2qTjB7JLqXCkIrJ4OPytdRdUMJFoXBCVllWk27IVqzp9x0tjWWVZdV1Q87YDZWFfJSp2R0mxAQ3OGbuaadTavAlZ/86Ssu1+nrNsbuklKRQI2uI8esHu5dB1FgQRtjxga2NNRVM/Wj9KrOFN347wrUfbqNfiDff3j69zhgP5x1mf+5+LjZ7IDwDYdCZLo/rlP4hrLxjBnfPbbuneGsBssY+n/j8eMK8wurWlGkDvNy8WDJ1CemlqUydsAMPNwPXfbiNvFKtZs72pDwMphMMCIhzuXRzd0EJF4XCCVlljad+sad/YH88DB4OjfrWvGI2jq0D4KfSOO6c7fhJWhiMuMdOY7LhIO+v17zWmqO5JBfqbsilhVourym3w5Bz4M9PwKwl2Yz0jSQ2IJaN6RvJKanki+0p3PrpDsb9YzXP/HCIc0ZG8uXNU+kdWDcP1/KE5XgYPDjv2A4YMR/cXK8c2R64G9zx8/BrXHNpZtqX5jCx10QuGXQJ3x5byt/neZNRWMHNH++g0lzD1mN5uHlmMjJ8cLucuzOjhItC4YAKcwVFVUUuL2W4G9wZFDSogeZSUlVCaXVpHY8ty5HfSBTRDIiNbTSA0GPADKLJoCi7GGheChirG3L00Y3g4QeDz4EJ10JZLhz8Dikl+9IK8akZzua0bUx86gfu+3IPO5LzOX90JO9ePYFXF4/Fy6Pu0lWFuYLvjn7HbP+BBFSVwejFLo+pPWnMo85sMXOk4Ei72jzuHn83YV5hfHb0BZ6eP4StSXk8uHwv21KPgMFx/ZjujgqiVCgcYC0SVkdzqSgEgxt4+Dg8ZmjIUH5M+hEppW0JpIEbcnUFluNb+K369Aa2lgboecZujSnnJWB3ehrnD3Bt/MlFyQSbgvA/uBKGXQge3pT2no7w6ceJH19m8XeBZBZV4uYbhlffahZMq+LqMbMYHuXf6PLNL8d/obiqmIurciG4P/SZ6NqA2pnG8osdLzpOlaWq3TQXAF8PXx6d8ii3/XIbmdE/8Nc5c3hpTQJG32N40/OM+aA0F4XCIbYYFy+7GJH/LYJPF9rSstRnSPAQiquKSSupLXdUvwJlddIW3CyVnAiZxNQBTaQ96TUaPHy5MiQDpIFv9hymuMJxipn6HCs8RoybH1SVsC/0bK7/cBtj//ELLxVMo3/pbs7tVcgLC0ez7vbr8DB4EBp2jBG9A5q0CyxPWE4f715MPLYdRi2CTmJHCDIFOXVFji84Od5aM/vM5Nz+5/L2nrc5e5xk3pgojKYTAAwM7DlpX6wo4aJQOMCa+sWmuVhqkOk7taj5hNUOjxkWogXJ2dtd6kfnx29ZiVkamDl3XtMGXqMb9J2MR9ofBJgCKTEX8Y+VriWbTC5KJrwwlyxDGOevlOxKKeCKU6KZs/hupNGDRyO3smB8H/oEBjA+YrxL8S7Hi46z9cRW5puiMCBh1CUujeVk0Fja/fi8eIzCSP+AxguEtQX3T7wff5M/j216jKfnD2f6sGqifKLw9fBt93N3NpRwUSgcUD+vWG5aAkKPM6n4+XFbMS974oLiMApjHbuLfV6x6hoL8thvJLoPYvpwF2900VMh6wBhngH0j5B8vj2Vn/efcNq8rMrMW7/vJ7cil8GFafxsPJWn5o9mw/2n8+j5w5g0YjBi2DzY9RlUlQGaS/LRwqNklGQ0OpSvE7/GIAxckHIA+k2B4CbqtpxEGisYllCQQLR/dKN5x9pyHA9OepD9ufv5PP5/5JuP98glMVDCRaFwSHZ5NiajCX8Pf2oskve//hGAz8VZeObsI2nDZw2OMRlNDAgcUKdwWGZZJsGewXgYPVi59TBDahIxDZrlultqzHQAgqUg2L+aYZH+PLh8Lzkldcsq55ZU8uLqeKY98yvP6MWsYs3VLL7h7yye1K9uTMmEa6GyEPYvB+xcktOdFxAzW8x8m/gtM0JGEZEd71Jsy8kkwBRARU0F5eaGWYoT8hNO6g3+zJgzmdV3Fq/uepVjhcfa1dbTmVHCRaFwgDXGRQjBf9bEU5OpaSOnXPdvjoq+WH75JxsON9QghgZrtV2sUe/WYmPmGgtb163ATViImXC26wOJGgtungRVVVBYWcBLi8ZQXGnmga/2IqUkObeUR77Zx9RnfuU/vyQwPjqYu8/WYjlig+IwOnKB7TcFwobA9vcAGBA4gHDv8EaXxjakbSC7PJv51UYwmjQngU6ENdC0vvZSWl1KWknaSb3BCyF4+JSH8TB4UCNrlOaiUChqySrLItw7nN/is3llbSKzQ/PBL4p+fXoTfP4T9BfprPz4RVbtrbuUNDRkKHkVeTZvs8xSLcbluz3pxJXupMZgQvSd7PpA3EzQZyJBpbnkVeQxKMKPv585mDUHM1n4xmZmvbCOZdtSuHBMb9bcM5N3rp6AqDqAQUr6jLjMcZ9CaNpL2g5I34UQgum9p7MlfQtmi9nhIV8lfEWoZygz4n+HwWeDV6DrczgJWKP069tdrGlfTvYNPtw7nL9P+jtuBjdGho08qefuLCjholA4ILs8Gz/3EP669E8GR/gxzusEhA8BIHDsRZh7jeUej+Xc/b8/+PSP2pQvNqO+bnfJLMskzDuMV35NZJbHQQzRU8Dds3mDiZ5GcHEWRVVFmC1mrp0Wy4y4UA5nFnPTqQPYcP8snl0wioHhfgAkp/9BlLkGj8YM7qMuBTcv2PE+AFOjplJcXczenL0NmmaVZfF76u/MCx6Je1lOp1sSA+eaS3y+5inWEUtTFw68kE2LN9Hbt/dJP3dnQAkXhaIe1rLEu5MsVJktvHbZGAw58RCmZ7UVAre5jxJuyeKRyG3839f7eOWXBKSUDA4ajEBwIO8AFeYKCioLyC/ypig7nVhLMqL/qc0fUPRUAmu00sEFlQUYDIL3r5nI9ofncP9ZQwj3txNWlhqSilOI8Qh0mkwS0DSPkRfDni+goohTIk/BIAwNUsEArDiyghpZw0W5meAdAgPnNH8O7UxjmouPuw9RPlEdMCotPUxPRQkXhaIeJdUllJvLOZFn4tkFoxjglgvmcgizs1/0nwUxM7i88nMWjQ7mX6vjeWLlATyNXsQExHAw96AtVmZbYg0XBR3Rj2uBcOkzkSCpOQBYU8C4GQ2Y3BomfpRH1pJshBhXlmImXAvVpbBnGQGmAEaGjmxgd7FIC8sTljMxbCzRCWth5ELohNUUbZpLvViXhIIE4gJ7Xl6vzoASLgpFPZbv1ry9ZsT257xRUVphL4Bwu3ocQsDpjyBKs3iq92aunRbL+xuTuPeL3QwJ0tLvnyjTDP4ZuZ5cEZ4EpgCIHNP8AXl4ExysheY3lV8sa9fHlBsMxETPbLrfqHEQORq2vw9SMi1qGvty9tU5x/YT20kpTmG+KRJqKrXltE6Iv4c/AlFn7NYCYT3VW6ujUcJFobAjKaeUF9ZsA+D6qWO0jVbhElrPKNxvMsSdiWHTf3hkTiT3nTmYr/9MY+9RX06UnuBQrnZcb/8I+hVu09yKXagN44igyPEA5JU2EotSWUxS8loAooNciAi3Gvaz9kPKVqb2nopEsiVji63J8sTl+Ln7MSd5F4QO1rzXOiFGg5EAU0AdzSWzLJPiqmIlXDoIl4SLEOIsIcRhIUSiEOIBB/tNQohl+v4/hBAx9fb3E0KUCCH+1kbjVijanIrqGm75dCfCvQiA3n56DZasQ+AX5dhD6vSHoaIAsfk1bps1kKcuGklCqpYC/ouDPwNwz9heiILkli2J6QT1mwFAwYndzhsd/I5kodlmYvxjXOt4xAItseX29xgRMgJ/D382pGkVMAsrC1mdtJpze8/A8/gWGH1pp0n34ohAU2AdzaWjPMUUGk0KFyGEEXgNOBsYBiwWQtQvBn0dkC+lHAi8CDxbb/+/gR9aP1yFov1YsmI/BzOKOHecVtfdVssl+1Bde4s9kaO0Er+bX4eSbC6b3I/nztPiWI6W7EFYvDjfJ0lrG9ty4RKgH5uf7bxWO7s/45hvMF5unnWyMDeKyVcTGvu/xlhRyJSoKWxO34yUku+Pfk+VpYqLKwEEjOw86V4cEeRZN7+Y1VOsJ+b16gy4orlMAhKllEellFXAUmBevTbzgA/1118Cs4VuQRNCXAgcA/ajUHRSvtqRytJtKdx62gD8fcrxc/fD291bS/OSE1/X3lKfWQ9pBv8N/wZg/tg4Qj2jEMJCuHc4xqT14NvLuYByAXfvYPylIK8wyXGDwlQ49jvJgVH084vGIJqx4j3+L5o9Zdf/mBY1jezybOLz4/kq4SuGhQxjyMGftCW9wLaped9e1M8vllCQQC+fXrZiYoqTiytXYG8gxe59qr7NYRsppRkoBEKEEL7A/cDjTZ1ECHGjEGK7EGJ7dna2K2NXKNqEwyeK+b9v9jI5Nph75g4iuzy7NmFl4XGoLmtcMITGwZjLYNu72k0eGBsxHIABQb3h2HqIndnqJaVgN2/yy3Jsxb7qsOdzQJJksBATENO8jnuNgL6TYft7TI2aAsBbe94iPj+ei0PHQ/6xTlO3pTHq5xeLz48nLlDZWzqK9jboLwFelFKWNNVQSvmWlHKClHJCWJhr1f8UitZSUmnmlk934Gty55XFY3EzGmyBj4Bmb4HaGBdnnHo/IOG354DaYMoIgwlKs1tlb7ES5BVGvgEtst4eKWHPMqr7TiatPIto/+jmdz7hWsg7QkTmYQYGDuTn5J/xNHpydlaKFmw57IJWj7+9sWouUkqqLdU9Oq9XZ8AV4ZIG2OvDffRtDtsIIdyAACAXmAw8J4RIAv4KPCSEuL11Q1Yo2gYpJQ8u30tSTimvLB5rC0bMLsuuLe5ltXE0taQV2E9bXvrzE8g9wtBgTRhFVGhVJIl1wTW4CYL8+5BvNGhp/+3J2AXZh0gZcgYWaXHdmG/PsHngFQTb37Mlsjwjeg5+B1bA0PPA5Nfq8bc3QaYgzBYzpdWlJBUmYbaYlTG/A3FFuGwD4oQQsUIID2ARsKJemxXA1frrBcCvUmOGlDJGShkDvAQ8JaV8tW2GrlC0jo+3JPPd7nTuPWMwU/TCXRZp0ZbFbMb8w+AX6VourRn3arnA1j7F8JDh+Lj7MLggE4JiNeHTSoJ8Ish3M0FSPeGyeykYPUiK0G6kLRIu7l4w5nI4tJI5YeNwE25cauoDFQWdMt2LI+yj9Dsy7YtCo0nhottQbgd+Ag4Cn0sp9wshnhBCWHXld9FsLInAPUADd2WFojOxIzmff6w8wOlDwrnl1NrawQWVBZgtZrtlsYNaBmFX8IuAyTfDvq8ILEjltwW/MDtlb5ssiYFuUzCATNkKNXpFyppq2PslDDqL5IpcAKIDWrAsBjD+GrCYGXN8JxsXb2TUkY3gGwGxp7XF8Nsd+/xiCfkJuAk3Yv07T82ZnoZLNhcp5Sop5SAp5QAp5ZP6tkellCv01xVSyoVSyoFSyklSyqMO+lgipXyhbYevUDSf7OJKbv10B5EBXrx4yRgMhlpDu7VIWIR3RK2nmKvCBWDanWDyh7VPYso8gKgsapULsj1BpiDMSIpqyiBjj7Yx8Rcoy4HRi0kqSiLYMxh/D/+WnSA0Tlu+2/Eh3pWlkPCznu7FrU3G397U11xiA2Nx74SpanoKKkJf0aMw11i447OdFJRV88YV4wnwrnvzqVPe2OopFt4M4eIVBNPugMOrbK7JbWFvAU1zAcg3GCFZC3Rkz1JbMsmkwqSWLYnZM+Fabd7f3gaW6i7hJWbFPr+YNaeYouNQwkXRo3j+p8NsOZrHUxeNZFhUwyd8a7LJcK9wzd4CzdNcACbfAt6hmoCJGAk+oa0dNgDBnsEAFARHQ/ImKC+AQ6tgxMXg5kFSUVLLPMXsGXwu+IRDwk8QMUJzU+4iWDWX40XHOVF6QhnzOxglXBQ9hh/2ZvDm+qNceUo0F4/v47BNVrmmuYR6hWr2Fmh+8KPJF2bqmY7aSGuB2ptnXvhgSN6slSmuqYTRiyiqKiKvIq/5MS71cfOAcVdqr7uIId+Kn7sfRmFk2wktN5wy5ncsXWMxVaFoJYlZxfzti92M7RfII+fVz15US1ZZFsGewdpaffZhLbLeK6j5Jxz/F8hJ0IzkbUSwSdNc8oNjoHKVFlMTEgdR4zieqyXAaLXmAppTQkmm5j3WhRBCEGgKZE+OZo9SmkvHojQXRbenpNLMTR/vwNPdyOuXj8PDzflln12WXZuXK/tg8+wt9rh7wnn/hrC2u8HZbC5++jJbcYamXQjBscJjAG3jHeUbDvNeA+/g1vd1kgny1GJd/Dz8amOVFB2CEi6Kbo2Ukr9/uZtjOaW8ctlYIgMarwyYVZalxbhYLJDdTE+xdsbTzRMvNy/yqIFAXUPR66skFyVjEAb6+Dle7uspBJoCAVSBsE6AWhZTdGve+f0Yq/ae4MGzhzB1QNOG9ayyLC11S2GKVqWxEwkX0Iz6BRUFMO4qKEi2JZNMKkoiyicKD6NHxw6wg7Fqd2pJrONRwkXRbdl8JJdnfjzE2SN6cePM/k22r7ZUk1eRpy2LOao+2QkINAWSV5kHc56qsz25KLn1xvxugE1zUcb8Dkcti/UAdmXtYn3q+o4eBgCZpZkczjvc7uc5UVjBHZ/tJCbEm+cXjnZpiSS3PBeJ1GJcrMKlFWny24Mgz6AGpY6llJpwaW2MSzfAKlyU5tLxKM2lB/DSzpfILstmRu8ZHboOXVVTxdWrbiC7PIu/D/2MIb2CGBjui4+pbS/DKrOFWz/dQXlVDUtvPAVfF/uvE+OS9WvLPcXakWDPYI4UHKmzLbMsk3JzuRIuwIDAAfh7+CvNpROghEsP4OK4i3low0Nsz9zOxF4TO2wcS9a/TFqZ5tX00I/fUFOqPV32DvRiYLgvceG+xEX4MjDcj4HhvgR4tSx1x5PfH2Dn8QJeu2wcA8Ndz+Zrjc63LYt1Mq0FtCj0+ppLclEy0IqcYt2Ic2LPYU70HExGU0cPpcejhEsPYE70HJ7+42mWJyzvMOGy6vBOvkv+GFPVGAw+8cydlsMZ4YtJzComIauEhMwSthzNpdJssR0T4W8iLtyPCH9PArzcCfByx9/Lzfba/s/fyx1PdyNf/5nKh5uTuWFGLOeOimzWGK0BlGGeoVqMizWYsBMR5BlERU0F5eZyvNw0z7ckvTql0ly0WBclWDoHSrj0ALzcvDin/zl8k/gND0x64KSXfU3MKuSB9Q8jjN58PO853j/0Ilsyfue50x7nrBG9bO1qLJLU/DISMks0gZNVTGJWCUezSygsr6a0qqbR83i4GaixSCbHBnP/Wc338souy8YojARXleqeYp1Qc7HGulTk4+WrC5eiJLzcvGrjcxSKToASLj2E+XHzWXZ4GauOrWLxkJOXjPBEYQWLlj2P9E/hb2P+wdCISOaUz+GHpB/YmbmTSZGTbG2NBkF0iA/RIT7MGdYwAM5cY6GowkxheTWF5dUU6f9t7yu0NPQ3zOiPm7H5viqZZZmEeoViyNZqgTRZfbIDsCZnzK/IJ8o3CtCESz+/fhiE8s9RdB6UcOkhDAsZxtDgoXwV/xWLBi86KYb9/NIqFr+/koqA75kQOp2rRs0DYHrv6XgaPVmdvLqOcGkKN6OBYB8Pgn3aJ5bDVoGyk3qKQa3mkleRZ9uWXJRsK6usUHQW1KNOD2J+3HwO5x/mQN6Bdj9XaaWZaz74gyzTx3i7m3hu1uOaQPv1Sbw/vYTpvafxy/FfsEhL052dJLLLs2vdkH0jOmX6E2tm5PxKzahfXVNNWkla2+QUUyjaECVcehDn9D8Hk9HE1wlft+t5Ks013PzJDg6WrMbgfZT7J92n2QNKc2HTK5D0O3MMAWSXZ7M7e3e7jqU52FK/dFJPMahrcwFIKU7BIi3KmK/odCjh0oPw9/DnjOgz+P7o95Sby9vlHDUWyT3LdrPh2BH8on5kcq/JzI+br+3c9jaYyyGwH6fu/hZ3gzurk1e3yziaS4W5gqKqIiK89ToundDeAuDr7oubwc0mXJKKkgDlKabofCjh0sOYHzefkuqSdrmpSyl5+Jt9fL83nRGjV2M0wGNTH9OWw6rKYOtbMOgsOPs5fPOOMcWnL78k/4KUss3H0lysAZRhGKGqpOXZkNsZIYQW61JZV7ioGBdFZ0MJlx7G+IjxRPtH81X8V23e9/M/Heazrcc5e3IGSWXbuWPsHfT10xIrsvt/UJYLU+/UBEyficzNSCS9NJ0Due1vA2oKW4xLZZm2oZMlrLQnyDPIZtBPLkom2DMYf4+GVTUVio5ECZcehhCCiwZexM6snbYaIG3B2+uP8vq6I8yfEMC+yo8YFTaKy4Zcpu201MCmV6H3eIieCkLA7EeZlZuOG4ZOsTRmi84vztE2dHLhYlsWK0xSS2KKTokSLj2QeQPnYRTGNjPsf749hSdXHeTckZEYw76ltLqUJ6Y+gdFg1Boc+h7yj2lai9UFOnYmAdEzmFhZzeqknzp8acwmXAoztBryndBTzEqwKZiCygJAWxZTnmKKzogSLj2QUK9QTu1zKt8e+ZZqS3Wzj5dScuhEEe9uOMZ1H2zjga/2MCMulHnT8vkx6UduHHUjAwIHWBvDppchKBaGnl+3o9mPMqe4kOMlqcTnx7fBzFpOdlk2nkZP/HLiO629xUqgZyB5FXkUVRWRV5GnUu0rOiUuCRchxFlCiMNCiEQhxAMO9puEEMv0/X8IIWL07XOFEDuEEHv1/6e38fgVLeTiQReTV5HH+hTXUvGn5JWxdOtx7vjsTyY+uYazXvqdf6w8wNGcUq6aEsPzlwzi2a1PMShoENeNuK72wONbIHUbTLkNrJqMlT4TOD1yKkJK1hz5rg1n13yyyrMI8w5DdLLqk44I8gyiuKrYlh1ZaS6KzkiTEfpCCCPwGjAXSAW2CSFWSCntrbDXAflSyoFCiEXAs8ClQA5wvpQyXQgxAvgJ6N3Wk1A0QdoOKM+HgXNsm6ZGTSXcO5yvEr5idvTsBofkllSy6Ugum47ksDExl+N5mqE7zM/E9IGhTB0YyrSBofQO1PJbLdm0hJyKHF4+/WXcjXbZjDe9DN4hMOZyh0MLnb2E8V9fyJr4r7lt4t9aN09LDRzfDP2mgqF5SnlWWRbhHgGap1gnFy7BJm3JblfWLgBi/WM7cDQKhWNcSf8yCUiUUh4FEEIsBeYB9sJlHrBEf/0l8KoQQkgp/7Rrsx/wEkKYpJSVrR65wjWkhB/uh4LjcPs28NSSVroZ3Lhw4IW8s/cdTpSeoJdPLwrLqvlmVxpf7khlb1ohAH4mNyb3D+Ev02KYPjCUgeG+DVLHbMnYwlcJX/GXEX9heOjw2h3Z8XB4FZz6AHh4Ox5fxHDmBAzmmapkjqZvo39UC7M2Swnf3ws73odzXoBJNzTr8OyybIabQrQ3nVy4WAMp/8z6E4Mw0MevTwePSKFoiCuPd72BFLv3qTTUPmxtpJRmoBAIqdfmYmCnM8EihLhRCLFdCLE9OzvblbErXEEIOOd5KMmCtXVL41448EIs0sKr2z7j7mW7mPTUGh5bsR+J5G9nDOLrW6fy56NzeefqCfxlWixxEX4NBEtZdRmPb3qcfn79uHX0rXXPvfkVcPNs8kY/Z8ajAKzZ+HTL57n2KSw73meXbyCWza9oWoyLSCm11C9ms7ahk5U2ro9VuOzK2kWUTxQexvbJtaZQtIaTYtAXQgxHWyq7yVkbKeVbUsoJUsoJYWFhJ2NYPYeosTDxei2IMUNLt5JTUsmqnVW4Vw3i64TlrDmQwcIJfVh5x3RW3jGD20+PY2y/oEazC1fWVHL3urtJK0ljydQleLp51u4szoTdS7XlMJ/QRocX0WcSo4z+rMk/oGlYzeWPN2H9c/xv2CyuDPPns5pcOLjC5cNLqksoN5cTXlEKPmGd2lMM7DIjV+YrY76i0+KKcEkD+tq976Nvc9hGCOEGBAC5+vs+wNfAVVLKIyg6htMfRnqHUPTlHdz2yTamPP0LT/9wiFA5E4NHAS9f68c/LxzJiN6u1XqprqnmnnX3sCl9E0umLmlYhGzrm1BTrRnyXWDukEs4aHIn5dclzZvX3i/hh7+TOmguL1dpl+V7QcFUbfyPtlTmAjY35JKcTr8kBrWaC6i0L4rOiyvCZRsQJ4SIFUJ4AIuA+o+FK4Cr9dcLgF+llFIIEQh8DzwgpdzYRmNWNJOs4gpe3pTNE1WX4Z+7m4gjX3DVlBhW3z2T7667mQBTAN8nfeNyf9WWau5bfx/rU9fz8OSHa3OHWaksgW3vwtDzIGSAS33OGXwxAL8kr9ZsNa6QuAa+vgkZPZXHQwIwGIw8MfUJsgzwTXECJLt2yVmFS1h+WqdfEgMINAUi0JYnlXBRdFaaFC66DeV2NE+vg8DnUsr9QognhBAX6M3eBUKEEInAPYDVXfl2YCDwqBBil/6nyuWdRH5PyOaMF9fz79XxxIefTU7oRB4xLeORWeHERfhhMpo4v//5/Hr81wa12R1htph58PcH+eX4L9w/8X4uHXJpw0Z/fgwVBTD1LpfH2cevD0MD41jt6wtrn2z6gNTtsOwqCBvKN5OvYMuJrdwz/h4uHHgho0JG8F5QINUb/uPSubPLNRtfeEVxp82GbI/RYLRVE1U5xRSdFZdsLlLKVVLKQVLKAVLKJ/Vtj0opV+ivK6SUC6WUA6WUk6yeZVLKf0opfaSUY+z+stpvOgorUkpeX5fI1e9tJcLPk9V3z+TTG6YQesmriKoSWPOYre1FcRdRbalm5dGVjfZZY6nhkY2P8FPST9w7/l6uGHaFg0Zm2Pw69JsCfZvn+TU39mz2eLhx4vB3NtuQQ7IPw6cLwTeMrIvf5PldrzE+YjwLBi1ACMFNY24hzWjg+xMbIetQk+e1aS41NZ02G3J9rEtjSnNRdFZUhH43pLiimps/2cFzPx7m3FFRfH3bVOIi/LSd4UNgyu3w5ydagCMwKGgQo0JHsTxhudM0LBZpYcnmJaw8upI7xt7BNSOucXzyA99A4XEt1UszmROtxeH8EhACv/7TcaPCVPh4PhjckFcs55/73qTKUsXjUx+3lfmd0XsGQwPjeCcwgJqNLzd53qyyLPwMHnhJ2SVsLqAZ9b3cvLQ6OQpFJ0QJl25GYlYx817byJqDWTx87lBeXjQGb4964Uyn/h38+8DKezRNA017SSxIZE/OngZ9Sin555Z/8k3iN9w8+mZuHHWj45NLCRv/A6GDtMzHzSQ2IJaBgQNZHREDCT/bhJ+NsjxNsFQWwRVf8VNxAmtT1nLbmNvqRKkLIbhxzK0ku7vx45EVUJTR6Hmzy7IJx03zFPOp70HfORkQOIBRoaNsAlWh6GyoK7Mb8cPeDOa9upGi8mo+uW4y18/o3yAuBQAPHzj7Wcjar3l1AWfHno2XmxfLE5bXaSql5Jmtz/BF/BdcN+K6hrEs9hz7DU7s0TSjZkbIW5kbPZedFZnk+EXAL0/UenxVlWpLYflJsPgzCoL68fQfTzMsZBhXDruyQT+n9zudgX7RvB3gi2XLfxs9Z1Z5lhbj0kW0FoCHJj/Ef+c0Pi+FoiNRwqUbYK6x8PQPB7nl050M6uXHd3dMZ8qAJp7Ah5wLcWdqgZVF6fi4+3BWzFn8cOwHSqtLAU2w/Gv7v/jfof9x5bAruWvcXY6FlZWNL2sZhUc5MPK7yJzoOUgkv444S/P2OvIrmKtg2ZWQvhMWvAcx03l227MUVRbxxNQncDM0TDRhEAZuHHsbRzzcWbP/E6gsdnrOrNIswis6f9oXe9wMbnXT7CgUnQwlXLo4uSWVXP3+Vt787SiXT+7H0htPITLAq+kDhdC0F4sZfnoI0KpUlpvL+fHYj0gpefnPl/nwwIcsGryI+ybc17hgObEPjvwCk28Cd0/n7ZogLjCOaP9oVlMGgf007eXbW7W+z/8PDD2P9anrWXl0JdeNvI7Bwc69u86IPoMY71685eOO3P6BwzYWaSGnPJvwqvIu4SmmUHQVlHDpwuxJLeD8VzawLSmf5xaM4smLRmJyMzZ9oJXgWJhxL+z/GhJ/YXTYaAYEDGB5wnLe2P0G7+x9hwWDFvDg5AcbFywAm14Bdx+YeF3j7ZpACMGcfnPYlrmdgml3QcYu2PsFzH4Mxl1FSVUJT2x+ggEBA5zbfnSMBiM3jLuDwyYPftv5hhbUWY/8inzMsoYwc02XiHFRKLoKSrh0QaSUfL4thQVvbEYIwVc3T+WSCX2bPtARU++E4AGw6m8IcyXz4+azJ2cPr+9+nXkD5vHIKY80bTQuTIV9X8K4q8ArqPG2LjA3Zi41soa1AUEwcC7MvA+m3w3ASztfIqssi8enPe5STq1zYs+htymYN03VyL0NSztb3ZAjupAbskLRFXAlK7KinTmWU8q7G46SX1pNRXUNlWaL7X+luYaK6rr/K80WpITpA0N5efFYgn1akbjQ3VNLbPnJfNj0MudPvoE397zJzD4z67j3NsqW/2qG9ymNGPubwbDgYfT27c2alF+56Iovbdu3ndjGssPLuHLYlYwOG+1SX24GN64fezuPb3mCTX+8yLTRl9ZWw6Q2gDLMza/LeIopFF0BJVw6kNJKM6+tTeSd349hNAh6B3nh6W7A5GbE5GbA38sdk5sBT3ftvf3r3kFeLBjfF6OhieUqVxg4G4ZfBOtfIGjkAn5Z+EvdJJTOkBJyEmDHh9rxgf1aPxa0pbHZ/Wbzv0P/o7iqGD8PPyrMFSzZtITevr25fcztzepv3sALeXPHi7xZkc3UxF8QcbV1bWx5xYJdS1OjUChcQwmXDkBKyXd7Mnjq+4OcKKpg/tjePHD2EML9W24IbzVnPgUJq+GH+/G87HPn7crz4dh6zYvryK9aFmOjB0xzPdWLK8yNnstHBz7it9TfOK//eby++3WOFx/n7TPextvdSW0YJ7gb3bl29C08tf05tm16jkl2wiW7LAshJSGhaklMoWhLlHA5yRzMKGLJiv38cSyP4VH+vHb5WMZHd4IU7/5RMOshzXPs0Mraevc1ZkjbXitM0naAtICHH8TO1Gw2cXMhKKZNhzMqbBThXuGsSV5DrH8sH+7/kIvjLuaUyFNa1N/8IZfw9p+v8GbJMSZl7IZIbVktsyCJ4BoL7uHD2nL4CkWPRwmXk0RhWTX/Xn2Yj7ck4+/lzpMXjWDRxH5ts6zVVky6CXb9T6tcWXwCjq7TtJTKIhAGiBoHM/4GA06HPhOgHeMsDMLA7OjZLE9YTnJRMqGeodwz4Z4W92cymrhmxHU8v/tV/vz9KcZesgyA7KJkwmtqulSMi0LRFVDCpZ2xWCSfb0/huZ8OU1BWxeWTo7n3jEEEenfC6oFGNzj3X/DembDqbxDQV7OlDDhd01JOchGtudFz+ezQZyQWJPLyrJfx9/BvVX8Lhl/Ju3vf4s3cnbxRcBwC+5FdlqUlrFRuyApFm6KESzvy5/F8Hluxnz2phUyMCWLJBZMYHuVaMa4Oo98pcN0azaU4ZEAdz6qTzbjwcUT6RDIuYhyz+s1qdX/e7t5cOeRy/nPgffb9/jQjzv8vWVWFDMOtyWqZCoWieSjh0g7klVbxzA8H+Xx7KuF+Jl66dAzzxkQ1HYjYWWhmqvz2wmgw8s28bzAZTW3W5+IxN/H+gY94M+1X/l2aTZ6lmghPJVgUirZGCZc2RErJVzvTePL7AxRXmLlpZn/umB2Hr0l9zC2luZ5hTeHj7sMVAy7i9SNfsun3J5ECwnyj2vQcCoVCCZc2IzGrhIe/2cuWo3mMjw7iqYtGMriXX0cPS+GAyyfdzUdHlvNc2s/gZiQ8aGBHD0mh6HYo4dJKKqpreH3dEd5YdwRPdwNPzx/JpRP6YuhMXmCKOvh7+LO47xzeTvkZgPDwER08IoWi+6GESyvYmJjDw9/s41hOKReOieL/zh1GmF/b2QcU7ceVU/6PT47/TLmAsMgJHT0chaLboYRLC8gpqeTJ7w/y9Z9pRId48/F1k5gRF9bRw1I0gyCvYK6MOYcvU9YQFKKWxRSKtkYJl2ZgjVl5+odDlFWZueP0gdw2ayCe7s1Ic6/oNNx+6jNcZy5XpYIVinZACZcmqDJbSM4tJT6zhA82HWNbUj6TYoJ5av4IBoYrg31XRgjR5t5oCoVCwyXhIoQ4C/gPYATekVI+U2+/CfgIGA/kApdKKZP0fQ8C1wE1wJ1Syp/abPRtSEV1DcdySknIKiExs5iErBISskpIyinFbNHquAd6u/PcxaNYML6PMtgrFApFIzQpXIQQRuA1YC6QCmwTQqyQUh6wa3YdkC+lHCiEWAQ8C1wqhBgGLAKGA1HAGiHEICllTVtPxBFSSkoqzRSWV1NYXk1RuVn/r73PLa3iSHYJiVklJOeWossQDAJiQnwYGO7LmcMjiAv3Y2C4LwPDfdUSmEKhULiAK5rLJCBRSnkUQAixFJgH2AuXecAS/fWXwKtCC0efByyVUlYCx4QQiXp/m9tm+LXUWCTXvL/VTpBUU1RhpsYqMRzgZhDEhvowNNKP80dHERfuS1yEL7GhPs0rF6xQKBSKOrgiXHoDKXbvU4HJztpIKc1CiEIgRN++pd6xvR2dRAhxI3AjQL9+zS86ZTQIqswWgrw9iAnxIcDLHX8vNwK83G1//l7u+Hvq773d8fVwU8tbCoVC0Q50GoO+lPIt4C2ACRMmOFc3GmHZTVPadEwKhUKhaBmu+GCmAX3t3vfRtzlsI4RwAwLQDPuuHKtQKBSKboYrwmUbECeEiBVCeKAZ6FfUa7MCuFp/vQD4VUop9e2LhBAmIUQsEAdsbZuhKxQKhaKz0uSymG5DuR34Cc0V+T0p5X4hxBPAdinlCuBd4GPdYJ+HJoDQ232OZvw3A7edLE8xhUKhUHQcQlMwOhcTJkyQ27dv7+hhKBQKRZdBCLFDStlpEuWpvBcKhUKhaHOUcFEoFApFm6OEi0KhUCjaHCVcFAqFQtHmdEqDvhAiG0hu4eGhQE4bDqez0lPmCT1nrj1lntBz5noy5xktpew0haU6pXBpDUKI7Z3JY6K96CnzhJ4z154yT+g5c+0p83SEWhZTKBQKRZujhItCoVAo2pzuKFze6ugBnCR6yjyh58y1p8wTes5ce8o8G9DtbC4KhUKh6Hi6o+aiUCgUig5GCReFQqFQtDmdXrgIId4TQmQJIfbZbRsthNgshNgrhPhOCOGvb/cQQryvb98thDjN7ph1QojDQohd+l/4yZ+Nc4QQfYUQa4UQB4QQ+4UQd+nbg4UQq4UQCfr/IH27EEK8LIRIFELsEUKMs+vrar19ghDiamfn7CjaeK41dt9p/VIQHUoL5jlEv64rhRB/q9fXWfr1myiEeKAj5tMYbTzXJP03vEsI0eky2LZgrpfr1+1eIcQmIcRou7469ffaKqSUnfoPmAmMA/bZbdsGnKq/vhb4h/76NuB9/XU4sAMw6O/XARM6ej6NzDMSGKe/9gPigWHAc8AD+vYHgGf11+cAPwACOAX4Q98eDBzV/wfpr4M6en7tMVd9X0lHz6cN5xkOTASeBP5m148ROAL0BzyA3cCwjp5fe8xV35cEhHb0nNpwrlOtv0HgbLvfaqf/Xlvz1+k1FynlerQaMfYMAtbrr1cDF+uvhwG/6sdlAQVAlwhgklJmSCl36q+LgYNAb2Ae8KHe7EPgQv31POAjqbEFCBRCRAJnAqullHlSyny0z+eskzeTpmnDuXZqmjtPKWWWlHIbUF2vq0lAopTyqJSyCliq99FpaMO5dnpaMNdN+m8RYAtaRV7oAt9ra+j0wsUJ+6n9EhZSW0p5N3CBEMJNaJUvx1O3zPL7uqr9iBBCnLzhNg8hRAwwFvgDiJBSZui7TgAR+uveQIrdYan6NmfbOyWtnCuApxBiuxBiixDiwvYfcctwcZ7O6I7faWNI4GchxA4hxI3tM8q2oQVzvQ5NC4cu9r02lyYrUXZSrgVeFkI8glZKuUrf/h4wFNiOlptsE2CtfHm5lDJNCOEHfAVcCXx0UkftAkIIX7Tx/VVKWWQvA6WUUgjRbXzH22iu0fr32h/4VQixV0p5pJ2G3CLUd6rRjLlO17/TcGC1EOKQvoLRqWjuXIUQs9CEy/STOtAOoktqLlLKQ1LKM6SU44HP0NYtkVKapZR3SynHSCnnAYFo66FIKdP0/8XA/9BU0k6FEMId7WL9VEq5XN+caV0C0v9n6dvTqKuV9dG3OdveqWijudp/r0fR7Gpj233wzaCZ83RGd/xOnWL3nWYBX9P1f6sIIUYB7wDzpJS5+uYu8b22lC4pXPQnGoQQBuBh4A39vbcQwkd/PRcwSykP6Mtkofp2d+A8YJ/DzjsIfZnuXeCglPLfdrtWAFaPr6uBb+22XyU0TgEKdZX8J+AMIUSQ7q1yhr6t09BWc9XnaNL7DAWmAQdOyiRcoAXzdMY2IE4IESuE8AAW6X10GtpqrkIIH311Af23fAZd/LcqhOgHLAeulFLG27Xv9N9rq+hoj4Km/tA0kww0w18qmlp5F5pGEg88Q22mgRjgMJqBbQ3akgmAD5rn2B40e81/AGNHz63ePKejrTXvAXbpf+cAIcAvQII+p2C9vQBeQ9Pa9mLnCYe2bJio//2lo+fWXnNF88LZi2Zr2wtc19Fza+U8e+nXeBGaM0oq4K/vO0e/3o8A/9fRc2uvuaJ5Tu3W//Z3k7m+A+Tbtd1u11en/l5b86fSvygUCoWizemSy2IKhUKh6Nwo4aJQKBSKNkcJF4VCoVC0OUq4KBQKhaLNUcJFoVAoFG2OEi4KhUKhaHOUcFEoWoAQYoaebn2XEMKro8ejUHQ2lHBRKBpBCGF0suty4GmppRoqt2vfVfP1KRRtigqiVHQbhBBPAHlSypf090+i5XfyAC4BTMDXUsrH9P3foOV28gT+I6V8S99eArwJzAFuk1JuqHee69FqdxSiJUd9G/gHWhT2EGAU8F+0cg9m4B4p5VohxDVoadh9gDjgBX1sVwKVwDlSyvrlJRSKLonSXBTdifeAq8CWd24RWurzOLTkh2OA8UKImXr7a6WW/HQCcKcQIkTf7oNW0Gl0fcECIKV8By0H1H1Sysv1zeOAu6SUg9CK1kkp5UhgMfChEMJTbzcCmE9toawyKeVYYLN17ApFd0Cp8Ipug5QySQiRK4QYi1ZL40+0m/gZ+msAXzRhsx5NoFykb++rb89FK9PwVTNPv1VKeUx/PR14RR/TISFEMlqBO4C1UsvMXSyEKAS+07fvRdN4FIpugRIuiu7GO8A1aIkR3wNmo9lG3rRvJIQ4DW3Za4qUskwIsQ5teQygQkpZQ/ModbFdpd1ri917C+r3qOhGqGUxRXfja7SyzhPRSg38BFyrF3ZCCNFbL9kQAOTrgmUIcEobjuF3NIM/QohBQD+0bN0KRY9BPSkpuhVSyiohxFqgQNc+fhZCDAU265UCS4ArgB+Bm4UQB9Fu/FvacBivA/8VQuxFM+hfI6Ws7MSVtRWKNkd5iym6FbohfyewUEqZ0NHjUSh6KmpZTNFtEEIMQyuQ9osSLApFx6I0F4WiEYQQXwOx9TbfL6XsVKWjFYrOhhIuCoVCoWhz1LKYQqFQKNocJVwUCoVC0eYo4aJQKBSKNkcJF4VCoVC0Of8Pe2rhevDDCtwAAAAASUVORK5CYII=", - "text/plain": [ - "
" - ] - }, - "metadata": { - "needs_background": "light" - }, - "output_type": "display_data" - } - ], + "outputs": [], "source": [ "years_cpe = df_cpe_rich.year_from.value_counts().sort_index().rename('Year distribution CPE-rich')\n", "years_cve = df_cve_rich.year_from.value_counts().sort_index().rename('Year distribution CVE-rich')\n", @@ -450,23 +135,10 @@ }, { "cell_type": "code", - "execution_count": 15, + "execution_count": null, "id": "2b12db24", "metadata": {}, - "outputs": [ - { - "data": { - "image/png": "iVBORw0KGgoAAAANSUhEUgAAAY4AAAEOCAYAAACetPCkAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjUuMSwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy/YYfK9AAAACXBIWXMAAAsTAAALEwEAmpwYAAAqu0lEQVR4nO3de3wU5dn/8c9FQFFBqYBUDQpF0HIyQsDiAaH1gIrgAQqIVdoKIqZgFVuqLfLQ2h9UHq1VVDwr1YJSSxHwsZ7QKlYMGMtBqYAoQUWqgiIiBK7fHzMbJstushMWN8Hv+/XKK7tz3zNzzezMfe0c9h5zd0RERDJVJ9cBiIhI7aLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHHsJjPbZGbfqaLOyWa2fA/Mu4WZuZnVzfa0JWBmS82sRwb13MyO2vMR7RmZbqNmNsTMXvo6Ykox73Fm9udqjjvPzC4NX+dyGa41s3si788zszVhO3JcpttbrlWZOMxstZl9GS5Y4u+2pDo9wh3nl0nD9/qGzd0buPuqKur8092P/rpiykRt+WzM7EAz+6OZvRdueyvD903C8uj2uc7MHjCzBmHZPDPbkrTtPhFn/u7ezt3n7YFFq8DMzjCzF83sczNbb2YvmFkfM/uemX2RWKakcV43s6LIZ7kp6W9ApvOvidtobRe2i6XRYe7+e3e/NDJoElAUtiOvZ2N7250Em6lMjzjOCRcs8VeUVH4J8AlwcXbDq7lqeoO7NzCzfYBngXZAL+BAoBvwMdA1UvUcd28AdAIKgV9HyoqStt1zMpz31/b5mlk/4DHgISAfaAaMJViufwGlQL+kcdoDbYG/RAY3SlrW6RnOX9tylsVYp0cCS/dkLHuEu1f6B6wGTq2k/ADgc2AgsBUojJS1AByom8F89gP+F3gX2Ai8BOwXlvUhWLkbgHnAd5Piuwb4N/AFcC/BjvdkGNczwLeS4hkGvA98AIyOTKsr8Eo4nw+A24B9IuUOXAG8DbwTGXZU+PosYFk437WJaQM9gNLIdL4bLseGcLn6RMoeACYDc8LpvAq0SrPOqlqeOsAYYCVBY/socHBY9l447qbwr1u47juH5YPD8nbh+58CM6uablj+PWB+uHxvAD0iZfOA3wIvh8v3D6BJmuW7FFgHNMh0+wRuBGZH5nVpVdte0rR+SbAtfQXUjU4fyAOuDZf7c2Ah0DyyHQwPt40N4WdoGczTws/imkrqXAs8lzTsD8Df4u5n0e0xXNYPgansuo02Bx4H1oef8W3h8CEE++Yk4FPgHeDMSuaV2E4+J9g3zouUVTotoCXwQjju0wT745/TzOdbwOww3k/D1/lJ292l0flWEvNJ7Nx+1wBDwuH7hrG+F26Xd7KzjUpep48BXwI72LmPHQaMA/4cTmtT+Ll9AaxM3p6r2N5uCWP7LBx+cji8F0E7vC2c/hvh8IMI2sYPCNqm3wF5YdlR4XreCPwXmF7lNpThzlRZ4vhRGEwe8ARwa4qGLZPEMTn8cA8Pp3VCuHLbhCv2NKAe8AtgBWGDHsb3L4JkcTjwEbAIOA6oDzwHXJ8Uz18IEl4Hgg0t8UF1Jmj06oZ13wSujMToBBvwwZENJpo4Poh8gN8COkU3qvB1vTD+a4F9gO+HG8XRYfkD7PxGXRd4GJiWZp1VtTyjwnWTH67LKcBf0n02BN94rw5f30WwwV4eKft5BtM9PIz/LIIEc1r4vmlkB14Zfq77he8npFm+acCDmW6fBI3dUuC3yY1Fhg3qaqAknM5+KaZ/DbAYOJqgwT8WaBzZDmYDjYAjws+hVwbzPCYct2UldZoDZexsNOoQNFLnxt3PIttjGTAx/Pz2o+I2mkeQ8G8Ot6v6wEmRRncbMDSsdznBl5aUSRLoT9Bg1gEGEOzLh2YyLYIvcTeFMXYn2E/SJY7GwAXA/kBDgoZ7ZqS8fFugksRBcATwOTCIYF9tDBSEZTcDswj2/4YE7d3/y2SdRqY/LroMRNqPmNvbRWFsdYGrCZJV/VTzCIf9jWA/PQA4BFgAXBaW/QW4LvyMyj/rSrehDHemTQTZN/E3NFL+DPDH8PUggh2mXpwNOgz4S+DYFGW/AR5NqruW8FtsGN/gSPlfgTsi73/Gzm/KiXiOiZT/Abg3TVxXEn6ri3zI30+qE00c7wGXAQem2FETO+XJ4YdcJ1L+F2Bc+PoB4J5I2VnAW2niq3R5CBLfDyJlhxLsqHVJnTh+CsyKjHspYdIiOBrplMF0fwlMTYrzKeCSyA7860jZCOD/0izf06RJKmm2z3eB29nZ6M8DNlNx2/1tFdP6SYphiR15OdA3zbhOZIcjOAobk8H+dWI4bv0q6j0DXBu+Po3U+9mGpL/vpplWD4JvpfWThiW20W7h9HfZbwka3RWR9/uH8/52Vcsa1i9JrMPKpkWQfMuAAyLlj5AmcaSYTwHwaeT9PDJLHL8iss9HhhtB0msVGdaNnWceKl2nkWHjyDxxpN3eUsT3KWH7mWIezQiOoPeLDBsEPB++fojgi2J+JvNy94yvcZzr7o0if3cDmFlzoCfBt2KAvxNkrLMznG5Ck3C8lSnKDiNoEABw9x0Eh2iHR+qsi7z+MsX75AuLayKv3w3ngZm1MbPZZvahmX0G/D6MLd24yS4gaOjfDS9udkuzPGvC5YjGEF2eDyOvN6eIP1nK5SH49vQ3M9tgZhsIGvztBBtSKi8AJ5vZoQTfAB8FTjSzFgSHuiUZTPdIoH+iLCw/iSC5xF2+j5PGSyexfR7p7iPc/ctI2cikbfc3AGb2ZOQi8uBI/co+3+ak3kYT4n5uECwjVL2cDxIc3RP+n+bu25LqNEla1jfN7IjoBfNI3fXuviXNvJoD77p7WZry8uV0983hy5TLamYXm1lJZFtoT8V9Kt20DiNo+L+I1H2XNMxsfzObYmbvhvvui0AjM8tLN04a6T7jpgSJbWFkWf4vHJ5Q2TqtjrTbm5mNNrM3zWxjGMtB7NpWJRxJcPT0QST2KQRHHhCcxTFgQXhX10+qCmx3b8f9UTiNJ8zsQ2AVQQK4JOZ0/gtsAVqlKHufYMEBMDMjWKFrqxNwqHnk9RHhPADuAN4CWrv7gQSnkyxpXE83UXd/zd37EnwgMwka3mTvA83NLLruj2DPLM8agnPG0cakvruvTbUc7r6CoMH7GfCiu39GsGMPI/iGtiOD6a4hOOKIlh3g7hOqsVzPAGeY2QHVGLdS7n6m77yI/HC0qJLR1pB6G90dy8PpXlBFvceBfDPrCZxPkEiq5O7vRZYz2rhXtZxH7O5FczM7ErgbKCI4xdIIWMKu+1QqHwDfSvrsj6ik/tUEp3SOD/fd7okwYoad7jP+L8GX0HaR7fqgKtZpZeu42rGY2ckEjf0PCa7fNiK4PpFY1uT5riE44oh+sTjQ3dsBuPuH7j7U3Q8jOGNyu1Vxa/nuJo5LgP8hOCxM/F0AnGVmjSP19jWz+pG/CvMNG6T7gJvM7DAzyzOzbma2L0Hje7aZ/cDM6hFsIF8RXLyqrt+E31DaAT8GEnefNCS42LTJzI4hOOeaETPbx8wGm9lB4TfBzwgujCV7laBx/oWZ1bPgnu1zCM7nV1e65bkTuCHcgTGzpmbWNyxbH8aX/BuUFwh29BfC9/OS3lc13T8D54S3l+aFn3cPM8uvxnJNJdjo/2pmx5hZHTNrbMG98GdVY3q76x7gt2bW2gIdk7bzlCK3y7ZILvPgXMFVBJ/hjy24/biOmZ1kZndF6n0BzADuJzgaKM7aUu1qAUHDPcHMDgg/wxOrMZ0DCBqx9QBm9mOCI44qufu7QDHwP+G+dRLBfpJOQ4KGfYOZHQxcX414ITh7cqqZ/dDM6obbW0HYRt0N3Gxmh4TLc7iZnVHJtNYBjc3soGrGkm57a0hwGm89UNfMxhLccRidb4tEO+vuHxDchPK/ke2rlZmdEi5H/8j++SnBZ5aq7SqXaeJ4wireH/43M/sewZHA5DBjJf5mEVz8HRQZfxPBh5r4+36KeYwmuBD0GsGtvRMJrgMsJ7gQdCtB1j+H4DbFrRnGnsoLYYzPApPc/R+RGC4kuDh2Nzsb4Ez9CFgdHioPJ7gzqYIw7nOAMwmW53bgYnd/qxrLkZBueW4huJj3DzP7nOCC9vFhHJuBG4CXw8PX70Wm1ZDgUD/V+6qmuwboS3C0tp6g4b+GanxJcfevgFMJjgKfJkjGCwgOyV/NcDK3JW27C+PGEXETwReZf4Sx3EtwEbQqzQlOs6Q8qnT3GQQXjn9CcLS4juCul78nVX2QYJ97KM18NiQt61UZxJYqnu0E2+hRBNftSsP44k5nGcGdkq8QLFMHgrvpMnUhwXb1CUEiSLfcAH8k+Cz+S7A9/l/ceCE4QiM43Xx1ON8SgovSEFy/WwH8K9zHnyE4ykk3rbcIrl+uCvexw9LVTSPd9vYUwfL9h2C72kLFU6yPhf8/NrNF4euLCW7GWUaQHGaw8/RoF+BVC05lzgJGeRW/TUvcvfCNEH7je4fgomK687ciWWVmvyY4/z0l17GIZIMSh4iIxKK+qkREJJZv1BGHiIjsPh1xiIhILDnv3KxJkybeokWLXIchIlKrLFy48L/u3rTqmtmX88TRokULiov35C3pIiJ7HzNL+0v6PU2nqkREJBYlDhERiSXjxGFmvcxsuZmtMLMxaer80MyWWdBR1iPZC1NERGqKjK5xWNDD5GSC7pxLgdfMbFbYpUCiTmuCLolPdPdPE/25iMS1bds2SktL2bIlmx2NitRO9evXJz8/n3r16uU6lHKZXhzvStBv/ioAM5tG0B/RskidoQT9Vn0K4O4fZTNQ+eYoLS2lYcOGtGjRArO4nZuK7D3cnY8//pjS0lJatmyZ63DKZXqq6nAqdqJVSsXnR0DwRLc2Zvaymf3LzHqlm5iZDTOzYjMrXr9+fbyIZa+3ZcsWGjdurKQh33hmRuPGjWvc0Xc2L47XBVoTPPVqEHC3mTVKVdHd73L3QncvbNo0J7chSw2npCESqIn7QqaJYy0VHxaUz65dRJcSPHZ0m7u/Q9Dlb+vdD1FERGqSTK9xvAa0NrOWBAljIEFf+VEzCY407jezJgSnrirt010kEy3GzMnq9FZPqPrJxg0aNGDTpk1V1quOcePG0aBBA0aPHp1RDO+//z4jR45kxowZKett2LCBRx55hBEjRqSd1gknnMD8+fOZN28ekyZNYvbs2RnHO3PmTNq0aUPbtm0BGDt2LN27d+fUU0/NeBpxrF69mt69e7NkyZJqxZuJypbpn//8J8OHD6devXrMmTOHUaNGpV33lXnggQc4/fTTOeywuI/hqPkyShzuXmZmRQQPEMkD7nP3pWY2HigOH970FHC6mS0jeP70Ne7+cfqp7j06PNihWuMtvmRxliORvdFhhx1WacO1YcMGbr/99pSJo6ysjLp16zJ/fvUfmDlz5kx69+5d3siOHz++2tOqCcrKyipdpocffphf/epXXHTRRQDVShoQJI727dvvlYkj42sc7j7X3du4eyt3vyEcNjZMGnjgKndv6+4d3H13HoUqUuOsXLmSXr160blzZ04++WTeeustNm7cyJFHHsmOHcGTNr/44guaN2/Otm3bUtavzDvvvEO3bt3o0KEDv/71r8uHr169mvbtgyeuLl26lK5du1JQUEDHjh15++23GTNmDCtXrqSgoIBrrrmGefPmcfLJJ9OnT5/yhrFBg52Pxv7ss884++yzOfrooxk+fHh57NE6M2bMYMiQIcyfP59Zs2ZxzTXXUFBQwMqVKxkyZEh5Y/rss89y3HHH0aFDB37yk5/w1VdfAUFXQtdffz2dOnWiQ4cOKZd99erVnHzyyXTq1IlOnTrFSm7bt29n9OjRtG/fno4dO3LrrbcCsHDhQk455RQ6d+7MGWecwQcffABAjx49uPLKKyksLGTixIlpl+mee+7h0Ucf5Te/+Q2DBw+usO7TzXP8+PF06dKF9u3bM2zYMNydGTNmUFxczODBgykoKODLL79MG9uf/vQn2rZtS8eOHRk4cGDG6yCXct5XlUhtMWzYMO68805at27Nq6++yogRI3juuecoKCjghRdeoGfPnsyePZszzjiDevXqpa2fzqhRo7j88su5+OKLmTx5cso6d955J6NGjWLw4MFs3bqV7du3M2HCBJYsWUJJSQkA8+bNY9GiRSxZsiTlLZwLFixg2bJlHHnkkfTq1YvHH3+cfv36pZzfCSecQJ8+fejdu/cudbZs2cKQIUN49tlnadOmDRdffDF33HEHV155JQBNmjRh0aJF3H777UyaNIl77rmnwviHHHIITz/9NPXr1+ftt99m0KBBGfdbd9ddd7F69WpKSkqoW7cun3zyCdu2beNnP/sZf//732natCnTp0/nuuuu47777gNg69at5dN/++23Uy7TpZdeyksvvVRetnr16krnCVBUVMTYsWMB+NGPfsTs2bPp168ft912G5MmTaKwsLDS2CZMmMA777zDvvvuy4YNGzJa/lxT4hDJwKZNm5g/fz79+/cvH5b4dj1gwACmT59Oz549mTZtGiNGjKi0fjovv/wyf/3rX4GgAfrlL3+5S51u3bpxww03UFpayvnnn0/r1qnvP+natWva+/67du3Kd77zHQAGDRrESy+9lDZxVGb58uW0bNmSNm3aAHDJJZcwefLk8sRx/vnnA9C5c2cef/zxXcbftm0bRUVFlJSUkJeXx3/+85+M5/3MM88wfPhw6tYNmrCDDz6YJUuWsGTJEk477TQgOEI49NBDy8cZMCD2Y9OrnCfA888/zx/+8Ac2b97MJ598Qrt27TjnnHMqjLt8+fK0sXXs2JHBgwdz7rnncu655+5WjF8XJQ6RDOzYsYNGjRqVf6uP6tOnD9deey2ffPIJCxcu5Pvf/z5ffPFF2vqVqerWywsvvJDjjz+eOXPmcNZZZzFlypTyJBB1wAEHZDyPxPvo8Gz8bmDfffcFIC8vj7KyXZ/UfPPNN9OsWTPeeOMNduzYQf369Xdrfu5Ou3bteOWVV1KWV7ZOqmvLli2MGDGC4uJimjdvzrhx41Kuu8pimzNnDi+++CJPPPEEN9xwA4sXLy5PTjWVOjkUycCBBx5Iy5Yteeyxx4CgIXjjjTeA4NpAly5dGDVqFL179yYvL6/S+umceOKJTJsWXBp8+OGHU9ZZtWoV3/nOdxg5ciR9+/bl3//+Nw0bNuTzzz/PeFkWLFjAO++8w44dO5g+fTonnXQSAM2aNePNN99kx44d/O1vfyuvn276Rx99NKtXr2bFihUATJ06lVNOOSXjODZu3Mihhx5KnTp1mDp1Ktu3b8943NNOO40pU6aUJ6RPPvmEo48+mvXr15c3ztu2bWPp0qUpx4+7ztLNM5EkmjRpwqZNmypcSI/OI11sO3bsYM2aNfTs2ZOJEyeycePGPXY3XzbV7LQmQma3z2bb5s2byc/PL39/1VVX8fDDD3P55Zfzu9/9jm3btjFw4ECOPfZYIDgN0r9/f+bNm1c+TmX1U7nlllu48MILmThxIn379k1Z59FHH2Xq1KnUq1ePb3/721x77bUcfPDBnHjiibRv354zzzyTs8+ufH116dKFoqIiVqxYQc+ePTnvvPMAmDBhAr1796Zp06YUFhaWN2ADBw5k6NCh/OlPf6rQMNavX5/777+f/v37U1ZWRpcuXRg+fHjlKzZixIgRXHDBBTz00EP06tUr1hHBpZdeyn/+8x86duxIvXr1GDp0KEVFRcyYMYORI0eyceNGysrKuPLKK2nXrt0u46dbpurMc+jQobRv355vf/vbdOnSpbz+kCFDGD58OPvttx+vvPJKytjatGnDRRddxMaNG3F3Ro4cSaNGjTJeD7mS82eOFxYWem1/kJNux82uN998k+9+97u5DkOkxki1T5jZQncvzEU8OlUlIiKxKHGIiEgsShwiIhKLEoeIiMSixCEiIrEocYiISCxKHFLzjTsou38ZiHb4l/XFGTeOSZMmZRzD+++/X2mXIInecStzwgknAEE/Vr17944RbdA77rJlO58SPXbsWJ555plY00hnwYIFdO/enaOPPprjjjuOSy+9lM2bN/PAAw/QtGlTCgoKaNu2LXfffTdAheGJv2hs6cyaNYsJEyakLY92ZihV0w8ARWq4vbVb9XXr1tG/f3+mTZtGt27dgKBX3sSvrQcMGMBtt93GRx99RLt27ejTp0+F4ZkqKyujT58+5ePL7tMRh0iG1K16drtVnzx5Mpdcckl50gDo168fzZo1q1DvkEMOoVWrVrz77rtVfEI7JX61ffzxx/OLX/yCBx54gKKiIiBIWOeddx7HHnssxx57bHlS3b59O0OHDqVdu3acfvrpfPnllxnP75tGiUMkQ8OGDePWW29l4cKFTJo0iREjRnDQQQeVd6sO7NKtenL9yiS6VV+8eHGFXl2jEt2ql5SUUFxcTH5+PhMmTKBVq1aUlJRw4403ArBo0SJuueWWlD3OLliwgFtvvZVly5axcuXKlD3XJiS6Vb/xxhspKSmhVatW5WWJbtWnT5/O4sWLKSsr44477igvT3Srfvnll6c8NbdkyRI6d+5c6TqBoH+uVatWcdRRRwEwffr0Cqeq0jXwpaWlzJ8/n5tuuqnC8JEjR3LKKafwxhtvsGjRovIuSd5++22uuOIKli5dSqNGjcp7KpZdKXGIZCDaTXpBQQGXXXZZ+YN4Et2qA0ybNo0BAwZUWj+dl19+mUGDBgFBt+qpdOvWjd///vdMnDiRd999l/322y9lvUy6Vc/LyyvvVr06UnWr/uKLL5aXR7tVjz7XIlOJBDFo0CCmTJlS3o35gAEDKCkpKf9Ltw769+9PXl7eLsOfe+45Lr/8ciDoufegg4LrXi1btqSgoGC3Yv6m0DUOkQyoW/X4qupWvV27dixcuDBth45xrmVcd911zJkTPJs+sc7jdqOeiDcRs05VpacjDpEMqFv17HerXlRUxIMPPsirr75aPuzxxx9n3bp1GU8j4YYbbig/AqnKD37wg/JTatu3b2fjxo2x5/dNpyMOqfnGff07trpV3/Pdqjdr1oxp06YxevRoPvroI+rUqUP37t3p1atXpeNNnz69wum122+/vfx240zccsstDBs2jHvvvZe8vDzuuOOOtNeUJDV1q54F6lY9u9StukhF6lZdRERqNSUOERGJRYlDRERiUeIQEZFYlDhERCSWjG/HNbNewC1AHnCPu09IKh8C3AisDQfd5u73ZClOqW0y7IV21/F0T71ITZdR4jCzPGAycBpQCrxmZrPcPbk/4+nuXpTlGOUbrrq3O6eTyW3QDRo0KP8dQ7aNGzeOBg0aMHr06IxieP/99xk5cmTaHnI3bNjAI488UmlfWCeccALz589n3rx5TJo0idmzZ2cc78yZM2nTpk15h4ljx46le/funHrqqRlPI50FCxYwevRo1q1bx/7770/nzp256qqrOP3003nvvfeoU2fnSZGCggKmTJnCk08+yd13303Tpk3Ly+bNm0ejRo0qndedd97J/vvvz8UXX5yyvDrr5psq01NVXYEV7r7K3bcC04DUv1ASkazKtFv1VBJdfexut+rRZ16MHz8+K0kj0a36xIkTWb58Oa+//jq9evWicePGHHHEEfzzn/8sr/vWW2/x+eefc/zxxwPw85//vEJ/VVUljbKyMoYPH542aUg8mSaOw4E1kfel4bBkF5jZv81shpk1TzcxMxtmZsVmVrx+/foY4YrkjrpV//q6VR80aFB59ysQdB45cODADD6lnXr06MGVV15JYWEht9xyS4UHaK1YsYJTTz2VY489lk6dOrFy5Uog6MyyX79+HHPMMQwePJhc/0C6psrmxfEngBbu3hF4GngwXUV3v8vdC929MHq4KVKTqVv1r69b9R/+8IfMnDmz/Ihp+vTp5T0HA9x8883l3ar37Nkzbfxbt26luLiYq6++usLwwYMHc8UVV/DGG28wf/788vX9+uuv88c//pFly5axatUqXn755bTT/ibLNHGsBaJHEPnsvAgOgLt/7O5fhW/vAaruaF+kllC36rvak92qN2vWjPbt2/Pss89SUlJC3bp1KzzaNXqq6vnnn087nQEDBuwy7PPPP2ft2rXlfXTVr1+f/fffHwjWTX5+PnXq1KGgoEBdq6eR6V1VrwGtzawlQcIYCFwYrWBmh7p7Ys/oA7yZtShFckzdqse3u92qJ05XJU5dVeXHP/4xr7/+Oocddhhz584Fdr9r9VRxS4ZHHO5eBhQBTxEkhEfdfamZjTezxIN8R5rZUjN7AxgJDNkTAYvkgrpV//q7VT///POZO3cu06dPz+j6xv33309JSUl50kinYcOG5OfnM3PmTAC++uorNm/enHHcEuN3HO4+F5ibNGxs5PWvgF9lLzSRQC56EVa36rnvVr1Ro0Z069aNDz/8cJejqptvvpk///nP5e9nzpxJixYtMp731KlTueyyyxg7diz16tUrT/CSGXWrngXqVj2F3fgBoLpVF6lI3aqLiEitpsQhIiKxKHFIjZTrU6giNUVN3BeUOKTGqV+/Ph9//HGN3GFEvk7uzscff0z9+vVzHUoFGd9VJfJ1yc/Pp7S0FHVHIxJ8kYre4VcTKHFEVfdOoJZHZDeOb7h69eql/dWziOSeTlWJiEgse+URR4sxc6o13uqadRpRRKRG0hGHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSixCEiIrEocYiISCxKHCIiEosSh4iIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMQSK3GYWS8zW25mK8xsTCX1LjAzN7PC3Q9RRERqkowTh5nlAZOBM4G2wCAza5uiXkNgFPBqtoIUEZGaI84RR1dghbuvcvetwDSgb4p6vwUmAluyEJ+IiNQwcRLH4cCayPvScFg5M+sENHf3OVmITUREaqCsXRw3szrATcDVGdQdZmbFZla8fv36bIUgIiJfgziJYy3QPPI+PxyW0BBoD8wzs9XA94BZqS6Qu/td7l7o7oVNmzaNH7WIiORMnMTxGtDazFqa2T7AQGBWotDdN7p7E3dv4e4tgH8Bfdy9OKsRi4hITmWcONy9DCgCngLeBB5196VmNt7M+uypAEVEpGapG6eyu88F5iYNG5umbo/qhyUiIjWVfjkuIiKxxDrikG+eFmOqd2f16vrVm1+HBztUa7zFlyyu3gxFJDYdcYiISCxKHCIiEosSh4iIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSixCEiIrEocYiISCxKHCIiEosSh4iIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSixCEiIrHEShxm1svMlpvZCjMbk6J8uJktNrMSM3vJzNpmL1QREakJMk4cZpYHTAbOBNoCg1IkhkfcvYO7FwB/AG7KVqAiIlIzxDni6AqscPdV7r4VmAb0jVZw988ibw8AfPdDFBGRmqRujLqHA2si70uB45MrmdkVwFXAPsD3dys6ERGpcbJ+cdzdJ7t7K+CXwK9T1TGzYWZWbGbF69evz3YIIiKyB8VJHGuB5pH3+eGwdKYB56YqcPe73L3Q3QubNm0aIwQREcm1OInjNaC1mbU0s32AgcCsaAUzax15ezbw9u6HKCIiNUnG1zjcvczMioCngDzgPndfambjgWJ3nwUUmdmpwDbgU+CSPRG0iIjkTpyL47j7XGBu0rCxkdejshSXiIjUUPrluIiIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSixCEiIrEocYiISCxKHCIiEosSh4iIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSixCEiIrEocYiISCxKHCIiEosSh4iIxKLEISIisWScOMysl5ktN7MVZjYmRflVZrbMzP5tZs+a2ZHZDVVERGqCjBKHmeUBk4EzgbbAIDNrm1TtdaDQ3TsCM4A/ZDNQERGpGTI94ugKrHD3Ve6+FZgG9I1WcPfn3X1z+PZfQH72whQRkZoi08RxOLAm8r40HJbOT4EnqxuUiIjUXHWzPUEzuwgoBE6ppM4wYBjAEUccke0QRERkD8r0iGMt0DzyPj8cVoGZnQpcB/Rx96/STczd73L3QncvbNq0aZx4RUQkxzJNHK8Brc2spZntAwwEZkUrmNlxwBSCpPFRdsMUEZGaIqPE4e5lQBHwFPAm8Ki7LzWz8WbWJ6x2I9AAeMzMSsxsVprJiYhILZbxNQ53nwvMTRo2NvL61CzGJSIiNZR+OS4iIrEocYiISCxKHCIiEosSh4iIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSS9Qc5iUh6LcbMqdZ4qyecneVIRKpPRxwiIhKLEoeIiMSixCEiIrEocYiISCxKHCIiEosSh4iIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSSceIws15mttzMVpjZmBTl3c1skZmVmVm/7IYpIiI1RUaJw8zygMnAmUBbYJCZtU2q9h4wBHgkmwGKiEjNkumDnLoCK9x9FYCZTQP6AssSFdx9dVi2I8sxiohIDZLpqarDgTWR96XhsGoxs2FmVmxmxevXr6/uZEREJAdycnHc3e9y90J3L2zatGkuQhARkWrKNHGsBZpH3ueHw0RE5Bsm08TxGtDazFqa2T7AQGDWngtLRERqqowSh7uXAUXAU8CbwKPuvtTMxptZHwAz62JmpUB/YIqZLd1TQYuISO5kelcV7j4XmJs0bGzk9WsEp7BERGQvpl+Oi4hILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSixCEiIrEocYiISCxKHCIiEosSh4iIxKLEISIisShxiIhILEocIiISixKHiIjEosQhIiKxKHGIiEgsShwiIhKLEoeIiMSS8TPHRaT26fBgh2qNt/iSxVmORPYmOuIQEZFYdMQhUhuMO6h647U8IrtxiKAjDhERiUmJQ0REYlHiEBGRWJQ4REQklliJw8x6mdlyM1thZmNSlO9rZtPD8lfNrEXWIhURkRoh47uqzCwPmAycBpQCr5nZLHdfFqn2U+BTdz/KzAYCE4EB2QxYRCShxZg51Rpv9YSzsxzJN0ucI46uwAp3X+XuW4FpQN+kOn2BB8PXM4AfmJntfpgiIlJTxPkdx+HAmsj7UuD4dHXcvczMNgKNgf9GK5nZMGBY+HaTmS2PE/SeUkWGa0LScuy0pHrzG7L35lSty+zS+swum1hpcSXrs0Y5MlczzskPAN39LuCuXMy7usys2N0Lcx3H3kDrMru0PrNL67NqcU5VrQWaR97nh8NS1jGzusBBwMe7E6CIiNQscRLHa0BrM2tpZvsAA4FZSXVmAZeEr/sBz7m7736YIiJSU2R8qiq8ZlEEPAXkAfe5+1IzGw8Uu/ss4F5gqpmtAD4hSC57i1p1aq2G07rMLq3P7NL6rILpgEBEROLQL8dFRCQWJQ4REYlFiUNERGJR4hCppczsYDM7ONdx7A20LuNR4pCvhZk1M7NO4V+zXMdTW5nZEWY2zczWA68CC8zso3BYixyHV6toXVaf7qqqRNjAHR6+Xevu63IZT21kZgXAnQQ/Bk38YDQf2ACMcPdFuYmsdjKzV4A/AjPcfXs4LA/oD1zp7t/LYXi1itZl9SlxpKDGLnvMrAS4zN1fTRr+PWCKux+bk8BqKTN7291bxy2TXWldVl9O+qqqBR4gfWN3P6DGLnMHJK9HAHf/l5kdkIuAarmFZnY7QS/UiU5HmxP02PB6zqKqnbQuq0lHHClU8U1khbsf9XXHVFuZ2Z+AVsBDVNw5LwbecfeiXMVWG4Xd/fyU4BEGidOopcATwL3u/lWuYqtttC6rT4kjBTV22WVmZ1Jx51wLzHL3ubmLSkSqS4kjDTV2UtuYWW93n53rOPYGWpeV0zWONNz9SeDJXMexNzOzYeGzWSQ7ugBq7LJD67IS+h1HTOHTCyU79u7HzO0hZtbVzLqEr9ua2VVmdpa7X5/r2Go7M3sIQOuycjriiE+NXUxmdgzBKb9X3X1TpOjdHIVUa5nZ9cCZQF0ze5rg8c3PA2PM7Dh3vyGnAdYiZpb8PCEDeppZIwB37/O1B1VL6BpHTGb2Y3e/P9dx1BZmNhK4AngTKABGufvfw7JF7t4ph+HVOma2mGA97gt8COS7+2dmth9BYu6Yy/hqEzNbBCwD7gGcIHH8hfA5Qu7+Qu6iq9l0qiq+/8l1ALXMUKCzu58L9AB+Y2ajwjIdvcVX5u7b3X0zsNLdPwNw9y+BHbkNrdYpBBYC1wEb3X0e8KW7v6CkUTmdqkrBzP6drghQP0vx1EmcnnL31WbWA5hhZkeixFEdW81s/zBxdE4MNLODUOKIxd13ADeb2WPh/3WoTcyIVlJqzYAzgE+Thhsw/+sPp1ZbZ2YF7l4C4O6bzKw3cB/QIaeR1U7dEz9MCxu+hHoEv3iWmNy9FOhvZmcDn+U6ntpA1zhSMLN7gfvd/aUUZY+4+4U5CKtWMrN8gtMrH6YoO9HdX85BWCKyG5Q4REQkFl0cFxGRWJQ4REQkFiUOERGJRYlDRERi+f8NCN++hqPBDAAAAABJRU5ErkJggg==", - "text/plain": [ - "
" - ] - }, - "metadata": { - "needs_background": "light" - }, - "output_type": "display_data" - } - ], + "outputs": [], "source": [ "levels_cpe = df_cpe_rich.level.value_counts().sort_index().rename('Level distribution CPE-rich')\n", "levels_cve = df_cve_rich.level.value_counts().sort_index().rename('Level distribution CVE-rich')\n", @@ -479,20 +151,10 @@ }, { "cell_type": "code", - "execution_count": 23, + "execution_count": null, "id": "27423367", "metadata": {}, - "outputs": [ - { - "name": "stdout", - "output_type": "stream", - "text": [ - "-0.7014575524888043 8.642059914383105e-43\n", - "-0.7315824610567971 3.940161217161724e-48\n", - "-0.3627281950234617 2.269867935814956e-10\n" - ] - } - ], + "outputs": [], "source": [ "spearmanr = functools.partial(stats.spearmanr, nan_policy=\"omit\", alternative=\"less\")\n", "n_cves_level_corr, n_cves_level_pvalue = spearmanr(df_cve_rich.level, df_cve_rich.n_cves)\n", @@ -507,47 +169,10 @@ }, { "cell_type": "code", - "execution_count": 29, + "execution_count": null, "id": "1f99702a", "metadata": {}, - "outputs": [ - { - "data": { - "image/png": "iVBORw0KGgoAAAANSUhEUgAAAWAAAAFgCAYAAACFYaNMAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjUuMSwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy/YYfK9AAAACXBIWXMAAAsTAAALEwEAmpwYAAAcKElEQVR4nO3dfZBddZ3n8fc3Sae7052QkIfuTAATNKkxaYVhuyI7MpYjNTFEIUytxeDuKKKzuLtYMjXuA7oWjJGqtXZm2ZXS0UFkBcsRUEfNODwWWmqNT0QXpYMK4UmSSifhKZ2H7iZN//aPe7q5CR1yE+7pH93n/aq61ef+7ul7v31y8unTv/M7vxMpJSRJk29G7gIkqaoMYEnKxACWpEwMYEnKxACWpExm5S6gDOvXr0933nln7jIkaUxM1Dgtj4Cfeuqp3CVI0jFNywCWpKnAAJakTAxgScrEAJakTAxgScrEAJakTAxgScrEAJakTAxgScpkWl6KfLyeGxziof4D7BoYpmteK6u6O5jf3pa7LEnTXOUD+LnBIe7u28NVm/sYOjRKW8sMNl3Qw7qexYawpFJVvgviof4D4+ELMHRolKs29/FQ/4HMlUma7iofwLsGhsfDd8zQoVF2DQxnqkhSVVQ+gLvmtdLWcvhmaGuZQde81kwVSaqKygfwqu4ONl3QMx7CY33Aq7o7Mlcmabqr/Em4+e1trOtZzPJFax0FIWlSVT6AoRbCa1cYuJImlwEMHBgcZmv//vEj4DXdnXS02wcsqVyVD+ADg8P8c9/ul4wDfkfPEkNYUqkqfxJua//+CccBb+3fn7kySdNd5QPYccCScql8ADsOWFIulQ/gNd2dE44DXtPdmbkySdNd5U/CdbS38o6eJYeNA3YUhKTJUPkAhloIr11h4EqaXJXvgpCkXAxgScrEAJakTAxgScrEAJakTBwFARwcfJ6+/n3jw9B6uucyp3127rIkTXOVD+CDg8/znb5dL5mM5509XYawpFJVvguir3/fhJPx9PXvy1yZpOmu8gHsZDyScql8ADsZj6RcKh/APd1zJ5yMp6d7bubKJE13lT8JN6d9Nu/s6WL5ojmOgpA0qSofwFAL4bUrFuYuQ1LFVL4LQpJyMYAlKRMDWJIyMYAlKRMDWJIyMYAlKZPSAjgiTo2I70XEgxGxNSKuKNpPjoh7IuLh4uuCoj0i4rqI2BYRv4qIs+re65Ji/Ycj4pKyapakyVTmEfAI8JGU0mrgbODyiFgNXAncm1JaCdxbPAc4D1hZPC4DPge1wAauBt4ErAWuHgttSZrKSgvglNLOlNIviuV9wK+BZcBG4KZitZuAC4vljcDNqeYnwPyIWAq8HbgnpfRMSulZ4B5gfVl1S9JkmZQ+4IhYDvwB8FOgK6W0s3ipH+gqlpcBT9Z92/ai7WjtR37GZRGxJSK27Nmzp7k/gCSVoPQAjohO4BvAX6aUBupfSyklIDXjc1JK16eUelNKvYsXL27GW0pSqUoN4IhooRa+X0kp/WPRvKvoWqD4urto3wGcWvftpxRtR2uXpCmtzFEQAXwR+HVK6dq6lzYDYyMZLgG+Xdf+3mI0xNnA3qKr4i5gXUQsKE6+rSvaJGlKK3M2tDcD7wEeiIj7i7aPAZ8CbouIDwBPABcVr90ObAC2AQeBSwFSSs9ExCeB+4r1NqWUnimxbkmaFFHrhp1eent705YtW3KXIUljYqJGr4STpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKpLQAjogbI2J3RPTVtf11ROyIiPuLx4a61z4aEdsi4rcR8fa69vVF27aIuLKseiVpspV5BPwlYP0E7f87pXRm8bgdICJWAxcDa4rv+buImBkRM4HPAucBq4F3F+tK0pQ3q6w3Tin9ICKWN7j6RuCWlNIw8FhEbAPWFq9tSyk9ChARtxTrPtjseiVpsuXoA/5QRPyq6KJYULQtA56sW2d70Xa09peIiMsiYktEbNmzZ08ZdUtSU012AH8OeC1wJrAT+F/NeuOU0vUppd6UUu/ixYub9baSVJrSuiAmklLaNbYcEV8AvlM83QGcWrfqKUUbL9MuSVPapB4BR8TSuqd/CoyNkNgMXBwRrRGxAlgJ/Ay4D1gZESsiYja1E3WbJ7NmSSpLaUfAEfFV4K3AoojYDlwNvDUizgQS8DjwQYCU0taIuI3aybUR4PKU0gvF+3wIuAuYCdyYUtpaVs2SNJkipZS7hqbr7e1NW7ZsyV2GJI2JiRq9Ek6SMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSkTA1iSMjGAJSmThgI4It4cER3F8p9HxLUR8ZpyS5Ok6a3RI+DPAQcj4gzgI8AjwM2lVSVJFdBoAI+klBKwEfhMSumzwNzyypKk6W9Wg+vti4iPAu8B/igiZgAt5ZUlSdNfo0fAfwYMA+9PKfUDpwB/U1pVklQBDQVwEbrfAFqLpqeAb5ZVlCRVQaOjIP498HXg74umZcC3SqpJkiqh0S6Iy4E3AwMAKaWHgSVlFSVJVdBoAA+nlJ4fexIRs4BUTkmSVA2NBvD3I+JjQHtE/AnwNeCfyitLkqa/RgP4SmAP8ADwQeB24ONlFSVJVdDoOOALgZtTSl8osRZJqpRGj4DPBx6KiC9HxDuLPmBJ0ivQ6DjgS4HXUev7fTfwSETcUGZhkjTdNXwkm1I6FBF3UBv90E6tW+IvSqpLkqa9Ri/EOC8ivgQ8DPwb4Aagu8S6JGnaa/QI+L3ArcAHU0rDJdYjSZXRaAD/d2DnWPhGRDvQlVJ6vKzCJGm6a3QUxG3AC3XPX6B2Qk6SdIIaDeBZ9ZciF8uzyylJkqqh0QDeExEXjD2JiI3UpqSUJJ2gRvuA/wPwlYj4TPF8O7W7Y0iSTlBDAZxSegQ4OyI6i+f761+PiEtSSjeVUJ8kTVuNdkEAteA9MnwLVzSpHkmqjOMK4JcRTXofSaqMZgWwk7NL0nHyCFiSMmnoJFxEtFKbA2J5/feklDYVi//S9MokaZpr9Aj428BGYAQ4UPcAIKX0oSO/ISJujIjdEdFX13ZyRNwTEQ8XXxcU7RER10XEtoj4VUScVfc9lxTrPxwRl5zYjylJrz6NjgM+JaW0/jjf+0vAZ4Cb69quBO5NKX0qIq4snv834DxgZfF4E/A54E0RcTJwNdBLrZ/55xGxOaX07HHWIkmvOo0eAf8oIt5wPG+cUvoB8MwRzRuBsfHCN1GbU3is/eZU8xNgfkQsBd4O3JNSeqYI3XuA4/1FIEmvSo0eAZ8DvC8iHgOGqZ10SymlNx7n53WllHYWy/1AV7G8DHiybr3tRdvR2iVpyms0gM9r9genlFJENG34WkRcBlwGcNpppzXrbSWpNI3eE+6JiR4n8Hm7iq4Fiq+7i/YdwKl1651StB2tfaIar08p9aaUehcvXnwCpUnS5GrWOOBGbQbGRjJcQm10xVj7e4vREGcDe4uuiruAdRGxoBgxsa5ok6Qpr7Tby0fEV4G3AosiYju10QyfAm6LiA8ATwAXFavfDmwAtgEHgUsBUkrPRMQngfuK9TallI48sSdJU1KkNP2uIu7t7U1btmzJXYYkjZnwauHJ7oKQJBUMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKxACWpEwMYEnKpLR7wk0lBwaH2dq/n10Dw3TNa2VNdycd7a25y5I0zVU+gA8MDvPPfbu5anMfQ4dGaWuZwaYLenhHzxJDWFKpKt8FsbV//3j4AgwdGuWqzX1s7d+fuTJJ013lA3jXwPB4+I4ZOjTKroHhTBVJqorKB3DXvFbaWg7fDG0tM+iaZ/eDpHJVPoDXdHey6YKe8RAe6wNe092ZuTJJ013lT8J1tLfyjp4lLF+01lEQkiZV5QMYaiG8doWBK2lyVb4LQpJyMYAlKRMDWJIyMYAlKRMDWJIyMYAlKROHoQEjI6Ns3bmXnXuHWHpSO2uWzmPWLH83SSpX5QN4ZGSUb/1yBx//1ouzoV1zYQ8XnrHMEJZUqsonzNade8fDF2oT8Xz8W31s3bk3c2WSprvKB/DOvUMTzobWv3coU0WSqqLyAbz0pPYJZ0PrPqktU0WSqqLyAbxm6TyuufDw2dCuubCHNUtPylyZpOmu8ifhZs2awYVnLGPlkk769w7RfVIba5ae5Ak4SaWrfABDLYTPOHUBZ5yauxJJVeJhniRlYgBLUiYGsCRlYgBLUiYGsCRlYgBLUiYGsCRlYgBLUiYGsCRlYgBLUiYGsCRlYgBLUiZOxgM8NzjEQ/0H2DUwTNe8VlZ1dzC/3fmAJZUrSwBHxOPAPuAFYCSl1BsRJwO3AsuBx4GLUkrPRkQAnwY2AAeB96WUftGsWp4bHOLuvj1ctfnFe8JtuqCHdT2LDWFJpcrZBfHHKaUzU0q9xfMrgXtTSiuBe4vnAOcBK4vHZcDnmlnEQ/0HxsMXarcjumpzHw/1H2jmx0jSS7ya+oA3AjcVyzcBF9a135xqfgLMj4ilzfrQXQPDE94TbtfAcLM+QpImlCuAE3B3RPw8Ii4r2rpSSjuL5X6gq1heBjxZ973bi7bDRMRlEbElIrbs2bOn4UK65rVOeE+4rnmtDb+HJJ2IXAF8TkrpLGrdC5dHxFvqX0wpJWoh3bCU0vUppd6UUu/ixYsb/r5V3R1suuDwe8JtuqCHVd0dx/PxknTcspyESyntKL7ujohvAmuBXRGxNKW0s+hi2F2svgOov1nQKUVbU8xvb2Ndz2KWL1rrKAhJk2rSj4AjoiMi5o4tA+uAPmAzcEmx2iXAt4vlzcB7o+ZsYG9dV0VTzG9vY+2KhZx/xu+xdsVCw1fSpMhxBNwFfLM2uoxZwD+klO6MiPuA2yLiA8ATwEXF+rdTG4K2jdowtEsnv2RJar5JD+CU0qPAGRO0Pw2cO0F7Ai6fhNIkaVK9moahSVKlGMCSlIkBLEmZGMCSlIkBLEmZOB0lMDqaePzpA+waGKJrXhvLF3YwY0bkLkvSNFf5AB4dTdy5tZ+/uu3+8ekor73oTNav6TaEJZWq8l0Qjz99YDx8oTYT2l/ddj+PP+10lJLKVfkA3jUwNOF0lLv3DWWqSFJVVD6Au+a1TTgd5ZK5zgchqVyVD+DlCzu49qIzD5uO8tqLzmT5QqejlFSuyp+EmzEjWL+mm9//8B+xe98QS+Y6CkLS5Kh8AEMthE9f3MnpiztzlyKpQgxgYP/gEA/W3ZZ+dXcHnc4JLKlklQ/g/YND3D7Bbek39Cw2hCWVqvIn4R48ym3pH/S29JJKVvkA9rb0knKpfAB7W3pJuVQ+gFcf5bb0q70tvaSSVf4kXGd7GxuOuC29oyAkTYbKBzDUQnjtCgNX0uSqfBeEJOViAEtSJnZBAIODh3igf2C8D/gN3fNob2/JXZakaa7yATw4eIh/6ut/yZVw5/d0G8KSSlX5LogH+gcmvBLugf6BzJVJmu4qH8BP75/4SrinD3glnKRyVT6AF3ZOfCXcwg6vhJNUrsoH8LMHD/Hht6087Eq4D79tJc8dPJS5MknTXeVPwi2Y08KtW37HB845nQhICW7d8jv+5l1n5C5N0jRX+QDuaJ3Jxza8nkMjiQPDI3S0zeKNp7yejtaZuUuTNM1VPoAXzAm27hh5yTC0NyzznnCSylX5PuDtz45MOAxt+7MjmSuTNN1VPoCdkF1SLpUPYCdkl5RL5QN41VEmZF/lhOySSlb5k3Dz29tYd8SE7Ku6O5jvhOySSlb5AB4cPMTdW/dw1bfrRkFs7OH8NU7GI6lcle+C6OsfGA9fKEZBfLuPPifjkVSyygfwrn1HGQWxz1EQkspV+S6IhR2zaWuZcVgI1ybjmZ2xKuU2Opp4/OkD7BoYomteG8sXdjBjhhfnqLkqfwTc2TqTq89fc9goiKvPX0PHbC9FrqrR0cQdff1suO6HvPsLP2XDdT/kjr5+RkdT7tI0zVT+CLitJVgwZxZ/+64zOPD8CB2zZzFrJrTP9minqh7Zs5+PfO3+w84LfORr97Oq6xxWds3NXJ2mk8ofAfcPHOKGHz7KWAfEKHDDDx9l14DTUVbVY08dmPC8wGNPHchUkaarygfw/uER5ra2cFL7LFpnzWR++yzmtrawf9i5IKpqzuyZE14dOcduKTVZ5bsglp/czvo3LOWDX/75+DjgT1ywhtNObs9dmjLpaJ3JFeeu5NP3Pjy+T1xx7krPC6jpKh/AA0MvcPXmrYf19129eSs3Xbo2c2XK5en9z3Pzj584bJL+m3/8BCuXdOYuTdNM5QN4975hVi3p5C/e8loGh0eY0zqLL/zgEXY7DriyWltm8uzB5/ns97aNt7W1zKC1xSNgNVflA3jFojm8+02v4b9+/Zfjf25eff4aViyak7s0ZbJgTgsfO+/3eerA84wmmBm18eIL5nhpupqr8gF88PkX+Pz3t43/uQnw+e9v855wFfa6hZ38pn8f19/xm/Ffytdc2MPrFtoFoeaqfAA/e/AQf9Z7Gtd998UTLh9+20qe9a7IlfXQnn3c8rMn+J/vOmO8W+qmHz3KqiWdvPHUBbnL0zRS+QBeMKdlPHyhdhLuuu8+zM3v9yRcVe0fPsRFvacd1i216YI17B/2l7Kaa8oEcESsBz4NzARuSCl9qhnvOzB4aMJB9wND/merqtmzZvFQ/3N86dK17Nk3xJK5bdyzdQenLz4ld2nKZP/gEA/2HxifM3x1dwedTZgzfEoEcETMBD4L/AmwHbgvIjanlB58pe89f07LhJPxnNTmCZeqapk5yqru+bzv//7ssCPglpnOBVFF+weHuL1vz0vunL6hZ/ErDuGpciXcWmBbSunRlNLzwC3Axma88aEXRrni3JWHTcZzxbkrGRkdPcZ3aroaPhRcdcTY8Ks2b8UeiGp6sP/AhHdOf7D/lV+aPiWOgIFlwJN1z7cDb6pfISIuAy4DOO200xp+472DIxMOul+xaHUTytZU5BzRqlfmndOnSgAfU0rpeuB6gN7e3ob/Vlwyt3XCQfeLO70rclWN3Sn7yG4p75RdTWXuD1OlC2IHcGrd81OKtlfs9CVzuObCw++KfM2FPby2ywsxqso7Zave6qPsD6ubsD9ESq/+EwsRMQt4CDiXWvDeB/zblNLWidbv7e1NW7Zsafj9nxsc4qG6M5zeFVnuE6rXhFEQE04wPiW6IFJKIxHxIeAuasPQbjxa+J6I+e1trF3hfy69yH1C9TpL2h+mRAADpJRuB27PXYckNctU6QOWpGnHAJakTAxgScrEAJakTAxgScrEAJakTAxgScrEAJakTKbEpcjHKyL2AE+cwLcuAp5qcjnWMHVrgFdHHdYw9Wt4KqW0/sjGaRnAJyoitqSUeq3BGl5NdVjD9K3BLghJysQAlqRMDODDXZ+7AKxhzKuhBnh11GENNdOuBvuAJSkTj4AlKRMDWJIyqUQAR8SNEbE7IvqO8npExHURsS0ifhURZ9W9dklEPFw8Limxhn9XfPYDEfGjiDij7rXHi/b7I6Lxey0dfw1vjYi9xefcHxFX1b22PiJ+W2yjK0us4b/UfX5fRLwQEScXrzVrO5waEd+LiAcjYmtEXDHBOqXuEw3WMBn7RCN1lLpfNFhDqftFRLRFxM8i4pdFDZ+YYJ3WiLi1+Fl/GhHL6177aNH+24h4e8MfnFKa9g/gLcBZQN9RXt8A3EHtvk1nAz8t2k8GHi2+LiiWF5RUwx+OvTdw3lgNxfPHgUWTsB3eCnxngvaZwCPA6cBs4JfA6jJqOGLd84HvlrAdlgJnFctzqd1vcPUR65S6TzRYw2TsE43UUep+0UgNZe8Xxb9zZ7HcAvwUOPuIdf4T8Pli+WLg1mJ5dfGztwIrim0ys5HPrcQRcErpB8AzL7PKRuDmVPMTYH5ELAXeDtyTUnompfQscA/wkqtZmlFDSulHxWcA/ITanZ+bqoHtcDRrgW0ppUdTSs8Dt1DbZmXX8G7gqyfyOceoYWdK6RfF8j7g18CyI1YrdZ9opIZJ2ica2RZH05T94gRqaPp+Ufw77y+ethSPI0cobARuKpa/DpwbEVG035JSGk4pPQZso7ZtjqkSAdyAZcCTdc+3F21Hay/bB6gdfY1JwN0R8fOIuKzkz/7XxZ9hd0TEmqJt0rdDRMyhFmzfqGtu+nYo/oz8A2pHPPUmbZ94mRrqlb5PHKOOSdkvjrUtytwvImJmRNwP7Kb2S/ao+0RKaQTYCyzkFWyHKXNTzqqIiD+m9p/tnLrmc1JKOyJiCXBPRPymOJJstl8Ar0kp7Y+IDcC3gJUlfE4jzgf+JaVUf7Tc1O0QEZ3U/iP/ZUpp4BXWW1oNk7FPHKOOSdkvGvz3KG2/SCm9AJwZEfOBb0ZET0ppwnMVzeIRcM0O4NS656cUbUdrL0VEvBG4AdiYUnp6rD2ltKP4uhv4Jg3+eXO8UkoDY3+GpdpdqFsiYhGTvB0KF3PEn5nN3A4R0ULtP/tXUkr/OMEqpe8TDdQwKfvEseqYjP2ikW1RKHW/KN7nOeB7vLRrafznjYhZwEnA07yS7fBKOq6n0gNYztFPPr2Dw0+4/KxoPxl4jNrJlgXF8skl1XAatb6jPzyivQOYW7f8I2B9STV08+LFOWuB3xXbZBa1k00rePFky5oyaiheP4laP3FHGduh+JluBv7Py6xT6j7RYA2l7xMN1lHqftFIDWXvF8BiYH6x3A78EHjnEetczuEn4W4rltdw+Em4R2nwJFwluiAi4qvUzuQuiojtwNXUOtlJKX0euJ3aWe9twEHg0uK1ZyLik8B9xVttSof/6dPMGq6i1p/0d7V+fUZSbdalLmp/DkFth/+HlNKdJdXwLuA/RsQIMAhcnGp72EhEfAi4i9qZ7xtTSltLqgHgT4G7U0oH6r61adsBeDPwHuCBos8P4GPUAm+y9olGaih9n2iwjrL3i0ZqgHL3i6XATRExk1rPwG0ppe9ExCZgS0ppM/BF4MsRsY3aL4KLi/q2RsRtwIPACHB5qnVnHJOXIktSJvYBS1ImBrAkZWIAS1ImBrAkZWIAS1ImBrAqJyL2H3ut/O+p6c8AlqRMDGBVWjHP7H1Rm3f3E0XbpyLi8rp1/joi/vPR1pdOlAGsyoqIddQmlVkLnAn8q4h4C3ArcFHdqhcBt77M+tIJqcSlyNJRrCse/6943gmsTCl9MSKWRMTvUZsj4NmU0pNRu1PDS9YHypiZThVgAKvKAvgfKaW/n+C1r1GbA6Gb2hHxsdaXjptdEKqyu4D3F/PQEhHLijlloRa6F1ML4a81sL503DwCVmWllO6OiNcDPy5m09oP/Dmwu5jhai6wI6W081jrZ/kBNOU5G5okZWIXhCRlYgBLUiYGsCRlYgBLUiYGsCRlYgBLUiYGsCRl8v8BFKfod9rthGQAAAAASUVORK5CYII=", - "text/plain": [ - "
" - ] - }, - "metadata": { - "needs_background": "light" - }, - "output_type": "display_data" - }, - { - "data": { - "image/png": "iVBORw0KGgoAAAANSUhEUgAAAWEAAAFgCAYAAABqo8hyAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjUuMSwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy/YYfK9AAAACXBIWXMAAAsTAAALEwEAmpwYAAAhzUlEQVR4nO3df3TddZ3n8ec7bdLb5kcLbZq0MCX0DCjkUqpmOCjCcUSxILadH6cHd5x11GNdB5e6nZkddca6dnXX3Z3THT3D7AyCK7iOUkWhslBhHVRURKOUklCtgEFomx8UaNLQm7S97/3jfnNN2qT5trn3+7m539fjnJzeX97vO9dPXnzv5/v5Ye6OiIiEURO6ABGRNFMIi4gEpBAWEQlIISwiEpBCWEQkoLmhC4hjzZo1vnPnztBliIicKZvqiVlxJvzCCy+ELkFEpCxmRQiLiFQrhbCISEAKYRGRgBTCIiIBKYRFRAJSCIuIBKQQFhEJSCEsIhKQQlhEJKCyTls2sy8A1wP97p6NHjsbuBNoA3qADe7+UimP+/KRHHt7h+kbHKGlaR4XttazaH6mlIeQKvHKkVG6eoeKbSXb2siC+XWhy5IUKffaEV8E/gG4Y9xjHwG+4+6fMbOPRPf/ulQHfPlIjge6Btiyo4vc0TyZ2hq2rs1yTbZZQSwTvHJklHu7+k5qK9dnWxTEkpiydke4+/eBF094eB1we3T7dmB9KY+5t3e4+EcFkDuaZ8uOLvb2DpfyMFIFunqHJm0rXb1DgSuTNAnRJ9zi7gei271Ay2QvMrONZtZpZp0DAwOx37xvcKT4RzUmdzRP3+DImdYrVUptRSpB0AtzXthldNKdRt39FnfvcPeO5ubm2O/Z0jSPTO3EXytTW0NL07wZ1SrVR21FKkGIEO4zs2UA0b/9pXzzC1vr2bo2W/zjGuvnu7C1vpSHkSqQbW2ctK1kWxsDVyZpEmJR9x3Au4HPRP/eU8o339s7zN7el/jiey5jYChHc2OG/9e9j7YlC7jsfF2Yk99aML+O67MttC1ZoNEREky5h6h9BXgTsMTMngc+QSF8t5vZ+4BngQ2lPGbf4Ai3/vA5bv3hcxMev3TFklIeRqrEKPmT7i8IVIukU1lD2N3fOcVTV5frmOcsypCprZlwwSVTW8PyRToLlok0nFEqQVXOmNt09QUT+vk2XX3B1Bs8SWppOKNUglmx0efp2PdyjjseeZb3vXElZuAOdzzyLOeetYDXnhe6OqkkGqImlaDqQrilaR4vvTLKzQ89VXxMw45kMmND1E7sulJbkSRVXXeEhqhJXGorUgmsMF+isnV0dHhnZ2fs12sBH4lLbUUSMuVlqarrjgBYND+jMcESi9qKhFZ13REiIrOJQlhEJCCFsIhIQAphEZGAFMIiIgEphEVEAlIIi4gEpBAWEQlIISwiEpBCWEQkoKqctiwSVz7v9Bwcpm8wR0tThrbF9dTUaPVpSY5CWFIrn3d2dveyefuu4s4a2zasZk17q4JYEqPuCEmtnoPDxQCGwoLum7fvouegdtaQ5CiEJbX6BnOT7qzRP5QLVJGkkUJYUqulKVNc0H1MpraGpY1a2lKSoxCW1GpbXM+2Dasn7KyxbcNq2hZrZw1Jji7MSWrV1Bhr2lt59U1X0j+UY2mjRkdI8nQmLKl27FieF4dHeeHwKC8Nj3LsWH76/5FICelMWFJrdPQ4d+/ez5Z7uopD1Lauy7J+1XLq6uaELk9SQmfCklq79x8qBjAURkZsuaeL3fsPBa5M0kQhLKnVO8UQtb5BDVGT5AQJYTPbZGZdZtZtZh8OUYPIsimGqLU0aYiaJCfxEDazLPB+4DLgUuB6M/vdpOsQuWT5Qrauy04YorZ1XZZVyxcGrkzSJMSFuYuAR939FQAz+x7wh8B/D1CLpFhd3RzWr1rOyiX1xQV8Vi1fqItykqgQIdwFfNrMFgNHgOuAzhNfZGYbgY0AK1asSLRASY+6ujl0tJ0dugxJscS7I9x9D/DfgAeAncAu4Pgkr7vF3TvcvaO5uTnZIkVEEhLkwpy73+bur3P3q4CXgL0h6hARCS3IZA0zW+ru/Wa2gkJ/8OUh6hARCS3UjLm7oj7ho8CN7v5yoDok5XK5Yzxx4BC9gyO0Ns3jkmULyWQ0kVSSE6S1ufuVIY4rMl4ud4wdTxxgy45x05bXZll7yTIFsSRGM+YktZ44cKgYwBBNW97RxRMHNG1ZkqMQltTqHRyZYtrySKCKJI0UwpJarU3zppi2PC9QRZJGCmFJrUuWLWTr2hOmLa/NcskyTVuW5Ojqg6RWJjOXtZcs4/wlC+gbHKFFoyMkALU2SbW6ujksbpjHsbyzuGGe1o2QxCmEJbXyeWdndy+bt+8qDlHbtmE1a9pbtc+cJEZ9wpJaPQeHiwEMhZERm7fvoufgcODKJE2qMoTzeeeZgcM88vQLPDNwmHzeQ5ckFahvip01+oe0s4Ykp+q6I/QVU+Ja2ljYWWN8EGdqa2hu0M4akpyqOxPWV0yJa04NbLr6gglD1DZdfQFzqu6vQipZ1Z0Jn+or5srmhkBVSSU6cCjHHY88y/veuBIzcIc7HnmW16xYRNsStRVJRtWFcEvT5F8xlzbqK6ZM1NKU4aVXRrn5oaeKj6mtSNKq7otX2+J6tm1YPeEr5rYNq2lbXB+4Mqk0aitSCcy98kcOdHR0eGfnSdvQTSmfd3oODtM/lGNpY4a2xfW6KCeTUluRhEzZqKquOwKgpsZY2dygPmCZltqKhFZ13REiIrOJQlhEJCCFsIhIQAphEZGAFMIiIgEphEVEAlIIi4gEpBAWEQlIISwiEpBCWEQkoGAhbGb/wcy6zazLzL5iZlq6SkRSJ0gIm9k5wE1Ah7tngTnADSFqEREJKWR3xFxgvpnNBRYA+wPWIiISRJAQdvd9wN8BvwEOAIfc/YHxrzGzjWbWaWadAwMDIcoUESm7UN0RZwHrgPOB5UC9mb1r/Gvc/RZ373D3jubm5hBlioiUXajuiLcAv3b3AXc/CnwDeEOgWkREggkVwr8BLjezBWZmwNXAnkC1iIgEE2RnDXd/1My+DvwcOAY8BtxSqvd/+UiOvb3D9A2O0NI0jwtb61k0XyPg5GRqKxJasO2N3P0TwCdK/b4vH8nxQNcAW3Z0kTuaJ1Nbw9a1Wa7JNuuPSyZQW5FKUHUz5vb2Dhf/qAByR/Ns2dHF3t7hwJVJpVFbkUpQdSHcNzhS/KMakzuap29wJFBFUqnUVqQSVF0ItzTNI1M78dfK1NbQ0jQvUEVSqdRWpBJUXQhf2FrP1rXZ4h/XWD/fha31gSuTSqO2IpXA3D10DdPq6Ojwzs7O2K/XFW+JS21FEmJTPRFsdEQ5LZqf4bLz9Yck01NbkdCqrjtCRGQ2UQiLiASkEBYRCagq+4QPH8nx5LiLLRe31tOgiy0yiaEjOfaMaysXtdbTqLYiCaq6ED58JMd9k0xFvS7brCCWCYaO5Lh/krZybbZZQSyJqbruiCenmIr6pKaiygn2TNFW9qitSIKqLoQ1FVXiUluRSlB1IaypqBKX2opUgqoL4YunmIp6saaiygkumqKtXKS2IgmqymnLGh0hcWl0hCQkXdOWGzQVVWJqVFuRwKquO0JEZDZRCIuIBFSV3REiceXzTs/BYfoGc7Q0ZWhbXE9NzZTddyIlpxCW1MrnnZ3dvWzevqs4Y27bhtWsaW9VEEti1B0hqdVzcLgYwFCYqLF5+y56DmrGnCRHISyp1TeYm3TGXP9QLlBFkkbqjpDUamnKcN7i+Vy/6hws6n341uP7WNqoIWuSHIWwpFZLQy03vumCk1ZRa2moDV2apEjs7ggzW1DOQkSS1t17eNJV1Lp7DweuTNJk2hA2szeY2ZPAL6L7l5rZP87koGb2KjPbNe5n0Mw+PJP3FDldWkVNKkGc7oj/CbwN2AHg7o+b2VUzOai7/xJYDWBmc4B9wDdn8p4ip2tsFbXxQaxV1CRpsboj3P25Ex46XsIargaedvdnS/ieItPKtjZOuopatrUxcGWSJnHOhJ8zszcAbma1wCZgTwlruAH4yokPmtlGYCPAihUrSng4kYIF8+u4PttC25IFxVXUsq2NLJhfF7o0SZFpl7I0syXAZ4G3UFiO7QFgk7sfnPHBzeqA/UC7u/dN9brTXcpSRKTCnNlSllF/7Wfd/U9KXlLBtcDPTxXAIiLV7JR9wu5+HDgvOmMth3cySVeEiEhaxOkTfgb4oZntAIqT6t1920wObGb1wFuBD8zkfUREZrM4Ifx09FMDlOyysbsPA4tL9X4iIrPRtCHs7p8EMLOG6L6mE4mIlEicGXNZM3sM6Aa6zexnZtZe/tJERKpfnMkatwCb3f08dz8P+Avg8+UtS0QkHeKEcL27PzR2x92/C9SXrSIRkRSJNTrCzD4OfCm6/y4KIyZERGSG4pwJvxdoBr4B3AUsiR4TEZEZijM64iXgpgRqERFJnTijIx40s0Xj7p9lZt8ua1UiIikRpztiibu/PHYnOjNeWraKRERSJM6FubyZrXD33wCY2XnAqZdeCyyfd3oODtM3mKOlKUPb4npqaqZcxEhS7NixPN0HDnHgUI5lC+fTvqyJuXO1CbkkJ04I/w3wAzP7HoXl2K4kWue3EuXzzs7uXjZv31XcvHHbhtWsaW9VEMsEx47lufvxffzt3b/d6PNT67Osv/QcBbEkZtqW5u47gdcCdwJfBV7n7hXbJ9xzcLgYwFDYM2zz9l30HBye5n8padN94FAxgKHQVv727i66DxwKXJmkSZwLc1cAR9z9XmAR8LGoS6Ii9Q3mJt28sX8oF6giqVQHDk3eVnoPqa1IcuJ85/pfwCtmdimwmcKKaneUtaoZaGnKFPcMG5OprWFpYyZQRVKpli2cP2lbaV2otiLJiRPCx7ywB9I64GZ3v5kSLmlZam2L69m2YfWEzRu3bVhN22LNtJaJ2pc18an1Ezf6/NT6LO3LFgauTNIkzh5z3wN2Au8BrgL6gcfd/ZLyl1dwunvMjY2O6B/KsbRRoyNkamOjI3oP5WhdmKF92UJdlJNymDKA4oRwK/BvgJ+6+8NmtgJ4k7sn1iWhjT5FZJY7s40+Ady9F9g27v5vGNcnbGaPuPvrZ1qhiEgaleJ7l65iiIicoVKEcEXPnhMRqWRxZsyJVK3R0ePs3n+I3sEcy5oyXLJ8IXV1c0KXJSlSihDWsAOZlUZHj3P37v1suee305a3rsuyftVyBbEkJlZ3hJmdZ2ZviW7PN7Px44T/tCyViZTZ7v2HigEMhdlyW+7pYvd+TVuW5MSZtvx+4OvAP0cPnQvcPfa8u3eVpTKRMuudYop736CmLUty4pwJ3whcAQwCuPuv0HrCUgWWTTHFvaVJA34kOXFCeMTdR8fumNlcNCJCqsAlyxeydd3Eactb12VZtVzTliU5cS7Mfc/MPgbMN7O3An8OfKu8ZYmUX13dHNavWs7KJfXFDQBWaXSEJCxOCH8EeB/wBPAB4D7g1pkeONq37lYgS+HM+r3u/shM31fkdNTVzaGj7ezQZUiKxQnh9cAd7v75Eh/7s8BOd/9jM6sDFpT4/UVEKl6cPuF3AHvN7Etmdn3UJzwjZraQwopstwG4++j4zURFRNIizvZG7wF+F/ga8E7gaTObaXfE+cAA8L/N7DEzu9XMJiz4a2YbzazTzDoHBgZO683zeeeZgcM88vQLPDNwmHxe1xFFpDJNu5Rl8YVmtcAaonWF3X3JGR/UrAP4MXCFuz9qZp8FBt3945O9/nSWstRGnyJSgaYMnziTNa41sy8CvwL+iMLFtNYZFvQ88Ly7Pxrd/zqFzURnTBt9ishsEqdP+N9SmCH3Knf/M3e/z92PzeSg0RrFz5nZq6KHrgaenMl7jtFGnyIym8S5yPY3wAF3H4HC2hFAi7v3zPDY/x74cjQy4hkK3RwzNrbR5/gg1kafIlKp4pwJbweOj7t/nMJFuhlx913u3uHuq9x9vbu/NNP3BG30KSKzS5wz4bnjpy27+2h09lqRamqMNe2tvPqmK7XRp4hUvDghPGBma919B4CZrQNeKG9ZM1NTY6xsbmBlc0PoUkRETilOCP87Cn23/xDdfx6tISwiUhJxdlt+GrjczBqi+4fHP29m73b328tUn4hIVYu90ae7Hz4xgCObSliPiEiqlGK3ZV3xEhE5Q9ryXkQkIJ0Ji4gEFGftiPOneeyHJa1IRCRF4pwJ3zXJY18fu+HuHypdOSIi6TLlEDUzezXQDiw0sz8c91QToIUYRERK4FTjhF8FXA8sorC7xpgh4P1lrElEJDWmDGF3vwe4x8xerw04RUTKI06f8B+YWZOZ1ZrZd8xswMzeVfbKRERSIE4IX+PugxS6Jnoo7Df3V+UsSkQkLeKEcG3079uBr7n7oTLWIyKSKnFWUdthZr8AjgAfNLNmQHsFSVV4+UiOvb3D9A2O0NI0jwtb61k0X4N/JDmnDGEzqwG+BfwP4JC7HzezV4B1SRQnUk4vH8nxQNcAW3Z0FXfm3ro2yzXZZgWxJOaU3RHungdudvcX3f149NhwtFGnyKy2t3e4GMBQ2BB2y44u9vZqZ25JTpw+4e+Y2R+ZmdaIkKrSNzgy6c7cfYMjgSqSNIoTwh+gsLHnqJkNmtmQmQ2WuS6RsmtpmlfcEHZMpraGlqZ5gSqSNJo2hN290d1r3L3W3Zui+01JFCdSThe21rN1bXbCztxb12a5sFU7c0ty4oyOwMzWAldFd7/r7veWrySRZCyan+GabDNtSy7T6AgJZtoQNrPPAL8HfDl6aJOZXeHuHy1rZSIJWDQ/w2XnK3QlnDhnwtcBq6OREpjZ7cBjgEJYRGSG4u6ssWjc7YVlqENEJJXinAn/F+DnZvZdClsZXQV8ZKYHNrMeCstiHgeOuXvHTN9T5HQNHcmxZ9yMuYta62lUn7AkKE4IXw98AXiJwgI+f13CyRq/7+4vlOi9RE7L0JEc908yY+7abLOCWBITpzvitujftcBngZvNbFP5ShJJxp4pZszt0Yw5SVCcccIPAZ8GPg58HugAPliCYzvwgJn9zMw2nvikmW00s04z6xwYGCjB4UQm0ow5qQRxhqh9B6gHHgEeBn7P3ftLcOw3uvs+M1sKPGhmv3D374896e63ALcAdHR0+Om8cT7v9Bwcpm8wR0tThrbF9dTUaNa1TDQ2Y258EGvGnCQtTnfEbmAUyAKrgKyZzZ/pgd19X/RvP/BN4LKZvicUAnhndy/Xfe5h3vn5R7nucw+zs7uXfP60clxS4KIpZsxdpBlzkiBzjxdOZtYI/Bnwl0Cru5/x6YKZ1QM17j4U3X4Q2OruOyd7fUdHh3d2dsZ672cGDnPd5x4+6ezmvpuuZGVzw5mWLFVKoyMkIVN+FY/THfEh4ErgdRRGR3yBQrfETLQA34wWZpsL/MtUAXy6+gZzk/bz9Q/lFMJykkbNmJPA4gxRywDbgJ+5+7FSHNTdnwEuLcV7nailKTNpP9/SRv2hiUjliTM64u/c/dFSBXC5tS2uZ9uG1RP6+bZtWE3bYvXziUjlibWK2mxSU2OsaW/l1TddSf9QjqWNGh0hIpWr6kIYCkG8srlBfcAiUhLlHPZalSEsIlIqY8NeN2/fVZzevm3Data0t5YkiOOuoiYikko9B4eLAQyF0Vabt++i52BpprcrhEVETuFUw15LQSEsInIKY8NexyvlsFeFsIjIKZR72KsuzImInEK5h70qhEVEplHOYa/qjhARCUghLCISkEJYRCQghbCISEAKYRGRgBTCIiIBaYiapNro6HF27z9E72COZU0ZLlm+kLq6OaHLkhRRCEtqjY4e5+7d+9lyT1dxdayt67KsX7VcQSyJUXeEpNbu/YeKAQyFRVm23NPF7v2HAlcmaaIQltTqnWJ1rL7B0qyOJRKHQlhSa9kUq2O1NGlTWEmOQlhS65LlC9m6Ljthdayt67KsWr4wcGWSJrowJ6lVVzeH9auWs3JJfXHvsFUaHSEJUwhLqtXVzaGj7ezQZUiKqTtCRCQghbCISEDBQtjM5pjZY2Z2b6gaRERCC3kmvAnYE/D4IiLBBQlhMzsXeDtwa4jji4hUilBnwn8P/EcgP83rRESqWuIhbGbXA/3u/rNpXrfRzDrNrHNgYCCh6kREkhXiTPgKYK2Z9QBfBd5sZv/nxBe5+y3u3uHuHc3NzUnXKCKSiMRD2N0/6u7nunsbcAPwr+7+rqTrEBGpBBonLCISUNBpy+7+XeC7IWsQEQlJZ8IiIgEphEVEAlIIi4gEpBAWEQlIISwiEpBCWEQkIIWwiEhACmERkYAUwiIiAVXlRp/5vNNzcLi4g27b4npqaix0WSIiJ6m6EM7nnZ3dvWzevovc0TyZ2hq2bVjNmvZWBbGIVJyq647oOThcDGCA3NE8m7fvoufgcODKREROVnUh3DeYKwbwmNzRPP1DuUAViYhMrepCuKUpQ6Z24q+Vqa1haWMmUEUiIlOruhBuW1zPtg2ri0E81ifctrg+cGUiIierugtzNTXGmvZWXn3TlfQP5VjaqNERIlK5qi6EoRDEK5sbWNncELoUEZFTqrruCBGR2UQhLCISkEJYRCQghbCISEAKYRGRgBTCIiIBKYRFRAJSCIuIBKQQFhEJSCEsIhJQkBA2s4yZ/cTMHjezbjP7ZIg6RERCC7V2xAjwZnc/bGa1wA/M7H53/3GgekREgggSwu7uwOHobm304yFqEREJKVifsJnNMbNdQD/woLs/esLzG82s08w6BwYGgtQoIlJuwULY3Y+7+2rgXOAyM8ue8Pwt7t7h7h3Nzc1BahQRKbfgoyPc/WXgIWBN4FJERBIXanREs5ktim7PB94K/CJELSIiIYUaHbEMuN3M5lD4D8F2d783UC0iIsGEGh2xG3hNiGOLiFSS4H3CIiJpphAWEQlIISwiEpBCWEQkIIWwiEhACmERkYAUwiIiASmERUQCUgiLiASkEBYRCUghLCISkEJYRCQghbCISEAKYRGRgBTCIiIBKYRFRAJSCIuIBKQQFhEJSCEsIhKQQlhEJCCFsIhIQAphEZGAFMIiIgHNDV2ASEhDR3Ls6R2mb3CElqZ5XNRaT+P8TOiypMIMHxmhu/dwsZ20tzZQP39eSd5bISypNXQkx/1dA2zZ0UXuaJ5MbQ1b12a5NtusIJai4SMj/N+u/pPayduzS0sSxOqOkNTa0ztc/MMCyB3Ns2VHF3t6hwNXJpWku/fwpO2ku/dwSd4/SAib2e+Y2UNm9qSZdZvZphB1SLr1DY4U/7DG5I7m6RscCVSRVKJyt5NQZ8LHgL9w94uBy4EbzeziQLVISrU0zSNTO/FPIFNbQ0tTafr6pDqUu50ECWF3P+DuP49uDwF7gHNC1CLpdVFrPVvXZot/YGN9fRe11geuTCpJe2vDpO2kvbWhJO9v7l6SNzrjAszagO8DWXcfHPf4RmAjwIoVK1737LPPhilQqppGR0gcJRgdYVM+ETKEzawB+B7waXf/xlSv6+jo8M7OzuQKExEprSlDONjoCDOrBe4CvnyqABYRqWahRkcYcBuwx923hahBRKQShDoTvgL4U+DNZrYr+rkuUC0iIsEEmTHn7j/gFH0kIiJpoRlzIiIBKYRFRAJSCIuIBKQQFhEJSCEsIhJQ8GnLcZjZAHAm85aXAC+UuJwzVSm1VEodoFomUyl1gGqZzJnW8YK7r5nsiVkRwmfKzDrdvSN0HVA5tVRKHaBaKrkOUC1J1aHuCBGRgBTCIiIBVXsI3xK6gHEqpZZKqQNUy2QqpQ5QLZMpeR1V3ScsIlLpqv1MWESkoimERUQCmpUhbGZfMLN+M+ua4nkzs8+Z2VNmttvMXjvuuXeb2a+in3cnUMufRDU8YWY/MrNLxz3XEz2+y8xmtHVIjDreZGaHxi0dumXcc2vM7JfR5/WRmdQRs5a/GldHl5kdN7Ozo+dK+ZlMu6t3Um0lZi1JtZU4tZS9vcSsI6m2kjGzn5jZ41Etn5zkNfPM7M7o937UCluzjT330ejxX5rZ207r4O4+636Aq4DXAl1TPH8dcD+F5TIvBx6NHj8beCb696zo9lllruUNY8cArh2rJbrfAyxJ6DN5E3DvJI/PAZ4GVgJ1wOPAxeWs5YTXvgP41zJ9JsuA10a3G4G9J/5uSbWVmLUk1Vbi1FL29hKnjgTbigEN0e1a4FHg8hNe8+fAP0W3bwDujG5fHH0O84Dzo89nTtxjz8ozYXf/PvDiKV6yDrjDC34MLDKzZcDbgAfd/UV3fwl4EJh0FkupanH3H0XHAvgxcO5MjnemdZzCZcBT7v6Mu48CX6Xw+SVVyzuBr8zkeKeoI86u3om0lTi1JNhWZrLbecnayxnUUc624u5+OLpbG/2cOGphHXB7dPvrwNVmZtHjX3X3EXf/NfAUhc8pllkZwjGcAzw37v7z0WNTPZ6U91E46xrjwANm9jMr7C5dbq+Pvm7db2bt0WPBPhMzW0Ah2O4a93BZPpPoq+NrKJzhjJd4WzlFLeMl0lamqSWx9jLdZ5JEWzGzOWa2C+in8B/gKduKux8DDgGLmeFnEmRnjTQys9+n8If1xnEPv9Hd95nZUuBBM/tFdBZZDj8HznP3w1bYSupu4IIyHSuudwA/dPfxZ80l/0yssKv3XcCH3X1wJu81U3FqSaqtTFNLYu0l5v8/ZW8r7n4cWG1mi4BvmlnW3Se9rlFK1XomvA/4nXH3z40em+rxsjKzVcCtwDp3Pzj2uLvvi/7tB77JaXyFOV3uPjj2dcvd7wNqzWwJgT6TyA2c8PWy1J+JTb+rd2JtJUYtibWV6WpJqr3E+UwiZW8r4973ZeAhTu5+Kv7uZjYXWAgcZKafSSk6tUP8AG1MfRHq7Uy82PKT6PGzgV9TuNByVnT77DLXsoJCH9EbTni8Hmgcd/tHwJoy1tHKbyfnXAb8Jvp85lK46HQ+v73Q0l7OzyR6fiGFfuP6cn0m0e93B/D3p3hNIm0lZi2JtJWYtZS9vcSpI8G20gwsim7PBx4Grj/hNTcy8cLc9uh2OxMvzD3DaVyYm5XdEWb2FQpXb5eY2fPAJyh0pOPu/wTcR+Gq91PAK8B7oudeNLP/DPw0equtPvHrTTlq2UKh3+gfC334HPPCKkwtFL7yQKFh/4u77yxjHX8MfNDMjgFHgBu80IKOmdmHgG9TuPL9BXfvPtM6YtYC8AfAA+4+PO5/WtLPhN/u6v1E1NcH8DEKYZd0W4lTSyJtJWYtSbSXOHVAMm1lGXC7mc2h0EOw3d3vNbOtQKe77wBuA75kZk9R+I/CDVGd3Wa2HXgSOAbc6IWujVg0bVlEJKBq7RMWEZkVFMIiIgEphEVEAlIIi4gEpBAWEQlIISxVy8wOT/+q8O8p6aYQFhEJSCEsqRCtS/tTK6zX+8nosc+Y2Y3jXvOfzOwvp3q9SDkohKXqmdk1FBafuQxYDbzOzK4C7gQ2jHvpBuDOU7xepORm5bRlkdN0TfTzWHS/AbjA3W8zs6VmtpzC2gEvuftzVtjh4aTXA+Va4U5STCEsaWDAf3X3f57kua9RWCehlcKZ8XSvFykpdUdIGnwbeG+0bi1mdk60Bi0UgvcGCkH8tRivFykpnQlL1XP3B8zsIuCRaNWtw8C7gP5oBaxGYJ+7H5ju9UF+AalqWkVNRCQgdUeIiASkEBYRCUghLCISkEJYRCQghbCISEAKYRGRgBTCIiIB/X99WkBNAPcMbgAAAABJRU5ErkJggg==", - "text/plain": [ - "
" - ] - }, - "metadata": { - "needs_background": "light" - }, - "output_type": "display_data" - }, - { - "data": { - "image/png": "iVBORw0KGgoAAAANSUhEUgAAAWAAAAFgCAYAAACFYaNMAAAAOXRFWHRTb2Z0d2FyZQBNYXRwbG90bGliIHZlcnNpb24zLjUuMSwgaHR0cHM6Ly9tYXRwbG90bGliLm9yZy/YYfK9AAAACXBIWXMAAAsTAAALEwEAmpwYAAAllUlEQVR4nO3de3hc1Xnv8e8r6zKybr7JkrAxxolDQDImRPGhJNAEmsQQsJ0+lJLmQhJaN6e00EPO6ZO2xNSG09OmKS055bRxQ1pIG25J4ziUEHgSLm2TkIjEgMQdBxODbjZGN3tkyfOeP2Z09cgeWzN7jWd+n+fR45mt8d6vx0s/7Vl7rbXN3RERkeiVhC5ARKRYKYBFRAJRAIuIBKIAFhEJRAEsIhJIaegCMrF27Vp/4IEHQpchInK8LN3GE+IMeM+ePaFLEBHJuhMigEVECpECWEQkkJwFsJl91cx6zKx90rYFZvaQmb2Y+nN+ro4vIpLvcnkG/M/A2mnbPgd8391XAt9PPRcRKUo5C2B3fwx4Y9rm9cDtqce3AxtydXwRkXwXdR9wg7t3ph53AQ0zvdDMNppZm5m19fb2RlOdiEiEgl2E8+QybDMuxebuW9291d1b6+vrI6xMRCQaUQdwt5k1AaT+7In4+CIieSPqAN4OXJl6fCXw7YiPLyKSN3I2FdnM7gTeCywys93ADcBfAPeY2VXALuDyXB1f5GhGRxN0dPbR2Renqa6S5qZaSks1NF6ik7MAdvePzPCtC3N1TJFMjY4m2Pbka1y/rZ34SIJYWQk3bWhhw+olCmGJjFqaFKWOzr7x8AWIjyS4fls7HZ19gSuTYqIAlqLU2RcfD98x8ZEEXX3xQBVJMVIAS1FqqqskVja1+cfKSmisiwWqSIqRAliKUnNTLTdtaBkP4bE+4OamusCVSTE5IRZkF8m20tISNqxewsrF1XT1xWmsi9HcVKcLcBIpBbAUrdLSElafPJ/VJ4euRIqVft2LiASiABYRCUQBLCISiAJYRCQQBbCISCAKYBGRQBTAIiKBKIBFRAJRAIuIBKIAFhEJRAEsIhKIAlhEJBAFsIhIIApgEZFAFMAiIoEogEVEAlEAi4gEogAWEQlEASwiEogCWEQkEAWwiEggQQLYzK41s3Yz6zCzPwxRg4hIaJEHsJm1AL8DrAFWA5eY2VujrkNEJLQQZ8CnA4+7+353HwUeBX49QB0iIkGFCOB24DwzW2hmc4GLgZOnv8jMNppZm5m19fb2Rl6kiEiulUZ9QHd/1sz+EngQGAJ2AIfSvG4rsBWgtbXVj+UYgwfiPNM1RHf/MA21FZzRWEV1ZWz2xYuIZFHkAQzg7rcBtwGY2Z8Du7O178EDce5v72XT9nbiIwliZSVsWdfCxS31CmERySuhRkEsTv25jGT/79ezte9nuobGwxcgPpJg0/Z2nukaytYhRESyIsgZMPBNM1sIjABXu/ub2dpxd//wePiOiY8k6O4fztYhRESyIlQXxHm52ndDbQWxspIpIRwrK6GhtiJXhxQROS4FNxPujMYqtqxrIVaW/KeN9QGf0VgVuDIRkalCdUHkTHVljItb6lm+aI1GQYhIXiu4AIZkCK85VYErIvmt4LogREROFApgEZFAFMAiIoEogEVEAlEAi4gEogAWEQlEASwiEogCWEQkEAWwiEggCmARkUAUwCIigSiARUQCUQCLiASiABYRCUQBLCISiAJYRCQQBbCISCAKYBGRQBTAIiKBKIBFRAJRAIuIBKIAFhEJRAEsIhKIAlhEJJAgAWxm/8PMOsys3czuNLNYiDpEREKKPIDNbAlwDdDq7i3AHOCKqOsQEQktVBdEKVBpZqXAXOD1QHWIiAQTeQC7+2vAF4FXgU6gz90fjLoOEZHQQnRBzAfWA6cCJwFVZvaxNK/baGZtZtbW29sbdZkiIjkXogvi14BfuHuvu48A/wacO/1F7r7V3VvdvbW+vj7yIkVEci1EAL8KnGNmc83MgAuBZwPUISISVIg+4MeBbwA/A55O1bA16jpEREIrDXFQd78BuCFX+x8dTdDR2UdnX5ymukqam2opLdWcE5kqHh/l6c4+uvqHaaytYFVTHbFYkB8JKVIF19pGRxNse/I1rt/WTnwkQayshJs2tLBh9RKFsIyLx0fZ/nQnm7ZPtJMt61pYt6pJISyRKbhE6ujsGw9fgPhIguu3tdPR2Re4MsknT3f2jYcvJNvJpu3tPK12IhEquADu7IuP/1CNiY8k6OqLB6pI8lFX/3DadtLdPxyoIilGBRfATXWVxMqm/rNiZSU01mm5CZnQWFuRtp001FYEqkiKUcEFcHNTLTdtaBn/4RrrA25uqgtcmeSTVU11bFk3tZ1sWdfCKrUTiVDBXW0oLS1hw+olrFxcTVdfnMa6GM1NdboAJ1PEYqVc2tLI8kVz6e4fpqG2glWNtboAJ5EqyNZWWlrC6pPns/rk0JVIvkoknIdf2sN19+wYHwVx8+Vnsba5kZISC12eFAmdFkpRemXv0Hj4QvIC3HX37OCVvUOBK5NiogCWotTdn360TM+ARstIdBTAUpQaamNpR0EsrtFoGYlOQfYBa4qpHM3yhVV8+WNnMxA/xNDwKFWxUmoq5rB8YVXo0qSIFFwqaYqpZOLgwUP0xUd5qWeQhMMcg7csrubgwUNqJxKZgmtpM00xPXXRXN516sLA1Um+eK5ngK6+OFsf2zn+i/q697+N53oGOGvZ/NDlSZEouD7g7oH0U0x7BjTFVCbsPzjKzQ+9MOUX9c0PvcD+g6OBK5NiUnABvLgm/RTT+hpNMZUJA8OjaX9RD8YPBapIilHBBfDQwVFuuKR5yhTTGy5pZkhnNjJJZdmctL+oY+UF9yMheazg+oCrykv55s9e5AuXrebAwVEqy0u544c7+aO1p4cuTfJIbayUay9cyS3ff3G8D/jaC1dSU1FwPxKSxwqutS2YO4fLW0/hj77x5JRREAvmzgldmuQRA6rK57Dx/BUkHEos+VyzkCVKBRfAfQcO0TSvnH/65LvoHRimvqaC0cQh+g+ob08mvDE0wt8/upNfP3spZnAoAX//6E7+/MMtoUuTIlJwAVw2p4TXe4e5YXvH+Bnw5nXNnN5YHro0ySO1lWWUl06c7ppBealREysLWJUUm4IL4AMjh8bDF5JXtm/Y3sHtn3pX4MoknwweHOEz57+VzfdN/KJOXqwdCV2aFJGCC+C+AyPMn1s+/tES4JtP7KbvgEZByITKslI23/ezKb+oN9/XwR2fWhO4MikmBRfAC6rK+cSvnHLY1e0FVfpoKRP2H0w/Dnj/iH5RS3QKbtDj8GhiPHwh+UN1y/dfZHg0cZS/KcWkpqIs7Tjgmgr9opboFFwA9x9If2YzENeZjUzoHz7INResnDJh55oLVjIwrD5giU7BdUGMTUWeHMKxshIWVWsqskyYYyXc3fYqV71nBWbgDne3vcqN6zUMTaJTcAFcX1vCjetb+Py3J5ajvHF9Cw11BXeyL7NQXVHKFe9adti1gurygvuRkDxWcK1t35Azh1Hu+NQaugfiNNTG2L23nzcGnZO1yqCkuHvamXCOhy5NikjkAWxmpwF3T9q0Atjk7n+blQM4jPgcPvFPP5kyEUNksn37R/jGE7v57fPfwoHhUeZWlPKPj73MSfNWhi5NikjkAezuzwNnAZjZHOA14FvZ2v/woUTaiRh3fFrjO2XCWxZVcdGqpilrhlx74UpWLNItiSQ6oTtGLwRedvdd2dphd3/6Bdm7+7Ugu0xIYGmHKzpajUeiEzqArwDuTPcNM9toZm1m1tbb25vxDhtr0y/I3lirURAyoWcg/W3pewd1W3qJTrAANrNyYB1wb7rvu/tWd29199b6+vqM91tZPofN66YuyL55XTOV5VqOUibotvSSD0KOgrgI+Jm7d2dzp7/Ys5/HX97DVz/5LvYMDlNfXcG9P32VueWltCyZl81DyQls+cIq/vo3zuKz9+4Y7wP+6984S7ell0iFDOCPMEP3w2ycPD/GysZaPv3PP51ycWXpPJ3ZyIREwkl4YsowtIQnSCScEq3KLhHJuAvCzOZm66BmVgW8H/i3bO1zTMKZ4eKKyISOzj6++ODzHEp1Ayccvvjg83R09oUtTIrKUc+Azexc4CtANbDMzFYDv+vuv3e8B3X3IWDh8f79I+nqT39xpatfF1dkwt6hYX6zdRlf+sHETLhrLljJG0MaLSPRyeQM+G+ADwJ7Adz9SeD8XBY1G4uq04+C0FoQMlldrHw8fCH5S/pLP3iR2pjunCLRyagLwt1/OW1T3t5graIUtkwbBbFlXTO62a1M1h8fSftJqT+u1dAkOpnE0i9T3RBuZmXAtcCzuS3r+A2Pwq2PvDRllatbH3mJv7psdejSJI/MLS9Nu2reXC3GIxHKpLV9BrgFWEJy2vCDwNW5LGo2uvuH2bX3ALc+/NJh20XGNNRW8CcXvZ09QwdJOMwxWFhVToMm7EiEjhjAqbUabnH3j0ZUz6yNzYSbfmajmXAy2dJ5c5lbUcrW7z43fhHupg0tLJ2XtcE+Ikd1xD5gdz8EnJKatXZCiJWVcMOlU/uAJz8XAXh1336u39Y+5SLc9dvaeXXf/sCVSTHJpAtiJ/BfZrYdGBrb6O4356yqWdj1xgHufHwXX7hsNQcOjlJZXspXHnuZjb/6FlYt1YLAktQ9w3DFnoE4K+qrA1UlxSaTAH459VUC1OS2nNlbWFXOCz2DXHPnz8e3xcpKWFh1wpzESwTG1oKY3lWltSAkSkcNYHffDGBm1anng7kuajaqyudww6XNbP5Ox3jf3g2XNlOlxXhkkmXz53LThpbxboixPuBl89UHLNHJZCZcC/A1YEHq+R7gE+7ekePajsu8ucaCqjK+eNlqhg6OUlVeSlmpMW+u5vfLhFf37efBjtf58sffyb6hERZUlfEvP/4FZy+bry4IiUwmXRBbgevc/WEAM3sv8I/Aubkr6/g91x2npqKE0spSugecxTUVjCZGeb47zrKcTH6WE1HfgYO877QmfvdrT0x8Urqkmf4DB0OXJkUkkwCuGgtfAHd/JLWYTl6aX1nGx7/6k8P69r6mWxLJJIcSsPm+qbeu2nxfB/9y1X8LXJkUk4xGQZjZ50l2QwB8jOTIiLw0Muppr26PHNJ6aDJhz2D6W1ftGdSEHYlOJgH8aWAzyaUjHfiP1La81FAXo/WUOj5x7orxu93e/sOdNNTq6rZMaKqrTDsKoqlO7USik8koiH3ANRHUkhXlZXDluafyYs/A+BTTK889lfKy0JVJPjmtvpot61rYtH1iFMSWdS2cVp/3Iy2lgGQyCuIh4Dfc/c3U8/nAXe7+wRzXdlzeGBxh974DbH1s55Q7YixbMJeTNQ9DUp7vHeCetqkTdu744U5Oa6xmtRqKRCSTLohFY+ELyTNiM1ucu5Jmpz8+mvaOGC1L6gJXJvmksy9O264+2nb9fMr2rr44q08OVJQUnUwWSEiY2bKxJ2Z2CuTvHX4G46NpL64MxkcDVST5aKwPeLJYWQmN6gOWCGVyBvynwH+a2aOAAecBG3Na1SzU15SnvbiyqFpTkWVCc1Mtf3XZmbzYMzh+reCti6tpbtInJYnOUc+A3f0B4GzgbuAu4J3u/r1cF3a8GueVc+P6limrod24voWm+QpgmVBSYpRYCVsf28nf/eAlvvzYTkqsRHdElkiZ+5F7E8zs3cAOdx8ys4+RDONb3H1XFAUCtLa2eltbW0avTSScZzr3sX/Y6R6I01ATY26FcUbTfP1wybiXewb50P/9j8M+Kf37H5zHWxZrKrJkXdrwyaQP+O+B/am7IV9HcmW0O7JYWFaVlCTDdlFNBfU1FSyqqVD4ymF2vTGU9lrBq28MzfA3RLIvkz7gUXd3M1sP3Orut5nZVbkubDZKSowV9dVaVEVmVKV7wkkeyOQMeMDM/pjkFOR/N7MSQNMa5ITWUFvBtReunHKt4NoLV+qecBKpTH7d/ybwW8BV7t6VGpL2V7ktSyS3ls6by9L5lWw8fwUJhxKDpfMrdU84iVQmU5G7gJsnPX+VSX3AZvYjd/+V3JR3fOLxUZ7u7KOrf5jG2gpWNdURi+mjpUx4dd9+vvPkbj56zqlT1gNuPqlOXVcSmWykUl6NXI/HR9n+dOdhc/zXrWpSCMs4rQcs+SAbtwo+5llxZjbPzL5hZs+Z2bNmlrUz6Kc7+8bDF5JXtjdtb+fpzr5sHUIKwEzrAY8mjvIXRbIo1CnhLcAD7n5Z6pb3Wet46+pPv85rd7/WeZUJWg9Y8kE2zoCPaYCtmdUB5wO3Abj7wcmL/cxWY21F2jn+urotk820FoTWA5YoZRTAZnaKmf1a6nGlmU1eNPXjx3jMU4Fe4J/M7Odm9pV0tzgys41m1mZmbb29vRnvfFVTHVvWTZ2KvGVdC6s0x18maW6q5aYNU9vJTRtatBaERCqTqci/Q3LxnQXu/hYzWwn8g7tfeFwHNGsFfgy8290fN7NbgH53//xMf+dYpiID7D9wkPauAbr7h2moraClsYa5lVoLQqYaHU3Q0dlHV1+cxroYzU11lJZm40OhyGHS9hRk0gd8NbAGeBzA3V+c5XrAu4Hd7v546vk3gM/NYn9TjI4muP+Zbq7fNjEK4qYNLWxYvUQ/XDJFaWkJq0+er/V/JZhMEmnY3cfH5phZKbNYDzg1rviXZnZaatOFwDPHu7/pOjr7xsMXkhdWrt/WTodGQYhInskkgB81sz8BKs3s/cC9wHdmedw/AP7VzJ4CzgL+fJb7G9fZF097dburL56tQ4iIZEUmXRCfA64CngZ+F7gf+MpsDuruO4DW2exjJjPd7VZ3OpDpxvqAO/viNNVV0txUq24qiVQmAbwBuMPd/zHHtWTF2NXt6X3Aurotk42OJtj25Gu6ViBBZRLAlwJ/Y2aPkbwrxgPunrc3WCstLWHD6iWsXFytq9syo5muFaxcrLsiS3QyuSXRp4C3kuz7/QjwspnNqgsi18aubn+wpYnVJ89X+MphXp/hWkGnrhVIhDKaiuzuI2b2XZKjHypJdkv8dg7rEsmp6opSTllYySVnLsFSIzS/8+RrVFVowSaJzlFbm5ldRHJN4PcCj5C8AHd5TqsSybHFNWV85lffyubvdEyshnZpM/U1uteARCeTz+afALYBp7n7J939/nzuAxbJRHzEx8M3+TzB5u90MDxy3EPcRY5ZJgH8p8D33H0YxteCWJ7TqkRyTOPFJR9kEsD3AIcmPT9E8oKcyAlrptXQNF5copRJAJdOnoqceqyVbeSEptXQJB9kcsm318zWuft2gNTt6ffktiyR3NJ4cckHmQTwZ0iu2/B3qee7OfY1gEXyjlZDk9AyuSvyy8A5Zladej44+ftmdqW7356j+kREClbGn7fcfXB6+KZcm8V6RESKRuT3hBMRkaQgt6UXERGdAYuIBJONAP6vLOxDRKToZLIYz3VpNvcBT7j7Dnf//eyXJZJ7bx6I80LX0Pjds9/WWMW8Ss2Ek+hkMg64NfU1dh+4S4CngM+Y2b3u/oVcFSeSK28eiPNgey+btk/cEWPLuhY+0FKvEJbIZNIFsRQ4290/6+6fBd4JLAbOBz6Zw9pEcuaFrqHx8IXkQjybtrfzQtdQ4MqkmGQSwIuB4UnPR4AGdz8wbbvICaO7fzjtamjd/WrSEp1MuiD+FXjczL6den4p8HUzqwKeyVllIjnUUFuR9u7ZDbUVAauSYpPJPeFuBDYCb6a+PuPuW9x9yN0/mtvyjk8i4ezsHeRHL+9hZ+8giYSGKstUb2usYsu6qauhbVnXwtsaqwJXJsUkk1EQXwLucvdbIqhn1hIJ54GOLq67Z8f4xZWbLz+Ltc2NlJRoyLIk1VZUsObUGu741Bq6B+I01MRYXDuH2gqdAUt0MumCeAK43sxOA75FMozbclvW8Xtl79B4+EKyX++6e3bw9mvOY0V9deDqJF+8sneIi7/0o8O6IO5XO5EIZdIFcbu7Xwy8C3ge+EszezHnlR2n7v70t5rpGdCtZmSC2onkg2OZCfdW4O3AKcBzuSln9hpqY2lvNbO4RmM7ZYLaieSDTPqAvwB8GHgZuAu40d3fnM1BzewVYIDk/eVG3b11NvubbPnCKm6+/KzD+oCXL9TFFZmwfGEVf/db7+Cp3X0kHOYYrFpap3YikcqkD/hl4FxgBVABnGlmuPtjszz2+9w967c2Kikx1jY38vZrzqNnIM7imhjLF1bpApwcZm5ZCa2nzOeNoREWVJWhuxFJ1DIJ4ATwA5Iz4nYA5wA/Ai7IXVmzU1JirKiv1sUUmdGre/v55b44N2zvGP+ktHldMyft7Wd5vW7MKdHI5Hf+NSQvwO1y9/cB7yA5Hng2HHjQzJ4ws42z3JfIMeseGB0PX0hegLthewfdA6OBK5NikskZcNzd42aGmVW4+3OpIWmz8R53f83MFgMPmdlz07s0UsG8EWDZsmXHtPNEwnll7xDd/XEaatUFIYfrGUg/FblnQFORJTqZBPBuM5sHbCMZlvuAXbM5qLu/lvqzx8y+BawBHpv2mq3AVoDW1taMp7JpIoZkQlORJR9kMg74w+7+prv/GfB54DZgw/Ee0MyqzKxm7DHwAaD9ePc33UwTMV7Zq1WuZMLpM0xFPl1TkSVCmZwBj3P3R7NwzAbgW2Y2dvyvu/sDWdgvcOQB9rooJ2NqKmNc1FLP8kVrxhdkP72xihqtBSwROqYAzgZ33wmsztX+xwbYT/9oqQH2Ml1NZYw1p6pdSDgFN/JxbCLG5I+WmoghIvko8jPgXNNEDBE5URRcAIMmYohIduVqaGtBBrCISLbkcmhrwfUBi4hkUy6HtiqARUSOIJdrRyuARUSOIJdrRyuARUSOIJdDW3URTkTkCHI5tFUBLCJyFLka2qouCBGRQBTAIiKBKIBFRAJRAIuIBKIAFhEJRAEsIhKIAlhEJBCNA5aidfDgIZ56vY+u/jhNtTFWnVRHefmc0GVJEVEAS1E6ePAQ2556nU3fbh9fYnDL+hY2nHmSQlgioy4IKUpPvd43Hr6QXN1q07fbeer1vsCVSTFRAEtR6pphicHu/tkvMSiSKQWwFKWmGZYYbKjVXZIlOgpgKUqnN1SzZV3LlCUGt6xr4YwG3UdQoqOLcFKUnuke5NZHXuSq96zADNzh1kdeZEV9Fa3LF4QuT4qEAliKUld/nF17D3Drwy9N2a4+YImSuiCkKKkPWPKBAliK0qqT6tiyflof8PoWzjypLnBlUkzUBSFFqbx8DhvOPIkVi6ro7o/TUBvjTM2Ek4gFC2AzmwO0Aa+5+yWh6pDiVV4+RxfcJKiQXRDXAs8GPL6ISFBBAtjMlgIfAr4S4vgiIvkg1Bnw3wJ/BCRmeoGZbTSzNjNr6+3tjawwEZGoRB7AZnYJ0OPuTxzpde6+1d1b3b21vr4+oupERKIT4gz43cA6M3sFuAu4wMz+JUAdIiJBRR7A7v7H7r7U3ZcDVwA/cPePRV2HiEhomoghIhJI0IkY7v4I8EjIGkREQtEZsIhIIApgEZFAFMAiIoEogEVEAlEAi4gEogAWEQlEASwiEogCWEQkEAWwiEggBXlLokTCeWXv0PitZpYvrKKkxEKXJSIyRcEFcCLhPNDRxXX37CA+kiBWVsLNl5/F2uZGhbCI5JWC64J4Ze/QePgCxEcSXHfPDl7ZOxS4MhGRqQougLv74+PhOyY+kqBnIB6oIhGR9AougBtqY8TKpv6zYmUlLK6JBapIRCS9ggvg5QuruPnys8ZDeKwPePnCqsCViYhMVXAX4UpKjLXNjbz9mvPoGYizuEajIEQkPxVcAEMyhFfUV7Oivjp0KSIiMyq4LggRkROFAlhEJBAFsIhIIApgEZFAFMAiIoEogEVEAlEAi4gEogAWEQlEASwiEogCWEQkkMgD2MxiZvYTM3vSzDrMbHPUNYiI5IMQa0EMAxe4+6CZlQH/aWbfdfcfB6hFRCSYyAPY3R0YTD0tS3151HWIiIQWpA/YzOaY2Q6gB3jI3R9P85qNZtZmZm29vb2R1ygikmtBAtjdD7n7WcBSYI2ZtaR5zVZ3b3X31vr6+shrFBHJtaCjINz9TeBhYG3IOkREQggxCqLezOalHlcC7weei7oOEZHQQoyCaAJuN7M5JH8B3OPu9wWoQ0QkqBCjIJ4C3hH1cUVE8o1mwomIBKIAFhEJRAEsIhKIAlhEJBAFsIhIIApgEZFAFMAiIoEogEVEAlEAi4gEogAWEQlEASwiEogCWEQkEAWwiEggCmARkUAUwCIigSiARUQCUQCLiASiABYRCUQBLCISiAJYRCQQBbCISCAKYBGRQBTAIiKBKIBFRAIpDV2ASCgDB+I82zVEd/8wDbUVnN5YRU1lLHRZkoeGDgzT0TU43laaG6upqqyY9X4VwFKUBg7E+W57L5u2txMfSRArK2HLuhYuaqlXCMsUQweG+ff2nsPayodaFs86hNUFIUXp2a6h8R8ogPhIgk3b23m2ayhwZZJvOroG07aVjq7BWe878gA2s5PN7GEze8bMOszs2qhrEOnuHx7/gRoTH0nQ3T8cqCLJV7lsKyHOgEeBz7r7GcA5wNVmdkaAOqSINdRWECub2vxjZSU01M6+X08KSy7bSuQB7O6d7v6z1OMB4FlgSdR1SHE7vbGKLetaxn+wxvr1Tm+sClyZ5Jvmxuq0baW5sXrW+zZ3n/VOjvvgZsuBx4AWd++f9r2NwEaAZcuWvXPXrl3RFygFTaMgJFNZGAVhaTeGCmAzqwYeBf63u//bkV7b2trqbW1t0RQmIpJ9aQM4yCgIMysDvgn869HCV0SkUIUYBWHAbcCz7n5z1McXEckXIc6A3w18HLjAzHakvi4OUIeISFCRz4Rz9/9khv4QEZFioplwIiKBKIBFRAJRAIuIBKIAFhEJRAEsIhJI0KnImTKzXuB45iIvAvZkuZzjkS91gGpJJ1/qgPypJV/qgMKoZY+7r52+8YQI4ONlZm3u3qo6JqiW/K0D8qeWfKkDCrsWdUGIiASiABYRCaTQA3hr6AJS8qUOUC3p5EsdkD+15EsdUMC1FHQfsIhIPiv0M2ARkbylABYRCeSEDGAz+6qZ9ZhZ+wzfNzP7kpm9ZGZPmdnZk753pZm9mPq6Msd1fDR1/KfN7IdmtnrS915Jbd9hZrO+3UcGtbzXzPomLQG6adL31prZ86n363MR1PK/JtXRbmaHzGxB6ntZe18yuQN3FG0lwzoiaSsZ1hJJW8mwlpy3FTOLmdlPzOzJVB2b07ymwszuTv27H7fk7dTGvvfHqe3Pm9kHj+ng7n7CfQHnA2cD7TN8/2LguySXvTwHeDy1fQGwM/Xn/NTj+Tms49yx/QMXjdWRev4KsCjC9+S9wH1pts8BXgZWAOXAk8AZuaxl2msvBX6Qi/cFaALOTj2uAV6Y/m+Loq1kWEckbSXDWiJpK5nUEkVbSf3fV6celwGPA+dMe83vAf+QenwFcHfq8Rmp96ECODX1/szJ9Ngn5Bmwuz8GvHGEl6wH7vCkHwPzzKwJ+CDwkLu/4e77gIeAw2anZKsOd/9h6jgAPwaWHu+xZlvLEawBXnL3ne5+ELiL5PsXVS0fAe6czfGOUEcmd+DOeVvJpI6o2kqG78lMstpWjqOWnLSV1P/9YOppWepr+uiE9cDtqcffAC40M0ttv8vdh939F8BLJN+njJyQAZyBJcAvJz3fndo20/YoXEXyTGuMAw+a2ROWvAN0FH4l9THru2bWnNoW7D0xs7kkQ+2bkzbn5H1JfWR8B8mzm8kibStHqGOySNrKUWqJtK0c7X3JdVsxszlmtgPoIfmLd8Z24u6jQB+wkFm+J5HfEaMYmdn7SP5QvWfS5ve4+2tmthh4yMyeS5055srPgFPcfdCSt4DaBqzM4fEycSnwX+4++Ww56++LJe/A/U3gD929fzb7ynUdUbWVo9QSaVvJ8P8np23F3Q8BZ5nZPOBbZtbi7mmvYWRToZ4BvwacPOn50tS2mbbnjJmdCXwFWO/ue8e2u/trqT97gG9xDB9bjoe79499zHL3+4EyM1tEgPdkkiuY9pEy2++LHf0O3JG0lQzqiKytHK2WKNtKJu9LSs7bSmpfbwIPc3h30/i/3cxKgTpgL7N9T2bbgR3qC1jOzBecPsTUCys/SW1fAPyC5EWV+anHC3JYxzKSfULnTtteBdRMevxDYG2O35NGJiberAFeTb0/pSQvMJ3KxIWV5lzWkvp+Hcl+4qpcvS+pf98dwN8e4TU5bysZ1hFJW8mwlkjaSia1RNFWgHpgXupxJfAfwCXTXnM1Uy/C3ZN63MzUi3A7OYaLcCdkF4SZ3UnySu0iM9sN3ECy4xx3/wfgfpJXt18C9gOfSn3vDTO7EfhpaldbfOpHmmzXsYlkP9H/S/bXM+rJlZQaSH7MgWSj/rq7P3C8dWRYy2XAfzezUeAAcIUnW9Comf0+8D2SV7m/6u4dOa4F4MPAg+4+NOmvZvt9GbsD99Op/j2APyEZdlG2lUzqiKqtZFJLVG0lk1og922lCbjdzOaQ7BW4x93vM7MtQJu7bwduA75mZi+R/GVwRarGDjO7B3gGGAWu9mR3RkY0FVlEJJBC7QMWEcl7CmARkUAUwCIigSiARUQCUQCLiASiAJaCZGaDR39V+H1KcVMAi4gEogCWgpdaU/anllxvd3Nq21+Y2dWTXvNnZvY/Z3q9SC4ogKWgmdkHSC4kswY4C3inmZ0P3A1cPumllwN3H+H1Ill3Qk5FFjkGH0h9/Tz1vBpY6e63mdliMzuJ5FoA+9z9l5a8K8NhrwdyuVKdFCkFsBQ6A/6Pu385zffuJbnuQSPJM+KjvV4kq9QFIYXue8CnU2vOYmZLUuvHQjJ0ryAZwvdm8HqRrNIZsBQ0d3/QzE4HfpRaOWsQ+BjQk1rJqgZ4zd07j/b6IP8AKWhaDU1EJBB1QYiIBKIAFhEJRAEsIhKIAlhEJBAFsIhIIApgEZFAFMAiIoH8f1HyX6DjiYmMAAAAAElFTkSuQmCC", - "text/plain": [ - "
" - ] - }, - "metadata": { - "needs_background": "light" - }, - "output_type": "display_data" - } - ], + "outputs": [], "source": [ "g = sns.relplot(data=df_cve_rich, x=\"level\", y=\"n_cves\")\n", "plt.show()\n", @@ -560,7 +185,7 @@ { "cell_type": "code", "execution_count": null, - "id": "d63d24cd", + "id": "6c3c2ec4-3fab-48ad-aacb-6f54277abe66", "metadata": {}, "outputs": [], "source": [] @@ -568,7 +193,7 @@ ], "metadata": { "kernelspec": { - "display_name": "Python 3.8.13 ('venv': venv)", + "display_name": "Python 3 (ipykernel)", "language": "python", "name": "python3" }, @@ -582,7 +207,7 @@ "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", - "version": "3.8.13" + "version": "3.12.6" }, "vscode": { "interpreter": { diff --git a/pyproject.toml b/pyproject.toml index 3f3d8ef3..377c6584 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -40,6 +40,7 @@ "Pillow>=9.2.0", "pypdf[crypto]>=3.1.0", "python-dateutil", + "dateparser", "PyYAML", "rapidfuzz", "requests", @@ -63,8 +64,8 @@ [project.optional-dependencies] dev = [ - "ruff==0.2.2", - "mypy==1.8.0", + "ruff==0.7.4", + "mypy==1.13.0", "types-PyYAML", "types-python-dateutil", "types-requests", @@ -118,6 +119,7 @@ src = ["src", "tests"] line-length = 120 target-version = "py310" + extend-exclude = ["*.ipynb"] [tool.ruff.lint.mccabe] max-complexity = 10 diff --git a/requirements/all_requirements.txt b/requirements/all_requirements.txt index 6d30aae1..4920e53a 100644 --- a/requirements/all_requirements.txt +++ b/requirements/all_requirements.txt @@ -2,7 +2,7 @@ accessible-pygments==0.0.4 # via pydata-sphinx-theme aiohappyeyeballs==2.4.0 # via aiohttp -aiohttp==3.10.2 +aiohttp==3.10.11 # via # datasets # fsspec @@ -112,6 +112,8 @@ datasets==2.15.0 # setfit datashader==0.16.0 # via umap-learn +dateparser==1.2.0 + # via sec-certs (./../pyproject.toml) debugpy==1.8.0 # via ipykernel decorator==5.1.1 @@ -303,7 +305,7 @@ murmurhash==1.0.10 # preshed # spacy # thinc -mypy==1.8.0 +mypy==1.13.0 # via sec-certs (./../pyproject.toml) mypy-extensions==1.0.0 # via mypy @@ -461,6 +463,8 @@ preshed==3.0.9 # thinc prompt-toolkit==3.0.41 # via ipython +propcache==0.2.0 + # via yarl psutil==5.9.6 # via # ipykernel @@ -529,6 +533,7 @@ pytest-profiling==1.7.0 # via sec-certs (./../pyproject.toml) python-dateutil==2.8.2 # via + # dateparser # jupyter-client # matplotlib # pandas @@ -536,7 +541,9 @@ python-dateutil==2.8.2 python-dotenv==1.0.0 # via pydantic-settings pytz==2023.3.post1 - # via pandas + # via + # dateparser + # pandas pyviz-comms==3.0.0 # via # holoviews @@ -566,6 +573,7 @@ referencing==0.31.0 # jsonschema-specifications regex==2023.10.3 # via + # dateparser # nltk # transformers requests==2.32.0 @@ -590,7 +598,7 @@ rpds-py==0.13.1 # via # jsonschema # referencing -ruff==0.2.2 +ruff==0.7.4 # via sec-certs (./../pyproject.toml) safetensors==0.4.5 # via transformers @@ -776,6 +784,8 @@ typing-extensions==4.8.0 # typer tzdata==2023.3 # via pandas +tzlocal==5.2 + # via dateparser uc-micro-py==1.0.2 # via linkify-it-py umap-learn[plot]==0.5.5 @@ -818,7 +828,7 @@ xyzservices==2023.10.1 # via # bokeh # panel -yarl==1.9.3 +yarl==1.17.2 # via aiohttp zipp==3.19.1 # via importlib-metadata diff --git a/requirements/dev_requirements.txt b/requirements/dev_requirements.txt index c09140a0..31471eb4 100644 --- a/requirements/dev_requirements.txt +++ b/requirements/dev_requirements.txt @@ -2,7 +2,7 @@ accessible-pygments==0.0.4 # via pydata-sphinx-theme aiohappyeyeballs==2.4.0 # via aiohttp -aiohttp==3.10.2 +aiohttp==3.10.11 # via # datasets # fsspec @@ -12,7 +12,7 @@ alabaster==0.7.13 # via sphinx annotated-types==0.6.0 # via pydantic -appnope==0.1.3 +appnope==0.1.4 # via # ipykernel # ipython @@ -82,6 +82,8 @@ cymem==2.0.8 # thinc datasets==2.15.0 # via sec-certs (./../pyproject.toml) +dateparser==1.2.0 + # via sec-certs (./../pyproject.toml) debugpy==1.8.0 # via ipykernel decorator==5.1.1 @@ -221,7 +223,7 @@ murmurhash==1.0.10 # preshed # spacy # thinc -mypy==1.8.0 +mypy==1.13.0 # via sec-certs (./../pyproject.toml) mypy-extensions==1.0.0 # via mypy @@ -315,6 +317,8 @@ preshed==3.0.9 # thinc prompt-toolkit==3.0.41 # via ipython +propcache==0.2.0 + # via yarl psutil==5.9.6 # via # ipykernel @@ -377,6 +381,7 @@ pytest-profiling==1.7.0 # via sec-certs (./../pyproject.toml) python-dateutil==2.8.2 # via + # dateparser # jupyter-client # matplotlib # pandas @@ -384,7 +389,9 @@ python-dateutil==2.8.2 python-dotenv==1.0.0 # via pydantic-settings pytz==2023.3.post1 - # via pandas + # via + # dateparser + # pandas pyyaml==6.0.1 # via # datasets @@ -404,6 +411,8 @@ referencing==0.31.0 # via # jsonschema # jsonschema-specifications +regex==2024.9.11 + # via dateparser requests==2.32.0 # via # datasets @@ -418,7 +427,7 @@ rpds-py==0.13.1 # via # jsonschema # referencing -ruff==0.2.2 +ruff==0.7.4 # via sec-certs (./../pyproject.toml) scikit-learn==1.5.0 # via sec-certs (./../pyproject.toml) @@ -546,6 +555,8 @@ typing-extensions==4.8.0 # typer tzdata==2023.3 # via pandas +tzlocal==5.2 + # via dateparser urllib3==2.2.2 # via # requests @@ -573,7 +584,7 @@ wrapt==1.16.0 # via deprecated xxhash==3.4.1 # via datasets -yarl==1.9.3 +yarl==1.17.2 # via aiohttp zipp==3.19.1 # via importlib-metadata diff --git a/requirements/nlp_requirements.txt b/requirements/nlp_requirements.txt index 314dc84b..1a2e48f5 100644 --- a/requirements/nlp_requirements.txt +++ b/requirements/nlp_requirements.txt @@ -1,6 +1,6 @@ aiohappyeyeballs==2.4.0 # via aiohttp -aiohttp==3.10.2 +aiohttp==3.10.11 # via # datasets # fsspec @@ -90,6 +90,8 @@ datasets==2.15.0 # setfit datashader==0.16.0 # via umap-learn +dateparser==1.2.0 + # via sec-certs (./../pyproject.toml) debugpy==1.8.0 # via ipykernel decorator==5.1.1 @@ -368,6 +370,8 @@ preshed==3.0.9 # thinc prompt-toolkit==3.0.41 # via ipython +propcache==0.2.0 + # via yarl psutil==5.9.6 # via # ipykernel @@ -414,6 +418,7 @@ pytesseract==0.3.10 # via sec-certs (./../pyproject.toml) python-dateutil==2.8.2 # via + # dateparser # jupyter-client # matplotlib # pandas @@ -421,7 +426,9 @@ python-dateutil==2.8.2 python-dotenv==1.0.0 # via pydantic-settings pytz==2023.3.post1 - # via pandas + # via + # dateparser + # pandas pyviz-comms==3.0.0 # via # holoviews @@ -447,6 +454,7 @@ referencing==0.31.0 # jsonschema-specifications regex==2023.10.3 # via + # dateparser # nltk # transformers requests==2.32.0 @@ -604,6 +612,8 @@ typing-extensions==4.8.0 # typer tzdata==2023.3 # via pandas +tzlocal==5.2 + # via dateparser uc-micro-py==1.0.2 # via linkify-it-py umap-learn[plot]==0.5.5 @@ -639,7 +649,7 @@ xyzservices==2023.10.1 # via # bokeh # panel -yarl==1.9.3 +yarl==1.17.2 # via aiohttp zipp==3.19.1 # via importlib-metadata diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 4b985619..dcacaed8 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -1,6 +1,6 @@ annotated-types==0.6.0 # via pydantic -appnope==0.1.3 +appnope==0.1.4 # via # ipykernel # ipython @@ -50,6 +50,8 @@ cymem==2.0.8 # preshed # spacy # thinc +dateparser==1.2.0 + # via sec-certs (./../pyproject.toml) debugpy==1.8.0 # via ipykernel decorator==5.1.1 @@ -210,6 +212,7 @@ pytesseract==0.3.10 # via sec-certs (./../pyproject.toml) python-dateutil==2.8.2 # via + # dateparser # jupyter-client # matplotlib # pandas @@ -217,7 +220,9 @@ python-dateutil==2.8.2 python-dotenv==1.0.0 # via pydantic-settings pytz==2023.3.post1 - # via pandas + # via + # dateparser + # pandas pyyaml==6.0.1 # via sec-certs (./../pyproject.toml) pyzmq==25.1.1 @@ -230,6 +235,8 @@ referencing==0.31.0 # via # jsonschema # jsonschema-specifications +regex==2024.9.11 + # via dateparser requests==2.32.0 # via # sec-certs (./../pyproject.toml) @@ -311,6 +318,8 @@ typing-extensions==4.8.0 # typer tzdata==2023.3 # via pandas +tzlocal==5.2 + # via dateparser urllib3==2.2.2 # via requests wasabi==1.1.2 diff --git a/requirements/test_requirements.txt b/requirements/test_requirements.txt index adb5e3ac..5f8cb248 100644 --- a/requirements/test_requirements.txt +++ b/requirements/test_requirements.txt @@ -1,6 +1,6 @@ annotated-types==0.6.0 # via pydantic -appnope==0.1.3 +appnope==0.1.4 # via # ipykernel # ipython @@ -54,6 +54,8 @@ cymem==2.0.8 # preshed # spacy # thinc +dateparser==1.2.0 + # via sec-certs (./../pyproject.toml) debugpy==1.8.0 # via ipykernel decorator==5.1.1 @@ -225,6 +227,7 @@ pytest-cov==4.1.0 # via sec-certs (./../pyproject.toml) python-dateutil==2.8.2 # via + # dateparser # jupyter-client # matplotlib # pandas @@ -232,7 +235,9 @@ python-dateutil==2.8.2 python-dotenv==1.0.0 # via pydantic-settings pytz==2023.3.post1 - # via pandas + # via + # dateparser + # pandas pyyaml==6.0.1 # via sec-certs (./../pyproject.toml) pyzmq==25.1.1 @@ -245,6 +250,8 @@ referencing==0.31.0 # via # jsonschema # jsonschema-specifications +regex==2024.9.11 + # via dateparser requests==2.32.0 # via # sec-certs (./../pyproject.toml) @@ -326,6 +333,8 @@ typing-extensions==4.8.0 # typer tzdata==2023.3 # via pandas +tzlocal==5.2 + # via dateparser urllib3==2.2.2 # via requests wasabi==1.1.2 diff --git a/src/sec_certs/configuration.py b/src/sec_certs/configuration.py index 47ac5821..09e24539 100644 --- a/src/sec_certs/configuration.py +++ b/src/sec_certs/configuration.py @@ -31,7 +31,9 @@ class Configuration(BaseSettings): description=" During validation we don't connect certificates with validation dates difference higher than _this_.", ) n_threads: int = Field( - -1, description="How many threads to use for parallel computations. Set to -1 to use all logical cores.", ge=-1 + -1, + description="How many threads to use for parallel computations. Set to -1 to use all logical cores.", + ge=-1, ) cpe_matching_threshold: int = Field( 92, @@ -40,12 +42,18 @@ class Configuration(BaseSettings): le=100, ) cpe_n_max_matches: int = Field( - 99, description="Maximum number of candidate CPE items that may be related to given certificate, >0", gt=0 + 99, + description="Maximum number of candidate CPE items that may be related to given certificate, >0", + gt=0, ) cc_latest_snapshot: AnyHttpUrl = Field( "https://sec-certs.org/cc/dataset.json", description="URL from where to fetch the latest snapshot of fully processed CC dataset.", ) + cc_latest_full_archive: AnyHttpUrl = Field( + "https://sec-certs.org/cc/cc.tar.gz", + description="URL from where to fetch the latest full archive of fully processed CC dataset.", + ) cc_maintenances_latest_snapshot: AnyHttpUrl = Field( "https://sec-certs.org/cc/maintenance_updates.json", description="URL from where to fetch the latest snapshot of CC maintenance updates", @@ -55,25 +63,36 @@ class Configuration(BaseSettings): description="URL from where to fetch the latest snapshot of the PP dataset.", ) fips_latest_snapshot: AnyHttpUrl = Field( - "https://sec-certs.org/fips/dataset.json", description="URL for the latest snapshot of FIPS dataset." + "https://sec-certs.org/fips/dataset.json", + description="URL for the latest snapshot of FIPS dataset.", + ) + fips_latest_full_archive: AnyHttpUrl = Field( + "https://sec-certs.org/fips/fips.tar.gz", + description="URL from where to fetch the latest full archive of fully processed FIPS dataset.", ) fips_iut_dataset: AnyHttpUrl = Field( - "https://sec-certs.org/fips/iut/dataset.json", description="URL for the dataset of FIPS IUT data." + "https://sec-certs.org/fips/iut/dataset.json", + description="URL for the dataset of FIPS IUT data.", ) fips_iut_latest_snapshot: AnyHttpUrl = Field( - "https://sec-certs.org/fips/iut/latest.json", description="URL for the latest snapshot of FIPS IUT data." + "https://sec-certs.org/fips/iut/latest.json", + description="URL for the latest snapshot of FIPS IUT data.", ) fips_mip_dataset: AnyHttpUrl = Field( - "https://sec-certs.org/fips/mip/dataset.json", description="URL for the dataset of FIPS MIP data" + "https://sec-certs.org/fips/mip/dataset.json", + description="URL for the dataset of FIPS MIP data", ) fips_mip_latest_snapshot: AnyHttpUrl = Field( - "https://sec-certs.org/fips/mip/latest.json", description="URL for the latest snapshot of FIPS MIP data" + "https://sec-certs.org/fips/mip/latest.json", + description="URL for the latest snapshot of FIPS MIP data", ) cpe_latest_snapshot: AnyHttpUrl = Field( - "https://sec-certs.org/vuln/cpe/cpe.json.gz", description="URL for the latest snapshot of CPEDataset." + "https://sec-certs.org/vuln/cpe/cpe.json.gz", + description="URL for the latest snapshot of CPEDataset.", ) cve_latest_snapshot: AnyHttpUrl = Field( - "https://sec-certs.org/vuln/cve/cve.json.gz", description="URL for the latest snapshot of CVEDataset." + "https://sec-certs.org/vuln/cve/cve.json.gz", + description="URL for the latest snapshot of CVEDataset.", ) cpe_match_latest_snapshot: AnyHttpUrl = Field( "https://sec-certs.org/vuln/cpe/cpe_match.json.gz", @@ -91,17 +110,19 @@ class Configuration(BaseSettings): ge=0, ) ignore_first_page: bool = Field( - True, description="During keyword search, first page usually contains addresses - ignore it." + True, + description="During keyword search, first page usually contains addresses - ignore it.", ) cc_reference_annotator_dir: Optional[Path] = Field( # noqa: UP007 None, description="Path to directory with serialized reference annotator model. If set to `null`, tool will search default directory for the given dataset.", ) cc_reference_annotator_should_train: bool = Field( - True, description="True if new reference annotator model shall be build, False otherwise." + True, + description="True if new reference annotator model shall be build, False otherwise.", ) cc_matching_threshold: int = Field( - 90, + 70, description="Level of required similarity before CC scheme entry is considered to match a CC certificate.", ge=0, le=100, @@ -109,14 +130,15 @@ class Configuration(BaseSettings): cc_use_proxy: bool = Field(False, description="Download CC artifacts through the sec-certs.org proxy.") fips_use_proxy: bool = Field(False, description="Download FIPS artifacts through the sec-certs.org proxy.") enable_progress_bars: bool = Field( - True, description="If true, progress bars will be printed to stdout during computation." + True, + description="If true, progress bars will be printed to stdout during computation.", ) nvd_api_key: Optional[str] = Field(None, description="NVD API key for access to CVEs and CPEs.") # noqa: UP007 preferred_source_nvd_datasets: Literal["sec-certs", "api"] = Field( "sec-certs", description="If set to `sec-certs`, will fetch CPE and CVE datasets from sec-certs.org." + " If set to `api`, will fetch these resources from NVD API. It is advised to set an" - + " `nvd_api_key` when setting this to `nvd`.", + + " `nvd_api_key` when setting this to `api`.", ) def _get_nondefault_keys(self) -> set[str]: diff --git a/src/sec_certs/constants.py b/src/sec_certs/constants.py index 956f8fb7..d134b3fd 100644 --- a/src/sec_certs/constants.py +++ b/src/sec_certs/constants.py @@ -7,6 +7,7 @@ REF_EMBEDDING_METHOD = Literal["tf_idf", "transformer"] +# This stupid thing should die in a fire... DUMMY_NONEXISTING_PATH = Path("/this/is/dummy/nonexisting/path") RESPONSE_OK = 200 @@ -115,16 +116,24 @@ CC_MALAYSIA_BASE_URL + "/index.php/certification/product-certification/mycc/list-of-products-and-systems-under-evaluation-or-maintenance" ) -CC_NETHERLANDS_BASE_URL = "https://www.tuv-nederland.nl/common-criteria" -CC_NETHERLANDS_CERTIFIED_URL = CC_NETHERLANDS_BASE_URL + "/certificates.html" -CC_NETHERLANDS_INEVAL_URL = CC_NETHERLANDS_BASE_URL + "/ongoing-certifications.html" +CC_NETHERLANDS_OLD_BASE_URL = "https://www.tuv-nederland.nl/common-criteria" +CC_NETHERLANDS_OLD_CERTIFIED_URL = CC_NETHERLANDS_OLD_BASE_URL + "/certificates.html" +CC_NETHERLANDS_OLD_INEVAL_URL = CC_NETHERLANDS_OLD_BASE_URL + "/ongoing-certifications.html" +CC_NETHERLANDS_NEW_BASE_URL = "https://www.trustcb.com/common-criteria/nscib" +CC_NETHERLANDS_NEW_CERTIFIED_URL = CC_NETHERLANDS_NEW_BASE_URL + "/nscib-certificates/" +CC_NETHERLANDS_NEW_INEVAL_URL = CC_NETHERLANDS_NEW_BASE_URL + "/nscib-ongoing-certifications/" CC_NORWAY_BASE_URL = "https://sertit.no" CC_NORWAY_CERTIFIED_URL = CC_NORWAY_BASE_URL + "/certified-products/category1919.html" CC_NORWAY_ARCHIVED_URL = CC_NORWAY_BASE_URL + "/certified-products/product-archive/" CC_KOREA_BASE_URL = "https://itscc.kr" CC_KOREA_EN_URL = CC_KOREA_BASE_URL + "/main/mainEn.do" CC_KOREA_CERTIFIED_URL = CC_KOREA_BASE_URL + "/certprod/listA.do" -CC_KOREA_PRODUCT_URL = CC_KOREA_BASE_URL + "/certprod/view.do?product_id={}&product_class=1" +CC_KOREA_SUSPENDED_URL = CC_KOREA_BASE_URL + "/certprod/listB.do" +CC_KOREA_ARCHIVED_URL = CC_KOREA_BASE_URL + "/certprod/listD.do" +CC_KOREA_PRODUCT_URL = CC_KOREA_BASE_URL + "/certprod/view.do?product_id={}&product_class={}" +CC_POLAND_BASE_URL = "https://en.nask.pl" +CC_POLAND_CERTIFIED_URL = CC_POLAND_BASE_URL + "/eng/activities/certification/list-of-certificates" +CC_POLAND_INEVAL_URL = CC_POLAND_BASE_URL + "/eng/activities/certification/ongoing-certifications" CC_SINGAPORE_BASE_URL = "https://www.csa.gov.sg" CC_SINGAPORE_CERTIFIED_URL = ( CC_SINGAPORE_BASE_URL + "/Programmes/certification-and-labelling-schemes/csa-common-criteria/product-list" diff --git a/src/sec_certs/dataset/auxiliary_dataset_handling.py b/src/sec_certs/dataset/auxiliary_dataset_handling.py index 4efc823f..afd2b820 100644 --- a/src/sec_certs/dataset/auxiliary_dataset_handling.py +++ b/src/sec_certs/dataset/auxiliary_dataset_handling.py @@ -25,7 +25,7 @@ class AuxiliaryDatasetHandler(ABC): - def __init__(self, root_dir: str | Path = constants.DUMMY_NONEXISTING_PATH) -> None: + def __init__(self, root_dir: str | Path) -> None: self.root_dir = Path(root_dir) self.dset: Any @@ -248,6 +248,5 @@ def load_dataset(self) -> None: def _process_dataset_body(self, download_fresh: bool = False): if not self.dset_path.exists() or download_fresh: self.dset = ProtectionProfileDataset.from_web(self.dset_path) - self.dset.to_json() else: self.dset = ProtectionProfileDataset.from_json(self.dset_path) diff --git a/src/sec_certs/dataset/cc.py b/src/sec_certs/dataset/cc.py index d93752fd..529beb85 100644 --- a/src/sec_certs/dataset/cc.py +++ b/src/sec_certs/dataset/cc.py @@ -85,13 +85,21 @@ def to_pandas(self) -> pd.DataFrame: """ Return self serialized into pandas DataFrame """ - df = pd.DataFrame([x.pandas_tuple for x in self.certs.values()], columns=CCCertificate.pandas_columns) + df = pd.DataFrame( + [x.pandas_tuple for x in self.certs.values()], + columns=CCCertificate.pandas_columns, + ) df = df.set_index("dgst") df.not_valid_before = pd.to_datetime(df.not_valid_before, errors="coerce") df.not_valid_after = pd.to_datetime(df.not_valid_after, errors="coerce") df = df.astype( - {"category": "category", "status": "category", "scheme": "category", "cert_lab": "category"} + { + "category": "category", + "status": "category", + "scheme": "category", + "cert_lab": "category", + } ).fillna(value=np.nan) df = df.loc[ ~df.manufacturer.isnull() @@ -189,7 +197,10 @@ def reference_annotator_dir(self) -> Path: "cc_pp_collaborative.html": BASE_URL + "/pps/collaborativePP.cfm?cpp=1", "cc_pp_archived.html": BASE_URL + "/pps/index.cfm?archived=1", } - PP_CSV = {"cc_pp_active.csv": BASE_URL + "/pps/pps.csv", "cc_pp_archived.csv": BASE_URL + "/pps/pps-archived.csv"} + PP_CSV = { + "cc_pp_active.csv": BASE_URL + "/pps/pps.csv", + "cc_pp_archived.csv": BASE_URL + "/pps/pps-archived.csv", + } @property def active_html_tuples(self) -> list[tuple[str, Path]]: @@ -224,11 +235,32 @@ def archived_csv_tuples(self) -> list[tuple[str, Path]]: return [(x, self.web_dir / y) for y, x in self.CSV_PRODUCTS_URL.items() if "archived" in y] @classmethod - def from_web_latest(cls) -> CCDataset: - """ - Fetches the fresh snapshot of CCDataset from sec-certs.org - """ - return cls.from_web(config.cc_latest_snapshot, "Downloading CC Dataset", "cc_latest_dataset.json") + def from_web_latest( + cls, + path: str | Path | None = None, + auxiliary_datasets: bool = False, + artifacts: bool = False, + ) -> CCDataset: + """ + Fetches the fresh snapshot of CCDataset from sec-certs.org. + + Optionally stores it at the given path (a directory) and also downloads auxiliary datasets and artifacts (PDFs). + + .. note:: + Note that including the auxiliary datasets adds several gigabytes and including artifacts adds tens of gigabytes. + + :param path: Path to a directory where to store the dataset, or `None` if it should not be stored. + :param auxiliary_datasets: Whether to also download auxiliary datasets (CVE, CPE, CPEMatch datasets). + :param artifacts: Whether to also download artifacts (i.e. PDFs). + """ + return cls.from_web( + config.cc_latest_full_archive, + config.cc_latest_snapshot, + "Downloading CC", + path, + auxiliary_datasets, + artifacts, + ) def _set_local_paths(self): super()._set_local_paths() @@ -285,7 +317,11 @@ def _download_csv_html_resources(self, get_active: bool = True, get_archived: bo @serialize @staged(logger, "Downloading and processing CSV and HTML files of certificates.") def get_certs_from_web( - self, to_download: bool = True, keep_metadata: bool = True, get_active: bool = True, get_archived: bool = True + self, + to_download: bool = True, + keep_metadata: bool = True, + get_active: bool = True, + get_archived: bool = True, ) -> None: """ Downloads CSV and HTML files that hold lists of certificates from common criteria website. Parses these files @@ -387,7 +423,10 @@ def _get_primary_key_str(row: Tag): ["not_valid_before", "not_valid_after", "maintenance_date"] ].apply(pd.to_datetime, errors="coerce") - df["dgst"] = df.apply(lambda row: helpers.get_first_16_bytes_sha256(_get_primary_key_str(row)), axis=1) + df["dgst"] = df.apply( + lambda row: helpers.get_first_16_bytes_sha256(_get_primary_key_str(row)), + axis=1, + ) df_base = df.loc[~df.is_maintenance].copy() df_main = df.loc[df.is_maintenance].copy() @@ -421,7 +460,10 @@ def _get_primary_key_str(row: Tag): for x in df_main.itertuples(): updates[x.dgst].add( CCCertificate.MaintenanceReport( - x.maintenance_date.date(), x.maintenance_title, x.maintenance_report_link, x.maintenance_st_link + x.maintenance_date.date(), + x.maintenance_title, + x.maintenance_report_link, + x.maintenance_st_link, ) ) @@ -515,7 +557,22 @@ def _parse_table( cert_status = "active" if "active" in str(file) else "archived" - cc_cat_abbreviations = ["AC", "BP", "DP", "DB", "DD", "IC", "KM", "MD", "MF", "NS", "OS", "OD", "DG", "TC"] + cc_cat_abbreviations = [ + "AC", + "BP", + "DP", + "DB", + "DD", + "IC", + "KM", + "MD", + "MF", + "NS", + "OS", + "OD", + "DG", + "TC", + ] cc_table_ids = ["tbl" + x for x in cc_cat_abbreviations] cc_categories = [ "Access Control Devices and Systems", @@ -751,7 +808,10 @@ def extract_data(self) -> None: self._extract_pdf_frontpage() self._extract_pdf_keywords() - @staged(logger, "Computing heuristics: Deriving information about laboratories involved in certification.") + @staged( + logger, + "Computing heuristics: Deriving information about laboratories involved in certification.", + ) def _compute_cert_labs(self) -> None: certs_to_process = [x for x in self if x.state.report.is_ok_to_analyze()] for cert in certs_to_process: @@ -785,7 +845,7 @@ def _compute_heuristics_body(self, skip_schemes: bool = False) -> None: compute_transitive_vulnerabilities(self.certs) if not skip_schemes: - compute_scheme_data(self.aux_handlers[CCSchemeDatasetHandler].dset, self.certs) + compute_scheme_data(self.aux_handlers[CCSchemeDatasetHandler].dset, self.certs.values()) compute_cert_labs(self.certs.values()) compute_sars(self.certs.values()) @@ -829,18 +889,28 @@ def analyze_certificates(self) -> None: raise NotImplementedError def get_certs_from_web( - self, to_download: bool = True, keep_metadata: bool = True, get_active: bool = True, get_archived: bool = True + self, + to_download: bool = True, + keep_metadata: bool = True, + get_active: bool = True, + get_archived: bool = True, ) -> None: raise NotImplementedError @classmethod def from_json(cls, input_path: str | Path, is_compressed: bool = False) -> CCDatasetMaintenanceUpdates: - dset = cast(CCDatasetMaintenanceUpdates, ComplexSerializableType.from_json(input_path, is_compressed)) + dset = cast( + CCDatasetMaintenanceUpdates, + ComplexSerializableType.from_json(input_path, is_compressed), + ) dset._root_dir = Path(input_path).parent.absolute() return dset def to_pandas(self) -> pd.DataFrame: - df = pd.DataFrame([x.pandas_tuple for x in self.certs.values()], columns=CCMaintenanceUpdate.pandas_columns) + df = pd.DataFrame( + [x.pandas_tuple for x in self.certs.values()], + columns=CCMaintenanceUpdate.pandas_columns, + ) df = df.set_index("dgst") df.index.name = "dgst" @@ -848,11 +918,29 @@ def to_pandas(self) -> pd.DataFrame: return df.fillna(value=np.nan) @classmethod - def from_web_latest(cls) -> CCDataset: + def from_web_latest( + cls, + path: str | Path | None = None, + auxiliary_datasets: bool = False, + artifacts: bool = False, + ) -> CCDatasetMaintenanceUpdates: + if auxiliary_datasets or artifacts: + raise ValueError( + "Maintenance update dataset does not support downloading artifacts or other auxiliary datasets." + ) + if path: + path = Path(path) + if not path.exists(): + path.mkdir(parents=True) + if not path.is_dir(): + raise ValueError("Path needs to be a directory.") with tempfile.TemporaryDirectory() as tmp_dir: - dset_path = Path(tmp_dir) / "cc_maintenances_latest_dataset.json" - helpers.download_file(str(config.cc_maintenances_latest_snapshot), dset_path) - return cls.from_json(dset_path) + dset_path = Path(tmp_dir) / "maintenance_updates.json" + helpers.download_file(config.cc_maintenances_latest_snapshot, dset_path) + dset = cls.from_json(dset_path) + if path: + dset.move_dataset(path) + return dset def get_n_maintenances_df(self) -> pd.DataFrame: """ diff --git a/src/sec_certs/dataset/cc_scheme.py b/src/sec_certs/dataset/cc_scheme.py index e6397827..e7f4433e 100644 --- a/src/sec_certs/dataset/cc_scheme.py +++ b/src/sec_certs/dataset/cc_scheme.py @@ -50,14 +50,18 @@ def from_dict(cls, dct: Mapping) -> CCSchemeDataset: @classmethod def from_web( - cls, json_path: str | Path = constants.DUMMY_NONEXISTING_PATH, only_schemes: set[str] | None = None + cls, + json_path: str | Path = constants.DUMMY_NONEXISTING_PATH, + only_schemes: set[str] | None = None, + enhanced: bool | None = None, + artifacts: bool | None = None, ) -> CCSchemeDataset: schemes = {} for scheme, sources in CCScheme.methods.items(): if only_schemes is not None and scheme not in only_schemes: continue try: - schemes[scheme] = CCScheme.from_web(scheme, sources.keys()) + schemes[scheme] = CCScheme.from_web(scheme, sources.keys(), enhanced=enhanced, artifacts=artifacts) except Exception as e: logger.warning(f"Could not download CC scheme: {scheme} due to error {e}.") return cls(schemes, json_path=json_path) diff --git a/src/sec_certs/dataset/dataset.py b/src/sec_certs/dataset/dataset.py index ed17eecf..44f47494 100644 --- a/src/sec_certs/dataset/dataset.py +++ b/src/sec_certs/dataset/dataset.py @@ -2,6 +2,7 @@ import logging import shutil +import tarfile import tempfile from abc import ABC, abstractmethod from collections.abc import Iterator @@ -15,7 +16,11 @@ from sec_certs import constants from sec_certs.dataset.auxiliary_dataset_handling import AuxiliaryDatasetHandler from sec_certs.sample.certificate import Certificate -from sec_certs.serialization.json import ComplexSerializableType, get_class_fullname, serialize +from sec_certs.serialization.json import ( + ComplexSerializableType, + get_class_fullname, + serialize, +) from sec_certs.utils import helpers from sec_certs.utils.profiling import staged @@ -131,16 +136,73 @@ def __str__(self) -> str: return str(type(self).__name__) + ":" + self.name + ", " + str(len(self)) + " certificates" @classmethod - def from_web(cls: type[DatasetSubType], url: str, progress_bar_desc: str, filename: str) -> DatasetSubType: + def from_web( # noqa + cls: type[DatasetSubType], + archive_url: str, + snapshot_url: str, + progress_bar_desc: str, + path: None | str | Path = None, + auxiliary_datasets: bool = False, + artifacts: bool = False, + ) -> DatasetSubType: """ - Fetches a fully processed dataset instance from static site that hosts it. + Fetches the fresh dataset snapshot from sec-certs.org. + + Optionally stores it at the given path (a directory) and also downloads auxiliary datasets and artifacts (PDFs). + + .. note:: + Note that including the auxiliary datasets adds several gigabytes and including artifacts adds tens of gigabytes. + + :param archive_url: The URL of the full dataset archive. + :param snapshot_url: The URL of the full dataset snapshot. + :param progress_bar_desc: Description of the download progress bar. + :param path: Path to a directory where to store the dataset, or `None` if it should not be stored. + :param auxiliary_datasets: Whether to also download auxiliary datasets (CVE, CPE, CPEMatch datasets). + :param artifacts: Whether to also download artifacts (i.e. PDFs). """ - with tempfile.TemporaryDirectory() as tmp_dir: - dset_path = Path(tmp_dir) / filename - helpers.download_file(url, dset_path, show_progress_bar=True, progress_bar_desc=progress_bar_desc) - dset = cls.from_json(dset_path) # type: ignore - dset.root_dir = constants.DUMMY_NONEXISTING_PATH - return dset + if (artifacts or auxiliary_datasets) and path is None: + raise ValueError("Path needs to be defined if artifacts or auxiliary datasets are to be downloaded.") + if artifacts and not auxiliary_datasets: + raise ValueError("Auxiliary datasets need to be downloaded if artifacts are to be downloaded.") + if path is not None: + path = Path(path) + if not path.exists(): + path.mkdir(parents=True) + if not path.is_dir(): + raise ValueError("Path needs to be a directory.") + if artifacts: + with tempfile.TemporaryDirectory() as tmp_dir: + dset_path = Path(tmp_dir) / "dataset.tar.gz" + res = helpers.download_file( + archive_url, + dset_path, + show_progress_bar=True, + progress_bar_desc=progress_bar_desc, + ) + if res != constants.RESPONSE_OK: + raise ValueError(f"Download failed: {res}") + with tarfile.open(dset_path, "r:gz") as tar: + tar.extractall(str(path)) + dset = cls.from_json(path / "dataset.json") # type: ignore + if auxiliary_datasets: + dset.process_auxiliary_datasets(download_fresh=False) + else: + with tempfile.TemporaryDirectory() as tmp_dir: + dset_path = Path(tmp_dir) / "dataset.json" + helpers.download_file( + snapshot_url, + dset_path, + show_progress_bar=True, + progress_bar_desc=progress_bar_desc, + ) + dset = cls.from_json(dset_path) + if path: + dset.move_dataset(path) + else: + dset.root_dir = constants.DUMMY_NONEXISTING_PATH + if auxiliary_datasets: + dset.process_auxiliary_datasets(download_fresh=True) + return dset def to_dict(self) -> dict[str, Any]: return { @@ -165,7 +227,10 @@ def from_dict(cls, dct: dict) -> Dataset: @classmethod def from_json(cls: type[DatasetSubType], input_path: str | Path, is_compressed: bool = False) -> DatasetSubType: - dset = cast("DatasetSubType", ComplexSerializableType.from_json(input_path, is_compressed)) + dset = cast( + "DatasetSubType", + ComplexSerializableType.from_json(input_path, is_compressed), + ) dset._root_dir = Path(input_path).parent.absolute() dset._set_local_paths() return dset diff --git a/src/sec_certs/dataset/fips.py b/src/sec_certs/dataset/fips.py index f431dab7..2b454370 100644 --- a/src/sec_certs/dataset/fips.py +++ b/src/sec_certs/dataset/fips.py @@ -22,9 +22,7 @@ ) from sec_certs.dataset.dataset import Dataset from sec_certs.heuristics.common import compute_cpe_heuristics, compute_related_cves, compute_transitive_vulnerabilities -from sec_certs.heuristics.fips import ( - compute_references, -) +from sec_certs.heuristics.fips import compute_references from sec_certs.sample.fips import FIPSCertificate from sec_certs.serialization.json import ComplexSerializableType, serialize from sec_certs.utils import helpers @@ -225,14 +223,31 @@ def _get_certificates_from_html(self, html_file: Path) -> list[FIPSCertificate]: return [FIPSCertificate(int(cert_id)) for cert_id in cert_ids] @classmethod - def from_web_latest(cls) -> FIPSDataset: + def from_web_latest( + cls, + path: str | Path | None = None, + auxiliary_datasets: bool = False, + artifacts: bool = False, + ) -> FIPSDataset: """ - Fetches the fresh snapshot of FIPSDataset from mirror. + Fetches the fresh snapshot of FIPSDataset from sec-certs.org. + + Optionally stores it at the given path (a directory) and also downloads auxiliary datasets and artifacts (PDFs). + + .. note:: + Note that including the auxiliary datasets adds several gigabytes and including artifacts adds tens of gigabytes. + + :param path: Path to a directory where to store the dataset, or `None` if it should not be stored. + :param auxiliary_datasets: Whether to also download auxiliary datasets (CVE, CPE, CPEMatch datasets). + :param artifacts: Whether to also download artifacts (i.e. PDFs). """ return cls.from_web( - str(config.fips_latest_snapshot), - "Downloading FIPS Dataset", - "fips_latest_dataset.json", + config.fips_latest_full_archive, + config.fips_latest_snapshot, + "Downloading FIPS", + path, + auxiliary_datasets, + artifacts, ) def _set_local_paths(self) -> None: diff --git a/src/sec_certs/heuristics/cc.py b/src/sec_certs/heuristics/cc.py index 13a7982c..b646a085 100644 --- a/src/sec_certs/heuristics/cc.py +++ b/src/sec_certs/heuristics/cc.py @@ -62,13 +62,13 @@ def compute_normalized_cert_ids(certs: Iterable[CCCertificate]) -> None: def compute_scheme_data(scheme_dset: CCSchemeDataset, certs: dict[str, CCCertificate]): for scheme in scheme_dset: if certified := scheme.lists.get(EntryType.Certified): - certs = {dgst: cert for dgst, cert in certs.items() if cert.status == "active"} - matches = CCSchemeMatcher.match_all(certified, scheme.country, certs.values()) + active_certs = [cert for cert in certs.values() if cert.status == "active"] + matches, _ = CCSchemeMatcher.match_all(certified, scheme.country, active_certs) for dgst, match in matches.items(): certs[dgst].heuristics.scheme_data = match if archived := scheme.lists.get(EntryType.Archived): - certs = {dgst: cert for dgst, cert in certs.items() if cert.status == "archived"} - matches = CCSchemeMatcher.match_all(archived, scheme.country, certs.values()) + archived_certs = [cert for cert in certs.values() if cert.status == "archived"] + matches, _ = CCSchemeMatcher.match_all(archived, scheme.country, archived_certs) for dgst, match in matches.items(): certs[dgst].heuristics.scheme_data = match diff --git a/src/sec_certs/model/cc_matching.py b/src/sec_certs/model/cc_matching.py index 21d94b74..d30a00dd 100644 --- a/src/sec_certs/model/cc_matching.py +++ b/src/sec_certs/model/cc_matching.py @@ -1,15 +1,37 @@ from __future__ import annotations import contextlib +import re from collections.abc import Iterable, Mapping, Sequence +from operator import itemgetter from typing import Any +from sec_certs.cert_rules import rules from sec_certs.configuration import config from sec_certs.model.matching import AbstractMatcher from sec_certs.sample.cc import CCCertificate -from sec_certs.sample.cc_certificate_id import CertificateId +from sec_certs.sample.cc_certificate_id import CertificateId, schemes +from sec_certs.utils.sanitization import sanitize_link_fname from sec_certs.utils.strings import fully_sanitize_string +CATEGORIES = { + "ICs, Smart Cards and Smart Card-Related Devices and Systems", + "Other Devices and Systems", + "Network and Network-Related Devices and Systems", + "Multi-Function Devices", + "Boundary Protection Devices and Systems", + "Data Protection", + "Operating Systems", + "Products for Digital Signatures", + "Access Control Devices and Systems", + "Mobility", + "Databases", + "Trusted Computing", + "Detection Devices and Systems", + "Key Management Systems", + "Biometric Systems and Devices", +} + class CCSchemeMatcher(AbstractMatcher[CCCertificate]): """ @@ -22,21 +44,23 @@ def __init__(self, entry: Mapping, scheme: str): self.scheme = scheme self._prepare() - def _get_from_entry(self, *keys: str) -> str | None: - for key in keys: - if val := self.entry.get(key): - return val + def _get_from_entry(self, *keys: str) -> Any | None: + # Prefer enhanced over base if e := self.entry.get("enhanced"): for key in keys: if val := e.get(key): return val + for key in keys: + if val := self.entry.get(key): + return val return None - def _prepare(self): + def _prepare(self): # noqa: C901 self._canonical_cert_id = None - if cert_id := self._get_from_entry("cert_id", "id"): + self._cert_id = self._get_from_entry("cert_id", "id") + if self._cert_id: with contextlib.suppress(Exception): - self._canonical_cert_id = CertificateId(self.scheme, cert_id).canonical + self._canonical_cert_id = CertificateId(self.scheme, self._cert_id).canonical self._product = None if product_name := self._get_from_entry("product", "title", "name"): @@ -46,10 +70,40 @@ def _prepare(self): if vendor_name := self._get_from_entry("vendor", "developer", "manufacturer", "supplier"): self._vendor = fully_sanitize_string(vendor_name) + self._category = self._get_from_entry("category") + self._certification_date = self._get_from_entry("certification_date") + self._expiration_date = self._get_from_entry("expiration_date") + self._level = self._get_from_entry("level", "assurance_level") + if self._level: + self._level = self._level.upper().replace("AUGMENTED", "").replace("WITH", "") + + filename_rules = rules["cc_filename_cert_id"][self.scheme] + scheme_meta = schemes[self.scheme] + if filename_rules and self._canonical_cert_id is None: + cert_link = self._get_from_entry("cert_link") + if cert_link: + cert_fname = sanitize_link_fname(cert_link) + for rule in filename_rules: + if match := re.match(rule, cert_fname): + with contextlib.suppress(Exception): + meta = match.groupdict() + self._canonical_cert_id = scheme_meta(meta) + break + + report_link = self._get_from_entry("report_link") + if report_link and self._canonical_cert_id is None: + report_fname = sanitize_link_fname(report_link) + for rule in filename_rules: + if match := re.match(rule, report_fname): + with contextlib.suppress(Exception): + meta = match.groupdict() + self._canonical_cert_id = scheme_meta(meta) + break + self._report_hash = self._get_from_entry("report_hash") self._target_hash = self._get_from_entry("target_hash") - def match(self, cert: CCCertificate) -> float: + def match(self, cert: CCCertificate) -> float: # noqa: C901 """ Compute the match of this matcher to the certificate, a float from 0 to 100. @@ -69,6 +123,9 @@ def match(self, cert: CCCertificate) -> float: # We need to have something to match to. if self._product is None or self._vendor is None or cert.name is None or cert.manufacturer is None: return 0 + # It is a correctly parsed category but the wrong one. + if self._category in CATEGORIES and self._category != cert.category: + return 0 cert_name = fully_sanitize_string(cert.name) cert_manufacturer = fully_sanitize_string(cert.manufacturer) # If we match exactly, return early. @@ -82,21 +139,47 @@ def match(self, cert: CCCertificate) -> float: return 93 # Fuzzy match at the end with some penalization. + # Weigh the name and vendor more than the id and more than the level and certification date. + # 6, 6, 4, 2, 2 + matches = {} product_rating = self._compute_match(self._product, cert_name) + matches["product"] = (product_rating, 6) vendor_rating = self._compute_match(self._vendor, cert_manufacturer) - return max((0, product_rating * 0.5 + vendor_rating * 0.5 - 2)) + matches["vendor"] = (vendor_rating, 6) + + if self._cert_id is not None and cert.heuristics.cert_id is not None: + id_rating = self._compute_match(self._cert_id, cert.heuristics.cert_id) + matches["id"] = (id_rating, 4) + + if self._certification_date is not None and cert.not_valid_before is not None: + date_rating = 1 + if cert.not_valid_before.year == self._certification_date.year: + date_rating += 33 + if cert.not_valid_before.month == self._certification_date.month: + date_rating += 33 + if cert.not_valid_before.day == self._certification_date.day: + date_rating += 33 + matches["certification_date"] = (date_rating, 2) + + if self._level is not None and cert.security_level: + level_rating = self._compute_match(self._level, ", ".join(cert.security_level)) + matches["level"] = (level_rating, 2) + total_weight = sum(map(itemgetter(1), matches.values())) + return max((0, sum(match[0] * (match[1] / total_weight) for match in matches.values()) - 2)) @classmethod def match_all( cls, entries: list[dict[str, Any]], scheme: str, certificates: Iterable[CCCertificate] - ) -> dict[str, dict[str, Any]]: + ) -> tuple[dict[str, dict[str, Any]], dict[str, float]]: """ Match all entries of a given CC scheme to certificates from the dataset. :param entries: The entries from the scheme, obtained from CCSchemeDataset. :param scheme: The scheme, e.g. "DE". :param certificates: The certificates to match against. - :return: A mapping of certificate digests to entries, without duplicates, not all entries may be present. + :return: Two mappings: + - A mapping of certificate digests to entries, without duplicates, not all entries may be present. + - A mapping of certificate digests to scores that they matched with. """ certs: list[CCCertificate] = list(filter(lambda cert: cert.scheme == scheme, certificates)) matchers: Sequence[CCSchemeMatcher] = [CCSchemeMatcher(entry, scheme) for entry in entries] diff --git a/src/sec_certs/model/matching.py b/src/sec_certs/model/matching.py index bf214e6f..2ba48f64 100644 --- a/src/sec_certs/model/matching.py +++ b/src/sec_certs/model/matching.py @@ -29,7 +29,9 @@ def _compute_match(self, one: str, other: str) -> float: ) @staticmethod - def _match_certs(matchers: Sequence[AbstractMatcher], certs: list[CertSubType], threshold: float): + def _match_certs( + matchers: Sequence[AbstractMatcher], certs: list[CertSubType], threshold: float + ) -> tuple[dict[str, Any], dict[str, float]]: scores: list[tuple[float, int, int]] = [] matched_is: set[int] = set() matched_js: set[int] = set() @@ -39,6 +41,7 @@ def _match_certs(matchers: Sequence[AbstractMatcher], certs: list[CertSubType], triple = (100 - score, i, j) heappush(scores, triple) results = {} + final_scores = {} for triple in (heappop(scores) for _ in range(len(scores))): inv_score, i, j = triple # Do not match already matched entries/certs. @@ -55,4 +58,5 @@ def _match_certs(matchers: Sequence[AbstractMatcher], certs: list[CertSubType], cert = certs[i] entry = matchers[j].entry results[cert.dgst] = entry - return results + final_scores[cert.dgst] = score + return results, final_scores diff --git a/src/sec_certs/rules.yaml b/src/sec_certs/rules.yaml index e30190de..f17eb242 100644 --- a/src/sec_certs/rules.yaml +++ b/src/sec_certs/rules.yaml @@ -16,14 +16,14 @@ cc_cert_id: - "DCSS[Ii]-(?P[0-9]{2,4})/(?P[0-9]+)([vV](?P[0-9]))?" - "Rapport de certification (?P[0-9]{2,4})/(?P[0-9]+)([vV](?P[0-9]))?" - "Certification Report (?P[0-9]{2,4})/(?P[0-9]+)([vV](?P[0-9]))?" - - "ANSS[Ii](?:-CC)?[ -](?P[0-9]{2,4})[/_-](?P[0-9]+)(?:-(?P(?:[MSR][0-9]+)))?([vV](?P[0-9]))?" + - "ANSS[Ii](?:-CC)?(?:-(?PPP|SITE))?[ -](?P[0-9]{2,4})[/_-](?P[0-9]+)(?:-(?P(?:[MSR][0-9]+)))?([vV](?P[0-9]))?" # Examples: # DCSSI-2009/07 # ANSSI-CC 2001/02-R01 # Rapport de certification 2001/02v2 # Certification Report 2003/20 NL: - - "(?:NSCIB-|CC-|NSCIB-CC-)(?P((?P[0-9]{2})-)?(?:-?[0-9]+)+)(?:-?(?P(?:CR|MA|MR)[0-9]*))?" + - "(?:NSCIB-|CC-|NSCIB-CC-)(?P((?P[0-9]{2})-)?(?:-?[0-9]+)+)(?:-?(?P(?:CR|MA|MR)(?P[0-9]*)))?" # Examples: # NSCIB-CC-22-0428888-CR2 (with year=22 and CR2) # NSCIB-CC-228723-CR (no year) @@ -57,11 +57,12 @@ cc_cert_id: # CRP208 # CERTIFICATION REPORT No. P123A ES: - - "(?P[0-9]{4})[-‐](?P[0-9]+)[-‐]INF[-‐](?P[0-9]+)[ -‐]{1,2}[vV](?P[0-9])" + - "(?P[0-9]{4})[-‐](?P[0-9]+)[-‐]INF[-‐](?P[0-9]+)(?:[ -‐]{1,2}[vV](?P[0-9]))?" # Examples: # 2006-4-INF-98 v2 # 2020-34-INF-3784- v1 # 2019-20-INF-3379-v1 + # 2011-14-INF-1095 (also without the version) KR: - "KECS[-‐](?PISIS|NISS|CISS)[-‐](?P[0-9]{2,4})[-‐](?P[0-9]{4})" # XXX: Do not use KECS-CR as those refer to the certificate report and do not represent the certificate id. @@ -121,6 +122,19 @@ cc_cert_id: # Certificate Number: 2010/67 # Certificate Number: 37/2006 !mistake # Certification Report 97/76 !short year + QA: + - "QCCS-CERT-C(?P[0-9]{3})-(?P[0-9]+)-(?P[0-9]{4})" + # Examples: + # QCCS-CERT-C003-001-2024 + PL: + - "(?P[0-9]+)/PC1/(?:(?PAC223)/)?(?P[0-9]{4})" + # Examples: + # 1/PC1/2021 + # 1/PC1/AC223/2022 + # 1/PC1/AC223/2023 + # 2/PC1/AC223/2023 + # 1/PC1/AC223/2024 + # 2/PC1/AC223/2024 ##### # Common Criteria certificate IDs as they appear in report filenames, grouped by scheme (Alpha-2 ISO country code). @@ -158,6 +172,8 @@ cc_filename_cert_id: SG: AU: - "(?P[0-9]{2,4})_(?P[0-9]+)" + QA: + PL: ##### # Common Criteria protection profile IDs, grouped by certification body (e.g. BSI) diff --git a/src/sec_certs/sample/cc.py b/src/sec_certs/sample/cc.py index d4bc73ae..a9aa2262 100644 --- a/src/sec_certs/sample/cc.py +++ b/src/sec_certs/sample/cc.py @@ -2,6 +2,7 @@ import copy import re +from bisect import insort from collections import Counter, defaultdict from dataclasses import dataclass, field from datetime import date, datetime @@ -18,7 +19,7 @@ from sec_certs import constants from sec_certs.cert_rules import SARS_IMPLIED_FROM_EAL, cc_rules, rules, security_level_csv_scan from sec_certs.configuration import config -from sec_certs.sample.cc_certificate_id import canonicalize, schemes +from sec_certs.sample.cc_certificate_id import CertificateId, canonicalize, schemes from sec_certs.sample.certificate import Certificate, References, logger from sec_certs.sample.certificate import Heuristics as BaseHeuristics from sec_certs.sample.certificate import PdfData as BasePdfData @@ -345,6 +346,8 @@ class Heuristics(BaseHeuristics, ComplexSerializableType): related_cves: set[str] | None = field(default=None) cert_lab: list[str] | None = field(default=None) cert_id: str | None = field(default=None) + prev_certificates: list[str] | None = field(default=None) + next_certificates: list[str] | None = field(default=None) st_references: References = field(default_factory=References) report_references: References = field(default_factory=References) @@ -484,7 +487,8 @@ def eal(self) -> str | None: @property def actual_sars(self) -> set[SAR] | None: """ - Computes actual SARs. First, SARs implied by EAL are computed. Then, these are augmented with heuristically extracted SARs + Computes actual SARs. First, SARs implied by EAL are computed. Then, these are augmented with heuristically extracted SARs. + :return Optional[Set[SAR]]: Set of actual SARs of a certificate, None if empty """ sars = {} @@ -543,7 +547,7 @@ def __str__(self) -> str: def merge(self, other: CCCertificate, other_source: str | None = None) -> None: """ Merges with other CC sample. Assuming they come from different sources, e.g., csv and html. - Assuming that html source has better protection profiles, they overwrite CSV info + Assuming that html source has better protection profiles, they overwrite CSV info. On other values the sanity checks are made. """ if self != other: @@ -684,7 +688,7 @@ def _html_row_get_maintenance_updates(main_div: Tag) -> set[CCCertificate.Mainte @classmethod def from_html_row(cls, row: Tag, status: str, category: str) -> CCCertificate: """ - Creates a CC sample from html row of commoncriteria.org webpage. + Creates a CC sample from html row of commoncriteriaportal.org webpage. """ cells = list(row.find_all("td")) @@ -999,6 +1003,52 @@ def extract_cert_pdf_keywords(cert: CCCertificate) -> CCCertificate: cert.pdf_data.cert_keywords = cert_keywords return cert + def compute_heuristics_cert_versions(self, cert_ids: dict[str, CertificateId | None]) -> None: # noqa: C901 + """ + Fills in the previous and next certificate versions based on the cert ID. + """ + self.heuristics.prev_certificates = [] + self.heuristics.next_certificates = [] + own = cert_ids[self.dgst] + if own is None: + return + if self.scheme not in ("DE", "FR", "ES", "NL", "MY"): + # There is no version in the cert_id, so skip it + return + version = own.meta.get("version") + for other_dgst, other in cert_ids.items(): + if other_dgst == self.dgst: + # Skip ourselves + continue + if other is None or other.scheme != own.scheme: + # The other does not have cert ID or is different scheme or does not have a version. + continue + other_version = other.meta.get("version") + # Go over the own meta and compare, if some field other than version is different, bail out. + # If all except the version are the same, we have a match. + for key, value in own.meta.items(): + if key == "version": + continue + if self.scheme == "DE" and key == "year": + # For German certs we want to also ignore the year in comparison. + continue + if value != other.meta.get(key): + break + else: + if other_version is None and version is None: + # This means a duplicate ID is present, and it has no version. + # Just pass silently. + pass + elif version is None: + insort(self.heuristics.next_certificates, str(other)) + elif other_version is None: + insort(self.heuristics.prev_certificates, str(other)) + else: + if other_version < version: + insort(self.heuristics.prev_certificates, str(other)) + else: + insort(self.heuristics.next_certificates, str(other)) + def compute_heuristics_version(self) -> None: """ Fills in the heuristically obtained version of certified product into attribute in heuristics class. diff --git a/src/sec_certs/sample/cc_certificate_id.py b/src/sec_certs/sample/cc_certificate_id.py index c2b6daa2..74de6b42 100644 --- a/src/sec_certs/sample/cc_certificate_id.py +++ b/src/sec_certs/sample/cc_certificate_id.py @@ -24,7 +24,11 @@ def FR(meta) -> str: counter = meta["counter"] doc = meta.get("doc") version = meta.get("version") - cert_id = f"ANSSI-CC-{year}/{counter}" + type = meta.get("type") + cert_id = "ANSSI-CC-" + if type: + cert_id += f"{type}-" + cert_id += f"{year}/{counter}" if doc: cert_id += f"-{doc}" if version: @@ -183,6 +187,17 @@ def IT(meta) -> str: return cert_id +def PL(meta) -> str: + number = meta["number"] + ac = meta.get("ac") + year = meta["year"] + cert_id = f"{number}/PC1/" + if ac: + cert_id += f"{ac}/" + cert_id += f"{year}" + return cert_id + + # We have rules for some schemes to make canonical cert_ids. schemes = { "FR": FR, @@ -202,6 +217,7 @@ def IT(meta) -> str: "TR": TR, "SG": SG, "IT": IT, + "PL": PL, } diff --git a/src/sec_certs/sample/cc_scheme.py b/src/sec_certs/sample/cc_scheme.py index e2da4a60..2cc9fc48 100644 --- a/src/sec_certs/sample/cc_scheme.py +++ b/src/sec_certs/sample/cc_scheme.py @@ -9,8 +9,9 @@ import warnings from collections.abc import Callable, Iterable from dataclasses import dataclass -from datetime import datetime +from datetime import date, datetime from enum import Enum +from inspect import signature from pathlib import Path from typing import Any, ClassVar from urllib.parse import urljoin @@ -19,11 +20,12 @@ import tabula from bs4 import BeautifulSoup, NavigableString, Tag from dateutil.parser import isoparse -from requests import Response +from requests import ConnectionError, HTTPError, Response from urllib3.connectionpool import InsecureRequestWarning from sec_certs import constants from sec_certs.serialization.json import ComplexSerializableType +from sec_certs.utils.helpers import parse_date from sec_certs.utils.sanitization import sanitize_navigable_string as sns from sec_certs.utils.tqdm import tqdm @@ -50,6 +52,8 @@ "get_korea_certified", "get_korea_suspended", "get_korea_archived", + "get_poland_certified", + "get_poland_ineval", "get_singapore_certified", "get_singapore_in_evaluation", "get_singapore_archived", @@ -65,15 +69,34 @@ "CCScheme", ] - -def _getq(url: str, params, session=None, **kwargs) -> Response: +BASE_HEADERS = {"User-Agent": "sec-certs.org"} + +SPOOF_HEADERS = { + "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7", + "Accept-Encoding": "gzip, deflate, br, zstd", + "Accept-Language": "en-US,en;q=0.9", + "Cache-Control": "no-cache", + "Dnt": "1", + "Pragma": "no-cache", + "Priority": "u=0, i", + "Sec-Ch-Ua": 'Not?A_Brand";v="99", "Chromium";v="130', + "Sec-Ch-Ua-Mobile": "?0", + "Sec-Ch-Ua-Platform": '"Linux"', +} + + +def _getq(url: str, params, session=None, spoof=False, **kwargs) -> Response: + headers = {**BASE_HEADERS} + if spoof: + headers.update(SPOOF_HEADERS) with warnings.catch_warnings(): warnings.simplefilter("ignore", category=InsecureRequestWarning) conn = session if session else requests resp = conn.get( url, params=params, - headers={"User-Agent": "sec-certs.org"}, + headers=headers, verify=False, **kwargs, timeout=10, @@ -90,12 +113,15 @@ def _get_page(url: str, session=None, **kwargs) -> BeautifulSoup: return BeautifulSoup(_get(url, session, **kwargs).content, "html5lib") -def _get_hash(url: str, session=None, **kwargs) -> bytes: - resp = _get(url, session, **kwargs) +def _get_hash(url: str, session=None, **kwargs) -> str | None: + try: + resp = _get(url, session, **kwargs) + except (HTTPError, ConnectionError): + return None h = hashlib.sha256() for chunk in resp.iter_content(): h.update(chunk) - return h.digest() + return h.digest().hex() def get_australia_in_evaluation( # noqa: C901 @@ -107,8 +133,8 @@ def get_australia_in_evaluation( # noqa: C901 :param enhanced: Whether to enhance the results by following links (slower, more data). :return: The entries. """ - # TODO: Australian scheme is blocking our User-Agent. - soup = _get_page(constants.CC_AUSTRALIA_INEVAL_URL) + session = requests.Session() + soup = _get_page(constants.CC_AUSTRALIA_INEVAL_URL, session=session, spoof=True) header = soup.find("h2", string="Products in evaluation") table = header.find_next_sibling("table") results = [] @@ -121,10 +147,13 @@ def get_australia_in_evaluation( # noqa: C901 "product": sns(tds[1].text), "url": urljoin(constants.CC_AUSTRALIA_BASE_URL, tds[1].find("a")["href"]), "level": sns(tds[2].text), + "acceptance_date": parse_date(sns(tds[3].text), languages=["en"]), + "evaluation_facility": sns(tds[4].text), + "task_id": sns(tds[5].text), } if enhanced: e: dict[str, Any] = {} - cert_page = _get_page(cert["url"]) + cert_page = _get_page(cert["url"], session=session, spoof=True) article = cert_page.find("article") blocks = article.find("div").find_all("div", class_="flex", recursive=False) for h2 in blocks[0].find_all("h2"): @@ -135,7 +164,7 @@ def get_australia_in_evaluation( # noqa: C901 if "Version:" in h_text: e["version"] = val elif "Product type:" in h_text: - e["product_type"] = val + e["category"] = val elif "Product status:" in h_text: e["product_status"] = val elif "Assurance level:" in h_text: @@ -187,7 +216,7 @@ def get_canada_certified() -> list[dict[str, Any]]: "product": sns(tds[0].text), "vendor": sns(tds[1].text), "level": sns(tds[2].text), - "certification_date": sns(tds[3].text), + "certification_date": parse_date(sns(tds[3].text), "%Y-%m-%d"), } results.append(cert) return results @@ -215,14 +244,14 @@ def get_canada_in_evaluation() -> list[dict[str, Any]]: "product": sns(tds[0].text), "vendor": sns(tds[1].text), "level": sns(tds[2].text), - "cert_lab": sns(tds[3].text), + "evaluation_facility": sns(tds[3].text), } results.append(cert) return results -def _get_france(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 - session = requests.session() +def _get_france(url, enhanced, artifacts, name) -> list[dict[str, Any]]: # noqa: C901 + session = requests.Session() challenge_soup = _get_page(constants.CC_ANSSI_BASE_URL, session=session) bln_script = challenge_soup.find("head").find_all("script")[1] bln_match = re.search(r"\"value\":\"([a-zA-Z0-9_-]+)\"", bln_script.string) @@ -237,6 +266,7 @@ def _get_france(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 raise ValueError pages = int(last_page_a.group()) results = [] + pbar = tqdm(desc=f"Get FR scheme {name}.") for page in range(pages + 1): soup = _get_page(url + f"?page={page}", session=session) for row in soup.find_all("article", class_="node--type-produit-certifie-cc"): @@ -256,11 +286,11 @@ def _get_france(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 elif "Développeur" in label: cert["developer"] = value elif "Référence du certificat" in label: - cert["cert_id"] = value + cert["cert_id"] = value if not value or value.startswith("ANSSI") else "ANSSI-CC-" + value elif "Niveau" in label: cert["level"] = value elif "Date de fin de validité" in label: - cert["expiration_date"] = value + cert["expiration_date"] = parse_date(value, languages=["fr"]) if enhanced: e: dict[str, Any] = {} cert_page = _get_page(cert["url"], session=session) @@ -269,11 +299,11 @@ def _get_france(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 label = tr.find("th").text value = sns(tr.find("td").text) if "Référence du certificat" in label: - e["cert_id"] = value + e["cert_id"] = value if not value or value.startswith("ANSSI") else "ANSSI-CC-" + value elif "Date de certification" in label: - e["certification_date"] = value + e["certification_date"] = parse_date(value, languages=["fr"]) elif "Date de fin de validité" in label: - e["expiration_date"] = value + e["expiration_date"] = parse_date(value, languages=["fr"]) elif "Catégorie" in label: # TODO: translate? e["category"] = value @@ -298,17 +328,19 @@ def _get_france(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 if "Rapport de certification" in a.text: e["report_link"] = urljoin(constants.CC_ANSSI_BASE_URL, a["href"]) if artifacts: - e["report_hash"] = _get_hash(e["report_link"], session=session).hex() + e["report_hash"] = _get_hash(e["report_link"], session=session) elif "Cible de sécurité" in a.text: e["target_link"] = urljoin(constants.CC_ANSSI_BASE_URL, a["href"]) if artifacts: - e["target_hash"] = _get_hash(e["target_link"], session=session).hex() + e["target_hash"] = _get_hash(e["target_link"], session=session) elif "Certificat" in a.text: e["cert_link"] = urljoin(constants.CC_ANSSI_BASE_URL, a["href"]) if artifacts: - e["cert_hash"] = _get_hash(e["cert_link"], session=session).hex() + e["cert_hash"] = _get_hash(e["cert_link"], session=session) cert["enhanced"] = e + pbar.update() results.append(cert) + pbar.close() return results @@ -320,7 +352,7 @@ def get_france_certified(enhanced: bool = True, artifacts: bool = False) -> list :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_france(constants.CC_ANSSI_CERTIFIED_URL, enhanced, artifacts) + return _get_france(constants.CC_ANSSI_CERTIFIED_URL, enhanced, artifacts, "certified") def get_france_archived(enhanced: bool = True, artifacts: bool = False) -> list[dict[str, Any]]: # noqa: C901 @@ -331,7 +363,7 @@ def get_france_archived(enhanced: bool = True, artifacts: bool = False) -> list[ :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_france(constants.CC_ANSSI_ARCHIVED_URL, enhanced, artifacts) + return _get_france(constants.CC_ANSSI_ARCHIVED_URL, enhanced, artifacts, "archived") def get_germany_certified( # noqa: C901 @@ -344,19 +376,20 @@ def get_germany_certified( # noqa: C901 :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - base_soup = _get_page(constants.CC_BSI_CERTIFIED_URL) + session = requests.Session() + base_soup = _get_page(constants.CC_BSI_CERTIFIED_URL, session=session) category_nav = base_soup.find("ul", class_="no-bullet row") results = [] for li in tqdm(category_nav.find_all("li"), desc="Get DE scheme certified."): a = li.find("a") url = a["href"] category_name = sns(a.text) - soup = _get_page(urljoin(constants.CC_BSI_BASE_URL, url)) + soup = _get_page(urljoin(constants.CC_BSI_BASE_URL, url), session=session) content = soup.find("div", class_="content").find("div", class_="column") - for table in tqdm(content.find_all("table")): + for table in tqdm(content.find_all("table"), leave=False): tbody = table.find("tbody") header = table.find_parent("div", class_="wrapperTable").find_previous_sibling("h2") - for tr in tqdm(tbody.find_all("tr")): + for tr in tqdm(tbody.find_all("tr"), leave=False): tds = tr.find_all("td") if len(tds) != 4: continue @@ -364,13 +397,13 @@ def get_germany_certified( # noqa: C901 "cert_id": sns(tds[0].text), "product": sns(tds[1].text), "vendor": sns(tds[2].text), - "certification_date": sns(tds[3].text), + "certification_date": parse_date(sns(tds[3].text), "%d.%m.%Y"), "category": category_name, "url": urljoin(constants.CC_BSI_BASE_URL, tds[0].find("a")["href"]), } if enhanced: e: dict[str, Any] = {} - cert_page = _get_page(cert["url"]) + cert_page = _get_page(cert["url"], session=session) content = cert_page.find("div", id="content").find("div", class_="column") head = content.find("h1", class_="c-intro__headline") e["product"] = sns(head.next_sibling.text) @@ -390,9 +423,9 @@ def get_germany_certified( # noqa: C901 elif "Protection Profile" in title: e["protection_profile"] = value elif "Certification Date" in title: - e["certification_date"] = value + e["certification_date"] = parse_date(value, "%d.%m.%Y") elif "valid until" in title: - e["expiration_date"] = value + e["expiration_date"] = parse_date(value, "%d.%m.%Y") links = content.find("ul") if links: # has multiple entries/recertifications @@ -420,15 +453,15 @@ def get_germany_certified( # noqa: C901 if "Certification Report" in title: e["report_link"] = href if artifacts: - e["report_hash"] = _get_hash(href).hex() + e["report_hash"] = _get_hash(href, session=session) elif "Security Target" in title: e["target_link"] = href if artifacts: - e["target_hash"] = _get_hash(href).hex() + e["target_hash"] = _get_hash(href, session=session) elif "Certificate" in title: e["cert_link"] = href if artifacts: - e["cert_hash"] = _get_hash(href).hex() + e["cert_hash"] = _get_hash(href, session=session) description = content.find("div", attrs={"lang": "en"}) if description: e["description"] = sns(description.text) @@ -452,6 +485,7 @@ def get_india_certified() -> list[dict[str, Any]]: pages = {0} seen_pages = set() results = [] + pbar = tqdm(desc="Get IN scheme certified.") while pages: page = pages.pop() seen_pages.add(page) @@ -460,13 +494,14 @@ def get_india_certified() -> list[dict[str, Any]]: # Update pages pager = soup.find("ul", class_="pager__items") - for li in pager.find_all("li"): - try: - new_page = int(li.text) - 1 - except Exception: - continue - if new_page not in seen_pages: - pages.add(new_page) + if pager: + for li in pager.find_all("li"): + try: + new_page = int(li.find("a")["href"].split("=")[1]) + except Exception: + continue + if new_page not in seen_pages: + pages.add(new_page) # Parse table tbody = soup.find("div", class_="view-content").find("table").find("tbody") @@ -483,7 +518,7 @@ def get_india_certified() -> list[dict[str, Any]]: "sponsor": sns(tds[2].text), "developer": sns(tds[3].text), "level": sns(tds[4].text), - "issuance_date": sns(tds[5].text), + "certification_date": parse_date(sns(tds[5].text), "%d-%b-%Y"), "report_link": urljoin(constants.CC_INDIA_BASE_URL, _fix_india_link(report_a["href"])), "report_name": sns(report_a.text), "target_link": urljoin(constants.CC_INDIA_BASE_URL, _fix_india_link(target_a["href"])), @@ -491,7 +526,9 @@ def get_india_certified() -> list[dict[str, Any]]: "cert_link": urljoin(constants.CC_INDIA_BASE_URL, _fix_india_link(cert_a["href"])), "cert_name": sns(cert_a.text), } + pbar.update() results.append(cert) + pbar.close() return results @@ -504,6 +541,7 @@ def get_india_archived() -> list[dict[str, Any]]: pages = {0} seen_pages = set() results = [] + pbar = tqdm(desc="Get IN scheme archived.") while pages: page = pages.pop() seen_pages.add(page) @@ -515,7 +553,7 @@ def get_india_archived() -> list[dict[str, Any]]: if pager: for li in pager.find_all("li"): try: - new_page = int(li.text) - 1 + new_page = int(li.find("a")["href"].split("=")[1]) except Exception: continue if new_page not in seen_pages: @@ -540,12 +578,14 @@ def get_india_archived() -> list[dict[str, Any]]: "target_name": sns(target_a.text), "cert_link": urljoin(constants.CC_INDIA_BASE_URL, _fix_india_link(cert_a["href"])), "cert_name": sns(cert_a.text), - "certification_date": sns(tds[8].text), + "certification_date": parse_date(sns(tds[8].text), "%d/%b/%Y"), } if report_a: cert["report_link"] = urljoin(constants.CC_INDIA_BASE_URL, _fix_india_link(report_a["href"])) cert["report_name"] = sns(report_a.text) + pbar.update() results.append(cert) + pbar.close() return results @@ -558,7 +598,7 @@ def get_italy_certified() -> list[dict[str, Any]]: # noqa: C901 soup = _get_page(constants.CC_ITALY_CERTIFIED_URL) div = soup.find("div", class_="certificati") results = [] - for cert_div in div.find_all("div", recursive=False): + for cert_div in tqdm(div.find_all("div", recursive=False), desc="Get IT scheme certified."): title = cert_div.find("h3").text data_div = cert_div.find("div", class_="collapse") cert = {"title": title} @@ -567,16 +607,16 @@ def get_italy_certified() -> list[dict[str, Any]]: # noqa: C901 if not p_text or ":" not in p_text: continue p_name, p_data = p_text.split(":") - p_data = p_data + p_data = p_data.strip() p_link = data_p.find("a") if "Fornitore" in p_name: cert["supplier"] = p_data elif "Livello di garanzia" in p_name: cert["level"] = p_data elif "Data emissione certificato" in p_name: - cert["certification_date"] = p_data + cert["certification_date"] = parse_date(p_data, languages=["it"]) elif "Data revisione" in p_name: - cert["revision_date"] = p_data + cert["revision_date"] = parse_date(p_data, languages=["it"]) elif "Rapporto di Certificazione" in p_name and p_link: cert["report_link_it"] = urljoin(constants.CC_ITALY_BASE_URL, p_link["href"]) elif "Certification Report" in p_name and p_link: @@ -600,7 +640,7 @@ def get_italy_in_evaluation() -> list[dict[str, Any]]: soup = _get_page(constants.CC_ITALY_INEVAL_URL) div = soup.find("div", class_="valutazioni") results = [] - for cert_div in div.find_all("div", recursive=False): + for cert_div in tqdm(div.find_all("div", recursive=False), desc="Get IT scheme in evaluation."): title = cert_div.find("h3").text data_div = cert_div.find("div", class_="collapse") cert = {"title": title} @@ -620,26 +660,30 @@ def get_italy_in_evaluation() -> list[dict[str, Any]]: return results -def _get_japan(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 - soup = _get_page(url) +def _get_japan(url, enhanced, artifacts, name) -> list[dict[str, Any]]: # noqa: C901 + session = requests.Session() + soup = _get_page(url, session=session) table = soup.find("table", class_="cert-table") results = [] trs = list(table.find_all("tr")) - for tr in trs: + for tr in tqdm(trs, desc=f"Get JP scheme {name}."): tds = tr.find_all("td") if not tds: continue if len(tds) in (6, 7): + cert_id = sns(tds[0].text) + if cert_id: + cert_id = "JISEC-CC-CRP-" + cert_id cert: dict[str, Any] = { - "cert_id": sns(tds[0].text), + "cert_id": cert_id, "supplier": sns(tds[1].text), "toe_overseas_name": sns(tds[2].text), } if len(tds) == 6: - cert["expiration_date"] = sns(tds[5].text) + cert["expiration_date"] = parse_date(sns(tds[5].text), "%Y-%m") cert["claim"] = sns(tds[4].text) else: - cert["expiration_date"] = sns(tds[4].text) + cert["expiration_date"] = parse_date(sns(tds[4].text), "%Y-%m") cert["claim"] = sns(tds[5].text) cert_date = sns(tds[3].text) toe_a = tds[2].find("a") @@ -650,7 +694,7 @@ def _get_japan(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 if cert_date and "Assurance Continuity" in cert_date: cert["revalidations"] = [{"date": cert_date.split("(")[0], "link": toe_link}] else: - cert["certification_date"] = cert_date + cert["certification_date"] = parse_date(cert_date, "%Y-%m") cert["toe_overseas_link"] = toe_link results.append(cert) if len(tds) == 1: @@ -661,7 +705,7 @@ def _get_japan(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 cert["toe_japan_link"] = urljoin(constants.CC_JAPAN_CERT_BASE_URL, toe_a["href"]) if len(tds) == 2: cert = results[-1] - cert["certification_date"] = sns(tds[1].text) + cert["certification_date"] = parse_date(sns(tds[1].text), "%Y-%m") toe_a = tds[0].find("a") if toe_a and "href" in toe_a.attrs: toe_link = urljoin(constants.CC_JAPAN_CERT_BASE_URL, toe_a["href"]) @@ -669,12 +713,12 @@ def _get_japan(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 toe_link = None cert["toe_overseas_link"] = toe_link if enhanced: - for cert in results: + for cert in tqdm(results, desc=f"Get JP scheme {name} (enhanced)."): e: dict[str, Any] = {} cert_link = cert.get("toe_overseas_link") or cert.get("toe_japan_link") if not cert_link: continue - cert_page = _get_page(cert_link) + cert_page = _get_page(cert_link, session=session) main = cert_page.find("div", id="main") left = main.find("div", id="left") for dl in left.find_all("dl"): @@ -690,11 +734,18 @@ def _get_japan(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 elif "Product Type" in title: e["product_type"] = value elif "Certification Identification" in title: - e["cert_id"] = value + if not value or value.startswith("JISEC-CC-CRP-"): + e["cert_id"] = value + elif value.startswith("JISEC-"): + e["cert_id"] = value.replace("JISEC-", "JISEC-CC-CRP-") + else: + e["cert_id"] = value elif "Version of Common Criteria" in title: e["cc_version"] = value - elif "Date" in title: - e["certification_date"] = value + elif "Date of Certification Expiry" in title: + e["expiration_date"] = parse_date(value, "%Y-%m-%d") + elif "Date of Certification" in title: + e["certification_date"] = parse_date(value, "%Y-%m-%d") elif "Conformance Claim" in title: e["assurance_level"] = value elif "PP Identifier" in title and value != "None": @@ -719,15 +770,15 @@ def _get_japan(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 if "Report" in name: e["report_link"] = urljoin(constants.CC_JAPAN_BASE_URL, li_a["href"]) if artifacts: - e["report_hash"] = _get_hash(e["report_link"]).hex() + e["report_hash"] = _get_hash(e["report_link"], session=session) elif "Certificate" in name: e["cert_link"] = urljoin(constants.CC_JAPAN_BASE_URL, li_a["href"]) if artifacts: - e["cert_hash"] = _get_hash(e["cert_link"]).hex() + e["cert_hash"] = _get_hash(e["cert_link"], session=session) elif "Target" in name: e["target_link"] = urljoin(constants.CC_JAPAN_BASE_URL, li_a["href"]) if artifacts: - e["target_hash"] = _get_hash(e["target_link"]).hex() + e["target_hash"] = _get_hash(e["target_link"], session=session) e["description"] = sns(main.find("div", id="overviewsbox").text) cert["enhanced"] = e return results @@ -741,8 +792,8 @@ def get_japan_certified(enhanced: bool = True, artifacts: bool = False) -> list[ :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - japan_hw = _get_japan(constants.CC_JAPAN_CERTIFIED_HW_URL, enhanced, artifacts) - japan_sw = _get_japan(constants.CC_JAPAN_CERTIFIED_SW_URL, enhanced, artifacts) + japan_hw = _get_japan(constants.CC_JAPAN_CERTIFIED_HW_URL, enhanced, artifacts, "certified HW") + japan_sw = _get_japan(constants.CC_JAPAN_CERTIFIED_SW_URL, enhanced, artifacts, "certified SW") return japan_sw + japan_hw @@ -754,7 +805,7 @@ def get_japan_archived(enhanced: bool = True, artifacts: bool = False) -> list[d :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_japan(constants.CC_JAPAN_ARCHIVED_SW_URL, enhanced, artifacts) + return _get_japan(constants.CC_JAPAN_ARCHIVED_SW_URL, enhanced, artifacts, "archived SW") def get_japan_in_evaluation() -> list[dict[str, Any]]: @@ -766,7 +817,7 @@ def get_japan_in_evaluation() -> list[dict[str, Any]]: soup = _get_page(constants.CC_JAPAN_INEVAL_URL) table = soup.find("table") results = [] - for tr in table.find_all("tr"): + for tr in tqdm(table.find_all("tr"), desc="Get JP scheme in evaluation."): tds = tr.find_all("td") if not tds: continue @@ -781,15 +832,17 @@ def get_japan_in_evaluation() -> list[dict[str, Any]]: return results -def _get_malaysia(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C901 - soup = _get_page(url) +def _get_malaysia(url, enhanced, artifacts, name) -> list[dict[str, Any]]: # noqa: C901 + session = requests.Session() + soup = _get_page(url, session=session) pages_re = re.search("Page [0-9]+ of ([0-9]+)", soup.find("form").text) if not pages_re: raise ValueError total_pages = int(pages_re.group(1)) results = [] + pbar = tqdm(desc=f"Get MY scheme {name}.") for i in range(total_pages): - soup = _get_page(url + f"?start={i * 10}") + soup = _get_page(url + f"?start={i * 10}", session=session) table = soup.find("table", class_="directoryTable") for tr in table.find_all("tr", class_="directoryRow"): tds = tr.find_all("td") @@ -798,14 +851,14 @@ def _get_malaysia(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C9 "developer": sns(tds[1].text), "level": sns(tds[2].text), "product": sns(tds[3].text), - "certification_date": sns(tds[4].text), - "expiration_date": sns(tds[5].text), + "certification_date": parse_date(sns(tds[4].text), "%d-%m-%Y"), + "expiration_date": parse_date(sns(tds[5].text), "%d-%m-%Y"), "recognition": sns(tds[6].text), "url": urljoin(constants.CC_MALAYSIA_BASE_URL, tds[7].find("a")["href"]), } if enhanced: e: dict[str, Any] = {} - cert_page = _get_page(cert["url"]) + cert_page = _get_page(cert["url"], session=session) for row in cert_page.find_all("div", class_="rsform-table-row"): left = row.find("div", class_="rsform-left-col") right = row.find("div", class_="rsform-right-col") @@ -828,9 +881,9 @@ def _get_malaysia(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C9 elif "Assurance Level" in title: e["assurance_level"] = value elif "Certificate Date" in title: - e["certification_date"] = value + e["certification_date"] = parse_date(value, "%d-%m-%Y") elif "Expiry Date" in title: - e["expiration_date"] = value + e["expiration_date"] = parse_date(value, "%d-%m-%Y") elif "Recognized By" in title: e["mutual_recognition"] = value elif "Reports" in title: @@ -838,17 +891,19 @@ def _get_malaysia(url, enhanced, artifacts) -> list[dict[str, Any]]: # noqa: C9 if "ST" in a.text: e["target_link"] = urljoin(constants.CC_MALAYSIA_BASE_URL, a["href"]) if artifacts: - e["target_hash"] = _get_hash(e["target_link"]).hex() + e["target_hash"] = _get_hash(e["target_link"], session=session) elif "CR" in a.text: e["report_link"] = urljoin(constants.CC_MALAYSIA_BASE_URL, a["href"]) if artifacts: - e["report_hash"] = _get_hash(e["report_link"]).hex() + e["report_hash"] = _get_hash(e["report_link"], session=session) elif "Maintenance" in title: pass elif "Status" in title: e["status"] = value cert["enhanced"] = e + pbar.update() results.append(cert) + pbar.close() return results @@ -860,7 +915,7 @@ def get_malaysia_certified(enhanced: bool = True, artifacts: bool = False) -> li :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_malaysia(constants.CC_MALAYSIA_CERTIFIED_URL, enhanced, artifacts) + return _get_malaysia(constants.CC_MALAYSIA_CERTIFIED_URL, enhanced, artifacts, "certified") def get_malaysia_archived(enhanced: bool = True, artifacts: bool = False) -> list[dict[str, Any]]: @@ -871,7 +926,7 @@ def get_malaysia_archived(enhanced: bool = True, artifacts: bool = False) -> lis :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_malaysia(constants.CC_MALAYSIA_ARCHIVED_URL, enhanced, artifacts) + return _get_malaysia(constants.CC_MALAYSIA_ARCHIVED_URL, enhanced, artifacts, "archived") def get_malaysia_in_evaluation() -> list[dict[str, Any]]: @@ -884,7 +939,7 @@ def get_malaysia_in_evaluation() -> list[dict[str, Any]]: main_div = soup.find("div", attrs={"itemprop": "articleBody"}) table = main_div.find("table") results = [] - for tr in table.find_all("tr")[1:]: + for tr in tqdm(table.find_all("tr")[1:], desc="Get MY scheme in evaluation."): tds = tr.find_all("td") if len(tds) != 5: continue @@ -899,28 +954,26 @@ def get_malaysia_in_evaluation() -> list[dict[str, Any]]: return results -def get_netherlands_certified( # noqa: C901 +def _get_netherlands_certified_old( # noqa: C901 artifacts: bool = False, ) -> list[dict[str, Any]]: - """ - Get Dutch "certified product" entries. - - :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). - :return: The entries. - """ - soup = _get_page(constants.CC_NETHERLANDS_CERTIFIED_URL) + soup = _get_page(constants.CC_NETHERLANDS_OLD_CERTIFIED_URL) main_div = soup.select("body > main > div > div > div > div:nth-child(2) > div.col-lg-9 > div:nth-child(3)")[0] rows = main_div.find_all("div", class_="row", recursive=False) modals = main_div.find_all("div", class_="modal", recursive=False) results = [] - for row, modal in zip(rows, modals): + for row, modal in tqdm(zip(rows, modals), desc="Get NL scheme certified (old)."): row_entries = row.find_all("a") modal_trs = modal.find_all("tr") + cert_id = sns(row_entries[3].text) + if cert_id: + cert_id = cert_id if cert_id.startswith("NSCIB-") else "NSCIB-" + cert_id + cert_id = cert_id if cert_id.endswith("-CR") else cert_id + "-CR" cert: dict[str, Any] = { "manufacturer": sns(row_entries[0].text), "product": sns(row_entries[1].text), "scheme": sns(row_entries[2].text), - "cert_id": sns(row_entries[3].text), + "cert_id": cert_id, } for tr in modal_trs: th_text = tr.find("th").text @@ -930,35 +983,73 @@ def get_netherlands_certified( # noqa: C901 elif "Assurancelevel" in th_text: cert["level"] = sns(td.text) elif "Certificate" in th_text: - cert["cert_link"] = urljoin(constants.CC_NETHERLANDS_BASE_URL, td.find("a")["href"]) + cert["cert_link"] = urljoin(constants.CC_NETHERLANDS_OLD_BASE_URL, td.find("a")["href"]) if artifacts: - cert["cert_hash"] = _get_hash(cert["cert_link"]).hex() + cert["cert_hash"] = _get_hash(cert["cert_link"]) elif "Certificationreport" in th_text: - cert["report_link"] = urljoin(constants.CC_NETHERLANDS_BASE_URL, td.find("a")["href"]) + cert["report_link"] = urljoin(constants.CC_NETHERLANDS_OLD_BASE_URL, td.find("a")["href"]) if artifacts: - cert["report_hash"] = _get_hash(cert["report_link"]).hex() + cert["report_hash"] = _get_hash(cert["report_link"]) elif "Securitytarget" in th_text: - cert["target_link"] = urljoin(constants.CC_NETHERLANDS_BASE_URL, td.find("a")["href"]) + cert["target_link"] = urljoin(constants.CC_NETHERLANDS_OLD_BASE_URL, td.find("a")["href"]) if artifacts: - cert["target_hash"] = _get_hash(cert["target_link"]).hex() + cert["target_hash"] = _get_hash(cert["target_link"]) elif "Maintenance report" in th_text: - cert["maintenance_link"] = urljoin(constants.CC_NETHERLANDS_BASE_URL, td.find("a")["href"]) + cert["maintenance_link"] = urljoin(constants.CC_NETHERLANDS_OLD_BASE_URL, td.find("a")["href"]) if artifacts: - cert["maintenance_hash"] = _get_hash(cert["maintenance_link"]).hex() + cert["maintenance_hash"] = _get_hash(cert["maintenance_link"]) results.append(cert) return results -def get_netherlands_in_evaluation() -> list[dict[str, Any]]: +def _get_netherlands_certified_new( # noqa: C901 + artifacts: bool = False, +) -> list[dict[str, Any]]: + soup = _get_page(constants.CC_NETHERLANDS_NEW_CERTIFIED_URL) + table = soup.find("table", class_="wpDataTable") + results = [] + for tr in tqdm(table.find_all("tr")[1:], desc="Get NL scheme certified (new)."): + tds = tr.find_all("td") + cert_id = sns(tds[0].text).replace("\n", "") # type: ignore + cert_id = cert_id if cert_id.startswith("NSCIB-") else "NSCIB-" + cert_id + cert_id = cert_id if cert_id.endswith("-CR") else cert_id + "-CR" + cert = { + "cert_id": cert_id, + "certification_date": parse_date(sns(tds[1].text), "%Y-%m-%d"), + "status": sns(tds[2].text), + "product": sns(tds[3].text), + "developer": sns(tds[4].text), + "evaluation_facility": sns(tds[5].text), + "level": sns(tds[6].text), + } + for name, i in (("cert", 7), ("report", 8), ("target", 9)): + a = tds[i].find("a") + if a: + href = urljoin(constants.CC_NETHERLANDS_NEW_BASE_URL, a["href"]) + cert[f"{name}_link"] = href + if artifacts: + cert[f"{name}_hash"] = _get_hash(href) + results.append(cert) + return results + + +def get_netherlands_certified(artifacts: bool = False) -> list[dict[str, Any]]: """ - Get Dutch "product in evaluation" entries. + Get Dutch "certified product" entries. + :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - soup = _get_page(constants.CC_NETHERLANDS_INEVAL_URL) + old = _get_netherlands_certified_old(artifacts=artifacts) + new = _get_netherlands_certified_new(artifacts=artifacts) + return old + new + + +def _get_netherlands_in_evaluation_old() -> list[dict[str, Any]]: + soup = _get_page(constants.CC_NETHERLANDS_OLD_INEVAL_URL) table = soup.find("table") results = [] - for tr in table.find_all("tr")[1:]: + for tr in tqdm(table.find_all("tr")[1:], desc="Get NL scheme in evaluation (old)."): tds = tr.find_all("td") cert = { "developer": sns(tds[0].text), @@ -971,23 +1062,52 @@ def get_netherlands_in_evaluation() -> list[dict[str, Any]]: return results +def _get_netherlands_in_evaluation_new() -> list[dict[str, Any]]: + soup = _get_page(constants.CC_NETHERLANDS_NEW_INEVAL_URL) + table = soup.find("table", class_="wpDataTable") + results = [] + for tr in tqdm(table.find_all("tr")[1:], desc="Get NL scheme in evaluation (new)."): + tds = tr.find_all("td") + cert = { + "cert_id": sns(tds[0].text), + "developer": sns(tds[1].text), + "product": sns(tds[2].text), + "category": sns(tds[3].text), + "level": sns(tds[4].text), + } + results.append(cert) + return results + + +def get_netherlands_in_evaluation() -> list[dict[str, Any]]: + """ + Get Dutch "product in evaluation" entries. + + :return: The entries. + """ + old = _get_netherlands_in_evaluation_old() + new = _get_netherlands_in_evaluation_new() + return old + new + + def _get_norway( # noqa: C901 - url: str, enhanced: bool, artifacts: bool + url: str, enhanced: bool, artifacts: bool, name ) -> list[dict[str, Any]]: - soup = _get_page(url) + session = requests.Session() + soup = _get_page(url, session=session) results = [] - for tr in soup.find_all("tr", class_="certified-product"): + for tr in tqdm(soup.find_all("tr", class_="certified-product"), desc=f"Get NO scheme {name}."): tds = tr.find_all("td") cert: dict[str, Any] = { "product": sns(tds[0].text), "url": tds[0].find("a")["href"], "category": sns(tds[1].find("p", class_="value").text), "developer": sns(tds[2].find("p", class_="value").text), - "certification_date": sns(tds[3].find("time").text), + "certification_date": parse_date(sns(tds[3].find("time").text), "%d.%m.%Y"), } if enhanced: e: dict[str, Any] = {} - cert_page = _get_page(cert["url"]) + cert_page = _get_page(cert["url"], session=session) content = cert_page.find("div", class_="main-content") body = content.find("div", class_="articleelement") if body: @@ -999,7 +1119,8 @@ def _get_norway( # noqa: C901 if not title: continue if "Certificate No." in title and value is not None: - e["id"] = value.split(" ")[0] + value = value.split(" ")[0] + e["cert_id"] = value if value.startswith("SERTIT-") else "SERTIT-" + value elif "Mutual Recognition" in title: e["mutual_recognition"] = value elif "Product" in title: @@ -1013,7 +1134,9 @@ def _get_norway( # noqa: C901 elif "Evaluation Facility" in title: e["evaluation_facility"] = value elif "Certification Date" in title: - e["certification_date"] = value + e["certification_date"] = parse_date(value, "%d.%m.%Y") + elif "Certificate Expiration Date" in title: + e["expiration_date"] = parse_date(value, "%d.%m.%Y") elif "Evaluation Level" in title: e["level"] = value elif "Protection Profile" in title: @@ -1040,7 +1163,7 @@ def _get_norway( # noqa: C901 a = link.find("a") entry = {"href": urljoin(constants.CC_NORWAY_BASE_URL, a["href"])} if artifacts: - entry["hash"] = _get_hash(entry["href"]).hex() + entry["hash"] = _get_hash(entry["href"], session=session) # type: ignore entries.append(entry) e["documents"][doc_type] = entries cert["enhanced"] = e @@ -1056,7 +1179,7 @@ def get_norway_certified(enhanced: bool = True, artifacts: bool = False) -> list :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_norway(constants.CC_NORWAY_CERTIFIED_URL, enhanced, artifacts) + return _get_norway(constants.CC_NORWAY_CERTIFIED_URL, enhanced, artifacts, "certified") def get_norway_archived(enhanced: bool = True, artifacts: bool = False) -> list[dict[str, Any]]: @@ -1067,24 +1190,29 @@ def get_norway_archived(enhanced: bool = True, artifacts: bool = False) -> list[ :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_norway(constants.CC_NORWAY_ARCHIVED_URL, enhanced, artifacts) + return _get_norway(constants.CC_NORWAY_ARCHIVED_URL, enhanced, artifacts, "archived") def _get_korea( # noqa: C901 - product_class: int, enhanced: bool, artifacts: bool + url: str, product_class: int, enhanced: bool, artifacts: bool, name ) -> list[dict[str, Any]]: - session = requests.session() - session.get(constants.CC_KOREA_EN_URL, verify=False) + session = requests.Session() + _get_page(constants.CC_KOREA_EN_URL, session=session) # Get base page - url = constants.CC_KOREA_CERTIFIED_URL + f"?product_class={product_class}" + url = url + f"?product_class={product_class}" soup = _get_page(url, session=session) seen_pages = set() pages = {1} results = [] + pbar = tqdm(desc=f"Get KR scheme {name}.") while pages: page = pages.pop() csrf = soup.find("form", id="fm").find("input", attrs={"name": "csrf"})["value"] - resp = session.post(url, data={"csrf": csrf, "selectPage": page, "product_class": product_class}, verify=False) + with warnings.catch_warnings(): + warnings.simplefilter("ignore", category=InsecureRequestWarning) + resp = session.post( + url, data={"csrf": csrf, "selectPage": page, "product_class": product_class}, verify=False + ) soup = BeautifulSoup(resp.content, "html5lib") tbody = soup.find("table", class_="cpl").find("tbody") for tr in tbody.find_all("tr"): @@ -1093,14 +1221,17 @@ def _get_korea( # noqa: C901 continue link = tds[0].find("a") id = link["id"].split("-")[1] + cert_id = sns(tds[1].text) + if cert_id: + cert_id = cert_id.replace(" ", "-") cert: dict[str, Any] = { "product": sns(tds[0].text), - "cert_id": sns(tds[1].text), - "product_link": constants.CC_KOREA_PRODUCT_URL.format(id), + "cert_id": cert_id, + "product_link": constants.CC_KOREA_PRODUCT_URL.format(id, product_class), "vendor": sns(tds[2].text), "level": sns(tds[3].text), "category": sns(tds[4].text), - "certification_date": sns(tds[5].text), + "certification_date": parse_date(sns(tds[5].text), "%Y-%m-%d"), } if enhanced: e: dict[str, Any] = {} @@ -1128,11 +1259,11 @@ def _get_korea( # noqa: C901 elif "Common Criteria" in title: v["cc_version"] = value elif "Date of Certification" in title or "Date issued" in title: - v["certification_date"] = value + v["certification_date"] = parse_date(value, "%Y-%m-%d") elif "EvaluationAssurance Level" in title: v["assurance_level"] = value elif "Expiry Date" in title: - v["expiration_date"] = value + v["expiration_date"] = parse_date(value, "%Y-%m-%d") elif "Type of Product" in title: v["product_type"] = value elif "Certification No." in title: @@ -1146,20 +1277,21 @@ def _get_korea( # noqa: C901 elif "Certificate" in title and a: v["cert_link"] = urljoin(constants.CC_KOREA_BASE_URL, a["href"]) if artifacts: - v["cert_hash"] = _get_hash(v["cert_link"], session).hex() + v["cert_hash"] = _get_hash(v["cert_link"], session) elif "Security Target" in title and a: v["target_link"] = urljoin(constants.CC_KOREA_BASE_URL, a["href"]) if artifacts: - v["target_hash"] = _get_hash(v["target_link"], session).hex() + v["target_hash"] = _get_hash(v["target_link"], session) elif "Certification Report" in title and a: v["report_link"] = urljoin(constants.CC_KOREA_BASE_URL, a["href"]) if artifacts: - v["report_hash"] = _get_hash(v["report_link"], session).hex() + v["report_hash"] = _get_hash(v["report_link"], session) elif "Maintenance Report" in title and a: v["maintenance_link"] = urljoin(constants.CC_KOREA_BASE_URL, a["href"]) if artifacts: - v["maintenance_hash"] = _get_hash(v["maintenance_link"], session).hex() + v["maintenance_hash"] = _get_hash(v["maintenance_link"], session) cert["enhanced"] = e + pbar.update() results.append(cert) seen_pages.add(page) page_links = soup.find("div", class_="paginate").find_all("a", class_="number_off") @@ -1170,6 +1302,7 @@ def _get_korea( # noqa: C901 pages.add(new_page) except Exception: pass + pbar.close() return results @@ -1181,7 +1314,9 @@ def get_korea_certified(enhanced: bool = True, artifacts: bool = False) -> list[ :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_korea(product_class=1, enhanced=enhanced, artifacts=artifacts) + return _get_korea( + constants.CC_KOREA_CERTIFIED_URL, product_class=1, enhanced=enhanced, artifacts=artifacts, name="certified" + ) def get_korea_suspended(enhanced: bool = True, artifacts: bool = False) -> list[dict[str, Any]]: @@ -1192,7 +1327,9 @@ def get_korea_suspended(enhanced: bool = True, artifacts: bool = False) -> list[ :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_korea(product_class=2, enhanced=enhanced, artifacts=artifacts) + return _get_korea( + constants.CC_KOREA_SUSPENDED_URL, product_class=2, enhanced=enhanced, artifacts=artifacts, name="suspended" + ) def get_korea_archived(enhanced: bool = True, artifacts: bool = False) -> list[dict[str, Any]]: @@ -1203,17 +1340,87 @@ def get_korea_archived(enhanced: bool = True, artifacts: bool = False) -> list[d :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_korea(product_class=4, enhanced=enhanced, artifacts=artifacts) + return _get_korea( + constants.CC_KOREA_ARCHIVED_URL, product_class=4, enhanced=enhanced, artifacts=artifacts, name="archived" + ) + +def get_poland_certified(artifacts: bool = False) -> list[dict[str, Any]]: + """ + Get Polish "certified product" entries. -def _get_singapore(url: str, artifacts: bool) -> list[dict[str, Any]]: - soup = _get_page(url) + :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). + :return: The entries. + """ + soup = _get_page(constants.CC_POLAND_CERTIFIED_URL) + table = soup.find("table", class_="cert_tb") + results = [] + for tr in tqdm(table.find_all("tr")[1:], desc="Get PL scheme certified."): + tds = tr.find_all("td") + cert = { + "client": sns(tds[0].text), + "product": sns(tds[1].text), + "certification_date": parse_date(sns(tds[4].text), "%d.%m.%Y"), + "expiration_date": parse_date(sns(tds[5].text), "%d.%m.%Y"), + } + cc_entry = sns(tds[2].text) + cc_split = None + if cc_entry and "\n" in cc_entry: + cc_split = cc_entry.split("\n") + elif cc_entry and "," in cc_entry: + cc_split = cc_entry.split(",") + if cc_split: + cert["cc_version"] = cc_split[0].strip() + cert["assurance_level"] = ", ".join(cc_split[1:]).strip() + + for name, i in (("report", 6), ("target", 7), ("cert", 8)): + a = tds[i].find("a") + if a: + href = urljoin(constants.CC_POLAND_BASE_URL, a["href"]) + cert[f"{name}_link"] = href + if artifacts: + cert[f"{name}_hash"] = _get_hash(href) + results.append(cert) + return results + + +def get_poland_ineval() -> list[dict[str, Any]]: + """ + Get Polish "product in evaluation" entries. + + :return: The entries. + """ + soup = _get_page(constants.CC_POLAND_INEVAL_URL) + table = soup.find("table", class_="cert_tb") + results = [] + for tr in tqdm(table.find_all("tr")[1:], desc="Get PL scheme in evaluation."): + tds = tr.find_all("td") + cert = { + "client": sns(tds[0].text), + "product": sns(tds[1].text), + } + cc_entry = sns(tds[2].text) + cc_split = None + if cc_entry and "\n" in cc_entry: + cc_split = cc_entry.split("\n") + elif cc_entry and "," in cc_entry: + cc_split = cc_entry.split(",") + if cc_split: + cert["cc_version"] = cc_split[0].strip() + cert["assurance_level"] = ", ".join(cc_split[1:]).strip() + results.append(cert) + return results + + +def _get_singapore(url: str, artifacts: bool, name) -> list[dict[str, Any]]: + session = requests.Session() + soup = _get_page(url, session=session) page_id = str(soup.find("input", id="CurrentPageId").value) page = 1 - api_call = requests.post( + api_call = session.post( constants.CC_SINGAPORE_API_URL, data={ - "PassSortFilter": False, + "PassSortFilter": name == "archived", "currentPageId": page_id, "page": page, "limit": 15, @@ -1223,6 +1430,7 @@ def _get_singapore(url: str, artifacts: bool) -> list[dict[str, Any]]: api_json = api_call.json() total = api_json["total"] results: list[dict[str, Any]] = [] + pbar = tqdm(total=total, desc=f"Get SG scheme {name}.") while len(results) != total: for obj in api_json["objects"]: cert: dict[str, Any] = { @@ -1230,8 +1438,8 @@ def _get_singapore(url: str, artifacts: bool) -> list[dict[str, Any]]: "product": obj["productName"], "vendor": obj["productDeveloper"], "url": urljoin(constants.CC_SINGAPORE_BASE_URL, obj["productUrl"]), - "certification_date": obj["dateOfIssuance"], - "expiration_date": obj["dateOfExpiry"], + "certification_date": parse_date(obj["dateOfIssuance"], "%d %B %Y"), + "expiration_date": parse_date(obj["dateOfExpiry"], "%d %B %Y"), "category": obj["productCategory"]["title"], "cert_title": obj["certificate"]["title"], "cert_link": urljoin(constants.CC_SINGAPORE_BASE_URL, obj["certificate"]["mediaUrl"]), @@ -1244,15 +1452,16 @@ def _get_singapore(url: str, artifacts: bool) -> list[dict[str, Any]]: "target_link": urljoin(constants.CC_SINGAPORE_BASE_URL, obj["securityTarget"]["mediaUrl"]), } if artifacts: - cert["cert_hash"] = _get_hash(cert["cert_link"]).hex() - cert["report_hash"] = _get_hash(cert["report_link"]).hex() - cert["target_hash"] = _get_hash(cert["target_link"]).hex() + cert["cert_hash"] = _get_hash(cert["cert_link"]) + cert["report_hash"] = _get_hash(cert["report_link"]) + cert["target_hash"] = _get_hash(cert["target_link"]) + pbar.update() results.append(cert) page += 1 - api_call = requests.post( + api_call = session.post( constants.CC_SINGAPORE_API_URL, data={ - "PassSortFilter": False, + "PassSortFilter": name == "archived", "currentPageId": page_id, "page": page, "limit": 15, @@ -1260,6 +1469,7 @@ def _get_singapore(url: str, artifacts: bool) -> list[dict[str, Any]]: }, ) api_json = api_call.json() + pbar.close() return results @@ -1270,7 +1480,7 @@ def get_singapore_certified(artifacts: bool = False) -> list[dict[str, Any]]: :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_singapore(constants.CC_SINGAPORE_CERTIFIED_URL, artifacts) + return _get_singapore(constants.CC_SINGAPORE_CERTIFIED_URL, artifacts, "certified") def get_singapore_in_evaluation() -> list[dict[str, Any]]: @@ -1288,7 +1498,7 @@ def get_singapore_in_evaluation() -> list[dict[str, Any]]: else: raise ValueError("Cannot find table.") results = [] - for tr in table.find_all("tr")[1:]: + for tr in tqdm(table.find_all("tr")[1:], desc="Get SG scheme in evaluation."): tds = tr.find_all("td") cert = { "name": sns(tds[0].text), @@ -1306,38 +1516,83 @@ def get_singapore_archived(artifacts: bool = False) -> list[dict[str, Any]]: :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_singapore(constants.CC_SINGAPORE_ARCHIVED_URL, artifacts) + return _get_singapore(constants.CC_SINGAPORE_ARCHIVED_URL, artifacts, "archived") -def get_spain_certified() -> list[dict[str, Any]]: +def get_spain_certified(enhanced: bool = True) -> list[dict[str, Any]]: # noqa: C901 """ Get Spanish "certified product" entries. + :param enhanced: Whether to enhance the results by following links (slower, more data). :return: The entries. """ - soup = _get_page(constants.CC_SPAIN_CERTIFIED_URL) + session = requests.Session() + soup = _get_page(constants.CC_SPAIN_CERTIFIED_URL, session=session) tbody = soup.find("table", class_="djc_items_table").find("tbody") results = [] - for tr in tbody.find_all("tr", recursive=False): + for tr in tqdm(tbody.find_all("tr", recursive=False), desc="Get ES scheme certified."): tds = tr.find_all("td") cert = { "product": sns(tds[0].text), "product_link": urljoin(constants.CC_SPAIN_BASE_URL, tds[0].find("a")["href"]), "category": sns(tds[1].text), "manufacturer": sns(tds[2].text), - "certification_date": sns(tds[3].text), + "certification_date": parse_date(sns(tds[3].text), "%d/%m/%Y"), } + if enhanced: + e: dict[str, Any] = {} + if not cert["product_link"]: + continue + cert_page = _get_page(cert["product_link"], session=session) + description_div = cert_page.find("div", class_="djc_description") + e["description"] = sns(description_div.find("div", class_="djc_desc_wrap").text) + category_a = description_div.find("div", class_="djc_category_info").find("a") + if category_a: + e["category"] = sns(category_a.text) + e["manufacturer"] = sns(description_div.find("div", class_="djc_producer_info").find("span").text) + for attr in description_div.find_all("p", class_="djc_attribute"): + label_text = sns(attr.find("span", class_="djc_attribute-label").text) + value = sns(attr.find("span", class_="djc_value").text) + if not label_text: + continue + if "Type" in label_text: + e["type"] = value + elif "Testing laboratory" in label_text: + e["evaluation_facility"] = value + elif "Certification Status" in label_text: + e["status"] = value + elif "Certification Date" in label_text: + e["certification_date"] = parse_date(value, "%d-%m-%Y") + elif "Standard Version" in label_text: + e["cc_version"] = value + elif "Evaluation Level" in label_text: + e["level"] = value + for file in description_div.find_all("p", class_="djc_file"): + label_text = sns(file.find("span", class_="djc_att_group_label").text) + if not label_text: + continue + if "CCRA Certificate" in label_text: + file_type = "cert" + elif "Security Target" in label_text: + file_type = "target" + elif "Certification Report" in label_text: + file_type = "report" + else: + continue + e[f"{file_type}_link"] = urljoin(constants.CC_SPAIN_BASE_URL, file.find("a")["href"]) + cert["enhanced"] = e results.append(cert) return results def _get_sweden( # noqa: C901 - url: str, enhanced: bool, artifacts: bool + url: str, enhanced: bool, artifacts: bool, name ) -> list[dict[str, Any]]: - soup = _get_page(url) + session = requests.Session() + soup = _get_page(url, session=session) nav = soup.find("main").find("nav", class_="component-nav-box__list") results = [] - for link in nav.find_all("a"): + for link in tqdm(nav.find_all("a"), desc=f"Get SE scheme {name}."): cert: dict[str, Any] = { "product": sns(link.text), "url": urljoin(constants.CC_SWEDEN_BASE_URL, link["href"]), @@ -1346,7 +1601,7 @@ def _get_sweden( # noqa: C901 e: dict[str, Any] = {} if not cert["url"]: continue - cert_page = _get_page(cert["url"]) + cert_page = _get_page(cert["url"], session=session) content = cert_page.find("section", class_="container-article") head = content.find("h1") e["title"] = sns(head.text) @@ -1372,7 +1627,7 @@ def _get_sweden( # noqa: C901 elif "Assuranspaket" in title: e["assurance_level"] = value elif "Certifieringsdatum" in title: - e["certification_date"] = value + e["certification_date"] = parse_date(value, "%Y-%m-%d") elif "Sponsor" in title: e["sponsor"] = value elif "Utvecklare" in title: @@ -1382,15 +1637,15 @@ def _get_sweden( # noqa: C901 elif "Security Target" in title and a: e["target_link"] = urljoin(constants.CC_SWEDEN_BASE_URL, a["href"]) if artifacts: - e["target_hash"] = _get_hash(e["target_link"]).hex() + e["target_hash"] = _get_hash(e["target_link"], session=session) elif "Certifieringsrapport" in title and a: e["report_link"] = urljoin(constants.CC_SWEDEN_BASE_URL, a["href"]) if artifacts: - e["report_hash"] = _get_hash(e["report_hash"]).hex() + e["report_hash"] = _get_hash(e["report_hash"], session=session) elif "Certifikat" in title and a: e["cert_link"] = urljoin(constants.CC_SWEDEN_BASE_URL, a["href"]) if artifacts: - e["cert_hash"] = _get_hash(e["cert_link"]).hex() + e["cert_hash"] = _get_hash(e["cert_link"], session=session) cert["enhanced"] = e results.append(cert) return results @@ -1404,7 +1659,7 @@ def get_sweden_certified(enhanced: bool = True, artifacts: bool = False) -> list :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_sweden(constants.CC_SWEDEN_CERTIFIED_URL, enhanced, artifacts) + return _get_sweden(constants.CC_SWEDEN_CERTIFIED_URL, enhanced, artifacts, "certified") def get_sweden_in_evaluation(enhanced: bool = True, artifacts: bool = False) -> list[dict[str, Any]]: @@ -1415,7 +1670,7 @@ def get_sweden_in_evaluation(enhanced: bool = True, artifacts: bool = False) -> :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_sweden(constants.CC_SWEDEN_INEVAL_URL, enhanced, artifacts) + return _get_sweden(constants.CC_SWEDEN_INEVAL_URL, enhanced, artifacts, "in evaluation") def get_sweden_archived(enhanced: bool = True, artifacts: bool = False) -> list[dict[str, Any]]: @@ -1426,7 +1681,7 @@ def get_sweden_archived(enhanced: bool = True, artifacts: bool = False) -> list[ :param artifacts: Whether to download and compute artifact hashes (way slower, even more data). :return: The entries. """ - return _get_sweden(constants.CC_SWEDEN_ARCHIVED_URL, enhanced, artifacts) + return _get_sweden(constants.CC_SWEDEN_ARCHIVED_URL, enhanced, artifacts, "archived") def get_turkey_certified() -> list[dict[str, Any]]: @@ -1443,7 +1698,7 @@ def get_turkey_certified() -> list[dict[str, Any]]: with pdf_path.open("wb") as f: f.write(resp.content) dfs = tabula.read_pdf(str(pdf_path), pages="all") - for df in dfs: + for df in tqdm(dfs, desc="Get TR scheme certified."): for line in df.values: # type: ignore values = [value if not (isinstance(value, float) and math.isnan(value)) else None for value in line] cert = { @@ -1453,7 +1708,7 @@ def get_turkey_certified() -> list[dict[str, Any]]: "product": values[2], "cc_version": values[3], "level": values[4], - "cert_lab": values[5], + "evaluation_facility": values[5], "certification_date": values[6], "expiration_date": values[7], # TODO: Parse "Ongoing Evaluation" out of this field as well. @@ -1463,15 +1718,15 @@ def get_turkey_certified() -> list[dict[str, Any]]: return results -def _get_usa(args, enhanced: bool, artifacts: bool): # noqa: C901 +def _get_usa(args, enhanced: bool, artifacts: bool, name): # noqa: C901 # TODO: There is more information in the API (like about PPs, etc.) def map_cert(cert, files=None): # noqa: C901 result = { "product": cert["product_name"], "id": f"CCEVS-VR-VID{cert['product_id']}", - "url": constants.CC_USA_BASE_URL + f"/product/{cert['product_id']}", - "certification_date": cert["certification_date"], - "expiration_date": cert["sunset_date"], + "url": urljoin(constants.CC_USA_BASE_URL, f"/product/{cert['product_id']}"), + "certification_date": parse_date(cert["certification_date"], "%m/%d/%Y"), + "expiration_date": parse_date(cert["sunset_date"], "%m/%d/%Y"), "category": cert["tech_type"], "vendor": cert["vendor_id_name"], "evaluation_facility": cert["assigned_lab_name"], @@ -1484,30 +1739,31 @@ def map_cert(cert, files=None): # noqa: C901 result["id"] += f"-{dt.year}" result["report_link"] = constants.CC_USA_GETFILE_URL + f"?file_id={file['file_id']}" if artifacts: - result["report_hash"] = _get_hash(result["report_link"]).hex() + result["report_hash"] = _get_hash(result["report_link"]) elif file["file_label"] == "CC Certificate": result["cert_link"] = constants.CC_USA_GETFILE_URL + f"?file_id={file['file_id']}" if artifacts: - result["cert_hash"] = _get_hash(result["cert_link"]).hex() + result["cert_hash"] = _get_hash(result["cert_link"]) elif file["file_label"] == "Security Target": result["target_link"] = constants.CC_USA_GETFILE_URL + f"?file_id={file['file_id']}" if artifacts: - result["target_hash"] = _get_hash(result["target_link"]).hex() + result["target_hash"] = _get_hash(result["target_link"]) elif file["file_label"] == "Assurance Activity Report (AAR)": result["aar_link"] = constants.CC_USA_GETFILE_URL + f"?file_id={file['file_id']}" if artifacts: - result["aar_hash"] = _get_hash(result["aar_link"]).hex() + result["aar_hash"] = _get_hash(result["aar_link"]) elif file["file_label"] == "Administrative Guide (AGD)": result["agd_link"] = constants.CC_USA_GETFILE_URL + f"?file_id={file['file_id']}" if artifacts: - result["agd_hash"] = _get_hash(result["agd_link"]).hex() + result["agd_hash"] = _get_hash(result["agd_link"]) return result - session = requests.session() + session = requests.Session() results = [] offset = 0 got = 0 + pbar = tqdm(desc=f"Get US scheme {name}.") while True: resp = _getq( constants.CC_USA_PRODUCTS_URL, @@ -1528,10 +1784,12 @@ def map_cert(cert, files=None): # noqa: C901 session, ) files = resp.json() + pbar.update() results.append(map_cert(cert, files)) offset += 100 if got >= count: break + pbar.close() return results @@ -1546,9 +1804,7 @@ def get_usa_certified( # noqa: C901 :return: The entries. """ return _get_usa( - {"certification_status": "Certified", "publish_status": "Published"}, - enhanced, - artifacts, + {"certification_status": "Certified", "publish_status": "Published"}, enhanced, artifacts, "certified" ) @@ -1558,7 +1814,7 @@ def get_usa_in_evaluation() -> list[dict[str, Any]]: :return: The entries. """ - return _get_usa({"status": "In Progress", "publish_status": "Published"}, False, False) + return _get_usa({"status": "In Progress", "publish_status": "Published"}, False, False, "in evaluation") def get_usa_archived() -> list[dict[str, Any]]: @@ -1567,7 +1823,7 @@ def get_usa_archived() -> list[dict[str, Any]]: :return: The entries. """ - return _get_usa({"status": "Archived", "publish_status": "Published"}, False, False) + return _get_usa({"status": "Archived", "publish_status": "Published"}, False, False, "archived") class EntryType(Enum): @@ -1629,10 +1885,14 @@ class CCScheme(ComplexSerializableType): EntryType.Certified: get_norway_certified, EntryType.Archived: get_norway_archived, }, - "KO": { + "KR": { EntryType.Certified: get_korea_certified, EntryType.Archived: get_korea_archived, }, + "PL": { + EntryType.Certified: get_poland_certified, + EntryType.InEvaluation: get_poland_ineval, + }, "SG": { EntryType.InEvaluation: get_singapore_in_evaluation, EntryType.Certified: get_singapore_certified, @@ -1654,10 +1914,24 @@ class CCScheme(ComplexSerializableType): @classmethod def from_dict(cls, dct): + def _deserialize_entry(entry): + if isinstance(entry, dict): + res = {} + for key, value in entry.items(): + if key.endswith("_date"): + res[key] = date.fromisoformat(value) if value is not None else None + else: + res[key] = _deserialize_entry(value) + return res + elif isinstance(entry, list): + return list(map(_deserialize_entry, entry)) + else: + return entry + return cls( dct["country"], datetime.fromisoformat(dct["timestamp"]), - {EntryType(entry_type): entries for entry_type, entries in dct["lists"].items()}, + {EntryType(entry_type): _deserialize_entry(entries) for entry_type, entries in dct["lists"].items()}, ) def to_dict(self): @@ -1668,7 +1942,9 @@ def to_dict(self): } @classmethod - def from_web(cls, scheme: str, entry_types: Iterable[EntryType]) -> CCScheme: + def from_web( + cls, scheme: str, entry_types: Iterable[EntryType], enhanced: bool | None = None, artifacts: bool | None = None + ) -> CCScheme: if not (scheme_lists := cls.methods.get(scheme)): raise ValueError("Unknown scheme.") entries = {} @@ -1676,5 +1952,11 @@ def from_web(cls, scheme: str, entry_types: Iterable[EntryType]) -> CCScheme: for each_type in entry_types: if not (method := scheme_lists.get(each_type)): raise ValueError("Wrong entry_type for scheme.") - entries[each_type] = method() + sig = signature(method) + args = {} + if enhanced is not None and "enhanced" in sig.parameters: + args["enhanced"] = enhanced + if artifacts is not None and "artifacts" in sig.parameters: + args["artifacts"] = artifacts + entries[each_type] = method(**args) return cls(scheme, timestamp, entries) diff --git a/src/sec_certs/sample/certificate.py b/src/sec_certs/sample/certificate.py index 5dab9cef..74b1af96 100644 --- a/src/sec_certs/sample/certificate.py +++ b/src/sec_certs/sample/certificate.py @@ -64,7 +64,7 @@ def __str__(self) -> str: @property @abstractmethod - def dgst(self): + def dgst(self) -> str: raise NotImplementedError("Not meant to be implemented") @property diff --git a/src/sec_certs/sample/sar.py b/src/sec_certs/sample/sar.py index ea4a6e14..771e24bc 100644 --- a/src/sec_certs/sample/sar.py +++ b/src/sec_certs/sample/sar.py @@ -43,9 +43,7 @@ def from_string(cls, string: str) -> SAR: @staticmethod def contains_level(string: str) -> bool: - if len(string.split(".")) == 1: - return False - return True + return len(string.split(".")) != 1 @staticmethod def matches_re(string: str) -> bool: diff --git a/src/sec_certs/utils/extract.py b/src/sec_certs/utils/extract.py index 340ad568..6af7f4cc 100644 --- a/src/sec_certs/utils/extract.py +++ b/src/sec_certs/utils/extract.py @@ -741,29 +741,6 @@ def load_text_file( def rules_get_subset(desired_path: str) -> dict: """ - - - - - - - - - - - - - - - - - - - - - - - Recursively applies cc_certs.get(key) on tokens from desired_path, returns the keys of the inner-most layer. """ diff --git a/src/sec_certs/utils/helpers.py b/src/sec_certs/utils/helpers.py index dedee959..6a6a9954 100644 --- a/src/sec_certs/utils/helpers.py +++ b/src/sec_certs/utils/helpers.py @@ -11,6 +11,7 @@ from pathlib import Path from typing import Any +import dateparser import numpy as np import pkgconfig import requests @@ -21,7 +22,6 @@ logger = logging.getLogger(__name__) - _PROXIES = { "https://www.commoncriteriaportal.org/": "https://sec-certs.org/proxy/cc/", "https://csrc.nist.gov/": "https://sec-certs.org/proxy/fips/", @@ -120,6 +120,20 @@ def to_utc(timestamp: datetime) -> datetime: return timestamp.replace(tzinfo=None) +def parse_date(date_string: str | None, format: str | None = None, languages: list[str] | None = None): + if not date_string: + return None + if format: + try: + return datetime.strptime(date_string, format).date() + except ValueError: + pass + parsed = dateparser.parse(date_string, languages=languages) + if parsed is not None: + return parsed.date() + return None + + def is_in_dict(target_dict: dict, path: str) -> bool: current_level = target_dict for item in path: diff --git a/src/sec_certs/utils/pdf.py b/src/sec_certs/utils/pdf.py index f2c2c58e..3195e67e 100644 --- a/src/sec_certs/utils/pdf.py +++ b/src/sec_certs/utils/pdf.py @@ -279,6 +279,4 @@ def text_is_garbage(text: str) -> bool: if every_second < GARBAGE_EVERY_SECOND_CHAR_THRESHOLD: return True # If there is a small ratio of alphanumeric chars to all chars, this is garbage. - if alpha < GARBAGE_ALPHA_CHARS_THRESHOLD: - return True - return False + return alpha < GARBAGE_ALPHA_CHARS_THRESHOLD diff --git a/src/sec_certs/utils/sanitization.py b/src/sec_certs/utils/sanitization.py index 4a7326eb..9bf4ad95 100644 --- a/src/sec_certs/utils/sanitization.py +++ b/src/sec_certs/utils/sanitization.py @@ -2,6 +2,7 @@ import html import logging +import re from datetime import date from pathlib import Path from urllib.parse import urlparse @@ -16,7 +17,9 @@ def sanitize_navigable_string(string: NavigableString | str | None) -> str | None: if not string: return None - return str(string).strip().replace("\xad", "").replace("\xa0", "") + rex = re.compile(r"\s+") + string = str(string).strip().replace("\xad", "").replace("\xa0", "") + return rex.sub(" ", string) def sanitize_link(record: str | None) -> str | None: diff --git a/src/sec_certs/utils/tqdm.py b/src/sec_certs/utils/tqdm.py index 581295ad..0a23903f 100644 --- a/src/sec_certs/utils/tqdm.py +++ b/src/sec_certs/utils/tqdm.py @@ -1,4 +1,4 @@ -from tqdm import tqdm as tqdm_original +from tqdm.auto import tqdm as tqdm_original from sec_certs.configuration import config diff --git a/tests/cc/test_cc_misc.py b/tests/cc/test_cc_misc.py index d67715f8..2f9dcea7 100644 --- a/tests/cc/test_cc_misc.py +++ b/tests/cc/test_cc_misc.py @@ -1,6 +1,15 @@ +import pytest + from sec_certs.sample.cc_certificate_id import CertificateId, canonicalize +def canonicalize_n(n, cert_id_str, scheme): + cert_id = cert_id_str + for _ in range(n): + cert_id = canonicalize(cert_id, scheme) + return cert_id + + def test_meta_parse(): i = CertificateId("FR", "Rapport de certification 2001/02v2") assert "year" in i.meta @@ -9,96 +18,114 @@ def test_meta_parse(): assert i.meta["version"] == "2" -def test_canonicalize_fr(): - assert canonicalize("Rapport de certification 2001/02v2", "FR") == "ANSSI-CC-2001/02v2" - assert canonicalize("ANSSI-CC 2001/02-R01", "FR") == "ANSSI-CC-2001/02-R01" - assert canonicalize("ANSSI-CC 2001_02-M01", "FR") == "ANSSI-CC-2001/02-M01" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_fr(n): + assert canonicalize_n(n, "Rapport de certification 2001/02v2", "FR") == "ANSSI-CC-2001/02v2" + assert canonicalize_n(n, "ANSSI-CC 2001/02-R01", "FR") == "ANSSI-CC-2001/02-R01" + assert canonicalize_n(n, "ANSSI-CC 2001_02-M01", "FR") == "ANSSI-CC-2001/02-M01" + assert canonicalize_n(n, "ANSSI-CC-PP-2013/58", "FR") == "ANSSI-CC-PP-2013/58" -def test_canonicalize_de(): - assert canonicalize("BSI-DSZ-CC-0420-2007", "DE") == "BSI-DSZ-CC-0420-2007" - assert canonicalize("BSI-DSZ-CC-1004", "DE") == "BSI-DSZ-CC-1004" - assert canonicalize("BSI-DSZ-CC-0831-V4-2021", "DE") == "BSI-DSZ-CC-0831-V4-2021" - assert canonicalize("BSI-DSZ-CC-0837-V2-2014-MA-01", "DE") == "BSI-DSZ-CC-0837-V2-2014-MA-01" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_de(n): + assert canonicalize_n(n, "BSI-DSZ-CC-0420-2007", "DE") == "BSI-DSZ-CC-0420-2007" + assert canonicalize_n(n, "BSI-DSZ-CC-1004", "DE") == "BSI-DSZ-CC-1004" + assert canonicalize_n(n, "BSI-DSZ-CC-0831-V4-2021", "DE") == "BSI-DSZ-CC-0831-V4-2021" + assert canonicalize_n(n, "BSI-DSZ-CC-0837-V2-2014-MA-01", "DE") == "BSI-DSZ-CC-0837-V2-2014-MA-01" -def test_canonicalize_us(): - assert canonicalize("CCEVS-VR-VID10015", "US") == "CCEVS-VR-VID-10015" - assert canonicalize("CCEVS-VR-VID10015-2008", "US") == "CCEVS-VR-VID-10015-2008" - assert canonicalize("CCEVS-VR-10880-2018", "US") == "CCEVS-VR-10880-2018" - assert canonicalize("CCEVS-VR-04-0082", "US") == "CCEVS-VR-0082-2004" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_us(n): + assert canonicalize_n(n, "CCEVS-VR-VID10015", "US") == "CCEVS-VR-VID-10015" + assert canonicalize_n(n, "CCEVS-VR-VID10015-2008", "US") == "CCEVS-VR-VID-10015-2008" + assert canonicalize_n(n, "CCEVS-VR-10880-2018", "US") == "CCEVS-VR-10880-2018" + assert canonicalize_n(n, "CCEVS-VR-04-0082", "US") == "CCEVS-VR-0082-2004" -def test_canonicalize_my(): - assert canonicalize("ISCB-5-RPT-C075-CR-v2", "MY") == "ISCB-5-RPT-C075-CR-v2" - assert canonicalize("ISCB-5-RPT-C046-CR-V1a", "MY") == "ISCB-5-RPT-C046-CR-v1a" - assert canonicalize("ISCB-3-RPT-C068-CR-1-v1", "MY") == "ISCB-3-RPT-C068-CR-v1" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_my(n): + assert canonicalize_n(n, "ISCB-5-RPT-C075-CR-v2", "MY") == "ISCB-5-RPT-C075-CR-v2" + assert canonicalize_n(n, "ISCB-5-RPT-C046-CR-V1a", "MY") == "ISCB-5-RPT-C046-CR-v1a" + assert canonicalize_n(n, "ISCB-3-RPT-C068-CR-1-v1", "MY") == "ISCB-3-RPT-C068-CR-v1" -def test_canonicalize_es(): - assert canonicalize("2011-14-INF-1095-v1", "ES") == "2011-14-INF-1095" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_es(n): + assert canonicalize_n(n, "2011-14-INF-1095-v1", "ES") == "2011-14-INF-1095" -def test_canonicalize_sg(): - assert canonicalize("CSA_CC_21005", "SG") == "CSA_CC_21005" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_sg(n): + assert canonicalize_n(n, "CSA_CC_21005", "SG") == "CSA_CC_21005" -def test_canonicalize_in(): - assert canonicalize("IC3S/KOL01/ADVA/EAL2/0520/0021 /CR", "IN") == "IC3S/KOL01/ADVA/EAL2/0520/0021" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_in(n): + assert canonicalize_n(n, "IC3S/KOL01/ADVA/EAL2/0520/0021 /CR", "IN") == "IC3S/KOL01/ADVA/EAL2/0520/0021" -def test_canonicalize_it(): - assert canonicalize("OCSI/CERT/TEC/02/2009/RC", "IT") == "OCSI/CERT/TEC/02/2009/RC" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_it(n): + assert canonicalize_n(n, "OCSI/CERT/TEC/02/2009/RC", "IT") == "OCSI/CERT/TEC/02/2009/RC" -def test_canonicalize_se(): - assert canonicalize("CSEC2017020", "SE") == "CSEC2017020" - assert canonicalize("CSEC 2017020", "SE") == "CSEC2017020" - assert canonicalize("CSEC201003", "SE") == "CSEC2010003" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_se(n): + assert canonicalize_n(n, "CSEC2017020", "SE") == "CSEC2017020" + assert canonicalize_n(n, "CSEC 2017020", "SE") == "CSEC2017020" + assert canonicalize_n(n, "CSEC201003", "SE") == "CSEC2010003" -def test_canonicalize_uk(): - assert canonicalize("CERTIFICATION REPORT No. P123", "UK") == "CRP123" - assert canonicalize("CRP123A", "UK") == "CRP123A" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_uk(n): + assert canonicalize_n(n, "CERTIFICATION REPORT No. P123", "UK") == "CRP123" + assert canonicalize_n(n, "CRP123A", "UK") == "CRP123A" -def test_canonicalize_au(): - assert canonicalize("Certification Report 2007/02", "AU") == "Certificate Number: 2007/02" - assert canonicalize("Certificate Number: 37/2006", "AU") == "Certificate Number: 2006/37" - assert canonicalize("Certificate Number: 2011/73", "AU") == "Certificate Number: 2011/73" - assert canonicalize("Certification Report 97/76", "AU") == "Certificate Number: 1997/76" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_au(n): + assert canonicalize_n(n, "Certification Report 2007/02", "AU") == "Certificate Number: 2007/02" + assert canonicalize_n(n, "Certificate Number: 37/2006", "AU") == "Certificate Number: 2006/37" + assert canonicalize_n(n, "Certificate Number: 2011/73", "AU") == "Certificate Number: 2011/73" + assert canonicalize_n(n, "Certification Report 97/76", "AU") == "Certificate Number: 1997/76" -def test_canonicalize_ca(): - assert canonicalize("383-4-123-CR", "CA") == "383-4-123" - assert canonicalize("383-4-123P", "CA") == "383-4-123" - assert canonicalize("522 EWA 2020", "CA") == "522-EWA-2020" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_ca(n): + assert canonicalize_n(n, "383-4-123-CR", "CA") == "383-4-123" + assert canonicalize_n(n, "383-4-123P", "CA") == "383-4-123" + assert canonicalize_n(n, "522 EWA 2020", "CA") == "522-EWA-2020" -def test_canonicalize_jp(): - assert canonicalize("Certification No. C01234", "JP") == "JISEC-CC-CRP-C01234" - assert canonicalize("CRP-C01234-01", "JP") == "JISEC-CC-CRP-C01234-01" - assert canonicalize("JISEC-CC-CRP-C0689-01-2020", "JP") == "JISEC-CC-CRP-C0689-01-2020" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_jp(n): + assert canonicalize_n(n, "Certification No. C01234", "JP") == "JISEC-CC-CRP-C01234" + assert canonicalize_n(n, "CRP-C01234-01", "JP") == "JISEC-CC-CRP-C01234-01" + assert canonicalize_n(n, "JISEC-CC-CRP-C0689-01-2020", "JP") == "JISEC-CC-CRP-C0689-01-2020" -def test_canonicalize_kr(): - assert canonicalize("KECS-ISIS-0579-2015", "KR") == "KECS-ISIS-0579-2015" - assert canonicalize("KECS-CISS-10-2023", "KR") == "KECS-CISS-0010-2023" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_kr(n): + assert canonicalize_n(n, "KECS-ISIS-0579-2015", "KR") == "KECS-ISIS-0579-2015" + assert canonicalize_n(n, "KECS-CISS-10-2023", "KR") == "KECS-CISS-0010-2023" -def test_canonicalize_no(): - assert canonicalize("SERTIT-12", "NO") == "SERTIT-012" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_no(n): + assert canonicalize_n(n, "SERTIT-12", "NO") == "SERTIT-012" -def test_canonicalize_tr(): - assert canonicalize("21.0.03.0.00.00/TSE-CCCS-85", "TR") == "21.0.03.0.00.00/TSE-CCCS-85" - assert canonicalize("21.0.03/TSE-CCCS-33", "TR") == "21.0.03/TSE-CCCS-33" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_tr(n): + assert canonicalize_n(n, "21.0.03.0.00.00/TSE-CCCS-85", "TR") == "21.0.03.0.00.00/TSE-CCCS-85" + assert canonicalize_n(n, "21.0.03/TSE-CCCS-33", "TR") == "21.0.03/TSE-CCCS-33" -def test_canonicalize_nl(): - assert canonicalize("NSCIB-CC-22-0428888-CR2", "NL") == "NSCIB-CC-22-0428888-CR2" - assert canonicalize("NSCIB-CC-22-0428888", "NL") == "NSCIB-CC-22-0428888-CR" - assert canonicalize("CC-22-0428888", "NL") == "NSCIB-CC-22-0428888-CR" +@pytest.mark.parametrize("n", [1, 2]) +def test_canonicalize_nl(n): + assert canonicalize_n(n, "NSCIB-CC-22-0428888-CR2", "NL") == "NSCIB-CC-22-0428888-CR2" + assert canonicalize_n(n, "NSCIB-CC-22-0428888", "NL") == "NSCIB-CC-22-0428888-CR" + assert canonicalize_n(n, "CC-22-0428888", "NL") == "NSCIB-CC-22-0428888-CR" def test_certid_compare(): diff --git a/tests/cc/test_cc_schemes.py b/tests/cc/test_cc_schemes.py index b776d581..8808fff3 100644 --- a/tests/cc/test_cc_schemes.py +++ b/tests/cc/test_cc_schemes.py @@ -1,3 +1,4 @@ +from datetime import date from urllib.parse import urlparse import pytest @@ -138,6 +139,16 @@ def test_korea(): assert absolute_urls(archived) +@pytest.mark.xfail(reason="May fail due to server errors.", raises=RequestException) +def test_poland(): + certified = CCSchemes.get_poland_certified() + assert len(certified) != 0 + assert absolute_urls(certified) + ineval = CCSchemes.get_poland_ineval() + assert len(ineval) != 0 + assert absolute_urls(ineval) + + @pytest.mark.xfail(reason="May fail due to server errors.", raises=RequestException) def test_singapore(): certified = CCSchemes.get_singapore_certified() @@ -203,7 +214,7 @@ def test_single_match(cert_one: CCCertificate): "category": "Identity Manager", "target_link": "https://www.fmv.se/globalassets/csec/netiq-identity-manager-4.7/st---netiq-identity-manager-4.7.pdf", "assurance_level": "EAL3 + ALC_FLR.2", - "certification_date": "2020-06-15", + "certification_date": date(year=2020, month=6, day=15), "report_link": "https://www.fmv.se/globalassets/csec/netiq-identity-manager-4.7/certification-report---netiq-identity-manager-4.7.pdf", "cert_link": "https://www.fmv.se/globalassets/csec/netiq-identity-manager-4.7/certifikat-ccra---netiq-identity-manager-4.7.pdf", "sponsor": "NetIQ Corporation", @@ -216,8 +227,9 @@ def test_single_match(cert_one: CCCertificate): def test_matching(toy_dataset: CCDataset, canada_certified): - matches = CCSchemeMatcher.match_all(canada_certified, "CA", toy_dataset) + matches, scores = CCSchemeMatcher.match_all(canada_certified, "CA", toy_dataset) assert len(matches) == 1 + assert len(scores) == 1 def test_process_dataset(toy_dataset: CCDataset): diff --git a/tests/data/cc/analysis/cc_full_dataset.json b/tests/data/cc/analysis/cc_full_dataset.json index 64ef38e4..ba64903c 100644 --- a/tests/data/cc/analysis/cc_full_dataset.json +++ b/tests/data/cc/analysis/cc_full_dataset.json @@ -729,7 +729,9 @@ ] }, "direct_transitive_cves": null, - "indirect_transitive_cves": null + "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null } } ] diff --git a/tests/data/cc/analysis/reference_dataset.json b/tests/data/cc/analysis/reference_dataset.json index 04be80ca..28234b7e 100644 --- a/tests/data/cc/analysis/reference_dataset.json +++ b/tests/data/cc/analysis/reference_dataset.json @@ -578,7 +578,9 @@ ] }, "direct_transitive_cves": null, - "indirect_transitive_cves": null + "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null } }, { @@ -1224,7 +1226,9 @@ ] }, "direct_transitive_cves": null, - "indirect_transitive_cves": null + "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null } }, { @@ -1864,7 +1868,9 @@ ] }, "direct_transitive_cves": null, - "indirect_transitive_cves": null + "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null } } ] diff --git a/tests/data/cc/analysis/transitive_vulnerability_dataset.json b/tests/data/cc/analysis/transitive_vulnerability_dataset.json index 5f052c11..586ac5a6 100644 --- a/tests/data/cc/analysis/transitive_vulnerability_dataset.json +++ b/tests/data/cc/analysis/transitive_vulnerability_dataset.json @@ -1334,7 +1334,9 @@ "elements": [ "CVE-2013-5385" ] - } + }, + "next_certificates": null, + "prev_certificates": null } }, { @@ -2283,7 +2285,9 @@ "elements": [ "CVE-2013-5385" ] - } + }, + "next_certificates": null, + "prev_certificates": null } }, { @@ -3634,7 +3638,9 @@ ] }, "direct_transitive_cves": null, - "indirect_transitive_cves": null + "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null } } ] diff --git a/tests/data/cc/analysis/vulnerable_dataset.json b/tests/data/cc/analysis/vulnerable_dataset.json index cbabe14d..01d720c0 100644 --- a/tests/data/cc/analysis/vulnerable_dataset.json +++ b/tests/data/cc/analysis/vulnerable_dataset.json @@ -92,7 +92,9 @@ "verified_cpe_matches": null, "related_cves": null, "cert_lab": null, - "cert_id": null + "cert_id": null, + "next_certificates": null, + "prev_certificates": null } }, { @@ -173,7 +175,9 @@ "verified_cpe_matches": null, "related_cves": null, "cert_lab": null, - "cert_id": null + "cert_id": null, + "next_certificates": null, + "prev_certificates": null } } ] diff --git a/tests/data/cc/certificate/fictional_cert.json b/tests/data/cc/certificate/fictional_cert.json index 32475e69..8239c908 100644 --- a/tests/data/cc/certificate/fictional_cert.json +++ b/tests/data/cc/certificate/fictional_cert.json @@ -96,6 +96,8 @@ "extracted_sars": null, "direct_transitive_cves": null, "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null, "report_references": { "_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, diff --git a/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json b/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json index 38c3db5b..0c8b1306 100644 --- a/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json +++ b/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json @@ -91,7 +91,9 @@ "extracted_sars": null, "direct_transitive_cves": null, "indirect_transitive_cves": null, - "scheme_data": null + "scheme_data": null, + "prev_certificates": null, + "next_certificates": null }, "related_cert_digest": "8f08cacb49a742fb", "maintenance_date": "2019-08-26" diff --git a/tests/data/cc/dataset/toy_dataset.json b/tests/data/cc/dataset/toy_dataset.json index cb47293b..3395d3e8 100644 --- a/tests/data/cc/dataset/toy_dataset.json +++ b/tests/data/cc/dataset/toy_dataset.json @@ -100,6 +100,8 @@ "extracted_sars": null, "direct_transitive_cves": null, "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null, "report_references": { "_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, @@ -208,6 +210,8 @@ "extracted_sars": null, "direct_transitive_cves": null, "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null, "report_references": { "_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, @@ -324,6 +328,8 @@ "extracted_sars": null, "direct_transitive_cves": null, "indirect_transitive_cves": null, + "next_certificates": null, + "prev_certificates": null, "report_references": { "_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, From 83017b292cdb1e2bb17a02e1f4d518a85f44e706 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Wed, 22 Jan 2025 12:37:08 +0100 Subject: [PATCH 04/17] fix notebooks --- notebooks/cc/cpe_eval.ipynb | 5 +++-- notebooks/cc/scheme_eval.ipynb | 7 ++++--- notebooks/cc/vulnerabilities.ipynb | 13 +++++-------- notebooks/fips/vulnerabilities.ipynb | 22 +++++++++------------- src/sec_certs/dataset/cc.py | 2 +- 5 files changed, 22 insertions(+), 27 deletions(-) diff --git a/notebooks/cc/cpe_eval.ipynb b/notebooks/cc/cpe_eval.ipynb index 088d4659..de948a45 100644 --- a/notebooks/cc/cpe_eval.ipynb +++ b/notebooks/cc/cpe_eval.ipynb @@ -18,7 +18,8 @@ "from sec_certs.dataset import CCDataset\n", "import pandas as pd\n", "import json\n", - "import tempfile" + "import tempfile\n", + "from sec_certs.utils.label_studio_utils import to_label_studio_json" ] }, { @@ -58,7 +59,7 @@ "with tempfile.TemporaryDirectory() as tmp_dir:\n", " dset.root_dir = tmp_dir\n", " dset.certs = {x.dgst: x for x in dset if x.dgst in eval_certs.index.tolist()}\n", - " dset.to_label_studio_json(\"./label_studio_input_data.json\", update_json=False)" + " to_label_studio_json(dset, \"./label_studio_input_data.json\")" ] }, { diff --git a/notebooks/cc/scheme_eval.ipynb b/notebooks/cc/scheme_eval.ipynb index 7ffc6f16..9150cb8c 100644 --- a/notebooks/cc/scheme_eval.ipynb +++ b/notebooks/cc/scheme_eval.ipynb @@ -24,7 +24,8 @@ "from sec_certs.model import CCSchemeMatcher\n", "from sec_certs.sample.cc_certificate_id import canonicalize\n", "from sec_certs.sample.cc_scheme import CCScheme, EntryType\n", - "from sec_certs.configuration import config" + "from sec_certs.configuration import config\n", + "from sec_certs.dataset.auxiliary_dataset_handling import CCSchemeDatasetHandler" ] }, { @@ -56,7 +57,7 @@ "metadata": {}, "outputs": [], "source": [ - "dset.auxiliary_datasets.scheme_dset = schemes\n", + "dset.aux_handlers[CCSchemeDatasetHandler].dset = schemes\n", "\n", "count_was = 0\n", "count_is = 0\n", @@ -161,7 +162,7 @@ " rate = len(assigned)/len(total) * 100 if len(total) != 0 else 0\n", " rate_list = rates.setdefault(country, [])\n", " rate_list.append(rate)\n", - " \n", + "\n", " print(f\"{country}: {len(assigned)} assigned out of {len(total)} -> {rate:.1f}%\")\n", " total_active = total[total[\"status\"] == \"active\"]\n", " assigned_active = assigned[assigned[\"status\"] == \"active\"]\n", diff --git a/notebooks/cc/vulnerabilities.ipynb b/notebooks/cc/vulnerabilities.ipynb index 176b3e69..c5a4bfb8 100644 --- a/notebooks/cc/vulnerabilities.ipynb +++ b/notebooks/cc/vulnerabilities.ipynb @@ -33,6 +33,7 @@ "import warnings\n", "from pathlib import Path\n", "import tempfile\n", + "from sec_certs.dataset.auxiliary_dataset_handling import CVEDatasetHandler, CPEDatasetHandler, CCMaintenanceUpdateDatasetHandler\n", "from sec_certs.dataset import CCDataset, CCDatasetMaintenanceUpdates, CVEDataset, CPEDataset\n", "from sec_certs.utils.pandas import (\n", " compute_cve_correlations,\n", @@ -82,15 +83,11 @@ "\n", "# # Remote instantiation (takes approx. 10 minutes to complete)\n", "# dset: CCDataset = CCDataset.from_web_latest(path=\"dset\", auxiliary_datasets=True)\n", + "# dset.load_auxiliary_datasets()\n", "\n", - "# print(\"Downloading dataset of maintenance updates\")\n", - "# main_dset: CCDatasetMaintenanceUpdates = CCDatasetMaintenanceUpdates.from_web_latest()\n", - "\n", - "# print(\"Downloading CPE dataset\")\n", - "# cpe_dset: CPEDataset = dset.auxiliary_datasets.cpe_dset\n", - "\n", - "# print(\"Downloading CVE dataset\")\n", - "# cve_dset: CVEDataset = dset.auxiliary_datasets.cve_dset" + "# main_dset: CCDatasetMaintenanceUpdates = dset.aux_handlers[CCMaintenanceUpdateDatasetHandler].dset\n", + "# cpe_dset: CPEDataset = dset.aux_handlers[CPEDatasetHandler].dset\n", + "# cve_dset: CVEDataset = dset.aux_handlers[CVEDatasetHandler].dset" ] }, { diff --git a/notebooks/fips/vulnerabilities.ipynb b/notebooks/fips/vulnerabilities.ipynb index 3b3d21e3..d495ea6a 100644 --- a/notebooks/fips/vulnerabilities.ipynb +++ b/notebooks/fips/vulnerabilities.ipynb @@ -1,10 +1,12 @@ { "cells": [ { - "metadata": {}, "cell_type": "markdown", - "source": "# Vulnerability analysis", - "id": "3a0981d008383c12" + "id": "3a0981d008383c12", + "metadata": {}, + "source": [ + "# Vulnerability analysis" + ] }, { "cell_type": "code", @@ -21,6 +23,7 @@ "from sec_certs.dataset.fips import FIPSDataset\n", "from sec_certs.dataset.cpe import CPEDataset\n", "from sec_certs.dataset.cve import CVEDataset\n", + "from sec_certs.dataset.auxiliary_dataset_handling import CPEDatasetHandler, CVEDatasetHandler\n", "from sec_certs.utils.pandas import expand_df_with_cve_cols\n", "import pandas as pd\n", "import seaborn as sns\n", @@ -47,8 +50,9 @@ "metadata": {}, "outputs": [], "source": [ - "cve_dset: CVEDataset = dset.auxiliary_datasets.cve_dset\n", - "cpe_dset: CPEDataset = dset.auxiliary_datasets.cpe_dset" + "dset.load_auxiliary_datasets()\n", + "cve_dset: CVEDataset = dset.aux_handlers[CVEDatasetHandler].dset\n", + "cpe_dset: CPEDataset = dset.aux_handlers[CPEDatasetHandler].dset" ] }, { @@ -181,14 +185,6 @@ "g = sns.relplot(data=df_cve_rich, x=\"level\", y=\"avg_cve_score\")\n", "plt.show()" ] - }, - { - "cell_type": "code", - "execution_count": null, - "id": "6c3c2ec4-3fab-48ad-aacb-6f54277abe66", - "metadata": {}, - "outputs": [], - "source": [] } ], "metadata": { diff --git a/src/sec_certs/dataset/cc.py b/src/sec_certs/dataset/cc.py index 529beb85..4d09106d 100644 --- a/src/sec_certs/dataset/cc.py +++ b/src/sec_certs/dataset/cc.py @@ -845,7 +845,7 @@ def _compute_heuristics_body(self, skip_schemes: bool = False) -> None: compute_transitive_vulnerabilities(self.certs) if not skip_schemes: - compute_scheme_data(self.aux_handlers[CCSchemeDatasetHandler].dset, self.certs.values()) + compute_scheme_data(self.aux_handlers[CCSchemeDatasetHandler].dset, self.certs) compute_cert_labs(self.certs.values()) compute_sars(self.certs.values()) From 0610c0778be58f4734909c5bc6f608ce2f4131ad Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Thu, 23 Jan 2025 14:03:08 +0100 Subject: [PATCH 05/17] fix broken fips vulnerability notebook --- notebooks/fips/vulnerabilities.ipynb | 2 -- 1 file changed, 2 deletions(-) diff --git a/notebooks/fips/vulnerabilities.ipynb b/notebooks/fips/vulnerabilities.ipynb index 7eaf1b3c..d495ea6a 100644 --- a/notebooks/fips/vulnerabilities.ipynb +++ b/notebooks/fips/vulnerabilities.ipynb @@ -11,7 +11,6 @@ { "cell_type": "code", "execution_count": null, - "execution_count": null, "id": "41674b9c", "metadata": { "ExecuteTime": { @@ -205,7 +204,6 @@ "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.12.6" - "version": "3.12.6" }, "vscode": { "interpreter": { From 29ab25f49109b6113d55a521e5f2f1b07a5699cf Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Sat, 25 Jan 2025 18:20:49 +0100 Subject: [PATCH 06/17] implement PP processing --- src/sec_certs/configuration.py | 4 + src/sec_certs/constants.py | 38 ++ .../dataset/auxiliary_dataset_handling.py | 69 ++- src/sec_certs/dataset/cc.py | 102 ++--- src/sec_certs/dataset/dataset.py | 12 +- src/sec_certs/dataset/protection_profile.py | 422 +++++++++++++++--- src/sec_certs/heuristics/cc.py | 39 +- src/sec_certs/sample/cc.py | 151 ++----- src/sec_certs/sample/certificate.py | 7 +- src/sec_certs/sample/document_state.py | 61 +++ src/sec_certs/sample/protection_profile.py | 324 ++++++++++++-- src/sec_certs/utils/helpers.py | 19 +- tests/cc/conftest.py | 6 +- tests/cc/test_cc_analysis.py | 53 +-- tests/cc/test_cc_dataset.py | 12 - tests/data/cc/analysis/cc_full_dataset.json | 23 +- tests/data/cc/analysis/pp.json | 191 ++++++++ tests/data/cc/analysis/reference_dataset.json | 36 +- .../transitive_vulnerability_dataset.json | 56 +-- .../data/cc/analysis/vulnerable_dataset.json | 40 +- tests/data/cc/certificate/fictional_cert.json | 28 +- .../maintenances/maintenance_updates.json | 10 +- tests/data/cc/dataset/toy_dataset.json | 52 +-- tests/test_common.py | 18 + 24 files changed, 1303 insertions(+), 470 deletions(-) create mode 100644 src/sec_certs/sample/document_state.py create mode 100644 tests/data/cc/analysis/pp.json diff --git a/src/sec_certs/configuration.py b/src/sec_certs/configuration.py index 09e24539..031d2d07 100644 --- a/src/sec_certs/configuration.py +++ b/src/sec_certs/configuration.py @@ -54,6 +54,10 @@ class Configuration(BaseSettings): "https://sec-certs.org/cc/cc.tar.gz", description="URL from where to fetch the latest full archive of fully processed CC dataset.", ) + pp_latest_full_archive: AnyHttpUrl = Field( + "https://sec-certs.org/cc/pp.tar.gz", + description="URL from where to fetch the latest full archive of fully processed PP dataset.", + ) cc_maintenances_latest_snapshot: AnyHttpUrl = Field( "https://sec-certs.org/cc/maintenance_updates.json", description="URL from where to fetch the latest snapshot of CC maintenance updates", diff --git a/src/sec_certs/constants.py b/src/sec_certs/constants.py index d134b3fd..afa1969d 100644 --- a/src/sec_certs/constants.py +++ b/src/sec_certs/constants.py @@ -27,6 +27,44 @@ CPE_VERSION_NA = "-" +CC_CAT_ABBREVIATIONS = [ + "AC", + "BD", + "BP", + "DP", + "DB", + "DD", + "IC", + "KM", + "MD", + "MF", + "NS", + "OS", + "OD", + "DG", + "TC", +] + +CC_CATEGORIES = [ + "Access Control Devices and Systems", + "Biometric Systems and Devices", + "Boundary Protection Devices and Systems", + "Data Protection", + "Databases", + "Detection Devices and Systems", + "ICs, Smart Cards and Smart Card-Related Devices and Systems", + "Key Management Systems", + "Mobility", + "Multi-Function Devices", + "Network and Network-Related Devices and Systems", + "Operating Systems", + "Other Devices and Systems", + "Products for Digital Signatures", + "Trusted Computing", +] + +CC_PORTAL_BASE_URL = "https://www.commoncriteriaportal.org" + RELEASE_CANDIDATE_REGEX: re.Pattern = re.compile(r"rc\d{0,2}$", re.IGNORECASE) FIPS_BASE_URL = "https://csrc.nist.gov" diff --git a/src/sec_certs/dataset/auxiliary_dataset_handling.py b/src/sec_certs/dataset/auxiliary_dataset_handling.py index afd2b820..829ecf07 100644 --- a/src/sec_certs/dataset/auxiliary_dataset_handling.py +++ b/src/sec_certs/dataset/auxiliary_dataset_handling.py @@ -6,7 +6,7 @@ from abc import ABC, abstractmethod from collections.abc import Iterable from pathlib import Path -from typing import Any +from typing import Any, ClassVar from sec_certs import constants from sec_certs.configuration import config @@ -14,7 +14,6 @@ from sec_certs.dataset.cpe import CPEDataset from sec_certs.dataset.cve import CVEDataset from sec_certs.dataset.fips_algorithm import FIPSAlgorithmDataset -from sec_certs.dataset.protection_profile import ProtectionProfileDataset from sec_certs.sample.cc import CCCertificate from sec_certs.sample.cc_maintenance_update import CCMaintenanceUpdate from sec_certs.utils import helpers @@ -25,17 +24,25 @@ class AuxiliaryDatasetHandler(ABC): - def __init__(self, root_dir: str | Path) -> None: - self.root_dir = Path(root_dir) + RELATIVE_DIR: ClassVar[str | None] = None + + def __init__(self, aux_datasets_dir: str | Path) -> None: + self.aux_datasets_dir = Path(aux_datasets_dir) self.dset: Any + @property + def root_dir(self) -> Path: + if self.RELATIVE_DIR: + return self.aux_datasets_dir / Path(self.RELATIVE_DIR) + return self.aux_datasets_dir + @property @abstractmethod def dset_path(self) -> Path: raise NotImplementedError("Not meant to be implemented by base class") - def set_local_paths(self, new_root_dir: str | Path) -> None: - self.root_dir = Path(new_root_dir) + def set_local_paths(self, aux_datasets_dir: str | Path) -> None: + self.aux_datasets_dir = Path(aux_datasets_dir) def process_dataset(self, download_fresh: bool = False) -> None: self.root_dir.mkdir(parents=True, exist_ok=True) @@ -170,8 +177,12 @@ def load_dataset(self): class CCSchemeDatasetHandler(AuxiliaryDatasetHandler): - def __init__(self, root_dir: str | Path = constants.DUMMY_NONEXISTING_PATH, only_schemes: set[str] | None = None): - self.root_dir = Path(root_dir) + def __init__( + self, + aux_datasets_dir: str | Path = constants.DUMMY_NONEXISTING_PATH, + only_schemes: set[str] | None = None, + ): + self.aux_datasets_dir = Path(aux_datasets_dir) self.only_schemes = only_schemes self.dset: Any @@ -192,25 +203,25 @@ def load_dataset(self): class CCMaintenanceUpdateDatasetHandler(AuxiliaryDatasetHandler): + RELATIVE_DIR: ClassVar[str] = "maintenances" + def __init__( - self, root_dir: str | Path = constants.DUMMY_NONEXISTING_PATH, certs_with_updates: Iterable[CCCertificate] = [] + self, + aux_datasets_dir: str | Path = constants.DUMMY_NONEXISTING_PATH, + certs_with_updates: Iterable[CCCertificate] = [], ) -> None: - self.root_dir = Path(root_dir) + self.aux_datasets_dir = Path(aux_datasets_dir) self.certs_with_updates = certs_with_updates self.dset: Any @property def dset_path(self) -> Path: - return self.root_dir / "maintenances" - - @property - def _dset_json_path(self) -> Path: - return self.dset_path / "maintenance_updates.json" + return self.root_dir / "maintenance_updates.json" def load_dataset(self) -> None: from sec_certs.dataset.cc import CCDatasetMaintenanceUpdates - self.dset = CCDatasetMaintenanceUpdates.from_json(self._dset_json_path) + self.dset = CCDatasetMaintenanceUpdates.from_json(self.dset_path) @staged(logger, "Processing CC Maintenance updates") def _process_dataset_body(self, download_fresh: bool = False): @@ -223,30 +234,40 @@ def _process_dataset_body(self, download_fresh: bool = False): ) ) self.dset = CCDatasetMaintenanceUpdates( - {x.dgst: x for x in updates}, root_dir=self.dset_path, name="maintenance_updates" + {x.dgst: x for x in updates}, root_dir=self.dset_path.parent, name="maintenance_updates" ) - else: - self.dset = CCDatasetMaintenanceUpdates.from_json(self._dset_json_path) - - if not self.dset.state.artifacts_downloaded: self.dset.download_all_artifacts() - if not self.dset.state.pdfs_converted: self.dset.convert_all_pdfs() - if not self.dset.state.certs_analyzed: self.dset.extract_data() + else: + self.dset = CCDatasetMaintenanceUpdates.from_json(self.dset_path) class ProtectionProfileDatasetHandler(AuxiliaryDatasetHandler): + RELATIVE_DIR: ClassVar[str] = "protection_profiles" + + def __init__(self, aux_datasets_dir: str | Path = constants.DUMMY_NONEXISTING_PATH): + self.aux_datasets_dir = Path(aux_datasets_dir) + @property def dset_path(self) -> Path: return self.root_dir / "pp.json" def load_dataset(self) -> None: + from sec_certs.dataset.protection_profile import ProtectionProfileDataset + self.dset = ProtectionProfileDataset.from_json(self.dset_path) @staged(logger, "Processing Protection profiles") def _process_dataset_body(self, download_fresh: bool = False): + from sec_certs.dataset.protection_profile import ProtectionProfileDataset + if not self.dset_path.exists() or download_fresh: - self.dset = ProtectionProfileDataset.from_web(self.dset_path) + self.dset_path.parent.mkdir(exist_ok=True, parents=True) + self.dset = ProtectionProfileDataset(root_dir=self.dset_path.parent) + self.dset.get_certs_from_web() + self.dset.download_all_artifacts() + self.dset.convert_all_pdfs() + self.dset.analyze_certificates() else: self.dset = ProtectionProfileDataset.from_json(self.dset_path) diff --git a/src/sec_certs/dataset/cc.py b/src/sec_certs/dataset/cc.py index d4be3aff..71c691fc 100644 --- a/src/sec_certs/dataset/cc.py +++ b/src/sec_certs/dataset/cc.py @@ -12,7 +12,6 @@ import pandas as pd from bs4 import BeautifulSoup, Tag -import sec_certs.utils.sanitization from sec_certs import constants from sec_certs.configuration import config from sec_certs.dataset.auxiliary_dataset_handling import ( @@ -27,6 +26,7 @@ from sec_certs.dataset.dataset import Dataset, logger from sec_certs.heuristics.cc import ( compute_cert_labs, + compute_eals, compute_normalized_cert_ids, compute_references, compute_sars, @@ -36,7 +36,6 @@ from sec_certs.heuristics.common import compute_cpe_heuristics, compute_related_cves, compute_transitive_vulnerabilities from sec_certs.sample.cc import CCCertificate from sec_certs.sample.cc_maintenance_update import CCMaintenanceUpdate -from sec_certs.sample.protection_profile import ProtectionProfile from sec_certs.serialization.json import ComplexSerializableType, serialize from sec_certs.utils import helpers, sanitization from sec_certs.utils import parallel_processing as cert_processing @@ -73,10 +72,10 @@ def __init__( self.aux_handlers[CPEMatchDictHandler] = CPEMatchDictHandler(self.auxiliary_datasets_dir) self.aux_handlers[CCSchemeDatasetHandler] = CCSchemeDatasetHandler(self.auxiliary_datasets_dir) self.aux_handlers[ProtectionProfileDatasetHandler] = ProtectionProfileDatasetHandler( - self.auxiliary_datasets_dir + self.auxiliary_datasets_dir / "protection_profiles" ) self.aux_handlers[CCMaintenanceUpdateDatasetHandler] = CCMaintenanceUpdateDatasetHandler( - self.auxiliary_datasets_dir + self.auxiliary_datasets_dir / "maintenances" ) def to_pandas(self) -> pd.DataFrame: @@ -273,12 +272,34 @@ def _set_local_paths(self): self.certificates_txt_dir, ) - def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: - self.aux_handlers[CCMaintenanceUpdateDatasetHandler].certs_with_updates = [ # type: ignore - x for x in self if x.maintenance_updates - ] - self.aux_handlers[CCSchemeDatasetHandler].only_schemes = {x.scheme for x in self} # type: ignore - super().process_auxiliary_datasets(download_fresh) + def process_auxiliary_datasets( + self, + download_fresh: bool = False, + processed_pp_dataset_root_dir: Path | None = None, + skip_schemes: bool = False, + **kwargs, + ) -> None: + if CCMaintenanceUpdateDatasetHandler in self.aux_handlers: + self.aux_handlers[CCMaintenanceUpdateDatasetHandler].certs_with_updates = [ # type: ignore + x for x in self if x.maintenance_updates + ] + if CCSchemeDatasetHandler in self.aux_handlers: + self.aux_handlers[CCSchemeDatasetHandler].only_schemes = {x.scheme for x in self} # type: ignore + + if processed_pp_dataset_root_dir: + if self.aux_handlers[ProtectionProfileDatasetHandler].root_dir.exists(): + logger.warning( + f"Overwriting PP Dataset at {self.aux_handlers[ProtectionProfileDatasetHandler].root_dir} with dataset from {processed_pp_dataset_root_dir}." + ) + shutil.copytree( + processed_pp_dataset_root_dir, + self.aux_handlers[ProtectionProfileDatasetHandler].root_dir, + dirs_exist_ok=True, + ) + + if skip_schemes: + del self.aux_handlers[CCSchemeDatasetHandler] + super().process_auxiliary_datasets(download_fresh, **kwargs) def _merge_certs(self, certs: dict[str, CCCertificate], cert_source: str | None = None) -> None: """ @@ -447,13 +468,6 @@ def _get_primary_key_str(row: Tag): df_base = df_base.drop_duplicates(subset=["dgst"]) df_main = df_main.drop_duplicates() - profiles = { - x.dgst: { - ProtectionProfile(pp_name=y, pp_eal=None) - for y in sec_certs.utils.sanitization.sanitize_protection_profiles(x.protection_profiles) - } - for x in df_base.itertuples() - } updates: dict[str, set] = {x.dgst: set() for x in df_base.itertuples()} for x in df_main.itertuples(): updates[x.dgst].add( @@ -479,7 +493,7 @@ def _get_primary_key_str(row: Tag): x.st_link, None, None, - profiles.get(x.dgst, None), + None, updates.get(x.dgst, None), None, None, @@ -524,9 +538,9 @@ def _parse_table( ) -> dict[str, CCCertificate]: tables = soup.find_all("table", id=table_id) - if not len(tables) <= 1: + if len(tables) > 1: raise ValueError( - f'The "{file.name}" was expected to contain <1 element. Instead, it contains: {len(tables)}
elements.' + f'The "{file.name}" was expected to contain 0-1
element. Instead, it contains: {len(tables)}
elements.' ) if not tables: @@ -555,40 +569,8 @@ def _parse_table( cert_status = "active" if "active" in str(file) else "archived" - cc_cat_abbreviations = [ - "AC", - "BP", - "DP", - "DB", - "DD", - "IC", - "KM", - "MD", - "MF", - "NS", - "OS", - "OD", - "DG", - "TC", - ] - cc_table_ids = ["tbl" + x for x in cc_cat_abbreviations] - cc_categories = [ - "Access Control Devices and Systems", - "Boundary Protection Devices and Systems", - "Data Protection", - "Databases", - "Detection Devices and Systems", - "ICs, Smart Cards and Smart Card-Related Devices and Systems", - "Key Management Systems", - "Mobility", - "Multi-Function Devices", - "Network and Network-Related Devices and Systems", - "Operating Systems", - "Other Devices and Systems", - "Products for Digital Signatures", - "Trusted Computing", - ] - cat_dict = dict(zip(cc_table_ids, cc_categories)) + cc_table_ids = ["tbl" + x for x in constants.CC_CAT_ABBREVIATIONS] + cat_dict = dict(zip(cc_table_ids, constants.CC_CATEGORIES)) with file.open("r") as handle: soup = BeautifulSoup(handle, "html5lib") @@ -807,7 +789,7 @@ def extract_data(self) -> None: self._extract_pdf_keywords() def _compute_heuristics_body(self, skip_schemes: bool = False) -> None: - link_to_protection_profiles(self.aux_handlers[ProtectionProfileDatasetHandler].dset, self.certs.values()) + link_to_protection_profiles(self.certs.values(), self.aux_handlers[ProtectionProfileDatasetHandler].dset) compute_cpe_heuristics(self.aux_handlers[CPEDatasetHandler].dset, self.certs.values()) compute_related_cves( self.aux_handlers[CPEDatasetHandler].dset, @@ -823,6 +805,7 @@ def _compute_heuristics_body(self, skip_schemes: bool = False) -> None: compute_scheme_data(self.aux_handlers[CCSchemeDatasetHandler].dset, self.certs) compute_cert_labs(self.certs.values()) + compute_eals(self.certs.values(), self.aux_handlers[ProtectionProfileDatasetHandler].dset) compute_sars(self.certs.values()) @@ -842,6 +825,7 @@ def __init__( state: CCDataset.DatasetInternalState | None = None, ): super().__init__(certs, root_dir, name, description, state) # type: ignore + self.aux_handlers = {} self.state.meta_sources_parsed = True @property @@ -857,7 +841,13 @@ def _compute_heuristics_body(self, skip_schemes: bool = False) -> None: def compute_related_cves(self) -> None: raise NotImplementedError - def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: + def process_auxiliary_datasets( + self, + download_fresh: bool = False, + processed_pp_dataset_root_dir: Path | None = None, + skip_schemes: bool = False, + **kwargs, + ) -> None: raise NotImplementedError def analyze_certificates(self) -> None: diff --git a/src/sec_certs/dataset/dataset.py b/src/sec_certs/dataset/dataset.py index 44f47494..9659294e 100644 --- a/src/sec_certs/dataset/dataset.py +++ b/src/sec_certs/dataset/dataset.py @@ -60,8 +60,8 @@ def __init__( self.name = name if name else type(self).__name__.lower() + "_dataset" self.description = description if description else "No description provided" self.state = state if state else self.DatasetInternalState() - self.root_dir = Path(root_dir) self.aux_handlers = aux_handlers + self.root_dir = Path(root_dir) @property def root_dir(self) -> Path: @@ -278,7 +278,7 @@ def get_certs_from_web(self) -> None: @staged(logger, "Processing auxiliary datasets") @serialize - def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: + def process_auxiliary_datasets(self, download_fresh: bool = False, **kwargs) -> None: """ Processes all auxiliary datasets (CPE, CVE, ...) that are required during computation. """ @@ -288,9 +288,15 @@ def process_auxiliary_datasets(self, download_fresh: bool = False) -> None: self.state.auxiliary_datasets_processed = True def load_auxiliary_datasets(self) -> None: + logger.info("Loading auxiliary datasets into memory.") for handler in self.aux_handlers.values(): if not hasattr(handler, "dset"): - handler.load_dataset() + try: + handler.load_dataset() + except Exception: + logger.warning( + f"Failed to load auxiliary dataset bound to {handler}, some functionality may not work." + ) @serialize def download_all_artifacts(self, fresh: bool = True) -> None: diff --git a/src/sec_certs/dataset/protection_profile.py b/src/sec_certs/dataset/protection_profile.py index c3440c56..bb3ab35e 100644 --- a/src/sec_certs/dataset/protection_profile.py +++ b/src/sec_certs/dataset/protection_profile.py @@ -1,76 +1,396 @@ -from __future__ import annotations - -import json -import logging -import tempfile -from dataclasses import dataclass +import shutil +from datetime import datetime from pathlib import Path +from typing import ClassVar, Literal + +from bs4 import BeautifulSoup from sec_certs import constants from sec_certs.configuration import config -from sec_certs.dataset.json_path_dataset import JSONPathDataset +from sec_certs.dataset.auxiliary_dataset_handling import AuxiliaryDatasetHandler +from sec_certs.dataset.dataset import Dataset, logger from sec_certs.sample.protection_profile import ProtectionProfile +from sec_certs.serialization.json import ComplexSerializableType, serialize from sec_certs.utils import helpers +from sec_certs.utils import parallel_processing as cert_processing +from sec_certs.utils.profiling import staged + + +class ProtectionProfileDataset(Dataset[ProtectionProfile], ComplexSerializableType): + def __init__( + self, + certs: dict[str, ProtectionProfile] = {}, + root_dir: str | Path = constants.DUMMY_NONEXISTING_PATH, + name: str | None = None, + description: str = "", + state: Dataset.DatasetInternalState | None = None, + aux_handlers: dict[type[AuxiliaryDatasetHandler], AuxiliaryDatasetHandler] = {}, + ): + self.certs = certs + self.timestamp = datetime.now() + self.sha256_digest = "not implemented" + self.name = name if name else type(self).__name__ + " dataset" + self.description = description if description else datetime.now().strftime("%d/%m/%Y %H:%M:%S") + self.state = state if state else self.DatasetInternalState() + self.aux_handlers = aux_handlers + self.root_dir = Path(root_dir) -logger = logging.getLogger(__name__) + @property + def json_path(self) -> Path: + return self.root_dir / "pp.json" + @property + def reports_dir(self) -> Path: + return self.root_dir / "reports" -@dataclass -class ProtectionProfileDataset(JSONPathDataset): - pps: dict[tuple[str, str | None], ProtectionProfile] - _json_path: Path + @property + def pps_dir(self) -> Path: + return self.root_dir / "pps" - def __init__( + @property + def reports_pdf_dir(self) -> Path: + return self.reports_dir / "pdf" + + @property + def reports_txt_dir(self) -> Path: + return self.reports_dir / "txt" + + @property + def pps_pdf_dir(self) -> Path: + return self.pps_dir / "pdf" + + @property + def pps_txt_dir(self) -> Path: + return self.pps_dir / "txt" + + @classmethod + def from_web_latest(cls, path: str | Path | None = None, artifacts: bool = False) -> "ProtectionProfileDataset": + return cls.from_web( + str(config.pp_latest_full_archive), str(config.pp_latest_snapshot), "Downloading PP", path, False, artifacts + ) + + def _compute_heuristics_body(self): + logger.info("Protection profile dataset has no heuristics to compute, skipping.") + + @property + def web_dir(self) -> Path: + return self.root_dir / "web" + + BASE_URL: ClassVar[str] = "https://www.commoncriteriaportal.org" + HTML_URL = { + "pp_active.html": BASE_URL + "/pps/index.cfm", + "pp_archived.html": BASE_URL + "/pps/index.cfm?archived=1", + "pp_collaborative.html": BASE_URL + "/pps/collaborativePP.cfm?cpp=1", + } + CSV_URL = {"pp_active.csv": BASE_URL + "/pps/pps.csv", "pp_archived.csv": BASE_URL + "/pps/pps-archived.csv"} + + @property + def active_html_tuples(self) -> list[tuple[str, Path]]: + return [(x, self.web_dir / y) for y, x in self.HTML_URL.items() if "active" in y] + + @property + def archived_html_tuples(self) -> list[tuple[str, Path]]: + return [(x, self.web_dir / y) for y, x in self.HTML_URL.items() if "archived" in y] + + @property + def collaborative_html_tuples(self) -> list[tuple[str, Path]]: + return [(x, self.web_dir / y) for y, x in self.HTML_URL.items() if "collaborative" in y] + + @property + def active_csv_tuples(self) -> list[tuple[str, Path]]: + return [(x, self.web_dir / y) for y, x in self.CSV_URL.items() if "active" in y] + + @property + def archived_csv_tuples(self) -> list[tuple[str, Path]]: + return [(x, self.web_dir / y) for y, x in self.CSV_URL.items() if "archived" in y] + + @serialize + @staged(logger, "Downloading and processing CSV and HTML files of certificates.") + def get_certs_from_web( self, - pps: dict[tuple[str, str | None], ProtectionProfile], - json_path: str | Path = constants.DUMMY_NONEXISTING_PATH, + to_download: bool = True, + keep_metadata: bool = True, + get_active: bool = True, + get_archived: bool = True, + get_collaborative: bool = True, ) -> None: - self.pps = pps - self.json_path = Path(json_path) + if to_download: + self._download_csv_html_resources(get_active, get_archived, get_collaborative) - def __iter__(self): - yield from self.pps.values() + # TODO: Implement CSV processing if needed. If not, delete this and the corresponding methods. Also get rid of URLs. + # logger.info("Adding PPs from CSV to ProtectionProfileDataset.") + # csv_certs = self._get_all_certs_from_csv(get_active, get_archived) + # self._merge_certs(csv_certs, cert_source="csv") - def __getitem__(self, item: tuple[str, str | None]) -> ProtectionProfile: - return self.pps.__getitem__(item) + logger.info("Adding HTML certificates to ProtectionProfile dataset.") + html_certs = self._get_all_certs_from_html(get_active, get_archived, get_collaborative) + self._merge_certs(html_certs, cert_source="html") - def __setitem__(self, key: tuple[str, str | None], value: ProtectionProfile): - self.pps.__setitem__(key, value) + logger.info(f"The resulting dataset has {len(self)} certificates.") - def __contains__(self, key): - return key in self.pps + if not keep_metadata: + shutil.rmtree(self.web_dir) - def __len__(self) -> int: - return len(self.pps) + self._set_local_paths() + self.state.meta_sources_parsed = True - @classmethod - def from_json(cls, input_path: str | Path, is_compressed: bool = False): - with Path(input_path).open("r") as handle: - data = json.load(handle) - pps = [ProtectionProfile.from_old_api_dict(x) for x in data.values()] + def _merge_certs(self, certs: dict[str, ProtectionProfile], cert_source: str | None = None) -> None: + """ + Merges dictionary of certificates into the dataset. Assuming they all are CommonCriteria certificates + """ + new_certs = {x.dgst: x for x in certs.values() if x not in self} + certs_to_merge = [x for x in certs.values() if x in self] + self.certs.update(new_certs) - dct = {} - for item in pps: - if (item.pp_name, item.pp_link) in dct: - logger.warning(f"Duplicate entry in PP dataset: {(item.pp_name, item.pp_link)}") - dct[(item.pp_name, item.pp_link)] = item + for crt in certs_to_merge: + self[crt.dgst].merge(crt, cert_source) - dset = cls(dct) - dset.json_path = Path(input_path) + logger.info(f"Added {len(new_certs)} new and merged further {len(certs_to_merge)} certificates to the dataset.") - return dset + def _get_all_certs_from_html( + self, get_active: bool = True, get_archived: bool = True, get_collaborative: bool = True + ) -> dict[str, ProtectionProfile]: + html_sources = [] + if get_active: + html_sources.extend([x for x in self.HTML_URL if "active" in x]) + if get_archived: + html_sources.extend([x for x in self.HTML_URL if "archived" in x]) + if get_collaborative: + html_sources.extend([x for x in self.HTML_URL if "collaborative" in x]) - @classmethod - def from_web(cls, store_dataset_path: Path | None = None): - logger.info(f"Downloading static PP dataset from: {config.pp_latest_snapshot}") - if not store_dataset_path: - tmp = tempfile.TemporaryDirectory() - store_dataset_path = Path(tmp.name) / "pp_dataset.json" + new_certs = {} + for file in html_sources: + partial_certs = self._parse_single_html(self.web_dir / file) + logger.info(f"Parsed {len(partial_certs)} protection profiles from: {file}.") + new_certs.update(partial_certs) + return new_certs + + def _get_all_certs_from_csv( + self, get_active: bool = True, get_archived: bool = True + ) -> dict[str, ProtectionProfile]: + csv_sources = list(self.CSV_URL.keys()) + csv_sources = [x for x in csv_sources if "active" not in x or get_active] + csv_sources = [x for x in csv_sources if "archived" not in x or get_archived] + + new_certs = {} + for file in csv_sources: + partial_certs = self._parse_single_csv(self.web_dir / file) + logger.info(f"Parsed {len(partial_certs)} certificates from: {file}") + new_certs.update(partial_certs) + return new_certs + + def _download_csv_html_resources( + self, get_active: bool = True, get_archived: bool = True, get_collaborative: bool = True + ) -> None: + self.web_dir.mkdir(parents=True, exist_ok=True) + html_items = [] + csv_items = [] + if get_active: + html_items.extend(self.active_html_tuples) + csv_items.extend(self.active_csv_tuples) + if get_archived: + html_items.extend(self.archived_html_tuples) + html_items.extend(self.archived_csv_tuples) + if get_collaborative: + html_items.extend(self.collaborative_html_tuples) + + html_urls, html_paths = [x[0] for x in html_items], [x[1] for x in html_items] + csv_urls, csv_paths = [x[0] for x in csv_items], [x[1] for x in csv_items] + + logger.info("Downloading required csv and html files.") + helpers.download_parallel(html_urls, html_paths) + helpers.download_parallel(csv_urls, csv_paths) + + @staticmethod + def _parse_single_csv(file: Path) -> dict[str, ProtectionProfile]: + return {} + + @staticmethod + def _parse_single_html(file: Path) -> dict[str, ProtectionProfile]: + def _parse_table( + soup: BeautifulSoup, + cert_status: Literal["active", "archived"], + table_id: str, + category_string: str, + is_collaborative: bool, + ) -> dict[str, ProtectionProfile]: + tables = soup.find_all("table", id=table_id) + if len(tables) > 1: + raise ValueError( + f'The "{file.name}" was expected to contain 0-1
element. Instead, it contains: {len(tables)}
elements.' + ) + + if not tables: + return {} + + body = list(tables[0].find_all("tr"))[1:] + try: + table_certs = { + x.dgst: x + for x in [ + ProtectionProfile.from_html_row(row, cert_status, category_string, is_collaborative) + for row in body + ] + } + except ValueError as e: + raise ValueError(f"Bad html file: {file.name} ({str(e)})") from e + return table_certs + + cert_status: Literal["active", "archived"] = "active" if "active" in file.name else "archived" + is_collaborative = "collaborative" in file.name + cc_table_ids = ["tbl" + x for x in constants.CC_CAT_ABBREVIATIONS] + if is_collaborative: + cc_table_ids = [x + "1" for x in cc_table_ids] + cat_dict = dict(zip(cc_table_ids, constants.CC_CATEGORIES)) + + with file.open("r") as handle: + soup = BeautifulSoup(handle, "html5lib") + + certs = {} + for key, val in cat_dict.items(): + certs.update(_parse_table(soup, cert_status, key, val, is_collaborative)) + + return certs + + def _convert_all_pdfs_body(self, fresh=True): + self._convert_reports_to_txt(fresh) + self._convert_pps_to_txt(fresh) + + @staged(logger, "Converting PDFs of PP certification reports to text.") + def _convert_reports_to_txt(self, fresh: bool = True): + self.reports_txt_dir.mkdir(parents=True, exist_ok=True) + certs_to_process = [x for x in self if x.state.report.is_ok_to_convert(fresh)] + + if not fresh and certs_to_process: + logger.info( + f"Converting {len(certs_to_process)} PDFs of PP certification reports to text for which previous conversion failed." + ) + + cert_processing.process_parallel( + ProtectionProfile.convert_report_pdf, + certs_to_process, + progress_bar_desc="Converting PDFs of PP certification reports to text.", + ) + + @staged(logger, "Converting PDFs of actual Protection Profiles to text.") + def _convert_pps_to_txt(self, fresh: bool = True): + self.pps_txt_dir.mkdir(parents=True, exist_ok=True) + certs_to_process = [x for x in self if x.state.pp.is_ok_to_convert(fresh)] + + if not fresh and certs_to_process: + logger.info( + f"Converting {len(certs_to_process)} PDFs of actual Protection Profiles to text for which previous conversion failed." + ) + + cert_processing.process_parallel( + ProtectionProfile.convert_pp_pdf, + certs_to_process, + progress_bar_desc="Converting PDFs of actual Protection Profiles to text.", + ) + + def _download_all_artifacts_body(self, fresh=True): + self._download_reports(fresh) + self._download_pps(fresh) + + @staged(logger, "Downloading PDFs of PP certification reports.") + def _download_reports(self, fresh: bool = True): + self.reports_pdf_dir.mkdir(parents=True, exist_ok=True) + certs_to_process = [x for x in self if x.state.report.is_ok_to_download(fresh) and x.web_data.report_link] + + if not fresh and certs_to_process: + logger.info( + f"Downloading {len(certs_to_process)} PDFs of PP certification reports for which previous download failed." + ) + + cert_processing.process_parallel( + ProtectionProfile.download_pdf_report, + certs_to_process, + progress_bar_desc="Downloading PDFs of PP certification reports.", + ) + + @staged(logger, "Downloading PDFs of actual Protection Profiles.") + def _download_pps(self, fresh: bool = True): + self.pps_pdf_dir.mkdir(parents=True, exist_ok=True) + certs_to_process = [x for x in self if x.state.pp.is_ok_to_download(fresh) and x.web_data.pp_link] + + if not fresh and certs_to_process: + logger.info( + f"Downloading {len(certs_to_process)} PDFs of actual Protection Profiles for which previous download failed." + ) + + cert_processing.process_parallel( + ProtectionProfile.download_pdf_pp, + certs_to_process, + progress_bar_desc="Downloading PDFs of actual Protection Profiles.", + ) + + def extract_data(self): + logger.info("Extracting various data from certification artifacts.") + self._extract_pdf_metadata() + self._extract_pdf_keywords() + + @staged(logger, "Extracting metadata from certification artifacts.") + def _extract_pdf_metadata(self): + self._extract_report_metadata() + self._extract_pp_metadata() + + @staged(logger, "Extracting keywords from certification artifacts.") + def _extract_pdf_keywords(self): + self._extract_report_keywords() + self._extract_pp_keywords() + + def _extract_report_metadata(self): + certs_to_process = [x for x in self if x.state.report.is_ok_to_analyze()] + processed_certs = cert_processing.process_parallel( + ProtectionProfile.extract_report_pdf_metadata, + certs_to_process, + use_threading=False, + progress_bar_desc="Extracting metadata from PP certification reports.", + ) + self.update_with_certs(processed_certs) + + def _extract_pp_metadata(self): + certs_to_process = [x for x in self if x.state.pp.is_ok_to_analyze()] + processed_certs = cert_processing.process_parallel( + ProtectionProfile.extract_pp_pdf_metadata, + certs_to_process, + use_threading=False, + progress_bar_desc="Extracting metadata from actual Protection Profiles.", + ) + self.update_with_certs(processed_certs) + + def _extract_report_keywords(self): + certs_to_process = [x for x in self if x.state.report.is_ok_to_analyze()] + processed_certs = cert_processing.process_parallel( + ProtectionProfile.extract_report_pdf_keywords, + certs_to_process, + use_threading=False, + progress_bar_desc="Extracting keywords from PP certification reports.", + ) + self.update_with_certs(processed_certs) + + def _extract_pp_keywords(self): + certs_to_process = [x for x in self if x.state.pp.is_ok_to_analyze()] + processed_certs = cert_processing.process_parallel( + ProtectionProfile.extract_pp_pdf_keywords, + certs_to_process, + use_threading=False, + progress_bar_desc="Extracting keywords from actual Protection Profiles.", + ) + self.update_with_certs(processed_certs) + + def _set_local_paths(self): + super()._set_local_paths() - helpers.download_file(config.pp_latest_snapshot, store_dataset_path) - obj = cls.from_json(store_dataset_path) + for cert in self: + cert.set_local_paths(self.reports_pdf_dir, self.pps_pdf_dir, self.reports_txt_dir, self.pps_txt_dir) - if not store_dataset_path: - tmp.cleanup() + def process_auxiliary_datasets(self) -> None: + logger.info("Protection Profile dataset has no auxiliary datasets to process, skipping.") + self.state.auxiliary_datasets_processed = True - return obj + def get_pp_by_pp_link(self, pp_link: str) -> ProtectionProfile | None: + for pp in self: + if pp.web_data.pp_link == pp_link: + return pp + return None diff --git a/src/sec_certs/heuristics/cc.py b/src/sec_certs/heuristics/cc.py index b646a085..435c69ed 100644 --- a/src/sec_certs/heuristics/cc.py +++ b/src/sec_certs/heuristics/cc.py @@ -1,6 +1,8 @@ import logging +import re from collections.abc import Iterable +from sec_certs.cert_rules import security_level_csv_scan from sec_certs.dataset.cc_scheme import CCSchemeDataset from sec_certs.dataset.protection_profile import ProtectionProfileDataset from sec_certs.model.cc_matching import CCSchemeMatcher @@ -9,17 +11,25 @@ from sec_certs.sample.cc import CCCertificate from sec_certs.sample.cc_certificate_id import CertificateId from sec_certs.sample.cc_scheme import EntryType +from sec_certs.utils.helpers import choose_lowest_eal from sec_certs.utils.profiling import staged logger = logging.getLogger(__name__) @staged(logger, "Computing heuristics: Linking certificates to protection profiles") -def link_to_protection_profiles(pp_dset: ProtectionProfileDataset, certs: Iterable[CCCertificate]) -> None: +def link_to_protection_profiles( + certs: Iterable[CCCertificate], + pp_dset: ProtectionProfileDataset, +) -> None: for cert in certs: - if cert.protection_profiles is None: - continue - cert.protection_profiles = {pp_dset.pps.get((x.pp_name, x.pp_link), x) for x in cert.protection_profiles} + if cert.protection_profile_links: + pps = [pp_dset.get_pp_by_pp_link(x) for x in cert.protection_profile_links] + pp_digests = {x.dgst for x in pps if x} + cert.heuristics.protection_profiles = pp_digests if pp_digests else None + logger.info( + f"Linked {len([x for x in certs if x.heuristics.protection_profiles])} certificates to their protection profiles." + ) @staged(logger, "Computing heuristics: references between certificates.") @@ -84,3 +94,24 @@ def compute_sars(certs: Iterable[CCCertificate]) -> None: transformer = SARTransformer().fit(certs) for cert in certs: cert.heuristics.extracted_sars = transformer.transform_single_cert(cert) + + +@staged(logger, "Computing heuristics: EALs") +def compute_eals(certs: Iterable[CCCertificate], pp_dataset: ProtectionProfileDataset) -> None: + def compute_cert_eal(cert: CCCertificate) -> str | None: + res = [x for x in cert.security_level if re.match(security_level_csv_scan, x)] + if res and len(res) == 1: + return res[0] + elif res and len(res) > 1: + raise ValueError(f"Expected single EAL in security_level field, got: {res}") + else: + if cert.heuristics.protection_profiles: + eals: set[str] = { + eal for x in cert.heuristics.protection_profiles if (eal := pp_dataset[x].web_data.eal) is not None + } + return choose_lowest_eal(eals) + else: + return None + + for cert in certs: + cert.heuristics.eal = compute_cert_eal(cert) diff --git a/src/sec_certs/sample/cc.py b/src/sec_certs/sample/cc.py index a9aa2262..3069ae6a 100644 --- a/src/sec_certs/sample/cc.py +++ b/src/sec_certs/sample/cc.py @@ -17,13 +17,13 @@ import sec_certs.utils.extract import sec_certs.utils.pdf from sec_certs import constants -from sec_certs.cert_rules import SARS_IMPLIED_FROM_EAL, cc_rules, rules, security_level_csv_scan +from sec_certs.cert_rules import SARS_IMPLIED_FROM_EAL, cc_rules, rules from sec_certs.configuration import config from sec_certs.sample.cc_certificate_id import CertificateId, canonicalize, schemes from sec_certs.sample.certificate import Certificate, References, logger from sec_certs.sample.certificate import Heuristics as BaseHeuristics from sec_certs.sample.certificate import PdfData as BasePdfData -from sec_certs.sample.protection_profile import ProtectionProfile +from sec_certs.sample.document_state import DocumentState from sec_certs.sample.sar import SAR from sec_certs.serialization.json import ComplexSerializableType from sec_certs.serialization.pandas import PandasSerializableType @@ -43,8 +43,6 @@ class CCCertificate( the certificate can handle itself. `CCDataset` class then instrument this functionality. """ - cc_url = "https://www.commoncriteriaportal.org" - @dataclass(eq=True, frozen=True) class MaintenanceReport(ComplexSerializableType): """ @@ -76,86 +74,15 @@ def __lt__(self, other): return self.maintenance_date < other.maintenance_date @dataclass - class DocumentState(ComplexSerializableType): - download_ok: bool = False # Whether download went OK - convert_garbage: bool = False # Whether initial conversion resulted in garbage - convert_ok: bool = False # Whether overall conversion went OK (either pdftotext or via OCR) - extract_ok: bool = False # Whether extraction went OK - - pdf_hash: str | None = None - txt_hash: str | None = None - - _pdf_path: Path | None = None - _txt_path: Path | None = None - - def is_ok_to_download(self, fresh: bool = True) -> bool: - return True if fresh else not self.download_ok - - def is_ok_to_convert(self, fresh: bool = True) -> bool: - return self.download_ok if fresh else self.download_ok and not self.convert_ok - - def is_ok_to_analyze(self, fresh: bool = True) -> bool: - if fresh: - return self.download_ok and self.convert_ok - else: - return self.download_ok and self.convert_ok and not self.extract_ok - - @property - def pdf_path(self) -> Path: - if not self._pdf_path: - raise ValueError(f"pdf_path not set on {type(self)}") - return self._pdf_path - - @pdf_path.setter - def pdf_path(self, pth: str | Path | None) -> None: - self._pdf_path = Path(pth) if pth else None - - @property - def txt_path(self) -> Path: - if not self._txt_path: - raise ValueError(f"txt_path not set on {type(self)}") - return self._txt_path - - @txt_path.setter - def txt_path(self, pth: str | Path | None) -> None: - self._txt_path = Path(pth) if pth else None - - @property - def serialized_attributes(self) -> list[str]: - return [ - "download_ok", - "convert_garbage", - "convert_ok", - "extract_ok", - "pdf_hash", - "txt_hash", - ] - - @dataclass(init=False) class InternalState(ComplexSerializableType): """ Holds internal state of the certificate, whether downloads and converts of individual components succeeded. Also holds information about errors and paths to the files. """ - report: CCCertificate.DocumentState - st: CCCertificate.DocumentState - cert: CCCertificate.DocumentState - - def __init__( - self, - report: CCCertificate.DocumentState | None = None, - st: CCCertificate.DocumentState | None = None, - cert: CCCertificate.DocumentState | None = None, - ): - super().__init__() - self.report = report if report is not None else CCCertificate.DocumentState() - self.st = st if st is not None else CCCertificate.DocumentState() - self.cert = cert if cert is not None else CCCertificate.DocumentState() - - @property - def serialized_attributes(self) -> list[str]: - return ["report", "st", "cert"] + report: DocumentState = field(default_factory=DocumentState) + st: DocumentState = field(default_factory=DocumentState) + cert: DocumentState = field(default_factory=DocumentState) @dataclass class PdfData(BasePdfData, ComplexSerializableType): @@ -350,7 +277,6 @@ class Heuristics(BaseHeuristics, ComplexSerializableType): next_certificates: list[str] | None = field(default=None) st_references: References = field(default_factory=References) report_references: References = field(default_factory=References) - # Contains direct outward references merged from both st, and report sources, annotated with ReferenceAnnotator # TODO: Reference meanings as Enum if we work with it further. annotated_references: dict[str, str] | None = field(default=None) @@ -358,6 +284,8 @@ class Heuristics(BaseHeuristics, ComplexSerializableType): direct_transitive_cves: set[str] | None = field(default=None) indirect_transitive_cves: set[str] | None = field(default=None) scheme_data: dict[str, Any] | None = field(default=None) + protection_profiles: set[str] | None = field(default=None) + eal: str | None = field(default=None) @property def serialized_attributes(self) -> list[str]: @@ -406,7 +334,7 @@ def __init__( st_link: str | None, cert_link: str | None, manufacturer_web: str | None, - protection_profiles: set[ProtectionProfile] | None, + protection_profile_links: set[str] | None, maintenance_updates: set[MaintenanceReport] | None, state: InternalState | None, pdf_data: PdfData | None, @@ -430,7 +358,7 @@ def __init__( self.st_link = sanitization.sanitize_link(st_link) self.cert_link = sanitization.sanitize_link(cert_link) self.manufacturer_web = sanitization.sanitize_link(manufacturer_web) - self.protection_profiles = protection_profiles + self.protection_profile_links = protection_profile_links self.maintenance_updates = maintenance_updates self.state = state if state else self.InternalState() self.pdf_data = pdf_data if pdf_data else self.PdfData() @@ -468,22 +396,6 @@ def older_dgst(self) -> str: raise RuntimeError("Certificate digest can't be computed, because information is missing.") return helpers.get_first_16_bytes_sha256(self.category + self.name + self.report_link) - @property - def eal(self) -> str | None: - """ - Returns EAL of certificate if it was extracted, None otherwise. - """ - res = [x for x in self.security_level if re.match(security_level_csv_scan, x)] - if res and len(res) == 1: - return res[0] - if res and len(res) > 1: - raise ValueError(f"Expected single EAL in security_level field, got: {res}") - else: - if self.protection_profiles: - return helpers.choose_lowest_eal({x.pp_eal for x in self.protection_profiles if x.pp_eal}) - else: - return None - @property def actual_sars(self) -> set[SAR] | None: """ @@ -492,8 +404,8 @@ def actual_sars(self) -> set[SAR] | None: :return Optional[Set[SAR]]: Set of actual SARs of a certificate, None if empty """ sars = {} - if self.eal: - sars = {x[0]: SAR(x[0], x[1]) for x in SARS_IMPLIED_FROM_EAL[self.eal[:4]]} + if self.heuristics.eal: + sars = {x[0]: SAR(x[0], x[1]) for x in SARS_IMPLIED_FROM_EAL[self.heuristics.eal[:4]]} if self.heuristics.extracted_sars: for sar in self.heuristics.extracted_sars: @@ -520,7 +432,7 @@ def pandas_tuple(self) -> tuple: self.manufacturer, self.scheme, self.security_level, - self.eal, + self.heuristics.eal, self.not_valid_before, self.not_valid_after, self.report_link, @@ -536,7 +448,7 @@ def pandas_tuple(self) -> tuple: self.heuristics.report_references.directly_referencing, self.heuristics.report_references.indirectly_referencing, self.heuristics.extracted_sars, - [x.pp_name for x in self.protection_profiles] if self.protection_profiles else np.nan, + self.heuristics.protection_profiles if self.heuristics.protection_profiles else np.nan, self.heuristics.cert_lab[0] if (self.heuristics.cert_lab and self.heuristics.cert_lab[0]) else np.nan, ) @@ -557,7 +469,13 @@ def merge(self, other: CCCertificate, other_source: str | None = None) -> None: # Prefer some values from the HTML # Links in CSV are currently (13.08.2024) broken. - html_preferred_attrs = {"protection_profiles", "maintenance_updates", "cert_link", "report_link", "st_link"} + html_preferred_attrs = { + "protection_profile_links", + "maintenance_updates", + "cert_link", + "report_link", + "st_link", + } for att, val in vars(self).items(): if (not val) or (other_source == "html" and att in html_preferred_attrs) or (att == "state"): @@ -575,7 +493,8 @@ def from_dict(cls, dct: dict) -> CCCertificate: """ new_dct = dct.copy() new_dct["maintenance_updates"] = set(dct["maintenance_updates"]) - new_dct["protection_profiles"] = set(dct["protection_profiles"]) + if dct["protection_profile_links"]: + new_dct["protection_profile_links"] = set(dct["protection_profile_links"]) new_dct["not_valid_before"] = ( date.fromisoformat(dct["not_valid_before"]) if isinstance(dct["not_valid_before"], str) @@ -615,16 +534,12 @@ def _html_row_get_manufacturer_web(cell: Tag) -> str | None: return None @staticmethod - def _html_row_get_protection_profiles(cell: Tag) -> set: - protection_profiles = set() + def _html_row_get_protection_profile_links(cell: Tag) -> set: + protection_profile_links = set() for link in list(cell.find_all("a")): if link.get("href") is not None and "/ppfiles/" in link.get("href"): - protection_profiles.add( - ProtectionProfile( - pp_name=str(link.contents[0]), pp_eal=None, pp_link=CCCertificate.cc_url + link.get("href") - ) - ) - return protection_profiles + protection_profile_links.add(constants.CC_PORTAL_BASE_URL + link.get("href")) + return protection_profile_links @staticmethod def _html_row_get_date(cell: Tag) -> date | None: @@ -643,16 +558,16 @@ def _html_row_get_report_st_links(cell: Tag) -> tuple[str | None, str | None]: if not title: continue if title.startswith("Certification Report"): - report_link = CCCertificate.cc_url + link.get("href") + report_link = constants.CC_PORTAL_BASE_URL + link.get("href") elif title.startswith("Security Target"): - security_target_link = CCCertificate.cc_url + link.get("href") + security_target_link = constants.CC_PORTAL_BASE_URL + link.get("href") return report_link, security_target_link @staticmethod def _html_row_get_cert_link(cell: Tag) -> str | None: links = cell.find_all("a") - return CCCertificate.cc_url + links[0].get("href") if links else None + return constants.CC_PORTAL_BASE_URL + links[0].get("href") if links else None @staticmethod def _html_row_get_maintenance_div(cell: Tag) -> Tag | None: @@ -675,9 +590,9 @@ def _html_row_get_maintenance_updates(main_div: Tag) -> set[CCCertificate.Mainte links = u.find_all("a") for link in links: if link.get("title").startswith("Maintenance Report:"): - main_report_link = CCCertificate.cc_url + link.get("href") + main_report_link = constants.CC_PORTAL_BASE_URL + link.get("href") elif link.get("title").startswith("Maintenance ST"): - main_st_link = CCCertificate.cc_url + link.get("href") + main_st_link = constants.CC_PORTAL_BASE_URL + link.get("href") else: logger.error("Unknown link in Maintenance part!") maintenance_updates.add( @@ -700,7 +615,7 @@ def from_html_row(cls, row: Tag, status: str, category: str) -> CCCertificate: manufacturer_web = CCCertificate._html_row_get_manufacturer_web(cells[1]) scheme = CCCertificate._html_row_get_scheme(cells[6]) security_level = CCCertificate._html_row_get_security_level(cells[5]) - protection_profiles = CCCertificate._html_row_get_protection_profiles(cells[0]) + protection_profile_links = CCCertificate._html_row_get_protection_profile_links(cells[0]) not_valid_before = CCCertificate._html_row_get_date(cells[3]) not_valid_after = CCCertificate._html_row_get_date(cells[4]) report_link, st_link = CCCertificate._html_row_get_report_st_links(cells[0]) @@ -721,7 +636,7 @@ def from_html_row(cls, row: Tag, status: str, category: str) -> CCCertificate: st_link, cert_link, manufacturer_web, - protection_profiles, + protection_profile_links, maintenances, None, None, diff --git a/src/sec_certs/sample/certificate.py b/src/sec_certs/sample/certificate.py index 74b1af96..6fbf8af4 100644 --- a/src/sec_certs/sample/certificate.py +++ b/src/sec_certs/sample/certificate.py @@ -30,8 +30,7 @@ def __bool__(self): class Heuristics: - cpe_matches: set[str] | None - related_cves: set[str] | None + pass class PdfData: @@ -87,7 +86,3 @@ def to_dict(self) -> dict[str, Any]: def from_dict(cls: type[T], dct: dict) -> T: dct.pop("dgst") return cls(**dct) - - @abstractmethod - def compute_heuristics_version(self) -> None: - raise NotImplementedError("Not meant to be implemented") diff --git a/src/sec_certs/sample/document_state.py b/src/sec_certs/sample/document_state.py new file mode 100644 index 00000000..a2cf1769 --- /dev/null +++ b/src/sec_certs/sample/document_state.py @@ -0,0 +1,61 @@ +from dataclasses import dataclass +from pathlib import Path + +from sec_certs.serialization.json import ComplexSerializableType + + +@dataclass +class DocumentState(ComplexSerializableType): + download_ok: bool = False # Whether download went OK + convert_garbage: bool = False # Whether initial conversion resulted in garbage + convert_ok: bool = False # Whether overall conversion went OK (either pdftotext or via OCR) + extract_ok: bool = False # Whether extraction went OK + + pdf_hash: str | None = None + txt_hash: str | None = None + + _pdf_path: Path | None = None + _txt_path: Path | None = None + + def is_ok_to_download(self, fresh: bool = True) -> bool: + return True if fresh else not self.download_ok + + def is_ok_to_convert(self, fresh: bool = True) -> bool: + return self.download_ok if fresh else self.download_ok and not self.convert_ok + + def is_ok_to_analyze(self, fresh: bool = True) -> bool: + if fresh: + return self.download_ok and self.convert_ok + else: + return self.download_ok and self.convert_ok and not self.extract_ok + + @property + def pdf_path(self) -> Path: + if not self._pdf_path: + raise ValueError(f"pdf_path not set on {type(self)}") + return self._pdf_path + + @pdf_path.setter + def pdf_path(self, pth: str | Path | None) -> None: + self._pdf_path = Path(pth) if pth else None + + @property + def txt_path(self) -> Path: + if not self._txt_path: + raise ValueError(f"txt_path not set on {type(self)}") + return self._txt_path + + @txt_path.setter + def txt_path(self, pth: str | Path | None) -> None: + self._txt_path = Path(pth) if pth else None + + @property + def serialized_attributes(self) -> list[str]: + return [ + "download_ok", + "convert_garbage", + "convert_ok", + "extract_ok", + "pdf_hash", + "txt_hash", + ] diff --git a/src/sec_certs/sample/protection_profile.py b/src/sec_certs/sample/protection_profile.py index 4c26a1c7..36f13130 100644 --- a/src/sec_certs/sample/protection_profile.py +++ b/src/sec_certs/sample/protection_profile.py @@ -1,55 +1,303 @@ from __future__ import annotations -import copy -import logging -from dataclasses import dataclass -from typing import Any +from dataclasses import dataclass, field +from datetime import date, datetime +from pathlib import Path +from typing import Any, Literal +from urllib.parse import unquote_plus, urlparse +import requests +from bs4 import Tag + +import sec_certs.utils.extract +import sec_certs.utils.pdf +from sec_certs import constants +from sec_certs.cert_rules import cc_rules +from sec_certs.configuration import config +from sec_certs.sample.certificate import Certificate, logger +from sec_certs.sample.certificate import Heuristics as BaseHeuristics +from sec_certs.sample.certificate import PdfData as BasePdfData +from sec_certs.sample.document_state import DocumentState from sec_certs.serialization.json import ComplexSerializableType -from sec_certs.utils import sanitization +from sec_certs.utils import helpers -logger = logging.getLogger(__name__) +class ProtectionProfile( + Certificate["ProtectionProfile", "ProtectionProfile.Heuristics", "ProtectionProfile.PdfData"], + ComplexSerializableType, +): + @dataclass + class Heuristics(BaseHeuristics, ComplexSerializableType): + pass -@dataclass(frozen=True) -class ProtectionProfile(ComplexSerializableType): - """ - Object for holding protection profiles. - """ + @dataclass + class PdfData(BasePdfData, ComplexSerializableType): + report_metadata: dict[str, Any] | None = field(default=None) + pp_metadata: dict[str, Any] | None = field(default=None) + report_keywords: dict[str, Any] | None = field(default=None) + pp_keywords: dict[str, Any] | None = field(default=None) + report_filename: str | None = field(default=None) + pp_filename: str | None = field(default=None) - pp_name: str - pp_eal: str | None - pp_link: str | None = None - pp_ids: frozenset[str] | None = None + def __bool__(self) -> bool: + return any(x is not None for x in vars(self)) - def __post_init__(self): - super().__setattr__("pp_name", sanitization.sanitize_string(self.pp_name)) - super().__setattr__("pp_link", sanitization.sanitize_link(self.pp_link)) + @dataclass(eq=True) + class WebData(ComplexSerializableType): + category: str + status: Literal["active", "archived"] + is_collaborative: bool + name: str + version: str + security_level: set[str] + not_valid_before: date | None + not_valid_after: date | None + report_link: str | None + pp_link: str | None + scheme: str | None + maintenances: list[tuple[date, str, str]] - @classmethod - def from_dict(cls, dct: dict[str, Any]) -> ProtectionProfile: - new_dct = copy.deepcopy(dct) - new_dct["pp_ids"] = frozenset(new_dct["pp_ids"]) if new_dct["pp_ids"] else None - return cls(*tuple(new_dct.values())) + @property + def eal(self) -> str | None: + return helpers.choose_lowest_eal(self.security_level) + + @classmethod + def from_html_row( + cls, row: Tag, status: Literal["active", "archived"], category: str, is_collaborative: bool + ) -> ProtectionProfile.WebData: + if is_collaborative: + return cls._from_html_row_collaborative(row, category) + return cls._from_html_row_classic_pp(row, status, category) + + @classmethod + def _from_html_row_classic_pp( + cls, row: Tag, status: Literal["active", "archived"], category: str + ) -> ProtectionProfile.WebData: + cells = list(row.find_all("td")) + if status == "active" and len(cells) != 6: + raise ValueError( + f"Unexpected number of
elements in PP html row. Expected: 6, actual: {len(cells)}" + ) + if status == "archived" and len(cells) != 7: + raise ValueError( + f"Unexpected number of elements in PP html row. Expected: 6, actual: {len(cells)}" + ) + + # TODO: Parse maintenance div here. See CC parsing. + return cls( + category, + status, + False, + cls._html_row_get_name(cells[0]), + cls._html_row_get_version(cells[1]), + cls._html_row_get_security_level(cells[2]), + cls._html_row_get_date(cells[3]), + None if status == "active" else cls._html_row_get_date(cells[4]), + cls._html_row_get_link(cells[-1]), + cls._html_row_get_link(cells[0]), + cls._html_row_get_scheme(cells[-2]), + [], + ) + + @classmethod + def _from_html_row_collaborative(cls, row: Tag, category: str) -> ProtectionProfile.WebData: + cells = list(row.find_all("td")) + if len(cells) != 5: + raise ValueError( + f"Unexpected number of elements in collaborative PP html row. Expected: 5, actual: {len(cells)}" + ) + + return cls( + category, + "active", + True, + cls._html_row_get_collaborative_name(cells[0]), + cls._html_row_get_version(cells[1]), + cls._html_row_get_security_level(cells[2]), + cls._html_row_get_date(cells[3]), + None, + cls._html_row_get_link(cells[-1]), + cls._html_row_get_collaborative_pp_link(cells[0]), + None, + [], + ) + + @staticmethod + def _html_row_get_date(cell: Tag) -> date | None: + text = cell.get_text() + extracted_date = datetime.strptime(text, "%Y-%m-%d").date() if text else None + return extracted_date + + @staticmethod + def _html_row_get_name(cell: Tag) -> str: + return cell.find_all("a")[0].string + + @staticmethod + def _html_row_get_link(cell: Tag) -> str: + return constants.CC_PORTAL_BASE_URL + cell.find_all("a")[0].get("href") + + @staticmethod + def _html_row_get_version(cell: Tag) -> str: + return cell.text + + @staticmethod + def _html_row_get_security_level(cell: Tag) -> set[str]: + return set(cell.stripped_strings) + + @staticmethod + def _html_row_get_scheme(cell: Tag) -> str | None: + schemes = list(cell.stripped_strings) + return schemes[0] if schemes else None + + @staticmethod + def _html_row_get_collaborative_name(cell: Tag) -> str: + return list(cell.stripped_strings)[0] + + @staticmethod + def _html_row_get_collaborative_pp_link(cell: Tag) -> str: + return constants.CC_PORTAL_BASE_URL + [x for x in cell.find_all("a") if x.string == "Protection Profile"][ + 0 + ].get("href") + + @dataclass + class InternalState(ComplexSerializableType): + pp: DocumentState = field(default_factory=DocumentState) + report: DocumentState = field(default_factory=DocumentState) + + def __init__( + self, + web_data: WebData, + pdf_data: PdfData | None = None, + heuristics: Heuristics | None = None, + state: InternalState | None = None, + ): + super().__init__() + self.web_data: ProtectionProfile.WebData = web_data + self.pdf_data: ProtectionProfile.PdfData = pdf_data if pdf_data else ProtectionProfile.PdfData() + self.heuristics: ProtectionProfile.Heuristics = heuristics if heuristics else ProtectionProfile.Heuristics() + self.state: ProtectionProfile.InternalState = state if state else ProtectionProfile.InternalState() + + @property + def dgst(self) -> str: + return helpers.get_first_16_bytes_sha256( + "|".join([self.web_data.category, self.web_data.name, self.web_data.version]) + ) + + @property + def label_studio_title(self) -> str: + return self.web_data.name + + def merge(self, other: ProtectionProfile, other_source: str | None = None) -> None: + raise ValueError("Merging of PPs not implemented.") + + def set_local_paths( + self, + report_pdf_dir: str | Path | None, + pp_pdf_dir: str | Path | None, + report_txt_dir: str | Path | None, + pp_txt_dir: str | Path | None, + ) -> None: + if report_pdf_dir: + self.state.report.pdf_path = Path(report_pdf_dir) / f"{self.dgst}.pdf" + if pp_pdf_dir: + self.state.pp.pdf_path = Path(pp_pdf_dir) / f"{self.dgst}.pdf" + if report_txt_dir: + self.state.report.txt_path = Path(report_txt_dir) / f"{self.dgst}.txt" + if pp_txt_dir: + self.state.pp.txt_path = Path(pp_txt_dir) / f"{self.dgst}.txt" @classmethod - def from_old_api_dict(cls, dct: dict[str, Any]) -> ProtectionProfile: - pp_name = sanitization.sanitize_string(dct["csv_scan"]["cc_pp_name"]) - pp_link = sanitization.sanitize_link(dct["csv_scan"]["link_pp_document"]) - pp_ids = frozenset(dct["processed"]["cc_pp_csvid"]) if dct["processed"]["cc_pp_csvid"] else None - eal_set = sanitization.sanitize_security_levels(dct["csv_scan"]["cc_security_level"]) + def from_html_row( + cls, row: Tag, status: Literal["active", "archived"], category: str, is_collaborative: bool + ) -> ProtectionProfile: + return cls(ProtectionProfile.WebData.from_html_row(row, status, category, is_collaborative)) + + @staticmethod + def download_pdf_report(cert: ProtectionProfile) -> ProtectionProfile: + exit_code: str | int + if not cert.web_data.report_link: + exit_code = "No link" + else: + exit_code = helpers.download_file( + cert.web_data.report_link, cert.state.report.pdf_path, proxy=config.cc_use_proxy + ) + if exit_code != requests.codes.ok: + error_msg = f"failed to download report from {cert.web_data.report_link}, code: {exit_code}" + logger.error(f"Cert dgst: {cert.dgst} " + error_msg) + cert.state.report.download_ok = False + else: + cert.state.report.download_ok = True + cert.state.report.pdf_hash = helpers.get_sha256_filepath(cert.state.report.pdf_path) + cert.pdf_data.report_filename = unquote_plus(str(urlparse(cert.web_data.report_link).path).split("/")[-1]) + return cert + + @staticmethod + def download_pdf_pp(cert: ProtectionProfile) -> ProtectionProfile: + exit_code: str | int + if not cert.web_data.pp_link: + exit_code = "No link" + else: + exit_code = helpers.download_file(cert.web_data.pp_link, cert.state.pp.pdf_path, proxy=config.cc_use_proxy) + if exit_code != requests.codes.ok: + error_msg = f"failed to download PP from {cert.web_data.pp_link}, code: {exit_code}" + logger.error(f"Cert dgst: {cert.dgst} " + error_msg) + cert.state.pp.download_ok = False + else: + cert.state.pp.download_ok = True + cert.state.pp.pdf_hash = helpers.get_sha256_filepath(cert.state.pp.pdf_path) + cert.pdf_data.pp_filename = unquote_plus(str(urlparse(cert.web_data.pp_link).path).split("/")[-1]) + return cert + + @staticmethod + def convert_report_pdf(cert: ProtectionProfile) -> ProtectionProfile: + ocr_done, ok_result = sec_certs.utils.pdf.convert_pdf_file( + cert.state.report.pdf_path, cert.state.report.txt_path + ) + cert.state.report.convert_garbage = ocr_done + cert.state.report.convert_ok = ok_result + if not ok_result: + logger.error(f"Cert dgst: {cert.dgst} failed to convert report pdf to txt") + else: + cert.state.report.txt_hash = helpers.get_sha256_filepath(cert.state.report.txt_path) + return cert - if not len(eal_set) <= 1: - raise ValueError("EAL field should have single value or should be empty.") + @staticmethod + def convert_pp_pdf(cert: ProtectionProfile) -> ProtectionProfile: + ocr_done, ok_result = sec_certs.utils.pdf.convert_pdf_file(cert.state.pp.pdf_path, cert.state.pp.txt_path) + cert.state.pp.convert_garbage = ocr_done + cert.state.pp.convert_ok = ok_result + if not ok_result: + logger.error(f"Cert dgst: {cert.dgst} failed to convert PP pdf to txt") + else: + cert.state.pp.txt_hash = helpers.get_sha256_filepath(cert.state.pp.txt_path) + return cert - eal_str = list(eal_set)[0] if eal_set else None + @staticmethod + def extract_report_pdf_metadata(cert: ProtectionProfile) -> ProtectionProfile: + response, cert.pdf_data.report_metadata = sec_certs.utils.pdf.extract_pdf_metadata(cert.state.report.pdf_path) + cert.state.report.extract_ok = response == constants.RETURNCODE_OK + return cert - return cls(pp_name, eal_str, pp_link, pp_ids) + @staticmethod + def extract_pp_pdf_metadata(cert: ProtectionProfile) -> ProtectionProfile: + response, cert.pdf_data.pp_metadata = sec_certs.utils.pdf.extract_pdf_metadata(cert.state.pp.pdf_path) + cert.state.pp.extract_ok = response == constants.RETURNCODE_OK + return cert - def __eq__(self, other: object) -> bool: - if not isinstance(other, ProtectionProfile): - return False - return self.pp_name == other.pp_name and self.pp_link == other.pp_link + @staticmethod + def extract_report_pdf_keywords(cert: ProtectionProfile) -> ProtectionProfile: + report_keywords = sec_certs.utils.extract.extract_keywords(cert.state.report.txt_path, cc_rules) + if report_keywords is None: + cert.state.report.extract_ok = False + else: + cert.pdf_data.report_keywords = report_keywords + return cert - def __lt__(self, other: ProtectionProfile) -> bool: - return self.pp_name < other.pp_name + @staticmethod + def extract_pp_pdf_keywords(cert: ProtectionProfile) -> ProtectionProfile: + pp_keywords = sec_certs.utils.extract.extract_keywords(cert.state.pp.txt_path, cc_rules) + if pp_keywords is None: + cert.state.pp.extract_ok = False + else: + cert.pdf_data.pp_keywords = pp_keywords + return cert diff --git a/src/sec_certs/utils/helpers.py b/src/sec_certs/utils/helpers.py index 6a6a9954..d34e9f0e 100644 --- a/src/sec_certs/utils/helpers.py +++ b/src/sec_certs/utils/helpers.py @@ -264,7 +264,18 @@ def choose_lowest_eal(eals: set[str] | None) -> str | None: if not eals: return None - matches = [(re.search(r"\d+", x)) for x in eals] - min_number = min([int(x.group()) for x in matches if x]) - candidates = [x for x in eals if str(min_number) in x] - return "EAL" + str(min_number) if len(candidates) == 2 else candidates[0] + eal_pattern = re.compile(r"(EAL(\d+)\+?)") + eal_entries = [] + + for s in eals: + match = eal_pattern.search(s) + if match: + full_match = match.group(1) + number = int(match.group(2)) + has_plus = "+" in full_match + eal_entries.append((number, has_plus, full_match)) + + if eal_entries: + eal_entries.sort(key=lambda x: (x[0], x[1])) + return eal_entries[0][2] + return None diff --git a/tests/cc/conftest.py b/tests/cc/conftest.py index 1f5050be..68bf3cd5 100644 --- a/tests/cc/conftest.py +++ b/tests/cc/conftest.py @@ -8,7 +8,6 @@ from sec_certs.dataset.cc import CCDataset from sec_certs.sample.cc import CCCertificate -from sec_certs.sample.protection_profile import ProtectionProfile @pytest.fixture(scope="module") @@ -38,7 +37,7 @@ def cert_one() -> CCCertificate: "https://www.commoncriteriaportal.org/files/epfiles/ST%20-%20NetIQ%20Identity%20Manager%204.7.pdf", "https://www.commoncriteriaportal.org/files/epfiles/Certifikat%20CCRA%20-%20NetIQ%20Identity%20Manager%204.7_signed.pdf", "https://www.netiq.com/", - set(), + None, set(), None, None, @@ -48,7 +47,6 @@ def cert_one() -> CCCertificate: @pytest.fixture(scope="module") def cert_two() -> CCCertificate: - pp = ProtectionProfile("sample_pp", None, pp_link="https://sample.pp") update = CCCertificate.MaintenanceReport( date(1900, 1, 1), "Sample maintenance", "https://maintenance.up", "https://maintenance.up" ) @@ -66,7 +64,7 @@ def cert_two() -> CCCertificate: "https://path.to/st/link", "https://path.to/cert/link", "https://path.to/manufacturer/web", - {pp}, + {"https://sample.pp"}, {update}, None, None, diff --git a/tests/cc/test_cc_analysis.py b/tests/cc/test_cc_analysis.py index 9a57da1e..849eda68 100644 --- a/tests/cc/test_cc_analysis.py +++ b/tests/cc/test_cc_analysis.py @@ -19,10 +19,9 @@ from sec_certs.dataset.cc import CCDataset from sec_certs.dataset.cpe import CPEDataset from sec_certs.dataset.cve import CVEDataset -from sec_certs.heuristics.cc import compute_references, link_to_protection_profiles +from sec_certs.heuristics.cc import compute_references from sec_certs.heuristics.common import compute_related_cves, compute_transitive_vulnerabilities from sec_certs.sample.cc import CCCertificate -from sec_certs.sample.protection_profile import ProtectionProfile from sec_certs.sample.sar import SAR @@ -40,6 +39,8 @@ def processed_cc_dset( shutil.copytree(analysis_data_dir, tmp_dir, dirs_exist_ok=True) cc_dset = CCDataset.from_json(tmp_dir / "vulnerable_dataset.json") + cc_dset.aux_handlers[ProtectionProfileDatasetHandler].root_dir.mkdir(parents=True, exist_ok=True) + shutil.copy(tmp_dir / "pp.json", cc_dset.aux_handlers[ProtectionProfileDatasetHandler].dset_path) cc_dset.aux_handlers[ProtectionProfileDatasetHandler].process_dataset() cc_dset.aux_handlers[CPEMatchDictHandler].dset = {} @@ -156,29 +157,6 @@ def test_keywords_heuristics(random_certificate: CCCertificate): assert extracted_keywords["cipher_mode"]["CBC"]["CBC"] == 2 -def test_protection_profile_matching(processed_cc_dset: CCDataset, random_certificate: CCCertificate): - artificial_pp: ProtectionProfile = ProtectionProfile( - "Korean National Protection Profile for Single Sign On V1.0", - "EAL1+", - pp_link="http://www.commoncriteriaportal.org/files/ppfiles/KECS-PP-0822-2017%20Korean%20National%20PP%20for%20Single%20Sign%20On%20V1.0(eng).pdf", - ) - - random_certificate.protection_profiles = {artificial_pp} - - expected_pp: ProtectionProfile = ProtectionProfile( - "Korean National Protection Profile for Single Sign On V1.0", - "EAL1+", - pp_link="http://www.commoncriteriaportal.org/files/ppfiles/KECS-PP-0822-2017%20Korean%20National%20PP%20for%20Single%20Sign%20On%20V1.0(eng).pdf", - pp_ids=frozenset(["KECS-PP-0822-2017 SSO V1.0"]), - ) - - link_to_protection_profiles( - processed_cc_dset.aux_handlers[ProtectionProfileDatasetHandler].dset, processed_cc_dset.certs.values() - ) - - assert random_certificate.protection_profiles == {expected_pp} - - def test_single_record_references_heuristics(random_certificate: CCCertificate): # Single record in daset is not affecting nor affected by other records assert not random_certificate.heuristics.report_references.directly_referenced_by @@ -246,3 +224,28 @@ def test_eal_implied_sar_inference(random_certificate: CCCertificate): actual_sars = random_certificate.actual_sars eal_3_sars = {SAR(x[0], x[1]) for x in SARS_IMPLIED_FROM_EAL["EAL3"]} assert eal_3_sars.issubset(actual_sars) + + +def test_eal_inference(processed_cc_dset: CCDataset): + assert processed_cc_dset["ed91ff3e658457fd"].heuristics.eal == "EAL1" + assert processed_cc_dset["95e3850bef32f410"].heuristics.eal == "EAL1+" + + +def test_pp_linking(processed_cc_dset: CCDataset): + assert processed_cc_dset["ed91ff3e658457fd"].heuristics.protection_profiles == {"e315e3e834a61448"} + assert processed_cc_dset["95e3850bef32f410"].heuristics.protection_profiles == { + "b02ed76d2545326a", + "c8b175590bb7fdfb", + } + pp_dset = processed_cc_dset.aux_handlers[ProtectionProfileDatasetHandler].dset + assert processed_cc_dset["ed91ff3e658457fd"].protection_profile_links + assert processed_cc_dset["95e3850bef32f410"].protection_profile_links + assert ( + pp_dset["e315e3e834a61448"].web_data.pp_link in processed_cc_dset["ed91ff3e658457fd"].protection_profile_links + ) + assert ( + pp_dset["b02ed76d2545326a"].web_data.pp_link in processed_cc_dset["95e3850bef32f410"].protection_profile_links + ) + assert ( + pp_dset["c8b175590bb7fdfb"].web_data.pp_link in processed_cc_dset["95e3850bef32f410"].protection_profile_links + ) diff --git a/tests/cc/test_cc_dataset.py b/tests/cc/test_cc_dataset.py index c501054c..7606a921 100644 --- a/tests/cc/test_cc_dataset.py +++ b/tests/cc/test_cc_dataset.py @@ -6,7 +6,6 @@ import pytest from sec_certs import constants -from sec_certs.dataset.auxiliary_dataset_handling import ProtectionProfileDatasetHandler from sec_certs.dataset.cc import CCDataset from sec_certs.sample.cc import CCCertificate @@ -130,17 +129,6 @@ def test_build_dataset(data_dir: Path, cert_one: CCCertificate, toy_dataset: CCD assert dset == toy_dataset -def test_process_pp_dataset(toy_dataset: CCDataset): - with TemporaryDirectory() as tmp_dir: - toy_dataset.copy_dataset(tmp_dir) - toy_dataset.aux_handlers[ProtectionProfileDatasetHandler].process_dataset() - assert toy_dataset.aux_handlers[ProtectionProfileDatasetHandler].dset_path.exists() - assert ( - toy_dataset.aux_handlers[ProtectionProfileDatasetHandler].dset_path.stat().st_size - > constants.MIN_CC_PP_DATASET_SIZE - ) - - @pytest.mark.xfail(reason="May fail due to error on CC server") def test_download_csv_html_files(): with TemporaryDirectory() as tmp_dir: diff --git a/tests/data/cc/analysis/cc_full_dataset.json b/tests/data/cc/analysis/cc_full_dataset.json index ba64903c..a2149b67 100644 --- a/tests/data/cc/analysis/cc_full_dataset.json +++ b/tests/data/cc/analysis/cc_full_dataset.json @@ -35,18 +35,9 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0683b_pdf.pdf", "cert_link": null, "manufacturer_web": "https://www.ibm.com", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [ - { - "_type": "sec_certs.sample.protection_profile.ProtectionProfile", - "pp_name": "Korean National Protection Profile for Single Sign On V1.0", - "pp_eal": "EAL1+", - "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/KECS-PP-0822-2017%20Korean%20National%20PP%20for%20Single%20Sign%20On%20V1.0(eng).pdf", - "pp_ids": [ - "KECS-PP-0822-2017 SSO V1.0" - ] - } ] }, "maintenance_updates": { @@ -56,7 +47,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -65,7 +56,7 @@ "txt_hash": "35627594d3806ac3926ec47f466503fe27781533da12beb6f8705882fccf125e" }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -74,7 +65,7 @@ "txt_hash": "c8b4c5667a3f60edc845051e5a31a2d17b9d9a11df9e56dd89681d25e727a622" }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -730,8 +721,10 @@ }, "direct_transitive_cves": null, "indirect_transitive_cves": null, - "next_certificates": null, - "prev_certificates": null + "next_certificates": null, + "prev_certificates": null, + "protection_profiles": null, + "eal": null } } ] diff --git a/tests/data/cc/analysis/pp.json b/tests/data/cc/analysis/pp.json new file mode 100644 index 00000000..7b96cf8c --- /dev/null +++ b/tests/data/cc/analysis/pp.json @@ -0,0 +1,191 @@ +{ + "_type": "sec_certs.dataset.protection_profile.ProtectionProfileDataset", + "state": { + "_type": "sec_certs.dataset.dataset.Dataset.DatasetInternalState", + "meta_sources_parsed": true, + "artifacts_downloaded": false, + "pdfs_converted": false, + "auxiliary_datasets_processed": false, + "certs_analyzed": false + }, + "timestamp": "2025-01-25 17:39:26.873380", + "sha256_digest": "not implemented", + "name": "ProtectionProfileDataset dataset", + "description": "25/01/2025 17:39:26", + "n_certs": 3, + "certs": [ + { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile", + "dgst": "c8b175590bb7fdfb", + "web_data": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData", + "category": "Access Control Devices and Systems", + "status": "active", + "is_collaborative": false, + "name": "Korean National Protection Profile for Single Sign On V1.0", + "version": "V1.0", + "security_level": { + "_type": "Set", + "elements": [ + "ATE_FUN.1", + "EAL1+" + ] + }, + "not_valid_before": "2017-08-18", + "not_valid_after": null, + "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/KECS-CR-17-58 Korean National PP for Single Sign On V1.0(eng).pdf", + "pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/KECS-PP-0822-2017 Korean National PP for Single Sign On V1.0(eng).pdf", + "scheme": "KR", + "maintenances": [] + }, + "pdf_data": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData", + "report_metadata": null, + "pp_metadata": null, + "report_keywords": null, + "pp_keywords": null, + "report_filename": null, + "pp_filename": null + }, + "heuristics": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics" + }, + "state": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState", + "pp": { + "_type": "sec_certs.sample.document_state.DocumentState", + "download_ok": false, + "convert_garbage": false, + "convert_ok": false, + "extract_ok": false, + "pdf_hash": null, + "txt_hash": null + }, + "report": { + "_type": "sec_certs.sample.document_state.DocumentState", + "download_ok": false, + "convert_garbage": false, + "convert_ok": false, + "extract_ok": false, + "pdf_hash": null, + "txt_hash": null + } + } + }, + { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile", + "dgst": "e315e3e834a61448", + "web_data": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData", + "category": "Other Devices and Systems", + "status": "active", + "is_collaborative": false, + "name": "Protection Profile for Security Module of General-Purpose Health Informatics Software", + "version": "1.0", + "security_level": { + "_type": "Set", + "elements": [ + "EAL2" + ] + }, + "not_valid_before": "2016-09-20", + "not_valid_after": null, + "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/HBYS_PP_CR.pdf", + "pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/HBYS_PP_07_09_2016_Updated.pdf", + "scheme": "TR", + "maintenances": [] + }, + "pdf_data": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData", + "report_metadata": null, + "pp_metadata": null, + "report_keywords": null, + "pp_keywords": null, + "report_filename": null, + "pp_filename": null + }, + "heuristics": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics" + }, + "state": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState", + "pp": { + "_type": "sec_certs.sample.document_state.DocumentState", + "download_ok": false, + "convert_garbage": false, + "convert_ok": false, + "extract_ok": false, + "pdf_hash": null, + "txt_hash": null + }, + "report": { + "_type": "sec_certs.sample.document_state.DocumentState", + "download_ok": false, + "convert_garbage": false, + "convert_ok": false, + "extract_ok": false, + "pdf_hash": null, + "txt_hash": null + } + } + }, + { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile", + "dgst": "b02ed76d2545326a", + "web_data": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData", + "category": "Biometric Systems and Devices", + "status": "active", + "is_collaborative": false, + "name": "Fingerprint Spoof Detection Protection Profile based on Organisational Security Policies (FSDPP_OSP), Version 1.7", + "version": "1.7", + "security_level": { + "_type": "Set", + "elements": [ + "ALC_FLR.1", + "EAL2+" + ] + }, + "not_valid_before": "2010-02-25", + "not_valid_after": null, + "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0062a_pdf.pdf", + "pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0062b_pdf.pdf", + "scheme": "DE", + "maintenances": [] + }, + "pdf_data": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData", + "report_metadata": null, + "pp_metadata": null, + "report_keywords": null, + "pp_keywords": null, + "report_filename": null, + "pp_filename": null + }, + "heuristics": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics" + }, + "state": { + "_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState", + "pp": { + "_type": "sec_certs.sample.document_state.DocumentState", + "download_ok": false, + "convert_garbage": false, + "convert_ok": false, + "extract_ok": false, + "pdf_hash": null, + "txt_hash": null + }, + "report": { + "_type": "sec_certs.sample.document_state.DocumentState", + "download_ok": false, + "convert_garbage": false, + "convert_ok": false, + "extract_ok": false, + "pdf_hash": null, + "txt_hash": null + } + } + } + ] +} diff --git a/tests/data/cc/analysis/reference_dataset.json b/tests/data/cc/analysis/reference_dataset.json index 28234b7e..4ea176de 100644 --- a/tests/data/cc/analysis/reference_dataset.json +++ b/tests/data/cc/analysis/reference_dataset.json @@ -34,7 +34,7 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0517b.pdf", "cert_link": null, "manufacturer_web": "https://global.oce.com/", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [] }, @@ -45,7 +45,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -54,7 +54,7 @@ "txt_hash": "460e8010dbc8f5de5b87bf96fd45c71cfd9f3869f34ca6ac1ab02cbd70d2523f" }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -63,7 +63,7 @@ "txt_hash": "81c53d1e5b1c2fcb129ce1053d13cd1308f7a556921f0b9024cedf75c6b2efb7" }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -580,7 +580,9 @@ "direct_transitive_cves": null, "indirect_transitive_cves": null, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } }, { @@ -604,7 +606,7 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0370b.pdf", "cert_link": null, "manufacturer_web": "https://global.oce.com/", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [] }, @@ -615,7 +617,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -624,7 +626,7 @@ "txt_hash": "0535df1c56fb4f87153cbffee51ba4d77fac47a6f17f024aa7d9df461028bc65" }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -633,7 +635,7 @@ "txt_hash": "926668bea7c427a4fcf82857bfc63420f3597b6bff39699927a58f335620eaac" }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -1228,7 +1230,9 @@ "direct_transitive_cves": null, "indirect_transitive_cves": null, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } }, { @@ -1252,7 +1256,7 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0325b.pdf", "cert_link": null, "manufacturer_web": "https://global.oce.com/", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [] }, @@ -1263,7 +1267,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -1272,7 +1276,7 @@ "txt_hash": "11e1262fd8f5df1b140f5e8813883b71447503781399427b35adbbecd00b4d63" }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -1281,7 +1285,7 @@ "txt_hash": "179b07b4fc7402066a884edea494b28e324315108a5e0820184031f2e2062ad5" }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -1870,7 +1874,9 @@ "direct_transitive_cves": null, "indirect_transitive_cves": null, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } } ] diff --git a/tests/data/cc/analysis/transitive_vulnerability_dataset.json b/tests/data/cc/analysis/transitive_vulnerability_dataset.json index 586ac5a6..7ed77910 100644 --- a/tests/data/cc/analysis/transitive_vulnerability_dataset.json +++ b/tests/data/cc/analysis/transitive_vulnerability_dataset.json @@ -34,18 +34,10 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0874b_pdf.pdf", "cert_link": null, "manufacturer_web": "https://www.ibm.com", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [ - { - "_type": "sec_certs.sample.protection_profile.ProtectionProfile", - "pp_name": "Operating System Protection Profile, Version 2.0", - "pp_eal": "EAL4+", - "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/pp0067b_pdf.pdf", - "pp_ids": [ - "OSPP_V2.0" - ] - } + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0067b_pdf.pdf" ] }, "maintenance_updates": { @@ -55,7 +47,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -64,7 +56,7 @@ "txt_hash": "9d360141a98e764b15855f519b456c4e4639f993c4f8b5ab67e9c8ae7fbfc9e4" }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -73,7 +65,7 @@ "txt_hash": "66271d8bf0b581a2f189301438f2aee13ff3da0bb0bb180bcf518261eb695496" }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -1336,7 +1328,9 @@ ] }, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } }, { @@ -1360,7 +1354,7 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0875b_pdf.pdf", "cert_link": null, "manufacturer_web": "https://www.ibm.com", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [] }, @@ -1371,7 +1365,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -1380,7 +1374,7 @@ "txt_hash": "dd120ba7667c2385839c96ee70c56f2a4d464fc95e3ea2818d31b3347d06fd4f" }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -1389,7 +1383,7 @@ "txt_hash": "f7f7b8f31dddde3f0756cde8843061f01b606bdf266eca71dbcc56b3672d1db5" }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -2287,7 +2281,9 @@ ] }, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } }, { @@ -2311,18 +2307,10 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0948b_pdf.pdf", "cert_link": null, "manufacturer_web": "https://www.ibm.com", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [ - { - "_type": "sec_certs.sample.protection_profile.ProtectionProfile", - "pp_name": "Operating System Protection Profile, Version 2.0", - "pp_eal": "EAL4+", - "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/pp0067b_pdf.pdf", - "pp_ids": [ - "OSPP_V2.0" - ] - } + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0067b_pdf.pdf" ] }, "maintenance_updates": { @@ -2332,7 +2320,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -2341,7 +2329,7 @@ "txt_hash": "0a7c65e3d11f082c8f75aba7de0079c0b1aa5e67bb28d4635cbcaa4cd200d1c2" }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -2350,7 +2338,7 @@ "txt_hash": "90b8e48add278faea4668eccba591d3992bf782669cca1b0a63bf6f21b514cd9" }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -3640,7 +3628,9 @@ "direct_transitive_cves": null, "indirect_transitive_cves": null, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } } ] diff --git a/tests/data/cc/analysis/vulnerable_dataset.json b/tests/data/cc/analysis/vulnerable_dataset.json index 01d720c0..776db230 100644 --- a/tests/data/cc/analysis/vulnerable_dataset.json +++ b/tests/data/cc/analysis/vulnerable_dataset.json @@ -26,7 +26,7 @@ "_type": "Set", "elements": [ "ALC_FLR.1", - "EAL3+" + "EAL1" ] }, "not_valid_before": "2014-12-05", @@ -35,12 +35,17 @@ "st_link": "http://www.commoncriteriaportal.org/files/epfiles/0683b_pdf.pdf", "cert_link": null, "manufacturer_web": "http://www.ibm.com", - "protection_profiles": [], + "protection_profile_links": { + "_type": "Set", + "elements": [ + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/HBYS_PP_07_09_2016_Updated.pdf" + ] + }, "maintenance_updates": [], "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_garbage": false, "convert_ok": true, @@ -49,7 +54,7 @@ "txt_hash": null }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_garbage": false, "convert_ok": true, @@ -58,7 +63,7 @@ "txt_hash": null }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -94,7 +99,9 @@ "cert_lab": null, "cert_id": null, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } }, { @@ -108,8 +115,7 @@ "security_level": { "_type": "Set", "elements": [ - "ALC_FLR.1", - "EAL3+" + "ALC_FLR.1" ] }, "not_valid_before": "2010-12-05", @@ -118,12 +124,18 @@ "st_link": "", "cert_link": null, "manufacturer_web": "http://www.ibm.com", - "protection_profiles": [], + "protection_profile_links": { + "_type": "Set", + "elements": [ + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/KECS-PP-0822-2017 Korean National PP for Single Sign On V1.0(eng).pdf", + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0062b_pdf.pdf" + ] + }, "maintenance_updates": [], "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_garbage": false, "convert_ok": true, @@ -132,7 +144,7 @@ "txt_hash": null }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_garbage": false, "convert_ok": true, @@ -141,7 +153,7 @@ "txt_hash": null }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -177,7 +189,9 @@ "cert_lab": null, "cert_id": null, "next_certificates": null, - "prev_certificates": null + "prev_certificates": null, + "protection_profiles": null, + "eal": null } } ] diff --git a/tests/data/cc/certificate/fictional_cert.json b/tests/data/cc/certificate/fictional_cert.json index 8239c908..327aaf46 100644 --- a/tests/data/cc/certificate/fictional_cert.json +++ b/tests/data/cc/certificate/fictional_cert.json @@ -15,18 +15,12 @@ "not_valid_before": "1900-01-02", "not_valid_after": "1900-01-03", "manufacturer_web": "https://path.to/manufacturer/web", - "protection_profiles": { - "_type": "Set", - "elements": [ - { - "_type": "sec_certs.sample.protection_profile.ProtectionProfile", - "pp_name": "sample_pp", - "pp_eal": null, - "pp_link": "https://sample.pp", - "pp_ids": null - } - ] - }, + "protection_profile_links": { + "_type": "Set", + "elements": [ + "https://sample.pp" + ] + }, "maintenance_updates": { "_type": "Set", "elements": [ @@ -42,7 +36,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -51,7 +45,7 @@ "txt_hash": null }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -60,7 +54,7 @@ "txt_hash": null }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -112,7 +106,9 @@ "indirectly_referenced_by": null, "indirectly_referencing": null }, - "scheme_data": null + "scheme_data": null, + "protection_profiles": null, + "eal": null }, "report_link": "https://path.to/report/link", "st_link": "https://path.to/st/link", diff --git a/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json b/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json index 0c8b1306..d8de0f3a 100644 --- a/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json +++ b/tests/data/cc/dataset/auxiliary_datasets/maintenances/maintenance_updates.json @@ -23,7 +23,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_garbage": false, "convert_ok": false, @@ -32,7 +32,7 @@ "txt_hash": null }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_garbage": false, "convert_ok": false, @@ -41,7 +41,7 @@ "txt_hash": null }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -93,7 +93,9 @@ "indirect_transitive_cves": null, "scheme_data": null, "prev_certificates": null, - "next_certificates": null + "next_certificates": null, + "protection_profiles": null, + "eal": null }, "related_cert_digest": "8f08cacb49a742fb", "maintenance_date": "2019-08-26" diff --git a/tests/data/cc/dataset/toy_dataset.json b/tests/data/cc/dataset/toy_dataset.json index 3395d3e8..d593f382 100644 --- a/tests/data/cc/dataset/toy_dataset.json +++ b/tests/data/cc/dataset/toy_dataset.json @@ -35,7 +35,7 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/ST%20-%20NetIQ%20Identity%20Manager%204.7.pdf", "cert_link": "https://www.commoncriteriaportal.org/files/epfiles/Certifikat%20CCRA%20-%20NetIQ%20Identity%20Manager%204.7_signed.pdf", "manufacturer_web": "https://www.netiq.com/", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [] }, @@ -46,7 +46,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -55,7 +55,7 @@ "txt_hash": null }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -64,7 +64,7 @@ "txt_hash": null }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -116,7 +116,9 @@ "indirectly_referenced_by": null, "indirectly_referencing": null }, - "scheme_data": null + "scheme_data": null, + "protection_profiles": null, + "eal": null } }, { @@ -137,16 +139,10 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/Magic_SSO_V4.0-ST-v1.4_EN.pdf", "cert_link": null, "manufacturer_web": "https://www.dreamsecurity.com/", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [ - { - "_type": "sec_certs.sample.protection_profile.ProtectionProfile", - "pp_name": "Korean National Protection Profile for Single Sign On V1.0", - "pp_eal": "EAL1+", - "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/KECS-PP-0822-2017%20Korean%20National%20PP%20for%20Single%20Sign%20On%20V1.0(eng).pdf", - "pp_ids": null - } + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/KECS-PP-0822-2017%20Korean%20National%20PP%20for%20Single%20Sign%20On%20V1.0(eng).pdf" ] }, "maintenance_updates": { @@ -156,7 +152,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -165,7 +161,7 @@ "txt_hash": null }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -174,7 +170,7 @@ "txt_hash": null }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -226,7 +222,9 @@ "indirectly_referenced_by": null, "indirectly_referencing": null }, - "scheme_data": null + "scheme_data": null, + "protection_profiles": null, + "eal": null } }, { @@ -247,16 +245,10 @@ "st_link": "https://www.commoncriteriaportal.org/files/epfiles/383-4-450%20ST%20v1.3A.pdf", "cert_link": "https://www.commoncriteriaportal.org/files/epfiles/383-4-450%20CT%20v1.0a.pdf", "manufacturer_web": "https://www.fortinet.com/", - "protection_profiles": { + "protection_profile_links": { "_type": "Set", "elements": [ - { - "_type": "sec_certs.sample.protection_profile.ProtectionProfile", - "pp_name": "collaborative Protection Profile for Stateful Traffic Filter Firewalls v2.0 + Errata 20180314", - "pp_eal": null, - "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/CPP_FW_V2.0E.pdf", - "pp_ids": null - } + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_FW_V2.0E.pdf" ] }, "maintenance_updates": { @@ -274,7 +266,7 @@ "state": { "_type": "sec_certs.sample.cc.CCCertificate.InternalState", "report": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -283,7 +275,7 @@ "txt_hash": null }, "st": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -292,7 +284,7 @@ "txt_hash": null }, "cert": { - "_type": "sec_certs.sample.cc.CCCertificate.DocumentState", + "_type": "sec_certs.sample.document_state.DocumentState", "download_ok": false, "convert_garbage": false, "convert_ok": false, @@ -344,7 +336,9 @@ "indirectly_referenced_by": null, "indirectly_referencing": null }, - "scheme_data": null + "scheme_data": null, + "protection_profiles": null, + "eal": null } } ] diff --git a/tests/test_common.py b/tests/test_common.py index 7b29dd8d..66065923 100644 --- a/tests/test_common.py +++ b/tests/test_common.py @@ -1,4 +1,7 @@ +import pytest + from sec_certs.cert_rules import cc_rules, fips_rules, rules +from sec_certs.utils.helpers import choose_lowest_eal def test_rules(): @@ -7,3 +10,18 @@ def test_rules(): for rule_group in rules: if rule_group not in ("cc_rules", "fips_rules", "cc_filename_cert_id"): assert rule_group in cc_rules or rule_group in fips_rules + + +@pytest.mark.parametrize( + "strings, expected", + [ + ({"EAL5", "EAL4+", "EAL3", "random", "EAL7+", "EAL2"}, "EAL2"), + ({"EAL1", "EAL1+", "EAL2", "EAL3+"}, "EAL1"), + ({"random", "no_match"}, None), + ({"EAL5+", "EAL6"}, "EAL5+"), + (set(), None), + ({"EAL100", "EAL10", "EAL20+"}, "EAL10"), + ], +) +def test_find_min_eal(strings, expected): + assert choose_lowest_eal(strings) == expected From 34d89ee888b7da083bdca977b27ef5820f63e3ad Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Mon, 27 Jan 2025 09:44:54 +0100 Subject: [PATCH 07/17] don't delete CCSchemeDatasetHandler when skipping schemes processing --- src/sec_certs/dataset/cc.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sec_certs/dataset/cc.py b/src/sec_certs/dataset/cc.py index 71c691fc..234556fa 100644 --- a/src/sec_certs/dataset/cc.py +++ b/src/sec_certs/dataset/cc.py @@ -298,7 +298,7 @@ def process_auxiliary_datasets( ) if skip_schemes: - del self.aux_handlers[CCSchemeDatasetHandler] + self.aux_handlers[CCSchemeDatasetHandler].only_schemes = {} # type: ignore super().process_auxiliary_datasets(download_fresh, **kwargs) def _merge_certs(self, certs: dict[str, CCCertificate], cert_source: str | None = None) -> None: From e02b40fc02c44a1a28a8b658339704d2853744e1 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Mon, 27 Jan 2025 15:43:16 +0100 Subject: [PATCH 08/17] get rid of duplicate CC URL constant --- src/sec_certs/dataset/cc.py | 26 ++++++++++----------- src/sec_certs/dataset/protection_profile.py | 14 ++++++----- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/src/sec_certs/dataset/cc.py b/src/sec_certs/dataset/cc.py index 234556fa..7c433eae 100644 --- a/src/sec_certs/dataset/cc.py +++ b/src/sec_certs/dataset/cc.py @@ -6,7 +6,7 @@ from collections.abc import Iterator from datetime import datetime from pathlib import Path -from typing import ClassVar, cast +from typing import cast import numpy as np import pandas as pd @@ -178,25 +178,23 @@ def certificates_txt_dir(self) -> Path: def reference_annotator_dir(self) -> Path: return self.root_dir / "reference_annotator" - BASE_URL: ClassVar[str] = "https://www.commoncriteriaportal.org" - HTML_PRODUCTS_URL = { - "cc_products_active.html": BASE_URL + "/products/index.cfm", - "cc_products_archived.html": BASE_URL + "/products/index.cfm?archived=1", + "cc_products_active.html": constants.CC_PORTAL_BASE_URL + "/products/index.cfm", + "cc_products_archived.html": constants.CC_PORTAL_BASE_URL + "/products/index.cfm?archived=1", } - HTML_LABS_URL = {"cc_labs.html": BASE_URL + "/labs"} + HTML_LABS_URL = {"cc_labs.html": constants.CC_PORTAL_BASE_URL + "/labs"} CSV_PRODUCTS_URL = { - "cc_products_active.csv": BASE_URL + "/products/certified_products.csv", - "cc_products_archived.csv": BASE_URL + "/products/certified_products-archived.csv", + "cc_products_active.csv": constants.CC_PORTAL_BASE_URL + "/products/certified_products.csv", + "cc_products_archived.csv": constants.CC_PORTAL_BASE_URL + "/products/certified_products-archived.csv", } PP_URL = { - "cc_pp_active.html": BASE_URL + "/pps/", - "cc_pp_collaborative.html": BASE_URL + "/pps/collaborativePP.cfm?cpp=1", - "cc_pp_archived.html": BASE_URL + "/pps/index.cfm?archived=1", + "cc_pp_active.html": constants.CC_PORTAL_BASE_URL + "/pps/", + "cc_pp_collaborative.html": constants.CC_PORTAL_BASE_URL + "/pps/collaborativePP.cfm?cpp=1", + "cc_pp_archived.html": constants.CC_PORTAL_BASE_URL + "/pps/index.cfm?archived=1", } PP_CSV = { - "cc_pp_active.csv": BASE_URL + "/pps/pps.csv", - "cc_pp_archived.csv": BASE_URL + "/pps/pps-archived.csv", + "cc_pp_active.csv": constants.CC_PORTAL_BASE_URL + "/pps/pps.csv", + "cc_pp_archived.csv": constants.CC_PORTAL_BASE_URL + "/pps/pps-archived.csv", } @property @@ -397,7 +395,7 @@ def map_ip_to_hostname(url: str) -> str: return url tokens = url.split("/") relative_path = "/" + "/".join(tokens[3:]) - return CCDataset.BASE_URL + relative_path + return constants.CC_PORTAL_BASE_URL + relative_path def _get_primary_key_str(row: Tag): return "|".join( diff --git a/src/sec_certs/dataset/protection_profile.py b/src/sec_certs/dataset/protection_profile.py index bb3ab35e..1bb2e3f1 100644 --- a/src/sec_certs/dataset/protection_profile.py +++ b/src/sec_certs/dataset/protection_profile.py @@ -1,7 +1,7 @@ import shutil from datetime import datetime from pathlib import Path -from typing import ClassVar, Literal +from typing import Literal from bs4 import BeautifulSoup @@ -76,13 +76,15 @@ def _compute_heuristics_body(self): def web_dir(self) -> Path: return self.root_dir / "web" - BASE_URL: ClassVar[str] = "https://www.commoncriteriaportal.org" HTML_URL = { - "pp_active.html": BASE_URL + "/pps/index.cfm", - "pp_archived.html": BASE_URL + "/pps/index.cfm?archived=1", - "pp_collaborative.html": BASE_URL + "/pps/collaborativePP.cfm?cpp=1", + "pp_active.html": constants.CC_PORTAL_BASE_URL + "/pps/index.cfm", + "pp_archived.html": constants.CC_PORTAL_BASE_URL + "/pps/index.cfm?archived=1", + "pp_collaborative.html": constants.CC_PORTAL_BASE_URL + "/pps/collaborativePP.cfm?cpp=1", + } + CSV_URL = { + "pp_active.csv": constants.CC_PORTAL_BASE_URL + "/pps/pps.csv", + "pp_archived.csv": constants.CC_PORTAL_BASE_URL + "/pps/pps-archived.csv", } - CSV_URL = {"pp_active.csv": BASE_URL + "/pps/pps.csv", "pp_archived.csv": BASE_URL + "/pps/pps-archived.csv"} @property def active_html_tuples(self) -> list[tuple[str, Path]]: From 09da4e9befb1ae6a1564f8e21b5331081cf68b28 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Mon, 27 Jan 2025 15:45:12 +0100 Subject: [PATCH 09/17] CCDataset, serialize PP links to dataframe --- src/sec_certs/sample/cc.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/sec_certs/sample/cc.py b/src/sec_certs/sample/cc.py index 3069ae6a..ca096a6c 100644 --- a/src/sec_certs/sample/cc.py +++ b/src/sec_certs/sample/cc.py @@ -316,6 +316,7 @@ def serialized_attributes(self) -> list[str]: "directly_referencing", "indirectly_referencing", "extracted_sars", + "protection_profile_links", "protection_profiles", "cert_lab", ] @@ -448,6 +449,7 @@ def pandas_tuple(self) -> tuple: self.heuristics.report_references.directly_referencing, self.heuristics.report_references.indirectly_referencing, self.heuristics.extracted_sars, + self.protection_profile_links if self.protection_profile_links else np.nan, self.heuristics.protection_profiles if self.heuristics.protection_profiles else np.nan, self.heuristics.cert_lab[0] if (self.heuristics.cert_lab and self.heuristics.cert_lab[0]) else np.nan, ) From 1e96600919765b54329bb3a6b949670bcf47450c Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Mon, 27 Jan 2025 15:53:09 +0100 Subject: [PATCH 10/17] bump deps, foster auto updates --- requirements/all_requirements.txt | 488 +++++++++++++++-------------- requirements/compile.sh | 10 +- requirements/dev_requirements.txt | 364 +++++++++++---------- requirements/nlp_requirements.txt | 410 ++++++++++++------------ requirements/requirements.txt | 233 +++++++------- requirements/test_requirements.txt | 241 +++++++------- 6 files changed, 871 insertions(+), 875 deletions(-) diff --git a/requirements/all_requirements.txt b/requirements/all_requirements.txt index 4920e53a..dbf88187 100644 --- a/requirements/all_requirements.txt +++ b/requirements/all_requirements.txt @@ -1,158 +1,160 @@ -accessible-pygments==0.0.4 +accelerate==1.3.0 + # via sentence-transformers +accessible-pygments==0.0.5 # via pydata-sphinx-theme -aiohappyeyeballs==2.4.0 +aiohappyeyeballs==2.4.4 # via aiohttp -aiohttp==3.10.11 +aiohttp==3.11.11 # via # datasets # fsspec -aiosignal==1.3.1 +aiosignal==1.3.2 # via aiohttp -alabaster==0.7.13 +alabaster==1.0.0 # via sphinx -alembic==1.12.1 +alembic==1.14.1 # via optuna -annotated-types==0.6.0 +annotated-types==0.7.0 # via pydantic -appnope==0.1.3 - # via - # ipykernel - # ipython -asttokens==2.4.1 +appnope==0.1.4 + # via ipykernel +asttokens==3.0.0 # via stack-data -attrs==23.1.0 +attrs==25.1.0 # via # aiohttp # jsonschema # jupyter-cache # referencing -babel==2.13.1 +babel==2.16.0 # via # pydata-sphinx-theme # sphinx -beautifulsoup4==4.12.2 +beautifulsoup4==4.12.3 # via # pydata-sphinx-theme # sec-certs (./../pyproject.toml) -bleach==6.1.0 +bleach==6.2.0 # via panel -blis==0.7.11 +blis==1.2.0 # via thinc -bokeh==3.3.1 +bokeh==3.6.2 # via + # holoviews # panel # umap-learn -build==1.0.3 +build==1.2.2.post1 # via pip-tools catalogue==2.0.10 # via # spacy # srsly # thinc -catboost==1.2.2 +catboost==1.2.7 # via sec-certs (./../pyproject.toml) -certifi==2024.7.4 +certifi==2024.12.14 # via requests -cffi==1.16.0 +cffi==1.17.1 # via cryptography cfgv==3.4.0 # via pre-commit -charset-normalizer==3.3.2 +charset-normalizer==3.4.1 # via requests -click==8.1.7 +click==8.1.8 # via # dask # jupyter-cache - # nltk # pip-tools # sec-certs (./../pyproject.toml) # typer -cloudpathlib==0.16.0 +cloudpathlib==0.20.0 # via weasel -cloudpickle==3.0.0 +cloudpickle==3.1.1 # via dask -colorcet==3.0.1 +colorcet==3.1.0 # via # datashader # holoviews # umap-learn -colorlog==6.7.0 +colorlog==6.9.0 # via optuna -comm==0.2.0 +comm==0.2.2 # via # ipykernel # ipywidgets -confection==0.1.3 +confection==0.1.5 # via # thinc # weasel -contourpy==1.2.0 +contourpy==1.3.1 # via # bokeh # matplotlib -coverage[toml]==7.3.2 +coverage[toml]==7.6.10 # via # pytest-cov # sec-certs (./../pyproject.toml) -cryptography==43.0.1 +cryptography==44.0.0 # via pypdf cycler==0.12.1 # via matplotlib -cymem==2.0.8 +cymem==2.0.11 # via # preshed # spacy # thinc -dask==2023.11.0 +dask==2025.1.0 # via datashader -datasets==2.15.0 +datasets==3.2.0 # via # evaluate # sec-certs (./../pyproject.toml) + # sentence-transformers # setfit -datashader==0.16.0 +datashader==0.16.3 # via umap-learn dateparser==1.2.0 # via sec-certs (./../pyproject.toml) -debugpy==1.8.0 +debugpy==1.8.12 # via ipykernel decorator==5.1.1 # via ipython -deprecated==1.2.14 +deprecated==1.2.18 # via pikepdf -dill==0.3.7 +dill==0.3.8 # via # datasets # evaluate # multiprocess -distlib==0.3.7 +distlib==0.3.9 # via virtualenv -distro==1.8.0 +distro==1.9.0 # via tabula-py -docutils==0.19 +docutils==0.21.2 # via # myst-parser # pydata-sphinx-theme # sphinx -evaluate==0.4.1 +evaluate==0.4.3 # via setfit -executing==2.0.1 +executing==2.2.0 # via stack-data -fastjsonschema==2.19.0 +fastjsonschema==2.21.1 # via nbformat -filelock==3.13.1 +filelock==3.17.0 # via + # datasets # huggingface-hub # torch # transformers # virtualenv -fonttools==4.45.0 +fonttools==4.55.6 # via matplotlib -frozenlist==1.4.0 +frozenlist==1.5.0 # via # aiohttp # aiosignal -fsspec[http]==2023.10.0 +fsspec[http]==2024.9.0 # via # dask # datasets @@ -160,127 +162,133 @@ fsspec[http]==2023.10.0 # fsspec # huggingface-hub # torch -gprof2dot==2022.7.29 +gprof2dot==2024.6.6 # via pytest-profiling -graphviz==0.20.1 +graphviz==0.20.3 # via catboost -holoviews==1.18.1 +holoviews==1.20.0 # via umap-learn html5lib==1.1 # via sec-certs (./../pyproject.toml) -huggingface-hub==0.19.4 +huggingface-hub==0.27.1 # via + # accelerate # datasets # evaluate # sentence-transformers + # setfit # tokenizers # transformers -identify==2.5.32 +identify==2.6.6 # via pre-commit -idna==3.7 +idna==3.10 # via # requests # yarl -imageio==2.33.0 +imageio==2.37.0 # via scikit-image imagesize==1.4.1 # via sphinx -importlib-metadata==6.8.0 +importlib-metadata==8.6.1 # via # dask # jupyter-cache # myst-nb iniconfig==2.0.0 # via pytest -ipykernel==6.27.0 +ipykernel==6.29.5 # via # myst-nb # sec-certs (./../pyproject.toml) -ipython==8.17.2 +ipython==8.31.0 # via # ipykernel # ipywidgets # myst-nb # sec-certs (./../pyproject.toml) -ipywidgets==8.1.1 +ipywidgets==8.1.5 # via sec-certs (./../pyproject.toml) -jedi==0.19.1 +jedi==0.19.2 # via ipython -jinja2==3.1.4 +jinja2==3.1.5 # via # bokeh # myst-parser # spacy # sphinx # torch -joblib==1.3.2 +joblib==1.4.2 # via - # nltk # pynndescent # scikit-learn -jsonschema==4.20.0 +jsonschema==4.23.0 # via # nbformat # sec-certs (./../pyproject.toml) -jsonschema-specifications==2023.11.1 +jsonschema-specifications==2024.10.1 # via jsonschema -jupyter-cache==1.0.0 +jupyter-cache==1.0.1 # via myst-nb -jupyter-client==8.6.0 +jupyter-client==8.6.3 # via # ipykernel # nbclient -jupyter-core==5.5.0 +jupyter-core==5.7.2 # via # ipykernel # jupyter-client # nbclient # nbformat -jupyterlab-widgets==3.0.9 +jupyterlab-widgets==3.0.13 # via ipywidgets -kiwisolver==1.4.5 +kiwisolver==1.4.8 # via matplotlib -langcodes==3.3.0 +langcodes==3.5.0 # via spacy -lazy-loader==0.3 +language-data==1.3.0 + # via langcodes +lazy-loader==0.4 # via scikit-image -linkify-it-py==2.0.2 +linkify-it-py==2.0.3 # via panel -llvmlite==0.41.1 +llvmlite==0.44.0 # via # numba # pynndescent locket==1.0.0 # via partd -lxml==4.9.3 +lxml==5.3.0 # via # pikepdf # sec-certs (./../pyproject.toml) -mako==1.3.0 +mako==1.3.8 # via alembic -markdown==3.5.1 +marisa-trie==1.2.1 + # via language-data +markdown==3.7 # via panel markdown-it-py==3.0.0 # via # mdit-py-plugins # myst-parser # panel -markupsafe==2.1.3 + # rich +markupsafe==3.0.2 # via # jinja2 # mako -matplotlib==3.8.2 +matplotlib==3.10.0 # via # catboost # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) # umap-learn -matplotlib-inline==0.1.6 +matplotlib-inline==0.1.7 # via # ipykernel # ipython -mdit-py-plugins==0.4.0 +mdit-py-plugins==0.4.2 # via # myst-parser # panel @@ -290,17 +298,17 @@ memory-profiler==0.61.0 # via pytest-monitor mpmath==1.3.0 # via sympy -multidict==6.0.4 +multidict==6.1.0 # via # aiohttp # yarl multipledispatch==1.0.0 # via datashader -multiprocess==0.70.15 +multiprocess==0.70.16 # via # datasets # evaluate -murmurhash==1.0.10 +murmurhash==1.0.12 # via # preshed # spacy @@ -309,37 +317,36 @@ mypy==1.13.0 # via sec-certs (./../pyproject.toml) mypy-extensions==1.0.0 # via mypy -myst-nb==1.0.0 +myst-nb==1.1.2 # via sec-certs (./../pyproject.toml) -myst-parser==2.0.0 +myst-parser==4.0.0 # via myst-nb -nbclient==0.9.0 +nbclient==0.10.2 # via # jupyter-cache # myst-nb -nbformat==5.9.2 +nbformat==5.10.4 # via # jupyter-cache # myst-nb # nbclient -nest-asyncio==1.5.8 +nest-asyncio==1.6.0 # via ipykernel -networkx==3.2.1 +networkx==3.4.2 # via # scikit-image # sec-certs (./../pyproject.toml) # torch -nltk==3.9 - # via sentence-transformers -nodeenv==1.8.0 +nodeenv==1.9.1 # via pre-commit -numba==0.58.1 +numba==0.61.0 # via # datashader # pynndescent # umap-learn -numpy==1.26.2 +numpy==1.26.4 # via + # accelerate # blis # bokeh # catboost @@ -353,42 +360,43 @@ numpy==1.26.2 # numba # optuna # pandas - # pyarrow # pysankeybeta # scikit-image # scikit-learn # scipy # seaborn # sec-certs (./../pyproject.toml) - # sentence-transformers # spacy # tabula-py # thinc # tifffile - # torchvision # transformers # umap-learn # xarray -optuna==3.4.0 +optuna==4.2.0 # via sec-certs (./../pyproject.toml) -packaging==23.2 +packaging==24.2 # via + # accelerate # bokeh # build # dask # datasets + # datashader # evaluate # holoviews # huggingface-hub # ipykernel + # lazy-loader # matplotlib # optuna + # panel # pikepdf # plotly - # pydata-sphinx-theme # pytesseract # pytest # scikit-image + # setfit # setuptools-scm # spacy # sphinx @@ -396,7 +404,7 @@ packaging==23.2 # transformers # weasel # xarray -pandas==2.1.3 +pandas==2.2.3 # via # bokeh # catboost @@ -411,26 +419,26 @@ pandas==2.1.3 # tabula-py # umap-learn # xarray -panel==1.3.2 +panel==1.6.0 # via holoviews -param==2.0.1 +param==2.2.0 # via # datashader # holoviews # panel # pyct # pyviz-comms -parso==0.8.3 +parso==0.8.4 # via jedi -partd==1.4.1 +partd==1.4.2 # via dask pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) -pexpect==4.8.0 +pexpect==4.9.0 # via ipython -pikepdf==8.7.1 +pikepdf==9.5.1 # via sec-certs (./../pyproject.toml) -pillow==10.3.0 +pillow==11.1.0 # via # bokeh # datashader @@ -440,52 +448,51 @@ pillow==10.3.0 # pytesseract # scikit-image # sec-certs (./../pyproject.toml) - # torchvision -pip-tools==7.3.0 + # sentence-transformers +pip-tools==7.4.1 # via sec-certs (./../pyproject.toml) pkgconfig==1.5.5 # via sec-certs (./../pyproject.toml) -platformdirs==4.0.0 +platformdirs==4.3.6 # via # jupyter-core # virtualenv -plotly==5.18.0 +plotly==5.24.1 # via # catboost # sec-certs (./../pyproject.toml) -pluggy==1.3.0 +pluggy==1.5.0 # via pytest -pre-commit==3.5.0 +pre-commit==4.1.0 # via sec-certs (./../pyproject.toml) preshed==3.0.9 # via # spacy # thinc -prompt-toolkit==3.0.41 +prompt-toolkit==3.0.50 # via ipython -propcache==0.2.0 - # via yarl -psutil==5.9.6 +propcache==0.2.1 # via + # aiohttp + # yarl +psutil==6.1.1 + # via + # accelerate # ipykernel # memory-profiler # pytest-monitor # sec-certs (./../pyproject.toml) ptyprocess==0.7.0 # via pexpect -pure-eval==0.2.2 +pure-eval==0.2.3 # via stack-data -pyarrow==14.0.1 - # via datasets -pyarrow-hotfix==0.6 +pyarrow==19.0.0 # via datasets -pycparser==2.21 +pycparser==2.22 # via cffi pyct==0.5.0 - # via - # colorcet - # datashader -pydantic==2.5.2 + # via datashader +pydantic==2.10.6 # via # confection # pydantic-settings @@ -493,63 +500,67 @@ pydantic==2.5.2 # spacy # thinc # weasel -pydantic-core==2.14.5 +pydantic-core==2.27.2 # via pydantic -pydantic-settings==2.1.0 +pydantic-settings==2.7.1 # via sec-certs (./../pyproject.toml) -pydata-sphinx-theme==0.14.3 +pydata-sphinx-theme==0.16.1 # via sphinx-book-theme -pygments==2.17.2 +pygments==2.19.1 # via # accessible-pygments # ipython # pydata-sphinx-theme + # rich # sphinx -pynndescent==0.5.11 +pynndescent==0.5.13 # via umap-learn -pyparsing==3.1.1 +pyparsing==3.2.1 # via matplotlib -pypdf[crypto]==3.17.1 +pypdf[crypto]==5.2.0 # via # pypdf # sec-certs (./../pyproject.toml) -pyproject-hooks==1.0.0 - # via build -pysankeybeta==1.4.1 +pyproject-hooks==1.2.0 + # via + # build + # pip-tools +pysankeybeta==1.4.2 # via sec-certs (./../pyproject.toml) -pytesseract==0.3.10 +pytesseract==0.3.13 # via sec-certs (./../pyproject.toml) -pytest==7.4.3 +pytest==8.3.4 # via # pytest-cov # pytest-monitor # pytest-profiling # sec-certs (./../pyproject.toml) -pytest-cov==4.1.0 +pytest-cov==6.0.0 # via sec-certs (./../pyproject.toml) pytest-monitor==1.6.6 # via sec-certs (./../pyproject.toml) -pytest-profiling==1.7.0 +pytest-profiling==1.8.1 # via sec-certs (./../pyproject.toml) -python-dateutil==2.8.2 +python-dateutil==2.9.0.post0 # via # dateparser # jupyter-client # matplotlib # pandas # sec-certs (./../pyproject.toml) -python-dotenv==1.0.0 +python-dotenv==1.0.1 # via pydantic-settings -pytz==2023.3.post1 +pytz==2024.2 # via # dateparser # pandas -pyviz-comms==3.0.0 +pyviz-comms==3.0.4 # via # holoviews # panel -pyyaml==6.0.1 +pyyaml==6.0.2 # via + # accelerate # bokeh # dask # datasets @@ -561,56 +572,55 @@ pyyaml==6.0.1 # pre-commit # sec-certs (./../pyproject.toml) # transformers -pyzmq==25.1.1 +pyzmq==26.2.0 # via # ipykernel # jupyter-client -rapidfuzz==3.5.2 +rapidfuzz==3.11.0 # via sec-certs (./../pyproject.toml) -referencing==0.31.0 +referencing==0.36.2 # via # jsonschema # jsonschema-specifications -regex==2023.10.3 +regex==2024.11.6 # via # dateparser - # nltk # transformers -requests==2.32.0 +requests==2.32.3 # via # datasets # datashader # evaluate - # fsspec # huggingface-hub # panel # pytest-monitor - # responses # sec-certs (./../pyproject.toml) # spacy # sphinx - # torchvision # transformers # weasel -responses==0.18.0 - # via evaluate -rpds-py==0.13.1 +rich==13.9.4 + # via typer +rpds-py==0.22.3 # via # jsonschema # referencing ruff==0.7.4 # via sec-certs (./../pyproject.toml) -safetensors==0.4.5 - # via transformers -scikit-image==0.22.0 +safetensors==0.5.2 + # via + # accelerate + # transformers +scikit-image==0.25.1 # via umap-learn -scikit-learn==1.5.0 +scikit-learn==1.6.1 # via # pynndescent # sec-certs (./../pyproject.toml) # sentence-transformers + # setfit # umap-learn -scipy==1.11.4 +scipy==1.15.1 # via # catboost # datashader @@ -620,42 +630,40 @@ scipy==1.11.4 # sec-certs (./../pyproject.toml) # sentence-transformers # umap-learn -seaborn==0.13.0 +seaborn==0.13.2 # via # pysankeybeta # sec-certs (./../pyproject.toml) # umap-learn -sentence-transformers==2.2.2 - # via setfit -sentencepiece==0.1.99 - # via sentence-transformers -setfit==0.7.0 +sentence-transformers[train]==3.4.0 + # via + # sentence-transformers + # setfit +setfit==1.1.1 # via sec-certs (./../pyproject.toml) -setuptools-scm==8.0.4 +setuptools-scm==8.1.0 # via sec-certs (./../pyproject.toml) -six==1.16.0 +shellingham==1.5.4 + # via typer +six==1.17.0 # via - # asttokens - # bleach # catboost # html5lib # pytest-profiling # python-dateutil -smart-open==6.4.0 - # via - # spacy - # weasel +smart-open==7.1.0 + # via weasel snowballstemmer==2.2.0 # via sphinx -soupsieve==2.5 +soupsieve==2.6 # via beautifulsoup4 -spacy==3.7.2 +spacy==3.8.4 # via sec-certs (./../pyproject.toml) spacy-legacy==3.0.12 # via spacy spacy-loggers==1.0.5 # via spacy -sphinx==6.2.1 +sphinx==8.1.3 # via # myst-nb # myst-parser @@ -664,35 +672,30 @@ sphinx==6.2.1 # sphinx-book-theme # sphinx-copybutton # sphinx-design - # sphinxcontrib-applehelp - # sphinxcontrib-devhelp - # sphinxcontrib-htmlhelp - # sphinxcontrib-qthelp - # sphinxcontrib-serializinghtml -sphinx-book-theme==1.0.1 +sphinx-book-theme==1.1.3 # via sec-certs (./../pyproject.toml) sphinx-copybutton==0.5.2 # via sec-certs (./../pyproject.toml) -sphinx-design==0.5.0 +sphinx-design==0.6.1 # via sec-certs (./../pyproject.toml) -sphinxcontrib-applehelp==1.0.7 +sphinxcontrib-applehelp==2.0.0 # via sphinx -sphinxcontrib-devhelp==1.0.5 +sphinxcontrib-devhelp==2.0.0 # via sphinx -sphinxcontrib-htmlhelp==2.0.4 +sphinxcontrib-htmlhelp==2.1.0 # via sphinx sphinxcontrib-jsmath==1.0.1 # via sphinx -sphinxcontrib-qthelp==1.0.6 +sphinxcontrib-qthelp==2.0.0 # via sphinx -sphinxcontrib-serializinghtml==1.1.9 +sphinxcontrib-serializinghtml==2.0.0 # via sphinx -sqlalchemy==2.0.23 +sqlalchemy==2.0.37 # via # alembic # jupyter-cache # optuna -srsly==2.4.8 +srsly==2.5.1 # via # confection # spacy @@ -700,44 +703,41 @@ srsly==2.4.8 # weasel stack-data==0.6.3 # via ipython -sympy==1.12 +sympy==1.13.1 # via torch -tabula-py==2.9.0 +tabula-py==2.10.0 # via sec-certs (./../pyproject.toml) tabulate==0.9.0 # via jupyter-cache -tenacity==8.2.3 +tenacity==9.0.0 # via plotly -thinc==8.2.1 +thinc==8.3.4 # via spacy -threadpoolctl==3.2.0 +threadpoolctl==3.5.0 # via scikit-learn -tifffile==2023.9.26 +tifffile==2025.1.10 # via scikit-image -tokenizers==0.15.0 +tokenizers==0.21.0 # via transformers -toolz==0.12.0 +toolz==1.0.0 # via # dask # datashader # partd -torch==2.1.1 +torch==2.5.1 # via + # accelerate # sentence-transformers - # torchvision -torchvision==0.16.1 - # via sentence-transformers -tornado==6.4.1 +tornado==6.4.2 # via # bokeh # ipykernel # jupyter-client -tqdm==4.66.3 +tqdm==4.67.1 # via # datasets # evaluate # huggingface-hub - # nltk # optuna # panel # sec-certs (./../pyproject.toml) @@ -745,7 +745,7 @@ tqdm==4.66.3 # spacy # transformers # umap-learn -traitlets==5.13.0 +traitlets==5.14.3 # via # comm # ipykernel @@ -756,81 +756,83 @@ traitlets==5.13.0 # matplotlib-inline # nbclient # nbformat -transformers==4.38.0 - # via sentence-transformers -typer==0.9.0 +transformers==4.48.1 + # via + # sentence-transformers + # setfit +typer==0.15.1 # via # spacy # weasel -types-python-dateutil==2.8.19.14 +types-python-dateutil==2.9.0.20241206 # via sec-certs (./../pyproject.toml) -types-pyyaml==6.0.12.12 +types-pyyaml==6.0.12.20241230 # via sec-certs (./../pyproject.toml) -types-requests==2.31.0.10 +types-requests==2.32.0.20241016 # via sec-certs (./../pyproject.toml) -typing-extensions==4.8.0 +typing-extensions==4.12.2 # via # alembic # huggingface-hub + # ipython # mypy # myst-nb # panel # pydantic # pydantic-core # pydata-sphinx-theme - # setuptools-scm + # referencing # sqlalchemy # torch # typer -tzdata==2023.3 +tzdata==2025.1 # via pandas tzlocal==5.2 # via dateparser -uc-micro-py==1.0.2 +uc-micro-py==1.0.3 # via linkify-it-py -umap-learn[plot]==0.5.5 +umap-learn[plot]==0.5.7 # via sec-certs (./../pyproject.toml) -urllib3==2.2.2 +urllib3==2.3.0 # via # requests - # responses # types-requests -virtualenv==20.24.7 +virtualenv==20.29.1 # via pre-commit -wasabi==1.1.2 +wasabi==1.1.3 # via # spacy # thinc # weasel -wcwidth==0.2.12 +wcwidth==0.2.13 # via prompt-toolkit -weasel==0.3.4 +weasel==0.4.1 # via spacy webencodings==0.5.1 # via # bleach # html5lib -wheel==0.41.3 +wheel==0.45.1 # via # pip-tools # pytest-monitor -widgetsnbextension==4.0.9 +widgetsnbextension==4.0.13 # via ipywidgets -wrapt==1.16.0 - # via deprecated -xarray==2023.11.0 +wrapt==1.17.2 + # via + # deprecated + # smart-open +xarray==2025.1.1 # via datashader -xxhash==3.4.1 +xxhash==3.5.0 # via # datasets # evaluate -xyzservices==2023.10.1 - # via - # bokeh - # panel -yarl==1.17.2 +xyzservices==2025.1.0 + # via bokeh +yarl==1.18.3 # via aiohttp -zipp==3.19.1 +zipp==3.21.0 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/compile.sh b/requirements/compile.sh index 743006b2..ffb74e93 100755 --- a/requirements/compile.sh +++ b/requirements/compile.sh @@ -2,8 +2,8 @@ # See CONTRIBUTING.md for description -pip-compile --no-header -o requirements.txt ./../pyproject.toml -pip-compile --no-header --extra dev -o dev_requirements.txt ./../pyproject.toml -pip-compile --no-header --extra test -o test_requirements.txt ./../pyproject.toml -pip-compile --no-header --extra nlp -o nlp_requirements.txt ./../pyproject.toml -pip-compile --no-header --extra dev --extra test --extra nlp -o all_requirements.txt ./../pyproject.toml +pip-compile --upgrade --no-header -o requirements.txt ./../pyproject.toml +pip-compile --upgrade --no-header --extra dev -o dev_requirements.txt ./../pyproject.toml +pip-compile --upgrade --no-header --extra test -o test_requirements.txt ./../pyproject.toml +pip-compile --upgrade --no-header --extra nlp -o nlp_requirements.txt ./../pyproject.toml +pip-compile --upgrade --no-header --extra dev --extra test --extra nlp -o all_requirements.txt ./../pyproject.toml diff --git a/requirements/dev_requirements.txt b/requirements/dev_requirements.txt index c992c8a5..1995d48e 100644 --- a/requirements/dev_requirements.txt +++ b/requirements/dev_requirements.txt @@ -1,264 +1,262 @@ -accessible-pygments==0.0.4 +accessible-pygments==0.0.5 # via pydata-sphinx-theme -aiohappyeyeballs==2.4.0 +aiohappyeyeballs==2.4.4 # via aiohttp -aiohttp==3.10.11 -aiohttp==3.10.11 +aiohttp==3.11.11 # via # datasets # fsspec -aiosignal==1.3.1 +aiosignal==1.3.2 # via aiohttp -alabaster==0.7.13 +alabaster==1.0.0 # via sphinx -annotated-types==0.6.0 +annotated-types==0.7.0 # via pydantic appnope==0.1.4 -appnope==0.1.4 - # via - # ipykernel - # ipython -asttokens==2.4.1 + # via ipykernel +asttokens==3.0.0 # via stack-data -attrs==23.1.0 +attrs==25.1.0 # via # aiohttp # jsonschema # jupyter-cache # referencing -babel==2.13.1 +babel==2.16.0 # via # pydata-sphinx-theme # sphinx -beautifulsoup4==4.12.2 +beautifulsoup4==4.12.3 # via # pydata-sphinx-theme # sec-certs (./../pyproject.toml) -blis==0.7.11 +blis==1.2.0 # via thinc -build==1.0.3 +build==1.2.2.post1 # via pip-tools catalogue==2.0.10 # via # spacy # srsly # thinc -certifi==2024.7.4 +certifi==2024.12.14 # via requests -cffi==1.16.0 +cffi==1.17.1 # via cryptography cfgv==3.4.0 # via pre-commit -charset-normalizer==3.3.2 +charset-normalizer==3.4.1 # via requests -click==8.1.7 +click==8.1.8 # via # jupyter-cache # pip-tools # sec-certs (./../pyproject.toml) # typer -cloudpathlib==0.16.0 +cloudpathlib==0.20.0 # via weasel -comm==0.2.0 +comm==0.2.2 # via # ipykernel # ipywidgets -confection==0.1.3 +confection==0.1.5 # via # thinc # weasel -contourpy==1.2.0 +contourpy==1.3.1 # via matplotlib -coverage[toml]==7.3.2 +coverage[toml]==7.6.10 # via # coverage # pytest-cov -cryptography==43.0.1 +cryptography==44.0.0 # via pypdf cycler==0.12.1 # via matplotlib -cymem==2.0.8 +cymem==2.0.11 # via # preshed # spacy # thinc -datasets==2.15.0 +datasets==3.2.0 # via sec-certs (./../pyproject.toml) dateparser==1.2.0 # via sec-certs (./../pyproject.toml) -dateparser==1.2.0 - # via sec-certs (./../pyproject.toml) -debugpy==1.8.0 +debugpy==1.8.12 # via ipykernel decorator==5.1.1 # via ipython -deprecated==1.2.14 +deprecated==1.2.18 # via pikepdf -dill==0.3.7 +dill==0.3.8 # via # datasets # multiprocess -distlib==0.3.7 +distlib==0.3.9 # via virtualenv -distro==1.8.0 +distro==1.9.0 # via tabula-py -docutils==0.19 +docutils==0.21.2 # via # myst-parser # pydata-sphinx-theme # sphinx -executing==2.0.1 +executing==2.2.0 # via stack-data -fastjsonschema==2.19.0 +fastjsonschema==2.21.1 # via nbformat -filelock==3.13.1 +filelock==3.17.0 # via + # datasets # huggingface-hub # virtualenv -fonttools==4.45.0 +fonttools==4.55.6 # via matplotlib -frozenlist==1.4.0 +frozenlist==1.5.0 # via # aiohttp # aiosignal -fsspec[http]==2023.10.0 +fsspec[http]==2024.9.0 # via # datasets # fsspec # huggingface-hub -gprof2dot==2022.7.29 +gprof2dot==2024.6.6 # via pytest-profiling html5lib==1.1 # via sec-certs (./../pyproject.toml) -huggingface-hub==0.19.4 +huggingface-hub==0.27.1 # via datasets -identify==2.5.32 +identify==2.6.6 # via pre-commit -idna==3.7 +idna==3.10 # via # requests # yarl imagesize==1.4.1 # via sphinx -importlib-metadata==6.8.0 +importlib-metadata==8.6.1 # via # jupyter-cache # myst-nb iniconfig==2.0.0 # via pytest -ipykernel==6.27.0 +ipykernel==6.29.5 # via # myst-nb # sec-certs (./../pyproject.toml) -ipython==8.17.2 +ipython==8.31.0 # via # ipykernel # ipywidgets # myst-nb # sec-certs (./../pyproject.toml) -ipywidgets==8.1.1 +ipywidgets==8.1.5 # via sec-certs (./../pyproject.toml) -jedi==0.19.1 +jedi==0.19.2 # via ipython -jinja2==3.1.4 +jinja2==3.1.5 # via # myst-parser # spacy # sphinx -joblib==1.3.2 +joblib==1.4.2 # via scikit-learn -jsonschema==4.20.0 +jsonschema==4.23.0 # via # nbformat # sec-certs (./../pyproject.toml) -jsonschema-specifications==2023.11.1 +jsonschema-specifications==2024.10.1 # via jsonschema -jupyter-cache==1.0.0 +jupyter-cache==1.0.1 # via myst-nb -jupyter-client==8.6.0 +jupyter-client==8.6.3 # via # ipykernel # nbclient -jupyter-core==5.5.0 +jupyter-core==5.7.2 # via # ipykernel # jupyter-client # nbclient # nbformat -jupyterlab-widgets==3.0.9 +jupyterlab-widgets==3.0.13 # via ipywidgets -kiwisolver==1.4.5 +kiwisolver==1.4.8 # via matplotlib -langcodes==3.3.0 +langcodes==3.5.0 # via spacy -lxml==4.9.3 +language-data==1.3.0 + # via langcodes +lxml==5.3.0 # via # pikepdf # sec-certs (./../pyproject.toml) +marisa-trie==1.2.1 + # via language-data markdown-it-py==3.0.0 # via # mdit-py-plugins # myst-parser -markupsafe==2.1.3 + # rich +markupsafe==3.0.2 # via jinja2 -matplotlib==3.8.2 +matplotlib==3.10.0 # via # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) -matplotlib-inline==0.1.6 +matplotlib-inline==0.1.7 # via # ipykernel # ipython -mdit-py-plugins==0.4.0 +mdit-py-plugins==0.4.2 # via myst-parser mdurl==0.1.2 # via markdown-it-py memory-profiler==0.61.0 # via pytest-monitor -multidict==6.0.4 +multidict==6.1.0 # via # aiohttp # yarl -multiprocess==0.70.15 +multiprocess==0.70.16 # via datasets -murmurhash==1.0.10 +murmurhash==1.0.12 # via # preshed # spacy # thinc -mypy==1.13.0 mypy==1.13.0 # via sec-certs (./../pyproject.toml) mypy-extensions==1.0.0 # via mypy -myst-nb==1.0.0 +myst-nb==1.1.2 # via sec-certs (./../pyproject.toml) -myst-parser==2.0.0 +myst-parser==4.0.0 # via myst-nb -nbclient==0.9.0 +nbclient==0.10.2 # via # jupyter-cache # myst-nb -nbformat==5.9.2 +nbformat==5.10.4 # via # jupyter-cache # myst-nb # nbclient -nest-asyncio==1.5.8 +nest-asyncio==1.6.0 # via ipykernel -networkx==3.2.1 +networkx==3.4.2 # via sec-certs (./../pyproject.toml) -nodeenv==1.8.0 +nodeenv==1.9.1 # via pre-commit -numpy==1.26.2 +numpy==2.2.2 # via # blis # contourpy # datasets # matplotlib # pandas - # pyarrow # pysankeybeta # scikit-learn # scipy @@ -267,7 +265,7 @@ numpy==1.26.2 # spacy # tabula-py # thinc -packaging==23.2 +packaging==24.2 # via # build # datasets @@ -275,7 +273,6 @@ packaging==23.2 # ipykernel # matplotlib # pikepdf - # pydata-sphinx-theme # pytesseract # pytest # setuptools-scm @@ -283,50 +280,50 @@ packaging==23.2 # sphinx # thinc # weasel -pandas==2.1.3 +pandas==2.2.3 # via # datasets # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) # tabula-py -parso==0.8.3 +parso==0.8.4 # via jedi pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) -pexpect==4.8.0 +pexpect==4.9.0 # via ipython -pikepdf==8.7.1 +pikepdf==9.5.1 # via sec-certs (./../pyproject.toml) -pillow==10.3.0 +pillow==11.1.0 # via # matplotlib # pikepdf # pytesseract # sec-certs (./../pyproject.toml) -pip-tools==7.3.0 +pip-tools==7.4.1 # via sec-certs (./../pyproject.toml) pkgconfig==1.5.5 # via sec-certs (./../pyproject.toml) -platformdirs==4.0.0 +platformdirs==4.3.6 # via # jupyter-core # virtualenv -pluggy==1.3.0 +pluggy==1.5.0 # via pytest -pre-commit==3.5.0 +pre-commit==4.1.0 # via sec-certs (./../pyproject.toml) preshed==3.0.9 # via # spacy # thinc -prompt-toolkit==3.0.41 +prompt-toolkit==3.0.50 # via ipython -propcache==0.2.0 - # via yarl -propcache==0.2.0 - # via yarl -psutil==5.9.6 +propcache==0.2.1 + # via + # aiohttp + # yarl +psutil==6.1.1 # via # ipykernel # memory-profiler @@ -334,15 +331,13 @@ psutil==5.9.6 # sec-certs (./../pyproject.toml) ptyprocess==0.7.0 # via pexpect -pure-eval==0.2.2 +pure-eval==0.2.3 # via stack-data -pyarrow==14.0.1 +pyarrow==19.0.0 # via datasets -pyarrow-hotfix==0.6 - # via datasets -pycparser==2.21 +pycparser==2.22 # via cffi -pydantic==2.5.2 +pydantic==2.10.6 # via # confection # pydantic-settings @@ -350,60 +345,59 @@ pydantic==2.5.2 # spacy # thinc # weasel -pydantic-core==2.14.5 +pydantic-core==2.27.2 # via pydantic -pydantic-settings==2.1.0 +pydantic-settings==2.7.1 # via sec-certs (./../pyproject.toml) -pydata-sphinx-theme==0.14.3 +pydata-sphinx-theme==0.16.1 # via sphinx-book-theme -pygments==2.17.2 +pygments==2.19.1 # via # accessible-pygments # ipython # pydata-sphinx-theme + # rich # sphinx -pyparsing==3.1.1 +pyparsing==3.2.1 # via matplotlib -pypdf[crypto]==3.17.1 +pypdf[crypto]==5.2.0 # via # pypdf # sec-certs (./../pyproject.toml) -pyproject-hooks==1.0.0 - # via build -pysankeybeta==1.4.1 +pyproject-hooks==1.2.0 + # via + # build + # pip-tools +pysankeybeta==1.4.2 # via sec-certs (./../pyproject.toml) -pytesseract==0.3.10 +pytesseract==0.3.13 # via sec-certs (./../pyproject.toml) -pytest==7.4.3 +pytest==8.3.4 # via # pytest-cov # pytest-monitor # pytest-profiling # sec-certs (./../pyproject.toml) -pytest-cov==4.1.0 +pytest-cov==6.0.0 # via sec-certs (./../pyproject.toml) pytest-monitor==1.6.6 # via sec-certs (./../pyproject.toml) -pytest-profiling==1.7.0 +pytest-profiling==1.8.1 # via sec-certs (./../pyproject.toml) -python-dateutil==2.8.2 +python-dateutil==2.9.0.post0 # via # dateparser - # dateparser # jupyter-client # matplotlib # pandas # sec-certs (./../pyproject.toml) -python-dotenv==1.0.0 +python-dotenv==1.0.1 # via pydantic-settings -pytz==2023.3.post1 +pytz==2024.2 # via # dateparser # pandas - # via - # dateparser - # pandas -pyyaml==6.0.1 +pyyaml==6.0.2 # via # datasets # huggingface-hub @@ -412,70 +406,67 @@ pyyaml==6.0.1 # myst-parser # pre-commit # sec-certs (./../pyproject.toml) -pyzmq==25.1.1 +pyzmq==26.2.0 # via # ipykernel # jupyter-client -rapidfuzz==3.5.2 +rapidfuzz==3.11.0 # via sec-certs (./../pyproject.toml) -referencing==0.31.0 +referencing==0.36.2 # via # jsonschema # jsonschema-specifications -regex==2024.9.11 - # via dateparser -regex==2024.9.11 +regex==2024.11.6 # via dateparser -requests==2.32.0 +requests==2.32.3 # via # datasets - # fsspec # huggingface-hub # pytest-monitor # sec-certs (./../pyproject.toml) # spacy # sphinx # weasel -rpds-py==0.13.1 +rich==13.9.4 + # via typer +rpds-py==0.22.3 # via # jsonschema # referencing -ruff==0.7.4 ruff==0.7.4 # via sec-certs (./../pyproject.toml) -scikit-learn==1.5.0 +scikit-learn==1.6.1 # via sec-certs (./../pyproject.toml) -scipy==1.11.4 +scipy==1.15.1 # via # scikit-learn # sec-certs (./../pyproject.toml) -seaborn==0.13.0 +seaborn==0.13.2 # via # pysankeybeta # sec-certs (./../pyproject.toml) -setuptools-scm==8.0.4 +setuptools-scm==8.1.0 # via sec-certs (./../pyproject.toml) -six==1.16.0 +shellingham==1.5.4 + # via typer +six==1.17.0 # via - # asttokens # html5lib # pytest-profiling # python-dateutil -smart-open==6.4.0 - # via - # spacy - # weasel +smart-open==7.1.0 + # via weasel snowballstemmer==2.2.0 # via sphinx -soupsieve==2.5 +soupsieve==2.6 # via beautifulsoup4 -spacy==3.7.2 +spacy==3.8.4 # via sec-certs (./../pyproject.toml) spacy-legacy==3.0.12 # via spacy spacy-loggers==1.0.5 # via spacy -sphinx==6.2.1 +sphinx==8.1.3 # via # myst-nb # myst-parser @@ -484,32 +475,27 @@ sphinx==6.2.1 # sphinx-book-theme # sphinx-copybutton # sphinx-design - # sphinxcontrib-applehelp - # sphinxcontrib-devhelp - # sphinxcontrib-htmlhelp - # sphinxcontrib-qthelp - # sphinxcontrib-serializinghtml -sphinx-book-theme==1.0.1 +sphinx-book-theme==1.1.3 # via sec-certs (./../pyproject.toml) sphinx-copybutton==0.5.2 # via sec-certs (./../pyproject.toml) -sphinx-design==0.5.0 +sphinx-design==0.6.1 # via sec-certs (./../pyproject.toml) -sphinxcontrib-applehelp==1.0.7 +sphinxcontrib-applehelp==2.0.0 # via sphinx -sphinxcontrib-devhelp==1.0.5 +sphinxcontrib-devhelp==2.0.0 # via sphinx -sphinxcontrib-htmlhelp==2.0.4 +sphinxcontrib-htmlhelp==2.1.0 # via sphinx sphinxcontrib-jsmath==1.0.1 # via sphinx -sphinxcontrib-qthelp==1.0.6 +sphinxcontrib-qthelp==2.0.0 # via sphinx -sphinxcontrib-serializinghtml==1.1.9 +sphinxcontrib-serializinghtml==2.0.0 # via sphinx -sqlalchemy==2.0.23 +sqlalchemy==2.0.37 # via jupyter-cache -srsly==2.4.8 +srsly==2.5.1 # via # confection # spacy @@ -517,25 +503,25 @@ srsly==2.4.8 # weasel stack-data==0.6.3 # via ipython -tabula-py==2.9.0 +tabula-py==2.10.0 # via sec-certs (./../pyproject.toml) tabulate==0.9.0 # via jupyter-cache -thinc==8.2.1 +thinc==8.3.4 # via spacy -threadpoolctl==3.2.0 +threadpoolctl==3.5.0 # via scikit-learn -tornado==6.4.1 +tornado==6.4.2 # via # ipykernel # jupyter-client -tqdm==4.66.3 +tqdm==4.67.1 # via # datasets # huggingface-hub # sec-certs (./../pyproject.toml) # spacy -traitlets==5.13.0 +traitlets==5.14.3 # via # comm # ipykernel @@ -546,64 +532,64 @@ traitlets==5.13.0 # matplotlib-inline # nbclient # nbformat -typer==0.9.0 +typer==0.15.1 # via # spacy # weasel -types-python-dateutil==2.8.19.14 +types-python-dateutil==2.9.0.20241206 # via sec-certs (./../pyproject.toml) -types-pyyaml==6.0.12.12 +types-pyyaml==6.0.12.20241230 # via sec-certs (./../pyproject.toml) -types-requests==2.31.0.10 +types-requests==2.32.0.20241016 # via sec-certs (./../pyproject.toml) -typing-extensions==4.8.0 +typing-extensions==4.12.2 # via # huggingface-hub + # ipython # mypy # myst-nb # pydantic # pydantic-core # pydata-sphinx-theme - # setuptools-scm + # referencing # sqlalchemy # typer -tzdata==2023.3 +tzdata==2025.1 # via pandas tzlocal==5.2 # via dateparser -tzlocal==5.2 - # via dateparser -urllib3==2.2.2 +urllib3==2.3.0 # via # requests # types-requests -virtualenv==20.24.7 +virtualenv==20.29.1 # via pre-commit -wasabi==1.1.2 +wasabi==1.1.3 # via # spacy # thinc # weasel -wcwidth==0.2.12 +wcwidth==0.2.13 # via prompt-toolkit -weasel==0.3.4 +weasel==0.4.1 # via spacy webencodings==0.5.1 # via html5lib -wheel==0.41.3 +wheel==0.45.1 # via # pip-tools # pytest-monitor -widgetsnbextension==4.0.9 +widgetsnbextension==4.0.13 # via ipywidgets -wrapt==1.16.0 - # via deprecated -xxhash==3.4.1 +wrapt==1.17.2 + # via + # deprecated + # smart-open +xxhash==3.5.0 # via datasets -yarl==1.17.2 -yarl==1.17.2 +yarl==1.18.3 # via aiohttp -zipp==3.19.1 +zipp==3.21.0 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/nlp_requirements.txt b/requirements/nlp_requirements.txt index 1a2e48f5..45258a50 100644 --- a/requirements/nlp_requirements.txt +++ b/requirements/nlp_requirements.txt @@ -1,34 +1,35 @@ -aiohappyeyeballs==2.4.0 +accelerate==1.3.0 + # via sentence-transformers +aiohappyeyeballs==2.4.4 # via aiohttp -aiohttp==3.10.11 +aiohttp==3.11.11 # via # datasets # fsspec -aiosignal==1.3.1 +aiosignal==1.3.2 # via aiohttp -alembic==1.12.1 +alembic==1.14.1 # via optuna -annotated-types==0.6.0 +annotated-types==0.7.0 # via pydantic -appnope==0.1.3 - # via - # ipykernel - # ipython -asttokens==2.4.1 +appnope==0.1.4 + # via ipykernel +asttokens==3.0.0 # via stack-data -attrs==23.1.0 +attrs==25.1.0 # via # aiohttp # jsonschema # referencing -beautifulsoup4==4.12.2 +beautifulsoup4==4.12.3 # via sec-certs (./../pyproject.toml) -bleach==6.1.0 +bleach==6.2.0 # via panel -blis==0.7.11 +blis==1.2.0 # via thinc -bokeh==3.3.1 +bokeh==3.6.2 # via + # holoviews # panel # umap-learn catalogue==2.0.10 @@ -36,91 +37,92 @@ catalogue==2.0.10 # spacy # srsly # thinc -catboost==1.2.2 +catboost==1.2.7 # via sec-certs (./../pyproject.toml) -certifi==2024.7.4 +certifi==2024.12.14 # via requests -cffi==1.16.0 +cffi==1.17.1 # via cryptography -charset-normalizer==3.3.2 +charset-normalizer==3.4.1 # via requests -click==8.1.7 +click==8.1.8 # via # dask - # nltk # sec-certs (./../pyproject.toml) # typer -cloudpathlib==0.16.0 +cloudpathlib==0.20.0 # via weasel -cloudpickle==3.0.0 +cloudpickle==3.1.1 # via dask -colorcet==3.0.1 +colorcet==3.1.0 # via # datashader # holoviews # umap-learn -colorlog==6.7.0 +colorlog==6.9.0 # via optuna -comm==0.2.0 +comm==0.2.2 # via # ipykernel # ipywidgets -confection==0.1.3 +confection==0.1.5 # via # thinc # weasel -contourpy==1.2.0 +contourpy==1.3.1 # via # bokeh # matplotlib -cryptography==43.0.1 +cryptography==44.0.0 # via pypdf cycler==0.12.1 # via matplotlib -cymem==2.0.8 +cymem==2.0.11 # via # preshed # spacy # thinc -dask==2023.11.0 +dask==2025.1.0 # via datashader -datasets==2.15.0 +datasets==3.2.0 # via # evaluate + # sentence-transformers # setfit -datashader==0.16.0 +datashader==0.16.3 # via umap-learn dateparser==1.2.0 # via sec-certs (./../pyproject.toml) -debugpy==1.8.0 +debugpy==1.8.12 # via ipykernel decorator==5.1.1 # via ipython -deprecated==1.2.14 +deprecated==1.2.18 # via pikepdf -dill==0.3.7 +dill==0.3.8 # via # datasets # evaluate # multiprocess -distro==1.8.0 +distro==1.9.0 # via tabula-py -evaluate==0.4.1 +evaluate==0.4.3 # via setfit -executing==2.0.1 +executing==2.2.0 # via stack-data -filelock==3.13.1 +filelock==3.17.0 # via + # datasets # huggingface-hub # torch # transformers -fonttools==4.45.0 +fonttools==4.55.6 # via matplotlib -frozenlist==1.4.0 +frozenlist==1.5.0 # via # aiohttp # aiosignal -fsspec[http]==2023.10.0 +fsspec[http]==2024.9.0 # via # dask # datasets @@ -128,137 +130,142 @@ fsspec[http]==2023.10.0 # fsspec # huggingface-hub # torch -graphviz==0.20.1 +graphviz==0.20.3 # via catboost -holoviews==1.18.1 +holoviews==1.20.0 # via umap-learn html5lib==1.1 # via sec-certs (./../pyproject.toml) -huggingface-hub==0.19.4 +huggingface-hub==0.27.1 # via + # accelerate # datasets # evaluate # sentence-transformers + # setfit # tokenizers # transformers -idna==3.7 +idna==3.10 # via # requests # yarl -imageio==2.33.0 +imageio==2.37.0 # via scikit-image -importlib-metadata==6.8.0 +importlib-metadata==8.6.1 # via dask -ipykernel==6.27.0 +ipykernel==6.29.5 # via sec-certs (./../pyproject.toml) -ipython==8.17.2 +ipython==8.31.0 # via # ipykernel # ipywidgets -ipywidgets==8.1.1 +ipywidgets==8.1.5 # via sec-certs (./../pyproject.toml) -jedi==0.19.1 +jedi==0.19.2 # via ipython -jinja2==3.1.4 +jinja2==3.1.5 # via # bokeh # spacy # torch -joblib==1.3.2 +joblib==1.4.2 # via - # nltk # pynndescent # scikit-learn -jsonschema==4.20.0 +jsonschema==4.23.0 # via sec-certs (./../pyproject.toml) -jsonschema-specifications==2023.11.1 +jsonschema-specifications==2024.10.1 # via jsonschema -jupyter-client==8.6.0 +jupyter-client==8.6.3 # via ipykernel -jupyter-core==5.5.0 +jupyter-core==5.7.2 # via # ipykernel # jupyter-client -jupyterlab-widgets==3.0.9 +jupyterlab-widgets==3.0.13 # via ipywidgets -kiwisolver==1.4.5 +kiwisolver==1.4.8 # via matplotlib -langcodes==3.3.0 +langcodes==3.5.0 # via spacy -lazy-loader==0.3 +language-data==1.3.0 + # via langcodes +lazy-loader==0.4 # via scikit-image -linkify-it-py==2.0.2 +linkify-it-py==2.0.3 # via panel -llvmlite==0.41.1 +llvmlite==0.44.0 # via # numba # pynndescent locket==1.0.0 # via partd -lxml==4.9.3 +lxml==5.3.0 # via # pikepdf # sec-certs (./../pyproject.toml) -mako==1.3.0 +mako==1.3.8 # via alembic -markdown==3.5.1 +marisa-trie==1.2.1 + # via language-data +markdown==3.7 # via panel markdown-it-py==3.0.0 # via # mdit-py-plugins # panel -markupsafe==2.1.3 + # rich +markupsafe==3.0.2 # via # jinja2 # mako -matplotlib==3.8.2 +matplotlib==3.10.0 # via # catboost # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) # umap-learn -matplotlib-inline==0.1.6 +matplotlib-inline==0.1.7 # via # ipykernel # ipython -mdit-py-plugins==0.4.0 +mdit-py-plugins==0.4.2 # via panel mdurl==0.1.2 # via markdown-it-py mpmath==1.3.0 # via sympy -multidict==6.0.4 +multidict==6.1.0 # via # aiohttp # yarl multipledispatch==1.0.0 # via datashader -multiprocess==0.70.15 +multiprocess==0.70.16 # via # datasets # evaluate -murmurhash==1.0.10 +murmurhash==1.0.12 # via # preshed # spacy # thinc -nest-asyncio==1.5.8 +nest-asyncio==1.6.0 # via ipykernel -networkx==3.2.1 +networkx==3.4.2 # via # scikit-image # sec-certs (./../pyproject.toml) # torch -nltk==3.9 - # via sentence-transformers -numba==0.58.1 +numba==0.61.0 # via # datashader # pynndescent # umap-learn -numpy==1.26.2 +numpy==1.26.4 # via + # accelerate # blis # bokeh # catboost @@ -272,46 +279,48 @@ numpy==1.26.2 # numba # optuna # pandas - # pyarrow # pysankeybeta # scikit-image # scikit-learn # scipy # seaborn # sec-certs (./../pyproject.toml) - # sentence-transformers # spacy # tabula-py # thinc # tifffile - # torchvision # transformers # umap-learn # xarray -optuna==3.4.0 +optuna==4.2.0 # via sec-certs (./../pyproject.toml) -packaging==23.2 +packaging==24.2 # via + # accelerate # bokeh # dask # datasets + # datashader # evaluate # holoviews # huggingface-hub # ipykernel + # lazy-loader # matplotlib # optuna + # panel # pikepdf # plotly # pytesseract # scikit-image + # setfit # setuptools-scm # spacy # thinc # transformers # weasel # xarray -pandas==2.1.3 +pandas==2.2.3 # via # bokeh # catboost @@ -326,26 +335,26 @@ pandas==2.1.3 # tabula-py # umap-learn # xarray -panel==1.3.2 +panel==1.6.0 # via holoviews -param==2.0.1 +param==2.2.0 # via # datashader # holoviews # panel # pyct # pyviz-comms -parso==0.8.3 +parso==0.8.4 # via jedi -partd==1.4.1 +partd==1.4.2 # via dask pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) -pexpect==4.8.0 +pexpect==4.9.0 # via ipython -pikepdf==8.7.1 +pikepdf==9.5.1 # via sec-certs (./../pyproject.toml) -pillow==10.3.0 +pillow==11.1.0 # via # bokeh # datashader @@ -355,12 +364,12 @@ pillow==10.3.0 # pytesseract # scikit-image # sec-certs (./../pyproject.toml) - # torchvision + # sentence-transformers pkgconfig==1.5.5 # via sec-certs (./../pyproject.toml) -platformdirs==4.0.0 +platformdirs==4.3.6 # via jupyter-core -plotly==5.18.0 +plotly==5.24.1 # via # catboost # sec-certs (./../pyproject.toml) @@ -368,29 +377,28 @@ preshed==3.0.9 # via # spacy # thinc -prompt-toolkit==3.0.41 +prompt-toolkit==3.0.50 # via ipython -propcache==0.2.0 - # via yarl -psutil==5.9.6 +propcache==0.2.1 + # via + # aiohttp + # yarl +psutil==6.1.1 # via + # accelerate # ipykernel # sec-certs (./../pyproject.toml) ptyprocess==0.7.0 # via pexpect -pure-eval==0.2.2 +pure-eval==0.2.3 # via stack-data -pyarrow==14.0.1 +pyarrow==19.0.0 # via datasets -pyarrow-hotfix==0.6 - # via datasets -pycparser==2.21 +pycparser==2.22 # via cffi pyct==0.5.0 - # via - # colorcet - # datashader -pydantic==2.5.2 + # via datashader +pydantic==2.10.6 # via # confection # pydantic-settings @@ -398,43 +406,46 @@ pydantic==2.5.2 # spacy # thinc # weasel -pydantic-core==2.14.5 +pydantic-core==2.27.2 # via pydantic -pydantic-settings==2.1.0 +pydantic-settings==2.7.1 # via sec-certs (./../pyproject.toml) -pygments==2.17.2 - # via ipython -pynndescent==0.5.11 +pygments==2.19.1 + # via + # ipython + # rich +pynndescent==0.5.13 # via umap-learn -pyparsing==3.1.1 +pyparsing==3.2.1 # via matplotlib -pypdf[crypto]==3.17.1 +pypdf[crypto]==5.2.0 # via # pypdf # sec-certs (./../pyproject.toml) -pysankeybeta==1.4.1 +pysankeybeta==1.4.2 # via sec-certs (./../pyproject.toml) -pytesseract==0.3.10 +pytesseract==0.3.13 # via sec-certs (./../pyproject.toml) -python-dateutil==2.8.2 +python-dateutil==2.9.0.post0 # via # dateparser # jupyter-client # matplotlib # pandas # sec-certs (./../pyproject.toml) -python-dotenv==1.0.0 +python-dotenv==1.0.1 # via pydantic-settings -pytz==2023.3.post1 +pytz==2024.2 # via # dateparser # pandas -pyviz-comms==3.0.0 +pyviz-comms==3.0.4 # via # holoviews # panel -pyyaml==6.0.1 +pyyaml==6.0.2 # via + # accelerate # bokeh # dask # datasets @@ -442,52 +453,51 @@ pyyaml==6.0.1 # optuna # sec-certs (./../pyproject.toml) # transformers -pyzmq==25.1.1 +pyzmq==26.2.0 # via # ipykernel # jupyter-client -rapidfuzz==3.5.2 +rapidfuzz==3.11.0 # via sec-certs (./../pyproject.toml) -referencing==0.31.0 +referencing==0.36.2 # via # jsonschema # jsonschema-specifications -regex==2023.10.3 +regex==2024.11.6 # via # dateparser - # nltk # transformers -requests==2.32.0 +requests==2.32.3 # via # datasets # datashader # evaluate - # fsspec # huggingface-hub # panel - # responses # sec-certs (./../pyproject.toml) # spacy - # torchvision # transformers # weasel -responses==0.18.0 - # via evaluate -rpds-py==0.13.1 +rich==13.9.4 + # via typer +rpds-py==0.22.3 # via # jsonschema # referencing -safetensors==0.4.5 - # via transformers -scikit-image==0.22.0 +safetensors==0.5.2 + # via + # accelerate + # transformers +scikit-image==0.25.1 # via umap-learn -scikit-learn==1.5.0 +scikit-learn==1.6.1 # via # pynndescent # sec-certs (./../pyproject.toml) # sentence-transformers + # setfit # umap-learn -scipy==1.11.4 +scipy==1.15.1 # via # catboost # datashader @@ -497,43 +507,41 @@ scipy==1.11.4 # sec-certs (./../pyproject.toml) # sentence-transformers # umap-learn -seaborn==0.13.0 +seaborn==0.13.2 # via # pysankeybeta # sec-certs (./../pyproject.toml) # umap-learn -sentence-transformers==2.2.2 - # via setfit -sentencepiece==0.1.99 - # via sentence-transformers -setfit==0.7.0 +sentence-transformers[train]==3.4.0 + # via + # sentence-transformers + # setfit +setfit==1.1.1 # via sec-certs (./../pyproject.toml) -setuptools-scm==8.0.4 +setuptools-scm==8.1.0 # via sec-certs (./../pyproject.toml) -six==1.16.0 +shellingham==1.5.4 + # via typer +six==1.17.0 # via - # asttokens - # bleach # catboost # html5lib # python-dateutil -smart-open==6.4.0 - # via - # spacy - # weasel -soupsieve==2.5 +smart-open==7.1.0 + # via weasel +soupsieve==2.6 # via beautifulsoup4 -spacy==3.7.2 +spacy==3.8.4 # via sec-certs (./../pyproject.toml) spacy-legacy==3.0.12 # via spacy spacy-loggers==1.0.5 # via spacy -sqlalchemy==2.0.23 +sqlalchemy==2.0.37 # via # alembic # optuna -srsly==2.4.8 +srsly==2.5.1 # via # confection # spacy @@ -541,42 +549,39 @@ srsly==2.4.8 # weasel stack-data==0.6.3 # via ipython -sympy==1.12 +sympy==1.13.1 # via torch -tabula-py==2.9.0 +tabula-py==2.10.0 # via sec-certs (./../pyproject.toml) -tenacity==8.2.3 +tenacity==9.0.0 # via plotly -thinc==8.2.1 +thinc==8.3.4 # via spacy -threadpoolctl==3.2.0 +threadpoolctl==3.5.0 # via scikit-learn -tifffile==2023.9.26 +tifffile==2025.1.10 # via scikit-image -tokenizers==0.15.0 +tokenizers==0.21.0 # via transformers -toolz==0.12.0 +toolz==1.0.0 # via # dask # datashader # partd -torch==2.1.1 +torch==2.5.1 # via + # accelerate # sentence-transformers - # torchvision -torchvision==0.16.1 - # via sentence-transformers -tornado==6.4.1 +tornado==6.4.2 # via # bokeh # ipykernel # jupyter-client -tqdm==4.66.3 +tqdm==4.67.1 # via # datasets # evaluate # huggingface-hub - # nltk # optuna # panel # sec-certs (./../pyproject.toml) @@ -584,7 +589,7 @@ tqdm==4.66.3 # spacy # transformers # umap-learn -traitlets==5.13.0 +traitlets==5.14.3 # via # comm # ipykernel @@ -593,65 +598,66 @@ traitlets==5.13.0 # jupyter-client # jupyter-core # matplotlib-inline -transformers==4.38.0 - # via sentence-transformers -typer==0.9.0 +transformers==4.48.1 + # via + # sentence-transformers + # setfit +typer==0.15.1 # via # spacy # weasel -typing-extensions==4.8.0 +typing-extensions==4.12.2 # via # alembic # huggingface-hub + # ipython # panel # pydantic # pydantic-core - # setuptools-scm + # referencing # sqlalchemy # torch # typer -tzdata==2023.3 +tzdata==2025.1 # via pandas tzlocal==5.2 # via dateparser -uc-micro-py==1.0.2 +uc-micro-py==1.0.3 # via linkify-it-py -umap-learn[plot]==0.5.5 +umap-learn[plot]==0.5.7 # via sec-certs (./../pyproject.toml) -urllib3==2.2.2 - # via - # requests - # responses -wasabi==1.1.2 +urllib3==2.3.0 + # via requests +wasabi==1.1.3 # via # spacy # thinc # weasel -wcwidth==0.2.12 +wcwidth==0.2.13 # via prompt-toolkit -weasel==0.3.4 +weasel==0.4.1 # via spacy webencodings==0.5.1 # via # bleach # html5lib -widgetsnbextension==4.0.9 +widgetsnbextension==4.0.13 # via ipywidgets -wrapt==1.16.0 - # via deprecated -xarray==2023.11.0 +wrapt==1.17.2 + # via + # deprecated + # smart-open +xarray==2025.1.1 # via datashader -xxhash==3.4.1 +xxhash==3.5.0 # via # datasets # evaluate -xyzservices==2023.10.1 - # via - # bokeh - # panel -yarl==1.17.2 +xyzservices==2025.1.0 + # via bokeh +yarl==1.18.3 # via aiohttp -zipp==3.19.1 +zipp==3.21.0 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 4426c7e9..182393cb 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -1,131 +1,134 @@ -annotated-types==0.6.0 +annotated-types==0.7.0 # via pydantic appnope==0.1.4 -appnope==0.1.4 - # via - # ipykernel - # ipython -asttokens==2.4.1 + # via ipykernel +asttokens==3.0.0 # via stack-data -attrs==23.1.0 +attrs==25.1.0 # via # jsonschema # referencing -beautifulsoup4==4.12.2 +beautifulsoup4==4.12.3 # via sec-certs (./../pyproject.toml) -blis==0.7.11 +blis==1.2.0 # via thinc catalogue==2.0.10 # via # spacy # srsly # thinc -certifi==2024.7.4 +certifi==2024.12.14 # via requests -cffi==1.16.0 +cffi==1.17.1 # via cryptography -charset-normalizer==3.3.2 +charset-normalizer==3.4.1 # via requests -click==8.1.7 +click==8.1.8 # via # sec-certs (./../pyproject.toml) # typer -cloudpathlib==0.16.0 +cloudpathlib==0.20.0 # via weasel -comm==0.2.0 +comm==0.2.2 # via # ipykernel # ipywidgets -confection==0.1.3 +confection==0.1.5 # via # thinc # weasel -contourpy==1.2.0 +contourpy==1.3.1 # via matplotlib -cryptography==43.0.1 +cryptography==44.0.0 # via pypdf cycler==0.12.1 # via matplotlib -cymem==2.0.8 +cymem==2.0.11 # via # preshed # spacy # thinc dateparser==1.2.0 # via sec-certs (./../pyproject.toml) -dateparser==1.2.0 - # via sec-certs (./../pyproject.toml) -debugpy==1.8.0 +debugpy==1.8.12 # via ipykernel decorator==5.1.1 # via ipython -deprecated==1.2.14 +deprecated==1.2.18 # via pikepdf -distro==1.8.0 +distro==1.9.0 # via tabula-py -executing==2.0.1 +executing==2.2.0 # via stack-data -fonttools==4.45.0 +fonttools==4.55.6 # via matplotlib html5lib==1.1 # via sec-certs (./../pyproject.toml) -idna==3.7 +idna==3.10 # via requests -ipykernel==6.27.0 +ipykernel==6.29.5 # via sec-certs (./../pyproject.toml) -ipython==8.17.2 +ipython==8.31.0 # via # ipykernel # ipywidgets -ipywidgets==8.1.1 +ipywidgets==8.1.5 # via sec-certs (./../pyproject.toml) -jedi==0.19.1 +jedi==0.19.2 # via ipython -jinja2==3.1.4 +jinja2==3.1.5 # via spacy -joblib==1.3.2 +joblib==1.4.2 # via scikit-learn -jsonschema==4.20.0 +jsonschema==4.23.0 # via sec-certs (./../pyproject.toml) -jsonschema-specifications==2023.11.1 +jsonschema-specifications==2024.10.1 # via jsonschema -jupyter-client==8.6.0 +jupyter-client==8.6.3 # via ipykernel -jupyter-core==5.5.0 +jupyter-core==5.7.2 # via # ipykernel # jupyter-client -jupyterlab-widgets==3.0.9 +jupyterlab-widgets==3.0.13 # via ipywidgets -kiwisolver==1.4.5 +kiwisolver==1.4.8 # via matplotlib -langcodes==3.3.0 +langcodes==3.5.0 # via spacy -lxml==4.9.3 +language-data==1.3.0 + # via langcodes +lxml==5.3.0 # via # pikepdf # sec-certs (./../pyproject.toml) -markupsafe==2.1.3 +marisa-trie==1.2.1 + # via language-data +markdown-it-py==3.0.0 + # via rich +markupsafe==3.0.2 # via jinja2 -matplotlib==3.8.2 +matplotlib==3.10.0 # via # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) -matplotlib-inline==0.1.6 +matplotlib-inline==0.1.7 # via # ipykernel # ipython -murmurhash==1.0.10 +mdurl==0.1.2 + # via markdown-it-py +murmurhash==1.0.12 # via # preshed # spacy # thinc -nest-asyncio==1.5.8 +nest-asyncio==1.6.0 # via ipykernel -networkx==3.2.1 +networkx==3.4.2 # via sec-certs (./../pyproject.toml) -numpy==1.26.2 +numpy==2.2.2 # via # blis # contourpy @@ -139,7 +142,7 @@ numpy==1.26.2 # spacy # tabula-py # thinc -packaging==23.2 +packaging==24.2 # via # ipykernel # matplotlib @@ -149,21 +152,21 @@ packaging==23.2 # spacy # thinc # weasel -pandas==2.1.3 +pandas==2.2.3 # via # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) # tabula-py -parso==0.8.3 +parso==0.8.4 # via jedi pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) -pexpect==4.8.0 +pexpect==4.9.0 # via ipython -pikepdf==8.7.1 +pikepdf==9.5.1 # via sec-certs (./../pyproject.toml) -pillow==10.3.0 +pillow==11.1.0 # via # matplotlib # pikepdf @@ -171,25 +174,25 @@ pillow==10.3.0 # sec-certs (./../pyproject.toml) pkgconfig==1.5.5 # via sec-certs (./../pyproject.toml) -platformdirs==4.0.0 +platformdirs==4.3.6 # via jupyter-core preshed==3.0.9 # via # spacy # thinc -prompt-toolkit==3.0.41 +prompt-toolkit==3.0.50 # via ipython -psutil==5.9.6 +psutil==6.1.1 # via # ipykernel # sec-certs (./../pyproject.toml) ptyprocess==0.7.0 # via pexpect -pure-eval==0.2.2 +pure-eval==0.2.3 # via stack-data -pycparser==2.21 +pycparser==2.22 # via cffi -pydantic==2.5.2 +pydantic==2.10.6 # via # confection # pydantic-settings @@ -197,94 +200,91 @@ pydantic==2.5.2 # spacy # thinc # weasel -pydantic-core==2.14.5 +pydantic-core==2.27.2 # via pydantic -pydantic-settings==2.1.0 +pydantic-settings==2.7.1 # via sec-certs (./../pyproject.toml) -pygments==2.17.2 - # via ipython -pyparsing==3.1.1 +pygments==2.19.1 + # via + # ipython + # rich +pyparsing==3.2.1 # via matplotlib -pypdf[crypto]==3.17.1 +pypdf[crypto]==5.2.0 # via # pypdf # sec-certs (./../pyproject.toml) -pysankeybeta==1.4.1 +pysankeybeta==1.4.2 # via sec-certs (./../pyproject.toml) -pytesseract==0.3.10 +pytesseract==0.3.13 # via sec-certs (./../pyproject.toml) -python-dateutil==2.8.2 +python-dateutil==2.9.0.post0 # via # dateparser - # dateparser # jupyter-client # matplotlib # pandas # sec-certs (./../pyproject.toml) -python-dotenv==1.0.0 +python-dotenv==1.0.1 # via pydantic-settings -pytz==2023.3.post1 +pytz==2024.2 # via # dateparser # pandas - # via - # dateparser - # pandas -pyyaml==6.0.1 +pyyaml==6.0.2 # via sec-certs (./../pyproject.toml) -pyzmq==25.1.1 +pyzmq==26.2.0 # via # ipykernel # jupyter-client -rapidfuzz==3.5.2 +rapidfuzz==3.11.0 # via sec-certs (./../pyproject.toml) -referencing==0.31.0 +referencing==0.36.2 # via # jsonschema # jsonschema-specifications -regex==2024.9.11 - # via dateparser -regex==2024.9.11 +regex==2024.11.6 # via dateparser -requests==2.32.0 +requests==2.32.3 # via # sec-certs (./../pyproject.toml) # spacy # weasel -rpds-py==0.13.1 +rich==13.9.4 + # via typer +rpds-py==0.22.3 # via # jsonschema # referencing -scikit-learn==1.5.0 +scikit-learn==1.6.1 # via sec-certs (./../pyproject.toml) -scipy==1.11.4 +scipy==1.15.1 # via # scikit-learn # sec-certs (./../pyproject.toml) -seaborn==0.13.0 +seaborn==0.13.2 # via # pysankeybeta # sec-certs (./../pyproject.toml) -setuptools-scm==8.0.4 +setuptools-scm==8.1.0 # via sec-certs (./../pyproject.toml) -six==1.16.0 +shellingham==1.5.4 + # via typer +six==1.17.0 # via - # asttokens # html5lib # python-dateutil -smart-open==6.4.0 - # via - # spacy - # weasel -soupsieve==2.5 +smart-open==7.1.0 + # via weasel +soupsieve==2.6 # via beautifulsoup4 -spacy==3.7.2 +spacy==3.8.4 # via sec-certs (./../pyproject.toml) spacy-legacy==3.0.12 # via spacy spacy-loggers==1.0.5 # via spacy -srsly==2.4.8 +srsly==2.5.1 # via # confection # spacy @@ -292,21 +292,21 @@ srsly==2.4.8 # weasel stack-data==0.6.3 # via ipython -tabula-py==2.9.0 +tabula-py==2.10.0 # via sec-certs (./../pyproject.toml) -thinc==8.2.1 +thinc==8.3.4 # via spacy -threadpoolctl==3.2.0 +threadpoolctl==3.5.0 # via scikit-learn -tornado==6.4.1 +tornado==6.4.2 # via # ipykernel # jupyter-client -tqdm==4.66.3 +tqdm==4.67.1 # via # sec-certs (./../pyproject.toml) # spacy -traitlets==5.13.0 +traitlets==5.14.3 # via # comm # ipykernel @@ -315,39 +315,40 @@ traitlets==5.13.0 # jupyter-client # jupyter-core # matplotlib-inline -typer==0.9.0 +typer==0.15.1 # via # spacy # weasel -typing-extensions==4.8.0 +typing-extensions==4.12.2 # via + # ipython # pydantic # pydantic-core - # setuptools-scm + # referencing # typer -tzdata==2023.3 +tzdata==2025.1 # via pandas tzlocal==5.2 # via dateparser -tzlocal==5.2 - # via dateparser -urllib3==2.2.2 +urllib3==2.3.0 # via requests -wasabi==1.1.2 +wasabi==1.1.3 # via # spacy # thinc # weasel -wcwidth==0.2.12 +wcwidth==0.2.13 # via prompt-toolkit -weasel==0.3.4 +weasel==0.4.1 # via spacy webencodings==0.5.1 # via html5lib -widgetsnbextension==4.0.9 +widgetsnbextension==4.0.13 # via ipywidgets -wrapt==1.16.0 - # via deprecated +wrapt==1.17.2 + # via + # deprecated + # smart-open # The following packages are considered to be unsafe in a requirements file: # setuptools diff --git a/requirements/test_requirements.txt b/requirements/test_requirements.txt index 90c645e2..b5d83369 100644 --- a/requirements/test_requirements.txt +++ b/requirements/test_requirements.txt @@ -1,137 +1,140 @@ -annotated-types==0.6.0 +annotated-types==0.7.0 # via pydantic appnope==0.1.4 -appnope==0.1.4 - # via - # ipykernel - # ipython -asttokens==2.4.1 + # via ipykernel +asttokens==3.0.0 # via stack-data -attrs==23.1.0 +attrs==25.1.0 # via # jsonschema # referencing -beautifulsoup4==4.12.2 +beautifulsoup4==4.12.3 # via sec-certs (./../pyproject.toml) -blis==0.7.11 +blis==1.2.0 # via thinc catalogue==2.0.10 # via # spacy # srsly # thinc -certifi==2024.7.4 +certifi==2024.12.14 # via requests -cffi==1.16.0 +cffi==1.17.1 # via cryptography -charset-normalizer==3.3.2 +charset-normalizer==3.4.1 # via requests -click==8.1.7 +click==8.1.8 # via # sec-certs (./../pyproject.toml) # typer -cloudpathlib==0.16.0 +cloudpathlib==0.20.0 # via weasel -comm==0.2.0 +comm==0.2.2 # via # ipykernel # ipywidgets -confection==0.1.3 +confection==0.1.5 # via # thinc # weasel -contourpy==1.2.0 +contourpy==1.3.1 # via matplotlib -coverage[toml]==7.3.2 +coverage[toml]==7.6.10 # via # pytest-cov # sec-certs (./../pyproject.toml) -cryptography==43.0.1 +cryptography==44.0.0 # via pypdf cycler==0.12.1 # via matplotlib -cymem==2.0.8 +cymem==2.0.11 # via # preshed # spacy # thinc dateparser==1.2.0 # via sec-certs (./../pyproject.toml) -dateparser==1.2.0 - # via sec-certs (./../pyproject.toml) -debugpy==1.8.0 +debugpy==1.8.12 # via ipykernel decorator==5.1.1 # via ipython -deprecated==1.2.14 +deprecated==1.2.18 # via pikepdf -distro==1.8.0 +distro==1.9.0 # via tabula-py -executing==2.0.1 +executing==2.2.0 # via stack-data -fonttools==4.45.0 +fonttools==4.55.6 # via matplotlib html5lib==1.1 # via sec-certs (./../pyproject.toml) -idna==3.7 +idna==3.10 # via requests iniconfig==2.0.0 # via pytest -ipykernel==6.27.0 +ipykernel==6.29.5 # via sec-certs (./../pyproject.toml) -ipython==8.17.2 +ipython==8.31.0 # via # ipykernel # ipywidgets -ipywidgets==8.1.1 +ipywidgets==8.1.5 # via sec-certs (./../pyproject.toml) -jedi==0.19.1 +jedi==0.19.2 # via ipython -jinja2==3.1.4 +jinja2==3.1.5 # via spacy -joblib==1.3.2 +joblib==1.4.2 # via scikit-learn -jsonschema==4.20.0 +jsonschema==4.23.0 # via sec-certs (./../pyproject.toml) -jsonschema-specifications==2023.11.1 +jsonschema-specifications==2024.10.1 # via jsonschema -jupyter-client==8.6.0 +jupyter-client==8.6.3 # via ipykernel -jupyter-core==5.5.0 +jupyter-core==5.7.2 # via # ipykernel # jupyter-client -jupyterlab-widgets==3.0.9 +jupyterlab-widgets==3.0.13 # via ipywidgets -kiwisolver==1.4.5 +kiwisolver==1.4.8 # via matplotlib -langcodes==3.3.0 +langcodes==3.5.0 # via spacy -lxml==4.9.3 +language-data==1.3.0 + # via langcodes +lxml==5.3.0 # via # pikepdf # sec-certs (./../pyproject.toml) -markupsafe==2.1.3 +marisa-trie==1.2.1 + # via language-data +markdown-it-py==3.0.0 + # via rich +markupsafe==3.0.2 # via jinja2 -matplotlib==3.8.2 +matplotlib==3.10.0 # via # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) -matplotlib-inline==0.1.6 +matplotlib-inline==0.1.7 # via # ipykernel # ipython -murmurhash==1.0.10 +mdurl==0.1.2 + # via markdown-it-py +murmurhash==1.0.12 # via # preshed # spacy # thinc -nest-asyncio==1.5.8 +nest-asyncio==1.6.0 # via ipykernel -networkx==3.2.1 +networkx==3.4.2 # via sec-certs (./../pyproject.toml) -numpy==1.26.2 +numpy==2.2.2 # via # blis # contourpy @@ -145,7 +148,7 @@ numpy==1.26.2 # spacy # tabula-py # thinc -packaging==23.2 +packaging==24.2 # via # ipykernel # matplotlib @@ -156,21 +159,21 @@ packaging==23.2 # spacy # thinc # weasel -pandas==2.1.3 +pandas==2.2.3 # via # pysankeybeta # seaborn # sec-certs (./../pyproject.toml) # tabula-py -parso==0.8.3 +parso==0.8.4 # via jedi pdftotext==3.0.0 # via sec-certs (./../pyproject.toml) -pexpect==4.8.0 +pexpect==4.9.0 # via ipython -pikepdf==8.7.1 +pikepdf==9.5.1 # via sec-certs (./../pyproject.toml) -pillow==10.3.0 +pillow==11.1.0 # via # matplotlib # pikepdf @@ -178,27 +181,27 @@ pillow==10.3.0 # sec-certs (./../pyproject.toml) pkgconfig==1.5.5 # via sec-certs (./../pyproject.toml) -platformdirs==4.0.0 +platformdirs==4.3.6 # via jupyter-core -pluggy==1.3.0 +pluggy==1.5.0 # via pytest preshed==3.0.9 # via # spacy # thinc -prompt-toolkit==3.0.41 +prompt-toolkit==3.0.50 # via ipython -psutil==5.9.6 +psutil==6.1.1 # via # ipykernel # sec-certs (./../pyproject.toml) ptyprocess==0.7.0 # via pexpect -pure-eval==0.2.2 +pure-eval==0.2.3 # via stack-data -pycparser==2.21 +pycparser==2.22 # via cffi -pydantic==2.5.2 +pydantic==2.10.6 # via # confection # pydantic-settings @@ -206,100 +209,97 @@ pydantic==2.5.2 # spacy # thinc # weasel -pydantic-core==2.14.5 +pydantic-core==2.27.2 # via pydantic -pydantic-settings==2.1.0 +pydantic-settings==2.7.1 # via sec-certs (./../pyproject.toml) -pygments==2.17.2 - # via ipython -pyparsing==3.1.1 +pygments==2.19.1 + # via + # ipython + # rich +pyparsing==3.2.1 # via matplotlib -pypdf[crypto]==3.17.1 +pypdf[crypto]==5.2.0 # via # pypdf # sec-certs (./../pyproject.toml) -pysankeybeta==1.4.1 +pysankeybeta==1.4.2 # via sec-certs (./../pyproject.toml) -pytesseract==0.3.10 +pytesseract==0.3.13 # via sec-certs (./../pyproject.toml) -pytest==7.4.3 +pytest==8.3.4 # via # pytest-cov # sec-certs (./../pyproject.toml) -pytest-cov==4.1.0 +pytest-cov==6.0.0 # via sec-certs (./../pyproject.toml) -python-dateutil==2.8.2 +python-dateutil==2.9.0.post0 # via # dateparser - # dateparser # jupyter-client # matplotlib # pandas # sec-certs (./../pyproject.toml) -python-dotenv==1.0.0 +python-dotenv==1.0.1 # via pydantic-settings -pytz==2023.3.post1 +pytz==2024.2 # via # dateparser # pandas - # via - # dateparser - # pandas -pyyaml==6.0.1 +pyyaml==6.0.2 # via sec-certs (./../pyproject.toml) -pyzmq==25.1.1 +pyzmq==26.2.0 # via # ipykernel # jupyter-client -rapidfuzz==3.5.2 +rapidfuzz==3.11.0 # via sec-certs (./../pyproject.toml) -referencing==0.31.0 +referencing==0.36.2 # via # jsonschema # jsonschema-specifications -regex==2024.9.11 - # via dateparser -regex==2024.9.11 +regex==2024.11.6 # via dateparser -requests==2.32.0 +requests==2.32.3 # via # sec-certs (./../pyproject.toml) # spacy # weasel -rpds-py==0.13.1 +rich==13.9.4 + # via typer +rpds-py==0.22.3 # via # jsonschema # referencing -scikit-learn==1.5.0 +scikit-learn==1.6.1 # via sec-certs (./../pyproject.toml) -scipy==1.11.4 +scipy==1.15.1 # via # scikit-learn # sec-certs (./../pyproject.toml) -seaborn==0.13.0 +seaborn==0.13.2 # via # pysankeybeta # sec-certs (./../pyproject.toml) -setuptools-scm==8.0.4 +setuptools-scm==8.1.0 # via sec-certs (./../pyproject.toml) -six==1.16.0 +shellingham==1.5.4 + # via typer +six==1.17.0 # via - # asttokens # html5lib # python-dateutil -smart-open==6.4.0 - # via - # spacy - # weasel -soupsieve==2.5 +smart-open==7.1.0 + # via weasel +soupsieve==2.6 # via beautifulsoup4 -spacy==3.7.2 +spacy==3.8.4 # via sec-certs (./../pyproject.toml) spacy-legacy==3.0.12 # via spacy spacy-loggers==1.0.5 # via spacy -srsly==2.4.8 +srsly==2.5.1 # via # confection # spacy @@ -307,21 +307,21 @@ srsly==2.4.8 # weasel stack-data==0.6.3 # via ipython -tabula-py==2.9.0 +tabula-py==2.10.0 # via sec-certs (./../pyproject.toml) -thinc==8.2.1 +thinc==8.3.4 # via spacy -threadpoolctl==3.2.0 +threadpoolctl==3.5.0 # via scikit-learn -tornado==6.4.1 +tornado==6.4.2 # via # ipykernel # jupyter-client -tqdm==4.66.3 +tqdm==4.67.1 # via # sec-certs (./../pyproject.toml) # spacy -traitlets==5.13.0 +traitlets==5.14.3 # via # comm # ipykernel @@ -330,39 +330,40 @@ traitlets==5.13.0 # jupyter-client # jupyter-core # matplotlib-inline -typer==0.9.0 +typer==0.15.1 # via # spacy # weasel -typing-extensions==4.8.0 +typing-extensions==4.12.2 # via + # ipython # pydantic # pydantic-core - # setuptools-scm + # referencing # typer -tzdata==2023.3 +tzdata==2025.1 # via pandas tzlocal==5.2 # via dateparser -tzlocal==5.2 - # via dateparser -urllib3==2.2.2 +urllib3==2.3.0 # via requests -wasabi==1.1.2 +wasabi==1.1.3 # via # spacy # thinc # weasel -wcwidth==0.2.12 +wcwidth==0.2.13 # via prompt-toolkit -weasel==0.3.4 +weasel==0.4.1 # via spacy webencodings==0.5.1 # via html5lib -widgetsnbextension==4.0.9 +widgetsnbextension==4.0.13 # via ipywidgets -wrapt==1.16.0 - # via deprecated +wrapt==1.17.2 + # via + # deprecated + # smart-open # The following packages are considered to be unsafe in a requirements file: # setuptools From a9d7c7472441572b4fd3487523c9f5398c06fcde Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Mon, 27 Jan 2025 16:11:32 +0100 Subject: [PATCH 11/17] forbid empty PP links in ProtectionProfile objects --- src/sec_certs/dataset/protection_profile.py | 18 ++++++++---------- src/sec_certs/sample/protection_profile.py | 20 +++++++++++++++----- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/src/sec_certs/dataset/protection_profile.py b/src/sec_certs/dataset/protection_profile.py index 1bb2e3f1..4a938d1c 100644 --- a/src/sec_certs/dataset/protection_profile.py +++ b/src/sec_certs/dataset/protection_profile.py @@ -226,16 +226,14 @@ def _parse_table( return {} body = list(tables[0].find_all("tr"))[1:] - try: - table_certs = { - x.dgst: x - for x in [ - ProtectionProfile.from_html_row(row, cert_status, category_string, is_collaborative) - for row in body - ] - } - except ValueError as e: - raise ValueError(f"Bad html file: {file.name} ({str(e)})") from e + table_certs = {} + for row in body: + try: + pp = ProtectionProfile.from_html_row(row, cert_status, category_string, is_collaborative) + table_certs[pp.dgst] = pp + except ValueError as e: + logger.error(f"Error when creating ProtectionProfile object: {e}") + return table_certs cert_status: Literal["active", "archived"] = "active" if "active" in file.name else "archived" diff --git a/src/sec_certs/sample/protection_profile.py b/src/sec_certs/sample/protection_profile.py index 36f13130..079c9319 100644 --- a/src/sec_certs/sample/protection_profile.py +++ b/src/sec_certs/sample/protection_profile.py @@ -19,7 +19,7 @@ from sec_certs.sample.certificate import PdfData as BasePdfData from sec_certs.sample.document_state import DocumentState from sec_certs.serialization.json import ComplexSerializableType -from sec_certs.utils import helpers +from sec_certs.utils import helpers, sanitization class ProtectionProfile( @@ -83,18 +83,23 @@ def _from_html_row_classic_pp( f"Unexpected number of elements in PP html row. Expected: 6, actual: {len(cells)}" ) + pp_link = cls._html_row_get_link(cells[0]) + pp_name = cls._html_row_get_name(cells[0]) + if not sanitization.sanitize_cc_link(pp_link): + raise ValueError(f"pp_link for PP {pp_name} is empty, cannot create PP record") + # TODO: Parse maintenance div here. See CC parsing. return cls( category, status, False, - cls._html_row_get_name(cells[0]), + pp_name, cls._html_row_get_version(cells[1]), cls._html_row_get_security_level(cells[2]), cls._html_row_get_date(cells[3]), None if status == "active" else cls._html_row_get_date(cells[4]), cls._html_row_get_link(cells[-1]), - cls._html_row_get_link(cells[0]), + pp_link, cls._html_row_get_scheme(cells[-2]), [], ) @@ -107,17 +112,22 @@ def _from_html_row_collaborative(cls, row: Tag, category: str) -> ProtectionProf f"Unexpected number of elements in collaborative PP html row. Expected: 5, actual: {len(cells)}" ) + pp_link = cls._html_row_get_collaborative_pp_link(cells[0]) + pp_name = cls._html_row_get_collaborative_name(cells[0]) + if not sanitization.sanitize_cc_link(pp_link): + raise ValueError(f"pp_link for PP {pp_name} is empty, cannot create PP record") + return cls( category, "active", True, - cls._html_row_get_collaborative_name(cells[0]), + pp_name, cls._html_row_get_version(cells[1]), cls._html_row_get_security_level(cells[2]), cls._html_row_get_date(cells[3]), None, cls._html_row_get_link(cells[-1]), - cls._html_row_get_collaborative_pp_link(cells[0]), + pp_link, None, [], ) From 324c38695ce24c74b3cf13d50e4a1885e7b8a543 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Mon, 27 Jan 2025 16:31:36 +0100 Subject: [PATCH 12/17] process PP maintenances --- src/sec_certs/sample/protection_profile.py | 13 +++++--- src/sec_certs/utils/cc_html_parsing.py | 38 ++++++++++++++++++++++ 2 files changed, 47 insertions(+), 4 deletions(-) create mode 100644 src/sec_certs/utils/cc_html_parsing.py diff --git a/src/sec_certs/sample/protection_profile.py b/src/sec_certs/sample/protection_profile.py index 079c9319..9f499451 100644 --- a/src/sec_certs/sample/protection_profile.py +++ b/src/sec_certs/sample/protection_profile.py @@ -19,7 +19,7 @@ from sec_certs.sample.certificate import PdfData as BasePdfData from sec_certs.sample.document_state import DocumentState from sec_certs.serialization.json import ComplexSerializableType -from sec_certs.utils import helpers, sanitization +from sec_certs.utils import cc_html_parsing, helpers, sanitization class ProtectionProfile( @@ -55,7 +55,7 @@ class WebData(ComplexSerializableType): report_link: str | None pp_link: str | None scheme: str | None - maintenances: list[tuple[date, str, str]] + maintenances: list[tuple[Any]] @property def eal(self) -> str | None: @@ -88,7 +88,12 @@ def _from_html_row_classic_pp( if not sanitization.sanitize_cc_link(pp_link): raise ValueError(f"pp_link for PP {pp_name} is empty, cannot create PP record") - # TODO: Parse maintenance div here. See CC parsing. + mu_div = cc_html_parsing.html_row_get_maintenance_div(row) + maintenance_updates = cc_html_parsing.parse_maintenance_div(mu_div) if mu_div else [] + if maintenance_updates: + # Drop ST links, not filled in for PPs + maintenance_updates = [x[:3] for x in maintenance_updates] + return cls( category, status, @@ -101,7 +106,7 @@ def _from_html_row_classic_pp( cls._html_row_get_link(cells[-1]), pp_link, cls._html_row_get_scheme(cells[-2]), - [], + maintenance_updates, ) @classmethod diff --git a/src/sec_certs/utils/cc_html_parsing.py b/src/sec_certs/utils/cc_html_parsing.py new file mode 100644 index 00000000..956353bf --- /dev/null +++ b/src/sec_certs/utils/cc_html_parsing.py @@ -0,0 +1,38 @@ +import logging +from datetime import datetime +from typing import Any + +from bs4 import Tag + +from sec_certs import constants + +logger = logging.getLogger(__name__) + + +def html_row_get_maintenance_div(cell: Tag) -> Tag | None: + divs = cell.find_all("div") + for d in divs: + if d.find("div") and d.stripped_strings and list(d.stripped_strings)[0] == "Maintenance Report(s)": + return d + return None + + +def parse_maintenance_div(main_div: Tag) -> list[tuple[Any, ...]]: + possible_updates = list(main_div.find_all("li")) + maintenance_updates = set() + for u in possible_updates: + text = list(u.stripped_strings)[0] + main_date = datetime.strptime(text.split(" ")[0], "%Y-%m-%d").date() if text else None + main_title = text.split("– ")[1] + main_report_link = None + main_st_link = None + links = u.find_all("a") + for link in links: + if link.get("title").startswith("Maintenance Report:"): + main_report_link = constants.CC_PORTAL_BASE_URL + link.get("href") + elif link.get("title").startswith("Maintenance ST"): + main_st_link = constants.CC_PORTAL_BASE_URL + link.get("href") + else: + logger.error("Unknown link in Maintenance part!") + maintenance_updates.add((main_date, main_title, main_report_link, main_st_link)) + return list(maintenance_updates) From 649411da9d0c0aab6e3499dd17e4e853706b251d Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Mon, 27 Jan 2025 17:59:02 +0100 Subject: [PATCH 13/17] change PP snapshot urls --- src/sec_certs/configuration.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/sec_certs/configuration.py b/src/sec_certs/configuration.py index 031d2d07..b12dfb07 100644 --- a/src/sec_certs/configuration.py +++ b/src/sec_certs/configuration.py @@ -55,7 +55,7 @@ class Configuration(BaseSettings): description="URL from where to fetch the latest full archive of fully processed CC dataset.", ) pp_latest_full_archive: AnyHttpUrl = Field( - "https://sec-certs.org/cc/pp.tar.gz", + "https://sec-certs.org/pps/pp.tar.gz", description="URL from where to fetch the latest full archive of fully processed PP dataset.", ) cc_maintenances_latest_snapshot: AnyHttpUrl = Field( @@ -63,7 +63,7 @@ class Configuration(BaseSettings): description="URL from where to fetch the latest snapshot of CC maintenance updates", ) pp_latest_snapshot: AnyHttpUrl = Field( - "https://sec-certs.org/static/pp.json", + "https://sec-certs.org/pps/pp.json", description="URL from where to fetch the latest snapshot of the PP dataset.", ) fips_latest_snapshot: AnyHttpUrl = Field( From f28e3253dc7e6f7ca91a6489d866efe4d39e3ee3 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Tue, 28 Jan 2025 09:54:43 +0100 Subject: [PATCH 14/17] add aux dataset tests --- docs/user_guide.md | 4 +- src/sec_certs/configuration.py | 2 +- .../dataset/auxiliary_dataset_handling.py | 188 +++++++-------- tests/cc/test_cc_aux_datasets.py | 215 ++++++++++++++++++ tests/test_nvd_dataset_builder.py | 2 +- 5 files changed, 316 insertions(+), 95 deletions(-) create mode 100644 tests/cc/test_cc_aux_datasets.py diff --git a/docs/user_guide.md b/docs/user_guide.md index 9d330c6c..8e6e2f4b 100644 --- a/docs/user_guide.md +++ b/docs/user_guide.md @@ -16,11 +16,11 @@ Our tool can seamlessly download the required NVD datasets when needed. We suppo The following two keys control the behaviour: ```yaml -preferred_source_nvd_datasets: "api" # set to "sec-certs" to fetch them from sec-certs.org +preferred_source_aux_datasets: "api" # set to "sec-certs" to fetch them from sec-certs.org nvd_api_key: null # or the actual key value ``` -If you aim to fetch the sources from NVD, we advise you to get an [NVD API key](https://nvd.nist.gov/developers/request-an-api-key) and set the `nvd_api_key` setting accordingly. The download from NVD will work even without API key, it will just be slow. No API key is needed when `preferred_source_nvd_datasets: "sec-certs"` +If you aim to fetch the sources from NVD, we advise you to get an [NVD API key](https://nvd.nist.gov/developers/request-an-api-key) and set the `nvd_api_key` setting accordingly. The download from NVD will work even without API key, it will just be slow. No API key is needed when `preferred_source_aux_datasets: "sec-certs"` ## Inferring inter-certificate reference context diff --git a/src/sec_certs/configuration.py b/src/sec_certs/configuration.py index b12dfb07..1bf5df1a 100644 --- a/src/sec_certs/configuration.py +++ b/src/sec_certs/configuration.py @@ -138,7 +138,7 @@ class Configuration(BaseSettings): description="If true, progress bars will be printed to stdout during computation.", ) nvd_api_key: Optional[str] = Field(None, description="NVD API key for access to CVEs and CPEs.") # noqa: UP007 - preferred_source_nvd_datasets: Literal["sec-certs", "api"] = Field( + preferred_source_aux_datasets: Literal["sec-certs", "api"] = Field( "sec-certs", description="If set to `sec-certs`, will fetch CPE and CVE datasets from sec-certs.org." + " If set to `api`, will fetch these resources from NVD API. It is advised to set an" diff --git a/src/sec_certs/dataset/auxiliary_dataset_handling.py b/src/sec_certs/dataset/auxiliary_dataset_handling.py index 829ecf07..0704df2a 100644 --- a/src/sec_certs/dataset/auxiliary_dataset_handling.py +++ b/src/sec_certs/dataset/auxiliary_dataset_handling.py @@ -64,22 +64,21 @@ def dset_path(self) -> Path: @staged(logger, "Processing CPE dataset") def _process_dataset_body(self, download_fresh: bool = False) -> None: - if self.dset_path.exists(): + if not download_fresh and self.dset_path.exists(): logger.info("Preparing CPEDataset from json.") - self.dset = CPEDataset.from_json(self.dset_path) + self.load_dataset() + return + + if config.preferred_source_aux_datasets == "api": + logger.info("Fetching new CPE records from NVD API") + with CpeNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: + self.dset = builder.build_dataset() else: - self.dset = CPEDataset(json_path=self.dset_path) - download_fresh = True - - if download_fresh: - if config.preferred_source_nvd_datasets == "api": - logger.info("Fetching new CPE records from NVD API") - with CpeNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: - self.dset = builder.build_dataset(self.dset) - else: - logger.info("Preparing CPEDataset from sec-certs.org.") - self.dset = CPEDataset.from_web(self.dset_path) - self.dset.to_json() + logger.info("Preparing CPEDataset from sec-certs.org.") + self.dset = CPEDataset.from_web(self.dset_path) + + self.dset.to_json() + self.dset.json_path = self.dset_path def load_dataset(self) -> None: self.dset = CPEDataset.from_json(self.dset_path) @@ -92,22 +91,21 @@ def dset_path(self) -> Path: @staged(logger, "Processing CVE dataset") def _process_dataset_body(self, download_fresh: bool = False) -> None: - if self.dset_path.exists(): + if not download_fresh and self.dset_path.exists(): logger.info("Preparing CVEDataset from json.") - self.dset = CVEDataset.from_json(self.dset_path) + self.load_dataset() + return + + if config.preferred_source_aux_datasets == "api": + logger.info("Fetching new CVE records from NVD API.") + with CveNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: + self.dset = builder.build_dataset() else: - self.dset = CVEDataset(json_path=self.dset_path) - download_fresh = True - - if download_fresh: - if config.preferred_source_nvd_datasets == "api": - logger.info("Fetching new CVE records from NVD API.") - with CveNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: - self.dset = builder.build_dataset(self.dset) - else: - logger.info("Preparing CVEDataset from sec-certs.org") - self.dset = CVEDataset.from_web(self.dset_path) - self.dset.to_json() + logger.info("Preparing CVEDataset from sec-certs.org.") + self.dset = CVEDataset.from_web(self.dset_path) + + self.dset.to_json() + self.dset.json_path = self.dset_path def load_dataset(self): self.dset = CVEDataset.from_json(self.dset_path) @@ -120,39 +118,34 @@ def dset_path(self) -> Path: @staged(logger, "Processing CPE Match dictionary") def _process_dataset_body(self, download_fresh: bool = False) -> None: - if self.dset_path.exists(): + if not download_fresh and self.dset_path.exists(): logger.info("Preparing CPE Match feed from json.") - with self.dset_path.open("r") as handle: - self.dset = json.load(handle) + self.load_dataset() + return + + if config.preferred_source_aux_datasets == "api": + logger.info("Fetchnig CPE Match feed from NVD APi.") + with CpeMatchNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: + self.dset = builder.build_dataset() else: - self.dset = CpeMatchNvdDatasetBuilder._init_new_dataset() - download_fresh = True - - if download_fresh: - if config.preferred_source_nvd_datasets == "api": - logger.info("Fetchnig CPE Match feed from NVD APi.") - with CpeMatchNvdDatasetBuilder(api_key=config.nvd_api_key) as builder: - self.dset = builder.build_dataset(self.dset) - else: - logger.info("Preparing CPE Match feed from sec-certs.org.") - with tempfile.TemporaryDirectory() as tmp_dir: - dset_path = Path(tmp_dir) / "cpe_match_feed.json.gz" - if ( - not helpers.download_file( - config.cpe_match_latest_snapshot, - dset_path, - progress_bar_desc="Downloading CPE Match feed from web", - ) - == constants.RESPONSE_OK - ): - raise RuntimeError( - f"Could not download CPE Match feed from {config.cpe_match_latest_snapshot}." - ) - with gzip.open(str(dset_path)) as handle: - json_str = handle.read().decode("utf-8") - self.dset = json.loads(json_str) - with self.dset_path.open("w") as handle: - json.dump(self.dset, handle, indent=4) + logger.info("Preparing CPE Match feed from sec-certs.org.") + with tempfile.TemporaryDirectory() as tmp_dir: + dset_path = Path(tmp_dir) / "cpe_match_feed.json.gz" + if ( + not helpers.download_file( + config.cpe_match_latest_snapshot, + dset_path, + progress_bar_desc="Downloading CPE Match feed from web", + ) + == constants.RESPONSE_OK + ): + raise RuntimeError(f"Could not download CPE Match feed from {config.cpe_match_latest_snapshot}.") + with gzip.open(str(dset_path)) as handle: + json_str = handle.read().decode("utf-8") + self.dset = json.loads(json_str) + + with self.dset_path.open("w") as handle: + json.dump(self.dset, handle, indent=4) def load_dataset(self): with self.dset_path.open("r") as handle: @@ -166,11 +159,14 @@ def dset_path(self) -> Path: @staged(logger, "Processing FIPS Algorithms") def _process_dataset_body(self, download_fresh: bool = False) -> None: - if not self.dset_path.exists() or download_fresh: - self.dset = FIPSAlgorithmDataset.from_web(self.dset_path) - self.dset.to_json() - else: - self.dset = FIPSAlgorithmDataset.from_json(self.dset_path) + if not download_fresh and self.dset_path.exists(): + logger.info("Preparing FIPSAlgorithmDataset from json.") + self.load_dataset() + return + + self.dset = FIPSAlgorithmDataset.from_web(self.dset_path) + self.dset.to_json() + self.dset.json_path = self.dset_path def load_dataset(self): self.dset = FIPSAlgorithmDataset.from_json(self.dset_path) @@ -192,11 +188,14 @@ def dset_path(self) -> Path: @staged(logger, "Processing CC Schemes") def _process_dataset_body(self, download_fresh: bool = False) -> None: - if not self.dset_path.exists() or download_fresh: - self.dset = CCSchemeDataset.from_web(self.dset_path, self.only_schemes) - self.dset.to_json() - else: - self.dset = CCSchemeDataset.from_json(self.dset_path) + if not download_fresh and self.dset_path.exists(): + logger.info("Preparing CCSchemeDataset from json.") + self.load_dataset() + return + + self.dset = CCSchemeDataset.from_web(self.dset_path, self.only_schemes) + self.dset.to_json() + self.dset.json_path = self.dset_path def load_dataset(self): self.dset = CCSchemeDataset.from_json(self.dset_path) @@ -227,20 +226,25 @@ def load_dataset(self) -> None: def _process_dataset_body(self, download_fresh: bool = False): from sec_certs.dataset.cc import CCDatasetMaintenanceUpdates - if not self.dset_path.exists() or download_fresh: - updates = list( - itertools.chain.from_iterable( - CCMaintenanceUpdate.get_updates_from_cc_cert(x) for x in self.certs_with_updates - ) - ) - self.dset = CCDatasetMaintenanceUpdates( - {x.dgst: x for x in updates}, root_dir=self.dset_path.parent, name="maintenance_updates" + if not download_fresh and self.dset_path.exists(): + logger.info("Preparing CCDatasetMaintenanceUpdates from json.") + self.load_dataset() + return + + updates = list( + itertools.chain.from_iterable( + CCMaintenanceUpdate.get_updates_from_cc_cert(x) for x in self.certs_with_updates ) - self.dset.download_all_artifacts() - self.dset.convert_all_pdfs() - self.dset.extract_data() - else: - self.dset = CCDatasetMaintenanceUpdates.from_json(self.dset_path) + ) + self.dset = CCDatasetMaintenanceUpdates( + {x.dgst: x for x in updates}, + root_dir=self.dset_path.parent, + name="maintenance_updates", + ) + self.dset.download_all_artifacts() + self.dset.convert_all_pdfs() + self.dset.extract_data() + self.dset.to_json() class ProtectionProfileDatasetHandler(AuxiliaryDatasetHandler): @@ -262,12 +266,14 @@ def load_dataset(self) -> None: def _process_dataset_body(self, download_fresh: bool = False): from sec_certs.dataset.protection_profile import ProtectionProfileDataset - if not self.dset_path.exists() or download_fresh: - self.dset_path.parent.mkdir(exist_ok=True, parents=True) - self.dset = ProtectionProfileDataset(root_dir=self.dset_path.parent) - self.dset.get_certs_from_web() - self.dset.download_all_artifacts() - self.dset.convert_all_pdfs() - self.dset.analyze_certificates() - else: - self.dset = ProtectionProfileDataset.from_json(self.dset_path) + if not download_fresh and self.dset_path.exists(): + logger.info("Preparing ProtectionProfileDataset from json.") + self.load_dataset() + return + + self.dset_path.parent.mkdir(exist_ok=True, parents=True) + self.dset = ProtectionProfileDataset(root_dir=self.dset_path.parent) + self.dset.get_certs_from_web() + self.dset.download_all_artifacts() + self.dset.convert_all_pdfs() + self.dset.analyze_certificates() diff --git a/tests/cc/test_cc_aux_datasets.py b/tests/cc/test_cc_aux_datasets.py new file mode 100644 index 00000000..8a7a32a9 --- /dev/null +++ b/tests/cc/test_cc_aux_datasets.py @@ -0,0 +1,215 @@ +from unittest.mock import mock_open + +import pytest + +from sec_certs.configuration import config +from sec_certs.dataset import ( + CCDatasetMaintenanceUpdates, + CCSchemeDataset, + CPEDataset, + CVEDataset, + FIPSAlgorithmDataset, + ProtectionProfileDataset, +) +from sec_certs.dataset.auxiliary_dataset_handling import ( + CCMaintenanceUpdateDatasetHandler, + CCSchemeDatasetHandler, + CPEDatasetHandler, + CPEMatchDictHandler, + CVEDatasetHandler, + FIPSAlgorithmDatasetHandler, + ProtectionProfileDatasetHandler, +) + + +@pytest.fixture +def temp_dir(tmp_path): + return tmp_path + + +@pytest.fixture +def mock_dset(): + return {"key": "value"} + + +def test_cpe_dataset_handler_set_local_paths(temp_dir): + handler = CPEDatasetHandler(temp_dir) + new_path = temp_dir / "new_path" + handler.set_local_paths(new_path) + assert handler.aux_datasets_dir == new_path + + +@pytest.mark.parametrize("preferred_source_aux_datasets", ["sec-certs", "api"]) +def test_cpe_dataset_handler_process_dataset(preferred_source_aux_datasets, temp_dir, monkeypatch): + config.preferred_source_aux_datasets = preferred_source_aux_datasets + handler = CPEDatasetHandler(temp_dir) + mock_dset = CPEDataset() + + def mock_get_dset(path): + return mock_dset + + if preferred_source_aux_datasets == "sec-certs": + monkeypatch.setattr("sec_certs.dataset.cpe.CPEDataset.from_web", mock_get_dset) + else: + monkeypatch.setattr("sec_certs.utils.nvd_dataset_builder.CpeNvdDatasetBuilder.build_dataset", mock_get_dset) + + monkeypatch.setattr("sec_certs.dataset.cpe.CPEDataset.to_json", lambda x: None) + handler.process_dataset(download_fresh=True) + + assert handler.dset == mock_dset + assert handler.dset_path == temp_dir / "cpe_dataset.json" + + +def test_cve_dataset_handler_set_local_paths(temp_dir): + handler = CVEDatasetHandler(temp_dir) + new_path = temp_dir / "new_path" + handler.set_local_paths(new_path) + assert handler.aux_datasets_dir == new_path + + +@pytest.mark.parametrize("preferred_source_aux_datasets", ["sec-certs", "api"]) +def test_cve_dataset_handler_process_dataset(preferred_source_aux_datasets, temp_dir, monkeypatch): + config.preferred_source_aux_datasets = preferred_source_aux_datasets + handler = CVEDatasetHandler(temp_dir) + mock_dset = CVEDataset() + + def mock_get_dset(path): + return mock_dset + + if preferred_source_aux_datasets == "sec-certs": + monkeypatch.setattr("sec_certs.dataset.cve.CVEDataset.from_web", mock_get_dset) + else: + monkeypatch.setattr("sec_certs.utils.nvd_dataset_builder.CveNvdDatasetBuilder.build_dataset", mock_get_dset) + monkeypatch.setattr("sec_certs.dataset.cve.CVEDataset.to_json", lambda x: None) + handler.process_dataset(download_fresh=True) + + assert handler.dset == mock_dset + assert handler.dset_path == temp_dir / "cve_dataset.json" + + +def test_cpe_match_dict_handler_set_local_paths(temp_dir): + handler = CPEMatchDictHandler(temp_dir) + new_path = temp_dir / "new_path" + handler.set_local_paths(new_path) + assert handler.aux_datasets_dir == new_path + + +@pytest.mark.parametrize("preferred_source_aux_datasets", ["sec-certs", "api"]) +def test_cpe_match_dict_handler_process_dataset(preferred_source_aux_datasets, temp_dir, monkeypatch): + config.preferred_source_aux_datasets = preferred_source_aux_datasets + handler = CPEMatchDictHandler(temp_dir) + mock_dset = {"key": "value"} + mock_dset_str_single_quotes = '{"key": "value"}' + + def mock_get_dset(path): + return mock_dset + + def mock_download_file(url, path, progress_bar_desc): + return 200 + + if preferred_source_aux_datasets == "api": + monkeypatch.setattr( + "sec_certs.utils.nvd_dataset_builder.CpeMatchNvdDatasetBuilder.build_dataset", mock_get_dset + ) + else: + monkeypatch.setattr("sec_certs.utils.helpers.download_file", mock_download_file) + monkeypatch.setattr("gzip.open", mock_open(read_data=(mock_dset_str_single_quotes.encode()))) + + handler.process_dataset(download_fresh=True) + + assert handler.dset == mock_dset + + +def test_fips_algorithm_dataset_handler_set_local_paths(temp_dir): + handler = FIPSAlgorithmDatasetHandler(temp_dir) + new_path = temp_dir / "new_path" + handler.set_local_paths(new_path) + assert handler.aux_datasets_dir == new_path + + +def test_fips_algorithm_dataset_handler_process_dataset(temp_dir, monkeypatch): + handler = FIPSAlgorithmDatasetHandler(temp_dir) + mock_dset = FIPSAlgorithmDataset() + + def mock_from_web(path): + return mock_dset + + monkeypatch.setattr("sec_certs.dataset.fips_algorithm.FIPSAlgorithmDataset.from_web", mock_from_web) + monkeypatch.setattr("sec_certs.dataset.fips_algorithm.FIPSAlgorithmDataset.to_json", lambda x: None) + handler.process_dataset(download_fresh=True) + assert handler.dset == mock_dset + assert handler.dset_path == temp_dir / "algorithms.json" + assert handler.dset.json_path == handler.dset_path + + +def test_cc_scheme_dataset_handler_set_local_paths(temp_dir): + handler = CCSchemeDatasetHandler(temp_dir) + new_path = temp_dir / "new_path" + handler.set_local_paths(new_path) + assert handler.aux_datasets_dir == new_path + + +def test_cc_scheme_dataset_handler_process_dataset(temp_dir, monkeypatch): + handler = CCSchemeDatasetHandler(temp_dir) + mock_dset = CCSchemeDataset(schemes={}) + + def mock_from_web(path, only_schemes): + return mock_dset + + monkeypatch.setattr("sec_certs.dataset.cc_scheme.CCSchemeDataset.from_web", mock_from_web) + monkeypatch.setattr("sec_certs.dataset.cc_scheme.CCSchemeDataset.to_json", lambda x: None) + handler.process_dataset(download_fresh=True) + assert handler.dset == mock_dset + assert handler.dset_path == temp_dir / "cc_scheme.json" + assert handler.dset.json_path == handler.dset_path + + +def test_cc_maintenance_update_dataset_handler_set_local_paths(temp_dir): + handler = CCMaintenanceUpdateDatasetHandler(temp_dir) + new_path = temp_dir / "new_path" + handler.set_local_paths(new_path) + assert handler.aux_datasets_dir == new_path + + +def test_cc_maintenance_update_dataset_handler_process_dataset(temp_dir, monkeypatch): + handler = CCMaintenanceUpdateDatasetHandler(temp_dir) + mock_dset = CCDatasetMaintenanceUpdates(root_dir=handler.dset_path.parent, name="maintenance_updates") + + monkeypatch.setattr( + "sec_certs.sample.cc_maintenance_update.CCMaintenanceUpdate.get_updates_from_cc_cert", + lambda x: [], + ) + monkeypatch.setattr("sec_certs.dataset.dataset.Dataset.download_all_artifacts", lambda x: None) + monkeypatch.setattr("sec_certs.dataset.dataset.Dataset.convert_all_pdfs", lambda x: None) + monkeypatch.setattr("sec_certs.dataset.cc.CCDataset.extract_data", lambda x: None) + monkeypatch.setattr("sec_certs.dataset.dataset.Dataset.to_json", lambda x: None) + handler.process_dataset(download_fresh=True) + assert handler.dset == mock_dset + + +def test_protection_profile_dataset_handler_set_local_paths(temp_dir): + handler = ProtectionProfileDatasetHandler(temp_dir) + new_path = temp_dir / "new_path" + handler.set_local_paths(new_path) + assert handler.aux_datasets_dir == new_path + + +def test_protection_profile_dataset_handler_process_dataset(temp_dir, monkeypatch): + handler = ProtectionProfileDatasetHandler(temp_dir) + mock_dset = ProtectionProfileDataset() + + monkeypatch.setattr( + "sec_certs.dataset.protection_profile.ProtectionProfileDataset.get_certs_from_web", lambda x: None + ) + monkeypatch.setattr( + "sec_certs.dataset.protection_profile.ProtectionProfileDataset.download_all_artifacts", lambda x: None + ) + monkeypatch.setattr( + "sec_certs.dataset.protection_profile.ProtectionProfileDataset.convert_all_pdfs", lambda x: None + ) + monkeypatch.setattr( + "sec_certs.dataset.protection_profile.ProtectionProfileDataset.analyze_certificates", lambda x: None + ) + monkeypatch.setattr("sec_certs.dataset.protection_profile.ProtectionProfileDataset.to_json", lambda x: None) + handler.process_dataset(download_fresh=True) + assert handler.dset == mock_dset diff --git a/tests/test_nvd_dataset_builder.py b/tests/test_nvd_dataset_builder.py index fda94d1f..44ea7c44 100644 --- a/tests/test_nvd_dataset_builder.py +++ b/tests/test_nvd_dataset_builder.py @@ -60,7 +60,7 @@ def get_dataset_len(dset) -> int: return len(dset) return len(dset["match_strings"]) - config.preferred_source_nvd_datasets = "api" + config.preferred_source_aux_datasets = "api" with builder_class(api_key=config.nvd_api_key) as dataset_builder: dataset = dataset_builder._init_new_dataset() assert dataset == default_dataset From 2e2ff04eb516487b30d984e6f2c3fb5f341e0d87 Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Tue, 28 Jan 2025 10:12:43 +0100 Subject: [PATCH 15/17] add dgst testing for CC sample --- tests/cc/conftest.py | 8 ++++---- tests/cc/test_cc_certificate.py | 23 ++++++++++++++++++++++- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/tests/cc/conftest.py b/tests/cc/conftest.py index 68bf3cd5..6ddb74a2 100644 --- a/tests/cc/conftest.py +++ b/tests/cc/conftest.py @@ -22,7 +22,7 @@ def toy_dataset() -> CCDataset: return CCDataset.from_json(path) -@pytest.fixture(scope="module") +@pytest.fixture def cert_one() -> CCCertificate: return CCCertificate( "active", @@ -33,9 +33,9 @@ def cert_one() -> CCCertificate: {"ALC_FLR.2", "EAL3+"}, date(2020, 6, 15), date(2025, 6, 15), - "https://www.commoncriteriaportal.org/files/epfiles/Certification%20Report%20-%20NetIQ®%20Identity%20Manager%204.7.pdf", - "https://www.commoncriteriaportal.org/files/epfiles/ST%20-%20NetIQ%20Identity%20Manager%204.7.pdf", - "https://www.commoncriteriaportal.org/files/epfiles/Certifikat%20CCRA%20-%20NetIQ%20Identity%20Manager%204.7_signed.pdf", + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certification%20Report%20-%20NetIQ®%20Identity%20Manager%204.7.pdf", + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ST%20-%20NetIQ%20Identity%20Manager%204.7.pdf", + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certifikat%20CCRA%20-%20NetIQ%20Identity%20Manager%204.7_signed.pdf", "https://www.netiq.com/", None, set(), diff --git a/tests/cc/test_cc_certificate.py b/tests/cc/test_cc_certificate.py index f90245e0..2c236d68 100644 --- a/tests/cc/test_cc_certificate.py +++ b/tests/cc/test_cc_certificate.py @@ -60,7 +60,7 @@ def test_keyword_extraction(vulnerable_certificate: CCCertificate): def test_cert_link_escaping(cert_one: CCCertificate): assert ( cert_one.report_link - == "https://www.commoncriteriaportal.org/files/epfiles/Certification%20Report%20-%20NetIQ®%20Identity%20Manager%204.7.pdf" + == "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certification%20Report%20-%20NetIQ®%20Identity%20Manager%204.7.pdf" ) @@ -79,3 +79,24 @@ def test_cert_to_json(cert_two: CCCertificate, tmp_path: Path, data_dir: Path): def test_cert_from_json(cert_two: CCCertificate, data_dir: Path): crt = CCCertificate.from_json(data_dir / "fictional_cert.json") assert cert_two == crt + + +def test_cert_old_dgst(cert_one: CCCertificate): + assert cert_one.old_dgst == "309ac2fd7f2dcf17" + with pytest.raises(RuntimeError): + cert_one.report_link = None + cert_one.old_dgst + + +def test_cert_dgst(cert_one: CCCertificate): + assert cert_one.dgst == "e3dcf91ef38ddbf0" + cert_one.name = None + with pytest.raises(RuntimeError): + cert_one.dgst + + +def test_cert_older_dgst(cert_one: CCCertificate): + assert cert_one.older_dgst == "916f4d199f78d70c" + cert_one.category = None + with pytest.raises(RuntimeError): + cert_one.older_dgst From cad0eb618ba81efc6645322ab49b134dad91101c Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Tue, 28 Jan 2025 13:34:21 +0100 Subject: [PATCH 16/17] implement PP tests --- src/sec_certs/constants.py | 1 + src/sec_certs/dataset/protection_profile.py | 61 +- tests/cc/conftest.py | 21 + tests/cc/test_cc_analysis.py | 3 +- tests/cc/test_cc_dataset.py | 21 +- tests/cc/test_cc_protection_profiles.py | 165 +++ tests/data/protection_profiles/__init__.py | 0 .../analysis => protection_profiles}/pp.json | 0 tests/data/protection_profiles/pp_active.html | 965 ++++++++++++++++++ .../pps/pdf/b02ed76d2545326a.pdf | Bin 0 -> 1210078 bytes .../pps/txt/b02ed76d2545326a.txt | 944 +++++++++++++++++ .../reports/pdf/b02ed76d2545326a.pdf | Bin 0 -> 561209 bytes .../reports/txt/b02ed76d2545326a.txt | 701 +++++++++++++ 13 files changed, 2816 insertions(+), 66 deletions(-) create mode 100644 tests/cc/test_cc_protection_profiles.py create mode 100644 tests/data/protection_profiles/__init__.py rename tests/data/{cc/analysis => protection_profiles}/pp.json (100%) create mode 100644 tests/data/protection_profiles/pp_active.html create mode 100644 tests/data/protection_profiles/pps/pdf/b02ed76d2545326a.pdf create mode 100644 tests/data/protection_profiles/pps/txt/b02ed76d2545326a.txt create mode 100644 tests/data/protection_profiles/reports/pdf/b02ed76d2545326a.pdf create mode 100644 tests/data/protection_profiles/reports/txt/b02ed76d2545326a.txt diff --git a/src/sec_certs/constants.py b/src/sec_certs/constants.py index afa1969d..125c2265 100644 --- a/src/sec_certs/constants.py +++ b/src/sec_certs/constants.py @@ -22,6 +22,7 @@ MIN_FIPS_HTML_SIZE = 64000 MIN_CC_HTML_SIZE = 5000000 +MIN_PP_HTML_SIZE = 200000 MIN_CC_CSV_SIZE = 700000 MIN_CC_PP_DATASET_SIZE = 2500000 diff --git a/src/sec_certs/dataset/protection_profile.py b/src/sec_certs/dataset/protection_profile.py index 4a938d1c..0d409611 100644 --- a/src/sec_certs/dataset/protection_profile.py +++ b/src/sec_certs/dataset/protection_profile.py @@ -81,10 +81,6 @@ def web_dir(self) -> Path: "pp_archived.html": constants.CC_PORTAL_BASE_URL + "/pps/index.cfm?archived=1", "pp_collaborative.html": constants.CC_PORTAL_BASE_URL + "/pps/collaborativePP.cfm?cpp=1", } - CSV_URL = { - "pp_active.csv": constants.CC_PORTAL_BASE_URL + "/pps/pps.csv", - "pp_archived.csv": constants.CC_PORTAL_BASE_URL + "/pps/pps-archived.csv", - } @property def active_html_tuples(self) -> list[tuple[str, Path]]: @@ -98,14 +94,6 @@ def archived_html_tuples(self) -> list[tuple[str, Path]]: def collaborative_html_tuples(self) -> list[tuple[str, Path]]: return [(x, self.web_dir / y) for y, x in self.HTML_URL.items() if "collaborative" in y] - @property - def active_csv_tuples(self) -> list[tuple[str, Path]]: - return [(x, self.web_dir / y) for y, x in self.CSV_URL.items() if "active" in y] - - @property - def archived_csv_tuples(self) -> list[tuple[str, Path]]: - return [(x, self.web_dir / y) for y, x in self.CSV_URL.items() if "archived" in y] - @serialize @staged(logger, "Downloading and processing CSV and HTML files of certificates.") def get_certs_from_web( @@ -117,17 +105,10 @@ def get_certs_from_web( get_collaborative: bool = True, ) -> None: if to_download: - self._download_csv_html_resources(get_active, get_archived, get_collaborative) - - # TODO: Implement CSV processing if needed. If not, delete this and the corresponding methods. Also get rid of URLs. - # logger.info("Adding PPs from CSV to ProtectionProfileDataset.") - # csv_certs = self._get_all_certs_from_csv(get_active, get_archived) - # self._merge_certs(csv_certs, cert_source="csv") + self._download_html_resources(get_active, get_archived, get_collaborative) logger.info("Adding HTML certificates to ProtectionProfile dataset.") - html_certs = self._get_all_certs_from_html(get_active, get_archived, get_collaborative) - self._merge_certs(html_certs, cert_source="html") - + self.certs = self._get_all_certs_from_html(get_active, get_archived, get_collaborative) logger.info(f"The resulting dataset has {len(self)} certificates.") if not keep_metadata: @@ -136,19 +117,6 @@ def get_certs_from_web( self._set_local_paths() self.state.meta_sources_parsed = True - def _merge_certs(self, certs: dict[str, ProtectionProfile], cert_source: str | None = None) -> None: - """ - Merges dictionary of certificates into the dataset. Assuming they all are CommonCriteria certificates - """ - new_certs = {x.dgst: x for x in certs.values() if x not in self} - certs_to_merge = [x for x in certs.values() if x in self] - self.certs.update(new_certs) - - for crt in certs_to_merge: - self[crt.dgst].merge(crt, cert_source) - - logger.info(f"Added {len(new_certs)} new and merged further {len(certs_to_merge)} certificates to the dataset.") - def _get_all_certs_from_html( self, get_active: bool = True, get_archived: bool = True, get_collaborative: bool = True ) -> dict[str, ProtectionProfile]: @@ -167,45 +135,22 @@ def _get_all_certs_from_html( new_certs.update(partial_certs) return new_certs - def _get_all_certs_from_csv( - self, get_active: bool = True, get_archived: bool = True - ) -> dict[str, ProtectionProfile]: - csv_sources = list(self.CSV_URL.keys()) - csv_sources = [x for x in csv_sources if "active" not in x or get_active] - csv_sources = [x for x in csv_sources if "archived" not in x or get_archived] - - new_certs = {} - for file in csv_sources: - partial_certs = self._parse_single_csv(self.web_dir / file) - logger.info(f"Parsed {len(partial_certs)} certificates from: {file}") - new_certs.update(partial_certs) - return new_certs - - def _download_csv_html_resources( + def _download_html_resources( self, get_active: bool = True, get_archived: bool = True, get_collaborative: bool = True ) -> None: self.web_dir.mkdir(parents=True, exist_ok=True) html_items = [] - csv_items = [] if get_active: html_items.extend(self.active_html_tuples) - csv_items.extend(self.active_csv_tuples) if get_archived: html_items.extend(self.archived_html_tuples) - html_items.extend(self.archived_csv_tuples) if get_collaborative: html_items.extend(self.collaborative_html_tuples) html_urls, html_paths = [x[0] for x in html_items], [x[1] for x in html_items] - csv_urls, csv_paths = [x[0] for x in csv_items], [x[1] for x in csv_items] logger.info("Downloading required csv and html files.") helpers.download_parallel(html_urls, html_paths) - helpers.download_parallel(csv_urls, csv_paths) - - @staticmethod - def _parse_single_csv(file: Path) -> dict[str, ProtectionProfile]: - return {} @staticmethod def _parse_single_html(file: Path) -> dict[str, ProtectionProfile]: diff --git a/tests/cc/conftest.py b/tests/cc/conftest.py index 6ddb74a2..91f8caab 100644 --- a/tests/cc/conftest.py +++ b/tests/cc/conftest.py @@ -4,24 +4,45 @@ from pathlib import Path import pytest +import tests.data.cc.analysis import tests.data.cc.dataset +import tests.data.protection_profiles from sec_certs.dataset.cc import CCDataset +from sec_certs.dataset.protection_profile import ProtectionProfileDataset from sec_certs.sample.cc import CCCertificate +@pytest.fixture(scope="module") +def pp_data_dir() -> Generator[Path, None, None]: + with resources.path(tests.data.protection_profiles, "") as path: + yield path + + @pytest.fixture(scope="module") def data_dir() -> Generator[Path, None, None]: with resources.path(tests.data.cc.dataset, "") as path: yield path +@pytest.fixture(scope="module") +def analysis_data_dir() -> Generator[Path, None, None]: + with resources.path(tests.data.cc.analysis, "") as path: + yield path + + @pytest.fixture def toy_dataset() -> CCDataset: with resources.path(tests.data.cc.dataset, "toy_dataset.json") as path: return CCDataset.from_json(path) +@pytest.fixture +def toy_pp_dataset() -> ProtectionProfileDataset: + with resources.path(tests.data.protection_profiles, "pp.json") as path: + return ProtectionProfileDataset.from_json(path) + + @pytest.fixture def cert_one() -> CCCertificate: return CCCertificate( diff --git a/tests/cc/test_cc_analysis.py b/tests/cc/test_cc_analysis.py index 849eda68..6591ca18 100644 --- a/tests/cc/test_cc_analysis.py +++ b/tests/cc/test_cc_analysis.py @@ -33,10 +33,11 @@ def analysis_data_dir() -> Generator[Path, None, None]: @pytest.fixture(scope="module") def processed_cc_dset( - analysis_data_dir: Path, cve_dataset: CVEDataset, cpe_dataset: CPEDataset, tmp_path_factory + analysis_data_dir: Path, cve_dataset: CVEDataset, cpe_dataset: CPEDataset, tmp_path_factory, pp_data_dir: Path ) -> CCDataset: tmp_dir = tmp_path_factory.mktemp("cc_dset") shutil.copytree(analysis_data_dir, tmp_dir, dirs_exist_ok=True) + shutil.copy(pp_data_dir / "pp.json", tmp_dir / "pp.json") cc_dset = CCDataset.from_json(tmp_dir / "vulnerable_dataset.json") cc_dset.aux_handlers[ProtectionProfileDatasetHandler].root_dir.mkdir(parents=True, exist_ok=True) diff --git a/tests/cc/test_cc_dataset.py b/tests/cc/test_cc_dataset.py index 7606a921..4c988b5b 100644 --- a/tests/cc/test_cc_dataset.py +++ b/tests/cc/test_cc_dataset.py @@ -6,6 +6,7 @@ import pytest from sec_certs import constants +from sec_certs.dataset import ProtectionProfileDataset from sec_certs.dataset.cc import CCDataset from sec_certs.sample.cc import CCCertificate @@ -106,6 +107,7 @@ def test_build_empty_dataset(): dset.get_certs_from_web(to_download=False, get_archived=False, get_active=False) assert len(dset) == 0 assert dset.state.meta_sources_parsed + assert not dset.state.auxiliary_datasets_processed assert not dset.state.artifacts_downloaded assert not dset.state.pdfs_converted assert not dset.state.certs_analyzed @@ -130,17 +132,22 @@ def test_build_dataset(data_dir: Path, cert_one: CCCertificate, toy_dataset: CCD @pytest.mark.xfail(reason="May fail due to error on CC server") -def test_download_csv_html_files(): +@pytest.mark.parametrize("dataset_class", ["CCDataset", "ProtectionProfileDataset"]) +def test_download_csv_html_files(dataset_class): with TemporaryDirectory() as tmp_dir: - dset = CCDataset({}, Path(tmp_dir), "sample_dataset", "sample dataset description") - dset._download_csv_html_resources(get_active=True, get_archived=False) + constructor = CCDataset if dataset_class == "CCDataset" else ProtectionProfileDataset + min_html_size = constants.MIN_CC_HTML_SIZE if dataset_class == "CCDataset" else constants.MIN_PP_HTML_SIZE + dset = constructor(root_dir=Path(tmp_dir)) + dset._download_html_resources(get_active=True, get_archived=False) for x in dset.active_html_tuples: assert x[1].exists() - assert x[1].stat().st_size >= constants.MIN_CC_HTML_SIZE - for x in dset.active_csv_tuples: - assert x[1].exists() - assert x[1].stat().st_size >= constants.MIN_CC_CSV_SIZE + assert x[1].stat().st_size >= min_html_size + + if dataset_class == "CCDataset": + for x in dset.active_csv_tuples: + assert x[1].exists() + assert x[1].stat().st_size >= constants.MIN_CC_CSV_SIZE def test_to_pandas(toy_dataset: CCDataset): diff --git a/tests/cc/test_cc_protection_profiles.py b/tests/cc/test_cc_protection_profiles.py new file mode 100644 index 00000000..9bb47564 --- /dev/null +++ b/tests/cc/test_cc_protection_profiles.py @@ -0,0 +1,165 @@ +import json +import shutil +from pathlib import Path +from tempfile import TemporaryDirectory + +import pytest + +from sec_certs.dataset.protection_profile import ProtectionProfileDataset + + +def test_dataset_from_json(toy_pp_dataset: ProtectionProfileDataset, pp_data_dir: Path, tmp_path: Path): + toy_pp_dataset.to_json(tmp_path / "dset.json") + with (tmp_path / "dset.json").open("r") as handle: + data = json.load(handle) + + with (pp_data_dir / "pp.json").open("r") as handle: + template_data = json.load(handle) + + del data["timestamp"] + del template_data["timestamp"] + assert data == template_data + + +def test_dataset_to_json(toy_pp_dataset: ProtectionProfileDataset, pp_data_dir: Path, tmp_path: Path): + assert toy_pp_dataset == ProtectionProfileDataset.from_json(pp_data_dir / "pp.json") + compressed_path = tmp_path / "dset.json.gz" + toy_pp_dataset.to_json(compressed_path, compress=True) + decompressed_dataset = ProtectionProfileDataset.from_json(compressed_path, is_compressed=True) + assert toy_pp_dataset == decompressed_dataset + + +def test_build_empty_dataset(): + with TemporaryDirectory() as tmp_dir: + dset = ProtectionProfileDataset(root_dir=Path(tmp_dir)) + dset.get_certs_from_web(to_download=False, get_archived=False, get_active=False, get_collaborative=False) + + assert len(dset) == 0 + assert dset.state.meta_sources_parsed + assert not dset.state.auxiliary_datasets_processed + assert not dset.state.artifacts_downloaded + assert not dset.state.pdfs_converted + assert not dset.state.certs_analyzed + + +def test_get_certs_from_web(pp_data_dir: Path, toy_pp_dataset: ProtectionProfileDataset): + with TemporaryDirectory() as tmp_dir: + dataset_path = Path(tmp_dir) + (dataset_path / "web").mkdir() + shutil.copyfile(pp_data_dir / "pp_active.html", dataset_path / "web/pp_active.html") + + dset = ProtectionProfileDataset(root_dir=dataset_path) + dset.get_certs_from_web( + to_download=False, + get_active=True, + get_archived=False, + get_collaborative=False, + keep_metadata=False, + update_json=False, + ) + + assert len(list(dataset_path.iterdir())) == 0 + assert len(dset) == 3 + assert "b02ed76d2545326a" in dset.certs + assert dset == toy_pp_dataset + + +def test_download_and_convert_artifacts(toy_pp_dataset: ProtectionProfileDataset, tmpdir, pp_data_dir): + toy_pp_dataset.copy_dataset(tmpdir) + toy_pp_dataset.download_all_artifacts() + + template_pp_pdf_hashes = { + "c8b175590bb7fdfb": "f35ea732cfe303415080e0a95b9aa573ff9e02019e9ab971904c7530c2617b80", + "e315e3e834a61448": "605489cda568c32371d0aeb6841df0dc63277f57113f59a5a60f8a64a1661def", + "b02ed76d2545326a": "e88bddd8948a8624d3f350e4cb489f4b1b708e5f10e2c1402166cdfe08e5d32a", + } + template_report_pdf_hashes = { + "c8b175590bb7fdfb": "c7dbaec8c333431c65129a0f429cdea22aa244e971f79139fb0ae079d4805b29", + "e315e3e834a61448": "5f72a3ef0dce80b66c077a8a7482a1843c36e90113bd77827fba81c6e148d248", + "b02ed76d2545326a": "e4c2d590fce870cd14fe6571a3258bd094b1e66f83f5e4d4a53a28a96f27490e", + } + + if not all( + [ + toy_pp_dataset["c8b175590bb7fdfb"].state.pp.download_ok, + toy_pp_dataset["c8b175590bb7fdfb"].state.report.download_ok, + toy_pp_dataset["e315e3e834a61448"].state.pp.download_ok, + toy_pp_dataset["e315e3e834a61448"].state.report.download_ok, + toy_pp_dataset["b02ed76d2545326a"].state.pp.download_ok, + toy_pp_dataset["b02ed76d2545326a"].state.report.download_ok, + ] + ): + pytest.xfail(reason="Fail due to errror during download") + + toy_pp_dataset.convert_all_pdfs() + + for cert in toy_pp_dataset: + assert cert.state.pp.pdf_hash == template_pp_pdf_hashes[cert.dgst] + assert cert.state.report.pdf_hash == template_report_pdf_hashes[cert.dgst] + assert cert.state.report.convert_ok + assert cert.state.pp.convert_ok + assert cert.state.report.txt_path.exists() + assert cert.state.pp.txt_path.exists() + + template_report_txt_path = pp_data_dir / "reports/txt/b02ed76d2545326a.txt" + template_pp_txt_path = pp_data_dir / "pps/txt/b02ed76d2545326a.txt" + assert ( + abs( + toy_pp_dataset["b02ed76d2545326a"].state.report.txt_path.stat().st_size + - template_report_txt_path.stat().st_size + ) + < 1000 + ) + assert ( + abs(toy_pp_dataset["b02ed76d2545326a"].state.pp.txt_path.stat().st_size - template_pp_txt_path.stat().st_size) + < 1000 + ) + + +def test_keyword_extraction(toy_pp_dataset: ProtectionProfileDataset, pp_data_dir: Path, tmpdir): + toy_pp_dataset.state.artifacts_downloaded = True + toy_pp_dataset.state.pdfs_converted = True + toy_pp_dataset.state.auxiliary_datasets_processed = True + + toy_pp_dataset.copy_dataset(tmpdir) + + toy_pp_dataset["b02ed76d2545326a"].state.pp.download_ok = True + toy_pp_dataset["b02ed76d2545326a"].state.pp.convert_ok = True + toy_pp_dataset["b02ed76d2545326a"].state.report.download_ok = True + toy_pp_dataset["b02ed76d2545326a"].state.report.convert_ok = True + + toy_pp_dataset.analyze_certificates() + assert toy_pp_dataset.state.certs_analyzed + assert not toy_pp_dataset["c8b175590bb7fdfb"].state.pp.extract_ok + assert not toy_pp_dataset["e315e3e834a61448"].state.report.extract_ok + + report_keywords = toy_pp_dataset["b02ed76d2545326a"].pdf_data.report_keywords + assert report_keywords + assert "cc_protection_profile_id" in report_keywords + assert report_keywords["cc_protection_profile_id"]["BSI"]["BSI-CC-PP-0062-2010"] == 14 + + pp_keywords = toy_pp_dataset["b02ed76d2545326a"].pdf_data.pp_keywords + assert pp_keywords + assert "cc_security_level" in pp_keywords + assert pp_keywords["cc_security_level"]["EAL"]["EAL 2"] == 6 + assert "tee_name" in pp_keywords + assert pp_keywords["tee_name"]["IBM"]["SE"] == 1 + assert not pp_keywords["asymmetric_crypto"] + + pp_metadata = toy_pp_dataset["b02ed76d2545326a"].pdf_data.pp_metadata + assert pp_metadata + assert not pp_metadata["pdf_is_encrypted"] + assert "https://www.bsi.bund.de" in pp_metadata["pdf_hyperlinks"] + + report_metadata = toy_pp_dataset["b02ed76d2545326a"].pdf_data.report_metadata + assert report_metadata + assert "BSI-CC-PP-0062-2010" in report_metadata["/Title"] + + +def test_get_pp_by_pp_link(toy_pp_dataset: ProtectionProfileDataset): + pp = toy_pp_dataset.get_pp_by_pp_link( + "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0062b_pdf.pdf" + ) + assert pp + assert pp.dgst == "b02ed76d2545326a" + assert not toy_pp_dataset.get_pp_by_pp_link("https://some-random-url.com") diff --git a/tests/data/protection_profiles/__init__.py b/tests/data/protection_profiles/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/tests/data/cc/analysis/pp.json b/tests/data/protection_profiles/pp.json similarity index 100% rename from tests/data/cc/analysis/pp.json rename to tests/data/protection_profiles/pp.json diff --git a/tests/data/protection_profiles/pp_active.html b/tests/data/protection_profiles/pp_active.html new file mode 100644 index 00000000..cc3708d2 --- /dev/null +++ b/tests/data/protection_profiles/pp_active.html @@ -0,0 +1,965 @@ + + + + + + + + + + + + +Protection Profiles : CC Portal + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + + + +
+
+
+
+
+
+ +
+

Protection Profiles

+ + + +
+Statistics +    + + Download CSV + +    +Collaborative Protection Profiles +Archived Protection Profiles +
+ + + + + +
+ +
+    +
+
+
Protection Profiles List CSV file generated
+
+
+Search: + +
+
+ +
+Filter by: +
+ +
+
+
+ +
+
+ +
+Number of results: +
+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + +
Protection ProfileVersionAssurance LevelIssuedSchemeCertifiedCategories
+

+expand/collapse all categories +

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Protection ProfileVersionAssurance LevelIssuedSchemeCertified
 + +Access Control Devices and Systems – 7 Protection Profiles + +
+ +Korean National Protection Profile for Single Sign On V1.0 + +V1.0 +EAL1+ +
ATE_FUN.1 +		2017-08-18KR – KR
KR		 +Certification Report +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Protection ProfileVersionAssurance LevelIssuedSchemeCertified
 + +Biometric Systems and Devices – 6 Protection Profiles + +
+ +Fingerprint Spoof Detection Protection Profile based on Organisational Security Policies (FSDPP_OSP), Version 1.7 + +1.7 +EAL2+ +
ALC_FLR.1 +		2010-02-25DE – DE
DE		 +Certification Report +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + +
Protection ProfileVersionAssurance LevelIssuedSchemeCertified
 + +Other Devices and Systems – 81 Protection Profiles + +
+ +Protection Profile for Security Module of General-Purpose Health Informatics Software + +1.0 +EAL2 +2016-09-20TR – TR
TR		 +Certification Report +
+ + + + + + + + + + + + + + + + + +
+
+ + diff --git a/tests/data/protection_profiles/pps/pdf/b02ed76d2545326a.pdf b/tests/data/protection_profiles/pps/pdf/b02ed76d2545326a.pdf new file mode 100644 index 0000000000000000000000000000000000000000..9d986ad1d052b24dfb8ba7a50ead7abad2d978b8 GIT binary patch literal 1210078 zcmb@tWl$tdlrG%BAcMo;?(Q}?gF6iF?(S~G;O?%2OXKeD?lkTU?rxX&-QC!YxPSJ3 z@tv;7$T}ypD*NetvQC|oP5x6vjGmc+4VJvGps&5Ju`dUfg@}pB&d?H;mzPn-#MaE& zoQU;PqsS;`VeM?<$S7uQ;A|pdVq|A*!p{%u-W6}g> z#@XBY!i4HPrtCdkL9Frj!jU9Y!=_WAUf@-+vREP2m9WZ zi4SL~JWm!TsSj!%E5!nolJhwb+(FYwvoUzsHLLqD9w;7Z=cm8TpDEO^=uZuF3Ma72<>wQ+wkE_2!>$J z@n+k&-*7Q@M4OrZmDz3kL)23ypvXbbYu}rm+N=J@m`oSF%UUzGT85?MF)kCSyGSTh zSd^j9?rh9ASt5u@A7H{M2K%+dRcuf?5RFmDo7{cC`Lcdug33LSfjLBF^bC!d*PdWE z5SATo&fHVUU)+Uv$Ef&;Dyt2Ju-;tXpMoni1ef-yBwNgPt)8$yzd-QtPYlySRV62D z4IUz=H1d;FfR&K&K7QQ`nG^m`P@f_c3(PNMO)1TKt7CZaYJ7AFVtafR7tV~u^ z=JYkRwAzE-3m+o$++ed}mGRHiGxdx!fk&&*#vY04Sf~+CRG=lJvOm+zNWW#*wGirH zh4_SX;@kaSpzM4bXSvBO@7Mm#v(+K;cdj zPg0Yi4Wuh$Ayx@a6%3Lw<#v@hJkvPXCkjYi^u8}nVtX!Gnj3wXJQ!Oa8{bBr|B=3; z6XH_`NSO&gq+*cUtMq>iXL}jJIA$(abb1UQ93tt9zK}6|Jz~UT=HP%eu{Hira(veQ z;S=mXH2SCVo%3JozdGjc|IIdK4|@|vb$LTe6C-CvB^N{If6gUs49rXz)hvuZdC1Jd z!9v6+VPaus?o7nY#Yw~{WZ~@e)5KBO&c@!(*2LDC=u;1rin-8VUv;79JiB77h*p5fvE$5d{$r4jBU(a0h|FQu9;GYA5g!)(kz(aiYM20~A{G!LP|84*OPy>sZG!s(Q zZ`sbOI4Y+pdPBeyn_RQP&zw^;!$nZdV#N`*X3^2Pu}RZ@rlYrs)pcZ>wBl%!^7!sS zO90sdmMZz{|LLY+u$H3}rd=(aTzO-1+&7{|eOU%J2hs6ERfukci1_67F0M1Sm9Zl& zb%IY?#;_NMN!^tm>b0Q~Eiq2B{8Oot$1z^{hW7MW)(aVyEzzQrdy*-?rvDiN*i;AP z7@qB1J)7^)%~}J2R9gi6DO4{o@S$(0zev`ODE6u6aiV7LXGasgdeSRbIedrMkcQ{s z&QnC4YfOY%U}sE~?<&vLqY-`$Ke2KR1NF z(|4I?4`>Sj01NvA5JDq(3d?_3fn;$4{(|mNj0>IX!Vl^T;fV=Bj9=kyGjBS?)s)2? zAox*l^mrm{UDoULJ;$}w=Eoo=M#l@|UvtOZ-BSAf5xGQ4%?o|Pxb#`c3{jnD8-I~Z z${CcPlqJ1hTpO@hY5ysouOr?JOKFwX{Bn)(EBj=ir`F^R>t^qkiQ&^2zp`QP5v1Q$ zKUb1kKzg2h)v1}kvoF52FU+o0dKfNK96WqmNbD$rW9oDMYb8s zGfMpn>97NT4{@;*f@tXm>)M@1q1l~_d1sXhS~iP3RCL!(t}dp2jP9(rueju6nW>+iC+IBPzpL2JuWAnUWuG=zx;7{t+FZUx%{ECV zcOAvwTyl?OeWe`F5a&=#$buZLe4lNo+bwKKD0=e_0Dh7~)Y4}CCpFHht3|Rk(pcs; z<6ri^tf2vizkm7iD>!r<7iZiUCk~Zg?`tp-WE(AHt31^stK31`;b#dO7Oi~*cYDLB zCmhVr<4LqCtGWhi%gl}6`jj?vVOl(5YTI^Sn2hxI)JHc&4ye&DZfxiTE6tC5)%KN; zU1W<7kB-0~LS^1OPt(@CIGSsvPW%ba7WtWqa$Dx%%Tn;UDpza0EuWIo-r2jHzU8v%3fAXZWmsiTy9(q~?iV4=9b9va=`^Oz z!)1Mmd+Q$CRbPnl-f;6TcTF-YSl_#JyyAHgP(LGxU93u51};nOsm_)xRd}VQJiis! zE3tJR%`5!GUCq2VK8k8t<<%by|z+ zDt5zkFLeqLvBF+HzKGW2PJOLWX>bpItTzM|RyLMrkzcer+?7yrc%z*W9`MU2iFrxv z9y~jX#jkg65O4g)B83;Qv=*@aX8XLHeqre8i|q2W^&f_R$}e=&fTavX|G{dXch*N8 zF{{Nfd2}v-PcV(u%tm^6@5m7e->2 zi5B&@yF+DOuXRG~cWfsUg}TCBXH~`@z3ICi$M{1UcZV0T=X1SyeWDYe>#)UL$D^qP9EZfKX z5EYHOmElXPjWsS=iwp2M*y|y-OHHRf`eud+*_Wv66dfgQQw(#(4HZg$=Z=%ZtuyW$ zZlc#_8n>x9Z}BY}MfWapJ-vI?d|QW(#k@CGG-^=>jdpw;%(b2a1T78B9=gEM)tuB{ zFArD1l)COIw_iuU{sjtA@Z?mDngr8PJxhxvI=W38nUg6YAq&6VjFiin`9oWmkFFJ4uf??-U8+9- z4tu;0YAc=JOacffh9U{abourTkr<$pe%N`oZ))7%2UQsA(qioMls4Y-b=41BzLg5L z1SOPn28O(^hv)>9$1ZWXb>lz+%5WAH;ge#1}^04$>asC+>$4zZqm*qPuzo}_Z0lNi>P z7jVm8yQMUmPG3bWVB=cN-l*sny?e?^b=7s6S-#)vWev->1d+5;`Y}T!(cg+oyuPVI z{rVRpoGx>#55T}1F4>+)*I#e{+sFUV|4#t_mv#2{?xhbv=);Q14*3T_av!O9_%zf{0>{JCk}IwWXDoc&++`2VSy->0wn9T@-) z{^?zUgG0lBLH^^9LVN*-1cL&gpnm$p&>YAZ#3XF&KZr=l$eEab+OuL(u!#TC|8zuQ zKAl%ENbnE9p6MnyZ}O20OSC)H2S7X+GTsSw&}lvT;`ST7py)i`;K7S>e^G8*GkM%8 zyBfXH;>9WL`Fqx{y@7|mQd7?*elqVmor3uiY5cs(QvYV~@)qlcrig;jLzPwGTPr39S zwTGT@L)i!5{bh&m1K{tYIvhsraRr8_R5=vZXV=h?K`ry`_@QQ*rZXz!<^vG?0ie6t z5g%huKas}N@vct8v@PFW+}4FLU-hqxz%p36f2O%xT}QkgJHv@_%X{>=Zt9;(p(_qu z{3%@3XNl5xteTJKBT8+|7$jpAu3n@jg>a*w61(afd}7%kG}vTbXWZ+4-Ipv2W4a1V zVY-K-WT{j0*u`Lo%5k>j97xdE+B9ySNKikZTZ!x#PTkwcA$z(SSz(Qq+is4I?>=Xd zxy8*$3Xk`)ZP5C)Nk~T1=tXH36_w0Vv|vRlZ{7wwy>8>pwSMl&*s`8XwtBW7dFIAX zXX_dp*i_C)@Vz{{)W)@FKxMUpZs5kyu_TDd7DVD=>>N;KF&6=-r!)zk?e^fyJ6Cvq z-13lb;xQPuiNd5k#n{7KEDstlER}@d?03h7Vx3ad-W^`6i%}SZ%2qd6DV}YKtj`d? zynfyfr0wj~IZRr`zq*Oas;Q~AhE$;SDZGO@Khf`kY~$hgF{$BK<_qKs4qH7An^LvD zSxCt)=%9GoopLftt2g^=Xx!s~VUh;lVaPJY+{27561#P&A?8kIZ;Blmp})t_xpB_C zKZM;hykw{E<=^ScmDHET>VCkbVmZe60gzgMTFlqSR7~BQAP?FYmfpJZ8R;)i(fF03 zm!VP#lS=he{qA?Uxu0#zPN$<7&i7ll@lelPv&O6xq-?Ev>xDoodxd6`(^*(-fcvVl zs$nRm?l8US;dTc|-iWcK9ka=gSU~`R|~rVa?Hbqw&R1n z!kO9GT*o(b<@`s}NP|}&fGrtjn-Ep`Gkf!T~J@Mr>6S_j4i6ZOkxQNOqA@yPK#C3w{DL4~H59nTI2F%O*s z%?fR&cqq(oWiEAJtn*1^CPXv7GC(%gV0^8I5@p@m$&t(I;@cn(mt9XheuNjucNfT~vXT)2%B;&mef5lw)8wsNt8Kq&jKx(&sd( zG}_qMx4H*TELKcsXPB?z65eL(hnL%9T2392&a1@L0i_|v8rf1y>U$XP=&pW3HL?nhALE704}b?WIXqIX)M`J6a!FlX%6u|OreLsD z^;cO>HdCRza&{1fK9u=V?@ne7R*;>vA$dVE9~vDP>~+sj!%R#hEFe^6{7@DzY*ppQ zPa0zSDRCIVvSr|aX0tM~fCDC>;yMLsp&I8S9tAYI$r@59ds;0TG!;gRVM_WN6B>AW zTX|D*e>4w(&`KaxzHmj0Xw8MY!_bO4a?T7PIZi`?zX8WV};iP+~gUkpbCocm5PxHe96K|PaA(Wao715 zR}NL@DWc{%Ni2OHO+&m}ZMcoD!t4$XQDK=!%WzYU!`JCvs1Yz~TkcCKSFWPPa-?E| z*AKvU*BI|(m^phX)hUhQA8Ch5mvY(U&eXrnJdhlA89-Od=ORm2hvd1wxdW0gX!22#^)w?9ZmSBpLtH7hd}7GCu$<=HO^1c(lF z{KV1((tHwhs4GuWy2`qxE*KA*16X{=(*7qZCt((KOG-?;Nf_{&=hf0is#oF!_+
  • z3VIr2Xp(J0gzmM}!O$QQbG>ep@+0(o|lA$oB666n1;Ex=r zyj0td{b`Ln+cC|?90}cG$qm#%a5g%2%ne4JDlswn#?3hdBUq08>`AhBr-%BLY6;So z7G|JKw*W~O*?~@LadaTab6AR{45{okZBl-k8Ei|zCB(Wobc}wiU{pwYVtsrRA3M=0 z+9tsr+YO(zSy(b2tvI6IGDI`$_w))Esr$XVV9puuk>!?AlmZ@%D4zudFsIR4WA)rob2eNwq{&=HMC_ZLZ{dd=GdrOn~@rZaMDfUc@kz* zX+<~FN*{~~^AFTkuNh5|8nSejc|52ghkb62#RPOXY1s;6uFCt7tI^pV_T5BQQ|xUY z5vPaEW8I%GBLqRM%IK|0`?C29X6;EVtQA$yc5{hUz63}E6*p!jqL+!5izz z7E(4D$@3=FZS>TV_2G&6D~g3QtHdRz(=DZoqd{^Fs#2PoeAai)MvF)YEMw{>=~d;6 z73*3v>T)ljh`VAo*M?-5mGPM+pI@8GrL##cx)W8&yJSn}j5y8tj&5kmHnfI(x;qV8 z_~KKQHI-{Codeji4I2u{vrGE)JISCfLubW9+zuVhd{4Lx>Pb-Ry#um5eIu!*#K!VQybfp-dwi`~Mj3fo?; z8EpV3ZfxJ-R)+;&7ND5)z6+ofIdD&hpCsV^3vUIg;t0?w>qiWD@-J0RaAOe1uQ0oi zs6if-KyxEGi9!52@*^+Gu?)cg7CYX)duerdCH0hCN1`xnDZ0~)GDeGsf>H3Iuf?D>bUK0~tvX*1@A;VQM$!e&|3J_4%f&MXMH{mnyeu2g zR6#)XE})kwz+zzRuI|Y$5)_DDOo$5&+ z)mr$S&D)fmEOWn4C(OUTRCmj-IzB&ZVCM&vC4hBTABeMEP>$Ic23Ca|T+~`kVd%vu zmlv^O5KnU;jjnY>dM}<_^31`CEzh1b13s%nJctqLq{<~^{Z7#7fKWLIMx>JhuJfmv z7i+rL3qifRCFinU{qc&m1*&=0U52KluTD$Lz2#S3W+*n%t05-F&_-43O{D;85Z8S}!G?|E7mBSNOVL84>(?yfen3_U7e2TOlu;$bg4(cyw@-ovYmNxvZ4k` zZdL$7ZFX(Brh?*+3=>_<+cI^M;V~(F^^wGa4TnrWGvR>xVNY)I+{)oDGaTvMVR^D8 z!Z7`qA)K833wn5GC>Cqiw`2@fgdmU;T`g~%=O~7J?=0ZxH&BTCM`+p``Qf1^;n?RB zH3UU$bPmhDfyS6=xm&TfP?Aya#Eilf_{d%jSC1dI6IEggA z8%HuG)V5Y~pGQxvQ10*EHFuh%iTWcYg62Ly@EeT!*?~C>g*t1f5UJK8T1om;%P@ef z$~3R1_GmN{e)>1Dl_g-PHtQ~4v5eDll=TFOQbsh+o-P&SuM1B{z7HOxj#t(q!F9=4 zJKZL)0c~rBd^7Rj@RoJnzv@d&y4(B0JaV)Y@ePalzUJ4Cb_yuGXYzeMU<$|?Lmflt zoFs*uSEP>JzX)%ppCj+7tdZTzeBE-|^{h2DSuc?C=}MyMG*XfoFtadk2OE!Iq!n}t z)8XeEtAu;&|4J?^sG-kh7VK{Wc}RW$P`P&OyC^6Q8j;A0>EU+q4mW6yd_bQ+j;TA* z9)lBzmhONq6?mii1zIE0C#_#}ijFn(K{$=ViO{hh#L+wg!=D*v1RuQ2TT|8dySRj$ z<;C(^Wdf-QeU+F9N7Q1|E}3|ob@z_fM^CyZFpoQ4lM5+d_gi(0q!b0er=tl586H9y z8{$n2eo#YW8>D!-qGG;3CXzU{5`_Q>iy!tI)2gke9GDotd!IN3hcZVbJuVg^u$E(Q}3pDZn zJz29}wVKaOna4@zn#-i??@!stWUJd^YaHhamjZn!*4EEehq}q)#~0Rx zXz_ITq3+*%GC7*p`vAAWD&u?V_N@C8(9O_Fx^QZz_c?2SswGvmdnbX7 z;#|f*(L&ozuwb#rFPZH-Sf_rXT)9%{G8Jh-DU-aSJ2Q>N2N zowf3N(*oiqqWesbmo6%`XyMp=T10JMTPivLl5s-%SoZ8u)s_)4~Yp#dOR(LTz>!_t=M@?_gEaO1=cDM0UH>) zwc~&H9ESYeWA~jM*}p@++L#UNDrGcyaRfFbe+?VRuH6|%{|#&eFw{c1e1`K-^&ZEx z&A09M&Z7Xq2+jo7QfjMZ#`ZcM*BCW7aV5K)sn>E@PWr_CKPkL&|N8S9vP3SaDptFY zJza!>Yo0LK=)`aiFv`%W`>d7fP_spOZ^5Yb;Zg7ytf$35#X9UJwj8xNp??58bGKl= zr#*-^?-enB=^;4FobW5zY~Rcs|17LP2odX4-q&zv3%zt9|&3HHG906 z)%A7x^V;=}%RK1uw`V<3HH9gB`LL-xTdqY&NV(zWfSNWxwV<8FvwtO}o;0)veW+JC z&!V?M@CFu~ca-*!KNj!y&kkP&SqmfPgh=fWcG$W(d)BH!Yfc3eQuFGa4R@nb2B3R@C5Th(PvdLN=JA zB!i5X5Z4|W;8CR8+Kb)So+eQ+M~=ah>GKLqQkFMn%d}jl?4L;&=35yi3P-TR1W89n z^fDx5z`*3VQ!Ve6a5m>*Dm>}rn$r-0`);)R?&R?2J)MVUR--RwxpaZ6MQDJOXNR2r zg?G$1&Z!;C4*=YIrr8y{U(g3Yj`cCUtM>y?jQuLBx9v9XKa=7DVDByxGZ3pQ)7FND z>@|{KNYJ<8SD?ECLq#-EFw6J??FFIMkyU0U@>X%tJ&(1uj3oyS#`C-5E*ToV5QLB) z$&7DF@|UAiJ9IH(Oc%}=*h=GDY3532)M#hsrWcZqw+eE=E|mtB2U^G^k(Ec?xlTk4 zw~U(b*>ARecn*%e@wcBmyBKHkm$QHss{LnVkpC_NwL>BwsiZ-LD$5^#V zv3w^Cy1mFKy>tuNKYr~JmrW;9EtR+z5*DS{)3lz!@J0h6l_p;D+x3u1B$Z=IeE?+Q z;$mMJi@n$71KI@`)%Ks+w#LVYKV^K_9+t<5=j=acio@VBjbasKm_3-vn6{zK}5efP`YzHy~xRcW@N?7k==6;Qs*N8#_}o zkG#aWeE{;-uc=w~&)uLCo`@;-npj%%RoBuBZzPTfpuIkX!TqB^wV>$%vdrPmf- zGad~SqvZNeP5IPXXlokp#frt6&b4#k)n;Q`YElIzNDTvy`0uK zYN5^j5gm5OYar~=isnfURY(<&qwk+Pl4xCaXf(RR=C+x=r!_ncxfW1~O)f<>c8e=& zCW)etST+YCIbkNaQ3UZgx31&zjTP!RT-_FO_RUjzRn?7jAK4RM^k9nS=}-kc#l@*7 zh@uO3L7o}yshO;jp0MzZF$_09kyONMilg^b49s}mGY_UE%-dlukcH>1if4c2W_qG{ zw+Vf%a%A-BKQTPr^gmldDn9a7gBkd%XO_^T#w>ndzHcpQ%dU;}ZWBV7A+fC;tCiq9 zVJB(WVp=xq4q5_i#n^f!A$PyTe%_rhfTkek-cm_9eOmSfZTTZSkevJS1 ztFwLFs&ukDt-042P#A%mP_1i$y6M6U~2(%JCvSRF@RBOLTr|g=xVjAX^ zRm4luKRJWvsgn>~N5JX$$5;Sxtn?1vkBhJx94EQaM(=hPt*Ud!{yC2O?H`H4o zGBg&@TWx`cDCvcW(b*Lw#5%TuYOu+}Y^G#12$Jo7T&RQk!E*2=zV`u>QfYAG__UWt zN*nL;N6D6+l8rn8TSv}HYDoHbBk<&XqO0Ax9RcC`UvU*jEKbjZu{C68xG}>Y0H9{y zj*)-hh#9oG`(ht@r276d2fZDS{hu&Nh1{_W3!hb020R9OlSK6O8iMH)Nq!2IV4{4F z(qJUiI+kPAenS7!z{la4JT4uNfPF!S)WWdI7Hi2z*nat-B-7BrK9(m{+%tg-oU}iN z@e;jEeW6`AaY-5uGotmkkq1xR9q_uOD0ThyEMk%FbrGwZg_2>>&e~c;t98sgFCg(< zrQx~F`l4ugN$*1@t$E$3@KybMc#-SxVI33jyjb%d(f-z=?`)lEVd~QMI0={NjlD8; z;=LyyfQ#MQ%jYqw3HlaFsQ~@U5`nui6nBtJQYUs)79K3$EZS z>0aeeJOtf4iKs7NXIb<*IWg~+8PGVS;2)tsx4@*nErhmy0808%{4SJv@}HUa z4;31M?vHEAfC%YF zcaC~K@jF(J5H4@|dm-m#n+z7h~d z9((+`5^$lC+a?5t*{GnI(G*)jc#bA!MQFVI^A70OOmjg!wv!iNwtihfCICAt|0HTb z`I=Y2BeRHk9v)|sz#Y^DCL@mfbBtpt#l_}PVS;)qfn-NQcII`IiosMxd2w^mpI4iS&2niKaDOGO?~C49<$Fg~AU2 zY>ZhbZAIl((Zjmh?c$_6!f&lzOYEAz^2bZp6_iUQQGPVb(83Z)5@F%o~Hi^7yu8U*m-^Ss&bN&FMR2BW==`KYnN zw^?e}<#@^o1Z`{zj|zw!`d+d&7p+C1uD^lLL6B(vcDSml148P@@k1$kh-lxCk303P z9)6ly1)neU9qrM2birPz?xj4yZsh1eqG@8FeujHIClJVr!@71QAk@>-)%S*v*|7pF@t#adA--myhj;L8&ZQ*b9n-^B0LM9X-yOyiw9*6 zYBRjbMGje{O9;Lz%)o|L`(?|0=<=6D_V^QwK}r8>Q=kbTV^oDJzG)moHu^qYxG zwEWp5?`|L(L3Rcg)U5|pmy1L76GMz0gsd@%K0jIu1?cEB_noAv23Pu;sw>Gq>8N8p{6518qlt4QlLo>vY6)f=;Hk-kXnZh%< zi9UYHItOm~kU*V0-hp;5cg1FS2sltsOyAy_z!{70Rl%E)cT{j6Buk1?yNyI~D0+b>;4-7oHK9jKdzkdMLalX@N(c-4nK{ohpZ^HLtYbf zDpQLj$@*(dT=;ebOYEC}eJRs?l6{(AmH}ZMM@@&n+gS5sLokfgXvxv;E4pgqPW+uh zrp!S03oEHs)UvHkKLN=%l zV)9@f;jK3ioJb@RZ8N#yi+#unX>#-S;Agmgw^F8cQSNA8QKGLo-}Ti(!YARj<8Rgm zo?rpsaVD7p{IyDofl)(?K5R~N+2Np}Z_lnyDW?3@Qoh#0$vhMUgv7pAg>P)bg={bh zhTn5=1x|7CfE@h|JmWabXSB>KdT-~%WMtUrpJuOF;LPnjUAZH)*L2fxm_ltfrsoDV zPuJI4XByT}Hk#Z9f904ro|6M{g8kIT({5jB=@jTJwzaxrxWj2LtR9seg73orgm%I9 z4Xq}dRw(g+0?vWCRU5a07$oMSL$$7VBNQO(M1b8n%(*KHlJC7 zS9aoCuRp4&-Bg43dO{=8G9P`P`*XSXy5T0aotiRTOj6mUL7Y@Nks`!1c=E@@&U{t; zBv<%V?ohkOLZY{?EF@cikbo#}IhA++9Z8)!#C?>5=8~R^J$gSZbx00rj%6?*(u%_v z)mCM(UTYhBP25lhwKBDmfx`S0riWvC&uLvrtlePe@QKEJn#6sT47)gOzgoUz3a_Ur z?FRZLVV#zLVMOzyE&+SIoADk(^CAY9$#@7y@^kSU?g$z}Sgf0&oN2+3YZ&1aRtIqq z!o6^?-4?YME5C%n-7+XdVQjtIJ^f4$l=TJ6JjE;|(q$Sc=m*79R^H)tXG7>|T19pL z#kQHPIB4lz>8fzR-*&p&Rwk0?sQ2(ezBQPqHve{Gc))uPY|uSM)+45C|G$YFn4r&@ zAbNQt&JB@RZ;hpQi~2nYeY3T&!7d5aVkc}3q_PISq4(F-W69#yuIg_ZnM)LA1amc- z5>n)Ew`Xc1%G(8v1&wBK_xEhN55P{-u1r)}3!I(LQEwJjFnK%Gj&U3RjAozUAh71x zr+fjlA zkmxn(p9)Aq6gj>0`GDi}D7D2jLXQss%`FjuL`K)*ElgsWmpmcHW%-W5D9KaPRh0&C zX}EFQXtq{D5Pn6>Yp~YPU^Q&S9tlN8EUAvp)hxRGn2Xe)&ekuB)JFCc8VbIBBdAn)6xfC5MZJkzk2ez$y%V2yZI1slR6>Y=t)-PKB^AdGh3F zdnL^!g9TNr3Kg;h;6%wl-W=xVWwU}syj~dg0Q%YS^$Cp*fB0IL_ zL;8BiDsc2@kalI3H{@62Ei_!r6~$*uPib>`S|&48dtn$7_fH-sq`99SnuI zbo2W<_Tt3M@Tp9-t8<<#4wPEyRtVUZ)s1Z0C%?~y>biiI9Y`Bl$Ts5TE}b zk@=dxZ0J-ea30z=Z%gl&8(?OG@J?;iwUyob{Yg{AC|w0@q3R^#@FC7h6}V+xqD0K{wt(_Q-|S9ID0#!GZau9~)g z-s1_(npi(J?WP=m0Nk#wf!~c>omt=!@dMq)ZsJwR!Pl#|(s%(J?0;DYPgYVzroKdW zadt572m~=&2oo%!hpY_>iTk*llJ=YXorvRt)DLgDe4U^v?v-Bob?4saC@*m27r&1% zd}IB3*Z@R=?|q(=4{jvkXuMUX@DIH$xRIA0pY;r$yo28jmEEVQ`;3vAA69z#fm^ zp-&wEHzRVN+tp9ug+a7o*K(N6?=vW389m8pb-n?Pk;N}x7)PEz%|0K-vs#Ve8JBHV zcG;DHnNoh?$9>8;3F7onGRUxE`^(BL zjBOn-m{CuX!jG<8$AlB%Fq;@g?mmT$L7L=!q=RT;U@y*n>fDckpFQ^hSfM}v06bSt z4cv1ZT-FK`c^~B(KRA>O5~q$(I#MmMes3+fHRamna9?+%{Hx0 zU~7s%>mf109G8dfBRf^8L50bmeXv~KIRK5+t!PnyM_+D^6!QT_%6$`JpNm;nx2B4% zL}85-FC*I+Tzt6A4~&{z6QdYaj+(QZEbOLD2n%DaUHx_Q@E*+Pnsc(IRdh$qim7#k zy<Bylyz*@kCCxk-_ElL|Ucpnhg~7VDTCy+I%$xmvPkZ zzEmKZL!_1TyiUtI%cgy|<1-JP4?*Y*sg=I`6`c};OHJ77x{w3*sr~(V3xo4PIbqa4 z1sOoGTCXsuUt#2Fbs<(+v@5%MB0gj9KuoX-Kkjqzdxz2`H2T=WFSvnZ>#~J>b~$Vy zgrHb+(11SuDX)o^03Fs)LAw`JTNy4ZQW}hM0olw8RSyibPUfMy0&*qe&G0tX?90Wn zPk)EIEJbfCu(FJyWwoxqa0FfryQwZth^AigS;aO*nXFjd|BZk4sq<8yX^F7I3GQEh zniqRNjuU6Lgl}rbD9)N64u7V{R#ZxAVaJ$CO;^Jyot}aHTeD~lN@D+V!xoQ7TOoAT zzj+1ZK1oUqZc1Xf*ZeXyrG+D=wuaX!rqmsQqR2q8O3uwAKm(#6lZ-t&u@!|vga=w*G+lqfiFS5QIah-qxAMbDh@^27LU^=hH zWJ!kh6)A#JSm1jE=i!u(h(N8GK(M^gK>z-gJZ+CV$4=S7&dWn3PnL3n>tASy1jmsy zRB`Irf49{`k{0<2la~H8=z}E8gl0~rq6~J8A()Nq|5CWjJK?kH4KoLol zenXAlcp`ok(JANg=;xCc78hco930TD>~VX zm{H%C);<%+jXbWjX|Jf^hE=mEf&u~rGt-x#f zlOQdUx&X5{|N~?eT44WxdSr zHB(STK*8NF2WdJpl1yW#U$POA-(D|@RXRW$gHpTf$l$8v(3?$Bq@o@Pua91$d5u>Z z94s$$%~E=cM7^1|&1Bq<#@OFzId^?@O=~o-ubM*tz6oqsXFZ>~Fv56^Z(hxGkyluC zo64@@S=m2vx$~GH$sH8b^6k3p$m=E__X>}Cj~ONT$kOX_Oz|y18YQzA+pW?`Z(S0N zzIh~B$n)+ppJeCf+DXHO(f|Rm&PAmh+ta$^ns{+7mwl01<{_`GP|l7eMgVM`O;8U` z+=1r(pCF$^%j5(yU$pUSG*mG>la~{eppM1W&zuG(aEhTDGYWEeHUmCw3$&cfF|Yg^ zeZ?@Nd2!-#aaPd6*kANj@B?sMbJTMWnobyeo;ReZO@?3;tPo-P{Fi_pd6PtmQ|0*A z$7`S@g7-ywQR2!d*JVLJE=^-_U1bHhdx!`^4 zN~AU%mivwcfqI%x9qIlX6C#Lue_|Q*$Lwg5q=1TjZ5JgACbwP;R}fJKNv8BvdqZk} zXohFmn>qegj<)-gjE|Y%RKadKF(tI)v=K}3Ftn9$R@|24M;?wkqg_37CE#gSX9VlP zP6Wxc1OZX+8V0Jx1k^N9Np?(myY(3*+8!M;hXubkh|*yN#fxBL$24fnvLT$&^U8oQ zEdM(+*4fW*_&o|7~`6^jxm93vl5^xfd1xQu|d~J3g;ZH|Ng^#jdtYPP@ft62X0w zteG=QVXd_7a(d~{8HXY~FlHu5-!IFo*OLRiKh3_UiWIR4NN54AfX0k9db9We$Qc2- z&pRvkqH4&0`*~mF0-_)^O2|6*hjbU z_U;e(*GHgd2ysQInTyhmF?`3(Du{Kn6*ahYtZf@gKh0z}^ow#0hLtoj>*tLGwnLeK zcctCeoSlmKI6mB{85a>a$KZo{SXkY@0(@0|ozdCSB4vZyp%LxFZTtC%uViKLekF=9 z90`S5>9hSztDDt`)2Vt<+iAas_Kq_>uF)PuWrTEXt1GSC7^uO8c)!pw@f;4`L0h_7R~M0! zf_U8{_FNuR8SA}-%=ZQj0ov7iBvdyKs;qUFSecZ$hF=%;S4E(sD%9ns`ljNoNui^~ zaWFmr6m2}{(E|q1c`{YCzc{qCQC$uT4ZM`OtqlW=l~y_*4t3(f#YMI8f|kF3Ti?C} zBAL5-&xnWhfwN2^Dk5<8GkyCb2FaiG3D%{3rS}1&}<~d znspWpDJV<=lElvxlHm(=8uVP;espnv|FMpMOW%#rB&BmX5Og*hMfk^7B}3WX+30am z|A2TxTr(BI5vqX^#CF4WxxMlolwGue{`WnDg2v%bl$^9*4!3o)1RzS-H2o~&zI35c z*a9UKOO5K7_8VqH^6t3bog$O+Xrq%sMGUI1fD4=~SqO(KuO+%G{7sD5{4=#^or;F%!y3}KPzyLwFGMq0K- zjBB53zN#R$kQx;M`|RtH;QSr1%YnVkUarO5l%tCQZDIgAxW2j8$14Nj#s0E5U3W^1 zZ^v;CD4FK6R3Tx6jm@TSzI>u9K+<1Whmzs!fVN!1K0Euli&eG@|Jt0r13H>f4F`lI z6=fDfZ3U5dQ+jZ3q!6o@BvJ<&XtEoeucEl2s)e&JF$g)Fd>d?4Ru9W-Pabh(M?ZeB z+m#~2OXa^J$ITfgi|`e~|3Us_rN^|bbL35AE#jgq%6 z*>kHj?9WOKP8S`eb1^WsteCVx%^R7uLD!|eBLz>$JmN}9y4ZvVN9{dtP!wdU+4~d{f()OO4!i2n(^p09M?P+YLjDq(H^ixThf{7 zv>K-qw5aA+*q6qY{|{;J7+uTL?f_?%3o+$=8mc zT$((Kl}AFSDqMXKC*zT{`wz^AN5X!RuP{q`9mr#lW$QYT#sIUDbiBwo_9oBj%`zW+glp$2eQfRP*#y^|-XqV9F5v?aKcwP}pY6t+Ia- zAP#d{u|*HCwNk1BhuF*DQYU34l}g_}NNcYxhyGTjhkR5(IGXF69ov{RST5cqF2%LX zHo@pxU6jtVv(c?(Vt^A7S%->r?nwL={@#J4H!O0X&haDRM5?7RmM1a>qPehC+NU}S zq`l-%CSkJQ)W>Odo5ZG#vJ~mtO}WGpJEs2qP}(*P_~6*zp-i#vxriGuVdZv1GKkN% z86*;UN0oALGuuo*Tq&l=%M{?VogDsw$O;LgMR=Y`F}nQ5q>8W|TB`(G16C zRypQ`47r%3kq?6Lj#a~W%T(HT>j;j*3wiMJ95Urj-hOjeY}Tx;9MGdSS;s+kX1nDu zZfX*43Hsf-z*fhlygfw~gt))13%BAlFYwf9eYL(+yMK6--^hJr$L*okoJfD>VwKU> zoLc^4U|8NxV|ft;2Ha7_!54#^MUGN(eK(FqS!(@kI3>$9jJ;@uGe!s6R=~)5xJo(X zs;S0?Q+lxK<`VA=cZfj+%~r>$j_##H?>a^OP(CGy7y+ONG8fLaF}j0C}b*xz6eb4b!U*91YlYSsl}W z)jlRdR$P0tB>nVa55-bb?bh?Wn;rXhK8+0~J6zD0ccma&I>dcB*$QEBM(n{n*DF>DT-i48g@U=eb!_zO?j;I(;SFFMclPn}IRy2`eBsdRJ&_(;ZkanExWqI;x()oa*$pT&^k?h4A3t`E55`7l-EggB6(vmbs!nMR~p|a8OwafP{y) z^TR>?yNAC(zN9|7e%ed^t!nzvn8vg&eCsU!u-M2)me#t2S1J# z)}4kIMS0!X>b6J^70QfA&PgcV5K>Fl?vpf~IMTHzYI95#8bis?vYb$nTRtu1_eYCz44rL*nSF5YLo}ZeEYNo?9I? zi&`_8(H`R6(GUCxk&75GI%2Wd*4TVrjEhi>q*gzaI=r75hlstqB^VQZNog;6N`f-5D>l9 zQN38N?^yHx3o$57itV&K|CS(Bkm1A>4>H|=a60_>qMeH_e>I!+VqP`wrsGc7=p_jI ziuLK;1vOV3$*6rzvUpZq$ub5)AWZ*3^X}5K6k8NwZjzQ0*m5H9O6#fgvf{J4Y!-Xr z5sBmQb<@;A5Edg{|AO+V(J0s`_3y9!uaT@vTrjJYb|qBy*_YXIJ&ozuUkM8VprzO% zY|8lr0|#1;iAB>0z2mH2Q|6QCH}$X^#&8Z#F-8(31h#QL&nhpOGz{8XHWbbAP6X8H z*?D(t^8%E_3d?)qd|1_KpL=)(0VW>Kcu6zb;0eVF>DyW3&3W4U!}Z(!t@;ft2L1Je zCc%z%c#DW@qxVftU2fK+jiU2>IS{R?w&;o642-@hHkvM#fzB?KE%ah#{P(nLw)2Hp zydpO5Q$IK2VxZJf69%-ID@=*6J(fv{WH|Di zONl|K_a&Gm`M8wN%PQ|rWTuPIn*N9@psD;IJy5_E<-zmA9iq6f6Z}=mEdI{+v$<(N zHH*ThX4aSRKvN1=EGDbl{XGPpPYJaYcoHKKauB-vha0yCZx*bb8oj!=+_}e}fcBRe zoYFqWZq!48lCz+8V)1n!p0iw3uUfWwD-(*|*7X-qQqXm3S8C4T%q_fTppe3E$7pZ%Kqk7)Ee ze(QD{=l6K9pUITJa+nm>T{1=PG}b3po!Qh+EMVTHTqJ1ZS|q`l(2`SIFS9vT@EyAQ zjTMg{Vl@`POvMcBFwOJ5aa&chB&GJm6F`M|q7M0`T3u@b z?(}ouhkFyBBZry>Cj;lut9H$%0U>3u$$==EgmxDu>7jlVS+zWs#s}3J45S-8 zlp0W-ZAxjb@!XZ{1g+z$1x*pr!MGC|9Ic_O61*V*X7}GiwpldOxwUepu0x^E4i6k* z(S0%PR#6Y&xfBEj3o=x_78fpSF;U0y(nMJb+PyUSY?Ql^3`TpSSnl^Uh5grs{_H4ttL7DcyZ?zXk#@@ctf=jO8NIMi?x`+c^jVrS^5jY}@x0#cb^#Z%Z*grNJpZ(YyoThy{`v`709 z#vekm&pvIVeWFc_Ph6r^jD*_S`UmDH^;UT1`w;5`kWi?8jLL9Qs6GhDEEw=XXZOCU z?vSvF1yfo#B-B^pg6p7xj$Eq(@a1DnjJs&{_+h~gjR*Id72=wVxF<0k)6{o%ml)(n zr91ES4_dB)q1-c5tUvo7w8ti&3DV-Y$QoglxJvdCQOqat8j~aMq&7BU0Ow?-#Sz+DVlIduoHAP#Hag@pQuPTLv}{{ z2ILr9M6fso;w^ABu&+%oYMIchE>yH{m_#2WI<>>y(lqlTcyU#EbA&;mb^9DL8gWoz z(Vv?B|F%8oS5LFS-jbqs!(}0;O~L-X?qnp`YcSq(b@Af`&S2JIXOD60mzc>ul|DPi zP4y|6JsXBue}7>=vraR{6q0YXo{?ifLVjJ}4f5O`F_VzP zt>S<21O!R`0o*ZR;YmAhf%Xezf)iF(Y0|-`gbn-yK#?>W^dTC~CMFP`GfDm4b&>a> z(kJ}0U)Q=KYZB(lWUnco1};)-K?TuYs91!mIB{KXj_!IKRvU6BLhH9yr%~~rv)rMN z+;ArRmND&azqplW#<=FD=0BDLYhq0SucAPQnQ})k`*h%VzVB>6MGbpl%OKC5zl95e zaA0Rhni!nRU!tv&A6syIFG`pL3m?Qn(_4rGs|xN3Gi{p2f2+=sY2j)hZH~nCn>6t! zx%dfhQ_Opx^c@#mCz}8qKid?se?CRj+8R6%6IpURwKlY4=1tV}drFXf2ezO8mY=L^ zy{f$t8V8GeHS;u2SG{sfvXIkA=mCKA_!Da|Esv=4MjatHcd*NA}xQ1HK80nU^}% z8Z3~f#%>yU<)gV>6ht$vYDq0%}Jk7GJl z-rHk0x=AnmCfVme(&&l8nhw`Sq_9~57$AH*nc*EcZ2@_k-K5N)_SA2MmnYCpHl*-_ zvym(;xw#Ia4n6ilgo$JP9A_VW-e~Y4Zk#ukaQ@je&mDgP)Gln%GD)w)$ZV4WV z$t_HYVTl1=oryh#0(xQgM0h?R&{Kt?9 zzX4j^F|xWQ9HmppEMo(v!MMMLgl zq;z7Y9}yooUQ*r2?M4X~ujT+jiG)I;UEx;EChMzdPUOyGu&%qb0%La{23W^bGTIRM z#!27IOFFfjO|NOU`WI>sZTBaN5cWvDT+H}*5_L_!_W>ql1B;9&;ZdJ4!wZ{jLyxfU zw|D1t4+fL!#4f-!|1nxx3Co&DP~;193rswabVCGGc>;nrzUphjIe0s(&!4iX*%s6KhBqz+E_SkBHwC z1R}O$Dl7aqT$fzxj*vdW*?-ofGre+gZ-G&dsdJkhe?lk)z4{+Odi^-?=0!n7c?=Y` zc(#NTOQb?oo7=s3P?3IekQ0!h1vw?=Pqk5qk!?RpTSj?TFsv06MVUuZt~9!(JEZc& z8Hf&`*YPCr0P09nwIAh7Q(z%(?;KOx{!z6rA@-QIods@wnl#37i-3Z6wnc=}tL|Qe zNu(-Shyp)h)I1bt1(`Tew2p!WNFK~JBQ$|ar4?xQJJ2rT-&m(HDaU9B*FR%!hqS$T z%sZyVQnHFGx^9=?IsOndHkW_^E<+I0nqOJw7(Oz%{4}63 zJGTT*Y8hlb;cFy?FEPlmOu3TLg;1SX?Jf7*{tn3PwU9e3AKOP}7MKaH_u{pjGRe*j z`u)`{45=I-p_v|~$X!j^T<$hnX&F9i$&3Q)223H2HF-D|(bW_<=JIZvvPInHonxX~ zo?L!UqXwp6=k(x`9q{ZEa7Ao2UZjv0zoN)G{~mP^2OzRd>RXB3wQO#cu~ZwF<{1-; zOcdIeIZ%Y1{YE62vOc?ua}&z0Abr?DvMjT%347go`}zmq4{sv|f&ncYo9dkOiMz{5 z7%+2hn?lV4m;2<6-s$e?SM-RHjYJE|{C*@-^H`N%5Vo-McK#WYAEf6gNM0YlYcI)1 zizkXY=TW8JiRQ4fBw+T-8A6=$XAGu8Y_*7wM-E0enx;kw4hOmpv309DqS0`j)^+QL zWIbn^U?@$S?d2dmpyHD{uuZu*-4dK8+IL3|R>ccP3gfB3r7@wr5L7evi zj0`Mc0VsUk@xan#?U5oeUAFM08&I8dq74`P^ka2Ac3A{g>M`UgS_d#KoGA zFYn>soATXFqPbF9e>3QBn|q!l=W3zpkFG5MlJygGcN_b!o63JcXAq<4^hZ^IoviRZjw;ZAgGYT#-uWgPr$`w2Y@)S}r>JcFfC}phw?nDlmK9{-Mq4BdtTdqi77fx>1U&a^!{K! zUV}=L;E|^vCTk@E=&a&+r;z`XZ+~(3V{ZPR$*$fteZuw3D}%W|LvV;IO8k-_fUe(M zQNm1wD>-401b=A)mf^yN$GnUyR!S|7;8!E>M+%EiJi5^!5e)fuBDz=r+ z3xr&QRrp_64!1C#Jxoy#=w zt*FFL612+!82%P41&(T5%J=xg!*7x{JlOYb(hP7Id(kw}(JJA3erT31k;Y&ty2w!1 zkWF$>{sTZ4X+dxR&a`V&w8|=m1%K8Q`B`QhMfvjhqr2k?-3=OD=lL?`kW{wDB1s&Oi8vF$q`}HHHdd8qY&OERCStmm6B%@5$M#C_95e^ zni8hm6t$QWys-ii*rOK5s2$4-#gnp&vQ2^eqkm-^qUws_E#R&9neFp6Ble!vGzCM$ zbjv+uSN_RZ0$Jeb3J>FwaIsC++}{u+zh|&x;`y8w#vWL{$R-lq zIkQa0AAj3xMo(ND>7lDOIfkbEP~~X3ybE95PSM;q#d7=CW?g+ZjcI=~c%MDI#-GEN zd5IpC7pybITQvM!x?AR#FuUg}aVn*jdTBu9Q{byA$lmxvkl|l76E#}Plj|MR5Zzh~Nta1Oj31`eU6F{(Ne27#EMdg!(9++RO6d6#eHzv?7GL)-k~ z)U3HpA#5HNkx+3MRt0B=HO-#DcRfm!lpekNsDJS{AAQ2qv)Ypy`0>W+U1V;mJ$)&! zq*xdht~sq56pGWlK%;`(+Ug%@+hh75>mII?oyzZRN&l)5nE1J6(aN#Ly{#(U4Q%kBF6a zqC!wzhH@11k{lT&A-DI6Y;hdq^;fSfP3npg!yAXvf8Yc2-3BZ27zlyGq#KraElLEF)ZGay~^w? zF{xA`-&VkkDIP+>U))n@rI>b!yr97=aIb6XB&SNmzn#uj8lx5-6K~N5|1l}ru6*X+ zqZO`)HmRuEY^>@)+XAj)eaGxzk*;wGfeF%_2DpjYYsN980j|d7nk*jbtD}}Eq#p(N z?}L{9Zb2cPz!Q|rG-6@yu`)(hPuQg>I)>D}V!jeG9*ig{hCAjWBA-^g8sB{c(-rcb zng67n2XL(8`4s#6;N9DR_kKZqx;c+gT`O9folf}d9UD9uVu@r%NQN~K^2xi@ry$R- z380OL_ZN?|x|G_g-yTC4$6%a8K_@(hMzoQ3dayiqqQMQn6CUxs$ltulcy03ku=Di2 zeE@7pRGYK#<;m-K55Ae_#~Aw402h@jC|yD$c|)5BU)Vdl2eL3c$L(?u1%j6`6zxRq zM#YN&a@^gNp2P$%*6yM;{7IaMxScqv%RZL2bJqU=+UZ4HmoAX-2*<6jic||!YSRof z8Pl;8z-{&A9?ub1)!COEn2x(OYh@_UEFCPqF-Kp4K2nLKSaB;ajCu^kNQ6lRlBvF7 z#}-$Z?CF4~%O~@Oj*i-c7lXs53GI<^an5451|L=C>|MQ|J8D>D;dSOOp(SOFm}on9 zBM=7_t0PewTUq+8I<--#TuCAc-=gsgo(#RVGvTAO(-P372=Vnk^3`gECWa(P^#Jz%K32u_4Y zNJ0Xi(*%J^tfO3D76yoRx&cO@vjt6W60p6N3>Q-fIquP10CGAUh8&VP5-dBB$YC9X zlGH9`+;Knc9X(J+ZjaQlkn_Z)Ww9N!_Lst4Bbw#153p5*83TDbC z#-WR8x`;zx?eDBFFdN@AVXSMcr%GE0e=;?!G;94K&8Cz%#TolFzM{U)Wv*XcZv7G| zT^$;h+XeiR!;!o0lu42?Y|mI^UORRP7#K85)xu3JF~Qt)cRXi0B!dc>awqeZQcM2_ z5EJhk*7JoyPTW>s(;#@JR9>6zFN;08x6iVkB8*QePNR^L6>0@TT5wqJKd6KaRxLR=C}g+29fvyWCjl)4i-?YDHFkLnLkqvDbw`f+=c+>pXpMv{ zwH_3HN{`QSPeYaArGN8dwWVQ8)=8K6p6_Mhn#!Bb6ME@guI%AR#av(hg3iY?na9c& z%XGlS7zy{Oj#}78ABj(vP@w6AY;e3<1LBJ$(wA{PaC;L4gQknn7|lPC{c`aqT^^FC z(FTCl=D}R=3d$V>5B7@TgZpvvPpn-|*z$A0_skBYq$(}L2=@n_!lrS>ajsJbLgAYd zFmG;u|BztntR+>&`0rOOQSD`gy&sAQl`yq^&~t=gOr;%m=6c4dit+2_HdtX8j1A;1 z(=TVQV<wf^TPkPJZ1})4n z3ZjRbzD7}8R*DIc@mTUcq=snTRUz$j-&zUbStJfMAacj^&Jsg>Ot#>}8NCag{$8=_ z!e&H!N*TJ+vxqwwVo>=nh}JzA(5=z5-v{fOyB+Qt{alP>;(iqjBf>^!*j433sHrwq zYfc{-h|!O{4N(lX<_yLCH3J{JkoqR7ck%DM>^IB}<AX=|jHduDk~kds4D}w0t4v{Fx-# z#$P;_Y%7j@GjI<2l9-%#JzFgoGmHkyDC>v@ki*4jHn+*5j41c->@0C;krys0MstF4 z(Yk*W;y`!fboe}e8Fe$gIs6bD2XWWxsM*N?9#GBV#YACvd^2?!J>;SjI_9a27aSi` z1H0m9=8Z7b4vDp+aZSCds91q3gPcu_FJ!%X7zQ2{{W13YM`o{TCqE2s|2^99DuY92 zhdd(_0D`Vkhoi2g+*xanvnNN##Pc;dalGpo_GW|m3)bJtu$o-LL_IL-$F1Kcp?tc; zON0&RFwc{SAWb9FOe^JayG&3sdUvB6;Vf+VhNQtl<}mV#*f-yj&)z8!&Dl~PyY^!b zYc~6CsTXgu(JVQ-U6?#kPPZQ88e5gUtiJY~87Yv`C5)!(V+8>UCg~1x!eSWL->CsG z7^7k^iUIlIhR}#F9?^^L*&ZQ#U8y^h)l4&BAYrCIydaPBzE|$#$TDygxPa;;5!uuO zdcr$Xbt+7JTQzO!R)p9`WNv@jKofuu3V3QWEhRUwf1M0W~b?z}Yf?YIv zRXZ$VSuF-kE3Qe#4$U|kkdpS*_u23YCt-FG)E$u+Stc0Hb98+2;RD^O4LxH0=e$#{ z`WMvld--Lq=idg|(AO+801qN0&&iya=kFq6f2IY3D_)a{(o-;J@vgsEkY=C%0gQaQ zImORAOTLeEKtItzGL-eb4)&xlCvTIXe5L6|`pZUrPB%a;V+f;v()H(;%!H?1juUBF z1R?EX=GuBfG5^hvRS<2-A5O%!uPBbNja3qvIM$b2=T6B4l+j21r1&&xm`@hTa}Vi9 ztiv-BAO=IaGULmo^eDHSz70d*d5GNKtaN~&pfrQy5MyPPsgZ3$!rj|(D(SdJkkS8T zo~sFPDC^JAa3>3CLB&M(+Og8jV|K{JUIST%m{{|NG4{bVaviETX?}zv(ZbucKeo>6 z|3s441V`62AazJ3o+MYpF-omKOR&r?U%Q02UYJXV-8k&7{pA5i-_FBGMp@1-x{7KbJZi`_$pE_jSl# z`C9^MG+xc7E|+Je8(R!7;vMc1QxGnW$Etebrv<4TLpP};D`bRIwvCVs`S%{m$t~Z5 zh$=s~ErFap0Fx?w+Z9DuJj|QL|NFp?I}|Swo-xf^O_a*?^@%eq!@rcrVN6!*SK&Io zUV?t!KO@vB&x^J6K_N(orJZ`Dp6;^21@cRu3J^%gIn+4qHt^ZB9DgU5O5A@6BN5(a1z*TJkCq zxZYWR@4?D7So`eviY7S>wnfs^h<0dDGt)dI0IWne4IHu}|4n9bpuZh^P(ZVOp-qK; zQ2taCn&s}{qr_5B>Y9D70;Yh2I~B@Gt${)ZbNM~?RQ=dM9@OodympPVwu;ihPs(+7 z8S*R;kAMdAJ8Dw*+`$D6tk(n2JspCU;%luHR`Gi=Q^{Abj;{_x0gmyJYN~_tRo?4Wv{U3-@IQuhE=!OL|IR&mC*XHf>@-&x=`^a^qUEh1gum^k ztf}SDmxSb!_(Lp8NBAW;yiDCYz6vStGfzmWPY}(LN%XnQ$CLjKwlt9Ord*C+U9qs{FAZ$rl|d*V1W;~ zU;%E>MM^-s=%>alB$SoHzGB=dj9J1K#7G}zUXRrK^FFJIEtLV#s*F5m600au4bg3b6sGdR79qgZ?lL*XlHM& zxD!9;{0FrmkcE6LG3Mq zZjGbghEm!i-h{#Mn;u9*=seB6CTI*bKyno4bFFmKE(F7^AY4BUdX*5!i!KJ~_Q~v* zbeJI#IUr^RtyJ8!9M$hV#hP>G1lUooTy z+j!a2T*mpvEfrwF=vXMP2UZCny}3PY&3w}u7J8bmeB8c%f3`TE_dHx*cI1BJ8%q6b zH{Y&5d7$7hJG$bknd;s{(l^7aYVceQ~U?=XmE1>%W?+M z6W%_K`DV6nQ@sBH{QKhR`hNg*1KizJiuI3M>WGUfSR?+JQju^AtnSz>jh+X*z0-+* z8PmS~%^RZg?IG@$#U4Q7I~chc7~#6BuAmwEvssKKJ7Or?aLf9LB7ltxcbA{E&51@# z=~p^VEc=F_;Qf7VN7rVJ?8(jBID+2_2H(n7$H(!Hio?78MV)~G`_v)9%=TCA=Ywwc zdl~P>E`qb)>>VIB>E$p6|8alR|FgEJ4`qLkQ7Bsr@!N83>DjJA4tJfac*1Y_i7&Yd z>RxatakN?a1e;pH-pB9(F$P6$qYa(SJOZ38H12HlwU<=fop2}}wVq2boeUM3| zV?JI^q3xzrp^--rslY-)P9Z}{9X^W@e+Bx1R`pJiP{3QK7)$gqQo5L)1?P{o6rJ8z zwNhY@t|+WskZ(iM{me_!Cn|`DpO3+DQ6FMs?@bnoF-$PsLxGkIb`KI|lC7tZ9-U5B z=?ne=ZBJ&K8bSW#SV!HfFUlUk98j4EzEt2k!{w=v_cim-@#H-rVAB7JdB1wZDp>^sbIq=!)MM#I#qtq7(N^WKANcK1QW|aAVC=BV5++XP@}GVzdSHT z&6HUzA7&&$EU_g?0diuts4t*d(V@>x(t*J+$U)AD?}((Z08Bp$x8uwQ>dCKor=cJM z3*3cm4^}jI1Nt;4m~HX)uk0L}#2_0g1LSY_KA3z0Ovx_+G%EsF$kXKdF!_Z3ANiHL z0WbxjoaW5nKYF`f7S^Pd-el8k@DbPT*}n)L6uvo2h;Ki({KEL{MEltC3P& zu%KqonZNk^M6*;$)%Q#F9OEDkB*HfZbS)5~%#QFD(YVVv@XFPh*i8G_NB^RvXH~<% zUFX+(54dcrv=;ACjL*dn{*!(IMG%Mx&=Xm6h4di$J^p40eR|rDzWfc6x zI0KQf^`?gHBie!xde zFRJTMZ9-)Pn^(((Qfl{Ob=WKNAn#t%g|wzY$D|*|UkpRLe2n{;B~#o-XlP<0h#D?h zCfLJt2qJd{@%rmw1&R5t9Qo(2iZnJSAD_^r_*lwzK z`JII9$WOj9+yB8KiMumUA$mm?!6u$2opa2Or18ZUE>|MdgsE25(8|gl5oxU#vj8us z40j@a5@a>p#47hL7xXM}NDt$5hVPtcV07u515GL6RP2buVAFw&^szP$Vo8w4R`c-u zAT2h@q>m7Bs`@&{s)*EagpPKais55;`(-h9nkGBmIdGeV5)52OXUq@c#B!J~M4C3{ zn=34X2_^AF5q4wN3eqxmgA}$lM$rj)Ls2Md1#45I8qBvrF)vBvl3oO;nd}n$RU$e1 z7;M%|O38HUFc6W^u9fA(9VFjJ+51e?*^|1Sk|2wIww!&TS;bJC< zreGEv&E`4$X0Zz}!NFwWhUqlOYi+`*#+{Mz=UAsL60m{c&}U?!JqZ)#I-L5uH_NPj zh-0KUt=C9g^G-s^OzG5sJBxmzb7<6=Z?$;S7_Lm8Qs0dOx+PJyII4p3`;&>hv15{I z6ZYo!?1Y>nj#YpVdT*{_uU(DMDKnD1N7_wQ~5 zf&%y-T0Y{rJs}4s#oPa;%R{6{%&Y}p(QN}C0 zd?VHKYSrgpxwgngOt0? z%Ob-KTpD$v>=n7o3Q^)7esgCyZt;eRJ@*?EBfRU8%ZT#<>vkYo!%k!Gls_XwU>e4v zQq?nwfueIsvwDJVzH<9sjpBu# z^BB_(NJWkyc`@+Lh~EGwO$|nb=&k6Dht&7loMRB%cSrYD3vx*ll3{pRjF2i`c?^%U zOqEQPn*nUZcSxz=Fg1O=y%jn3POK1>G2SHvK~{g_ulVQM4cB@1 ze*nQ0Ba#SV6rghl9@XmLBn5&3PLksU6pq5KsE(a3yumk}ddvsWv-iTq;f<1KMk{-ZXVOOrkI+DoEi{3Z>?Z-&rfTjpZKGEJe)sFBE^wqxVK` zO}6siE<*y*5q;B}vQMk)3Z75xz&+a z{oN^>b9}4tmPEiC%ee`7C;9wCvbns5?w>q4`}9qFXgY~Np8b?m^jKSMT+0|)d~olq zvL4NuO&~*fDXsfU25(V=0{tlX0VW7j)eVH5Ki)E2rvG>WO|N+iT`EVQo6!}K)Z1qIah&%Fi$^*qG#4=og9iaFqSk2=;MMz6R8cj-)@GXnIP zi9Qe8&#VdxQt}}jk}dK*o^!r7LaW=lP~PYWfw2OM78aNBr{mLasIg`?FlmKjpz)Bg zgdZn*<^omy^DLv!F>(WmhUYK8%%h+Q9H3b>n>|!JF45TAhYPQ6U@C3>XBQHmjMq5Wx!ZMb0dzp)x%0gWDk5 zNs0(wnFA|Mk9&8SO<^oM?i_vXMFh$*wY7H&(=d+%A1J{NaYrkGS^FLmO z`jOB0q$B`=APzJ{T4=j~DE$RpGb16p1xJq^ej^kN4=9H1t^@5E(%bmKaq&;6XcScz zzzG6cL%&-|o75k^){O8#;Oi7){APG364y=(jV@joL^?#n z_jh|F{p+6TnZ4gx_Q>W~VP8A}d5(m5)EdIo zWi+E8s2Y;&?qJyX@n+-~HHh%B2>hxcveIhzlU+o!uon$&>y|oGz%>(w7 zaEw=QmRd?2k>a(A%!D$q9zs7X9=AS-!XC(Bq|eq8YNOcl@HsO&l87ntFeeI11o)SE z21b?fsNh&b)?(z85i(YZRR>JzHX-;pFwqPrEj+sWnf#@GF>^b7kdyf`nJHT0Z&jen z8{^8(NBoVL)N46eMmn{?F*;*SN4+r4(NS@fJ19V3J^;p09O=cTK0zj8^(ly)v&q2+ zCk@E$BFpE7fAZP$swael7^1?eXT*Tm{tdF@#dW@uUZX_u$RoHm{wbFeI~Dl1oh8Ys z=7XV4an$@nD*Ws`MaZL?Hx#&DM7aA{a4k3$6$Rq%&h46&aViB88ZmI9?Es27CoQz6 zy}v7Lpd)-!s`W=rcEDzAK^81LVkeK#jznM_s`M<@ciRM>ZW#!FwtOXD6xDZ|RT8QC z%z2b+K1YPN~#arL;`5l3J2>huv zmIHY22VE#OixMtMda5nX`iSzG1x^e~;r7T}`0nRp>wIXTf@pCGQ1l`+;Zb=bxjU}k zKp!vMJL%5CnEgS!R=wCyt~O4XI6p)!?}4TV0 zp(X`4IKVkcwDQh#ik;h@ULpQAh#Kt9nExoCY24z#u+Dhsb{cGp+>|Hrx&^YAG#t&J zScY*0tm(eeyCxNlq}d-SVfcqxL`h$l-X~LwGOS-uG^jiUOpP+mFd7}Pp})J&u8L$d zDcl(Qec~RW9p3514|nEzo^o!bHOteX1=IT2=Cj8t>q^jAaz3TQ@A}jbP4U?&ABF~? z>#elto}kDd8e{O*EC4WIh>^%QuCsG1+cfcVzEL&!Bx*Shq!;vahP6sp&+VXWED$z0 zoY4y)A!N%E%hICF^Wcd#WIjLpE=Bbfh@~dnD3i$X#9QJGnPfQ-bK*PhUe%vRd6V($ zXdyscs>;@(;Yq(EGkQCHFMguA`vDkgvrz8(Y|sJPdEoNDJidmQPSfzCS4+V@W!~^R=5D55HauE(?-qx}zZR zHXY!Ch9A{b;Tyb7E=2MH2eFLVy1+{~HL2@tj<;ZmD;9IWJC?)SxGc)9En^svYvD9B zV?MNgWx?N8J1Ism8U&`)Suyyw%H0yk8dX#HJdEDXu(8c&K5d0)0Cj-b8z33*h<3_< zynLWPYW0}wt+V>@(o2(6C~XrLO%lI40QTf_XAj1Rp*5fl2Gk?b>sW{~gw_Z(0NoqJ z3r0mpu16#pAOG`Uf{af?UziK?7*JX!i7KTG{D?}QC~N|77Qs2aIPi(TQmO$^|Y zgE+t+?(U3Sr}z=EjraRSd}{|P-nGm8jsRL6yeycq4UA+As82bYi-l=Nt%+GuWi`>+ zR1KzGVqN@jG^l;kr!z)y3!hBLwn)`EV^xa&l&l-Mx_&{CQOg*hWrcka=YB@4#EC0t z@CUY4AEW_P+vQNr9Z68Op{op`HuS42{YR6r{_zWE@P#mvG8bi0uj8q+c{bOlqYy{5 zdrN+77EPqu=oS{jpoh{d47sr~P!$`lEjn{a03ES#RdKpnyzzeV>xkQ6!)`V0vh z?bIK9W7wk^ZMYP~ybKGm3>TCedGON#iJJvf0?kiupOa24B98zLv*Uz)cg*B_b_)&N zF-29^R8S?$T(Xy%P{MT=CY@ptXLFHKd-&A9OgppqGAU#vcW#E{MD(1Pvg_NU89ABVy)I_G; zv?QP~z|0kH8hi-5XqCfKAF?IDxyav+AA-a^Xxd3YQ>e345T_Km{vCwP(dRgfTgW(M zw0R#luQq3(`EFds0%C1r$w%f`-~Ac%md)mq9+(U&4s2TdLR7 zUl!WXMP>@8{2j|>e#kz z8y$A+q+{E*ZQFKFe=}1vH8uaif41wXdJcBgu2uKaeGTCoCh+6W(E#!Znq2I;Up=&Z zgiA6WZr~PqX4pvy32l>yJ(LH*K1z*GS$kXVOk1SwpPz&~3+)Zq*3SG17pP z3||v8Qk5l^1Ah2H)?l%m2xB(KjTf<~ul?|=}WJQ#0_aw`czJGaN>b2$55lJBm07bk7GiW#risc|4hA<|V6!)cCDR&rgIwYv>sIHH}4JZjb% z#IxmMz049rjZ4sv-^&Joc?*M3bU_pK+c`kp?zfjkT6*8~Syh_Vb=(!?x@JYHVcqs5 zlgUHA{;JPBJPaYq#&@jEa{|)rp~tb`U|p+j!(}-?9k2`Y+&X8!ei-ziSg*MLV|@DT z^Cu&cLv+CE$$O7*xw8J!4<`Bn^|&Vph5i>Lnurd8;jWF{S<_I`kSGfSCVl+p;ne5n zwu)jP4>L7QU8e(W3B@O|M>nYcmd%-BXZYOS&I@WOerj$kVqB;KKbz zr~Mj2d{G24jo{{P{G#0LdHqpCcYOn*z(Pr?Dcyww?V(n*=< zLm0t;1}pO9b6TUa&dWjoFxFMfwPet{xJy$#d%79HwT@RoKzCg>MS$tg36NLh)4KF%%2CmM-x7q`JV+O4s2~pn zu(Vehq>~{WV%lqIqQ1zh6Hpp7wm@%??ilj84}|_LSW;!zaf#^c4U15Wh6WWqS$M^Ivh`|T3lNsQYq77Sa$aThUHgB2Oh97HTRK7yBay<@wLa#nIh z2-rCc$6+G+bT`+4G#Kz^p0WF7Z^RhLDdX(HFW?XmDb((Z#NN%)3uquL*0H;QBjBjc z+*VM{oPJdiD^Px1d+Oz$z7z11$Sr}&=?_$jA}AJc*dY_vhKZ5fJufU zlMhZQ$?sueBcOvGbwg9h&8mffl$ht~&xQ<1A&gCYNs4R)0okasU;fdvBwV{pO4>_g zeSi?&>fL@3>+3IvMgXoh0BNsRKUG7W%|yHHkOH{E4q!Yc;vl7E-19XXmfGL^!1Ory z3-Viu9-=Avn`wn9ywCYy8hV0E**5p$ad@~Hbjge0`H11o^v(7F8HG&P!|vM=Qz$3g z3_b*9u-!pmsGF+7$g~nc z*3py*_snqra&R-;j*vmrp!b%dY`mY7vjJB?-NW|O4My0FY|CmlC=MG>UVR>%uL_F9 zSg>0a!zszuu$cp?SrIYY5Iwu$;=Zl9@G{*}1jvCcwPUA$Cu1zD$x&cOP*2Iea#}-k zo^fBE#6$p^%>7>Yq0qM&A|=MkUfI>SS-+Z*>YGQ+fEL5Rr?mdY7 zsvn&BdL%!}-{vA!->euAD`WChzmV@gisTQg^x<>k$ zXU>)U#|eCQ(gmR@H{+27ujNq{6T?0t0_qnMS{^>;U62BmiG&d9VvN&`##r;Ud;kH) zHI16|l-WlVMr=aGm@wD-A4%B_L@*SaHgri14>>ddWt+1B`*%v;z5GHZYGV@^M7P-C zNU#mkulfPXGc+589I5D(yrEV5N@#wezaX{5n1B>+A&7Mi-Zs1@N(ZrXoOJ~cV88W( zRbL$#bh_E?Fqvlo8z~G@vjO>r(W6)ps(A9=pt10e;fNyCL=Smmr6i?-F2Ly^CU&}N zE&)D^hEv@1kQr6`7?9-ZSWfMHR4SjR@h{FBHYKlIo`+@@OZq=!=}6E`kkFruqB6SF!1(Ru| z2T8n!njmEKTx+5IL-!zDKCr>c?0IK+p429G4at>X2 ziG76FV&?`wE1sEE(W65=KE8M4AVv0?poQlml*$S+pJHq>2EG4+(4+n7q=IYjcUa#m zjnCzZ9OcFv{iJ_4MubD)`9aa0CBT|AC%gUOUP%In#^imF(;$@!buV^E@G?vqOACqR z1lqs>pZc`db|SniCaE-tv8nL-5~?aY$5kj~!+Yb^dqj^2sijDQKY@cZRM<7XD5%KI zo^LU`x5m7XhfW#zB>^kX79Z&4VKeB~1|pJ-C;#NptK4E@Rl@16qk(&1f$~%(P=f?A zMWI#Z`QslPMS0a?*GS3mbrs)*5RIdKEevGdr1FRLp}St)TdE5grn>tLfqGFx5nWyC zQ^poxn@VSHq40p+{i+c6v;z7Bz7Pum>%%fV6Y*sXTG$#sS;rL8byKwR>H;qlSJDns z-O+QvwmlEE?CsloaPuO3AoLrFUsw}WdZ+Kkhwwx>DTIUUMD%IM0)rMVu%?8G^{n-Y z&wCI`&ACbMXMADuYl%Z*!^JW~#$OObrk!t&nteXOM_I~cC{(^!0sls#m^;~)<5us! z*;tG##w?WJKVtFbuLm%?-MtPH9i?2;1C0xfAZPL(y_l`wQ-wfc;f5XvCNny->VL9O z{Qi?cj%nxwvjePY}02rC*GYG}O!W7cHEuz@bOPbD1(VZ9!+-Q}FL zy|KBp`%4Hci6e2I+x$IQs#tkR_a8ZTFz(-O}4>B|&sULC(pBl|^CtO2MlNh*R~~*1~Y^?G9fOni1s0QBuot zFK{psiwnRm?L8U;0f?{85#B+h0L)p&9bBv(+$1mG-y>N4bRiEHFrR0TKyFQCU40~& z!&x@sYWZAX<XRA!WEAnytQ{*6-$quBC ziEti?(f0SX>>)9d@e*K=nJM`iC~5y%wz*t3iZ4>6Mz zjccF~PsOB8&vX$tT>+leaLv0OE7OD|i&0j^vxKtm`>8VdXZl+&Bjji^T5$m9fp;{-Pr{(RAeE!*)Zy4DlJMXL;ve4I}q6R4Xvus!r(OjNO`Qu+zGc#ouivS#88(xv$R*|mley9G`bE87e%`8{jOcnWQ#CJc;R^o zIUr~3QsX>eN@OwBfPgmlJz^&$ZQS)J`q-EF8e4Y}NN;xt!g|)QuH^6#YM0VMY3PXL zu>ti=01%0`WVv#)X>VQ;(e7x_ma(Hnm260SwvSZGkfkG;Tr(G)LYil8Ac%|; z+>mbMIA)%1P4^?`0o3%L<>)jpC=ztNh#S`*!xN(ft#cR6Pyu2%OM#;xF0lkN+cb*Zl+OtM z2jgho06G5+!P)(;A`E`!0bRHiIc#w>zjaL-Nu#a7Z4R%s-HF3~<7t)=?3@1v$oCQh$0@LN+d{#CIvWDDruPuU~MN_PCgTN(lX+r6LB2 zN&3!XM}z9h(PgilRECBPzYl#aVBcXkMIgYRi#I3aU~VsyPhSTGgMKSCUREGvgGkTf2+~17s`_qVPEjxqRzfPYCqRFh_938V0}?Z(2~n|pcZ=&O>AXKsUYCM= z3M9?W3wIbh;5!dQeh<~-D+Z~4v=H{uiQWo^h_FWvA8wB0`B1PvZ}mV3kKbS)EuwKT z8|p(x;c^;G;2-0p{yE62v%W2)3P}OHS~i%hSJkl(c_JYGS=|GKafiErZ&XNNQ6YP> zWt&_pUoAHaPaY!xA3E*Fjoq!S65gp-)7|07poNdnR88i$lRyEknoF*}5KFFgXCINV zW)hdFO)rQ55C%qgjkWXS{hHr=+Z+NN!&p)V74|L(X*{#hhis7WArKy`%ro$~@+qL6 zg~t-)Wm-B4VA;gLrQp!D3nE$#+H#hF|J2TlG5*oZ5+A$U(43j|7le02;+IU%OgE>k zi0{}kFl4t(*>Z30c{p|5lJ%F@1*iS)Jf3}w44bTI7=g;Jj$SV{s?_CC5@1LJr$*G@ zW~r+HSy1zR56&5OPi{yWjHC%^`2b%1jTKzf%lIZ^2|~qsWdRu%styO!yi!1&4?%Pe zbv9!#5C(6q`4K~q9?coQ!KzBB<7Of{g|;a3tMI8WY+6mL@aa=-eyL*GdMv%1{`CN@ z>DMn^lDwQ4i7V23Zi3`atkXdrq7g&TYduHMvfKcsG@Nf%Y8C9D@C%1r5bZsI^N%fHW<=`dBrG+O=_jTVPU^Qdr0? z`Q?cQGN_@bt|#PcKPu>f1#Hm(mvi1uA}vyYr^8AFfRje7{h;CaG zZ9jBZx&4zwJPTJ-is05P0ZSXUeyaL6oN9KNT7 z!;K9`_3_ZliM5Kg7T}3kqq8dln-A~OV!q7)0qfn>#Wj_KN!a<_m)3l+x*z}^yiMS} znt(06zo)Nz39jaS%!P*QL8aaAn%w0O>r@^27o?o9p$d8iX9;^gs+l!q@Vbj7%W7Zs zV*Wm!?tnC_=JsIBF>D+Bc?M>8;r`!sdoaEpy8m&jd<@uhoh23&KDPC|VTzTK)*k|h zzOm08>)j!G(#Qkz^Kvx6ijg2UANL~jLg1Y|q@XJiov4E> z0=GVn&J5#L#xC%-cY)~F;4wXSA|+)nS>XU>k8}-kP|BS|hx-~FB;uGqD8OtS^t82Q zUQw^=@56P6;^>fB_SM@Y%Uil?U?-%CPGn4@^3S-3*ko;#?XJCrux;mDB=BOBIdHk; zT>4UFTw}Z5{FTHN0%O@)26N#=hK>u=8#BPXP=lX?i^MEz6kzzwbChkIA4LqFRa!{; z56sKYSjPiwjL;QpY641pZ>s~Hd5ValU1Pnv(nN6+)|{q@ zxW$`^kG)kaJZQuW9rVdnnCLG%=U9p>T{1Q6S%w{52-9E5WAYk^i_ z-p1ajtdzL&(Te7xJQ~p1Zgbm_7h$4nVm8q%g5Uh@FH*d z<4mof#=JbXEpht6TiUkycu+h#*@!)f%Cw>J@dk%SPVT>P;r4cJknpViV{idNrzF84 zP^ZyPt@)+4=sK2NyA>hebKg66P5!8R|8@n$9sCw&xtJgv8|{%>h=62erT8cN`=ZYH z^53iXVT44&mkviY1ryMuB*QOhwEzNdblUYW#fGOCkTyKkjZ2P$#u6VDSl^n*n&t`OijD_E!Av z5ss>g9q`d?^u*vvaEgJ<0Gm_%h(^?)cH$oHUg2y^&!?Ro?)$jfJ-1#Z_7n6?*m}*) zpH$);CoplC${+Zz%LIxsL12C!y-4UurJa>jU4dgjkU48?6oXbeKcGmUtvylqYo3t! z35Sh|lGoUPP{p1Cuiu*+-sQ`pIIMrp}1_plbVY>~f@E0Q=;0LM+A9{r#P z%};G5l?l7ipBjsLQHANC`N)JOJX+(gai}Xhe&fxj2G+LDUc)ec>-@<*l1k zguk_L3OLS7VsU+eLD#yaxeNHNN@B?_%sYJc@Ny#UHt2)9Qw$7{+Qk6>P7^C_3BE7|6at& zG~7Zw{oX?=$RDNjo3ns;3z;ecX@xq^iRmPr0syhkL)h&db)V2ZpJCmik}g@HVavaP zDTiKbC3Igtul}iwMG#4&H~V1=FAT7-*72-Kvs>kmi*U%6rf_@Wst*J1OI!n_&s`O` z(Oe$^>WCkHI$z97GhHHIJ34982~d9A0dDjd6tai@NiZ6L!Qe8ex3{~VeChd^f7J9! z7{vF$)0*D^wrxKnupk0?Wm)4^3%EDRqT2&oIay2yl;D5$9@9JDE3MLcR_B})kF@X< zog!Ah%0C-R-~W_S$~ob@NM1NJ;A7*Q7SnsUEI{OY30+5#?c1%&aqraGP2gzK_Tzd9 zNsbaKT=2BK0f7i*M!$by9%XhVVJKi8oKyt1j3SJ;co6N}{skFc`jia+&dovqi35qV zJddXDqwJ)|aVtJEoXA;Rff)~#%c70J;gbn@KiU;nCnhzOEmqQ}H3Gmq-qMG;E|Y(6 zIZGOW<^C&iSs8@NJECwVJ#Lcd-0N>}^8(T)LVIwDODrw87Cz*X_Mo|=@R=dR3YXOe z$3yOhVMqa}0>^%y=+7gnk5)Y~20R6sRK|?BeKe` zwMbB2{xM21of4?#Xbb|Y*{{EHJ4dScft!ueicmV(4Dp_^5_gaF_%F#Hv4ur)DOsXlP>h8pN#NESB z`ewasD?EKDHe<4(KoH6QTVfjh3nJtgD^*A{#64+OC2D@?ybz)D#d;s?eij{`2%{Jo zr|bD~+sP$)mp}xMP=gm`LV^UO{KVvgv*w<~EBBPQ#w({RY2$EA?29T*An4kS(8wm* z>y-M9s-nWjEuW^L3-us4lr;cPCXIU_V=T>piJWdq7#l?;$&)Q`=67&krf;qGdBPT_|J)tk4etd&fLWUzykdDNtsE)(#FNq ziAlo7(8W~D)Y#s{R6qdkfB)@~b)_q7f53s#eex6L)Hcv#D2*C440OYB7Hd^>4uqfH zOT&eDm1v#=akfVvNt%BQS9_alk#Z2MA&!15nQdp}cl=?QPThV_MaxF`NKLNb=bgso z_EpU{&3FOZhFYO|K^cWM`_Mq?ehcT&*HWJk@!H0x_p4J=N5^~qRLq2hNC;>MIKqPAbp$J@Ds`&0DCpD+EF_}pvazh8lA zf`0F}cNbr2Pw!V9Uy7XKZEKfy`+_rTGVQr1kQM8>Jy;jN(h8FCyBU{`*FXK#&g-{z z=w26B8QM2fJN%$ujW_f3|9(5{a0KSdmrYh>Zi6^hD0xn4oX;5;yS@tbI9YztWFuJ3-#BgQoK~zH0Yvf z?_K^tz5G|(H$jeV2rpBAf+*B!wZ=z*sv$`NPu*?dh;Pte6Px)3j-JYmlp|Q4%KgZB z$mTUvI3@eHw_%Ed4 zj=J#s-MfwO8t#jc$<_wZXRlp*qi4fzQ;c$@JbFvpDbP84f(g+L^o*Z=!)C^mGzbj_ z6FAtHaRn>WYbr!h0jTHyjn<0e!$b=+9vjn`A zX*JjK`lDUq)kU4GEHxJiVwi=da}dS9L#jMVd<%UbB5amCuE0`&qj--Z-PwgJCpl1m zmyR7p>QH2!SFL%XMRpcbff7bx^v0njsxig-cT; z2UW#^5HW`1FeH(=qXfRhSvlYMvNyWQ|PoSt#toEjyEpI{wwA znBe%F0`PKrdnV<%Ee4+m^^3mPVSFJ*6|%m0m7?UO(k9I^twaV!tUM%y{PB`~BZCi0 z-#aooK&;^NF z_b>^N6a>u>p1ZVvl&D<+cz<-^`(<0~wBOz`wg#g-9pQ8&SA!nA6K$J!7~oNhf-Fi? zRTueW`kGWo`b8KC|D1CDX)W+qpt4L$dNL|qjk7S*Anmuk6iX>1=cQ+!yQr%o=y-re z#tO=%>2mm!Frj#3zQ#DBhja8RK|=I|FUUDkwlGM|a65m?G)GWkKT4Ll?t&R-(Wkbl z^ifW;F)WLG{_yep-yPG8k%OpVDA>f{U@(FJa60fu@UXsJ)X)roB?23?vLTT)cZEqBy`fn9tdw& zaJQ;f>>h1{4b@XbNR^)zdJPXkWtB~e;qBgalUdZMLkl z4*RTNCR3hst@Qy^F{Zt{kEhR=NjhB^zFjl&v`gxydX2Ia609Vo6|;STIemX0 zONFIuHgK?o&;!-+0tahE_*%tqZfKeFdG%nDq$4#N_X$$$Po8u9X8Ggxlk$~F$4pd0 zvT2E<9l=&FrJ=lc?p7hD;P0qk&4=)41MU-++M zQNggQ@u*W3vS?h(k^m|qPnom)20kt{4^o$`+iRi$^y&j3(I3hd_Z9c=Rof3n1Dy6Y zc7chHKPv+~7z<5j4QARLw`RK*4@tb@&1-((YABULWlAI%fcGvEjX&G5KEq`SAN-Rmzq9Cz9(;!6pQz37d zA+|g??deH{yOb3w!{OycA>HYw6Ia24=r{_zvV-s5E%^)&&9G3e?Ly{C@0p2zA45_= z0Gx|pAOx2Mi<>0EA3N7OyI@Cp32=Dq7R9o z(V7cy)XT|5KC994!AGIhi4Ay$M7KxcQ)S zVO*U%wG3t+{0P8ug3&$Ae?(a?X$+qY6Z-2XiCojvd^lx?)+s&JU&%0rC%eqaikEpT z^v%e~cth;Bz3t-*m|AkW3s(}U(@AAHDMCp|JN)K-dyLy;Sk@r6jP3a#jyCH+kvR!E z{dJUK(~}sDhyqgI^`-NpEWZGsj4@VYsXrGF6mpa&soPG)f6Y&$vL)KO^!DH;v!lGd zRjXScRcmFcyha_{qett$^VFKbw#JlUKvYA-SYfxGkf;s@qPMBoAoMHvEM)&7MfZz3B zNWBW*l$)@Qic5CT+pG*NbpqK=6fWz3P8&T?=5NoZiiJ~>vqbcYF12z+b6A#*xD!WX z7MzAE__i+JYpCVCe{JAIply*;w;x(=SM+| zq7QIeUAX(d45mn5MvZ@YryS>$8_He4ns?503li|yvq2Jhn(bdq`yU80xf^z;jW^l) zwzqi@UV?3^)!V_p4%0YD4E(9XJpC&^^Yw8R(zRCHB7B}_+ozjYrr|HhX2i?2)cO>q zuzjeSRmumwsu!ci-+yipi$grMP>Ch2uJ+@QeyH4sNd4uHGsAP_M0>=>W20g=xT-7u ziv#O5Tp*7{Jlv3}&uvo8xn{TYMIvRFT#|rJewfQ|O2T<*j^c5$0Y}xvumcCrb%l-L zd5x)q{C7s;@R#hdk@mA!Mt+wCTlzd`Jlp&gw~#&|!bqAdKaw6sPb9q;OV7H*!BvMq zf_?UET$NuZM}Io6DTd;Ap9~DPqRWl1`5%xzxVJv$S~Fm1ID!|zffFaJ&}7MRhpk~3 z{YvXGN*M}HG>p*9Yx=Twl&vNA#u5P)z1>5@_b4 z1hLFN$cD+YxmEINM_QTdP(4gI8GAi!PDt<@z1m$jE4{xE-(kqedRwPQv*mjD%(y33 zj4~uD$E2+6N4H3fvYW*|H8|HK{^Ap8Fpdsu)R|Bcvlq$6uj-iFxy@sllK1MGT9TP?t_*Va1$ zVr{?(@secJ@Yfb12Q1~7Nx{*s`^jgx0|gN#oV6H z_lc1npSI0z@9vKmab4B+>!1EjX+vihUT>cdM<^FYj(IzAFZfKUpnrN1&e`%ZL{z3cZzx@AcnAnbuF> z6&>~z?R%gT#VdBs!^7=+yuY_5#Q6ob^^P;z5(H!=j|)WSF1cNmUFm}SUROpG)sk}} z=Vd68V(Nd**Tlax`-K%1NRO9mzZWkZ_$u>QRmEye?7Xq?p)EwT_obHyt`W#-tW;1z z>JY|wZ4!!)V$X@*_ z*`ja5PBQ0qJ&fM+IlpEWNOvv879`Ykuq-g!BIirBtGB7xJjm#1Ra8M8KQ($MeD#|n zpURLt6?c^toH?3n+N9%xgoXe6HjXW{$N(D*1-UT0#_-a;3yjZnBxMOEF6D=!L)cb-Sr7v__abJtmcqPkD7hoG@|d z4TxtxCK60A?ZhnLHVYpZiCFVyPS;LF+s;QATX(*crR~*Yd^O7ZKfZVQem)5LeaHTo z`TO~JbfT#Lt>PNXJDW*ek$XS5IZnWz3(Oqj!G(+(Vi;i92xBE_TerhK^n^@M-OK^1 z&QY)G`Ysb5$YD5fSUWDz6+ETn(U-1pYb6YKFGLKB&2ztWmp0}|B+!#s+G2VqU2;Ve zrd?9UdgW3s-}4*Lmm zVus<-?f_*Z&d_j5?)9_A(*QhO9%F%t`*J%ZO_EsCrx1~1J`rA8U;*tDtdPkUOm7Wb zmKkMShS&Jl5otenXgs}k6is~lrAoG;#l?OIL%S!N-m_gTZM|3w{^42g9bzB(+IGL_ zFvgmKd5WWJo1YBcg58LH&#K9e-T0R=BKvrtA$@yVrAjmLTc*SVdf6>3^0(2aSEHMo zRG-{SP!z<^Ov+8?-DDN2bfMpvU!cLvN#Hm?*u8~+cozALftx!8=eO$g!sxeG%cBtR z6eb&ha8#n;{1!33A+?4I{J=Xjq~SBw0}b#tryuzPBk+6f6o$yvJ5T|fM?rkw+--b@ z*4Qu_kpF`XQAn(pO)fk^1ePb+4hp!vvW|JgmuOGzOWq1`jYVxOwv$IecV?nZxO0=; z<$T6kURcX+N?NOmj*8pqd|0eSu-9)&*cD3?iS+&_t?MqPT_F+<%&36A52GWv zdIDt}+Q&R9s{9C;PI{H&pUHv&%z$N0iu{g?I8o>^8)u#c5gi$3we;yfn#kdpqu8^g zF!Hr)D;!ML?cG(=+actQX44^LP+})&S?CDPzK0^XEFv@T;X-lg$^pe`54|qp^iBP( zeIQT9PR~hmC32a}4q&a#bQ&^mXV$2)&DGDHVxKyG%R0ylX5Bo_#bGm3_zM_~q8&&U zN?{3>z2=TF4I6~#m_RTa$IY7tMqOMW5Pg-e$eiHG+#P;gJ1rXEy&Li=AnrkRP9SXu zxrDXLb=0L0i@~)u^5{h(l)pQ)*?vU3(fD z=V;-oiE^HuS|OeD#oZS;*U2nw?TsyBvj=?RCRN0(r}UlK>|+vT2{Lg1YzFoh!jy&NP4{R?mmxu@#x`hX@UeQ*)zig@ zFU&c@&njQDa^2|h((9T&k?7H;`A;O4vSU(rlN$s=vh`Q+c?MTDb)`xsrjl7-MiJ;- z-r{x$r-(D)!-j$A!v9he5nbkUynU?Q>t+t7#9F4NJSn8NOK+}(3(_3NiEiRADP2Th z=HI=hFDZ3_2Uh(5@@ijLSVoj*Fu>u{CVe}Xad?RynGLZd4W^v zEUGw<(1*@yW@?a8&o@GzdRl8mI9#*oB0^lo<(ja(lFN1~Yk+y%Nc4g;xLYrh0VY_Q zb)0JCdEsdl7OpG2aTK(R zZcEE;&_qMY(XnC$h#~`AkR@(=+h4O0V%|3Xz#8{qyex<33ndJx`tN73v5T5hpo-X& ztj@L&N-ByppK`~itth$bRqKk1f@_IXmK*;?;-UJ<&=s7>-p&y@yoXzgb+yvcSFakH zHP7ZC(%nMNvfr-^ydtu{f!)XvsSYfYT_t;^ykVo2b!8l*yAcX;>0N9bKjb7#C$?L~ zb1ssg`A?L>JJyd{`Vh1%li8P8e=I(YQ+sARV66QR%Bz#3R~B%R;vJZfM&wQ!u7aar zY~c=ZZg~!qM-=FewYZ^~ADfi15Lc636ndiU67Z;@f-d6Lf8i|??kEke$27fBu~UV= zZixnN2J01}@2W2X)IBO?3-_qG@0aDQ66*wUMwo1U2eE`ft0Zhcm@jP#I;Gp0#&wcj z$E;cWvzm_XR+ZUE@ra?vi$KCQFvXB)Pdw#f4vXX+?Att{X-lbSykb|8HRRf)Yx@kc ziZA1NW`~se!d5(V#BX5h@5w3TUfisj-`$36SlWgtw8bDwSZ@l&!lg(m{A}k%;lP|B ziz{*e;k9&}eVtz)x2UdW#hXPDL3 zjpeDY8%;_VWN+TRk^?|ik^WE~5XU3HV!>BpoZu<)ZSAn^j&>lvbpyMm%zYRw<-e>( zci%84t*SfF?D2h3etGyn)85)dMe5%z-sTSgq1`*nvgv*fTv%#0^(|6hI9pf-Nlhjb7go?eW^G`B)LihCCD@@GbnPs+Tsy9w9bUchexrP8FC(~ z%xno*D=awE4sDX;UBoJQ-iJp_kE5*F=aqDD?o!2?XU> zGX}{rN{5;gEAax|3HwkFs*M|uCh)&?X$Od>Jiiaxt_Wr-{kWLiYeS*wnw+9A5Be`P z!X1#&%#VU5j&vP8dLug%(i@WfMDCBZEb60h3qLqS1>PzVe;nIu+ zBeF4m1pBA(6&{%1YyRL!GokL-4!A44ELG3Na! zf$3E}GiGR^&z)DAodjV73t9k=yFg*!`1mXVk0U&lm4()8ZRVGFtH^ScNrxv>{*tz` zafCGmsW>k3M*Uf`+Q?`;DoOr#hLX;i3&N8TO{{vyuY-gFI`aK`Y2t$0isGba6J48L zuxe$g!VFx+$;-<4O;wb(tvQLB4QXx3yzECOKVB;KZA8abJnfj+Zpb>^X=uv~R;b2- zr4r}+)c_NvMkWPlvu){tjCl#NqZA_W+VLwWfg6BU@4iKKx|>*)zD&HcJp?PyJCKO% z*HEdj8V?-rC2jOdwHG8qwi~uK*Of4=@x_~4GT-r$wilt@-g|bZ^WdUpryW(w@R_wg zpkZy`kF}>B-<$^6LR)QPKP=eNEthBGZ$*JP@!M6{B=7KjpLERJgJJcxlEDnE@2NKJ zi%!X361<}Ip1QGMiF7-I53OfLyU}DGL+Zag_7nq@;C(k8?bB28RnFOV`8CxF!Ei?Ss zk>s{PX-OK7p21q{O=Hm(t5ngv%7v92<7i*gR)r74U$cs{Y)NbrlOZ?hIf9?>XE)?t z8Nulk_EM9_lAU=5)26(B<04ad54?H@KxJYoB`i0MGG$R!cP8ME#v7HE8n`MFFK7Vj z2UX}qgfo`eJVBa6ho2{>*XU5IrSoy3FU3_$JP(NM@MeAwC0wOXLKtaN;zme{d9*Rx z5oT6s4%yS8b&hz$buwQo@qI%(Cr;?c6dA?qeyGoccsG7Y=r+p)c6+YRng0%N7(WM( z!9|ff!iJ41(*UFEiz4i6ufVr<&>CI7=s3MWeNQxdMN3O8^0#5O zW@Loe{O)Dd_KJgnv{4*i8|YxXTk0MI=Bh0mADqzi$=ZYX$StsME|dHtxQ3E_%5i0- za+pZ79RvK{A=yLM91n|g@iksK2025F>~yEAgxBCT8hp4Ul@JH@I{9K>&@Q<{c5sAC#jPC`i@lKxy?xBdg&V*NASk;+DKCeW?v zoZ#)`@6kx*#p~bIlMyvsR2P{E`u>wu$? z%^Hn^DdBu9j`Va*#tv9=2Fd9kokUem5UZxL*0{`1`0Rkypnk&o}sg#V7u!}EiE zkKgC*fPLCiM;hnfZiKWxLE^N#F&(ptoYaYvTt@$o_xrP{t)834=fA$+Z&UBzv98CK zovq@6Z4)2FOgo(_*u{)Df&$3r&)>xM*Ec(##bXUA+&6~YuOJ?ji>P(Q^A#a3R50H!CH-Z@&!yR@qLI}^(^167%Izt659WKs@(5SdtD*< zJmcKct{yn|-`{~g;iP&AotWF;Rko)ejYC#F4>(4I|Y4irf08`! zqs5#GBtvwL$(&@KlASB$pE5mZ>=rIhxUiUb7?oD0Uy$G*qE8AQoNS+8NC&P4#FT{# zVc`ujvPBO!Wfi&*c;$7^f;8#jfyafqndu3)ECtH&G{biql5@qQ+9&zbR|!w8po@bwlo=gx}d3Ek%yx zMaqhL9%%O!^Ej!CQ@~z5fHJEr{nM*m(yU&Yu@RmieWe*=kCVuKR%E48PRH{jqdB>w zi;{5f%7UjVK=*ziYEe4wG&hNzW5);=o$ISQd;pFz52&ojsZ zqfuEs-Yb+LX z6TRU`y*7`CNFD3-jGaX`Vg1JcLD@G(i4Lq=wr$&e+P3?&ZQHhO>$Gj#wr$(C-KVGT zefMGJ&X1W&trb*K`I42DmF(Kz-g}?87TjpP(JTH!&WuZoIEGzh5%1D?lG?fKVLCRkuuZCM{{hybHj07+m{IWFi!ZDV$3K+DI?fxpn< zB*vhf>T}_$88z#jOc%|HwUektD1dcy0aw}`)g+iAFB=Hrj_u^Z*{bb>99sx%d4gAq z!L6)vHk^Oi%!u)YQK#lbp!1{i0Qi+?@?TvwXi}oPI<7oSn9&h17aBZ5a-Tm!$1 z+|1oG9fUS}woR?~CGh=U9s|EMJN_hUE3j3&EpBrQgD%0|ZKLg>1u{Z)Gr)izqkpOG zh!wf5rnv=Nb5ad!%wTmjAl!{8B0I}hrM)iVr zMmatN459%rwe>g-J)xG!ahcI;X02UVsBa0ciBB}6aA0E3Zp0ni!?n#w^h!ZFA$%v< z0hEtaLIYRj@R@LY@yhI55e7}yU(j8Z{Jg4~n{d;!u{du=g!}ocQOxF?Fvxq>H zdcd6Q7CyzSz9sTkInA#n7yN1wCO2OCZ&RwqDwGDunzTt?yyhqfRN9r0^gRmIdKh!7 zATa9CVWvP-57bSL@vIK>^T;8WMihD>;3^(5)%i6c zA&iWrL2|sM1NBZ5lL2M!9GP0DBiX0pd@3jqd$gMkObyh%<(m_$+_;g(wA>v(KZ{Rg| zC6jR)73~nmdX^jdrd;c+mpJ2gtOhM;=| zd14RHe7a5))@ug`@*~bib;)Dx zZ=Aw$?G0uFs08vdJ@Sz<$?dU?*R}@F3P`=;L?f~qi^Hiae@P<(yQY)*(Sw+sWF9Qe z`J95Ho%<4|(Je>xt>0^b!Laa1aSR%CBp4DN_evFzn4^ruFObS}>Wx&NB&^lxr!`!z zKFK0+owrH1T{jrUEIBg?1rsVfQj+kpJB61h4C$#pZZXPhe&Hy~1gj9=)T?F!Uu=^a zRpq(|!&btj7R(*yHXjX8Yt;jV73Aq+EEnrNP)|%5bu?#5~@tdHh4gfRa{1IhL+3wa`GnL%fl^bhRy8xb|*H-WIiaw0XzvAbG5lE~4#SDt`l>B=40*T`_d1^L5;*J|Cmt15NA zs{ts^2X8Xwk3;`6{$#ZRtu8>(m8N}%JTjrM#po6!rA^nHlaHhMU>$&<`KP-#7Ez2c zso{5gEgW_7RSk!U$1p>kc2H`{p;E>&4(2mKB7D7(b;}}mqo0H`j40Yte@Gp6{ooHh zPDx~t1@!zddiO9_;=SooL0>y1{G+%NIhYzMw9O=1K9DBaW4Y-a*@Td+yMOnCh?=}e zU`6;TL_?(3du(f?d9Ze)tDg#c59TsBlEOniUBty@|Coj?OPTSDGj_22V19ilSvfNZ z8~aT-5KaeJfnGv$J`xIN9Y+n31-YW&jw~u@3eKayQ;z%$QOOk)LD_ zOSw(XelGV9RTM^D(BcI*2D>y7m@H|n9T8eoJqqNXHMmu~5~aeU#0IO?KLup0jfxj9 z5v2rZlgCiYPPFm5yVGGv;N#%LQ3V7=e4%v7|Si$1Q3#ICN0kI9Zcez`dr4UR3NF>MF(TrT#E8e=S%N_8MRx zqbd&%s+*B^_e#n{n7I%nk!!82a4)c;%EtGm?LPpZ!2lUcyL#m><$e0CgMUOV48av! zqMTH$FZC?0GT9_xi>GBE=Gv%l#s`xTGZ3v-FI^J?;H(o;z@!k0P|Vje*1R8 zji&Uk;;P} z#rM`|Av0*C{MqYAslaJ%>AzH6be9E(fIgNB~ra-H7%=@`#Z(p?an>S)D{P1^zr$H0Wyg=5K_PHaf2 zo2PKp&W`p~4s(*Uw?3t(qxI!P#;$ACxi`jy0q&+*Gc5=7o7dzoSIlk^%{-}T5*CtMP9cD;j&8enVQ`?j-)4AZ+^-)(aWWjpW)XI*I@d% zZN#PIbrjX@>9*FHuVJN|5~6VF3n+Z6GTq(mX6Dx6(ZIEU4G7CettlugwH-cj zET9h~T|Qkyd&sSaBGB?=(C|{et=hXZs#X+xoUb5Dq`}xHRJ>O6y0-dDZ~KOz6?f0* z0yqi=`vzb^irf8ZwoVC)O(<9-1bC}2|Jg{j%1(ts`)f{jR|0=7XCfNetfdyNJC`PA z@fRB+|M*DBJ&adZwu;z?^i)>sukG%Uj$)h0QECCQsLfFz5*c@w`tgZX*uXvs2C82n zkWCfpE#!X4 zl!d+QdGY?I8N6e$y`OJCr__@3-uEQ z+IEAlPh68F>ee5JQt*$2-B1SS4C7GF@<;bva(M({4@gnM+!5_sHux>*!eg`@{4S3Q z4->-(kMYA1hTfk&Y>ByqBAF{M5~Q}2cxpuo172p|UC4rwn2<1ib0Q1O9}baxOV&0( zxKpo6czRxoBb&ju-O=D+H}P+Pr}mm1;k{|PBNR{@q2SS+fjox@xvZ*lWh(cVG4H6;j?uDcBwJy5s`*;kD-b9Z$9khs)!n-|`G54NgHRW&^p;K6H&S~1{_@GfR z2W4TfOwLt0N!Qo@UZcRVfVwEX8fGIoMS>V$8`HVvfFQTr$11-YWt%9-oLq0q@(P=G z{5U$Vs>Gc*Zew)UJIlhV9{;}7J`Mntvy$WXr2adDq}4BnDSG&QAp*1ETbmps^(^(ZzWZ^|+#;~`X5*0sGV z3x>NHa4?8!cKn++Ft;{p>o;6A+|FG^W)&!TuRTY)*!D#L%E7R3(iQo3)!$Be?}y;? z%C>yz$2gq_k|8BChPf*Gf>CW&5Y!j`kYmOX3D+Cr(Xq|I)-Y~jFQFeb!1~ba^^Z@k z8zVUlG_J9p2N^J7*y1|7%5egu=8Ey!BGU;}y6wClKLb8*;Ty`YW$~Z_m(&P%y?py# z^gDBwtZ#nE2l_=$^Wm=U&_ewD(1zX^W$h&&%J$ zLb5zSJeDm3pv-<5T|;my5DTu51EQ4kExn)6*b&y}C;F8=T7SV=jG4mzFWBIJ0Dk`f z0a^YhGv@~={C8}So$dbx8`Ro}AQ?gQ-l;LW&Bzr^Y8j_A!zwoQsEd9gV9o{K3vE(m ztk<`ugKqxbc8_LvFRQFZg>GP4QdUokBO{X0sxKk4f1l~F&EfNXdrE=#{c>pce!0Ki zDLG?qyD(vqJ#RF-Ys}{T_Ikg|SSWFIeQ`grdAWJm+1}dTUK`>uQ++d%wZ)g+=|(3b zl(Fs6`epC^@zL?I(Q#7&j`l^u1^?-kmR+;Y*roGi>~Z7!z&A(~)pLtO_xX19$9~jB zWp5n*`~CLJ;qAF2g|9Qa_~PkVV@3tys>E_}L7_{#>MxH)yY$496|F=1aV2+Ib=TKudcVT3y-|euNl(qL|d7I&2;n$ z3%Mg*>#bsAAEWjXii`X`__LGn8cCudIhpv1&(FL`)!7|9<_y97ffQlu1!9|`dGbG(}oZ_=o zjlQH)LSe5d*ehGklE}C>wdYs;oFCG$$76%i^d(L8mhhJ~c$akWH0HiLxOF8Z7?jirygJBmQtbpmY;p3beHz=`Li=6N-&ptwuVt_=p0KJuy~M1`Fv)CHvh4vi zTAPvi#;C(0JS-I}vUxVZf~fksy!&|vSJ~>P2D84c;ZHkTmn){LV5gD_!B)WId%)$) zdW!f8Y6p5ik8m|2n(*T&zFA_}0Sy4+ejLH>%=hZVt#Sx-X6Og^ z?J|az?#+hsnP@Rjws>l*U?Si&m0KaFmr9+*fF95HT@*vCk=E6kg)T7@LNy{AN1*YC z`pZGv*y_x-<1*Ua@>F<6n(rCjMKP>Bb~&8JZ_-tfUFXRv9ucm*8WZig%<#Ykv8VN zVa23G#Q`lzR;LyV>8zt;%Ilv(fMk+|l9TKrZWj`NYG;wTp3njFEapr3?bVn$^c&ol zjnz6L7$P3_(g`N{dqnVAy^Mf+_LWYMHHmuri zN%Y*9Wyehrf9!B=P*hw(J6sBKgVw>+!R4viC)xX!BPMOwdnXuw3#6$W(LqXwz?^P6 z(@d3|wI>=BUq@f(WW=Zy=1g?9=SX$soQ2H5U3BuRv zkPZso**l4L;#tkFL|jrL5?&(3fcnbp#Wuxt{d1|;BYA=RoN_P+uuS}TkYh)%fsLuwh+GYjWYEJ|*&&3TUCROb> z)zV)|-IFV#5BLTq6#b=CkZo{nL>xovgi@9!q02BZ5V1wV0Br05XyXVz0YD%t4>4EF$*@>T z87|T_ACz^Ebqv_JdRy6r;!~XNlWEWyfDj7*cGnH&rr8iUDqlF8drW?E9twpR5BCTw zYJTq$C))Ad{8IlTatfxd@fcOsuJ~i~y+N>)ko}b7Zzz}=Y^IFePSeQ+;_6ZKV&NM6 z0%r54!-tA?ivs)%80VG0H)^vK_>LJ)S~DGba07Q?jKRjko}yW-XnuS%ax{ST2B2)k zI25)Bn^-X>-ye)yRB`RgjDW}yiDsj1C2vXvj3C_9VpU48>A_{W`qWZOo9!xda0-#l z2<7=<(joSmZ6ecrQ1y*+&A3DUlm0oRh7n$G9nVhL@%p>4rYz!u@VX^t1dxb@|;E6Z+YeK5Kq&yTy8Z&lMq237Gb&H?m+&eP5z+>lR z7|~6oX^d(;|H6Gav4bfto$>eV(yzTOa=TU9lQ5trzL`X1DWB7bw23sPlu^@2^f1b+ zvG6nl6^v*Dm7ifCtLw3~erTpFx_Qi@N`ZThR~eZ1w+G4xkQ#58YgH*$SAzltAx+7$ z`9&P*__8UAFinY_@X&y*B zI(b4aWyTH!8m9Ok&TvM()cTjp{)YiwKC7XJ&0x}UJ$v+*9%Su{(S#bv@~{dr@Qwrl z$C-W;U`3Nbhkt>#UfiZ$*KU*@?ocnJ^u83SCLhcw{fweOIXu=}a!Ht_#n9cca2q(? z##S^*si{rr$-B#;hoq&wds#Huag{7tcGLf&!mi*zq)|!n#^{^LVA6_x*4P-qNbMA*6INJ;&&^&GWgHpbTpiEJf6{e9Wx9Pl>&Ryg_ z;_ns&E~)fn!>+m#K@_*dhTu`Fw1-%p*tcXEW-64g5^+{Hc4Q%7}u8< z4!qMq13kwvvg6F~Cjbe@015G_nS~nHK<0C=`oM!#gFBiu#ErzmsL8R%_ znO+-;mpXqhgyXTY_g_52-bNRhrPE$`^c3e>EV{Q3jq+Allqlih&z#l8HTskK%-fRf zl~m*1C+kBxAGiTcS@zW!V$$w7NmV|phpr|7!wyf_DFn^3Ws6`LVWGgPG%Hd{--5{nL+@SkzV>UKb-l!STr@ z>=RRgUqeKFXXtO@TZ|>DGiGjtJR(`0`rUPsG|CS* zi8c~li7nxdYL`XyxwCC`C7QZ00c%w~XSAsBQwI)!}QI4!fZ=Q zB><5=#h?bQq810ik-T)ERf9griy`fpx-A6fMCci^>B;C9V)a8nct+#=oZER0g|&s` zFQ5GP+O8ZH0OcB2h`Dg-fO;e#=W8UT(ts{RFIJ)~GgDiv#4_5TKTg~p%jqHRGQaHL z8w}P3tyA7cXSaYR^cT}BjJ#Yv9BLz$MNP{c->?}?_X05b6C*=O6{3sdb=Ic9mqf%? z*CPHhX4H(i%WE9|)oE=GU!+F7uB47glnRym1==vKxcb{61yZZz&fu>6_JRI(3eZ((@bMR(KJiPPsvn(BIE^YX(+5%KD zS+Tm}coTE$Be3|3U9i4vJZ8(n<+!%#gk>Uo`xl$gT+BmqO(z~aCra>(w7xD(r*vA^ zh#z;imNTwKpy^m|83s4b8wHubBB>V_-l z%7qE6y$Ua#i@VJTOd}!7Ok9Ar=e{gHdhYt2;)!tLL1)QuLd>BwcK|U#@Vs~p))AO+ zJGvAVe92z8g-TE7qa*`0qxw{YL4_Rhc@AUzz)@J}tZU^o2k$pxoAT@kJb>=nI8BdZ zp}z-Y`j8L9DWVbtG`G+y=C;^~0DQ<_H_(Po>$afVRtM@`{|m4;zofFLKRa&;KR2CcG%`Py#RHsghBU2;*6xXHQ>|$%Eit z{K&K$9FEceF#c9q8qHk|Ac+jrFQScx8`|?-S7*`2aWUe5A6s(<@3PGhUgltA;|B{&h;Z{xn7mawv5C? z(H9T`d2-caNgdF~dbN-82{Iwq7M?M6<|%n+;NA$CbLY{n10J)EWMfRy4>dMt>-@*7 zGANYY%Y2l^Cs+=EVecNo;utnp&@qHx`F-#ZMF%(Xv{nCIPCl!zL`_7a~XZIWqQ6OZU#}nP?Sc^U(F_s@UO6 z+mm7M#zK|7tH_PlyfW}qIwlN)QyNF73KuOp644p7)t@K&B^8DlUDE|J4C0>q&6mi0 zBf@Lnh8QN)*6mvi6AGutJjQOlkxm)QG2_H3lQHeskxy2`*qsFvBf{rW2=+!bZE5eU7yTAu z^G>0oN_aL`&NTZfH(@_SGS~sbc3{s-IbY)Pyq8Ev?#&Y;URYq~?0}e32CRC`etRk4 z^G({9o9vmCr*2XV;w|pZ%jSL;?Uu*3R$-QeMXx}x@SbXqFohb{ZXj;h&bk0x_6G%` z&VAdgJ8*@83wZ)%U7(urG{eKWrCQw4JIm>`9ZW8@Um7W1nbbV4XL0!^K(XzGiZ7_c z21MJSB}8xq><^6d8&auRfX2v^u)i9ev?=ot>Y%i&5E@mre9yTcW&KxkEi8G(zk znZOSZ5pn`G$OrBY*@dce?Bz$6qPO&2&`j1+FR6%XBVh`vD+|WaZO_&8tqr1)f;sEQUE)NNS*MkcA3vxgOKGn`E&eoHza4!{rv0Ok@Q2Z3VM9XH zpas&3%1G?C5ql2$4=dnCY(M$sNk0vpP01!&6u(yXIOGx`7jI@0SrOmY`x!n-5iQ`X zimf=L#w$y*nsi;>h(}Y352S8TgbBQO->a2()859+_t!la$JbE~{MtG&EeX zZ}QdSAGs?+EvSk-mgkTrD7cd@IE1T4Sby38_t*X3Vt0l`UvN&?R42jD`t9ySY*{xj z(`}Q=nbJwt>0_zK#u&&ts8K>ZRT0t>_#~S+d6jfu z4848d`H17t|C#6Ze@M45{S!m`2i(TY&c^m%R6J((e^0_?X8(Um!sXHaL(*dZlY7x{PnVlAi+Urm4wq(Vs zK4jqCz^(xQe!J2^r|b3kxbRZ5|=vEL3#|x7%wOyb8Xin~&1l zzKi{=z=ON3z$2vOWC36I%ZD{sl{b$)Lx665;1zw#O>3BM zl>|%377s0b5vS2V$*cq~TK>=Z(Qrf~tKT#|W7X-IQOt1m^^`o{IeLjFv|3t$1|VO- z<{2-JvfOKMM9EPpEN^!&Ay!Vb%9-WYYL$o;RQKEQObuTm>iHCE`=jgCs7W$NANi5& zOC<2+bqYUST;}ncQ&0Il@7w^f0i7)5TTl%jrDTnh#;n13XpwBErXH`b_PT?c@xl%I zkcr)vYB&Zxg$wu62r~`$bZl<+15Eg1TMXXzwtxl`ah1CMi)rH$=fa+s2K2ZPUq3Z7 zC2x4JNwJ(MPFksV&#ONCYWu>invPLe_;X9;E!% zab7q-6O{@U6XH|ab3DUEW{m<>bohdKGWnRb5>jt!8ueGwqUY0d53jfWV$b*ImT!vj z+gg3+lK4>c1dtkAEVb2y9Rz%FNos|ap9Zk%uAk$)rR>Gy#oYS%M=;iEL~YKC55&i^D>oGnyD?&i8m(sQb2{`2CMiSG!==q|SEPxa1fLRVQ zX&|lj&wNYgLeR5XoGW54y+v~#6^BCf^}NYDRWo;iQewv((CdY{=9k*wq~CGX4%M-1 z%e;NPtoqG%ZylsP)LHHa$T$6_TI314!9>ZTCiokLdg2@rfxk~Khz60{E*IGue8%a* zor$7ctkDt$aQDS(RtXhXtpp-{SU@&ONmcl{!m-4sgz=UXRjHWHdc|58&lcARemPsz zrsqiB1fh7vfzb*}!(`)nE9w{=l%-2K=&GLmLD1D!IrzR`2>mXF&VDBtPDM$ZRI#GA z7%jLXaDH^lSSTpT4!5@fCIb8ogb__OxfmwUkI6-t=0t#M1!4|$fEu{jSWSo!SeW7e zBPaRYLZ`D%r_+kR^Y!Ct(DQk9C2Q;BwUNyBB-dEqE8ro1jZQmb{LDR4MKD6}dp&H} z$qUe3y4O3HhA{!O8REVC9e%24v^-ok_n<<1GgAqJ9r#Nvym+03hks2#tKk0 zL`#cmvvH%@=zR5vM*g@NRz7fqKYb$Zrln#73Lm<f7}Li# z$GoL{h@L2acC+Asnz-5- zI@#fd>aJo6mUSVl<=EJy18y>orRBSw-$mFW;)H3-?UDw#u|4^HA(h;K{3&KzIeKvp zh7L6BxM7<_Bkr&~hNqM4+8``8jX2Sgm2zn5h;ZwoUy*hckXr)`PuUo1*;=eV8LN~0 z!17oZfv@Ov;RE$T)nT0!pu^hA2BesXPRHB|(*|Jp6T{clqt|XBmcebgzvkdjzBk_D z)nSQ|9RN<>@DYskR7Gom#5=W8ZlNmOgF;5Dutt{D5Daoa)+{gG`J*303!fQo=q70HzM3{$7 zyDb~9L6X%E0doC*f5Bo#nNa@I>GvgMI2FWLLW&kD-nWu^veJmgm zWxPhpz52*LZt*NITY5rOsi}LFrtXYbb8?ShDi9P^Z^)rCGBCwKZH~OtLcaJ+EBmGw z>P?#Wv1b@Kth;nl&idc2gAnU_rok@faQ!e3(g5(prtUR@##K0NX7%A4tx{Q_sYH`Y z1+<97$O_5G^$Le!5qex3{&=`^;Y_^Dl8HVEJ35YudL^`wuUt0uLEgTitLUhEyDORo ztI{p~GFwoL^cvA8ylh!m*b$LYJkvyq*{bdoBakQcxL7Id6w(v@VQTQ45^Y7@Ig@YeT|QF{{z_KkIzj+!%m=k^*U5R6?_XAEnc zqs_Q#pQVTc_BElO2KHKt)~m*VsUGZWd-&|P9)R?xTkNjlS<+uvhrSKN4EoBJqW5_0 z-b3yK&U1c%C*XCg$X#s2Tbu9_$ZwGMs_`<|c0&;G*2r)?M4xJd(@a5N+;y05<8@&^ z_PEm2iIfPmE-dIcC|u6)joKxp07Nv3EQ{uc-0JJwB(O_lR41PMz{$N9I(pey!xIbU zb8|xE&9ld4;fA5&)8hT%Y9@@TOtPEWqZ-g5wK#o>uqy#!KA-BPZ6!m}cuA*Te5N|YOLVkRwNL~#bvJi@D96m0Mw4DLINW@cX^%}ouv z(=a3mhZwjBlADCVyBs)R6u%8T*R%t$bTg>DErHiC_rbEVF04&bxf;O?8YtKf)ns)? zxug7=ne>0H_FWlze99spiT+KZYXjWR03cv>rfKHv11VGE#45au)lcw1mDtWL*=RVBek0;qyzp$ax@;Fergt@n#&|Zx;XtlJR75)+ut7ncN(mN=IU65USuy}R zklbWw*-D9ef+q^# z4G+_EuU8A>^K)HGojo(g2o+}X&G_JCi#iaNT5;z=TY`H?m_MBZ;?NWoTFQntasrQ+nAwAG<^wEKP;lp z0Vz3H-R2jsmSSh(SObc5rG?bPs1H%iBy6oYdzu_G%H8{eC?B*e`NR7ZSyUg!%E)w?NN~M&-g^)G_H`k3 zM3GCaHA|IIzcGpD>{bpkWNY}mUfvH}pF&QV1=I!C=af@A!}%(=f#m7UXf@Fr>|TRq?G6(m(_!N`Jcr2pXM*-y>Z4yo@G4s}F) zHuHA0zjsbk5p2#%<5WVmRpqou6jyZgx(%U8Ri5IO%8IjeM_J-AIenhD+7vY|Yc<;T zK>@_1)tsYSVS>s>txN7hYd}7=-(pqV8r2g;FuS(L7~;rdbcFX(C~*V?EaNTipa}kJ z&9qlNZr1IN7Sog4w7FiQF!|Nx7%Y0dVN{qDwo+Ihc7?OKxaM8L#2#8na*Oa<`1#Im z3RuefB&}YGT>~|+fwg9FPeNeR_h^8flzYSsNU#Do-v~F~(lNQY`AnYd z!?`3@`VK1uMq-p zOQz$v9Dij+*Wy`paUCYlj~$kvc~fXU7Ns6-?TvIamI)R6evuWf>Mnfy=BVw-_8@iI zhGfaZUm#@;v)T3hCRKq$o9@=_>M8K{AYY*-2%E+G#(HM6x)Wz(OBM$M25%hLOeM~} zgtDQq=KRw6!|)c(aR#*DkO~$A=9lV5k5eZ;c??y z^)3+XgCGydz_21bdUh=Yi0Ly$qzn!-5Q>{^Z}(+l{lvwK?QsyRu`kqk27R-@lX#bUQ-UJ+>Q_nIJL+}*__qi2obw< z?3$3{&{NK}u2(Go#4(GtLIuZEn;$0tvu;GU8Nj`ZtfOn$K|WFs=r8Ez@9{E%sTF6n zC{I^3V9@a21M!@_^nq209<&7BA*=Opj%^%Xp0n_@tL)z^_zSK(TWJ6eH|XSB?!F~+ z$MP3j{u+hI@gZ73mo;WbbVJlDqsh+%%7pw&ay_T$B}t59SkxK^=HN@|c)kSt-sV+U zfQ;G2aPt6XOdb0kXouz(XwRG78;54FNol;CV(8LuQEC$i@YtQ9&i(C2ZsU-fa;%c7 z($ePG))yU=XfJW*r{RRP=1sh>#j%u}*{KH{C+uB`evnX)%2Z0YiQH+uVSl$i=KJv} z8o_)eX7{`cg@#G_dit=VEYE)9CW_87O+WpzEGb>Kh*#7~zTqpLgR0S(?R@<#<}bwS z4-z>%K{YXc)j1&gJg9~Vs?Y=;$QNkl)zz1YrKxofiJC!Wd^%jS1Ic)s+M04I2~to08$pV{t+V0j=D zTZ6W6e*Wgw*#p3EB0shnnpo(^@v~S_eg-ZC2e6GGGmNZ>m17Gt&InL{UiE^655dKa zIl)z8QRpndpOp1KGy-{-LcS^1sQ*y2LintWj_gKhxTO59@XFT(FNx%p2Pi^YG}~;bHMRGdEW<-` zT+Q!)B;-Q4P0^W?d2aSWnpcNiTEV-S2yg?ovQP&#IEM{$a}W8P%$TpY8{_)Je?vVJ zJY$3`Xyb1kAocsN4Wu6P8rL`nJfzG^_er&cO{b57-c4d zO=I5diC>x~23z&M{?v684q4dxw!TEK_3|`H2Dh1~!nC_cb1f526jhue+&4Eyk}p=;pb4lF|hDqb{U&^PH24^wiusK2cm#~G%CA)1;y+o6Y^)y|*q(uzb~?f!xf zj*iCNB;Or|vq7;l1ZRV4tqa5k*_`cz1+qEa1p{PLOYB&t+68Mx?Dy#MyFlka^DU@& zdbg=0Zkwutt7bE>0!Q~OsYWCf~L7s~Oo@M4>fgHP5}d92G~!4>Mdx7Xlbw3=}SmxXrI=v{!xzTTw(g#QkN z8$**zCTtO_NMt?BB=_*P7PP$_rZu>v9NCvy(Gd;JsajcPwODz#p6l|m`e#c7cv(>k z<|qy>opM)=+pPYr6`$&gHsc@(gP1)72rf1}>|2QLSNNVckpHURs=R#>yns&{Qja5?%f>%; zc|6I3joWe?H}c1or`m67C5LLEXV>eIXbDg4>&3*E*Ch>rp9!t=0-mf=&bb21axA?KmR691Z+Pda&!XbPL6WM4uZDU zcD6RgHckZW1ayM7R<;g`cKU|KbV9~1=7z=!q5}V^nl2=$^dFk(|0$}@@Y4+g+kY#l zf3JS;0w73;h>HLK0s;U4{!9Sh8vud;z(7F%s6Pedr-DL&f`Wj6LV<&WLBK%4z(7Mm zL&L%$A;7{R!a+kLpdlb4qoAUq!oZ_rprK$Op`fDtqZ2^jpJPBkAwfYQQDC8AQU1Tn zcRv6k1W-Sa7BCKNs?k=KpN_ znF9fX0D^*juLHmU0|Edc03-Zd=@P-ecDVK21n2+P^1sbcrDK~~-=-JZGel6C|DN=) zn&~=wd#gb6DQHk`;=z!aY-l}y3_pJwyZoWE`?sV2u>sWBWEyp4e`p$uqLr|T%~c!k zm1ayotwYxNmHkn5hi>Qk{X{M*^7E1Lyjxm+CDi&FU4SloXYkL~`iUuS44Li3I!^4r z^$Z-hGO+$|5jNF_@qu^g8%)Tfax~n zyVaJ_s4dJEvrmTUl_|Hc>9Q_r&Ldauc)_5VHyOIieK2(gUQ(RCPN4?xYdJX5jY(|Y zUS~13Pp1_>Nq&F$GOAsNf_4Y_Pa&qY=v8>v!A#qcvxniYYFvy}q_n8N_B0VXS2ZGy)mp)qa^k#JF6}0Ce@^_*7x*KG9R_yj=Irm6mUu~Hg z=k@LC7gMxajGI#{H>51V4{s?1&m>fSmeXJovuZ5rUlG}>1BFzz|1%OLRsnF(+tVJ~ z$so7RcSX{_n<--pURRRV^NBX;&cPjGT7OM;j!i;jUyee~@wHimlZUw$9?H7Cp*0yjvTFoyxptgM?U2gWJSiTc-BfM z<`+Uun+M)ZFUUxrO7M=dPJdJ{_UFB@+6!2A|2r`5YY!%)_4NfIBsM86jnmY@${1E2 z%pLJJ%4nre>$PI3Kh~a%ku8)tDG%=>sw;UV+Ey(?d9p7~J`ojZRj?2#)aBi4oly*Y zbD7omjrT8Z3WxE4B*`O9k206>_9>O-N(!ek7HwC`cx(4io;A}?xyxN`TIZIbOserQ z2?aD8^%+dlX)~yaZH<3x(^}#>ISBqMIK(mag+5`n_kJ2m|gl&<^3mLgL`+M%9}U&Vj8!8MQ@j3uI{?HP{FHr?5+k zmh|&C-)#KMufN{_*=r7<2wf+R(ZsoD=MlK|=N(8FIZQ(j@CBYzzsEwh-JIsy;p+2f ztEWR{D&HJT!AcL)Z2Zl9vw0R&-|-5ockpMSD*r3cXpeS2nc?U%xA(x!2M^4K0zJWI z6RT8NihAGpk`ymegbBtgn&Rx9;kbD`n_-Sr?RWEsqp};5_sh~7tdwe1>x9`6mT7mf z?H91gx8#*n`Mc!Mqhqli_i_u)W!d~{U%1PbgZ1~JybH<_AJYw&=M#JDr_}Lrth#5F% z_N`5BqVsVlFCMa->L&PU$wMnXkz5=jqNo^T_7vfPH|>J?4iEFFP6bK@1Zi9zx%H{9c+AMc(;?#m!aQoYGav#Y?+Qt^DYoq_v&7iq{7Rg zeS7=#wdCY(+}pJxL<(JIQDt47{-?wB80#qCj<&F%X`%E7U@Vy80!TdMq;70?32H`) z`k=!5ZKIlWGNH`i3vxcbBD%09cgv)C)<8o&?e^>5m$_}N^cREA{dyT$PDIJ@Uy&nM z0eMB;PU`3T(;bnl1u0%ZaY>8%jK;%7-p!p;9F6XlzqTvar4`G_|M`RfAAskWdZQ?K z){t!Q#z-9$*URj+V`j)1;N~cu(O{=D$5=YZOpmwDk8m?(0eB#bONE;=)Hshp{R61krI&V$NPTYz3bllyZ@ba z&RVnfGc#vq@7a5v=d4$mt^HP8#@ygg{Z;7^ab==yH_LU@0xhU!FCKwdf6)^VjuAtI z+wpdt^$7b0t5q-3)(ik8ULxE2sa6_XYst698w-x3iq~jntFLMY7=R@mJTkm><-?E3 z**BCMhM9TsnGzY)u4P{<(MF~X3F+o2;`N5AMph^5>&Lg6q`PA@yFXJ7c#r!v{pk*5 ze_s5b8RPLsDXZ-IfJD2UZ74u zlbEGJ^$4W!k>1TBO`L%tH?RoArRNhsp=j6@p0>OD{d}GkZ=!f;DSv&ra5gz8e^t|_ zBt;p-W$43G8+`@g+CyyyIP>Ci8}XM@-r6ZXClJb% z6DLMHl4Z5v0BQ+2^9#>~11xEX(SZ}^`WnpUqA$*R_J$Ahw%I$9;lqEY5KUdzVOub_ zWEC$nzG7rNz#e`K6y}~~Whs<^CY(Xrrp|G)Xg=s!!LH1n-ucLz+~z9q!_YdR>6{h| zwMh{r^6}MEmxwsEc|5&c@s>JVs=rkumC62h53RYO!qmXV#qTfe<@W*Jw9V}F{|Lrr z{ne*N5sq3sb;m94Fi@$^JpDLm`mCV+rMa7fPcA1pc!?(pLY25XePT+}&H31_zD8J| zxwgCZWXd6fWl7>udt*pob7D}YLLD3&e6(M3DE0Dx{|tm2P6L3jIuYL4wlmAU@ocYJ z|H%oc>^08Afv)l~xYLryMI3i%z1rQA{r*B=&bCWc9z@0xE7WZ@9l%jktFet3IkeMn zbuhb6a#n8p+JjUEi5i6Y=Y^n53IjF=3kHMlRG;f5LBxabNfLS*N4?iP_6V70HTcQ5 z2;UI#icvs%bGPprQp794OvqTMxOz_&9DEhJ+#m$(hj+Ew;s3DkNtv7B=+p&P(#Hou z`XQaI6If73ZEYBT8*2VXvs*WOj% z7))inB<&Ka2xMy?ZI|;HX(#4Y8>2X1;S?sFUZ9p<>3B1e%gzX56j&NIcRcTB$6bNp z{)-3ojp(JEk>18*ym?7AWAfP=txNYyiU%cg=3)o$CQp??vrN1gDALMw6DJyC6jDAa za+Pj@8hJK$WPJP^^K`d%7P<*@S+jWdaK+X>6kwSK%1_HaNg%Jt2gd?jJ6XlcZ$x)l z2{-iu(^p4V1>Be>?rZ!9%+u|MK04!uKuYfbKiGbatB!X_^f;$?|4Q#tDQZd6(86d{ zxY6HXDA)&Ht!RFVQz3-(}9(8IQ}7q{~N$O3PoFK7KTMFKi38l58y0pIaw8{4%YF z%g>PSKQIgpxOIn)i4KNRF2p$FI7vd~jP|Xr_x48Lmhgg<;6l=B(=@R<7)ceJpKcW|+t)B@L!+z+ivcd07i!pmFv`uMN zxI6w>LUsD0`>p4MeV~7C3mz8_y}BN*@K!R;#ouK68n5NPf}EUpUvM{UtM2Ne)B{o< zw$3EUdE&Hu`Vi9BPRfIdmw-Lg&51?q_$G2A=p4*l8I80>jw?(RlZ zj~@X&V%0ys`8b#{T91(Ks#SvV#A<(qd9IKr=u!zM*Wi2o)y6Xb4xwr|s5YQ<^@0hVzJ-y22!TG-|E=&I6J z87~9p7N2+1Lcl*g=Q4#n>OJ0@u1{N~CJ$22JD2=dpwn;c zOr*9Fa`VaCY_WeOEf~seUxp0Wq26wowhsW| zZ(}o4|L-bl!cpYdqe=bMuxIt#`H-TmLEiUL?1ipd>TG*KipbprUcoZ2QNg0u-eceM zK#okSvT{H$(-1De4}UK)Zn~SKy1%%5-r2|P#F#wGZ#i1&-7OkUb+`35A&1g)gN%{p z4xf>IkW8V1XP6Vao1Hu3TW$MaK*2NE50gY)|WQ@ zeMwc-w#tp;jRq<6jg^duJ1gpl|JF8~XCT7V+5Pp>x#$pE5>Xa%yokIx5FnoGmvGMi zE_vL*7DiYPAJivT{@X3mszErIy#rdE2+K$Wd?aembroR!D##tdbp*? zmd2qIIxpfXkmNJ=zM=Zt&#@*loT5j;jd_dB0@B|{UoT?%;dsV11g9XeI1d^30zy-& z1lbACYjc}g-<0w>rOkEi(4w@D3qI9&PfD&01bSgjw_T>eK+YlT5G~`yj_FNy2QEWv z;<;jZV_Xu`c05Y|be0W+5|LW?^P)T|T$41&j$yJkhvfan9?Ry=Lz9oUi0+mn8+~#y zxlcgi4;*%WXZNz9_OqA&fJswU0j0@8tt5b%k;KkfQ^9qKIB6Fe4$CzP&0fvZn&oBn zqux!W0bhp-yt4L7ErFh;`2wEWjgt19)aun>#jA0>#P3y3Scp`E1#ujVJ8DCl?pMcQ z?RutCPHoU_KKFc~&g?5_b~+*9$%QZL(C^9d1-6CbjO1}s!Tj$F!@}5ErB}s=_N&9* zn!RzoUcj=(-LsCq+`iV&mW;8fx8--zn8J+(zoz%AlPcStUabg9C0F62?5YB6%L$WGCLvlD^tH zrFWh^ji{qwLvMt)Ke?8D0)W(kZso0$Sij7U8pY3mwMNM`r_NvHg4$H&y(aF0*xA_g z0NUzQ{HldXO_dwSUS#>RJpI6g3WwHwRVw&6ng8bR7^7Gp0)viV0{ehNVS*{;M`uwV zCS4>BQUOkVO%1M`x;rN%GQ8su?80a5_ERN9xRcnpf86Fjf*2*3i`F%V>95Iy>p7-i z{qtSNJ^37*`k}k+n6Ki-BP;c1pbD^^nq=&epszQ1KDwPM?oC~K)I{obonN@d-yUpC*}4$PgWneVBmFFKkEA?8o~6T;Gb z95Ck{W^20`$6a)lfC8%WxaG3Ij=?{|D>DFf?mV>O=9?wqXIbceaV4lJ;Vi8pxW?+}?>rx}ctswZ{iecy7zJ{7S-T~p=oK&@*)!3N>E}CM3t-pO zXWF5ITP=%HRm}N$ts@MfU{cTUS#(`b&0&i`%le!31O&9M8X|M$eJbBbYY5mG>Crzm zHwOQD*t$qd_BCsLEOMytCf90p-fz>!zD;tp=oSvan)lDt1djrliTF|6`2{bxH(1RD zzD`Npp9k^of+9IIutu9^+3Iea1EVQvh7yENhs2X)g5M&)4_7;b_%2lsVmEI|M^T{u zwQfH0lLttcf9P*#X~ZcelnnRaWXdG4q%yoT%t-YPNlS!&BgXA zLoQBHdDew)GVuIV&(5nC>K*)*@Lc$Wr&>1|srx?yinvW6rTMm@VOBGyLonjW4h2kL z6ET<+8Z}ulpm3Bjnei>PxtKbSRpZL0UA_|rQ;q0&d&ckPI}FR7joG!8kC)azoc5%hH74$ndjyHC>{^RDXbB8y_sYD%nXJ{ew?TH@S{c8- zJ>nrpMD6`a-3n^8#~P@P4F)IVT`!2lLF_+Y+mZH7!}kioE%Vu*7+S1kLPBCdW~Twi z7_FOH?=E?(jd6Lv(or+SjMZy?h5lE@&Z>i~Yc?byqnNh#Vow7lIoxnykI&GCXM*Sm zHdnhZ@KdvU)PY1k{}~qoN+uKklkU7TXN^^X4WF5i5iHn8#AiM$2`E7(qsD%|ckK>I ztl9k_yxY1LY~G$$XEpe^wo`m)PA|l{=dB^{4@Ng9Tt)o3<;0B-(O*<|eY%|L#UDL~ z{oc{15-_wsX4(yc8v933BSyQ`RXt|$qqj8dENM2Ix8NAeZCnCx(miY%14vixT?*tm z(uhv;Y*hdS4;@`QU$i!rxO@g3CE~9TZOfPv(G^5oWuC1LH*KgWeP8b9@}{1CEMs!~ z$N!+Xr)9Jo;@_(7xmR1f^Tlg9#}hv&yUk^jA>z9!gyHCOnAPLxE8g_)N=?$uo1{S#Pw-p{Vw(%JT^EGM>Q)o#V$$sYZJc^DUNw;cNXt7NK&^ zfw+t{{~pF?N82j-cSzmc)YU{8(arI7T6^QuadT~f<7oaKd&Zo~lbEmT_38FpX6DP0 zCWV#1@|P?P=J)+2Wz_E-WbHcJhwkNP3oTI-n|}F^>9^aY4DtR{;E@xPau44oay&Nx zwtUp}cYE==RK^}q9E`{2aR)ROoOoJJMPI9$tud)m7W3!=6Q@5NqZSlBf_Ed#hkIC{ z7$BlNG8VMGplbF7t0kl(_&qS`Q8cWcSrBwY&V$Giv8ykPiX*lWOL(42JM=8SsegVfE#chnLcKH*o>y1bH!YZy_If;6%d&KM`F|TrKp-PC zzVaONJA2Neg1)sBM*a}>ytBvXV&`;La4JLExjHZ)cbwK~QGZ?Y!&ypCUU#T1q=(RK zV0F=MX0lMs6Iw4BAR|1VN)4CcKOk$llZY1Yi3v8zJ=V)Gx6;J`!f2WV*%+kWL{zSz z6~0dzoYwDDR?hm$E!>=w4cp^NTb)iCT%F5&4I z*1g)eqRk7fi@yTmNUo72`{V3(1qt{i;K6 zhjMGh1l#Ws2PeJzuRr@=L+>lB9M0Vc__UVdH;;|~z(Z5}k+&2gmcVj+-_f?R!p)Hb zEC>U<)eh!L{L4N&mA(b%8Ur7^My=*eQIb;(b^jx114nvIuhfy`HWgbMO4IF(pDnfg znO81(sxVh;N%Px7hdv>HU}LlWX@EU|mDJ-rJ5(7<#)UQM<6q%ATu@Q}mFmq@GT^}~ zqZAmP`hWM{?E@r0SwOka@+z1f3Womao!tM76gGA@<>k3dE@2PX!0X36zRQ4ITk=Naz&?(GOItdlae$LkxfUfgWE zNhv*sR=g427Z8LtiG0}BI3-$O?xN#=S1;?EK^6uVxcTc_A#?${#R_Qj- z^*FzNIUT<_Xfm@<6^C82v~TAa>KHAOk__(HJXE<=bFRLQnQ85>j1%6vB>rBqIfNK} zZj8M(k(z$>>yAS=nksOYH&hocS!k45AQd&&92qyMPZ%Z*HGDbl_y6qq|2|jNQYOa- zNNnLVTOQ2mis+{j%}q7rt6t0(XxY1%G!GNtmMBAmGAx;ddma!UC0ZIHZE%0>dggzh zt_51bWx8X(Rr@$dx(*kUe*7P86P#bulV~iJ83KFvUQuefeFx_S% zg`N=Hrcep)+$AEsM?ge$n~}UnL`Zz+E(yVN%BRmLsNOxHe$ULuFY=1zwSe$TRzcYh z?zcJ0`?smfJ4APH9c3cgx8k9HqZi0HmQ4)m9eX63tFiZaib*d51_b0q8o2e-DnD$r z?CusZeVbQ!OnWHao#vEL9rCv82t$U@2>%`)mX=B3U=)qZM`rg(6tm-~H3bmAm?dCY{r1 zbQ@wOg`Z|#!Od4i-&Iby7L=tT4BaD?^R7Zw9NkpnwCoR@(4Ie|UTEn^llOB1<44Dy zs{a1*i#_gK>Crty`g;myvi!m2NZH?+fz;~L=7yI`RdfCy4qNM`X-g0-drhkTuIpoi z*~Hi9Pd|NEzkAY=jSfpv&e-5>9h=AYMm=f60VHvj z$(|Y;05P>rWfFev+dF;>eJIg1@Nv|T;r7Fzb+&N6wWI5R1dz!@&w$YzvSnAqhZcOL zx8j8VhptB7DqvrH6R=p>QaH`(xx90C#uq%7Mzbga()r5yrStcUkg7(&*-lNDD%zAN z)_bvR5Kot;9v-oIzYi_U0g^LcoMl1RsXN;K-AeMPW_Y!D0S*a7Hd-vJNq5nl4W6xz z>l$i#$V8Z%Q?mwE`L%q}61tH9H!vatt83R0$DLierP;NXJeN4e48{zXb$gKvU7cfS zvSP=YaBz*ejEo>vlq7Sd(yN4oJ4)dFJg$jLU=0^J4U zUkr>HBk4OL-9Q=3rBh&>=z5QHpUN{Tt)z3oi@GRLqbqq->4psxDnU|J+1fH}1bbx6 z^q*cDE~et(N)NALWG+X@7fvJ^ivhTxPvCwMMP($TKjX>}OxePV{|FjVE`qu5Q-E+) z$@&zUsAsowz;sm`N_>R$sQ&3|RPg5B^gjar_mF0LUhAHx+&sGeN1I>MoLx>xzAY_9 z{k*mgCbFEtP^?E`RqrR7)LMK$-Zf6N!;Uhp*yxysMEPHsR}T%uYpv}qpMuoq6 z06JO5M<^vmSCi$p4yB!pV%z(X$-$j~zNq9k8KMnN_sG;agEV*CUe;;@xvI*~#-ixYBu-nNfjOhojVd7F@0w0)4nW zH51pJ48+E;pz`ciN9Nxb{W3ZX&17*kGjb=f_si60P&U5;T3H0c z1-*a!GK6}+L;EF;-P%h0i-4b@5t&BsF7;&m+9a5Fal9H*hhyUB5xp}lg}U7HeZeJV zC-=DYc=zx{hIfrvsr$*;LpAG=YAP$N4nv*Y5Hf2mBLm3cED~1pJ;Xc0fPua0crUfS zRXX88h*yS^n<@{%D)STY5P$UNuu^$9@{|hNnksCE==jyv>$PD^wofWWJGWcK3`kXv zW~N{@c#BkO9v8Vz%JbqBtK|WBCu9|tG{PLWX^B`tqL-SXG)jF->=>`r0Y!9C2zd{6^qvWL& zrF_e1TRnVrT&ZyCS@tbhF{t%qd)U!sIhS&BmE;iF0%9UibkmHJ)mS4hI{cIRT{>s? zcML8JuQpL)n?v5F<~v{{rLT0QhGahDG; zL;Eqij8f|p_N0B%o!*vZT8!&D?>oOA2`UF#Y##*&-X+4Q*kpQCRGvICIXL$rp?#&F zcb&t%lkoZl?R^g#hqms8&W!wcu{NW8c_SSYV(0SoV`ViIvs|s#?!F;fx8zp6H)iH> zGF6qVZ=rN4*YTVcaZXHW2DPDZdmB2d=4^|rJfVz%^WnvVh0T10gi5Uc+%t9wAHx_i z_iy{is%kCO;!^f;?DHPkOhJ&CGMbM2k9CZ>uyVx6heSIu6s+z}w&@sP*)EYHMI4--{0XICpYn{U>j{Go(T zl~V#M%*x})W%ZAM&101lAT$f$KJaZ2Ei;VJf|qtgG+DSAq%(=T8?bhkOAb@Jx>eg)&O=fC=G(MXb(5!Kjk>ApV>b~skWb$HAa`e<7Js>bbp}2yU z1t%%rZ#^Rt0_%1q6mk>$t;`r1-WH45B67aNHLHa$nLF+oa85!A9jOHtGaWXX6x$-y z?f|)-oc4+&I@P$p^aENIl`FVkKPY^%$`)XK7nXS+Kzk$B8}Jg|MXtOD*!>x(musx;oI2MzW9)dP@j0aH>q!8i-BebMoO`nk8_=%7d8x1by1rzj4YNTU2SAc zq&FY~CVnS!C!#x;a50eJgZ?t87XLlZ`IiGaEZjLPIRlD(nh@IhB#OO}HJc-u_S8G5 zv@clwNNR9>IEMuyV$W z%dLAwc+ytxoCpx-x4}Eo=O5m8Klp9Zv{$2kfL~onFgA=05XKR_0Xzhxm}l2C9; z6B6mNq-`hKITEvh#MY!y`nC0?+j*Z+i*a@SR21O1eq;v;DKnd*baAzZ6eh(15b5&l zI&N*-;^{ODCC@Rk^i#&AA1R^@%(adw6HTuJylXjmo8Jxfk2gyTVTj)hJ1ANFCHigE zG0b2AT7$YKNeV1;^7BVFx$!h~W|>cChyn!+=y!e{ZEPwh?1$0HHGad1U)5C$wB_Gl zvBq#>61X4!BcNS4+dF9yZ=TiLbqT9`RmwaZRY0^|xL6b=`|BOO2wW=eIy7CjqFP+t zEV4i{MjoN(5;$*YCcH4{h-`goVxhv*@pNjMF%Sf1(r@1xvA%=7C@auz+CENswT_!0`?XE-5gUw+7S&wkz-(4!iuVgdPM;fQ9T z&F(PIFnUH~Y=1x9)GH=_8(JNEgs^8uelItW(xA*0ZBYl;Jc@S2NKI=8lql9vN)S6I z?5~l!{;5~BWM#fab}Vl*t|z@QNSJDTsgoU_nu8*hiNEIN#W+g0z*Y^3+SxO<^PP8> zKNiwAgrxDcG(>~ec?RJ{5lm%H3h}zK%)F@61ykyF)-9XM5{JuL*=6jbU`vFxULxJ=)(8q3;HBTx z+yQL%TM>c7S=`u#b5F+iwU+rk0XtR>wQbXe`gw&)0*b%t?^K_e)O1N~^OB{KGfsPz zRul{lhke-!;Pk_8kLqnbQ|}$WZ~eM@Jl{daby(r*+K72jQBf#S%)MM=He=G*J+-gh z+@Z{=87wxS9DAn>V;ViflS(l|Jd-u)dW0-20tTlK1t;1*ya2ii|3KFq8)!8k6IMZX zD~`U6kkya8`SYTVQX4U_Hu!-<9e?YrRddZ7r@L%vfux=t!676dnf@&7+oR46TTK}{ zxajmYgx{xNe9DE6+w{3E1>gB>hY?>jO@99GN??_Xz4+F?U!=|$%d)z8QI}lZ5xTp) z&RBGfJljxo)|9b9bjzpm3x-;s)2W-`P5wr+9^3pQDyK3|u;xOVs#*;^d`iRI&^&t3 z10M+6|yVPW$J*_Z&<;&K9wT3s(mh6Uw6G}nR zvUKb*INi_1@3lW6b5c;;-NnqU#=)eh6j|Vs?qm(*T>FdUel`R!X+K=n)u+@=~8br(W(ug<)+rgc6^$P12I3}kY} zW&PdxNY5&3=X_8HICdqGL6DIqwO3vouqU~6;1sX=JwM1)$K3};E=3wQ>PKUAdDo`) zes$(0NcNI$EI$+alJedM{&WHMp6HSIWS3L;8UYqV!r?8-zgt-P$uX5zpjk-7#1z=X zZl&l^+N)_W0!_{2x77K%PibJWA*y2H*a#O-0G<8i5gx^j!l+5%pO-i(lGu~$iGOJy zr#lf-tR(NmEHUHYqcY_1d@4A{mtP4Py~y^WQZ6(iX)HtJhrt`@cnBEXgF(eeq!^D$ z%ao^S*SR=LLN9uRS1jAx!>b=}M@^YDW+?4$nr8w%0MG>T+#KIU^?6c`zb%<~%irysWfbBM#Y=1U@)ShGd zC=;SIwcDN-;Se%ZZ($=XHAZgUe&ly3zUeUTSr4BCsF(+rIDYCW&03rR-%}@1sQE7R zNsIGC`^z7);*n3}%YPR-SBx8tQf?cEhLru}eb&xFn!o{K;#AmzH5saewE`5mg`Gcb z*oe~oX>T9wQkJOtsREAMbhg~Qub~PzfQW4&2m2YjhR8CN@-1Xyd8|cNXWft@)^l5Z zIeqO3AyXF1{|I{70opaYuFciE6~On_ZDk%LN!2GbC!gRN62MvKwQ>i&_Wm1R z=syC)iT3FY$g&!~Tqt)v&PHKII%T?xdJ#4jG$dyA8ng*Lc=&YpcNQp9{h-tYwYJm3 z5W_6LPK?eBTb#^7^b3j38tk78>T9859>mta?hOO0VF4CCRU`Eeisz%FCpi$Zh(>u$jw5r$DXOfBz6_YF1I#YT zR9(GdZ0T&f!&9g#5t1u_VNR*G(Z9cxe_RBZhdQT)mqmKVFrO}zTthM1S;W3{E+L=t z2P0P??Ud1Lgb=w_=AId{u?*Vdgo0NoN^McFL84AT0uAdU9@Jop+H*$h0ilf1_Ab>qsSPt zPED!_bu)0gp-B3q>C<-#B?BmAChW%_6`{`F{f0r%=JD(BbmWDd(RpF5cnYwffg<2r z*4=W8jmIIS^Z{K}OR>tLa#gV~&dWjgNZi|yDC04~TBkjHgQ1IRx!iKu<)ZsVN$=yU zvB7QiE4pP>h$n%i!lR!IADdsM?HHow6tx|Yq&Vlir1c9aPwmfdVzPdGRit^u{rO!% z(-1#Zk#|Z{`w(#xf{rZ1ucWbwoi4AV-uy9T@a{&bA@5b($B104)ytd7(8c zx;Mx^5q`?{(1-mMF{2>sKrEhqS8)9mim#$d}2>&*Qn79B}jh;Q$zo zi0dB_T2y4eLU%`B7(9lt1gN2ByLen5+&S%a1CHgxG@E*a4T6SWc)j(`sJx{v;O_bm zED9Vi`{6T|`f$S7U++b~!z}eMPE70{0f!VoA*^#fQIL>q)Ifnq7qHO%>{xX;=}8Aq z1(uG`Rc+qtz6k`I*k@BT-AV<5lTsOxKBIWmQF2P%9Ozot+ewt{a&nosHPkiBckNd; zaK~r;w*<_P+jcgwD}tpM-2jy*)3t2V|C{s5^#nZ{r^(J2B%A6*8y(kASoMH6v%MlQ zVp9b0oVNe=j7-cKaVYw;^MR7uGek;SW>%c-V%`fW85O}P^f~oE0w%>3TK?mC==J;5oE(gzl7mmbSF|4i9RmwSrc>C+cvCBF@4xLWUt;iVU-HrGj^F_6xp zAl#adL-(^1KV{0@S|fVK;6KS?ZllfhFYDgUQ~0Xh?W*!jFH@Ri8)?ys(E5uT19a?l z9W^u>NS+KVqW35ToCP7o(kRx}!Y2LZb={UoW_3 z&NTf&cv==td0ho@|9<|q<-{Nc5yNqc!u8?VXdkDgHDNbfLK{8PgrO2|d>NvIeFYVL z(sPU4#x&0!+$Pq~j;3xJ$rfI`7cVmP@h4HJbww4CXf&68V>~py4K`n60(kf-(>{oL z%i46{6QHqG&3p`DC! z^VbN&eur6un~M0Z2Yphh_jw-Fc+OFci<wOV^^YLn(it5hC8&Y4Z`MQ;)KRo`zrTN~+G^iv7kf)n zP9n_a*nHG}16m~mw~FMSEB*OZXBz&~QbO-m4KZt>!)iyt)uN>++Qw*1nr3sv>(R7u z@9m#oKBN}n?C?TU+=P_SYLq*$f$B#3UUU3jx8sG0d_&2-`HUB4)+;-|pSG_WW)sD5 zDJrtFXU>JBFg&Q=Px!ZH!~REVonyCT0VHP!qdK-yQcL4>%oBk zXfy8yNCI=YRsdMPyC@mWOtsuynN`4SO}?5IrnGTHuFmx4i0UgIik8XmycgU0u}x$y zsG26Q!&#IJjM}fcRB1B9NgH~fxk5Ijke7LeCO*!ohAs-2F)Z+!0g#$!=QfluW-=4A zNNR0ynRkB#4yB^qnWLoDH!IVw+C<1#7#?k0ewn)HAgdW-S?qQi;THRxA^8_crGnm# z?46kHTW1n<+b0E7vA)~>Ho5m^mQTEPwVE?;K+H6l`OiG5s#Eh+u|2PN;Iqgx5AVk_ zB|iq`T2AMKxdmN?ie9u|MZBAypv8cH&f%}frc-ra7sYxZc~aTRfd0G~{54Hbgqgz4C7y0SZzL1Qcy+rWq_~E48K9*cyXqem zOU1lyIZdX1+f8Wi*zQ23X?A=eq#N~q)0PsE2@_Z_$g8=(?u7oCwzMtr3oj~T&ZQn+ zLN&+3+1e&+uJR7bP$`5MjRy^vR>MZ3y`Z)!MM29o$WDifqkKyGHzbvct-2^pCfNA zO(>tLOf0m|osZ@HR`G?M=m&Cnk3!f$WAd!dbxK^X^9ByIZMS2)D0UQ@I?4@iU>(}( z>adNg{0xy#yG$j`o~pic>Z8=}h03MBktj4i)NChu=he1e$KUJ=lWF@Uv5I4j2H}1y z4aRDiGmf90Ukp?%lP!DwkoPW?#EKu!J}{=|MLez%f_7}`0l8hoaz=;iEfESBpDMGG zMx}|aBs&N#b9HA+?HpB#huE}|S3R)RH+r{4JUob{-kdWO5;wvKdc|ONznBx%x*{Ac zTF{9rHWVsgG~3thzr7L`HkqB@iN{jKd_5|4%xQL6{EF; za~Wwr7xGR^ya*%+*aX^Sf0>ty#{aFVcuE5-NXthy1J&^OuG26@Y)yZB-CB)IWiihw zPM}TtPsvdUpM*u$Cnc`)um&=#Kqs^GT=)0U+kbas2n*(ZJ0jCQZgC1>5RTd`ae#uI21m;U+1(41*k3BP!^#i1pCHFsnHv+NU?qSE$7ycuVnsQh+ zH580822p(yUz+z0cXL9SopAqfrp2SI%hk)r2R;(oE|!F&xaj`h93m;S
      =%_zPj{^dL@{cEAN&_-PtA6zb5Z6w5|#7 z6g{8x7JO$2{wHz`}a)iK#g85(EL)UFwMH6XA{fpx6*8Am4S3coTlVP)R?!= zHF*Qp0{#hasVp>5ldni}wG3KuxAcM`8x_Y~nzXcKYwhHDe4XMCFMtkH)bE;})Lb&S zI}^N4YHOO|#$t>b>%v0mzf|1yo<+irdWs%yiobX6cLr}7UC2RN?X0u)FF$BizMT%2 zGv0$%DDDS74v7_t3ApEO#ATN0*Tvc--W!0U9pB5tXdCNQ{NVQKj_v=zC0T^Ho-Tit zU?Z*J;}bdF9LwWMb_q+UosSDV!M4cDLzv+t%7{zjU$Q$I4MjP~0jyHvaeM7$zpYQ5 zAtz2^Rx$T-{ZaL&T2oH4^_xECTME<1nhvEM03Ogtg?m)V>Mz#~K)IAuCqFy`J@N`f znc~(kXG$Ii){V1Tq6m!el(<`KfLmXI)fN)zyLe#3JZo(=pN&(ruS0pzx23<2`Wg;7 z>-XgO0ct{<=V})>dav|r8t*9_y_5mM@^dn*cB}WN=TO_#{|FRM+0;s@%f)G*)N%KM zdyJW;H0&89g9Ax*bIL>aeXidu@~A~}%pALF7v4&Vi_AA~zC=|TxF;&6{Ui7WN!xQS zo7z^!%z3*zWWu1-r=y)AEDO#x1=x+#A`P|B#m$*d|$3wp`FD$`rDi zoNAu2!7dAoHG?alY~iL~m;DKE&YvF+HsQT3Uz|IS77JE$<5h71;0HX7#Qz8^v*d}P z%Po&D35QIyQv<%xDp_(mHUByhGO6%>?~sAtY`?Db^Eh#ZQa)mr8yg8f@Vff7yt5#! zB=J+MW0aaA6n;5Ce>5IJ?A1KYXFLjiJ1r%}RxD6z%1R%HAj7uwg)p*iAJ;wLEb~!0 zE$+sce`3+>rs)r>Xji@%hN=VrN)=z;%om1&iCV635+#zCp^2& zO79hh(CHw87V}aJylp}9xwhF(DvaQ$f}vUoVP9xITl~Sy{F1gZk1evhqE4KDZN+rr zM7(b&>*)8(fx8Vu8T(xDgSWM4S;V=OH$$*dm)T<4^~ssy_>1{TXDc0L<@S#J5pW!Q z3XoeQ_H*G`ZPw+Sg^Xd8Duzb9Pt;^$%n(vh0`s3Cz`p?*nB(Hxvr=i1Vc=71x8|>h z#(POFTxhn$wn_h!&e%FVn$7kuLXZewhkrjJwYT`8 zbctSwil{L0Z(pRnBNS)oK^jty;PPd>*;`5}B9f_vzi~$9-pn!mk_{q(fU1!~Ye3eB z{{f$jRZXynSaXxno-WFGko_+>ux}S3*@BsnC`s7f(?^Q)m+$=}aQ_^X4%4ytH0~oA z=1l3^UhHXAuNGPAnnjIyC)L+NKc%=@E>LPW{BEM+n34dC5B3>y<5UW`SUH1EdYL-@ zBiNx*B=k(vP%r&)ROI|Tr^)Pxwu@tNI(QaIZkzO6i1AzPP%7vWWSYf&AAsJ)V2>Rx zUQjMnw-drff7Tbb5T52&bYs;yRn~dBXGQtvVXzn3`d$jmbLnp3oNmHXWD&MM)oMj* z=M<4Ot*=i>R1W~pKNK09gyjQ`ijwf3NJ+EX1$9OZD>Lnu`ba8gLdQRn7hN3`fD^#^ zw!wdfG;c!REGT>`9C`655Ldy;bq44EKd{ul_19*u;@`3vTqB{v&_{ZNBKwXVv&9 zt=ThHSyeG(Ae8AYsywY1K%y_@QLbHnOP<)7g=i(L;Qk7|(9;Gr(9&z%L$rKj?~Nn; zKq10YaC&UHJkgXRdU__MY0(7RNc1+tm7?urhSuvBwoO?z-4p!kYZ!+Op8XKHC^WS# z8ED@Cbf@JE{270Fq`xmGO@$fnwdH3Xp=g?s?>CT=?BN=TC6Ct&s262Ba4` zLlZ;l3^LSThNYHSmGL-B2EHoNhhcN*AudAKw5nvc4z+FC@Gn{l=MAk>e(#&$`z^;{ zhhFoKdcCY2Qrg z^Y`zSOxM(`qg`O({HDowc(~B;xh%`2gQjsc^d@BB?~3VnJi5IrBjDHB+f$y~#g0Kx zSKI)&oDnVTsmm+3#iXRimvoM9zfZiSx@mBfYZW;GL!0L`j~6cZ_%JCTcJh@{;@#y{ZGWUYcSC@}<{t@Kj6rGPfzk20-4Qb$>Rttjgmag82ZK>mR3$tsp za-X-H@A|5(+nP))$!rA=kIa7MIt{m-nHa!0JCSF-K&t3EPQ3~Mxh?v zSxJL~OL07;gB7I|&2}dy`NW)0&%SQCIp#m*2bKR|Z=-t69^d1?jZDBtM7w6D=+sZU zinaJdly|iq*Vl%+783Z%&~6GCynhj9=m0PKQcy9tYJ{KC@XU5%?n#A!_kezF2aIb<8wh-XXarNP5BN2vEC*^hf?4#@-Z!q z?$s#}R(oCU5D;jp=tCCUB=<_E`oV*X*lB&{dPR#xO?w+Ty0V|>UY<0Xa|m#&G?QXz z0jHttS&h$21nqNlk3n`mtS8t-Gg`d$m^ZFmp&9d?mz0RFXzmov7?yWyotRXc z59Z}up`CMc2*4>)iVWlIDPQ%z%DpXp799%_E84$1ls|@vQx$T2_^g9k4A^9I(7J~Rj-|T^|DET&Z z{CUpLL7Umu{*q0uYj9z86Q0Lkd<4uwUXDu(y1g5f{O4>pNY(m*Vb(rvkeUVS~498aPR&7LWRt%x>Irpk29 zyw^}_P7s=c2bGPjMQo0htw&zQZVe@Iqh zc-Hjv=P|WKM9UIWS4n9D+Ad?D6);)h0v7A?U-V%$G+B%`nW*{k@%NGz!%q(lxvA!s z2&cNNbo}ARARHNR+BjA&H#LslMQjSv=`kVu|jY(FkoEqm6@VQ zhF@;LDj6035K1iMWm7HojbB0YcJs5TNNE>;Mrj zux3BDl_M;?ka6LpvQ8VX!Xq0Ifh$zib@-$)kmR4Q3YEdE0&2*ZR)W`p$0u z0Nj-Ib(3JaJ)3J9%YY=;ZB@G%*04(l6gxde?+uH~odSJ~qr8CBT{^jqwW!@>tZD0# zUd3>T%_T7hL=*ObLH&DBnogi`MWin=ppu`BAil>GGc*x0VF zzBs>kBl#G0Gs%GVB(ozgPT5a0txJ+z?_VNUM2^M5Us|!x0v1Ll^e8q_ROetwWuE-Q z+${X`A80^HQWj3krQ4S)gK}AQqdsD%(qMU|G5l5Hsjtu0)7Ad~*eWf3nz#`8G~T1} z`-+Z$wr%>kUrk4xszNqRf42~aYHf|lmLI|E3cfmWeYN+FkdNF`a|WA=^7NKxh-k9x zw%vM5Bg8!E)Ct{RPeT1H5o@n;u>^`GfV>L#;r=4FP~(i!Y^VTOdR@&4qV$nnsj^w5t59P@Klk(T{Tiwn&{aA9+Pkn9*MYvIDmu2;S4pgD zln%*rF`JFh)Ig>E39hfJmYT%XgJ@PAo~XZ5J-V+G+&iFS1-}`q@CGyN(V}d%lIfHmLa=D@Mdpv78l+>omeWBQ zG2UxGZ?mb}iLQ~oeJi!a2`E$3E&JC94Ty~*doqClYJ$Fd2|4Qxyq}*t95U3J26e49 z-%W&{PXMhmV>rB$OvegDv~3+ZCF$T&+%piC1kVP#ZNH1HW~)zBu1#WR)E`Btyqvi` zW#Hd(wE!FybS6pett(+eR;$e}<&_Y*uGGK#YYYgfb;X3TX#JUuS%--Hu7~=+eIBYWQW)js%#T0er zjPd+)%$7*EidubdO5(e1rdu(b{a9?AKIlwX70!Yj`!C=$TMKXv<{*ZoA|wddaj^m3 zsd}OFom;Rb-6E~)VCFV0MV{)5SBW`es3L~guienrT6+uOiHOK=RA?ZAsc@dRJ2b1W zitQAV&`n-^MRkn+&wX0eWXaF3-B{P~x2P;D#~knnd9hOuu5XR=j3p^pzDEs0!Zm$2 zzPl@vjh`BF^`-c~lgsrN^EE+CZJk1WT=Zs)HiT21&sH%_QoiB5?oXjo$=v>jW0jL$ zaa{T4BdZSyX_@HdWx=k^>>Si>7eQ!o@2=@d2T+pK&vvi5NO0j#PA@ard59YeUMYvieLa4D*xl({cABS(2dRjZ2~uFVx_9kcUimZ*ny>^V%bFbcAkqX<@oY)$_9+juOR z_`8{ttLrW8&@O9s0d8vZ3>8b9d%}2yh*eGar^R7V$zj#Q>DDc5YH!sO4rfKS$6b~= z25tp~9LO0|E}Pb{rqXJ*k1AnU76Ne!jHx^p;yd1Gc9Q2G4=T445|S}PGak#&!fHFd zZhFXdt2o;d4st?vwKmx3`kP&RWzyNO3)T_!KhKn!91Ozu1XWRF&&|DJf?KS;xUZ~7 zRCBFS%_x1eYmaFWS`m{~K=axNNF6l_U!A~Rq0J6-#MrgT{j4yZRM?-~e z(LC55dLzV_q3u*65o7#$&r$50JH=XLY+;^3q^$I)Gz|2K?J(FmhL8&ptdZ{pk)Xv1 z)lP&+I?0%nj)Z}j!rH3EWtp^@tpXco@u0n%A=XGFBYp5HKkwY zD45K;klyH3jF1+ATm_d^{+ca6+x+P#E@o#kugbhz`;0w*K&I}a9WKrFX64A?E`Fh6 z`g&6Um4%kqW74#=(`LwsPDm;>Fv34^vgV zEa;D8aFNh5R&2A!8vuqbbqCiP?CB&88q^O&&kj^vYviPB%b(0gmlRq(P0m@x3069B z=m_Vx9L<}DJIuR;aViX~SmL^X$CoTCES1i*rLBumIzFeoF~(ARh(_{(rY3$+$6b+f z>E_tZOFld!nV2RKQgZeJN034)S0QT(pT8!=YC1zVxUW=$r$pzgZJ!D-{($X0A!TG~ zx}VLpN}Dx`YrVXNM$|d@q^;>zO@bbrpWff}7t--c|ZqntDQ}mAdZEn zyr}#J>S1;SOpsJ2>q6&XdG)F$Ky(`Xj+Ao}W}3Ux>z`IC1;#ZVThQ%dOMwAO(Hh!Of*!J3?*Ne<5olzlRDpO+ST z%ob3_i|7ydH=|}Y&FxWIsj`lJX_8jDxmCAW*9MY4rij1^)tNO?Cu>6OjB^5j!Y<;t1=}?@tA3tX2MhO;SFW(5E9jnvd zNlfSS>{a&YDXSriY2{S3I$9fTpL;tBaC5J%^s5)n#TyOUsp@W`z}n;En|pEUb^6#I z?)kITwBQ`r47`$ynEG=IXb?LSzOxn0QpOT)n_!dy{{YXNTZ=lj<huXB?LpZs~zDkSVzKdjDsUV~g_ z>E(S;6frL@qjvk2D9p?)c4(_Wm|Ulo&uRJixM!kuwny_=*>n0}=a1s+K^HR$!G>xZA z1#Z8)47`V}#hr=kL+LJh+d;>q^eSejC+-XSB|N5 z54oh50MwGXdRx-@%}WtS(X6vd(-_YCQ_*c-OVC~ggb3&iUWHbpih?tb9dPj+1?3Wy zYUn;$x>v0dxT9s~TP;Ldi=$Ef5019XY1SA>W28_W;Rc}_Yd2ay9 z)uO)k3liUlmrEN&wyJ%zHi%3lNVTz7qNI&myXj?>N*qQm*456+-K5v&h;<*Q ztv)~7v`yh-&YT2F>#p@MHS4TkBwhEC3s4ygF#hAbF7hRGP_(Jlnt5j7KYSXKA=O;p5?QiP6xyEmMuwzb!B3y z@0Kl*tEAD2*uTek-Xu#aJpg+N%$17VP{W0I&s?_x!qrgDLaj#9pzg~z-!H029jck< zJzxRJx{Sl<6?(AjYaPYv7R?e3&=R%gjF$+#Re@4{Yu5mUh$EX5_PdW3bLR|ZW6W6u zB9467l!S6z<8_LKNDJpEQ^}`IG(5ku8Dk+j$s4i;wxujRAZ;9_<~8|!ZJy*UXT|FE z=@8dwpdimlv*H-4%YNZ#xoFBow?2pjH5&;~Sb=S(4KUoVq?y0g=-;Y!T`#wGq|~aMac}76t%iT#gBY-bvB|K0UWSr!-t@7>&9>t;lYdh$$S~5GHnj&^M^NW@hsLc`Q{c2+OR-5$ zLdAnuwjisJH)lJxbp?8;K*r3iOs`l?ak5q@f>-zICy+Q4q9Bdx+A6hd?=Hzgl{?0) ztg`b6%QIbZ9=3~^wY?qL+FZz?Qhpio?_oISG^!+pXKk^rE|+l1hOf@aPUrG-TA-*3rCp4y2`(PHatvk;ZeQTrA$djpSzA++oGnrCSZmhXHzfw+m z`aNQxKATf(4HpdKneX*1cJQj0F=!UWRhkI3@-Ox`OPN!t*|YAIJP4PyJKGm4x>%Vsqtd2S zVP(V!_S-DB)^(0`0^GJ~3T5y5Sxm%3MkdCtp-hgmk2*KHVYfLaa%%o`_oMDTX*`ac zeol4x{+3 zj;zn>?baA)eLA9?_%}&NMt<#2fhXzdp_W_j=Pd)QPxYXmLSeAj#jT8*(7E<+OxYl9 zOD}sphki>AW>Z#Jj$VmuEOv^5BFydxG#VDYOxXxYnEDbgyHKDNz2jqrqWibEiC$g- z%$P!`DY!kx z6sTjIaiJ4W%V%C*;$0dEA(KxS@!u-@Fv14S)xjugVn^z{2mWxA~R zjT8YFj`^qz=bx0U-Y?pP-#~s!KC;-k;b0vvHhCPi3f$}KvT~(cc_a5q3M|>qo0*7K z@7gI5(9)8kn7+f(4Pm}4?l#P5AY`Xlz^^aUq{?lE)ke|rwrea^5J5_NS!q?Q*47yO z1?PFt?K7BV3cR~1e7ISFTnRkQ)Em|k>TF;y}Uk-V?@{~jLk||u&M$oddEKwr63in&EVluJL=;?(W zmsK>4RF3PQ#1(rBEtcAAS5|tp7;4;yvlV1cx`DGy-MLmK6uKcApmDOuhcIZYD z5cKh-MSj6h>oZq_mR(?rZiLe=rdBPK9W>TGe?LDT)1{;_oE0i2h_>*vUnZE1Hiwdin39s@9^dFV21*Sh{AV0v}Q+VEq389(;Txmsgfx@{D}T z6$+etRiZk$uDT#j&?!_~a{Rp2TQG55+`ZBZXj*2%wUOQ1_>#%gF>Mb`dVe{umXsn^ z25!R(2yx3UkVea@gfTMpgSL{-T$*r2u%05sbe1j3RJt`Q?H3`d9y@$n^8pq^Oe8oB z(ikEZBa4*fMH0wwE0oi$epIQkRlIcQbRgSrQrM&Ai;2v|WJ>tVY~NwW#EerU8<1QrlS^QmOWTC2W1))d;As?2BO{C08i#y{culP=JX%Jk)g zvG@=4#wUz=m}1Paq<3kvul3b=*5k|Mo8mn$a>QkupMu6D%TfZL zQV5J#O6ajlDh9sxq=I4+DCE{??};2ZE)u6!jD`!YXz28RWzX^~ZJ{l5e6-D65|?Xr zvnjcHskSH4bNcRc^X*vX+7v!9jd5b=*d(W8t9eSf0BJd%V$qfLtzP0 zFj7b5XBMrjLhexQB#z7 zK)|?fCN2^7Bv_1uVWJWtY72yQ{MDwZ6{0Hrd}`<**A}fW%f;Zm7!>65u|_nLtDZAz zDsh6aDR-!x`A|%xlUTGIs7%w#C6aBfdgtcF%H_3VDp=^*ckit;-X|tZCZi*NF zj%qPHybsD(N8o})2>xGcgjivt(XyL)=FoU&ZXNM0Qh>ll{$`3CmLDb-5;n#@Tz@#8 z7BU^?qCue^e1GHmmNth8U#EjxpUw68vHt+!K3sf%{&D}r05=f;0s;X81OWmB1O)>H z000010ssRM5)&Z=A~8WDGEo#TLSZvNae*X5Qeu%1AT&f!U~-}V+5iXv0|5a)0sjEo zS%M6-7VG*U8ipW5q!x|TqWFWTXZluB_U8^ip9~H_mgrtyYp{$~xD#&Y;fzYfYl3IN z^$$?>ZRkzTp!$dLJYogvGn~PkbNtoT?F__YYKHMG$Q&F++y4OUWs7T{u$#h_(!9^Z z*!;UeT{V4YnB78WwPIe*r%2`z)I8h29%7EC#QD?rib)wi%rb@;Xl`aYDTAkH=EFD9 zJ1P@tnCi5{b#;v>ApAvxBZ;DbdyFm9*WhLzq$tH=3mK0siQG@|Ce@00d9`Tp&{cAr zgBLjN{#wfgV7mEDMUvHivs;d6Bfz#4W zc4M_6YfqH_0P-QwbuvKWS); zr(Llx+HAb<#TK|Fjsy=v40(+9W3e#~@j>cnzx_~-pu&2QH?93k z7RtfNSj$^Bpzt;8X3>^7gKEFwjG3nQ@^K9y`FJQ#)bRA<)4@f^crkwvzr15->rBEb zZ#}S8Wqj6i72UfXX4Pcj8xaM7_ntqIAusm>t%qn1AsxGG6bgu~JjM%8a*j-`pY_Xa z6?UNJF%+mR$$?((>pV@>UMUb&b-!7HikIqWe+@CyzwI;zIIZS_hc?R}fKlLLe~P)A zYU5QV3+=Cq1ly|aQ_Ndlt}TFu86Tei08fm<7Nyd>PyA~C0C}%UZZMVhDYg8{p9)^X z=2kFw+6wiy?VLnYeVWgSYBi@B;tWyPgDo~}erzx$0P@p4H`;%Pn@Ilv!)dO{xN(sJ zRcF$1HCajL#9gNyoEfglc(7zZfzG;5Fxrjr*$X#Jar$C7agq7l<`16i`Vf`Qe@KW`@}O`b#pg&qBj(52UjjXvek#1jaY)JKrq#CdVVI(?-X5aA z8ew`{%Hl05{MOTT&}pz{ZPjqfaWvaU^oM4_pA%Nyf9exK#^o_e^&B^tGfB~C;#o5tTA?$ZAN zxW!S^uD0_l7#r3?Eb0z@O}eT2`7re;I8~d}pDPV0{M2IH_4e2$l`fri%9_nNQV|Sg(pwICuj+yytfPNt7^+m8_YUzfhfr`my z54esW$K~AGP|lo+>n>+a%a=2!Y`Zy>;Oeq;=diJgaa&q_#LZRYc{0^D5Sfe3ZO&uz|gW>Mt78%%#!ueV@*pMy%d#MPFALAQ24-? z{B`MBVu7Nl=UvL9)U1ZF+E<;ou=|KK(8upQbkR=L8I@9P?r6)?uLd5SS#wd0NE#eU zpGU`MiGxdMZ=}KSJ{!T9*nIkcZFhc?3EJbzm@`4tJQ(QJoyz=1O>4N52dEhyL{KiP zNb)5XY8Y=nln@)qgGH8V9z?8?j?sVdxt8T>RT0KnD>1Ow0rrSfb-3nK+L7@nIH|KU zo}O5K1(uVtu`#jd626oUUTxO=*TI=r?6=Iewyfa6{vxb<5m|0c2gsFjcG@bO?O7M6 za@t$O3M=^R_Z9RLQ+SJ-9}OGfaOvV(*hR_iSW9BmmDns?{!MG8nT+ZDvx!IWOgwbc zsrpdQs_*C`5Z5shg*%K)r;_SrJkr7^G&Cf&AJEKar;X1}F$Ih&R$pFal?PqQ;0x3* zKUA*Ge-)8)MZC-E(03MJrIc8(zVd2cB5pOveGwS%CVhwibmPd0^9={c@hN3x+Grn6 zYqnSLS)}+ftW@~)e^=;n<2BjhRKYAdA$$>Pe|g1LYyBo*QE115EUZ*_R$YUOQd#p>9C;98>T&E!blYB! zVlRw-LwMp;eiBdb2mUn9uAllsbk>B+PMZ~=UzvpSP7kQ(47SI`H)Kcn?##H6X0aUT zVPgB1_W^QFI+6bAU79{Cd`Ibh*Bfy@GY361ZfaH@p#iK6eZY-VW(t%!tow?l#5Erx zWZ6zViKvBE&+QNzn{E6VRhukS#bH|pSXV=f6Tyq5^1qPz(s3(XP=9$+=A9-5B7-f? z!ppvdF^-#5{o4m8*z>ZmUW46*<{>x#`;t;L8(eixb2;dX@d= zi&W#8P-1mIm@+6LCb!MOVhc;LHthX3f zUNb5oP7i}Aw4uQ~N}a*eXXJ$nF*Q|eHFqXR4Npor&ojQypjRZ8Mn*>Hcn9k&$p zWq4&Y8C$YeK=LLtqC<5cmK!V0mC^{@;l&&>aWn)q`N7NrJI37fP^%oB^&ej(sv*TfE_>J(mv3wZS zkmAbcP!zU27_X#guyGA#d+R(!ynmQ87|_Qu%Md2oOR(B&NOAlT_JzI$ntok>c}XQ1 z78E-j!hKW>dY5;i+aDmU()0@2hl4bfeJSpA%m!;|OB0YrKOwa68akD@F!vdScI5ky zimuds%YHjU!|~srywoVW_A?^84QIiXriL{?gDW~t%f((cUN0G;;Of&uyd^}nz_R_tPW)@c2YbXAn`^6#cQTCO#o6qkm&bLBmP0pnz<}gu{`OGV%<6%_Vd`}&sWncZYpghzsd~dp2K6ER z#UF^TpCVQ_>(YFPPW6B85&l|(`w_Eh3m3?T{7B01!dppj54c!fG&c=3wSAUz4H|~3 z&;1b*mzL&gN=6ftD6F6?(xlf(6Q|=Z_JokDn52FpQH8jPN{z-@(u^_8!RH<#so*z* zFYLu&&a8bVbnWqs{zI;%B2o>Nlrpc9vsv{hYy(qylxMo8l^ut}%NW&WweVwnPq@Ae zW3g_17=OdrsC_0s!265f%d9K|q2d+a?_V)34clxrx*b)Vh%HMFEfK#D1(nu5KQhaj z&J1kV)8PAuRaE2ImJF4yU>>6ql7hlL%3n8U?<&so11Th1+d7hWCsEuL=AmU7GpFyZ zl62vM;lCoc?qxEPR_qyJ33y{I!dkB_31?@yTI*9&c@mMSO-&QL8ehnQp|`ft7_Y@_ z!Reds40YQ(mH2=y{{XX0S<|%Krr)ebN*CPEPNO0U-qV~%VP%Sg)U=auS@m^1N{(!1 zGpApvz>D%fHiZ0*YbfoLVrHb2!KaeZMg~aM=)AB6p zJL^}MVW|dKH7eY`rH2}BSzrN$tKwQU;@aiIQj1b$dW6P%rA_`-kcOb(_%XU;^;gVW z>_di{x_dnFHu`*diYQMfF}kdR0K`t8Qfem>kF2rh60g;4M%%AfxZRZn`^&HbqRm3P z8yX2yCe+rYWg}HZ4C&6bH5pxcL9EKX(9(nE zmz5Jk=x721)#_d_MWSEEn^s-=ZdqdQpmp;r$5CFE@+DSm zl8-D+v%6o2ReF(?;KaG9?O`sk9C5@3qvSx8ll4tC1NBXHkKr#cQ^9*;R$Lc8B}!~P z-UP2U*lhGAZKOSwBWy-B-`Va|HxSnTr3X?P+EDt2(@NOT+8e~ZcF3_Ky>ARA+=Dim zd+IT758G&u()+Frb@r8r$fFLhw@!J)9Y9gouvGSUSlmptxJ41bP$@{v)MB)qNjOxG z>Xn^Az!iw;ih_HW_A03J2m|DJfv>Ys@h-D<@Fvm(0pRKYV5m6!f}y8Vkh+#zfL7&} zw#$be<(NlXW&9PjW8TUl3EJ~Uov8uBEkAxeSeriwi3pW%cTB7Y5G-oN@qBC>T3Vg~9P zQ+S%yTvUVl%Z|@waA@h)3Q?PIM|$gRYsr;XOK!Y6`j+FwK&XT%@j7+fa?Kr?$kF0$ ziiV^dzySP`GBGVp#l)-^uSJraVA9Y9>6SGsZ+e_egsK8q z@MG7dbpDyLg>g3;w$otDHV@QtrYcfTYe%ZT1>mZWI-#zC-Iy+}w(MALvCdFIK|S^u z)~ozzIF7@oO$p{AC;{Kh!M@D;mRqFl2#K`0v($DyLSY0tQ9HavvnNGM#5y`*kR?d& zb=fQ?#{oPK&aCc(Tl$E0&efhHGxX=~Bc}ElP9e6+xN(?mrorAIN)PIvhphN%vse11 zRn*5Sd_zS=v7TnIr)dTZ6k6xJ!(gl9sB+iA+37|4yb=UTQ5eg6QqL^mV$ z=!z?E(Hp0%j76%tyYm{cV9hZo&~>?wc+bW%V6N*qG3`qHd6b>yI_8b`Iq)X(t`e?i zQ>#uEE-S7o{wKMkSf9ZXy7Z_G>TUwXB^2$9pD-N$aTK9T7nAg_ z6MoHD(;VBJBo(+di`^t!fw%ttGa=iPNop*3Hvn=pH4{pM@nz zwDF$lNwbq=OHG#c_?xO5MB80jqp7nRS^@l@;ZxjqS`)Tad$*Ao-sGs_CrSRe^wz`U z^AfHBv(&Swl+saafx+77WH&V60@yuNItQ6ir&paPC1v#0sGCEwgN9F$vsafCq2$uA2Cs zFa)s$oEWvLeIhc48cb9OxL7LJhO^8n8_)j$8UMrpJP`l_0s#X81Of>I0|NvD00033 z00RUO5+M^Y6e2P~BT*zUGeTi;fuZmPK#{S*(GVa~G(=G0U}EwA+5iXv0s#R(0sjEw zQ5wUw1blv%+MOb?QW`au2={`j z0oLm^Gp&nXHKwLpYhPyIC(@6@I`bF$at~3R3^nfGyitYDy2pGyx&<)luOHoGQQ{j( zVhnd=?T2eLHIUi;S61+Qh==Nt1Mb*tfsoWsV&Po6Tp_XK054ARC`|ES&Na6 zjGqsa8>?a6cDrWmOno%-L6MPn6(*6Yw@q5v(x8$a-C(aBeKzU(%Lh~hOCwZq6t#9r z@$x>^ACoPwA)kAux=OCc?_y~!uODf8+w_K)03VQisB3K4vhBT2o;qPvh5*{5h|x$ZnIdv6>L7@8*z2hrvqUR zV*=ox;hq~9`XBd?MeK!A%|xy5tpYWCLYS6ouay4)i1@~$uS;tzM?<5J?5jg#1Rn9q zQoa=iq|0ndYv|YC-Xi!mSGV2_XUIKU&VpnL#e`MbS3+YiR`2m0?#cv@NR{5WT}iF|zFYl^D6C4>fVKF{~bSkKo@<;vk@Xm4#xqLJe0(5wa+| zi1)8{ehIUf?kz=(~NV+#0KUc6t2NY%b`!&zsWDYOvZjYruorX0M7 z`!s{cAK;qi*X^w8lp5VsHm$3(8&Al}DbSH^f2?ZIf9dSg^@jT@J2F>TacIAqS_|?q zj@x+==&K{mkKg4AvJxBX>(hAD=>dD+sbJI&^PKCxLJGIr(L=_v{{V{P9-hKvR2juo z4$|h-3`Fl5?wSmGIhMG^qols6k9BzCaT>Hcvi>EfM29Ate6+5yt;}J<={Dzl{{Yf` zJ6(8(CfbL`PCp20qbEkB=wZ7ekF;IG@S7;hUnd4Q$fbd|%mnFCmFA@A(AsJpERm@B z!H;TuYCAxQoTQ!}SzA=wU+c9SbkmsMM8(>Bn1ONei#MsF6{8<_-)O9HS4}+aI*W&1 z(aV_X_2}gCf6QIji@c6cX;2hZ;vdv|N~qpC`3H$rXC=0d6i*S4jx?ldV0_Gu2N7_u z^>5}aIaQrQ>-omXvaT;qAjhiHzJ}1wzD6r)VB9ABe6!z1{o;(OSg)u}oqLYHM)sXh zPeUp?J`vqn^2XC7btr8bQ<5(DSBa5`)cJ=a>sGY7;n5sRk6$P#>?0o+leg}OS!~N2 zdk^-VMaaLXPn9K(&tbWKa?LDGscl^QMFTS3-IPH`iL?Iz&~}YuW8lrbHdPmk% zkSeUIdW>q$9y$4$jCyt1WKS(j{{TKF)=XVbxs?v4%1;3E`Nm;Q#Gw48iQ%!f`?R9V zFHw%X35W$fR{4Ll!yzhro4m!Nta{e=kCfuVw044wwr+LiCO%r7cgMWczer#4Isp7! zMwPnc9hY$8J-gV^kTm&9l&J9c4nA_T(_V%^z?yeX0b^4Rz~Knf_YVrJ0rOuDZv0mAOh&@*lj;9~Em7 zzzyk+I|+8&oAw_{iH~B?t!AD3N7Zn``?ShJl%)&aWNxalkFKUDs|LP%&ZbURr?eRP ziO6r>HTKu#$W26iVxJcn={KfdZY&d~Z%vo*(!N)re}DCr@H{pD0RI4EijUFXkCfEj zd^O&$V=8jLM#z-AVYg21((dd1iW}!Ys8ze-FSmcI!BJH$asFvBTVAG1_lb8` zC0*uG7GxrPrb!~^Ka9j3Yr2*m+{zrDu1CDBdU&ko?@Pf-Yplz3>sLbiOHTa7Uz8qf zkizt>9-CgS0(GvyS%Q`ONuT13?X>>6@?NDH>)!^W`zrc&C?YGS3^O{{Yk-j+OBZ_f$6CHz}KJ ztK#EwzbTK9myK7yyl-achPI+gmPSl6Dt zBbAR=RaYjl=9UG_r+Rml>y=Te?@*ZFSPnJ5(u5U*jdZ?~L+w9Pb(@h8dkLAY+Ujoe zFrN}XNIA~_e5Mboz$S$;wf_Lf%T%T+2KmgZ6wz9VlfuMvv8{$^EfkK$9> zHC;e1#vIGOmrqfBOE2A#UgN=D{{T`rI?Si)P4%N9mrbVSuE?#DO=oZo3Ou$?&O>)YH zYAvXFiMKg)vxgFtu&Ktlar2mmZn)Naf235oEjZ|O)_66eOBa$RP~H~$d(4z;DPE@s zShW^Yjc;+-&08XqQT43U<>MWDiA~2Ld_A82^AMHS9@$6HZ#16Av|@2`b^EO{OXJx9r(o6o!p)V|eOLiH)Jeq6?|3|h~~!J_4AKJb+Q z$!0&wR9h<)sg;htF4>5o=;<`2dWh87&YVndA#7`>p8@`8Wz>tlk&bzle^AivxI{Es zMdQ3uYXk=07F|Ds6vVilXY=<=qm$>gNb*9z5J2!X~QIr^VXb?4y znrKHNT1HBBtMx3%r^KSV_m5j&S+2nY^=UNO>Jh`QmHob=y*G{BrPdb9AA!+nZkM{X$b{$Wu+jkpX|{_7UBGpSJ=uD<5&h za>F;v%)|}VurShkYFm@K@e|5ys_(rjLv}H*-D4iUDAT&i$4o9)`GZO?{2%>hIbdF! zIn%VrRnkYVHHgFRGF^QhueFvu-mi0#?QBM9i>@5tMe9{5-XD?<-!0UeoU} z*JbZf_muoxR;%1b)$vxqd0BSkb<1CQeMx2NSn$FEQ`M)J{UiMr?c>nUpUhsqi_+is>S%MHx55ZYZlA^`wZN{nW$cs z%Wi9P2b9OSFITNTrOs~+vUfVaPW8PPFg5s8TJ*7ox zwWx8ym(|g*r_^HYdaOenvBh0SytLTWBe!Xo4U{Fn&Sp!NDSH0^47s{?ra6u?5}o4F|2*rjq&lCuW=Vku*&<1u;pTpn$4!_R^|0C`%A3qD9Ee0 z?=Ks`$*=W}=TVbi>-oz(+GW-H!{l+5U!?bzYNy0w_VC)E34h`ld$uo1hy}F!8Iht~&Y#Sgfc z53J6$UlXCfY_c82J z2|_g!5905=hco(d^@*6D9EF4a`roGErb{h1t*J6T4dUV0^D@wqGAr#e_W3drUOZ(% zs_rEyGAZfV+(gqNqeJ?ZBKW+0KJvguWjhb7N{@=Kp#GsTXhbblqmvci(kYz^xp6%z(CHh91(DHsTah%%GdG-lN=hnD1pD6b~=Fz4~@8 zO?`~YI~_7oT6#<}s_bKAp0`~G666d#PCs}E&Q3USDsgZ$-|CFkVVyM9KhhIMa_O#y zbTYC2$+Z%za^LRFxsKad=pnkSW!t+`Dn_Q4xxMB(s^Yt!cs!Uq%z?IqMf@gf0kW+o zU&UphOyucQsJ)`qzRsPec7j$8Emk+<#Kaa=aNa#pv6jac`-%NQL98+MnKh&1hOB-+ zP}lCHR(+-o`~Cy=m|qI^sLWk!$}1=(UGbmZPzeo-XXz;<*7(og+ECp+*w=Ba#%`OO zdpj5v@U1PUl4RHa0J)^VYs_84)FNjo)h`-H!=~Z6IGZym^qoW(W|r4%cFVUwtF|Tq zRt!$RIc9Flb^)lFe`b}h8v9J04^JLkoqT~=JOL1OvP=6c#VlIOU%zNj-9iRE%w@4G zveo%bo3O(C{{ZG$p}w*C%Q8s0X;0RFQ2Q7wzS=b>%08gVE$LVuWU;RxS|)0m>|4@Z zcJ^D;Opm*lT+1D@shI#})Ge>LjES3G_4Q19cLPQJ;oXAYG&0;rt-84X0OBq5gp1k`nEGT(`>|L(#@xthe}_$pS;`SatZsQWMlQM+h4bNox?4EA@u+^b@rIq zepl-mTHTAK-o|7%M%B8%d6v5@TkGs*U0YaWR(O}7%RzE?`AkO_siN6cSJK2O@`zD# z{vvSV41|A!kTfyz4PJb6q^Cdb+&@^|E4=GwpRfB%Qs-dRKM`xq18%V3wTD|@SaK_% z^ypq@+VRP@!^xF7b~!h89i?cQd#}5+z*XG#drGwPWm)_a1a2*RO0N1tT1OKT;=PtP zV-%M7H4oNYQxcw-^%;vu$FFmDo+8t0HD2+sn4x=H&Gi9__Ly55&5k?DHD!EP_L%A7 zYHE+SX+V2wd~b0vG+_Ae?&83xq}|NJd0uCbaEYyWxTT7s_Nl+Fx74BA0vel_c@+g zmry0O3tUl8Vc+@ljkLFi$M^3q)k5MVz1eidtV^6xUxrTesF?J0*VQqpTx$0}c%ied z+((p5%ed%Q-eOhKsD3i*8!GOS@F5x<57Yud)J>io*LnBvGHdYm3+wF|*+tz_G}dNU z(<36N)|&x)SA!}bZCruJw6WF4ODFU)m+Ac;{>QXsN=Hh;<@PZ~O=DV{aEAJA;~{i1 zx;kg6kLD2v8tJ6A=dAfF);*bSc7@VzrxAcpG53SSW@@eFSdOTA7~@}=jyw;b>RJHk zKo`Fd_-WMF%wn4{^vG^^OiIm%#J_n@#dDOyffloqZ&ikiGjdkYE3cST;MQ0-e`$k{ zug7VTnPXY9uFz3sTG_6eMy=2WVc+U{y3^A9b%xiq1zL8Rwn_vY*Y}uB)K;P3)`m1$ z>Hc#st>_&#K3Q9U1$i8=v7Ay(b`5JirLAT<^X5rY(&ylvrWd}k@fUaH7TkshWqMAw zUv8f;oa6iu;@fZAyk855d-E(0dX0xgGRI6B_E+kHr?Rt=Y5b-toS%zv*GPJ~ulYlj zY9XNhQkt&01#iNMed@LNdbx?yz+X2kWvykl265hIS<$I$P9;c)r>b;5)2!JVCC$Vv zPXzr)Ivr&enp`lKGSzodlQMPOxi$X)3@rK2r*0x-*^jMO4Q9Z8A`NT#O6_2!6?Y^H zu7?o*n#VQ&0PZW(@|u(&2h@_J7QAAX;{(LS!PNv#9e=%gsUdwsTIb^%RB^&ep&Ku<{Vq^LDguO zv{W>(>l-ao;ZU(L-mi~iawS!q+d7sHEV9>fYp>Jto0k%ezj(@Vi>FgSmSnMFW8?>=YTMdYo*lQ`KPi)tavNW+@4=L# zDs}5Tk7?y)HUp!4q8q7Rlh>$~_(RU57`V1o=N4#VwbkqKL`>^}-LA3kzWpmAEzL`9 z${POi+`($}s$TNER@37))s1#718R+BSoYp@KADm{EsN2eQHXDmXh zy{qc(rVH|NGz%LMQ-^;vIF$7FbtOX|ZnhJz$~E;W`~>EBi`a`*eW1p&;nukS0L<|? z^nHr!ExE64OiBW$S&00lnU8mq92jwh6!lp7rZsy(%C=-$`95ttf@CcKD5t!)9ciOi z^+83AUsu|7UtvvURxMiZO<^SQ{hyDtdUVoNRhf1j=49ejo`%r=F$N_{9ge11{YToN zE6TdI2LAv_mgITZQ`r9Uj4ep(aj*H8UtTKgPVsAemnB3Eb`J!1k83}u&8nabhwbei z_P7da987#g3R>|i_@`sGf^V~7sCE*{jw>lV%dIy)^Zlkh%R_D}ta}>AE_=#=v4AH? z$%jDanO0Ju+QV6G*5#cvm}eaqaXx92li~=_X{4(K*>{u7Z|WXR5NKiC>@2sjnN}rf z(5z`Hs9Je#B@a$7n4QP)m)+NW(QuvX7AcEs)vBTI8QIRPf45aF!oMQk*uqcaxx*7md9I|b(9w&*VQL9Ci($}`tm*O=F z7?>@yXGk6;Myl18)#evw9GOif@<5fNSavL8#QDFw)Bcs)(mH_;I+H52(n(omuV<{v z+}6R?Sz)#JJU8_BB|eiC**!o0GylW@R1g3H0RsX81_uNO1P28O00#jA0{{dO5+M^Y z1tLLFVQ~~AGJ%ny!9uao@DLRwGg4yVKtr$@+4@7HroP^ZH8yG!X8T^qs`A+TG}0 zByk>1j>F;q0CG8Dx8q3drz|?7&aRB3fzlW%f-fJmJik64{7&ot065cdp^|b2rqHFZ zDJ5A}2&EwKq+&8Ziyr#_07D=7src0Q7o;d;&>{_=fBOE_IxYv6NgV5Rk6x7@=kl*g zoXZ@UF83>ejil%Dsb;<5T}XCB#!wG^7#il%(5Cz? zYPjv?UZv!_W1XWyG3T67D{pjP8!1&ET5>`Zq``0h{cv9PRgi%{+&#za~gKpgZH0ILcJB}H{XgSCF)f;l}ru5kw;^CJWU6l`qems5@JtpclvJ8KB zo*^Bbn4_8Q$n5Jc;X_Tc#e<%tt-r@KW3#tN6!X)}`~Lveq3-S@w^Pem=SwUyEU`By zLy&4~IpE@SVPmF#5yGxAFy9XPM|joQH&Vkoe5l*>NM@fq%*(Lys4OSAxo9Now!G;I z4?h|bJp5jd13V+`6WyNbjktQbM-&0EpYo(}aMoc)G+QxHd}{gRd0s9UEvdP&JAG{;|8BG?Fop zr6m|(K*9T}_4o8%9uE6z&fj0sNwZ%}IBY{6qB)-4U({A0=)fEKrO#)TBr(~ot*bc9 z>PiAWJO2PmhDYfef)!Lae7R%Wf==13cPS1Tg7I%K#)Y3jK+?{AS~iV`c9rd>S-8_) zme51wzOGoSM!T~~uT^s9O~y}VGlPy*i+gyW2eKp!NVm5u13$73O@7U5G|!$=5TA`N z9$p$RD5A(-eEjQkpE`=-)yhnVY*mfumN;eLD0rk&x_f@Kynd0>FKCWDkG_C=i=zFk z3Xi2Lw;o_V!@kGiLE&FOleEIUQ|_q!68IGRd||lq$G)+1b3D@j02FvZ^`jAi-M96n z`ogngc$^d2K5{-B>PY3g^o}MDfH0_garx~309d@sn@guTGA7`k5laL(ju^&S+qb=q z5p4w5OdA{Z6psG@$fFvcM73;=97o#lC%2tMVzQm%kl;zA>G;&w6G*ph${eS%JN)a5 zd2o;?^K(8!ww^wYx{?bd_Dp?7e;)csi%Tm=b0p2y(m#mQcddKJG3wHSJv{dB?xwwX zEuoNZZW&ci{M9m~7ZYjO7yuRj01Ayfc@uvp(^~RipQSjStb-_2yrx?np4e=Y(FQh9I_P9%t zLQ{I#A7e<<+u85@;8&~Q+y4N#nfw0$J5saX%DCGR9RuY{4@)Laf6^l#c&2MRg`6)v zJ)fL^tIIJ8qjF7LLXw#53-uxc2Lr$Fq`Z>s+iNFC39BRH=TXaW?Rg>`;f4_TiY&w` zjmbTf(ez^rYjh+DF{sJoxZ0(-;m?0B+hk2x_;RQ&E@GBhjA~jLn<}lgc~|QGDp{EE z>ee>y=gWF%dMS1v{KJp9QJ&^Uo$-!a0q&tZ$Ivn{}L%`|fP(+ebfnR^+Al>BG`IJ8mOZZ!P)*8+R#WQ(;)=UwKv z+M%_)=$mVsb@rs;gCXCZ{PCK@bUQa@79~x)_BC#wtC|T3=O*Y6j{K`L*juVETT+f6 z%u?IiO>GpJ$Zu<(^Zx)^3YONhTCvmuqLe4Tt{vur^<+9CjzA8b&fX`h{wgQX7yfqq zYm32sAMADYKOdb*=vLwmC$)l3en0B&HUrN6SfeMmzsj#VKcuwWBSKqN0`16+yz7hW z%4*LCUsubPXe4Tu@J2Zel|?Ll5auY*oXS8t{lsnkYUa*npt{D1=~CNgYpD5rDGH^B3Q|hEtgWlR1k{`_Ml7FZ-X3SeY<3TYOX+rQ z?T&2-*52@Fvlq8%2Fi8nkKvKyzG_%(r}Ud_`nhq=l53~*=Vi{#g!g_mEug%HPAVA4 zicza^TXd5T{{X}NXqaZ6Mq~=%+p14~DW~Y$kqIX}DRY73Y6-7Fh6qm+QpyfUg-K_TG=Yuz5)F5bM2vV zX)?_b+fx4ks;?|;G{GEMjio-`dvV=flXD}-3-h_SI*WM@+GUNn)4#Vd7|8CT%tEN# zlT8F(s=zl^JZ|16@S!F>8q@u>gP)guMJ#A!x=-)e@5_C^OwZ{M!DQ~mLS(Y9Won01 zmj!gR&D-v${iNJFoM?q}^W{QLEcQ@D%%U;Ar^4Znmj3|Kgi@+SZ>xFr1{m_^QABJJ zgnw&&N6hxpTSs?q3Te~?dyk0i`O`yV2cj{^GM3bF;ZG#4WRcEUo0&DD+TKaq8N_Rv zd9Eb%DSx|-*PowtO2w`9CUma9Z_97KztI=}05yLa{{TWC`N{ayjyg8u3D2py@*K@4 zq`^D_PiKe-%_IqJDV?`i^c_cR)+P^a(c9}uhUDY0AI{Zv3F!&8-xlPm0ok=39U&v< z{jMMHsMc#0mf&Mlf$$Ff-c%Om39VSRHtVnF-A!fEH*wmexI4-bwmI81`#jUc{gM-? zd_O$t+S>b%IOQ9rkly^&+?Q*>ftN=NpJ}tt@A%P*;>IImuc;!db(hb+tmTsALbrM0 zaRD5;=eytjrj~eZ+U`~MVP0%=R@RQbj*Tb}2#eVR+NZu-H1wx!Mcb{ubCI53qFLWM zBU0xb!jj4QJq@kN5oj&G`)}XdQo33!rO)^MeIvM2&pU|XL6&3LQOyg7iN>X2+CNTa zJWGZdNEe%a0;RQr6}5&z5 zejMeZuC5T}3F?94j{0kvB4)E8V}-!m zmoJWJe)`JgJMxSxRMI8feW>UM%u!C2j9VP_Wrayxc=pjYw=rA+&xGNzO9Q_J(X}L@ zbEcrR5^-m!5vs?Jsv*+o3J4B$>f zByHF`{r><@()USp>2-hXu}{{Z_( z{{Zn+Hxt1nu3M=pH*c8bR+pV8YR2wth}CxDfsVh2I*u6wS|IqGMBx~_UM$yo?36wa84qSasnVo*3dzrzrFfZ=Kz1s3qdYd3Hv>M}p>61-(O%ozIo((=Mn92VSse&D z*!Iw3>{xb_MmJ=<9fsg!k9e%yT3g8%@W+)u9GVg}(S)C{@tt2PA@0Cd$SEXkxcE@? zCc!;#Qz_SvCj2Seqwhc6igEt{Q2Z-R)vU2(;1*qvl?iR-dwEADQ;OmAsx-JASz=MB z`P5R!bs8Bq5lZ1-o;hZ&En-z^wrKTtgZ^~WBf&eM&kiDWA1$gbk-1CEj;3w{VTbUX z((yVzRNt+K2LhqGfa;1>)IZcvrL?aE^U3X}@Q!=@C`G8OW34Q>&ILtrV`*xaF2W(H zI>mc;=iO6uy~W1>$#8YTi;>^YJ~Xk$s|CDE;k^-e$%~Mb6ayA$6)L=3N2;F{N|N`0YG%qn5TI=dtCs+P0`TTq6zejTVfZGHpP#`iaEP6 z;QhFpdRg0~A>p<$q~!bt^rkP>hgTp~0r(mqK_pC0b)<(sIt<>CF#Z>lZ;-Ac-@SsD z{`rAlA)HbyHxk7t=Iz!8-9>#eZa@1>417PWEVj}`D~8*JAy!`<@m`SP=G##OzH+R2 z@7R2*B)zfXW7?KC`QsIdCbpA`G^-K>gMQ5KShu>K89$0lKg((@3&U}Zz*oWf)#$y7 zSW%sLYcAer9}1GpTD0-T+8$u|^T5Sux4wy=IMUrxe6!BA%?XNb*Pf+C1u zWd8uDr@5CzHm@#_+P4Tf98|xwaO07((p)&p9CG{it2uf(;hkdCeZOlsY(jo*|&9c zq@5!pTw6?yaAcMGs5=KQ zD%a8v>8wYvGODMy&V{2&u<(;;5M=)VojP=MD{miUl69Y-!oO&{mQk_L4j14kaN?3p zM@Z7S$?l|-Mwan5deb&OTG=NuN-@toF?RFu%FeOjYprKf4-w@$@rW5bdJ?H`!^6WauyNcEly@=%$^e7tB&)3VzvkNdc#kS+-E%{+Y{D0P4gg+ifwxsM8K zt{)Z4aM61;c+v@F*K>6sU2o${9E<*5Gv6?#qPxU9Q0?9O~Y zKhTgC+SNM;Ha}XLI1(#VZce$@2cPt(ng}Gh$?Ht#Z26iEcX}a|{{VLyYRA5#;M>Hr z2*hnF#sPd#jc#GbWLBeBZ-&*bIUeErBUB^rqr&LyN!VUYkGj9ntv}^&{{V`Yjc0Dr zc7)2BZ%MP74($X!e(GOGvzl)GWF|iPFT+-we1p}QKRNQR*>9RC@ybNhbMmj%_W>u0 z1=4}nZ9Rk@bpD%Xrre&XgyocY=by@#^-Zf=JhEsIpJlRkJoe9bWoh&r?VO1dAAK9> z+3l^f)`*dn<+)S&_fU_eBLk2U!o9vCxKa>78lssu)8Z>!VmqO^A|~8?dC=6d+FT*d z4ph>oNZYuWZN!HdZ+B%7cz1S_4#Smdo$T%-g4m458|0AP-d;642mxH-pqw77eGN0h z8aZRf5;pA5-Z}pOZ@9D6P{=x`IN!3G>iMC#Wc|oYoF4j`Li%nb1tDDSPk*|F0iQ%s?nGnr%+o@W z9vb@DB!2vEepLmxM$PE38C7B({w?@^i7zq9k>R{bM%4ZXZ%OBn5t_Is)>i;o_xiDW)F*nAJpqj_!k){u3i)yw&QeU#UC zB#6|3h2~F%J;6;8fu$oG=@hRhXe?Cq-q(ALHyg!9B zD>e1zMoeLuw(_LUM%?v=c0zy3nBPpcW3gARe+o@KCF=gsF>XA!qrmA9^7aWM!29UO zJ4YS3{`fX?~mVR|GfJZz_>^`8S{okHc$t-Ofslf~}gF}UVF-&REA=WYBo>f0a-&@3* z<89H14nKz<8qKZ5wx?Eb-F3%zf6lFK`XQ%+*~@X{Qc2HO2Ulmi6tUkHzP9ft)-S)e z-%#Cfp}Y&(DuT#+h^20ev64%9S2|%_ggv5|D(Z;0u7SsQ-BH~_M*h-gB@H#rqAGNP z`-Hv+$Ht%1tup34FA;9TzCrg?h)`NwsoExx9b?1$b(_a@kwF;4qvyYv{Pt5zG=eyj zo4Lg;rQBNMjOe#^XZ5Vzz

      #YYIUS`zR~XQ2L8bul!xVhq|J2g=V<*kEn0q?#JI& z_EEMC!)kmT^pETJRj*70~e?00Qk(Ml4LUk#8 zjc2g0ehpngXRdpYG^DGJ9((isDr?*5O~txzsrfXS?eD954vmf|WSBO|)!~lt2aj)s zNqf^VtMkH0!S$2cXf@QK9m8h4JWlDFCx`Fi%-Ph$Tjd^ ztd0527;O;la?abcdDkA)g_-3Mh9fxUew8iMlE%Ctqf-nh@EG%`r@Noh^o;Oyb#;A3 zW!gJ<5OZP`R92f?X)eI~Wau91Eghu3nT?UXfPDV|r4TLcRQKs`#)1^Lk;nIpyPt;D zyf&XbU9XCu~69G4Ht)DHrixAPwkT4vT-zH z37lsq6>WC#`Z<|(@bzZ{vaRgnl|Y{+RP7*RA3wUSM6aWV>lgW$auoB&`}ZO^{OT6I zMY`j08bKn080kHfXVL~eTrq*RtZY1~ro4SfzP4QUkKq+1#J;ZH1>~dP1xYNdS|a+U zo0i@c=qnoK<1xoEa#R_(y4^w6++Ha&mc}I*8uE#xZ*xVlnXj5ko6w z5s$Juv8H$Y`BP(3+Q17FjI&fxBAw2dpp5b#p4ydQl1Um}I@$Zh3stu_Gh;3_Y17@= zLTjs8tl+k6MpjUDlh3ou<3!;s?IY)b?)TKubZlsljh1#9W4}7wyz@xjWRp>oY#~Sc zQaI}Qj&-l3Wfz@XaFi8LeDl3IwzEYo%(q+b^Qj542+y9hY(_l0D@G^Pobh;_Z!YhZ z6|_aVfcr13E(Gn3{&3V1GIXrx~8&V<&Jyb^yY=jY!=dS1#nE*N#?(Vcv|M)hyfP^zN=M`b2YodX zTTRA>1=F{)t2>eT?4i<^8hvbjsR-*29}nwRJsoWkn&LDs>iWli%zLx%tC=q*j5N4* zQOZ1LnfKMVMaMaU$Y<6cw%?tHpSqO+hQ`}gGVOp*nXAQyeNeQGCmFjV&fiLq!|KCh zi8Rm8yYHwidI{$-NA0u(uC4ogKSZ%Wb=gBEhJ>igW1jwWvszlMucU!9sP7`7=(vv2 z_2kEE9z)^x*Xv7w2Nf|25x58Kcz;?;TPKHz>6bXm#(wHABQZ@{=a~7^Nh2&4@h?6> zMKD)&vkmH@Ct>5aZ#qZ6yWzKNQ4Hp(ej&;o3$H z*j+@A9M%o|i~j)P!hO`-8=0Udo`)+&c&?_7W6i^ynvsS3v2&BG1|ID4qMa&+;Yr$9 zfCYWswWLV52)l=j;nVQ0ErDy;i(p0<)-UJ2mr~DTKeRKHG|+Uc@=XJBmAcG_@T6Zz zw7Lx4SmefY{^_Y2%4sd;JF2)6c}m>8xugs z0leuaf<=}m8CPCLqP*zaJve4Fi1K#loOS_&Tw7TR{{S3k*?%!offu7(N6sSpvOCB2 zi;ImqxKXp?zXGGO^dkv;^|+bjJgWKS`*E0*ca|8dIBp{oMp&^{@KS#8E2L#m3E}A9 z$8W7_ll>L~8eI1HQ%N3`mmD}F9sdB*miAWSx~nv-d$EtgfL1H6bymUVFlrldodc~S zF4$h$j>Ag4^POY)0PXsGYU=MEy`|x2xBw5 z$mqCn#AyoW3*Ayrb2CdL^Cq}9G$ zNXOEWDGS<2<9;aWXS+1rBhk_NqJ3;AJ&zIL`SO?k&&>QgyqO@G)G$GnBrg7SBn-wY zm>=3qk0K~^S5BgYWeS%AnzlWnPj8RXqPehXFBN*l;#@pu$ZzkcK^|9=I{5@MoZdV#oCRy$nPEop||NUB)7(%I301~d+D$2i1gM0fz{QR zVx-`m4eZGbgJb3@K#{Z)$Gb+yKMwkt>>)|5Se8Xs!9m@c~!5~wz!fseNQm$J{}b(NXRiH{Yd`+-TweTx}$>H@)@S% z2GJAhIKl4osM)~c-1_6T`0O8^`nI!)wY9cOk=RdX%jZX=CK$N67*YHw{cEE-G95-) z8&;0PotNuH=h7~mYMMfQk=>fTn$>cd&Z&B#7wnHcsUp&mEJ?0rPS(d+s!O97hzXe$ zM*CH=*^op`OT=3mxnTEgy)-x1P_C&E6@OXWl2#?_Y&mN8=kv-*=3^wXwn?FH0LvZZkn?j_9T#Z4Wh4imJ8k?wjYrbA zF^@)3m@;{`ah!NmmX__R{zb;e_dxdf(VWWCqV){-4o)afcEb8>dn}zr@AIxKph0e@ z3XvyoZ~~orJ~Vu1#i6wZEqPO9Fc%vJ~Sg$fh557!8iOW zIQmXG1mj~YKoxHsc2twt$q%LDJXrq#>K|ToXPPy50mitSJ-?rgCB?jr6w#c5DBDRF zqumA1wX^r*@T-f>1lnB5sbv0RxgUKq%@CU2WZ_D`%4sk96G-9!!VhE+dq;PbC9V5O zHJY6g+sZOP<&FO8evs%nbiAEqPDtJ3!o3%zu3FWIA*Pu1wJ6&qswo7ib89B?%#|It zNw*pU)#Kx?zJ31yeM{3_8zfAjb;^Nd#*&045ae@T6?=;!|4D$((TLo(ob&YDWl{?Mz>ZcR@&Yt z`cdglg>=2PyKW|(SY;=lKN^?yoyrwi3+6oh1zg)O5$~IEjmr4{0B4fm49ecFKL#V6 zb+WdIeRPALJ$qqtSyO+0RqK;dCi$(Rm*Azdf`0EUzNCa$In>mGe2yTDP8ywX{s_3s--ui*n9 z(uT3P+^9a>l{Lhuk-AD#LUs%cRgXhLOhPWSuG_CIT)c%{B=QA$qG-}F?Hr6(NL=LW zMOeV>!QbgtvfEnAaUTays$Ez)KaGB{={+KJ-BF0sAM+FW{3N=9Rk?{2l3-xmhc7xf z?KBETtoE>|(hkMDPsHY)X`57%zNT*zOKZg9K6SfxYVf0H(d-S-_T|PxczOPOucN=c zI+8GB$@UJeVShZuNv{472eG9|)#u&wrOmS4&5h)oYWZ>$(mzMXsPoWD{Dpt;@&5pr z{{W2{Ixbx&AGnzF_tu-cSBts1gYTmDw-Q^i7$!Ew2s&A~QYgaC0U^BnYts5ASfOUm zvU3~n;mV^j`m>zJDjl00)#!aTvn<1{#DR7s4ZZ!JhhkkxYTk_Ns7j!7akTcYib^~EK@ z$$`3)DCS4!da?ac`*qmjXNR!}26qH!%imfqV3OVYq*AoDJt-?VX7zUta#z8;Jbs*- z{>6W38_5v+ej~^8=SgiWfox`MIBrURi^Iplv`mR{3ykl$^Ay(>=r%P}Mw1Jpv?I36GuSmR@%O)}00I7)>4RA<3{Z*mqcTvDkAbI>M`t;zK zhJ@SryMA9fym^=nakOePyAmoMFaf4xFvmO|S+CV_pjEhsFE4I0$b3F^0F89Ay9qYN zTR(;>-=k+md$GDRsKPfs-riNwt}=71V>@c(^G_>{0il;T8?hv)`cO5Ib-)^sEL8u4Nv4>OLR_7zY)B?Z+xp77f(LOnL0@YHcYc)y$_S15+AioBb|) z836k}6~?@nMn1~@rt%bceH>a5pK4q&?(Ev2{ZlUnE*LME!8*IQ?)+(2(ohlhgiDiO z>7)MuB|i$58_o^%5-ygCXuuyVRkg$#t)|n7RtXQawsvg(O&N$=t9|`sIqHt~9h9=c zA<>?^MD<#vgfi=8KCQi|oA|zT1fH_p$>GX7echbuE{M9ulb#Hmx95DIg%f%U7- zmb8^n>EcNNTmyl*2E8KAQw+G%o_Q5+E@abn0riGFYg6##-2VW|qP7sHkHh@GMZKi@tr|Y3BE!E|$M30L(%~mq z&K!=)OGp?Fjq3~r_VA~zo@4tqYor+%snP~itogupyuu@JplI4rHxZn@ZeM*C5w;UgbKfKpR$q~x%Rel2oqUhzq1yzqw{v2v2 z=4vZQGs1{qYUfc(vA!j{)uB${XTpY{4i0y(N4G^G8-W>C$Zh%j>S&fhsbO1iTkUdF z^36eK4mgswH>e?1<4P1PP-@>u?IxF{O0-b$%!N-ej&vQ!jjrZYAIdX<@~({N`%)r_ z10DjN&cpsK>!fGLtx$*$fzRM7OLvg8Fe>Oy#ma(eOM@Plo=lt2=jR z=gN~TajR4}3ATR&Qrh&Csm43R_zRxRKX=Z(F5G^}aK~UV!*1`wlMjnookZZScJKMr zSJtrz;G3%Ii-lJHze+NwGQi^!L#rCQs$0nI#jt#J2K)EYbazR*$zaLDQy|Wt4-wf- zFGj~D&8f#G%Y#!`UP@)Ti*+x#W&Hj0-63KAj4{N8kFnxEKhZ9r!+n=S$(Oo>_TgUf zQ&bWIvySh=rGinWSeT;^8iS+nb;iid7ErldbKm@`q%z`9BZ#==XFo(_|nH3w30c%QOuf* z$crDM+XBguI@sl(6H?D9%#%K&K$X_EkpM#drvCslQd~S?n&e1aec+OojfADc~LO?b~7Znr@T0jHm-l zIqmO1p8o&};BgtEY2%5C_HqW63yWr!Dbb=>W55{4F9E$l()PZQCamzq$sJwsoDV9N zHf*d&s-qmX&(^MQW?dV+sjKaB1LsX7jAW6{Nhfk@+|HofAkwM6>`6HIebplIFk~ia zF{gK^xsN0NZay)TH`D4{2i;gNWR{Z(*P#VI^fZ0RU zk#qeitZzCl8j=|*_wgNda`=i!>* z&g0Xf_J{Eg;;3&eJxW~XF|OTVOVNEMR_ZCo3_PTF9gf{>^4`5B)miK$-`06>SWW_1z+cgL6}i{{YigFwO~u?DS*<{tFR?o9-I4gyYEA{}FZ^lvkH^NQw~%R)Cn|TVcyC+M2@I^+%OT0f zk-@30CjI0`86CbganKisEK#^l_&axbj(_D-T21@No0#qHHFMF|3yb7US^h8P@a{f! z4Z}e2OovbssTzfP5i4cVF`a3h!|lj-etFc^@3gSFQ-f1XeX2b8kG1dP7s<@D@E$%&P^>7sDb^Q0z+1R88O^rJBkVic`>rMSW~X!85<3=;h)g#zuic(HPhibR(E8bJ;0UA)Z_7Vg zk6P+xjr5-5{#m5xsMPA52_$~aIpy&cKT0!U92iwG&u~fn_|q7*Yqpd{3aH7-pPu!5 z#Lo|c`n2=LDR{_|LkgK0AGf-!?eu4fHoaZgANs1|V;-fB9iJY_B!61y>wNmv4CHtm zeg?Wl^e`pRYV17!06zMOROF?)hVVHii#p&*J39D{htj$}0Vguf$)7A7e13FdchL+> z#B--P+;x5Rz_pA;7~G!I=4x2@l20sqXpK8)i#rx({wdoZAxRC^EiXA>`wo0R3iOA} zbMiAl-q)Q8b*$EI`ccO*;A_LU)Ey^lIJ~xCIHg87PuzbW>6js!c6$~&SzP-)nctNx z@V5@`6*%ht^Z9;1S}%FVK^~~yIIwbgVDI_Gez@r5EboaV(d?ARwU3AAH66qf5CQ8U z_E>is6LfXdW26x|HrXG|<@xNQRgJyfyW?)dMX#YnyhhOTMS&-u=en+cR>>z02hoXs z-Z_KentmED>l=Qyp633zrII!=%7-9>$k*!zklOTs>dvw5Ic>4`d=H&8ZJ6hQ`GeXj z5pZ-o%lp6q(%|DiFP%pGUr4r);7Au3J;(FeR#vwcvYSE-d>4GDvT!j{be)Q-+kblq z`v<&uP`I>^BjZWbG6?RbyXeTm%^>1L@g1D^VDkD_wFGaXSetB&?lxC0;Xn$+V0S(-)i*nKK{XfGy$7{cjTn@=?dvY?*zgpNrF z{j8(E$DKxyKcu8r8jQf~K<)WgNPpqv<^JiZ@0_rEUaGHttctg|x0xekO%286&unet zX>E9%Sqawd*{JtX9ao6R&y&kuocx-u!?p~CRebel=~gp8v#&uU;~IuD^Q+NwfT)H= zV~v<{{5|!5ZGnf3NuMK+`l{Ri01Q9G)i3@fzrwYB{{RR01w@*3@FZyS-}b-ip(VPo ziWK1j-)nw>9lj~?WKm^CYnR`R8mQQIJO7-wB5N-ZjGGJ zCVI&+18)j}rCDvpb@0n|U%$eh-=yJ&Hx25c;`NT)#T%O)S2p?HFgnTj)X_sb#~i~< zh^J;AKOfL-?pb{@A9l6xtEr}l@F$s_B^#;9&NJU!2V`RdvS{tnci-Y_Tgzn4gC0x2 z56|C8ace6@D)x&10QrZbz$M4+P%b)*J)`ya=gMLti3(?mc$eu(FPEkF863 zQ}&x|X>rd5v5%cdU{sPhajhiqrII!dj54gJAdl=;3K(!qhf?Q!<8Q54ra{vJ41=Gu zQ(G;PG%!d}vi)Yq-BC`N(IST#?lld`JSUb}B|3bV;;uBDG#>(s0^!KwW_hGx>Z)3>btT>JgiWoswy-SWe{0h9Mq#-)cA zU>gIN=lE1Hslv*PujP#WD%bx23_rxx(izpj*1B`cJLl>0tNg>j>-!+*J9}RKe)^IQ zsCXqgz~2Y7{Qecv32X?7Wg{5mdq|$EaY`m$nP5(l-s9 zfIpYJ^hpKtqgoltHWwN@HqT`=TH(G_>{FdN?V`}?ShZ`0RR;q-l@+&2E*Rl`AaeK9 zURpN}@0tD=r;WxP2~s?2+UXc54W;wTN#{UAI2iTN$TwEox5Ii_A(5kXISi*2H%Bzu zI!MRY+qjG$x|%6aq>6A=hA~gj^2MzuEh4v$ox$+Hr@OY0+}rEjboG&Y&0O?zw$ctH zd2Z3q1M|wb{Tn1U$o|wWFahwzU2*0~9%43+kjMGe-P+kl9MM4`41*Zh_Ea`E^6@QB zBSt*q_xDs1Mx)li9Ju>iE)IuyKz*UrO$%%!pW^^m(|wZDawH|>kvIc};Q_V@n)VvnOkfTKil1ITK| z{{TOgTifc_!i{6qjAsI`gL0Ahs&R~l-}-y1!J{i7^mNAiXH7*sOO%5qXY2riE2JXT zr_~nDJGc5*N&f&Ar2hb_x-oQ(+0L%f%B<(OT{B4%vwk%Mb2f;cWmjzD13T5{{Yz6NVKOcB`7i6HWgs4h6NiV znD&idq-v^(J7E-H4eQcEIBgN!sxJQkor$Xs69r(z@7;r+m09Wk07l}TC;Qmy{{Yoi zT9__%4g2((=;!|XE;(~uyMH|D?#0~elM*76w%q;vz7>2?wGOK7-V_5@vX9&dw6^~M zYdd|$rYdrm9=vbg&*z%E->vBzkN8Dg4H`H~vHAAr=T97`A_w88mMTjJM}c*4)!!J@ z3C?%&rn~6oi5f$fiMHRqyJESvlf+W`LJWh}Ue#(nQ!Sz0W*>2=?0Q6ia27ec_U-Yf zlHLUL^c_Mr&ijwPo;MhDB}nn9?BthJu|B0!&qf6;^|I-;xIJahvi|_qp`PAGMhr89 z%y&{57{fYjvZ&78#-14G)g`+tq=Vur30^U#c!M-&ak%AB+(tiV(W#+}a~U9x{{Vd~ zHn%~hW!1wVgHrHr?jeh+(XOMQ>^nJgsUmkga~BHW4r4hP_w%VBo+gS!`!821eQ_en zxDhJI0XrP*dGZw`PNf|Q1zVV})g3Djq*y;!UupyQ{q-giMzSZ>Oh(>be}yy$IJk(Y z$9UiF2Bg2YOkYGYLjM4Izm0TVkhju7;m_7SuYYd<9YNy0mifszqohXjY1IV(0N1$C z)UsOK#B~gfEGpJXv|X&RuDxrsFz2_JuSLAXB){)ZvyA&*RI)`P%^BqAau4<%kG&S! z?M1spX8s22f0w?co&AW^xyNv;S-MVEnHp6OtN3&B_f_`+jkgNjiWqh)f!R`ME2Dti zOz4-apNN{v(;J5ENV;lUc=5hPUCeq&Fx8GeC=O_I&V;$e`)*u_hxO^(&7Y_GL zI|H{_n^%QcShF<6$k#DG){)!iR#HfTI+_L#FgDFgX0ratZgl7yb-Qz29T_?GA^to4 zYk_GVx4reKfcBqj?k25mcJ)z(I(cWdr?t3cc~^4Eat?Q+skI+Om}mZKg67?{N{x}@ z;a7!*N@!*9I)zzDbO#GoGT6X9hvQb07sQD!ke%R-{^3?dhydytKkk~E;o~A1!tmd) z;XpNWYUd4bpr-w!v-92KR+qTUCO!^(j!F9bs`kyKz+fa)$8T@ajo3!uTmkD3EnVL# zo1>c=CmPp3#6LeOUX-+XB#GtL%-fjXIrvb5;z8;0j<;sN8aK8`1=t;B8*x9c=g4c~ z2-MZ-Gy7oY3AGveQ>Q0lhO;9n_GAQ;Bf0bEF z8RsBI9qM*8VxAirPe z%5+O^0(E}F0flUNeQH;;n85NU4Tu}!uI#R7l5(mfkBD=may$FQezUbh7%~AQD7`>C z$9MIsdquEyvyV(dXP2#@ZIS?{>04O=l_J%J#v~p2^7>TpUR`i49dZ@;mQ@1ugjKdev6gznBqmK^6vxh_kUu$wTZ-XOBq1KRkfmIGs%L=Go*H!zT@lQ za35a}+Qv7f<`cobv7ZS4sKD{{U5g+4I2kk|$%r{yo#H z@BJUFJv09RX>#;_D*pfmJ)V5Gr2hcKFWhR~Kp?`+8)wfyTE9g(4E#<10GMa%T_31v zK8~Az!&evVmk1H@6!C+FUd$2UOK~~{l~~3|bH@n>5E+IIO8B01b-DOO)i@$wtSwdpW>)`S`N4iqCgL4Fh|a#o(D0?hbqE` ztcb4R-yFt8F~6Cvk7B1#QMG%$Ef-Xs1do+lT-bWsM7S#>k%Ai=ZSOU2co$xS)?V;= z)HhH*i7}X_$NvDSrnb6GEzB_F!@O02XVyR}a&wNcq0${6ZmJL;NJQJ-2jBj5Ix6x_ zLmr|=Jin5j<|y%FJ7sanPw>>;8z3Ws3{8&JZ2tgSP9rR^%bgM@hkZ|HATQ|cjljm1 z?EC&TE!Rg!uE;5Jn!3^B@2R7fQ5Lwcs_l(Uk@Kl9poB+r2VC%@{pL>j`}5~f-CI8n zRL%}FL}hecMZT8R!)|{gQ`l9u<2z zbo8B&Ca$nv(~pP3o27awPN!0R9j0ttFcX&6M(uWwt5Voc?)K)^|5CTQtgeW>yQhqoyq{ z#${ z3}PVz^HZ0zKtLA-zp+Hc7U? z51zx>@~JJE%%cI8Lb%mjDMGge%vkSUd;Co|okh7{GqrzdY(W;Btn(u2);{gW2EyboTdA=_+s=?7x+M zs+$_2Ovc^gx~*+3q%ett7i2hXyD6k?O}|;seM!-m7J}+7kdipgPRqabqa33!xh5$< z*@aC#!|@s^ibWTg*m-+jI=7MH;Bb>pkl7jSJ{8hdk;cYbSytglZh7bM0Mqm@Nlhc$ z+^+%_?M&^D&nlJ+YmI)6;H-*pLFZn&KBM(rM>yZW{(05>Gg~~aPJ?ypIZ(LpyDT9RC15G(cI(vIO zsLf|Ov}^l9xA9;ciiYI?FAIm#+_t2dMyq?6@KpQ=t4@lEmIiQmFl3(-{f6TAhsNOy z=*}~~DsVyszbzz+2O~@(p(tritx{GTQzfeZ)}iT+PlLxgN&RvSoh@A zw$j`iX#KMNn|JtENOWkMTZxNC$0LY2Y&$uAaaP^lj4}TJGgR@~u~}k9RyoGnwKx9& zsjI6=pNA#Ro*6ue8QbSqdWO2j2Vw&5nrs6U%4%r*$@2-!RDkRj) zj@BR3>ru_0P~BNqy=gjQqlXit?gpkQ$s6fTtq7J0%JDylW4q&0-HdufF&QJ7dsm)3 zY74Z_Q1#S(rR^1U6||tMjR!02H@=Eo!on?BNwL*`&vkI_3%!h+5zmL>1w_J77!6TO zyZ%KPE@1UJ#}y7&^m3cFXw7{%)HH}S5In^`)M zlSg33Z_njjA#ZmWdpRZQcZSos9o>|?RpK?Bz{nqKNv?~QH4S3uT_wikpXrL}t9xr- zN|l}?jEt|eay}UM)+pP_uNR5H4H>~)_R~VmqG+2dByI2@*XzZ*Yl&rvXO$Uy*Q`cA zIHA!qDH5-Ju48U_Pw7_zIF=N`vglnS zmpWFoc8)t~j8aIx(HjxJXFs~8wdsIQNJOmA$P<~zEx$hcj^YL}%^Aow>Rm*KuDx&F zNIMVbwxOLztcF0~H+VH1+H(cWcx3r7`{==U14Ab~9_oIIo=&8lXfxQ|qx0S4UY~5C zZ6|CLU$E5|LrRKb!Qndd9i$qyzL#3u+mKa}x!~sq`wip~M6<~xWmO#D6H*Cuad<>W zo_X;1X0La_Z2)-ngIr^rtMPLtHUj_KXU;olKU`=?x+=+aR8PB8b{pq+fFbR>w(YGBkZ(9jeCYD{IM& zup45n0Y$`twQcQgM)d?YQV3QHyfcnlAG^k)nV7UPN7Tsnam;;v^>=9JB3T_yN3w7+ z=h$iz@f4m374%9m;woiiEYmWg_#S^sg6;wYk)O55j@q{AXo%FrMoRK=jDt{JN4rGf zuzPCHrC?QrLb6EFGjET|{*IEiX}ZyBV7&B!hWX(Bh3MJ9S)q>+u=`3oJn1Hd+G|-( zGQ)H|$MfG&%M^{l&#a4>VcWNTF7iSV^ZdwZT2iyZ`NWZDZ}+>o)1#wY+P*zruVa2= z;%R4uhePc~+|>6Pid$VaJNnRrVmt?BMRjd7({=PdylvyPabdHbX#W6>A|zGK#;kCn z#+-A{`BjX%ePEQXuMB@mdj@vlPNkJQH4fi^tDQ0l1m3&FN$fwK>XXte*5F1Rq8Y~7 z_Wj*&g?_1Y8YR^tIOnS!zY4!geK1>o@g#I1H~S+U)om9_BSQd}tmh+AXBpa)q-~{1 zL>uNk^^D_~rnPd-C85)n->P|3o~wsxBbJ4f?Wemm%DNwm9;hWFk?iuO;I|5NZWM~+ zAn&+83bVPlwleUw@m&`r4<8P7H%AzxGD!SD>$-uC-tJ#IH#ZjC8DpD@BLfTW@TcjE z7U61$OTf|q#y<*p?q%UYI_b$hP~C+7duyao2_U}{e)a*6-&c^@>JZC}%fG8W9oehP zUX#_*5X~6~W;)DIr0F9*bdtu!BtxlLdkq-n0owpdoSHZ9A5ZhCu6jzr=3W^{WrS*7 zUVWU8jVeUNF7#`72t8iTe2?}XJ)sLLNE1;Rz~Atzdz)xDsT+FNJe5wz>r*=um>ncs zcjr(2Rez84ZW`?^$$`Ygcns(7t4=(N7+$hu<5PADwzC>a!ydDadYiN0 z2ga?`XE8IO_~+|a3Qj^I1@Ibk^{$Tv#DvGMDs#+}^`(kgeG){t!$>;X4tdq!oq{TW z;mFPocKki{8j<^{83&JV*1Aac`b+-+in=$Xr<7cQ4yi(H22RHwL=SacS($xD4~irH zY=N4*{{VyhBE5IDA~X|YzaC!tk{J}Fk+zbiog~sFwb(cNo?pxQCV|;mjI4NM?pF#q zcT!$jMWWh&X;+dr)BNfQu9sc8%19351YrI3`p=>iPtmTru^#+7StDkSL^%X(L8&6R zj}AJrp!+TSOHe3N!V!cW|A!P z(8O033+Y2+Ph9Ky8ed4cg}OnQYK$JS!*j&}EKH83L!w2;ZA7qb6Di{&^3(oiptBmn zLYj{IF+LSF)3kcxOd@LQ{{X#??$3Q%OQ7(~8bR?4e-U1ZavMr&wtJi_bk!Q@w%LyS~Hrtv$}PT zDf+t4@q@SCYT9G~#|)i)w;B3>N?0`xEH1#Vyqt5+J2}vJgAYkgD`fqwoYkJ7jq3O= zoW|Q=`@Z^XA4=0Jwxg(OZvn9U=f4%I6+MH@Gi<=!16x$))RXfm9GxFh=qNJl1g@Qdx? zztX1IW6~RcaI60S_&>%eucm;Wq4!S^*v>x%F^QmLK&l_I0 zIP8Mj0CIqhsBq zWACdqk@ycCz)22qft~Y7a~N(N&@6J<>*s&Gd}{K*;1wce?>X50!mrm>y-&o>KZ~u8 zopg+4j)im}cV|C^dUr;~+#l~D8ErdzUR07e1_?(BL)<&)M{#uoEZ=5X0_LH+v5nR# z7_5t{Ax~yId+J_`m4>0~BJuAZpBiiak5Afp$q@T~BggOi-+;z5oJkXnjyuIjg?t$s z+KsWyRFGUm%cPt(4wfC_h`5!-ld05$ai03etGkQ1^IyZAKcK_uR?KpmPU<_3e>+eg ztEA_R$oy-gr;8VgCP#g-rv!7}rh|ylaTiXw&IqAnCM9j+)Hc|R=A!8hOTm#uSnbul z3z4*Ts!Ja*Kp%g?tP;@2t;u%{xxmKWM}LKITyXD^bvgmnBR!ugy0~lxmPTWW=v(z| zPKvQ-9QwaP55}*oRXC2GzA?xi%xB?K+Fu0rHKv&GMLo|+-leBTO2>q;e$d`>G~^qf5BGmVQjV*{S+2d35m`R6z38+B5L@ zRh8lmGfS0nJ8_JC^*2V{VkWgHBbaaBjl8y?8JamQ<-_Q11(w{tR|}tMz5m2A(mcRsR6I zPtVGkAZJ*PB#HCC=OUr9znJ=VbSsti`@QvX(w0M1XVy&~t--N9`A z^>H+Mq2LU<%Z-I_dN@6tU9xAc--SniE6FH>tkXzysN)#VzMoc{@mEfMm2>|9hCkw3 zof)#RqACvIjQwdC$PmXHFkj>B$Im|Mostd>yxn9t>aoDpk9n)>IiglwZNidGz->P) zeQMM&VhJd4Ic<#7Zm^{B=xx2Muj7ihxXINN*aNe1{VMX@`!Prud&l&v=(?a83xJ$} zJAqcbGl?OLMIz^QBWmdF{{Z=<{{R&{_i*uLT*n6Is_onI`BT`H1#XA6+6sby8o4-b z9OsOze0luyQKLnwC0+xo_TUZaB9dJQ93+mrhC_mC3zdL~o*=C#U5jM)_u{U)JEU{y z7dhMxM2sF=?kam(6~IIW_qZHA+GOsjoq>7$fBCT@J zl#z6t2gg_sj?|YSM;bCiETi0WLVH=3Xph=o>|T^39*)O|ss=iZvBo>Mq?R+O9BNbE zDsR@B{U+XWk-Ch=IgFZ;NT*1{MoLf3M&8w1rlZ2RJQq>ho?kk?0zM#*%i^Dj&%Hf>VA>v8-OCAe4`y@tS4hEup-Q%VPJar-nBp|6!#M5j`Bn75dZmX+-?W{+<6Rm}Xe|Y|qXZ7X{_%+2zEw0f@-4DOG=L0e zDi593t$ww&k5ef9pbp{os{0@4 zyfLf&?CtW^SFlDnOB|;_&mr0Ju9=Ud2c&RfI%ILrs(xb}{A;6nq>*r)UwsGDm4;<^ z@Lpe9UW~9aMY&*Zao06rb*pAW9z2eIwKa|DX(U0zl=kE7x69>C9ExL+4hpcr2CZO} zuA4;AhqQ{ew_AB$;iV>VpZ@@1^4r7X`owkMxWL$Z3v(ol zy(Dgn{+g=BULRD( zSBc-hFQ3l3J5q4Z50}56znyE2)%^PWjLJ2rXbG|S?8nx*NA@;P*xayY&`VWm;+}kk>0g^4ZJ?rrt>d>$;ymJI_cH1~S z>OPZ#COU?h*m4-gllktYwbX(Ot(#YP2T$Seqte#Oc%Xqgj?w&7Iv(c|+q7-N1$lOy z_;asIwTz{#{{X-?R_z~JUXGg!c7tZX97O;RdB@0C>qv3InBmv?_uu7FSOgN=+{y+C z_D^{H_EfRFY3Uk$T-~aBH}0t+l}bp5Nd}djnA$ed#wq$wqh)BW$qK?=TX*}h%9<(S zc$|HgTpCUV?3xg15xLZu@}q0hwve<0jRjX=d~#@9MGmOt>w_GpPr9L(p>6uW;z+gg z@!bA%M4NSkAMKwRsd$o!XP*W1jfOiuW}sBKM!AM;G$KvFBc7kFTk05jy>oBh%jJr= zxR5B4SqnCvS+CX?7+J0pTQg&+AD_?sst%H~emX$@()S&YKM*SY26+0^p6xi>>+-1$ zqoOwzI>^|=?VbGU$(Q{fh(r0~tN#F1PXvt38I|M4c>)J7jX~*iM-*_eAjsGShb`(* zxy{1}at<&K{{T#T>h1x78$qan+Ckgzq`ZsRywuF3{l4G6udK@qDH5vr?0%JXG6Nf= z{AJaK@y%S%Xq{(GTr7-?9Faiwis(Dw##JbFuwAuaXYM}=fdTbbEFpEze=J3NcgZ z2sZA{^>JqGP)fMeI}K-}r-^QKh)%XD&+a_Wm-Y!@e_~W9aolRw(^<@S00#agKhV*! zmfzBDCPGv z{{R4~Ev4VlNK|a^r1pEN!=@fBcJe;AjXCQbzj3H;trE7GA&g<; zko9sr=}e2JJE;1@xxdU)h~?2eyoGhAZE?6k;(n{eAkGhUL3`=e@mR$&xZ^e(%es-e zJ!IMSODsoqQS|&Pq$KJ19_Cww3M51sUAw#dX?jP|o6w(>fP>qQb!)Vp;u!^y9;rC04gow?MLTjuW36I)0&Bi*0SQr7ZFko}NyD~8V%!OyoUb-q;h%`Y6j z#wRC6JO^hg%GpWjSoTR8Gv`L)?oJBNE?x1R1M7;4E{SxOR!uQ?Mx$=p^mdnp8m|^Y zIgydD_|>09+x1pWw1(Uw@*ke+=@}%44JdY1bEm36T-DJ30Qz(OC9C$~2pMJM2Rw2< z{&f_W^M1=;l&_#I}#TMKROq4+(fGJ z>1dO4<@xTbD})j}F=`KivU1<^-BBxGCCK2CN5kd?N78DCmD)>~u^C&Yh2QbNZsZzeSl17B(^pL|jezn{*TB|@%^ zhC{Ix`rQJx)B#4M>^T~c{A&8%_A>Km4H*nZk=lM@ru2C<&us4+$WxzYaBA^yWl3Hl zrASbx2g;b)+USls_>oIEJS=k?iixhH5Zo2(#;uSK_6Yi6T8GLAiQ{ zUx^=DlcL`oIddd?Z?CuHK2;UqY#Ubgam+RaSw_=CIgT)#OLo+U8*FOI^bDa>5$f{o z8~e|~i^RdDc~2K@!R#Lm{qcKX>CoYjokka5aDi0B+oU{`$0?+&rLYd>rmO{Cj=$ZX$(*3nI#^ z?1B$4K6NYFb&2bsZ)r&I9k|cNqq>V}BRhgQj?q?k_H7#62(<<0t3PK~hV>^z-5m)j z!iL*So!Y&qqF_^^5H1 zHR+uj9FJ}RX_GnO`F8&Rm2I^w7gombrzs4bW9QDKy6Bszc*j(R#m<(Db^+h#QXkdr z)aQp^mizmvMQ9{ei`xYcQ?q{R_(SrgzDnyLy)S_q@clLgKYI|0gh*~1+ z5jz&h+@3af&AC z_+n`IYUkMpBb`Suk6e&T?SBfMe@YUR;=<#G>7GM8#aP}!iC~DGOuOvZ!SdVYC|FOA zM4kPvTsA$vRdv$vxs8C!#0GV_Zh6m*LD5GsT}6p{F}i3Ka(W(qtT~zB{*&B%Xj&CRF>BfnB_x)rlYyGki{|_h84ta1ILVTv}`_k zpe5+}V~@3!!ykoa;D;X9qs)v8XN#mOWcF?3YW`y)$~dGeCoLmk@~JMRx8Xq0=@BQ{I<&95I5p_| zl(>w7Gqy(g`~Eb|A@yw?yHldLdq4!-1gl3L8tWJ+(54kgp;}j{0$n4Slg_& z83Z2D9a%{1v5iGpq~tcmO>r>9;A4iX< zy0^*g_-Er$q_am8NN|eHg2%$GSOcU_gVyjppQEGZ#-CNA{$8)s{{Vk4NhEuEFu#eJPQ*QZPZOEoKL*a*vE_Uc*ZwGsc$@WD&C{Bk!x5ZCdye zvTEWTjVmpfA0O#DgG zJ{+;PYV!DEq=hop>^PCJ?xyIAj=Lygy77in&3u2(jP~)jph$X$o`c+K9KRYt7>eN^ zo~&=5It^qD2)bs6eExfCJC=<{5EPOwU>-zPq%Ci8Zy_HKzOLuBjoF?VBQbV|)62$@ znPi2K;#ga3uXQwfxVE<`voGIF0pZ-+zQlHljLNI~M0w6VhwmQxF-hv@g@Xo0_l@b% z!ih@gnhf@K`>I=X&jj_OBz9CW3Cz~9k?Nlw&+zB6n(p3dA?XNW(ZW8;o%!v*oku0y zI%9pcsnj#w{{V3!i3`Zb0aSCL9pnZg-pTB5Bk!W=h;2~erhm9q%Gs|A38fCKF>|)8 z_xAh0MudJM`UAFnN|Jv1vnK=F{{RWADe>ysEdb}VAL~oDG>lZ;B`^bCsZRXB*b2N^ zh!JDZvM_hoxN2a95WV%VYFHi4x0kZvax+##A0>C!Y1wcNdn=7Y#-g_SdIZBlYp4 zb#nQB#U9Fz;aVhKEY}vHvCA)~Bj;GD`Za@QFIucyu=ZoK`qtDl{{X$)^c%3Mu-$c# zr||$Y`1|V2@x3F}C^F|djyE)&A;!yHZNej#kOf<$U%j@CW05<%2i-#Pbnvdma61@d zKaF&F3?Hh;BmLt|((rDMK$$y_f0bWbpJq7~$Gm^(uSme+TQ;nd*mgfkwQ|~GknrTo zU|{$8bE$3TU2#adSX388Wf8Qu`=?`4K_(=EWX4AOcZza&nkNvpG0>93a6I7&#gmxv6D0}q_7`g_xt|(HuAX<-7bOMuRDEyG@T=54-!=x zW>g!I*nEG=kZ~RDLBrdz+a0*>HEq(Z12|>xE32~&`Rt^&fp~ByCC+h8#Ec82Ohqa4qOvRig=zW7n-=o=rZ~Y6X&#yI_!Ou+0LUku;tes zS)kXaJn`j5K8?3GJo@LTneWFlzm+OHlitWlDw~izhh-yQx?4r7tcu#79vzi6unP)2 zEetTPZb$W~bv7271PjE%zI?Ee6sYHMkeOv?I7 znzd>1X%sLieM1^{-{)7iF=s@xGp>7yt1H#amiKWh=N`iy^wcxOY3il+OE4RE;)SFx zme*1fZ00~4Pk-H4Va^PiReVl!^r&8F_^~U3@#h+cXsBei0yKDoMhfhs8*NRVd8?@m zv4-LB#ANlGw{L-~bhwm8)5*h(e-W+!0Qc>4{q3s;Um`#w^W9N&c^q47i7*$ImN?(# z%B=2?W+)wl_-e)v%jZ{622V@k>no17j0}Bi(to_Qa6#}p5%+v5*3RDJOcF6K6MH0M zC*QSngnIaXsJ?&Q-|1XP`tUx|!=0M1#6GhzhZyYugZEc)6=iWb%&eQ9{2W!R_OS3; zV%osvxB1n#M&4#8PO8k!kaz9wscyI-E$%l~1a3eXr0A=+DEjdOV`HDQ@us_JOo?>G z(YwEw-L)HAq)8`9mn0Gv9`_m-i&j_BodFZ<4L6AT(#66 zX(u|i^XJ=7VJm4ada=wjwtLj~?_5i6lFV#DT}hs=o_E@{S>G(L{1T?0oe;1`DE=gr zW9MJBM%EVl<>Vc2a@Psxm`QPl)aqMTXJE$Jt~3tUQyhAL3X$heb#QP_!57(4S6hGb z{Qm&r718hq^?*CF_#9*IH7u>p7)f6;K>TU?F6t+qO*;CYVX@V&l(@NQ{Ss7miCFgF zsrZ}^(a<(|8sbL{gUt1Eel(XVF%7!0WA)R_arLf|dhx{=y?NgKGx+lOqUVmLC-u?mh+&J83q|oZ9;CN z($KeEIrUh628x_bZ#rXRvndqG8x=7)k_iarIgdKHw7j>BN)uO9bsc#egHuF{rru9k z7X6=`)r&NOM^z|%Fm@jdRF}39Yqf1o>bM*})3{$4bzCWfBYRe$9@qK(Q)*0+q!6DjJEu|FYE z+(7ym9m=$l#~K^Y9I2vyv=5esPvReqE`~B&XRQMssr)J~km&g%~DJ3OPw+S)=Zz6sa^=-HoK}vBKBuucjs7-fo=TJrcci_0k^ed-=(+t(_LLQ zTIb_MYWr&l>1u+T>k(})%ix$s=+S18tl`G@q+z*E7eQ(UlL zAP#>%bgiGXInj?UkzGUxJ)=8{wws8JX&Yo64F(Bi9&RG2y zGTwlr(Ijy_wsWroSo8XL)%O1YwrT3^{oilT6&?M) z^4qE60)M;bpLf=#v3WgQ$*BjQZ0AYtHRx@mMR&GO zV-8=14wbi!LVGiX9lymtC&{P_qH+)OU6@3u#l0XwRtc)=w&idqXS;f1 zWpy72@>#QxD56Ci%l^@10DS9%`o3)EPOUv(jRtvbp=0(Ljz_>#P13i+LX4gtR4MZ` zE&3+GU=cYybDd4`^6mU?p_FNoI8j)5fkiHQmc^OGWx4ONW~QDkF~}E0BO7L{ zrWq1F%Uno%4|m=1s3V3B98i)F zvFkQ}%Atbt9s|ZmRqfN`^QVQnUs=!kDAFbS{*?uXK`gfG7x%MZlg}d`I+pCGt&$*E zF8rT!@~ACPg=w51CzkY<*2%+xJ(bRJSHOY zaTMyfIg*i)p)AGOlVt9 zy;RU$2)!%&+k9+Bb|RKYwJc%ymhzF2QM=+;t|G&XU>?S)U|9;u1LY)Lyg{p3Gsetf zIYaN(#tvxk#w}&*!bW!fUv&a>Eygh{8TsS8dcMA2+2E9^kbRZx+v85LO&!z{CLAMn z5!>BMHMx6>SI+u>cjrdJ`J6^yF-eUB4zz8j@u=NiX^RY$NcUen(DV?taSreq zkDh53;utPKJ!Zz1BkuWBki_i`gXugH26K(~?cSDKYd2_5_lE!yuP@n7SJfkScb})mu6PVu4kK{ObJLxw>VC5s(oFf2!yihtwk@DdDyFPw znX9y$L{RWdNVx6CQ~_3Y%o&nN0Bs!c+feisjC?K|2_GDW+`M_vJ=JY}b^F4FpGx-= z+3u@mmsGedDI}g?Y)`)x(lMaIt;2u@-)gP;As~1I1DW-H@d<2?&vj2Ji&94k^@MvQ zk^O#j_JYny7AN7!Az(KL2Lrd|T^&9;?5>3O;~$Uc80FvkF6NO+!85N9J-E(IOK%i` z<0FWpwE_Dkpy-shjN6S)@`dXSyMAB$^yygG6omwGCveX{opf-HP9o^eagFkFJ;!QW z?vGIS7{sx&V^?-6E2tYpu^f-Wt**FcE;M3IBjq? z{4-aUqdML`s2{{PA2C|m7DpXfV31&y`chq@=+sKIdCrsFQWa0xCSuVy-aXl?YdIx( zEhao69&!+qu^#%CNFYS%0oGX;ZGH#7wMOr6JZGAnBviJ2C^OO@+$t&SzB;_Sep}Fz z=FWH!oNAE>sP1i~F-)6=6k7N8*tFw73Y+)j3QKt~lS{F-opK5Ls%BW)-d8${n1SudFGKPjcuX(QtJ(mojbt3oew<6?SISoQx%EWD9d4a3W7;*B!=n0 zb{aCOG0PnDR`%^QR?#ZxP9ufRDi*Q!E;6lfzhjm#e0QaeBr;0p0aSA|(9Vr-aT(lH zZ+kx-(R8W68+)n_kW@aGaI6{0?A6QVT_wJMXp{U^b$ccgtnx*j!Po)I`Gs5A>k;uu z%O2n|Y7U6JSCSTo8Ukl;9}|y_DQ7CS!_o$x(imWT>e|v9g_1O0v}k>o&uvT69U$=` z;hZV{@4d76=Tpw$aV3zP4qWS@1a|y4!Q#1IwxR*S`PI2;bRxp~oNuR{U2Bh3;-*pi z6?=XA*Gffe7Ogi8t=nZmtG2o$qoQI>yhmftPQV}k08>|;97iL^Q}74r`Z_k+RbC=R z#AZ%eJ0I}YDm$yIUIYz*GQ&AO9RC1BoK^kL8|!F-o$!w3f}n+n$_lpU-7jsUNchC3gE+-|1e5D`w)?ZO-L8 zKR#7$(jy*@P(XLwHs|x@O~%Kiz(UE7wcOu-!j0+z73Jf_CN?KI#Y)00482()efB?n z3yJMb-M;N_mhJ4$-IeI`0R{K)4o*BNuR1Ca(J;%xr*%KdK9ywy+{SLuaLif5ZOd=> zaZA#$snzUFkCFO(DrlM?NrFwn>eHmrv*H;}o-U2mqw)7>7K&tfT#PZ z2B1Cv01BGY;~YrOHROD0WQ~eCoQ531t{bvmu68#WEIt1KjcLBONG%)fN0Q6<)W7Km zPa-4s{I~n-Hukg4CViPOpFQY*?8epI#@p_tTUb)kPT2=rKH@f}p6X_rM(s8Fw9ZYY zt$Hi`ig+Ue;TST-ng+p&1@=DsMQnkou4hW;y)xSA8oy zk;En)M`g~CKd)znNpUM`mPRhk<6M2U`acJ4w$-EVt5~9pOCw02BXVu|RfVpfVGO#n z-?!4O&b%$n=5P<$!TPOUO&}WH*_I+fBVRBNfu$+yTKYgI80Wt2?%u8c0Pw5+Ca#;i zg;8%)hN&a(%<==nbN*EX0hJ801k~JyO(tgIdXa?3?)*N!`nI}?KiRFOR+2{Lw)pX@ zOMN-w%d1y*2lf3I3m_hjlKP|DoOOrY@vD1#BcgWojN}3|_f@=JlJ^n0>&Gi(Y3=9z ziqoV+fA$%3=12Wic)RN0WN){$E7IbGHO;ZkueGDM@%YiR=N;0YaZ#Vfnk#&9Vty!7 z_OK4Zt&)9k5?V5h2;T$%ef06feQYhpRmOE-9lmt_lQD`Je1RxWbT}!R$2o%Fh5V6Au3BNfC^4BV-Y=6&=mAf=JwFZqEZraT92k zC&)ECJTn{U#E`Rg9_oVP&xyg1kjmSHK7XE74cvJ;PgyhV4$)T$4h}&YW*umsu+&W; z(CT%?GH$07Z7(z};*6^exSjs~+LGqfaBsJ5xk>nW(TZr^3771!!JsZAH_&#hr>*}0 zH99mRR*U<&hM55G80@J8VptrKLkG^E4=QapcG@?=I^w|1`=QTTi}I3(a7tx9@Fqlcs!jy)zl^x${<>P!2(SQ13TXdi34 zsmpwQ^f-iJz})he&(Rf4l2e>Lbi%e3#F% zaB=ncRn_}1QZ?ZrEB23Z{PU|zBqxagW|OSF5Ccesv^WCg{<~zqsbl?)P)4JqSoG$?6GxsM1CU+g5T8{2n%(rWwW7*}8>>GZEwYp7lH^d(CPiozD zX&Td3KbvFm0h8$JGUUT^1eofdWr3?(ksy)E0VY3>wyk<=q$Yc3jnoES zOv7=VtB+|Ynk?f`@2}a^M;y_KbSS`6xZB}I&VIANyayfW+49@nO1g}&Hu24jX0*)3 zuC4lx$L)6-o22bh^QEdUND<7kqO)+$cyEr* z;wa$IwYZOuX{%Oq)?X@%q%CiPb##`ELub1_G$-OE#k)R$SK9ZA^ou!K2{Da8XK#IG zSB~s=NPvHb73=Jvc>ALzPu8~RvyU170QAt}bbN@p+^m_~;apa_;Px2hUbn)MPLHt` z@vpVn#O2sIa_pfL7B(=%ypa%qK6NJ-gLA9d)|k`qr?{QW)5v!;w;exq9gZ;~+dF{n zzFf!ON29DG;o9;q{6KbNyZTg}KYKorDwxp+XwTn~Qp+rku(M?#)zwO~DZQ zZg)BIm*{qWRI6{&T1#KXK6KP(TwW{vmc=>Ww}+md;t&yo%w%Z zw&=-(i#5OnA01uux5}dFO9=RqC<`J)I{ppg-B2~ci03E_h&vk_ic6@Nl)NtN81j7Y z?%uAtG_PDANDbkzKT5iWIJmP6JY%;Y_ItBYTc`~U+pJP4`5&EJBSXcV5t-om9m104-qTz! z?2_ugd8lorn6x(eSktg?T~#N_uDUuRygB~S8?Rx?WY z)5}i#ACarOVsUnh}h&R*q-6PZy}EQk=?btjgrm1JW)TawzhWF&#i)f`W16;kg>&RV#r)& zh{w#Ioki%@qVU2*uM03x$_VeNrM}9}4xSm?hmW(0GW2ANAE?h3PN^@+zvAp3>W0=X zw6iuhp&q7|D@d7%?QYXX9+0t@2RTh4$Ht_%&erj>u6a?nmg8&`R9R>1!eab}|#4KOMiY^mj=_+ITEiJ;#{w>@{p6wvFb{IL#;V zcw&v6_JhXMVknrw=Z`E^#s*#wT)X#k`DUQJkA53&zr;I5MRNmcidEF6gw|{%WN|+T zt^{YEpDK#7F3jGlP$t6{H*(H4!f*}pG=6(cBlEZpTKBfqfJ zT@=8j#3)E+KfK>3@1&oIEhUd7SdN ztd9q9xj4^`)EYN3+vl$XH&p%y#->?fF{>RCMXPo0Kc4E6-0unNMA_!OmFRNY`dnJG zA72H0D90+L#k8ZBFhxoh-b;&R8pQFZS073e!7IZm{iQfGwybf}cH>fN>WMq??(*Nm z^an;Lz~mL|sOI$PrqTV}&RJW|p!92a?b%LcC#|o;z)}5SZ0RWNx7;6(D#fjgaGuj6 zYy2pQ1Q#bc)goZ|ZHitW0^1z;X`K9XT9PSc;y+q>Go&8enprRIVrbQY;l>HpJ4a?H z^nJT3Pb!7sfs94r+1ZR#Hi7tIw`V);&ZQO>%dTHh#FKWzbKl*{l@Uuj8~{6N_VRYk z(S07F(Voh5jI*gql$ee3rT+kgpR?s(tu5Cx#xW|W_Lum*-=0+c z7dvT5j;KlgF7JIz0&2O086qHWp6`F*Q}kqnM>9#qLdV9 zt&Y_+&l64nsMuL2*NSf*p&?oLABRhSO2Auqmsog}_;KLv zq*d=s-AW<0Md4)okKysFi?A^nI#d18%B|iZnQmiQB!2$U_toU4ZaiW}NRMWKcEwy> zaL1$>jAl;VI8%x-V+#ywo_)Vsrm$x0qxBCUhM=rRoVs=bP_VLe8=suT+==3_Zt7D1WJH=dE zrkhyea-eYcVV#ckBo|2;pBS3ovmN5J+@nnewEBPzzB#G;jVp{x1j(Jo%%oCrPzhj= zNWa44G}BnlP)vnHpK3PzMIu}&x42wLjIHn>k1AOh{?!*!VdMN>{{Y5?&qrBnLmsI# z5xZpPYMR#cu(o5(My)Mck%acsrZPK4OKl)Jd86ZIUdoy$jL&ZUV7c~N73q9w9a>Ft z$E)|Ae;WO5&}oM|y}EqxJO2P9#V#$RF-;lRiYtF>1h>}X?VviBynSl&=F@`EYA+lJ zPQ5+fqS^51lNWc{q!WEvV#Um*|V6FNtW}oiL8y9Q<~tNaTVLrv^CArzg1f{ArJk39dt0 zT4PeVT1H$`Qq!M~Kl*RW|DCIi_3jC`~+RHIf;-zVTcOMJotpjer@#esM`} zYZFT&b}wg*OAV4Vj|4hbM#nv^^UX(Yi>g^4PAU)kJ#7{e*Gn{==N+FPoeOnt9BMU4 z{{X@%?bXK-;`C^h`LN`ERTL2oa>~IJcav7u%vBZ$`t6;w&5r&#t8`A0;oj;Is|cLx z8TNiAnpKUSD^vg=#!qM8OxQDAPbPY!c4BJQ(s{iiSeFII;@p)ru)pvl`-E%aA>o*JWDh?hbWvaBx1)Z_7W}2TR1!`ZJ~_SN5}~9bLQ^x4-mV znIw_z(o(*R{>e_vcX`x3HD>wI2BM9&WA?N2q)9eggfRR2KJ0tx@6hPFwv3+!LB1={ znRH8NioV`;j`|m|rf0S1fw@o5*1Ax5$NvCTUc%7v+l0*;<9&GB6xOmnn6B4IOKDeqtc@og6}Wn{lAaCy(ZN|OKNnLa7ZUtE`7~QZ+Q@gaC))G+voXPx3g+D7U$Az z^Uob*^Zb8B%Nw|Egsi`~eL)BuzI7$Sp!6BsnArx&{Is$}<~LK2%6S@s+obrWan$sW zYd$CPXtOLg8{>}y4OtzT6(s!`EV4Qb`aAAh$kee%HN}(X4uF)SaF_G(Nd<{=bz{H2 znI^W5dH&3v&%{@*vVr67LR9@}7W&3n30>628%}xP(^}8bG27eYLQBF2Zyatubg`@w z4B&C?P^e#z;AaC@{4C-sZU!-@cC?hH8hh~OX57BRTcN;rH4s?OO zk;~L{)=1%{v=2o5zaerB}7vD-qUuOn@r7Bz7dota5DSmk!lzfCVm-G8LWGa8Sw z59jmQZ6%!I;^lJ`nmJ${zVlOGTt}g<01@xLidbz4nm7jubex86+5=fodk1gIqHAj?p?Lk5QP%kL zKiHzaNRJ9s3i5wA{*??|t}T>DBIDqGRU}Z$g9L%%ljbT&^=gV_E2(=y6ehKwOp!NM zMC5)oYk2Ar z`X)sU94KXt`$t=G^QlmeT@W%v%DFl2_tnQm-Hb2PfF7fxrsgaNW0If-T(P}wmt%v{{a2?un)qtW-Fv4QHhUTexjZ2 z?^@m?$}=9Ud-F}gy0(#fHDnX=t$ir|j-TwJAhGxI6g?LHH}B%1U&ggh(iSkUGG0P9 z_;`xx7l!sWYh$K0QM`xWjUfI#)g%(GiDP1ny~I?gV3vECCCM7Fx^Z5SbEFWuRZw67 z`8BO07Vu+GmVAKTUG)7Sd2kwJPP6@l^6k&#S~@b{NXPGPIs1iMpo%1$PL8I^2Rxd4 z&XRPwl0LC{2T?uUzvWkPHG)qAWn#|VU*;XOE??AG2i?Kn$W_&Z5|7o&!9ZWNj@497mOtiX~Uv9b5VHsR}DcYZqO<(PPW! zS6ww11_14)Vq$mFG0v`JomNYnH14b5zQ%t%>8@lN7aC)XeU+%-w~V$=S-TW>nk}?8 zw&}=scTg(4J4mu3L(k085gA)0d`mYkaPg=W;ug@%`1J@d4|x@Jb#IdkU@1Mg7|-Z~ ziv&?Top4jybvuIIJJ(0W1kDo2?9HIy<#gh$uQ8;^yhQgZGGOI9P@s>Cl@%Ix` z-9vL1N8RH>#^64&+mpU2Iy0s1V}+Ucc|{AfGO3-#+`mk|9Z*h$gfwGqOY z&UViuu*F3sz($SvOA*KixX`faDfDUD8DE$CriVz{!}~;kz0f_S@ArOrP@XZd>d1%f zE_rxT-t<~a4TMU<;}3(L(T>&rwAOtl&2eKe3F~_LJ>A|Fs>FIcq-seO%PV>Fsb*_& z)W@q0soTg3Sx~$(Dac{A^%PeN9o%YnclPn;OC7ZMoPu~V3^hx6Hxq@c)J-2HU$QgU zX`mOgh*)8hh;Vx=a!na6r;^>s#;BaB$GWqO`3fm%YVwiH@&n##2`^=i7;~46PG8Hq zq)4ZZX`@c0Fzyd<&nklRq@{mGxH*XnfH`x~^~Y^RHw`V|lW_93HuC3EaV}yrNzQpX zonG#BFGpEN`#T&orZP zOb`ybj#~c!J5-_7m!k+Qq^~#6XTZ~O#}Y}EmN>NJF~@I(9}`xmg~O6u$ocK=KMYmP zte3X$3nyHp!>i-*#WzITP3cI4Yn?{GU}W>`^Q3|Z#89BZs`gd1HnSO)0KxI>>d$Aw zqqMeM$o;2~9rXjxcpfo^krjEK;o;AE)*k+ddT(eLCS;NtIbpqhp@pq_>_k46&X@kjhltLF%7;liW=tlA}u`hY1??_wQD{ zBy8hnBdXG%E|@+3bk-Bw%8DCD8yVlqo1`oy;oUIRqNz?&(i%J>y}Quh@Efvhll6NMYxR3 zXFBlai^IyGz32%N+&8xzr0w_`{qG8FZ0pumQ~qBn3wvghavI`oC&bsI%{)blXV&#u zIdX3LJRA7gakjK0dWuPkylu)@bAWrOK;k>VGuODuZz@TW#yc<*OGggMTff7~y^MJp znDm8<-!UGoL+DZGO7O1^P`gd$s#{);ie-{z(qxbUqkYh`&1c74>s8`$w0bz@Z{mtfkJuP14=`zwqA?iC&HNyWm6 zH&`E=9}(R`$D`-taZj#oCuJR*{&u8|Mp=#pGd34OYo1QmZ_dJls+jGg>ctuR{OZaJ zlrhYp>Ql^RiKr~?r3|*+cgFpG(28AKE1RxeDX-jFHHw zK}e$H-|u98b6Re0poOuWGDsBSrD&t!qd6-WIl%6vz4oWM?;gkpl|x}~CWf37F5Bq- zyZ(+m(CE6jIqQ2tdk5#ju5TND5@ZhZ+4G@tZlRl{$5({onbq7pDo&cax@L_5hz(xR z?#FP>XxR%cD#wEFubx-4YKnBuiBLGtasI<`dhmmF08t#hpcfTk{{SEO+LxrP(o2Vv z2_#505w^s9D$Q;!jiji$3}tlk?ZqCD(XQU(NDK!i0~kLFiR6!kBPcB%bENlF)9C{4 z-3z3i19B-rAY05;CJ&v4dHK|qvj8;?teD9|;ZfRjf?~pU=bW$m!lQiQiiV0|-B*zG zqa+ctg={o`*O#@tAt&Y+7cvM!hMwd}WahLYA_hzNMir3Mv6^IzdS%Br9 z-pV#^IIzaV7-bu-`{IX5^f8VUVe2j1vHO;U!a1!Uao0_ld+Sd~bX~R7Ji-qD0Dfps z(VZh5rNo z^-<&BuK*wJ)2v6+=U$GNkb|qN%-WwmIP?7PMY=X*y1FL-GOz>2y&~sIuuTDC*>PB< z>28~0YOx(rBOUYk?4xJVl9?V~Ze`dg?x#z9Dxk~C{>ZCasTroch-Ci&2Cpi;=!<37 z3AQKF7;T!RM(!yRCaM|@+*inVKNel$ic0het%oaUu_>&Sg6##r`+ z@ErdD%fg;mCF5HngpBFOpU*WnNIH6`S3)-a+5Vq>aR}FOCPYYi6H?qv+NF_;G4ZFq z=^IR`QNR*lgU=@wJ>-g6B3$WS+H0v)AjXK}A7yBCmGU!UPgfIrCmpB1`hJJ#Tgc;z z-eB6KgCVxxx5}5%ucDDVc%Z5IW}~*6?iAdUEQCj_`_Gj{(lRNL_HL_XBpsQc0Kgre z*jg#0Sz~T!;~>yP0Z~Q*jzjcA73IK*<@QDi_wD*Gh4SgNzjG&3d;-Tyefv_&1dB9n z$h8K#9rQHB?w{h*w9DNvyr9Xf3@Y`U;I6P z=WoWY+S1lxZxeB2mLS+g=g-1|dTDS!jTE1bDiPAwOX&lf7(<}?(!tSI;^9Fwt3rI|_%;T_E2sXQkdeXmtl}BaK@&&o}q6FCLX;> zjn8=@c+lvrZO7H4QjDgq?A6WGkPDPS)`rHha; zskxf9xwUl2Q4_1}q;7Rm#)=UXU?}V#*ye7HM{B*b=m3y2zQ>;4b-i75y1JWS7b%^` zAy(ZJF0pojw6ks;bN7ErH;^kE+jZGj?XPuQSv0tXayvlSPJD)$%E!C0;x z`zqSj%uRW3FIl}S*-!vPk|W6d7(VkY!!h>dcBe3K>O*ZTN^VxN$O#f9d2JA^Y5tD zte)0RZymI2qdptdRw-oh@iXf_XE6*U69hU0PHQ^S989hK~h#0e(+ z#>q5GRWrj1 zL2nS%qgsOaI>%|Gx0CnG zOp;*aX0EKo!ac-Bt6QzfM$KO_cE7GB? zx;-S+vN-nJ8C(yqD*az$7ZTZI%z78ECfxq|PLaP)+Ihzb{_n*2{oi%-Dbm6RAcKr` zX&%;TA(ZW@4I*l1(lM#dNvG(ffw8zr!vY%vKM(BlTFCB^$~3Wz;Nq>P5GBRCKM2U3 zY$@h@$DinakhT&-9FlP(pZSlpKK-d~;01Tm=zhz0evMZ5FTh1oA>T)cJ@q*@{04(a zY&Js^{#0YSmK0YQD=Pt!@2I*@qNSK!addU?!vr48Q0Tsvw~4r;O21*T_Ymd<|p@L1!K!xF-eMe<^XCEFesgi7x zEh`N7D&zpouyOf%DpPeS!0e>%w{*rkB;=q1U{7xda|JdKJ3%80%L37C`?1^Zx+pp)^zaTd?ZIA3uJ1SN{MDIR60i{{ZQx^ou<}W z>1)KY>X0pg%Rh(Qe+rdst>RdDBT5N>K6s|Nnc7>44?3}anUUJ+MdYj2{D4O~ZjP|B zbd;S;1b~)N*avTax}ADX8EtLj9cJxg*@ITr)|T3gnzUs0j%?lh#YC6IXS5TEO|pQa z%RK1c`Wz8RgF5*t`r$-p6b23WMJDyta%a4{Xav;Ak`aIc_`EnY=HYmy1fyt&8);`KDMCU{giF*ArnGQaC_=Idw9e!#xSZX z$_qOtxv_O#D+r0)w)^r21Lsd`beiICh&|$`SuG{~T3n>ElsW>Bx0-@Ji3QA1`)ms8 z?Wt_<(P!w{)r0!n;N#=JDtq3ED##yPaiPPdBpoFO9f84}4h}r2p3>e4khY>wkih-o zw6(IOqO%0ln@YWhHEDkz?AIC&f`7t%GAKl$ok769%71!fU+~h~+n|ml+>^}slSy-P3=`Zl4dRVnPXqF& zj@s7LTWTgWDUB=Lwkc$~VWoYDlVw`BwTy2g;GA+D^{FjkULRb|CbZw?j3b3Yp}+9OZsBwB$By4BTYE@EFpczz zx@a#EE)G&X4Zg0?QOhe!cGo_sl(tJ}mpbVi?J&lZ?F?}8Rq-C~&mYkFpNp8+37_5g zeSP(2AqUq+vpGGiz*M$#>fuYzPd<65uH$*+l0Cx8RIlAe&flb<^t+^J;3)a)5w_!% z4@kR#V(n=1$Kka@YY5X6OQcogHUblDr-qW1&i&(jQgof>p%{-%v}{i!+u%1p9MqG~ zAc_S?W8qaH-tOr}jC_Uzh{Sk9=VP|AD3q0(u_lcPenRz7Nb z5x9}LWOmc2{_tML2BgZ20DP199 zeKob6&Hz`C<5#%(eCaLVoHe{{o*avxb$-#&=_Hxw9GXYgi?qpQDA}T&!1#C6*B+My zx)88Llx4gtJS(jDApB^Dg5^852kTh1SG{izqWtPPB)Z@`4dY~NufSAE(P}ST?#w{| z3W<0=jTBp`&s%(RtsGa;oaxoIEHK8>%G{9#NvD6+w-`)kE5EpQ)OWomGTgHcT)EGZMDo49!8oh)?$!ePJ zY#Ag!WMBc=R?%>t8CYwTU!K0&FO4DFwdMRLs3-vz;Z z^+%AaOL!TSOwF%HG63b}y)Cue0(h>+qp)GP&)r^|5;=Zoj&iBxLVHrHD@r5F4C9~S zP{_CZE4lqw5yw}{6qDTarNzhlO+zf+{?5+&3ZN>DfE1&vb#z+>-DJU0j%T{K7LZJ^ z1<#{Fmd}f0pJjfq=?JHa;u(EZE;RD{UO&_HUR!abOGsSCAya|2#Q4>}NZ;r-hpx8l z4qv-I9lkV4I0LlR$3;O9xLGi!<5yKqd5-#u?(S=OV~ZtKK|OBHWBXSu)V&+hU0dk# zLlLC6dXe5gJgd`fBL?n2X;pgC3QHTw7+Swj2S2+t!MuxJJ(dRyzEwX*@%<(!PL)fJ zu*N#RTXtre7gUOKm1|juI){gT)qCjCab+o_ARYS}&8@_cZV5nkK4OG@Cjr;XivZ{5 zD1g>ha`GT)MyYs~Fouv|x-JOv?yT5eAw!<6#>9KaIw#Qcj=>`SGzhUO2+vwYA6nzw zSxS)S+Q%=#f=3g(or0?5nr}w5nr%GvAvmXNTT;lU1(<~y_t*L${{YQj#+K^xI7BgL z9c@`X;;-)ENc2f7GOIWYMt?sFXgvkPD9K_*pL23Fv+8S$z(0C+1ISa{F;h9(7~Aa{ zGBy0Me=IGa4}~JLPk(WYC^>e;8M<6(3VN_34!4=^sIB-$Ns475kE#Ol_kT)(r-+#4 zkBJ%N>8O5w6!Xa-y_anTaVW zHayt(nz*{*G~6WBp*fn8D_s)HHgOA$lWxx}RG0lB7)zDfC0EWf%+!<5Ac`azW^T%k zD^!0+UaT?WtidvxQr=u=g&s4fpFB{4&L*(Q>&UWYkCE)7c?HaB z+){-l&&NLcd0JjQ)QhELjW*dL+lF?><5232mxk=2kK5ll`TV~}>a=(C zq;-+N9b91T^A&9Zt8mNaMqjeMzuPXRwUqG|ZZJRZb%^=YGoT@5K;Sn$=wI}70h{~8 zi`!=YD*aK?ex*>5uP((~JdHx!Z$_Rkx1&~}+)(r^TUWlPz39iu&c8;}{v3VP*3POINLlctXwJ>&;rLcfy|GMt zARoq?O{KD?b_Y=-=S!+9mCrt)!1>l1Ss?!a^2hjBq<*l6h3D4)0GFLIFQiNd+er35 z6IT}<57F}67%{|YumTSJXC}XGvy8>x20`t%DshqqWjG8p=#x1V+mLkr5!B=6Ui&Q3diRU9#mF~*@(cM2lL zDBy)#ZX)G~@uMF~K;mn5z_>xDK3`GgLeVa@`a0>+8sxXqql^B}tKHqnyJr*zpctJAnkG`Jr3uTVw^OqhqE!DvyD27fqs9M{H~j zdM8FjBq03;zf-IB~gJ=Biha(UuHpqPrLflbcOtj(i6@# z0L#@G-1*jsVn|c?V_XmIkx6xIl1Ui^HaFX__m2u|MYxTwSDYaAhq{cCy2Tjg&Ts`q z(w!Q-Nk;4=>uT;J^Yx{F`#?liWkRH`I>Eb}=eezAE$@_oHIHd~dGi$?3AEfno*3*t z6d`D&NQ>%tS$1*Yexiap+{50_9>d^iBD{s)2dg{BjC;oPbXi-bp`_vJ>C_-yo-$%b!o{P`>9i_X%6LM8?zt0)5T&1%lIZiGs*IUQ}ko1e~@s>f$(5X%rT{${Q0?O>159$^-?$z~e8 zq1{%KKq9xn{h@};>-h7e=w6H-wlvaRkF%ey`TXpH3t43{a&0?ycKgT1ipoK{nCg>H zXK<)&?k)s(Gh;#!cge@-pQ7S$Eh2ulo@_^9@-<=7Ce=;m8`d^Y+CQS^#z{5ZO%aSl zgO;J&Kq5tOF`ZG#_~N0nX?U)=CA%_vtEk0wOrYT7ZR-9EpGjh`=D(9yZyb#?PTbsX zqr3D8F>^Li466^NO?1yRGs*lI)1Lfdrk39DOtHpY7l+qo?xkLkl5;F0NLF11ebxH_zYwwh z=T-@(g&ySz0JB~VlxLq>i{2H#w0^4Kp~^~Bl6+3xVKOqFC;ZQWyREBVotZ8)c~W;(#<*nIv}uu98s)Ygzi zA2H#LtB281GBM{gz-{4*55

      W(LyO}(=3E7M2Ow%ULD)AQy0H1f+Y^GiDpU!L#LaF#aaTXyw`HmPw{z3LR5RoVNXfqlPi2IMgbR;Zk&eN2?{$5w3Os zfv`PajXjr2$LZjWapo1%7CDo*yZq``w6_qnzS#tv{);H>q-Y_0v5^}Ei0u6L&}nZ( z7dIKxaT4wqKj&Iv0!xBDWx*T2=p!Hd9~{n}dVW0r0Jh0#2u?9&DrDq0{4+`qJXF0U z5*TgekTOcG_VK@#`K0LU#p21Qt1#!c@qT_Z(AwTTl-$FiBR&Tmlq5w<&h>+GJ=Jc! zGi86nU2-Wc*2ep0qZ3W)t)dFj9k~ow7SeQ`KbC}dcag;*`#jIeq)R)MnUmTWBk!X< z)XNN6#-^rtWox-RBSjv)-5r)fxX?TWaW3v7fq$K`pDHWS%C^vh zv#`|7^sh*`!%9Yws4xJiuKG&Xhirhbj$UkhN6xT0evUn|gDbxb7W+FL{!~vgXk2uR z*os)yqF4`Gah>uiD7bjr5nIJl+rsH%cO1I-Mf0hDC*|W&#~exN8hvEg-H&el)GY0r z_E-tY2itD?^lN<}<5M&80<D8yO{uOksX~E&(GBaxo4QPTCg*oYsa6d;%NpE8um)8-w4Ec zC-$3y2~cyS4nxm#O(UHsgHb*eCB!X=oZwqGS#egc(pETZYvD-Sp*~a zL1A;!HwGJ-0x&K}=iOe7(UQ&(fDPh;ia$OS@%k*coxE5OvYLpctk#-HZY+aNnzshv z+q@*ZX1^s!sfKvE5Ah;^=r2pgA8*fo;mIKy$>il z#Otv>8RyEl$zr7c01Sk>{0$pv8RnD?_#hm39q8Q3qBR3dagVaJI#HWVybM$f`%RDQ zNzvAl2-%lZu7|8VJSrG&5#)en-yR+GAA*+Z*ijrRHOY^^-&cJeqGi<|S!7&o-Z}EF z5qQ$q{kS>#bEYZ_#c2k^w1r>kTIT9Pzq^Eef%WA=X$B;^B3+N!$5->?OTk~-XUL85 zviQ>2UZH!P^vt7Uws-wAdMxWV1@u0i!%Z|+@kcXzQYrw)-~Oh!^l$W@8*u*s-p16j zbcY%wY?zdC!RqRNHWgdloX}ZV4rED7#{;s z%^B4kiWyIMuSJ|qB*S(QFSGGA!RWPXSo>ygZ0+)LMTxJolq>gA8FpBzfd3hiwG6E;rK}mc>H_@Y4AuBkff^ zhv)h(AhVHTxOLL5+=qY4mekreTl??s!0*jOm)6N~bTh6%?Sn!%V_2gckp=*!zmoBh zUru6F?f`T5RCYF&q2JnQqikvMCXDvB(zpR*5h%|O%;OyM&Yo%AWxbGTB|Vj1;ZHpB z2%$liX6&h8OAkx4VWTW@tG{e=r2U3CXvt4 zh`W|!u&+q9nP!KUp;Ag&y&MuDjQy4TcBb@OS*~>R;UR2S3LCiWVplkdRdJy=XK81p^`sMVe6$rPObLmO+C!33`@VV_3?A|(k1@@sQwkevx|ckb!h~h{q+ou z7ainnB0X5!wDR(+yGON}DdiYY7!~Z_Khl;fNLpv+ao9gYUfUtKh#(+jb#d4QS)27M zccZQwpT4g|S1R6y3rc^Kb79^p((+EJmhv;FxM~<5>Zz_DIwC^n9m2TN#`f^I^-%Ka z?~gv+>S=DYucU-!Pqe)G{Ae}Bq!X~%86ypf(F92fe++AZO(cvF6lIx?z*dV(X1t3Z zz15@SMIIHMx+h?ASp0UY&XAj@rE4?mQVQyCB-Cf8_#g#QpURsXSC6t>GE-M1?Shggk#=L; zJNNih?Z)(}<=cs)PL=Nb_))vM)x!iX5M+}{ZxmjQY^PBf$zxX+?;vp`g|qwQ=)pB`1FDAFY- zI6;m70PagCOBIqm!o?eVUL?_;0VK0y0p=j-^4tAZym%vYZDiblYvu(5KM%1XS5{{X)Joc!uJ?PX|W2b$Dxd1)N(gb-M7<>lc)5CugT3ONdn z8=fP|<5rlLI20zhGcBfpb%@Rz8go~oWY-#u#RC(|zfi~I)Nnx6tl#eV=jrfcY{_XCAs9f%-c3By$kNK(*^X-A5 zw~fnvp|RWR{J){&x3zn%EJnRrL9UXqy^;902a9DJG1C!HcH7V7Yfp|U%cO4SXyrmA z^nDn|cKP!C1(=0VxhJx&WwxDe<6x&$dx5tqxVGsy3R}1Cl3!~FI)*zxtr2HzkY|}3 z{xs6fBE=f>XE*|`L?lj{i1kU!3Xypvr_{Gv`<4#gh&xt{Vq9n^?LK!k>OVtu8ktZJ(cb3t7xVWa3_&dKu>2l<@xQWyOP^ezI7&}q>^)*OM7_4P^Yq^ z^dieDM$#N0X2E0OMj7HsqHbv8Akc~k(ioSLMlb~)l!`Y?gOjIMR1?hO3I`oE%dBhUe7Y;IC)7G zZ6(SgW2qjF)Ej5-{TzGAcrj;AtP{VwxKLfgajz@FZf*Yn38?R56Kjq2su${mMcsm^ z+>_Z_;FTs$TBB@_(Hycy3fN7dQFGP-s2YkW?M$*tx`V&5{eQ}>?$co^=N-qie1F#Y z{{XoyoXRb2qc~<Y)vFO`GC}WWS0HxcCKi&Jp*5w#&V@2fSm@k5jTXz!^ zB(qdGZzHVsGKz|izxnt70A)fI5R&%okPRXs0TW}#`@F2K0~+8|d>DZ+DIpffn)Qrv z8yDIje9m9ch7GDMwe_PTOK;g1{+urGNf@kbHT8mmBq7bVcD^G=oG@fV?QpmKx`-J` zPKV3pesBt0fT$={Pl3rH%62#jR&nk(HAEl8lcUt2qrq8p$P}MWz zJo~^R=U??hxvAr(Dj5KEruzh7i34t=lm77Z{{YNS0L+x9#T<8iU^X4IF62XYq!THsB6*9+YkZmDv&l>}aeZ(sThW2k+ZVig zoKh$wPdmH>w;@NPDq_ERx%R7mf8|#wLXFc#-I;kTFV;*^ZNMi+fowCe9&uItH7?f~ zGc*K4gxvg<8tQybSzwDKgps}0@%C)7GLY%Fehk%S*aOQnIleo~I2O8FT(2J)Eboh(nr{q5v3~?Z61?D7 zge1@JnZVAxT7^J??Amq48FvN*c?&TuF_LyHniSk;OYy_G1-HIBaWoL*mr#uzMo)<{ zgS0Zk)tbn_CKMOos_*9ji9+wqOXr_<&biLEjpa(i9*OabffDiDiS6lz zCLGr=Q_xTO8c?<;l1mK36d04NqSKZSzn|spXkw;GQ18PW8s7ok%@iJC^g7suMk*2` zGz`oQj$;zj+6!cP7`Ru~OF+f3Xe5tyshTQSZ-eONE`&IzSU$_aTdO5m4x zDo~f8R446`Nd!oryUdFMIv3UV$ z;VT7HNjO_tvW5i~;PZ51XAp-`3d@sS^V;TgX_{6X%x|2W@oB-fSrg%7jxrfEwLrWC zu#@XXLITTB2~q?=bV0^$DG1E8*lVT0T;*>}kUuVOE^IjParw#jgPNyN51sYQ)(cm% zi8}I~b&Ds(miL6lSdIM+~Yv_PSZpY z&nFn`7?5=32<7NT#?*iiz`wInq+uf{-@` zu(i49bwErqT%Iv19GA8sB9ukU_kk=>ja%DPS3T%+WHt~5z)(5G%(J(f9zDM}uL&vx zh70uLF&LV#N-$TK1~O~830--jU*VX@7ou+CcW8KmZu4qYIXl{3UBwuIbO=(*alP~7 zqc6C`a3#}{M$2@zO&~yeyisH3VoZkWx#CH3A3wj#r!wr0>l;m!SRAZ1_{q>+y8vNG z5eE!JP1MqeB7EW}WS&@tL6IbCn8=xK4?&s~IfXYGLT8^JGM%<^4kDR-sEmyX%%YGV=eI8>Wga_JLE>j^V_r_sqMHD4`09+Dzj$IaKEemqc*=xGs||Y}1QNm`Acp-cPmEAjh8c!oZ^)C3CG%T? z%tN@B;~J6pAjVv#09`<$zYw{dbnoGEcje_BGRF}b=Prye*`n!ps+}>0s^yZZ0eSBe z8x{nW0YO~_ZOC#AIug+%-uHr$c`&v_wGc14$3V#JHX~#I02EDWw8ITdT8?@27jXbU z1=B{IR`HZ`$t44W_w)yBRG<#rpTii_6ARtxTHf*RBxg8d%YG^(!)ML8EFc&S*YZU< zRPl@;E~fk5Ls>f5r2#=C^7+CA&s%$i2>HsQdMrWYlntXZD9N#q5gthjeH?3o2TTnT z?IeC$;xPMm+~8ipr*f^%OJr?bO+a_wj7X4bQMGend|Qd#aXB<6c(voZ`*&Ty1q8W? zN})cUV+JN48IZ))0ooEgpMYZ(rj8BVPrMA)5CVici}i^m#|fs~Ew-nX7$}MY@<=#R zPnoxPaiIFWMU0H3AwJsE?Gwiskpz?gtCAd42#r{h@-jHA5_q=)bm>1#j(3uLOCgW+ z-ZfM#P~$iP3+cRWn`HQB6iKRb?8HiX8m-X(0ERq5NrVC>7~UT;I#qII)XeL~N{$*} z=n^U9kK?!3rU_%~2yd09VpKqeka2j76vPKW==}N41@1Ba@qm$fB-8xMnri&Z+0VF` z!z6Q)841z72kus_6r59x> zJ{U|Kt?k)hNOsYp#;c=+=>IBv-UY%bUQC^g!y0Rzrj|LObmqAu>))+_-w;hL7 zvU5t_@x{3>5gsUt%j%N|L<%)3NYK|qkg#e+^nv%1aX{{SI~fa+>O1wMy?t|b~PZy;AKEJl-m#R@6F3k034qxAIRLkb6It<56o zAZRmNxo*B4hx{@mO-9j*{k-u0<6zi|Ite%*Vjk?` zWLbR=h9uFyXLxF45Pn1bkNd{cAYa26opFrSsvuHZm^Jvyz=WXuk;~d|41r2n>|#sM zeq5Z&zsV=`#7<;X&4g}r8_rU4QN;#H75KpTiFgkXmpDXB9yE8|ju9!*W~9=`;e=5z zltHK7It2tSbDLT6!FSB%*sI|DApBw3sa+pL{N(b%m5F4CPs4cPQm0r^nUI(8`9&tQ zMPJE+l2z!V%blNjG{cfmk(EDo#(2nmM!A{9hpeW`4>FbP#&B(72-Cw5`O8LweU=jD z+mz!kz^}ybB!{LCIua7@tKLPF72l`G)9d~UtF)y8M@w|`gpl(nwMt5`e9st9sI)nu z6_Qt}$)UBFQiV!~KieR!04X{D0KA+a1z08x%1=5v%?&e*m6R@J?}H~YEW{#2Q3^}p z;{!!Z7&gJiNQ9?I4YwwqJ<%yosuH<-0FprK2bGg?!Gz6d>#6<+KCo)E)O2uEuz17* z71~QC0Ez*qykq;qnd1^wedfeD5Z1iD4Ad?}8&7CzAm;GELoDdApyFiA0K5|8YBzzf zyj63L>v9`zIva}3;P2f$E(^&{IdOyvS?e0;z+&o!wdL=(HuD3pY=NquoPEJujH#G> zm4Pv+p7Rj^pIEL5Ltdgpd~uOOW}vIU`QA|CCeJZ(>Q(oEw_wK1x(MUP)eL!YYtPEuAU(FRTsVEd9X0hsfC}K$r;XAKi-zk}bq& z6LY>B)T)amSQwVP;^W2x8OnllZ5PQg^OU55ce(^!ILV$2q}%9@_Y+0rNE^)VReM!` z;HTbjDM1QmK&{VM&B6$Z3zTxOU5xwD-TQ@1~la=v^PUNH54*9llVDE z4KFr#BRTvm&Wmxq*7K3Z!nv=)G)WXpA-2vh^6=XgtlX6nAbY?})Wj_u<>|qBc1efM z@l?}Umdu$=%X~cK1Lv<$q!dYj*_I_+r1WVL`>C47B<)mHr4EU%Qbr*n z896e18$o^%-@k#~NkkV-((kzW!kCr$lTmOdxnl^HItHV1hSaIG#4U2ffM^kspb{T$ z6#A-0!+o06vG=ls+_oWpd>C3BxUDaPZDf8yO-+EXYTUCkgg}Z5#Xw`zmnmh%QIxQQ z?N|&5iX>58+B>1Uk#R`Z73D7L!MVVA!~0QLn?-b(-mUb+{pCCcE>*Q6Pb4wt0ALyO zayb*!k)ycXA$=ke>0L}|jbPTeRChB~$N6E_5h)Y1A_E=&0A5O8PXR0ShMpDEF-fFe zr^ZG2jD;yCZnKobzz3HhU}jbg3C!62Ft?3iK-*!YxSoJ)egr`%HK?pf;1hrm z>n7x(+ywc5i-P4SUIWSJB6_TmE#!&fp(Mc^jP6VbJ8M`nF}pyc;ZOT{e-U~V28s^_ zb%Vq6Pif^>?XIzy4OW$-o?>)xUOr(-`H8{H@!lWGDROuw)qDp5O&(CI-Z4I5@rn~z z5p3UW>&{<&9tKk)=5=0jgy-`uW47P=$ZR%1Ce>Ewz2x`#7CD7r1s-o(fj=HC@&aqm z@oAHte~PR6z$8R@!e(j49vsa4Vj|f%3D8y9P_{S935WX2`6;H+zgzo9G<5^X8Emj@u(pZ zNlD1nY5H*i=&r@00Vl^;cml3npS(Z7DbL!Ir!P9zRT1V1J)FtxO!qTvqWrl&9ps@> z9u8tgh=1tF^q-#_9>7lPNA>8sy^1W$#Dw_5&jkbD3pn2Ag9(Tw7MfGadeP2M?owwo z4bpnHM8sk|zT9Q21O|f2(X&n&2#^q4=m5lsM8ZL99tnevf)@s5;$Za=ge4Xh<|Mf< zv90elntR5m5F9fJ-aMS;1QR{k_F=jd2wBKeViNg|E9ulkW}H%G*%7%t%>kPIgxvIu zP>CJfKPnzj`N;iI#moSy@6h9<9k>r{6LS3Isc5Kuidx?vL&#u>3c=cCjTfM&68pT| zmB&|GjE62A=u3J`elkg^SW;r*W#POk8YD^T78-Avtc#N7s;Y+9@~9ph^s)K2r+m$2dC`KjGWkDka%)!y{zRsFs<*1&Asp_6n7f27i8906(EIj zX}5i^Qq4Z~2G4jXAc!R>Ow%L`aZDl=%qmAm&Mjr43!tyE#+P>}Gj_vJH(8@G?KX?e zuM0D2)-^&d)8kr6r!E;?CE%FhzTnnIhzKRI6SPb7vjh@4{DA#dq>MhL!~^{Y!QnL| zF(x1xHaq0Og%qO#&Z`j3RexONg*4buDPz``(Spf{9^4A%hcF6o6}396V^6_=Ol|G0 zw~Vu7K3q>-osGH1SjvI4AA(PA@=lon2w+Z>USY11P!c90kZxxY9HWB_LCE}ZOagI2 z(7F)*S8W#JA`@h5cW{Wz*XfkgA2mchF@5#dMq z$UNa7^GA;z`N%`N?c09bJ>n%d8jo`}$5d)d(orvRZhM@&Ze~l>#5(%wS&xMCi7!ui z&!YhJ>G1gCu)+ia5l1`Wt{BNGDpdhVqq(sjadJ{g17cyo=sbb!-nvC%P1gkiYn3w* zGTmXQuw|NLG?`LK6RN~%Q$y}GF${}>5{rI>bsXZrWT-rdGs1Zn zgO+JOKq063bTVHK2%5SE%3{c6?no6{QW{5$ixIpmQdG48GWAFGkcz|>LK6&c7l>h6 zZ9YhTaYsD@*TP%g84yW=?8z0SzMmNp_DCS*l<*IC6_Xf}i8)~##kEC^B}70EqdP&{ zQWR^0h&7m5LN!OY831graGfE3cfur)IGg+u5$ z6KPFh{3c|dEx&V(MIwxcnIY;YCDB^$ z4k4$l=Oi0$As}Z2BDc<3&zU{sOg%(+&+Ttf!YR)$IL`KTqC5cE5n)u=xA1)GTi2d z(ZyM=xyLPPP2maTT=9cPZ303HhF398Q3~^&L2#!H>tw#*%_Nl>x9K?*9-ODbv!#fi zW*nyQ;7XFzuQTf-^uw4;87fvMibUhZkOb!lm!GI=qF_Hhlj8RTfEvfXO4|z&HV527u!thWe%^ z36)ys9Kl?mfOHk@C!m$8t*uDrpr6tdNZH8|UTLsYOq_W{{Ev|v5csef2B=0{FK!6i zj@9@bbobzG-U9%D4EM2v=;+H2j3{J4_<(-5kL$DsJem(c-U#&C1X>z|Lc}Zak-ajt zp(3QpFk~#bVKF`@TJU4GsP+d}ZX5N^$7musbfdHFWcikYH^|`^@ty+@VwNf;xIeVz z$-ScJ55OL<)lky}O!6*w6M$I}uRxM|*wSlwCt6dRxly@uUcU60)Pc?3DTCM-9U=M+ zV@foL1jkPIl3S#KzR8qwTzJak zW~`IAqyXV=u|T;fk7SyypLu={nKQLnq}Awyd9`MDysKw?V@QOM(;C2-xmxD}oTes; zhe-Q4V+||}5sgX7Eoq;eh+D{mWdNkEJHeA$Rf88|jA^*xK(TL=VJfQklAOw-L5KrP z{5#>`hQKQQnx+6Hk@CnR1IB0?Bf^G>%dQ3|(^ur$WxC^MzB2s#NRlAzmO65KP8kdY z1Zct`xU|Fsp9im{wkfV{zDcaC;XsqgN=-FVcl|*t3nhyTelj3^k)4`{Sn5&iOMpJ- z(B-NLL5H5tLDotDVWrHebc~t37`uk}zgQ+RAO`^m(7v>Dju{O^CSdAO2C!9B0>&Q6 z42;_jNYX9ZlT6)A~yPuelG5SzG0^mG1kJMOAUIa{AhP0<8#aXTPtT-Q0>1#(+X^bUH&B^8uN z)cOrf6?lb&WH7AT${66?65yBzPKH9ci)&or^nwwQ06eJudB#j~%J2q*qXmwEXl~cT ziH-Ef&kMtY17i01joTB?hgveP;04WCDr!|Z151J!o{U5KYm5U`4DMMB_>20;uyaTz zLTk_KAeaSEaF~Er0@JyFXVXxL6K_c^Jcvw5q267Vfi;MmTzoN%LSn$3CLWz-DdJ{b zKiaaj!4y0n+5~PfP?J=2vo%{d^;l{{u3-qui4G;mzY2Q@QA}wcSv=Yr1O^zlfpaN^ z4-x_zM1BoN84^N2_UE8H>sa2)j!fZTM7u0_&jc{$!8!bycgd-4I(@-D-NP$ZaR5xf zz(QAhkbw!8(CdNUNiG^^2gp|5#-@$o=J;L2Wc5=qiC~CDBhy%&BQ91dCz~7ooEsVt zk;k%@a!?8l_qE&OB*R=^lmV7u!q-XoAslwsD{2d&9;V!au(w(e6-W;4{#3`?!Zmt|I`-DK*Ix-%frI-Xf ztiiSPYIw>K$Vrof^jP)ReyEF=KrQrn$nGAt@-v3`wu(eW07fHKF5K+nON&5bZmLuX~4BC02}uZY5I<7Z{>E8GQ?0QA-QHpD3Aa2Ft!C$q`Do+Y$|^1TFe>Wrgi z*&}A*<xsqs zN^=K@gM^5&6*wXY(hC5Z6;XbEa3y;XX`S1M*H85G+`8fvg**_xaKulj03v`s5jPl2 zra?>KLoIC&o-ms5{ z?#T>CDiD|4{@ABZTUaI@tF0Wnvjsw+bbez{C68?3 zuz&&#`OOD)8jOrc1R9{z_SccxE}H}`U7B>k$%F^H#O#{0XU~R)m#)GBqi@S3VRCXA zC#mFPgv4{3Z%sx>GjGsJ;1u#liP=1P$P+qHJf2?(!Uw`c*Q4?|_k@aafMyAFNsXdi zJQ-6YY)MJ!+1>|-fK+n;0)MAn-dcf(be(_hTbU&eHMzMzIY$U+13(mi+lgHQC`TuD zC&P$a)yv#5xTf&?1Wchyhl++PdZv>A3Qp(HkGnn@B;a9$>=vVx{XJS z@x2(KK$;X(@Wdf7JhNOfdmCEMQIGr?MUXxmJDM1hn?csU4tvto#3B*2nc{IpBJro8 zi7U@Hl9fVa#INHPQQ82L6Xmve`jz4g@~Ou+{oWr(QP@drQe?fCS4Uzq4(Mc|QGBZk z(>c0zH5K4I&+$&s`*AxNr>m{t^BTDtx?tvrJ%n#71*9RppDrJ4#e^UQ zC_?H+7?i~*l0u|R@>BltwM0}xR(;CXGgmmE?rxAOh}m~Wc+3M5w@}c*l?LaW2HeGK z%P{jVX)=g`f;gxmQAddw97#r$S>vpS8h;&LY+3v7F2Y$mS33#a(JW!>)g?lP>F-Ng z$boM31g=<^OI4f=G|&K>5u~H&$c!fxQQZL2q=|5ZAjwvQON9iAQw$L7LUgU(vLl@jIL`1=pEUbTm|4FRf~WZG~`KX zY(Y^xzL=sn*I);BG2Le<3Za4VF%NNp+2>M&9QiMOxZ#wv(hry% z=S*G@)t4H{P9=n%1P?}XrONU1kk=1BvX6L|sfwCVWHxq4_yRK$RGu21@{)Gi)Lrgx zN3B;Gswxr1q>G~wfuCV2jhiwgY=Bf1Dc|C@@$jZd)5w+_pY-K#Q-?NOCAbkiwUqW^ zt7f$f{S%2z!Nn$2gj|x=P>>i7k~I&??-+#x1sO~*kM}b1en~L2)vhHta8-p&oE=tz z5%vf{O^8I@(X6~6L!n9L9^avoMkS?60=ANsvFyf*jT(|u#*6GQhX^>Eo5+*ky9LW* z;fw|nO2qyU8q{wyDpyZAXxVHn7=_r6I>b~vGKCLLEJ%sqNK4=SQ~f%nKv`lSb#g}N z`SMP+39p$rEx>_M6I1Eb7%}BGRiHAzxFt8>o?cg+8jC0euUM|!p5zwvGkBeGgkDOL zUsZ>r9N@pZw4hIwkDQIn-C&|ui$ep&r^_Zkk&ihMozqJ>BkUQ@bQ;1>U!y7hhLT7R z0bGxkAc_yG1Cz*&;Mh&p0J|s!3}O#CVJK7^l^=0BA-sJkXPZwu!$3Lql0&l?getj1 za=FLryfC_nFBT_Q&=H{nV+fXD2YeYKC;$Ts5Eg0ok>Jb8745~opx-gmA1T~KDs76? zN`jPg?7(vhS93v6JmJGxBz*vV;gX9-$boqTV*>1U+0%;mlfckI-zA4r4yJN6&PUbq zdB`1@bfSgDn*89Cix^T03`yYdbr@JuT1%Pxq$YP`p=f`zO;2begL zx7iE^oW~LQL;nDI790ZzDtKhB@*gEs0->_DV(HL$!li&LRB z3{em1dg6Pws2!+$<60|JFD_f;{{SXdbctU#lL2qG`+T)%=oT1ZI8ka##v!3M5}DzQ;@Ha1M+jD zSDe0?60qQO{{YOokr<$t@Oc z$`68eycnO>Q$`n^j~SP2t@2=-)w;5Sh$z!Bl;z%C}FfxwtyFElT(C(~-v=U9yj+(%(N zBxOwPSVn{7nj}%WXY2%d4j5rR@kTNYO_O0^OMo31LT43HI1`|j8XPKwysW)p4!SGk zoVO_NPdQOvT2&Y6i137T;XV<7-Q~oA^nVa$kmrdkz#&WL3yBox0O;t89ZLt_SvgX} zWknnm_yOl2aQy)u1Ze0qpI_0dWdemnyJ2k7LPQ?*jp?KP=0Zt%ZPy(8MF_a zoR3(ZG0XNiEWoKrcE>NO7{yG4lpyTE1fu~Ehwb1PPvZP}nKxRN3w49TeLw+?>xYaT zQZ!d9^dC4tGy;VO&680E<;yS@W3YOlu6!_C2j@{jEX{^@7{Fa>i!&Z$Hq^C`ROZpT ztZ|S>#+-cqn3BPXGn8cO-K>IxOIS+`0#J*Oj*Gw_ejG)Ak@H`@Bd z(Zu?b@W17TsARw~SV)50@a5nV8S-*u_!O0ViD0gAso8*orpfy;V`NB#AWnCCeshgf zw8DVc``rZAB_u9}g$KADRdK9jmx8Q9B8F!r?T+4}S6TR;5u)MGwxbOsP$w zHYbye22wIqp)^XQI7IV|u+vsSO@!QC%L31}B@?S~9|jXfnvyXOl2;SfmY{=cijJt& z;;73~<uazPwKK*BcoFeMgU!Z+>qeU_=v@WLkJ~8#?A%( z2yh_F=pVduSv1nrFDJ$$5jlX5DC?+SsJ&EnJyclBcF9)yq2t^o=*=&C~#`YRgf6V?|Y*SvBAiR_HE(zCxUNvpDOhh_yT_}c$LtU^UT$x4)bFR-EU$(H(xi-ca)y&29S5c?7lL3Uy z))ZG%!*tKE${B`bNDDycLZX%(}ac^!a1`pir4J-G%Z@` z%7T()b;Hd|#d?iHu^Gy=(opT9Y3q(U1fotzC33~QBBOVS-Vbc%2uU>Y1Vj-OB?ppe zd0U+U8i$-FsN@;+V=~+TqE~)+Z&qzFWomj0Ol zWn>xXC`gIW37*pSv*^^suz$N8F^Fub*bWqS2vlL;#fHM5OUhWhp+cQzNF85}La+KJ zaC4c$SI*rG`lNsfjy03S&arSE!m{$p3Lhu}6qvFcW^<=O3GH?1>A-u0rSaoM-RdGA z-!@7+;3{}#{TUAAGBT%1y~h)bZZOHnrJ}M*QQ-jkvn4#HEgF3C`168tVO8|Fj(;9< zFE9*vn((MW#TB1Hg7-E6(&3qGkq!VfVZ(-r$Vk|D;wi&v(AKYvFxW`f< zw3K1;)=1FaxK^jYxiSvgX1QCk6>ynaf@QN|s7V)j{6(J3i)~47lTnCM6u6FcJJQTEmlk)Zq3saOjxtS;3m|8mZZFn((p64Zkmotbork zpCyo|M@}IUD`M{A4Ae~E6(BfK0f3;>TE{KWlrh8S-a6glfD%x^E9J0*q{z!&t0rVD zP035$V9~#7l4O+#PA1WZL9M2${{W_O{{X_NM#Si8-9^+fgk+%^+29C7h>RU*Ne_|_ z2eRfE!{RK0b~pEgbCg$_!YR1p4I$`Dy(oU1Bu!vfntx3{p|m6y8<-xVNgmOIBikq? z{bS&BZEpb5+U;1ur*$_%m8h?X#91h1Ee~$aJ7&N)<*~<`N0`YQl+(d~cO>+&min}a zM<JZNnIF=KXa}MkBWtekdlmptJc}#2{^q}@8y=1GT${A)I!!qhvg6x4b*y752 zWKe9(ic{-P`@}n2WF#`;g=WNaK!IW0pX%`+iWN8=T6J7oW@^}`#_D>B^YJQpIOD(3 z_~e&hkU5rE0%7ZqoKHrnYWmX z2eT-$ho737fJ$e^+>M&WB#f1j>@?9h(k1-7NrD)FiLc-@;RhB$NFqBTf60^5rH$Yp zvmzjYe5B6-e@;rRmr1KpVRF*rM@&=`&9oxD^^>-dL=hO*6UN!?9j6zFX!H)e>m;V@ zoW|>y!`=lQw+P^THo+g@9GzDrfz&&h-!XW$;+rTzu#@_^j1D9O8mVxNJbd9dEGrO_ z+%V*#7N|Q%!z0`_PcSlVCVtMb7_THk1L`BhWd8sa!4U;L{TSO7!g44;OQ_e?$p=}5 zAiH1$T*1-IIV_Z~mlMs8jInyj<)G<=``eK$M&?J_$xaAFV;~Zc>C{VCc96HOg8|>= zjbK>m0XUM!!R;j&5*<+*d@fTtA)S2i17E2X~Y4MS5G$={5~QSO?-`mH_j+c1;oHDRNN9C zY4?T_lUI|Mmy?J%$3}q6(&DIn;7YGR#R}*0lQft-Qwa*ERZ|88dyqy79vU8;ZViWN zIK1-XR_FTO`7mErLm`4O>lH;Ht6wfivcIuEhwKmrC?8d%xFypj_{K6^oq(s{^n1ex z<@>;Gi#B2(0Z-2)m?W~v47tk zT*38C>wQ{!f{ zk-7Jrjcr}%yfo$jm_Z&>xAv!r-ca8Q41l!*g@#eYI3XsHr^%Y|iZwZdaF5dO0LbH3 z+1TF!AH#=C;!zs+BRs1T#smd0Y|ZQOrD!1ddP(8lwaVCanFY4ePRTLfz<>;V@sy*z`m0DKefh>RQg{@zk? znhFFWVg&NJ$RH365=EY9{{XHcl;fgkyxIBniw?w-fPA`-e5qhbE~Tp^^4`JYDO!p| zvhB2PF}9DG><#_FQ~qAQi6(tU*TjV zYLsjQ*#7{Bd&ugk7NX5*LB+VY1+hz0ep*&CRAZ^=^bef+N*)aBOV963^R?V zEg>v2C@4*�L<|B&i}ITmJw?K2C61r@suZ97D|O$<>GJ_??LkVM4?u_WWcDz?Q1! zANs(dnNq-Yc;f3f)#^vJqK|`&Zyn}GQ;(3&WfPlCTNAzQUMgtRlJ)#g`2=^G|tj}x;UI6rT|;F2f+LeDH`Lj zP?x%gryz39Wgt%z4j?#$m1G{;gn99hHgqX~J>7bjyiPJg2)R2XPmGR~<(ATE2|8~g z)A9yR@1$`}0X!}k=$w27b~MN@7ct%Sm5Z1Bfk1i;8|Ky8?TAPn25|oX{HiJo&MXx- z+M@LEb&(EXvV@SP8pz8OlXREiedhsSr33`(7Z<)SRjFsFn~^%mYY~zl>4>b87yz;u zV49ckvU4qAkQ@j;U*Z?^qy-9eI@mo*t4KY7X_H;WD>)uA);R)!4}*+j@QMVH$!B~x zn{^z*AXtXOm)-^=45I|wCt*`pktPx&(=qc2ylSmVpS%o&M4%%S5J?{w7*UANDM>!YJHZOUPo;%!z7J4qGK#$n+2O>cN{Wh^I#WuL9O4PM7NI4z3ytJg zmSnf3+CDxrSwa934WrgpicuF7nqivq;)_B|8KQcGj|ZSxNf@bea!rm)OUhW3D4~FP zi7`YRA^^bZc0L>+7|{$$UXP>a24`m=U+7;cFu+uhhCqL7u6e;QX! zpd~bqkRA@N2#}vi5o-jeo6%wY2Pap`5{G_S&=jo7OqUD~8o<@#v&iua@ro>bXZM=* z{ASb;N|1zjm!Zii6q*jFx#8R<<0m>LloHp-z^)~-37viq%;Gx(F9HY3esLZox`}+0 ze2ytC_cjDJ`olc(P>OWCxRyj%ebRrupBVSnK6yqE+dx^)lB+@T$pD*7Mv2a!)<}sE zzG~&D+NnwsiKG)8V`c`_M)6vx`GNv4HzbSu#D*Q>0{mvoenT(up*`5B31QRRK!HNpNl_$jQEBs8j7QOT)yD6AYZk%9x@Pz#;ztjF;$>AB{F=b>g4s zB z9~pK(-wy%gBu>xh7GZqBlO6dOfQY~wUUTa|4+`9Tu_qf+4xz$!CSx`U{N>C^NZJFT zeR#(&8UUHI@gJOs)h9Nj_RjvX=F4F<{%L&Tu^N-koAQe56q;6Wp#|ypgPEtnnQdVf z@??Vp%PQ&VedEUwq5uFsV3(Fd@y;uGy;sm=nl%tqJ`pqXggnm^qHtO5WoFC_8!oHz z<+mJTL+HYUIod*T^vQevoSf*)>3*kVB{Jy3Iz!#zGHDqPOL*q2G~u(9ch?wVDDflR zd?kLF2r;GCpWHueHb%19TKhU}vmjtP=S}$`<`OnyGDM^%B|=OXf58_Ran8JaG_Wsa zA80-kk8(T_LWSlFX4o7FuxI-3A?C&;t801x0ApgeVEG&*c`P6p`U>;BaG@zN5^Jc& z@5m$hlkCWg-^nN=i7mbk^8B@#Q!ZT$r@S=4qXn+Fk_cS#+Fqc&vF^&5A_VwKaPK!z zB#=chQ5P>Mb{Ou1lkA(QEw=|VlG|2Qk`!%^&N?1Z8l?$<#4*9TYnwn{Ci(6`#bM3u%+b^CTK*)=|~o?EvEBd2%xCCXa~FmOrwUu4cNlS^VPLVaflwNxz)l%eG7_#t&5>`Awf#Zu6P7>}j-!Wbs( zV7w@MdSgHWY)dV77JeQeZ579mpD6sXjMU*Yw(|WW0(=oa*8bRn=`Z1f<0g7JsH}Vk zp^)Uy$OaZHBVCt&6~M~bp;=@w#kqyv3ME6Zrz)NUZospPo~-<=9UL1_yePk0$)rr} z#?#o{6Rm1w4GVsVks%TdX}sOL(&+`~Y3AL|5n=2|b$g2=!*J(cfq8p56Y6m|QI%bQ zr{w{woTNUXH&Y&wQrgsNLWF4`$xUSc0EE*-j%a9~DSYpwRs!92M~S^u!RLo=V3kPR#Xh^@%iNbw#1V|yZR&a%_%*jC>--&TJ5&;>K9@3{C z!QO$UewgEm?6b^z{`VrY#T@gBOo%%P0S3-ufAbkblx}~gRZKd)r4@IrJ7zNGFS0hD|dU||+L;{M*iv%jLJr#wd zaPks3KA|GmC%+_K3K$k9$mpE)k>!drI(=DvPBaZ_3IZSL6PxlK>?g#N_`q^)2AP2T zzB6$(suB-{y7K&u@ZBsblAct2nHd)#Y)W*@dU7n36iR@5zhQwST3s8H{;L%dj-Z-5 zha4NRCIqSSJVLz~`tZX3G4R|!;l!i(yX1{|!k{5oSjnhk7)u5yAoi4AHmseP>1c|B zdI!EI4f^2SAts-{oSAT}UQnM>azoRIR4ZqMO_1**uEdbhCrA@Q@ea6(!nBQNE;xa%-1`B#%_}$?WiYNhy#jsFJ>Atb;950>=Jc#nfbBN;NARZ0)1~%Z9 z_&Wag0DXW7R`2X%%%#RN2CWNak)0t*1+83UM!TKZpTk)z>Le=aM|=bt?|ON6F}eQu z!)qzG+DO>>T;1dStYDiHhZvJiTu@!0QNaf-k;GL4xu$?qX^rC39aW=|@)CcBY^VWl zMCcHB+q@ItKtNDK&CA~RGE#$xW(S#{PjBcRRy8}ANYp&>j!OBZY?sBbcybMG8wsei z$IF5X!gnPf1bndYGw7I5XqoHdB1%2S0KPJZ;#tB3N64OV_P|wwoaKWjoHNwj;v3Q$ z+(h9RNS=ez#}=PB6$YGE?O4@+W{RGD+XK>{Mk<;tlrA41>ab$Md&}~o>~4NoxOf{7 zizo^QNb4fL!C4JxQkN0q5aqbliPX$>PI3;{T)2bWwCCZJ6@W&A+e01CZbK=ADkK*u z^5cwqb=iok;@3jh)0V(`ffCIkHK!2<4DFCeBS|i9aas#NwRCb#Tnfv9v4|}2Et@>| ziNIsRBMy0bY?le-Sw2daDUQLk1xbgJMMma1GdhYSr^B3lOOBJToOJT4-?_rSw!WpL*)5moY0YJ+-7<0MG&m9A@`PN9aRz#?JMCj@# zB|aeRL;ZoMCb*jGy3}sDg45QpH?B@dZS{F#s2y1(1L}tVUt_$9A%A~Ub zoH8860rw~Iy5(#m||A4 z%GpC`)SQ_1;Pgbom&C`cx)x4IFz;j50vZ#e3(?^pT4<1FnW$%ttGnD9!hNtniwIn~ zc=p0%^svIH8b=87<&UcL>;`R8;f9S;cpUSaO6mZ Tq=_Y`4(TV%OlhI+(?8JvPY zY8%kZZPqN44biHwMRm*K7gmc&6*mY?=MLw}9i!t7*_2s#1X1@HU!?=ADQT)7ZA9*L z5g`Z2qk8kKIOdixG+K)n`QyP032on$If6E4ur>{KaE5XxVmzjDSt)!W2vTh)ne&Qf z5NQ-!4l0P(%`r6xF7kZhLlhh@KO-BIZ8?T&R3yms=L9MeS(v6Ob!=14BJ5Z!u#!6k z_mtC)q2uH<_W1coCsjUqbM(U4)-*<+D&SaX(8R+ZgQ&q+sFof=ePSlvy9@CAjt-V4 ziI6rY4nVlHqT?WxE`8}_H|AF=6jaXH$zTL3Uf{9(<*S5YCP)xL$2gW+XF-W4Wp~E# z_WAB8ANSk8=m}x6&_D!;g0ES+ry=2%5%a#W8KyXaw@)S~Wg(Fmm&75z++`!0gI8q- z%;20V$}zLcN0x9*^$<$(P<#2r(bH&uqpVYs%&e3>Ly;#81578HhsGTxgpAbiV_f-X zG=!7a@bJX&y2_e4HX&f)W+HG{R7^f1@;T}%r(-VwJTf8RC5EK-X96DD%J|3~Pgjm% zu<3auaEO_~PWPcm0WWd&f=q1rBWHuT<9MdhP!+805JmU4GCiPDmA2p=EOFB){OFI$ zt#e%Dg3)jiDzjEe2G_hPCFr0QBTSz&glXWIfkgDIT|)cGXCp@99zqwm61a|3yD*Rx zI#{gITdspAgKp%te8Ny_cSsodiqO-c?RC7=CNS8e$qVH%+(r_?k+7Yy?*owNPzi;W zA6Qt^lo|}3ZZ0(Y!ni32+>*qr99JvE2AmNkv);#DCN0I07TnfRv&ZDWC2;M$T4{L69SsBo&@60QGY0Z8{R+v+@|;Q=gCVCR zjOPI-nX!w1fBl15SW)tEv2iQmN-U-rK(Tx?sI5<>TX+&A@C-1opOlewVrj#6J z;Yvbf3|BPxiODCWB!a32gl+K7?$b|TI1SRv9qZmpm6KEy?d)HiCsk#MOGfM;p0NZ) z9ykFN6i+hE%?-hdK?lGG$9Icgk|nku2`7Zcn&MO>%y9ZJ;Ot=?BVdg&>rO==n%{2^ zl_u`+!jM)g5f9+3{Y1Pe+05tmXh{>3h{QtCY}I43xnkPKR5WAgPu@k15miqR&#UJK z_gj><6Av>R=M3PjkqQFv^{g2Uez92geqD%Fh+|fvAvN=h0H+Jors!UBm!k?nsu()& zm>@5a0~B+igf@&bf8njcR%<7rEI1KgjE zE~dT&$>jWuI1uGfim_&j>mfu$)+DSwYq9LW0I~ooQySl)iK)wAJlPgcHQhfXTC>Tg z!T$i7T$ww@AR=2hJI7_*ko|6Z4+0&9%d8&Y$HNa8L=aaAhEcLXj~RLlwQ$ly41T>t zxPWW`eR30q*Hj(0YrMYZA`6Oib-q4uQImM{6$C8a&zpSz0QEwc&4A zC=r~@RN|s08o>Z?K##wqNC^?$WId9|C8v9jhE6bbVe8C%3H!$B1Vz$g;{y12_k=b~agAXph)uhQzPjRWq&3-VTEgUw4jp&{J*!sW(&S{R3IGCI$xkd($ zW#&hv#@!LGBXN42oUG(zU57#rOFn1bC5{4~_r${b%WYLeDm*2_!e)ay@T5+L&Y8iu z0~Tga$b{UQ)*dt4+7$^>L-glAuHu^qk&lw`VK7RL;zC66W2|*T6#5YfnwK_v#$oj2 zAUq~40@6w$1k9)7@|?L8T3PvqN$~4gKZK?zf(%gwMzER3vygBWXz3*52fQFKfXOuP z+%YHr0009{6)jdvyEL^E1u+T82ndQS*mB4Im^deXVx#?lQmS3Jwq%BlAzdi=#PlFb zR+0H}dv6u8qTC0%vo#KP(}F3@AX6xsl!Xf$7=zY&~o5 zo)Tzp4Z=x)WR+@iij^24iusaVt{Jn~7f*$cj7{hPn4m7SH_ObyADYJHhxEi|79CLl z8)uhT{=J#`T`2fr6iEjUKJr(3J78e4;mh1{K%$b#(mt}~`)DBvhDjgZAgvHV#;2Zr zz87z!8g9>ID{5dx0qO^Mm;o2J-T}@TeUI4p^2x=FB5fc_;oAi%z_gO4?H}p)iTwyE z7XWP&XG=`H-@RhHXO+nmB*J?Kxp;QQRNE#e-BKsQIDW{u5~z8U)JYvMDw(PsYyy% z)!=lJ#hK{GQ53|;i8`mRyacUsxg>Pp%VkXAO%srzq;kvgx>W};4tX*M-_@6g+1Q8T ze><@hhuGxT?8#z22`qL`w1V0&l*8>}Le5Mkr3R^Aed1tw19MleGlrQPXA2$6TUQqe zTp^N@WggMMA8NIyo9WFlMP6D-nE2J;UQd+U0)mK3v(bWHM{!0`5$^(0bBE9x=ilIZCK@)jSB-XS(7M4ELA!?=u~ zHADyzC9y3A7VsWpzz1rEa5;IB{{AafQIYf2#8NO&oR6KW3fkU6*PPb@S1GN*mvLLY zV_27yD{?b1C=bmUx1yvz@z!Jx%G$7dcsCJ?h8Qg%xLTJxsKbTBq)je1aG-o-06#li z1-bFg@cLM(RmC61O9Ju}z>xF3Q-~Z0hz^tq7~S(&77z&_OC*9kP2gYwIRKy)^7~w2 zINR5U{p&S+hIosu{TM{f@2LmUK67(eIJqx7zJ{lO)UI1-(m)qA$07r~DYU3Eh^FC_ z^N3I~FsMV`-j*uhny9RD+(+wp=1CW5I^edv^OnEv1aI;G0GysB$-**=rJg-x3sujl zKW)Bok|>0kxsfWq!QL2HQ9v-+Su+6KXh8PtBW@yTau$_(J-_!28ft+XSAAl(TWoSf zl+wAhrx6%;jIb5!X90{%n4;-0+vkBT;cUD<(=S48Ku}Z32hjMzV#X3g$(E^t5TAek z&p5kMLVobkEg~{Slf#^5(_S{;;&)lT zYngmFLKcSFaiLec@E9o=Nt-1Sq)9R356?{5JX}Y_`NB1bSw30olM{{{AM2fA1fYHE z5yQL~5D*<04rUVd9#BN6kwkr?;K(*!$xe>__&u(RqT~_2s(3}~AP-IxPLqIkw)g8HqHyeiJCXnQ09j8$2X*c#bhw-T!fduD@OX1J(bb(+7t#(e>+C)kw zp?RzYQ&lYWa7~Z>lAtcb1T|tf2xIAly-BGd>mG7@Bw-kMsV4P_<|SnbhT)dG3FrC< zZ2-v>DJiDcfVPmwDMiy9(t--)QTu*8;2{qH z5Idezt9>#VEs|$+aB_MwN3W|P3H6EgRMXpW%1<2Aj?c0&31ag+JmjA^PBU11T*Ir4 z&UifF(87AP)K0g9-jFgbPT?BzaZ68~nIq`Bj$bti@)%bT^(Gxq1{+d+G$Hix#0D8E zAOpcqqPF5BjX4BAs|{BYxj-m21m@Xn*&-!NpW8$-k0&#h=4x!Lo)injnu^H+HjKky z;e>jUl*)+GlHclB-&{s;xSn1N!|%OV}e3q8wp~Xp2&%2HmpWUk`@!8 zotVFDf)yfDZu-&O0R6-){6YL@-J8GT9(Cp~Hp?cyL_auiS4la}@*{(OEHs3jqmCA- zaj6TnX~I5?_<5k zKs>De*ylL7Vu0X+`No7WIi~>RYfd&lQ2+%p)(}DwkQvj^N#_}s+i{r2F{yz&)PnB2 zj8)UHstI@q9rJl8x8f9}M{@lP6r|-qMB6SQe_UU)VR0hGt%&La7Mu!fMy*-#lG?7| zpcXj11M^{4D%*Qpl9`5u(80?6Mk9u;8Hq1&62C$t|}(j6d| zV2_36Euv`%z5($+{_@oT2$MvE?r!)rT8y8iBDGYMFKmXk_is55}9xjM4%n7sFe?hzfy>cqxR)w^`P6 z#1xMdj+vI`VnWI#xad=#PYaeMQ@1NJ67R~7>6_^wT~vWSmssf`!R=K(j(NhuBn#u1 zI2;k9g9K@0_+Z3Hw7YFcos4BMKo@8$Tr+yepQXm?L#+=oCQ$K(InqW{y%kr5X+TXt zNgCw(_mM$fX2Mg*kBP}BCMRM@?1Sey40t*>)8vnbmVB|Ml24e7QI})5tat%^c+M0ti6;z%0_1Zt)C>XcT;PsGh{)J^nMmBm zL0jn9(E{A7mk6+xpdspl&Z2Td%9;y9ehf+gwbU_Xs7Kcr6ZnOW%p61Wh|=dxQ?YCb zcakdMbTFFj;d5U`2D$Q$PcdORFqI@Pllx%$H0a_SOOQB7vqd-`AxSL`MkMsWk?{v;R2v4joKmu%-U^~bI-XuU!`Z>U~ zvus(2m`Oko4bLtt?gyT%cO;*X{N!1oB0?rTNj&_q&L)i~$>{$8ZWPv%?o!!fT^J80 z5wSYyAIf-@O>y7}=q4y~wIPxtojZWtix=;lbZL!^k#PYBEUB;q$fYmAo773rD7JGa zeR4kiMkT)kGW0-FS&W&}cU!}PuR896#hi2=80dtCq(FC-# za!+|E*u`U78`+)_G2IiianHe#nhJ?)l9X?__OU{oKH2q@d=w6{FI1H4ERB)qh5~aF z3z#LnVI@S^C?I_%0h>Dj(mB8IfD*|RUG|I?s83R_PT)K6j8QmeotT z2Eut0mpwo^)v?604HFn*_ze=9@DD1(FyP`qm&N9r0?L&!OrrW60NY9+glQW^dyyo{ zoM2e+yngH+>2D!B7GuR>*@|4D67bx! zZ^JLhWfoD|za++5G`Cj^=k@+8*s|=F&1_dJ^W0}5k1Ky3YM$udITEBS_0K=h>{w@e zFprh>=Lo`ihKnTSvK}wGI06}-Sk~c-XgsDh+KRLf)FaP~o;u)M|LY=TgEMiMbi%$gl_%eWs_R7bvKJ$rX3ZE zZA?D%d@H;a2VuVaJ2w*f%4g6t_1XNal8Ck?JE^vvYCY1jGps-6>2&t!Pc^O}fFtAk%HQo?wkuM7r zA{vMhwr1RWVdvczg?j*pF3(WFgC1Cy$(o@=wogei={{%K_`zN`mG523fDT1p2(GV* z109grxWUyCvLL`bhGu4Xm9R=uK=|E!4(6F#!<|FHmJIU6Jqis48i+0bPR;xrO5ksf)%Do7o zl#3;&#CiUK%0AdgUVSF-2{=sNHbhoHMAxxPo-`3QrTN5alWpLW$-G*IVju)li@!;Q zV%@l7jdc^y7;*hYNE;!u2^-c#Ky|mvo*!{cBcP4DZ_YlRKNGApB}Ao#+V~b`HnE#-J5|!d5(qVtJNsYj_KV2^cvmO=iv=#X@*y9$}_w zXUlAL)+E#kiE+4`t`A_7{zEE)prct_hx<6vu?kK<22gFp^i8qbvotfjdBGw9vAt^% zj02$L_y<$0wt-*@;Q~03bc(I+a2DRa6}9~^7QKMM!-5LVOhWu*Or5wp;WMr$XL-zj z;EK*2AkeAY1F&_m`} zm*DJzo7P13gM%>s>_NO~Mh*6B&S%J@0t*P^ziWVfA9a``%6^%sh2aFJMeDi28q2~DkEG9t%Q)c1sGP-uWhi~SkpwDurMN=Yg*owh{nImj~w zY|72d&MWdsR5uCcey7N(F2pe~Zs4q5QwVwU@KLHb;}l~GLV%Fi*PTc3jzVZ!m>Bu& z?EZw36$>;3%*^!U^9^SGQZz@A*aMAgs(8eMbu*GC%MF-O6vp|-qBMF`XV3RwPBaXF zFSQ^(X8TU8YqjlxxFaRwSpxN9xBN>o@RRSwgaN(0A zbs-2Scz8^k$RrTy;7c+jQOIf-<_KHjTr1?M@IaasHD8Q%nOl9 z8z)=7ePo3W;W>FFNt8Yii`NmA0J4d6EZX3Q>Rbwm25RNZ@JCnC!HFXi85N^pj6>zSW{-wZ}_a18Us5#Kd1C4 z?Z)6|6o0_3Ccw8TaG4ZBntWO3IipDk?a)25&PCcWP~K0^ASUH!43NZ&c^1s^9v+?( zyna0Iq6LA4TphM5IjPc6VYDbigx8p*c+GNF~o%A?^jM3M%@(P{(Oc)Iy z{7FD=PiiMNrEdBH6hbbE#^%BTChRSZog%5)hPEyvyr=b4;QJbpp zSY)27k|h=yJk~6iTY02>on>?q7dLt}H}c@^T&rsl{E3V^2;S9+q*(s1B)ky4P?C78 znRc8P$AY3`gMi{N?57A_nuQunfR#!TArhk;g8m8KP8WyT8XX=5tUM_}UNC0o0OI_);{sP&^pu(~^NLQ_h|HC!1p9<)$W=@BEjJIK`@ z5l#-jA>#=8&t@?lXrJ?EazarwU)fJyGKE^$jk4oj=;u0I1!_g&U2!Lp4Hh}KhcY5C zioEa%TJBNxkb*P7#IjhV3#>!c2Thwnybyu$cQ=`Aozq+mG&i)w_UAVUpAoi-8TiRb z>i7&N-blL<)dmbyNhhDEE%GF!#E>On>JMuM`V^o~h*#qBIp!o%FF|5!lwKw2C!syW zus<38gkMrc2{I2N55_GJMIsaCQTuqwuY7PCoEaf2HS&#^+JZr{NLoYTQMWYwM=xk_ zokuG>l1X8Qqm){T^%}sVm9Pqqz7cyPoU^Qx7R*}$BfkuLU=mpe$p_`@C|CCcL$>ge zV_QLqxVV;E7YXzeA`-|sFt3YGv~Xc+wuMA)hQ6?Xq|$=G=I5GhVP$!kWtp)7rc(6J zz{6}TG?@{VFL>7MG-#!jrGvxVf<{5{OgssR6FE!+zcX?+^B0n|=${A3&*k@y-zW_d z#i-$>0|8LNM;xLq%oDsFL~{d_6=t8ZX2VGHd@sO_LiVW{8%jY22qUemO2?QhC!`3% zq}Ga_=Cz331dS2Ergd|WB1tgyNeq9!ayYirKGIB0!oFt|vl;;+4QU!+a;z;TN4tuF z>n--(J=*-goEqAmp>zb!ob${+&e{+F4?&bh2y)^Efr&e+Mn)`dIAl+>JasNe3@~te zzmn?0>CHEVQ9CFsdYw7iia`n|n;euCOEVx(aW&p`*bCZEKi!Q5Q0@qow-=X|Pi~qe z2&Hc=PRCS7!anA5$9N4y4^q#X=*83yN11=uA&0$;H8@mf#uR!c?cnh%*Nmw$yCT-& zD#Ki{orgs_0;W!SM|i4dNZjjZ(NPnE0Z2%s(b*{-E+-2JkS$#jR@wHPDJJSqaD{lE;CgZEhT7r8Pw83AQ1FYVDkwdWH#tV09BPD+gIP zRIm>sc5-%PWYbgG$igHmwHrL* z2D1WA>z{+jawvjiH{wh9!eWWx6SG}nigpr&qK^>LD8S{?V4N0;GI0g9s0_r1JB>Z! zJuWTlsgOb90FOp0rIpGcK_HAuTGEqKCQs6hi#(5oprT9xG^G2+p`v800!Bo*RyiZf zMTDVWnE1g?lykANT&X;c7lg`&G_I__$2grHAk(wK<;UPz49X3}E8~r*Ed{Jv>v)3< zy)N|W9Qp9R70J|kIc5)>gM2Qr2Chl7sgCl*A~7Nh_TllL--ih-KjJ-Fng^13ej`Fq zl|d<1rG2>VR!4+E%DK!KRBk~x0tbPuVoN-8q3LM~cyf8JpzW8pmmbB90_7gHZPyyd zK+&L3#QBweV=ifdAOTh22MPk4ptii|nS5pDPNL95tG9w&KYGN5vjO#O(Rj;fSu&I3 zv-$xUrr^|uhb_HW{xu3@NYTmxK36QF3~EGZ9UzqC^=pI@yfl992~_&B$|!fVejX5r zXT>YX4UqucS*kG1t!yUBE*N?YJA)=M1~z04e5QYK&TOR=38qWoF414aN6-$+?s@2G zlO1NHDhp^m_sg;c2uvCz{ErM{<#@D9pz?7K#bPQM6J|hWLv{%&d^#~1AfS!R;yCO* zff1vD4JJ%BhyXIimWV1$IGF&^oQ>4!?<*iMUAQ9Sh~pf#3h5>!`EnrKIl&f(yzK>) zb1`qKkDNT-XUDex0A?ye2W)Jk@K;!R{&u2{Uz+vmKNYkM%-8}UDSV!~M618AS2R zF*K1P3|-hRun?(L+^MKok63#tJlkXKJfY(V0sBJ4uTStO?gujA%1U1u+ha~0fF|sG zpF`l{quL0eBQFg~r@gpukt$$Bv8jMOrfX|3Og82m$7ZH;Lk42jS};Z(REEdCC&xBR zcdCciz+3esnN)1RlvcI334NPH?>@gdE~dLcFOvtOJx&7Q`(d{}jw(xDRwF${+WtSH z5~C|4Bnib&aqkX{9z=pd-p{bnSfQ1OP+{7M1e%THI7^6-(mH9yM6K#%m;{N!Y1T4T zPm)596NQX;Y{b$;i&@?n<&=>EV78=V#z2P3NeVZpN7UdNf{?;q$(hyohwxTI8lO+D zvqMw1Qbgp59W8K0%5upS+e_WxdPFx(NBI3508)RKYuDl662iECWYR@vI1_O$jLi~! zhk*=Y3ng)Fe2LUIqUl?411ZKr#Ro{zd&YqaH5-Yjvjs(dNID=Lv^y$F^5V6*`c4jV z9SpO0=#YKl^_rf`>>ql`JetM_sEc478f=hF_Yaf2US!ouiY1^af~u1tkqISlHH~fY zL~iDIzUwL08w{yZ+^@W!@NL^#uW8qvVzxx(3~LhD652<5o*^j@5V7Xh)>Sw5B~mM? zf3bqr2B5@2dCO8y0Cx98%VeCzB0)Lst-ye$kjL}5jr9pg31#;~P8>l=#lbOn;EA|d z9VQgumOwogevTU{pGZ$6D3B}@=MUpPMblV28h<=US-fa zM<9Yupa{XB4=zlGmI)O+DEh+p=u9VEWI$rBTucF{G;_t_!VSBcpNtBk4=Nx94(^PN zw>DOwh_C$^G9h|-LT$xzV( zTn6Ezybw7y;epCltm$|##S@&ZZhuYdALKWjXr#5}$`rB_X&s{Mv8eM0EM$^HPYta6 zFq05kG_xF-ExgHZs#qhR$2p)!Qtgx>kH3cImZio#En zXqhBZf9*G%iMW&Ff9+u>09_JHi`4%Bi;{A(?cJ25-1N*%VnC^bQ6#M#OXiB+HabrR zCIZTknv7CjxlH-LF*17qr-IfP+zQG2KWg`3#3d?U!;4A*v^#C!W;^i zGjQf?)I71_?6@VrC5BsUQ9E6(B;YS)@!00^2!uO&d!C;J)h<53kixqWNb~V5Y$58m3%)4ysl2jjEzl*nwn>1 z*0NCv&y@rqS{Y)`oO(^l0QMB_KKaP9gNvn;t`aVHS;-kp0B|IZYJ5fnAl4@s4@esv z(SJxM3$dXu8HNPkTg5CS5JF0@ZnZN8K^z5gAR?H%t{z#?q^XJ67TaXiQ0Qow;of?N z1L(sDm3kztziCJ+KqSit7U7F5hzt|fB5LO8Cj73&ARlRh!R!G_6U%JAdaS4i8Vp}T zU20s;zlb|wVAT^s#~EA)n!I5=#D;gmaSie36}yq7iY!PtiJov13IU-0hBAE@dTe)q zWdgt&1B`DuND^bP7$&{^;LcrD2>XeuwA#Y}>0?*xCPdjXUd|j=xQr)6%4lQgw)$X$YtB(5v_id z#fk{hrgxLjhDOf2ic|TBN(}|0z(f0Wiw#?$Ma9yZ+08=jvUe|sEaYuh#lKEU@cy=` zVEW8Y9??_?6%MfT!UgIHYI=&_@Z~iC83!nB>kF!gBUSqqymwB)eg%KNag%U)N|Dy! zp0|@k)k?gG&hZs?)lY11(j^dKF!1@tAAtekZ*z)lcTkBV0Fz3xGO49aiY5gbKCqlG zpd8Au7`B#>!VM0I{QMjMADSvG+dl~J6|BziPVxxyVTT#mm_ScICr!JR<+hD2_4iW{XDwT#pq5*Ft>h>64WBVY{&^ktz~ zQVZ}10Hq+t>}8>G8r6=d{{VFa6EPxo znHO25ZRXDB5n%6?mSfSAa-^vvTo^e_1JOAfnWLzloO>y5gj% zP9Yo+dQpuqvgCyAuKgSY&yv7z4yXnq3&xe^Z8HMXy4IsuBP9qzloHdlGJK|; z?2iP}yT_xphTI2ji`iKTsto2P+>XD_1R2O?Q3>ID;FCfL%o2Dv?K4hssxotTFyRJA zlL^2**5gC9M0y-xhSwBTf_w5{JAzqKhnOBqUMLVcQrgYV9U383;}EbM%F?57>YgT; zrhJSQuvs@Byqeix)C~kyZLhAbVVJNTrgxqnSAf7&qzegm2=a`8oh}~M_2(#Kf(Zgf z)X`PR0gOqQfORAYQ+RJnvKZ5i8;lQY8B~&%ZPjZhiWEwdCXGMX$n`=Ll+r7U-Ek?0 zgUPiZeWodh6D2O!!EObkoCQ^mEyL`5yn#jRYa4JTsHBD4K*j?G5Ffe|cKfVzAT5g3 zCyIaQ$r4d&0kqVoR}gbBjx5y1q3USCiuq(^2W@?h{{Vqjy_-emoxoTZ39MB*Q2OUA(V`QkPU8d&T{{Tq-*aB%tOzI=@E6z-WWU^je zA?|qR6(HnymPovL>j1}8L%KoZh2wWY;^^gz=QX^iv%)6Vh|!-~!#bD}nJphNco9;8 zfy^EG#_ob)Ih1e%^@A%Ugg*f_1}uU|7kKPSVeI8bDP4dho?gm#!%_lQT}&O$z#-V?Pp%J)Z9xNZKq2;HF4j`G zQZ{VzVVT5UL~Oe!_Q9C?+`UNsvLs-2Fmm~J`Eu<|R1z#nETqW+TgBaVB#M%H0xo?Q zj5M%+yktQ#B_cqMTQ0Z#Oxo~pq>^~0fOuXM7!|aiKf;^L-86T*yZ8wrh;9;a%^^G# zF5N71tfft?K#{xwf<#oF%44F=95uy6fO<7M&3>g@(qwq#2{=dO$A^j;PRbKxKZ?ln z2NTVd+}$<8t`>*@#MpKoo?KvSB}eHL;b%q`-x>BO?|YDdnJ&2s1}8 zi=V^bA3-u$Ik7YG^Oms3iODE9{Wrs`6tCd(#g6nXP?W2xu5uJ4NhQ0COM49Z0r!Bd zQ3{<&e+iCr(8u#p`+X;z8$*eoLdK}ur)^}hFbPwpU2IohZV448VwB=v-NAWiLM;L& zI3jsWbSlIEKn|e885=u-QO1Zj5jQy~H&}Lx3;zI)%m8K=2YvT8{9>mS3$s5H7w)mG z{-gjba@_HZ3=##bmP%=N3yMtEO1lxq6F+x`+|^kUhj`W3C&4N)Aw!M7IN*f2tkgAx zXqrC6BAc^b+x`vm$qvE-%(pQyn@r3% zNY_EQaSj7vN{|KuW|7b^9AJxw$+IZP%c7zqbJ%}Wlb5CdGm4@-55#C>B&1@X!=glO zC!P(FZxD!Bt#3uMs-4ysg_}H5C4X&EBZf~F=8+7VFo7|e@v5xzh}vqdY8BlkV6cR) zg?vT`zYwon34ff{Q~-rVueL|y0Cgk`FvF%b_`uL`Sn~?ye>~0_c$M7}2k&jezVqtL;*y%mL|Mi*M^utc#ha|n6vni z8!lLs+G2(ykWk9xlJ!00jv(g}FttxJt}yIu*X!Wh`?DqUX~yV3y8Ps*B?yU7-EGA} zl3}%_I(2@c(S`$((3e7(0rbOfh13++I;$jZF&2;tBFu?zSHyYC!b>+ny)0rk3kDu( zB0)>=MaXzJqb6uiS0H^x`EqYNdEtcNx6q1WEKX>gs8E$y*42lcymHP}Hi%cl^U<-@9WcaCM7?i70=^9^i1o+9pdIA~L(4kd)K>mcbuQZGG|;~2r% zl(O${^~6iQiE)Om9?9d zz!FJ`V{#U;I{anDSa5kWwY>O;V0Z8}ZC0@ft!(-y?-|>)OTv1- zaM)>rYO6568CdRtGd6HUS_{aM%nj?K_`>!SWvo5#3Sdt8;;x@K(F~rFIR!@}knVYO z!3X0B_`IYjPVN}?!H9_(RD&paaXQbC^IfKid=spbSQRNk`Z{he2z6iT=FxfEXoBrB zmcH_ru>ydXod+xDHiN$eI5grI^OE(_WWlH*hVN!KtBO)4NQ>;zHHGXAlX*NKx#I^r zFC?bkV(-pLR~y6^5LoZ{GmsR>X_s)mC~llZ9VV~=1%ZIL{uE@iOHf{d&oGQ*=hFlS zt<(6*^F|;fr-!@sp|5p)WO=Z_GMu&mm0KHK$<|ER!8$YNcJl>S@P~=xsyeC44?&O# zw7M_yXJnEhficFvu5#%p+ZR$erUJz+za0fQVvg zBmS`HF?=W=;B$*4+|GW*FRYWX^3-zI!e_>DiZWOrUN+I+IMQ@uL`f}xsPa#;wUzAx z+Ky5BSH@ATTN`bCuChALhMyoPN3|C}Jb{on;#uZfsb#Se;_I{Q!wa z%a?KVkUAX9Zm$WW*)>W@%Xh`T8v%mM1P9hdREZRzxl+RKlO&$=DKlUUGX@M5qfg8H#(1a0>LK; zDMjuzd%%3~t1T?qr+MW7lh(;5&F>Byh@u`y5_vEiF*lb-oG~J#mKanJN#(s@QUh{L zq=t}M=R2z=Vt^3F%EL}wR8&-L6BoTxA_g$+qAgLupswG}f$&|8z0RtxXu+tGhT+e~ zQuJmbcQOW_@0IQ`qR<~J^N=D#ZNN(*q~I&hvL3LzBvd&04%(i$eg z?EAw>&RO%=zrY$W0+M{BLARUrkbweo0Eg!Zc;YomOv8w@Vvx7N(n4Z)W`b_u{xqRi zNsDm24m!bfL;NO6m1g>w~y$@9B?IWFI6pk1PVx#@wz&;>w4gmiEfYlCf z_+fxu4X7uGTs81Plne0gV_(IZs%bixBc0C8wH>}9FT!CIzG_5SyUH~XQ6(3mIX`ud z8U?JK$Hp|J#*rnH67yGB%eM%iNRo8C1VEUxLr6Z;3@hpdJE>Y^{{XF6Ba-Oz^2s&V zxC$0xJV7d6Vn!%( z7anbG@kU5m(E!4 zbb_u$iMI;EF zp%RD5_GH|aD;0fMUU^e#B!VY#b*A|L0Es@(!UMJ7!m|TlgxHOrIDg9%6ax~%1jjhI zs8uJajcXzDG7y_|+dSU+m2hDqge9PeG`TWzvy!A*n~{m{l?E^XuMU9EneiF@g3Uhw zV^hi+S%|Se6@o`097PpWvryaPDAK_eAmBo9YXbiO%wg-xJOfVX|jGc zvsfXHvXP-6>r%t(bl^c2K?O7&65thB4srBgp|=5{mqU%`3|u@3oY{jz5sIV6%+Q_hAPAmI-1oTZw{mCgHAq;0Q695z9f8vjnPj(4o z>mmRX2tpT}zU2&{V|76I%`n_7jvW$Zv-ycPaAFz!P(-TmWJ_TwmFPi?CXe9xMxN>yY1?MzkhX#yuWR%p@#MU>s2MkN?X_v+wF$-=7q_p7k z1Ho}2fx_0?ZsL`ac?l#m7@RxB_*MubjN2+Sx0As%ZJlhkf1sPVF|0G=Z30$57;S2P z(uY@9VOL>MIqlrxzBb3G)N{hJ9+oH!`%K3-I^1s) zmOT6*Vgr4fyilx`Kmwa1`zM9dAxQ8L_`jnxx3+=&3ntRpAQ865zg!O>5?3y~=eAj- z;>DOK3Lvhs0Qdg@9Uymt5i9Tc-NffXAoA-b_0ni3hAr1Va9NeuksfPA-L1fkeV}YD z{T?xktgM_`1}a98ZbbS&gXGYrIVt9TBe)sIOp4?nBGqRkVu)KtI*_JjEFX~9WjFi` z(U*X7xh2`nQdl9^6YggdJ$6wRQYhfrxx=e!W$S8Q3>}pw`-`kmRfuDdl(7*MokNcM zL3Ph)I_o0(k&~Dub$D^9I98G5$IpNn+eJzqS?9po%6k(UEJsAE0%@GvChQX@3~z@Z z0zfKAmN)E3N}u^5f9$mZxbIp_Es&N8JlPNWZw09&!Us7Jo2SjG*s zHS;B%jfgwRz6v(tWLlXu$0MU`2n7a69WYNqX=?0 z)+;*fPHD2f?WJP8@+rnrsgw zGT8j&9|a&w0Viq#+kb;?2!KF>X(ahC3%z~-000C5t}-?|0Rp07XgnsgL=Qz9kc9fd zWs%8M0YOLif8^iVkja1`x-@Zx>m!s5Tn+L5a^=#&;#9HY%ir;|*W*HCK{GiE9Rr%C zZ--o#VfRH$pA51uRhV$H38UwzazK5>r^>%S{OEH)#3TVp8TK(T;ghr_x4H4$ope0O zKu-jv;UqC}1SL$)+nu~coXRR#kAE@aCTv_HRevk|LG+gB2Q8TfppT5nBjhqqp%Xcl z1Iv+O2-0Zne4_nF{Ivf7@W#XoQe><4%4UEgzWC_l?Ztou3Z`cMZx7>Hw@W14OcE=1 zY|+waO&-B(AaG{kLan(!!}y0-a#&0d7mQ^Zqd`TKsT0O;pdALdmOQ*%;7EBm2Wywt zs3z)9;HbqxB+I+LFa**`iC~h!hgG+BMC~|j!YlPy8VT|L04`tu0KzPUnASl%5!_a% z3!tHKD{s&8nV_Uy1ddfq8k!Q7()em4>AQk-y#-WUO|vdMgS)%Cy9IZL;7$SrcPF^J zySoe$+}$;}LvV)R5Zom{=Y7w)|996}ch;=EdUkbnS8wUP=c%Ww5SBYg`zviD;VX<} zeoo<`kp-$Wq^czE16d9<4u!TtyxR48zV!@g4Xm8o{|i9%`A_k+aJ%+K_>NBXBv@-_z~1{md)-u^u-DWg zkqTlgGi0br?%H?%59uk*KwtJin*p^9vy6?Vn?@e@|7rHxKHkfH{|@38itUS(b&sT6WaTZ|A>ln#fCy?7w*Mm!g}qJJYn?47Q~~?E$vF z{4-X#6eSGTM}?&#sSdO-5aHVFO1L?$m%;0QwL8(0j)!d$)zNK_&YLL5Y0}D)7dG5t zn*Gm_IH_p8Q==3V$(NqQyY2d-r(XMqSN?`Bz(f zC>Q@Ij#E+iDpJzlz@Gc-5PD0JnN}al+8lPfC<}gcdY#|QI3Ss>3FV$xDehU`RlxLe zRN)$fn_yycG5$b zo?5?5E6jfe@^O+@uGCcE-_ceXbiyFNzZ~t|oAmzA1txeERdl{y5NdXitAzT_A|Awt zR3G=V06Y#ztFCOWC;oZ=)aE!HcSs!df#8d(a%~@tHYxOUwB` z!}zB{>k|a7!n^K^`d`5G`nUskPvh&qZEdx(rM# ztnZ&=+r1J+BU3T@m`CA&AGJi#UbU?L0*ZUEK6`e!cwC1?dx$c|T{mh@>@jK9xH}nM zSbPg3*BX^5gUiI%Epvp+uN!R;F<;RH{2dfp%>>!QDNIP&PrV9;;u^E z;S3!^)|*UjC5f)Z{#|5{r03?f1!bjmw~~@eufxtWgaKk=vnCO!-(a z&Ayf&2&1mYeQGuE_>`2cSHvoyw0X+QZ-<>k2+V9o(;9zOl)_Hm_}%F;Ks;Ssw_5S{ zY@ToajU*|4xw-B}EZllJe84HY({aQK|3I{I{)zplA37|_e2(r;f77-^uJmGRSA186 zt>BDYAl?i@Cd%NeJP+CDz)fXj<%kJ}WI+?f_0jxETWk5xaqPRycfs_?J@>Jgi#zPV zQ~Y{^-u4ny7sJ zcmd;3=9FGE!uV;~=If^_Fbb82JRz+2P}IuDnrAKBK~$5c3!|S+bzs-_m|q508&M*X zES*+Yhom|gy+L~1ID0kZG(3Y73aNysvG7X4E6z(H7Y#Vp*B4MezrLRHRG&gLJ5-V2 zw~62dZ`S7u?qp3Pp{yMF7<<%QdLN@q^1n^O*>hFcRD#ZZj8xVZ4s^TxtYW}2WxE2kt$hgQPe8!%%{eTzct6;;Fih4kXO4`)eNsIkF6Qg zL)3sWf3Pm{@*0Y$628#j7%Z+#i8RWREz^XlF;qJX77b1B4<6dTfw;}r=k2@V7a=8f zUjjCiWl73{x#3)vapu$akuI}7mM!G#cr7B`&GX%)nxBBoVeL6-`+xT#&Gf>URk|q= zlfy1>y+(YFUMA2K4J`eUOa0wNM6JsjKMR_U&*>p9Ot05pXYs*YkvPr?dFY{{#9rV! zHLGWC=c)Q3Rt3(^&=J8Wz-J2V=s5J_Y1BjS-IxMYt&B7vryu(fZR8tsV|#Df6-~!y ziEezwm5qzVfWR8${LF9ly>ML~j>bBMs*qnP4P$UFYk8sFn*

      PjThl4HENCdL%2q zYtQpkwJvg>6&S(^Bb!C6GaqR%L+LZ=kqVmBkU~BnM)%l0VGP8FFE)buz{GYiFUgZw z&_S1nD_{**-~3X?Tx&&4)DP13fw`+$|fvOP8LkFaGA z8G`hO(5&icxee0j--e9O9JX_QX{ii06F-R=MdP+4G90{)514oFwW^-NG%mHLD|Mf8 zYje53B}=U>jDqb=95@HwLZcwlkyYn994a&pvCH~)%xBViFtw68C9`#r@Yw&Qg&2y}3T+A&2` zAks}aKz-bCo4Uv>EW60NL`>}T`z9oQca!4T2JI;4(;oa{8!6<0u9$Cvr~rP8m_eP- z&DH@#CCQr^;^Iu%$p;=QN`+ySVxr$@sGAo=*tpW;92#&juH|-nky8c3b!oC?{FBON1OY)9nz6h4u`cLH>=iKbh~~Th;!Kt>it|q zEb4PmkN414-W-qOq~R2_8-FIK?%#zQHlq{5RnL=o8S2Ekw`Gebx{+I#*t|Jfd;NXD zJUuxF0m=IJfDVNDyiu=}>xS+=cZvF!hrrl4Sl$qnDs_JucVx>r+3yB-je^Exb?+kO z%<{7@FX;$&Z10GMZqi@dewuWW)pu>7yIeY)0Hxb5ruh%mw~DIU|A2X{akphfGnTF* zdqG>gYpDaN!ey)Sf1?o1LPbX@sHbOrucW6hLko$YotVprebb#4a~X)NM=o%5w!rrtOq zof6OZ8GRi$?Jl`HR?(&XECUtPxgt%Z6)KFDrT+0hD13>;Uv1-J`NAW@&UAkqSOnWk zH;2UgMNb3aw7XARb%rij&g*JYH}cc*FSb1?{zZLEq&)(2oB{VM76$@${J>x3bSrbu zfjb%8r?~r6&tdOD>f^*bGrJV75v-}lc+B5-i5ZjL_vv;<_5wt8{zXI$n*WcrOIdLz`CjJnZia%Z{xHvC*b6ARP_8tTVE_8NxR}Keo zzkV)lBh6QXTKm0tN*vb^9b}na9}w;wUoyFzrwT;E7raY%CT-ITDFh8-^7)bBC)hJg zDffD4aL8=z$|JMN@NPE0 zi=Y)6|7;& z^BDd|1ED8r$}9e1fGbXgYYcLT?8_XLeyrESfQA)=_0Ek`Jiodx#p_hhn^D{8Y4VyT zmj1JXp{N9T@4F3osVwp?gIrnTFGQ-^{0-C-^#gN9QNs-kY@?pX{-zxtsS)q)*P*24 z+Om6=TvZ@Iap81p76ntu2UJoq@Rs3uHRutsKx%X_k8p71C{olKS$44F)Z{gsTvW!1 zvFS88&WO|EH928MWqO1(@i4kU03|UR!Zm__V?-qX9O<$^Y8a5a5$&tRFC$xqS~d++ ztb5GKXmK3z2-}$rFGwByk~O5Xat|edas`3!7WYQOJ0p`rc6>6Eq>sv2HT^^ETAZSX z-*e)N?!p5T`0n3s{|jhq0}eHw#nyJUnP zTlH*QY$|v$)iiRre*2QMmG>C)pcBtlb@TwpORRI0wWyT*aaG{7gcr&5oLDe=mk*Y; z-qS^{-NnGC#iJ++U#uE6;COLrt8d-V35Rk58T(UwVN-{DF?x<;ZRU& z@Eul@u*59&jmqyD|I4VIxQ}V)3a2D#PUvN`_=uNvL{pr>~bRois{lzW}>r z_GoxV`{|X-yqC?b-y%kM-Yt{nsQe_S27xjygoF>}}tMBD&3Hw@0`>%?+n)e`F9t5HLKCNBy?{fF!_m z86Yg-54Av!pU>}MAOvCv^z4-tt_?FcS$b>uNO=(&;Q9*p-Dbjr)@=nej<=xy0@L5@r7Nbn}LJLTQk5y!IqotlnNCK@uX$}y4$ zn&)gN-%k;eg2F!^tUmCHau>^u$EUEhkNzQ2cdN|`W9lX+r0si&e8NQMs$4hbr)bN= zcw{WXKBk1}anx;<@u67eF0P$4Vb+@C?p23q_Rv`SYBH7$vnCMc5;RKcadu{Oj7!|+ zuL8&A4}fBa!ejj0lzoD#y!biB=3D?YPf(R9!{a_co%h|n%W}-Jx{%RvaU;Bn*e@)V zAwoqOG1Xg=4?kO2Hk4)habh;L)gP0tcyOMsG&MG!6t2j$eJGVUjvX3dL#QB?7uCmT zLEehd0NKEWZ>{}m4M*<~@Z%@3p8u~z46v)5&m z)!+=X`9lFD@J~jDrJdIh4y=sVgnS`~l?#&fwf8OxnQ&PQPH*j>9pKt>d}cPY`#4Oa zpA+HF;Z&|F_QF%bDgwupR+K9ubVG+WBZjV;D`F=5MflU~~;l~m2NTs&PxpsUSpYne=z zY01iveUeq@If6!ib~Whak^YLZSq1~BIn^0}APrGN^R*QYOQfk@K`{EA9diF?9lZ-q8kg=jB87WxkAaM z2(aV(?Yz%Wvq#zGMBq8l-i^p|#{ISoPv>S2$r!RbgV?*F_-p$8fD1*YQ>Dwqds%N& zXS53|9cy=}%WvoSr_EppfnJv(;xVz_SqYeY#HbEhd`JQ+Yw!QPv7A?Vy7!^k5_VYhcDdelU;^CJyp$XoQ=G`PO%X? zOz0$+YYsvGj#$wWyAR{#&qDuYX1XhA@XLVX_XOhT7t2j3?928IsriI1c4Gl9a%hBZub}Xiza-qF$zZo@dIvIeMYg zb{kra8Ry68a4bFh8)tcsQ9YsXY!dw zuh1&V{?|=~<$RV1;rRV-oa2ni-UX&g4bu{NpWFQqijaef>pTOiw_=wCvPHQxg-Yk^ z?I8zHrIH!k?i3JQo%goiEFbLzZ=jP%+@1n3O&%_qie>$Q3pgZeqo$H;Z=-GzCPGxbGkwZ`!`Yt5_?+3w09 zT3Ta0!>;iIrmfo^Ni=PWK;n2kla6r>EzX98q9~PiSpG3XG|fyN$Dt~Rb7^z2RsF&{ zshSnE0?iHfeZvsYC~33YMSyHD|2`8VoOxH%u$;W$6HgJ}oSA$YmlA>e$);qt|5N-2 zxWe!Ot^gq+A)$f)egFUFB|@Dub1wwrv2}fKDaZL zQZ2MrD-}{=X@NJxG#P{THnm@yi>z2l(%)yVqSn?|4;Uafj6Iji4kLWm(kY0-Hx|Wz z_mp_vNTC&1UO<8iXj4Xqz?s1;;R8kmm+c(F52dp(M9S~cpSbCh>ixf3fW(^Y*PkEC zF_7#;fNI}iOeSn!G*f@#PP&r4MOic6+ z+3`J^sqjJnO*!(#+C{hH74O@r&;-U<$|UQiF@9H1{uno3%#DT%>73@>`%x z`h&ce=35KH+_+!*P7&PCP9!JTX1O4x787tzo&E95F$f#I4t5wNM#TI^T*8&W#fdZ2 zsliKiVQ3h1oVR?TPC=n8WG53Fgyex=Su}wrN3c0{Pp`fDOTYfpg({08#rxV{z#f?t zO%N;=eXEy71HNnQdj;aG(YFaj+U)puz zZmOGA48g95#y8K`3L!lIRaduwm*DNI;VMGU)#2Lj)3rro5E4Obw=1|o#U!@vp}L5~ zEec~ER9K^U+Ow!X5)$Bhp$^54Aoa*Hvce!Vef;J!#)jE5BcR4h3p_|Q-*I=#C#TR0WU3XX5)oKEg%#@sPGS4LLI z&yW0ZRFLXxwLV+K=37f10i6~MX^yMT#}870xN^eQw<^=p>kbMmTlV!Hm3^LTNbca6 zRVLa8@fv~IzW@XhNbl!(kTil4o?$?#V*d(C{u-*k)V*|IJYs^7a!bSpZV>a(diBdJ zY%&WRN{*EA_qI0eNtHzGNs=sXA>f+b9+zd4gD0=wk*=r((u)kvv9tzFw*N*+W7iP) zu|g-(eDw6eM%n0+lu;Y*C+5ksTE2rct#<3_;%^g=&CPOLHt6{k--21G0(f%G6O&04@8d#gs6ezsdWi z$_#qMsUk$=Yp;~95!%+HfO)2}iDO1xhI-%8@0-qvQuTS0_GD$|Kzdzw&;wEF`$N{KhFrr5+a_ z?j7@6rID0DPCKv#aoLs9P8x9JD+#kYbtvTK7f@ACR3WXuL_g`5)+cSJwHtUI zxSFrk62fHNu$VYaZ{Wd}js>g_PcFkVTRSh55DtMT~~Nl?(Yog50U11`46V z&sx3Y(SqF~XJ76x#Z_1QvwV$7EvO4`%Mqm}UN$c7!wT6?8jVG6+jhQ;T3`5H?X9vP z-7-zGe~#>hdaF`zc3y^6>#sTv5 zNXM)$*kaeZ#DO)u5BNehbw{W%$Fmw8 zyI0e6?h^jVX9_|`73{zEXZ|)mYSPu$O#L<_v}?s>4zab8+QKclIUKii_Nl9HS6l|qE18$n{3 zUPGj0q(^qL7SB&UbDv=0N&RVZ15T62a;&z0 z{6`SiCEUUvxKJXdvsGEZGo1dbQ5L?pMN~nKS>}h(bf%`q@t>-eIQS(V6yt(-;x`#M zHKMofg}^2Kl(4n;AM}{9hZhiv-?hmwc@>mfbGNcQe?9vW?3(rCM9YNBVRz;9x^kPB zbjlwiZpt(6m0Vg{37DLmX0GEf(Be_(^k0Ccy#o?ovPHt}r-~^f`w?Y%_W*br@@)`v z*eeoGsbA!;_4~xHtb~+*ip;!Fa$(}EyrAG&eMy$caT$I1w)6JMm`owwntzvY$e2py zDwAHxBGa>zL)~*qV3jC^FG00X-Fq#~Q+V!yAhhylri4IyJ3^NHXeMgHRzQ6HQei## z2lHEz)S&5#ZIWhe$32(NmFiYn1`sdljfWzd@DN@H#I+YW zoO(hDZeD!TPL-3uYt`M>q+*NypFgAY9z3h*{9(6wjg_myn&)|*%$mE;-*JV~tzaHT%@h-hK;FoHN^N=v7XJw<_N*_QFasyCGo(BbC!at2Z3Y;JocO$4el<^vWTPyOZ)uPg6y+JOd0N(HEtLM+0&m>e9$7U;nnz`Pu#PxcL~ld zBi^`CRS>q!Njh8+glru#ZJ4w z0HpbYPA?8Joo&M?HK60stfDT;hC%72yuikDl~6D-=h-4b^LG9|u>s~>{0|Qd#^HG9 zV$a0r&>jZfZ;mxpjZ1@L^Ashl&3^%M0}HT;)4S_nkRMf!pi+nWgA6?8;q5{Vv&_1( zJiZDUa}vThoMJ~`Umd?R1W$waW6>&V6htzcvLP3lQE1$TlI;SOPUw)oPaT6lPb)3Oi^UeD~UG$+bdT zAQsu-z)+4arMpL~-)6ne2IG8cd8fxuqOE(10(=vHPi~*((P~+3A!kQwu*im_{P`_Q$d+9ogFi*oi7>Y5EsBQMcF>$daG{?^N2XX_ zevi&e&9i*qN0-8lQYgp%XXX-ry5XIt37#vdZ$qEhUrV7}{>00hQ064s|G6tm5ULeb zfD&9kV>HriT0btbqLCTywG)#rKiaq)=4Q7ztx{R;tD}*;?S9r6B4e#y=RMX67oVUP zxs2t9IBx9b=3pS1+bpeQ(Ah;jx2E|6I)C9pR0{WwZ&y_85k?uv}PMh3xtH;n!9pndPr@ z0=3Jo!r>w-9i_=vF0Qyj|5U1hpUix3R(TBg&eYT2BHSMjKs1BD{d<<2f()Xt&P;2J zDSu_faY)5|i#WXyQ-gGntrWs@?XFc5OCpA@9kJ|}#GDHrd+(Mr=G_T=C>n~4*Ez_R z)#O*(mmm>&|G60=L>D{%?zfhUGq^bV*{VA8@%=LeQQ)H8F*m?;bfue2aXWt9Tf=JQ zGv6Ood|fX?zq~25fmw9A{RHTvr#y3m3(D zKIxiS3HGs6hL-GcSytSlaV~hDXSZwQu_x8}$an*WdO6oIiTxk~^V4nmpE{BERbR{( z8OKN_8xC(({b`x@y{%9%S$)oA=VD(&?j3CsdT}g2!L{F%(t$f4&pAkvw|^aVuzfkA zEi6}v>_nZ_?2Xs6z%7PxxSMVHCx>I$#;M{ci^)#PY|Pa1xxf5zal~cQ9DEMRzOG`& zNaql@um|qTsS<)a*Hz>l^UbjwLnvpAH`W54z4@z#sycr0hbz zc@?VFvZ4eQ?|?6>OADs+Wlk|t=8*6PJ3ZLXon#9nbS>QS#6U6aa&ecG$fLv4X#BYs z8DhYJRR5wIUt@bSU$WRTG}*32HZFtY2$)6Y6_rvAiP*yFZN zhlW{H@whQFO;*~;JhnH4^eX5b$+NB13ebD_q;o2ql(5<-w-IAU!xFpxy44M;!u5Tq zUPjug`}YcJG-6(`o8p7Qq*0hjLcUd6 zN<%VQ(llTLxgaqgT2Yy6cBVe?i8%GKq&p&V*ZOo(;YLJf7+tRNQ-Zl`^!z*nGl5PL zGM(rs&SXZO?+@JorlCfoCp}!dY>Bx-D9OEd)XA?0cy}ck_J%soobx5a?~HkA#rag~ z73UrmW8rfv@g4CH#1_h4(79{Ijel~*Ss>c*VU&^)`oLs zYKpa^R+x#{ew%RVT5iacnsgHcdd-yGRX&pV3mwn%7vh5FZd8$62Z6`SWrC|rUzelc zsN0={nhr8Uw!gC&f~&GH?K7{0EmuOQdmvAV=A6LCFUCHL4^X{rVKGzzozD8(=rp$A zjAG~Lj5&`AwN0LH`{jWJthf*6)xXJ-;~<+kxl%tE&!M~gB@0;?hgP&-2LgkP6I`7{ zNa#ZQEW(^UDyRc)e>!KrwPVPldt^~##M*sb4au2r5Mr8QqXE|TFFM{>=``})yh zwAub$Wa<4JE1^f>?Iz(mw15WU$dxa@{yP#&AxSJ05W*nO70LB4;M>tcdDqvF_lt{*v zm(@mEeq?zy39C?4J!GeSh&pc0&+UqZw?Y$?mh^*gl{w_6D7Z)@W7Km|dX6?Q{M)c# zqRTgzX$?wtI{ncROXl%?uSxwWjFxbwSHAKe)6`og+r$jthJW$7>|y;N|N5QhE$hP} z^0}j9PG5e^lE6zP3BNseKDY$KeA=uPD>mU{T@Y1B2}nC|=BfgLK9ANu_UP@6ostIB zu~;+C`XydQkN+$nO(tCDz($6u)NW&8EtQIoNbvMd)+lER|MW1*lbA=*#+}1zSbT8n z>6{sEw3SqnralQBb^F&rJTxEkl`2*;W^nB4DY}+T$Hzp8jv<&_npu!WV@Eh@;2>@+ zh*`Duo~6QV2f4!UZzON)-@evWFec=UB|O;2<#wCE4#xunnrQJ3Rm`84iFc!4WpN?ckfNuQ;KCdo;= z$08>25%7=`tS&ej(&=S6cS8A*P7fz$gw>EtF`Be+EXhIC^zc+NMtM_>i}RgASg8CYeVbK5r_d65 z)5JK5s`}5JAH!8Zrr`Oxd|eu3+}Cn0@=FLmpIL4f<`@|Ro4VyrKi{L~Td4e+W;bt0 zk-@FRlmR6D$Zap%;g-O%YT=~dlx#Mi*)es`C?avZToJH%U@Vc4702#zHK4^I_e(Bs zIh&%1Sh185<#)2T`w&qA6IXSG>~J>j3;YOOP@uJ%i{VQ(XrEEjb#nvvPl3z<0|h2a+N zg=#U`cp!7`;p;(U)eFof9fdow*QM&uKFpQ-<-dRukD;M@P{)))4|L@HK~ZPZz+g7$ zWL6r$i~q@vaGOab1iC>gV`CenIN*$k*-9i66^1kT9i3BU0W;@z!i$c3gL3-a2B;lB z?DZ%c9|aZ06<>NTPOu-B@Y$jMaCWtX6l*heZ?d}m7?rR8um!u8=ki0RTD$yqR6Lfv}SVoPKh88&fruxntCdjPr#&h1RJc5RXr^DBhc3fg@r;tLZX0#B z6f^Vi5RZV!S)a(qhRTAE>^#0v*A^QsQEipOfU{Fx#gL2eI+fQNU_ZlD=0jrfHY%h& z4xf+$Vse(5tc3#x%ry^xl4O+UgfLC_ZZg;)cUSOH1+qlj?o{%H z{??Czqfm@tKKOo+BrQQJ3tCL#z6*|Ph7$O4qxFDKGdYSX=)cYg=cCb=)F_}@qyt`< zn@^b`O1ml1*a>y9TEuOYS3FLKG>lMMdM)$0?I}H{?tkT4sZ6D8*DfI``Qe`A;OlnWUPuqz z&%VV!h)4PI zyX?5V(n6LIjlb_q%w_dYX}_98%qKZR3~jClb1^~bd^pIxy5}6~xzv#MzSvmI zmF{o4oGXS0je<%=TvQK+xV`41D8D1Ka+yqFxR>aqbs6eRFGR)cXDBFb%zuN8e~qK! z-vhC!w3K`18eSY1(IrP$-I&t9`mFWGu;Uj(3|x9I+Cy?)y_WbOed^W~Ad|aUP8-Q| zJ%76^(3{AZkvG`D@wv-UhkL$x>4pkrN6bDXc0(K@$L3fwvQFcQ`OGWo`dvy9iV!i61dzzab`&?P~6fAAIf{TLP%g&Dv z@MsQr)(?WXs1D9e&I_toQ`0EbiPj3gbw{qr%pFTQL7!(hD`#n7*yMb`m&bPK5q&R< z+Iq$E@!%nYl=u!V-b#&#U@Nbe)3sh)x=fB?4tXVHKX0|*OdI2MJyt0gi8O?Ta>H6Z zXgAmLJ&oquSdqKJ$Pb4LIj$59A3cZm4D;;+C<-eoJoQx9gW=2OJ-D#4+z_`cQ}W|s zc0>9Of#Ux}`d<6te`7-XAIBR61OyNY0s<090|nyA9|!EYv;GrGKT-2KM` z_u;MkFAv-k;I2U`3K|+>(ElB?{wj1r7KyRq;q^1?2l)do$$gn9(zGu_vizG=ICD{C z0z|)&e_CZ~$zTgPL9&PAZK~+^lz0RCo9MznOY(RL1mwKRs~p1+#jfUn2;lC^#nU49kKwThc6sK@cCHPigdZ(M&Bd^S zIv1yZ0Y0@iia`_u47)j=HBCY6;;?k{un_f{Q4Ic?3$(fGMoDmx_Q9<0o|&SS5Cvp1 zkC2VZz*j&x5)65oCbbu0qxu;ZoIg(2KI#%wFufS5{|e3LB5Jl!#G>BF-l1WkHT*(B zW-Jfd@%Y0ps979{*6F)MNn&UCc2#tJp5lIh)vAv*$S8Uh5+ zYw-F;&Tb8Nz8~_>s3y}V-s(>?LS!!psbo6tL^rsyR^0#3_^k7wuxX5@V{;x9V;e%*AS67-(qAH9QB?rkUk_gO(x{_R5 z=i$_J1=5f&Uv5TWZly`!iY#HS-y1#ZjL1N-5_elq_m8=Bn2H(PEv(4xL@JkTcehM} z;|X$hMRbH3pMpdf=tDaoS|Wf0)_rBO)rFVPd#vr3kZ_>@<>bIJ*KJw!I5^d_Td zURDk{b_v9>s$e=*k-{bUpelM<@idv%6${clM+iLTTgjHTu{k3&wG<3;4Ri6iiSZRN&LgAZgvOgDnrF2ubhYo4hw1 zAkt`Oh=^d`c4d}6%|2Ke0dcx*HyJG%7I4PA*N)%=6(t5jE+QuYYT^|g-9`BXh%VuY zrVv36{1)Y*fjl}q9IoiwNTE#Yl1cao7bXV%7qI>iA&1U^pcYd_{Axs_GYkniF_^z} zL}e!a;l8MOkE+{4lTx1AnY_qz{EQO-_MV@KK~<3EXw%a$$|%tEBM>57OB@T~-cf}p zh{nyPMH`7^8^|E=Q>8>}kjBvY6;?zGEm)y}_tO;zwQ#DYPJ+z@eR~DA8TwnK!j<8T z*WyUPSrY8x%JlUDm|g0VrDWj;izN|ihF+JkQ08kjQSanFfghGy8-NUI*Toq9l}eJd zVpOJ|TvT!(XyReBB?<=slpoB|8IvzZgzFM=8n=8ahGOHeL+Z>y59@{#C{3`YEh3*{ z`nm%|h*l5$3z#+2)?fe@_YX6MNY6r9r|Z0|1mXM)`Sj>F(ykq$6u^K0m6Qp>3h9GP zLMPV{geBSlO&fDA?OGW(ONXLdIX?KDL&?<=q4!mwRyw25@GH(j1fm5*bWzh*S;0vS z=|!v=U7+MA>$oKOP^ zA?m%|#vxw<$k>YJhCa9UfRNB(Ei@U{Jy7tg34^Bc5yt?LV00dWk2vmruF0x6KsYq? zIJnJS?DJ!BIQkL=N-*m??`=pyRB-^bc1*XJ8P`cl11<2kI|ZV&9Cq*dq@8MwFN@oK zzy6?NgA@ZEK+_{qQJ;g&F($RL?;|LlLC9f106;XHad(2Ex;|J;%6kxtX$^AB3Uudr z<@`%D1wxo1Pumk=qcjWng|zZzD7tTn<&nsd6pG9xo~BX`HHP%}X^pGioDL=s;nMYh zZyH*cTr~FDIH9^A$_G2p1btuBlPeq>k_J)|bYwkCMNgjA^eC8qqyF~eFW|cCuK1|v z>(v2HS}0yD#E8ek_79#+a!T#%z&20ew<9DKDc)-hlucB2RbGabyUCV>FCGv;vH=0_ zZ|mxTl;f0s2F8WXJ>yV>{p8VGAY{!tfX(iT^+Vg0%*pffM;w9j>cewYq`|)cB9F8v zL_9^(-<41@XlUW9XhCc*L?u{y)i94fuf6&|l}>(A_7S8%8E{(5+>#$*@dV)#E}3rX zed?7ScYKcAse6v?Q~!3J@KrC3t%}E4J}r|%^nMF*_UNrrNFr7FC2v_YEXi>Ws-y<6 z%e9L4w^YZ)e zszcCL)xW`q!qC6r7$OM^w(!INMo7avqG<-4U`$LbQMt_8oIm4jgV!&+eiU5+6bUxK zW=#8}dMZmm`@@vp7IeXbui4I$Cin1JlMZbK+F1XQ)|@m7cfkTq+_iiQezM` z8HpDTcA2eXHQ6z~1=#9~6QpEyQqN3RiZK<6T8GOD!~tk2YGCiRf(99;*;gnsHxjeRpy%Mw^9zMrh+*?BA~d z1rX1HtcN+{bkws*&EVx`p8)ISGFs%I(XyhpV{dt!0lbPTctW@nC{3szj0kswlvDW(gh$C+YorFu8bK6N0>iA+Agr$s0bZL^_(&Q&e(;W*AWx z{$A=kUkaWmwRB=+d^lvEOmNX2v?>$LEYwPOKc#G-e{$A{VOT(2h({qFDOmO|fUhC| z6s~+mL>!ik0R-@5z`uu#PI=)B=i< z>$!k>!NtL@9xo}zXxvY(y00^P8QCQ8(w2X$TrPC}j6&eit0}+byslvy95<-sy&%vo zij?e;=b@Q0r~*6UP;iuus9~hcg($146=~V9Q|aj1Hn2rkeFDYm;8ajEv+hb3xvc4e z4nN4+yHbJT*%(-(-~2N@*xBP1kz1&CmQzj{?q>@UB9C6tOR+O?ijl3+!K%EkqO}`) zCz*w!2(Wf9qHPFa{LoNQFf^gsu$Y>}CK0j8lt&bBQ89=Bt`eVo{~?NOw*)$fa+?cG zORh>n%JD&!?t?ALbD2A>Jcm%czPborC?q7*eYx*95GnEc)W)Bet-gYbO97f4i{m4;5h?B0ktHG z{bmeA0?XgQv5^E4Z)M897a}r9KZgRne5Wb6e*`9R%RIt_Sy6Ojm#oDPlGyLtk|9I< zpp&V0t_NnU5`C+aF^Mh_=VGNsSCXTkVENI(n{iJEy-`n7NCSC{>SfD6`WTQ@#ZN z8kXlN77Eyas2}JED_S6r|2R7nTV^lM%pB=4N1w%Lf4*l2ife zctJ1MD*_QBM4r&(j7ATF$Fv75Fq7D%R8&ZMh|L)BI3NKr$lSXFFj5$zHb9pI_h&(J zkj&(AE(tn9@d=hL=~=HJKKEh?GdU`?A92(mOp2g}m=OHRxD-aUal75k$R*`I#p389 z3`8$%;Alkoe1(d>A6muxdx@-+R-Ytg*Uhsi8|tdyYsKm=CcbEj7+8hby}OpG_=>D{ z$foaA5RQVG6mhq3MkK}snqEUtBwz&j8x$GI7|;Y7CNyT&rHRRJpgzv|UJBofLLEv? zG3Ry!BsuW;+X-^BdNuSuwDX2o&jSD54>qO}cy2U@75qaDil7q}NfHF_TjBS+rIky< z#zPnt6C8*p5h>VxiMrE*K@3CT;BYN^_Rw8MfRD1*%9l16#1xuRN763?p6G!~v9F%( z9=9%GP^GLP_cE+?iAi&_5rcz1hJ@pF$cVAjVUFMda2AB|BkIgTuY)=VnYy0ZD}))~{hz(z>FO z@csD<&f{|)=kfV`&inOxJzwed5P8A62aZ>TIW1d6k{Q{}CSd%m0~~7v(jIuz2!3O_ zA$Y)B@l8S*@cTXz1=DGWpfgR|bU8eq8aalTuN|?*Tl0gOW;S*P1nQ4Qmpv@N< zU(ECo;4C7rba{cV@t*AT!=QKLbDs+Vhq7j@7KNwx97O>+8=YG10mf|0o_ z<4vP4PN}CH+EKZ>4a%2EtH5K@lQ8om7xPLF5SoYg^10p>v-}IR=YKzcY#6e;L{myF zUnG2;C$7^R9^2Q1&xVDK9%JpYq)kr#&qLu2YrkM2k^f-^;@V$qcm7D#)10DL{P4I+ z11)7bKLn4~G`~gQ4Ah>g>B+H#zRRTEY(BD;`4#e5b;GJ!JiM9!P13aS%ekhpAavSd#F z`G=Do!Nw$bvIIP{v}C9kULDb9z1XsFS5ZVc#!4J^adl2850`?~Ii*44G3_@h|Mws8 ztUhdCi1ZTng+J%?;?I7sevhZw)Py<(z!D9VQ@FR$r_x@2og(@K${5AWd}i?3!wdoE zlN$Cay5dBf!oP86WKs`CmV3k*vT)5q{tbT4GW*U}Wk0#si$T@bbc?$B#!;Rk1q~z{ z429hgAe;DdUX4H}&)2_3-D;8WJ#)eWqywelkvktv&sZo2z0lBuOyixc<HCoDrd_5@KMq0P5t-(>Z{4Q; z^!CAbx1*}BU!E9DEsWzB`vjLi;~U(p(9174E!Zj19N>4zmv9y5M<2x~>6YZ=ogJV_ zMEh?+5&p~d%d?tV7mDN!P|^R1gXh4Jrrv@SuriL~^>?q-<$Jl! z!0vyPIrXU4)M(7kFb`13 zcTOzNqB1bSVs}^SRMJllW>-nPiJ6{@r1Z;3yb4+#yQ`)mq9Y0RdhbGllFvCkjVR8^ z&4nVBj&_0dAUT*6iIpw9F+*Bl7tJ1H_FaNDBP`5?U#~xGAJzV5k|M30uV)c)TjWYz z8&|-^vIBg8n~S27E1h%^lM~PuZ#%u(7%?JJr@g*)@3)^d>#0gXI@4q1QEPHvBVcU0 zzA}F*Q0r}Nrakw7cwT*_MVf8n_k^cfU!0SHdXjyGAl#oMK(}3l{JLP^shfBHG>yq&knHw|)Q4a=Nk9QMV8R*6v)_3N6}32GvpS zah-oZOY(VynEC2Z?G8w`$-g(u?wTlpFUF~5>N`(ntw8V5>p1!8(sB+IW{`$}$~%w4 z8SJ4+sW4ls(5*8FuCmhcdXKPd)oo2i=pU#7qb0rwLKF{>a1@I+pf!C^%Y*gN03ND2I zP!erB4tjrNCoiGzxa_HUei%0W=Fq6a)`;g|QP%FUP(7C!A6}?0+Rgw{*ed5q;I>YJ z-w@YhZQP}Zigo~5R5&ZySbY5fO~!1Xsh?HaS~{%0F?41+;xa?)%ji_t0A3J^FehrDo7 zLC-Gn^8jg~!~LFTD$u=@2Yf)Gi16$WKG*~1J6Z|Do z)T1QPjq5mwv#2vi5+Ts-1F$CfNRc#RQ!ui$W|qZ<5I!kK1P(tQj$`op)Mbo9=%kZjICE-`f>o@1}K`TpyR&3 zvfg0^G%lzC!mj$yYxtxFB>LR8DjW(bXy6&1>K6ta4>{&cUw4nRPOYX{^6Lg}!sUs= zWXyH?#6StA?G_yhU5qu%2);O%6HG_$ZlsJq4mJ=iHX04vG(EvF&5zmMyP(eA2#XoF zJrMK?Cp>)(6{%0{xUW8d<*}qJ3Ded9A+ zi^XO$3rAZ;s@{BMSC4_j_y3i>w3GTRlmGcjRi$H^orhd)$&Ee9ubveC^~WGKzP=6I z-k+qMcZWwV5vH4as8fCQs^udfId#jSpQIuOXdx6_ioyGkqbWnpp3Q7IQVJfIdEA}v zz3_q4lz$TxtZ~#>|4ExR1rA`u!}Vug+8w4z70OGEZojckh_rA2#Ori!gzN(Gc~J%e z-Jv8vKHq%KEvhH=!U`w-m~Y?WM~$vE-kEz)$HA}$9yibC`}70f3ph=x?y8hasr$eS z6rIDLC4#})WM}KgWL_Cw19f9t{YmD{s>26y)$x$Er5xXDe>(AHq|L@30Nu+bk7&%G z%+eP$PVvWfuG@iFgEN2iP2l!10eR8v5FQ6hxu+P%%Y6N^hh@kk)5mfFGa@@td>prK+NtSC>tZ#Xx) znhfIQq|Q~tR45|pK6vG$_V)_m<&~DzcR%BsT-HGxNywjZM}ah?wV16#mqiEX{$H7a z`5K-4woLmJWtoetj5qLgS|r;2sjs?ztTEZHQl-HR zM27;Dlfvt{!zTkb0?IU490(|_LoCHuM25Au(zSuXgW#1aGSRE8M{ZK@v-G5VYz!?+ z&VbH-n!x4^>dS^4y505`q^hz0R%U#Xr_8Mx1>!OI>NrTD!K1lz;QLm4;%Nh2nZ%rc zO7R#&!GCYqi4SW2ov%8HL1Am1nP#Uj#73^PCMUtqJl6PSb1n~$eIz=Rr^gyYG$Vqt zz>(F$MrUY5bbQZcsm3IDwe!%vOu4{QD*Gi=Q2&ATB2*D3?^$i2giG<8jk50k+xL^d zEnL&DaWqOZsm71VQ?GtN7pvw2uRAZOQ1-bq{sY2`g(?ZoC`7Vlsa9UHurm7Tj9MSr zH64W7K6R~v_|h8TA~cF${!C|HfdKDH$d=<-!Ll=8*73xW>HJ*WtZ-_%td2^XKUacI zk_$AA&@Sg(9CHD4^QdGFVx1l0e5JiKT+&RDSU={C$Heg0l{jpLW3Ae1VunRE!Gc7J?z*dkE=I7b zeGg>?2~{#%2&{@slOuB@YrJ07Q<#zKa$VfE`aZ9 zNXShrlc&)YB%OFdq~NWU&0&u5@gu2YMY3NZI~y0H5cq5s%{M6P?PLF!-?|gHTxbPk z(HzVd{lI0S5h~fhPjrGQ8 z#I;{J`2}2y{0cmX;k(Yg74SW;Lziz_i)9G(x2$OBylB?q%Htavb|Haay)eN>cjNokX;3eR>_2M<`3U z^_JLYu>#dND#ef4O(?pR`U=B6s$ohuApenD?9WA*mAQbC?VZ;53+maY>X_r!~`1vJZIp z*1F#!GZF|#)%=uV_G>mgVKVN1bqasaOgA!zARqPnf4?h72GpvgeZS(9rLWak~uO6TKzna};3UD?OS$4T;sfkFpZ`(u7a1ADGc zVfPQ)eUx4GOWMOT09 z{(N)&e>z0;SJGu@n9;%3Sap zr9J^{!THasgMHIS!KI?g0bT@f;b}v?jZj?iQ+)q*#O}@fZDj{OU5tXty^jsDh@3Kv zsKM_Oca|v%2w{=_7Xm`_@|a3}L8!|UCv18JHVtQ+)XHt|6QToT@>Qnk+a3u`W7Y_D zR8{WRojSNG88+WpFe0zNtc?7TQn2@Kx(ijcSrx+H+bLVUYW74pYzr6g; zz0zzv9AW~oD&>=J+?`QS5Gv=rS@O_Twmxz)dUI9&GtV9L&YXRY>+73w0UA`nIoL>5 zuF9~mON6LxQ_nSjGAMvN9csF#v@4^33x%HoS~7(4wx4i0f_jWbEc?+F6%5Nn9j@7}svH_hXREbW5%z7kZ9T~Uo1%vflHqEMqA_eet|8Y#3?p)`BR_=Cw>2SFKws^!~WJ`(~X z!t<7P*Du+{%dy*hoFJ1`q6PH!2Ow9W$frtA9O0UzptMiQH&fD))fK1&Z{D(e199v` zY-pLQtx@ia16(SMBainy145Rg&TiB`$6Ht4lbw70Su$E9T?3oadkR(EV_BT1N_?Q- zUtbE1slocCBt8Y7k$m!zsgJwhV%hP4>@t#2LsqLi9kJTg7US%bg9Ph^lX2sK4cZ zX0OKkJ4L^M9&uhnvTW3^JB%Fj1VqeIWsfMlB$zAroHhHXEyqiaha0L3GfkRAR0yW;f9 z0LS62=DM%U=3!j+PorU>{4RcQrc)k2Gol^I(W%?OLD1vFm}E-cujNrOY~(Be&4W)E zqW7op0K@DvLow0^m5cxa&uu4wZ3?6V=qj@QC7e8c4FGvWMDTl;V~vB^Fvd|wJPK8m z6M)eCO+CGO+)%9XSlX9aD@b0a?@gEp-8#czEi37Rfvjg6AG^R?Bg1{dGLO<^_BGbx z7q~J8wb%50B#+Jk6=?={deBkuXs4-G`7BIxt-t`phBIa*E}DB@tslx`1j%G zg)R}1vWtyfZq(D>g;@tN*U*`wqfog<&#dC+1s* z6P%!}3L!|6c*%w6vljLc zGw9`cDdvyedHU*v^C6hV<30A=XrxD#t~-*y3(m@UWwx5cZp%9>4yQ^R1bH`d7|4IbxM|%VKY{N67fFUhr7o_4`zrliGVE>?L7t&H!%-GC_EqCW1i#L&KpnxM z_)oa$;Oj{SB_l4L$LnA-mZbzEIxp893qRcU zA&`wD&lb4fzpl~yvb#A@4vp_<)OJ@tRn9MJ-`X3B<%hpSP@a4WcI&9|O)mTu5+R$gu%8AxT#ozS(4&it*+uYq5eBJv5fg^jE$hDOClPh z&wiUE3fnH3$nnc7=v;Jq%Q<>2Ww{*+B7YTYkGgq+S^#M{uD3x} zB;&QjGHi5*j_h{50mFcHtRoc=6;hxoenI=4Bx^0$rXC!f-FKxNP+EWzKHr`?{fTA$ zfgYwYoxKBwNsA$r|Hp0A}2p>V6SmRSr1`HjXj;$Vl~MFlcWbTvCDZq+M)LG zH?M~ZZf?Y6PT&LN?YlQ0OCyU15zp5WjFp9JI02|Ose|R|e88JzPLZX%17c<4Op5gx zckNd}U(;qHxOjKEPlRyuEff!$f5~E9m)sE527qTHM@_lwG&V`(zd%@dIrs z2sZHab*@D*B+L3e-$(P*D+RO38??a8bQP!&a;Q?{Z8`{eLpz&&ai_(#9)><*B;6%D z;?%5awiIu4f=n?&xR?&=+Do3VhM`0xTuGi9*IkKT|yI)Kpf0qI*XzR;w%TZTtL4 z84zyDgtFoA)$t*Mq_9Ulr&OjTTW^q$y>x9ie~ogSu}D~L%bM1!61~HUJ$2^D8}OkD zsF5Zd<;8dJoJ$>D=64u@FGC>!b>$wTbKpho5?qBS2pb#aA@jg_{G`h{WBIJxX)#GQ z-={jC7+0L$4KXdc;%uJ@ijw>{O>7q(>D+zU`KOL|Y7)y_H2#TLI{Ck~>eL0P2hei#G8>33H6nSC7ofd~Wu@--5Ls%}~6Wi-5 z@ps#HCZ%#teE-UK_mcjnTKv(1k;L?x0bnq_@~(f><|gq<`>?Y$;`GI-Q)9tgS|E2Z zZ@nKX!0at@jAcxov)?c&zzVW`YC0amE8Het;WS;c{u9KXHz>_bUXzvzVSrn14zzkj zm0FBfL67by(2uJZWBlO%0dMlsWnbYP!2xa?uH8ZHLhhEXvKm71M#edyE7W0}OyjXK z{j_ag@nKSeewX+x1I9&*+A)-~pQs(&1Pv$T7-u}ci70|!0Dc_3l{S?P!W50xE9%|6n_>9{KD*JgGTiSi*q0wdQnSg3d6?3o3-<0jB zQ+MBUbZ{3YbNEA`?u`|TjJoxY)9;QHrhMLe@sfScE@K6m=iW zCx1UUg8w?92g^K~sbzf_@)p@sl;gS#BL0>yVZ zp9Zz`u8D~L*cSw4r=_thYyflG4S0w_zvHaSCH3BW(&wb2i|@a_HE%7nM};{yJ$rHn zCm;-aJ>IQx{gVsX)gYT?-|;sr!`0$+75;_OC(xW%(VU9RSXZb>e)CM=5w6`$uN4YU zI~p1n<1s1Q=~4re;nf$H%c&v$eQ;ven=(iZ*ta~QZ;aWy-L>1kd3RNLmUcmye(Xkl z#1cMJDCsGlcWHT>Yz0u@B%>|%nHj^wqUBe8s)Y88lH}$z-~I3Zs`cXaro zGz)XxvEZ!9Q`>ll$h5{{-MUf(>W|a%xL@V*zpCS|?`iz)KV;=lCvBroCtUa&xl%Q6 zvx3MoG1Zs53zmhEx`xt9z0~XVkEnk7!mV+bu4Xyz?kQeN|ES9yDthx}zf4U4SyqL_ z<8tj<1rNF6BTtIk%jPTh4?BIZdx~P$pWiGYDA@S@!-wT5!7U0liM;ml`rwB`*tSu z1MF~tPS@ujao_X=&pQ3ncfqFMtP~sSrvJnomoL3*E>F(3e+*#XXTrGp)sZn_NvtxlzbLN&z&aQV2abAsfurq$LWQ0H_QoyS zB_XEvsi(QK0|ZVUS9a+$)5szuPUO5a=)-+$BCg(&H1>W+>n%NkM@6-AYcHoD;`uEe zUa@zXXP;1;+leSjkE=K6r|Iu4 z%>UY(uu|do>mfXdk7Xsh87WD~%9S^Sf#}SAS(V$7-;cbA%KU287`V8b5H_mwGl=JG z?Zom%>-q7%hcEuRMV5tjduomGT)NDO<*oKgBn-rnTJ9{r@4@FlYd>E)_*?z&9#>ME zpmf-yEdCs51#V%{XmJzY>k|S7J zbpxM8ybDy>spc~@mko#(5v`TLpoM78dcl59=; z-<2IG!rFx1NNnccxqNED@c}Ip6#HpbIxk(Q*rv|qz~6@L0r{10k#~cWf;EZtX6Ret zwb~mZ&nD42GP^_#!ziw!VLmVBML1X1r@(Y)*@|aLOSoo17~f&@_k5~6zd_Ckq$Mf- z&Y@}&rNDW!C)0a|IR{Th{_qmG;s8-r!LSPWSm`R$x}(s$+{tJ`A^#R$P$mjLD`J=_ z=um*n(UsCDoGN&lydR?|mzFK3`cc$f6}@l!>rdMF{jx$~jRR@ztkV1n$PY;nofsbX z*y1m^nne4E_{wk)U}(>5PuBooJWfZbtRB6Vci1rwJavvsTM-Dmp}!*6$g+(cQUZ<2 zBhJFPY?p|Bl2n3YYG;~ww`2W|3rI)qr?UrE2JV2BDcFf;E9+nYgy?r?4q=Uf>^W!V z8@gk}c8`I$=ib?oE)`pvEV@tURm%LwUNcE>v03sWM*MGSZa^7E+Wj|_{vROf%x`1W21iW2zLVd83(V*`{kIdQ z*}4{=t@nhdJaSQ9t9r?Zl=}J~CG(MapQnWzS=YJF_KF~p!SekQQ`|g4$OaZOJk5e@R=0XVtWktvynlMR6d53?6IrO9f3qsPQFF2z5PCp^L z&jLmfr^07MD$d8}LP|sVKN!^msM6R`b8OuhglD2%2!(gvE-{1L0nRND%b0s0mV6V0vKV_I1mg?3fivvvIiN2 zBr-%)y!KM6_Zc5T-wnn%(q{6ftdE88QsA74G* zD<}K!@6_?|FMi_lk~n^=moAC;H1z(5n4(N)Yu0C@s?`}aHRC``tpdKmbZJ*nV@_l3 z$mUiKZo*uo{-|il%iG#IdAnQA>{a5M^6U`cgT}T}R*>drjVHzO zm$>w8e?4^w?(xPu*Qh&kTmF=1GYi8~@(a2L%nPZIb?`#UmzK`$he8|A^ZxC-y8W|A zaLT6zhUi^eOEl+wXGPtGRv8aUN`kRnop#x(vPlClGXQ zMQ|9XwmZ))N}DLABG>P7ef`*YRO86S`f&SiYkywieZUpjb$>qJ@kQ`dO2V0IfyXjQ zvU$0PGCFa0b?EGXHIIfVtW5Aco=-;sZ8pHxKam)FJ0t4@mmt>nxiu}DOBfgXabcwU z*jYgEi!H6$99PsN?_IjhZgyrX)bZrh&ARv7f9LvqlpE)WE!wy>xxqW$#}mUvVtK8T4^6*`?#D)nOvjBfGX*6wOz^SMJo~{!UX1Zj*_X5vi z#F*_I)~bc@-fq!544{2VV}RXxo8fUX`f^FLNIvAiUv+8P&dJ690BpyP?X>`Ddd>PW zT`)E!KVAN7J?O>q3)!K|tZn0yzhn%S=6Hg!0rg22PhA}w0@221OpFfiMw0>CygM>u zQIBn{;!uQRK`FgEIme3s=euKcGK7WoIiKmoo|w5ir4}G|CECP*O&QA&&<#d za(al_Zfjsk5PRH{C(MSZOQzn>idB*dmITDESdNX&-{kXK#mFXC93LyY7oVPy9(nE3 z2Tb=Z-Cst+@1w6;72a?yexG$<;MBPz{fb!?d+W=9j3h+JbzbI`M0Bt@7`+4xJSuv8 zUOmoBqIvhcO)zn5L9^V@Z98;O3&kqoH`<9-=T~Fjw{+rO%ob!hq<>Ac&tR2In-tZK zW7ORVX@kTbwd%@Lcz=YsyJEe9&P#ZL?4XUk0$&gR<^57c{^uvm_+{$KXjN`n*Xbw_ zB`Pv3dN4hQ1SBR}3O?tI_dqvDyEu)htD5%#tJbxG4^wgrwAUMl>@!gqEJejJl zFA|JQTdKP!;?96(l^(!e8;F5SJ8IquzWuDG7HB#kjv0=Vwt5_d7I7}L+G+-hMrL^Q zQvHDC^K%+Qg>rle#|1@%2*PB`7dgE^UjY$}#cUt8mwFE78cPe6hVlr^HUmev3@&)L zkMJpro9vz4)SJ+I_xi$5`KTM)zjcxHoD*s?(AE5};n(IoJfiQ0LOLB!RBDytQd1FWB#UzMf9Er!vF3eHvF_s5NH%H28( zwGmo?eI%MG77qqwa?y!49WR%UTrPpdWEAN3XvFIitp5Y*B%aZo$vuh7JJGc_qWaJQ zfjnh7I8IV+yyJn??5nx6);uyNd=R(eWzAvfV$%6zejlD#)n7y3i)*%!7p|Yw@6EYl zY$&}J`4u~g_^x44af4*6CDHoT=$ra&2{SGe2O%XdMz67IV}r$sU&DtvucAZyxn4O3 zY7)x*2yx;gwFZ|?Q>pcGbGwqPki9(r1N-q7CSZ}p=wm*P)b4WZsh>%KYu{TPCPb5q`JP5R zk%H^oe+Zru9vZ0ZOms*VKKk#cP^zyg61Vfd@59E5udHpXV}D1dkSwy$HSKzv?FFbU zJ^ZQ&g*@yxw~&|EK#(PERa7*d8vmGOwPSYI_ahE`3=6QG1T1#7%X3ZQgtxEje}I{6 zN03I4vNofA&dN6Xgv&sqVeoDQqU~a)I-*2aK+)V$yHV<$*){y}C$S2@tIoc&?fY(i z>KIO0?ISHm+NY5jzw<3VhlatgnC+igc`LR;+D-b{?KYf8{IM2K_t+a{{LRK8qjW<6UMC&%=A`cKi<}QXvd+RwAeCIjA^$gtMu$CwwMr(Xj>O#akS`6b272AXAdx%er4y zVjH_<{CjtB`Z*CJ8RH_m1YJVOf){BeRy&^_t*Q2C-qrFhdoiK4uh;z_@bahAQzDtH z)FHNe$dEI;UMc#QJMYxPietK9h?@G>@ANHCb6Cv*_r7qra_5Y$qW~;rUewg%!(XmG zmJXb7s=SX6_Kh!;tk1qcT~&4QHPbrFO4WALlSUF4|5U^{=XOv%52JBJ&=1CT`jE4>@(nZv&3v{xn^g{OYh zBrr5ZT4Ek5+2V)R@{4gfb54hZ%m1{#J$}iQ+kNboOscx`BAwW7EC1lR(S0SBo|P6{ zbgb1y#}QN_Z+;~Am&WVY*Mo;e5?I5ZYT%9@o4TpNH7P)pb82fC5q-dV=ND=L&a7aD$vbPsGWq>6OR2u4*i88}rr+AE39t zr>-|pcvql%Sa`@R@Rl=L zaU}G}ol|b|H(P7PMq8v5L%o-h*bHKE- z;z`yRMUQ8wKh{(^z1u9pO@Nk&dc2!N%|0Y1*k3dR`$DK#LcUn0qW^;Iw&l!We)P5n z@R@*A5ke(-J73H$x|M^byR@$>5VLcLAM|dhB@8W_0n|gl$&C=sLIEjx(Frkf$i4fZ zXyyEcAv*5PGyB`=#58#1oNVVv&)|j0urY(q(a}TaM)-J96lhyWi)j|?V}=iAc)|h$ z0nRWO=>S*g+7{CpAYm_1^)*q4|L^% zhjctk4__8KM-mWEDI#+TT0;HokQU{ZrenW9)@GjV&>vTM>(v}+NkTFe?bGV!XN8WcYRp$c=mt6n}diXZ_M!yoRH67Myc45s(;1zGq;1UWePL1va19Hj?MmLQ0`jMaUUfO zM#g=YMmF*{%)}O>ad*|de0i^{rqKPG&Gkxtj;+2W0D;ENJ<;d4Kf}@sE z)^vPeqXP5$m(0KUmANLsCUQHkULH~eO1ruJ=bp>?a2S6%lluTvgH!Ry%k*1ea4Y9% zTvr{pFQxR?FMflA${}gMXXUl7D{=j(B_!yHtY)PYES>@TH2qTkF2SRat$oK-;E958&&%M=YRU^AZ0-?5EW z_HP@$_$T?!v8wT1MSM?kv}snxD{30N#6vt2(3G<5LeTJ)sQc9Z7+X-LJ`cgl={G)X zHm`C~9s^ZwzSiFo?(+9x?C<^3TTF8eI7tc{Ms(Dlk=vrhK*cuH9s9= z4fl9{-sIq!iio#V>k`jJ0qa=n1mA=|^BZ=7Fn%5r_59~2TN8EbLwKoua|#xCdo&=S z5EK=BMW`>$#pS>|nj_R^zn*gc8AlTtw*f#$5m^*T!g`5G5Qz2SN7dgjCP zV6piEugv3o6$ClkC9{TKGhpgIeXUQ7%!Ql+9prIh=bVFi#6XFW)9hK*VN^d<0FeOHvU^6slp}B1>O|;&0OE%QuQn_xPGKLR zO1fD&OM=gfA3X+DwR%}cr>kv_KAuaD@IO|##_NOaZrssk=vvh6LsQR~0h z+tnVllwn=lu~(V%52}K;WBT4`)}x25<+fu|Xcsle1%V|GUgD27G^5>Nv%VpV%B%o*ka`X@ep6WlMt|p@OC}|8 zTmNtPj^?>AJZ#bB()NdslzY5;VK3R@J!>>bfNtY)mP^$NHlZV<<9M84CX?^TXiL>& z6?Pe8#s@jLg$}-*gRS=keM48bQxn7oz6{Up)!!-m^KS)|d{oBC>~PH3adBy$X&-Dh zp;NzTEgm>HgA+%&Q8$sJpdfvm1nR2dP+@vA)pt zLYP_mDK=`2P0R0ljx6x()cmHl9CsRDiC%uWF8l@k#}tY9I~vXxdJ1ykI>( zNIeqUD0NTmA2x&B_4MM3d1#A`kfw>C%%!s@*zmP&7n%1v5EA68&O-@81!A1buqdnIn;<+PMqVu~#x!dj?>}zS8r)j3) z-+X}o9Z~W{@+H$+L_LPFt>=8<=?*0OQ$J-R3}wxrZ~RL)jv!q9&hVW{CfSjDR1&fL z#))rdG#vunpxrAvW$NKY3Q%;pW!rj&qwbY8WI{j5@v#P zteT*UJI}yY9u7lizgGB7yd^nc7pQ6!1sF_UX%T_4Ow$?coW(2fFd1Qcb4(KQ~3+>50>k9R1$Rop!h!CMO zW>irUN4bO(G7G2vSi+rjEy-h7y+KzoU)0w}WCHW=-$za62|5L+LAWK;n)9YXp}|6> z;Tuws&d^1NABpdekobjB2DVvl4laT|YNLl?_ZFeg^_5JRmmNZXkOVXGSxv)o>>Wfg z;bm85x8#vHk|oLVaj*sqEDmP1*`0xlUB{gKKSSr?Pxbf5@y}h{d##IWgt*tdR<@9F z?{#tQYldW#(Gcn<8TXpk-jc+%w~$JGW$(-onpTm9k%Z9C=WqBt&Uv5rYdo>nyZ=1o zJ0B?eO4_>flcLpS+)TCos#w_tGc?BSs;pJXZV)bx3pe;@S4MJoJjp#5kf4V)R{WTn z94Qr<{9qvyX~rzTKU>wq9Am3)$&0V+sK#&o;QE59c3^qRFX|W;WAJW;8J~{VkRbap zAjT+7!FF4OI2Ex)`0Z-D4)nAgGD;|i!t>m-0Cn!T8>co}V87#Ab7z35&Q*tz=>T{$YI9{j)0R3 zsxjUruP>W=xuetcqh576U$P)aZ9!F+b!Bl2qZ=*x)y z_w(_OF-S46dRXK=pr?UM%_+rCvRxodlnjL7CI^=J(qUDyAyGaj?7zOHsP{1a15^Wc z>R6j7s)zu-S1B7~J-!KW>%chvEspciSi8f}$Uxt8WV>(T3XJ=E7{@QG`y`=`34(yP zkhm4l=Yu)=8ub-Jqrr3UeZ(!yo4Cacc!=G<@&ga1LeEdc@s;lAUqFN4yd4Sr{$GfP zU zW3dCy@no^uoPgqQRh(hz;hc&|OcF0c=S%wV(vGQ-)NP{$&rdHr78Col5wvKhrl^xh zW2xb{xXiPfldoRJQQ4~hyzp4gz>e@5xv>Sh2EQ0Kfm9ZsDspjxR|fn!d6H==9}C3T zt!rjLmfb>Y6w%RGkRz##FPZ5K^MG3|ARJu04L+5J!(|>jb+bB;JR$hA-F{)Ei8p4Z zI!yU{3p~z<{LHSb%(<^*lU2X#%f#~SU~m=`t}?A?S0S@~?3)!kbeIJVXN_X{5KE_P z+gc2~YEW(Vh?0BMh{PVvU5t~~EE#PNPigwIKl+9JuIQzwiBM2#FgjZCUAMd6{lXVq z*MRErenHnp{ki%NIA0Qo{!x1hHwUmWVvw@a{&sTk3Q|d-@K^QZ76_U?IP7my2^V!O z`zkCr$l-;eN}bs@GJkfdxR>eL`_s)T+<;h<+2P|4xw!E*39sJ3>J8k3TH0p_ep?U5^Orzlb#`EjLlRH5U z5;5M;Bi~YC8+Pa$z<6_P^JFtN>bp_Gg4}6L9bdWeh&Q4B#WSxdDqJM|@=-x9n7m7{ zecr;dtzTPNtvY*$ED{~^G{(`Gy3%U%&D~BO%)~qy7rW0IVqPwR4)rG%x)T97h&@gs zlV8p0OP)U3rLM-DFII%b5Yn9s%}9}cUFZgi)TV!QH$m@$dtSu{vkN%Pi)=Ul<^D|W_9heF3)os`b@JsKl`V(CnM+L1D}7ur{fnNV8GM>CF#;X zz#`rpO$myT6pad8Q&Ral6$jp*Lh`YWAka`Mc%fT=P-F(S#2n4Sb)wI_rM;dYrnx22 zCVk94)IRJBxsLyR3w^EVLO6G~46>*w?A7mPk)D4*-QV{2X<5o|`RC&A&3Z^V_&6RV z?6kF`@c1Ooc=-To0UiP4;hy^OjrAKi>}1{jf|N+2PeHh0R*NEmajoAGi|o8&s$^2t zstN-lvGW)Yjl}Myq)%2)YN9^f9obIAiSv6Nt__JpmfH%_`ikn~hPfr8 zgdc-`6(0wm9EqY@1{0%m_mx6?PL^F+E20|0fFUpS+aH>@U$o?gBY&<`+j1a?BP1P1RTEBwy#&XXnx8+ z!}|^~X`Hz;h=i9uB{+Oy@u2S<0lMNym!id$sZK^~BC&k+j}~7HIBrt-VbN}PleUQ> z8AI1ijG(hQW(dsF1>AuX9Dw7@FIYa1&}M}w(oMgXN+uED>eTLCq}qgC#|ylqgp=pU zdTN3tfD$+Xv`UEYzKS#dbr{%DAY7{^i2IC6j0f`a4slWYNRfrlN7#A|Y)Qs(<+mv2 zOesP!-(*AGr2Q~ro4hB*DN8!5XLJDAAK-*t1vbTLm&bEhXIr}~SW;R%Lp`<^T3y^- z`>r1-Gjc03Ty{il{)=uxtcu~Im!hH$0ImX8k|um}ql#%U2~n+AHYW;2p=9*+dT0JK zefx?n5_^6nYfWr*%!AN;F=Kmk__QW&!lGs{D>88U^U5IjbylujgjQ)7rd(ir09Dv_ zyElv8VE6GKaOgTdAh>G+5uikbcGobTM;cW>ImSTX%kvmFxt88T4ffWa%W9YkvHsvp zUejn)k1vAE}F;S$3Gybkpo?d~Gc<@sB<8sPq-@%|(?E<`?PuOCtZ} zlvqm$DUJymdRp*%jBR$Wr~bSU{KiPl0V&Pa>TOMf-XL0^>73JKQ6^k%^H?nGU>iy( z)3=Vh*qCkn>Ao}+4y9h~VK-b}hM=jZ_QV^CG*1s0Q$~>ah`u7$&O$8`MGa?_lSGw+ z)2E2y*Ulr<^SG*cji6ny#d2c#y+1muSsPMJ*Qk|e1+BRJ6qjDrUn5|N;(tjE9tVw* zFhl^;G!^sP$t3!HaMWIq`<#w~p725ECkRVYo-H$;kB=g0l4Z>}mYXO%iY`$}lCQpl z>rl9H0KK#bh)^x&5j71f{BbIY|09;iCY?pbvcd&0G5Aw|`{O@F`JQKbDdv%vM}CLq zo18-|k~fZo3d^tJ+-@{0Zg4q4Bu&I)4lp${?M8gyvnH6Uru|H&-53D5ALxM}ECm?E zPTO&VfSS+t9YH$Jp)1sl1oda;!vV8!9Fj=8Krn=)4sYz z!i-m@e|)0GJZ6eDUi(h^^Si#{emEpF^kxmwOU zx^EedQRNR6F$U5}M)8JLvP1DXz0jHJ%v+!1B9eD!4r|^bf6{j=?gIM1GTO&nov@zC zFBD-(gg#H|dvL_&E71$}e68rRKHbvCAxd}^M3EIyI2-d7iE8yc2oqN1=k}0~72L@t zxOy^dsaXoR#}863$x%t3W;fUW_t=iLwKi3J`z>SfIHWP5LYlhQ?2l2lr6$^!cD$2y zb||rU;_y=BCQJ#c${D|3IO$~T2X$BB+3|lL*k#<8bG~A4t40$YsOfO(Htznx`CCqo zs`oe#p1fnw{e9W%7X8s%s(jKG^W>6CqPCNPbdOGIGb{j3$2)-^mcae0q}yc@2^K#; zmv%a(s3)2KYL=JA@SkGO(zcu3n*GrNhNsmWZx9w_z8|Dv`~8~1JQ*ftID?x7@-7UE zrv#z7^b(2>+(>M$4!0>lnv`IUtR`BL^^Cus<^oUljJ?JQ(v z*7;qX;E)?&8KyY@oL`%Ia+w%b($nE={lpaIvBi2HMzQs6>i?LdcwV)hSh%Cl+ANqm z_TC*q&vG#tUULvznm))EE9H2kpe3n$2_XOlrGqd$dTQeJfK!dsOF_N6&11#{{Gm(c zve$v(y?iC-)h4GlNL@NRG~gzu{o@6L_=Rq<)3OXaz(Iv9y>{rfXUqn$&u)TVBZyG` z70#%pHTMyre5$nbfF>C*xt9mso%@u&oz2ZWm3RNN5^>)zR1TG})A?A(^u6@05=Zon zez)I_`d!IWX{(VO$JZc_$9$VQ-2zNUP8*iJZ~X&2^unB=iQyw8urY^SM(+G5JZb2% zMLg?}TuvhHW>HeSXZk_VJI8GcN~Q*YAWdivB$OK)eHTFpRo~*`P5-*YIn<)bh-PK; z<#%4005ZQQ;}j*qE`x>M5|$l^Ku!*|ZkRBylOod3j4Pv2`@kg6O~FCOhvp?gv^RF8SnBChO8 z`FL-fRaWW5JA(ft*Z{$o0Aro2A1$Y)CYd zUf@TC^GS}>TsY3L)~{KKh1*ZcN>3$c zUhiIGMB(XwVkwqYb)lLP4Qr4-40@=;1f@>6UOaiuYD>{5e_cM9T|$K5NN1EM-n@(! zXC)Ue^f^18E^!UCL;!NJ=(awUwKe9n-MvBocht=$#L?}@=Z11o*q8$+(U)^B{x)1!GO{^k9tJ7SfW7v)fB36P7a>wZSv*(ZVK|KC*-ncCWOJCEh?TY zasTU(4A>4RALqPg9D}qYvhjN4to%6hh8uGZS^@^H^*TB3XShYC=*uQ%dFcZs$r4f& zysV|D3h3D0d%R}B}1Ad0R~Bt$%vx7JHj27C2`g@((zx za2c6?J;T*HT!<@L(pQ@YkH3=fu@EOph~sSa$v#rmiq7B`{pemYGN{v1I87rK`#zvWiZ^Y`26OwOqpjMB0L<>?MSP8SMokFZ=kufx-q zxVJ+N9@dB+?weDd;`Zqok$;Xk7GJMNn^9a*Y_V^RRBCht@PN@b6!Wc{Yz^83{>5(X zZrKZ7IikHIPnks)$GQDsp*2<=sVncSb2v$#zlT-=yzb`0W1YWAwt)tsFNH-b#tZ5( z@zm(Q!;ZIo&4}V9WtXPUOh+%{koQ?bKK9R48$YiX4HFXRmC7I|$*6oqTxq+)EYRYS zvJb13i!OHR5~bL(bdfZFEl^cSUKV%QCs_E99F~?wrxzAbF-$31<&|aX z*h8jnn{el#KO8=tR$&U{5eUB*TCS24?2cjOCp1l6kiyjM1+Q-3Hdd)S^ai9^=PlMSCU6<4{5Uz1z zTj9ayXkaUic>aZIE#0DX;5T82go=_vo~--m)>==*y#kfz+}640)jnrB-0V;*tOpXu zt_~&DQ?Yq#zoy@(G8EnYcXMxu6RL7d8$9=p zO(yrKI`XB9HJPoIWC-7-&aVBGP~i;mBb~J=KN_(D;gN4R`geua_m2Se5#s3E6cQCh zGr02iNSsTYg$o?*ttWh1-PM{OI#(S054aBE(RWqgnu4bU{Qf!kmlJ)<=7d6D>S$iS z>#?@GQ{Y$=I-n6vXpqjo@~f)=suFuVk7e{NwLE=?yDwl&zyI;PHJ$>MriTUpk@R}S zFQqczsM(4Q`<79SchwKAAz7E)@66lj*qYA_IwiB1M>MRuWOUm+>GzU@hw!r~5#?4n zJ*2DTHF?HLP@k(U zO+`ZROC~|gp&RY4f*NpbiM$oPci}iadLc@`WhD6e9RXeR&}`hVOo2+75SB-Ib3@Qk z(d|?0<&N8;MhVpx`u0X)VWNEv!z|+PM6-K)Sa03+XlHcw%wt>D+|DZH@Y}tZMBJ=f zG+p!B4<9$EF2OLynFmPAtHz+)ZU*2PELN!W+{3%%|B$SwrAbr}uxRyOBZf%>frWJu zrl&zJ4wcUgxu5I=rhEo3vhf&fmN9JNOZB8pUTMIG1js2y9>*RiCCA;#()&o;E6h@# zM-?I8)4_%KHf9?AD*9L$^(Uxb3?m_YF{W;LK#hC5RC}eb_NXMs%GN2poyt$-^j-lM z4=XP<Tmkoy6G}wW!9(0QaFI&%M|5 zH8sq)ho1~y_Vs7H!X0pJ(cuylwFGF}`fOsMqma@?C;M(3H;} zf67ZmS+78=UFRD3nL_n4%>DtFk#Z1y!cn21uJCt_A!ynE#K<>D8VMf8D-#2-*V7o1Nto~U@?-n2s!&DU*5JTLS9@rQY$D-dXU+1-8DfmD zgI~C21X1AGLw;^W-+c$pkte&|$?h+_SYwlvT+%dKo2}4xRb|2p8ZRgyjIscSC7*yq zJ|A;!G3T*nXKNg^n(m-qXns0fu`7uwhi-fjAnZ_i`H)`w@R6N(=%qz6w!-eN5u?zGj8;7fUml&b;s(x}G_ruhhg$o0dW-DV`#cg8{dFIVMEj~D zz?k`47#J0O)Plv~Ogcg|H*mab!@zhEq(`ZgI|Yq7nSXTFc9()gx;giJURQqQO%+4A z37J0DSC5Wfr_yR} z8#-5WqIXxj@)wa$8bxet?N`q~7MR?sm1CxTPm)YlN<;-i)&y5kO7DTnl%9@1qYjTz z?L(ZN-!hbaczKreIVy0$?o8{_cF6+amab(QrJDfK(%^(2P{%O_gq63F5I}!%PuQ70+_XD z=2#eAyW($j2y9$(l2pQX!IFP(NWYjd3z0jAL1CgkY$kKOfvBZbEo&}glKQ1Z=Cc0* zUl2X6rdX4Fm4wA?f|_v5Y+i+^{Z-?sUz~x5k?bJIp5es-R4xIcNsYa7bs5ho_`K_a z_b6u!Vo*!;jZ70$!Rx*Bl=*=qXqi+zQy0I+?V^DnTL4@?PJk)}T*Y=xy!`g%jUR(| z-E8s1>%{|oN2m1IRkz3F3s7ToF3USChb0P5mk$xW zp375A1%2`W?#)Wi7dc!3*|R#_pL9wH3WIgb$Y_yc{{gjCua)>p&sJ4hr^hOlt;ASb zS>3valga1n@u*4}f0@A@b+6ESQ3y^FMaJ}&dE|Q%m88T}-v>T@ppo!Q>ctnESPYPM zV}~8he1^*$GY|os^^Surf`*_d^L8<WlX%%yQ~(Jq!oHi1tFo3j0V z;-&H%c*#$q_H)`{?ywGSeSR^YN1q&w>*86{@7}sLEPw0X`|pP(KVb0_eB>9QZ?xXnVoFr2)*g%o4S}rC ziPfS97JSH*$)O`~hkkt0l|)Dh>)Vv3j~BmZiMeM=$QARfy#!hs#4*=tAZU`{_4qm}!NpsONp&|D-^ zvIz|tZ!iQ`t~smI)s+vU$6wJZiQ9Ht&sMq>dr$0`7#qu($hKHY@WP}@&BMV$$`MxI z8y1i4o~fdxjih8Rq6BJPVpil`j&FyP8_llf0Q;0?AHH9)R}8ywHmCj#`_x)_zSln8F#uwBb_RooT2yTQSvq_$e6rAF|K2GHevq{<0K{B%CO;zx zD`{!RR<~}0M7RxEKc+rlSEVWsz%#o+(p^{M#RbHA)UJ)80V6{I_R0M1%N$~D`5TZ3 zyIz))t(bA76{I$8a<<)4pDV?}!a^t*>AEhJT$(vit7&YDascugU z@E`dPqKeLeQ7%+7Z@QS`^=`Le<8f#y*Vm8tnL7RpMa`S>i#>7!bwwD35**P4?dh1A z)?2b;Z;#3>!Mmk-ia9iW`^ew>5}IOZMg|$-te;7&nHiDg7^L$Z1MJ^PJod~UOCl~Z zsXs*w<=!M}P7XwjLEUG4ct80g>ij+u*Yfc6VEF+P z)vXDaJ&mn)5s@JGX7#46e*lZ?_2FxM#H^teg!y?e_`pcC3S|wsbrnNQ#wds%4p#`c&4-6t55E&(brGy};k+8MQo%!2Nt! zbPXpjS|pNi_UscJAX7{0U0sPY$q)@feCycETICxFC+5FZPI@X*_ltfp#1y05#H{yz zuk>x6CEdGPxg0B>W2;CM8l={fK^#;P?SDdi6(;BEai!Mi$yMjXA!^QbH-cW_ zU1!<>%x=Rq(e$UOxus|;OPfu?0>?8`6EIN~_A9)rL`wy-P6K}J zO*L6%Q5@Aw<6|*KOMKO~z2enQi&g7sge(yAHI{_|@B~8YF)xIhdF0*Fdq>83vYH)u zzqx-tOHktE2?SRHL1wHqs?l9puxEXr)KZhU5uYjRu~8{VFF-sQ>UivSu%N7VA4V}i zeDR3t)^AsLw+Y>nR$XG;Fn)zIchUt_plsu@#ADP^;L{UZ;SANY!g;+8tZ3ew^SWsr zQ;L_qk?6XosU&xiplhLhN@miURxoag(T-BvfAgX9(FFYEiAe>a(w}rd%;kS<8j`t8 z$5vB19jdsQiVxu!SC#?+_<=&ZIVscnPT`W}vXfbH~Xm z28MBpBZ@|y#pw|Rn;Y=wM=cPAvl$zCq6w3zrA167polZj`J}ZVbLgHj!;0vinm%W* z=b+GPlW+@`hbaKr%u+8@tA6sKe=V;()3IYbB36MS1g~sz5ze^N*TsI9^6xyIR1D&d zvL7ybpDvda^gUK5#$;O`eY*~yesy2Y`hH@gvkbJf_#u1IBGq`<*6c2=$N6?YHPg7Z z^EI??h?!zQ?}|Bqo{S5FN=@mAC!c8$6R=c|8@cUd9wuv}yKgols+*o7V5$k9NgTQP z=TeHh-4henMupETGV}(owg49w&^e-&8d6@2W%ij`bbMU2Ov$GAnF54RoTYWqS&H#( z*XuCsO(Vev)BkhU6EM5GU+9x-@ktK?X+@^Vh1)CQ+mdi!(a)UJo>Rr zTruhB)`V4W%M)bD(4A9a_y%F`yJ2Sc&j{5Nwmkj!WR9%hg3<9vZ<~g72e`#P;SfRe?W9c>NRVms1c{$`#WusA+c`O$DT28uYpj-)9lKJ zb8m6z44o3&xr_-fWhSd9gujsq@N*%kN&!3Dj5zKb&oSXT5Y~j)ze$2}D9# zGG8$=QK(aIvAQ*O?zojm*GE0E)`*sB|52DD7e zghsp~#Zx~ByW`0r7&ujkOHFB*{9-cMM8kYuUK3@8chPXE_F4tEfSl94o2tdLa2 z!0Pa!uu7++vec0srf0>Zy$&EouP`mUYwnujsH0uk|D58yK1M9$8po6RYmBwbpeg zO79$oL3OORZ=%SF)Rs7S*ct(6bhu?lZH^b4#^e(D&7LH%|NX_>?M{AVv-ABDo0Gvw zZ%yc?1j4CIG%&u-qwIO*P_({?XX(i38WGJ)KxX`}7EOE8P&~n%D$q$-^vob1+hK1K z+_#DNP zJMgi%5T><~w;ZdQ54aJrMet&4w>9p|Mc{MY54HuAy0`WS+w6e+>yurhY5MjM49@?c zhtyWNP&QL5sk`+^Ecz*)D3Y`DhWqmpD z0;P@<&J#nxxI4|DYrHeSm7V7+AhSca@IV=P@%1iNj;q0dr7G9W|K96le()n=Mf(T# zzER{77n1O@!oWBXZRG_fDF&S$IH=Uz#l))Lw@YL{{J7G-LzyPR+L*~7=wg$|aD9RE_g!d8g4&A1w zl)=O>y9tVkJ880R%p#7*&HWgpIZ4e|<6eEFTZsQDnQbM5p-DnJ@E7uykBy8$LFCv_ zuIA_fqn1A@41tOo{D5%}qx;8|=ol+>@Hu@m?A zgp5K$b`%y~{sZ<0DJFst@p!q;n4)7opH~__#5ESigh|N&+^XRKt&n`1npIc(vIqb_ z>DsB|xHB4@Y5&32crR1S;~((h(3h26@S@y&5)XfLb(fwi`ybCP%ztkf?!qFCQySUP znI2FLlsY_yMDFiJxn{ZP<7`#y6=0{k zhGw+s09O?W0!DCvU#GwXlt<$8=pHR++2p5iU1R_jpEV_IlJh<+JkYJ10RgrkC#=g` zH-SVfv!w;wmRS=3fI({jsp`MKv;VDU`QZu38|fH$>RImb7Qsy0QC{&1uO;RRTq&;B zh&2BCVCEDHVH6)L{zIU~?+nde2iRZAkDr4}MzQe*e$Y?Co2Iax`C6F7qV8v<98Z(c zS`-)U%S?r*z?d|avoV56O_co+5-p=Ak+8oWBe zJ2`rto2q?Fu{^3gN*VKHlaByVu=JqH}nIRbqdVX=V>6}ChV5Y}dtFo_b3VKB> zD6y*4e0PEuwq+cA8yzlF$EFY=B<8%LQiCm%XOpO%BhxaT!rUNP0p`$is=uvM1QtPQ zm4Qtj$S#|iTBa(`T|*ZhiO;!yIg6}|XETGN1rVud-Ou?@#S!47SX11zM>0ZcjhL=* z_KOZTl}Dks{_Q&P(39I@LCRm0nm_r9B^OswphOP(FSaW?H6yhL&tTJc4V}Ky+m&Wk zJ*!t_D&r>)&YmM)9MIunsc%6kLnM;vZAR*XB;JP89aUuFiB zK0gRX%tNDvVw1>LS7txbk_>Egx9xn}@b;iM`-re;p^WM-=5@$+#43DPO^``I*deZ0 zfH5YhitmYM4}W*shj9kn(!?^Cl|*mMNln_yX~nd{Fc1V?JI=kuL&!GwXs zE7c>mHj+}OD=KJ0UO=p=QM^=AB*$E!CAmzb_v_TkGdHG_D3!0va~H=m)zE#0{u}Y5 z^%4_j(Uq|)fE;vE(H0dY89VUNz(>C^3RTgDcJvF?TK`h`SNADN>MphUnuL;X_ixCFY2c+ zXX{o0carrMzp*>7xyBo4CGIBht2+&TUQ!5z?8K}~qeWO^`6kaSI*Hwyv?SQM`~zTa zF4mtsy#T3nZkRBVJ#FW_=*8r%I~=R#WZc=vn;PWO+UwCc#TWInVU)sxICpMBL9cQA zi(sHDWhkvKdwoUV+s5DHc8nX9;$R%r3AH%;jP(toh4yIRoYb4im0oa>LWS14dUGs4 z5AGk(T2VSv8pmCaLyl@BSFwyBW10FXyca&rJHr=GVuYTW5i@PE9!IW5dXj!k-o??J znU|e!G$30sB8c#agpq`cMhEJHyZJ^Eeg zR`7l}oMv!J@0@#z^g_LMKO6-exfU3x)qlHzc3$?Uy;IZ0Te@_6xMSgOIWn~ zIsjD?@+srzMm1)#0bArN63Tz|Wo|$DD5KVZmLu_C)t0P+?7LLHfgT)i*0=$oavEpWNOAYybqf_6m*T@=#T{$u4-~W0)cuev$e6 z=NHNANDY?GgnhnhWnOBzfk;6JDTLxjfLp7J_B*CVgTdigiSswotoF!!qIL|jYSa+F z8Y<8#!imAK%C5H=UC>g^A*o_+wqo3p+IVwWZTdCHLQ#`X?6^vZwa=0eirbu^`LtnY zwIxyvyGotNcaqhMnf$p}nF(E<-0Sza=~Kfwv7;lh)@5J0iCa0XIrT**MgjWh9jSk_Py~0vOJ)J{&D|` zd}0UrKM;ctUaECjECAFF%8>K|SF1%t_0RdU#~Wsk9O(@;Q@=N5MC)&rB5e?kE7a01 z70#Zo5_Pg;9~|y+U-P-Uq~j%~SW|JTgEA8r{X?cuT#tA23|^i-(PT?!|Ci2picI3M zm9e8Oo-M8Ny*FPTmFAPtddAA|>gWu+QqeWKT{$buJrU-}fO`h)t?|5>Wt?|bPMYCc#r_~mL=S6qQtHL^CJsoB z>5HjWp3Iw*7RERHvo>I2QFsMk5ASMfT0hv@GX^V~DH=zL2M+(*PI}cD$bo=^!`chn z_a`yY9Az`*9(@Gs>S%mquq9wtoN;XBTK;)0Tp^z+VB`ML?;kH|PzuN-+v@K^^F74^ zM33bvdU!e`j&4U9?q<(87SC?jf_-8s7L6j!zJL3uf@x)9y9_xe~1C6>0=g%C=*9gH$^1O1h&RBIxXn^5&z4QQ`)`4kebTv_?*1x8-W)JQJ9}K)J{b`2i7*%J#nxGw)Yx1r#JmF3MZ{ZYC0jT0G&NK#El4Op+#FfzF z3rCzBKz#Pm2PUtSwaFK|KL@7@kh@gpMQcy$T=N6-kRA|_FQVR856ZaRV2YQ_? zzKm&ui>~xQ_)9Slymj8Yt$ZoO(-mBp^!Lc~{m6EX22G+=u-y*_qHzp9h&CpgPqp#G#3@_y<8BG#bQ?C#Hcs?g=fffB~ASd4&jx}C_PtkuFE_V|o zF+-NSh@oc$0synav(Fc;9>bMqPM+6AJ4aJdLeFQ!I$HEz)BXX@*UKF=F(GLZJ^PvL z?R09QoisR9!lA1wMs{KPE zj}dLmL3sll%L2Tz?@h39xaZ*}LdB$CS5{L2Z}P>{g_ZJ*tZ?U* zMly4X)X7F0Q$5JVculz3th~#s=fUaCBhiiLLY^40mO~0a1gpQp%nkREqta!rI3t7< zcU_sk=jl@2B5FjxrSxe440{6Hiv}F)HD)C*<|pmlK}p9-M|>)s+;FUowkz$!O4St# zKBuy+Fn33`g`bW%<4#}CoS>1>bP8ANo95r^t;<@u{A?mG-SMQU44i3d-JTRSY&Kr8 zRSV7fYdg|E7cVnd^W_^dPJ$CnKv{`eed+CbrYjOE$T8hB$lPlLCp;>=FXMeR-n5Q^ z@4D))o}R+__lr){vxA~%ZW_FzRW7fgo#mAa*%R$?OUQeG!7lnp`-`FP8>v!*kjgtF z(fn8#%Mk59LzDD>z*X5tftGtGk%3&Jh>b}3L&2jPVNu|4uK05LG;`_=YP1r6iS6jk z+qfK6vIJ*3NDHB9()>g>KA<>02Lxv*$DMOdJ0DS}B?Q=1zfnkQNplR!(URx_ywT}&chR5OeUN?7zM z8_Fu_VC8j#Eow_cx=s@rGFtug{iNXtFpEH=`c2TP?cGjR2-UQ94PRTE4pkX1do3RV zT4#>C#rC7y*cpd`>wlWA-lMp%7H0=;+V7R2uv?(Jy}yu#TqQPGx$<@0H}PC7SNW?b z#e#ybYk%_`>_b_+n2Q`5m;yhEVS1PXN{fR5pHh*Dj0#QSTgcOA@b4>Ef2o0wP9aK0{5jb78@FgO5*q|T_V zCzpDH&|xL^+KNJ0Uh(EUaj;lj0Ibf_N-dowUgj9IqBrELFEfDqb%YeK?cE+K z;o)DVH_hBA!2`v516jZOw4+O%%f;T>EVbQl0hN6F6qe=twkFWJKIG5T0OL_9PXv$t z&e8H7xxsf|!mG7EwuFwGwoZ}j{+bd56xb@FcSzphdZT`&FEOrG~eC*pfywf z4=8+l>5ZCAZ%((Fj7PWgX=QBAZ8ZRL4ZrF#w;y6uUVo)?@q-mkqZzj)fN-ofkR_&jpQ3jEe%*Egd< zNb`7slW_@5)0?~OWV4+hd$VL;=qT=Ue;qjnPcsr&Yke4{fO&w1*ERyzLYpGL!+Gog z9hU*ViSmpILNZmq)Za{8)t=^P(@m-kF3n+L<`#*#IoyMLlLX@EYeyH#3hSc@#93my zsMfMSQ%ig$Q%vfAS^G!Z0rRs;Z93A@)Mxd*LCmc!3(^dXaW7ZZlCN-O63|^)^E5jm}Qh0 z=o@&tGCAgF(k83(IQ6x;5&Y*Gco7hlIE=UC%m$K$*Wu19G+rQx3O1h+yP|X}+hX|Q z*=d6-0`G6@+tzmRY*?{>#6qF?W}76>`GrY}Lp^QX`Vs>S%dyA5*xctfn{9D`MkJ3Z zD9k6wqx2t|t1fO_{bLL7DIxdFMRg@gJ+Yl}=oR_j=-|;nPGZ*mOj+>3c4$ycQ6FeY z$7tYLP9zgH!5LU+m2!(k)dbX#rgmT`lx>Ssc4IU{jX2|)0&{P_&g5%Ypwz#vYSozX zg$RywtL+Z%=yN1y|43ho_1lRWV^({VbZFa}Vw#{}M2kPUF5 zQ-`86X1DuHmaX&I;c6lAX4(8D1U<^sPnvL{8|HL{nF&_1d$|4dnTJb>{GzIt;Fj{$ ze>Yk2ipaILDC+t?cY{DTi}&E|2CYMtIbOW>5bDi4p_U|8i8nc>KC(y&$VLkBdfq zmNm+L4kW4kvUu=OBn;-s5h_l=A@PYcz06QHgF6?M!Kf%5ozK7O-w#Yutc%r?cjNw} z5#@Pf4|=y^P|hF!N@4gYcv?l{vN0sF%D@4c1qGmE}A z5<9KKLJRsKo`<*e131qASyOkAu(sks|H`(bI!gyScn~}ee}Wzwru>>|{fwyavucyr zn#j((H=5-pdKA&&GQSM*_aP@;|;{SVPeBoWse|E!i)FN(k+u7gUzyBLr@&7&h<$7 zy%Dx=;xFlVQ=W-t$BE6b##N7fZ?iI|%UQMvHB^4j8A$7c-Gm3XgcGm)pRsp}4lU}I zgk#&bZQHhO+qQFJ+qP}nw#}2AIO%--|K0bY@56nYdyTPP_8xn!QL|=M{i_VXDo6Dg zAe8i_5MR$5xY!KGu!xrmBR%lIx{rXW@F%}@Y1@|uF~N`sEnm^_b11B=QLlR1`-=c% zD0Kc*oHIOALBoPCV&u&YP!OUX4Dx8t?DPXbmGrp{Wyzl17sH;GTuk8b@y+a0lp3Wd z40-OCUC97t)ZArD%1@l~d=3N&MnnCQ3#Xt03B(4fK#aH#K+w;?k$aB?O2G((B4R|b z>nJ5P0bKVHaDFq*nh;5R`EiE`E)=L50aX>=BWyYDkc`mce30dG$(9MSx@0{1=XJLP z%NQ0!Pj88Ij6fEH1dyX7v<5P7vl2j60o3D<60^}Tpm7{1kGhL1xbXH<&ObqqRS1E6 zq0b{*a}Zh((#7w-8KHHdqM*w~R143kXKOZ zgFXI-fDsBbl>~sQ$EWxm2ZHhjjQEKAJr3#yCaFb7FcIkh0br3_ zcpyRqJQx&ZJG-d(^!0-H_dW#l6t(bFLX%Yt_vPw-zgLh1^DDqbd4^B~P2*zG$ni)D zJlvtrII;T=}oc0oWlA6zeI>5ikl010nw*9f6Sa zDH$~yjezk4rCwa9JDEXWzaJV>rJt{At4k;!#3~Sc-%2pZhbn>tKzXhYQ!ADA0MV`m>TtOfhCST1B6OG#6x=P_Z?zX%G{sLK}GO% zC@^Rh=6~>U23Z0K=t-+piKru~D9~h-1rCR$V?&SO;Nm8EqkVgap^2TO$;)AgVVNj?hs5N=Sf!lV&GR*oCO> zkSqRhc<&~Y%oKlB^}AOsRw5;705m$Jq7QpDsQCiOOBANY6RmhJ;EMt`Z703?SWsk`md4 zfVv8kEcKa}LHw1153Akq%oUWd1poeo&Hf$e`z3}~RM&c`U)Rq4pXIlYfj*-M#DW0( zyiP+ELd6J78GueSGq#48Tu=>U}w}>kH`|lafE3U>xgby($j` zF?*q}4z%G&6$BM7r2$f@3{EW%2QP5|&^i|2l{-8VcZ3)Ncn5WWXwUOm{EqS*s8Y|h z@<=o0L8?%L@)xllnv_+qHan%}hKoS?UvA+(y?6c2@f1S|s4H>2R}TOYBYwTQWka_U z(?f{JgV)?;L09u}G!X$1_N9!HjSNgG5Ne}hfo~!(!rw(Oe*h9X8p7NVdWkZjz212c zWhjZE0@5Bf=m8?dHfd#39EC0sLxbS;dA>X7;Jyvwuio(J!P+XpmkjLhIMowMy=n(R zzu+>#umA|a18_!iz#uA`)t3eev28J>##x{)@x21$QJ|D7nZk!!C6Nn4w z2f}Yer0ai;z=5}pgk-ED_*Tcuj{;Z6jRVX{&;(7TX3-)HI5z(j<9S&s8IK`Fqyq|A zgpB+U}*#7_^m%9@+1%v}z@Xs7r8}J?Y37;4I_JJYX>X{dfEb#|$EHmQ`2@$LIV-bp5dka-np?dp{j1ftK zPPc&G-BZF4;w6SHFLrY^It2q24KM$)NDlS~EhL8a=e;@6bp4v(Y-H5)TBQTLZaV=O zgG9(wW23>ZNQegm5yTS`K<3InSTup$;4~o`VIVnF)n!#k8%tM(0eJtrxEvSWT*A*kJPhC_^`0Q| z$yFdKZ=`!g^|dT=fII;0!@ZT;!Ri%iHhA>|KzC>&0p7>@1MqvIzy>SL6DjD-Ie-en ztt*uSUd9i7URtyIgkZr!eh?8u6S38@64RoL0qnmX`rlTrxLQ^I9z%Y~)l>tp6v~c{ zfJj4#AU0I^1M?~?QM3SRptB<0&5Ec(r1A6fybSPi1O^hY%%8+#C^3-F=;JV-`1@d$ z`s064l8YUV@)baU_wnE6xmWX7-^)Rv`3Ey3KvO01J?Ou{Uq$r3{eQpHz2yOpViJNG z=G5RkIe-sR(Wz_?Qa{$>w)}1g9%haI-S7JiQF$-?`0{_n2Ji>@0r;~1*?=;&GjVot zGBvdQPi1dp1qH>*%1XdM@Sl>0hhE0i&fLXi^&GkzJy*^BX`3=bzVCn1^1f{7umXBP;Ax3hZ7FKLxiv( z=buWtm3UKmnTa4_R;klUGqEU-KkK4a_QUJ@`ua82*X#E^7PoY>mR9zYTe^gjH)qI~ zwPduynce&2`MyP8W-tHp>c_zK{q{XqwzZX{e;Cep-o)SI%jx@CEGLz-+p9ihAs z^mTL5b{agA`@A2_Pq#Ey)hSb_?w!FmAb+2xwG0E#cNpB)_k~(^T_Gj!_cM29pEeb) zumAm{gtjKGxhA*EAw|{sLR|rgM~){ z3~#^di6HhLx@#9-73DV)oMLqt$_IieQ=vwc2sjPjfYQBup}72#EGH`|(9QG4?1^hJ z)pzglUczQ%D_Yxxd)%J)!&eVn&NSQ-tUdhBhYkcnrQ)x^!3L3V^o?M4I!#cf9pzzqQZ) z5km!N-_Psk&D7bQe&hDD#BGzJIeR=eP1>*KfXkFkPLSuUk{7gmYkXIJ61DdMoj{M3 za4spcNXG85qOq9V!!Q2hA|ulUH&jL`zky^%LYJ9!624dEd1`{3l{8UCD+Gnv5~qxH zxlV5%dpj|MDYBgtzN&sGW>X9t^QYu&=39S}z3q_`2e~2o=~8qNo*O;;-jw>=hzXEg z($6SAjYpQOJX^rbd$Dgt>Iqv>ED_*pBw=gQioLmIsXTa-%if|&Z}#uJS(z?&tw}L$ z=aN=TnJRW^(=(=)cyJJ_W`zR1;xK(Nj+#V%L%7%(qyvdh@nm-X-3hy;-gGvlNbDu=4lY@aN6bDX2BoH~1eUSf8} zWN9Nu9ZK88x1i=b+Zh+^%ni#q!I>xQ%!*SySrcJIx@}`q;iYJWHjZCe)*>}3t#G?r zD}twPi+t#+#!yE)x^%j)ISay;jgFW$ESwvcEMiwl&TQFyem8hJ23xvD*(&Hh2aj>Y zx63NY6wx=>!yGaE#6$$Gp>XLii^&Zx=|?~IH-rRiLk0!u_k~{}A@f#lw~Z|JG{$4| z#8i8zZ8u#=EMg6$@+6vC(oD}pB$7Sx6r`)|RUOu$MI&&I0Q@E(D~NUZklh1rKGE1Q zG#XWJ=QHWZq83;WuT?@^#6D|-IBNQF+9%aO$n62_h>UVZdzkwPX%j!aXt^qoA02TM zlj^UeV(83fTVPpl6q;C(9r}SHuob9ts?@Yf%`~Q!-Z6j;yVBTD#Q48>e_6F4> z5stdU4u2$5Q76TVVN=~4{?t>7+pd@0M)icRiCd$fBiyABWf)4e7BARfofUkS;$ z9Jii?QzyCS{^dJNOX_+mMu>ZJ>#&m}?hkDJcd$<}zpx-$qCFu~YsD|Se`FvMaURQO z)B$D~=wmxkTQym@2G<#lVyA=WN!0I&X!S^v2g4zAd(pdtd}M3FGD!j*O}AwN9lJs- zu68pBvXZqvGBU3rhEVD3Iq_aD&~qW^XATQ|#I7(%g5cy}$E@d)LiZfX$8Onc7oWbz zrJeie4ho?`uisO|WMc5R4Q>;|fByNABRkRz&kLtj_kcqyq*0;?;3w{_gVQ0u_S-%3 zBY_q61DFgqs?lJdQq*Y5F}!;GS!8F!TZ`}~`VD<*GbHrH#)DbtAIwS{gayeCAaWjsM?TpmAlXvm z1wM0OrFMk`gmRPVpBGHR#-vzC#ik638v8sZD)Mb+zzR854`q28H6ipJsQ9aF;bD~-a!|>Xs3I>dv7fhE{;{%&n{x4oVT)q>#f~a-QHCx79wiu_;)^xj-DQ$XQC(~Gra2?&j!y?CSR^vhg zlgq*Z(n;Yc=^I02p%Ua31M~_qS4h)?)L;+jv1{P*6XTkiQDMP9HmOv7bAh4Y$;iw&vI?p;k$qp|K#t7OLO7cCzJ{}O zmhuIUNdG@b%Z|p=Xrb(t8GhL*Ns+-%y23tbtN{~JNUbydK?w+|${Abbw<$I01NHKO zlCvRA+j4}4Tl?uXJi=x8;?&W?3P~>ZdZ~Q(9`IOuZ77O)+7gS7h7j?I8#%s?I(N)n z!pA{oX*0Alc2U`X_h7___QDkYChvI<&#+UCmyxqkUI{Yu(izYMU}KaJb?f7(yHQ1H zlcwxUS_$jJ74`JH2P3Ob6Hu3Gv%*n%YE{CSn%0CW0&h2_`vO3jM5bbaR3p8cN^J=w zfm9D^%JoB$F97miT1ag1<)W{kTfZ!OL5$x!ydd#B3eg-I3K8Zd3t3G4^B%~dV!Tn=5~iT#&}`YUq3Z3dnb)M-z2a)saRbd>#lYY z!89e?7Q&@8KBlX8)^yoJkHZ1xMLMks1FCvMUTF29Pds128s%S#gpIZj(kK6=*`P_at?;Py&lrt==lmOPg|ewu7s&Qc%~%@DR?dL2W(jNL^QB z2+zOIxO_-pisb8zZF|tMsNCQ3@{p7#psp5jRZg@@j1Q;8JAPGDL2j}@4G&a z2IR)ZLf5VV4rb;noL|wDCSY3fPP9p$6e$uNK!^n5P;Kg(&V|^MN3&}r5Bm{|>71%i zwX8PO;LOmPFFTf5)anksSzcl-Ew^5Ho!|$Sl~508EoU`J#O(>92H-&hy^8gM_K4Dy zp{<;O+oD9H!g1isLOG7I<5XlMi^}i<^2W1mooR>Bg3F2f7h?|u*Y`+43TMy8daYYe zI-^YZAzz|s7P(lF_WWF}(R-Jot^NdmVtHW>Us>s_pu0QMoI@y5sY(1Cqi7iOGeDu9 zDvrSl4nQFRpl;4AE5wm{2nP4z4~QYr3eg8xFlFt2{KDK$qu_q|vbAVUAHzu}fBDs7 zn%XJ(M+l~V0|<9Z8NDBxj^=BbRg6zXxxSnWOSoo;xL^vaXO_}G?hap$dKdgG-ZMmL zdF86IodX;obf&MIad;KZ>%$`yHq+v^OPs%AQe$D3EuLoaiyG1hSCw*6TV7^dnk5}C zlr6@|Vz0O^d@}KC$958gN{%$wQd2cAr&k$&Q@)o`b!T&pxWVV&7#-t8M9_851hl#D zW2~>Rtlfj7i6}l4GcnAwqAMbaMo2>kD4j_eM z@0p)jH47j*JV&J{2C$NrfQ=ns=wdDq-;+1TnKFu-ikUiQCRU|#W>k|tnb@@u|0$eA z!z==aYY>s^R+z8EEyih{nMajKy_4r19}_@nFB#?o1|lYRwJT}%{6UL^@hmD(=qSps zsu8oxCl*&(4y@a4%e5dypP}6rxO7wP zeXY4=;cf-2TplKx#M>-0?b~~OzAPTYS>t8C*nB>w*}t*Hgs8vUsJwH&Y#oEym-Q^r zI}J;mh|;ck)adA~{-1{!Q!e^4ieN(tw;>H>-FiIn0S$sGUJFa*`V-8{lvYaDh<~*!>k2A>T1}AchbG7SXnA|recR0GDuvorS*gLV$)RMjhZfBp?NG{5kGZ_UT2z&m`Qg*dvK}A<-rhhkD z;UqYtKbP9emgx*>CHY%GhuFN_dV(xkbFHD#%GDs%u@S?0mti|)5t!SkDC$&r$|ww zxdTz5jEtkzNgq(#FO;NzkD_moN{8JJ-`xXc;W?#catON_3_{agh zv;1Gcn2nkJe*lbobTs3z#}NJY^aTa%!J03fy}$?{XwflwQ1E{_a$T%jfZT|D4{O?L174b@|^e%Z;4* zJ-oQFbNlvP^Yv_fT}1DUbt(JsW8nVyzTe)y`kV#zymZy4f7E+_yS-dW-Zk&?_U%#o zdVF8)T)f>@*^N5!!K zf0@1Ooa*t~9qh%v<=yTWd=2->U6X^EqlBp?(7u|$8Oqn8#S4D2iJBc{8GFXz^U6N3 ze0wO8BwDr6q1YD{EvK5FN;E49BmgcR(oea4DuMg4;FcD1H?_%oMICc_q>hJ#Z;s9} z|JfC)!k1dlk|-rut8jCR zdMM6Vvb#T?7`0^cc`~i`6`DX`bH7hW{BO6(nLMU)ipY>8=3nOl{1bZz871mm!iW!*k2a?2j4UJSj-bMXGa0z$RDHru!3Ra&ITH{`$giJ^bOiQ{ z5ACE_VM&2?y_aGe(l?ry&7$X;WxlJJ*wlwuEuAxKR9{S-IFkPuX4uP_8h?uJm}H_Z zDN#ox%&+BBlCyw4j4K#sdMqP7AWJ5l#HrXopz`0~TN%aQ`m{KzGG(qY_z+cRx}L)` zl}JI(G~e~yRShP*sDfO9iAB|KHj(6Gd$7VEGJk63FpfNt{@GMsSe2X{Sd6>w8JNK} z40|<0ui&zSL?<+E40A_8iJpTW;#8(B;_$~;IGhQzyhcq7>IGY?6W*p9TVQfwmfZeG z?R6ni4n{L%4$MJg5b`fDd!#4K+v7f%E2+_4HppITK}- z9T>FUz&Ywwnmn#~i_ z@IwVUDj33I8>{hY4S1U?Dp@1*=C@Cthn<)(adFe*ij^}LS2aCj-Bu$XG=tGl;_D$2 zQ_(3ZBhv`C1zqo|2aO3uBK%|Fe+2`d=~N5FCW;7Fh!avmM9*H5P1mIo?ZSUHD;k4{ z&psMMxH!~~So#g{hbCfcewC#kOjn^imv;&4R;F#{`n3`*C*#$#MV+yUl-`X{FUzTx zu`p*5=E%z`X=qfHXX@s2d3O#VR$g&*MHmv=QY&VO=H;R!5^^sC46|Lv%9os5uI)Yk ziWwYyHCaMPOMno1pD+yR9>Io;pTBgobQCWQ$VLnViGk-$SAMr#=z`NdR6Sfo~Y8RvrJk;UwMtOJjh`xi+bg z{0WqI<}sjI3Z4@EJkqGUu8M~@^wB4M;sh?+o6wO$u{bA+dxj+yZKvFBca~nYO|*H+ z)Acn6`Xow*Mh0~0fiTR1luB&e=^-Uixbn-GA?r0HgFM`82W9W5eR@boKoW%~4?vY^ zf<`ivZ1%5{UlY1pIylu;EG9VMI2^P9lv7TIF5)p2G9U2M%;GcWqa*mH&6X>Ish(>1 zMv1grtTEqo{Rwua);Zv7q;fCo^J-^qcF?qW2V4(t41dMISIC``-YC8VAaBDxty|_hGS9^ogtzyc%z1eO!?^Di3ezY zi7MCUY+>pU%1M~$Gi3%YgD;*qgVQEs-8#8?Fdbf`ll4<$@~A7I*&PZLa~KZ|?Jj9J zkCNv!}s@4o_HIKa8S-iltzS{4E{N`41q~0ti;Rb6qy5Zny@M{U^4~?--40z zMLq|`N}g9e4ux51XdM$sB5OERlD5{h?q-SQwj!@JVTtX~@jq0oFzZobZMs0x2P!MP ze#q(vP=9)JNvH!G2R=-3KEw7R?~v2G$uU_TbwZo*u)-m^PvS-gE^N1=AbA*x?AA>h z#EhU_X+*#t#x$bO?!+@Jq)au3hm66QeKO3vRk7nhY;fk}D{yMBF9}^RHe^QBwzdAf zG)LQ7m8vgd?2M}&ug-|b%0K=U=U-L}cunQRR2C@lqJo7-4RSCeK59$p4T=olVkzS` zpP2#CP&PeaqU>_|%3_?3Z}S_1y?@=0%lt;65O#P>Pp ztS@2C9Fmny=bKSZ2!srv>SRW&OqbTyPAsGVshC$o22EXr1b&~vx4hy^SPj$J_DZJ?`< zr~o%pn52$7Vb=1DYNm)@h2hg=Ddv~T_sabAb)sa5W0#eVjJeWe#A+OL$6G#YaJ0_9 zC;*@lKfj$k)15^q)NvVLD+@d0I<0^8-K0~u)%I1U@YeXvHr8qcz?aG0D4o7qdikc9 zsetTbTz6R-ZTGpQh5I_kRD@}`!9-kh*&Mv`w5@0@_A8-r0`ArW2VpJwnybY*LhJ?% zP$ldBFdc`moT`ocIptNp2$lsEU#b68Q7e2T8Q!)>waEbFPoU!IsSce4l7&~C3P(n; zrFW&?k%p(_ZcX(ue^9~RrN|FzdK>* zH&Rckla9b&omMKf$FRW5V6vfb1(Pp^2Hy*#U!5cRlD5RqAIuT@GP&|ux?vAcbcLHi zU`6!%9j#DxhigTwcC0xaatOE*-}0NC__n#Z(7j8si-BaYwrYvro{iCXKb-xwJMv@t zK^v%V3Z~<0GIS_tk?YcOTq)O%qdKBgYkQ-eQ`I~lwSDw;7Nh}f{{^ANN*gVs*3=Ik zwq6AVeLi0Wp~eXY3D0z0hM5g+#KU%S`%~8I9kiRzDtJL}UbbJEQ*fp8wXKwRmDdgJ zISft4)zw;}Lbv4xP^W(kg~$0HjfA<VpGaL~wtN)0!?(od#iyt!>LjO$is3!hz@Z$dm0{=H&WMyXgFTBY4{}QQeoc|LdwM9oe8mH?&c#&}q+-$qk zeTbpHhg%wn13nz%vHo~qc#P1KA(HXz2?_)0eyn!-Y+ND{*bF@_sP{O*#4f- z%y56ux%>Vl&OcHatn!&8u{y)|2J!| z0)#y!oy?!)OXp7AlFXUg`w;CFMM>shZA(_KY{frfZEHi1oO{RK+;ybOPAMr2@j&qb zNWVtI0A!YJsDxp{IfL5I`I}*OFs}K=al9G4!xP614LzwXf5}mXeha+t6}SO?X8PYP z=V@eeUG9E8w!hPyq4?t6E6hhWj9w)1u3f87D4-Y*J9g3X`ArSxNoX4yC8u{s0y0h| z3=NZdpQ;7|hhgo5vsMZaVbVdkc?`Z~?E@jJx1Po4K^)GxiqNi(7n>ZGebp9FbuhGJ zZHElD7({5uG2$^|V~9RL@7@=a2Qy95__D{!oz2A6^49NsRwuDw+%Xe}@=(qNkM3!b z>gJTM5kqAKKm*&sYf$=TyCI<+(QhvDqDf6?!d!g{>qP*FXM~LVcN_n-xAfkNygtAG z`#;VF3r$Lw(WEtGNEX}4CS&tV)n9K4AuqVHE7x8=eSgt2?gV!s@6mT%R856IM+(4% zipaH$DQcZWuZg4-^JZ)HdQAv5ghGleL)vE?R!GPP_$(&l_=%Q|^TsF5d4zOJ(Z^ek zVw&5HlB=45_XF$Q+*;BOiXe?Jan97BjH8?fGfy)QaA+H;0j78$%ARm5pCzf-a>GoK zRm#Ghc3V=GH%gFAn4~e&-f%@UbBjCVm04#%aF&!Bk9Rxe*7J*_Y^Y~h5TY1|8OZP4FY7*5t_=Tl|QW>7nl)5(YD3pPG)ERDubHwK_=eSi-pM% zp0JaN6RE^U30s)FK|*k8dF{psR2~R{Z9AtHuNFy* zBO?syT|-3jN2R-xBQx)1N^Ab*3?|GVbQv+@%&LIdinBU=k7l2t@AM0(KSVztBr8id z_L48th(+a=nO|u9Mi3yE3}w!KgW@5XycEH;bH=lvyDE!XloKo2?}|19pwGk?(OFWx znvJ|^@-5quXk)vu+?aVXxZ*e#tI`hqD2}R&tOLiG2^t5Ci&-N97feApNeN=aIbJ}~ zGz(TxNSjnB_%X9pX6Mwwa!B&r|7hoohU^mtj5H}<5C!7U@tpm}q{7c_eoB+*(pNK} zCbvYgzg%*nwzLfPOfB(`QV78!^{=uNI$39cC_VhaJfJyx*p zQWb6=%?8w(+@&5bNH%#0fYxR6ouNwLNSMiNQ+TPSMwvk)m3|NaEcn=$X^em>DKS1* zv^-E2Rn!_@1XUGMCnLFjlA|+m5d4Qp6ItcLR~UpApJ21@HY+igSPbXHH7$K!`jJY5 z6!BK?$8`q{f{}EV6@{NPKr>D;L8=*nK*`oAo&7D73XNMmD6g*h%$HwNvWtR-a4QKBo@1c0d@2NSC+odCHmH#c4#nj@$Xl3vhFJivp+kgP5^B)Rz12|%4RkMd#A zBE5pjPz5p1V%&orlPc&KvB{$kr-$lK9ELjT!n9I_Wi#Bb5WMWQ80wbzUMJdxbQFxq zS`emu92pYJeXUaWwThLlKL87j3RAOCs2vXic^nSu_~%MqVj{xAhBK#Wg9|TZj-kSbTin7*y40!^7`k!8nF=5bqq>D)}9%}I$A@d!uLZw;ow1D3SH z@JA!oqa5v6f>s8vR@Pr+)PfCdJRQ&8u^tLg^5m1ndWVxHb?^}i%oTAwAD}%39tD~q z1+;iJXF51ieq?R+FmO(01izk$0g3PVvkPXCIqwJ4$^p>ZbCAzFsh$E-#ud$o&V0dw1SE46X{qw@<#<2>G z^$3+0x!~ zoGb2@;fhqz%N;3;d=6x*wZXVu6i$?<)RI%cfJM92QM54lV?+%L`^X|ekQhm$3&BQ6 zI+%(!XGjqOB6zifsogENv8~1BLM1Bt6%g|VMV0ZYuFI{mHZ{MfC)wSsakQ&Ok9N%? zxmAPXQc}-_$I4kNlW!JWsXtTn*I32tc5}pY0U9wb7*+~b>o?DCVxc4(U3LF>r+$Iv zNkqzYGKtzT;rk~|>5B}x033F1_D!=s9*R=?*T!Su5Tw5nHpm?=c!b?b5sxHch=K{0 zFcI8Ql`n0a2FzH%csR6V^haor4foi+2m`8UphI#RK6J?Hb5Fx(nm~H_?$Q8qpgw?P zGA=vqdpxmmPkPvUjb$k;Of7($*EAILlFEe<8wZJndkS()BM0P|x4E&r{$+j1LPPzc}Vt`;069FqV$56<{xEQre zlE%F_HM7DJj>si*sbJWBo}+?;_sN~1Tci}8LW00r+>MQyi+O0bsBtI=AsM%d-nJKE zZb_65aZeTwj@6zLm!@EJ`bl`90S|usU$KRW*1kb}?c;vf0DAeoVKMcFFp;vaT^oe2 zgmygT<}GD2@V|34AQBt;n!|FhIMRxd%8-7_gX>yJbX!!@xJ1P!2q08IAV`* z2RUK67768EaKgwgGbw6Pgo37Q<9lbix7r(}7O0YP#05-=z6 zN)=I)bUBKh=#$O%9cbW3U@=|cm71^@NqzAd-1K6O9tU68sE0#XEJe?*b&Xq` zNg|PzK5lCvvSUIuThX=mdX~xsu+h@{=)-~*&IYd`i6LUWqh)d>F`+@Uy;&_y-(Qyt z)a${64o={;@oe&TWo(}@j~CO3k=N7<>SH|YQk~9Nwh66(D!N8kT{1~V?JN*};<&nE z+gH1kE(51eAZQ|ALTUMV+&$y7m-{|%^{zN;P?guEH?Kb?b`f@WQ=8Kxy4p;km2k*qR;jrvZ=oFw)!VxHbtUk1z+gw@Ayh`2Q(HcBW41XlYOME^fgAd?WN?v zW#-un%@XZ!qaj>*S%onb*I&RbpgTbXqqa^JH?lL^I&k+`&dA$4scV^8tTYYcD@uRz zcI=pU9B!6<5AJ>4TT*1{Xn5Tf;;tLflQXD9D)gnj)O?KjI?k@oWq6k!5zFzaT*l8B zV07uy)gId$6ytb0v*UyOL-@s!U9snpkQ*qOnpfo)pmn>UQ@9eJ65l}dYfdR}+H7v< z2UVMb3{$w=e}kEtr2YL)-urqkgKg1N&5LHm$Uzo*+|%@UUobQk3RZt#_-I0{WGn*+ zteJ8=kLze?iWH8^-k2WYlQu+(SyG;jXBuk@Ap z@8f<$X&`{Bf-A6Or5~auZTjwwW7jfPskUXN2-z;_dj-<{oN`S+Z(aNVa zca4Pq-5vN(BY}m1o$>!R5;z$CLo)wo`M-!~4hD|@0rA|TEgen5j@0{7H{MiWRXk6P z92GQsYvqRS!(exBxIR?hWPCkj01y2Af$bG46gOQtOarXCl2H+lGDpvM648|X?e%{D zdGlef&-Zoq(fs}T_;f}>7PvNJG;5XF!b88*_9NH#$?)4oIQSY^dcE7KlfU{%a=Wx4 zYwO>Ty~`_uw|7c(^7?T?e0=}@Si1STD6<=OY7Iujr$2n7qCb4Dq(7Yb@#^~i_|hjv z6vNOtlnBW#c{s|;dN9QP379$=ilhJW$r*m`>}}O{WWMaj3@i**NH6}!9jMw3G;bGF zp7-IBr(a9{+4H_<^xWt8Ox_L=uFV;GcGaUo zHgI#qpY4HGj!2H1De{(4vWAfPI0gUJXxMCn!cY_tTBCKUYHgpD)G^*ht<$f&1M1q- zRB0#1s)ACvb5A*u%1~4&01)j+l0Qn&5E}mPpDA`rW#$^dV`>pb(EgR*AL|u8F@6lZ10f7U$Ek$rCs(lw7Wkrq+9Ji>3>$&i2vIWu^Z5_EA=s$M5@* z9aASh%FeL%Ew*7?ab&yKFdb_Q8O~WFiPUCA{fcRWXiI}aIeJ2#=0Lc+`g${7ow7xv zuKY&M3?Q{a66V5gEJNDhh#9|a=}WQs1@~-nb^?<$C{yHiv|~p-L5HOLX!f*$K?9~r z($v$_+m3YhxxTQ%PFO!K=o2gU_22A8X6!$l~JX=?^^O|q%bkT-jg+3BO6?g zl&F>_D>3#ndvKmdD-HJnKLWylti4jrID^85OxAb z&#^Ql3BwsKzn#kdP_bnyNn@N6`luAb$-*iuH78BZeT&GNV8!_Ntlm(qoh2BSY zno+-}p>qa_hY_h?br)BR;VCt+lGu(ssS`wsGTnuYA5GdhW;iwMIj?tzNGzb+6BqG2 z8`0XSXf=QeU}|*KgNb!B8Ze*wMJNvKW?td8(!TmcAgEmhdy4Bvx6lf)Nr3Qd4*1RL z5>?CjQ;wqrG9i5!`pWbCTL*n7;WO83RtdUYAgvWEa;N$_Eirn@J1<=J{|NjQiAr_5L) zQ%D(3P8Ho1g3^G*hHQu+uufoh!n)&#Dkf2=8Ch~8xKT!Va7ucbqmgm_*1w0+g6pZK zVZG30+CzBRkC-c+U&9OctWN6(po62+X#C!TX1t36la9_P9NB(B0KW<1mHpHCksu+5l@wH)`EG)Yd=)kFRW4E_%IGG;FdQ1mP7ukgRuttkank)jifcp|e&mV2Ao zt?jBIYQY;(7F~*L@`x$Zt(3f1=!9EHtK?JR8f=25N{fND%lD5P%9|zMfqT1ikN?)@ z2)deC%*_b2Z4;O|6jXed9hX0q$pa0HSJPDPhdauGbCl?v`Bu8XR1~^P!11LMGWD{g z*p$p{CmE6x#8IKRZXJ31Md9y);=7*2t~ik8!TxBg^s z6<^&$=LR2`n$-9Fk|QVUhvDZS$>Gg5&%$KfZVBuDD>)fVZ(c5gAheP9oF#BeNzF_i z)>E?V6$y6c8i8!2QJjnGTTh`u-B=|YFcn+qFw6l~s7&z0DpQOKwG6Dhp6*O3+8Ql)nDca`< z@$rQ4Kzp(AYm(m_Rzh~qMz+DW20~nRbCJ7?-y#Cdd#}1ubBC}QJWM5Zqy5G--O88s zq{VYgH4>7VFqYggJH9W{5fjgXmr;KvqR8$r>|AUVFDXbKVd0u=;>*hj4#e1aNaeC$ zQnwK~>MFEqpTs(ZCL61TLJ=JYJbfiPh%E^f3tnkcopjYb&sS?jm>g{|3O2d=N_EBV$5GGwA)bP_N3yU>Y{+O-2rN7NL+#m!EE5W*CI@GC1r&Kw% zr&QL_FCh5P;xHK7@ijLRMo3Hs?l9A4Ks5|^E;tldpiJFp(V!mbwpko8fucNi;V{q2 z{DB&a?G*w(GPnNDfU|KO_pH^6_WKgK;4I_tegQEvhx`MQ>iw^Kiqu>Qw!PW}}re_N&_FZs3dF+N7WFTFdQ~UkzMp3;*JMgs@`?Qc+kJ@jLPLkz8WceweES z`W}YuxiIhD|Harl#)uZQ>w>-8wr$(CZQC|>+wR_N+qP}nwry+rJ2RO(x#uKv|5Vjl zf2xv|th~=#57LZF7XAETid39kwpyn$2d?d5y14t=PZ#-=mOKst;@yO#@Y@#&a09j} zEn;MGIm)oHCCb~t;%ip?nw4eZf9-yIWDqs`*uH7Q_~uho$nSv&MeMv7ZNiR|xR?b0 z1fj00$^WI=Simn(le33_7zVQb&LM>V-fC18KzpOkaqG_zZgqEbD)jpL2}3l?(xvUk z`a{vY(p8yL{PV{TU@9pLYPC-vv5Tc`@w~v-S&+dAdCn&(#Hq;e}0861||-cU$4WUo?cZeN+gQM z;qldp>O39w$nEs_ydC89czBHfiWFT)X;(kjb9zUo(E0X!er_GTl)O0W znP+`_zl|(BpHWnv^}$cEX!Cw~ynPpRn|r@KZpfUa$o+VD{5(D$-1eSVi~ikB$?))= zV|&^g+FJZI#l-Vig3|swh4%e^M%N~lcrN$u`tcpw!spvsnv!xANS*d@h6Kilb|t`A zv4F3_dU;yn>-*j1T2xfssAwT^-0jnrCPG6uBhd<;vu+;T!`q#ju|6OAeS3dtH(p{< zNVV+o8pGosUEB8j*6xE-Vo`2w>Xyzsd@(QVFcdFv#_7fmDdYRp~6@m#WE zz`?1NX?paWLVjwz>7uxHs2}z#@%Ao;DDKv#-j4w>O+VB~_%cni9JnI3Mo^ zX_|MRwJZpimDG%>_2Bus7?H5On_?-~x=6j~xdyv^=TuZjNLx(RpE2M5bw4}rh>N7QveHndwSY zj@NGnDvK4?wUew7J!YcVey5S75j`i8L!G5f%Gp;$5HJ1xx%1^Rm5?WZ!2W`+cw6W$>)8l0wKz5M2E?o!Ob51Qp0KH^v&kZK z`gQ#3#UPuVF(i^+(<0lY$#ffv*6~dH`nhV&&g1&uT^Ko7)CeRduN5!hImL0oK$OJA zcnivE{77Tzm2H0p;8u-G$tql{bF25biqYD)J8L=z)V#9RR?_3PY9n_7=eR0PgiDo7 zU#^wWhCO)^Pjat1qtCtP5|_SnQM8d{s&w2ZPx!Gmn|3tK@FQYnmCAG443txPqvvxh;gDoKfTp(3a$EZ z`z2z94yjh7EJ*c<`WQ+8tnrCTJ7)`F;e!Vgc4ZvHjgMTMWR+Y#+E8sUT; zyO6LYOJSpDf)(2s>o=!%->}+1b=0;}_Cr&?0t=eu;WUxe|lJS}IiOd=&;E)S@FOH3> zbTm#E!G7c>wOYG#t_^vEO@1Yd9RKME=@qNY{OHe~C#~~>z(Q^B2{W9ej4WMjp~=Ut zzb7o`C==b8DsX*HHyFn}*-W@vJ0?k4w>=m=vI$zK=3ETW2K$bEH}Fq5D>ecsY>l|< zWh*u#!LBEu=L`VJ2o0E+d_Ew?dAkBg(7bgVpOIZ$_#O$V9}3MblA9Y^%^wN9Z$ z%d)R1!mgFFVgFUdRAMqJjdQCTTKJPN2jom8LT3d%8o$ zu~KDR01LQptL>4^v|eZrz;-Gf{26I|xcWoDXmw-EUker#2IX;_sxtut%086X-)R(G zRM*P2;zQqDVCy^XQ6V>6R}W{Zx&Qf;O!&YUud=XBG9yDlFRuV+FZI7?i* z&Jk}jX&dH|i{;J`vyS-SS&)pHc0_cMtOx2240ny4l0A{tOPKs;?0KQJ z+e~F@WuJxv#!%dXi6Dn7Cv1I1PK-Tt8TEvs;kxlnr%XhMz1}EautZwXn9xTfnA?5Q$@+T zG*dSZEumm?_k8iKOIqQOp()nQRF~YC9T9M)VPpu}sw3E*_x0J+#LIGL0>iBj)chN; zv2((mHJ0%$T0hPD@N?6{14Cr+1Ue+k0t1Xxq(ue3>u*bLvt<4(j;!nt?y^IN z`iQh+PNS(?kaJ?394uLhavP{Bf`YfK21L%3F*_tSkbp1XTk1>2NRXxbO{o?24jybaO2G%jV(4e>Z4t9bJY_KEe=0X*J!5D4*fBiiydO_r4V3 z1LmMR3-BQ?aiD*PxIkg4^h1lD|B^gqiz%#+a0|*($EwpiqbEb{*0xVIgI%k&xHMTiKC-4y{N-no9x)n*3)N!EwM;^TmR7+V z=~W)uep1HFk-zHPjz^lZ&74mH{Z{XZ;=5)CoRSyf>Yzjh<==B9knzkICvBzLd42UN zQV(G0)n|el=)9@p(h=^hCGM?-Y|q%VFay5N14j2}T{*+vTB1ZNM0I@hs6nX1XFO0F zg>Avaa|`31yAh;oewxp+YdDw<*hDWY14?E?4%i6_F=1uwniku;5)X|n8v!ze~?#Lglp#EjV67dIh(cCa|)Su9xbQ6NiHvGgUc6iF61WW5* z5B)QPPFmdkLp~^9y)g~@*OkxU&^ihUEN!EeQ<`OIYfh4H?Y<_WdvBNteye~A*Wx>T zPO_LYgc%w1NcbeTX7%WSuQ8-5J zjC*huf%>s>hj66ql`!IF`t%uE{(AcK=7Pt1(-wFl*+XRy8$jd&rSv;}*b}iw@$7Lz zlE*dn@SNwUL<5%!+uspHV?#ikxyoK6saOl}+8~oGoH_YKWn@TEFRyeCEZ)D7nH#{k zN@@@;Z(4MN!WPs#7sp~o_eHFB3RO_a!E2+m1k&qVX+`dD>QK-FQ)E5vl>GupG{<%?NSa!=zj-v}AfVeo1wkFt zS_tgQ8jcSDphw`7(p{ZnNe5V0URwH9HZG-WVAcc169%FlnAX8?{cRK}Q6U+bLnoVE z;=3kaHn}e|fJoC!a&_CZX`(oLRZ$Uxol`L@E z!jrET9oayaE^sfMBIxzjk5)%Lob}$n@EXm{5x(NI-;Oe243}BTK2abF4EO603HK?4$504E{XvqugmI2w$4u zET)6!|Jq2Z^6JvuFP7eG3HRx4F;hyvM!|%^_lMw1pB`RF7^K|OTXJ}K#;81`&}YW1 zkmI;t?^MPvAW$}+n6w$z1@9G(IE)R+QZQ7Mv(u881}Ym*ZA0#MSeJAc!t=2d)=QX6 z0Ed=&O8u!PW`W>yMr11C^VORfUfCeCL5lW&TxA3ZxHNv0n%NkM~v+bbGhxhRhajR97T z5o;H&JdwXTzEu|j1ZbkVreU>Or2JTJ45r7y0C>Bfs9D$#1;{~`9bf;U{ztdm zfA3x%euQGvcrlnhD8#5(z}qoPX{HMbrdVS36l>d4PL}>Hg0BXf3|Cj8jEaY`S8G{K zd>?GuE066ARvOQFp(CiD()|2#c(Vw-@d0T^d`K#y3yvZgHr-L%61=YCUs3*+HRTqZ zjJHW;qg}bFJuF^x4R%U|QCGsxHC2%!vuYKCr^AdqoSxDJ&>3+K*f&hfG~heiWc+nZ zQ}^{fn1cM2L{&}4r$6fasDT7Wld9}w{ZdN{CVnF=REO%>;C(h=H{&eM1XtAEr{azm zptY2B3#F%w;-np30`uF{qUXHJbz!F;LClg`K&^uZudxN)Ux?rPFp0lgMQEx5?q*kp zDY~B1)w6E14s|WaUzr0x5_T?wy>Ng}GFsh~^Hly(%1lZ;m zXGd%*7ZMWsJuP+?fFaPc)1th0`7-i7x*KN+4iQS-)cz1&Ni8u9Djiuaxs)m}nDxiu zrC8FJUajd0@R0}yUn|l2ab}_Vz#v<>4{pvG%xwnMxcuQ|6l=E{I>n}!M?hFc`tLNzd6K4M}ApT$cUJgda{};0}(9<*jH_-n3@;|KK|6i*l?1>2C zw!3XTh20IorPC^8WRR?_rAio2_2xdXgMn41-+Q^$-zxm43&kTyux4`F0=2j!Ns%1+ zCbaRgU+%~K_4f7ZW2eXK^WtUUePUstNA7a)v(@#TP%d&G&F%g9?QtYWRuAv``$NC^ zm)^UBySxHsawL*diG=3q@#Xw}+b@@yquZm6(bM&Pu=o9bYt_=PGpRq6Q+;_iTyyzW zTzv`R! zt4ia5<-c*dq46%|`L1o=*9dOCJiqPZSii3xdbptgi1i ztWW1@GW}z(W@>jmuCc1SIlVuQ+IxBCnyl8$2*mfs^BXw@P5L^y`nV#*Qav!Gqf#=f|EXQN(D2O)vr}9iDK|<1Um@nqgX#9T!wAd@TG< z`<8xuQCQI2uZ#SLQ)D)ji`%f zpLT=D+tL5(9(>~ozP1_J-hfL1@efwp@1+)O)@dR;!Pn(|$;w8$7Y_I?9U}rLWSUi% z79#^tj&i;oFkz(N1R-3LAMhIaCB#GGxNJh6X*P2i*z zB;$!yO?bdu*1fU3jN_DXu61TYZ}h7X&^K$2v3p+F?0-gVu-Fw|&}B;r6@Y_C_^XA% zq_TDe1hLBBKgeo0{wo!Ec!JMO&);b-R{ji;Tf9J>n z0RXnCQz9~-=mP`=FzVe=7r(fNl~T)2-|5;DuE~7BpvT#zs){L-2e#_K7M80FO+nPh zonSEV{6=v3lTP#u;x~;>oFMY}b(`X>8Jy7n6DQn^`znQ(GlC$JIq{@V)rvSP>H}&5 zxm#5fUWg8HA8}Sv0OJ*f=NXgyq)97xjjTTqog+h_^`isnC(D+`Wb`1%zzqQ(PmRPv zS^&1g{=(s?AUyX)4mKeE(-dYB7VwB1=fxkK)#*6F=DLBMD9-Q_oj*bS@kkjC85BY4 z4R_t+RKP(AO#=R2C&eJO${~G9X*c+?0Lb7h(Z}6D@)3>4IAeGn2YJ|%dZO43Fdo~( z33L{nK%`7E6l=_9Bx@hzF8uu0dta0qjA8;<1YC1%*)q&+QZ%^fD7BZZYj;Org&4wH zTGUz@Z1rG&c8nC~wA5P}tk{PYl^=^HnZ%r^bC=MP70of!L1s3qz*eA~LPq?izRJ&p zy9BOQ!KjOp+OU;!4^992fy~dLa#N0^v&B2 z8uu7f=Mr5tt23Zf1&f;1`C@wx2{?{O%^PPOPVs@vqgZ+j0BT4-1|!0nsq^rTpkRz% zOu;VgpsKu+dctIcu75RypyOik-lcn*NtZ((<)K{G+oKwuw%8_*%%ZaqZq*`((} zh2P4c#lqZU@;RidPD%5o5sx&(Tmvs@l~S7Hi?xAwDVSjSEXKsD3)cW{p{J!xx3sas z)ccM>K+eM$!~Q;VE^J)DmBQ?7J{;s)mzTMzO5J2}(Z&^0eHazGo-r6^bBU)j^lG%6 zBj5u49V8D|W6E?{@t1Vn z1SiZ*+!{7RnL}GT_QN<_2)2_Q;(~ZVrszwOE@2zRDlc@M?wd#LqnIAT%b0`r)hz}V3;^6x2-dsX4B*v zWK0x%D8BgG8#q#si_ zj#+|)Yq8ic*z1()2d8XlS>9ENhId&?fFBI~l35x#i|F>wp33|HbDs35b zJ5lslZLv@v703sVl}DR^d#`xzMI8JP8DR4_!%9w_F#&qF`DSsTlstD#+YBH)w#}Ra z73iO&KB!Jw`y5ZQh(Wl)gcNPEGSazlnAf;$3BHo_V@Qh-jB_V8;9~BlOi^2|_CY7uHY z3gWSZpqO`iBGifccLuozux-c&nn??>r# zbv7&rSYoT*Q8=QAy#?2Z6uvSge6F zd79!RpbmXH-XtwGho^<4DTa67CUTmcnT;(_ZjrSxo3n~@LfwQZ4UEnJ*670>$aVac zL8#_VQ{d+vTWf$98+SBCr+2`^s(|fOBZ(!S@jy*Kk;gQl+jF*pzcw@d+g)K?&G@E% zynn)uQvG%>mXqS{|1bffbs$wJJ~0BI7xW?D<@v2axITbSg*Zf=R)K4$FxsEZlR-JJ z9E9HPF)bkM5t|o=2ImBYvcH>>8-WI9UGe*O%~OhLoiI@9tQtB>P325W>K=wb8y8QD zcvd_whAxvULbdh62|BY4mecpT(wU`>{gs`1;(r z=|Q@r`}ut2ODr^aEF^hZu0<)DZd4`Ycsx@e4!)FPXC2c;p~2}mF$>|%Wa8LhLJQzH zX_QtaAvwbkE6eSwk`%gdnqOpBRB`Ey1=s*KL{w4nB`bzt8F9 zsyGnjq+RDi=ZZr2FfZ#Bia}RMSrM*`!CkjMjV%gZ{xTOb1pGK4qiQJB1f7xN0vu9| zi>j}**i*|Hmw|tWw$<05GAK)OfBiI5i@R!lKt*XI8ta?Rz-fOi-OO~^$|27rn6!Zv z8ebPqQ1@gC*d}%$c@mFFo~Oz_Mzw0yzD<6N-+)gG+6eC#5HO=ss2!mHqkp=$W}!m6 zp1e7&pys6v@w~ky&Xs%Q?fuZK{hWPNB(sE>(D3D!&D;ZJJt{$ZB^jEwbkL;u>U31N z)nxdNOzTCxCci1IV!Cv_3=RrNoN2)U!*ah3)|zy;M#h zY?P?YXij$?JL1wVxu|GN_xJT_HoC6bF%o>tt3dz#Q@0nY>L0(__i4dx+dC0>N9HA> zC;u%UoW8D2ezN-Mu@Fxq2AFzJ_BR~kU$w;l0k{1>SnR)m8#BZI7r3$icS0otJ^TL& zqjHL8?H}=o!_5N<%&kl>^g}tf-!Q;JM?*5qssA#7kNT@Wql8e1YP zxwFTIm=fQ&sk0fl8UVZ-Rk=ImpPz>wKJ}dJPYVaoZ_cO2OlVq=1>g5*`n9vqT#uFx z$Cm)8ZqKX7?WwC|^@9P=?6)t#(c2Jyg&egMKKP>*tY@L=EX z(9jU6u#(-aGbnki?9-PV*&g3hBEME}MVnYwK=CMk{=mk$l!RYtA$2S-pg5}Ae;$#- zn+4y&@in4g=0yP{tVPRT=v0Buo;*jb|V!oPQx!&IzM;&EMn3|c6^Ob9H!2Xd z@xPbGX%W~ci&w2Eb@jw*R3pWW`$1V6A0rSo3Wm4BnjDDQhSoa}wF$hn#%<+UZ;IQ= z^V%M|kz=8uI;)>QKw@E1GZ}`1f>%f7Dwqien)d(hPDOWfA@l-lZEvV!AK|=aSdmDI2z`^ z2AJ`Y|7{fvgOmK;*&hOGML;*$$HCfzLHIyAG#133s@l*F4<=(JiM}6kCqim4@w7|h zrrI#e{IdEXYrAv*GG$OjLh`J2&1=@@h%5HIb=^(3&Nkb$og6jj7|IK=^KjaX2mai3 z&^@89r8t#94ad+BWQgnZBDB!mv+ZVRwL!aV@7MHn;2uX`H1#(W6^Z@E z1*#!jfBu1yh?L&Qp9i496>8znBD{gDA4b4gV{lpU>4F2$1I7G9X^>uD>{o(&-K?!{ zb8Tk0>@sw)D^fGP-YL@Seo7DzaB7NXg+T>B7RuZQ<-T`wN`>TaVE1Ane?`7I#Ce4J zR0VKTH@R?pZgJ^+x(SG8(1Zv5jegXcNt6mMv2PZ`Q8$DUWh1?)7KA27!+afJQ#SK# z*i2JBElMdwzKC)uVWt`&g}jYKpjtn*d@Wi3_*TDT$BZMIe? zia=EyS?R;jhYxa|?6P2h>W2CSn}Ezyif)kV6&#{6np>kOg+S8fKgz}k#r+UD5GoRd z!-S+y;6D6q@#`l3K@yrKLRKmv1=Fb6_q*9{QM@=_7=3G6EHq=z{`6&67$C-3t8`xbEG zOGx8CII}nK;%#<@1R$Jsv5+*@3pvE4Nl&eUR7S~K;xUM43P-GJ{Ucwq5Z_T&V9fPm zV4MZK%X)8&pYDzLiWm66=)`yim_PG&^z=%!03c=30D8?0P0fA3QB;`nY?U1ce%EW; z$(fNLnJ(zpH#(ZqpEi$eTy8t_hUb@2Gl-pb77QZJ@~CMYDX0mUid^8Q*AeS)X1|2P z+yLyGi2U@nx#uK>5+?miSReOC!A}vy1>kYRyk!cVQI%EpBy~`xslXZ*Us9Eq*~x z`_*Q-3uQ{!TPSC4826nZuUf1Njo%>#qsH9}RLk%)`2rlfAF!TD2goH)`KRyC_0xFo zeK&Uj_f258aopVy6K2b51Iia}_;?29rdTA=VR?P7W-gvW;C@=ZQXYBo^E=B9PU`jE zqFd^@U(KnsOD$1}mUlLaccp@?vBF-2z=RR23iJ&i0i}x8qlVGw zr#7pty-`viGa3;NlT#<28txRf>QXIbs{4x{6IV~tPJT}dt)O4rYxK}o07qI}>%Y^t zjcmFQ;EY-tVuu`TLO>K<{%<+RjU3I=wT>0s&n*LS0-4WFc^j z)D;@0T(A7%d$tw`kqU*cy;DNGfk>STDmv0j<1e1H>Ch=K9HpJS!eLVj(7N_BG5COb z^pi6ZJfl>c2^m+XM4KY8^u3k!w0ViXCYjY-13T@*Q|^oPV|Dw9%rGJ$lz@a%C+`X0 zP#(^a|2ibdr4q;z2+}4qSAIzm3m3tbL2q=YHM}R=QBV`(xvuQ+21 zF+U$rhqAt}6L3E(Veo;Z4s@xSxZwVWqYZ<(Nwq8!*(T?8w-r1BX9$Lw5~+aVhow-I zf8Nl=#v${joW*=dG87N1kb@^H)^Ln(IIw67=mQs~W`)DM3sNhh|Qx39Ri0+uY z6Bp-n7DR8+bN|UM4v!q}Ah8ll9-g8sN=LC+l6fY&Id(>f`fN89`axkj1+t1pkB#dq zr=1fn`0z1?hHcEI`Ye^qcJUp zYAev4WhOvF$MGluxABHl2FDO&c2Ge`b*Um**#qnXj!F&E@+)U|^Q&ePA%_dh30`*; zo#ZwSotmk5IWjq%M16xZ7)I4&wgeW5VdRkblLQGYjrCa1*h9$jA#v0YsfW)&&#Tgt zN?72}2h5iS!dk|4C}>`-qRN+MXo=w(3sG*4i3(lj<*WfWc(1YUS*@j@r=cbc+^gd0 z+>l#;B^k$ov8YEe9@c22NpCp+k-s z(Iijv&~LCYWeBbKvwC~3vQ(9>OnH2=*t09j#&nXxt3s`L~ta)@2YXWN$fIqEZTF7}l|Fr+VwnaXKq;(4tQJThnVp0x)r% z_^;=5whOSWsg9MwQL0wI`b8ldd8I4H&5FlT_iZHvt09Y(e*1kjQ8_HoPk;Nk-BA{O0)nRZF+Ngr9h_z<1SU(Vw!O$$YA$FM5*ux@O_!Yy>QwV>Q8mXAQF9o3|mGpI;S|L5p6%Fe)-${)@_n7s=?QuygtK?qU8GM+sD-;8a zQ|2<8?WHrt=gZj_udY$BN{NV^Jed2X5XHlgo_@eV-=? zwCa{sM|Xp3Qyva7?oUW5Jm@CMf3;fDO=!_)orBi`7SC5!Odq-4Qwf>}i>&COj`4vu z4X!CiaLKCnAaWw8ch;tv@oF zH42jr(%&9IgDYO+LNw7_1z=2+uB5&+aI6uw&iE*c>yaWM<;dLThc$1E6UN3HtAHkxl~1h)oaO6xak#ICxMEiR50F_n zZ^RIo1MwLhvN^J&}TCSr=IUAPOSdXXR_6RXeIXhjpE9{?@Lh1K+aS zZN(dJS_lxX=*H94|gH%IiOlioD8E)F-z&Y&$l zqn1C!3Lm*HHuq%G-Pmoy(g9PexlRlxJPoKyXLs73vprq)b6wgUuf_a(_t3nn$bJ%c zoKKKq4B6U67hF|;v0UhAL{_h!Ew7xfMPCRTQ8chihiT5yxXRe{z5{?tnf@rgHWj;{ zla}IvN8LD4vBJfwtCGA3vian1V>9oe;RxRK3Va+aoS|`*a}~Lw1Cm=# z<_H_JDQv7?-Rd-q9A}U#TEOY}(*tzF#mN;r25+2%;W)3%MJ^+Z0kb$Sgrm`wBOv`;<|oCK~@?UbJ#iJmw4;V5)0<6AsM9>S9Rk`tBP9taTAiVZXnraxf}KR ztsA36+3v#z@~~~LMA_%qRQ!sor6@b(2N7;H%TOo!3n#+@k(1cTmNF}4w~e#`hof^bQT8yOd^zoMc&c>dEldf-6&=x66fnlVW4rTOJtq zk5WbEjog3H#>4HhSx^DS;Ru_^r9IfpUY|RNRb(Qm7jvaM&ELR^fFmGaCBb^t> z1JrQnjb(V;b}~8Xl_b-e=f@fzPFXCWA*+dO^J~@O2c~?{!EDR~q226eG-cV>ANWv0 zcB4A>PE;;R?1hE*zp-!rnXKI0=Uan^Bfy`th4>}?q_+x-Xp7ZsphfnrPL9n|F3XPC z#+1!zQ*%O*n%|&l(GG$y-e;+w?hGaL!c%S3m*_UqdpuQf)J1_KeXd-KS|r@ZREKbd zb3L!eg)dE>t|W~Lwo`SI2ZwduVJ2-v#8vjAS0~qY=p!{PiiHJR4iBJfk!{l3Zp;)m zWM0LA^Q91-k5xB_ovwRGILKMND6o%m3NU%mS1yeM%2B6_sj}y-jX2rultmJ_dlf+3 z6{LSoatgn0|7yJyzx>^J4f;`3nA~a7xW&Qz6oWY1Ap-W3dX-38a?!r%Soi_rX;YQ^ zAA5=a)gJs$FOh|w<9`V^7#P{<|2qkUk)7fHfCMt6{j1JyL-P1;Sa~MAgArd7{^T-Biso5eG9W@i5_{dRW~Phy)4haVPzU2;%ei;q~lc zhxhw4Wv1jKMh@sbqK4@h)4-K%ftheIIjlDPdbe%;CLmkI@4{cqB1 z$h!aeXs^+%RIXzyeSf%hs3cq7?T5sBG}k(dHePZU7_(Rczo3ie^g;n+<+wSi6>Wra z^oMvE1{S%JyHU`(Vc2?PL0~hP9u`3>!aql5y5^Qy4 z@)=uS_O_rQw4#S@bQ97%rQJXz(uvgC#2*U$RPe*^aoBbA@e7aiYf6S_JcRy}mb?0! zmiMf&_5{n0U=V1bhxs~QNG3STgHVtY>rf&EWPbJ~_e3;EuFP>pUK#>{U8OVQ88Z!! zfb{s)^i=|mz4tFYHa=h!xyEOfs)Px^XS(rHK4Yyz1DE~eii<`8px}Y#Ry?r{hg{0~ zF-d{7@D0d6V^WltORkJa6%oIw``Ys$)n68V_t9pPi<`LHB z9&8(VcwXdJr1A2Iq)^-9bsr6^Ahoc^a>b~$wZ~=r5;{+^jwaj!3_<)#brdj?Ve7Dy zYIPO3Q`G|pvnsdyP&Q->07r#sW;RHS^wy>&svf?pQbqhODa!0zptl-6pr`wdKWJ!(tX*W1~h%>pMmyvID#?cZBKinM6Bgft*yLXHt;Df zG5*xih?;?0dx@!{Y^yPQl9yMq1HI=c2m|6HfQfU_RCoexjv71LP_0SzLXHGtIq-YS zbDD7024#f=6A`)((R!wEay!i2)j(FL37_Uj*8i%{%@?r!<%W*rC0OXqjp4>)lxfoO zJnr;U!IAUt!mXP`#J20OJx2sPY(A?7(5gxNMA9ne35wRL@4`Z~z$MUQPW5*)zEuz$ z5HbTWuZ9%2$qCV@`DUUrdVyPSDkJpZjq~%F4#XyKeTE;$b?hz?Jed4lx-jbd`lOe$ zy|yo==d=k`5(C;w-qJCo({=Q0SiG=4JDxUyd}%r1-DQ;XmF}rVi0um|NJZ>Nt&*S3 z6A}S;*r)L5Bs#qqAVL)K%mtbT(O*>l)*nuH3Yt*Oktb2Sriw41+?dxLpmNk+E!l5a zP0-zMyqD2#yR7?@mOp!ik*65aXn9uj>jLBXU|}An<5~L?fC8K*!x33`pRWWGfIMzI zP+0GVEzK;k<4)he_zyX!)LHc^v`=a%0t`t~MdUbGHXRdUV(pSx7vH+w$yN}48URBu z4EwJ|gl}y=eMMYfdR%=s*XGdJ9R%Zts(^6#+1$dlswlAP>_ZA*cNVDz#1Ok0>#=S! zn}kFZYT%Ysx)8)_Tm5Bs2X-)TJwySYiV_V-yMf6W%7XJa=P4)6Cl8vGD_Us1F*D;VrBz|!5j8L4 z3fe9$Z|rLCCBu0YI;)sntKQS7vHY{jf<85;G_D zK8qC_7e2_(%nk;TT?gy~4)dZ;Zr5zVDUcgrC3D!I*dkq7oi5j)h!wxYUNahJz^cd2 z3mdd*6BI2-5>PAK#7GAna_N)$ZqFNP)dOn}Uo6G<07ou)5|2$CMM0iL;BZkjXS}Zuq9#Q7-2k3d*GGZBXnjUQo zo{c(ZHKV4qZKGri>xgv|Vkz21l>{dE314GhQOAAjL_XA+oNjch1!75hnZJVr zE0F?(O(Rhc{wRL2)eo-Buan<35qipHe^=+E3!sZDF zt9C@I9p}~)J$y03V-C2#s2pVH31an_6^>L^WVcIAtfRsvEBVY>EHvk(iG=Wcp_aBB zh9b|@dSTDj@=hBXH4aLYg@N5-^i&dR?1|^_GAztE7mj;%Zb>Dga@a9a_iTrjUgS z*@|1+Ph~>R!^GsR=W~Pl&Nqn3B2Bmp z)}+B$WiK}@{iuy&^EiXvv{7c|ikmmcbZ3g4Bb^flDK||CKvuMn@h`*B6rew#{Ud0p z$q&RYATp(ADdtn9rf35&y<|yHEZhqp_^Gl!f3iC`1lcUI6Z3@cc`fW$#=3~NX2eG8 z73ivOeI6!7v44)BnExFdjdQ8d3VK*T4X$O_8}QM?iy#`K8M(F3bc|&sY?77`n$K-T z4xYh6v$t-PUHq+hue8suavF3qmO*2v+!+q4O+ZRNJs+BH+!xh7X&;W{FCZ^bC%j7A zkJm39D4O@qWu;Cz-Vz9@dJepEK-ux(hhgJfoKPzAM{7KTy}lj|Wv20Gn9Ip~xWG_j zKO{CIT_{Z3jcPNGNrx#>Q^rXiAHmLun*2aEab7ctBO3RrSAupN_8tLwD6q>!k4b;v7bWFfQgBG#iz&UR{%Ft&8% zjGB{w!E=NzbN^l+A|=qoWKUvNw|-(#OAS#X0JkNB=^`aig>cFP_2rxV!>Hw|Sx=!v z9Uq2%j*ub6=~yjq3Y*tkmw8(sNAh79PIo|^b~y39S6~4D`$;2#EcaV>OlYP8G>^w4V|35H1TZEG9v>XMiU0miB?iu_C7o+PX$a1eiu`LT9L zpAHJ413F}%fijpb$K-_SO$@||2TZh-23rk?QhBfm-~^3=7_~qC_9|RrHU(ZeS{M0k zVF`Q@1h|A-#lc2SV4urLgiJHBTd~JVH?a~_X>=RVFOAk&VNcQD@ShzMAE!BN|3S3d zI_os3uIGi)Uk4s&;}wP{JnweSj)!&`(pEco9Y|@F{5KSZgt?@BAg6f+9wv)Q?S)TZ zCR@VA0~3B{fPnf;f*UdO9LjGVUIm!oee3M>4tPc@yrGaWYSa)wQZIWq*i*$sT}RTF zAC(NV8`pkC?5-R*0t>cLy!haz3aMfa>v4?iLFG(cxG7o^LZmvfH5WxgMJ{5|I$IkZ z!N{BZFAGKWK*&_}NTWeRT%EJ&m+H8b`DYj50#Xm9J{^96)~gDu+naBJ*sIEDN4KjH6Ph$SE^;;0)~}^+5YnSORlkfPY-xVYo(g z*A~P|UF-v`9iI^V2aqwz6o^`3v9QpJH%;aTep$^rRHV}p-6#i`VG$ECAYpsm;l04H zT{Vj{uL%pWdji9rWXq}6sM|kxx+(K?=8e%8uk-_#SOX2Q!%a4P{e}o;5tJ-Dji<2k zZ~Q}l4Qhzyalv$ZAs7dTp#~b^s@x88I|+Q)lR$8g3?X-}>kI_P$F_)?6z5uJK@wsd z11=KDu>N_jy#wH&cC=r1#a(rY_xC6M;T2Jh`@b0b$Kcw+Zfh5g zZQHhO+qP{xS+Q-e*tTtR#kTF_bi1slkWQy*T^O z*-q*vcdx5iWm#rtu7hzTdCh%p<+XKaH z`FjdFa%Ysd@A028$=L5f%-=EX*^2~|!&43q-j3hTZRaF`T{SC4*I?V5p)Rz0$v}Hz2*Si>Znq ze-t@IuLhkNLZM45>Hl00Lq{Bo-?ssoOy%0xbfZPVCF9n0d3ZduBGr?d$jwCt^@$h=Yr{*-Ha88Ri$o zOgM=Xp-S(F>K8WQLKqLkB`|ho@ltX>oFdWRgMAE<4RV~X{3cvC(4(Wtn*!$&=$lR; z_W(gg!FZxoR&q~SrEv2fXRpt_Z%@qG2Dk^5xHE!lCq0bv(S8c9 zA{&bOoB{SX!^}3s{g~n{r!0jx*0(uS-qoE1Q(X&5wtD8MBke3#`>$ht<)~pS7^ycX zguVHhkpS(H;rYzID0keci!a7NlXhQxRdww!q0S!RLsmOer`V6{{wy)mM#dg?d5)~S zZR?g!jZtB44l9_Wu;+!txE3^4mCK3JW0NR?I@6`t0KKRvS|8&|dtGB+fS{pq#2pg0 zHO;)3aVj;(wbUQA5?$d5L7w`2B9YL4IO=JdtODijMM7QmqKuW2X9R+Hvy)g3lV zWXU1)Flw@I2$AuWUE9)uA9*?J)>IBaes;36b5LznV$XLY~kd+W)1B(E9r{ zp~0ML2Zm(67CDkKmnxfPJ77KUSDJ{yo*&9$fLcFhXw(lqBeHD?9SvYibMmuA;xFONKzq^B;cIgX!jwoXLf+9YLMn{&%S`~ zX~w!TM6dwg&c)cCK1J8MZH-(;L0i!CMmAXCj9FE})if;EUuewbW#2daR{o(dZlW7j~Y=rO7?_IVCXmmQq%Ql*-!UG~M$><*1lguQUm|+Vm_jM>o_wqKtJRJ;swI zsXU<(mAaDFT1_zmpf$KqDu7$jf2JwHT(TBw!!9Or$HtN$Fn9W>{j}v&%I}NiPH?>k zm}>5>iGyB13LlFfPa`t9!WEd{3VB3-lh(!e;!IU=z3d8*@IbqZ)=avgDGnDxe#F+V zC%V;ZufdnO{;@Cqvs1M_VI3QpqB{u zg>+31&PJLz(I^dngLGDWv)*1%Mn9M1d&StuAM_T<66s>}M2C_t6)dl1{qQRq;@p|Z zCa9S&*{)ZahG^4SeiAYZ*_t1gOD|3oj8?W9GZ(hrz;8K;5K^71u`Gh(G?p^` zeHfminR`58>e}T@ZhE?YKKH&J!itvtLgZy}v({-q%IVI@9vGBM2hx&}*e`LmHF|GM(!1Kg_JvT?MwcvCrv{$nJWu#Jz*mJkZU*pmr$& zO7YAQNB9`(#{aYo5Y(#Fy5!=PpJPQ~eovbMX)MiYY^ieDIkiV5&y+;nUS3#c>pjyK zn~s}h5B8=JWaH9rlK-=tUlgFr;STI>to!>x>3>hzTiMLL>B_x-N+*;b{xCgxZYJTB z)I~XKcRyjyM%`TZy;4nAWGhCpCEH6#bf)Q#T}SlOTT52^v0OoLzIt$4NuCrA;S)8v}?iH#_W*(y-d+`yldLK(r4IV z2?9LI(TaFSz4_R~)OuEehxAnG*tGh*-DcR4AsGTB5Ld5FDvVgmGH*7&TM~%R_Y`NH zEazUdkEq9WqNOAg?y_+O0ZKT{uGlnh(5dWZM)7b}`P>3fnpXMY)uY|DwF#3Ije6&F znoOf>7A6d@lI@N3_i@8vKD%=Dt|&{9GMD9Z6I;Hep|Bi!^^2SGPKB|9Tiw0u+A$62 z-BU3JeD(Ga*Xrwg;~nx(Y7OoDdS9zhuj-wPgwvOha@FF52F6C5OPj;+pd%O4U-<7K zlSgtg4@)MJ{wE5KnqL{7Cr|W6tHceTYG(-I1Tw2-1Q9G#lgj*WKp7o4P{zc3@**T5bE&^wQKci`2}D$uLPref2pu0})z})| z<7A*U_h^jfhv+^+K zSHV&yq&{7)yZ zQL1=sBtpbJF({f>;%I%8_!a9bQs^*tui{4a(R53EKag!~X;AOdOnS|M|s#&QOdj z?Elf<|L6RFQjUKwa{ey{X;)gmgEVot|BgAfR=S%CF3P_cuK9IRgW*TR55}6W@xr(< z@AleL=0?J(x|NzU@TD78R5CH6BnrLrg%FJb!}RiZd3(Km_Qu`(Ja}^Wy8FG_VuT^q zZv6iJ4452KgOl`waXT=1cr_mS9#}u!pD%llp9Wog|N3Xocf(HL2RpH00DigNH2C1* z2ft<(e#f2oI0#wnvng6$Tw`Q%p5`E?XDgPU-=8|7u22+}6p`Ui@tu6-U4OLynW^W? z*4s{+ArGE>S~I1e5WYtxoH9xUn1V?JUrgGa%ukf4;O6gErJrQbKoSIjgv=Zfl?OK; z7^n)O9lAp0=TkHeT>LY^PxctN+g!bc_*e7TokEVLFT{Y6?WPiH z^>=_w1?=RPbh^KVx5QAw8;@=GXzcQm$FjuhM=4xoPh3Jxz-X*{;4+?^1`(CQ(lTOe zpt)>j%LU4~IME!mI%5i=Mx%?4db?OXVo~IotDwdQ$g2*XeCsGQc(@(|q$T9Xw;~WC z-j6J8P#tQHmKBNz0Uv7VA3fNB#MjV1FJSoVu=r4mVUo)dErGelIGIJ#OTj?n=}zD* zZ^AM8r}ScVf8k-a>-m7%Fa!%S&WB%lwhB&cUj$t4BK-bwO-Mi^(ce-s-pVow7ncsw z%QMb#Rra^c_{uruwIJ^owRv&$X6n?%e!v$_7FRuun@X}z+X4y?>R_75btXS0Hi&Ts zZd6p!O>A2*60?<|JTd_7a%EL1Xmnthnk4q?_f*YhGmAD7-dW0!=s#GX=H~7Azu$fz z39ET0F11)$F^ib%-O)nXcbfFzf7@l=Iv*uU!%$AOX4vH8x4PU78O3UXpOv(mU$+Dj zC?yDaH0lf@86Nw%c#?^Zmn`mIWvUcW7n?gyu!sVT9ir(1v6Um)ae(ELjk0re6f0%_ z^Yx1CDon9UtF^*fwSbNhBuN1noq;4B_v29W%8Mc5FG4_NQ4#6_tPKZ5;J?@N+O+cz7HMCp@`|hN3bsr{A{~H%~j$?0BSpN5@~+K#hqW#Goaqzj_djfjx8#0pB29vIBfDh5~V( z_>@V}UwzJ22JwwpsOm5UHhh^#3p~78&L1>D_l7O&cT1=`#G;=YZ)0?-CMouN3;bb&Ox#j=n);Tk&J+&74qxZvL^!-&jo}aQG^TipnN9B zn1J|cN=^Igap4Wtu`n2U;mQ}_;0Ev}mjQ{PRVj61aAi)7EyNs=yO@VIy)C$%Y_tu_ zCCy6u#g!Hr%{gHCgtV!kI*GEZQB>Xe@%&4~i{C(TIuOe9Ioe0DsKh7?8yhI$o&RnL z%f)7$xdm>+)6~`w$arzRYuLYkczFIRg5%(;!74pY&QfGgSVh*J;+TZEm0Uk&601z? zq7t=<+dyYphZ!Jes!RHCXMkk{x(nq;$j5DWC2#|uXdIDCrOn(L^YYpR^h)|5o^!ga z20E}*opc{Y*()Rm?E?ipMY48>kBB3vn-=8}SfNK8cYKOjEHqh0XeWuQ;O7zy8YBHZ z&ynr&nP%5kmC_-K`sY6l$l>wHIk*YyFWX+Ce_@GGS%|R2_e)8md1m|=;M7xbP3tmo zbS!zy1FXE?ltViQ%>Mjy(`>4LVcLGG+gU?ticlYz)=6U-W%emWRCw6TK7I|2%WBNH zJ<=JV`Q3N3a%R7|#3C-%&WaBL(ySBy$M54VG`-3^PRwN7;ngBKF%B=`&E1AFS_Z(d zv>_MBy17(^l()EBghMR*o|EKV@5wyMV`ub0ial3_PUDnZ;42}RXPA%6_b8C!7W&r<5N9IMIbjaM*`uV=* zhDQfovXRIjia>gd=tr)lm@CT*rT1AX}3^&m*I#aGyrc~W%O;_7O*jND+qRrAjq`a>w zhEKe<6k9IlFzX)487Ey4W=!?z%`>s5C@{PIU-QtOfI`&SK{J4Dc!~n)`eTayo#RAa;%59N zl>JYx_cv8i3%{PP-wD4_Lnm)_=X*mLEsal7V{zrP-Q`khXO^Z7)f=>AIFn+)#ePmM z-R)(^dD%`UhxZdRUG8~QB#NEIx|dZlfjM6`a?{^*FT3)q0rrG)j>+3DYPL2Yc1+o~ zUy?pviKJ-*F?WTNJj%88xSD*(O+!s#CV;9l6%QqN* z%ePxg(Z&U?AgJI$>=hN!59?E;6ntc1a&PI?|IPIE6?Th(Ifb?Ig5=_34_>3*ROo-= zyZ=VE|Kd9qrvIxc%gXVe{_FpX?^rqh6QT3}m6p@2B^`&;ir8~gYazf6%zWIq1`7lB zFC!-gc?et^`jFtTuBAvIf^;Jii2R4I3VhrsX{*tggn>tkP17Xd>Agatd3Dglg|2(SPTihajUM*bq!&>;s`*A}r>5mcE z>)QJ0KkWwGf6;f9Fs#ZwC`*fJCKRdB<51g3n~utg`4L@_mrr1-K`?8CA6(qnyAbEK z;N|J&r||W8|JXV@yY2+-KiuD>?avD8;6D%Y;^+wS3hvz%mtP+Y^M1cwE#;q29$RLA zcX)l@c)-U8bLGj!d(UoX{N5M(T}4ZLeIO*es!i-c5=UA5ub#TH#5ZgG_57HrgAV0C- zb~|TyHNP{PH07()chDgBt%yG`oH} ztcQoiI)ahNTv1ScOgQoMaq~7n+^Hh0(8EgC+w0|qzBc-O@1*rd63WaQ>bQD44i`44 zof>;XO|P}4Yoa-KKRS$8Op(iOXwiW}Yqr;?i0&Tny%gAHMY=o@$eSTV`*O-1H<*2w zfUB$Ehv{@uj=h?>25+2W?Jx|>n-8_KzKE&FG`Omt%irz${mCX>5#?kiK_!NqsQ*0J zHI}E9@WL4G_9R0#xry((o`rnOY%DP9%j-0yd5p8%pes@Eg@MdfZ&SP(&ME(-SVJ`{ z0qBx#6gdPTpV{w-Zi5w{Ova}3p6W`if>9R`=Qwc)LopF~Cv8G^=!Q~z5O+vg`S)+3 zXa5Nxp|vDSWrkoP^#=lv^_XFWFR72#@daT#qX`n*!i-{{NeZZmcMVvUb!2A<1y(u-1EN?=Z$#W7F*+Bo?F-LyDnR{I(Iq^<*v4=% z>Sz@MP6&e8>aw9|sSGwe9O?+ha-JAHPXLCXX02OsYh^r5PFpVgCD?(Q{Ny`j5~$*R zwlg7DRMZK6WcCbAo&^0=aMbIj@Xc@;!C_i`J4HU~-N|SBpugOyUvJ&X0z)$lv_qjG z@{Tl(-p4W$EiQ~LsyHnk?phPI(nji(G-&o7aQSQsUvDz-yttZPI<+;u1(Jg(nW}Rm zdh4lO)`G1jQMSEJpt1pvNV3GVI4#tyi#{ww`;gj({*R9-RPitYo1>-{qTyz4psnHW zPba}i%gkHM_@)~!;&FxEETwu(>EVK?td5;-`j?ML%&uVO83XLV1zLz83tm;Avz*Z! zyjAq?vIBrL2A67O5F-hK+hvM-zW`7JF(I(fT0aIp>b%QD%S1&X-e_3PAwyzUjLEJT zMPJwtd0%bQbvIr7+?uSX?H_t-K;;Nmt)My6d=Xb8m;g_ene!;D-}&SVkmUG%*f=H5 zthQN|eXvw+h(;)V$i10eg}?*TWOSiA4Rs2eVvN~+k_a$m4)dhqTWDiBmI~9i9e`ox z+U-$86sGu?`XtaEbsksjG}w}cgOPh&>1RtU=zlI0nxQrG89(Lbc3&B>znG>LBX zQ4w0fiEf!p?}#NXN13Jn-xqgad`U*q@lNzf$J-Q6b8$`*OH{$-X%N!2bHAo!LSJ*y z0R9k)#^eX);Kv+Mh*^kWga)5`<=+qR_}?g_Y4T{_DCS9VwEW5vJ8v@gm`fcz)s>ZC zmz@=AggU6-kv_!2HN=pX(bc}=Zq`B#TUrq|t)T=P)islDl`{=nR#i5wQj{Cj$IS^* z^=$2(&1o!?M9>iJ%9mZ>FEVRo5qE4w69eI#JRmkzT;XL}X{6bG zkm-O{R5g|m0bGJD)zPDF2|pmS0og&ydIGHJD?-~x`4UA3hDDVo!NqSAroN)9VQ+|_Cc*sDgT7lAA3&3e1F(j5_xG@cQ> zD2tvY5)7LNfYbRHK)Dq#xO)e$4L}_iX81(_6Knu6bldkq6uhFZHVZivy%YggHh5P2 zjDWBj+6gW*@y%TInr$>1G*FP0<*QwsS|XkE$OzHoR=G} zDTvYP(#r4lrPqFpxvIH(vr4Hy9%pvN`z~}etk_n5c=4Y;GgZxKq%iW(1y}3UU+;Fe zB3De#8h0!7zGU_FHa}3NEMKac{c=P%haS3Cq5EWyRw6z3uhrQ7(O_d{14r=^GY>77J!F!&1<<%yP8@*>4}$lA&jv z;Eg6yY&}!^hcm_B{zVL!+$CTzJaopZv{}_r`PJ<|lk9xVL~n@ykv;X2UMcOcmr8XY zp|iJ)*Ay#zukJ0I3Wm%*n1lBAfD(bfB=pUFxcIsM3OvgD0SY6|9{QgM{lB66zX+X! z{r@6#w*SAy;s5HuvT^)xI@JpH~`9d#DWB%kS|25_(+RjsG`O6@M4cmpMil zBTruHnMLSY#Q~Ggx9RJJ`(SCQH3qs_*bm>&m!+?F!!}N7KmGe@SS$SCORbfHmB)t% z*7Dm`p8RTSDL%VBjW~JN-8Bne-m+y^_LZeih<)uzZ}*p`mJwE|KtWS*<}%0)Kl=?a zwm(bh;tPM*=NVJ<$%B`r=ACo=ANFUC#R4w{EDlEc1Jj`&X7RSoU&qA{C2d&|Xv%`X zvDvUYId2a9JBysa5fWc==#CXh#o$;4-N~R2)>heIIyYqq{oKE|x?sdFE1B2wWlyfN zi#G!~GaJm72)^#gI&CON65-t!pLDrDJ4eYq$Ku>nidKl|i(|y~odii(ueh^#ZGTAB z33PSE&|d}YP#r2O3~`D|x%lSyG%;3FJ2g2ez{d-0Nl?Q?b-eB(^Q?7N_bc~Kpz&Zo8P!W6@aIn_Jau6yh|hPT z*_02FVIw++{0DvBD^hKYIkJj6o2zZb(^^7u)Xy(F8Ha)W+$D$rUsT$h|jC8DKc zJBE;V=X46&0ti{+1}G%a@Z*uy=s2>Z^c64H;&pg@*d&*mtRx#utPqQ3spPSsp|kRD zuMANZYlFOI#e=n}(m9E{{gn!u9ZE&)Gh+UV;a;XU z>T=UiBSM~VsDg9^78( z56Tlc5>+tl(UKyW>+kN;D}J|dI?9lyfFtlm91#Ko17tXgClU>XuOQ#9FL8ZaJ2$+0 zAraTy*XV6AP(*-F9_^YX8R|kvf_lW`XY5w{IN1iH3orosgn%y->-*eK$UFlfX=Ol{ zpd!ixBmz1fl+50LuvGOmq_$!D^n|MF$Wsx~FoZ|7GTpq3l7`wU?Xb{~Gok@07o! zt=R%&zNtV7EpIc_+T`g{zEn@iFW#4A5CZ%`{QA@q)dI{ng$Q_Uh)g-x0+5NiL=P}V zQfd2p3+I(i=8UYas}%`ym^CCZhao8@N43|)KxM5dfR2jR+>*#ea}AtYxk8uNWslpi zN&q?}wRxnESt+gZ2UK`ZTGfGaK*|~L>cRpdBblO5z_DK$GS34s1^livQ$upf!pqmC zMic?`)@QrS4>|Z&T}@wnJ08Nzfy%H905*n33jTNDM#iG=Xf?a z17pg^&@+>+Y}J&0PUB_7;kt2hDv~y~WMP4rT*Vz>z38eXHTAZeNuz{|!j{4!o~B}S zDulEaQ*23wIePmc_th!8A?VGK;wov@G#3PIN?kBKmzR<@LfJ6FmjHuIlwgRH)KywSDzp%7fxg;}rn}lY} zLq^+qxR4>o=(9fwv%Q^n0q@ur4q9R|N%{=?2pgI9RIU`hZV>owO%0?NK;N*zg z#rT)z*qwJDO#2T^)m!OF`Y483h6vh2w8(dG#eGsNN`UwBBfQ!jpayol*A|(KCblfS zE`1F5Sk#v8Jv~xnvpA*vY}XPbxJD1paL6OpGx+JDe%NUx#TfceEtQcHj|`$AWqR;H zNbTN7cF<7^$r$8iK2U`R! z73A5@vyN-`z~LFkBjqtZ|F9z*9Dks!#$Jz#BZFBX*AmQ(=FU)+@gpeWsWYL}*KGz_ znXf}kJP#(R`=8qPJ|y-776k5PqM!6pZ#^E!g|)>2V8T3lR{XmwLMv*CtDO3;1(`g2Uy?pXLh@6M8WTJ9}i^q z)hGMhP^)PtTytnlRVTyt0-w(`)d&LN2n%es-Q$srG1bM(fY($Q9rb1$H}({XE9^g4 zC}>)$ydGH95QGJ&uf@$kG#F!o2>1%C;~}cD(@$v5PF!+m*D_9Q`lbhJFgFRE4Q{qa zJYmObxrthZNhw*01kTjv$k^2E%6Mz_PS12&oI5PS_-zT4^#z#^bt$Dho2Tm&%Be9a zAX=puo)s8<`CnvcbVdahd)T79RtH3G5o!#O|Bn0(kDS!OG~4UTosTZ6bfU`=dK=s# z%EkrR*Coy8}Jw86w4Yp2l#RV#9Cz}{aTs>mdFArV>A_;~w&=R`YE`BvY) zi8sS@4Q`8ZP3_fpF8BlY!!!f$IKz}Mk9AxZ>%0MHneeK-%@O!iFB4Ha3QUwzMDl{gVKFY%e#2-A*dT5wUYhlwDj9^LB!k6D5{wNqDKB zWmI{`rP@RI_IPG4{iegey~)YRc&|56?dt@kXcX6>6IgOXBd zpl7&Kml(_GVZu(wLGzVUT8z(DRf*JPjQLy9rWWe{i%+`Z^m!Glz%?>s-G@* zV^-XUctliHDXq(ehaMrlr?fA0S6$FwAOd;esr`f`%XcL^K=^fY2Up&FYfY z4Vj%kEB{A&Z6w|XH!!!iie=A^vP|P_?)e%kd!T?dD1fyw@^=;jy0K%GjV}Ts3WTX+ z!}nkhz~+6V6)E8l6kD>r`<^=BY(LT{Tio1yU#qEJkJW9Hkt`frD|q_4VKpne_Ztyrt_5>j>Ezs)R0M_ zb(%zBN@q@=Ty&mSpqq8VM)HU)7nr&mG^KZ%Htw6Z*g=IFQLIBjtCG_!hp|zsxsE1! zaO)1s^-#QRJ+?-oycO1sgiiFVT7Mp7Bocj_-qU^-@Th>PQ&kt$)4Jg{50q!6z_Vl+e{%GZe9RQ!Ctn0{tTzV9W zGA`iznd0^;Lh@ptjBGhOLIX2qdk6(|fP|YC#wf9JVc%RWPO~{{uOfI2* zzm>= zVqmv6Ou%$d$$NgcSpE#B!&j`uSA-9dO(e;^ZF&)R4=dnK0L=XET0orcHl z$3PQ$-=Ud>tV}#WFVLwLP>C%dctJSO-D#{SkwX4-}e8${eBWw8zlG* zUR4Ql=WKe@%@(~d?bEm52rn`|mDHXAF<^q9!y{eKrRgGGU ziCK9&yD!fa&<)>KKn?)pp2IH6bpEc&Kd;|L5j>fi&5 zlio?-ORE`rqIg=X*i(e~nQf38p>3XGOq!#*KSvZsaH6rGv>q{8lL!E19s%l0I&6eA zsTn^3(m9-kVV!jQNwEZ(hQ%o~-duC(F8VE#)JX$l11%2INP?3P#7&(d>e+xh6^$_^ z0k>{WXC+u=Ni2(hsnTkLjnTH&Y=Z}AN>WCxJ_*lA8#cxGs3UEvMgol$ zrX#UdK(~?yJgiqqMyVEnJ3?3;ovwR}QO9u3I2*_5mfO#PgwqlgMl>h~@?zruJf zk`}gpFP+lv!7>@j)vvD`DBm#7=8A?%4;v3ra_mqi5yB=lS5qB4a*oYHY-?Z3oYUj; zIh)3h`81oy_t{FJG^Mc}T|ktO2VOx*%ua4XTEWt`JeUc@-egK`Ss02&r_od(Q`$V4 z!YUUCml>KeYeeL2xU5&Mb3B%U_F$ugMv^4OMq=6ew?l&OQHmz<=3hmzv-FDAehcJ1 z0=Pk>*M)$|CWN%XXvMMy+F^@OGK^Q3T79ldp|&JBnO3D>1mrZ-UTr+Ghq~8iE4H#j{Eyebk zkD5dnezI|}MwmSeMN7#tVOvCMi_9eq8r@^t0vO}Z-sbDrs%FlC5n$h4Lk9(xhV1ERH#r_*Frv|h+1SBO=}mk<>U|_x!jzb zWHKfSjVD8`qjg$lSeV77h|3YxIT?-1AS?$q9SJ3u3xMc$UmY7wPuca%odnt04NIlR z3~QbWnkVcmZKi~*1*%{+Qq!GvkVS^+3blVa+NP%K`N^aEo@iY| zTRG~6pIAw`U3&o?J>WiJ~1r|4Zb{eeKqF)lIEJnprIEoXW z?cq9fY_;hlu*)VwRu3uw3OVHjVLgQ~BbrTq?lR~ziH3dj_#Oo=xq4`sju)U&5TQh@14`tYIJZgcSua+xt+8T60diMO$ z+-#ykYz~~?G75|A?92Bk76@<}@Fia{-`&-RrcWds97sPDB1^ER10!NQ2jeQKt_c|n zEj!doRjGp3(+E~oyoAkU0>dPF^$>0ZYJwn7Hu(y*+u~}l7-^#@{r2!!AEz)%EF0Uy zhmh}lGO-SI{3G=FecQA#)`bM_yq7$EV{($vGE;pbZv52$t#7nq2drV$hSq2$>TjdI zuA=LtV;AKWPVYs75TEX>cAgFvEOqM{4|-f#1~*d(FrsB`KVf2Y@AVWFb;%Ji&4?Snqw_l72pE|+I0ucu*bz)Of0mWD6m(*;^5|1nS!7u>J1@)C=QFq1Rd5~AWl7NoKDVh=r4>0gW;b8rGyX~R7jkIfMoFR_r zVnW7uwiK5Hdi>XXzCrLh!2ulj;#xab-{5#sFqr=nNB%b&{#VPMm6`GXa3m+o|KN1w zWclAX9j~-y?Md2UyFY%NjvGK%^XBDH7A(6BTM|H*hV@|2bz_E!8IXyCB$zPqhdbgZ zlo5#<%Xao`>B0;coz;mHi3Qt*Wmc}W@IPJNFSkb*`oA!_xH|a$b+E+`cb;$5ssGu{ zJ0-V6A4ZQ4&+qI0>hpq=2i<+pOYi?%TU_hZy?i5}Ipf3892G_;LhxF{AK-V~jYsdSFP?3^ z#Pxb}l|6X+p36cyKMLL+`-%NM&WF`7!e35`{F&CGk=pnB{P>vF%ufZevK5#XG-`T$ zvys#KlPFj{F&GBwSEXnP90Pw+80#;8cYxzxGm;y3CwR^&x`X#L?qShzCm3#fjKq(b z96eioe&w#I+i2UH8(DLz#PH+uNdDxZC-*vERa~C)r*mk6PIE}oh3O+PIFuvKj|ZPN z9a^mRmeY&+5Kr1FH<4-=vAcl0uy&#D>{8zA4~GHJ=>w2a-Jg;{13}BQ2N1mFU2#~y zXgD{^*d>IZi*(T>a4>pje2#JO#>hJc+IPS61AXJAk>VV~2F@_Y%zt|;;Vpqs@Z61F z^AAZq?)y#ekUsW_oYb%1oW3INzs~C9%@E$)@u*xj%%PhKhxXK^14vwa0|(Sco#Ao zK!sg{Ndis1U2GNch+wv!H|Y1i89<2w26>E2sPe1j9wD5YDSP?YL*k20HjT`%H5kz%n_;-0bXIP1W5MdJ zWA75bpYPAx;0HZ^q#qHYC$qQ_{uA&TEU-SKo*BXBAfJg+&EEqjo>RzV@$?3hEvczS zSWGYQtEjwL$ayR#pM#Aqghuymb;{4emc~GkYFL%7oFJ!8~2K0fc%wKh^U{lvck4&A0ii)S7q;YpR8`#PE1_^H*YnaArslQnPiT8$hY@X4jQnN; z)bct65q+CIw|^q7e-w<_uDC>Cl5nsW%(XGd;NX^k^9Wx!R~#bRl;3v=u+8V$3F8nw z$@i&lV|Uv}uaZ&_DT)48e(_iZ%DW-AZH$R6{!u3D>p)5+>n-f-~ZpF*F-e*$1Xf zSzcv4N)KRfp|VH4s@}2tFja|J4rz?Pzok>>qa6%Wv|Ddb67h~qJ6|O&oLycua*&h> z5hI;o7PKg_hVqdLON7s(+!Z1<*%UU#%F=qTh&0bb=CW8hzd6wq{JTB48*I8-f-(45 zb?FCZ8kx`1szIes(phI;U=+a*9#wRu(ecG&Uf%nau0e0Wojr^Y(LouOYRB9MqtrF& zuKQPJZIcB7jORPT8KzF=d&%7e{}G>L~^8z|NCmNH!7{AGFA?q9Mg@@)k8lt%?v{6Q)?Ol zC>GrWuVA5AcE~B(yu+!prhJOf*+SL#!1Z5(5@s(#0hyI^wWXX2Qo8C+asdz>10|hZl~*TjVlS3 zrKZ(P;p+4}Ng-}{;G;{NQGMgt33W5{bgy>ZvbIt9>qd`Gw^kH=MrcjSVR z($4@=N=*0q%e* z+B`i_U5gxI=&K(vrr$|z?v>}}d0!w>C%oThD(JS$V-`keq44EYG_(5b)7WvMP> zK}682@S10&#+`+F=E?a&B< z)0ID;8a)@}#*{V?X?0QU3jbhs9oLnHDxg7+Ix)U~Qc z090f8PvV)A!D-}x8WP!B*f)zK)>K|vd4%TavN$W>!S`p^YFkS@`O8OGG>LlR{w8p? zQ-GspmHK)+IQ`a17uwiJO<0%OyK6R(Fp9k?qq)#V5?fchMlF@P;Vc7EDlBpn=>K8t z9bjZ@*R9dkYOc0zu12+Od$sM=w%xtjwr$(CZQHhe``i2e=bW2=C-)@v&ZK6Z%sDGn zsl4ME&lp1i@H}!GVHwSk7e@bZGx^KsBKLa5mVL|4#43N@etUWqGuOPLU2rCOiC*;8XtX-gIvn){)h;}Na{Z~~LE8BR721Z>QJ3}ij|WJNL~xef*L|}qn^OVaMQX^V z{I%j_<~@5gWxm9TJwDJxRFP7A7LZ_kChD@sih|$$?{(L0X(fGf>$p{5F?utb7#Mb@ z=%9UVH-=Ferz*#0(IdF=Mi`l7&y5{8J-IJNf3dQIo8xV=iWB+KM72C@3~M#60F>?w z$v}&^a-o;5qEcMA3l_Z^qug�h*@|isp!D*Ae_gOQZB+>6nuSZPs=m&|fi?tWW~M%FrkGFAzTM{D&BD;CmCTmZGo_)umi| z#GqU(Qef@BhC02T7fdjePa|dsbW#nNk`4EfB7YvNFB}>*AFn#VnB2Ha6wst6@2oOs z?vx2wD^^pP#e}z2s@)ee3p^O$wbFq+dFaD#N=Zoe3dL8Q{&LFO%l&n6cOkxrA01@+_I72?cL- z!dO!rLK1T)ixWgAgiSi5#c>VSuMcAG_hoOdPqA} z21jZfgzqF1)y4|9)avtgI-(K$=6M-ZNDPT;3=iE0e|KUt1Ah%PE?bl5RVFW^rRIMgD2Rsp%;QmaZHFZl=G1$ ztVPhusdIljGiJDZJzdFK`@Vf9;eRTi&@`e{gdKM$rUr6JQ9Emd%#|V?=_QxhSU*5= zQ8bD5v(N3`b%&C}R5^#`AE3X*K8C~w{}uuwVpNXgNel|x2b-T7$(VGH(11jOXh5f$xb!{S-h z^iCNE7&j?TG)4o`aG%jQ0I_=N19NfEcZ{Zl@l3A%OQx>&`>q7kmnXgKJ}-g%6>Db< zQ2j?uv95Sl3HfYE+JZJE1DvHCTXl=SKOH&)APEVj^+Gs<^vu#q98E%fj*R$O(7#Tk98rXpbc>K0`hX3H`5{B`viO@Ug{I9Y^@!%g%ae~i z5QQ{JHfSGw*g%qYisAFnnU%^yd>Q%h10OCnO5v=iuZgwsV~6jg>2YB(Nbu+tD#Mu{ z$q_eB-AL-Bg0dr$lAGbsAC9a3OxIFCbV-7oTcF5OY6&*u_l{D|PMeh6CGnM(%wLI} z42^`RSxI6O9m|toWR7jZg0`ILnTA>MsA*ID8ziJ@D!O@wb}_n$T+fCA1DWH$=tB~WMv6Vf)A^Ng z51H`@g{v#)5LJ~RUHCo^NU+b<;|Z~ zbb+o@nd1bJioL(*wB$Q-_@#n)xHrIG=5zkvT~OOHr@F3|H~K8Z(73_fRQjB?%u!OZV!p9zrR4an zzqEEWy?)-w!rhdUlyN!o>I|_Rw_qvn!i`HSD)h|On!C1QsPX}_9?xJgPmEK(T-49e zyX$gh>EpKbNb9LW;mf41#}LnWZOme#@hC;jl7^9bP5V%;v12^g!ae0_`H`Wm=E4xp z;Jcu|F^N6Ml8zB(Ez=mWpl*_zNDfXWZ0GapsZjG%y5G$R~V{G>5skw;{gKj|H_ zH;U8-ha&QE6~7*J`;M#iZO7hV?&g29QUKlwL4@aIH$kJoydj04>*dsxQTj2%Rzjc% zI21jh5$k@!x(5qKj)0^}C1IDlk`tQ74!QAzf4J?fdPyX{5G+vBL~YrxX%Ep%lEPRP zyV5ZRpMWleETHf3&NmfMnu7)>(A)^Pkm96=!bU8T+}i*cP{r_0aiz&pe{+J&6?Mlm z>$V$6O>NI>!K^f&Vn+QWz(QATe#vq!t2A}hi0tZfcNV#0uF~d8U)&N5EeaF@C>*`E z*r!@$CV@o2^x=groghSeL;Ty!6f6eO*~`gUMFvj-!S@SGbU+UWj$bAtlQJKud`V}j z?hjR%ZT&p!kSAL|TP-@!WgsK(8qv`g?|4-tt~*|Nb!&=ty$%m9c5Q!c*1O~fXOgDE zzw_pDnE7vETK6iqo7z~HzM9DY?5C7dHw)`;69{k6c7u$M=f4hQ_?ScWlvLs$qOb2 zX=aKocT2ZJdAPwt$^z;~u#&voFUe|;_ai`i8-(*++EdH|9I*$|SFGI^@xX8TQaiz^ zzwiz{8>>!7oD&a)-wjNpYk>6(JRR$f5E=4y-?+f429tjomOPkX$58_k5O1d5PTVa6 zJ%(^35?3t1aQ9MX;tl8xomTxpp8bU681}ZarJ^duC>2apZ*=w2a7D6Ve6pz7Z&4y; zvFDZeae%6(V=;&f481GvK3B@;BS;v{=Drf4z$gYO6EULK*ki?Eu%c0TYC%_9v7hur zicQ8HS9IY-F5^^NHQ!*AuLrp|y?Lq##0`iedOg%*^(w(c!st2}2bcz`0hQJ|X*0X) z-nLcH?DIsjuprXI|H9@K_VcA|8+hh(9p0?YVrfLA0oPUsCLHwOYNEo618SQ4oE;1# zEX?URV~CVsfj$vK`@#468N?6yau1I~X3|la5XY9wWo|j# zcN`+mnGsTy5&X(xu9^RdoUR(6r)nVv#H3*F7V*OYn=^1RoTLFT4;E~*AG)rc`(i#s-y6}2|qLFl*7#0@yk`MVCix# z;xl>ohE{}C+X4&{c|r@-PjL?0HkXrFvFS!2kC}O*$W@R2Ox3Y;-&Y0E*AnWguRqBD z)X?3reXc+X!&)UYw+~dhrV|~oHC^cq&iN+sdhx{D;f}nX26(^2zvAhH+Ur}>;r)1) z%xJr);Cw%~=V8SIQRkMOZwO<<+`cW9z@6SB zc}2ABdgn^z4c;h_Im=>!V5R1HwZehLI#YSrIGoA8ArqHwd$6{mCH_#L1~%54=;8tB_cl4uAW>M#rq4 zc>(}SzzgMi=CtMal5u?~7qA-C;3=Q(n7T~542l-30S4p`>_ZIY5ln+~hY+W?8(uJ!JDWYHj z8Cn}<`YeWmE>+YSB+bq`l34LqHIT&1EKX8xzfd{I5K^lgYJ~}&EW;8952lbmgD|^I z4$Hv-6Z(Ws`X658H>tzG96JDUMfZ*yHz&U<`c&E>hSHM##_v?9AK0Vvf$p#cDGb#) zKWFCSg-C^Q*0i(nMvfyN2_$`%(>cTy!=z!vu>u%_e2Nd9e+hR{@6MIPMQbdp16L(I^CLXKB-jS4h4W3}yuNL6;*k(&U%rpBw4JF}x`(iP!dV(1>OY=Pg(Y(Ttk!L!2>+cJt|#$|Lo#(N3-aD*?|i#`IEuRZyme&r z_V&Je;)kW;d8+Gb=-a=);PQ9@yq~n~+)a@71~mOc0d=tRZZzv!e;^pyV+R&J_5E8j z?aB2$QuMkuad2`tp+D%s3C-xmRoWKEQyLVnSJ zfwdqZMIuB(f*+>Sc zALa@L6?pR>c#|$MjH`clX&?DQ$cc!A@1RmZE%>>?M?_2T3x{FM_Yiuzf&H$^7(3C9 zF>MBbj;I-!J3%z*7%z6EGXzdL&4WHR2rKG1refEm{ zctx<&qMj8tj=r2vyrK&LRhAYp4>4vCR)0oc4^Mpjvee|n!PJchaOT2%3M0s6f&9#} zHiL==mu{p4fQiXRn)Q#G^&L#BD+4mlhaWRX$iw~f@DQ`FOv<>+Qx}Ez3pM80)ft7u zVUtPEu@lCh5fN7F_NY09v0399716Uti;I!-`$OhB?VP3#)$gBIUyob+H+)ujN)3QA zgecP=q<%*IoHml7Gc}J4PLktrtq8$$;!7^ApqknvBAlC*W$!C|0!+VqI$&P2-jI!Y zgBgkm^jJCojSFZ|c0?a84?XjAs^g!+>=g%S6;bQS5IiG=NkoHG`uw$|qw!T@e^wOI zh^l50jBj+tZADfSyaTN0r~_LJ&iOT`=0RLH8MMT)cW&z@Sd9%RH)Zm?zn%Tc^Ll;w z@D3FSq2JV?p+ecNCih10V^cSlUy)IpQeR_?+Yh*(HqQCG8`uxTN$Lf}skv}Cj!^hp zT?I3SDSgtSc7k!4*3{d)fUstfEs=o;KckGLsS z&zE?SyGF-KMZ1q6_L-P|$E5@<1zKnI%3;XcDWACLdZxh752u=p1P+zllsbyO5y>w` zK>W)tz1VXr)3AdP=N7>NuRG4H!s>2Vd!{z?w4WbLs-Uj4kzSaao7cAfgLgiAzgZ%u zxB2p@;vm}p_3kTHN_LK^&H0vtmSZG#L{q7xYHL?Fu#-y)mNTDzH&$-gyEVQah z6xitH(DBuwMZ>-d?-Kw4$jdB3Lq(gBXa*{mKVq1uIFP;=%PWJ%m=HKh)X+>9OBQ4yCFEh<#Loh+)u%d%jBlee3KB^lrJbr%u%$5m+C0!knh_ z$3ArG0>os5vbDsW_Z~#Fc9jiYAty_z-ph@1mhNgx>z1CU2kKm;bFa)%4HxW#bKSk02e)w=PZLj2`Xx zPv5J}W8J-gRcdpzymdZ-_NGMwpIu^nbosx3??_Z6_po0 zZByGnJDUbEeUXf>2b=v~^Yi%HP;;c#HHnM69*~9*Ib=x2!XOt& zBx(3Ngw?Q`B=L5C{L$iE5XdBi_ozx3spTyqe?Eq_*fJ9=miPb5*gd7ia|k z?P=|uTC9Nn9S3`{+v!E5Ha5-IIi(K8K^9(ttfyQp=W8hLR7+HxW-D7DT#R@i^; z;EXgcC64y%S6cZ4zwfDOhNODWgwA56@zVMJ+KH*m$XYrbvbbfo4Wi}fUxTnC@1)AM zzc3IGZ-aZEeUq&rh;)n<4<63a5@&eMF=R``F-&RuYcYk$Q0Qk&@tsm)hFxK9(^mM> zy9)^qj9ZTZOd;qhLUEZ%y;!nnOf;iI94veiIgRaM0D9b7WEA<)OF9y%aq?(@m|#`R zVH|WXvH8=l91N})+Qt_cO5{8uIW+m(SvfSNNDpnEAgmg!mvi-IRa|iB@x059Je+y1O_xh4lj5@ua)|RroE1rWd`$_6Fc0nC| zxcful2AUm;R?1vL7KQq0e zMAT-w3fAn+Y3yw*e=O0_7Ma7s9*2*$${)zVLBTobz$(tlF3pSk${nn(86!=l1gMUW znC~vUlPbL`YHU3gPy{?JG&h&r?x>s{)hAZ{P@e0Ed8AM(`5gj6v)m4?!{FYbsOLCr z7(J`XNBZs=!Kr+IcAVqStv~J*4V(|yl}~5NKDYKB7=UB6(Z80g?3E(r zqS5*x(I4|EIEFAA_y?p%%q{E36WV3}b1)j7?7}NH_4>$%x55uY!rNrA&QPhXZZvM({M#xPA{!bpo9&YJf-7*-R!?4EEWAh8~Zw z99oca#gn*1QYAxc*AUQ0=lsC@qIo19BCE%ra|aKPB7R}@6CL83rh|)?x$J`>#H)rz zvcylXFjbRIOM4cR{&vR9!oq7X$j0HGlga?LOrOt@3dYo4Y?;%Wj7nR?Sn<5-cIR3~Z5Ktc{P0h7^FCKcl{=io=>Q& zS^le}n2x2sCpdx$pqsxhxrmERM#y)8HqPlp&NR+huEbM76pp&Fo=r}!9A_6DV2j^9 z#T`(JvtMNDyHA<#Rb7P7yY3ln@>lP&#V|B)8uWcZuS>Z9n_Nvtb8lCSp94gE@x`F9 z4tZb^C#>+6FlV*2x;b!n=DDcF)s)#3+-4ZWrX^G;RjX6RGJBhNO|!J6o80cz3%Gye zak_XYTuWyDw4dsEqf|*<)@W=^zuI2_>7uTO$wUfkq%mHHJe3@|`gyh|qPjFmJ1-GD z_5ORIvFk8?II#+m8vdbxvfX(mrz1|cDgFg_6zWwL$Dcx5h8IfwLP*@+bqvyUl zFNBTj$fLirNc{_s?@V}I=PTXpsKiclgw4ox>uYLBQ9a3aKgUSY7GZN{4_zVZTwvP@ zA9S(G)42J!W{3V#=DUx|RI5?Y{MHgC^4wG-U*3kI_E-qYrv05zK1<75n{pVlS5v^< zimm9(B-p8DvvYc?F)7{Zl;b3;M?nA0L?^LglG&J`WT4e)fH7-Uq_Nc{#s;Q6V?d`= zWF5{Cwx#EUWSBUH+eyIZx#R2^I$4~y7sUmZj9>OC1k8Eyie~1;#7K&PWe0N`U^Y+D z+x}t**J_PjLO9tJGXYQLBwlZAKCApx9?3j%-5^8}BC8{=BM9Z`kCchUWP_@O+_5eoSc8S}O?-d+3S zHf$&@s|zdiKhu+lm~r5|?}X)Xu5_QbCRCoTc;D~$&b&P^WVX20-~Z9s^L*>fA&G60^i&huT&oehGl>5TDoR!yA+)SpaZd?g z50XOL*R^QbtoM%!@3KkW=-~97D4{swc&SQx>@2|dsZ0TYepY#Lh1+;MRHYTEux?dq zCu^N&d+t;P-F!j@-P|0*?b*L3e0Kj-aI=wx|9m`^6{cWd&VXOPpME*G(`N+&d-b29uQ#5)x4O<0PW+S1tg_3$-MU zNYEg%u=EN-8i*qvs*{m4v{L&QBtk~9NJ##FPN6})tqhW-01}{gG$s8dDrk*+zsuaQ z@uBsoDSI`?{PUHQ0;=ala7dQpOY*)YunkfoW{zsZ5*6K&;oroceTG-*OLU0@Zvva} zY=|r=ETZD88f@SY<=$*@CwT4}+Zy=TW4N{Kn)<8SR;66J<-N6_3wF?&uDU_)a)5G* zW6Oe=meqnplE%jL0or!!`tE%?<%UE5*4OLn#?JKuE4;S{&fwn7eX|qH%nez7k<9dH z+HuhL;p7;8(RYL4P#S;w43vvRW%dLtF^@fbZU%4Lq22MGkt60AS@%I#b9U-zui}99 z(%II?Eq$dro98=x*xmmI2;ALi`9$;8`IPQfVElDPB&TQZ*ty1NN>(cULv5YTmPKEO zMSL>i2EN}k>MOZl$R7Zm^$K3TJ#S^M(fd?zN_Vryci>KK+rq8;J{9 z_pXX!BA?oJ)hVS3_N}q&E@Kn~o2-28<*I^anprcSmPQaihjyA-p6S3VQrk}9lq5)1 zTQ%-cveUfCWfdFzaks_X!9|@n_1RT&Pb+knR_#eMoCpwvzU$OCn{K!pXKJy8Vtcgs z__0>hA9<4cD|2(p{l3t=s`+k;;k9ytA=+0NK8^vgzEStEJ{cj8Hcr3v03qVzBHlvL z!zRGd?cw!`x9g=hTqpUZtEh#u)Tq^Hw4bZ@ z0iq3uzFeBPKL8o)5IJ&_JjcC$8eC)igwB82OQH^O0Hsgb4ChSK$_a~REJ`RTbuFa# z{CS>dXsNhBb~FNhM_hcRFtVg>40vEk27Id_rWpe;Av3VVpJUyq=7FUW*tWQ^@i(v5T$*t(*+Q zK-arnsurWXV020(dz6%$SxzY=d>9cu{ft)biMn@cT(aS6=B+S`f=XZ;tL<+#CJ_x? z3q=zcNEVBRjgXM!kiT5 zwHP@cLFq4Z%!3v2b(YkZkD#S1FPD!`h?JMgDQQXQPR56lC~l|9GX*H+x#i@R%x(1& z>3pX-yJ6z?jCQVCxoF0ZeDWHe{Sewk_?X{^vn3_e_rRy044S7!Oq|Gl(;9lh^@P%1 zEL{mAIE>OvJ-rMX_Vj&22Ly@9RK24}Re|X>mHWQjaicQ)HOE!ga8?IurR;14wla0Q z-|{S1M$XgS0#sx(p9PuWRVxCa=!QG2>c(*@sEi5>m28Mbmp%xe zq8l(t7G`}sqV1Up@?$x3W?QLj@bz?1KmSlRQ^_Bw;A${vk55s-a)m!EkP9&+>ITCbg9_GEy(AaQ@sE!+iE9-HHv&-TQWn zSho=}pII{Axj!^w%OjT#7ObSU%Qz$ko@O^=agGr?F~i-)ZB!OcldI&7jxNL(H5|5y ztFD}wL66bdGn);sEKsyigc+g_?2c(hq=GsyTPe1OmDL0k%LHJ}=?+PpKZDo00k>|X z2jr}Eo6|Y8xk3pn(ZJfQ#32z3Atff3%l4!H2o&Klv_mE*fFdWHthHzN9|AfxaEaZ5WnGf@DV; zz8LirFzT;X5A7O{9%-f1BKZ`W5}$Sq8odY_|7-V_Ye=+gZB&g_Uh~;NlYU)iUDU8&39)FQQDnwjQ zX7Q|K2{c~u3%96}7<=cqqHMp=wi_}{m1&O$Kgm&^t?{3MLL9bUmmd)s2h>}kp@q=} zUW0PX`$grQ{N-}Rb4f9qhDavmE_(dbv8wd7tOKVK7`rwS72cL94Wb;Pkt? z8g5v)15UkdWn4RPfB|A4TmcDuiygOIN){?P&3ttkJJK?p{v1CIQ%Svn@H3st=Rf|S zZ`9^y&?tgxwqU~L>~_V4Qkozk!#0%Uio)qs6kCmjm1&vP%$9(rxy)88NGX>34(j&ghRtnitJot?`6d}lKZjwYIXGq zuf|^i5t1APC3X1$lBC^ZXMA&NAXLJHI+;mC3n1P`k-hfsEt~FUfcBc|&0Pz+z^R}- zC+(te<6OIh1>J5-N`3*op>3sGLqr7%HkvR{w+5d83>0n!X(qJ@-=+{>8YrbuhG$2( zLkG8(`m(|X^~INxKPq9h>b3Vp`ajpj7Yl1A_`@2Qew39pAB>ZobQ;cAYE4KqP^c4Kl6A-MDac;Q)9|L-`DYIP zUKKnTn#f_DZ2zRx zs{=UNs*$+>!hVooTGPhHjS#LOGmcJXb@GsEes${@%q`z_(9)dpwKz>Jd7png447lc zEr|XL;cc3Lk1sXkcI5ITnMBY~GrA@7rY)ACbI?@D&YV}2a^IV(EyH}o0gY&Ziu61> z)!)^gO`cM4nvap!9&3{;Y;KV6?uf$IQ-s}avWP*+ZxIS~MfrA9a41G|(H9yjyF+aR zVXk1>|IRc33Cu_1KIu9-OPR)EPNF#+wrW;WAe9>Krx1?vSka8; zo|9=Ctjbk`zM|QEJ6QXLW$hm0;We|RzE)nYe0J)}t|7@lmzG!zLyW<`rnDJT-PIT% z*<;wIODmBlK!ENlmnLK>wErl=g&l(FKd2M^;*9jB#kPue(KHoyIXW6>HXZTpA>QZm zfcHuDqJoWQGQ3o_CHB-$=SU{So;T_|ADL$X^=oj~%*C7}SlstZSeqE-6%$$h?yJY&UACQ_V-x{{#m-wV*eE#&| zl(kv1xHsp#k<%G-O7 zCrC)D#UH#{0dfPdgcaA>b_JD_{zU;S)4(SuDT=vRZzJHf5&9!r%Ik>Ld}Euvb;_Zx zn|-^1{3)5W?rKhW3$`Hr!Fb>BR^(~`8^j3Tb_gBJ-*(Rps547Xg3Xij`U6H)LTBRC zuDsw4O`?LT3-{UWN6ErLlb@irgylWB2ddwFDCvTErBV}Dv385H&S|#Wf%;`bE*Cr? z$V8dJkP3CQC6OXQU28Iap-pH7J#x-kcmdtYUYZh$yHb1>_~-`4EEYT=)FD5yI7wY8 z@$(yx6ikKM;rQJ=Te2wh#^#PUNQr+V5(-J0NaK66#*+NOIP;Pu`Lfa3viZ~6d#VQi ziS|aL^jt@H62vor1qzEdUj|m zYEp2WuXx_ca2)0o_7Y{jD1UCmq`z9(jruXN74;y0gd+$i| zKG970TRj>l?hCnte1k7%C3uE~$0HA>1v+^9^>f1-gEl$4C45`K zxl6CU^7K;yD7#BjfbqJ;WjXi_h%Ua|wR^3=ByM1qEUaLG3+e%lt2`R-uZ}wl$3<6I zS445u5dMb$4?FG=DV2n2QnINxy;=AdNV22WuJg5T8#+S@ozXs-WNM8^r0lDZd#2xA z9{D#bB~)7#s5Hpxcg(IT)U-gwQ(O4#Ct?gU za7e#rN;Y;^I_`7OKUfb7Z08li)DW|fgI}OUM%xCrSaX9z@xn07+~63EU$ZWgMskj{ zRUhGlh^d_b)$Q|P)E~cg5rF7Uz1`n8;<8K8TMGtL=Tam+CTi>H`h_lIELtnN=w`My z6Z#<9({8ETHju4DNV`tJg3RDEWNz0ceP%9G&QJF`?95PE)nKg^ ztcI2M<1ei;=ClLSW*5>-U4t(bBT=n-rs_|RWSduSy{AiP*!~k||L^9`Kb;^ZX8Qlp z31Vjdza7yTnA!g~j_CgkU9YhqbiS!T4%2jVcqo8?0h?E8)$_rbq8;ZP>#bRZqKuGj zSj=?k*aZ@qhGC^SSx|33xa7NfkaS_rGHBc$b`7Mh9VJEK<9)iADqAmwd1EaCo?0&N zt&cD1r&3jV179?sErI%>dL~aXi3VGUTF_13J zuq&-DHY1d*$B2jHQ~zM0&49_u-Bl_H$So_(rB#NtS@=* z!{ML2=~$k^oZ~n-j6L0ks<_*5U8XL<7wRg!n{d6_zDoWGFkamKO5Ubf`utq$cq=k( zH*c3N@tpMnDCN0`VS^)oe7yG&aljE9Dc-d}?d@!On{Cp??lT2{6o zT=SZ-VM7qV0#n{Gnbp}&w*Ro?DNh;7hUIalZi+bQok%pn%pbR#2A7me8=J9fMW@DQ zRVPvxp;W_bFrhTHcdbva$D=d|(1;|Kry$MGMe883BonRrr}!+=Fe&O9E!QxbVT>P} z`rD68bnHaCeq8+ti^eZr4Q^GJ(#)P+UFONx@Pc~T1he3e>wIoO{=~tIofDlpON9pK z41-w8K{jk+E=yA0fdid-B3U11!T)?18vD4NaCswk6TgDui31aMvyX7aL_#zGsGI~N zgISMc;l%!o`Rw8CvE!268bylD?GnW;%SV|+Rltxy5HVR>Qe`DX*S=7wyY>-B-{KHoC4g* z`jCj2F(hN7TmC~q(;x#2eY$ujmtHb(5L4%hwSFRsi*l8;WT1i!X5%?C5z2}dDV}D# z-?1$lfTtVotqJDI{f`$kv%2xa7fqUiGeWJo<5j^W_*U>~E*X3Ji6SQQ*>&bAKBlDe zs^=QPSj@R`M@9!x0cTW)hoWC>S^*~#5-NhNxid;3m3ViKe~s=uC#Anx?X>X&Q_Kaj1a4lO>o#Aj51Kz&OOGs~xsk2N55X2)`Qcd`jYZa5 z&r-0g+IcobEf(Mc$TUq3gQwrmJS-U9rE^++O_M~{H#2dn>#a~8LBK7jb=s1jp?m8H zr7rsVo672@Pj&ND_`;kwTVyKZBqyH?faV(k!8Su`#KoGXhXcv^{e&=g1=89Jx_w1| zm2r8lx_G!AKGK@b@UO5~ewMYR5bl1m{o&GwM0AbMk3q9Bz3KX6wF^crD z@#9P4Rn88yKLz_oCBQc9Yo9{0(T6<~yqK0k4w~xc97(aZ1zbhodSg1oy2GL?0kE;N z42p*7^J%bn(wov9U(&lagb6qNJyWqnHY{*`1B7lM>eZi!xbO6HNnLJRPuzSBkduyR zD%(qm#2Q^JOA(o{lSBVYh224=xMVe$cq27(by3e+QLXOmjj`v?ohR9-DliRiS2tG= zw-+?_0x`4oWPP#BiC?n^!h_H+R9k`Phrb%z{S-A7d072i81-Q&UdJ~7n*sNu@q2tyz|dZmz<0vBBY!ME6YQYlgm$xo+mvD zp_q-FeSKFW3U(^;N>qIG_B{=1)ym#GcNC5*rYdV7SS8vJe^PIt zIzu8pF5Z8WutDZxjwnUDB*OgByt8J2WTle0Uf<~_(Gf`Faq${^0E?&Z#Rl{=*`0Ye zPf9k{9&oJP$2;@Olm;I0(RH6JMEL~rXkdo7Rew0eYs7%ZQCp3XWQNX^O}&l4a*QY_ zfZfqnHH@UNo+8qerW^%b3r9J$42*XkBE3TqRaoiA*AgXsC{eYzV!{Ex+&S3R^2{DC zUl;dDynx)fga4fZwu7+6excVdm1v@1amR9x&c}{MuF`eQ9Q!ik)L&hy>p}=O>y$V# z7P8n247@uY9s9+JB`}RzM^R?3vJm16QD%myOZ}Nw`*IZ#K5UM5Y2D)32g!ss8D-Wx ziWRfO{L-XR(G4bZz{v4xLfKAm=DsOLp7q-QA! z6<-R2LnqP+a;_B51%}i|Mgw1IBKP#+d`9SDAOLfYA4SwE6kHB=TnqO%{W`?8^ZPWOQ~4J9-{Beh_4WR z`Ol<2S4fQ_!9$8!maycDm6J!OkxmX()r?xk7z)gAIVY?U1?bwLYacXvOjbl_fE!oY zNjh*OX&*Qhj?oKmHH08)O$w{Lj4zo1)Q>7}6PNY1OcR<8aFva@XNIjjRB1k!CF((W z7$zBW1ojo53QkPlrrSc`!~WdE#A`Reex}6#Riz{q=Z*SU1|U%or2m@R?*PhS?v3)@BeB^jnaSxBU*cS zS^iz?s)U%kqXEa~X~ks=x*MlA>k&w{K^1dq*R3xYf+vAQT%M_ZlnvYLwx!&Kj3zQl z11iCt$RQ0vAi&`fayQ^ZqC?VuR0;3B+Xl)I3cr#X({|#@pp!uC2(*paC zWg0=#52JFGgwnqvpbCt8Tz|RGFM-%G*x71uNtPXvhWI|cNMeXeL`#aCV*T{8wWvan zNagoMC74fTvOewa4nN11x;)*!lB$X>-h$G+Gv>tup5{0W%=ee3zCPHA{g)P5rEBi!F6|26>&rzxY3yqJ{cy`-ANQs-(?M91nv&Du?2?tlg0TIHxapFUwQQ86NztYvlN z*pX%emeisI|MtGh^G$u6-9KJhfF>Q5Yra0bej+7D@s64lm?y&2eA$E=JYznPI9Mw_ zPq=~feLb&X@AlCZu|v9ZeAq$j|NIg>IhvDYt$iOett~AMC`h)P7ABG=O zm3k(fRYb~H4a--A$tQzO6;lw8)~AV;w@UR< z(8!+woE(zjYBZ=4mY7x7mc5(o{`?j+vF}#}vb}#S!GJnRfjWWGxRnRmpHQ_4=8*np zrEu`?f7k}T;RZeq8fV71!v9m%z*Ec|^Iz{4?5iz>QYCy*%wyuskV~{(v-*w6{ICc{ znfZ1rRPiXF7|MkON`J_=K{E&apDQfLyJwS#HO%9EKV}*FAOUJJ!r9-*Q(q`3@Stxe zV*uhJFyaDK8!~=?B|#k`{=gu48Up@6Wg#p+-a%r)1`eL9%C1oaynf$|_RlCg))|qo zDE+c&+R&(aY@0ZLh?3)ah~2ztefjHW3dQ((RvzdN;)S14<@&|0H~c2>l*%3`rTpsO zS6>$=?ahn-1+7q+k(o z)b8x;Pm7~*?YbMaTBR0plKK|$ScQAc!J^-=-5$A6jV%PMzSG}i;Hk?1Zl!Ug18#^H zK>A>^Fhp?`QsLt1?$m3J@3h@^3Cw~Y+?v&vTSN@}y=T_-tHho^!k!bfp6Ji8Mhu^B zm;=H5`l;@91E9l0kL}#>Aq%XoNT@&FUVxkqxQFr#hMFT%+xEf`Hp|`e*|O_q-u+tM zAA&P0Uk?3_fRW8;9<%;J>PYaL#E$ZTYkrfR0l`?DZ(koj5xqOqme5_e^`S;^4Sw`{ zHXS32;>=m=OM>|pF1AnJqTdNc5v>O{Y!w~HE5&T3xAWCS#s6LoWZDm%-jtU2uR=`rA$= zT_d@OA`IJ9OrejWn81`A>E~M7+dooaPbzE3I1OCp*+apQ#Ue?fCVtUtlp=?nus^Q8 z{m1+*1a#HVnNsc{v)kn6knelHkgF}QK(W5`?PuQpb?YOvIZ-Ax=-fc-q)nn!d91)Y z6?<>0E^Xsqz%%etG*PC9I{=3=>zH~kNFnOc_Cq1l)JU6GJ5Rb86QMfx+^Nj55RPl- zRF)b`7hatU)d7GF|0QUUNMLRjOLAWulkKVe(0eR)n0HbFb}6yhH`e>PE)yAi)Sa*; zm$6v8B(e9HP?&HgSAgmAPPtv%GWnM$y1Z^>Y>{2*2501X`S`A2eR&QHMtV}8+lZ@; z5BLSHxRoVSoN0upC7((?E=dV{Qm}KfkoH89fwJ7O)5h_43eH@Gld;Vn+C9|SG;geW zg)4%|pW9>qIg3ZrbwUNhIHTq;-L?`AN^FOOrLOdp>rw6NSQ-pxl5;;4GCi;hv!$Fm za@ugggV_}}&6zh^r!coJCm|2Tt2PSQ2jf{-00~olZ>9F3+hy4VY5}IIl2;Zz9`zmx zf*cc>S`uIJpl<>Vq_sSFoNR`*z| zeH}o`DeE7-N;eC1#wotrFL?)r;Qo$o80Q-Xta*_~2-GnLTT-e-Ei6B`0T^@mO<{K( zHmM78uP+8!9A9!i^DI+GS~znO{rv(u@y&N zi=oqU6HibH9q6?fs3yz68@eWonNAmmJO&*_c}ummegiY6C8Eh*{u%<6DPdx)6%NZ7 zYF_~+JE7tHliGgEFPmO1>fXLSxvh5;&_mg^8lqC&1J-DgSwb=))|g{2i2)(0Vf>h) zsE=_Oy_jtK^Rz2gLdQn2K)Z)kkxxCG?}g+>Mt~vSw6V4qm;FeWsvQMtn3H{qO!)f! zbBfpdJwgut>-qg*@2KjFj2}LGw2XNjE?YunAg&+>N-nc<@-i3JKq;;hAR4zK1b$OU z+E?z=xy2Y_8qq|w*lM&;iWA5;-`IG18*q)BO~)8%COpkMF1+Shd{A!9H78e=e8eLW z1DlNfw+hcWzA&>;zKk+H!UA+ELyC8UEMCJsy&G7TU(nWUzE8RP$9 z>>Xo83%WJkW!u(Xwr$(Cy_apkI;kHutCI0|4%GX+rX!SK zt_5^dh5)=Iak3(7FK_q-;_K=|5Z~!8+L}3`PjVPsX0}uWnonsM2!W$bCTioNx(bQg z!dnaR*XlB07Hp-?*eWZgTLW-@b|J0VRMd9O*VOnN5L(}UI!HD%^a41FC4aGs!}jH; zjvXn{wF<-xxZ;Gv`r)%Y)hV?SWecsjF&W-r$Efk=|1kCwR#Q0j6~Pd?u58RlC9Y)H z1Jb1B#4e@%;ufKoI*TZ{AX{09bqI;r1CLp*Ha~N!j_6I_+a=Lg1=Ryl-%&}u(?nUo zViu-xYL)G?Q+kx)+Vb7gaBWG-Zcy*l-m)WLJ|fMCNKNkkc6pxB4GgItKqqhM;X z{}rg#d5xDZ7O_DeqQ#w$Z8itcxMn>4q%IPf31}x2CXxofK&j=*jXg;VjfK|fxKE(f zEW$^Z<4p%h4O*a~Si22XJ@`rj%nbX}2ivTrlT)VaPtLe?g;&50!l+(B)U2+^#!F||IbRbB z@yd8ZDOeAisEX0@+xPg-76A2&X(GI>ktSL!Mxc#I_q+=-a;3qasS;v|Q@jHiPQo#h zYu&%T%M*d~^NJ6yh{V>7Uc~X~4lS+2Ald~nt@pQ-zJ@ zEi?-q)A>Tp6c^Pr$bgE?vByr^J|~M8#XMO8rEbPy7C~UIBYnd{&s#(54gc~P>jH=1 zhs(AQH!qAZ=`+jp30enIp{RrNJg!(q^oV7=A3G4Tm>D5pxzqDIMEtxK*7P>lqsc5{ zWJ()O&}ry6^uT4Ac5~h~7OyGt033T|)&Ajomt0Zx8pN&sYu@O&Y|Gp3f#SK;yc(g7 z_S`NesZ%sFmzXNeFIyib*OA5n4cs6X-+V8F+l<;BO`7Luuq?@@%zPTpY7K zIZt4cWaKygny9J8NvY#7;l2hQ=V=U*I8-6)_=b90V0Z6&$q$*XZfP&+WJnb+QA)Z4 ze9dxid~@kj)^xPpczjGVJobSd{@o_wtTp#x#FstEg=MV}wUyS(TK*WxW>*mAwfi&q zSc)m`JDu+M9t(j86n_k+T|G)eC21*K%?WSts_%t2ku}fx8GO|BKEPM7j}#FwJBIu| z0B&?^*JsK-0AWBBo3ep;Qf!MMu{F6bzFcjyxLG?I=A7;jQxA- z8Og{+07?F^Kp-UfdlQ&!lPxS>p8PErd$hX_E{cX)bn}OQz}uH%0xD;5`;atUYZFek3dG#U5{!7QyncJ zXMhF!R4{Z*6}oI4IYG1S=w7wO8mLE|5aQZZ;4?jJ*0B}^yG{8K2KYkNEL)XiA zB+vyFKiwp6K1i&_r77%f%qij`CRW;@Z1Qca$v+|@R(nYVn%o&Lu}y4NaF)BLDsYTb zwo0gfV{;X*`(?dZtA@w+THESZqf`76Jc;aMZg%r;RH-Wdkb7tBV%K)4;m%DVjqNL7 za_eW>_@=k|(KYYGy$k-9TW74^ziaZHo5ML6>M43fSXoy4C`2n@;{t@Ou|`fvPakD6 zikTncT(dJ#8&a5g$2d=6*1mm;p9tJ`(5gpsxd$YJ+2gOWN9cWEqzZw#R$t%WbEl7w z%+uW-oS}CwcMC+^DZTc?m4QaIBIEc{`N-3!S|~;+q;apNgtzt%QHS8a*+c6O(obq}I%!DtipMO{a)(~Ul5{O& zux1%xz&3(XiQ!&^BW#=x;=rSjWArVuw|{kcT*`?G+oVM*_jdIbsdZAsv9L|gw6eY3 zf6oU$XYnI;mc(sU-}4EF@}V1Usrl)s`7`$TqCwjlCy|zK2c`sko*YOWbf$Ji{oBYL z)Sq%#4y5SDgyR_i>6FNgAxg}oUXZaZpq`f6qM9jh~3~!L6R0kq>c*g*jM!htmQ3$f@AIVZ;DJWo@`>V^M-S*XO?E3c~36} zk=nQBsaO+^o%gggB=M2}ER~bnnKwe@o-Dc6s>h~>kB*HmHM_8%vbUDES<3Xn?CC8T zl}QfTIO>8Sh`i|Ka<2#?qr3=08s8wj(x=jnkP}Q`e6Ccc+sep}^1BVUy-xJ6tm95c zam`+`gqkaRQipC9tmaf`2U0XtL2E$m`~AlrmsFfUT6R$G2@47%)~*WlOu3L$&@56F zqNN4K_s1^HJEse-dF36@|E_{H(ZP(}=zQsvKjC#II}-0V<+k<0@O{kKqd^$)B195z z3AzPL5t7JKoGHK$!fl9#Um84A%;=W1^a#9Y`jr}>fniFr#jsnB+r>wf;@BdtywCf~ zt@E5p;xWNY`tC8=aA{y_wlp~vB^NLAca}Jk0AsO{s=aFD^3M`5^am zYm#DW8prQB6hPyU z8*x$k?m6%kM7It1%_^*Bujn^kIlwmsQcsEf$}rgmcH8QUdz*_CW2iT8Typai5!$`9l?21yn`S1-pAWwg&MgOf}H2=Aha)kYREO^N#5n zE&i?8o6H^4oVmbGk)>^14cZ*}N85aGL|?eMhAVFto2$(L2u$9-RHZ^B1~@GL&X#Zh+3k?(agMcfL1$lNIx{j zk#mI7n-4H`R2AE;IrZb8GC73COB@$wF2+$RJA1(pc)R*i$y0!t0=o^axP%IrZqAAyvl))3p>RDH*@0D4EVw+!A2X-~XIr056TQO@<9zy^0qIYyC8`TVO=aF$Kb$t?uhj1) zH?Tq1pASwy?GJ_3BqbWDgQG!LMK-b;Xc)b>9vnWiIoT{LEVi^4=&wax^uR%Q9|TzETfTUdkU}~YSB*7ek zrw`JQP{^H^$q?7iKbir^LVwIO6YK7z)j2llRR8hvypGgnH;8fm4fycVnOu2-Hjz%1 zjc%X6BRbsy5}#mnow#Cyn#~IdC)ws$fNLeZAdmr3`k>SW(oX}TWRfKx7?$$J?YuqM zFnW_dt=!kcB+w5li$xR+RrS>8ZG%8K>N%APq`X_blnUHfqYuu7TPS`mR_!1f*tka$ z>>vv0CV**2%->>9-wG3Nu=1k(Mk6vu)HnwfyZ~K5K>XLq{m&nJiP_YPl<{BQwtyVe z;K@35? zGH;o!*{$i`xr$@kN?D*<8s=F$`t-vormFcIstiWkBtE3}6;j8Ye%cumH-+Knj%dn_ zg*$Q_JOj1m8DqvAS`(RNYJaUF8Z9>mp=2a-< zlnu42{0hOC_<4@6e6ZdmOWZ)_s`j8n%v3ykM{}w?4B2Q*VI@G z3cAsD_~L-r^-4itPPzQhX%79Uu5HP?ZfahM4Y|~KmRz$-v1VW`{_pp(nxxn7W9V<* z25E7|-?A1i__b+_NYYIC%^h^Y+vnG1w1CyT$^=1Y!iZ&v97I3|kkO0GDoJH(n)WC1 zqmsYQeVQjXaa^OL6Xm1_BlWlQqX_umZr0#ky_q!UIm>H=F3F4+K22Gto+(D7@@P|5 z9XVVLiK_2Gl~VG@B}Y7@*t+k6E{@B=$Rv)G$>LEdSdtcLh2{&+7SVbRmS%+%8kjrz zdgRHRJy+~593zVuh?USH?OK%+<7sr!at2@w6S8oIE%`aOQ3@`A_DSop*Zn>!(&mo7 z>T$Zs>Q~$XRK*>Of??DYwMDtKNy=U5kZwa+4jBd%G`HWjawhJsleLw}nfXX?m6GVV zhOWojcq@;8!ENXygL1N(2h~cFE^TVB;(NQ3jTcW1GB;JYGMV7Gq_Z5PL@`|!;f8Qq zfTr=^o+GeL$Hxi}ly^Z+Np|Xhdi`fV0HBecls&&2vdZoQwnR=ULBE{BK_PBg7)0V! zdrSW$P_87ksZL))&9!P5Mv^pQ)P0?tVK1tF+~LS-eu{$bz$uYIDBg7NLAiq!67F4M z-*qE+ba>3#Yq@K3d%C1I7Q5xrvUF%nDqP5>1vX;p(-b?t}H0mbTmEx1D@cWSdG}2gy3W zq1-ktuyH_0lx8NDaPAC;W75yTx7W-dA3;HIWLEHSE)2J+K;W-3blwr1->;nBBS_>M z?n82LUN34#IJB<`+aE#0dQIXGjt^JFXHyt)RLLwGV^9@H^Be>UIU~w6FKuo97u1Xu z@S1atmqB61K1~3*Dq%tT0uS<#SUc|!KbWRI8QT=CPqh$nWR3Dn5P&@8lP8YYC%1ME z659+Kp~EYU7Ag%3f0?+dB0s1E)7VcG{gxJDPC7f7%#lKTTFzgy`(zVAizno-YgX-T z@9(|Q8WH#J*ZJhAoZe5kB-Y8ibwPGQ3hBk@rs`a){CD{$Zs=KTYegL(exWfKd0{xB zpRl^!S!Ig%!$ei6Ed#?=?MRx8D>DgTjx=7*s z9$XIwj+Rn;?$9f>PP-_U>_en0rOtS`JO4*m?pZS_1yI>72#OP_+B3Y5^hvAv@`$KB z)d1e}JSCG@-Rd*GWd+58vu8z%??21@j~rU8ln;>Y^Dz(KiC&%bST>mDY>+ZSbye z7+=6#L(H)hI?em1Orl#*4G*v*GhHZfYw}7tqGn>CkMVo*s!}lY~W8il`4&H zQ`x>NSkTIh|IY{&x(-`fGjrct^Al-+8cm0T#hb+@_#9ub{9$2WWlhfs3kt=br!86! zAG_y;{s;G1IlmtW!4m`akbNOvec7pbUIS(7(iL-OkHGmMXw%4LQ&)B!o7mM;_^^I? z^$203`wZc~4YbKK#+TSwjxy6U)$c7YF_773zu)*THpC4~NqqQ@d=Es*U>+%Q1G}Nc z7RO9ilElfXNpke61gb?3YTw}nGUNfg!d!DyWnn(j7)#NM=6H$*=nj7Z9?dz?;*jgr zLoMTiN(z09#TMs$4gPFIUd)fSfp13@nxlDO1kXz!@gvXkn8W8N{y=O;?Tn-rp6*?g z)<+$fgWb^d#+nxXJV@Q)LNpgM|Giv&|)O+fu_&DKp zRD2S^`R$wn^Sf`Z3nsJi_N>vNqB+t78p(fmqF@8s2Z`f9AKTKJS>(a^VE3P ze|fxPAnAV<(qEDhmtRo)Vve5)q0-WYF6)a#-?c;WguoTJ)26pBug@gDL)f*0`_h{RN(S(z$hve~x%b%r>Y+m#G%N~Yp z56!*){08yk_ZBXE!jQ`7x!yT(IidFt{FY3l38hxU-&(LaCv`^tf%}1sHH_EB2&{%? z$M=J^6QV~ZmJXdBnT|`T(Jb_wb)mA1xiZ!BPcwQBBA-2zDB^ubQD9=uGv@)qTbsYD z59VnPV4C4q+Aj@#&*%lb6NBHk+b4Gr_y+!l@dNP-`kUA`rgP-;z~~-`Lo$lNr!*;T zif6E+7_8i@;GM6_d_vc)_#vgCC!2yjxj6}+>Z^sP(zXX2PM1d;SCgCv&z66E2KeNh z_YU}k{3I3E`Ib*;byNQ;S?1(! zA!gy)4rv?@Jl;5vF_|wx;JD~FDK&@SrCP{hPBUlDBmZR(m(^{K?}6D3x$#Nvh-`}~I11^N%^ZS#fyrjU0#dpCQ( z`R4uQ`Gv`iOhmyLFYQluL53brtP4faX-`R9dL>*VGT?@+W2 zewov`u|tnXtXt$e>cix@^P+(i?qLbsHJ4p%dOMU((PYd;oAl4!)-K5^Js;`o;b~6+ zWa|JfwE*-u#3Sy*Gj>cTAqJm%QRO&>I^_4@B>noBq%=0$vD*RzO^#+&pBxooY%Z)^HSdbdAAg zz)-mT^<(@v;di;Z3%Uy>OE1rsFJ8q_z!3E(p7W5VU|yHedAVNf;7mH9YcaZj*T+DVH~P)R z3K;GHEBm$zbUnz|bTk5DeKl=%C~SVr(G6B>*H?{KfG?d_a%~02QE|-Z3(5$=blX zV$WA_bB$tqIXfc00MiPpHSjMO@fE0Gvl$#N-<6vW`4j1k0pj=Bu?)4Qo!ok3R@5|4sjlzI~CmHnD z#v~aWHTYsusEJOPi5U{E`Ex2d_uEjgemOSYYSl zLiL08+pIo}_Zx5{T;bhlGGjRXRxyV) zc3y)9FpIX88^kiVd#=&Ql(^DQ33sB?VBX~N)Ot3sp=9J%V2|iT7E6W3Gh3v|Q3}bY zKCldGuhwb4XY3t6ScVLXwWq_Z#uijxwP7B=1Tfuuh>+lbqpMvji zj{SW+g+1KdqY8YII8#!|u`OSciG`_xfU_!=Sa_(W0`p_ZsUAG*a?bb0i}fn=0&?#N z)HY-Dzg zF3*fLCYQtW-47(ei{IYzYA|DMT~F6ey)(5H)@bzC!NcPC>*=xhyb*m0+Qk;PY{BIt ztM-ZVRBJY;vL&Qi=MjUhyyYKxZYDrp*UN?edWs3Avfyr#La^IdxEiorIc86PwvK*I zi{kWBF#mTlQgkABp)%=Wae5zTtL;&Y-MZ;oH9 z^+mitry5ubJvxa^ml71z;*!vh>b^Q~8~6|hmjb_Mk!#Cw)ypmHxDB=_IZuL4{4Hjk zZtN}Q5q*k_*pJF%G|T-Hf>Z}M@uU~Q-|-O+6fq&W@aRfm19}0EU6$bdGfb4@n1?v< zu`)}A0zB#G05K}bDC6D;g9eW<*(ksP#z%24^u3SrQyqj|A(|AI;EhF=XTaQ;%21`2 zLA+G8J0xCfu)Y@YWYdjkA>ckMQd?r*X;ghwdS6*=R~?*^UyB`B#GBO^F1=7*KNl(+ zl2L4CjQRrzR7I@Jl?S$G5}?NzfyWmjcv9@8le_&+{5@=oR^6e$4(A3QAF{Gxj^K@N z`GRRER!5*00nRGWhnG71_xwH!@=c_<6bv-H&uWff#0_M1!T`1wwOM%c98H`3?85c0 zD??2l!9m^{oee^3B;`GQjR@^S^>=>d$$TfD3eE+>o^92deT8_gA1^SPD4)Q9I-|zl zC9`{ZL=RI6w8&B7acf6*EbQz2l97;4zfzpZB zSp-Ka0))E+uF^Bx>rS~IuE>iLkWJBwOo(B7NfAySoE9Y9T~cOhS#ijUta>Clb?{8G2St9?@z{ zWd_!0u!oEzL&Q^Q>M0htB(Pix42gua9Pv~4wDZk#%@faIR<)O?sUO~}WHn5E0;$$W z4zxrS;W@R)myFKAoGRN#!sz&@g~T5Wf|!2=It4x>R8fN>2&w@X=>zmqK-(RS$l|%c zIVDaPU94XhN-NK6DU!O^GKFabp)D-*O(-(7hJ7XysHqyiuK+3yw~;mJ?4tKRHWLUo zhx3hh&*sYWk6t4PC`%)TmvINw@1MqrC{d{2jlpK1aRPxg8n<&sD6$qO*$!RO`{@PgE@vFt3grJd$!H-UBn0=(^!m49rJ4NmOliL+7+N6gqk#uCIHynWbO!4wKsbU*6`U=3p7A-%;#cA zUrE4_#Skw+CPLoZ%*$*wn?_RaRS`gc4YWVWA~TPze2iG(17E)1S0HbUa$w5uO5l2bM@ zE{soGJ$yuv#fBCwtgyrRguMY^%n-(HBB4ba#WN!C6U^ZMqT;S8=Dx`wlVWQK-00s6 z8H1Zvx=PGQRnE|2ZnYQ(TL#+(vlns#?_?U-C&Hqf88w|SoUjXS&dYbOpVR+G_l5z3 zV`F3M2c(F4t!cN~Tlasq-R3ls@o`nJmSR1S$+8jkJY4!Xc`ItaimI=F78<>AyL;4X zoR(6Nn`-&!BIbN?v(OJ*;%&ZuN4|Y(Rp`zENfGtS1mYz6q{g0}8Sn#z*P@>#f`cTY z^3y$hLW~CX%-5g;!q8BqYlVbwwjxy56(eqtqxcHRBF#s1Scs@ zA*p0ys~X*W!Z-)znb)J!d{GafkseX3vu?zx&#J3KkZv~uLfgt;>C}m!Edsg3rpn2pK#?O$RAvGKL`;5G`Y)aX znw;T&s8B>-Akd?jj%;h99d9HCKVIe^KVVZ^0Iq9!0?JK-6}Cg7GAemZ_M^Or()NPL zgS;6@ zYu=AJnR@RSn|vNu^OwR>hhN)Bc4k<1rzCqZh{1O_>(9XOG1zs-g3%PFL*my_<;_^# zdaCoGtbi=a|E#Oxp(?o*MJCCYlO$E-E56?$IW#BZGmLM-oTQ1w6N&-DS^G=4i4enE z!_W-lW6$e*Bu$F{z0~tY2&;4rHHe7@Kai=;izE;B?-}lyCz^9LZzjqq6_ETC72xL* zJ{yWhqf$t0Nhs83w(5=%%QAesteo#8w4|$>yFXqoByI?H? zj}H6-TV;I~JrwoHlmgBuVQ0p_LsVss#=;Quvz?(YO+yp|C7LHe87zM0>vcH)aNXg3 zpPwHomrd+p%Z3_?Zc$$v>~dKQ)$+CbG-^9(#y>bp>e>A@H?f~!c6A#N#PM(m+?8#f zBnBu=TuUYoPJ9@40CQAj5Ojkp7m<~(v`mCJ4AP*-fUFk=tbMA<`Vn%(7N^|EMG|rNRcTvbO-QLNfii4Px4{ar5>~-f0 zR_YZbkH=7x9d(=fy-53K6K=w+i3B#GmKL_+Ksp}>jTM6lk!CBjQa4|>T{qfC7^sgS zpD_xPi?syiN}o6#=X4^LKj;Q|0w7HmYMP_iw&RL)H99v==!YqJ2|sXtRDSF4TC^?tpi+lsEZD+99fFJToc^b`n#&1lS zGnTfPxu7Z2v+9rU4f!L+Ku)Gmxr%qc;#z zN^9Vc&?=YI&F6B=%-^Gk^W}Wqg?V9sWg+hYh1YAr6U0(=$Tx5G( zmaJt+T0AH!P3ZYeJW^+GZBUIW%s77{6L-{~AHq#m@q16(Z&qG-X-=IY*6nO&mQv22 zAAc@73~*n(ev>_4b~*|8+)ok$Hn-Pa$4Yuz$QF}2cp%C({W>HHID^_ALg_9ZHQ`E8 zaG1Nx`GPf4jtg)etsbaOQt?J+Sn7F#-cfyarKr0ggXI;OAqffFQ+Bk;Pvpq2<%a(Q!yX<}$E?koJl1@7^ z?l}7>vt*YH|5k6?Bnlxzv$_i++YSnBDqz=-Z!0;lwpWgmo^IyNFTsek;6)fiMYzGD z>_eacB0}|NAzQDBB68D}geVawVoAp*ZLKFMKG|r=mKz`yhqxzo(CU;Muoj23qh#Fa z8z}MOg%b!i-@8fA-`fS|j@Xg95W7&1%n5yJZ8%6~m#bN7T*e+5-gKn1b&f1Q$Tt+i zrx=II|5J@zz!E3wz4W0#q0$4Q!$hkpvtkTGiJF}a42ggWfbB<8e+bII6J_T2P0Ew= zR1QM$R3sX+!3V36-z}X5SqI&6dz{$Q`?V+q+bNwNN2v}Hmlp2Lpw1i??*RyS#6c+rA93HYeeU19oI z-Y6#JF%Yejcxn6y1dBzlR1Px}NvUgA4fW2RHcf_Y2}o8HybE>2yhOZYpfYmyG}Wbt zG9rsya#f>;aJzF7fFo4Tj&?b(3N5S>t^mu-)Vdq3?6%biTCpFi5bhdb&EOS2H#Hio_K|lY_YJ`%OCO?TO*NG_B)}TtD6`-}?A# zJg_??BOaK`j-gwoTTJR!pukZu@(YrD+9wAP^v%^UhzL&D5WY&FTF9zwe+^NX44PP; zt2camj0rduwrTP~DaXNp?PnMg=5>+C%cYeunvlNw7rBy}>~kcG5T% zBQ|a$CYQ^;g41r7F{+4fon_hYYn1AHzZJdhJZ~;DEBY`&k}gm0kia`1@PL1>#2)%Y z?gb!o{M3h9Sp{#|xX0ZITiGJ-kV~O>1egZwYr&Wy07%o()af}-l%-U0b0bCZGwrYH z0W{YOE;6S;x&OOnHWn!UE7YT&n~OTgrBj++8u$xSY01JH1S`XT<#SSDL?2rq9xn zzu%_@tW$g(jIy)#B2wc4({3gib1+M{zvr{ggkr%+aKtM zaMOOGH+D1OCi0#{2BHkq-EmYzZ@NRiz$N=S!>RU@EnPTA#<|r|jVVqV9Wh>Z&G7Is z=>h${=z@3*D;?Pj9S*9UdP|H9C|Bu+uZbMp)XOR4z zHaTm>jvxMGdOGrEoK_A8L8RL`TREieO^CbxSRiu3k6^#Jy}Ipvr-C~pLw zJ6S|?EvjHDA5rysa}E-`j$Q1kA(6jmVmIO#@F5IP&<039GBnE}1MJoQOQo`?Vq(FG zsG5Q65~Sr_l@?F=K%j|j6RE}t6OO~iQGv)LK9E1ji9{~J*h!el>izJMt}@ow8EG~d z+p<6xAc3O`uIRXv@Mf5|Q|a!sgmf z38d}g`g3O@ez*;r?X)P3s$Du<-A>%1PSWy_H%?Z=A5?_=5y0hAE*%Tl)n~`^N=qZL zP!TS)szAJELcA>dnuRP#$pt};LzV~O?EBL5bu4IN&7$N5C-OL>@5Wsfc4cHGLvD?=^djhB# zlh>3>ureo|a8YceWK=~^Mhq;WA01^AEopSPOjKrnjvZ5a z+q$gWJ6Gbeo7^`h%BV8Ni?diBO&gec+%6@x$jhLfxA|HfXK8lV-&3F4!`B)Y_FtD{ zwtZST_;O@x55t0i3t+T|!zW-kA|GhtZBoB3m18*sz^`BKQAZ4Zp3NGX=*5KV{xKUue`$7>}GZd`UD;~$iY)VAd0FCg%6rU8P>$E ztS~Bh2TJV8eNrq8ZG`$4r^2xG1g&_oONA-l$!hibbhe|1btl}miL?vRSB6R?#wb1+ z0Mqs=x8p2j^lll2C}z8>h(`Z;YM>OQPh1{`@MSd*n0O9wbvziFyOO8#DoWHrVv$G5 zOKBj|D{{~h+R*=`s;|5ueX`4{+iK8N+}7Qf8h6qh&*^L6QEnCehK}1>)ChyHmpe}% zqFBHHg!za&7>Sqe0ZR8kM#3PIIG9b`RZ>{6xhKxm=*{>|ISp~(d*8_5L>(hEySb+h zC9+n+L$Awrx}bd+-n&BRmR+!--T!W@Myb78#T zTy)>Lk5NJ-5aiIAHJ0ZhW?A^sx)~Gal|SC8h>?9i!X$1~N+Z0I3jn2B`7093Psc-u zx18a~o3^qWS*e;Y7tHF1j9dwJyNrR_GY()XjjG?Ek6ECP(P*(E&2;)aakKWU2k>=l zN7(T^VBzWgovU@G<5Z!cpy|Bw%=AHO^|q}^iJE2FHB36GiU2;wyYjvzx%0MktP$|) zdC;%e`%H+#0sI}!J;&f61RSFva5)n3viZs$#||Mh765DIoTUem+iotw9xgB+r+?pj ztw4b&b0o_&C>)2rehpynIq6EI3Ls{vGo{rX-)A_~I|rccx7H8W?i2pd-HofD^2FFa zY~<@xHX5~G7fsYcT(8B__^y+A>2^WBSLzS;V?-sWwKBv-5M2=BjAfQsc|VKNUE*w2 zo9Uz6LLPr`v54ai5H~J742n=bsc}9CXwr^$^h6~G4iIB2Gvl|JPpF#rcZw8V2f@bI z&C6sCZdyyz6L*X*Lp>{w{T{l#$LFytuQ4|x&TIGKZ=pz~OF6LY0V6w)te$q5)?o`)ENz`aY)Tn#O*VVNra4BrWF{@`tiK0B^`#OJijXbxCvZ zp*_El#-sK42MP__apY7ITR%QV#UHy|4qFTgUm#Q|&k=5bTRC0&lX;C)+}Kw0GUkA( zfQ+Dk`!o%HYIW_#ytPeJsYHImC}g=2_$#kQC%y9>wqM}ek?K(NX-(h$z*OhiPN#7j zm;8JumGjf$h09{5UpHKAd#qiy!%q0r9U7kdBNkXjmtVM;^V)*TDNWw-FU+cHc-sUX zv;c?}0%%ne;K%Goop1kC7&4$-uqD8V&}bPzOLIeB1~t1WhpA(XW{E!)Dt(HzQckK> z1g0W0gli(B;_i`M0b)IQtEZRypxE$bkoi(>$W79`$fA_85CfKo0jxs)0~ADV*s37 z1laFcd2fVdK$L`jq5B+R`0^Z$d`~?5BjXXzTq3U5qg$mBrP_tbG8}K}S;;gS?4Z-r z=fo50WOO%X}~A z?*r_or;TYNfSH0X6QWhik}TBMfzkbMa>Z;90%lOZEJiNNJWk$9l(E4g3956ch7L>17a zmlqyGc`_)0szoAM;&UX103Cp+g~7wV;Tm=6(?IGv!X8s-=2{@ALdqK*e#-%fW-H+L zxdD29KH?+8#_}+8)WWDM%fm*rrLvRD3?S!=$|si@3s5JP(-hA1MN18n*W<+|9e=@Q zgPz8Gcm2^L~LVK!hl8dAnBP5$<#%y%fABQmPR4h>P4I&G))m?d7l@71to05EN~cqyrvM< zOU$-2W`5y|v?|)5G2>>ykz@wnv{AUw$n)0g)n0u>ul~k4pL7WsO>*tS$41irVK`jS zLew4RDr)$&EttxpE~In#wT|w@zQ4C7ZZk=w1#mn5Uh(r?bk0$SZYj-7ES~i~(lR=Y zCv!CmC^26$W6+cDfY&?E$e9x^jM_X;gWLYmmE$e|lCbSCn35sk@sGQ3` zw%ZnC;2b3@hIM|?t@m8_V!zzlB)6dsEPAmHHWX^PSRE*+c5T2o^{spp7LvU1?S>0T}W3qWhxo z;&mBE&M5dIWTbmsErB?Zn%Im4om7p4jkuKrU&1n>6)Hwx)CK(TZY;VDQRRR+J3p_} zU?4IgU)ipw0dpRlV5G`8&6qQZ8U@6a2c}OSNjP6! z`Jf2aPk2f(LwPaNJoTM%n4;9$06?{hR3N_T^~5SjeQK`NI-X^f^|SML86o>_7?t^S zyvWRXXRRp7Qf12bo&Qp(Vqxum^v9^`I^z>tsuhM6Bosc$RE;q&4V$(_N>#6^>7pkZ z5Sjps&J9ASPmfO0u-mIXln6c?4TvV8scoub%URrlZPYAqWsa@&;1 zQr2)v#jJasS{~0`={heCN9P?yvATut%?l`c7x8$ zCNJDP(KJ;w#^&>K72N}-;sO13I{f@?86NOMA759GY``N^hgZU#6>j3;ave zUUI|H&h=a7@W4odr4)hbycXq8s&)P8od_BVk|1%>k`4~dJOVd-b+j(|v@CfH++=?g9nIRhto6O`{0b0`}bK1JS^Ud6$}05en>|4)$aRudZL0t!Ec`S=IDS1u9FT(5Cd zY7DO%`F(1q5Hd_49T6iG5qW4;ijpg}%`7+-mSzb^eM#xULagx8$-HnIN3{ltv2QQ8 zfof#rzbynYsAfAntyc7T@En4I?9b0RS3xny@Fk=?cg>heU8a$P!(O#d-T$6U2zT8K z!QW(YIg0sK|4V^wH@hYvZ?5qC!aj5HQJz zAxvel{2`Qf{73Cj*P9k98@UD?E@9Gi48RnbfS(kv8V-K!E{eZr2xh{043(<%SbL6MUnqrUZ z0=smk`zqZX-P=(_PfciYODeNio0pU>yRGj31A9P(zw~%-&J~T4kaK|fE!|Ts$#q{ga1N5e8zV3|&*QllQOqrE0>v+8Skp3HaBs96bjd-Q*bJ!oJzftI+|kS)V35!eT4WHv4ynM zPMSz(_V~lOfr%$3l06fLCmxx|WS}@Uk(ub8(mO)V-yfpE$YdpRMKPyJu0+S!cnv~E z;qFis>UJnQ6nzw~jDr=rFO;kpy6PUeB23M`sBXPs;jgBop66Ns~-HWWv}kVcJ_ZFp1>zsNxEiC)4PB8Hqn z?){aXoyE@5%+$`(AL(UV$t-S`;d4$!ZSTII*YGS`a=>3AdzyV6$4?0h&Eqc1D zK0RBTjg{k2D}7#H>GRd|LiIYRY5xWNmr(*`kt^Vp`=^tiPFtCss22C?*=(y7pIqWiwoRW5(B^= zE%h*?;E!hT;ujSZYoN;iTUL7~P2QP?rWt!Z^F0f^^U^CkE4<6oTf8IQH@&7BYmKcH zwR(C`kMT0@GWBJKU74rR)1G(SMp$jejM0!WaR#->+1(D&F3>knRU+6Zt7xmW$7>=< zQzp~naoao|x4~$1fdMmKg0Kx4O$g&q#^W{_4M=T|XHbMTG0S=)A1Aj5_{hfryA3o3 z%XyG~p#DVtr}d1Yca651Ts#t< zECeOAD2x>qxlgV>8+rhtFN`WuUx^Yr^OpQ(O*&Z#L71uz9jb;9|EEYqrBrK#iXTVa zxFU=HkDeIChvAATq>F1Ltrtx3vYZ~@k*iALE8FN{quo#~jfu&Zr`+!fR7{k1!2 zL~?KWkN6DpD$*k-YB+@4bmPNf&2dwa+A!6k=b5S6x>xMj?sgqNT0!7ItBz{)?q4>B z&&@cPtE3q$S~R(udBD87sFHcGXl(VDIS35RKxR#f{}2Hm@dEjtT~2IS>Rm(DWS??9 zS9dsYxb7|WyQzO>bTzmY_u{GE3&?!$QgS=llzkfipzarSe+YaSJ{|Z+_#atwuO=4t zMIv!i(60@L`Jmqxma@?R6G7=u01%D)kIyu3aOc*l;<((T(z*6XxE%{D47SDCkJ;F}e?#g95F+IKC z;>vZ7Fe(`|2ux)M+T*q(&>N#Z0jsW&9hgMxBUz`P&| zL>OUM*%r%XVJectd``@foE(ZJ>*)81aI{XYN#yG2D=&QAs=94;On=?6I#Rc`ueFj< zKz9^RcF?R+VHDKMcsW)aI@2MX990feOHLEMJI0b7ig41mV5)Dm*km!3OU@rnRubbX zM-QP+cL}7l&E-7-R;5Z8R9gQsw&PvLSvOSq= zZmAR%{id#rX;8o(Q%SX~_G0AgxP5=U)wSxCY2516gqF^4{(RQZ@(XT$`le$Gx-Yq9 z#nrc8cVf6Wt*w7nb4PzFc`O+!?B` zzc8Dg>Xuh`-;%B0bNQAZc3wO3z^bbr**`J+#b3>0Q{(y5y4>b~gK9(pG}17;oc>1& zoR#kj3&65v!Wv<%v{|@ade-=opx$BJZzMP(5fqlBkj|v{>zpB%->KJPEz$V34zu0w zz!4n^JFb>^At+TmTZx2Hl~|}mq!6hw@ivo*Cu_jX)vY(M)l9f$EPNWy7Z3hLb1*kEj9Y)|Z1>_m)<3b9~Jj`hQl?XlsQ zdfSztvWJA?DYvI@4D^$0d_&no_d3Tq=oY54V%Lh6d@)ZqGd1Iu4I0JQlSwUhpa-!7#9w}i^SXSM>b zlIW-`s(B~BJh?7;oBcM&ZtDY%XDm-T4qNppU%^Lg8a#p@khKWdOArd_Cu;Ek(x4D| z3&qG!kq2o&-i_v*vQKHTLrs2qP&Tn1BLYvrdLW1~t2>MzKzi&s7^rMpjxf5H%x|NF zkRSq|c=m7brK zpOg&wh1V{aw&DnRS_$65B8UNI3b zM%IXEs^lieX_`k^8xf64ZgPm`CNGw1B4V8+VJ}>YT+3AIa42Ll8Fd;Z6WL~^DH~Rr z{b2=9$0~QhU%m}G*?K7AHBf-_W2Gq|R;t;pO7@2p^Hvs|imf#F!*V2z#q@BR zWYU9F3v^bt4q&QuH3uYJP5MYzlRnbboDk)KO~Ai2s-&LR*2K>yAjfegek6Vjuw*s) zBVJAZh*xvh;*~_?P%iFHeVK?{$wWRU5gGiHf64e5f2m1XpnxJ^)g{mIuN0>yRLMaO zjprbnU@}tIT-%(yEU_iArS_TJNbTXAHSb3Yh@XaFr^ERNvo~Y*RfWHQBYZ@It%_Z@}BYQ@gMdULV1NY_fRTX-ZdnCEyB&4v6(>ciRZgzfjEx zI7yT3k~Hc>-?9a)p}bS8V1+yqKA~!FJQxXWrCC85a*)w8Jc%Y^$rbv``StpB{OyU` zk`M6D>tELYNdF^HGQ}a9KTngN&W$BjK6aa`nh;6f=RO-yjK$OB94*}Q^cttLUx@!zkXon0_{;zb+(W8q^b1;fPPgz8?GdO65-GoB@{ z4p7{n4`6NJ`T)tcb~pF8K84;yY}D6`*P^w)wf@`DX5VK2gZ`)eANxP|8wOiXv=Y%G zf^#fHgec2fcq?xMw0meqRtHRO9p7 zd_FH~Zbm5O57f5pOn4|gJ zwaXmCgQTXeBjV=uj>-ADv5rc6>>sYNPg&!I#ZuOknpvYKa5711@lTnXV6BE+OV8Z$ z<+^1?zeuXyI@7(x*-(f^v6#!~FJcy4))SW!Z?ubsc5DKDm2Nj*}_4;!sLU=HABt)_yIkYgeF*FPv z4k!)!42*~HWe9Klby!NbWYqq@sWC?*`SV!&Ir{63%KtrZcIBhd|3PnUf;K!UDSto; zptBg%Ec*eM76@Y_gh33(M9=I+9v1Hz%b@%C9gH)1)q->e11P~Z1ZarYC6MV(&kr( zC3Dd4m{G;m{-8f3_?(#c`#Wj)2w^{<3o~!R*zXK!G-@>>PKSoqVv4zqcp=UF>zA-3 zm}`8&+U#oJ=?rne43T!m6mnp zb(SsWr?{t$PdIE~5ox0Hx`eJTmd{>OUFkbiRt_{DaFI@ck z!yA9OX7%5n_;qRTOFzc*U)}b|#qMB64JNC0k>^yX^^veeaw_Lk+<+pIp$gB9` zBb|{_+lMWftgR-k&1Q!i6NJZ3I9jh@KkV<1T>h&Y|Vp*uHB|XAwjoye= z=w*Bcu}DV**`UF!#$c=@^S{h!VPZ8NkX;#7K}C3#s3Iy4kEj!b+@{a|T5*8r+Yf!G zDloSIXzX-{d3-H_5m14S;Ca5{{aA6M@)}sk9BK)f8_A~iH{4JfE!h|0t+>owerD&< z(lMMpN}M2Llfh@X9W+Q9e{2b7PbmYLO4*HuqCn?9Psn1s3s+*ksh2B z&gKk9#fSsEdkP}oc;k)2*c*kjJ0tnbScg}>8q9VYtav&ru{)Tj`ggcY{Hb_ed z&BQ0GZ*NuKuQr&;55lR+{!vje_wGL7)G624Nvc4VP=ltL!l$ApU&);= zA~Ow*o)cC$x2@zrRWhM4{pTw*+*E`m)6#rS(TZ`Cyn8Ql$C%6)#OA^DP)Rf7IP3eFM zsW_#S+>d0Q&yb5VcV)hvVKV-m{PS(!ZeuQPyQ}T*JaZwxnSZ2>@%Qj;HlA-wRo}ga z`c3(Ei#_-I6h1$-G4*`v?UX8oEyfy)EyrRzj^fpL6K1yGIPXR#rwpkMb$Tq z?;1}VnLF`=_+`xe8e@EkQM4J2Vw-G{3OweGe1>mRf#YHnGh&;nEt3+#=wl6cw&iYa zib$N>rRH>dI*xRZ4!EV4cyq1;WSi3HV1O?ig{P(>jbSBZw)?+>11Lq-qIT3ldiIC@ zo9^|T8a+J*GF#c_DW1*bQx>l?KQxrwZ0buVX@(Ve?26Bg%O`01IHu`#&Qztg)l_Oe zpw#;eRWEx!m1Qu_O8g9_P`XG_4K(DR9Cup^3WB1kItHz1#6hou#9_ZtY1pu=@V8=A`?n)J(_fqNQ8A*eI2`&b{nlA ztb8Og{gKtU_TEVTzg}tiYKdY1uJ-RsDdZYdCy$g3<`&80DZ(_QBzbO)nrh- z#wZCH91dyYh797vP@J=IuDm)jw3_aBTPe2Zs>r^&zY~vDAb$n%S28P<_k&{UEcv!H ztKHpl)4)}``(pmodH9#U{0y_PaO&;hfm^Te$aC2l(NNnpW6KY&nYs8|$4TO%nY=R^ zO{atBkB$B17yB~uo6nG4*XF~R^5VSGGIB2Eb4X|ZNmo075Z3!)HdF&Qj=Ak4|($YfHZoj0v?Lu2h(j^OpZv$*MgkMXed}rof z$##-9bo>2&-}gu2%*?qnXU?2C=gjlY9p$T4$bdi>wG69+K4+qndI8>GB#2w0Yj_KNS(rnRDnnEmo^GLOqez+FCY$0Dgt z$_ZTM^%1TLpbJr{)V}-;_mag7{~ZuvauIj=WNaZv_!x4?wuo?7GFIDB$uo!hGIN=* zr>pIT&&}dy?8Mhn<}&Kc^O^5v$ffJ3>%wVv9<11c`vV@01j`jA3MX>1q5?&sv9OG7 zl&qFKCuWsmTxwL5iA*~1O(I+>Vp)E6W`Wt6MX$|%Vwz^lR5Cs!In06Wq)vG zwYhRbB6Bcv*0@}}Hj~+_e)uyl?Rx)?mg+`#JJ;#bscs#ZeVzQ?Kp~9%Q5gI6j4Pnj zBesZrhy9op!E)xe0lC#)&vKW~Ws5F`r`}Qh!Wt zmFi);Rh{Y^*-fe=?2lL}ql4^Is^2k;SLT&-d7OTe>Q&X-s*hAMB_mQ9nF5ta7!#Z- zrXXLzlrp=R`B1i~-a;p;#zROCbBm@t zMXOAnr_X~bsMPuqby9to`tQ|`s-ITBtUe9Hwp@KPztU$gt44BFfs)Z+wp%GrvyOmT zsX%(2p3&>ELZT-zPIWh8o<&$uKn^;g0$6@2HT4BBOel`j8E4>@N|Qq?!!mN1UT%`XVotiAVSX$zNy|Bt z&0>{Fr4B~br)K)F<3&5Rm(F^y2Vu2VW7aU578Ac_Xelo@mDCgzRy%Es6FXIEwXHy7 zY9bMK%V(@Cb(#8kZzM@Zol^~qZTHLXENQQ{LC@LqSAm0wX(QWj7mgny6Ey( z_ZIT@!q~x96jtPm93THObL=yq*NqoWNo?XMs>9JhkwPc7v35<>t>$~ociHZ;-(Pi) zOJNoENmLi@o4ClnNe2L9(lO<2Z$5qlb8UyKACk?p#hbF^K7J73;0mSSs#(6&^Go89cTPGHDgYR*7xf$!s z>SBYzB3|ZZ)yph$81M3!ycS$ux{NqBxKmE-&h;wK5O(tkB8t%)I@@?_PMRp&Nf2 zcZb$j|3F{nD-dtbSib+yPiFqtBQIrsd0$}xF75X^>~^u)mcJ(RR`ZI;liTlm68rHt zb+VqSCWM#^uVlLMd6=&#Q7!s4x!&@FKzWg&9&97*3)d!n$=dr0?)2SRJL{XRJz96F zPFY7puhQhzqgq`pQ*ATXlB3ERtKnVC7xmg&m4sX^LKaH(%j?M%BZX;}4HS?MH#wuv z7%=u5w;3mmdyH~pnw8Ew+-`dNNb%)vA9=T$Ubm5_(ZP}fzvw>YW{_LwX57y+|Azd` zf6(jD`1>t#_lW3DXLgXwXxv-K5#%$%T_VszFTPJiDp@%7Mh+_R*O?0E1@ao``h6rY zctdOJ4TJxjSMr71Zl79N<*3GtPFGS~AyHr!ySv2O2V2RVBdvp(YyQ}HPutD$k!!2l zYHC!vLYXx$&uK4M87n@+wAZ(KrFQ=AOGyFrs2#X9pzp9)Q3a>t$TqWq%rWSla+-#+ zR&rCtK?6&^FG@4Nc+TSIOfHM1nZ9%dyk@fHuWdFrKh?~(bEam%dDbE&6r?!{Fuyz~ zWie-x5(-v+IZ>6RP(>+JnX8_vVy&F13UC59TkAMelf?>)f(}GF*H&`Pv#YAgU?^sq zo0?=YsmzMnb?r=hi(gxZ;s4e;T(=8#ZR=tJUHx4LyJovYT^xVpyd@9mF#PX_x$Umb z?2=?h?%tgp=dusE8wdEE?zs1w^VhhAgTB;X1kz8EbmZs<{!?9S?xjP;WnV)q&cXOD z?t8PZCGbh|>W2A#^)=Sgh1WO)W>Eh0qhckQdo{QdK2rzz>jHY^e#%C?6!8ejy zEq+Tr;;@oo`!RKs*YLtJ|7Tcahg#FY>l*$Z&@;qs$sK;h^qt*anQ+RL0{m46OFvk2FAn%`6}N1m z?HGu=%5zUlz43UwdA9E!A-5yIa?_G548Pc>6y*dt<5P zMp&E5%Uwq@g_(4uE~ir+)Af%lvE6RTw|zd-iuXTMYt)yB=?OFh*{8@f`Hn%UuZ+T^pedShEm*26v%vROX?JKRYiBC*`E)dN+aw3I#PMA(( zPH*7fK@DPDw6NRcsARLZE%N)e4VZj=y~t9E^XZ0@BRfh<*&yDzrEmH9?R_4prt#(D zTYTQaw(}ni)^*&9)tPTyr!v-im`5zl9%VdJob#X)LhDxk|T0T{>W{KGrO@su4N+ciqDaWg78`FY5Gox zthVURn8#>WaORXT>SG2c9dD%9ZdH*mXib3PcY zw%|eyBVC@o-jhg^zFEWMbsIm`(2*k~?DwAe)oyFGsjdA>Kc4teV%N{6e}x~+9Fr~c zRMdD@b+}hM#bafj&mZ4kE-(1?i=RDp+r3!!<~C1OS*lgbr}H2!Kp%fDDtV8qI$SSBSmp{Vp6^CH6_M#nHr8e3qgEE6G> zB+dLdppciU_Q8_uobtm%`18bQ-r7QBMlM4kx7P6Oj3Ij_44K+9WY2`jZN!`wK3&*L zw@Ywd6Fp)m#ufB85b`T9-i~)<-u}kMW`|>lb!M8%L|fhE8}T>(@Fijw>oRLZYuJ~N z33+fNP@va$%e2MFU?%S{%8^MgT>I{@nqD>=eqgaVRMP6ZL`p-kMjO}Z@}ydAp4p5{ zIum1Z<>_-5e(C%4%&Z>kOMU$3b3WnoIbZI=FW(6tLv~depBYw@0aw*)-1+6cYt2`HVF$f`D%V~y4= z2DnmgtHhkfR*tKr)tA5G-8CtmR8HC_-Lt-+r(sjG%UeA~Ce(^te9uq(1 zNsC|f9P?;U?&2>W|M{Lz_-50E83$ib`pxx(Xuh`Dxy8`CW%4OYa zXT$4nfA!Y>T{T~^=t}#}pKfU^w0aHpwXXK2$`;#=LxED;S9X2-^B49mZy5i$>!xCu zZrIB_*WwrO9gmDT@;gQ|zkT)k738uXvCI zfnZLe7B;1X?K@+@3xgG^SFsya{q|v1LiHIWwyV@?zrkihDy_j@Ye9w31*?!qqW6>6 zWUM?;sP-2C3bwHpzq(edw!zd(vZ$DpL~RuA9)eX43YZFgwXX-*e)b^CvZeJ}i`l|h zUf23u0l6C1)PSLRK#t|4o06B*k#0(N&K*DFCg*m~?KpGxJb#ov`?{AndJIIfE4LFV zY&em-{Pt>e-~T?Pw6O5W9)zc7dza^~buK7^)vbho@j})>%;5)OAN}mu>%0H{ zksIGW_Pw9(c*$;Sbgk*QIZ|U*7jV8o@9GgI6M1Ip(KlayVEoa}+y7zop5xE$+4i8! z|EV>1b}b98TK$#G56ghYZbpj)BTbr)DK}kJm&%JDhQ3N z39Sd5O34#wEu`fEt*0Q(4R9}{>maNkWk8$*!ds;GqbkT#1!XXhZUVO+aOxnf6GAUM z`+&v@J|O4#HJX#pUQlW(8|u z9}!K8CdKO|m6CsxmCE+XelM?(e@}6<(x<9Z`!&loztp~~dqcl5zoS4|xWDLt!BJu@ z87{rS_>X0Gnq1{u%HJ>_<6f$0tQfXzuo|s**}mu4RoPMb`N~tyqg5Zdj=A1+zf*m% z=Bu6uz2EUUeaCC-{ocBAs*P6EOLfbC$>2rTfzI~k%|aYe!B)|2g6N_ z%_SqhEJR@zMd|OtvQ&9ayib71lr}BE5>$;(2(T2rhW{wQGMJtIOn~L+v&2r;1Q;W2-bw*xkSK4h0JCU$UcUf~ zP(j{j1z3z!c?Seof{OCKDZo+`&3j&eWhh_o6ks{((610+1@ol-(*mqSO@&ptUmLC~ z%<`sYZz%kN0BexP@IG*YMMUbF5|aRnkf+2=VKKxjN(Kd3gj^-V6qZ1|q~v}979mH; zgA|q$y_6ghV9-U$cPT7`cvZ`gMN)&0t_^b za{>(dHU2_?LBGcT5@678nMr^_zh&97K))uV0E2!_j|ed6*Yc47gMO_M0S5hAj|(v9 z*Yz0+D~POICj}T}l*MX0`-FRO^+za+o} z|ECl#q4*aB81QTOvW&zAYOWPvuz{NO6gCllYHk-`;HTye3Y#hZw*;8r^ZK$88>sn} z0D}$GyiH*jk&h=|fI&VUUWPTKC-8I#uqX@5sQhy<@b97g$Y{Mhy9JoUQ~Ol$_(ueo z#2=$D)r;pN0Vd^MKm%w7O`;GAqaYfFkVB7y8$e?e?nN;)0WK+Eai{~H;s6sr2=Nh$ z!9h$E@_PX4r18POl9D&a8HYAPN)%1ya1szleh-x|uNF1IpAXdtke|l3L5?Vd8z9dp z@Q|drHUPZ@IPyEaAv6MIM9?^mD98wbC!a%?36I1?EbQkjTxfk;GgB)uX)oI`gWqq4!kLYFu(nwq! zZHG9*>Hl1>9K?n|BM~SyN$WuLz`--YNeWc21711cnB?b>gO=9|ejk(_ruroul6)bc znxMRo3Di87;fc4U7?ewRngraLKZzBhHcarQDOaPpaw9?usi8KRq&!3+W=4=hoYsm^ zt%jIQ6hBGhIkc9_k4SQY)`{3^9oQ<7V}xoTzDUYJG(;(LIqnwPC*dPbrN_~_kksHs za?DcCK4-PHSmV4N*HV5*1RYIKNhW}1kkXCQnuLWqOjBNm!6$T+G$u%CjZm7TrA<&i zh=xcTB{*XOP6Ar+5Y^QVfOt7XsqBW}X_(qwi1IZdgyBUNF->`h(%%E-05c{?fKVN# zl1ac{7@newq{h+q65J{m*tUI14pfr*9WQhFzxH2ISogJ zesl<2lyWyC)Od>awLGP1nleVI#o&+cGlvD;j6)t?*4G2x2rXeokkR7)WQgY7F7V1r zh)7@*+-($xSjytQg4jAg1|)@)*pfbUgxc5C5-nya2Wg)kTSRSy%5ReDWM&EG2$fKr z$~LQ44;}B5fZq)B2rtNh{CQ}vvDhL#La*bc_~Ss`3x1OJ1cWd0lt5c4ZNAm<{bM{g zMtX8N|L>MKO*N726BkNZ2d!iPT75UT4w&N*xDR4U>*=Pw2Z`^3n2q3*SiY?NKlRYcG-Z(G^kZ-&}ywoFpvor`7# zi+kBDKYV){Uo?gVX=~suYeJwNq+EpPn95rivGYNpG}1bE3jO~O?Y$$y$i7BVZmB1C$E@LFCwwflAbi%W-l#oMCeK4wB=9bdW<1KGmFR0 z%lE)bCB=^=ms-W8B}ard%7Ns9bUwZ?O9|3(B1HS8%a={0f1NN!@?*-(CA#4Cv~*6$ z_k=;p(Ik~@MCe66iOxB}7PI~M=%R8--!VcZ&5y_Y=pSFSUZ~Dt#~0b{!o1|qODalx zjmSlP`U1V|c$uK~w=gTn_IV4KF~H?#&{I_6g#K8rK0IHGt$SSPC3*Stt!h%RkA>cJ zsSW+P8ZFqzYFhV8HJ2R=`I%i}QEm8M zMy@}Yhj=6ro2ceCMTV2HIJY(!9|=t)L9})Lfw4#ecp)qYhoT`anbl`F5>F(# z;N)Z|DDX(oNl2>2R~+iNHa0N=HJS)bCnkfFp?EbHh7zX7BEw@`B*{$&6WmBB5gDBb zjd(b2b&?x{n8egjBD7-)c!(s{l>LV}w-@(auno5wI{h|0|C^;3R zw$dLBP9!6s=Lj!mu*ew>?37C+XF#>XW5IY3@&dJFWH`YMP4W5(jszzO#bk^dCG`m1 zIvk2dNrj_eqeGEsBsl{GPfbPvX*!Y|<3?jKuuR}3Ha-JfUmqC>fg-08yqyfiV%rmx zq4D5o@V3ZAD8XArJOnKu2@f&eLPui5Q+yQ(axj{RQM8drVlo<>;Uh!BPJzzTCvE+EvJD!{fj)%PCiLFVZIPAw`<*iTA^0Zwv%fx1RkSS0ICCtfiYjE z$)#!h&2Bgf#)^!O?gqL!3wKOPR^m0_r66gkXe0E-@Jzj(~|= zT5}GhNNjwR<_(UFL`XY^<{ziyLN$qwQ`yqKiaeL-~f1<}=JMMq{R~nE%oo*V5i4 zamAcjyl(UkaJ?O!0~+r@+?98Cmf~mW@O>@mQ9fzO3pqAX=t}u`tW~sE+)4MOuAFBn zcE2zan4&XOzK6XMh0EnxthFoGcL}!0ENT(05Os)_iyB1%(MnN|sOd@+{zRTny4$ya z+5L%R#$)vm$>Cavxf1>YW{)t(-u?-svIrOFp?_zskaC4QIlRB7jr|q6`>V?ROWS4c z+Z=SE0=3 zYHt^S<&8Wr@2c^iY*UC3dLJAkLLv;kG|e^d^!Pt`5uP!dL0XJSEc?fKT>+HFo}bs| z`vYw{_V=hC9D`=rIdl{pgJSH5Xg4?p(4R`x)RKbOr{)zJzYg%G{D+B}-?WXf011M@nAzrU@3eI58Y#{LVkA~XB%5SByu3WO#IUuJ&@ zqXOac(Rr=TzX!_uI-q}@oq-|8%zlHt4f!E_jQun+QnX*BG<-R~NI6~pHU;}F_EQuk z!R~;u$IM3A?J2*RJHkE+oCetcoR=#JfB%`%75ZOb-(k0-0>C;ASjA@T3+x2)f+ICa z&&$>ReQhc>4b@D8Sj@m9Mh{az!2U}L2tj#|vwKhxq#bAPK!p%K!QPoFG#@>}enipE z5h_sL*HW@N63nYL{-bSj_G^$j%l-}|{ySRQ*?C8!AGJBy&mkW;288-1KyQ-IVA%Hn zdJoj}9;oI$P|bV5#d}Bsc6J6*&H#>=eFIIhze4-KJq)l2NY11{f`=$zbNUalyVy^G zBy>kWb{JwmJulY~&OVjW=To##&8sy2))&}UQ6D%4n15})*x-*HVgHs^W#7EPNHY8^ zC0BvyZs&CY8E+#xc!Ax+-bp2K2bI9=ci<5tE&Cao`NF&^&%YbAKLC$0@E-to0^IxH zM1VE`br?Wf!LfkeKd;gHwMW<+Xy(-^O`Z7#b`?~86_wViRH23PeC<2{>yNNKU?hF) zy3~jn7+jx%%p`T)d}FiUcZ6L>E4(gcw(`-b{1OUur{uixbj&OANO7GM(VdcMXtY~s zcdTo^pxAE)V{E2Xsw1C>u`rtf=L5F~Vu-~3^Ey44_z3H#Z2QqRa0kK7f)jxv{ebQV zMf%Yx8lz>GL!FkR3*cB#;BxcUlPvjqD8^O;AJydBDwad%WeAzk zZf1X=8Sh5B@or`}yIZtdyj!cFK)$sShSUmvAfv^Sdp3avaMhX zqHW4a-=jl*~TmLFKISsPcqTJS#aWIUzYE`9LD>mu!`v`}Ht;9ua{&B)3R%JT5eS?W zX#EoK_JF?+9Kj>cR`7k~8Jrcm@LxdOB>4NlG0ZOlWfq?;U}JPP&c+}c{=kM$*iPA) zS=&(?bF{6Qd5v=U8gTg<#{GbZBWo2g$GDCX3E|04C5Jy)+b*Q-tS>cb55O!&r>7Riq=489SmSw+g#VotMi z8ZZ^9UONP3sopjSjH%uY5R|5R;}GPhdLJ~m$r&x4gBgjL(cn252~{cA9gwW#16j&- zGX&z4tI3?knUu>4!N;kv34%YQ!sQU0ONHwp_>ct8!gQ*)6|kSnWERf=5ze za^b;OQ{e|8_)02#8iE5UXOz&}kDQdwmym;oiBzu)qs!r8EHB zMv=VsCMJ<~b>$J*k(>bf^TK^1<Tu#fC!-+8*rmU*hZhPH zH-tC$s)Xyvd%D98cmK(JNnsp6d4~J$r&XkS^YmA8aKr=qZ4fkVDKN(xu(MfYExxfR z6x>|Ab*4}BTQ|fh7Dl*TzU{xD(RYx?#f2iXpjJE)9Er;94Z_;=bTP+f+^OP4aWtmP zsiKr|Ow8mWvY^j;D9&0K-(!v>Nl;M@M2!f8k0@5|@Stx1+LnlE6Ba%xS&`@Uh!

      T zQ0&Fmka4^AyA@e)AaH{V9$OCNMvohh$Vhp4nU$gHelq$h9*1Tfc0pSUtw)D52=cDD{~T!Rg35Oq8pQKl*oTCxrxc zgk}`s>j|e78DK#oTVWefSi^u;sCZeyN0Y5dSVX1BQ>f&YtbQ2BP(-CBOlYqhEy3U1 zY63)JyGF5(!1!~zL101T2*l{Mb7Tk#Eun(g4;?`YYl3sep9upQ53lC-?%_w|`Jc0& z_5!|*SVdsZCUbe(XATR=I5Nt2JADegVOxI^oA%xUJmhUJ;I!JCwAzKYnrtVFUdlfdiAlY5uE%P>Wp`6H8 zB2=8!LGeHzE^W-Tm`G_o9*kOd>@xRXko4n8X`OztSb0H9=}U~R3jKR)V{1x`ovchp z`MhvUjVSW8!iR<4Mks?;nx)qo*K|s9tO%!1{(0H3c~!@L1uNx& zEeHLRTu|x-nGuwdUdSZmjyz5K>CpYQg?i^=nRjVz%`D7yHr->mV~sCG(4NB}XDu>E zwuCM72z%ytm$I_z(R)oYpR~mjRd;3{%NKiHy8!3~#`x9PNABp?)db6 zw9;+?{;UHRa7+*SY9CO^tKTZD@WknwjN6~!TOvlz{}1NJ{~~kz$Nb35#mLU`e^Ng( zlQ5F}6Y%mfsCqe?F^D_ZyNa5*m^fQGx;i-jrz&q`XT~5R^zQ{wwX!pFkvH>DcCa(D zS5%=BcCa;-Q-xy?w>7eGAz}Tx__7xkcJS1pV`Jkap<`iWCt>2^;v!*UWMtqB&=La3||(mW?$2>HF7l* zH8XKAHTyq_EA`^XqS6IX#2$Uc7^uQg@4&AlvEqh^Wc2rPJ#Rp9R*4Fja@h5sF6Wx< zsbcGD-0)7E+C=x)`YsreWIo7bH)a@4cq9C-nvaRNtK~nKBU0JRh}$SK_kit9E=fb{ zySq(Kr$)RAr*27~5tsHdo+ZU{0-0~gw4X%Y#G%)DS^jp>*S;N7x5dC0Cnd2(*0RS# z%|jcW0Gn$53B9{d~pC$*NO zE*&F)pGO4^lY?vgi_bxq=pv-cPSLSJZd6eKB8S|kvhk5a$noWN>9Ikd${et&=gvd< z*N6Pc9B@$2_2yT4Q9vX391u(4WeqXq0|_bg1JfJ#g=c+ZdMmF>>ek@L@g-w`$UiTa z(@WD^xz)MA9zwaBAzsAy%)QyIzxtHVz@T{Go!spZ0m3_Cmd*?QUEN)CSgqAZOLZZz z&zA08=4qKVV0~j2827ZtaDQwd?e~&=!}~1bdz1Wf{2H4!LVVj`^#RcOc{gA}QBxnF zF6Z`$@;7b7c+B6ZK6K`DdO%FBGhtU0g*hjhz48;j%{mbT2nt^F>WU!p_c4!p6u*!p6o< z!u(ZdWo02@X8WptwXv|U{HOj;_V4;%+dmmQ(^tvC0ryY$pX}dHVw! z^Zl=6;pF;{4(EUQ_~+|O2KV23|H^+p{xg=ZlIzRwKbwE!`Dg#%zW>wLfBF9M0r%fy z`Ztb$WBQN3FPneu|Hkou+5YR}zxw%C>isVO|IZ5Z55@o1AZ0iPRR=YDtAEh^*Y*#_ z%5eWTwAudWcls}Ae<`y6Q~ZD6`+w8avV6^n`Ts=wd8e1J>cR@A|754f14aBw^7weB ztU2=tIg6HgUA(R&*iV!u2y(%nq_~nKXnt|2d^0}4#J8$=WCY&z^x(N3%)6?L$0;@Y!`>not{|o**w26 zG2z3g{_fang5_T*FQCH9%dIvk0S6zDDSPylTPF*+xR`t0o*_FNTNsEat$4_ ze(ZQf&BXw*N$=|wLw98Or-_r|dHbB1TZK!NZ5p`!LP_T=nRP1I+xw13oqakwkl#Pw z$l6h>3Wwn}u-egAP^CYis+L9)wc|b{n+Ts(HjcOI8UuY5+xiti_#*84@m#rH(5yu% zj_{9sEP3z*0W(Uf!J9n-V&N#zn(azNXw$59e<8HP#z;NL>I#9-Y^QS$jMb!2euR3z zKO)4Z6%?twiAH7!TQK%>;9}~$jw^@BUva;SEae3se+t3ThY|@2$b2$q3Wv`Gi+nGZb~1;k(FyGQ;9qXP-mKXK6Ej!@`&@7ku0wEkEp-I z_4kak+OB+2yDZ0KVZXE>l}OW~$5I?$SZ{KCF+>(hko1DP{&a=<{~_}v(izVbX4g~! z%k1^G9awovz0(_p-@WsQ8AvX8qY9o5bd50~( z7JEW7|Kmrimb{siB`W}3IcAgr)c|qe$JIut{)oc;dosrXRL(zi!xOTL@G}-aDN)uS z^`&|qU}f{7Kn;G-hUb>g-+)aBvbi4I73u$DG7p*YS0X2RKst@Ff6qy)k7*ODv;nm4 zt`f!sw6$JPmB{Ok51h6y^eyL4nQO)m*nA7-6#WCZ1IAk{pFqCBkEmC_HvV_V7p zIlBf@i)v(uhHj zY_{bfKTd3pUJo`$Ke{d)Do2hkf~{!eU4v}_W~jkQQx*;;1G5W@kMw80_V~`k&iG8z zfZ?K+23az|4~O~+!bKm=2a9LxXV3w#0rLToQDWIch0nvgYUR}gio|qlIlWA8=1%rb zKqrr%!AtI)$#MQMi>iuNj2_1@Hu9D(2Iz#9xXjD|bLfXGICx(=&kej~8Xo zVs3T)>yJ79J;7()Y6M%(4;G#uL}vCTNQ^^s42&?HkY9|F%`jvam^H7@!{J+^(S7S( zLvJx$feMb!zQkWd5W~iaB*a@{T;m(mBT_wpyX12xu&kD$46Rv+}a$WQbDY@Jj_{cfyWj9dH;T=V$g z59)d&3Kb-8a_Cm?NUwyApi5DK1i$omilyExQGyRjdJBGIuOiUq8q8xCYLd^ug+l*~ zDhWhcZa?_qRDb-Edh~bRcLJSZiWUmutfwoA!B7VykKx6l&x|%*cTAP=rr}M+aglsk zKFzS?Zfrua=O?>CSl35kDNM!D!Hu__U*pny=9@j2xiVLBIfPs_aqKk&5;N*=jN7B# z91B0NpLkqwzG4`8z}yeWy^#vunQP7|i_qU>IrKwtuFweXp*;dw-+rG8<)a8y3MvG1 z@FB!VJOnZVmU6<|D!&gkl zSxt}Jv?H|(Rfo+8#tc=bj|^IV6C>N>9R__2gu_d1W(NlKX9UUZ@?y|+pjc#ViOxL1 zGeLH*-!RDv^<$Vb)&8g!Vhe%v&CezdsO_0j*l`0af%%FA12c&QBzCaiw!VUxy7`G& zxAD(65Z^dA`#GW*)))8|TS`IOc#4#kUQgpsdcj;}D?t^(r&}fj91+&6nILg=Oct1+ zzLFr9Iu!$Roz{08NLX+zz$1TGU1I{4*x6frzhaJqoOHL2w|Jx8;0IZHF(4P_j0X4b zcj34ZwnWr}s}7?vGjLyT5zo=7;hppGjzmT34MlIYJD;y>6Sp=uix5vI!P2g?Hlc)mFq7u-!J(7RQOTfUC*E@B?m46h7FH&))i4xZ|MJcx=cGO^(4uyG%w zcn*bpeN{sUso&V5k6FkC%hTb>El#OLXJF?$tdlZQ#)r2clo=;IZW!Ym{WT>aTPXn3 znih~bJ;j6~<=6CvB2z78{&Ok0e-h#!cIyIrroMK_0?$8O9P~8fVx;##`+ULzMLEs) z;ZH2KuN^&k1+s@j@`!L?T`CHnJ&k&*Xbz%3K*5n=V~{H~;U`wh^8{V8qaE*GXh7{k z$Dg_qZ3cLw+1n{&P!OA=S<)pZQd9B9td;8>ip-myDFwnVo!VS#A^^elpUepADkdHa zoJ}9`Ck2{Y>n9HSt@dT(w=sP4Yp5a`!e`*knQx;f0MPzwymurOYec zGvK=gxDxlOXhP6LW0MU1cUp|*jITGV9-jFv@=Nb{3NYm+IpT}B^f9{_4g7>Yf{v|* zG*cL{P1DvEBO^;0N_1e%Eo^Obvkf?#tZ11MH=9?c@ZU^|Ne1zW@h#U``({e-j!*S= z;eqQ&;YWjNB$Wu-j^ojf)x4D3@0F*ESt^Bl7)8gl+@(zoOu>^wTi zGM>q8DKuQFwm+^%neSrYH(G>$pGX4ri-HB0NF99Z~(vK#QAXI4WvHxt}moy&{T`;jO6h{OwlY@qzIcjfMMXou_|5+K{f^!D4rO@Y6tzzHuJ zccJh1OVtl}c|X4gxCU`#R9RXbLE6QAjO3&H;gbeTEjn+P*nzF1v|eP`7e)72AmskG zB?_5_>z_`c;RDVBm>#0(>PK!p^Wr(oaV47^wNP{(84>#8+-+7L3gv<+S<%06Id`I2 zDSNY`HCIj{+mQ?!hM+;qpaY$MSm09svg#n-VDVqvycTB!K8Q-K(|AU>L10B_#W=N^ zIPlbtDV;QM$tMr z#?OLZJ5`L_A(&)U|JL#y@iG%W0D=h(19vj)@$@bf?@9NAVBZniQBw(O9enZI*O~le zij1bD@4owHX8V+e3`Xwj5EYeXR^nCNTUP5%EuHUw<_QC6t!S+4R*mV(RI}Pl{3jbG z#@bE%8u@BBE6Wc!Fdsi^QuwY`yXZL1-ptBo(-NiW8nrr8e}HJzCZF4}we$X2x0;J9 z>j~aE)vbLAh8AK`l6!GmmLnA84vQd0KLFrj0yOHk82RjhOKe6NHU4w-1`ZA$x+X7m z?>Wczui)ZhsimW}!}EJBlC6Ww=E^0FtK$TbL5U-_Tp5GB1Nt;Ln6GI%CV%|yuhTJp zVMO%q%*X%LC11XClMLi0pC5`<1WTrpf7lSK+3Lhb=&!H3s(-j*?t4uD-AUp|Qqphe z03B5}Damct;!eXwqQ;5FbqUOX69zz8YH1srQXv;k>icZhO4OX5lp_nY_+M8BY|Oj% z8Kh!17y3Kx9o;woosJ#Cc6TjW1a>$9x`@Hn=X2+UA0SsEONbn}LYD8UDVH!8YgLOi zex2?G*>%|oQT&aF6sBf4pxT%JMT`a7EUqb*Zx}L$l)Q;z^Yg@{?TLv?WvfYj`h~Nq z7W5VJXh+Md(l05n6B8*}5*n*gV7b z8&^hh>69J_KDR>^F1;mXQ}$f>?>lMlTlSyMouPGQqkr>gDA|kvi*igAhSbckl!JGg z!Al2ripg(N6)6hY>HHq@7`E0?!vu!Rq4lEO_axh#^>uMD4{lR@#Q_)GsXJVLay*PA zw0_-6S;7R<@RYr>g#i>TAlr2|ylxSSCRJmT^tu{{WX<9|sx*yOL)}UhSM>?Qg~nPwXf^=5C@-8gNZ4f*P4o`o#@Nz&hn~g;y)&aa3P*nsr^%)5 z%Yj`+d;s~C07YS9t5&7TM5^YWBdm6=Rbi>jUW!$|1YlsUKw2MthkgvS3gW?K+(Uy+ z!;UDgt7kqG3PPyu@mJB-}uyzID3&7=hVPYg~Kjo@Wz+jHW#KLvfWwx>Wz0QT%UZ(Kb&r5ce7X_ntP zLq5Mjh{WbuhHvR=Yhk#mB|cA7z~-We3Mehwz@^C*8CoG#mt;tP8uzMbaSez=L~c|q zrC19K#e>S#o|#^iNQo4P>OtMowo(=0s-P3AL$Oo?sfx0C?}O6#@cF`Ip%iVykf^kG zi{{3KRH1@$J$@Lr7{<}}WTLyEYT*8f7afl1H+E?6K3qt#Ey8mf5s9OSIXlO{4E4y$ z^cNuDhaR|`#DltW+=2JaA{S%PS8(+X#pW)lR#DcVI(d;dE+r-G4`!hRCx;FXQjsT@ zz{tFDwuTEsNkn&RP8AF!SBtI}jY6>tYH6D9(@OoG$>byU@K-0~3{2rd!@b&CzwI{N zL$9sTR?D$oJa?kz$<}EpZWN&Gzz`-VN!xziS0zW(sAREadfZk~lH)vQR$WorW&cE? z-)QG1M6-!f6PkhLSM-gMkDOM`w#* zWg+ms?3vCAABmxpBFFpRfs;k>CB-l-*e)&muYp0WlKigXZ)IhZ4^~T)SZ8pKzMwAf=Q}qHNFHVW! z#(TAa%J#CqgEfW`zaW1B7OMu31e#WF@cd4NbMrc|=`56f6RpM7I;o)Q9RXU z&S~Kppx$`^6@Qt{GH!{U>kWN=^HXj*?KE%($Zb{DV3z(J*7IBbETyTcG(9Ho2?3Rr z@u6i(f#zYb%vQnb!@(2UrJEMM*<#sS$H_^@TiN`y z>-)FP9$RYLMmL5(*wA1$SE*gJHc6DpybO262Fdq77;Me(Ldpqo@Bwg6?be;{`4``A zL;pmTMV*A(s8^q`-)lBwMp#Q!`oPhba&_w)IQmWecxhkZx%Wug(ECK;uV}A+i~W)Q_e^IZi@`ql?D!zK9F>=DW!;>~ydd0d5yRw^AU)8{) z#;6FVVrn~eTN_aBV9Z{QO<{*Nm#(3#q!IGC45P)WOI|NT$)$pm#l^o?c;A&I>qca#NJDJo53~w*gKgR&Y$2?rC=+2mn|#h%DC#l!2M&SNFrq z77E9G@VqrC*SGw(YExeDTRbi2)To_i6!%%WDC6hM(unBq;CcBzUKAl89A(pL z9{5H5)mh00!jB2eQKXk1p5GM~CuggpcrA)eP0p|dW~Pw1iMZsN!zFwD5Whnzjg9l2 zZL20Gvk+k|gyE6~eT*@387BoRFtE_97Fk$&b@@3k?xtXx34){-9lj^mwLXV$$`n?|(;Ko&BbE|(!0<2k%5 z=`AnnQlFCIC#G}2I22P zrXb7ofy3~oIsbfpxt__9-}pgG`Ls7*dQZETIm0LWlxGY-xC?X0*AmA|e>U#ybH)t) zE3szEos%=F6LVwCuvID;1Fm`j6kq1o0=}~*qO1xO{Mv8U@D+U`LN(KfV+E5443awS zd^PIwh|Jn9TeEIKb$ILQQMfhn`-{T32-Gd1luRQ`;e)TFdG_jc@kOB)c(jXJF+G_U zVlLtlsj>+LZE5v$s+)pIwt3_|;z42Q6-7|^`Y46Jf5I4cE-Npi`lc=1#78oj=(u|v z=t(q3s^;X-=KZ}i!I7jAGTjE6Ko-=v?d31}q_Uy!A zd-*^a1qjonFx^HZ_jHvY1$*$3o2G+1bE*GiB=PF(m>R$3-z-OZ_7sVgR;*O4Et`u7 z6fC2>(ck`!CSjY{fs&5B8xq9Hu-Bc4h|P(mKkPh&5{()V77!YMo04&`|Aw&{@NIle zni_gD5s9SROCkH5M763sRmt%B4fIcGn=&50xh{t)Hg+s0;jj%{P5p@|Ogess8sQD* z{Vy!LfpZSxPAjugh7>!7hG$Ok+<8-T&fUu2z6xC#pD#50eP{KmH2{FJJi+Eh48EqK z%F%V&o^+x9vhPyRqR<-Vc+_T?l8qwjN&IbyevUuP>Cccm5E4;)RMo(~)>uWlvJj9; z_Gb1wvjgv~AM1VN9M1BdR4xemd!`u~A_wF5p?gaZ*IDbe>(G7`YN5BkaYrKN`lZo@ zE~AOz2oae`!x~(p#%ab0Jq}ASLF?R{a8F3y3uDep5%%iv?t;9!W6OgD0cGWLbW3*g zPPp9FQ8Qe(^->52u_9`jzOBCb9R`!<@mm1mI#X* z_*tc<#$&YmhUXFEgB~!SBPH>0Vl1po?&9fy1+hG|UE3b`gq<9{?z6GvbTt10*$BBp z8vUDr)rQvlc6pQMV!5uJ0+x3eoQU8DXA=SgwmZ%mhRw~zl!?zCU)g!q=DN~C$>HpF zVe6=R1K)7N;K=58`yhA|N&#KPK-q)3!QnQ=j*<$FOsx3dLIzY4(X80^uvj^oDF zx0*gGi@G!9cnM()31FXn*FO&5Ex%rPhQ40XZ9WK~b1t|u)l?Ccx3fjj_wRd&G%lhI zfSt1Z@vQCVPF+OhmIyMxlC;LYy6h#U3HVxs+7DG0v!M-;>r!?&O&eFidUC|d>kq_b zf@J=jPN`2r=rc9cDXwN3FY*9Hnl8S%x)@pnsa}MtA-dvO;D>Aen zN7VKmes4;5N>0$SO=5N%smJa=x$6&R)kZBNi=>nxFt$#yK(>Z$0^k zjWLJ+vQTGze4P%(1mlU5IfJPsCp1D}iZ_<`yo+v{+lNELlR|@29`Qfb0+g#;yCtnZ zuS7P_hxVzDsrij1v)lO`EauYPs%txUkJ*GMy#7b$6R$IG-b(^{&Gp8W)#Cr%2t?dKQ@u$;H0zc&0tWNNibItoAd zck_$-7GF<^by)3v2X6~J>h$f_&6gK>t#RzS@}DK^d0EK%blUrMb=t|v>fK>APV1oo zLkTLj$D*LdMaw#n4tLM98DL^2QG9(VR{GNfIFDxuV_T9a&tKci zKp3k8?@+Hb0zgQxGu?&aEs#>=MsJ)kv72d_7dGW^5rm^1M|3uN6e;?VxwV4DamecT z+NF7XgwLV-5Zst(w1gR(sBy3N+?<@of!Wl+u<3O=aDP1+syNzQ*JwTw%;5)YZBDbh zpbyvYbSn>KU^GqhOAYDK>~LE6NII$VZ0R%6PC!Sh1k|s4&O}ywKDBGuK5Z1zrI$CY zv+$weRB57A$u;cJH(2-72U6EXgJzFi$>k-|CR7wSCYw?wDgm6Cs;HZlYo!}U>*I(A zlCg-ccvD^@r>zcL73)DAVEBSp+{)at+<4uj*Ld?};;Kgsa4!*iKQ4unF^Y&v74IZr zUf~(P^X?68`*XthOtlv=euwvghns+e{MsYIZC2I1qOt$YnT_bQgyG`&?L(LpHJK47 z7wjYzu3tJ$b>=5$5!i?lW|)6@AQ5sPk54-YHj0GW6*2)P1cJp>7yd^<^$UgqB$SEc zK~LNcSirr)I_B?3%a*Veg=^VtPWYJY=#LVc(Sa$w+dU7CgmI6{S{&8YanH=={KoHS z)Wbwg+;Up2G8cBy-ZJ()Bd?j-3W`W;dD6D{1}N3X(v=R(M{;d%Y(+NTUEqVo$exl8 zeCzwZc*6b4x5EBfn0Socm)9^d_Rz4(IYtj)SbPRrB%o z+_}zxXeg+yPFXdgAvLI8wHl6tYl=FHYn#9oPPS^AS(r3TJo#Pwh6;Ey%vPPFwIKUN zn}(D~ahcG;BUr77(A%)iles6UBW8)|I#4p^zbu2vkrA;MrM%zsCyrVT6&mATNXTH& z`uoJa*CFJGB_A}&IdE(K6jA~qrTrA8!7TC(9e>|%r}nFR<0qVmo}oWT=No3WS5ulF zuCI7(ojg4`p@%Jx&y6Crp~Hv!ct?gta9S@-6obc zFc|CNK-%Y{JWEeVD?OAbu0C913fT-y!ld0Z#}d(rp9=EZgVm*hcgl}mh5PIqFPxKc z%4z?0f~3pJ*Gr(#S+|*>c7asKLpUcEswr|p$Z=aItFMjd1H4n&Cai+GtU&>U$P=b! zg3;W}@ao!#tJl=|cl0+x5j(C&6Fc#yeO`6syM+z}k=oa|y@dKQaCTkBm%gpOsre_l zaAwN-`?si;3NmC<%W3!9LW1I^0qsHH{vzivSnlp9Kf#V+*p zPPE_NUND*XEfA~SZ~*!J{(a)RY+-2JlfRijSN!JiA&~Y`OdfhlcOXM%6W&ePN=iznmMvQDdI5}*OTNsu0Tyw%Km_1IUwQ7YAJVxN6VfOmXIF(q|CdO*6**pXqZ>*B3Jo;fJcYPOkAcK z)e4`XI%I26W!Kg_X*O_G5zN@9^os@=wQ@_alCTj@@vMg}`w!+LG)_a0_A z!qf)X09(NN$?5kFS+7!mMrT1UyN|{Y59`b6EhA3N7e;ScAJqWX-LRb>!(=lmPwA`0 zcT+f&WK{W=;=GH)(i3oY<@SC?I;!*>YvVEv;rB8K8WMZBA#E_lFs;R!(K$$NT5k@o zzF0|Kac3$@6d2~;rA?R$n14o|kohVpp{hWXP`$m@KfkZ2c=o_nUt$vPlEImj-OcEg z0>qVj5;O6`Uru~qeJiH87<~JwMgI;GGrl_A`^(}H30DVlkd4BIN!AR^Sm}mZJFe7@ zl>)(_5nq-2xEvp6;SrUy{vd6TbeNG$t>>Q6ed89Dgz5>o?B}s7Qa%O=%z%!mCWqRS ziGq~Y0^a#zPEX6iNQp@a#8h&6_o=;h&Jeqri}~Lfiv9LbOVrIio}7Ynw{UsXUwAK6 zC(v)-h0bT&2yUIU&c^<1EIsOuef7rsuKihF?rHWKxivRjZ-;P7Bfqc+A%3}BZ@jZP z?{J|5yw_Q)*onXlBURUN2inp&=Lz4Ps!#*o+Z5AaUz}oXSUnV;Ue?ixS|=+!PHQ0F zashxblctoB;MuS$k|5m7SprzC@z9RBGktRCIA}Y!o4MuCy#CD8@6dUiCof8iR#;^4 zYo6;VMuP`5yspf7V3QKvV@N{4LleMEY}(wbq=5M{o_y#TD<*4*BFQpfLik`j813fC zEH#(x&A-L$fkumj7{sa0Za{>WSprm9_KM*PT)K^ zN_%sT?7QG$u?;#9{3bO3o2^|{1Z~)&2`38%5(l|E@(2r zu4-=Hm(@?GT)vSTGib@y8abS_FP@4Q%)?SJ<5|JZa(1#H-OPa_G^$+9fzC82Tey1O zd=O%*9-Lhh)z>ugHXY6SQ;B`hb-iWkPvuV~uRRDZ1;p)Iz+r!Pf`WRif_k2HHL|HHHsqhZ@^(?-#X+ro}uB;l$sE9_$w> zvij~~BEn5~{mD)KKCC=$y9>|0UA!ok-hum7(Jy3m$3yFz>M zu#Cz87-KHvcC;}V+@_ytQX7s3l2FXyRp}|t`qx1W-W4V>>W4WXmVCe_qV38i(zw7G zaHakrf>>MNq*2i*FS^1L%2diGy&c6#Mem(oimpW2>a^y9zCdvAuKr<-g4w-qnryAe zn9{KX8WeR~?~!~!m?3S~n2p!E-*Bcp=RmwAkmSvs_+o!zu~{qO-`@cI#JEOpQ{{Li zyh4Y&d;1ClQVzlp2vQyIqe?KM{AN)gI1z?Q)jk>+BR!I65?n!mYn7p}6$+=2j3=!p z%npx_85%!Q6?9JGI^n!e3WdK{cM}7KtHz!lpK1(8$;3`A&jJY(%aR|&=}cknh8GJ;q|oY$nDwf`Xj-X%SoEI8+S6q@KWW>YM&}bG)8+STxY?oR2Q(pb$XfubQcdp?+ z^1c=f5zw`2zK!`A(oJ{Y0H`(vF;P|h*gA!`6?M++)ck`slkO*Q)=*;_ST=hvC+m3` zL93hd$RCFfI>wtvZ#i1UtTbkDUgBPJMUo+1#y<*W2Z&0f{n^a)eV1m-)vrQjBR5q~ z#sF4mNdW?lJHdT5krSAzbtTG0llpb7Nh>ZM!Mu#O9e=sD4G_EZTK?s7HIBIcD>h)q zwpNj!#J5P6beRLxQ7tF4TUb-ItuI8ZtgqR=r;A`n&=?_5-x)R3v-GkwIpQ08U3~nG zd2o`37cWgXURhF6w`y9Lgr~x|#Kxek{XJ9VCnj4BsF7B6>7Xt1!ty;{vXy?A$3hCi z3DW{)60f@Z0 zLlu9sYC?GJ_$8P|VBf}nKykfi+!E9jUA(RR{2PlG2IKW6q0fMtt#n>6l`!JoZ(nQk zoo*I=-@4^1Mx>kV^@hZJ3h2RJk4OiwpyyqQ0XUD1GVp?wnvIUF91=|}STWyf^Ns0@ z$+*C~h8{>5Y!INr(f?&xNP45#JYdhIMM2cdIIVeVBE(N~F!PWnZXI+Ozk67vuSUXp zss|+b#(3{a2s_VyhOKU+(4nZe2QfQ)9y;x%z6K?!4BKMF^b7!AT-(+6X z!nB8%*!vsVl00ihhb@0Baq(qFd(d_BxfM^}8ssbg>%>Fy8FM?!9^tMMx*vm-P1F)( zGBgKNHmq|`v8I66UbyEsxL6#92N7aLZoy}-*=IO^;sBNahN){`RE8^Bg?RxF@%O&G zm%hcs!G=3Jks8o`ir^2Pu+Bl&I0}M72A@L(`J<>t={Cs?XB{pp5++?z4!nC#T=+N7af7q7N3)-) zb??|L-X5iJXAV|n>0a^P89)N$zaSi^CMZcx8n}$=G(A9^?kV5dAyd6={Xmll)Hirx z(h#A-Z~bY+8nIV(4gBJD@iS;?aA`qLf!5i7guYkg$xDVz$8Y~smHd&2jxcB(N{U?n z*Q^!+iY3mV?uW^@D34AI3MqeB$>!qyW}FAt%h1Od){dboo!FNcAvdFC$Dn*PbZ1wX zHVSW=GXV6X>SPDk`{6tueADh$;U?=?Qvl-z^_JKhdK>JwN3<|fKTg`GW2O+K-X3&r zTj#V5%6!T>yM)?TTz_CRlOdOErrI~Qn^-k-^%sN^7{nMo!Rxak{%~{6DIb4^d<0<4+Tvv{NkdX&I`Z->+8PlvYg@5PUAM62W`66ML7JMQ0 z%1TokWd-LvxMA#I@8Cc%jg}j;S!6Z*jp0!S`P;U@l|Kv!nxmy(v)A?x_HIkK>6kst_C&pGO+ z77-o-*FT82Wq7VA{$OXM}-$Yu+3Jza2<5L@0=hOVm7c=I)ah3xYm#e4hkj z(n!4_MjE|F5&%I10eKtucL`2B_UmB?7G%iwpKU=!ELW_2VzZc|%|3QGZIjTo)2Ox; zKl?LECI47Bar!)^4+)pNx6IjkHoSxO!t)d#bDo1x&aLJP+Q z1IZ3c^1v#c1B6uFAI%$+vxVC9<$w~aG6X$_-J$@XDXUqiY8x39iZaB}2b}}4 z&brnP0uFeogtZ8~HiGrd;oP1>j{aI3Iq?le4g%D{~en*BaFWmeSWev&Q?t)53|98En#|y!)St6udydq{dDj#q(kV!KT&{^gp zw8}(3>}OItlMQO(6F?3xa@9A>N3a1ujPoBa`_oGvEBLc2ibctO9PhM`?RPQ=(!dek zvTUYV!L}?~g0J_OILoCGY7zmdVkN~+Lv*D=hctfu5y}$%R z$QRuFL_-QVW(x|}_5M!}?w=}ToIh*6eQZ;C)5kU~; zik-D;K?~zXyLM<5LWxPw^}q*Z>lLydZuiW6CfLRNFcDCe9)jGqP1IyVq|s9v+WdVU zij;)Q!kUcft?LvB@Cm|V>WZBGYH3EAPxO$)g7xDhLu!u$B~7uXQ(d~AZUc>S2=FeO zVhHd6y<{222Di+3!)=Eok)R(ytpPNIw+U%U#;YYgnlH^qaagF2HiJaN?P{R*m;7Uh z9Oo(BB<@T9!-J-Rk`?xq0>=^!YiL2Rm8(N3hzkQASxHldocHbDH%R>k5pu6sh488W zC4d9U8G#=IyD5971B3#5DYZAh_Y~;r=BG}VZBxQRy_M3+^BL_Hu=H0?5=o2R7xb2%jqM@?NOsJ>y zG1@i4z2FDgpqvN!U`NaZyH7I{(FMD53>^QegSgugU7CUC%*;*+Sg>f=XRy=@S)5k- zWv(G*E@eKEk8&sH2$gFNQ$;sTe`#>?PJHjzgsEcMt+OY`-?Evhl$u_QbeW4my9wWaX-a*cgK*%;Tv%Lj@*$6;DPZQ7J)DN8 z$VVfDIxdr}hE%Kz{fj*3Ohi|BN0xAwZ}Y8A2QGum^(>bFCqrZ(VpZ1Xz{0{q-(Z9n ziss(44NE!w35U?aJ9}ix(T09VjGw;n_B_sWUV?@T!jIAt80<=+Q^0msbv^+iTh4x?D77Z)sYQ`V~yog@~iGr>KbbV+KTUg~gxs!-=ZvfrNj zm;O=uU1RXcWX-${RpB^_Z?j;P2hxIPnZ*c~Gbj0kUFf%OOHIn$6qajM@SXyqLs%5y z#c#)X(=dhFakKl`W5QLUxkRfHhXj$!vbCSB8DV%=QXdnAHIn)KRz-gGX8pYpiZ;VC z>g2!abG4TwS{uV3R>+QXCCO@S1Di5)%c#ZLOVl>m%F%x=2G1@B*AuMr16+ug7-EsK z6^8m3=yKx7M%_No-o#olj;Emf*NfvU2>q4B}S7fMMI;gA?Pi zlHdx3%6rgS9#oBPo%IA4iDyUVE#Ajx;)R&eiaLOYhV(_(xy_dy!0NdCZw{WENXgT1 zkm~R+Ch-}|D!vujHT&d)@5*6{h5%h3YNXhN)~2B0wj=P+!n6-~TTAT3>R9*|&N-K$ z)w>U_PB*0&M8&KK{lFD58dk}#|A65oZM#?7wr$&XueNR5)@s}C)wXThwtf5C=lnQ- z?R)O6N>!4YBkx#G~bp6zfTN`{+njBzG`b>=PDZc%7L zXy;H~veA^F3AeBVQBrePHa}lvXBKOBT~KO04zBFfdF$G1u74uQb-E4|7%5rIl;-~U zzW&&Kk;q;nsS5L)P4dv$M7n-Y$1y*kRn^6WH=p-1ZNDE$8B2KdEYU-5MuWIa4wWQo z#J!#Q*X)!|!soVhm22!l>wx_i;%}3^rp<(5lC}k=VX&#DyL?jX_`<{alSR6!NO@{^ zf0C@(Rk@gD5{(3b@>ik;G^2)r^wzHXd77KxBqZ-qvZB32qGxf=G2lZaW?nwLBI42< zamDtBQzPWFniQ|X6D3i;Ug&r^^r4`966qOCSoyIhan*zSo6J;W`=J=yEGF7I9G#@O zd_J_!@14v~pM)y-jPr%g}0fAjC}W`&o(B&H@`1R3hFG8%r(&O0eq zKY2%i2jUexzh;lVy_r)lle{7!xrT8iVRGHLxA4v9lqO1y=IEZFo4&mh=Q(>fd zy_THb!VDwf6+EW+n*Tj6`xr&!EPAnSNczK7Pp9!LnD&j~ zZ1S!D@2vkpim+*dZ;>bUg_h-NS!19lR@c>U6;`#Re;=eTou^opY>jkEm#T^_r5XXw0`aj=7cSx>B}F%YWh!3q8z`qm6{?9KV6Z506s(dZ*$na8ZV zKCH<*(F{x4mcWG+xc>S@^X)YGq3>WhJ!9uUzdHE*aNF}r3KyXHJ$>I zb8^0y*eNu+x#@?NehFE+*zHWuFvG*yOg_p6L+bMUU`=A}>BkW4b#9km!^Q#Sh;e~= zc1^Xj{NM!l41Xtu9H=weWq@yQE}`W*jW7``%~99NHVQv|<1973Gee()fgw&>$bsaP zknlSkI+TU>^7=dg^^wFC9+ns^ArSNf4a30IRnC-cn`z=&7UouGG%vf#d$bw?KIyPM z&)CfPUf$stVj|BqX*=`cVmtoe{XL(@3% zS|Kxbz}ASczPXm?8&aoNYReme4;w<{HlWpx*jrmdAYO?et#qj={i+0Jo%_Q+Ga%SR zwOl6sL@7MyCDDxj_sEjX4s=e3G5adpLIV|Kq%=}B5HtOXTrm{!+TwP5q@CgT2!10j zG4z@&Ia@znT7QWhOo&z-29V}+;+KC4eJF37yZIh}D{U9@2+te`j5v`{;bFwV4!?sN zvB2-&BDVRqE#NO3LC8iTh&JUK&OCW#1rk#xcV=l1RR zx|1u3+$Buwn^UP<(2boO$3Y?>!snd5+QsRd#pyplKQG`4VTD6p^5=#_ijImK zn_jhZtxpvvw63>u*P8DuetWf+8Be_(N57N$bB2}L#Cms+US(lrWv;zctaQGh>}rA< z(zB@y<>$=LfN&(IpwU*2tIjAN8MbZq4Pm~z+8vnzq+l$;*HeO{+>gYa_6y-Jan1^7 znlw^?$cu~FQWk*8qb;s1K(N0jx^&1&(`IgqSAD2tF8N(gAq{`Z{XLKc{Iji0grFol z*E(DpJ@*PQA&^c#Gs$HpQO{fz>@Rn*cXYa^yHI&2;rTdWBuykNL?TOga{aKMh}s>cZ`u9l;=bO*xE(Y z&|v6cG<~v%jSV2pm$Z00wKxw~!LszXS;6_8*@O%f?Cq(+p6})yx;m(JF>4mezWtXzm3|YqmNN5{hd$&Q%5ySGc^xTy2CuA} z+rV=^x31}ib$ZLn<b_PV3%lU)-bM>t5c^N9upm$(5VPwTqUScyBc@ApV&-V?%o8 z^Q=PGca*KpMs9i4235P$prPxr{z{bvq#O9sn}a}~92C4UipsM`o!Y?Y##n}eNg^b&v;mm^`W{1PJE}xnJ=aB4)J!Vud5SI z3t-01I~69cIY6nh1Cx51WUG_Q7qY_%J|}5mKY5lo2#)+Q=wbwujzABTkX6yGSy<}y z{Xvpc!g`E-3`T2?D^@8UShZoe2D5>v_}XPa!vXm^%tbYYX{PP;><3$a)ysuEyz*w z8u0BSNeDl^Dk1zqs)fNvnUmxQBua`!MSc;99z6Fib{sc?o>8FR@>+@td!=I)<)wy~ zfLKm$+$g0Gc5-!U33O28@%lF=ZledCscx9j&7~-+k0laxI#0ZJBD(zbZsTl}F_dZ1 zcLffl?+`l`F~U-#bO;r(ZVgiPpSvo?5}sstlI96AVfC(k{X(|gzJ18FG`9c@VfvRm ztxoO|61BNbU7Vj{E_571(!K!Z7;}95iRFs8nzBnY)VFcWnkt6GJR*|jXh8{2c+`jD zf6XPL3i-t|UL-H$AT(XgU201UiMiA@0r!3JO9Sa!C{ON^qr8zr`Yv?uLMcj4;9R!vt@)vNJpZ45Q&uzsJf9A1d3rZDhLWda}B1icfq_)Nxi zPek-}!d3fZa6vH!%{sIQ#fJH>7065FauNBxP7>dN`Wc#0Fx6^E;EV+G^ZIES0@c%xJEI`hFB8F&%EJ2&AQe< z7%3Q#rwTl$*Un6;9~qB#h>8eD?ZG4D(*-`=NAC5yM)8rBhD+o<)*A7h`gtY?j{^tC z{{-WdzW?@*F!#tw+Tz*04mNR(H|~Pk4*xJlz{pL4tG6V?@ITuM-xIk0knX@4A|Bi% z56x!@2#af!wK&ST+1U4ndXEbw&~V~rKg$Yv@`t?MmMTed>w9m`q&T_>dVbtN3E8NS zcO4FTwqiH{iGFq+H0|uB;obSX-a!eJ^U#CqI`L+p9|YV(9z?ml#lJiV1BU|q&fbgc zYzDu+-J*QrNfC;#1~SA&lis51O%VMs?F62YN%fuatXokD&6(1Fv}9g}y7xDBr=ZbB zBgXmD5gF0!fer@mdHz#GXX%aZN!2~?qp+FrxUzXeZaCt_{N4+m8qOr)nD1hehWA28 z=L^LLm*NIP+khZ{rDCP*M8QgdnF>TCIA2dOsvq-Z{c`P|IL4mL+ z{X^9t?ZdlN!v;S*lgKru4-9Pf+v?9(8FgSXjONb_VJoKjjW+!b?hWoD@tR*X5Nxp( zs+D@4F#A~R_V+L8vI`yQc)s0>e8G!U%hBT>&^Il0m@LgSwZM1m4ZctXf18xpWi++- z3BR+bUZ|!b->K<7gEE` zJmW)i{hh9h%+Mpvbj@JR022@zL*rBP-EaFrU;?;04QP)&BY#{0t_j($k?- z<@;Hn7I(kJat;Ef`^+xPb^QLQRq_-IL$95)g_SMR%S#>N-w$+nSI@IYesatOtq(7L zf$snM22xftE#WI(AXttW&yxm37pQq!t+C5GLWs-Ewail|Q$d}g%akkU&y+~c{!klG zO#Y0pz=OG~RsQX_CyfDez&;1%(AsIw?TbwO72;xSdtvV9tH=nF6CWR+m$!>}=MUDq zbad-}KxQAB3oBGUIE=cOK*Y5OZ-uFfFa8waUD-Jwt;?hj&N`Kr6 z)mt|vJEO+G2dDlqi~jM-7}!~u8UH(8#`a&r(SJ%*|79ipm&PXi?=`mn#jE|7$HvP3 z-$6EJ4z~XdvN16H3uI&ZKS8!1tnL3d$;R~mO0xZfH2n{fjs3sQ>Ob5jHu`@P!;Xy)P|&%Y6A?%u6F@H)%xJu;X)drZNnuC9Rq7qP6RQ?*2Y@* zV$4O1MQ4`)La!2t>jZ1vTe%9W+102^AEdLEoLs6n*Y%y-`KT3(;6dYEwDr(HH+Q)KrJuHBTXFxX4HVn_xJ* z;TH$NRGiWt3I~yFoa1!gG4EUlKQ97aTaX zL5@z`C?7AO?H4NJ>#3^4-z(@hIQ$ z^X@^;e)~_z?Nz{s61P;GZ^EmgwMuWjf!=2$aH6ZF4%N%iJ&)fa9`najNji+l>opc^ zXiMC`PgIWox^n-SkN+1L?f*M1|E-PoV~YKE8|`0i+5dLK{=-K5#}4}sAMHPUvVYe9 z#Qw`e`(N?@vd#X9{l_BvpY8v+WdAbMek`?r+W-5p|NO?!KGeTFv>(&#-#TUg+@1f^ zDf=h4|4*lk;pgxF(^UMAd}p9%_$Tn+B>jInWvqOWhr51N)ScMPH}#T3kK~X#xlUfqF191pNAWeWRJ2AK<)c2Uh5ba7YAEk7Yzdl zavm2q&?^DqPYgnKjsQV!Uk^79R`}Yf!o>Jwl5@T4+kJXk-ds`9UQxc?zIApkTGRdW z*%QMszJ533u|G#^Jxdhg6NJEO%dX$~j?Fin1=tISU{NX+R?lbB`7TwBpwI_~AaD1s zqFLMJ_G#4=f$H z*S3LMGmQta6x*}Z zsAIS5@bKM$=gW2>r2ybU=Sg>mul&k$L1y4<>LPJy^hJr1(OK^hKvM8*+k}$`(S~;^ zV&DYDmWw`%q8ZTTzovlKhE5|~lS>u{Xx+;viVc+~`+yO#17Il6=Ae&zDPWr$IYa(N z#Oc3R3jPWAXO~yU3}aQH?2fjO=VWROv9w44=cN6_+>1pwrXGOKP>~%{Zc8U!5DujV zyP^Y5Oi$EzV0X-?5hAxa9&&Jo^#RmaR4pG*g*PN6WR~RQ&x^?iEmS^1VvMtSf+~J3y^z^=(lGMkMu14AL}Z`a_?1=YGX9!<7NXvGn%y*>jft2iDzbec;Dpo_D`OND7;Yp6~aP#k@TYZf;W3* zcZ_4HMZz+SwBl+Hz|p@pzW(hy@|A>jh9_9Vh#TV=L6`A*B#{>%ZHDp1g@27Za5|lK0m2FwE?%@Ibnaqa)h%qZlm8^XH?76 zhikIEgD`B5+J*R6PhYHx{UYHa$(|fl}b%yhFbylbEQ}8OEimJ+A z{&ynsXvUej%b77AzrfhOC+nVp{u7d&&F*~bPc9RBc#P`-f}RkRjwVLkF!cVVNIE}j z603^aUn@)dQa7Y4e|H%^IJ~I3V1047#hStMY-9Iqcl&F3f^$MHQ(tI4SihLQxPZkc zYW*e=Nr#NnkscZYHAbk7XoD^tOqi_tC&(RvJMwH9LleK z%V-rgD?L|v}4v7W)C}C`Pu$px~_RpKAEpPjv24Wru|fDuJ)PlKt2(x z6E5^XhZWsBRvT3xTo4T1f>jeVZV|7%o>ZQehZ+lGd;!~gcm_Tp##bOl0=9rEwx+m# zkv?PEy%&O?+Wy}VI)M9MG+(3`KOKx&E!p15o*q^j+{2FPI;s*}@onLq5oKznyOWlK${(V6(1KuzPA6u)pxF2NZ@v-qVyO zB%eI{?Ei)_*oEg5RHY4a^klVeQ@^3e_jF3bxM`x>CF<>n9tgt&bo24N^YqodF2Cyd znd%uRod_lg1x~~&P|XbC8Jvr`=88Tr@9boe4|9jvR7dSb_dI+0`!bp#>4n#;LvPFh zTCaoM^-V1R(rJUseImSk$NHT=?{w#4)xjjO1n*&UIHE6uW|~91T+^Ja3LJfab8knl<$7DrsI{OpYJyF11F3nLyC5p+w*!A-FrA>8 z-FxNU^V%TVZM{>e3BuO^U^bx`?~R{Ci~*MdZ*2xAYf-h&w2i4zqUVjz-i;ac_}Z3Y z^UIiV@%2>hC29k@U5vkwj}&b0==3zB=jj3SMd*{gFA-pM z!=Vvl!g^$>7NDsBP1nJQmQ~9?$8jU#WbEYUiA2sFus7mDE#;`tGZP3YJhwWN9uR2C z@HQ6%vCzHau_Rl_97@Yjk6M?~WF@o<-VM}E#c_u(YtO*n9CHZ)-wiMads1-A8u0Y= z;%no(atr&YUjz$1wgXSHTmodZ-aj7WM%8y;b&#^;9v=+O6Sf5KpG{e3gA32 zAPWu$MevGt1w4RVCOnrEyKJ#g*Nnja?%-573gk-V(B+Xi*OE2$l+t#lH2va4KpAI%1LQO;q zMg!)Q9>Fp;lkkOjTM$f;(wdoqrICmA0mi7#Sb@0SkAQR@o{=p>9V2o01i_0JyqogH zcl*veeV(S#(4#^moZ~|PgiOg4U}on7mm^L@etZNGP{z3t&5OQ2wP(m`Ge}5>fR$o2 zruQm^A9DHRw?qTu!yvA4T`mlu^$!fMgMOBmN7?;BjP|bdgdmQ-!?p^=4F$-msThaQ2$Q zbZmi8o$UvhvqMO)7%AlEfnI$|26}T$w3$~;6@ms>CV)jojq_OCR;Adudf+!cm-*0roe(T0}}W>97#%5GNQu#eo(KOL#mnhGbEGi z_$Bk`)TMq#pLXn_QoX^kH=oEPK%MyUI4zd}@g2}A+3!&>i;1jCL@ipU%2q`VgwfcmwN59y}theWjKJ%Q9 z5ZJf42!?_r_<)}j9Dm!75{{m*>Y5`T|7WbGL!%$AZQ4LsO1R^14C^%G^51jXn83fa zo22u8ABeGw3`cx5*!v+Z0Wj<#26pC_x%K9n2!vj3PVbne9rHh{Fihj|bF+GP*5W0o1uo0$b%FU+fUt4ZD|o|PfiP_zaR{=u zp*8~0&lH;A95sVQV%|dIIDuOAv}CZXS#iZq+&Ru}IWma}Nj#c|R*Agp_=z{zDPkBY z#`K_gg45I9_*vG|z~1=uM0(jn)>FE`Iq5&GNx{2}=~6etwPcCv89sOtOpfkCaM3V( zKYTLlA=aOa`(pVJ$Y5#J&`pEsW9weSF2sS(GK9#X{5*LEGlJvW{^gUvVqc<_IR{KhRA0okb;<8yWf(x@lzR(grg4vWSAkji7-Mld&Y~2$=%q* z{h&SJfrU^2H8{j2fG?*8idt2!vZ}K4ngAdEOAZNVg=jxbgiV=u#P8sPb<`~!Ei@xw z=d8eRu#oEV;xq>JjE^X-{_!^r36X~dIt&NMj_``FR72a^3HV|O}21m zFEoWHG>sA!2V}qxKFZ+~mjry-!RHW=%qBd}oU((^Wi?-ASfOx(S^GMwyJO%-CMTSf z_CQ&7!+;MC?cd+^-c>Ttg?kRh3??=(TThIR2F+-0RK0hq&Il!BR%4`f?M=VYN?ABX z_PI}xr$4et{p^*^k}|~%txiHHpD&{}nQZx0Aw{k2kXsk;;3aoIpZG z;mFp6Hk8#e9Uhw5KV^T+drU!g&5gi$!_o(8)=;uu$Qp1zUw|?=K3_1ya*8*Px9_{q z2ExaGB*4u{?}v5CT7gg=i3Tl$mbhp`wz9FJEOKO4DvKJqBmCLn{`hEp&%1A7mUDSB z;kcmxBn9 zd%9iBPG_5dLgEwaS&q@SAMwh$erz0*fl-UXp)3QXayG4L!`#Ee`?ZuUX^Fvtl*)x1 z>2{EJIT*5WVvMAi`CMFJ0f%A>yCqqvWQeHxD!;*+U&z^Kv_U*!llZJQ3IuDUO9;xU zdAts>h>K^PpI2jXEZWP71l}b%h0Me(2!O9|#DX|+MDQ<)nUri1H1a>eHl6NK55*DO zxJ6B+3+RJ;aXz&aY8O;+sG*VjBD|9Z!F@({%nB%^5yO!a!iew!y~^>A;ZH%^?4!R> zm2?Pq;pxhdk$w6T;^=naW$M95kS)R%n~y(Wvvg4`CgyQNg$N2}bM069%k2^6!dA%P zB0UGygk>|0vsJjmJLt6W#2-jP!YVPOqR2>*s3pZANd>}0teeo0go16Yh<>VhRN@iu zOS6El0WbodkvFGH7X5NYcsp6iPs^fJ-65o1+8ylJIoQ;NNyw#1|F|&qx7msHb4ifM z%`WyL3Io832YD*THp>t2lb>1*E-aOlao@O4_VlPuxdgNB4_I|aBdOV4^R(>{urxbK z&oaHVp$FU8N<-92oOp=jsaUhg-mK@`0qTnoi5|a+ZjSP@SzMG}SGxVjr1H)w)i7aZerO4^a^Lq^im9AUmOoYH0@%%cYcO z(d;m8JOiS{mw2Ji(K>uMK@}0Xvy5l390*?cy&@Ob$=w9}1(nR7moOwy$y9RrMq-gL zcZnQSEwZ{&b=F9?KM;P9HbiK_JUA^z3D)vX)g&2}(9f+y+EM2kN5{DuWvjXiU?t1} zW6pqG_{oec(=FI>^5QTaAf+GI*zQL2KFEMnyjK2HQ*)6$Lf)a66MKqavCJ7_%fnx~*xr>U<--R7 zTwvtk6!JekIFX>>xC7)7kC9EBCz_K$Uy_48dZ4x5LE2V$_0_)Zl>QWTOQV*)NeV6x1BWX!=2xB02k<`N3MlQ$Ik zepcK_s4H)#2kLV6_pEdwZyRNOUu5U~hwg&XMe;0=cFL@~*J|Y3T&J#+fkSWtmxS0tFGXDpO z`=bP7m7pb`#~#!X_*gh35_^#70G1*%Mx-4x1;$iHKZN&55{CjnY!V07?UT}a*a}Gm z!Mt*S7|4K03)h+GY=6Si4VaI@blu?dT%giFJ<|NlM!Oe8?6lSDj#k@MLUg3Cl|2nZ z2hlWQc$eB~P#}(5yE)lxEw5vA-Vc43Jeo=hP1SMK2I~pYS;1XJsZNKcd=p2SY`mT~ zw_dw>+xz#(de|-ZrG3yAp<4aWks-ryS_LE(5~}vpHB0b%?Df0Zi_tQ&rpEprLb(J8 zZE34M{Yzr1bQqg$u9E?=e1EQE5Blz#X((4NGXXTu=f)&lIJo>PM~1f)=K=QeH!XxX z0~|*98#2&r$Ng1EfC(5OBnDU@Ideh7A^{@8bJ+zo+0*Q#CtfFw5CvtZ{^E3z>;~WJz%y-AVv< zY2Tv(6|Z2%k%BVJ1ukUZ@M6TJo7p>jOb-yVD|@FwUti`}Vqb1kNmGHQY%1Nijts_` z(CKs8ls$FXUQQd%3Z<@Lw8ikH$ujv$Y)T7N7TTkKunBzwU4)M=Q6>ykd0WR&{d776 zL82r}B9S?>G0F4L&_yQsaeyR7rl`E;HvbQ9;vdj-5FI|{mL9HPWkGbrS& zHWU??9kRg&vlb*Nwb`vCH*JnD)|?=@=Uiu9*In0Qoie%q2(343ZOF>c(Se6oJp?17Whsxl&+3g0J8M0Sm|4X-4oBzzFgM34&$ zc(D$Q7UF`?t)m#sWFimY1&)MC5MZq>fmz{K0mG0I3hgc^v0#shig}ufk}onqVAQu7 z{q=`v!*&6rrnKO@#{>&3TQn(hKCp)_JexU8Qxk#<0FDfQf}RL?As?S_3_k`RH9jOS zK~^I5p*B+ZHa1mxF-n~WoO_W-?osle%!q{o~%CFBl~2f;eao1n9Al}b90k3Jttd3_oatR4hQ)7b&=h*$unyUQCK!Rs2N4c z8qyefPV;@fvN4#RoU%u8zmkzw{#@SM@G+QY@bTM~x?ZM?da+e%ruw>gb7smY!w>8d z#k1Qs4{Y(5tU6AmzUvkul*rLb1>Z_!^TtQg3TlHX4$&xniBM-?YCDV)p$6F={THZo zex7QvVmo|5gECquKQv8#WJ~B;9BS)F!Dh+?Bn$5Y6QUtiFzvUhbE77P5>2M?TXMi2 z>;N3hvS>|74b6TbC^J~}68tPMZa_;K?wnjQ(Jc8+$_k(dy-5#9_>kB*?;r{>xkF>a zp%7@y7GVy@#JQqOHK>|m@q>bwRFT?)M*hrabP=IRql^m?&>ckg^L85W*-d%iPN=_)r-tZme8@D)kxTdZZrF+&! ziG}=MS)?tjI;34-!;S^}dOLyx(8gw{6O-X7?ld953r}QbB0L1CH5q<4YPCvSaPS8dj18N_;El`T zRo&LJ0rEAVuua=Bq!yGv&M&y2T>y?s&>%fy?*Q@FA(^R1Hi^Rj)iD^1?DZjxRq9ap zGqvPND><1^S_YIu%xqT9A_20dI1B{%Nc5PcM$37oUItv$A7dH@2QMi!nw#zA@I~&> zoklDS1#3K)Jip-#p?H5vduqvU=CRFj>fBeneB8yc>5y)g?v`zq{e~x7*<>}H7+tfL zP5m=ST<7s*u#{5KlrqTxgXSbMXZB8&%l@%Av_{+H;Su&{ql8dEJG=YDiS@J3c74jVHHNK;xm5$cd8&1)X{vLI=*DBq@2o_#^}KQUw1#OzANvU&Jfxw& z6=x4;?egt1WIbv}*M_J15snG|s?Z@DQ z_0WjTr{i7Nd3<37=l1!Y=T%g+`x&S#N4o9=Rv~LDes%_{tt`Vt5M+vgvoy6VK8P%4I=!Tqze+UmtBfQ)GcA;YbkcL1Rw+)H;KinacRS7&b0ywy zd)uf@>vgl$AiTIXkC#LUZ+wPUcO61cR@JT6_}ZU_`?h;XMfT$?+^9{GHea{9t%Kg* z^ZayePj;enKcr;Py*Ip=K6@FQ{AGzwE&BNO+0>!BdKH;P9ZA59p{+%Y^|R3z<`q@j zFV(G(#g9@DBXepR8(&M*qE>q_99`&XhuU0;KkFZj=7) zM!dg2y?B+pXP!bdY2SstkqbIci+|T|b;AI&>D6~$m?Qz{QcpDv zO(1&nnlGiK+NhccX0T;uLThl|+$xmV_V1U!;f8U8kS4 z>reV*`QCm3G{5w*d`=VU{D!ix1*cS^p`iiB`P>$=`HN^jGRE3P)p^cwj-bBDUnK;h zP&bXuAedr0pN4LSMeo*h)%OG{^eP$d>eoOCAFijFRZ z6jS^m7?ZPxG8qAAzEiot=t9_T*tUNhg8?z&26dP|nzWpR(xDN3y^3u}tn{B-4^%SPM(h}0nJT0}f~<0heF}?b`3hq= zf#d6h=anbnRoTBv%_Gh~LR*Y)SpVw7-<=lv>NTn>6+S{9!wm5X5&=bq^Rs0V%o;QH z6ZGq{e(=w72~}kvf^XgLd!Hd&C^2mIRWbt#wH*3CAPPnCJ@h#P=)A35(esHD;NW)N z4oFfFyxBb_1rlw;W&;L>#(W&i%DL{AmMnCs749wmM-iJ?)KOUU43o>4A+Smz`(V90 zl01`8`Uff+_KRs(pi7<^P?xMDTe#dBP3~)JCZg+OOvQ8hE>i_~;To5-VKl$$hC9hk zV3A{el6_-h0KjnwiViHK~~Gh$db>58$c!+4y|9XwnjbwNCy`` zo25q^a7h(DPX@Upiv3TY*roz)hM6aVADtB{LPrRMTPkHUcdnX zgeYAxowU77xjedk`I2p|FpTAl%|p$g85Svrq87@Nx?08Y*S9HOB$(LE$&UC}qPY`e zIIW|}pF*Sn1_ZtlVuG17p;r}ycDAKIrhDw6)1JFrbQ8MYf2=FEdZQcoc$$vZ#2s%m zpU$iuDC-@cTJDiHpjaH_1Sl0%mdv-1q~ zVVQQLp=vq&a4-li-=4o#(V5!riOs9q5tx4NjpFnF8mahmE7&pCI@eCie1LtowS)b5 z#k_5e$rjDk?cY7cjp%{Y?dO~O=6|kpTlhSEXMTZ_Msl=xq~ou1r+%U={yX9JnUX9H z#xvJp58%#Uak1*45FZyR1{Bk9XtcKr|8&{SPH(c13y~Xj0i5o>6SVvY{sOTHs_pp= z&@$XuGO`sUYXQs`X~y593u{1DHUDdtfH`Vt79>NEEG`3u{$zc*&DNR8+ooeVdNUD2 zc#(q9oDQ-+4jIKCo%4({hF-69?&bsnqG~oiJ-#=QXuvN>fm%*3R-SA~!cj)rGUc81 zrTVc>@4=ua0dS^6AYc~_Mwly1OyE;CV1qr3*c9?2ODU9wL^nY)t!1bXX=PXGy+~08 z8_+*?C*vA=@|D|AC0`YBn@ga}#6{xZQLFm_ZV0^Dx0!%t+IB8P@SZK(wO7qW+rh^X zP|xXPyY6P`e5JOXEhBo(2I3`E`!2c0cOiZisIx{WOe(<{n>^T-Gl22tt9wOr!lc?& z_qcV+)6t9FF-NUw@KyQc^u?CD`}T{Iy2VhD6qiOsvd;Zh+eGFfV#Uscy1*OKpqXv= z^7d=&5exoX9s8U7BV>Phm(8$dcpDm8m*gNaGQ>{|W@*5|w7*~rv$jhO83!N@B zB{)r9{C5SojlPj^vYDvOXqF?@l>yt&19aIfKvJ)y31R;QsLC@tc@KqjD?l-`9|i0V zXF(pPfF7!25;O*`gemE5v>X^Dop|9D413tGi(uj-ph31hz@lg5uUfZ3G?BYyP~bdw?JT|Q&;SPjgK}^pc{%`0 zQBgoFuv`5*D_S2kCiBMSG`9)eEap5L;16fp#%B6^X&;q=Gr+$A-!3o5``xbw{bruG zg4@O5Xq$ftw}-tvp5E&CDUr+}wTE?Oa3ho407{O80E6Y#e7rw*GzLC#=`U*2=}v(uVOaLy!@hK`KGbM6fDm$QCOs4 zFV{Oc5(IWqxuym!-(}>?>i3b==5PHts^B_Zb)D$y=`-=#g!*PDG+FwdnvuW!|XW1kfy z^Qr~%&r3U>h2G*`0U~wf-Hl)~NZ=WOh;uJNK=8P|Tv!f7Vl0D}eetwhFDhlreT6)c>xk$CYqv&R8-v+?9P(=%g% z9WNRv-?tY}kw`E8e&8s_hk<}E*((+`%SCcUq_ zAwz~KFS`R%+pY^ow-FxI|k4k(@G_~SYoLpDt{QH$bM@_Nx zHH_b9?|Aki0;1)oumsw;o4CSb;!CEkKeXeNvUd`q^;NQ$CR3G})ru%AQy1+d zNMk>=36rT#P+01cQFCGoNtr|j)lm7$3g_+DGgl;}vKm8_B3@LiDd3bd?wHdVs^+-V zrh6rr`hP8DGH(aijBfk8 zn7g8a=B#c}CJ&EguC*uWQ96z4I7?|I-@)aSGL#xCH)A}Tp;@A%duDKHqUSVgdbU2f zJX&Y0Hx8jbX#FNn~8MBSLXk0M?P(S$mHh*^>74rU&3Vil}h z9N7H#Mg^wpI$piurz*b5%D}mSo zb!Fo;Juz_Z0YbiSVn-Z_8k@5!t%@-OxDu|h(Erqe*pkJ?(7-;MZ9pqSD?<}QfW|^t z6k=)gr;5=+im~yXM#qR11K5MEHhRWzYDcLE^+=2QOh#t{I@TG!IqF(RkYBk?i3Nmk zeOFgD7|#wOelcQPC(bAMmveWuhcm945p&hKp1 zr?NEefh&%4sx?t}Uj9lvcT{s>cG_yB?AWhwYg4u?u8Y%U$%dd7-{O70tGchG^wt{x z%+ebOw60!|H=pG+w706vH1>f^+U`NMaKal`ikPMfTEmpycV>uQ9u$q$iaHf{r#2%7 zY&pn`kMktru(gs8XE2ImB6IHu9#*?gi#28#dZb*A_UY)2{X|@i4&|RT+AyJ^#KXbP z#KoQvgj>a@e_=!<=kFTUYmBcjtF(BsP+p25!_3 z!e2N~)-|*QtS_?-QF!2XXiRQMWbnDB0+=pT#U3TwkCnsMa4mHQDFz2463Y!P4)s%3 zaG?*HQy2x9*Ta1L=~mvrY2WmvSJN%pvVFFdPt=&|M`R{Zlf?38HN+h z8j?WwxaE5RkkUQwm>Jg0CvHX?Hdb)-J%WYuYIQ9a&zl@&Fa68aJnbH^yIK8Ih&j{Z z{~rKYK&QXe`T|N0RCW7!A|OjZZ~;@$i-m;fMY81gB2}FC;;M2_Jb zbzpaz=>9($+PObm<#5DRPaX5rRqvRyS&1jal%G>j!m+d6^vrlLdgDditK`7Cdw%@v z^((Fp+8p{|(EG?GU8~p6{w|$<_|r|jd6Q(;u}{qY@QYV2Nw>rknS~p^ddnWa#*G)= zb@v6Ou8YT8ORGm7bQldz&|W$#CpjK8-~dW9JvA;C%~Ee^LU2-NiCA@XojnhtYukpsdw0i72lAL@ddPS8?Bw{$aWgw0WG8k zkxZ>0nTAr!ayFBob!g{=m4cAX)OgvPYZVM2qK>{fIC!i)O&BY&guvR(g5k1oVIfO! zV?i=g7|Pzv-OTUg#}r#j$rsC)X|9&H%6rjX`P-@^s+a1uQPC39wVVBxPMa@g zZ}<9rodLK^%cX2|)B-7-N(ESL0BM6dnW!LU+mL87J5ygk(cr7 zox`PNn|}DCUjarhs{Ee6iN6XINDtbtG(2E_O!Y0zwKp{M135wwz!~n zwguQM%a9OSna!~Z%d?ApRM#vQWuF3QWonbuvYIif18PRS*t>B<%|qQg-7AeGKd5>} z=VnwIvBwzEM%__M)Sxq^kq0}|*s21^&I2TA^l9v3ATf)!G;(l|oHLsO>~av8yh%bq zk~TLHPpwHJv~M;^u_!Z*MSSb**4g)F-|cRUrK_XtWxwHb_a@fF>|D;$gfOzk)eTqQ4_%mpg1W z_gTg*%orpS7M27($hEKs!7>zmaof4^VxS@rN|)N^ocLs;OIXf$RRDV>kJo7O8r@zb znLLsYtOBwuf)F7KyzMs!kJBJ7&}t{7o)!JiB2VQ* zNQrVkV+=QYS9WK2ba{l)tp95LGIG1 zMKNSCgC2^67>zH5*2c1-lFwLhINUC>-omq6gWuAeB0*!rn!jpT%`Ij1GW9w&tG)%$ z)u8y2uNh@*l=sSvyn9^=XH(@AlXB$?-wKlTILY$~hdenra&qSMAc>ltIlt@D&bLvy zcjjcWihgGzD#WVt2}-Cl2|0=>ufh?o_z?hNIrrXHm2y2kwr~BgD>Y6E^;QNe~?*CL?i|d7Qx>8=uIv(+r5Ht zXA^MeX~2A$d7+B=ht+E228<`m(oC?+urqULJ^lXs<*fM}d~R@R)E-f-t_#9-S}R>- zX0-^WdK&O*78qK>U_qvUOzv|m`N_Y!G$Z@wF^TFtirTzf)9+mCVqIj;NL#EU__E$s zw7RVBkh)G2G|A?$Q+CPjR&`0!3a_r{YIQFW7pprpUCu7oV)qr|m&85lFS{S|?5+D2 zdQ5y&{Z-dj-H&;m6A!5mYYsb~ay{*S#xqs-OXmlg51b#l(|gspj;_2MD$qRHP|f{` zY7QD0&111@9tu@+lZobv;_?=ZbvL6?Jjx97H_M;pZ#V6(Q@4r*O~G06yd+EoUw5nS z)a-C>cd^apMNY=zBt+zqYeY0zxkE{*-7eYba^=(-;5{0T+f7NS`XLXFQeKsS+%Bzi z68jYMIt_^Tux793u;x__uen9-A?#aHgzP@?i1<^GTeqlP*Sm>hOGavFuhCpk*B0%N z{6J%oWKZdeNIeCr#w33JuvCY~>Z+pwwMc&0Xek6qNSjMaCPzk3lVvtZ_l)yx7jS#$ zY46`@Q&iHWc0kVdxa%OJMjc?xoM zSW6bGo&dW^L)<(XOG%W$aDp9IV*znBBK?0QOhT6-Oy=ccCj5jqmazTuHHWCJE8t|o z8uHFQlbAhXj|WVRKz30%l$#Y8eT&baHfn+FO#beV|HAT3SxGGdwVXnT75Giajvi2~ zigU=h&w0YhA*bSGZa{Y+#?WrTSKxM}#`{nmVks;F90F4N5E=0m$POh4|6MU)P+`;z z=GCH(VbRn0zo7bJ#cVJb6;m;1+y>V9J|kyzIi6<1_+%|gfy{|bpOmW86LeKm37wIr zFn%M0ma4+*umy|rnKO%SPvIp&OWQ@W%utJ6ql&mA3%DPA<)iJREq*2vVSEi+ncv=9 zFZ%<8BYdH95^qK?A}vZPUZeL&nIZr5G8l}wk=<-wG(M9y0G zi&0i-&t%%$U!-X!tC0JWl{=5}OX0pR96?;=#FG}!e4f0{BmgcE^K89(0aEls`hEHz z;g^}$@$1Y9z1EGe79+i)XBnV_N&H2{%`#S&WjI#PD+`PKAFu$K@CS@IG>P{d-lxS{ zmyUm$c?Yq~pA;S9B#wkU?c;dvd(7KNhy6fCbh2mqBpKA+)5I7_O4A@G0AG{a4YwSf z3+lR#zfQP~zfIu4cm{N(5t@K(fN6kJK@#5{`ziCQ*|uSP-|ViD+={%9UmE@AbKLhm znISFt0t1=DeH(i1M@iJe+@j>xpf&y-=uZER{2uq0W8ZOqC-$!U&#^ycbuDOXY)k&3 z#y$B*!{5%o?tVS?dR)V`PBMRb(s+4OD8p2h`v!`ZGy*b_1nYtxGk4y>v#B<S{x?QGcVfy_!LNpw14 zhIAoga`cn%6_9V!bSWb2RUM?J|F&lfp}5nJRc?>V!w5n&9AP5)XxtgipJR9>Q@;Jw5@+jh~%OigyTg(FykO80#6 z{1>0z*mvE?q32e;xO;xThdJn9aMA6T9$6V_3XQT?e#(zyjhOXqH|l&s)) zk-AGY-g7-mQTkUH6wc-hL$E4Qs= zSFREkHaH_Gt*R}>S7(E>S+c5WFnLUxnIgZrbxmX%{$Ih`%?Mr2{{;6si_cs&Eo)kA% zO?(Rcot|xO?q5pQ43NU5b1?+~d`QnOT{_Tzw%trqVl>kox`1e(kAXooEfFnvLJzjo z^QgP>4(ftE3wy5e&LOwc<#ak*sy{HRyamF|b4jh?$+#y{?`3zyJ!Sd*;bU?`dJ=O$VG!BBg`-wl8=KeRH|+rGlTvQtbn_bR1C zTtuqK!d0uui;1Lk8m&s;c-6x0hMd!(8340LGKGUV84t@7VDe1jqGD`LWRl^QTr(bS zo@i#8NtwNOb$fW}(m-!tFEiFV-pim~sh8;`iksD5=pE`Gm}J&GNlc_kyzzF*#Ln30 zr^yn9lhv%PW-d|ZT$%oRrwRM2dGOEZ8Oga&8*5!yXVgbR(XcM)#Rg-YAu{(_0~!X2 zh)bQgoST}P=w}U@{`KPqwIyLR4pOCZd=go4rkJiE``^AIlE-};&FM|~RX5u%zq@Dg zNYJj=G@UowW|Ukl~YlE$Q=9983_A5?L=YoGi1aPD(IC#p-4oOH30 zGfJ5uDToFO#aJ2#Il{4m^d7-9UDuQ*o;^~Up5w&nIo=Gw`-+hUR@3{XL82SmHDIKg ztKUySaoA(10PN6Mq|q?NCKNOIQXJuagbgI8=_ggrUC~JvbT$H;n~QilcWGyTfkrzO zX$nt_72u}imZq47GBOQiY8vVY)YRf-Xi+VK#@W)0gS0qEi-WW{n4V*0Y2p+lCjj`E z^0aiirTPE*2^Ei$ZBgornij&Nj1gmWtYy4~n`oJ8Io`r11>Dy%)G|zplonuK&V=7o z{cK7);g2n;(G3o(k;W)3rKi%z(_DI}x%$bJ!T<<;FA5P) z)XTfPSS7kuzO%W@2o25~q2Ej~{V$B=lclC-@sH+n0=9ZLf3E%fVUNY2$tkn*ZAznt z4Rq!ju3Ta(bKp-~mpnquO*D4%1!Z%P&TR#$HWO6hMOSdWX=9TZ@G!wTXTW0)*0};6 z91N)g9#b%6HZcqqoi3^+xadrnizAo1>eR#Hn0P{DD`Z)EpExA4>%=MXIGFm?FB?(X z6AA5+YXO*5eB{yMdU-fF7CaGTb2M0&B~iM}`riV_fLB4|uR$yjxj+Lisd-s_6(o)P z>j%kfbRMPl!7}EinP+O>Axq_QOjpD5s7tSrlex$_Umhdy$M;gWruA_;;3&=P^EHl= zbW=v*qNz-Ea#J;Kl%`NZmU7!k8YOEGNg)B0WR;yX#WDe0VgH(W+UN z%yE>=97oB_eYhz@hD)MF5;g_6sK()r#OZ^`M^(r&@hB<+UokgPzS7i;qORHsBH{y9 z>-6+1XzU;MYid5=8oQZEf|~V70A7uvUjmjx6f3aY=jLcV$`NBJP-4u2gyH{1^?jOg z?YQn?<3py0%?}0kmY&pTO0JT7owUxhE^xK9*|a(EFr$9YKOJDk)SorH#J*&FmwDGX zZThQOESt*Ca-c;nm%5Fkn(K{XmZ_KIh#bw9T5yY`vPmoPh0+R{3rVZ-YUA6|KO}y! zX;I)s^^2PS(C`kmT?+UDfi7l&QP7%<7QI{NGx`kyVL7{!Th0$iD@-dag3IXh`2))t zuEr{}O-`!xVTskmiZDhu>#*+AYOK}>u9!{-kFN1S`ss>bhQv6M1e^V#Q zBCSP|!g9bWV@3{u6v<)6iZO#_BnK>*i!nxxBsn$B2sy}_&!tY?PqbQ%0Q}G8a%!|W z-I$I!rNhT{Cv?oPZi>XNI~;qR*y#?Ga0!?o3TLw@BV{IN5H#PH!DE^643imZDNW*= zKo9#AH6%wy2Z<*~nm%6|{eXa{i6iU`L!>K2%WW>wWfI;Dhy%7I^;c7;npgu6@m$wd zM^lelHQi3m9aX7_$6|DJgoL(_5>Ffa&K)u)45gC_j{SbG=1D5`UD{G6HD-P!l-ZuY&|oqfzcve`$HO~{5oCcGg) zBJZFPLJ~+MBq0wVA|*Z%szO`eTA@`D6qScS09&yYt5vVGw-4LfUa=RgR%xw8tCcLj zbI#0$fVQ{4-~S(&nX_kR&Ybgo-}xTreCInMXtmhO;Huo|#!3f7TAJ4Gzlxr;bGq9U z#4+QFk?!)8q8)f)yLgkzq0QPIo(UO;h)zy?GJ0*cn5tSeQ?*y66#1)}rR>%ArH<8X zzp3B+u=cx#2Tc34`wXutUbVmC_>KKHjx+oh%old66&5m1h1=@1IqiiGmD;X#XbUsW z>CUb8?Ys&xaLVp->YPeF?W7b+2U&A&Vf4eO8frC;JB5QY4AW&uKT^21JK;{}vrfu+ zoGt@2yz>yGblzcjr>FJAuBKM^L zC&Byo-ne^U?Xj1Cv18S$?;p;6T*;LrkcK?#;`{Vbgij8H!1064EHaLi2Nen{zUcL? zVQ3W1Y8MELVM+`y5AO<}2{U06&NeIq-C#4=4t4|Fcb(; zN($1DQmO=xyU^`*(@IMi&$&CCb|GFqfc3T=AnD*Ss_} zySAd=n@oqYv8pNMGcwd8@5B0ewL4Gcp8Y6yG1NSud?t|I)AL>i{C(O@1 zjEH4Eg4iMiu~Inu7|>iib5KY6v{#zM6bH__pw0$v*`?5Og!y*f6}~P&CScVe0Im(`ksz-OOQH!P%f~ z816h=D8^Hn!eKc15T}ntPr!Ci0Myj~h}s53wbTwmwTSi)?MLEa816v%*jaW*VpoDn zp!~zjRGV=~ChA>LBWB>P%*hOu0mE?OQPJ{(g|axyF!J6XC22y>=bF}@$EUN>bXOdE znBWB>DS7p2GUW|xjEpki5BfuX!Otiaf*~B%AVj5@#0uy&qLg17SphZbq%yq%`t*e> z$SP@hfQ^iG-Cho^R(q z+}e`zJ6)y?cA;qHeLuEmp|0b%-VX-b@fZ{ex&5c#{D<$nGz{1W)(F` z?IWG_b(MwDTCe8XTk2PB-i_D&EkW2lfUxTTQE)*l8c?s(tT)`G{*CZ~pj6Uu6Ma2% zz3o;zQ_V(|3OeYFI+ZlPjD;-1&JjKg!(k&toaT@NC~#LgWYj}&9Eu=_JCfD~io_yH zELvW)tLRJ-Q{+4jCjvLVCHVlPEuv+IWtT-|amFrns0+vrJuCMpf(*oD$a0zl8yy5aS2HvjP3(D?c4k=M=B zr;{?(p!ib2m7YMX1D=TUl( z8n2WzVhH2iiL5p|TcD?CdKh{{6YnqJX@>W^+#XuxU=%2K=OLc=TaF_h@1QLrQaRxt z0QCpIA22||#`MEDbQtO{@Ke-Zf=~=D4^lzY5x+RXQM>%mj|&miyvXh1D9#x;4)1{< z5Ja7A!iq=}Ryjx)Ityg=;~eQY(3H*3nJXlXBab;zkLNpk`J3QP)J?ono*;M`n$BUC?h>*8Ck>KnYiI~jCEQgw3% z4m|SBHP1svG5g6QkwSv5!n;_iN*C-v1%z? zN-Zs1>Rk<2Q>zPCd)bt~#$WHhUvZy%k7Bo5MZrR^&FAL)0c3L-{Xvx@2z(T0Wc|a` zNztN)aUj|aHD)6!t^quYraK7s>XeJev_|A5Hfr(qcd1KuR(N$c+38aXWnqxaJ#c?Fg2Thj^Ls`a78T#== zAv%gvwUh9b-Y?A^CTmA5lcdxnK=#17lewDtF{;l_(Uqc7G|%#CCIxr}uS{vXLAO?k z<2lzF>8pT>jsOk1Y5|Q>6iNZWqLiAx>WEegmMfs*2Pl(4>LEJQk)v=qVu~k}+F?2( zx)jUN=T7icni8oV>NKU`DM($TTXLU1K7=DApCkWA&Nh*$*e1c` zFZY|uOn$51MA>r&_(=mipVQq5|27Z)HD{cc!=cUqk3N13@oo*!gI|kLn;sg$RJ~}V zMI$WIL8}TW9*|Zml#tPB^~hq@Gk85QW)x->TcA?0EX}BtIu`i!P=5kG43t2Ny1HHg zm1{VWdP3I8rSU=2|wu}AnW;~67uREjF7avH{H zjBBe2Yp6!*B1*o;;gOq~Y)YE!=SF&~P13X$p7dvAhZ>{Nh``W`2WfhtHE0SVXuvXb zf%LH>kB|I_8t8gF7lP;S$~_2I4$(JVxP$uM$TAF(t1h0U_aKPaK?Lf=vW=17D1III zO@wJ@1{Isw>(%RZ8}x&g_53&4n=KkOyFEsYXB82LKjKi(UV#BB#c|jI98i2N(m+DI zPZrfFpBXiy+&cgJ&fJJ35Y_jEzyQE7QQZ61bgNUp`i*ieiXW6NW^VrODZ z3}R{MM~{h`7c`W{8NE#RI43C|BNFGVk;NP$2C{5Mj+92kTai1&nsi}K@Pvb5pWeR$ z6dJL*$f6Xl^&*|ogiZmqFjlxp<6Wqe+mSV89+zLCA}Jme;-)Y^PbUZP?7ZpB&tl)* zy#4i+8()56{kQ-72|Z|>dp)R%wA4c>Si zb?m0O&F^g3^~is&UsQ}}&4@Z5UR_3Wkr$hvg-pw+94fY32~D! z6y8?0*YUXP3E`0LIoHwfiO4C8l^eZD>zUtmQy&|^se$VQPoo`=$V9sANJ(r3!qMa~{&k7_f!Sv{m2Qf+6qtJNW&yU-sH zeD1hE$db`j)^9NQ)NU!Rsvqa5{1oL=x>X*|O~IhSXe=xPkH?dESQ?oa)PIWp;^H`E zEqJ`p{l3Rj$g20Tta4uswmWcO(Rvk)%6d<1AZ4vf?kkS_5-Id*r)wYY7Ts^VY4`kw z@*YGobUEONV!#o_fFp_l7Z5^ZBr`-ZLqq`xJ(4+d3~m9E0uYzvJlBNuuJcW2M?S;x zjjM@8&V7W~EV|^Hsz*1Jz>I|KAMvTYkHn{O+3%+bn*4Zh1u{o&YDL8XeuR-LWP$=(rC)n0n3eTgUtGLx*1PfEv3pJuOXF zI4aW99keYSafH*f(xFJ(?Q|T(&@aS6?AZ0MJY7>-U)m0?2kRVz&i?c^u+?#E`T=lX zdN0_W-c`E4^mY5Ij+3Rov;W3%y7Zj=PmVu1&y;=!{$c-nT9^T6+NY(K!bba|)OGd^ z&X*mh(!X;2D*dkG-LygSTH$?emp_p7xugC7g+n9+B|jFw&mHjx?G8r(zyjcK0_b!& zhN)M@iRn~9+F?(p94VMWb+@~mPCKP$Spd@MNR&-qjf9*tl?)(_{!+XQrT-DJ6qZ5? z7oq2jywQX`P)f)UJ$D{QM8M$?un-=pM)Ee5!&9|fez*|*!*XU+O(!FSIN``o*uti! zwdfDA6s(@RQ(S?r21+L`>u{K|4$hnftRrh5zIghuJ!?-FWT8CH2XKrpB!K*16AJkZACej!rU83xi22 z&k1@G`o5ck)|($i;5n=y3;tsGxfT}3I2 z!)n1A<^_`w3P+KtJ!Qhoeo!}VW+70fm_ooNwEfWLvkb$5L%>n!Lf50v<950@0q2Q@ zzz{)C%&3~&4`)@*E(D6Sst{=6s(w)5x0AP=9_eZh8qxJI)WwYbaCDU#jOSO+kNK09 z0Iww@)s>YviVvL^Yv%F{6$%Cz#IMav84oOF6z~T^R5@n`Wu=VSO2*KzW|Ut9G>%x9 z<5bv%KrTcYrB)0L)OzCl%s0OMcD*R zYv)g$+GVNlKeb~?P5qLi*X(SaG#7DC`r=t?BBF2_%tHpC;x*r@3IHKCOY{_7Kv78C z0t#xuF!YH9cp1@hx`*CHpP`lX3HUVi8Z!*L54??q43aC7YcBR|+(ag|Aq+xlV$RwC zKUCcHk41_n$^8Dsvx?{FyFoGihU^C(_IphRsu=qf8Gt(MV40}kQyP`nfxD(Am9l5K zk<;k!2T)w3L(QUUB;}{$w)NT2bh9`rJV-$!Nlb;o@*MywLuH{RzhtVOA@Q3yq7^gV}J7 zY9>29G%YeGIwy9!YKR*$-6`B2y*)ORe2}{vKP;T!jtR%2FCX{B|gXn40@2ZxkShkS^~VA)G+0 zIt;9Em8cUnsbyg(hKIsbco=^4oO)9v#U6)l^f|Yv;XxD*ML)(nd|f@A1XOcx1ZmkDZL2j;UhH6Qhw>&tb18r|aAZ($$;R%3kXz%Y`z~ZO2&`vfS}; zPM(5uNi%RbY->JTf|Ncdt!c)+X><(3 zXI^LDoZ4J^eYs+KX=8L@absmibY-HWa=_Y??kTx7rLAYv!}MfPSF)_6yJT|-U6L)E zI7}}>EHB{qm(}tap&ewoET2thnd~sV02u<)0G*s>M22drtfq`9BbknAtU7&vNd;dK zxF6u%VPHaZGw}n)3SUL4qNakWcu(h*Lo2HVE6`7XJRkQ}8L_X!!ZW z#gJ9W-vaLl-4b~)^f-Ks+8uf}@j~LQ^j{Je6M8eSK^J9?y3($as$^AqWvC;iDPk#) z2U_vyZvY5U#A1AIgFk5Vxjp`%NEIW#7N8)KwJ@}g;we>8>~UgR+HrM}dDx&@uA+C4 zL3iNZ=gADiZ;8gzXknp;G8zoXDrU_%&fmc$<@h2_tuF`uXZ=(?Qu-mUz)A87M9T z!BCnn#ZiOh>99+&E{R8hK&BNT=0pYAC=Sq4kfk^$PJVot%ceOTEm-y)z(HN&em|5# zsQilnYbt27*fR( zg+MW|m|8`xr?&AA@O$}VybcD2;ay^xp|xTmb&Z!&``olYU>oN)O$cc4j6#t2<@bB} zqsPQio*+fDU?1#6w%to&%Jy}^G1Y1f!MBFwY6!kHkNBILE+LzfrUZzD!mA3-Hf5!# zcSv9$_F$*4fS)z2RLUN4So3A>_4j}IULIJ~%Fe|+rz^d=<>7C%!}Y4%4xy6or&r@p zmjWyj2QTcK@3R&p2M|)J=3pw&9sz)*!V=tf$RVmVU?*-%h%m~zX}xsUJ>)tD%gOAN!Xx|(-Dqr>N*90Z1r znS#7fo`epai)>{a5Ayt41h0{`=bO&IS92~OKO4`Q;4K8KZlz8oxWd}7O;Ebk381s0 z6YEqYpvJCGT(N}!p>!y-SCuhE<{yzxUP*rC~Bmfe=DWsV{m#}bDC3Zdo39m^~%~L6?m!Bjj zQ-1NWxWznG1Gnq98@8LagtugVrTvxtw~^nLsf|e_p0puduVz5|Ua87cl{7A`V3IY8 z8m`7v8Lo+DGwG_C+Ip_uG|f9RJUd#K5vvwC7YPkj1FFs1&D>_wX4_`_J*u7DPSX>P z6Jf7GVdRV^W3i9(nS8}DP0XIE(r{G^)k`ZHs`6f9Ayn_dN?3^-vJR0{GMsT}7?8wm z@Foijv&m#tHg5u?QZ+TWCDLkW>5SX-{V>vI5rIcCnR1O*rz>-4)GC!ToGH(gl?&$W zwv-8)$`N_kbcLIo4PNL?3EjcXK`OXC2!l=`naq|YK8eL5Weo`0o62FiLZK3zDpjal zC@3!%bhbz&U8XB2E7Kw7<527DWf8%ttxSa-8d{f8l^Z?K<3pH8B{3Sjz-%(%6`DyV z0TT(Yw@{-ShEorB+n_Be3`4^q-U*#p80ffi(YfDw#`&?6!5MgErt<_<0m^_1t~ywr zj35pA5GaFXC#V-e7F1Dl4*B08Tc|Z*`W=Zk#n;M~9o}Cczw#1?*5Jsh`zAbANVXS{ zL&)PrZG`RP1az3Qn^KOC5EH>LK1%?Nm6s+wl|_DXH++OrDweA@RBthG)tg>=3141f zUs9n9i*ku~SrZ9+mv<`DBHpjTzGI&sRcGxu1`bNUe+XTz*iBRIG1cf1XRUGIT=WB9 zMT^}~qrfr9RStBjz$v`Q4RMv4Sk#D1`}l}4EAU3V`17rUM!Zqc8FVSdB1VsH=t&Na zofGEqVM2K({N7s!wPeBQL9=u*Ny|sw`YeY4U_ysoG-o*^m`vy>7Oh!}q(|GNiy6yr zD~`+6(ymPg`3VU zn32sjB%BuUw(m?yByztDxx-6OJ~Qj82}qUq*d3)@puN4tWi3RCyd%*2L~eMngbsxY z40e0dOD|n*azv<5NKsI@{^EtsaY&QnkS4bu$pjDZQ4X0mnW4{1c?*HZ>j8y6==D%! z4Y?i17)6H$Z}y9HE-!6lJ+?yN>w!ZM$!69_;h5%l((H}XZ=_PBqn|tX=Z|1Y`r|fj zdFdq%9k|Q8S%cB2=QLimufeah8ZDg5CUwDhv z#yU6U^FjTSfBak`K-`|7FAp%b-NL#3xis(R)Y!c1>XXirm75&a#Q{_d)npwrT#z2UlgIUGIGaU;b5n z#FtVDg3*!w4s*?y_uqb%LJ*jwzjztcQ=yUH$r>Boi6o>I?iEvJmT@pUnVtHbhP})% zquObQdi#LBq@n>VF*aCfH)A(gjMp;rjBhiijVf6ZMImjs(MHOk(A6p6Mg?q8ELTv9 zv`#t22>Xq2nX%hQ8Pk*o=@E$Ck<+D}y|Zpn4L;+zTB{dt6B80k6^iFHUM+*jG(GVjFUT#n6r$-ij(gjv7)4rBo7!bXMbcS0conxk1bVIaGc)?{bZJkzD9fDEoyo0 z7tPfcHxpITVB|qKx1-L^X`wUs#}HlQ43^Hy2^W45Eaq3?IJzylX>hw@JJ5m{d`ad( z+Ngz023mZ0C-3vmVUK@xepe)QehYFnj@@aIb}E;4IoIH9y>Iwpj=X{rALVzD`(1ud zxwk|$*-8#5V`Tp?U6kzq6^+^4|G|OOxi@eeG45AyE)I21i%!8#TCvT>&clFhZMi=+*|#p&gAGH$oKbUJzeauSvZw-lX2KHm-;Mg?NO z;g5Nm=ZUxe@WoF>Jz0i%uqggBKMsaW);r5<1+nQdm&0qy=A4h8>*dZhkzhnp7uv6U z!~GoDdHh^&BOW!Ay+O=zdC{O0>c`_X7z+iD(dU6)gB$OJ3iCE3B8;_7S8g3XCX|Y_ zE_uuj;?a0@b-bv$dgzs1S1&2?yWFN`zawe8w2%09a=R#Ao#QX8{P66gV6arLS}ZL7 z7InvcalgEmc+tgoXcMycg5U#j{8TesW?5E1wc2~^x9XlUo)i>j2TTj1K)G0HsZJqT zq+@eNq@8l}2*L4Kn%3gA zQ-l-cLn^u48l6k$84tA@x7Im6A5uy3&R%P|w01{%$(2O*#FPDwUnfg=9FrgGzqZrq zFXqc4_K-V8R`e($WEsy$#{)mSv#Gko=_|UrV$uTok3v#ol8x(f|3#bx<_nMwC zQMc)~nkdcvY7@90S|9)#^&Uf@0g=m4!Gde$ku@n$6mb$GgI!is4XT_2z4BXd+b>`Ryx3JV<)hrar+)S9wkICM>=V^t5vfB~ z48@otc7}pRA2*>&SdcNP)}RVV8wk+KA?uRIzFG;`WGP25FU?r*K{cYPH z&b|5fjXUS~opm=TT8rvdeml4Rm${$jV3#oUL%90XFZXZT{UDBTn484_`dLtjp#KY* zH@U*ZPz_rNimghh^2!0w3|I{&Q4QsY_$0QWAs?_6B|axX+YO52QqXphQxz(WUUN`z zC}WLgt;!(n04N1DyA-zlB-wjV+WzmPy9l!ZcM`l1%YI~k@z0lZr4+ur{l+LKSVY7ZTzG7m+>M#(I@mpw_EPB+*fci zp_*@j0oD-nsv>gicDKXm_0d6B4B}=5g+hl)r8KzRz~?hy9+v_>xC2tlkp}cEq~#cF zABIafYlD?~!TKiIvyDtMStl3g;|}7erO0B!D-OvTB0L**4#{z{^P1di9HFSi9jvQh>t`=D8FenqS*n8OK3FQ^=Gi)$JyoKs`8s7tu;Nn9_<@{4gKtwE0>gd1cB3L=fQ2A^`E@<0Tg)N z6B(OLl**)uZW|(3ae>W~i7KmDYInD zEu4EqTBb;9I;EzZOT(V@uJr!&nKYC3@nmF-mm+yeOa208^JWX|Mj}qy&d@;iIVAA` zEzZ>W@8`$Inwl<&siw8^PUDw`&4~Ybe!jURU3b;sfpIKCd)ObKcC}?%)#t+vTyCkZ(o1sdk@~!_$g)HG*=MH zL%kyh>R<1j)qnUcO4!U7BRaqlC!a(XSOzwU3pC8MB;|~_q7>)goD^RnRxGdB!1g$L zoEwUEICePqJN7%ZiPSpn7A@_lNV*y-dMfTl|8M8@ghA*5v2iIYnnEXM9G%4jidhz8U!?(-7ldI`R~N{kb4z+`GL?=Vw*y#sh9 z-_kc4Op=Lh+qP}n=8kP=V%xTzi80Bh7v% zuV1gO5_9TG|0S24Ie|VAl}rE*hnS{^DRUWv6*$-0DvRSh+>1%x&oiF%t1 zwV7*3RXx`$6C|WCsG`Vb8NG_qJM}vEap113vBGr=6qLKPtkXh-ZKHhbfV=_Tc|d#0 ztdN$-?m%2Bm;Eb9y@68=2xS^JN^R1HrS8ZucjHuS^%ZT#M48e-F;9*ow=yyL=?Ps+MefI8*>T8}~zfW~!*M$zpdFzdj+Oh{B>kYfoS?*@CPi1%Ic3 z#;VU)*ABPdgjErMe9MTYMyzMfh;<2bDWXCr{~<(C+d!et!z@e@dq5-<6K+45j$B?~ zMV(lO7*SqP4wY@xlJ}U}&a_`Y$5~hxy7BD+v!=>&;kY-*%i2pUIG?iaFy8Ijd09 zW#)zGYK`{3t;9rmk%$%WFC;}W4i6DLY?K(Kfav^KxRi(39szVB3KTbAd0*BU>6g~eg%}EIF-M6!Ph^=4U-uck%ZTc})OsZm)@b|2%TriO$)l;qG5}4UBq4;AEoB*P}!--ifCQ80iQ7kPYXmar-48p_) zs|BrQsbbV|Fj7?))I>F#DPC2aH|J17|Y@#T8XFo zfO$ixcy?9as8w;0W{Iq0hBPHhwMd7bW##2nwMA6Hi@I?^5hX`GSBa>M)V^O6`xbxU9T0<%r0d?d0FK^Y8*HPPZ*^}kLz$kYf z?UvBz`Z{t=$cN6ALIvD}jNiZ{dzfH7_+|HJ4+T(GaN_vfH1rZGX{hgFXX6_tsA2B( z4N(WGMu}CniY$NB?&~~5d1q;fpKY?R26Ko=6Vi$0$WOs@i?_sUld6B~kr?uUJ6XC) zaiu&8&aSlSvY#scj&aq|mLlDAv|x;v_+El)M>v`;bB-R$j^%5S#|69&16~##;&R+~ zb4sl@jkDBf1;oOvoLI6L0cA`bM9P$YguC%7Zbk^31`I4@z;hsZTwDoyyed{)e}`) z(nZPl0F>+QnwsqG8a0L}Z9@{Sidc7p*eR8^Az>g8aG!v_JaJs~##gXo89}aWV1?Xr zRTa4+P|Jn>5r!2?^WiVxysSl`ulEZ4GCqW8rBMTxj0t)G5}ySOfeOZpiUv!W zm!FUEl*+lG3nW>2$U60NxDSf`(pMuic(Zm^t#3c@+>Ueag2v|vH4yFe0k(EBG{%}! zaXwshuY?mz)nHcjaZ075NX_Mv;Un&D=4V!9mQ*+rCl*g20Hf%!h%8_)r%u1=I578z z@whE;#HbZ;#Z^rqtxAxCYaf6l`I|m>YPk_kTuF;Po{~l~RRwC!*3vpRc8tV<0P zM-d-c%V7p>c3cP7Nizf(@Tz4AD!~Z!g^(j4jSr|P%;{&CZO>H!K=t?7U@AzG++~Xf zXY)mvaHu*r8qA!NXs)`m1wavMT7T!TBFZ<{Z&?0S-+^10gMlhR!O6sqQGq#7_+n>b zb3`myL#4XQ8k6K*z6i~EM4G6!OUZi%LIfaM^c3sots19jz|<9y6KgGuE#aRzK=BQH z&=7sS+rpm}P-wIrwn1VU3&ah3l(ccdl<;0+0Sv8G*kOq-bQ~KEo@+QPfNh_XQSR9S zgvOCrZn*3>9J{e|V|zS6Ef<5M&MdA4!fECx0;fPqnZL|Lg*|7xbK1DmMB2z|+10&_ zlgVJUzCWp5Ub!YxtyW6g@|$eDJj;2*CSsx9>4u>2&hY(H#5A-Db`qk1Hw%!_l_~UBDr%QQAt+^Az(dIvN7c4 zu?6x5m@MQkxGXsf@KIY8ox?O3mFJ>}WR$a{FvSwYqd}()^$1etl+x6kF_D7yMz3?w zc<&GHi|50U|vLr)P zJt>bi{Zf9=hH207xWy3HAqRHa)2m2(;)shPd*Ts^fwa&uKkvvY!m3*F3&9?WOlIZ~ zi*;Z@6l>kLSg3-gJ4{bS6Rh?~5rz`MZ!15~l@P9n6gEecCE(M3{9@L2i_C| zqP|l3aZ@&DD`r*FMDyU*=hZtObzh5~ZApUYLW5+0C99RLnhpymtww%{?;NITzRn>= z*Y3$cw<#VD<>FzP(jKo_;44%OL%nBR&sGtsRZx@GL4ieCu3)B{e&>9EqMGd*;uYW+ zZV9SDR3dw#KCdYa}k>Qdp70lOOA9$f=_A)5pHCUBy52!wz4#bh z6|_S|nwcsuzgg=G_}dSEmQvBQ(OaPSc6hCN(X`rcA&X?PVWw6bti^`SXv|vJ4nAd* z%Owg9efHe8X4E{?U$KByl!NBkMWZ0ZUe^k>o?=0D7?a^rmK26wPPLLC<>vZiG)4GR ztsh?h3=Mj=Dq;!H49xDidVb^HX&D`YkzorzdQ}9a$>y&fSgcGcl?=6YT_im{g%rt& z6ip-vL{Tl)-#~T$B%TzTN|2SmsX~NE0cnIISHuh$sC7-6z9$`%N=dzo!#DrR5n?F4 zY5rN3Q|f~63W!zavG4N>)9Mu60pM196>bT<*M~iJNwDxe>{Q%R z79zX{teDgsDEn-&m_4sAJsYqq>gl-~g0YLIFO-JM$(X|6MkYs%1X&{HVd(j;0nRsu zrT7Guh!QqG!S{h-JYa;C(1!^^NRi@Ql`%3YW39i9sb-FndqD5DtrfH_Iokbjv_fhR zEZ^HPkGUB&D)S*9)zXb1h`ok1OK-=sNAa@>&Av=!+Uouhm7{Wsb z#=(8-VJs+Uxzp3dYB`#qQKFfxZ95EXD%ZK36&vM(Xn}*w zoFm3ESw|hBzCzRJjmSb(JqJ7JhyXU>E=g5@wvW_=lq3oneAY&t9&N_DvR?N_aiMFr zKz<5B%=cW1cCt}#)+g6@56aOussmQ`1@V7BZ306d+qXRKrE@7tPx zIL{Tfy|)!Y{Iq@NtNK{G$QPukjT$!dL~~feYS+MnW@V%b#eNm1svHyrYj{^*-iMGR zJF6=CC4oSx*-#h8fsJT40$muDg3Th>rHoq>h~4Yi^XshNRu9~m?Ki4Pn-(M8;%qYp z_L@)MI9FYtvrpbv7O366UeLY`d-k78J?wStt=#qOE=2A^9Ef~+9z}& zr$rQI&doBbySbA*W{XS>W$iy1IEoq22@FZrxBM4=Jn4^BFbp+XjAl^el*m`)m_Pjm zcU&oTX~2WIbud$^Ym`g(p}~cG@0#dFN)3KZmA3kaL#J5*$)s5&;V}Ky;h`c;2qQAn zP(GNXB48Sb3psZU0d1Y1=WsJ6>U984qwr@4AW2KF3OP^)a|dPVfn?bK2D&mTH6Krz zIu|}p)6xaLH~_q9A13bJ4Ne!zYtPREIYj`f3>sSQ7dA-w=G~oK`mBVojG711KOY+# z*8F&gx$aRUQO&#Nyb|Z%iS$YB8~cfdjqSx&&?ClE7wX0>64#e+J&mu!?J*LM5(TD& z3^3t0^s4CJ!n%~BttEXxIg1AUbsj}cjGL^2*isdkg%>;6MX%+&k|&%gTR_awp8{KI zLvplqZnIi40Rf!?@}JR+Ui>YVQW z+Gb<7t5zm$nHe;qO@3*8OX!|8NN{2kD}kmgpX}H$cnyJ zvqAlu?A#7(TSq04T6Y-QH?Tiij;x*7wks=vOQ@v0zwXv6>xzghn;q4VMKr};*Wo$~ z$}V=fBj^!7X@QY@WtJ&I1UJ&TA}WKVf>x^!Y{1zst5oIaPh8!^JI30{buZPJitFG` zrNLTYx+8vrJCTv4h|ans5>u;;@s1gfNw1OJB|XSL(bmo#@1Y$G%&w-1mzG8(jT&-j z!^qsB$YdSmr|+5&Wh?bD$;UTv@XaVys->>Om%S2x>%UW-Qk8?AJu$RwEITOa0W>c__3 z#4kuGSEO=wWM^itWphYuLz{?h=x1S-I;r7$+EporED`Tq5i5PSSRvcv!yd8w9ZZ~* zMZPp9jxgvRVOm@#G(Zi(c3%^m_KhN0*43RHIr}*~W-$1cjzq~DDm-B@q@?c0_1vrq zhjDN$ZB9>5<#o)law_`wU&dC4=QdqCjKT2P(|IXc^92CJsxJQxlA_V~1 zQ{G^cc5$b^!W13uvr94UL?>*Qr%MbPc!G+**ljk9YrIpQngD;iete>Qd>{5(#+PlD zY=b9V*!Oq~t)cR>rP9dqv%Hi0unS;<=9R&}Qr1+M0Ll{{`t~Bnkm-qZglT^boun_2 z4>7|me6*>Oq+k04`MtorB)=1=ogbL@k@ST(k?vddQ99+(2aI!Z(GA@Pn6B*66Grka zt#fv@#y5~rnvp^U4^8KVLaX#Q9Y!v*d}BVYlssdwTYdwgmr374GlIM=9S+GuN7#bS^dU8^H0+~)6mX4I9*m$X%n?1^fVmPJeVSV* zj~J+Z9j|p&rsz27!{F8jJEl7lZy`MG;JHpz+!7qGy~O5oxaJr6i4~$l(JCS#DLR(F z;=Ho-%#}M+z0-#54MMLQ&S~Cqr?5kRSiUwk_PLDnZrlp&{L#z21Z)m1UDHFP{P0Ea z)TV&?q+sHA^-`4A!Ts!fvNtkj$~u$!plYVUrJ$q(&}6GDCVG^vv)0r&x<2ewNGz;C zk|IM`z6^9&kuSn6baNa}CGw}=qymnQol5w5-hX3$@}358DY!XpbTvM&yf^A+zv{e) zRKEP#V7-(~$3pWj4r?hX1btO4?IkLjc$>E%>;X=bqffSge?J&bC%g0*q0cJu2lm`& zf%Pz+Tb%)MLoum1#TssC}ZH;~rk+VXHJc4!9g7#eb zjGN=CQ=%OOblq^?+j80fE!j(pAA2*qiO3Q2PN>k8Qsyzq#?P?~XPoS_1m(1e%2E4I z-r;gqe#OVcta!S(2JTEGw9#n&cTWK`s7`MzWEFH?e2|Lwr(4GYMhDap zYiHP{F-wfY(TD1bu#Wb(E@lkygZL5WZxL~yJTktG8_OJzpZ5FLZu$UsYKOLA_I z*bqNwO0G(7zLQCIj4&&0K#eeaNv?{|hDvgYhWpL`NZN^iYz z%biO2W|0AAQ#b&Hh;#5^9g4NsB4X;;8ju-+(Cs${^jv6PS!8oS+Xd0NUJgp#88F{Z zL;>EmV$Znyka!2q1&@gotik*2pMErytXj-?|8T0c%J5{6~g=;R(Mpk@VH$DxLiLA?412sNn#C*>u2Nscw6#JkGsHgK5k!mK@*eIAxP6W^!n=`P^+!L=i*-Gv zJ^##N!+uY2ntu1wyd%bbn@o?+ ziI9pg-U4#ZR1m}SCXREB_?DjJRfJX8mX&bvLwx(sv0~Dm5;-JTm%__kuKPT5h|gnX zn;)*%PN$O9YSF$wg)cB6g(BaJ;Ib*q6+(pR0jPA%7zZ>&Q;&(>c;jSO{c&eRHosW3 zLM%}F>w^sP++dP2`=FGV__aEu-;tIIQw3tlZTj3YYyFM8@7^wXS_X}De(hN+ZK+|3 z>wZh{DH}IavZV)%NVUP9O6qD)W2UajJ7!2~Ru{>v_qR*%GKAP~4NNtSP2J_=)dg-_ z(n?9%ACc5)2lzH4v|AD1pCr^$4=D_IDuv3au+dq;9^=0|meYP?@;Ta)njL#$}mV=mc@7`?tNd1K8ev&!pp;a zD#aPDUp`CG4_|TKzM=ftA9v4<%TtbFR0{e@E zG`DGm6}h{0O3xbgE%$mmU*L1V*b96O?S;cLmyzW*q^i_Y@3}2uXN?m|e>M}oZa|Ej zQiovMZ_po0Ql!=7ZmW`jjicNFW^I%8D#1&MI=!eID^h)oBtw>z+$w_0nv_#2!SBKb zs9ZJVQwCC)W7G`Q(oA{!-E%&e@HV7(toE2_x1{XIIh(vCO==)Lc!7z1V>#BO2q&a< z6ML+Z``-MX-B8Eyl;1$#=p|bRH6mn2b;w0?^n;}2^PTv2zP0K-spD&ijiz{J58!)= zo0>S@O?>+GwB{HPO(E0!n9`k)LMznfhQy3W{OmjSOp5fHV)?~u|Dlq^jGtZqz>F(- zSAMjGlh6TlBx#~MfzfuW3Yj=%hu;tFX+i-X<9O&NKdSdjH8jdJyya%yE^gZDBeV7Q z>7WIeahr8FpOT*zvsegg;wFKjTB?pGbGayXd^u9EA(vfJPl(qauJq4Zg7psJ6rEYO z4@{FAt`$$s-QDha#t?{@gBvAzElTCFrM^mSTl5f(HPf%e2j)F5U25rxcL_QC45N%{ z!)ch*+&wv<`f!wzDc;Fc-7g1lZLv4s9VbNKdy0x#kU3|>o@ST)u!a5dX^2VFnVwK} zB;4C|$dfn>nadU71FS>GML%$}ZkcEgpPwoiw|;jPCJSgK3?-+@!VBUS*-5$+w#ybt#jzQMH;_(AL`V_4*DJ2&z5Sy zh3kzSo+X%iaCY`#lCBwejKh zq~X*;3RHNk*gVX6=&RSXc}v*u6yzD7_XY$vYorq0+?R#@EA zk(#@)zP7r!5ZkMz)}Gf@2)_WP-sT}{j=hyTbTAsT+5Po=zqGVkvxe9gN8h2bD5Q{W z^5Vi$l=j3@duwTKeQr^EyjDbCV{3C}cGB(c_B8YLX|bg{Mpf6QS~4ehW$I^PR(AlZ zkBt?C0xlQCGpY^khSloRMGcz{9{9k^#pdK9pRX)?g}|18w6wPV)@Xp75^Hzy&*JoP!pgQpyJW4cp<40Y-6aB+D^T5Pn=W-B!a%C|nYBeBgnFYZsWgIbQ7!Tn z3>Av#R87#Oo*fWs&BUEoHrOv~?Jr!5&G}+2hE)YB@^H%~$?Pgqg;Q?iy9!gUve2gDi$T+W1Csnjt9OQSyt?BSd43PZtPt}h0I{wDCbwy=%$Gn~wE$mPT1!-C!bMMdV*!Us;mHvpPRI zJ+{V6V$xn}zJGArZXsKHef6qPD!)HnB3~Nzmm!*!Y<{dgmZ?6zwA7nR(VF{Ng1&iP7aKGH?kNkmE=~O0{%jA3; z^c_}L$X)gfT+rP44=98agaHIbKiO2$>JtH3vFTs?>|gOywycl!#5Dp$8d`CFlzu%) zVZF`%uAzH$eW==HV}oHJ*^St>xEU3<&{fcbDTrZs*)VD#*MjGw(_I~;kSB8UU6LA6 zgKhy@u%pLIHB+Prqp|RkkmT;sl>kXlw9s<2%LxW}ELo__1O=s#zR;Pur>4!xzb@&p zySwG1-j4h^xJc-Z|$_nCQsO{%S4KN>OJ?NhOI1m59V?c%7*|yA$$+Pm_zc*!-xPGLim*l zf>6?hF_Lhw6<|if@6|4&*2ghRI@puBl;*Gmmv4A;$P(bUru&EPp>$wy2Y+R*Cz&hX zIPQ_b;+FkrdPhuXIwnb6^l>F6C@Nyk{y2t*%z13{*>Zc_*jVf02Dp&((IfjD8#Cd1 z2x0mmKpdGY<%5R5^T3Ttxjh=fNY3MTR6G)jd#0IrS^x-U@L|2sv4_kF;anjR!4pe5 z{tW+QrsYT||7kCG7E8{k8GDDr>yHeD5Bj<3eG$sL66BGQ9=UFpA6#Gmv@E>Yh2Wg?7ar4zGxriU;8Uc|-27 z!(^BFd1WX662$EqBHOUE0%IR9+jxEUOUl)dw4*LTSA%dRIQhR0N9d|d(A65CssD?7 zFYyc5?PC3g7f4mK6u%l&(~$P@e$G zx<9Uco`CdABK9Mz#TPyEOUXSBWeNqIIdycXu?|mNU9-Iy+2iPWn}cqvKAi`;XN0)r zjx#K=jNxRet_^ndr2M=yM5Dqa3X>o20T%uuAZO<)BV1coFt4y@cJ=Iv>N)4Kx_ZaL z0X=5?#Lpsz=*!Ph2i{b6#j)Rz&me_HX!cdNxfmcYB(mOW!9)I|@C-Xuf9pUYRiDwAerBM$NY3K%&4Aj2}u+A1+ z%0BGCNN5;ZCPV}voq^)ZF}I(lU8wy2n&-D4sBL|3zr$$%!0^2I`(x~#=f9lGeV{ad zzd8<;=l6b@p-!d=aEJ6|1}(z12ZDLe5$GWwh#ex^&h_VC@{ntj$GC>R zDR6%5CN>M3X(S0-05F&TX4FEfLHbnx`=3@Y4R|ZOrniTH(>Nz@XbTZ3v9E8)lIk(^ z{50G#kQNY`^Ad0r*06`R>EI?XMzD|E)A$+)Pwky(p3}QE=E4*5_K^Z6?2}bcw?8xy zKRN;JhqfsM=mVNi7NsMb&}2c(ly0 z4p0CnIhIN!Ttu=?#`_fycc8S1#RoC@9HP}9uXL>`lAu!(NyyCmk+%2`e8f*Vly!b@A$rXGN-DPt6M3;yh zW|zVK@zEyJoqM!NC*q^_$oHenJWO50N9xfR=$vxH3+aw{!|OXsS%(K0{K>~!(zaB4 zY?8$K&&*a*y~Glk0lR{I;cc7aal?%KW+KA8xsha;S@nsA^{? zhJI}~RjV~TdtzGZc=vjT3k0DvyV(rlU2aseAB+cdk0`;M+v0TsH4UP?1=b;+b0{_v z(UhvB%AHin6vk(Pj@U#s%A%?l)#)j0NXW9_oh5wAsesaB+c`Dm=JNG@2GsP$47K#z z30J2ak6_LvYc}i&@J16dGhbx)-u}xhZPO+vCahMLFq@8n;-v0yg#t53C-IJO(IN>e z+=Uxrl7>RL%4?Al8TN}AHV>kVwgYXO#H0^~h$J!}zla1}8;m?1mjZ>cKRx*3fZyTd zP@Ips?nGF{h&C;mBJDVQO_*<=tDA5*cTDXtRx=DC(yF1gO<*CX|=R`glo&?_TOLL*ZGhpny z37$J*Z&|I{5v{G*4l_yiR!FuOB{lXIvjlrtXsD2AUT%$~gOeLp^r7nC3MIp$QpVyw0I^IEnF!#)DxuI`CHqFW4g z;KYpZUfKr<8=rEuw?8^voXu=1dI_!KvF@jxo#_p(PfTQ6S|m7!x;4qVLU;;!n&&ZB zxrP*!H-g^Blh(`84OHN3l+*$1Y4FCnur)++{+clNsQMm@x>G+1J{h4A?{#8PRBSUV zb5d~sSjBNZ71(iM1zVNWg{d<4;gvPzdepSGJwZXGs6{=Y-5!jXrJ_Vu;vN199 zCa=X*1}xUv1x;>For#Qlo_c|6mk?|RG(Y%LglJ|cUdEH)H33X$DOB>*I@-c*V`H=A znbl7N+WAMpZa&<|cx5-OLGHEwwY0;hzuz?fS?<*zl0?O_TXP+C9i?$pH`rEi-ToTL z)OhR*s}6)K_zphjdJ-|@^L}a^B*sL8w_6i^rat{|z(@jIS>(s%cF^q->@}{GHREF= zvi?vipw$9!&tUtP0gnOlK%gElHz-#~al2S*lcW7$5JEggDsL91z_-Oz>@RGx0o;!z zZOyzBJLiB02p=$mt`;tKi~eAC(z!T0U^`Gha6SmfwAg2nosqk;Xflak!iqj0+tAlz z6_E1y2eEy5ogJ@8c<_=%_>qG35Km4v-8bVfLdcSVHN9}aeUcW)JlYAj1$#X}BUl^e zP^PvfPR@>|hBkjoc1D&^P|S=Bj06k>f6FWk44e%AUBUFP3LYMM6%Tt;dNDg&XAx5; zV@H6!vz_BVhjNBCru0IBe?QbJfUhaLoT;0VosFTbg0id%6up?Wp}7+Q%U9t`R7l9q zU7MDbje~%enSqUfk&}~?fRTZLO_yHM+0YtbENE+PZA!oZMK9=NY-;OFz`@A~MgO3(tqb#i zbdfQ&HFvfkU}a;c|B`Sv{nEtR(AiYP)Y#6%^h@erXUIKEcYY!!lK};6n^(Tiu^l78 z=bV99G@fZhWVC?avIJhBS27+e@Vn;z`B>YZmgM%dBcO--Kiu0!jawJ5wp88GONVhK zZ}a!(X|_wR%SCT#le)Q_xj%K8SCT*2Qay(wJT7(|GG|Sj;j9naPwc34Bhe^ zZ289y#W~h4#UvfBmaHkT1FBw~MpI1NMpHXBsHA;fw;Iti9eG&!PaW`14)aYh(JDE; zCL+~M41LAn#!($jVuqn7lErJ%r1#Me{og89PT!jkDTeK;8ih9*Dh;J$Cw>0-;P&k4 z%sY@?+Ql8~_im40#vRu(ET!YK;=Ti)a@`u!Prfa86!M>7yihOWycgUbKOV&v>QCdF z``)MdMaq1_nc01yo1F45-XHo2m*^`D&CxG+lf%lGsi9;2WA&cuJczZ=6!_pQA@ zM#nYwWu2zCEZpk9Jcci$zk^suzwIZx^SYC*`aBAs?h*6J=Qq+9@)MB%@!{_i-o?-G z{T-MW{e}8W^z3~`#&24tXQ}OQ$>q3KfqWXjKGndN1N0s79p(<=%@6b)Z&Kh>t?{{D zje*}2`v`sF>UH+`iIw>U?I@Nj;K)>fA9Zk=c^4i zHa3EP`ek5%`gfcE&G+ABHb#d385`UGjOX8Vf5-7v2gUK#CnwYY@ciwUot5*S_W#QL z?dLE5zsLJ`tju5he`WurAJjiGf93wQ{T<`K%YXNOW&Y~+?{o53j`QpIUp!F%(t|+v ze|*Y+{M}#2^4B9OLD8$&soDbmdW*lbzn(=2>i_L+SpRdm|K)AI7}@?Z{x2?v{(o2) z2{@Qp82;P;9B^9Mt1NkJwYjNJp=$A>k)Vz1)|&RJ)05x@#(5exTLrW1;9e#_ zNOcIU>bj~ge=WO@2GJB$5ULj*W--ZvFiUfscUR)X4SdNcFD+3RvMo(FlSwS8R^}F7 zUj%H3tzBk$J>-Wa&Mh_*WMzK>=AQm7{Hj=-@{tfTN)(*ZMy&|t+-K? zC$)5&3O>PEz1Iiq)PC9@(gJya=h-_NSTub;>?aHXNpZ)2SV$}d+MxbS0oLgL!NnGW z;INxoEXvUxy$2!GKVlwu(^Aawp^l>+THv#4>i(654%wBof0enuhvGRZ%9uJPIgG99 zv-dR!5r-W#>C=fOLjrs!fTed7H3~2Cw0_g7=h+FzPBb$|0H-gNcl;29Eyd)??>)^< zkoIA!(RatVg5~PiZ`{DF_R1H(-vG$Ue2d*;wisus_7Nrgp~sg_h(D?H{w{TnKa?6F zc=xXR4t=(VfIl$}er)a&DERnOAQxPAs4w>e?G4eWw7v_3zPIw}UDukvH=O2!=8<~9 z#Sbheh`wL)i7ZPDFUXeX^6KMN2R=^89dt7ozF|Ihha1|iukh*(#Ebmd3-uf?SZ`T2 z=U{ni=QJqOUTu}&9Zty}x9HO7Q{qLHkp25mu^YkUPU5j**6ZsPO_cph;m0yv@pb3t%tgzMA$lBNGezWFd61M)TcZ19b8gceLVFt)`B?wpz1gUQJh3 z(~wqQ$&8Ygl8%aoA=4yWfVVuK)i&2WZm}J7{?yt{3-x5f$4wnMSgNC6Grx)L8T%VL zYb8nrmxW8I9h8oZuU6iq`HJiT*Xb)9%BHD0&%8<~{~tM8i6!S}9Jy2dl}2a&(dh%* z+@c@w*l{?hY`(>kIetrFk|xf#Ww+-epY;5#p0s$3xjUJ~ zaW#__S*1lvyXuZ?p?ef}Kasw{w2Kzt;A-dS2r~`D-S)ijgp)_g@`8aDXxJQXVC0Uu z7Kv{>eS)Rr7=!NMplxBBth>hwN>UYL>N61p>>d?O1Lw}Cq_Fo4s!9Ikd`1D9MJMRO!KZi{Rx}ME?GbxS+vF6*#6`yiQ!X-zZW7DqzBbDV zW+`MSl<%3#=jPOoV9QeSn9F>fmnJ{mPeUd11zN}Ae0X(a-OT?$Ws@nE zqq>{L)8||0^Bi}B&B(doa9~sUT0%9syOlJ7NZ*Mom;<@=qhz{%Q?PKnX)ayKt*C1L zH2_pOV8npYFpwy$ua|(?L&4bA6FhnT$D}Urgl_+=3Qy2^6{8@H^K#_ut4~hcTw*2y zuDC!=CjF`Xv{o`?i4vY!0h-7uY+`&|V{USfE~!OqX1nJTgr_^4y;$nv1v*7vU2Zs| zRNls=8wRGhnwEy!?D~<4l8mt-Znau<48P#2jIfV*>eQU=pH1bF^Vd5s)`v%gi=*)Z zN!XjBjLk-D#*-sg*E7Znf}~>*-a)P8hIDbYzNzNTs`@RF<k<%38!q0( zQ+^evt!sg z3V-G99KTU88I&9M?afMQZiyDsw4N@b(ys}XIGnGQH%HTou^86EqYL2Et8MQ5IufgP zZ4oi?%O+o^B?>a7pb9>>@%o0A%zLYtLGq)&x{IZbH%0 z6~&a2Z}J;dPDV*q{IQne@J&cgm4iBYLYC*sTN-vY9q;aXYt2G2bJ!_)jeLz1Skg6J zkd(?+N&A>78M+~DTQ9AFD|t=MQnh^LJhR^Jo_Y~#eL$iG>W7$G?&8|y()Ts0{8gzD zHK`OPp6$hvM>`KqY^27(2y#?}``_#RMb`qex!Y_wr~&NVnVkJoFuwpdQ+Su!DQ#soW*me?&#Xq;ch&EW385E!KOxnRswv0UUQ= z6@EW}L=gt%z1Lxz4_Zu5Sp@*?0PDGS=6OOD4pS>Ez;}1$3Lr2Wxi$k&m z^j#B{iu~V%FQ8FS#(tqYegI*`r6NA?S@{J`w zRNeAPSa+}RKJ5wEXcd<8IgkBhbNemj7Z&dd+;NE<@XJndgg*9QqyPK3kBn#-(Tg+Ba4L2R+ED>2DipTtlnSqtUtfv^=$AcN2eyhRR6%KYYNhtfx82(WCB?nR;@%6&P$n3>b9_E z!NdDbn#_99EG6x9+YWxFm1G0@p3y*!6;38@+`bz#Xgt%J0wYcwJ^J-_d2l32Qftoi zUg({Hv71t)TP)n8SZMoQKs+HWpL)082;+X9k0(z6RyMW!`5zd1b$eOVKQzD={jnE!e}ZLP>q5YSSPHJQ?VtQf=ult^qz#{CoUhDN zLAf7ruf2Z85GPK>`lUXSN!lmQx9iGk1j$&r`-B^8_~t|qp`iQSkBbDeD>f-iCHiPtXj!Ka{G=FJvZVKnLuq-4;1T^n|L);1Dq0jf zM2Jq`pD-v|X|l5pp7Z+&;X#@0&bRm3`EpVTlcaogVC;?-97EzooV79v95p_B>QGB9FWF`m3-HUzk-< zvI|LniPzHvdzcOw!dh>i?gR8NA>4Crmy~+S(z0w6_oJ^+xqmVD(R?@MWjh?NeK4FK zIvLRDXuBmhhkf&BEp3gKiva=r!XAbI-P7e;cWCETr0d%FZl*3Ph$X%zVZ; zFqc!vQVxxi7q3LCe2%S&kK!}VJ|Tkdjp4#UJFdG3xI*IrB40o)dJKDBo) z$t8zhcDZix;hDBTA3<9)@fdwY!;@dr<6&&sX@yJ5Bt7|&o z-P3!Cz?SyLI#A6TswG;ZI@4neU^+p~lY6QAVVlhfsS#}H{ixjvV(dLN{o{^MFTk+A zCo0TGNjw%cV5w1$iJEWnIV+!aqS5CfeSFn;w*{@QJ5_wSYy)xg)F>L8@8a#?^|D0U1B@R>w=VBE9r3&TNS^hkEVCV8Aj3WNSh;q8fw*x{ z$8UFtD{V(<{Qk}LNkUxdFvjc#ue%PN>``xOzSVOTWctSr@UB9ki1thjuQsaelb_kG7v;1AhidzFs#5bb_cy zHrtNdV{9FLdRPm*Z5gfxAk*Kpe!T2(%WuT1b#2_W+&yF$kEwM&qq&O5&^5E;lg8qQ z<8iv~pCNt)_;2=m2H%C}joz?_>By&Wg&>kXpVr4q86~bH`blIbE+a2mfLQ+4yC1Ly zVX_45NZ?4*&BLi=qs_<=rt62n&8uR=k4-c)T|d1t-8>x~r#W+Zg#>lhP-DrZN|5br>p# zug)WBPuZCV?|v^>vFnTMf{}EGol7t4^}3$(Joh_j;&yO)ByMK40W5Pmc`0Re6Bn#3 zrnd|`9J)l_@md}SWl#3+t(NR`dR#Wmsg`PvqUWMj~)JhWybD&D^*w+xdyraR^j2>DUyvt{vg|u5zV#+u6^LC?NK=~YecPQ zPHoXLBFkpc#M|mQlCf|AUoL&JaPyiijc1>-_0uxEp`vqL%dkF)wjL!lNec=pl16|; znsYJco8tl1ib;!eN}{$S*6aZjBWiU+VzMb~@R)9~Dcfm7gOsw1ra5(fGVb(DW40RN zo2y-EwdGJ#mGcZ*a}b&f-*G0<{;ltT((yb?0G=fmEA39{Y}cpc7E8J5zQb#!!1w8x z-Y3k@q;G4KoTAwqd=C!i*NO-8O{kvU%1A30kFUoiF>?5OHt{K=Z&wb$&1sWGXOCe zsAmzTax)u&Hx8>eqpTt2P*xN`M;pjuiF0)sPr#V@qa<39RJbcU*H83Gt2*iTl_avp{pQk zH9&yS^-6u%>ZS4j@b!){qD9TNXxlb++qP}n?%r+Nwr$(CZQI6f+wR-neJ|&|oSd9w zWoBm9`mt(N{h6bx#*o(bNaW9Kh#PDvHuv?LmrylRj^a4lb!FZ}^N>Hj<8@=|y2{}) zMfQ!|=NTu$EwVwRu!z{FdEHH~}DoGMO8m5=gxc5j#OZ@wah_N`>}}h zh(*Lg%|@~8Kyh*VV$~mdNqK|)65yczKj#C-|M$oKEAIaby7xbY|9^z_nEngZ`;G7~ zjK$3U3yu9kUMwvCGd%U5{QK|l)PJJ+-{7fVB<=sn-(O(=zu+l`|C9m#S9pqvft`u* z{~z?LZg($bkrjGvm6zw9?Q16wxp&fRCqd4*xL|~^B7cw}j1@mf(gad-aiM2fb?rg& zfVO-lMp~wTNpc$@;CRR~_$bbqHhTI)#@Lt$=o%)45d%Bzg|F-iPcF#QDX!TMAK$Lt z7gJgl=Zf<(wS~Z@9r;yA~E1Fq5hN@`4>D~-#1r?{8WU2loV(018ZAZ58ypl z1Vyx(bKUKHy>wWo)Pn%Z6{PoiOSPErWl(^}Qh@xq zTn3{P#;L%DE51Z#Be|8)hW7=8bL5kXA;5VgNOSu~#;fG@W+>B)u&E7p+h2B1izT)Y zKZ+3`jZdumRJJC3G<-R{)&LCCjAzPUtof9jR}g5<6T>?Q=heZ6_3@XoDa8$~j=K!9 zIiG8uKs(|j0Y=2IfYlylT|WwT?gGaQj}u@P!2_z>|0zN#`~$f(4*6f9dtHveqo-F; zWUN($nxY_ZGHISe*_q%^uutSK)9*LSnc^v`NJQSj!VuM11ZiP0{U&(+ztC4H2NG^I z``J53q{cYJQwQi`)^}JB^iDfKUBA?L$fC%t=_f*#D0a*oRTMyvUAXSvXy8|X`9#Al z?@yvnwuz=!E=VG~q1bCdKC#{rF!l1V!dJ0ZmQUVv8P&MXG0!cz*U(qK3c<(;I7X%!k+CfL4?od?q(CFJRc3`^U)P6^j9>m>9 z*Tc|T{3wS%y`g;ldV9Wmwh#eg5?jQ9MgxaL-9|ibkZ+hAV6*o3YWJw7Cyea?Y7;7U zu-fQT7SOFYIiu~a?&!Wzasb(pC|oF9sGX>>v7Fa2Hf4idJxDPfol7C+<@ipvAoE> zK{G$-?h^Tn`SxcGX21>%9CL&v$Eh0ta-_u59^?ZC8a@X=# zYtsNqkaXUuI)LI5Yec|KoEdTE#LC|JI5xL|(Fs_N8I`jYC;MU~Kz(B} zPw_!oe(*eY36zhjCCny!G{F-o!Wn*tP#pnp{f_QjgQ(uUOv?Gt{=(fYG9;uV!edE)6ruO$444%WrC z7UUkN`ml6Bq8?7pi=6_lp(3MXPjDMk`s4_|S`&l96Ati!R8oy2)T1yDW#4YWc?5t%M)cwKLNu-2%;z=4z~nDO z5rI_)BK-XIV$jTS1K5sNkLE;fEeOwpZy}})#dR%&pPM#g+xgQA<6P*p#$kI1jp{hY zFq}0c+z{O*n-Yg(`hZ@R9gTCU*H3V-wOf^6sbzNFSO2|1OKduY><4c$($kf~1tO`OkLHD|F%R_u2K zDg3n9%`#y)wvD;-*?l{aD{|L^fD$}}$}l8EndZPIBV}b`zO$Ob*RSCOXCgNM6Jw~y zSIvtEfBV}k7ll)OA1>tfR^Z`hTXoM8R&M~d%IL-w2n%3p#1CA*F|SH8V%MmSli65f zt>x^9>eQ-Mnthdtvm!es=Gn{%;0!Q)*>l~!#tY2kw^mttMIvtPCo!zuQ*oZQs3u~H zaM(~OR9zn&d0tt$g^3A^{9x$j5@~A;^JX$E4Hyz&(rEB^Vx0jMTQq8JIqzb)`%SE6 zo1Qo?c^c5WvX*5@9q&*O)(OTDV5B-?osQ=WV^Z)WW&KHOWVNH+dO0Rcym7O|8qu&5 zZ8^4fI?rAR_z}=r;yLTs+EM=$+b@hoN*E*B%BC!Kf118XTuo4oq?+!svV>&Xawu(t zZF056T861^q?slJ&30<-!~qnZbVs1Z!d^?Kn~q5J?3pE~g4?s&Z1W)cBU@nJ-DP^{ zvpYb8@KU!>0_-v5j^C{*MgS&TkR?)#BJwQC>wzEt@83uWrt+8mjFJU%Zd7Z_bSSgi zMZbKNDpYo)aB~wjTjY{?hYjA6F*L7(7GL~0fZbcYSz5?(k_oGQys!XeSy2(#^F%vp zgs^}A6c81r!Ey%vnAUln4ShNb4V_$|35)xAnGwvfF40#5jOE4)V0wMYBUA@TTj?uw zC!xyyx?GqCpb7(r-3j&Bxjsnx-j%&{ZwMi zx4}^?7ogODL^~M@I({f_6UdCe!(+vg%qpl>XIzoaF|pFzyZn4?yf>AR>x~YC9Ar>e zYW3P=z0z>Tw^;CdI07NYU0yZ~Ycw>YxSXLSVM6g}2pdVhd}f)zI}tpfx>M>3H`BNnD?9#CkRn(D@QT%*Ur9X-Yy{h!STi z0~;iKL1YIxG&g z9uEn}j|O2n)bQ`a3eD6H;TX( zs$6EPtdk68=fzoxSgObk7hXamimnXV#6?HdEm?V4k#1UN!St%J7TuDHR&oZjsbI zyhYa0?ELh2S&n?F0vkbr#kg7eTozy4kLb)O<}Wks zEW@Vt#1cV+EB$I>!GO@weja{-;1bNp5&&mF4DfvD7-~OZ@TlQ}s;S4Lrj~`hOFir6 zKD*6m0FRk%3;f!f7Xo+#GoN_zpiMqX6FiA5__VUsrKF@-XY?}QRRE`?NJMeb+icp= z8U-X>-cZv^x*hApqX`Zx4pTNgiFDVhvbm=Ifi&Si|8bEwgNdTqCox(IeuH&+`!tHyc!(b3r-0os7Vw&W#ywbt?SmqB1#h_ zN95k=MNLDD#cgA{npQ281UGW^3lj@Sy>v?L7O^#EF1x5&IHFy&&nHURzHN8oQg{$Q z?yJ7u9;3i&+C3ljQf!wst~3+07CO3Uow#aU&RipGTfDbd8NRriw-Bi>p+up29>?vb zr!!rgcMLCZPjq{r;PF)U#AOoAsR#_is(%Z(D%SqeKo;#$J4eXGDp_%oEM)Lx!J%$8 z;5_T!B_XNB#dD_)qlsSU59tMRiaLDqqq^mvO*-M6VLJ!hr^uaDu~PYZMk2 zTA2N?awde#DKH1cRHxr?TXr%(frNmD&G2JixOHP=E}5_i0{$7B+ziT~Z<;1AmVP*Sl`<&QxMH2?qCh#Or1O1B_&|f` z5Xf$KoG-{Mf&aF;{fq%ER&cl&`^F}l)oD69t}go1LL{1LAjJ#bIUkh+FH0xh4;1U| z1<8k9^H}-Ht6R=c$zl;rFkHoeFB|QQTMPvp$=trVte#C#vWJpjJ~LvLWVIB7U|`z~ ztjQ_C$}Gt`G!~MiypjK?Rbq+o53dkUkx{17MAN0m_`1=w5?hic|ICSQxgmMbM4laK zc_RMy6YUUnR+d&+rn{|tO*@M-7^)=#szEZ{V#n(yO8nn&>QowwRDcWJeNjTOc4C17SRcl2%E7+#bDjbD9Vu54jB@i_ zKCH5yQU)e@4=GtKu}L3TD!Ri*;};1t?2PnFGKxq2sw%Znd4PsHiLOeqg@1$+Lw2Eq zd`ua4lU8zkMB{`Im-4#V52dMx#Cls{4TU_HgF_Dhl2?d?{S|$ICMf~{&mdfPd=AtI zA~Y8S!V-v`99@gjSHKhyC9R-IC1v0^pQ834=JPpu zW1z6d3C*7>MdUyVROk_g*_)OYqX`A9)4uWg9CL_;24oOBM5M~JRV7w>>iJs;IX*D zXuBcqm;W{l-owJ}rN=;KKrfjOQr?k^L=-KuLLd-bDG!|Vjm-`?}i>RX@gCsXK zW7tK|NQt~)Y+~e2 zlC^&Fev{n;UH9?%a(+j$$ql*kd~T8tt0vX}+bAK*B2$x8a9#r`P+^6w7{9_(9})NVe*bDv<@(&Yc{5mG=JI0lCk;2a zd(}8+#e2}@K3#2V?`^8JTb2cDznN{_V*LB~Q->$phc%U#nF@BZinJ4FP0pZl+qu>;)R@skIgo*7*?1E6f;wDDVavfM{?_;2{zW$fzp!&h+QnMSwpUT7(q^H( zy>q3zOq^hxW|S!^3CmKnK|jhl>lp8nZqU3B{7w2Z`mEOa|@-!FJb8J}bbM43Q^(5<- zNl5q zB~y~o1KC?*hU*nxScDp?sqkO5NZ#l{8VmNB)N6$jMP!UA*xX49vslx^tM$$XiI!h7 zK@(dxL#A1?D}5&uG=jqBWTXjcm85K>8EK5+r>FzTit%ZQ@?xjdS;sAuC9a0n&iYK} z6Wptr>5jlpQvs&m&EoZz<_1pE2no~T^pv!#;zhf;FRO5b_xdaQz~(%ya93Ulx*uAp z^+Fm6aa}htv26yz=F!J7d*#@~46e&p0U6RVwZ^)T+u(Op`{51Xy)n#;iGlX`?U_9z zJ!3DY_LG4eoz*}DlzdAwKGL8GS7WYG=VDoF$!oPoBeoVyxs9~-bRX#(g4~8OD_6AQ zG_PZLu4E_(Ai!LTX9TW#<8|o{m0sJ&{#VZk<~AQ@m2J1(BJ+;#<|iuE1^g8UeS(nB zPS4*B>zCNiq|41ZgZ=E*s4m%;S5SRlcYa+51!LZ}nNUY~_S`Y=6?f{F*mB!{ z6_r-(+13)0qLINPP(0C6`;YLn#c`|G&LH;>k`r(DpYES;Z<9-~{wn9<`q@5_-|k;( zA+Js@+IKb9BP(wYeCC294%cAstW8MEYjZVjI%VX9TY-a%*DBO8_-yPJ^ z7C0A z>jZvc@wj%8p3S(~Lu?%0%~8DWgWew5xoFpG*DF=a%HC`#9;8)xy6TDz1_OVJxB6#} zw`O(oarJzcEQ`T0xO~znIh={1c5FmYm`vo0P+6_}SM~{(G2O|`Dh4;rBPD)&GAi9h zT`z@pZy2M0n^?R(I#5~g_AP01O=SL-Th3yI0kvclBc2XT+PY#5Oj*VymDtv`@2>=R zhKI4(o`45@#s>YCCnx>Z#C(PED0mgQ!y`&)CVudrNo)et(d zoIQ9$;SXR|dj1+A8(+9N%e{4?JIPlDJHtSy=^S6Fp1AY8MG1+SNnvNZBtcnK0|oQ!_x6d0<;f)2^W}*!O&vn%M(M_6&Wd0x zsp#sB`7*O5YP1Y$nU>)gIFZm2mD4(>HBFog`wG!=dhMxYit{G)i_P{r!Yb=k%PU-6 zW3a})jDIFzshOC174wss5$T%u$N6AgR;{^`8&{=Zm^>t#Ie=mT6dLO!!IV+TK(|p! zGQ5B;05rK`PxyT!)J1HH&}#!IjGMV*gE3a5tM}tmRxn0}7Tgdz3q-kjY;PJLv|801Gu-UGQDca4*TpZlQ{P~)Uwc}*%dOVQweVvY^6K}zMA+VbZ zsf8#ZXE%mgr-6aIal|XmI+!UUcc*kh)z7jL}3N_5PAu!r-9LbjQqbunF_QKKhfY!!9Aou)G*%@O;q z!TgB@71=K>7w&Fh86~7H>!KsW7JbHHsb7^-=T7GZ=Qc)1mnw}9YBD5A#(c$WSu;6B z3CgDpxUF8oG9I>~OXl$y+%s82`5u#HCTqjN_D5^_g&L(P(A{!2mUryKx1+S9v*k1* zp1i%K(eSvME}C1yS;g>x=$kGgRe?YP_PEK8#w+RK@a-~7v1W@YGqbdVzIsC|nT5<0 zay8FFx|95+1Enyw;?H_ioZlt!o*WQ|MBk{5CsG555gDK_(pWxsrcl0iAYY`BJ;%C| zG)Ygz<$1ur1IFEjOP6h|LCr%-%e8t1*YbVEMN~mwRpt*(o6Kv@LDt3Sf#a&mMq8Fk z`YUmn-Abd-qam2y;VW13Pvknhd`MboJ?8b;fx1{2WVVi4M`YKQX?g}8GHg>SD=12( zsW_z~xuv4gP4<>pAbl!k2~uF0jI?!mdTO5Qy`f9$LV?n;+oIymWlEA+M3R}Ai6F){ z{7$lt0A(v17lYM0SQ#T5c4!*Jx-j$uldb4hLlWG9di@DuPGTG^6EFXfSkgVnrOUzr zHh)c%aRUBPH}O=F3jLYl`N(*pJsPLFLDS)2Hp8JT9X^bCv~xnxgd=R2vB zA91BU;%M1LRR61)C_(`2wQzRQM0^7ZYdrsy?k=8yQ*}S4XMM4MK5$;; z1W%&Trz2EVYM+3YSY6)_FWzHCK6vxVMpE2@W&ykn z1L$rg7Jkqf3r!GriMDEMU32KDf%(Rt^-NN8wJr$lFt z4Pq=ZN6UmnO;_w`(3%9S8(sJ(Bc%<)FJI^2NO+6LsQKYI=-OGE9{Wl-g{W}WU|!iz z3kOQB1}TP%))J!U5MdVTphs^hrabLQbp1G_^`7gnaZT8`r)=EPvc=OhM$(`Fm{Q3p zA3P07hwZKkLJ}9bTBrO+yLFT3Tn8Zj+z=UxOihnI#(1TIQ!gbZbd>>GLh@WXPHnX< z{+;|G@j(qbLsys=p$yCjQUYJ&h-!)rKP<56LI$X@n?qYjv&c@MxQ2t>LJ~} z13P993UJ8-^s;%M^gN&{54U39p|NPRIzXdbfnwQi6_FW@jgd;mMtZl;Y9k2PPW1&% ziL0Wi$m-Hs$bz!D{P}7t{h-5RJ2?8fTqLqG2Iug)E8o<5JS&o#Z*|68*L|?{aro|PTi~@&QTAt-nb6l6Ty~}*S z_p*-7rMF(A9V!Yc&V36}rc9|19adE@@#{k6+P@EYY2@>0D=8QN9tQXf zhL5q3p3`@6>!0mEyOEQ&Z^K9D8@VmBzSQ3d2l5sh!BmH%Io|ZRzU0b}Yf0nFx!kw= zsqSZXu^WJ^Npi$L_!EN^;E3==>65x94~|}wUX@-7(=1rVL(8?NE5godR5dFUj#gMR z@rkK6Qj2Da)MxJQ$fWq;&pVG!Op08ek~}0O3Fo1IU8ap&auvsG+AUoAjXhP(jaRoi zta^8Zv;af^K|)9n;w6FT`l&spX-RC9Qhw)k%6n;Sm#X9ux_d@&s=2OPSYm)oNsVMvdNZk5)t);eMG$s z!oEtqfn}96XRza(*k@2nW;2qQF@$&I=`u6qVwWZPUC^W+mQ7O31$7@7TH4*PxzlUY z?7+FWO*mFhN_#eG&mk})CZ=hr6V8bjuc}*tg_4M+7S1wA&&x3+VcpPQIMB3HoNQuI z!&1POBT5mIBy=dW&(zI(l|L;kO@~+?V^gygX`6QIbZWg6-3GnIJt`D3V={$6sb^FCeNpZ%tTur&ap@N4YEMSE7~zM z>UO>aM$b&YB?m`nd2j`6{BL8b!GS0%GPX1&lSyf^oSjvk3*?E}A9f)wfv8<;uYZ_= z^&_bv>2H;?Lf|3g#p7qh!<9*|Ao`8ldo_Ov+wHf0m$!-P{=Z4dgGxLkhsG^S8FR1e zF`TbVT0OB9pNCGKMywS1_6ljQsVh*=g1AO-x9KI0gVgoeeDD7 zqwZ7X%pBb_v?q{cH_khk#51M*wnYPHQ#*gat5J0N1f)T{{vZc|N|!-)?pjdA?~r3p zlVHeMNL$Jgndc~@(s978iwWS7@_oM1rwPu=?=VT6fO4@Uct~XYhEO0$tZ^}t@8kKY5S()s`Ptj(FrAhh z4<$*{pAs$&cLI&iPO%I4B^ECEKw0tX)u@A@04kkg4znp5S81>RODKG%I%b05ZIg7y zbh?b(WRsOyI8O=Oh3y{9?BNSD=S?N@2pq?+tG`$xW0sXJ-rH>m7{4Bb5WrdTj~!Ix~E8%I03xw za~eBiHuq~9`_PX6{W7|H=qfp4pVhXBwIOY(S<>wRZm>7$Li8?D^tmAPS?HQR#{Z|Dpk40rdc@2cj z=EM8yo{Y_Uiena>5JB&e_?wK?=Xqp|Z4|rZ%I%=Mjg2;k#fQCYmZTkM-V8K~8jBP7 zO17SOXR9}RIKI^$HKoHrdbp`MkVuy z6BH%a5Ps1?n(3s3}m;TGewEe7V9@JK~B*)iT0AVv~yI zm}K`JR80#-R4C_8B&B}{w*_DoFZdt>s>R_9a0b-Tn@&YgRP7_t??+#exm$JK9SF;` z%J>R6^G{kX>T`}k6VKBkw2QIi5tn0SYQH4jH3uO9zd82c1Y<7^*z>5g2b0ODf(%~8 z;LiYfiuR*Q${(|h-QUpm*G;2m2i9qd`+_pk;9@SF*c-szkxNx^B(ns`?`F$?8x=e~ zjeh%I&<*iY`-_e2zW)?Q5Doj{KiTpyI;`^49`7PA%uxt%Ao$DX4SPyt6bRv93sO6ktsEd6CjAacu6DSZQmA({ZDXtaRq1y;mONi(!+z41bdND5g1UBt)h1M0UJ*iW=QSr;X!O@}P82PN=RQpWv zNVTkc^>E6z!8TX9(OdA+yqmYU;iVq4;%~K~eYBclj-H1fW;yqlN&&<<1Zf>{ zH5#l+Rgk|{b6>G$&LUp5P!-rRnX)=WNL>K{DXSa~EHDEQ7Leq?hZ_Paog4t_H@k<@ zJLG=ElYzr-#TUhq({jl&k7i@zjI0-8;mYW3+XKcKiI*%%dPlK81Y}?_4MzySjk~^j zWlcPB{CjbuT<^c*Emd8YtBJJEQim{b0?eSrNkSU};RJ*01d+OV!gfKQI^9UUO*2k) zT-1?Tgv4TTi>+^dOEP01+lC^w;LSctJbJZ0y3?Dd?ti5uXejneD^G6G%U08I<-M#F z&kz~lkYXUZoROB#S+5u;pHjHmxuRS>Tn<0R zZ5}E|Q1-&4>Y!+G$KIZMwj4}aWT$A*r6C@!lbm=?WKUQEcAWt4BlS@_x?Fn8Ml6ms zmADoYcXjG#Yi6Q2&m+;X@96 zJ1pUIz8*8#ec$&FN_{`)KB95(bUk-HgQUMdGxZK<_@nyK~p`JP>YloXy%ta zj&u!O1UJqxO$zm*DalIZ=f>!mb}@Rt(0xTT9?Rbm0pCsIDcV3vt`{B ze=dKkoqSw+GL@E*)1#_Gqb8T+9SAN84pRVT#v?cx^haG8Wv>VZ$v4H zb8#G#7qGF$$LN8%&q+v-ZK|z%oA(=EAMUDO8^~^KI_&OQ?k-S5qf&1DW5^DOh+-XH zLn^UqWm)`iCA+X=Z#NHo{gD??mj+o<+fc^FXLH7TImh zAl^4s&2|okMX01vf8;xtFIyvSy!puJ-mpjJE(nYDelrW}&DNsMr2_Nr&Fp!NjxhJ( zgw!EfeyBIr<#4y4+6!emz>dWo!#boXuW2`MpA2a^h&MSJ{-no0YrWW-A2G@(@eOqd6K^q28EAdcH)#ww6c9L6fa*@F*b z_2|zcnGhB;>~@Ke=Fi0}p%7=Y;&WKcl|q$sC`?vz@a30@Iz*O?l<4~x%0*sGutkM5 z>Oqk5APUB*e4u@9%wxb(oe)%Uy2r6Pq}$p!15`~4ZK6SoBp?UMek^4gFOoq`B*xh| z1DuSk2FJ(RPL$F=sRqEUTNC4Th%yaq{nGSu?1lM#010TAo`D~CiV9%%MKXe zSZ#ve!}f2&U;B;WuL()!Kg)+PhFcPof4^o&P1ZEb%6#+D)_^__Rc~m&D43KtloJgH zIA#`59mz>6ObcVyDrVNi`)h~CH^ zH<%ie8{sx)yA*kq$wR6EtLilr)J5@qGmMGlxK8Z(oakD=K@(K4JaiGE2ZSJwg`pjd zHXJ9xgtys1ThF)3Btw*D-k|z*YE(gz zZuMM4V016qgxT!RM-y6pQVlr})0rVtK@%c@oc;TeZYmI-a8q0}dVFrQ8uT3yh9_#F zJH)MdC;g*jc~?$zQMb%{4u{0&Re=3jRtKQ#Veb$WQ+t8i#d?)$Yz%gMu?yj$6uKtG ztOswUxnTlw!1___On2(Ca9R+pe_QUf=0PB_jFLczNn`pW10~tn3bZ34AQkas9xMuUD0`$m7JNR`$i#~G4m{hO08155<&YfjawLMh0>Cn>z6%xqzRlXoE>PI ztNriT7lG#?&G%M9j9*%5Ey(|LGKw^)usvC*k~bD{(Bj?KMxJ$AsflzD7IC^|OInr& z(^B9WbR`xD7_nN$E@J6xnwhd}T3(2MznZ2vIV$yftjuUWyI0^?8axv=dD{7YC*e`{ zKV;H0Wn1lN${B0pE5|j9>WP#Oqg~VN29Gt3=M|OyS*z;=&(859N(sL=98Xe>~k8Pe{1S z;ZCirV}t$4`TJ6qvKa=>t8n%BBsAtB{!k6s_|8A`l&bB#<2q@b3V#2McbE5 zz2qZmzu~)i>QUq#oq7$YQ7HMC>Y~z0jc1tgVuktcN`;je>uzxbjOfKEWKHhCPDS>kLIXV;geaH^HcA!PeZTn`gi1*YxYg!LC>UE zxTYbRCG^EZ=Lh?E{TxS=?h{|e6-II|*TDM8*E$o_q^cEO7SA~D>6Z~{f(_7;uX4b| zUJZ#LH>LyfzN*T=wd#^o9m?`pTJWWJ=AfmnVUE_Rh-I&Pui=^s{r6&P^@SaFzU?xgVf% zKNnKkGmD#25(Rr*vZhRJU0rs>f&z(ysb?2^dn0EpJ!S1bF(IC-!CI!zqJmeEgOwkf zLfzvwrS*aewAn4xTiC_GC~}n4D2|pyG~GJ$H7ef77%Q)ms`6T+3EO{lY|B`-5YKg} zT&mw&8__%mD~aZN>}=aqqMRbU{W_e&+vu0b-iJFh?fWZK5{KkXD=}H;U$S z^t*K`J%zTdu}9H^hbwmG-o;NWHduj*vdL+$H6e9oW1E_sn?noUnqGFqrHF}XA)j1Z z2C)33l_E`Cou7lbPPaVRBIXg~5yDV3NLoS)&gnfq483KYlt(bfaqNmwoDbbxGr;HR$t-Ht0ML?iJH`uuo0 zoz2r^y9@MT7}RkH`eeE$r?*Hmi^J94+1dK(lQVE7ui6s0fwWvyLfRb&IT-bkA;M=C z%`h@QKzg;yp|GvKGPlJle*w(N0+E4kJF*-{w(i78q{hHTQ@hUzBLI(k6;C99JsU})d zaN;N))ukFdc%!$02g$ndkY5j}or_=I;JdHlI=X*nCUP_p|Dn&;{ZCQ$ol4%smCJ9U}}@p0o6DbPZz3Fp8zrE=KIx zfZ%0QXa-eW>F6_owo2z3Ni5dC$A}h0?7clbV6Z;2DJ$_6 z8UquAZeqp4>g3ME%}JhNoDjP>t|6ZHK&c<_RNnXg;-CM!`-Z3e!qa}|YkTyyJNx-n z8~JaBAM}pL*^al^eu9u6Z|9qwMN+R6IX`#MZ;{+9>4DLIZ%#gpdV{n7W&_(ks}RfJ zzSX*?Og%%+am}Bs*+Xvj5jN3(I;LL+3wQ4egyFt6QFg!9wM;Y8$Jggi5ReeqkAm9( z27n-_@V8(L$UsOK$4PV$Y69#q1}IdKk1juKXyD)k9C)OjYt8BYuE!-=Tm4=CLT3>- zzapfl&LGQ|Nt`216(3GCkuaC-Nz!bH1T(8(LBUBkKeRe!7whf048ce=jfXTm66tJH zMhWC+FV;pnqW)<76ybt*u zM2CNq&w~Ibv^VB?+a&#`)uLmax%11O|p!cL-f6|6gYJ&L3G7+GUX6vf>gscc{0Up8JflHq6dm8Qw0%0If z#{Af{z%Fet>((Md#_(ReS^BwzcXsK(x;jnJ64c~jfc*P){b%$92!nzVG6>(>GFS7ap%HWgZm}qX5Q6Fu0y6&Wf)B#P8-9E?b}?BWy&ScU z!3pz7`iw55jyY0$$A5+t&kAM0ok1V9d!OktD}g^jY(T_8#i8+c2YhK6FDj&Dd9{kb>; z3{jAMAj=2&?z#o2@p}*MK*h&;t8EATUFo(#5TZY?E&vMRd!1qVneXZJ0Dljl&jA9= z!nVFDtNz%o2Q;f^nG;_4Oa8wPqTI?NxcBg4`*t%O9Xz>NUI3|Isg=kM|3=Buy1s(sd8!+)*4_F8*?;l01$eYd^yz0ZHk?aw^@qyOn=Py2;0|J^sf z@pZ5L`!hfP-cPvgolk$p=fCI)zxyMf|Jsi|^h@u3m+yG=4L@-7!$0-NKY8xsf9%6A zxZqP?@(Uk)+t*Cqc+ctgz33jJ|K}dB{^vWN{k?ZM>#2YL)bIPMYcBl5KRxyQYd-S! zm;dO;pZ7~&a`W3xf5GXuzvByTyEy&(AO6tyJ>|@|f8UpX!|i|O&))vdhu!6oXFck+ z@Bad5$5)NM=C)t|#sBq5(;s@+UB2w0FL~OlZ}+B0+~pz9eBse|{`);|cjjY1e)mtk z`Uk({51;of554IF_jtnp`{XzO#F>+)9)IdLe!&-f@TTSWy!vbJb@=>Ce&KnOqd)&U zKl`oYm%r`ozq;Xl7rpt6-mPT^!@v8CkKN&}w>jgJr@#NR&s+W8|9axzKJw>2@SNNK?ITbB z%UfP>_{)!+{YTHc^}cubqx(MR=kEP)7k}a*pS<1KfAgQddSOc>W*1^0hB}(Bsei_RIh2U61)6k9pwns^83y&y5{}Q|EuSG>E*9G^20y#=)e2QH@*AZ zw_bhPdmnhu*Zsu{pZ}YWe$7jt^8EWg;;Qd>#RD(>;>#ZN`d@$2;Xhc;AA0ON`hu^%?j6@GKYO1K-08pk@Y{as_+JlPJ?K||{+bJ(_~G~e$}=8y*U!7#@jK36bDwv9?y8TBZoSK-zFTeNQKK9<*-1)2i;p81I z`I%>*^Q>o{bMtRL?Ymz5v>(6YKi~H75B=Bgd+|G7c>Obe{FU$6JN@35z5WgFc*Tca z_J&74`VMco)31K@n}6`#zyGn-;iI>I_;)Ve{F*zy@XNmZPrv9_Z~Lq-{;4-!diuQ| zdcmjm?*8Gk?){9vd*h*Jy!QG#{Nh8;`;8NK|N93o?)J>L+;IBcp8fux`Ko8X|6afQ zg`aux8Sj7eQ*QIOXT0I(e(^cCe(HPQ_S+xYd)hzz)hGVx-S>RWQ~vvle*M>e@yuJF z{J%f*wy(S5-Pe7^X>a+8?|uKv9`!@7y6`<;|Avo!&&$5@_$N+1?p@#V7ms@EBY)@D z#$W!+?_Pex>J9JyvX?#nug>_cD=+w;kG}e`%LjkcAHC^c{_*Y2WqMN8Il2KlQ}dUHZaTo$>A;x#zo{^MHSR+})q_!k4`2 z1$X=AXWjlCPyWR1Z+_QnzV#&!c=t0eeb@s}UhuG2-1v@v!8yz~CQ|4a9O z>#5)T(9iweU0-^`-R}PIpMUy2m(M!?tq-{FC(paz{hsvWpZn~Me|+mT@4U?|SDkUE zU%L9&-!;GCHUIYf2jA{xFMRl|Z~w@hp7I;#{Kzw}yZrxJQwD14d-9g#C$&Tw#d zd)hdTvuVyAY0gTC&dB*jIV0!H8;@Ukea}(ii^U8FN*w0^mCna`?psg1Y40xQe(K*(JN%EgyZ^mEew!~m_eH0F z)t5f;CBJf?yFB+P=RM%zN8j|+-+9%)T>S0}ANy4ge)g;0@|KVN-amczntyrseV_D+ z$3F3WZ~W=U{N)pV`#YD9d)@luzj5<(?*GnT`NZC{Kk(Scz3d^+dh@&A{MiS8^w_^V z{BLf&$M2uK@*@xa|9oTBNqyB~Vo=;Sv(`7eIu=RfzQuekLmKk$uDe!{!o zai42{?L#lP@Lr#|kmHSb7y_%B~SkC|NQbZ-uA{1UGm&Ve(v(0e%A~B z@2~#E;a4Ai=^1Z)-d~*YX6&|J@|rJu>64%R>0h{Y{hsqbJN@aW|HT>ayy!kBzw9r6 z89T;2WNH=<)aZ+$V2&?iS z>*fHTC61xyqpxuUH6Oi=U31M{-n>)5!8ItHQrm{cxpP9n~uHaqq*@OeLwx3 z-lLhZ^}K7}V=@a^~*fAR=k&*#K=KHM9$9=`O( zlUHAM?9>&9FFohH!!YO>@%4?6EEk7=hA7?$*J~rK}fT5Wym*Vq>FTL_cy3Sy_ zhhxiWDo2jpbn@mKuReAYk;LaW9e&ucqsOnLyAtS_rulk4TFoYpJ$&Yg6DLpIbj4}Y zJsb;$Z_)`+mz}!t=BrQ1kT=nR@ZWgj$(wJ$^De`g@>ia?=>~e()wdiz`!XC3_MOMC zK6d0A&pLd;2;agz2ZzrFBS6bdBR~#)=YwicxAL4Uuz`=Ce5jvH#_zjn* zD-T2aWpFFD%PyA@HEc=ziowSaKU?juF1KjGTscC3!_Vx_0@tc+H;dWIEBbuy-RN#2 z$aQ78EunLqmj}c&>|RU{Ojp?Zbh*6RmiWcg>&k*X;{L%&&Siuw+o{6>o+{_^im$vl zC_-^p$d;6@_Sm3}KH#b$(0*W)Zte3{>yB^U;|oU)jMVMj9?l?j@*fN492l)zdpQv1 zHDEm9uq z{Fm{KGNo|bV(w(R-e0~NY~W{6 zgwF9ayBt?$0^6I4BF8Z0+$T^R-8|$#TBG+|Og)$<`hZgmw73w%Mlr z&r59W@g{3d>{zWv&dKog?2|VmH8rPPHZB>YgcQ$>uNlN|OO}ewaOo#hh2-m#=G(Z$ z4>pv(Jz?d>-Fe4PU4QKK^Ugi*JVdfM)_ig<{^4|UBrf?My>M@_PF*2smLrEB_2|dY^`M7Vqa~$c9^2&HWU@yNKOE^h%m-Q0 z+{W>iS%u4V_CkW0a7Xl<2qgj+@{%rl`1 zNTs(j&i9ZCvWTaazccV{X~^W)#B+RTx$GwsEB-@pj$JY@z46$05=T91Dw8uZ=dFUU zLNyA)%SWdmM0`>ZC;$;Y1CcbL8GdJiiMON_c$1W3iNBHJbQNUEsjLbG(dnrACmE2X z=fpc_UM?i^fX)stz(WS)R~JKnqE2N&CbcSwWY z%B0a_p=lBzj3zMyp=@nX%l(|dcs@P^WVh-iQ%G`P4atGNL&(BH^LGboW9YKEq`M%PYF!VPSliF07;lB}?; z*+Elsc|)>FGEzmGZ8)6<74iKBeM4Btr$(@VoU3!t6Lts9bh@68mk>460jm?YX-et! zK}m|IGoBrSIIJ4Vbds#H=wsTAKKQMg$?1fkQB8Ema?8{z;Z~RLb4nrik}0dSMh4w@ zjxC~w%;ZrByGYwfwa(Jl1OdGk(N8)qnD(9|<8j2*PCU^DOH)SZjTO~loX9$@2Gx%KNBJl=+Gk*s*!AeNJg~muOn*5E9!Em5ZGTCdGpnLTu z0w0Ei+=f``GVJ3?56MrboO}<(hD-82N;*%E$R?R$dNeJb65dM@M*2zbw}FyuvLtki zAwV#!QNM01V0W297n;ZiUCePpCX$#+kEPYbZe5aQ>)bk&AT?su7!6fA+ep(fzg5Fs zkmJeY0EGMjDG_m-{DUe)%SG7%vRw2Y+>xC5^J&+g^IJ6}6KBZ|h%{0N{KA4)>>na= zzFs?UbVRa`Zp6+yoNFz;RYN2+j`^DWFd+?TYBIDl<#*3ttIf5B&axo`CpnRN(a%id zyRw>3W{9~g{5nPi^6B{S@m>?H%(8@lq%IwV5l1k47M&Ww5QNcskQYb9DSVedtJ>Hs za2o@XUB0A^0||m;Kv}Gh0xlo1@Pvj0tHR3ogqDG7@hnN@j+WvnRBc47sy5Uh|T zb3*8x1q5r|)WbA${+#;Gm%TO{9>Q9hHfX4oBZ-Lz>e!X?&k8dHtlVwANZ z)*SK()$7JC8>fpkn3>s%uu*kMbzi}_leVAYjzs%FlS-^#ewE@x-rSuehlv(K_$ zG@$1scg$r!dFl~#V;(CSQ#y-f0U8N*mKCl%MSVjKk6{hZ;8?xal?QU0%_c4Z2{ z>(Oj)<`UAPagEh>Ba~SwBh)u5s2OV-C{8n>SXyoQY+ZZej{C!3efOO_G51QNADURsO zV?LX^1c^!_;Q~vdkxO@}$JV}$wt>EA9z-wGP1=Qd49H-*7<=2uWzgk12ZI^4(#=9vJdmGp@9`@42M^6x*e+KITgD<;)$z2xuwc0bxb5JjR8@9el6}?Z6@S z_4pgdEQ*md7JawDPmD!e;%DHq={w9(`W(GS-=)vB_>*&tvjUT)L!e-tz;n;|;*eDJ zfoBf6CJxLFd}hJ{1V4htL!3@@HMIGnIKnd9 zrx>c^?^PFuEl6m{Vk=0HV=A)Bj{e|1piz^6!e{w+(pAziEXz|)j(uXU6dKFza(*_S zx}=5jUh!AVFN?%%v9@@Q@u~$eK|nQEG!bC|;>;Dclt7G3t1%q{G*w(;Z<<=#A76qM z%qmR1Nz16&%I+NAZ`SNulUEN?Vt&cdNX$@GSQlulTd4w zV>2$PB9cM@sEC_n9A2q8n8M#@O$CDEDgoIXH?srZO|D%4K5=rv3XyZN6CjRTP6{+6 zxaZ#nIGMmjVY;MCWIoJMg=v~G%{&2Fa{iMRtfV$F1zxGn!T3JStl8+L8DsV|TV7<4yC={|R!5vsuB0#_;tU7gDOAPxdpU&=b#LWT8|Xju zsW4lgrC`$Pg2W9;7x=e=E`VgBngY1AEK1rPae~}BV+mOS&7Qatz;MP1d=4M$pE>Es zWbVUr=_N^{Eg7mSc}v#XSm{u6r9E|4;qbO7n7kX&w3M$p*b6kp@k=h7o-t|dD#$# zLu`yi-iqcN*_r19qlof^7K*)m0g6n#Hn8ZMYCI8d&WTP+w1BsX6Cgin0qJ@|1GXQs z5waJ2mc0n5=HEHc*O}96<-#W1EctmtvPhfK!iG}@^xP!P)_dhzMv0HycPTG5*z0tl zPRAU}WLnkwYSPy>y)3^K?2Kehc7}hoxNCKdQORvokj*CDOL|7*JA0E_{Cay6&g6PU z^UZis&?}m4k_jmK|M{{k=TK;Q0qS(3;vSwD+e&st{)n}JB6{#DMf?d+WgH6D1U&D|w%Wwl zLR_E5flCgSdT@r2(pX##Z%XK!=DV%NZOcbVjEt9VbtU?g;s8;QT)T){87F%z((=mi ztl|J<-LnW%%qZgtzqJid zNRx;s`;=T`EhC?Rad{O-b0?mFLG+x&n+^FTomeRXSknw6LaC zhx}GRDb=MalsZ74xB)`tJfxNG%ptwvQ{o|OV6J7g(Rsor;*!NDwTwFHtHzkfoTGQu ztfA-v*de;dwdx&d#Tb?lmxHy#^NPb8fk zb>{WQuRU@2!kce8b^MxJY(t%yHa8ARo8r0GANzI;B%Nq@#E3NtFRmT&R^w@h&!qM| zHqp}#Uxag`vU8~LClg9kk~&87>>#No_6E?w-gU?}-lLLioUnNaZT*8<$>%jH zHv-ZxJ9XuWqgUQ|w4ZKGGG27WyhAZ9nm1$g;!w$onsYMK;aa)Hm+9q|Jn?zap_fpi zOz$u|jg+=xry|uwS1dc^8LS&nfMN2CNVX!6Jr8kj1ub=;$>(M5%0DB6tq3HPMcx1? z*#UKX*2mTiG(y;lzQ*T3kv;zmiVVmJE|pj`05w|Vd-E1S< z1dYn=viLqZJ014oD^FbeHAjy<=$v!EmNh?DEZfl;&<=H~9JiwZ_6)EA4ImA@;KWfn z#q&Y)#UUKvGpMt+A2^`b@ES*}fFCBdvuxHt4*>{60?u?LWN@q*Mw`noIr{>Bg!&A_ zatzB*n2%>W7z5H9R%>u%#&aT^x^Yd&veURTKdwE|WI%)#b5fwYiAW7p1oRt`!u>;} zDo4W~GHyBAjWk@^81YshQu=Pcr4EZU3cQ9@B#Bh|e1@#jheriRqE=ZRw-d(jSukb1 z+fk%USU;b=NK>b^7iklXN$=f=8vvb^+Md)vdj>@+{Bv4AtRjs_)m0mkot63!ZCK0e z$6YykacWho)U{TMv&S|BUfU`d@Y#rzfmiw?GnHp6RXm23vKf!0b;V6-I4&6$X#nK5 z7bqY-v0hrUGLoH0T~KSgYIYj88;$bep9gNHw(~5QfRQO9uQXj{3}Tr!VZZc1jHJIR zm#OXT3m!EnQxS|CZ&*hfnJR7lX6hqt+t3gYy1~HRh{(`fYp7uShK6c8f`SQjgsK*4 zIK)EbxQN`Tv`mbcFAjTc%U1BHVW9>Ql5GPB#%p+AjF51wezttFmGrv}+>Mb4a1P#5 zhrLHfs68=~IxVDQc(-^YMa?;{YzIuht6`xAF_Nu|4#rDDO)U&Y4;}jAhJswEbwN_a zz}+ax1OW$UskT}_;EWL}4l2BKBsJ$<_*Gd$sBFr(W}zGS+LnpnQG-Gi20Gpw1_k3a zLM=u~INUE6>ae13FmN|cGDBAiRWm3XEN12g4g$t>WU4T0w4TwI?TFBq3xSVdQ#O#P zaVNo}hGoiv$yv`OgZ)8!V!c$uWoqaR)x}A+SS}#6eqbDkmnjRKi1r_WzP5%mn1B%~ z$G%b{mvIO}6XwsI7fqk4bv6m+toTV~l{S)w(nre)U+B5t%*(9kx z7)kAjGl1b8x|&L1WJsK1i!LzJz~DNEFoW3 z(*LMoOAP`gyWcUud%5*s&{AEXWRvc@4crZsOdN1$=J{V3f162z?qIv zdjcheI0%)+JCX}boDhsZ2_7|QsUn$tys=&M1p_ALkL4zTL0fg9(%3FNb{iU7QyI2T zC${YI-~=nP?pIAOSrmuUDm3E~*(+1ao>lmL1lM)&S|^{De7*m1gVI$A`4NZpr4?^6 zyM!&iOa^1VQ?Q@dO@{7-O}0w3R=k_X!ebk92O4U`%fYbT(%cnqQ>!$V7z*NL6!aY1 zA$Ag4o!=f?GYBTo%0RKDAC$2poQv0rV8@|50Tkb}t*TQiUiiZeqhh%vyI(_%c-h(F zu)WxNd5J?Il<*tY%gph@;IH>Tu3)`E7$rA*_m9|!SMMkvs42vjvlFjbZ4QaIV(3mN z#osx2@!H1(Q|O2{-R^FTfWf)RI_XX75HF*l=hzPM)L7W)N34se^qTYxc3en>t$!z8 z6ZizYX*H)9tzok{8yeosz}Nv=Z|736Jblm=ZyZ)Jwc>lF-WK8wZEe_74qLBWWS=ui zuG^}x-gHrz(MvC0A6nUan1;k#9vWo^Uc3ew4p6*>T5%&@-dfkIwlX7N>(#&o;4IfT zp_@1gt?Wf-0mp{LD{Raeg{I}f^?74r<$`b2cw{ojF7XM7-DK!)Xl2N*6z}GH?AfJI z!3?_6<#lXVx@yxTU49AaMv;}hpeuM>LAnvzSC)d0UJ@U}YFlDcvo$-N*H{;j%1>i^C_Wy@kXpX)0lkkDGU?4;NZHBN{#p%Agqi zpjgO>cUbis# zH;wU@%gJ%nPc}3dMr+1{Pg&L1lZ)$(3(AFB!Dg)}A4etS<6UaXRYEzVaEx}#r$HGM zBPW-=JtgM)V*x)WL1_2B_p?}nx2V>wK@YrTru0B0>O7v^~D<*)ZU%Hhb0Y4sx( zDsCGSv!%AFmfD%G3xCFZyjDN4n+)x|I;__q!+>}<-9O-2_LFSDSbVKii;FlDR~U`k z9F-g(ITCJkxNkrxuz*OO=`m0hk%=>^LbYwnb+T)P<20rd=)?_OS>imFLojo$xS^dR zhd}>Bl2nEI;I4cPs3j(`eA_IQ9N0J-YgKZNaD{^Wl6+Z2UI@b~)5zCW+$PeU5M0PJ zuB>(*R}AeuIpk~N@BxDb`OQ&cTg1vt*#`D2HRQRbvV2wUFfy$m7Up>SE!5^0VKAfc77svyOIJ@R!iPj*Jyjzc?F4*8le;Q-}pP$HOtv0sU%(ouw#Ni1IlKawwt z8ul9+n{hM2^Gfn%5jpu5%5fX{+B)1G`MRKITv-FHr>x~#@1VhDNg&_^&3wJsOY^JrjfJH`Lz{5Jz3fQdEdj#yyAQ;;Ny8?1I8oLuy*$t3N z6W(UQ%eBZGV6+sPcSS542)yFeGGk$n7jdD0zhJ{sIqgL}tTn9|6lN^^I735;LLM?y zmPe1df_FH6LkU7Q_H<%5qAEqag%>Uq7aJp%C|at{0|~cPR&q?(NR9^UNO;&~mLwbj zf1zr(k+3b-?K5H@W>wZoH>W2JX-_B4vRf;a65hs$?I~0N5E&6m)=Fy70};2CR$759 zN9TAE7i#+pA{Hs-#xUmM*nS*pMO+TF#y-;Gdft5+yAx{J&ANjW@rJRMRHO$Y=Hd*- zX{|>dYq@gU1cDMTAM4WZ%2Xio1 zEa9}&rw1Z#(pTDhJ<@hvZ*s$ab6CVGrF=-6#SLbF5kajzOu7mDZIY&4-Wm*)-QFZpL z(Mh3#w?zm|2mm3P{#K6Uj-7bWBQA>$@xJf;C~i)*j@%!2}3*2ZWX@SOFkxB~?VZ0z}}K*cj9WK*2;59a=XJSc+C` zcc3GZLuM;et)lP*h(73S_mY8$t(}VWBxiHMj!WTmfz3^TG0`|RTj4<^s$zi5j*XXz zm{_pm*2QZ8t%Vf1{IkuA;3aJ2^bMX6UY^;WXDyG!Zc81K}o6*BRdWpMV8(S_|nKRrH-wcIXQNgyUlpd0eRC1k$o0o81fLUp{N{flj2yOZtKXzwZ zz}DEc6Cb<;s)&ttt05pbR^T3RmohhY*4j%j(N(eV#W`(owGd6@3SB}>V;#{<1Tp&* zI#qi?p+zUX@!9gRe&$=mw3RUtLBoidD(T3=B;t{sKgYyL;pFkw($pmkSeoAffq)8; z!#0p<7vm9IB5$nu0xGr4U`Q(PMB@S&!UPK8M6O{4$h66nh;q>|>9^>@yHp7Zts>CO zC(AmaB7~Jf|9pH89i275Em!N;-t7LkGISISE)=BtxQ-xIJE85GILnv=K^6j*T#yB* zuuJ|e1lh(iQPTxztqL?ORM;$YL{I@L+Q2~!Wh6-r4;6MD5Im)U3h6Z%*04?*#g>rn zmxkGuS3q#+oYIQ1qhac_NW*v$;sKuXlUuHmaG~QOi#G~wGP(>;%WY3BcyAdjD&9DqIj zdEb~~U?L*8iYc0iBTZoi?`U-)c`<~WU9C3WG@!Vo)oq?a`(9*8=3r_%v9-Vb%(nPx zQ)m%k!}uv%N1|EGPh5<}%lw>~6B_~sPif39#gf*ny@qx6l5P2S|D-qb&^Epf2oCWx z1@V@6S^-J*G&4y;)0{c@fU)st0=cFYLM^-0i71y)E3L{pw6@WN$Rek8Vxys8^j46X z?6Ko}L3Yv%w$eD_!!|Lq4Pyg>V?k=F%@WUoY{M7bgUp-@1Zi+7nm{hdLa1d|5E11C zLAH@i)MNu%O$-{*+RaDX>_J3O0V>)kLJS3W3I@@{#0C?=Q(6tv@vM-%hIJAkw)($+ z(i=jBVPrsXtYLvCB@L4Te1-~%WODPv2R7RAC_#l$*NAe}Fx7g?Xr{HPY@0;4NK7hk zXPC&P1%oj&5}(e}Y?1ta3DQO?5j&z)SqiN>%xR;G=r#rja);=mv-M~L&xrDZAlv9d zFOcxeuF7TDsKTx}BZ7vZLe5bahslOAnh2kBEtpt;5j>@V3ihw`NRtC`P=PHKKWP)O z?VE-fM;{OzLPd%mEb(l9>R}PTY5|O&fO%Lnf!rAtpu)yj5#^#`DIDz3+C~*3i=5d4 zdjpG{RI?#{O2dMj#n0^tUp%K|J!6E-vn zDAol?uK?9wk+QMh?J(Im!HCvwG+~!25kUorQ14F!$$~@q>*9>!Uikp~aftt&yvRzQzwKHPR5SI^{RNjwLHMU#yP6}5~w1QOM zZV}nj?V{uiFawrvGB!4|9KQ{w?K-wg)lVv~E~()+lEE3>(~0d%t5xn|>7NY(BW{>H z7F%=f`N)aLMHZ~$dixBvyhQVW2`jv0*E_<_oXGVEzJ!+&RslnVYc7#Av8EgmmK<`z zsR8xErd7tujFY>L?NSJnLZ4Klx)pR|GsV$uqTn6rMvglh8*(fx2et`Ptm}&iuF$S_ zWuP61*fUj~qZ^im>?0#25hqcT*`%`9Z(=Sf>GL;8=Vv^dRNjA5HMTSNNum3z)uVEn z%O7$JSsO*Fgp#70EZn7H1JXVu(f1Ki=|w8o>=7nIzyK93{?CO_+37ct-nSgToF77w zksI6OIwJjTKuBZ30T4oPy7>5sZ=(peYMLu@WfI4``I<%SuJd(q4xVTR-#0@v z3!#YM3easA%X;|@_NOM=w1U*>MB8t$mmsQ!TU_UO$@V)!_&?EmRVLb?<2YIwftedo z`XCu8N;h_4^2uUr#&%XUwKuXxjNN2xXI0RI1IQ7SdNV6Dq0JCzw;|GC6Kz*QT2Xl7 zVz+7GdWZyVQ)$;?NS>y9QXC|^=pB4A%Ck=vBXsmbv2O=zXyx#i<5&uR_rQ$+K&F-V zeN59eVsIkO6C5`>8flm@ppi90cNNlDQYE9OrR9bY($DEQNNBjh{8o2((G|j2tR~1e zP+@lt1=GqqKBlG(t9g>+y9>^ym3Ms94DFWH(?ZKdYdgw^0c~;7%(T!Rw8_xkkrjHT zHW?bc%^-a`u@PRSCYGXAk<3ntD4vlFUo`E=XfYDSfJ$o0OjwQvPhdmTQ#Iv&m;o}> zrA(!HY#1p$IF$OIHW}Na10PYnPjq*T%K*<1sMYYqTUVh0rqR=yvAqox+JZJ2ySv+H zPj1*R8{kO}2r&!~8i*t?mXJ_vK(ai*n5lN3P1Cg@WEYH9BfNwAS{bWxQG zUNIp91Xt))vv-XSSydNVT%bUge@ADOFvffRZ0%b=BSaoIp1R<~(PJl0jTVzbXaJ`} zFMC_2r-jywGjG1;yYF}Q^nPc~uDkx`6W8AK-N%k!eciDWv>JugboGmksZDit*2Tk+ zc=1^$kKQ64toOrUG{}3l+?+qm zdwrkMexCQkuxfa(@^f0M2a)8QD%9&2crWmik0@!5gXjG)3Jmf-zy;>L$@F;M7vQ16 z9CKqw6C9A31aI5H`>K6t}IXOi8~N_S@Et=vXb9v=2PTR5~3zLxw@PWk@-i0-ohsQrYV= zHSHn|`JUN+5l0jh5_wueI7^u6QQeqRv^Xl%XGZDJMjC!vC^87pm$l zJEx|$zL^BuwT7M-T>+aGmiYL&Q1jjLNu$*Pp!55s(?TWuMq~SxOl4cZG_~dq(e1Ma zS?0geK9GU3u~mh93xH}?O?~p!Y&;u`R<^@fgzdb8It`l!Y|G;iv`Af79>6)c^*g9j z+gZ5d*nS6fT3M$*t)LsmmAjxqJ#(w7!ScxQ1jysYuG{&oqT9PSG53RpA``DfLakEO zrgnd-cXeQoQPc(bQ*Aw%YSA@}b{ZCj7fLuAF_{}C8bI`7@`zF>INoS%k0`d^D&kD18e^N^J_>C=j_!G5Q@CQ#UsZah98d%9=r;-FBLC*2$|B#YvHhx}vdFh)Y;e!fUGO3a11op}p1ZLtajIr) z?_w*9e5-ikWto*C9GK1Ey6;|{ZxW`W+t~fYB23S{MT5pvtA1f$Q@tAmyq;>+ zFFrTbvvG5|RaX5@P4#Rap5Uo&Y~x;{X(xTF8Qc3@TRgkt*kFO9n^@hC+D#l%K{v?E z$IeQ14ocrPr~;n$>RXc}o@yO1RB0-;=X6B$lqGOvgm0{*P(=jy0YKshJG~}zEUZP51M0EE7=hmG=X@LD znBKa^s1bNb>;S;f5J&VJVrF(ag)X$kX@a>Y#1Z9lBicQ!h*=3XGlm`>k~oL89Wxdm9s$9hklk?-^zh zeXqVNQUiUof*A`uDH$HY?Pw`1Rds18tcU~{IK{08L1D|xu4M+)Va9717fQXHlP<(Fw&-*#Gdx7G_d&p8IUdRT{=d(fye%%TIHm5jo;>BUTpv&ban?SUFMYmEqc~ zRG+AkSJl`KGiQ~Bw^d_1qk_;)+t@)VXQ`OmDyLK<=PJU=+2r6+vNzKLWmMJ)=h3|j zm5om9pB0MKTjgX`QQ8=6CRM^Y^I19B)pAK5;4)PW z11`027*!*}C>KS@fHlY|b;|jZNjb$CXKb4lis^@uQwyQ<5gBC%$OK(BYOp}e3mupy zn=gLy>MWP@tZ;8aqn}b=n=`@dkc;DIg~PEo8oQGLwZK-dpM%x9vr<{P18lx*6Z@|Gp6?o71 zJn0H$k;2D82=FCOv%*2}4Zmx~?z$+GOseGfrsX!XLKSf4qNId7XApyeS}-|{k+2(O zHc`>>jECr#MH?|mad-YKjIYJ1InwZF2L|Q++?mw3c1Mh2utL#jE7l4#@*#I+3GGY@ zhjV(JM?$e*&WTd3VTzb)#&(zsTr?Y%2d0i2L`-}Fz6+{Z9h)pIs=j6{N~oh&@1iJj z#$4(kr^(3$IAkF9}3TA%o304{M7-@H{z5t)^kRYI63sr z88j=@&<~4KE7UTU&k9`)zI!JzfwV)MgwWKPz46#Xs4nHu`Q*KpxNu-rSuH)Q7~7v- zGpnqYt{QvdgjZQDT{X5(2vk-}SB>pJc2+nOyYbL9{PtmEsT#C#4&|jf%AYdThLxHO zVLh4*dr_WbzgcI_Aoik?J>x~A)WwgWbfVO#;leUTPf`bKW?F?k(<*Ec1wzWGxO7%o zE%od^ zbN5FFP=T58a#mS0UB#R(SeaezN=IAlUKL9Exj|5OzscTJdhiBE%eh%_px$O^wR&-; zXC%+GR9e&qkflY^C}W*zk+d+)X#n)1E;;(h<3~?jH(IXN&GGTG_399Qv0~)k7xZ_$UM%o$jeqCr?|7d+pWdU_%QO}~w?wxik4IzT zAAfeN-%sDwv6pEae22%N=cUi+Gqdp%ZHXofu*7>yd??L>=t?v!&Q?0lk)Qq<{5$3x zK7+<28u0f8eV?8K+W1-YzRr`L#q*%g(Lc~e<0bwz&rEYnV}hUjTzX$=Za$0WP4w?G z`di`&KFiO*-{`q%u1ptx=jR$4cswIxqIm&X5WV~z&$}d-#9#WnW2meX{ro(di_Vp0PBhZ@@sr2J&q02qv7v)Z zFY%eazX^Tx`NUJwIU19`Pc&nWEC=GB^2YKh*_wTiKTo=k7c?%9N8@8G{v5qdb51&; zyyVa0dkyb(9`rpLm-P|!@iXv~KF4&bta%>kvv@Djmu!=1pywz4;B~^WqQ9Z}lYI2~ z{5n00WJ}}f-y3?9o#Af{E%**UpZ-Sw^l$uq54L?`hUbWP91*o6D^IsBb|vTsYYm}i&hPWYJQz+=(# z5|0yIG`8}TXv;pAe%I&oGtE5tvqUS&Ce4SwgWvgYR;Tes@A$+MKS!mDo|&G*yhwD@ zJk*xx?|pv7@-vOa@+Dr7UrBnZW3fz$)-)fhlCx1pZ ziRU!7L+@kUBwPM0=?0!bul+cQXRK$59-0T{*5EY0$YZMgu#cc;8arUUr1{ck>2FGh zohR!#-e;Qh`~13+Cp;GBlD^MBNe1*>{kg!K{JZJ`f5zDzf7bAl=t^TZ^poC!AN>6R z{_(Sj-}HRtTSOPXM>Nq`#7E_2vTx=u#^BH4KMn6`Tth42UlU(DUN(5WBX2!_n5QHo zqTR@qc}4GIUPL$Zk$8~!NqkWn*|)2`(dTJSJXigE`abi4zMphadCQ;0f2#OGwoE)A z8PZRpk#tq*O3z}Qr8%j5)90FaLG`N9Eu#A@8s{Nc0?{JAsSxowP5jMlQuHrdO^QJl zTK#L%3$DNZ=9^C4c;%_%Cr_Mxg# z(i3LVe3?H1n^Vz7BOYs#qW$w8K7Ui5*w2ddr%YFq0&mx)G;huh(!BRD?Wp*kbAA1z zH|a3xG|lJjQdX{;cV=&V7|P&O4DAy*_6mU=hxW+lHHtfppNZ5QS1EB%4S)s4C z$(L5h9VNs1bcbIv?gZN>Lw1UbgI!Hy^8k=RU{@bI>)16XZ#;$rRZ2}qJl%eZd-IMN z!bv$OZ}Q2u1t6LQfS(Nd_$gZ?C}Nh2k#L=)Afc%Ckr8%QwA&4J=At-AQ)=_CFxGJ! z9NB!!bG*tAN}CrsROqZ7I0h9N(AXoS63L6M@XeL-m411&<#Ey;n)?FODQJUeW-7Bn zOS2YINb6~LM3G!JB3QrGj-4$P;%mC-->3SDz?&O-_N`AdlNb5n~nz5w>r-I zjj#MP`$p$!=O7)G-;7P1=WP!^s9{qug#zb!68VTTwvPb?=?MYJC!;<0aQuj)XnVE6#1hU7+}lJWQ`-V@ytuup^zz+BQq= zI=0(ao!fSxUB~v=UfJ3^ui=SDugccmsL%tR-M}#x*hr5xlno9>5sDO6?S1}y)w5YQ2{Awy;3zz9F-MpQ>jmCEFf8NO+^r&YI-QG>wmHMu9dsk-H zyt|I=P1Y{zb{*Tf8<>?*lzlTRTb&e8TxnJuWKsHJu1&w9d1M7*E@-WqOOgZSQg|um zGS^nG3_s>JtPDtMl-6{4_QhXF7Q3;B*JT@x?PF~Vd%M!zF$g33UB`9?0mY&O#eU

      U^!ImZFeEtJA(?=D(u=25%goSPjhz}2*9_Ue)|cJR#vX_W>! zEBZMrjDT;08zs`($#zIaCZ?AgKxI=eHYJOTWHcURV`DvNk~NhKDJEEjl711^DN>pa z6iNGQGt%dk?U{4Az$8!cIVbGTV4oLyrW(wt8QWt{;V83>#`X@r&|$dI*nX|btt|aQ zjmDm*7D2~v5Al`#URIQSL%Ya!UfJ$dGqh)RWw%$&(4NQ)#<_vg#=clRK_fUV<_-@covipNDSC9g%(aUZO)B%$Z>9HLoPPRY2IPmG zeT2^1SEU&pe%RR;oHLqW=_&egWHk7}8GTS2wFW=9;15cmmH{AZIU)C<~mN%*qC{xoM{AGeqZU=9T?rHADL?*Lh`sS=HDcuDQ=? zK$BCtpn@gH_BnQ&Xe7{z22yLr_7GC&X4+_M7kBl2#V8?mzE zYcBUKF&inXyXC$qBZZ=RZr+j#J_!_JC3 zdpnh7e^q0<6$-SZ`2USKU<&@C6>}W)&vN`Z7i^s)}sN;f-F>k;XdEXIU8Rkj7SZ+UF zGrfPQtiPPsjO}~?G}Bmqy=GE+=gjMmUwh*4g{YN2e$6eX**(5enXA!6)i-OXtcSc7 z;*^=z)gf^?kM2d8SJo!ZrQ~jy^WM`GN@JP;yJl=31Q&|eHX7S6#40c3sNqRxkFroV zxCz}@{byE$_K`N_9T@9IW4lNSn!fq|=fq{;c5~BBgNv;D&2A_%>Z0C=!}S6U z`L#?n5WA#CL>|sk({gZLbY=1+@(-8HxVGU7OQ5WnitBeHAFWzOf++(5hDmK z)PlQ1tg_*Fxs%U&!PRr+C~;wq>2Jn#hzyL(CcofXwS5}fVa}qmUapF6hdGPNdbz5x z9p)@5@4%=T+wTv;cFjgxy_d3Oxy7hl2pbTp@mdR0vDqjM+itVviil5C5U1tJ9(f>CUzj?xM&BIxBL$q1j+#!xjY=(+47ex2@$Btin-Ko)dyuxp0DZMCEgkF9QD1?N1meJ`*DbhMA zoXm(tfB2x*rS;ZA%EfYKcp>^2xw4?IYHT0JRu=SCjqT&uLWR^OJi#8C<2T7^Kmj%5 zUPCwbWwNnhG$z2SG#Yrq!Ay=2GC;76iBmtgg*$>$rVHonLkYFk5Ia!|tu@5<(?ZJ) zvGcT$;z9fjB3O)M;^JtAxoItNI2-D^`c2D34grFdOp86Z;6UJzL9CH=MC@7DpS=3p za$7gwhzO#)3SjH{;0~LaWkQfd6AO_@M^EZ9e&?PzdcldK$4;CY0iOh{)_Y6GPdNq; zyAHU%oKC`QMM)`nPSN3-Nc{!8kKoOakPy+L+x8i~DJ^908Z z7pW}lzRr$Ad;e(@^E(dh7m_v;y5rE^GuuSXjzha8Dpbz^cB^`1Xy+We`lKA#!q0pJ zaO*~nvTP`2SBjgG#)_sZIHwXmey}T?O&{Zi#u6%nQLte11`i#rxJRE!4YjpRiNO)a%F zqA0G{n62XLjd^cCE+Bl6_v#7lY?$}z*Sg1YEUY&Vo@RKjL5CfiIK`Nl+t$KHOwpjj zyyr>eBSL)&k$<50F3VS=_tv}u!iRXDtk?2~dEYD({J|VJC~y!g4DS_M?bzVGm{iWG zg>?|Y6f}?2qxUiiKcZ3lXvCgKm6U_$4lI+@gV5$MZDA!F4BvpfDIaY7j(3-xh{4uU zR)TzapQvz?%3!c6)s75<$nQp#iqQ4C^_h*Zw*mP=LG_@r2VlU;-YnCQqt4KCQ78>> zm0hY;J0Q>0c67&ZD$pHO_QZ2I=OAbwRyY9l;egEs%H;`Qfk@>{DrBIFjHe`-TGirSub8iw_n*;){9q-?bhE=CS$;rs8BrR zK`7~m#Y$yTkONq1aW4|TB1Ar|L3oar$PQ~Ab1v`7di8}AKM#Tj@^5Zzv$7gO>WZ;_ z#oVH@UcH8HEY%&|CNSQWZoe=qoT1owuNt0sKrIz3H?|wZz77|VPH;Rij&WC>_&BDr zO1wsvNESG{jp^=4Hv;@@Y~X?kMfMLD%%B0qmAIfH1}TfaC_7eCoOEkvs9va{KU6mZs1Yb#*in_r~4SZP+YnZFC8f3iH4c`rnEfWU7ZWT2)5Al#1w_9ZsuVz_%NVr)-fJW z%8|RWOuK4q7qTuZ%e1S;?z#ozfg{U_HxwwK?QMG#Li+8ePOK_!601ZGQ0}Fc2@6X) z@--Sd5X~;-=)^(8!gHK_4V!iyyNh1N4E9Y11`#8IO~G2fX(>#Q4A{y>P{pNIU}yZn z8EppDqB-OU41Z5|hxQ}zFuMx~EUPDqEEGgRv_zpQ`&_snzAC)VT!aZ90`^``DO*G} z8sbp))?${d>4ZQ@m#YkN!j`21ZcPp>P4RZ~9FJJeS76ec$HzrLFO-C5mT#)U8=?u& zr7xeE6IF=g1BFO7SGC;PuP4wuE675@tF(ZQL0XGQbQA zrKTvg5hN>08`n!g{Yd18ErdP16m*5U3wNAngUTB{il&vTe2%VNl{fYiC}m0I+h|-Q z)DeO4JQ1xT0&9b8UHuF$foU6W3#5RFY?d9uOnlH!SWx0SSxyh3;FoW@Mnay>VwM75 z)HxkmXBsGwKQNbWfp4xStO?>7SY_b4*bC>A!NqcQiwM)O&^*T*XlEg4k1ZHr6cDB< zZ7o&{ESZvi#tfzk(t!@xew&SC?#@J(m7NevDYws&+%u#TpxI1WEkjDRzCuYqL#(e1 zP?kZZjnA}oAlF5EB6DEqjfap^YKM8^!iQy{aC@V%ooBOKHOhl#th7Y&qJR01vig^}t3q;vTJ)h7vEeTv{0AOlw(L zSHF}R>zoj$tuSFH_2E@#tF0PwSa|SbJ4=8Wny72vBx6FYNKG?LQ)gj`W_W0qFj|ie zXkThcdd45j!I(ufhaA?Bg`=>kAJ&MXe!VKenmR?mnph!-X1U}-1<{4rxf_o%k`53i zi+gF&%QcJ{+6KttM-Z_@AspA9_CKZ3w$!_71?RL449Fz4EL44OGR3Qv08e@0DcY$2M$;&|{OaeZJJTDD66S*U1^2-Zup_C=n5yDPT`Lo~{E0Bx$KP zyxNjm3sALz)M?Zu0ChAt7)>Wv#~f9=>S!Q3m`6z+)k)9{7{+py!3_#kk-1&m7uvvd zao+=`@;ojt!2RqLe}ak3{hY96p%%RXywrZv2d0K{OtuikZv%9N)(UO_Mw8juCr_M0 z_tj0X=+V;lR2aY$`h+>s6_7Ip6DXv3bIrO{LuEFKxYMpt!9B6*2Aj9_ieIa%pS6b{*RVcFRsFQhd+UGL;Yy&qV|E?eFL7+G$*yDjAl(*j>^gQwmIWt}JYt0`VdqYkm7ct2Y`0v6p>MUgz{>5$ zQ+l>RIf2K7^_zdT43s0*0}yBy8(3?I$pg{Tk?U9yO1}f{<-$ur3BbMRDvp9$;3bcM z!)NhQ90AaAsddyq!DVy;^U}761WMC%-7Ia_O@dlDLlKITsO?XR2Icm?rR}=0BL-`g zrQJjgMr<(978<899R`B9T>tDI=dNSBh-_)M5_cWj+q>QE+jVU37b*+8mlgbm;yQj; zVoA-|K60--{=159AGuc+c2|wv(Locq?!8g??>e^EL7OVxacsax z#uNAjvl@t&7I6f-nO|T9uJjAi&Jy?qhH_fE11<#y;TN>@UEqa&7wm_-SZdKbe8f`g z-r*RQTKB%xy7#3Py)UJ(d$iOFWl+4-3gwJn%R)m^>n7xyfqWit6JpD`5SF%ZE)cLZ zXZE>?sQ+haGg`rjjhjfWVIbrLa_20t$(>!tc45lW=3RCj+rw7nN#DyFo_N@@3-n#- zcF?l23+i3RcF?l2>(^b!cA@ghE-iN)8&;X=;L1j`yN>Pj8<1%H@HBF(vw)JnE4VfNv>H0VB~Uyd_of_$j4t06bx=UwGS%iGbTJ z=t(C>PANc7EGie_((Xe=gAT^VQLBgmWIs>2BYi0c33N!*o^*j?;+n7|(>ie6tk5FO z$g?GR9xlk1m?c@jfl{`Fmj|57mIXx4Ul41Ow-K@3U5&zt7^Os9o2b^)F_hUI!c2_U zPgqc8gVGtQ2~AZtW0Z)}4Z3`g-h6Usnn`QP3B!JM2oBO~>R;Hp*lw7=dc@*Vk6v0z z0xO@^%A!Uf&E#@dQB#0jnVEbVWN1Rx0ajt~rp~5R<{$+0^Tn>xHRiI>0kfvb0n4l% zUaTtn7gnZ!VU^lZEGrP~xf}^@!K_Lz51%P05AJ7yuQY0iqsdDP0qMowNM_oZzVRPJ znjod>3`NZo-1IxX$@XvTmqIWd{oJq$v64#roMz?mYv{oa8KI+J!*iq5PyjgHu!HrySu?Ms{(rO_2_rmYl?s>}#;YjplN{syGN5oQ zccby9F1ne78@hAIcCNkD=0BFuU?+~_m^g5YE zCumO=V*~(A;E&rr4ox)hN4cLXuot=qX4fsS&!^W$x7rhy8*F7^{mK;9H{*Lib6yI! zCf9|xHsCMr%Lyg@3>ge}ldI(uF;_fyXGN>Z!upjdtnX!rPkt2^agFz=8QXa#Fnjar zjbewt%(9=^)^WGXtA-zBU*fAdUecm{SolinUvd*$73#iQ_5_b|x`?M{dJZ}YA$tJu zWnC;(P7dp06SqSvW$s=VOO?nekTF%r4evceoHqqSwhFM>R?ocV)Ug{!<4NJP`xVpG zuRZRVpcVI61Q4BqDJ;jd^wrC@5VGcuZ;Hf=snhjWuLv0fRP)sepkHr_xuA?G|LK$};|{v7Mt>Rh~;W^fJ!l=Rq7$Ji&W_?$d!bZu#MQY(Ex$_N*fJCl<367`bkU3;oXH%4uOCYCJKyZ zn41>vN3@+i9n&iG-e^qOYg%nAteq5I9EAY5lOz@^9A&25k?*aa>I zwSKEowRggCQ|aA@QAvjgp+gB#&^spdPsC}3rZznf_=yV_7YD*nb)3L$o` zY&niEmN?(uE(=P9xB}zS_z_r88#ikqZl-H1uFCCKoF-P0v#|5=9gHI^a$_4*iPnvc zx|H)52vD-Ir!yPyM+UtOWR==4EM!TmLe3CU4hhCNPSlEL#E7f7Dx2eDWqve=Tu*XP z>gY+KFGVq_Pft>)j@U#*-Qjmt+?gq^G3Y@2x}NRBBnh&akGjLN((aH<5mtrmu~vcA zXf5`61$MClgn96>WufE3$ClES5U8En5Xp~Cz9YYVjV%lJE~v6eH$^~f8(T)L6|2gw zfR*VAXaL&F)W>L*=k-^O?PE0F@~r^V3c7u3*s4&q+UR-B*ltm|DwNr7G`5T7VME3X zL?E{fQ1c`Q7;S;tbYV0~!a&`|mfD4Zcx|Ou8eqw@(hYp!JQ{%}cq`1P*%tL^hC?vk zxiNFa^!CrKWLj-(DVos1fsJEJw&DSThGWYV1QRfEmJi z+WC-CzbaI$Hi&BqRvXTHZTH#PQekfjyKBboWM}Qlx0dVq1zzQBWTEobCTmyHHj={u z3!o`|Kx#nP4G2fZHmdcNQTnCc)Y7e_VI_YYnW`Y0ld*ApLHsKP#4B^TLnC1tG4M32 z%ASfB6p+Jqs#Oz6M}w#_qUNoBKT| z5MaV;RYgNND@In8W>JKt<4U^=gf$(NDH!WnCy(9&31AdmyVz%u%7pf6)?9%Q3M#{s za!Od}qU37YRpgWiQe;3;WE2`}FGjADl`S(XbLM^nTV5x-F5B>91HIWK46{dm1uXYr zSi~yUoOXq(%_kX~fR;vIqNxnU{M|5&$>>-1LKw!hAeJN= z{Bog*w2;e@>^u`FaW4oA^2^|A)#4=cL2+%ud^)$a2@`}ZQj$E!rRvK}mXZ}8V1A)8 zK~CS{$;ny=$#c#%A?qigu!`DHSC!pBE7SS1N@s#OOLOaa@Nuj44jD)9>Ci$)Kb!m& z3JtAnPMUn<@?4&{$KT2xqg6UAhTyk{8_pGi8-*oPwE8O@11N+Huwz2rLQ%vL%j{^@ zO>j#*bH|Q#Wt-00T%pj%j*j=XyCD76pBdSP8!bXsKXV)kueq5@7sE-Y#3$LYAkz|t zI4g<6pug(u6U-PK!6^Yi+Ii~*`;r$zd8BpSPj9h$S%zDz-L zjL(b+HaX>f&1n`Kq7p|&5TA$;FDG~@VGnB4g+X0JD}=~7qAe!oH2yB087>7g(x|c* z&zcZeaRa)~>YL*lgi#2EyU}E!F;}C>bS#%O7B){_$B0*uOtQ)&Cv0s?p@Zo+s3@&5 zIiNeE#86qxh)Gjur#N#!PSlps2lRUIx|A_oCxZ}6n}5K%wbU2qb68jQjI5=%VvzUUvR1o|U(X-7^ZJvJ zgs@6}rCQAn__U!rkUi=hS=)ltK#!X2<65rC$QcDWXm3iUK=Rps+9j2=PDRR=Y8sK< zk{7306$NBA>dtjpE;x7ai1Bl3ZE?=7V|Sdt-5@IR%!cd-HC`&1MnP+$NViZa-e`>!#^+4&TH^p194jp6 zVvyVn1Z+u9z>;i%kZO=Dt68$mQV(UNYi&e#7GTyk!DCu+rot=x44AC&&xzC4i$#O- z=?r}!pj``&%z~clUg0|J;#(@cI6FSimhl{vp)z6pxR{GGupAa=v)%*Nt+fKy@u^@) zX?tKTM@Q#+PvQ)1$pp@ui<2kg6om1=pBubAu#Q3jauUo1_%s=KEs6<#1aTNl)vPTd z+2%o`U8e*gBQd9+YFVfBhK%X#5KKX$K1@MYS(ykya$#xJS*OS&2M8mthyQxBwWu;sG0B>@5bew~s^BRcG2 zJ>$?nu8Ox+YSC13mCM&D^F>}&y|&dO5z(?tu?)0-CgN+zdjCdTY%Wz_))XigKDe3aab)0R94M!L*cm#JQtmvdrY)w-% zhg?rAG3q*EVGujNZspitKX>^pND1Wb4W%l6B44Zc(td*~MMy z?nJ2eFzrZy+rXXO)rbhTa3}3UIkQ=qO++ek!(BUAXrz7;1gTL!$=W9Jq9>YA&ZDhuvS8P-z1rL5>aJsV63n)CcHdNUcomZ^mU>l_ zb4db<63wo)hXYaDT6<66?u7I3FmV~WEo6$OmqVv@(p})RyTE}Q)JyjQXB(yqK4BKY z+6o9;6-t{9sI@I;i3l5BKcreyLUi^}AS?(rL6{M1#LEE1sA}fi6G!zB`910*f8_C_ zr>>*@&F1Q-1^Qm+?ExRt6}HdQ4Vr5N)EPp^GH4()3Cd^^_%P%#&q=RVdLpK-_^<*M zehHlB+I}E8r zYFpHw9^o0%b(m)GN`{mg#n*Pt5%42JrL^$sL_cgGj7nNzmMJG}gmg%?Ga@|4o5_l{ zwbB)6)9J*m9_>;zAXyPdjxWtsj#XX5W*Bx<8Md}zWiWc9(kVW*%y1G!+?p|BZ6lst z$Da7HhgVA*(cM`#*z)U0fC0!AHP0?ZB4*f7&GsE7b0J}-5^@MrYZ?L4!e-ojF~v)E zn4VR}mqbrap_=UuNKf@5_F;*22fL2#qj3v}yN>O^WnI}5v##I?Vh*SF#{74r8xAKQ z+iK>nV|!T^IvHA%DkqYFS&r`EEsBlC_Igs;sZu3N=atu$w|`WP?Q{_4OcBH&{$(nBmBe9h}zjBS>9qmk`bZ)Xs;`e35eg^_SdE_29Tox>@Bte#)n6!yd`X}wvw8J|Ah1&%(AWYFt2M9U+&(e$T8vx;j)o`wA zd89w~cet;ajDFiuRg)f}K$6X(b{*Yau&%tdWi2fe`S@Of-UU~7R8)=a+~m6Q)|Q&F z;f`{*P$&*qRH%)}+x|TSMTv zh2v=2gHPA=NH#Ovx?lpAhzj-8_#k86pe_OM{OHCl?L2xHYxX~@p!4jv+#GCz@R`NZ zq!pCGkiZ-@-Fi1m#v~}0aZ8bM<;asexd3^L*9ll&LLQAHu`Jbot0ehcw9}dG_>8FT zdN=!xh%!!V_IkI3l|-3_qR~|}AlI-ncuWEUd{CtXB)~74pLS5-f=^7_*h~MkH}Y>v zNuAE&!)o&x*`#&J_2G11VL~UIvW_$&KG(F|$IX{}c{WQa=_gxM4Ifi))+M+J4)Gxt zMy_Pzy~=J7e2`Uw(FtS4vUDB;Uoz3Ptgt4E44%}~Z{quH9MTGh1;T9XNMSfykdj=C+Il26D$mM~YEOj@$ZfIGREW3Z zI@!8Na=cflXy0sf7fWLFVMn*w=&@V*6%MQo|f5O~!i! zN(Q74&h`p!GxIs77o>$(_SEW(p#9`@v>OC23Nnx+6kbR;tWv?j)?|-SBLKcX>9>J#9}!ET9Wjfzl)Rj2tsZoRdI0BL%EB6O6PXPnzcG z`5(Du+ZIsZdHWU(q?o8A(E6jdSg&K z&>I646;1)p($C%GcKhePVV>Te#u3q++is5&n5XnK+mv_!PrQNAi1=LP@;v=yHL(Y) zK&yvcNK!b{f#GDz218JTu|i)`s7!7}DK-7WsEAZ@}*D@HeBND}tGWroBXO$;T z)uyONYFX%nZRJ!a0xFexx8jKcAm{UaT{9k9i0d{R-oX%tuSGdiq28LGr{3+aL;41; z_fPs}(8wS%li~a2YnVo8gR>hgw95|>~X2z3k zNlMsp*G8QE#ATsS-|5J7b8}X(Xabc$*)Jb%-kPWQojO`%)v}f{56nfX2Jj;4s)HPi z-wU4H#vG>XzvZ9|F3;`Q)w9wOn?u>H0 zYXD-HF%|yOH!XmMsx?KfOlusNd$`1yVW)FG+N$ii$c{11vIB93vY_i$jExR6MgbrT zXuQTaS3KUUZ07)VHN(4FHw>BIztGlk?>@Y9ieS#LRT(g-;5}TI zGbvlsyfgLihS~5ism+(Fv(h=^s%8WJCBKnK*La!AGvsI@jeR=1oDq;(wVjeD+7^Nr zY=iWUxOl`Ac+KO|3xW4+=HoqEA~ncZQ;LqU6u7KO8m9z?8g&?Oc#pjC_^IP3u6@|a zqsI|KkB4j=A80a*1I#Qvmf-tN;SL z8FXTThJ6R307k*0sT37}sh0JLNHAC7F^W-I5d}|Z5C92ee2|tyRHvP|WWgT@&~d7^ z+AQMFfgpg8I)Ix_0T9IoQzIWBHEGN~VU!DJ@d*+*jZUsaanHp49581AjevOnHmMd_2W7sxVppe_O^B^s^?}5$o4U^5+se&oT04u~#1qkciq@_s z$}=7n9vAg^T#BQ)8;?I7Gy#R`#*rmnB1u!i3Hp~zlMVzM0}&_hh+qZK2crB) zt&GtYQ7o|}@TRC%j;sp?72kc)>&C9kEz?!7|Jzhrb%}1ng^}EQRrz3OFcp z$x^V+U`!-@)#-wRvJ0SqMxTrrOQlo*QqoBvvX-DeX9oy2$Q}{gXe%ETDCwq@e46dy za&@Z)Ldbv`@Oie7jACcTS_0Kn1x}tw_@C2@cMZJ(YmE3RJdsOA7#yu+Lc&Dd{Lk# zIMSB0j9dtGI0iQY)uA$_vG!;*5t1~+MqJoRl0?CPc88us?hA?}X`(LaA7*Y{15X3T)p9-Hh%Eu9b9q{IhalD70e zn!{$2G-?qMU$V*6w!jd=r03*f62^-KPiQ5X+;*=`a^+z@{B&+REFx}fW1BW+2}q75 znnIzBeDXumY9W48d}wD5g&1igiQ14cBEBe5lW-D|jY7q6NST(KZDT8Tl+x4F}jp*^}ffg3L{15zS#UiJHN-k|?`&RX`R=PA()m3}Hs1 z5o~#hc5?8xnJnVQRyJAyu2`b#Cc6?h6HB!<=?!aoHloCn3T%=y96>2Q&LL@iz z8dAIvEP+FijXJzw-+|9)uQs$ZrA@RGHk%y&TdRxZ4gH2~^DFCSDJNoaHzHhNMmpIX1TeiO zauEUK3`U;IFgSQZ3o}WjGUV-r8QTyVv0)pSv33-Y8i(o0JTtPHH6}`mdJ!RPgTT=o zHi8+8SrPF?Nt%d7MA4C?Avbt}k)+N%V@bax3xUv9lHA5&WWBu!KvSI#D%RSX*e5@+GCR{u#9Y$q=|~6mP1I= zxSMDWo7tpM?TGlIO`1rBRm?>y*xIVyFvyx~l5$&{q@{Cb&)c@VMBLa$qIS%PDPb@t z_c#R(D9wu;rZhU{ur-}q7DaQ|Orl0TBH~LD6%u8kC8X!%ViLp9)uJqSuTq>gP`!q& z&&>3}4dad@Zfqsd0$_y_mBvj+KG|sc151=WNoNk`dC?p;lBi|KRuVN4kccEF7ZM$Y zFeA|jw!DpYcB-wyMBLa)q6OfJC8`lbrjRUAjR#nw>``(SLFOj3h~}`FM9pAZNmS>- z|oe)WC`>%6w);1$@h2=&{NHG-9u9OTB z3lO4YWsm%ZtPAM{I|zCqSb`U#g76HyHG)5BlPX@YIPi}4IcJl@yT+=9)l?015O_Kj z239)#yeo8EjtlpFbqYk%y^ZmGNjP@o0Kza{7s=W)63#i z*O!&Wd;h;+jcAZtO*SYx6jz4$3(4TNpt-e?ZFC<~P# zg{#}jk~9&EURjlqi)?MJ!;tpHYDt>dCE~(1k}R~~#tuW;FCE#eyEy=`_X zLoB#N+}Or8nUaB>wa{<&_B$sSCisf_ou_k)?$I1Jk|@(LKzzwIle1%TWy{Y?bQrpf zL?gKJ675umShpN;V=IXk04tWL20R@b6`v_eA2l#TqUL$g95$2aaGX-MQ56GAlwaqN z0<|25FeA|jw!B0;l_Bh*kx=bn)%ON@45@pT0+49V8xPDH`$e>YA9GEOmO=xkfc%e z-6d%Pih$2$+hm`~P@gVle0v5mictq%Im#FFi;KFT}ee*iLmI z=>V6pUfBv9Np&E4Gzs2eO+_*!ykT%+PpAwiHEOCDmdV?yDFyDG$`I=d`*~MLhD^9Y zc|bv3WymC*;hND(>#h_cux>KqcwyVfBO*9QnL;u|2pJ$;U}hpW54sSV>19c)az>70 zVh`sVmS4$n7zGBS_J4uE*I(lBG83BFdVGC2W(P)V4`aifz)lBnyGiR+2Q@Q7=i=<*vgt(NWwCZBL4d zv~e>@5*-78Qk0|yr3@hw_+&7M>e|X(=SkRc+h>!D?JlQi3u2?N+#VuTFG&@cm!wdL zxRY2DHQr7acEz&0B#mlE#1|wf#3;F18|@`I3|TF@hMl(kl01OOr_^H``pI-eQ&*Dh z4%sB?xP>GQYj&1op`E_uCxw`#cuczYllD-UKv#?;Bbc(1q&0}I)>_!rL&S}3P}ZLF z6ObJHOYUr^rJpS}LzpiVCKd&-g-;k@jOMTr$`(58%Mw*FFqH7?jzouJDkG7d)C<}58 zdm_aXmK!M{>0=NyB8n`4&I(jt-L(eQ2~w|g3W%-)af59-1w^AyypygIn&_p^@Nb$R znTW;VGg15fcv9O1J*nw}#v?rMj1~0ru9W;J^gUndvCUSP65eVq;)?ldFU-{3SoCi)_IG5Nty(Wh{8*BT1ck=8OB$)qwWC zNwNS?p`Yw4b6%tj4xww*Ry$qTWKcAR%_K=SwS%9Oq>Mrci^8L8p|!S^WY|vID@nV+ zkGQanO_myIV@a|L3~Vx`LP(NPTP-AM)*R6sHj|`L?QLu_C7hUC*^tdv2AIS!WEn{k zJXHHhdk|g3g{>r60H{!ssRKWQ5{h^vUnNQ&wbkMihBeU~Hj-qaZ@!4GDPzNuWKnc% zau~9VB-Q0+EU`98xhvnrw6J-mh#Ol;v;b7GL^bD=kCTD_y{>e#K+?m(lq|4FXq48;l&pmPUf)ht^^rieN_tdQSmd!0S zv)KfflpH?mtdmc;0(B~L{JI$7pxi_A(Q+|6G|ur)az6tMBNc=n7!ekD^kb!KqaMBH z1_drD{UfbNxc*4WaPUGmaq&XpsGKX{)iB^2Bi83;R^W};bp(wkg=X!|hDTy0V%6U2RZn$pJP74_0*ybuq97s<=$O~J~ij!oOH(P8c>R1DcP(h`|rfO`fqD!Dh! zTDqfCrzW;DHz2xT)9h`@rje1sLC0aRZ~H5QC$tuqS~UmR(uF!B{z|sYiZ^~vY!_=l z^!c+PS0Eb<%oc*Wu*Y~|^U9TUk1Oal+z9A)eY3sxpnrf|XCq{R5NDw$8A$}hSyX4hp=k<5)M&IpBMFMA z(H;R$jUsAPrej+YRl+C(Mu90RNO3~}st!@m<|k|%(LPStuyKb86Kx2aadGoLg#1u-hzpA zP=1nH>S+;{Hbc5Md@k(f$^dn6ea$Tk6>PVCX#utUXqS`S*3^4*u-jMrNcOfMos->! z8XYCy;%x33Zf^^|IoY~M!BV8dZNry+lI03EUoUn_}}4d(^N6WiXi^XQ$$p6$iidGyX&&$hViJi1%zfiuH#=w^I} zf6E*OBTcZ7uQc!+VgJ+A`nWhxd+mYRhtWAHHkFl^9ef zT4%*L$G)-&r)v1_hKN0necwPrXc^eE%A1fiexy`hV^Ite&DtDRs{k<73z$(ifHwsI zu=9-9iUFccM@HBu#G48OQ>}!iO%~y(PsmPf9q6Ezq>|E%Tn7M1zd8Wm^2L6RG;Vxa zHGIcHZSCXk)cYu5$|ZaIMtuhWY`x#^)OP^D7SioLditH#;X8V73u1O3-bKfVFHI!4 zf3AbIxF2e26ITrUl-32_b2f;8Klu>tv&K6bK~5Qgu)|DFLwk4eB6$yOs)RPnrj@ES zMUzs$Hp12iUZ?S;6pG&A@lVT44vaGvUCFp|R%B{RhXQFAvLYNN6TcwUj9g5@$T=9e zbzP}6XUH>R?tXZ~jh%YCPw78`t? z_qD5@s^L5ES!fm7Ofj)B>8UsC=iPbl;1jos4)6SINPWj@?RB}kQ{S=L+CHQz&A~3P zi#D!#m9W&I-(K%?!$1 znuetIy;(526&SYWGoj$2wO~{=dWN^A5U^)jCN{j}Qu z!`s{R+Lqf`f^+|h3wZwGov-^bwA~4WtK3K+vKlqWQKaKJ9aYYVMEDui`R|(|sl6Ae zwMCtCZ*-vsC$C>_zMTydQ76*0zaZIgKeLqtx1=|{?pJF!_Yjo`WcJiZ>Z+{8m zqTZ(erZcaRzWi6-5hOosQ6y)S+=T7lvn~_)>uMfk$LQz0EXRtng;(>SrQrwaDUNUN zp?+!jfqGVt!^=Z&w&O8d9LYJWq@2~`@N2^l+)y0SzE3%FFs zDbw()hr8FLPi`g43vjEC3tBqWV{ckrUT9pgpw-_Wl9vn`_q70H6*W0hD!+ShQjTl? ztFn>)u;3(r=@qqp&|W6*L-m99mwwRx;!hdL=CS;TI{0to(Pwtd{8Bu;voi-i3UTRY z&eKvOk+z5kDbb>R%Cq;E;+o`drSmNGfNj#YoiuwAs#&FJ-fv0Hpk0l_`rL|lnr&Z6 zIvHJJwTQSf`Va~5rHpBgyE6K~)cA(QyGI|GRBxz0_B+6$CVG}$9qD}_(&E(WeWMR& zt1iVc(>sSxo^-n4%LMP%d_M6k!#6VdDAmiRLh>lQh5!B1kFfkmhm}o_AiZz~th^Rk z?DF|H#SL8-b--hlA4i!D@ycgfg0d*1?;Xk3O(Ql7FLE&aVu!Dv+J26``qF;%nwGs9 z(*DxpOTQhyjpA?owDaW`Yf5ZCG=$}y9E_QZI;#7LE_mlZ!OgelDb@QrLw3Ffs#!gP zdcphVHpM53mrb#Z7+5GSYGVO0#i`s?#5j4j4M9I=7NnQILRLkzzEhcb`~f=z7|raCfhd^b!2n37E* z+VuKz`Xs%m-+uY=-~akmnnI&ZMJ3>+|NM;t@HgLl_w)a0s(v~L`On;Ao00w1b$3ei@x;eJ3w_P{3b`j>r(0?2Ys?O?oWLJSCc#K zuf?%wO4V082Ahzm7Tpt|s~?Nab0{*DXwmEQr_0Q%LEoiUgYt-N3hS#^tI-;6JE@yj z+n@71m*OgTti+u{!d4AwanfNp#vP24CX}#?A0{*OOWn(j7qNA^uAWT3;sMZ&(h<5a zCn=l3!E)xn53x{ndXKV@9&yhFrG{B6-Wdz|DZXS&yn2C6B4ReB7q=K(ij(#Z!)w1C zdN6V?54Lz>rWh;0%?l)D#4MfBr%*GLy&tTKFEXGJ8IKlK*hK$?PN-p!rQ^ zx2yaoK`y7qN%lr=GTUfO>A>k#RN$#V<4m&b5dVW%Mzjr{=3y})7Co({@u{*WV1;AHGs{@QO7ovJ78oQirt`-|!c z*$~xD)k*O6`=5UJ{+Ay#5?}40b|O&4km|#T$j@#El#1{nbE$~v^m=P9;H#VGmru_z zs1)rLos0VYyFt$?uO>7uuhlPuykbl6_9@iuRC>}$hI+0tUyEbqyC*FTpGuOVZJ@=E zgUUR1;VoaHzoRu!zrUloksajMrZUsW5E5{ch)pEMua`3}iV1AiLf9c}tmf^op&<;n zotV5Ngz48N{B0rZYHbq`io((va&ddMW+FMX;@i1ZMN-#`2i=y89R zLGhuLhbr=zW+Hp{+ZabbQr0tE_M_{DmA2CEN7t`@bX`E?${L9s0Kn!L-K`?_qF<<}Te~E|^dH_T*c?q$rb02H`f0V@TNwh{vCAOwbnysvMUR?W)S;4T0*u{8(3}o_v z_v6XmN$gcKN+5RYc1R?q#15G!Yk&~pfr^>%5or~%7acksY4}c1BzBKb&8XhF5tJ=| zEz&G0;ENsv3U+!q=_K1S9YB!(3LJ0BT}#8K%u|L3KY9P~DaDZC0g3M(UhoohFIa(O zgJI<%=B+w#0?_e1e*}(Z0mi%vkw&=vxVowRyC*@E>u4ZcJf*;<7TusC-0Cd8Z5dq; z-M|hD_-u5kkWGPm@JwDpxJ7ebNx1z8Li5euUM1JckEN>96+0ZJIP8sKGs2ZmBpl+Y ziQ~!NNw`(RO~j$YEy&#n*G@8+<-G493;&^+bkT*>3D>$a5*ezziY}MemPbKevE?e^ z_Vb=WCy8*y+4JzLgu66+Dw>J(tAx8We9A>-_*KGP8h(gIctmCHM{dTc?o%`pu!3nn z&W`}!Oy=N6))B;T37NEa2#K~e4;2pgL*5ci-2{#8{hW8em&_6H#pZY)vEwOtGP&B_ zbO!EjYP0AMA};`z$xDd6XmqTJ9WrU<6V)amc99P7ek@&J-qWeopvN-)`Ssj3b9)_M z`g1?Y1>O20$@TRTtSF^*$Woc!t15m!Ow?kR)vp9FR$h=F-Z(6|fvqFb$MHB3`S`xr zx9)<3=FEU8X%n5o+!l4ZRM*F&Ttw`}x_&=C)->l$6IneCDaQ-BT|NDf&y1ub3WwoE zJ@+S_rBoG6{Gv1LetZA$In{c>+b9>oS)U-i z;_)jY^cplxHYpP*G&Np`FMF>}))Md*`5+jee0Bo})Nj zX@l5x^&Jv9+}O-Gk28{)CLh4V4rEHZnU{vo$>a+jr~5cN;8`0Y^r{`4S{qaNV<+;1 z&q$4+d2sUt<=Z%o z(-rp#$p?2W^)1JyrK>gN{N|gKaix$cN&*v4l+>^_IW~cNuSCY-U7}4qS$3NU8oF9Z z%6o)@E#UNPlrgvA@lk4!mc z9}ugUHXbU=;=TY;O570hMm60K-^5ncc*f9t-ukM>ce<=WkoZGCs;Wv<5^bD8Q@Pbw4X(XT8Ni%4BV}?@ zZ@)jytvLgWxkNh=XuSp<#BM(j{NDE9gYqw6naT_offhOA8Ovh6j|tfA}G5z#GMx6Fn4autdvb4q1bBLo$|x9N&8J zge9%+*M4XqdXgu*uKjfev$WJY%_jOoy)v3im;=&ZHtEP5F+>sOfYHcoYvzD7+FXB- zcPYP(bOwDHOsFzMY1(5cka2WVw8g6I0E@hKvy1kVr4z3S9>efrEEt{{>k)*SD3cN= zBJ_rRc^e;VjN0?so4*{8g@^Qo2_KObW7OMQicu!WvDA*Vo4s<7^sMskd952GDq9=} zk~adIEk@m}`73=R+cM=FryJ&4?;k!zDS-+^DW>hmpaO$3nIlwO!()1&bfx}eN^a~V z|KC!O9L4mvQ9FA zJBLqsoeaMkgs`<{(@;iYS`Ul4AuDIbd?*)CQ6?G>NbGvmZ?3g;bWeg$x(^mx-vYt?)!%ya*oyhjoXs+Dd!M#16bG1eP>djqAi=> zWB+LWZD}Pg;AU+Iu-1?EgGO2HQ9AxOBnA4^3X8O++HCmZWtN^4VDHZ6hArY)^VBfv zJmPv%Kz&39wdH-ls8|^|gIPH;bd?lfup)@B85)*<-hd|BAYoSo2W>FHNm77|875t| zg75Zf+UzH!Zl>>StJVIVoAtTOnMFXBtp+QoB?UzvScjZFj=|*J7Zh%csO*z;%&$fX#!o4%O2`T7kl~ku(8};BDY(2K z!!m6@6t#;UmIM_?#6a6do|Zp)CyOw)Yh(!4t9>CiYiUTP&Sps2jeHdNgpk9Yn=K8W z3Mn!?czP;Jy#+qG3aL_RmoCItA>~SsCpa z&dieXbea6Gv2Lo`hk`F+3(*EM^+i}WS)W1FjR;??0wUyMu)gNA2e+bus0V91VW0G@ z@@|R#>Bd@zqs`jC1OJxS88_1o#3nVa|*b+h< z6F%B9(g(36_%zXUZA(q-%|X3=CCdvjlgUe1qw4jlQv6QHEyXvl5!SHAr05y)S4d;Y z`~hh!|4B%b^e0aqhCiPCy+{L%GMOXN+(5xY)C)ZkRVC@~EIg*nO!$bj$Qmz~bXU)< z=pgGzvyLa?8J1f*(r5(GwuIwgv)dB;Gd3p8woEC$JQ49wb~Zm;c`KSTVh-Lf*d1(X z9q*MQqf-mJHc>dv5w277pSziz+Ybdoe=}14VU;=_TQ!By5`N|sT zZa2B%xVO)>3y;sOi;S>O#N5C(_S`@ z{4Y1#o@mLaW+3vTHx!zRhlTIzi%~c0>nR*CogfggiwYo7_QGy&@ru^`=(nv2o8!q^ zPC%lWO@y%gwTNZgmb*PfRH$XB2dsAd+?IwP>H(`AKWoFMdcf&c^n^e_V?jQXc1nX~ z__?dxH+=4Al;MF^i6`DUdXwe79^f*U8eNvNY&_OS)7o7rJte|3nWrIlHWb{^*$y8REvhzkt9K&{no`~ z`$72y@0*U1&-ARMR-!R=baGE5naHT39Vz z1Yv#XK}C5d1{HUf5&EM>0-ugS>$G~3g`q2G2<5B&N;m9Ry7f~k2~&yJ#C4k>_qlGZ zwW42Xc;9Z5R()1g)AS`hTsPLJB!69v1$D(4xS zzGupL#*_Ys%1KOpdd7C?_Ya?m?O8h^juE#db8FHkW)nAo_0aAnP51xTmp}jf%lBV@ z{P`!H)&C=hy?^=Jk3W40jegJAYJC6fHJW(RpBP>a*#tX^sIa!$McrScAjOJ?!uvM5 zO^p+M!)irr?~WYYNhhW23k{L7(QOcvHHd*leu%r9W%ZBDr)}(GLH14WXMFZ-!>ufp z91>BF^4A;>{^jd0|M>IQfBM^({}63`uGakV|^zTIOGW?vB?vs8z zG>O}YzaE6=2~C8s^(rw4Z?!Htb1D!rW4i$wY+1X7{JZv_O+dAEIX!E?njdK145VmP zU<|kd?v;;GU{$`e8OatHlbBcBPHL(qs{LhJ{_zS6U>!;r}QaY2;l;d zel@gWO9xX?NOZ7kWV3=2u9JzJ=sPuRdR_Hd4WMYH$xYGv0o;mb+P5z^v>Gr5!_V`C z60LsnJi)2B^gvJaLG3!oY1x_Rrgyrz12%2ZOsZ&20C2hPL-v_nV~pky))v84@A*9! zZ4bly=$ncZM9Oh3YRi!`Q45W4c+8dIbqhfKXz^4nsc3$A!43FTwS2A`U!U;=HW7Mp zjcYsQx|(>lBeWUzcs7lEXU7bl-QR4GF_VJ7CS2nFkMZ>U z=CjGBqLL7DMIDf0F?Bp-Q#^3Sw8EakeeTEPMjg5GnloDC!7vH10-Hp%>C5#h#~+Vv zibn~V^mb_f**dSt%EBIEb_|l#LzLbuT{==E53myxsw5Bhcx5#89?1Yq2RS_G zQw2FZwa4b^(Cp^`)680s^Mf1mqa#y;oSAZ%W{AJzd!S~jfYYLf$d51{2RXYA*L6=K z@9BBiXZx2>SKZ;+_fLZsGCb3gR`jwI*zY?O{*2qq%x)Z?EJ!OpeGSxnnYC!hB#KBK z@mU2qJoLb%@2EQp%61CKY-&b{K$BU3(#aRVrka{1(#iAT^KEPn z5peS$hlkm!Acy-PY@QBHYrq;@sRcPdB_=;?W5QQ*s=)6e_sG8~7OVuPxJAk&tZ>>- zn<;^-fuc~SXIw>-FYNH_3-Vy!Oo(YGOXj>3*zXK-SiK-JbA0xiOOU_e(~iuTFSD*0 z`4Gvrk-)Dj!1GRHZ3A`^!80SF3S|bfi^K{yP5@AkOJMSS%xMs4C-;;^WC5vj|I-asA7*LrDam z(g`GD2Sy!m8WN&Y3gGTaMdqn89#gJTWh_>(c{((EQ6(70Ha+|dtW2TDW32~y<4(pY zAmP|l0jEWuSy>OV6S=N?&5NS$PtUkaAvyqfD*w+3QOXl}&cNu$b3TSAO{;KuNMt@B zL>8o#5PgZ-2*#H_c@hv**(B}@a=5Z*(s$IkSP69kH3-Vy*%RcIS-|>)d||g~UrB{; zB+8KzSr}dfC}RFYK@QiEL}qSNTc9RPs!biNYEzQjU0(69L~YY5$l(H=NnhC1r18YX zjFOc8isxaOykwn?B`+pa5#;QXE>!O&d){gSz*C~lr7A#h^V3;QU$%#-e)pHJUw(P| z{OQE{<1cR)xe==fc|XH3bN*m5W!IAIi9E!mQm0oJSSSoQ*UBe;nP^G3%jcCjq#qCTNf zbgISkww6XFvDK8CI9npex~s&Hjb??80f0?|Vy)@7C zwy;Qm;Zb7p1@J~lJU5&qZyX7#NZB6BQ84jgB8S7MJxvP;R8#Kxo48{n+mLZjV>_B+T{yCa^wqOOXte~oJ1OV58xI1tC%_- zA&nOdDokV~jqOR12oM< zUR2JO=eQCQ&`;sfOZJ^jHJw+20TOO<4ek{?+ji9~x2J|zE$^33;o&J$l2m4s$PgiZ z|EKcsLlTUyOzoP;=X&pCLkurW=0%X~8I(UXDh;momQwpc=>`qUzP!W65jca5d@CDc zagk<^7iPxH#z^U`%xRS@@kOyCK9GMCq?hml!+)Hui(tKI>plB?@wQ1(hXSD4TL0HL z9r^1jdt&S0p|(<DqD}C3yAdNi~)l(_%9kmvoee7y-(28k!V^V1vX%_ zi1|oNd|5sMYg;0JosaC9uZ3}G74zWPVC1{U?w#!~I@1WO%PU%*O=_&%S%!369O`BN z!|Yf;DHxLM*we!%xTVR#iv^d3!)+9Y&2@*cPdSN9zSv8AD5Wa;@?v_7t$CZ=EoNGW zsws)J>B+w+s+tjwDLsDuERUSynkPJzHi2W8E5s5N7}8_f0T`Z~Az#?jV{3d&>-HQ_ zh7=I>evIThqkGi^8%V}FHBp)59)3Soz2`oSY`iH__{TMpC|>>wJ~h=-e}!Xa2651!CmFus;Fvjg4_F#L z4@pANZFr~jDM=9NSM$v!zjBg?i3>n9|1cNOnNIMs$UeUO zYA#?6hI5*h;@20bR2y& zefDtKQ)zp4uFa(%6^4i>QvgJ;DUj4hzkh6yI`vUqx|kX;MLKWzPh3%Ss_ov^ujijp z(Quo`D>j=SPyWtmS@oy}yjn{niLz#7O}|K>agT3M zXW@$+JlZl6$!N=}JGHW9k1Z-Msk+FFAVoM&=6Le=vIg)l;r_T_!oJjqG{~|21Vly}cp(!$BCTSLsx8%# z)?YOUdREVX#8kU-hh%iM8FIT!Hhd%7G8N#&mJo88Iv!$;q8T#T(up(3t-67Xg*HLH zVzS7DkG3pX1L6rmV9!2|Z3)>2Yl0MI1IC%WB-g0=fm;=Bwh7sL*pHBbvq#SKY#q;>tCP3iPzVcwh6aA86y38@=Ell+mmeBe|ipI_3hJ1GDVIjAKy)H;hNBSGGv0<3ZwZu`B)@G{m-STOb2o!Wl7LMlnP!Gme2|Z> zx-9mw99dZ~9;6r4Ka}-}B7gb%N4fI&r>{@-S;BC44}(&0VSK7-n}@pamIVs!i(-_b zp2V?TNkfu__a2eY?ziaKtx(wu)%+G*gVN-4kZrPo|ES^H@1sg&q@&Vkwb~)(cY&mF z6OhENN$8@ZW9NQsK-&zEhfj1NKmwht`}3VZDjL$Fe`6!sHV*~TmY$2JpZbj|G6DIm z7#mdAHr$T083YpJlxA|)Kqf$fOyUtB(Z;Wr;`lvSdV!H-{StsAmVRh)aj&JDXvZo~ zmi9G8U{+lupwt&DIM8xKWi-C20%@I)4e3$iR$-wi# z>{qEC2Laka6|PQXm=QI|RB7s>kwvLZ{zZTN%Q4%)PqJQ_8^nL|y`3wtV{2p66cut8 zo(vCB;r+v>nw1O>RP_Gg$Mp=PcI&<{?@$Q$mN1zE_Nk#2`+0EBrfs z#m%&nvLbPCz%83pDzBW{X@Y*~9$V+k{j1kk@Ya_NJ~|QiIz?|k*y7hB$aF}`EmMGR zvMG>?%i7g1_TEQkconmKQvQb~rY$lzH_Y)7>tx5$kqV1xcdM|RU(TOSz2)rk{OKCv zu!u4DE$wS+bm7@fptUw7t7iF>G*HHwi1q>h461vmSx6*AYheN+K(XQ`Rmz3MM$v#a zZ(Op9WYdWN#ubn}Nd5}&o2$jK9aNt=Gwo)JT9$SpLdC9bjC#RKKZwxZP8*|oeN5ES z_K*E3vtZ6sXr?D$*h2|DJ(krnBqmtQo4A#H=FeY#|K%?~|MKOjuDYoxlVmE8ald;Z zm{UDzTba5R5@f`t;HymdNV?VjMA78dIk#V6G0N+d(8$b;5nWUMy6XA8&p&)4*;1-9 z0V<*nh}%pZ#Pb(y37IRyU$mvK41(NhOaC8KHyUII;o&<>_-M;&e*&+KAX3-1+>&6i zn*JW-1zR$CNwh2)R()42q%hKH>6-NQ=(FNH?D zjd6#``x=?TtqDwKB&_W!ih;0fFGN}0T>ZNzS*VFUZSmk9B4(uSbPfVC&%W(h-cU69D7$8Ty1ge!L_T^ zo?49B6lFu6MdrT;*Of*rDPd=<0^c7`{?6cv?Ve2LfK}_BBeg-h_R%cojaXTD&EJLs7x4<*&eU2WLu`3S=0f^ z5L3rPtbr{@Oy&>)Xm?=Cc5TPiZK>>DIR8j-rTrIxx~UNy!b@7=jZ z=xb#{wKZ55L9*L1*XC$>^8C0f{-uJSLmcz)j$H_ zhm(V9F0Xj>fe9Z?*@Dj7%#>@X>Y*w78IhJi*rD?1l_Kv_gb%4Iw$Tt(`U3a0_u~ZH zH-E5$92RuUX#{|#@+jTu6;F|pPwhanX0v3m1hgT$!K-1JtsVjzo-<}52hQlnmPZ{y zwqWN~qiRHpMYa%u7CGZ|c}aH>Og5?2R-aRSlkDhZM}HW{fDX*m5;hwPv%qEr;?e zo<#XLTSCr5loCk;8vvtfJoRo)NE;b!tNu900hlxOCzucQSlowav)IbL)?qSN{7{a? z?d*4tK2&3ISNPqd=Uc19i2#%9s1dv0aXdO4XJK=QjNrj{WP~jbl%tM*xTF2>l-7d&Of4+E&HDlO*Ze})+n^MecEX}0al4OeEl0aw5x zY+!c*dp|ItN=McC45QA2PvrtOhdk)&17@#%Gbp%Lc7ZVp0~xG?s8~MZmKjm+Y83XR zNK-iL^pRlDn8?A&gpV0jOx;;V1qm7vyUwU!8Rq@>&WpV2L8_F9rLbd*kHo_pd>#MmsfIbud(+TXss;@#%VkPqecMYmBz zVc(t#-qWb7SK<_f#O>u@6brJ5!kE{OwSc0Pse`cZIgavbdSOO2V+^*O!v<{0GMjA6 zl)Q>MiVfq(YzdxDpq^~$#4+jy)@XhnKV&f?JWv1wVzgys6kgwtqjaa&)eg5;dwnbg+KjZckdetl6hEH)o%>d} z2SL;mk=C~~Mx<@IziT1oHX=MQDib~;tzr$__90Str1kBoQC?*>V+}LLU`vpfd|_t| zYmzE#nU;;B4saEwj)zzSHv^c=A$jfF4x?_IP8#4@UzrFG?8JnRwyanK_ic#OwJn{t zRbItmw57-k5rD}{SOd3NnNTHbK(1k4Bbkt?JW2Ofy~jkLaIkOn@{BJA-Ck~=`V|>+ z%X7XW!}6r#r4DP~*fJc+6ijZ>L({v}cV&up@m9R!_Lzy}YN9Q0p-@VO-*tg4aGNPm7h((9(GRK?ojjDF z$XELVRSj*$3J43;WD4!S{_Xkmzy18fe+f|vD0+oGSXDs}m&vYbz{8|WKR zr?=N!RL0E(CbwO*WP2vf<0#1g9I6@`>*zpJ* zrjUmpN;;mbc5bU zPPp18bGXA|kmXu$)05m5=}JnL5#9yQXXuMrl05h`B`R3>usM`O1qrV)O_Q61W|12x zg~?5_CEQbH(luI>?_neT7QdABJ;0>h!bjJy7Q47~ zCQ|nW6271p<%JR%dqM9M(q{67&6ZovKec7bB19b!M3_2AR$kgNESs3j(UuP6Aa`S) zejZ+!$20W-hXg{uxb)lZgFkGZcg955;iIkG8u0H zl|fbIQ99A_{8NB5A2WO`<*Rb`E3*a+e?0jR9Tt!V8YMOhC9-Wr5ad>*?a6~_VF+#2 z6H+tQIDNj#IW4rRNiwmjr3|(_%&T z7_>H~t6((dp0Jn}2Hjx%V&Ca!S}gEax=A}orx0P@Km4$A!d{<`^CL)cn9Ru7mOW>+ zC@l9>>dhkYldEI20Z=#l;AVp!1%jP3KJ(h>t!fmzZ}?myeyg5@dMIjQC}t{Iw854a zit05YH5({nXGX>j6NaQnYB78=QiDYmk>BIzF{$;=8;$qs#3Fg`4fSkbn8H#~F>)_t zJWR|6?6v@7L9T(kH#Vu5UBSAb96`QH!q}F#<%bF6a@;dT)aoUu$540=31eH{CbueS zuNA)02gu&AC8h>nk%zxwd}c=VfNI^Iq~Oy#g_=?6OMGVbYz zYZTqm{oML7Ye2^4ot1(#nunt{$@~FnjG{7YoQKJSgC9@+&eRRz%VZ9*t2QW z-Pr3mf;3=MCVWI%#Tv*#MCy(->-J=x0r`$g9ZamS`eB1L)KYdIF!;!5`ycRdi8=4B#H;6e!3E&$< z&7cIJ;_WL*2}90}J-QPmD7*Mwv-QOZZ$;1Auot|Et4dKUG^NNP6`Ov_4^MBat(I^7 zn&U=X+gFlOhTH>ttrwM2r(sp^X;_H#8>@rZsvIaq*X1EVP+X=E*GB0Q*u2_H?_)|C4N_QaF`3?g-HN~I?^rOG})53&j-FNuqI z!95eoR{xH= zyu4xLW`q=dItGu?r}0i_VwuvXdqUIJiL_7GGPN>NhecJ<#_rn~#%{i-+DM=UkDeSh zp}e16q$6ilPj5vZ*baQ`1lvBA7)Lg+1Mo!>AT(yIhtiaywJ4@3*0z~~o+=44PH!;E z!b4)ggpWvz(c|q+inGC}cxmPYY5H0uHLB-Z&8V~`=&k4j16%q~!CSK}Q_3kHg{+NC z;LhPwbP}jQ^2xOQ7*xQ7Oy-biU{mP^afJ$GwBCXyyMwNgVGUQDV+bNOL49aq(0{-QB&zk}q>9y3hTr0%W2h^iB`&65a!uI|k`PT8nB(P7ki z=3{q|yiwOsQF)ApL79~!bH*4wGH20Y-DC7Ib81duIfy?GD%!L}Bf}GP%mgPZz2bS_ zI#{a)Jwr0Xi*y>CvaMEI;oh(n?$9^Sad`2~Vzu-T0~g(1F<4v2O2V%CA}pP})hk=B zscw>HMaWgb8tPTwh<6JGdF8JlFZsew7DXhM$-H?;L(8I$&0Q?1pz19jaE$5EZP4FloIZv9EO0vfW+14@^$OxN3%|P_&@z z3d1IpL)RS^-&J4E7PXg#A99Y>R;9O<;m0OMTxzbH`_81G=+THogeSx{E2#PRBEGz% z_tu*=-n=bH{z9Xyj(5D90!e|r=9Ylhz-FqAoGpKyC%8Q+uqV9OsHEU2qt25+PYS4y zsHnQWh@y(;z@W^^k)f-kpy=B!8QO{w7IwW!*yo*mR|E$gGr>txfLFH?b}y3xtB|;K zW+Dk0B-c8B#@h+Vr#iF9KXmAZV3h)iY#xU=C6oX7Wtod|><;LQ@{hG}k+7@2xGl?E z3!~+V)kcKeJSlKNj-~F9v%W1R@3x?D4J3KxuORQ-mOk~VEzi-GGCZW^?;k!T1p*Zq z{@73MirOMG;E%}+QCt485)V`Twghk`fA=H@gj^$o8L<15ebb}q`Eze%othzKH}YQr z5x#%;R7jEGfv(;^d`dOM%1cY6Y~{OxwJY}6)e=E?vK_3T1hFlx*3r6Og2W$WM@x*K9+?IbbmQr7vk*aAB9M)CGBor#MRZDTTSKCX>s!gl1 z`;-T0VMivh)gG*|XJ<=5bFfZ%`o-$PuIJ;)XWyJ|)(Vz^)|t$KfwA9Xle_t1-#<|A zpq9g}2qt`lTnyIvRDei552Xe<`DZMUs=RxmZyFeES@rGgQG)SPvZb7u3T`b5gDAn& z@jx|3rVHLt+mf-H>ZXY%UeRpHdw1|6M<#r(kn9!;(XbCvV3hcZY_PX#_T`9V-xHzyGn7 z+w734R3q)=nf$P=F!|v(KuTrHK-CkTrVm>Ug{(tf=L3BZxpsQ$op`~`(FGyJzJy)n zV-VaKVz4!l$qI?-QI^*)1Z|mtHBJlwfz|Z7FQ zAz7!RQ)q-EN1LXmv2dK%7SyG0B%|W4a2~udUsNT!g29-? z-5Xt=QBa>jLxr{OWN~pj`B&3>k$Y!v?EO%~bZj?Py)hL>FJa@FO=RMYqu#N}=n=i! z6{rS$`UGIuh-2cC(zG(%6Vw*-YGzh>h6y!Dcb&{U|o} zBLSj!xu4+klN?T#Q^C^8A_qR@G+^RIJSV}X7A=9%l34;mFPlSY35b^VX5Jv~{m~Np z*qBhIe?qiWsI`p@ZA?rRN+G)kqU9&KMR{zYy-J@fyy$)YeEam`tDEcj?b9t-(L?G$R)(^5ZdM8;{d1-4nfm^fq?A-_l5awe{_fG! zf<;E3doLJtLH0y6GCFwfyJb)5os15i_wLbCxVqYjh{=+Ifl)dri+vvLE}S@RWPFZF zmrXdVMK9}YeQF!+-Uuo`lvCSZl*gW4+D~=D$gM)>Z7c0q9)DQJEEIa&$A9IJrQx}*SQ@|lmn^wqH?N+GLd=CMOyNb<@O(b z{^{$NpT7Rxwypa?s9@XQJ-LXEGxltq{EJ2l6EBIW#Q7p&Y;PD(chiXUFdFgb|M9KM zyDxHgeXG1qQq3>C?JaRNZn={$?0C1nxWc9>f{8jn{U2x3Ig1|H)YGcbrcNrVBf<$X z3BWy@M6#(Q=Pxsx&Ld21Q_arZPmRu!O>s|qYSX?w9(0o8ubdkS!;3m#0!$qw5Y&EJ zwAUTjlyR`)-i_UC%G&H?5`ZB#iD=WyvpmW*vuVM=rJt%D&8Do)PUMBy&g3=wdR;q=&7ql9bN61)`KD9bp9N7k7c-!Q>e7R`R2Qy|4-BP z(V#w&~`|0)sC&zSjV+u~1?E^kl_Od)6h(2~yq8XW&qG^AWzMEErl z2HeXgG9RGfD7dJIo-nXyM;u)kP5sBYTg9{!^VA6Z>;lRKyO_!Gjm&H!d^XI-F zI<;w9A&CILM#6x*!AvWyGB6~8&}xcK;3B$?ye%`}Uj7BJU~SVXxD<`0h10q;U0%|U zFaKgGqKDvu2gR65<$LV_=wWc_M-7!GdvNjgNFfdyT&k|V?W9KE=$k?>EuTdTMN05c zUV|H;OivVg(BYS$2YCYP@RLaZ<<`)v=%nf>aXRT6+Ckqf7~07)3lV0N7z~9aKwhGs zJw!m?&#sf4Fr=Lq5#ZNI7;v|e$jn28HIR~opDtwtY`Q9xo9)n5!W}$0;)6OhB6r*=3~Zs zh((IdSB|*8BN^mxUfB;mHf7nyTl7l#7ay9G;65(%m(C)dIgj$HK@D+clqj#v0s=1i z0@&0S`{5herbF2dkHUVOO(D}EG9TE~RT1P@n?ernG#Y=8%<-dV32Re@Ny1n@B%JVrqg+q@Nqu zrLi@U8zsssvjDoB+jJqMNW{(R_!Vjw^6=Ka`9Neou<21q=||_(rb^etB<@NRijZ=` ztrI4FY12JTFingY1pOR462MlN1fmcVs#@pvQ?r_DDPukfw!B}@rkuo-{~4H$d=uzo zCAJJjR6O{5tcClEs3)vX6PXX7cNAOfE_TfhOdCl@;=o`RHi?yY)Ubr-! zPShyTRn8}@RTBN|Hno1?^o^V^45d(fVuGpTp%8(UWg;`TDRif&5aGsdbYf-Es3Xzh zUHL*qCn`u8A|^I<=Tdofk7SS+{PbAqNGJBSiBKh-v`==Rbvp5ye26fjWAG4SJwTkN z;vvJ!h#LyEcwqT>@^`Wb7EX!G2Z&<>W$fgc$St;BC$x=tv|_ANUt%+ ziC5jLw0nvg(pfPN#3D9Ti*_e_r!&#P@19zU>c?Z{hi?DN+}c*m$=fs5+D56$Z=syO%`HGIyiS>Uc`4xJQ9M+>z3Q%wfll!3 zbZyg;PQclT#yg!H+O!`kZy|#9L0|2Fw$m+>m(U5;{+Un}o!FUh2U@2S_H5?)q^InU zgTaotUWy0-AhC#)phC_glP}5>4J~S!8DjYMevq&%J z1${Tx>(2%?#FAy0AQMEEHie|bj1p}s@&ZpWc?pYP&6=sSWD!r}6==5l7Hk=v1P_tE zxR#+D&mUMsv;O3T8FA-f@(^N>oZE2p5I2MxSAR#P%PfGp$rpB;+S<3U=}-d2E)S-Thav;6{)x=ornZPr@;96A zS3bKohFqk&z&P5pVi7EbFzG9s_LE+U!CsJnb&AYrY0Crt6LEMT9wt=9BKv*2GL|}t zEN#4Ql38T_DL|alWk7Xik)c3~og5#BIEW)mJv46Vvc4$}I}sIekc+U!Q?cNExkxCN zonKFRM;H5vh8^ATkc}9vSiCtrd(k9Ku9eHY|3!Xid=|#hav5u4J)dx~LNp6#a4HKQ z%xD;jr@zLfwI^I}5}6P9=P0JwL4VVct&1W@iypya7^EZrR51mY{7m|}fn6Gbwek;* zDYzUUU)XKhS1?nX4kb|Rq+;rLD5ezs#oVTSSs3J34~INKwK2w&ra8~0*d(G&tC)hT zWuo!EzCCbSv8g*(vngvezJA8GAto=$O!aHW>0)_Es5eb1(2Poio_cUG-A7ju;lWji zA^>_T!DXn_V#C+57Vb<@agjn~K7gLDeFo@R7najW)5ZWjJWM(UYMknCjMCJpV9)*bB1Jyi%bqtGp-jy(v zbkYQwcy4J^T|T-^)hN-XA}?ea$4U<=sv>A2RF$IYCp~WUe)SXWO+R7!MXa|Yj`lC- zq+}@2V(-xLi+SKV>n*?NlgReG9fMI|-0DpDe&+gov( zam^@E>GD^IvqV2&Q(xl;on)Jy%}`u({GEtUW*+i@VAqkc;rvZtN3elZc3`SOn8EqVc|%?)hZUx612=P!Az-_IyI> zCSTZX+M`YQMrM(r1d6SmOdSu|^pV!?(_w43^^wy$2Nsr z#Eg3xR^G)s_#FN{t?vLJ{9jw7D}#5r9~5jT`sv2F5r z@^`LiFpdzJIg9l06y$GS*_%w8vUo=~_N%f9Cv((78(c++nzhQ-9qs5op@)!9?TG8n7Eqnz)=*u=7NFzF-^n6K zO+;qSBAr=-{K_Jbi|~$a?1*HOh={9L1fvR*zO%^D3d|m^wK!`=iHJMPvl7!44 zH8gE9c^QkeK_9QKZVjud#NKshDv#2Mj_02O#IZG9W|3T74gI#qlfRcm=Buy+7GZH$ zSY+!?R%NL*qmJZXwCF#nY(>Pyj_&d5ve5B48~}({mz|KnCh$CN>F#~WG7AeQegJ^B zbjwRM`%KB_HZ;iFHu4W!FvH^%2@SG;9ui*>p-2E8;U5!a;w+4Rfv&0`H@ZcJi)Xv+7vS3+NMQJF+tvAQ>Q9nBEtlDXh2b|nKlMf zV#6+*#GP~kKxS4pI*~+|=)2Kh?_*ZzsZp{`S6jNJnTmWP+ccLzPuP9U)bS9V;Gj$^ z)TUh(A;hVUd}2*Uw52<=y|YO~n^ts!2w~EfHrA{l0{%NCVgpBbyACD?CE5|An1q5OIQSnhY3}(h@(Rt z!!jk|3!{^iry}Bxr3-G}ULO@C_SYpp%j;9$$Ro4AeEs83Kgi`xPx4TYJX7&cKm8E? z@9{;S*He4AYJ0Ere7$^5WDM`HSx9wExN07VUx_qZSDgz4B;1nDReaYh3$b$`y)mb)Wp@5us^~i}G)5 zOJ9E24vzfrBCPyS+2k+%qn?ULF6keQ%8)-V5(Vv+&*?_0tDoinedO@D;AU;)PIJeg z!+j`8nx_(Vmig`Z^&fx#^2=|}Z-4myKfnI?^G`EGblo&J@dkW3o9nYr8L9lWS$2h+ zX@_oBc`6CX@DQp9ym#tf8D21#0kfJdEDfL593uUkM(>n9rN1&faOnG$GsH#orei!t z5-eZhIjbg*0h8W#^;~918Vr~gVC?>ZCplj0coCjD`+Wm$gYTZ?V5lo>fbeRI^%+~N z&w3Srgq#H70b)h#>5hSw(FcSTZMpZ2o&a_Yx2H@HFn>J4)OKv~;W4#MwJr16FXC!K+R)Z&R%1K9T6WYW zUe1!o9GjX*QX_v|O{1+1(9+QDD@iGN3-E-2V1gA<{hz=5{>xu}{^iTlwPuT=jrQB? zR4L9L|NUQ|n^G*BND-ju>D-ahZ_1h>C53bej;k5N%IHIIT8zU7(7rVM zKwU+<;(eNz)o_qrhyyZ*MLgE;$eAXOx$HQ4ZGNQQ3QJyZwRNnt&}Fx9JxLu(ek+8Z zB;A$Yl{^n~SckuE} zD-&v>Pg-p2Z-a)Js9v4TTk1+1GEbP1v1x6~j>(?jyzd&zd zq|*>7M1OhaA`d9UFg>DoMF z*XA}OH9RcsY1d}Bxrt5dKEummKJLAmXcHjY^JWvf@9Xe0>*Ex=gGbKo?(7n(MabYrVo?Z;sJN*J;~yeNmw zVX&msE4_9wvTV_zTw4;77T-+GJ_$5P)B~1eG<9rA&^pt?LzXNEiu>eILfn28;$9Q;j^DM-YbP*w8QOIAwx>gg>*Q=rHX zqr>(?QP_T{F>;_Un(KB5Vk;I63+-@eDk_T^0XD~axifjI`m`t(`wa?#3|pk{)ypQn zcWnhXm45+l$|e!97)z2PtrRWG9gNtpyy;uzRe!N~=I23zyfO>$9fB;d>0JQ=E89#B zkI+idP0Is>HF1&vVKrt~jrwea`}Ks^yRkV$Qx-{E)mH0C+o2_U`Baf-9-J)+$eUZT z3J}dZhy7$M`Z8@iWKr;VBJzPnj{-%nnX8IupuqAwn?thbJbA&1KJH9vZJ z_R9$*fLp32T32{V@<#hV&#V2PXKNUoK(K{}VavX{fxUv_fBVPZzyA1_|B7WAY-45= z%dvPEA0Qc`FZ$XokCT10h{Y;-TWje&W5-|c9lLYV0tD^iysUO{Ua*UE`^F)yVEy_S z-b#1f&H^PLsCF+9SLZ zpVXk>;*tO%mV^L7IBN^_m(Pr+&?g(u4o5ujdPk;>if5^BHc9Tbs7LnEqI))E${2mK zNL!L`zRJb=hxM9^_A*R_FMV^*P~0ThH;bmi-J;k?xX~3_H2NlJ{i7^dbr5pj^td=$ z(h=HNR+TVX62Q*pFj#Vuyj_YW;$G}HW?5ZCnQyWNL!lB_A~SJG@}^&#z^kgf^*t}q z;n}W*c@mEBRL$r}c1sP#`hzT7Mf@1`<4YYzA zVoVK>1PGO2q6}`zqX5x24V6~ZXCvc^v5T}NnzBgVimqa(m5C+yI?aW397>M_>}yUf z+1s-M(;fy0+*A4}OD;B@g(G~I-e(xZR;Pq)$lJ}*av3jMWOGQCoF{MC*-7+VTM{x8 zGercRSh7v%80dSb$DT6klZ|K7c|E~(k@!5~n^jL1_08UyGg=g~A@9w~7A?}2!J@O| zt?0_EEeaWmnPjjih)Xa77G-pG?3+d6^N=M09Yj=G4Zql1w=4ibHpHGM6*Lyv&|t|~ z@`f!NO!zWhdJ@`#0)21zgk>~FC1dhtoPO-iW#z3`d^J*O7?4y=<4H@^j27jGc~kpA z5)qA|boPSk5UjN)8Yo4_yD2tDCn z@m@(d^YHW8?)1Ji{BYV3j|waz7EcTx>HoLq&()1RTfLw$K|eX6u4R~&3|Y`>M#wq= zekT%uPCQfu3?#yoyeJGW!W1bSafb8Tr_gOdOTl>Jm5B{0=pl9?q4V~mAiP{AvYHN* z&GZe9>41X_zq*QB8h+TvLB?~Lu_hw@hYOAp(swh?K-R78qD{r=}4 z{;P#T8ORr|0Sk?7&5BWt{?CsW6@U7pkLo8n#!+>~!>EvDFmc=ImUzZu8A3+KpqR_H@EDzlLv1SO`aj&CNhQRY`L|1=0at9re zG6ZhwlMw+#tZbWIU^p{?=SlAZQN<8Nm;}%;##DNM)ivwKl{?m&WshyR>xT9hX59># z1n%=qRlhX+kV)Vp(C;2z^4b9KYj~;RF3a9Y54gY0rU8}~i?J{+#@-(I5PFcCPR+87 z71RdbJxRtYzb&f>^YkH)K>#^KKd~?{gxN1DPzEldz2^|L3%U6->pVVRaG!^%Ys(+| zu2qmWVOFxDqz&AGdH?V!q=}gzU->mbg}a1o8WB{C`4m)5S~=SF-~Uybid^*#RJ4cg zf*Yyin+PP$YK6i!aG0#VfQu89fG)&M#XU4@xm{XQ9SCp}Cah=Sg7P10qB3 zylTypNf8;NIdKWE7TpD+BIe+>8xeagEA>}|?8uk5XJqvhv2Ax@hLfzGVSS7>V=@iU z{>tz}RKptY`-dN*+G@AkrN3euoG2+rRs})#LO_tV-G!YyqZ)3(Ff9cFvgV!S21-C4 z?u3Ba`ncbwe(6m<7ps2j#mN`eA}9aNe2oIEWY10}DU_AClS8F}%&@bPJ@?8+rO~+P z?wuyU^xe!0Rx^p5yF2t6>=aNbU<#mMfw2fEDVEkHJ1k5Sv8UJO`YTe6gJeM=*XGi- z29}D*7eFx!bu?LL1y7TY&VhI5@Oj}8o;h38dwn_V1?#U&C*ZaR%MO2W%=q8;P-F${ z`p6Zm>uSf(6+3<|eKDNqE>{D?t38WKDocMR$#KF=52#)7v9?WorMRsGC^z$xm9}^o z0EtZ^?tx18UVEkE=wc5OWFo!Y%68SBx^}8xQnV zfHg99`I$Dz=FEagLB$022PSpPjVkiILSlz0BcWbQ3KytL1&sfhLf*-K*+Tt<^h zm(Scw0U%8J%A_Wvd8x@hC>>Vk41(iP1>=MXbu_wo63F|iaa5x37AVfFSSSD5_dKrZ z6UkFV*^4DAxpJmP-jKXtd&{vB!gga#CXaOd$o+mqd_~@t0=qJjiUgZQ1{RT5#RpUg zL!O;rmfO{jsc0J0VR%sEVj% z6<5Y+QdnECNko%Y@nNm?XJS%FQE2OrXk9FI%nZ9pvGwODKPFS0f)^dBCZNwYb{C>#QBUGiLe$WvGG#Q5OATCbqrEJX?GmHI$V_5did&X z5N?Fbb@&Da!6G;YtTB%qBUQRY3E+0jXpcb<2$YD-b75MMfrXMmV=aO<1v#0 zRS}U7Ov<9Kst7U?KXDpLA2Nx%GLkBM;e#hkde2CXO$r$aJ;He{+AMaH_NNYJCQTJx z(FQowhnckKrs5{W&Z>xdXP-uG*837sFO#?{BdOv;)mK%T6fzRpNhNo8uJ}=i59oRf zXVvn?+6$dJEc2DRaeGQt@2k;EBPiM&n+}Vo-FjTBZA|99P|LsMCJqNxf2HY zl}#W=VGS+y{lI$o`PiUj@6GfF3_uVE5J<`QjMMTnw_t+Z*Ub(L3*66KXQ%pggb+7x?THr%A3 zFNtWjX&xR|I9g5#OjR@t?JJxmX)coXaMH(~$q$2?$}~yCDb)I9{R4e;KW(P-o*emM z*?Cs-U0F#L!iu)L8gr19n3)Dp0M8z4KL7&_MqpYlag5L`gn4_b#Hb#^ShJld8zL?F z=1zC`rplpf4D}q0kjGlMvqZPjLL{ee!~GxEegpf6LC8kzit)jepd&VkNO#p5r|3B9 z(8GqHP2Vl#cHUN>QQ4!s@=PPFuID!OXc%;o>24_KV6p$lq+*gGj?YePU6{vGY|!^wTOt6unZVO?&iKd0U1sRP8V=IaYcI5monIwaT#| zYazlIQMP=%6;0Ht$;tpdpg&?pfSxmHFkOb;PzJ+v=vWJPhKQnx>i~Lem8Q^xnu#~} zBsxL6ut`Md#SroQmfrHb7VSwLdf1p0LPU=p3OyPkiWU~I=}L$g>R=e-m^vN`5k>FW zflb*eO>OGNZaT8|qKx~Zn_<^czsPrr`=PLeS6 zh#MChgEslq0U$@R2C_H_(Ht0eO8nN&lu8L%M?)zDQ@)SWQG@IRLUet4tRu+F=sSn@ z%J-z=9~~g(9HRrMAQR~;2e4e%!n*-i!aIBL@EYEWKGuFnKGg3f(pAYvPwg};DgBCc zy+`(HMu->`F`>3{ET&}#zx#{4k@)nv-CHqUQz0)rwqscRnu_Q1>vm1W%kwq3uOEV$ z%#>VG5qzsB;ccdN7Efl{Z=&$+EBT9+Kjeo6?4}K?JSTDR%HO#ovS^nbG1aex!&ldf z)}&bY`A`F>9;`7g3`i?_M?2G1msCWXKoVyc8q3*8Q8{g{yB6(Fd+^7;mF;_3<->Xl zU8#cg@4x)z=U=`&)xE0MqA6xLb-l^k;z5t9f>}B6YYIq97Wpew;igE$R=4dlSuJTT zAj3n^?ES;1luL%62L~{!V`Y}nN!dBLsb~icsQZfd2s54VL*1Ls)wGc7dbgi! zrMkMmlXE!jH(e(b&0C-`PrarZ8<_{HFl=sH7G}+lbLJVYJGoYUboULPocMfQZDzbK zNk1&2a1FZ%r}}tf)pomrCRi1C2b}~mL69a(Pf~>z)!2Ti)GA#~1Ctc(YCE#}J(e?M zNo^?mBIK@%%3C1VqQCUpiy##5z=&SBtxjZ*QPiRw6Xlk_0*6dJ!kY8u9w8;DpcWZ^ zl>wKAPbYF^c+mR$rB9iJ3=gZS_Ya>6+cNwr8!ahk2yUyLjn}2&Q*e{$1Ik%N{O9WK zC6nbi6UIv)eM>C(sYV}IXj(s=WE;%^EaEt7q%+y<``wdNM%)R#C z_ok0+TpagHLbTO7G3S&zH0fXo5^kZEb`%+KAf{FRSV+ z;hHA$BJ5VQi|q!a4P%+La-h3mZyQnnox_iT4q_71_9L4tx2n&CZ6Mrw!{!JX&2h~H z)+G2OwM~JKIaUTd6S4O4#$` zn>RlNrOSTH;%2~&_N`@`rbI>#)Wh%}XH(EI(+c-lH{D=U+Ym6^Th~|yCf3>6B%)2_ zMrvX9iA@3KO!~^EeFs9rlG=BW7xFJA@3;eFL1jW7w%2#F{%;a1`)zZYV5p`W>)BSk z{IGOFe%Sw%F$jU5Xk?EYv}-71FlD=f!TS@llvh;ECKPbJIc)@-rdtj;8W?cfg&8md z4)coB^&%JcK!Pm_fW-HozfsEj%{Slu{C}EapDy@sg%1Eb#1?)Q>DD_1)8zhD(h%Qq z@Xt1al$(8IU`sNy=~qLFwIe3vWz!EU5!?Y{ihL-fV0RT$5l4f%K$5?O6x)b#9cc(2 z+!=JlCXvukqzTyI#-z712S)}Lc~wT2SL1w?_k6>i7xD#gXOB(+MA@df)O9PG>FykU zScTvg7}NG+ka;9xS^Fb{jEA!3R@S}qBrYz$$b_cbv(o|*iAuX<{Zs#3e0McK@XrnWImviqYz;y0!(YHVeWdy&15!-1id0eV4nk%-l0dEWE=hU zGXhE{YLrNSa&{2X6!L}Lru`K4)TU{XBm%(jOdSu|R7E+aKyK51Mm@-{I?{B=Y-$In zqmE<}KmcqK(WX_1P(dcrmo`=3ba`orzyqOko34b2VS^EmkT7*TX46MPg!N;R5MgI6 zTt{>{fd^ICB%)2L5P@gSiN^bK;@D3iO<`y81%pMJLP7*~dNHA@5Ydl;D0%b{VQwTL z!gL>9Mg9trjC>R5WFuN2z#l*t{b2$oP^ zTk8l&FDL-@4i(h2yilQQp0VfShPky0s-KYY&u$e|Z=DGfJ>Q1I7XR|~mw){E>p%VN z%YVo_d972%9vHm!<1B%Qb6%RtC2|qcud#uHhkXcIc_8WMiGutRNK8bp39yqN@-G@) zuY;jT4)DMglimZ#fq`9`E-wuvc&>na0c^SwNb*VZ3!W}o_U5W4fTuTz%m+60m^#`N zk^|PQC|dl`WyF=Aa z9jq;`S!-F0Vq#NRW3x%zmmH`d6X{EvLUKU6K`(fhJCm0r2iWDofL0_2_DLrXzneg` zsfX$$Iq;@R`9XJPR=eD8eUCZ#Wx}AW$pXa1d;phYb=-HggNZV+BE?|e(+~111|f0q zccJnmz)#sE5(bM{f#)BXxgCSnpg1H0qEb)Sn$MU~qSEEB;4|b4JFnQjZ2CsFX|6R& z2lGw=OdT}yt6~N2Zxfk$te`E1YSSj7yM$_^WlWg9UGU%{n?$r}wUET~1WfwMrgoOl z7D>KY9^@690tU$!z@`haLP`N)`0E8viZOLOW>au}BJ+Vwz3e*pX+L47xK|$-CQ(#4 zqD`xXBpwuC(w8=ce8qOi2YHKpg~SRxOU8t%Vnu(ZK$X}-gt?K#3fcjB!|gNj%^iBW zFW4l&W3!n~a;@=#M?{yQ2fi$APms$K0Xfe4mS+&QafcnuG+(rByuoh3uT0{MGh9gK znzno|loM3g{U}aYbjnO&>BVO1n6y63WQgBA$wKnt=dS#-+d|Sz7bhy8gNc&Qf#nw# z9a0F&qyzlG^!O0z;Km@4`2Y+@iw=7_z`>x&-!KUvW;Tfgh9Wt@y;&yx+`wX0NDi!t zFv=@71$oIAz@{sKBv&La_;LVK$741Hpb(i4YA{Dmf@R zZhJ-Yz-e6?PiE|;#VD_|;>`(gw`t!r38a@9I+yw`co>4I;~|^k7Sp;--E=|zM%w-G zVT)_F(-L(g|KdZFgQ8KmwkaeBW|TqR`;!Aa*2Pp>B?tX1ZBwF!N687iNnL)}`cZzU z5u&`J^;KTc!m(!wH|x;+%{K{y!#c8hk>D{1K0+(K6yG4YiLVfZS_W-syx=)Y=0}lM zPDQA|Z3t#<4;9wmYPmp^SHqcwHnT}G=`+?y$rm$?HkFY!!i=j%rb2}Vp5aj z-qL`U@-rgUq#i=VAxs&=GO~K6Aeyv_6u75A6y90o*rXn^RbI>PL&_zyXdpe-5114( zq9cn7-)WBCybpsdRQFjY#YdAF+MzFGvoHvL?*)` z5>J3Lqdi6@55$LO?1$OJSEcE`jwmInM^vY4)KKZhnW=1ehm4XOd#uwCUuf*D)P>z?3}>2Y!Z=7iumx1 zl~*Rch5U(0_Y}o#GME(PC12R%LoX!FOgbzM@t{4^#zS6ObTHG!;WKtKN0aVZ(KBt) zz2I>_Hi>A`Dn3-r#-&LiMe+9H3_)NqChr&@3_ug=DB}a>As!zLymH5n>wZAqYJBJ= znHlniCG4;9V!?CK{Ct2sH&_r~;{#+StSM6B!+n`a5g)MbNL<}BlV@yvj-CRUiPBF|P01T71UJ4-xsmq(||gpM`Jn!73C{Mb`@+v1gNr zWKzWkEWR=6olFi*+ItUFUb=q3bvXF~m~>(NFq}fcCJCmEhvLH{ox0E1sT)vloeP%5 zsWOK3L-m?LG-(wduxv#XUV3Riy00cxn+yjcmJ0oG@`O+ey< z={|}ne_f3a{TaVNu!&64Ss57}sFkQ0aP6UOHoByODF$Pw$gz$SR|S=0p@9gQqFcyvb2I5PqT_zo`O{n6ddHLW!^z3er!E4)r`fcf(X6vB1rXct zvV*>|Xx(0RYQ5*r{;p%Nlib$?D=_l89R}7{n?9I8CaGN*UPJ&4GethcZ@Ba&GIM0~ z6?}kk%R=lW7~?nAohbhTT!l>{p&?`;ug~!qt!Nyo7fkxOfn6HON1IJqv$OoQVf~n_ zz^1-B3OdO)O_c{3evZ&Phfhl;86L8CqMtj5ACf5SfMCXa43Q8~h|C9wWC=qMP|J{?s57*MbTiBe!CKr(!lPiMMCg3rSdL%xeBAEx&f4s*!(1TodHunXv zHA^@%Qd4#%!>^WWbe)mw;c0kDl(Y29+_@mVsB>I=2N6N=O( zqH~e=?@3bQikFqITtoUyJ6|u@w8ADAks5PGf>a1IY*rPg_Ff+KI5pN_4DfI!uNfmI zFmoDa9rYn)fyW6fD`=$z3uEnvrMB`zjT7Y+t*?@_HL=d)x-2L%HeqhZ>PYEbaU${= zb4F%GTB_`s^@vSnPK%SC66HyNj@Tp;218uWrsl0*3h%51a+_JS=|Y!cC?F#-~s&U29- z0gr9!#MyYoj1nD5uB!x+C;HiK+JouTrYV_{7y^)C>UhYem}L-|dA8G&njpX0RQcBY zl(xWLu-Ax9BHA>@iqWQ+05a(-KkY48&8B9QXj6Ic4bl!KFNqacLSaI++(b@a9B#Gs zzBUD#X7w%ds<+4w(|r_E{tEO*z6sECCJm;`bTSm6u_y0X3wMTyqPzG2da95V;u`d< zQO=>K^c!^~{{m8AHi-niB1GT|NJQhEPI@*H^sVyxib0`ALj?Le`2yIKrF7Y*!{Q11 z+n72Yqmv?eqagyjVnfyh7ZyL$uGkAU7P3i1n^qwLqbAXKZBs~7Xmjf`IuiN9ZqrTz z0XNyEX^|ul2O41Nc*v$mfkbBRr=3}Y{EB->jd*h_KHJD95p7z92n;w(dJhrDehO)d z8D-!Vz&w+ega}+QF`>#30lA2``AZDwA;NSY#XLVFHpn*tdMhC!)u07>zeaX~?oDJq zfZkzL$BXuKe$S7`fDMA^$g2jLFwcRVAF*VAuD87 zYLq(JgCZdUvsETk6(X#0)be3(;1|B=A;NSYu_3}k`ar(9(@7sZm@Y$aD1zef%xaH8 z4^&HJ=5&Is!<*~0?8JHqO>3;5Q2s?z;lz})5HY-Q@Qgra(mV99RXED)yr|IAxINf( zHAL7`h-qb&ZJLUQ^2EVv)qiRDq2_^&!ygA3NZ6RtIa?h@Ajrk63+hQWNL(|+t`2s& zun9%@#Arm|17Kt`Dd7Vdkr^n%r)cThDWTsPJEeqFSP&&O>O9_-x^wtpJ%s3F+J1;} zijHE=IM`hrJlI;5jB&hMsl7UCni=4O&BAO#5k4{Sjqt(I9)VAvRAV3BY>c{M@{+(; z-9}Iaz79mCM2*a%O>bcrF*RQtP(Eh_fFWanOp?Re2%YFy3wP$xc)=<&9%V6WgG(ge z0-r(8VW^B2btL}+T$N2CL9bXFt+kat+k2Z#UdXvN!Qt#o2jC=Ic;Qkex{kYIlI zQ+qEn;U?R3SR0{BF?Bpp&jDFM(Nn}2No_pZ{z0Q+LCp1JL<+4d6=!FpRcFu?E)>?$05Bo`t@+_p$7U7rG z7U7qb7Gc@;3pSOf!l3d*)W1PyZTMkrgs#c7{Rmr`D8~u;0c6~tM#${dE>pHVh%IX) z(@aWk<*$qE{$j191-qxU#`RL&zWkWJ9%A=HeeIPm(?-&fOagSoj2>MqMr`6@z`X>a zeZ%Y6#r7=BLEMb1lNg*~zElNgVEmIqciPRAk1o>l3*C0l!w(re_8c>{KZc!oxsCeT z%VEcBHTc=`IBZopU!FgmLaWLZ)0?4HB|ejAQkUp_>DL%0bjsaqCVY$U`q?(O*4AJ;Of!|g zf@{r9?_L@{nCa)79N>zX*Rtu0Bdsr0%PFOwqi#hLQM^iZq^>NzH&L&lnppXBg|D4x_b@UsFm**}n`A>UjU~d8gsJc5`+LHWlMM(){~!)ck8AcKB%G{v=0+Tr-KG#bChD zHGE?7Gs0)B5qJV0NPf)zgZ~0RnY?4pV_%z4qUdUNQ1=RVS$otMZ5rXXAL_H|9iCF|3 zN|`TJ6S5`XFGp?1S6d`l#P+u15JTi$?$v_NN&~K(;tRuHuXtk-Q^!Lg>X8QAm!k$; z6VW+_HsD_I${03@Xww*$Mw_lR;7)7`1uEKr`?A`A`(j;@DQqV{l>?;NrbUwXm`&%Q zl>4bQp(Xj7pZ3*P^Hchy?iCkuwM}EJAT|Y+FqSF(RAZa@DQi`g89^?<te zQZkCDJ|#sWJs|$wx|frl*`XjkI;NF7bFQNA zopX7=x+!2s@#)EAqaknRmcya)+XzTb#k-Bady>=1^4kh`a$Hn?TUjqp8c2#wdKS-# z0~WUk^mXR3142@19u%!4(*S|zAXrGe<#=+?$N8mbNdyS544)c%Wq3G}|9J z>&r@8vYaT)%9)4u`;;Rm=fd#UD^{Qw79UEc9_f01v35-o(X4J`5zV`v<-nW6=DR03 zSnW2J-)(X3U9@s+RDP2zK_(4|V3Upx7?UsNfbWceR*doqD#QmX!77OfOtP=ynwskR zg=?>gXbP(#TGZ*6T*wdmO9m5Q^;pcn=BKl~Q2C$V|M|=B{_^$9FHfJPApgz3eEt5H zuYdgMhc7>UeY(DUdi~8e|Mb%j{(rxmKgoabKY#q;>tCPVKEM3tn{U7T`0s!H`XqNH zeu`H~S-0?Uxj@5!!0pL%-$wkGz9-X&zZcC!12^9tJm0)j3PygYAeWG@e| zS=uGf>+~PCLnYfgzN;g5Vp^1td#U;lk0;WUW|)=MgZ`tx*VE5|$u^PyS6==R)7TnZ zez;)4G~x*DKR8y#P9y!=jSvS@4kaf-^YE)_!qV_VidJ-)-YI>G5MpUq{2k*q>~rZn zj`i7djNhJL|MB-Pzx?+6_J{BP^Xrd4>pQFfxR43k^@7F&YOn8}+QZWd2roZ=w{%h+?NHMIn}*bhY*I#k%Y)6dx&N zbRvj?t4gVL(!ycwW`Fqkr>_z%{@yesv)AC1#8>3_|IlI@?R>oArITzDF*7(r0J`SG zcqYa~_HSKUw_GFKP1!1~XS*sbNej*|t9_3z*!Q@7BcVJkTm|Kj^)p>Olo~$L_V|Kr zkDK_aA`P&{n6&LtUeDYC#3m69Do0kgjAArs)$~{yw3mRJL21*YJm)o+mgIRwkGki1 zFV+lAe4^LY6=jyyiF8(FOMwQP5eY%j*Crm)YRoOB`nLlD)F<}DBE-nD5<`qqOey%{j~> zIibW}D54!OC__&&XevF6E`XhwE*|2Kst<++1bbMM@dxA|-W8J!ip5zriD=My{(Y6{>w+uK9d1g-7YmFWB%y<_~al zvjj*dxXICkY^q-)0Vx{%q}27(58watgORK~PD*fQ`wkY$S(~3&?%~Aa{Q0w#)S^v+ zg@~dzpgEldH8-BKQkIEJACG*&#uD;{-IUnXw`Dikl&NSTNP*Pj{llmAzYO1;=NR*M zNTaL15w#zVx1txrrP0f@a1Y_u#SOx~L)r&C@Gki)glG2s|NLHS zWAYE#dN^A=tsdmRnnM;$vNC*1E@XI!MemkgHZ-DgUhx$B`-e{(Y~qiA*N+1fCG(CFVg4&{7;+fxA5HgS4Sgj}a>ni@{M;Vw0s;Bk~C?1wFxWMVb@K}PJ2u`&n! zW3;;%2AqP)P1gI^aLuGE<1OZ(n&CAKTj0&8Tx8MLe$YM8MRHl$O$o!xEGotbp9}V4tiv}=Nj0Uh*J>@9}$O%`twWLs4_8*Wp=>5T9XLN4)!e6 zO%YWsUIREIpxM~*6^tn`qWy&sj>}@em7gJvhhoY6cSvLZ)n>a4=~TQrzZQLLcMdPi!Fn-_Eo~Gl&B~j9?SFhX?WOI+1^aG+W)Nk8Dtx=dQehma*Op{iufHvC(K2XS@YvL!7s&fUh+%td@2vf_C)TMVWIP94Rb=CsPO z{e0C_`n(c7rcpOyImj-U@DXPPIl)*&<_%{q)F`b_qfx1uB1$WNog*16>8u>Skt~_- z(~{wVJ;(&^9DZ1g<6%Ii>&Jisp^?cPfYLXGgIXF;`f*8By*ZIo`&=UfIpK*+HjxOL zIXS6FlO)BCoV;T5?N*Xg$#oyXc)OP!n))lHW) zb6Rbbd&OR`O#>Oy!y+8dY8_Ah&Z;49!w~hvLO3>QZE~ySAakNmQ(o~nBNIO249RIY ziTjHCW<=&rPS%=}vKp0Ey~1&3i;IA>^D7p=$rpC^=ymkqh1rtBLJiNQGG#o(9=N^0 zWDe}ncP@h5svAgcyp=BKM)(D?N+x`?Br?WmN!;5ZGS`-bbjC~(!;DCKe>#KP$xNs! zo$2RIm4Iy>D~Mues$a1LNrsF~)#&#(T4Zv|?Y7mV5y$$x^0l$+Xsz&GKJk6BMhuOy+1w zPtpfV_5+6v?)1&cD;`CyEm<%I_%o5Yv}8Y>tI`tg7ggV1ox%M)CRD{3{lv2hWhtBJ z(x@Zh49h3vQ#;Oj#V6P+<1B4_%H$yhWu|&4GF2^#0cX8@7UXV>0S|7xdT(sdjr@zI zI?q3u@G&yY83Rj-M9&>(y{1$9no`bNystSqmqI<;3Ot3S(RX^o(WYlhO@D%(9cc3 z(!S4ET&j{!0nR+g1uSRA7)mC3YI)*xkKwF{rV(c>qAFuRj=_4`#B%T*X1R#7f-&0H z>ecUId#W9kwp9shPd&fl0&r@{zGj_SQV^Kv6A#!kWjtg_T(L8mgC%LBYO^G~q+wbZ z7z2-OGU1~o=Zt|h5hC-(8192X%PK9@G0YT$s_)M+urAAlsu-gmrB}wV#77Wi)DeIn ze+51xpV}FtKmHgrkQhS(X&7FN`D^4DxGH5bN1U;Us+NN~2J2!I;Xg3Pz%l@lx#R4x zA=REUGR81dL{*<(aoIq=0G3?feo14pB_SPPPWKpN04Fn@;Jt-4YJ%lq%keSR8XDp%$W0+`eIo5e2{{q;QIZ4DBGRAmd09QCf<_%{D zanxk#($X3>W<=x*U`bD|rj|^VPXP+#81ElGmq~8bqYsY(1u|SFa{x+D%!67KD9%*P zn=I9Pl0|@PBrkx%eRnlzkeo))6y2gVXds>OKGB%Y*o}Ine};4h3k^i6)kdyg;^+LX z&e?QnEES}aze30+p8`lTx5+^;mrQQhFvU#u80MNN$K{8(k!!t{<3@*x*4^Ed6m%ox z1iE3uACuF#{a17acbw6lVD%7{&`fG~H>NQ2hVL59Ecr&;>yjmnhp8X#u#t3moVcjmrQQhk9Iuy`xZbZ%CXG?W4u`( zEMW|I?7*}z;_TschTsgwB6@b5z0sEB#u&YINpZ#!(>LTd@&&Nu0{2VxFEa+DGaqNk zJGfu2&6PmWGWpcKb?a?usvFAv*g(gGzl$;E3(eY+dyer&`)zO7kH@4P8N+aM>=HF& zxNcR24XVI#oQIKQDwPjS{+DA+4AMlPA$v^~LRayQEnV_=jcGIyNya5+l5=NNBhiouc%iN~PX8KXN`_(rzmP%^rWQok3Fgo@}Y1McJGqXg5nHX}FFswVy zLiLd$Q?4kZ&jTyK#On)T1_>rZT*3CykAn#$MMUKZCa&Kgw!*~c(_E?Fhc6D`t%Sju z#MQwDY#tFYNK6DVO`>DRtP!Ks>4?!uM8t@+U{fY7No6o>5S=n&+90OdgjB{nv+0r& zQ_;z`BMy7nwvQ#mjqwkX+vB<4naLC_O9^qF0*r`*OvW3RGR)e4>d;`qN0=cojhRf* zJ-or}|6}j%mgG8)1kL+0>vt$)+gM9BA_`fRRar%&I7Wivw06W1jgn3GjE1%b0!0!n z5a0lX6{T0(HQS4QpnZY8*w5p*XP)EV0TN)d@0v!kGCkv*i16_6@c+m`d9*W0W?G3Q znVsLvYxb_t%xocNrrg&pq-^qYoUh^HC!H|IvQ-x%={#d~KkOj(BFtbNYl&yH`1yQ4 zH%GEnk1pgyY7@U$%~QRc_wagD&y6KFM^fL9@{7Xl;J$;>;1?56WH#H;Zzi+kK?_oD z{GvGwSgD!u{q=KySAH>Lz-vQZl3DWe#jppN%>?m0q{OkFJkEJ8&zeQ&A z?A+z1$b)ulim?)XA>TF|^Jbonx$mPbWQ#>Uzd4dlcHl;D^L82G=b6B3nEpxJ=v`7h zZ$^dVG{o$YGRR~m$YiP~C733BNc5er^4dI>6!T_5W?pl7h02dp%uJA3%ld@AXZvVv zv@3$le4*9`6&R$5;k-oo5}V0H1{se524k8y)Z(-T!}0U$1-Ti;Qm{teP`Zr&vo^JbokxghsqhC%MDshF2@uDwQvujd$+N#8CN z^X9cHIkC4%l$o+(JKfDsfwj@DaE#I0>$mYyQD(~S%|T5X54c=C0gq(<9O$fS8!l+M z)0w;l^O?MU^6$tojwQD)IL17|bxCJ4S!T+c)5`sfvdod>*5VlRwASTlXR^#%TI>1E z+oodPRFS(ku4J>D@cP-o_eO^FR9=~lBD3bl;p=hRc;7;$J(6VA=r?7G z#kLM%V>*_m(_l(YJdGOV)AUWhGr?nR)JyuE8+>jq7S}M`9LXr&v%EC{W{i6#Buy)@ zWYEmu$o{TMUpG@?*%3Q*)3A8`Y%9N+K9V^vP~XT86J)3E+1~rtzrHc-?d5!*t}WzG z(hra1A}%R%emUiSSH{W~!wMFV8HreX6XAHAxsu^#N;6yHj3Z1^Jy?MDT_64C~59or``IRu?0CeLq<d7Vg?EX%#lXlEzQ+Gtm# zym=wH6*@c4iK0tH!NDGj6RqWvg5jCOvC`Fyq}L>cPID5&<~;TFlW&~pD9y!C-d3}y zdOC}(IA|^>G`9PMq)ulu+^h|LNoR9u%%+YbS+PZD^PJe_4jChymUK0X?&e5#*I^~+ z`Ca=y`bsu=Y9!cqNZy z#U5SBNeh@(a#{+F_T6QdBMHn$ImT3EB*|-V54i7I<}1({_kAPBs6ri!^=fp6>$GjU zxoEhyR6mW*W=G%Jm=~wil!&<^&Xh``sM; zt<ogjtk|Nnc~0ye%Y$RgWQ^6+wwoh4F|(CSf&PuWUsjX3*13j^pTsearGPGYe-*`8 zj5}~sig<90)%*A^=Q{n`;Fl};W{z)BMAM-?KG)u;?!15UFUdG7zH#)nxKQeG$-$Th5JpMMk zUslk$`o4yYpSF@S46jk&l4In82{&cnh?Si3kd{=wy`0-i)&{>^$s-(NM$#)|KDv@+ zMjCWCmO`U_R~aMe=JktzRK}=EOJh)D#{|b12w#p449|4+mH8j&ta6kW>(x1iET41z zYHg{05}h4O`&`i3JoR%S=a1_*{-Q zS;-jf$~j68Z_E3qTP53B-B(hU&v~(>HDvs>m5gKP^@P6U{qxk%C2sOi7`R#G{c~&G z+TfQf`DTuBB<=I~O3q}Ayx?;oEkbv*m0TO`gzA~smc^errPs*on2b?2qJhF8gTgV^ z6FlcNWL`hIg`wemdoq3h_?x@i7pM2{ZBEX9^X&0&pFO^Pc6WMya`sP89^ZX;N|yJ@ z*+1Ss`S!cJ)6Mzz{=LgZG{+R4{CaBnV_dWfS)b-s2~M>r=TQbc1gTxtOg`VGyXt(G zc3wVAB*eAJsh(X=XDp>|rVH!%khwp6n7As}nT%!SrwrtyEb~<5f)Dk=a_U{D#hb!j z(l6W%6DJ^esoD%zQ?!{JynM*2mYAig@nrho zr>TTZoDCEIOFH`UWI>QXj~wiK^<{pc-+qfW);nDUrmM%G?fu8*v493BQ0i(X>Afq&bzt3e~)!Z9&ow6x1Do< z9LO6uz_=ZWX0Ovm%S1WGyLyVwvqV?$Gh5SS<8P9O*q)8l=LXd^bgZAE^!n&_;+-4N z^T*pC?>>I|(bXL*I@uaBdAXzih(xz?vK~ui|1yy{7%-pb^#aBgnF(&0 z$_{}}Liu8J7x(A+k#D5EO0`^c*7=F-eRC7=+G4HK-VtIOLwUoRtz3T2^oOFfhOC(+ zx1J01qwz>m>7T>}sBCx`LsgzXiLhB-sV=kDWGH)U^FG0U4nz zanufP4yKuSur{?NAuU;#32B}zyf%qqU6Z)C!X@&DK}ahH6XTtc>e_hMSl4WdYlAw< zx^kNi{y#nkHYe?%llg3PD_za#a18^U%$phE;{H5W>|g)-rrYxRnUM0Yem$c20y*5< z9cM%G$k#93LSs5E$juWWSH`?9$W52)HYUT~nT7~G4En33p3>l0^C`nj)0$yzZCcA6 zbc_|xvs%~YlRIdn>IUJqbM~q{5Mu^|$d=<}7H`XnC#|aW(P)&|>%}Vb`nP4pZ}s{v zIbO}HaIRtd=U~NSWN$dkJ1edvKQG2$5)(O1`Ld_Pg(r?WE515bXnILV$5`<^+3_b4 z(oBk+mTI}uY?c`zy?!Yc_L+Hx`P!h4u;Qu9+Mkms4mMX=@mr?t^7vb@Vj|NQWX|Mg zWd8cezaul7=P9kBXH|-uOp07h-@Tfb8eN;jlH!)E>wL4lceNBF=P7J!!%yBd znTQ%+8Qga!Moz1;#QMekc_PP34~O%$azYkJ>Ab6nkt}ME)X#lF%@bu-#=L$)RbI|w z`~ycb>2As~5sqe)Sm|$uqqk7qiC13`K1=XsY3dzc-$WdiVD|bol6(z+zkB%NF72pq zVH2C@46LDO;W=5&q8&?-jN`xjiT8n+;zwzF?0B0ojFmor_sQN6F=b%3{SoJRro8qS z&)D$Vi+{_TVtC2V7Zf$#I@m;C=C{nqytrQx%!~K7orVdx4SF8fyE5nl6}{E#yUp-w zUU~Q5jEd%Q1BUSYHqR&A{1F1`-@#23aN1CSC z-#X7@Tv_SgC7W9_Kn^w+gZdI=~KDvFw=#I(b6;%+Uo8-_K-B^OYeDfI7mE}8Z)CyN!5L@R1 zO)O#Zfs&(>e@A(I9>u#d=5^7nf`b?19~(4J;6T<|{vDH;ZJaf3^Co$`r@+$3n-7X2 zz1Jn|PNPX>Yg!bo>63*RZ`VY94U} z%mZ@Yo@A0TOfo|@n+yn<{>pMCX3V-~_*$FLl6;n|YlVDfJ8Eqvsm;Bfe8$<3W1pCB zUx1ltur}TmTkbqVVr@`I8P+%zb5IkX0-FQ~q8#`zt@H@5ZZBs@)W+E}I240f3geS&|6$dVTuWF_~E zM#_+>DyKZPoB}LP&ojcDP`r4-$$16tDFHbIW-czOSFWGFn`!NOMLBeKG%ug3e>tz;qf}#UuXO4bPHbR?yoE1D*Ea=FTkq0L|L>4>dXQ2 zVOkMB6yfIBH|J^o*qo=9$%pB9PzkeukM@O+iQbDOKo z4dg?v#V)CTv&&Lqn_aENt}wQ%$BQ&K6-vm5Nz2(xcZV~u>uGzOY_6+|BG}DMQugMi zhI*5Jmd#XwmB*)In8X5BXaXOSUEZI}#QapzilrT%myP87yy6bei@TmrkDmaTNR$uL zGMy8xIo6a9`O`&?=lmj>86T3nUL>M;O+Iyz)*m3%rdahwg)LqblP(%NPZ~R+^9gly zp5rO9Io}qm-zG_%7uoP(+Ir{PBndv`;HL|RL0#Tx8z1tgT3ohicDhUI-Pg~}*u&7d z6Nen8(_UW6IMWenHS~`!Zg0PQ{yfgnhc7r!<2#0q>18KpUp{|&`}xBkKK$_P53jzy zdvf>m_Uwz3v(KJ<`|8DQ{y90Tvv~i3>r2AaI{lw7zvW+I$$tOfx8r}rWo`JEKj-|* zp9}uw&z66Q-c6fcboBA7Z~pf84=(=xTA@i*s*hndcN~NUb}7=5d(P z#U{5nXZv(M?S;~0%!S;NMC(8s!aNK&!(=zfFFE$7_w3KsT)$%UiEfVCsa+zRvvc~M zDBmQ`ITRC~<4d$}67QQjcIxCVfh2MN)yX+zut_81rjFW@O%nZ^l1%Ent)sMrkc?g5 zB>g>v;*rbfN$;Dvbk6E3kaPrm3MG$MQ!Fgsa9VGcYF>(#ga}7AH zrnh7i@_8zH=M%0^^5{A}Pl@q-iiA1cpIdcW)nQdr^+67NdhD=F{reXQxp;d{Mr+94(S9e&UAai2ku_()lZq=mr4NePJgowS5J>vEM! zTr45+@I4RET)otYPDn?X@SCekRzmxp3w_6YnswY19{~P+nvb+u`?Vlou(Z?)AFq!mrbdq^<*e z8s+|bp2!!ejb7x=zep;)$T;7Fo|xlJq3t56@uI8|)6PFR=#e@80HyC_#e%5N7b3gz#oCC*)>{&$fQ z(na!~!}p0A4&QTK_w93C^GvwNT~#W{Me?ePJSFn`NogvF-}Alu_VwP0YA^C!xyW60 zkt)VT^0>qIY`_1#&i2co(xm-Tk1lc#mArb99PlEg%uRgI+a}c?zE4zo_&)K5 zZSI1D)g#}#w|-2kvQ4#Xo4aCL!Mk}bZgY2ROA<+4W1C@#2YB{7@$!>{H6{Bk*(G-e z_izvH!Hu^0cUnz~73TLG-^BY*$O=k$;v;v#!Ag_w%iVyGH?>b{-X`^@HRq(1-Mw`u z&yrGN4)9$6JY!0?Db*%5vB5xPcNs`e*R8a-`lW~no9wjE>FjH zl~g=kY8~IFy_we&^L?7nW%BmvD%-G$O{+LvkQ&cTtDhHf&b}vn|NFF>m&xPvxs%JJ z^2_A)(>-&%HzknE)YK0)xQR**-?N`ouBYpZcz$oI%X#d-Pt52;G zo0oe`RpEJW$?R#HJp4XU+5US;^ZQ_{9n><_@#HNf*4Nu}FYKSrli~0^XPGBLnru!k zQwq&GZKq|yIegF6N+~rf5S>nSh8Rbl2vz6pGCBNZ?twA{O{FWMeaxE~^S$ZNzRKNk_?*1IDs`H}_pw_}4&SHUd6m5VtCMS}X>U(XnmyQ+Cu+G$j(wHV`BhTeRdVpFq~)uL zmQVKf=#<_McIkXya`vmF-mB!)X|F!LN=|(>apIG`-8!l7V85PL{VL^>1AO8Uhws&H z{5`o!>by!$eXxV)s-(_!l{(kq_h}bgCDo?g{NyU-m4h9<`p;EM4f*hUQbp=)2l(ip z_a!ytF1bqHUq;V^oj&oIXF=IQ%M|+6$xW>TK760Xd+;{o zc++~iOWkpo9CtU#At$?(OLi%RAHGktfA~JF!Y-+KmsGqyz0>e_!gXyX3LEu2W1tw99^zY_F4v zmYd`{#oEL7v3w`jNoLn&Cd{M!I>{$%FPvVdAj>j_nY3Ii*GVl0-{8a>Z;}db@`S!g z-{VbkFN#)_{GQ}dcSU3Yi<9Y=2!7Ayze$Pj@O|P=RV9DAo*>#!WOMjF z)`j;?-1jEQ=I}koSHI_3dy`zNYHC**jhl&EolKRW=`YXJs{VTTK5^x#&M@s#AFBG9 zH%Vt%jN|0+J)hhEK85`APbIzb)3ktmsG%Mp z`^Nh=)mL({&Hah3@#X`h#(aR(m{S>|@%}y4MOoR)Rl2!9F*@FyTY?Yuo+NTy3Dc7B zp)jB9ZVsvO9NJ8Kh&DClveHlS-hr_Lq=uSOD1M9SfSCw*+(H?$MIw7A%BB{3Q%k!kbZ_#+*=!2ko5I&-!Uab{o*Elm?m5ET zkU(;%xH6}o&TGu)d)H45>^y}v!bHa0*{aDPaTDdT%>qZVuNfq9dS33E^P+=tLGYe2 z9^PCoo$^W$L6THhehDDS2;SiXZ~h5S;TJpl)R8yW+>3V0tHPU){SyhBmdh zwPDhS6K{UaPw~Qk#ZN!On{!LgVu=PM-t3=}*UaLL-W?Kee#29>Q;J8FUyG-X{Sy>~qI7X5j|GmlLbUaWb%U*V#5cKOw4Q^Z&7q+DqHRDGAskX|(g zQQNg*x_}f?4o~en-M?r5q3~7Fbm?K^&2>1Jk8QK9%~0Mj;t%ujZOOOWRG|nbCLwK5}qTz*ISB2%89~HNz3J4AxgIv zvUc_?Znp+H9nJJqCvtgRfYb|1)0m2kfYb7z@FB-D`zeZ-`-s)**Ql*p@T)p>KR@l}aiSGA^x_~=|*Ry{mCL`UaBUZpj5 z9ypzgv@0QLm$o$2u>DUty>bR@${WCk9D4Z$fF$0_0|2DnQxeRsB$%@HZ_517hk;zk zwQLc)+Vs2H>y>#xlw7X*u7r|ZoeQ%zHTa1!@aAFzyE+%r*w1yywMbdA7DyfWyAlF+ zwOUoamNsL8yt#J&u6F;fbiQ3JQ$l!ItT$zv=0onAy3HF%B6qr}8xCLg zY(CVRYa^DanGo1|Po1pO4W#k-#A88INmONc22v;}1@@+x>rE}~O)X@ZkvC;$=0mcI zo0PiF%WlkvX%>8#5XFb7FQRiNy5z&OqI{Ux03W7V@L_s0A-vT%4>ceY68JEY8aXJ{ zS4vCgQ+2<{Q%R+X57lN;zF5Z8!rtiv%Rd6&XW1?_^gIaX`7hOFO4|HXL(lCCWFk*; zWX3!hRxUpu>Ze?60+{QCsVfo6To}w938bFN-A0)6cq%d%6JKQ_Jued}AL^%C2@IG+ zCdK|(Kc$XyUP0)57(aoMJh}K#Pvv%@ibJj_f_}a*x!O6RY(eU$(@#mbo z**IlMAURVQasE_DfI%gskiZr!NRBy!!^vSNO5F#9GqI^L-Peai!g(^7c`8#io(Pmw zrj+#gke!z87D&!?)@B+igcXh!;Ptw~DM?N_h$8b@u2j7)PZJ)mfu>kM_SASGudkKZ z2dJMX51Xf2)rf0t&Wm=_$jk_9kt!DvNDU+PJwoMkY0EHnzK_Pf$Rn08`s}Mhn+c@P zg-jy~A@;RvD?AxUE=eWAo|nml5A}GmTOifAHr_?rMffQZRe{DJwZ@aDB#@j}nK}sZ zPi|Duq!`RU$vrTq~NC-b1iM=0`lhC1KVOt6~D?))mLh%K$2t4+Ek}SA{idbn``+i zP!>q;w;80SoX0n9l2Xf7GS5vMy~mrg(=w5eq?r8ZGL6hY^34@qdtN3IKIAYef)>bV ze8PuBR0YMJmx+WA^;7CbKx!Dp5h{fBykb=OkSkaQk@HG9=R?l)G9~HrGJo))eyaUn z<_{QM{WMV&V=nqBYXy*8rpr`Z@VM1ewSr|;V84Y&0lt~fRO&knG%+|;=tE2?TL2&G zrxa<=ORMKY{gjq&Ac?rr;o-=+T32;eRCFXiCC$ws^>`iDSJS>dIlrpYBO#2ic5($u z0?9?H6n*@N)kPtL*cHbtYXJVy9DGF! z0vU}XMJv~Ti zJnNL)6${)IcdXz$+Ek~-0?SOmPu0bqRwhWixmKduRP-Jha5?5O901Aplm&r{eX`Rs z8~_>XMVOnBYH_cpg(JbR&aMii1Cnzu8v<_HX*^JBxF7J==Id@s&M8v@Kjk9b z)TvYfaJY68%Qv;{Zi=U7FdU;P$@Ql2Rq=1!wUkIHLjjQLD=l_-h7&1eIsh^jfH&6` zDvQA!Qtv6Ds4NC}m}{mb!j{DVpYxzy-duu8g_hZ)g{_XlHl_DS$@$q3=QC#1nFW#I>z=wJ&87Gi>DwhEF z__Ry;Ff9Qes`pgQ$p{@Z$D7kuT9BylR8vl}22zh7AQNriZ?C=*;XuX+d2@0)sBm{W zCd9sg7;Awk&ohQc%hSwyIsrMClS+QVDU$K>Cm;w{MK<1&j9g7F`8?s_gza8Z+{st7 z8d9ic(f7P~#1{|0z2(NHFK=HyfA!+g?Mw1ka|O>nzkU4VVbtB?k^5wwT%Lw0^DD{| zJbC;Q3)xUw%P?2On~XC<7szj%7Nq3q%QT{t_)810guWa)C$+mbyqXEFr1>2VIc+U3cvne2n-uj0PB-2#nc zD04J^{OsBDyHQ%>uRq*QH7q`P{^IfNi$4YK?tcY>AKm@w`uyH?)a1B#L+B?e1a))T57M@X>c42aayas38#F z+fqmBis2wr-P_by5+7qQm^h-=+V_DYV9s~+aCJQf!;tuVb6rEp zHJb1OBY_IZ|m&<{~a{knTM5Vtgt|^OwkgY+9xm=;Q9Ljb%l%V3DFqG>}kN|oL zdSiUzj z%>|l|1wowA5(q(?K9=*F?;*TG_9Gv!#4<DjBNPfy4H?!(Og z+mqYB+`jnY#qBq@)JWpEqaMJ z;z&LpZF&EAzTOLL{7!#w)Ap*y`C#fN-bJVa!W8eJujrfP%+bdfSN6A!exhB>jkaT+ z%y&E!&$cm+HuN#ZTJMdyBwhj^@eGRMemppQis9 zTZ}K@0b^f8?W())p1+u{PK-Kc5O2*H>_->9@%AzM7{O<}fs$MQ!uemXh$eJ$^=bYW zp9?wsR*PJVQQxDh(G3F|FrKS6@4jGBX6p8@e?drj`E!gb7l;@*k|-EwE!fX8*5&)g z!sPq+MEEwFrJkv!t2GG12m&g2tify!@p)~71#!Q5gMs4*FK!>+?Wu>Ls(m-Lbh~q! zeevS?<5!Pv_f!^33+e_HF}0w{G1c003@Ls)k7-BS7&;FGc@Pyl;1`?f9+vp&!@JvG zeEI=yR~kfs8xLRq$NQUqxPSj2emP@HKf)TRDhAuVIN@FS55j0zW4}2aFf@+gQ;8o> zpG~m%9C}{-GlPwwgE@=@y}lV*w*2KJ?KA3{OrNV;k%`RICOY0d5@@3hWX_^r~Sa!n(B^p7917<;oiD zChTktHX?i)Yy@I9*eGqVgb{Gr)`J0$6qjW?JSFOvm{F9uWxLCf)7oI{ZM7REOk2AV z$GLb3moSXM!ZZ4e#!T>>`yFM1mhU4~TC|JJ*3XXA?B%nBoB3JzZpR;K%Hla#X8r64 z#b5RTIg9?VV+se?D>OuUvY#F9r`E^t5;oWh4Uzxb>40+~3|#HmVVi8Q6&fOcwm*vx zQM?!jqvnA>QZ$5X($8{$b=qKCuFQjzrp*J6=x6D+(*|Bn&jUl0`o&b{XK%s?x4;$U zgI4A-Oku6vh{IjNaNc*?Aky6PAlya$65HcvuXPT>{=^SB1;zj1u;Hd#j*mKYq9KxZ zL9J`*!2pDc-84;^X7%WWBQbk3$BH&wi zp~{Q!j0;dWz`dw7-|fPc*2XddgqJWJZF&~JobZA>Q1hV7hj2yIt)2}{x{n2sP&mMk zr#^^))w5I;7hb4UA-oXF+xsA(u8$AoiH30enEp_f!s)Zb-^~c@ZLm=^slj&PeOtiD z{tzD`)Fa$lt=-5ZZ!nm4Z$}}8K0bokeDyV8yXt3Ezlu7-_J{MPTK&SVm1#GBYz z5zx7OmYBu9KQOkev>Sf2_Us69Z?F-O&|o7Ot-+w)J{FXgl<-w23puu&eP!B*&$9J$W_@FhgZ$nx2%5&X4; z;T39QW-KGSrL`L=VoO+9anuJ+LczwZKg(x{rV(vmh4Gk2Y{v3g?m6kalTvSzr8q7l z{%QFvVH56mWv^1zO7ya#Tj6`t8A|w-c?s-Z?<1f^dxkPn!T}^HJaZ9+=7xSG+!G6; zKF~D`8>xj$ToI?y-$xdhbXcy738($yS*%Txm04cN)TEb1dP{qD#L+d_2x@Jx5s=bg z!;7|r5jU2)(yo`G#Sd8o*h@9wD*mhavIEb3oas&oJbgibP}Xf(+h%$=8M{` z`4ZGAI%RwK*~^t@NA&4(9=nl1xrCvDsSjd5g=fS`;TaQ@@XQhk&jep;&k!W3c0}^I z-6#&X95Yn}{p_fuv}lLq*!gapzkMFmm>LDt7SCe+)7eOnrPmVEmuQ^wdYT8(d>S+1 zZNlk_O^ee==Ov+=l6QegHz4{`{Dp*1$#6(l-h;%wi6%*Z(>^ENt>YkEc^wC6k`XAh zz%%)z8VhQk`oMay(#MFNZtokxNJ|*@mp%`;v&TZDMqdwtRJBF~rAAoevJW!9{jB9@ zj{OMzT0Tpno}cykM(C^72$*OCsY$*aDp*FeUhCKX8S-$&$KgWSmuL&pKM-GJ^FVcu zQ0`^F7bCN231drlK19N<_8{53I`ginankn|mP6SJcv8ISn)67sL6v`vdF3p_%Aj)^ zZ8`!kmvbYNN4O7Hq1uhC`u41C1w;|c9!4g#X)+9+y$?!hXl|JQw14q*YX6eYEj+V9 zM9);PRy!&`s1I0R1Tl?| zJcB+yc0#AMID5K{hwI@+A<^YLV5pkM&b|&Rw3^o7<5~~+z1MeSH?@98&8sDh$ZxG1 zN%bo**>|zVN;ac9tj<-e?UHjyn3tS`bl`cgrTbVgn{_-R#9oRgVnxzeZV0N@{#`lq zBCMt3lmvdAGpK5!A&z+IYG{6vfkA=zA7yZLhGId{9;6z8_y#c1DWU(;-^dG){)Xfu z83dTtgOkj2BWYW>BCWX7INn<65R~PW9tufH=0Z)DzXwyP@j@U#-@iyDlI6*2F#c9_ zI?^Caf2j6dR>le^Ukq{A($67huQ_^|@P{fc{GrozeuV}mc?j#SbYiRrkpR2c`y^|4 zZp4vmEcj>iEcbx8o%J^~5}m8$eds(#Dv|A? z?HSr3tSsjNO#BMi$Y)!=kCdyn7ic%?hAi7*>T5V)EQ*Z+CcFR>UV!P02X@tEe!>sL z!y^2k(+e=l26Y^8`;}ojw|I73ZL^#&b}7vl%ryGr*-?R}Ju5!MJmkZTxpkQk*r-st zd>?mrH@c#o;vNW(7=2Ej91z+goZ@5F_#jF30jqN#<8r3u z__(9ReeAk@2*p5W3NZPUB5cHCA!DiSbJ}UI0vja*m*c|*ul=@DYzohcPXZI4#CbF> zomuvQf-d}_>6*ExHcNP8~Vy%XZXB?|TMu zvg_DkJ?%Uj*eIO2cpt@bI?tvZ9=%S_6yp%CPzM{GqV;Hvf*1F_5TT}BUIQfi8j97Z z6w$`47&*o)yF4)Yjsw=^HSj!=>K1)a1xU1kMl61X8L6Lxyl-5avwR<+lFfcVyHN(L zwHpbiOPFJ=5a336_111wEpITzCiCnlL9%Q|T5?-U(q~2my4G%#N?5{RyM51Wh}G>h zM9uk?KB%kEXbm;0pXZFl=SS2YZgLLRl2IOKIX-Mv!acSx^^5JR(>RubF8@V1T-V=# zjarJ!eo>h^Po&&y*OM`LUv|6``KN&?HVW9dh_#Jx6dPW`a2jgOVK4o>Bqh;%5TAqQhRe|J8}%JpzoV9FgDI9B zVPjnQwrm&1(oSo{61!jdS9zae{DCR16xg`DVcsuiiegDPKcwrzN#IU>eE3+zBkX%e z!W@Nw=lud3WvLc0yg24-p`5DUQB`E|EbP?#gJYquC8-`gevM*7rVT=2b#`N>={7u` zRg5qZEcdm~!`0E(5?Hq%@IIeqL`R68k<3KTWKDLx7QvCgxrRT|Sh@{>cB5p=0;lBY zczlTW{ro_rkt{{lX4lWb%cx@9`aq%Sxe0m9)Mok{oQasjB|P)GZAc*mRpX6 za9fWBMxTI2Mqx_YgC6-w8C5Ax#Mw(&ocdHm{!meen12#%1Eyss> z*L{qNu&teZPZ7p#oZ{LMo-vJxUI<$^UdAPx^M2t?<1(u`Ecj68lhj2U6$Iz)sGq(< z2l&v`FR@!%b9^=$Goc@vTLizg^&s-2+vTzT$wx&52KRxqXQL>U_!XhVqGv)=^elF% z&Wq7Bx-W))SJsFlKy*d0hTk{JXD#te*uU_?m46x^HZ8r6Gpf%m%+wvH)Za1eT5;>( zS@GFeGDb<@<(Rp{O=Cvq6b>+Qi#ABj5Dl?C`j`nl>Tx5aD#-Q4_#3agLKC&>|l~@X9_UMVQ8>AE67$ekDwHi=P@dZE!PdwP``+nou5+2 zR(d0DI-P?=mPx*18+D&6DP7jVfcZ=&Mow#l&gAjg)`Hbr`UhFA=98QY4F@E3pk*)D zBMQFud4x#VeXclNETh9-BKX)QyX>~uvGK<^i-R~#e#j;eBt^~D=1J#>rdy3+=B zN7?^?iT<{f6z{mlO(Ho0aa{Hn#6Qss+*I-l>Z)u(;hyPqz!J&Mh1*#=1YQH30W5I$ zixcE#`vK_{qI+f`UjnXo+1m-zk}QA$ztb85we5~v3uT<*-|D;siAHu-xSwPn+)$Hkb?a7H6TdV7*`@R7?o|+Zj`!Tw!?O)v2aCD+n4lV z+YJ_9$(=-7NZ!B;W*Wl9r+LtY<{ODweIAs4)%fsP3r1M8<_4MSeI$UmU*(_@G=ebD z#u5%f&4VCZ!^X`tOWflE?_&w4tLDKaDcYBqcQrTIxaI-*X)Nel;xF8R(q(k?#-7{4 zU0CCixaB+u+R^wxfyRRQ)cuajSK9lmr@$p;13@F*@UMBx-%bGJQF~#`X#{Z>&395{X2{qeP5EGr?KE;>3ar2 zTQ&t0$G*M<3R!0gVL&**1n+(w(}4>^a&fRu;R@ENF@qM-0YZcNg*ge&Y?{sw*wm5* zg5kT5aX;CT#&I3HU&|ou57~_3QQ^-yFhpsoW(crxfmI)i>6yH8jgMr!&aaql&l6$I zN4fuHAH?eFS(aS;mylV_jqn4lFSZe_FG&}I5elob2X>&f#H6ovLzGg#xVD8CVz%`@ z<8O3oo- zQE~|qq4p}AL~>ZT?)thRzDTCVVk8^@6Aq#zQO7A!H#(EK_(11Ao&=rysMFGWxGSN@ zMH1-jco0^%+m&f&IU84{{DWlH%dSGChU9isd(UIK9A-g7uwu^xmMz?KMTlq!k=3wK zLV4K-VnpBPWD_gq2{S{FdxhbcPvV*tFTO(I?{pu>mc~bHZQp}vA39fAp)Q9-tG@R` zR_U~XyTZ8QZb!+nWG+d+jP#1W2gCH=X%`V)JdEoubiR>(E_*T6@g#%5PQ@n??`3-+ zRL%2%nTTFi^d2m89v^1@&ckqjc<;j`+-}@fw4^l%OSDD^LFdnypgb1LQtE?qq4Q@d zMTk#E-n*Y&;TxnQx}D;Xal(#kTb6Sp{7*Da3YNzwUl#AP4eAP?h-i&Kec=k0qkTm9 zmD*8uL3<0G$zxW11}N8Z1YTYFaS#P$f4L$gRrE)|d>=FEwUVjv&aAYvT>#RRyuryM zy9%1A&izPd>Nvo{C_M#^D0v(gn$AnI=*1%_X(#%_QmXYu^Ar7Xd5mNqqNydfyN}f9H zlvBe>5|!F;Ks2@VGBgt70Ka%2A1-?BU#x^(<|2VyH7SuSRA+*A;}X~fJ+nmG=UjCp zI>kaO+91M4I3>DRat`G?B}+v(T&Gh;BA!T8i`EFWQU318`S$z97H*Exe(S-caeNwy`bn@PTk zQmlRN6Fn}y2a|&L8$3+-gNF&vs9@p;5LV}P*K97)E{9KVhuEpJ8&ig4bXcAF5Qy$P zJ4!H#?zuv%^IdYA<%ghK={R^RbPkdOEg1=l)Ok)8foPXZOYuZNt3-VS)QC=;|dY3(=M5j@;9PZ$gYP)L1!KrSUS(yy`o*hkaboNg{RmLNLRFr z%U@>&=1%Rw8=Ns+E+Hycdy9-r&x0I0tuG>B=Lh86dLGnH6%FAA(>{-6qb5g?&ZIqv z#aCw(T*LD~QPzC1KezP_v!llc*=u|&F(O1QN!KNvNxUS=J!oGNH=@13As`%(4y%3S z7m2 zuyG;c=soXl04CWHm~;r%TzWS!@eN?&2PEdoPe(hgFYV+j2PRqrrW_s2<11sCuFPG| zm*Cn)8@x~a3K*PxxkmJ%`hUQba}lQces%+sZxI-ldG(<>R8eNO`-y=mP63!=#epdn z2LV(36rC8QX*rhAfBW9&(ARmy`*6-Kp9Lm)4VdzefJv_n*F^V|0F(Uy*TlG5dAYvf z0O@1Fpxx%i`&6F`m|_ip$;JarHXdM#zXvw1{9KL?Rgb#78)swZyQB*#ew_EI9xX8C{^Qz4qweG5i1J!0$By?Y z_lx%_7a5r99RedmulGwVyXY#My=sTyM=&}O3@>hn;rA0wV(2$a_wC^FS8Y;YmSbTN zT{orOxCwp1OGr!!y+1M;N2t=Q>3YhT^S;D@>UQ## zNA!#LU>M1IzZfXBmedvMJR9w|%L4SFI_1Dz3my9Fyf|cr&L@dVQ`}8lMbcwKfx)2L zJjlKjP2!>w?ZP%RUo7FGQ}SWOcga!`?GoCkvzEMB?FFnQI^*%GX+02krB_7$s@8)A z?l?fp>;5-FFBSjC?v*bgviQVb$W_%j157+8%JF!7x?2$sJ%Rsi-4NT218hs3#&JPP z=I4|#jFhv!w=nZdUL*Ha@*1Xk$=Sd}_v{#t*)bhBFTH2T_3eI_xRysU5>a208PIT6 zU^sg_PNTX~hg~5!br|xq+7a+=7zHi$EJckwY{h0oKBu20?^E>R+M0xNDlZ?HYR3Sx z%mqbu-)Dq@ia(P#+kF_cvz;}{MrprcTM|w&o4FkY5IU|%Ulk7UOA4neX9}EY%}eeyn~tKpUuU&DH3JR`p7eNphCuVpY;pU(J`u(hehpPiu}F zOzVd4SnC^sWO^S$mte{zBXCA_SApqX6kw`<1x$JVc%yXhD*-H2ziVTOD?Bu2;=M&1 z#4L9Fh5Fmqjcp_x5TT^KPXxX87T!?#KX5mSmqadnA72!g(^$f=*XJ8W5Cuch=`a)| z;R>UN-bc9+!@O=(yb#YO$5Xrn)4Fs6Qd`7dVB^L!%8>8^X=vTBXA4&x`<)KRMCmyk z2w|2tNFw)o5KpMFL_vj)XKKv!y~XbJda&qPBg$V1hN`P|qa=}Gif4s8E8hy3Vq$=) zZhSl`9U{!_okw79@_G=~r!|7d3I-d}y2XWe9j7EU2)1HZ#`fu()SkU`&|-IwVWkhG`G!BRtbK%QMeC>a_3<O@ogRCi%hJXZ0dw9`FZz|8MM@zMBv7Z}f~rUc0@@?S;P#*G?-*OUqs;kY`7)+ znv=%j{YyBtcnLKcMMKnH>@d*ceM$IB=V6p}HtiBC-rGe^tMH5~M(c(xTzq3i?;*TN zGBA}1%!ddj?qi9P10AP?Mww3{Kf9gkzOm%GhbUl@n<7QlIIypSh#kq8glWmvN64&n zD@1{nwWNYrqj5}@k{$7YOO^`Tzn;bZ+|LTkaME2+^E_tk)O~$-q>-u*47Y0MJOTpC z6zdGkv2=v0$@WVArT9jaOzJdAo}A?3$TL(sM2pThu!G1SK&D5pC3S@u<~71druSj! z67Dffxt;Q6=|lIh0lPFEI3JOAsTQl6EZgKP_jUXF!>O#THdc($p=HR16BIpiZsM&|_3Sr%#ZZ5|}>5*)vr8!*i94ThxR_i^;-S&|>L&q);NYe{%# z&sD%#VLLxz`tlV)k&;C*`^feHOlK|O#a$<%U)?Fi!L8g)V9I3#W*;-^k>`savEv>W zf#h+*c>FBxC_M{r?|7ynf@B&b75U#-anTTW&?;sEdKUd59>~v0bi4L6If~*NsF&g! zxahSnaj{4jLi_cz$jZV2reVQw2=u*ARJhJ9ta{=bXp)k1$c>Z^8>Qv?zKjq8(S1}G z?t6=8&7 z-qW#ZI$o#~sQE_W0JYl~&um~n3-#(*+g}KqlTVH^F{VFKwYto}&EL{{DCuMvp_ifq z|Nyc9W)Iu|hWue4KsJY`rY0^7$-@$E)`$Uce@4mqdOJqG~Anfv>2j)|@) zDy#XrMlD7&j0(&5p+?ze2~|n2z=q z$*OS){#NLZ1@=5df4on5MOdm-i#1FX{rm`vR<|<%Q(aj4kbVSg?O7(WTqEA6I_1D* z-vFkX2*8xTfRd-$6O2W%m%x-C4@~vBc%N$gg7_7j5?|8x2kj8%`+TuI2nU!b+FJ7L z%9!D(dY1SSKZ|Fr_v;+gD4o^)N6eQ*;r?t~Tp*Zo8hD@13ShdY8klnX!pzlW2HL6q z3ozA+0EQ*KkI!~s`p|uRkph=h$FaQ0Bxs*eT!r*@9n=Gm3?#X{cB z3OKuBT!AU?2~!`7-p2xu)%s$nQ6KP0;gt9Y(E%(`bWe<&`k;1<`an<=?ZWC>A9#Af z>T(_-M|9naOPnOXpjGH@iO@83|co>sE|KdIj&(9YMfU%O^_d zb^izN)1A-ZiSBj=V5-^5`%L%bEq0leXJtp?S**hi_k^f-8!hcrYbZQQ-QEOD_k9AR zIG_43uR|0NU*kmadPD$Qe;*=T=R<_6XrB`qrF}_wXV*X2M2e%0QiS3qXy;vji&BJL zSHpN<*$47lnTK?C-lv#j-be7SaKLu$Fl+_F3%koO1cd%9vYy_D;jHgfs?&H+V`x=7 z3O#k6$ZWkv91Fc2CxFfr!j`%}1^0|%)G<=8@GwGVH9iy&!zlRQ@IpSFXb7{d#>_P^ z-A9T8$TBNsox7c%6VH4ckxP7hi%o$S=KlkX0g^1Fc%3DEK4I?QpS zp6CkKn0PyRZCxkE=%YM2-Y5GIFxiIy$Zr5lvA@84o)hQW?RvP{5Q6)B2`cYu$SOMb z$%L0IMJ}jhZ$f~)=6E%=_Z_D|QmW-s%tMkl*r{DN#d$9KE->BYM<15G3Et8f1y*`| z9q*HU5}0KM^3}SZ6W1(~SYHo#m|?uKw~L}!g6R$b`mmltj+o95EG^>gaV3cM0_t>! z5m71Lj_N1gNw}!aU$$kp1BV;C%fP@?6Cdl4e2cW>AZ&OceM{#rQ4gZ=$Or5Dms?=E z-5WtqwHJZO9}3Lp5vdB@UQ9dXP2k>FTpuvY3~;b+ufx;peNH}@*Bl z^4hfD2;-5Chy_nNCt;SdjYJMxKT{%yO)w7mPD5~K@vz8O>uZEZSm!1AW#VhFweF9C zfaLQ6ruuNeY(F3$OnMZ%t;gW%?Rke$v%e`On1B7SCt};5+S0N!-aqz&rw}_5)ztk31 zzt|lOj@&BI5NfFAhJCWP3-@Km^GePX(Z$w7BWJ49Go~QvE|D|U*Ms}>dR!Xe zj%?OGH{X%LIiq{r(T?Pg2XS!ZJ`WTh&CPcw zjSx~ji(ss0iTMAxjlA)^|1VcSx;vV5b>P2J4yYL zgdloBb`(C|DN2P-@gOXSL!DOlClaz)36je8#jMfYb(`_%go$2(6%y!W#a zMBm?s4M2E7-c>t-r`-p|BKrFXfa$!Li1HpML-?-hW5!Jyl811+h&PRkM|!^zXxU*a z@?W_9M7so0X&w=9*560qoaRPcsb~oCxvvpnX=+EgSMd_^twg&NCYFyB%*zf!sD^BU zWWIXMSNM43YIPh?Hcxy5bCd8K1z$Uz;tuF~1v-;z8=@cSUf(DoB)d19L^Mw1n{Ysm zn9et>%Hmg?+>-yIXk4dpQg0-eMA5=dYf%JD_`@Dyn0?ViEqQ!l_-XV9yVCliCd;Oe zg-r4g;Xd+-kY6S_jF26#IX-%=FKJ4hM<5BvCPS%qkJg7076YY7K96p z&-Ln2@|5=kOfiPQRF{)*e*3I3Gw6IHS8D|ax@(JKhl&-C+e5vNSP;z(?XUADjufvO zJ}S3c!4=D^b_Aq%UdNEd+au9I?a1E}Z4k(9m}PImxx6nq0=f)>#IN~c<(JNcrNuN( z>W%pG3eQIUF#VAWpgp}}L*@vT9S&1?w+|5%WO;+Y49Sxbh|=*Ffdw7+xGJ?Cku%lt z7Y@w6<~Tb2EQK38{b4zjoP)7mHtBHqs1M8x8nf?^CTc|Sb!2bZUWXywbAxyG^~C^f zdcmC7&u+|c;#Xm45bmQGSL4rEs-({VlYKIdH{ld}gx-g-#qD$tFGaU(YoSDn_8_@c zvNfY%YR{lV=&V2#m41nWB%3+mliDA+YYv9k9u(`bzdI__hMe5>9s zRIl|Vd{^f}luhn^kd0&fxxN4vc;!9CO)k=-@K|dfMJbEUCn0E^$>hIjA7Q1DPdM_e zgaZuZg5f0Xawlq;cp{plWMGbXoq3R?>~Khg;?Lw!N$+7Nh{myiO3se3=Dshn(nvPL zy0Owuxvv=dl)D6sQ@QQwU?qa#G89f%Y#vm0^%|iRi`H4BkWV#c?7N0J9uv%qzYwh_yB@p9?T|&a_gDN;l*v+@Dw49! zT3r4*^T>9QOcUk<(H}`1+DA9%(rXFv@B0k_NpV5w#CT7Zc;;o8k(V&C9BgloyeHuv z@-vK+y1x&*fck)U8b-8Ge-^Upv_=$#XcAMnctrS3H5LN#+=p^`z=7pXTn;*?v3!YM z;7pR&IJRVGKwZ%OKoS+d!aO9}AZ$){u5cZ9`48KOagU?8%NA4*lYGDlZ`|Y1>uXL$ zJMC3+x^%u_^)YR5r@ZKZP#pKc1x=kcoL7$5MR`iV?AIk{N_N}GT~fcqK?$d%KpUp} zTI|DFx5vVAesf~c!?z04nx4#n29bk%sK>lPdcNZdd1a8-jnt! zHrmeH5yK=iL?~x#hX`lC1|B8J5lHBYYauOFK26w_d4%IFA`(I}9IhP=`U56=2{6SbBl)Q283uF3a>ljS-G2m(i205e!pO8n)H!K< zh-Z~o4oop)s8-?!p>CNUgn>w7k-dp$RYNjh-5vp6bOz9FWghrH)GsNNhLLjB#}^Sv z9cKT2ToK-7LSV|z1E!pdPzSvpaf!70l|6@GQTeEV$vF z%TDj(!z|Td!Rp#s#wh;o$`Mp>ZaRi(0k-F3>~N2pfGYNHjnqANU2}Nd}3Bnj5;vI zsN=|2>^JJW{=1@}4^1z?>sFf>L_j4#N9T67@dSr^aN2(BIop7D6;cbytlK zN1fI!jQah3j(Y_M(!0@|l@lCQp1R)@nChMb!%*G(#XzL-vHLwf$+k$RmWSYUlFcHF zQFuo7?l7X2yA2rwnQ|Y1nTBvDcY7@D6t4^n2U5pD6owE?cYN`zVu^vF0=H))@2T%g z?i=g2;kezj>wY2eciS*#N8=#!p8A+cHPXI}Tqw1}x6{|0kSxia5#p~kavo`v1=IS% zPP?s&qzT>E3yc-%_#^SD?>CNsZWmw@in9#qK=jA!bVlJC6OV|iIMpvUP>m0tzuOTh z)8~P^!tL-xs2$eB4#ULQ_aM1YUL$M(qCeaLg25+62au`y#a62EIgcJQwQ`JsDbC}X z{HSgR0VcZz&&rnoOtEFaP>?#V$jcY55JA)qJzjK=Y%3VDtzfQaiIZdn#tJy#+L z&#tEm6SodQWw~xQqa7xbjstx3hABQ97lGoNH~|#n0L*eWsXUSsDUob?jzTege6GbB z<>9(7knt&gEj(>HkMMFzF2?=Q?KwOvJ1a1Z|80C|#M&Q3oOIg=V^+OBVCG?w3)Rm6 zQkSGR5|S?&4)t8JMWnrZ%swl)A58KF(QrDWf^~K}B`-_5Rg|$-JN)sQ8)Bzn7(zOp z_ZGRc+&;e1vfj+G$@mY_En{mM3dM@*kntI#VbEX&Q%fXfF_>Bzne~AUq?V z3dW<_ANZNHZkW;xQ|=}%SFAD(FO;C`_G~Ixsg5g#VW0bWo`m}?i{w6VFsNVE_77{0 z=7#53G)WYm--r69KJ0rRZs&g1Vr7u*NVd4_W)P}mM=X(&9piqmzTcuuem{SSZqhje z`x76Ee5<~`WTeXu7k6lNdLdj&wwB1t>U4@E(0vnVlB$;hOf`}z#j3laXs3KXV2Z`T zP^BCqV2VZLSv)kIhS-+E3$^(~f05|WpCu`z?@LZgoxh;D`?9FgA^#CDf}Pced>yot zFBKRO>HS%FyI|po=~JvS-UkK_!w72Y?I@_=@u`kO zL=tPSqD4ucruvI$m+h0Gf%jZ=AJ+U^BK=Z$W_W_(uIRio(#Evr@KeE18#R`&s`jyjSE<9$&$SoGk@Y+X zH|@_7o}*`xPdye^PR}a7lYVn3scbD+Ms(H^!lLov=+qj8^RBN^n8*8A!uizafyGy{ zBfD2T3`4)p{b8(cYl-n+d=fQ9cnRlrqw&zKx*h;GRqSBEx{MUjO`V4!NMUVWjt`h@ z6bSP2;{>eZ3fN^olYuFpGfJuSa{=j8wL1dV_ZBeKlqG6icOgb3d*?X>Fv~_8ux@AI z%VTtI2mU7^5KuLT&TDq9~RN_D(oEA2WlN*+)5XAza#SrMwK=ns2mwt0{XLTOVK2c z_I4|Fq`3OK%a~y*=yDh^90ILhybwAEvD|3yb87j0m=yY+!5q=`9vYEpqkfem5ms;U zT^MDT2_sUi%L2e4nBE5^IrSp49T7YOtD~~ zK>k5siff6;LE(?nL+cC6>H0J#D2z*O%;>+}7Xwk@IPL8)G<4cUGwAX?%cgqaz)(8- z``}HTPFYFuCOq5PTV$l`3`Jk)akLS&)MaX5UL$1ruG3L0*K!z~sp|`nr0%g}5=0EN z`J#q)dwZDrx*Q8k`Y%C7vhM;@EHPU_dK56lD+5zbFfip`hUG!~oLu-G_fI?dXMicL z9+>QKC?txV0j4^Yz)Txt0d<~DJK3)=6ey+*nEcLhtCr4HEZmY`!bRWrKC9OCEzG+s zc)>sIXLZL{a7pc%xV)i1OEjzG*a$1==Ot+FdMHLD-JJZG8ag=N3|l{P7$B+DB*s%1sNGQa>*di&aAnnDI==Q@1-36|Q4mrT*nn`QYJDTrx$h%LvfIew*28Y= z1IDq^$Gk$5gbsH5J;mlQhWBSzcqg7a@y@uiz3(GDxZ3*||GOOtW=gPW>lbTww~NwF zXFM>)exT)nnf^Xv;|LAF=LVKd!JaL z?oSC9c()G$^Vx_IMf{mv)a6qSyp{K12GJT}))P*zOhZT(+HVm%)A=9M=rSDcc=@t` z5gOTXg)^|rG@M4_b%?-SUx>(6;hxx(?za!Gz23)@JzgqK^KNekrh0fpOBn|U2t8(z zc8cRBoB_va!$BMZhM|o2b}+@x*I-1F*CO_#?`gs^bT+c#y4(&`Ddsb(+jd85B_1ig3MyB-Sdq;mp8 z7|^rIK?oD0)(Fu;w1Evzdmjr=w|9n{xclRQQ3SS)h4N-Pf7z*B&x>X2`8`+wWETYn zr|f-T0qi)y*4J(NVN%t4kfEr3j;*iz40+akjSw5@Gb^<)ph=wSWU$z&o&4R9v(Kog1KIaJR}%>@oPym3g)3ioGO#^Jl)?UD5WV~Q+QooewQNQ>MHD(^|`-2D; z;|hIMbPz_KK41LoeJ>!k_t-MB7jDFNF~4+QLbwg2_rSu`2Vt+`?NJD$uX)6^7-k(T zVs`pGh|kgbvZFp6(U>tyY?Q_Ctb)Hk9tosKE@k01+>&EDe zQ{NRIM}^Keg1dX(BJFGgz=kK88cU>PDS}8vS41(2o{3D>{=fpSJss|VPWRj@-EHs` z5m9UpFx@}R!L7IlU}QseoU*A6Q{Eklf%O?ImXc371*N}n1%-GqYL9GW;rbNa7jNg-m+W)HuI~IEX;S)Xh=2X;LDMy^aQyXs8R_xr0~uJf;Tl^6A%e4F0H*jMs86=_pvb;%z!VDs zO!Z5+Rsk&Zc|?+gVAA(_R(U7DRD(0FZs@iVf_GI9nJXDEzxIBydp9|PXd2Z?1ty<0 z)k~D0M`VEFWU!1VR~49i6KJ~f5nw!!%@UYu8%DTA*VTaO{&*O%Z1unt3js{A5Wo~$ z0ZcW;;u?v5rT|k82QcL?0K?kyY;s@UsHdQ@P?V_i zY@+qLY>RN9{JdfI>H8O7hx>p}st?5HPA}}XuGeBlQq8jnN$qkm)@S8p0^_2Aj(d&( z^-I8+@IoofPA?p*T3=#`yX~5aQ@T477@A%m3ks&jf{fJnV3b|ZSP0qH`w(um=9F7< zJJp22G$-F3Fx3_YhM}g-1Fvb1mnT?CxfGG@B0O&~hjknf>C$CFo>lEOgf;VV0=~O1 zi*}|Lf^a355R|HY8D-Bq{!q_Fr*NEZ%fQ-n-eblnvctyg_`|Q!`4DWk+wTc@QtWv| z9U51*@zBolAK@xm4^YtU3}_#!Ar1@^bejhO7hPvUP$5gFw?ka(`z-<_Iu0TjqT`+* z2kjZ$TU|eotCQR>1*`hrLQ3p@Q=XN+3Jj$7dEn#g`wd5I*MFIWaS$fdIucGc}ZggTQb()+Maopvbvy&XX|9WSsy@j3)Mor4Hi+Jgu>-G)Ng zwdLI?@7QG@B2C2;VZ2()V4fN?p$nQD8?)~tP8sbF+>+g%h*ebn4`9m22Bz5Vu&8$b z2QbB1(o8YOz>vuM8bSA(8x97wiz>wZS;QCN3PWq(M{G;&-v|TfdphnL>;2;2(wI3e z#do_PN`G%j9( zo5^?~Lb3C!NMX}F9Or>c(`P96Oi9KhtE1aCDNLn1y@AoN(F-0H?Lkr%x}Os(CW$-! zSr>`#- zRnbeBrPL0WO{W8PjAUvo>)oaw+MCWsj&AKEOoG}+_`Ez{0u_XVIFUN8Sm91XhzFh< z3`Xz6ZXx_JHMhgr+xsOBs?$B!O-QDuYPa?bnt|5?yPnnqCq_RP5Ocgn)cEb=L*vxm z;zlmXYjHnL#~+azvPa0e)`J!5 zITB=k**=bcOKXk=R5Xc6RkmxQ4t0KD0?_^?Izqe?>Dg<9!qwND`~{tPSb=rsfjymh z__t&WLbMfcN3-(WIH>#HA}XW%go)I!PQuK@BjPR>%?(qK`iM)B`dVUI7ab7StoOm& z+j+#!*ZCIQp!;xHAS|uRej`+<^A}(^)zwb1-6T@T_5e)&GQ=?X2!JVG9+-R%z;ssN zc#>QKOz~mBd|zASi8S2PPG<$mmgEv(^6LWgUG`X?`*}q8m156mu+8Iwf`QLys7(J`FYqSsL+yaxF z9o{XiZ9o^Z2uaweXeosb=P5|T99cRGkQDAXs39>p*r{R;dAY>3hl7e zw7KDPRloRLyWSnQxOaO5Ff8Q#edzXm%y@gcjSPtaV1E|9r>`Y`*lyq8S;@eJ%qpe` zm|~QGk&4^}hzogu1zUWLEGxw~hoogbnQ!Pi}>lHs>Cx|C9Tk)5;{-+_^QD;FYzYTQKf(bj ziQB2Z1WYL|C9pf**vgT$?e?l+3i_4ncb==_-;q|b0th(BW$&>qB+ z*6k`-UafzO0#kh~q$>1tpFG2!LrJ75761FQj)#kg)NacNO{m*4fSGTQi6_}&6yNFn zl91E)5z>ZaQCvkmW+F}*;}qYC)&mnjr+cJ>ZbJ!^zI1!iVk8em=??XQA5l2P@MD;K zZIouQe1Olt+ipnWv;Mo{^QRpJJR6?F=ikRd=(Ntf$a(C0CVc*#?s3U=`x>qe)dU1) zUX00C`!|x@)rWmMR9NsG=J@jcKE(UJ=2!%!FCblM&tP8DzNDg9zXyREi&aMxm|~() z-h9tIM}_1ow0+StNmD)60D-}L4UEbjfk(ajQX_*yvP$@(JFX%}vG2>cF0j*3l;Uzb z(>UHJ@eMrc!f9Mxt+8N+Qy&PKoldc2NLB{R-END!O#aYtq3P@iQMsQ-5rCzBIcWNR z!!;p3ggaTf8f;SMG*&&GQPfKlP2%qskD%iZn0p>ai0oN$kLuV?XrYb-c-L_^njHu{)xVrbn~_Dmd6>X(%M{w#)I ztw+>G>(7Ew$?aj->t_n=KsW%+Ixi!gL}Q_NjNTWDe8WMcP_e2Tm7GnshU6U5d!#4hy)?Zbw`<*~&D`a7E~J-yib+~JEK%W-58{&R{ywBw z@q0XDvRxD5FJ8>CC0>WRFFL?HF1rP2mX3q3TxS5~u>|nX+-4~K7wJ#@DncOp z{=ma0yDi$K=#NMj=?3`TW#7OQE_pY~Z*)9k;gP({ku3g<``0+7@KL8VmdH3=@qI=r zW2b{Cp=OxsvO|%ogFC{Egi|urHDCMVk$hB#6qsTvqilfq8mR@6mEqVr2g66-`B3=i zJI_JP>G67mOQ|**Fx5!_W}bu9$Ndt(AzZO=oxczoZ`y$D+nPt|gq|M&OmXJG6gLb^ zapu5K(3i3br5IFu0+?d0fT3;ZS;f}E!IV!2Om*LYNr#B)lkNjn(rAr#!YMH283I$D zA&xr?aeW@-rMCS+JH=oCQ@$Ut6`W!iXmo&Bq8Kk=%E!UNBRT~pIt8X!CSdZlA^ON~ z1x$6jfpIu?ypSFxnnbV@uHxdG{%jPp5DYiHV2Z&&G{cC}+eOm6U^=^bmLTEQ4mU(U zyTg;(bwpq=F+HmoW;h8L?CoIBeQron{ahU)X5&rV`f$iZXKcGpeATcQ2Isnul~+F?cMePEUn4IxMvcHQM-qRkWs z1x)^KV7fmbBGt4P!hF@vP-Z4uI57D`fsx44=0;dcm(5Unw}p+DDgPFea*wAu!7k__n+Ko^~8a9nY@!O5l;t6n00q zCq`+dZVv-y*#{9_yack+o+ejXXB4^8T?fN4fgz;L1An*p8vgF?^GE8G9T=E-4l0D- z$7by`iEq2x*9dx$?hK4Y>SJ~s3XI7#j;5=#f;zL^-^jC;K|)+pzfqjDj|KZd=YN=Nukgotq1Jd>T&~f^D#8pfkr&uVY&xAj|(+g^Rw>3vb zoMcQq1X_>q$M-dlORD-Bu@n40oZA{Rc5jW3T9}3@XOGfy%2@%%VbSOS%zJ#q?)P&6 zQ-*PmAIImn^`Fcl#fv zVdV}3^BuH!c64?}@psKP4#Kt`>{RJ9s5sq5i$rrH9Sq;Q_%6P8ohe{cawp+eqWe*t zxsQ(l3inj&6rPbMH8(`tPNzhvt~`qop!XYDA%ZEd1H&*;Cu+BHPc{ zrxxL`y$|xi`uL&{T5pFotv<+8?{-3p+p4Axg`@~NZv9gAxBGy?y&yi0f+Rg4@+D{c z_wL2RCr@u*oP7A<*&m+#?e;XJptCQZKfjAlv^)LsFJ+NKm5%n z+sltX`DFJ12i#|u*S|rYeQ^EY;^R+tpWXlDH&?&;=;U~l)2~j>K7Ib^!FRWh{`~UQ z_ortUpI$tO*g?dz&E*3)`h)v7pFa2)L)ULU{_Ntj?a4L>l1b z)yaSO55M{SXD2z_=U@NJ-!YfZAHMi=3_CyGK0dvB@#^-YkIw$vliR=CzW9R2Z(rO# zdvyDf7N0(O`NPwPe`O?pd~)~nwwnI_)!ox4&u(9y;&_FEPrp3-{PynQg*4U~-;2{fJbCop z?ThbjpWK~3d3O5v_Qh#n^~Lw2@0YyeyJt`S{L8a38Xo?q(ZMgz{>$xO|ML9B6)uY=NzX+87{+n-}Ji5L2{KdDY7xy;5Jp26lW8(!s`yMZ2oqzG!p}W&R zj2=F%9#)2U`t`$?&=Dy6{floOK6~-`;(9itMzTNTEpWqmN$RvDDxH z-N}dl>Bk=)KKk?R-Ral2-#&Tv>-YZO|MUNT@AS#zU%&THm!IGN{D%j(-#z)qzrDEq z!{7evA0Peg&yQ{%zxSWmgg<`p2afByW7(+AIAzzgo(fBzAtj??Y-9?nY~VZS>4rOY@ z56-tAT-?0((aGuQ>4z^KfAhhYpMI8o@$J{|eRp^F!v|+)fBDN_?)~K=*61wKGS2Rw zpPiq-PmA|o{`J}2!yn&&_VVwim(+Vcy?y!U#giWfmBxD?e*OH_-LKz!FFM-)laqS* z!@i?uFYk>B-h1@?`?DV({&2RrcmHhvW*+3&_m2Ey@=joH>dnf3!yD{kX@qNh19|ebg{-V7nQ2K}4|Fwi3 zM*Y!@{r*4y*IV-6Hw}5&*BG(~7Q?-Zqi;E^pN8UpGp>4Is=s{Gj8_(^&n@QraylAU zX8g&+Z60 z{D;9C4!z7cL%>S}_{bu_^x(e1&&~Ka7C!%c9anYWeE~~qpMO4oc7}-Qy}x~i zRE#uR@5Mc_xy5Gi{>`J!=6y83hwop1{mtX|cMoxfQ(=M_o`?0`*|TrN(?n++?g$lU zd#OS@W#Z01^ZySM{+VAqf8D=#GRMZz&;O3DqbQm;_;+;8v2pbCzoY9YivEB0z5*<( zZCeyXxI?(Xg`0qF(_X{13qM5I)@TR@}{1Vl;{DM7m7t@Zz~_x9d%-re4J zzVqJwzW3qp>@mj}GuBvRj5*g|EBt?U{goU4W&HoM>%U~tUn~6Y*!35^1fZxApzr{+ z4(KRA^h$4WrM&_bcIZ$g9Sb@N;9Ll}!2k6&GDsO48S5Wqf6>(bk@uHVyXYuanoB@2 z@~7&O<5$(?ADT;0ai+>7Bd+&f>m>Pk#Kpx}#3Us_k8R)%aULEq;24*r7^}D#mnb{4 zq=cXWpnS4$CxdDq$p8i2pDIao6hKV^_}`&Jm6GTvpce2--6P`Q;OOe22b|0T)Xik7 zpbinD`UAk30IEpWKedSJCZ;Y-YFDa4XrT)kGn1I3gDd!64YUL;^8i6o&W>(Q0QoWy zl_isy8k4w%JD>?ul@bNot2>)GxHy5Z&Ab53r-FsKjftqErygLbAp>o&fM>k{ld6S_ zqnk5S52~#M(H4RLA2O4H-XdhGKtoBOUm#Ciof*)Cg8mMmx{}3+8NdV7YD4M(qPCfu zg{vNuvbZFZx`n4J00K~riWvayA*xMKQTi8MCeZAPEpmE*<{n@NgcoFxKFJ{3Rx;4k z3lxA}Y+wMwUWHINz%d7C8uV%a%RvuDNC<@k@t6VAphh1IK@SE<2!#vr>HyM!{RWZ` ze47$l4tg_!^*}EOupIRG0mCc4LQbrJY0!!U38DBwzM=}ILC*^?1TAA=2zrkuRdH19zpSBPCtVc>-F6^4*&RH1dQnnN7zz#Pcw zGDrlvEde=KGZ?UCUv&YPTcBM)uJwdezD5l4;TuTKHSG{rL`V+kR|t(9f0u37=-J+E`FaE2J5A$6`91vzpA$+_kRRque83KSn80_8jqx#|LNp@LS1cq4;w0DqI~oa;K*TQ$Uk5>n@S zlLjs|xvC607lB2P(}R!*Xnux7uA4)gQJ^_jXaK&JS9Pw&6z~VRBKdmX1ahv>04!|K z%GX;duuQM$f*ch9G(mU|{2Ob_*W}>k z$1jY5Y_|V4#{5A(lrg`%lA)r&9|Avc!Vt27vO`5Q$OZ_Nih;Klc^Po$gYxUjE#e>T zebBalfP~!Z0PMGrv!sylnzdwCatH|e??HyV09---bB$ha#GS#1SaB0CJpxxEYY=0`%bs{8<8Vut%^Z*dtgI#LflA3;2P#4`CRAvw|cLXp1;rv+(@HfL`f=+938Ic3`OuP+|}Kc>(z*05#@7&NU@q2}liC(*r&=SN9=wBZlNP**c%@c6cp`|VWcFqtiK};-x z8Xl0GzjEff6-c||AMLJt{EysrgwPEgIp|z52Ozovzdz^GHAHai9s+!GgYf3BJio31 zQet*RJ#-d$KxPoM9OT?}O%OYfUMT;eJztNUKKg$iJCHMf@()@cIu_uFIzV_1@(G-2 z>i=Q&SOe5RI1BU+&U6b%8jOSE2Cf5eL~VeSB~S+9bv?0KEX8u!iSC^8PErG?O*d9#0H8fSPNVS;Evz`sRgck zupcPT|1d36kvxI>S-|kGPk4xM2)S+>6o){+%zq?y zLIM2&ANcz8HJmHG=pPd7e+>$P%b%d2`biL_-vz5KUE_ZLkXRD=8PCigcMD`5Hox6na`bm-huq#@U7Xb|FDDv;7@RuF!cgTg@ZhAeSf9~klwr=puG4KKooRo#we*WgGBybk_ zFJ5m@&!K-eM}CJ1P<_L1&FWudH1G=_|Nck%?@$Q&(9ZQR|E*^g>n}1I)S2i1jK_k~a3hX>le=d*G0)xP_Ucxy98n zW#B+CaK|b4pGT8DGsl~KjIqB>2wm_GZw$J74D;l;WV1C`?$^l0!#)&8OTaT~uvXr0G9o+jLM6A? zXz+4J*TZ!PO;yEXLAJ4E8raPM*~Fc+axsvN9Ze@$7*ngJJc{MGu6Kk3)|y zdLG~zaHZ9-w;$E)Q3Yu+G&QYF*~QroFfKnbF(dX@9I^$Lpz5 z;02QCvI+N-MX>;5#eq>l6LtEckJfJ9!J}_cEu$tZJ-7`Vo=$$p4DV3ZjubcBP8WYz z$(TH3zD`8wqAIUiPN^NnpomNHp0 zNr_pLO!N7U)_Fv}0!@&hIN!*Fm*M{M_~S7jtnaFt;5pw5+O_7zjk{B!9cCLB@}j`s zTPi z#%Bf0>(rFRYqXaHeJf%(j7(t@#u70<8&CwEVB~vLpmMPoybE#uX&~VW_o;upUEm;} z;irAr_P!^R8J!S@(uW}20`!%etr(=_I}2H%drG@Fm;kiZ1IYyE4=sJ-Z#-qL3X56c6|!wa4vCPS{el>at$?SgkO{q zdgg+%L%*NUdK0z4ovn5F9cg`~vJ~?1IrgrfN7Kbnsz4TajFC6Y991(F_>eoC=n*Ra z^!^djMc`3{_%cf>tIu@P`}OxmV&rkj6uKx{uY~LJXGY{!Xii8@?htn0t!IVP!gUh5 zAe?(*L@o6U^;y(25;~n4vHi?7jR}H}1FgCzI;%I8vxX8S{C?8rTUZN>c;6I!oi}fc z;PVK^GCi=ULmqXT)fa9qmb87oUFl2k5#ka41=1z_Wn%q1gRlNOtX{#y_j~b$)cWNu z@0!f1hN`!z_~jY0FEh2Mp2+DKDW(wh&-7!a2I$?@s9%7KV9I5TdzGAv$(8qG1$NIZ z_ZW8X&YoOc(_!+k%pUE}1=NAZ>to!Xs`^bwUj$g{&Hzmy*do^f9YUcltMwL+pm zxcx+l!G`L?yY8>JJIFj;EBF!5-s$&lnEMa;zS8aGZ2!)4AaS6!`JA`JYkgp|;!yUb ztCx+GjYk8rc|2TSRcCsCo(!4GhroWhkz2l+1sv84Bh~`SXC`r(E!L#o1TDy)PHBAo zqvkX=Q~d>RC}xV9y$nJAnb=Kuq`oPDnz?$zhM-;Uab5E8{t<37{8rGg!x`z3O77P1 z&*ANvBfm4BGXnlQ6tt}I@{g(4sPW<{d~p-Hzgjv|^T6cfBpAidC(OqW6Fg>Nqqt+$ z_^dyTFRgrl*(LB8epgOIoxs7~Ktqy@z|ar?u~g{KNf)`B#Q> zF}JL6j5C}iWEv$#%bU^mT@{8T<2umXqL~^c!B@xTXy<;?2PRGU> zfz6Gl(^Uf-hOs#PjWkaDSn180P=BLsm6e@y+$`$Hxw8meBS!@|4p zBMxz&g!0edAOt**Y)3gkBQbThe!O<`CqLUk*O>VM;j*T0y8KOdUYtRJC|k3UjwWF( z6#-jOACcR_Q8W)ulvb#@(bRo2PSL%Q9*Tt#@I|sJ#l<`yXf8&{_ZdaDMDSgY$<6WQ zMr1RHU<~_?lya%;O>C+CSXbpiD>jpG;-WkgO492PzJS}V@%pXxXJmXi3i&x-2&Q5U zVSjwPLAPmKQ>cRP1@m#yQH81X&JQLA5vlf9^-kDaf$TArc2hq#sy1K`nl_Z`yoid@di-v;t4$4*zV}7tzfGlkg^qHk`N5?Ga;G zrybk0Z@8{_WkuBOPtLIYBH?{mP8fMH9`quw`?C19AuK^X@5m_ZfI%~FiIrM~u-?v*W9hAuAl0{^ocQ(uE= zFjJgacX3acuwmDEkw301InBbndxCtdl6@{f_3{;a)n{2otJYu=V{`>F4VU&xrFJnV zJbwOO{K_Srm&NSxmOdD+Izp!*{EuSwS29ON=TaOW+PvrB9JgXyRX3>QRJrq1;+`ru zHa47p&g7Ci4~cumgek6P;%M%q4To*42FuNYMu%c6GHzlbe9i9Xb92}~qr>>^5mibYjY>I~-m5lW%m7(-*$&*^Fd$;H|~lx7djbr(#f|%RRpz#hA@C zK%cJE)|DBumBqiIA27CWfk##6IymFIsl!xNGvnqJ=U(S9OH4e+<}=q|C03m&M7kVk zCsS=@Y=`N)Zy@}3^*iF?%)5uX-_e(579Ire$*ibpWIGm*D?CLjL&C5tlo{J8e}E9k zkzL-k((IP!clW99OWzw_jlp`~2NFfQ;9s)`jGE7*a#rs*yPeKDkDO1i6*uDDbP0XK zly+p>Wz1h!vA4lfScq0szWP0@kp6`Sr2_n8d<;g6&a8pNg=e}p71cNo4L+lEEm#RY zDSeU(BgIJi(H-3$=hMm~?{j7%oaYN4hi^#-vY+&6J*6+XyO`f;70y|lnTf-}Ei`vm zkt)p2t~mToy5Z;lZs36SqP!!1Ju{A$B zXqFWUXWZWubEe`6NJAT8lj<3sV#>ARjLqTkIS#y;;4A#dcB3nOYTC%qNxLbv4&AKx z(%IYQ+u7c3;c6A$0IItq$;&bKlg!t9bl>%cvrB8AlpE~gGZoi{r>YDEDI5B_GyfQ1 zLo3by*-tClVlG||TdW?tU_AVWc|?!)`?_e}Wq*|9`<$`Tq_zJ3k~*HxDQC8A=MT3Z`o7`rh_GJWfpkZ9Ih-C|OcIwN9X!0vI(guO?egGRxFuo| zTGG}Je4kw=eLcg!)uTU8&Xr-3K8l@YdUq7Ni#NbW8Ti1vH`D7BiOK*jak=f*W0zeF zc&vovg0CAYpHRo{ax0Rpo`y^Ed=sDy-Yw14phZl&_<|LkWR|{dhR<-9JlQPB8O>jH zA?&!F?o|6Gw@M5Z3E2^cqCls$`2$mp*DTUSnk`S_^|~rvV=d2kQj7&{XGZDEEV}k; z_sTD-OU-K|(h2Kv!%6sYnqxdGP&Up%$wFq88hS^6asysN>ZOMOdTT#StNAT~0Hn}< zse>l|hM&^M;h!0`ojcwTZ(@=nmsXCD9SKdWvAun2AkuaV!!FogkUrvabvqOJNTQ|) z0Y0MLZiKAI^XBAx6ZF?OHR3a?xcb~HYaS0hSYG9leaW3-a=29&MYqlTN`i5x{5-F8 zd9+DLgLv)Mf@9g#qY~+yKtVWMNg0TEvF#fmr095-Xoi}~+w@7*>|yaic-W*-W8to-Rdkk0qg7W)+_$Kwso%eh zzMRE&XHet$WVzK|dds*dsz1PN&dd-lpe|TG@kb`vR}B&Jc`^_Aq1kEI9B+?1A7qfL zt-U{V@VCmGo39kzlqY^3LsrCDqEzmSiOZ z$K2F$?poe>*FN3&^nAk<%SgkghOSmTq0s{r!O`Lm+$VgmZLGXG-a1qyx}Pw-=GzUh z=|ztrWS;43OgA@R*GXNm_IpnW4 z3QHn6BTxLmHsff`NX`5GaJ$#*IH@Oolhm)++C@_BZ#y$mltg5|zO&Bi7RswJ`&Ar| z6sLglghiC#p-7X+X{07jNF-S~3@dYxQ3`y6iy3u1A0n^J_Ydy&hhs&htFLL3TBb6@ z8AMTSY>X{v)AhRj-zU&Ns5;+(DK(wFqs!zJvv4w#KsM8zXFk6&Qk?hoFp`X}D6)Hk zq*Hr)uaANboBr4wVF;C^vslGM9iPul6`zA|w>xhFS2u0f%f9yOZYL&(XjpLp98RL= zJ}U8QI@?xY$2Siw^-QCjAG*|B)wRczS?w>6UJBtxu9+RD(Hdiri76Acn-s^`Ad_`i zp&1+CM`~*Lz~oVeQ~J78?zpg>Elh|>+zjxfiFmT0os`&F@j~CFnielgg}i2lhOzYS zLkD{&VXgS(C%Dv7n7xDg7V2hj&rUv*oIj9sN>qFGOnZI1`$a7tqxShnjk+K1>8_jw zy+qd9JPiSl9SnTPtV_B#3FLJ3vz?nbq+Y#z0n? ztbVnMxp0;=J;-3wC-+TIN3eJ&h{`FSJDXuQY8>!)C^u_=AQTKhal0kLX1zk$FaQ@Z~pT(5Pc6$B`3}w;e_m zKG#@A(Jz#dp`LeQEvB`jY^FaGQ%A%OYfmB;y+K3a@sccBITTxc%}=oc#ynGLLQL=; zwib2b`w?*q>wI4JM?)hY3M3?=kf>1$LPsghZu9awRdkvusau#A#HURz?cP!(LX|8i zaUwoN--KaJ7bmH{&xqT5*NiMsG+p@Y0spH){>^l1Ij+j!PaO+S-eC-?Z6v0rs;BF* z*V*(TOd!l6JQ8z7Y+~zNq#&dl>a~1t`rawDCO6Od(TK6a6dD==2Jpe74p`dg!&eP< z3)7GH9cOvX6#PB3%jGz~C}cWF`Yer~EFV2@*odyE*ca>F^!&N2S2ZZ7p)^o?(oD&F z;AvwVJT6%CFKb6sPn=gF~Hx@R)kc!xR|E6b}Lom-evY;d<^O zErq`udtx3Qe#4?hEa(A`W|${^P>#CYNI!FE_U*dz2+dQqhD=q&`-Lg@OWC-}dS~|V zSK$RljhJ)~w4X4@_o%+HuOhC^Ep3KTzaY@&1-iIS0m~DPT7vk z3nbppu|f4R*}Xb1W+H1fYQG&6zH;MqQ$NJ^+!kWLj6RFzao~5jB-+I+a0n)$oVFbv zv`Aqo?X-J_zNq(XMuC(_sM^ks!vgW6b&bq(EOrs}0@_Lu#7==&EPa=DqN|$P$j+q2R-#T+XS)H5mAtQJd?td9t7N(u zCKlNqd}CM2K(Q{-NiYgu_-@9%KsZZB7``9MWOOrRAGww&UOrIP<^Gx*S=5jp^(D7} zo~&(+n4?kMYx>z2ZJnlEAC=z1@#^mTd0!(alU&PtW5ds zW@i{3q2C-L+?9A+%hn{T2qw3ctBe?%A85Vja; zj)rlW?+5DJ1`ubUzu?ATegRXv zmI?dSEbCE;9t|7~s%^0|?5wI$@UACaHeDIpo8Zp~T?i&4E%7s!Q&je@Z8EJ)Yn(3; zV}j2RCOP*dmn8i&sagGU4e6J!Nv-pj))tT6vwL`UiV}Of2hS_k z^i#qVB~B&NgeLBEJ0rMgvWR+O6iX;7m)a&GErsYX6QbcNzmR#1Sd;G`Y)i0-9&s2s z7nC}UYS~8a9z{|lU-z-&)*H9R=nZz9qv$j*p)T`GMND^-gfd} zV|?ZGUbGy-aRd+M#KAb%WvRR_Pvm77dFn9BY}NWXkJ}r)BYot71hVUxovUAqw;sE? zGG(11YSXLhxGBFgz$Yn`m4~s0b(d6Fx0S&mp!<@azpf{o=ytokSRqDXo0tP-i7dC! z_6B#;hdJxst(hQ~UVj7Y%GpPV{-^Exc0~&B6c*GGI#!=1mdhVbeUj5xp}O5Mw}Dpq zZESPk;2vJx3o4GVYC$%~$?fSEEp|+W&FRRc56R0ok~wA*^e(>N^{%4BNzR43f~C=9$^8M0rPZ}K(hj=C0zi6WBmv5_^O z-CE$IUf{Fke0f_>09&IPFRxlaZsn*RrAmXH_+C`voc8`sgvBIj+xLdej|YMb-(4f8 zog9Y7Q&#tPFV-4ONDh22lYI{6n#hE_mJ@fN3pjtYU0V;ui^Ir?VgP-RtiWODL`)PT@Q zKge%%~7m^v$X{b2gOrQGK7u9UVuL zsJ$C$juPpKj=hM44U2`+k$J~{N)n5o>BSQ@%0xo>_@vL%NveAedWyv+w+o+mB{eb{ z6q|4sK54*C|7mQZCU`f3Otfa(Q+{;YDLALciOQYQoxW#8>{RcQvuswemaWeE)32tR zjnBB6dM0+1D+@4F%)^vJKg+D4QzjZ6v}2>-FvH@Z#b~N?;&-D+TCH@xm4FvPSd5}S z5mi2>$jEE&SEdmt?LrbLNi^re4Ar9fIldBNAG*zSBNev%#ldYD+67;GA;kANaJnzw zo)blTm3w@Mj(Syvygj7a+()aOklpa%i$bAi(+u&JdA2T>%lom_<6hZAqtWNF;^QiZ zrp@2iVn_DxpMNWN3Pk07Mb;UaNhSM@S@VKuI*(Ayp<0gf;Ri>yTZJP;aXvRmlV-Io zs#p&6ke7o_$_ziUolJZxq!KWZd?RyEbrOv56t7f0+)5(lO^s%lU)G>yGJ0)Lva0CM zFc*S#taX+LW^O)~hRhhkfyhPJyl^H~C`G4|c~K~4)KTLeTFgkEKV3yI$hEU#+*ixO z3d+Pw5Hd3Ke!lbB+Ga5^)iXZmIG)UKTX*y}Nw6*3+xSwUWodO5MIwc(gtXOunY7&2 z8Y{SN`9?5m`rAVB=aYx#o%3%Mq=R#~@eN-Z7E*cUtMKIaT;5Fn-mU}_a?V%Tg@s67 z88JzwS-`3O=m%0kGJIljj#2m4Hv-s!@EMB}MiFVT)~EV!Bj&Zf&{3~;;Xb$_h0}Wf za(ac}jDT#MlK&GAdH8bGK&(`sgOpMZ_ebIer}SP`Qu|EXjsUaNfbGvQvu>l-3d52+ z@9#fTW_C^x91Yqb-B#lc+oSP?QTVpkj#FBOXgkj`m{kv8MNpkv2q$5f!?{%PFgO!P1vvt=c&`I9+@OMOj6`muRK7 z9D*U}B5l0HJt9JQDbXTr_vyVp;3gd$bC-s`a&5vVE zH!Vs)@12V@bB}=76@m37ih^V7vvlQ8Dl6z;1?7IcP>xd-A7rsC8R_Uqk?x%F+ny?u zYiyqDlVC-al6~rEwAUNwb^b!3F2SOZ@74RT0+r%@I?K4)Sb^r%856u|4)?gvRd(ME zl7ecKr8jWeu}DwKH;|MuBf0LO?nGF2P#keviC5FKCbCeZ9E&!-aKZvR7w-m%%_vkXtt*;+=e_@j^^~JieWQ;+g@^gSq6YH4R!0ZVg5Fp68Vf zCe(AwZzI(TEWRvzz%{O~y9x3B&}QralOcN3=Vb!wqOPf<)*G!u_H zu3QuXdE)lmW_hyWl#JO1oQCL2=200pUkp^B5e#hf#YH1EN@zA4@U^(| zOS;M{BX7Feb)P&S7mkE0mUC|$BPw6{HmWw>^Asi0ol*0Kpp}>)$D(cl$L-|&kgB(~ zUm~~{?_}5kh(W zoW|J(j+*}Z4;4+DGQBQtVe9fl#|)OD@m7yogXme4r_^5%X1rH7Q*%8ye)$ChCTjY{ zBfO>{5^M)K1x*R;9ur&CT^GefTLuF@3ytB6Z!Rfq_04u(O&{a3s=YqFfB7K2uP~Ei z*RqnW)pK1|kLD%H{;W`)%P_$GO^yC9SSSy6kb|>VhbDFsf6*92Ju!>0q}1n zv7jCDj~fzS*`*2d!a!^&AQs7N$BGqIF$l^3gp@lXjT0(avcje+kyAaVrN@KLCRIX~ z^s$micqJYQ_g)uPLIj$m^joS=6)h=Tqbkf5#gQTk8fdm9@|LR1 z@(wo3Iu+_4g=##lmf-gg$xz$yAWq-m``tUCoildt0JR~kL zEn3Dc>~Gd!%X77x{PBIbv6XW!!m*mF87n~HfkdoXd@>Ay<3>*7N=om~32chk+2-dA z#`^=EMcD1q%4p;Vleut|Be0Wwp{V?&0!++Cx^a`LS>9@Y?de*tCG>Ny##BVQYhELwcpKFX%C}MJx{VRXyZ9%3T6vHnH zGA0?6p-A7}qP? z{Oj6Z^I)rOu1gzdOt?8>as9bs&k;Ddv)wCtrT)viYO%p0iWM7@Q76TuB>g zqgq?@pH1xJTVu*?a`%XKBTM1!)sfahm_o3IY%`^bJ2=#SCJvX?Tka~2uGTzdbP;%-WDpTe6PS}ol#1G4-sHNa zJ@<(8kod4=>9Rng)V&x^@e3=rfTEFpxZYAN;Zw#pDy98AHYSKP)ugtqx?w7Ea? zdA7ytUTzZO6B9rkFyc0H8GEP} zdTsrx+^HE$xkO>p=sQY1m>a%Tu12eKT$gZLJ>_9|gSr77!KrS;O|E?o?s<8x8mr$6 z$JPtkEtgW@FAd8mMfb+mN{2G~iB^vFjujO1d%g8JxhRCNR zdZoRhnuDZTb0@#AFTxXHzC_NG^So0nFL+0iP7$fo7AuHT>~SY8g=bc?)`CLXKJ0}u zT+dJPmcy;iMtY{*bN((o1yZxdn-#Z_I((S(O7>|iorGGd&Pl4A-;;P3dNPs`9cShq zkyGEGBM%H)VxSWS&O0xp@Y@qPVVpD ztI~R4Gei&GOO{Q@a?t+>j_Ej3D&*P`u|m1zFms;}aP?E8drGvXt0(7p@{Y+dng5gZ z_y&@AYVzIgXL{+~+!2xu%L-;D@2y;pDVs2l^raa2jYTZ=rLs1Q=xd2h<7Br+_~0p- zgJiQREQkrLIy9ZIGphhCUsdMrlvhf_;|J3gjrUK!r6k8D58Z!k@rBT&<(p(L`cNs{ zdeCHdU7^SQr!J)VLTQ4pP7zP!51(CBuSPZE7cK2&%G`frsUfU*ScEvH8y(SYTB{qc zI1Yo||CxWo7J|b@C z1Q`YTOZRk}E2E9ji{pHp=r&_4QtY2#xw-m5eR(~73}xANkk*a)`FLgjkG?{S#)k;Q z;s-AteOldn`x-rHE1s7IGYxU@?HQ|L9@$vzDcUFWPn9WswiXZDQbrrqR{K+1jYJMHz{O!+u}& z%)ZA{dsqd%upYN!F;Z^CG+Is19uY5yo>@)9n7uGm;?KV!p@pXZLMcS&aWhJ?5;H^*OnFfeN)ZwYOf>~R?VVd}oRStT^cU%nJn z>(KOhYQ8?!#4TD;ig0zU#c2P{!J~<~YNb!waFT1&2whJ({N0#WJVLwrruX+r$Bz>~ z+eZfsoHQtpAMgrXEY< z3wu^xZj(u8RAipIQ)?x`C?Z);nR%KyZxTH=;lgc6DZT*>0=iDpvsf$U7%O&-bz5Sz zcH`UPdD`kd-iEhG8aIYO&^~5i!=v zX&O~mueHX&qLL9Zc_N9m8!^e6w)j?rQD8>k-e5?mt{-Up?54Aq_f{I+=h?CI$_D$E zGrz+(+>CJ%p?d%H-1(b#h10p>of0Rb*i(|89!B|p*%~*Ws5gq4;QFY6tV>*ifC~E< ziH7Q}bQ$LKO}&pjQ|XW22l8O_oK$j_?a>S|XVZ^iuPZ ziXX~U7Dm*pC55e`>41h+%QU_6T`#pCxpBk>$JjbYb*DzY$6tJmrg;}X!Us*v9E~@x z4`tMsaS@__VzP3`jj&F%OqGmvI9;E_^F}M#!P^>)SUsA+ggr4PH8i5`^v*C4l=1Iq zenR-p^4QexBO|tY5R1v3Gh`eqm#J3LbN`LW&fZQTcsJ4TkF_X+H5vPu(wO4eqXA-s zqoi?rWsf;*Z@YJ4pS!|QuUo)Xu!mc7VO5x}u)q{|-jh8rth1MBVj$p->px>yy*=C1 zlHV&<_ucrNJLW<3LUQHTxgSRv-JLxNwsK^aqk41~srD7$e@ftD-xj5O{#9({SicZY zlX!*Q+GaFF;jUm9TZ2wRXoE%rdP55jqtzlu{u68S`rI)TpW7TuwAdW=mcD9ldS<0P zR#p{9lqRPe~(HhV-!uDV4Hqnpm+3q3#wR-<^7b_h^+w{Tz(BWS*qjxXsFGnacPi z$&az`d|*PkdBYbr_rul!k$p0use6(~i)lB19!W?kKlcjhMJ9TVS6rTcbEA2&oFzwyAa%1X%A7hWkS4p^DX9PCZCH`Ksg`+JAN8B%=q!FGJn6hTWcd`hkuYJBK1Wv z{~OLun&8**vnkO}sP2)mDM;NK$mF<3F7I;7+FaXcQ0!&T57_P(oIDejs8%d4qiHX{ zk5iF9zEe4AR{UC=e!Uc{-}^pMhwbqGBxx!2w0A>moBta_4Wr~U-2w^Dg)$M&J)&6r zSOV=}zSHC~PO%TP z1w(d%-QF*wyjm2oX0SB20>#{~wk3vpxDqFbYY)Qp(-IP`D>`b(-;melDZ0fx4E7lb z2xiBhk82)uPp$5%{jhJm(D8HgU1F_O=ddKkr&f{*`C2oH+t%#&c<=UcH+kHu|m* zA)J_mIKbVHVb-L+l`E~`TN~%>dC_`TcJJi(@4h?pyE9vb*5(MJpKHiq1n8N^R`eXZc&$H zL<(_v>7lgcv=wit!6dACXE=&~(N4g@OEfV9ft&PE+ZVw#OY=icu15jbD3dSLoahQO zWm^(>(@npQ*J8`~g&g5lgjSC$rb}BL9CbB3j-aMW5V#XYefQZr^IUGu_-8BGV|=1R z^Q8G5@67MJNU#*iz7p@9@CNkH)=Q)KfzIXkO+Xl!77XpD5#La&eBA!X4;QR3m&$eOHj zORBADo9N1UP)j?k>>MVqQZa*fV~L=EUPesvlJWyTL!;H*iCxis-j_C)@aL&2H!R{u zX#Cuy+6ZY+>K^(jDs&wU*=j0r)E&+ro&-#JtPjAii=7|tGd1$!Y|$U@8b&d!DhKR#Q(ae!2e+Scxw6c3my)(UGDo!Jxw2Kg}G->UJ&>Q z>g5PYj+Fjef}X_$;aYuqS#n zj^znQ3-R-!{pfs;nA&uG0s8xM*|2Yf zf(WMj00WjMqae@F+W>r7iUWK(ZI9ZE{t-C(oA;|}qH%B+LB_XZZ|>LoKzxtMzXh+E?Y4V2g506$ z*3f}9NrdDyGE=kyQ`Tx))tl0XPd?*(SU<1fvle%DJbrqFwo5m5kJ^?yJJy}9vag4Y{s z`~6fNB(ydZHtE6Ul&pSSF7f$I})WO_D_{_(}usF0gY1>X4I^!iPq#3_lD}U4jt|+Qpf+GemclD9o(8d+ZA0)-6x0y;X zY!2^Zyby}<<>Z*fy2s`{#KH+B)hwj@UZl+)9gt;KYW9Cc+mI>=Kg~`N;4t{JEwBZ zJI%W4OK5|#=G;6gToH}8m0_l`Lyl#>P_h4*yH`4 zJetJ3AILL_H89lV6z{b1^(2r)I*rvCmpIl;nX@Fx4UsBn-d>`U!pu|j+@OhjYAV~7 z2KPV;&Ok$DNb7RI>pm5WxQYKeMq1|=3*0D&Bry!=L$dE&m`wohJ}2g ztt)aw+e@_b6`K}2IvJVb%c8`^#<7%wPS`z}DEo2a(sJ4w*M);!h^)r6+H+~qO}hWQGs`S^PDcb$%J+f4 zE82XejVkLF4*Td!|7{1289b#+DN*wRm9SfHv}+PCp3E~A!qkPlZ?mes@j7AUC4Gq( zbsK*JqgTc`XRpILT&xwn5-*0{KCMxQlszGT5NTWu(v;jSlvQfmZJ4p#TVAN$@08*Z zZG`7ymNP4rY%0VQ{JoVqEAHOAq15h87S2-27fmYcy}^V3(q1o?xiNLXu^=Rl4B5Kh zaxNk(8=JHpwnY2JW~0jibE4Rd*(183tXqmP&vpswtg7L-Rewg0O?azvBd=E?p;lF% zhtn$aTOGzT-Ya>dLgV{U;}!2Pca?W`vqOhLs-%z5)JaV$WBtmfbvYs0cROfr*Rdp&|`-qbWc2SIo=M>{@9E|sR5_# z5s81!GHpPkQjQkI#Es0l;gDEI0dq#LqeF-d+5 zw=Vfg)oYV3rA>qtBkSNCzD&iGVoPC~MQOsMAF1E3zUD+@&Pw1$c>m6{Wg#t*X8O4a zyizZnM~6`>I`6bM%@+>kz+JOKS~AU&>2leFFq~aY;_ACKw>u)s*$=y%DPy|#oYKw5 zg4I!7HES`9OI$e+DGd}(q_q+S$0jmweS56X-o{??JbUuv+hHoQ-bYmal>TUM%sGzl z87f?aYq?B*Nf!UA%($uO_bgn$Ph5~1i{LCNpzjDjpjbvHH;}@3;{NdVYwRK_^*#}d znD1m6UuC6B5`yjXeHN)2@f`Ab-n|GI6nWK5Ta(@sCt{Fsd1;XB;v9F%=|0@VqQaJk zZRey%FXK2E%{%wWFp^dfiO+1~u&OD=eon2?u`nToc!$3Gso{sawyTV*sr6li-80&K z#AV(@?4@s!RB-x5^<7+)kt(D4-W^T;Q3F*qtooBsQhIuk*LQ4@!@ETi$ zhE5!@fT+MH-`@2mX+o&+%O~0cH|@fyPF(if_yL6<2Bx1&h$r7ZuLnI*>XOeFGg@rGG4Da%@SVhUYvnE_&}? z9q5RgA+yW2?;l_+GQxx)K_9!Y{x!S(##b!qTXUlX6NgfGi$Rx33Q<-aYMXY0t1kNmJuM}*KhZj_Bbg37cH=cNC5 z|HSR=N5o75=Fj1EqmP%;m-m!eyUEjqloE4>V(x1Sx@VN6-;$aCE=Z&t-TmP!F~f9c zbBWSXK%339Zj;dv|LOPL;RomE3|{-6%T{cv#0%VvKC^l1E$t|T-EI0g%%r$BV1M9! zL(<)%cxk#oOHoGVnXC0sO@HeA#fDXOcsZ5G$oBl}oGb%opDz+bmu8D*)bL$z7edwy zQ@wfKx&1H3&M7vxE^5>@cWqm{wvAoewr$&X-`Z|>ZM?O;%dfU=pZ>{zajs5IvM$C< z7G`F$)=I`4<9S%~DC!UuHwusp?RMTk##`MvpW6h&w!~}~S7KL+T6$Z)*5}Q)&A&sw z%0G$T1)uStbQGFV=ShQI=)^*)Cv`k&9l+bDtL%nF#2e5W%<5TUQt?+@Y6 z?JRzKeiXa5QfrQ3OjNP2NTW=*yo}ei5vm!d?wpsMEmbHPN3lj&xJq9};e*yKVK=bP z`|VVUh#a{z{!iR&jbk~Ytzs%i z7Afmnh0JWj+HhT&*^RryPBRIhWYreWzn-Br#Yl+;z~l*|F{bV^c7nQ>{Fm(aKf?ch zmy0;Z)HyO#cMA)8+GD5(m4T@}mU=6@|Me*ufF+nYGuij;3bhAVP`#>l;Td~=}^ z@nmu(7i%QpZf0s`X8T2eNR9CJD>mZB494NZO;ftfbny#V$^3`x^5N@u<;#>c?WIr)Bx46|3zDZA&)@ANTIqVrK$I-fMe05^!uAw z==O|8f2*eR)(rw$55rbgt6uA*{q}Ks;9PSY2BIr&V$gZvzfjL02jS|FkixkBxI&*f zcYhy8pA!%sWR|MnD#hC0f01--_;Z+)doA-@V5_Lis!OH9k_-of>j|!J5#R>}5Ptub zl9Iwb^;Mc%?UrToRfV0XPwYC?~(M?PBbF)iPssT3QI^m9tN;Strq5z z9kMT*tY~bsj4eo()+aT{XcT=J+jvrZnVLx3>`&(6n$6FFp!}YaF`alb#RCmwn8tlE zEPuDTg-S64-257Varqai>$gIGf^pL$rY?&KqKVq%I^kT5gr&cd;Vs`-)-b*AK z1ws#hy&BV3qUu53H?CCJ>YIQIxVZ+K19jM~zF#R-kfLl_iT1Rdb9RT3gQGYI%oeJ} zYBsRPaX18>)O)^)CwgVn3*M{LgtNE`TfVGi6LykD5qAmF6|mrw=1RZPb35lz-i+-{ zeKlfxnDn1d{~`b@71@?z#g(af$(bi9}tgl#niQ?*`wlshx2bh0WQ%D?2H`fYHsxP(46 ze$W&I26WFaR3H*vM*=6*hd>Z#5chaAb)2jAOmh}de~{l-3>aCvgu6It^59<|!S@Wh zwZvhq@_#1zHG{zU_?`YwSc2uaot}5u>afApP)|p7g5EFbf#Lszglc--wREy8x)-n} z%uxTJj-pbbR)zAWd~!(2z)TNORXaGSZP#CbT;<{OdY!2{T_6oqPJAgTF+X1k>@L!* ztV&f0r74D#Wet=UQ5uZrGLW(&#O0x>bG6kT2&u6YGJPJ?vTdk_Qv6%+l|Rt6tA)Z% zg+VQD{XSowc=q4Ks7krzRx>Xez23vdX~zO|ciG8KAasn6Q7$P=+UaP#us_%4v-6DW++%!AwE*mqkK zwTm4#MKjscZXA42{6xBaC%_e^w}dF)QSQjWWq({1a|6DquotVlTZZN6DQA!d7yXrfwvd=FKL?uzHyF<{Ghl<$m1TZQGkL*mqT5Uh}z- z05bzh;%=XB>^SlqWYo5M!r$ax-DCKl-_ZpGTbLhx&n{DchtZGV#?X%%^TzKjd7_!O zVH==*GqAV}=?uRQm5VQN#$Mwp;AQgOhP;?fec+n-MkzJp#2IJXCc*I?#rcLis08gB zqq7=kSJ9`S_Mey_c(fkc+eb_0td}0S`tZcNCL*?%W_Y^%1vkxJI57-l#1AVkBaJhn zFl~JYhJaIxFBiEl3VT0Ad}Uuf=HT-4L$T2WuQ;g>Lzl?iDB_*Wn6V_jn)y?ctLE=!6g z?ZBVqnk*UWrs+q}mF|vLOI+hi&hnYG)c&+3^*az1v!xIIY>Hr7V`=TvmQA{huDF^( zN1$Keucfbq|Kf1h;81BygiYyrXs_IuQ3wmQ*1NF-x*oLXN~oQ*{B>Cd5h*?#~puhcrVu+F(vN z1`7So$PN?=Bl;vMio=xop>2RWQy0~wIeQxCE)QDNm$t5tNm=yIs|!i%>0A*^HS0C2 zyY>q%!WzVH$XH25m1xOSv3rCX76%{EYCrtf-k@SmlhfaB9+u{;D-Ru-*5j(N-cBG| zf*NrE+B|zNPjasUUWvK_KGsQS#jmcLyi;TJ`b_pS?;oD6ZKY(1_5__-3u(vjKqBKXBjpe z+4_4@G1gce2JdWMB9nU>C?=juFW)WCm$!Bp8Uw7)XP>Pf$@G(*%ae_!GL08Q3CKGB z$wN*TFvBOFm;X!$rTqCME=z(_@~Zujk8J ziXs4?cMdEGlj41P0*<3UnaBxP-NQ$ezikd2&CJYG$0N&dWG zJCC(SI%=?}uPcqSM!d7QWY(8gU;gB8_slPbR+Nue&Zh1&ug%9w&nwOctlSA}R)gQc z3F9CpF(}}uoEwY4#0wkhW9?FF()p;&(~NbkRa2v6d2ZxLb$=Uc`MaA3t!0YWP5T>X znI9^gC&9!lynI?b;=hy12&}hFnUMdM+Xn{?y^3<#_aWk4J#^eeTF8T5yLGBwbDk?-_6fGDF2B|}WG4G*3YU2*n^~^`~ORpUu9gds2EWE#7 z-t8ZJ|K>>HzM1Y%=kPEKa5QV_a26$XVRBh+*X`y=S*!McVP(AZ{*F&SlknhOIbEo< zCjj{6erySm#C|Gazdy#(7A%srM*2m30x;xmh@+xODP-MUoU;R{|q33@l%Yv znVTc9j$E0St3EU5n-D1n$l9l!8Fi`Up5d*@RgqmJXwnpiT&PrSGskKirMY9ba($QM66pPR8=FQl1MHwWqjh*vU%mRA-^jY-%#9?{W9LJmlCS-)qynv2!pM?Qw)vHU`q7B4pG|9Kmc~fcXUJfqRK;)A>=0=_I~n5Fx%C5?$YY+ z6~BUDF`rMmE?FV(;C93QmM|jiW8QqOR|5Xut)i|Y{x?Fx`_Zabc8MJA5?l#;=f%+2 z9VTZ{PeAuh>1?Nnz~aJ-3XP_mMXlY+Gc5fk^Cq*{^*u2w1b+Fp3*7oWooTAgDNbP^ zUtLWab0D1Z$%tQKK&P$F+Vc{sL;hm0U1J|;KMmdhfPP%l8DD5DN zGeF-yx!+j6GtbDMj#+AwJ7wB9O{x@8VyWExt$tsew>4wNyB^x8McrhXDGL(~Xl_Zv z$eFf?j;_vY7mLQLX5CUNWMWN<;(pM)4iM3bvlzcbGSvyo2>~9_`O*7LgehRG5AE^EG`$U1uJn_@=~^Y)K!D?LP;W2 ztqtySOSMNnQyyzqjoSup2{J|)Pg1H_m)Y%Oy;9I1CJW4m&CdV1M}Edr(|gT4o< zkeoHQQ(T7%(>3JU$)f}3eCo_Nq@Ps($b4y%&Kdjq4$zIMtKS(b=vZ5AQ06fJcjVQL z^1vIUaC z912ma72sjFss@7J*!~;wL->d=I>=-1j=yv%yZ%1 zu$B&_yjQ=E9!puj_CbBW<#cPztD+1Az}J~}-g*J*sFmp7*gLlFLWI1M3JGn=F5p)v z{l@=$hr4>%)Z#tQuI1PEsFK(EBUZO?uvDzAN3UYXx{_Qxfm^++H;MK5pLSZPF1-k* z^yB3DI0jjmRXPHCA`&Ne@hmpe6J8q*Rh&<(vq@Ik4DW`$_q*inp*@jTTb6!XQu%y; zGC1%=;Lto#=h%E>mi0UQV=7?oeD39)-uXH5MBc(Zanf=_XAI?lbwH1FPK2>nLF~5{ z*P{gD@7tA3xMRpW+>RWnB^_L(HzOp>=4T z@m#XnkW8DeRZoTW>Dwfm>UC>t)lQL2cE(vNMok=Afx+gLHt$mRuPYfT(1!|wcJ_kn zdQBzB^8GQ6rl2Y2lU(Pl@J4lKm0@9UnO;U|R-ot1-mxr0OlfAXD`dBM<6)g02dCiD zRI5vwd7sxZDFu27Hyjg?kJ^mcA{iA<-Je@2tyEE*Mm4iKugbVKrxMN)j8o^FOC@C( zE+!aJjAupNdAg~(YQm7(JS#iPl%;Yi`aiczS)UjKorvAJ?Jj; zE-^j)fP-!dq*JDk>xhoazcUxfrhl%satV$bkvj08UvjV7pR?{)+QUM67Y!g56p~#J zPN2V3^lYz6MTgA{MCoSwUl^`@n(8QSr0&kbU;Q81mlwiTxFF00GCEH8W&jbaJ~w$W zTZS-9{;9EL-rge?^i}p6#-`D@)dKZ{pJvG|Ovw?O4-Ty2dD5x$&3cvkon}pJGhIINFRB zCP|q&3Q1>5v}~NR>&MmYS^9BRdX}qb2hE_0D`ho8Z19(U`Z@IAMQ!973JX@Rs5yiT zc2gta$=$Od(tDGQRaHz_(wME|rjGmK+4Kd7kWHMjl%Nk#brx(-See4v+#%p%C>D&3 zaH6BZ#8bqZ#EXgsryRz`$v|7w4FV=&__r(}xd{%o_9)MBzX<18hwR1){D&WMH}x|e zC(^(^)SzVqHC-7IUmP&nYzwccPr$B}&ynMS+Vmawb*8Wsd6)IC#hC_}E%XLH`rhMPwnse9! zd3e~e`p%8;)asZ8h6uCb-Qk=IH95pRrnCUnWO=(>cFi>BvCEqTF2cHxXelENCKs26 zST;nAG6`m9^>Oc2w8`ea*>mEe#!`F6@ALGby}uCa28gZ~R8yrc-F>u@>@UE) zt*@Pn%NOlOCAy5T8mfxmfkv~zY8`Wrppf4KEB%>{S+81shV*ocEPzVQvNYbYB#e=* zB2T~uRZPTDwH#CQ&P{jk>}MYdkN83^@4o|zwuHH@=U+WYaEog(?^p+2gMb8AoOLgx9_PdMa9l#(w%%{#uXe z`OJb;bsk1fy-x#HPd*R5-O{dn#Egbc?UoiO#l+Xf@J4Y*#&%(K=#8~34a0^^F^BO3 zSO6lDSYRM>@;>-17d{U;M|s1ZRqlUxoxkG(SQDhH4d?itVp|t=CsLEioTb0U?4nq^ z8if9ukzPm7CPf9`XkA#n$w$_-p3DG7Ej13-@y#Ssl9Em?aU=AMa0U*&N<}08ftjlD zgx51~^M(Fi+_~j+>~e7tz^-lG5kVl+%j?-nkxc2;8a!~r6I_~0A|tl8nJo(lBbvfbp}$vM^i+3i*WevCG0U4J+BRTde0hw?=XYE0(R@1m_p;?N zqp*S1&X`i!<`966CB_rBnY(XD0{5UO6m>vhEJ2zwff3F2Wi2!b)KoDXnkdzzq~I*9 zc)-6W9VC_*Ws=3!F|4FRBS|Bl{@^M|%&26am(~j?aKDmLpdYr@zo_u8Nj_wcA7j@`TwXkn|g}{#!F1w zjN42W+`5kSXESd6Zv{OG(F6~rVhny3(^BzjkCEv6HBaHiced?ikCB(3y~lAAtHvC@ zk+HpC^VqCzb!NW{>}YPnY}3YK@Z2HbarsM+-Jsz_`h6zf-iof-8{w(t?^D?X=6alH zkn*~QyWjgg))RvR_ILYvnK8hAb&_vo59@{?A(s1&SArGj_xOf!&`8t_cfmea3Ni!zNBfK)L%^ee((HAFZ7 zoL@^F^s4_8@nmD^qjt>NfTsS+n=WVv?($+_p_fqnVM%s!#$uAaw8spA;6CNC`|Kr` z%M)Kfs=#|^2AB6Qu_oF!G#Xp3q^^%AYuD{>fu;8Pa=qsIn{mR>atoh~>lp)@PD;G)25Inqigf^{O+$tE_HhU1aL+|KEE4K zwOQA_Dyowf1Nom@I5XTV0wUsT#7j-~sCOp9w$&;236s@LJLeud@~a0ePl4)EXbfl$ zA~s?$o8;2Ooc}^MEw3i(Jbjp4nb?niKh`98B5NIYlzK+a=-_4N}h{< zkEuYKF(ulAwGld=5!a%LF!H?zjzBq5+-yMlqJt?AqI5b!O>B?xIqhP=YzCG?mxJbz zI+k286f__Xs3{H~o`{=6+87a`$VF2QpHrkI2c)D;JdOJ^)+GigI5jPlSE;1bL6 zU#VYx-Y)nGWkNB(RGY3`fo__D3`i$tgeiV{J! z-NypR{gMqlJZYLDg3u({8oEL;q==sUk_%L$rZb@EvmXC<=Kx<1wON8Uv9@Nv=>dUF zX165`YMw~#Pz%yz>7@?@iBS~ZvVhc#RrP{~&!s;aMxXZ44>Y4TxJEbRKAWpU zHiWz{`T7S|BPJK7)?tA6mv-u|%-n(cBN)Ucar8#OF<4yeEDJRSBqp(ZNY03Ph*la3 zQZrPSVh}xDsJrCA9~6`1&v*!WI%-cUKC0oI__zlRU5KaJI4>BT$PxvSvZnlljy6eO zfkClWU{JhMDM*NaoF3ROwm28CUvKPRB7wrdk?)@i9WteULbJ6-As}V(&q;C#Fia;a zcS%2CEea^qr*;DT&-f7sjyAGJmkJWw^pHo?h+^n`Q{ra^z^?Ft-^y6e>Yz|xo5kqM z$dev|#C@a(E`qW~1f?#zfv~yTid^|)-8=??!beLK=nTXks%>ygH!7PlyCRW{6}@_a z;uXDFjMb5QK=M9_?{aj8!WS$E>>Hbx#@Hb!>%SO=^+8#W=o~2i*7jJ2JLN}+aM?6p zZ4iK+`?p3Eyo%Q}kPw8$ZaE{Yqy(y;hX@erhqISZ-MGTkQ^QYIe7G>(To-~(U-c@g3{y+eRh>Dq(Vvfl`DG&99z%8NVijd)oiE+adMH52sgiO${#F^PZ8E6ch zD!}vhK+ptXZc(E9g=Nw2d_c}hZu^1B$(*A&5ga1Y=yHdSsK|f(kIhr)%(P^j6Z&V?TO`dRy>;8g3t^|^Nd2giva=_~O5 zM5zR2Zxr~+z9a=%1>Fg-i+mZoQEjEzsWP5f5F43-Q5Z!WvNvTk8pR#XWFqjDg&dhB zd}1W#5{aTY%h8Ip;Q%>wL8*Q2=JbgKN$23@s8wr%)!#`bq1ME`k`uygVl*z?SD61% z?UKotj?Q-`F7AjsPbtp|ShTcg?spTeDEt3`Adpj(q6{=oT!{OZ6&l7PtD+y#Pvx4z zMk#3(rKCImiYWT~>^kf=7{k)GG3-4{7BW}v*l<#wS@e^C&YVx^ zTy67`oTA-j2^*OR?}6FSsN6!gR^^>~bIKDwuZvyq7!N}#!K{^~&&&~ny+Jp=fEM1q z&5AsIMBBM$e83ii7q=|T=bLiWJqM>q%dE~bdK#00RrGQ$V^jVDDS8Srk?vyMgQ#9e zs=t`!Y!b!t)N>MRY7_NzQUQA$oI0n(BR2X(9Q-FirCzYLzqQmm$wo3}#$l2s_@CP3 z73j)mrpxmpZiGK!{;n{(sm`2ai=NR>EqtX`Su7Hj!#fGrtPzl#v7&_f%PZhpF!V+e ziSv73rjbXR3^x-pk&=e!8+PasniG4y!K*xiP~>5$tH}bcq5rKcqSBkwKwIS#>WJBe zPBE}5}8TD&3P}Knx8A%)FlJnTs%^B$(#7?C4 znhzBYy<W%hoD?}rZ8M8dOec(foDdl_>sQPe zjbg1`4s;*P%KVo0i5nC5djspa@XRcDYGa}ud-8$@F!vo=%&DmEg??%N72q?7srAu4 zq40XWueDaLPYBy`twi|jz@=Xuwbp)?Vb36df6df0RSi*y1X;ibe>5yg8?XQ z@XEc-p+-hu9OQiTN7Ur8p;FjBjp$=G&@#H>%+0L*AX*ccGyI?{{H>Whfu6~8A(I=^4X0CM;G$-Hb%6&IL+x=5C+Ja9j@4Ae26iebbx?f3 z2%8v*4uqun2GihmWa-d7UQsgeq+7*c9jvS)j-indw9AGQ$#m~~aVvZ&+b#5HDoH0d z!u$l6CyDU=1~Iyvnoj&XW8EyoakiEK69jszog&=?C-B=HNlQNL?U~_$fY!gdd~CQ< zmqbN!uv@zr4M24FOMtG8=WLF$%aJ6w@6T!-n3pcxc1vN;5d6LjU zM--7TWG-27p(>Df>>QXYv7-?b8s+&v1h@^QBj7Z6ne5_g`<{@k`9{a zl8?(lqisl1qu}Ji#CdYryCvg=0EQM7Nt;dJJR@fuMGJRVJtJe}LSgtxBTqH?c#?NU zO!|b3tv$I?B}2=LQrYdf2#Z)`LD&aiRPESUP-30Qd@s>9*kEGtpxGT&(8vm3hLtNI z!bxxEnAC>mriNKSArH<*S%2Znfy~2#4V$PGn-pL%xZ1F=B}HER5~dIps|Jx9F$q;e zo}bZlrJ5J>{EgVLUm~&|b*^I7;}O3jT?(z-x|AWu$Ka16s}UO$F|c#$eYZXwh%XwvVAdOhkB5z&}OngN5epKxbh^&5;%PNU5 z`306$KB8y{)hgZ154^fd!=o9Y=1OPu(apt1!^5?9eRa4+udA@Sy3J-YP`gllt~JGm z34*X#9i$38Du~&jYv2a*T^l`+0%5h)m}AGT0gU zL#Sb>Fat9VZhT;ruC@zeiKMM>>JdVGte7Nk_z_Y0z6g6%yvo`_?*VC9QPORs;VF7T z^Q2hvbxPFX{Mag+>zs<{yrgk#DtNP}Q$mOo*mptII8HpLim-?be9@gIfqn(PRoL7b zg(dTxWw_`qY$23WkVAA1c8r{`NnC`xgrN`#hojXaETJU}#HFfb3#I;9(M=7#h0!(@b~U$4@4n8jZv4on z)wQ*C(7?jKK{lGbHC9?F+P75NoB4LJ2jjH$f7VGh(T~fmOdH)wYhO!OrP#ujkiTaz z?&%G~=hF8ZTLZ9x-yBK(3r1>Q+tTr?(JP_CA+#54?$_56fgA0g-eKL_8V zjFHYhEGQ2d7dtnrHY5l1ToNW_e*xbM_$v!r6i&lATHW>!h>kr3x!}0hLK|rw9_f1) zr#F7|r%D1=?Ur_8$9)jGawAy`i+!~HcAZo8xE(2R%ME4UTR zCLwNFj@p+fIf zP;>dxON+_DtK~-+xIo04?LYYK{B*AzN5n4x0q8!IkLTn27?{^KmH+s%u1zO2X2I`y zLV&>9KtF;P?vXF}MpD-IYvgp%7r0PL7z6VFm}0Qq`+2Y086fn;J5NDCZf+3C=#+m* z55g;nZ|o-zeVRTAj?UDwV$vYqbmjku>os&Te z8}OaEfbnKvxNX!{4A#ekpgC-Q34Z}`7yOfHo}FC!^0WKRfv_YSqB+$^CV`|P*!Lv^ z2P5p2(Bz|tQbJ&HEfj_<(7%=Wn~jKnz+Y^B2IaTn){1f?59(Ak`&Y4@^OH>?&*T>( z`4_MDe`{WUiiujdS7%9xxS&GcD1{u7XAM`MLA;R`9|$Xs_!Xyp`i6ZZ!Q9=UlxINV zGyK5i8i6A3ef+=bVI*ftgn}ce4PD-l8oE{$g2-L}2)Sb$3-U9rAkPS-EgY*fD@<3j zeJx|HYAF5O9uQ#HySkG=VDz1?ZnoXsFUj&jN1+jPVt?!gisL}W;~BI$xFtp51fAA* z;jx24M*ohJ^*Ye~dlrb-EC`aod_x4{0k-kJBNoU3;)X4x)87!dC0IBA*79c+&+=%A zMlSai(j7z94bTx_3F?8oq2x#um{PQFi;ybX zi+2|Ugx;WQPoaDDrXEoTCt5mK|D7&+YzC7#Z*Lw@fO9R;b!%_V*`?F0)2-9StAMF# zUiSoT|D#9ol)u4k9j7|uD!_l2UjEAzlRrI>aDUih^=BlXnu8s(ejr*dzV z1(WQOw?FqcoNz7ory%CJ2K8Lrrl-(fx7CmOC_MFUPZ9>~AK+aB`w8o~weI~9@J`q{ z-tiiLdh%FI810AsG@H}n8oJh?HIp(Q8*2^Wi|i((4hbpFRiIKorPa$1Ql|tCg%4}) zD(*s+`DnR+bCYmWyb6(CW!R?3NLp#+TY16-XZuGzXBtG!X?Qe7h?z z%nudxEQoJIhHZ7Y%>LOUvrO=tHX>qr7rdb@OhuN83K%G7zdYG|bHs8|Z7w;mF zqM)HNz(xgVs}itT_LU{)2LX(tOH@RmZmIYlEc$8@|I88p3>E(@5cf+F@7XHSw;?IX zVPaKcrQF-kt~9`;K3WVoSOo4a3LY&A9xNs}o(aouPJ!}#5&X)s{y@8~pVk`!bS>IiA4us~4qGOMGI_mkFa%pBKWca*G2dwsH#rIkn7tANio% zn~1G#9EUzH1ScwUeuoq>A&-uD@PLqKX{72cydADCfWfz*{Mf$fdZZJ5FMe5voLQd*T zMq)^KlxiJHvPX$GY}mMJ9agYrl?M*Qx(dBu5OK0Kw_IcV9`~>GxWO@TZiKP{2Fb18 zs;2PH3kTVAEYh$4sWPHSagr>Qjp&Jp^Eg3guI{??{i%ddW*{nPDbYoQQNK&>qQr0) zodY-r$2y5lys9N`I2Q)~F3LY{Kv*RXt)W>-2{e@ttDZVwd2_^qkVr-YOkhbb6=P1Q z>Q9K*yV77;d?BhAF_l&bA^PrU-Fp?hJIUZWNN0W{OHMjYd?cX-TTFki@tS^Z_gDdz zv$n%1KMtCXQUc#3-~&NRU)@%$?&}6H?-O(bQJAt4I{1z<@L7+V?<2i>+cx;1W2eI- zrWC?x!W?*sbtXOltkZ^LeoWoV9~2quAL4(qZf-mRyE9TjL$BPY0oSe@MtNW=l22PU z^6j!mQpeLrIyof;#x6rG{d`auIAMH+Hx=9`-gDh{IEOFhD+*J18S^|3p;mF~ZF4_x zaD*fK9S~G)DKN)+u!{vGE&j=PWSm0W4d!pOdpCqxRwlT8{+&J0ga^pe@>0=ej_B9v0TB{n( zfWey8|Kcqk`7106eyli6Q~Xx3P#opAkjeY@`!#tVAaEl~9@`G&M$eniNQgy6xwYZy zelq$h9>-?gcEQ_A9Vf^0zwDorss3Gv^5b#N3K-$$JfiIcTh&{%T9bMFI}(*m?I^9j zM{df62+2m;Wv2YEC1_~BVMbU;M|fTlzKLK?kr5Uot^>9OnJp4%g@T(Gax&AAj!9UF zG>bxR$>xWC3Po6H!i@UP*&agbRv#dm)H{K70wz$<2LcNshcC{cT_A&BY6%t0aqI|E zS|3s{^-2)PbbRyg;1PaYUf?zVQz=&eZJrNKKZQA;Fq>|q3X*mV*Rn# zbqRuAp-=MDw+-nN4*qIKacsZgJd~HE zI2o2}Zf)MW0k~3aluT&h^rd7Ep;q<@3gjKRfMa+t)cJr)-bAUe!4qX`GVOeWZ;Ki^ zBfy#2o4U9e3pQ|4fg^6Gh5e#?(} zd3f(KMrtAm)S`5COP$^4*}MDox`K^Pvv%o!>b14zNAEc<4kC&=m+RMp!0l0-EB;yT zWA62)d>4oC-Tox+_#bc16HM^7uQRmni_aL+*CrLcW z8cTuD?C1X+nCeKN{0Q`-zG5Zj6cnkv3CHIN+R+aS;1V0XPHV@=-*JA6t`vowehb4f zgcAx0%6zlrip0zZ6y)#XZcJRIEEUDf5xU~Mv9#{`>IN~23IhfyPOMzRnJeT$fI4$5 zi{Z;fwI^H=MzT2CLGgP;O^-|q+OGWZ`>dyAkr7&uN+ekclK{szwz~pfbkU^>M7@yS z=-zPuXfjViovBm@h_;Ptcx_El6qm!Ik|V zr2ZGJi8-N(|CAs3d*(&%!{%v1B2)!|5M%{RZ>dnfcm?dyLc|q_d{3ah7*H(WPrxXH zZd6_0$}Y1nnLwn&AaLZGb%lkI8EEWaLS!_$_I<#lF<_UX$LJ&8tDGdcnchjZ`Ky{$ zc$+yfTf4vr)zk^bbdRB6AHo~#$7}jd`-XgC9K3Y2W8DpB5X?BJv6p?*^Kv|8Y>xMD z_E$Z?t;wGwV{_K4V{jwD37B}9q?Zp@_TN7gu>%Q&1x18=efaG-OZeDE=-w4@g7~8H zK%H&KN{tG-l%BMnlw8w*v9k7NSu)xnho%~WWgpEai&yJc&|$D)^I_2mBH3ew@8gF$ z<^NJC(z31P^m4sfdN_J$dwBf}-U=T~PK!@jRaLYS^*G0{khXQvL8q-GWafvNzAr7Q z#tyJMar_{Ak@|5d=baw#B{u>Jza@Yo!0>CE6StjVm}ey zLFdB3317Jcv39E3Yd6$3Xd98|DrH*b++ljR(`^pc5B?mc++9x^XpCWy3>y!_4TnU- zisP~!Qg=c&yUsw9Um4|$)6cgA&K|tPuPz@@cLRV zC{`i8eZj4bH46&!Izdw!{s|liz3SHevgP_>J|XUx-5A3TS>-zsMb_vBiD`|C?g-LHif?jTV5V zlgXsthgpbzkJpW3o)Yp!-DE_eg6K^S-QgYQmAV;xEhd=im;FhxGLR>R|3%4QAzYwxX4}vU@AAEVHKVC%>+9%&9zRnm$I|WhR%MHayxPy_$*mBu- zPN%LrhDuE9*p}jyXt6B6W@JVm7J>Ndi`@vU>$8XyhT_D?=ErWtl=Ol5R{wRO%#BF8MEWMPoIAKi-fOo{um zPq+FBypxBnt9I%!Yo=3drYCONaoVM-V`li1hN^QX2JKNqNcOnL!C%8M@KRg(fx$yL z!E*b2==9yl7CGBu^DpqskbN6>%(B8m=;q7~L3P6HVUWJX`9uK?{j&(( zTq40gyO?m>Kb!x30z_;(c$b?9A6#2QobiksOZ?02m7txxWlAgW=P73cV6L*Ypo-vg z?bCvezt*jpA+dE#mYAV_;GvaH<-kIxja>&~R%{FKxTwFk7_=)K9PPe8wR*u$y4$DQ zeDNRfBdi1HkW2rJMh+kM;dp*+i>inGJx;*L!Fj(+1-08kUv_`(Ld9E-Z;Enfkub*| zvBPe=ozTD6z>S${dC7MfzrQ2X@MGpUB zAt~aALnHY|C4+*M_Q08(EVusRlok*K^s!y1+=+0p#jnMEl;g@BsC=LuTN_JgseODO zIoJJq5))l!X2sQE=Q&0891Z(fs?lGWr0fZ&tmHz~+3@5R=hR~Ju#4T+={bO@v26%t zrWubrrj!x9WfE ze(C?At84H5twlMjW(tzmSBfK8c}JrsIMY_)vyhe_k(Bs+(BRiM^IKW=yZUyt)mBT0 zlQ;wz@C@@4Vlz2{Iyc?DvvcF(%^eLcz(t2}tSWwU)9OVSrXqG<02JYxzz*FH+mtJh#6s;2t|6DHL-+U z2c?Hj*PH)4;LLnPEsYM%C}U$eI=Y;;OcUJ1)XFM9SC_5DoQghqyLD{_>(j9G?=Th~ zmf0rLz+Cy`*@gB2RPQEiS}u~^uj-5C90oq4&R**);K1~EX{hzs zBfhP5MJ@qAYGV^g@fcF}#VG!HQgq^KhipXnbx})p4ZeqLMf5p_BPk4#Y{e)wlRV>F zaw48w{Lj=rv;u073eM?WxWfo?lSn-QhHD_ya+FOlboL~NH85z-;8dxK?}OCmy1lQA zvkc=9S4)i&OF5i>A+ftET89&l#-O{PF__+ijix+^M)0!tn;1b0C-b#}QEq<-PDz8Z z5TmTuXautr28>skQ=%%g)Wr^FUO6U2>~Y%eqv3C5^kw8kb3}z9)n#(}>4Rm#=_ejs zGKaGh%k_t6AJph9&Q(%WlvP0BI7YB%HcIDBffcE2 z&?0v4jYqDVbL$zOCn97IKsST+=x>~Z2KHQM`dSMO-?w6J*Br~PwX~U5UokE$xV983wkc(1L4 z+q|x$R9XtIG4rmY%4$&>Iu?eBdn!n-{s3dX%R|_pWT+lsHMv^iE$|d4Dr;oS34Hyg z9zU1vi+qH5&$$peioGaql)j;4yuF_xn?&Fcq^LCcsFshAQ%|2p&zn%xsXZLyhjvag z`r#nnL5_CK;0aZoBD(oUkJ*aA`*3G#UpTZ)N*7Qj z-J+aY1PIR^^abx+K$3wjVmUE!bGM>JyFnZD%tW zIr)($j^bk6BS(zU$JsZ`XUMSua10E9NtjC8(R#yVL#usMe=m zSu=NXMQoZcBvkYT?p$cqzXyWxGs;W9JFiOP@NtAi;UOJUVxUl}Htx`I+w`t5>u1&Z zEYRrM+PZ2PzBhd3o!NWjct71`B8MVJ_3tev?rRaPK01r}aS$zz#LEGulFB@93D@m(qd^Zg*4#Ee-!cq* zBmwNDu%^iCG<5-tD;SpLx2khwV8D{0$6`48WkCv1f|{vo7#NYl6;JDU?$(ReU7T0K z@wWNgRr_u&It}QiqqG+L*dLxgweHWxkD$3Yl`Qvm*;Dr50d6klFA6+^tVNgM+Oh|) zKGu?~pe)xbm8ynb90pkTSo0I_M@0*e(H@f?$%Nve0{%$1eyL(#;O7Bv7N{G1&u~-%l zJtcu^{D$)6()+PeUmqWEeYJKv^1AXmtj4|~Q*FWy-5j$ivI}d9c&;@jueIVVWWL^W zbZc{R55Vu{tSXm^RLhJa8m`7ZS<}H#SC3nD0k12IXLXYf=!B9zf;o_P)W5)H(EuKe zNlzn@o<+#>sRr^OR$-q1geHL!8(JyXDAD69`{W5IU#VA_DX^5IR<2OeGE~8Cj(>r@ z_?ZWAV$dBTLS&#tRW>v-TqLdS>LpPWOB@SGBnOKc((sqpEVXaeltntXGks$h3Zzud z-6~_C)&|$JIqGXlKaQ2`tYEI(KvkD5K+VqKb1!oS6#NqKm+xB}g%UN&O4-2zmJmu( zDiY8s>y&B3qJWhPtdsz-^eHIx4vb1VWXOvl6DpdTiFg6ZM+N12VH2||G}YUseRSX; z&`|ER`dQ|@x+~iZw)QP+8nQmlsCBdZmo;0h)$Qg8fo8m$59TEghBS4C3W;{+Y z%!3*-(lR!gp4GTY5F{kOFJ+ifum%4R01L(!m__brX{aMRDJQ>8RYBy#3-QV?TS8_?m*|S{225r zshmU??Ktsem%p_L7$5^gjh;aAR?Y zNrB2)g~5_)9F#0f@+*M`X{ySMpvns)K9urI; zj=Q|Vx(RX3$@byJ<^dbJnZ^XYwcCU8${`YF)RA@a2tng0t5sA`B|U$aF(}8!84P43 z0U`p63{aFI5=G9wcd&pAgHJ|sZcXR&BT|lS6pDej4rpsx98gcE$foxce%{v%z66xL zR&}Yh(CK){bk*)?wo~ed$qD(Nf@V8u%!*-6Qk<98>o@SZI(CPF*@t0D$8?N zFs`jC@3DFPtJ7@l%ul`zUl)>v>Rm!W$4x{fY5i{U;P7cp;A)(Au>;uN$lpeQ1bv~c zRz3{5B;gc)IYvbT4xBxCKPW~44r@xK7*fwWVk6oj@`Wd`OrRO59qKJpMcNgr(5YI= zdg0`u8&f);IzjGan$3hlA8Ei5 zAI}6a9|SF{zz;N#JJ((1DLQgqV)qp8H(df%R*HU8Z%TW3s~%?h>&C&TgVICqcf_D{ zSR|`Yx=(CyByC0tOiQk!x9@I$<%$f$p_90SZ2aWRw9#08IVxYotLglLr@6qSi6Y|j7KW#;>6h946( zQYqqhXA>Q5eo`K)?yT4!uG5PO1qr2Gt{H;mZCSs^^#0X*7j&UgW5&tWyF$oR6BJF& z9vi!H^E8eeIGS_4;pdL%VKoMh*o<-(v-9R)6uo_p7MY1T;qIlP1(}^f#<2} zto@9SC`=Zuj8Wm$c`zIJiYBFyQOVZAUe#IF?y2_I4qnGnsWyO1y0U%MAk3`VRAf6pQ(4%p2eHeyfIdbW+CL|a2dNF-heYz zhw0&)TA&{p(&aW*4eIK!K)K95!O^f+2cbm&7_pRhp93?oh2&rIZ4Rq|T>J zMShFy2{?JNlokoq!Q1{gzp|yr$@HcvOFbfRypgzo!QsvZbJLRGUFD<1LVjM{CmZ5(OgbC zcwRDqg(la{xUjLsbfaud=(URnB16_L0bognE@3&S!AL2BLT!XIMXu@K;wT$Moyi(T zA^&aAC{!k^jLNR>u`>S0rvhbBI}W)a@^oFC5QVVApO&qUB5?c*o3c@9NGu64#iUwR zkL$}e6?PPfN|#D1>d0tZP}=58u__?y6A1{*tSSM;(t$4y4+7WgUR78{@XA=aPmHEF z)O2w@))sAm#uUxzUTW1>7B=Pw`I)^s@6lYgS1s8t&&*j(OE!PZY~`q-hD!;Zc-Nme zT=S-^SKtp?m8es2Keg@m0ySC$TaoC>=vH&C_fXz0yo`?$y@F#?USWgdSkQm|^Wq$H z=hltR{QeC;PANd0M*k3%+SgMC8|cbSWRwZyz^)QR_t(9~Lath_ zzG5NDkFSE{US~HPQPe8A3qBL=AUJ@H_V8aa3>q7%&Zxr(d@O=*m~V(LMq1YK(I@h@ zFTv!71R2=iI}|XnOte^)(9q)9a7Ha5>l)96z%#M3 zlyUA+o1}+L@7{WU#ll z;;_`@6i@Fm4ke0pR=rjNmiaeOCS$h4U^D)5vUwmaCA7w@5 z0`-dZqCEyjZOk0|L!&tKalD{%wpY7XVVCaoRpJgMUTSW9FIDOoj{6?-{$CWwbZ-pT*$O4a`kc)9GSGdjb%t3@ z3c}i7)yd0hHPx3`mo2wbx@Ya)Le{k8lc|ZY3hC?DV@89cS|&>>kB8N5&g<2NPGShIQ6OAwf3_BAS~M5*4P?vv>ls7OL+*;Job65d zrLvRx-QxCfl_u`drs1(|3Y!2ZLlRysIX|i6hT+i;xvsJ*kPj$(VEkZ}3+FqN)JRc~ zvZ{ZY==5l)BA-K91$BJZD{bR~U6cxDbg}7SJBt*6e`nc|*8L)_|QZ7>}vEFIf#C3@}vk4{i{*RnTrOQ8P7WBSw}~Wprv$;93@A&gsM}OR)4a z*rZPoc*Ji+;v;tKQxyABp64&WQZRWUqpNyj3#asCl*+eH*A#-SHfQ6P}i-OS7ZlTK#e*$-YQP2EG9 z_DPI{#&)9@1tAyOJa>NN5ni-Q3Z1jagUY+5H?X@Et=3~-YKNjnBQ-@K8EY$e9iM^s zXoC_eUx*nq|2GY97qSvk=j1<&YbhHn>#OdrAsuekzGg#?rU;xC?v5{%wfp*M;Mu15qF*=BK7VrxK@rO?Kg88i4xB!17 zKWm9M<_aM!3pZ*S?}yMWJ(N8os{8;Dy%D`y1l8pfsucojS4wF(SG_6$p+n%mf7{E_ zge7`5lQ0@yqhBqV_NhtgRw)e5V~uEo=Z}MdOd1FkgwZ6D*ajA<_o%&TCSpf)2pJiJ zUC2|B2;5eg;nAP~Sw24j(hrm58BS7GY>|wV!mMQL7Ip!PGL)8jrBB%0_#s;iR*k3i zQV(uCqXsCW`;25c-@mCU6hO`d$xHBhA{>2a`a}a6x5wC)g(FBrOmRd=g)yHCb;?Q= z3+I&0x3%cj#gGA&31#nzR2FN`Zhq8RVk)8plRiK57hWD2 z+na5KX-b_rueN+Qrw#n9)nyVYjL8c1?2NV={Wovkx2f~uU7H2kB2O~_M`nz_!T5W8_*S=Dms(?Q_ozQMzS6~wrJ z@LxD=O{%i{Cgtz#t~X_M**??`Xo-h^!-pdeVPQtVg7kv8KJ0KO*%oi#3ioy4cDFEk z_WYs6_x7O4QR+N?|+HLoXp{Kj)5V`TzhGvtgKvwVG z_SOvRYnn)%Zs*DnS~{Z)@ATk4wJ!Um@09Zzx3&R8jU*)4YRbkdeZPO-61+^cpqz8tJA(nkI|BMnAHKSb*G#Tj_#is-&tSyHq2RWO+&l`WmuUg?fqR z@x}zap;T1dTduT^=vnh)C%HxdTX62cHRlTF9A_?Pi4Cp-$%NW5U5p!;{_h)sROAxe za=Aw_@DC_D3a-PET^}}Z&za5=ItnOHD99-gkl!8&MyrzAExAoNTP}?K3bLae!M6ZD zLMk14KHzyeA{<>Hr?mk(Y;)rK zUqW!i!2uDEO<l#pB&bMFkLZx7LK0T!46jLD@^qR{@_-;y*yJ>!bNNtl z+lFBZZY))$k-%cE>01!Nma@xXxRvHi#>sSd%dVB-!1~K9fake7Zf3M5ow$Y05Q^+p|$cyO@SU-onbG$-a)V2FOUyc6`g-7jnW;> z>&+dwCQzObjgj4&o~_pa$2=;e+@1^NlPZxZs%r)sDg#o*x(HT(7&!(l77y!^+|@&M z{i$)>9j}IBvICuI14@F&gazGG^^}X*uBnaV$2ZGXdW|U34YF*fK> zACfF#GFw4^1?Vsj?UGc!{gphCjcC${-rYBJ#;j^zVhElZk@0IxzXo5)f*NRP59tDx zdst^e0ZCa!CiK2$GhdD%zasHIhJc4u8D)}`)wTG?)@Aay8aPtNkHrH3^K>lFgMing zLpWn-INs3~f51~=o(6|XVkB8aWwgu)q_sB%h3e1*RZuf=Ccyg;LW>;AzA$zj@@HVO zctO%Wuan>$R*Q+dA6vG&VLM6r8n%HGXF)hbP4FCt^`SvZM+3&Q_fc^drv~(<4xTbt z1}8lmkove=eDcRIb-4O{B!+N z*(b%3EnCXRr%k1-8bP4PYWVCi1lW;`Xz`enjfSyD&uZ_1ED<1I>8u{*o(vdJe zFJ!`X@qHN9xHoCas5j4Wnk8pAGVYJb&Ra43+IT09sb%o_v0C+R%*ry&zH`7e$(B4$ zsUr=IJr%*{I|@CIDNL<1I%VOY&w$7Qa~LAWbT~c0n)d=0FzjKP;d5X49!T)K9OJLM zJ_Z&W6a~oFmXH+lg!N!vX45FUQnQ`^-p%QGuMB;MUn>p^Io7Tfl{3oS@=Ke)lT#}r zKH0Ed6vjpODnps1bUHyf=b~0J35?P!1;kaGtCr!g5$)D1MzNMz_-8<#vXNTd>Y)zI zpgyZsSKBF`ALkC_2{sv@(uMBn)}fZVVX)0oonM<~TJp7~ z5WqtB-HPUj)zspQLa5Vq$(N;s$Z znz>&3ID<|?NLqL!!nHgqF$HN|Y2&T0sYJuNF)7&;`6LOgDtd?!+yPz+-d?H}n+NNx z{%QN+g_`1?aH%LyjBG+7VMt%Z5EOk*=p`?Ypa@(>`uWlL_O+(y)(260gMxQJ2x(aH zIHz4sDWcGqoQ)Ove(v?*RW-v->orIwv_FhT_hJ9!BZY}8Q0vD^I1UjeRyQs* zBG5z07!V2d-bXK#*;y%Yaba=ZxN0_!0p*YGIXov5VV_4m;c!>wWUbt@=^02DQ^yyb zrLSTYY@N;nutMgo!1ig2T(qC&^3#9uA0C(#8b6hlZpI(cI}4+Y*3cK^GE2+AA~&mz z27B9!w%3}yPnsK5dr>H1_$rz%y;kH71p<#3ie!{u9da2E@AmPQOs=x8@0&=t?bB7R z7j+3I?;&DZmQY&fn#i z%~1)VHrzJT^oNhhxttgZ0H;O&O~CT^o)}Wj#b+#hi1C`NV#dD#r>~ZiApdONCpz0}6)<{sK z;r{9e(eQ%KtUJ$n67-e&+B-V4y-4X4AaR}MRIe{?BYuL)9XhS*z`9tzY(GlQ9X9@z zqbm4zJY>Mx^193W%>l+fH`EKc+xXlPF6B+^#+M&M;kfNh*!Dnj?mtR`+vCOciU{Ci zBVjuXk5k=W!FesYn(hJ&1%8STLF8)GlzERoqs@Bx*tQYBTnqCL@q0|%Z3gYfjJ}cShfPQuP zCsaf!n5(l$zFvBdk~Y3A-Lk+oCu|QI75&1u*US05aD(<+!nV#T(&Jrus%5!ARUkS1 z#FgbbO-jc_SWuwlaWJ*T$CHWE`C#eItA`8T%){@fCib1M;cR5{B8D`flOY_E zgO|l7op;LY@z0s~*LPFY zII!Wk$GFFUr5{Y1pWMwVjXhjGY`$RcIG$%{UDe>CO`xC&7c#i69#FZMI2_L4^ygEh z&Z}}gfTc-bq2X1!ZAT%q(*`+mWAu=FiICAwBQp)FiIlJ=jzOD?S`nG_uDR4ktLtx= zVzt(HRfCVKX(}oUFEAdp)p)tT4Lh`WMLa=qTrU~i6P2c6*P|>LHuC9Q9`Acb?$DU1 zBHvJ&yzUnmR7&MSjO8N-Th>bP|-Li{~5#o)`f+3p9Z#`-{GvDMC&bSX&BF>$J zJUT^s%6OU5MuF8Udo>qkNwho?P$F0s#l_SNqG=XCR5duTkns##PP?2#T7XWdqFNrl zpKlgq1*~r`!hN4SYZ`2ye&(r{GLaiYx{J6kl!yiQ82A@U4dIqa_%Ivmc&*G=s@#T1 zMQr@;26E9obnUb6>caGBxBZ8KXb^R` zFFa(;yirw{!o5tGa+BAqsZ>d5y|kfZ)mRKu-B`E#L>)z&q&kMJvNx`$ZRT!fc*;HT zvHU`Ta(teFnJ9rXSzT7uux?bGf~iQi!c426L6NN(gu+}0ps!wAK5WIXwEBdZYOWLJ zx|9ZePQOHw!lmM}#ASkben8T99hMF(xoN3kvu@Tg<}^ygC{0h#uZd{~fq)Hh3l>dt zSJW>I$B6TIl`GyTECpr2go6DoSM@uIcI{kGGs2ZTVbai-cfPfcaRw5bJl2;IX+^I! z?-EorQnjB`7tCeNBT7F8@j2-a%Knx0fL&K|{kajeACDOZ?*1vNLyM3re^oS-H0CmB zQ*TK@J&$x`(e^td@{jrB{;$bQuPaL<3^k=G4cA&6rNhKHE!UrNco^-hi@Mhq9IOmmV^z}$LDpL zT3FQAM#>bgIFAES0sDt+w(XmF6Au>k(1~B->Dp6yY3*~S6_n4*RxT}Zg3_M^CXtyP zUgTq5e|zv27JPoFRG#hWDq~p(-WPj!^(A#_XwCR&{;7JEQq@%y$jOta{1a-my(4BF z!$mbyqdqP?4+6p!8K$f*E1r0~(wnT#fVHD33_NH+q=cy!ulK|DDQzBl*zH%K2mUq)ZrnL958+FL5wMP65t zuYrR1f#u}krblYQI)Fjqz;Dj5?qQ|`V(emC&vZa0ljbRkudG(?vqaAj&}xv?6Xte? z=Y0+|CT{GXh@yEOI0GDXI!&#DZrNcY~C~{F9NOhYdpT z;Trdi>!Cpz6LcH=4GCggyOD{-eIUeIOOIO7pPg<(UgDU#Ms79Z-{bh5^;hiz3K5YU zoWMJXJ;*O9!CsW6yV$=@7BQh(4t9#SnI>9%>9)vrgg=owAP8O%!|=V?s9w+LgJJvo zkT|RyGPXzxNfxY=>OU}idSmJJ*rl?S37GHWl}%LMq07Kw;+< z)|rEE5GTX#xT6sYSum2PFXJZi-fRio4}1_=^qF8p2N!cmOK@{a0*0@nuAFflaGe{b z$%h|=TE@*CO)6V+3{vyhZ}2D6h)CIQ?IPgdhQ0?`KXU0ZEV2c{3vG@MDXF-lAy$^W zfDbFm)0?IE7F;>Ntsx#E|DfovHs>-*srnc|!4LCv>;TF?MV9Iv27B8}#`LZFp&tOs zY~wMZnC#SXKiQPmF%)Fy%(A5(br!y@);k=QG^+!w%`dK`tgwJI@My5+pi#jBW2axS zHqId}7Az^<7QY8Mj7=j8Cyc@C0Cx_~UT8L*Hce*{m0;ypbvT+g9 zvF2@aNh0qP4=F-ZApb4uSn!!W-^h%4+*y2;=4rxt9KyEqb$7M;!KpbdVycTD5BQlO zdp*uEco=X{#ZJ632F;wB7$~~pnH&9jVzn3W?GWE+bTPSUe=|tjc@e-G#Gvww zw=JA%z6XsCR4!^E2&DmSaeuOKXq%_A(LvOESBb@Fv8~9F^eCHu^CH8|{eZT7NDHqg z>P>i>BJqv`yDqaQ$y^X=@&msC>tcOPs;Lv+sOI{P9XgK-n~zz-;7sZXg!pIL_z%E5 zLkVJavNzfrzO~^N8QwW%9v55#`|NGJGit8HIyrNu5syFKw)l282B(y~D z7+1zKzb4M2_1^9tt8tXsA{{anW1qYMVx)*FVg8@&gw5stM&l~#)(Y8^bFE_Cuu zn9KIb@9JcPlIx>a`J{JAR`WZzi7vPqhUS#i(+PU0FuQTUj%9y*r2~vdV{#Mq*eUvZ zlk`B|F$$CQh#?tFiPeH@jF%9rQmXZBQ}kdkm3m0}G@61xJD`G{?++?$CF*dk>7b__ zoNM=f#OOpY(y0+A|GFQ8LYT-4AOG@z;+P*`AyV+IkK2GJ;<+ElAyo3VC-KDV5YwXq zfGg#?>y-nRCiM@j5v%xUo(vXAH?mJ7oK0T}zR^E;v_4%JaNcIUF{3KTc z{iE}{0NE?84|LZ1kECzbm*20SL}QzxuSiR)FnzXSmjnXz9eGn+A8P2Q1{moRPjOXZ z97-J`1e%rf9o2RgA1orN|4Kkf*v%t5hb=cf5CnKm8KnrR0w z&&r3IsEV72n@knLKT6wy=9_@mP|wob=$?P!J$d)Q)rUS@ss53M;%(_^nL&TBAD8a0 zq$wjb4m9ITipTi5d7Bh8M`T+BDui8dhVQwJBV`*Z+qV z#sy0L2S7-#4 zII{HftY8+rSR-NnD0f1jMkpV5UGxMydR40ar#&kS^H%(Os<=+9kjK2lyU}>CKT6JW zR8oZ~oF-pmMYO#+@_CK$EMJVU-pa2fJHLWVxU)=oo4FDxXgP3xHLwwTorls9Z-q7< zHdl6JaEUrEfpFaU=kimy9r{6r{C00(8^0_H<*=b?>eUEZ|QYM_0GcQ`~ zBJxjdJWV6@{DD5N;!8_LQIEx9%xs*P>I zF<|}io4wmv{vAdxCrZa}O_-cX?Dvhh0{-+f;HL{>FN|!)*Mnfed@Nxk)W9Jh(F^1e z+wYyG0mwj`fF*!szEiLq{%mizEGlB6`Q3|S&w4Z%CC$Y<&M=$6GW#BEwj9b)&Afd4*Q&1qhJBPKmAt1RC2U~vTynW*}KQNi(I#Ukrdi$WYV>fXtO zIXA7H@UC`b zvzzrL*hlrei`~wRm-^`_@uW~W_duWN)68A1fD;_}yu` zLO5+%<8%{ORV3ysUkOU|#%3!`o0RX{Qt)s;C$#b{K0Wm+K;M9s(TF*>;G|IV>>ULb zh*$XXmNWMLZcepA{Dz3=8pfG~!FlW6#=DSPmMA`!t8|&n-f~j@IflSd{A%5pl*w6GbO;gJ_cHm&_bmGm-=+wW4~Z;zsOs+Ch9+18 z{~SU84pn_PXvS=jLKm6Wf^K1es0Hg8=CED?J)|$nPc#3~dwlWzl4D;&^G<(0^*+!t z=YNYur}I#PYIy28cXS0xTj2<%MIw&vzc5d3U7wDD2?i4oFWuq$XS zbu9U*h+Voja9+wd+=a(zAW~2t4At=90Q(4iZ-qYb=6Kh#iU0s_@)5SoXVTdi(cqbE zg(2xk;6x1Ec>AXQahm$nbFiG5wR50b8+v)X8}RGsNY;%qK58)Jngad~;PCbstUqYw7Fuq&u#WruV`zr;Adq1;`0 zbb@_>yO%@?)E?{6|7&k9uIV}hKN&2=Uf<3-1~+r-EIG3~OP7m|E=E$sj_8z-U>pt= z%1m>0a}j{@MC=L&Lj;--2=a-FuJ7t9Ys$LAIC&!jeWyK^pHuBURs#-~bkvz|WM=dr z=Wqf(neUpklXZEy6My*ekx;}d5VrLd*sU%28RL`oZ&u9I)WOVbLX0*WbB8^xhzUDj zdsIlzT+{O%vD+)P?H%8T6+UtYz-m|Yy(1wIuT+3Ws?3ybO&p`%{qcYa0CciOHj8eu z436W9a8~bUblGMXD!0psZH;xYkrEi})qK&c&ch-Mr*pvFt$w|@#c>!xr)$T z+_a%Jm8uQR$jMRGcIK80nu}o;O03f}r1P!%>+5eiUFtVZA>Bo!M@PcH(Rh4$8J3q9 zTf73K_4w6{)rEyrY{X&%ItWZU=yV@>fzEeM(LrLwL!lcvUg3*#49rvMsEA>%Bey3Nxpd>#cYkM0~=(9CO!uINftN1BYlAg`6QQut>}PT(F4IQE}rlYj&;; zsbU1y4OZ@&3;iYUZ`RTisdp1-_mY|CSgFk{_YY{*7FJf~TFWJh7mG@+CMY5Qwv-_K zocZYCk7ec6J1TJ17~~?ucFcaj&DYj?BQpTyjl_BXmEtH3AabQ)!nY9Ru5zSFAqEJ) zx|l6z|1o*8#g+LJ?C*&t6|&mAmDlFg5Gs*JcK@%4nlI(y0nh^O#a22(K!S~P12&D0 zYZZt9P!W4i0xhks?n^E zL4A39dn(YE`+0|+E-D?2+Qsr8|K%@5W1{vlChm&R$22GD={$I>j22Oar{}Mk@P*&n}~LYbt^Fn z<7?81!Da8u%@{hP^PqM4fc#hI>R};L?}t{l!bG-Hq};@NyOACtbM~AS@rBp38cokp zrX~le?M(|r^rJ zJ5VrBJ6L$WY z5LxXZaL|I<+)pKneTM#`(!s4w9@gQ+_k4q`TN3{<4IC&lD?uj^r zk4}XE?l9Ft|FhglViW>7#iFvHm{=E%3zH4U4gcR5ps}2$g8Y8jcx6SI!4&|OlN%Ru z8MvKny=nq2Bw4)Pt%=*%VRxzAi$`f^=AeYyW_tZLe=X5)Jj;ANnx8EADnDcX9E$ zJf|LxFHsj-c0noMKj!H3ynKlj3b-0F%hXhNaZDP@21MM#66UBu3D0;`M`A7J;!#C> zVi~UzS8?DPuI4UvWkp1sY8n6szJJRC>Dnkx?~|jvkwW?}b?$}v)zk(xuaiZOoE@Iw z9h2Nc+{5=^>qXa0S5wt$@ak*~)M>GdFIJB(MO0Ggd8f00j%|WI@Y{T*;(8||`nzFk zd@?v88G_~<+5}_6{MQTRB=a~3hMG(cMl8a7^jre6^``q=v3q7Ccd16oz@gIm(97up zlSWN|p!6n{ARm|~i=*%Y$Z&E*Z;l?X5wqyGr0KVo=(Sy?R&W=Zhnyk}I|9;ZkQb&{ z>Fnv)IfjL=UkN>YQ?^xSJ^gnNoo{YCZ0|d2?>ppmTBBEp-L^z@R{mWaU)WLC_|013 zcB9R8W^Ud+-bJNA7kPln3M!Qw#sZjAk4~tO1km3g8|Hv7^A}{@a-C)0=pBw04$4sm zUeIY}B{hsr#5+Vqgroe!BjD8mIy*q>^SVLyk&=Q<~`O>*o1Xw4!&z72YL+C>i8tdw&d33{=j zKLn0`aUC-4?xp70{kqvj4wUuKh3z@@rl%VM*hd;dzPtN-br=Q)3GkD%AKBdsc5}B) z@ywkf7+(WufQu@%P1~0s@@d))G%KCzJL_4$svMd-t@mWfv;z6yZ{$u+t%XX2li3v+ z(dvN)3g>z8E1y_?r+rp&&;KlHWjLv7-IN`Pcr}0Uf}?^pNjTxXoTBEr)Ykq+_Q55; zMc2~DFIcTyEkBjFl4qg>77i|uk}n%oc||rUmN%C>Pu3{bC|4R!&PtFcC{F)W(NFvI zE>pMp8=ghz8q*I7I`?Ch`CU#Gm<+A)n-I2QT-fZ;>*CtvDi*87tOaL{tyHPf^@Kja z+OU6kO_y2hO2_lO8-69$udu4~EHg*dW?E`MfXU_Sze{#_g?ccfNWpynenz1T5OR znmUNoc!RN&rB7u{WnsxOpdl3hSXXqzcXU6XP>4ZeX__hU=hFr?`@5JLZsr*un&G-J{G@VSxvI zU#Dd3w=abbe8@Hr>CoP7&*h6m^c~`2WP54u=c~W~oEsk>pP#>naPJS=w|so(en@H` z*f(rHQWElPSJ+*u|C(E+`(A#=AL8PvPEiHizomSvE-Ws?YB1H}`#+JQ7t5+>QeWlej#ax;hZIO8MT4!N#Ee z|51$S>FE9s#fXWHj-BqmQH)p^*yx!4H^peN%iRroD4k7fY2|T~`-OX@r+@A=T z^a387%)SA30<`F@TbYsJ*(CR7&A0dLtfIBDva_;cr*r%KLZr6$w!z`U~cXjcT|lD0oj1R%v@huB?CM^)Xz`Ms-t(9BU2x%Y z^#8LTe>dz)Q2=%?doS`JRQWyZCt-hQc1h)9{wfrjy|QwGC8PImwH=`dx*zRDVRQ;N zpcl~;T7tfT+EE|67cE4upeK+4ZNWcA915XM^cafZ0Af%#a$p|qL2sao&?x#NI)UP- z2mKD4;XYkx7}-&&@-C!3=+4R!sHH(2=)34?d^KK=qoT9uc4FZA6Scv_{;cl*nWop z!oLn}>p|C}tw38}hSB>b`VKmR8*l^TU>q=74wOJE;oNTYC_Mj3bR75K0X&6YU?1gk zv*n7lVypbAQbF~oA6mEI^Z;`vG|+{upo@Z1nujW)p>_zaBpJ<#9B(D%{H*oLDx4Ly1duK$3U$8^H> zHRcuOckJ!#Zti3Lj@c8l@6CQx*@;wuWeZ^(u1DX7QTQviLmLwKN_;K;4`}%~bC5N# z5*uQRY&*Mx9boTd?`40;{*)W#9_N0|FXq?tkE_=P>DK_(-Hz{u zZ4dqqegS_Uzl?v6KOh@Z2V0zJV#-Vh)6HDY+z#8l%yH&5<{j3{ZeX{uW3WBK9%kR* z5XW&9z7e)X{4V~R!jDyP)gsj;;!i%Fo~fT1nEBl-nsv{voxOkdh1ow~PtpN8$1_$~Z4{xkkN14zuUfXxvm z#$=fi^t6Ln$Sh+ngza)>Gi<}mD02h6p>HxzGDn!#SPL6r)9iY7gx$k_mwl0amHlsy z;Zj_dYvWdNmvgsruW&!(UgtjI1AG_1iGPHDQSb-_VWn`T@SyO7@Q(1YN>KHwE>YdA zdR0{sBfzbG0R2964$I35ui$HWD|Zv~7SM&09p<;=l`vugvx2>vy_@|xe;Gc-%J|oK zCwm2ZRpo1JH}fI88LwiV$8~IgZ)Gn-ccBV?ocTR-n)wrF!z-9~ah&@Ceu~-5b}$0v ztH0oE+^zgO2r<7xt;{WWiupc!D|>6@S=7oug5TmFVSa{W?gV2&Zvj_Yuqf&U0y0ptEH{w5gj`OKZTo_&>j1pSc>G5?8A;roGW9K%bvFmo|e!jA*Toxy%I zjYrThz7Hw*8T=-mL>NEDeiJWcbnvz&7(H$V(RYju;#XM>8X#@NQO1V*m{ZJ3_Itu{ zwumusiJzmbn8i83ow?sE`V>&Wy-W;vS{HDWU*JaML=OPJKRx?B!m;_+`CWi#Utv?| zLX<;;%#Tqk(8eEO>qmE>M)Wk`;GHPPJcw?tjNy&I_j`eVGH4QCiLzJ=+|mJU+XnK& z&eQ=fTnA765cvO(fa~|*zn~kj43ss6;v6}17uN-xX$bi5F4#7rK{)ynx<@#~{{k(; z4um*)_7TAH-=d2_=KKdd-;LU!eQVHHxD>Qn2F^SJSA1!95mI2g1N|5?=oV=6e4z6_ zZV_Su-G!A~E4$FT%2z5Eq07StVO=vqm zz^vkvTmg9O%lIhBqu=0Nz_%BnUjsjiU?=)BY~O|U&*z^(JGoy0?<`mDs{9h!U_9zz zgf0OodJpo9pH(n4AwyC3xpgMwAzDp7x26I$ zFZ&-gm1<4pOie7wZKy4slDk6k#IeqhJc-v_&=2tEJ3|BV#59F_DLhVLJ;1>rTp)Kj zH+9Mrcu4M==)Pgo&aR%pwNN|W0F=u9rQ61LdS%P zK1RNR^akyc_ot?I-Zd$qONNrVjiHU}FY2FQ*AI|qn3C|^&I!lXlg>{L;pXO!{_SU< z^{_j;oL9)?aOckL^2ELi`p-TaBx=6{;mGXo-v>>!;=aob7V%$3?(1lxq2i$JuNaX}_cgZ_f^oN2IWlv~e zeW!Q7745um%ablecAa}Bo!T#%s>8b9V5|W;{n@~!XUk>jq~YoF`c?$l9>n%OEP3Ie5en` zcKtwW76v~UB(HbZq=GJigNd;V`m4t>y2Nt;DcR(}1T#d=OwFCKtt4m0=FXhCd?*BX ze305Cwh1wM=5Lhjmaa{$6WIR$ar)Bg`JUyWo(tCW%UwH%YGd28;+&)E`Ia;1Y7nlT zfB~Q2A}~^mLx6f0uIVQQ@aH4lp{^^276GY28z(Fs{j7%>s6vc~rMCk7z39xH$w9x4 z+>46{6#q9)szg9wT7u>732A6iH673dga5~iCM&1NRW$qLvRa=eT9fA<&pYS%oaX6v zvd~~I%Ji&Qvva5BoO9j4tak3~4$0j+hjy-?tc+a}lBLkjBWyq0zjL^2Xzuk-R-WGF zndrW206MV=w*qQ2Xupvm`f2O4j zDJ6yEKqdzu-+(F(Fe0t*IiesmM$dAzfF5s{#E6!Ob7dH9m}IJD(p(t>Wn8sPp=IPp zI7P>b{2vLx=9>W^rA=Q3wRvCIw8m~q$I(61Vg}M4~F~!Pc#@x zrs5h=$MFn4U+MnUgS1UrgVIc!xs-+BGMP*8$FL`pSekwxNi%bKLk^7$;=z$5Hsu?e zn)9Ymh6#mCR)^hT&*yEyV!jc?y{Qn3#-gE6F=!#@@z?%qYno_%fIKpe0H zv?s)<_`8u7)iI0rGX$fKpm1eM@sZA&^&-jiK_?l8ppy(k(Bfp(la;?5B*O*3iG!pH z0IwY+rvdosVNzSIcTQGL(^>%hf!1=8>ZBF`uN@+_obn|52gR{0xH-5j$Oh{+0}c%d zSWrkUVX`vy6uE&=Cs zMo0lMAcf|iI!H{OB^Cn<9`wHC&m zxX+1)oWss>=RW5tC+|EEI`B2Z1!%LU+oU#v^V6dg#mm#9&^75F(;wr1)Vc&eK;}U_ zIxv76?KZ0rs*4s2O%{{YZYS8>*i=R4XsAvVi{M24ym|HYZSy|kYG|MB=*W1~D!UQL#7yIaqeDoH+gp=GNVIUVL2w{+G5(Gm?)day1QX7DODjIS{0(qHmj^Mqz zK~atK(NGht)6QRPlCDpZ~>XS34u^!x8iZziW<)Js+DPbS}leX0f% zWRs3cM`_ZKgQGc8xHxMks7i)LSlK{f+JJ`Y{f%LfBDF}-Toed4i*|+-*=dnoBt>?6 zv4DKErjHi*=t&>#C@D?M(F6d0e~Q#dB#MO^DbSXlMHVQVg>JohjP$08JRYUBsMHt5 z;*fr@DOc<(4i$%s<3&ErVTHnDa5PaACW^<4%tR3nLBUj!^@;X`-#Ez{6;oXz;SVpV z6BB;Jl8`Uq4^6TLB@=3h)wk#T4V_*TYRuCfheIKw(V%hI!>Vx+Pl(tk4vTxmS42*n zWS&(#iM%gdA4v2ihKQ^fON=Kb5-dtc2_`{^MQybg5<`V=Y$LRhB&;7K<4iRN+5j>E z>L|CFN~Icg5c=rYqL`g7R^TEo*5Spx;N;z243eNNnf&Z$fo|ZBfOe8epq{3DBZvSS zkp%Xt9B86~fKblag`}uTO?lk&m3w-wmhA>@!-Cm)7A3FY+Iw%jL2GE}nVo0tZZHPi z-k1?vlg#vsJ*(Pop53xK-~z&mMUBhwjkk<^Zq_$w_j$tMg&XmTM;EyXow4Y=*>3hX zKxgy7t{z|?P(Ek2_dO8Z)5M~*w3fM{{)XiYsuwcCg}Y>~+`Me<=H~08!)teQyZKuk zw>ftgch0}HYj@8b%kFdB=iIYwk~_j5bR2ZPTzI)>YVGm0C)S=?>v7Aryi~L{1=jN4 z6qhuWJ;=^B1($e`tK$n{X$*~{~LRCdi>YDckp9nq=;-z*C&Eb+D)K#40OYjl}N|z{5v?N7{c}brYTPLxo zST>7zn+SjjZX*_jJsr4Xl5J3Qt|gkR3-`IkT#V~k=I5YUso7rC2B$QF%5?$0AeA!q zKF8)z4*4N1pT>&MhP*R%nqW0&8cA}%5s1nxAv@V?FtvYK8F+Y(MV%MzM;^- z3hmKl(M+U1x+=25i@o#wUer_UmC*uRmeF~9*^BzpyAevf-Z9jZIExWPy4^pdk>tnAv{A)<;$^ z7~Q&e&4Q0Vo9~b0!t=K+D%kCu09xzP%1L%PJAtgo$KF!Y0OF$EYC}4La>zilnig-% zfmI~~Auv6I4v~6bB!O;AAOL>!6yXnC zgH{V@nM@u91T0Texi&ahRZHIlk$h~bAvY&}eYP>Q4^1GJG(iETN*hsqqDUU1gb9I3 zDp@t50%L7RHKy99;#Bu=U*!&PEP0d)x(4K=M2VcWS_6LQCjp_iz!6AqAv4%Xk--q~ zSLN)Ra}xL1@ng`|!J~tN$wt~%Xz4L%pW-sFa}K(O(2(^tmUqeCk^^?T;w=S8t27-; z3SyuGq%k>sG9E9`;^p<3f=6(v`z;sS*E!ZW*Sb}hRSPP$sN-#mg&oXY!gk$G>2}}O zn8%%mEUz+e7=JCDX8x14n1@tD;xP1Xhx!H84~?f(B8OG_+Za~;bmasRDkqdBP3mrD zp?X_PD2HwByb8ZT8*34o_RHVBSS2s;1{Cm_r)BLmc;AV10=jvy70hM|&9Ntg7ni$w8{ zmsHh^SUm?k)gw>!TNzK0~Ud@i)IJ# zoI0jhFar;=MS@YP<_o{Z8#iuWb9*{q`_Y4szW2Ao54|+A9Y4lPt_@AgZ)N8F8Fp8~xjjt|XIcfCRl!GOaQqbhjJ8Nep0hMVZI zi7Ml!z?}FC%<0_$A_u8F3s?#52B@MAr5`I=S`kaE)9!i(6mKVrg6eHp7TX-#7Gq;^ zl~c!p{(TIrx4~&?X6j#bZ(@1Y^zAuv50TqN;o8mWZE8jhH*gBjQcABTj!-&j<3Fj& z48WhM^+5j6g|;bptGL7^g$CPQYOJ3YkDXu1BVDAP|u8 zm^>~sNS5RYc}hMm^YT#Q8=s;GOLW^_2@rAgObT5Dr-O_i-#flII5(!8h;4z0GCZRwmvzhM4svb)Zu;q@VRAf~}K_KBbV zv?CR3>ar#-o?W~&1}bXUE`>~ec*DN)yhKe!Oy$34m#|L*zQj<8sjFd3VjjhqMom4* zGy-|o8mGmDWHw=;h+~oMQ3d3|l=KoH2^<~!1W}Hl#>&Ts2o^MIh;rv7 zphh#V60;F4ik4r3eQWG=k=u4rmi$ynYvcoV%n0rO?*`KuK3?-eQsWV zexPu5fm7z;tjNX_W{aHgyY8s75PS=vSa4a)k2)E1GR|@tsR@&oFe=g}m($SL5YUWk zm?6!W<_Qg}c~536llXGQBg=ik;UEJlItog`iQrW5c#sbcwZ7O>^ER|e)S?=lCb%|T zCcXy88D9fyklNr!RX90YRO!V?A*ze!B1KiBjI(-3^6DlTH)u05qCAWKK$RMyx)g9N zHj=kB5ryfDN)(%OQsnK;O=s|vuc9sS!ht$O5ShX5=)&F0c3w1c=kT|eG{qYorJh;Y z)f}_fq>$ek!3DM9n&lhkUvQDqpUZ~X(&%ej)?a_O zGLUl`w#|NfbEvid{L7B~eB^v53AaMl%HNna?giw*Gc`<(_!KkXsZSvosnt<;gU)8b zyoG`m%Fry6l@BTMS_lWE=uOaydO|E(F=ez{xk>CfK!T&n$7YTn%T6Dy@v=7oKeH4! z&u}r9qpJ1O)OHr^0m(@%689Y70zk16XjqH2Mh~`KVa1EVej<-kyjXx|Ydx5!=*&~s z0Z$Q}w^W@a0&OYfg8=-KdeJNvpZ6@+0o7p2Gsg!9r=(-j(ZM-?6TDu}5u}F(wChUi z@H&Pm`}UajxSqE?Z=ZC%<5KPQ;T>+gOt(zGPPb0~4=32&HfPMq+HFpko5dutdiG(~ zmaDav%`prXbVbr=`zxS0{ME+VF131og0z$PeI+FW6U}6O6F$a=Fy=TuZ0)n)F$+c( z$ueP?vK+UZun3kR@8dh>ka>o>1f;>!gT$OUJ=liIGbafPm8Rj;NesA+U^kbl{$PTo zqr?kf%G*MKmee&&q$}v_rckkosP1^lYp>dftHQr&_t|wAbmcGu&Vt_74Y!v%|R^;vL%U`t63> zjN6lsagXICvp%mc=!?F*uiz_Yah6GQvR@7)66ySWJfA6ZIakh~3*>_570xRz(l4rC zpJ3~}O*0{cXAlzN4QwcGRWskgiodRaaUhDL zlQ^VES<~|-<}DMJO;4EKGO?yfX8Tit@A#7v2w74gus4IB&-^u0$*>t^VNuDv0tYP0 z$eCPbD#K;Ihr3Y;cVj223fDo<2YaW%b|pTfnNdJ`q6?O%0Yj)1A<1?_CTX}uI_gBy z`=_U|G<|xSLW5Wu0hltwrf^PWiAS|5bsi;*(L4@YAW`MuP?Of>kye*V#-#c@HX0K3 z5pyVy#H^6VD0!9{isyJG;2`Lrih6_gGX3S!h9oyQKu|M@K)w@8RHt4|^4dP|GL9n|nw%_g_+yLj6L^YcBoTz1X97d-Tq znlJma_-FTgVd%CsjhChT|9;(FEAIJ4(G|#&8ICTn6_0>!U_?GfSL3K&t4<({QAa0s zbkt7NNm?zWZjSIza*_awg%onM8s~_JS}B64N47cxQJaAH#Mo1l^Q4}eTcBKI(fz zEtvnL!Hd*g_SLrA@m=a2#y32wfYMmxsIj&;fM2q`>}HezUM$YF#>^3YK55pLmvLC( z@Nts%aYNiNH_lCP0{6a-IKLF#ULB)5W2cNJd#8!zk?fg>FYlS?yI{?JoqzHE0Jr$U zHT};bU1bV!um>trEiEkr9sS=!ZnhC|$jUapE4}ME>kwGoK&?XrQL)b)F+`b&H>!yU zQIpXsBOi9l*scc1sRGENmt^c=A+c#4GIH^d&4rFNRmXQdT_Xr3gN3<4Gn2~5>cY&MWt3Nw-A1~YY8R3{+? zqI9Z3$<&D9h~I&bF<~Sk+$@M-7EDh`Q{`hYvQ<=^dXtz7(o1AJ$Nzr>8R<2M2smFt z2*aJk1g1ENska|f(M+51dKD)Pv>c9qO|24xA)Ts8<0)$QP^)APLFez1_t^GC*-o}o zx5#xnd%KQ*h{M_Rw&1uhuG%Z^RX-v+07f8LwzK=ojy)!w3DUNmf(> zA^%?g^M1x}3P&6`*(YHsSD!GO1W~1tz%ZZ07e2W=jnk9N2M2I{auQ35KAym4qe;5Q zXvAS+WIs7HRG@ilYc(&It9iJA=8D}LEQ}j4G0oQ*h7D7O;|9UtN(yo6b^sBOn{*LS8{{Keok7E8nBuPsBsxuItIyA>Yr?@c zJ{WQYU4gj4pl4ihyB&$%wq<6F%#v9)=gf+kH&0f6cbLu*FAkB>onJ13?JI}yaA;rX zM2HOq9dtt7L2=nZS*!yzXsVD3v{0b4Zo(sV|1zQ8D-pKyL2?iTBbic}CcCLrs*StX z?Kj$_h&AdrdRJk$4HBOzunK!Du2pjy|7Smo21oGd;7I>A)E^}s^q!NNL5I@Ky zA<*hW`Bh=NH`beH;y8!Td*M4T%wGSSZL8kFjk7;JwdUGLbMRXB>TPl=vUB#iU(EjT zxmPdog7|h|7w+^Cs_zB~vjike5dY(V$l)60%Z&S+&e9PO>=C0{HAKvxAoVZ82nBtU zl~<{M5r7{ZCTzghz@jX5FAkQE)xaItEVTG#S z)9+PX&fma~p|RjW&-cNMKY{+ptDEscyvn)KyDl{39P-}a9QE!r-)$K;jXS@Azs@`n zdJ?~Yf1vt->s|4r_s{Za>=c+K=GEq1fnD-g=u}8$lJWN{Cy)$#pmO2>@_|y-t>mO2 z9tw^H8DhrC!M-5r*LZMW&7?aKJQdUjFY~cjKN<`vU#QaX=m-d{(UF;v!ILAzfP_&jPfw3fC&o#0O-yT+`!@Kl^|4>{VZf3B(7Zu{ z;T8-;JBUX?{Z4}1IEW-?3GAIyhb<*ul1iAk#-tM1;ZysiQcWBIfsf#t?+eZOJYrR% zRuSJjLB3{oN#ylgzw{2q2e*H>AvMo$(uP9wH=cLFS9V--escj|bm-r)@Yd_tu)8;! zjoNMq_?KMrm9Kx)k=X*huS1ASl64#?g>O27GVuPt*jmhHu6JJNxz2lYd^mHTSGC3Y zRQT!mZ#=*8{yHqUVp1j^Ek#PPdGTCkP3(%;aAqu{eFt?m5C2#k|0w*1 zgC+TQG!ta;n}JFNco` zMsCTSb1Uv)H}77Ysqp}m!AfQ#!|VlB_c$oPDNMNlrZj*l4d6PXp*lfd6?2pe7#>My zCh?6=1_>`np8v1BV6e9XL|K$gzw4nHQ7EV*iU_8`X*#bnH`D43Cmdd9BpyvTh#KsL zB<2FeH{t=M_Y?lGc*Pb)^4A3ep?O@LU!I48asXkf2P04~02xL`0UHMKVDfA(eik!n zwAYw;%wC-|p>6~Gb#Jt{F!M})RmAE6wu1k5_~+xl`C-Fod+|cwrUw??wj$rhe0ui! zu|O&kX$f4%UQM8$16#jw+^|ri`N~-T13ebtE9U__H}ZEQ8~(yvWR9cqK{YZ56j-dP z=?~QZiK+h+>n1CIr}J+*;#(v|y1C#R9ht_US}(BfLsaqQp9Kv=gk6O!#JOd$Dr$0b z8x&;AZzdbhs29~~`=dm|ILp}?v(We&D>eTua2Z0Xnr2beDLATM=;lHLbXD&x1*+jP zI-SFQPFz5_{N}N0gv?Xpjw#0}2kW51yt_bhrL{D#fE@?)8=LwZSaI|@h8)9=amPNW zsM00;swH(e;TK{dYfRs6@mo8gNh(2ua9FRa-9|?PUW)Sy<2u}@!$Z1Z-MDU_?v#$# z9k8Dj@KT-4FSmW-+XMrM%6A&!a&A=1oICT=uEN6EayjER1f1@;37h!4KWbmq;-e8P ztn%ofNSZ3vX8h+ zX0@uQ%=%^Q);PV$<<#oDA{+&{pp0Ewj~Dp_5A`krK2U~1848#pNmLDhs`|fGls9}5 zrC~D7@d+Xw@Vwg}`uxwoy6f@2M^_nTr?=jKE$RFZ$CSI-&kua zd+1Ax2;$7dXMWq5|Kal!&w8vN85UQj*&U#FG@|p^#dBImnc5g->if2NR2i`Tz=DlX z&Kp6xJheNCj*+L%@BCblQ=Z_GjbK%t*3FkxG*_i5YnRn(#a9(Ssif0!+nm@*OP#caQ;PUiZ7B{^n({Q6F|E=&SkE)WQ~hf47@%a;luk|& z1LLUlYSkO5Y}R^r<{9(yCTx}irLpp3>cbk=oHXBpZpq()c4>DN1)tg8DwW5|oZ7pT zUn+FTU3E)amGTass4=KyRJR!SXclW17kipJS{I+UT6?+ncJ*zV+qA|N_FL^tpuDck z42gMEXv-whg=eq_>4;@}SY6V^wWTVvXe~;*J{_Y#GNfZ=n%$t|bZt(e$|SUDTp@brV$XH}N!YPqc5oRocBQ#PY@(j}f%-II2NC50ve7WNHWJ?Vy#ZZz} zeX21PE2;1)74B1ERmc2}GxImZmOnk6lx7G40B=iHosuMK71-SAnUjOk^axPG%-~28 zEF3zmn5{B~1FR0Tq=D&bBx^NxVqtNfH^f_-Tbf!JK`m-TMhMo)b&OEdmSkk|S-i+> zF$VNrTo;rAf^$Jy&e4r z%4R$`Kq!mMa2{-co&rXm08NZ!hYh7>*+7)CcMj-Cc0$o=OHNr^a=`8-*zVSrH1H~$ z<0RKWu7O+)xw>@DY$ovvKtCgbsv5c2+|<-uqg0z?E}D_pZ8S8iIxo;{t5P^zQ&sku zg`W>Mowx4O{=|>pU%k8>i89$}Bs;Np>-qD%W{txr>1=Jomo>EF2U5#ASG6p??HZHo zb60jWbl$WoyyLREx>ReXv5;Oho(L>R-ah;Ct@ErZeOt@@onOR*ZLZW%Y0)}jacr!d zWPS;h-@p}WbRWx8iq9*A+8Ipabuo?C#YT@?jOj>uENCPFxa6FXkb5IJZ){MBF=LQ3 zCwaVu$5->1k7O~%^(xnme!Rht{Sn!Xhd|9^+-5B*9~~T=9vsX<4%r|u_%abFK)%Ob zJtn=HJa-SMi_b89q|4>h$A{{_DW_kC?TXwD9kW zn+O=AG2iGG4Ky|}W+quImT#=hWgV^NM@eMEAlap(M+eK&QHrBAsgqErTq(wE&M4Ya z3f{icI-pwW6hNheR)Hx0=0n zpDW=>?NRU1JS=}P^u@5&oYcotOH#}7>+&}xZc5!@cr5fp{vGyhuPz}r_|dbB9|v$2 zGk6jw51?m38FnkCdZ*v@tjF&TxUuAxVdTh3*RytVvd(M{hxA&`7^4~Q$3H-sY<&Zm z|1hZT&$wJp!f&khEE!nlCuWSzBv9(FBo2Jh*(VR zjp3o#aBM8b%CTIGi9L;F)QIK%J#);2c&lmj!VIC$N)YI?lm+5EP{9BanR@axG1_U& z@X52>*d1Vcg+rmRUTf9swR2AGfvQ(~aP%C%Hh@(mI+&5w`T|N0RCW7!A|OjZZ~;@$ zi-m;fMY81gB2}FC;;M2_Jbbzpaz=>9($+PObm<#5DRPaX5rRqvRy zS&1jal%G>j!m+d6^vrlLdgDditK`7Cdw%@v^((Fp+8p{|(EG?GU8~p6{w|$<_|r|j zd6Q(;u}{qY@QYV2Nw>rknS~p^ddnWa#*G)=b@v6Ou8YT8ORGm7bQldz&|W$#CpjK8 z-~dW9JvA;C%~Ee^LU2-NiCA@Xojnh ztYukpsdw0i72lAL@ddPS8?Bw{$aWgw0WG8kkxZ>0nTAr!ayFBob!g{=m4cAX)OgvP zYZVM2qK>{fIC!i)O&BY&guvR(g5k1oVIfO!V?i=g7|Pzv-OTUg#}r#j$rsC) zX|9&H%6rjX`P-@^s+a1uQPC39wVVBxPMa@gZ}<9rodLK^%cX2|)B-7-N(ESL0BM6d znW!LU+mL87J5ygk(cr7ox`PNn|}DCUjarhs{Ee6iN6XINDtbt zG(2E_O!Y0zwKp{M135wwz!~nwguQM%a9OSna!~Z%d?ApRM#vQWuF3Q zWonbuvYIif18PRS*t>B<%|qQg-7AeGKd5>}=VnwIvBwzEM%__M)Sxq^kq0}|*s21^ z&I2TA^l9v3ATf)!G;(l|oHLsO>~av8yh%bqk~TLHPpwHJv~M;^u_!Z*MSSb**4g)F z-|cRUrK_ zXtWxwHb_a@fF>|D;$gfOzk)eTqQ4_%mpg1W_gTg*%orpS7M27($hEKs!7>zmaof4^ zVxS@rN|)N^ocLs;OIXf$RRDV>kJo7O8r@zbnLLsYtOBwuf)F7KyzMs!kJBJ7&}t{7o)!JiB2VQ*NQrVkV+=QYS9WK2ba{l)tp95LGIG1MKNSCgC2^67>zH5*2c1-lFwLhINUC> z-omq6gWuAeB0*!rn!jpT%`Ij1GW9w&tG)%$)u8y2uNh@*l=sSvyn9^=XH(@AlXB$? z-wKlTILY$~hdenra&qSMAc>ltIlt@D&bLvycjjcWihgGzD#WVt2}-Cl2|0=>ufh?o_z?hNIrrXHm2y2kwr~B zgD>Y6E^;QNe~?*CL?i|d7Qx>8=uIv(+r5HtXA^MeX~2A$d7+B=ht+E228<`m(oC?+ zurqULJ^lXs<*fM}d~R@R)E-f-t_#9-S}R>-X0-^WdK&O*78qK>U_qvUOzv|m`N_Y! zG$Z@wF^TFtirTzf)9+mCVqIj;NL#EU__E$sw7RVBkh)G2G|A?$Q+CPjR&`0!3a_r{ zYIQFW7pprpUCu7oV)qr|m&85lFS{S|?5+D2dQ5y&{Z-dj-H&;m6A!5mYYsb~ay{*S z#xqs-OXmlg51b#l(|gspj;_2MD$qRHP|f{`Y7QD0&111@9tu@+lZobv;_?=ZbvL6? zJjx97H_M;pZ#V6(Q@4r*O~G06yd+EoUw5nS)a-C>cd^apMNY=zBt+zqYeY0zxkE{* z-7eYba^=(-;5{0T+f7NS`XLXFQeKsS+%Bzi68jYMIt_^Tux793u;x__uen9-A?#aH zgzP@?i1<^GTeqlP*Sm>hOGavFuhCpk*B0%N{6J%oWKZdeNIeCr#w33JuvCY~>Z+pw zwMc&0Xek6qNSjMaCPzk3lVvtZ_l)yx7jS#$Y46`@Q&iHWc0kVdxa%OJMjc?xoMSW6bGo&dW^L)<(XOG%W$aDp9IV*znB zBK?0QOhT6-Oy=ccCj5jqmazTuHHWCJE8t|o8uHFQlbAhXj|WVRKz30%l$#Y8eT&ba zHfn+FO#beV|HAT3SxGGdwVXnT75Giajvi2~igU=h&w0YhA*bSGZa{Y+#?WrTSKxM} z#`{nmVks;F90F4N5E=0m$POh4|6MU)P+`;z=GCH(VbRn0zo7bJ#cVJb6;m;1+y>V9 zJ|kyzIi6<1_+%|gfy{|bpOmW86LeKm37wIrFn%M0ma4+*umy|rnKO%SPvIp&OWQ@W z%utJ6ql&mA3%DPA<)iJREq*2vVSEi+ncv=9FZ%<8BYdH95^qK?A}vZPUZeL&nIZr5G8l}wk=<-wG(M9y0Gi&0i-&t%%$U!-X!tC0JWl{=5}OX0pR z96?;=#FG}!e4f0{BmgcE^K89(0aEls`hEHz;g^}$@$1Y9z1EGe79+i)XBnV_N&H2{ z%`#S&WjI#PD+`PKAFu$K@CS@IG>P{d-lxS{myUm$c?Yq~pA;S9B#wkU?c;dvd(7KN zhy6fCbh2mqBpKA+)5I7_O4A@G0AG{a4YwSf3+lR#zfQP~zfIu4cm{N(5t@K(fN6kJ zK@#5{`ziCQ*|uSP-|ViD+={%9UmE@AbKLhmnISFt0t1=DeH(i1M@iJe+@j>xpf&y- z=uZER{2uq0W8ZOqC-$!U&#^ycbuDOXY)k&3#y$B*!{5%o?tVS?dR)V`PBMRb(s+4O zD8p2h`v!`ZGy*b z_1nYtxGk4y>v#B< zS{x?QG< zAUVOYGz3ngHx&?vWwH_o|4fOb=cVfy_!LNpw14hIAoga`cn%6_9V!bSWb2RUM?J|F&lf zp}5nJRc?>V!w5n&9AP5)XxtgipJR9>Q@;Jw5@+jh~%OigyTg(F< zgSy;ywmny0b%B9RJUWU-N6r{~h{QM8YhiEyb1s{%5ELTR0aTl!GJP_uEvVQ7pYL8j z_SPR~#_}s84j+k^S@QJ__djy;%%>ykO80#6{1>0z*mvE?q32e;xO;xThdJn9aMA6T z9$6V_3XQT?e#(zyjhOXqH|l&s))k-AGY-g7-mQTkUH6wc-hL$E4Qs=SFREkHaH_Gt*R}>S7(E>S+c5WFnLUx znIgZrbxmX%{$Ih`%?Mr2{{;6si_cs&Eo)kA%O?(Rcot|xO?q5pQ43NU5b1?+~d`QnO zT{_Tzw%trqVl>kox`1e(kAXooEfFnvLJzjo^QgP>4(ftE3wy5e&LOwc<#ak*sy{HR zyamF|b4jh?$+#y{?`3zyJ!Sd*;bU?`dJ z=O$VG!BBg`-wl8=KeRH|+rGlTvQtbn_bR1CTtuqK!d0uui;1Lk8m&s;c-6x0hMd!( z8340LGKGUV84t@7VDe1jqGD`LWRl^QTr(bSo@i#8NtwNOb$fW}(m-!tFEiFV-pim~ zsh8;`iksD5=pE`Gm}J&GNlc_kyzzF*#Ln30r^yn9lhv%PW-d|ZT$%oRrwRM2dGOEZ z8Oga&8*5!yXVgbR(XcM)#Rg-YAu{(_0~!X2h)bQgoST}P=w}U@{`KPqwIyLR4pOCZ zd=go4rkJiE``^AIlE-};&FM|~RX5u%zq@DgNYJj=G@UowW|Ukl~Y zlE$Q=9983_A5?L=YoGi1aPD(IC#p-4oOH30GfJ5uDToFO#aJ2#Il{4m^d7-9UDuQ* zo;^~Up5w&nIo=Gw`-+hUR@3{XK>$WTxxbOp z`BEI=euNDqr|BnE&Rx+-7IZcOo12SxI(KPje}P6j6=@1jj1}OfjDxf|NQ;BCIGCPeWohCRBqsp)nDVrAx~2L5`Uw?}l5J7yi<%a~ zql^(_bgX5(g_~%ZYB}D*CI#HrGSo6mij)>$Ue1KyRQ+s9I^mBksnaC<(vnax;g427 zn^KHr+6(?-CzfMPi1rd_&Sa7_E@xOhuE7%;Y}5>c-T8`!(@^(d8U@3dK)NqIlpaoV zW9jiUGm*w9Ev2W@$J1PTsJZ&dl)?Y|CsV9$FE0uaPt?o1yjUf=Rlc*i%Lon58=>D! zG5s%$<&&kRXYr5ba{{({H-E1E{9%v9pvft-^KD9_h7EM)8m?SoD|OGdo)@w@jRChU zYrtmy?wL!rcCETd`S$GhR?ANM?G)*J+D%uO_Q z^95ydkj`xdsWuZ-;zd_*y=h~U81OK`I%mLR4%WE>9vlp*10GW_WHvDj7M(7tCAjEJ zn2RHqy6V)!;+S|sWGiG@dY?EXvg^bt@i>_J)h`=S+7k)wk!t~%Rea>p;(B>FI2Jq+ zWOFoFmnBiU%=+H~$ADKs;i9Qbb#hZRZj`1_LY8vd zNg5?<5J@2clw_5iG{rIjTw^43Jc3lW3T7y$$k+*M$;@$-%p6C_%zd~iLxxMDMG`gz zxTwbAj>PGM$VXMkGVv%X0$(vVQNGgDjH0gE3L@eIR_pZiD`@N=_G@ZB;2OJ`NrIa7 zNdR7rqF(}*Lli5p+~?+KJ<1VdDNtg}f`sA!MfH7}aqYP7VdF!lhs_TK_LiR1XiBb< zd!4k-v@US9wAr*d@Gzr(&p#bt#?+rRyu`j_e3yCGIBoi?SuC5%&T^ndE|D&9evpGR3K z88KrrTP%_*;P$&Rz|>-O8b+MSoK#$|9{rlEQMpDq}_tfE3AL#)>h6 zWh4hIn2Rw+jU+iW%?LTjn$M+9-A}YyjR5@5<#KAYIo+6!Iiu%3`3+VM9Xb1(q$6f42T1^CG}TRr~8kG*`0mNKC;BdS2L|U5G?!Stjv~#-K6vQ#(ijnT}l%gGYVY_&f%Aw8L z9i9mphloy2d@_1%wwS6~HB+@$r4;$AnWgO2_N9*1Y`>}B{IK@Bh6hahwEGONDqgj} z;`ojIH;yy>7t9xSs}&Y9PKDd*v^njC4wc%jb!ZDS&gssr_U*h1F>uQ6a_XE)J?*3v zN(WhUZejGps2XZDjyr{eGYr#ZNIz1zwmacY=d(`Ad7Lf-G`#Z=q;%e4c&Dfb%0JXw zmRY(jn=OoG7^*}Ijuq+xyvPsn^m2X|G7p?5;1_@fdMJto%cyQ@Gqs(1fqIjAoB9jI zQcmA-co!M;A`0T!YD9NUYd>q6Ll!3E(Jwq*S2MC!>cdC3tKkdkH`NqgArU_-M^PdH zA1F@t%-Q6;(~0gk8mhN&icK#WUXn-0nxHfwOZ&?KAVUdCRj?xO6RV*D+LQG`zpguwBG%`7sGlm`_GE57LUu3=~t&1x42i(yI(FAwhup9wQz z6V5g)1KnUV*ba691#k+-<)J_V6$vI|=hkP#P%sn-QA!HZkW#7ykGs(Ab<;{q7|*#o zoOUOr^fRUvz^8PrfCUDWvguGN1o;)v&7zZ;v#tP64LXg^x)+h7sOUyZ#ypP96qyPr z;)XMhlV*)7WI2nY4$Qivf9djvZ+PhT|6K8-8`r!vHM_Q=-iZL#LV){o0&72ziU(=18dcrgV!gY3>^y{PrjObJNUNn zU&%iOJ`i*>+1N0=<4`opfnn`4Fd%MNhzX zPyp1_|A^WKM77ioLbZtY5A8?dVHoZ}`Pf-@M`BlkN}&A1%T$|jNG9rCQ6pyHuFS~{ zl>x(W;!)A^f`zg;%P{iZA0=r*&*z%fp2w%N(sWlGdzjz_A}M+GX)@&vYmAIC;1Bvk ze!ZCHg0{ZlYE66Hod4P?Ku90!}UVxNO%V;PG zDa4k4bn?$OCX^Odm?l!vuv&Z7fmvkn(OR$O+FR;ZZQhO7 z{VhS*J%F(508wy3EE-U+)2uh#r2dWYfuK~*VWpTzXb*Kx-4m~UPD1r>cWXN)z-uyJI%t*9Kw~`{G>j*=|9zks`^msj# z(j@4^f;xzBz`0idzX7E}n(zwfG4m@xK!;9XblkH@MhdhVXw@bE`$*W7F^4M3pcDx$ z?|!eO@4e-TM^}e-eCwO9ue#y&Z#Mt%+tB#=>XFyY)2EfqT)g%6P2t6gc0phN{hw@Y zIkW%CJD$Ae5G*_bXXKWQOxZGj`8$(RkKO;&KX8P%6$tWp#ibv5#mSE`(A?uGu`G^Z;zsH>T zsOVzVWY$1UW)0Lt^;ZY%HecLJyc+Nuz{`1;d3Sjk?{O*$Y!^S0Msejhv#9h#d}|Yl z9~wX3gr^X^Sm7%761~fqK^ATNELSZDm&Tr~K-89_BY*2XVw{asGaFU4^r&Ie7G4MSPRP8s^~L?JqgQ?--umEJGS9VTl>ER&?v zBtZ7Sxs$n?`7x@`PSKU3QZ&!`LFyqo(~+ZaIbw<@l-glBBDxgI(dSO^RGJd09_lou;3-I5 zqg!&Vv`*|i_GCQU1XAbDqCSKpB%dSyN6t2psn{mLJfG9u z3I8?^{xxTum&2jX0FOR?4DoIa(1Tx#QJWqb!Bo9yq(vhv(m|^VDISnkE0mDYY4ylr z)-!lLF=iBI6pGm&=4!j+;{ ztv1qdC;coA;0gaOI$#Y^Cb38OF5?*^ZB&XXsB#*{XpC#C32UfE>LN1Vjb{}Rhd<&_&|ZN7D#dZw0vu3$F490kyiXR@DWO}S1Oa%lifB+EX?MqS zc015JF!yvp<56jOJ8d3@ZAh-g#Mn@b7Guj}yJBZzOblXa=tqxd#_c$jh zA0raytdYeWA_lT-Mvjz5#9NU&#F}(rPVj_-VV~Z=0u&mty2zpwuk|9G(S%L`wJ=t= zN#k9pliQIsWgeGbp&}_B6yl~ZKTjtI@a(+l%+F%q-Mszvl^b7vV*R)O`{nQbkSa4z z8l2O3TVw6Aj~kI?m5@d@QKJN z%_;4#^)?mIK&75?sUtSM-6iM+Lmj*W-mJgXuooD{gDO}D>fp@iGI(|5nzHM_b+Ch4 z6}~RgUbYe55Ls7zLm7@GJfs?8Z!+Cv-d?cXc0Y43d$;Lc^Fy}X;in@{mkl#V*blUS z(tTj~Ao4+JOr=*xsz4T2mMW&OKS`O3P}p)y7hZaukU^AmCmR3XJ`NRz>A%W24Tqtaox(5 zL**qE^BeA5(|J>PI`z~oyB6K@!ol9zkF36Z?#i{>UmI-hTYBJEotx@A)~~D2w5M`^ zoc8$g8y~uU@r>+s*ouHd)Dp^$sG~;YDaBA>YsF>-ViHJ7&@`Yp*Z`Nq9dH*s4V9>i zWe$TO2G2@xpN%wOPtX)z6+*;-1u@0>lw#yd%6=c_>P1L)KZj&@8LSX%#PU_1^`3{) zdma1IC(>ui*+tGCWshnzyIDP?98zs(x2x45pS#c>5Pa^qKgg2NRn~7X_|$GGuBspB zsQeV=Q@T|i&P~Cf!DuWj1CPg(cvu>l7}S4?{^H^|Wi5ET(EYy0Q^>0Kv8-}m4YoUQ zV9|ONjmmmYY#?Q=OYSR<`w}ViYNu--?-t!}yJ`3QhVmXnGITlMh+@DI#egG<0T&QL zWF#|0GDAcG2tATHa|~_)k^&Hy>u%|ypP1EaoO*u37Y(Pa0M|~q6hfNm^ZN{$Cc5NHgIXaA1MpiyoCE;QGX<(6a<68 zJa1v{S6sC6y}tJJ#M3{kdq1Cm7AuE{)jv z)Wl7>eS)16Tj;endZR+_*Q*<>L>mhLp!@`3G!0)B-#0p-0kC$1Qy(?Pj73aZWu5>h zq#7OFu-&mHHR!kxKA3vV@mt6H@I!}Q?|>S+GCeI#S2!xt(;c)e9dU%yw9=tS+wF85 z#LzFqLG0M|uRL8-T3^}@t_SNJgU(QXWFNwmcmB+qSSTv4bGPxr_#T2{3`vf=12 zZkIoh^tq${0EI&&1SLNfzt0`<2kj0=0Kfv^a02LbIEJZL#fj-uLE2$YryMDmLUp&h zoK8EXW?2Bz=}44KUyX#EGnEV=js8-+45j}Ou@sg<3Kya0jJ(l=Jy1%>5IuJuM?}Ek z5U>y)sYdcPmBUlDTz8cUlR)f``AG^W69n z7{ss5Oc@U>WfbrSLR2|t24$s;*-FOHux6BB1T>CVnB!E~g+MMu8l_eY4b*z#{LDAL z{dn#_kNh#$|Hs#0&o7_~?(MHynhWQC_UBytA3ldKeEBAv^UR|cw$7eozWd;m>0Li~ zxbN!8jhz2Sb#vA>jGtayHFO7GIg|cjZta;3A-?$AaK^!>VBn!obD7WI%iaDWM0#cJ z&$)f?!0&zzS@xo!Vuo??1I;NlpEdqu1|mLw;8Plv*nzvICY7>hxslW8@8lS7@M9o+@qKX$nez6K z<-6qUAPd-8>Ffxr84x9f4;I5>Fd#rdI}n9YtyFq(al-FUCPo)RpueV?CbANOtcAcD z7NHjR0W%3u;HfFMMR<-k2@yWIEZL#%Nq!)F5dB>EJgUPF9JG{^=U#F9GX7*T)>={M zbo$&uF3D)Zh2i3GHoVaOg#8J}6Jb^>j0=s6)Pvb@j%p@5Jv1#cCpsr~yK0CVGTkZM z9=$y_lzfo88$T?Z;EoB$qAw(05nhS@M)*zibkYYD$QH9QcD102sH4hQxqUJ>+0>wz zr&{Eg7u%}c&fV_V>f9QSLuW8t9FVaHoUY7ibyz>km->V+R2@uXyCI@aZkpb^|R4w4DnUSVumAUsmuI z>{YJsxbPu0bL1#Z%`C&tLtyH~cNC`;s{tNTtA#01SZ7{m-<;Z9dVRTKdTC>HVR2(+ zM|5SPqjJF7lkO?GHKna*)5G*+QCG68q`PEu30;ycn>b7_LM$)f_m|c38KE6yxh$Ve zXPN9Uy#N^k(*T{EW<-W+s;s7rDI=MVX{84LP>4|@8cU5!#s6-rt3Tt6(N(aEZH^aHm7oi3SydGntr z_>zocf>`Ed%prST6qbgFXtZ0Th28mR6yxkj3<4=KnH+Cba|kYY;rZM%!^62}pML=^ zIQVGpr_VeEGkf;H@~583{q#gZB=p^`c|$R8^vFFw9uU5H{*~Mp(DB>kgt<-~XVWTH zAI&{=Y&iGKi4$<%@G-dX=!8AFSNHD8y}oZBDrGMmx94Q;{q+M=vhlm>fAQ+~Ew4fP z*hy&Axmc4YAD^%t*#uFLp(ycShy5|qPdPp%BnYN!^% z!gR0%c2nJS=#8dDo;b{2z#Kn+R$=?F+2;CBSF!VTljM^P~ zHt|B@t@K|K7ZZ9jut67Pj=IvWlB#4?dS$31r72=5j|W=u=x+cBQN&_=Zi7E)^SM3# zphy)Xz80V$lC?0jkK!p+QS5PITH0}Sk$KplTCSpZkU@9g-si~-!*7Yk(r96!hcX%r z$SP*dIL_a}CFS@cPOUEo{%8GEJyQB9|6#5IiWNN-rz_}+3`D&DH$j(1Hn+5FU3)V<>|0Xu`Y>6fk37e zA?8E{*(eUsQjn!MCr*BRn9HU)94%P(9l$|d;(kArLa6+U0Bb5}v)N(krO-)=_T0U> z@-klU0gQJx@0vtS?WM7G^aV#@Y) z!7wW+A?9 zM0`60DRGk8i-UWo=#=kX;{)DDjgOj-7>}B@tQR6QZK5|?H`wl^x7of+-|N~(pPT4u)3OeK%>Lwpd18-j+uhIP@aSior`Q`91rsRS_H3= zwdb48zgKfEA3qzB%sEwPh7Eu0HJg!vsui0 z<=s!1AdiRR%pqyf=eUY-%+GwjiSK=H%WpTWJ9qyrKOOX~%zb@IL2Zkj85^T^iRFWw%`eX?Wio`S=B{&D=mYjDAd88(YMjp@;i#O5E7PF_iWB74Z` z!Wu^=%p?F3zA2=cKbNp@R3&yk0|~E5Qq5B-te2l8CsTg$vAD%NRRg!{w;Q&bwuHB2 zex?1D{kM_dmZ^tzeQhiW;uQR2i;`W;5xknc8};-ZafS zGdw$5ml3NLITr~HRRgNc+RfZ%(`MUd`#q|i+)mRIjuT<8L1E;KCS$RW^O=0bF-^># zs?u;(3)M?28mjVMVj)!T!Ae+(8?p|OR5F}#Xc&;hZSW=w3$w{&RW@$|q*66CxFynR zXz7gG^!+f>W)Xo$GMRFXR;Md-Xw)i|Gn^^Ul$8tS?Y5K&n#vJ**mQ-PoDE*+O$pt> z%|R--JqUwNA(_mUB|eG8B4rH-+MCK@xk8~5oGMkQTqr0n7j(8rBweN}C@a$;=HpQ7 z>}3(bsjWIj{SQzNIa?!cpdB*v%lffByWv254RRPL?3a&a>o{S(3`Vc6CWhbZ?K^9a|a}N36 zAX}(4Vfr13H^tY=mL1+-Aiwewht}Z8s{1B9R!FuNkVDAhMQw!b;{s=z6{$PICo znpo6`OZ)hUF)Q#!y!i92gGRhj(HV3p#Ue(JZsE_*i=;=}q>CBLZ!3<>^RZ~LW-C~0HkvNT#?WD6 zZP4js75yIF(LsOL0ZwXeai zv>Gj(%j9yqJ&r;p(Y6GlZ5>K4$&hP2Nv;QDQZ^r!vRz&&+fK3%S|t_jKF*TS8?~tL ztZ|lc8aLBh?{73N<`xz#@m^aF8IN&4 za2@l$X8bAlO5snv|7CoO`_TA4_rCWF*S`z|@1d7l(97JS1$Qyhs)G`U)QhKmr`zx?0C_M%rq# z;Wd+#W$Ol(tqh0TP1YiDDeZ-ei34+m){tk1^m-pX(l|m4h zq`!C>)Kj66-^m&q-H9Zm748*NW|na(P%KwainLBS#R&V2aG9~&NEy?V2I&!q z-I3F!oxQVeQ4K!hxLT_hZxa&|OBIUeG+r%($TUPV1vJgjT8c43ox!fhUtt;)P?6T_ zl-x2SG^Qb?F`l3%0s~;EiDEGglRHtfk_~#8){FWcJ*{`8>^1g!J8jn`wdH_Xg*1Go$BdIZj+nEI!-|vdAF-mO zkt7coFK2&bCIM-x(2p%uRdAf&3jJi3ioQmB;Vo);?ibC~7B>@B(qQC4IJcwD&S{}D z_s0-jK5iI6c;W)Z2xoL2_Vmr`+7<@_QLE5N=Oa@wfcqi}k&tZ>$b$(YQ zb$$zSHIChBk#;JVb~)GJY`t&zVvf9m5+CJvko#SJPr0{5HQ7oIC}U**FI|-E{}qkd z-2cIW)VVis95L=!Z{$M?#q(Q~$6rRA>&U|{sC2?O25HT>a((=uzNtctH^g_u_ZapR z?usjU^kXPab13I@oOa;>zS@X4I>m{bq+Domsf(O$KBiOIa5xk_V!=8U`m%AS1(MCR zs*9uzzs2e0bTV$YyL38v|8f$R2)7iSLq6XQ97Y9Vzu}L0n&*kP{_w?5MLk)Dd9Wz{ zGd~W7Ox8QgYX!0CF_*(@%I2JppX=q$HIZOMQWx5ImJ|>ikv@Utf4&u>xb#=U`x_ao9T~{wD z@w?onX1^n8yR?t^c5=HYUY+AFto-ooq+qaAuUafD{uXt|eR03Mmw3^|cW4u`_k!R9 zar{&>TxMBTK(*R??6>NkGM*F^W(Q0QqCmM=X{k;jS)^lgcsQFAb;NXmSU{2Of@#fR zXH>5)^x$=C*t+xN7ngX*%41AQ9%SUDS&`k&?qr{36)&)Fvlm&KrR0S=f5IDS;a$mz z{qGXqMz+wIkT6V@9P*#}KE?*p%%q)i^9aH5Sen-2wNr!>%X?s=`ZHXBKD9wMOO4EB4ioQNXG*| zytApg#OW)#x?<7-`jOF9JqvQPs2db_0Sl-SgZG-AFj2SZwwfr-{c01qA6g&)8ucDS zpaGG~P{D$0<&iZhP!w?zBZFO5R1K<}1LLepY--uP6m`RWZ95)@rJrqlWUk*eYg4XU zn7#5_aN93n1-#f*H07h*y{CTl?6xN!#OxE*VG*fARt&|MB6fy?Mjtn!N?4FFsn(zh zNE-;y$|38L$G%z#*kmb3Ffm&>pu%1^NMI$Yk(C|Zl^R(?CT z{+GF*=3tjF^+UM&)GzmM+x;MpaG0CL0Qy-_h@k%qnK!w@#83@e35u;ssPf7I&~^=q==IS- zR}A821%*O~N~JWo-N5HFU>=tOKDYx?%aI23ETrWaY#)Y8IBSEIdcpc8*|UvIGg&7W z=i?6IsHMna!YdBR8X`O!b`HsLvh$kUYaF4d#U8SUc@VXrlVA(-Fj9cS59YZP9-3d< zTN%eeLgSZ$z{{Q$a$h2&tw@-e@(x+JThXf>WwUanmde5c$JMvby!B_W;K$kJ;i~eR zBds+(yB_Tue+~WYmn)Z)dIW*fX6M0eo%Nr*_5l=l-V+*0!Ds3gRsZnCV<*dS|I%JO zqd0(gRubNP45X1RTa?PAiEbMrS8;*OlZh&;l(UtCMn(t$4~mu1D8a-L1I6idQ%7T}H32`RH=%PpLHL|UduYC5H+oJ+%=^se;& z^qDl1_VHw7jF%#LN=yC%X7gqX>_#F^+Ro5G_BkZ+0WHqd`S0h)$C{chiK(Ww@=oKI zhRulod49gRBwcsa;DK>0LVMUB)tK;V07_{TB0|W(Cje&(>tYGSJ^h@J08y=gBPK#Q zN;P&hhfQk%jyj3e+$*?ggaoJ?yFilcekPB~(LaM{${OOE$v?S$>xS|y2;G7g+AyzD}*ueHUdYl`Ib~tu8_dE7GwTaX^?G`QV zs7SgRDtapJV4h~qR4_XFHtop@dIsx7X#ZQl>~q`w!3-IvJ4D9m;31@B*NKx$9xTT0 zF3M;zZHNZcFz)jbqgr97SUu=DS1|<3Lq`hX0s}kO3b>Dn8%9~eMV$x14^Y-e`$yIKc;P>ZHMh+8)JJv zZ55Gl*>C;Ws^G25tv%KuD`Op|K0Lzv@AYGAI)1*X$%(A5Cg8}2KpUMM{#Vh@q_ebW z;?f_nlA5F_Xrfxev8(;rHCRE%Is@WMF5B zi=7HPwt}YK$xFnj+UzvPU=7Hc>%lDZGO*O#4X!g^Z+-~wg(u))^K0-Q(EJw)Vjj~7 z*2bYUcuHN|gGWm70^CD3eT^BT+@6J^2M;8^e^9=-$>oSM3t0zFzJqz zH@U<0>0A^$@{OM`zHq!^_5~Gf$h+!&xs{o6;RmCRd(TcSwx|*B>dHL@?+32{JD4v< z8mUJ6OEy|li&|P7{2%!+4@b$-~di$oXilVKSRW52BGgW z(L%O$Mzo5r0ip>7u#F(mE_pEEs^xHyb95A=BZZD6&`G;Sf*N#G<6WI5fKVtofl7Kb zh*_q{DC-*}_z5{lcEU+1`tk4MCvm_Nac$4^UDHobKQo=NOn<~9Ry3d_g|q^#KM=rk z5r2!=xLi4!JhwHhj!NO(MM)@%t- zVgSA!fY{%$C$KAUI&dbS3=C7e=;Ed?pMG*W%}QQ^2pI6Yxt2@6=+$E$ll`U@Zz0N= zOzjtkHyVCupgIBE3YvZYXCGeQ;?bR0n0jAVA(C!`J z<;-uuCmEw!>(r)UIaMZ35*w!OhL2K@i$|yCtsEs^1=k!rV?Rq9o4CDuv(ffVt+uCATnu2wLNTVW(Rs*iYJkIz)O$3p-D z27Q6Sphq1Sv-<_CkPEah8GN!A*^ClDx1x@&rv;o zd^8%FP*oL+h4)1qcDqukh)@c)`a6svolY@B3fQB7ieai!)QS2AJvF3<`}I&iOno61 zr;NmEF_KgUr(*SP^euX>M;!EMr;EkbOEX`ytKOtp#hbkW#1061AyGiOG0(XY6YxYAPH^ z>S*`^X=07bikty^bG(1hkOg@5%#hy(5scXeQQBETTB`!(@qKAYC;VSKm#JbLkfye9 z9#UA9DykKp-}ubpk&RVlmhxON>0il_ACBo?lai@opQB&^#wNOpN`3H?;u-C;ZHK9k zbHa_<20orP&6(GqA?m}{Dm_7is zh;z4yZolxNX;sC`#+L$=PVcr@IkoPHLx)#877WvKMW0u6XlYRj&|l%^s*HZ0f5=b! zUvWD_I4~-bP;+E&F;FvtL+;_t-pNLVSX8aOY#Ai|Pox%f$x9-yy;6M92SjN_r1+12 zd{vN9U^2amo{wxp8%Thg#3%#?#$gxSzG#3oX`^D`h}|S=j{rLj=#<^=GLrqKXaNga zqq}MsLg|l<2A^TbKpSwLnyGrW02VltsbScE$dBFO@^0zGD^89aS2IUi0y$=KL=I3T zDWTXhDjU;o;p?;Ev?a4OYQ4VL9Gfs}+~m$%sjJ&WtyZTkw#6pQsho7(ZHm>gWb62# z-e8lZ?l^aASygavc;+>UoP8 z64krZ)N(aMHC3v@5O4}6Owr~VHN@3L8r*)RLaHpjh+b4#1+VB)3@H$Q-=Uy(Ar8MK z4W30bf$I4@EJ2)l0a?UMi2ZziXGm!pq-ji5M^WY{D}McTsGc)WJ^x#=`tw}9vK4#s zTzp5h2}$)V?afD7hn2B#0p3OcEAUi=@~G2pMr)?DEcSQ7d%)C;^{*G5Y9tYLED~TE zO` zC>klLP-b13^mOGERh@Q*dx3I^Y6;t@S)yCwT9RH+(xGfsb!yvP?e5iO>zH-Qb*gom z4cd*mjjj#uO`Z+>K0j^2~HJH3Z}QvIa% zN!K3tUeA+-Poxg14zWiy!>;GjKS_VVexbck_ys?!J=Ko{GUezcB=J8eTwA#aH zO%i0?W>%$zS~eRoV>P3?2G4DuIzu(%4`mS`&G zj+%9-l!zCpD%p}scXs$<&mp%~!w+BV77Nm>iq~ni0XKTu?eciMYK?{%nr;uu@T3Y^ zHh@=xrBfwJl?vbSq)X7x5{o$!jUq_^D6K}rvMTlXN0g73Ae^DzR3Z^531S>hq% zuXdEs^(D(nmY4L9A7@HFE@4aFXaA_4r*$88X^&GpaKV3wTD(Q!X&tS5qH6pwb=@Ip zXadJ`aB^oI+{k(2BpM%iZ&Y`d)rx$?Ycf`GDZy?UGkWpwda@g;u`fHag&U>N?o!C9 zCNhW)${^oryn4z5lC&f2IK(@c??5R7sw!nB@&T#Qy7~mk8A|X zRh!Buc?;sX+oHMGa&LrkYZAJGspH{ij`GT4sC_5OTU~mK(`kuOT&OaWfDELH3vJ;E zirGRq6TIci6Liak?=maDVGj#}kPZaDF`}Zj^j=*Ww&=|)QY_N3vdtqt>cbn-_9$x* zusAaR{$mAUFe1jL!X>JEAgwgO#VEBBu7kJ19pGN}C&qVynlXxC5~LTg^nJ`Q zby`fZwkSsf?>?5r-l9EV2rytC%j)TPpxS3iS*T0VRTP$)(fkfUQ87wIUDbH2Q_86K z=_&op$k*)g&?K$Spx}JsCFfQ-H1+M z6Z+{d@Fq~J+&XkovrdC80fT0Aip!fd%5jW};__a}O$w~}g>hU&Y2FU+B~$?5=vG2f zNTV=)+sbqIZOgr!`{T+T3$EV+w?PNgz*}=4=B_`|eaBs0hoA4;GAsK7el$y6f-&AsB84o>Yy`dn^;p@=b9W*nhTOJlx*`q?teU) z_pA&su39l>3MVNO@Fy9!fI;DQDP1fEg*#jsmaVQ+r{oI;LVonLF3G20!q2C;fQbv3 zYXD4`Ym^)^#auipC6b6DW>{0@&MF`>#E^#Vc7_AE)YLe4Wg@_F0hlO&Fo7hPnXHE8 zQw4YfG`|TjjjgkBGJR<{8|1q)4qj+jQBGfV>j_D}Imv78@ITHln{qJg|p% zJ4BGdp={6}TswKmkra#tQWI%pKVf^S!`~Y3PA#t`_7v=m1H$c$D?3}MmnAkG|in&kM+}}d=HH=T6{%es%XH3q3 z?_@(2OXpF4$<2LknF85gTD4%Y+fCEqHMzU1B38bL76b+7T5>hK8*bUzg4Y!#e4SH_ zDB-fU$F^gGgzGFQyWZ!Hq(}Ur1w`(ZS)~XS+)C$)tPGM0TCYB`0b{?ZQkA1W zcXbo*m}n>0y-{N-u7kUf25o`qjvNAWA|p!`op(thrdFBYoiLh^-XMESewKfwtz9@f zKsy?oU;is!S{j)=ZpfhxBlCzNlXaS(zHdyFt<=XPpU}X;H>XsombM9B_CW|T@TfYY zDhEA(ZfMz9c2v@1(de*_jqHFAd(3Vqgg7~id}Tr$Vc0#=q_|FKkQ$ursV3wv2t|slt2;Sz_FH!BaL5B4 ziIO)|MB;F0NnP;W!n_KHQAiwZPESweUF?~18ahP3k=5~)P1hc|75>j0Gkz)1jz+!3 zSJw{KcBf6x3fjb$^T6=1WE3{A-DZPhe`uc#Fe|WgSYE~0m$~-GXM6fJx1CjIjn&@w z1^ADr(ML6MjuzL|wCc*0)^pg2UpFzPBX!fkO_%9#bC4=&5b^Yht6f%mhsV>4^xfuA z?jGf^2qwZ4ij)_r1%N%}JvM06w_Wz;%<4m#IS)Uu=u;(cEhB`7v+U9 z;P=P(56U;hsNX8SY_nt=Jn7P*$7fg#m7gt@MwXxDqujS$024H?4F0XMrot3Jp703B zyBtHNC(@z! zb8*o<-8ZPN?CC2;$^)%)cC`iw&^XOlp@N5|^HQNz`lk*fmubEcA6IIg5$FTI0nz)k z@3ARC-VP5}jnD|}Y4+QxUP1)|h{{T!=_5=`ceOg2fB7l4pfi1FO)Cxi_=y6pk;?NQ z=n6ALPd7lWL`R?I*6C9QYG21YU6mO+PWo`T&EbyOj-&^0Pdj+7a}~El$2%{v#T>51 zWqx9Xm@u@8C`gKq)nCplOV2{NGu0Pu=)o}brs0C-19vJr^ta_lV`HDoB=6RPz}|^o z=8eVn$jTi(cxtdOf~PhG)DHy{zpIy`ybkV9=d1l6Bc`lNsc))g8e9rWIt!X?mE|Ol z(oNQy8b{aXy$Xq?HAqrqaLf0>4lD9yxTS86vza9R^!qf6voog>ex9!(%pcy104@bL zr>(BWx3#ZE{p=5&uh7c(lP%U8$#g6<|KjkLl0x7Q)zV&~qN&eCbHX0LzjE{`=I~!f zqv>Qf9%J-bCH{b(hb*w3h6!1w{^)!(rKrDn!3hgeh~C@@3siULoU{cR2<6%d3)a?{ zcM&-&l&Di!M=fa2wV(I}t~w>!af_~d&L>+=8-NviY4I~}W;YQzV%{kgx>CwKCfS4q zmeGv!LzbYNHc>fh|LI3u&T0^{1v$=YpzM+_#|%)kMsc~yK4T{-IjgeL$*$j>86>j+7Qo`2KjAANjTshQ!c*xS9P%0-!jN{=; z_Im>m;%^qkUEntXN;hs1T)0Y@xV-C%iYciTwV`xKW`R4Fc5Xm$=0GyF*McHTW&tgg z8C64c26Qh2EvYTZxkX|_{FW)XF1h_hCfPB@th5C+#_T1zEo@vW-*`2VNr;<03Y6=Sc@$prjD%vnIQ<>es4g}h4$+r zn*-b~h|cwXRO-%v`E@R8;cYAShI)MUM?=Y~#f?#9*Ed&=xX zVMo?3wL=Z4`A83oxLm-_HRpooX@*)M%Fr*`Jjp4%}(Z zh1a75`-rvh{%)ai){T3vcDuGI@7&KLvuFQ{YH;p0?L$mkE7USW?8hBJwAd~0`LTf8 z=Tsx28|g!T{Ku?V*HhZ_WF8w9BGGB~%TM>38N>>My!vz-OX+2a0)FNE2RD~zd}#Jm zK>v!Ib>#MB&hAsDN9SBfMHp`hxo0Mb;cXkoxkh|PPx3a>DtyOExcE7t{oh0}X-|n9 z60A$%%|6#to*DShnX*l=>z&huWVKq1??2&dOh}=quOhf?3NwXJVR{Qxx@L?c8lst( zByYS)vfF|9OCpG%?RyQ#82mmwbUaDgPuxZaw=?eRJRN`Ku9y3Ct9tuW`wnk0_=HqPDZTvg3VvFL$oX> zFmWIHQuIlTUl86L=Tj-parOJG#616U-hS!9U4-Du_7y5 zg->axN`b;@lQZ;Tts+j zJ8PU!2C|v(bpvAMlsW|4hJb@tq)4mD-PR>7woY>gnYE2Ks|0T(>hz*>tVs1Sk_}l> zbE^n$YEmz#1R;bCP`PTzXAGn;C#V^!rJ3^dyBB;g;cZACS?w{=9!S}dbGCU)n$&=L z@B)+iCUUGv5za~LrVdyo554(4yP?kDDM5fg=_Ol-H6mrkb;w0?^n;}2^PTwjKw9-) z)$ujN##24B2l2hcO^h8Mr+)l;T5}ADW{~N9Oz6%@p%rR#Lu1Dz{`H-CCP#VAu=MlV zf2$-j<7d}DGvi7=mY?q6Bz6FtN*e1Iv)GUkL&fThDDo1 zwA^pn#m`!OXSNPq44Z=*wOM!bDfwwJi-oc#Z4)S}rRjJwmy2R2lp}>0a@i&KgnFHD zrT^3tY<38z>dd=+V;bLct$Awh?{_aUhJwc)-7Cp!Q7TWY^i^uxqK9g1nEV7x`?#Thxhoh8C^-iJcem{b1i@S$#oDzZWDJo_`=A09IonP_8 z7WT`hAtp^{dPUWdaBtTkPv$UWE?0yPunwCP{l?9DV4^*Kd#zyH8R{%d5ztB;NqoG) zH6lle06*rNlQ!f3I3+D0QJamI~%iotSS z@BL63YxUU@NwZ2Zfn4S$fhL^+|Hi#MnMis!&ZLp2Pm6lH?~W9Q)KY?eH_`ld`QnJH zKc+V5y8o$YNz40OqHh{~-++2sS;cA|ORU2m%khR>^{oI+EJgxNApjmG%{5-tg&bi(`{*Jw->n?319h0}Xw)@t{liKTlecQ?g z<|vKJT?^T!9y48lbf%KMZ_dvC?2J{t`ttegZ0T;?~x{gLfoOSQ$d?vz{YXWG@F*M^$Q?30JrBwgVRe6Vlh$&q>{EgP=m# zPF&wjow28^u(+oqEq7~kV|{rku2)N~J+G?}ehE~)%|p}-dnb3~Xgqei`?tPdT3W4H zL+p#A@6cEjTF5qieQha9dv2+{v$C+cu&g~YcI-7&Ky&Ta z(=Hgu)Zm_T8(pn}m5hh?uR<=bSkd`2vXNf?MDaSl7UwconG1%ua9pO3dqAL*#7dkTx= z^ce~EO52*-z|&TDrfU1I%r|D|m)9b&HzUlQMa9j;e+b@h1?0&+&3(lExO*x(uocNF zq+c=wRW62bt8E|>fPIj%t4^==w#2ELN<35_exIj}50dI*OFrIgoUgMq%KG{i69FqC z|K{e}iY%Vh)#=5VHC{54_Db{9v)gV9*~Z6*SA|mf)5Qw;%Ba5#(Y$2yOYNCV_1TT3 z-a@L@!oMo~Lby32`s)Nq?}r_42On+n5|R7y&391d(y1(+4g=G#Uw{f0zt{0$xzmaK zkyYtTCYQ_fVjJ`$R#)g__8eT$!c{O7!a2eq0;8X78fo>pfUMYT{~`M?KV`@IOix@R zK%}7+C%E*tlEV6s4WXfXdUveaWn+V3AlZ%BwY(i2ztmOGgDHq%c+)U$AlHKDqSIX+ zq>v|a4`E!ffHrJ5;Hgwa@dLrC)Y;!1!dC|YPa-sJ=XIFTaMWsHJSNMGp8 z+*8x$me9%^^#G- z!5#AJTu-u4zIE0kgT*cT-SmZ+*mOpcwCv+bN>Eh9oc(K8iws>;!L*1WKPQpwmW(t zH7%MKvAn9PiuF3chLZMSMW>PBDQxzMHht!c?*rq*@<^GdL7u_PqgMCKu^qHq_6T@I z%rrc32grMJhdm~{%%593`S&1h*HGDpl{Faq1lh*B%YG?WL(-1AL|qNSwUCtmx*Vgc zGDcTxfTsSh^u1qOUBlr*+|ZTWUQgClSMA}M=6##Q`?%K|6MO{XcX3nxs)9*4Mhj*) zV4H^|h%d}{yHZOO=Rh3q+44;(mQMg8BYog47typwr<}fi|NRE^4m&w}7KLy63d@>< zQEFEjRG3cyW!;HupQlCo4H5gP)$+TZ*^T4@hcbnN&Vo8R)I^7;uCD1ptn69LqRmma zRiDl?-5WyuYR4s(SjK1yRo50fdUAf=CE}mLWD4WpuK;s@5unQ}l`*cJTbK{nOS^h@ zMfIF3SzWy|;eZ}fe&RO~L-f_R=p%0`yW%(ylHOfBvpcQ}p z;BJghp!uvY<}!DJiqt*9CZp!fIFlwGjI{EJpjyCjzACjVB84VZmvK7iXXZo1jZia zGr@a3Of%OQ+<7q+*jo4Ev48C|(neGbTwPbWc9eHe6s0sBe)w)D%totST-|dK4Rvb^ zd2t2R|w&OmSFsT6WrIF&`J@Ds23@WO&Ak!w!ok7MqB77$tGh@TwlE zp0st*psohAieeRKoJ-h+TpqGB^=|_1>P0XRz#qwTtJ@NQ@gfebS*7)T@McE{a)aUR z!Tul?bBu53n*rm;ZelaHnMIPYwE*Pu-;Q2tHAtTs_&R9?)quCcYx;Z+xQKW1hBgnsW^O3tK`2$xapu+0Cke&PvjDW4%r@{`7 z?JybxH~=8Lc2E}wee<{+JZlxd64K3iz)$oDb?A*33arz?G1+YN-khXG0QLyPc?h*3 zS_4RdsRZa50NLBSe)lixDsg(xP6x|u+h50}QAn+JID*)(cnz;fnwkO3_&qXS9@;}` zREtm=$Rp;yH0FK=`{;&s{Gy&PWj~p0VL^xscscJ=OTiXy+(ZzwcuOctB-Iveew6ep zDt;s65loHqXeR5PT<(py^fOD@x0ljyVCKr36DgwLW9T(};CK1Qzku)jk6dt{ znh$x(v@(U&Rf1)&HYl_+llrc#p@rW`&_|y z(S0VTA9RVRQFa;Z;O{n>?%dODIuReW7rx*!vv740AE_5#fGf%^FQiA}EiVX`vJMYW z`19|LS|S{x z>Y~I^;Z%_t(khB)Li=c0;x+~MOb(E27w3f(L$4Vhz(+UV(w%#Uc8ewawVi&LR~r$B z_!dEYC7;(sH*~sf``HE8(BpPX(&O~fC8u(_=}&U$hJWwmBp*AOBIK5Lspp`_gWYl+ zyu7f@^@VklKfl{=|YD2y%x9kGdOltopqtJ722kdS4;I!pMJ(=1BQY!}p&o69#3 z8Bo)gGt|-_rd*wJJVH2Etl6-qz#5IoOns5vdk1c^v`w0vn6O$|!fiSRi<7$}6beis zoy0pLM2jS>aF_0hNg4{}D(^%}WZ19g*gS|b+K#ksl9Im}B9qB{{2~)^Z7}k5TnZE> zPI~agEruej&a5=;k9GII&~AH}*loMi*S|?JrK(mvh^SUP9}5tcQOuFZG5ur>3$k%@du&+?r%v z!99gM&GMM5Ttf@W8-bq^NbBY31}pG2O6mahGnaH>osh7C+2|@RO^Fw|_h~`ETWIPEz5k67?TV>AB^>x`t(5nkp#H1$j{2{pxY(b zYg{R7CMU*Z{h?HVs|DcRKo4&MUIOF+fIVRDQErjq_p#Kb#|J>cg?Rp`e43j8J`_{2 zzq82(aKDtaHS8+$B^A(QAA zR`mJag}$4pfRx8SitEek?D#;!gO@DAj}oj0e|56yzMq54gLAlQc)>(N26Q zIOqWw!`d=~g)*@jGjqLtd!ZI^5uo5s3{3qn$p_ehSHFGv6VCH0JrWdoY zb~bUO7qd2WHW4u~vNJaMpJhe@4rUexKED6i2+BR{h||hmWyNEs%}spw?8xnNK;Tjs9t!K#W)Mx^snQh zyAmgE;Cn`SX^Fy!ZE3oxOj1d;GPm&Nvc;Cz#!Z&jbAFiQf!tT=%Qfc<_s)fP?E?bI z0Wp_`0gSQz6RcIe<)1`=T^9hQH8+a#NwhA1wQL0 z?!R_P$gZRV>&*2%6mQYdM%1w>;cQhuy&pk{IPAd5KTb3m5@34)EWP8X(Rfi8_1jiG zZ%#ONqM11YIDKinlgB`8sm8Be!CJjt$Z+-Cx3;?XmcG%75 zi*aUZUr-{Rdwl7H_>)VY9@7^1!>AEL_8+?+(dT;z_>=y^Pb~ZZgq-~dm2i^{W zZ&=LTW}`ExP&hBk`_E$PO`5 z>_#xXmvp9>_3?2_6K#KyJK!6RC;@!lH*$2oes{VoZ?m@9VsQ}qR84!4k%@(Uz7)1x zqxog91w8$MJ6`djR#Qh`Tdmo$sHUr`X-KQDWJ*a(Nk>J)kZBwtz+0ZrYMW~ozuXSI zcwz0Pg?hf_>h^Z(lb*lR^EUxw;ZbIJQq6cxR%w~iuDT;z=n2K$Po!`7?{y1cNVRiJ zq^SntetTX-;`s|@dBI={G;9txAach-iv$QypI|9D#;`jWa9j8`>;9R7l2pZn`dlOd zyGKRS;Fa?QDeM!2s#2r@r4R*bCeii|0Zx2p4y`g0N{V48ReA{CGFZ74k-vWBFV0`xK{m!+dQLD zY0B%sA};e09ZL-%z)7_kSM&bmw?$r!N}GVEM+lxT9VLDIvZwH>F3H z)I2V;-SZXP(;d!UEN%H3ouaQUH-b?rZ|lYl15;d0OT%q`^HfDi#>f!2TCF;kUvOPU z*hf5VX2JGkTY2p2Wf7?Q#}0eR5RtzWLI^lK3dB7yd= zv6|g>4V>pr4!Ndhr<4Tqb4XZrEL%rmf9~GdCk2y1xl!N2yp-mSXdzAO#VRWOhER#a z)kb-946PW8VJ$qm06x9i_Fn&~ShZ`5h_PQb`6ew7<$d!#32wDmUj`f|4Oh+C% zxU+TK3*ik7Zurqq1nAz(QfC0X&8T8iUOAvskJ>Xa#2o?CBe z*!gt4$Ge>kbH&V2r<4uy4N^c!*K|QrDqAJ(Go}>ihQGUde;c?`HsmZ-%h#?l>+PPX zm!UQXC0d|@#nf__H>Ou0HmLH~rN-2xQki&mm&ac0JT$S98UrKAQ4yYoHV2CC1m<&h z)tH`;&0n~WJ?N$b49xRC(46r-s^l!+dTnpjRk$<}^iH6Aub(Mf4|bup1^|Z&gEex> zk<3q|ckE`wND9&m3?$Aomd&91_}U%?UfW$6m`_QvAnM zB#ax^KxEmqGi|ZH+D*kn3Jc)41FP_3)A#t-&=GpEFI73rwry-flZ^Fxg6) z6c^{Mno_5oX#ANz9n3lGyGJ)Wv*z_ka!%YjoLUpZ`C7PCbPQaKFFtH+41*rUmN*wt z;!QlYE`0N96i+xRZ44VTODGP_63}-|Tq*MZ6uyQ=L7C`Bcl-&$UbeHg>64ZOT=ToF z)aS+Ux#RJ;>hB9erxSzM1MrO_KUUrGN!)a=@V@8?*lHD)^SO%qVRIXj@(WLJ1?;#% z4(PX29HWmr+8ThE^pOz_XZk_cp~VRde`K#ic7VIxy}G#w+yG%EaL|LSng!YVJNXhd z65@^e$x`X0uf`vMgo8+^3IPZ>QHKKtVl9+&0K`@}g$zU|@EJ8KDKo^;4yBLG5MbFL z-HSv+nBi}tAzuK*MmQr4#3l^;<^zaM@SW-(l^61<(OX=n*Z{c-#8@ueYl2q$2o9td z=x3Agd@I0#$yWuQl9#%e+-+{nf`?_caTLLtO2_0kG;JA4>aRW7aSJI zQgD;)@cbmPLxCxfHe#M}u`*8ulCA`HZ`2n;>88~;n01te2F$;>nM?#Ws#6o<7kkES{T;JoL!^3bdrg+U zg-;ui_IxwG9Fu#*$#C!;U7U>|j*_ruyhWVj^r_X+%j*M&@m*nW z6yc46EaGVoRGcTjs`Ecf?XYcL?n9QF(jn^HnRdY|=z5f|IE569iOnIRHwgcFHIRvk zgzk8_le~E*-(aEBZG_7LJWvtWHADZR;c{ZKjahBen?e(QA)G`N;8wNw^Kc6?&WMZB z^qI;0fi>6Z2&AQ^3gKavQ8!VM=`cy zN$(kt(()Y1BN|Nq<>4?cS`;@zh)zF{I4oLeytfIKGxUn^EX>gn`T!R}LGIp}6m_~C z#SDMvf$ZTiExJ7_MYm$e7aQ4z#B=Wxes$veDbG}8A3bbXVnbl32YUh$iJLYgtzGxB zWY%`zp_&nO)^#vYg?;?atcsFdNZK!6PZQ!{GH3{Ey?b$Jp@#|Xp7XGx)Km61%SQ1q z<`$K^pSh0)!i1OYc(V4{aB<{(P@|*mfmAsvN_C~nd%89Ymxm9!aiXEulq1|d+lu{j ztje*F>fkjyv-~v>nX)kR4dcj6P9aMV#nxW9nuq7rO z6OZJrJAP7oBVEVhp`i1%y>mq_CE}*bb%zhnqy_pE+M0>y&o8z~enXFkv1P9nc6oq| zCzE{-b0c)e6sK_`xPPZ>HsH(CdxgN3_TD;B%^IpDMx#2@W5U8@ikc_)M)%t`n-fwa z#M1jkyA{aDduBHHkx(zdu)Zfc+($_~4mDtcdo|N6Km0w?TZZQlVD=Lj~zrrRafY%4HX^lO42^Cx><}v{8P9 zdvM!7vB8sJlHa*Fi%uZ*sAk(qdyJja9}jDR&mF_{0A%|6*6;T{ZuzYQwXUtlmdEGp z;t93RH#ArASh{9*e9}1l2s}>L!%M_p5_PlR8`wTPZ_JiGOh-P2D>#w#)vP{V>Ns&F z(LW+PaT$5h0>tvq-otHhZXQl08*N60a9uwPZeA4|er%$-+4|YF+2+}p zc+I(+Q#Th)_!xX0y-W?yRox4WA+o8gv?ZgP#Fc5u^V~S;^8-Jr?z==umo636#<%ri z>@-{5MBp@|v=O?AG<~-6o%TOUwO!r^N80ogD>a*~M6#u3I@C3rC##gGh^rI z(D)P+DD$+9+gw`f2j4$sLfl(WZBG{cw0TkGM0|u%cakk?mx1n@$6G~{#iyeRCI1? z8P+G$)}y2)Ye7Lp(Fl-8b1uh%I37{08Mip6CTTlj%^xu_qEAaE*aU>`h;z25A zP5KR9HGZh3EYF6`S%}F%y@@cDo7xC`sxU^0n60?Nh@-

      Ru1_+U zy#M)Mr9C6V|0nGk*;yFb{x5CM%*esa^xxwCs>{P$MRb`#NA=~od+XZSQ~sSS+gXS! zK0X8?yeI%<5M$XNk}Q$TLPGdiPD5vaBCs`|nTd`$aDu{C7&rm43_hA`x|M<9fGI9E z61s+2aoEsaXZ|a@!iyX7bdr1K!`H8~=f#Xp)urNm(RI39xpcY<(x>aout*#@T(~ba zR^bI7&+p9*B0mkGKQ-0GXWzz7&J%do4M7R5=3H+pU%$R#&76mbXU zUzDTt*AOQEO-)M|1K{idqa&1I|`Vyd%}p%8l5tDV&w*^dCdy4 zg!_hFmO*{N=*Id6wh)kN!I7@y58YDaeUh)HV~BvB;>8zx%_{bGLFh)n5n{WN@CmBt zPi;=jS~4@`$*>^Pis+t-c^eksvlbwKE|tOPhI1*h<4G)%+e&R_wBmmO;U4;?VF+>^ z3en!;$aQVls5Jz`H0PZR5N|%E z;1dFx^}_H8#(j0PWqbSuGo-qs)$x=;Hs^EC5$Z&qB*KUq6|gy=tQkbZ&R*b}<8uMb zAb3J`1w2J6M|>cc#v>mUder3zK6-fvN5xr3sw)Wrr;z12mYoUxg!o4N^8CJ8&y-G4 zMI-a}=Le}rBgqPj88*Q4kHTK19Z7lA9cJ#FkQ(C=PaUC)+1_D2(L3w`_59NkAd8|l zr=Eydqd72h)KCCDci_5uVt`)(=8}vyeLjgl*~gn+xgm+|2ji}V_{DpM!8FRl3tz=w zSwH#GW!2(4M!h!WU&CJcD}?IKr4_*25qSf<2hn&?>HE4VYg$exgy{S z*A6%Vb%mj7gvH#3a{$v1rS&F@gO+Cc=0OKy?`8TTI$ zcNz1(LB3&fg3UPGtKXxVoiMclsE@1K!|I?GyC4>qekx1gh=hbq7|s$MPos2F?7Sze^G*=HHt!oCe!BbjlHt8l!0d$dQ)# z`xt+9sKz9rN38EeB{!1ZszMi+Il<~+SQED~dbRs!Q+iW-(`ys+TH76|Gxg;@y)zg7 z*69t^o8OQ92k|GNK=H0%AGla;Ex%KZv*p?sBt-aaf%;CBGfk~%OpRf)d%lmr(pSrdg4rqXA?ZJ5}eU@DD@%m z=5K@UHHg~XOCJA&mi5TMp`b0HM4$2}j41E;u5YOC*wZfc>_HJ0%QO2qwm|I3L6{)@ z;vUhbJY4_>6Mj)yv=_c^%yQz7*g##}zk=L-HDA_tNYsOgIq_4#Ra9h@>~S6wD&HKD zR~r&gc%puOkV@(i&A-YTbF8fq9m;Q<9=K11MxAI~Q@l`({9?XiOZTNHQ4ZLb{?xP0 zW#sjcHY$q`euI^WVQKl+-?+23X-=ZvU`6TyY8D{bt^lqtgtNfRZCVr#{)ajcj`b)k zgW0#6aGrtSkdeK3JrGT+H*K?py8ycxA}+yS-{G-9}r{}n{!!MBjm zh2gms!p}~bvv1?{z_=7TuX5TQK%+X1G7e=8iZsM@%B9BRnmwSGWyj#2D!cnarej8u z&$4~Xn?qK}Y{t8z7ICAqT;iIOwgY4btNMZwXU*UW4&A-|{&f zCS9KcdL(%dkqQv15U_uqZ%^+V$2?J$$yMWPu4*c3HFq@ZD~fmv=!9(J{Jx~oHw`_N zm49f}l?&TSwUn*@3z{^Sw_?F+nWEI^1XB2Exszqecx)GY=ezTEB46a84*?}~0F_}x zgfhj6O-{zf%yMTvNnlXJ1d(+Yj**UA@8O3Bs>q3n!k#DD(;$Q&9VsFzPJ!k04jFH9g4jhCUr9S$(eWBVv~7*d}3|2jfN!!Q}q}T zXtyDF&*I^!?dIa7WFLwYR^v8uyg3WdWI3>4pp3v`RSR#Y+r%FJk4{t14}s2Xf4TkL z2PA22suAniR8aRz5HX*CnzShyZ9ZCpxeRQ8=mn8=zzrXUh^5!kL#_9oRv4q6$)y3N zFqM!f1#*lD$fQ#R&Di8I?ELSV%hN$|n9W#d1VIc4^MPhSFIHHlK`7@y7A#^Y@YAok z%e{?4K(`=~U-0&o>wsiCrY#MYvk^m{N>Sw!du5$e2nQeTa^zw~ZiL7p;{N;{7Gl(_ z5DG{G3M}a~Ooj}T0RzMCMV?$OxJ2y&r3D{f*$VTnih>mbz+zGM_9?_9x*T{>Zb{^N zLgZV2ddYfHSwq90qJAa4Srx))6&X4jHnSqry1GoSiw$@QYvcU=S))6PxR@%SNb8Vt z_1>zp_gFCcIhnb$(Rt8}s|?+YzsKRn!NM(Ozs)di*o-d{Hn=gYBo*`vAMWK56bLQC3@-w3 z1;zr;g^i;25rvEx&8wMtK5A)OI=I%eZR~N_js)_W+qJ;2zIh{nH?Z(a6c5iFd>-0bT`iNr^@l7ro8=JzS-Pq|X~{dP%ou8-Fy#Wy598W+0X6Tv4&m zGT4_PItmyQeKQ;{>PqKnB2UU;D?CEr27dFwB<&6C{alcQTZGHSLlXlEV9fE~%;o{s z!Q|8A7vHiDZGbE}!UUEp`lU~#`$W+`qs;6b$LPdBZUq3%SkJLl2 z+-4b9WA3_xs*NkwN%wrBobA_oHzth_@#C@L=i@m7tgh4jQ7_GYS>r}KPG_mBht`3o z-s!?U%)ZHYdzImbw{Z)R_7X-Mrtf*&W_CK=$#uv00{29}3kseH0ooiR`)bMZDA{r zUvlClLrfVb+(*m`$v-&IKvOPoSZvM0;zCRFA2zPU&{;*6;MnT)8y>3;mM4%<(C}#i zjE`~*z!XLp?Xu1++x)SRMs_gWP6L*|Fe2qj)JssTr6}%Q*qDo^>_UJzqZ1p!84OKR z6vZ+RC$G|mg_>7vu18%rA5lqI_;i5Ant=E>HJu?U8CUBFsgl58weY=fhr$tvslkJ=?x2uJvZ_)1K& zm8M#*-6q$KW|i1dwE1Vw^h*sX1EvZbNK4}hx1VSSs55eOBC=hr<*PbbTp>^`kx&g% z>6Y8xH_;MDLur$LS*_klmz}r$*EYHDp_U|BBjVni^Mt6R2BZUB>F(qwg1I5ddO^q=mH^vY+ub)%o5%+^hXd! z8~;U2Rub>U*h$^rb9v4)q_`vFE`m{Mp3R3<(O1sEr06CiuO%_<1xrJB{Am0lWr3ZR zc}YR>tY1;1F)k0(^dQw!Ew&7ZRA$UBbX15f<7v`PNr-G57v@%3GykD7^ORg`Ev%tb z;C6KE20-!-m2|jbD9|E90N@>f>q^Lh8b*ZXhCo;Zv6rWBQT_^?1frr7GOeTv8l##9 zSObM~NW&Tbx!fhco2h@AQm;q!`>1!_IZnkE+a`#5R8G@%dlPm~|LPXJ9Ku;X*nHi% zs|9hG$!GK4Xl~rV1MuJmr1=zc0I`_M$r}ZQJx*-?R6R6x49oCK9>LNOC)+PFPcvXizriM1Cs;ImSF-VO9x7lNz+4Q`74FeL{EGr9Uv;I zAc!KjMW_?NPApZQEuYAskWzjfFyjOLrQsyT~d`(yo8V z$RB)Hn@mIoigOI$i!;IU!BJ);qC8QufF2ZWDje~W$hP=TGE=gF2;oZ6XE(O~3+8#w z!jd@K`dy(6fr_NV!jW)Qs(4Y0i1LobS9`OXf#-R3#jiBkT++M9UHT4+iHO~kuyxj? zU#-v5Wn;@W2ff#`{$le}_!)TkBsy#B+8&va)?6>Xp%>42iTa!s9a4IVS}Aoyog=l4 z&Qag4CkSHNIkvIrf~DLSQASh)1sNozsTspQl2%&u1!DsvuXNQ?WifEvpkt6VK6F9G zR|<`k8J!gN__2wEcCci9?@dVAamji>1#SY|QCV3&(w`~PUAiLWwtJFBiOePe2?!gw zdAHhqJj#8V_}3#SEN%$?>Kj+?Vwx^uJ zJk23VPtW(S(?qWCox2aCC1x%kraeeToMmd@^mdYe^Qh|Zh&<}Jq2 z2TmQnTrbvSUS=BD%?i?XybT4T3MNYNveJxbkzB`W`(R^66IFi(npNXT_zUV#C8ZrF zzrVnpmfAauLVsn>LOBM)f8wP~#5Po`B(Z;@8>ULE1vzYo13ArY+2H?r*u_^U(lf(P zP4ckBWrUfU;$`4g!L>vf7ype>sm)9}&QH&YZCve}Hyh)s;ws_FmnwTLN|nPeEnY}B zXz+@N)C{FE#Z;p0vgcXqqv07L10k*t)Wkw%`8$zb4QMJNk9?kR1u=%zwASa}djKP7 zYx%lXsduISFupX!4fPxs9`{`PF?2n_w&`@W#qRC2BR6TI&60%ClOs$+-*tO&vh9AR zY58CyC~+3{uo&j&g@AdeTPSCXUzhgHtx?IGZ2Um}mXzUkg&!WNj%p_IM?H!!W`Nd` zV><0xu|x?OV-hxZg3>(B?BHsxqd~Ie7a3$~$8N+tV}51eY>Gx$*qnkiE~A>9jWjKT zG4vF@FI6!%C0SnVoHpaMiL%Ju@UNpj)8z#3YI>?Y=+jJ)`8Qa&-qc#hO&%s?UYMGc zaZ|czv+!dRiS$`}<>=p-qZ8@OD?#^1E47*bOG;ALMM7eifv|D-am-OUIzEl(`c*)V zv_zx1ChR`&9o=?t19)!&Gi_?9Gj@CCz{J4R!=>|NC{J(Q9|@(<(oBFfV9MQ?YuvF= z_OIl%+OrW`8>ZY=#%8LQ>FW$AZoinLi*ZG2GZt9URpany`+3fyBNa66`j^8`>SAX8@Dz*rlMn| zF4?nGVa@BJS>Wj~CwPwBQJ-ZGnwPk8yQ7LqYmRIiNhz_YkYOm^80o!7c)H^Fm1`G} z`v}kcLsNNhv4o53?3LfK=1^DySuvw z3jsoa;O+!VaFU=2dS}=>XUn_qIp1@i_j~T20~B4oYSpq@wYq0@PnGtbyjhli9SwC>06j^&SviH4|uwp?~c1B>4N}UH+QWAwREyT*kDv-Z^v|bh{ zsy`e(nvc);B#Wi3X=f46DdJZBn@G#e(dThIXThfF|TK#b{A%(j5oi2MMC z?~8Cq%EcfF1Rlbnn8XC*&u=n~tF7zpwVSCM0QfA#d}nMu?0{oV`HhA(s-3%3=P{22BWeO6Q1zRUJYIo>~;N&=+S zsw&?T(5O8_t}nO~ec9*|eEd@>Rm_a;0fMSt)oN}ZY5k-07YY@P-J(2?(im__SQdOT z)ypb)W=6`LW?tB}N60ZfZBlxoN%oXXmoe=rqhU%(8c$KaESF^)1a|XAag2L#Kw7W~9q^gejQ*hR0>&KIsp+t~I(oZ!)IAfnBek66b z?I@_;yWRIcv2kcW0M6ySd`z+2@_EtkiqCmLPQztXWq;#qH0jMyjEf*|$LWSrz>kqg zpnNmY1*OY)SPe=s13w6LfffDHS2v2H%#G1P25%^krn-O2XL2UCA{01 zNG-T0WtlD^m*xM6EG(eyC+0_F0{3YFRRQ@H%M|J_{2Oazq>QRf94%965)JxqBL?Q4 zEVQz=r>DA+e6I(e@jStOk(z_~eR2jbtTuDME!~-5)OEUBN6`4Y@deqpXk!!RR58?{ zutXK`tnG|JQnDth{~Lribqe-z808%*r(ckLlk~NYiFigc7hRq23`Z_l@EU`??Z;w7 z2d)CzO4{0+cOv2#TALdzzf=LEgcaPiEjOrdfe|TBDHSljG`g@pPu$=9d6215z08%7 zQPRdO)Dy`79quawr;H=P zUf!vwo-dUZ4bD6V?1%CypDL`vx89?7^&NVGuW@TB@*c6FnQ|}0^wh?n zkFaxy(399OJD@UY4##R1s!bP`Eb%wTz?(61E6^dRq^B;Zv$KdCt-U{BDUc``_*Pid zKEp&ihD|#<`Z0v_4WOOAElA73$-{iE7DL6#i64y>yY?l)hV^n(izO|2Po3FEX+at? zV(aIDA7bd%9!(z<^za3$j)*U*xIF1jul*z$#cu#oSS?^ZUA4*QPZso9@lbV&s~%Np zqEAaF%vMYC#dZI#w0$S9xkeMEI`t&*aP&3R1Csey{B#Kbb4Ji^NNcdtwZLs9sTfyW zD)jvkh4!eHC5L#)!DGJLkF^_~x)6~LEA!1$udDolJ?5?-gMOyQ75r8{2YK@%pEbYl zpCP1}T#bwcklbC7{ZNzKjv^R|(9y0rUyur{zv?mWa*FC`9Q3+T$zU^4H|pT^yxiQs zjFGt#&7=R2>=iQhz|T@**9-KGu9N*Kzgj8w4@C|-oEm)v#d@8GgAjs z%LMa47rs*9EZ-u@iv6_x8FpUp+gU&9=L?s~o2+v~yYyA`Q=hPL^GEuTL&WVE#Z*#z zO#v(fqT@HTtZX~OvZG(jqwO;KOQmFOW}mU*H%d4*c!&>0DqFrf_%V)2D_Tg;B918l zY~^h{eOD|f#Y{Gj{)2y~pr`n-m$9#KK0az38-21Ct^XV2u78hb2r2wG0RLcbX&uJ$q0{zfxPu43G4mMn6wM zW|>Zi?^vjUtf=8NV!ODXo1@@_htz=m-mh=v(k#OEjA}Fsaq`0XU*=m z%4n4lk%d>|4^f1I6Ujz%1It~QHFsNwZxRO+ecm1fUP}7Q*(W`@Dj5_y34d*R$qV&JG5YY_8E+Osy2=rvThX&=Ocrggf#pvqkG@^#mS!v3lt{j#TwGcI%3 z-1vN)%qmXGpWZnvh9J1;T;OX8l{XeT95_nZF*TK)A1zTZ60;x z**FenMzV;_je+C)NwagH?a~!CU&&x3FDnv% zc{OFrNXD(K&U0WeXu{jt0qzMnsJY_Yt+}$9G)+-81;q$}y1j&{eILuNxWC5N>q${MKB8QxR_HFGg<}{B5u-wLPsM{@u zGH>>0`>~S;Fle35Cl1c!2!C5o@!oZbS%jNQRHL~AeC%aJ#(rFwHe_Ob;`V&#dByXm zBRs^Q_cJv+v(oOm%+<4uZVtqwaS16-N>jEPEW6&`xO9M5=c}g>E)Ah;MG@NK_`Pro zj}cIFj>cehtDQ$T$X5ppnpEPRDV zHl4=ph8Kn3LVm`cX&%bW1`x`I)KorFYm?zsa9|XS$>7sYs}8)XcY|C`GRqHkFaSM~ zhm`3$&6@R~E94qzYSgnDFk316Bh@|uOi9hIJOVy&{6Mvb_Xynz>KQO_C26)`&izQ_Pp>0R4z0T+3BGz=R*4t$ zeY-X5@Uzxg|2(9)Q9*&@+OTY|0)BopKz5VCW-2%9f6^|}K%A`JTCV(j_z=-IKehoG zxXD$OHpNX~TV9_G3gZIKEf==Z?FS~x9p`*OCvG1y2UZRSj8wZM6osJ3=JK$xwCM!cJLS{>?E(A!i#fZ_BRAk% z$IuIVipftYZUIOBch1+%%Y}SGT#tUli|gQ+@k8Wn=-^Co1{C4JTD7dZpND1y7JOL0 z;@p&VIBBFu3R-h!{XAF+YM5+&*V@zC?>$_`Ezmj2w*83ytNZE!&1i|Zb79Z!@G2>C z6`t`s3FU{+NpV9El}jJBf3jnaTV)^_p(RwaQ?^&524`zM0SaI)$VpJpiCzC>Pn8@~ zU*%HRMik;7B2s>qh&S;C@xZ}Dox~aZ3`*T)>aZX0U0Azk_>`O;mfy(W0IJIHltbv z3{Q!a1yIKysf+s4@rj>KlkAVx->^ao{%El)T51fB$dul>I zvlxd{qQss;H!)8R6d&VXA&KqKjMc%sU=OEFH5-;Lc?Cg?%Sv_$f-WCee1$jryi30p zg%Q4FnERzu;h=VFoduQjuFilpp`TOYF4xWsZlhCXM!^IVLI;U=D7Q}l`nVsn%qc>w zxQW?Rv5IYGntWHMog!m{0+MO8m<>+pIV0#3$IZF|ef;6qnq`}|qxvDfMC-dBtwQ+2 zndzQG@yyujaS|&8{f=V zWWeXC>s2{TaibZw9`>9>Y$wWvXa=cP*}fYZkjzsdz`d=$YhV8=i&3+U(GfQV=0VM# zBYACCggT6fSfjJ24NxmcaiJ+c)hVSSl^fCk6VV_0FgH#XGUM$*XiG?`RwOVq_Qf6r zRmo$TllABkH15dY={$=hIPU*}E8Jpy=}J{uP@j{jrAuUvl|AoMkBBi^?%H@`{D1y2#0C46k z!s$9EQnT5$!a+Z!sSF|%BdVbq`W_v;@7$67@uc^A%lDZbhROV&G4=w5KGFgq1V}fj z6@Z8K&k$FVVkJJ7m4ng7QKv(zCEH`+4<`pd6|(npyC+VhzI{!e{MLh+jkVYVJetS| zLXKwZC@p=C>UnBAc6MuEvtvOx7m9VkF&}GiUFIOQ_{6SIo4HOS5|6kE9#;lG$v{S8 zt*W5MP;R8JZ<@WpxII9-{2jxTQFRf0Ww%jvoxU)w9dV$%UmJx6ONqgyq(MUV(;!z$ z3qC)L9crs!6j$emHN#n2LDDakFCQ`JZq6kaXdM2ut@a?2Hwyxhkn0Spv~AV^86{J=A7}AdB)`MWQT8&Z@gl$EB~VDQ|{E_ zbG_){kR45(}(V1I14y4?|gP9vE3CPszBUqv4#2=SZ#^i0P5wn z8u{uw?x!+~hH$wUAq9a2a9Zm6gYu8*Ds+l;Z0s9#qL3mal zS~*U}V3x8ww+0Pz(oEaacJ-57NvL2DS$?3p1$EqXsapGz1$L3Y_B_6gv)A#QsiHRA zO?gj97G#SiPa9qzj42sfD~Z!7^70enS-TgVpH2FXv42ukPD$km@aXzXHhJdUGBN+PbvQI{i666oo` z($dEHvPpUB$a!U#!u^VuWf6Z7Eq|EG~n2TNQ##zWOXi(A_286Bv0a$O>G z$Mq))ZMF7tz=Or&>0OM?E|Ks^pQ`cc>0VWa-F>R!_`vu#^DF_{??tgdvVm#N{%t(B zBg|bf0V_AB%l*|}hc7n9TYNu71o(bZng8~vWo^kXoWk@cce4g@6+CfOuqF*g=d~A_ zeuAuu!Y)YY>Y)Q-sI-=qt;9+x(D8wBLNnP)nODeF=sJMU_D9t^zhK(=1$V{5*fV z>}uVtI?PI-jB;|62oc#<-R24U1c5t_G{bA_@aQW2VE4s9Q)nvTlX2Zx_2_E>wUGls z^sW3)#)0z_&N#G-iF)-BkzNb@@C5^syYC;1`k7p(Jr3IpXtRHueRG<@A8@(8Q4(-H zeicPVVdDGAH$?gNI>U5xRLuWH%8}o8->Y_~PQKfptZMJY7S0Q=Z_wnr+UqyQC9Dt( z5nmHWMqPIAI zg^%Gom2d8Bz+K>MuvHUhj2Gh7^8QjcE3!Fr34&>!eI!W7*7vEp z8hOaUTPf41I;8|Q=ySysh~oavcEv#v(abI4fx7_(FTs#<+^X{vw}p`BT_u9q*R%Y) z^|LW<`i7&f`gbQrDNVtxl~wUWf__d5`ikIT5E)A5eq*ud{>M7tc& z&=(h-tJE=KwdXFio?kzTh;;uTP!nlQPGso>trT?am|ifjpHuJw-~0@`0Coulj%zwUPR?#kmc)zcwPsgN0jgKg5;3(FgZ(u{0t0v39 zOfV#VQiY(z;}skFoe^g5-KlQa+x-EzXwR*|?2hbWuKG#U%dfIbG&y8$Ns}bRg9Gdc z!h5u|xK34$T}|r^KTf_^{ivt^>eS|P%=3L8FZ^}#x4>xn4QlEb*B@aO#5JlsFUS=; zNMgP%Z3G13PCl9LAD(7UI&NWH>eOHXf z=BNCs=XfJQE#(Kp0p=Q|192XEPlk&u%BzqoPTy>-iZSL?4 z-~_4v2Fn*cA=aU1l}XqYpj4?8vkdeTGlGl3T6lqPNt~4rugN$oCC4_dKzdQvg(_h@ zwj`|zVNKUlnNnfywncjwM6(6jd#FUb49GJVA8WCB(vzc(FPNr8iIAqArn2-tEDK@e z9L|GZ7bf}wS7IFYL>_oLP>b`eCf59k0izLhuU#U%D^oYI7VC4`UIQG?u~>7m^vrs< z)0%d?64DfNgqG!xgSFTy^?cpR>}qAzEv92;h@W5Hl%VU>A0rc0T714Ds&5i06_(Qy;Hwf&%R%-*={e7AWcYN$F|A(an`B$=J13#$>PAm!c`D3bdkmcU+cZyoFptd-aY|Ugsy8RE^gM zM|I(Uv>m&{Hk^)a5-5A?M5SJ6Bi}oF!(DzA!H_A6~ zJNv0(Sx0tLVW-Mvwt&L*VbHVP%r-dB&93*TT&?+D`wNviG0`M(MIKa}N(2UsV?Lr4 zV9R*ipoOiN(aw|^>C_Omz&AM~1{=XNDw+~u)(vT=98C1PvuJMEaLhDAxikvcvR68E z`dYJs3woQMi)4IB_K8Z`sscqvNn+ZzY&xF~ji9feWN#qn#OS zG>wY2zEHL+cn;Ywj7Xa*R?)8ox-ir0Nv-@3R&9}o^Cq$r9<$k_iN_66PD!MBp-rar zF~o7YOot+iy@XG6>O_{=Qlck#s5D!YOcX-aFB+B!bqkagmlh7*n$pD!@(8x!8_acI zlI#cXg*6>JNO9g6rZ(e#Hcl_pXD0FGVNP0{BEygKp8s%e+`>X_j5S5psao7T-J6>H zn8QS2l9H3Sd0;<=y}F4j)2aD_1}ZgcQPS&_qk&SZiL5S(FUrUn7)c}U$E)$Ds#iP0 zf_hHMK3AgxukyDmYh=hRY4`JTp0=H_ET9*VGpK1a=iFp9Y@zCMEa0c1JD4>_aklQ0 z%+TY^?JgJHtkTbPni?-h6J8$7s~w87~mt}&0}2p zcMFWXAJPhCRgb-CD^^f`+!Rlcxbn&68dP0qy94+)dHgnAaXZx*;vhjbh$GDQZ-cW$ic;+^291GIuZ zu2s`Y3KO~FuIp&`9O+Ce)#A+zq=p_i2PVIx?gqIaGh0>_=W4t`8yEMz%gJ)TyP~(O zuU;eFi^>jnCu#4kkYqLgPFYvY$};QW?r|m&$KPJj(q6$gO|ZL%*S=&(_ewkO?f4yh z*$WRkwq3igCA3eUnb0?87@3&xW9R29Yz&`!JbPy4ZfL4yL>e9DI~Qtbb1o}+7};BK zwItO!=u}cC`IIfInPr)z2mw!xi3QKio|?7Oc%oX{50`NEhoX+UVSoIJg|Txf&ocI& zF|$Y2WlICTZ*K+l#9J5VH`=cu5q>Y)Ag|uAPt#xawHZ9?F4sziqe33tyPUz;=b=J7%RYP&6Ikk4FY)wgo5Kp?X0m?fOQ+z!LzT&`FR0*SX+HA| z5j4NFP%q23Z#Ee22XH4HJ#uxG-S0Qv<@yrA1F!^QV6m!B9v z53tcQqS&>!wA$I(vn#4%M4vhee%1KkX~AIq+q3o2xAKIwh7WeWuJ9{ZB_0_N9AUuK zT>13oy~Qle$1u1I{Pa|i@UzLA6cuyr0AHaO4%O_>&MQQWPLb$Jy7Zx=^bZZ?z%9`|SL zJmwabP>*=~s61M3cw2j~_=nMCc66#ZA<0*?VSMi_1bYriWb_R2tV*)ZC$PabTZajJ zPqoNv5DhBPBX6E!G0Kj(sEK7c1fUgly(vdaMi=SHzq~BXd^hRa`|d&%3&TtkPyWMu z+du3HKt-^Quy-W9{P!%yV~wc7oo&3 z{e+)rdtXM<_BB$9QZxRV&eI<{hgoR00@XmDJKkEg#!3qhcra~qS zuXsZ<)=P;w#kQzi&?kN92CS{w5t@XA1jUI*7%iu8Il6FU{agfPQ)vSDr!g95| zuJ7sL%oIg*y}9_;rVwAD&reQ2o>&h|G*{oA>-Q>~xHw_T1NGm^V-q7&!3EB8fJ zV;A?~*(-e_jM?pxJg(IB3utlpSb(wR2lRZn8FE?tG^9w$x`#4WsHxB)NRQWh?|n~v zk7SfJ7y}PqHQPu7{+a%>G(Fy;#*W72+#7=Sqfbt<>CCYu{pXZM+U@hSF~pxwBbu>E z*49iBklxV`JIK$nnp|xZw-8#5(V#UOia1~KHuK@!s z7Ge_}9V`}Z2zcbdhg6JJ>GXLj3FCAr@_h-`3SiZ@i3atNNVerXcw}kdO@|$RxvsYd zVT1`bagQvwWZK_o;RTEH7a8Gfv0OD=%LqMo6Ye2hXUCe!;O|-YLvou?W>ttCi$nAt zw6W4Fr|i9o`jVf;1q6J}6T!liS{v~F)}gd2qZ{XmB@6#P3Cly0AAOxLWQ>wwQ0QCc zi*3haUe34{b+`~ks4@p3Pz|=Rw6<7ZA|BJ-kf!$GRfmWVWMH9fjn!6)NjXqCKR8A5 zMkqc%ep`Q>AB>KIH}Hbb5b3~)sCGUgY=GjzkEdHmdi4_!siWN*KVDZI9X_zzByiMJ zf+{2wE1eP|r4D~eEMAibhq6R@5QG(+8^T*7kujG$f`(-h^o^J)1S_N#D=3}x6LK$l zoaNPZLkE}R*2PxK0H(BvqJRHn%77b-U)*(A(U?>^<}TV+tKY5(w{^gnRrAy(A&;r@gCxGr}L zaqeTFDI64lw)Y^&_T} z$-Uqn3x^@+d%cT6uKzBMPmc9W-{qy%L5A*dyj}7^j>5&0!tD_T&Tdk!7x_ehS)$s* z$5PMHC4)W(y`ZsH92kY9TOW;8BpxReKXD%s&Jjky$bsV(4ptRk3zQgpK`4TdH9j__ zf~6~|2e*y_^$r>U1Dp^poj+Hk3KoHQX-F-6k2aQQc&^pdPf~aZ<72#w+E-5o5=_M1 zwuroT0(w&=ID^1JawsUmp-3<@iQ&*4*zy|b*<)QQ@oLr4PojRvf~ruJD|94v$)XKgO9R`5GmZw%AJM#KSQ@YGRE-B}y~ZsBvvs|8=)$tHwd1}~#u z%bZyljE4%G51cak#&2SO88Qto_~d=tbhPtxkBK1$lA8`(1=_qSv!%qSwjZJ-RLtTh|YKuqxJ>R}^=9 z@qFa%9(%}_`Lq2+(z?K;{5LH{61M?Y*CWh^i?+n5{lw4L%k?5_6qkiMzx$SxfX^VN zGbYn|#=2cC9E8=2d?Ngviv;C%^J1Rn3Jdy{#(aW0gFRn&9VibgL!x-2V3z? zA`)Bpe5y=^gRe^GciT`lK=h5!A=2yWSb^SP3@m@cjNl;)_UrJw}lvHvE`c?9+$e)bV2y?T-DpLBh0{7 z>6ma^1QzxP1pf4cU=_n#60Vokd_ z!Q5Ng*-{G(aRB{7Rda_pfSo{Y04@#=ekf@Tpb7|LZe<^Xk9X9yGylMGt520MTlffDWzTW41WNp~kJ zkej(91Ymvb3eW^w+JandL0|{~>;$j^xdLEzbalMv?FOY`>jbuE1l~&n?W}vxfDxz! z^7eFgwQ^&i`Wt5!fRq%=Kd^_w)L8)5U?&@ptBWhx3Bm%f06RN^Ag*9bHx_`Ki?g#e zl>P5QQ!xUeVq3Xef?OG3Mpm=723vyIoLy}ITx=YSKow`JzuJYD1NzI(_b@5YXsKi83g}ns599^J> zGzWM&IykurdWle(Ll-#!2}0{IFpvsxj{>n5p^|_#0Q6MU0aDJcAOJTTJF6uZbRuzc zvvCRVb8zso0JPje010;+06RB;lbu}vz`-rZ$t}nwKqZO_004wtt*iw#q-B5S1w9j? zvV}lg1c5+LPfs>aF4!0WIRpd*fb5(=PEJ-R2CJL56U5w$)ya+eHzL32NQ2xgUBNE* zUJ9dYZsF_>5uu`jG5Xif?@F1w{ELy38{55tY?jWBKreF_AO{;e@L!an9fhGl!F!Jd z!MsEiHg{OrxmY=Pv^aPKdDsQ-Cy*dJyD+T#pE3X7{09wZS1o5}2hra=|4%)BhySe$ z)HA`>-hXAwtHr@92>rYF&wsJ~6XxG({2q7ykEr|^_jfwNK$tcEWZnCrgBj*;aKL}C zx|QX>jPBy@>To}{R+d1J1IQ8N1aX5Jp5w2Ex3U!cEqI8UySPB-%KZ!ix>#8Y1OI6H zleSPGG#34Gf?s0(Hum?zN;p9N3jL*p0~qFlf)3C?DnjMOY6Y@3cXxnLiT*7d{lhf> z%{mU?zta5;`d4=MLjSXT!cfUAVG-Kd^>1`wCe;Kz`z!PhsYU-3etSFq599B@6Zx;a z?nVBeg2BXvz%F)w73=?-iT|%f)jxtNBpmUk)uX7m+6#R9W7yZ9i(LdqVngye=@{x zbQPT3Am-5f*I#t4t=KIKoY)_lAitlWHj+^qbT0_>~;TDni zzqQkEeg?g`LvJd8|GKOAA2a2*=={I@{||-#mkIxw+<%$;*&6?`{$F$bM-%-S;lJkk zvo-!>{lDh=k0$yv!hg;6XKVb&`hU&!A5HXUgnwr))IahP&~1A}s63%rhks7U{b?^B zX+v0cP6Mc?ZvbHB;^gDy|8;Q&X+nQ>0qno!S0th7DUd5P z1tb%gtFgUCTKu3=5_`tjE1Zu%5s7hPB;ufl~NI`Mx8pK>#+Cu#V6=Oe`1z3>jAcHKe~( z`E`Ve`bz>nUYP2986)osG>aM?s z4tAi76LgO>Xto;~L7XI<+`#`jzYlOQI)9E*_o3%kl!Aa9bpZVA_W?@P+!6F|7(&TF zA8&vlmbO4u*fRo$`%cik+CZ?m1C8;pfCgix3j*8NLZI;jO4h;L#tp#54TJ?h=qFllyI_vKJ@<1pvD1|1HiM^ zDAc>VGbQHGP-^q^W=v+T0F_ibEKic_{erao?C2}fz%7(O73=s8^OgZRZN)edq&!Y3 zUEVxUXdRUxcC36SGO0-_9G`h-DtqRKSp9I5uN3`51FdxpCek2&luA8{?f|085K|{h z>4)EyL&U4}sQA?%2HQ)upGh2Qy2`y5WFGNCnKrrGLka>OC3pF;EZ9)6T#awN@A7!0 zf7R#X<=Jq%r-EivUZ-HC`q3dD()H4F&bT@yC8LN>bK;05rkP$_)*<{@BJUY>tS(kEy~ku6}Kvg%?3vZ%4RdK&Rq0l7*RQs-meL*bFt5 ze4z5x!&j+;kB{R|0GUG+~xHG;NJ6~*k&YAnjLVg zVOVvZ^ReYi87tV7YIQ0E5W~9oebwp({AiO;xDY~(9a0C?0qIwf5M#%1jOSNRzkOiz zjG&ibXa(XtWzu9l%6irL)T$9x`E#H;IJ2n&%)QNwOWT~o)br#*EgxaNZKhb-ei6*T zffm2i$z-)vBZ)XD8E8d(OvU8%qb3lbX82>Phfx@SsmH`_a4D5?gEG{5M$gV2M_sqM zD3YHoV=|AdG;rjqc7H@Wq+eDgk{(BFHc4tK7b%6h_`arh}|Iv!5jhBXC z1M>rA1?`~@GmO;h;@->b9f^fCIbO(Hje!BoIOZUa@+jyB=q9?$xEV<*yKm&?Qk~23f3RA zUsZItq-mRk=%a7u4e7H#s=71Xy+9C8Skub~>?TJDV!2#-AXo(O+uY1;uGCz`+_hD# z`rW-v_p1oFaSmhB+Kg!FDAw+ES<&fNYsh(9iP_+pu^>p1Z#OgcJ!QeCLE_1W8EdhG zC}K84jUl^}lLLxKR!Of{1WUoU?na#M@JfCMq4}&-MyC8Mx=|u`V7q=Jv1ksIThYE$i^j5a(7V-rg7@N5xhm^$_@ak+&?-{{88#!eyjvT%-#wbhk zu{-*-fscTSDu~_ZfQpPbfc;p2$%~am9=~O1q$@n43~0hJtHr!ricKy|(+ZBC{Kie# z+Fxhna1p(~tj>O{7)_cZZP5=uPH=$Dl38;oorY&tUo)w z>q%WdeDxL!FFSV=3g;yspx+!scgu?+YT;Aquph3<`M+GM!9C8765Y#7sg<_FvlBBJhO`i!qJ+Z)W@lLnr*l3Ch? zywsxH!fSt1Rr^*oi^jp$j?`tVtiT>T+9I#+sc*%mk+t{)TLvpta(p`k1qVx_AlO@5 z@}Y>mxf7ez!)_01Vw`zDvWr&wV3wnP{6NbGh*`q^)!yooWRd17NPJq-WWd%u(WO)K zhq)Xi>)7#)%VBSr3TYw*zPe``*2|(`Z+)l=695;tK1fOh0B9L@rcYgCUp?TQotY#l|~Qf zmJOxTjc^__x2+gXo7oL~8I%eQPUO?%opMC6PKh-sz*K z`=VGS@hNhoQm8uk&rF~EkadZ1hJI^5gW3C2_X@?4r1%P}e&y;yUAZb<)iV2vohQ|c z=67P_DY;X*6E~c%ABGY2x`&ycR?20hz*z%4;BCS{7Q!EWMn~|m5SlqgqmJ9)Tmyqt z10l4Mb@B`v32q@9Hpa6f?0I+=TR6xH{6#1UdPUqM$pcioa)+=_!gqd=NVo#3)^b2TRvKFreP#taeXNSS67 z#F#mwI`>x5y%8du7f20VgMMoyE25OHdNH-t%`1USMT2myR`l$vYPH@%}k5;1IiP5S}N) zgOukdO0SpOBOc=&cl{@n0;J-O?^vapD6u3ZB;c|)cj@789v&wv#{e!h;d4pNNu0ys z-Waod&)49_RjQNUVC4|(;a3bbFe7EyL7R9aUjGU|Zst&4zM0x+V;`Odd;J3glVWwL z4nEedUv5*Fspq#reB&uXWE{K_0R~jLON(_s+lLK~8-Xl`>>))&rH1VuZSk}s*9U@fe*IE658CRnXXva6WGBEnf5FOF>{R*%%ZtveuL@F4O#mR z$4VRH;s@{kCWE0UItP7lzQ0DLZ$xxAp2f~~yTJB?ys`MRcqdCup;e>&d_FtfLh^Mp zqMRa=Ecl+U;N^{Hc(K$*10!0jFSDiRR~)``)MkxX7zKWsY}20za?#M7kIq$7qd@0- zEL}n8m5e__lQ*OCO2=`b;q-gqW9r@m`vo!9_+($gqOji0q0E!7-fmI&6BBFDY49TG zEnfW!GLpctdI3CRdRBjK1e!6rtMek;yES1(ugy+F7d?IahF8pl%wJCj#O>TD%TuSH zBk!`IOUy0tyuWYxi6?>Ep6_s%z86v?1CDsC=~7TTb3 zxF92^LMQSlfRFS{Xt2FcHWP2|F}H%pK)kXo1Kx*4VQ|W&`tu^jfKH(5(~@=6qfiMdy_d4qlv~=bBwSxe)DHom8(z>%N`=%)CP==Ru4nJZ zb9_9gApNGeZ(=owOr|wZ3pMrubN1WU4Jl;-V~alzNwXb)?%$=xyAlu^dQwI>U%94= z&o6O`6YeCQdIAa_4Vb+twv3%fb{v9!M2@BD?tMn#z7>m19Yk~;6+G@WU3Vb+ zDY;dWMz3JIY{~^KMN=YI9C4VFI#0Cn0aBo^+1jd-5mK19#>odnl04CA$7LGNgK+s5 zD7(5JMo9b9G<)DAb7rZ_A0R3f(U=-%hCi?DDR#{n-uizS`-T`%pe@_7ZQHhO+qP}n zwr$(CZPzW^yv4qQ&d(dXr2p`YPqMQ2+6!72pH8+rhvBl4*mqEf$9Zx+i2jlXOu8Y} zA|iUXD^eXrm;FhX==(%q@=vEh>&y;AZ$BdZM#_>*z2_G|BbF4)Vrfiop{N%gs0 zPW7(LkMp-M9Z#r^Bzwha%D?^F8LWlT5a@|-E z8LIZL8rNU}J7L8OveWay@gB&T4U29R`yo#-&$^gDj)1(&L>{}l1r zPyd7)ZR8fnOO^{}UOiPqu7MTD=lpct~%>VO8f}5;SF&k45NsXnnMFQ zr-V;v9`yjFMyhLQb{vQr8NlpTjre33c?-E|nsc6wSFv*5H{Nq(;=J@`)^z(BIH_z8woqA6n zAFsMyWi|FLIa`-pw^r`tgF2L4LNguzOh*H;X)~boVv6fp%4jQo+iA49DW@p{?6Mu1 zvXz}4M>%iP^r5Nw!H^3CJW}GNS!Ow_@+*p%Ox=UlT#GlFt@0xa=B{5L#Hy;7ypG*h z`Apk3;KmSmp9BC{z=ee@>%2^6Gl0jcoZstg0p3iG@>Bt3A|7yjsWL|#v&0TDM43{- zSQr{W0?G+G?hq?RhXbk=gj$0~pn$U^-TI zJyi&g7X_HHja5!_)P!4r8wTh`NDD0ZYo-7ig+7sb%2>RtB0|{rk~cE6Dem!uJqDEE%?gaziIInxJ47l%b-GLh_kD# zn&LVc`Z6+koH)$7(U^#8Y=kAXo5zdu1qPuC7|!sshuLw>@_((! zHR{`O#O;W_`Ss_yyCB7)B?q~+8+!)yZZ_n8QvjY5$A+o8n2bQAndiTVNvb5(8`o;n z+!zv<7j|gTs^xOIUH+dgKW7g|{By(I`Frr}`(yRLdl7=y#|Ce1<>8AHyM7)YK2PiG z!xyK!!?V2lNPDpU^8EWd{5%nYQwIkgN8=4UcdK*o@cDMPc%cc|;rezu9n^=p{kyz* zY>&4Omc~QE7e}r?i-(F7*!Ve*H~suy5P7@)^x^gWeZLpq@c2Q6?Dl)U5$yPQ#{{}N z?%3`dSnbXYcZ}Bvuc7~1Q|HH(HEEx$O5Kbdr6k%ntsbd$oCHA4heG4fg(7F!xX64u z(hiF8<{iNG13(}CMt0Rrokn%rC0$J--hLiAj(O|$;0uRkyn*>O|I2_Rfco?pK;HBS zdiIvm%Rgd$NVYYJDCg|dHVux~rghxr-Vhv336-S@n<$%Q`?+;wHs3Y7DkhwWFc6G3 z5DAapydKeyiTMT8 zX{IK8`*ixDo^{|pCl*T?W7--rl`0FM0L2bv5jJozHjVo3(bgKhvf>uX=o^Gp-l?aQ z@q8;gecgs+1+fY57l18>kogmX+XBCkNaX`6#Mu`Xny8FHr!yuRuN_p&xbesh?BO|% zls=3Bbm+~fe^l#2W@`vuIV?KA8y+9-@9S4N^68&HmoIgQ=AQ8JxnT~o)~aqcOGmmBW#wN) zKR4*vYW2U29UesA1*VJ+jcFy_u)GFt8!~T!JYXVRrrI$RJ;46sJS@`&uTB15prF-3 z03v8vJ$WtoBnKkBaNG1o1q0J_Gt{Cw0v4bCdEcN%zSb;nTP^==sg-0Xi5mtxNt-g# zeX!^|DbgN+F8bUuFwSpnC@Rf)+E`{vB%AhqSdXceLpIyLY`B$bm+sC<0%)U+vPA~f zCSX(}y(4og5|$)X_n=8i8`VeOs2WXxqHYRq{Z)_GrZk(1;r4N*0qzl%gt$1|T>mx| zwhZnY>BEY{$un9=L6S0da3nFJ?Kx7l(>N&15W(h;a#?H}hTsBQ zL`sAvWfWP+@hcDrvgJ(#Z&Kcb4^Sfw6~YV|^cQzx?P?I~BDK}53QG}5P{!ja_*G(c zzi||Um>1_0Aenp$^OIR*Hry9#YajUOy|$0)X3FF3`a6cTjQg9>s@v|0PNnchK_|jM z?>VB$U0_hZS-{EyQKp?yRDmjaY4IFK|LYkIi26%5Kt7vPw%G8hf{3nJeqV_KmrV*udqY<3 zeY)-p*N4oU1JDctRJ{pF6t(oXSTi#d9)DeI%bGr2W$^p0>QpoNF-0*ybuB*)GK&0oTb!G!E${JVZb#4?KMbRWXl}Wl$+*gJV3`- znUK($O?;aA!L^BV8CF5Gwq0t2W+)TwYv??>xSIJ|CZNRRSH*tOl+~ zSAY^vI+2bpwqF}t3j854GdH3F=Rs82!K)*(9DyuX5RCc8aP`xjJctntBM}8=(PMFt z@bxqrM0Au#B&XbTyo&oC8>wLJ3|ltXmyO&tOU?yiALYhd$+q~_LzWnH^hVf=|F8`RdXw6vff>l|r5Px5+85xFMks|k>6%nG-L9*NzS)J-CYf2vA#l+Yn z+q^_$CWfM74V)RB4eLsgu`{Z~Z=1-F!t@qq(RXhApyIxZ3EB*T72DvsMaYCj1kl=l z&gKgDLp>}cE0g%amT7oss;CSChjKQ^xhJRETRd_jN3(CjH>Ex;hFBvK&qIybnTb|| z=eM0Zja8R$6}di6r&xK&$h`7W&ns|0}ingetF6kapd&vWn1 zAw8g8D=<+nvjy4UkkSnadb*W3w0RY7t+};01#ac7=qqBxND0QooXpYtF}PoUL8%L~ z63b+&1IPF<=6Fo0nyQ-J+sMh&7#nWYpZ=Aus?lg+Bv_Q%qnXm)!utN46h_{}gBvRR zxq=Y$8ZlG@;lq~RnZL6fVY0d|9?_^7TGf+!AF^ff$4PmWxOC5zS#`*es!jJcl|d`c zstI}31iZK8K(Imi^_gOX1Zz>q&jE-;=PR=ModiDyvD0_RaDK)j2RUe2b>b zQDJFz#+fbNiFyj&r5R2hna>u=L2A{LxKQIRwQRVg&FARrP#OUX)!Kw6*?!9~_}4XE zEHhmCvNcEq{^tXQGXA}E=#l}q8&&Km5w>eV#nLB6dDS}CHk}^$ea@XV=g67y6w`-> z^Vnh@c$eUYN_g3kja;2>E_f6cc3z<+6pFcF5^xW97iS0o2pQi1jj2=%W6NjRM^~K~ zX$ML$5A+xrAj^|Gz4|6Ef@6@1a4f`#(-DL;S9CK#*1?=s%)t^Tq@suTkJ#L zAqcK0S`r@{yOhjL^hP*`>|0!Bb26)-C*_q>3mKEfkZB}l?&r$7}Z>uQssf8}Bg z!^xlsGtL-EZnMY*mmS&En9|L{^TZ0!uwuqwSb?BPO-;~KQ<4fpRw&*+pSYQq!~VnsUOd8I8j_K-tf+|)r3<#+N6Zr7X9&NeZLGQ}3)E&e z$|W<+om@>#NVjg592qnn;n@q8pKT@Y*Dl;J|6OV>j=dLUJr1hIcq3WkNx<8CN)zJ1 zt0~&>M&eve6J_G1?Y3^IT1Vdqcrq*xDbtDN zq+Q9%O0v#GOK~=&9Rqe9$A#I{39^((GR*Nqd$`Mk{`EuqEv|y~q5W}ADo&Yhi0HtT zi2H8Ak)qK%^~uKKgK;13!qM4C!YytpYfX!qVBmD{aoZ9}1mTR;lKTqtj>4hL&kfW+ zB)IaD3ODSvWNZ;FZ9pJF#n7a~xCp#cGL|tO@+CMCeYN2%av3*J6{;dX? z=75$ybNdu)kimWzbv>}W(^NudPCFe3J_MAcM}}xKD!SNoEhrFHuH(}Jx-Rf3nylq( zKW6b^7*wdO$2jjfgQkd7j?XA6bWU{t8z`nl%0z^OyIm=;5Fd>-%RWnTR>Hey-y$z0>PYcH3suCQ&oFCE6^vh9Jikp@QIB$ztuJH0kA^ z^bjRK*IG-E>QtlFCv#zU({qw@xfFvs?L!R_L}RsfW@K|)MFy86Tl#!#3Z+!}Gw-$8 zGKM&8@SdmN2#d0WmiFMm=e?)BBz(t9>r#mFitzYbIi6Ok-oz`J#T(M_RM^<3$9wr6 zH!mZm*u@T_mJ{le$PP8IxHKx4{q(uB7Hpyyrtp=9!E^h^>ZOS<5uPG(q8q` zr}-VsEhj_AAsa~L)cai4Tgu}#ReNVSp`y~y zeyW5s`ea*NZ^5WN7u>`ZUWFmUEszF79q*>Lz8bYIvp4 z$)t00eG+L_Zxx?t;luafp5t9Fof@_F8+EGp`L5kMzhIN^XE+qqBoL_>k&xbk^cMh= z)`;i6~kRr<*TPKp$I#YTFPjRPHRsCNRpyci|yMX;WIL8qa941d}UsTNa} zfisv@T0`Jpf*yjM1JiRGS99(20B;XRMmcN4Unwws7Xk~)Bea=^oL6mA<|}Ag6=O*C z@?J3v`&9_#X2czr=T5{W0E!j-7Zi8iZW*kT_U(gl5Pe$vGH;UQu-H&l(^*mG26Hl* zaHj}STdiQ|Gudgq#JSF-P`^Nu9>#Wg|2qFsE8Ey>bpIU2&iumi{$77|-1RN-HBJ;# z9KYt@y``M3fPGg?M?VFp5~`tJmQ#%DfGE=*&rpiYlXKNk;!sJnz$~Bw1{GBS>}fEK zsn!x_XV}^1vffa34)2!&Ze!G60JR9!1jnG{zN6~(n?-Ox1zcX}bwHApLE}876cIVt zkUp4BAbd08?+lPg;9qwF~}M zMg7`nNY~a*A@`(Tx++R}%}HrC1Kp`Wc~U1ze~%+df@ot~!wfBDw1EfJiba&r^n7G6 zBP^ro$j3{Xc88I;9rky1`jKo}Jk z6O`YGkQ-nv7zt)oP7Fa;|7LNP|M+#hN{9h$*Ie`LwsJiz$kfkL60C$)!cPAJh{SjAEEDY_5?{7E|q|^Fax$H zv-_=ekEp_;iAkNXD8XDC(9*Rc&#mo;rn1Oa^&H%|_o<&V4MDjYAVR*~z9~5B!96vF zASg@YhYvs9bx*I~j5UO5Y+o(T&3F3)1B7BT>HK$Q<3E(9|I2K!vNHXDFdKHnoru2c z>MT9zhSlD1RmDx0C z)pGv|Ha}mVzqTKi>F57Z8~gCt_{06bb|VCEP8eqo1>utu!#p{CHa|b#_bs08{hcS; zUs}KJA6=cj{pi6d!{3g^Ieam}*{g%FZ~5%o;DpDwKl<2LwNdxSN3RE#{9g{APoMn$_t>|$d%h6xcXuZQwhqSj zDcmx{dmF*CeiTRZ&v_-^{-5*ZW&69i< zjXm^YE{ku{o*KQc%h$qDO$*QQo?;~3lqm1kovFhw!e#01DzI+(U^ffyQBv+ z1y50EodBr*q!H^UQi3qU=kN9Lb@7bpSPj^21_MK&w8~4bk`uW4+2TWwYLuE@BpsvkvgEWhyaE0=&6W(^8F^Y#WZ{wxvgQJBJe6T^N&Hh)-w0!f|zGF>h(pWKZ+mGcP=+AZ% z;K(5O=E@?msx8jOlAo@iJ&uf|DUSrO? z@^Yk$k-v2Zw6c5a}-KlB?hHSnZ=m(-YypM!>Fk`iP8*m#X{1ydBS-W)2$(8 zIzkR^ZuHAVy%@!PU<%?NGF z5*f||MFHZ}`!%zzk>rGr(FUyUVdV!#q zdX>zpYFw2`MlYn=tU{eXIas=^_{X7*pE;`xejP9V<@J23!K}sTGm*E&ZhXF*IQ{xl z>~N_@5dM22$sWvwe;|2CB!`aFJG zu2(0`j`J5EzE)wjD!Qvy!I?-IegB16j|Zfe%|MG5w}N+~P@%^1>a(0WEuJrG2UV^n z8L0kULDQCu>6FtQnxL(QMM=&=kW+{WvSEiMfw}R&pUQT)4SF2fn4p9T!@%R6LLJ1M z2PMyFrr|2UbXI2kaCA6E27ze9joOp1h6OvjK_SD)`>a0Glv7lHMYYACB z2UwwR6gfrDI@nSNrxC`sZVfNboJC_b{KBtD$C_1NzX%s%H zomd(70*I%X9PJbuk0cv-*kV#2g5GcKUDTy>E{&qlVvZ5ww{WQ?S&}#Y!f8E-N{f1( zKnuxH(y@o1-4aCu`$8sFVRVo)Zb*vholK%p|EEsaCP_B!?#-FtHT6#P!zO+w6f90f z22%binkXSBONykw`@$9l-q0&N)8~mli&A7c1H-_h!d;ql%|B{HW@^{UGWW{Nbs!VQ zQxEIWVlCCgric&JK#n5P1D?bItSPty&hvf0XH+pEHsm{ za&JkpQ4N(ufk%gUH5gtlmr3VJEa^-b%8Ue|#wUt$k>P6W_f5;>5lgi&^+9tQQ#V^4gRXKWY^+Mw zu#E}FnZ0I{E3~fDd5r3baQgi`9l_gVSO6e~OLf#}k&MAOwHyz^wa%{GQ zU`Kb9R+2=##0d~`A_zcIg|_R!5c_p3L#Dt9D8co`QgaCkt%#3i<(?dlnW9=7A0V)l zir}rHF zOv^o1+OS8b^_yXww#6=?7ZKC%kk!NlfOC0BPTy;Ua8y6uLs+@lYhsOD0lOvQe9+T# z&1t)4g>JeUp&vG&*x=eymSllQzP#%f2cLRtB}@5Wt9{#&pZcL?w09{6>yERzB6=lT zbtpoLk+mL{ZlT({h%Ej-djIJj1mvhU=p>c?Nhx`UPs`G~x)42}rL9YWoH4c82jspn zd`M}23LHDU(hdWQ zRD>!34XV-#Dux$Scpeu}7ZG=oG;Pn|$+0$Dk`QP6SQ(i;6+Em1#vFebO;lbLR8JLH zDtuo+e>br@WWJVuvd|k*+f~V<8VXT?|I0WRNG}BrCg6D_n`YfbPq&;zQRwj}O!bD7 ze3kczO!;FQjtDYiuEto+^yN(tvhDg}A!rE{#P zV1uhzpbq$yiq8$W7;E%y5!WfokeX>|l)@(+9YP{aiyrk3;ggo6srPYR$QfR0ZcB|3&VJ!Bi5@E&jwFC zl&9|sO1`M^iqEUh#`7^8bC~Qk%A8@)1a&g7snP+q8lffcOjHV_`e!+}=Ijq=q!GaZ zZ~1X!9c6wkJYcr5%sS8GW#-c}L6)p4`H5~H?Jf+3m)z=Rm+h=6U9wQ3uL)WSoKhCi zRWwEskLt&w%_Qz}4Mc|B;Ki0T$xse#BNAJ~f@$OBUJaZ}Ef9UWM^O zWRETyI!#)sbZ{`LP?Kuy-&(=fRFxcR`JAyB7y83SN6d#K8Lq!fO*p+SA3kDy%s0ZZ z-E@_776bqc;a}vM+Abi9vk1bH%c=NDbFm4wMI}^@(=3~48t$T1Z^l}@22q7i!gG~Ubt zaHVJ)GxFRjYrp2bTdBumh6cCw81hct>aE&`!X+;1ZY~#~=-k;=*$aWzKm9aOBntqN zH!-}Ed?bk=fnx5(v4-l;sSn_E$O0o1i_X}c!fBGfMGdcN-?jG3j0ln+wlOiWABA29 zzfR<^DFgw+8>6BO;Y5m097wsOrIW%eEI?#VB-fS+&2jejbHhMo!%>%&rxhV}>h~O= z0R@%?hJu`ksZ=%{?+VRm$5piIZhAG(r{*p_|p9CXkgB1Nh-c8JB8bNgabSi zLLjq{3J@nUOXhKQs|oH}IG&6ghnJiSo@<5y&w%R6NIWM1Z)!B4jJ#x{OnO)XvUgD) z5wMwQ+KfEsvzcXd?DE(Ke!cA99qi>y9e!6HbksJ7M{^7P0gNcZLVf+0UZJ&>s{{uc z(6md!Di|(qv4tG>*`RMOjSxy!+Mw8&(o;J+38JwfEqo6AjBmF`By4z^*G)fBcNiQo zyySXa&@Y~db}kqyEnWaTy%B84RBm=PZ3tRrF}m{BwLEx5B1~51t?o>FTy6u!-0jYz zHayPn=8`Hce_PX?3;}kg)8Tm_3%{!+#B!CMS4&BUS{fIz6nYql1rp>O0bMBR3i~)r zI?ZDlo;*St8STC%iD6`XiQd+vMkg*zDo2fUACbKr^{WXe;z)IHpkvH&vMS_`g;=0v zga7tRkc}Z>EwnLBSc=-ykS&#wp;&(WEg5o1==Yztw19p8A?H&ktalY=a03w|BVais zA99VIsU)J@F9FQTeRPTWd!m`4Kb`@fmy%0OqyrbD{wIe?G>qxJ#z2g9bk6y^EWmD? z6U4)8+or$bpb2bEQQcLnU6MoQxQlaXnfmaR$E)_fg!C*T&KJ;G!$P@X%K-&0p@g|C zW6LK(NuUbhTGzf33qT5RCKOcYcHy?B5{KEHet2gO90PtinE|hBSaa-M1{lS)OE_~z zR7axPSsB~>ZyaRm80}ZlPLeska#=+WOjL8EuFbwqLvozQ5C=@S7#<^4i()ra)*LmU z&Pi@I+e&j5s!%G&K!?CKG#s6hK3Pr@>zee$l=w73?oH;ImoEE)!eY%>ZLTjez3J`c zNet%^#N?}{gqtx*cPefa%KdlHlo5V}2QIh5U@6N<7dsT48H1f;p7zIh$57#o4OuSK zn8LqA#u?t{ywbG=l~(44_uDDHY7o805$v3-e+P~G22JGJyKLORVPV-_OIgz0>xqlm z8BIUsmQ%-yKMdw1DmC8ms8n=)w}j$yiBBwDBTI>OF7Q5H#X$*o^|q`hu8mN&)4!g2 zCZ5_He?Q5*JAvr#zV0EghdKnyB;3HBSx>7)vVfBLzqF0A65oH*Ir>^i<7U1io~Pd-Q+2n)J&u?v@>lTS})afF25mDxYG6X#;H`?CkXhY zDboyzGhD@T338pGsI>FeYFwy^;PL_u!$Qi1>ht(6u}o%%g`IP>XHROU;&ytCzyV1t zqutq3AwzBk!LbD*3$11A)!a0IX((A_k%?gUgqzdr zXkagj%+Wx!7KfQ~0=<8b1dLn4+>ZvKR>g$3KPc?DU@M;zCr>IcDDP7)S``fWB2Wk? zOg>9~6XxlM8ivJnSnKh`yi%2DzlgD^5y|8k%CK(@g`DPyMm82xIYA&boN5 zwbKPxf)U&0hwu@6uvh3lEvU3EIuEWM`z&B3>0UlV!1uhnIXi2)Qk4PA{S#*H9%AKT zw=4CWE6^u}qb4eYTa;tPku+_;p#*IOByZDN>Wy0wG{>Sa$UmK<3hoBt_eOL7$@p#_ z_9Fsx4ya_e1?=u-AUGklH`+P3WVfZEjB ztE#_LKtVlafrZ$5e!Wzf9keiOUw43mu0U6!-v5}T07=40sBEIWQ3F!<;Gg`WLtO~6 zEr!{5X*=4aoe}Vac#ev|Ldm7Tl_eWuAW3Gigj{>QkAjU#-le%EW(P#lb*NWbe%h1$rCfuS^M%Slj2`ZzJ<}It$V5-}TSUF>kZQ#xFK){)Gj9bh8nb=)SYsC z?r!8iWa+@n#jx~WctRMd#5Yh3B3+1+L#dwejqE!DQe2xA$U1}(M05t%&(E{QFE6)7 zzLayU!9eFhu!kJCkrsg-K37htJgp4+lLEL?Hc;7E$7I}vf07q<1_pjpi(4eK63*t@ zI6u^cZRDA|hYotuJs^yxI?WWJU-g~`+E*O&IvcvYZL_Z%J1|?{y3YJP6qpK51q2-K z32c5|#MHR2A1m0fQZyZum$71VvDw4?Q8BqH-7c)>_0TC$%;f3nkIKvt6epv_dQ6j( z@QaKYeskg}U;QRMIEoM6upuL)lUBRr=LRW(?fd=yyZkc$JXC*Y{p7QM)-TTw4j@2C zhx^}|-T#OI_|i*X7DujUh%X;rya|6V=f-jMx`r1o zJ?gK!XpfX{31lzyEBzuY5$DSFq#KlDF)jy%lQ@UxHWfrZ3R8<;v-v@R`^6LTr>&zF)LOnZ=}$v8Q8>lDGn zgEgVsRPs7y_e^7Dz$;Gp$yr!mo7Z8Cx0Gq5H@-FPGf|ITq0CIdDAX-m!sn6Cs|V=& zefhY!cq*SZ52_NX&_cb{v5fy`yiLz0s9z_<$JP*Bj}?QAVdhUiUqx+JPzMZ8L0y;q zr?Aq(eE9VG^XCvA9l+7M2aJc(e6qKZ0E`P-cB)CFBB9=++#(P~Mzp6?NX$V0@6jcd z7Yae?450STA)ooipJoqpK2w4YSQ`vAW!9O>5^+{o@srygj2d>rQKo7wBGGOLK@lmA zb0)vasWBiiDTvBt7?EkdUZgG@?t0a{(*#G18!})7KF$aJg$TQTskoG7Fb4LIZOEZo z_i2uO&51$2J>Z-I9SY-t*#!VC-?yO2$nUj0`FrW$P1$S5JoZCjPJ1RZ<&A5ta~b*F zXy)?9kck%9OHKWK9>65q@jHa%0&Xy%IrpW9${TY!GA6p2472?)GMEp(hDV=s(h`tMpP z%%wm~2WFQDCGeAJu^e2G(d75SS<>PKVLc)BgSL-F*bcCNNbg~#({rA)jPrBB47X$r zr0EgVnK7G$kPLSu{0?1+g$t(}IEI<(#F`(*rgqe;wa2f)Zp+n&zI)<6C)IMFiEN<{ zS1oXAwBU~L7!_`eyj&~JuoZ@!0>ZzRtX{3ifNP){;7iJp-XWEWeQmPZ>4;z>Q4H=0 zBHIn}8O|BIom%f_5d-wZEa?#m>Lq;|F#8k3q6|;jivj(RHA_bZaji7BxK`q>6GqmM82gmmDO&gN1XUd;mWW)qJG4c-tRS-*WAXTAzUIwZk6=2U zbzm>f9$m}Ha=#v(zxo>`+bD5EA5NxkzwBuFw35dNzeT8d7AzE^1(XTwogAem2^jED zc#_gUG{SMLp<@JF^>%CeWMCt>qtmwq z%^KLaS$i`?7*ssL>3Ha?gLMn+87am>BMgntTQ>DtB2Y7W3wo&}QgM5p9#R(j1Xyf@ zSL}pZo{O>-idNTM!%-xxEc5C$@Rtt#C4|Bl6Fg_8*jbL3LjD>4kb&ZM6HkW>+XO=?rxj0y_7a@^JX)073{%x!{`H;Ip_`M~ zzk`Q5W6_w*Yx&x4hWd5Nwu3&sHa)S%7jyhk>kHq4t)|fiF|?wpQ>liBQW%?iokuz~lCn|V z78Ht>3RXD{8}`L3pH`SuSiiF=Igm^+OazwN3X{37bhT<6DLw&vvE+}6?EOj$!E1!cY|>(NCUN^$+ILmKy6M4TxRjfL6op>Ip)8e}$Az>Kbe z;1U8Bw>}n$lOt8x;hn}HhvqLqj-mD{k-|kc;Gs>xk%^B*6#EPfl#_S-Xg_ZK)TP-r zi8uFq3Ui)WOC>N>qH^-NZP-hF=;ur9wK7*enEiq9E3O^QXsXi3LMqxC4Lv=nNUbA93xw5;BP%15cy{#W z)`u0wop=8tHeRdIA|jWkOO+6CfGDh`AWT!?C)LDvIC#5um5vZoiQxwMf(&gDMIrp%O=X8@? zRw0jhMEw1#;H~vo_@VVM;yL3~uo`#I`oL^^+kP<56jRS`4S?&Vs2s;H3-f&xTXUx# z@*yd{6i8UA-lh6lh043VBGu-l_ma&mjA`#t?`M)M4_1CD0}fpBJcpdGo`kw>?Xt!C z(7jk+v02qmz&eo3zoNC-jO&*=lCMs6C_=HDoXKhFp(X{)mFq?#jju?( znK^aJ|N7>TpzUZ=)JBogJ%N~Z&>kjg}k^|O@Lps@CIPuF0SrJ!)Uf_Sxg0dA}@`(qDzK|i!V3MB^ILW?V!_yi!beb>P z6EzpPppFH(PV)JWJDq6Ok!rI?8)(jKoqt}0+u*moPdtK3!8+fbS#nUJPnH_6wk<=c zwT^TJ4I2-hXQO!AR8^X+38F8LjIGgC(!dl7Ry?egs{rc@z`@d}MdH(xqQZQ7Xf!-b9Vcs|cH^7CF-fY{+_U;Sw!sd+Njc4(LG7!PH%bre6z z2kr3&yB8OSzy)lKB3%5_2R0EG2nwg7Y*o&Eqlhu5WrsJry8&e7QwHhN4(UQd53zzf z0%23qG2lrjmpHk3CY$k31Ve&rZtgYlU`OsnLwIMyN@Q;}PpB73E9_pM(5-6E8P(Y? zmoe%!bv8eoOP(S@Ex~-V)FfkBEmfVbT`SnM7(;g%GitU}5R&p|u`1znd?Xa;MIV89 zynVT5xn?^${(HIdZ|E!8O*M* zO-d}4%rR{xYv@JZIe_j4RR9f_0A4{Atrj(rQOY7T@3;z6(&yn-dgAZg^YOuy_Bm(^ z4fus7Jp}(sHxwl(sFhji>Q%J66RKVlHd{G3sK*Bg9i6DUty#afRcthp3&M5;Sn7R` zP^vu~3nKZYB-WWdc?(XT@hL1B{wPzqfji}&{R<I09I)T8U}x>G@`F0%p{ zu&TM6e<%IgB`{`&&R_7diksR|W`mR_s<1`56Lr{Vf3N0$5o-OVbcyr*uaJY5>@FCVA}SCHjXAmQ|AauRSl% zMsmC3@4%-a_Fjo5FC@G-%}p-??1IX8`YK=Iv&=yv+jPeRqR2K}lBRlK3TBLQ5f6F*-~N|BvZh+RUaDb76D80 zt573Bj{(3Pj9N<1l4xKTJ-I)Qbob&6OUO6I4+tmF%I)4Gb6k@mWNDOYtD_DtxvJLNT3E9E8MIWqg* zOu`zm@^;$BQH+>m5tP~$H(>>*rM& z%AV|7nljsGd*+p7?}u%@mU55`B1J6@XmVeMc)J8xQj7v=^}`pa*0b+MX|Y+8mIjby zGAF#4OFTVR#l-3AXu-HC**V!TEivKQr)d6HCfI?z-~NK{Ed5bAHq?(k82i9yvQxV|OIxRZ6Xx&Zm{2*^*R#Z7p>y8g74yt)0p}I0dw{1Q55*iwXW4b<;FGoVVEx8&q z-pH}29RDi+UXILZu-i5`rVF2YB`hB+Hey6Qh|%{wUZB~sN{N-BvwKfA=E#+7n*);` zo&+%|#iOQFd6w|ZUD=ct(aC9Rmrbl^so`c6AEo^<+62e$+$x?Y#BRIcflNuKo3xVu z_tTR;Yo%Ml3W9L*3XB=$2~>WaRT~OCan?|`dCCTCk!H;-l8{)iGmZB2{}A?0v7$xI zw(d06v~AnAZQHhO+qP}n)|$3$TW9UF|A&*@eY2C6k?}l|(bKD{Rr_51{oW4q%2sE& zf4)EaT(nftT;(Q@LJ@r7bP8wx&Ly^&<6igj3skKKZO*oR|ppVIgokus<1oheY zD)v=o2qQCd-vdaFh6@cE$6>gbo%m(9MZ*Lh`XzyM&s<72FvBCzLS_?)Q8onfg7}NV zM7Jo&d+2wsJpLY2^^-rn(IwP&9}h9{*FzI@m_ib4P$OBnyQ}G+kFeX!wwtaS(yeZ% z)c%sP^*E7MK#*PtH*s1mm=_xO^;a(6fjaFZ=VxmvWN%B%i!;4o+{cV4M}vuwJk}^8o427 zFN5)?#j~xC5QWv+#|hx?6&562`T)yMGng-EPl5J+TG-pq_X{}O+44Zi4U6G>7(Sh@ zc6W!T4-CF;Z+Ca-D?l*9C_;Ecewc!{5fLn{-OKLwm7S~1ra~mzd1zf83ym23pP&0u z6kLFAPiKAdFuz6%mRgoCBws$37?F%E9^SXK?2tJ7a3we0a={Eg&a=AP8{gm8!=ItU zv^qF7Jl~PL;wV;yjBH(5bdj2NW&XM=W^~f|C^Xg^U4SqUBK_AY%zgVXu|&PaCwb(w611^yqB0+SzxVzY;D%En-tg$t^!@|pKGI==7T->pllqTaq5 z^p^abLdc}ifcn?0?*!t>j?s%SLM4ji=sR#l2 zdn1~6F{GQHds90k1h!vvcwd%co=^h);#27Gm_-0rW9s!(P_9v~u5rlO>1MYbPDjKX z=}u6{4q52}#ar;S&V=G!$^gtd-MwW;A65gE$?zFs>YywN2C5VOWwjr_=<<|*q>;gp znU9habwWi8I#>b``e#?{?6~ZRn*+D#OTb@XatZJ;Gp4M$sp)x5NHfoO5+~MSZm-G8 z|6%PB&tAli#JRWt0qx?Na-`bz0HNutK&ssgwm-rK?Gq%pP$6+Zz0A*_t|OkJ@6YDC z6%r(|o{pK}_jL4FTG{v4k+En=EV#Pc$reWht5qb(L2z{mh2aH+`UN~$F-`8sh5VsS zy`@7hJr>`^AKK|{vH+Hz?&w>GjH>>$4{pO;?4@9y(JCyej}fX1$i!`twee_=(~ zEcu*A4LoaK3V8X6y&e>lKc=6#m|pLEA3{OnD0oj8j@#X@@7NM!35Wh^3$m-2mVg5~ zKD)jLIVuy9GGSSTz)Bo9(8(9(=QR~)3kD4EB;G!7C7GwQKWAjW`NQ$edgQz_5SqRR znmLAJ0m_Oe8?U!ho9+I~KctE|yE|)v=?NOEoMk5#)y9;ZUOfx3SR}sDtcw!|xVmIl zB%4xl)e_Mggyn_J(<;30d^pko&NA(?S+Es+07=t24BJ6|P;Hl2LI+EY>V_9_;H=2G zk&`SDAv8H)3}n|-(jUl~T4^or6e?(gC!s(uT{@+zNbzGij)FxbN1BJb{fV z9|F!?YCwd|aI#hG-E^3WwtHKv9)?AP3WZ8b6_Urp`!350Wj;fYif)2RY_H_T?G{SC z$8Z9k$cHIte7V8S^rPDWOi>M;ZsB5>-RYvTjM@A&Aj5i!xl~%_nI0{ed>6RF?_y{- zi^9V>GE~3ri9qwkc@cl{r~rR5E~QG{ADvj&PX;`?h>Gh0w!;cSI-bN{7B+z$>qdSvU1(Q0aJ-phr;h;65MYz&R38+HeIYV#g z3;t?PRUlrg$hi$+gYS}-=K|w!FV16>tze*7i{2c)zo|XK_Fg9!+R%~La+VtswzG7? z`;xv3IZf5+@wx%5hIzo_btXR&Xi?L-VaOA;ToN#UlE1%|ihk@f5VWS=e>A=0g;?5w z6l=1XDwrE?c&R5kg_}PmJ8^?(Ny-{lK`sCmoCH7-(p3%mDO#@V9IxX9;`(%#MPnv< zbf;A+BdT#t1LhMK^P{v^htqgEGkMRYm3RI^XzVD`etifv5LO2<9RP`Gb<|L54%Tzc zK_Ol9so4#f^0G7*ki6z&r8}!YXG(jPJ$YzxyippqCP>W0m@Y911~=;HPSV{RhkJpR zJFaGy5z=tqqZ1i$sSiDP>ZrVTg*uUla^FA%dgOT`nk5zM4+rDOD(ts9e*y?~$C#SnKiSK{QnZ);>p0s^Qzcl8K%>-jJr{CwM8NmyCEsPujBb&nMqk^bqy$0!bc zD2{w3YaEzc8D!dhCt?boVYI>hkde6@7d(CFPZsMuhfG^Ut*wL(MIgKnSN+piWF6o)U5tBI2qJ%WKnF7I9`A zcx7Pgg2!E7>@}o}YIC_w=Oi-yd&C=^#C9k-Qr;W=Ulmc^|Cdf5nD*y9Y59;Gm;URk zDq}jSlrX5x;5d;TjdvK`Bxg&0jsIVTn|u}PN~BwGj7{cG?@_}Sea^Z@q}TqzocI8A zjX+iu<)jbDYX}HCQ%WPv z&v7XM0IvhPOBDO&BEYc-{3lo~4l^0aWo<4Kj{tbG<&G%>SkV%%$_xowLxFRx>F;qc{$1Ki_sWk2cu!g`)WYBmYawmZhbRi);FJ)EQ z#cF;`?C9SX1G%Erp=y~Ir({sn0WN~JG`*itXFarPNn&|IHBpq+2)}o#H)mYarGv>t zFvCkRKAVvMY)%vQofmvIdWIoSEqP2q+WndPRJg!)2k&^l8I`^mGJGTq4oH#kys(Zc zJL6Dlh)~otFuk=mvb#-%S#By=L@nENP>FzvtoeS5kwGeLcrF^loA*aUoKp!CF@qQE z*PHX-e>EnJi_ZvBQ0jb-z_R2ApcbRj-f9fWNT|ThueV%SCd8Y%i#zv3=T>YbkKij}9yT^x@wTyW4w;thzID z*e$dno1#+(OJEi*P(Y&Y9iT^D55B)dl&)8+3r@Cfx~}BIs~|1uG@cmfFP)GMRI3d$ zEWpmm1GJ_u<3v4)V!l^AEa$viFj3RcQ*;BL;#7b;-@``Vpj7eR#dS#?pOT{2&IYcd zNCzaD5H9^hBW!y}I4;)xUvKA+cq}Zo%m&pmSpMTPSjJ~rbph;Czq{IeFw^4t8n@3j z&H@qxR#$wI;zAAmz<*5FMmu7e!L5@>fleio`RRLm2Bt!r9~Nu+uV4LmzP?ZNZf0J8 zUip4MzBYe!@IZx&Wzl%d}4g6k&vc-L;{5x z07|(azLRKjD)vcw_EPQy5liI!H9+QdmRuwc*Hf@-RHF4PXVP2F$qsDVU3QErFztXg zx*)z<@J5)mwMowsuPlgJ=D|1ST5{g25!MShPzuTs&)#Hk-vnDZo0AXL4rqBJR3Dl^ zY!j;MtFdfi>`-PfMi}*!s>SG_wkwHW0p(3zC}*r(z%XHjo6Da6qZrx;b-5iVfrJ$n z#4}t`fsa;|Tel$Afct@{UTYniRsYh05UX)~RxgEo&LX`rY!7ET?kRRx8$~Y(CdDWB zZL^@Wc-oprD7d}{ap|glE+QbNJU5(;or17G8?~$2LU&gMJso!$!+&E-KllL~yus7N z=^(&ZM@O7-eG++glJ2{p4&}4rm~oP^x?!3g9)e~M41PKuMWdUyn+J0m-U2Dz)21VmgUom! zVGYyn2|Gu%pVlU>!QPFAis!tCM}TF7zi7uVOr=qdx1`pD{a@NmTRLYs}t*X#LaN`qFKRrtHDrs!%V2!^L8N_R~Aa|xllvD0a68!C|OK^ zPm$DTeAZf_V6mpZ`n^qkI>{c18lxv9GX%>ERNtPRowFcl_24hQ7x}sO;I$VR+Te=+ zH}1Tm_ zT3lT}nYsWk!_!nAk2(QP|B{|-%B}q$6Z!!*MwCJ495%QtcUeP)TGc)BK#n`fQ&2lS zA*nYfslyHqWh#Rs0TX$OEV5g>lASVTK+(jhAoWjVJ&#Hyma8Fr*S~w_dYlOy<9ebE z{-R?EDwd<@x)Jf-Nd-t&j_wRW*{V)iQV+W=Pq5mK3~dm91(unA3C*i;O8L+UU@I?T zU)a0mL0pCpZOCnD&s|eTsi}q>hJ4K!wkF1OR6vE_08!KJJmvfsAd1f7N4eqA&l)RT z@e2<(f=VQMkteiKi}=Kgc&CxxItQvT$q(?LY)msnsZc&7-5=66s&xI*jIEI3bXaRn zt!5hos21BI12T~sRdX;Md{WJJRS+KAR)Rg1CR^8|%=k!)CN5Q@sqK;jXZH`;A^t5E{HD&nKWlcn8 zC9pT&F2HS*V~zBg*A~cdjMShWxYKAKb9y}*6JX6EQzbly5E(a>?F)XcF)l_GhS^j{ zFhQc$WJ=g)$Q?>Iw7RTSy@;XP_SKs*oUe*$5-&I{68XD!CUPsnx9Lwl5UPj zZh3)A{-Z{K(P$`2{Ty5K?{1HpELi^4X#+xR@AU#N5aIH6?1~j3@m%}VliWTE8f+|= z3)>AAaB1Q%SJC6acsow|-S2=s5VdJPy86cM=cs>vX{@vok&naG{Ka4TijG>Y*f7I2 zA>uw$L23HmHG8!jjkxe)Az=Hea0Bj8^FE?L#KJJ8j~B12?+x!WjJxnHO)j1WZ|_1> zkvNOw5TW4Q(fv=la*2nA0;pqz-ghDO+AW@af$2WmA^%>-ETNOEl+SQSFV<%bR%>X= zLUest(HTkedaL>RI$2ZI^UB2mu>^Tdf)-!fflla}=d+f%_x7;-_2QDX*&3_t0d}^p z&X1T<0t31N@nGttXe$IhHGc3F zA;8i^S1ks?UyXEtR~XHwW~q`#2yXNi;s&YcD8Wq?!^(w7*jZ{AGJr2Ehh_FkA&W8J z+hreQhC<6%u(ts?Tl`^uq^_u$JLaUHVa11M#q!KW^nfSV32O1R0_ONz>sVhQ&)IzP z=~kecgj?BRutDlw7feWP z9KPkC`(AonyLy{xk@-NT1&epu-Q`&dOS`DIfDjj1)=>j%l!IE=%z%Ae!m~}qpr}=* z_RZ-ma6zd7kPihj43(UxgV{D`mv7P(pk3|MHUOBPjaXPFKZ$b@g)On52Cl5%LY~6) zEI@S2)V+e0su|2#(2`4H#QM+#JCJjxWRO|>R;wb>+)2p%=Jh?$G$r;y8VK%Jaoex?OmSG42awmITVY`=v*_gn@nlS^#FwHw5xmZMEFWZxgT?1)EBA6hB723-Lxy?u`R zRBe^C_W0zn1d3yojpqHOx=uy;8JdRpr8H7hW<7+l@~dQBrx>F%_A7Y3l9aGXOWqM{ zWA9f1xh2IiU~WPoqpwO7M#EM1($0#a8F$|Xif}9G;)oF)GK_v`r;3kJ=rHzhYE25y za(vmVKdQ-E$Zr^3bNVstW_4WxTOPG9u8P^D%vOK35oDSyL9oqSFsTC;FuAlWV;)^$ z8@^t(wU}cpz4gLP<&9$t3=L?4J0*kDcIx&?K>8+#H%+$;p5>J#!6$Lc9R-%hvX)oJ zlK?W0MJf<)6bbVFXRLZ{9I(>{83aWa*Cc^Sf*P-kp9HDnx)QwFnO;mB9E7mrV)6;@ zQ3pTnq2#zqVd#{L3{xSmz{-#bU74+Yi*~ z{=O;?H;S21oo(+pXX3pJG;?oghEI_!1wiSDbSJfc3RuhZpaYp2AZmSMnm`Pkg86MQ z6*)~s@Frj*Y+l!q_NUl}@jDoH(s{9hA~?!nJY0o6=UA}HxQ&H;6!={9ryfN={M)MJ zh2Mx-SD}wEUm7i~YzhxEPMgRJtg=imC4UU$-CBl3U_HrO<_O#6Z#*lBUcTCM5qXPZ z2c$)1L<*u0Rl&p4A0z3C@s!=<5k=N*+!SMHL^Ao1! zZ8{MoNQ?)lHP(E+h8={(2gm~!Ug-(JXkf40bYM z)+NEp&8)`3_i1<@eVo6Ew<4d!m%1h}K3-X@&cEOc_y@#~1k7O1)k#5I!kbv_CePx! zf(5YS#u2yH7mS5-rb5!wk(JZ@d&_a4iU;=SBokFx^D=Dkas36Ez2_NA1M?k*3of%| z>y4KeR8I4`{h)Cb2Fx7uo<;c#}@&1&>))nO6H z!r*`*#~XpMu0Il}{-WT3H3jdd!%PY?d$QAo0B7%1eeN;z4lOar5sCS!M&2N=G?{z^ zUa3fWDTeNI){Go|Lu3vT&<(^l1J6`2onvuzxV;l}U!HBQb7Cx1b3cz4zrX-GQNsT} zK_dT!Ecy=!=|5wNf6Oz+|J80TV~5>=&~vHQ3`~rHfnM=GZ_HNj8n1Ip0Qk}j)e6f7}&(;6y^YK-8x<97pi&^VC`}=)s zi9L$NBt7MP7`mR7W#azf`5gB;bhsSnrq<>urJ41U+pDv^vmFz}FtmM6IcwpieIbaOk)5jl=!v;o|9$ zo%8YBmxmXI=iB~$T-N6!8Rq@G`T>noM)TgnQw=PPTGVSkn zBw2hw9>YN-dHjbYNOnZJFDy6<0Z6a%Fu;GFTaN0ImU=W3(%Vdw%1u5VdLIud=gSs$ zc-Rz4G!vcZFq_BKo%OJ@zqw~Yu_jxePXwPxek+6saUd*I5ujQe`v|4aD$qHwXOu#z z193UUVW6VN238$uu$&eb?f@~q&?KjDZ7Lpk(E36*-tgTR_EK-Hb49?O_5g<-T7R<+kgIH{3R#7laX-B}hBf6c5HITFE~g6I0mWlW&=psNbU%mw{;>H&PIYzr z`no0Ti!rchc7j#q&x-L0sUy64<*M@?qO3Fg6Of%`uz-Psr<^MQoet2vu-0nkQFLIk zyp9W}_ioN{A%fEZQ(UN>P}^B}$k{5=;RYd(jTvunyDcL^ka zd)b|ZAb>5b(-aJ8`$r`HK*a>;8nO*>ZyKwK3p=65-fvHxTZh3u7EZ3b};up{em@xPkI*IWH#}N&Sm7# zaU`>H7TsOx*3sL>S@dI+v>i!*R02D3iFWMV0ylb$-+}`m%A@b^0Evu(<)fK;OeUIq z0o{X=>yP8kP2jUozH^j6Ok@v+y(sak;+Wx0xD3x>2@ecdB5a5XIdo)n-4B8KU$FOM zgZUm9E)^nUnL0lsJ|_xpj;)f)qvJu+*NxX&mMk|GVLh%2cYMlFt-e?BZy*sUT>jnh)eYf-CTEo!idxb!1HhKJR4%E*;?SBia;sZs zOGhUS0OIs;_WrhTZ?mK9QFnJ&ETyeui|9cLFOFHmDjiemIYaSp@UV-*7e~$Sg z*=o^01GtcsP)kst2tGqj3NML6YbM1#OQ;2ad%mB}cHNWZT4OaL2`1#lI2#*bU1TWh zIsyu-Nq=7nU$So2>EGnf=w@}{mwMkmk#b!KVSMei^G7hauyRSkltBykR(luv{q}q_ z#i^vmBaMANmULj&80P-z`QpjJ zf<>CKc4+`_C5hw)fq~nhS==Vbm=t$_6@6toXsNC%eL4}J*`ZdE-)nl%5g5^4bn)9*)DtjWXVj9e-!lM!V<)uM+|jVLz$IS9y0fmksO6Wi)mEOAets$-lb=wA*>Qzg4@t zHOMn}LvD4gQb};Ag~Yp5B?P@dDhv?O5S(Gvy{X66+I6aaoHV;j-b8UD=&NUelxw@g zwM0{H^|xq{W1J7d6q)bo6@N*J#da#ItYv*r(Gu-w9X?&Oy{_+d@s-TEa9mLLtPgU8 zBpRwkk}1pd0NkjU<#ANtf?MWhBibdCr9*$PEI(exDF6hpQ_?=5uwtM9ff6(HdCQ5J{PR_8zd{ zQMgJ)l>jG{L%Eg}(o|!ce5MuUR2ITUa#`Y1RuVCjV*9z1_?Lqhd!wO>iMG2i-?K?8 zi>Hy_oAaV!b6L@pp@`Rfl=Pt*L;S2=9wd7AsF|zDg(Rjfhm(n$bq_w7g$;i%?^%Ot zZH*JqxX2W$8fV@`q|OqEjG~y8A8{^{(9#J%!aYcWx!%J0xpl}7(xrp_*}~6NC4E!p|!2-XQo0(GVSb39Id66#)eq%*Jhn?1ZM>US^yF2g#HJh1M_UK=T)~;qOx2 zpIBojWBObWx|ox% zJ>DFHdlEVfbkLVsYKdS@qw@)vaE;p)lThwarEe7FXlK0@RiCI?AVITj3qD-z+0tbQ zYb0Ckk6r;754($P(A`J->05WCHY}{)um61ju~wJ<*8zld*~`F*n0_nXj~rmXs z>>9l#8`^WHnpfs6b+?go+`Q?+nGv;YkzeH`$VQ{l6@)ckde?Uqe#BJz{XmLV1q2`7krRhM-+tIXX(m;~oe%ts%7+A`ZV~ zl;76vy;6Jy2%dA=XsKFL;mB5J zdsnw%bStufG(13_ddxoL3U3GT~`9-;f**_^Q|5?@%}v{@TiFf z~$+Dwh7)u;Zv01alVriGu<0X*qjz4d+e@1ibBK z6*WiNG|D3b+ROh^Mj~5|zzp>B>h4N9X(fBgW7hr>Y|v$`yI zH~d4G7pAR+Op5AA`X%OKVjD6RW@yf)TDs0R_QIwQw`HSN4#p&##_E2@iz~T!>d{IN0G)BvYH6O30soj#Q*47AOnd zLunoI8)i)*E2bM%(yG=iXiI@-K&*hVIoMm@)}4BCqO^bwPD7CEXC{OE3eig}-xCE& zGx~>(FQ-5P`I;}qD>}vfQbPuZNErBK;Pi~cqQvpu9#I*ga3uLmE}Fp?I|2}tZ4iqX z>Y80hX6cQBcmo^b$>0VoIK4$5)j&y|mfBll1R<-pVqS)8eg^sO1BPa7lYw1IM338d zO4f}le6MJUE6QjIXu94XZjo1h^mo zt!rbaC5jBty+Sl`7ppz^El$;%*sY%l?oY{HgH*JEk@?B}hIkO4Zb`qj2x6YpI$AJ3 zX6pp?&aE+d`Er_?Wy z3Db-ixr9z-O{yKs$*p#~B;fJSJ^`@_`lYSw9QF$u#~o4W(jNma78+A0+W7pvvSD8| zObj?fGWF-`^n!WpM%Nw-GTC6)q+F~%tz=mI!^|6hLB-a0Gg~M%490OKNr3RQl0&7C zHZC85M(uK*G}?BxlXx>psYfjhp4kZTeXL)rTu3(}l;^D|&rr8P)7W!NUZ=o>gXIxz zN$DTiX)4Os+f?>X$Eu$y_Xy&tgt`C>AMq72YDr&&2)b{|(C9LR=Px6%0rR-bR$wY7 zs{C!%?|oFI{Aho;leBki9=sbgjW-XX&Q1rnAH8Sm?EFB{0oL%F2mWV=uhk{=X42N4Yn>k(co=BoPk%7JI1CIi!ZIH{AKRz zB@R29w(nTT^)^Q$PIT=U^6)sxFr(G&?fbkrscLf@s-n|{%bGj*{pmmmVjmxneaZg^ zSQ%pO_G^2892>emSzbN~^h2Bt_1pDp>S*so{1-#IJTvOwW*xmNu{yg;qy9^thLgT^t4b!Qg(N^5yq*Yhh2^{u)0|_j|u=!$QSnS^`g? zwtSOyJ=WC|JO6pPd3h*1P$w9%%{y8M!>zb~jl+$|`s;kW=t&w{dq-8XLL#UVhw{3% zB;2kL>Ub=yy_=o=XPbdKgbTeHTZzDlR55rgGb2708TqTm)i*0{OMuf`QtS_VZhU6$ zFdq$rVN=MPt4yLgbEvQq0E|T=Cq9yW2h2S5US4EvC|)Lk2OSSDs_m(x!}5z7fnnMg z+a2X6_HKw8LoS1_XX9aN8UY7w%^zN+IU`()1449_m-SJvDXEf1FNR<)_T)*j&4+=1 z1yHl)`*1F9#APx+hHikqE?J)ozqKQ4tGslD;=3u1Z(Itx7ic2Kx@DE(-aohpFY59h zLysKCMCrw%0UIFlBIJY4DPxTl<^ z05N94z7ntjN<10;@LvpcP3pHtL4zy)fj>Crt$;xZn;XiPS>bxDDN}`5N4)32QUAzt z)*(wW3?I&8D(G2^F@yB%_uUY`<{aJM1alL7KD`LwY+qc`>jl_oL%q3g21sX0(7SfM zTVD)cP`tW5pXWCjh+}WZ^t z#`3DE;3^}U7?Eqi{gbW7gHP7tE-y_Q;tdywDyLPH zCS$y)?|-X+Xyr~EKLt7gyWh(T>54gc8U!+Ynm6S(uV|)8Vf+F;qjs&*`W%_E?8_s8 z+MmYd<#ZD*(g@#typd#ve}4e@|CRytzW~(BiR?(Fi5zI63sXpqHaeRe6hk5zWo;L0nU5296#H(Gp?(%@a zG7W)sd^tb}z+pz;C7Ws#r{@^ueC&@U`B#$32%m2>B+VB0i;scPj_~K6f-z~p1+mi; z0#nG<`gp_F2FX0gK&o79t(BamDuheDKX1N(T8%fS5K;uZKz*LjB!yeN2J@hFeTzJ( zfUQ}bTu-t(ZL=nchQN9$=T%IyS5MRr@s}AU31p&nO1r#UDcrYW|E|GOrM0Sx8!52# zbLVh8{qAXjtQZn$u-_B^O}x)#ULQxk2q;^ctws_y2)i3kA&Pdqz#hKY_l*Lb&@X4q0G`$F=8=qQXpK8Z{KNb^~^L=wWi=5mVlUv#A!NhVC z=7cFLTFw0Powawr@0$j8HJL(2%A68=8j3k9-R za8v~)XPg%)IaH_FSC3INYY0AA$7Xe)_sF5Vind-#>7j2`NrX3roDUPu3MKFY(APT8E_)`(GKx=)->^BZ^h+^(?51DlP??2t-_?J)oJR z$~QkJ&zG=;yfW^2wuYi`iqpMlD8vp-wUm_+88{kO?}PG_#g7T`#?$S-z3$T(?hoJ{ z1CN#Cs-)v&lN&eo;kNG=43b>l)V@Yz7vT!!R2^cU)WnpfZ-tTLANK>lC#BJ~Un3(S z=~yJ?yLam(GSwLtKts0>M;J7rsmUip|e_NCErAXK2}({N?WiwBi@ zIkV@E+G`^`#%(E4xbV)XC8-q7SiB%HAjcX@l1uUs#-3vRe!`fpcn$^qHjbix6OhS2 zUz%!K;Ie~2!_>ABO1n6?J|Nmz%qpM8+CrJmn-l8cL`}zQ`KLz>B*F~j)D%9h4~?-lLR92$C&_8)pH+dMb;#mFqNLzgLlVIhcY7$RTq-@7 z{f0xp)Eay!qMDQT%Cn}m*7Bt5X&6gsCbq{|1RIQrFLi5fnPtUuE!1F&?Gj6Nf{*<3oFzn#ZASBmWs(yP7+7%gDuDD|o zMc!ZuGJj8q4NE3Ak}Q}zR&(OT*$10&R(=f3k(~#UJpKshjU?}nv|@a(Ho8<>PsZxKf^vJ3@96R?cBmm zyQmgbIpMWdH72n!*{cA8NEgm@RAq}Yx#IJ@NG}6fo@l%`o)(n9!_uiq0t~Po-zJaa zG0P4sVOWVeGwiErL^mlC5c~XTx{m9rBOcOou;8_?Sj#a*1IkjVwZMue>t5$#Sis6n zoO~cI>5wm%7k^T|m#&6j!RCh|i!0*>PJA{yz62>s1b&2q!KEvh7MFKll7k!+hTnW}UtpAxD0#m8=J z9#!|UwHBb=)PE!FZCrjl?N14@bq;Vg;YBsI%;=zc{VUBAp2&KPg&5S-&7_AvXIho% zx>&MJ&cg~^`v5XC$jRcs*BQf&*11gBS@Vl$1<>b%;0l-zlibg-s-SP;gR+}&9$N#H zr8H4n6Z)#*j9Qa(7J**mKchtjp)cXa&@8P@HYQ+`S2p$ll-dp8euP88OQ0iLYc@k7 zg%*K$g#1${ZcgP2`IS!GaaU*PqlzrQ=t?{mJy8V@X0cc;am`N)L?h)``-*plDX4KChSWEHU_vy&xy&`xp4jA>E5cVcWV*b!+Er7i~^KRfF;tHOM7 z!@bFrh&{l7q?`B|l=twgOzRO$>A13+vnHNN8U01Lz}P82wUy@L+B(HFyvaDnB1t=g zVtb-od3^FP;c6=kGnKrP7+pd^%mOHaLW7NGN$6Ee>KG+cjFP4ZY~{g)f=^L;U_m)C z@5I>9!bF-IE?0T)08^6)Da6GHM`1dq60)#Pg7BzP!OszpNOT`QW)nT?_NSz@RgvD2 z7*>gkrJ(c%i&F-v>kw(U{Moou;9WspW~K|HPm_}-K;MKqN3`r=sSNwCYFdr?Oyd;o zJX1L|HLx*nQoFtriIv&EJ&N6!l0TAu>bo*gK4fJwNxx&xmC0KliL@X0&Bf37(xY0Fw5@zO2hly42mx?kM zUr-fmzWp@nGPl7D(7kV!>TiG+BQX!+>&@0o;2I0^57XmT`PqL8gTsh zUh0ikGXiAeqYRV(F^$Tj`KLJ(x51cB#3Mi#bpb^I8(D0Li71qs2hFO-Lic-Pxq_xr zGV{X@+nF|}mR*Dw(}QcSDEsrMX2J_L5+wOwc$#lQoYraafAz;~sP0g|!DL*(-qMYM zm<~b9&s4a@E`jm?YSpOBK4n5GW4BXCr((g$!vE@Kf^JxqCFCTO8vuEapXdcAm4;qz zm$o&96jO?nOp(?*;X3v=7;|PDY7O(ddtWAN?pGqPo$1;Bb%auljh1dD<=%_f zHz@T97c8_m3mGKltcZ%B?P^J9`LpQJ!EpD(n!ne;q{kW7M|F}Psva@G*!gjIZMzL!?Fu{G=Gi@1{qVERtTTihoP!8TCUc5yn>YKTGz-WpK8P%I#KA+iV?{GVAX39=LtNca; z$^csgrTb!4r$9lsN~du4a_Q(}|9N3|@=)l;%_}l+2WT3cY0-0K$S^eA4&!^Zs%66# zoqr}s5M#h|1`C-p%ZQC46^ka0g7FuO>;YIa+Jc!lZ>D=^HX?dc9rO*(iaIpNDD3|| z{QCMhf4@fBuxZ-PZSglvl<;Zpf*p*9L~ne;_9359_Lzq|XAE&j*id8PpYQ-BlG5cVJudQ(d?D!D za#>tnR*pxlqWpCFdk|a;Rzf}<5@AiwtKT!CwCMtjM+6@OXt7ogGGsH<1PQhUP!1s) z0!(3I^En7t+T#Ou3BPu9?j14+Vi`0sHXXe2s&2yKUnaRl_arF`Hol(S2w}h69!75f7 zRjp%m?eeT|uw$XP^rSo^UjR`yup;{kNY;Hs>Li;7d}N!e;Qsf29hOsA+ap2!fmUzpcotrlklIR2|5w)Q<#blbiHc$X=mL zFvfTAZg2d2x%_x}{J7!Z9EiQSv90{6as1Kg7N7LF*)XmcSRjYNP$ZST1mBr3NxN5Q zDLnggQp}`^h7Cl!#6yk=3KYXZ$r=ZUj7>;EV2(DDx%>MevDk1Iyg@8_5Qz|C%jvxg z0c_(g5FJDmi>t_i3P@&D4Oyczg*W7lUb7|{ml|O++IzXP=+LXc#^R-IMYv{;7O+$% zKN5|T9|S>rG2JY2+zdI!qq!s=10JACed}fp;(%ivVSM}>4JIGeG_04pjm^n1M$1OZ zuLMTM{C=NM8+KOl5lN!5zro1C{3IjQZdBegr47;1H7S@ET)$XHn}*C@uq-~{8OlnX zPyU@6n*fBEP7Z2s*RC$|>RM3|DyISafHjE9&xy@X2GZ%yicmpwf!t}83g}15Z$YJM zIUg1sn@|F{M47hK+r6N}_F#O0eBYuJL|%%d}E67rj24kmZeV0wV04ln#l?hl?oHJWY)qHkR@W~qVGjR^lGFV@OHx>6c*x+ zOj_~%sPdqtp>-=AlxTsHAIFuA`x+uT6P_5Wx(SH#ay@Kz$+#hrVi^@=9_*#b+zoEHOX3MU5&SZS|yfLzx%)GmOHXrs}HORCDfK)Nr8Rw+PiY`(H*A?uGy^LHVM_mK8G|_4&EVe1I z2Vh-iQPvFVz~2?RV^%oTGTLVBKUkMCXhMyst0Cl$<3Z16%TF!&o~}T{BX*PXawra6t{lrHP&;wyxR$eZ7Bt$4-Gg&3GZSuMndq3~ckLmT-Slq` z$aCfSsHE*zR}lkf#BGHnIZ5+e0&mloO^x`b<&%UO4dD?y)t@MiEpHl)O4h` zLP-8CZxhqT0K1y8P4rP=3HNkuEu2*>E<{H`$;A90#?C276ktoXZQHhO+qP|+r)}G| zZQHhO>$KfHXWs9<5%Yd4qJFDlXXeg@0-lilXlqr(&?o5LL$+UB+*Q*cX-iyuZe?5~ zTGrq=C8%d*(@aC+%rMSa_k?TP{~XygX5GEhT+i=BrY2hjX|x~!7U*ciKRbSDkXZHb zi%YmSY9clS5sS>E(xAfXqv#xe6ZqD(TABC`wE@+x zyrhJZ&@zCfwKI&RW#1rH(o7~gj9?Cf7r*#7l@e^c7uh2(f)OR0xmq%Gpk*`?XizK0 zdW}qU3%~ua3}sU(`eCVlFx5KTnyizeODw^eqK1f|5Eq0l#kvEmQ}2x~nUZ-tRC+}` zE6b#)6?+CsQsx$mf0#F{BzPiItv3ZrK~O+Y9ObT&vXE1)^J@FBh7%A^<~Y9Mg96P@ zYcAYIa}}bjqB83;iBU9hr{7lX@Md&lJnCya3pt1^{+0BlQN9qzXmx{Hfsl&4(lE6X|mCihvp1MdS zG$*-^2$eh4GKReKB~WP_IIKJ)`wu?aAhn1YVMA77_PwEapZ-l-iSp}8Aj;(fKQdOB-NncHrrL~Wx$Gw?Hz<==yrl2op=6k8AjGN;5911}{8Ztwgr?Z-h zblcR2RKSLtc;c9rw2YMGVrUL%zu$%Q*7?MkMMYo>_+ZfMW13S}zDcXLH0p=MgtJ|h z<-n%e7|Qz4PN%s}t7mn|I+s%b)S!Ym;gsA94uMEHnl)oiA=2t|6z9fQwNYKDZm<=l zVmBxRfgnU>Kr&?WC=vTJL+jFXlvct9>7HVtk&!jyPjq%$F|3M>r_Uqz|OQ%&R4YcBSIoWkZY!V$|PAEe0emmgrt-${1i=sb!Q^Nd<~WpQ~-}tz|cmm)5VE zPb2ky*#AkAo~1<|JwMP@;Q}!9wsH`r6D^e0;X_o#DUdFy6F`F(Fo9Q%UQHGo7t{kI zb{1CuI4Xo-R8oY~0>JD_la4KZNuJR+0wLFJ&bmzQ;w(|QG7Wk53-h4=izNu-D< zr|hnarQ?mKIu(xR?$EVVu?dkbAH(7PV>y$83wQ?2650QGj3F)jEpv%nmGIq_>_CULUqu7t`h?fj^|}{ zjcmJC^=S4O3w<)p>2E_rq;-vA)jD^j7l~MCJ>)oip>bpdw}C|VG6&a)CM~n(wF>BO z8Sy96diqYWq<&e=)j=Bb8rY=tf#EpdduQ}hqj8k(cE}x)c%)KUEcN*ZD!!hQ#?ME1 zDDg7xIH6d1riwc0F#e@_a7d=%3I~&ppxuUTDnm|b%sWO-MS3JRd!DLV`L%mSo`etV z{Sew&SaEzbky8ZWD!n-?vt>U}#oQ>5>6qy;jtO8hJ|$O%&(L~_;` z`fRK)K!)O_o|<;2yYv85v;l9VI27!>N;9&LpTfP_h`}D{NdM?jz zgwL_D_||hV@p+?ju%9^I3pIi7pd*=Zs#Gu;b9QAhzBM6@Taiac;S?o23tyxcC{64L z(zse-^qos#EQK|91xU@_2$+OPRns5){(SPcZ(LuOQi+h76S(m09`)pGr!mGO#O|T@ zl^j`5`;VtfP-joF@Mo=#%&!A_U!7MqH{s%EPGSq}l- zGaTrA48d}f7~miZ0b1J@bdY8)@3OhPV?+dOl?~>$CkotTL&QQdNEzB8wx_aTI0wum z9d}2TU3uHL=r8h@yA=5~7sewleRhUW)p?`l33nX+W=9P(G2KpHrsH^NE+QFH?W?TMWiZV*pf~F`?<2z2iLK%RAN%?@hAQHLiF7 zmp+B#7zVA|zK)wIj~PBauCOU49eLPIeuw zXcawYrxdL`;!)0&!qymBD=Vhh*s9@PgBKlmCE}6@*~z{2%^Yve5)FEziRp0&DVp?x zDrF5XS)1|eIp&jtyPO^_RlcUaE;nJwS`_Tn%g9hJA1TQ*AxQ{>TA8=D()>Rw-s?S8 zKRw-umyiDOtJ4b`;3=-?^1llzjQ=61Ff%f6{vU!$^ZyDe|BqtYOuo@#B8=7e=Sq%^ z&B!ZY#uPsgmjJ$s=br-~&jXVf@Pj|4ouF#s9>;Rj|5w7OsVZ_rxlC^7=l=fdZt2V~ zHw>QN7l&;xjQ@8lToC8jfb5^7Qhs8Hh3B{N^*!^q{@tOiu5;ME-sGy244!jH!RL?``ZI})oVmo zD53}exs`WbmT`Uy-{9@GYYU(M=OW4PV5bW{Z}4y@2d5a$@S3%Kh~xSjauj21>*z=} zoVe$E$&a5u`IWR6-q`h*s#B$2`5D-tEw0M5EpCeHJC*AD1@M+Id;LB9_5B;^;Z^s? zyZ$F{ZjZvdHQR;HS?Vo$DxNp*bt&t~N`e;}lflFjlu19Jjm^_Ki9I>4P`LAz4CL6Y z-lxZTD}6I%{q&nE(W=|=V$|ViWzX@-nf;9gBQMp`i{~>g9!-Iim(P^Z_UFQ~Z7tAd z@m>^v-zSno0}{TtBr2XS2otfngi2uEgO6{&nW#5`mK>qI6kKNv$YrwFtg9&++i1 zaGfGYYS9%@4d~a>`{PjBzikGnRu&^^%m7!6ZleXgNX4dT#e;4`6Z9?78~!C)LXu!3 zOULIHXT9MVE?;*TVA!A8u0&lmkeO$Zyi5*?j_$bV2s-6%_LV{xS~-)@gto#H zTfAOq+2=M%qgZxjKs>{n#ypx!u(%pC@-VSAq*M}h@xr#o6QgGCSL!O*Jf8i_#d&2) z0nrT>jZ9~V3{drtAm-Pmlv5nySoe9({#`>jN<27K*?LlOzu*{f}3wX0RQ%bXG>DpQz&sf>ah;A&@-)P=FTqu4mo zjR!UnnMr%{-6|8JTtvqLGrj8``lxwqP$WfX9bSIbZz}*QpfeO^<Rto#>EpVEl65xGCG0Sv{!Z|YGb3FRAQ1FSxYtVXDG9eQuLYJ70u)g!UtL< z$mzQZTT_)LmRW{IKI3uO4BVjXb+bx2F4HH8hlL1x@+=NZrK=Z;JsD*KF${3vAAk~< z(fcv_v1dpmH>4#;kz&n|NDq1y;tcC&m8cYjtMHkjjRM$Z+^iT|!N$Palg&K=`)oOQ z2%mNA9U`9PU7#wfXQA2`HP?qRYl8c@1RYU7Ksr)Be*iCSvAb>kCYW@3`%KXNjl`~g z!SZ`}`FeE&Hi4qAqYWvm$7CC_p9yUIj#Pz3ggDGO)QH;R1whepBR<`R*@@V3C)Bs%N|aNQ7M?si-ejHYkBY_Nj-+RI)AFEVjYZi%6msS+l@L6Bpx>k-*b^9K zHC8lunNe?yW&B~DE3yK}4G14p#2FQg3ncHi>60|Ibyos$GNd*|_ND481*Q~7plATT zW_w@Df+?(j;yPp3T<1N)u`10J2+0V*Gr0)5l z4B9KpZ_VJ9Xbc5qA6jwMR#eA>AokEi7uP41=Rv@~MeCATyVycq5t! zl8h%Ts7d?Jg?t^7F?D&ALg%oRApOhgf=UV9ORK~3L8~*}9!+OF&Z556ELJ$d3aDf+ z4aHooQD;BOfCEr4Q952)Dapl3ri++z+$x)WgYySkfTkoFNj4Xh?#HHnaXQRq)cQVn zl0-mK3af{LTanRC9rq6ulVS?XDiw_Uh)7-{7j5FwtT;6``!qrZ@~Q%x4=J3o5vD1Y zw|X4Kr!s7+E30AyN9Tijp_!ml5L}xt};XglEt<9nax1 zRuB%$$}Q&YgTofz2sYVe>tWrTw$hk;-{?#jq zO3kVJpe@B|4Mb$a4p~M6%K0QknO>WBPYLoi@8EFi5u8zk+8Wu3o;D51KbL`i!gCn; zz@|7S687OAH60?Q`XqW@#1~2`k4OM_X&zRw?x!SsY=mP-S7s*X%pQ|8_sLkejVDa< zKG@yhWDm$uvHA}nC>~c^*{>Y$*OT?mKJm_pbO-TblAO}VL};Z)GzppePsub`7T+?+Fibe)3}~x6 zl&0e7k0@SSKE4|(Rc8OZNUw9OR7JViF@J9+%tbD4e)uzj?J_~ha-E?LhK|^HB*`Hz zRrJdnW_Wswkz2s9S9i#bK>)BTLC3ObO*%jj4^}=3p&fe2vSvQ0F3QhMPddXgEvZ{s zdukFpWyLfTbkB&$vZBmYzsr__#VFm^j~&v>Jm$%{vVv&uFy4sQ zB2@(hfYog<*4WgcKmm%lObs^MQULQ?%A%=QHL`WvWLnW&x@|m^a~!X9udLLi+JSVR z-|=28qr^YXDR(2@74Hg)cR))|_n z#CryWu5WcvvU?&hk(;WJ97JHG``7NKh^sR zV=xsi11tx?pCN!Z%wti+Ab}Sgy#GtQqx;Xk<>eKon-GYXcz!COE0fFV{8<`0>bvFt z{dRo4Z_9I6?>qMU@hWk9ND=^tNPAS`f&KXtBO}s)q8L5`}Cau>`|So`pVE)PPyemw{ZzS_F`e|p^k~{TlKFO)6g+~>sP&{{%XNB?r|HmF7l{DvFB?GXk+6Q#D82N zJ^}XjU3N6(1La5Zih|;^rL|Op&qbq^xz1nq5(!Od4+^&f>NHo39;SdSO*w%T-mXl# zv3`V>DFOUj9|Gt6rGI;YbwYyFZlHgfFS4XV&kuzf$F3(PANuYL-8DVq5dE>?(zb3h zZd%-;;VNv}?>|kJ-~x(d0#>gLF{Mwq{4xMsDmjed8S^G8=*TJ$wvfVIPH&DJLu#0{rNa~973P;Deq|8%;7Mc@xc4kCbV>~9`kCNx1VkEC2v9q&NR%t{|U+dtEjlw{TwxaV{9}YUDuM4!?4^ZVw zb9g3D&+Fk}dGxf{E^kNJy`6A?OeO(nac1R-5cp#ugU(44I?_}T#-Zo0s3SLG^#M)} z=LllmL(w6$6(+m3-mHqw_rNGIQoiFSzS?a`0EVc|uscP&#p%f4@f+IVE zg>6#0ioKG)W=+uq^@^cYK{Un_P7k(yRm{nGOx~7utfW5ow!&=6qHu>A<#e4D?H?8Gch)J zewe_0;dNa|@(TOfZYR2E!tJ_H&OteJoj{JRcus7775@YaLmQwt9A>3K(d%OB=$~a} z+A4fTe+|300S!HS@gi=v#0--GKI!!O{X^W*#=?l;MdmPJ!LSBf{=;ldKDPP4wWZgA zah&iKqi%Y+RIT0;aN82p8qO@G?6)#r)J4dIYEt%s0pioQQ zs+`otp=z?!}2L;6aOM{m?CEo5jC(ss;)pI}Z09xS_1r=oWP)MgD%k7kD zdtRS)q~q0Q+oJorwM5G(RhMHJ+L9Ul(Z;Juo0K2q4K4E5`U^v>E0F$c6!yfxwQ2U@ zkjOy=+qN?HK^H56r10g)V!PH?CoP?RAXM%5+Vc&U2{2I2p_Vslu4G&*Bmvdsd>8Au zLP874Io(^&f1H({g!9!1P@V<#-c};#>L?U#{{>Sf$2;PxpLQE@)D&u&fsnG}Ww{`5 zfOu0A)Xxcrh^p%(A4vQTRlbKG7W%jGyS^!Vvr)+*IEA<|e{;_dxS||CdF+0fZ=kMF zE^vim7~}0?bubj%5tuG9+07PP9r9EW3qk=!-3D|I?M0X&H_ff+XbwumddRe}qiq_` z7>$M6=T`G6RICgXdU`S8nf6aC3Mv|y0Jq_di9*_2$ZW4K>UMJqNNlL`;C>XY{R3|mE^7& z)3fdE&5(p``gqXWJva4|j@>S1u45(~?&=0EdX}Yf{D|}w4bT*JMEX#QB z@BC;p1?G;|wAPwBCu{O0zW9vjlCjrm)t;dEPK3rQLd_j-*2i9t)qH?9rDcIPtrg2H z&0^^r%QUIyRxnZW9RH@gQ_qpYk=4GAjPt~&?CqjTlyp?dVLgld`{(fndcgJOw|V#z zaW^YWGPGj##gb0bbQeI_{CG=%to8M&1V#&$09P%6gPFK%F1ys~**nK7Frml zlWxW;J<+wsR|X)e8*G*GPjF{(-5AuKVn(5mJ(^#=p|EEm%q-}v0kL^*|5XH`BIBX+ z>=K5Uj3U02WwRts4b~^SxGqlQ7qn7_7Ok=v4#sRwg7qe+VoJ6o)Ghh;ZZ&poxQs13 z_M~1YlWhx7Z||eNSB{HfULrO!Fg09yG027B9n5WMgm`3CpG6oH(p zZPLnrewl3MNPOxn${8c@VpF2=(4v4w)ugTflFV+D}0OBd2&4< zSd{(hyBwds0N@wtm|W$wR$kJMMa=QIcIXv>iZbA*C1T8s<6p^;$ML9F9U&gXT|(M0 zobqVK&oXPvC^v2)z@{-O<1io#Hj{Zzyqx8l{=vKtXt8NPu-?)jI2oeUGJ!PECZ(&f zcYmTC8GeyXmH-RSSs#OFzZmkvk&{IeHkkQXVsluFJk}`qS5Du$5VNsHX@kcW^vV>? zP#G7sSQKN3OuJ+n%mxoZ+qj|j56Zr^2t(mUtpZP5YyF~&3qZWWNcRF&AQcF}eU(&b z|1A=eYK`gZ(&M^G#<}^u*ME|eu;Y!Lnv0kcy$@k-*ALj8Bwy-=)?Gg{55zjWn3HV0 z97EF+kddEjkbXA#nJ+G!zrcMoI3cBS6N+LLGXm96QyT9TremuZqD}W)EC?*S;|v?h&Y-8-v&tifFB!cZo{u8E3l6XiP3#agGzi2ux*Vj3O-;qg1C}HM#AF zP!_6{St_K>3V<)9h51UXibKy_9}XAYy+{c|z8Y(;MG0fmv>VcOv~02XSThSxxI zhZMy_h*7|WOJWUec3Wd`x@M6212oP7oPtNgY)X8oHj^Iea=yzO*8 z-!qku@KgBL9vEE+Xvgd}foa`S1U!y6nQ;h2k>t{K(9SXgYsx7!>q!4~>rcc2!tJny zg_{7Vx!DFgnueQUk8R0h$vkkfr$2cumH1%Aij*SWR2SwZu~hsr(p>9llMgWg4snQBZsh6d92h;cbrurxvAD^S7~ zu%Zt8;ok2`J<=;JRV>OJlETdw+7qAyQrUmbfgbJD64SyAQ~P-gQ)LFbTn1s21c;vuV5 zIKpU8hIqaODhXBG!1Em2d!+0TV82a{7uKZl?C}eyx>`alT91oc2ODgOjio{aQ}fs ziWSu!RUV2Zs%TX|3I8UwI=p&M?ht}D8)6ZmS45D zox?eys~&TA-6G()n_EE_ypHfou_vGRgH^8&XTQ}KwUw5n6Ooh<99Uny4x&Z_{+ynH zAjhEW4!5Mzcoza}_fftpxx#`EB+u!bH?mFMr}UJIlbW90hpV2XxEuRD6Xe5M^~~aS z#cf0gP=%CHMZxHbV{8w{`4}oms&PBZQZ$GJ1=2JKx^I_n>XP_vSo5^oA{_sCI1)dn z;N9f$7M5{3R94m?erWt?xhEkeo!mKSdxw0uIeUksqE~x+^zj#+OL)J!9|&#<$%$(; zr<2&BWnP=7`R`{0YOvS1A0)c1Ci-vxnk}+p3A=FiC@sH8Au`vmg)Zdf9j%)8MD}Tv z|6RiVIJ>2+5fRn5Bo+7vo{&Zu(=@q~YWqb2OEusMhp^HFBGj@QVmonbIXDlEthWWn zuY#MFfIG=B1VAx67)!-Jgs1r?{~=KYrLdzc0J?cfOz3JZ#qT zBD`ypIF4vB{IY}h#~J-TtX#X@y`An9@xiu(y~jCr`@7ra{AY*PKgK+GH~Zuq9|yNf zGq-w_J$;{NG0oE3@^7kpId*)+RLM&inwBf*o}M0w;k&*dVAzzOZu9j z(|*k0yYxxLg;DBW(67`oqgrhFEs%QD#jW^^_~yh0t!yT|Wt@A!a-#16*g$U;;rqoec`gZYi6r-Df>%8GAw}W48e!8f8 zn`MRFV~4ka?D4p(Lh1{V%=k73afz1Zd)t`}j8U9XChTe}>l@T+vZWE*$5J`5Y&_Da zEzd*%0Q^XD2&VXcE?pcgmBr2Fm6s}5M^1vfR78I(i~K~@2UxEQc(I_?H()U$67Yv>Ja75|79Rqm(f}84^I#)kC*MOJ;#MPOC<0Y#K{F zR#Fk(AkTs#jUWh9kLv(pQ=IiabgR;_)2kJ(O#6JWdT+6!G+DXaqHSW>hqV+>h$ zb@mRJ8Y~rflDjC%#x60_nkzUM9A@mLzNLdzC5z(&ZjgGcK!)cI^AqtGpDJl;3&~?> zG5VnYiFa@LMRKjm3Qih3JQu4qzF>t~P?(--I2?9Q#F~9wnTCuUxN%gf!Ybi2_s$Bf z;ON4oJM$tKD7~V`Scb693|K!9MGc!Tvwl$I>D1AU_{z(-#Kx0CD!zM~m&6W%ytNXl zPIX1p7QO27uyJLj1%`tzCh^*ONOu00rzddxaIGyQyv;~gfjEpvycWa3Q#Ouc=y}|R zd>@MxI4y0*B9#uQ4BKh_k6V4k22)A9ltgre2Kg|tGo-{kN-fI<`CODEv@^QWgxALd zOv?jWGCyd;^TAKRRhATJ%~&hKfgbd?HPu)_k;hoeIWV~mrRC{zg763y4zc)aAR&P# zsae;ij&!yLw~|-pY=)7JQODXSu9f|xVQ2Th*85>@s@;(k40I~PY;HMSTAYbc9w$*T z8F6;~Srr1wt8rmxIU2jdamFB2ai?zcvNc1hRz2>se76h@0Bt> z!-7u=%ieX>Sic88uuQ|*Jr$M}{((K#-)ZXvs37)v=N)2zha(!i|-Udlr`L-KhX_@WQ%(_6cPfo`Oe zq0RL+WJo*{q(kgl+ynh>{B2F zX;y{nwhKNexd}yyR1bk8!ba4EFew)(x@pyKhl*Hqc?DNSrqzuhDQk(~^S97D8SV(%Uec1GY#U9Pz)7+GKwjCLwGE7XRFYh-;b7$QnFPDwtGGXSKp zb@V-2rm^YQLV8!yHR(uZ$q5I8l*)jbRj@K^m|AYFiRQkDuHjXi05;l!bS6r90XHN2&C(WgPiqVaqW8m3Ce^?E4u|Le5YzdZ;ET@NLv31Mr>kfy_CAN$>3fGxA1)$W{ z*d-n9zd9#=*rnAU2Cg%|(g~@QMcA}wr0rJUVxFkr*j%383D9%iK@Z6L2s_xZLstxD z)Z1Rg9c>Pq0IGr1UumBFK0vTT!eVC%Q@EZ{r?#Zr!&KA>wxPWO56c!&Mw`1hiz zT!I{_rfG15>4ciz|M#OiQnzMY0#OzILbnOtcZK9j#}4A;NCX1QA{J;_D=3{iq3;XZ zxszVF5zPfEk6${hd^mW0>^)4ZQ=yn2T#@hs6&5|*j4)n4J3Pi(pI+0<&*U=3+jQ~Y zDRqGtpZS9OyF*c6)%kVuCB-ETRk)uo$LT{)2Go}tQ5)1^(jy02I#6xxZk=};w2gI^ zz`WCn_&%*sGU3UYHMz=84y7%+C(>ZhbT8R&0-!tp#`_fw|0kkMxvJgvZKLUL(`C6j z$}I3!(kzL}RkT=*SIlCpS;2Tl^2%D8F;+ZGfrwzsqOMppx4tL`_J}%`3O9$o{4EeA@z>ZY)y(K#Xw1)ZDU$3!3SE5c*;f z`Hge5!t8SP7$>?ViV@QjsAoNf_ZqINrp$0pOq{Z5p`xmyq{$3|6-R5(K%5T7X~wzs z38!sa+1G`ofDNbd-TQ$tpOm4aYY{VCK1)nT8=9ABcVK9#m&;<2=G+ebwz&1SByA?@ zH%{&s3FW^`n=K!k1F=bv4($&0TcWVj3n7Ns%_7}r=EY*IH#6qMgM)0tNYs4!%TB## z4pz=~hh<#zGjumsB;IlZC$chl*CGByQt7XPnHM1p+7yuU4<4ill<+K(B@6XzJvveo z)|=OLhV}&rbtR@auK6byNP*1egcxq~xyj735;>SZsY^($R3c04!KNNr(a7i zX-d3Y*gE8u{7cd1s%)M25X;eA%xOj8=oRN|qK;C(Yd#d>E=FD}83zVvi(2#UR<`Nl zL%BBrv=_Y@sN|{dEk3RpG<65AF2?A(}b0_c=%ctoMNqUPM|jp6vnE%FFGsO%C+Mg69i*&_LACV zyD9Q(-b`FFaxIHC$Fjo~9Iw7-Cj+()0=vdz9Fi@w)1R$9tD8tj*S#q~y0j^}v>b{Q z0nr3a(xEYKs`tf!2h8SfLci(Uv?r(&+S69ytoX<_>eTO14&em=xs=WbYvaj~j~

    1. c10yH?R4nqg<>qkJD=)xUw4Pd6U*R>zf zl9=3najZ0&R!>STk(B|z2$Pf_d6!ZO0Wr5}eJ^;5G@>AmLOC@YJtfdXaMR)^S838d z_vD1GrWDce3g#^m5RGfI3x;r61kKx-VU3z{osBQztzaI@hNUR7jT*(a)3&3lrz?;$ zIQO4W=BOOmK(4%fn2r(N*|VWL&QJ{OIQbSM5WfqHY0d4L3Vt$~sfGM%mAxL9;{}P8 z)|DPz9d*K|b`QF(hp8gFx-`{Cqvl!XU8KR+yXJm*zp<8w`uM)<4pNJYAc^{CEqj7E zEn|d#e&Wl!p`_^rwl8|#UP);v>7Sr|N>rDr0Wd6TXwy+qwbF1Uu%()|H(AEv;aoMT zq;mXVXl|mEgi{EsDoNlt?d4k#58r>Y)w`628DOs8Bl}^P(}-lg+M9S^QJ+*$lE3^S zzT#;n$PO%y)*ICqt<*#8&~5{4D*u4mI;TAV&0rZZ@wmR9?j@L!(?Le$IsNcCtxN9#h17W2VkJ zjTO+&9Oo$T%~=fw36FF$qW`oXtjBE4ICS7T!SY}mZa=FjPqGp~H4O0^=$SljhWywd zOlR`)vytY5-G4}ONce-#fAFaggJw^tiK`u{fRY9IGGl~V$JjY?dt!;1fAT}+q z8XR6c5m;vE3h*_!Jvg0QY>5)U&sI?5FC<9okKU|@-v^=rKom=)>3^RxS^i_nWMOCi zzv{lG)otUpMiGB%^#%LXcmz6q^cUfPSon%81H3Jq1^C}S2Bf@2Bi|DBRGYtFb2c_~ zXA`M4iSDlV9gtc`&U|t`P9I)hKlAMNe(UXf-*07`JfrY`bt1%UOpU#|R%FeOTkUW8 ztA9Kfwrl97&PH0T7k|I^)Hk2C*EEXum%?joQ6>Z2?dc_+&RvOva-X{2j~~%OatZtR zslKzWBKTo{0?55B;dUQ-Ha|{3##TPWAU5=VjZgMf_9wcYXLPC8*k5Y` zvKEhAKNb(gD5BVJ7w`9Ke?>O;k1>jD#{GoJ-#r2H^@fbc(&GHuHUYV<{# zhCY6;GmT$;Upnc!Bw4T_*B6F@{#crHJDij0x|MV4P!SF=bOztDB40?o(NfKKhZjcD zRbVu8mI}d9E$0i#tER)r;j4?T2`=NShJ>0_iK`)ktrk`0W4^Xi4QhDnpnem78nC`h z2DRzNpmyV$-4JF5P49o|@9nYb`?$XEWbx|-@ap@0&#Z(Kj*CH=Kv+mRh)~jyvD|$S zKLBNaW5X`*i*`XC_qQm)jNNNv6F@bp2GGw32`~<_fA?CHOosJYvpXRy;2j}n9HZ2Z zA4{zOp9x`6@$mpcx0#S)Vc!50&9(~QHVHt3N0e&;sAq;;h+ZY44iK@x#d!Pnihh)f zj)Jq)XgoEp2$CKLxQq=a2K-?^YqnjPcE~6ibtRKYs&JHal+b}e)Dj`IR)*3~Mnxz3 zD)#C3Y#N(pp9G7hpLw13yvB;_F9r=O4@CQOR^|g1)$4vVQRfsxMnNsu)aWk<6|%;t<_2eI60m?(i*X`!Z3JQloUtF>U~Af6UCA-+8!7%S$_8ReQhFt`@$#2NaGoy6svpUsc$zZc9K` zrE7qM8uE934K2xLXyb<@u6FOv_vf!ngn8xXYaib>zw&q1Yu~NkM@WLFViPzHOAxPy z*`2^aw4#6QGwM3o7ezj0p77sEfc-r3Oz&#=mrHeN)?=1m#jq$~J z)@K=D>&$z?3M#0Qk%_Fmu~!e5C{5d@N{E}zIk#Gp0%CxMfkW}w{>|b@?nC*TEFsUa zJMj>1*xVpsC==eWyZ3Zk$wyq9sxar{6AfQ$lsc8hVY=XkfXND%+TeQZ`M^ebzHLdl z5BR=uc3}p7SDRtYWM%kY2^lJllgKAw!%z(i^r@LRD$djsO9=%}#=*1wkf%R zINhV6^n2z3l}{`*2xSr5ysp`3PiFw&CrmNDxlWvV!ed_c7D5)nWgH?LVJeG9tO96B zh)nYHKrYlvZ(V}FZO;!7tOVcDDL*pTfLos^=@?Cz3j=MIo3utD#Vx*`Y$(_s7*NO$ z?pEvmy<`Uq<{h=@LY7F|AjCuxV9d*gQ!3qrGF^^}W)BG}chXeCZX%ckIkw)^tmW{F zjSmzAmZa`-!?*S`@sz5TH431e?EP*+g(T05${-k>ku$DdzWA8Bz?vIrSju(11mwEZ zqAI-E^`WKqu;yg{(xn9c*ZL*;=ndaTPWfPvHIU*zSE_Z+!#!&K6IWbryhB zVtY2ctw`(!1XlCH=T1U(YA0Qh_`DA|x8TWSvKhffX61&*fsl8P#e69oP=iv8FrUm2 z^wlf@H1;x9_u=W@PG+2c|Io|pp;{F@q^MBXjy7PW{SAO(D??+*Ujm(p*8;TnbpNoZ z>ReeN%SJbD!$7`xF62-Xw<;4ub%z_Hqz)*T;~Tn!VqG$!ETz7@m7!9R$Q2D|a9MoP z-h#N?|K9#-IV6bZ2FxQB?acGPvImr|sYVID=DiNxhJFk-7*Ze&?g*fR6z#b8 z)jdpT8{*s}88nGW7X)acMh-U}2^nq7yeX+n;jRCz4;x1D)oIm^M8hlWWpBgDw+1iFki3VThZf!?o z@c3E~#9`negg`Gy-hX=kB3LGiYsLyNtG}XJZ?LB&z6@wf2R%8m;-Kvr8|6eu)DcKv z<*`StgV9wo#GSNm^eiH{RyH3yi78}d2szGst zVInucvCI@Fo2xW*VuWhKHp{<;nVH)?eV^F1A$yW~xeu8gq1z`q{2N`(6EhVcUXoe? zqq0#UI89sj+$@oPElQ@}OJH=b*!(BV2&XA2&PUeS&yA_lSkwxqTvU{_jyTExcZ-sn zw)=ES1=HLx@-L$7!9qr#c;{xWxu~L+`a&$x9qB5K?83i-=U8Gc%qc=@rr8vp;dXkcMoMfX^9W5C>)m`1HbM-E?u+vb!ianVAfia6 z5kjSkln~+|e!(gdy1fwc6HILf)1ZD|hDSrzlj!Cm+@*`nq?IX*R3r!txyTW?9t=*X zp9vA2#GcnluEcamB67NqNeuG3gov{5`{QRj0*&diS0WoTA51!zpa9y&QKK1(H34SF zI2GC$f|t)ozQuxhIv5-MP$UnX)c%YATM!3>`AAa12 zv5}o@13Y^eH`eRg9Rh6*g6qL_RTg$xs#`sJvTSuzu|GmlMQw$B1prt}r3q0f4>U!D zyceGs9C5KVXlOo|n|mn``%PNx&zT0hPIxCmho|eon~@>lv`cM0=9z)mO-J#7@)#o4 z#<3_39*h8K9H-TloxJ&+%j5?b(`chFYYK@_ge$fUjJYeQ)= zXe=~Ks6B=hJlNM?_v*A`#BpVnlc6`AgAOWG_Q*{=5QPOXp}#YVCqJqXQRQ3R$ZJfmeinU$3{%nmQUM-6{3bW z1~>=Q4j2|d)6gLax)fa)uXDnqeA(;mkGcu5Lm4H?sxF<=P!;iE@|8QN3S;Nf|;|#{_4#xlx2y z+?I_Sfz^z>gjy!x4Vy7tke4JpmIATMD!<2+{T_!}kVfOB2oCh!NRiJr#6ZG-fvC`G zA3=#|P6C!-ZEj0~Jzku`LUbZmeLaKz4Exn@cglV&78&g5)g!V=v1mpzg}9%A;nG$= zUn$R^-hT1aKGvM-8=?nr4E@VDk@ z=3ZB}j9TgkT#21?d`_^^(Z`~fIuW;Gz;-A*0(QiBFwJ1(J zv?giz{AK4vpivBhlvn%M;Bupj=&l|WI!S8ua8lxtT22?^9)kq`8q|dUVeB27LyOjJ z-PoM5ZQHhO+fHUOW81cE+qP}nc5e1PRp-lERr~ybF+Pl5qqp9AYwr_tt39KD-}U{j zsMNeHUy(u9|L|?E_w4QcLwOxclfks(qe^2VIfEH4Xcy!?ttHL4AGgs@Lt~)EM$6`z zpUQGMRLI<^$Va!T!nxfvdX4!k5Z{iFA`ybnKym#FZnr-A^~CNxzwog*I_kl;B(rP} zpMMAa3sDiD2q&n;(VG)0f}uNHjj^P^Bmy+P(vj@VwV_D*J87hhnVAf1dGU27QzYp2@A4*b#JyG(cW2;KqF>}y zAP(~6solq1$*hjA+YvltZ^v={@ekH(MZ-}D{n%4=&I}?&7+BxoWNSD~$8f+YoN1%3 zzT*(0K%;Ktk`xkh;9R+XNzr_nd4Txb>Ne$6_X8C4P&aa zi^vKE5<@WIvf33b<);#neu5X0kG(d%o>Z~7%$pmi8|AX+Mdic9n+?fS!a4W&OHxpz z!!o$Ai_PWVHc*Q`3`~lyCHWJsOJ|K~0)*4xQm^NzOxz=Ahg4spJ9{}E$VlfeYAS2b zv^Z&1DOd}|N$6L~O}bOI0BcO$v_E3oLN_9d>3^@cgTs{0auurKb4h_2utNvvj`8!a zlJqaC6{cgM58K}~3J@umx07+>EN==qvQRcKqr|Hk;K^8@{brXt?W)7}>d3q89|2Ko zlojf{>Ps#)Sq_$kKMRcC!JCUr9pJ8ZxOCRM{CGVAj~2bgpoeXvxSapu?L0kQZdJ>) zy66Vkdg?SXK4$M^K&=_jJx6DBD63H#*~#Cp#9VF>`%};-_9p={FVr{3czF=x`u|k9 z9tDb+GxyI}jm*Xc(S^G|fp?~Li%xp2QhTwVo0>=>(1_s6^19xy?B^;Jx5y&*8v_T- zrThz&TF0|0KKR#R-CercZ{V|-!Q$`1(cSbB!kq24>ekEmSvV%OlP_08uMA2z>pstE zxRzOragTz<86jRm$-EYyQF7DKlQlEKBG-b&*Vyrq4$F550v;CMXxlP8(`Vuviy#Yd z0UBd(F&!Qh^SwGQO?Cn(WYk#t`vpBcHqjA_N?HXLIDA$0f%OYQrlxt4Eq`mr{w4f;dD4Z~NsAvPu+oU0h>u4fcxZ?0m8|D${a;+z8Tw)jYE-G%a8baS6*i#L-h`%ll&I z5fPWF9=4S^=<|~d&mSNwhTiSl3+T<^wJY5G(Cvd~vG!}8>sasnnG3d?G;;X3kzRno zzh|6R9EokvwiEw8UU*vt$~#0|(NIeU!7Ug4{!J6Nw;kQFlsx{rR2TL=$p9Q;y_&*7 z_9gBhXUobJtB&h&sqpCnFzj2ap`#!7m7( zkH1OOQVO^b6K5+hy`9%j)vpofh&7J+DR8&Ij4_d~8ND2DPb#+0?51B3m&^C-;|%~& zs=~{EH?dg$)5Kz8V*Otl=aXtuF~2kGyJu?9sp^>v^xY*;*Dj-BfpsT*|MZr?#0Ic| zM_s{Y2E;>nh<|&DtHxCtHn_Hkq3T1dr|lJ}&(w6czdaue)V$pIxUcSf-)?!oczr(P zWUW^S+-zNft;(swKYSn1b@X(t`K)ebyRzL&vSWRFeU4lod#ZX=y_|exJ<+#zv57nZl)AM9NZDBxZ5;@Ye(@_NVM`SAUim<``r@)q&`)Hh;CH^>Y+7%p*jnrk_TMTcq7qoVQ=iFF{Xr$N;pl!tCqoXrvuvLbcB{lI zs-OoA1{YGEf4MD1Ty=5ej&DVj&(OaI>EKL!IWaejZua=sA(qvOW_mtf_TWWzzMmd` z!k;;K$xw0n>PX6ZPG zJI~2rj5!LjASo6O`ETFI0<+#cn*)+)L-5V?mV}R9sIk|C6#h(Vw7790CoZC-?r?vv z_?i}A(G4je7ZN8K2Q4anB(M&MvuF{bv9^Wa8=GC^nzv4mrDY=X*v`?^EI7?sonetW z*~`KScgH2`CfJg{w2o@xM5JZ=WK2^Vo&vo-A~T0*U#U;?ey8>?C=@(iXCSZDzSn!L zFy+0iA!7)&K_@;&(GJ5wi^px}w|oC%-h_?KOq{_I@3wYMcMe4<3IOU2yqy~7JWa(l z_GjP$c(+E$)ft!5lj_2kn)d1_-5e|K*p?E$qo6FI07MMc!cb~OzO(rA*BD1yJZdaa z3^}q8I_B>;?bC!9G(D+^e|iGl{q zD&q-=5l^vaxSG)$sOuY2D$p?W(@Og@&QNq--G69v=a)$x}5EMfkh>X_bC^Vx_ zy4fNTj@BYwqQ~Ep0YKcD`HG>CZW)9JcUmDe1kX3z-7Y02BKopX?m}iC;EgH{GJV!kfeSYe5{@{9WN=Nit;Mg-DkeL$ zce_zhv9Rc;%BmCO7u#>hl$4vR;iMQJX;06mDQqhc zKP!gi4I^s~AUk2p$-zHJ6DG19bqnvj~R5BGP;R92mPraTzMA;XGoP*xaH70QE} zdXqM<5d#v!$(&gzidcYOn?Y`0at~OCbg|Yn0#`f=Dkj)`t&J9QBiA@lzeI(`i9LP! zg}T_{%N>eSWw5?b|J*eJsHqe?ST}THPzRGGRUU?+5zaysQQB?PiUzy}sv4$+(2Jw% zkIgvii9W+#qN~6?zj|Fnm$L6%gfgO5JQ!B&b{D$G;ONvYm5*<{nRECj3~oXoFKPFE%trxTRr9L*FV>XtC0}Bo1LG> z+8!CIyBQnx?~9%tAM)`SoTD%1)2@YHgu=OtG)ojsPsiwchX(&_3U#oZxsX0F^U;M3 zf^a);%X1zUfse#eO zkeBGl)eimyB@N=%gqB>PJaP}anKtdQv8=9)vG6=f znV5WG2TIZLVtrLh5-b4o*^Kl-m{g|{!8)1%2caeVkN)+b9!}D_f1ioDj|ez=88JaZ=-RuoItPO2u702*KDO)9W`T)ZZygI zHLr8mJyJiG;EA7+_IbGKVJWc&-+i#S*wMMkyUD}4QM`g{r(euWpQ=6DSAmu4C;Qi^ zD2k{6V~vWNbaV8HpezzL8mlvz3CKr;_mHFIj!2??ri_x2&DQ_Ds{HsRYxWRuo)}y( zls<~>vtL64K09`dXiiCzP(+}GG2-t%P`>W)WBw>Su46_+NJefHQreM-Au~G!$7xE5 zWN|F+1#j2`MvErnG+fh=RlQ=|6D6okrTzS}pW>%}c8IykOtnh@w;d(1QPfdGY6;yS zJ*%PK_BM=%Cncj8!Z3K1el&H;E<>4mWT}3fr^1~ej7wX|L;L`<@poZ&+oKc0xL5CN z=bgD{Qr-snBaNLrFecz-erYRwdi}dDE>6#Ubz)Dh{s@rN(3fYB$7iW z3dM;4+|kpi!_lPm~lO0)L^x! zeH?-eLh~m}yyKo5cZl-PLal>}pIQaFwBHtE<4S64z98nTBp6x2j^;Pv`?ZKVb%gPZ zTQtEUcU$c{1~PATnm^uerBd@C7|09ttp<@nmSmM9_#&3X-^3U_k@uh}N^NLULi%ynEoz!I%tta- z)>zc?YA4GUroIDnBdHU~tyjy|x-Rbkd#1B~AuBq7;VE(tCcguX@5#JT<%5jl9FlvD zQr^oC=AY~p95Ik$e5{0UZn%hGq&|l*RTEB2kocjdW{r=Ity_1Sg={flfX@ zsHOPLLPTX;%8p)BuJbvC<|97LWa8*h78v zg^X6@itvf0`h;ObP3jf{P>`Lo_D8uMdu~+;|3o&S$`)nVEyOmqL6VrcYH}1P3)j2q zG^Bt5S0PUct5mA)La+65=I+K1z`<48Go zKy{tPke(F|_fsJkmrcS0Yc9{V$A4ky=3?(T5kI+ltY0Y0jM8~@$KY|f=o}*FQN5)2 zyr6L7Ka?O`CK}>-UYE!AtMr-r19muX4=kjt3;Z$qrGSqJoeD={;>pDeyvM{C3OqjP z!_4I20|z`ybuDcCO7$N^z{Ywk>}pH{08QJ;uO5I z)g)uxSSgBncIKqZaboYJK5b6yhN=Gb>xZcZeGnXVKH7C1Ml-vFCJPTKTbsNdl*V29D@hS< zps?_b*KN3On~l#N=~ev8hKcV_>1zPY62{^luxV%j#$G(c- z%F>`{5brDoKd2eVf{s7oe;0q)KKGB}(zcQCdWv^WN%k0RHow8A=tPR?0mG|{t727= zZh3`Cr8tLE9j6dgwgbxpB(iAAcSxQ zra?++Oo?Q9O>{b84bTi0sL&<7PaK>-rxzx28=(1z{1kYv=65bP2&k8s9#Azn#o9_R z+Qb?n7dr24YQ(?21N88(*KqpVLiox{Bs6P6hOpd1Ce(c;5~C%(%W_y3y7cl)vru=h zrv^pBGT-u#2&GMp0Z$hE*zH=xlQ<6=3Lvm;_hJ@T^5pWg`899w86B~OJ_3>RLinxP zi2doJ`D^mdeRrFEGol_2=13@-~igF;>;LsFF=4E6709 zf}U*w#B?JFKrG`d3A#Oqu5WL*w`AMZPoIf=k(ImEp9cCN(apxgMg*L(Utcz%{i%>zB-)^`LVa5nj zDiWqsQu66ND~{rs2Hsw$>}>h?vcKDW9tO%h-k#95&ZT}%1|*#gsX7cWo7=IXHf6W& zw$3{;u4~=fw6>DP^yxmizFXV3u7t@{8s5&jIM{g)7ej41b=N&t^v)agzr1j`A(%CJ$M|WUJmzvHsp&mdiIQ=+jyVs5F z*Q(orU&hK`D;!<;PiKdC=HaE)>p@bVOkc!_0@<1`F ze~`mhSO@vCpE3p(9IAL-9o;L9qOskk^}Dg#s`+v$d2;E}{wYvxGpyTrOuVf1o0Lw5 ztV8?$eC$8ek=R4P-TE*3r}Qq-jgL+e@Aw^RfH3gHw~VGqo|Gg;TyI1sg^UL60(d@| zE|taE8XTvLVzhg_Oq`YdapmjzVj(Gy4zmR7!l|9_1iY$ec6b4687NX>OmG?|SiLbk zk8>4GNEQm0AN<_v8&P^+Pl7WVQS>TjsexQASjA1~zKRIE6+^ zp{5yrOIemU zrf^A$1ol!NpsSQ3?@q=RjAbB>)A753X)n;BHG{&a`sZLF8DidKU^3P-*d)j?VvvLJ zkvUl8nt1qz8V`~CJ7RfHFJ)+A?_XIdn&JQKGt+*v=cB^93nA1dA_pF+ssLhon+qX+HDXSj?bBxIEzvy;7D+1N*c& zIG569*v^rmXrIiu$90)O+G|QY(&7O%JS|+Q1qgHGzh%u(%A;aB+~D};-Ul*X%sn|l z&fr}G3OGRwy!`|)=;n$sk>uGFmU!D_eMp^%y^yAgcEF+9P#|E+YCgLa@so1ZRF5_v zM!j2ZDN)oz%2bb;z&=_kb}RACD5ns6+q#v>wAIeS<5=zjs-lG;(|B|re1C!Q@EP^k zF`1@@>$1=fh|M7s12if_`dc=mQ$l0C%5fHDiM;0WS(kIPRcxRLxv=n>KFvM^1ZNn@ z@Wl|7Myp+Nkx)E|CCr3K!?8qU33)R2p^FVgMa~EA3RzZ!Br+cjY89?8Nt2(L$)9;6 zf>)n{&J#9wf8u+J$FmEf(*Wvzp5+^b1Jx0jhiFN?fWVuTZZzTa0574csfO)(mLv$~ zCgxWO@-s%9Wzu^6Ok!Zs(8iNPc-{-PMBhCOx99@@B?V>+1H;`HiXMid5Rq$!r0e)o z+8gK}HG_7`#lreKd@i>>gnRf@?Zs2$@TUdm`GMS)&^)BVA%6`?=5ldgiFu?YwamN3 zOrF9eUIp)wcEzknK-n9)e#cX)LoNS7Ajt}DnvfcZbkE&)B8gvS8FoC>#T!3sfT^}2 zY@aZolr&V8MU3SfYz$xVlKjv*SkCPD@+Ib(nhfBeUNUbr^Wg~YD>6+gOWK?Q0 z7FUE0gU|<3l)b00O0w9=pa^^l6xj3;eGz7yQ*0IR`dj$LSBtO)y|X}WoB!vh3y|~K z)ARL@1mN&{p^Dd;vC{4GK42>s_Va76r1q{PX&!hKaqDBLMb~lNdXRmmJ;{Qsoa1{m z+Wa&RUys6Gi#d=CNJ4Kar<@Rcc>~O)=gVGL_xK%M=sgw z8iNm!$5&nO4J~^iiDwR;QHEAq#xRRC^bJf7^6y3fQZiHtU>Z*drcq6Z!Vu7t`?wMr z;A=-b;~{yxLjcWq`<;pIJt$=^s*XYs(8O=~d*y9Fu&N9p5IK38yJpHiKp_P+F8GnC zq3F4)SmB6h0QL4rxvFT8LP)(zGs{|pK`5+;VbNB@y)AsKk!35Rja4Nk{?BcYRkAvo ziSAy8hA_Bwl1~qBZs^dx%D+dpZcTI~2XsGwf!X&J;f}h%oAg{PTF>=rZVXxU5U`A; z@u(W3wCZR4i1?Vz=kIm7=(dp&nnejj@6XAaA<;A+EYLOJ20ek&I zL%P>WNrd8`5;5W+T}nMEeDC;om>@4+oOis=z;e2-o;ku=aLJAH`EC@$hmU8Zc3noG zr5NFinSGo5rL@@w#`N%sbv!uA5YM-OtA&^iA_A&Gflvcd z#eSB)t~F(wG=GR)ZSkSCzuo|DT&e}*pZ!RrSZIdlXLUeWjl%kkw{qM{3R5zHLL%Iv zjTd8qxa7ty%e%i|7bHl^V$9^X4_**!!6HNHt6)9yBZAC$-Xfg0qnD#lyfi}&F_5U$ zN3_~J_bh;KEDaqv2{4R8TCQ#XL3qoA(9f6@OcKk74PIy{TV_g-9q3(qSA=U~;^n=; zD`y9zn>rn25D_ce076U3Y63kdf?6Bg~N9p*)Ique%;Z!C~?4EC5qob zA^dV_o%=w_7bg_$4+DtDB~U0_RhT>obx@|q(ZN02Cas6Vnx;BxLZwaTb(k{qxKmSWxbeY5FPaw>8)OK+4JJ`FIG^U zatuU6EO&zQAz5oA-ubT?0P{J$w3WHeSu5eyKb$f>sSsfTm$tQ-10=fC*K%8G@bbez z3EHtl8Pnq4Ib4MQ{A^o#MlNs(F+Yn4GReo~uZ}oS?RfGC-E>+3ERE(beKPQ}<)#DP~xe_IxX3^f1pR_86vt8OELbsCw z_JOrIY1$Vth&S`x^)^TT(#@M{aYtlgEb&aH0d>sq*p$tM=YwOoXF6E9NS!k)YT2VB z8b57zNKybMsx6|`gYlY6O0GN*fNvnlu;rMNs9_oV$1L9O=AQ*gO;47rKa$)~7N@Imc=zGk zJ|)3+-EBX22Y7h5{U0xQxaJN$A%MhXbxZSC!v+q`f zcG8l__sy>P{q_rM4SX2N!Wz-S4t)}$p7>OLJ1Dxk^de+R&D+UUAdlNKPa7<}%sP1U zR6_KSi^z@&B`XC+WAUviHx<8y;wr+a%FKk&sQ+jpNx6xN75Sw$@-`)%@Q(()~F9(SK(a6t$)*NT#F8aOf0Jn8m@z;X&kr z(t>u?&wj2P(MqU(!AmO#UBGPwDmWAS4<`pHGbMCu!3=8vg4f34N4KhiXI5PdE}ej= zf8A>jLVv*RG8IkVC^N<9YIpCG%YlYq#&ki(``TPqETQrf926z3Go+XBSev=2g=EUn zyEbwHw-YSOJ(cQN2h1L0%m1)hpfGS2dn>A_Y0wqIh8Rzyt#@zv>UJn9vh2yMwn41L zZp^4!o(XJ#lUSxLlenk@ZMN_w~wx}?_YUKBcpm-<4u9=fQEu#XX4 z5s6P}H?&VEPxY6(SZ?S;LQ5UG$&cyWy17fY3edn#*DaPS=Gb#pk#`CWnnX=>NmW5K znqecNe&jTnR3<`ya_GcM2%C&+H9Q%N-fu}$yPibezDE}1rSK)jlV-BsG+kM3up-pc zzy{-P*7xbwu&yDJ*hyxT?HMIbQgRfBma+{Gl zBo193R=FKkfyXwSP#70E<{q8B!VoxX?JRl$u74p zHdJ(n1o@41s1|0~z8WnCXp${;*tAz9%JTOZCymY0jDug@;hpfA{f@d%VO_3b-Kw^it^+P~pqnj)<*DgvO-Q&2JW zhSO&=gDeY)!ATe4O%p|DsQx-JEWV>k?hJNqbZ1)ujDKrl_HrQe*23a}dor5?;BvRR z?O>uRG;h!&o;*3(7*N~v$?Kyd{Rn086icBl*y%>dK(ZvoQc{xs*;=JuXL)KL8QCRF z@;OoZ@VHVD2-Ckwm{h6Y|gEB|k2>i)Dhc0wvltrkuUF0u`8_}Hx@$Z<{3 zY{0r*zhFhe*w;7x(q3q5a}}U0gqysGP`@xgrhq{V33)*-PO5}h^ga8e1cT*;r>il| z+z;Nroqbz7>vE@T-;}qrA0U47au^3j^MhNn$Ag;(_co?MZ8G=LOdsH#xCLWUvw{i zyBFIUKPkQy74Oo}g8jd!sWO$Q=LHFrvPP|Yk`L8;!F5J(EYge0sSbWEW65Uw$o;2B z+`?H_Ppf+rBEZgw{g*J7R8$E8g;pHip4~=Dt)l}TXwys?@Jo*f7A_N9q31FRX~$EdaHiU4Ch2T0ZL4CnK+4$iN!n0=ay+;|u}ZDwel5IN z6VV-=;tzC1Ru+mC9AZ2}lRHqgKv1jc@@u6QT@m}3w#N(sCw>GJ{#t-6B&s%dB(94@ z6m6J`gWMc7bM^tS?M^q-^n0L@%a7<)!v>Kj@(Iw*y|PHkyqDW9*njm!X>Rz`JRlo% z4Q*p^v3`|gLLXh3$O2K3sO3J>P@G-oH`-jE@w&-^`3Irb;~&;i2jL<`?FV_4Bc?MhvbPZ^&i)go`$? z{rd1+<)o2VWU8jLkplmW?7!U?R9d0DO14_*jCifb#3%ja2m~a}eXoI25$S!hs)<&3 zCvb02|y7OqP~6d!e(V29e7sxJh!WX%2S7=HV$}s2!#lM!&8CPL}hg1Umt59%;*XTbh zS=zH&pGBIhHQkzcdpPd_f&s{6fo}cp>XH3F)g#CMsviHR!1`-p{}x#5QUa9D0M1_9 zH)*U(ydl$@$H3Wu?)z5YU7vM!7ZnUuL^gbO2ttJ5+O)HbK}2jeC0Zs3%z|gQA10q7 zzV-$Nt~!KX?mN`B_N{&{76hFQiMY7dqprb-*o<0w^givEu25Hw-0Ltn-`9Rx?S;(T zdp6a(>ayaoj%e_z?GMIRYm$j7xm=q5!fkT?Yg%mZ=-HGdJp1$s-E;3i$x7UM24wX+ z*eqqO-ssk&whN4{xRQ&&&4&6pyt+4SiJ!>$8t;`l`*eMu{VlLw=v|)P?KJyDcY70c zl*rZecs!M?)XqJe(CK}IY*bwu-^}QIAT1Z~Jnn6l*aKik6z}}FcSsG#M<(5;`10}q z@?BZNhT!(w`$)KAlotlsHCf z$S7pf=nUnl0ZsOcHd0fMNe*iRfR`+7Qcf$Bfru6fa=n{Wy~7m0p{ZRe9R4|lTyz!e z8QfeUHz*C$NkM-O|Lf34xEDGZcPvvTx-N3&u8`W0pt7tRklp3!uh7nx8>!BSDVt| zW#Z$97~cwrQ8Ai-n!RwIrwM=3S^y$I`f<4cP-#0vi}egJ&~AT9>p6|zs+T~p-jP>O zOPhN+_zA`JFUdym!91lo_@Pnhr@-y_0t8yW!F~sXu&~oG zVVA26wIjYLHfGqUQyqFjT!tc~s}!---wVIn!i<0e9LhcBPM6ih(iT^ z_-FEz3+U_H0I=!T5xBQGd&Y{daZxJo`UBf?~TGc^SI0e*OCtR6i#fdi@ ziu>}TX_iH0<_IFi(GPwfQLp-`pq)r%0*Y@X8T+o@qXY_!3oJn^tebM}rN(|6+?jfX zMiEevQ?x#^goWnU=f0Zil$7L8;!NDIjP`QF5UkgVB<9jmUvOhcKj@_&rsi(mG;M#^ zmmMdVkWe|d?@#YTfGU z+3J~5n{LViN`3@k4XmIOn?%*N=AalimsZ-5yf>HL+aREfM-P$u(r1I7PM&0hIu|(9 z3@u2pCB1T}d|Dm*FnEhBTWb$gwJNdD0Ym$=m{*Dx8G$OmY`(T#sAj zUkUCa9L`Q{BZ_rlrHd{vLr{$m6H+qG4OQ8*l^Y2F{k$-F zxjqSkkotZf3G%Ietg*c-BO)?au^5_(=-x4Zy?40#+K2s|xoQgb`=fM? z?^)@d{6lBA>CfJX9C16XC6P^dMNkNP*rYHhN!9ub5?L3zA0rLn%*!R?F2yrGC)mS`$aG4{%tx=r&$e|=lQIhrWFbW$a zx%at*n$qznY6lbkQKIc%FY%)-STju7Mx(jYo~AwR(qv)Eh>3s%<4^E+MmT)dqSk$3bzD@;fx4l>pJru z1rF4rH+c^=@?jhc>6O9-ljKy*skU4Zsx)BcG|!2gvh9M>Bc{tWsP9o&%eB@%1sndJ ziSN3Lg(_3W>nDq^(Wft3fwT$y86xo-CMI8QZ=+%ssMV?49|t2MRQ`bbs+0{ad#iWLcyvv@GowT^{R>NJ*{RH{y=;6Sb;A}JKa#FA}_kr++nOPBw5 zlVjwT2(J;(vhp2<#ebP3&zmB!Pe#yGdrAsHD87-9u!7k4;#uk}p2aJh8uN`P4-jRp zuf{v!^hddHEfko%e@Wt85Xn&(8pPn62(U~O5`yL<2HjP}ti=OgLtZ|iNS-kwr(jrD zEEqcG!$~_GbzjZ1Mn3q1CKOCrdxHzv%{dF$Kz zZa}5wU?7w_1d+|zbQX&>7QG_ivOg@a=5hCeWYJ5LYcvW*sw*yyg%Rlep-t2ggl(F6 zzThOyDJt{eF2~&X>Md+`Ju?S_<|!=oJ0g|0mc~jCC=)I+*iu2y^c7^T^s!F$0SShR5LJ2UL1caC7`8PVuAHVk zwAF#p(LjT*PsvkV{H~3-aTuJu3HLR%hyaLaTj{bJQ&t5)az29*@X+y@eM=DhDjEPW z6tr)5k7@RyF%E#xMnC@5!YYaSGJ4{Nh(5ncyE$HBWYF)lG(KG_%%V>|`Hc@aSnq!x zit&qh#?42PO+OaDZQcaQkO$-Pz66hebPw@)}Rur_! z0q~EzgQQ3T@iWnOyrP9#aF0YNPK9~JM@iX6Y07EqW8!|O}{qa=5DQmP^g<(e$6X|qvXulP=BE9BLg2s|QQSQyACLNE3zpEJhJxK3sgdzMY)T2Qg?6f}@d-Oc`s*><)?|7Trs@SqIsnZ6?`odoKh!)E+y4VQ^8c!N3j}4#+CMwVnEPxp3Ijtuon*>uZMt|1Ef()Ja}v zS3I^2kD|xx>m4k-qVmT3gXizog^iDe>7f+P!kx2=8&{ugbUeEvo$+!Hli2JpN6k+1msA7i^)%4Fp5;Ykb2-9u4uTm zI%g}l4oFpWv2n1?(`JKfk~U;m+$A-hHv&cm&)k4T z$!v6$T<}#sDy{4ux3#ZAq&)Yvc-wYFEpP%30i=-avl7lB^-UJCWr_2IPU*=kuZzg` z#NETl4vWD{#hcqRJ~Z3A+qrlK#-5|b5=O|6<)$Za~mw-y$IKk;n$%RH2LJmgYOJYDt@{kSj zO0kIduIhPEZ~LEh;Sse$x2;EEIVsB08AxCSdUy{NfpDMOcBu!{z4ZJ}rHVO^RXZXP z+iIEfDLD-C;F=yzp^eZrIC zk?U9>^H}xF=EeIjPL>w$q%>Nv7S8I4qhYZcSK>zDy{Yv*9m4-{$RTkd`rO=@SAZfFy_8-9zW{9?}PP;a*P8vN!Gs;e5EmNG}qb6iesOIEO zi)(pwrv0hQWXOr|W3B?WsIBn4U!1qJfhx82LCEIcIBWxTsvOnWlZS5iqA~z{dz*p7=h>u4Xtcgq-~}oR@^no0TVKb zv{9N77`b1QmxjoAx|{WBy5V9A`|hD)CHs1YauP$ELb%~gMaV_p^cgd{Mu6l76SPzz z$FM`;H-f03z$JHqnWl%UyCN#_XAAt>N&IxlNDMZ^H|LJ}lkFc-6~rN;q&6<9%2-la zHJp~uj;d;P(<3YHfi|j%TdG|%@#D)4M#|fQDG`*ttUJ>p`G}05D&zsxpE+E8@bp>b{nkf>jXGkP0{uz%Y7!tg;bD8fm*L zBE!{Z(36wQbco$rt3b)6#L{ zGf(GUe=YHEvNN*#dt0ibsUhkAY5Bvz>NEw|GfE&q%apEX%cL^uNskSs(w&u8FqvAj zLog1DtS!nKz)Uh_P#pnM`~OomyKH!)C5!PE9n|z(FsDL!ha0;&2Qh`-5qB}ac>{R{ zmuN9)Cr1Kk689{o9TZE5uM9Qi1?0K??$T1JsZCW7IkK+|e3R3X0CF49PbWBWGsS7= zq-|b$Ex0#236}qJM$A72!J+_n7YULm;{UX?#pK*rag;-)VJ@C~kLFck$)KDXpZc|2 zDH_*;74`DOk>B++$MV)qS1*^(tkXjtkq-rdLmhyW45y_>%7(j_D95nl7bCPa8W9@g zwenG|(&vKyqI43ueo)8;C}>uhI#Uqex=Y`2funxLJQI6LERHo4CU`SkpE3{s)|vF1 z>_VhK6p>jX>2M0CBxO~jV_QOz=q~Nx9W{#Qn|Va@N?G%*lS;+-pE{Ouofo|!Zk2H#jdK) zn&p!USX;8yzzJ=|kHYjGoXmCn4uO{wNtDEla>RM5~=Hz4aaCQ8*7G9&C{<291*xN5Y{<*Nbo9& ze6Bx9MMaqIeR;u1JXju?QN#Us`kS>OeWugX#X!^n8a8fFvS&gSqsJ~<>}58eg3Ex- zRecEQV=6QlbX`2JZx;11jM3jNm~Bn0lb5h4TW3Tp?VqrAUi9KCeL^9Ibs=Ii&1Oc! zAa(wh7w5A^h+&@A)}rvb$3G*>xg7IxAG83+$ z=(_7X9DybdY!%t=ftem*rPb9w4uteh`j$wsuS*H4nGIFIh%EbZMH=wyl9<0zx4?Ks z_&bw|(+}0d9}2mAerh4GgT+)h%@Gd2feVULw1*OAf?GLWddsz(c=wlDkewlfyEx5) zFAfm~f>4y5Ngsg@RzS4Xwm9AXGFTCNNfYBLoTs{aBS%m9UVtoqk9`jO&Qvm&Yj*2D-Q!MlLR3{OAa%h8i} zJ1m9bS&!G>67)nPjd?Z@dV&vfTi=;XKxr7`p?;BXQNUF~$R!m{aE1k6B2@8-0N>E- zH;$hP>;)tTW{nJiAt{)_FpdFNQyk0#8$o3uLOgL6Uc~WfKta0Eh8rSX$ptX>sT$!f z!bJpohf<5$;B0#it__ap^(=2I+i!YK}qtQb)IaX)uI7*)1c)ds(^VAu0 zPuzG*t98vX8N`v%s%lg=9#X^U3~5tf^>)AVo-NNT(7^_~{6a>S2{lI=jMxl?0|8Tk zu%z+R&*z~c`r>Ymbz_sD7Nljak7wQ9ct#1$9ggKWwiY=}SL*GJ8rpx1@IWUAE$`PL zgV4_kVXu`AT9%V77(WWp&E>sXQ;;3|3Tgk)3>q7@3^Srr{7M>ub`L3GIXAN~YPixn zIRQu*7+8Gh#TPi~u7;`5;<`;(FE3k`=yAd+*!{q<$4j??tULdfHp6x5|J%?w?z zHjWPkNwtsv>vEtXE=Wpp8VXd=#m2yl9@+h=dkN41Pr=c^LSVl2ve1u#Mp!41E4`v3 z3bqMh>4qB#ldq9MlvH?zHH!AFC`mKexlHz#ICn*XBrs;eGSwW(Z}t2w$ntS$j4K7; zRII8f^hBnbr<$Go=!g2M)4__znH@}s9Jeb=D!EVI5h}ghD@JgD(?{wsV+i!P&^P zD`OG|iV2Zpm!qFAed|D9^OkyN+eCbfg4Vi2Lfnc7+sc9U)~n?}Wk?QOmkzf1+D0?Q z;M9eXk8UY=ZJd(&?%dr*l^!4%0LicN`+ucaR{H;-SVlIs|CMO!R@?jMqk#3@>oc@o z8@2V{Sejdax$F$T0kKHpM%KxP@8xy(>MitWZ;tX2|M?Uz6i;Bv?Ap3&p`UFkN)V6y z68G)?_;CJNyE*gA?t0_%J!jo3{{3lE$l1J_mGiahTDbUL&gr%Oc~x<1^YB~Oo*?=s zRd@S1JH51*&sp6$a77w*=ax3b>l~Uf^{PqU#qr&QaZo8qk=wfJ%GuS;bEWlNCior= zQ(2pQe?EXq`}KWiQg?mHx!LXQ`FI%0;}sRS+wJ*HM}-IfN3YMX5<+%m=Jt!9uOH4n zUOt`~&RT7F3V*Nu5vu|(1-lu|Xn&?cIdhK%*3CnguXI<~`_@QVMCgFWQUStyqF-v< zMLA}zb@CJGT{!Lei|WG^duMcN+Jx+N(?k!>;qS(^dydXs+ge+f1vH=DqGaObc$eLL z|DjMbv$2$0Psmo8%)cKFH5^wS?!kvRbPxEI%yZVRCW3lu4DDkEgwn8f$y+l{jRYaK zU&QD+y7_HV-_Pe0j>ian9r@!Vy1)ijn;WQvgsP);Viyg9p`Aa2RnkD+8nebSbLBTa zLu9O?CpiMf{?By8*>MYvFrE=ls)-5qz*V|U1Ra$rJ9E*T>$B+HjFK(K!ri;}%4t@b z>>;OXldl6y%+%z1bH&t$I@kc4dm#LL*yLfs@tC*m!K5=KN2QT%RidM=Mk#527LADu zmG+Rf$gr*|Li>ymkKQrL!HHu{`;yplxLl{RI2uo?u;4@OxbW|3bDYBQ2`k>OsY3meW91PLOaNpH$=WlrVJhsd04R{W4yC&_ z1gqrODt{o~NhGv|QY3Ixk_4=P*gMB9Z_WTx6dcE81DFg=koP3BfqZ0T$T>kbBZLkM z{Tg?9+KC0=qAcwd0EVH}>N{nItqs7&-?<4Im^1}4r{M^?+=a;NddrlF+a4ONq3IOG z{ThgX#sf!itCjnDCf7UA)IyK&5|Yst-9TbMZh0S-Q?6|K(sm;aA6-4jZYyU_^17FeZjN; z7MEAn$0!zXU|FuiTJB-0Xdbof6AL)8)CY3W?8_JCJMJM|U>1<;2?kQHmv$~k1glDX z0aCGaI2veENnD+T<`$9X%cvXc<+1RsDneANgKV@pWzdFmKx~tM7OHZ*<6J>6jIUD; zc-y39N*w@85|~dLLdMI%YGO&FbK+(i@5j)}Mc2Sf6X75L$>)>hTYaT@yMz?4lhCk5 zB;!M{M+PhC`XX(Mqj7_}p~>u!@-48@KO#IeFhs!@NYWLCp&c?psjUKSfzYJwSFQg( zJS&5sga~u}$}6fw2!m;viSp|Xb24{yvXePQ&iW%+kGM+`+GGH%D=hFDS^0Zu4|^Jf zU^Rvld+S<7>M-5mnj9YNS|4+zN`%q%W$R(MeEmILiv+v0MGfmU9xPd&UU!kFP^yS8 zo|7jg{zEGKP$+CHMrEF+$yNAjQMPKL<8g}zqW;3{OGzZ;In#JfJ*-Hj^`cL%spB6) zNNqSHL_nP;okP`hB3qc?Y!T=Aei%$3}6WucR#wgU{19%RuYG_&vU?k9BvhAe-^1E5N1jE5ZI>zm)^NvIibQfF!fN3bY8%9Qr&)F zZozRKg^=J6l1fz0TpT{dgYRiXNlVD|5r2SxqP;ZutSRKSr$GzJ`=&JUH?9gl;Z+m~PQH;+e_m}vlMQ?VbDC|QWPjXG2%+tq;TiR7ac#SFo0(Ymw`meEK5fB{>d&9?tGAOytakBv_sracM>RLzMriYJ(E#_N0nT>P-~JA20huXA9Lpjynqxp0 zj;JHru65fn(r_0qD@x>-B5reP2vJj!RQUoIxhdyvXit$Lk(#c;ml%@DzlL#=RYQ^P z*ib_`HVhNBba};#eCfILyf!4_@|M!06=8U)A(bnC>fCtjK^ICG_iVrd#MCG|s+?v% zcwg3w11NWf7&cW9sf*}`D*iKwpS#%?BTcz+uyO*_J}Na3&Ty&k(xYAK$3OplihyEm z8XcTSrUf_&R0;*V7EBZ|#8ym4Kw%Ao5NX;V`JF9{o40C*p(h_z3)g#MOZbc1osGcc zU)H5~qg#!en`uqM8jo0ohreMh@@u(|!_eo8Y4jxVQa|5gXCnHSG;Qo{&}*P;CYPWC z+o8bOu+1{ZR%I4`|J=PNLWNlLCZoX2A~M%RqP&A`E*-Or~)e_a{8sTV5>0DT}yA+SA!dqJ%czJRI@%fQ0~A}<0<2!X{jH>2v*1z#+_HkZPc@aN=$C^6 zMqak(V4?~H-xpkfay?^z^}jqY{Jw>;`{plOxMfpNG`Wa7p(F=F%MB%QG~LB1N{Kkx zC@k^bsGP|eGdNW9CWjhJi>idoQXs`NGI?q)vLQned6h^2H*IX#l}Q0h&7eoJ4fb2< z)O)~ZXxh;*M9w$Wh=qA6i=|Avh)csWeH}Nv`{gUh=JH>}*Z|=#L z$x{{pFhCVzvBQ7Aks1EuMrLAQr2ikzwrjPiSga0|ohzzIR+#e9_+hpxfH8l)Ac<=Y z5F-4j3+inns&s13h}GcmaV&u{=fBn)yXMZ zJnI_PH}${WntSx4W8ZpeqdAjblXF*DT?ut|u|X1jaF<49iew|Wg_wJ#}w=Kp%Y(@5XfuO+YE>w#?mcLIRq7(Y*{$p-Op>g+Pqk7 z24T2MO1G`Gd7myEw$|!96ZUYrP+aIQ8YEsK7ful0r0cy2qu;QvTzO+Lx_j889dppyD3q9eqVJKJ zKAK42O%(DX`sC~xX-&QA`S%ld%vbG$pozoyBU?OW)3h~g9$nCpT9J`O0%sKK$<(T_ z3R)>cCw7LEBW(2MHJkO z&hIh$OQA+CYj%Iqu0}U8^B4$vmhDgp@*``fP`$59r(PcsVEpV$B$ycPeS(P%HHNJX zK2|8X2s)|RjW%k#xEHYrx3LMOdXGs5rWd6;K}T(nUC5$~Yjk`Id2g+)t@zI1^c81f zTgmrrpJ+2d==_ls&Qsnn=O8BkH7%f`dnAAgR0{Yob0+x4`26nkbW8FPkxuYpkLX!QpJXXc@RYwDb_^g1 zpj@+&$IyC$nUf0Ak#rM}?pjayb@9ZBeqEP(nadqsk4#>iD6-&*fdCuOAQ99o6snpC zI)Qztp>GHsv`?>N%{pfqd)~e2mpBzX-@!D`YE^iBalP(RwM)B#@TjCD`4ETLz?rHP zg`L;SXsb1bC|R_G2+yxaX+m2Kc+y4pMLc?rS25JX;9Ty<{-vQ%j4sfDjjP0HNZnAN zV3;959s+u!hl&bqGll5!{WY<__+AUK(Q!ageCRm$}%tR~SL?)%eus{>_)##Ru7oDawAPyo?zaET-iB z_u%{*ui>R|cD%@66xUTvRR)stCXlPN(2|Tsr2>w+I z?08XZ!ZX2v0R=sqWIUxCxZ`vI|81mjpb)&nX{DfpDkLBsYK@`7PR083(IWs9Xn-F8 z6FpL=!`@($%Kz5F#oQCdNq6`|%R9S`C6PNi0s_Y3-Q>7!5HM!hWAhlp=F(Aa-5^6iwZ&Q0l&z5}184lNYryp&m9YFSTNlR{{dlN1GA? zbt>U)llm&l^R0c7 zr}-?ym@b0i1<6ncfY6D+xh%KN0#)N;$~MDZsHsP~U>>ah8dvx@S`6P=*jf^IY`IF6 zgYiH}#G8#}HtxH9(*1JtAYH%O<^84MH4;a|HFLR21`Odu@n zu%O89adeuWb-(mQmC`MHfGu6>oVk1I9;j;uuzpDC{3HXxpB2Wa>hK7+gexDeo>6?x82>HaLz!LdT-!$o z&g5Prj{tZX*(nTJRE`%lO$^v?4s52iBGiz&c(TLR{shT{`?4-;gp=k%telem;A57G zY)5?97K=z^Y8XB7ov)9>Os4N_+J)SUhL*FQn0l>;J*l-)0n)01{m&Bz@895SS< z$VHnL0$Bu#ucR3|G|K4?UdYF3YQ0Q;_r>8vRb=Gpd_|n%&HPqkm~w>K>LzSzWM^3U z;rAw4BrY2-SB34}-^IJr%KKar1M?Pn-7Y$Fv>7!(H=b~?Kz)4#Gfpu^1pSBnd9~qc zsK!czCVrb)bPfc8aa9AO8&QQV!4{A-h@;bMn}`N3#6i&r=reNUC3XY@eWVr?`W%u3WH&sJC>ThV(TGAx-FQQALSvCAlewZ)kUnd~Ys1 zL&P;ZZYzncL!;@Qh3?EHZ{)Dv5uoHI6?RFsnUEpJiDIWYTx*CP3trwOvn6H-;_O5x ziod$^IVb1o>G^Rb@D+G7saIx(4JeA3AC#L?J^?$^DxumXBB%3vG1kK!k|h?_*K7<#o#Ms1uc8Y6FvY|TX=yQ*_Fp0;K=<@qTl;6WQi0sZiFeB1)A(Efl7L#eE8}BhrSuRWmulaR;`$wp8nzXnKNSjvjVY3xA z5GfM+E{r(Bf(^E7A${5^0Tqd$fPR{#sk)#vTQtcX)ku-t&%wtiYQ^~ZD3V-BQwm_~ zg0kS+hayz=DzS-h*tJerO#+xJeVc#4dARx{-}wwrE>0$oOu6>d*1=~Z663{KgGmw; zE|ISq*;V*FpS=wmgle}xeg-?ch)w?F(w z{D^ni0z1sRF7eNaKsF%H1Y6*C)}WBtE|rz$k9S_|1Z6DlUf6xBUcl56gvM}N6Do=OM42+RM z9+*Ao`J;Fbq+oD2*I)U7j-(J13uSrXTNIpyX4`R2-el$KabH<50Oeqf;{KYA_ulnh z=8gQ+%{k3HF&@2kEnY`Zjr@vxj z4aG20K(|X1!uf@5qHMBY0F|0|K&V&8=vsaZX&ZaZMcg9? zvMGtFy;t0{V&8^WCr?k-8ko+6vfYqqJ!fvSMO_P8q>>(dq$DAj7$pi>m8o5yR1N{fZQDz&FtHS#|{#@=e#d(z=H}5i>uLWhUxkx6uWV>=t9cP`{ymb#w3^{$#v73?L zowF^xqY*r{_R;WLoNG$XTktzoQFYEw&Tu0bWEwJ*4yogeb(ZiUN{|!0UP)0nu0M$t zfL1bD({QiYh56+!V7)Y|%b37g(;bW{fQu)LApvz}K}KLrJkYp=!2Z)6sF?mDbZzqh z{FVWg0Mmix3qu;Oe-f5dwz*Sa5Fe}E2^dSN!aWj^n719La`M4?h;@+xoJ_leJ&`C^ z4n3F1)eE=EGINyy+d9zu zga*;Wup{OX#W;hVjj=0LY<;@hUoM4*5Uo9l!w7wZ);frq%`MP#qzQ0RR4bn+#Zh4A znOVXtm9ai3p?|{S?kr`&;+=Kv;5cA8u=9()^CzF0Z-OSe^hDaH zO(6)7|6Q-LE}LiU3w04FV^}|`ubrA{cgd+svN#vkrQwVbD9K-Ap|LvX2g7rB4qk;0 znq(bLVnQcQ`A1CoOJJAe`Gm-B&5!+o7)G*nPch<4GIpvkNGy#b;ltzHBPgt&0!H#l zm@QBPOc5Q1KbnZ;wyP|z$V{;j4p{w?7>PK}E&RZIS2@)K8@(H^F7vn_Fo{RhjQN;N zvJv~?LI!nYu~iSVfczFtl(EngN>x(DVUqTYA~Tcf{^#^}N^F8h=?|1DA)nAqHra1x z32@ysDOM_=-mudZw8~3TgVaLe5gUXSGZ2}gIC`QB3^3xl;`7Omo$RfW`W00GHYoG3 z8;-rZj=N1Fcl#S@6J6O32$jND8!v(>kfNRc^nU=~x8HO63x`3`nTH7~5?rtrQU2 zHW^6r&<(6(S5f+KBl~Gwr;~MiyCbtrC{QRY3ukeE(?0t2!xiG3CktJ}A=5Ss!s!Sy z*V3HDU&OlJr9NwFXy|U3<(e+=XaW{Om zv9w^Lfy&p}Pc=N#rnJ7CB%oS75klk=uq_pED{-xPDG)CuEE*$ZH!VA}8rNy?3|y)* z{fAR#5eyg(Y zW9QZ4K_FNiS_gT@D0fDRrR`s9&O|)S8VM9f3(lteOxgimR=z3u4EL})Z6mu0wZY2h zp3;}_4G3{xur@qRBO~>bu#x7Z{JTZznswiR+f5uW^JQB+)9)r9N@y$WSMa41xbr1B zT)a9Y7Ncg;CLuKTS6@r?;nNe)r}-q6T`%~ywKVfnP2>daKm0k6DPX&Ku{b_`Bl<|`g6P21 zpJ+>q19hlUIH)fVC7`ofX~%Q!#gDuGIvo}kt!wOvvG46A54!&P85UlG$qI8Cf`-_N zSjkH9zomgxH}s4%JB&6nEC!iN!#>mf)+_A|6|mOf}sq^PB#ulM1IND^zN z0H#tq*yIySMVD*0krk0URe +fh*CB^Nb@Pm6qmyH+hh+R>*<7%Ou!? z{rHO*sPH#BR1k8a2}mNGK;*9E(YH(yc{8;xpPc72Bsw zs#yZY@4O@BhN7ra9)MK)>R6p*L#2Fg6t(*QUp|qs_(PngC2<^xcy*M>91b>*K6$60 z6-cr$9YkR*{X^1HVUY$!9RgkC1kQDnBUjkh&fBKLh#xm|WaDRDZ+5;D1lNvdY^p*# zBiLXA6cKru(6X~9f!H>f!6GTW6w6DN&>8(wi13IP^}6EzM{;Lml}fND#SijW8LkZq z|2mfUS^z&MKo*@OHu72{CEpzCK@NmF@xZ;u7Osu_T^llyJ`x7vWtGYhbCg|`h+MQD zFfzfpmo_N|%PR+|CW?r7G#=*-;nI=KMGnz6S?MGwf@YVO)ycCAC>k5DHSHOYn5FHa z2<3{igwR1ZACm`SFkfZi3sc;YSGH(zN_mJ1 z+kCQRON>H*uvn0!PXs!{VW5~I zp?@?tb^QLQ_=;qVS0%;H6h)V@HZd+rxVRv|$5`ZeZdXd_faARSti>v12>eqwRyjMU zH<=Zt#d|C!LXfFe^$aInGcIHx1)9*-t=FbEL)}OhQfWx`2OvFqs2f^@aV3!cIP5w> z@R7r>tqUad2=4jmu5>{H+e1Z!p4SG{P9j{MaO66nYx1t5yZ{( zqx|#z@-S{|r;hE;ch{xP*L|m^w=8dtY9YdDBV!?3h|S!C*L4fN3NOz&Yo%&xMZ^bm z?r`rlZDr)7)-fG!5h6K&@3fznQffQujSO%d_ zJ|FPn(zZmMB+yD?|GFg0u?@T`Y-aG7lU8M@CqG`Y*Q{rQuL9d55(`>>Q0#l}g-r#s z?!2xrZ?&hIwHW8%L65#z$Zw|FooNGG{PJRpCZ!lq=S+!s`=;&=wl(8YK23?B5y>Gh zrn;lD>6%y;sMg3moWcRoq4oVJVBaVi+Yg&|sgXC)y0{5eg}GYz=or;p1_skf*ECmn z$Zlj^7JA`;QatyHnBF#JKaNjv5{`|HScbRp4LT8g&T?MHiv(Zo(AJ8KH*T(Q?STAb z!zsjqny!P)$vNj(xkMB%`%EW{hihiCh`y0zs1$AD07?=ZcjPU^X>rYxqeWUbdZmP8 zX)ToGX%Hy$J#gZXYT=C{PGbn?q$waji2z*dt-QLL^6m0a$Dv@OC=X}ecL1AZel*Df z+$kIDy9D5Pr7?LiNeU-aelpAeMrrHU0Fd}XA^^rC60IwgE5cD8|KNk>cv7LO)sWQZ$`b{Vz&mQ#f%3FNePeeO+Rb+P|+qejNNr zwgC%Z*&^KVqI{MNO+NKw!b9$=j}|s6%EKl~O=0YpI8<;!ZNl`ywMd1`qBtSrRj#;P z5>toK{+>HgOEkzpW2vizlTS21n}Y4`&_H8`cBxgGr(P10DwNAAg`ne6>l(EW%;(-* zBZ7yzSI9U0fFf1|&PL12)@d=N#wx@^4@n)F1Qd~3BI-lx=~v_VwLDwp0$MPb-b z@*jpUH(#mE66xw#n6|NU*gfg&k|^t%(v%636$#S4M$-s^bZ<^fRc}j!I>@EQhwe}6 zM_?9%WAZAxYA6rHN3e515`~F_)C}%#;jzdUs_kbd&5voHwHwjwLGaZ;}Y2kApmk%)F|hpD*v!(ZX)1=f2N%s`v@_oDju_dMOC*B;Aw&ouO*o zr>4^U3(`{3&(RUn(#obl84C%ASV?-3P=)6JM@~K%Bflor>bt zLiNS!F>m`N#hZi8UfRLymR069K}W5DH)HO8h7)`--X@Ac-=!_f?|k+F1CTv3^71zr zBm@y>`G($-_GjzIbBz(d4#7Gz&Y<-f z*IxACMXM!gsDO!1edS3p)HQFOh)T+ulUdj`uxsI)pBaoyy`yn}W&zGIPrai#YXni33woE7&zVW7u`$eS6%vM@&{Z^F!c`oW1&xX&w5kwQ z4JVs|Vim2e$xB11NZ17#5Mm1CBr2=*D?URj>~^LM?;nKLtr53(Br2xd*6{fDVLruS ze}C4(ZirZVecwKB*Y= zA0@LTiBZ>JeCV@_<~Qq$g!@x7uaOTw?X6&Aj1$?91SWVw!NhX4oEFN12+y1&R}jn# z)G1=u<-G+l7F1$0l@}^$1TkhXwj?)bW1IBtu>$}M9nM{rEU*&aj_Um8+u?;(mG;4^*eclZYQhGD2CFku1i0aV-m#>!R7Qsl z!5C1(xO1e-(YAt%wo65W3a)z1+k$xhjtt7+$6UxSPuo`VNpI=p4?_iS4wUU zc1)jB_}1DQ$zDQ0%%9{4GD2c3s(!4A)Sdi!Nf$ZLMOC=%{c?g&^c!--QY8(WIZ}o| znd$gTG`h4vW#9I`r9N+{Y6rt#55I?j=H34x%|^A&E+DNN^2u5 ztO26$$9j6R{-yZ(#AM>Pl4GTCv9$uI7fVQiQ9P+u-Z(5AiMSzRbWBX(Ns^O}qkLx0 z7cIULf#|=dYZH`1xg{+c$98+`NvHjaTlSC}MX{K5-XB2c?<|h2Z*tv-p!@36a4TzYD5$+ss6LK3D-H`Db3w5@1 zDR8=5#}tuX475J#+2*k};m>qoLHD)fPAMeLgPin*GeG1U^6t{~oKQ&FAW|9|{&fv= z6C=9(uuJ7)Sl2E!iw`Es80tLlODzF5$s-&e0RZi&UcpNlsidA9BAoo61cne_yUmR- zey~v*vz&&r(%@u3HdK$a)I!kxaL7sKh6tR7W;8@^0aH4nxI|t9cqUbnj37ryZ}AZx zcx7l`|IC|@QaHjoxqa~TZj^4LS69tBw_pGtlVo0Xs z`xZ8PeXVTMaRt~_b-~{(TLWsl>n}=<9f7WiLJ8L_Mv8&sfU>evby+lOfRgjF@bj{3 zZr0^$U$M%Gu9pSfcbSTK!Dsm>#~b9aYI#MIfmNUk{|Hq{MysdWBQpN|cp=^fHkN`2 zZNDJEs{Z)crNc#aiEz3`|;3xEJN7w-6RhtHcAHDaL^QQPFVcppbEy zNCy^STy>GXiZC@mypI}8MS0kaVm0&~Gtr&|yJ2NqLoCDQAK5wkmkr!`i`&US; zgl!4^b*XciT&rE>`+9)aa*QP#z~)dqKA1}U^BoI!dl+!dtWw&Jf5qh*;&f>1 z|JK9|XeTCPA7i}v z4zTi9@8-V~67zo$5;F@c%l}BYb*tIf{aYpdKQmdY{xhw=toNDi0egfAk;HMolmHkzDgr~^wKg8z9K5&%lT-uqM8`9p&rG z3m33H)+g&)7&1RL#k}Rq{<^6;xINCkL&Kt5=KtOOJsOS+V&lZd92te7jD#Aq>yuo> zf?SL>P};0JZdZWEncub1=Ebjx7<0vg@YLX$?-LNCFz%g)Uuwnxrx{vmL?AhQYxa8< zmozhvuuWe|`L(xRiwG z=>0m2fUY8}{p#-Q)S6mZ`Q8kUTO2!kEE-9XXZ3BTn)2)WQtJG^xqj{A&t*qJiOnzs zt1#+KmX_H3e)&v7&-o3h#w4x=c@gwwXZm`iy8inDvM3CbC#!rP5JYD5GCH`_<^G2Q zb0%ng=?F7Ui`y18jtb|{=iQ+oXapS3tq6`4*LPcF4BHhukOk-54VRH2TVTZ}Qcg73 zIfM*tC4ej*R!%V-pOGgNB!OuI0}vaUQrrKKBvOrBSM338WG>jO`JH>vrd+|xdhEIX zz=o!sL_hZa{)>SSDUa6I8>!jj=C$qyd~1!c#X67;w58Xt?Rk)*xLbm3m7rS!cp_4uJp3J;v1v~ zd}Y~+qL7f1%5Z-Zt2W5OH%Yd<8~WG9-b{XJbnRPZMObA32=&s98V<$&0J-~v#$7e) zZt(7}i049>$Aok3?11&H>jufd=`yEcx2mBJXKFmiiQM514-03I4HSU6tw zCjuvC5kfT6g^?nUXdRzl_b1xr38!a9enPFMNR>?Umk0x%uHom-6sRx5m!Y&xPblBB zLxm-=Ahxx)dng8U)Q9sgfAmy_{Ia^uYpabW+#OP}WWzBd+vu!l6YB|CdnNboS)zvn z!25&<+l|YM!3g0>A=kx?UazJx{Geh-zTp@p+Qv{dvNsyXf*?qu+OTJ3i?chnXL(9f z{<*!l<{Lj**c*i*8sKQg_^_)Xw?<@Bpr<1g-O;pm7SWn5eDvdrCfm#{lS%9)fg0R{ z8LQq)K9%10$g~{*jHo&Z(U{93p?{4&c1*Q2Nh!*mssLHmJS8n3TnTNR9j_0&%As=1 z@Aq8TrxJ^f_HXO=yIo=8ZAGz9et7xfCA=3}4kJ$kX{_b);tM9b9rHC@^z5ogz3gb$ zv3pv9=D=>&G1SSBM%Ez^E--CmnB8hA?jOanxbxNHIr4tgN?cy=q>*E#14FUp#aK`R z#=VNlr*?}&aHSq&4k>WDfo&@>CGn4`_!ohnCwC-not@N_Z=`t_+GNK=wx2)U#7oBq z18x)Fe;^0GYkRGm$dIjx@C?IXTbM}cO3P11p=Z_J37AEb?G|e$w*Im~M`JMVV~}VJ z217=5|ARFxeVZxb)uk}xrn_QysNAK3r!`I7M-fV@{J@&F3B$xjT%?MmMqV@OY#PRT z$wN_T89n&f#bms&#*DzJJ{enhq!f*uv3Q+g&>Uew?BuZ|Ar*-+6anMZN5qFH> zN)yyeGHd#Cbn5!CLlt?@6yN$tLGJG6{Wsx)+m8uHXZ5ii3CZv0O~c?~&^WuZa?Vy?!ni?-t>2!n$g zPzotlC|~iwJw^1*?1~2F9qQ8wfv2x|DwR55wt|iio1eSKR5Ijvh@`wBQK5e zwM1PS=O=VWT_#W)p|Ld9@>WDGYDuA)SjnJ~?6Lo#N8#nJi&WT%T@+4hv_v7!DY~y9 zF&w+=By+O3C=jLRR7Y8QqTo4ynuGZdA7RMB!?!AWRbSdmtr(PQVgd|_QXbQ3}f5Wt1TU56Wj=Aiyl?M8R9 zRdkM2J`-=cudWE2KZf0hiylYEtE*aOKqvQvBoiN$w!c=FAT?fAB2c577 zPU1Z&D0p)G{UCG>T}crj#^vO|&o~JZSL!WWUBllb>my^K_?poEu);Vku1y=>udZb2 z`sATl%yeQNI1jiG?@tu6jy3A1kJO1kX-%WNy?B+n06Y< zI)lqeLUgGjJ+dF`#i2YZMQT_tERp<<-2(g_!-@ET)uT?+2vXULvurD13jC_QDl;|$mj*Vss`RKWJe4|q{**g%V5VmIoR^4XU4TwLGR7sxzi-h zZCmI76@&Gj{3j>pihxUN^;U}L{}uL?VR0o7Ag4DJa|aJL|V;KAM9 zU4y$z2oeYm!QGtzL4vz}v+urVZ}vIodv5=jr@K}yt+%SDtGa86ENSkMnrj~}-}g~O zBP2+T4&0?;3IQ&LgbR5i2G6X-Unb|GP%7|9hxVABNpBVbp9RwZbQj~dzW4@bXgg?F z_xo~_0xsn|Q200LjvHnvQU6p6vnIQs0N*2^fdVZ`nM2btnkj@!zpIR8QAO=a zFdbm8~s z-V9D@@|jZ}QLj-ncr>b$<#eecf>FDB1LIHP85%L|!HbQPk~8c3YeC7yG|#_w$`CDJ z7fhvqCVZRYg9jTZDGz0t%y=kA+dDt)6+egOin7c{R7R_;YUbG~y)6o^Z|&np%x*iZ zqURszE+z@7kgH{JG0`adB&!@_UnG`B@Y1z2QgPVO8A)R1Oz6W2IEEkjI3 zAw$owf%00)z3lZDI@}k1C91Waq%C13H}i9*=G*o)Q1s3I%4}}&S?bP@+BIg9rs>K% z*U@pjc<;!Waojp}q{QM}Y|^lbP3q=jaEOrfK;fOQ6=m_e^78lkl+zKiFUI?L#%&SE z!}}I8z8FTSFk4lt)-5N`O%|cnrZr9|sxD$T>?=9OhU>9P#VIhmqPg?;9t2{f%2aT7 z>(Yd537u>cdeD2AITwG-mIzfJPibO^r%5v$@%hGZ0Iua)C3$n6x@1?$e0jCY{(&rZ zd2SfaB5$xeLq2Ks*LW~)^SUKyDJ5F=vNp%;du`9`UZ~BKXhh83#P0~G5QYjv3X>@Y^H?c|8K|De`BY<{ z<{4#s`cDq6bCI>heiVi1hWxuWW2-3xsn->9WzC`K{FKW@VTl4>`r7LA?z0;+2Avq) zukTvX2f_d+H*RsDUxB!;gx&X>x4YrCW z4@K!~N1HFC{Or!VrZdVFzr-x>8HZ71Pd^~$y8J93C7lb3?TDe449N1Yh1>o+3#BuZ38UgY)xW5|*hS;ruQ# z>ILsJw1Mnb3BBp0&!SjdNK_fst$Sy*zJB055Fr+GOVD9JUkS5CapOpHZ>nn3b#B0j z5jvQ}1@N!EMbrKvnmbW8wOT43N&WF=GIi6TO6K^(=#k=yeusj}u!ZB+a0Z5`_XEOk z9r>^I)?kq6SNB~73p)-YtZw1r{cI1D^eYnEa6b$ryl~DYk{4(+5^1LlNt)W2VnKo; zICKo%Xe{mV2R_7TPL*8M!?0HmMfWkTMSJa#=_AvUXN%ImeyvkaPPS(fJ>94+EtNnh zgR9DT{w-ldIQ?U3rdP9&W9`ci%cyPQAj!u%HZ}VH_X*BW2|Gv8bkk#Krt!|Zs(VM6Rldj>}ERC7#zfi1>LwJ zt5y*eMp}x}u*s5hXqoAp^~=&Uub1b-ubSNWjPC@jT=8)r5|Q}c?^BnpjT)Hv_t47h zjS}Y>U26xdR>k9n#)&_R2pLed_3vG`mqu*PkcEBj8#fY?e*IbGw4f`m)5^iQPj^lj zsca*Zy#SMFS0D0%g7le#%}Pkd4klJ($pN$8PyyJ4^0|{J)o9F*$c8K#oW`{Vq zxw-$3*`Z0;?9c)i_QQc*Hd~tsVwLR46&1XAH63dp#xL&*qzi+&pgie7%;JScqMJ*n zUcwN&w^P~sRN~lL1#g!>jU0dGt@vzxxV)s@+EO~Ko1s>lbas3gu43_nd8&j~IpXI) z{k-mor(ii(?Uapx7BQmAUE{r54^cUQBC*DN!B`1i&wPGuYm#VoPHfeEV;f?^*vkFg ztmz*55od#tKxkpLf=r>mZSLmt`j{ob>>`1;OJOWOSh2LHrN=ANF32=y=^48B=kWUNk>?}x983)bLA5?lrUOkXPI zA1%mS44C_{tkewVnH=6PzfylY$sVn7yG2Gk7H$^*+$ZenD$13s zgWz_|)^nIMCNlfR{?Wh z0{a*ASM9`iEP9myjKTQxruMIR(|(_SeqV1I^$N`evq%V1M&cGYQ@ZRh+B8aPl+&AR zw~(4nbx19;@_#v-7eF2G^Pqu`kxWtu;p}2-9E#T}Y_i0V#Xusy>}r?akfOvo7-M+h z=T?W~K2kro6fE zruHQIL95ms?o}KQT)TM|o3MUDp%3q+(iFPr%FQI3NsaE6*|7xmy-9NzGh1Ok7OMySN;}2jrlTu32zsuyEKSET#Ny zwMzRT7EffAt(H)otKlLI8X#&-n4HE-t|HLU*fIz7Q<5cnf2emr_WW#Tcj|hC9k4j^ zIitm9b{6269y@OMF$Q9pj-!9!Gj@IH2roxwm0b9uIr%(r#IkL)64CS(O5R&XoUB}Y zGJ`85FT3AZHx%YM-jp$LySaqk!%4S4`}NiOPAasR)kGE&tST0-$qS4IUeOd?a~ZCDAOLF^<_)b@fp2k@^IYIeAn>>Le}sF%>3{_?RyUZz`8`k4>j zp>Qd*gYR2dnVes_pxY+PYr-Abn}Lr$6pQx_XOk!3?Q^1ZDV=LLRKe3%1R-3Th)I5C ztV4ch`Zgp^kg_+YUna*~j44uPDmWG8Gvi{A3>}n;p5MDSYuirD31J+8KZ)AhH?1%& zIjk|v=es6BoL~;4#zH_#RXPnFke#l^_?7Q_9YUj;G26fhVlYoUis|sH64VVYE&&k% zwSI%Vc`~mnOtNAV#XQB(_2>hVV&C1O6Q}$dK!W~T)aSi2T+Z$)A7t2&n8d`l`X!Y@ z=!(BNi_w)YM1DBTWOXo&!xi29@_y#*bNHbHw+cPA`j2cwRR{FQVqzS8RKHk~n`g*( zZ%BDEd$e2mp-i8)ga$X$5^_OFhpKtr!e8w^Oz^A}=E<6ZhQ0t0QBLlApW*N=o&^sA zUMXj0^w+W`+4EBYcqOn>=x&4%a!(PSm8*x6J)8y?JrJ+kRFWw-e)+7}=upyo6ih-e zGy1vF}6grk_{}`HjnJhJ;D;q4AzFgi^uGuUCfc? z)#cgD(C;-0B=0qwMQ-x0C5B5YZui;6MRfRu&J`}M^ib!M?X=ro*2P6ZO9y9EHh~Rx z+JgY_aW^&DW~DLsgh%w+B}8O0Ki=rYXbA6aXxTiClQ_LvtjX5Ey=^;* zO3N|jT6dbhPS4=Z$pT{KPcCS(7b+1S`VYkdmvcwO&(=!N4A%2WzXYngF4wKy`{S83 z^&_vKd8}wTk?TACmgTgyd#s&OaxMzxE2S5iT=RV=XF6aZBVU4#D#5;zJ52e6`E@S@ z)uaRTd!`iW-d;~B&NrU}C3J8SYCOL$Co0~A7R9R{X4-GOOw2nrAW)TNB-E`)L}*Sb z&DRI-8K*Z<5oYx;-w>>(w!YF4>`L;d(k^oNwDLaSl_RbQsz5jWYmEFtI1Da9VQ2eI z4wq!Ie1tn?AJmYcDAz9Q1huPj0%G|uV9Jc^cg@(JJnL}ePIJlM4SEZ4xA z?qV4rk8`BnE~@adbIPMZp;LuZd!pkDtM*cd3aj?apJ%X3y-v&aeu6Tq_IZLbvvxzY zZ{364HU_vA?{fTay|kB7GRkb}y-XS~>fV*zcw>TQbZ^9!|(A+RCm#%iOP1yU^ zj5Qa~SCLE@2nx$15n;twtDwMPR3<|ax$`hAK=7GM5wixCE2jKjwOu8Q@?Qe5vm7HZ zF0^AOasb?x^q`%J>EYSqQT zvKFO=8WIDM?s}EF@S25@7n$1+Z_BA)%S(rqV`>DFWLc&m55*1>fZ-Ba5IHM(n{w~w z6qQlxP(E5-Bu5?VPR&qg&<(k|US6#&O$1GIo#zzVXWSPdR62|t2!5IMGKuGY23_TO z9F6_aTYv72v`;rJMO+m?idPQ~Vi9dzF%MJ_-Yfr(@PLZzF|=$CpWUxwv^ys8F-{x@d)2SO{#8yxRYHqM!AMkEO%BgnJ7E!coJMK+su zO0q%gZJ94ICnd}jC#6gKK;t+s-o%4v^Fry1rbvpkQO=C+g>wZ#(VU`6+(sEB3~!M8 zJ$r<%H|fB~5^Af>HQzYi`+bf3@J40DhMP#-L-_5-G}g`!x;@>~{=#Iz?qXoAK%2VX zh`&j0S}gE6c28tZ0VMISd9&V|(9@ZG6h_z- zuK4L(_U#53@k$S6HedZfbd$MCFjK;NU;!h2WAAmk8GA)8?kc{TZTQFq^x~Hye3J~F z5*fM8Cb+sN2YK37pdWLcFL?F) zmN@E8Ul?#gqd(QnhqaK)G)%dWA{*D&Au*E}w5Yj4J%-9T;x!ZK6!Lu-W_}-YZ9sKG zu3w=Tg!tt>A7fl>`vqP%Y3yZPWvm_lqpW4#WRZNgA<9k!{M)hy5PsjQf3pH!o zcpa`{+o`$t<5Nyh_tYP*pm9FYHJ!AW&gLL_axbdxwC{qS1q41nOc8JAtEXt17+dIK zHzseBrl?my&7JtAAl%9Ihmz5vv{$O9lyp^C9ywiXN4@C`@Q|L*Bk4X5NY!G+^?jsWvFfi zwBY_>)}L+Ui(Kl9Nvgze`C=SqBx!T4rc1zf&WgDo6qg4>+@B<~|CB98kJB)kpw9VCIXg?wIu4J!R ziplBv_H|!NDG6`NxxHPpmUM-a6GxjOAUt3%sF204>`h#YmfDMJ1V*vBVA`4C87!1u za8|= zqeIJ2Q`aA=a2a~UOjyFrzmDf7>jV=`YJUYg!5)N3ODP?#Da4Sa)o=jA7doneJkOZM zITgisQ{NZ)Ca@BA=fO)FK+(rAj{)f)Lg+*BUUf8tvP+$i{b-X(V9Vki@36&He-m0n zM=VFUrtzTFAvmMDfk@T8Aca1ynkW))csVtGA3o3%yB$osR(o%|``m~@s-BQlbm6r# z)zP=THQPi~`{u9B+zKEE&EQJ30-V;o_AHTphnSv~VA)6}Ql4q{wDGKng5@i++OT5iP&i=q6Iupy=1F$? zR#=DaVEGKgcPy`072zk|%QlU{t_v^XG{K#(70+fCDaf1VaMNuF^xWU&jcf97+3XQT z8tKp_-N`U#-ApDIGVuyw3unZHqX=3tzAue_PjsCO*a8W?XN#FOb&AzKpfR|N=H21C z_ClP{UYRpDGdHp^w}^PHgRAyyChXV|X;?lvvIJ|R_;)KO;%y;1gtv-#?I>L z7#O-d;*m7U@@|bAm#}RH`qB4SC{cl&tRbI?SV$!c!n(h;q7tFAduf2B#q)~Rab%(j>k2^4H~o+Vay7zLF3Y~5blgYE@8*tpfd)qzh59n7 z*oq2xg_2MULS20~#5~(YgF`QM;@*%9E>;TLc~l06{j2TMOO3TRHKUU+FK4nPS?b6? z98QczomP-DJHck*1RqNlW1#d%WzWcmAFN+pI2dZ=3*wRGH^;mx^{zvTd+@brSDn!h z(#szgs?vx@dHzwEhy1&IH(i5CSBi*1+iM4^Glqy4hkmYPY&DuP^&*6~h=X80lfHr% zGF%iqp%Fx$8akM9#?1bqKZypc&m0VG<6YENXJaH4mz9aNc;3HrwZU?V3a!Do+|Tt8RnO*m37dja1VKg&NsD( z@&j=>Z>+rhmIP(tw9$--FWFlqHD8Xf>!o z_uT{t&BE?$d}fAi2Yqh(GvVm-NoaC6$LW~`)s__W^OOqjI2Esm#+=uCV;wIj8Is~D zv^xTh5+W8oA8)uKvpICsZ#m1T@rT-s8AW_=q%~l=vng!c(;b)V90j1MI~@A?Q!)|NcY@`H!h%5GM%ye>{;+sx4TNKyf{0)a>a{DKJ#+ zPM0x^aJy^)Zjxj`901m_z^pA_viSNE3X;j?VUkfyH`7J8Ijy=rPFHNx4?~sX$zml_ zcC5?qE4m)vtcO=x%~dNqGb>B$&75*LTIPxiCJbjFLGq<~UKR(c+qY9hE9)~iUO_9W zrnepoC}aE9YV*YzX4>pd6>}?P(@B=hT(@3jWnbq5>B*;)oJgu$`7G+Z7`3m+1Rh!+ z_oOtv%yp+qE@~3!SekRga&jw?hrfjlm+I17I^?F)9Qf6Kzx#%Ee7`1YDdtW^Ji|G> zyS0(jur(l6N9kXG{cT*L!1~b7qo#AgM)QEDReFPszp?Z;;bCkrQRu{RoCv6ay1(XY3|{{>G7|-U6srWSSytb^~B@2 zXfb?(*l5@r_|%pmwH+F<>MCAnXKi;|hj9)BEq zlq{e|k5W96dCbBP%?lj+B48>9n=jp;2vU81c|;P1kpU%d6wS>pU-y4B-63EgY{bbFhSa(;ZX&1|J& z)N;9xf_E^y&!ptlc+WK5_sIf1Jze^3Mg5LIg%eTKOp)tDO5(BZge;PGbD}257jZ9*Ki&8?4;JNBP8=pm(5|IctUV_fifo*}F;&E4j?^q$ zF4h;gdFB3+LpfnNC0@XtRk}pfF^?wdx+2=mJC0Qn@zIWZzyGlEz^Vch;`|$^*F5h0 zdkw%IA|aG>vdhW>TQbTOXiLx>+zI>nPKw;^QsF^`4G*v5EA$q7kzY5qlRWvEq;0b0 z$NH7+PHPap>+v>E2j6ZZ=xTQfo2n&(i^NleXR%i#jL&0>HgNe>J950tFc!NHzT8Vv ziYoOuE)lnADJ{d$J?362rWOq3bWl4IF+1@uICW1MGWl144SNJBC=Hc=r?vO=0Ox?2 zRJ*$P77JpW4RkYS6V8JAS6|pvx-+?{E^qg@X;hXle2#p?1a`1))}{XO538R>V`eK8 zzsBIlG14=VLF00Jsp^PCh{+17;xV93*V*ZKcfY1CwBDjmJH+TrP>`X~-% zHvPoj0Zt}H?C`9;2%>|>uf?UUI0D~}k2{~gdP`4y7|#%ob?$TiQ_>_KSjg zL9c{P9Om!Wwi$X>&F8$2oj=K29w|?vaPEzH`DoASCK5KEnT5Q(%`nHKg8;j z_3ckrO(venNHx&D?RSTW@{6$JW^@b|4dNWhx}g+Fgb?y%A1M7>pLbeG=& zr5P%t)UWIygTjaONs@w|YsH@zGBfjfBk+FNej$u09xDV}tRf01U#2*Esq8yxc#lWn zTe_tc_|Qk7VlWtQT4g=vsW@ss>D@BYc}p-|to_viYN&+l;Ahx6tr|&MV)Ho|!Iyu# z&wvnacb&&Y=Ns0W;zR+;P59YCKhu1X5^y?8-PYFF1-woN2Myu|(m*!4q%|C!L!fa& zKFT3bwC=8A>{%*v@wO$@PV+z}7OObr zo>PMJj4t#(^}xW^PYIn#i{BJwEBuwz4^3K^Qt;*#bvkZGBq94V?jOcBiqtlCqI5sg zjb1^=ajctE-nNvfC~zZOXFHOrO=$zdOZWR}K_#i& z_VZM1$ zj1x>eu7lP_`OF{ms^72oEOlb;$WKAaY(QP%8B$)ber%MEhzi^LZN(-U+T0KiIg8Qt z_tL{e7iAF;nW*6yz?MDw1fy_ot*~$Ycn$ZmaPfbJKnOVFty>0p6Z*}pN zQhb`;v~*ui+~xf41RJrdp=W#+WV8)20%E*Futkb$JH}SI`*vzR+Kf38&obPyTsf>u zcHs5B<;Hm>J&68LRZq=wVnJsmd3nDs$-7)|>&WbUFKQ^m>*d4!$!W<_$X1le`4^ny zkPq71A!AoU0-hnItz|b=1(pJpbw12@-(1P}<5)d?a9=O^lAKK<5k0akdnBN4YI@L_0 zyKM#UI*^ZA+!47ywY9Jnp=+RLDajTFKoW$VS}Q-oaiXpsA89c#99E(rPJI#JrggJs zo$gstK3W@gv75@t>9oh3o!W`PUEMp*Pa=u}3flpVN8x&!;sAG#8^zsk(2uNorNN`@3LV)&_raCgj@j_Ni)Ts<#Ay7n{9bXm_8>>@u zkvjM~qgUoPZvdhtLppU058EC5IAdA4>I?YcG1f9>-Vbz0W<|ruh>0YnHaq$Ynyr4s!)Yq&RjtT)R z^}?EWT1ELKdCuJ4_eC5LtbUYu6A5f^ z>KRj&qAF`6WoraHTGL_ZZ^*|q)lg~PQQk5x~L_?JmDAMp_G-Y_j6tNvg9{&C7Xm6_R zde&tY)Faq-w+t?MACne`@28fArq&7;qiLOEWy#kjuZe!_v*?2rG$qU&nsZwk24=!F z`QJ(R*Emf%C{(eby@>85dAP#)DQaLOUihqK*7?)hPtp6Vc3c?*X}W6Pg0P+M=}wRMzPo!vM2%LhWH3ZJu#jBDTi?*Xw<*7ajU{%Z0)9 zO7!_u{(?Um=btIhTNbMJ%PG;9dw5Ohw!m=B zmFm5e9j!qh$8$oP_zq}9>%Rw9u@b&4pnkcpucWU3xbG+OISkJz3E7nIx{Ha{iKpm- z=pifCMsKCxe<8cN6K+nm$tkXF%2PfqitrMi?||Fwa0Y5&1zV^bDrl|#?~jGte?Jx~ zIT+fz*ch`b!+tnK*=3BaOzl5VfVuv!{W%Pc^bHL4jf~>M(N51#?ItjP49c=zNV8(~ zkH`+9qg-IXOETR>o7_?UI9a%HTB)4YlPRlt@#5pT%lGeVj}N*wQ&F0fND|RRi^JE5 z3F0X`M6_tcKT^>G6A1`-gvQ6=WQhGFK>#yMI?9?vv`EHl$zrtjgl^j6#%{FFE91+QPhEnEMhVSY{ zJX1v^B}#m)J#{@LjfG2mL6hGG@AzH^E)WQmIxGoq!q=sRS$qrnReoJis0o+{#t ztoB?L<{Q%$`XYY9V}9u^CpMLquBjZ0l6UG8h|g%0KwwNzXhi2{0o$n<&KDbrPC_Da z_|U^$kmjSBW8(dhCS%>|!aI%++ zx7Mw0G7dO9C%HZBN4LJNcx-OI;LV*(96FtOcD|%du+Jgw$ws0#RF!~($r@Jt8 zA)0qPk|uC*uI+}3k=J0^%n(}^6D>XAZ{+$<}m*v0Rd0sfdLTMSCRiB zfdEfz0E0MSuf+XD;^zEYAea;K#5@r6DHk{Bi7xOzbU`^_OZWd02yZwO zI{d$7TwG6t{8qhi6Tl7YTK|*>8~!2i$-feq;Yt`}zB(+&y~!odL>t)6y@ kD?m;lg@6DC+9!JhJNy5==>q{U#6dC8XlcdeB{0zb9}>Ymx&QzG literal 0 HcmV?d00001 diff --git a/tests/data/protection_profiles/pps/txt/b02ed76d2545326a.txt b/tests/data/protection_profiles/pps/txt/b02ed76d2545326a.txt new file mode 100644 index 00000000..4b575e23 --- /dev/null +++ b/tests/data/protection_profiles/pps/txt/b02ed76d2545326a.txt @@ -0,0 +1,944 @@ +Fingerprint Spoof Detection Protection Profile +based on Organisational Security Policies +FSDPP_OSP +v1.7 +Bundesamt für Sicherheit in der Informationstechnik +Postfach 20 03 63 +53133 Bonn +Tel.: +49 228 99 9582-0 +E-Mail: bsi@bsi.bund.de +Internet: https://www.bsi.bund.de +© Bundesamt für Sicherheit in der Informationstechnik 2009 + FSDPP_OSP +Table of content +1. PP introduction..................................................................................................................................4 +1.1 PP Reference.................................................................................................................................4 +1.2 PP Overview..................................................................................................................................4 +2. TOE Description................................................................................................................................5 +2.1 Protection of biometric systems.....................................................................................................5 +2.2 TOE configuration and TOE environment.....................................................................................6 +2.3 TOE boundary...............................................................................................................................6 +2.3.1 Physical boundary.....................................................................................................................7 +2.3.2 Logical boundary......................................................................................................................7 +3. Conformance Claims.........................................................................................................................9 +3.1 Conformance statement.................................................................................................................9 +3.2 CC Conformance Claims...............................................................................................................9 +3.3 PP Claim........................................................................................................................................9 +3.4 Package Claim...............................................................................................................................9 +4. Security Problem Definition ...........................................................................................................10 +4.1 External entities...........................................................................................................................10 +4.2 Assets..........................................................................................................................................10 +4.3 Assumptions................................................................................................................................11 +4.4 Threats.........................................................................................................................................11 +4.5 Organizational Security Policies..................................................................................................11 +5. Security Objectives..........................................................................................................................12 +5.1 Security Objectives for the TOE..................................................................................................12 +5.2 Security objectives for the operational environment....................................................................12 +5.3 Security Objectives rationale.......................................................................................................13 +5.3.1 Overview................................................................................................................................13 +5.3.2 Justification for coverage of assumptions...............................................................................14 +5.3.3 Justification for the coverage of organizational security policies............................................14 +6. Extended Component definition......................................................................................................16 +6.1 FPT_SPOD Biometric Spoof Detection......................................................................................16 +6.1.1 Biometric Spoof Detection (FPT_SPOD.1)............................................................................17 +6.1.2 Justification for the definition of functional family FPT_SPOD.............................................17 +7. Security Requirements.....................................................................................................................18 +7.1 Security Functional Requirements for the TOE...........................................................................18 +7.1.1 Security audit (FAU)..............................................................................................................19 +2 Bundesamt für Sicherheit in der Informationstechnik + FPSDPP_OSP +7.1.2 User data protection (FDP).....................................................................................................19 +7.1.3 Security management (FMT)..................................................................................................20 +7.1.4 Protection of the TSF (FPT)...................................................................................................21 +7.2 Security Assurance Requirements for the TOE...........................................................................22 +7.3 Security Requirements rationale..................................................................................................23 +7.3.1 Security Functional Requirements rationale...........................................................................23 +7.3.2 Security Assurance Requirements rationale............................................................................24 +8. Appendix.........................................................................................................................................26 +8.1 Glossary.......................................................................................................................................26 +8.2 References...................................................................................................................................27 +Bundesamt für Sicherheit in der Informationstechnik 3 + FSDPP_OSP +1. PP introduction +1.1 PP Reference +Title: Fingerprint Spoof Detection Protection Profile based on OSP (FSDPP_OSP) +Version 1.7 +Date November, 27th +2009 +Author Boris Leidner, Nils Tekampe, TÜV Informationstechnik GmbH +Registration Bundesamt für Sicherheit in der Informationstechnik (BSI) +Federal Office for Information Security Germany +Certification-ID BSI-CC-PP-0062 +CC-Version 3.1 Revision 3 +Keywords biometric; fingerprint-recognition; Protection Profile; spoof detection +1.2 PP Overview +Biometric systems that work based on fingerprints are often subject to a well known and easy kind of +attack: Attackers can use faked fingerprints (e.g. built out of gummy or silicone) that carry the +characteristics of a known user in order to get recognized by a biometric system. As an alternative a +user of a biometric system may use a faked finger in order to disguise their identity. Countermeasures +against those attacks may be implemented by a set of dedicated hardware and software, the so called +biometric spoof detection system. +In order to facilitate new mechanisms for spoof detection in fingerprint recognition systems and +thereby advancing innovative technologies in the area of security the project “LifeFinger I” has been +initiated by the Federal Office for Information Security. This Protection Profile forms part of this +project that has been conducted by the Bundesdruckerei GmbH. +The scope of this Protection Profile is to describe the functionality of a biometric spoof detection +system in terms of [CC] and to define functional and assurance requirements for the evaluation of such +systems. Chapter 2 gives a more detailed overview about the design of the TOE and its boundaries. +This Protection Profile thereby focuses on application cases for which it is sufficient to determine +whether the security functionality claimed by a TOE is working correctly without performing a +dedicated vulnerability assessment. Therefore, this PP is solely based on organizational security +policies and threats are completely omitted. The explicit assurance package for an evaluation without a +vulnerability assessment is defined in chapter 3.4. +When planning an evaluation according to this PP the ST author should also consider the Fingerprint +Spoof Detection Protection Profile [FSDPP] which is based on threats and not organizational security +policies only. In general, the use of the [FSDPP] should be the preferred option. +4 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +2. TOE Description +The Target of Evaluation (TOE) described in this PP is a system that provides fingerprint spoof +detection either as part of, or in front of a biometric system for fingerprint recognition. +The TOE determines whether a fingerprint presented to the biometric system is genuine or spoofed. +The term spoofed biometric characteristics hereby refers to artificially created fake fingers which are +currently known to circumvent fingerprint recognition systems. +For this purpose the spoof detection system acquires spoofing evidences for a presented fingerprint +using a sensor device. This sensor can either be part of the capture device that is used to capture the +biometric sample of the fingerprint (or even be identical to it) or be a separate sensor device (or more +than one) that is completely dedicated to spoof detection. +Beside the fingerprint spoof detection functionality every TOE that claims conformance to this PP +shall implement: +• Management functionality to modify security relevant parameters +• Quality control for management parameters +• Audit functionality for security relevant events +• Protection of residual and security relevant data. +2.1 Protection of biometric systems +Systems claiming compliance to this Protection Profile are developed to protect biometric systems for +fingerprint recognition against one specific kind of attacks: The use of well known faked +finger(prints). The following paragraphs introduce the core biometric processes of a biometric system +in order to improve the understanding of the direct environment of the TOE and to explain the +motivation of an attacker. +● Enrollment: +Often, the enrollment process is the first contact of a user with a biometric system. This +process is necessary because a biometric system has to be trained in order to verify the identity +of each user based on their fingerprint. +During the enrollment process the system captures the fingerprint image of a user and extracts +the features it is working with. These features are then combined with the identity of the user +to a biometric reference and stored as template in a database. +During enrollment an attacker could try to present faked finger(prints) to the capture device in +order to get enrolled with another biometric characteristic. When having success the attackers +identity would be associated with the fake fingerprint. The important thing to notice in this +context is that an attacker must not necessarily have to have any knowledge about the +biometric characteristic of another user to perform this attack. +● Biometric verification: +The objective of a verification process is to verify or refuse the claimed identity of a user +based on their fingerprint. Therefore the user has to claim an identity to the system. The +system retrieves the fingerprint reference record associated with this identity from the +database and captures the live fingerprint. If the fingerprint features that are extracted from the +live fingerprint image and the fingerprint reference from the database are similar enough, the +claimed identity of the user is considered to be verified. +During biometric verification an attacker could try to use a faked finger to get recognized by +the system as another user (this kind of attack is often referred to as impersonation). For such +an attack however, the attacker will have to know about the biometric characteristic of the +attacked user. +Bundesamt für Sicherheit in der Informationstechnik 5 + FSDPP_OSP +Another specific aspect for a spoof detection system that is used to protect a biometric +verification process is that a claimed identity is available. +● Biometric identification: +The objective of a biometric identification process is similar to a verification process. +However, in contrast to a verification process there is no claimed identity for the user. The +system directly captures the fingerprint of a user and compares it to all fingerprint references +in the database. If at least one reference is found to be similar enough according to the relevant +threshold settings, the system returns this as the found identity of the user. +In the identification scenario an attacker can have multiple aims: +○ An attacker could try to get identified as a specific enrolled user (i.e. using a fake finger of +that specific user). The reason for doing so may be that this attacked user has a specific +credential that the attacker is after. +○ An attacker could try to get identified as any enrolled user (i.e. using a faked fingerprint of +any enrolled user). This can be relevant for cases where all enrolled users for a system +have similar permissions. +○ An attacker who is enrolled in the system could try avoid identification (i.e. disguise their +identity) For such an attack the attacker may not need any knowledge about the biometric +characteristic of another user. +More information on how the environment contributes to the security problem addressed by the TOE +can be found in the Fingerprint Spoof Detection Evaluation Guidance [FSDEG]. +2.2 TOE configuration and TOE environment +A biometric spoof detection system in general could be realized in two major configurations: +● An integrated solution: All relevant parts of the TOE are integrated into one physical unit. +● A distributed solution: Relevant parts of the TOE are implemented in physically separated +parts. +This PP describes a biometric spoof detection system for fingerprints as an integrated solution but +should be applicable to distributed solutions as well. However, if applied to a distributed TOE +additional aspects of security shall be considered by the author of the Security Target in form of: +1. Assumptions for the TOE environment +2. Requirements for additional functionality: e. g. encrypted transmission +It is known that environmental factors may influence the performance and therewith the protection +provided by a spoof detection system. Therefore the author of a Security Target claiming compliance +to this PP shall clearly identify the relevant environmental factors and their acceptable range for the +operation of the TOE. More information about influencing factors can be found in [FSDEG]. +In general it should be noted that the TOE should not impact the functionality of the protected +biometric system (e.g. by a deterioration of image quality) beyond what is necessary for the desired +application. If a negative impact cannot be completely avoided this shall be clearly pointed out by the +ST author. +2.3 TOE boundary +A simplified model of a biometric spoof detection system and its boundaries is shown in Figure 1.The +following chapters provide more details about the physical and logical boundaries of the TOE. +6 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +2.3.1 Physical boundary +Figure 1: TOE demarcation +Spoof +Detection +Biometric +System +Biometric +Sample +(fingerprint +image) +TOE +Spoof Detection +parameters +Audit log +Audit data +Biometric sample +(fingerprint image), +Spoofing evidence +Add. sensors +Administrator +User +Capture +Device +Finger +Fingerprint +Other attributes +The TOE defined in this PP is limited to the biometric spoof detection system. This system shall +decide whether a provided fingerprint is spoofed or genuine. The TOE shall comprise all parts of a +product (hardware and software) that contribute to this functionality or any of the additional +functionality outlined in chapter 2.3.2. In particular these are: +• the capture device for capturing of fingerprint images +• additional sensor devices for acquisition of spoofing evidences (if applicable) +• necessary software (if applicable) +The spoofing evidences for a fingerprint can either be captured by the same sensor device being also +used for the biometric system (capture process) or using separate sensor devices. If separate sensor +devices are used, it has to be ensured that the same fingerprint is used for both processes. +The biometric system that is protected by the TOE resides in the environment. It can be, e. g., a +biometric identification system, a biometric verification system, or an enrollment system as described +in chapter 2.1. This means that all aspects about the security of the biometric systems (e.g. questions +about the error rates of this system) are out of scope for the evaluation of the TOE. +The TOE shall be able to generate audit data. This audit data can be used for quality assurance or +statistics. However, functionality for storage, protection and review of audit records is assumed to be +provided by the environment of the TOE. +Further the TOE may rely on access control mechanisms of the environment for its own protection and +the restriction of access to management functions offered by the TOE (e.g. for adjustment of important +parameters). Also for the implementation of management functions the TOE may partly rely on +functions of the environment (i.e. in form of a file import that involves the Operating System). +2.3.2 Logical boundary +The logical boundaries of the TOE can be defined by the functionality that it provides: +● Spoof detection: the TOE detects whether a presented fingerprint is spoofed or genuine. It +shall perform appropriate actions in case of a spoofed and in case of a genuine biometric +Bundesamt für Sicherheit in der Informationstechnik 7 + FSDPP_OSP +characteristic. It should be clearly mentioned that in the context of this PP a TOE is always +required to decide about the presented fingerprint in form of a yes/no decision. It is not +considered to be sufficient if a TOE would return a confidence value that would need further +interpretation by the environment. +● Management: the TOE provides functionality to manage its relevant parameters. This +specifically (but not only) refers to the parameters that are involved in the spoof detection +process (e.g. a threshold). The TOE ensures that only secure values for spoof detection +parameters are accepted to ensure the constant operation of the primary functionality. +● Residual Information Protection: in order to prevent the leakage of information the TOE +deletes relevant information if not longer in use. +● Audit: the TOE produces audit events for security relevant events. +The following functionality on the other hand may be provided by the environment to support the +operation of the TOE: +● Access control: the environment provides access control for the spoof detection parameters, +the life record, audit data and any software parts of the TOE. To perform access control, the +environment maintains roles for users and ensures their identification and authentication. +● Transmission / Storage: the environment provides a secure communication and storage for +data where security relevant data is transferred to or from the TOE. +● Auditing: the environment may provide additional audit functionality. In any case it will +provide reliable time stamps for auditing, storage for the audit records that are produced by the +TOE and mechanisms for review of audit logs. The developer will probably have to consider +privacy concerns (in case that personal information is part of the audit logs). Applicable data +protection laws and protection mechanisms might have to be considered. +● +Application Note: +To allow the application of this PP to a wide range of systems, several +functions are stated to be implemented in the environment. However, if a TOE +is able to provide those functions on its own the ST author should consider to +define those functions as part of the TOE. +8 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +3. Conformance Claims +3.1 Conformance statement +The PP requires strict conformance of any PPs/STs to this PP. A demonstrable conformance is not +allowed. +3.2 CC Conformance Claims +• This PP has been developed using Version 3.1 R3 of Common Criteria [CC]. +• The conformance of this Protection Profile is Common Criteria [CC] Part II extended (due +to the use of FPT_SPOD.1) +• The conformance of this Protection Profile is Common Criteria [CC] Part III conformant. +3.3 PP Claim +• This PP does not claim conformance to any other Protection Profile. +3.4 Package Claim +This PP does not claim conformance to any assurance package (i.e. EAL) as defined in Common +Criteria Part III. Instead, this PP defines an explicit assurance package that bases on EAL 2. However, +in contrast to EAL 2 as defined in part III of [CC], the assurance package in this PP does not contain +any AVA_VAN component. It further includes the assurance component ALC_FLR.1. +The reason for this explicit assurance level is to allow a purely functional evaluation of the +performance of a system for spoof detection. Such an evaluation will allow to determine whether the +functionality of a system for spoof detection is sufficient to recognize spoofed biometric +characteristics that are know for a certain biometric modality. +An evaluation using this explicit assurance level is deliberately ignoring the fact that an attacker could +try to circumvent the functionality of the TOE (e.g. by using different/innovative spoofed +characteristics) and focuses on the basic functionality of the TOE. A system claiming compliance to +this Protection Profile is therefore suitable for the use in application cases in which an assurance about +the basic functionality of a system is sufficient. To emphasize that this PP only deals with the pure +functionality of spoof detection, the definition of threats has been omitted and the PP is completely +based on organizational security policies. +The complete list of the assurance components of the explicit assurance package can be found in +chapter 7.2. +Bundesamt für Sicherheit in der Informationstechnik 9 + FSDPP_OSP +4. Security Problem Definition +4.1 External entities +The following external entities interact with the TOE: +TOE administrator: The TOE administrator is authorized to perform administrative TOE +operations and able to use the administrative functions of the TOE. +The administrator is also responsible for the installation and maintenance of +the TOE. +Depending on the concrete implementation of a TOE there may be more than +one administrator and consequently also more than one administrative role. +User: A person who uses a biometric system that is protected by the TOE to get +enrolled, identified or verified and is therefore checked by the biometric spoof +detection system. +4.2 Assets +The following assets are defined in the context of this Protection Profile. +Primary assets: The primary assets do not belong to the TOE itself. The primary scope of the +biometric spoof detection system is the protection of the biometric system +behind it. As such any asset that is protected by the biometric system can be +considered being a primary asset for the TOE. +Formally, the decision that is taken by the TOE (fake/no fake) can be +considered being the primary asset. +Secondary assets: Secondary assets (i.e. TSF data) are information which are used by the TOE to +provide its core services and which consequently will need to be protected. The +following assets should be explicitly mentioned for the TOE: +● Spoof detection parameters (SDP): These (configuration) data +include the settings necessary to detect a spoofed biometric +characteristic, e. g., temperature limits, general threshold settings, +typical movement patterns. These parameters may be specific for a +claimed identity. The parameters are partly produced during +development of the TOE but may be adjusted during installation, +maintenance and enrollment. The integrity and confidentiality of these +parameters will have to be protected. +● Spoofing evidence (SE): This data is acquired by the capture device +and/or separated dedicated sensor devices for the purpose of spoof +detection. The TOE decides about a finger being a fake or not based on +this data. The integrity and confidentiality of this data have to be +protected. +● Audit data (AD): This data comprises the audit information that is +generated by the TOE. The integrity, confidentiality and authenticity of +the information has to be protected. +10 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +4.3 Assumptions +A.BIO The spoof detection system addressed in this Protection Profile is a protection +mechanism against spoofing attacks. +The biometric system that is protected by the TOE therefore ensures that all +threats that are not related to spoof detection are appropriately handled. +Further, the biometric system ensures that the functionality of the TOE is +invoked/used in order to protected the biometric system against spoof attacks. +It is also assumed that the fingerprint sample that is acquired by the capture +devices belongs to the fingerprint that is used for spoof detection. +4.4 Threats +No threats have been defined in the Security Problem Definition of this PP as it is solely based on +organizational security policies. +4.5 Organizational Security Policies +OSP.SPOOF_DETECTION The TOE shall be able to detect whether a presented fingerprint is +spoofed or genuine. The spoof detection shall be adequate to detect +all artificial biometric characteristics listed and described in +[Toolbox]. +OSP.RESIDUAL The TOE shall ensure that no residual or unprotected security +relevant data remain in memory after operations are completed. +OSP.MANAGEMENT The TOE shall provide the necessary management functionality +for the modification of security relevant parameters for TOE +administrators. Only secure values shall be used for such +parameters. +OSP.AUDIT In order to +● generate statistics that can be used to adjust the parameters +for better quality (maintenance), +● trace modification, and +● trace possible attacks, +the TOE shall record security-relevant events. +Bundesamt für Sicherheit in der Informationstechnik 11 + FSDPP_OSP +5. Security Objectives +5.1 Security Objectives for the TOE +O.SPOOF_DETECTION The TOE shall be able to detect whether a presented fingerprint is +spoofed or genuine. +The spoofing evidence may be extracted from the data provided by the +same sensor that is used to acquire the biometric characteristic for +recognition (by the biometric system in the environment), or it may be +retrieved using sensors which are solely dedicated to spoof detection. +O.AUDIT The TOE shall produce audit records at least for the following security +relevant events: +● A use of the TOE where a faked fingerprint has been detected +● A use of the TOE where a genuine fingerprint has been +detected +● Every use of a management function +● All parameters modified by the management functions +O.RESIDUAL The TOE shall ensure that no residual or unprotected security relevant +data remain in memory after operations are completed. +O.MANAGEMENT The TOE shall provide the necessary management functionality for the +modification of security relevant parameters to TOE administrators +only. +As part of this management functionality the TOE shall only accept +secure values for security relevant parameters to ensure the correct +operation of the TOE. +5.2 Security objectives for the operational environment +OE.ADMINISTRATION The TOE administrator is well trained and non hostile. They read the +guidance documentation carefully, completely understands and +applies it. +The TOE administrator is responsible for the secure installation and +maintenance of the TOE and its platform and oversees the biometric +spoof detection system requirements. In particular, the administrator +shall ensure that all environmental factors (e. g., lighting, +electromagnetic fields) are within an acceptable range with respect to +the used capture and sensor devices. +The administrator assures that audit records of the TOE are regularly +reviewed in order to detect and prevent attacks being performed +against the TOE. +OE.PHYSICAL It shall be ensured that the TOE and its components are physically +protected against unauthorized access or modification. Physical +access to the hardware that is used by the TOE is only allowed for +authorized administrators. +This does not have to cover the capture device that has to be +accessible for every user. +12 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +OE.PLATFORM The platform the TOE runs on shall provide the TOE with services +necessary for its correct operation. Specifically the platform shall +• identify and authenticate TOE administrators, +• restrict to use the management functions of the TOE in order +to query, modify, delete, and clear security parameters which +are important for the operation of the TOE to TOE +administrators, +• provide access control for all secondary assets (spoof +detection parameters, spoofing evidence, and audit data) and +the software parts of the TOE, +• provide a secure communication and storage of information +where security relevant data is transferred to or from the +TOE, +• provide functionality for storage and review of audit +information and ensure that only authorized administrators +have access to the audit logs, +• provide reliable time stamps that can be used by the TOE, +and +• be free of malware like viruses, trojan horses, and other +malicious software. +OE.BIO The spoof detection system described in this Protection Profile is a +protection mechanism which ensures that spoofed fingerprints are +rejected by the TOE. The TOE only addresses the detection of spoof +attacks. +The biometric system that is protected by the TOE shall therefore +ensure that all threats that are not related to spoof detection are +appropriately handled. +Further, the biometric system shall ensure that the functionality of the +TOE is invoked/used in order to protected the biometric system +against spoof attacks. +5.3 Security Objectives rationale +5.3.1 Overview +The following table gives an overview of how the assumptions, threats, and organizational security +policies are addressed by the security objectives of the TOE. The text of the following sections +justifies this in more detail. Aspects of the TOE operational environment are marked grey. +Bundesamt für Sicherheit in der Informationstechnik 13 + FSDPP_OSP +O.SPOOF_DETECTION +O.AUDIT +O.RESIDUAL +O.MANAGEMENT +OE.ADMINISTRATION +OE.PHYSICAL +OE.PLATFORM +OE.BIO +OSP.SPOOF_DETECTION X X X X X +OSP.MANAGEMENT X X X X +OSP.RESIDUAL X X X X +OSP.AUDIT X X +A.BIO X +Table 1: Security Objectives Rationale +5.3.2 Justification for coverage of assumptions +The only assumption A.BIO is covered by security objective OE.BIO as directly follows. +5.3.3 Justification for the coverage of organizational security policies +5.3.3.1 OSP.SPOOF_DETECTION +The organisational security policy OSP.SPOOF_DETECTION is covered by the security objective +O.SPOOF_DETECTION which is supported by O.MANAGEMENT, OE.ADMINISTRATION, +OE.PHYSICAL, and OE.PLATFORM.. +O.SPOOF_DETECTION detects whether a presented fingerprint is spoofed or genuine, and +performs appropriate actions in case of a spoofed and in case of a genuine fingerprint. Therefore, a +spoofed fingerprint will not be used by the Biometric System being behind the TOE. This objective +covers the main part of the OSP. +O.MANAGEMENT provides necessary management functionality for the modification of security +relevant parameters to TOE administrators which are authenticated and authorized by the TOE +platform as stated in OE.PLATFORM. TOE administrators are well-trained and non-hostile +according to OE.ADMINISTRATION and will therefore unlikely misconfigure the spoof detection +functionality. All three objectives ensure that the spoof detection is securely managed and therefore +support that spoof detection performs as intended. +OE.PHYSICAL ensures that the TOE is physically protected against manipulation so that the spoof +detection functionality can not be compromised using physically means. +OE.PLATFORM further ensures that the platform for the TOE provides secure communication and +storage of data and ensures that the TOE is free of malware which could otherwise compromise the +spoof detection. +OE.ADMINISTRATION further ensures that environmental factors which influence the capture and +sensor devices are within acceptable ranges. It therefore supports that the spoof detection functionality +is not compromised by environmental conditions. +14 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +5.3.3.2 OSP.MANAGEMENT +OSP.MANAGEMENT is covered by the security objectives O.MANAGEMENT which is supported +by OE.ADMINISTRATION, OE.PHYSICAL, and OE.PLATFORM.. +O.MANAGEMENT provides the necessary management functionality to securely modify security +parameters. It comprises the main part to cover the OSP. It is supported by OE.PLATFORM which +ensures that only authenticated TOE administrators are authorized to manage the TOE. +OE.ADMINISTRATION thereby ensures that these TOE administrators are well-trained and non- +hostile so that misconfiguration is unlikely. +OE.PHYSICAL ensures that the TOE is physically protected against manipulation so that +management functionality can not be altered by physically means. +OE.PLATFORM further ensures that the platform for the TOE provides secure communication and +storage of data and ensures that the TOE is free of malware which could otherwise compromise the +management functionality. +5.3.3.3 OSP.RESIDUAL +OSP.RESIDUAL is covered by security objective O.RESIDUAL which is supported by +OE.ADMINISTRATION, OE.PHYSICAL, and OE.PLATFORM.. +O.RESIDUAL ensures that no residual or unprotected security relevant data remains after operations +are completed and therefore residual security relevant data from a previous usage of the TOE can not +be used by an attacker. It comprises the main part to cover the OSP. It is supported by +OE.PHYSICAL which ensures that the TOE is physically protected against manipulation and +therefore residual information can not be obtained via physical attacks. +OE.PLATFORM ensures that the TOE platform is free of malware and therefore does not +compromise functionality for residual information protection. OE.ADMINISTRATION supports that +as it ensures that the platform is securely installed by the TOE administrator. +5.3.3.4 OSP.AUDIT +The organizational security policy OSP.AUDIT is covered by O.AUDIT which is supported by +OE.PLATFORM.. +O.AUDIT ensures that the TOE generates audit records for security relevant events and therefore +comprises the main part to cover the OSP. +OE.PLATFROM ensures that the environment provides the time stamps necessary for audit, the +secure storage for audit data, and mechanisms for review of audit data. It therefore supports the task of +O.AUDIT. +Bundesamt für Sicherheit in der Informationstechnik 15 + FSDPP_OSP +6. Extended Component definition +The extended functional family FPT_SPOD (Biometric Spoof Detection) of the Class FPT (Protection +of the TSF) has been defined here to describe the core security function as provided by the TOE +described in this PP: The TOE shall prevent that a spoofed biometric characteristics can be used with a +biometric system that is protected by the TOE. The class FPT (Protection of the TSF) as defined in +part II of Common Criteria has been selected even if the functionality to be protected is not part of the +TOE. The following chapter contains the detailed definition. +6.1 FPT_SPOD Biometric Spoof Detection +Family behavior +This family defines functional requirements to detect spoofed biometric characteristics. +Component leveling: +FPT_SPOD Biometric Spoof Detection 1 +FPT_SPOD.1 Biometric Spoof Detection has four elements: +FPT_SPOD.1.1 FPT_SPOD.1.1 requires to provide spoof detection functionality for a specific +biometric characteristic. +FPT_SPOD.1.2 FPT_SPOD.1.2 defines actions to be performed if a spoofed biometric +characteristic is detected. +FPT_SPOD.1.3 FPT_SPOD.1.3 defines actions to be performed if a genuine biometric +characteristic is detected. +FPT_SPOD.1.4 FPT_SPOD.1.4 defines additional information returned with the feedback about +spoof status. +Management: FPT_SPOD.1 +The following actions could be considered for the management functions in FMT: +a) Management of the parameters used for spoofed detection. +Audit: FPT_SPOD.1 +The following actions should be auditable if FAU_GEN Security audit data generation is included in +the PP/ST: +a) Basic: spoof detected +b) Basic: no spoof detected +16 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +6.1.1 Biometric Spoof Detection (FPT_SPOD.1) +FPT_SPOD.1 Biometric Spoof Detection +FPT_SPOD.1.1 The TSF shall be able to detect whether a presented [assignment: biometric +characteristic] is spoofed or genuine. +FPT_SPOD.1.2 If a spoofed biometric characteristic is detected, the following action(s) shall be +performed: +● [assignment: list of actions] +FPT_SPOD.1.3 If a genuine biometric characteristic is detected, the following action(s) shall be +performed: +● [assignment: list of actions] +FPT_SPOD.1.4 Along with the feedback about the spoof status of the presented biometric +characteristic the TOE shall deliver the following information: +● [assignment: list of information] +Hierarchical to: No other components +Dependencies: FMT_MTD.3 Secure TSF data +FMT_SMF.1 Specification of Management Functions +6.1.2 Justification for the definition of functional family FPT_SPOD +Spoof detection functionality describes mechanisms that protect biometric systems like fingerprint +verification systems against threats of non-genuine biometric characteristics like fake fingers. It +therefore provides protection of the TSF which is subject of the functional class FPT. +There is no family in FPT that deals with detection of spoofing attacks or biometric functionality at all, +therefore a new family has been defined. +Bundesamt für Sicherheit in der Informationstechnik 17 + FSDPP_OSP +7. Security Requirements +This chapter describes the security functional and the assurance requirements which have to be +fulfilled by the TOE. +Those requirements comprise functional components from part II of [CC] and assurance components +from part III of [CC]. Further the extended requirement FPT_SPOD.1 as defined in chapter 6 is used. +The following notations are used to mark operations that have been performed: +● Selection operations (used to select one or more options provided by the [CC] in stating a +requirement.) are denoted by underlined text +● Assignment operation (used to assign a specific value to an unspecified parameter, such as the +length of a password) are denoted by italicized text. +● No Refinements have been performed +● No Iterations have been performed. +7.1 Security Functional Requirements for the TOE +The following table summarizes all security functional requirements of this PP: +Class FAU: Security Audit +FAU_GEN.1 Audit Data Generation +Class FDP: User Data Protection +FDP_RIP.2 Full residual information protection +Class FMT: Security Management +FMT_MTD.3 Secure TSF data +FMT_SMF.1 Specification of Management Functions +Class FPT: Protection of the TSF +FPT_SPOD.1 Spoof Detection +Table 2: Security Functional Requirements +18 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +7.1.1 Security audit (FAU) +7.1.1.1 Security audit data generation (FAU_GEN) +FAU_GEN.1 Audit data generation +FAU_GEN.1.1 The TSF shall be able to generate an audit record of the following auditable events: +a) Start-up and shutdown of the audit functions; +b) All auditable events for the [basic] level of audit; and +c) [modification of Spoof Detection Parameters, and +d) [assignment: other specifically defined auditable events]]. +FAU_GEN.1.2 The TSF shall record within each audit record at least the following information: +a) Date and time of the event, type of event, subject identity (if applicable), and the +outcome (success or failure) of the event; and +b) For each audit event type, based on the auditable event definitions of the +functional components included in the PP/ST, [assignment: other audit relevant +information]. +Hierarchical to: No other components +Dependencies: FPT_STM.1 +Application Note: According to the chosen level of audit and the SFRs contained in this PP the +TOE has to audit the following event per minimum: +● A use of the TOE where a faked fingerprint has been detected +(FPT_SPOD.1) +● A use of the TOE where a genuine fingerprint has been detected +(FPT_SPOD.1) +● Every use of a management function (FMT_SMF.1) +● All parameters rejected by the management functions (FMT_SMF.3) +If useful in the context of a concrete technology the ST author should consider +to audit additional information (e.g. a score or a claimed identity) together with +the first two events. +7.1.2 User data protection (FDP) +7.1.2.1 Residual information protection (FDP_RIP) +FDP_RIP.2 Full residual information protection +FDP_RIP.2.1 The TSF shall ensure that any previous information content of a resource is made +unavailable upon the [deallocation of the resource from] all objects. +Hierarchical to: FDP_RIP.1 +Dependencies: No dependencies +Bundesamt für Sicherheit in der Informationstechnik 19 + FSDPP_OSP +7.1.3 Security management (FMT) +7.1.3.1 Management of TSF data (FMT_MTD) +FMT_MTD.3 Secure TSF data +FMT_MTD.3.1 The TSF shall ensure that only secure values are accepted for [ +● [assignment: list of all spoof detection parameters] +● [assignment: list of other TSF data or none] +] +Hierarchical to: No other components +Dependencies: FMT_MTD.1 +Application Note: The assignment in FMT_MTD.3.1 (list of all spoof detection parameters) +represents the minimum of parameters for which the TOE has to ensure +secure settings. The objective O.MANAGEMENT however requires that the +TOE has to ensure secure values for all security relevant parameters. +As the list of those parameters depends on the concrete technology the ST +author shall add all security relevant parameters to this assignment. +7.1.3.2 Specification of Management Functions (FMT_SMF.1) +FMT_SMF.1 Specification of Management Functions +FMT_SMF.1.1 The TSF shall be capable of performing the following management +functions: [assignment: list of management functions to be provided by the +TSF]. +Hierarchical to: No other components +Dependencies: No dependencies +Application Note: The necessary management functions are highly depending on the necessary +information for the core functionality as defined in FPT_SPOD.1. The ST +author shall consider all relevant parameters and decide whether a +management function will be necessary for each. +20 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +7.1.4 Protection of the TSF (FPT) +7.1.4.1 Biometric Spoof Detection (FPT_SPOD.1) +FPT_SPOD.1 Biometric Spoof Detection +FPT_SPOD.1.1 The TSF shall be able to detect whether a presented [fingerprint] is spoofed or +genuine. +FPT_SPOD.1.2 If a spoofed biometric characteristic is detected, the following action(s) shall be +performed: +● [assignment: list of actions] +FPT_SPOD.1.3 If a genuine biometric characteristic is detected, the following action(s) shall be +performed: +● [assignment: list of actions] +FPT_SPOD.1.4 Along with the feedback about spoof status of the presented biometric +characteristic the TOE shall deliver the following information: +● [assignment: list of information] +Hierarchical to: No other components +Dependencies: FMT_MTD.3 Secure TSF data +FMT_SMF.1 Specification of Management Functions +Application Note: FPT_SPOD.1 represents the core functionality to be provided by the TOE. +Due to the special character of this technology additional guidance for +evaluation is provided in form of [FSDEG]. This guidance shall be applied +during evaluation. +Application Note: Please note that any use of residual information that remains on a sensor +device is considered being a spoofed characteristic in the context of this +SFR. +Application Note: In FPT_SPOD.1.4, the ST author should list all additional information that +shall be delivered by the spoof detection functionality to the integrating +biometric system. Such information could be an additional score value that +represents the likelihood that the presented biometric characteristic is +spoofed. However, the ST author should understand that such information is +sensitive as an attacker could use it to improve his attacks. Such information +shall not be visible to the user of the biometric system. +Bundesamt für Sicherheit in der Informationstechnik 21 + FSDPP_OSP +7.2 Security Assurance Requirements for the TOE +Due to the special character of the technology described in this PP, the following explicit assurance +package has been defined for the TOE based on EAL 2. In contrast to EAL 2, it does not contain +AVA_VAN.2 but is augmented by ALC_FLR.1. +The following table lists the assurance components which are chosen for this PP. +Assurance Class Assurance Component Title +Development ADV_ARC.1 Security architecture description +ADV_FSP.2 Security-enforcing functional specification +ADV_TDS.1 Basic Design +Guidance documents AGD_OPE.1 Operational User Guidance +AGD_PRE.1 Preparative Procedures +Life-cycle support ALC_CMC.2 Use of a CM system +ALC_CMS.2 Parts of the TOE CM coverage +ALC_DEL.1 Delivery procedures +ALC_FLR.1 Basic flaw remediation +Security Target Evaluation ASE_CCL.1 Conformance claims +ASE_ECD.1 Extended component definition +ASE_INT.1 ST introduction +ASE_OBJ.2 Security Objectives +ASE_REQ.2 Derived Security Requirements +ASE_SPD.1 Security problem definition +ASE_TSS.1 TOE summary specification +Tests ATE_COV.1 Evidence of coverage +ATE_FUN.1 Functional testing +ATE_IND.2 Independent testing - sample +Table 3: Assurance Requirements +Due to the special character of the technology described in this PP, the Spoof Detection Evaluation +Methodology [FSDEG] shall be applied during evaluation. This methodology will provide the +evaluator with additional information and guidance for some assurance requirements. +22 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +7.3 Security Requirements rationale +7.3.1 Security Functional Requirements rationale +7.3.1.1 Fulfillment of the Security Objectives +This chapter proves that the set of security requirements (TOE) is suited to fulfill the security +objectives described in chapter 4 and that each SFR can be traced back to the security objectives. At +least one security objective exists for each security requirement. +O.AUDIT +O. +RESIDUAL +O.MANAGEMENT +O.SPOOF_DETECTION +FAU_GEN.1 X +FDP_RIP.2 X +FMT_MTD.3 X +FMT_SMF.1 X +FPT_SPOD.1 X +Table 4:Fulfillment of Security Objectives +The following paragraphs contain more details on this mapping. +O.AUDIT +● FAU_GEN.1 defines that the TOE has to capture all the events as required by O.AUDIT. +O.RESIDUAL +● This objective is completely covered by FDP_RIP.2 as directly follows. +O.MANAGEMENT +● FMT_MTD.1 defines that the TOE only accepts secure values for spoof detection parameters +so that the spoof detection works correctly. +● FMT_SMF.1 ensures that the TOE provides the necessary management functionality +O.SPOOF_DETECTION +● FPT_SPOD.1 defines that the TOE is able to detect whether a presented fingerprint is +spoofed or genuine and therewith directly addresses this objective. +7.3.1.2 Fulfillment of the dependencies +The following table summarizes all TOE functional requirements dependencies of this PP and +demonstrates that they are fulfilled. +Bundesamt für Sicherheit in der Informationstechnik 23 + FSDPP_OSP +SFR Dependencies Fulfilled by +FAU_GEN.1 FPT_STM.1 See chapter 7.3.1.3 +FDP_RIP.2 - - +FMT_MTD.3 FMT_MTD.1 See chapter 7.3.1.3 +FMT_SMF.1 - - +FPT_SPOD.1 FMT_MTD.3 +FMT_SMF.1 +FMT_MTD.3 +FMT_SMF.1 +Table 5: Security Functional Requirements +7.3.1.3 Justification for missing dependencies +The functional component FAU_GEN.1 has an identified dependency on FPT_STM.1. This +dependency is not satisfied by any TOE functional requirement as the functionality of reliable time +stamps is provided by the TOE environment (OE.PLATFORM). +The functional component FMT_MTD.3 has an identified dependency on FMT_MTD.1. This +dependency is not satisfied by any TOE functional requirement as the functionality of restricting the +ability to query, modify, delete, and clear security parameters to TOE administrators is provided by the +TOE environment (see OE.PLATFORM). +7.3.2 Security Assurance Requirements rationale +Due to the special character of the technology described in this PP, an explicit assurance package has +been defined for the TOE. It has been chosen for this Protection Profile as it should focus on +application cases for which it is sufficient to determine whether the security functionality claimed by a +TOE is working correctly without performing a dedicated vulnerability assessment. +The defined assurance package has been developed based on EAL 2. In contrast to EAL 2, it does not +contain AVA_VAN.2 but has been augmented by the assurance component ALC_FLR.1. ALC_FLR.1 +has been included as spoof detection systems are supposed to have flaws that will be found in future +and that will then have to be addressed. +Additional guidance has been provided for some of the assurance components due to the special nature +of the biometric technology in form of [FSDEG]. +7.3.2.1 Dependencies of assurance components +The dependencies of the assurance requirements are fulfilled as shown in Table 6: +Assurance Class Assurance +Component +Dependencies Fulfillment +Development ADV_ARC.1 ADV_FSP.1, +ADV_TDS.1 +ADV_FSP.2, +ADV_TDS.1 +ADV_FSP.2 ADV_TDS.1 ADV_TDS.1 +ADV_TDS.1 ADV_FSP.2 ADV_FSP.2 +Guidance documents AGD_OPE.1 ADV_FSP.1 ADV_FSP.2 +AGD_PRE.1 No dependencies - +Life-cycle support ALC_CMC.2 ALC_CMS.1 ALC_CMS.2 +24 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +Assurance Class Assurance +Component +Dependencies Fulfillment +ALC_CMS.2 No dependencies - +ALC_DEL.1 No dependencies - +ALC_FLR.1 No dependencies - +Security Target +Evaluation +ASE_CCL.1 ASE_INT.1, +ASE_ECD.1, +ASE_REQ.1 +ASE_INT.1, +ASE_ECD.1, +ASE_REQ.2 +ASE_ECD.1 No dependencies - +ASE_INT.1 No dependencies - +ASE_OBJ.2 ASE_SPD.1 ASE_SPD.1 +ASE_REQ.2 ASE_OBJ.2, +ASE_ECD.1 +ASE_OBJ.2, +ASE_ECD.1 +ASE_SPD.1 No dependencies - +ASE_TSS.1 ASE_INT.1, +ASE_REQ.1 +ADV_FSP.1 +ASE_INT.1, +ASE_REQ.2 +ADV_FSP.2 +Tests ATE_COV.1 ADV_FSP.2, +ATE_FUN.1 +ADV_FSP.2, +ATE_FUN.1 +ATE_FUN.1 ATE_COV.1 ATE_COV.1 +ATE_IND.2 ADV_FSP.2, +AGD_OPE.1, +AGD_PRE.1, +ATE_COV.1, +ATE_FUN.1 +ADV_FSP.2, +AGD_OPE.1, +AGD_PRE.1, +ATE_COV.1, +ATE_FUN.1 +Table 6: Dependencies of assurance components +Bundesamt für Sicherheit in der Informationstechnik 25 + FSDPP_OSP +8. Appendix +8.1 Glossary +Term Description +AD Audit data +Audit data Content of the audit trace generated by the TOE. +Attacker An attacker in the context of this PP is any individual who is attempting to +subvert the operation of the biometric system protected by the TOE using a +faked fingerprint. +This does explicitly included cases in which users try to subvert the operation +of the TOE directly but in any case it is the final focus of an attacker to +subvert the operation of the protected biometric system using a faked +fingerprint. +Biometric A measurable physical characteristic or personal behavioral trait used to +recognize the identity of a user or verify a claimed identity. +Biometric +identification +Application in which a search of the enrolled database is performed, and a +candidate list of 0, 1 or more identifiers is returned. +Biometric system An automated system capable of capturing a biometric sample from a user, +extracting biometric data from the sample, comparing the data with one or +more biometric references, deciding on how well they match, and indicating +whether or not an identification or verification of identity has been achieved. +Note that in [CC] evaluation terms, a biometric system may be a product or +part of a system. +Biometric verification The objective of a verification process is to verify or refuse the claimed +identity of a user based on their biometric characteristic. +CC Common Criteria - Common Criteria for Information Technology Security +Evaluation +CEM Common Evaluation Methodology +EAL Evaluation Assurance Level +FAU Class of functional requirements for audit +FDP Class of functional requirements for data protection +FMT Class of functional requirements for management +FPT Class of functional requirements for TSF protection +Identification system Biometric system that provides an identification function (see also biometric +identification) +I&A Identification and authentication +LAN Local Area Network +OS Operating system +26 Bundesamt für Sicherheit in der Informationstechnik + FSDPP_OSP +Term Description +PP Protection Profile - An implementation-independent set of security +requirements for a category of TOEs that meet specific consumer needs. +SDP Spoof detection parameters +Sensor The physical hardware device used for biometric capture. Also called capture +device +SFR Security Functional Requirement +ST Security Target – A set of implementation-dependent security requirements +for a specific TOE. +Spoof detection +parameters +Settings (configuration data) necessary to detect a spoofed biometric +characteristic, e. g., temperature limits, thresholds, typical movement +patterns. +Spoofing evidence Information that is acquired from a biometric characteristic to decide whether +it is spoofed or genuine. +Threshold A parametric value used to convert a matching score to a decision. +TOE Target of Evaluation +TSF TOE Security Functionality. +Verification system A biometric system that provides verification functionality. +WAN Wide Area Network +WLAN Wireless Local Area Network +8.2 References +[FSDPP] Fingerprint Spoof Detection Protection Profile, version 1.8, November 2009 +[Toolbox] Standard Fake Finger Toolbox for Common Criteria evaluations of Spoof +Detection systems, as referenced in [FSDEG] +[FSDEG] Fingerprint Spoof Detection Evaluation Guidance, version 2.0 (or a more recent +version) +[CC] Common Criteria for Information Technology Security Evaluation – +● Part 1: Introduction and general model, dated +July 2009, version 3.1 R3 +● Part 2: Security functional requirements, dated July 2009, version 3.1, +R3 +● Part 3: Security assurance requirements, dated July 2009, version 3.1, +R3 +[CEM] Common Evaluation Methodology for Information Technology Security – +Evaluation Methodology, dated July 2009, version 3.1 R3 +Bundesamt für Sicherheit in der Informationstechnik 27 + diff --git a/tests/data/protection_profiles/reports/pdf/b02ed76d2545326a.pdf b/tests/data/protection_profiles/reports/pdf/b02ed76d2545326a.pdf new file mode 100644 index 0000000000000000000000000000000000000000..9afbdc2a6ddc3e577ed1171d13d6655a9718aa15 GIT binary patch literal 561209 zcmeFZWprH4k|0=OW@ct)W@cuF5;IzCvBk`2F-sP+Y>~yxXfexThLs<5&wJB5yEEU9 z-5;HG<3l>r$MS(y>Hib7djl7WSh9hRc6sIRlHxi1fvm6(~>(bNW(pPxw{=wRt) zMa=fmqsk;{ZRZAbVUn~naRZ72%^b~vf`YKFZZ1F*d)QCeDH@x$tIWv$_eRc>V0<%2 zr9Yr;_yQ51kS&(Pmc@=%RJ1!N!0&!5@eVhk(XB^|Bq)}4{C;*Tt&8l-Gj(<4@8TEY z&&}^Ti3DSQFW1#TtrF)J{IRHXp=tNJ(RM(HnC}Mso_{kjb2TD5-etn?N?iE$OCyVG zfG-1QOD*h^QC$z}3m9?V=+S}NtlfG0Dq*^-y%4FT(~C-@*pF8ch?!CiX5aAfSTI)X z+~0VE1f1{$j_FRtR_SiVT-02M&eg$S2>$lC7QM-kcwxL}#+fq{3fX>mf>^6xhc0ys z4tQ>?ntJeP=D!eH9)el8@qRZ-fpN`{KfA?n?@BHQ5)>aVr=Ib%Oz0m;5eEEJD8-Ex zfn-EwzDjsgOUgJQrk5Z&;O3akEN~uvLYGv60q%cE&v7b-)w$S?&m3q%cWqH*Oh~G1 zP63$Qh%y>pJ3V(IPzWn`fS*QV{}z}k`jx8q$&YNviFL3wIV8H@gz`#0?(9W&#(wHt zUM@rYiy&pPQkpu+TxC(hax9xR2{Z-f3Ne|eJw4*t{(30?(vx^)@~|xV)K1H#gG#qr zES5a4r46xFDD9F;Em?7Wj8$~NJUH7Tt_m`TjZ_sA1!A{I14Yanj zawBGA;UH!bwRUq=2D*qj+B-Qq03F`X3@7U>{?^ zAz&aNV9*iZ5YYd(+j}nn1sa48(gO^H6ab0>0)_(e-VY%75E2aJZw>H|1_=cX0S*QN z3iE-+{X6Q9I{$1S5Kxd{;O{E{crXwEC^8uGho3j%66b}G6`TRiLO~p$Zp|FBqy7}wE0-u!xDO)F9JI{4f4X}Vj zwjHRpJMCD26Zy1i`ud72-SSkOz5V_~qx&eo3Gz3dKB~@h&#CiI-BY3}c5@3OGn-P= zJez`x%2%T#ox$ZCPm55xGljJfuYXZAu)W(Cwqj3PO-<**W-a;%kK#4gtKIUN?P=6s z1lEbS#i{D5TGwe0U!=W@?N9Px7nk|2kSD6@#LU#rhtX0Y0*0GHw9d#;gc{S;lN4LT z%g;U&g&z|!2-N{VULN8;{RQ!0w-XkcL?x{WI1G_(;kq_xquv4GCZAiObj`c0fho$X z^V!{bR8h@|f(AOD^49Im=cAU6FL=r)(l5Qi_bE`~a~!dlE^?i?`M3LnUtht)6A-gd zhwMbPwUv9KhixO&iRN;wU&*HVT%}t=vb;#0XMAw$XkC}>wWdgapF4F_{GZE?gw!f} zj6f+H-eQsrV2&-D;MKc$TE1bmc-@etGg$9!u6yenhOP@?$})qd7d^uGEox32(D2P@ zpeDiaiXlPoC*wCmw|!8e*HH;Nmh4E;?`e^=eq89uLE}`3AVAEfz(cEgS<%n`=K_9= z#IBXI$YDsEvg}jK`%8rWZ7?L=%yOw5@CN5%?%?~s;r<1bA}fvz9aB2}=!D9ff*-UV za5M*ptyCZl*NFOxe%t%!!(Oj|(x}ipcI-a@)F7ckd;+J_^XEU%pZ0V|qdL%jVC2f}QSX zAq(s2?oZK-0Dkq9{6FaS=N5Jwh>+om;9qw1_-~kh0f9?%&1e==sDTOg_^-ST+9n-o zd#FT3Vf@OOlT`LWO+3^W1IL00J&P&!-c^@HDD`hZpqR3GT zNT3h;`CoJffauGAZD2I1ohJ|?{#VSuK(L$Sj!$0nf_L(%Y0-owEz$1)p%ylv9i-mj zU{V=X##)4Zv{uRRIFheO8vn_Ql$lQPx90E(6$e8v-hDR2%!vk@IWHe!;8LpY9AYJN z>S;m#ZCysiaP*m-|J-d8v&M;9rfY-Tq4o#e`$37bh3dj$^=wy;LBTmnmc_NqkOdt` zgCFE+r3-m%il;vpQ}iCN)DNz8WvTI=aGtJ5O2f6xV>r#}Dva_f%}oRh_F|jDV}W6r zmJHZ!us>=$@9gaM_M(2?yNnfCps#z4=32w!*^L|zgy}CUa{F*$*`S)_+(>*<)$K#o zflTsxh5Z-p0RRYR*08a*upV`{m(Tx(`hNwYpmAv{=ecL5j2w^rmjl2pTTXy}!CKq@ zCHB8N|LYkb`q*%CBLhIdK|w&kp`by)ApU#~0u&4!5(EmsiHw55j*5nk$;RP?Ma;~? zDxz%6MM5D=N=BJq_pu#?{@A2~K!CmjwhpEHS)d8Lu+_8cL)lQv9TT1l`uV0=#q)<^Ew5!(F-g72n`zEWh zY-*8~z(j2-zPJ~{IQ^q5?w>+n#v?2>qstClPD=o_KcbLw{QOxyAqZ#5DKuWARn|Et z+=+IVkT6n~#a2qw$->WYWCiDE;3@hOM|JQF=UZUsO@wdE9Ye&?-Y9fK$hO(llls0! z*u?iwbQ5ut<-p;B4NaG-f#e&it{@YfYX0=oc~NQHcYxU@p21Bi{r9eI%s&6(ECk0v z0|GT4NF+^6>CaD5-(s_>7`>32G=5MaW7RLwH*FFDN6gz2M?fw~JB2hZWvbMQM@h^f zeuKjS0tk@xu_8Z{LL>&F$)?e9A~R?kTVybY#1*HC=){pR_7Jj>YVg`mE>HRAvjp$( zZ6=_x>co(iAxhib30yX9$~rqx6p7Hm=dG#Mh4kj&M-jx}1e03+>LtUD^xt<~57p}< z*=0hc`c0!PYN8Y?kym)IsJw>|%vfsZ>v|Z%$%5R^pps*)O!f@-8A1XJ?c48| znkTg^;sR_qU1|o>q`Cp1gn}d@zh4cAs5pOEyC=LlMxBIrM5>iPNOg&bypGm%!e*o{ z{q&fTgsg|boEs0#5@>cT@{8Ezz9E!&atA*?bjj*#4@USv56)Q-O{uRbZ75%z1WBtJ z4hiN{OM)gcfF`m_+wQXnRvkns{Rr@3WXaTN3v_xgCe@IiMD-Mf1UkY7U)R<{MD)bC z)_E0vZZJ0tzuz_fEjGS}4LP|yHd*3m{|Z@cqq{rft$@O&c`2{;esIx`W;|*pEe$=A zC%xJ<-e7=96Fzc{WtTq`?Q7Esw1Q~(414HaJ7F6TyJ9xr5TbggdEK;m#nr8XJzDpe zV5lA{_fDg_TcY|+Ox;kgY$5ThY(Sye7U}F_W zZ`ce;%l>50jc0b)Omumh^x}xg<_xYb^s^~lhC(dX+WGd7WCNAx@N{Wo85P>{*F*~} zyVr^x>30K%=BI{xf{-4A+SO5af4u=gD-`2yMv$!quOOs_>?Bp7V6f`y=(H_hH==4D zyqmB`3xZl0H(o15D?I9(<`RgWlYoB#%|(7NWCG-Oc=o{k@4@l>-@h*atc!ya!GZcJ z`AG98wFnsC_R07lO({|3;g~PD1JZh1fw~|*y=2p^w9uIyW+!&h4ZSGnka*R&Mo>g;FY`sN)^As<7A%#d}CbUXry)Zm9{9wb)!v1YjH}_ZdEg9CUx> z`JJyQ#?2oVuu~wWSo!et?~F>gw{;w5eG@fCaxg5F*TM0uTBkAy;MCijL|@RzR}i_3 z4rp6EFct`BIjglD8qiX`Xwys@lqR?cz3Z>Fntkbr*m2S6ItoU+XdFsqfRU<6QO|Rb#)d=*bYaMu z{t_FoE~<$~9N~Ssd)41&z2x72QRd+zXTfGx-X+mIB$UeB8KDJ^OKLt(nNB21{nfIEO;0+oYN1@!mh;;g~+@*6@bW}gLJ2FIvB3+%BSf8<%LKrEqa$o4>e_H7^3id}TF z!?ebLk*SaC#FLKI4?bl=q)r?Q=T(fTg=tufoKbl;6r*Z(nQeap&s}})^vwafTllMh zSMDLC!uV|e z_)q81n!FSUua&l=pZPd@b^)b9saZ{g&iV5}oZ)o8v}=VEpG*gHIC@!65@yj6GP0#> z%>>rK_{f9p2rK7_;IgD`@I0br#HxJIGxN0u`Yu5gnp3m#5WqU*29{^mDJm_8f+g8{O0}Aa;xSI#li*MYj};aqz>9E_p_vUE>MIHwVJ1$;`Dm$ zJn+nawEu{<(EDUzfLBbvF7PaNmA%r#`1KZ8%QIjrl;YFzy{)mM(^k)&$0%jz2JDf3 zlIB^H*QdeuOb1w%9!HJn!o+C!o$k5Uok}hQ-mmRDB#q;^ z(DC9cQFw<~)ab*=Osukb_C7=H7Qnn@MkGZwOu#tqAVuL9A5pGDCH+F^-4JTBdb6d+tH}v80Gf!*~w=Gx(Xl8_JH#f z4HHhse<<8+?>($#2Hl`hM0sth2wgI3yGL1n>p~FQLiiKWk9aDrP|qHPCBqZ#1p-vK z?x4Z4&Lr}(wRY|RBL^)F_RWsem%P=>KBE;=q}(DbI1~N|##pa@G0m3Tg%C@Zb^Cjl z75MZc8z~Gu=XV?9Pn^W6gS;<+%?3`tYw^z_>ubHLi_{bl)jb$*GT2JuL@Hheqx9vP z_tbmw%ZI*2IqxSvOIn+U454~YqB2-h>EJqJ>LHp0^9pL1n&9-=&xK7=`}z=zkt`^w2f~)d^Dua<&?2_RH^c6hIB3Q)3oe@`#f=)@8fZ{vj%B6fXoo7YyC?%t zPNvke88{j2t{tL;%xajmLt_^ryW7=0*GCek`=6R6+Y>! zDUg%*n%48Nzb8TY*wKT7g8kzDk&MET>80``&8hk=BGhXMbi%O55H6bMujG!|rZ zQV|ssXP0lRu7L?(>&Zk_oq~Q$Lt+p!vvDXJyCwB*k+X}bnVKbDTnYyl6srHn;RRCY za*pkIs~VboKapK4Iv4sZQDj}ZdxW~Pzf2v^7Da&2$~~9;O#g#F(A7}9c5T*? z^if}0xyJ}j+hlUkz|ks)hja1th1!{5vME{Gp-)K(6pchyZS+dV%0My+McN%p8QE3~GhbDSjnpRD7+&?zce%A|;oZ6^%f6%5mEdm^J z^$@&_ymG})G-+UmeHmsnhXyCEq#NNTd5BMVMn*Pa(WF>5-IFyY(?{t=z0KDknSZhO zUfkUPu5ku_+q@S z5tH$B)Y2#H=Xjhr!8|aNX`IGi=WHZ#CkS`TslhDpw9-yz3P;lrq*I^jDT#Ua&&s~B z$TR=gksRm7hr>GLxaT^+x^+@g>+A{!qj>DhYn+oI_GNPc$hNZ!0j2EvJ6)O=2VLXn z3>9_#+OT=POgF9Vz-SssG@`euUQ}mdi>afCsCFx}o!T}y@H!7VKVcoHD9~v8 zn3n@`lq5`sgLLG!nSPx8PTFzP#3DmY3#YK7J+v=SEk^W1d`ilC2Yg|DrbBv-|Hw2d zK5vvAB@E2InxnE_dDHT*iK-*C<5DmEB&Uw?iZO%AW{#`KmyGUXl21ODOulH9GVq&x zz3fL}uF!S)3LgTT^FBFuoM1ZsHGo@*uc3hiql;L5LN+`*X!P~w{(h#$cUND#y*s0v$1|K_mE* zTKWb9NgLaoJtm*Os1nO!1_v&sLNf!0$vlRmJ(bfL-?$vNZ>fiT7Q;Ra4DS*y`LSXn zp~(R2u_puHfV6{H)XtD2x7Z@BkwAE%ZcLQ8HIK?Gp}D_VX;64`5))kVS~RH^b^Q^E z%$r&0#AVs~fxymple1H||ZQ zQA?Mn=dN;L3rkKip19BAkYm@I)mqKw8xDRQ%Zj3TR9SYY?^I;>ju&uJtv zTpI;uTvE`&--QO3W3`@?P?%vS!^`Pa*2_2ww!Sctf^SbXu5Id9C6@iH`7|O z;IA`4)^E1#H+`DmqG*}fNZ8`!A-_gyPGcCY#Ta13JCd{X?oQpBSLr_3&XvVzOg;8D z5_;pXtwByu=O zaTl90<-jekx!1Ux(A8LRa4Dy5IrSh~UzWe|^P*V_#ggN!N67$!Je2$x`h~T?4zg%r zg>J~Na+MX~=Qz|R%vleQ^mN%Ud5|{%eV^qEnb{Yi;c)!8;cJT)W-xb%Zzzu2vqM<> zHqW&u#R_hR=9miiDZ2alBVTd~Ygh(VbCZ3IZK&4iCDD6hTKgE0B)g>CaS+4}N$v&s zu40HS7~BaP=f83vMIX>mJ8Qw5_Q2)rsB}#D{0tm2f@$&vg;t_mJYe76;TXV;4ms1@ z(c?SnsR`{*W>pA2Hs8HnB=8geIjcEn|6HzIh|$^@nsPdN!4~0z;zv8-2|_aOZ$GYL(I9m3zhGic@mbIkka8Fmq>& zr!g+MVyDti(msWEdsA5&q=#~U@hYtt?1-+Id5VYTG@d7ZS2K)Nnt*z#DRp+( zi0nY5^**S%jG9m~Jx4m(tW1A=aTksh(~taetd*#gr61Mq&Kkmw5_pJw436 zexBi`MLF3|eTO3Txz+{B0_@J{JdKga`eO;>GS2)ab13dK%@NRNCA)Q%@B>b>K? z^EJ8^Zi`6S=*w+v21Z?G_Sz=xN$GzoH?b?xPzh(Mz$EU#aIzu~Gdvx!;yKfr$V_1Q zF-U2R67TJR6gJ$>l(rX`kwaJrcZbCi?>jIeW92UlX7y*&ZI8l`4lf$4sMTdmoU7Bw z8X8K3T?Qy%)iq~Zr=%3;r$*GDbM$Rwxu!X`A1&+FT8`Xx{h zS93n*O41N_d>K|tRa_i$EKE#LXq#+9;L5#w7`bwr6Xu9>_c*akwFW)Mvo*xNgKa9oeLFTRGV;>VC%5yP&0yR+J4O-Ev>puzb`E)^!eb^ zoWphQ<*$^LJlv_3t$e@aXC26K6dtlVYZY~c@vQp_J_d3UXkh?s(*FFG+&iE{;Yz9( zBgOqhO^Vrh)w^6)F$C(%-7GIsi0VlDZI$2GM|R$GmFeLU&166edO@+{2!<6asvV)fOcB(Ck004~yiPinVY(p~*)$CK<0{tB$;T^ikapbRI;V$&07 zK`Hgfwnnzwu`QO=fXFARSN0W`D2C7!_upkX756a~ncH|kOR8Q60rgHPkoeX(atnH} zVJ*vLHDEmQgSA2}lL8k+70hCWb5Ks1GpEMmu^20|jvoR&kpFw-;~aM^)h|O6p8A^{ zUmJOg8eQu~3Z9tp23Vuh@mCF`)^U=OMC6bLV<@1)sZVd=fKlQJty1G$`p8@3Y#2s| z(z161T2AwKfzG$hj02tVBwl-O>#36D#Jn)R2raFKc_n#u3idf$&RM{|YB+CWVYp08 zW7yXwxg+Iz7~GQPSl(4fEXIQMNyW(w=c(6@M<6M!us#Cg->~uWnR@0fZ%mzgH{_GwNIIKF>mHk8j`I@bK zUqYH)_Tq>G*IZfL?n-M@8ITJ%QXI$2b=|8TFA7ab{^t@@V=Z5Q?E zW8Jm}6#4#yG@GExT`s&6tn__@=z^S_*mg}8nzarZIar6Ex`XCjNkE3Np%M4yCNiWi zAN!_Q3{u(oO5Zxjx4gw?uJ}9C+95J+_7r=$B0c1vX~sCo zoXuHkMnuz0dLvEu=?~G0tOkt2uY4p)*}VP{zVo zb!rXm=-du3OF>(YB2S5G*0@k_#c`n|Q-JUZccd}2x~uzgbY=r#?C>fTxE3aN%tud4 zFODE!yvFm}6$TsEaAG94?aB8(#FH|5EF^&K^c_w=<_Y@z?CWoXwZZ<=%m4Bff!BZ9 zp@;e;YdbdZTDkkOgm3gdZo=hxF#R{vh7ix_Z(Os^o=-0aOr6%TSFbxydDd*Y_C{13 zlNCMHdFvJRg~(P!*F1vk=!xh_t#Jd%6#X=2+rhPPX#x<*n{tp)X64QhG$$XLLnkr&uSv<()@_tIQ4G*4#W*vK zaQgnt5Un9-S23-+Q7F)>G(2-nQA=vf`^7D&mm`=VOTiC&t=sjSff=&=y*=DbXSEXy zKDO6UhAX4EW=wRu#innyPeIAtp=GXMPaJ+b@}6nGiRR`RY+ytshWY23Nf=bN9NOK~ z@{DV^XlzVLu3R1!H4Q29s^v6}Tj~7$B>&qO(EejODHxsgVY& z&(6S=HgT|NWZ=R&Dm7GFGZhPFxLP9jXW46Zt)E&ZzH_{r75K6BeRen?YDjq0w*?k` zZJ1T;#8I6Drmjb6CmZ;~V@*ajTti%4e%St(h-`|VghUiE>d0>=gti!Jwq}zFpyl|E zlBB1Uj;3B5t~Yvd8lf=+NndAa?OUdNDDB9Im|3y@oNsTZ)ZsiqgWl6o31)sVXtk8% zu`P4FT{%_CItDKF+w%8FF@;h(D;!lQ=3jb>@I%@(%17wOrWD594pqlpIH*Xf$Xr#^ zrmzncT+3acP`c%+cmw+JMaRnFivbcx)cr!mKMypj8ebdJbhLFbvxk)rifZ(WNf4<+ z%5kJivh`DjWtDan1N|#xi?J^57I#Ttmg5ZM;s)0~rB|w%+**Km>jl`e?lYgy^6=1i z1Rj>Cg;kP|yJW3q>Ap4QZBU(-S%n=-lCqx7J291XuQ-R7w1(^Ps3)SSX)uZw(J;bc zxLT`pU-KfzBhD)Gam{W^)`sSk`s5~7F{~x9;lU5%UjHs`Hc;A(I;@OY?$Rq)DVBF` zk!;@0OwVvheNvqwrpq#f=LwY>bLt)a} zm|Jaqcr}yLAT!=5nGp_T?N=x7zM!4x8paq{%071;;n7H-A&gWT->!@=ib^KA-JJGT z!Zso>%b~-s6)7oVcjep`P4uoXi|I;(6?HWiy~@(lyWmPxh8|&XFZHY_iB{OHzJ5dy zY0kS;fT^F0DNR&M4pz=c;P{EFX&st$H@mF)j@(V7S#Qr4~ zIZC;h3%XL-l=$V~@|r@`wsjlI0zUAETbX)>)8=S63Gp(xzI9ECV>e^$cN#>=QGy_L zUAyR4?|;1tokA zqBqI| z>Ck|z3)cmL79Pjrz$fdZXuc-B&%1m3V5Rl-TXM@IL+)K|{I{>xLMKYg3Q%8|%yEW} z4qh>>1@q<>P{z`C`seVjErcHOez;e@pgRUjpB%gc{4{7zTo&H+ZUKU`KfZA0pr$Q4 z8VC?bz8Fj>nJk`_1XwAxSM-U@*@rr7Y3kJn%{2aoOrt>6_mh>BqXw}LNHN)PHpD<{ z?{T}>CfI!rDt(;Z`XMw~JD7PLb@?mqnfpFQ@tSO~n16ZX2#=kxLE6qyH%NlL&vd*w zK0zk7)PsT!4i5C@x>qG$UsBGzsXSbZ#EzyY`AXuqQfv6a(>e%$K18TR3QaR_a9o8&hl<{m^ypWwbAq+CG^u%qY5QbVo871_yxoW!G!*h&@-9ATHu z2MxmYjR~lF_%c6|Rrl)$^(q0Wc*$h~sl4Oz{C9v$4-Oe4aj5&B4H7&C$c_cR+W06yEb9YMea&qDF%*XY&JQ=< z#3WgfjU+Rb9H;fU7u-o14EXD_?m}(9H=PUiFal=5($<_tZL{ zTs6vm2iykm#^=XiUr8zQ)9$68rTeLQ6acV8n;eSq8sJ?CNFJ_d>K5`T}*;H!I zqhO>VThtD4H@vKp8e{4U%>8xoEBGL;Ls>AdwW9y5$G8>|UU0P;`r=pAY~34~%r)Ip zg=L0Os5dRt>DhBZ?l}=6Jl_~qUpT^3fQCrVL)WZ6Fl2>1*iVqOZ2%%Gy~f2*NlU39 zaT^^y6fP9eSv#etO$!Xk??#m~rr68Hq4ndtdgOKUx^}|oDIiBGJkPdXpjW~EK)DG}{AjD^DKe$+Y z4fQiBRG^xD%JNXl6nAYDKEmIQ-$qCcg#cSrkhOXgOU_HIasEN6de0tI?KLSOr(VRK zIFkrDgwivsTEl}xP>JaIRaf#tS-b;)M|4WbNzU@JR_lzEuQ~eM5jt&%dj!GmrhLt93CD{;S~*5B!snG6 z9A5%^jC&BFkMW|c1t*{dKRq}7Ey{K(UCXF%XQO#pTUYAK+~?%*s=wB2S^e@MY1fgq zo#A?zYdgmO%tKA+Cox`0!c+IiE zN`J@D(*vofOnX*G)N%JQaMTywF;wMbKmQ409>Z(WGxzJTpxj5&q5f$~Rbj>*GB0tf z9#=%AnEtoQm<^pRj=oVZwVPpq*E^tWfoM|@DjZ&mBb)FHv00N}NHSBY^p?lPgkCbS zT0Lo({#9K+hG3&Bt(U|wvcArzvedL4p#x!Xx$Dl0)9P+^&7{BlU=Bu>i*ml+Gyd4! ze!7bzqZ$1{rrjXg!G8szJe*Kye~_y>Q`d#eWYf>bEzU7QB-TnGJbRm<}dnY;rNw?7Qe;ABAx;A`fH0LU1bHx zOrZVdv+#tHby*mlOootnR|-zpnNm$o;u{f#BeyH{>CpsDcvs4(gImjYlu@28E70T$eG7BC5Ayx{&bh2PG6#h&|5#6c0{y^C8F8zjGB#5PDW78#;P2$o&`a=XHeWlprlA3 zVpuK8e-m6Qi^+fvxo@^f^&LPvvE!ehr+ryecfJirIdWW`rGkP^z**r)6;WLJ+cy;1 zKArT}oHixsL+Wg@f!&qJW;H|8acEGIoU9oSrNAR%WA;Zj1wB0>-D{3Y{2*3FLEaOM zPX>06b-8IUtFfeYgYY)%N_mwNeJ+*xk=nf>gUV83Od*zuj0eYMZ>Dt&2uZoB_sHlm zGdITttFcE;Wwp|!t{WFt9!kL0JQLZ4j=}6q=~-5*ktemPFc=#h!$}Vz8;poM4`B^v zwdzSbYhZhAm$yEvTq>?h!nq9c6Ym=V=h0+$D^W-(^yp&A=(0+9`G>_T{Wtd}3;wWFK|V5GrHXoIfr9o= z6}1XAauXsz+V0LMzmKKEfP=0*&Z9`S7t${$xNK_wM#c8aDb`H-NKbQA9DB2CR`sK< z57$)eVA1i%S6C*Ea=T&(uG*4Dw$;hNoSoXTC|kNuTzw2Gfwg{aFEvX)fql#~=PEJb zj5X>v`JzJgpNj48fXGy3#tti*8m@4GlpYF%1``EoOQghbJx%kR9E|N~XD^%~n9_UL)~jRC1}#U9=T5V#Cwu;@6bwMpNRAK;wz>1}MC# zdzX>kw|p#e?|_er5hL=)!)aikkRQL|`15OvKNTYs011nT3bKjwN0sQ}+mC5tWv4A> z<4fWHs0V=vk^HF#tv@b)wrGg$ji;N0oXcy4B45a_V{T^{ajlU;;c?5UP;e$^LL)f7 zI&ymp)S}fI)!+UEsGj>ZGFb;Rmm zsNS5`s_@(KPeN+h8o>NlzgCy;<~GccKne&~FwT*5Im|Hdyg`;|^o$kn-emFX0+C6| zL>zOOtfBPwqG|ZLE2dhTDBVDSL&7H}cScRo+wk7FLtnxdpzq*~WS``E_K^=isG3Lc zbCEt6vc-(8<$xH-h5mV0ra-p?y)>pcRyos!!7HyiBe`V&VpG+=I&nij?nXQn!!Hi~)hWnq%yWRRn~_y^Xw)Y79S~oHjgVTe zvUZ~iO2p140bU#i!#5y2#`;@UW?U%=gyltdDL#$nnTjh#KEr_I%gImYO1x*xD2nvK zoA!jR^eT_p*;x3rL?xQ9EtO8m(C2&k~^~vm@!(!UdTtN zLS~X0r5VvdG+>XGa_E-&RSMofrjlIJ)Kx<9sb8V7mX>zSlT07cfksY)V!qrUWGOx@ ztZp#>2V3>drzWXipBF+(g{Jt+^b)4TgRHDs5MTU}{8@`?>jzM^nqWjQ=;fWbv<90H zLk}n~+&#ucu-Qgv*005A`lG~u)S<4m&84+LIi9O4v`M8B6tr8qN8TIZsfSOa!P$K( zQ>H}iLta+Bxgi%_u#ZKuTE?6@pRP26Vt!zs>Bx3&pQgOM0cdk4+1%$|yU%4fqt(Ux zs$k1#;2T=nge@UiR)cZpX0Hov3T+RXL^b(AcevHabfw*@rUb+FqZD*VwyCI*9TDuP za6oh(T&^S!+WaDd3zqwiHnf3dL<>^4*_IsfH@;k9`W_XX@~(QTt56 zCn$wPUTC8ssBOdp*#@nq5m~Z`wogUL!Jb4?KDRgCsF5og<{mOdXGgR>4Ivjzrn}QID#74K@H#&TJdAt`Ml)qK=2e}_R#J|sK6<0jK1`mTz%e1PhPmaF zK~Ok3Xi-nr4yj|46mTvlSB$1zlZByT7B#HJ+r1biNU$M_m7vopiNHC>CUaqtX8mcU zq?_mry~>$Erb}B--^*I4=!R?CwKifdg5+58Sr&vPgeO7UvZBfY1e*hV?)VGpW}*t5 zq%K^FbqY@N-2hy;1xexes{_$vMjJJ6?6F;6GX4t7*Ft?4m`n7FuNYn=)TX!4rv2=p zWe7uKFb>Ec(evsua=kEc+LJ0x3ma8muol+L{ zMQA$e>QtNs1E>Wnjmd4~`L6bArM=sg*J^FDdPnI%8s*Db-An zya}$>q(g1^LZ%F5$)*2y)jfPW$@FsPdUi#e*-adV{{&JJ} zHI_PW0M-j67B#WU+Ig^3o!`KIhEBT;<|8ArGeuA>ZGcXmkU>CEV{ zDM1JPbz#Eyx95zn(=&PZA#b+A9BeVazOB@T#T-@jc(+%0f2BC4gF@wM6U{lkfumeR z%N}g}W*J)Q=F;ev|2@LnvFTakk_^IJJtuXYI{tXLkR~o}+!YrlFs;I;oR*F(EW}uD zB)ZSu`X_b1L@xTWvL7oIHtuH@ZH*szMl)Y?uF5Q1->6^q-vJF%&FqV1jcNa!Of+yE}mDoXLmPAgnxM8&#H6t1>6dEqG>XU9=K z%FhU=3uNM!D{cxxV+<(YLFkMwg<#(S5f54~lf4n=wtl}~aXtsmy|x^1y#o~UXOmw5 zBU6}ibQStnh&LJ%x9r*YhvfKcT?_r_6PI00G=POz4VGr4OKJ)En+aPjolVrjK^Nu( z(oyK`AUFdsY%t-pNvI#r?9%)g-fAKq*odL+Q7W5enQNZmvA_ed5zRQig^bCFz zKJ84Hcw8Qpt((hYqVG}rqN;ZX1Q&Z@Nr!U z{h&9guEkdYX8S@|*eO#k_A88tmwa^)tVwh?V_ps|>m$bji&7lAV&a{m9AWb4NWY-X zMqDPuLLYd8M6)d! zjdlkVbCHy9OH>0yRs~DHB*=s(Tvo-Zd8Hd0Sf492?V8O@UB#1f2z5vkvcaf%ioIE=$*`tw%GMf-%QkYu|98vF{UuZ_s^V{9Nc`+sFejCIjuCX^W!W2y{` zbIDvnC>V<8A0TujkHI3J!}GA8eNN!ue!hLiXX8T=U8W$^3V;@P0Em(BDD|n7 zq;i$9lKM^M^HQMHAx5>?fKW*nyCufawo`y#42&3T`dMopb>iq%&9V^XPj(q zYm}bF3Kfw-HGZh7qo(^)?>`izuQ17^A1DvWn0P?SQnVeB6DU3$35UUq52O|kxwQ6C zM4~8+ffixQk86LSh2Gt}7Tv5OwZchZpXdB85oi}l;MPEfU{D?tae`394e$SZw!7JKQD!0Rl|aEh3q9>X%o3SG5S8Yk0~?L)aII z#l+-ISxIm@hscNZyjnKxw}1dlVdD-e2yW=QdU_>O!})W6h)AA+2IEN6)GH@)DQ~j+ zc)Svq`JhkCnC|7ayU{qad*!WFy=n59+1pZU1u5Qq!gL2MTFXX64S^lCYl~fSb02Bu z(AKk$>NHEu8?=)ZGfRZbY3?ltc4dAb@5q_dXCXapZxsOXbUtBXZUxuIT&f(|^3TmG zBa>ZJ9nY^E%AVw))?ABFIjfA0O53OWA9)Q3J-Jd+U0Yd~1I2+3Wo6NrsoIpnMieSH z!rlaExL`6ZqO%f#l5R90s&=>G8kDLl0(eWVEK#^Q(E}~UGf7v}u>?E3^OE>eCdF5? zz@Q+V@_kLucYwBOE{UcK+gey?gt=syI`iU2Su*!fJ;jYhq|3H3&P=zQx5dNe-R3vL z$@#Y|*rs!b*G6d)+g5?nqw$n3pz1WL6Z%#U1RX}=@gj{OM;W2R3$(ArBvH)r(=~eB z!TqJ>yptMCL-ki}%2)8_m3)MC*rbQO1p_E=%yD;td(Vn*;9u*4LxghIjex%X6GS}i zUB}WXcF8cCcZS&I^ZA^Y-gzwDbxz0+esli8hOg$vBW174@+Q+;Ew7-+ z`&k?^sB}Ob>j;Q#1`2FUn4QMX!>Saj@U!d*?**UOA}N9k61k&;M`vsG7`5pdBZK6C zjM-dr@ghKxciDu~^wn;7au!)o@JXv$`?W*j(jhz}hfat0OkZTt9o+pQ*uvg3_L1AD z0UOpu%DO9|!omA;*{~9~5bPIGc%h9g%kMyyp!1VJB2#nQD0!b>0^QXUY1-8BoP0{e z!BVe#v-uh0^wsESIEnaa6gYONlF4iA71uupNs!KUq+(z^>@Z>ErsNEd0>ax;FfvZ4 zbZ#;!5j^;a*$%S2&Hf-a2CF-fFFxB5UX!To!j(#N)0Y%%~2II)-Hi7Q~ zQQJoo)-B;l)fKBBO@-VR-Z$-RV%`NNA_;_ou{R@e22*ujo>x+LtoBInOOO7{PqXAo z_o~S|6rM2Yf@#m+!}N*9sli+D-;H6-qbrvazfjcorAkOxCMvj^@^Ba1&7?biIoH?@ zxb3HPKSiJB;>P<`h>E%e9ktvn3x_&J(i)Y5Mn#j9!BvnQV=bK>Tgsd0Xq6^UVXupo zuedFy<_2T(74-PC^eUQlT(uz+)i_-pM3j5+;WIH^n$Ca`iL1$xN}n8kff(#{u|&M& zk65W3onrYPeN6`zUjl}F+6Sm4%pY6VC$jgJ2o~MP<(6wv%{;D5droN1*$<~P0x&Eu zJ88smnhF)HPz6Sm!(b8If8$f$3(DINT4QB&2yu9zkB8OoWPCHkSg>Iy6Mmge>cR?y zpzhUl&J{Ft^l>R8m4?EkWEt1q^D${~%Fa{)_eh%(kwQrNl*3314m!g2CoC2ws~}Zh zwg!&R6sq3=32f7U zYMoAHF`u~BN(w~{!8N2&4aDspK4{PrK znaF?ifc>vzBNF7lp5>c;?Ge&?2V8GN3cUkfUp51fx+nN%doDJGgnHfq|86+F{}n;@ z>j9zer^PdOAwpL+vpoi)*muAsm(Y%fl)v0*&fWdTdh)+Tk7(`6XFY%*hL?03uI)(e(nG4>p&tT;+KM%FsVEGRx`$Q{Ci&q z;T`6WN9KVzaU6y@)^EcLtWqd+y{O;b{Ok_Jxv(_y5FShm=hiG7;{Kv#*^`8;eoCt0aaOvK*+$~KR1{E-6Dce71&J9XzEzaN+gxA3$=sE7%(H*Q*j}jlW1o;=Fy|J-7SX|9VG6mu<42 zg9OH%!OywJFt3~a)MYYL>^>WbbBJi3$XG_}dbW)uH3$9WXgBsQ6F!FppjbFOE{0j6qKBp+m3~!0?{j&;D zUOT=3CY#jhl@1Bz85=2Vq_l#S7_EqfSB<|FbRd;)t8cKFO5a!>{PKw*a53%RT*#z&J29r-axTdTV~ z^Tlf!A63XrjRD(-NBbFmS~|LVr*W7E7H_HXi8w1ZC2K$`IL^JjdbK_=0!cb*$CkE6 z;nT7Nm8x(&IgWGY{>T1k@3x5Zi-sP4LT|SnO?SVS24AA61cNkmRX!v!O2!zGm&y}v zZ@~>bnf`e0ToIS=9J6;1`l8LjH5zwQo;AFnch+l$VMMs)LQHIL`<6h}NGq5O=FgDc zBRR@_&)?3;$zeO5^*jG!!@NHlc-9|N{uGJBL(-x1mcUKM=~^P`sr1VSkgSK#J}2F? zN{8A0%P)1Ip%^U(KOpahX?=|Atc9eF==oUGk#FuwpG?pPXJb>uGvq~CZ58SvqdN;I zhs{9BW$01f(wwSCC1|6wg^?}3CdvM4Vf&}N;{haNhbgY1mR`XlcY={jj=2CR9ct&<7VhS?z@J61SoL|wh{Pbmy$Nq$ng3d(epDm;Dgw5d+DiYyip7SdDCuPJaC?QB67C+F}4s)BtvNLBf z``! z;QDeApY=1gCXI;=Q!A3c^Gjx%PE*auH`5U&+1j?hgMJzwRFP~*M>sc^Y+1f;2Zc=7 zsHoSnh)vH+k-4j~EcuRi;cWV#@WM5P;j~v_(pNT{t8Xhe#O~}zuj19%%>};pQ<@kUnJE{&GlmVq6Y+s;M(mI?cvj47-0&iKK=C_sVdT6{Vhlxkx>} z92rUe!7-#}lH-gdw!w1pv|OEDFv)OBuq!N{A-|f`e15|MvPg=C#|%z=Uqo)8M4dwl zx2bTGr@qadh~cEBoAcZt|28eskp59Ggu7?-P16}k3NMO?rfjv>~2tZo5~Fe{0~GO3Cfh*Oz6(uQhU#_H$! zj`SqdCAZ~~R+8i~=i?~;3v6@7B8<`^a#h_^`S+!iv<({bc59yILjl-ZSnYsC2E|`G zg|+PXCB5@p#6(^P-jPXoOJg}3YPkUxC7(Fk`hZIX&5uzXEe)x{|}I&V0aXdfF7qyd#arb+IKdW{p&HwiMKu^ zJM_=x4@{zLQI$M=e+c`9Xg0~W6GWg{s#wn%Rm|1vPQ5?zDI_b#HMn`Rkw@-^gsBxg zxDKQHAT8-cd80=$;1w*#UnXr!L}24vbI9$%jRX2B zEp^$AQxRqCdrrJSF8ke|MJ}qK=gi@wPFYS#3oTDupu*`J=BUv}&8xE*?lxRQ6SQ|0V4A7?;tS}7JBZ-4GE zj@KhuD(AeBUsN4*;1A3+40Pu&06l>8hndPa$xaQYJLm6^#g6rNynYZc?z*I}Ubxa= z&bS2Y#A0S+O7!Awb3A~6?O%en5b`a#C_P#DBANDz(+i$}X$r;Jcg^!*)bek6oeC-v z+{30CkpcuGmH9q z{8^^Dq;!iE&%cGQ7{0fRob*L00SB`FCXAJO%1I(z*Gb)oT~9{ceKz$dMm6n?%KK&3 zORx{ek1_9a88=2D}Iw z;+$sg3M<{S!FxZPXSz~cA452qck98%iY9WRRL#pq7py{sa!Awm<@{P67eF26OrNye_kuGYjJKu%--q1Q2*dJQDYel%cU zL!|G(i?n!)Cz?LOT%M@+@JXMj>MmVsYa4L|Tb)}~h$aZsVA~#QxVB8M9>U;_29(&FCIXY z#Mpm?#|t`&3Y=6&_^ml*tw~fTw*~Lyq;o{E?A;zf;EH&&d=JnUKKAU6h+y_~`##4% z?e|$X7>498tFx!vA3!gz)g-SS*D$Bh9@B%!-c|hSILIfeJ%fkbB`QIZEy!Y!ip$KVafd2SwP@5}d zS>Ue~wq3?uG5LEFyX1$Q^oga*)I7t^D0$_<=)yL7G}jJ&E+z6;m!+^fSy%v*FGtjV zX$*R42J$EE{9k_eeAwAEx@Dl6=_RgpCXyK8gyq(6{;_I>z6#9k9vZWJ?-lIPu(5s7 zqIPaFsE*=b3h_p1T{=9G-=rU{H$x#2nGK8cc8=jht$ffrtr+?5{Xsut4#e91wjb%F zcCx)=;odOSZ zBhYOtbZ6I>i|%5zm4LEEA>At;)s<|&P`rFIKyj9a7I?be@rvVI6Lo$>*lw-Sqj3#6Yp%7@7+)zmBJ83fDFrH?Ce2 z>-5sp3Q%PhX{x`iX_r1S<=8TK@g`q*?IWn4j8*BK2O%!@SW>DBLJz#w&xm&EEX896C+Wk3F~by|GZM{ z=KhX(qB@Uh^p!+yUO>yAA`3)co*g8=|xxVG#9VRqACgt(${ecgpiR!sD+`9V&d(qRK{^Sh{w2myQhF!(`~==pcJr z>fEqjzaC-Lr^g6ZGKJa0IO-K5kBXWj9?NHZEqIUh%=Ag^TbVLeDbt(+Lec{aO+GVr z-)G&Mm>~ynN2WsbnAs%eyJWg&phM9D1G3*C!(BLu_P-2VuGoe>TVSLCwKcr+P_Gf-4{AMKokza({pZ(QLrAE~E$8xt z1j--x$7_4Pi;{+yx_spMA6NJ;KiqIGD6R@_XvP{7e^)1}FtIKzu6wHVhz zbww1=6_!}noWiuK5p9j4B(R>sJ8nma>Os`@A!s(9l20?XY3NnNO#Ew3HOGq)`VpVf zd$r$VL%`J5Wf<-(q3`vr7hmykjs511O_Pa^HG1&p34YbWCaBMoWoP__|1F%rFF8-g z@}7?&%#<5dHH}}ac$$a3lc1MrseN3)It-(&;k|=<8DE{m1E^3GM9jV`S$$72G@gvj z@`XOC9A1E~wv2;U`p!7{$4ti?b_LV((x5i%{6G?g-@ECIPlmx9TT(G*oL`w5KEg?vQ2$X4N-l6f${~l#LZfr(9C4?v~>o&SEXB6YGrhsDC zEav4?ZZRa#E((;-k&N$K$M2h8Y)C59FJ~h1)+g_g2tFG-+!hwvHagvzGV?G~BEh3R zEnHA$Zj&)rsHN*L#w8N{p>GR5O;CHyJty<%yG!J{<7_&zyiTTkgjn}C#iwxPcA+fH z0TW#$({_+EhP`fVnSOKgu5dw8)}v^D&@LqxmawGwr}L=vz+#(g-QFiVbpF=S3diII zG{Yo^zw9R?d4z=T=wR|?E#pFN1eB#%uM7Gvpm#5Y(-t3LQ%o~72<}Nb_noRm(B8l? zK_?*7d&MRxHOy{zSTBV+HSjgL^q}Q@<*S0DF9`+LC~tQ=HDG9d!E0Tsf#KOUc&%O3 z4vkECHMNKLEp5k}51^Jmjah#L2O?4m8i#*VqEi#ZWij5|38K6^*BME^XVWMWh;dV&V{nN9*}YiaeE@N35sgd#W?1uVlkbz&4W^z33t;Jzyx*O38hJz5AO|XQ zrsWXVY!x=DnZq@lH=2G2zYb`ZWM<(#lugwrO)2Bc~acBoaj!F6t*$C5G&#OS- zV>Rbq#QaEYbR;+3RT>%{U%n+ifPC*;^#wL=Uv2*p2S%Zge+Xv?d1+`{PVZQVsn53` zL&_^J9qCep6-|*pej@5iuT(SrLqW!XPBhLO!j>jbwGqL4NZNgp`KkDi1H0lvnnC66 zVnm5`$F|)As7#w>)i|hmguQj{KqB0?G)|4hhjTBLqv%8G>Bs^W6NT4-&qBT4e+&hE zUZOht0hjQ=XhUwDic^BH?;g_t6rS(BE+!F`5GqA}Ea}|a_^VyzO*E58SCD77KI}wd z#i5Rp73;}(@T-r%>d~^AX&r+XR~yZ)aDB4l%*D_UU&dqxg#TU%JgLq zbi417AnhDIQkl3?VgC-!^Aa*XCS@7ei0DlUlp%-1tH z+GNbd0oK%}o(#3~7wtr=VqX z2>43)-dy)>7kFB+Pd9+s=FKx^V;4zfbP(B~NNq&7N~jc!Qy~zZg|JA%O7>-a;UJDs5nm zv6qO_<=&Cs3B36?eLqG+YAB|5*p7w`l_ffmr$ZJO7#1r99m+rjtP9TDq)<#w0JTt3wK$%4k8R(3PZ+R)34)W zBC3V+s&)ob4Qu#F)CLCn7Zv&}s@T4pAUl}~G=ug{rjUT3?d7+07dSampXP0L7#-tK z9={&45U<}IpZ_8=f%`<^%NN|ldQMs|8@PEYx2#GBNW@D-+!R&|sd+$;KIT zvBK~GdcCmbUooRoA!=M4??%8F66!b35o(aYoUe--zDe}C+O6t@bi;3E+aJ3EJL!c( z1ikjhW$)q?r=K;XiN3UaLfM4e((UM3aDzwBmqTOmCZ(yhtc=03U7!KvM*8Rz+nP!|Wc?n6nzs>z&ljLuWsrix zR>b;+#(?lgilTo-;a7*RnS9iX%*-KYyhO~L>^gqh#ygZ)-0N^+j#SJ&Oh0lV6#19} z?7;=$*~hBJYt+!IFz2YV4{};Ok!EMa^QXS2Bvw)>T&G`CUxjhj14&>Kl^{o<^FC7pnvyB!Bfc zeAeo@)$wIJlu;c1yuR;OvyRqE5{*G5crsc&o)4h2mk$g7CE|j}f1)e=Gv)_BACUAv z2K~?)vhCs{Z28UQ%sahcB+2T>ua}6&vq@;XoAZk>wc!`>BH`}wdp7;3!|ic1=Dx*+ z(}M_H&ah*Psq|5Xx4)BW`IZE4h}(5@!UZTEvpc$zMGLJbI~y*Ec^*aU)Gsu=e=cQ2 zLvzab>^PK)7_L;W4(920AWX{)An#hzLX-6hCyVz^@YeC3*$|(m;T!i4#CPu}a*Jjr zTn@urxIQS3;p_U1n14ZO*@xbgdn>w~-TkE+v)_DTBsql<_UZx#(smoen9_Ce zdF!Va-wCn1uC(tn+{|hs;#et6%g-NejRoFCA6_Z8+60!%T{Sju8uXwQ)E(xI&JE!IEh5*6(R>b*9qG?k5G? zngwU6vlVh74Ez{7+9DFiA!Xk74$1hHSZ01Eyzb>3tG_0vGOm$)8Bloti$nbFenj96 z0jSWwV{q^b|G(V?;W_`4o3y@oQOep#)0Dv+8H76nQxIW>Z~Q0d+B|DczAw(9(?@lN2buSw~ts>=C>c7%gIJ< zj_B669fv`YXT0C#7b|JzE}Dr%N@2$WBXb+0_TGOkes(ps?Rh)h*W6@2=iEd(!Xa+; z{Iet};gi=ql{9xXR(bpoQNtMyf`7Bs!l%0h!6*U#(;Ez`O_I*;P&Ondpdr+7h)x|B}*0v?ss2^0I zvdmec^zvsGQ&@hq=FFfL2y8^j$K)PC8`Gq@QHPetS(snGxcQu!Wu~pGd!S3mseduGPkv)BzOVmd<_?4w}eE6AO$Ss!KXAb${!Pvv8=G$Qx$_f z6h@>{lHo1B`|eFn?dR)n-hNX0zVx`%TJe%!{0oK4GH8ovIt>F!Zn-#AS+J1+{q;C( zU>$f7^Q%X9aKlhPOcVBe>M$u=H-8P^5LaOU=ZL*P+lugJ?ag>IKjjT+oV?WAOhHQL zrvVT=LjrU8V`P4o*+&#vr`y)XkRtIA}wj= z8x_LfDkq?dE_{UY$kZ@=At>#U6{%_*Rt4{q>7y*|$1Zfw{f$4@g>NYd|8aFY!gfgx zor_td%YTPKcq2U0UQ5_anyD{N%3VQ;N7f#pbI~h}V#DlTSE6KH>6`1cPS`EY;J~9N zc3pR*;Qd)i--?NOD3C^M6uSs-6{2qo6UI0)m46Bo(9`M;sMIxhkrNUHV@V#<-)u4~ zQ5jO6+Ut5SdG-Pk!)JKq{$yK-`)yqih6A}qLm$QYz7mTWX0@ht4M;&u}`8o)%GxdN*}gU z7XO$EOYDG~eP&STxASkO1rwd0iyih;4*s47;orZ-Oc^A)T)ENOyJA3`teO?>t&U?oHI({AKET! zS*xymCyBy;eZ86I`t~~3Q&0`p#pBGegIf?}uYE~)LB@ya^O4+;A_cYlrl0OHs#?8o z$1i)v-TndIub9mnOwH!SJ1VGKZ@^zWD{_Sd&Er7uV=6MUz~8f93R$Y%GBM??_mlJ! zu_*}1LW2#g>VFpG1;;+4AC29BPednc)bYL|Ffii%u2%S_?Zo9str4ZCRgL+?@9n6x(N(V{s8G~$ zm-;+zG;CIAAJNmX;~ES-HaJ6xTlXm$w-Z=YHk9J)#49BQ7p-uMJxs*D3zaR+C*>GD zgd~JXlf}(jHE+t$4jQcU$TLBFDw=-Kr9ScQr>o2AW-1*d4jsV}Yn@bmXTV}+S97jy zN%1LSEW=%AL5%ZseQ<4}}OhQj{6m^s9lI3M)_d)wPat+v=Yh{>{o!ke3*NDMsp)>?->=MIa4GUD~mcgZI z-A30|F!k}!GkmoqN>MdydzDpMW)>Y;e`@s9BR#=y_)qa3^iG(_~D zQ`_f0^8V%ivV=}4!*6?Lj9YG9>p z=_R6*oEv3v4~dYbKXtN!XQz8pD18X<&InKwd$=E(i6bW-fQRx&+r7O^BbQm8_CLmS zssA{9by-*Xqe6gaAkeV5)`II>nS;_EE`!S{5Jslr9YOA-Ldzkx{wM5Z#BpbOkINuId13(*S^J~`lca1J zWHv4BM?UoCiOXFhZ8gnPBB^aXj61s*tR7|V3#4PFAnLZ76i|GjS#b;HdeHT)DQD-x zUPe%ek(hD(Kx5Yn4a-M1y4^yj4JAyfR0hOKIG=hbw9E`03#tV-lsvdb+GEiSNp!6m z7jQWoU5S)E4OG67yji^O7GtQow`$8Q`%yCcnqlPyd^E|F`{Kiqs8qA!L0G+YN7OTO z+1mD*OG4ABid`aj{*!@5GgITA9K8C@g@gEZ+?u*RTYNuObj^jlsuy?er}^0jF-P}i zcDzlG(n?E_sw5~bzNl4)E-7IeNIb;gJUYI(cJjhu;1;$XojSDrx|8;4u=zGY;YpMj zGd%vZYe1oSIzFVYYRR$TjeLIG!UlAcwUgJC`FWSv=)5NyQ*oo?QET!jIZ1IFj z6dcCd4Bf448|Ex=8TCFT;`mR2uqp#@V=(vR4L!aEXE!OfeLuK)rFiCy!iFGHr5YI5#f*kc)I)`$@5VPEyViJH^KTXcy? z$f>#TE!`2;@z`$({Fm1#H1VUIeY#8icvb^#ro`TMNfK4fXO){%Qsi3^5>a^_?Y+W> z{ddvjW}NCOv2GFJCr-K9;*sCG@`wcnY+@;yf`&KE3f6*u1r4b`{g|iPIkm%R!{}wB zhrfz}j4_Io`XrH;(n|h5Hk4r2*h8uTW?tkn)rOWGwrS(B>6v72C- zdu4+*&?B4cw1@L7@iruG?bEkv2vJg|&+j)(rq&9?FaE5&4$m@|y$rJu#jzRXcKn{w zq>a+pFvt+zW6wVLwS4sFiXKP&H1Ad(6Fsq6LhgimG_5TE6Ps({$Zrs*6R1AzOseF$ z)4ceR2nE4)`0KQy;xOE|WDV;M;D+mQk11OE)6@u^s#i6qNPyhirV17g`h;%UjzYh@v1^J6W zEx?&y7y_gK_z(JTjx-#Rf zK*(Pd03&F@zqx|a2pZsoBRB;Rk|6@J2pTXTfFd#on*sU*w2UBv23jEkSWgBl4VHz$ z!7_mEfPMmUP#B;kzW@X*D+rW<02V_aLInK5U>DH2LuWj1quOd1;_*13giO%2=GCq1w{n-A#f;6KoBAa zkrogU;1iIA3j!U<2Nf282}(;t1%SF`1O;IH!azC2v}G|Mi>GSk`)q0G!;NVf*b;2aG-zqrNO{pgi1pI8V=;j@F8+#00{sB zBMvUYCnSe369lM8L_k0ofx-eZfEmI3vT}eifpIM¿wD+Go~3yBDWAwVe^V4xrn zhCpE%fFG#qFNz=#VPOOhAOWaFj$cHUPf&&r2IhlG!(mWFy#N9p1p|zWK!hB?s6f3i zU>5m{fZ7PozxbC%$cI4@l3_p}A`oFoL|GZxzoifec;??y2>eR}`~WQg{)>M(5nBD_ z5rPSUfnJ6Io&d-J>IZ1R#}W9q6kGrX2htJV1w+t4Iv<~$5DX4zB@2_~d)5?E)QX(YN_>MfD>2xo^sS*$Ti?X|61m25Z z76{(0e9s6U^XX3%iwa<^>kF+Gfz8Z!8jpr~+npd~C+R%#EtAT-+ z6r*>?s7pgDWhl+jT?+{GF&g$oo=@CCNhs+f95U+!G6Z|GXoXyaybb-?@ zHmgY`a2`kVJt70nO(C*WT zGRT*LEI6c9Dg2zIt1s$KRXsO|l+`MlZipL~&11y_1Ul(lbhx=Q?t3ZX$$@w&GQ+Oq~TL_Fn^beS(h9=OHdpN0?<{pD@Qw{d9c) zHDIYR$$XRnmL>veictD`ln|43* z%1P@-{x(uY%$M_jOvWmKxSL{G!X^hU{8OP`QZI-F6R1S>%mEphBnlY8t-KaNSNaW$ zTLoGv)tN8FKp?mK@pJrn%G9x6@PeBH)hT#5?&NQJyE%`cQ{ z2TVvgu5~HeK(K;hAFplo3$&Yu1Zp>xADiboW7w@{v`o;ps=gAn0fPAUGhKwV9tHn+ zje&+WpE-sH^w03_r>*vJc;yy*n+3U)EKuj7yxRQ!?v`=*v+7tXrAv2j5U8E0_gj{O zUCEr8R!chSOJ2a`9$jX%Dq-{lOI4-&I{@luiyuHd#NAvgT4Dzy{Kx)tu9?fp zYb8%SjMpw?K;;I3LZa@T&dhJg$QxyVTgK0AfUXM0{ax%K?&*%CHV|>?S%IjmOQKrW z=5x}Tp*ctK2TX)c%&QL?R>J4XW^u@W_TA=}i^47}7To<8XodmN5q%)L4WE`Gyyo~iK5vlCI9-?aTD zb!CUt6TpnIa<>>E?86TL1r@4_+ec&y07|JYoEnj@f$E;(HZ zuaDJS%`XYC1fi4=n=JRX-V;1EBg!hYVlMqtNJm265lSa{-pEi+|KjF8PKus$4X498 z&{#v~xK@1E3Q7f4ReV9T{LOD?zi*F?rA`iNSZp&4Vzu_KEoi}#Q|F<8lVi}nqj0H= z%OLJq>pA~evorG}kNU(2#(_M?rHu8#`mt zG3pO!4(_n8hWbZIu{#u^tkuPeUzY?afU)3^r+lEZ7s7zA#_j&TkX62UQDmthttKra z{dhRZj$ZH!Fx_A_bsP7I#uyfd_7v7Y+n;ajWpUM06p3n>SfDov^8-?1WR9Ya>OWR3 z^lf9<{Y-N3Aosaq)#Ws+7yp4Y;*AG(1l;CPQ>XFLkLkhmD{8EH@rb+JtwJT#<0K<% z$-%4F*}g!p+I9cfluql!wycj8dxm1vVmnsw;(^L~$?>XyDF$#L-zeUyIl&F{g6%%T zz|w;w*x?X}(Nsckv7&|&p(u#%w07nGWE`O@M3SbDNRb>@3Bo76%rlymnspWsSs(ip*fh zu)Cw8eJU|t@m2D6>bdV?DIqdB2!u++?m-vHYoygc;`f?|(X+y@+V4CrJSDDJ`{imr zXFB`#=JX~9aqUE(OyZNe(->j2J-~2Mj1@uoIlE>9I!%jsm>E{9f5yegOaGXKE(}k1 zT5I!i;SIOZ-YK~k3!wu}LUdX^H_@+HuIc(c(R)HG0#DU)QT?dUm_9R$HpFa?E!rr` zGZA+e1CR^iheB>NwNFK%+n<3D^eqB{S&Fhd@#V2fmfL;Zefg5^ zVULZLd3gMK*^8oj;=0(NV$c-ACd2S{xs`Q)%q3vN1-s4f-^?)&<_?D>JJ;*Iex;$0 z#gwd1Xi~i^Z*f(tg(9Az2uxP(j6EI37%WP2(=8FGPootxv!eO^8g>q(iJvD@lBR^BBNa7fvFZ+-9A(pDNvxUWGd3jl-g;B2Nw8^NDDS{D}2p4Ryq-AtGwwHS5|(=Qt)M zqz`sxZGl{myKn|#xZ<}ki6x=4&Dr(9;K|OZ?PA%QS^q+edkO!t9yLB-cczSsfg)dk;3d~); z(^MXjX0ZuW&IbwuwTDF+T#dt1T{YQ~IcF}+M4U?iiyP9o1i&K@LuI0m%gT&Vxc5e+ zL8|S$!%Y)oM<(D{m{PV$PO<}KP`295>vh-!PMuN^(Lta+=yj11s1?xUByXfE7fzjA zqty|+{_4P2L$_IPGWHQ?c}^~g>r)UVCa@@5mHpi`hlxGKnK;n??P+^hA}&`Sx9Ydd z*jv~!&{qm|1I8@ZBr0EF=*X&YwZaI z%WOldWJ1)feg8Ypy$dnmGK>=9iXYoeR;lIeQFdQ?ssy|;Rekfodxm#3hhCk_(c?N4lE zy8v?@cU_lp4_PIZ`)|4fn*vQOoVcAnT8RTg--FbQ#WtmZjU9H19Z1Hu*cYY!=02Z& zuwFA@SHb+<11=_RT1XvF`DdapFMt(D7Ok=lSHA>Hl?Zx;s-jH zzgC>klX@FImvLVVP2Lp8*(=U}SY(V)jr^KP+?olDUI!_njMlJki$y`!G?EjVPWqN^ zW)blvs_P2-*XqC3BKPhxws8r@CJxKy6a;+Lw=qB`Da2h3=3;XyO-NYIcRY zGAtKbD5_Tt@K(E=v3#kyl&0Z)1&;p%{WTv3lo|IYjcmn!fj2zmS)XffTLA7uAxEZv z{`j4#YX6ZrYQb%$B(=`B%-nP}bTwcZ*$%7QBk?D;31c=QVa6&o*gA96^;z7kL<)RO zT6g~`zvnaZ<)+D45f%tU3x?0MhHdkTv3VS-+0#ZdPiv+S6&Ij6G?pf(5Pm%|1lzs> z=lY5(K@gWgUp{!QKNc*nWZKbVZiNeLOdcyegDQ@rDKNQ$>OD8}M{&jI6Tk^TDhe9; ziP-~O_|C-hv#AkP1s3uT^1m8iG|NA4Mwt+Ef*~fpT&7rNCv|nkk&W-D-x6i(v9C{% z=JrdP=kDEEcfM==76*J{)q#cBgY5ftRxH+x6sr8Z*3Q*H$@HEnD;^A;yBg3)c$4G6 zMN@MdErk&o;_2w8{={d2Mnx8>!j_(ac9xKA|xE+9jOo&A^UrLE4 zo)Z7D32CC`NkfN}#en;5UbMvRW?oi*=)J|$Q>30ho>~-_Uba9FtOW^skU<7J$t!E# zzEqx`*k^@ylG7APUax+Pmbg}0T9~0u)xrJMMO@F|`AbVF#+R`FqhWpDi7#q3&?+fX zc$Ej)IkuidLd6J*tht5JVKm|IhyK8a_sv$Rg$<=Tk#aJn$up@JFJ_3V@ybo_D=r7r zyw7X{G*&qqg}V0dcnEgxP2^f^J$!~s%eka2b8g)E*+7Br z{*{vZ@_60io0;_@GLlcv_g~HARx~G8^@QnZb-mQ70?iKp@QPnG%Aav`hgS}lK0Bz) zR0A$!!iIoA=~UgP&l0cr`1AZ!V$}$uRmQezY>!61{`Rmkf)HxhGbS3;vf85E0qY&O zaj62vYp==nA9|BBw>`ICE}OGXo}3By_?na?)B`Is;QoPl&C*=j3gx`xB*=fs^v*Ec zFQ;)Py<|JyE~o5R&v_;`+p0$@o$PelAkX%-ArF1HWV5_HDjyT zex2HJl~3dQAAn&MjAwSB6VdVr*-TUAH0ll8*f;)?NIAS2Sc!kCmDyIAtog`GuTFke%-g#{xn-`s3jyFJqYH!S^6_R> zpjSnUJsxIYo+z7RI#yJA{idy}n2^~0CEZY(!iYsSi0y%`vBLWM zyL{oy>FL229n$c2W3IW#5+3P`%C?o2Z!dutm@b2BA;+b27fr^pgSxd%;pNy41tm7x zG2hEgjd+Nw7v*#4jaEj!sKi79^R^VJ0x~h2Rr|RuxIG|Hf`Sy>BONCE5hU%MA@$?@VuAEVuvGS9p>=L)||D($KRY3y(DW zMB{HY>rE>`{|2@E1D0zYPz45|X=UCM9L&K|zdIMEo_!7WCrC0)^eICn8|AS>+drPX zz^!Y@ds{YYReok=pb>u|Sz)EaCizrL&*Rr_qmHt#ZU1{58>8y%`gZ18OPrZ(TF7|%&Qd14OnPtP^TDt`EK z#Ti>J!sg>MB(?Y4;yNr6L*NBf>B4=rj)k?aoe2-sZ&-hfUiZ?hzHbMhyfp*!fsTdw z&{ob7%-n~?6IZ4wvp(R}8$+rqa+iy0@14kh5hWa#G09a1vg*1y91MG4tk|OYcAaAB%CE@gzu>) zwow!PhozONvpw|Q+POFTTPg2f{m_mv)H$`H0JgjMf3s+HR4@qlqv%j4@+tP87ncJVMER(F>wZ#*mS+%a}7aqbd)q#1}FUs3T z104%GX`gGQr%;4LS1IC<2auxisxAQ8LM{P2zo5#lkCk836f{l-u6?aj)zM+7bwT6T z?0qcKQ<7)6#BsNruz&o$oTizh1qWNggt4BhhEvMIRd=e4K;q}c2@1$}hdRAdwgm<3 zJ=6Z-8{FF_zIf%&iazU8r-r=euAI>UTjE~F_qIO=MuQ8GV{o2S30 z0by)^?0X0Y`vq+fFitK?P2ili%^Q~Hdi9)tLaZNLJIpJw{MwN!@ve0~Bku*smb&{l zJ@v78c7dtJ_TEcTW6niu=|)Zn&*%Z#K%A|pYhfAVgs(Y$rTn~@GJ$#)d)}`;ozFm6 zjC*mt=DsM91Nff;D4QjqMpu!VjImPp4zA7kFr@RMO7pr@t%=#m_s>)1z^2d<{m2rl zg9IzG5{G)rQhy!Pg|AyS7kJRNNNLNQ&-&zA<)-0Cq*M(P?JzT%S&Tw-#GQ>ZjwWyo zSI_(A`MuI~_4jK!mrj_xE2uc3xF|qbZ&CAHg*=2O*`U&(YGO0QQ zO!fE8?rM#g98nSW)nkYLxsxs^<>s@19U9YyYH!j~%W0(0QTlapb_A>i4jc@qbGx6X zElU1!#|OsAITmMpYZztK?M91|XI|NdM7hrO3hP&cT-+1Av+nwhU)ZsK89*AJlO?d} z(H%8uUtjrD?0Q6dCmS!zjiLtG{|#8r!jsLfy{{GN?R|a@iWl5Y*t)pr)O^;nW=fV z1Cy2cWQ0o#!|@9Ec87gn2;AUNFb3A>BAtpJlRQHK)Wj*%%5?ct`A2r707uPXm`j;= zj}59^ykTD1AFZrdlu(yy~aEI1@9_(=W z*aUU_{mLA2R*P}M{G<*QyQ%??gvU>-<;xau!*h|%8Pk^eTCO6)KYv~v>KzEOD^@Vg8=OQjl6i5j zWA3rAo^N=whp7i`{zYR{yMe3yI`#RItdg!rDUPxptv6^u_b@MW47f76tq_hHqtTjC zu=KvuH{tkS0M$S$zg~~1n7LB8X)c@p+_b|6pq(wGjP(jqrhv_6)#>YN-@0L6D>jA2 zTG$-}N7lw4X}gx>)%aPu0RR9X5<=OlNJ5w6KC=OC<4k^SQ2nt{LAV`sySy_#{5- zS1BPSR*JZ+BxI1=fQXQ+RRas?IY1bD6)>_&_4~5Ja#O%uVCV*zI#i@Y&2R76*|Lyx z>-M$jQb8>|`RBQ;^(*xAN)+euQyE!%&`1h;=`GcS3Z9DoxeQWym188W1t+MMnGN!7bY=kv)d#SKz-2BhWZ=o!P*M6h_eq-j*|I{>7udk{udsT8a zdqoDWh_Y(f|?nzUnn~!MCx+WxKD_$?K5Ha&$!*w&%XEIVOII zH=exvnQqD0bQVR^D%Bqq)Q!4Ut7_Wb?Mtr7mc@82_PS+O|MbMfn_`%v8i>Inb?cKi zeyE}hU1~c0N?ETub_HhbSDlQblo+|ix-;AxWCbKFfC*{j;~p%aB5{^Ow@BBCOXziv zT9BBOEg_&A@EyzD*vin|VZS#Q;)j*Z6?7DA0Q*{1P2oCir0RASHDa4e7staH^?W%LAlM?>{Yt(zi`Ft zWgmIvxfI~c+mth%WycrHsp^bv^oqj!nLg zDQz9MQ8)HB{?lW_(EnQvMchJh2r+xDS|2?r-Fx&XpH|W*%5^6f7m7X5?jR;cMD7iI ze*l98P;k0O3y30Kd0CQCR}%*)OvfQ*uL7#q1@9=o%455XST0AhIi}r!vb1(rtJV#SFW$=8cI!I zo6a_{wX31)hJI&uW_Inj#;#UD@w2o>{eN$FlUDTJKxMNZl6(XF=-~n)#cMK5bS5OM z!AMF6XAK`t_9_rb8|B}Q5a@M*E?(!@5e9QgVb5Zh8s?o19P4UlZ@Z9IH_B(qcdxHn zf;pSL__$_A%-$|2&Al!4O=K;*SNeXT^nL4>rps2tj+9l^tfGHY{zkX>?5>@O%dEdU z-Oj?5RwCRRr~rWlc+txRMA5w_LvDg(v010rqt+a~!^vI~{Hy~RpK#{YKPpku6QEcF zS*BH%GK;qMkyjOt9DoD0YPI^!YkGNh`8Rv_rr*rwvU6qKz$#UJ&DG%|?^<=Kq?#!U=UK`Uoa?J6dG9mFW4j0}c!lydAAB zE+E?0R+3?xj-CTgxpjH~g1!EgDrkBEHhVqKm9BkLUOLLn*gZu(kDODfkp{+bRF*;= zJ8PkQSvZvoj{B?1iloS%XxA1{1l_B5gMp`? z-A~AelD!Hfb@7E~;n@wKjV;P~hO+DkSjz0(y2Vy^aZ~`bHD$@y3JP#lfACIebvA#0 zyKw1}a;dy$t5r3<&@_FuMDxr)S^QMnzW&O)_jLpFU#kTi;MMWsa^k;gjf!EF&u7%q zUG0--%O)|xG;|FuPy0c>0wiRO)#C+JB${UEUK2O?b$WwC$zJ*K16~{O+70lsa?!1_ zzQ;7lLJ?c%?$*sp18Yt(&qU?}CQ2Av*S6M>P1e2HboSicI)t@O2k=(_ zlCHg8Kt-Zus_r$Q9}d&c?mG@8d*#P^o$^jFH)HoabwxjJK9W6(1itPXO zy8fH>+l6;$XG(f`R>>jTRrIa#U@fnxb}B@akXu>Z){Lzud$-Tb+(*rz-LI-?w}-3; ztmbeit(vLbefQ#0T2)HAru{0yx{=;%_vWx(?+z3J0Q3ayOV`*IP?2buqE}6ve#))W zJCN-4;9Cxiz04J_9)T(Gbpyv~XF9^P8px^2wJ*NWj0%38N89~4!)w*pDSvpoFmq)t z{mR8V`lD4Pr_PkOEDCBoxsLM8F0Cyq4u4h4TYBMQdF=;fy^72Z8cwn;6eY{7X{bTu zucc}A53l_2gpxjkNNz0xE9l_n`0l$Kz+Yc@^nL*e>0XnB-B{w_SPmRc-K&7=)fY*d z=RrF~)eQ`Vn7m%Qw`V68z$#a)f3>)0y{ulmlrR13wdth|UE8`hm!2;Dn_e@`?a!Cf z%G~-Fdg&St1#5}g>D7%Ze|O@<^+R9hkB*8QuJlMECv$|!Ss`gW1 z#f|ionAa#}g*Ehm7X*m|uz-q0vm`4f>l`5RdN_5j0x7u9d&Za>ENhYaygSDVm6cPj zmGxQ`@9tL(J1PJQ>|#7xO=lJL+Uj)vcHQ`Wp_I>FyRTbc?&O!p6;&-f-Y(gOv?%a^ zs;u75t1}M_$4CGfz1nsN*8dHof}+6UT`$wv(;w(agKKPwj$HD~j&6>F<@y5He?)R7 z=+*)%60H(?RZ5+Mv~&-p?sc9kU5EQU^|`u%!D!@FnYOqqdU>y6(}5}`u?9-E^$K$G zdNVhhy>`3)dH&ipMJ@l&s$s0nrcr?HxpyvJ%VK@*+*`^eH9NQV`Tbw&IHrpeFbgM% zZCL-m|682Lpy5Q*Lh-dxRD=4D1qY5?bglAq^9Bmm`Dy44bnBozV*$Ou!B{|KCrG_2 zSqH@>==lITIF#&_@3S>8d4`x*eTqt6&$2eP)WUteYFnmS(hym!){x1op_eYP{6x_%w~FaNcnmzPvq-}+`YtDx;IW%-XtFPob!>2+i+P(y!_m4Id-^VgcGU$p2k zPGI1+ZkrXD_r+EYTW@yjy`IO0)P|;V`C-_5UeXnverz)#|KnvbCMNf3gUxUSGXZN5t6r+h{n+3@pi8 z(SQ58(73S{eKCoiS#BPPge)bQ@m|1s-~|R#@w&eYXrve{hfMb>%Y#Gb|F`q#uZ!~s z-g01sAC1tP2ZrmiMfE8-OSKz7;uASyp?!YapcUsBKo(Th+Fl{2S{${Y8}+-Yf?{gt z(sQN%(C_APGQ*tWWJJsK2Y#P}6Ep>UF(tX!Yx_sD(Qp zUQu${S4ucnfrjKRItL1!rRn7}NBA>JjpOn(i3e0p1m@WKZ}R8V+XI3VzMx<&AnD*O zAR5s=P`X#i`%hT^$h`>FJ!*z*Md=m`$h z0wTrhLDIdt=y?YyVD(DOCAL|eqk4U5fOZ;I0z-9OM}Yw}9N^W&2?p@LHEh0WJYLF| z9@(r`e}B%_wg$8eip7AJ|K;E3{!y>2J;GL3)xC|sf8&iGym6*bzJ3B_l0nBPmUuPL zxlsIps(l)*w)g%Ixl={s9?s1n(_T=l`-!SffY1XkDCi5Qxqc4T0wTpLEL$Zw(xqRcj!+iUYCKY=c$9qOo5NF=*hiHC(fM7U%_-Yn@yi6ZU3hHK(FI0TveMZ?>xEq z<`K^7p(@U>bWJojeS?=v_b)$CN-V&BA!Gr`2X6t9;uV&yDCi$^?XprH!vXHj)>X<` zq;pjAYKgu4HqwM@IDiW_QN?isO{1>s$g8Tb{Mcfg29mB?{T;>C1_YW>a@L<^^#^t2 zR%_NDy>aE@7u)5#Zz#%{(%qS?lFQD{tghvUul()b=kNdbZ%sR$fz_y9em8wK{N0Bd zUVg>dlfX9!Wgm~OJ-Z=91EhqUu&riR6743ep|puxJRRDeRcj@V^P(#dXvnJe9o3UBPG@a*-llg>|p)0*YzqR#rY-8H^*=g4LU* zOaxp0skyd*;p1)1p)K%hdBpi52f9JpGuS%|sfx@zmF=s4}+gp^}3`mGFIc z!yEA$_r62!7QTR(M~N&T*3qM_uGw4)VpT$IF!~UTIdZ(i~kkkjtu{q43uz zsQ^+9V4H!eR?~0(;QQ)L6rs@6Ogp%sxufm9Pd7in?I0C^a`C=t{9@*cy0QGqo3G^8 z@Ge+dP5;mm(#DRaZ#^zwIgvi|cDasH%2;jc>*<^_5;|tIWj@j}s9{*%Ny$%%Tk1ym zi7bipF}V=%V&Kc3pe=echchi{_)|jSC1gsHl85a67K7L3&Us>lxNcfP=>)|)iR={{ zi4KN}@c!RyP5`Z2-+dfT`MF>%AgSX8#JG_60vEA4<{nTaI?|HxZ$^)bnsA5H_zGdP5`fON0Ze+BzuA7gpq|;YUs&A^7OKIfVrR2-^ zbR@WInk7%S%d_e9yBF8))RE3tFId8NG<4W*Q067+vsR?S=LY#~vzSaWede6m3Gs)t zPRU7JLyA}Yd18g$s3pq0eUTU$pf*PsE-}SmMf=hcrx}rNivH6D52yEv391xq^@W$? zhmcB=+bpZajsi+|Z2^%Ng4reQe1r69^XgSu7w<3BzDgq@Ic`1(Rc_kj zM9CD(bS+@5>Quo#;uU{>n*H$h*rfv86=F&A2I|2ML~>D4|2eB7IC} zDOBjgAO_|F3RP(eETBYCJ&P}dYGZqgHFC`?u%hgh>~ew^3@l{u5`PVj4EmUw(ayHK z7iX_x7xc8lR}=p!sq-l!UR%eFaq3d@z?@~7Wo7eq1HJmANCRkp%l4(J81?eGH-1p6 z?qKUFZEJ1Dl9cJy(zMD>)-|rot?w9G{VK|0kp2FQdP&V?$8+iYj$y}&G4QTg)u^wY z$SK)Zu0PW2iToL!;6>iWxOl6^PQ*lT#s z=Vk(@@Q3^@8oeULEBY`zUi65Q@H8RTE9MgJc&I4sRpzE}ZQJ3WYB!J+GTh`Ypx}l4 zTw+Mq@A`2gq1#sEca-v1QW%BLCoa!UGi|$qRjv0InJQhMIhQV)tso&90P;p`W)X}@ z<#}QC^-Xwc^Hd2_v}ZCyWopU6jrt=yxz?_Rg9z44i@O@8o`1JA^LJ&vilSd>wR>x` zin{zi_Wt!6Q@rNXxw7@bzoTDCTQqjI@arpzswnBdO}|mD;|N+PzAI|WBCzkLtvat< zd8DttlK$bNUxke?W$}F4RJ(=__Q>l=^y=mM<%Gy%;aH$6%w*X)(&;ze_bJu*jEz2=nM zFV{=DofHd4y4I>Vzku;gzOsfD^2yC<@DT|uJ0AH?2HFXk95p?RYlF;t?%7A zqpsx(t80&R6Ki)-94!MSkTs15@6621TzTc~wRc~cEt%$zLxzkp*%!i020Vi;$xXK$ znLhFuiPPfwLvJJ*jZn6>xH+F6TGU10Lp}Vo& zbgf-nKtbie&so>8!ql%e2fIz(t7r}eMzmT|ye1ea?OYA6knS~FTC=D9w5~-5V@Acq zt6TeWc-5E2DC>Y8>J@D}&D~qhV{(Zi1(;6_kXdP0BU@=f-Qx+gGmf&OrEAh9*)CS1hfUKGU`Oqr#bse=^L9C1`ciFn0{CibKd&aERAkWT0SuV48-Z>rcv0(8+%q zGGf%379MYY)HLopb)YG2Rvr491q&pDDQUt=U5UkedY6fxsLJ+R#4QenzIRo_@=S* zg(U#%JNnM*IrUmWv7=`*EeFtd`E65Q|G|lO%X-6-pXLrSq1CKLapo?EyyAGT$UMO+ zhKby~4DA!<=+bt!HYH&-oXnHNQdE(_QUV6=G_eKt7qM!@em-$8iflKbhJOdll!ds8HV~f|diU71A6K z0o`jq#Wamm;t8uDQK$7Ko_Kw2pjA7;5w97_IhctG#+Ce|_cxHnv}$U0ek_zk06TD1 zk>S6g)yr$waR@>?#w*=t%V})si~5~6W=h|n$OFiR7DW}P)EahzEzDvYIJ5zZD2r1T zXeg>|)%=S6+DEyii^36v1ge~lyb|a%pwmQo;iW%#Va2YVj!s|ONMucCOl^us37 zQWsE6d)1;B(mY*}_^L&Q$nPlSuin!qgm$%BWrcj3pa;Sw%a_ed5XiOF#zKi{N@ySQ zl>@JN1j+!Xc7}EihBJUAFX!$RN_DiYk3wbD++PsStYPY@e>Qsw1>z3V3fQt0d1$R} ztmYr+I8>}9tg!{HB~jf_vN#Ju6+1B4sc36R8DY`e8hgZwg*S~wu6Fhp~$h=7{Q5WVCPB10S!zIM>eplATKe4 zoiCPhD~fB*xDYnZ^OqG;0n=Ua`pkbqQ5T=KOOP$cI#j}>k1TCWJ#_)avwB1?WW}Xs zVVPpv(7lSC-BTz=A%aIrA?!7%dyOphQHkZIrn1+5K6~|qwcvRbOwoL{SOPJZUAnlu zUPm+&>jseN0P@?ilNV?Wy*!QND#L1)XwBlU>$)At)lPb#?P_*Tts2ULfI__*l^V8E zK=!l-PRC`*-1>*C5u=H%jyxoNi2nR{3aPwf-)Wz|mz0vpB+XaSTOO_?`>ks4ks$+U z*IW#12c0g-@Wyq^(;K+j2>t!CNSar+J5-d2EbOs*c55VT6uw)DI`z~A6j%IIQTEz$ z&nr^CYnQ#!htZi=#t0UJTcm>Gb+dI0m%S!w8ffJBmQ0}Az#q7%S>B7|rj}@J@FThm zd$bCCvsY5}$`r3k_S$Q+7j?5y!LRMeegLQ1!osy;?&zgU=^QoI7K6UNf5)&>9iXhR zSe0vYS7h*N+O$=x)NIEvtl>3L%$Q#cF^872kr|_#GGjG8bQZ(wHyARC^dVx2j9W=N z-6C?b3?VxYN0KNM3aT|i+q(_M$uBb6*&K1GnblC3JYTUL=p`vZH73|3MvA3H;SUw5 z@MDex?iC(}B;Cg0R&>EgxtaT^w_zI)6R)?Lrwi4+hCjdlityLJK5U(xR{vRZUab+N zJvoExR#3c-HOGsud!=YzH=FSqP>m$bvbGqhKars~KsGN4_X6bU^V;H!q++FJz9LoUZqqWFt z1Bq4J(AG|lVEkXK@uJ<;vE{~KI51&}=oA(SBxn>vWQ;fo!LZ*C^|_AAjbzjDvgPaU zEdk{#OT4bM9603=`MT*l9fju*f%h0Lt0F^nfv_rLjMb;DUZLL8Cg)-Fsi(BUb*C0x zKWy>(@YYJvjSo23BAi8{qUW_lLh%TbNlG10^ulJ&J(|_PE&m8o1RX(N*}B)w;>ya+ zFWnJqc9P3p$$7igN@|88Jy1JFKG3622c5kNWZLqqDqc9k`6$YP@o`m2&wi*^Yba(` zRlk=nJkskZ4xwgl-6^l9m1eSS0qUw`XVbe<83pxbHX_#b@lmA zNAJ{1^K3ZY4a;ulR#NhwjuF+t2daTZn?uE5`YXO($#nPI$btLm3#iMM14a9R)1N@0 z37>^dTT=4MSBX(alKX>>W)$*zE9nlPz2InKEI6@@EBNm9M1KP3+(zfQC5yAy1o85< z>A4B)^bi#O`cNW9H#(?-fiGT%J;(9HD~-J}g1wGoi-6qh?Qao_)M|QZNqwd8_}*vV z=oRCa*Qaw!ih#+0m%gfMVGHM&tzi`b(&^%)-nJe930CYGreXU5tUAEPwtH)gKzLNM z*SN?l_5O84kG)8lB!Hv=)H`h?=@C9wYg9(&c)cdvN>st}Ohos(A|+&Rk?8)7ILj1{ z%IaJprLlm_>gHvKCM*Anab9^1ADZV3o0Fo^aY>x>s3p zoEXSDZg6AgbpzL>tdUzuZ?yz{J_7F&49kH(yPg#2Hd*;@&~wo|_DY`8a}&6oqr9MX zepk28UOmTglmjV>)yem=Z0%`IQM2p1fpno;>nP{oTg$4tx})ob^qZ;@LGOx7c4=d; zh83ER6M{MENa=j}ndgPxu1{emfvy)R?QHr^hh!9;EswNLXV;}v3y>UILv0TgRlK_C z16=n}t827}kyxlJFDR#qYXLFX>!7=K@%Z|VDDnoHr9fzs(q`AmVU|4A?6oA3Ud#^z zHYn69Xi8Vv**5TWkYhO@job>Tz>4mww1>m)967ad#C7SMz4G?KQk3WW_p;2be@l91 z&u!Ej7TeTIcFF-ImrgJJVlS_#5tyspl(KwJ*YJK7)~Plc$Z`NFT(O;NrGbC7y%w<1 zt7AD}Y~^Lf!;4BjI-ds&%H8|WCU%m`p(Hjb3v6{V-ej9n)6q}T7W0a&nN7GWnabPz z(@GVuBd&mUmoi=1>vCnObraIKgzxHN9V)6+^2&VscBT%4c-pCbSU_~$tLu{?+y8P@ z=7eDdOT0EItX+%LtFPFz>O7-mN8L~8hXM)Z&qZK8te;Afc+P>uc$V%yoQR znZ3PdkygZ0?cgwW{)2`S%fR`^VXhUkWjU~&r$2aPD*5Pq8ZZ)+9VCw~(Vj2+R;O(e z1!w?8WZY(KY~_k0WNG$BR-@)-g~bY2qz=F_ zWKmo$+mt}lOK-C{N%zPHZEv9HA$FcSoyzaNl<-D+}^R^P}ysQ_&&lI^TC zS8=NyO0}nQlPt@wARx)9KS>8;s9gO*#G#@M!V2Zhjuz~SG|1(ko9vaUdwnmgf8=}+ zY@A*vD6UDdctdt{19ruxJxA!(({-<5ra2-p2Rv^fNi6ge&5xXmpiE2T_Yw-EuCv#^ zN%901dkv9_*=x6Ti$m5+Z@!sx1?*cJdf}C*@>QKH=#G|trEO?-{w@R4)~e&W zg=B1_VP~fOcJ_xXPC||7(%~dHQ$d;sc$skl%aSH2D*EuuXF}5v1AFC)*YgzRKq!07DYGbm zV7-KitD42y0cAG2a$sCpdSKwV1vX8sIx!4PJ0MpDD_?8a+rVb94P-W8R`rYNS=OSY zsNZ6`J18wDC3hVVd&{)V9Ul!K*ZU3H^O)33Ivc+J%49XJ?)4$<^_ph*=xR1w^(Y1n zKK4pi1-pGFPRbi9>Z6EyXOLGJ^j_nlo8pzmURQ{v;{|y^!n#*K2<_3Pf9tCSVs2M_ zUz1l5mRMUBikM{sUyMg(+^m&2P4kP5ZWBVHbN0$t4v^;v*S(?*|DWmAy?fWvN_M$) zO;zSf>oclwq=9D1svA0b=|}dguESQ%HWF}uv3V>0-1((q8uw?Ex9B57Wv|aVp9YDl zdVT0BOKEpHLr^s%jO6phn>vt2GM>gGxtJ!Jlz({n{a#r1FpwrEu`ZBB|J{mxMTO;Sc zNL0HeQzR8xjjMa5N+|N~d77X+$tdDA{My{1qAzlCsNUlY{R+J$Qm#j4uXL~Kn6$4H z_8QuD`?}XaqvTZ;S?|W-ds{Ti9EOXJ17Y?Wgp`nqo9wXfG3Z|R!*bv}`4r%>S5--G zY;T$RUnCGAqP#SJM{cP!#qmq8uR3Fdgn6kQ-Oj{KliYVd&adg>*KT z&Ms|i|6%oSLvp{+#PsZay=qhq6o}h&;|%QDo&y@Dtu=Gkwt~g_g00mPC6p*Zzlhi? zW5_5I5rc&swc%u7Kixlbd3e)BT3_1Gy^?hz6rZCQ`SnV;|CC6sEiV%C z%Eux(Yr1ClI`}eAydI5WIY0@pc{WT;+NJ_oHDBJTYV}96*f=Yz&V2TVLRJ-Lu$Cyk zH2Y}FCa>5h*2I}1uY>FhkR$3|r353oE4^1;(Y*?!GCbOf@x#kxi0od8 z^M*vsY6{0(`dnEz%qNAks^rFV>YLX}rE9DCtmqaOmeLzK&H`IS8(DU2EW@|{A>lO{#I>%#4HMXsw}hXZ8A=B~!CG zHJ!Wqhkq(e3mIr(;i}AhsAIzc1FKn$s)k*)s@R91f)gTC?65AF&YFAqLS1W^+t;&0 z%n_sbSVs2Tp*Bo3yUFHbGTrhu+%Su(t1nWj30Wj@b+6Pk_JZ^;yc%_zI&2QYhl;MJ zrVe@>?6q492!Rx@9K~gkI6zeQ>aWvL>LHJp0?liSGd7~^RVs?|R=ad=_sY<{Cb{DE zq=({&#Cr{%fzMu%H$ir8^`6B(_0Lz+j&tnt|M&0pjjXT%tdcA1HI#+`=O)nHpLUc1 zi_+p)1PwPrp|)#2K$&CA?RV2>BfOIb-Za~UpjOf|OSBacW|&2bDk?-xWSV#lMA#=Q z(0fl*qu&42Eu>bbqYf2C-{~6+!AB9j`%&kf9I1E~5dA{J->f^)z542OBwl?!bmZ5O z*(*)=njo)&Q@Un3z|Rz$iYQ)#I3mJ7kx#+3JG!y6x1o-s;91y#>)LFTOj~6g=YB;y zSlD?B{lwt~3>0Ai#UH?4u!a+s&_H2fHT`{+t$U?NwP#|Rj8fw1Up_v~(9=_1n>lf0 zDGSj{$;bsy>m>)bpuE*g84gybXI(V8wi z(#x}Uge@oj0DkQkI2^gxZs-Q)sW_T|iQ^CG7NM=_b=R1{Xtd%F?3mb^zo?c+S_Ne> zFf}&?H%=pqtO$&%ev_H}m737xJ+TK}Gq%Vk#nyzzUc={(>_@onmD}*;|zj5C%+|LndwJ2@_8^sz`&HQo5lZz5-R7iJ5Xjh-! z@Z7`+x_&UEy&_S6GhAfsv+k8TChhB9J(orss?ebiAF9sSYxG;NI|~ReqNwckpy*y( z4Uu-QUv{c{P10iu;Idh?BrAPQu`SNUAyNCz+pV(2tBcpdtEOnD7!s6`DE`34gTgFQ zxy}{xg}K?h5+!n0E|<>b%R0_SP}l3fFK^^g_$}-2>b6B%wW?z@fcR^zf!t+{Z);lh zlaMK;xy7CqdD2mCtEZl?$!}>|&=!j1S_u^ye-*VHpwUjU8dvv9*Ig0SV$r>JHdGYd zE2E)Ubg$i7K(q_tC@y2uy;4S4y!e885e@ykL%Y`mBmMicPgj!7D6rIcuQ8Z&P(S1c z9q_#ICx$uVm3mrX25J%4($>9FAw9jer9WO@%d3j2j*B{PDdVb|n<;M_#*Y58Qfc)S zygg<$d!nS*?98xL%_gsA1N~nA{grav_%9(Vl9n&(O9A#lJMNjMUGi(D0vOk)#x-dn zPTgx;F$bstsbkT-Qep^nG*tVmd!_nq#jt?TG*Q@VXp^z&UMY2?2&L5$Y4^&rTH~=- zYI>PxHj@#DDgS1o3i3&(Hr{qg}`hVOk*Y~Q% z+N14K{`$=ICBglz9FA`|z54j;e=5wVXd`brKo9``jaQyTOZE;ZIlMo+5GIRl2hEwh}PfP z@|I~jsSL447xvuJ^zxbfmUcSip-M**-*&8)8phbP3wvX_*! z?f2za&W@|uxdO^_h?;ErbydxZe&>w(o3Fxm4QVFIT;&;c`!X3?;Te@kI-pP>p8~Sy zy4OzZUOClb9xA$?ng;5YTj;d!;{u{iI&Bho(;on(4msFFom;_#7lI%f`g!;W^K`G2 zcoY5%cDNDp0$49FkwCW`;6}m1>9t)fa_VMi=MeGRYO+rym;T}HI*KcZ(!N$uW`X+s z)vRD}!lqQUf4ZM!)%=4xvdOBLHLYf6*{YewPX3KAJ_+A7q`lnzg~L9m+n2XI3y{WX zM%e3|h-q@h% zUPJ5i;=NMl_H``w9GxqBAUbESEXx4_@p`;9bfcWQRLd-BT3Ehf{p$~J>nNoF&WB}c znk8Q!ttx3HE2M+9^L5#@)g!dk)q6S)`-+qVIJ==%F^$h}?|cxtQ9@1a{M{{DK&mF_ z+m|E01xT8kZ&IU9VNfJY(Knf~>R$PV0c3^l*}cX+RQs)a?bZSkePs!s{b*Vbi3Ekp2QaKmAY`kSIR91+1sgz#W3{UJNhpty=%%mM?a|MwPkkH2 z+uhz;6y@3`OQlGu`;_y-8zJUEEV@^!-D@l{2Vx$o4t1~LOJzS7kf^yx`1H4B_ey#2 zJWWu~jjrU`=EubZ-8d%>-K&T0GWOgY;_5jqp+Jg5_sa0vlCE;at2a=~DNfxn+Azxz zf?_MHrEd+C$F*iB8L)mdY8KBl481fh)K0GXqxlI+J*%$i78!Q+11K&m`t>K==N5gn z-(tkLPtdCe2q5*9kwpP0intYy$as!)uQ3nRK6`C-YXQlz=w92idzHwSa6HNc5}taN zkR1ui*w}Ti#J9zk!9v)?c9XqMaK-CY&okvRr|tsv+?;${o}w)MS~qa|L1dYVl4@i1 ztM#u%VeefN_md4sTs5bzqKH~J?tozjb}=i)@92+R-<;Bu^*kG)DlQqJ+>1e)NUKM0 zk!GXA-9+vn-YefQfUMBPm;;QVqNZaI7^?l&y@o9y>NSWiAVF6>-n?>kuQV%TQaAjp zpR$rp6V(FYc!=*i)4h`KL7(EI0?m-u*hRZn0l$Kj=Ms3P1E;7b3C*|VqnWvqZs&Bh zxA$?_R(ghI(>HfHVW*5)5bOs9Y!&;!op=WCzavIY^{d(yqVb&E6k*nD?}Dp zs^PdlmOEpKe&@@mfzfl_Yxm;4#ywQ~&t9$PLpK&scXY3$X5towP|{p>SAvbvlp=u# zC-Hqpx>w3dLQmn~FtA>6+ML{0=ct1&4ROV5pT`$V;zS+j8>O5>*l{bTrf2eXOORHa z9sWwq4i$iZ?tPe3mS$B&i7sN1JJ(W4$FvnSt0D4g{ll{xz}=_X);MMJMo~&g3Ay-j zNR0GNQa8zvw-9-VbQ6I9RQN~EIELz8sY>o!ex)#DDRnJVto1oxye@d&V0dn^89GT8^DI!6!nUEI zWG*$F&(+qyVpFO{O*4)1*ZQ8Wf4;uDwmz*0I&wKBr{=#kDw@W{bw&3|OAgj5t|pW2zk$lL zP3v)2{E{Bjny`K#YJ^A3;^|)LLjS3w6%JEv2R!@Qnqt<&O~7^+6yK zcL15aUb?bvR4nO=16x`DTAURTS;Mx2wZ1~WTo#Yj^m~OhL3@O8>}p%6BU+3y#$sJA z3Y+zT;MiIGiK?;@Dvm=oIUm%AEw^k^{JWoT-D|8v)f3%oHx^J=bgz_n0=@xgve$MJ z1_rGk;*UANc+0^uKTNgV!OVI($B@tqT=CjB>3PnzlZ;yyN(qCUt+KNlx`B*S?Z8%A zqhdB(ZK;WE3QUWGqE~!f|8-tG)1h+hejTTat=4cJ7^@BKD>3ehpG@uF9#raKuLkDR zlwF?EntP684#YiFJ<+{(WdX$#F)OGY2+j23kwR_I@e$%Wh$H{uN%H*RrAYXl#jSe{QPOkD(~kWL*zA@2y6@wGv`A*fHdV#i(we5#EZ}snhWT|qD<)o1QI}E3*NPpJ5Xa2=Dj^<44bhLb6o4a$ zAtV?NQPctD-4b@HvN$Z(wAw$N4gZ=& zJ8c@Pne`2!7+S7)O)r0gLlM?A97VQaeiU)Lu#MZpc|T>2eDd{3&HZJB{-XH2>t16V zs@~{cCAa*F^ACvFl!iZ1}84FDZmW(+`V)$zHiB2>Sdn36JwCU#8EqER-=;QFAl5bsTY^ zfz7ATKEL%pYzwRHHcVS5Yt~D1-i!nyEic_S9E$|gYD6d7UK2(Z&%WVVKLRYg@YE1ba0c zMQg(jo`r1*tT%gedt+6J5I)NeC7ai)cKm`0HXDdIes-?(B;6q;ST?clPfE~jUcD0{ zrjxtXeA^|Pdm(hMvi*4LaHx6_?=>*xF)g4tEC;BREo_L11Ck?rb;qCaCZj|q_9E?G ze;zt`eBGH;S0>CeCituf+qA^s()+jX;NYw^ zN734FLSUm50}V`Gck;O?ssUTV&OJe`;e@eYwc!UR+nXf<_s6HNOZF`;hj3SCTF}Z% zvK>lrvF|lIS39MVL#=z|#~knumDJ%-^&(=sGUxbyLJC7Ez8 zh3FGeIb6K*Ee9~dUJ#r|Z-NxTBjKYbG_wo{I2L&Isl0?+eZ!0gt}MzkRrTVXItux^ zi}bAx99tW^ZDEfsWJjRiUs9sQ%~EpNiw}%OqlS$KJ_x0i>@{lNAIX)FhxWsjq^tT9 zv;4xVbcE@c^z2r$l}?!Y)_F>n zEf3#IO3h0lBso#NQ_BInOHz^%;pbM;W;3)HW?y!Xy++jz9OYC_jZx1d7RbyytFwkSHd6PyGOn&9s41cwBNAVGq=Lm)u{ z1ShzKAR)NB1VSLVy9IZ5%k5@<*=K)upYOeM&i8)zzCU*Lu%^3e)v{VuQ$6&obqz#A zLU`4rw=B{xg3>LW{$>Yf1%GIT;VN2o9ywyaLV4kH5#hCeg5IaY!(g5rnziOP=xfLcj`~esVXtHCWUqvb?87X!xK=pl}6s-`!PWvfw*m$y4&2 z#W7`!;Q=agY_&v6jjz2QT}UK}ZB9QQ6cVf#5{)G{Rpi(Z##yhtFR?TtHqR*Xrl8Ch zN2;hZPDYb()KG7uA=|6a$P}upbDcwS61U{usC=ElQYfIrMWAV~JpA=z=7Qn8P9Gv1 zscl+Uk$6H0%A3x_x4oLtA_k=BFAUKW#YO@e77(-h38P4|cF>wAe-9iSDsl#EnvpN2 zJUB(tA`cV>@Qt+t6gE{(5qwQw1? z8a}Fz?EC6hQ0e|6f1%#aheq!jwAYz1ta@y#t=O+~Ql-K62H)`-rO#p8z+#S~+{vys zQp+tQq(A&zn}w^WRA^vEC0MLRK+yxsHO4IE`R26u5%r2j7>+}A{6%zPW93*5D=}&o zr3@UM8|U-#^R1NwTNIZT4EGY9P;(fR$EDKl341AK8a_W8oJk)s^xS=(1b!qKJoDz) z;YXd%llzPh2Hw?-wP-vLNS(tvqsJMeSse?rw?TS1t-0MjPkVtc9f3d(Dj;Kkaghv`GKWvJJa|?ze-(r?eTa1 zF!%ErQ77bOEzzvff$`+=(qg{PTlg<}x6;kw@4g@7khSSIpbo$~Wa#(v^1SRyUdEbw z7t3aG!eX#$g=E0L$Cutv*MTZXL2!W|)+WDNPb2Rz58J1tr_%nq=A@*$rlwgdJUyCt zH?iq9u;cw3yczhbyXd*o4b<8v9Jtm~43t^Dc3twZEtdofhUY(ZwVKva2Q}%kb<4G? z79a10c!snJA<1b>ItkSneXPEQlKlHeZXkePaLVLN|6KC+|w@yjoj{? zpN=(gL#EzRA9oapU=i@N!#vXwZP}nQHiC_tI-18+Lop14sW3BMXZrm0jX|yV;gvOW zo>>PRCa=^Bc^AcNiXSzC`<$LXDwcIs&6MM1?clF_H*>Gw4H?RR4RQT&TePoWthrVF z%$wRid;REp(6bwM6EPt8=((}|gAEy}hM+ZhPvtJFf`z-txxLF`h9I&aZyLi(&+eH{ z)nY-jVa>9_vbsVYX&4>VbfyY5r?-{BZ#?HeeAO#&u9~!xybF!#5N7RFJ~OgyM{3x9 zKdKt7u@QX5MSVTJuQV7TIo~orCA4#OG?gb`_GV|~r(`jg0_pG&kV1h1mhI(rzt@BH zz&>NkmqiRo1Z?D@@o=&e)1o^s3Jl4a)n~4(xx*VV9kGo~J*HEcCPa*<_+0Itof99P zlm`=*z5#wr_|RRoeJtH{(#~ zZZ&1kxWjhs$<}Wec_6^t_iz;;VuNeu{)*o^vTZk0oLG>rFxxgGjVAEK5#(8eX^4h^ zMEvFM`emU_4Zept8oo=tOeh5qJc>jDGtUOLTQkm~zy)4Jc89fqj(x%#Ler_%b4sLC z5om&*i3itZohg{`qI1TiGY%Y!m#VH| z^!2QXn60P`-PQ2hMLe0YBf<2<+MLS27*vVvw<1$^ig9?oON+y z@T66hS+EaR_}8*DH}2}`kHtb6Kp^k~!M7Er!aow?eKdV`QQU`_*_G+egO4Ust@!+= ztU5TGFY1f!KE_k7y+M(kFi-{p>$nSlJHA=vH%8DegWq6K7ouo;Sz=9PGC?2uxoGU@ z(vdHcq-vVBgaV99JArkV^WJsw>;6NSD^L2~K0)g@48eL3SF7aeFp}!8S3gb~_N!lq zBMgHvqXw5(Y@;B5y1i{bl{QW;aFm_|AXinDPA3`Sy5m~|p zbgfvUt||_1G0S&=>2YA&&r-57bVF60iQf@%a4$Z8-Mkbxkn+{rMVUCPSU_7Z zPKxa%my&eHhur=AF9-C zgB2k#4l4!8%?F-x(OLh@rv*`MuAG9UPsYUM`}%D+bZlyT&85pEu&Ub)K31^PC597k zx?b>V0YRXEkYWWC#$7}T5)_IdU78xk5)CNY{5YenIQsTTigl z`7{`CmU|=&bpdYEuo+FyV*DOkEgWR-N5No+w+#(a53_f4v>F#AHgRvcnc?p!4wD_4=51zePLh`NZep>8}fisy}?o4djH?QLYL}!(Dm-RckB2|`x%`atoYwo$l z++PU2=$(myxM7edSieju<x(-V@XU@Q+gbB>8B39Tb* z&bJ2`(M9V78~~Gzf`}SB|1nN{DT_;^3&fK1u`z3yK_kM|d*@QSDV($6Alp$MB?>tP zW`nZ+7cm!4(WWGUOsD|2!M9O+FP>1jyocyVHIv~mi!L{=a4Q`qJ#S2*wY=BFP|90(6_Hsx#^el62q2E+CS zQ1lx}6%`hrT`OaWHJ>p_ZZ{}Cr_p>gGg>DdP-_fHN{0a>>KbDKzm3%04sh~EaBxg~ zP3IhHg?x~6n2Jm% z5e4#=__0zx$M^1`d-v*GCd$YLTk8Wirrdi5=Bp@00$Ct1FGVOofeaU4;(PQ@t85AnQhbznKp}(Y zve5=^2qwtc%O_vZGb|uUhb;ir=;S$jFFk1IQciYssArR0x{5 zMN`cfV>sojO5Wnv?+hWI!Pb(HqMOB(6`4Lp1Q;8NhE{7+t?7#PsXig{ZN)EDm(Xw6 zI94}~w$NRjd}#E1dneR1=9=pTuv|tx);XP!GF=gL_`*s1MaLq(Ky}F?WZ9eA2}Vx| z6KA+;)6@Zdm;`V%)U0yNUvo^|x)p+~*e?nd8Bviav81RaH1l2|B5(3 z`(IeM9ac29S+SF$rf6Y3U|wX>q~YW12Tvh2FBlWRr1i7+d6%gC=tb*G17U8Fab^hx1tpT( zl7#u8ZU8N+M>CBO%I$d~TfHw1ccV?`D)=5^{4Zn)6MyUp0G>@md8_MDC z5ktr9IQ#nBTfnZoQPWNWP4vvUUtndnw8RE?jb$E1;rezkEEF@=rU5At3{=2a@f~)i z@E_|3s}a8W#-U8jjUIhPlq__8Neqhyg#D(d>N7BP*k;W2{+MfE`|`%6CYvCocg!jV zzr0|T$xsYnGi_etIEl!wswJj6K(2zZGb$Qe*PTu=-G=!3QCkM!Uybfj(-@b8PX*CB z?#6zIjkc0CP}IG}$JMH-z-F$!{s|0itC-Bp4p+=614nKgBe{qLJU17YMG9JNe$!m1 zGW=$;e_T1RO8EebRCJ@R^6ALHyjfI2@yFi80=v_n7=Ylh8BN{Mjc8X_ zO64)RT_x4{0aXkgWiD0i53T}U!S8t<@kRmjdr+g-pMaL?r{=hCB;x~V*3Y}fa*7z0 z=w+|=W9dRE;XCRO#sFd)@0+BjcQ>~Mo~^Ky`d`^Yo|opM=(0pvoc2g%Q*ee!E zA2v(kj9xCf+&o7MvGo0(;#vH+T=sRFv;u0} z!OljUI+eMh19^916H}djRUtE(UipKe?(?0_=;hzF)uCB$a&!rjvQxgN3N<`g`hxI~ z3R@25Er;tnXJ8$4Tu)&=66L%MrOZ*$Eq?)TqJGV6sD2D5S)D+DGc-#6j@=pvVGkiz z3)Yj5iI73-i%HJT7`ij^;b|%PWDvoGE*n7%Q=~b>{thGZTQy*Ri>%{z8A_b~r}an) zE9_dYPgaCgCr8IVX|CpmFyu%KdAmALJe(W{1bj$Zp^0{M`F{9d)I&o)#$-sOwDbWU zcLneGKBCR12yxDa_sz`+XJ>$E++na~s8nxtn34&n)5i+#%J!}tF$R?RHHsDdc^?hM z7|mO80yiB7&fmWoFnw@T%f?#WD!B2bVP^au8^fTbmUJnXD$RhMMX%T^)0pd_jW`E* z+W|#{H1*RMFGd1~uwUlYTv@lVWiyr-=DEzZ(RvaFYgEBmX^!=?$0&fAkl@u6y4yA! zN^)zp3v4=nFQefOS+`8mxUg3wN-B=1VPEu32)h^`#A7Ff4ELvy<5-m5i@Vtix-Qa38t6iY^GH`LG-|P`*F? z{oAK~APW68Tp62l^IheL+zbDw!#xFM8QW=9DK{>x9v=_oiG9nGA+20is$$fSGG1=& z6dc!#sLd$qx=EQCyxC}g%^aW3-n5;N8b6Mfv=tufmd-1lt1gEOmL)cYhQ9fLsqiL= z_yuYM=J=Z*Jsz6YFCrZGmaX_ol1N+H4mecx=|mPg&tQ(VK?0%>P_u}Uw0!Sd*GQiZ*8F;1w%xN6;o_5f z8yADLS)_uosBFgK#T2fWwNSafa}4pi&6-0kn5&dJ4SF$9lEc%?@BDEBDgFp%I!?~; zwGUajCPdSkOyS2kopo}*oeds`GtO9l=}7@WQ81aEwr4ub zW@#F@y5`@yaP{?nc+6)0Zo2N2j*)d}af-bK~J)^^;% zyf_qO(z(r1WV=4KD_sGA_JEKm6c*h^P>Im+SAsEnNH8zz_rh%u^rEh z6iy7Mb+{|GLy7x63Lu4H?K@S1SHJup!8Z|*Db|&3pV-sNU2U6)*M0xwY8}>HdpifC z#gi~)<>T!&^E$;Oef7}nmD@7qfEq_m)P#LO{5SR|kVUHq4p!A`r1P%&P}}KO9??4s zFNLp1yep>m=3`gzw8_aWnyfqhrivkZ?Coza7r*hTv@5n)nh5unP)01cU7tB+y!rtI zdi$W4T2T-w<&0pDbWW$@rAz$U%l5UXjV9zg`LUM}!X!mX^Mx}T6JuQEHTgxe4J6*K zIB%ih^Zv$#;fTu?{c{Hxd%7eVLIIyw8srXrb6G2nPArg%Hg6{$nnaz-={E%hCUQ-F zz2{7DrI=3f)0)8_g_pkmK;Wk0-h=gfR57t-9r5tPD@+arnwa*pT{VQ?xn--oz3fPai^Trx;$KWTQ{MPOxoOEwd zgp8Z-?NnXidXd6#cN=^qvwP@_!1}Fss=%_X4s|#%@|(2w$Jgpy#I3J{m2_^GvxmcS z2-eouwFQS^Swk-5``*r~`CH8}F(wyQZP5-?LKK$wzdx%+@^UFI;)<>0()U>)f-tNZ z?VKLXDu;yM*6viTTQBtEANV>!3R5R=6CxvBJB&lI6TK%e(cD{DAR7JalU6e@IhaXl zOb^JzinNCn@D1q+{5m~ee#lPd%Ijb|dZgPP2?Rv?n!Sq;5tJmrl1r{rPC9&!qmg13 zQ^2{;gLaVy(Gu97vdX_yDVJM|EamSm5dLD8`PN7i;@U;Y&XsSXoAiV1$iA6QpWo-r zQ-Q%<$-%;D{kDDh)_NvNFD9A`2B2!<2lvoP~{G^A_HM%W+h-x9ZJ zs`6^BZ#=bVFxvyWGP)|fXujl8YfWY0PSvLRTp2ffy70m=XXwfC$%hxek(HxgOe!TDPnx7A+w+=*k^!0C}OhPIn8ow zB5czBy&l8RzK`+jYE|dDy+Bd}a;$B6#y>f6d*P$e)7`gg^#V0P+FJhCzG~0+~twSuQ|2UhaRE4wR9D4}{zj zAmoz*p@cLDrKSH>c2ENjJ`i$CfRIlLgc8yq1X7~{5KN8=Lg{}%4nFXlTLOf9Kmt_| zAB5l^s6CLh8aSZ#Wd~Bwf_4UVh1vjw&;zsvC@Tm-Yk+j27J{~b5VQb@147UOAP&@i z(0(8UH3e}%2xyb|8*4070ptoIxD$9MlNJ0U@XnI6j} z{6Q%|2=ywcuR!eu+5xmW2%)0|9S^9*p%Os-5wsDA^G7$R^q_oy=t6sfIA9I*04)IG zK)o0`!ceO~TR;d}0K@?)ffj&z0Z0c*8-$<*Kpf~C76VcogYyBL$>Kl?Vj%Z0CwPE1 z2K5D{huRy2AXVtB0I7if0cs86fDr1PAWx`ofjFSWp|c9q8pHu1C=qnDpwd9?2(=W5 z14;>M3)Kh2`NI{&`O_1`0necafCQX@T7x(sg!&8AW>6ZS*5GWG1m-mO4$f&H=`nDC z{Xl&|tw0F%AgC3gRR7EbkT!I#{Kq`}!}E`Cft*2o!E31Pp|XJRkM%*hpz{pW_s{r% zIzcr7;b$$k)!qoACy2U0)rd}rRr8Q7I~^W@ZS2A57LmDgeE zdk8MkSM0t91eB1ky|EWpZ0%hAN9CS1)&}nJ3x}!W=&Gp+BC1IPf*}traXYEsH0#cD zJ>jsjgiYAFv(4XCp|#3Kpi~VB(X`pS&}O5qa7Ta3~HR(ULUR-MOjX7*GDjiWc{?m@ujDDjQ7))a_Q@ByXwtq_Fv$2pwY<*%T@t zbLG(+iS0{8xt~+br1jv$`9;r1J=)m($f0R=viHO@L+X9lH23!k@|2Cu)7XK&(<=?a zRIVi!_2>17VPAPhtTMUIrSQW+bcK@I?&rDJxAQkzgVu_)r4c|!p-bil!G=WZQBYIkr9Fnvv zp3ujI3z)H^&uL!rI=)E*G@KPwn~&zXeM|^Bw+2JHnA1rFlGEFi;d`D{4N~)>1>_m? zsP{0KitRk~+^u0eX}%fp#nhtTDQ3UvDa8?Ed*~UhOK!yNHhKQ{W1OycZw`QH_q(D$rwhP<>OC??wYanr3O zPIH9!hI*M;xuj1@>?=0s&yz8@2k&(TuYdCLHl;9aO;7R;o@`wiX_xyH)f7okoQ159SOl#EYMrf1JP(6a1zv|DGjFE|4{g9SEN*>NGmw!!@4>@AN~y+v++n$mcN(Oj zvdZc8%tPK)%LnCAQx49e6Z~Ug_OL_-Li!S`Jpwj-4|2`0HvS3PbT;+9zz{}O>$iIX z$mwp<-iO{cJ^kMm4@sm6M%QwR_>y3@OsF0%OF;0|8J74^wONhwqm5r5{?cJi>2*Uf zI)1_$iirORqnjIzR}bT@d@nBy-4kv4!njlqOj!A8@ioKm>?Y!gQd?G{-xE1;OQUUE z>BX6X_})95T8uboi@thQO4mP$KBzJ+0-wyKOGn6`ma2?*#d9Sl=_P1(5MUF;=UU#g z6W}>f7=X8b6Xq+bD_Gihg1V<#$nwpj-FCm zB6?KI?uRQ_q?SIXBEo5mS~8(iRL0m(=GD!{7R>uka@YjOCk_rpv_#>RzS#5Y!R?N= zZ-^m=Pbgjm#C5=bBH1YB6vEOD$Pm5z5pTDnA)}&IZ5m)#Iy8ARI%`k3R3%VuU}9~Q zvwkEIOxgJy<%F&`diC+n2Jvm%LtQQHaTZbYux!#cMsKDVe>6v70M*n84k1R^G25KG zNe*izP1>{3QE#&j(d6?^{u<4XjE4dkA^`?$Q`#Xq!YrO=%h;b!CQyHcz7f?*xAz?J*Nc$D+b&@=M2IMQ%|kMOO5 zXXwUn8PCX{Ilm)MFju^U*B!J6-^r~jomkH_xl1*ePq6L`@7Vxp^*XzB-VR?cIrWc* z&2OdRDm~ykdl-=YrJ-3f(x~7ry|4R;TcYTd%w~}t$2jb@gjaZ# z)`OjtjATU?eAm&pUE;%GnWft@-GZHb-$V_CR?y@Y9r~@ggsPu9kmmFw&2ToPFFZL- zo;p=rdpPV%!ebe2le`(8wfHpPLBwyIY7R-mRY;;AK8Iv0_j$@=;|Y=>Q`mI|{t{d6 zr1S%gu7fh<;KhFI(w=6u-cAt+rKtln{@yE=lkpIf$r4bK2!a%x*IKb9xe`w_$yv zQFoapi6oZ>bqPk^Xlt-~J8Vf5M#;?#unrTW=(a+1>q9~DO<_0o%ZOS7KdaCvON)h; zwUheT-tG<(Pkoard`g8_L*%xrgoqujQrwBSQaL4g5l`exyYyYOc95k!t!v8u z*#Ks7iPEE|Q4f%3^jnlAc1$4SKO^lewoD>k_%&oFLiU;?#kwMm=~9?D&vw+FBPOs2 z%&fgiYb}^sMNmK3aZ3|S6ylM#t_glWLuwwKpBKB;wTyOv$?AEXW8I`zozUGEzSc<) zmPoGVaw09&*d8~ISzAWpV`mFvC} zTjPM$uY&`TMTXPGnpHN@j5V8Ft6xrdGu2xRu%*YU^VM5uj?dy2_&l44P)v}_}cXL(}bb9M>hN31T@@RRolhty-F(kl@ZbjiL(z5s5W1qQBJ3= z+ZK?gelp;`Wt&G#VQW)4$-Uqu`sDlRCjC76L560_UG(Xp<8Xd7xtKDF=IuzHWr8JI zCHZqW(rve|4zUG>o~RA|!^FF^m!u^+6PbK6Z;tD6oQivhf=}?cFW=4@?0&;h*7q;5 zyrZN1E`EY1(K}6_lyE7%Qt?^;PVG1AfJooT-m{tbxC&ISj4edYith0Pc{=0lye1J5 zq|QzHx20dq@QWX-bEv>I)tzyXtehRj@QX`4uFaHbcIQ(nNq87 z^Y0}hLK1-n>T1GXoQ|YxV#+dj>p6`XRG%IMghZOe(|`RCH;t*f_GWq6tV<66=zXO5 zNB;DMei>~2V>kxewh^h|p972BOX)?K?zg^9d#eFnWEDZ4az`dV&NU-AZNmbexDKl>64{89@1-iw2clj9%Xfw6P_Rr_E14vdqR z^&ek?@c`edv53ERc2Y5Ql(4h0x3e|1b*A8@V37c#(m1Ny8=080NSXpc-%QnH#95?Y zTRWRNvPeoimozo8du7U^U}|gbY(c>X2*W2VjOygN{Q==a0=$Pfc=&iA5g0h24?F@20s;yi1{wz5f4lr{gJ2`W!K0MI!B9eAv0>n_ zVSayykb+_&z<~1pDKPK|h)BqAuqZ$?-aj`$5q?iY(BWVpuvl=wlQS?|QGdGq`~BY* z__qcA|7?NQ52tYva%jAI+mA}k&wm-06SoLSFcvnsm!y%5WKQkiIG$!srI~|pt`gw_z z`%J`#E|3&I@pZw^!mET>&%xTiU%7`xzadeIUWY#ADV_ROo+E@`@<=7*@($GwD@q$1 zcQwN2#fRJ~$&*tE^{v%gL|1%k*V?l$jw!Brl+da#qe>>HOI*@D!`!xG`dZkUI6b`Q z&g4og%XTJzI+OWC631qEYG$B2eYtGO?XwBAA<^rxI6^g1K4p38Y!v19x2s1KY`Zy< zdgGHH87A}_;!Wc8(YS%LTCYMuGPlrLB9Fn|dr^n^>>cos-F8u^+XkZWD|DqJz44wz z$anOnoEjLlwqsE^te#c~q`d+Qg3iDNVQn0Qz`TFt{&$Lw*f{Ac^VD!=M&^;(Oq9 z4HFSb+~9x#N9*IWys=xbwXGo4Ge(r^J^SFj+s&vfO{#wWllbAB@J;Mkj>_L?ikj`+ z&mV|V#uq9v)u+A3suf!-`VWtdR>?&Xvi2=RxVV|&O8YP166%AK`u6j95-1*-t*r@X zvI!03)u8+eGAB{9ona=d>V;jGFaJ=!+g+z>wq;Q?vTK-W)kh_x^FC};HXEM_}I1RYGKg88}4->XJLPSH?`eD!wxR}pbxW&%qQz6 zPr9o1x;Q=zVD^gsjW&R>sY5reKY~CI%Ga%V^H|%D;fh6{gbqSfCXl0-cL2^vo&L}7 z1;Bb1{{`Yswogu3_%{l4Pa4g%f6_t8D0mG?&%dk5r7KULk>tC}YFNVArvm=taM%1M zy@qm(%GK1?`F@3L{>$DPsw^TFEdEH%;p6D3i*%ty+fI&YrDEg8Zda`IRM>3# znTPJ>yTNp2xkJa@9`SYMHsL)%asFz0F5gR@whDEjVciDVq&*C~9%VrB&gx$nJRrBj)tN1-p%VU=roX)cu5;%5cnyQg|CIs1xPJIiN%n8o z@!t&oZGr!9ECAcjg2vm(xO7kv*7n~#6(szaYC!P%f877S%ys}_)toR8;N{@1-SNvT z29&jr=GQ;f{nt;k|7W`Xk@f$Dtvd_DAI$&UnE$NGe_xc__z=JQVMoD25ruDsC;%7H zz#lH~2cL;TX$b!27ASGB_e&5i1lACe2%&{xg(v{n|6IUJ1;~A6A_PM1ci)EM2LWF9 zmDGMPPry193K00gw*oZo`NRN3WfeeAJxRTi9Xyw(qQiu=0=(#_E<_lVt~gzH-NnY zs3fQ@3@a`u4L}>9LjmxL0ThNL;)1jRw!jPM1#1YP0~I(F_s9S`wJ2Cm?FTf2Cs0EG z81QWX9Z+;UfHIUB6bIB7K!yMQjTNK>+7_UZ2rCO^GI}i#*qth2=B(N=H|1QHY*s@) z_T$aKq2w#lrp~!qUw5^;0OLG5XWO{;{wv)*YHHDYasU-j!uxV>Vc-n3APhBNL+ClE zC{ULOA9X*BiGTXxh=L73fi(oGXmKQ4fpY-a%l(>+0x%8O4@w&}64;COUTRP+2z*r5 z0dr(z>3xlY9E2P(dZ=kwbT49!@_2OLoa6u1&u{&bU1ehwo>92Lz-?K;YOOykdvyx=j=dHxE zdDBncR`y2QFgw}Q`hoH$#sI_=ARzoxU}fPm0WpE$1dI(Wz@RF?UtM~pQ$XbY^0L21 z1VUidwR}agu9ZSRFfNSfztH$PI?d37tVq?GN9~)60hRhf@2YY^U+H+=<$hKnf8(BO z-ekwmknLsHDzgzKE3Kx~Sp*VXf6zXA<^?1$Tx z!%!ab22 zu88ErA4(8J^4_$B&JNn?aZ*gD+Y#rH)UgZ;gKIv`{8A>rmoPSKj04(_4EQGbSGt_n zCVyb+?H9eM5-aM9C6ZxesNHUMubrGD?9qjv4Hv0KeYbdR*&tRwxqES9=~-b`Rr2$T zbB4vC!xiKB#m|PsAOrMQKa-zb*`U1`c)%N0*j!OTF?wG7OhANsy)VK%l2py+N8D84 zZHW!-q^0MGY3{JTj`{4&mb~^GORu4fAL(7_33^*Ss#7od^B8zjKJR-Z#T_MxIfNvh zAby(v5#Cx)R5{?jUwOGRCRFvksgkI=andf$!g@Taf!I`0++#aj_qD*&{IgFRa`%1= zf#8UO{+xI}dq9`HcS+Di?j0Ox1O1f)aCpdHs}yv+`AW2`Zw=h2TZaW}#&6#H1~}S@ zI>?PonYA>g&diW7jR(bc!F}a(`s(~Rr@<~nAZk^C!E*a^cDYy6(^j8~?XT{0N^ zrQfJ=$}JS-r@(hIF&QK>O8Ydksm3Gg{6`RZ=Dgs8l!qdb6J2n1wdVW+BI(XtPg&>R z85j%6T9OUi951ZPK;%f?OpKPVhOr z+>T8f>uWgIPVHQ1L|O>uGP*kcqOc$GMyyd@g!U|$Fah)JxITgX-S>-5rEe?6pKk8> zm5nTW->>;D{}Rq&W1<Fl3na&nsbWJU zgRV+>U989G+rJ?L`-5=d3|s8&h|_6^yxrBgi?%7ZH}=vu!!y}4jmq=0v^M&?1?M3> z56L!$*By=*#GR(TddUPizRk#{uTa-H64}6y`?Q9U_ZcI0D79*Q{gKA#EXGK>54hNY zA0U8BKo=?KumejGuyg^H(B%(kgDz)4wX7ewY=M463wlc;=pi<*+@22`AvO%+3z3-X z@meF<$9jw5Va=;>mogWRPNDPGw8dA`6|W*%6-E;iU*30X#2d+{JR$QsY3OfuIv1S0oNt(FyGDdKky~OmEWCXcQY3{ zA?G7%uAiC+7Cg0E&(p^3Nl8#k^Z3mF=Hmn5nib3zKFVLp(k|0OZouLWj57EM2wfpS zzeuD7R}L6z+It7U0;_;;(P|>gmhOG$z8d%l0T&vG9D!AD>e@zG|3`gT*1}N&fyH%s zI&}<~CdMZBERCBt|cd7?E! zSd`2+GV-bYr8Rc1uaFdNejht_pKTn`wy__ESNf)ULOq?ywu$m9qWx?PxA#kP!Y1|7 zDY?CQ;a<2Atpd1lo}qEAr+1G>a`S7qY~wh6kJt6rEQCAie$gJfd-)j?MP_yK+w?Xn z^E<1o%U7Sm$|53sskdvaqQP_4niro0&0GB2lMl@qYEFq zk?b38ISe$^ZzJ*ZGg|GwCApO!in8qST_)Ldn}6#fJxcnH+kFdmIcq+XGa0z(Jv zzhIug%EGYT@11~smLE7M&;mmVR>B(6LLS(Wn{NxO0WCxq zohsa|x`R!Ku*&(clCAGkzqH+qyJ^7ibc7+C`I+*%h+Z=L!uSolZMbS3+#;ev|}C=t+$_P!Pu#QAG| z0$XVT{ZK*x4B&GOfWWR1T%J^bZ3;*nD8Mf08>kI{2fQwYGekrowAA-&96$!TTLgH* z$=U3RI}WJsFdMTfPJ9)JYjZCTb)h}yBQ)Q}EasDL;h#61(AyLIaC5!6i{#8| z5I;42F;`(#_ZHX$-%A$*>_%I`T`z>p*AJi$fhdRULIfjKz#T0p4X{Oh*L4c)g{kjl zhFRYLrTSAqL;R&1D6j$)3EbYrK+X=&1Vw?J8GI&SuV*l<3b4i?MX>io?#q|`cSsVd zN5$XR!^?VIa_@d{-mdgkrMvhO<60a=$|oo*!o{Rm28*r)?Pjfe>ut3(yLBmUpAYyT zLyhl89pcXl(h~L!<}jN37@7V^I4qBy{6nlx%7o^idTQO+?C0U!lW}K)&(t%C1n@S+ zI@8ziLqcL_fZ|+abct4QrZ%K>A!$t8eFErH>9f1G{9#JJCXP-kD#xEVw?uMyq)EsH z82vcQUE7u$HMpXhTp;=kTS2NGqR(1^(SL9wJJUdz>eOyJc4RJ>T->0)+x}=lFe5o7 z_Qln7Z^^5T6qMo0#%*i<;C2a}XUxg#dfD@pIw|n{Rx(D-h_~0{=k4ZOOcnj+GMA3c z2F_L}ZHoRm6(o3@cEZ+Gq{_$r6S!VZZmN#oMuhd26H?makDH8LaHUtxX0r!tACLWp zc$%Q_2W7+^N#rp-{L#d-m(za8kyGmRql*8*auR)iY~Juov$LahB9k00AA=<(Ueg zPvC+Vz|8;!I03(dcX%+Mw}L~C0uOk1n=G7?tq88dE{0D`vbnEegW=$XZEt_K6-@;t zTOpFAD$#mgDgBYhK(R|wn6*NN7E$Md&tf3A`mZy~ySQ;;K?tnm{q4xTL!tNq9>+wlGo*vg;k@L*7j;ylV1$NXC+ zs@5&UAw^$m;u(!R_T=AXkb9h=+C*4S$4S==EH$2tUVHXhrG<0l`fpB?#|r*6DS-(B z+z4e!0s}-X*?K>4zUc^;JW-*0s8*M>b@cof+Gs3>IZGT zUm0m}D1a+kSXF3WNTRGCEr0+D4y=s;yvO>}<$f#S5&BEA2#-VONmi|@l>MjVA@O27 z`d?D`Z9!I2c$%pA_F19eRiNGzvr1J4DfDq5S2z^w*$~k29;oU)dC?Zi5D3NB2*tPm z^jA*_t}LME$1I@nz9&Eop#N+Ls0XT0|2LK)IsocDCzU=60QHYx&?`U+00AndChDVm zp7i@^g7m+jym2a33IcIJl~C_{YJ>u4e-ycI1bWg~ zWZl>QrRtxaprP)`0{CVioqI(9)O%|ISoezjF$mNa8lg{$q4a^qKb`KG7l3vH8lMe8 zHN00X$bIg+3b@Tfhc zw=q@Vj`kzD{46eu!Nr|6O_ABxN;8H|KiXs0y6daaLX7+6ZdBngQlZ`G7Y@x~8Gq=& zS9xYA@(BPJ*kKQj>IQ*?Io_sK3chLb#b6q0Q|`0bPWI2{Qx z*9F=wZPj|xm21Y0IpM1X2Ao$>`h~mG3Pho-z02n1Z0#X z7+n?I=vZ%x(ns~3r$49nMHqfLQhZiTtDk7rclO++ZF1H6kc|T!!El6iJ>L5iy9h7c zUoNWdi~7Um^5r^ag=5IhQmiCSLImY(g~+1xT%0bvIBnM8mz%)UX#cFPcLdfwu`5;L z@AFvle<@IBQ|B@VY@lRQ!#2^}#p)dQ-U>MFP8)o}2#LT#n527}bdjEMsJ*b|J9^OP zgif?2;CHetVB(0~S1Y^L@?dYR#$>0@zwYOg*vErd8wjIYUxei#SfC)iy zL`LStqzoOvA)=S!I26*xB~elR(je)|-4PsOivKp!=J8uG(NY>#!*8|K8Lb{{CnjQ3 zr5aN1sUNlK?3{E`@{3l{wMX1gIrSmH@Ae!65UipP58a9Bin8l|^j*pSF>b2HV!f6e zEm?~*=Wj@8e~bEAUXWD=n$T5C{Xx@oV1GAau(>IB?)Hyclr4g-Ux<;2M7|QK?#m(Q z)NwdjN7ms|j}NzZWUf(p`MH%|FL}P{Q1&g^SwJ51eN=RFe1Qp!m@e7bd?y#ZHfx#=5oX zrNqTXXg_QO-bK4xmz*oS+hMrT~7Eg#)npypw^3z=}ifP z-p5vjiq{=`)T!@?WdovWn*1KyN-G9QFIh+x{ndYy)!W+#i{1Z7PyI=sCU2bC=aN=W z4R)STVtdr?YRA~`Li>+)7vz3wZEUqfKC+k{@WqOSi6Qj;XaeY2(){>E3`njk90jHK$C$ub9% zK9}>d+Aia6+u>Hut!R3FqFSQ>`*lonM7Hm3$@WVxD<5 z!v+fljn`kh$ySwH8W)oV8r0aOHk|4tc+M3a4B*@6%x2FJ8%*imtQ8Zgva@cCTHz(f zPL+%A1fhIrd^h`bFwykHfiq7SH z{ko^hi?!7ypC(kY=l15@P;n7ssr_-su>jGytoG2QHDBT*Mq~6g+NBKNO4|=i_TRX^ zIzp~ycp$kim{}5^tk6Q@sv^r1P|D15D`1F&tj3RwRJTizCw1R-nA9JBFO`4Jr}G<< zMjByxmn~Okdm6&XS4N;^;*-7CZ^p(Gk>J17&Z%!GWmRkTl;^X)`G-xNCr*gFAye1WVB1T=G2cIp?kS!>xNi z-MUr(s$EmF_wL=YdiCnxTD^Mp&+O;Y;m!bgzxU2hvVL3lN&VLD;5DSNf#~YXVPdSp zt1a{FsK4!=J-)GXd4aJJN*X+7ex;I5>BtQo^FbZwyHAs(9%w#Tg&UPui`Uiv}$e9-8NFfZE-s;mb*hUkfplSA4(X0-p@4N^Kuf!F~q2asleizn1?f((#yd zdUYa*cV;?yf;szNU?yfXm@&}-*!>y9=HsR&BhZyl3J$p+8M8FL=6AEH=42;EMG*g%oHN)8`LE%6Na z=+g~j1kr`Skpk~6SxMhlQctRQwCJ+55zUXMNXa!(PvSet+3$-gR>gIovh0}Guc$#Q z7FHX;92(RW3FAmv5rv1J*Hs0ac^t8D$^d88cJ&xsA+SBBK=ApRgwpWoBuRN2Z90C1;L4hZzF4nN*%xNtbIYjx#t%`db}4HArYdf z0-7CaRGu${!H?ewMM~x*Mnp<|beWA(kOPoMo_Gq#WPWNNe}VeL8#X(XUb{}>)QZip zRXzEvFF_Fj?Jb+yZY!IKORq8brd$Iy|II*HFks|~KHH+7tTU85nfp1vttoUw9{r}Z z%ua+LIN(s;-1GA{RCkXb0muPGKOIZ`k@ddJ1hVI)#D>o10-s@%?(IJdCC#=x=7?5= z!$x9(Mv1^c$v5#Q>{9y8Uqe29wir$qL`(|r9FIbCXVU=k*t0U=+2g-s?w>6u3A!w& z;utokfar3XgNtbZpP(}bMp%?2sff5(pUw<1xoAecl6Vlm4qdBwgu%(0(~d#pYf~kN z2GLEa5vU~SDJc@DnL}o&`S{|#xzjAg1`Ur7S`c%ogeAX&r*Z)2DC^CYJ@9`fB{=t0 zf{&LO8{U)DAGzLHtY-Hj|GET)L;jw4JTp@&ON}4Zl`K!d!{(36vQ$L!F0$94T8go3 zvA3a)E?RNVu!kx@q3m0t_m>x#q`%`q_XP&|mCKpVW4L#)DxdbDRe~=tjO7SCla9*F z-Z#&i=URply&|fm7YlXE6lX5Cug3zAyvir_9U{|1r*}}lM(g zCKDKb#|S&BY1(>8{ly7eRvtdQ`g(rb-~Z3*{xf`E%eEcl$uticA+!IOhB8Y9lBxSO zfB*LWd#jKJ;kJ{~+-bIN=s0aAs_7U@44r%t8xv4YP#?zwhcb6=bH#V$YS4-X*0^NCprN3GZ_o6Sp zr5wOhXTb+}mYAse;|A(2NFy@D5ljKuG77FyjWADe6<9D8M8S9gGNDFMe|B_0k{xc# z6idu_j!0-W>aDk5jotVpDEX35`XP3O!HB$MjA@_|Br{_=<*yP8C4pKWT^?pm!~l+2TFBL6!&!_1yDRo>G)6aG6)ZY>Uo zEjHGsuPCVL`oD+S`c{zNO>SjuFnxP=y|rk8_i2 z&v^F&^RO>iqrX^vyy$-1e!b>>*5zT)@t+6(p~wG+><~PZXOSsDZBdGQcTbh)>csTl-HD?qxspe^hp=?WQ_*ya$!c9cu1SZA# z2pV?chyQZ-%lZiY*fOu^*kzcu7n&CcEL&1D`(8$-?iO=$<3}VBGDqlZqJZVMMHbIxTK2| zSIANo%hdX(!|2qU9U_S*407vZHrgV;*+b<-S+!f@*Axj=Pm&Ar^huUh!t!l5FiF@SaI9Z(!pgGU z@f!sk%|BFzybm&&g2UR{I7QSciFd?*__u`mvgK&=9f)mpg;rW+mdWQ-7Nnkkv^AP@$EU0bVKI5sxCz}teb-IxfE6%M=`|J|M41Y0sm`Q8=##mJo zsQCiZ47~fk+`RYwEWcYtE-w>Qa^4~R&en@fB7CM|GsyAA$il0*Y2Y9}X-ttutI`SV zPY;*pN_l}Ft7kO*y?+z*!w7}uZly7eC*{N}oFfAJGgt7olPr-K7B~hX4FkUE8PyLP zLAlfM6{}r1`w}1GB5jK@v90uxFDq%t>hqLn_`a@@c|96Gmc5~v1j`Sq?giX1`DRZK z?Yu2|8I|(zTK)|?vt$AB7f1W<|n&q6~5VuZeGmEgP zf#baqfvX13+CR(+iXWmdBzJ8k-B+C2POQTi3N@nmAskRh^s3YZJtg*SvnA+Qgee2T z$&G{oC1JDU{f|TZY5H?bESlc>F{c2j6^|5D_kkpcrfS+zBBcs@MM&(1MM%?%ooGeP zA$_d`>conX<1)Swy1ML=zi|~B$NQ-45=xfzQ%rPDhb?-m1+VRt_czKG+NDhcd+`xS zm#qvXjP&PRv|LMp>m7`>!KlMz$L#-GL# z1f{)dY5c6@WI7KlxM!$4)^GXY=6t;*4)Ed=qm>$n8?in@y=6e>NY({9?5?mH1 z-k)({ANDHxwGL-wxjYo{sE8~@iwfH^YW`;8>+mvQMv%^wq;4?{gY!-5`?&Y`%q04$ z{Zk+TU&;r_%6B^CJy7!qYS0h*ps4OqX5*-*NX%Gm`@rtzOg`qU%r=>ATG?jQ32VVW zfdqs%b=!v6;y_uG`hccaakkuiuy5S0a=3h2l_t+Q!m`wMYA%#qW);>Q-q2e9nLiLy zVwjC_hnq;QM=6L0&Q;9|Yj|^uHIC2>YifhR1xg=t13-XfBIteNV(8SfxFkx^f)1j& zi&mDPn;lkP5z=0Gi!l7YE&h8*A7Q}<6G^BMzP=%|Tv3jo3IRov1o0v@S;GrVEN>WS ztltf4)*Gci+r}SQhbcjHQuae7t*0mwfyL`-AdDnAfLgM)JC}Ra^?#pCGA{V59xnNli*`rc@}zaHg^Rt41kz>XN;7-~hEon_=@6Uo@w9E09>tqHaSKqbl;D0KN@#NoH>2eF8vVa(`=}gtcrMDYi@%RP`#~y zPvlR;S9arwN4Eb-6B$WA3fGAA>rJZvvwn>-61ASrpOh1k_xbH7f;^W5Z{b3DoC{y{}E4ow=mX@8wOG*%zScp<{X zA|DzEz$Ck$5XHWzVg@-jBO1(C%ym0=)$HmN4p-VgixcnRwp1E;g$g=a+8c7HxwfA5 z`eS2ogkjO#xK_4A8^^6oqO#=Rw^T0`26-fUo_>C`3HJ}sy6yfeRK!2^7zadAADIf+ zQsdg*SF0zF!K$-NX$aRFMAxdG#I-yUqu83&iouhB=j(O0S?Zy!8r*nh(WX9V}~O7bu9)M&>&X3slaJw$slVi39zGPj zl8v}sSn_a3{j5k$_Tk*jPmwle50_x#7I3(@;BFbi|JWq@DBIlA#L?PU9o!DvNZejD zH=xHq^8kG;U9v;0)he8#On~9E6>JxSZy!hyc_ovkh=ngJk|u4)NdW8Ici@%%2imy} z-7ERdLZH8Rv4Ko^cZ{y%1;z$LRmX+t=R^z_Q!WjuB2iZaSYfyrcFaIw@HkNt9)mW#z4--(@-KtU*ZBUJrv6r!XiO1~5xd)a@q^4Rv}5b%-VNsvvt?X?%uW;bc?IR& zlj-(@&$|tz$u$G96UwH)7khUE7a=GzcF=Gr8BSl>T$qDyfQ-wroMbN^DgJN)+nRP) za_fAx$b#o{6uv_+iWZcy6%X@*d^!}~#I5Z&f;SKO zw|n#_tO9?|rjOkm!e0{KjrfJ|bcOIFq4$#f+p%r`bZn{^FJSoEUkiB1Fs~0ZmVA{< z7{QTATBA?yc&{jH#cKUTLSK;J24nf(tEo$4=~=hjzxZ(3K(4&IEi>@hG6` z87jB`Dri^ORFy+i+*Sbh3D?9~k*EnK4(N%CQ>*>Z&*$3w7~F+>+`A*N9i{84u_-HKn}?C6Q6|- zR$UC=cWUnjG*fN0$7lwP>2woSjN}J1iq?OoRm65ADYFe(l~UJ)!~XIbYP>R=rpVg{ z;Q}V$G7oHEGrS@X8bW1d!A>XaZJ~Jc!;I{ASfc9#e5N|N;16QsxJ@W9hi-{Jv8^VB z=!n{9gLwd2j1t}DS&rz$uwq+JQO`!!g1$FADI2(2L|f5HwQoymvCCd(&fQ)bE$J-PYgOnhovtUPiPk7&OZxKmw>>>diy&D%Py9!>Q#=L$ zl8M?JoOs|)ruvLlFkUn3$X|&6>1~>8#)(J92!JtZn`4w(tV=%x_Zk=mQF@KIZmKLj)C$Knb@WNyY$ERM-l(ZziZMLG$P zFH(P+c@jPZCoQMX_;NRA)4LT^W7|?SJ$+emNE~Hw1ue_$ieV+7xXo*@8F6$fd|a`z zoF}6GnpDOoGovfH%@%vi{aZ>&_uu^O|II(Zj`lL3F`e|(H~`6Z3(c3Zh?|IKn1)Y_ zqzk^Ufe-pz^a7K)#m+=ro}k221vFc2{W3%-I9JV5K=f)?S#~YgU2EwhivFsHA|=rx z&^uV{VXk8%`75`>UifQug(uXVyRFoncya7&4Uoa=j`Tyh{!WHY^7TcG7*rZZxT>pJ zcMDD0eX>?=)Y$*3=66`qT!5)Syx0(c!})Jg@ARjOxZ^=s5;BC45cg|qgec3ZcbyP! zL{pN{-}1C&gXyhKg-x5z?=6fOMY6&>QMgaHI}qef3!H0h0CIMw5iJVAv@$|WgslMb zl8@|feq$ACpiAfue^k)c3*g)Gq)A%4SV8ALaZ#DI8G?*&x8~Yqq_=3`b0~gZ`7I0M zGtBvyCS{EQYx&8)!@4o1vW-vb1A-LLt?7%o1^XLrwPXg3+=qW3?Kw8Z^%31ls1SIx zw_&`_-#~$s#mOypBK!*C!mI+;=x~p}uN7gR9v%NX%VIb#j-{~Tri)v7*>5&xwd0h- z&7^;enUkVFt8hD3y=r^Skx!)kms!T;I@Sh~l~nDGihy9XG`@^(HU+`y1;l`-0p z(TsZiTL6+ZtIQwSxlG+6VUO(?zeJl35z{;~s#=}B)BZFF-Im#V5rvuP9S z^J)QUbVSYHrT{%HJMEt_7W;^5YaS8*J`tnzAA0vs^%c3#ItbN}38@?1KdiAB37Uel zk2LXAs!P3YvTf8{YC^b)5YK*>vzRxg7i6SAHISD(-b~BkU_Di*jz2Y4^P6SH7$hBt zZ5D`^HxxZra@$lcav;j|Qq2joaG%JSH#k+-$GGr7l};wuf6h;y>LuIkPRTd zL17_??nKAh;@eB~>fI+8CVGKMz`Fb1JbdHw0UU$jLAJ>9rn0_Rcme@ktK+U5$7EAg ziB>Iqs4f;MM~($H?)e1$~5(6g4KaKg%!INn#cS=Q5sMNy}@JjgxOS+BRw0i8{y&7St`3h8HhoxFBk z;{voMvCfLaa4L!*1-?iJ? zD+?T<#6-m!^QRbmz88SE#^jNoA)9Ka)@_NV3m0RG)B=@SZ5>Bzln$={>Og7WkNyT% z%>LUG)pz`d+gd(D95V?cDrk?00)W)UfnwvFI_4_B)c8D_*lL=4U0qFZ@UvGB=QZ3! zMk{OF155G`lJEAflBbD9CCQzwgl{u*AF?2oX0%SoIy`|tNo*3x;{Zy3T`yq(EdD=2`yj;iSHq zZ)^fL-i%&9l{U*?Xohbh*Zh~)YTcjV`!Nis9c%L&Q||JMmX4nv9ij%#|8U)qA41_t z;1)!O2isV<0nUl%#UCdi#<$Jy62+l0kk7K*aH$nu?MlQoiE%5`8PzJ{&;+Xtg*B>Q zsIOF<ug8LZnm2#VF|JfP^&;uGgw_Y zbZ&mUD{s*DOQ=m`XbCT9cfeNH!|1I;s9|g9C*Ccmi#e?)+Gpr1)~2Z9_g>46cS-{7 zvin9tioeamP;uDw2X{B~a|TMz!Cm5?)=vy*>pP0s)_z=3=T~=OZk4G<%W3g4C+C&s zM&gzcM_X{4;4wOHfQZ<|+TvJ1m6{yu)h9TtH%qKyNl(Mb9a*Zv7`yGNelv{g2^Y+a zw0N(rGvb=nH|B>S|LuVYub2c7?#LT)?nj@Ge0*+E^2EXp7o&n=UGp^4sF<%5X!Q&h z0{TPULgnqG^fJ;|zcr;jo$}F4mzWdK_*zu?1$5axH9)kN(ay^0!i^$FS{0S>hR0GZ zIUcBuY+qmsr`@7*SCD--PB|N7;o^q+1D$af;)F}q`N{1xw4$+>&c|KJ$gHzY;>4h{ zFyO(ohc>c~`5f+Q-$8NGOs~z_w|$1Th(FGs7)M2Zax#P$HH>12(Fxhy-- znR*z`KTZ#rcqeS97e57wZ)to@M54t6X!(SKp&@!0H`L1%PbDe`EA~TBY@LVzT{q$b zN&&GX_$j-uJ3V?dBSEdOsMlFC%fAY9r=aU>blT2NRbFJ~X=x~YEm`))Rm+_zXbv~H zHB>wD;gQBpJ}ACoE*COp9|5g{-9E-sWtI)&ZE;=wIOo!1jv}}O3bEqGJEr#6l{M{2 zcE$>60Lzc(COf}}^LCt{3@TzKC*hmSS@20o@P*@r+t0`Sh>1Sq=vUZ%ky<2KgCCD^ zc!tLfH>QOp#!pjDyn&;-u!{bPjC(+x8JlL$8QCOx)^1beqSfo{eM5|fqrnNrRcX6~ zQ;nb4zcC_+9guuIa!udkH0^o$9#oIP80~6^H%j0pLPtLw>6sN^q=?W${Bilm%90(& zM@~vOXU{{bR1$$sKtBWlMMao9(IIaSY6wvIg=IC z<>Se&E8Ab(%Rws*-ZrSLNZs`szjo|`>NQR5Ts{q%|337n<*pMd1-wA`~%+B z^8q`Z4bd6)e(Z+Wvn5h!2A6BFScHeTw zj>h#d3ocXZmJyM@QilES*U;hpof2Zffu$5BJ|PRH1+JBUbaTa7>x}b5hWNcgutXdY znC`j!F=?oY_66p|QpRM$B}O0=rVkR?qOsl=%gww4UkJw3RRwS8YVMWSJPW zbynw25UI1r!#Fw5S`%<}rSV*5QTRA?1CKpmHU~pT@ERW25V6w4x-VhNW|N4dhx)Wa zI&aPP4W2bM|9ca!WtCn4-QdzYuArqcOnHX3LY_mT`S*u*zwj3~JkBht9{kVyIU4Mv zT525izV%#7$Du!IfefLUR9*pB(Zbyh*ZU0?A7iFsBdpqnr=ZR39KXaO7fpz=`p|53 zyc&I@%sg|NzgN>&`;M9!&VQ`>wsk)=(6_#1&)N}i|KSBjsfl;G%=(Lq5FSo^OkDkk zqcr;x=+f6eFf)N@r`vw!qeMW1^o1~$DhH|eX_MMS`86U2{Gt@zLBwcl+KvHgUIiOvd-&ar`~ zf7>N>-FcGif`?1bP5TQ>$fyI)#0?Avq3EoUy>9=t&nkZGQ>U%U`kLy=srACdxu4h8 z{m$4I$tP8`?Cmqy{SY9V2QpIJ^3PYf#Y`O>Qd6Zxw-q9mx39pRx38$Cgqt*^^}6$@)2Kd~hSuTDQ}csOjrT2x_Ng}51R#PT)I;!RH*{B_>J7gt2P6C*1LQO)LB(#RoG zmLk^Es`T9uZ?XlhHeqk>hhB_@f}C=Asfn=9LntI0IviFF`gZ(DeMGBXydjimGIfMV zHnf$(R{X)~G-9BPuafbwSz&DJa#oLGV0+Ve9)yh#Rfrt}T7u>S(pz>rvE^g%C62F$ zZ@zJQfzf?Wbqbi}rA%6gp6M^b4g4%6zJhEvse^8``>5<2J7OE=UpQ6bg1d9xPaU4L zX!owmeyqV8YFZ%9mTJAVBg2}4FS~bYtl>VTB)gj1%?3LQlWw+lk82n3-+!r zv6YfTo3$9q-ccOsYM~8SZY_hze{Z#{w!E2-2XV*mpP|FcUsA;Lh?4Jt5iRP%nK{!r zLhCG8tDDRgwwsP&Ce1#6;lTIo&Cs#}U}L-=6HiO=97GssxI>j}Octwc?n|p%_%S5t ziY(2$NzJlT{(VuN3`>@8=+(rf5p#hBpJst#YeCQ^i!lNl4sH2n|KYmT_k?+3t-ba?8l7Rxx~6R{Sm@x!gegfD zpp#R-*Y3A)Fql~I*p%!XVi-77D#p%r)Z#$b zz=ZtzUR(+qZW9-`hG_&&38SyUNkx5I+rK|@DXW?~1tk`oi>igp;C-fbe|7(!z4%`a z;0Pjr9l#xR6uwh)bFzsi-Uq-DsZSQnTeYzd>Hf}kqqqaxQpwBnyVU#qWctG5zNJ1F zui{57I@`T$Bi&nK_Oq6l!xNNxPP_21o#gK7P}Z9cG#u%*o`{yLt@9K3P*KoKnJ(vj zw9*GdCi_NLNla6?A>zvVN;v^-?3f<-J0U=%%j?)=Jg<87rY2JTK47bC3PDkocE`@^ zct!HAYsVQEZe(!E1H%>lg1?=4JJ~>-90%i%Zya_Zlu9|sB7jW+M}ieJtz+Tm zc-3sTL{1yPfxGe-n6{BpDcZ21uXSK|@&m)J%xz6*Z_+2PYo*SS9LgH7I);{2aBH5L zRK4d|-mn>n8tANxafy9UYWAsfg_Ry_evDx_=(k@ynC~mKQc7AN6~ICF*42JXs50}t zf^&Ke0%14FXYA4ud4P+zt7EjnmJF?gMx`4t1X*mpNM9iyn7_-_qOYTC|K><1<|}Uc zA5lXMj^*0BQ*C`2UYSV@=?R=t17}vQ1b0@89u0Jn01%OW2O|g7rwG)XJA{TyGb%xy z>aHif>r6rkSh`+Co}xJ6GDf=1pKux$W^?&ZUX4X%_uLv5By&~2&gM|me=aJ@B)$eu ziz@e>qs_{ThJch=lJ#;b4YJq|T2^Ocj3>n2<|cnm#OJt~_ z4GdOSKwLR;R5bB`8euq{pLGdp-+qa7(39qzUhT#Wv|U=cKqkZtcCQ{ynBp$}w81U# zsHirU3WDqVB!yWzkt<0huL(On>hM@H$zG0KT0a6?4^Y zOuWEU{uY18_zJ$P@MRL8F5*G><(ODvjuZmVNp~n1p%`b*&L5MC0J^33{FCG>`@qLx zIr*vlPrR$4@AmMI#Vmd7bi;ccs|@B*DWwis{e(emv(OyB+e&6XQa{kajQUc>L(U7# z%9Bfl=A`37iKSw6gyS$Bbd3*)_Vr55f)aJ*opSw$GDZPO$?#xf%9Y9@dXKEg$n=l# z55KtZb}E+J@TWY~mO{42C>PFMp`sc}L803385Q~Xe=n~!&hgg!u<>U$#4!rb;$22* zfh!Zw*Yc9duPL?snvy~`8IjEOkK0t z!Q$4rhnImEy4Cc?le7VJ&a%vY(qrHzS(r&v7bW5p4Jb3pCb|)$sV8^Gc0>H#4u66= ze_A8E0st@$7qi-|dAebj;e4=j=yfYfqfuzBlS2%BB?C3?a7%Z`^bH_F`I2Rw+R!UT zjZ<(Pp1hhcY2H2@Gtj5F9J8R2&=|ij7Giw}vAEXe_T4jdqsSEIF(Iy*M&2>O7|*;;MZXSYDVhg)K= ztcCGfe8{dMqr|}oXo9BrdVLGA>RK6qi45qnK z))6vQxse8kIgiCaF>g-Aqo<*Dg>&YU&5>N8`_gr@?^ufq%t2J?6f&r9It8vXHPi;0 z29kZ;RdZ!DO>ED6USJ%r2aA1go{Y6Q_bV5<-&R#aM&y2puaYLi%FHD8A-%v@for7_ zJf6Hqn3{u95i4bMT>2A}-^D5j?4s5U?a>y)bAMBAZL4vvj~Zt(pumWclMSCX-7idb zQQNB!KR$QS{tpKRE-adxe;9u6)L6UkwCdb}Wsp|OrsmH~YwQHk5^u`bD(GRY!Wk(Kq+r!_Z@K_!5J zs?BgVp}>L%pTJLkX6D)lPGSOG_c_cglA+R;Fvkc(O9c75gZWPvEMuAYLSaj?&IcGQ zdBvm$MJgnZs|HCRm&<%D^{nxo!4}+$IBvPHV&nJCCFibss?#QBH+%KlH4ut|XN(!v zy)r_eI5utHj-x=yLVSu{Rf20PtWtl-g10y*2s0e*i5r2Y`4UKs(jOJ$DH|SyQWg!T z?a#_M!*C!B&v;*}-JbA9{LumeqXJ9jT4$kSLWaQK+bGk<<0>45&UIp9QuNNHPWxR) zc6{~+X8ge@Z15+I*-vWyGF294v~sirfg97ni!gvOhpwMZeRU>I*?K>=JTp^sm}TYx zMvR0^OTk9GSR84)q;DRbg3!_%_Ze6|Wy^qBiYR367HE9hMA~!AhAN}A@q@R&rXiTl_wp!rI90#h`lJ|CB$MXWy1ggx@gAmxs>cz| z><>YePA}5$cK#zWi4lqpbjGm;#~*xOQunxt&s<<9S_t)_fJdR=yt^ip)T|cL_;uXM z?16VM0$tyNsIvHUyidw54K+*VvTAT}>L~R(g?BoibsRs`f5M951YzX9?{a<8Z_Fx) z)lmH!zgpL|@USS95yP8M|HIgontts3l z$4~Va*2x`XY_gTYRkAy*5&?R7&v@Oom|{EoG;8QET+oajybkwaHA}i3ljLbSI;y{; zH{Vq>II$Bi$dpeksU~?>tq~7&pr&#|kO&*%yf7OfniqrL(n(0^$e`Gd9Sqwv+&cSfX~a>W zXv_y4Zd35u`UU1wd@n>c0@YfTwZ+%6Xgzx*o$1V6Tc+g_?>W5X7ZGn`>CzH!6zphORdqI}pN z>Ke7usG5$?Sh>~KN%sO1N}M7f2?z#ZW<^$S(RNMn_-w5J+#7PErD&MD;`_em3Uj7# zkQ})9b7ms-}$XR*5tz(hBfw)nlvt>Gs|8LS8;HWPzkfL0)(dQN{iAmK!NUvoL z%UkLKO-n9zXy3O)$kG3^QIeeMxvds-9BbiZz4wOu&J$%-OB|tzVM$rnR(8srk!~l* z8X`?>RJFR!nuit?kYkh5>ZC%Z%9={dLNC*tsq1%Sr!6l4A$DTyJd$;f;rXulI$w=d z#+eMn5jLIL>k*K~&%PcQQu`i3>PXYZ3NhEZz#Sfp(mKP(X(C5EuEiPj$e(q@xv{pr z=T-K2{UionB(N2%L|_l#g$07J62KXh>1YB{yDVggW_{)g?b}Xe$w>u&z{yD_AfCCP zP`*xHjpXIkPsdfsgiAqnJ3Os;M0~Jbb6n_Pn6;ON*O0_g=8z(H7T%VDf<`}i5Xv)T1 zDLJW+?}WFrfo$mc!*|V%s)JYyt76LcQ|UM-sLl|W@Ru=E5xJNrq-98fLoEMI`H2z0W%b~N~0?JeIL z(XDKxv$0N{S^fRq<18T|T}()SsEx_o0PPQO9z{NH`6gYbSM17Xq?^_+i;(jmSMB$A zLbDK|pyf#Sr6>*A5tjD*Lddu&aE={S5hv5?5Zs&=`)S{w1JVFN1mcb%3M<}ApF|F? z$(|~hE8(72|6*6EcXJ2jBjdOKd0-NPdcyo7VPdvsRV%8w#$D zA5<3&IiJo^TAzG@AwrQsk(oiNIe7KWl~hU5O`tRefo&Bp{KztF?0z~%028tm-)ZyC z`+GwOsiZh&sj-|rLYVqdMrdr24Xuhr1bmbCJfvvboWFjkSgvF+8v+%Cfg5T5WZ2c1 ziw&#bsSLuXrYWw?o5e{Al>O?qJ&-F*B@;&7z1Oo=#{UC?8N!Z%Xq@# zIKrFQL7KuYGf9v^qu4f*@^_8M*ftb4 zzGct?CpfSoHBsY!W#l}i2vqomv~WQ&Qc7*aaoB!PBTFl_$T!dX!3K56|Gp6#z(-65 zdB`)@M0ReXSt(Xea&hw@*X3|BWn(bG*Kf2c%?UsGhI8bUbrE>-HZZ60NnKRq_tW0#4;be}Ybh!2{ zsU2Ph@o}c%pjrs9BY0F}%XX$7)CBQ5+`-X08xcRl$%{VRMfZ8*ZQVMpl1%JW z*;@GtvMd|X#->dz)i4VLqWxfy@Q-@1fr%QFrIyikQAL4nXVWM7C)1C7-s5Y)n@~~0 zH6)0isj3pqLMD=o&77^WecIrvz={a{Y2}`F2-hE=e~csrv7HTB&&o z3G|}6Z+Pw$w%?T`WwS|(hH_@!r6uI?+Y9(Frz8J}z*I|w3I^2_PXGLegSB}x1zxeM znay^UcL8X{vAG4i3R#&(x25wV{H~_< z+~UJWyVB?IYBk4As(OB1=>Sv=KiPQ?HrnhUeJ{zcq1)3+*ur>?L73nS5!uSVe$Q;q zSX;zeict*0LPkF9f#M(m zHz!5$fUR_8rq{o&6Maq>1H>P(t*SPvkL&pZarm}DM|#xaS3jGWcvQvHzp*2`F~sD; z>r2%eM_~SpPG&sWLGJ%_lb5i^L}W|%@dqV)#yCLtw)?6Brycb8L`w8@wSmzMd02i` z54Asn7*H*>?&#Oe5V2;WzT(UeP8NmM7MVwBA17=*ra!pWvMEKMC4omw1jZ={@am~EX+ z7op$XOa{Rw;5G#Dg22=tuH0gfkhaQ zX$eri7(C6fIWOPQc*WNo+ZenI*Cj?S-7BuN3KY8h$l477WElEg6mj zx2T|ds0tf>MAA@cnmwVc8#>u2zn}QC_QHb4YeUPr7*n15+1YPK00(Od#f^*u&Y(j; z_nwBVY@lq2n;u!sX!BX5HPE>BK4XcE2c7(o z_O|$oli1z!k0;vL1nDWA zIjn@Dq%swj_HUw#fv@`MzlcE=wR5Fd;5P%Y zzi8qku!E1{@dd{CPr6_~{ou*u|zJ2^o;NB?#9gn&&wbORcYnabQyxwmH+08%y@9 zY>qV>2Ctss#$N>-T)d+S{UuNP$@HS{JY;)b<-*hB6XC!bioH+SYY*oX-Bez{{ZDg8 z)+s-=fs1yS7`!mEfH=Ib4t0+JsAwaI8M}T>s7fGFXt1CO#1WiS&@RTeppjg1?|#Hh zCC`#a-D5*_d4lETJ+d|~=R>>qxi2yujJGofioMx6Tqbw_qU0H(4!JgMrAx1$fbf;iP zn#RTEi^9kSsEKu;d4^Od?A|xSI(=fVl%~09YpT8|)YVvkkzb{=jKfvYZ(mRj$mPXk zAp=pw&oYL$*0~9d2^YFQVgaCx4=1>kvbun-+-EM*M<-g387BD21qzM7=glRX%JEB5 z+F44)8j#7psy{8f$ zP@ajz+2m;>{+!+8rlx6TPHRpuapr7pw4yazk?Ys>&6Lslh_T#Dkh(q18W?$DfQR>Snoxh4tNs0e{H#GK{Nf z=1%f9+p&%uF!+yj6RD+RFy&dQXlO8^tfzgB{sj)?RdHGin)k%(`TyQq53JyOD8C+V z1Ib}tX7t0-T*?^jQhc&1c}~n3&`>g;j%XoZP(I`>H8(3}lE((;nY7+n-^@^s*hVS} z^6*Mz>&^eqbgiM5j7?w30ATyRs_GMK&>lcvd1fL(xhgzGE4833w1!Ii99qto z`h#lJxf8s<)d0JF{A&4;LE3P>t??&a`hJePY6|W#oHwT^iQi%!A;^=v1&&^6JbT^&OLBvy}dx$!*QWb znPAZya#w_)(}Z+N*e7)_KPCT#I>=8BH>v?LN+y*wPo$*De0p{l(|Hs!TkoTi;OkI6s3$KL>nhgI1} zfsL(1Qz0)fWoo=G8IdKeS+?!s?%70$k`>lz$yC&PrWiz-D*f*-XO;7xCgr>olh@?p zB51P3gthN_a7An?TT`)0o1K1ki!~gWvrLPZa z1To~O)Gct$%%XETCw4KRl`Iw&*l84noa`u8SNMfbWmuQahRy{xa~)r1{BO0l;^pCV zQRcS9_HkEs&&n8fvWC}G?|eibj>9Z5^sw)z8_+%GWDNn>+}853eE=AT&CD`PfoQZ) z*dQZgRkKy5iAwrqB{))rCJV~h^x&EF_!)9@U4WAw5f)XCdFpJrku?r+CSe-`QA0#m zdzrwXf;k%+rR<*WWDh0}Gf>>!R54-BmLKJve8<+YX4Xu6egqR9#joNL5{*Jyi=)5I zK(5mPVK!tdoXQ$6%rvWI(ZX3#HLw#naJ~|#&e+=?szMaMq@2V3%GF2|2Dpfv`X6$^ZQ{9629nCFg2?!Sie z1=oM0fL*I2^&*^j+xyxV80Qia`>(IoFkX>_g8NpY#~A$io{e3r?rMY=7;4FDC+<6< z50!!6ho}AY(4M8Djy4@HxC}Ml2K=woIQ#>C=UmCj!HzF5{+4DM!&M2oRLzohkx<-v z=KtLOhZ_HHnE^J$S|p)f;FbBz+@CqNlG(#>H(NIm$Mq)}1`S2s3?e=IPPg`xZFbG+ zq@(!+t#lbARRq8nZZ9zDWyg;uLN=x>xp0-q`-|G$TzNvTtG6?tzCd7t8?)A7@dN}l z|1N)?P9pINs`>K*_=81K6B1r&`~qVyDnG#bm_+OOrU|2}S8cBC^T*3coD#;x;M}{z zN*P5)0!Om@I>(FU2)Z6e@FEegYNNPbRU&fSe4gwQH+f$mV64df`6JzD>oG3;d=}OY z@U?n&&N*V2-6olFPs*~G^8hhikzPh9?&VshG;?7=aqDjU&cKgYN)Pzd?^5kM=@-X=1HZ9>KjKp}h>Uhr<}YWzM}k!io)dln3kwpWOrsck)$6<11389gm8 zRkkZCvnF{BT(%2a{*Lck+RS?LC&54jh%qa4^21$x?Dv5`WBMk_JJykEj?*}D&_x7g7v0LNGp5TkV=IseS=>{8LXS)nhibW|G(IK%eOYSpl=k~QlvUhi}MgY)6!Q?4ubowe4inYBiKGt-E# z^MDp`N#NEnnTlWC3ghdgic6v^(}X7MI$ix49>k$kFC7F1#s5C@>_63+2!#lWol(ZY zaXDI-;(!;ocF<~%kuw>=73JBz!~e#L4;;Xw)g9D)UT*ddGlDn)hqVsnxq+1f-4f3cm=%+Xx&WDCI{Q z6T)GN6>)>^9DJ()-BVK&rCfb`f7-n>X%?mMk@c3yD zhTSLaWmUK0ARC_VDq&MGtBv=jG6t8bv1s#VuXjoe5`Pex3JwJrJ?R&C4Ym~~N^{u3 zC(a*0?v@Fy&{~XdBu}Q#?e2AYWhvPK`tba(&G_)EWZe@Gy{PaDv+`qtoK`gd%dm5x^tHI6;)PlOA7bwR2Gr0v^`mRO5JDW>#j$bv3EF0_?JOibs z=uO*U`sSphW0{-Oq!tjYDVGNb6{%DPmDuoU{c?PH>jRnu_8vX2Rsm03&7!)7zB)Yf z>~mBp-l|`sY&&W36}hLFb9~wPL2Gsz9E=7?4wjhtl6Hr|#WGCJ(2@aGyXJMCYBWB! zREs^6_WS85xj)HSxOuB`cy@PZ;(OrM=l^31(HGA>lOa6`R=I@I_a+}yaGBBq?f`ZW zCjq$AwL~LBfIBY~`CPJMb)H}B=^)Gz0jx`ws$wIOp0{ag<2JZcxm2;^M-N1F98ton3Lvmo&=V&RQqODiOQN^jit+qiX`Iv63{dSwwvA3HTaz?G7xHQ z^`2u#qINarNoTOZoU%Cpy%vZ!$)`&wnt%g_BKoWWto3fb8G}(%CIAIvN+`ec!PSV2 z%Jv70jcy|EX*$B`h?*}!CstvDD=81{dl`ceFlSctpbe;sOynQ5iDA>swuZs+sA^tl ziVKcS_bx!Gin#ig_?OFi4WsT1r5jx>O@6w=xN7OvIo|SoIA1s83uh_>uy)}eG(y!8 zOy2OXuIbAuJ|aPs*0e33>wSDzev0vnoNo~7sMs;=;S`NE1=1G4BbGTXTgUS3xtRIa z{YqsUYp>cO?J*mRyXED8o?C1`$r+9f=UHZ3BLhNZ>gqBdX!tmVSWP>e7q!18KBUvF<-I7JWnxF*I}(c4 zyhJn;r%Rn%oQ3}(+d|Qt=5*xcJcH~FNbKpP<&cqzw;uY6!P| zxa2}6c3T-|bmhuQpyRd#&ut~IGavV|Lk*g0q!NNN2JT?EjD7S?KTHtk^E;)UJNcq{ zZyi;p`)3QtpJ}n&Up_uGP49cdi(d7I^B(YTR#Y68 z+VUJ|x_lTNOH(J_VvZgYY=${9H0Zf|$_YQLGsxK2obn=!T@2NsZeByo)m1fJliXI` z$lQnCSSF)@B7a$$bztM(a6Fz{x_Fdxb{y4-p%3902#1+eo`oTWR2aM zF+QnqW-OOd%~D%llxxnW#a96GZq$>g1e?@$UJ+Z`8>-G1vO!j$1`A~)5RJc_)RF(z zRXi2k`$nN08!=4lG+vSU1ga=Wh;lO!p4H;0eRMxwBd!w-qMOnX);4~#Dq+?2of2y`Z zuqxyk(=7{827{$gF^|#4NFdy?Cvvy?Qov;XCLei-7;-agXJnz-cQ0m;8EV|_=m{iS zwhHT2`MzLOJz=R5RmM>l>-bj$Id(P|+H5FA`Gz6^G=G^}FW}Od*}@WVK)fk4v+dqm ziq%k7fLfc5;$zhJi20>aU{=7oo%<>Zz=JC=TK1r3HWzm_h>iATT&^gVYKw#Hb(q}5 zlH>>*imO>bi3rB((x+H$nVafJR9;ij3;BpnirS$|$nnT_DF@xBOnAUA516|YSO+)T zy_#AfO?RF}G9-|X@Cuq#=G&C%p`|G?|MT68z5gbmyc}2i+1L1qoyV3rq;b9=Ej0QC zxYHqjYK$7%>v3(*bX$8lHOFDVe^3my8}W!4u3pt%>VC&`%K=5aTmPXP#O%N{L)u>b z_Y~m9|KLhh+?lash=NBtW&Y3--g%??hoibaRJ_xAN#IprbGnl`Av;UaCq{Y@vkP(X zG^6BQzzVXsk(=?=B+=z`qCw>3frltrUQ1V~3&K(xuLA)}Y*~<$I`ro2UZ;h8YMnwH za$Tt$%duhUXg+_o0_m~&cnbuN+a|p5zpjjG|J{;$rt!NpbwdVM<8FJUYxC{Hx44>A z6xeaf{mpV+!cC75NkS|}f+3pgPG_Deb_AW|n86cWGAu>4kKe1pJ ziq3_8ARf=g2qw9=fQq@pn-(QYI(wcC@nNzy8U{~RnF+N6x=gh^%nw(#xUM;E}= zC^646qdNwxE4JucAa40zNyX9qZeoLSt8kTZ;rToTu-J|D)$R?G_8OL@@0XtDS^K-h*KY&X`FE5O(lcoj!&pAJ+=8DVDX?J9wfGmlzw4^%Ge%HU`$PJ(p= zCb^D(;IjV7O=ViTtuIaqiNqEuAX_bP&v(RqEs5)wj(yI&&>7OG1lSG==%<1m?3Dfn zVR^rKyMIusC>F7|qXXb=Yxl(Hcn;KKf1B_;-gAv49ezu0mu@!IFvm;;1L7hqKJHO9 z?eBnAo#=+Eb3tv^Y-(2pL-z*-^n2_XDssX|b?1A$N4ZSq@2Xe=n7(aJJ-OAXCsx1L zGH=>T6`w2K3i}jZRc&P%tq%#dS=QfT(9R_4I6U8jx`fG5XbBnrrk~R zwSecVf8KKvQR}(?#z9McDSpR_87)&PND^mM@f1e01UioPSKx#U%U-f71}S7q`NwY{ zo@wt|V-Rr2MwBro5ii|FnygoYhs}vS5-!5zC`?+WU!f?m*AyL--NRA4 zv*?oun}a$=QoY#-;&3p=9pK{J9_Ayhm3vcRlC_;-% zVD@RUxl~m;F#mg@g|n%<=anzc5*Nf9Gj{o9x!>Hwhq#(*0b52cozA~typ+-kkzXyg z_=&x?Q@P{6@dm78{gIs!W?M{3R2}-7Xt!LFS{!HAhhIdGqvnWJ@T>LAilto{@j$B= zTEH+El4O8YCmh>>|0x9KvgIEt1x5~v@@0m;VsExGYUCq)0+N#wn!YdNe?6akUl&hn zLmW`o`d0teMu9iky7HnCzvgQkL0okvW!Sm3R*TRS@rq@7a3S#2L8qe=`&{YuPQkRyByAnMo*tMc3%xjx-pR;+&k=LRB=y_JBCDJK2Zvc)sQ|M=O3YNR zqZY>vhyAZRdfgo)MqUrK#yGUvj zUX4J% z;IhrA<>$-P3H9-lGWvEh&t${HX~CwI-&Cx=OgE&(Kd#jK{dA#|h!Yw3Fdu!cdOK9~ zMoObJ3O93uWKK(jwI(j&)W$hN)ss^L_^I_jRJV4(49A zy7&zZC3?IhYLqS}bD|1T$ST8aAcdy8JSZsM`^?L$8@J5+XS+JiOj%ygee}8Ge*>IH z`P&ykk|F$1g-RIv2(^dcgrjGUSMz;sdeEh?&D&k5M_;QGqqyVIYq_I>)*HGQq%5Z( zO1%XR6fg({x`Q6x>@NZXIcAB~*GCyyj`;*ww*shC>F!ORoL|Q#jZN@&TUr zmZoLZ5}Xi{&9lUp-c40A7vbd@qSqjRz@IrAM`b$%UhCy zHE{_Hi?5pE9pR>ew_L;RRR*KQjv_%riu~4j#i;}Dlg7J>FBE^Q2(3>*u4^yt$NtsS zm>+1`Rqc7Zez)w;M0k%*|F?W2I(k`&CH0pG?WLML4q6MPD$tY^r!?p&@_-xeF1ek4 zo+lU=SRf7#49RLZBAmXlW-~Py6XoWPZf#1vaE5+}$>>ofcpa^2|B+Tlp+Vg%Khwag z2y>d6j3X~2wgaUltEc?6Cfl$+FkB*iIJ^@$#b%IfPQzRpzZf=KwqkuSRoCjP_e`KsYZA^JR9s9FN6YA8INWh)R*ug0!*jT=h@-UqaObF|sArKtMcmCyUYR zFGyXjKy7QkoTYX5y}~MFt?I5XYOXMnQG5{ z9KYB8-+~-OjOH#SwS{lfwV=FSU$@_hp=et5Ib^#l%Xjvd}u-zRVcrxHk zdEaubdip;0>cjF_Qc6k!jT?>iB4r@s)0lc4*M6mny0~&<4;)YfP<(ALQ_6K(gyMZS z^N(+e5gInkz2()=vH^^a{TW39S~eR+Mn<;jyxE=;Ux}3KHm+S21G1h69Jd!;tH_US zvhz2cm4jA|=}EB&oP5TboOdOOm|p1{%Vv(o!@baRj#=z(OzE&|X(b!#n;H^txcZ=j zsI6+S%j3SX_5G_1N&3umeQn84uh~~Pww#^ZVM45cC+vDHz_6PZ_%J{JBJloI3({e& zt)5ufl}bPDwZU#f&1~Wd)2@W@*@%Y+Rg?W5xP{?}_jA8S2O|}1D&g@#-%_XsrR?bF zQKQ_=uLaf*HbpYy$2RjgHc!i(Wi3w24oUuaWz7d)hX7D_-WKy5oTzdiyKl;t7ln@2 z76!DFwvAH!wf(yPn4pxA`u(Wqc@E1Qel6rqniU158oetez9iD$kD^?8N;Th;w%<1> zxRW!W5SGG{hXw1+SG|c!uuZB{1}gV>*;@%u5+xB2QNy257k^_#W)Bm#st>2W+mB^@ z3GIA$UN60r5A*M}@7MqgR@`Z|ZLrmE`)e`|rVIeE1)&1{zofSMmkT}{=JABDynuDG zew>WoFRwP3Ot}cg{Ra(|K;h;XJh6D8_+0)3`*;56mJFn2JJnJW(vnb@MYwLuW%a-I z4x~*hBZ15Va4@{;_}Eu5!`q(6R>gZfB0}+TyJSY>1#AkFO0znyOgixqq)uBA&c26g zRB#7_h|H%r0C7m!rN9HDEJYj<2YS>S)fve*n{O@uM6D^x#n^5HJv_~69goQj>{n!X zee$N=pSih_6Y#;|t{B@5<9(*|yRuJ4$p5vVf7!YO?+LlN%d4M=wgQ+*z6bo(7XG63sGC zyd*p!a-rQSfEVO3*+xQpzsjHb>sbAXmth*!hm~rkxM;_Z zTTv-6c3;a1ko+l%%+^N}OxPw~_+3Gzz>HEM!va|s18Y;;Wd$CJVY8#psX;Ky?e^m* z-xid#N%H>Mcr1|(Ni^cnM8YrbB}@raxPPcAxECA=3kVhU-&AMyduvkS09b{~<3wxI z9d)p*x;S5`re$MW*armix8|kBDx4(HNAb4O(#IxF&ulub^78qQ`D@WMOX+_U+z7H0=`z=J3j5OMQt6iW4JXyDOXNz%+E(5 zcgl4J%E?Yo?2={R4yarmxTy_XvtU?oATFR*k|4?}lK!bOq%fE$dp7y~1;xygI)hyS zrM14Kx!^2lyKL71v(O)c*oo;LXRn*F2|3HJDiWjbWR?=ZAkuM^OhJ>5^|9K|rsI6M z=S;UxwsQv{0OnE1GIAn5L`x}bXgUcY4Bq4p$@f_pIZQueP?DX(XgzLpNLpH^`4x3R zy{tb7euUQ;ZH@h@N6_iEak<0_#lFCmNs4GF2$ zB*P@W5w13f>|d&k%9w{&A{;57UrT{A0=y`NWVM@6DV;)}a#zbs>qsU)W=ipHlwmG_ z{ZvdAUTzmQS~2j#rGLH;vDS$nn{7ba@s{G(mHtinDn(FyB#07{eRHZCKLC?M z?*l&}YB}{oC1+gJR8}QRK%#PO=$AWHYylYTfiGyTBl*wd6kG|MEpL@zin1>3HR+aG zl|^ym?7_N>qB=!+O*ne)QdQ-n`4IiOFNpebrXb zF!>EtgC;8As};*T1X?{bkb$Ut_Rfu-KQItb*Z2ikGv&D7`6MpyNx7$5R19neODN8P zryZNOC6mv+;Xs{f2^i-dEoE#v1&qeVX~;2^v#AyyTGBU!^hZ^0aK1oD^h*kHT7zvQ9aP9&Z0naoz1+V6aBXsjsO z@YZaG#IG_C-v~fNuE3nLLMVN1cjjHwUFUN>S%sew2LA5N;(TCeHbfFROE@XQn2Mt- zSRHpZK;8(9R$h^^`X63aEl{qkSIyoj_}=@z$SW@LvJweKsd7cKO4V`JQZmsQ5(dVE z>ffwg;#m4DRX9Ij3|VM0HH1ygJ9?{^riTT^RhWP~(Phu>19`2~u1S$oq}=^F0jXP?Z>+=X>M5t4W?{$`Y- zsV)7=`D~2@P|MC}Wfh12Aj00bTrOC3nqn{Oz=4^<0)|_2*;`N$k(2$QKT=j!ODR4nJSc2D={HR3wb^{a@z;lD2?w%_fbl)6Uo_CyumK zs23h^fr?)HC0vz6v3upG5mL*6+~Wd@q&u&k`}r8-`mZ%$t`Gi=JLGkZnmG-0q2Qig zHn;UB|6S&&uk9xqUk2s0-D76nz)Br{^uHX|qmdNLp8ClQ?TjbY0~5LFCydI1!-K0E-L zg9gTBWOqbPC7LWq9v+;Y%{rtFA|L6%KJ!QM#@Ql!7;2f|1Uj{{bp3D_oLGS+>QQHZ z|My|@92F%0QbdKQbz;oy#8qUJYVlPC8AQe@>cn~yY`=YCFv+%IH{Bi$_z;JeWh9@*fwi_NF0su~0 z5wqt9+?PX1cC#3_R0aJ;5#`GsV^2(mYJUt-HU%Afn#>K1;&0C$z7EqFV{bSJCWO1D zT$uwRW}a=>yg0@TfXy+jWe>op2eLMbS_JPA_qmOHJ;`coy@FD;0G$!OS7cc84n8=p zNUi5&v_WE{C?r_Vhj}wL?B0Xo&R7-NT(D9{QwyWh&BLaqZPez0C5_B0st$l*MzQN(%J)(BJ1PCHS~W%cW8JMvZd-@+7k2mizkIhD_J|nuia-KyA_bHFIKi_ zI(S$2miZhQJIk7>l6xg zS`#D6GArHxEgy}##sv0q6u(6}|6jsG{{8X2E6&Mk*I{XQujI&4Th)|BvPxxSzxRiU zOO1<$HWzO=2|vu<_sgKoUO6MR83h)L!s|=a>~yY6{v|_RL8L?J3FvN_N@vjhn#OfW z$DC9R5stz|s{O~3)q=+qqXPc;R``!U6d+fU+#%>FmYsP6{BMc8?an9L>SV#(R;cK^ zpCXSu*>qlF&!jI>Z`9g_IbAI52$?M5J|0(5{iAH%N11d?=r{4uy=%DHgg?F=>0{Nu z^i~bLE33B4`FLW_sVj3`as<;R=1h3)6NcpEXrI2+pwbNl#bLx71_BWBmY_&RF{362 zM)lvNxLYRt%d1K1Y_F9D$!kvi=}`7@;R8HmLI;mGed-{W)v!0G#KGI(v?8)y{gL&0 z;lg)4KkZ6|6az!&?+TNiJ8Y8X`FhRxZ|zk0kHKK5s5v9^f^K8%H}_up-}###_VYjZ zhYFBG3DoGg$k%`A;Tv^?JCM#I|Kk!A$E@@y=NOM}>tOX+=`Ui#)^!{xbzFc*nP!9qGS8;f}sEV-7V%f@fbkoEOv%{x35Z{kk`g*l?oxV_4@m2_uZ9 z4->U!6Kc`CsSlHQm=Q^MnjP*l&B|V5WWD$7f6mFGHyaH8yComtlr~gnAl7zMzMg`z zcHE{2js0oVa25BeA?|0)IHA2N!4u*I<2f=n_{R}v#)+`TUR^LOb!C^!I> zSoO}@Lr)f38p_~@L1;(qOf;WO8ml}<)67o*-UhP77 zy8yihVV&?O4|B#IjjlX=Xm2~b;`77ei^NlzCa4R;*^y$r7NTiAY*7p44cv}W^A??6 zGZSBo^5qa*x^W~;?1TNj3KG3hPN!SKR9w*Ct;`INrfzoae^{}>U|3U{#46dnQs*kW zWUDU@q3gDKp4lHy@+U}namHosSTQam?AE?%va(R4kx;E)tHsfkW-n)B*lY#3WU|IQ z2lC*D#totZKxmvIH31FVEn3nAR*x+H_$VV9{%3Y3$VOK{#QZnT zd9^a^or8~~O&-RrH=6|=3TrYfvTvS+*>YP#|3UlG&IgeF_{=<}|4<__X3}qc zMj-JU^a(Wf^Yi`n5!TjNqE1K zf|7+}d-vxMQuiVbFyHd)!dae&=$I)$yEEn;0+6rQxKoK6dbs-DMGmZuoM73bHUSR!f1{|D^~suYmGA>Bdmp2uU;OE%6D4#uDSN)B&&Uuh#V926 z&Lk2;p2*aB@5#zG9ZJa{ONw8uSSuc{C%UFZMU-tA`$(+`(-~5HSxsM11X6tbE>F#6A{&ZNT(|H)cs%R z@+V(Yj{Fr}Q#NUr*6eA`v?Pw9J)la#1lUm++dAMh(|$?)U`eYEw9cL(_Gc^*(qkpz z(y;S2!^84D_D>|LB%h)}Iz?a*(uJe9gHM2SM1t<*NBYlLYrLzXzd`visrAS$GRXnE z@6{GMVsd+ze?Y?56BjDbxk#c&Cbl$V?uPnWJ3i^bal$uW0AsYZ;ft>Q^f#zXn*f&B zg;Az8S?ebm4yYY;s96WA#inrniVPn{QLrvMj*;8j;*|H9o%5RC62;T11YnJ4w z=HXlA-2reL83&|32Dn-cJw(70@&MX?sQoIyVv|*#igV6%vu9_W$BU}CKgfn@PCKXm zgSLiX{QTcTq!Y6bNvU6S@Pt;&e&QLkqLa4KIV*S2B7W(vX#xR#*Bcc1mx3K9Gjw7K%`?wUEBEh-1+fv`gehU`{Qxf34)rAkli7Ss$#90oSDwI{rz+Yy zLoO_apN-Y-&S${>gp#`TKNAYqAV2G+Z-ok!4r^D{4qimp%{Rg;*@V-it-5-0$24Hw z4MO8~QuSssHpZVrRW_Vo%i`#8tDpg~7nS_D|O;!_EvrQ~hEBd#!A2e2EE>wBYqE_+A(Cu2{~=9y9lA z>FPLfMoK60u%XRDs+0Y$bh5myXCKb&_$A$xni;|d_7ebjMOq_VLRP2K zW8%GOfAjDB9i(hIII^suk%6yX%PGc|@>dpj9vs%WCuRXK=H%&J%tx-hn_4 zAhvP5D`$0^0c-x9uLWo#Pa{4c$)?jZA;zZNC~N=udTQFTYS=uw)MSB>Mcpdk>S>{T zPAZRoX@;jN^P8ASL_-u*9BrjI1DrmL@wPz7)3EIpzP}?A8%ZufUqSj{R*8*AvfoL{ zrIpS7?eNfFkZXI*36{Fn1TLz>i0&8QzIV2z}wipn>QNUvNFfGZDG}Fq?C2~ z|DaK0<~M5sD@<86G4xb7lsCzv*-Tf{G`$kK@zqrfTcj*U^7eBA`(ZdV`-$kK3)R11 zJ~)eLGi(vSV_gN+>a?^3;s{PHx`Fn*Fw-DvmC`In^;#q5Ax**GULKV@DjuxLXm}l~{+nuQ=T)BzJ3W6MIeZ1dHHjF<@Q z(1<5E|0OZu8wMn@SLcem&htAznG#@S=U<zUv5qKkCU2aZ|Hu;^9 z6wW2<5ICcv`<*%ZT$6k`Y!ED88N6ll{{VB+q*%!CV*sDH6Xlfd&d8A(C0gr%PT zyt8`jH3#U2={6X9vxr4K6C$tstK)+9GeewIjk79laN7DGLLL0Q%1PG?oN#)Ea$!du zXH->`(=r<$zxm?!&(IdA0lZI!g&Q7!`P#fP#qHsBYT_QoBwKBoh{z^1qe2i8T-g6 zICw%8Wu=-Hv=P|LEg0b62x^Pn=3Q2RwJb_Cjk91nJh`CMC2eRN-JW_9+V;)$0?G)S zP~Ay^4hIUBte0k!fEjBHwK4gQea$a%uafy)a5+FC^L$f6KOBb}jz0|QLWi44bals# zFqZtmMvcz&r{12-tQtvtGjRTjVDo5#2#{1XKS4^in!@amT8#G9HFI|07&xhk zXqsH)@yE7o?p8bFGlKQiLHQL^S-qy?OLa|KeYI3P2kIa4eXjgZeMp2~tu$i@PSy~M ztm{@d;ci!l$cf`P)Z*&l)a|b$9}l*7UiJU%O6HignhIXuYP2iMA3O5DPGtI7DN~xN!%T)5O4e*-FQpeyTBZiVch;$Y$Z!7LAVbEa^nO8 z@(eu`ME2U64eM^zUnTO_F&YW} zU}Vg^ecdPnqnI7EJ|jyC7q*4N>49jo;nAsA2Bl0KCX8yaQoPBMqKp51BJJ|)ntU%}RG}oI+ zbvuDcG7vNh=+S#?L0X#qj6LzGrCO83*Y^CJx*>5aZ-7IG(;%Z|D~EmVbK)w~m!QLf zEsho_c~`1|zf1l(Lw{J30joAQp^Ie!ea*X?g=j|lWX&m%g*4d;D?aO;I(98@eQI|d zEuweiQUP6sH0hn3Sef3D^n*EdPRZeu^q&F|UNCp>h zwrjbf&}2`;+ZQ4e&iM0S zgag0|YM8N+mrbBurNqEzeuPdQ%ZpoB!+Slv&4wWWK)W(8hIeHs zr`l^c=!`>nu%{;xi?p`Z1(iQ<%on6`Qx*2GC$3h)3=X;e6quLf)cxyBJL@`k0s1Da z7j}uJ9>qc~z- z_t3%|;CsX01ndTFYy!XYnYJH^_2sn2;sd3pK-6^;ma-wR*-$yFq+!e zFF3YyMK;8;nbqmIWD~HXIM=DM`IQAQ%d~%!~y?FPX3+%LuHUDXs$BQ3M7og>G1I^^?{M|Y~I z;xI-)k#BdjoX%FxM1;Av@F#C}? z^0|}yCGYz7er}u&n>=3=ya-(eEQ`~n%+O&KUfB3GpfGi}l{cU{NHwI0qKD?P2y4hz z+EFEmR%1)&%d7HgxC=|7b;4(0MgDnOS|VCtn%Ic$u^1m;(E78td5zgJ7Eg_}bkimI z?p)}km78N1K-yYuU%3V#VuKV+CphI;;u8+G^P!3F)#I|361>HZ@)^LNo9_OyR@WfC zOiFdY%WAEWg#TD;cW2{m)x&NW_@bsx%>!DrBp$mp|UY$ zVc6aBQ|8fEpw=QFv8Dmd$iP#C3g}MGd8kJ*rFmNaLAy|yLTtnm2YrXOsaNo)c=#w= zMYh~daSJL`)LkJ}VrjRRV3TpbY-FS=CZ?g+2kx7^ekQt+%*9z)WTy2mEU{b9Net;H zBw%)H9Azvo+C2-Txas5_H;#>)lluW%uX0DUB=C9uP8`AdDN%3S?D7C^pUTC?`d0xJDYlsF-m`4g0wllUdO z6vXnq1?($)P0pyx8u}Ph-k~MaBXkj3nt`xTaPaqu&?QQ)olfn|sLK1IuFy}`sC%UJ zX36G_jbu!0ziDTJj!WNBXct1d)PFjV?x$D#BNk2+omvAxNd9VpoeI@rmdg9+-`&;k_Sy%{g*%}E(u8*!C) ztJU7Vpcn8OHPqOi;ZRvnuLYbFTp7%1u^1@2JcN1f7G0`FBiN=PY<im|~O(EdQN@r(^ zfKb#J>fcVrq zM#!I_LL`FBJg-9Dtr^ZNJyldxlZt$P({g6nQGo@NElpD>9rD#I_NQAKfe^ckKb&_b zMlk?mvMm{?BKCQw2u3~jOLN!LZo83%gOF_Hw3uqiW|8K#Lt@ZCl^E5KQ4T+*i3 zMgZm4pTz^qTnkDl`~&KZhuVZ+)_Q%!r-VQ`P*JS83~VO^#~R2r=4;BoVNcJ$4;h!h zIMx#G5x58|{09xJSX?|XgIs)QA!?C5EPM_8Xn~TMzW^Ac66S$=xi00^mSC-CQLxhLMWpR+U`Wy?Z=Fi#(^ps9iwVZN{m?);;$`grC5;B8L{BoRIRkK z(JMO~pdq^>$ksA3@*aK%t$qKBg+tCNSzUebDhG2Xz#(1m}C;36^y5-ykPigI3ts=2XM)Rt8Ru6^0$*ij0^$=ni8y)i-L{ zhZHC&H?2fB&3d9v5_ervSzalOdcNpYUafN-`+Ub1{g76Lv-yeLk<(ZF!SI*ObRrfT zI68(SnB}X>d9|;tHyO{@_?=(CD5WDk07dL_DX5epjTNGTT(eY{3qfQ*xkHUhm|NZ5 zDb1H(iMPik8g@?#c=up{;tI>xLq+YGc-+0FBSMK?pD~}O+6hqZEvALWOX9PUoaJm}SxiF)qgl;(uMi!k z&Qt`y*+W_FF3?B=igZ|99rzNfhtg_Wf{j06wpc$A<-1~pSC|#crw?-}11iymzwd-s;Q+8Mm}jHi z>LvR2iC?b zVjlE{pOQn;oSy^%X4=UdB^!RQO$N8sm zI#)g0GPVaHe>9TVui`It6^`eULFD-L%hjm4O4x%N3{MVRB~ZDq$gXa>ca~vcozT=;Khoh<5oziE_?At))W1T8nA02YV>EJB<;a-SC6q&)@w&n8e&C z!41ucv*5Uh%~0^Y@P2oB%761F2|o^n9bR(xU-P$a;Twidn}y`YSjfcp&3cIOEI+9D|l% zG@UVE-_Z6HfG-;hK*#P(oY(v*5}*<(<0DyCy7JT8tj^&qbFjr7o z%z0z6LyrM!38+$o3i2`a`X+ez9D2y|b7ZG#!4Gh6&`g_{$R+WnTGIhQzxG`zYd%6I zffuz2<|s$`YlUJiPLqpf&kfGJO!b_4I^AJhekwFUA@$?P-nJAM?##G#>U!F(Zky!fhTNX)n{V@;V;KZUeP?wNsrKTiK()-F2M;_&TE-!JZwm( z1v$`P!Umv>^1bEfg6tW74v@_r`P82AQjO6FnOyZ^?G5>~Gz%7bL5@7_+Y%8bQ?$e5 z2w>_;1)hVD#aOK&YI#1MXR~BiiYyMoE8#oRuLt!N!$?RH7$P97L&&!K^Q6@8qMZI- z;!`Wr<*Wx|l@S_@friXk=TKAWc=kg5UF}{HixoqyjrS~Mc3!4a%P67pXHp&A{AG={ zy3{T^3*~Wl{FGdw6L)$Xy#31p@oY5xyE;;Qm{#u#@nYd=eqh$`9gKu=Yd)x{V7;c- z3ld)G6puGlsY{8Z8;#4_HQMvFP{!VP_A-G@4r81ey9tTUD&yO}-V~akY<{^(o(TB9 zDq_8szlevCmW33rrjlsZh;OQ}R6d0&hTSu(38<1QB|!V#DQ+F_@jCtENfF_ODRw1w zjDsNgm!B#2(l2zPY?}6(5)>e|pOT|EG($|qU@Mjs9FU|OywTKj*Va8<1D3INws{|LWQiY(^+3Ny33dp>$Zp!rM3^&-wFxWmapq@)F8*p2HO8;;G~lndOPV$~ETV zi+Abz00`-m47)^6QLjwI8_I!iR9-^OyG2?oGdk>TRzg*uN5McaCp~jB+I|z zA@5ekn5a?&_y>+;{4`IenEOzD&^ayjjjf!}_{N8|f{$~ny3uILvP@iY$80hF|PtnlOU!l=*i=(<__{F}=K6zW!@n_{4>rAhc*(p+X4Gob-B;`NA@T|0*(T+?qdIS~;g9acWEHPz+$$sBv|t zuD2Q<(5&!N0Y#1453pD3gFM)us={mqI`CE*Hf!lg38`2cvYtDA9xJCg89@(v7yDlI zJp<8EIjgIOTC~@lT7IuQv$=Uts-lv09fdA2?j&04xNy(2r?RrC$RBjlcd`a7S%aI= zIzJV$vr`!ZgRPKMvMfKdhq+#PB);;O8;O&2%vsIHC^&Cp5h8vD#S$XoU9ajzywt)A z`yhbU!1i|2cRcotJ_Rtv{>3)i=LP7K4`BpdEae0srC zPQSMXZnq5g_75DyBMw3AF}?Zjh$WZ&J|~doq3l+JGjfi;N`p1srvI0`jwR@7dH9%k zS3U~e4c><#%Kof~RDe8aYG-tjHg?KKFo&u|gZU?YErr^bi7Gux?3AeP;d)tFe)6JF zPuN=qn^|76cY!(qUO}GG`on@R5M>WPT8F1q- z$mjouy|;j>Yl#vCFYbQvi#x%&_$9cz1PJZ{f_oqk+}+(R0TMhAAh^4R-~>W&2rhxl zA@6nn?w-G9^L`Uhjw2nzSFmVxknAqQZZMXTes~QBz;3( zJPB>|2>a=_JoFo+Z}5&8{dgJP!KS?8Z7rnWe$mIeLN1wB`sYLH>!(hU|k=zC`YuKEV}eUV=f zv<#?4I9lF*U)3{nsoQJQHg5yT3vA#gwVnC&E@K2gEg(%`lLyNj%iCM7Cyn^d!g4nF z4-QEl*wnu>i}MUP8_tom__{5>USad{`+9y4++hChb2mz;JSU>2hvbmVsb(gUpp*j+ zqdB`u63m6EQF3pY6JLcIYTh8GxorAe3EN{NsVfowqeN7ASG`ucLde_PCQ2To%O{p- zTuGF8YUIxfa>`ZA!-l3xt;?~KP;oO1QoHqJB|oVxGm~W?+KYFaDg4yP;La_Dfcr&0 zXwhnNpnYUR6nV)Xa7KqKt;Nl?B(FgLF}z+CM#7csrOuXS*c5s@R~lJi##d)p*KnNW z&e5$Sx<|+QqKIckw#7Ys?d+4S zFO$)OCUXvqy&tVV){4qSk<(`M(o%%xQP`@;eP;itOIK_cB2aZa_%#BVt>KiozM1*z z;{Fma++B79d@&c{jEbUF1RF*%6Bf2Jh9R*^VRZAyQ5AhR*KHbJhO`5bKwUg0%!WTO!n@L?J|;0O>*_zb5XWd}n3S;CpJ!rH zX~dg6j>MfCvP40L^xhRh{FvsZ?Q-Q`gXMzbQmW!wx%L}2%gY!^;8v>Cz{y2E^w6>h z-j)DmTRA!vBtd;duOj}DarK4FH*@~Gq{H01KMgYUaZv~NclGugO3FQB3PK{or?0;J)xHRPN_4gzp6#+*{IGBn zNNEge*DGd1MkcbAvLCuWbLxubNBzIN9q@A9uXg&rIf}m6c{F@ktK*fr_#H! zng!10(ugAGPa6_K>}o_6&J^c$(l$hB$3f4pl`lxrm`@dS$U7GnDl!e2w%S^nf%{3` zC15G~4w3r2AL+?bqumdx(Rf>mw=2{lMR)j@n(kw`>dCYf8dCzS-6OqvY9?w+wrx}b zrWtw|KlJ(4ORH%8IVRfp?4fvJ3qqG5tTH-|K?OXvax(JGe_-SgZnFTv>mm*=T>l zZhfPqinJ#z&8%)?qkTfa|FJMem9e5ntY+W`A+zr;8X=t@^r#3^WE1a>}Dsm+O)!I<{;a~m0Ei<+7>U?fU- zWSJDiaka{e*8T02*Qpmcg)O@|omCBvU3ml}t4Re5L$=7BG6Pb4c0weyUmL2{kCsS+ zQ|lG8NXpp-&UwuSmn$<&vlP`Wsb20(UntHsM6^bJw%dzqO*}*Kxod7Zip8u{5E3sw7et@6PN86 zyQQ;Lf^&6Tip9YOQ{@!0PqIqRv)TwD1L)hrD4!W0s}rq0yWtI(HQ8JaS_}f3u~Cfn z2e7G+YE4h0YIzZkheD0h3mBtc)+ap%eRE7vOtk=Gd-a`ZIXTHh?gU9b!8p#_ zpBprsxY~4x$C<&2&Dkwkfix6_ZL-sC)((8&!ZL!u-oE88yriVgBuPC!6rR1Y7T;}Q z9GbBt&+P;&&;kV2?zgBFL7^>zHdTW*mk}p=i`DlFp|y-ps7#KoZhfyVn5bz`H{N@r zq5((ZeuKO^X4XDO94}Y2Bi$+rtSy8-)W*CL#G22_lcWXCl&-r5;J-)rd4(Fex!al& z@zlE3npTBJhmytXo!F$>%JKQt@s6T5tpe^93#|`!kiL$^#zTc0mAJdr^QCrtCG{@p z{zmRVE?PRybF=xe?6?x5uT`(5=$&ErCQWN5jcey|GAEJvPVzvUY*ed_hoJfURp825 z&s!@N2wuonihb-WbyRPKq*WCcJ#p7CvjI|;1!oo-JKD?bV0p5VQKSmbGS&fWE(}|Y zhB(VlW+R=7C=EShc;gt6MCbN2FWtad-PSRf)Y7| zVM=thC@RoK2t)(Q%}GD^S|^tSWp#^VO|)>V4%z$?kGegPrll1d3DkWd6 zfPTSQ3p@J`w8+wfsx>g%kf3gLtbXa8Rhr}zV`5zTa*?DjiDOYRF$_q^NRtY_DN>1C znJ5bE-Rgn~N+i#hqz=j%P3@!7NF@3f_0w;zjF?wBWjLg0aP>Fbrz>*^NJfq%D1ByE zPlvEsF`j3IX!llS6B+JJH=%{&%fYY|g_4SPB`m)gD$>f2Sy&KZ$<^4>sTy@@YS@fq z!Ub3Ir=<({GW~jMZCyR=w<{lf(1jaDv~T>C^NHs|GehgJvZL#>st0Mr#S~W@Ys7+V z$wdJ{=4Pd;tiiHn2dO9D#c`p*@`jz3m*{F0uh9q#f?w9j;&93-{RS17w65(QuW6UK zJjV~ZN3v$;)NUnoE7^l62z|^a{GDKsFPm!rL1KQORu)8NmX3CK z<7~g;+eH}HifPk;PsS|0cjV%+0$t;_dcBG_&0bz2EgWGVTxUN>9E|!U>EsQaN$Jw0 z1U=2OlBE58B&%65*N$4)^hhEyRVCg-U_QY7(b{xM+uJ0O~wl9PhY%v9ihN?kM1Y0<;yZwDeZrrQ6B81 z@;p!aH;B#dLi3qcICU!GsI=R2R{?|f6S_EEQVpg?A^XsmE!K&6#k49{r50hf7Pd51 zN+UA#84DRUEI*VyZLucW-l*Gm;!lDlF8n!Ra*njt1;ALt7}i!`)saRq;ux7fIJ- zY4UdB$)0B{I_91ZE!NU}KP-NA#Y$_W5yY7CehBgExrk;yQUhZP><2IB+fE4g-@sX(8Nw;p9}5#8U0H3=g@`E0pw;~})GTMLJ~ z9aT+7g^Sg8)KNxws;2lI>NF zTg*YnQ1Q~$3OGYBYevgHK=8d<(ZKg69tkCq5We%xAD2E_+bz9of5^Lk$ok{qCc7n~ zQn7;{X5T=kB1UBL-pr_Z-1+$aIDE+R{jfB%*5PzMv*N#+cYpV$EbsX8{Ayz99(rZ+ zvAn~7ZMVGjzFqVVSVgIbt{nos<>RgGQHPV7|9!{bSPp;%Ru%z`3F;JP9>Q`c zKllIaAH@Bi;rf4t{{IT>e}?vd5+?OO3HN_PlmD9}`#*7vJqVn$FI%0t0=%>R@ciUr50|rX}*ROnbN%7lI~1&qp9upP=`E@hZE}2^+V=cg-KP8Bph40!;}_4CC9RT{mRS&QUIl(7d-lZhebr1@ zmzHY~qh+NR0mZwn-=M_E_0qO)=iXAD^`%xn8;_xew2f&Ai(ig)nurCP+G&5T$q#)i zaaix-z`2{8(8uDGV zUQ@$Tq325)OcG($M!T#hYdF%rdL6N~2{dUxW1jU{;5D~h>p1?Jl5-xgoI_Bn_kKOin1%IHakVl$wzIonIiSiY>gBQkWD?bmgtb5dvv98O{L zuxyiF2O`QA-vhS7kBDcaNXtXFvbdYl3@L!n{RZ_9>iq%@H_{Yl*N&ue1}jc{(J(mB zzRHA{)(OP(A-LuyaxlGXei{JItz$5_$u#No>3WUVx))@jNR3WSA-#Nrwpt{y7n8Vg zRS@`+!X|GEZAhlg8e{m=6I`H#XrrJT@8e@35%8U z`VjTh`6@x)oW{Oz5t`Y*69o+gk+KeavI%X`UUz#X+&WV_7jeJB;LfbAbzcR*o7HetQGqxMGi=oa&` z<^kmko%zwmu-QjDmw5csnS(ODpPU{y+Q1#qvtDdBCC+eYjPwYNj&@1n`l?zprnXaN zXe7_e%>?*WdTH2}iwE5j8Ag59euEy~cMUHT^RKZqG06VH;S&rDgh|;k60BoYeb?Sv zsKXz?TG{_w7bQ3kCB%%gNI7QD3(mvSb%|Ndhq|C}UX{MKbVFT%zogP3QD?=pQ%zC#9b3 zWcJda#n~D#i>|(+xF~qHg=WV@mg6HMINHF|T4XLjCas$!(dI&x)iB(Tm*zOqYvLm^ z1X9p2uzYnW!%j3vze_{0tHBXcSbD5peZh_x$uZ&AQC^$F$iKm1*}7JLLd@oc&OtKRz`?B&cI4u@8v-q4{L8ew2R?O2Uuq7$#h+PPWcUOid#y?iIzU0}h72BX1+5@=6CQb| zE3DVTdm zd#>@l^NPM$z9g0B(>XW{2}w_FY*sHZ2enEN7@Uz83pmw>>E9qICeH$f_^b12Bn*$5 z;q#K-aHd!3jmi>(;bVT4U_@xqxlmKBMfXpW(g(Y3^e-h=Z?4PeQ3!v9FMa?nFmRAZ zQ~uRQLcu@4B@wXJPn+eUY4l~IGXLXheNnx7U>?t_3WXQM7OT}=r1r@SyP@QKx%olK z^yg-&sUarmZp9h`HB&3EYLu@P;JnWnZ&n2jQK`cA?G~dDHUkr6S}n??vzXa zBC#dBN(k`MFmGY5(dA4yZ&O<+2eD?R&Eelip;>cs;C3tqRfqR+B6j7N@9pVaSyT%b zRB)>L8`(6#TM*+n^s>!V5#qwhHw^R6hfgv|B>Qh1?%APCP!l*KPV=g(mi0?>V}GX? zDelquQu0wzjTy&>rBR>oqf1#~rzL^}R68MG_9;+yG{pq>H1?=Z?&rDYQE7F|~+5bo~@L7$eory!}f|=A(HTtuf3u%9ipv|5=uSxIl&jZ;lx3?#SF>P7SMo3 zhg^|Cgi-jDW`1E6il;z4MxAGn1Ffb_dHJtQ*cW1G3=e{(6)IUcq1P{;`&ASyAN8N3 zPCVyf@tv*R{>Wb=&HdTC99P5Mb`RH3ywS8x5uuUw1$xvCiR9%H*<_chIJYbaxSqBY zdrHp0qq8Ge-*P{hXK){p;vG^wJ)rH`nQiT;fN%TlCXpE2_;KRxsQ*{0X@d`Z{|?KD43du!Fb`fXs8`=LP5`*CfUY>5AH;r8J)iW^Xj{M+12n!JwfNvKweM$bwy`q z>r4{2_wt(h@n@Rn3cfv2u9?irAmhHBproU>@a=nWzSsqFM0w|D#Kj=?hIDrgAxZ6) zFr`Tsy&8oyUGo(AjS`kR$Ju8EZ3H0lH!;3WYj-AxSGTNukldqRKEl&KY(DRtcl4$w z49VI=qAuJL+pf=?5l`8DIcoA#EW$_CUckF4X)Y32E6(b|qrm-Te_1+0gGsTem1O%i zxRluhHRu`gFmj-HCqv?VwJfdttqL182Fj}LeshVdkRqteCI_DXT%&`x7p~}7ULvG9 zMN8t{LP{%JiF%T$j%?bqBx?WcmI~_Hyvtu1w@$8hW|fZnO}t!a723s;Rd%?8{SzKu z9pISmn2O;>CfZ0_{@tEyjfpZ@*6&lywnP`-$?O->ciG9+LBVvZ^~C)GUULx%X>vzm zUSQP02Ig*^R`Y|Gy`EkrrZl=#D>fl;IsId|GftHkOK&8GAu?c{PDQ(uTb2+YLQfRq z208O!w(dO!YKHS#wXks-ou!M4!VuA|%}F~HgG@+ImyXG)u%Z96mBZApNoS5@M5eWg zBHh7!I7Zi(ehx(9ji1Wsn8M*tIxzJ4 zva=R-FY;5vKmB7dNnXX*mM>z!Fh)u3?rl~?olvRf_4c|DUsg>|OfE=T8@5|^ZY#o* z@0rznO|nmhox7dDJ{ElLj@}?de(V&UuJ{52zRRFysp>#IGN^7b98UUMB812(BiidB z1sx-XcD(OHbWc3zMPrWc^G8x=0Qa3Pqb; z?w;mpu2s^W@1*OR)Z{(j;$0?`8BV+|NhWf-RU?&(7 zE3fYf%g|5OzZSJ-3HROOKe?heqPDa5!Htj!uu^^UsJz_kvfXKTmGy_*Vrg7bM?+%A zpgYz`R|?a=Ra^ccDPh@SCu8Z-zz?!2hMw@XdgG$LGA~bsJvgN}u?SUxlQ1sjosb=~ zj?Cxi;d$ZrTswjoI_yV0%g5>RKc*RZYtitim(<=t+2y3SQ;B6=QiesEC-jNNiL^_d)tMjb*gv_;i$SOOZ$!b7hyAbvn4e=qAF)$p}vVh54x=CRK zm(hXGxtR|8Q1A&5wbxpNj6*veKfv|v&KK8PGf61o?I3xz@lwHX8J3+AGG1)UMqv!M zIceU8YOV1;Khsw-qNh~zq!cll;^um|`^wZD?Y!v(sz#+Xv<|ZM^!7Z%LgDS+CV1T8 z+H%~gIqECsHO=AE3Yogu$M>AlGAP42NHkZc9Eq(3T@yMfv@w;{nAaK8reAfP$u)O1 zL^`6v!lGrxixd{sik2;&3kW(kpCM6?sYjpK5KfRTXC2$Pxxxy}G`Vx%FmEx(Z{=+9G$3SXd+reDiQ1b~6mtxNx z5<7V@`;-q7hI1jUtC&*Ot~t+rRMWl8aAd>Ad>o=OjnbY5?ru64VTNxiE=m?=b`hT; zf6I0=3k7_GCdWEff7UNgHr>Nd_NiD+yvv>(@eY+pAYLzKI|5>ys@m1q1+oM|yYj|RnmlusK~RYE?8;Y?v@gp&203vQxuHnsFML=_ z0|i_gy5>zXtA7*+Unw>k+aQj5PUbo|qc-5F0Fx1-K{Onf`#I!8JuUQ#SrZCpp zr5Lo<^+EXSzeP#2$jG;n7Fm~K2X^a)%PU<}czvSZ(S)>S%&t!~l3U0pF}&f^yVALO z3r~-L_Cji*xJVT_$uCa00i7n!fuY<7x5v`6(l#6~dTd95n;(N# zqs>x);sx*9%v_el6l;g#YPrMw=FSDuCO<4>5e1OKM&UD|L@s%^y&wonh3(~;URR?z z(zIF0AfB`DG$XuXwv6h!0W~{a<6G-WofF!y+7FsJ860Ks`RiTu8LF&)v@aa%sx$ak`VuNH;v*Y zH{Rf62O_z;o4?Q@pf0Z&!-G$Tn=N|ZZhN}@ovM%C&4Th+n&hM;EZ>PQf{cjTh>@%& z10%d0Gsy7oZAJ;rQ2fHsQ~$_pqJ!xWv4R&Z}+UnO9vQV_0>J{P@Hcn3FmRyrJs$B3( zUm5c-`*NbLP!0E5Lbc3?6~(wxfeY!tIq%`6#e%1?iBC@jkq@fhzF7tH{u!lzs)Dz^ zKXI$WR2vgx3c6*JukMlsa^|S4eYWjpYkIYbQF7X^eq-#HPZf10QYL|ERV-?7AbtHi ztBCt`jkkSE>^n+@8ysYP#LzK^R~O;6=P*75#G#&~y-z|c!37&MW!Mx!((X9zw0xa= z>w9LqV@BfmX8vd$7&6v$RYoY-+o>XI5kGFQB}3IgZ943w$;PD<7b}7MDp?ETIbu~= z?ze_z-A>|*G@oyM#+JbiPbH_=+wV!A?0lEfF~RB`ewtaKOpwxTIX>t3{1>zU9xpoH zyJTHc@rtA4S-B`zR(SQw4}30IcV>E8cJtONRu!T`LNq60eWl^DxwhSJ=7}d}9Pk)0X#Us*Y7^IzY;8}U2}68PSBJ9?Z- z{!wc(z7&Ny<%gKU&m@(Y2|{St@lH(7dr@`-&mTAnDQarcfx2!h4`>RpL?1fEd?1dE z-fvjbW+(%;Fes0qGl^w~qq{Gbrp=M)BEGIo8{loSe)1TTkerPwBrJX3O|Hawps|X( z$P9@Mcp0PZS~hl#E`~c~QvbRV&y863nTHJ>Zk#SJL4MVO2!0q5FTt)FLT~qB{in+@ z>V@ARd-aWXr7+2evV&NcmXz;@Ml;)eK~y-;GtpM;!OBXM(ZlMckR^?V9QFQG^vm#L zac}nH&%;s8X1xKn11tNkRq`--t0vglK2Jege@C?FH$Q8AQ*KJ>qj4|peF0~y+9o^* zAr3YNt`#Y!>Qtji{quQum$&xMQKuPWh11uOfG(jaH)|A2mmpK*(Dg!1N%mD3HX8SK z()nbm;gUv>BJNC~@#OtZEYj@f;e-cLEl|*J&?e>Mt9x?J1FTnVFEyqvS+2`_T)ia4 zDa~!%ZSpW5bU#9ehQAOZy%N0gdJ~k$rtME!N&1a6$PCxEE z)1h3)WIyGM*T|;Ew1fGL$w(>Xo^&AvegFtEGpOOx_9hidYZpP zPg2xZDV>q!q0wU%-{a?YuM{fhC&Q-*k?iQk+K9x?#cc0>gW`^?Zm4Q&D_1j^HByXp zN~^z{+W1IJSPaMDFVsA2+o0UY=hkU-EiY4b{sdd%MGt(y;YcAE1cN%&BPgZN(rrYt z@A1UHv6o#MxND=*$0nAi<8$O+!Wdvnr1Sa$BSY0h>R3CL;lcj(?bM0>7WmFdIx4d| zU-!1Qx90-s;AAN4FsL$?AAm3GihO~$^)8)Oamv%2N*h zyv2YNPVP5mAlR0Opto&BHWwxXPrZWfVB}m~SQGQ6%${bVa@j&$Xz)^&(p#otUx6)E z>ko8PUN7WW(N>`0R8+T2kIV0YvLc>LD8<8yc{~MT(&Q74ZI;;!`ScSd=LH{f6gU*S z&lmysp>ej@mg-_uD`gcAvi&B=2ustnGgiNF)gDBVWK773y38)G zXI4v}uUYz)%K6Z^D`vQd?2PZbA34rVi{tJ}JIk`o9C+>L-xDwT{{}6G(J3Z?wYzoc z?kha21F=7vZD*;GFu0EA|Hu{}trCb}CLJeRin(){D+rxVvU`KzgGPs9ai;n8-rF># zwLq)R-g|nfe$_+$U4~CiyQ#^yu+cPxz?*Y=kx*~3+_&q|len)C+U106V=oV0&gq&m z`r;$Y%0_&qiICJNX8o|JEOz-}8SS_y;Yvi^xIx%n*8IB96)BOjp%G7h%a%^`O}(k| zf+)(xPgX%;l&Q?T-jNr;Y1{SwPA1?*D}rO!j#&SF`SE?V-u7$5hGk88(5fwd4;VDO z2L58N?NXn|`fd7$A*BC2hC11Se9SK9K96j4Ph%*ZBA1yRpJi-goX_s)v>yfPg2s@V z;bGN+2|45d<#l!EbNx1#Fncq@Pm&79T8*B zWyLVi0s*@5TG30pwW?M-pz3={R4U4C?d9TMCwZheQuEr0UP6Q z(91GEIX!B3OIq(fLR=ZB$gaY(#8+80WxC!n{B#pBLT)u6m2tubIStj6t`3xwm1-6EX-(qQ{f8ELyWR0 z_us(}8f7V!n{#HC&hUDLKruBXn?4@(W^F%7Gi%i`5ZZa(<>Wft2BWM!Cz@@>Ni z^dx3`+9kH%9uhna&K|nVv=f=YX^GBc3`?#E)-M@e%f_ALQh;;H>Up}jt8)=b_{57v z4d!zU_k&^aIZ~F);96Gr>(>j7)9rZsRGXADR}Zt9frbSYKL(@pc?8nUElpp|CuD^p zvtyV&`{842AuTPbM&zp=niy?U}pGCpSI`BW_?eST*5$smLjhH8ylp^1Xp{W7Ni0QJkVDcv!3^!K^2R)7sA2 zoHzu*^Eb%OGDU=SfqDaXvTqbsnblA(+E&#tBa`*h$JO%i>zDD8A{BhJB0q|rburY4 zSy>mzFrHG(u9wV51kF-yoE);83U9 zd1%c_VuV_?Yv;(&!%xB+BoN-wey~2sK-59usvOjqPDcw4MZ1Z$`x3#XWJa8NsA&k- zs5OLfQB2DHZ6M(a-3K$NVYD#OefPPbTy&0Ck(@+dxhg;NYk&Ucv);m zG+1{f8h629CKM6DWz>{@es7JAiByrUW6*0_p?n+HTeAVbvXf&K)}_2&`Wc^~VXPz$ zM<4O2M!90K=oF+tCVDkH=&bjP%C8DEg0JGbnS(D?1U2}6;BPY?&Bn&Py#7%-AKTJy zbaVY9wQ*yvcuGE)l*yt`;0V++L43rk;Y+%1?Z|`<&k@SOXvGP>TgEjN(38I^IGyZP zPgPodumd$Z;MOO;!m{BeN$NxNpzBiXw5U)#6Ed>JyJ??LDrqy$Wkzh%+-@QXw2;*K zsI8msktZVUo|(*3V(fJLl@vphsn^Xb&>{!lR*K9Zx~5s`Vbsjoa?eAQy&xPqAa2iEZn)#gvI*eYTZk}{vi5Z)fy z{#*%UJ?R5NM3)drq-K*502gZZi+()5e~Tos0*U8jb9-JN)%D&c+G2jm2sUd*QkwiMHTnBwn7qm3SKqZ<7{Iv`{wZI@U0NJY*G+&X??T_v((`OZRFr_u__AcA4g5$IhQ9? zr|&J0K~z2nkna+fc^ySj5sCqAIVnHlYB-U|-XW#!oimqRv&v)krV4KVS`C3H*t;T( zettslN+gXiMewn-{yWCa_+8&yBIS@^!2)Wyz|sm-Qj+9J#38HUVeM?h+&9}*-BX{m zHP)Wf-}4tZP0FXV7jnG~L)2m^IHQwD98HsMr$8(u3WnFpfH@dzLN~Y^K$7 zeutyX!reNU%~ybosn%Tt+r8@KI+k3}AsgakJ}F-`nFd7vs+70JSR%cJbxk+9<9X=dfe z;f*}}VMPNH!jFNZ->Voo>Gr+MI7B!vO2oq2Y%m08dq88 zed$#J)vsc8?Dthp^gmNZv|t-mI?=Dv)*Q-k)vA@-mLSf)@F=*k3Vea6<;p3Mb&FNQ z<8mL#j9Ew*>?=DZtZ`4m(iyhf;kU~R^6k{vgd{e?F}S695MfH@ii z@=nw%56XNSk8_~}Dd2CSoLR{UCgoJ6vE@P4O|}AbpBP^QfluULl3KNp71^3v4r6$Q zqG&Rpe)p@DClwFCmZ@oxomnZ9NDIv9EN};KJqS{ zR#vgLx&j-7WKa}JPK=%s<-VF7suLTzSk~9e!iy?<-J(Z-Q?=)y?30WES4=|BHeIsq zm4*D{`?)5T%bXHX(yu;Y-Wk+fB3iErXbx&=BrlpWna-p~RYn+xvU?-Xm%Jto96MrV zw2)=_Rwz;TpgTN9JKinn3ry25D!}F6k+TH?JYCiaR5k^;rxlFfoZi^+M}W9;BnSk` z3$7E09GMBC9G373(d5kM-^y+B_9I_bX!+6w#E8;HKP@4$)DM9>vP3c^{m~kDq-Usn! zZ+KFekAgT+aPm{Qg%xjRjc&-4IqfJNG3xzIksN7(vc4G9u9q!?I3puHt4)@AAv7SG zdqggBL9OlDODz=Pry5=)_Yl2#(U;&GuXpaa;QCCK$P_^O+~a7mMfA?4bd$ffEq>5dhp z!%gJQe^eAl=ErzKpM6v49y|Qb0JGBOEtxIwecYT&5(LDezwV-WX<$l@sq9tIV#=1y zp6EGMP3~*k)H&2A{K@dWv!dzr`;Sr?94*bNQ!-nTmMZJgV>@3UUAWdHL>?t9;cN;S z07zlz{p*o9XVot0wPINY+|aqMMw)07kTv|}1n2d@pKm5*3M4Gwc$F>Jiwrrgek`k| z$(p?`7RTGFP3Bg}Kc2>LQ+9>aVju}-P%O=O-`XqE3S_C+lhXN+H!lekj&qp2i1y)&5WX+jl;BXU~ck|f0EoES^8i_QEWfu>ANHar{Dzx zVt|;&g8wv8pocp5z+47kZUbyTdtfyqFz0_(v5%5!{qrRLquxfS|6|F20T09fsEhv3 zk)Ou@&&&T&@r(Zpl=&Y?{BJPm>A?R6-TtG7`)}m`pVh!9R}bdDP0*g0fBX3F^U7R3 z*j$_c4*owr_FxMBjS%Z!+5#Euf64!8+x=H34X6J(0jz}t-TqA3C*y1cf69~NAG?p+ z2&{etdZzO4yOJ90PZL=E#NSh1{RG>e#j4<0&m-jHj6VWQQa~PZ77N={g949d0L%z; z{RG#~zkpR?X9Lhv0N@X~nF#fHnXa zVBG!*=mfz3R~m=$4!}0Y{^sE<8iFtZ$nxj$58cyIOx{sJEo{V@SjZ$6bQ6n9E1C@e zbCzQxP=nRQah;6-w0I;F(WHn5Uvac;a9lbZ|l_Vz4}x#BB(6 zs)$?H&n2M*DU!zBl%uZigY@)KYsPVD#>0A|AF%=MRR1U)kf0X8FW|ZpTz~O!8v9s2 zGycc1fvPxI?F5_p048ATpK_48ZeZ!lETITC8=_Vp1ni4h9}jaGVdI{F)_1{N)L>jd zzX1GU1i~B3#`{M!?h!WLKL~l_0Zl^ACP@Aw^ye2K3OOBt6~;gMHc(Ozm>$sWBV&*5 zz4@4VOh7kGl7rR`pi1C8mh+APs(aMlpRNH*ocQCVY7n4m251hT0un%74QR{!w`C{T z+{V~|?Fj$_I3!>fH@QdnMmY?4gyg1V$k5s$D10d9X)Jy15SS|n>Ku;x4Ji3T z;<4AqqXL*W)Bw`Zvv?8!+h2(e$N(c4Fls%z%_9Rqn!y&F`2$c7@Tmrj8xS7Aul`us zRqYRkKefPX0YEc=6#$r@e}t+B+~%=+K04tee!!07Y=Cb7M(KHM$UHLucn&q7|Hs-1 zn9GD<^28%80LB$Cmg-*~^|w0#<$r+z@P9n*uSbA?py8kVBQ2O2kRSMa>uLs=`%fXz zX9Jjk$2yNdY6mb~ zCfMqGfGWrd00va`V4ebxAiz$?xrdFbhs}8aRtxB@2jR>mmUbu z1cduv`Ty_C|MMCU1LEj{@!)`0$^Z7>U$Jr#;NZk?9Zdc&AmINM0*J*6ypx85M?wO@ z!@~nD;r@=ri%ZRA_EQ`P$a@k{s9x(lW!kmzZ)5QSx0^l)lq<8E9Z;;eJdlPiuE=2^ zibC5@OuuP}<2;-<3Cmdc;Xu*-O3#hDz-Wady=x;p#KPK3_?6Hp!O{Seo3Vq_*AFP+Pe)K} z*t?4e5y9ukn}wzHd2%ek1((6ZiO7ft*bVtEfuS^5U-cW#>(HGA?0+HIzGJ7R=?V}t zEU}`iW2d!8yiH?d44_Uz--WNcezth;K4Gt8U8r3lYo^UM&}v~w6eK~j3EsIyO3PpH zPmnA<|JZ;B0&DP^Q#-@cilEIPS;$nVen*`Gfw($pP3J&W!tfhE9TlkQq+A4YLGqSS zYKZj90+D`+D(&KOWvD##b$VGLtgH1dOG<^G;Df~rUxuNw7wUqrDgzHi%(f(Pe9LgK zOB4dKr1xW4WP*n~MZZAJS?@Vz3@ldTh}ix^~EAAJMc(+qDxr({*uUEm}1tltnh!Xa1WO`vf8 zaDD@bI7A2~u5l?afjr`njy4XgXRIe1BCefLBwZS(X8xjJrZQ*zU7d?DhMZsZGovFB z{s7;Sr)M96&MyNl(78FAsSQoR0+ffuHO3pvli0xSlNKv@ERT=cX z{ou@cA5JCoLuFW!g1f+BV&BVqEg(fA!Z@>pNXMT-=GzByw5%cq;>uDqtYkYw3=Vdh zneqeUOGt$qT)@oR4_b|tP%M1OeA72V(g>t9;U+DyP*c|jUJpM-R5HF)KTrcn9-*E+ zG5Lbq7ZcQ-*la9Qxfv#TCWRGdBAq_P;u$&+KNMucttf?79?gu*ZyFrsEfqN>jtJNE z%w*Tgip&C;IZLvlbI3*hC`Y#m9a~+*3gYBA|7mQju)Q$~d290jpzSS#;`qXF&lzSI z1{vHfgS!Ry!3pjVf;)sHxXa*f0Rlk>*I)sH1=o94K?LMbk-t)Y_htX{{(sufflS`@BN&)R|1ojAZ-OBBM01SGb5sc?Yqy}!u*`%la zVZ#Q5(+yru;*7Dp(cn`R#Mj>gS6pv%9sSf<-cXmY13*Gf;}v4{%=@oaB5Aen`kf?o z6U$F%kh=c?0%52(-@+)Z8ALOtc0JDl$&`WPr`7NR{DY4>#l@Gnnb6J!h1+HD_+Kf!zU;5TSAF!$qfJ1y( zbdD?7((?-lsZI*}PtSTDCjJAQ@nPW;9x=J?3*!JdQ8+uy)C`0$z1m(33UVQ}dL1R9 z1y$Z;2H!+5%Z3{l8i&6H?!XLoVk*^Ap({g(y`A|!Z$W|MyVC%u1^MJHCxM#X+E94+ zR}RSz<)=R&>CyR+;&Xjz%AbVWFT#gT@qynMX+a?=Uq^b9m*~C|Pk(mj7uSo3X@cG- zjp8l3ORe=KuLFm{yd0~OJGQZl7XL$rvM0xJph9`(Jf^X zZUM*dptm_M6|vHr(lp#P?lpqZh6ZdLaUztB@~JJEDM337X6^iTWgT0Io0ET>UYi9< zPVa4OXcGu@sxveTrfPs>-E|J`H*reewSPCp$cW;n`tXV6&AIC<3o+T=fW-sf2rE~2zjD*jGTTYN6=6!gs6bqPT1{*mGn)*|7gGpZgl2HGLcEd8#BD}=Gn0Sv?3s+T^;HuRD zlS!1JSM%(`tNg!{WBd?THWOYHB}%e@8tWMT)DN(K#hi;vy5&_u;0+dLbd!S#=)D%_1b!y+iLmFJo5~p#x=@jtONT{m{T5RrkfnA03AI=qf^zWghxx z<_3WLq_KjZdSXIBm}h~cD1(_MISeW|VSd*8YX%%QKPj;-|29G1?8YcC{6oAchr{WB zTXmjYWb~LcAZ>$x04L2N_`^}icb;!%{X+yi$MWpf*@T}d$hDhk( z#K@X~=Tf;03{6e|LRxD@N%*vmeFKy}`U;l|(QYOVt#EV|8z(!hs;v8Ua=I?dE{xun z;2Lk*{u&9#4O)N4JHGBI5-mLoB1mU17SKr^oPURnxdZhJTb8f)9`yD!t(XgEMCT6e z1lci!q5AssLhqgXZrY_E@KA$3T~3k%a2!b7`sdeVFZ7Ule|zb7_9cl9{fM=#bv&s% zHvJCYY;?19I%972D(EFWId1s{YJ*^IY^QaJ84k>n#SH72{4M}e8sjC5zYM|h=oWDy zwpiK^3wnN=fE0vAx8QpaS;7NWswcGZp5Z z4)gctdv7l-&TmgFW&mF8eU_N>!c2#CC~sK&;v zw?}8xgk+M&gB)n_=TbU*PYapIz!MsbLVGA4V3D*JZ0d*YCS5u1i&^wc1h6ic_17zC ziF{sl11rr-hyE;_8I8u3RPrzjR5q7@ncuHp(VI#eZg^^gJbJP^@0u(=3R9It(Rlni z$;8FtKjornEFz+IrcA+N{YYJ;U_EV2(WLa-)8EBkzSHby2O@{e5Sh)s-`~1gO!J9! z;nHOO=zHwrFK{9pX>d!s%ia0qCL%!+XDlSxx_biQxYL zMzpkS{dDZj@M0dde0OShV~c_O1bTp+7$7A!j`CmzkOHuab7%%ARWEQP(AT^BZNhM1 z3Is_X4-xcwAlpe};o^WXtSJMyKnI)WhCpv*DuqrgRfq?r{miY5FA{M|^?Ydz=p3^83BZz=vIK$^QU=2; zoX@-l-&+ak*IcKc^M5A=_`P}7A95}jzLWb?_Hqkj8w=Z|S!UY3cWoF)w+zhv)e`$Z z!1NPxa^kTy<(;hYiTClkbRSl`4ZBFA=MQQ5P6IB^eXmkN?riA$y3FL9tC8_%HTyV~ znM3}Aj8OOZu?>>sA~XZLJ*CW>zsRLLeMT00q$AQ+DOjHEh*RbRx)KA% zSgIU57F_M@M1dlOz$ua2(^?#eCS|6=vB{|`@jVlZCpF|yf2>Rtg-;BDAv=a0++5d z(@3FpfOjxHvu71#IaWyT_m0%z+v|7@)-!BwN!Z&lzV7)_fF{GwEL(GR{-gGt)7~IF z?Q0#lq7T!|GsdERJG*yleF~Qi3sbp9?jGZ+@5>7SEVIlAHI;+@aADPIB%Xi9GJEm9 zq!;WUZPf;8;8B$Jvlvsz(>PrbsDoTU>aBY6t7Cl2y&lAAuz)c&{s)+Zw~e^Gz>?2M z)UV?VY2%0G0Ek)#RGF3Q<~TJW?j=u>BO$EmBxuC4G?r?<#=)^y^*HR}-+zGqsUr9| zM3NmxS9pgX0I}W(TdQr9kxJG@Nw#qX6`F^a%OWC{yFe~q@i4o!>-zMcak=$IQ-p_^ zl|IgNRK^Z!w{6S+oOP0SB#O!F6pwhp#UdUe>9bU^f{`Wzqha~O zMi>f_NjVlA*S#y`_kNfstpzFi@fSmwSp9r&-LHG9`^(q+f;IoKcx@|~b>$liz1V-I zy&?G{tM)$th#VHn`;XYBe;=u`M8IxVqK|Dfz9yI3Yygrux^6sV#Mn`3fX}sURfrRt zSpx-q;!eg$k;ySn&lKtmD@T2T3{@mEDWO-17#dfnPX`vR2^-+%l6yrB>4N?y)2fU_ zURtrSi4lr8{4s*OzFbGp!)=~`i>N9n9;ZZ525~U~Jx}6r0we2=vO@ne1f;jcDjcf*Gr za&|1`70MSB2L0Af)v?0DI(Xqzo9=T~byw7@!_LdQNwHAC70`eV`Nb*bu-V&mA)zh- z@?!zZKXMI!0xyqjcI*={@FQhZTB|iS36A<%dnA@a59@g(XhLtG@sifK5-BoOIvOuP z0|o<9?@V{pxVPy#lIlaV46@H#*F zKfqC+L5oTkwIn!qd-?T$~|zF1U-fL7#Cp4+NhB z;r30v@O_JRDVR~Xmw1r;^XI?-_T_c&0qgfkJ!9{Yb>y+a5_L8u#(HX6w|Jkyl z)wQ)%@MIdZ`mOt08Ka+CwHM~wI~-5QLTCtJGXf`Vjg}^tO1x)&-mSmWn@~;LXY)uBt znB{1zTK_4a1#r&e#ePN+ryCf@unGK_=Io`!LgVWe66KG#N0tf4(aTExVO5;Tq+Z=j z!sunJ-^^k0=3*g`?1>S7b<=P~6aMW+W^>E#k{u45%@!e)+}LF=i)ScRe4=DyKn5x5 zVM0Vg(21kynD;z*7mRVgb1a~WI^tFoORzTy;nb|vg%LQvBh{#Op!s)!U=_mvc1+_IA?xhk`bzdK9Y=D^k%v-;GS*_ zud~9b0TTp$Wo4&n{&EBU*$lCQPrrdazy0jTxwpk^7{Gg2GRj0?T2wi|t$d*LIIdFE zmWa&sdg)IkvKc}3K4?4^H|RX+UlNdy!HSckHgPS{0>Hj4pF9brI9}f(E4A1q=)nMD zdIP#o)h8Zxt(-Ww#B6mv(mONS=u@$o!ZapNTp9HEBj(d@qbUJ*Ek$Ola2Iso^ZrGDIh+F*6R1Glztqa1b@^K#9 zIU(E>vRRlV>aZH9wLQ0Z^&C%c9o_+aqEFtG(hxeyRbk>xe-n_^4u8-2UN19VEObD7 z>)J2$b?1Z7KUp8~$G5-FW^NuA9Ircj2DEqn=N8|X|Je}uKX$eJzZ(8W-&g-0=`$Gn12_g7W;| zl?Px|-*j6PXvsvR2w$v~clXG=l^Q9NTJfx}S^GzR%T{_@kzP^ST}bbL`NVENo+t?0 z7)jXOLI+vuUfy1~AAFq9R=RszP-qF77A(Z?(fhM`Cpul=JKJ{Sxl^E3s4y9$eM7Z1 zGd!tYPS5xLrdtKQ_r1V);O?;)5=svHopCk&ao|1CEp_`ly<+z1Hym?j_-=2;`@(&D ztM9V?LZ(o=Hkhk0MfUH#>=T~(nfgfPgbb=-wTXU*VhbW7DbY~FRgS`PZeuIeQ*$mg z^wYouG`Xg(X`vN4t9m?SCw#&JQ;A#@W_i0T^;fi+ubJk7LtMrEHKThAwTI`{yA* z!+X1AZTl_fBTcW@gkD7Vign~LPF;aE&!XwBefr2gTAD-UW8lKpuQ2lE>F*KNy?QZ? zwVHp3)Tp)MRTkacXHjl!YWiq1rBf#r_s10M&n5yDG7B#*7h6YT-%QQZqrP}BT(Pj( z=qRAOUmS?f{4CHa$U6(YA)wFA4}SSq>QU5^&+^&ttAJq7LM*Ynn!TR0uI?<|nFUMt z=;T^~EV~?x@ilL6^+7OEtRYe%`d-08RkI{xh=Ub~U0f@cMJS!Y7bzh!|A61*ctO#b7O?Mf%hI$IUy%(+u_x3mUP`?RiSt zBhpwC&Ci^gg0m%^LDooheJ>I#lMD&=gTrpEf{=pzOSYJ2>bI8?{(hH!=i-;oP+RDu zE#G~wI~i&EZcj-+dXoKTD))~CRe#^b$f$2izc`?Ou@$r;MY}aIFVQJNvNE!4eJ=0P z-hsO3*4uc^ac3XA@q3$hor6e(wQqrlU-K&Qs4|u;t8Gq-k0){pDjjjZSLeRb^x9Ns zBK^~K_l?M?4F*brFh-v4`NYqUWVk4q%}c)g%ey~z_hGAURc>+i!bW?_s%TET(a zy?x~e7 zT24T9!m_7=F{en4(olajdc+`9QAvhxIuHdV@+3ybUN)4HNd%UEgWC)3EOj_n0gz)x_bV>y3oE6 z;S{M8Tg)hyFyktxi2!h>0uAuQ>r8jWJ~5fbD6pPVv!MwaGfj?6+Sv(oVlzx7Zfp%N zY>46PiE^h_E@4uK1THu%BqiaYx@nX`#%|G7t*S zmMCMh$AL|!?!G&5*3v-9CQ9q8h-jjU_1Gv% zg|?K)N79ufV}V5OtlP$l1504`KR`Dp7E_H*bd3!f`DCOLp&dwfnMMFBsIxC;wVyy<|`Xp z5YMIg{qkDhTPO2B0R@*TQ3EZ^`ETn}&z_!12bbfAUVpl2Z?!d^v^W=kjzWz;?^_}+ z#V@@7z_5u#BEqk@?%n?bh^q9xW4~J=c@c-)Rl@TfE9SkLt5Z>YKRa-Yob=Ue+^1E) zMF3X@S5%$pM3uy_UWdH|06I|w`)*BES~G)I9xo|}2E}?!?C^aAcg3uH9TNyE7?2Voe_?^sgpzP4Uv)|z#E2CO_4fg@nNUp@$FD!FWxoI}ypqReW>B^pc zvs-$?)Fnkk9pSSieU6Vh2PtZ&?6!2aO%~;rEwAsa6D1-1B{Ii!W{46MuVKY?y*f}v zBBmpi`>(+G_o1?N1XW3zD^E^Jjdp_?HM1MM&56@Djt|zSiwUY^^dBj&b$>tQ>bi^~ zNRt`mym-*(TEmG(9zc%|RK5a44eI&N?iq4wbtNr53ibt;Wi-WAZlxPSkHB#&TVP=?paD+B$0kXV^i>adA5`oQ*;gDl2@HGyumqa}v8@-#?h6@h z!?B~p-1e^dBAUpf?tIj}YT5qX85^4Nc*-%e48fzC`wy_FyGAXFiorla0r&(=Db!_Y zdQ(J-s_|mT`059NXEAt1msl%C$yW8&!%3Un-*KcOHQ@>%TADf(?b-d1;W|BVoQ3%c zOF|)PLRlnL?Rs&bq7D>e+*q*3n5%PAAUcxA@cdQaI!u)EYKZzZOvovME4bmT#Z`%l4wmZ3V({7fX-sV|kj(r^Di!mKWfT`&zkdUyp@di72}(gQ0om55wFD1m z%A`zwa}%i%c*$l;+S-uZFC znKRHPXlVsPb@)7}3=C|?&L@NYd`cdwRxjmu>dq;0QwF4wz8otd{U$+XlWOZLHslK0 zxN$wHTzD)#>5Ve_c`v&c@$lPEK7|c?^k4vC%F0jcI!Dk! zbwNwf`-P=-u>~6czZ|Va)+I68LOU@;WwfW5f`0A70q?#RSNH-zAM6YjVsPW)vVgj*GuMYz{XxKJzH* zLM{kPJ0M~Wb-l>;1<^1L=ye1|-1eQ#VP!|ILLqn>N+@&E;hwsv!5T<=XMx ztBuKN+Shk0g_JhU0Yag&70I`t1ZZHa*ho$ecxH)M(KGA)StKtKQ5#quR1MUs$-j0@B4_;8e zNJsS93Zs@D-%b#VlPD48%Ir>PWWf>t0p99Y@T@_cL!xgD!9E4~UE;NwR~TG|x`x#? zUwCM@PDvV^!~if#K&*ztPvP%Be}PQCOEX$2(|16KzuS-n!;2+L!{!u7%ITb^yzOR; zE)ndJs9GgWID12yPUoR2W2|!qtek3PdtW}_Rd8VjVh7#q{n{n) z(>@79l9+IMV= zpJDHMP6U(d^0UvC+djD~sSnGpb^nTW+lZLXe>pK7@UwtKdWd9;F!?zUnt~m#VYK5H z4~aDD_j8^5HYi5C5lNfrjN>ZvgA|s!?+SW_yUZ^0B4Y0C-Lm>o8n61|(x13}d?UuX z)-?=0s4KB3V3xTH5MT6)W>Vj$lQYmRdi7Nw@@cUiha9KHntA-7XZ_qL1=#jjs^~Z-!trW1X_XH4PmHn2hA;KV}~U*+|r*C%5A$!))fZbH&wNamDL>p za}y{2GHpiZz1Vq3L=bIDmN&B2#}szDDQ!I87DP{{q5R9l!9wqRsgELI4uS?llCy;_ z8_K{#c~PTLTtoTj4tIsoevbB4oU2;GD3^}6X|d>2Sl5EmM%;KwM@XSuJ0G6yzn?|` z?t@`PaMkQ#*YftqM--`+zY#_$V3R{X&a4v|CJuKk+zpN1A7c3Lup95n)X+m~#{2x&4Febd$) zoPHIBaW8d7@E%$)ld4l*di4A}zBw~lGCYKnS=28q^_l4(c}*!9m};YhYJ76NdfgCk z)QRM9BU-3>(A#B`y^aw+qFQg=D|RU@(eOAE{V%0jt|Q*IIGm7h6j>wNZ=Bg8@g&bzU)3XKZ|FVm-w{`SltpB3a? zX!B|GsB_({6p|-RSG;^e$DUd4>0u|&-_3`yI|+LthE~68I>5qR1ErpwSsyk$rc7oM zGFYx2-x_9mnUX2>)Y3E@te*u$66liT74B%jN~{5?2!M^e!I9o4_9!_yrR*i53O$7@ z!C%AV2HX!D6C2r3tOfqE?hV1?zeyk*2$IV>>)e1MYEhG|zt@N2 zR-?QYapjhT3#npw_;AqX&W~c~0w*Fd_d6pZlp}45>+6PQSy6Km(iaTcf5)s?QLfZI1Z6ypBiBNZLA#m}7m@<@a?ZZ^Gy4wp6_h&Da&_ zn9a^4pk-Ufn`F=yMXsK#=Y;1|AZ$`dk+E(%PRTlwY z&(iUQ=gc6fYGuo%{+k1zv%y{Hhepk47pHy&qi>8kI>izyM238;z*AUs&MSeV`H`^S&|jG_@9==Bc8=w4NCZ@~?BQ=0z(L&Sz(zndL8{SdxY__O`X_9pn|X8PIa z4q3?}Y+Y_D>5Gn$5{CgLam1)N^{95c=#u3}U1SE79OX19`ajO+lH3*unQ@6;$9Pq~1;b;puT<3o?CJU}L)E(pK~sKsA=ThLd2J?PY)}FzMiG1r3{vH|O;l=X zv0|L*(t?#i=E9G!{yA%%3(wrzIqP*uPFi)*lGM~jEgQmA9tT+87%vWS1;YEzsLq~J~m z%pwz*ROJ&37Asyj6B^Ta4;Ey)a)3hfxZ6q$TPGMeEu`Ss9ZfHDuO=7ai+_6}rS zY=t5FUlNiCejkJTj4R&@Xm&?7egw&N_`q6Q*_BVoGYO{0)87Pua-HOlx7HGC;AveB z7p{QDGvy@xsXQxoc@)LMMRd$nh+fUz<44Gf47~n_>|#{EM-_lrI)IM@Cf&zzj3LO9yP~n#1au))>W?t0O7VC98@``ic zjQTs*KuH%NowsSt`)NffxYm0L9T@+4*gwov%KJ(5#%IHm4aQ0p)!(B@)PntR6h7dL z?I{^66CL{VWQTgOUK?il^io*o;e<+LLXQRH!oMcR-#3bPCY0I%r*n@rC4f%G$X`nG zXcZ%C!nM>s`UmNEq(D&zW;jGPqvQmXV16gHEVg%jQJ@v9vhRO~y}LED)%Q0vW%0oK z>>w|g`%-o6gT9QIsY+?UHjD>sz)_@EmuzCYsU#K?=-0 z<8=l>P^X3}NLiBZSdI?96J@^}%hn?FTU?XY>+Mo6XXW7^O)CbhVjTACMLZ0(=J;6F*kLrif;)k5bqiBX*#`l@UX2W&>Do zUN{3JWan)^3x0N1{2179)1|0oD&Kh|V(}Dl9~b^En^6h={@8^%L536Q%aOiDy=G=K zMNO+!PSIfc6=()RN4>_N zmzDyr!;m>I`Yyaaxoibf#v`#fQS>)IR7wy-hobPt_ZmTCb5CEmdqfPnEAH0HgDn0( zxhL3wXhM7dC^43Ro7sC|%DhOKfXiLqhVw^frWGN`<4+lHiHjuk!jkZ&o|EV^{C&-< zNOoW@DGrBx#@1S5X_poBLEZlqp9u4Tx;)l)|5V{?;BIC5M=$5p5@j*mu0J};+*ltw z@OV5zgd*DF;zp~T4C^~rJ~7{>>|-;#xMYx&sMtm**nbw0sEzT)w z$n%;$?|X`%xc=C zjLlxrhEvLJF^mRO8~M&XhyI<1{uw@rAk-G=EdBjCteIdDr|Lg|HSxBkJO|Dq|6$w6 zUBHkBt81$HmtTs(ThYcQg8gpQ1kl)JGdE_6e&^^1>nqnVYy!sAweYvXO#NELHSQ8S zD0T`XRh*}I+aeakB1%=#hAdb6*?ld{#~Jz9;b7Ypgj>soP^9{Hxa`W zH6(xUy}o7#h@0`N`UriLs!`g0DkC5Uk)Eq~WB7W@k?eUPrC{iSalq_Lt`$A)py2#x z$LS$Z2%k#~f}=9V(QtocIThfM1Y8+L&(gMqq?6x?j7xk|zBb8VGz%jt?6LyB=S38Z zZU#a1h}1qgR7%*sSr|c8bC7yVXQ z*axxwF_p2difMiHXkvf~;X-3y@sIZMf@{U=J}x3K+G86C3xe>u=Q5Om0~x&rE>Q<9 zQeh3t6eU@GXtC5cBL-wQR-4W={tO_pUD|SUt^`Z#it~hLQ9$x~V(&3FLvklly)<#6 z-df%t4+e1be0y}!6hho^3wONLGXS$&{oiB(=8QBrQB7YAdU-Kh%Mh^**~%LzyHW|(Dt2b{ zOyhSe7GEMfY^Jc6)~1Uf`xPZQ@x4Z`k|9xK2J5+1$67#xq6gMrpi?wT@j(5(y&$MU z+aSi*0za*abyT9rG8&*r_T@ccPFL7BTL%W`;ON3(5D%zj1Me5F5OZZm&baIxy%XvbfKNOExOqfM0*!F4v9q^)nB zAB&Mxz1Whe*bF0UBiQU0ft=;%Xi{+Ut{pkXQgWQ!2Ke~nJ3b94nc=meQFYrqsglV- z_Ixp8Y&;idWcnp3sc+`Ou!j})8X{DzvV1DRF!$AwO*nWV&y%G`Lp8;eTZ?+YHL8^b zf|JL{KBdtWUjjnK-9GF4(EQ_hvwZ%kiX$=7?&um_0syRS*A0R zZ+mi#UH(NyDZbph{xAkOkeKLoJ_cYU^W=#pi2JyeE*1Y6HuQI!pP5>3x>83@X(m;I zs9idUC7&<6>d>0*=l;azL7jUqBWGj`6XKxZWWBSentjlIVwlhE6C~l3MzFb467^Z!jUX zupp(M-C7_cd4A(~oe?|<^g?ZZuT!gM%3Z#57?In!(mbtyU-#*_w6@-OXXN65zxuPJNcn37U}7>8nJh1~J*f@9^u!$1oxJ7j8aYne zJ=FY2&CrLcAym5_UXFTrW|MWAZ>AdEnjDS4MP0G;qR@9uOkPCf2LSr>h3FbsTQfOBPIdKK4vaiqs$S{fe~J zi3Vvs-IZ;@HUKJXQu;c- z6cohyd55}Y{ap4DcfQYzvP#g->#b@)>gz(fFJ>%(A77;imlX+rRkqU!cOqL@a1ku) zb?MtNY998abtxt1Ry}qxd0K%>$lVOTpB|!Kt{YZ9*cX^e={~v|88!=OBm%6C&x8=L zTaA7Y7Wg+e*XN5-T-?${+|P)Q*L{Gy{PF&&&_mUS>EGlqlgceTJkyHi)&8>wi~zR6 zCmluNox(^;akul4`_cJMI}U<+xHZR<_j!hV4viBGKnMV&KJhY%NB|kc`x_12bD8EV zfu6ID;-+$`_cXuuInQ%#e}n-paQ++%8CoI9ys*q17Hfh{PQ@r}d4~Q2)W1Kh?#WxF zIvG23`>g$jbj%DgiJ9I)v9x@CkgkQjt=_%+@Y(8@Gj&DB{BMu26txrlSsEhtY@3_| zorMF47M705$J$<2Mk%HlEVt<1u>LCYYFOWXcb9(TAv9l6%e^}hudL$fgH*0L`!Qf~ zxhlT1(1*rCIKAqI*7rxp&OT9KOop&4$bwBqrBHP3Xt^MFJE-dsHzo4U{X$k@B!*sP zpzwyR-|s&_kF2)-?PHS%caR}B0B}$NDx5urMyJsCo5M4 zc@zu)plX$pLC36ItG*tcjTnBzrdn-|dw|RyB~?lL=2mK<;OoV9|Ap}%Z!5L8NMQpx zXNsP2<-Ey>dKK~^fH9?=`NX+lxQF672HguLE1W3NNI7ps&Dg>tyzNMN3DDVxs8Xhh zgOvCF?Pq(l?tdn4aCf%GCZo=tuI}bv=bi6-kMUEsM(y>~7F*ua+wH5=vm2&Ko4xByr+ivAX}o-92^_w`f`7qb=lq`sIxUuq{+eC(4JrQ7^@^a_zhhtkrg zIzn_O*PGyx)qrTaC%0vlwkI2w!Ig>yaVswYeG*ci$9TN`sfCSW4Np0WVxry@C0mm} zMSuK^4aiKbGyD6*th9;^G+jNkYD2M@(<{psAyU^8JFAwa0meT<66&WdE2SR%C2k!* zIBK(8^38O|Sc+P{D#YG>5_CIwjZBVATZ+oWJPmt_CH78Gown5F*uOmzS6Y&)rWLC! zkHgsiA?Jp%&@gzBqN@oHH-cQX=rHyH5+Dg1Gw z$vqVsV_=03VVq>MRucDAbc(5`)Kv$ApSxyO$F8h)?h&RFFn$Wc zq{YeUW!scWgB?%#ctLHIvCF)^_GuV8dU#^P|%49*j8u_dN+0Sw2uXf~kYiC`j1O;1C}@ zfDrb3^(}exb9r=tRJJUfC+?ZMyR=_0SM~X{eVe2*i zola&lhQ8#e5~o38Yd|C(M4a%s>eA~3tiPM&_~oJAlIL#P!WBXd%t1xk@0_{y%@EdE;X>Lp|5*&;mC4c1c& z14bJU^oFze#%1{}44z|?`|F+>BeykA-$m+A7 z{qcUg=C&U|AX&_6HTj5tA3V!Ksr2-JI}*{#*G3XFaozmLVI85( zRL@tu{kx2v8>y{m&L~dxPsr@kheJDa2IIF?jVHX`>36ylnGg0|B+w`Nb;vDbF5K28 zsUnr4n&Y7nY(f4pXKs-d>*TcOtImS*h!o^i|GRYQ$9}wM_RPpv>Hk@%9 zQ~7N98vXB2a8q~m?6l;HxEt8rT1kYCf8V}KCiZ{Ca}zX87l(m~(vxD(ez zfd#c5Kd;nKR6(zKNovk3k($(8OzkLKB)$bW>A@;IiN3-NQ3iPCRKG>$R^03X&CXO| zKO<8DjHp+ChMxO9^T^nj8k9ukqfcjWLFc)(YCEc`(8x7Gh>yJx4qBDXd+qIQ_;XC2 zgRDx7wRe}qHw8)%S2ZrBq>Op7L>6G(HwR%6ko`K!T&!7$k}XU`Hi&1HF^mIo-1p~u zj>orBs3@-IgaQvnSQLNw&C7hY)Tj;`s^^M%E$~e6v}_*Ql8*5l_4_2Y6f)|*(w6QE z@a!bjtsD16_^}ErEmWa}Sdnys_h0cfuZBG~``#F$>CP9{vu_b7Z;$j{&r}8ptn90P zOH3Z!Qf_-++WJJwvbeC^RkjnN82E60MfmsU#>X|Zf<{a;sm?MBxT6H-?~F3E*jh=n z_N4%HH!Zv@Wh1l-sG0O+ZH08b?^l&(h;0CFlk@Fpv@JZ0Bt78j~X?;1+kd&zC zyY$TeecUKFy$0d8A}gbf@~fR6hy|(Gm(}p+yI&>9C`o%d`1VzG0;vj1eCrF!!;E5R)k^^& zc`O+Xc&~z*eZ*_0j|~cddwo$dURa97WS}|8rLvuLJZ#yRpB1~XM0woaT(YImr#vN{ zS?Lw{KKQp^xNpfsoOcNJ^?{~%vyXg`*ryC6W7eN}-T9DCicoAK8k3Vn>IrjQNgmD4 zq3ubr7osz#JR?8RL!>*dM=5hO)zA{*_&)Vsq~_TInb6rQuCLi153Jd$91XE=wW;Z? zvsBW_pk~Y+*<0dZ9$F4FEzgir1$U(wX3X5aaMx|nev86~qjJ9AO&^zCKBOA^h~kyg znPPA^RW&0Yv}{r_!`*i3az8JzA;##p%vhTS{#oI#BZ_@Z)L(CY|3V&yZ9rq_j`&9* z=liMBo1#A5KO~~QQiRsDnIMFqRY2U89uL`u$yn26sLFEaXe_5bA_h7Ai1@`GQF?}# z#-U*1BWzaY^%5X6RDd7^kvM@j+&#qt-Gl$pgXQ$vjj>LHCtW2LaXZXv)u(Yr#c0R~ zg*cg1<0i;#`STH*8QW|&*_U7Cb)1}NI@kOW7f#s-usLqq4$;TUtb9FsL*tN?%g!yW zDy2fDQ!72Q=x(>vw44rn1qzDk-r^{qUXcwXCb9(rjSlZ$wS35&>N zR+OV6D((Br61arZQ1njY?M>^^IxsaCU!cFynmvci$}4AKLvNNt!1Nf?l%Ww!secMu zu-{}jNzmL0Ymw|d;$@E(R^zKN1ri2lVRBmcp(8W#6Kxz{3Ze!f1BTAE4*W*7QkYEQ z^ZWzT8M-LkjxR6C46NoPKgqKbbE}X!`ml&pE81TV3Z2EtnN#L51w2(A$(qp zR!uGGu54vELWlV=^ipQjY%9wVkyr(m#C>zeDynD>%Q1=1ZyOac&%Tqd!Zf=ku(nvJTUzq7(H=O9! zv@9hIHvl8cd&xaW%1jbPEmA>pEx+0(k9_PF2=T_!;@&JYJrmC7Wy1We89REUg}VyE zQjS>NsRxOkHp9TkH$G3!X7}80{}0B#G04`Y$+m6Vw(aiIwr$&XpSEq=_G#O;ZCj^( z`~7C_%#D~Y;?AEP74<|_Ry?`)&Xu(ifbvEdXsT_5n9!!hK@FDYLP!Q~!h`EdRy`=S zEE3YUjhB7ulR>z};shQ3ODN6w<6gP-_EgH$#H$KGaSK8Ki0l4VXfAH~w5Qb=%xsz<6PPqMG?eSa8jVlO=WiqO;@F7Di zSOHx*u0{+pEx~DE&n!v|)v*0>i3mq4G_4R#_UZ!zgr^Ox8F_{?Z7WuRwZf!j6ef%F zgZk=NkU@PhR+^H~R*mhk*a>mjm);r7J=X_KIUH}EY8V>na2Ln?5h+} zVIj5y2$3`jvYvC10Rst2fe27RWz$;8LQ&-pn#91S z%9JtmR&OD3!763=gU~8AYmeN52sivg&T%ooFSC}3PRs_W?z;w+nPTY!`AhYXegpU& z%;jhudYfg&mRuZs>dwf%;&^BKNS#Ub2&Uxj=|l2#>sV;|ACwBisbc<+$P2nZ4h0TG zM6$V?eorV+`a~hCe>}SWn4J4pR#AcgDk3iQDr+M!vuMAcu&{9NVI!ozMT4EnZDa4& zKz92u7yCB=|I#Y{+^#Cm5;->ze7))LOXe@!+aJyhvJYxMu{`#C6sKLCS=F3es!^qQxl0R zAXG%KLqJKS^W}0K?VnmoeMou~rh&7wYTm-xIMgHGNz3-0Gl$QhB|lroT%6 z5ar4F%rPQ$u$tz9tacgv@<1Z1X50PA5aA!)gK=IH+rfQaXcENL0pA>iBG3VbJ9_ux z+>)E*nUJ*@hWCB^ONSuPibT>c?2a;RqKhtnW`C`5h#-MXaL!Z1^h?Q~-dU*5EJtoqs)KFREG}*nYdAIINVH9hl(MJsR}pK{py| zLJKDugA3fTdGwCRts+Gmk*xe=22UTuj(3<$Mt;{N|C-8tIX{XT${?4y!!JjCvqrz^ zV?t1+U}b0Fv(Wq@pnh@=3P=Dpw%EO2?obdw_sjVHp9ZWtEN1qsIzq_Le9;bOl5$|Lv-7CFd$*Zc-q+T|CniTFeL)Om`2CY(F_9xDi4)Y8SY%a z4~GB}Z~>6HNdb3Y7mg(0zUmjy7sH5714Qim??zKmw9&g4rI&CHDcL^2kCn4Q1QLp; zpwA0*YyBmb4hp4CFQaf)ZkCs8X;eZ(77n;OdOQ08QV?asWeWk zf83~u4 zv`P+j_tzmBj>7|}MWM;wZCvZ6?%UPy3itU72OW(+Rj%8Ppf?y*Jf#MOk-U?D7D%L;Q0O29IqBg2eb`$Q?=^6!j_q z1tM~(_8Xvzarz5+r5*A4<D9X&U+&ExiR3xH5cL8B6H`)Mz*W4$iL4#kr4q;^$2U1y1E1hX6w82KnxamUwf9TjN7!i4Go6{srr=wR;#a}eu7SVEnFA~G)HuozYsqO3(U8IAE)M+E4$Hq(=?@mj-$kbZl+-1tg^?D7RF<5W zcm=&A57a?uz%nfF=Z#F9!~?wp$V=eGAw^H@P%h-!dDFw=KlSQ_q9Z#^p=x>|fEIz4DwFS?EO|8@fhebw%_-&(*Ak#EHg9p$ zOa=-hH5O+vz^afhDQK%0N+Oj4Xb})2`Ky32d+8QVjWTFp~gQmr!8 zPOFU(Xo*dB3ga+s6fCGKC7=!%psAFYgULz_StPyq=pe_X%@s%lX3VPG2L!_+EE*Y# zFENU;>er-=LKUX9t$&+y0>yT}S5AzD z5EIOmP9{haWGk*K(FsB-CI|pBr^FASAN4#IOu{9^&x**<8UR>AycF2f+UuM}J3C;H zrBox16l~hdZGKjeZ7-69>ls&1F=BY+b*a}a`?RhyIHn2ZckYa_k0Tav2l&ToNuO~* zKzc*Qq_yU1WS9TP(RW-(V^JupqFnS{ui42y@C_CsF1U*rB>{Lr-pZP27W1m%FTiBH zWWg%5Gs2Qq8Kj$zcLp!v(d1fBSdZIkA9r;FBVxJ8nyV_g(xUZK!NL|PNpN>dt>e!S zi}7>_v!$qtN*dLS8dpCLQJrA{VgT#69>_&XSD_V2%8!D8*-bqWZx@rsg)(Fbo&)=X ztBS$E*cYly#j3vuf)&R@ZY~Y#3HO1zn!ORv@sL?^1x?HNfT9d7l6T2##&7 zzGi@^J)K2eYK`d!UdqdcJfV6tolRb)=tJwwSRhB3kMr}*0~iUqw-BO1^7C`GsM#ifVxXUDM-7ZJoSsx1l0#qx<)B83kZXds7mX~=>y#4W_=1ZWK&M`;)2x2 z{oVEOu>aTTVg~LfP_lI1DR=2|WclJeCzLPqfESLZact#`5by!%Wi+#v}N zHDK=EpPU_q*g1!yU7v%d3VCQ>)NQOZ0Xna(YMXAA2}?kTAq2&;q7Ri>*+#VvNRtEs z1zb2|Sz-GW>ONYjf_mvLS8k?yf%C!XanoIn@ItOACu^EVk7g(D@b=>3;pBOm=i*|9 z`s^nSym78O_?GEaj`sfU$b0Ml?~GLGTz9J6FFskPNDI(dv76l&9(?yp2oVS|UGxMH z5&l|Nz`x9~>i2p@7Z<)gaNWAReBSQ&Ih7|DiSs#PgKy-Mp4r~`1!sq6hrd&PC=cJp zrPRd}&NuXP&O4qh9`aB3mbdI|mS)P+(UfEp5H{9P19-g0eFJ3(E zZ=4r9qz^qZBgMSGeRp3UYt!ByCPrd8M`H1$csOp)j?d1Wo|s2sDUW{Qm*zt^BlY>l0q9Zd{u{u$XBT0%jwvl1{6{4?U=p_ewXHFGv6U}yW8QluBP zuy!_aq!+a|a5fP(F|so@;p2n)&(-c(!HP0c1N;bGCu)-#4B6?Q;%F(s-c5P4ff%>) zJSbKo@Ss9{JvWzR(KfK-{ZhwQnI80OLs`4jTFReyK0Q91f?c)^a{L;@>Dof&m~U$C z?fyc4lDara1;104bWE*v1tqBH^EUbnMRxNx?0B%W5s{3LZO0NZb3s**ONk9Lw^f8) z=Y@WG)&Jsgds%Ckz%xzwNR_dou0QTabYznIQ$|{a*i_y?tTswDXAngcl-SU}Pc?Jk z;I(S=p8XQ(;;Fe1%uJmB zr6vx>|Dh%hrvHVSsx_q|ao7>MZ)(kNY3q!-I3O0xTcKs#v@p_&H@ zmoK{RD;JUO<495K<{Q@Vu}Ad#g5>S&_&u{_X8!PK9m@*NRzZilMp2xUE-$0$ ztRuB_(==e-ZO=_T3F{L>Vn*M)*-s7q)3Wp9{_gJPrHA*or@LqI;N9Q1siTb!S?PsW z+qsOcW$@^83G62)hY$(eA(weEPU)66h>WvBtUT5akf)CU`FqU-({r{Z^bxf?!T_m{tbs3{jvQZ5*U{S}E+6jil}yb%x1*eXf_tf;#TZ}hca z93;3?hy4q4`WkYhG5eJ|_R&Qvj1)28<-aR4Rh2Xm+gA zcLcpT7`TS|X}T+5?&(aIwO2xDadN^lR4)OJQBL|=62WGH?JRB|m>OkUCQ5PExRg+y zY{{Qb02SQ(B!mDKG;q=h(r9d=oiTccA}X#GCRL)YleIKJ^tghKZa5TOsAtf|W+#1f zvGxtUEK|ebg=1c;v;&^(Y47nIG`nd9N;O(qUfCjIryv@PB-Zb+j7G+A!KJvFCNf*Z zhbDc#tEk61%b~8u52wVRou~*573<(2c^`1=NQ*#ak{GW)-ocU!oA?Zj9S0-0P=j3* z`$Wx0z4FH>)R4q;qyTi58oT!#-M#_5s?TsqUjSJpJXi8vx+nW!$}+}n8qYfWfba^I ztWCP0z%0sDM68wps;paT)jUbk|Dl%F2`4knpj|t-P~9MK*Tk%CLy3si_f%#GdicV zEwB?{U|w}i36>1U9aIu+N$~Q;b(a{S^NvQE)?T(X1eAP?ek%D0MkO#+wC!RBOyMFf zg9<#934frQjuS-sDB>@r0vgmH=sg&bkb}d^*^H9U@}WUyX0Mdpwb03o>W3&pT1Mkm zwB~|0a}+XAtr^cx==H~uCy1=EP%isKUucVQBADprcqGxge%$WI<6W4M{Jw60qsW3NR-)@1;zEbz%t) z9U09t3K-Ydi-)FNoLQb#jCVTbyZQby{?xT|tvo>DdA==@mg->}z@v*m>F%6@J7ik$=|6Nvw*7#8F>ymKYDsB3m*;HW?(Y5;W39K5bZx zA^uQjl4j+yKK5WnCWmdK137XgL(!~A%^vJVTj|{gobu%<);Z3>kbFp(Gs)amYo<%s zmQ|b86Im_Ly>`@3BDBeu1QIVKZ8k>Z-(b0P-qDPjp`tNn%(r*h;Zznk z#Es#~^D4+lNK!x;If?<5BEeofN#Ug zMTrEq5lTN)s2>#+N6C;3hOEAWfL17zeTr0y>9V#KrOc}$Q=fH{g4?C+ye`lrUWSQR zP)bw*DRDFxIwQ;*%1Jyhq#;Xhu_4nmI0UK%)XYGRU;Kl&vApBq>=uAQ0`rH>=3~_S zT&-vlrj1fj1}~4|U@gB4o^-hRM9Pkv(_x^%gW$GPc#-npCgYf54B1Set z_6uR?tn5*yKm_lkhGK~*-9rBPl2E^Ig{rci6W4x9*2P|r4Jcv8w z!&%~GrmK6SNh9{-+E{+O06DBl*hQPYb9Zf8Z zh)sqbSn}b3P{G^)B-QFBZM_55eCX)r5}aql^(TdK$KGbE5lGtx$!1t8{U%|>0gym! zW7K)ZER&3XPOH-;4WW^~D2KODE0wcrm!4ZIDvy-hw>?^2Xw0eMn6UjS9aAFjQZaVE zYR~gbFRF)UP#>k72)BeJVU`s2?l7;ai1~cIcKRJ_b~i;_{k{w->0e>blgko5aUazX zs^;j)axBdj1C@@4Mqo}z?9KeX$}sJJNT4JpTF5>}hOQ^TgtaPI=(UM!JTcJiwup&_ z7mfE(z~VNjooBLsoNF+mqmQ85eNT-}rYvwB3+%H6HZ{a3l>_x^M}-V!C)f<+KaN)ZRVVcNqb}fQAVSqlzG(wX zJ)x#%u-1n8qsIkm-#Ei(pNpj6TfW+7j3q7nE6|qfH{{L}x7=MK(E{?^!)p2cd(zXhxkM|_NeX9Ws#Sm~zkt;Epj-Bwbmmq4)$Y~W z=JmHG1hCmH!ehpOR{o}G5qEh@^%@g_m&y`O;GwjAV@MQME_ve+BXD~BD%gtQPspPgkV=WFnDZXJK*V@$9SC&D-arQZ#no~QO7u2b@0)z%|ag)4_#6^~doEQipreqGQ1 zl{$<}m2R;Sl{h6mk$~f9gYQdc)E-3;C}GpNr!biFL)-aEtc5G4ZE`tFo{z4(O$m8* zO1Xw$?ko#y@d4;N5n>*oJqn4W6%c!TMhuVNiXYok*$0eI$kj))wX>8AxM|k7f{)h~ zVQQVi(C_TTtcqoAM?r_g>d)o0<3u~xAMlD2--Gc^bIa7YBF1Q6cNTx-|nz=Ni0AONTSMWi=bh32^q_gow zc4tPXqS=dNF$7dR!6rC`dIbPL6}%`0dP&U13t{JAkGDmfN{J;d)Oh^Z`3S^OXw=jC z8addap~>jFlP8DXBZvw$0>&tfIRNj@0%_4?NMv9USwWM1zhVC4!Q(%U;A}~cPxO@% zROg7lB^NakidKnUd=rua(Y$A;Cz|g(XR#<9`L4NW> zw;;|fdDjq&8dYbg78?`&!PH#{*VF4pMcnkCW3VSz{c#<2#PPSKkk<({lw9}aKau3j z;7jz;q9|&dG|>!o_N_xE_hDpd8`V}J z@+M-EwaFu`NjYV%O2bA*S-@3jiIRPY>LViHQp6w-lq?Z;-n*nhPsybq8C1dXa4yb_ z2WW~TmxzLBF?3V$8SY)I3SKg9(NaC7tZ*ZS)YTav3^LQY)`5i)~|vmPc<-Kg9^ zx4;oV5$*$|=kybKH3tzuYWz?Yl|H#r^wkvnOS(HGq2l8y2;q-~;MnVnc{-B^<$ORV zz)V0;k9R1B4w(MXSZE7vV)+$;uOX1DF*yV{#g`N-Q0(j3oSQ>Klf#`qU0Q(+K||l&4;fek5tX&1wvgUO8c?oh;l}s^6E-X>|4;8|EaRCM+*r? z0s|94`5{OOGeMtc;IXrpN}fwyGS9VFShLUBI^`QhN`vMPz)M&4#Mx`WXqOm4+{!@U zpl>fdMtOh)PHmyS<|L=Y&P``Mj$!S}BqcLt$5yp&)+l33tUaDXo~>HIn=x>uH|ce# zCzSxG0WwgOh#~eljF>Dk2}ho?AkWRvlUm25Z>H65?Y1?4y{{;SRFx>j*W|HclXj0b zlmV-pvNQsM7=*EI2%HXViS`h%i0%IgSPn7}1#R_(4Z^U(^K}g{{7`pY$)mZ}ywgQJ zQd9_#eAe>|h=M3u*5?52flk^p?4tWM0G@(`LJ2A<@MPOgP#}F8TbO0)e5*(I{HL@> z?!`;y)!u73){pCwN@rjK{yRdjB$J|5!anHV*dxvU-dx?Ek~; zF|zz)3jcpMO;cJ@u_P_9-7~f3z3jjX)CyGPQ06SNv6dVH-V99qaH4R~H&tB{44Kly z5W9N#;YHgO*EL%pkYF2HI>q3x@gL&#rh}@sUr)E!w{Op92k*JtY$G>v@ZYNtFU-;d zs&=BVnJXt#x!qfxJd@WNoDE$_TodUYH}sbY!m22`;~8ZFjFpv>j9QOE;kiikzD3}CD6WQZ(eQt_`Yp<5I?^k zv{}JdE~*Br9PXz2OKF#6G5BMz%ihLa8j#a@9iax|?&V=%zw|uG!F>_)%zZ5oDi_@1 zg7_a5^bSi9O8F1%W%OQwkTY;)wS*bAb%nV}UDd{Z`AfDO?RHzRtA;mG@qIfw;~gM{ zbbZ_#tU@AQ!&RNFDcd zbVMu(3Yc^{&(ME)e4#v>lE*kCD_rwv`aJ^-;=7J(48g6@JzkCyN3pl)rTjsay;BHY z0um%kUD^WAn6l!O9>Il<)tZkGOis-DJ8XwcBHzkw6#!j9h%a}~?_>qYGsLi0=p?Ksc(b)%O4*Y`uqiQKQx`wt{-%_nWo4DUy7UXC|# zLkV(OJwQquPC^R?Wn$OwYd5d3&VgARprnfphP%|e$jIDX9lomK=mBFIpjVTUTW zJ>A?8BQ|if12l7O8x1z;hDT|@E4ZoD+3Fy5(QtYHLe)hnu1}gp@fdkO3W<6R^Zou4IOJ zq0%XAp0`tvJ`r`FN9?h->}7)%q9tuhppa)3Q-@P1Q6u_TrIx-0Z{E~-@?d+riYqlu z^*fxvZ!X{XTvuw`M`Z#=hV;LO9G_`LTbGUW25?u_&Ji?4IoP&S;N(U1w$Vm2$ARjKRmE$KWK^eVhK zBapA@#ss;+Qg?1ME-C|~8rsU`Vnvc?-UPL6wB70RQn!$~^7{Vth+Tr$vLx~qQSkhr z=4F9AEwjWx^JX0v!wIq?sPge6wG0tx&J)j}(`kGU4AYSvjvBt3IZjM^39ghozL{th z*GE{&8=fnETskROE%ocwb|VRh{?+>I8W-yg$kEQYX3I7au2NCT7Fi!?6*sOj`#n>G z^8`m=)ZxF$!+}+DA~N7EZNU}8b4S||4uZ}|m$8oG(+Sy2ADKYdV1uTHY@z3I(D$;I zpyQMr;nN%7>CDC~LBsIK-60R|@kJ5FU{U?#a^uQrYbP!qJy31J28ud6omm*h_>MLU zWOwT6kV!2?#xO@tFb;|4s3Q-G1_MHT1eIdxjfEmIb165?npz`mbCxQq>{D;MKqS%? zD!e#VO%i8*$@VH?l(HLJ<7_gum)YkR0C9J&-5N#0#;R=wg03)LZB%BG1S@hT;~5n! zV!V!U^k|(`?YCLhWMQ>^PNoiCQrx!dfh} z&gIJVpo~a+Q^3O9UP;*g&PwJhsJM$tI%NhD7c`r4l>HaSWCIoD zNMiUTWW{-A)AC+mAwJVSc@Fa9Rs8)}(;mnX1%`q3mh^m=+j-8b6H|21^FBkSbyUUu z9o!Q-I__&!E$bLN`hCQ0qfvPQi^BLEZ-&wjEWP*_qMRj{Lac1I4Lp2tweihqO@?PC z5vbJlga*fY5N)#f36}NjrqqHBeu+T2mn|uqg3%P2R8IrHK7~$W_&!;hp=MqhkK-3a zRYLG@QFgM^#ZqiNA%n|teqe|6TUjcG0ixQ$(S|)#sVcq%>us7LBtkapR);Zh`*o?& zHTsi+fJ>$e)Ahv9@|J)^S~8dHSb>7-56f`#!tobG8_-cTB-(JBYohh>Z+$`V#TT*i z^PJi-M!*aTTFy0JFhy6yhG1yg5|GEwiX} zKqlWUN!*R5VDI5+=eFv5l7QqT5sr;7>%22)(PJ>^_LzEPd?d6|Ow_c}xX_MEoFjSp z{*}!*B4RS)@r}qPW|!-wS04T@6HWF*)o-91Wt(>ezQD8Zwh! zMb-i*mU_m2qOgZB=4jNLk3YWob$E<2AXynF+@$YeT0YveG~pa?i%o)WU7&8zd{0jk zHHUUH9>qvc(u@O#G3i&DtlO(D^UYUF8cWNG%uw0gCRAn(D?Qg=%F{8zgdQ+p<$j|{ zM=ols9o<{PxKQhpqSHKl_fMMD_{n%3o6qXe1&S%C^_^HHS<6I=N_nPB67tBPW|#Aw zJ~(S&(PhfIO%PdltJ(-hU!sR|e0T=Qn$Eumq@FUJ#3>)&5oKJANAw(*Eb^!>Vj#BK z@@&ysCEb#Dsg8h+-DZN9$HyliwdqsbewaX&sTapmMx4Kuk=*{iIgGe#Cyfv3HdLDm zp)xtavN0NuN1$3Js@?4E)EYdsa4g!1a5X%gq$59AaD1)ZFiCm$#c-Q0#Kt2^;2ta_ zX(_vAv6P6jf3joe>I7u!EIjz-4A4l>6Q8~JE96%{$34C=jlRhT_Mj;}W80?ESA!6p zt#+@(`FNf}J1Yr9Xx{hBTj%Rv+UYlg2RkKn0|D^ty z82>liU-J)e#%@FW0nW1?{+NkFVs5|z0KA&3AZr6ez=!&W`h%`@kov?S{vV%lRfhGW zrj=q1zynwkQ)2b!mE=}kJo>%-tlvPeH^@BKW@C9{o+RbY8&fX-7+_Lxmvik z>$&XancCB^D_Zw?KUp|?8hcH3V6WISS?&70+0}8r)#Ua0@w+yw-LhC98-B*K7WWhP z@h8XnPDN+l3t7+LhfnrEJHh|@dOIn7eL8!ABh_lsuu=W#d&YHJb}ZHkHl|tWu8vIS*Em0aqVh7I(t)X%ceT zG^3Yk6@0o^SLcA+#huOT<9<{QC~{;}G)`{V9tAxOR*B0fgLg2M#dbQ-f~f{sWG^9Y zf09L!`y)?Vb2uMF#WSggCh5op=L<6~!;C)G-g5PA@X`p|G{WSuWj$$9{%B; z2{RUQ3sh(nk39JHz^+<+2veXq+##b)H(_-?buW3|ilAoSsZVSS3k?*4T73%mhF@nV zT=$TVK~Sb&bW2&b0&1qh@e`G>3&pXESRURykV#?Cnr@mQ;ej9M0Ehj`d~ z*Hd&+*oL4OXm=un={mbPFif~B!+z9JN66F>;66cjfMH0H$lkb^G)=7F?fv9n z(zLDgmUKX5+?@tVNxnYGLEJNpug{kyoE|3`)ivCNQ1K@?p2~B1y5L|A2DNtyPZEG4 zOUy}zaU{a`F-1#Yp10?CE|71eaoTgMACjiy7z$c}*|K1`4vxpR-y#qpcHDiU#~p0Z z-$OW;r5G=#{y>Z=tV?f}nLQK9&3(1`A_hpmy~AgFX>dtxVBl1ifMo^XHQl%Im`tF1 zk&&G2@kT1|X=9*qO03mXaQIBvdSOQFBLv_zadVnLwifhCa#NuLs-rSF*|c$Uqf&cY z^T#V$R4H41t5bdxXsrPhT`OxsGz7FUr&#P56jj{vmx>!vU?UdGL{~w&c8c9%hw}M+ z3S#74~F=QnM$1=j#lRI#QT74;l`gxav+yhZ+0sSoS1e@f*Z~3GZT!aYFHyIzGo1 zATF8yL7Y!4vbFTk)tPo^*G-}@yw0qia07}1OZYU%!i7YCUlR={1;7|F1Res za6{Iv_R>I^lMM+&kI3QysfI|F?Xto=D3#7Q<$VLr9iFEdyqJ#X3IZPtmf8w`Cg8DPnxkW@hYn4G7<8x=A{N3jUTYQL^Z-xnoC!{?S}Q$(*Q> z>D~;7e%V5(iGYHN-M6a@J#$9!Hkh&>(%274XY-{qPah|1*F zp{$611BgRjS&$SD;=}8*^ydSSaT%*a&K$*XUQ&=U%rDp)(D>K*Q!PS0sW5RDBw8_PIj&{-%=Q*bh|Scjoi41mo&y~ds!uxEqiQptX2|mN#(X41 zg?h_ihD~drr3?$}^wY3P4SSK;Bg`jF!!KmQ2(`o?r!BFJz-D_IR9j@+b6)X~sdpLb zF;gVJbAea!G(V&G4#PNU+zJ7=_C}1Fd9OJdx7)*o9pQ45)cclWLmAP)&Hd8Mj2#op ztXRPqwPdQx+ zq8MW{21`)k_;aTkdC#YNrwz|B;(9;*6gbMA+g~AGqAy>DyooZ3*$eBkpB%ffQoWhQ zp_)U&2#l$8MgJVq)RPaKKqX@B9h1%`T;4Ixpd!y#MAz zu#?233=_st`4UW<$9YED6prxM@Tummmhh+M!dwi|PTyzZ5d7@R=v>4{kfiW-p`3@# z{Y`5pHBO5$F7`+HOFVQuSZ)Ap^X6iyO+4f+fkPS3vIw+Sx+M%v&-kq8$3x&G%G zk>`|kBu?6ZekQWgMU8q=Q-pgcrsAGP<6(d|twA<{i@*92CpN{Cr~0#`Uyt&Z@YaW; zZQ!JN;rwt5e>tz6ruf~S|(+FTQ>lF zPzFfc9{n8sbc|uODV53EaxAkq%@BQAZW6Ar$>t)bGiBywlyqW;ZR^!Z-ipr9zEKP$ z8ET#HHW^A=LDEI_&PvA0i|_EEL&oYvBSX?Ls@4`OqsLz9_$c`vjFYhRVS84k=c740 zfzisi*ge(B5u!z=`N+~al{1dnQe`=*V4J?An7i3fRScGHL(OBT>C(by z6hcX|FJ&;=`&f0&{;tukxsGj6sCNCwpRT;F zJI6SXmT}is?Dkiv!bN(%$^g@DEXA-_?BdcP1ScDIflLr}PVWl&s8bF0;k)wWRhcOY z`DzofN`25M`UMUJ+X z!-50_*bLGYDW5-!yCXzl&)Y&(Z*_ZD$C!|Yrc9AM#Oi3)2z&M$9phd{tAhoNqZT?C zYW^Yapv_Vxkb6VAMg~Ew*S& zoznYyzp~?3V3(XN(wK>AwXzA9oGolgUxeU!Mv#8et>9G;k~5UdAAfUaA4F87f-cE| zet!+ZE=S%CSN;}FyfA72FL82{=j}eBDi4<^Z)G}XSCx?ZB~6^v5Z9V(+aEbSml1=Dij>AlD1YKrE(;OnMdFuj?=a*=wfZVeGXnLZfge zTHBH_^GnhA&+k8LQctl9B>QN>*}=cR13q+OrCF9F-D$(0Z;O$I^bMAG#Ep*vxRL{g z;YL-4WW=x6Lb?w+ZGg}T)>>BrA<+cjO_$*d$ursGQJvep9PxXdB$6d3LXf7UJQ5Q1 zB$1UJHTTTlU#)FC$Dghm94xuj+kbz)eNL?0>6Pw7A0pMN|hW+wLkCf1pl{-M$Tnf~usRwibK{{_WRtoa`l!%J;hqyKd>MRLVI z48sf$0=_kT+(3V5up7HQ(hON3;KvKGVv=yOvI;XJ*n(0axQOE6h*&e%>GjK2=)=TC zt=`YY^14oU&-K>^<@bWzXP;|f@b!_@%gass$=23PGWA7#otg{%_o_~gYZrIaR$0iv zEU(WsACEJ;i=5ssyku4T^@~ELM+=o3-zvw)+=KeQ??z)B5nOAg*o zC4^6AoLKzsp0A_j@`W=;tL+i}$v$DKb}=Sth7>MtRVuj|J>daZEzJculM)K7LE}0Cta8b;{D9N@l(irSu zNa!D}3%jFcDR19rPYVwxa`d@{{f`a(EI1_uznrnee=`$B<^UQet+rC*1e`4*OXa{1 zILy5WIS;KH6PhHJP_sW3H44>>#K-ShaS_UB`+d%uVy8f+%Wk?#uXdD=-@}V9}Ew@ z(%a+i)g=X7 zW*a~mZVa&JM`LCMtiegk03P$i1xZYj8a>ln%vb+_B&1$ak@R$VQ*na;sK!>see#XM z&4&;G3Imn#Z@ktCq_V11)B(%2u@r+RF4F?cXgrz-{dooyRvMpLms{~_FOW3d4BVqh z2VE5c(iXJ5xXEb#{99%Wsf37B&CHaB1|rzZEA>@W10=jG2;PQb9jWbl(y>V)yF4WmWGzwS5USdkS^TOX`nul2 zI26gnRCA&QbhZ|x3Sj$a?C=~7*~dq9QqS4cxY}i-pX!NJ`&*>`wzBu0;)E0i$f1G) zYZCp0+BV>r_1k*xR4g1-jfC691Vr~s{+jldgUQ0XwJ3tGq1#D8j=-tF5aQ(0i0Eqb z7Eu7(R;ly^PUmBijgkTpomY$t<{YlL0@RJGOutPky=!#Xmcn&z{cymRBU&Uj*9>8% z4V=5kqHC7QBr4Y_TZk?Tn4fINVPS1WHdizee}12v4EvhC8SEq}9bgv_v-He17t-2I zz-9ObHqneO17^QVtg<;Z;S;KvAzg&SwUk3HX_FWx9Sghg1VM#-B|Hd20$P=I=oVH$ zkT*m!j`suDx@(VDv_+S+3cH?xLJkF1WvTST3+oBgbN3q^jUaf`J&l9IR}9Ut&C|XWl|ET+G-@8 z!X$fgV3DEBtdzVy&M~yl!8)c~isbuCkRZcAs4KQWVuqI3?>2NgE>XFpkvpUT>(g9e za_V)UB0I4R>r#HVEhyQ76(?mQEPZPfH#8gy36_X63Kf7z{7gJDsxDkuTISKRn`29u z0>zkel929yI+?DH54#kGSGxlkmqEg~dZVKuvDpSQQ9AhBSmURQNxQKn^L%%_w3T&9}BWBUR$5bGV4YWzHe?X3;XZDTSzoXqRsjyt{5Ki zmFOM{d~-A!Yp(QNn{C%Bg-~9Ll%+iuQE>bjE$*NCbx#Ad-w0gONHWHBmaADz-e^8d zdhoP={0khED$8&Z?6dWRK@P%h0-oiwJToC#sqt2oBtf2$6YcT(+Ps^I&X75H0&4hA z^5a+Y4;Msb zi@@D~cmJw%ifr~Q9#u2O)4t-$IGoq?x^3ES&q>U=_6qqnrn8VqHs9r@^^qaj*Y}Y@@x8#*|=|AYxsEq6<=A zi(56)g_|Yf>E(!kOjw!w2B_scV^)cs>pD#>HGC1@XJazyLt;$hSzbBtkVbU~SY!lu z2L>aNOfy}~H0j_;2JaQG4sAVh!Gof?`t2SpAwq;#YzKK%JCzXv`ejgOQ8Q_KatE)5 zO~@*8jft`JoJbZ0yD^B?Ld=_Rmr!scxr@)G?&hx8cd-1K+FpRN7r)0!%2cC&^kAc9 z<;1R5FX4e*3xgz2RRSM^hBP7R0^E6qlAJWc2$jje>0+h8?~a;;!ExTUP8gPt0U=A? zJEj)w?{5#Zw9y=(S^g!}kAA3zGn#6oB@_=N1F;zl7r~>M4PbbxquWM?ub;dt ziO?xY{L8~;RccV#eEp_7VDE3xWOXTAP{uzY|)RSpILC%l`w`{uLwg|BD9+ zR-CXLU_j`+pnldaYwYk`1tSc*0?`~LT$~jeC1jDYfcMYf_wAuxb4c9%12MdPH$AP6 zWD25Z$#x@q6S_44S)o$R_kS3BryxPPbz8Kmx@_CFZQEV8ZQFL2ZQHhO+qPY||8*kH zI(P3CvG-d>Mn26sBV&AH4geaj&6|Ki4$OA-Kj2_533kgk6FS+JTO>KF1A-i@!(QQ< zNChCS4-6L!kq|H}?`3nZ?WHYv9ZCyZ&3D9%7MY!%XfB3Yf0UwDX~+@3(Pc0kr`QE$ zPA1S`LRf-mmv8nS)k9JfxmWS1;lx9&K5-k4Ur=K(_JS=czzV@mKZ8*QHG z;mZm*A+Uc{<`U22qM=h%2RyV!bv7d$utF3+PYmak&I3c2&1o+S{UUSEH?Dlp5^fih z=`y7RC4xM0@8_(sUwkYB1)G@C1!J~XP6eig9Vn5p=6gq20b(Or&7_lJ(aN0r(a6k@ zmTOJYinU?5#q0*ON38u9Z2m7^FvkC@(fNO^M~p20K-p&y7coxtP_|)YRM-9mY=1Lzsp%t!WplG3)&?kb= zO0t}5#$@&y95{$u7lYvEbji=1e_R&EGcG>W)n=U9pg-k6Bg-Z5h9p9L8uK#S=j0t&H13?(P zwQSh$$D#QRyvc<5!k<%3G5!XG`{LPp<>K<rc~*A%f8WHh{&%k=BkTXhEZL+b6-ms7*!@yNeruh#;Zekh6cJE;PU(W?MZd8- zP#fCEWaz05>f$mP;QMusLMQQ7YBI?$qgtF8FQ_Z*6%j`LR0#Lu`TG4fv9iP4_49VI z_c?I1#|MV;4fAk&2%EqZN{0u>_jPppwugEBq)|SQqKi9S0~hF<4x50PGdyq+I`G2g zoeEczvyHQqYolRaKwBc_y(skNyEx-EH6-^G|J{7IFqs!y>{<77mQ&;F+uF_hxtcb% zyqW0;m9Q{g*tbwS9y|uSw@_l+t%WtvBQZrOOQMxJuwu%h^6*x{f!p)5ci)l{$eA@w zr+pT+%&VU2huaSwbN=@DUh|2*rq7yZzOkpBmaIaS5M&rD5Y_Vg)t0-chwe@1Kt-MAw?|*GOR4Z}Y|RayuiMYjFK|IRD8Y;pj+zPV zMv061-)ZS%4=&fG#ZxjhBg|b4WN4xn(dHrS#S&7SVD>>INqYk&EGM5o=J~99g7Cuy zxYn84-+U6wgWm|!puA01#dIZk+??SJpXLwAhbJd7`p8$N=j+QGbPbUn9Olo>EF2qYpjVJWFs$f5 zc+3l}8JN{x`9YI!7^JCw!kici!`Tcz_-M0$A~BpoFC(QtPs0+uU@3 z4<9U~2YLbMapJ-0@OIagp>4Fsvz(CWAKSRS#U+ZO55i7=5PRZOEVSRfJtHR4J@S-@ zM3y|m=4=E>^#&@M{)X<8(^8%J2o$;mp-luAM-VEi02#0CS*j) z)Nsy$o71xbTf!?-*p7R7WC8-Qa%EB^j;8d>2yRiXb-M-7X*aYAetZ(4{dG*i-H;8Gm5xg{mlIpqw&} zzA5mR!odi-zaPRM#@F{>Dzj)76e(CuwQmb4(^^~H{}ayRM*}n1Rb2o>*&6e#XEc(0 zfD}n5daa_;?+T?Zr3D&JP8Gq88U)tIbYa-HD}lWA3((RIp;dclvL6zZIoU{?!#!TF zvx#cLu{}@Q|Lrxef@ZQ|GBOp!pP<)c{uIJbOS@2bZV6(_QHvEd8h4jM)*Z*D17dNt zZwhrb$`YgAZwe<=LYKM@1RP&!f@u0FTS_Mh77(l0^^N*E$+A?!*rV@Ub=ej;#i6W| z9nrX3akkMZ4n0OTl;xIyav%j40GDb=`#wcmQ1rML7#nQrwS_$i4N%Rbz@B>-aVbfI z)q^iU>H*em;$d!57T?7{LL_kp1pZe7O}H7}VTSdN-zR-V$lPNUcJ--Z?Hl_^(IgTf z6`eTMFE+}8G$s&0Z2x=*CeCyB7lOO!v)3D)(ON~h zxui7@1;$C0RF01~R&)j$rLJq{R@`dK&GDc(Ma?*GggXURxcd&6vb9Pg_nQEOIuhNX z);llvYY#|k)t{C=jOl3V@)e6m+Z6i!rQ-W~Du+e2OPb(gj%KdyU^OsPqv-)pg34rT z`91MdCZRJM3nmA}+-l7ek+=n7azbW=i98CyL3?B!M#OP-2U2@pW80m^ll6H@V75>p2p;tjhJdrawbjD1`D6 zi2d@2_o8)Sh4%t;?FSL%fbLWY)p0iU2mu7XtTgK&Z=5g0G+p7S1DQe{pWL+DuCz2T zgfs((vYe!s?F9BzHJ%NrZCWkR4#m$60igSY&J0Ox4o`T3SipUl4Xc+z*?+z_Xez4I%0SPiUNnUwS?LUWl{W!Zf%K=T5 zSZ8dsW-TRUpYLbph*&|R=mBsgZgXNxlnsss16OVNX5IdR=H`y&>Wp4;r_`pZ zB?{q5NF{)=Dl#mzvfLd-$W7;3Z_vGH9FP7vJ`qH`DT&S44``lJ&vt%Bfuh*Jexf7P7~-sOt@D`!uVLIo)!R%${QRcYY=GqN3qL2v=VPhR!GBuA?e~ z+Fvvba( zGR+fCc*l5q*r0V5uGyME6*2dxGwJlB>Ggn!JRec2V-Bvf6iK{l15S+!8W>`mp9KqN zkv@sQ(NBRe4k%aLb&8bA!=kHeL73nCEApx_vdEwUDo41;xW7)H@?$g;_(a+~=G!R~ zT(hhw0y%acX^2){jHNz6X;wt`9Tz8Hh5`x9D5vx;x`Kt&UxfddA%;#A;Wi`{8?5TEmSBcO} z#aVZv4k;$jY{_#SlC7IXCdUo_DUZs4_FmfKgF7U!!7OAwPlaxgcW9nRGY^CE?iklE zu&cxY?^|S9e&tmGlSAF7guf1Ta)%9E-q@%m&M?)AB=R;C1fN}+pV*Ci!hnFuuu9;Ksa$P3SDU#U-bh4(~JX9$SpWYDkh zdYxp8D=|kaim06;pH8%i%jBWLOqfWOUBBJWeKi?emKd&X@B6exl1z3HI#;`;-h#3G z2AaiU|KViV3f8@dNJ^B)1kz+pofUK%I0t0yN*yQ!Ov$I$*8p+ke)io18v||u7csc1 zhN=v(NZ2rc4jq+H{wZiCR*_!lOPypk}sUF#03;F?rp%+0L z8T?rh^isj1P5$Ankv8~DdyPV=2orOKUO@XpxrFM-{w&t5N!$9S8O--DUH_aF9e-P{ z&IuG;vFGKFzdruXSsN!W1`r)@KEsSdsSMSlyY~kOosb!x0hf&X`VKkO2O(N!txi+Y z*9z|8(}!dh9onKrM^DMheV6`pB@!Czuuye-i;k5?g|AfhOKJ`S1&7gn0=1NZ3G3OG zT?88`KKI@0d0v%mTMb#WF^MR!R#n~|<-7bOl06=xan($z8D+a-L3YE8FpZY;4NW5}fw7j7(aU~q z&BG>n|2ncZ(pVE22bvsP@|pN;>!cE%+ejq=;>ZHk$O`t{1`0{E`wl>5=0M|Jzj7@{ zgD!wIMM-j5I`voWrW|S1ulBnZm9~=sNILM1DCbJeLQoV((q4fXKyA)C}r3?)ms~^UZP*f z^%0*9MBm(V-E0vr;zWx=w%Y`w+-5f5SUO8jWd=tH(j-#Q-5MSWR-n=jU5iSKw9f-d z`vy_N7CitJ+^Y$IexoF26>8H%P7+XqtO79Uw@l7*z8#)#_&j60~-5n@hkN= z*;Mu_zB}=g_SG}n(nDmk0sIwb$vzom^M!qItv)0LyApx!1%8?7uJ#Ot`QJFZf$>qg z@gCu!Yw>TKDz@g~TC<|vHPG|ne#5n^Bs=~m8sJ~U{XaASGd(@)zj*)-=KoHJas0y# z{7-~f7S>n<(Zt=hZeD``Pn#+#xPS97Yv;fK%nki3z1wG$x7)6MZ_kYuArWCqxe8OR zf~v96aJR8|=lH;nPPdlN=jY4K&iCDe-Ph6c{Z1hG&!vU#R3Db}>)p(NtuN>2-97lt zdD2$`G!-o0_mhLSZ{770UZF76Foj}LglNgazy&pJW7N~Z)tQme>fVek){d!H#Ofw$Za zl7a;cef+k>9rim6QIoqfj|ExT^v#cc#% zmNGyUl;mdse-d>cTT`4@cs|^df*9fQ--qI_<%b(@W{7N$5?#S)_n2rp7fbhu-!V~v z(f!F{6i};}FOi{UDJtCi5m-1Vx)i$IeXNw3bt4x&U!Tt-FSdN$Xf9(M9gS|>5BS<(|mSxf&Hf&2Y{`CH}kkQW>MFe+mokTLWQtVRay~ ze&FC1)L%a7z1Hh_v+%5_bLxXZ44}y~z10&Ke)~lQ*Q^)Isb{%Fwi+|zDn^Qn#RZ`L zjm`iv1S?)S126&^fYsr9MG#CPb>wx&^ECXIFM7O#F|Do-bnt6fI z(-&JTS*G=_9n}%pKTguWw#-ep%+(4=sb-;vS7j!QGk$2H&KB=s2Ht)vLlzLpPTb75(XVBBH{&3a9<4%cCR}T&V`HgbLYgxx$h0JQvJzLlqyaug z6x^`Cpa2cuEzD}u_MT90DnGD)6G~c9f2J(SvQCQw1^G3s6_Te$j$AD(+qy+~#9xso zl2oE3IIk~}fXCv7Xr`cSp0@kjPp?Gk*hTQLT1$mAPlSdFN+GuR(r-yZKvizD%Ymo7 zQarVxre9Jxb^+(LwoI=J)Jw4MQmYSDbKY8!9u>uQ^OV7S*Ca*7r~?ASZcbD_CV~Mx zTSz_rf`4gtp)Ip+lfjh%c@6-~*|vT+*@3NObDj1?MpDf^I7kX<2+hH~L-dqtWQwU) z8sAv=P}cPxH#pnN$RGK|wkfn(2Ky9S?>Uh~#a8&uUaM?3BCv(Jn{AKKj*v<9HVO;} zJh)Tk7@&GVv3{4 z%43vy`YdwK!MPNQecgIK2-3O`hZMn3kS`>;X~{7OCXXS?5a3Ma>E>GaCOd&@MDRR# z0qa*>@*5H&1eI_7npK5#37{usfme#4&tNl33w#n&bN-o`EWC-~!tNSxFXMf<;<{fY zQuhQ~K&usvyy9%w&d5;On0jtSykURC=m)~RVPw*L*PhQZ!=mQ=Pv$!F$;*co-7cj+-4KB9n<1fT#HgZDc>Y*Ot_I5 z&|vdQM&7??ND_>xyG$2BsOnWXgzThCz9W@)ZmesQ=ZGBDW`7 z)MXD&rh^y~|E~)JvrPZ~!4P*km*XR}e*vx83!(#nZe`zgvH7+=uwWlx(>ULSyfaFh zeL~f&r~O97tSUxRJP?kW9e+&Z2iQgJGW73!8&pG}Qg- zge)rXF?>;6)_yUda<3V`t$8FMoNI2{u^q%~RuP*lYR{r>q`*O~5Ly&orH@*n=g7o!6ChQUEY@X?{_e~wb+i@4 z<5RfUVZ^pX{%QHiBr1iC%eec=^YQ^TB}SwtPn#+Zfr}=Cl3OMnD{YfH#S9cuYmE48 zdLGJ@zLEC2dwGu*2+|X6`U7FS!VB8e$2cTUb!C}Fk3TvKkhHFsPlmRMuFT97NIQ8J zVe%At7mE4#O^_}ky|^w#zy*X!h*mV)oNSBDC;(u9$QSu7XORXuD`?XA_RNzY_hdGMM<{Xyo2uC_poXz_cSdi1B{nRQ z6i2U5L=h!UDK9~bIO;Mj@Jg^>@qoX9D3VU0iQoiG87^IEWMS#s6{I^I#H`zM4s6Tw zcGan1k&it}CIMDFJWR?eh+~8aZu})*MzfD3mu4Pn-_pV0LcJo4=^5k?1=UA1MUIdR z5&Lc>vFzDQ(+*X>3sfeH;nXw?FjH7sbxPBI3GbsLV{uX_lt@^Fu=62jkzAm*)YKAEt;s!=y058<^2Yqt>P<6 zCH^b7*hD_YxqWWjd_v=- z%PD;mfsdraL%sKMcv(&k7dpQ$Q05ZU7uodC0wO)AqsMkspeD-kzy+wbB=+%cR_EAA z_c9-{^*b5Ll2Y$oAf(jWi4|lpHZv7V!KyY1XTJVkG0KnC#skLc05MmwuC0nYi}sQt z7JCtuqGmp=)R z8Ki74pnT+vV({(`jQ=}Y4x{$G!kkJP0S~&uMvQ=^$4T*`u{`{U7lyHff&LRp6UfRa zKAMqgO8Qs!Qv>)?YU6|#2PLGfO)0NlY>>3(*Fj{hzPV|fkSqx30MfOS+6;>iWx7i5 z#Bbv}b#L1-%+U1MWdwKUd>XNa<0yi8*!UA0#$Z&}Xmk_9Uq4NI_@eK%2l$CMQmN|z zOT=tdC;5m~m(Mlb78`RnZ*-)I3!du9=aV(9ic0LP=4#4A2R0&f^kdaVq3Qz_y@{q&3p0u@`>S2BKs!S|>VP}Y13I&kHVXvA zmRzA6R3;CU@ButF7VetNJ1i4y2*?~^dA1rXg>d^`Lb&v;2dRg7auxioVleWAKM~nn-m00c&U#Ea1AeTRcrU6 zEbyZvgV_0zx|qTfI+#O_`=sKEg=eM$4pv>KeM1SW&c5Vv%y!dzrIPtr0#})N%B7-( z!xK|Lx*R9L?UO$Py4pDQkYH~U~6aM}v98{A2+ zE~ztmet+8Lt#S--oE6{_iey2E9zU0fit zKO+(oBkR9Si%kDADE{;M-|7w~2B!bTh%}@r6-hLP@b{{8b`4+VsG*!6{E@t_qc(I1 z#?#CTog3E>57ZO=c4ucYYIJl|HEEG65J5>w{VnWs|H)YC$qv5br^}1o_v^W42Jh$F z+V$<}{eEX_m)C?9tSh5&)B9`W`sJ@_v6K2*r{bjc<9#M&;v({IjvE`yf&ONf&$@SO z%F)wNO9-)M zy?GT^f4D%%&_I2lOFyP-(_YF@^PG3FK5i#@wZ04A%z)bHLjpH0->1jdTQiny$wXE7 zbm^ji2w;#sBKDDk#}}J)0$gg*g$A4(7i4GxXT;kfZNksFfYS;IbB=ezh%(rzlHU@G zwpT|!?JA~dy9o|fKRnyF52WEU<~3xXYe+)W!e|0dIRUl398OB3hMH*~EQi|PWw@It ziPhy385PE3B!FYW$9EM31ztQXvI82!Z|-;x5qOP!>^X8`{N7K2h0$mQC9AV-eFZh1 zZ}og_AC*d%FRfkB_s6}9iN4Ubf7}Klu9ZB!#IKW}UI9GhEYQ*c+Sv^XCp553&6a^? ze9+d3pEQkoV}5c0NvC8$BtqvJh01?`IWVeMqs3Dhhhrk|$TM79s>@1>6l#mfGEZ-n z;rl_CR|we4Vyo-whbglt^2ig|(Q)FKgC2)znL|eYj1~pB2r?gaz8zc`{ zNj148^$f1b6(p%&svavu%>xCoxSu9V+bRS}kbp;)=IrdcCE*`%Yl5?uN;jfM!-Ilm zVh!%C=ocIU;1c`_0;j@21g2h7)Tgs>An0U8=QHGr2?&mMj4B8Y-okYR{-sk^Qji`v z>B>mNxWFaT#HjJta>JmrATKQLE-(*%rJoGwYb_MnqfhP8BYW_hnIU31at@q~xo?!l zAZCREL=4ha0s#4LbFoB~^8zyj%*qNHR@;hNmcSMt6_T6fauGV1K0XuTWQAMUgGeZo z+Ye{~C9>sWSs7y@*;(C@KG>PzLkzFyz$c$65`vYcczo=&Dy%FgtgNjcrE2OS6=73j z@|T=fV+gufJ05dzt`5?v!f(W@Td|oL*CPgVAQS?C=KT7eaUO+2xsJJQ@MiNE1YlGHrzH1 z`j`G)o9$joPe?WBhSmNt`m>@eq`4VS7nDinVR6Xo)$f5~86)Zb2RUG5Kunr(K?5j7Owt_r z9bh?}6*CYtGFOt@8oSvx?zcCh;4N{HrWSS@t)gfOD20d=1~g>XO$4sUrd%{ZMa3cs zvlI#9%j|%H&Ota&&{)wd-D~j84Gv48n=6If20_AuiZ?2>rg{Dzuy*(*_I+}GSIT0Ur)8Bd zNddrXPE*y01VXA>B}zLYnvOdxms&XZD9A~)iG2vbP$f>SP+*V9?&AfHQLuKWD%fJg zXn7Bk_b6W$aSHFbkrr{<6WxE;c{D1H0tPj}ri^^C8W^RXGQLSSgyEOmCnRHnt_G$l z5zZD@9v9IKy2dU4DF`&AL(ff#xIL9bMY%#xVJ;cvqlgJfoL`86F2kKKuTP#thLeQ2 zE@z=Sk}i{ezhgb)bvKkpDC`^hK`^}<(mjamVToHWL<{xNy?m117_J3!OH{GxLa`eD ztvu;`+S#&}we(Y!Ses|5pb-TxDsw(?%(%5#^;kzEGVMJp|MM|Dy9)QwMzFL?g`O&f z`hmpiOGqKQ|-(K4I48A7;k(Rb@yLR1_xaBJT~ZF6-QNvLKDJz^mMLSYyoBg4{`K z4Cq-+4|V|_i!J~&b=$!GQ0=@6tT0w}5`4>w zEE#kE0SQWp+IcXls|u#HRL!dpJ!}3s;$A>V7FAeJfh56Tc3euZ4p>N;#}m0mRO<@Q z)aX$j=a}fqn>He9nkHwjty%t@#d3uat3OV;y`jqpa=&_{(gAb4pWlXt2Xc97R76+C z1Qjm9K}(6_Kb-OBrGNPFQ^&fAR(Wpi2tdso^KBy1b~QNi=l^z}=WebQNVD#XLas#t znY%$oi^vR{aInUo#5~+t&5E(lsC<{LC%SuTv#$-8`kvYew@Tu{fsQfPS6)?u6oUSk zjSzh&x*K|aS=439w6%q9#tn}FA&WM0;?~6y|4c&O&6Iep(LIdMEh@0uNZC-v!2I}k zP$gyvP93Ohke$q@a&8MIZizEn9d@wRtX`mXQ;`8>45~ec*C`c8D9g9M07{KTYZuMA z@9{~Fk8+!mh@hNxJgBUlR4JyWw-j5oo#mRlbsxaz=@SjE`TCjDZABzrA}KLUZAC10 zYW%T?!5%`6klz~$xbqAH=6%DemXAnO-=%db z9S)S3xGfKVq^pqm!--=1>*^{&&exJEbl+S@?`RA8bM`UesTc3DFri#EA}hh#;0KnB zgPNA-%2cJe2(8A9P0zDz@oI9qm+iPkxvyEN^!(v>-U+240NztJqF)B1^>F)cGifl{ zwbgee5Gk}76Xzw-^B{@mP3$2Mm_ED2u=GHne=6qSFcewSFxxgZ zeEA=@8xa_dm6+DI0HJyJUysG1$$oH`!4jfcJE6{nJe9Bjrdfz*t9P4lN>^xvd5`E8 zni~vxzMP2pCfNRbg0dKhfFq;ZO<`@R)v$o*0N&^T5&DK>LD`(OUx+a91zXt>(gr830D5vi?B~Y7Lc4@w2hmL@MZ0Gu%7r~a)tdmzR z`@U>D_yF8IL9zY=TKzu|^dDHt$jbC@LZ6BGpE!;Gf>xRTH)wU~FIpx38?o_!gnbr| zlE$RSAnJ5h1GuPcm-?#%m8Pyd!k>JLW zftz0^XIuC8ZwoVc-|z0O-_Q4tH(7Rk1Kik?HjEZ8_Y2n_wk|!qTbo^<%f z+0!#}fjrV35>cV{FQ4`=*R-w=*Ka2;Vg$jQS4Rq`x8{SpK2f!Mbdf8fFHGTU-Wgjh zB2guH**~97o<8r_1QI%QRTz)@W)WOr9mtB|k!Uioubzoe+Drncman+1MJ8;b#h!|t zvY&!~*0HT<))mSZ9(L9WecwL!R$}pVcyVKIy1PEl+L1~Y-qst(*;4}}93@bmDQd`^ z6B|BeBR}9@7Ph~5LgbPLXG}A`xUE=GOpy{cUi4xOc&|nXJ~_q;KxMMFnizC`pCk+| z4a#h8YIu4py(}Ozr)NL-meH%YdxMs3ChS!td!e`*lB4qsh(2Frn-?bf&2-)#b5_0G_muVy{=Trr#jw0K$COmD^cu&C*9$+e-C zj}bR$*}arTCulK}&|QZFVA(s3JO*ZC<63Tflo3*E&NB6jBx6&Hw*QTVoh!vmx~@8q z-z%E$*JU8Qgl+HTi*fumBaO)^6=|z2yOMDMO(^0w6PpFbQm=rW&?X>jU)A3q*n*lM zmf6+_s_?^AA$%QxGD%h+as45H!8l2}q$kV$Ygq^jKNhJF=n2N!NT53q^@Q8mg+Lm< z#X}t8oh8-lI{Dzisf-YKhZQPebZ~$=#1_I|8(Y}Qp$}{el1yqr@*?@QR-nyj;+0x{ zPtYENPfcKF;|A#9RcQtAFY0+nB;;Wdj2KS~d9gG644>Q&pIt<;g%{vKHNPJKdoF&Q zYNFQ?+R-EjE>kHZh-A4MpoTqC>U0sqdteOZx(`AYg6G~EPFP?q3qm8%1?HsIHmsr% za;)pU>EGpfq4YL=PUFK+s_D}tKt6Rr`q`j%nq&(OT8?d_1=m-N3Vgkn#kNjWmL_nb zp{Xz9%w%Th9-n3lXhmAgqE4I7zNFW$7Q{NN5X&VjWelV(lAC?8I8PnF> zE}uatFtEmx5NKPO=b9S^WgOwW9i?zMR7|ipNa$wlSdYzhH0=baTDVFEx+JUd+#SqG z{48iv$L-lCwb(@i(NCb&BTfU%f{le4Xxl^Qi*niQBp&nCivOm8=1*V&0kYme9bki_u5U zN}DAyW8AJ$Cujq<$K#$#KU42GB6@C`ozfNduDJV-qilkxg{BZ2(G{!Tf4h4y*-F z>vu}bU9~pLF7Fc?0+H7iiQp?oCmQyNnq_pxJldVAq{U&HInTxVwO!DdlKaTvB};}x zhkhs}`H-COfqGk(*Jn?6$m{!lhnMqLF+CCL`*qdhD=#>#E&Zh}ekM$XDf0`M{3fn> zV*y&zB1(m+m~e~Q#_3JdvXH5APXX**xd9HMa}Ayef7I$`vK|F=$W4)k+`17kp$36l z1`?l=LoyEa{()Z(xTeYl;uuFhZj&NqK;7_qhIsPA0&Pp2FGXqC407?v#7|~12^z~( zt)V(?WI%qn2w@HOIk6M9cqzG)p$ylO7#R|1T(Rgd=_vBql3A)UB*H@56mxL5WE>VV zh^@FQ7*f|cmRJlXAO>^I&6@;jgc}k!vpVhn)=`>U zi4IzZhba-0hDoqGo053PC(@$1VImG!`QhH!qIduk6}X;QgURH_yUZoY>X>#dRRG&4 z!KxT+w3sD*6!aeGcP8^5>I?;qkpu*s80AxLF0U*@*R-{l)j8sXiT3tMvbBItXs)^5USHm&~@#wnEa_X;=aq-+Q=dC&7Z*RSw5*H71#OD3!>~<^e>XZMG81a zzlPqxDNq+g%nwZcBsPR)8iZvfcv<2EqX{Smwe!MP-j3bf6378kMZz2j+=n0e&2ok* zEjC;gWa)P0)M?^K@-3PB>$6JJpp~^-7C@1*UQrw6q$}dlOj#{Fh8Fd~sM+Oj&+#CX$MEX(**TK32%7IP9b3O^TFdBit!Y3*myHY?_`%6uvgrG zQSB%=SOr3{jd{(333tRTwhTL?9QES&S;+JEg{;5#;F+048 zZMeXVmfy^v<7&$z*X+K;fTHCLFpn^vc?zCS4C~enCQ-TL%O2EJnk?;cT`uC(m7tKK zPUP?jEH^}eg!mBXaiOR9C;W{@7%y|+S%ViHJ+Lk)F{?TwmICBY3qhB2qgF$}qm9M%DABos zi7l?d4B*;f#7j(r*KtjR?mHai=_ezg+#EOAt#aUPdYx24rG7_Jj7wknfG@^r`k6=h zaIw^ziO-!05v8IuWz(s@^=FdkK=6K>m`4)P!=tu0|2elc<5{)^ znd$vw6=Bznw1i`T+mZ590Z`_oGS!pZ*vzyHF?Y%J{m zeDKdRBopg@kD_B@{oh2<{r^3C8eLZK0jsjP!PtT@JVDrk3yIJ0r4WxV9q}k^5H^u| zmpC_g~-B5{_``84unVc{(tg0)nX?`sgM|KkPIz)tR_XWNcF^{pX;Y#5)Z?V>z03G zoB<|bbN~JmZNxrfxa<*JU?QG`1Ks3{GdrkEFlJ|up3T+-{kJb{Uqi11IOD;%>|qGw zt7b?R&7!|5-^3}>f8`d&KBkuGKke1OHsGKAVPg8XSBdHWN|*j00-p7s2=4z$qqL-@ z9*Hf6=#!&6x7!kIex$8T&%EgLQp@_<=cb1@$O|rY?~hQaV$#>M?JgpEs5~+`O2shy zTRTb2C{tI|h=uEZ;KxR13XkvW{d-C-2lizr$M)M%?^#any%e?pF*NoD_HWU{-oVrn z?}X;EtDvsS>+8eR*FiMv$Q^zC9y>Pf4z3Q*?SPY;*Ux*5J*jNVXN<&8S!%Oy1jf(Q zpl9G0)|ycbsV7Ur-s8>4jZJkd8=qCa5nq$!M1f6w#o8}Zt=a~n=!;k1UB~tk?m0By zD>M?)jnD(8>E}PX^or#LWfC0+`;V_!7>_xh*VjugC$@B8E}UDs>G$Y`+>+?QmTb@q z=Bb?n#8wOK0~cIpM`R@ljb62QmwnoG39XKi%_#vp8>s$R&lRvUi64Zbt{B&m32h0J z+Up25NgY+#9E8xvtrr@5w|CQ8b`K+Rw!EF*4|g=wIWH+QllG7m2w=3I7K2Xn*8_j{ z!m&EpX+&HEF~ob?>EzddBnj5NJ#-s5?+64QOBLQBdi{{_mS-kE0Cu4BvMWO z@jgZep-c`_Fy#=_8JSlsN$j~q&-4J#e8?W z2ch?aSDfDe=8&AsQWV!Q3Xif>ig}09FVXdNJgSDd4Vy#&8>F4@c$TtSQ;??-yEw7P zvLkBzQj#Z}s?<4=B&Vz~a!;D+y z&(ZuHAa-f-6OT9tQP2#S(xC1Qb_Wmh*U*~HR84jUft=bpxNQ$)AWx3L8Le8o*wsv( zfT1!hh!N(2A6Q}FzGyK(X@2p6D#a*)VK@KmDB!G-UR%sL&u=7C-Y_#3hR&g31uln~ zJP%I(fOqrrc}(4twnW$SbGLW$^ZjKIH!QMe{&cm-JLQm|bR0YnV=ZtJH#A0q_aBzB%%%4mP4V*8lkd_C%={jWiD9ncg zcGqwy%dsW$8?Jyj@10I>v#jla9}-ik_zzeI^swe3t@}lHXIgEXU1(?BSLC>7^shl# z`pjIvFz$q2mT`+h^2_Bx3b9L~-ZTwPgD@FOa8#2fqp1An!KuW;O?y%n5IU%GFaia4 zXNzG;Jn05@^SjwAu(Z38uumH*cl^BEo`0x4HqN*@su%e zTHfY12$=llLDcAk^yWzRZPYaOX>La#32UufT7clle^jHiPO7Acyh;F%DuXN};B*+?b zx4=MFO}@Enx zB~+`*5-tp9W5EjrHdV;-FLhL~7JD~yqu255d#Gj(EqDQKF{F{?#D%c7VV4S>at898 zH=z;6Xor;sZ-O95eAM6)PRj*_wTg@sZ*6U(K|_`Ji0gsozYWLv;XH=|k8F_j_w$k~ z$*TV;rz2*c6t?B#V}_m}T8(qV6`C^TV$H;q)`o%_KVMu4gh_DjXv_DfJ9PMlbF=e- z;2zCb!n6IdSZ$*q#>qDRq5}knpwZ5_;fx-0xq_B=50f_5-4^m|upJmVe9QsDgAs|% zRYu-}hmwjh5`GnTN%ekp!^X_idO|L)i~Q68IHXm(eF+$DgTSl^FzX>KN3PM+h0Z={ zjLd5_qRYf^_WJ7kUqDwq@|AP*<1ffTJ} zs~8U`hqqG!mbAyS%B&_aX<&LynSr2mK@m>+lr5$esiXCP9BR@y_I`koG^pyPMvKc& zCJ_=7wQQ&A6<0BD)vle6P$2fEQ=DSKpo|f4;#_~7T*7JFn5C1t{Kd?y!>wXUvm+z%S^+ZnotUzm+bm@zU|kivyuQXu*0k|y=z z&viwR*K%`oE{1dIK8KpHh_|~T6sP6k7TDYByp#wf1O#I9ibANB@HR<9VIpL6L($d9 zno@Q&@?##3cbQ=ebgr6@YLo{NFMY7OI*Vg>Z=}MXInFHTAbk!BVsW>QXi|Z}=D$Mq6uuy{I%^>BrM(GF?&kSMgfc z;+PLEp0wslA;D*5-B6&kqiCaECCb3$@q#2mXXJO%Tt*p{oa%x$)F~7j>8n$`?jWUu zZN&fvRshFna7kZ+o#-xmdyAh?gCZHz_W6WvAJsBJ#W;LegV7}87!){AtYM)*+tw46 zE?Wr`(aHUqOEOhdTc1(WWs_4)7!Kl&?O#+*CP>J=|2W z8~z4=S_LAz0dhw4P8T@|(!KJ+_Tu4yK>gN@6R#Rdj*E;@jrGiOx7e|1!fZvg7P4`)8XQ;mRy4PZe{9 zW^l*JQ*eF58YA~d?911uxoxAMTtc>aK@X$7KV{PiG&Id3jG^gLI=f-umTb8 zc&(fg;{ZClgGBn$B^f{a%8c48iYg6u%aIZF7otDCo(`m_f z;`pn@tr?x{{&B)tsqGeVlX+C#II4NLtaXm3zcuA_z&&$Bw)Zih?gd?WiQ%1-aoA55 z1%(*I`$iiu-s@zfr-7%_7vsK`-HYJq1j^gYHh;QIW8w2)*;=j%e{(0pN z6Foh{zh-gFjQ{%rI_8g~^Zs8`gL6&w_rD!Jm%8$kFzfkLi4tbet+a-HycO%!2od<; zlT{r9Ooj+>uTLsk3Sz11>O5T3eR|ksXsJjFxY>fDN~sWSPnYZI#jbZvci zgKckTQm;5g+k|Hdc5SkJmp;!nciR^kn>6-m>&0E0cv+Xh_pvU+kqEmN59=4>KQD^b zf79{tr1fZ3)J)*s-Q7;ZKYy#2-ByDCXma2=dCZ7E@mX(V?>iQk_v`ibZC_hc_684c=fms$;OxZN zUC3-+%z&O4R8t*%gWar;Z;a=g+02IV;nq;{OUG!MdRG4k>niqV$DwzH~=OM~8%Rsq1kwdY=?T-5_lVT6cHD=lH#H zfQB?jBaP#+RW1OC$BoiMp0xHU+m_hi+ZxRY$7%}j* z_O&$h-b&L87HCksa_}UTN!+cF2fXBbI(R@((EaV! zX`Iz9P{-VgtB%&!MCEAd!SVsDO%MK4^`%_mI1o0w#70?MrEN#-&;GmCww10ZOFKNT zkzosXbj*{7>TCiZ>?2>&*|L>BF9jtE-v)<0R5A>|j1MRv?*K;B?Reff`;WU_ViW}iB=BJTR8L_!~Lc?H+^qxQ% zEdvHx)$Tw%7*%QUW&+tgkXaKB$wt2#^!*E+6)9FK=gzl69(@~?pc+MPa^!Uj&l|jo z8Y6B}3Da0Obyun1ssla+67D1Ruzp)wHunlO&X?_Z_>F%dkpLb-=wEpBk{P9lPI98# zCb-{Ny??-W0l&$Tad|1|@X$4cR(1*k29bSdHqFKJSs`eV3o~Z9^-7I4My{ZFefawn z5KrkaIIFE{G ziMlv2D=9)3%DhLLdII3+mB6g<(nc6kA>Z9b{*ZnRXf6SP3_})yBPf{T+(KqZ%HLKq zz?PE7fSVzf`^Voj%b-M!v!rzptxD&jmc~3%d%H_kzw&9M{xJsbb5gKI1J*YL$^iFx zHP=T~<8JieY@9)^ae`siY%_GBtN83ttal{ly*!I17%RI3DdT2?;Qq(|C*_tu=GG8z zFDYo&r9N1qBxFK|<SqpcR)#u?YMNeWuUj&jTw{5=FVvrn{rMaKffpoQ}Nb`O!1MJ zBlBj3YYN)}k@jn-sPFQj_&Gih`!=juHnPC!fg!X8O(S=6m(F!Ft?GS7wk#3+VECWW z($s@5N2Vo-2GjDS^)JEVLZC~L<*O&Cmf}t2j@r%loPG|ud7crGz(FH{B1T(u)*y4- zMC$eX`IXQILB+@i+nvDU6>VF|eUe;&*l3SIc53IT-H>z;cL452^AkSjY zeE^8F^rk76e`xlqrXYPyzN|GHI-o5!RKfrP-k~pKU2{{&hJoECp7hAk|GP!6m$VjU z`;W+BR%ncJXsZ$^HXP2x3=))vagi~^x}Kg_Q3 zI+}@Dx_p{+_c?L|8)D~M>?uDNyWPNda#9IOvC(Od%7{@uizY@yD1$9PlQ%u&HuJj^*s$wC8PJGC z+rGVApAI5`5&0kyxqnSTkm)JKQKQ=E(foV^w(xdAlZJLgQ6N30rliv6$uNq7cXt`>h7=;c0Jj^$nmmq;6sN25YFAD<)cn?x6A~6Tr7OhOjcD?ZbHGo*^6psm5^iv8 zS2@Go{-sELA(`0_+n{qAsr74(+IgjcNoM7NdH?roa*4A{`?YM*MnqD`a9O#M(e_)z zFZ1s|@P3`Ur>;mg$g=2lfXUXlT&w??>|9i5Azu~_p0%xZDa0;oJB=V3kwFVZCoA8d zDhC_qAY!Ei@xh&ANQIH=%uvDIk2ob=@Vq_oFTL?0aaG1&IlzMOXN5gWCxadyW>N;M zdWe)DQ*b9woU%^<3TG+1Y((btjQicsj_Mx7w^=(`mf_Qo|9mzOZ{mDN6q>Bt)$2S` zI|`m*af^6MT~@Pc+@XdM?3j8zGemZ`{<3K0{kTFXWYBwU!6?p(ZADNA<;f>npU zZ5@Kj!AT-32Cm=fwV+dG$&ykdYf-VFzEb(75 z={ag3P}G>}BSycu(O79vpiDro&xJNf2eY2?m!c3zFDsiP>uIM`D1%lm4`*dZ6VD?7 z|1{`NK&V6_oJ3DtE2xe(F48POiv$Z2L_>&~BoVtkOCHn?N7zwffY+lo;tWbuIcYs3QF9+OoGZ7j6h7k>ipkC>kNneCsv9rfo@+Uot2`bZ1yE*=I z0B5989%wvvg}17N+SHiR)a!Xk!Q6nA+-#Z*UF@8O1aUdzphcl>>DTzpxECX=*Aam}^jLCZW}FkKBcU$&xt_ zjQOUnZ<`X89SZqR{vI#E3YFT_O}V>k^gn8?<}I!~Ty)AiI$#@e&kfci>;LF@o2SsJ zp;$ug?u~z&?jfIVrjF1MuM|=?*$;nU5jJuyblD$gry`#8cKvFeG(x;AR64ql{#-;a z$<}MHlVUxZt?3$hAwk+-=u|GP>#n_^U253ej=YZDV%toAnsj+JEF91>FZ@O~_PPb>;hQ$tqpj0R&dC%nqSmUhoPLk>wKI?7siu>4MSF$ z_WWy(Ety;bv(1~y{6Guk@X}85S>_`-xni)hoaZIhc|m@&?$hv9V^eLwPxp?GkFB1% zPUB|NZ*uJd4jI>O{Zk3rq0;6}tT8 zffdN!IC+>2^k@`T_azyz(Fg6aqCecnHOtv`F!9#_sbBV<>s1KPi--@HwBb-qS`2IH z^n_d2E8p^Ly~KZ+xcr@seEia2VEOlvk<1+b`^ZRUj{nO)jdQ?1jlUC@xW5yZR5{eS z`GH_>%r<>|bUxV6KM-8dxnb`wHN(F`7bb{0%Lc#|<$g&lj3w%X{8@M+FWU;(Kpir> zX!~}*Kdam6e27nn@OGkfe_Z@J?3~ZEzS!l$_cHZzYX_5^$aKmkR^IyKn0u;P5CwM_AD3R zS8#P-DbQbLn`FDZUvK{W-u|^cIC}Xblk@ZBVv!2CWp8+W5-a%^%Ke9<0J}j^$El|L zunfMHudz(r*e|e`0ipU66f)d>5x=cG?y1`$eK9p87zn!{t5X87^lN!%Fd^+IXVR)2 zdMi=;*zrgZ9a2aJF_)Rh&RBt;+lvHP(JoMRSLxZ>A)+HQOUf3@xPYM+NX z6^MBa43YV~xSis8R1!aRpM4xv8iA!2Z3k`-O=Lf<1+|sEbh+D# z&d5ffxiBJQjpjYaH29?ZcJr$L^dA?iGOntzFE#r3K4~TkK#k%WlVjE4UZBVom~ddG z&1Mq>^qDxH=w|zm4YPcrk+rvwlKg4J{i1zY+z(hRlTgifkeo)j4Vd8hrVy6 z$`&IE1D8mi{a#SN^FM_qXIBqmA)0I^#zB)h;F--};P_l$bZ9gN)eW7bO5a)3V)qGX zb(OO*0G{w3uSVPS$|qKu^Q(C>D4E9!;wvBSd8=YHe5^BG=)v%*;cz<|HcrjnEPUwcN_`zaX~ z8!`?JF$nPulCT`dJ5Rl(Y}r?Zte>x35yWY{omw~G35{Q_b6#$kr;iq+MR|`-7o*8` zwk{D4@xzyOKd+hfx=4)@XXsRc_7l?7XD)tU!w@lV{A{nA!LIUzY`sJwzw?{?jv5jI zZLLg|6Q!34i83gVS#li86RnPjq~DYza*`A2S`4wZrwH!~3u;}jKbku}aKT8>k}-Ea zK2{`Nu1yMZQmCYoq(ELJlw}6du3t`Lw@%QF0JXQ?9>1vH)EtzQuv%YvfrJ+&7aOdO zdt@w49LB`He>G5okZBa8hkACvI|VsAQLm8%lohsGAg~{q&y;v8jsWoOik^^{IQL*S z$z&YLnU%|nOps2yF38nsN44^_M=zcu{!@(CpZ7FXz-415oB~3PzWcYpA3h7 z336kkf{nQP(RIpAmUs88Mg6cgEGo!-kagq825;6!8;%lK9(edQ? z{=I&?gbXB)0E2!>D1+nS;60UszEnEWFuX=+%3@k`W76359nE1U^`-J(R)ZAxy4Du=CAG!XwrRi4oWFLSz5xgfXp!| zJVw}vSj?iN{NBCadz2(1y$;OdbA*PakYVq&Nb$&42^x@4i_VPwHX)eUTPKq9bA zVnZLr8Ee$EUN8G~mB|(z;jwNG78K*oYmhy8b*aW6J9X@sD-){C10ft3q5RWM&YJ|Y z6z7QP+=JslV?X7yf#oe%?Y_ZyK7xj2an-$fieu`e*mK_c>h)cfWLwli;CI#1 z&pkXOY76f4d^4C&$DBrej7Bf)7lC6pS1Y}EQ!BuFU&B;oy~#q*n3U%3!^r$nb&v8I z_uMAH{S%rXF_)nPLWMY|EhU2|B`v7edNR;CWl20B3;N21@h@2tOY0p4e?ra*O!KcS z@!7itvu;aLE&NKY+pW*YP$wTzSr9kUF2Nr()q<58Pqu z&Ee(@_W*nC%|M8g>ol?0)8l*gxnkub^_7EFLTzW~Zat92di;u6`b)4e?H}1i;0L3s zJO!lXl;x!PT~kp~NN>Cuw;O124etq`S#IQB zb_y`AW8@jI||}ED2If zxLEHjxmH9YP1U$J?=9EgeK;yF*4J^=y{&7spCN7ldQws}m2h_i{r0Pp|G1!*3_mJ%ekb9J{Hf-24y#`*hLb8)lv0gnOLz!jWemrqQ4zPksvNiZC*GU!|JnV!wl3T%pP zdObl<_FRx1hwX?qXx%){)VQq|605}Jd2!^@$yF3){RS>M_U9{<)k|`evkS=O9jOd? z5)bdoA_**w>oYN-^NY}V&6)2aJFn4C8*a_KP>wD|{ zIx0QCFxH~u-A5T_{gFGo%d*mxm3~(gx_=I=&!n&3Lbw7kia3d7gq=_=bu~~3J;thoF$|oXuhHgf z?u;apD6eLwzxAjmQ*1O2DG&1#jz5h}0a8q9iC*<(o1Vu6CjNLK;#_5#&8E z&Tnou5O)J9V~S)@G4~?YJ=+Zrzn7C(jvMQ%=_u*z6xf@jb;Dx;L)OwtYP)iYs5QF@ zVFuTg)`nRsS2+_q7zSeT9Jr=!e(a&nQBSV(0yn)LC8Y`I>LAUeb-d7ot{;yEyXW!p z7YXL5j67cx6-$hCkiSO_9JlLm2A!aX2d0bZaY$7~Or5d;&WsVVLsj$ktEeUjV6?dj z|I8ta!7IKn)55({<{JfAG1{`aDuX&)ohmL~ zJ%N;LLpaTJ^{xEI1<{_kM-p9XvXaRrmdLbdr&~M0Yq@UqOfm7c;t^ZPeZ&v*KfB5Z zs|FvDk7cTa34erSsPE-}A9IuKLod zXrq&$8a7oi-qo6A!*S^fRQuyc$OVW(E>2=w1=Q=a~$yr<2Vpk4vM%a+)H~RXVi+%gHUl?yg(h5$$*0+hoRz z9K?y%^M#$RkZs{Jj@#WOO&r7(gjTuC7eAQM}Ul5xxjr8Xs8a%W}OM3F=DHuq+DhtK&$ z2>jnB9v`!bkBJ98$G>+ov;6Bg=zlM!Vqy8etb1G6(2USz1Dt^VgMBi{*(n(wGvG&I z5O;z0(buEC8D?vV_{LGeH=n}kNM=qpu8jh}+O2uqNinAE1G0zEhO<}ojwK%64$r4w zql!)6+|^#z!|qKz+gP>f%RHYOo{rNmc27{d(sxkTcWujGUPfA-kNkgGZmxG7>tq-& zy58C9+6JPTQWPMEoM*0yMZ9&aC7P0XhZ9FSKPq`A#QkX_>3Vs1eVRY^`C}pYU9uI+ z&?MozV9!o<1--mF4j-NzeD=dVh7esm<&^;baON+`$M%z%N6zL3a1!fcZ~PiE>N*=f zuQo~v4K%bHTEAC)QthsbIFC&vH^O8z}x zQBjyXsHqO@(WQ1>spQd&n-y5V5JV{F>x)8#0 za3fkuBT3iJFrqRRVVZZQP-FDd85Q({j3gop-GB$>0RCOoL#-T(3km5Ty3LzX2#s71 z2iv`h$SesoWSH@dAUqGd@f$zfY?!TrKi$V_Q#{An#T9~^mil}bfBq53n`r+yY)CgBVL5lYJ=*^wr zNYzbByCks%meX6qT#1oMJAQJhqQhLZjY_+?iS7yQ-}NNz2TR8CVKdY;!?}cwKO1ii zttdo&RXUIdm+`0hnVHKN!)Rw@T{?h7`I|h7tS4zlMlQ9EpfHFPrE%7GOKX*J{y9p6 zXVE>~q~AsY+N^lay`0sdtApvrJ>Fo|c8?Zmhn(k`uTRzE)X*^nwD(r#%V$+%Nyqsr zYT|`kM_OwoUvNbU;^>Ffq4LI7dElJKtK;q6^pHWe^zn$~kjv=IC7ZiJ{o*iai`03= zf-F{Z3%HRIAF6qg0Kt)+I_)_TJfKh%Go;#RVRQR%3*o4SPtAc++44{9$|m%TK2f?S zX8aZ<`6;D+AecYO#DvIcQVyiO?TlIi+s~jL(xqU2G8^Y#Nd0N^B~zWB=k)+RNz8Jv z){kiTd5nzgx%VC0m`Gue8Ay%B#TXlO*QrMVDNFyb$|e_tf+C*l(L^y=lYV6-f{RL2 zlWRqtqoLvZEA`>aGMG0h=Ds-dA-&5nGq10Vd&uNHpAmvnebiv9=JFW`uS+PryPxGJ zepRtLWAH8EXx^6C1%;FLwVDegs}O_Vu__U?JMHb9m?m~m%9b6bt6@l!9k;mF^LcsB z&$ZyPt)Uurac;eB*pa@Qf${@PPuQ>G#})2f9lx^=Kmqh31Kc|LvsZk;2o;*a>C)a(;ZM!2_g1qO4Riy!0eKZRZ?lovO?AWyscz) zn*!1s=R)J7tEsV~R}NZ*&AO4{y3AY{ce=-gExDPQOlZ}wo^wd@GY6KOYo}+2pikyS zs<<#9wjH-3{xqjb#WlLaJ9J-=qb7OxHd_DYk}#7uYuXRZ}R(15U|l7 zslIPeG3(ZD)JLP&Z*{k7AaOf3QlxMLkG-ia=CDox!%(2+VCz-h-XAv ziJg@)$%r10YxxyR%DJ!Rm z^nk#jDrCqT$)Gj%Z&6&6Imn&7l$Z~P@oFnhbyn@pZ0Vg(k40?o45{W6hSVWaDc1Mn zQg}+kQvKokUT$L%i$1ZW4qaeiU}NQ`43v*`I7P)b;-?#L3_r8yv&lX7IfGOq#je`q zDG5fa|G=akK(9Uj>X9mS<1IoZubAGc`~`fpoU**It>M_4On*3|zvVA~?M`;}HL_A) ztyTR(`y4dzQX3}$GHWfGM~lf`k1Y6xC*g|2ngSJI-Y(T zK8)*Ki_#Ygd8qe9IP;K5`YZ3xwXGgBRq=zRD#c=DJ%63bT<>mZ==mZ0P+*Hf{;Miw zO!WE2AAQ4XSi0!@!7~0ic<{qj^;_2sWqSN+w=Q}BMwba?OggfgG+o{K)z3yOj2n~6 zVwH$ak@C!~!R2p2&ZR*)|78&Hw`YGJ1Tb*0{Kp`G{e45|JNZ8b0qpN5LH@s%O^my|RpL5;BMwC>Z46w_}nF{5E zjuhKT8ax(@-`Zbpu3iTDzCArQ;TNw?-Zg#8PI$vg+Fs8zF_qbT^LZS_m+9)Ne9g2{ z=M(pyKYrrdu+iNJzVhZBxA4f8(e2Fi@i>`vc)VWyfl-*)lJ!S;`Tlrr>sto)t}Zcm z`txK3`kVFDChwfn%V{!SN2TtD4@dv-=~`<~CxWyK#Gg69=SPH!V;~>dN0986p&MeK z7{Sz^chfgA<%>&nsOIZWYIQEt2ao%@kw@9zyk1^b7cVzyle2v~->&Qx7EjNoGZKf# zFUe+S$VSX}3)DRE=pJ`HSTT5XUk0&xXEp`2P)HcXmk7loY;ALQX?&u*=l)o2XWE|Q zOI@8ZHHN+bzuYw8CvN=Iw=JL_23&9Y)C)$h{t1l}JKuWBy?|9m%0LWg^mX>p#Pp4* zk)bgqSs}sxMU!RAb^c>tVvSTrfjTmV zU_vodK^KUL<;^3%;5adjd18+SSezpN(0BfHVHMUz^MI&tKy*>iF~#vCL9{Tw`|E)f zzB-y5=MXl=As>up=%-~C%+I#3D0@&UW#*mFo^?X=PqN))v@VWcnaZyd0-_KC`JeSc z>lwT$YRBmz(mH2Ol*IV`qsToO@Q0uw%~Q1#^9bn05oTm##kU;M-}rk59j+Ms>EDdd z>@$&2av@&O=4}FGVQ<|s+^C5CL(uh39xj1Q7QnQi=hOBiADDakg*U@E{ah+HOb>jr z_I!Bz6%1$*q82gR6wIdZHwHtOGqwdMen$rv0ljq6?YB^*x@ zm#D^8$ExsZkOiexORIjP8{KNs`?v@m_Uc!1cWq?ZxS$-VC$N$5G^A4}$uAPv4)DuYEv zX>2MC=Pgal_%mrrsGgmR-OgS)gogzcLM<$yaVSC$`D7ET7qLr&balrNnE0w(zaH@O zVp8AOg10EW{dTvAMC3|D^l=r|D&UNGY&O~H#gm^%$6OVlUQ7D)>MWzRP@gd%XQB-# zfF1kdMWlT83W-6JBXUe|3r42(n2#vd`XdeTh0(}8$Y(|m`&jr9D+ly`^Dk4$I%c~| z3&l`U8$f3;A!!)SxRD(41fvZyf?7Wi$mh1P#;{jv_ojVuU8%KaT-mI)=T6ph37|%m z=)Lk5P)`^ig zf;7*hVu$cEl{ir`gKYTref@-)d&UWpQYw8t9AsziMk^zO4g`KkEIEtvr8RVd<({BN}5#uFlz`TNs zjcK#%uoh}}dEwo{V=f9p_HjL$tQY?6cy9>O`&rw(16o*;8*SSab=Aa?s`Wh|!SL%)5b+5cS5f z&kggC4{WiQ+5+4T1aBOzSRZo>$hYd|Ak!L{pCb3*yo^Q2TAuclOhP0C1{(`YyqA>7 zk9r1N%ZWsDm0|rVf9TtFgs{-7WA$x#)LA!Ja>4MRAfvZE*P5KD&f6WzhX%4ByTmKcu_>Y? z_9RiQbY%a8#9*lQO%52oYoI+fY}yA80UV~cb?@<1vBGL#FzdybuHon7Ab%rUvTtdl zt^3IUED1_1!%c5A4zV3IaR9uHiAvpu!zvpH7>S1nKb$k@4eCW4V4Y4hOVx$LXvj>; za~cn&0g#t|61{ltQohk^@OD$yZCK!5wfsUsCZLB|X0_0GDaB{} z<~6$uw7N|Q8m=m=bRejWpcHFV#GxvW6C#dgUp~Lhrd3H`Cq`}g<>6dM>`}RC1x^R7 zqH>E;8mYqkVv*`Fw<^UT+GA<33^-B0>@i9^fxJ!eXpqTGQ8Cn(TCnIzF7$U3rF1w5 z@fp8x$>A(ZGk=C1=4{;xDpu}CbQR|ag0Sy#7|}B%@X$*2lWdPj>*@AFOb#tHwLsN^ zS>_x7*e%YQ$4)jASVZTs0S{3*<;c&hKD#o|VkvA|rbFc;nGTvL&{x*X##mAW zHFVHBL}}6;fh3@ekjSDFgKe~$ST+xZ#YY8h=HXYem8KP%()T&wa78pZxqK$NzOM{f znS~TdJowRg`tqdT29pP#Q!{yU<9KS84~nH~fMKfS1P-hFJGChgr$8dD6Ce@hp-^!N ztST6YB{tjz(>>*x&WAupL4f#2+9>jR0>mJpb=EBs4pj}?+z*>mT{*RrDax17shGAj zQ(&?fgj%vprG}SV;MN2*uiAy2n|H<#AZx!c!VHFU%|H9rb5DOyVIF(lrC`9Sw7E35 zgV$x>m5+&(v@9t7k-RV_jE>MRQy|P$;a1kwB~tcqUWu%nOhECZ80;T0VZSmZp>N4F zyiu?bWI(*4cp#5O?0*PZFCjVTT7`hT7fas$Jk%KrXK2d}x23g@XQrN|p*~~deB;Ip z>{=jBn!2SBaxM5xsbRX2y`BF%EgFB@p7oQ{2FN6D{H;o)O(`MH{J-#%jb_1R9P<0Z zH-nus#nhLkO<^x(3USxzcItbb^(PP`qr>Y4>&GwXYS{v2 zS%sl14DUfZXS{Co-06t*btdIujeGJf`!x-cPzqz6&Ays28l4*~XYBmzTJ0QoMoH7Q zb4LjcK4KtAkL#;Vx`Jjsl~Uah6UG`Q5)vAGXJy}b=^MPc-3bu7KhO7+T#N=91ZQ9| zGYU40$(1LoGt_|^N&;QvC-O4>>927%N-HBgiQEY5>2Ns}Zt?dGutPf>LWWC(TyyyH z2R~D+i}mDZvrGKK8F9D>CR|JnNUc1l@{_zhv~}aSoroY7x%D=fIOf;xy7S7yS4W@| zrmueEe1kyjTe(c)TAuG~e?dl7fp;ypRjI`mw##=?|8fB}^2D`@5%zdsd-_?P*W2=U zr`jnk(&)WVdx*%>MhmM_u;&swo1tR;-~}a8Z#13>rD+!k`Ye0wB7BInj9oGoLQa1o z#H93!BoLgyiG|&Fkpc8^VtYm|F%aWk;mU~bmqPq`G(W*wrmDv%D`ISy1>apb`))wx(Sz5Vc>I<34_S-gdKTD#* zz?!xV8vd$u>0vtrvgSq!uhxycBQ(ygj=rHH{Uu~09gvdp)W+K`1E(bTn~(^NPkW=8 zVR_$=2i>*6c=7wr+~MJl)djNy+E?>&y5cwB{Nv=O|26^rm{op!g=S^=j|u31xpsi% zLqfc-52g?(SyUIvIJA2u>1Z1=-1q+b&tY_UEgYCf#qZt9Pr#_a<>Wu~1#RZ=5WiMROT z?d0390*sadYjTGbu9x%SLgzLu!Eaqq&|o!$es6A%H(v~2ZkeB8wFLCHN@J&=&naY1 z>r`uV=C1R~CkDHV@{Y{=#vEdMB_hD)if~k&{ciDbE2lB&@bc zd76rQ!ua1xP&E8V0$#YapfIqur2(rruPpR!=+FpPTh)|A(Lrlcm2Bx4-o8f%Jx^4y z(0yl^SLk2a(13nt0J8LKK&@$PN+N5gwE2W2ubO*LvmZh(&AAXXIg>9Q5Xk5eFyvLM-^M&491^{9C(s2H8Zm*2d!2l zL?cYC2rL0Kn&7L@%}5H+Pb#up+OM(_5DW9Lo0Kmp$blrWySG1Npn&K}14p&{v_!0I zczP1#82@C%Le;c5gDDCQt<^}GkQnVk7X`+bZU#w(j#pBpAWP^}cVR*;H~Ui%8hvIV zV?w^3amGv=O^|cwRnbrdR5r%YZ6qQnqaD&>fXO!ROCgUa1w~Q#T2<)lEMZ1rkckY? zsZ1C^!^MF~L<q1*qR#oces9w5Cy2qSX6c@2ZkWmY$XrdVekZ*KmMWXztLE zIEOn0-IXi>ut+}TpjOv6B@rdv3R38q(L6kk+0$7@R}Em`WlA(58g@YJ5jOe1|;h6q4T!s;n*w5`CD4n^VZ z{J+f(fZxAmH}5UqxwSBtH|a_srHf!BMAGS+s*Hm3=GhgnjI-N@z6Oyc*p{H>DK--E z*@7m~8k(ySMBjs`;_pq=dek0{dB%ontTtSmP zy9_w2G3Sg_>Y?qwuNgE3NZ~N1oU+5D#`XR4We7t4@iHG^W}lEch%>JJAYym8!_iL! z8rdDp_p!tH+p9QW!ILueI;W5Zv_#g$f^Bn-#ZGGts1HZl;h7BU(e73li8RC48PO-( zqt_B>gI@QY@&OwC8 z_E2Ap1l+fvWt2^0CRL#36`^SgUvF=h%Mu(yJf5tSB})g}y&KC4=SVkrH4_zV>Y651 z8km>M1*wZs0e+*I)nMlNFdXrJa&%`bM`Fl%fD@VH|J${}sLz8Gx@R^3fqn(%J<_gd zN{(iZ{lv0y58M;k&ns`@2C^GPp>>t+SFTFYl(idGWc;J`kyZuJ8C|UaX@GK@_bE~z zd3GpO$12~`?;Y13c-2`s0bsE{KpZ{o~07&;c5;emt!MR6b-S`2N)Pu5&;I zfG3xCrT?w&?7iPKfr{fnQ6BPN>sE$C8a5~0A|>s6PBDo)F zy)C+}8gGP-N+3JKCV4M^4>;m*6YE$0VkRgbtz9pOi&T8y#yGMMst@Tfl08r@?(*Lf z)COh;SAiSv4}D4ptG=mKTu?qnoiaQ9?nAczB&W@1uGn)262&-0)WvBr5(ntpdigD} zq?HKYF*Q~B4>I@#GKfR4{3@wP=uj3ievK6gjLywVEnE1rd%`%*Yp9A9&Cv;DKnI2C z0$3)2ER&Qd7@N%CwZ~&k6PcSCx{92^j8bVM8E=v5in|zO{1@O-<4?2Zgj;+TX z5kVRDHBr4(nS|7)L??`F z3^S@mzi41Z&OLdygD)3B-Q0nH{|0ELFC9bRPv{s8qhQE^gbrCrxd6G7S=HWNwMm5B z(UjJ3g{YMc5;R^Kl{>szvhaJJ(fH}lIr&rQ;aF5$rI?{LBI5S~kuR$`q)jY_7shCu ztWD&u9W;W2L;Xqt{+AZ4NMs&D2k1X}dxefLk2Nh)8jZ9Gm&Yili2?e{RwiK}PN-*k9Z*_^E2D`~xBSK%e8cINF_q_9F3AVkWNw7g_}!`r%P{3>+g27WDzm zk+qMr4Y}UYBXJ7mi5l6&A#pORI`sFL%UxWoy4|C185#SHw>cMv5QpjFc%c+ro@~ox z$UkwKt|uTVI8z>=t5*U$l16YMEfeJ{>s1-ae_?DIGDAzDQlAS0C{hFLKmy&F$T1>P z#jhp)4+}DPZ#4igmpOCNSgD#u4bWqW88zQJxxs_N$td%OO)!EaZM^kCXK( zWrnv1*Tm4zQwrwE2sM7xylnW!`tK$Hsw!7OQ>tUUA{cH3W-M}AkjDB>qtOc4$KBIP zVdxm4fT5q_l|(>6(IYd`Dp)%RS)NJ@<)ZMeK{su=+UIsmX^`?Xp__`3=Ld=pDue@jBduxKW}%9qlQ`6Wmf6{2CU?EFmZA~+wZ`tNqOSUQgi#+J>l0=qQb{!D zQvqK8AIhvPL5cgHh!M^N*yn!$OE*4SzC04(tvI(i%0K^UzL!;kfAIl4u2MtzUmjO< zqBKSm?j2aFf`sf$R4Xh}-mNwK`Kd|ZBasKNaonYcW)y`n@JhRoz1t&Re-VN(R8 zQiGl$V2q~ruP13Rr1t_qY&P#7hGq2*D|*%1lG*TOQ~;cX%h9FA^#0*$!kK^zeBNCR z-wCMlqZDwh#d|5KzfSbwo+IzRgT%-%|E@Y(qjy-#pAo;K{a>bdN7BE&7!cLVlt;rg z8e~e82LModF`Fs_2ns;Wmq>c$;=jqh^o$&3DicLDRk2%4{W6)q$zazB{_+o*d?V=? z{ZuMbr1iB4ISfNeIV)3A-jfD^WE{ZTPyc%RyHzgq%l@0P`pp5&qA*pI3vSFRm#Z+$ zTvF2#&_}Mw+N)F&k;Drgpkuwe86C>pJi#2m^Bf%1>V!*_0pU6cm9+`70eU=<8=_*A z=smC22iOY8uLhv0O@#7yYkd?oJ=+A&Rmp9M4;W0N0jMcLh2dRIfC3n`V$i9Ys85h6 zl?DmG|7f6g@YNd80xgYdnFCPm=ATA0wA@GGC@_E{12g(W=Ubrt4N11#N|k`f3kXT~ z+rFT533Trs8P6l4<}K;|SBM|%s_)>5d~ch{MLuA`CgaL@tW5cDNYb4x{|}eL_=JIo z3Fs3P1Ji^RK9C9MdqM+dbJo_Iu6Qy*>GY{{l;1xj9H`LGOgIa2*2 z>KVxw2SOozUYvjp5p%4LV8lgfuR{2jr{fYRVf(S4Z7OyIlMj}07Zz}*$ z%DrpQWSako-U;tS05;!=fZiC;3Bah&Q|Jo@0tOfJWq~bd|A5|q#P5&XAfxH`T!6hl zLTYb{#ng;2rjG(-J>`4hAftO3I6$R=kbqbHOkClE3i2Uc9|jA5IWn2hdp|eH?5jd5 z6$-$6Mor&I#QKM%AAtHxJ-hl`bn>6_0Rof-pp)YGM}YF8K?O8s6XdKs^i-Y=^olMl z@E8KF^4k>R*QFA{GES|JzYhz3fvBn&V7Rat=n5zf`92It&8Y&Rr+8X||;KfQVI`XxYmJ==TEQ$3ObL4@Q&s&e&mb70?+= zNwGi%!H)+~|9gy3_{sT$mUsr}C;!b4@I)e~z>`7nMbk}!k3mNu!+cI*1pV`~wzQk+ zUyMmNr2U#WK>v{N4+!Afm2KQ55p37163WK#KZh!RW7e~b^hYT`(7Ffv{!!{Zt{-7a zyQSO40{jrrm{80;jeS7m`|JKQYRO`PdK)fxX4`0^IXnc&e|vfTecAQ=JV=Mn`}}M7 z@S9hMG(Mk?MC^4|*tTukwyjAfwmq?JClfmz+qP}n&Lk7#=J(!n?>Tp!cddI? z|55$yuGO`ws-OMzuB!e0d|7|otHFP#0ZQF}~bQsmS6O%9_4+7!Fydr3w;@3zIItt)E5 zBg2l5PI&*Pp|J@8jKxz%zH2Y^H+|0y-=-zGr7ZZ(uJwSjoKCvLx#-vA&TyxVN$h8yHIPkYpC*IOsH`~l0r@&VxwB$E=n|eC$^9Q!sgc=6sILkfc+5i^oMH{NcFvAw2B@X_xW2`c zT5+ezVMY=<(oo$Fj)b*`ubYSQI&c**V8-T_x^h}^6)<7OX|IP-OM;I^w*aVa1Jn(W z$DXp(J*;$qpUXtKk3;i6ET)ae3g@h>_z)-SI_I?bFKy^d*;KL{lCYizs0R)nY8!a> zSp{$W-0a%?-kAOj6gGY>=T^gqIY;s~SKM_1A8?E7@;bP&9DKMdD4*y#aAv7yHt!_n zZm%?zy{D>u+6)~cnv_@FvRQlt$njra#>&ZiWpO{*rT>Ag8kql~7;PHqQe1KK@Mpkb zx~>{-GaJknYXWVn4B}d$fDTW-Yzt!wH~aLlbL4Td&1-ChxT#mwH8MKQ+i*5OuDZ=e zL4h;OPnVr6>Rn3_xaRV=@7T#Z!cE*(jd5%23Qr2}!*sxt2YlaQ{0{BZitncRF1kS4 zp>NAU;f}3!*N(5kf`spyAqF#w4V|GCcc#+8k!s%EZqDWVGp>%!M((JsY;5wrlvYgO zRnR4`6Ta-LPDRXlcb0aa08}4AdJA37D?qc09ovn0J)0n9kG4TWth z?DrBlVu zy&WIzdVe^YL!Mm3@$z!%`)#iE^$i_NBOovkxczeICUC-y6-+--ypTi{JW@M(m~O_i zsStUL+g@7^idjN;gVd>@y++{BBz2>F+WKqYR9!WPTa=c1c#rnTd7Z#-I&BotAARBZON2k<-I8dN;}s&{u<=yR@u-40bX`^%a8 zrfRc&*ws&cAiK3Y^@c_-$*?`wyuj$q(3bYrIx$3xH<^Wa?f_!<(H5q3sRF(1bN`Z3 zUet9hEB{HYo@#w4e`fi)>Ozzv5LTzAf|(*4AP*GsutvWi4~ba#cE^Qy;3xt`zs2yv z>yGC$wli1MwSQx=u6O6g=2-L0o6)ZMzU4vDwNvTS+3@>55eMpcVb;c*u!29fdi zCf81o=tE>r(9tov-$5_}!W``<0!CKaJANe>;|s5rlinXU^Qp6mi62h{qiLJ?+qnYo zV%ssSf?N_E4HIsShTdvY%$`F#?z+WlK|DP4x6`u@ugQ#T z+?Kjx?=IMUEfMqhy6D_I1@S2j9XdJaJtc4OvPPb^ryoqSO#13xTU&w_o?*8U5DvWT z&BN;5{?Jj$5I+5SBJ%AB`z1SP2$yo=leOp3{y}hJbX(f-3;#BDC2IJB59f*Ya~MaQ zRPfeqz30G{Am-zHg1-yjn;Sa*{+I>&Q@o9;EnOLcR+}f9Jav4IKIWHZeC0f0BVfmlB6tjwx1N%lJ9Y4@~erDFyDFr4Q^TH{S7Tw zSqp8v3S@h28y>tdok8Sh-#wC@-`=o9Bczk&wFlJuB@@o;Z>&u;O0E$DwgtZ4cXqyE zI6D;$ytMPJ=A3*h=n)G(3j)NO0@Paq_|%Yw)MHnUad}l#SAq&&>5Ph-Js1$!J>fw< zAR|5uVf?VYDcpxFbCJU7#zUPpzfawAf0c~T9N}#0&Co89E=2_?;RT-$-%lBTAg$}} zOb~uI_V=X6r^n~D?keT?;{of_Wa5>bbz5=eg6By|qC{}+_=@7sv8f$g=Np97flt@M z?&d29f6~{qjW6KN7Br7yJj<$OK@7HSw}Et2>*C_O59eBM?j zK0byJYZfe34ldk1zdT>-&lkKszm5P=^W#5fUJGnqUB<%%0ih4p{^rKdnTvScQ+pfo zF)KYiUq_}MelK^_G6D)!_m4|%V}GrdWN`n67g-{HN%{tP^r+43$u0BQtYagoSi1a%-O=eO<$xHDMy+>f3hb;qFf$ui=ls> zBn6bB63e2(@sd+)M*p0Yj+UE$Ogdi$$YY3N1qtwQu|~nvDh&PKzVoXfc8bv|vVpF( zR?dq3O$A+kI>K;O%bA2?Gw_Vmpr)zE^>MJ@<4sptLMg$$+a%U$gIBe8!Gx$~5plzR zsPKi%(7hEj5yh-v9hB>4&7tc+SnirFoHE^)e z#QCRqgmj2PYv8*?l9t&B<;+q{`QjYFwc)OkP&-Lf477_PwxF6(zHYkYxdZj;g&LNV0bFQWwP2!>k;ZhEn#v|es~nu z@}8g=+65+o3!LCn!;VID+4_gEu6l(OdK7Z2al5ImA`>2cnoU_u;VpxEr!|;QX>fYJ03yl5x(oz-Pn&k9)ktMG+j^-Uqhsl5KI;4Ju3#n z79WX%&jNcLT)a88X&G!IW~rPN-(PeKIg&h>1DmSF3hINY_N@{n#QqASV%Z>?OppkL zL>TC?x*Bila0@2lncPgquB8l;0O^ZlEZx0Yq-@R9jor6at>NFNCu5s1DyCr<>fH8M zqe~{;K;C44r20b*2g&XI7MqrZBNT*uYPaWMbxbMt&0qnY9AhZ!LT>Azk`I0C(uYXB zl`C*APiMf7^2nlG6-`5PHRH@m$_n1Xkl_c1LlvA5fFz0qH!~ZisTYPJg3d*!PO@1m zXM-E>#`6&XG~bEO1@&t|7%R&zE2%n2iNnuk2IF+}RF)TBZW>;?%0!_gv>#oJ1hW=W z$CG*l9kI?__IC=McT-LP3kMkhfr3t^YZkN{k-@Dnh^R(%AR`81w*pszBjPtJe<)qF zQMa4nJ>(r5r0MVo{Faa>E~epC!eh}Odn;EWH*0f_nV8Qn7to?k3FGs~gcJ<+H{bon z0{uZAEe42r0A2GIY--g}G~bWUFf7jemYC~(hltXA_J%gOR%JCV@vn=d295DyUwO)K_AaKbzj!^=xeedtxO zN_FwG8)6c{Hex@RZ$YK<-Lg5E!wG;-I-qI-9Q^GC%ZA@hzqMT8SZ<_rOtq#V(DEE* zeussC7F?1&IL&&E1E4V+z*S>h=$!1hjCp5o#64Y1hFh68`^+?UAPT6+!te4+*xB#G zhIDoB248&LvPcA=VIU}rHO_5>cD0T+_=4#J+$|v4_|fqC%&>42>1wPE#FehAc8FVd z#mzuiz=oRALdBVV5Jk56Hb>O?ehmH3+HlAqXVh|Ja@@ z2G{XjgMn(lY?k1DVE3UM>jhr*GKF_Z)0}Y>n^yr+JpVKfXCS&37$>#0D@-ou zaw^eP<(1H7S+b!6umkH2tai%|S|Jq$DdlCU!hw;Q<+Y@JPD`I{C5JMG^T$;ZjK10; zKLp7TY+SP2vA`*$2;qz^r)6jBfDa|rc@Af#j9}6qdzU2V^~7Bhh=pvF%#q%ffsKiZ zw!O~M%U@zx#RARo99&Uu>kR~L(k4kdC_JW{kGQBz13mTK*nqg_@jbVf@KS=^K=u-2 zZCyvix49v$lIedE+{s9L|@VhCf5SxRNF>_xLwkeYy)jvTycEu9~`h_6Zo;5#kA#23R#E z=e7bCYs|2hDsP_E+%MP*$4sav@$E||_aKiYtVe&Ga+orlQcg`Q37+6*^hdgYk6|cTtficT@ZZ$47af@Sw?corr(z8lksu`g_S}#bm)#0paJD%|XXQg67r{ zHFh9NJqy?_`{lrZx7^fevnNCm9#|Xd4s)t-fzv*AW7u*Usil=JEEl?U>@qrm8Ja>Q*uexO%#CV8G(73!{D0ZAoIx zNviw_?uWN$a$-ny?t!K1V9pfuvM`LsJPK|xI*Q?S4<8g`9mJ0H) zyg?N~ovuAmOBbUpKNQ|*CO%+T+@zhep8ENXTe9q#y^!UZ>4K*kRtJ-j-^lo!h~GJl zaR_dK4;k1+MELd0-a*w#h=YXCpgeUx?8c6foAJ)%P~h|7KSHGUgab> zFJhF+N?{4yEHIhDxkyhIk4xsZ>BJB0cVE+!1+C?H;w|G}X>Zj^pnN0Tir0Z`LqqMJ zPaA{f)FsGzouA7;?1#WplIAq8Ityae{}`@k@EjGGnx&MlX?n~n^1 zRBEMmT1;d^XqT$HxJi#tl;n1lSlu~*5!H0O9>Z&pDy*7x7SaVX_Uk);CxT@xUbaWb zdY)BfWiE1Q8&&46%55zZ@hCtaL=@*HH-))s$y<+~Jf17%$TFW@k=R?m6B3OiFP@mi zQnzSum-O;i+A?XNJE>;>DiHu=3Mijuv&u=>K#%tno?{DFoH?Oq=lw4{0y{i)m@B0gk~HhUTSKX9niPCHNHztg8DSg? z^E}$z?j`+MWRD-J7h{*TcwjQGJZNCZc*4d_QhbWfAN$M{_IomsB72Glt;z^OV<^;= z%LurW!1!-dqqv+H(=}U&xOYoItZTw2;=n+4(t6Hgz!+2Er`Xl>UpS;*989|UMB*GH z(~4B?-*uF?rt>B_3vp$dr~N$lubDKAZlOWZTkfqQ>_M}J8Z%qLEP(>3G`ShnwG7_?63psNeo!t=C}V`Gm*ec7>_`V(g1AyeE8bO!VxPsUhJz7B)8&8(|z zwkf5TD*cvIF=1YFz;hS1EFUb{F>rM5&4?_V;|fH{9E}*RjiWu=~B{4(q00WP4||kCL<{CLDBdW{<*Bv z#=GYjGmaC%&!wihCBq|pCCrcSgOIw~+UwuMI{y*B{Ob%Z3)6oRkeHd7|GRkhw~_mQ zkOq47U(-On9;WFmV9udAE)5-n5Tg*IMyxLf0>gm6d}Q;#IpZ>>W^OZMzXLML7ime* zB1ZtD8jP>Exd6r!`<<_sjT*l<-_~~*pVuehA-~U4{Y}GP$G2BEVLk7Aw{Hvl&GdiO z!tB4?+dKJRZdnM;*t_JyT57@=5q-D_wte4@)II*rerI&@^IvFQ-F->to~6s?oG6GgeSJLwToBqry7K7SMX_XLc`%2-+4>{Es%d$_)Vz9oa@2SV z48?i9j`k!~%Ate-OTR#i9p(GIw+aE?p$iw!*7jFd1qFT^asCY#g^PA^)+6O-u{=8Y z!!HoJyg4>VokbgkjZPhdNND+scjyixl_|luX8bo9^{1)XPi{v;^*s?vUlvu=M(FN6 z(pabri!PL^bXlyjYf2Nu%z4our@k+gE+>OzldUw5l>K%U(F`$USSo6Y5zjV0YVn4< zUwWG_jlCN^7?S?wzqxZnunZ#0u?lU`4Dv@zO3=>5-y3NnX1FZC_3~s*Ty>5AY8fxR zqu{V?(#w!I)y!`yWb-i)Mg-AwNQ+K_TDIF)+J;((aZ6Y0Z4m4=`dijYf5^{2QYDnO zX%tFH;V{q$QBcaB5%jFjb3!LbQh2FJNZ{vAtSr9b(2H9f$HwVmXHs%HwU^>lzA%a7 z@C!Gn)(Bx=8}%Y6nBvQIoRl4qPC3VYO^>3&sd!w_&r`3?Ql6TQtI3hi+dF8|jE(Z6 zCT&d&m$=3QF^`|i;bWcvBDq zuH+AI3p@QJq$+XprTaZ7VU0tY8m;qqI)_7j=R8tTQ$Z2-r|u0X7lY16k)2aAc;VlU zEJS-li|U9`DO|WXiLA}Hr8FG_t!R7C)b%VO@sgBVsbHe3{)9t zuV&NfDW(?2%#>>ffuzr~jf$qKzm2S-w`H-*8#usux*~X@tmU_94B()t%W5y|`Fk!> zKlz5AO8N_7d68ho9w!(F+^bjCgjZ$LJQ7SsbPc3x{4puyzI-d0ilA*S zl}^bjl0dR@RqLFL2K-LU5Jw!@4~ba?+Fso}%yU;63B4?ZOFaRIfW4OQETKgNEB!=0 zZL4A=RiLfRdCifNUzJgT(B0}R)665bF9tSduDcHFZgYlmAcr!FDX*&I4%8rbGQ|bB zpIdw0l<`DyfL#(ZZrJ%yl!P5Ubde2vKKs2>setz}Ei^JIjnD)+c!4fX<;ZwK8WcsspfP{BfPEb7+^9XahZ^e|h9 zZLL@e%8y!*Mq78OU`OC^cJv+PUwb@9{3h;$e9X}(sak0NJ0yg=jtLP z{;JVIm(?RdOwz#-A5o=PKdBQw{vqSQephzD3N2bSiEtVQqYyF^i&B;YKEmg3?B%0fy*5;%0=vC;l_~B+B%u zHJs?Ue}+MfRkzLqHlTVFWH2~L4@O$DzSpnB(V@O}KwpQNgMaPvW{|Cm!XpszRb= zL8m;w1i^R>F%gehLCsMA9U%5KgGX2eCr{Q~h4lrigC3wNO$0_I)OWm5#44{emGcPk z#Qb4XAnsa}3P-*u6sM88E?)m;b6A!Jt&fqoe*~kalrRXOxDMniAQ|uZWfLCn%+7Ab zZX_D8Irqq<>s%ex&sY>3F>Ndj%(O-)6Z9Li8FvFjiBGAB{|{Qy6jSp|dSi_QLhE;b6OvhcJ=uKN zS|8OHOC)L=1(rVNk1h~f%T1R{5(Y~V)_8FutiDA!_eQKJ3Dyd8N1a7}v`Ed2L}x8E zFlG&+W6S4s*Ge+SYGuu!XQt?3)9)<^mllN}BNpi`5>DP~C>6;GPytt7k~Jg^Cx>F? zm{YMHt2WP})%l{`j^~$w>h_{LxIClw&7KNsjwAV~d?ptyAZ zNHy2 zRiBc%Yi}mkv7k}a`PbF-A8+VO6{i5vp zZhPJhsDaOCJNPo;Nc;Kvc>^Kr(uJdA9ecMkpUhpr#;bX@O)V&K+-}9 zh9|dcP@)Tw)47op2KCJ#?cj|d$-J8*=+_@2b`Ijvd@e-|(-d2R6$PigB$qwG>RMR^(nwwk|!a z)_fo}ZsK~1?aH6&SzsY)$RHE{-4`whuok4ie%G3p-xfk2hqWq(7;o>@Li~Qs^ePlw zKbLJejW4k>V;UOLpEZxOu1XrLEo-r*KPr=ESHVDrKv<45r{dD(spf^g##5d@!6x=Q zS1r{U8XG)oC?C5wvCY8MpM0z{pJrpK`KoW_HYjOpH(M4peYo}!10X5@ZbU*aaV$nm zZi8nD-#34F_2r&j^7yy@P2ktg3rI%#{lpK7zUu=%n2fqi z=({h=0&>jqcn~OtF{@u}2zrIcJsZ)~bSs4DAPZd+-N9o9M$l1}lyYS4i%kl@%YQ^? z8A%R>0iqb;AM%MrJd}4SR?Qc6I_c|?=&J)^ zx;$-K<@nEB)2Qc@-WYPFm-Wmz$bZvK_fMs4%5pH@*8EKCJT#OP-@Ww1%(lraUj~0V=x2pqgb`5B&)bCm20Ej*A=Fr*l?Nwlv}<@ z0lG{X*2G}4OjA>``L0{jbXfe8f(6#;k+sJ}V_tcM0&FYO0C5i~a%&5pAP%;wDW}~F z;>a-R7!QH7k3nrzl*nq=-%!bO4E|+Cb5qv6Ol+?mD*o?Xu%Xd4_)hfnEuuzU3#=?( zSGQMj{CsrO#*~R(rAc!PCO0-VSad>J?VBQObksy#JM6Mi(I^*EWrW)&h2ijzQBA`+ z5j$#rBiyB(>8&M6UB1+5qpXS9EcjZm9UiT~a4CD04J+Pj2g(R`gixRpyjR_| zm`tk#PpJzhW;2#8oeu{bzI#m?=jCV88sc=SFs)~j#*F@MMzH=0v&xNIcv=ouOrE%( zYTefMnC>?q(KwKF0VgaR*5&Qg(1fwd5nDBEbZVz5x3mUatYX-&oTM70Gj9GgRn~eO zbvl07qqEH?-#T68vB!L?Pql2jX@6P*7y$2Xfe_jpZ5FGk8Xfai5xcpFU*J(WyK~Uw6x!0#g7#TwubD zjVMc=!i*Kc%pG5=?raRL3Abfd1r4?uzihj>BwI$^g@}uzbw0fefI5fI{qw6Sl1k|v z9c2F51{5qIsrKv2pG|au>{G+V0SlCsyQdLGz>(wYyKbuYrnd3lA-fFgA({|1BZ-Bg zqn(PZ{w(6c8#W4n8X^lzwe%hHeUy-uv!(R{MA`6&V8p!sPEJo3Ur#sOzyjdq#EW$J z?$^%b_)?I=JXAr+#Yy26QDZvY21-5HPPlOJOBC^Y*!>)ZFvT2f5 zWgdA>ZBk;K#9$PwA=E5rzSLGYR(!?N^b+-Glk49s_|M7iC7tFVGnz71au6?z2E3wuqrfze~PB2>SAhTOD zN0nVrC@4w;oki1%u~KpElwE8ddw%Ufddhh(zKD z1*R$8i@PZUm&4xPT^7gs*})l~I$2TSZDe2W`@EwW-Hj~Ez$@);a_2m7;o_-~Dqo#V zpET6-^xh#0H)W{C^mszm5q#qhkR4o1uJ`;0uGd*&($k6%$BP#9yEs?{Ry8>=LTepW zYdQdgD=upA79NETL2h#EIm$0Z6p0KhFbX<}EDC}eV60LWZiB7pg28uZ_HCFMqo1hk z+sPb8KJ=`pfy(2COsg9769$8$mWP@#V%2Y;mFlzHz1kbPvMie2`>nfq$GX%+_(N?) zuj4B69O<0}IyJt><9A+l4C->M91w$K@Q!!83X`-{x76A0EsdSbp1{diDC2nW)#*W+gCfqP6B7V&6v|abJ0(Slf$+d*FRQMh zT*~A6hHIdIG{W(lcgGdNU`a~V`?zjYSf|@fKa>{I)ejsRm0d%+@pXBPSi61=T)RuW zVBG3*@>SjY`YMj+S8xi?H=r^rNp^LgO7QRx9I^9~Y~d1Gh@{2orF^)-de`NOB3mc5 z?p+%Y%s=2ifcsL#<$=debp63I%-rHJ+It~^MTAP{?!H(pIy)WcFo-E2ZKc)O0dFao z;;(PA>;?sHoUiE~fEz0b245L1SI1llDC%DdPYFJO8!bhE$G}xOL4>|joX!@#hsmRo zcZ0W^#$dvfYk8mTaQzs6Gtvl>s$mWsVV3bE$NYvY_A!{`^W6|3TqAVdeWPpyB^R}Y zPoS*pZRT_q^IP%#hiu(T6$!yNp0LP`+i zqjYKi5}LPz_P(<}w0r+$2brYlJeLWWTH|e=nfmG?%`*SDZunoG^&dCP%*xF6PmTXL z+`z{E-&Eh2nc4mUQT+e1?*Curc}1G(|Acuid`oV2|M}p%+Le{3$G(pmpH?Q9-)9N^ zLCd$(r%d;}p++h4MRBfxrNiZ*g+cD(^_w1=<`e-p4k9g>tPc9=aO}`r`aWR+xlaCu zrl3+wRB)$2z@|g8?sU+TWXx}^ak(d$GCyebgpFFtorb%wjV1bB65N|mD3|f zq2s`J<)$mQDkBVoDY(6BidfkhWPa2u(@BabJ&+31w(= z%s=rYHnlL@;|vFzdKI8KP9{`NqF7(`qhxhUsX5o8?U-+Ix`8dmYN`J1Z2fBj{`cza zfAT??nc12C&1C&cy!Zb%S=k!$)|*U7T{kteZMD;rrvn^V1MAic7*0^Sqr?wL86}Nj zLTN%@zLN7&kDgs?C0HgC8F2tkMPt!`^O<8aH}8*^_vb5h*Orgt7LaZmTi8Mx(er2B zEk7m3%zzaI`k5UueWek?%QXguQ|0o3q;_oOrSseOSs;)m9UGyrIsc;xe^^$^ z8<}pJ(wDMh0Dkh-%D~B#!|LV-YT{ENy9VYj^y&~~U}#T7_^M6W%_BDo|Lw4oTI%vO zNC12AQ=dLknf%^#KD*S_-U{8Rq)kTV#^-{b@W!vVCC_ASOdfGz-2PU)&u=-VXqyw}_O@PoJk)NW%%QtcT)%<9- zlvH`tAPctaYfx=sd=<~J8ruF?3pQduY6|!tt5Q~>Y-NIYU_Te-TzC`Ez|f9T6%?;+K`V2G^raLa;R;RLjc*;!VAIVqS(<7Rrr zr5n6WO(Y->4-+-!<(kbW`k(0HWKo5z+BX*{^vH%$S8I;i9EYSQ#UwhRVAYtBr0SPg zspAU#83Ua0xL(6wIc_w_o_jJrxqCOAPD4@ZN+`Uw$h6MuKzsc5GtMuO&6R99zK#C` z;(5Vs?fq%_yS~Zh1KQE;oN=UrLFwP#LH}3Mnv?avx;ys&j@bFWt^OyBo&V$R-e@0x zmNs;Fu0jxpUx8_l5--k*p7ycHTOtNz2>JEU{*X@E<$xOAzMG!bLOBN8S+fzq6ZrLU z0er5W-fFP>C=YqDi5a)J0gAFldD&Dkg_buJe3!&GZWGXQTYR&pN0|& zbr>uh+R8T1PYAtqf5S{L<2MgunsY8-ADhM#SF2sBxW?$F*a@MyQj3RZaTXH4EXqn( z7{v@`btk6HPd6b{%@FC`OC}TJw!5tpu6-2)09fXMY1zUM_ltfcY<2~%9q}!WFOWTR z?Z3ocz8UtWhPMCZ5%jO&|KHAz^S_um{)q+tG5@C?DKj(YKOXSkIXgxgj)E0BT}T8&geW8Gl6RCuSR(L} zNEQegjf@I}gl0WbR^4F)92$vN@m3Z~!rMug& z8~eKJB&Q?$ZKK8cNAuxpx|HZtxajZ$_yWcbkEs;5$f<5{t@xvg4;i5NaR58! zzRzE)j9Co^Ymv=?v{r^+P@B$!u2Ch5Z~OPB1i^LzZ~6GJB~@D9VNO|L9~`TQj9JYF z$MKp7)&3uXq{+_%`{J@`w&LWL!Ft{S1p1vO$NNEVJ$^WkhMh1Eq;P_-0Abalx8MWt zIkK_H@^pHQtz(DwO@f*kLa5`AKLZJY7KU_sYMWJL%IjT{KRjk4$IH+4*t@LX9;!Mn z|9BSepnpKZ;jy`o&KeF#M&q%2POj3AOR`JahdaN&ZAhtvTgj=lnqD zS7ZNt}v76g9v zi|{$qPzxmh)%JwL4{@#$;VcXqjp;h8nZt3xeIoejipx?6vWOTX95tKmF81ol2A+Lr zFV1cOrX7xPaQsm8pnK-EpjZHy1-^DWL->xRG7x$S&+J140fNF?dy#LmL8oNhn%iM; z?lP=dFHqWn1pA463Ns2{V5H%BxCU^1I1#b?17yH%xe?uidYzFMh;AMvTZsZ7=HSXG zQ^JV(L9IB56v&1$o+htUP6MnOy}E>AUbDW>P5GL$(3Q~U^NJ-iM1(ZrqI*8yoxC$- zSgPYtR|JMvIuEtl8zp(LexTrqEqrFLmzoWR=|i%U>xs)MrOW^-^ns{;2k}$13*EuF zhWAx^g)sqc-4xA_@s0Wn{Ah)X8%CAptPkfKrx!-ytD}53%WDI=f!w{$-2>ZJWOIu4 z3iQhnWIQfbD5m#M;Ce;(1nUZ&x-Bv6MB51z9P}go7*qR0`$zLS?Y-fhP<~;zszw-g zHv81$fxr1++nuf(XQr>>7Q!3R7m09a86$YC+ZW7ANc$5o$QNF$lrea zea$lIGSV`^qHaaaqLsorAw+A#ho^kWy(xq|<5SY-Y%#wf5RE!;Uqie;)LZ%64(y!> z!V%uvhF0_(C%i9oznHIxub3HBFu?>csbI8TMw!%j+)>7{fkUkK*d)JrLT*IOUh-C} z>R9VtjJ{G12c6xPxHs6Flejxef9H@|^;L>Xq#R5=%<1rqGYn|y8$I`e!lHu)G#Oht zTlp*LrjoC~pZ=nPLd1kieW!pvdxBjrTBS{f2ZCjwU%o#B8AnKgSXA%$HiI>R$X52k zZdGkA8TUnjiUs#>3?|J`OpLFE%g4}7*xsv&S*20eM6SuJ4n_Zf`)-#n``=iHbeWG2ri zXKA(|*v+F?>phI}0Oz-I8vIpXxWCv)&(Zh`*b@RzU-lryC-VbyjRB$^<&1-|KaAcU zBPK;Y)Dx3uf^~nzoB#_F*`tRg>+BuXJKku>T`R~}Z!xl@1TgxNgP&+i!OP)HDgLuN zX*=P}u6bdH61iSTx0oWRrVA=YBzXaBkNEMQ%y7^al72y0d(9|VW=gI(o~%Oxlpa#T z{EIneJ>gtO#@^Go1kARCckDeGK1ePDcI~)~dFweDLzFK`K3qq4lE^!NP;d>VHn0mbFxjB!tryTC7$O=Qru#chyit#2)xP_Ds2MB< zoC+lIXZB)>h109$gMlZ9_U~>?S4fXq;x3r$R#2bVYYE<4+p^4ABQ%id7q~bihy>&Q zJQuh62ye0BgsQZC%sl)7y$ASrz2NMLkhD39Pelv7az%RuKcGcjIFv_W7kZpfg#jI3 zSVgRUe2J7YWfM0~q!z60Co-H&UyAHFbT&#Ke4H4Be1IHChM5f32W9k)`J%q>58WMs zrY`I93L09^)U>~+dKpw_8b8tE&?R6=_TH8Bn0B8$`0dgb3|r1LqJF5N|6qv#nL&=0 zfs}w`57pU^q4(zFF_Cg>C(MSxUubt>YYxu0o-ICU48~ov+>@PQ+nxL&$h$C_W$BU= z@z(*r{6Y_h01Lha4Mjl<8KIe3QYt@(_jNBvOgp<9K}*qBGkYa1sLL7kT4I2is z0kA(%gWgJ#p!K;mVxMZST3QnDQa2DvtUx>x71GVkir}0j478C}LqAA4UrU`F#VF?; zYM6btYZtkn2v%JGg3DR}fOmZP;pL=r3wZx@d0rh$>IdayH#6k*ekb=zKj`9(Gu5Gw z{Y+{F8f%vFHb0=VSJxlvfsd&7N3M3kPQXc?i=*xL4?KSc3LJmjWH87O@fA*aSGj8ycbEe`oU%Z zWnl;T*`5t_oy{XzFaw!7iJ>FuZ&$}Vj$W~A}i>;?&1fe3TNU1X*fF&8o&frui_8kj$Cux4m&1M;scq} zbUMBl@q;CO#%Qu#G6WkZAp|3{Xfft@H6~pLpCRDH?vXzsMPw6l8Tf|{$Ns4dx>B?s z2>&bHCJNEcsO$eJ1FuqIqsew>FDknqXkY2Mbl{c#B5b98M2G z3kUO82m{|G zj9{P8B^iomxP}lpp>L%$SLQ2WaEx_TD~^G7`VU3XB{t8{@<^AjObuQ07)I?XjpgSv za`~WPRJ|QyZ=}vd=RD`Gh{3kOp&k^kx|^PP zhjR{Pj)+7lG2Ld!c=<+%UOSoOO5G?_dFjTYd5o&+%Ifm7rHcA~<48$Zv9yYL^row| z=Bd3N*OzeWfNgY51g>AvUKY*^@8!apYlO-W?0Ow9{dB!6{tueo$bQ`JrUHC^JrmX( zQK)#fXEoZE12FK$)V43Hz#Y&zA?f3;8T-(GD0Gz6vqOM` z`q>OhY0?cqq;NQ3?32v5ND+EA;j|{_OWcCvYZ3Cz%7%Ke}QUqKFe|JMFi6> z2lYF)lcjQG^)96v3tt~!A9IedY8Sv*CgVrG!MxTX)}{oMxJdj%`71!p@e|aMb0CKf z?X>YB=%@a}&ecYLF_I6ppOlgb`Jy*Mg&8lIZry?O`f+pRs$8Sy2*d|?p`?>lZf z-@QWXY+Sv zEjzF#Vq$laLG&p<_DNDz@=$kCE3Y_eE9U4r;f!{6Z)w1?=|$N-u4@uR6T~G|cUF%UoXSo8+JE7r^CrrIMU6v?9p4txI&QU~qH6bt zp>i+q&8^0Z+oP|$Vn(@le@|V-z-_)mL*rm1m($UCB@C4THgZ<+U!|&Wr&6*Bo{x`F zMy#dj1&jR{EM1W3lO8d)9*`EjA8rO>uipUYvBxxM3Hq>y$L-Sf2eiOaJ^Y%@WKr`B z@|Up3%ew_|BFw(EA(urD-#P}jrr06A$FacPdR|FZ_k_?p% zwI*)^YM7QoH7{e}2tWg^7uTYkDlDb9q=d}Vavr0u#OjR~d(%O?Ewlqmg+R+VR3L%P z@0q+eSPP~KxbYnUX0QewYv{dDMcPL63MAvQ+&B(ir{ktk>*f1$&2<=Tc};tDk$@BW z9>K5U7D698dzbN}D8Drx%i-`QpXXTVLlhd z5lOWb8}OP->pda|c>qz4NXt&8UEXJPFN^IE0@hRN^YNz*{lMNOV)byF!pfdtgFU32Bp{TM0kG z5pR=724-@0DnXuL-*1D+@}9;L(-}H;C#F7(H0r8Up98K7FijdjEkre1DZ8J%r*Ft& z?V?@6o#NEiyja0xh^ac^C~L{&{Bg5rPut1Hq@jvu83a^IJG8-4`& z{J7;Fo&Ugs;uO{SDJ5V7lnlu^vm-3hh>M~XTm~{)Ay~n6Bj!&6x*Hip$*`|w2>cKsLN&W(uVmG>5%+Orw}`K5`JKtlgK)sS zJ5M*PQyaeF5Vd!zKqyTJPf9>BqRhD&lku(e>{2Mox^U6{Lc5#ou!)cugb{ zl9FRgs7SrK^1lFBK&QWR`qkdVDE(}5s235hNgVW>YJ&bNau@=UsykwsGyVZ-H z8#iW3-_&(u=gz+QpTB(K$MwQN>&|Ce9;@w*Kbq8hRcu>XmDzSL&uojkWwy~+W}6qvY`uQAHA>8SRan>}>=HOG3<~&e5aBI|FGB_z zgHEC|NU(>Ya|`0w=_-=}-mGl+M@}|;o0ARajEtBMGXeiN|6xNHc>os4o@Ru>6afj| z(P_8TfllsO4r15#>g&S6p9aA@_QP#t9$5hISPEt~SiilrWOmWLEzLVni zbW;BUm5l_O2Q}fOqdMa1N4nv*efub+ZcTs1oub(XJo*6g!{}v~r;3Cf?kX#lS(SEY zRl!x}@*wVdjX3lBG)D)#Id^ z%tJ|#DM}AhlpYEZGv%nX2Osue&nQ2IqN}P`Rg3?OpDgxo_qX`de%`Oe3Etd3DWsxv$7A0Xv+9aiVM(loV*C>PY% zWh^147yZ0$F)2ic*w>3`$Cbe!SNIYgeKs18i0l{$VvKkhx{O?&yUIx(g)jKTho8H}k4g`-L#YNxPNDG8)i4FA+o zUWyz)MVt4Gmn`;f_qKQsdwDNMDqU`7#GY%l*|J(O%N;)%o-T%~!VDiiYxw*`-3(|k ztRbFhPbM0FZU~R^=$D`kG$*)h|A9;pZ{Wy*a%I*n&Z5&T+GIsiObQ?}ZWAp5Y*p-8 zbEgFCohAgd!R#F-$u2Q=Havd)r;U$|(UsPc`9qdI!^iL6HE{9Biq#!U$@+y0`rZ3( z$02Y4&>-NklNoykPcWWT2yc#=tIPw;LbbCxcoiA1Td#^B-n_k|A} zpZY#`eD3_t^LO9pd8hKz`R@Gugul*R=O6B0oWCXC)Poe7d${|MYV&Y1&^*XFGz6;ZTl#d? zXGotmuB5HJAYB*PKN5a&p7ZlP?R|VbgZ=Cy{r!St?NfYL2B+B<_@@O|h$~#@$T_bL ztZg-WJY(FA?!|7-9kg!Ix9ddL`9M%Hp@ZZ(gwux^w=lCnr*PLX#`igbyy`K`ZRt;# zUNL7Bj7S^bFr=92`EpT7Rf`#${rOa(#o|?TYxJYec0SH`SL%f(qp+kZhpBKEOa&RH znA2?vG90-Xz5r7-T``paKVuZQ*@<(E*+x>kfhw-k_3dE4f`Qvq$Gk{;&Ugh|p=k;B zFz4E)Bk;6sPE&-*M;rlpNilZK!P0LJe4Y9ZJ3sjVTkwUils&gi-`sJ6jMaKiynWTP zc%tWtR-BJHtl{F+XQ?0c@UDY%@O|t1&v_a|Lp^ZZZopnS=P_>L3!DXg?cU=1OYbXxQh8Q;qUg!uz4711 z-NiW{w;w;_tC&lv^2 zQpUZ$df#Z@RNpS&F`sDl<@*--PWt$K-`zgqdj*853y7N0lHsJM>)60V$H&1q!a63D zw)Q&RRT&zy*s3t@F(vQ1Jdzi5nRq%3dJ#`!XOsYG!*EdH%m;g@`Czve`V5D+s)Al# z#-elH%$m}W&rRvc7p7PG!t^SiPT$JM=*ibcuHIuREP+e+1#6F&;1c>2dPNBhb*?lBT4i#+?z6 zMe(8@;4Jp4`43Yaej$>v)#LShthe8^YDIPI7jHZ`x?k^-d&aGPWwNbBTRL~uJh!_n zuWx(lT{~*<%HsUQkegJ3iWa+V@=Xe&5T*M|{VM|LFR(SQ_BQA*RSED(%c*5t!>% z-IhLOOrWiNPrf%%T2fWZ*Om_Dhm=l~8WOXlxryc42JJ2FNAr&fTTPV(^Lklfm8T-& z^iJ)zs2k}PEVI;G?zU{Rq%FcW%Pz}z7S5tkvaw|1%&c+Na8Zi0FdDM3Xp_YfM;F>1{Nt5prE@=)2AVkQE)6$NWF)w^PDxQ3z?x*Nc9e--NFoOGEwn~ zq0+|{vIiCBqECguUWTQ}Kyf`Dj+e)G#f4g69p)8+Q~lw7*62z53^P>=wTElT_F7!a z%=UiFV2^nV$_ifvg-@8S5Lv`ZWLjNhfhm!3xY)CI7Xuqy%0!k$ zx&))@Iuf6MPSyHpV2}>V5M{aZn=;&yV-Kb}KzG0fHN_ZNQU|k!{U{;RaAeWtBx|R+ zoNiAv&WR=q5HY27IEky9abVuALxYzNsh)pgHm)4Fam~uS7VpC2w{LuIj4pc$4h22e z9$7S{V!_-wkH_M5ivEt16+b-*kKP?XG z#UsmxG+sUWvKv726sG@4N`wcI2mSc~Qm9iIuVP+HKWH@jFv6Ny!5nhya>A;JZos)! zFF*y@Y>#O;ZITAc0~<|?P0gk)CLWo>rtPK{(_zzblW3wEo>GH}BAo@`Y2bw7&y zW*baG$8Y26rlLj68Q+cs)J6*TN*OQsY;t7B zxeh88^^6yw(-3#haz}Ngs}h#W4jnkepF0YF@T83}t~wS!FrlNyHF7UX-=pO%@^-mJ zJ}jS<&&Vbu=gW)bW_eq->y(_9m3;6^u?a>ai`>l^iGs*0qA4aIejC4?Z{ZK~r+D!& ze}*TB5A(-ikLPplE8po3@r=uP<__^Jf5qqWSI|f?{6XV_!9v0ODCrVcmIZ%1Xv6?4 zWoCNOh2m~WQ-Z!O2lnyC*49@3@5hdvck%J_w2Tyu0j#uxEcWBcy9o=7Raw?pu~o%1 z%&{0?!P~);@PgfmEiRM92v5tH^Ni#&i6F+kN8f)V6FoYTte{KJ@_;c|)^L8XzoWlr zoMW7)(b4Gn75NqSkoigdNxvqUeabvCmzyVCuPrt=o1fP9$@`Ukn&#HlYkwo0rC_Rc zk#&ugvtnxWtSo1-mqr*CMf53j2Fb{3Rnf&U24U!h7MAO<6a*+|s)>9I*umJK5XA-s zCmuo}i2d|5JT&MkJZ8ew7$#Z6mxcCCOm&!g2C8xy6A(@ra3_~!Q>O>0ZPmM>eaYF3 zzGud-t+q^0o`!!cRtCOgL(c5YIx0D3OT`mcw>$5<7f+3nvB3Q6e)Hakuiui*tZ=kW)QP7ZKyHvWE>9Ill^YYnF}|7` z$Q?BEtgDa5SLKmxn$5`x7+HgY$*C$@OlB^;j1SA$&HO+&ixtQ$N+7c+f!rA-$i`Lt z^gI?idjT0fX$LMm-Im35X&J0evQ2==}9BC1@@ zw8GXdu#O1pFxEkj$nyd(*2sf-AtrWLCMh>?*DEKuzlo-&MI065rkGSK_Ll3-qsG$s}?-9}^U( zASen5JYE8Kg4J{bmXN}?VXGkvJhQtBB)S&~Gu~pxfyuuG98)!hNDSjGIRl$!#CrZm zMl2H;vNNpPyCgAvn)xr0!Lz#NzLHIuWEQxj=U5z@p_$5jKz5zYQ@cUvk>FSBM_}ts zSfF9jr8=pOW9w{6z&u>W`SLoB$X>IpibjAMKz`C}u_Bk|)yh&{UL7FpvpspWuz7z^ zm~D1PYS|DPlBg+(o51FVD-IwreRxl#7La&&kDG2j+oRWtnGM_1*k-qyxj4~4t#mXoNjoU(^aMigzUV8CAb_X)2)0}lO+iGGoiYqaWViQPs{M^^6dHB`OQje_> z4qiBfTT;tAW{~_FQ&&^j@m%UNd@DK%I(XDR1r*)$VjCV~#4%S#2v%?%Qb4D2bx7=O z>N6Tqt-6Nk)a~kH4*-9iO)^7)s#3b9;hFYKjFf6qCs<-&n(aS2=BkR?Ufj{6O?Sjc z`lekC7=9FlbO-Q*8F|qjqjaWizLN~shdZyHA z85;qLe#sy9WBBLyn*aZ1;<9BRT25sAM?%imH6fSH$TcO;Wn&q+JX}XzCVW9tZ_FCmIe5k1$XZWj((>@)W-csbS4@dAf8ubFbI z%S@qP2T(8xhfxT>nWZ_|rklME2MgSsZME50<6A?fveg`N3L%!orYD3#^k^t(fg>R% zP(p3wWkVy1#}m%iZD2a(Q#<wqI`V!?mJlF$XTk_>-4kP9Bg|>@-%fmmN2Y$63@V z{tz!XLuRu_&IL(i<_9w+Z9~i#MeYpYGe)3h*-?g_O!-S7OLdpr>1=COaetAk%=k9r zTEi_f0Tm{>5#z?rTVA|ps~Gm_L13*tB&_}#kmrWQ4vQ5?>RMjhKsKryt#4Tb*`#{O zK*tEzFkk<`c*hji6yKGB`KI~mbjNkB`M$=$N^*m^T)ok{L43fpRe#HSf_x}`sD5nq zcMf-{OtD%{^FX>x96Gbc z+;*2vz&b06J9KK0*>pgoNt`hMz3t2QEW2Xfdyl=p@}2|Fu3Gi%vp26AmL%_C9$)st z)V-^2WHuQ&4pZCBZr2e>QU*Xi?|Gu+pkS31|5H#u()JY`md zFf$NUIuDCCVR$a4EJe!*U&eImj2Tyh)O7LQgXBr%BXf)*7^MKiG~1U>4KE6lFe^a| zH=CBm8CK$$#v2HX`0PvcNPJ6oZyWBt$M+sSh#UMM;IvL`&A)H{nq7~tt{maCt4rI~ z&zrm1*&6xg#T9SQpEcu_Evc_Qd@YS{^**?v<(5^CIUgk}R!_fW-Ma9;H)rpeG4oUO?_)mjveh9mTVjgE4R8LVb!0KYdC zu-yizm2+dpfH1?3_QjU!45vCqI%rvVi!-clQr}XlP-KR1t>LcsO!X}Ctnu(3R+Hyp zpV3_MWGD4jg&^b)$Bs-W3kI@n zI(FolRO;Dj6+3(N9QgIqUwmH@g14qRD7&(_2JEAuwxZFM~3_>K0V_HjUx z9bQX`pOedla`hl69}Z|;cPK8q!|}Go>a;kV7ONQqoZ+AYF)Z6H#A2};E}R|IOI9Ag zM};5Q6GoU0&o)(Gq_5HM)_EO7oR_hK7bCCkCElEf^KJ>-58-NL#rJ`{?7hdb?|&0@ z`Im~ii^48h$I@omq?rvC5bCElNIen)m>h_i9E?j?{PPl_2a?VaaYeXH&8mq8=O(=3 zdhohiT6b=~YIE_kcae`eUK+jbp2JvLcIVmOb>L=w(;Y`1e`wF>dN=u>7gEcoq|W`} z&3pEoq8jTYLgYNiH3jW5!khu#&wPFjxtlyF@h|XLMxsDCS-={>Z!1jSDij!q(K?kb zS#r;o2%{jQaZ8ru&tx($IV*w@yI&Iwvo%v_Lv?q#fWv|z5W%M&#C7;Klqq3pN?cN_ zQ8$tWxTs~8ODjgAHV_!qV1ZSV^R4~f8-M>_%a-vsUA`*+#lde+rSG-`wex-W{YXW< zjeN9FCO=BtLct`;3l(1ZQNRo9$!J1|PrGVzHez_T4t$%_b#p+B2DB>f}(OJqyZtn&GAm~vNXRy}K)}5=%l>~3d_|R6XHRBi4y57(B*lWR+c;8SfYq^5% zwHyy#a@HTFbxnp-Gt^qGc}%Tl#A~&JAZ)v5J?03&6<4xYGH1hNYsWhB$S>Y_qcv5H zr#{8)zcB2n)MH?*-`6oeYZ3dX?*zK{#f%;MlA7dkPl= zUf3A**}S&Wgjx*VX1-;#g|k?kXbi^8Bs1&aU17@i1=N|K!skdLS;16Q1$%ptOH^Cy zR9Aoc+fI+F%OEaFGNXivG8>DL{vS`h^jSZ9R9V*t8C8A!Biu&xYWG#qS=@E*1^(I5 z8~v+8oBel$9&$hHKji<${YCg(*m0TrQTI+a*QeVIkrYuW7zHWljfBN;acHzOYAEdrHpw=u&zj;k()Ll^IKubMV)^_X6`*UJm`U%;j}?ry*7#{YTz zg%jkRr?TRq+i>Mxw9O*H*07njS*}5x&V@OSd%^a|X7*kk z=is$iq>u#waGcnxYCy(-Q)d!gI>smO`~Aqtht{qvx-1HMH8u7S{sCLQJ<)Ogc*CZx zFTaw?PlYde{!BwFCdE3D6|ku6G97`kjRW{rwxVs^H5MAr%VrRNXwBvnPcvqO--z)V6M8kglP4~n94f-+>?s-Zxr2Mggk9ArX|9`;B`6pBN3b4b>5fy({N z0!mmjvp!fRJrgdV4R+A#<#Mma<<8Yz+E7{^i>(lZDh8gCze``Fz_bOuvNDb zYa702e}#8x3x_#4zNc`htCK@rhKsni^t{NS;7^>*m>ccccT2LD%O;3=Xa8uX2sJe{ zU{=DL31Z}YCsdM*SyMF$h+issVdt;xW zTgI*3vGbNS&v1cm56s(s;^g*O_jfBjvhh$FVSM=R*YNl`>u#MoeZ#s7>5*GTKiz!G zb2}*K!iv8Qw5g2lG!mi^lBBy$*knQ+pNSEg9tQtYCB(1t^8edlVCp}DfeJOfJBypZ z_#Vj$^phh`cZLF!v?iYx<5DAlE<3nSFMLi~I>rbGcc%L6?3e{(up-3$4?wj;#eg79BRm_-ZFxxAI%12Q3d-4-1FI z!=`tvvej_c`Z-fc5rGyJ{SEYnO!OF%oe0SsF~0$Ra7^Qzn#L)z%yC2n zvk#0JWwagJhnjEJ3KZ)!QNGy#qb2Z?A&wE7MNVuZ{S8Z)yO|V>23QWYtvZs8&iQ>E z$qv7_UH@D^+x|teGqO+DG_arCu=>b`9^OPUYc$tdtsA5x8!Y;f%o;W(i(XeJ)nxlNRyKmQxzteuD+*9MGQup9HK0VPV^))HRsUHWIUr~8JrFHxs4{Jyz;k~8-WxIuE zkQpsDEJw_khkr!kWv~IMZ&Xe&FKgzd05qzMN3)P6NBmZ4sr+{|8c)Sj30DuBMR*P7 zvCoqAEm(C@-N>`Fl%HD4dNztp(_9%pqKQ?3i-;3V(O!0Y%`|S`=2ZLeUe*KLE&sZm z|7qvu`%?DQ`L>UD;&1Sq53@RPSknQcL)l-`KB zJXKa9U)Uy`6!_7wIwNrT!eXIWNDDkhG{=xh0n$4$f5KH+U9}D2!{`iHdjH#8x1X{z zrn;64XXbcH*@;q_1UWR)Irh$G%F!tP(%c}c#Y$w7B`h(~Ciz0svvMpsvYpAV zT-1e08ZZTtGztndOe-<@Xh9*EV)nwy3O<{YCN8I)%5}c=^~+Mf`Mf>#r(f;D{a^nC zm-c!ashFC+t4;PWSEiKA!sSo|jW!Z(^0tk0B)N z1gi0(0(`-U*i{R*_XO$M1eeGwEGw{ zAIeK-nXH8GwD)2jl&P@<9ILA>W7&;Na)U-1G9^A;{%GYO^WGH6u-01jJ~n$FmZfZB zZl47tr{7m=1FdC;#R6hdFL1(=4~r`&G8?)~SOanCh;lthQ9K%D2{dLqL>?oXj=X#0 z+wYAmo-iVP_Vo!1uj(Ed{ulh%ZCgj(|3s=>I5_%uDd_a-pZPLJ7=_U2JFNF24N1HD26>Ub53h^^UWr^^S{ORDHCwITP86 zdpHX=L-yz{|3Z~uu(S{dZUAR0NrmuIaeyMU3z>^ubtvLs+4lzj@$ z@KIZ3CAFNGLJJs$Wdbfi#av7&)5^6*?RM#Qd5d;fJEN&#ZHz{EqDmy|EXV*JL`xOw z>$4V4A($p%NpMP%0H$b|2u?x-86Nd@SV59JQ^GTe#6l>=wPPgQENzisA7jHzjN;m< z1m8`z5khE>Ei8-?NV(7`Y!MEFwiARlvT?842#o2YdYMMD=;Eb08(>JkuiabEOcz>` z0G10)Fb;1~#|>|Bj-5Pd53&M5{LdcQj_F2nf;RXzW2860X~l3_FIIho*as_^4x=IT z2(HA`EP)N_*YUeQ;?+I!3%cXYZ*;sa96bN0=EW;k@ZB=n?I5f+prfGKV}_T|w0~VD z*}n_%+u`_jp5^<`C7I8VN$($|WpZ$=8(1(cfG-VeyX_VVA*Esd5(P zhDAdbGgdU7@w`Y?v4Ve8uoA|+6Z(~6HCTn| zN}^I7wmh9Q?x4MJi4Zc0L{&l>5XsAUAB>B~`-}iGl}iR7YM559V%2ZKND#*&pLzd- zOh}HTpLL+B5lp3~I{mbMp)+7Nvlq5F zyHzN(fNvlxr4{lG$_BiFtmkewZIm|2kDv$Sdz2T@C*(j29~3VqX|^jDHLiHlO)At#VN}Q;s^mt6Q~IW0`8YANrYh0 zq{tk?LKzTnfn*ql+$<9rJdu3{n5aa6mLZ3UfeX}c{z#c1kzdHWm`G@asY(AMUERLaW!s9Av7DH`Rn^iuO|590vfy&ewoe-F_(lVa`QFH1{rIBVf zRgmJZj7=h3hHaHu^F1@Guab)q^1ti2RBrB5PT6T)l%4$&W%t9+m7SL zwbWJFB@#bZcU0TeUz}ma^j##Hss9TRmyV(ZMV!;qCGOGvnbsw{uie#Tr2hHJq4}h0 z!ad7hc!UKD)L2RW$U_r39*g4U< zOW_Q&0q%IXxV%cID-+nSZnM{3q!wvK=3ZJabG79`n_6ryb_{Vh*c%)TuDSNPj=8Rt z;&Ss!+l|f}UALJx**4oZJ8pMApzKf&=`Y(3I=@lAbpG4iq5tSi2Sd4df*ZtefVU2? zuCsDhU+3^M9}&q+g{MNk#%k4co81na=yN(8F}vb~9jj)wX)#p+2TpO&DH^IsZ-9b& zkdy^q4U%9Rso!S>SQySWGTu<@?S`F9wZCd7_BMRQek(3O0|N>@#Gqw_LH&=`xG`E< zBO08sx6BH#A@!|+@Tytf1OTt23Dht!Ff`k}`q|Synq6x5gFgk+Fpv6Mbf;G;*rFBC*wz#0C7QFsxq98xhvUcYwLax(w??{;0$Fplcv1>mh70B<#h9fm*P47f;R5xz!pU^`b> zh$40miJ=gi@dd!541z^Z$ihWJqKt98C{`HexG)J9HL^6(Y37CyI@2JVFFL_EopjdX zktNMVxF|0k27S#^D~d0k{ipzSK1XI9kR;_b8d&N~=Tg7BbN*BAt0M#WXdvhh`huLO z#r2pgo*$QDd^{TSn)4#aZFNN8WTzu+g1rJE7QsQ)6Twa!tU_`mf(kiUvDr>II}8Z~t>@TkBpt=HqP`-y7c*xpx1e z+g`sR(t86Y_uPEua#H^S?l`q%=>dGrpFhM)TW7cZvV3v#$g%52Z`^hy^+WTt8f>Fq z-2!}kD!h*@D1hEJ#`vw+sXLtkPaweaI`33HYJh*%v)}TDh4Xm40TRwLY@;2cJ%)dh zFiE~jpJ1EnnCzMAo#?+RaEIqXqWeM|XAh~eD;_psHlHIqE9BeU9FQ})IUwKUzR7ep z_f4jsj7X;VwmA>yS>x2>%=nX;Zv**)xwt_laFEOuA&k7FdMcT0a_A^h!PBw<2F;qx zM9wM#;t);88*#69@Sx{gQ~O^%mO8lOcR24)ALGEvukZPN>QCftyZ}G)dg`f9PNuf+ z`yHPA>(uwDW4HQY_aND8q78_U+Q5r*uVn++QrFT zWqP?jTbd&`>KnN&`dh*q;$i)au1Z1!*fL}EIckgkFYRCEe_3Q+6nSEF*Tcr=@-@y|HSHR zn|!dqKQDL+R9LlxXsYwK*PpJVb+_$QJms8*M7AuEezIu;n5mW{Ahj}Ez*xqe2!XI_ z<*l4#I+#8K{=yF#Ct^v?K8b>_5alAABf`atL=#6U|3D^v`h3T)9{ULY&x3=&)}Zk) zd?+=5OvYOe+;Ha|)JC}iwAeS`b<6pmshIBou$!QwU=|4 zI>G7{ge7(=scLp@RIvSFOjaC#`8KpKqPlN? z&Suvv&8%H&MgL{1H+n62dCSLV7XIPRLpMG>^W*Km{^r4_SFhT!^TriBCi%z4DrQWs zX}JT}efj{#n;&StFz<(BE1u^{{&4u!cYpK7Zz#UO)5Pn+YN0cudK+P0K%z+|Vja)b zVUY*lv5bC+jf$1Wq->pdCV-%~XJ>(D=Uj2H8~`_xYdCuJ!ZYAb;`CoqbNNlFzr(%# zhKB3ucTA9v@86GAfaJbm!hu_r&p(@*dkdQZQw|>JK_)3~H_QSF@f=MFi2^UTk)?aX z8Gd_73}aG86J!|g!`WJuujqV9I-?{TXZvTa9_z2UfZK&!fGrnLhC52sd%Reh1+Paj zl>8zysVq~OMT;3&frulO2QL&5%sY4f^e;Nv$6>T|zK)9SGh8f})tSgr~5L{UZdRTMqz&iu5WxidP-OnJ|IWH0w77g{eVsisNk`oo9yhbjVNsq=E-nO6BElty{2f{nVUc4zMS`ik9NR2ypLy74h{sbvy(HNV`v!m`0EsYH-! z&Alw6$#8Cf$&f~xudpZ&kO#S~rmfNr?irJ4CsvE4Tp&(CAQFhjazTQoq+Myfl76Cq zNc8`QP|aqGMW=Xbv^Rt0e~|1zX54d+5SH3-PeajUC2VMGRIDC^m$YCNj*vD`zp@nw z(Yjd2dK;PeQdnpNubvay$d0|Xz73g(95ApK=!|JtX!|>NPA5U%0vPlzKR;;UOPzdh z5HG6NSHKrI4>b58m@pq^Lv$J(D`p`&bNYwf7KQd^3#Q)RAE~vJMp)4lcng+_8rIy` z9eTUxW&ozs^sQR`rz^{HcX#lZsN8HO_KcYxM^zNFczq_9S(awWh=qs{@% z{Yu6lHZN=cpjyeO$TTZzO$EMMnsnRmgJwmhNqeKLX{ga!lf?;(gYKW*?|^1rrkMv# z7j6EqyEFBHyRZ(Ruo8n91Kd6QCPxmwc_9S|Tg$HjWHp~}rqZ=0{UtYzeJki$L!U`z zi_6IM;zsjEntnpPYB9k&$akiQa zJ8;-xIL0^{9lQg_QRe#^nZnH+;6KR%ez<*q4)F8?Ss4US`x9)E_C!4mkYtNd*~hIi zrbpjhrp42T&MSVs;k8>{JBqh^cdY8a^k(j#7kq7R&-;wp5tGt)3EzTOSk%Um^U54K7&~$yGDprUqYWcQ z!R{DF{Na-35>gV0123swhBzjsRbRKCduE*dYFUFH%88HgjDxSGo;tBFb@I-#U2_+ip=>(jzlR+EN^t&P0g zD$33{$w?p5DSe2Z4MUtVm~BmxVK)xD$G8dol2WsqbDLR6A}8#WaJE=BBYc#c@KHL2 zkHTjaW=8lZox(>+x~TB!5mRjp#Z*H?R6D798?m5?9??EOK-TU&aq*m|*QtJqqv zw)N3o>n&=MZ|!x?%!G&5-tYV4`-4o@-s|kW_G_)R_gQRT3|BWX{J7Ny}8XSaC63AjmN#I<_&VrjN9$Zxu{}zAg)hf{FM>b7j{wH#dnadJD|=*z2eWap@Fa{Hg~&8pHFEJn8>%b4lX>xj-^1{+m! zIfz^Eh}lw>Imb4O6o|8>Qd<>SATE*?+Zu&tgI{cwTFlGs&CW|)m)qC4c8FclcGr;M zN--uKHXN}Za{bltv9Z|fEGEU)B3rS&$W`vCA=R!y=_ctu;aFV_c#kBr%7+^=9k*I`hPw87adx{1Z$ER)Tya}lQ`N(G|5z{Ve5 z+eE=iEd^lOobp$5b+fVpIvW@5t<>W-n9R;XQ>n8F8U zlVbHIZCmsQZIrldg>^+vcgLdP~aoKE}rRLhv2xa9GvmHuv% z-6kJ*ijpikU9M8S2nMHU134F1Z62^RC8yn9YLYyVoamEJjR>QnODEZ#7Mm5T=dxNX zeE!BCBf0GSt!0zvLx+`awekZj1nW5cp5G+5nP}K_tqBZrw$^WKbJDQ$S|=aa*245t zPq*S;C@@Ls_a3Joxi`$0QfMylFz zc6IWA$hV0?Kpxn&m1x&WQ>PDzvKs2rEMdMeBDjz<)XTg#~`zH@R`EbdLy26QXyx}~-`X}!D*|V(sCY8rR@X|#MMb6shJ~hP(`CX8z- zO**VnBAne>8AC#z>I7$s0$Jb%Gt0u9wsCYmK8nFMC01g7DO{Pqex-K!tbAJd=K z>-3jMJj`4nQdt}pM?^s!XE*sRX89joRQOA3QQ;xJw3E0QPVmE>_?al6mvwdOnc@Jh z+HyWwvL&9O@Ha+8$x$cO!MrE~B%Xy5*G>JZrZZuz>!#ix13R5>)%K?YV&JFINe-K% z%E&R3!|JHg#@f!*%#=TkcN)QNm*!;F>Nw2Is?~GD-3zE!-B4?G)k-rxwK~72mb3Zs z0zi{yI%dc-raL2>@Bxi_m_ir;8$&hebx0E?O-98Nc(so%v?gC(KTDR?m!VvuHDTvUO%+OSe@Lex|9N zI_!S?R{OABmy651xwy=0$7No7a+%kT%e;24cH-Zp$~C)}8$tHOS%XMkk9WA3^ZYYS zXW?N-xWX&q3a{u@pR1^6Wai|ay|#OS^GqlB`C8|0tRg$9Q#&DOp|+TN)=8#wX5YK^ z-zMJ+|MHrD-??uh?+0IuKDd8Z{5z8&CM{k?%c!__^7;qw_-MKC=(Eorf98c#&v4u6 zHi*u^HPRLSQk_srnL}?VC8A4UOf)S&3Iq z-OjwUd}n3aZS?k+UYZPvm)?EmrMr1aMUx?V5KF4}r|a~kqQN1sQbJt@y`HkibV30? z^X^Z6G^)rCjNjOR!^j1Spm_`Ur&IFi!O7@LFVWj4Lw6gBu#93tgcraPw9);3t81M7 zRAMeV-<8hC&Y#1Gn_fki=HdwZl>ZVyN?5V6+)+zwO)KdNwnAEIY;$a+9jrszU|j9! zr9l>yt}tFjW71W|+vttbEygqS1D2I3719!^)L1KhS9+0(d@uMDj&oW-MTF=D!g(*1En?ZQD*JPA0Z(dt%$RZQCdFZoK>Z&i>E;tX2I~SKX-Y z!s@!ZtFDRxy6&j-a)&pZ+|ujIVl3P3s;TZybCDjIikB6nwdN7AEEW(fx+1d{*LXkT8WY_Bj9nF04=7M& z1v*-&%=L`4)#*I&TD)tej#8iGT#q1M23tXfZ5Oxt4$8tex9mw2KKsq@JNImeubI+S zM7T~~!p=(CRk9_Q2+vTHtHZ9`kgjl!BzrUh+Jy#>d!vwYFq3m*G-BpYF6Xd zwo?b9hTWbfhVN5ec)a$ubuv_W?n^tqjoikt8RBd0d=4j=A=nVTkJM6(+T3ufeqa); z$K7Jnv=+R*1fIQ|Vcsn9(X6N93>j=Nc0NK9aK^sYCJEK$u~Bjp#`f>*k<+v?y}wXC z*sd68J9}MJ(6`PzdNIGIyzLS^ls}eGIvWl|aZ%P^g(L;eB#0Nr&pIVwqSm4$V0xC% zw^D{FjTPV5^pva76FM9oOi=l+dL=G?y{Y$Tul4L>M3tOt4kU(ESBh;Fr8QZPkLz?R z^XO_{q>68Sw?6oAnz(>YrJG=Ws$)nx5Z=Q|RZviBZy%VgTC#Dn?WJR6)B>dX3nBn_%QgEq475wpW&xvCPpekj4 zsDS(ve#F<3Ns(->)#oq@old>Mk3qlD%+~`h5zzN$% zIQc|K>}S*+aTy&uG?e&(6NoB$!c=PC3?6&J6Y`gvXXevuGBpo0FIy;k?Xn!RxN7ce zX824D6AP7&%P1pWge4@@gFAZd-PDshMr#SF3Zv92#p_OIpH|wT!dW?b*DDVtU23}! z=eO&@EWaVGRfa34ty^C=X;FWS?}gW2m#`;q8V;>BHl?pU+K9%5(`R)Loj{Wa(1GH2htYDY7f~ioeMjaVU5~0r%Mxz zi^^neo6^omgi2Cw6#_nmW@@{O9#r8Q8b{8q!WOSiv5XH{W+cbZ(E&OnL%(f}ftt{T z766}L-*09OTs2Fq&q7$X06Q08pNW%hvYpajC;83`Jpp}7&sZTXqgr0YGaTDld~HY( zHdN5Jz;UH^;*jRvhwCMKU)WQcY-6?%jtDLM+(xx}UUt~z_=8I>9$RtR4I_qUtEJCN!vITX1$8$DE1 zfwy-{Gnp7z9+Tmttm1vVt zC;_zV8b=npu68bY2U;=YvjQ@fJAN&eMk$ugkDSS8FQ92qEl<~4h!;oT2GaCh+j%XG zgWPxR%{iXqD5WNTt4m4PLs~4(I1%4IR3Ka5q%KwrkoMx2IqK21fgoD6DS~>+1bVxG zNd=$njOckpIdYV9-?7ly-F*ks3;({YaKZ0`F%6~oNln<}MBk2N89@Q9j`TcJ^>9<3 zW@8H9A^%_rn(z32Uln)hm(L7kUbt<))Px!*G+U18j0Axq3ex0 zpvI>w7=I$^?1W42gFRthMc*L~ihV@L6X9>H&S=!fK-)AQTvfGg%HADubWGZjm{>Yr zD)>0@JUQ_`&RMSe@_H%LQPE;*0q8R{R{j#FapvTcP)qa{d)={#GA`{opIjvo)(Tw( zY%b{jHb=LHlq6kAFsgvd!+nVKcn;>bneBXk;23-x5EhHk!^_0Z>Mu`K?C~?HFM*-h~as2HWvX2Ys*%PYr6kq|U9N2W8$6xR5 zg=rm56yy#44dbRM6?p5sWiuui4~}CCaOlxpbQb2yDwAc;ETAn4Knh~&s-DF+%cPjt z3xMyvr3B)e1{hN~U>z)=T) znGNs{pcefJ;1B`zYv))9CrdEXL+-s#i1rjqU7FbOx7X^uAM2wxf&J`qopPTJPw&gN zl5dfB#Jj={f&1PTB@N5&4fg`8Vz1nTtrN==B3d%dkM7nouemI%9wc5KFD&%x^a*2^ z#vfD`Y6~oNkB3JNm6Hixr+XOBG;Wb?F)1RqxM}zH-5otG1ST~#O)XC|JHg_T#8!2i zKe#weF4l6JgGW=zE7M&b-@>0e%f^b^^3BcWD?vHFuQgo(q78T}BNac(k8h;H$wIA& z!5k^#01(2;OE35eSu;s(GvQMND3wlhZxXctnMXlXu}mG1B6Ku#Xp_4C2USu&)FtfSKto{N*iXrHiBu4wl0zGtqAg;;f869 ziFj}ld+%7_F5RAT!M4h{GaKgGsb=-(wd59?1 ziE0NN1t#}(R4?TmPPTqoG$6zBdy$Ii^ z`_zc=<@(@w%ZiLWyb04*Wtt(xBl>{2Z*!s!lFng$=A<M8&PFts1>{LV7LdmOB9PP11z3+Z7_M*QrZW1Ki}DoR z;ttI=@;nbp_FDah4L{)Uv3aW=B)gFdKSvbAw9^)|ojTiBues=lWmtavC`t_2dwz8qm&vzELjN*sp>|pTk?Ewjyh^7iHR+)$8m9;M&p_D46ay=*C_&W1bNQ&M|6|*v}wZ5YulB0dt{cc-H z+{55-Ej0JAo~AgV2F4+Tu&8xnMk??u;0nZ~`HKgJ>P&b&Q4YK#q%9(Mqd#^xl-x<% zrJ-}MUQXa#N=|B2KCcL4H5d^hnu4xf-6GQl-asL>FmWSr4Wmn&KHgF&_skoM!OatZ z4Pkm@%S&`$A9|M5JblOuz^NE+a9nVGXFc{vFc8tcn6|@^OBZrHs z!00(v4#!MNGlt2v?9bVBH0>ht^&goAD$T*D8=_oE`)s0SX1P@eUg z^F(4adf&IvK!!(qV|;Ci;GqIv_kA~XQ`XQzKtEvR*d`^d;T{LvL>0A{;f@dH7nHx| z4c;khQ>zqJ5LTC=Li>pN=4b|gI$E{1 zvBSqf?MEs%SG2ZD!rr+Ii`yuop8?j^8cI)XTs?^DW}BG0M-#9J1NrBCoO4=zQ{_<6 zM%n;VtAYge=xO&o!pig@LWTz2d*E&BgjxZxEKTX;T*Fm(aa|`6uxA9o0wD=(*{3GP zSlQqaQGP}QDdqh}@Y;hQbP@Up`jYcvUrh=R0g{7mivTH{gYD~$z7yp7D$sQUXqt_v zm^)32Jcx<>^KG{qhb`Zz9~1XdWv^Sd9DI2S71rf?4lCGvFq?o+*PIdIJEr1`0X}H4 z|Ia=`0V8^Q_BM%75Z;BF5X6vsK4cmAaR0WvHd<;fVn3y$$j1kuUrvELuRXG&#hny5 z5qb)FH96Ww?4(VF!fs^Z`80D;$T3&2L(Bm8a05AbNiX+E+K_?3X zuYjx?bn>`Rrcr0oSAFiA;ONR_ddla!U@fiIiC%g};j`Nyx&^$wkvRc6#H%Sw{VUTJE$_f3!6% z)-r-p0`ffqaIZgY_CVu(P%c*+){ume3+@l{Ib1;|TB5R%GP|QQzi3>FR)vV&yv2zo z#D0Ce~Z8plAR#dCSou z79tEGGKkI73&fsUtaxu}w#Zx6wt`RH{lxEK5-)o@u^<14p(fqYP#^1P&U7~A``C$n z{;!NrpReSFF`hv1=nsCos;oF+HVY{L6;N*CN$t5Sv&9z8bxy6YO0`CiwUs*YErY9~ z{aVOZXk3rEg~us`7b{=g&Zj#@)PXn;w_!yDAD@r6PGIbZpcH;~H#l8LUOaBwQNR^| z-vDP|OTfB#&QwIuwp3kmKOgA^X!4^rl#X%1FPZNKDvvUvk^t}RcS+i?TFVvgHE5LH z2NKAa2@))|6EHM?OWuba6nB*Ae$YNjEj$lmwD~1{EiJkj1+*peNL?Z$=B`x{B_srp zq&3C&?q*^xv;D}-^NW=Ag+NX|Nn29U4n{!h7tr*g{el-1?U1;BI}Zl z(fi2(_y80RfQC0tCh7n=lMe6%_fsJss0*$dgIAwaBq!PKVa;@#UdKP_J)KKn#xbQM$uG?39lQ3V{%5!l`euq&;%i1L+g+xxw%NnvRL5RG;B zOhaaj{6?wqJlozs0|qDw%vZv{tAH=p!2eBT;>dNqgO1&U+4k)8V8?c5!-p+_5Ph)?{{Dll`oyS7ru7x1aVNm-DoCA&W0qW@=mH*ft&( zb!Hogoihw}w0?zW;zn3SId?H&LlyW^Ws63QeG}Gc3^?+@SN*mTFw*Z8s|#8C*;h2P z1kvQc-sfQH%>BN_a{A4-7j?-_)D^4GHoXlj8yFB9oQWMaq@wie(y`~*P8F_SCKZQ$2z2|!@Wn{+k6@j4}cN2`k#}q;e~K8`8*z_U~RIt z+tgo)=?Gx7C+(f^o|;mT<%4c5M*q;J!COXrEE8pZ<$k&qsaxcue>L64+C(tlErETW zFznp+;P6NXd{KUg>p!cD^43l7{xZX=|R#hIwQ=5hxT ztMU)2ih8Ns-oW2Xs!j9asHNkVBV-oY9AY0pd1=?FoZXZ94;?E5BykAc9aw4Ax z$~=g!0xFd)&8^F+C0o zC=eZCiq(iEYSa}2lA1OwV_cYpz&JI_CVOx58L6F-XaC*A&{QKfY_pQOnGaxz-E5^I zGca_;ti}z0wuf*NBHQGoQ62mWXq3;OV}=EBz%l~<-KLHAP8g@1weuQad1vx$snYKd*3t)=v(yw+MQQK{htD5c^cMd`XWwTuQ{YdkN_O>Mrd++16^t`mKf zpm?`z5jT3Mc48k>$tOHTD!WRf?uI?d4I5ZO&JFd@NHfj}1Ufc2q`BUqFSgUN53(!o zfO*VnOKz&jH6F(ATwQU1DeSg3aw@p~2RI1FZBopPDklahx>SzvJrAT0JaU*rP?@#a z-RuWmrCA@YY52f5GxU`84SIQ>U{ULs% zXQgGP{|`nu7P`L~;S}9$jc9~ztQ`f791QHuY#nXv|2mb{vofL);QRBV;IlW=v;2A{ zq7k;#GjYIU{EB=j@blZaYEUsVGvZM(&@RFl@@L8K!8sX7G z((pML7+E{wvC%R?(){uA=Y)!$jt-JWK+jgx$jrpl@h?S48U;rqD`h;^FP%RQgv~6C z=<(?2{vxoG|DvM%n{Aba{_iXJ2Vor^6AKf~mxiO!SNSdV9E}8x3~UUI{*%B?Yi>L; zjTRYni%X{4z6H(K%W6neE?*KcpYkQo_yqtY9k~QhaEQQ0XM)R`!ig@=zq!NHxoi2N ziRWQG-778V0Qul<=KdV{qSwHj-yL?bQYKt#wK8Ql;lt)@69>c5wb@(l;MJN==u@Xy zFP)3^!{d|=%hhcxZsO&|5*UR=o!KPZ)>(Tm_wd~+Td4Q+gJI*i-`ll!&zey>CmKVJ z3#T<&)-JcVPANB4Tf1yQb0-b>1?VfbxThqNPChWh?2|0VEv3w2N2{L~6+7{_1=_D+XQ(R;kFj)1aJ}Qa5>7|GBfnrT5P#*XAU@(6=WLoy9xWcuTuu)P@tAAg_3q~4cE*Hx zpH<{_3gU`%E~Y+x^llx|G?;jP)_h0Z^f^n*^MUKk+dOsHZfy45JWpvj=qi7wFn){7 z^bTvz{MeuG9>nQ1_k3VY`oJPJyG<_K|1sSwF$tfJqlNpCX|qeKpZM_(2G~dz{@;5T z!{5#D-yMlY!AaloPp?w6cQX1bm0!=n=ud&rmTl zbToC)VEJOIrDtKmWBTITWME*xWBm%u%*=m$q zNIEuJJO(C4Jgt9>D1VP}U&G2@qo6z_jiQZ`wb`Gs;!oP2aYY{Te~vYbe^>H9$C@v} zKXlLkPyS3+I#$~M9DVj#t!yy|oop@vy!{BC07H@Q?7m5c-Nb+ho%qYgry_n^qNhwD zAVaU7!4TOI{Yd};0$`?4OFjZC0{KHoQi((A?D)s-?;6HbdpQ$Cc61@jl?fsPhdp*D zjyN+5CbJbg3ln6Qlll^>yRQwm{c)9%Tuyk}doS9(UN=@B8*Gv!2L_$0yO4*b*l0`p z%^_j{wwM6qxoBe)M^-oM@jSyCx|gPoaNpK@(g1FNc(2c8Otql z;4HK?pnkw-W#|cV-s-tQL~_`A%D6H<@1Y=8^jw?RS)zx+n#OJE>7up9%AF4{J&r^U zvqo;KqJJ&j#&z>yjNDcGIpPx`gftAl76-U=g`5`Ef3NzvX7hnHNRurcMG(0)ic{!- zfGKhH`AWAL;C_~+_dYVHXtl-gnclzFJo1_c?GIbtd7DW`sx>kD<}MRz`gwZjh88dq zp80HkaA=E?E1Sxe`YeBdx@Uq|r{{H$mCbsaWjb4Z3=KlB6MTv9jI+wJ#pVjy=@Wj= z_T&lc6SInPP^Ne=}P*H*Vt`7GaGXNMW)p zEiNurXjqh0lvLI#SC&-ACnY2zqozpJ3TB7SO|v&{GDx1T^PM<3vsFOe$+e;h=%3_o%PmtB&;R8s8y1)l^;EpEP1E@JV=gn6%dq>DGTzB4tc=kzIs(8AVyY#&1B7t;i0}m^zJ(*b#LX2`$WnP#Q+@QC@h9uav92nV?lKM90X}s;Zjf|)9y_61* zKWwc&xvEUiv`AP_Sd4`#e_~Q2ho@MbeNC*QS49C9$6Ii$TVtltHK8+pN>l2CMNInbfN`crMtFGG2EQJ_rm1t6Bob_e&| zenbIPZizO5y=-bU_&u-=cEOmZ3b~*wOmL%^IVya0mTDKY~s_w-;g0 zd+ZW|gXyg~)tfP7z%+#G*yLl&L%=B4hgu?*ziZgztE!dB=tdFmTc@}uUte)d;_9_=EQWO28Q zUo0q+X16IN-bMOOg)`hb{rkRoqQfMBk* zH?SnnJOqtkX;f&bbo5 zr84E7QO%gU=~&OMDs`qOZ5v?uxqhxvy|V?&H3rz97oe72f_S#0!J|tfIB8-H+NxS2 zK#U%$l~4cRyC3xWVlNx@8UHSrjZWkYNM-Coiq3PNVWdlsg0yVO>}yf8-e7vSs*bG` zSqgUcE%w8H1p2eT<0rs|ZdEt&ExrRsy#M~beDgQWs%;w$iwG1fNX6?947X(D7{r^c z44aK-;*QN|Z@=B(i#Gd1RMr;~H?)02ZoI10+!>o3lEft6Ax&6ns!Q7?$wCmf`x)Y` zM*vO$CdO~3Ge=%O$5M*ox& zbr9|{)-(|A5(@dGmq%0}i>&Nk1d+^6#6qqHu?Qj2MgJXF{3Ujq`*U1Yq=R^ipl=h| z7NR~T>su3+vp6%L1|G>Xh^F4P_$I;?#+yZuqfijR@DK!7en5SGA+(@D-1U$wYYAgZ zBe_*Y#cFDeg~9_2jQL3Skt!n_`YehIBTm>rgCP<7LhczRx*V$nf9NR$7k5sux_g{@ zn~Qxt5Bp3WTtt-Vb-~-XcqSek_WUkHe6gj4nboL44iv%B$~U5#3;=BYY~5Mga(u?0 zDpzRQy1VJ*;i{k*-7p&0t6&vR*8awT4fxi$@?Q%szTP$kQH8G2#h2l!An*6NR$bqt z2|*oVbgPi55_gNRdpo^J+qSFI1|}=py-D}{&~D5dn)i1QaJ9qPW^mEyL|-*WRPM#z zKP3r>gj8Sdq0)?aSZqvDOBOuCS^G}y>eordYBPkcMN$wbqIYLt-^{xCByh0yag z$!WyxTMuDc66lo( zILsU8?5h8JU*S-Fkm_MM2y0?7bVA&eWPG zmTRtdG2qJR^7xfmG+l&T+55e6H2*pyY`XcT!y*TN*mf9Eyk~&Dy<4nG(apv4bBWJ- zunJKx(0~z^!At=3)VxVpR8jMQ#!BeiVnl8bs+RF`w)HjGjAdlsr0z$H;0PLSzdgek zc`sZo{d>rFZ8ybC4I$V|7gHZrfr%4vQsc-{Uj{T@w8A_wN{R2NT`{ zv!l1k%XAYAMw+JZsHDAlYdZm~7I!jz3m55~25kqVt{F=`_sq4P_1WSTYxAi~R)jly z5Z4a09^ksM18j|Q?U1J#9RZhlry{Y7?un=2`hvEM*X7d)s0d9+Y>^;UIAXpGo+zlV zZ*h0!15A?}T#j}$iiyvO8D5_QT)7Zcu(p-a#RPJ8B5rB3B27V|e$Q{mxZ9p_pqltG zTEK0E2h9U+{TAxAw~iNOmdHDAcj9}}@CwlU-E$RhSg%T`Vs?7npAr zOHZGEz^K~$$8Tw`HeB8kD{qOXRL5UWjf+-KWh^xu&vWV?rwV&9ano@{GTNMG?9Ynt zIvu`Gp`_KA5qd0${TEM5>KxF@!ucaL;|45)8yE~+Ut8(Lkw<-fVgKH==9Z3y%Ym(v zg;mvHg@!R;P3xC|Q`w*c9cTLF_@wVj?MY~|WgFIImW^sFmIbSpLKV!*M*iPd z+cg##txMWuv}W^_y+@i4a7^|K$1UQ=6A~84!wU2x3hK+(0F4S%UDK9 z>Izz8*WwwXOX5RI4C^v1%Zn+rH`TQD>MF~Mndg-q8$)dj9rTeE(bb-1Y= z=UA0SB|75X7C}7g1Jo$8v&dverA~}XJe4@}IFIqjoGjnfzoX!R6w|PJ;YTOx@(>>u z*DX$RX9T}1va#3%a{H(gyaM|ItnZ&bFqHmmi3wWrAu3`9GsOfpW&z_hk|79{8s|A4 z@Zh@RjuKAe?5+fA6NfCh68mLGkkeC3CU|Z3L1^8{m0emNxe+B?H=MsELlkE&4c=EI zkwV(y@sP*i-XwA4P72!*<)6V?&HC8u1Dpdo67b*gls~iTKZqp*D-+9q!hOttPr?6< zv-~}o{~NFr{s&;G;HYP>;AW+7WBFe(OF9;|FU*qe3tMEQ{|mEZ{Qtr%zwpd2wDaGf z<(JO?0xiFC|2t^O@&`5eU!Wz+-&gTZAc3BN_WuvGjOMfG!-EgJ{D6#V4HhyumI5Lk z<%eBOEPMwPCM}sNmK?+X?8s}i$^q{m^w_+@n!Z2eexlT-TLGlc^0fVCu{H&StM}l` z^ozshR%?EhnuLz;thx$4ky}#Ef@EVzgW=-sYH#P82#NL-;0x_-uLw&t&hPjRUEkMi!qHABZ`vpxgvi=2m{a1+SPrLiy5YeAn{NE4} z+uvpVH$=or`$zDgxMCkAsSeV$D{}UrxYj@LC>R)E%WH9M`?J(kCVR;QCipJ!} zO9l2FA_&0t6Gn{1L`*!x-vU!IbO6)0Ga#sd;W`HTAii-K4CGpI6<6> zK-vECacnIPzW)63y?yg>G3k`+Fon&*IMeOH#F*OI$x$Q*qCyC3=0s(#q5bY!g9b0) z0~r6TSZBGw`<=lCtcw&rc7X9Wm0Hcm)TT2*J`o{NTchFg$$-uy&W3;VJ|+Jyq11Fs zkVul28K0>!>>XVx1i5wCIuT#<_Yrg{iWcSeOwTuoA65Q0%lj4gPBi@-Jp85$ zn_mwCVHiPwp15#QB)Ue>$LAF(meBB7D>(73+PA0gJZx7HOoK8rCU?>u0Qv<)9WR^S zcOdR?hq@@(U7x(#jySK^-x$%ak2InaN#%H2Fq@~a>R~u!!EUmfP3aGEq|nxbF2kzA zeIls^c!c2k;daw@Jhq>|-x09Gp}nC-$w8#To*(A^cu9W+Q5w7yqF?zLZc3RN$W;v6 z4wYpC5S*3MI`#Ere|<|^3bhXMo{(c_s`>W(1R5V~z1s*mm{2s8ab!k0aJoDG1EnBu zoCwQ@^fc=}q-u8seF&b4vAlN`&-Z1TvphunXlU)*a6dRGaU8JHk&#|7P zqi^GHkDi^;C>#i{+}vCrFgG~>Er?oS3jkI=zOdQ;M?BLUM;3Q3j)pX@&`$ZIl*~fg%a7<#B@rL{E_Wp??P*bRCa|SR}2_5T5CA)KY zgdhFt-{r6JGxrk$EsNL07YY!oZ~3PSS!JKXH6tgkPDI`lNgLoN@@3cKcJNh|E*LF1 z0pNumedHL46Os5r49uRhJv_I_@aUeFeR?|BSi5EjlmlVY@EZRGc_rw;l_@%U6x&uuZ1>u!sS8L{^j=L75FntAVna`m7A!mG%HCPnI=4Sh#+*xu)c4T zqNn1UDq?}$476F?-S0b>W*E|4&Mr-CbE*(rN7{rlVrp*~ZWt7@WD(_LH?${O%=(?n z;`A^;9m+eltpgJ84Y5sRrViAN%O06L{Wp$!VInM5{ST0ps82!Zt4{o+92Z-vhg*-P z@7pMdf>HiVE8>~>GP~DDcw~gPL+@BUSz990qMCIZTc0@mjQBV0KXi8L)B_}Vq@py2$3Vu999XLOt~C6Z2u6QbFI!V z(jR}DeC8RH*y-i#B z6qwMXtXE|#`_yoi$_iB64!aJH_)aHU2WTuCwIQgJZBql?cAcm91L!FdYz;MgKR?yu zyV4ebIdH}}AP2X0mKf=sJ(BFD_tc>YAIrqgj3$hC4D3M=4?W>~+79Sj`B$3Q)Svg05+bk_*jw^h1X9* z;j-?sQW8>P(vVMH+EJ_fj!Ra`VatY$KWd2}IYnqOnCTSN${vj8A8yog#NvWx?TcZ_ zPl6QZ9!h1E+|1In8xolmXsk;3Mh9@~=MbqHx)YZQ6LV^}d*?#&8y*`V@EhQ0(whOc zR!IX&=Qn1dGY7URpqYWOpnITB1a)RX8c-KYkvu3=n5{BZIRIN$O&Ape$a90Xd#AYl z5qJrC+c#uaxzF0M7=F5vMlOp)TY}}g1Lr^>dA#R*efX&rbTI;S_wY@bRkSdQ*&zm@%_koQ-<&%+6~&ElHUV#rSp!7*)gmtabd={sxW#r+F`n44zvq$ zo$IWiD~c{3Aya-ww>)ElAi}f1?-wvRxkn_My@JU_j|^uQci#dwv0z<{kLD2&C;`X- z4vwldyFOJXco`}dj~Dj93aSZ)w7!M%s}?c zx92BvvoT-waV2r9aa~DkRxUc9V@rxhoD_lMp3TuV=?9_?J%Sh8SyF%>DFerx?EzAt$%6O{l`O_|XM-14 z_MIQm);Q1aYgmDY{up(6A#xj%@VaKWqjGM2N{uwSOuj1EuStrh>7J-h0rq^Rq<5O= z8Bc>r;w%FJu6J`V60KO%Y;CTj>2S6aZ3tw>#rGJ>9JfNU07qLv<#D%=x7oLvrwt|H z1Pe&WzJBF*-5vA7*kJY8_9J8-+F+hgtIpDum*ePg*8$_yum#~qh?tM%l7QXi)k~1-Ix?;iVK_2l0tI>QyD1z9CHPRyg4;CiUS1}~!`~E0w*>D5}+-51L?*|so z3^x|Ht2c`WHshNKG-c0$&qSLEl?3x@M?@3c_NTtvgvPHuKb>LvJyI(Q-!+@OR*vhK zik7jC7PZx7XJP4`L7I0h9*g2z^rGJZ-8EV#)i7X#%W@EYbBH5&iXiWlv=1yRcvRp? zzCxcInQQu+r+3Gc^qnIT!#(lKfxw~lJ>e9iXg?WkB-|EBqdy#IpDm%_@Mvhf|FUJ=Kk@iZg_6srwL|WpGVxmIB2Z}Ft2w%McOn~CGF?NolwN13Dl_sDZ^ai!IETt(hsQ+4 zf2lr)8!{%Dh3?M%{tUmFxqr2Q@C4GPh+h%DC3|=XVI3a)?4= z*9NI%vZ;vyaY3!Dj1a(Z^}~Qn@*zy3E9TeAZBTnxXaPn(`whG$FgI=6Zoe+enovEM zidc3s$c;=uZ)R&zKCVLOn#D@_RMZ6=pXOU>QB=-hM1D2}ORHxHr>B!|t0`9{W#qZ}vXtOpIwz!Vp{ z3*wiW4KhtgMirSF@<$&PvC^9>#*BD?Mi)4WIkvXpWQJnn%1kl4{boM)7ZU_cSIMg9)$-OZ)-?IAZr9|RNJb2aU&d^ z4Z#r5&;!9Iiew(hydB*t{8lutB_pG4Qh5^Dm*o~yN=u0Xv3?DMlo z;;i)7g1kB}b$>|d#qb}F{3^Smu=#}_OJwY2El*_I7*nYL?kZ^=+RJ+@d&{BDAv9z* z4mOyb+wqdbgYgCvPW$dHf!0Rtc>erud^v5+L{X#2`B>XHdaXC~j~scjk!1i$YRoN~ z-|7V7nVoe4)?tjBb^}uvS<;iJQu`5VB()6tm6R>#*E&KP;0{fXBe%gOUJ{IOULb2K zfdYqFmowTWdX&ke$m3aQXBx3ZTjWrUtMz8Bm=4W(LrT77!7SEiLCikt}cDV7lMEPX-w3)Bnm=xFHVcxzh$d>&u5Mf$+VV{>gj6m%Y+AV56a+#O^O>% zkA@<4S{kd+_TgD%)mW0GSb4j6`Vr0)$?v4(2?tywWqU@~jUzVWmvKD5Y$$Bf&Y80y z7b3_-3VV^R&lAVZ7Jw*f%w=mYg!xCV$*c8!9T)BLc%BxZEN9}&4wpP-f>)1|P5^;~ zBk$bLn3Ij!Y3mIC4`b)p97xx#;fZbAwr$(CZQHhO+sVWe+qP{xIeDL7aO&EtYj<}w zsz2>sx|7*(N};`rqp2}W+DuFm5^k#38(U6t+>Czwt>&QRB#SG_9gt$L*wM9+t9Y7W zlqe)BwMln&uq*|g^uPF>t{MiOTXq!g3H5p$dNNVjR@oG75iHHBffwep`_xO`>+YH>eLcOw|OYrD|Z1cvSab4e< zefqOX?+#p<3A}H(P{O#MWCFL_3(l4(h!Ek}q8SPci4gIumS`!uk7^m2K|4`a)-|#0 z?0ooKeqQ{be4w9vxy;~w;B`41KbE#~Fm1f9RXCYmp7-*)K41OB=JYMOBYk7oy1)0I zWL@_>FVnPD13)PPd+Gybmh3v(%qjH<1rSNp-O{~n-*)f$5#g&5s}QRdPd@C7>|AY3 z+{mU5`A0eqCjKMt=~vsU10Ticf%X&ie=xp#c#Y}#NV=Bm;WM$j-$q^wP_(A791l-U zp}0_NE$zx8ER(PF)V>ynY{;mlSe#`bstjl;ssvdC`trE_(??oQ{?II+S@BO;I=QlR zOICp6`i?&^P62<)b8}hfvjWJNXW~>7v?CS&Qeu|5p3sC}4&1PxWfG>8U)q?ig#EIu zG0U_e<-V~-IsVGNElu})FKv8Db!l4j@~yXH>qZKzC^6g@yLDDOC11V!<{E~^;xr#HEg{t3;(U+H#%OIZTN3QO z5Buu?5kS=UQI;?hk$o#ZHSD7lZD@6BiVq8v?&I>D|imVXCxHUF61+mD=Qd zWPZdCAor>nqm29RmUJk@Qb&d;gI!JR;mZ>IznWSR32LF35(Dx?W7q;~%;eh4N&kAk z8D;BJ0$PBD&R`pFT(6yf)aPgYdhH**FB2ZV+!VFGnfPxZjyFgaoq#D8vo>IkG8u&k ztWtE3(918?BI8RJDXo%qCzamh12GV`>C(~| zga?9hao~Xu(Ji65c74UtJ51yMe9V+v4f}q>9~+_doM9x? z^yu);A9EcL>Als@=ua|g@S{FwO)+=RR^N`(BJlz}kK8OZgoy`NhQ-WbLY}CDWWh@V z9y@1xY`Ri{Bba)>aQ^OO3db?aI4^PgI=@_JE+h1t0yr`BWERq!#nN@G#NgXs@ z^Qq4@UvrK}aWrIj(@Zi4L*6>uILM8MBJa~@Y=~B~)#3D2u?q`o6VMWhWQS6TgSe%% ztgGa3(7EaU?aiX(hU|7~Z#K=-&h7NR`Sawnv}Go_=J1FB2QB1w#X~S~lW`yuu?#4U;`iuyF4Jf_ zn=(X~_0V^g;_XdOvzi2qJkXZ8`wh|15Z!{;Klx+=pqK#TeD{NxbjXw~mwjmmc92#0 zXNSuDti=ZNNTeqbfioPg?tY*s0YguX(WCp&HN7u(Buh5NfP!AZzci~+&rVJ)o2oe- zCvFbgI|ZmK#aMO)j$9OQV5FxT+84u1D3$Hfz^?0{A}SKpyTabVRo$_3keKO8Nt7;l zA2hhxsYl;A^=d_xOl;(CBYwOeK(VdRwi_8KJsyu=&Rs9&n+cz0e&o7aPH?S;1NC-& z^rOsR>u9`xj+F)S&dd{THIxRc){8Mu+T!HmtCmfHDMIbSwzOHD>}u;PcU`rvrE zu#F|H2CJ_4{lItqIh(Z^)u`AsJ@Yf^foBZGmxh2H1W;`_kTlZLK7l?&eZGw^>Dri$Rf9nIe7bC`lV0kJ}tkLQZ1)4#{ z2)6x0VMkTZq_%XyqYXnBD0tB4|7Bo zOyf}fz{cB-lE>Rga`>i znJaVsB8R7?ExpDu8e3<|8+(}V@g&j-MkUSz_k;J+ z*h%qCqOm;*fTcX}mCSmA&Q{z=%fx>=`I`#X~JW=`} zEw)B|2_)%ddy&JP%*92THEPL#x2j597w)u35Zf%;) zSPu?6yyKTn29iO5!%`|2oy;L)Wk_fcaPL9FU7F@uM{n)a6^0d^>-96w`Jttb<&M^l zZTlPth*1-#idsRmn|m2n}4uZVDpgcYzR7g%b$R@(v0Pr8(MOlj%9xJVR}-?^Ja(ER=k25U{rz zWQI<*kYr>&@oLOY`{A8;7i8O>?5z;&tWef_-S}9h`LnJz^JcHfpEVC!Y(I!^(DP!w zyK3SsHn~o@W$SG@m+)?*8!|rQT!(SLGA?e?Wx-1OW~LjsZz}hA`*w$DGJmvwqE~?$fsIGxKsf zjsi*GF*GuSiVc^KzdwFLi5k*+KP@gdrqs8V=N(_RXlORX-)+=4vAxc!dWU?QXunTq z@O+$CzT$W#pSHlJzm)c9!u8*oN4p(x>(-UMSbCSqMn9c+_n%iICiWV%vQ>?n*cloT z(g?L;+!GjJ`|xt&1qNNKz(#mhg`z50PhX&&X*hL2OUkut6U|1mvyG_g=^Bx^P#~Lz zGDNhaW@%>_;O^w{{?slUywq|EW+Ij1Z|3fPgkb7-^BI7fAA;{V{!NZueA|{?VUJoJ zPpbX4bwdajoW;H0(({yishqBkoS>un9>DuuUz{|VR_n2G9kjL1XDIP?*{5eoA7pmI zBc9_AHy1EBi&BjvI6|wr7kMudA9_f2Cvh+3lE%rO}M-4V!2Z|^lo|hwUQ1;>|sA^i% zDCiU)-&@anT!N*u$aa0$5Bu2Z=fKm|W3*7vSi4_K<0HYAnf4@bJ?G2o@KF0&>|*{7 zff_;`>Dsy4@+zM*D9Fx*O4NZ(yb}AVnbOv;as9VgJr!#@1JkqgeP!HvCbALL^J0DT z&WpyE#^>gH%}d8A#wFHS#$M`9>9bU7n#4S;uupO4z#|yv5>&t4G4@k#6n7GS5HHq1 zPnUyS@KT0d8(uOhZS`4!;M%rMbX=4kw%R7;v>GEGR4N|iT5e8txGu&Z%FV6Vjab^k z9u7H)Oiz~Wk%;W9Q%Jh#5jK+xy8u#}nY1_fj<|^wY>hYCv?a|VS>A~~+Wdyl(5rr4 zm1(EmWGzaRUU$2;!W;Jm;w9UA3-RW7c*)^*?eqLyr3vNx1sG}#AjR$kSF$xEZOp1= zvgl}mOE?KXs#&1+8%QDWPEps?Cb|rS1W1I1C7m!aV2*dd=ldy&7Mfv*M0^9$k{~t* zx;>+94NQr~%}*HdunBHxCO(TK-p|LS*o*5)88q~*_NZ=Rw;<$O;$GrlIHNto9nx>~ z-xCq)PF^r?CLHijYdiu}RXs11ehuTTv|c~^Zj|#oEJ!B+iRs7uW3)EDxepKOE`{)O2Vj_cMuunRN5Y&kn zWAh{S-&ZBV8Voc>aZwU27V_ZP`$lAGH8xMB9;rPg#ZZCk0)ZM7X&?coAZBi;`CIDp zH^2n^*=Gt}#tfK&^5B6c15f$U>sdqelAdG6(%8{Nrxa`_mrRSYh~f-;Y)9Ow{fKlx z6@utLtfWJLr)i@{Y^yD+zT*&vKtj9am-2iBINJh*Hp z_wGT?GI^A+S}S3P#C@vLE6f?X4c;JP2YY;7-_kqEv=mIwA##Rao(p^GJ2q|F8QS}4R8%i^+U_5Vhtez_$Ab+G zeC(p{jT6JuSQ#pb2q2Znfy}G?nD?Vl>kM_*pjS9dk@e4RoS6Im3hnPnN& zG^m0O7D^tYFRKxi9OAE?kj=yk1?s5;@;Ek+@6F7B^g zc5>Y4zw}4DQ0?xvk2}e38oIU(3fWHQ0t>>$q-3LtJ#NKzA)^j=qbF%Hh?O2ngc*U9 z$(iZYV=xBn_vp3hq2Z)pP}l2gz@u@P5+pqgZMNle>oFoRtVP{betlU`|7b}8JX2>} zASIR)d=6#XzWnoa|fL0NA`{41k^ydEuqWIAoh54uMhc((5J}rongl zOOychAb;kZU3Rq=a)sMcbxSZ@>**Zi%(UzqrdMYtZ1VJtOKRSc11vWP+G;!SCuYEc6JLl}dd+>AfIQe1C?HeIi_pl4F zP;^FPgjytet#&E%2l1YlRht)YGWVnlo)a{&GPN<+G21acPXI}W@j8nCuE75S^1AUm z!m?3)?;)Oy`Og1oYQspLp;E*o>3zS-k(~0B`^Zmc99&?abbjeqs#gxWi^kr%3Dzk_xUFKH^|k! zF%7v@&SX1@+A!Zl_*l!4 zs6=F2$M!GHF>?k_V_?oC##)A;TA03o1dLWh^S(U1XXoav){>1#1AETS9(m7q!6tPUc4Xbj6 zhGVrCJ0TT11?ypa-q4x20D5isW(h`eZ`QTan;`wRkMRb;2hqgoSWf1`mzmtcRgNR4 zMe1l+qjgEvN;-#`7M5q!hC%_kDFG+@wSNT4lg2UE-S6n>}&uzm&o zIf+G&b&QpoKni+e4EMfVM9~;4@CTcf6D~M;kQ;W~5AB+14ud^abrvK0n$P15I6KX0 z2%#UPK{(bP$xIGCY4h({`<2(QoDU(Z(@))u-{P0rCpxV=U8?8zRGp!jk+fE)k=QL! zdhR2wpJYNzp}_e-g=V5VAFd5EI;VYVvcMH23JLC;jFc*=u*LeAFFICWfUopWNwc$X z0n;dJE|PY-@Ian+kjziU^_=D-cS>o{Xrv|&J3F!NoDBV6j|DA92twF6^^ zV0IkwAVQ(xVd47VT^D6ItpI#GZ=*U>q&TX3uD>U^m;}y##gTn7rbkz(-h|&^-mXUv z92Uy}rY+42f?MDLN2+Wpra*VBArWD*tde>8Wm;{;3dBF&d^_+rPar z*fwuBVBUB=vA_d4X7#mPgP$Pxmat)kP>Z}?GBGQ4%Spi-MTRC;{ZQiua@-+s7k=FK zPG5TW=z<=t@zH=~9ms{8lIG%%O(ocOTw~`2CUA z!AE0YhW#C&`PS(r(#2X^*;Fw&h_;wma7#v{Z;`?R zV!Md54tcwF`2lpo@mn%OlmTi0O`#bJ?TS+8cor?ptll%YT60Xb%H8$lGHvbKMFhJ9 z!itP}U%Y49^LAHviWlha;SBfqI*gPIr_t;QG@fvFd(gQrn(}EVIcrs7Wpgq)upCyg350l|2&gD1BoaXa6Sm#`Z3+ps*Wr7<-L<7GCje zP-KNjp{gX)kCa%Aya)Gx)Gl1slH1NC9K={jPDa1w5;EnK;J$`UzHf&lg`xO!R^@n{dn z&NKv3{AD*sdz1GBrHEyhq{THu++yYrAP%P@V_P0{<$d~Y_^9jU4mH9qQNjzf9{=hU$zabNg?dP@=7T*NWkYUC3 z0zT^hw8B3Gb2D~~!c_{68b#0}W)6@}CVM9hmZnsT=hCW}(#h&%dNFW_YuJhPe6NfXQbJ zZ@m3ceMmjFdq#B+*C{;k8r@q(2q3S_&a?7*Y zLCfGsNX?BeISG*~C6UL;TFLjfaP_U+L1w_H?6sN;FN?|TI$K0dZgoyi2K9@(*LuEY z!!THRyUkwxsKe`>&i|&gOe7D$>P%F?S+}!dk#mhxPt#J{vhc*-H3U{8mI_n>6-IZ> z2;HQjSy_{0t#nlfHEqcR%LK!uyMNtA!^UeuU%RCGzD|0r-1@Oj4gn=jia~>>iDoO+ zCAE{fw;mjI$=WevinMCX=Gl`mhZU{X<;oEu4XQ$*1H!IVeN(*kanG#T+PF0%;_a&V zQpd2)UD{jda0teRpgI&%h#1)!ZYxy|Pr=UtAaSVRT|&u}md+0yl02i zLsON7;$W9z&wPoBjpttX{`4tsgm?HTP7Uni=A_h&8lCTmGKqi1xA7mNEPN~h5MxnX zvtp7Zt%|g-(kk;t^WsF;msb?8}hun-zh>(c>Yr`6(| zc_&0Nkm@627=l4Nj>x*fq}9sDG1rb;aOPq}P1w|y-cST+@zn6e@|C>+d(|qJ-M?e@ z3nrx&r7O~S{lrLMGW^~H0$%m#XlrMZEa>o#Mn6S|?{siDkvS1O5lu4=y?^be+8SOY zD8ETff%UfV_(X;Sw~l7bX+WZPjr-fd_Yk9^U+Lga?fn2|9-5BOR>YoyERYHQnF$vJ zN709+b)$4H(0RYXq45ClaD7vtw;7FwG0GFL@~M!Q6^k^!@1L|B{pm9H8+*&W%^h^x zQ0-V=`%9f{h8Z%PNjaBNirS;AYiQ^AVr)0MZM(hawfdQU)9~+lk!P(lj7Qa-*q(i9 z<3Ri7x9&E6%8t!o!L{CV?2YRWBo*@X;e7=W)lA(u*_+rH4mn13#MD7lGfABcY3IL7 z;;2~cR&c;6NT+7(#09bI*-2O@4^Na;uXk6@8i;Vgb%zo%?`&KR=;%kh6VKnm+D{@- zIMW;)N9GIXbXwP7n@e?9doAEfFIQ|SdSx4~mPViau6Xe|nYVq(b(4EE zTlhiz<0fcAjXO7Lfe6U5r=Z4zI4luOEfMU}jdp>%7L2;+omh#xY(_hq)Y#qjuyxTo zJAN?V_DYu!=3c>`%^w(WNwi^ls$OUAF_4qLno_}Od|fp{p+N>ai? zcrqYr5SguvozT)gVBWz-lpZU$j|A=L&OpcHVH;}*;+8AexDt7qRgL)fJ;w9Ui|h2*{0D3y!{j@ zCa5u0)z-Z>&p-$Hh*=RW((#BL!{SCCYg*h5x`)uBJ9PQ;e%=H;9!)--^zeW{0a#x4 z(?j;X_SL$TXFN?DuY~BK5|6sB@UkIT|3N!a%O40!G+#-%Y=9#k^Ip`}eP(S*IGwfO zgS+RS{v87mL~cP)4Sl;tD0HN6icBfIHHYKI5bX$k;;j*3T$zpSK5DV7s4zTiSI(s1ve*@|! zDKsJs;VAEXYaA6e2dUp&W8pkdQDoMdJ3l1Sn8$oD&O8uZs2TaULDHvAAH1M1m4Pl%< zR+&xzB(jy2aypZOrIz%t#vb`LHmx{K2}zSiT)k!1Q=4-v({6gQdYSvBSOQal2PsNe!3vP?~fdwS6 z0a(a0M2V&Lm1CtD@x|qVD%)qP1=L;6DC8ITxIi>rTQBoInA@u1iB6JA>#})H-n1cvmm>| zf3AFBmKvFYgu&~LU4kyJ4~1obX-B&JULJ8bU&BrIcX^(*Gm=IHtEVHz14f-Z)T3x-R0sM zldH~OSgf5d@C_p`!>xwY)vvJj!ThfU%Nd%uCWFqREh<_=aRE6f%dTL7Yw4gq+G*RhUjd;JMKUz&do8E(!<`_qbif zPtdk8WI+z^R(kC*2IDMIf2nTm3SqT)s$hwE;}Wo%eJ@~fb{L*g7;~at0srQO`o2eA z&pbadcQKEh+t@RxM-V?n_6lzUc8hmdpOHMIX{nRs8|V}10Rgm~`Q%~-1YRgwNxe@X zRmRywi(QODk_4P5^nv9i*nzF`J`pu!46Vsa4qy*zUl$<#Me{LoM{ue9Fh~`gbLP`r ztSttkcc)trBD!*)I}0%3Aix)@mIQ3Zid$5(z|R;qhxiAHNb2!KV&YU3ktBdc7z{}2 zBUD3xrNj}6^lwK|VybwA9?bpvqx{IP;~m_-0O4qqTe%Ck*Y^*gZ(lvZ6wovToA)q+ zLDYSucHDu)Z)nIpXZOpC0Wbk2vIO4uuWz7x_aE)q zr7FXTx1rCY(OAV8^M75* zTcKNHCn-+Hb~>b7jl^>$gxjaG*q8~`taE6|Ulp<1(F&u!++C*?*Hh_St&cs7 zlS9*+^Rs^~bab}lj3y#ZBG<6o46#DJjrLUFK8q5$UZZm0o_IZW>dduo|G4{$1?v$2 z=#+w(ia)jqai>w>XMmv)ZOWez$FegnatxKLWiHqKG}nda#QOa?iAU&g41x$;7P z^a&Q}#L+D0r#OTP!H~onOwdA+7z7+UjB*Nr5992cx1q5_g{AmE@N>>m{gDk%pz#A&PYa1zjpv&g_ z`8x7XfvB%E;k65MwTgZ8%Ds$_-R0YJD`qkkNCoVYn?#VBHTOWQ9bP%G9g7bcm?!5J ztsGP;#u&c_R60P1rYGBQj}%rA-` z9{3MIK^2(@5uap>4wZtLiDi6_@A9VW3OA2ZDiXsToHCmQFp&vFqIP>`#R+>&E{fx0R)4Jcv z&~5*1=64M-=(;P@z%#;!PtZT~9n54X`IF`DcuDWR^(xem;m*coaV*+qxxlTMTI?w% z5oT;qgXYxrrvhuRf%Pb?*I{pKpHO~^3z^E*1OZFjKp%=nBDnjQ5bJ9weB^*fGPM9- zqXRBEO(M^4T|#fa+J(@TPlxH22;H^$IZ>~FcBk*}6>Y0pmJVaRoEO(Kn%&KG6&6oF zN@J)Lc0}HY_1E`@+KaYPOYUCCR2J)Fvyz0AFt~X5tR*cAP6zGveEIb2L zl^{WIhTM1^&$KJZ8NyDZ(>w3mKRJ6{*-zjwriG7?UbxHh%Re6Ab9(f9Ka13mWaGZm zR1dHj@&H0$*rKhrj=Pna!9QbJJY@Yb$;N5KW7*Q-gA}`*$mF+}&3i2F({adpX1%=~ zDi2n}7{i)GE2i33#GTP2(ZqLEWEyi^DywqSrZchRL>Vz0!>-?Fa0MM;HPBkerF>hw zWohZ5Om%^X7d5wTW4uccG7ZLJ#!HE-HJs2MCDjdwjC&rG>Qyaa(L?u|Mhsc2CIO$} z+*q`LCwrofm?LVAZKGO8I`_VB#AM&8UOM0W$I7+*vGztsly7C5vL0wJ#hVj6WLQWN zUJ4Gu<|5PSXqKzdD#p0Q= z%x9L2a)2_jiKPh<^WF0Y^HqmF_ZS=`K4Q^p#A2C*HHoZ}a_|Y?nV$Mg_|UY8txgFomso3bO@6=a1%BN% z-%%dQMT0o~TGXfmKtGSjg7ZfWXXX3*e4$0UZw7kn4YLYi@NhxrP4B0Iq`hY=X?3oL{m1 z;l}6*dE{w8RvGwmCD+QoV(ek^#k@wDZPiLgi)(Vz*EVlcmlR-A{LIf5kv#aa&x6^K zx$TBLKXc~;anFpcOV|g#p^*1O@y7GNp)Y6Z>xAn=ryJnPmoP_u4+I`%IYgz+*_h0F z-Rig8D<_Xy+V_*38KomfFzGem_Kw9ILC<5BVcN1DMqPXVOJlrYB-iM-EAEucY3q#b zIPL1nzGLswQPzHtyTKjSec?0K+-^tWvFV!zXXmEWUT z%zD4m%KvT7U4E}p`O*5FuDLO#f2-~!ezD3h}$y_+rzhGZVy`ttH4srzjGOyoj>GAPYiyEkIHz_p$Q zcZ}J~MY92>^q0ZItP~_vyJB}WU|%=w=8*Ucp?O)MKCVFQz&0b+!pv3z<*o=!+*wD5 z;_Y#mietIdFQGHXJpF!l z{zNLI&es6Es{_2iHviT{ng4iYR>@<5Sh4`g>Oiwe5}}MY%cN~zXzzwan%2LlBo7T| zfv!-ZcP7mBz^*U66wXqWxWaiQJ*WQ2*-PHGqYRg@w+L)3{WPj1kD=MD4Ag5fvfDP% zb`M~rY0VkpT%27>AQc(n=rdWvzra2hXGok||8-@mM#7d5Uowv`fee*EE4u%)#rX#f zMRVz_F+INARP+Os)Ij-Ib5&jFO}FkvWyHS7u2!E%u`5ge6Qz0t_(>(y1qZ86_e69b zVyHvuL<}d(Xuo?Y=+kbwq+8}hKY6Y+Ny5m`6$ra>;qJz?sKPq9Kpn9tY7`I$bzEi49yqmTnhtF~a#77iEC37$Lv{Se4%rvTFt0}cOXo6ZJ<5c$)rIrxB4bI(g$5^I0|?6tqDrPqj-^`T!~kib zlT}Alb5D}Rvqbhv7!Iw*2j@UVkW*Q7z|-e@D%xs7Ba5}v3&O(Mz>d_EQMn@vj3mnP zn=*%q3Y}G%RqebZrJid7>`uK;60M}|0t~m}0qmh_Wkh|_^VBri_OCE&Q8~^z7`c>5 zr>}izjC89CDNq%<4Ohmd3(R^F@CwB>gwM@vS;_Tv(S zOG+2sIE_~*4Jye4^6f?JLBaPxt_{>Y2cX>ZB&o^+XKC7#GE$ zHBFJyAi<9sg%8)`U#kL@>WJYSC%Q|!?3L_R=x0>}#nXx4ln7VnyI5EFxx(;lI+a29 z1-htBbmNp~@dMvpd*y`T1pEdoJ#7myO!WMeP?z{fyt>D#{zWW-qt~3U;W`t<-t&D%`7WIfh$ww!gm(vNzy;7a_72P8q2_Mh#Jd&2i@QMDhlYq-aif)T$d&*_Jm!oPSA3<5P#2v$574!E z$d{-#yZ&|~S#)7(Yc02#xOiBCaM5x32@?frW^!@8xVP0@sF1Y{co9ubMTHHU81;79 zygxdxJ|>aT$vLk!H)}RBX*SRnbK1JUtC_$8ea9ZKRMuoM)om_Ha@9%JQ!hW3wyM1` zzp}Qu9PeH=HiuH>%6?)A>x-*&;ylMJq&nwJt*D9lL3L^&>L_k+qFP6=kqdhCPveM*frmU1bEx)j^)ezjV z0lkM+Gi#v@tu13)VQZnSyTBIpx-qY{t5q^vacN`zC+x3WB&OQj>MWurzsadumE*!M zg0JjUv<`n|tvk;sEi>7TtGUE7Fo05nqtH^}C87hBU$@M*4cN%=2|8xCL+M;n2DcjRYQu)m6#=^i@ZEjNMldkrXj z9#EbGb{=2%Wu$lsZI>}jsMvWyDC*t#fY z5D(m*MbWT$N|`B;`>3st@_lMO5a4g+j&_QG?vBN4$EC0e=?W-PmZucql zc)In-rRog+@ha8)H?d3yD<4z_^UqN2vFtj7&GzzKM`6lS>dxZQ5^HIGepwlrUkGje z+fxk{WM+pdHJ$pL$j^=n2o)#V(yyxF!uZb~6wlm|JeEnFbX_J>yQAaKUyh`z(khjd z^OPhiQrSEn1su1b>IkGVnQYz>YkI6>W&jPaa#0Cs55Vw#=niy|pNPnYF?oSfC*3Yh zovn45o$9iAP-j!mWOylfSkj_@dh)%f=DKagM3^Os>2<0DRx&R5pfynyn0;9~Y4}1V zO<|Er$mnP#$=Bh_ZeM&?IX2Q-D;Og)JR^Of!1TfJY{A)5*c-qreShJ}q|j<9imkdS zZ1GdhqAbNn0~0~%S_j@41-V4VqcR&+vX*}v8Au4tHKtx%u&{(sJ2xw~R6wmWr^sf8 zmU>sDR({bxZ6trq+<{07RjGb7!m)ZxJ6(I^?s)W`Y+qpQL^<#V`fAsvq4yWuz>1@B z3`${#f;P4Br3f#VAHzSF2ZDMaMy2!%>z+rFs86y!Dev4V>+zYY>j5$q$8Q(laub|f zDn-@sXHBL+Ep*Ds41&SJ7|yjf9Z`DT1!vm?UU7N5%TGc~jwd;)^k@<1CHqkQD$%K& zzwRal6$+3Gzr(=gaHo#SDRSVM?9bApE-L@r^$jX0z}}C$y(FcVm-B^EekW(Vm00Ewkyk*U_*lz<{OqE~x`fy(C6YuV3Nw>isV<4EH0Mf;pC?*6m)ZSN?0>xU!a z@JHFby+>?Y6jhd@tqx0^Frvm>Hd}rlJzpEAqysqiwKENNd{5kghXv~tVh3lwwuG@& z3!>@t{#NbnZGO~8kN8eaT~-b5^9r=IH`};w-8wSSt6%Xsn4e~*0_Y3-5-Q`Ro{#H z`PNbDTs@eY%!9@!0}QIiu`+Kd+nmH5x9aA)X5q;qJ4xLSn6d80SuYkZ134HU13Xxb zzb17iaYwupvJ|jx*@r%ihFRZoq^En9n|i^#HDc>=0%|vs(FZ0xLoO07h`=dfI20j{iKn3AyEVuq}U>UzYaB$$SqOUSi0bJL@0j(E;a z;yOc_?ekseB^C_JqK|?fxim}_qqZ7V=UV%3kF=s=y-p%~NpyUv9|qn(W43w)kEf~u zn+ldlf8z3+q0JqjnOGQUywv`IXxAXR6C&q)Vm91g32}ABZFoR0eL&Cr-zXpQPz+4q z1B-I65Mc7k99*Nv2+|hZ45Vg5KkbviSX)La|H71t|ALPkCu_pO2`HdgCeCtnTUH?R|EtgetJB87hx*5A2wmGKYYlY`>8TOy z5q_jqkP?Fo@(U;jsaxnr@P~3ZZTnyAtRM5!N9nhc?oMujlSXpk(P>_YF1XEaTW(Of z+1@0na0N~gGl%lMM>}RRO98&(q+%RT+>NjTvVxlc-wAW~xD#_)sF03c!{n97;dzaL z4QtWA6VcYyOhij90r64axjizhL{V`0Z34YAW}~X77s}j<5epcZ#5V%H0vn^ar#qSN zIGi-c%sxrFLkvj^)d~ca`BtQ;g^I0!rxJ}N)8 zxFNtG;Qw|K)&Dg7F${n;Th%_*!FS?6_Men6h8@L@=fHPD%m88pGoH5gRCEO$YQ_l2 z4viKB<^pmBy@X!H7@HnFO9=#51uF=e6*x`&HGF6I4q|6`PH-JW3;6$#C>Hn+l7v(w zHV}ltmAqsBi7x$~TOFqT9r`6H zBp*_=DbmT>bQ(+wjq-v^@;EeU7v!m^_l3}MM4!NcLE!za7*=I9z+~7FDWG z4et_3jztpf+r`q%6m+Z<1&W@%h6z+S(~lICwZbhf*WKQ@h|XTmh9({EPs^gVf8Fl0 z8FSP&Sm+*U#6cNhJ#Z0&f$@36q54fUkv@yoRhcF%!olYMD2N~wx1yS{Evc~DB&Jdw zthr4@xJxJRSpc({xPQuX3^d`L%M2{c2$hVh>?4#3jANmZc|2hS$qDGN zx>GG4gqndZ7KNVp;8Lo=BHALD$5nLB*%tiv*faRcV|;rhuRCynx-COK3Uc8}B55nw zDQ&6MLtNJP!f(U!YP)Acgv)R%32`@eUK0R5)mT1DmL$1YXm0g3@=4+g_1ZhzkdBL2 z$pN(pljeS4ijnvH1vpJ$8$2G&7Ym1>bRpQ=H==X$N;N9wpmRj`fb&^MXC`zHRsO=E z5!{!j=JXiZnj7cHC--i959}BJatHM3fHwbsl$~X89m|%bZL!77%yh)e%sOHwiZkgEYlul)a{D;BV7 z@YhFb5Y)SkF6h&gMKzT`o?v$$q8i|AA@33!L(JE8IFSdOvyA%xlZS;dsRk_^GGC zX)n$1s?mH~OW94&T5m24z`WxkOG86Q?c4K`irK9q1}C{&$y)y&|EiElU#G!bHm3P5%zgpUcE$94Ml3 zrrAncYAHYZBEe!vg14P=rD%Gz%rv^Ct|M$KUe4R0CUZE%3l|yF(nu@PEHm%ndFMP1 z-;PTx(-BQiDzi8dPz*AZ@Oy}{rZDFmuvcSVL()9FRDD~9L!930`P%Iv{6M0>sNz&^ zd&emKD~g3%V&OZ*yFND+xNl%4Y4tHh^D;$(6q!i$^)@wU8M|}vUB-6#PgR=GQ0IGM z>j497LneTd=5j(SFK8Y{f_!W)2ht7oc6pR0Rz*u0i%x8VqJ44ns7(n1tWFQoD+}0y zz0;yu;=+g%N9!C}gC|J2c(NkjGt zCsag|#6*P&7fO{HlDD3TLLP=ySFe88l9a&!N!gY4f1tbg;*7&#a@|HV$2 zqvyVy7PXe$Jo6MLkt6c?b(^iF~*3f2lHpx z1%}a*!DCJ5t@LXz>)*Cxth+TQPm=|EK0Z8!fDe#$0wsB|PX*=KV&KYb9T8g(nNewO z(VRtRWi5l#M|ty4E#Sd@UI>+P;bbnQY{nv#8oCwd2Q*#a7`nE-t^w{2Och2$H@y+0 z51I5ktA_tZvbX_TH_*a*i2E|~^pB@Qf;vVwJ}2uN@3F=63$lza$<3{+C&L@w=VcPI zoNutB`Ex5=@;lICYU7XI%!c&qHog0yo)qBO)Bbno02bWa7)a}`h(%29yI;?V<+qz&12f$`FKmj_*bQ4%?1$Wce=q!hlFI)5$p5!~%50xw_Fr&i ze_^`*!GQgR;`-CF>`SK{rj)Df9n3p@mJhGW&fJv zZ>-oq@t<*j)&0--|HP5~RrXgqj?eu6iV^!K&)@Z*xUv82$Nxl<{S)^$rtE+9^Y4EA z)31N$8~yhL^MCk8|9!XqAHLBX{|+t2@!z7w7+E-&|2N<0Jx>@f<+=KYb<+%H=9D2B zlUPYYFmj4-MDoFiAiuVV;sy{w++$!d1I)-%B$-m(Ihcul|LQJR)vC8B{`I(-BTAo3 z>;|9*P&b5bqLh^{&xf|Rvnrm57t8i+RkTl}wDk@=9A3P!m77C(52goHiwNs@W#J)#j~rdH>t z=2m>hW+&+TuJnaQ%QJi`FEVbenTU!}?BBM5>B+?bw;Z~GJ0Tf=9_tH7@zl26@FLS% zx~8xc)nyLB;-apKI||A|>yI~{h*Tr5IKBx@j_PJfQH5at=3t7V0;5Vy9N2xS}k5N6rC z(8rn|LXUVJ1`v89tt1d4)O#kD7ny)IiYpRNoPr-&Wd?#f*h z2_|{0l|Ob2!XBlsAe%zx|3s&KU6KzvqZT8|$WKG+3vO{)4s$xy@OO9)zzFm%+Hu?k zorNiYDGgxlHo5-l{S#lHH(*sH3sLK~+yH&4Y=xFBW@eOaS9XhIIWKc%N7bR!hKrNt zc+gZ{R;yP$rB9;cmIvP-_su|udPxG~q%$}bFc`2 z4$2b6C9i$ANgkwp*XP|T`(+TKCaM?8^eP;PESTL(rR56qq|&igQ6PIgLgVn8OB~L) zRCitW*fq^_&--9vfjvZHI&^LNaV^?*5wL&Y{iqT~0Cc7+wvBz58ajuLC~qwQp}w;u8_!`o?&Cm~UDn`0Pg*Yc3AFm8F zE8-1NNgCFQ@EUQ%GEbL3hsz9B!{4GY?>8`#H7MU}F=fb{aQn+i#?XZ9YC0C~%^!r; zrJ(EaSnlVC6#)QKIq<1A7=`j$k+i>8oTFQ=LuphqUxnMa*WV!Zr<@xpFK8~(wdmug zmYig`t%@qkHA-+fF)XcbJQ8$?9JgT_J3T+~=!bWk?a2=fnI96Ow=$WCuXfR?nl00dTt4PfYZ=2Wj;V#GX;(9bcJUi z)yHZ}d;Js3NN?+8YBA=C;UMjTIx{}kj%TrLK0*C?y?n2NIdhs)nPJM+c(&*7F>clX zQb!$fV!_hUnz3|c`Cr}6N3i101yEGNQYvgIP{{OWIID-6=jSogE;6bY)5cCM~I=-NBOGL95Q zE>tGthU#U7Knz};12g*~c@`SPv;;zkO?;!KQ>-d~7wR?(SV#HA@#{ow#@utre_wn0|8fsIZmRw%@Z&`H)KR=m?ExI&o;cO<* zR1%bsyjkgfKmYv~+t&S=dUi^7N?S^~X)=~1>_e};@yx_=-&$zq<;u>EHlZV$RG{e; zV{+p@CB2oI-U^;UX4~GtieckoFW^bsI*pt={P!s>ulcA&)#BYPVqmV%MP~hFVbHRY?pg#ZFHXAn_2cQBh52Tw zOPh=DGrX<1A`xG%$m&XCcHmf5VhXtq$a}XrEE6c=7r<1*+?I5&!pP1X*4F)t+a`j-qlHf)UJRD|z3EuTRFf;0M#H&Pybfc-1@8pYKO81<3m5pWEK`LX zH{Rc)3_8`(UzBhwO_|?vJ?urtbpBAWXK8ijwLi_B(VyXTmQ_?mFZatm!iX&c%XTuw z!gk}DETvREEMki&YJmJ~d%RB(JRHZ1+%C)p>} za>?u6lco1Fx>41BBJ`u`)NuFB+|s5vy)%R+2SlA9ubfJ&HYwJ?ghC&~5QCpUpVPY4 z2yDo>|I}~ZS4^Fx9r%rZn*&CQU&Mjw{$5lQG96fdrZ2d(YjOB%v#R#AI`R>JaSDs) zZK`>%oA~C@o>z^(WpC9sKoqj#{Q=TVv!#aYCt=NHi@Ul7YG z0ZVdh0I7`BymHup4PLSu^j5^G&j9s+hEk7B5ZGX+t&nTrDzMog?_!qZxFh zjsSXo^)Rer8C8Qv4*v0sRsgzu9v)iF67#+RWQO@j?O4?}=0nzDyrhcdLR|i<*-YMP z|6!PekXSwL7asRxFmD8yAZZOgN`c!(L!c}PpyEn3gdC^g=n(xnTC{P2GTZ-FGIr?{ z$hcH~F>!*^?OWoOJ>k*9p`y|i4y{fH%RN-mh&_L_fF&YhVfONkCD>o|*C|-{S!YqE zcv!+h{FvuGuBW)^hmniunLASznkHrO+fv-YM5$|zO^dt$m~O^#2o?>$%f4>xez$g6 zs(O9Zu<_J4U$h}ph_<4teI|7|*h@{nrRHC>OV%RcWwK)%x1x-1ebsV{y%g6M1jB0@ zDakF&jucuOrYSFjgQIWNcRPQ&3kUZ?WOB$*q;ScW$gT|rwom&U;;P-dsRz)O)CQ9d zv|0Ihh)$tQU5E8$#O;-MIBh!UUbvoG(j$I*#$GsDjd$p+r`Pt>k+=uD9|UAXW-M{< zWpKu6ykjM%x{t-jaaVUG62Z%jp*V($Ud^%kp1*EI(6kV|4`>a04zKVlzS|Ap%{r~! zZRoj=tabWk4A0gCg-*lo4W3GuoE#)XjZyKr9A5agyP-R)Ex1`=sB$}mt}oxTPFz2+ zBNOKv#Mers{EWH&xCh2#O#WownU#@>s@;foB@3Txy>LZab5O20Lm{R*bc&Cac{i9uEv_;Sp4M}YT4Ra*7o z5lyYlAac-({;p`0q`B%`P)kGdC@`w$kE>9y%c5mrcZ zVQgv$NQs;{J^ciPJLBr)@j7i`mtUk=vaGPrnmyP^%$jk%G>dD*h-s_=Mh9AO22ZnM z4!~0d1w?X2+jmr^(kASFo%# zDAxd<%#MFoOBz$n$tUt9QL#odTp#6{niK*C%VhlZ+41_(NJ}WK0uMarE6$EO&Rc9! zh1Z4!_gsf<6W;2O=Xn~eR}4>uL#}J4gC|CAku3%eVgmv_r@F-)(nf5e!G5&w=8$HH zh-Ua1aN2C^5nLuazGQZv49~@WOELHzUz}E2`IGu>Z?epCTCW&EIM@la3|;MH{?OJh ztv9Ve>rQLa#yszw@687@iO5L85f)9Tpl-2B+lT&s;)ttftQ#<09z+21 zAn|}To#viAoldG8C{Ep;WyAa6Cto^CEge6`_0pwu+u=Cee0FPXO#MOvGLddHI@ajz zWIWu~8Dj-1R|0uYPz(Q7@U>HtH^M!kKp^#T2b6q0n@RsMi$v_romiL$xa^#=8(kM{ z)i*(R^hJXVTr%#FxLL}ALN;j6h@wrlCP0nB)&P9?P((=g=S0lCXpNv-7kNP?WK4V?tPEX6lEk5J<3Hw`ZUv#;E`~Kf?A=clyIUT zxgqTSws_YC3?0vd$g}bXROBOdJ?wTCa}ms^_ekVC1_Og-9ba^{QSm%RHNoUFvLyLQ zeFr?*dd1yc{x6>VJGfq<_4#M=)t8)kc8Y=+UqVxA@-0dmnfYh+SS2>Axj4_2e{V;50V``qS>syivN{WKYtRC{lE35X3$5{36Gj zc$%$4wZjW4R+nj#z_+X2W-s8l_DbZnaZ?SPWEwLb$o0`>E-Ctby*~OBryACVNPLtjVf`YKJ|0i>>l;FHUtqazcM4Z zcCH4~&1XD3JfO8uU;?eTHX9XJt=gjZO?EzLNo%L9${xi1{nTj@;TfNSzOzx+T)FG= zs~3*LX9}HJ)>bFCV%)DlPW;6799_=ssD3-)Cf0Mf0FWH`_?e(CEaSEr`o>^ksL_?6 zXOZZ1q+aeAPqpkZ0--$MxXvJ@Lm?q^)@ejvxAj;0;W+QDhVyKG)Q5ho%zJ?(esVbz z+$V@;##Q`_E3vm`C63r4eq^|pmX+7^2>Kr-;F_&FK9Typ5QVr<_0G;On6a4xZOp59 z;tYR&kpG$zSFt2sImeu4c20MgoT!g+o6qp+x8(hyBn-5=0wnzJ`NG~1?222y489GM-YKabos);&T{F# z@D`FSYK*h1d!Bau1Obdw07rCW#kz!PxV3@8v9&NcV*`mFC7Wg}wlm+H*?I*G^W;6L z9jv{uTTX>8Cj;@ULPk;6nuSdr7SL(-1yIG7lM@TtCy0{GWXvd|k zvAOV|_2PM;Y$?G6%FarJ&v)uFcu0txr^<+(=9u;vD10Vc%cLwo(K5+}LgdkH{~pj5 zmh)Mdr2OZ0kija2Yp@sg?rKakncCdd2`^3$ZAf8SYb56|jcYaSPg8P1%&P{SvonFY zOP-)^f6m>N;CU#83ySv>q zl_$0o%_?gFoOC*@K3>Txp<}F&NC=P7gF{2Jy@I)Oy|(I}`7KM6v?V5>7HDj(16Mm$ zvmB}@r=nA?y)ULBHBz!h&8A$?)>2o}Po)+=AFtYi6CA+6B%49xSOu4GuIValUaw?R z=9;8d4ZmDn@<-=P`3q^BASi}1g~arOf(y$;8ANl#{SMyL8pH} zX<-v9z(GSLZ-pv}O_`Mm3I^vGk?w}#{5uz&uqV^OoP}FT)Z%JV9%%8RjqD$2S94Y- zDwppy1&SzbR;=%sYC)HeC5~-jj1dQ68v+)II2uG8 z^`xWIP+}bGQWnVf<@bi<;nnd!O-V;%rQ`_vC%AQk|5Ukr^tI_w!n(pK>W|;LY&9$r zj>ZI2+cS#geqEhLf$L=~_;eRYkAUbX)frMa8^$jG8pnj~J4+C@8G)vLc5w_4S*C1V z;D{9{;>CrtC~>^0?>iuMFxNic9Q7`8<5*UZ7?w;Hk)RJTh*%Nil1v{|7jKNAdZg?0j=?2-3jFuCp0i(Rxh-2>su$<77lz+8}L zTdEI}&!P;w)YXlS6`6jP%c-+{C*%0HaAD*{jqi^;`N3Mf6J+p90b?RnaCz}Ik&aLi zQI?1Yj0>Tq_8qCwS98eetG1)9I!z<&W^wrVkQowdV-JiYU{9-d5y-Ef6P}Xj%9!;b z?mpf;f`c!)7oK2=>Ns~$YldDqtiuk|0Q;tN;Lg;;h(& z>Ig|${H{zsK6a?pTe-*m0X6bqSMKHIdk%iyzbe=+e)0V_B#qrwIltJn&|_9-W_ZHK z4RhV*jEA(X3R?{nqbfB^d&C-V8t4Q@a7TV~eR@o=%DDPKeO}4Wn8C9$@`^XZ@a)dw z?Oay0tV0=9J7)uAogT)hDdQRS=y`kWbTl#4w5GINCI#wji&RVHT2`TlSa6FugkKJJ zV6VWBSsuS(Zr|hS1i#YM%&S?>m1HC|x$rkcRm~G`@7Ekl03wsixNzMEjn(zpF6*h& z`rV6pu&a#Q)HY#v05^;{0KsR?-M;%4 zNtC25F`J0=8o!&0KT8%~t*l%PdAO#DTgi7c-%5ch?)6P0Jrjs4164&5yd33rc{6QN-fWGH?e+~=_3F+ntOw;~aTqKnnq%@tN3y*xu-Fwd-q@qlDq=cPTd}HQNsouRU%4E_gv7=pVCU5FTA9Ck!St>De=DH?t zM0A0v02SQP_Yp`kc89mptC;3@{PZikjdnAtTe5XR3-LYyfq0uR*t-W zL$rl@?b`BTr3g<}@{(YU#`Kdxo>tU?milDsy#}1(Ko23zcOrl?LcE3b6GIxDd#CD+ z%~N*eiCet)5_Qs5?cu(1!RkVUzpDD+gl$BS*HRUf^rL+WdX}^Qpx83IeI&Be2Dxid z8*+`fN7c^(rTU;M`$_DLQCCXe=Br4{oeke@|0mB~S-!Sd+!FcVh1_v{PFFYMY?B=+ zAP%l5J4@-l`Q1DAGdxRM;!8{Cw<6Yed9w7+jd{2gK5E#y-(K9tD&_;K|4@szi+B4c zNFnIqwQS7U1`7fiUtjdXM^so(=3T<~3+7XFKOauat6|h{PHal1HZVzE&(#WUFMYI2 z6_b6|umNcw=S8+dQwke39Yc`cbUKFK70xey-Q&@80Y;BUgd%L?NjoaxmI5@gGb+Kw z-MuNFF&jCJoOFh*CK+LyL?8KYpcqL{{w zCz%S#ClGfh1zpj$rc0Ws=95pUG>!9LgB`22sO+HG2toL>JT`ych zc2u_l@7;%$q(|Y42bn(NhaGR__a(==z?jMk{u7pHZ)E&y9h8oVRvcmgN5!V zX+eeWn^{0}0Y6`^96di@F9oVMLx7jUH{XlkTIg3xXdDGy;?S>xeh6rf z?I4{>n~iUme_jj=5WFtm)!l4Mg*_%9JD;38Zqs}oo%z~cOge6D_+O9lT5n5X-460q zJO7YEZ?+<`NTqFe|D04V6)aHvu^dn;SU9!gL5tkF zuKspef*0B0AkS6OMMKXnU5Oi@HXlOYI{v|==h2L%>k`sA8mvco8H*6PYMu~DdAaT8 zCg^v7#_@W?Ilblc__U)jJ#ou#|5)@F&NgYMKZKmnWJQPsR^)sEQ!) zOznFX2)}f&sp1wts+*=?JM<|QsGM>4IjkG<6VDQY+~!G$j~nh0!NgCU$K`r-e5LOP zq>rxP_$r%7;4YMxN+djGUBWAXX<=xq#x9qnCOEkIa)O5K#B%t>pOt{OOG4_8O*c0I zzn2Sc%C*Wa@3gdn7x-@Plio4cUFozm{aWcZH9uKQyfoCNLPWOh{s{O5_a>aibwH0? ztUf5vS{;PHe<2F33FgdB4PwG^=)Qw4Q`zJKpTF&KeaTVt%berR#|Kxv_;K!*IJ<^$Mf>Y> z83Lf4CqQ}{-wlMi6Rsj?dET-BuTUh+7BJPSnbm;BgRaBy-!P4Tg?E8pHrr&8Dx+s9@ef`_iA zk>AHwRMVB~Q>1N{L_MRQgSYx7uV52Ht(d(EVqEZ~sKFmkJTdKM2at%-hNf+rB?d_N zNdp*sGc{7PzTS*7EI>M={m~IA+WeO_ufdx$MR4 zYgl^VnY9hZOTj}r8{mC6L<|kDxoH)!-E@I zDf)qu4@F=62yr+25k}5MI04bzOS^Y3420fo5?O*@60_s@-u)HH5@uvS?Gw~0NoP&XZ`CsKj|F1N1 zk^hhn37I=NIyo5YTdNv7=qu^lIQ}gq`uAjV&QCHq6Eo{4nVgZ8kdukyztj;iar_IH z{4?TTx#XX5|CNmBZ^gm?AtU;~vEZDmk#zcGgHt%-JWhvet9rdPV`ZC(A2VyiBol6RJo9dNybqo;*G(XlhE1cr< zWvI6jL)HxrWl%kBx#i%4#2yS4M6Oyl($X`QjwuIlcto#C6TT;O)Xs^|JvVz}-hhLe z4Y(;M$_QOdxSx+ovkS;nIFr0JINU62y@M?*eUUZ?3ZXJeCCgBBxje%w{Ba)&ZJ{HX zyx!0q_TQTin;7>n-!4cuH9z7cTeps3?|lO2gh?l|1&t#|c!s;CE29{E=`!6Fo{WBw zNO#y(n%o^kv)3WY^3S~1{?+K@gLex#@eLvTL~=0eB1ZTz`{t#@>#(A$wvS5vG}_Y3+G>29)`~{CTLd9{|IJg z|J3?$uz%`hSPB2F4(8wR(?6U4U;Ok>Sq=l?UrIe5p8tfS6EZS#{G$7}$q9QYuXlZpRk*lVzv1q5 z#EJdXz%+JTeDE$b3QZVtI zMQ_IOc9w&H*nKHxi7`w6>Ew>rhDDTvo|DW!@3EE{AEIRq)raxtIij9{F@&XL%bkh` zq0$-(;Gxur(|?t5*;cf!cGi#t@q>*BKNAn`T=bnk1Pz2|!q2pLYHbtm!%UZqhhAv# z9;1^U(?UFD0kLIBc;W49W#@kEB_GcR2oVwkA-wJ_JxCDs^QfVqaxtrB1|KmK_40R? zzGOhP{nfV~w1;=+nhe0Cy#wTScn_JQLEa&-&deY+ zLDWan5$Z3cAEA>ui895sHuwDRW>(qGc?DdPJ-=j#Mt%3o3Tm)76|9Uqyg2-Nx~)Y> z=lF!(Z+W-n7b+cDp~AVDK-xtF+}RNU%K$Goo)$@KMJ>I;{Jf zqrS|y$d!GG$_ZI4OM+`ktl4QFRIPA%_m$Uh4favy7Pgf)HflI<$({2tDWk5 ztUbs4xAt-3z*0vaq*0Y|KO*m+=E<(;5#Vvz*waL_zqqrfi>4UF1MI+yE9|hV12N?1 zub46ViF#6COzDgUFqOiOsQTlvzv{qk_m*bGz&p?KcYG^iB5d?u;6q#ZIS@N35**Mg zVuJ!)&1d8_Uo~Aqtrx5v?GjuH_Vch*^kLh((AEV;yEv zG8YOR8D_J)cFC|o?Y*3BQ(OFM&Tbjl=fCAV) zB~$sX6Stq<#x55Z#>u;07ay!DWIv;ISD?9t49B^%+tGy1_uTOE8V$c=n zRq0q{#GQs5HFnFYV-{1_uoN!hcH-NuvN}j7Wg+OghEv&CZB)zV#)wfkvM9!mnatV& z3wvPAP~rG9KJVim@D6visyWaez1!(N-?$xPtlsLZ<+*q?$dm z5(^Gvu{RI3uR4pA#^-mTu&+bZC zkS%@cHo1xLd@-DY9@Y+d$yFYuomLl% zAxHPMHLpbECa=H&*~nPmu9KpbTAZ#Q3kW^tEO>1;pAYr5Qk7z2yf$IS)A%YU%GmiS z2D$6`A>g_^KKrO}3;uhIa=n*7#2PY@jI=0|7dd!%n-@Foj?T~9dP)tL${(|b+^!4O zLAzhQS?6*kZh}V9&%dLYqAI7?1^gl{FJ>ig;Kp{1k~qP3S6;z;+pfw-`X+(GsA9|{ zISxy$D|xnaU=$Z!%VJ6XQ%8)RV2#t`m(Dh-}agsPsmQ$6a{=B)Q8~W83>5$jYq8P5;hVxxpmKhJ&*_z1K$W($Xd# zct?;VHI?>Yj~Rg%jw{-5r^6}|0xV9_Um&)qqJGTBRq$Bu0o6cjRB*J6S?p?{Fa|WD zs_phAba~O7fUQszZ+X!S&NyzAzw%Ja)9NSZolLy9a`yARqaY?2!W~wUM07HLC``<8 zQfOEFB)Vvyr48CLP@T>%Yiw+5gaqBL{*~B)5C014gYq14n-H{4 z8#-yEU<)<9pMVVG$*E?S*=M`8)bm2uTQ&Sxw(G^C-wt2|-a9mcNE=3E#31GU)q0;3 zE|plIY?@=tMFd+USeHhA@8^pH#^;RMCSZ7Kc-VIF#qwwpHn`x6E3{W( zlTZX#eX3CcTAmU7ZKs{K2}CtQFb(E+8)|k#-#W|jFbUr?OopkR5&Jm%ZdpeJu^ltN zEOw$k%1F5h*5B%iQ0y5z!|ofqzxCFt#i4*Fsq>ELuK`n&6r{nYt>khMh&w${}H z@a~0b77#d+ALuTOPUONhF@Q*?e_g)gcCFCsw4_*ScIc`9c>HChel@AI+j`MK^67`& zu;rJ4!(QR_9rU9WU~R31Z)v^4q{UVB`qa4LaPC&q4RP3?S6s7)ogDVv8@=; z=qH9>WsGd$kpHb`wqI3vx(Zm|JX1v;dm%zYyin}AxLuYGuN5<%{c|701DylG9PhWL zm(P?yB+g{6jTwVXPE_&sY7x{O*Ux@}T+ye7URe%8Vm* zM?#5$!mgY$N2yWiP{h(8jvEfgV47FaI9IHtsG>1@jfjFH{ zm-iG=xb6-w`Xw_s@^bh7YOM0X%y{T^lC3{ij3zH3@Q_i69ivrflGQ==<0ocmF--`P z33{r}#rhL7yE~XUY<7%oc#>rJ$SEYhK7hIYI3cXhPjBigqZ!lYiMQs)XbiI=9~qjE zgjDyXQD=cd#|up4V2U9VTPTsWNig67#AGZ-P+Jz(F2g@yr)cckrKJn_?s6ASE~aq^!!@I6;Lf8*nxe(^oV(6^MJYG2t%Q&P^? zSsN(+LeF+)aSxdUOJFY_yUtm4tMQ{M?H&Egy=snyc$?WSV^oBE7mUatA?>tOl(I$7 zoYH{CyQxmcq+0CO7_}0uEIjLsc*Lx}w~V73Ffcd-rO$jDr0sKWTXD{)5SXL6_OOjt z*+bj|$8;J^X2x2r5Uwx{s+(?8wwvxx=!C={Y)5rzGMm0@m2nXsa0GGDw7Ha)Wy#;i zW{FEBC31MXRVd?T4{0$E%eS_BPeG@OX$cjL((d4P`JlR>H>-#76vz%k!&wd>e>KwoAR=p>|& z_uV0MYe}SAt7~j+-F*6;q_^XG`yRe=-`kMna@!zyvU%qPF#UB&SgQm(?AR;pGD*sa z<%HdoBp4~fHciSn@|&@LNZ0>(Yf@Y*77zz;)$%b!(rCC{0yB`r1hs35*!=_0!Y5_7 zuhiS(a5#f@R~kKjdlR-UM>u=Fl_T((ZpFFH{9^tb(FB(-{D4kok$c5#cT6x>cXT^R z(j(jZJv7&2!wdI)kCM}axejqtH)`>@N*rky5oK^g8$R|q?+`es4+ApLi~PSR zC-f>TnxoS3o;~`WR%Q+v$GEmUTx>k#4!@eYTRXqZ(Y^vbk77*C0a_q)MzkWo;0yBd zB4fS{J#$#2dXNL>@QmX%;}Eo3XEv7+G5ogecp?&w${4xDf9wD={P^U6O*;p4dhIf4 zdLAG+6w{h($r2G8Kw%VVKc>Y!)gJNB&W}^QobJ}++SNGTkH&5gn%n5tuCkIIS5wJU{yZR< z#NSpdD((2Vzl06Q04$lAAHs3n6Q0q}V;*@HslUp)kan+G)FaMeH*1PtsM>$e*SAn2 zO*L`(TqNa9LgDKiH1m62j3S$a)y_S@ zJcPlZtRT;VAR`Cp3+0-@YwN`@b#TbH)f$(R zov5D90fNqM^C4HYis%cDa&;guPU(^lF2a}26*OsONHdlVM54KG^=;K3Rhawx;de~4 zC{`Y^Kw_;N$4C`tO+!~~E|U3to2m-wD2X{u6e~v6^w`lm&UYZxE(z3u8CV4%?3|+QWSmW()cufHkQ+Vp8WeF4o4`{ z(sT}c+6F_0Zi-Dw+Ze)~q8&tf8+=h-ZwnJcddZ3^tH664uD7ua@glPuZUtBIjaPuw zeAPxKf~(%~@dsJzDEh-pDPuZ|_Tzwgz$_f8`R2r&uulgN8JLHyLI(|?4c1ZOwi*AXluO6B1Z74lsC?1-}Izua}68$ZY2~P z_%MmX0Vlh;A*j*qUMEuY^_>BM1+NIM-v3m2HbB>ZR%bYBEA7d95v;QQ5$m;Co*Wl_ z9sQ=aZ=1d3TZzk@WW6r0>{@ZNLaoqE?tG3;@mr{QY8GdK#TM1d@)*!TAiA#p zI@C60-eJyxlQp73H}S4RxNhnWsWGD(^YeO_zy-d#YiNv(jiso3`rBIQ^~fo5 zD7x}SkT`!7MiV>7v^dyi=g?u6-LNV?Yua|fT%&`nMi5mF(9MCh>9$n2%;TwV)=Lv* z?b>M5KDGN1T3xCHt~y6JN5BXGS-%v<=V(?c?^uF;Kew11K-i5ZREAkSIVow6_&%pl ztVAhl0l{!1asGW$P3Hi@J$68CZFbWdwpkcePFAO#oiZX9cL}0+S`Ed*1+uLe3s$o0 z(@vX5c22jyUkS2gPK7nF4Yns6&ZW4bx}{@CIEG~*(861m=*x_JAyn?|*QM011}dmq zWxUqeO=HcMw36eKpY``&nNF2W66p!S+c%-JD?p1vpM^z~?7HUV;P4b>2EbSsp0PVR z{aSKTSZm>S_MEWD%^3(a+i$>GhBB#Yx6{}gpiu+2$2 zA{;>WpTvNQ=s@Hkrkqghe0(t!(2e_9ZzEqiT)GJNW0qCwTrl++n}`WS(Vu>^y<%I@ zta?Lh2SPAKU)_HJXEm%i03xff;&&uOS}Pye79{BRlY6)1`EIskx*FpW+7PIQZPnyzNvM!BbbmsSfI568HtXR$sh1(wCUk=WBbW}t~2ln-huw^tQ zrS_L;Ej^N+)cyG1@d+*Y!!=YDD>pRhiuMJ{x(aNqO@kVw1^a5I4!+{9Q{^o2vjMpTm?(@Y{D~bydE`T(@JEBs{j}@6&Y6)YoC@%r`V9 zi&WiA^36g9q$xj;-6Y1BoE-P+USpAqvlms4O6>M0^6O@~l%z*Y6miC=0mH6nNeNQm zKzXvx&pm&JpeoSP*I}m11-Y*&Pf8gHZ$gwQxxh}&!=U1EMN?6q5SgI%XQp{g3r!vMFS5@eH2ZYfd z;11Jn#uUJmvktgTI9Nn9z`hR45O7GqStVLbAeI?{65&Xf zazMJLy%i#ZosI?J+|Cm%Xr>#y#*6HM$Z~iGU%MlOb-7az9CKReY4}bs`bQFt5A)5B zYjGO42u4scW>uB}r>IqrGZu6>hE*Aq+L-eF2m4_#N~z7~-VA&4Nr=Pd{^(iO`9~1A z(Bo0BxtumT0GuQYrXvF7ISlQfNZ?@bs~ID7Hdo!3xm?89NlN7ircG|hmL;orm^|w2 zX!);`0rH6JUk?M;ioP!CH(;`Yc$0@;EAY0F9wzs+{X89l+0b3AMdafZc=F~$P939M zWhe=l5K}MzVgzUPI&WgMe(2O~HT) zMwAd9A&3cvAOR6H3MeQz!;F9mD2k%YD9Si4D2s?7sOX@AG9$R54hUgXL;?Aqs&nqW z->N#d>h`_;{-4h{{qpG7{jG1EtxlbD?t()dC#{Wf8kp{_M5*PfBIieJN~Rk zzw_SzJ@4nMpK(}s%Y#1t@DqOb#`FI8@egnHrQiJdq0?{s`<*Aebd%qo{KZ?g{lh6= z`pJRozvJBQh5zvWrBB`I9hYx;_nU71$=A;~`6=gpa^YRCc=e(;_K*JY9WVOAbKbW9 zMo&5P``^F(ug|_|;eXzF%U7QC%nf(C>p5$`^p9&UzW+&Q?DXR^uD|YOyKVHOfBntU zFV24Bvds>8;{G@N_jQ|Z`=$4PW6P^9Te9pEo4oxKcm3xMmz@2I?f%&MpL>?vxyxyn zJ?Fu%JoC}#uetU77k==UvseCZ@7s6k&wO^-$)EV>bG=nL>*nV_ zc*lFb|IjaP-C)s&pZ)!lds}{Lm-k-(hG+iUX}2GB(6_Jt(4q7PKmYgB54muskMyn> zUHYW|ec^we{rXS6>wEw3qiw&t^USt`+5dRucTaop@jw6guhzf&mdii?=*wSo{hAGy zeEHEg{cg$qw|1X0deU7lzVWEt-?7#G|9Jgp-~Elpu6zCI+rQ`&fBwrJtB>6CM}L0v zkG^~F57(XZ{P$e(@%2|f`SK(G;fp&yy2+0Bo^#XXSFAkheQ$r~#UFm)oaO6(yZz(a zZg^ztw_p0sp3t>fnX*VnJw=(rc}@ITl5_=cl)zj~|ne{#vmFFEPzt$R;+$DZGL z?_I5*9dp&67Qf}tEuQ_A{SG_v%4e>8&5J+u`?H5X-TJtrFM4=`llC6p+~4M!i*Nk& zL4W=9i68y1mmaa^%?G{UV_)xHz3kt&`q_Se_~KXgJAM5RoqF6$KYiW5e&ClIzxc=d zUHDHwTy*7$>pyhzp?~_$haW!w89zPZmDgPVy$4VI(*Mo;$B&kM;E6B&;^TgI>B2AF z^oB!UzWs4mZ2QkkM=xD^=?B*C{MlQtdHruUd&cq=cYpe#vktxdqaT0pD_ah({N*1{ z{Ljzdx4~ymeEDZy{>IZTTk_O9*X?`xg6*z5q5G$2Jh0uLzrVwc|M$IpU$XHX7oB*) z740wWcmKzC*!CR{{rZ(#Y_fdSegCr2_|2a^=)Q;7zw0fF{_lDBo_gx#uRnf^%TD;= z)<@j4@CBcEblpGi*BM^+xu0LP#S`DL;8%bD#rr=q`{OqrcIPfn`oy_=+m#)9~uP1)!U)Miq<;S*qY~`xKjh{X8p?mMUmU24D{j1M)15Zm_KoMK$S?)>;WZaig=AOG#P*T3e)U)^NU_iy;{EG9 zwVQ2s>Wj9!Y@-X`@VmGDZssMozrOw5y?$`VYp%KJ=r!A|{pr?sUv$!c?t0q+2OshC z|F`s}FKqO^!@hp_md{+b*9o_ry4g*O54+`0%h&(GxldT|wcFlz_snLmy6d&y+4d#R zzW@B0#ZS2NRi~bH-?r~L|KN4|-f+Ov{_v{V6E3;@=Id9z_r6aYboeLdpLhSc|M=|J zw9k3=!okxo-0q!^^=A89t=Y7D@-wc!;NUaP+UMb8UiIn^-rarftH1v*%bwTTZpnVD z-}bDN&VAw`FSugaPPZPsaPdv6&wIi>U!4D{(_a4Id)|NPQ?I&tm%%0H&HKt5NVk5y zXxl&RyW3~?d)giQUGn`yujqWSbN$V$|NE8~9Poup-v92Oo$|Jee!cgnPTBD5&;Qib zPdVZZ-yQz-nw`Hp++<(}X5XD(bj5)ie&TcM?eLH9y6P({ z7oK&)VV`>Q#}8Y4{--zp%c_02QQg-^PT6< z`@e&qxb;i#z2V@!Px{cGpZDCO?>uJ9Q-6Q*-hcSu38&6({NSNaJM+_MYE+F~$s#=HJuEfBx;*kNwx$+rDu3 z#ups8+sgN!{I&;gUi9Igjy}2i#Rp#f!c#x={X2L5^@lcp_Ntrz*52wp$Njba@CN5y z{pd|wTz1yM=RJ7t`Sb34+`Kz)``cS~-G2Y;e)62t)_h~Fm-YT*!6k!(W*+y| zS3K~Qv;Vy5`S(8dxu4$orS`p#{rKv?+;;tfIGhXI=fiZ=Q0`HRt}<1GioM-A%84;X{XQ@b}L?@lC(G_LM(dd&=`3y7^^~ z?D6=W_FMPc@k3V}`>(%Tw#7r6KlQ@PzID;b|NMfJfA;R3zw^zlp8m+PwL9N*?PE*6 zz17?9+W5(TKWD?o-n!Yzk3ISC$FF_talbz0pwn)-@civAJmj=n_Pzf8Z+v9it6s70 z%J)6A#o9Yx_|RY0yLyjxzyE(H{qHAV`LaFM?e*M~yBl1+%epsT_WobK`L&N+dC*B8 zz3X)wo_y+E=We*u!gW_a?U7BcU9ibX|8mzh>uojo<$XU{{e_R*^|?*Ydha3YU46`v z7e4gOr#zwR{Mw7QS+n!CS3hsfMH@Uu z*Szl-9P;1yTzkuX?f2dCsbB5*!bdiG=gFVi;Qkjrw0!OHPy70YXdkNoJtZ6El| z=3n1&-p;?j_JWuH*H7PdQESZ|zk1p)2Wz)F`*4VEf@K z&iwLu>%Mo+*4KYzi`y=K;FEiP^cCxNU%T?dhdyiN|6cp_6}|U9{kso+`+*Z5Sop*( zKYzpU_G4B&|NEPLdedW{yyd5F`02qXws+WM+3(+a_d)-D-tudfe(ClL-+jaTU$yBC zYu5d4qjN_8xW%&b)?NBfzyIZ>C%vq*#o2q_cIGx0zx8WdZv3Lr2k!dOksp1+iJv;} z@?T&3ogHsqf4kdXHhS?Ui?3b#+O^cG(vm_uLQt;>eB9+IrO4`nB(W{^$vpZgbcdE^Q zpFHmT(+>U8W|zI}pm*-^_^q#5yX09<|L%3&ou75=`tN`8-CrBs^4Sf(+J5ZmfB(TL z!*_1=$Uc9&bHks%>$z%)ku9b%6*i;sU})Z9ex64~HdRMq?NL_CwrJ&BmaNc=*+yL{ zX6uXwb5hI}&cvd^B)^iV+pkv4w$VH9f7u>q{m;j@e*E5xH+%Mov_s%@z`n!Mh%Ga%V z@;5iV<6T?)>6J(CbjHvAaL<+PH_fbl<9jyxzc;M@!IeAh_kj~uEPV23j#_-&eQOT- z$-lqkuluZd(?7iTy$_!8nxB2<-9PPZfBV8aTQ`34yL-I$Lnl1$YY!j)tbOKx^}#4cI`)J?*HKN-+K7j2KDgER(=VU@-lb<;bpFOSZhFMmzWnQ*mff)Tsz=^?@1s9F;0vd`f5jP(E?vF< zy%&A#BZocqr?ubx`wpuQ`1wVDTl3g6&VTfP)d$>r(V|oCKl{R)9zNid`}f=N8>j63 z?scbZ{))9L?_Tz!i@&k>o^S8F@tJp@dCnHSN3PnjyV<{8eE)OrTm6M?b%~sCB2`iV z)vC9ySM^5KZ3C)$8+6TUztyLLHuG~&e%EbNF&ouL+Cfv@0sS}rUzdhlnV*M4^M3g~ z3H5*mP7P+dtuD!3w@<}z?M|!Tqajx2_u2dCRV$9Os^<-fvf}Fvi5kO@sD*7Rj3c$8 z3c3XgJM{BVe(svzn=(TBJr(e^saVhcOqHZktSFTuX{=|F_ z;W=o(!;YF=x|;sOUT^92Tl9bCllFQ`cTCHapL<=Z3zVOUMe`GV{DS>gtz3G*?CQk} z_TPQsf&*vQtfoI(vTSxYe%Xs(c0I&_LVqije+Qm$%HYNoR?S*W176ai*<)88 zw`%F^u?8mNdFAZk%a`oBa?N5>C1?s4N4?G=G&^tAaU{L=&yQ`<-oIki%Hxiqr5v!} zz*SUvdyM%nOHWv^+W`x9pMBf%rL&7(vFn1pTJ%@5JMFY!HzI<*_t=&(B3LAAP|Ov` zc3qHx@q;?vsZ-ghi?VHZ5M+-uaPG+L)`dCDWH?iie0U@Y&lK3)WyOk>tB+kw9(Q0o z?jmCmTw(3ih0ep~fZ_363IY|H*VC!7F9_|PUq|0e_km)ozho;0)<&5htZg$t*nJM! zAJkn|yJzc}f&LB+3Y?~d!@6uabqIb~7kr1@o@?nko$1;-0B_5=%@$a~!c|buLOsdq zbbM3T>6vYwD~mm@4b)0JI+hN_3Ude4Op~oiY2WS^O0`v?xuUdP+Y5GBqY2_`R*JZztyKg0T z&UU}HN9)qiTzB_-G~Rj+cfYp#>RD%n_OxeD2Xn@0Z5P!W`<(Wzg`G2`wS82-?}r3^ zoHIU!P}tQd)0S4xNA>v}3>wv+Q_J6}?W6jEowogJCwbP!vp)a%p!jPm zaoJx}mXf^syafj?Uw!oK%NFjjaN!KK`OeIAX6Us$Gc)MV%us*t%&_N%C-Di(oy_gU2ixwPo@arkVKcCuyd&Bue{~<*Vk6qt_S5Z2U7BOQ_ z;$XCi0yuK=8fF}nT|wC=Btt@LkPZy0BuaWez0a(0U{KSF%+Gcu)YET1r{3!M@957h zWA?KR9)pY68`7&`a?melX=XrNIV|y3GfQn61K@^W#1beVv((OZn!d}tJ>O~jFL$TA z^d7TTN_ZFi8BU1M!5;KK;?mt=;fA<3@8R{(&t{Fg%Pakz`I}+4be+9UcRu+Olm=es z{;Ou+M!5h^3gxm9xE@}aqaL1Ym~|13Oh$S}CIpwkYH^$O1rp4^8|+q(7nCQXJ?4Lg z-wttOUMp*q!I<;MsiRz*hOJ@0JD(H=`3oeYV?B0^Bf&;rW%ti=Vzis~-~Md&)9kb1 zN#xk9!C9lhY5vB%k2o_ju5oJrF8eH!jfuE0d*@gej}N+A=?>--0mz3dPnMlrp8Ufh znIH437*~S14{Nn{hJK&v$dGXQ{P;E{y`OTvqr*0onvRlrgAf**S3DeHF`Y)Yrt1l##{hp(Ppv1W)KmD!rHJXz9H6Y)72OoJT&ti zx`Fh}Jg>@GvS;u}aLk(Qh8TQCiH&g5FN|R2!e$jId~fd7%_h>{SbofB7~wQ)rC->e z4HxF$!+b+Ii5_wF;@op_3!h>WYxS0t!>_3II0Ylg&Z`76&%mHj;W ze|9xS?dbFDXUXr%-C4(9ai`OF-FCKO-rYA(`1LaXIV~ zVg1=23tx7>!3yL&nYEkW(`TFSv7ZNFuaz0%*y@S-&OBV@ymZW}`CQoD&h*~if4PPn zuf)_4pRgK?X8)`Ug!R<6YKA|SR?W}0uLm5^Hgj0GS$7|{EN1wwld1De_I z_1%Ej(@af1Av>b!Vs@0V_S4u4!F$yaoF# z9?`A2yGHP-`_a2kSb5xP`un4oES-G|RWdEu_2`vL-%Q_d4E9-BCg`(ClhxQ(Rb3 zv<%|HijT)dT=H^xu(}oDqT_vRrvqCU;i3?OP$}$5O^ivcm5V~t%3Ex!0+5iIh=8LI%nr4PC$R_~8zD3Teq+w(_`aCG7_w{ZEg z<5tZYdG1JjVszZ<@4N-O9KBj{$C*2|8ANhi)|5)nVna)D6V`p?CRN@?uApzsFS!hR z)H9CIxS8yI^kLc0SA&ZJkO_0m-|tHQGfvZFON`>tb7;xruq|@dPyY$R zhX~hutT=qH6^ENj)c%Or22+C{kPwFq29jvd3Ag(!w%ZYyM%*L~;$AC`UcQ2MDU%1< zYr2?lfowb1=Dr-A%cPknq&(5kAn{}~b%NN=@ zM_Qs?Y#{NV@7faCdBG}Bk2Pe*KvK-c+wLGEIO1CgjFk%)jIAJxsJED5t~aozCsT-0 zUxYOi<*RdCbJ7CFl_`|GJw)(ba2lGh84cQ| zGn3Vf8`0~Qh+Yu^_^Ysg5usa&-;9uit0;Vz62f%j8cm;;hcG2e$bL<`5i9|C(j=zx z5=u7$jJ2{6RnX_om*Y{-8z4P%vx2z8t+ImLmziD?Fp2FBb(%yqwjTdBCKf%}o`#Xn zAK|ysNa*}KYi>#I{^+Uftuc+9rkIA@M~gyCiVgiW0)g5NxmIa7ri+H$7Y0^|CZh{Mhy^pgkQ$53p+~+@e4(`~i&|Fb=!HF_ywd^;LILU@%GuUdFFP!ez+eE2 zr-}n(plx8->-S7h*y~VAqu(7;+JJHo^ZO3fwn(Mi4;G=JEwl05OFT3*;ho8Em@J(6 zpZS?i+%{~CW(fE_Sr*%diIOL=r}iwXU_wCrOmnKwaw#T{X8vcs*SymA=3$~`msUcN zxfx>a>J~V#2=jQnHVtQmF%AzBL48uW3(t^wo-w0-pT%5K6o5{+aK#`P(CAaT^QnHY zu*cieIU>HQ9-KB6J#j3Y?(camb{j$ySIyUF3P6QV5(oEZj4p`u_gg&^##`B^pUrKg zv)#6oxQgs^4$g@J6UU+w*-vK1OvJ`Lcb1r;ztu>4Mfq$KAu;(33cV+mPYcQ_6c=X) zpc4UuYs}lD-h8SMlno7xIod`=@FE7f-O2Wm6v;-#lp3@4nt$)Y4tkY5TI7Jhg>#N* zlpYXJ-l}e%qlQYP7xcY&Fd@>j#fP*_o^|0pGvdb0DlQE~S|Z%=cF)u~mG53q0O`Vw z?_M53FzEr%M9jcu5X`+jA(rd^frhKH(`7~`#m6j495A=ogtz!Vy9k5&Z+Gokwu=i4 zoNX$XC?~F|lnqWEIfJ@S7p6@lc*h`mXoyX`_>yJN5sCXO=8{d94w9@ym=j7C96bk4 z*k%z#w$i3BxN*;6*4SGXd#eEI3EBRce0D{(9aCB4nyz01BBqfFfqeW$l5WyiWqQ3JW z3_ww=$b1qt7zqV+72@;5J!w9rDk!buk&TL89kz`rcR7OYX6UIqDe(clS5`rR95o-? zjBW|>tdK@}$ZpXAg$^flF!9$hk>4Iu`2;mgWPaP#&vpkTJ~)DPF$%YkYw5B%g7JdQ z4_VgF*dPA6&u6bbpVDm6xOevIgPthFW;VJn$_ECo)JEGcoy>eBZM6OVa*7-&)}wEx z!rEr5gTdZ|o@g>0+GgVl5y-{+Ww%yW%MsP=D)J^1U zpT&0Ro?g*^H~SY+gHWIfXHO{uG!Q|CDUlDG~c9nO?ySx&dgg zF%_A04Fbgp4$&a{DLDuopb4c}_3<<5cff~+(o_6#8!nhUYU#rqx8z-FIwt}{q`R07 zT@LiSrg~JV9*L)VMG2kyFtHBSB;>x!Ugj?{$2@aK!T}$Ztk{1!=GcxeE2lgQ!iR+o zvLmJ_CMnk`5UB{M(KEaKz6dN#wdLBLA+uD7W|0b6QheD&C5?bYKi;M`KRhdj*AGKj zxuQ&{`PSvw-~&--rpr|LIos6kpz*5+xSNWWY>$6A%iHYM-DbSoVY91_U3%oINKhWdAIj za{6^~ae&KuOx>HMfUZ0P;6P2mX0(Xa4P2Cr8qH?R&li>D+yQPtk>JqjF2D<)JvF@G zi0a|ZJza1hKua|>yx^AV;T3aDaa6!BeD>7v*0FnzJmiimxP?QTIxW2Uyxwg5VEHMr z#A4*$#VZ=eaiZGJNr=krP}clsG@v^ry`Yi}#{vbTcRa||Ke*$4Fz8z|#DOZ?r3Hq( zlIh8cW2l~jBCBYq5R9d9nOV4!va_p<^_TIlw#-|O2*z<`8?evfaf?UEm|__oglYHw#eI{CHHbZcX5KZhd}{HNt#b>M!x?ZsbVV<`Hupu&8tB4@-wB14d!c%Y}n zuk1AcPH+^rDZo*O7a-vPEWmP<$7QC^#p4FT8pUj-xUv4+`^XN)V-fjq&IGgoiqrC{ z*9zQ#|5bp8+!QCTOwKJgdFW^Qe>`sD;ZBMh>x;dQ>|lgllbfDX9HWGlG#)EzVSpPd zS~0pMZrGQbJi0W+j~+MiP$j_)H+6a+Y3A?e;c!iE(sG0CqE+Mu8oM01v662LFBgTn z?ASl5ZE@5Vtj-9eaqieL>QD|GB!?{yw0t@2%X;j9?NqiPB|B{9-H+_pvGM|Z z?$`kVRe*==l-T1uN~a>?pq?|)#Fb)4x5%Ka6R;EaPPUD*lB}=?&pJGOE0doAsO5~_ z<8G||qw+6Fv7y>vJhoJ1V{+e(t&NprMYq8gD+POGXKcxg#}4eP@+Ap&xCzN4yn_#0 zsmP8=bWG;GZF^Jswg#HSc~~bjGu}Hp7*NK^mJ+$_q&l(Uai7+KMc-I0_H7p1U|XHC ztsy%S;CY&r9n^>&TVmz0)5r=-2c7qkc!r!i*_qG^^Rq!h*~z0~S_{3$TS}w2SndnF zkHnlz_=;f8nDA%LZN2mu`w6wxl2j4EXJ*}bR@YS*|Cz_Ec#2Is%-mH zC7;EoD(;#J*~w#Lt$-05<&-T*XqI$n`Rss6s3|)Y*r{xlg&jRM=2@G@?r3F0*b`TS z9W^$_k)<`+NuN3sEo-4>iIDgnUCa@&GiXsih`Z5=uC0{pXjYkef{Fv-1nk654%iW- zY$LG2Cx@)N$Yq1E+1OaCkFtMMuC56-q|3%77~4t|+}S06J8Mq?yk1U~x_8`d7 zGW>aMp1w&5E~`#iqKob&Y^Il9Z45}S))>*Nyw8s4F+H*JJ{b)`rIw@(=J)bG8Bfrb zcGJFqz@Rd9_@I|iP7deRh64(a#o*{)bQ zvfE-0vuZn37YDsogq^-`!Hx_?j`p-RM$*8 z&X^X~xUIy-3=KUUy-^8V^s*|_2v4`VRx>7#m=aixc$XUiT|ivKMPMBu_5%#8ezAh( zYJgGEV1d!<7oL1yjz24Z;nDph6@j!^vtZ<#@_Jo6M%FKY>EeLVielrZS4PexobW*c z?j`Cj#~pE^xl`PwcjVE>typ&KiL=X>9yx0#xwW%ag{QUGDx^j<3BSVZv8B-eP|$SkL*r7TM!mr$5lW4fGgoRLl~(LdLTbQ$XsD&s zPM!|wO1mXHPhU}9Se}LE5!1ynp9QWaQiFx@3hJ1xkvjXpX!4LfBmPv>D=h?WfRyM< z+BcV)tQEnN8mVCRJ~ZyD_Kix7+Ad^E?aQrKemcl1tPv#!a>N9g1Q%@=Z-u6`m2tI+ zZl(1IicIF-n`Y%m=K&c7cPUtOuZR%rrhFRmMAS$jy7!^xz2)2|c2je3U7XB19mcWr zSXp_D@vNX3xv*A1c7k~E>e1R*nXP;q@T~YH`aHE|BGKj$=b0DbiGz8VdA@a1;yG?w zqdbdM4R{uRM7;Qw!B}P;<(UhjU9B-ZYjKNxZ(Vuj$E^oE8&8KHi9XG$n(NabJ}9;& z?$Z)Y5P2j7T@Y?0B$7z1Pz2HCIlcZm@M5(xFj$PTN4aS(1I9O{#z&D=a4k<4Zy5_b zO`I&2LMv#a@>^n=v-?w803A)Fm7{HIf+;=WClZI|Q&3dg*sw4i{6O+hq^-7iMA`R7 zJ~ZlZEu!Eog}2Dlp&m;cC!{_r#q>=F-y>Vu@rs<=SYE1pTfuWy^@^WOTWQhytYEdU z_MuUpc@f^ub#3}fwr)y1$NhCo#G(1bF&>WINCf*gJN9C4@=8)Te>6L()-kA``Bu;{?e-rFX+{- z-(#<9v&)mIS(g2rB%?TrJHtI=8O5xYf;Qie>$|q-VKVs14yiWQYAJhFA*IN*7*<~W z5E%s&tr;Jhr99gmBBlH~gJ|yAb8evnG>vR!oLpOghgS zwM^~=Ab=0#<^Vp;bh)N;kId{Ht z#nXNXV<4OFe`Z|%3&~Mr-;*4=U-ygwY=A=6M4ufP1FVLd+U}Y~mW#T(yGj^nc9%=w zj4_~#bABWr4PP+Ez;1hsDiA!D;s@5`uG)=pKa<@-`9gwT!aOoCKEvKek{#m@7BMFL zYTSnvaTT{AEB(lntinxl#}+%3FKAC&mu1f-R^Q~YwtNrH1rBCMJOQQ60{2=Gedba4 z;Z8~ilkhSywHW8wpG53S=7i+CF63h z+%S;DS#+KuaGqeMKn|it=L4<13uFNTi;Be7@uV1pD!>CzY7+@Wiiy{`nA51CM=|}U zx$vYIaw=F$42Od__oP8|h|_i}@}2hm7;@G`oO{wBI;=4$y#nG|*23Y~W?76>gzf|a zi;5iAl4(#Kh4r{h=UzXE4ug_hj9F~in-jC(Z17^S#`Et!yL9EMC99XOTw&3@h92X% z>S*)8MELs-Ms~^~^6-V9;=o5Y+=gtLIvs>41nBYGO~l}LfHVfcbkw1T{Xnr5Y* zCg9BiNG61Ct!*^pIZhm0Zod+@#%d5yOJsnM7t4-^lNf?3t19+G#NRk1XFu{olevoT z%9WD84v^deSkwLRV{P{`u*!bqM^YQ9d&aXEI4QAIO)ZzGNFMl%T7!WT&16?mR0*!C4~OS=?e`nC$TgN(_Tl%M~GK z-l{yqg%(#q?02PfvPbM#thr|m;w>EgTM=uPON?NJ^g-P`;N;7WUq%?~-AQwhVvI6cPWbB|^D_;gQgWJt^ zkVw(m5u67nXdfD<*{&g=8FCuak>>g(_t|KBQ*xgRh^0BtK6tS$|3yUbvI?F~wo~}g zhGv@~a7p3!Mm{u3vsP-)k{|g*a-~qglds(p1Iuz4oqjpawpZ@pyz@e#6{q1hcudDgjrDUm_M=ua}oX~ zYS&A=n6rW+{0$s0wl!1~ne-t%QNv#aauGs?p0`dYmgrY?=Bq0RLnvnB=ENBntqS#FUITGI_%Clqf4HRt4V?xB56!Dqw5>j>Bxl70f@EezqX$@Ii zt#rF%-&=0^xR0d6jSPG)!cSxy?%52~l_~LTNGS&yF`{?=)MC*_qohjp7V<#zhQ&_qzp+v ztonDgJP#tns(GvLnsO~M1KGad!mQ@gJ1~f( z;YO+09fzCNTtgm51`QEiY)p&Lj5IL25wvufv2=FV z*&|l2nx(N&NrGz`KL>FU*yM+3PrNalnjUh{nd+k9AkRaEphyQ>=_WwzO1JYYxpqIB ztR(pu=V{FyocULCH8#;@0(n!`=I?-dt(d&MD;|Ycz%Nb8JCpfpt|51%)N&CdG^X&R z0&8-#RcV{zOu(zTpxn)3shht!#+ivXpFr5OWkfcoR!YH9m)z(2Cq*(_U`FO{2@tT> z+>YD_`-d=E0@#zeTLS1|%_ZbM*+1XV5+FTLaS1g7H)m3tvWU2U%iVDp-D8YZ5q{Fa z@yxS{LuHhE7sn$Fenpocq@>pvU&$ijeCV51as|NQ!Sf@)2$( zIOe`u^@a&!?uzKswuAg!?wA#UP}3!mwSWY{q}J;V@7)I^-S$l#P}TZbo8!&(vo zv4paQxP;{1F*vYdggrgJ>)1V4LUM;#e*4(N2JDL1YcUV;!-UK;M9P`kqE0u!?cvybp{o+AiDtk4?B4>6h zqlRWUn+K7{V+wMr%}g01WrjK}CWT5~y}P+~ug1XSdJC#^7|8d9ya^-a1$j4L^xq&( zuPCwgRsr9mXk6OEFj8KHpT+1k7^ys&a5eRljFea5kN)b}7Ujv@PQATo>N^=Jufos3 z^f0KOQ;CXu&ngm?M*uW*-nZo7@8)zB@I5v4B98=uBT&ya?f?HFQE`7-WiRsRAUGBE z@HjA+dx0|<>g|O^YV{&GDfK8XmOG|7T?Kqk%~ceK>cEZTc;-1>MV&03xxGH79ztBoHh<~m~a!yGx3S`xe8vv!eYpQho-dZq>N|LQUo%5XiejpyJNrUnT{{u zCa1?Td}vL`x$mV;WG@cFqvq5gCt8~-2!@4a1%n!reaPSdBaq|A$W*hNT65jay2;F` z%N|56ME`!ThX?Hl!ig@pxf48cdar;u&rFA60FG>Wh{0x7mt2SAA~PLG0XVJcA+B}i za1a|S1HQ+k!= zUe{LSC($50vR$2%9pUO^M6pv|(ZwJa?eLwuydW&HPidPBJvnK-zDhJ}?z;T2qnEE- zwra^SN1m_^4SREIMqQF~Hy4CIc=DT`Sb)t`D4hVgg=Ymih=Oo-$n=nd?QDoVKS~Bw zEmNiv|}rY(#`=osjC5ZXkbIZ-rSc;E%nZnG;^&#uCc?b4ylFtSz!qc}sEwm4{-H2U&`coikYByr9#vDJR za8aJ)fpbhypdHcWIS(SdLtwXRH)0na0hE8V;o0t>t1kTBh*rmWRuqu;B=U*oWZ8wM zlsORjiL0^#4=T24X(Ewz7jrwBVt{NsLEmkCwg2Jqqea3HS*3SBkqi+exhBwSJeXmL zxw7P_e3cm@`TahNgVTGBA&e;n!P?;o7XZ&P$wkB(qC7104)I;AtyaFQFhp5_wr7ZB zT0iB`#bRaU z+kj{}X8S~ImI!OMwGWLGtyv=MZqPo_S|ZzsqU@YlBCa@hchG5G(LOl0MEsB}ms?|r z#S*d9_#fWH67g!hPsBES4X)uq!V_ijLhGF zl8Hz!D}KYzCK2H}EO#UMy^#-P6|v=uLA=3;LeYR&U|K}iw?$du6Ov(xw(4yit#@Ya zVL6wwt%WVhYQpfd4bhq{!b&&oL*qniwg_uVwNJDW5DeAut|{bJ2@$P$S;-Af!+6OxMa*#atBF}8h0L0F04AQ{(7 zwj9edZPq@Bi=nA7-tCA}!KHj#VIQ(8FjwptttZ7?F&2?xwhvk9oBxS6f^{{Go{MMn zP(HFEv7N4)t?yx#kFwS%vr439n9Z*Ch*|H5)59k*E8hmpsz*OY8!!u@iuR##W;Fwe zb&=X9mRcOC3vBiHVcx-pL3CMl!$$Mz`GIkhg9R=MT;1gK_%S+6Qwl=~A7Cuii}w)! zaj713dh=;OSqatfQ8lQ}0~IdU@C-8{1tQ9+Mn{ijP8uMy;q;hVQKW#hJPKhUqKDfu zzkv))9+I@%-T6I7PO&0E!Rl;tR@e|A&ZCgv1{P}*%E@CJkPk|;SA%F3kX$TCs0+9l zwCf#T+dV8y&;Yw~>6w6@V*}{JjCIf5&Vfq~J9>8Bf<-HjCzH2=jGePA2!oVm9k@Ho zj46r@r91qi9Nq1?I`Usti7L=&rBk6yX-%?=7Fd#YT z$`gXT^J9$xqm#-&+&sH7AP&QoZ{jz1B*9@4@2)jwCy@bgsv702gV}R|0*r+tvG>z~ zBf%No8q!b(uzp1Yl#qeKk=O!_5YXffWWv42`zvJu?%u1mjrKnGF2SKZH8gaRy$3E7 zq@w@!9^bI;1v**%4e3AMjrsbIl{^*q9>NX{P<-#RS|ekSEPnwY$2C=Y49KK=AGfH^ z-e-^U3wSM#M_zuT-Al~{jcxwWnfTem8$gX~R{ZP^F#su!%WS^=G2lAkrb5NXOH>U| zV)OG84zDaw{2J3cC*AzGDRno$NWnO#2d=8JDMT*?Lz@quujx~4^F7axS1uaYviZVk zu=%-X>Zy;`>Qx)ZiJ>6gT4{h1n_svgd7P2w@v-trqmHG~3CaDHW?&H$WR?OscQZxz3qqd`|}pSu-kUWWI#9_G9EbTkTJb;*IiexS==AY zAGQo-{qAV~pf#X>_Z^YslW=)fS}j_7c;$3e8m@=dLkqB*IF+ijaN7m`GpZW581QZ7$Ln058-m252mGn9=u#J=0a<5ZEc%9>f2Oh$TfKAa;_b7X0)W-G>Biy9x@nge&Hxt zh+CZP^?~(kjM5Afn3%9r$aD5N%lmnV83^q^UHtm_g?^2JndB8+H|nYuW(8{_&O5e( ztLlDgj-@M^o)zeiFbmc0yE7!c6y^}$+rwP1vMxD7+b7-yx<)BX#!V?q{!Sw;CZ8sW z%_6S}f=X`%NiCP{gsH$Zq5|9%A@O;E2<48&zlkT1=75u@fy1-5yCI&baQ4GV*(y+@ z919RD=bSnXH8OFm3PV_YfT0G+>@?|r8Eb`~VBKu-3PWJk{6+ls5L1N;R(GETS+LK! zOYrLgh+c3xnlMhX&#(~+RN3b&%Nu|!TmrWPc_)K@wW*7sX+2C}Yk(5_T(|@&cy~?! z?LL-SYSc+Q5Z_-+2Pzod{S`z$bry(KkzhVzA8Xk(kdy2$_+$lYw!gBE0m$6?_c-(D z@2@Scj98pdk1;u|0gCT$R?KPawIwzHWDGzOP{K}Q#!tcM>@T-I2H|r*D`{1pqt(Ys z*-7_z&~|)bqD@rxH_Orn`0@M0qt*4aq7wlCz zpw#}thbS1`{ne9(421R9uQ}+aMhH%zznDQ)pl16k`xxwR?nF3|8SZbwlPLQOfsh6$ zp}&R0(0W;Ef5Bdr?=LzG%-bn|oV*}+Z7IqsMw*n>uPo?ed7FkPwwb=N0^17IY%^uk z{LRd&9m)1-U1#mSEwD`5K8HJqb~Hfo&CCiq4IsO(zA>&g+z$aInoXU}%+hfIPkD-q z$~8UrkEOAbZsy1>Xu+hX#vLblv)pL_GEZssw4PPkOwcn8X{ec)7S;eIHnVUAOl&}1 z;&8!$<|fHY4NaKjHBUbnN}893JUTq~wy6~vBfRg=98%bjo3uQB|*VipPKULMiO4W%t`Gz*)jzwXU!$irC`iGBriD#3v0~zi}DJFPeF@Dfpb{IpK+KD zuZ6=5q#)rcU0%Jkm&YqOIR$Bo*W8Ep?E_3gUg6`*<<${MxFXa58KzpCJJv{(!^=L4 zvs|a}8&C*4R1VDX1?};ON__DW*K28Yl0OP|ciZJ)5Nx{vX4NSO%v1CD+--N&sqY4J zZMrhXyn&Z~_GAR!sw|76_&&E_`*Lj3&r)P9-)Uro($7p*C@^5}EAC575izl(KzDW| zOHc(nk~@$fx=zi>b9W@Fh?u8SkVZ*v_p<_W;#F(Aq&HOREpikQq9qMbToJiGnm3w{ zN}P!dHXN(Yr?KH+8Wq&;hKq&uH=Jv_4fY^}Obx(`ZFqa^-0E<`EE2Wb^He`e00tm) z_rTe;kXT@%oLJm(%xx;%aVD$O^m2K&-EmF@`X(1^Zp#5VCO4|uartz2T8wHyV(u=2 z+sV}Awb)Mg$C$EoQg|A#veAMiz*sm0t+Sj|8;B_9)!At9${L`AYMbw455?W}!A66> zCvrJa6rXk zWDRa?r`^JmJ|_CgcRI@#`a7K!Ws|qI`MHo-U_wJ0?lh)CH9&Ed=IUw|J$qCNM6Z%F zslL+?eJg0)oi4G9Txn=9Q^ezCda&|X<1e<;?V*$Q;+gsMK63%*u zG^ol}!(J%lrIfmGC!F^S09A4)-d3Y`!90+H&)rQ#g5?o9OfhKV@^YLsmPS>&f|&Ma^UI7MGWs#pn7V+~N;A!KDmX2-2)(~esrec{HD z`Q^Z>?|3{ib$8s@K_!mLN@vM21Su3OzSZDPvf~Le%uzk|qGNV1D?%oMd7MH(?8JTn zbC@-DyzmQB>+kC}2$V)0i=ea9>5Lg>p%l#Sev3~CG`#Q?L4qbVV!+*R*Y@_hP9rmE zsbk1Jd=ZC6FXO9PD_FAZb`{; zD=P;k6%0}+SXQjTb+^Pdy6r(9{b4`V$}Ku5qU{R~7r%Wwd!()qyA#pss9$0?|tEzgo;0h#7A$Qsj@2e}k11J-zqZh6lQ zYcOA^U=_{E(vJa3@foB{YS(@rt1&gG;g(}&RRa`vv{|940i>S1rZ7eTLn=&bDQMlT zE;)G>GXugBd8`E1_=|0|+dkUIe4zq0+v$=hfXj1Pxvl;OI#lTx;c%Dm_=%m)j|jZ7 z(2hIqB`juF9Bfpn;o}tg+?^I|fx3u&52xU@`&bh^=}x=tqkSCWuRzUqy2Sq%BLX;= z7Z8gTni^6?r_EPI&iwJ6&WcZsPIK_=g;H3tk`ShBl_sWA~_?YQScHon@l}jJb>Hs}0z6$60KfhBVx09GtCC7y4_Lw8EQ6 z->bjTaGWUzRDGktWGQIfjV`ps#Vkgh{IqWoo3#FW8jZtK6{Mok+}Cg8Ul(I>7E$}J z`xCeR_w83rqR}oOA(J%Pt}HY$urpKGXw0K1^f?=y&C?9DMQl3R?qH+AHE3uj&}d9Z zDM+)87C#bT%>9exX?&zu;;A83G#b{X0SZjFv(Z`gDs6P0_JRazKtob7v+0 zO0rz;l+`{aQ54MXc8d}8smzLl=}{d4iBM9bVRpCMJp^|%EW^~+IAQQKK|gsvOXau=Ak?{c2>K;#CP=K2 zhSuE?_YCaaIbud@Qj!T{?hX2CJ9$6V_#P@CCRH^+2?Z=nKj$D@!fznd5Ta=mPP*Z7 zv*D_sSk_>}3oj9%P56h{hPP+jqzC4-G=e#Zg3f!_!sTv(^I3r_!$(n+6AMPMpX#zt z>^S%Ui_PP1P@|bWb}quCjzXWa(^-bd+i8YG%i3qLpK%0$vktAyjS5G-`mN8$Gby^Om$e^BMqhTub8vFs5=8wC+ZWtqw@cj~sp; zbC7C~k8QMP!!bXmAk8*f_xub*c(vv{;I+~z1T`Axmui3#8(laRyE5Oz3~a4%#QjZZ zyAvI@?ndj!B8Fs1^s|=(Ti6;w>u$6gKDFKOsgLO~jaatbS%NK)#=^l!Lyj8-4N`sb z6B3Il9tEvSteEitbM9~a%Bw-DSKcMoje-JVW#zowl3a>Z|SF11xYZ2j-qfI!+OL{YhkWuyG?3^nKczl|HmA0HquhuZ0)Q zzJlufW$|1E+md!^dgVxgJ3y%%K^~|ey;O8EAL|lG6j` z-z>#)Ay2VqMn0E2^yT4#eb!Ll&|(2?`DUP@#nhz2nA-2=NG=m&uU-6lw*fvesvJ%r z8_`h^{X~B@+63^aS$ffKbM8|^#O6;TrdF|E>4q#!YbhL8L7boD{G8dK+Pr{CIW|%! zG}J_#yI?>0GpIOFz|Jbn2gfJ6Ap1D_vL@pE;OFNr2C3-+ic};g-t`k*^i`z7+6JR~ z{`r1@b+=Q~Jj{jFp5}0-D+btQ*&WyTap|L${q|fO8B>)ih7^_~43p0g}e>DaPVt4QX>V z1tC-LyA(^<6s&^tl`h5Ljy2#O#b5`0fZ%DJz&ZI4CU@Gtcui$rR=05At z0A^3eQ;r2#9omFuO!_D=Q#9u%t%0OfyeuLXFKaNHOEVnv75pyEBDH}uiy5IC;lSL1 zHPY}`m1fMJC@@nr=Zn5ra)DXdH_3tIUOl6cnvBqx zW<2jFX)bYrT=Q)Xj=?PtK2Wa_&7jo^%!JV>hA0fw9`FGcMQbpd(+nY(g5QzmELY$g z4SqO?p*gto!TNIzzbnn70UWrzSOc>u3eXhMg%jjfa^HzeJXOKD5Y_<2&rSSfJHr{D z1{TqI$r=lKwbI;@`w@DzE|FgCVTE4heKvpVrj}h|;}d5p`<&YVT|Z+{o{TgXXj@kBO7-H2%qK zvf6w-n8HMbXo}FuQYedYH%WBF-z1o^5M-_U2w63;>E!4~*O&h(Xej>j!2o^!u5kkSEP96+7thUW>qCpTy-JX=+?@*G@A zVxhjafXY0B{h3^zvt|Xd8*1D806QNvn9b!mehhN$Mu`K2nG!+r0n4AY1ytr4>`x7z z3;!q67d?5#+I$UWbDlwA6#OpFCH}9NLJ>TXZGb%!+5#%`+{h0WvnDv56J#H-JYR#^ zm}g9HqiSMwn3S9%r zOhYWi!DG2=lM=nMi>|D|-h@Cl8lr=jwHNei<+;T-M06mNnJxnvtTB+Pw1LcX81TLX z3j)b3Ur>W=H>Nz44RKU7%bWzFBdSZH6Qoq!c^P3nw<|i4vjFCn6rdtGS&Axvn0v*6 zl>d3Q5X;)-5^V1<`i$Zw@wbo!Z=Q)0+apXBm$^<-HpJb$k z@|-@;Acxuls`89kD@7hsJc}lh-QcuM029<&gV~&CP#6Wj%QNR>g1Q%O$gn&IXIxvl zKZP?cCan~lDV_^Is7@;wV7tfM@C*v0;CFd0@q@**4~n`xdB$pbZ2^_#8SIaOGr@B) z{)3*#PRWzNZcJhPM?A@kITZ!J%X5hz%qsSkCxi_qn+Os+6JYvEL7HM(bkSH2)e}xU z5X8A{)d0mWarm)F?3yjM7GK!W8G!G1=+$ari!=T7d+9(K$V3y#l?9Rw5~)dcV-tvZ z7iHa!$Ye zoM?z475pyI5{m{zv(Ca|y zbv59X`HjaIDSq?Q-#}XbJo$CUpM*J$=KO+!B>5F>3;50bB3*v^3jq0R#4`lt3eFVI zqIt#+vqSV@f*NZu8}p1g69vCxC$ij2z_S5qy$NOf`~`po`X?6# zxd_`m+e2&{N)ucjlVW~K!6!bZl;7M7at6uIcMPX6?j@e@z=Vo|-?4pJb|w&H_LN{3 zh+l|xoA8TyDFt7O-`x8RI4Kk88H8dQ%;xe7F{6Utpxnj$!lF-0%yrqJrP$SG3LNmpi6h`+$8y8t}^e#$$^FzgeS{;nyme zFTdDzrNL}2zn~yVenr~?e)E$d-RAoOGLfT;$T8R(1!sz9(LBSmRki>osPUZej5!ho zzbnTjevW&kYz*q(qYP8SRw~Og*c}CDis!=LaXKd88Ps`hc!pewg5Tjen+qGrGy6Le z>-+a8!_>ePm*-flkLf4{X^QE>^T{k&U-3Y(%b5nB!$D&0Sf5*;IFz*5D2BIk+!}CP zL9bQ|>D5XJy~_LSycs$R@O}g$0}@%jkOr|nPMlRX!W9|)csS(#604ei+2atqv$O@c zA`^-AageV9R3s*g?|rG}rYXBYJXy>q8oP!xoQ-`ACR7ysF43Zc!79R5_~B&3SIT`1 z4)j&#QxyCzzZ`Q0XDR8`0lUy1VwaC57_IxnCz&L}sK$ZwvD3FMbOq|0x@DOTjy$wSrPH}`syw+ZAILNHAXn#wO{ zBdYQ%+7|H3e$nL@Zc5Cy->Z;5~7Rwf%r_=N&PTPq#OdRFEc z?2UpmA;(!Kli`^IIG^V^_H#oVj;r8zc`osD+{$Em_U{3QlZ||d#P~xTI;DBVw62C{U);`m#T?4)H z`56VFs^Er$M{3cODRBEVuq5@3Zge| zXfhCo>in7^K2&sWh>qKEmuSh#1VppWg50);sfjQy!KE?iFg3WwcC454YfrSyFAKJ3 z`>>H`ZukXFQRKtrmt)O9O0r%j%5V60#zX9x(iTve=Xk72c+8RFSv1ht3pU_BOi*V{92)bC$&n<_qJ6%-C?>;@ z-1rLsIn)+VndkV~I>obSBJs>=m;ffIwFa{}&+)U1V>ft6O3*_+2;CFd0@q^hzK1rT~JU{mBXbW)VId%rXw3LE0!F1NU zWF*=wIq-z3sWQwo#8MpGl&4wZy}iR?d<@5`i&`90nODm*y;?1#S1Tp0A=?vrwen7{ z{61e~5+1R+$iz*!D>58{1}>dj60B+ld47C?Yg%O7AxvGTAAD%Lq$69zQ7Vt`3GFnu zFxej^YNOtmO7?@*oPZG5lJT_2X}AQOU*EUiFw=_sWkrmhsAqMW5fTaC0t zbKb`HirB-W;cP6^I9*r4?-DKHXh3xCG^r8CSIUIHbj@J7yTR0zf-}XlXd@Xxbp*}O zRz%LFTgOa`g5TxYo(vVW%$+7Vc#mgn-O&W4GS3jND>xH8XWdJNXVpeyE0hMaxjaJ{ zso-~c7VY!pxfnr1!IIB2gu&VZD)SrZn?0CL!bXUtnE zI8!_qevmUa0ZdS94Q6Azkr;#G@?7Evi>Wmf<9BK=wYBw-%RfFfk5Ax8N049XE z8qDTAgTg5IU7kz)Aa^xcc@B=Z*wUjdz~wo1>`F}VNl0|o);ul$pk3 zmklB#F@5~%rI;YYhXXopao|j^R-WnA@=dQ+8|l?bOKZq>gZG3`Hu;nMtXP? zJadA5J{s1>dW!iM1;0zS#HGP1a_>n;F@FJI2ebuvWa9xWpc-tJ0yRZ-?i`1l&Iynv zJY;jKjapTd>nxiSP@OwaI@$VECw!+%H6FoyrZJ~ggK5!85^8l8%@BL0G?{45v=PXv zOp6KzOy@3?&gMSTAc@)nCSV%k_Zm!#LK>#orh7oKX-WgyoM})R1;1lHvOJB?bTN&F z29Wp*NHii&z%&>l1!=;1WF1e2Y4(~vP*CoL>OWd9C`8SzYUoNJER~@$#mfnIiC}V1Sq!# zw6XO_%t>*W&XP5O^~gOUy~CGjkVI_()nyvn!>6(D) z+#}K=`~`p{Y720gc8_Cz^nqiQYj9ooL>?^cL&XLw4Jvc(#Q2~G8ld=rtQa>ll=)Rd znO`;JD6ch?`Bi+~LI*aU^-iyLEv+HTKD}Do7%V8^BX!{^o=_e>1b2vYfRz=yiYW@{ zi%ZrtMP>NG>D_iBi8CwT1ILD&r%~JIY436bJ+ik&kI##*05q!h3hX)9u|853ye-c#w*F;fJH7m34{9&xTREdqNLV8FJH)`5_A!O%0&T=^4s! z1%Is&I%#Xw1#E)N!eoxJC|BG>zul$LdU9_@i}x1*3al-_+blSQ_Pfq$AEz-ZK%?vv z#N1U4WqO5=GvTkA6Ae+Sg5M!JOC$wE=gy2|(O&>)U7Bb(f_gk-(oDgb;yHIzoU95; zA@CXB8qDTAPvCB|QN#hyxg#U(ba@_4Hb^GIGX(t;^UNs7`H=xpr>~6cSeMDn{6vo> z9@=pl6%R!`=_a^sWsr6iWc_@eL0>dMaSca=XRx3(c+UM0FW8sok!=&2Q=UPu75uK< z5c}ZCGlOKF{ln)dH9e*>&tO0moN>FsC`6vE2?@jjwowy@#&!eqH41*0XWbEwxTnc# zrGNAsrKZSK=GlCAx!$FCF8mS?VW{=iCpHxAN@<=!>?1sytU3 zdNb6cz4pj96|p?4LvKddAEm);F3%JAL2mk2>~ro1=~BnzIW<+r<=HuQdJ#vZ@i(PR zXKgm*3Dxm8Bka~GXBrQkc2grNM*CXcfW_a(TQ7sthB6~^$Z=h3C^PnkG68PL)5+-f zmhaY3hA|9f7=zC|Xi)ir;%78F)}effjV6 zae0>DIpA63++;rjw*va2Ex~|7r3euEB=bliqNC8mTNDU}6 zjbT4t4r_qoVLv}Kk&S@mkHUB>$E_j98}w@ZA-&poj$Y+`GM7R2BUlJ%PWeKj;l7jP zQI>|OrF|AlLMgzR@OsVF z5A<8X?-DIRvrn{)mjTgikFYlk*g#2Kpcb6<*I3Fr*JEW5rOKy;|VY|bxeb&_8( z5dpvXp^#ED{sJJJ(H7tea)f6vlM2oh&-sB*5=jBfInIWTFuSARcjZ_NL%?%>D5N}w z&ok&rBc8!HDmYU-TOl?!n-?5p_fsQd8q4zpGjH<5QowWJ3WM}OYL-k@dB!AK4W6wd zWS-dv`r-iFsEI>!oXNu>-52~YY zM%e14!EDa+1b&cP{X==?_9V-5kRHI!9BlzE&#^Ec6K6G;E z@E8e!;$c2_8d=h0LZsaKwMH^&kFRzXwZvZ2tBp74)yg})T6^t#MBAq#u*w$_5Azd) zSsd-ll0&|g%lc)=h6KqB?6}b|x>6Ad^D%u^E)?0o<^W>h@MLU-Z{|QdG@Omq53@Q7 zewS!57QrgmDS~LWN3|!%xY>LsZKmK8^H$1l;pk)>h{rE>F3kfs0!7Q6mmLv*z&JTlhwdV5-$N45aW1g%A&xPMpN7;<{)Up0TG!TY$@REWF1#%nH(k<>2lLYdO?mHY03P(ttA45JQb@P*Xd+=N=(8W&AWm zj-@D^mmzv18Sysagnvuy3B7V=VY*upsF?V<)8IRy|3EC0i(sn`YI(x**RkNmNrFv7u2(vi~ zewS!57QrgmDS~LWN7zB40e1;54?h!=fl~bDj*b@^ghkkbq`_=#-Y|=k;y23%1^lvr zyZk~JqXDnVFQ&;9d?|i&2RD*&9=`l0yj*jBjRuw5Ku3PFEKtBN%eBKVHVZZ47mVTL z{1$UxM(UW95w@^sFq`umKbE-sN^tD+%eA2H@iaBxrLz2jfvmxAaj@fLkRLsyrnofc z7xY-c@A6yX=%lyDm0!>cO)x6+YreBwzY_L=8+L4rp-!F|*|Ok>A8yPq=5LbxmiRa6 z>2di5y=cTQ7)S+Qir>P&spDow_&jC}W^;ax29?W)BfnWPD6kKTe@jhoapgA_wqqi! z2E&DiQ^(AV@QKXj41?^9Y%o|(S$yCzf1jL1u#q%`bIO&% zd)^1%)L~ap`9k7hJ5KUdxOSzXu&Doun5|V5f?P(Upow*pBHi1*oW9mR0iw zmYWu=S>tgt0Zz~g4QF$;i<@PaXfYDOD%kmfXtqb#prQeH2`&%YF%4FOUn{`OueA*U zzX|WwoZq-vcKH<(5%9|b?(z%aN+W*bVM9uOB~YWRybOQv^(^7t8uN=;8AU!EezWXO zz;EvSsJhT!0O&^(o-zHU;7sw%j?EO^$Z!oGCTybyvpLW4uC} zmyxut`aoePHK0s2IC=i62%vb?O)d3aa*@Yx;^gPrwekZLCdO*;E1?_(M0TP6y~lX2XSs|pf1}`cABvXZY2O?bwb-iP*8m4jQvH3VxSg36BGQ^J8F}+KgOx zF`m*87bica08J4sF&q)id7%JiHLq6xg4E75Dfi|M(OF(7AUZz>wn_1PqKyDWM5U_5 zz}#33qOBNPkEc#?8PD|;ml00fRq(q+OMn~@ogW0-WGFnMvC&8K*_DYlUtTT|35hO- zxbTVt(~SKm8qDUV10vca(PAQeqAf`4z}sZ%e4;1vfw9;=)u+m_eMuBIE~d7Oc(6+V z6n3(lYVbcJycSlti|6jgS-XvK8>T&zVt9_-=+zQUuhvx1tCi%|h)oK;T8XDuexJ{H zt@B_s)VIS;%B9>@M=>6Ol;m!*P42|UY*rGndy1S-Hl1~ZSs!Jysx3hjz#L-z?AO?K z#6*_hS`>FYYsal)Z;!EiBtD*XWV@})_eLxbj{)+-RvORBxEGlpSlSL@yDuWgd8lB! z5^k!>@e$KQsSU|;O@U11j;c+Q$9$PGOQ^mfFoM;6;^heQZ3@yT!$fQDhDMxh@^NBQ zNV(x@aD246mvRYlL_cf%^O?@tW{l|jiLx>F-)JjvMIX*NKG9%;CnvfXsxp#E1D-(4 z^-z_OP1jTr%hSAeF778#*31Dg{I;&6QEu?Dj_(GVsp_)(&>R8x?GDn_xiDY*2B z27C8ghozZ|)I|JvrJ6 zDiaO1UICgQT862Z!Wo+-3nUs_MKqYri3Z!G;CG2GafVqhjUhTXS>p4hwH3HTJ10vw z?r;)x3e*(UxjW=MSx7aAoCcJs#*<}YOljg|$(`I6wY1oC^=Gc?~GY!n@(RoNRU5`byqy__J~db zuo+`J(>UeB$J_<)AF$fvtlPsVB9rXnOnAV?iikO+6w_HkDzJFDgKX0=(O*I0H0Uyo z;lE2X=HwKhtcK-8=V!q&C!_+H2@lwu=(xppL^?}H1w`i#vQ2{@Jfg8bCoR$uqT|6v zg6Lw}isY~Ym~%XBY>dNy6+v-{mN4HZI_s}7wj(&uVxvwYqQUYjKvP8LM?qe3;8^B* z+=`QiQt-P(OPC)Jox8_2B@ujy27($94aQypnj%_cglu%41OpGy9#@;TQa?q*NuqKe z;}Tus4T}*iZAyjsL<2#Mhz46?&KeVOS}|yiIjo~s>rv>{8a#Tn`be+xK9=~F zY)HU3gbn2ji8h6dZ5Mg@(p>#3ITdp6jSc&$Io%fv2*NawZZH}N`*E^zxm0AcnSIgC zN(_xuFv&j7gy(B+>A(;v_+6&Oq6MqS9b=p5@K=yH1-eX^N27_MJYwlei54L-M6(q8 zFcY4yG0~W^N)jy=Eg(8~jBOGZe+7vXVr8Pi<|{x`MCV>_%=xbXCJ3CSdCiFi`=j7@ zBs$A~1w>mJVcQWLWNrV87$c8R zfgo)Km5ByhuK-OEEiytjn$uwcOb|E?W^;)K+oa%ki7s)5Tv=~T2N^)0Xdp;iL1m)B z)+<0$L>JCb9U(JLO=4+GG^VH&{4UWY&X8LdnCRdji%maiqGMryrD-zbvbckLaSX^Y zC&U7Y0Fl#xGSwLN+pj8*jT2!%H+on=GF@?OBdbLe&Re2eV|I%4YW0y`t+>#um3VsP z_xYl2ejD+MA~Vr!KW3^@V!^{>!c021Q6x`3YcXNeXo~Q z9~!A(l07o96-C3@TmiulDfk@)PE^3a@U zus@2RxI{~M9}sP2gl$J~kj3^NZ3UHy28*u%O%a_R0mpV6a**wx>+vm4qDsN<5S?Yc z0-_~&GNvOq$YLK*6QVKorvOb6EiytjS{;5et~SM`LAKu}hsqtjOSBlefN1NhS)zl3 zEH(r+A{uP{0nvFVs#1kIQmY(r<5_3;>q4i2)|5Tvc3s_CdSf@WM6 zb#Rl8b%yE)nsI89OLL+paE5jqjM72LT@5VJ!9f-qg3?6C!v0FrXv(QB++m-iX3rgB zmx>0Ism8G1?rOO;NQC{|17i1HrY??UI^bBQ*o|e{+LYb>*?MB?e+*7Nw`hwYMS z81`ePO0gfVp%a7V8@lW<%%p#G(DK;^xzpHo^)C|kW9m;qDlUba?iCx6d%ZE|y#kyN z8fZ8hD7vPI(Lk1l1ZOwh{CiLxJ;La{fS{eDWY?)$H}=MNWwNB4Q6wq zAu3N2E#bXSbTQneO*-oljol{N3Mvx~2OtG#g6OQ{hJqxSDB;6|&_ILPoap$m#g%9Y z?*pRqQ(~KrP?=~j_6pFHMCV7qu{slFjNLmL%*I4xj!MDr5?$gAi-|C8s`v4U27jQa+$`k zA0Jwx?Y%i6(SsNzE98o&d>;dnsf}ZqDma#@cVn5#HkPSjV;N~RW{Gc&rQ6(RJmD2Z zW}?}C%v32$bM>!mfw^C7)A_{*338{g?do47?8nrff>abxW+Y zy8?c5f7qtPuD^nWFLWijoM_DWDL_+#oIAU*%$V?Df}Cmc(41&6I|_c6Xo>0rqH}-P zrc{Tw0&FhPR#2H}F!T!01kqW44N0^N@$g|L9A0yx!6Yg8U82Rl`9#CO7s{afD*%ET z5e+t80h%IOWW*3{?OOm71Wtq5oM^C33VxU95+_*9h-p*O&Lka2HT|IcZn|Xf&7eGn|r3q8J}n%NLxW=qQTZHKvP5)&d`qI@ls!% z8FyyPzDrJ6dE9D>A&*|NboMQ?D^@RPOf+Vu6#Nd+S&Az#9fdQbI}e{|ASg|AEZWC3 zpaL~Tb>R*<4;BCgk<)-O)eupQQzIPX(S9*QW-KEd$1-Yg%uz>cEQ8v{_M(Jpeq_ki z*p3IHfAfa;3&Adv@`c1p`Y}PJaP5kPMD@N{WUV%o}ft#mImP?8&(h}bXOy{1lO-U7>X<$fOLS?4Goi zo@AFeMwm52nN*)_;7D6Tb+W;a@n;-191iU9)Wpmk?U=&SzCd-xiE{MAo*eV8Rb$nK|wjr+U zcvDzuq%3R|vF-S?1D70j^z6I^i&h>_lL}X~diY*Jo02qQUVM|gsKqV%GLFFHTaC*y zbB$)SSvH*+Y_rjpDO(l0rJ;`oqo&v**KFzoYXpfs6}72Q#8VF}ZPQ?Sy8$Cuy@9wh z_Ur4?ODOZRn=CsB39#=&gE|G_2eX!@TTTzIoX|ozujz;>HrHs-U6$e07LW|iLqW*S zsZ53m8+a#9s0H!>U!WnK0?A;*lqGmFEeD5yWFepQk1kPtnTBoD)=-^o@Er=&B-_@Q zi;+<6xvl>cozaj^fo(95$`U-b<>(NwExTaY4l)v{fiTtCj)yHtwk^ZLwzc7bT)-F1 z4cnLpOR}A1)B?6;7Yy4$TEaG-L?os%+n85WpeETCFKHa0HovAbgDoI)#P%fKG0Up? zY;(yq$0|W;A~hJMI@@r?~pPIx}XB(VY9k#(sN~5li6uv-1It8{T@sd2h#xHs&whJ#wb$f-OiGHxcONTQV&O|?0$7p_I zZ8rVDM&107y_r?P{D$A`FAX-jd}-199ePSp^&BnXP!BjHErkQ60yH0H!gsp5i8nlf zu*4&hOjxo}*@3+-ydy6=I45AENQBYa&zK^*&S(TSH_R4I1orABD-K_>>TrQBo+N;7jf3!O zPYJ%h*%Hx!-=b8Yx+H*8ts@EG3wa{~q;u{IZ91tk<#JXDC`Rkx43=wjGI{FfNj|Y@}E@1?5`o=@~X==IHfvl7Y>hC9k>#FSn=GL z6U@IUOK{odF*aeGR}7YEQ|-IYHteUihRSSXMpJ>Ba@;T+Mv{F#QtZCbkTy5on1@rA z;IS=6+Lvu^nX$&3YKAj&4qy?BTTjrHQ^bX>m+97lqGm{^ARPe zP~%n_H}b|lk~GVaqYGv@6@*EWMM2HUopXDEJR}_A6i5cssw}}JIm_(@GA-nr5GqJa zVlzo2wlTx0Kuxiob<|k4*;;rajr}agNz@d`WDm;@@W*_ETF!b+*BYDNvKL4PKIyeF0MV0uAXD*aoYrEWu@4 zl6^ra!i_doY{;m1Y-5j!wg#8&=4$XREvZk^X(iDuzEnl z6u;sq=EqQcZ{unc=v$$tA2=#8KUjxpey~=={E)p_+S+MFe5ml*hyB&q7YT}2Kw)N1 zS)(T;VzGS#n6)t&l??JD*m9!5bcG~#Jg{SU%8hjb?no?!nNUSCl57`FaYp7Z_(&6;aSCjMja8Q5u`MP$ zV7qXf)KTWI0roR3+%dMnaVb!fY+IWlvduQeM+#q{A#Kh!rsk9-xNK)hzJTq*agw9= z*8uyet)a4PV#-vHsfHBGwQ?^O60|nPJwN(s>%{PwskkjFokXZ3{2_4_!_FS4Ngpf znq=F?BO==zlK64~Uoc0q4OUfIg2%S*B`MY-LYZxf4*fO2erju|&NetP1!|IQ@RI5P z9SZ*9axn$j2CJ$p!DCzZk_=PW_Rqj=+iW3$Tbk|YIRVq43fLsy;3w6AI&FN`v4)lT zcFqY{OQ2yQTFU2G@fR|4GcstB*t9}ThXEPXM-&>5vWR{ogU;v&E8ylg*_)*!-j{XQ z-|`jJALdOf0Q;*D;7U-I2@HHu;Z*57;jLk^*)?uc%U}jG>4X;inu0bHp)B?4RR7dl)Q-f`$z&2P_WeFbJC0>%dZ%XzK z#9HwHYb8JFoZ9S{MKHxrZQMsAuGdad}+rMh{UMmi#sdqF%dH!JDf<0Co?)>|8%MV|DWQ#^6 z&mYZOu;=XZWk;@V(Q|4?^V{#56g9!&&^7+cmVj7*Vda5Z%?OZc|W;vkoSEk#qr3@)cG zW)bv#76%Cd?B1Fp=ITL1sSaAhY8+p1thP3FGTEqNH^4mBENESxb59r?H?Se6BIXM6Ji*MN zGM=+OB@++(P6ZpDDuS-yRBT6fGe-ymh=Pct#^|9cpqqO_88&3*DFm(%o1Lb}baPh- zQ-}gzh;29(L06DzOgc@Vhjv~!owH1A$1O0%c7!4g`&bck1?j-_Q(ertFAOCbwsDG> z>)AVp=iC>D0u2$(6fws$TV*k{gE{wwp*%xGQxS6&c{Y}Ja&zZk&V6AJ+hGSzMa)&? z8MLIXJmUCjBJFo^AH%o(a8&!8oBG3RH( zAhyGbT)i%$Bv?YF)+x(~(qJFyg|-2L*ov6jbRTONmfPCx+r75AqD_%r&r3VY$WMQrR+lag`>nu*VBbt+IU#(| zm9}|AO`X$qHpbG3318QuuF&tyscJH5rfR9A3SxjVfq*z@^Yfl3)bUN*edW^Q%ya9E zzR*RyXa-%P=O1TPyCnni`B8~2nL93nGNq|NYTczkLF#Cwz*DZgr2tV16{J8euU4?t z=kuf&rzP1sdbKh`-znAUSz9a5p>4IZvIqINwtOC4`5IFjtn-xr{F zC}?0zH#}s0pSfJmT&`!0Tn}b0 z53@!dhBKFknQz{nHRswwZ{&C8aFLnAS7r_cnfXSKnaj`2VjkKthSGM-1)09L9cvE}n|RrWuiB@(G-GkwN4VTV zX&>Pd3Z-FP58&li$Bk;o`n_1y^|R&DOw(e8iL&3(((Pe#&z5KPlf}jT`=iIFZ?0Cg z{}_x~leYOV82$KYdHk{YmtTJ156;d{2S22L2BXJ3rCyDm0#cjshaXe^@MFfG1Zz8| zfqn0&r}k$8!KJfe?aPN(C%^peVD`I*+1svQ|+(dp~6)8(7h;^OVc z-vNg*nl-HsUe~M3qqnQmlQncBbJ*_B=^sXN`d9nQW0$z?=j+S%($4QwyQcH|EZt-D zBLh6-4?q5qKg}51QT*v@#huK9vc@pN{_??~bj`o~@{B)>k0X53KmIk>wGT_zp02rs zoBYWbWdE4IL^8CQ`rbtQ)cHjJ>FV9(%fWc~5)aVK^q2qJNZzZ#glpU7<*TE)$*aMX zuUd1^$gnSfjc!lRY=3Jy+v@q|Ud?Z4vLD{?F+M-VQmo1 zxlNjD_>J1#ygI9CyivZb5^hy*`*Wjs-DBLS-Bty)il_bAYPR-gt1e?L2XB71_wk=@AzLirM*Fr}xYfOzpWd%l1GlF*wm(~i-25C&T6MfR6tpm| ze$r2F=F?t8YYVMa!V|aClNLJavSTkSu~2!^ZVPokw26JVzTFe*Zoi#um+tE#HEHR- zadFbv?ZL$DwEF8l>n=Z&7PQ=AmN&n9{~Lc{Flo(r>!-R@@#5OlA71h0Kil7%S=@f# z@MYRq_`%er%YWxxVU4kBe}6S7;qq^cD%$8G{v2$hjV8MJ8-L$%zefLU@9W&yL^tj4 z&aHm5!~I%yJGaqaJLYNTY#RghejiNTm)7qanVPz9y^Wo`w=VfpUkR@UmG#bj5ln;G zl@M6*doz@&3;xsvpXO#tG~V()Y~rtL{XY17yym>{bu;z#GIc*U#BqZ!jpGn0p*e{ZJfGhre3Yo7n9u#jPxoeI$*zc*ad=&8^#nk-!X74B^mE|P`& zq=hrFaJ^M{R;6&CvuNz_pzr{{aC=+0r7c`<6wb`TEoR~Rp>WwOTqX-=YT>r9@a$6I z3%~G?qHq~4JT@iJ>Sf#Jw(z8~j zd%b1LPdD3TBX@(j%iY{n;@rL0xy#?&`8{{}o4fqYo$qtEbMr>t26N~0-1$6rKF^)c zb6>=BU!8N8m$^GpbKeX%_vm5nax{0o%zgZGAOE}!FWUlvkALp+G?6 zm%qwwM&(E0RBkgWH@TI|UFCeQT<)qiig$ij&TnFNFTac%j^krH%lXjQF+MaZn-Wgr z4D!K)yRq{dil5pE0C(O@f!iERka_rIqMdP@M2hFH?JJ)W`jxEWb@JE5 zL+!MEI)6~it>G`2N%)^1WLpG;%Zi8hV$o6^|y&m3k3(Dtttm`(b`v)Sx! zphqz(9kn6#3p=9cOk4G&yspW zL@=B-%4vYk@rc>-k{%onUiAv!NiTGh=}#AL>PudzUSBS+R!8+EJ!)*qVDzLuK3&*8 zY(!*?OOp@hxVZL8^wZ-@x}GG*CAASF*DkKi-6l=E!Zmf@uyK}c8d7BwR@wkw;T4vJfi%k`IlOCJ6re&B1%PaP- zPv?CG+P%6Ae0WaYeDwV4_4?yQ-K6IqEmz0&id`i9{|eR~tzTwYv7Zm~Nwq&od)epw zJKe8djUG~=NL7u8N48;l^nCPB&wjAK-@IL~FYb*-@87@Qe|>qn|N83uc>lN_eQO!? z=j+wg(Yh&o5cTzYXcKe&9!|1+e>!A0JG<>Erqf%Tt^Mh%(P4eLe%Vav=+FQ9Z$kuc zp3{h-^|}!mWg6?Zb_0KQf9BmNvT8r`Zn!M9{h->jt0PsPAEpMc-;rrCp$o;txH2sY zP9G?y)&A@g9m!@pIx-vgJ7SCXH*{oX4`=yVM?m6K!(#mDj!d#$9hvkyVrusK9m%pW z=P^)tr6b5Q(#$07=EqI}nN9n>FdKCJUQDX#{(LwqOU5~=I4oi~tLTyU!<9@cAmt2p zMM0g-`u#B7b^U&r+Q}Fvt9m>}QYcVwxZx_U?F9yX*QDf~ZczP-VtTMxFV2>4C~u;n zQOk`>HyHhNQJ*);;$@?P(__xB&d!GEpE0WIpHJ)e_3G)WKB=jVqSnzeho_epXN!;2 zKVMi`ZiotL%5gtkt2KRHd3zvOU;6*+X$f7*BG?G2sw#rOD@_?aXc zn(O#nKyR3jQ`=scH|YX#f&+vTe5 z?dHy=ey?8t1+CtG#Z}gkf*Ys5ozB|Bt%EkWG#DRn8Y~Z*9`M&YmfG2Xj2W~m?An$w zoqO6q+O`{pai1c$+G_prJ?7`~EB4LCkeK*Y``RD7jj83uW=u?YQ8v6tliZHm1cmR6 zH=Apm$D4UDKJ$Ic`@~De(Y7y*x7;taH{K!$HV=jK{?l^+j}KP$V!e@!ocpwoX)i0M zG<&*Q9$y{R8ws+hwMW?0(*4XIyBRKBvhSugY-?*n;sWayXrx4+P1?ufD;zG?^*4w2 zzzdkb63VkQvcDfsem@@n-n@kR{Mgjm-~(!aQaUOoA8;@KZ&>7(f;$-|+O*2k`L6cm z@VuefXA8&dzYZIAb`@ypT^NCu@~eTC&}Cg3eMWNn&*gRC6N}fo?RYhJ$~bmu z6fsh+xJP64n};8031t{)NK$N<3-6Jv!g2|{YmplZczZOPwlEH$dMUpc+A*2&TFy8U zT2WbC+P@aj#ybqOl->`tgyssgl=JG-s?0+0K5d?Ir-7Exl3g0{eLA42OJgmi!KpInCDbUara=+ZXfL=QSXp8;(G~V5U3m0gqb`)r-THmKl zGRy7sX_%+DRxJq;WyA6YaefKfE$7s~A0edNkHWuRTUdPH+0Fy53d>$ZcIS-w5c5|TO4Qhg)P=9Y~Lw3N5(()#KarW|v(9f==%nURq;_LrS&m97QKCXs(rw2sVWnOpw8dp`>0 znblMRE#+bYZLT_}O!b<6yLkf8Mq0Fu6yj%=a}MpMalEukHK))H11Hy}9C>Irx6E#z z#(8?egDRx~L%USy475~I4z$wpT!B`I9>R;$@giz6Z@jHH$OeIl*ez)IZ{fL9-ryC- zi}{f8f@KohGX>Tb$1yeK9-lGEWxb(ct)A550p6zAefCyZvbx`n&d4~3>t!6IHsidp z2gB+c;eM&+8EC1v+^1OpAlFt_H|w`!1BLVjaK5x-gFxVcxdN8S@7~YWZ?uCKq&Ve%sPqUQJ=syFuJ&cX573oOP ze!Hx)T4$h@;!6R)61|4cFTVT~5tnh~DL34I1|@WPE-a9FBk&U%DP+AiAq&DYn7BAL zOq9}6y)axm*L6ubU9P3HEc$?Qw8#M^ZCOWTb7hVwoy#-k>Fm&c|H^dmXrQHfai4~( zEd86S9-qz=GBjM9>i2<`unK{eM}LEDI_V81{dSaRV_(b>i!}Bwi9KhrMn8vVq+LJZ z8EP*v-c~>FwPXL2=r#66scclKM%}v>aGk6Vf)dg9faI(Q*1Hy$Rp!G2?>Oh|!;*M# z1{68U5RS3P5U#}zKBpJYcl!cM)2^>B&2(M7mdqwrK8^!T8D$q|MSL0%d*Tb2%P;q1 z<6YDnj87|1^D3lbA$ji^j)8GFT|4WL;nba#0LC~ya#XY;5h;d8=t zb+3h|38CDhl@`cHK9e#PJ_BtNxyo{@iFfZupG(6x1X{vC^l7-AB3JpuFeRZ~xuabI zkoDUEgOa|OV;t{?{grW$e$nS997y*W@Kj=Aw)_@RPFc|EXM=x?^2hzilJ)z?wK!Np zOBk7MUrb!Y2f;lMA9Dst_>7CLv>kjYD$z|dU{JzS?2Paa*i{%C+aO7z^v4FR6#s7q zR4UvLOfvb*{DPrU4o~(0_)ykLL zKr7b0O%8=E*A!HQmi7#Ub_u=|XbIRHXc{Auk&f{o=5ojVaQTG?rTUXpA;ee7fP>1| z2>pWGv)9daaxJoBYh&{&}0qfI0Nzw zm@0C>l9v8qKx96s!$y68s#6)lACGH`Dv9Viwoiz?geLi+ob4kb&%FCYY3YQF{`}^e zGsTAhwacAv$kB^<~~r2ePJV zCjBd=j?J+gJM<80S9pc9qR-HrG-)%*Uvb8T`0bp3A-)QGV8m8%UWUpLA-l*aTLGfK zM%ql*(LC*y=+7@9j;xvaj) zD#`|_B|t`fJ!Cp8+D48cBAV>CBZ-+#Q|a-FYNPNTv6sFWnj`Xnl9$LS6<3K#s78r@ z#c~t50&XGvBNUf-kjlHr71`UZhAI(xE=bP1h~(vqBJFeR^8n$9dIMD~dV_43#J>gRNXAA!LdHf&EPNp? zD$m8=(01bIuvb-cg2j#;H^Y!z2AK?%T^7Ie1^p*-#TFo0zogRSTA(C)E$E}Tj!;B; zZ6RwP(<8oA$qt*ijsT*G9s;=_c~N%u$$XT+jO2dA`*96o8lx^opQf`3x^iW@GxCMx zAIuLtAoV5lK^{rgFR6m4v)Ox`PMYgJm!q&$hA{Cl_dvUJI$XF`bEQBvBo9nD9dnF0 z#p=r=;*#g*39?o}YKY#Ta{Rd_`nQ?5l{=`+&4zrLJOW|C)s)eyc^is7R=6Y-9g1{U9&G_|f7 zRG5sT!cd1bjms*S3Cfo-z9bb6aHM}Nx`be@PeX4=o`#AN2-JQ%3Lo!0uMM_VJyBfo>|nVw9~i(RV=!l z)RNwh+L-hiw<*dMyN4wYM;24^?Q`ONxt4mF%n>PoC_{77lR{(PhSI30#5u?+7w@&D#*H5VDLq^3^dkc>%`HOj<6uhFiO_;=3s?t$xHMLyXs}lSZX-(fJj61Bs=cKXC*5oGS0pP(RHv&d>VX0iF?Qli#`Qq zDK-VGFKeOVz}?7acKHkMNl}RHX7|7NG`RB0dkUiZ48exZSkXKBg60Tv05Vj^K~YKD zp(W&6sl(1JgoyeNGp+aAk?&+>DPKqm#`Rlq1d8+}Pv;W!))tj*iD$_4iLSFcyWEd$ zH1b@WbZJLQM%$&6WBYxf@igbzag&QhOY7hbCA$c$H3y=<QkgxdMY=M1K-E1C~EtOBzJRLDEubQY+#axyk`)BpDlU!bsypj_3o!XTi5a!|266 zlMfRfkSY)wv6|A-xs?6+n5VOl0&T~dp-!Ur12hr)M_yjqp*FPL4jD(e$96n5`fC)K z(t$C(K4Tf9|3W*m6rq2deG=_HFck4~xK=QC23LuB5NH6%<1>h(f)7VKvZ}Ei;f%B+ zoYrXqy=8=7tT&`uLV@(M!LU0t&;A(sZTdR~Nbr+nRbf#v1KG4M>7s>g1;>SXh zy-U#2k$&NRVtZ&uaV+*3m|&DY;6t)zu)Zp5uvz4fB2d%^WL~2`2^GJ?x631ryI)n!#U}WBK`IRPk22erigwg(UiNS;~1c@R3g9EK8! zec@#l(m&vJ+Dk`Z&}oS`8YLul#j#NKl$?FjEFZHpeqbc>y~&9qTo*w-OC5!9jRSPLse zUQi}cU$Oa6$41>g`YNP6V!hF_5hBmLgGa{(*dXc+LLu?nQ7j&cJuo&rYDb*gvf|vY|_3NwQ|*XB!Yj<{U6ilyMG9 zl30k-)M9Rq0-Dq?pv_e#DT&COQxJ{%*;4RIOXsxp<(|BXjDu2JT!WT26FId)MC2(& zk!X)nLR;EtPMVCW`0`XH#D-caRb-9OUSx>8inc@HhrU?yA&wV|7wdUgLBab#OK0Qt zc$$sL7|S!#`MLde9I_DCIl)k@EdoYY{{V+v;uIV}kr$SmtPiwq%#Y)krMK(#`-d|i zydp;%WgHVPGHJN_C>tnVks*X!{1+B*tS4s{rUiAX91zvJutj2L zww#Hrz%vtF2TVbH5L`mBgJd1W{{vSqI)`0+x-NI<9Hv9%#foTQKEQ0NOp-E^d85v* zG{M-A`NvqqXW;8a8k~9pM)gz11~gu2cmr{cv}Vm@ z$eA#<8%KO8O3acg7qev?4RM#Q7Vi!wpwe6))u@QwryY({G+e~jaX;A~iVL!1-cao_UczpfH;y}$aR5|}I)W;W z&KoX>$Oa*H)QLP+pR4=*?8Gjy0c3KO_rNWrf3QmAnb$K24-{XF8CSXIewqB%tlYLg0#79S)ip`@Z;(OycN}K}bSZn}qP!Sm-lcCQA z{v2hT@Lc@%5-Ey0hw7^MYm`1^eHg?wu0e3VqSwgyir)@ySoE6VhNaIK27QKL^RO}$ zm4f~w1u8Xqjx~_@7Yn81WrE{6;;k_fYrs-{uAapJmQLz)SQM!Xk--z)L}@~69h8{G z4?|r^tfaw)`4ir&joUBF6 z`Et+;4ots)#=q#(P{xt7SuErfe}hz&$N_0|(XnVS(K+CE#TR9U^cm!GqpX4R)n~vy zZI|9j)UyGghV>acYDHjrB{l&2D{FzsS?b~jJ&$XZ)9a$nW2O z_7g)(ubJzQmxM|5j7};SWHie41J`v}^j#0@0K$98}G}#9ZO>z&c8D0C(;(XxM zDZbrskzw9wC;2~)mecdYKug732JP%cKDJc1=b=z?i17^V^xOb;T*URuF?WLffF|_? zXp%Fh911`?_JtH#SRZzzUDRRF6jRP=&C%bWD3o64)E{rg0`5N-4>P@cFSL_fxRrII z?gSOC=g0C+v1n)P$h{rc3QmynuVAu_rek9hbck1JCvs}#CX}Eq}~WEy@RiREjja`bJCH8B3IxJgB;LK z^7n?2i*+Grf_;M~^=@cVQ-YS>&)Dm;y~i!+PD=iO2LlgC0qmfW;FWf|#}5BA%Do-$ z80`!+!8$|Jy&hO2S-+g49^*2u)$@439m@RL@dCj=pq1oVp>Y~W94|W!~ve*K5Vr0)$9!7wpRw zd9JAMk*bK*0Q#Y4T;fm4`XH;P^9$=`-fUB0-|cX~)pyezt)o-Vc{SX;Kdb zuA=J*v6ttXD;1y1Nfz>4(A3dSv=fP9O~iIB3J)-$(YNK`Xq<~MHjZzKeu-I2(Lo|XhzCI>>IQg!_rRo zrlE;ro|Se)iLoz=8Ka%X8iw%_9#D7@{(86{@jgiv!K)w{x(6SX7;}s!K_V|e0%PtFO)U6RXu4()EAdrOyLvyIkZAV} zYZdu|dKN#2kXT|wOKHXVC4~}e(Hx4+%eDfa0qbgCD3!-Kr^hl!pe`xWh86gKqqmX1I!TF1#}{^OHX7Skp+?U z%XYe$)8}kbsZ~OgIxIA)Wm)7bJ_Fh+*1!`aRb-8|D)K_lG2RA1Rqu~ClIN0Q zly(;VMPA{pMEOHQ#2h191Hg}5tNsC{z*t+vG-CMUwN%iB#)IQJw-8MFtXKo0P?cwJ zMxvX5B*fY_=RnF{0BB^nW1q?S3QtLH3jZh@L>cD|*phD|`zN_RBv)kDw$jFDkjaSH zBNU>XlMhX5HWVf(wuP}#(GvWtr;IvdPR+?zoosWH=GeOC{rQT#RDav^yx5V&F&3i6^d zzgiz8`>Z}38R=Nlq@A2EU^H2)KoQ0N0|O*>m8y&K8GRsqrVty~z8z7kG>s*JDTs~$ z?<4s{V~af34oQh?TK7@0vrpgG1_mhNWN4>3Ekbr#=eRi%m*I_z?IyGrpN6TFcpqGl ztbJ19lEY&KMhumq>mvRNn#Migg2aCTKcs!;-8FHY1qVi&+MwSeHq7`xQ>hqB#D_Ac3}3lblJ`_lO!T$OPUR>(L=cZ$3qy3ywcg(CWtm8H)m zjMw{VeGrV2*h`R-lFP+4lUf4j7>eCTW$QYplp1|0DnKGbWHKaP0JkJ_X}G1hreUe9 zK~j+ti-SE9Il!byOhS|_cE-wdao&hR#Z~|Zk$4MhE;SZ*C<^cAJNz&(N)l^O{S~`l zM;JuiiD?wu2vSn)K4<~)uh@z#GEQ|+a^VKkm-*dMd%{Z;Jr4FrVk=&Gpz?w_kMhh? zko5t6Nb)}Ro`$%N!23je4&J2tVRPG<5bOuLvP3@c360y@{`ow1dg(vws5c%Stg7((6N|_}3QlM4z z8R#aFaRZ{n@lx9snWXd{p8*O$`pni>$*JO*MO+XY@w5(Wu*j$*usou#Kw1fgfZ<9G zfKv@*os-IyxQFzR=t)9iS*!F!Y!AChM7P^3xnf+#Ie}6OnDQTdeof_vdkh6vCelAM z^0ChtJ#Du`CQ-&w*RfkebOb3Lu?w8Yq4I~IiW~rHlfD4w5}w)txBYS0*7e9MXe3~y zot)1~JHhoq6Mq95iQsrY{G7m364K&NLK8a(4X0Y}2WmFb02TxtL8(Y`JkWGM6Wd*s zSK#IXPwg~{SpQ|4KPSY+zEEHddY5(*o7xcpQ9nbITrM;UVeuL4T^GJ+o|PnsU|68( zo*#CzN4;jq?x@$G>E0mlb;>K!SJG$pxC^gO%4)@i!q6nlV#q(=EXdcp?zfD>=;AoAA7{4f9xgGb~9P`QF-H>7TiFQHNS3$n&etr#ECj)*3}j4qL}*~@U^IM5|B4mM26I8d=sKNFtE7|{@3I$n}D(r1o`lV=d> z3a<$6g;#`DdhL$$4uMl^JE@f$>OcA*(Db}vGQ-+udqH;ODG-tPTuV{Jc4%iA2c^^) z3sDfJuo0d?s1a+QcAlWfILkcxaDV_LCV?jYA2g~;@wvQ#RmK6HU)m`~gi4X%+@MK4 z6q?kdpy7DNzTm6Ka}A9s?Eo1HP3o%{eerFfNq&t0M`99ax(|(AW3iS%JK667O>()m zb6Cegp=8ypx7k49oi*pz-3($iE%F3MGOVS8%QRD(qO6HH~|! z>%$WL@wv7+S7@>)#85mjH%HP@;&W*7?qz6#wTC8HduZ|=ZD=G%V*hY0q7I{~7V|Gy zD5(iUllM!SB@_FBsTKQS8))KlZPQ9z3v3>Vc_cf+O2%Ou9pqXz5=6UzXB%UCgL8>q zv$9Z>E3l!lhQYNOF96XL*Gi|5wB`8pp z4Fhn*aiCvBhDfQ3tQAt5AR!~Q7-+I5gbJU=muMI9C#`rF^(oV)d?wct<2+LJv95+9 zksKK`!4gB$^JDF0Gtw7wEixY@H-%R$Rc(h+iM%HGt^kayjDx@|=J`41PS0;A5QsTiI}R`AprDcH4?HjjFpd{zN_-2P5V5Of z_#;ovU`BbiLu#Yk+twg?t^wv_|G>S*Ibs2eE;hlB@`7NA9c1DpM?ut8XKp z5nZu^lqQ5%2JMcri&>R5X!uxZM|>pD#ea$O21V9o&Nihe_iTHTb&1xHcomqctV_&( ztla@o*E3uQKP1n9hc3P&m|4+RY{8N|14j@muQ>Qpc)+BKY~bo?JG6F?d)${;7bmN% zHjieK=b|bpJ}ajgiCyJ*3(1!dmC5=5y(a4exR0(6rd(tLh@tR+{7YQF3{BSux!ky> zIYL9{96*D%Q@;~cEVkB4Z6cEtg`-}>O%%HYzF2H6+FA4!r%Xs5gveg_2fS0(8*nL+ z15T%rHHb-(oGNattaDaOtVLrj<=h2m`YsZ~AxAmobU4vNKvKod0P)gski3cWh8dK2 zkS)9shs@TI9q0O?U!uN3>_yh>-RV*O*vTz%l)V!@$}W%&iA_0OMRXX*D6yABJvuhF zzDl1l)bd<5dqkN8;UIPaB$&jUK!3%T0)`@X0aQW6mYKVuV?z)`4q#whM_`V1-Y7Z9 zc!87)4Q!sw5!gJX?U*-Q2H_t=lRoQN47ROE*C3&($SI&AxgU^(sQ+xMpwKY!GMA_W zrOCcoERUYqh1V%Q9A38ABM_PrpMx8gSPk5;*k88C%h8Yvmc zQIG}}oygHKqK9~_&YK;~6xY^{GmTMoJDwruZh@$zVixXa$J;6mfRnUSyTy5evMzb| zx5%Vna3fFYvG`_o9JjX995-rQpFzDxt|jbNn%XV!wi4Tex7BBmsE+c&8<8aE3$|9` zBg~B0bIORKvq{Z~?xboju{b3Hkx8(%Vvp=t66rH30HN6i(KzR@Dy|t!qv$$Y3ekqL zdrN!Sd^Q;U zaDKA1UlH&0>*4U_@P1W2evGS&i%AuT6zXF_{CRnRB`+VM+NTc&pKmgJH5eT(j}G3} zM?YU)y&I13Lk|wW=M6}c>R?(OJ|5=>kIL_-2gLi+$5amn4;~CI*NfHq!>T?R*y;3D zIrzK3`~IiL1Mlwg^}KSRW79tE>9KgV8^q*6-`pQ!cMp_4!eKNsGhN z%ZszcM|$$&bbVI0O@F#tpPio9mqU8Pj1HfTp498b@nXF&W;B$ii#Mr(rK)J~(?xy$ z@MwLyJbww_A^iDY|801Fb#~VLGk!ICPCt&;FIIJ(m<)OY!Jy%bj~DgmfP0@U-;91- zoWJ>|KHvM}qi-KPxKp1W+o))XE*bg&4_5WUo^!ZZ*WVo8qXJDCz+Sxo4l4Wm@#Od8 z@$bJKJ->SWm-=Y^&B5~ByXE=tV0F5#SEq|V44PnYlN_3HHK@(;tyi{Ko(vPbVj*NA>=4^=3HRpL{!dvOE^XkXkP`j7byy%|X3dpK@gy z%$gKI-Z!(^ zO3Q->muqJ0-JQYxfB0~*IQqF>4`0`BPS3x)`@jF^f8HIQ9)EZDU-Bp8Cl?3x+tYvi zWmP}_z;DdABHck>fytyH$zgh_=weTlHHqT_h!}I z2ZP~ocz<<#a_`yUV}BOEeRucmdVO(kGxzae0KVRgK2e(R8{;i@nQ_=j+9X zz4Oc8H8*MRb68&nE``jNHH#^)-Q)i3`^xh$X*Bd&S9=s@LLmwiq8L!|>!u_u394 zn*086j(3Vz+1_`ynAAtFXUBW50qbzz*NeTXIG*kS=$RaikB?4{s!4m_&b7bFr$)}O z(0B%;jcXt)rBSh8`QPn;zw(W{x4V5vmm8n`e9NxSvZ&kOmR((LeD?D#yFSaJZi8EP zb-D4`&$sOQEQ`7gevMt7oMxD1THP z@;;T>_u1s(*$gz_M|k zvw6B8@wXpEyo9YogQ9VO!>iG=`f_=-BIRfa#fB3p z>t{K{ZJN&#iP!1rWZP3x(Kp%Cl)1c4SEt*qT6y9o`+$X3|hcH_F_!EU%-}CmmZ! zUgw6pYiQW(akpbH(;4$O$=w7Nyqbl)58u0aj2*WHet zOu&Jg?e2B;*ra3q68`rlyUP}x>vFea?bx5k)iPFa;~h4v{`ENAF>aFt(Ysk0HW1(SI@~dD9KUnJo-a?l zu05W144j=dbhAqBzZf>p;CoF#ev8KY8n}t;qVY&(u@fu1MdRI~@ix_suZYH*6fY*l zy>W3bN!V{i<9+Hbw`jauG+qa6bBo3UW_gRob3Jyyhm*TSfI-++?Ze$zRwo|}z3->^M;dkuh} z%{ARu{(!jyz_9&_vyZnI89rtERp*d?;D?mowqNn4&(2lADYjpAw(4^gDctQ>ol{2n z3Y@^^D?2@-b3=+P+pju%-0uvm{=NN*7wvAZvNI93Uv=K}$yH3i_A6d()VT`4!R9Lt z3m_}s&XmlwA}W%8walf`?S8npw1Ti4UI!Qw)bkhOKaKc1fdJbDO>^`D;o@Qv;2z4UFpuP;ycU$gOh|F|BpZQQw*{1#Xw<+>%)OVXA|F67Zodd=e z^ZF>;n;p%|z3lbL@m^Jrr+XD|_{!_qE_f)-_dcsQRvnr`xYDU&DpJx~Y*qe!P& H-WmK~VmApL literal 0 HcmV?d00001 diff --git a/tests/data/protection_profiles/reports/txt/b02ed76d2545326a.txt b/tests/data/protection_profiles/reports/txt/b02ed76d2545326a.txt new file mode 100644 index 00000000..81796a86 --- /dev/null +++ b/tests/data/protection_profiles/reports/txt/b02ed76d2545326a.txt @@ -0,0 +1,701 @@ +BSI-CC-PP-0062-2010 +for +Fingerprint Spoof Detection Protection Profile +based on Organisational Security Policies +(FSDPP_OSP), Version 1.7 +from +German Federal Office for +Information Security (BSI) + BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn +Phone +49 (0)228 99 9582-0, Fax +49 (0)228 9582-5477, Infoline +49 (0)228 99 9582-111 +Certification Report V1.0 ZS-01-01-F-414 V1.40 + BSI-CC-PP-0062-2010 +Common Criteria Protection Profile +Fingerprint Spoof Detection Protection Profile based on +Organisational Security Policies (FSDPP_OSP), +Version 1.7 +developed by the German Federal Office for Information Security (BSI) +Assurance Package claimed in the Protection Profile: +Common Criteria Part 3 conformant +ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, +AGD_PRE.1, ALC_CMC.2, ALC_CMS.2, ALC_DEL.1, +ALC_FLR.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, +ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, +ATE_COV.1, ATE_FUN.1, ATE_IND.2 +Common Criteria +Recognition +Arrangement +The Protection Profile identified in this certificate has been evaluated at an approved evaluation facility using +the Common Methodology for IT Security Evaluation (CEM), Version 3.1 for conformance to the Common +Criteria for IT Security Evaluation (CC), Version 3.1. +This certificate applies only to the specific version and release of the Protection Profile and in conjunction +with the complete Certification Report. +The evaluation has been conducted in accordance with the provisions of the certification scheme of the +German Federal Office for Information Security (BSI) and the conclusions of the evaluation facility in the +evaluation technical report are consistent with the evidence adduced. +This certificate is not an endorsement of the Protection Profile by the Federal Office for Information Security +or any other organisation that recognises or gives effect to this certificate, and no warranty of the Protection +Profile by the Federal Office for Information Security or any other organisation that recognises or gives effect +to this certificate, is either expressed or implied. +Bonn, 25. February 2010 +For the Federal Office for Information Security +Bernd Kowalski L.S. +Head of Department +Bundesamt für Sicherheit in der Informationstechnik +Godesberger Allee 185-189 - D-53175 Bonn - Postfach 20 03 63 - D-53133 Bonn +Phone +49 (0)228 99 9582-0 - Fax +49 (0)228 9582-5477 - Infoline +49 (0)228 99 9582-111 + Certification Report BSI-CC-PP-0062-2010 +This page is intentionally left blank. +4 / 28 + BSI-CC-PP-0062-2010 Certification Report +Preliminary Remarks +Under the BSIG1 +Act, the Federal Office for Information Security (BSI) has the task of +issuing certificates for information technology products as well as for Protection Profiles +(PP). +A PP defines an implementation-independent set of IT security requirements for a +category of products which are intended to meet common consumer needs for IT security. +The development and certification of a PP or the reference to an existent one gives +consumers the possibility to express their IT security needs without referring to a special +product. Product or system certifications can be based on Protection Profiles. For products +which have been certified based on a Protection Profile an individual certificate will be +issued. +Certification of the Protection Profile is carried out on the instigation of the BSI or a +sponsor. +A part of the procedure is the technical examination (evaluation) of the Protection Profile +according to Common Criteria [1]. +The evaluation is normally carried out by an evaluation facility recognised by the BSI or by +BSI itself. +The result of the certification procedure is the present Certification Report. This report +contains among others the certificate (summarised assessment) and the detailed +Certification Results. +1 +Act on the Federal Office for Information Security (BSI-Gesetz - BSIG) of 14 August 2009, +Bundesgesetzblatt I p. 2821 +5 / 28 + Certification Report BSI-CC-PP-0062-2010 +Contents +A Certification........................................................................................................................7 +1 Specifications of the Certification Procedure.................................................................7 +2 Recognition Agreements................................................................................................7 +2.1 International Recognition of CC - Certificates.........................................................8 +3 Performance of Evaluation and Certification..................................................................8 +4 Validity of the certification result.....................................................................................9 +5 Publication......................................................................................................................9 +B Certification Results.........................................................................................................11 +1 Protection Profile Overview..........................................................................................12 +2 Security Functional Requirements...............................................................................12 +3 Security Assurance Requirements...............................................................................13 +4 Results of the PP-Evaluation........................................................................................13 +5 Obligations and notes for the usage............................................................................14 +6 Protection Profile Document.........................................................................................14 +7 Definitions.....................................................................................................................14 +7.1 Acronyms...............................................................................................................14 +7.2 Glossary.................................................................................................................14 +8 Bibliography..................................................................................................................15 +C Excerpts from the Criteria................................................................................................17 +D Annexes...........................................................................................................................27 +6 / 28 + BSI-CC-PP-0062-2010 Certification Report +A Certification +1 Specifications of the Certification Procedure +The certification body conducts the procedure according to the criteria laid down in the +following: +● BSIG2 +● BSI Certification Ordinance3 +● BSI Schedule of Costs4 +● Special decrees issued by the Bundesministerium des Innern (Federal Ministry +of the Interior) +● DIN EN 45011 standard +● BSI certification: Procedural Description (BSI 7125) [3] +● Common Criteria for IT Security Evaluation (CC), Version 3.15 +[1] +● Common Methodology for IT Security Evaluation, Version 3.1[2] +● BSI certification: Application Notes and Interpretation of the Scheme (AIS) [7] +● Procedure for the Issuance of a PP certificate by the BSI +2 Recognition Agreements +In order to avoid multiple certification of the same Protection Profile in different countries a +mutual recognition of IT security certificates - as far as such certificates are based on CC - +under certain conditions was agreed. +2 +Act on the Federal Office for Information Security (BSI-Gesetz - BSIG) of 14 August 2009, +Bundesgesetzblatt I p. 2821 +3 +Ordinance on the Procedure for Issuance of a Certificate by the Federal Office for Information Security +(BSI-Zertifizierungsverordnung, BSIZertV) of 07 July 1992, Bundesgesetzblatt I p. 1230 +4 +Schedule of Cost for Official Procedures of the Bundesamt für Sicherheit in der Informationstechnik +(BSI-Kostenverordnung, BSI-KostV) of 03 March 2005, Bundesgesetzblatt I p. 519 +5 +Proclamation of the Bundesministerium des Innern of 12 February 2007 in the Bundesanzeiger dated +23 February 2007 +7 / 28 + Certification Report BSI-CC-PP-0062-2010 +2.1 International Recognition of CC - Certificates +An arrangement (Common Criteria Arrangement) on the mutual recognition of certificates +based on the CC evaluation assurance levels up to and including EAL 4 has been signed +in May 2000 (CCRA). It includes also the recognition of Protection Profiles based on the +CC. +As of January 2009 the arrangement has been signed by the national bodies of: Australia, +Austria, Canada, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, +India, Israel, Italy, Japan, Republic of Korea, Malaysia, The Netherlands, New Zealand, +Norway, Pakistan, Republic of Singapore, Spain, Sweden, Turkey, United Kingdom, +United States of America. The current list of signatory nations resp. approved certification +schemes can be seen on the web site: http://www.commoncriteriaportal.org +The Common Criteria Arrangement logo printed on the certificate indicates that this +certification is recognised under the terms of this agreement. +3 Performance of Evaluation and Certification +The certification body monitors each individual evaluation to ensure a uniform procedure, a +uniform interpretation of the criteria and uniform ratings. +The Fingerprint Spoof Detection Protection Profile based on Organisational Security +Policies (FSDPP_OSP), Version 1.7 has undergone the certification procedure at BSI. +The evaluation of the Fingerprint Spoof Detection Protection Profile based on +Organisational Security Policies (FSDPP_OSP), Version 1.7 was conducted by the ITSEF +SRC Security Research & Consulting GmbH. The evaluation was completed on +10 December 2009. The ITSEF SRC Security Research & Consulting GmbH is an +evaluation facility (ITSEF)6 +recognised by the certification body of BSI. +For this certification procedure the sponsor and applicant is: German Federal Office for +Information Security (BSI) +The PP was developed by: TÜV Informationstechnik GmbH +The certification is concluded with the comparability check and the production of this +Certification Report. This work was completed by the BSI. +6 +Information Technology Security Evaluation Facility +8 / 28 + BSI-CC-PP-0062-2010 Certification Report +4 Validity of the certification result +This Certification Report only applies to the version of the Protection Profile as indicated. +In case of changes to the certified version of the Protection Profile, the validity can be +extended to the new versions and releases, provided the sponsor applies for assurance +continuity (i.e. re-certification or maintenance) of the modified Protection Profile, in +accordance with the procedural requirements, and the evaluation does not reveal any +security deficiencies. +For the meaning of the assurance levels please refer to the excerpts from the criteria at +the end of the Certification Report. +5 Publication +The Fingerprint Spoof Detection Protection Profile based on Organisational Security +Policies (FSDPP_OSP), Version 1.7 has been included in the BSI list of the certified +Protection Profiles, which is published regularly (see also Internet: https://www.bsi.bund.de +and [4]). Further information can be obtained from BSI-Infoline +49 228 9582-111. +Further copies of this Certification Report can be requested from the sponsor7 +of the +Protection Profile. The Certification Report may also be obtained in electronic form at the +internet address stated above. +7 +Federal Office for Information Security (BSI) +Godesberger Allee 185-189 +53175 Bonn +9 / 28 + Certification Report BSI-CC-PP-0062-2010 +This page is intentionally left blank. +10 / 28 + BSI-CC-PP-0062-2010 Certification Report +B Certification Results +The following results represent a summary of +● the certified Protection Profile, +● the relevant evaluation results from the evaluation facility, and +● complementary notes and stipulations of the certification body. +11 / 28 + Certification Report BSI-CC-PP-0062-2010 +1 Protection Profile Overview +The Fingerprint Spoof Detection Protection Profile based on Organisational Security +Policies (FSDPP_OSP), Version 1.7 [6] is established by the German Federal Office for +Information Security (BSI) as a basis for the development of Security Targets in order to +perform a certification of an IT-product (TOE). +The Target of Evaluation (TOE) described in the Protection Profile (PP) is a system that +provides fingerprint spoof detection either as part of or in front of a biometric system for +fingerprint recognition. +The TOE determines whether a fingerprint presented to the biometric system is genuine or +spoofed. The term spoofed biometric characteristics hereby refers to artificially created +fake fingers which are currently known to circumvent fingerprint recognition systems. +For this purpose the spoof detection system acquires spoofing evidences for a presented +fingerprint using a sensor device. This sensor can either be part of the capture device that +is used to capture the biometric sample of the fingerprint (or even be identical to it) or be a +separate sensor device (or more than one) that is completely dedicated to spoof detection. +Beside the fingerprint spoof detection functionality every TOE that claims conformance to +the PP shall implement: +● Management functionality to modify security relevant parameters +● Quality control for management parameters +● Audit functionality for security relevant events +● Protection of residual and security relevant data +The assets to be protected by a TOE claiming conformance to this PP are defined in the +Protection Profile [6], chapter 4.2. Based on these assets the Security Problem Definition +is defined in terms of Assumptions and Organisational Security Policies. This is outlined in +the Protection Profile [6], chapters 4.3 to 4.5. +These Assumptions and Organisational Security Policies are split into Security Objectives +to be fulfilled by a TOE claiming conformance to this PP and Security Objectives to be +fulfilled by the operational environment of a TOE claiming conformance to this PP. These +Security Objectives are outlined in the PP [6], chapter 5. +The Protection Profile [6] requires a Security Target based on this PP or another PP +claiming this PP, to fulfil the CC requirements for strict conformance. +2 Security Functional Requirements +Based on the Security Objectives to be fulfilled by a TOE claiming conformance to this PP +the security policy is expressed by the set of Security Functional Requirements to be +implemented by a TOE. It covers the following issues: Biometric spoof detection, security +audit, residual information protection and TOE security management. +These TOE Security Functional Requirements (SFR) are outlined in the PP [6], chapter +7.1. They are selected from Common Criteria Part 2 and one of them is newly defined. +Thus the SFR claim is called: +Common Criteria Part 2 extended +12 / 28 + BSI-CC-PP-0062-2010 Certification Report +3 Security Assurance Requirements +Due to the special character of the technology described in this PP, an explicit assurance +package has been defined for the TOE. It has been chosen for this Protection Profile as +the PP should focus on application cases for which it is sufficient to determine whether the +Security Functionality claimed by a TOE is working correctly without performing a +dedicated vulnerability assessment. +The TOE security assurance package claimed in the Protection Profile is based entirely on +the assurance components defined in part 3 of the Common Criteria. Thus, this assurance +package is called: +Common Criteria Part 3 conformant +This explicit assurance package is based on EAL 2 and consists of the following +Assurance Families: +ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, +ALC_CMC.2, ALC_CMS.2, ALC_DEL.1, ALC_FLR.1, ASE_CCL.1, +ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, +ASE_TSS.1, ATE_COV.1, ATE_FUN.1, ATE_IND.2 +(for the definition and scope of assurance packages according to CC see part C or [1], +part 3 for details). +The only differences compared to EAL 2 are the omitted AVA_VAN.2 assurance +component and the added ALC_FLR.1 assurance component. +Additional guidance in form of the Fingerprint Spoof Detection Evaluation Guidance [8] +has been provided for some of the assurance components due to the special nature of +the biometric technology. +4 Results of the PP-Evaluation +The Evaluation Technical Report (ETR) [5] was provided by the ITSEF according to the +Common Criteria [1], the Methodology [2], the requirements of the Scheme [3] and all +interpretations and guidelines of the Scheme (AIS) [7] as relevant for the TOE. +As a result of the evaluation the verdict PASS is confirmed for the assurance components +of the class APE. +The following assurance components were used: +APE_INT.1 PP introduction +APE_CCL.1 Conformance claims +APE_SPD.1 Security problem definition +APE_OBJ.2 Security objectives +APE_ECD.1 Extended components definition +APE_REQ.2 Derived security requirements +The results of the evaluation are only applicable to the Protection Profile as defined in +chapter 1. +13 / 28 + Certification Report BSI-CC-PP-0062-2010 +5 Obligations and notes for the usage +The following aspects need to be fulfilled when using the Protection Profile: +Due to the special character of the technology described in this PP, the Fingerprint Spoof +Detection Evaluation Guidance [8] shall be applied during evaluation. This document will +provide the evaluator with additional information and guidance for some assurance +requirements. +6 Protection Profile Document +The Fingerprint Spoof Detection Protection Profile based on Organisational Security +Policies (FSDPP_OSP), Version 1.7 [6] is being provided within a separate document as +Annex A of this report. +7 Definitions +7.1 Acronyms +BSI Bundesamt für Sicherheit in der Informationstechnik / Federal Office for +Information Security, Bonn, Germany +CCRA Common Criteria Recognition Arrangement +CC Common Criteria for IT Security Evaluation +EAL Evaluation Assurance Level +FSDPP Fingerprint Spoof Detection Protection Profile +IT Information Technology +ITSEF Information Technology Security Evaluation Facility +OSP Organisational Security Policy +PP Protection Profile +SF Security Function +SFP Security Function Policy +ST Security Target +TOE Target of Evaluation +TSF TOE Security Functions +7.2 Glossary +Augmentation - The addition of one or more requirement(s) to a package. +Extension - The addition to an ST or PP of functional requirements not contained in part 2 +and/or assurance requirements not contained in part 3 of the CC. +Formal - Expressed in a restricted syntax language with defined semantics based on well- +established mathematical concepts. +Informal - Expressed in natural language. +14 / 28 + BSI-CC-PP-0062-2010 Certification Report +Object - An passive entity in the TOE, that contains or receives information, and upon +which subjects perform operations. +Protection Profile - An implementation-independent statement of security needs for a +TOE type. +Security Target - An implementation-dependent statement of security needs for a specific +identified TOE. +Semiformal - Expressed in a restricted syntax language with defined semantics. +Subject - An active entity in the TOE that performs operations on objects. +Target of Evaluation - A set of software, firmware and/or hardware possibly accompanied +by guidance. +TOE Security Functionality - A set consisting of all hardware, software, and firmware of +the TOE that must be relied upon for the correct enforcement of the SFRs. +8 Bibliography +[1] Common Criteria for Information Technology Security Evaluation, Version 3.1, +Part 1: Introduction and general model, Revision 3, July 2009 +Part 2: Security functional components, Revision 3, July 2009 +Part 3: Security assurance components, Revision 3, July 2009 +[2] Common Methodology for Information Technology Security Evaluation (CEM), +Evaluation Methodology, Version 3.1, Revision 3, July 2009 +[3] BSI certification: Procedural Description (BSI 7125) +[4] German IT Security Certificates (BSI 7148, BSI 7149), periodically updated list +published also on the BSI Website +[5] Evaluation Technical Report, Version 1.2, 09 December 2009, Evaluation Technical +Report (ETR) for a PP evaluation, Certification ID: BSI-CC-PP-0062, SRC Security +Research & Consulting GmbH (confidential document) +[6] Fingerprint Spoof Detection Protection Profile based on Organisational Security +Policies (FSDPP_OSP), BSI-CC-PP-0062, Version 1.7, 27 November 2009, Federal +Office for Information Security (BSI) +[7] Application Notes and Interpretations of the Scheme (AIS) as relevant for the TOE. +[8] Fingerprint Spoof Detection Evaluation Guidance, Version 2.0 (or a more recent +version), Federal Office for Information Security (BSI) +15 / 28 + Certification Report BSI-CC-PP-0062-2010 +This page is intentionally left blank. +16 / 28 + BSI-CC-PP-0062-2010 Certification Report +C Excerpts from the Criteria +CC Part1: +Conformance Claim (chapter 10.4) +„The conformance claim indicates the source of the collection of requirements that is met +by a PP or ST that passes its evaluation. This conformance claim contains a CC +conformance claim that: +● describes the version of the CC to which the PP or ST claims conformance. +● describes the conformance to CC Part 2 (security functional requirements) as either: +– CC Part 2 conformant - A PP or ST is CC Part 2 conformant if all SFRs in that +PP or ST are based only upon functional components in CC Part 2, or +– CC Part 2 extended - A PP or ST is CC Part 2 extended if at least one SFR in +that PP or ST is not based upon functional components in CC Part 2. +● describes the conformance to CC Part 3 (security assurance requirements) as either: +– CC Part 3 conformant - A PP or ST is CC Part 3 conformant if all SARs in that +PP or ST are based only upon assurance components in CC Part 3, or +– CC Part 3 extended - A PP or ST is CC Part 3 extended if at least one SAR in +that PP or ST is not based upon assurance components in CC Part 3. +Additionally, the conformance claim may include a statement made with respect to +packages, in which case it consists of one of the following: +● Package name Conformant - A PP or ST is conformant to a pre-defined package +(e.g. EAL) if: +– the SFRs of that PP or ST are identical to the SFRs in the package, or +– the SARs of that PP or ST are identical to the SARs in the package. +● Package name Augmented - A PP or ST is an augmentation of a predefined package +if: +– the SFRs of that PP or ST contain all SFRs in the package, but have at least +one additional SFR or one SFR that is hierarchically higher than an SFR in the +package. +– the SARs of that PP or ST contain all SARs in the package, but have at least +one additional SAR or one SAR that is hierarchically higher than an SAR in the +package. +Note that when a TOE is successfully evaluated to a given ST, any conformance claims of +the ST also hold for the TOE. A TOE can therefore also be e.g. CC Part 2 conformant. +Finally, the conformance claim may also include two statements with respect to Protection +Profiles: +● PP Conformant - A PP or TOE meets specific PP(s), which are listed as part of the +conformance result. +● Conformance Statement (Only for PPs) - This statement describes the manner in +which PPs or STs must conform to this PP: strict or demonstrable. For more +information on this Conformance Statement, see Annex D. +17 / 28 + Certification Report BSI-CC-PP-0062-2010 +CC Part 3: +Class APE: Protection Profile evaluation (chapter 10) +“Evaluating a PP is required to demonstrate that the PP is sound and internally consistent, +and, if the PP is based on one or more other PPs or on packages, that the PP is a correct +instantiation of these PPs and packages. These properties are necessary for the PP to be +suitable for use as the basis for writing an ST or another PP.” +Assurance Class Assurance Components +Class APE: Protection +Profile evaluation +APE_INT.1 PP introduction +APE_CCL.1 Conformance claims +APE_SPD.1 Security problem definition +APE_OBJ.1 Security objectives for the operational environment +APE_OBJ.2 Security objectives +APE_ECD.1 Extended components definition +APE_REQ.1 Stated security requirements +APE_REQ.2 Derived security requirements +APE: Protection Profile evaluation class decomposition +Class ASE: Security Target evaluation (chapter 11) +“Evaluating an ST is required to demonstrate that the ST is sound and internally +consistent, and, if the ST is based on one or more PPs or packages, that the ST is a +correct instantiation of these PPs and packages. These properties are necessary for the +ST to be suitable for use as the basis for a TOE evaluation.” +Assurance Class Assurance Components +Class ASE: Security +Target evaluation +ASE_INT.1 ST introduction +ASE_CCL.1 Conformance claims +ASE_SPD.1 Security problem definition +ASE_OBJ.1 Security objectives for the operational environment +ASE_OBJ.2 Security objectives +ASE_ECD.1 Extended components definition +ASE_REQ.1 Stated security requirements +ASE_REQ.2 Derived security requirements +ASE_TSS.1 TOE summary specification +ASE_TSS.2 TOE summary specification with architectural design +summary +ASE: Security Target evaluation class decomposition +18 / 28 + BSI-CC-PP-0062-2010 Certification Report +Security assurance components (chapter 7) +“The following sections describe the constructs used in representing the assurance +classes, families, and components.“ +“Each assurance class contains at least one assurance family.” +“Each assurance family contains one or more assurance components.” +The following table shows the assurance class decomposition. +Assurance Class Assurance Components +ADV: Development +ADV_ARC.1 Security architecture description +ADV_FSP.1 Basic functional specification +ADV_FSP.2 Security-enforcing functional specification +ADV_FSP.3 Functional specification with complete summary +ADV_FSP.4 Complete functional specification +ADV_FSP.5 Complete semi-formal functional specification with +additional error information +ADV_FSP.6 Complete semi-formal functional specification with +additional formal specification +ADV_IMP.1 Implementation representation of the TSF +ADV_IMP.2 Implementation of the TSF +ADV_INT.1 Well-structured subset of TSF internals +ADV_INT.2 Well-structured internals +ADV_INT.3 Minimally complex internals +ADV_SPM.1 Formal TOE security policy model +ADV_TDS.1 Basic design +ADV_TDS.2 Architectural design +ADV_TDS.3 Basic modular design +ADV_TDS.4 Semiformal modular design +ADV_TDS.5 Complete semiformal modular design +ADV_TDS.6 Complete semiformal modular design with formal high- +level design presentation +AGD: +Guidance documents +AGD_OPE.1 Operational user guidance +AGD_PRE.1 Preparative procedures +ALC: Life cycle support +ALC_CMC.1 Labelling of the TOE +ALC_CMC.2 Use of a CM system +ALC_CMC.3 Authorisation controls +ALC_CMC.4 Production support, acceptance procedures and +automation +ALC_CMC.5 Advanced support +ALC_CMS.1 TOE CM coverage +ALC_CMS.2 Parts of the TOE CM coverage +ALC_CMS.3 Implementation representation CM coverage +ALC_CMS.4 Problem tracking CM coverage +ALC_CMS.5 Development tools CM coverage +ALC_DEL.1 Delivery procedures +ALC_DVS.1 Identification of security measures +ALC_DVS.2 Sufficiency of security measures +19 / 28 + Certification Report BSI-CC-PP-0062-2010 +Assurance Class Assurance Components +ALC_FLR.1 Basic flaw remediation +ALC_FLR.2 Flaw reporting procedures +ALC_FLR.3 Systematic flaw remediation +ALC_LCD.1 Developer defined life-cycle model +ALC_LCD.2 Measurable life-cycle model +ALC_TAT.1 Well-defined development tools +ALC_TAT.2 Compliance with implementation standards +ALC_TAT.3 Compliance with implementation standards - all parts +ATE: Tests +ATE_COV.1 Evidence of coverage +ATE_COV.2 Analysis of coverage +ATE_COV.3 Rigorous analysis of coverage +ATE_DPT.1 Testing: basic design +ATE_DPT.2 Testing: security enforcing modules +ATE_DPT.3 Testing: modular design +ATE_DPT.4 Testing: implementation representation +ATE_FUN.1 Functional testing +ATE_FUN.2 Ordered functional testing +ATE_IND.1 Independent testing – conformance +ATE_IND.2 Independent testing – sample +ATE_IND.3 Independent testing – complete +AVA: Vulnerability +assessment +AVA_VAN.1 Vulnerability survey +AVA_VAN.2 Vulnerability analysis +AVA_VAN.3 Focused vulnerability analysis +AVA_VAN.4 Methodical vulnerability analysis +AVA_VAN.5 Advanced methodical vulnerability analysis +Assurance class decomposition +20 / 28 + BSI-CC-PP-0062-2010 Certification Report +Evaluation assurance levels (chapter 8) +“The Evaluation Assurance Levels (EALs) provide an increasing scale that balances the +level of assurance obtained with the cost and feasibility of acquiring that degree of +assurance. The CC approach identifies the separate concepts of assurance in a TOE at +the end of the evaluation, and of maintenance of that assurance during the operational use +of the TOE. +It is important to note that not all families and components from CC Part 3 are included in +the EALs. This is not to say that these do not provide meaningful and desirable +assurances. Instead, it is expected that these families and components will be considered +for augmentation of an EAL in those PPs and STs for which they provide utility.” +Evaluation assurance level (EAL) overview (chapter 8.1) +“Table 1 represents a summary of the EALs. The columns represent a hierarchically +ordered set of EALs, while the rows represent assurance families. Each number in the +resulting matrix identifies a specific assurance component where applicable. +As outlined in the next Section, seven hierarchically ordered evaluation assurance levels +are defined in the CC for the rating of a TOE's assurance. They are hierarchically ordered +inasmuch as each EAL represents more assurance than all lower EALs. The increase in +assurance from EAL to EAL is accomplished by substitution of a hierarchically higher +assurance component from the same assurance family (i.e. increasing rigour, scope, +and/or depth) and from the addition of assurance components from other assurance +families (i.e. adding new requirements). +These EALs consist of an appropriate combination of assurance components as described +in chapter 7 of this CC Part 3. More precisely, each EAL includes no more than one +component of each assurance family and all assurance dependencies of every component +are addressed. +While the EALs are defined in the CC, it is possible to represent other combinations of +assurance. Specifically, the notion of “augmentation” allows the addition of assurance +components (from assurance families not already included in the EAL) or the substitution +of assurance components (with another hierarchically higher assurance component in the +same assurance family) to an EAL. Of the assurance constructs defined in the CC, only +EALs may be augmented. The notion of an “EAL minus a constituent assurance +component” is not recognised by the standard as a valid claim. Augmentation carries with +it the obligation on the part of the claimant to justify the utility and added value of the +added assurance component to the EAL. An EAL may also be augmented with extended +assurance requirements. +21 / 28 + Certification Report BSI-CC-PP-0062-2010 +Assurance +Class +Assurance +Family +Assurance Components by +Evaluation Assurance Level +EAL1 EAL2 EAL3 EAL4 EAL5 EAL6 EAL7 +Development ADV_ARC 1 1 1 1 1 1 +ADV_FSP 1 2 3 4 5 5 6 +ADV_IMP 1 1 2 2 +ADV_INT 2 3 3 +ADV_SPM 1 1 +ADV_TDS 1 2 3 4 5 6 +Guidance AGD_OPE 1 1 1 1 1 1 1 +Documents AGD_PRE 1 1 1 1 1 1 1 +Life cycle +Support +ALC_CMC 1 2 3 4 4 5 5 +ALC_CMS 1 2 3 4 5 5 5 +ALC_DEL 1 1 1 1 1 1 +ALC_DVS 1 1 1 2 2 +ALC_FLR +ALC_LCD 1 1 1 1 2 +ALC_TAT 1 2 3 3 +Security Target +Evaluation +ASE_CCL 1 1 1 1 1 1 1 +ASE_ECD 1 1 1 1 1 1 1 +ASE_INT 1 1 1 1 1 1 1 +ASE_OBJ 1 2 2 2 2 2 2 +ASR_REQ 1 2 2 2 2 2 2 +ASE_SPD 1 1 1 1 1 1 +ASE_TSS 1 1 1 1 1 1 1 +Tests ATE_COV 1 2 2 2 3 3 +ATE_DPT 1 1 3 3 4 +ATE_FUN 1 1 1 1 2 2 +ATE_IND 1 2 2 2 2 2 3 +Vulnerability +assessment +AVA_VAN 1 2 2 3 4 5 5 +Table 1: Evaluation assurance level summary” +22 / 28 + BSI-CC-PP-0062-2010 Certification Report +Evaluation assurance level 1 (EAL1) - functionally tested (chapter 8.3) +“Objectives +EAL1 is applicable where some confidence in correct operation is required, but the threats +to security are not viewed as serious. It will be of value where independent assurance is +required to support the contention that due care has been exercised with respect to the +protection of personal or similar information. +EAL1 requires only a limited security target. It is sufficient to simply state the SFRs that the +TOE must meet, rather than deriving them from threats, OSPs and assumptions through +security objectives. +EAL1 provides an evaluation of the TOE as made available to the customer, including +independent testing against a specification, and an examination of the guidance +documentation provided. It is intended that an EAL1 evaluation could be successfully +conducted without assistance from the developer of the TOE, and for minimal outlay. +An evaluation at this level should provide evidence that the TOE functions in a manner +consistent with its documentation.” +Evaluation assurance level 2 (EAL2) - structurally tested (chapter 8.4) +“Objectives +EAL2 requires the co-operation of the developer in terms of the delivery of design +information and test results, but should not demand more effort on the part of the +developer than is consistent with good commercial practise. As such it should not require a +substantially increased investment of cost or time. +EAL2 is therefore applicable in those circumstances where developers or users require a +low to moderate level of independently assured security in the absence of ready +availability of the complete development record. Such a situation may arise when securing +legacy systems, or where access to the developer may be limited.” +Evaluation assurance level 3 (EAL3) - methodically tested and checked (chapter 8.5) +“Objectives +EAL3 permits a conscientious developer to gain maximum assurance from positive +security engineering at the design stage without substantial alteration of existing sound +development practises. +EAL3 is applicable in those circumstances where developers or users require a moderate +level of independently assured security, and require a thorough investigation of the TOE +and its development without substantial re-engineering.” +23 / 28 + Certification Report BSI-CC-PP-0062-2010 +Evaluation assurance level 4 (EAL4) - methodically designed, tested, and reviewed +(chapter 8.6) +“Objectives +EAL4 permits a developer to gain maximum assurance from positive security engineering +based on good commercial development practises which, though rigorous, do not require +substantial specialist knowledge, skills, and other resources. EAL4 is the highest level at +which it is likely to be economically feasible to retrofit to an existing product line. +EAL4 is therefore applicable in those circumstances where developers or users require a +moderate to high level of independently assured security in conventional commodity TOEs +and are prepared to incur additional security-specific engineering costs.” +Evaluation assurance level 5 (EAL5) - semiformally designed and tested (chapter 8.7) +“Objectives +EAL5 permits a developer to gain maximum assurance from security engineering based +upon rigorous commercial development practises supported by moderate application of +specialist security engineering techniques. Such a TOE will probably be designed and +developed with the intent of achieving EAL5 assurance. It is likely that the additional costs +attributable to the EAL5 requirements, relative to rigorous development without the +application of specialised techniques, will not be large. +EAL5 is therefore applicable in those circumstances where developers or users require a +high level of independently assured security in a planned development and require a +rigorous development approach without incurring unreasonable costs attributable to +specialist security engineering techniques.” +Evaluation assurance level 6 (EAL6) - semiformally verified design and tested +(chapter 8.8) +“Objectives +EAL6 permits developers to gain high assurance from application of security engineering +techniques to a rigorous development environment in order to produce a premium TOE for +protecting high value assets against significant risks. +EAL6 is therefore applicable to the development of security TOEs for application in high +risk situations where the value of the protected assets justifies the additional costs.” +Evaluation assurance level 7 (EAL7) - formally verified design and tested +(chapter 8.9) +“Objectives +EAL7 is applicable to the development of security TOEs for application in extremely high +risk situations and/or where the high value of the assets justifies the higher costs. Practical +application of EAL7 is currently limited to TOEs with tightly focused security functionality +that is amenable to extensive formal analysis.” +Class AVA: Vulnerability assessment (chapter 16) +“The AVA: Vulnerability assessment class addresses the possibility of exploitable +vulnerabilities introduced in the development or the operation of the TOE.” +24 / 28 + BSI-CC-PP-0062-2010 Certification Report +Vulnerability analysis (AVA_VAN) (chapter 16.1) +"Objectives +Vulnerability analysis is an assessment to determine whether potential vulnerabilities +identified, during the evaluation of the development and anticipated operation of the TOE +or by other methods (e.g. by flaw hypotheses or quantitative or statistical analysis of the +security behaviour of the underlying security mechanisms), could allow attackers to violate +the SFRs. +Vulnerability analysis deals with the threats that an attacker will be able to discover flaws +that will allow unauthorised access to data and functionality, allow the ability to interfere +with or alter the TSF, or interfere with the authorised capabilities of other users.” +25 / 28 + Certification Report BSI-CC-PP-0062-2010 +This page is intentionally left blank. +26 / 28 + BSI-CC-PP-0062-2010 Certification Report +D Annexes +List of annexes of this certification report +Annex A: Fingerprint Spoof Detection Protection Profile based on Organisational +Security Policies (FSDPP_OSP), Version 1.7 [6] provided within a separate +document. +27 / 28 + Certification Report BSI-CC-PP-0062-2010 +This page is intentionally left blank. +28 / 28 + From 34e664be468b258916532468db4886f8778183af Mon Sep 17 00:00:00 2001 From: Adam Janovsky Date: Tue, 28 Jan 2025 13:41:32 +0100 Subject: [PATCH 17/17] fix bad type in cc old dgst test --- tests/cc/test_cc_certificate.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/cc/test_cc_certificate.py b/tests/cc/test_cc_certificate.py index 2c236d68..d24f4c30 100644 --- a/tests/cc/test_cc_certificate.py +++ b/tests/cc/test_cc_certificate.py @@ -97,6 +97,6 @@ def test_cert_dgst(cert_one: CCCertificate): def test_cert_older_dgst(cert_one: CCCertificate): assert cert_one.older_dgst == "916f4d199f78d70c" - cert_one.category = None + cert_one.report_link = None with pytest.raises(RuntimeError): cert_one.older_dgst