From faa5b1171316f710fca2c5d1ba6feed3128cc028 Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger Date: Thu, 6 Nov 2025 07:53:47 +0100 Subject: [PATCH 1/3] feat: add Keycloak + basic realm file --- deployment/keycloak.yaml | 158 +++++++++++++++++++++++++++++++++++ deployment/kustomization.yml | 1 + 2 files changed, 159 insertions(+) create mode 100644 deployment/keycloak.yaml diff --git a/deployment/keycloak.yaml b/deployment/keycloak.yaml new file mode 100644 index 0000000..826bb7e --- /dev/null +++ b/deployment/keycloak.yaml @@ -0,0 +1,158 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: keycloak + namespace: edc-v +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - name: keycloak + image: quay.io/keycloak/keycloak:latest + args: + - "start-dev" + - "--health-enabled=true" + - "--import-realm" + ports: + - containerPort: 8080 + name: http + - containerPort: 9000 + name: health + env: + - name: KEYCLOAK_ADMIN + value: "admin" + - name: KC_BOOTSTRAP_ADMIN_USERNAME + value: "admin" + - name: KC_BOOTSTRAP_ADMIN_PASSWORD + value: "admin" + - name: KC_HTTP_ENABLED + value: "true" + - name: KC_HOSTNAME_STRICT + value: "false" + - name: KC_HEALTH_ENABLED + value: "true" + volumeMounts: + - name: realm-config + mountPath: /opt/keycloak/data/import + readinessProbe: + httpGet: + path: /health/ready + port: 9000 + initialDelaySeconds: 3 + periodSeconds: 5 + successThreshold: 1 + failureThreshold: 5 + livenessProbe: + httpGet: + path: /health/live + port: 9000 + initialDelaySeconds: 3 + periodSeconds: 5 + successThreshold: 1 + failureThreshold: 5 + volumes: + - name: realm-config + configMap: + name: keycloak-realm +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: keycloak-realm + namespace: edc-v +data: + edcv-realm.json: | + { + "realm": "edcv", + "enabled": true, + "roles": { + "realm": [ + { + "name": "admin", + "description": "Administrator with full access rights", + "composite": false, + "clientRole": false + }, + { + "name": "provisioner", + "description": "Can provision and manage resources", + "composite": false, + "clientRole": false + }, + { + "name": "user", + "description": "Regular user with limited access", + "composite": false, + "clientRole": false + } + ] + }, + "clients": [ + { + "clientId": "edcv-service", + "name": "EDCV Service Client", + "description": "Service account client for client_credentials flow", + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "edcv-service", + "serviceAccountsEnabled": true, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "publicClient": false, + "protocol": "openid-connect", + "attributes": { + "access.token.lifespan": "3600" + } + }, + { + "clientId": "edcv-provisioner", + "name": "EDCV Provisioner Client", + "description": "Client for provisioning and management tasks", + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "edcv-provisioner", + "serviceAccountsEnabled": true, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "publicClient": false, + "protocol": "openid-connect", + "attributes": { + "access.token.lifespan": "3600" + } + } + ], + "users": [ + { + "username": "service-account-edcv-provisioner", + "enabled": true, + "serviceAccountClientId": "edcv-provisioner", + "clientRoles": { + "realm-management": ["manage-clients", "view-clients", "create-client"] + } + } + ], + "groups": [], + "eventsEnabled": false + } +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + namespace: edc-v +spec: + selector: + app: keycloak + ports: + - port: 8080 + targetPort: 8080 + name: http diff --git a/deployment/kustomization.yml b/deployment/kustomization.yml index 139c91f..504d2ac 100644 --- a/deployment/kustomization.yml +++ b/deployment/kustomization.yml @@ -3,6 +3,7 @@ resources: - vault.yaml - postgres.yaml - nats.yaml + - keycloak.yaml - controlplane-config.yaml - controlplane.yaml - dataplane-config.yaml From f25c879bc758bb7e790305cddf7db179a77d88f0 Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger Date: Thu, 6 Nov 2025 11:02:17 +0100 Subject: [PATCH 2/3] add keycloak config and create-user script --- create_user.sh | 161 +++++++++++++++++++++++++++++++++++++++ deployment/keycloak.yaml | 152 +++++++++++++++++++++++++----------- 2 files changed, 269 insertions(+), 44 deletions(-) create mode 100755 create_user.sh diff --git a/create_user.sh b/create_user.sh new file mode 100755 index 0000000..67e0c18 --- /dev/null +++ b/create_user.sh @@ -0,0 +1,161 @@ +#!/usr/bin/env bash +set -euo pipefail + +# ----------------------------- +# CONFIGURATION +# ----------------------------- +KC_HOST="${KC_HOST:-http://localhost:8080}" # Keycloak base URL +REALM="${REALM:-edcv}" # Target realm +ADMIN_USER="${ADMIN_USER:-admin}" # Keycloak Admin user for REST API +ADMIN_PASS="${ADMIN_PASS:-admin}" # Keycloak Admin password +TENANT_CLIENT_ID="${1:-tenant-new}" # ClientId for new tenant +TENANT_NAME="${2:-Tenant New}" # Client Name / display name +#TENANT_ROLE="${3:-participant}" # Realm role to assign +PARTICIPANT_CONTEXT_ID="$(uuidgen | tr '[:upper:]' '[:lower:]')" # Generate UUID for participant context + +# ----------------------------- +# Get admin access token +# ----------------------------- +echo "Getting admin access token..." +TOKEN=$(curl -s -X POST "$KC_HOST/realms/master/protocol/openid-connect/token" \ + -H "Content-Type: application/x-www-form-urlencoded" \ + -d "username=$ADMIN_USER" \ + -d "password=$ADMIN_PASS" \ + -d "grant_type=password" \ + -d "client_id=admin-cli" | jq -r .access_token) # admin-cli is a built-in Keycloak user + +# ----------------------------- +# Create new confidential client +# ----------------------------- +echo "Creating client $TENANT_CLIENT_ID..." +curl -s -X POST "$KC_HOST/admin/realms/$REALM/clients" \ + -H "Authorization: Bearer $TOKEN" \ + -H "Content-Type: application/json" \ + -d "{ + \"clientId\": \"$TENANT_CLIENT_ID\", + \"name\": \"$TENANT_NAME\", + \"description\": \"Tenant client for API access\", + \"enabled\": true, + \"secret\": \"$TENANT_CLIENT_ID\", + \"protocol\": \"openid-connect\", + \"publicClient\": false, + \"serviceAccountsEnabled\": true, + \"standardFlowEnabled\": false, + \"directAccessGrantsEnabled\": false, + \"fullScopeAllowed\": true, + \"protocolMappers\": [ + { + \"name\": \"participantContextId\", + \"protocol\": \"openid-connect\", + \"protocolMapper\": \"oidc-hardcoded-claim-mapper\", + \"consentRequired\": false, + \"config\": { + \"claim.name\": \"participant_context_id\", + \"claim.value\": \"$PARTICIPANT_CONTEXT_ID\", + \"jsonType.label\": \"String\", + \"access.token.claim\": \"true\", + \"id.token.claim\": \"true\", + \"userinfo.token.claim\": \"true\" + } + }, + { + \"name\": \"role\", + \"protocol\": \"openid-connect\", + \"protocolMapper\": \"oidc-hardcoded-claim-mapper\", + \"consentRequired\": false, + \"config\": { + \"claim.name\": \"role\", + \"claim.value\": \"participant\", + \"jsonType.label\": \"String\", + \"access.token.claim\": \"true\", + \"id.token.claim\": \"true\", + \"userinfo.token.claim\": \"true\" + } + } + ] + }" + +# ----------------------------- +# Get internal client UUID +# ----------------------------- +CLIENT_UUID=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/clients?clientId=$TENANT_CLIENT_ID" \ + -H "Authorization: Bearer $TOKEN" | jq -r '.[0].id') + +# ----------------------------- +# Retrieve client secret +# ----------------------------- +SECRET=$(curl -s -X POST "$KC_HOST/admin/realms/$REALM/clients/$CLIENT_UUID/client-secret" \ + -H "Authorization: Bearer $TOKEN" \ + -H "Content-Type: application/json" | jq -r .value) + +echo "Client secret for $TENANT_CLIENT_ID: $SECRET" + +## ----------------------------- +## Get service account user ID +## ----------------------------- +#SERVICE_ACCOUNT_ID=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/clients/$CLIENT_UUID/service-account-user" \ +# -H "Authorization: Bearer $TOKEN" | jq -r .id) +# +## ----------------------------- +## Get realm role ID +## ----------------------------- +#ROLE_ID=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/roles/$TENANT_ROLE" \ +# -H "Authorization: Bearer $TOKEN" | jq -r .id) +# +## ----------------------------- +## Assign realm role to service account +## ----------------------------- +#curl -s -X POST "$KC_HOST/admin/realms/$REALM/users/$SERVICE_ACCOUNT_ID/role-mappings/realm" \ +# -H "Authorization: Bearer $TOKEN" \ +# -H "Content-Type: application/json" \ +# -d "[{\"id\":\"$ROLE_ID\",\"name\":\"$TENANT_ROLE\"}]" +# +#echo "Assigned realm role '$TENANT_ROLE' to service account for $TENANT_CLIENT_ID" + +# ----------------------------- +# Add all client scopes to the new client as optional +# ----------------------------- +echo "Adding client scopes to $TENANT_CLIENT_ID as optional..." +CLIENT_SCOPES=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/client-scopes" \ + -H "Authorization: Bearer $TOKEN" | jq -r '.[].id') + +for SCOPE_ID in $CLIENT_SCOPES; do + curl -s -X PUT "$KC_HOST/admin/realms/$REALM/clients/$CLIENT_UUID/optional-client-scopes/$SCOPE_ID" \ + -H "Authorization: Bearer $TOKEN" +done + +echo "Client scopes added to $TENANT_CLIENT_ID as optional" + +# ----------------------------- +# Optional: add tenant_id claim +# ----------------------------- +# we are setting protocol mappers directly when creating the user, see above. + +#if [ -n "$TENANT_ID_CLAIM" ]; then +# echo "Adding protocol mapper for tenant_id claim..." +# curl -s -X POST "$KC_HOST/admin/realms/$REALM/clients/$CLIENT_UUID/protocol-mappers/models" \ +# -H "Authorization: Bearer $TOKEN" \ +# -H "Content-Type: application/json" \ +# -d "{ +# \"name\": \"tenant_id\", +# \"protocol\": \"openid-connect\", +# \"protocolMapper\": \"oidc-hardcoded-claim-mapper\", +# \"consentRequired\": false, +# \"config\": { +# \"claim.name\": \"tenant_id\", +# \"claim.value\": \"$TENANT_ID_CLAIM\", +# \"jsonType.label\": \"String\", +# \"access.token.claim\": \"true\", +# \"id.token.claim\": \"true\", +# \"userinfo.token.claim\": \"true\" +# } +# }" +# echo "tenant_id claim added with value '$TENANT_ID_CLAIM'" +#fi + +echo "✅ Tenant client '$TENANT_CLIENT_ID' created successfully." +echo "Use the following client credentials to obtain a token:" +echo " Client UUID (internal, will be in the 'sub' claim): $CLIENT_UUID" +echo " Client ID (used to get tokens): $TENANT_CLIENT_ID" +echo " Secret: $SECRET" +echo " Participant Context ID: $PARTICIPANT_CONTEXT_ID" \ No newline at end of file diff --git a/deployment/keycloak.yaml b/deployment/keycloak.yaml index 826bb7e..7acc620 100644 --- a/deployment/keycloak.yaml +++ b/deployment/keycloak.yaml @@ -72,74 +72,138 @@ data: { "realm": "edcv", "enabled": true, + "displayName": "EDCV Realm", "roles": { "realm": [ { "name": "admin", - "description": "Administrator with full access rights", - "composite": false, - "clientRole": false - }, + "description": "Administrator with full access to all tenants and their resources"}, { "name": "provisioner", - "description": "Can provision and manage resources", - "composite": false, - "clientRole": false - }, + "description": "Can create and delete tenants but cannot access their resources"}, { - "name": "user", - "description": "Regular user with limited access", - "composite": false, - "clientRole": false - } + "name": "participant", + "description": "Regular participant context access role, can access their own resources"} ] }, - "clients": [ + "clientScopes": [ { - "clientId": "edcv-service", - "name": "EDCV Service Client", - "description": "Service account client for client_credentials flow", - "enabled": true, - "clientAuthenticatorType": "client-secret", - "secret": "edcv-service", - "serviceAccountsEnabled": true, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "publicClient": false, + "name": "identity-api-read", + "description": "Read access to Identity API", "protocol": "openid-connect", "attributes": { - "access.token.lifespan": "3600" + "include.in.token.scope": "true", + "display.on.consent.screen": "true" } }, { - "clientId": "edcv-provisioner", - "name": "EDCV Provisioner Client", - "description": "Client for provisioning and management tasks", - "enabled": true, - "clientAuthenticatorType": "client-secret", - "secret": "edcv-provisioner", - "serviceAccountsEnabled": true, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "publicClient": false, + "name": "identity-api-write", + "description": "Create, update delete objects in the Identity API", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true" + } + }, + { + "name": "management-api-read", + "description": "Read access to the Management API of the EDC Control Plane", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true" + } + }, + { + "name": "management-api-write", + "description": "Create, update and delete objects in the Management API of the EDC Control Plane", "protocol": "openid-connect", "attributes": { - "access.token.lifespan": "3600" + "include.in.token.scope": "true", + "display.on.consent.screen": "true" + } + }, + { + "name": "issuer-admin-api", + "description": "full access to the Issuer Admin API", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true" } } ], - "users": [ + "defaultOptionalClientScopes": [ + "offline_access", + "management-api-read", + "management-api-write", + "identity-api-read", + "identity-api-write" + ], + "clients": [ { - "username": "service-account-edcv-provisioner", + "clientId": "edcv-admin", + "name": "EDC-V Admin User", + "description": "Global admin client with full access", "enabled": true, - "serviceAccountClientId": "edcv-provisioner", - "clientRoles": { - "realm-management": ["manage-clients", "view-clients", "create-client"] - } + "protocol": "openid-connect", + "publicClient": false, + "serviceAccountsEnabled": true, + "secret": "edc-v-admin-secret", + "standardFlowEnabled": false, + "directAccessGrantsEnabled": false, + "fullScopeAllowed": true, + "protocolMappers": [ + { + "name": "role", + "protocol": "openid-connect", + "protocolMapper": "oidc-hardcoded-claim-mapper", + "consentRequired": false, + "config": { + "claim.name": "role", + "claim.value": "edcv-admin", + "jsonType.label": "String", + "access.token.claim": "true", + "id.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ] + }, + { + "clientId": "edcv-provisioner", + "name": "Provisioner User", + "description": "Can create and delete tenants", + "enabled": true, + "protocol": "openid-connect", + "publicClient": false, + "serviceAccountsEnabled": true, + "secret": "provisioner-secret", + "standardFlowEnabled": false, + "directAccessGrantsEnabled": false, + "fullScopeAllowed": true, + "protocolMappers": [ + { + "name": "role", + "protocol": "openid-connect", + "protocolMapper": "oidc-hardcoded-claim-mapper", + "consentRequired": false, + "config": { + "claim.name": "role", + "claim.value": "provisioner", + "jsonType.label": "String", + "access.token.claim": "true", + "id.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "issuer-admin-api" + ] } ], + "users": [], "groups": [], "eventsEnabled": false } From 6c38b3a40b7de89e28f7be4e636c8ea5ce5ad1fa Mon Sep 17 00:00:00 2001 From: Paul Latzelsperger Date: Fri, 7 Nov 2025 11:32:24 +0100 Subject: [PATCH 3/3] add README, improve deployment --- README.md | 326 +++++++++++++++++ create_user.sh | 55 +-- deployment/keycloak.yaml | 49 ++- deployment/nats.yaml | 19 + deployment/postgres.yaml | 27 +- deployment/vault.yaml | 19 + .../eclipse/edc/virtualized/ApiExtension.java | 6 +- .../{management => data}/CatalogRequest.java | 2 +- .../DataApiController.java} | 10 +- .../api/{management => data}/DataRequest.java | 2 +- .../ParticipantContextApiController.java | 2 +- .../ParticipantManifest.java | 2 +- .../service/DataRequestService.java | 20 +- .../service/OnboardingService.java | 12 +- .../virtualized/seed/NatsSeedExtension.java | 7 +- oauth_postman.png | Bin 0 -> 172693 bytes postman/Onboarding.postman_collection.json | 342 +++++++++++++----- 17 files changed, 747 insertions(+), 153 deletions(-) create mode 100644 README.md rename extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/{management => data}/CatalogRequest.java (93%) rename extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/{management/WrapperApiController.java => data/DataApiController.java} (91%) rename extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/{management => data}/DataRequest.java (62%) rename extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/{participant => management}/ParticipantContextApiController.java (97%) rename extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/{participant => management}/ParticipantManifest.java (98%) create mode 100644 oauth_postman.png diff --git a/README.md b/README.md new file mode 100644 index 0000000..f934297 --- /dev/null +++ b/README.md @@ -0,0 +1,326 @@ +# JAD - Just Another Demonstrator + +JAD is a demonstrator that deploys a fully-fledged dataspace as a Software-as-a-Service (SaaS) solution in Kubernetes. +This is to illustrate how Cloud Service Providers (CSPs) can deploy and manage dataspace components in their own cloud +infrastructure. + +For that, JAD uses the "Virtual Connector" project: https://github.com/eclipse-edc/Virtual-Connector + +Such a dataspace requires – at a minimum – the following components: + +- a control plane: handles protocol messages and catalog data for each participant +- IdentityHub: responsible for managing Verifiable Credentials (presentation and storage) +- IssuerService: issues Verifiable Credentials to participants' IdentityHubs +- a data plane: performs the actual data transfer +- an identity provider: handles API authentication of management APIs. We are using Keycloak here. +- a vault: used to securely store sensitive data, such as the private keys etc. We are using Hashicorp Vault. +- a database server: contains persistent data of all the components. We are using PostgreSQL. +- a messaging system: used to process asynchronous messages. We are using NATS for this. + +## Required tools and apps + +- KinD: a basic Kubernetes runtime inside a single Docker container. +- Java 17+ +- Docker +- `kubectl` +- macOS or Linux as an operating system. **Windows is not natively supported**! +- a POSIX-compliant shell (e.g., bash, zsh) +- Postman (or similar), or `newman` +- [optional]: a Kubernetes monitoring tool like K9S, Lens, Headlamp, etc. Not required, but certainly helpful. + +_All shell commands are executed from the root of the project unless stated otherwise._ + +## Getting started + +### 0. Create KinD cluster + +To create a KinD cluster, run: + +```shell +cp ~/.kube/config ~/.kube/config.bak # to save your existing kubeconfig +kind create cluster -n edcv --config kind.config.yaml --kubeconfig ~/.kube/edcv-kind.conf +ln -sf ~/.kube/edcv-kind.conf ~/.kube/config # to use KinD's kubeconfig +``` + +### 1. Build Docker images + +To build the Docker images of the data space components, run: + +```shell +./gradlew dockerize +``` + +This will build the Docker images for all components and store them in the local Docker registry. + +JAD requires a special version of PostgreSQL. In particular, it install the `wal2json` extension. You can create this +special postgres version by running + +```shell +docker buildx build -f launchers/postgres/Dockerfile --platform linux/amd64,linux/arm64 -t postgres:wal2json launchers/postgres +``` + +this will create the image `postgres:wal2json` for both amd64 and arm64 (e.g. Apple Silicon) architectures. + +### 2. Load images into KinD + +KinD has no access to the host's docker context, so we need to load the images into KinD. Verify that all images are +there by running `docker images`. Then run: + +```shell +kind load docker-image \ + controlplane:0.15.0-SNAPSHOT \ + identity-hub:0.15.0-SNAPSHOT \ + issuerservice:0.15.0-SNAPSHOT \ + dataplane:0.15.0-SNAPSHOT \ + postgres:wal2json -n edcv +``` + +### 3. Deploy the services + +JAD uses plain Kubernetes manifests to deploy the services and Kustomize to configure the order. All the manifests are +located in the [deployment](./deployment) folder. + +```shell +kubectl apply -k deployment/ +``` + +This deploys all the services in the correct order. The services are deployed in the `edcv` namespace. Please verify +that everything got deployed correctly by running `kubectl get deployments -n edcv`. This should output something like: + +```text +NAME READY UP-TO-DATE AVAILABLE AGE +controlplane 1/1 1 1 66m +dataplane 1/1 1 1 66m +identityhub 1/1 1 1 66m +issuerservice 1/1 1 1 66m +keycloak 1/1 1 1 66m +nats 1/1 1 1 66m +postgres 1/1 1 1 66m +vault 1/1 1 1 66m +``` + +### 4. Inspect your deployment + +- database: the PostgreSQL database is accessible from outside the cluster via + `jdbc:postgresql://postgres.localhost/controlplane`, username `postgres`, password ``. +- vault: the vault is accessible from outside the cluster via `http://vault.localhost`, using token `root`. +- keycloak: access `http://keycloak.localhost/` and use username `admin` and password `admin` + +### 5. Prepare the data space + +On the dataspace level, a few bits and pieces are required for the data space to become operational. These can be put in +place by running the REST requests in the `Setup Issuer` folder in +the [Postman collection](./postman/Onboarding.postman_collection.json): + +```shell +newman run \ + --folder "Setup Issuer" \ + --env-var "baseURL=http://localhost" \ + ./postman/Onboarding.postman_collection.json +``` + +This creates an issuer account and puts attestation definitions and credential definitions into the issuer's database. +It should output something like: + +```text +EDC-V Onboarding + +❏ Setup Issuer +↳ Create Tenant in IssuerService + POST http://localhost/issuer/cs/api/identity/v1alpha/participants [200 OK, 351B, 92ms] + ✓ Response is valid JSON + ✓ Response contains apiKey, clientId and clientSecret + +↳ Create AttestationDefinition + POST http://localhost/issuer/admin/api/admin/v1alpha/participants/aXNzdWVy/attestations [201 Created, 204B, 9ms] + +↳ Create CredentialDefinition + POST http://localhost/issuer/admin/api/admin/v1alpha/participants/aXNzdWVy/credentialdefinitions [201 Created, 210B, 13ms] + +┌─────────────────────────┬──────────────────┬──────────────────┐ +│ │ executed │ failed │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ iterations │ 1 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ requests │ 3 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ test-scripts │ 4 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ prerequest-scripts │ 3 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ assertions │ 2 │ 0 │ +├─────────────────────────┴──────────────────┴──────────────────┤ +│ total run duration: 159ms │ +├───────────────────────────────────────────────────────────────┤ +│ total data received: 218B (approx) │ +├───────────────────────────────────────────────────────────────┤ +│ average response time: 38ms [min: 9ms, max: 92ms, s.d.: 38ms] │ +└───────────────────────────────────────────────────────────────┘ +``` + +Next, we need to create a consumer and a provider participant. For this, we can also use Postman: + +```shell +newman run \ + --folder "Create Provider Tenant" \ + --folder "Create Consumer Tenant" \ + --env-var "baseURL=http://localhost" \ + ./postman/Onboarding.postman_collection.json +``` + +This sets up accounts in the IssuerService, the IdentityHub and the ControlPlane, plus it issues the +`MembershipCredential` to each new participant. It also seeds dummy data to each participant, specifically an Asset, a +Policy and a ContractDefinition. This is currently done from code, since EDC-V does not yet (Nov 7, 2025) have a +Management API. + +The output should look like this: + +```text +EDC-V Onboarding + +❏ Create Consumer Tenant +↳ Create Consumer Holder in IssuerService + POST http://localhost/issuer/admin/api/admin/v1alpha/participants/aXNzdWVy/holders [404 Not Found, 274B, 93ms] + +↳ Create Consumer Tenant in IdentityHub + POST http://localhost/cs/api/identity/v1alpha/participants [200 OK, 354B, 80ms] + ✓ Response is valid JSON + ✓ Response contains apiKey, clientId and clientSecret + +↳ Request Credentials + POST http://localhost/cs/api/identity/v1alpha/participants/Y29uc3VtZXI=/credentials/request [201 Created, 207B, 14ms] + +↳ Create Consumer in Control Plane + POST http://localhost/cp/api/mgmt/v1alpha/participants [201 Created, 564B, 7ms] + +❏ Create Provider Tenant +↳ Create Provider Holder in IssuerService + POST http://localhost/issuer/admin/api/admin/v1alpha/participants/aXNzdWVy/holders [404 Not Found, 274B, 6ms] + +↳ Create Provider Tenant in IdentityHub + POST http://localhost/cs/api/identity/v1alpha/participants [200 OK, 354B, 14ms] + ✓ Response is valid JSON + ✓ Response contains apiKey, clientId and clientSecret + +↳ Request Credentials + POST http://localhost/cs/api/identity/v1alpha/participants/cHJvdmlkZXI=/credentials/request [201 Created, 207B, 5ms] + +↳ Create Provider in Control Plane + POST http://localhost/cp/api/mgmt/v1alpha/participants [201 Created, 166B, 7ms] + +┌─────────────────────────┬──────────────────┬──────────────────┐ +│ │ executed │ failed │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ iterations │ 1 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ requests │ 8 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ test-scripts │ 18 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ prerequest-scripts │ 16 │ 0 │ +├─────────────────────────┼──────────────────┼──────────────────┤ +│ assertions │ 4 │ 0 │ +├─────────────────────────┴──────────────────┴──────────────────┤ +│ total run duration: 336ms │ +├───────────────────────────────────────────────────────────────┤ +│ total data received: 1.07kB (approx) │ +├───────────────────────────────────────────────────────────────┤ +│ average response time: 28ms [min: 5ms, max: 93ms, s.d.: 33ms] │ +└───────────────────────────────────────────────────────────────┘ +``` + +## Transfer Data + +EDC-V does not yet have a Management API, so there is a quick'n'dirty workaround to transfer data: there is one API +endpoint that fetches the catalog (`Data Transfer/Get Catalog`) and another endpoint (`Data Transfer/Get Data`) that +initiates the contract negotiation, waits for its successful completion, then starts the data transfer. + +Perform the entire sequence by running: + +```shell +newman run --verbose \ + --folder "Get Catalog" \ + --folder "Get Data" \ + --env-var "baseURL=http://localhost" \ + ./postman/Onboarding.postman_collection.json +``` + +This will request the catalog, which contains exactly one dataset, then initiates contract negotiation and data +transfer for that asset. If everything went well, the output should contain demo output +from https://jsonplaceholder.typicode.com/todos, something like: + +```json lines +[ + { + "userId": 1, + "id": 1, + "title": "delectus aut autem", + "completed": false + }, + { + "userId": 1, + "id": 2, + "title": "quis ut nam facilis et officia qui", + "completed": false + }, + //... +] +``` + +## Cleanup + +To remove the deployment, run: + +```shell +kubectl delete -k deployment/ +``` + +## Experimental Features + +### Management API using OAuth2.0 and Keycloak + +Use the [create_user.sh](./create_user.sh) script to provision new clients in Keycloak: + +```shell +./ ./create_user.sh consumer "Consumer Participant" participant +``` + +The output should look like this: + +```shell +Getting admin access token... +Creating client consumer... +Client secret for consumer: JjG3hNm99h7b3JBxbAyqn8kPiCPiVkvQ +Assigned realm role 'participant' to service account for consumer +Adding client scopes to consumer as optional... +Client scopes added to consumer as optional +✅ Tenant client 'consumer' created successfully. +Use the following client credentials to obtain a token: + Client UUID (internal, will be in the 'sub' claim): 0447f0bd-a451-4142-b68c-b710754def6b + Client ID (used to get tokens): consumer + Secret: JjG3hNm99h7b3JBxbAyqn8kPiCPiVkvQ + Participant Context ID: consumer +``` + +Take note of the "Client ID," the "Participant Context ID" and the "Secret"; we will need them to get an access token +from Keycloak. + +The easiest way to do this is to set up authentication in Postman. In the "Authorization" tab, select "OAuth 2.0" and +configure the OAuth2.0 settings as follows: + +![oauth_postman.png](oauth_postman.png) + +Alternatively, you can manually fetch the access token by running: + +```shell +curl -X POST http://keycloak.localhost/realms/edcv/protocol/openid-connect/token \ + -H "Content-Type: application/x-www-form-urlencoded" \ + -d "grant_type=client_credentials" \ + -d "client_id=consumer" \ + -d "client_secret=JjG3hNm99h7b3JBxbAyqn8kPiCPiVkvQ" | jq -r '.access_token' +``` + +Copy the access token and use it in the "Authorization" header using the "Bearer" prefix. + +Use the requests in the `Experimental` folder in the [Postman collection](./postman/Onboarding.postman_collection.json) +to send requests to the Management API of EDC-V. \ No newline at end of file diff --git a/create_user.sh b/create_user.sh index 67e0c18..1097c64 100755 --- a/create_user.sh +++ b/create_user.sh @@ -4,14 +4,14 @@ set -euo pipefail # ----------------------------- # CONFIGURATION # ----------------------------- -KC_HOST="${KC_HOST:-http://localhost:8080}" # Keycloak base URL +KC_HOST="${KC_HOST:-http://keycloak.localhost}" # Keycloak base URL REALM="${REALM:-edcv}" # Target realm ADMIN_USER="${ADMIN_USER:-admin}" # Keycloak Admin user for REST API ADMIN_PASS="${ADMIN_PASS:-admin}" # Keycloak Admin password TENANT_CLIENT_ID="${1:-tenant-new}" # ClientId for new tenant TENANT_NAME="${2:-Tenant New}" # Client Name / display name -#TENANT_ROLE="${3:-participant}" # Realm role to assign -PARTICIPANT_CONTEXT_ID="$(uuidgen | tr '[:upper:]' '[:lower:]')" # Generate UUID for participant context +TENANT_ROLE="${3:-participant}" # Realm role to assign +PARTICIPANT_CONTEXT_ID=$TENANT_CLIENT_ID # ----------------------------- # Get admin access token @@ -65,7 +65,7 @@ curl -s -X POST "$KC_HOST/admin/realms/$REALM/clients" \ \"consentRequired\": false, \"config\": { \"claim.name\": \"role\", - \"claim.value\": \"participant\", + \"claim.value\": \"edcv-participant\", \"jsonType.label\": \"String\", \"access.token.claim\": \"true\", \"id.token.claim\": \"true\", @@ -90,27 +90,27 @@ SECRET=$(curl -s -X POST "$KC_HOST/admin/realms/$REALM/clients/$CLIENT_UUID/clie echo "Client secret for $TENANT_CLIENT_ID: $SECRET" -## ----------------------------- -## Get service account user ID -## ----------------------------- -#SERVICE_ACCOUNT_ID=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/clients/$CLIENT_UUID/service-account-user" \ -# -H "Authorization: Bearer $TOKEN" | jq -r .id) -# -## ----------------------------- -## Get realm role ID -## ----------------------------- -#ROLE_ID=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/roles/$TENANT_ROLE" \ -# -H "Authorization: Bearer $TOKEN" | jq -r .id) -# -## ----------------------------- -## Assign realm role to service account -## ----------------------------- -#curl -s -X POST "$KC_HOST/admin/realms/$REALM/users/$SERVICE_ACCOUNT_ID/role-mappings/realm" \ -# -H "Authorization: Bearer $TOKEN" \ -# -H "Content-Type: application/json" \ -# -d "[{\"id\":\"$ROLE_ID\",\"name\":\"$TENANT_ROLE\"}]" -# -#echo "Assigned realm role '$TENANT_ROLE' to service account for $TENANT_CLIENT_ID" +# ----------------------------- +# Get service account user ID +# ----------------------------- +SERVICE_ACCOUNT_ID=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/clients/$CLIENT_UUID/service-account-user" \ + -H "Authorization: Bearer $TOKEN" | jq -r .id) + +# ----------------------------- +# Get realm role ID +# ----------------------------- +ROLE_ID=$(curl -s -X GET "$KC_HOST/admin/realms/$REALM/roles/$TENANT_ROLE" \ + -H "Authorization: Bearer $TOKEN" | jq -r .id) + +# ----------------------------- +# Assign realm role to service account +# ----------------------------- +curl -s -X POST "$KC_HOST/admin/realms/$REALM/users/$SERVICE_ACCOUNT_ID/role-mappings/realm" \ + -H "Authorization: Bearer $TOKEN" \ + -H "Content-Type: application/json" \ + -d "[{\"id\":\"$ROLE_ID\",\"name\":\"$TENANT_ROLE\"}]" + +echo "Assigned realm role '$TENANT_ROLE' to service account for $TENANT_CLIENT_ID" # ----------------------------- # Add all client scopes to the new client as optional @@ -129,7 +129,12 @@ echo "Client scopes added to $TENANT_CLIENT_ID as optional" # ----------------------------- # Optional: add tenant_id claim # ----------------------------- + +# ************************** # we are setting protocol mappers directly when creating the user, see above. +# this snippet could be used to set more claims in the future +# ************************** + #if [ -n "$TENANT_ID_CLAIM" ]; then # echo "Adding protocol mapper for tenant_id claim..." diff --git a/deployment/keycloak.yaml b/deployment/keycloak.yaml index 7acc620..ecc5a57 100644 --- a/deployment/keycloak.yaml +++ b/deployment/keycloak.yaml @@ -38,6 +38,20 @@ spec: value: "false" - name: KC_HEALTH_ENABLED value: "true" + - name: KC_METRICS_ENABLED + value: "true" + - name: KC_LOG_LEVEL + value: INFO + - name: KC_DB + value: postgres + - name: POSTGRES_DB + value: keycloak + - name: KC_DB_URL + value: jdbc:postgresql://postgres.edc-v.svc.cluster.local:5432/keycloak + - name: KC_DB_USERNAME + value: "kc" + - name: KC_DB_PASSWORD + value: "kc" volumeMounts: - name: realm-config mountPath: /opt/keycloak/data/import @@ -88,7 +102,7 @@ data: }, "clientScopes": [ { - "name": "identity-api-read", + "name": "identity-api:read", "description": "Read access to Identity API", "protocol": "openid-connect", "attributes": { @@ -97,7 +111,7 @@ data: } }, { - "name": "identity-api-write", + "name": "identity-api:write", "description": "Create, update delete objects in the Identity API", "protocol": "openid-connect", "attributes": { @@ -106,7 +120,7 @@ data: } }, { - "name": "management-api-read", + "name": "management-api:read", "description": "Read access to the Management API of the EDC Control Plane", "protocol": "openid-connect", "attributes": { @@ -115,7 +129,7 @@ data: } }, { - "name": "management-api-write", + "name": "management-api:write", "description": "Create, update and delete objects in the Management API of the EDC Control Plane", "protocol": "openid-connect", "attributes": { @@ -135,10 +149,10 @@ data: ], "defaultOptionalClientScopes": [ "offline_access", - "management-api-read", - "management-api-write", - "identity-api-read", - "identity-api-write" + "management-api:read", + "management-api:write", + "identity-api:read", + "identity-api:write" ], "clients": [ { @@ -220,3 +234,22 @@ spec: - port: 8080 targetPort: 8080 name: http + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak + namespace: edc-v +spec: + rules: + - host: keycloak.localhost + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: keycloak + port: + number: 8080 \ No newline at end of file diff --git a/deployment/nats.yaml b/deployment/nats.yaml index 72ed909..b00dc36 100644 --- a/deployment/nats.yaml +++ b/deployment/nats.yaml @@ -41,3 +41,22 @@ spec: - name: nats port: 4222 targetPort: 4222 + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: nats + namespace: edc-v +spec: + rules: + - host: nats.localhost + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: nats + port: + number: 4222 \ No newline at end of file diff --git a/deployment/postgres.yaml b/deployment/postgres.yaml index 7e7b184..b8fab0c 100644 --- a/deployment/postgres.yaml +++ b/deployment/postgres.yaml @@ -46,6 +46,25 @@ spec: targetPort: 5432 --- +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: postgres + namespace: edc-v +spec: + rules: + - host: postgres.localhost + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: postgres + port: + number: 5432 +--- apiVersion: v1 kind: ConfigMap metadata: @@ -69,4 +88,10 @@ data: CREATE USER dp WITH PASSWORD 'dp'; GRANT ALL PRIVILEGES ON DATABASE dataplane TO dp; \c dataplane - GRANT ALL ON SCHEMA public TO dp; \ No newline at end of file + GRANT ALL ON SCHEMA public TO dp; + + CREATE DATABASE keycloak; + CREATE USER kc WITH PASSWORD 'kc'; + GRANT ALL PRIVILEGES ON DATABASE keycloak TO kc; + \c keycloak + GRANT ALL ON SCHEMA public TO kc; \ No newline at end of file diff --git a/deployment/vault.yaml b/deployment/vault.yaml index c5d583c..e6bb3f4 100644 --- a/deployment/vault.yaml +++ b/deployment/vault.yaml @@ -42,3 +42,22 @@ spec: ports: - port: 8200 targetPort: 8200 + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: vault + namespace: edc-v +spec: + rules: + - host: vault.localhost + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: vault + port: + number: 8200 \ No newline at end of file diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/ApiExtension.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/ApiExtension.java index 16cfc89..0c90abf 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/ApiExtension.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/ApiExtension.java @@ -20,8 +20,8 @@ import org.eclipse.edc.spi.system.ServiceExtension; import org.eclipse.edc.spi.system.ServiceExtensionContext; import org.eclipse.edc.transaction.spi.TransactionContext; -import org.eclipse.edc.virtualized.api.management.WrapperApiController; -import org.eclipse.edc.virtualized.api.participant.ParticipantContextApiController; +import org.eclipse.edc.virtualized.api.data.DataApiController; +import org.eclipse.edc.virtualized.api.management.ParticipantContextApiController; import org.eclipse.edc.virtualized.service.DataRequestService; import org.eclipse.edc.virtualized.service.OnboardingService; import org.eclipse.edc.web.spi.WebService; @@ -82,7 +82,7 @@ public void initialize(ServiceExtensionContext context) { var onboardingService = new OnboardingService(transactionContext, service, configService, vault, selectorService, assetService, policyService, contractDefinitionService); webService.registerResource(ApiContext.MANAGEMENT, new ParticipantContextApiController(onboardingService)); var dataRequestService = new DataRequestService(contractNegotiationService, transferProcessService, didResolverRegistry, edrStore); - webService.registerResource(ApiContext.MANAGEMENT, new WrapperApiController(catalogService, didResolverRegistry, participantContextService, dataRequestService)); + webService.registerResource(ApiContext.MANAGEMENT, new DataApiController(catalogService, didResolverRegistry, participantContextService, dataRequestService)); } diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/CatalogRequest.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/CatalogRequest.java similarity index 93% rename from extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/CatalogRequest.java rename to extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/CatalogRequest.java index a9bc527..f5f1aa0 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/CatalogRequest.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/CatalogRequest.java @@ -1,4 +1,4 @@ -package org.eclipse.edc.virtualized.api.management; +package org.eclipse.edc.virtualized.api.data; import org.eclipse.edc.spi.query.QuerySpec; diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/WrapperApiController.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/DataApiController.java similarity index 91% rename from extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/WrapperApiController.java rename to extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/DataApiController.java index 736bce6..fe51836 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/WrapperApiController.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/DataApiController.java @@ -1,4 +1,4 @@ -package org.eclipse.edc.virtualized.api.management; +package org.eclipse.edc.virtualized.api.data; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.POST; @@ -18,17 +18,21 @@ import static jakarta.ws.rs.core.MediaType.APPLICATION_JSON; +/** + * This controller is a quick workaround so that we are able to get a catalog from a counter-party, and to trigger the all-in-one data transfer. + * see {@link DataRequestService} for more details. + */ @Consumes(APPLICATION_JSON) @Produces(APPLICATION_JSON) @Path("/v1alpha/participants/{participantContextId}/") -public class WrapperApiController { +public class DataApiController { private final CatalogService service; private final DidResolverRegistry didResolverRegistry; private final ParticipantContextService participantContextService; private final DataRequestService dataRequestService; - public WrapperApiController(CatalogService service, DidResolverRegistry didResolverRegistry, ParticipantContextService participantContextService, DataRequestService dataRequestService) { + public DataApiController(CatalogService service, DidResolverRegistry didResolverRegistry, ParticipantContextService participantContextService, DataRequestService dataRequestService) { this.service = service; this.didResolverRegistry = didResolverRegistry; this.participantContextService = participantContextService; diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/DataRequest.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/DataRequest.java similarity index 62% rename from extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/DataRequest.java rename to extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/DataRequest.java index eac2c41..d7bd4b2 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/DataRequest.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/data/DataRequest.java @@ -1,4 +1,4 @@ -package org.eclipse.edc.virtualized.api.management; +package org.eclipse.edc.virtualized.api.data; public record DataRequest( String providerId, diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/participant/ParticipantContextApiController.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/ParticipantContextApiController.java similarity index 97% rename from extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/participant/ParticipantContextApiController.java rename to extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/ParticipantContextApiController.java index ca9d354..1759442 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/participant/ParticipantContextApiController.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/ParticipantContextApiController.java @@ -1,4 +1,4 @@ -package org.eclipse.edc.virtualized.api.participant; +package org.eclipse.edc.virtualized.api.management; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.POST; diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/participant/ParticipantManifest.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/ParticipantManifest.java similarity index 98% rename from extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/participant/ParticipantManifest.java rename to extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/ParticipantManifest.java index 340221c..8a72070 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/participant/ParticipantManifest.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/api/management/ParticipantManifest.java @@ -12,7 +12,7 @@ * */ -package org.eclipse.edc.virtualized.api.participant; +package org.eclipse.edc.virtualized.api.management; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.databind.annotation.JsonDeserialize; diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/DataRequestService.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/DataRequestService.java index a5da967..22701aa 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/DataRequestService.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/DataRequestService.java @@ -19,18 +19,20 @@ import org.eclipse.edc.spi.result.Result; import org.eclipse.edc.spi.result.ServiceResult; import org.eclipse.edc.spi.types.domain.DataAddress; -import org.eclipse.edc.virtualized.api.management.DataRequest; +import org.eclipse.edc.virtualized.api.data.DataRequest; import java.net.URI; -import java.net.http.HttpClient; import java.net.http.HttpRequest; import java.net.http.HttpResponse; -import java.util.List; import java.util.concurrent.CompletableFuture; import static java.net.http.HttpClient.newHttpClient; import static java.util.Optional.ofNullable; +/** + * this is a wrapper service that initiates the contract negotiation and the transfer process, waits for its completion, and then downloads the data. + * I implemented this because there is no multi-tenant management API yet that. + */ public class DataRequestService { private final ContractNegotiationService contractNegotiationService; @@ -138,7 +140,7 @@ private CompletableFuture waitForTransferProcess(TransferProces } while (state != TransferProcessStates.STARTED && state != TransferProcessStates.TERMINATED); var tp = transferProcessService.findById(transferProcess.getId()); - if(state == TransferProcessStates.TERMINATED){ + if (state == TransferProcessStates.TERMINATED) { return CompletableFuture.failedFuture(new EdcException("Transfer process terminated: %s".formatted(ofNullable(tp).map(TransferProcess::getErrorDetail).orElse("provider terminated")))); } return CompletableFuture.completedFuture(tp); @@ -149,8 +151,8 @@ private CompletableFuture waitForTransferProcess(TransferProces } private CompletableFuture getEdr(String transferProcessId) { - var edr= edrStore.resolveByTransferProcess(transferProcessId); - if(edr.failed()){ + var edr = edrStore.resolveByTransferProcess(transferProcessId); + if (edr.failed()) { return CompletableFuture.failedFuture(new EdcException("Could not resolve EDR for transfer process: %s".formatted(edr.getFailureDetail()))); } return CompletableFuture.completedFuture(edr.getContent()); @@ -159,13 +161,13 @@ private CompletableFuture getEdr(String transferProcessId) { private CompletableFuture downloadData(DataAddress edr) { // make HTTP request - if(edr.getType().equals("https://w3id.org/idsa/v4.1/HTTP")){ + if (edr.getType().equals("https://w3id.org/idsa/v4.1/HTTP")) { var endpoint = edr.getStringProperty("https://w3id.org/edc/v0.0.1/ns/endpoint"); var token = edr.getStringProperty("https://w3id.org/edc/v0.0.1/ns/authorization"); var authType = edr.getStringProperty("https://w3id.org/edc/v0.0.1/ns/authType"); - if(endpoint == null){ + if (endpoint == null) { return CompletableFuture.failedFuture(new EdcException("Endpoint not found in EDR")); } @@ -175,7 +177,7 @@ private CompletableFuture downloadData(DataAddress edr) { .build(); return newHttpClient().sendAsync(request, HttpResponse.BodyHandlers.ofString()) .thenCompose(response -> { - if(response.statusCode() >= 200 && response.statusCode() < 300){ + if (response.statusCode() >= 200 && response.statusCode() < 300) { return CompletableFuture.completedFuture(response.body()); } return CompletableFuture.failedFuture(new EdcException("Dataplane request failed: HTTP Status code: %s, message: %s".formatted(response.statusCode(), response.body()))); diff --git a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/OnboardingService.java b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/OnboardingService.java index 0782919..f476e47 100644 --- a/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/OnboardingService.java +++ b/extensions/api/mgmt/src/main/java/org/eclipse/edc/virtualized/service/OnboardingService.java @@ -19,12 +19,22 @@ import org.eclipse.edc.spi.system.configuration.ConfigFactory; import org.eclipse.edc.spi.types.domain.DataAddress; import org.eclipse.edc.transaction.spi.TransactionContext; -import org.eclipse.edc.virtualized.api.participant.ParticipantManifest; +import org.eclipse.edc.virtualized.api.management.ParticipantManifest; import java.util.List; import java.util.Map; import java.util.UUID; +/** + * This service is a quick-n-dirty onboarding agent, that performs all necessary tasks required to onboard a new participant into the control plane: + *
    + *
  • creates a participant context in the database
    • + *
  • creates participant configuration
    • + *
  • stores all the participant's secrets in the vault
    • + *
  • "creates" a data plane for this participant
    • + *
  • creates an asset, a policy, and a contract definition
    • + *
+ */ public class OnboardingService { private static final String TOKEN_URL = "edc.iam.sts.oauth.token.url"; private static final String CLIENT_ID = "edc.iam.sts.oauth.client.id"; diff --git a/extensions/seed/nats/src/main/java/org/eclipse/edc/virtualized/seed/NatsSeedExtension.java b/extensions/seed/nats/src/main/java/org/eclipse/edc/virtualized/seed/NatsSeedExtension.java index 3e30838..21822c5 100644 --- a/extensions/seed/nats/src/main/java/org/eclipse/edc/virtualized/seed/NatsSeedExtension.java +++ b/extensions/seed/nats/src/main/java/org/eclipse/edc/virtualized/seed/NatsSeedExtension.java @@ -25,6 +25,9 @@ import org.eclipse.edc.spi.system.ServiceExtensionContext; import org.eclipse.edc.sql.bootstrapper.SqlSchemaBootstrapper; +/** + * This extension creates NATS streams and consumers. If the streams already exist, they will be deleted and recreated. + */ public class NatsSeedExtension implements ServiceExtension { public static final String NAME = "NATS Stream Seed Extension"; private JetStreamManagement jsm; @@ -58,8 +61,8 @@ public void initialize(ServiceExtensionContext context) { jsm.deleteConsumer("state_machine", "tp-subscriber"); deleteStream("state_machine"); } - } catch (Exception ignored) { - + } catch (Exception e) { + context.getMonitor().warning("Could not delete stream 'state_machine': %s", e); } createStream("state_machine", "negotiations.>", "transfers.>"); diff --git a/oauth_postman.png b/oauth_postman.png new file mode 100644 index 0000000000000000000000000000000000000000..2a5990ad4c79fc6a00438c13d8c88e2cbc7d49e7 GIT binary patch literal 172693 zcmc$`c{G>p8V0KR(kvlVlqi(3$Q%(NQz~OJCo&HqW0TAzQsz*UF_C%5l*}Py4#_-c zp3e1td+)W*A7`y|&L3x;z1RNMxAA*_@B2K@ec#u8UDy43UsIGmu=nU*5)zUFvNDp_ zNl3Pvl92opyqgq1IeptHiG*aEgvsU0*GvoyNJv1N`ujJrvErI> zAIUS%9F@QN&z^JdUQIe(IPhar%Tn_D_W^z{Q3>AcJl=m?A2FOY_EH_b^!Pzrdf4KM&8g8?@V)`=Qe8Iq9n#@LkZ30AJa{R<#)#G z{ffpNHu`AmhLZC~A`I2lp6y9{V`bBKlkdcyz@s)HGa2j$EDCvXgSj6{>9ckh{!pmRw##j+gJ7B4UgO<0m*ANy_*Y-C+rJ5IoOML%i9$?9%wkB_r5klB|v{lHXcUP`i@eVx?t%cTSbw9AE z3&m`O+;J|!Vp#g872kdWNxCLtNqB_R=dO+rFr6`8Lrf?ts8%SlU;Y!Ux` zQP{cI`dH9MM(t0DJb>>885fbv*|L zD;rBA6SF%Eb`PxXF#NlT0{$;=beNZO@84*rqJP9F)qK1vl>N;b*Y`v=tFE`kyIFl4 zi>k`|d4^}2Bn5ZgD+}Qe64Xfealx>XQ>kHQwn9FCG;J5<%I9(yJ{r2J(pwF>O%;`A zq)xvJF{x=>(z*VqleY35YuQlggu))n)f1uex8<2%?O{FhhTCSbDNJCJwT7NP?p-&tii^7h(&WA{T(RlmZX;+!Q z+(z>0!|f!Y$>guQpP9$KKVI-e)tGkgPNpF~JGu$!GK*8+T}+=3JLt<+h!#6>xL$ds-V z+i)^5>B}FKz2ldcQLg_8oiFVUG}nBrojcj%XN~!qt7%yaN0^NXl0HY zoGe_D{7f}XDzI2U$7ghn^n5;fF^N7+Kjr*>KUwUC=KtkxIGS4#A?0!7mdz9H{p;;# zoc>{|ej!L!xu|2b+A-*G$9VV2;9sQ=wF@-&trl&3SJMiotR9o1=2E?=@pU=ewudpn|vqu^2sk@^GcxoPJ)1+-9pL$Zu z!=zICTYr1Gh-O5r#E$ZdB>CJQV-m0^hc*}h}YRnss^ZytU-T$7Jb!zHSLW340Tqv%z5xp#nCqMbPhT}6 z+xu((6~{dOhb$>qOPPaY68y7LWP5p7Ys3=yRier)5+aKm-V1Lq1=XF}@AH_E!xUFj zi2HVc^o9Ec#RBmli)+<>m$$twRbvb))OdSGVUEi)lKeDoa4!96_kpuP|K9BRCqeoO zxMSS7At_U3IC1y5<^5NDF8t^AUmWqH!j=F1IS=ibw*NgL_w^Ln|NMKM?pyWX|2%nE zsZ0j$l=%7oy9>W|P)zwSHhSWJOLprIJ*DZNw}y4z)z?4%_j?KtByhFy%60I%-BdYk z(%^E{vN-sCo!QMZKmU7Ay%bk1ET#lshV&X-~otY7`l-xnrwM~-ioN@OzaA$>8-C9cBMQj(dZ?<2>+S3-M%E}`Gy;J~p7_gjz6 z<2)3P*rsR1oM~}l5H0nFGi^6j z?&MBV1zE{d#3*#7ez={OG~$<#6Dd=q9awEB6yLP#iTL(MBv;}O1y`SHrY7^;L;6IY zgw{8X^>w|GJah1}n*g2Yc&7gqrbm~4`K=wFt9{Yv;n`)l*fkNK5zKJl=cu+_`hK`$?ZYdzMgmC9y>> zL%o6a=4U5Y{tV4jTK_Bf53{+$^r@D^-ac`<=fie;mbWBbmQt3Hk@+&c#3Ll+)WD02 zo#)~44h*asvT15<^=KcDTKt{7aJfj^y=`3Iz(7_(p>leurKQETZPU5fOOo+@l8<6y z#CfqR@j+6))Z46PewF5QlO7=5As5PCs-N-kZsTzm(LUkm5(f%=ldSAXPR@YX*pn0X zYq^aJP8S6Q1#xGqtE&wiZM}P2%x}%k&Yogn8C-B0ot&g+Vf-xeWpr_B!Rg4+qh*7$ zB#BiiKYrYtuoq5B`eZkHy|b&!#Mn6Zy9&b!&96xP17G-m1|}x@J~Z83ROxg2T$l{& z)01b9;+*_Ga++?&z(?+qGS%aFrjh-mcFa8DIljNVB0lylg{Is~N}`~rS5Q`N%5B|y zNk`{IPfri-A~-mhiBwujdB#!X@87@NA|mWlcX*Fh*VHhcJSo0jKfci1)O2o$MDKhU zD<@|{eEbtU*sPh9^0%6rGF|TP&CNE?)Ol$48yXqC2njirwzRfkXKz1Xlh+Vti9c#+ zpzg~fPp)5Hc6{;Th4H<6jAzgKq@=KG-nxYoGHvW+Cq!>zVzTT~e5Nv-nXIO!2FoqU zc!)|$Tt$VHlyqct^nsee>A}H4Z-4)Hd3h_h51T40E8|c_Dh>AU zwrUXKJ?d|0X!yOS$F*(GO%)X%U*EjJ0AckE{hidlJ7XHF#?wn0xZGy<;oDh0KMvf8 zXfpmC=gTRP-kxbY+;B!JI*wJ#dGd3&+u9@^Vs0VbJ&KY=F*4)1aKwc*thRUzQeEB2&d)#1__EEro;40f{1qjA z^5~XDp2t$j)&?&h-(0<=TQKTq#Q1n}MFpEaM-5H(D zxmOQHVm%%EJ!o8OWEcJDcaXwg!>^hJ%@~y}5@FP8zRCnjcBXx9p z)7->*H?;@kYR^?Nb6Xj6mFm%$)V95$-T!y8OR6lTV?>_0Oq&ZI;BenyVxmvAl>Iom z;6x=Ao0_VSqEDhn&wbQ?dBZI{JRG}?y}W+o#+kEc<34=w?(f(8>vXZBqobm-a*uU_ z!j+vncSedlpeX5c|C+hsCf0BD8cP|en7CZfWPIx6$w$S-#n#&?6nzgUyuW|{e!qP| z)A+*M#Khp37^NFGDC6Vf2T4yxDLOn0yPf&icqy`Of4VEF{27YBPDLLD0uDzQC@dP3 zB)5#>KFZ=gu7H{Ce>t}s#idX$!yW-2lZMUfS0 zE6K_2(@tOVvyUAbj4@w{F}bML5$O6XTZYy*)ID`#*REZNW=5*LQP!6AXXEoE6P(&^ zF4$$;F`qg`e&R&qw{Kn_zuarT*Vs0ftROV}iPLz=%g1Lsty*^Q?N`y!4eiB?7ed)J z$`&WP1nnniu?l8A`7iza_7`t1q_=c*oGCWoi`e#6AspFoy~=%k7w#@UUnswzpplhH zMMYL#o;cWy!om^1e;ZPBX^S-2#Jym}+`^ zZMxe6n>;h+lP6D*;jnX$E?rU|zhJugGb^Ir2(c|1a}XblV|^+SYi-inOup9xE3M8> zjTE2Dm$=~STlu(enuTg_Z2NelOi3Iou5wf5uxo=Zw_k0hYO$=W?C;;dtw!IyntN5U z?osY}(09|S`t&Pq%U+Q}Z7$X1`&t(@Q&odRGdtvQR}|j5+_X>I_2P)I2%MLZl$M^4 zJ?QE+F=0kVFJyOR!=zD8PR^hw|Gwd!JBN-PlT%SSoSK@-c(A&<`V=$s+(>+2b4$x* z6O%Kqble10lV5VV^zW0Dk_vkDN?J>cj?D9knvUzst=04`eT1IK=JMe1ge^sNhd|C9 zg>CU1p-9C?z2A&1(3+pKE1XdiDZ2fZUHwXzty1i>%jzx7vmLueT?a3`NTzO@ZSJE@ zN`LqJ>lTCgie|TYJ!{KrR_4pLOaX^Y4OnKa1pL~^Pt%bN&N|W_ITD+d6_S<3i_+#5 z5Wp-d8ojt^Pr7SYNc%KEwO3!-pBupN&sk*KI-beN6UX2w^J`8oj;R=VYX?9?{VOt@m($Eq#4~<^7iuTY`du#0BW68>dG` zz8Leq2n+LWy;nIn>v!yXoe>Xq@$bR{wpdnC@$2*w<*{SFO~!`C#$KD7ZYKjMC@5r< zl%$oZ5Y?|Gne#6($Gy}!MG+RdPeG-Xr*mgyG%q#<)#C5cQatNkR11>*`}aQ&33;lW zE}h;^NlAHGfG#01aaT?k$5hbk*E09+o%M+$9?sH|%dI5l{d?B_XTH9^23A(jWll-l zyh(+$UGeoR1@@nt_7qCBF1HNIAzy_5)2IJ12JObL{rvpAvWyH3$#HR3s7l?%!rP zWUwD?ZFAkWjr~>vxkI71-oJm3C7vDPau4%7;r1G7lZTxddl>TS)qD+GI==qPSZngi zxXzYO*Cch@6kA&EbQc$5N%=|6eH(d9!nK`&mEwWZ$D_^7+hsVMr%u7gBC?er{v z6vxW0QyiI`mhXcaee~F|2b(Lyz#F<7s|#kmg<)^so|-D0SH!at*FRhFC@IPC?%hn_ z62(XX@msf!F$a4`Smb-7rcae@xdE23a&QclpV;J1FPz)URrHraLqkIgb&WCAd2ynD z+I>q{G$s%WK?y8^kI(<9H$W^+{LFabv5)4(t5;Q}Pj)?+t7fTG&#)P~npU)^i32Tc zKfxd<7>3n9?lL2;%ol!me8-7pl3iqU3>Pm(B_*BJ)YNnw@MbZ#wA}UP{d+GI`slbg zMkgmHM^x0GMb7*g0uTc)Y-nBymSccO{Nj9|{Il7-US5Px~ z8qTKe$p-?%a#dv*RP82xf`Vc@TS-IdEm`qcMnwgSk+-=zu90PYXmWCrPRP#dC7asZ zSaQ0}$oG>Lc|+7qchyogrEvU|#5Q=}y?dwSGF!RqB6{3?-TLU!qq(CA5wC?EIFVnF zK9kp1+e?hLHaG678{BP-R&a9@C06b5;ln9fc`sgRJIS)E-c+faw4eXmf|7RQG7=Hc z0P#z#xt@6o^-a%%CvaAu-XCw9oycqqxb;Tvlx3)iw5aBd7FpKxQ_MN!Qi&`AW6UGR znJ0wJ1^4CNep;ygxSaDb6Vv;9PoLlYXX|;CjDTMQH%H)j2&>OyWcyi@&Km213!O^b zv=tUP2ALh)wEHDO_8&YLSkN#$Z$0+oOh0F!a3b}t zw=)Z>s8n7`y2wVp`{pP^+pE9 z#=BAMWMvQS2=6ds24MXm?&KtdALRB}h#WtdmzM_|5u0>2BO`-~nwnxiskH!IMMcH) zSFc!VhO`#UGCOwvv%MvtHR2~H5P{b%c_k$l0Mys7X`7pyB`5UE%-C@aAe3_&G*nbL zAeDxw1)lBW^sjbtJUhq36AU!+%+qt$sR&v4(1{aV?5A`& z$tTM`QNZ2H*4F2OWS)+U7*7?iSy&WI@?mWe_eySa!N?IuGCS(bb9%nAh^@#TYH@78 z?J!%sRCG{ES-sHlT;EEA!|MyC=m?)EMDWcI(RycRns6Jc@soSB?mEWP;+VkUFpX*W&@#VqQ6-a)0 z$ekZM%tAs#Z3g}M=Q09a{qQwtCzc0jO1>Rd(-J>Lq1RjZV7+l`{U9C?XV!XSp?y9m z(B-KdXP%_`xzBb9@7`J0Uud_&17sLhQ=mm$`6ew|M(@!52*nOiD&2L`)a>WSZ3R7w z8X8B$0MykpjSe84J(&MvJ^8sE?G?wqdQnMVg*9!5seS>*PUiq3~MK7aoFVf*;ub9KR=IqDY*kvSii zGAN16{&V5Ng}NBAnC|ZGGhHQp(^Z4BUbFW4Zo5cHjZI7lV1Wbt;OWcX=GGQF-$gHK zF^8(@`*@dAQTjIg4cw+1nS4cD{E&M~MBQ&K`<>PMLJz$RRUFQ~E56jGdRX)BS$1|R zdJYQj@4daEoXqBofPc9)epd!VBFM6w?@8#H6+W#REFGRdCn6%Rug_>-Kp$K!32;GA zPd})2FYek_ztL;6GJ-33@vMcuI5}BP#GoNk5Dj|&94$TlyP~2fUG8t+zmsPg)uSJM zR9Y&Iz@(+4dmA6WLq+8X{^b38wD^x|hvJHgZkxUNsF`{S2pb#G%|YgQIVFLTf&#!g zE+a!Z*Ia=)nB2i&T!L*2K!%QN7YZTHG#Y+ng|`U_=Y@pM4&)%35x7yRw@sI9^0Zof zHqIaQ$0qul(nLi?Aw8ilM>YX|+_NoKL*lShDLUld-hjSo8p<1ZL;#MuI(a}D)?4ZA za(a3v0k7hY7v$$#2}QB`NVvGHA2C<*UD)ec4q*GetE+ZogcZ?PRwjYa$2q`uC`OBT zqmEBrICDl;of(M$UyMY6$OiP1C^RYiVv)12z3sz|#HYu&$ai1U)I6)D*-{BSe?AOo zQ81aU)9^fikXP3v0gI%R(L@^H_yAi=#FDQqPR3(d54!x?k@fjA5sZPMyQ|R4^E*e;QqATZMk#^&s`Unj~H!2S^0F;l< z-qp3Wl}StY+Am*7Z2#2778D#yZmlVNFi(5@_@9ibDy?7k%;8+g6L58_LQj^&^-yO>U|TwW{e1wU=yO@TKAUQ@l21&=e;nGFw5ZWmA0` zdo`Qa=o&B_;~u?pAN5R2%;w*ejo}J!N|&{+K2(iI_(5V_1b<*i2o;~%&o7U6?pt2W zDXB+ejRG{3D7JB?UCZ_Wv2ywO;r_??QH3feIx>+o(aK=S@Q}o1#>Vc69B&k8&*Td= z@5=T+W|8}-(wD{{r>o=0BSr5pok(fyF3_(XgF$PYYSxOJTg9hOwBzh z36Q&bpwidG%#~2z9C&%Z-^X|I_RGymZ51@=)|7dJH z#ae%rALQ%#p|lKdYiUjSNNSqHWS&*2&1h^8!;EAVgR_9asFWiMtJcAzhzuYR-%7@m zI{?nYX7aNo<6N5S)WmY;lT#y~Dm zt{`|g{Jt5mwPpcbc|UhiQBhghhdpc@+KK7u#6BPx0Nosv^sbr(MrP|v+>xgVY zp{f+$1RBrVE47K;F?{EUS!l^628Mz5vi^@BM-=?rGc{9R%QN?1dDKGrxa}El>ATN| zI7m$<40+nFr*N1dLp}Y~++EZn)%Amt%rkNS*W`})Rz`t$xsRUN$k;^pQ2=)UDPHa7NA zogK*xt#2)h=`$QkwW$K7 zw+kap@xfCTKxsc(ThE<8FLC+uj?0%Xm+5O=yY{fhA`#~fNX@{2NkKsY=~S`9;n=Zb z9;b6~2$0^)_#)JI6YQEnB;1mJ>N?TFHi<=5X_Un#3`TVJ+r za$~Xi^<|rCihAkkS6YwD`*lkn?_8g9C^^P51eYct8lATV1rai*${y|5l{@?O zSXHHs{r&sij;)U#ZA0gPu=_b_FC--N`l9pV5$j}wLFuZ+m^|BIv>MVt=;Ljvlq&m;=HvZ94d>n7_ zBjd?v#Urg1X>Lmazrmk}NXe$QMNM(+yWo!wzINy+KW(%*MboGq+D#u4jr4Z50q3kJ z87s~2?@(^epMQ)rU*OK0wWod39?bQ}WFOxOdNA7_a-4B7ZQtIEs!$+XxF z&@huZhJSo*me}!gkFbzXIMx(_V>r6 zIa7Ha4ppvJnsve9DzcIA0xeMHyhkf-nQLRH+vE2sZO&=nB26w8 z+-0Srh@j+UCUsR(p{8tfyecC@n=^RBwy7vg{Yd@Jv8A=fvoaUP4YAq4Cwj93mAw4? zH*VjquM*p|&Nk~PQ!Ac3j5PLCeR5>vmj{hDIinzjx7F`&L9+Abt#d|z*rdpTbNV=_ zCGXt16Y}z91~_!Lm0BH}nP1|68lq}noR(WAz^b_THnH{ogAe{TNq_5&MF?kvQLPb#=c%vtB%MvMu`>kd`YQvSyXpxHz&G&4k^m+G^E(dkr_t2QFsi^7vLtfNzRf|IJdF zi3gX%10OhWfYqmLW`_Hq$P5Vw2Zvuk0CEcBfECO9NA=V;>wUMpf2Z0^b*QTx88xo# za_{6gbd*WU5<2W*6~ z8!6xzoDY+clVd{NLZl!QSmYcl>Ejx3&!WvmdOGBorVv@Gdu`n~N|<*4fSr)6l2VmX zCK!nXkz3}5hW`NF7#T4meMqDji#4wlVjgC>NA$g+kpUc+CD^OaTJy(Lgr!xny9FPuaxBtSE3JR)agssktT{S_bfBQ$wG8pie$>=xkls*?P((X240eH#e*E~cb!ZKUlDYZ$ zMz7CT6%_7N`W*hz-ag;a=oT92zCK7W58Y^8&=+Q+v-p&mxiaG^CJ%H-K=hL3N-m&7 z{o#?+oZhRTB;5f^a;J;eP}`Zr#7>m-H3l(B1CF7T&46WS?(5@9N$Py9%NJ4I*m%O> zZ{V{Y3l`e_J_3yZ%fEgx074PC2MUOF$DLQ+ufGA;Sd?toqjCKDPDR+#%&Z{XEV5;D zdT9-X^&~U%vk1##0-j}C^awTF5uoSYmuu8^pWMN^U>Bo->K+4>S zPqpgVW??_?3%=Yfd@IIJlJTGI+YZSI+h@EpCnNZj*49>+)s~n)lrhWypnIYzSs&s8 zYiI;G7w5jR;f9Mg0+#(Oao@_Vzh}@iAP9s=fZp*3K@`CGK+Tdu1P@ zwQt&N?(_O*yPy62U!&uP&Y8Kc*~eZfW4$!ap1wEYI?@>>F4-fO0wy|dv^%(OucXbIjbn>Yj zMLU7UpP)Y$R~q%8geCIA^@^fRn)x&5kAfx3|w4+*I1u|z_7EUN^Fq@ zQbG+YEEEBjthkz0Qle8K3#kU@X?DehXogfHmg(v}?&Wk<*VZzfJEyE3_jT%fc-=c5 zjeKV(CrLWrY-f8RHaUe;#?tokyUYzL)RRM6MhyX*Cw@yQiQzQv|^={ywA74#1c{3R<2 zO*vQ}v8|OxLAP}QFw2DMB4^|vQhYZsi&=NBa-_l%_*!rBhZ(B9 z8Esh^?l-7BAj3`Hym|AZUOB01y0*gIyDS$kUcAvZEvYv3v!rOIY#)AUwKkcP`C#4% ziIO`^o=(t4Qa$3}3DLS|2aXw=o1_1w53IV3goLvN>e5TSKf_PK62g}A($r}P0gx#) zCbEBgJ&G2N5cTeg&L1g8$e`yKot{3C!)B{5@~fin0^7+*`;%&FYMCGgir0Fk=g_J} zOm^k?4$Ay#j8VFJb+0?3u42WpbJ>c(V`d%aqun=GtRH+Y7FOvMLUzi@hUGl{QCTaikvnl>OIv(w;PBfzovSrv zciwVpiq93Ee#@?Th4>-I?E^tGqw&JMhEG~aO(%D6s~>om$LA^mXde;q~iAN~lCZ|c5{dYInsTQzv7z-Gg3OCV=PotNgl(ScSz^}-JOL;FcR zT9p%9yeYqa&TmoeKm`NAi$=#QXnbmly72(%6GB4}?-;f7`J|?z60-4AojInFB_ObA z^Wq|p!n*u=u_{aF5mi@L*EofH=7wf2MhxWS_up0SxW`%D)TG>`4f=j#V*`|{@6W1? zNz=19A{Ax&LU9@@Dqskzi(S`@Ei4kCnGztqZ~YH{Avoy)@}Y(X#em}%eZYv|oFl*j z2>b;7#oPZ7Di>PO@+JJ~#jT`3=eRW7lMv&)BTv2%y@J4>thrGZ1Rw5fRn} zJw)F@e14+y^FGLZi0ewy@ULI59C!VztnD;U5jroSA}$meGcaSu2l+rRhqDY?2{ z1Z#o+2W~_(%?x}Yx>ppW+12rM9svOv$J;}Uc?#x*pUMTwx#;dVexI`XPb z`h;spl&}NA+2(2C?0^6M{R<$GzrQ~bB~KsWI|-}^;=kfZFj{ki_O#oD>vOg2>K{pb zE6b2!XbzQs@Yf?4dJ)IxkeWz9?R-d09YW&|9_OB^>FC5n#iYIM@{Hc`2fq*XIu0HP z>H{KBrUB0}pgYUo>-eO|dC6z-{lX2BoUVFk0g~Of5ysL1bb9zUq)VJt7NzLl#1b4l z$ivH9ftvU;$CAiGBG}m!oswu=;ri{{9Ao2HS^z>VPMXi3KcgY@D!xDQ^Bl2L;O!NNI7x_M#jU5CRC=llfT& zTDWc zwo|xbQ6L9@{mb_D_N4?Z6NA3Hf~^G{RbQ_t`UOYQCi9(3xSnY*UpV~pN&M$E`A|}Y z^|6IjS)CL2)BeUxZoGsO29!rJ+!gbnKjvr34+i>j(08RX9}f`enEzUQ+~iZ%y%;v1 zGNNtxStZI`p#Y%o(EES|c;wfyzU8k1vu|HM3MJ*xF_?DGwli7!&UaBke){IIWM)x= zq`uGbft!P3n@s*|nb{{yl%W zHM*L~bYhas{W)HJ_{yECh45VNT`HDFri|H`xNBl*`D%Li%R-KX({0yO{!;Jjcx86- zL9f2z#>&$E*4E-YmeG)$qUuX?y3+tY_Z9kU1uYB+A&gv>MtPCuH*a7ZHF{I5od+eLG8b2?EM^?-9Pa_aw99F3$l zQ)L@vYwOQBcwYU6YitW=SgCQ9jxpEccCF_;J11Z7$&-__5e+j_TM+ioj?Z}W=3#EG z00atz`iv&O&o{J=KZi@^_Jo{c~nN#V zN-{o}m+$tPOJ|^9{v(@z==4@Y;i$tU*&yaH&gq3}3C0KMGwBQsoAh(1f(liBUzhs- z-v#*pnZ5A;eBo!AuJ4n^JQQR8YjrHS5bSe7N*SyeK;&Pi4G+cm|NVyJuGa++RjA&4 z5eHzzQ)IdL?!Q(@8Xs$Yh4l8|s3?EM#CWi=F^!%{Nvu9Lu`Or*V}P8qtQN=!jg0gI zxc&V3CHO6=|G6u7URf4^ZEeqh`uqR6E6Ja#-=NxA zq|FsL4tbsU`Y`ctsnP$pmdrK&Qe2GpD3{&&|N0$e_gijJzgXIClzBu-89ES+(3$^S zrT3raPyf4#|3`k%7f1Y)lI|9&7?dCniSr3KmXn{ap5`_JiaAiyIB#w+W0s+>kG?@mWs-9)%{@C#YR(3yK@`P za3H|s7-cc`=X~p_b^B{7FCj|X*w}E>Zsu7FLX3u96_n;McRSl)UNp+aQTRbrz_;e{ z1sGEHla{|7N^Kd1P8D1%WHB*(cWtxcd{ol$-m4m4D=L7;zxD_tt4>TzIK0*BGozOe z{R2P8i{RkCA4Ldfqs#}L4{)g#&Rb7PXR^n(IabxWm}!jJ2|^|sOeRrF_r{tRecXEZOY8Zdk|lmEt7p{M`= zV`MT;FI{Jz(blg6Ib8?)_OIsV=317GZezG`;U(&5S^rE#-Dz6(D-<@tG8~Pk_;|MM z-0in|ayu(|@FD5z%4g4wS|_@nSKQJ`Y^Nl9Cd+yCG$%{Y>#W?__P3R>BOxtIFADE~ znuEb@_dmTqmT+rKOi$pFBZH7r-Y;OF+dOLb_T9T}Uh(2^k3hM16p7C1o`nUq{Mi95 z`;I#keI+rv++G0d!7=M^U+>Pb=&A9hWPz4Dd^_ty(p5<0{5^J*|1uhlphso?HHZus zigIBMVDc!`o(_rAgV02%qu?XGA>e_Zr~z7}HT3cEA?$cC%&~zsziVYhj>d2596CNx zD1M&+)~VUm!9K^Qryo>NQKs@h-$sc31bG8S)UD)%lroM5WP*TXPyPsSYv&^ByREC} zLqbBVP{GeNXxY|ZV85Lo0=)ohDSWm#u?#gJJX|PkT}9+bJ*0<3<<*R!i7V7JrWAFm8tkFx@Ev20UBAJN%x7f0(i&-qY9^= zV{dIYE*%*u&p^&VM;06sQjsXSa0W)LM8&A^IcID*;TVJ#S;RDYv^Hz*2-yx7F<( z+&*BJD7<0$N>Cv~F6o9~3rq~h=v*3SFO}3uFi+6NVVo6A2gx;*-DLr`BW88gi81J# zaP-$4oug+ZPj|g`Z`sSax!Rht`h&F1#fWlzYy7GYXVN80(W1v(`R^b5mRMgf6?GR( z7A^2ri4okmk(=f>@|%|0#p-afSV7o@t-LVbVw=&8olq^qK-Z@jVQ~Ul_ zLEHi6WVLkWGiOY?B@;Hpu<}Z-V>j3}K0Sp|=oCfl+qX{%hekzJRZPFoYsbK9(I+k2 zZ9xelFT%2nU4~o-m#GPStt>2_An4&ZW-eOlm=X(#69>luNaQsy*{WfO zjhe3)F&J1dNWWF=B1p*Ds>us})6$HG2tfxyKoH==4N)TtPNK8kO3&eAgs}~Q2Zp}| zrT(Myk_CcVXMKRCx~`6H=>Z&E!VXiXsP=q_LIIg#q-v=X@cK#>G8OOXEEGH!yAl>2niS)3V+PtbQZ(<)WqejLs*+Jx)cNkq?rSk_ZO>hST|m z)`nD7woJHMvg-QoMMSHI5<(jm;fjh1)J#H8OHG}O-1xOTI|xvZMQ5bmYnd$;mAYBA zm_xV=2y2_umUkmGSTxJryu44LX@YPfa9aF{4KJ1$m+QHg`|6hCVN}#8u;+m4KKzdC zSC;x&E-q-@urs?fd~)Jha8H|SPkA1*wLTn%)e32sUv~z3iMvNX6qz~IS9iCi+E+V$ zINUU?|JgAM+V)*6aqZ(BxzOOgsPPm3!^ z@DJFihqPP$&Q{%K&51E~cVc$C-bdPVulLh!$z2Et-4;9N>HKU)=!)R#?`?j{%=$c( z?+fkE1+;BbEOrdB;`U26-OaeAS$vJ~pF4Wmx^7xPHjgMP{VqW&vX zU@%UV7CE-)*YtXj+(D~ByM2W9{uaa(DRkdwecgqSfbo|<3m@>nwUz*j9V#hO4DRN| z3kpP1$!cplIFTXb^IyHr)9(rkBhfQ{!kR$Ahi$c3!qk*4y=d{M*lJTCv12Q(>26Xu zt7p!faTylwi^UV%F0h|1*;*^Psj5n>D!f*ZnNc!BKbyAuoR3I3j_*OFAX6i43E2GJ zjl}dmsU}j;R#F?zQFNk6ii1`H&{V(&!zN723;#R_%0Fl-QR0)5l18AczJ2=-()a!Q z7vMvLH9RgpUeIxd0c$dF1bj8V9E1au+EcK!!EFq8kUDI6cu?@PP}<+8rrv?}1_vJ^ z??ZZeA{baO@@?rlN@!{bXDYEkA3p4XzrL}Ng?u+*BWQjn2Nwg@axWNmb#`>Y4-wPo zrm@Y)vV>2hv$M0oN-RvCxu&-E3M-+>Onvp+4@gI5*=<}2eT zK5=O2#Nl;09_YETwzO}bHVj8EU%rH43;xQQ{&G(^+9?_#4X|Jhu^ajs>aY1NkE8X4 z*@-aO!K8r4Ijp)2b0HRoFoE@3U4u{rp8)U&o)O;)atrNc0z>X5Q=TDFtmh2zO+#3VgGw>ND+hLa9XSYQ16JlAr(`-xHL{_3PIOPab*~WCRFRhj8?) zIw{oPt>kGGxs0#?QE?6i4OIL5{Cq<3$LHZuV6F5sX?DWp(Y3sIG>a4#GAA6BalW)CI&eXN{Iz7fvNa0Xi|aNDL`pR^a>i!ho|+oS$hX$~q`} zm?^ONU=?5(Mf;GVT@?PW1%uEm;G~Xk8I@c+_|JBnX!M*HEegQ{{l}(@MIcyxxZpqn z2|E2{)lR2*h)PEw94DuI+VsyEA}DvbS^dloV`F35yOoV~byNnjU@Bn3$AS|x5})qW z!rKRr2_fxaTH{DR13YfHFM>NFTxBLEqXm4sN;onSlFsf~ss5dQHnt=-V&kCY-CWb% zhpp}ly>{N9Ff*|p@prm*l5T&C>s$Y+a&y-F7LPY0cC11kX-`t$2kkzSd7iaP%cG!5 zc0BEh#3OPa#XN?zAcwtCid9%3@P&~A*7}iM8onOH$pl+Nj5a(Tz8&$D&$71;)*`UD zTJ9SQgx4h@A>kQJRj98xlJMuC;7B5w;kJ>2nof!?W(4-zVI19z~0U2t<6A! zz=HTAx|G*w4FZcWdBS^zokdn;zAL3n94qiQ@cSxrYO**Hyu!Oz+E*PM`0>rerVw-i z#!X(p_Af2As{HBGC)%S&2a=N025<@n2`>!Tcb6&K7%=~EULPmyaQ2g(l{*fKSY6S; zEEJI$AZ5d8M9|TMK0X+BH~J)kgV63um`?M6r{Z^H2CAr6Xy`BB(N-ki9%2EB#xEfCRMfo zyfLLyYRs#j(47)L&>cy)|ttoY5F zOFy0{CJy?rrTywOO(*xaj|W#sY+OrgOSgVssQb)gkfp226$>TlnEp>hs` zO(I3Q!8t*(fIfip^_WO~yhqP)aV5Tcw-Z!h=Vwz4tr6A>JS)*qU<}D|rgRt5nv^mX z!QddN1&Yk=CiY(Hm(1+!8{jnVZm9ddOK5{rY6VQ%wZf1oc{@$2ktJ_<_8Jfa--A9QDBzlBi} zknAW7#EeLT@H963X;9E1d?{udE(D6MvbsZT!7v>mTGoZ}ctQw4{?vfe5l43kiNs~O z{KQvXZWwzzO5DYuX}}N;hcGKU``hg7(BfiIi=qY9XxBvzAz|SU@8AD|pDfoZSeuA3 za8Q5X2GB(x2OI7+HMJ_jy9uENek5k{-OpiSN>WMwSNj|t)q{%q?`#XKtX2YbDr&bY z8{Ic;wVfv~AhoT0_Y|!_d4YxnIAM#SkQskVm&6!tQL z&wL==eS?hJv4N~a!}Lokjnh_eCfZUl-X;k!MVzz;xQ zwA3pHgHP=%u3qk(E%_;jHD4GME@BS35tl2 zgV`A9pXj6YPZAv=8j}@b<_skn^$i{|)C)W~p-#b~fieMvM>zOJHvYB{o;vK@3}LWE z1ORL1fpcF$JJ>*}BqEM7xwR6rB@4(oJfDG9nXu~<#5!cvWh7WdbSs!rL2o>VoHGkY zJ0{ewK$lb}fsNky`epC-@qcZ6P=El!3X|t&x+qM2w$FCRs_Uonis;nJ^l|%WdzQYx zJ7dTt?7qJJo`A$DyUx|vmT{RgwIUq7R68%k4VYyP(jVRMbZpru@A>dB?#;-{7PoPC z`Y6)KXp$$T4Ety}B@TmHFXJ>%l9;G6D5SBescM&s!Z!Ua91A zD-GqiB?EBjzP03z1f@6H{Eisb0O<-k2vVsoNMKCG5LX~#ZWAjU-J}PD6!c{^TH`&;HiTNh8j!zzan~OOqw+lkyKre=B2``d5{tz%C zJp8D(%PhFp-3P_ixnbf4#7FIs!sG^s23WM9M|>R?T@r*Y05d>8@H{%Xe*jm&!GMq$ zWcNq91>yxVG&VCMSZhM}MVj=0O_tEHHaFI`Nt*RncwiDGC`x=z^=hB!Db;b^H4z6S?8v}`*J1H!Z-FHa2k z#7hSf)c1K{@u{LEZ8zM(Je*3HiJ>6o=?FC+R;pYWJ_H`jojNGG%z)ZO*f+5~`}nT_ z^nxiT$^*e!5Z(|#{i(d+<8Y`GIgt>fiDa&Hae)f>UgYoh%XSV9zV+mYIWrhRkzQdP zse{K>9!)2h7k${+AUp1ry9{)prv2bF9Nl#F_4R`_*ArVX!}#ys_ZB(BEeIuinG}Wl zOkADxXcHDX!@fSst#nRjZbk2{T=1fPPePaG8B*N?DY6#sq4HT%;bu&JX% z7Sm0HKm_sYG@J*7jU7^4Q)j0SthFdcgphAv0MiYu)8AWK%8~92z~bb=rJ4&(k?378 z{DnFY?KE}<2o_d4KAo-A_A~z(2nGR4NLGLrux!ICHwUfVA4!)G?QKDL4GauO`hBQ3 z8YFB{KtiA{N*Ks@TVcFVSxd{W$(TwENIMMh2evLA0u0;R^ATyJ8aSyYK2X%BZ+dvP z>I8U%i|7LWeQKydIEEhD>4dFyZMq}|?a7Vn*UOfQmo5_aF$9wbx65+BCoEaIsGm52 zbNKp)aH^a=dlnoEh4l^8Zs>qWVSo_Cl#~Iw0b=j|E-uayQ-cWUVhjW|_w*2AQp{TS zFmZyHrh2;VS`>&s%8c3AkE!C9YTDHY_`BhJj3=*#%ak}MgsA~p&IVHfgi47)q><_A zVZy}=*^>$28TH(mKp{v3;AT9^`+pI?gk`OyPYD(z|<Qtxd=0#YVmI*Nm z6|;j#DXcw!7l2@drmv@R3*-knNX%EQkud%^eddfete`;%Ujn!xe2L*swcGa(R|TFJ z29-n!7V&pAOAOV>H|hq;CyAIAm~m9}5GGu!+a8ct%u=%Cxo6QYqJ zRAsd6#6oW@^)*6@#)uk&sOWKlqVEK(*r&6+9V4OOIH{mJbeR1Cw!^gGJPP!VSGAQ= zG`A~Ysi?=K7lum zjoG<#hL8;U4I^4$PGy=0jLdU_1wi8Q(>2kqH2bp780~eRj;06QhDS znwaCnxP{(yZxLgg1w4%Cx%N5qz}zBe_3L5o65-m#=dmYm(RZPlKt;i91N{_RY!0a>2NJ*Q9OxYnS$GIiHk7S57l^zFkp zcLwrbfaGNhoo#Jb0B-;VVUBM5`LNebDb5Szd9h(BLn<9AYf<+4ONz95Ajw}@!W>{yh|OteBEj?0mlkT#8=J^aUqEqDDo1z$0$wO0b$yS$45OJoH!VgAVln)PVMO$jieSDl$%^(6 zbNA?rFnk2A4|R+fp2fam@2U2BuLejm0>7eLn|AJ7`-T<=mnJ9$$Sall|8BG^vs<6x z`3$Rm2?EFw!ztkH;CO%lL4*}30?>_vAe{4P*8uYGa~4dTN6SO7XGmVKaNwZq_=2;Z zH*_Jae8CcRHM!wHZpa0^3A0Jlyc7Dzy4nijlA z(LN2$)p8BD-Lf3|@@NP8GB6jA`T(*su}6eHV}nn@oG5{Q7^D#}B-|)mt6DBDg+J>B zd3jHDKKygf97nG{`~o5V&b zUQQR-KLXidQp0MXVh^zxFqR@pq018Ji@-&rS>cuJhiD8CjV|M~XgF9NmTx+t)s1f16|V*^j#Zv`HJe`*siO!=&dQO3b$ z0jPu)??l_2sK`8#h@@0hs5vw%h)KBiaiU2_^RoTXm$wB$S=BPNPZmWWK6jWI+1cF; z@n_D*yAtq>gr^6<2leDDY^^?x!-E9%kdR>1JlD)@g>ghMeWYJtqIN|xfQj(8oX#pm z1i$5<&9!N~mt{}sTa9**a#jUB;FE|mg$P{fY%gY(tRe6wtg2_9{xocCmu$MBbWsYm z!6!D3*B&H+L57E(8F&ozD)Z z7JgpSWT$4Q_VpT7rjlZ({+eG^wU=a4o3d-nu!PM=0*M(}2W>5C1ngo2tv!+D9~elm zi16Ej9{-tTLP?kr(N_?!qyRjJLU;*AA=JQb`z~|hETIoqwzzR<_dk-_S?B3ZU;dz$ z>Kuko9eEv7W5k#bf{$ESnV!s(bqz#ehSm4EBi@pd?9bb{F2|B%ZvjV$Nk1q|#-^s_ zllHzlyDC=0QbbtdT1GKGgZinQXh8FTva9c>XzE5<>jsuS7hZJ`($v(I878#1u4wi} z{Y*SOl(m!qE*#!@PmDf3B?i+?(~Ck09*dYNf!Y;}J{-WFxhFQMeH=svVP$i^H|X18 z_SK9Jrpm><#$im$csDY)JyK;x?IFM@J{lYzeibAWKME5JD-MpM8iomca2&yi9_~k(rI6zFm_>9iQ&}OEqBh z`TOOAm|B32is18df^B%BJI^+9NOp~#YVRzX&uEkptoav^2L#T-5lY0XM$FDP&wWM* zN08s}aw5$l_j#Rzk`+vVcw#C$9oYpRc&`Wfc`rEyQR) zm|MosBy>gSHQ~#_YJ(dw$WSMMIfj)H8>liwYX?94G(-`k{!lKR2Aq_Hmv>X6kda`p)ix^!bN?#RMF{`a`AnXA1Uuhng6nk?*kSFP(b=7_-hE%;ID#0Ll;8>uVH=5gx*(vhgNb`UKD0z;4|CdD2Gq? z$5p}X1E+~AQ$az1`<@up0@lW>R`8;SA-qs!;CFQ}Q5}6b^Sv+=MWA=AE?$fjJ?Hos zUJay8aJLj0F^GIdUDqTLLMcI!B)Ux7zaz@vP4Uv553KEY2;ecvFw@y+U^<-UV9=Xj zPY_FB0EzUWsdmwR$W9hcIfQmM`0VvA5V*a^9C=r z{P)ctgv5yBLC68b>vn)Z_o%3Vn*8?=f*dCd;CfK>3Df{09z5AHp)mqV!M1~j2_%T5 z;62qTu$6GiqTN0mV{+GAo3+=dF1+m8ILV}Q1Z%z{-#*LR3RRmeW0_Xwf(gbvlWXCq z`>YQe-m{q7^O25=9qgf_w;D9d2|S_u(mjv+^BI_`fOUAzpT|(pj9{Z-{xx~C_nkge z%_EwJRgx$rk)(N! zCL}|JA}W!PQW`X%G^$KVg^VRhC>jivsgfk26hf$kMC|8X-`{zh^LXri_TJ~Q|2zG$ z9&4@m4EOuK@9Vl=uh;duNLNJUOl;l(Z#J@>=63q_DSh{`6!0{Je1HGyZ+;U8|9VO0Xb`5;XE90NkI*76T$9Pt#){F~Q(TQEQ7mt~M2m zLf6O#hQ-J0-(8~gFlgJ;iM0AqnHl%%;!~LMv!x+XC{g%@MR-8)_WkA{w3#$5`pzBq z{7FGG^auBnw!E6#AqUWu&Ote{e0h<^9^3P!XGNrKK*63cm6z&k`ePY2o9bJD!{W#2 z0v&RQ`woj2;vE)T-*%}9k#NnvhIjxWAvvHdfqA(y1T^C=b@nbW3K$QV!-*p6 z7Zn5&i>*ZohSxT2Erfy=%}O|u-FP$q=aYX=c5$njw{-t`$&BRbTt1O2gSi|@xk(*p z1@G5x=hkVWYwegTi!BsMk>zuPvLjIpfzmn;-d1drdZlCJ_IG#tP)t34eriz^HYuV7 zf}IZvPGy5i!k@YsP{QX$ClsHJ4?3&Qg6@W&q^hxQ{oMeb#GbrHH4?D&!kN>j9|AI` zZd>3b;~cHp0lH`;unq5ib6fsY#B)D|&jP1eumGTv)zy}iD%^|Rd-j~HqM~B%iM!w> zhth!}{}CM%*$_j3nQh;I9$1~&{^sTZs`UJ-(pza0J_2QMRs^Q9?uHq?Tc{%5+rG6EGjuOHHKat0(2k1Lloca5m~%?==m*3y!|kZ2i4{ z2;FBiwY_v4yDRi)@uTv&6HH7@AR;dIJ}Z1;+}(GukQi98E}UnQfq5|9;9qnZAmXMU z4uOSe{1q36tgKKJ-M)RBuDNDm0@0^7hrT3oA^~Z2?ltUMLc+RZ2em_WzP(z#+{NY) z5sVF$Z6o{*g!Cg8v*LZUfOk#{2Ww)I%FfP)2EUW z@t7%0L`yP=J}MmXaZzdj#|Ppf-Q5`z2*60u63E9u01d(@+L+;voq(6~a0f)EaP;x) zl`BtQ{K;}>*ksLE_{X{iBP@}tQ7G~i1*Z-?`?oXW{f=0{7E`!_#6jdu>r)djbo5$1 zy=PPzkXC{}lZZTRXlTgESVf5m@^nF0{rfrJ6;P9r&(A~2?EB3 z(Evo-K|MdR9i_)y*2PLSb2I3Gam>3b^W8*Gj9}pH;tjXTiULMZ3wCy{CjD7Fv)c^c1w^RX5~>Xps0}Rr2O3w}6hHJ$ptUQE4xy zpL~G!2pc#%0`cdI%B{P1k-};pj43^*C(}wE)ij(8%?3$|e6F!{sgQ(03Ph&e1?1e@ zRNwa4w^$NpG%>`n`D=4tzn-k1Fblv@WL|JylnW%ZiQL9mBVOTuV2*)6J%hOIfWu$X zu6_thi4$l=2l9j#}d~&8ZDHr#ithz>tkF+D#h1ug(;AvLq5#nZKuxRzX7bs(b=_k z3#t_jB&K?6Bwg5?_4-|J?ldGH>}Z5LqqftXt@e2H6xW|KHoO#`xm;}kdcrW^sDed# zH=1hs<92{t25k64LlgA`+o#WCrPoRpQ@y`6{l?YR`rDkhzr%Gxd-v@3qIfUY{kj|W z?;27|Mg8aJH#1^bO2jA=V`I|DQTqpKrgqs|7rLI_)UT~AMXmp;s_J!F9Nzu*cR;GL zKyORIwe}72*dn1UKWp!;qG+L-Mau>(K%*IrVr%bg9VmK!1Uo3;M+vu028Ji(m&?nW ze0+Pmeh`E>Ml6D~ZT+3tYM(O7;+Cr4lcd{QxNXC9LaofUoF6DJqYi^5(my0J-^lK@ z?@dhyY-u`vLf`w#+P9iI7#zEsaI*`3JX=Hg8!QmftS2gVxHXZ;8F#kXx%0=sy>l@q zl$0Fn?)suQ6G`*H-$q|9_8Bl>%)BpeDyK+ZtJfQcV_|V^N@*2RRvEM=jt%ie*!WN} zXMN75vtBIgw_VOTEBl%Ct6UVH`X(W?P8nl^hZ{ynOLqbg#x9E|LSieV!e8l(a*KMD z`MMKU8&dhV72n?8@v8bpZe{Y|l~WFcp4h9`O2`?S>lA(1|HbB{k{vF4j?5YPBI3}) z%PMm=Qo3=TObq-^z>U>~dc>UH$9<3Wgp7&2<&Ui<=cf*H&&WGU#-KY9N3#J%N9k;Lr#adr3!n>EXu zEfFbjy5Ui~yqKiDRva7Y zzLo2;<(;a23G$fCS5&OpNon`<%rv&9S-o{Vk64fxsM`i{*`L#kpQG-O1CzAhO24j) zeP$F=v#h>xqeCpE&tctciOt&s)UvdPudXvxkx!tcB|nxJ+@{dt_ob@ZNbmWX=l!BQ z#`;`JjkzWvxaxv!nyBM!Rn@PUb?;WjaZP~b> z)-L&N{%q~#iCu)Y2tcFxc!AGZ!y9YQq_p(7w%*!yYro5{KE%h#d?Cl)Ifx2cZg zpb*58_RN{sUoWg=&*7-5SAH%}BKPiI6j{Ih(P8Y{pH6?6q|xQA^MuZOh5dU<{&X{8 z`aYqzNtW^8rg-|DnnS-8MppgD8NGS%sQClj1|Fk!R5se*3@t;0-p2&ZxtXi$rN;b8yXS!%p_!`k&4y$y3&4 zVf3nyJ(AtP`O$WxAoXeG|MmB-isvqdgiv-D>a!63tTIx2K&mRn*o7K9yA6 z`=1wVef?yvweZj9!T&tI8T zBYhSa2Ub^7RsSQA?aIE?D>=WtGa7b+^;{466%jr5P~I%9Ro#ch4@MU8``_(@uuAXg z+-mK6;={197C(J8@~6K@MB{aO(I>;2AYKmC{!c^A$t?}p2>PHV2!7es|MqKo6OWFC zFxUou#JlgBvjO&Bint2@_>VWZ|Cr9hE1WZ2QnDe##!!pIp5#nmb!0<8nY_h>3zbE4 zZe#u+oY;N@%{=jkh1~YG-=Vy%(zKV624l%d>IPa#<*Z^`@ydJo@sQsO57eqCW2-MT z{ODE4SDOvdI3eE#NF=cfKxb<1Q$?H9qap0(ef>aR>+kv5{^mS-{r z3Kzc2?-=AHA$cn5T9=yVG9%ZY3Tc>_TJZ5vrPSV3=lvleg4sn~(zRPRJ~sZ+!dMbe zO21+~Y9V+igp!f@RW+{1P!J+Afd@+lYk=E85JrpDufVj&=&fGNmjs|8uPa-Ym~2c{ zO~p|7&Cvp8Rluddw&d&rBjEHj?`xfw7@Av&7-sO;XQ`!F$iNE;5F4bK zCR??1vSK&z(|lsHPpBdBU_P!`VPR~jdHzDw-awhITn*3`_sZ=i)&DYItF5IlU;oKE zt^HBkdi$jv3Vp0u6X~8kGrH>dj~-{IvYyG#spe9T>N|Hg2Y6ow*{x1_EWE$>8NZcJgLx>J>JjiC=ou?Ffm+)n8{ zX^-EeJKCS|`905BQS@hjfNQ4+?eGQh#4z5 z3Ki5pv+$toCLt%tZmNTSmY$;t7FGysS!~!q4R3CSzl9QowCJS(7vckg15OVeFwg8& zpTrRdK6#A0*jJ-N!N?;$-$W)(TJ&bmzIUU&zP^z5jO>^G#z{Y12Z;!q)@0W%-B&|> z?hHa{d+Pl8PP3?eX^?ny5FhyED4LP|^GETLFhu4*Y303;HlL0HME9WTZ~|;|@P}d~ zBuJfEEc6=GXqYpgt^ZKlD4n5iJiBY;z;9C$beF0~1qKDSe^sAtw`9IQs+jImekkm^ zC8_1n5;vi==-!#n+fuC?REt(tzC~n*j{&Ypf>`rhMgjBk)vI}!UDGd!FDaEiVF@p5 z>nb(CZOBJ%F{FIO2@Ju2y#Oq+Qe9s5&?5Q_KfQc;FUy#wZ6z40Q;5jO$ZP-*qrc2w zrYork{O6iu_`wRhDMiJ8KIn>&Phyl>aTnM?NqIGjCo>H)InMXa&wmFMgv z7?MthX8$)f$iX)*a4c;up7f#wF^ zBcje}gEknZ2Xax;sRlzG8r@f|61L?**)KrwFjnust?$!4$IM-nRA#)PB^L-~NKZv< zPkE%A0j?$C0Rv54S+{E4x=hqDDmy>-{@WPR2}9Wty*GeF0cF6~Fj3`E$&QtJdP~^x z@pe_CXs#JBUZ=~2IUt3UFUGreNpa`!9~@)BjgWZ=90@TB%Yg~kY4}^<)Swdgi#_4K zps+B@`XlQT(s)tz3mC!qoqWu@M`9iZ@-*V2xCJ4MgkX#%rzCr%8axT3ebN_Rgi4z~ zcUxPU@FY5`dFjRcsgtK}GG3y(Ek`lMQz3caKPQe@eTg~Q?YPr)8P`$8L2Xu+VaIqF zox>?y3$x2dQy#I6glsSMqY<)0jNB-rxPD0xzoHO(fy9SxhoKz13db=T1qE&b1~Bp! zETxbwK*ZBP!a;|E?Zrj}@k1`j2Lf7!rCW=SAK)UH78m3(06#<`W_NoH@SQVf-{jfr zPrZ0}I@@7YoBk`bi*NOPs;Bk9C2{z}n)-v9Mt4&ke(iBse0PseSx%K&A79O*FE-En zLjxjsf7HWbvggH_PU;}Vv~dva@!c|`_SL%n#TD3B}BOKmV0Oj>3CV z63)BJ}sOz8R*1c*Cr-ol9k9CCVNOmYaxpcyiZ6L)&YnZd1ZiaQ*t_GW|!-oDqE(G^-dAu><86_{#!P9?{c5(=l}&iIlKXii;bB)t;ti zro+(vtP+4HIPL*Dr@p2P-Yx{QmmI$@Hu89WFl4^}pzf^6?mc^iu3cC?3ltB_v6*Ck zhaRE}`vAD&4@8wVA^v#2W&8;tuH|0w@!Z#OYw{$iej3+LJL&oVnA(0)l(F@&L8JOQ zHbshNI$d3vu=Zb~{Nr!$P-yw&Js{Z}b%e~(^Qn+T1fS(4#c3Vte(elmciR9?_|Md3l zyXWoOpFKmOA-FN@?dIct)D;CrQR4c$FY(LdcIm}M4Tkcc4n^_N!@|1b5{yUyieDNW zn9PdQ9Mu7-2^xxNpfltnTnEfZ%D)q0zKxF7TTZR}gv^L9%&if1_wClH!kmh=0&{L7 zT2W9Mk6gtRm>Y>Ls_fOMyyFB(^C(?8)&Qjhgzgw+gvGcpkTN|fbrP^{0m?zzU@{jg0n#U z2!BK5Mv{Ft?qOk9E_t4?;7Dl}AmSo<1EM+lQD9G*+{_Y zVt4QwBvTx|WpR5nUyPGV?{sio>%ec*t@B(qrl*x8MFoXhxL(=c_4EqoQxlK9FjjNw zsMe8Z1@va{oLB){!Rm^pDg?g3c%-bzm(a%wF-nH1Xro3^ftH4fVf>o?@JS$!!jX{s z8`aYvj|FM$_orbOE3Uy!n+U$+B(@T^`$}BnGKa3k09M%S$XU_kBSdL^$982DA6=tI ztv=#aE39;h zC8YuE2|^<%?r~4A`5IgN-gauw#3SzR9Ru^#$zPJ+n8xIj-zU=re){ytiXoTrqDN(7 z-D_LA9&U^`@Azh|0OS6iskkk&bVuxFI+LZk_wCXF6>abFwWPjuw4%df|I$*C9HMFR zrOi2S?=->!_c5#knHnouyu0ejfvAqFk<1|kAp9Y|6tY^>>}0Tjiy!Y*UDkv6BKs5W z7qm5fNYI5+;duG{m~Il@?reb3m&lOSzk@%38&(aBtmX-ty2K?i*%WAq1%PDjy`wRVe&R|UGzUo z-2Q!89Zm`9?k>?_X>Q)RFM*Iyg+@9>b)&=D6>Hkglh1x)xqG z3yaGsZ#B}k+5LIO+ew-YvZ@_@XD|FTR6VZ!2K2vwhaj>N?B%B9J5l9lM5*0DIEplFWJGWB9R&)FMp!0GM6JK z#9kk)cKN7uKPseDM#(esBi3wtakXS@UzcMwns>^DsvPN&TR|nwmIxBh(V6dep`cRl z;w*lZYF}uSNR&h~zKu=Pq6;||0~&2qeLp7seDgz7a@(?35-aqc94wuj`zt5usuf2W zG63=WYKk9n0zqDa6qkkfSTy>K{dsdYB|It(4TnD5VCB;rD2khH61);OF8Q>WE&ww- zZp|$M8rk}~eT|#?80hQj{w(dcT>(B)h+;)I9!hiERSl97?-e{S#~hwM1|e+N)%-2> zKz935{!{R40IzfUZ$2NuRWIgTJb12?`PRXB`vCi^-YwhikCtDaB4sve%AiLM>^0La zqkNPr-@b8alj8RDkKytoi)aM#U?zAA3CDw$h}g<0TZ}kes=k`K?&R#aETW1ra>$mp z;Y*Qqx3<7js2fGvs0{g7{CNtQl!V*-W2N7}?_g|Jx@d02NHJ0O*u1at_meguwyZqX z;qmqBNoHeCt1BPvmo+SP0EN4aXy?A;b!9Y~Epn(ge`1%*$hX$!;z5xihWhn+0Dw>IZ?4;8^~b6#PB zNTH>=8%OJjFo%~58g7W={Wq^@E}X(t5b$qmRq`EbL*(=@B3;|goO)+6A@8qFh9WOa zH}W797P_U(r3tmQwPe_Vc14ENg7JF~P)>^^eNZ=tc$?>Q+$mHAx1ekUl=*BlwR9rp8Y^9Elw83Q)<;lnQw!A5do4nIa3uA|5&g%8KGXMJ^U z6K-)WpodEU5rk!Qhzp1}WD=>Bb(f5SPq@3Ag3}Olgfk+4!*#jqexYL8#QqO+%11=2 z^|SHuxU9Ut@cLM%I=Opuul^WT>GQnJgTBKLKQvCtDOYhD{;T=i9*pPU_i6N?UZe4B zlx`w9IvKdQ1Q6wNLxV!yWTFeMnKHS6GLv9uH8tIj)xPAr89zNUhV^pkAyqcs^eJj- zEaJ%`X?egm$ZcpMHzT;#bC4BbhOv1bSuvHpalfREzxRd(78qzcM?%`5>bPJ@oaJ4X8q74o71PEoK|eLat>Rwf2=Y#V`dF zq8jSLNrO%hrpCP*eWsyznOgrf`tlZso^7147@%eA*077Cg`vYAu?+Yxm0WSN%>0#n zABldeNH0hQ32mPbB8On*6lxm~6v4`Miy$&zNMm^DfU^CVYV=w9-4442Qd-nONcsh! z5E(Lb47-k=#URpm7K7B6j*UPPNa8QUwm8aU>;M9qI8;%NaO+Wv(;CxG)9=?X?oLEi zTp6pE%k=ShZq=oA|4II-6n1HizXU|0fvHJr#M*^yG~zJX9SjjCI>k5=ugnn@xeWbc zS`yM-;Bnp#eI)pe;1g;a@!`Pr$OY{NRSpN6)geQssvu)?HPM6PPI4A=iO?C}bmvlM zmxIS~;=yUbEuNq2{AIyGqnBkH6<^jo0v+zZO*&G>BeQ*mN`BSHv{i?{9PW70L~hFc z9X^XbH@g(O{AG_pJGd)&9vE+eXmx_hWFn1ajJV1ul&N4LvZ?agCiTqYoB={`_XY(8 zEj$-$XSWtj7AX*d65kjXy?A>99j{j`H54%if|sOkeaYMCcCr4nl>D8#Q1W#Q=tCX(W$Zg}{U+T{8T|fBP?V=M4u3DY;$y%dA*7M}uzHpTq$U*{4Xc*FK(arEt75#5rt>eTXzqKDq_U-9|)Pla%G zl=?s2>z%eWgk6#On4nx=__kqe;U44rTlnaV$hz1iXwHjq_#QnPVp8(?Z09bW=YH&T$eRvZPUw&x0|O3Z-?h7OmUb=9$zHgwFd@>gHDW+ z(9EA598ltWbCh{wPRhNfzfRcgzf)8*^QyYi_>XUX&XMocPkGp~txYCr>84TS;frxq z!Hs;}6!~M!cOhBQIV$dXJ{v?fzJsVB_0fHG#5JzWd%a6-kp!jayP( zwK5E+Y3pTnHVf?~zus*8NteC*jE4md>X&-nQ~HyzR+&G)Bd0;!=chV`&+rNV0%ewN zrgvV+<x86` z`^^A{O!|avlAY^mvh#>7`v)!O4qKx23Ci7{N-0)pFSTQWu@0)@tDzn z7}rmaM%w>(spJ2T^Thv$yyyR9P`P6D{A%PpPUD~DI~|C%OT?x3OVrpM>M#F`kY2aZ zN7v28g`w2cokW+ttCd%24}jGy*Bo34_QnD1(C&auVVZFyjLM8)88@bb6j(Bj_3(u8 zf1lDB`=KLWQ%Z@Eu$YB_tk!}|Q4R*$_5*c>kN}UQ3L_A6BMO~7*c>^LgHGC7@-hM6 zZcw-^)7ACLu}XS*g?yW0VosO;BJblj?9bMTgz%=hkAjRbM8`<&2*J*~um%G&9o@IB zX16KxS0X;((g6_?UIMhh(n<^n0vUl2OiPuQMX2dkgmy9q7>|0Tvai?P3`*@d+< z@Ej_0E?D4yHT^va%=a16vs)j@u7^oIi;GPBu7-s4KIG-08Mo%|Zb{$iyea(VO$OaQ zLA)>cN5tv`i@(m9z}WAtRD`OLanJY#fZ~dFODu3<7Vy_Y8*M_(OROAuN^r2O1St;% zI|X>^7}0wQnJ}`u&5j+UR5bJVgf}IVdh%?klxSLJf;3#V-E$oC}Hn(JZWe5gfwA z4U+LL_9wo}zz(L4L5<GBiUFdqRo@!P z&Bbt=-d%)2-PEmbW-$kCZ9&w3?ghy~jPN8O_}-e=R5N06X6=L8R@3th5ux{EJ}ML% zEA%|yq06dxJ=eJG@ZxzE1N*KSHD;x1^(EtpizbZOwrHuVf3~H9R9E?(4?kMij*pNT z^rDS(S)2CVQ?h>iNWa~Xqg_z4x1{D|V@Z5fN*k%(8t)tDjZje3_Gm2i_S~+1BLkZ} zk{|pBXka{txRG*LOTk2Qgl?uncUh0Fm@%5z*`41w`6oEriVP?phx*j=Y}G@Tl9wuQOXxTi-Kj zP1wEBar2>Wx2U#Dc6bhN{h2CSG6f((@kTi@($IfSmyynIo`=Onh(6cHA08M-Dkv!I zXS8nlPJpmvFx;Wax71GQ4}C5#CwFQ|fXs!o^sKCGT%8Im*A$$!zhXY<>BciIF8|>7 z!|8@FJe^@WaQN^wMfwH?8~IjC0v@HOcjssRw7D~g8U45lGa91xdf>4ZQAv)p({TMH z2~9poZ{vR>ci&&fNxhz9fx!jzZLoAdidXEiwXu%L)7l^1oRt=y`^zpgt6C@4KwxCB zH>5r!y{0>MoY^=zSh_#zLk~;CT(Y5%J+BQ~z(W>ks3~+m6dOCOywd=_ancb}mM?(v z0a8S?B(+o4j}p^FNcqr7CmB!bdiY?4YFLg1-zU7w>yR8-7LzJV)?-zE?3#k(*j-&) zHBJysbbiyZbuMkwfUv`lji@2+?)$Au!#2I`R*l~`oq0Oi#>Pevy>7|0JOAy9fAr-` zScfftSN;bdzfFWe?4wt&`lIq%rlDb7@@&8qjnz>qM~@r<6BBk;0)SZ+JTG8XTgwS& zCrz71aai_Z;qZW{sMYedk#U=1~GVgtgv z=9d$H_XQ%^w0pM~U-@)anFF0X6k);+s91;tPtK^9LNBcqs{PMv=iYO=MEb9#KjR@U z_VMFK7WBPon<$XVDJfc&zT-TX zeP;txTC_p%aq}&QYYM$I4LAToR$8|-J8+1Qs-O9%)8Dnb4OZG-x1p*{wBEM)Yf5*2 zd|_D^8@r*pB5O^nX>?tJp!O>(O#m@L+7oJhYmgLl-A@<*UE~o{>}1MVf6sb(3$!}-@PlZsr=od+4f~c%|*BGmIZMGaF;;HaiuV9 zgI%cf*{9R1P3nGa6Q8H|%wD%)vwO_koMsVCFuSf3dM(>LBq!w8vRqq0-!|Ag-s*mo zHyByCdf$YDO7HI&UU(Tkj<-D4AX}MVl$4cH)o#*1FaLaobpeULHN>mVIcD!_vG#0T zigWM5p0_V|8(DZG%*y6eLh8qrHR=8596NDECv>Gu|0kwVlMgKF@-1Pbt*S2(6+ehq zga7$+qIBi>k{Hj)NVwJ5?Qrg0Z1(JJUfw?sh+MG-nsIXv_a5vTQAu@2VI*7;H*TD# z_r|$*&3K)l?5Eh*>TGr5yzsqvG@3ZV+-#Pb+76p$LUorB);+xX{(|;+b z-H@ShyvNM=9~sxSUmfoDXZiB0*WNUhN^!M6UN~Vhqw=9vE%_%NXiwmW zUUx7)V#FMbEb+6{&x-?AIpS7R26x-{_CGw=VzY`%x5Jnjf6S?Ad#gO?k&pUbFPd%y zOSrGW-syssN?5xg8rh;ht1)N&Z*AfGw{>d1YgL%!6whu(cJ}sv#y`D1#f26x}R6C1sUs95b+ zG|O!B75}3qi}iDkO^;ulyg*icP8Vx?Ir1vM^?G`{m(HBp{SdFiq)PJ%>l4y1BsOmn zy$`~`MciI9TgzH~xav`)a?v7Kyz%?(4eQeMffS>HxF}74R1+@3-Wg}I%D9^m=*4-w$b@+ zdnj5!v{k_?g0*zsojhVh&V@$c+>!ug?Y30FT!3euUb{DHIa~YN9lh5qEoe7MR|0l{ zXEcKlopBqAC8*7snFTB$e9S_%;j@mw+O{@2wG8iixE)tc`xdjbTrsRJ=jEnIT`@X* z7Zc`$JcMx8(3D3`yN$k+vR*Ckd;RoS-#8%bwa5KC@k%oqOAVy>n1WBU=D)-Wii;&P)ufcl?;rgR5%T$_Z_}Vc6k0a6egI`>(TAP>UQwWK#ER-O1#M63GvcqS(z2*EkoSeat=8c-|zhZ@7 zMphPA7|lL4_0#$p&sAI>x3B!=7?KRy7yZ0;($6jg8X#u|365Z6|H^M3!ESlEQN1_d`pKCs0ww>H_&cUG1@nB@qlW{{D~GKP*ExICwYU9Kh3-VA zMvmGNC}AFGa!o@Nov9?|q74t6@4SxENawrVwr`nw-AIb`0_)e)i#8^wFK79;Zy)Qi zgrv!VbB@h-F^-Hd-^2eBB3Q7!ho-BvEHaLKXWhzYt-7HX-tOIwBf(@Ih|7e3L1}AK zYs<`ayq8jbsFtjpyga}w^D@W!Wwplvap6>N?WTTn-sQb{BV}dNcNOM4UV-1}+fbN1 zdDH=~-gDjs#0&^4kITfOm}4glsz^hEEl*IIFg@m(Xe*1>E8%nffy0Nld>H;}keTo> z6Q52bsN9N%xomBzBL|9vFTx4zBipyy42{W;{^a?($sl_QhQCP@f4`jgXFT`t=J%ah z`)CcDFhg}ejFOJQE(xz^8hda8q}lue_h9**KE)a!m~*qIh#806ETdQSn{!OLd|SsY z9F6JI(^`KHZ#}gBcaG@iu&V#EmU^+*j34wK9TX;2^n+2fq)I0KoX^q>0JDzPWBlKr z|ADv1GkSy8>gvAd>|N~oipH|Lc2$GgxXf#}f8j6(XM+hraTC|r8+kp<-EqX|CQ{fx zSF)Du{D4(Lo6&XynJ3>;xQ~$rCgTv2?5SvW(Z}Z#W|S(zAR6vkC^*E2yxR3E$Bn6Y z$2~mHW=jL^mmJ1N9v$Zgp9NoBR)?426y zx5Q~2?ronnB=D=2+gFugWYvw1!}vKPsqyOeDnt5rJ**UM@0}4?AML0Sy(4y6 zuok}o9W_qE&0@!)X>0wpWKXA+T$?}ZnEhHhv678XfBR-F($$*54WDdR2Rf?X==5n~ z%@w%|X%?oREs~9`lM~Cx@0xNr=D}J^_9py_G0m;mov3u^R!(}2j_iPECEs0N-=%bF zx6DC7WLw1rR?81X=XabE^J{BeV$nDmy%`It)?ND$9ytHcU;9e`TXI;W5>pla=E?u> z|59KXljhnivLE9}oNrk08oN~@_AhB@bgbCxbL(?xZ{w?z(gK+_{P@F)E%IGQCN&+l zH8MJYPyjfcvPmzz-ZE%$mys;xoDsb*1L5n+*`*!6akzK!{Uw!OzDxm1Kepg1b}07K zXOLAbh}7M59(!La?SvGxk_7rA(v6qb_kD*v2nGe^= zv0W3a^}0EQ7Z2A7)(NfIylAsqTBhO`}+d6Jb%Q}!@`dHz(QrY|apQgoh{jOzNWa^-0Mh=#r;i%;p&Mr2Dl}Ezmt`l<(-qY@LQoVmIt598fZo33{k0~ z;SwN}xDRwf`@79YFu0J?%{wDui{zn*N_d3#PU`P!;%n3yNb2e9dw*;bvW@p*1Ul8^ zs^A~zPv(@>(ndyo(S~05n{<$ynwgF3-?e7*uzDtQaAOh&tt=ssQOrjL`*b$>s%cP4U@5K$S**Q#TSRX)U$w^SW ziQazmY-vUw}RWbap=kS+H0&&tf)QCFdj5=txMH(CRO`@20TkRN}zjLHtN z$h!nPi+y(SBOW#{%dJx?GTfeDnwVE*CmcvAymAs3UR}uouX!b-Q>8U|O>y zCz*SE!1eHkB42kRApnE$2C|q2?#3I~YFxI9Z;mUNR8S$+{qczYT^WOVyELY<1oA4e z>m{AxxxV##l{;PzG^ff&1nBAQ{TT8N{k?+JyzD8wpUZ-)Tio??ZH4r)>32-Hd|^iH z-tk3-`@SH0A`fwzKdd05QNO0P&i$iKV|b-1hP}fDvCM@g)d|GHAaUQ`jP{%F?|fHr zuQE=webbe`AH<7>METmEc4dv44!dLgZd^FJ-84TY&4hKv_Jf}9&}VMbeb45Y+r%1x zvLIb4(rS?ls#Ha!0DwIG&i;4XVy%LTiYkh#H*NV=m6@F%tA5_e6qi?X^OYqJD;x_F z_D<*1_{A;f08z^6%AL=*Y|SWrSW#J(v9-xEv!S3gZFiX>MsL{2LQ3VU2N|2((pV_)R`0Rdx-Bc;3oasH)!XM=@>E0`?)bve7@@CvHi zQ1kh-NJ@9arsKQtDnUs@%qIlJ*lB2HYI+1<4>S-^7xeXequPtj=NcOw1}w|5P(s&$ zsBL`LpL6^lP+S7SaV$xOVP!|3U5pHbw1A>tV0f5ka5O)n7?zbceT!QX&H+e#cs-~_ zxd{^p0IU^s?6Z=|6d)XUjFc7!WmlF4{8FS4WlX||A5mve)8mvpH<(# zor)Pe*j%a;NE%k;q%yjCdg#n`qpi%n7Eqz_+$jn;&opVQjnOg3_}|>zKQaOjF%X{h5xz?vUFiVfQ<3?6-F+XkR34GmurX&BQ&zB6AU;45;w#I`2Ulj8M)_C9 zSt$AV`U)g<^OTUx0}ex|HVCsGMeyGnCl6#fL7Li)@K|C^F=P8KT2I4pA@whdcPmd0 z6pUADtE}H4W6$IZX(;NrE{f%|4q)(!HmtndJjZKbmkxYnBhoyB2{EIVXP9i;zCFlb zg5r!BJe4sLZjpEIUT;@hmnmjf@-2)b7a?09{F3Z?)R#1b2bz!1Ttkd!xtB@LrT2wD z=@}W!dAMBdyGt#T{GB)<+sp1(*bZ&TkhSE0nFc(Ni{dj8P6Ad1ld->=GdkKENqi)<9`j>icFCMw||-RW3(?hN`|PmX;L$d;@47|oA13{Ak+U!XlOTzCbeN^ zj*bStM@zWexY5{!BuFAR_FNY7gCd7i8#f#Ncbyt@i&r+x^dH#;EZClHDiR2hAqTgtTTKPaWx%Kg;mikaD!gss@e85~r6a9% zA-l?yH0I{o(!)Y-fUM>ElY%Nc;iSwe5s)!$A(C*TBz?4Izf$`Lg@!KeD8-wkXJ$rx zo~$su3j%{6L`m!t3O4?NV|2ArRrsJ9ObG23PH6$U&-Y(2WsopTG?=iEhhuFm?76ti z|Kb!PsNcA;rsF2kcwx$ogmb_dk0pSx9eK8b#DXU>%%u(z8;4^_%72^~E$?bN3}8ND z-F;V3jfb6w{SuAk#H$qGTdAbDVldEhJa3DErZYB>o8GKwyB z;WoTeRr^6UPo5|Vv&5BzO~rBgEG?ojv6mpUMCu9-QMk?%HsT`sxg~Q;!z^|`nR+PD zoY$j`lWauHe&@H_u$Z2HeyL@()_e~Ts2mGzZ9OpSSJC&;lTj%$ABdkrC5`F;INPIF zT!gSH5@&n(@Kg*Og~1$C4uHfo!*zrc=z|Yd3e%=Ng)05$=wqHOjh29x}8wHTar$(|Ioz{n3Y;aW?=8M4txt6fY@q zHyAiUR@vHuZgHK>2kXGGCt7clrDe~@3M`-z{0m8v?~;I9#e)Da%{V0lI_+v8E*^<6 zf1}0bb6iBGlm7~!H%PCis8SFSh9pOFZBygACXYf2$N3l%lpQR41Q~r~AygL_~MX61aJ5>h-v$Lv(+!3+*VQL_EV+lVJc$a2!r@C~s#domtQ_EqKZza|h3;Zn0hJE9My$hE zo$>4{8beo2xWHZsDR;E9)5)0-4-I+aMj0l{K`UhN7r>!KD|%AY^cPHhg9;;-@*u9t@8Rs}ng;!$5LTfY2kT8Y?D zXpVmVZW(ZRW4Mmsk%2ss4+5lB_~Z3Tb;NR7!Ja`yEy?nZQwY}qXrFlhM_*z)%`)^k zVfv>4)PTbdoeD|xSo1OPERMoEP5b@C3(KU1dk#q$leNAw85xhw2-z`d*=Fl(;vxu` zDSSF&pjdG3USb}YW|^?NC(WQi8in&4u4-Ckk`PY^Ytd0IP*wr6K@{M9WC$cor>H*) zMjrHva2<@@HX0irbW|5ZhXnjoSvOftEzF`CT#9_*a%Ega#iScoaZhw1XXb)o1~U~U z%ON#*@JAYHLI%8VKm2E#7n`*Vn?g%=Oyk!7nXJS9UHTxJ`Zjf@ce<5Y5eo9}dccXDzr0WoWbhJOwcl_KVl zGG>`R{yL%DqCEv#34f`&9>>CsB!kdqGX0AwPLVvb!(iiYJo`9U*^;|^zPeu-*t+bS z2rXIB!1Jlrf!Hmqndtrd_d;4EPaxB8W)@f_R~9WEQi(;0(pese)8vOvJI&k0SAsI`S}k z`AiLUKLI@>-xSF?LULD=99v(D=x3ET5;L2d#Z(xmC6Ti7KQseYiH9nFo4eW2E%ln6dEoi6Ex2R@6Y`kEHF%1KDwI ziI<#rG)eq`k0#@U!&9bSH0(nZ=WQqaBxfU(1Bfgd%^F$k;m#0d^S0aFPn-yTyG`A1 z?1eN4$k)C~8>?yK5Mw;4_;VhQVjJDOIg4U|nuGX245b7k70T(J7}u1vwQzaBDsm69 zwnYJ}NNNGik3Rm;hDdaFNdTdZnlVB}`fOgto!hsQ_%akM{4#+tXV*1U1{SyI;^t*B zCh=-}S8aKZ$0PV0CsRdJJu@WVyg8OuqGuoGp7*`K%RHJuLflZWFSZ@)Wq55nV7d{> zdWNHqmlq#1xH5!vfb)f!U5{B94kDx4sk-KP4@57zatlbp1@M4!{KSIo(_fg_O8R>) zw6ZyVA#d{Lp1Usj_|U;Pw`2=p$yYPfhW*060;E&*4J65ROTH3uwWN#)S8S#7x**0= z`Y-e4tI3H7e<_YeXbljKXi-N6;=f{Z#@;)6gmLh75)b6bP=$57r|qc^t2j8Rp@vao zoeufT*rQYOF)7J8B*WW*isw!A7D=n9d~_A`3?J}5s{waOy;TrHcLrbqC$)U1-tX6Z zgDxFjZLe)qqeCJj0Q!gi97ZWHPW1Y>O&DwRPz9v2h<42`M-Y9OJ%kCP_Itrp9-b58 zu@A(7O!$xbWn;mHwj0p4jM6PdUVF8Odn>v|{$s#&LR@Kza!_y2*P2^lL`8oIV zUcU}Z@rf%C31(cx>d+irUEL99pK|R|2CR@j8OmiLt}(XtMNdzEPB){V_%V1w0cgw{ z<*#?B_?rqBK6TBzx-W}K9ejN^5ro8q)!^W9eRUR43%T*M+!8m?(&_qj+`j445B3F5M(A6 zSd#1Y>(W6-OZvU3r|&Xpt|l$n0XRcfIAAW-*-G&V{!k=t)SA2sS!}3TK;Fk4LCxJe zw4+ug^1(uDHE2*hmh1?w{7iEPH@kwO;#Iw-3=`$F?+uTyxi)ymcYU4iW_16dhpC2> z!!~BE=-Q^r6)j*{Da+v1qBv1<68{c5QMhA7X~m!?yLFWHZw%XYuX(n~x+kU@rJ5bj za?8Gdc!+BuXGsTT{nYBj)_tIz;zMO-VkMS)%|t0GWlgw__CBvPX}RUK6(eeN%5Uq+ zZApl~7k`Ub2%k@_2`)sbG9Y|W8m6t*cp|?nzb$J8niUsqq1by$ylcilSK1XU?wHAX z=qW#sA6)v_wy|hSwAb#76SCUx2MlOeQ$p?wS0~5=&;Sp~7}@9PHakTd(g}^V`&!ap zAI)iaRwo5KA4Ke!+A$=L9~ zC+Y0dja2zt5<)BE^z=44>^{HTSfTcj+RUdLcO*YQR+3xweRj5K+MP!Is2w{I1LPRT zIj%2t9u}pPa?f(`;K8|{8o$@-hvvMh$99}(DXOLokL1>z53;?#4Je1afC7)lMu7+p zCuCGTk5a?1ft1egw7n!h(=uv^QtehpN5|x4r7xd8w0D1;6svn{bVc<@Rk{P&yME z0IRuhupaH$jb0q_N*LnuUD;jZ?`&7U`QEALYk3JbwWcpoq^3X%h^zGNTY(cmzqqnb z7)jmxmNJ+WkpIAl;sZvM(7ZW%KTUD*hRGFb0%~9y&49yr)LzVNRmr`veqr_$?xLPY zO*BHi=%C=Nqernq28YA|;G<$X{4#wok3Wp?%UZo=O^}{d`Zl><)sm8u@a2!nY7tO_ zN70Bwz$*Nqw+Y0Pn%!17Yw!s2y&QG-4fV`@PwgSLh3XD)FMKPNm4o7z3f&L#G)h2H zMmxSNc{hKFs*#GI^3E)Yt{vHglq8h)E7_=9XWY#T@LDGAdGX?Va`1}gH&ykvovkNc zK(VrMG6~)eKK6UlN;=BcDzjLJNw67+ER;e7ZBcU)9x3!izS7#W;zg< zVxwb=MrT>#GZ_j68g&9isHVmWewD=utt_Z%U@T3n^+zbc!y-0pHXRhEQyCYf!10DP zrok0>;ob^aaO^w}MC;PzAuXR=MHR+ScOy}C#bZ&P*ztq=Z=)27Cmc_6( z6#LBbS#_xS-_uXLHqCxb77hbUMqyR`Zd%T$(uOAD;po2q2!>(zeF4WlDDXMHM%F{C zn{lw#sJesRLBzishKf!Z0Qc8O}cqGDCA z1yRrSTW(rx-n=5ZoYPHCD+HT>cw6XcXG=0GJMADVU7~o5stb=vtQnQ=J}-n48EFGQ6g_xs%J)zw=qMCJGNnL zN#LsBu+LtG%)veGwGvq^01#)C@|L33K>2sfuiD*&Y{90H_W%YMM_wFcwf9@`e43dL zWtFWyRBC2sroF*ZwtrX9?wt7ugL1kr+)uhibfElN*>CyzqV_KH=9IkPzI&y63rAQ5 zVA0Wi@dpt3(T&YU@j0>jE%s4q4)<$KI@Oon>cA-(U!6=5MpM~;=Cg?bhivkF%^!zH z-M;OdY%K6H-cc!kXWfijsxyul30MXW==qcr0>_hI0$(C0;lQwt*w&V&oZSaOETS#& z2Iba&1II%mLkUGC7!?&|@vdZdBdHwkI^vX%E2GAm;lShKcDvfGeEGje$Df= zpRH+q4G(;G*SAr;=3_`?nf{-vs*s6IQdE2liNJ0bDkFf?knaWe?8?f@@_ez=ZUuMR$iD_-1Z4MLcN9TdUXP>sIa)`(x^dnLbYw39%c+K95Q}W<{-m$mBWV* zFQc!V*aJd(ZwrAnIPW@>v3p1~>{7$Lh)BY+qP&WhK!_qVtneuSFNCA5Q@dSm$Jaq# zz4B1Bq=W=U7P1@ED1kZS78XvZr%WECTaV-S$9L^p>mPgf?jo7~tJ1n(Z2z^av~-d5 zSy^Ap7=3wq1t-nsLi5fDDQ`6Wm65l$bQzLVNQCsbElHle%xs<|J&#)Kg@*~z-_dB75#h?kP1`Dq!!`L$Y_U!A&ifsr%Y^Stex#NA`TLZ>RpXe6 zViA1t;zepSfK@Gxydi^kR=rgsxkZ@%skTwcq5sKLvUv#M;DA}_535S=pVkb@8L=M9 zdcuX(QI+_&4r*^Pp}}a~LcS!Agq&UblzFt?KZobANU|QTgBr{;9hq#7hBSC5U*VLd z;MsAv7c^V%Ern*3DH-atv{N32l=LA8kTdY_JD4D<-)Wp_ZuqnX&wausD=8&Eden|v zWvIS_l!5iW^rJp`vS#c4HT{+TO$#EjVwkFZwU6Gqb}JOm^?1C&++08!kjR8ium_F? zd#9q=+r&TJWiF?HZAfNMxlL!w5n%CXJ#Bdp)5>>{VXst@bHa;E_qSD!mp6&LSaAn! zxkaalK=X>X%6o>Uo2*^8uJQLDGWJV0kq&eLM1X#Q?w^ez?D6%l7SS z%&Z-H>`A_$bK$alfhpKP6>tDdmA?(Y7Q-z}jHChm%NwN-WO2g^amf4rMx zT@aFE)_Av%&8*n9y(0==S42wMpIu)$G`lM0`h(W)*E7}}ly7bEUL54`E_D6uo$-5b zXx4JE@a6d2?e!Ms;0IV~pC#^Cx{{^K0#u zof0K;PdDz@%S`vqX~+xDJP>;%7dakxQbjdns&)1B?&N08-9fr^}kn9kj ze=D=u9y$&{`N^kGqse6SYKPirCE~keUE+Poi!J-LbEsBnH6!V z|LA=!w2~lJTMnIopb(f)Q%>SzvgCS$sEtR_kdjePBRXMt#5D#t# z737#>-1d64{y(n@_kOU_we^2me7#29=KI;as);PUXL@_I^IS_|NKl6=6aG=e#R-(f@*izkI~_A&G{AN4BQh zH+qH|7gZY`X^_4D--vtjxSI3-|2t+ZV;_|4jCG2v$y%7PX4gVW)=(-+Qd%ry3`s*% zsiv|Pr9z`c8zmDJU_vdx{Ue_Pj^|{?Xx0`7>o%4Rb-mlm5 z`PiPe`)6h5><^P@DL!XATVM3tqbp=}-lGP1x}`vvZMivi!a>)r0A}C}j`abNag{cq z?{%h56|feFqzDUXa&b#PIJsT@mNK%RuooF6J(SwKywRG7+7WdSRQ9VxL)m4@5h}4; zXodEffeb|t{Hy<;hpC4qOhTYF()+Q4`B>KpwfmcVktwXNgy5XQ(hF&BlHpiaUKv8V3X+c>N3 z2V#Ky^IJ?< zx)9d3wzi&Z`DXLdLB|P|`Igcfm3L4<#aq9(j(LNj3CP?oq41>IbdPkhrN|PvepSkF zFHUHwU4McRVV+DP@esaB?f>UIKI_vi%jnGG?~9Y82_*S459sy%Ia1#B=O z{^QLuJC+^T_66?bG8_SF315(%caue zxt60a#nm;fGc`5U83yx0Vz)ZeL;O;{jsoyqsoOMiD7Q&q@__!DQK^hQy-7iv(wrMT z8M=nM`an^e+B!jO^!M)FbBH#C)kBtI5*ZaQG8qodG%vfoYMdIppJ+<}NH~!>aa^OS zW|D4(yn(B{H*134Hw3h?*2Vf|+Fh}$9cYsJEg9_%&1tHYe^MpEC<5D9?zgPcb#6g? z5%^sc=OCB}Hc;9*i66hRMnjK{_KwbE|5I;6;e+v%@`q;zeY}%WrmKcLbuTThiLOK< z$;Rh(XS@}}rSPq=AJSM6vl!kri@EM_1^Yj}o=0>TEgcXVP$0lLGCePZWvsEKT7GzK z?Io@aV8O!817nTsa`q7OoI7iv8O6Ndh=>g}MbrztkeG6gfr9_7ipXUN3d;+70%;b% zO&zcuwJi)DcmU|l2#ZQnA6D8 z*YNp;4Qgk4GyYAYKYO~%%iW*BEzt*n{`34bK0mJe;Qsw1mS<+d5g}HS21;5-lj-md z6C&4X>TDwIW0}izWaOC!IKi_S1;yl%=zW7)R=|xhm@2+sqU2IVu{x z6pPtWz$j@JL6B#-%Uc7iUhVEaP+k4JGQC7pe}8TkEGSh!i-o730#58%@JRT`#1&Gi zI>BR(XO|0=&+?qtTuM6Lhq8t#$VjfNA--8KVZxzF8_1HNbf(y)F=XvPF+Ae_f&c+F zscuU!)e`TQCyXOg7(Vjz!-~`2Kv|w<(%hoKi@4(u{Qx2`+b|w1WwF%IvV>%p0`MRB za{f-gwD%Klu3HwA$;OF9Lo6`ycEIgD(noH>gb?yWTu}E)JSeOYE{Gt38RtP7tXOF@ zl1lkwXVD9Ot;nJM;H*C#RmG)*9OaGTcR5Xq192((dXq>y%nQW7ikw4;hviiP;BaAK zoyZ-*^#GV69NA#y^m{@HM}-KIho1qb$ra8@>?-zvt56hzDpd}W&5adq7I09oJFdYV zY(2sY)h$g(beNu?eRwOSEvpsMTSQtSD&_=2y@5Iqa)_sfGlpWT8!Pv_+=E9`C`a&j zx;9T0?JDe%#c~d!iFi-i)!B)IIo@t&eAB6yC)Vm2+1T&4(z+x0%dMfVH z5vi~M0IUVQE|<#`!H8?VJm|CXdcx^$Y2tyPN9Y*ezjes$1AjvwjZ@q3v&)P@J*cc; z^WYaK2k<>HUU1%-vDHmg@&$+MUVVaDdeTLF@zs{daW z-Q4+QbxpKxV%Mcf7xXd1`BVfS&!Z$9*|ZJNCX6v4aY)51UqtP3x3~^Ah4F`x1tV=# z_G6_CB@*q75INNOWLe~D2jI^oxQyr2g4Yr|(BhGZFt%fL!@Uc+2KmTW(ab{gin5Tx zQ*`19_T>iKAMZA-s;*A2s<#9C;ZNN|0RtB1^SCdj6Z?0*vX0st;$W~Fgx*x~~)H5#)idU`7nz>)F^5A*vks5)}3oj~$HF<+hY$DBlkjBq#X(cU;%pA&;qO| zhEt)X%RM#?jSJ0Sp6j{*vjg;Q^oTt0e8Q}`ZuT22B3{%^HP%oC)8*ugf7ASmgUC3w z*^oj<@Z^+V??dDjAqZBgp52+Mum<@6+~U#dr)A0p!C1JtH`jfr2n#7AaQE(a83|j> zv_R{k$7-1D0P(SLiKD|@(VTCX8T{Br%uCKyabKQ;a)$Cmwb%HSJ1`L;D>2Tnmg}L9 z)YVO~D7)5F4&Dit!kgv*!Xn;$ebv}K+(Y_C+IsBpVBZ9h;bxZixU(h=h$Gjs&_m#|1gUW-&Mrt_lrl~CrHqJ;Q~+m z$#Ipj6YLtClc^VlegK=MfsWzLb%;G+Z^hn84l4j2u1n~nJpVP<{LI%HJC;-YyHT}Kt35o|;}A z63an5>3c<|fMkTSBErQQfwVZ&j?W0TYl_V)2xWHmnrm0@<|p-gn%ymJ-J}&U_(`<< z(2h)gF&8^_kL!OeGwRfx8plO9o8#ow^pR%yzxphNLKP@6lqF>Y6^z&kjg9jIm);Gm z_;bDO=*#{q&|8up%%;C;uw|$l*7K@Da1gC2w)s?)8bLR zq9+zB7PTzUVrpe2(UPG0gzjFGC!0iuA9sv260w&16Z1dRN1B9xE_3-z>FwS$K`|wS zNe>6Uu|5!CRk@$qNaPCqZLOR)f%Y`fWR@1^5S{KLp&=&$#Q{vM&fc%ESjjM&;xzsT~JJ)>x z{ya8!hzh6##2VBNObmP#tAB-Hbp5PlrnEzDL{%eWYHG~Td&bts!%h2L`*@|>S-?)l zd@n>k0kGFvu4oNu@6@Xm<0*OTg2) z%j5s;ukPjPiHpOFZ0JEfe$e^hE`oZ6cJS?Bt! zqnd{`J3I7`ch}Q9nDP;*mW0XMQw zJYYM0Lp#MAME6lpy>XI!mxI-Bw@u7myxhKjQl!oZ>v~z1OiNZdMX_<5+6<@KkwVWc z2FfA+!c#+(p`p(ET5JE9E(AnBy5yz1lr0$DoRD0%M43d2R*|+y7}2qZi+688f34xu zUXW{G@idBID?^N8bh6Q#K|wEqiTDnXKAgRL*)k%m1xB`bvj0fj%F9OQ?tS*`*_yF^ z4}83EoL+Y%{s_&NI>;jPQ{@hB^~UZ#?hP_I7|jq`Sqf3}mbdu`P2Plv1s#Qb`p#0@vLyUyEjywU5y4rU~d)6joyPi&M^hjN0mRMF! zyuvs&S~5)&34St^iIjd~+AFmzZ5y5ZXz%yYistD4Lxz-@w|clEp)Th}ib{kY?2Cv# zfW~G~;cIn|``j2#;|?RhHZTGRKX2p|Gv23VWGtTF1k=$$D>wrG54HLLEK-!K`N<12 zrIR_9keN|@iM8#7%by*URU|$PRVqcQT|&~9IkW3#M&(+H;GKd3{RC6-sV!$0i%iq> zEj)R4c$6FlW%di-2yTy8VU+R7^ow^w?GpxZmXxr|h>VH5S;IcTX|8D~tyHt9J2!Rt zRy42B16UxMb#Q79Jf2rjUL7gmg}bH=qhBPmQntB4e1y?%fY4BUgk$A+4R#-VZW_t_ud5o5o9qzX>SY^o`CN zDNbq4jrjQZEzeV%S{OeBHNJoU{`8R@qx1FY130aI{{;oJ_yg}|sCNs$qVC)Ckt1)^ zGim2kG2V(j2s($D#elwq7F}uYCk0Ic!4gUva(5P9Vjo+j;e%3q48QJz$c6*`C0r|` z8L>WzmK-0&%%F}~Z~D`9A^ps|?w(&zkhmo;Vn&%Y0YVNJ0$U<;EiI49x!f!h^qFh7 zs%O;vN=t;f`+nrXtfIV{*FDqXav zO+$;uI@fr_0nInoT>EE0T-m;vxvqpY2uVW0K%0(7QPNYr#0n_OV-HfPrh#P3L_~~0 zp9db(h7;=f)a7Q1KQ~{kvk1M{?cvk7xx5w!8V&ZUv6nv=gw#hQW8y9J7gpeN}Fg4rl_@Te??N!(waE^j9N+b=U+9ZAnGPUwRPvIXHqUW9=$3bI>)jyT)S_6M`frD3U8%S6DqT^L6u2)^H#;JAfd)Sqf> z&fFCS?E|tLiCh^fGyK7<1xE;7pg!%s?El?A)Y4VwCygk!wav#9y-aPV`wkIU6JO5L zLROqv{*_++O6G7Na;Yhlg-?4-`J5&Etp{^1?Ha(Eq>RMqf!RN)=Q-Im@E=gcRb%@W zSC33Cf84S&}^Y*UiaaQ`ctH*999B zrT?3c{z}fZ9 zkYpY5O?VCt=5+86-6bIEcX!({5^b=1bk$6vB*(8@9{XlDpL_k$g-NpSs4o*8&=Eyd z4g8jT88ldVy}U6EYgH2{4k5%?=}uy^Nw((hbTyyIA4hcoExq4ME8IYjT_vOyBP zVAbZlz66yBbro1DtR87G&4bPxMZ6$PlvF>!HbjTfKdmt8v>>7(rdc*RRg#SYo(-~` z%w8noSacuogX}w+M$1#o=58ATnJ2XGxP>O_=wuLb%fTNIfUNZnDLYy7^9z1%W*3O9NXmZyC zJq`KWumgJxh7*x1=2ALP@{Ti6h0Ekto$uB?ZQ=o@BNGB*+Y(IR51`&2;%8I7-Hx85 ztvyQ0KU3<{C!jeccx~g)b2)C=sS#dLir!WUZ92F-hl=bw-1w?IPGcFh z6-A-2$sjw41%U^}1Bg;>!N`UvSBwP1+680>>V8#C%f5q@5qn_q#4q}`o# zWaMJ;IlE%tQsd(XvL|aU!F*Q^@=L!7B`kOl^X8X+@v@W_gYDr)5!ck>r0xD~Vu@8s zvJToL>x>zvXsMMMN93wD1T^_4tW28--j^}t;Hhk;a#O}cH>PY>7kDe>$n)2)ugZ&< z=#I(=6RDR0;F9T{DJo#_iC|U$GTp*Fh zzTMB&#!^oy?M+S%B7H*cnoqV>-FXJwIo+jkB8B3C*->4_$K>weU=**ASkyxlKcX2! z=!>(2M+?0mYLuE}nX3rS3d6leT1E1_G|%l3lo)ihxAdqB`L!6u+qJGE&0!*Z2vtF0_Z9d1i|i5Ti+~! zzZ1EFbW6h0fE2>1qjfJMobF97Jg~wbf&YjNF1*9|GmBZmk8q>W6efLpYsJ%Tcticq zdBb|WV>$BlZFH^}#bd)WWbSB+r(Pt_?U^p9BYs1`)}Y78>IkDC6Di{D)zDqxKH~$k z1mFz~z@}*2VL)NG>CCba9|1B*fPdIaz{E&vXm7LeFS6Ier%|(uNG9RD!#z8j|dr~e<>ptQQBNzB^ENEM(+Ivl4Zk>r_uSKmsw@@7&iqwDjOJ+b>7oz z{HkM9cpi~`r=cz+O{6hThzWIKrZ>Os2C%kxo{Cwk~ z7){Ot1=8vwuM5fe?r64c%d;hx=dM5|MY@on0)?u6Wbf80_qJ$=JhWRSb_v9gfO+Lq znA#5_z>}F?^lZ$(?gy2GYyZ0&DWx%eLipz4sSO8H7qOqNoKxRdJlBG3Mqt2`)JgYC zJHaK^R@=G#0DJK?vC4x6m7&-sk(Ei;hBWsD zgFrS!GyiacyktTx+^A`XIIPNL`sU5Oqm#b{%>G-l15sYngE6}I%;i#ZyV?&+9G1@r zS|Kjv9=0*8D*4@(^p*{Y*sLzB1D$^q`Za)M;8(!vomN&`k;~FpgT_xt`qCaemM9QW z3-O^;XmPNT!JpvI7)O=EnaiThFRGxx_s5I(eowD1#|{O~JDXqCVV&ds_H$`5fOeJc z5DT1UXwOm@jqr$9farkD{<+IBN_HTI+^<7D7m8cfP-qWr(}Phs;K=|n(2X;L%HHe< zNiVGdBf0TrH)kN_9DaW|D~uz6^_U^{nUy1h23KeKaw1xGI}aq`v-H~6QN4dc$v+^( zd)eqW7>wAo1Rsw;y+5P?Cp-_}k4Nu0WVHNLvvHH}9Oa}?B{|~7b1arApBqLm^?{dr z>(&%`eKfATXCbYRL%uLC`!DzAF!vH+fm^B9HdXw`6LtynrYFXq<0qKqHwk``-*<03 z?*52}J+)Rd^*);Q)gt8XCG)9pF-aO9>KtI|J^s|uY980rA|Rkd)>aJ@rJ~=&W=cy~ zLZ`xK2iz+Fdti%cy+5I~Jyow>^Ci74FoHlf-mN7Q}W1cndW5za_6aReLqw_{JYwaRGa$( z7LqqdD~N`;FM__f+Np{L#WR#V93zz5i<@e7sfQY6indhvKIOdI&FaW%dXwXs+H9;i zNsaSm2S*8MDu$zP?H*>t<)@TDC67CpqV5z4K=1bmpEVbX4Idjymy6hMkYl+Plzn=H z!6HDBH9%@fEz1w#8u!Yw7y%?S$s|r=s;^h_I(blT>8hvml0Xk!bW<(zq_swO_RT~s zZ$J@&3bY7f?Qd9RU~BsBw*AR_@#Qd0Ad>RNktv7( zmuv^sp1!%IPu^L0n87%+3|G2Vu4Qu~Q-wW`8zD|-LA(hprS6QEi_-F%+LD+mpxj9o zQoHq@mo`ML8&?}?>*|3h7hD@kRNVc$SvA)!q*V=WvIYQsz=K>(;!_0OE%p$+O!TQd z&J?=PTM5l$bb>Ct10rP$&r=C3fpgbv6ZdRy=J?&nm?UIGj#j zxu9?-iDQ*-E~$Flaw>Ee_>KrtQ*kSIbnC?M4*-2J7f$&+fK-k?{I=uP?#I)>;`(@H zVBYS4b#1fgvo}okhtllTt>fXqDG5jJo$s;AxRdHTJ)m6HIN=V{Np%*6n9GQ##DOLKIoJUf|JVj;InUa>B&1 z#WN##1FIvtbuD=5Xai6wG!{3c5X1ByDu2VI*9WwxNT~YY8&GRN+-%u0|MoMVrB}2w z#yvPlh_Zmtvt2*i^GWK4%G2E8-i-}gVN*nYuCSHB6Ec(tT$6)Fz@3x*RRbYiG&XTs zfXmYt^l^hcf_ti{*d?!XmuDjirAnu;!~F%&(9~M4w-Q~Zh^rLwxgx319>LMcebGAh ziKbfiZ0LfBeOGq9-u)XVn+E+(JfC4&-Pb{FpfvGhE zRb1Mt%>5pBluZc;MXLfCAWc>I!dza`(7tbt>|OfjW81Ai$hj7G{*7aIarAHuFQgvk zG=$V-iI8lK6OXi~i_>_ELjMd2%Td5Bgp!UkO<{oTrkm?XtN_j;CL}Z^aM@^-62eSs z*=jPZ*Qy*TfH^Cf*ax9LfoM5&d%Sto?LXRmk5zb05NALr^eraIRTAwTH)js&f%^js zpmF5hJuw~4wEV;@2{uvG`4sr%Cv@vb!Gbl$spx+8?l$|xqECeh>;U(Hs)V_kt#VD# zefB&oi3ExNs=cu$c>8JTQ>k4mBfg~^Q_{y{LO!s^{|pW;;s}xtHVFIgbJ|wnrj<+B zH>IMO>DjYRoFFjfG)+P(P7O{m1m`gw&51aNz;QQm8`zlGvIth~LMtIiZ^8YD0)mr* zb62?T8>Qy*?ecH73SXhtNBV5BDl}&oM1;s`q>2Tgi;CCr^Rqgn(FYJCB)bluLEW{L zt|B){aM$9kv5ZC4!Wj=QN*m5ifGpUHra`c_9QY!hQ&FJ!mdfrTeAygE)HT$)_dw(+ zO?Obt@Kg!uU`nfWLWGS(y7i2hQ;Ps7O((T!xzM45=x)!Gw47T%T(rOfszzTc{7k*C zTCeg&z~?^X9nk@Xkt=X?cK>&RUnbfKIC2qEL{EW96Ajp(n}yT@qy>NvN{5b>_kzDr zqz4QcG8(zxyK6+xYWay7J>=DVPb;G)waSk|TLMEYJZ@c%5#Vrn)mX41ktUvCN{|E- zdoH46q*`akgfQYZ_3=ojMgg8^FT7Guq_^IR00|-)u&{FLcvaFSQBZQjVO!wJ#84bc zUAUyF%SXU90WQH2Al-QR@`yyqgyFcivWl4b4M2*-PqI|3^0sNHd9Za*yn$GVeFjFI zeE?3M-CN|~V$oT4Vb$N8mbVtt+aL#FXFmTqK_t+KHA*i+fGDU2!lNTZ6W}uz?SU{B ziTKdphBo)2*C_#oaA`=Cz|@N!NbtyXb0E!@yDRnNrFxSw>1x;`07qH?-X`D=a%qXa zt`Tchkkl+X5hWnPoZ-UI)s)p_3^nc(EU%1~pF~Pd0M_8agM~nk|6pmgE8M-E_{7U( z&4|JaRY$w4{#VM>U!!Dzw{ALS-q_*vP`%SctTa2cC z{T)k=TDbKKt5j@OwCD0$CIvw1v2-Gh4hLF=A%@~}L#b2L5X|AN@@j=bQ50AfYkB+a zN$ZL`rwgh(+GrgWXWsekdFl+)KmbogQ*6oFGtdc7dp|edp|**HIW@2|e8tfAh%-5e zW!3vu#U0Cn2X&boS7Dcch10TI zQP7b6^LLLd`}+`{9jbl+v$$k8?d1@g7pi8G(&_m_S7ojO#3)Oc9C@x5NT{A(w8q4; zRX+huTr(&kR@IARqV=I|YeyoQ=z()@;Qfh&5YznQi!xBe@M`rz!Pj1`L))MqBaig;>+WD6biBpRz8~=#!H*(#<9qVKUEy;fF?h&bGwzF(^Nc23~ zQvF?1-$=UFY}^yqkXvnWBCu$>q_s@PcwCNsM0KEzwpO{#H%Fa}y%FxIel5vG<+ctR z;Ik_tlRZtzLHB2k8`Xx}wQEUrItU7z`_h2F!Kcdpqu+J4{vZCGl@80{jY3Jxg8S?hW6b4^_`kQQ)?aLZ)-&lcN@w^%p@_>>+F zQkdygf8X21d0VnFQ)CbiGZk96&Z>1h-3-mwAnkN(y} zyurOI`~P|2Vf0VKi}fyV`Swito=^XMWCKWfcmM9nnF9Z_u>1c>ApUv>vl1n*k#w+I z+NueE^s`!Dy}u$mRYQ0XnJyR*s*I5$rwtD@jqkNN_rPcp`AlUz( zyo>+I&#ceV11gF%`T>bqy<{QD`ti9QAIGa@TD!-!PXE3zG&Bply`uCHv%%R;kT7AW z!SCgqf3!d9?$BMLM>_1E_FhaoCy@-acVahH7b0Cm`uxfCl7MQ`10fF}&Vk}^DM{+L zB6K5dTNNZhXyf!6kLsOgg7KPbKZ*&Gjdgkod$#UFf$f5#sw%U~Bz~QimMOAi=M)xl zn`E`f+*EUU0`{5^MV&hVpJl1?e8tkq{sxjd0`xI8hM{XEv=|FBp$XsZ-U#@BF&)mA zO>;0SM@;(;xV1IVz0OvsL|V*TT_SQ!B69Nvh5YEOyeVVW7ofibQ(1)S*h~J=OSHvE z8cO5bs^Zv6Tq^X$KSvw>IHl+E(7*HUYc z;s|vkppzcQX=R8TBs&(ooNpl@LxJd(kw#n00tYk`Y#wF81LUOwb%do~o`aE1bWw!i z*^$8|TBhTQT61|<0XWjSQZ)dBa)cs;gwRB-{-aIo6Q|ij_L(hG#)qQv76CV7`-)B! zp(DRQzk$AoCkIXs**w4La2>FkNOy6I9vnPZ&xHa#`;y__n$g-OQOr@HSOJM=MTp%! z6G4yQfTc4yr?QJdQB(yFP#W3@0T`Flx&I`J^7;Cvlenk`U~BL zglrMeUmGINao++Q*!o!}*P@2w{1A4b+WKgB!EXo5CIh!su9_Akyf*fwB zoQ_kn@fHI{(B3F*P@@sryVM0rDBwt9<>7(sZQmQ{Z~7qYk3MYwCFXjmfxTN}d)}g0^R$4&Ua5ig~+Br?Um9)LfCWQT|Z3S>EVIiZ>ET+wbn}G3Z z>?lxnIvWb=9?VIg@<&0+8W4h`?_Efd%*`)V(UMv&((Sp`=pCuym)b# zDX#>lz`wwCAnYiS$v?{)Z57q2LI?&5M_}W3@;Yh6z8D89`~w<02?tm-)b$_pCLi;A zRrTRZ+FR)RW?8I_T#t`h!-oehe0$gP$`X(goNS19W$SLDlR$GSwz4Nobb%w(@FA~& zHGN^#d0-stL}T%dd{?eUFSY z!RCnDr!gJOStF#jDQTa(NDnU=yxo<7sZIS9CFWmFtaLd-4~~OIcor0mdh(vaVGx(v zW=)w#XGeP`l9o6Hj3OM;|Mcx-n5o!(x}Sbn4p`mU^5BD~X$Vo#b4c z$`J&8U|vm4P1@rRMYzMdGd~1@wTSPcL`K>vW(ly&5NuG`^1!Cl`b2-}n);<{YlM4! zw0Kl$`{|BEm?dLtMak*J}3=tP@LsUo5w zz*r46b897mk(*g*^vOaA^nL3Av^4J1*>_5}-`XCU?x+@C4@EgMMry-=uvqH61x1Bk z+ZZ7noZ&GXBGyaa>~8$Fdv;9(Pk@&XIgVjBU zy^giUPrwIRAe5#+teae3Q#*G_y`O9P|{4+^8lIy^toxms^Z(JPp zboU&SA$|QL%`+3n`b{{Q=#muBR3wddF_9-rTTFCUJTv{Wzh08R;r#xD+|>2KWw{k* z!9aLOkgsI4ey&~M?8oYz)KzDLil4$vxlwIgE1Z`6^YwwtOBRbSZTZ2Q0`mX!f8?ON zGg7pxR8%Dt?P$0^E1}JCX0kL!=%pLdGdkZRyIg2f_e^I4qC)|-5_oA(2eYu0 z6ci3P1Cpu+TL$bmmLPzolGE^cGAH#5{nG%?EirG34cy&4PZ{|@|?WFD%q<^#gPSOUJYAX9AjkcA`)4r^CpqSwJox33H2+6 zR%QPZ8JGABjAVc(0xduY+5TIyioJ?)-`yj?;tWi%cZmFJLk{`coV-XCpbTIt;YT^m zK<|NIhV@#vwiLf2X1rWWvzzw{R9CSF@z7(Z3y?)d-D6-poGztGTw!sw!4@Tsd*4m?L1aqb&9H*8!IJ&Oj z3J%=fo(uD{8gk2vlJX^%8zmJ3z_=2m+Itcu(?F+A{GRvE&k^o@PW%p~o>NFbH`xg8=+8DW_jJ4CcQWOTru3HQ>$e z{mYlfV~boo^7G8<(No@`;$s73%i9w(4b?bl85EIX#7ODHx);nX(C~TX25iDAn1A7h z&4uk9Zv$wt{yZ#c~jY$&FadSiEY5(&^VV?PZp!QEYrUMjBq)Hwbpi{N7)>9{rnFhITZ%?M0|nM z?%)P#`R;lr?W3(&BN9wm&{w-K4QB0lH|+d#{utaN<7Cy&dhK4G3k^L^I(6srIb@I1 zOQ9tj^3OS^Tdl>oR)7H<^tQ*m(Jn9v-Vu?r%f`N`%|dSBR6I`Nn<-th{b6mDan4jk zdJMjjw$)C4G`mb%p;Jc*1K`eu;f<>{T=kd1@a>s?if+m;6WkbrO7q!^+R`bR{p(Da z?R+=O$S%flbMoXzttrT{?Tf34Z2s!s@Wr_R@kHevEx$}iGQ%MOQV)N$6U2jQM%B!^ zvNw6_l%p1Pa?_2$(J39D=Gn)5(o*xNT)$KHRy=4+vnXpCuPv;?l`Ins9&Shs7NO1!E0`(e9^~Sh|3#MABV@$?LqOVtZ;#;xQ zG&zDViR2MgT?i8TPc{=QS6irhp~>&Rzo9XeKF#2HCmmaKpns&jA4Y~Z&x6lWG*aOz zEAkzvKF%S{O`T$!M073gAP{+WX7Ce(b^*#Dcse_rtw40NZs5+;ITWp`$F4+GA@uM@ z*^7Wf+i^-Y{Qt<_Csg}ishY{=!bSj>#4?AwCmF+Xj%MF3tRzHg-*o~$VHOdD=l_Bo z6a5w_?SL zTk-LKaY&J&&J3lsT7L8sTx7&KE(JCVVxCV;ECgh9{-~p^O&Ki!W2Htx(CqvV$e-F5 zt);RJ*h-6Opm7WbC~1~$2bDdifi%YHUs`woSTnOA=SO_X+&c(`36T*#AgeLTbar%T z0RCXaC%5wVHU2*RI~YO-t`1Fmc>P5%R6cNRdXiCA>0mOmmBw~{5N^j|4$K!DGb@{( z)Zr9wiZ7@Za+WH+xx^I$GO*siC-+!})ExL1f@(v@SHglxJf`Yc)*q`4gcrA~YGYK7 zr&+!?=MKAZ@f5?B`4UV>?r*7VBC`_=uS9Yul|k?Hsgtn%uCHMuq=~*}&opLc$A$^# zdK^P?sOGu9Dxe33S0<==T-Y^$+s8^WJk9brUp14$LupS9Nc_=Uvm>!b>f2wK5( z37W4}hk=TJ;XLcsF}F=eS2s%Ir_AU~@ph+jB;asGqXb_8V1n(Gmu1gjsR(JhB+x8a zIXH4Y?q))!NrII%v>3h-q!ar)3y>>|Ndajc>;CEvkd+T7cbr_mV!U1~L?$yFm@)y= z8x_GFQQ^UacIEPMps?}MhVUBP6o?@JE5>6%V)E$yMk$<oIUY$9PVU~=f;i0>DMp2a9>6ul2W&L3kPFvmF+|pf1 zD#dxa)y{5>PjZ=S+{P;_T3v43ug*B*ul=6Ki31qTAf<+K38K)#p*{gvu|k zdr@3W*vi@tFD==YC=)PKG0+E>+t|J$7RUEC9xxthl9z;Cs`JFBTEBqg?5_@RUdQ7} z2GyOCq-;hKHnf1Pkr>bp8p72zd1*9HJ(Sw+X^ADXRXxP6K(lY4aYcjU@FcoZgmN@O zEEen%Z~tV#$LTlYzS@KtMc|{Xw4=tP6cOY31 zV3LX!G~p0LA);s&pb*bG;b`Oi7&_SmGf7b7xcV$55P|DO#|7ahP(^l7 zwHQXPU?5F~2pYj=vKP}VVov!kHs&A}MT?7X=JxL-jfURSgRic4?%2Mas=+kW ziFOIN7B8;3_MG=e5e?oL?)YF?G{++nY0Rw}I#q%LVkF4aslOBI$De@4N7@$pCSYlh4E# zC^^6^&zMZ8Mw^5u56=xVOIBaWo!HGT;onMKc4Xm`xp!f+x(L!RIrqjhruBlw(y*NH z%-5fSZx>YaW$Jenc|26SCoVr?EDaxGKv{|B@2Ie6V%sblI5i}DE7d7+{*Q}31x(Jd zoK`fZ_fM^Eijy@*%eEckQ%)UVSbnciR_nWLO7}7a7n|kI)`@i5tQ$iMxDeb?q*_N`-~NAaxA z?SCA2cjMiQ7U|<}^=TM+a`33wn1N$VY=b{d(3=(bscv`4fj)~)FrxU)gB8E%uk1VP z?Cv*bjg2mhTyyzBm)^tvDsJgulUD6m)^s%ZCzbZ&dheP)v3TYT6_rCOOMahc@T#HB z`GuN|{|x(3SJ@1S{X=HGOsY&%^0%I!e{r4T;TIwMfoT|Q<6E}e?_5c}I95YrvW>xl z1q;TWoDb{revf+0n`K5uYCP1ftuB`q7|NEuj5E{Q|5e4t>2z61^;*N+*T{zKi9%y- zg8hqa>!@~e%QQ_*k3G|Oe>hxOw6A&Q*St(={-n0oFSFxV?xijGRAGlNIlPcH3^ZG$ z`NHeX_3Ps}MAolgzc5bCRDR}ytzU}u5U-4@fgG^ZR(p#Hv?gC-wP9|2Ugfo)JPtCk z=J<>GG4ZFrZSm(GuhXT2@ zV5Oek*XFLr=Icl8)zmf`_pBd}I(6o)TenW-6{NTP)^pnrhgB}DdUQ2fI>#{oVl>sv z89%>8PEIrKZF(NRqB6tZ&GlvCih8?osgmpaiXYEC>KJA9EGBl1T~+Pi;K$q8s;9Y4 z%FoLi&@U(5S7FU(2t47o*F4Fkt>5dCq_N2@Tle}?$R3`%>GASPOR3qlPgE4V14}Eb z=*5L*|7OM{UDx#4al1OV?&#ORPbFRRN@V}|_^e*Ndh>^=A466f`Vh;@{XcS#rifbrth3j_tyS z`?xU2b}_+exu=7qnd>WFuaoy@?`LEc~je>x%>CWPI_mtcT>WFqD-&% z(s`M+HYq*}t<1(JtXuuhs7xpWQ5h{89sOo$N^7D=m05HKf)sx1=j$IGBK<&&h}_!s z;{xNVSX0l96Fd@g>)V_ui>7*VqesMVur8?2`&XKOEIlK;c4mUfjIUPz2G6`{5>-^< zP~l|KEYXa#YLY+8&JMeC=k24xNpBz3OUp}2ta58p*Iw((fdGob*}?wVS4}PIfP8$k zU#@SHQOEh?Qy*%DHk5rFU&Hq_i`N>x&G+z%0F7j9Frf6wt($75U4NB$LFOmT2rt&Z zTwcrgL!nbt!qoS6W~JnPn_wQ2V(peHSzPq1mX-*nPb_j$mdsIMJ5E_CR&<_XW)b<^IXdv5PnxB6?8N@GLe8Op>bPoA9eot~U7 zCXaEpqwF+V{&#Zlt*X?rmX;RJLI0%}?Q}jHChyvHV(8TMa*s00uLG$KbwP+uwswtg z^)QlYRdA&2HL{v`$vPv_VJyJ1Xj4a?wxdD)yIIf zORk159jC^wG{Edi^Wp+&{iV2>AEl<%=U#UD6%-p;e1G^V_K9}QOGEM#eZT%_3mExk zw*bp{!x^OyC&A7ylz9i(TL>S6)Q(NCYWl* zT2^IT*6qxAnZxwEqsmi;EUPTI^U{s}=wZ!SZ|~nWZ@y3yT{Gl^dQVK01 zWGpNmt_v;RLN{ddp?8am?$&~Sohm%4=#SOs{G1uRTI{eR?vu@R)_w%@|1g8_$tYp; z-JY6P7v^NoavheL>m2yt?SGdC?sM{cQ&RRVJ$k%c`{K~QJ9Oy4149tssk_!q>87%8 z+|ns`jLA~U&CNv}1AstVuy`bg<3dBa1>rw7giHWi?qg*p$H9=^YHUSWyv zxum4oCr_SaOTuMxX`o@)*e<{Yv_K?ap3+*}wr#!czvkxhrByvU9{tD9j|pDJyYsS% zE@0GQT^)teLdSrVQ_A$0D_5`ng>KHkP}^pUbI?b#GaiBW{rnbW=U$77nznFpMWmH; zaA5GrYP$rY+fB~?5f!dM-im>N!Kw`#toGSf{*;gz_v--9HKwM!|LgH5*oLO2XWNhy zzththn?5%*WS-BeHEV8Nu3wzJRg~WT%dloZOKbPuNoFmn{R=l;b(~Q7IHP%(zjXVn zFx6Ftxt*`p&z|nOjZD(uNw2pwO=yyqi#S>zAD@MTX9PXdyfeT4=alg9HS5d)QyOUm~tfl%$YNz%yPNJ9HHXUrEg&) z+dA;;;qlH|MN7xaG=prNpINM4eda}SWceOxS=oR~Zb$FE3op0CPU`IZR=xFnrw_FL zbRnF6s;a90`1;~}-289a$%|-r7jevMYimCon?M75$>HL~i}%&%+1xgP`nj{^U2cg@ z_`aFT*RS_K6L9lDAR8&H9F0HH^@@FOKdJ=<2T!wWUw`-qXPc@LtH@%*bp{5%Z{L1p zQpqa4MfIi$Po69taW3N8wF`(GmyJG}Q^5eB`<<_=*&cOEW~&Bz8jycW+G5R7Qdwy! z7C}@M?Q5y2$u$R;E3RQZ7sF>h+?kzwx_{do@5jHpxur~c_mD)v$V$z@1DoCQ)*5PP zXt10f?vzphGh9SR$M5Z16Z*0j3%dEa_x&?%^HP0%&rK$hXFR7|07FAVYzbR~AFmp_ zt()ok+3_nBKS%Yv`>UqrhRJ&@YQ}Zo&hi5|d~fQ`k!i8RdG>3bR9@F~_1d*bZZ02p z{jQmtxG{tZ{>YK`rAawCv%b#jR}ysZQ@yjI*Tm3K>xwT&cWU2!Y-M(b9PfxrFRs?i zah<^$*Z*@<)z`uk%SLbAm%QMYpG%FIRk4l7cKXhG3k%md%?5p&qYbFKXt#m97mvKP zZQxh$bwe$ZTa9Zyea-Yf)_ZTVv3VAMw<2|Zy-gQGL(f}P^9~L9ee6l-(ll9v`OmLD ze(ke9n(?Kn+Zy*1eAc&1e;xfczuOz9C0i}dzK|2QdP10dWyn~^@69`D!!?;sZf?c# z&s*BuD6%}QbB~8rIYgMhrt_l5)a=;5xw(Gz29LN&yi|gt<_q`SmCKf?kN5XzIPR84 za^}MR_15`|&hv4$x{uRc=$oGyT<7z68|Wi5qMVo9h>)BcGiHouTf%{VifZkD56PQn z`{t!ruJr4sg?gXs@0k6oxHxpJbC19j`KF0Ge;ndbG4H(FrwS)W=U*C1>^n`&yXI#e zVzE%M`9i0c&Sn$j7tRmW^zibMW*l-GQn|MC$9&bc(X&7dwnTWQ^hnm6IK*q9G=v5D zj4j_xPoWl));#HgpEyL0T7BJh;Ol=LoEW7s&EKjb&w51nZ)UJs+d`{L@}pDLyA2qT zAl|CgQ8&|%IkSK?2-V9QzJC4hXZ3NCZ0D}hrE7otm|-w8Xj<&9niO-FZsSw5CKQ`fFh@*N z8CM*ezSivHufxSY`DkNXzy(F;eQc6eksCWEZ(kt^^9b{qnkU_gZyoJ@V$XD!^ck0AYuk=rDPA63u2I>t z<;pJK2X8|SjEn{>dcJgqo^fWANp-T7^u%~~_q|=ymqtf_ZK!W;*zjxV?I&(?wr_}B z)|_O_De>^?e^%q&ojyOV|Lm78NqFJB!DV$qaGPCBLraMR)We8&Zksl3$~|Ord#htp zZB*E2qvn5gNBzEe^KdrThmTStB3l+#eY9+;j(jD#or2-7VSjZ0eESqLnZrA0KgTI? z4!7H48)a6JEtb*d)id|RR5lrz*4bPh5*>Hi_Ht{!{R${{fe~;YLzk|v4%nN#J(1CD zCiz#b2KTYut}vI$)vPkl+B_eawLZ~gzAX3pv@h>We&}tazc|_CVx^~VjdRbExHU#| zdJ+fT8sOb0%4kgf+GlYaY;|r~>#T9iPn7gajUH1+l8jmXq{TXRpElYSjhEZHYW-e|2DeLQ9G^3n!)_B=o zIUOBW9QAGR@|-C35B2+Hjyf&t;$LhnaegxV@Y`8AXMMHzT2-6~wcY-;FfrHU+LQ&W zqtsP@{o}xn4Z8Q&{B`?D?YDlzqw=eJOfNo>w=}3CVbA=(W@VTpq;%dpKL6hxN(y;? zq3-{h*M5ET|1baWEih9V{varw%B!vkD3}}6cR@nYg5L8B=ZA;mrC_h%2{^y&ZMD|R z!HW>KJXpRp=FQcsSBK4-709j&I#{iBwpWST+P)p2Dk)Jp-h_+m?tX7&1i`O;7hH&s zR|kB9&m=R`(9qWL<{!QEexU!PU10;Ko`dQrFuOeKjEDNkK7s53V z)J_YW6qp4NG|DV=wD(VjhO7H_;1EGUt7VA%VE$j*$B~+2dS~BH-j5$(Vp~aC4nc@N zOf*5N`1UovZ14`oynQJPv_1QHo9~a?RZviEN&BkN?2cRZjA0 z(-rgPQ7S+@ID1m>A(4;jd^L9WoBP5-1gSxt1AU8J&CTQF$u3w*aNp>N1Z46x0h)Ec z-Snyvk*5G=yu9$6;79eHi(2=XRIl5yUL{4_a>uB{KRGyP3tO(z$%RwlIMPpJH>q)B zx_RpYd~aJ#r|U4bPPk-+Xhe7n=+=fdKR=EEXm;(R5wKm;cE7$WJi1(VhM3&N@J}9R zN?Wxp+!3Xyuw)C50ZR0r-u}_+uGEUQ`)BG4f@c=HUGG(5wj?IUkqehLQ2QoBN?Wxx~k%cZ~Ml|VA-dufZ-@1s@<_M*nQFc($^61&K z(2Ez_FV7+NMg&+Zr)dfQ>Hb6(KwRPq9+wf$9&eULT6jnb5L~%`UF81z+O^&_302nC z8!GGrLd_Z)q6}l>nv3iIsWZv!Ge2pTY5kk?qrD%;ulks}t={95?xVX~ZtlVHMM3%+ z^QxY_#>?}w0bV_#T58@1H5@vf7wV=r8jpk_DK)8D){V0;odDFG zo}SKzfT&^Y*s+WqANa!=iucEvnIn32CZEizo14kA(we_RLWI^8tZBh&@FyZrs7mLJ z_FjK;H@qE>JvF9yzT3AO@razbfByOB{Mash0X+3mAs{5nj*aE4b$c4XzN)HBB|8VB z;lB*ff~N`C%FfOXP>-XWAqnm1@%SOMZ-CGL?9e(HxaD>`*UYdly{*zt-V1Ph0a|^J zA-u$W2D{6hN^zA==WhX}2*b7nxzwI~Gsl`t1b=`S&)>XR0!$VjUMpmB>~MTMd|WuY z9-hlb+5Q=J5`hn~KT zjTYdiP;a6wY!x98`gxbaHR!d3e7Hm?5he0(agU!pQ%abL<({p`R@5m_Jnc#MycQpS zPB;cXy}n7^@&IM9qRPE(0uwOjaYPHjtq|C%0Qd`y>18s>!^1U%!~MqI(uD?wQcPh= z>6_p$b#&?q5L(hPF`MuJqe2_e^DaV^CL+p&Mwdqt0Fcij_Y}gn+FCn#ntNl<>l@;F zum=(8Yfe}uq`;ZLYX|gsTE)<>`NMhKl0VF8Tl6xyp*WL#SnP3rrMo@Xz3d*|bKIfK zb_LjFgb_%n51a1yOSvl?z@HOky1_2B0vGU{_Y*v&%&j4j+>APr9d_~JFUp(;x+)>G zRA!0^;jT+bpOA^6O%nsN^n0{--E?%2`uxH-ELj_+w@^%vK{(lLF5*%)G0aBDQzvyC zmP}-X^jcUjiE6>;!^68APuu*Xxl)gZ0ZiC$%dZ{@57tfzRBqN2Q6$9ONcPqGbMn2~z^;>9B(`T*IZyF#W25@J?vw4J@Zn8hOo9eK_9rjFm!ebJy(}%J$JI2&1Wtc6p)DVUUf!Z8EbS(7jeE6^s zH<24$deNRdTDU5JLc8I;OM3Wud#91E0n)*f%eY~VZQh;-%S_BzfQ=NNfts52b~+$n z05t>z^!@wumCo@UA+Ek+d?{*pqJ>c}C_P2!eh!s~xCb+p_g`^Mgels<(6E30Eg|#- zn-E4q>hd2r>t4uX)7=-W?n`1L)ZKXySI9PAhoMOKN^5YK3a2#5FJvmOHZ#k@6DQ`;a!QL>Gp`J; zxA4~y0#Ym7P^@vu=b|yi_c)zI;uiInkn^J~5-v8O%I43(1ea#ZKV_f#HTl8YO+S*q zR8u-sq2Ab#V!2>7c!pS3LfEN4Ivr6f)quzw?(gp9&KqF zFGj(_t-`Li)(lll5*wDXjzB#t#uSUlg2p)a79B3Ca4YJ#*XaP2D^<3r(Em2-S>wyA zkZ~?)&WlrN43abrR=NxroQ*U1q0kI-ivQYBqHVDx^X<}Ei`=dEdK6fOA_bqF1n`ZtMB#`JkB9(dy>#VD2av+>@b5#^ zJ$=I&{#nBqC^5L!o*WWLMBnTBtNWtd5#!;+XJX@N%{6aR#U-JxEFjr%o(XLpXw zsV8UX1h*OwfHP1PVk|gEiD4Csmd=#)_ch^e^`RsK|b87lt)ZGsqq z%j2Cx^109$m!RS1*Z@NZsiQa$R@%lgoz%yoXcI2T8#YBV5eV}zic|+a?w`@F)m9<^ zL5PikQxa@W#{Is!FNcTND=^Y4)y$A;dQIMX?+NvOc`>%*`eOMnD9oEHBCCWQMASv* zZI#AiGK02u4I?@12wW1*f8iqyQ8a}RF1`7bx>(Yrb&JiawRVDHGEur0l9K)fMgqt1 zG?Gg}eT1#Np~!J4LSkY5eYokEG^Yde;Mj@8=rDyac7PuPgpp1O*Y3pb-}urm|1Hi1fvk75`1Wv})bDM;;SW9-)2~`;ka30`8+!1-@_0(Q8}Fk<~=L zzi5%Uvclp_Oal%{BI$>T8h9QH_2k9BmtL9f)*AnG!LP;B=15u#B=Tuoo#Nt+9GBw{ zzr`zQWVCd{on9r@FT$>`<1Qk+&^&#^^x5udG4|yvgufk!XmWB8!50`8v2BX-bPhAa z8(KJm#k^O>3i}h1Q(IdrVz5woZbgJ3hHc-wcQ3*>`ug=#VtWP!6cteK6A!{e7-e5h zm~I%S3CumvE;1K!L#cQ%4zuf|ZJWHe`RgtbLeH(`yCg#0#E;FTj82u$6uVr|iqd^E zXAma!edGhX)-y32R>Md5o)bUc@c>3cvm@qA069(`(h$dC$C)CsvB=USL$V+_Gkx%u zy^hUUjqT3&>{$8vvu{*$;9}8d7JM^0qW$jVj6wB3mo-b8Z>cVrXK1+fLAb1p6uSGz_Hl`e9S4cXKOLc&KY4MLfx#cy<%vbj;Joju#e=o6|TTt;1{}!JsB15hlrwIl%4dw0jnb+7x${a@?9*8c5HeZQa2`+W|_c^t>7ezR2jO4rHqlC*ksbVs;n;H-N>p-E5? zTS5^h{J-!IIgQ$ne%f~b%GAl-|E`+z?{%f;zP}rMvj*`^-Bz}6A|XgVv@7;6Ax=joOe@{nd+}?9cF6dusFC z-dD{Fn@qa%!AxP{xFlD1>2R|(RZCm8&(QPxd~?M15qeowQ?>?1P1HZp+Iv8;SN7vN zgEmFWE>62~{Zn@Fm`%%uJxjdg)?LfMO@D{t?2K#B%q;$x*NW zJ~OYx4n-hFza>mt2-+sj#^%m53dEYE;i}OLbVs9$EiL$WqKjagY(stkBL8q0+joP96&rku6P)`KqSuTn^ z|LF2=h|ecZG*S4_F7)$L0~h)p88A+SzD;^O=wy~pm}3~hR2O<1Lm}XQ=!8)pp0s>S zO+XeR{!wsoiW!-UZ!eONK67ox{PzR+!6e36R#x$(FTx@@8u%v58MAtERfOF{lGaGN zU{~f#FUpc~StE}D1+iLcc_>6MMaVJ7CNB??uh`@7*$rTGGl4(~H_g`e7Q!f8vQ(gW zn&s1lyng#OA7752&+GiC2Mt(EaB|j%e>My-%cr|%s8N1XBW{q9QBb%#IFM{mnK-d2 z{Ryb*$Ce!WD3}iyLaV6WTs&9Hyo}JXR zFxSXm-p^KaTo4}uofe8K4X)VFkr>FYvU@XZY6TC+)@s@@7ZperPgfM!@r}hdj>2`} z8msBb1gb}m9??{LqJ?6W#LXk|Jk9~K4n{*-nL)l8V>`7%>3*sLwTC!wl{X}Tc_ZQDc@JX>F`e9NL zz134tpWo*4S#$u@=1w?M0Un@E%1L~u<%55rB)>(v=N%svZRu^@_x6?14MU8|zYSTP zR%mkJnQQ}F<}z|(`kq!@ZuDq7bJdUHRpFkM=erf1Qg4PXf`ulnDA=H%?2PP~JdAJ) zwvl=?6`uhXMYV+B$Qliq43q(d$#NXZet-$)XMM7@G&ICvp7#KsC{Xomqzhe~?7;yJ zqKG2DI;H$DOW=fYs!@TQ)xs}Tejz>m)2B}_7UY}T=u$n8baCm=88waFK_YnOE-s?H z8J5jtncV};n4jH&QfXy|Ar_KUM8A7ec2IoWxg_iM?fKN%;7s_MExdOq(gm6_jMj%N zc2L-h63^+EA6kPmF8%}J*76AM~My@tWU`-<&7;=^-eF$QJZBkAL2rm zp~ip#IKuVP&?wouf_sHOxEjSPsfsF~&y%w>o4+}?K*4=V+}zxp5m_>U9)0BQ)=@js z>!d71^@-?s5}DV%ybGHL+eK+XF@wfz+yZ1_q_$quM;srbVFI+0)3Rh!f;lwDGQ zF4*(%+hDjUR<~WGVGnIZ7cV!RkHcacv@wq#-;}OHjPvDm(Ji4NS2}$3=-=X_@+SV! zFHNlMS^=yJ*sFwzL>U6z&#N&AlqMVoHie`ayUD58*n(T3kY~fht8an{&05$t^LE*9mzIN^~M>D-QZr{*_kMS50chi1M6` z7BpA8+jNqfhi=>9rMSYwQ@l|9CX}E5!t3r=liKTbFOFx-{}!`+ z(@T~X78#0%Ol!217)y~3IMuj&zkZvZ|4e&6XfhcFmB5{inZB79UV}r&9 zW6w40QiMCs*%)*)9!Rgo@1o~6!VLGOQ|Hd}e0-`Nzb!G}kO*YP2Vf7J=_-6n&}3e5 z{KvuIV|di1z-;$$-GXZ&>%UqYn$n$GxX<=bCOwu+Fl6I1ojOa@uH$dH-rr+l3QNpA z4a4{apVEK2D`;_{5@kX|1Gs6(?PdNL@rEa1N?amIwBirJzXi0B z#pbscjLFw+)~uOW&w?7`*nW9KV~iU!cQ?cCi7uo*4~Vpe6M_DMbskHW9K+Wg+gABO zDa($R+XKHd4amfuJ~T9&sl~?Yuh@|T!4Tw;>kc3-d$h?7C!!XgB8;^Sy}iJ#qixHT z`XK$ZP+%{RBXE$%*mUTFRfzoAwvjs;oN7r!3w{Rw5eoGqf}hYoR$=xwYUa##v^^5X z=)xjwJf59j0esUg^_hFZ>GxaS8yFZ!G-Ra|)?TQ}(Z^^!aEX5;l4uE_hU|@Dixa|p zC^}i#nZg`qDllhGXTC9+1UBJy9zxKM?3*`>IM=4Xx*9Iu%=2h$SKRdQ(W8l!J$GU?0Fo%Ln+S`jU&++fk!CI}?bnhP z4H-@lk9Fs+4cVBgZ?o!%QAUYf|4)T(5wQ;gr=+g@DKoiqF=YNgOUUqx5{|+*9o9w9 zddn<}W2vc6-W4K9AskRvE1UlzVq4?6izrXMigtR1mT0};g$`? zOrGVp57=XU_73d2h>g>xE6W0yZrvK=2RZP4Gwh1wqm+CsDS_@(xr7m9rk{+ZzXjMg zI`{OC$BG}sWMsNO2p|ps5w#RT49QII0$YtlCwf-vhan8Qpe4B_Gd?AM1dV2d;PLFbm62tfMvW1v|^L=V9O zjF^@%B`7eklij}T?=KSpso-(3NkZrRW+aGE*aZpUG%n3C`p&k2RY>(gcLvw5g`9`O z)!Czeelw*U0Za0MU%d3ui78ED)v4tGqb3J%OvB1c zHYUCy>tx<$s|An>?@_yi8SpnNbzEq@-4HL^eHq z+-3iC6P|VrkW9OUcMc4$Z*KJOm*1YfvS~LniOC#Ch^j?QhGi><=`R2xasXt>BCKE( ze-i{J(~r65La6a*OVluMw)d-^->a!ZtNIHUE>sMCXPO($ZfUO#gY2tH@ zjz>kExdWV23m&-x%+e_gw&=s-;^Qh#Ea)s?H?d2LFUvC!|78UR3z?^PlY1p)-RjD_ z2|Thlx?5vv8nHx?k7@b~h(@(!4X*G${D0s&y&V%eReFOKia!~!N|4j2I(wjU!7*6| zr(6FqpPKuJ8Avg6V5h~4KkUD}`(U>eKo`hmltp0KEc@;wZsNRMq6ceOf`>oF5>QR%7<8`MGJsSDrAMJa-1;s`08w3_d z51_WMDl6`#R2dp^a8qKH(Tk|;MC3*3$G5*oeQby&MVrmfZWzjPKcnxKN#k%pFwUWay7+d+OO(ofVr}7bWG} z46r=^o=WUhW^&EiUu7Bk_lnExmZU_d9Zz0lw_vju_zI{APM-Z1ubcRSs~ ziq@Ew_kt*v_j>n5Z_$X;*;lr$aG%v8Z-C~tp}O6}8pU_Ec8&Sye)`MD_pe*T&Aedr zyTx?fT$nf94ZxZ&>*2xs6>q-C4lN$o2V+mY7X_+H%_cY^^tTPMtOTo?G2+ zpYrEb$}RPt_@wk2r+G5#qpJyDx+#6U>)oQgsTu7m3TrAy4rma!Jo5AT_P6@}q5E*w z{81J|@3gd?>NNK9@;yybm4DHlp;Irh%4WpPx!oR*~DH2Q(E2ldTph}#zmvY z?3wcYkiqW_6{AcyPW$>{$G+w&=Zt>$@(sIRerV0?qFE33zsBWve)=iANe_38rd967 z@;5v}qZTiET-?T~L%i+DjXuePLkBnN>)iWfX{2+OIvnJ9T;35(mNu5 zqE6=&=RZCB0f0=ZSW;7Dl(M_yW1s3-`*Kenol@$lV7d6%DE|@exyOIC=eE739m^iQ z>eKJZmE8DwHJ5esZuGqtHgWo;lELw-cWp`wjo)|ByuxGPoxvT?pSgZ}i|ek1to(3q z7C+}@Y}ZF?zKz+aYdL&S=$=E37JF@JQ#5r&^>j~_wGmCzD}QzNTdq5@XP>tD~*vjACg>^52d% z+hu3qn6{G?teFRce!r<6{}28ldH1*cekmGT9cyfA&htZ~cTM!%*gBb|qA-sbVfNS5 z>}_Jw4S!pfbipVvFvud|5O15j;CI_jJV@d?*M~nSZk)8e;RYPM!4SjT{2v4E~T z2UZXe*Uh!@)-e>`jGC6*K9c&Ng=M}j<2fdrmlkcbEv?*>?r~-|E)>xZLRi?mAl}X@ z%sR#rJBap|6RB>$Wlur_wIF`g{lhh-ja0DT56JMEY~!*-PZjTAg$;*J(s+yeCEBY; zjjD(5W?#5m?4A!@`EibB2Rixp%dNdemkm;!oMvYE%zC<8Ltqhzk;Srcjhplihu{hD$$#1P^BI5eD8Qnn{x;k+su`D)eU*!tVg#xJ1o? z2qP(B0)Z2nMLqn?H1^_9gr@Ko(_wy;>9i6SQl9hdMMaFKInrbAjPLEo^#F&H$`%3> zT(kBo*l_rW{lqlpFgQB>T+)ZegK>q_-BnfR+W7R}dWAw7{G+6O2@d>p&=lT~R+y3$ zZJmobFq0nkq^+5Jc`yETR#y3}P@t)>uyJ`lz`{a+5*b*@I1yw=o<&~X4C=YqRhoPMp-}n)LlnqRuj*B#E7_k z(NW*qd5OM=GG2ZMz}jTf%?oro)BDv!3_W}BLv?L!Q^mNM@Gp#xg9i`xx%}cw**ggQ z{zi-L{ZYRj4{G7lhkN}k2M#~=)Go0mEjn?*yBO2#VA;L^E(K_#;n$Bh%w7jsh6=0% zP-i-K4P7uzg*mDX`?!MHbw%z;jNb)#qC)`yd|3KTye_WH)CI|1QVTMT8S9wkJ=DwzQCVzkY@awBqQQ-M z0k|+70v3fO$D_o=7sd{4CU_)V0UBgkz&m0Dv^>3=$D#&s4>;>^+u%v@TLujqHUZWT zEhRUchCTPM`eGaq8!MZsgG^bk0(fONT_5m}X9L|G1Xuprph3)0h5W#0i})Fvoa{X@ z`d>tSh(_>CT*^YrS1a&AW40s3cx>t?>$92bKG2rpyP zrnn}%_cFAGj1Mx&>^^f{8@s-{Sei0z=1g{n2DfQw6Jv?`41uFnf{)Aof9UgHWd?y& zodsnd+j2F)p z{EtUMO6jAu7S_Vqy@ z_)aL)V`6SU^ak`DZ0$g1VT2+J#zC6t1XzVO$a)vgi;yY0WT0(guNVyKg-Y}l>d(!a zI!VzG<-oj4+_zXiecUl11J)Uq2t2l`M2DY41wti}3GgN+hk-xt+FXTb!d(F*G5+=5 zTx{fLSX)n`1b~WDSJkbq7n5k<55?*`juPHhq{$IgFE(7L`&9-6B1n$k`(VGO$xj%0 zQerPHOZz?pT??eHixtB!j#;)WKH+rQRmBmAWP$|0C7yQ-0qOYhg;_y!%)N5%+|hIQ z@|`=)!eSgoC@5Or8Cp-t8J}nKFNd1wK?ex)4+D~LH2er`#*O=frnCopuYrmT!{|X| zuC5@q>|tRAHfT+1R$J{UEWXE)J`6iSjtlq>YFzFD#uHFC)-&1Z z*Kc9Q+};e^Dj)xX>j$Jc8Gi zc9pG#*UaLFPET@w2JUqvIy(D?0hT(>qo-(A<$+yw-vwb-ySbkr~0vP-N?uc*?h5=Ogpli9Z9^Giev3L%7i)& z9x+pI$z$gHPB`+NIdewid?>%Gb(0q>Qy*Peg}Yd&NVeWiXmwuKY>dVIWTQP}xH)lg zW&3|3kqY3uW1w&i(24AC+S#(%>?wVBa5G^C6Z>-yFs#lN5N{Bf&0&a7%gU#!4*+6KrEr zi#V3|wt|8$#o2$L+9;LgjX3>1aD%I;ewg6Wj+h~wOCFbR+Uhzkg)E_ffF;L;c0qO! zotfQSF@ZafTiUfrLr``?w(72|<&zuPZ9ddOS|0szhGBiVZ*0AdI5rM>Bi~8P&3#!t}~=^__O)c@?0;`{lk9y$`Cbd-wHwYknZ21TdR;MnG>!#^e?xsJ7wJZFpKJ0)kKQ~I+Z!HJ)FueUBqt} z+O{yH;0p$h8f+D9!s7#b71u^gpky2ZbCxb^$#M^hzdoyiSps#Xef8de@4t%LOSA8DoH=a3rNnfQ(gF;a_Xcv^0nPIEqyif=0_WL%TK&KV;jxwBF{k@VCSG`^&St zx9$!O{^`@F_8u+a4O1C)+Vxud&WZu*>JSWL4U5rW2*Fq<-4w~Omd&TGi-zolo-r{#lWa2an)+MDNbYV-4YQuqpBw< z5AJ@9m%nJs3=0`g{L481+O>vyp|?A^L^XB=5SKj#P}eEQ_bxwUZf*|74~PA-o8AyZ z!)CTEGrx|~jyCIoX`sAG^qI1JPcds`%Ot`I6J%iPpxp`|PgvP5R+9H^s(q2PO#XrWX z#d*jLXm@pLzhP&^I~g=+X~u+U=epQ(?`37ft3-@QC`fpuz?VYh!}OZONNAd$zU#dgqSU7UEj~La_##m|Iu>vf}$T17pNFt2cEGwG>%FmxY zW4Ii5rq$Q1!0oJrqs`e_TvDkg673cBGKbhRc%!zrnUREwnfV+OBB5QHmb_kE&j$Hs zmzMF6Luu*xKTL4Wvb6Bk`;H`U*=uZKV$QxYKD;dAqY=Q85jiv>>~M8lo6b;;2!Dj_ zvv?uw%d4;5csKM}CQ+UYl&KMx8ti*cFDx8A{=LT3Kb>fXAEd$MkhM^Z6=IwujC^5IXF1Di zuG<_u&is6Gk!iBKi_81=+4dv4ZuWV*Q-B@)+gLy4-aKZ0=Jbe@Ypb6_Fo7^lyURB8 z*Jv}0hom!^!t-1^6cVd&`A)%O^{ZK&(B+<{~)#DK9x(E#3nQ}%I7As zut=rakvJ=~ib*@r{f^jd%p@1Kd4wtu#lQGq*xRcy#K}Ky4jUr*=*Rt$ET-^yeTnuQ zaTa3=k(Nz8-n7vMSQdDBZq*v}Bj~B)8Q3~$N3*Aw`Q|(5hfFa|eqD6-ot7mp%(QE? z7>uMg?&wih^n-FR5@4SlQ@!8eh?JSG#OFpwMJt9cBf4%pG^SbLsEH+lLOH7u9yW0+=AcJ2eDO%_Kaa=(aKaA z8vM0?wkDG@#0tE@y&v^qtrtOZZw@uh*QF4X`7fgyio=`xbgnFjhov;G zciX{#!H>=)jpW=Q#+N|H1HD9cMRYXOp#Eg@bbl^uBZh8*o>IXA+#l-5B zM?G@WOHaKJJ<(%+%7b2hUk@+#ocipGm#s$AHHlwh5>Ay=KMlIzZ&VhOFwi}rxv$3E zBHyIhn(AB6Iwr>!UO84!_obMQSJ!OF!M2C}ake`{sG%6E#_2rab<+;fd#3waUz@b+ zwszsSjP2iXG|DVbfBePD8b(c~?oguotO1G6UD=Z0<5AwOwWZBBJdXpXCl-Z`KR=4Y z57`UGvGAe3eS9>AHi}*ySGT-<{Ys!J@G@u4nsrS~ud}mXL5H>Kdf6wYUxQQM_VeSH znN(gYiC*iUSm~@2VzJ>wbXxKnqaPehS?Unx5t+TuBLQZa;xxM*HW z%}+eoZooC`p2E@GYke}nt@@rS)IUpM4{o-ZRDTG&!B;zfX|K>64*j2n;Q!zJ!!57W zKVjciKp}kOW;%WM6FX(NuPDJ-?`D?o?mhj}qTet(NCJZOD`>N3Nc+%?plHJuXX1c8=YK11VH=QF|LeAtn?3u~^Vtr?<`ZS=SHvmQ zM_l2yCz_UPvuzU*?qMWh6yb(p>CeWUSEypo^`~QYPkz$mUT+7p&EA`+*D2fte+rvA z`pCZr>hwbzGQ>eKxa04W>RY?qE9z>Vud7gVZt)qReLbOdSx*@2Q~K6BJ-hd*bM22> z`u{_`7F>SdKsa%xWKl1#willd)M~@qDm>$?`z~hw`s@gUDUlk-ZD(3k?oF&Ym2@ZB z@mPoGbnG)%$e-8R zb^yU5HIu%O7rbgg?BstTt%X_^sxp@Tp2CK(1R*pnW`6&zqlsn!DIgr6Squ$^4jl)U zn_Y~J-mAjZWw2|$py}HDUw`xB#fuhN`EGh*_ze9xiAkC1U$(d`I%<+2!mL_7 z5fhUZJHI4O%b!OKaG_Ae%HX^rm1T?y$sg;DUsfEd8$n?>d2dSIm*9($E-E7ZkX09g zdE-p7+z>sU@fA!7gE}NfYdMvdAn2mt{0yb^F1ZlmS4kz4TIvHRkfOiA+z5W$)y0X0 zZ^rOInby%OiNZT}--SG9ogHCeLCB2lk!-V^B*PJCLNhBqPqzi5f&BM8RglTx3k%Q8 zhJD%-7mw@*?b=iVmV z=?Z<2tp7#y(Ui!F^$f%c`QD#lAyf!m7brm%mw18)33!A?R#xk!kjOz;i+1XO%EHnm z2@UZol zdBi|Mt539cS-jX$zAZxH-g_otNATaGZgv!TR(+mF>$mFlj`6ZxMbi0gQuE!6>|fNpF^^RczXTSvA2*M#iW(Vb_coWBmb)KySj`AX zHo`MS`;WBD@K5ya&PQ8m*7i7hXo%I%)vL0H+ZuQ5_`Q>+ab4`URR~a?Y5Kw|@^3k-;Z0|1H1uY40(8l=+kDWg(I z{BTm}TbO%RRb4l6U!KC-9ZZL~JWHWOux{&ixj5kb^Rl-RG$i1yDordHh7NA)p3n)s z5#pG}hJ~w>0r3ncC79Zkd{vsd*?Sk8G7zOLI@(59LN$0E{6XVL$Du^&`Y3(vaMXd| zzx2U@%LYJiC143MG^o>SVi4m|iE*qSrO{>Tz^4=y!|%R~!XvQTd}z^N@Zgs0^wP=e zYwz>&563h64g@2bx`~P1Sbi`&#s6wEl5oWShQRlOVA)9QgZG#@7k>}dPrnfyLG*fZ zL76%5DrKp;N_xU zRoRSuxmt}g$+zwvmbrBQtAVk^D+=h=P>vb8w2(qmB+br>+ zVtC3As(EziS7!!Z65k>jTu>Olx*pwn^i%f^MuYC!?C6j@;QgpTWA#gPg!mm(anW7N zFc9zr=+`YlZ{z45h{XL`9?EIV0K7Ru64_)6y^GWdR>3@9b)B@HjT=*`oA#_Fz=B>C zvlHu5;`q()V>UogYjUT9`P|g1i|7X+=b^KRiu!NK_A~G2EtcMHe0TBwOlH601|paJ zA)taRfvyto3Jt&Y*BuAbl?uMkSE0{Ac=qnYhbzuH*e8ypCV{`j(ub%htJ_)ail#az zKT+)G6o&AV(nxSjaLv2VW%Kr{c897O;<+_mZPnkrG)c_G&U z6h1e5G;U;Ni5*4M0MKj^jpq2*R=^wJzX0`sV<-i0ND(2r2=xV_%W^((>eOpi2 zy1MOaUiXq-Omy(%6g9u9d9t%uBksak=QPH$OruG0OhpN80J{KD4YbWM?h0i-XM=9& zLhX+d@RAgR&EDV8)khaaFrVS=jOzdsf9Y19}5(sR^N)0H;@uya$0f|LgGQut$4 zJjYcOC+eD-*Geku2hVH+WdSPnxO`nb_otgN&xG?qu!oYv%nbz=7a=Oj>*bX{V2D_m z2~XzG&}@;_;<-SXKiN7QoJX-92xOLML@A>%6`+uEvX2M5;mJaQ;25e2Qm7n=V8X_qC74N#1;V~PDhf0NLvX7#%DckVsXo~Ht;=C3`H~Wh3?R+n*kW6Y`wh}WBN;kSE@R)PxJCwMIZ1Ai$0ra4Cp+c^HPO?=k zUd!;|9is*ayeO&*F4nGa>RtNf@Qg!Sk0OF4+%Sj(TVgCAS;l7sXBC=zU-N;j%O+71 z$U8*5+Zmq}b@dk)e?2J{W+1tA>pZp;r5B&@zlk|1i6f@PP_H{bE z%Xr<$L-B3c4$rb;hzfevxj%pW;KK~Q2|A|~QeoEQ%*xs9LLc00S$Rf(V6mF2@;-K( zg?g=&RF!gs!UD|vZf3|#+Sz+{{c+<9;ZEj#oOb|3rXlPT*qf04XOC;vj=B97 z+hu)uv9NrcTlMOII{PKf0`3>u)cz{YKK~%2!g}JR=(LOHrers6tm*J}adGOw%91ND zPY-Uka#h;R7NalN;Elk|-=6b!NTV_-y*G5L5lBvuGhckAxW7-Ta1a?A;S(Va}BZ~82)^h#ib=X|?k2h}Cqp*X5A12uegn4Jy>lJIwrz-=a z?z}Xi+pL6|Wndu?34r(_;U61xhOM*XNmQ$;?8gDv>T{U_+EmS!xmuT&s;icehH+an z7+~Av%x^2XAk_kKeA1;jh1U1EG+)I{9@~K zoBoUL^*jEcAobkF)z!Tq3p#2kl&Lm$WdlD)ul;1|pOGDhta|vC-t(m+9{qnZTr1RD z+b|NvoLf?~vD(xoo(tIr6@9u#C1)d(`_{SLUSbjwn}d?dhtJUYtZ{ zo1akP_j-5hqA>INi8hn{zR6a<|Km6P|NoPM$^5^4J_=tvX?ah%cvSqnSz5TxyS;+- zy4m|rvp;rq&UmeqZ_~VYaxE&izIhg0BTy@UL zu&*}$*xqE*BfFM;HPj2H+7#%XwrM}0ndYnxvp)}OuhTgwWaQ4mmvj35+}5t-r*_E5 zejXQHEl$0OY=k|`v!sz(ZhF|5L2F=S*U()cwbbB$vJP&De`$5bD!p6AhrG}m+TL62 z$C&Nd*s9bs-ebdt`f*J+nT@jO(Ix*~=kMjWR5LDAP5LAMcHW_Lt#Q;WE?UMnb%aSiIb%Oro~#C%;SKO)y7^AV5#^O`WT@guHKKgd|8NkhvP z6X^TUQqh-ndTv)^&*G2hXxIB^S-nW{z>hit(Q&!quOZRnIlkWAGq%PQr3E(_njJo} zR7LmjnWs0ew(@yo?{PihT$?*LW1|WTO>xZjAX9Z^o%*|q?E(WDv<*}3d;-k+5UtH)C@HjC&a@4l#*T$4( zIWFArE9y{XirJck+gESgQ%fJdX5FGX@3`oUsZTrgnvF@b2+^qlsLP-Pf#N8SySzAY z=b=O9J$JA#LXDVQy@qkts|viun8Hs-{m4Q^7&d^Uw6ruLGGSV;q8 ze@g$}XqI^wwLG%#%o~r4k0;N+Tz=LrXyrFu!`PB|n3c&7d}C-V9v8|RiI*5qivqodClv6XvlaY5 z3K`KGq5`A{twQ7~TU#K3o8`->o#!oG0tjwY6y3jw;~_{=2EKu#%wq!lU;qiaCBx8O zOKI)}xr6FRr7f5l?3~F-GMk{50i4Dwl5vl^vZJ40VH5jSY9l7V!%?EfgBs>Z;Xc=; zWH$Ad2$88*U~>G)EA|2l!oibB!^YMv?fMBz`Sj_31%HK%1lWkdI0sE=4nv{S0GxJ zDI7ltW1ho1o-be??7tws^SJ}bdl(Qi8I>2o^imjmv>aGo3LYsGJ_g>>Za#YCvb?hz z7%SvHF}UQ`F-i6M`ffT(N%<|1SXg!aFT{&BWOpRAEW>ttczQil*Fv9HEu>ha^`SSx zq`w|hZt?hos(Qd^wRmh|lKEH0+2w)%6zU|+=y>w>0w;E-LlT#f{=v21=8*RJC748B zsX7G_bnjj-K#)$OoUmrBtNjH6SuP}M`2cXoP?}O*UU$}cS?SAMStx)M=FOR@AmwNI zocM6~Bu~Gk{_Q}CO6AFX-KCF}CwY0e)f~x>oHpa#Rksz-KEn)CI5CV(jgBltei zlcfP@OaA~lsQUaxRYXI7TIi}|xF_S(bQwD>&N1r#0HL15#%gn-2)e>^SNO^zcW4h> z31)Na)>2-D5}hoKbuk?W*btcCy6hNB?iW-J>P+dC!77Mr6hey^H@o=Uoarfpd)CT| z{TD$F>W8p5IheGTG>j}KgUAjA*}?+POi~M^83WIvhO!=^IV-zh=pDx|0H_5*9l?>1 zOiW*aCe1F1#scJHCz~3woQsfW3ze6WO%^JGeGG(tAlr;Nd_Z}?NSIDT90X;^?uje{7+K-VbObgs|HsvZK*+>r>Ty`hrm_23C&s2WK)*8dCVYOT zZtTrgd15HbJpz0?zw}yq;%(!b-5V%Q*xdx(karDFyf5*vo7w%~y?qBRo;j>>@b4{I zE_qw-mKJ^lc1Z`r)vl7CBKms3Z6wBYdlUI9>pji z`ADP-xrv`5=a7b#kSX+P@!2pp&oL_*%}y15I=`Dt#PK3+GM|+NIGK!8#Y$CRKWtQF z9W+;jmVo%{^KxTHN*G!}eloZmcXiS^wmm5y@8%edo1$=c||M^iyW1I)5t3et0<= zMrDoNvE#7*Avs3SB87M9GJu;1d#$ph;8mqBro4=J>Z2MZ8IbVcTEQ1z9O!d_p%_IF z@kwGzMnFf=Jxlitja|P{&kNrkyP9@Qx1I^lars<;FttIu}R}GDRHQURtiAKH^(R98`LPqwJf~S~Wets(k#PLc1n@7f z@(Yy~EnfT^e7%Iv1h6+7*Tj%_dDsW7qkb11`WCbwz1h3ZA43O^U-M%1zWAuY3oRT9 zY+bk3uibp}xpBw7+4CJ;W0u^{F)jN1%xXb(Zmaakj^93(7QPt17lPl3%f;H~i+9~& z12RKkwe3VeDiL;?zTQRMjuxy`n{XuzokCP zf7gBBlfR$&R(sC;vuRN67G3j;hMC*b>*A&y@>kX}*q#veOl8uzaT^<*dTf|bmA0qW z-lfs6`wQ-0EYwc9e{isG;{2Fdd+$H+PHdbWm$a?q(Sy*$gC%y~6OFxNe6dF>*FK^? z`)t9yxHSVG{MB_|mp{}OTp#*&%uIj7J>ysG*tox^#+<1emm6lh{yL)Lz?Fl1U(RVe z^LqERbqyCMZxi69-BOX@dLu0uJbX~f4On0+a&bXCm{ZO~`cwLo?)2P1NR6<7v zH6JseD!**<;guS{&7Ur~*64mYpZnI_ZdA2P^nr#hCV%SdjXNWbZH1SWS1I2cez($O zgMun7;44lkGmpvO_XEu;sSQAv%lCr z_a2aThg%mFrEM_&T4L6&nSY;4nL?RgL`_Yh((4`bC^4rIDbJY;@sW=Cx-Bp+5usyj ztlyLMAV-W5NetuX&oADZot>41U1gVD?;oe#q)5@SNjg36>OVt02h&T-OcePCF7KkK zgWL^0SEMFPGN@pz)-0qc;LnsNd2C?P5gGYrq2GZID^7bnH>TpIHP9~|50ijx-Fs-q zlhZU6j%gnY(?Y4HH2mCP1k!Vgf6DVOhR6cO(gq{xC_7h@F$u*Fzl$J64FJGTw%`ve zw|iTaiU}D*1Mnz(Mw0Q=e>!*y#9gLhsvTX;@|g|@CWq+~FgXVGys1CSi$bYSti7&U zDrcNK+<&X15JzHtonRvFL#7uqD|=vIfpt=?tM-lwVz7oH&L_kB>!mRc+cO;JoV5>2 z2NDGSW}<@f)2`eAaZzmS0tT~_wWs>d=@4wj5-Yk>>lrQCq~a>4ru)R_9n#!1_Wbny zmR*#?v>!GoB7~6^7LY#Z4oqFc@j7(82s4NcWM^9VKC+6wx@TKxvE|Q?i;Ev*&w{j0 zksP=;qWJpmM{en{-4`c1tw>ypT8PS1JSoKW0xs$9$tHI?1TU;EPs{U6dRXM-ocJTH zuvpvJ&+4%|8>?6{J>%1!y~#7yJ}zBJfAy}UL`Xvfcc)aVA2mh4P6n?%=6mj-)BIIo zcBN_T3z~F2qsVDm+z>`Ph>N|pX&PI`CVG6$vD3PdT3GSgcU$frwu-FqDA$Qy;cl06 zwqvl3!va4)W0*kp<&Q~5WDz0VyPUA4jzyrQCCMk_o z9^wxP<1ENjIQ@KWy1L(Ee74a=xc&HInSCGF7ZMIRn~u8gjtLA&E{nMu3K?B&2cfQu zZ^+n)Tn+6PWFd+(I#a-U3Z?w}_o1}X0mx`r>MTOl0|T%p*6MMmXdp~MRaUXK_JQ(ONbii?8dBu`YdSgFUbCMbp-#pJPV*r=9qEA zYAGFrWB1?zdQD0x5gGhF`iRE2nfxvVxf9NKOTi4Nc7O+f*EUAF$b{v|6W62tlo8C% zyV{6ih}w)Eie49r8KoK(>HBx@sCHi9Rt2vG_5t7(k4mhYX_qtox^(Kqf2IWv^m^i^ zCphcJkJrFC3jW4+Qo3EpLxr9vbw{5X+Se?f{|H-83TP2>Gc1Os17mOocZz7wvE(?T zRS{DwiZzZi*`VAvEi-F2zAlWmmAJ$>4{nFjj|eOF#(NTv+v9{SFeR~qrHB%@a#}^c z0JjNXM3|u3+CoRj)ZquCS`)Gs?Kv@OQ_HS8+M+(<$l}5`JK4P}g}#pVKXgs}RZVKqaV|W43)~8YJC~FAO{2u%6GQ9+8Kgnnczi-hD()ysdF*~Z1weaHq*#iA~tQJOZuQWjJQWdsQ#+HoGK{QC6t!V{r;YTsXv zN;k@K&KvfC-4qb0cmc8(K#9JHZ?<$8kn-4kT|S$TFkk=x{nF;}tm&URA9|kZ9hcj6 zj+GU&yWvoiV1fR27~PWV$VDH8avjbCPdy&{W)zp6HL*PJk==nz9lsQ04n?W#ROYgy2oK1Af6ZA3rivIua1uFEyxdz9^+= zXCYZ(yS+BU@+!eh2>oy@I1%8z1R4Qxfl^_NfU!|8>U{VC1&RnR3fBJp=W&P`9kb+w z8%J1CiE#ylVdx5!h{B1@B=W*|GAco5c}K4rj|9x31nR{c0XYyfWsWjW^UBN9o<@PD z5&C{sZAaT)W*rIvNL&*^Tw9HsF8=rAO8RKox&u{eVA|K6xnEY`jt&J3TJSxKj^ zXi1SRK6|G&=jrl81W>L5NW(%joA36z;=D=w9MEx~2&+-@q8cR+kVe;M>n~aRh<6Sc zF23-h1x7&Lz8Letm-tN$u?`^x`c&Sx5{ks)M6C8qdGow-(~h5`T|h#3eiRneyx^rZ(B!Cg=oD`Y-HO|c$x&7D*5ug_aW3Wg17ikKd=glB-ojcU zGu8|CNMcTdIYzs6NXA&k0%HMa`iuBLGC*L+v3IxY;>9-?wZZZLQxybl@^EJ&F-EcaXpuoBL0AViKe$!q znJAC#EH~gAQN%2RbgBe)#s89|L$-vbevK(SG$>vx>6KMHVrdYNK`|~nVlXAp( z?YG7#*0<(ECD=pIvXd0W-(f)#M1XroL9eCY29p2NET1$XYH3ad7Hbgi7Vu>MBdQ(9 z_tiM6HuBwDcUDuuK9tcBbpi33Qz|SZjx=uouHWh#w{H*K=9G4T`@t2YtTcxw&e&;e z&-FYU5)RU6LBpvcNcL1AdH3(ncXOrkho1l_!r+I;?L-v<-HIUg9}Xuo#!)Yde682m zt!7CRC?KN}8YD=tQk|-(h*h3~-y>(}#EC^2%QP{92I^9c@d9xb7|APT@ACd7B`q4( z&-9~Hl#u|B_|*?4Op9NO$<$r)Hkc63tRuxV|}*iM}~9Y%@IbL4~`)0nk6^ius`^SdCOGS<=5e9d{lnH97I z8soCJcRKgFKnX*XB}Ch`>8^SF`820954ZL^^;;zO@ZkjF>QVzMTo0Hx;8zUyX&Lsg z@Kpp$V)a<`{jE_^R5B`deOS!}XB9n$c>0}HOZx-<2ko6SWmMtBr-+S*sYHRuvx~2k zRC>XNi)in`Egso@sa?me17A0_nnj6#toX)v zh^@S@h&^P)&K=8<#P{669w`UU>D$Nl0Q3}e7~>SFCjz_ z0nelZ&cnXo2T^IEgOd#eTf^Z%(dzq*K!3ZnPur%w%<~jNd4!S|KbXx=^n(3P(xo6& zB9-t+1Umzw))F35h_iUrYbc=XUFyd`xw>;W36hbpt<9o`y)dUhHUA9?lDjev)zY3;%MNLJO}U?Ru8Fpa%FX@hF)f@A9&N8b-A+;6}JW!y^SU4D5)XTzS| z8>O(1nQBpi@Bua6{2MbX32q?XQafhqU_yg6LarUm{lW)vg&9whtA^dJ@Q3?Y_I+U1 zcWgKYd#SGQ&7KUzPJbewjF5V1?y*XHjmSt%!cim6k}M7n3Gmr^HE1> z;5#+9Pb}xS@nXqi=hM~Kqv|#)HTg6m9<->u%Heh zd$!GAYeR;i12G-M>S!2PbIPmI4(`q0^I@`szhcAte6@7mqlJ5Cw7fo=KZVoZk+2v(;>~0oLhYPm7;C8KjcG{ z?}w97$IE|taScJACT7>m@LkGqUD4BNJE zUnlO=!0N~@-MU>bsf2ox2`qmyCg%Q+q(3%{Dth(mBv2D9S&FN@10A-ZadNLAP&hg{ zCGJ0g0wKWIz|>VU++ig~1n_C5mi&BO>HAxE=`z%ZFl`-l*)4piTJEY-;X|i1ZQ7Kk z0y6_7TaF|_CWTQ^;2k3MmSz(Sh_wem>bzd04iq+CR2qOrur?nDe<@b>;bivi-CO)H zC}HRpDZ-*Gq7yE6EW38Eb_=pketwL@OX#`waaO6uv~vbjn>6e4@89&iId{;%At4iK zJF)z^yZ=sjy^x%@`HTMyA39-X4sb}WaktWn4oggf9;_TYJb`7iTqWjeAXkLV1nV6k z)hcP)Y4&j|wMmu7!vg-?^571|8l@gREk%iG$*cBVCqO9~w(3i7$kvCj9=QKwoZZKC zz7Dm4%XhPcoa5JD@eEM7)-U~GHgRGPEv+SY*7x*HJII4&TDfDwSXXUTRn`1${Hf8| z!b|Mldfy8Bq(yU8OY2VNzn7rcsrgjb2LZKZ-(~mueZ%+WX_gBfJVrXw;(&Z%SvCZW zLCzK9XTvbk=L`pjxUjfIbG(lH?8{m!W8+veeQ9DRP1-*sN4xjq-41B;n8o5UXK%kP z!_mOQh693{j(TZTNlbD=J=0*rUt4HIN>@^BfL_03Kxutf<#s_}U~^oh6ISbLXiWa| zVffH9xqdNB$*o)XeN|D#=9NE(-pzWrIVC+ziM+f#(avC#aKDjer{@2-e0Tm@xHTx~ z{^DU9TL*hspB%Jows-f|FDS(b*c$<{5f>&JtARr>YlqE0JAF;cgL=sH&Hk+aW6d zJ-ag^79(@W6pwIVp@3!7O_?Ue2ZxOtxQyECEGV>`06(30SR`Bq%NXknx<{GaQ=O~OBKA2aw zRx&q7m=v$d7n!B!E@6*6f(m+v%Zqd!byYy#^8PYpW`*Altr}@{@yz~X3%rMQ0dt^3 zjtaX-gZCiTPS!pGpWM4Qi`=YRGU47kg9H16bN5HXtPwYdwr$%|rc=s*Esh249Q5<6 z`b__%C#BSmt_8`L=N<-1gaR)`k*}{Ityv`d#0Wf&jy>U6=Wg>@U>)%@Krh6d=Kz$$ z{DM-T3oQ$PoZus9f`rKi@tX6*LWKi~!?_Bn!SJW(5@hFPe*T8*uX2BMH!a&B7}(>- zC^-zv9@EH0K;@$+CzcIX2|9Z0m?vwxV!kb0PAmp)FscKtdCn6%$SD4Y!El7Z{k~aZ2sW*8{X|3 zO#V@k?%2CGGA#7n<{uR3;5p}t_uAkI*ROy7rU4n@_x)NmZ+_Y_qnU^$z@op6R9<^m zR%OveQD)MdGanH?1c{z^A^;ZL4#FEPE5J<;u=XYbz@8E+ln0r4g}iA9S1Vy@We#M!YHFr1|}epgX{3hFc##jVVH8b^7g(T8&RY2 z5gwTOjr-|7CFU0^Ev>c8?Ciqy0!}PDO7B+P}ZMgK0rQa&jKS!ADC+?D-N*`|e z=bu3;K}7vQ%)lud60JAU0+aGvZW4a>D0WDtae=xk4ukW4s34z{u7c;-e2n%ty|G!X59UE9W4_~W_^9U z{b0b!g4tj9Z+_#H;IKO?%Gx@-;5&i_X6AYOKaz_0e%x9v3-~N^q!^dGFPAQQUqNbV z)ylPQ{LlP)f(2kI7!~!{D0JVx&AcNZKbp0ei|^e=jj^!_-Mf$}3*GqWlI_EIo|wl! z=y!@<5&Sf!+UL#CPFn4D?%YYf1%_eC>`A*ZJUwQLrI-8cFC=`C`2p!)(3i(YuE2ip zP|o-nGj{5YpUcl)8M6&*wSD_eJde~a(@mqFz6hSOWV^+?C-ceXfIQ2t^My{0aJRurNWM!sV=R!bv4IKr_{H@Xj?;y zDuWtXPg$m=!3LGtrPJ0ZTdogK=gbX4Vqda!%RZOtU^vDQ%<6^q9TTRW9>f^Do z!D*-C-qybUeTKiEvxQ6iRCU|l83uV<&|YdL7^o-MMJQB#*;{HH7~z#Z)W*cq-^C=? zZfr)Rl7HW1gQu#gVSg7^MZBCidW(0QUCqK8tB@hzH{YHzp)U8H*64DB_|TxV!00eF z*DLE|4N_n1E&VbhuW(Ij&6CnEYbrFxxA!fZS>>b_Fk4Ag^QDZ`)3e-a+9$!P(pDuk z->SlROC@bsFAKJSy=oU8AFJF}IjG=DYPCUXwpGk%`)RHFkIpU@Hf7xwm4fg^Wgl|vUq-Gt7ni(e^G&-viyq-C?v1|ud)|`L zPfLzeEGc`pxpZ6LudtKOMqeh6{^8NO_oK`0W`vy#F?um}m6>aCZk6+$N|lTW4l0`a z6=L$j)V8Z+gqX}z}JbT+y^HS*+oh56wfKD=6ZO|N>vg<*BmG$5?+r98(U;;`>ouWX7$J z+Q+%N`I^~mLP_>&>%#p}{alYl_m~@cufv*J&-6pB%KXnB-@J5x)WS0pXFK&d{&057 zu|})rryj68HM;*}qduA8*~sxlAg|xx3cly>r~h+*Xj8hz2!#cP(^sz=77jAdZPV>w zj=uk&(m9fP0F-x3_lT6|cLTfsa;Xc|+AS9r*m=n{`y6rk_|ISL`FnSpG4+@HKY6A9 zC(ocws%m3-bPhJd-AV&fbal%0`#!98V|E;!0o8k=jUO0~IiFgXSP(xUkVLm8ybFL- zyL|wmWQB4=YS#itHKtEz#+%rfm&@>X9j5jhTzS&cuXpfL9Xi zIJllt)UR=pZ5swv9FMHCQ|(RExo_y6QFMAo(TH&%VKfMl7?IL^-!=^c0Hn0tFt9*7 zo9L^776~RVJNPqQGQ{=^%$MQJtx??8c<&?WUgzBKut_sn1q1CgH<~{@|B% z7D8O?cXwwz4D|)oB={1o9HG{63v~g+B=@^>N5MZyrLZ=4{-eFGXd;;LYw*j$avomk z6>VoXm?Mi*eS;4iJou3@!INPb=rH_o%X8M@*#ps8xIeWGXkU469eCop%F-Ofo24l$ zZ6MPZoF29MiCb4hkeE;fHTx4`3}+HZG~kZ@DSu1~hYUG>^5iAOgXeBsx-^Jt3IJ-* z(4i!BVgiSEl&7bgVGuA)lQS`PhVRCc4g@EtwVsY-7;TG;fhFU|SC5kde2bHC?%cT# z^2!MOyRwUYLLZTyPCano051-{j*{)ur*%aKXlwfvTsK^n@O@@Mw_P;@8T#Mt=V@sUVZ8<@a#52AI9(e02f@J?X=C?YP* z+y{31Z;?HCG#MeKaxdx4M!${x0d({uVHY z%RbH&A`(1iGEG((J9Ow!5o#cgp&}V&6nU1Sg+)!t$?0D9;h>UC=_MT&d_~o}9W{uB z#R!%Pn#aVXq(`7;SSo&i`I7zsvd5dW{*F^tHnrCB?$KSd=02({al9oxicyN9ZKN#= z+Jwp=sVa=UcoQ2Awiu+3*c?GM;6APip@Y`F7gd5>w8p`12tHtxF}ubLwwnX4a3={v z9!4}zJvRCck${#~{Cb@+kR^h@REK}v>{r*}%p4%F_ytP$AB&j_eZjm#nyCA(hLO=9 z1SQ7z>33cS-Ni$tss%)p${aI>mfP<40Viku4;o}V=4?-^&lS}w{55G9t~{l8$bsxH=kIrh0xEP0f6a0SRbm-6o%K$XA^V{gM?3*=%sge zWB&__T24+?k1N<>(YYB*o%M-2w5JoM;zXs`t>C>ockVO~9&T``zEL~>mgVyS$M%ok zX*l?=oR~994GrU|<@59N#ch(D5Y-vC8TRfuu9g5cpki7u7(Al^6DOW_M;UAzsNg+4 z;r+&MOaj705{H=detQ;lZMSceNc>C)#;Dc+8Tdm(qxHMD8e4I>7ui0NGW7Wr#0{mC z@ZKn!D3w9BWOo+sI@G8u%FHvCkQewo-ohvvkWR_m8^{2)fl~Np`lIIEus@a0mY%y{ z!CIEiTc@%(`A>#9K++={zrNINVa>EE+mPm#&yNp&{NzboWg2iICCkj&vzyC#0F276 z6Lf($H{P^onD4Np(P#6gT0-lyH*T85^$_ok&6~$T`2yGl+z#Lfftn{4$RLDGn>N8B znJ1mZO=L0d{74TGET}1E2KPQlwlOvvbdm5CON1MJrM)NiBJfgouOBrZYUfDdK zuh(V;UH$x#!t9ctAG?3f?Ad=!91wzXi)5X!LR<$pZrQv^>z!~?A@t` zQmYmPt(@=T64?qN7m}@EZoZoD8`ssS9@sefy7zvws9-bo(YvFkTUlM7SmBXqHcLkb z`hWJtju#Vg97t|5R!1k)&Ns$)=Uam|&6|Skzz=1ORP>GehkZxxGPzeuuG84=ZPFu@ z5+f~`-dwoSG&l{eNI(0IS>Mq7@q-eF?#;g!Tx7)c{++-YM4ceMAkr@s5+Y`7@UtZj zv{>efofiM$7gc(^X{gy@&!-=c4S9KOZtIlXZB3(JuUD>{m}&}V9(d%i!uH+KRz6X0 ziwuT&E9h4&IiknM|6Fh(wUFn331$(x8(4$Wh@un19lM8D_taL+-Ew2~ur3et%Ggnt zE6YYCNqZ2PZ`~Hv-m2ak^wq!Q7oWlEiKCNSu}I1q_?M-3Bl(ett?S$lM@=1P{Yvt{_LItjb<_90D%GmkKKOS3_^mf1PDZ%o1?Eiq=`y5p zTjijHJ$FmnfLqKwdlcV#_%ApoI!};n!TTfb^4^+s3MXYf zy?L&#Q9mN%Mh?GML!bi8U2$_wGfpPbtYE?d+{I|esH<0x(@Wqv!4iI|AKQ}zg^C|l z*OK!QGx^7(M;|n}d~hwtjvt>fe|{^@b{!p3c2kmU?058nE*9?9@*hY`(7WFEU$5{_ zLPfWm86bUzbyL)rS@x*a^6s~y@V|-W3TvEeNUi!7G?@TFRzX}h9^;T@*Wj+iTN&Bo zJR)2omL$IwV`+!9kY|f#0?7$D3HDrxcbaW$8>w z-g~=eTyR=`d6jwUzY7T#fT<8m{@zgw;%tJ`Vm~Ke6Ck-1eduWtZp9$~uj<{~Y(_G` ziuNnA4E*TjczEG7zk|K&UQhMWU#n`n-FDR!h54xlIkOioY=dfZ$nfFjDb=JKH=HUr zqfdyBDGm#CZ+&^}wo&9R`0QucMB&-~EF>Y;zOBIv=gk*NS6f8Jzy11p{3^3mJK(K| z3Zn~FnEDmWSYNUC)#PMe5zyPM)kXU~kStlHE|yV2wShP)GRd9WalAIq4O!Y`o{MIN-9 zt};c%!{{NzNE(8PEiIb`Eh=k|5r_K9`O9p(c4s*NPDA`t?vRfDXGV`>p@!>n@z;HU z(Hm*Xpf0Thu44I+B_d7b?3N9SxhwAr>!$)dip<8}GD{r5IW91FkZ}Sc;JbIb(}xW9 zi4+ET0^7V{@BlvQ&?lE6>?zzRfM(H1ge*={h6ydXHgOt3>4PvH)gw?VE#LH1p<^Hk z5p6EeIF9&;tC3v;N(Y2Z!m*rej5`A^6okL}fLotb9t;RA6$(iZgcc_}3=)AuBPcZ~ zEo~l!39FA}yxVAlxfDv1-fnD4dY~V5l?}qdIdAS<)V)U$aq3x~r#3^8MAtW&GRzJ& zo`vQ}5;@7A$!#gGn3F_wpz0&4B1@CfjcM%MBXkX9JZ7Uv+!|V`ky_LII&WB)89}Mo z)y_i2G5g{%aw3Xo00K^bOtzjsd)BYh0qmr~1QS9mkuu+0_q-FSJn%Bb9x@wXbA1;k z>W~1i022FbG|An{5zm{Z?-_a9)vIg9bYF49c<1dpx)I1Xz{f86`;%r6tsjSMxq5Xz z!aCSS;AVY&89@#?$QLjrNp75V;dbyK3M_KEB2TxJBgn4*rl=z_0t^piZ$V-)!vH<0 zADk=FN5BKhe14qdSI+8k;wW!`Qp+-Qed1=?h^S2E%Ao3Wt}O?a7xgiV0}C3>*8k$h z12Z&~tcJXgL95Fz22%<&RK>8xvHDY%L;5{glUSgOm2@X9s z;EwkX_oBMM05oK~ADHy?e&-eqwJXgWZ+y*~K|U zUu(c$V47iF%ReWRk2XGf{P@FN&02?eo+H2dRVokHAGIbtkRu8WZ?HJh)-L3%RImObwl@0=KDc;AyS0clCi z4m=}W^eFA=IHv?;;lhgZ$)^#tlDv>8Llu3Bh;-#t^ze9|9%|{I^PG6g>n1TbuV(%z zsU1qm8KmYQ+3ZTzd}xmY6qyi7vl$K*y{j4U0!KQq_BtdkIMw^67E-0G&UtYP5TGS* z341mqy%3d<9O$K1bI6hkv!P*=uImLiznC~#v4$r|X4h@hiX9xhYHH_LQa1_LNK@EN zgBP6cprEiX+Ss_{!;=P*3^gP{6qS+)3hb7VE7y}Oa^~2i{y^qw+vOJ6hu?95yYZX&z{$kt-2~GD66R*Nw!#zoPle-m{hPL!r|uaRj>>Q z!O@8$4s_5oQ`Z z7PVB4@I8obU$iAiWtCG$Ah;kN!dy{ur2jyWF;`n#;~12Z+zoTH8bstyJhc71Al?aw zNQe7|+GIf7pMG06C=#kKB4#6=;R9}ktcgH=ix<&N$*|4Y*1b~6$w-909%C)Ap15EN z6V8c{eF0aVcAVx8GQ;6ODhz%otTQwkUng&!!S@8JvuE0KN>Nqw)E6LN95Upu^)aV8 zM(MhcBaQG2SSeT=2_c)7x&ng^Iy9*Gsij01Kdco&kwtfNbIyEbrG-?lv#8Uj;uxpQ zhry2rL~yGlqNhi%dQqAaLzT~59UYxh_V;Ip_nB3^`}_AT)Vn51`F5&=L=MEW_HAeF zes=O?7fCo-V_UW?8yWuIz&aDbGkDrVdL#e-`GCZ-*cUS|4C!kTgcE=%rVT?HJ zDa?zW)5yn&-%WZgE)8qN8bv3t4}s(NZTC-SQFO=m_@+^Pi)u)cK*A!+L24r2uw`gd zf)f?Ewo$n;+cJ`IMnJ0(9+DY%l#v)huIewZ@=ZElHX7N;{-Nonw7xK09+igdLd>VNgCA|cEw6%BFOdR zPN-qT)ZH@Z{%q({04u_)S!mPN-A0LV0VOjy`>qd?Y@}Rei1?Y9%gH1DXw#h2vO9b} zc2rPy)RT@A)}o{($s*+-Df+;>kY%N06i@zVbHBVB{|XZ>YJAXm8hMg$cMJ&7i*R71 z%QQ|wbImZe15dUWa3qry5CTB7o2OU40*y8`6@&ofikk7-sSX69GTlfv$qr4CjOLiFnjlE9J z9&o!FCy%^SLeck{>Tr}z3KWLbJ}HH$clMnH`GC~MUX*l+BSyrXsUImbBpgCa^>5#Y(wH-zPM6Uf=Q>U+qBKb9tl(F~gi z^5s=}`iP6O_Btqx9=@WiS{!OB?U@uR&C+%Ie#OI`$rs?=NGHRAsSt*Gf z-H@Etl6E18CAi6IpY7eQT|3mp1R)|d@2|0p&cr{(a$-ewjlQxKon$OSmWJi-MwCz> zWPp%FEjpxfoA&+L2oy^HM)w1=&_*#K+%026_+j#EAS|VVs_|ZN0Lm{BX^-jtoAJ7J zztPc5ZUh~0=Jlpbv|1AgC3l0-c$Qa~0b^!;B62n#J9iElqy$us1nUQQ0YKzTFTA%IXFHGJFGnT@4;?f}%tVXI2nysmM$3(d z?QzIs&F?OFlxMnqhFi*jBDzR1EDb2=udIB6@fYWGn`JeK$5o-zs2y&@#PB6#>={(EGjWyUjZG3999@XX6O>G z1r~nb2DJ9YzIux4Bn2-wjh34tw|-wSKK1bFbLX`97QhRcwy10x&*Y$eX;x}M=W(Wa zT3iuql_o=C8zie3z){eq@7No&etZw9DJi=^=sA3LMH}CJm%nTWYdY2>IAv^x@fg9v zV{%@pcF!oXC!Y-&l5V!|3(-8l#Bv1Lsfo!D)|?ChWx`ItiRvd!63sf#v#|+U9-K@b zl5EwyNn;qdkf|@8KmSuF`Cxo#4lx*ES%;R3==ghnVrXc)AHmKZtZm9>O6bN^6iCKE z3lZ-O0d2_2%F>H^1M{-H%vR;kJ6Ep~iorKTVJW6k{{9RrIpjNxl!h)Z@qwdUrm7_` zM*)&t^_61jn5XA_3J^>K$V#~y#9Ts6sFZ>5i!`gE8k&;EX3ChS$o(90PU)h%Ln6=! z?Hf^(RN~RT_QAA02iUx}D%fYc+n`<^FEVZxDhW_w3$P`$MK7<1x+V7TZJm>0Rq+?n z$LrS@F397U(aFRJQ}OzZh=?$+I1p|8x2@Wf{F+vE ztG0WcIB_v~(a^zzMUao-EiQ8JG4ZL$GRX5 zw5)i}CGlS6Ti9+)i*PK^?V{0hD#}%x#YRSmC4E98&KA|O{h{tV_3ay!*@FFQn|my~ zIMqTMRE_*O-Olsav9SSPHkg?)Zc(@AjxN2IiLJO;SXHx@PaMolNVHUeZVI}L07vtn zvB~x&?zKfTv^OUDN1FM6q)q~FKqpCS8QQpn>Ij%P#Fv!I+zRcED5r1Q7wN-KU7V1) zu(zRF>WN>=c1}0ezwk%zULCDFd06*M^#4RIDGkQFDN-LQ39-Y?E*=WxlaUdFN*u=a z?(&%=5=6i!1zXOYIforSo0B#$84L!*vwHRWkmz0tszb1c|MF!WZ~?V}h0#~CB$}r< z5~wO)M;Ks)|MsLorv(WN05UfNNRu}Wv_`55I2qy$O1sm2 zFDx?CPl|uNwg&_~ItJS8^elbPs!n_S+IC9WPk3!`ptTh3yby3oZMHhL^k`DZv1vwM z2bm|b=4k1eVsR1A1sC85<6skkBx(j;C^Zkn{QN?*RU8&{O>!-8XtxLr9E{`%e7G27 z6Dz?u=smTZaP`4;qtA&wF4gzQ=frv_BM{t0#&T@shOlOw`8-l^&ckLdU6n=mTDX`k6}u1S27Y$pMQ!LtrBU zNUJ13kN))D)>U^hia-%W?uuSAWwm;bd@3j@EP=uxA-Z(yMyVrH_Bdmt@0$i%>nMI1 zc7o~`B9Q8{%Mflm2nLrh1*ewBReOYh7@S}#o;06=)q$!n1G*3$_W!FDx zFTNtspuQIEA?o?UJ}^JCsmPENeZF4#hohfmFW#vBl>8S?=Ev zP`J-=J#eJmp&ttlG+)gf6Cli;jfgy$ej>w#lnfoxj=F~r1TAHM@Xm6rKpr>Gvb5*e z=bQj9)+(&au@8ro=A~L2L6@UE`S$IbqvrL*+z8+gpc|GHbQ~uOitLq2`d+l5T`$*d z4P06mN<|DNa?yHHdeo@&_QU8cUOz!gYTy9# zjUzM`3+S{7oq+XtQ{roiLBOz9L~y=|3Fga}f{Hw%w4&P4-_i5_5dt|*Q=~sdttYGI zb4FNBSR_-Ji|qOS&>d4%S5~oAX-&sX)O>;sU>vWGS*a+t^_71#^pki^xpC#nJTJqw z@C7~z{>d$q>CcJFAQNGWl3TMv2;3Ga>96yrb!i*uTk(Y7BjQs}u{&Zoa=7GR7d?%# zfvQCdzen!Z(rjYZep2Ecn^{2~7cTVQqUzmkV{br!+S*#ZzJYHy+&QhgG0-LzCXijk zr--uIxhmwgJ2$D=o|P`JG3**(G=c%t8$k2i{KT&NnOBI|nKB*S7rJr|oRuqk!U&{4 zOTCgadyC$%F0bPKp`bdnJi9euR`E>+D?}T=EZt65EJy&f2=!GCYN+5J!w2(*FxocRzajMJq$DAh{v>cpm5Y+sDTK|ME!QB+6`j&Op zIHOtA)9%9OuO5ZyVe?IMs~m3^HA&wea3#vfs;6>w?y6BrCbep*o3x5-H{Yz8Q8 zx`gf`Ff05hDjc0(348B`>^u8B8rwNNGIqOMp6ay1o;QvJB{ z*juY}RlEw{8vXP3?n}GPS1O$^l$*wsrIl8$NsTw~@ws-^(<3jj{9?g5%k8$_C(=q+ z2S#{q^ER5FR`O$HXap!|Q9M{IB9GaYQ>tN>5;ASepMV7aRJZjx+u5#<7 zuvgoM$Av4z99%Gb3-duEPuBEo)7*MUwOLv2Wxw(@PbaMGvnqCPe9T@oTa_54laZ}^ zCs^ef-)@(y5Ob%sw^z*bpw>lYOH!lG7H<5UaOR#**jJy{0qV+{(Z-9s#@pTg6?t}h z;f%a8i@b`xr61R<&%W$byZM#t&C;CBG1tO=*xf9fkm{2C+|KUit$8gsZA!98d5ni= zLCEhK7vth)#8OL)Wod`0G5c!731jO%;Va7AJEVFpeAI7G2i@$!3Bg0MwwDebmOCYE zHb3(DgyA`O{5>7Y{;t=0{?Gp5Ps7Kf&=Bk&IZr3q(tA+3(1;duG}52`r3lSieh z{*l^scXn}9ig~@jz;1>`a^TdNgF1yZ{KcLQwnrN`|9^MM|GlTO`nEc@JUe`c>DuL8 zy?XAB5~XIBoU6svnU@^ZE-QMv27721bP)l?l#9(Q6CXgHfo;$xz{$N#N5en7wChHy zbB3|S$IDC=#vb4=4Z1>Di!dw>jrS@eMuH+zNzWZL&YHP6#HwXFgS)g^RUX2mA;X|3 zhPm&H&L-<>-o3@W)+#)y!QV@Fv<<%;uxY?M{MKC0Ia zB-c-h{N|sM65HlCzlqlIKU5GTkTr=}GYQj&oHIsJw!u3PR_RL!-e8kEF)zI~c6{t9 zKaUubDW|Vw#4w~mhSQJ$01lqp{#C_V4=UE@=i{N1>0%RIB9b~^#|bNK%P!Z(SxrQ+ z7zfWpQ$8CHsEbw~I=Hp`F>X4Y=i}-UKfYcgD0c)&{;>sHAO!6}@uJ8k1kpt?X)NOne_S#T{` z_^ro}sYQ@r3*IxnM+2J#C&oc9U2xD4=P)F8p^cK1qM)egGNdS=OQV3_8DVUg!H~z4 z+r=dgKw4yI4ChMOVlk%s{=k|asN@tXK~_?+mOu;>vGTdLLlj|W~A`f!d~X-8>xq;i%v9hOh7wrf>ql4OLPJ7fkBP&(B_ zSXulO5nS=c0YLKL&r7~NYF~EK-MP&Ulo;MHOD@cP5&^>3yC2)hXc}oYX0hDKwC}m~ z?I!6k6gy(FztZUTE|Bv*#1-`>ZICkEuSB+o|G90gc0dd>zh*27)1TRlq6wysQ>#u( z*o;&d4V0J`nyOd-K{M!j+7s(%O<{IKTQBO~pYC-(+kun#VWWOINvaUxrJG zt$c@;8^636D+`pz>3>{X9L{WnefT zres&PBiYMqW|f$Wh$N|6*_=t4 zTRO|gsvXG|g6_#ve6HC2UK&|=3!O?5`_)ivB-_}$LFO5+S-Vd zA?jSSTE;f?rOArmXQ|M|*O^RR22ROrRtH`Yh*PR+I1UsnA!4qKZkzh^-R`MX`4>Sa zmLNV~vZRx?dX3DTZ}#qqg3%{=s^A9cY6Fk81bBaIpJB~1_;$kQ*BGz%5jlLM1S&m~Pef{qf=sm3?lD-aPrWVKL33JNk`ip}=7-AaaeEM5AD z%WoZ7a@dBfr~Nl(I$AV7kZ86Jt{4`ZR>hxROx0VTZGDck3)%%LV(H42F(_;fc2ktm zO2l|W*BU#NQJ6e@VjIBlGac;DIdh(_?;U*gDmc+19QdH%h|G@~OlUAgk|u3l8>s^| zwbjHj>E}TRPlrbgVYMgGO8h7&aT-Z$2EdE;cSJZMQX%7`+oj09>_>*pN7^hW_mVzl z0b&?SYPr$8HK$!_3+b+fN#u3FvymL6?^nY_5*th8V`3b7@JSPp>H(b&(3pa~H-^o= z!_qf5zyYR>tiRq2YjVWHbyD{>^~G>qNUpk1!q!B`Sd)x>SFeH@S%+a)ziu3gW4aM4 zL*A933n0pSPr9|~^AC26Or4M-4J-gmnI8+yLC6aR?&6|Gt&)D5lmRB13uus%wdY`3 zM{_ngh)lNtz?I*oT?8Uh;2LBqqo=IE1cl^>Ovt}?I9K1jjfMFh+h_-3A)*_oAh;Zo zg~Z%UJa-YhaWb6mU57dz^TgMllP=oEYPgrL$up3IK*97Ms9E3>R`X{1KT2KeitCb9 zZz_>9x&C_U`rEs@O4r)HNXE$UfV)X0h#^DSU3?EY$i&hPf2ZslQB{3;Ntb3QFX7Nw zZu}tkBkB{ZfW6}UoG13!!yTXs5e%+N7qguo4G0oi{+-XnJXz~LZML?ydrB19q%u~y ziFcZ!IAJpx-Prhk2J8b<|6&2tsL2CxU6>Qn@g6{#bTIddJ>8tgHzQ)oUsNS772(+>KR>#coeFZ= z3(_ou2IkNIz}U2YAkkCHUkk6!{PM}Tqobhs^fkO#S^%VxLXuNF-6SutxBqc=O8Dz{ znv1&t$B4xf$^obMt&PO~3VN7$emVIq&@$4426lUMwsXZ;6_w{t)qad!I3y{gNHf!i z)Eh(+7Acs14mnUH*8=^leC@BML0Xet^L49fZ{sn_-Z%@&q}r*qKR(N77*V+~ z&wHzQRLIigL?<%UcbO&Y8s(7WssMrkOu4mp{rTv+LD+FR{l;M8P_KLV8`(-yR+iSx znU4myP+RK%@jp%hlFK^%2=;lxAnvngV^?j>+zZo*L7@JPZafs{s`2zX!72wkSKGs- z|0EHPVZ5$n4tKI$#NCegCFK+`wX#6l^#xg_b3o8qUciTY>#4TR7;ab*xWAB3dD*?*oRVI>`~&9J^xvemU>tMCdq zRTHd3isn>Iv+F>I<)=wem2DyaWmKsX8EtZt2x-m$%sqETFY&vkOo>~~xMvh#n;9T& zp&2E4-I=IggJm9fc3o`+%2)zNB38W2nhEJQTs6pm&_Vk2_+yDoLZ^R=&zH~_9UXnJ zxuvrE;>BGki{uQ4P7%+O23;cP!Y@)i8QPcrZU+)Z&Y7)S%b3J|w%93eiqnVAJ_N*_ z3Wg3lVSH%~jE764GZmFFEla3(&Ypg%oZvXVz9+dPei+?a7F$YFi2KU}4d&4kN0`OG z0g2Ib*okhVIO~wsKSq2=X|N6`P&@%y8yb5^{<;?wbA#|e(0K}hIvY7LB)tN}6GEDnrWGz&{~K5a)5T6Fqd7FBi2RAu$^Fhf8|Pq!egz z5@t!U)&AyV6R(VgCY`u1by;Hi#r&A4o#x)L{u_o`e9rUj{rX~td*GCE8`xD$Pi^Vn z+DM@#Z3}5uxxqd)qgd6G>eDs}2Iirr^uk&8@%H@7?C_h{&KerK{qpmCpH58ex7V!g z>)6`0!HQm0k@0Dz78Y5ty^c*;S!?iYubS)4wP#f`=YO|J9ItUlA@kqYwzRG&ClpUn zsgJK`6ULOExzae*s_}CxAFs;6Q&YFm0FprL*3PwSo=(oVr<^o? zWmMEi=Qi~TTXu+NXyuUfPxp{s&{K&HhxlDWrh!@Y#()z;3H&WLCC3#Sw|(iEN4Ew{ zhS&00RqFNKiZu_ueVw$)PNRB(#vJYWM~4XJS8*ch?{*rUE;al>zS58to#l%h)Q=l8 znSs%beNO!U_=B=R;cxWu8@c%!6b|AK19WtP>^fyBNQ=F};s&i3!i=%qFYWL6VOzKQ zwnHo^XiyHa+Z?!Z$?;bG1H0D~(0v$+NA{Fjct2$xKCK%3E{hrfhnB8?rFCe~sx$SU z+R@Dyx!6vW)XYJ1e>zZe&T+TdB zo?&hSoKyBV^d*%O!~zSRWQ!+7_A&Qe_dYjU#Lz!bzvjCe)A-)Zf~O7^$4`O?CYoVh z5H?z-I^6ZWRIqe^g-^b-QhN*Ceec&aD||A}P$&7C%jVHrIz}i|E6AI4vwBd|?)eSN)X}8cE$F8k zb@l2v6_wu~NFy%)jW2W~MI*l5#9&fV9B3669gDm4M#z{kx+{JaM%9jl1>%_JY=AYE zFeD`|&wXxNFBV?^z$t&xl_T?@eTV&WuPad}Xh@FHh;zjv)EbIdM~6I%+rD~L8mZVM zD9djD2^@6wD%lViYf$P%`mCGpPVyXu%>bFN#$ry)Ju@zpd5&l36(M)ovd8pUc1Qb3 z$vy$qGp+)fn(Il$_4oaoUqwuy+{B~VKS?vgX#8PmjMcR@9n(ENqi*l3(R=RNU$QyW z;X}>8lGk!bp?4PVt+Gn-Ufmct=Fori$}4XlG9DwTm7t67H#+DqYA$VI02m_HY3L!| zA?z{7yYOE8F}i^W6P*v@GLY0~v9Xspx&Tx##J4r<->Xe?Y`UeSBEp&#G!3aiV$aH2 zd1nJwD?T)*3PuBcNw0=X=|a(t5RKDPG_z2s5{fw~@D)3B+jR$UsdT48dqNXOz|E8X zRqpEWp~sRgdm%I##o8>~3@p2xM^V5-1j?{Byp&%|jVj=mwoB;=gyyUSpX#@H*heKf z{uu)V@spX`sBLh=Uj)K1v;8!&69v9_yCq4}36%1wMJR05BXXrDL)9ziu?z78aLQHo zc~4wFJE1$@&WS3`>0cwOH*k=}7hW_8PLnb%Msrf8jF@3GS&&oCNXgpA_ejGWT*`e> zyPy*!$-P#eS}H2G<%l;`EBgaU0zC#C{xY|I$+Bg9gfT~nz~K7IH#>ZI5&q_WSMNTb zvbGnmC$-Ky)wnqMe&vQAwioPz{vF2ySRFrala9`1dK22aeA_MP(?@3AV;v@GYDuEI zizK?5*A{2s=q-5;i0?oY?{avsxWCoaxYqSW9f547EY8N|1ON(n-B^!>l5S@I%ALfK z56X8;e_l zoqpbU9r*jEW*Xt$xtNFVzlD5ly)p2|Tjs8`KUtqe)S4I0$#Xbpf9&qdX#mI}r*{s! zZ`l6q_JsEalrV%Q8VVsZkU6GWV|{S}&FYcI`K5CQVV5_0) zC1^bll&&CPhek5Re&oBi&l170!R45dP96R-D=V&b0|b?RPtq>S zQF8SlPt#o42eBHn6wv!4az1hDlm-|H`1^yf89z}_*Q40$N${wH5S4O^`yTCNVZ(hg zaRI6PQlF}m%NwCvMZ!H&`{oRTKY=f3;Rn7Gbb<>MgH4u(`Kn&audj&a@7YFxN*2yb zF7Av4+)2A_-IFhrET^H|7;pIwj6aQa1pX>c^;gA`L59Rj@>Kfix%tjDC$;?7qE&p0 z-7$d2>N^>g~<^bSL zW*F=nJ$d+sE&cxden3&RmF?$obXrp{0eX|b5r;z)jsOfJwg=%P#{8;EjqY;ypT(YYlF6ZQ>V5sk@8~yIyT~Qcx8mZ!>$db0Sm+mDYl^JLkFRo4R{P~Herf}^z$(>?;WG&rGEp+NkSk! zwSJi~f|Os_*GJUpL|c9{R+tXLQRq06&r!@BA+X9G0Xmh%*SdA(vpH(Mrv?WHFsAE~ z{4AkV^uU0bE&4d@Kud+CH;NXgUmyEQPYmH$t;{1~BkzEg5Q26+uFkdbb)w^u(8RW< zrJ+7vL0=#<5mZ(o>Zb<46rC^cm3=A&+?K?iezUI;Wm?cA3}3DPC~y`U0>L)p1Q8zY zv*)f>oPKb(wvVa)$8>K)?RAT{T4YKrLA8M*4J-3+L3LF@;&A{Wb%r89Y6EI_&Tjs` z?qQMr37V?0D*XQg(dcG&J*OoxW_3AmQ) zx;~*eq(ulZ`ynX?l}MlT`*xDEq3-7#;$b~`2#*%$TASxuD)?42Sm-qrzN=UF$IFub zZ(u=c)(bdXYAhDUksKw}a62lmomlPx0n^`tCo?-k=uv=3_!IENkI#qt5ZI*u6OAox zy}s}hxYAHp4^vXgW6!?2r!C|%XX0;oc4AH;_DFma34yTQG~Emx+5#*R0U+rcG`E<6 zPp6azvtl$+PoIQ+TmU>Ngc0*uBv^ARPG4<(lJrNg^PuMi#1Y%g@UQm{5=W$0N^&bC zHM9f^5qQV7`VI;_nMIrBQf*yuXUJna3;i2ENMaUxxyC{Z#40C9*CU!r(pZ5gUirn# zUQ>$vIRJ2gg)GRl4Ap>|04JJS^0@PtH#c{a9?*HmPWGe(FUck07R5w_vs4ioKUJ_$edmIVU@Rob;?xKt-*dmhyH8YkP86_YG zC2uxPpLq&Uxfr=-O7z@B&k&$F2D|tvR%|1Qap6&sZL9&}r4d)!(nuN)gW;iWECyCg zS7V9+hE#9SDoFg3ekYE~#enYuqiOj+qRXgEJAUDu$-Sh`y5YDPZ){pu-x*kclzU

Sde!%%qI`^MOV8*>FEcXIo;h>(#23TU`@hNA zT++9$q;LAR#3mM>BQIjZ>R90BR{@{;a!7o$kVcwPJNWnx(=XdYi)h0XW3vpV_NJfM z_`QtAW4hFQ&e->Ve2Rwf1N9T({(>UrUQR6C;7 z%zZ|0luR|i7G4kUCghkAr7uQ;(y>88oHdHAcThx?>}>C}LuNO#Ebt~q&Q5Jz#*8aykXE#W@e`J;35ERN-8PNM1)-# z?2RT+S|!-bhmji4uDk+76XcdNP-sA?pEM9KB-_k9E>c<-kk2s|` z;>4RbZ_Ed--wUDPJY&YgkBLTp-AsT%?7k->>nhr6oPK`Kf>m2@k2m;I9Nc#Q-#r`* zuY|PjA8$&>(7bukj2hV3>d+Omc32I(Lyj_r4K7PwMyfKW2+o*<4K#HrZy2%?v{H5(^{HEjI!F8zW}HA6d0Y}&-*_y#6)C?zGueARTn+NCtfSNOdk9t=A_(Ahi6zrThON1tDUs{59;*Z!}Q#HXhE!C zXnDmrbpQ=E+>{Vqpn`Mp=>k0lS`_e}o^hxF;c=%D(kAyh(%MCjz`;Y8U?zjrcTRt| ztNlUjd}&>=O!}jUMo@Ng;_KIYk_u#&3*Ouu30JR{K2@(hh8U^0j*iHj3GpD0&{uDm z)k>+<7iB2jS!5*G$zkKXj{`s?6^J5$CNL9%FP_WQAYTwr0FAfc^SZicZpX=jmvF11 zGTi9+2hXF%MW2_@uCo5a7?6`r&X4BNppQCN-!*u_s!6J2twKzkaxdKtPX0DWUD?hN zg^Weg=pm|#PYs%SnN&M%@kun^@;TBs=Hk;acJa?zU*7b&WRAPd=bO>4Q3*fi_qx+T zcQ@?}G??5lMqatIB~?`gj1Ij&B_x$T9drCmYVY4u z&}uH^uqWlG@JR$N~{^MokYj~s~>(|Rw`6gv$JoE~?@e1ZN*oVj0RW@=9E zby{uIj0kPmKvHeYLC}OF#n=*XV#}&yiRW1!ns^@jr03`V^P9zthy=hgnkhrm1R~L=reZBe=fY$MDi*RbXl%AP0Cx#h{G>Any6w zeG7#Kaj=i;uT2{wN@nwDY3H9>`fQ+hW|2_ym9-iJj+sX%y^hih_&xlk_*Do>hQs0Z zlzGZ9&#dBuA*2aAf=m}B_H7X-CI$|3)Jk&|2edPzy;SS5N@qH&yu z^oPJNGp5mUqwH>wg`=ASVvw2_LqLKW^es*|FJ8P-?U|RChmXH>3}RH~?Hz~7JS>^0 zDv^^Lj6O55^Jbc>r)g z|J4zkm(s0)Ac1CaQj;deu+P6xZk}gMC0))#)k=N`?}d5A7}3L+DA ztxEDi@QSCB$Sv>?nZc1t#UWV~#p?VALmp4)7Eo}`QHk8X#yT*;Anv=t;Tp|pej~$J zxQPX$)l9xvd@*Xd$?gvrMns0QPkUnS04n)M7#z*k^#j&>KZ&}Gxy7)IY1$R1nbUFecnn1z2 zRZ`JMz*82q9`)F$`);gjS{=#Ptb4b+y;KL(OD`|X{FUljqX5cA(k^Xi0XMeidYH<= z%hQEJL&FGQ0OZ?61C-?)KSj@3y%y)&K6Qy;&EaA@d%L)F^Ph$seX267NhB`dvOmsT|1iDY5{xe5Z~Uvb&L+9D8pPpz7V$aVk^3!lI! z+E+_&?H-B+N17FDatsdmINLjB@O;IVRnjt`3)CoFP%f&l#~bcMUE9GzWY$BB^_|Rr zZCtBYawE3$CaeyA9uqT=fI(u(Z6omcw60T9Ce)8coy}*y{9^)GBT2WXi;}aX#qI-S3=%LG1&l!&b2hE?g8?{D0mTBQVRCFPuCr=q#YyKGLwms8=&Y)qzP zS{i~!k;_Tt?o(UfL*op*w|V>Pi9Q!|5D6sy=-IVq8kRF)YSd59gi5mBaT4Pei^sk@ zPh+U*x6CbNa*sC61^j}0dTNAzT*hbMIE!?d?pW(-xJK{`FAQNsaV%Ov5=|&NH1QpS zY|amJOK}^p{zG~3npLf`Vn(<4@TxoOFphiL1TP>ZA0(*s3DelDR+Z?^85@xKWoh*h zJdietZm77fwip#$UnH_Xj*icVZZ%Oq8K$NjdasV=Hxevy8zz5Oud7TTE^vsku?hF= z9kL|QU0_orWlWeB*HS@VL{^wo0JOx9kVb#n)#bx9lQG@za!A$F{=X9HV#^ZL@kIRK z=e6NOaqZV)xhHVa#3ucLH8A;1Iizr4)?JFly9It;jV1#~*+fLA+fWm>n^g;>e>0+Qf`LfsX3M&oTsF?v!ItR7fb7 z7$GI80?p#gDD^u$qy~f;5p^yA7~{g^tlW;P6^JjcCNdmez%zOfe22-rMb3v08z=jn zQh~8#pfIP0BV!9?P5cCB*8gJzM(vN$~*pX!5`cN9Z|$GkN5<(8-bnIQ%Mkij6}~Q0?a+z&=S9 z(B4R;9$9)SXyM3}7oAfCRA8k(9T^lMmo01-x=0|85;@Zd9bzeL-u|gb&qbh%@D%C! zHsv(~+YE{a1!^m1mh(i}e>o5PcngF}KI$OMu&;j*G?%Yz(iEA#Y1 zExH<2r>9En0h|zp^dUJyh0CZv=@Ik_EFe~1M1=Y)C+!o2KET|b$lI4J799cA0JbOR zF>!${Y!sju%4kOHLnJNa%AY4BoT&{jZi-+K30xW72j9q(Qqxba+L6-iJ(vxt!0gDL zc^%n=5=gzWfBhv39^i{20(hRkB(~Fy|0^S^#%p3rx&zQVMFB}VGEJA1RES$Tcf0-* z1z77ht%i{=W%(D~*~)N(f@VE<9zp)z8;!G@Dzdq zSPeT&lBKyTQ{d&cMwayk+~Q->lbGRgU!i_*0}+!k1R=Tf%-~Ovd)8(mTsXS`VjX$G zC!4w-HVvlvR0u3u)EP8^z~D$11kX?Cl^y|CPMB&dZYAsCxgZS)xYG53)x;BL&t9Ll zAG2^Q48)BJTVlW`&U?CV%3Pa}`|rx!ASNgXY6Xew-kpiH=)z(etmS|-Ww`@Gz2Hc} z)1Pol)(OoD)`+4DY|)X$tb=A0ljlVXMK7?tDfU*d3{QP9yK7T!0 zo#pVc?Q)1t$q&S95{$UArr6arK&fp>A7p-?wr5xOaV?wVda;=mHDrCp2x0V2Iw!tW zI(51pH?aB7;-N9LUeo1~7^OLFapD6Li;Z1c?IkRE{;0@LNDNE#v;X0pu0E>DBmb90 z@C1*l8W+g6Mo@LDVNJiJhaSYs0_fIcm8q50!fTtnJci(}x?n-f^`}Fb*)gl{zcR#& zdW(wj14q?Bb_ooZ(EKHG;UpqkQ_2}#NbCl=m1ZGIX>ruT3N<@hJs@c0Lf52uTk4d( z?4iZ<|DPfvd#R0HV@y$!Af&}BkDBcln~w1H&D4<~B+W#!vjI3Ae!ky_ zGu_l;hj3Z~jp_|NEUoR+i90*0t%I;1iR{oXgt6s28|q#*Z*)jE;JxywX`DcW}^$sQYspPAm<`W z{kSAfOn>VIi@RV@D$JmmPhoNf+Wa-D&V>UGJYUdLQmE3j1eeo7yprgcS6>ebVovuC z5kgW(vMIufBdaNYrWL<=9~G01assIf8eP$xaL8(o%%FQdB!R0XrMhlC&~w9m!vqX* z;-&S7V?oTmN=+RV^koIRze zvk&)QwUBcVG^4<#|KkbkK-OVw*RA{HyW8G(f*wdebfEOlU^65fzCZ!DZ+9bP!l%HK zOYLs5NfkTEg56_GT1QVM*02_`%F6b#~ z4<>%^U<22I9*9$jzmJQ)<*JUUQTa`u@>NWdc-GaUAI%aScSoNu-`!dFFXXREHscj$ zM2t*qS0xsJSFRKs9~y92Ynd0`j4-!OP6pe%vyo_0frh4Tfw-~A9O`THhp-`LD z&g{S-8|X7;tu^h0gp*qU>q11z=%(#OZ>^jofqX!DU#oQvu%@gelmg;1gd$y)RG1z& z5DT0!(#O)?3X_U2LR7XpUirBphqRiX1A@n70xy0PB-St7Ir;-`#~|y$nbf+exN7k? za0)wYZH*Ak5^*^4xJr&UP$9BFQu%HN*XtYdtw*7XF;~uQj2t%X!J3<9 z$}{(moGHj>_z$h!q51cgMvXH0@yM;#IalGuYc=zwsa}P)w$>Fh%stajs@kPl6_2_9 zX6(WVwv|>%z2n{{SUsIkerhS2+%%htH9jY%YeuZ>bbVFtdaL`#)fs!6SI4%QXtL6N zxbs@2kj$+o{I*tAF3`hdzi@`*#w!^o8)@#Z)HVsP*RlRL#yuG{NZ&e?k zyPGd9>pCOCGI8s7jwsGXz;c>Z89P8{Z$m%sZ&td}q`!aUfO?l)tp>hjT-wzR#RFM! z$UdlS=oF}jkR5mL6!=!>6wEAtO{__;9twRnNnk| z4Urs#jxrCaXh*PSRFN>?kKR8hvR}|SU#Fiy!dH*^E$W}uchL0kdzb!zLP(z57|g!- z-2a!cSM@`#_7|SGdNoz`caU^C?)gLNw0Z#j?2|PpQ;-$}*)0K2Ukp85SdRYkQ{$o$ zB0Apmgt8img#byH>^1int_oRhO;G_+iLNbF>y_QSdQ_eCWg)c$xg@|99oB(%$N9Kp zhCxG#06cY+31n7%UIjL(|5}_sIIr5W*D_2?dJZRg3~FI( zZZF(FlC-g?>UiP&{S{}-j3#(%ecln+oS8ps>l^LofHpvX^P$Ke#R&1xp_eHs|AP2C z-4rIN?2VDr4f_kzKPm-`u>X7$s1d{#U;N(9mI4%F>x?o6G#M2G8ZWwc2`7l(p3v;h zfNsBfdC%s6_A=3;L-5O86LfS$gU3>nreW4hLSYXD0JRmPB;9%V@S*umd{QBSk1qRT7 z;joX?zF%lBxH&4=kfQ%Z+nGo8ym#?lhD65@5t&jUB$N!HREi9dxn#_cOeIm2F)CC? zouff%LJ=XN%tOS921>{jr=rYhG~L(Exoh3E?mu^}d+)QJXFcc8@cRy*&u8!VwC|<- z;`^P27$2mbl2tu5aAlH1z)!ETFOTnonX^i1zyZ^DExYz-td4XbloC99gp=ZUr{CrT z5@Lelq(u5$wp|v#lxxKD^|y0KAi|j;Jk(-<2FygD!y^b*5~A6_L3QXbp+zOfdGP-C z{gZl5@m=q5R$+*~QfXa9h`aHxHV<@@^cqDdFOf`n_Gc!sEa46#V3~GdJ_f`kr)}oW zwdODA+vzbJ6?P*QB_$Nh3nhT?xSOubQ?`aOr9c!}1+^#S##vniwG=X7z(o3#n;+6? z4k%0kvMgnSb^O%XljbN9ic zl8=ny^1tb!C|o#j(FB`=<GV|0w5^gXd`Z53S3xF^3|OT{dkp7E6KDOSJ%^dNq*H4u{vts z*MzUsxchg9&Me^V1hA8+T)3H^K-O*F<k6I=ePsf3LrirEBp$|BZs_gQ?O4VYogOR%-B3LQDCM@T}Mu~vvcb$bY4F* ze${lt^uBE38fvs(ci?fFUiC5gzCgrhoR7RHQng8oPnjw%knOFE!Tm9rF|gt`s$z3V z2ZSFIt*?!0lX|?bw5dsr0vx=&eWLpqr7?=Th}Pu$*LV|@4&N_!T65NHc-=W@JE3L} z;PmY}I>PYyGNEJNkd26n=bRy@=gPpACmsrKA9dLvhp~_zt8UWagFEm-n$OSarN0 zw#W@UFmZfRr%P7s)sq@|CkQT+Zsf(dvaawSCd z;!8<%MENCidd~L=Rzq6PK8utV)Y1oW#Nd@r(i2ZyK6)?H?a=6XD@(}lx&lcGikXIV zPA-1^%_{QEQIZLkIdiVZ4k9}GuG7tRtr7PmIS*yAbLK8d+W$LUo#Z4*{QdIDt4prM zlN`SW4Yo9}8f`kwqQ49&_>2_N1+x@8H?87*qtq9`ZDOeu?fzHio z{$FUxNQjt&8L zRchnCmFAt#@xP50%5T>$BfTzWHma2d2-auuX#huPo#jHIVDnvTAD!`Td&uPvL=_!O zHjNm(e`4gVo-{|l)4)NRmeLtet5jCT2Wh$_5Bjrc^YFp_w9b4)-$gyW(Z251ohhRO zo?VI68Et8~=JDbXl`dUIYNos%-LD^?tITjojjKt&#l;T-KAs9}vfUIwSxB@63l?yo zpN87i)Y6)iHa9*SqbSvRoe8`vWDOQbw1ZX>ELeIMc0vPl7NndXQQ z-&4k0yG=lI6|JIeuw8ec~5OAn?PzhKQE(Xe;dz}fBBZ@W7 zB|2^3NKzN3ZkKU!#OF~-x^a2AqKoXB5Ng;o->kx@JqQ8 z0)k$lHNcvDYfr}s;e-6B0r1d_+q~I?L+p1@qD+iID_W*g>M*<1tdTQ?F3S8NdCSM~ zpa6~NX#@f=3Ja>5Wt1OT^hkL6DW?!QMJ^?>oH+E(J5IakQFDg;#7sWPj6z<^Oa z5S(rFx*TnY+Jzxz%Xc&B9;A(C=o+Eu6q+1b#3$#K?(p%!p*D#-3GRf{pLB;on$Aj1 zE?_R@B7ltsze;V@YLxj9kCuM< z4u%s;U^JZu3?AXAbg6*SMN40Qiq{GAz)r*g?CEF@6@=`IUzONzf3mI+!(1+p5G@Jn zMyx*zpPX5S*L%SF5BBWHf;G|(Z}{ry)(MRH7RG2Iv9aqSW}vp@rsZ{hK}JjE&_*=> z{$qE5{QKIS$ZwQ9qcQi&X0Hi~Me zv`(wPr-B{SIr-j zj`L>9%34N7;i#1pkB{KkL@SFS0XCLz6#I!`fxYnYQm#P)Nwl6lB4c~E{OMxXM+&UN~QJZV%v!c*;!dVM~sL-vCaGHd}eEK+^b(#F2XI&Es+t)P`FH;kT2t2R^CuogN{rRaCBV%A3qo z+o5d*KaR!U_ksa7zB`K;=!8lJDWKEyNwa2kpkOVnvsb;m(@fze7qDI1il?k$)kbI! zobOBPzP=qjW{knI``T!xMIZe%)rCJ0MjIG5$0>#5@_SP{56403+)oe=0n{na1!I@P zN=}*Qn}2!1VuId4=K@vdcP6GbW6HdFCYtes^QMFMZ3+Pkr(($4R|5(OehRWlz*HES zEn+jlJz2vS`H=HYIV8HH5kI~@0H1QXXIS72$Be<=93~#Q)_2lkx~Sxh4N7MUN@{u1 z1(Xv=HF%5bvDcy-KH?Yu`R!vb=u@6F>(Tw&`*T8pwclw*MtL!IE9*5RdU&GRJw zgu+{P34kx5LqM9s!3Q}0YO;TQpTyhFjG@sM7N02)c8kp#rmy;P^+@1Epi`z8Jshb*!u zn81u~o9$c7V4X`p!)pc{cSNC9q~F?B_8Z@)u(}2e9hwl3)t?d)TGHmkDRjf~G+Ert z0J?pt`uXm9>uX!y5s7`GSe_$gC~9kPbD>{oTeyrfZHa)bwGNE`B5lUBt|@x8vK2`GmEEe z-vlssV2r_%yDy>1CSRx}lfVPfbb9!ud8SWz4a9%}_K$HR#!XI12uSS&q4I zK}LMBaA~Y2o?N|bSq%Jbv$j1GjxS)Jg=vyeU|3ezK)>S!Imq-&+kJk%zR1i_^8q&0 zr;?!<8bT8(pzC~0G-W;&N8%5dCFbk%zF)4s^wEWF^f?{o)FgX=Q)W|*9zB}Oq!TR% zbD6BGMYiH&5ZTx($zys^_wbyACGp@;DV;_uFS02}LjXMXEG%T?%a1JHlKXq+K+DmP ztXFe~qvV}NIi0sVA+va)m`{fcLFa!I$W_#is3_4k`OH!1U-V@K_Bt6lr+`I~Tf4_NP5v zhVP?r*~=>HU}59_qq2ZwOd_4cQ9#H$r-JwGV!nzUeRWI55xOkSBnbIk?GvO)KQeZWK_1Sz*I67$7o>CK{(ikj+G;>N_CCb~M3 z!eC%~P7L?9j9b7>oe*Ulxx4@6P+s^5_-b0`G=e;!)H>(7g;EeB%DxM$KkM|87L+i* zNNIa1Vh;3T)B-!8{114PbVS;mTJvhRe5Wk({HwP)8o5k^P2b(&SNyUg!k0e3=po~V zOh8}oLk-|e6ILjf@p=g8$$5M_iWMQ@8&VJPl1zv+`Wph25_A|sE0I(&7uA0Ak4h=9 zP-p}y<(c){Cd?NfQCm}U8~T=COE7n_0L4lwQh4bkL*Svb~0yXuE zZ_ld{REpt=Of1PUkmNkez^)T1515z;_eQ?+Q(P!}X=v}T^ zsCVI={&TPDIh;}$F0{bggf$Y;3viT>n`|b8aAKaixv+?xGbS-{w=4|Xefh(ECUt7E zZpBM{siu?}qJn^p*cYyrjKqSIW$)sS&@+$@?qBZos%5*m%TaoRxA!)OaM+O5U9oG) zJ*=%LWw+}f;W9_Qsec$9T(GlbVuaqiYCrv@S)EyW&~fY}iH$7HYLz*; zCxi~ziY=*a%crfqPfrZe=5sTBDJe{Yjs(st< z#U{Ztr9ZC1E6SlNPz#<6If1q8BG`yH%zf(WU^!!BW8sscpEQKVxGe$SIp$t@-tkDIoDdXl_JmV-HF zKJ;=ZCto^_3f{jTfbHM7K;tQ6j&6b=6%^2^bq!4jS(Np|Eg3jSj%8y0(dVb^@&dd60U%U7!5B4?Rk&WR6hb~oH`H`m2s$W{oWCVUn4{YOls zX7iT61%P1DT!X5N&uUs$QA>@2lszRR9=RbUVC9pZRzVx?F1B5A-Mbk=Sc;{VbZ9NN zkXi*K0NyEggyV$AN;($9V3GnfjQ3%?m%#Vx>Zt@F;Bw>=S$Yi4A&9#d8xag3eF@XZ zV>Y})f0@|w0J@;XEHkbNJxFlelt#sdAkHv-XnhEa);Iqm&6Oe2S&iy0S!8%7tf1 zitE9WfRdu5Vi9r^)h6gTIX4;PvXNr6LxiJ1k4nd9jOR&^8%I|mp5A`vo?e&UkZKaf zvGjGI$*ooAq{o%hX-QUu%&Vun;mJmw(cC&})XJYb3sD)ggE-8sx|ta5#KOmNqWPoZuQWTM)BLvzIqKw!;p^U^ zwsc|R(%<~kvjN+l6q%#w0+MwppO8sSb-l}>EZijrGmYVYHYW5JEs5VJfLP?jS{j~W$}#(XklW(T8e%4$0)HAbr5 zt4s07?;~3M_*hY!w<+Y^{iuhLr!1T>?`AV`;b5$&`G zL(E1h&(J>_6RFY~9iA1<`)&J#P78Ih7a!}YsaK?XEGUz@D^ z0L{h19|e=g-C=>GBHr7p?Z?|#S=sB!N5ALG=~!kE+jmM*MKxNFO3ZKbhhn~-Ewu{J zBgKP94)?kNJz0G0V?tTd`QkTLM72{`zx+F^xVVwAHj~ z!)E&We0dV)PHCnWP7iZv(oli$-nv{nh=%7l* z+#07`V`50zX8mj8bTcWW5cz#?$ZSYf_wQj2R$V% zaHYNxq1j94p(3+HMJ3QNN`LGrefsP|bjW7HLVhXwC8XH|hcg1Iksvl4)>oZUfN#jH z>WL5=i=v8E4f+Wx2Dj(q=(-J^R5>c7I==X297nN;lzDZ^MjgvBjAk~QNO5RJT=^WZ zG1qX`=Z|>oFy?HXr!i--xQ-U-9~pK6_=$!AQ!UeP)S!Ss@~paq{!N)nzbc?3%TBUu zWo?qrO31>_?8>g+JdN2fD2dZo3`S@|Yq>|=a2HNyH{)!{B$w+X!$iv2fs_Oy>fNHU zbqW<5+XB^Sl=J48*H0fmzQd=U4XoK1iG%ynm?aC*Q&g!F7 z{@Ja3e3dIju|&`C(F7PGbkfOstz$}_y;OoyCwzfX?NM~OiYBo!kVVBG7o|UAG6N9<>pOq(z`wP zS7*f%w%p=FfY-$GJZ;UkJ~~yfCnv4!vpYctQj~Wdw#J)NG~wD^8TXay5*My1vC5p2 z0Ic>dH`__;mXjlMT4n4s=a#@eY>sZPmXEqu%)qxyU+rHxIv>R#B%v0aR;6wg`#B|6 zG6BhqZ2=sVmITJD0?tYS7rW?Y%FAEx>YF6;&dH_2b@lX?pvIJ*LnvZkA_GpJpAu~C z)SyqMKIguqnLKkVK$*z)WWP4o!jsArELMiAVVQ<@WCu=4ebqcAbKu(JXGt%fHVtck zmN|&qQ#+D=ou-R_1p8IrqSuOD*$3ihmq?AMtK=eBG1mCl5=9 zwd~dR*D1Bowm*jd?SSe6oWbeObv>7CQS&YW8RTZLQAFLp=oRB#0oQ4`z;54S3?~q5 zi_q1Vb+&aa&FTS4$tB$fs94v+jeUiLm^~d05{?|PDQ(#am9U7$fJ@%Iag^&~k{{(5 z((fSh2hn9U9ff274YoXr=^;zTj~y#Xis0k~1JP*+a1LBgb&JD7!gXy=FX4o`Mk35u zH@6fc_dc}pyz)H!E4dFIY}d^MS-+1`ovaP%F~Ri3EsnJR_qj%`+7E2CvI#V!gQ!d~yaHPXK}jI^teWwYT3h zBT;TCmAs+K=9-Noo${D3)D+eQg-32-VJ4}-QqN&Ux%l<|cvk%EIcCnF>QbGs`Aayd zaorm&Lq|L{LOpag_6%M2;4t$fuYzFYjT%bc7A2~o&uV;GfFRHbg0W3KJRt`60*7xP z7b2%`?}Zd^GMxxTJNFMrjNd5@;n4HrvgtB-3)1l*6SRbQ4(}TQdn`UER`#vNC<@uM z!iKr_WcRA2)2ZQ9K-mATj*`^V( zFUNB#{Q>n)&clea3O?=q$1654L9?c#yrv=$>(P20zxy6 zLERgijD61X%$D-X4I(;iL+ODSeRG#{4b8xOAo`pF%^k-bEXwGfm(t1Z=h681rRmd5 zft#q#5o`0?VW((cw>q^pO^aVy4p4HZHeyyLN}x4IAFMC3TE!-Na&u z>rAWU$^*wi>}G)Qd9EvK27(a+cJl)$z{@_jlr%CxYZ4p}UAZ#v-ZJHW-5;ZCX0zZ; z;oC&0s%^#ovy*O_lXBAA)5r3iIvOnb1Hs7BwbPpx>AX+V+oGW~ZypU>mt3_r;Tmh* z$EAN->z}h_+hn~5pE^F-xN+l{#?~h`FDz$ktbbJu{)T!B%{4KZ7Ju#D<;*uQ|+Z}D&HZD5jmAfy+;M5D=mXf<+H|XKe z2-n?x`mm^xs&&=5{&xG&oRE?$nph@+b~*L${!hit{L{bpN%;`5TYq_qT}qE3f0=Y} zn$yz%_Q-q%$JoX1-?izte4B>n;vI_5J+Z#T|K;OxG%a!78R4~{B0CRRx&2eI(X*@H z%BPeRG3L8dsNeLKS^YI<@p<}w^bFgyq{eZIX=`tT;>7jex+`tdP}=s%P;;B1Y3s)P zX+@~gL;j!tW;w{W$UhDZ^qW6X{-|-$h@SF=*0UYIWaVrtTo~hMT2rUw^0&s$&Yh>J?P%Y)=sHp@=EwefG;(qMRqs(&+|D-X5+dL3VqR6;`dTv@m2Z%m5b z{r-@9Vz=b$8W=qrYniOD+eXnvLCsrv-^Q^qN4$K)En79(uAp)F?RloXzoT7SZ)H1;gdBsHOA9WW{;V`@)wIlh%0SvDL-kPGf3MaJD9No_ z7x5ul=~0$O{kPkxHd&~Zq8rgBAhYeiwd*fDKA)lB>+N8gnlsG4`GuB42X;JvXWT&j zjobbXF}XkW!5fvgN0;UltSM`0VUxF+U(nTJYp7B`t5X}!fAjpSAa!!GG;UB=$e z9XR^$%2jsfFQ!|RjrDyPS-x_c;$_$7yM{ZN)`WNb(#PG)bW!b_%2D=>vW}@-vl~#exwc1;w!hMRv*VM4v}x@F zH-29Mh;Tdk*uDks%O4%thhmlOg+iKyX1s`WR@6LHHefu8gpSgtHaj**6iTwU*d8G_nL<|82wg?DTm{Ret0Kn}gamEEh*J(^~ zD%YOedG2Uo^QZRP)Qol(5;RD;ML!b-6=(7)1z8a2n54XmWd^HuDq5H@!{zNcpWmz< z^DUj6^h^kxR%l2jxd(Ohw-js(?=9^aOj=53^lDJaLcCJ<06sr1_;yOwj(j?3e- zZ>?KwE3+DOnzQ#FRE+dFLxUkB%Bg%m<1LdZLSQ~=)crM*_b+lnM!s@jli3NFEi_Ea zjNIJ0F>T?Wv@-P>J@wxDuf-jY&)ALZ&~Z>~t|JLNS99kt%S*74Q3MDoiT1-Ypw*mg zSl>N+h=}cO)do^r0_91j=$@%h2`uD=3=a8Db}Q)$-%^tbQDgB@BOVfUxOLLv-+!kdEl;a8q&^wgMK$53N0BgBy4>-@H2EZN-`f0IQeXSU9zLwdAPr-aL5~12{S!{`T5EWAG^>5hy%%^B zqP2^K4N6lQ-<`Y{^7^2Cl@y3!!)nh|A-6F_r;3~`?&8G=dMjv2(mWv0EC$&{j5)*8 zM0F307_gDl2h{cek!3H;wj=G zj8H0>!4s&9U=@}^{D5J^WUgc9+&=9zGrw4AmFG0rN;Iwzxv4I% zx5TZ!jG$tXz5?6PBSTohVR5z>$|0Gn|-w2dGb>^)6)|v7oDjA z7e~p5QksYii+sEIGL}9=nm3+KiaiR z%Wh59zw=Ga`FNvr^Y;;jE#`c*KKsnz(j?QNDpo;EJ{EEi8(%JpI^E1YorVOUa|Uw& z3DY87$fKeJ8Nb8`9z59CcAs>$oL9YmBz3j6QH4`R1t*4nX#`&EXHE0kva^|+&mFk< ziHF$*#%*9vOh0$IvLDITCcsu$v6e89!G7K2#Xw;Z1Kd$K;tBxHp?{_G=lvGekSG)q zmD_&!^k`py^dv}Bi$|QAJlaoMuBzI)e#q=y01yX>(sy$+Bus)#$jEYY-G~fT3(3d?M`mR% zW2%OYFgI+X;v->H6w_ZgXAzAN&TqI z;8`ai74K-G>4Z0>R55~S%cvUmd+d69x{eHI$v_e@HZ=9^P*|uZa~=}~g<9}MZPt2W zjhGB}!}scduXQ<*t04;suV!0jQGzi@ERM)cKzJiQ>79j`K*vI@AUbsbcIGlSg6fO7cT>(yoAGSZQ4~rZIECcvj3ZW@}R=N z1x11pAKw&X9#&0CV7lV-7cPJxnCPXdHZFSi&%Jv+h7U&$8@Ddod(~4EcCy}$B3q)f z=BWUB(BGjQp)6uKH=K++o@9U6PAYyj=NmjRL>aQ9qJBTgo6hmaR?O1m5cB2bVtFH; zkfBd0e?z=B5b*}|A&e{M7%z~>eH%F3+9Nhxkn098V)@Ib+1Z7M$97lh)z&FhVjR(r zNumjIezr4kiT_{~@FiH>o`95WbgCAn;I%B|Y134@ZT|jw*~DUjf&BbTgBG{ZnqREl zsN1{Gu{zForZqa`^J8sQQwDF$WfMYU6&)96e(51x7IVN8&K~OmAipw3J`i1rRdCOuwMHPEfpr!I z9L+fG*-`1s*vRtrrjS*Q{EP!k3qSyCib~%!kw}t5i)&HD&@*Q2TE6R37yuA}CYnZ( z)qvL$Q=?4nM)%``X$?;uhc{n)pMwfWnSfzf{>d|D96s^ zwTT1uyHCB*ba8XbOX)R#^s8v@cJZ>q*ndw(YE9X&p|0T7BOkr{xO%&I9o1Cn#ogdmi|^;Ye*Ms={8Z()NwqD%KUnh+@iFyznPUoSw4BF}k8Ik6typAN zv?|CO&8J60fIDudPpTp+P!Ge)+L+n+O}?5I#&W&XF1V0YxQ2RPjN zLrixsUq;t?Bv*b7>SU7saaBvLkuyrptxg^AM*G8s^z>^b4X(K7-?^-4lDu}sLI=M&XRb$@&f7nKWol8cl+^Ne-Va>QUsI2G?l^gVdYN|o`Daj! zOkH<%G0AqE{L)}d*sk2@>!t0&&HCVoWa&YiLyI3gcTTN7g}N7I1j;0iZYY zVCNMY+fq(X+E};0rc6a`vgyz(5xS3>k6afUWm0}B`^hSu;@7)BR6Llw@of8N?e$i~ z*#5!X1R>9OKuC|!D~$DOC-B&II!UoqB%v|5kKE_ zKGOWpkl1V8wv1}MsAEaHvfBB9AtNiJJ}#Ls)N5YmZ;UK!Ow9Z%$jRUg0R7p|puS=2 z(R6EB`fjq}e1IrvIHr-oCCi1yTi9S+rHxXbYss=Iui z{-{-%>fz}ps2crlY1rhP_I3-MYF_yK+H6$V&3a#t&U!oM`fStg(&FJQ|NF5I#-;8I zSofn<#k2NVO*G$k^)U(srJ^2F%bh!HPquP)aOG9thqo-rrJgW12 z_h`s%|HOr4-Lp1ZT_wGa^nvR zu6Atgv3%*Hf;B5A(|HEmanSWFJ?ehA{j5`=i(Ia?_g0QGMGJZ;|mdXtqkrE`XE zO!unq3ze>WOpsq!|1u2x?@?()Wc>GjY;*3~R&Y(e;Qz}PZcI|zvly zq&~gBURi6mU&VO4V8%lo%uK`Y=(JsxJ3lYecX_IYeW>cya^;2V6`jv--=g#+t9?E8 zXQ|UX^bdW53|rfQeYZUwq_y)`i-)6?_iNa@YhNv&nXtO@Fa+%mr zE!%&QYgpvjRZ)&}hHwAx`?l2R^mEYnUt3k@{wr8P@tMM)Aes+H|i z`SzXKrcuwbx7-Lc?XR-rq3@{of3)qle5n=iIEV0WKRhvSsKXsjKW4ib`zmun>Yv{~ z)*jQClGnJXe5}n*ud15`g&pG+m&fdjZfzB0*;q9uL)%LIb4ADk_s0SK3TiF)Ef(#% zu5LQby7SNu>gw3yBCsSvhmIlxg-*Zpe8M(o#TFOVMU=;a!L9Nee%8QRdCd0iz-bJ5 zz`u(QhQeVq01~mDr1y>=&u$7S5C&2MiwSZNwN63RqBid(8fU~NC>3x^gX(ZJXuEf9 zX-IbmGaHPEfF2wOH3KYCr#bZ4@0ny3rP=Y=x1kAK=PVL_qUL_51>V_X5_OuxxIT5s z=pyAUbt_c}7O>I-8)ZmU8xTY>P6}E@v2+_=_%Zl~@BH_RR&L%b8Syzc; z!h|;RLkc|?Uc{3mu~5NsuriT{WTDl@KWiMIGJL(F9DhYs)x`h({!!_;pmf+JTS3no4zw- z(_#Mn217UK^P{Mf|I}{Al!$_I^ovNS$*c0Z1OP@p@Fs-I!yi)#cc!bE1CkzKCnk>3oYw2u&ChQEqxlDD;ycS zB1UfeUGAQs0MUSB{~cLtzhMlK3tA_U-vN zn8evmgG`A|X$Osjg4Wv2tuoEHX+7gIHlh19Qg^#_nTSIQAqzFTxFtJu7^;<)y(^Xg zm>V=vV5@X>@Su+_tUporqfbP)GeBz6dkcH|?rBJgtS(e0`OE! zZIy5b!wxxRJa#4SFyQPKUMut!$QHo$B4^|r&UXqMyiy%l5mh41^Jugg6tYDmagoO7+x~2Y_lQ+b zhw`oi`D(C+t%AU8B-|c40D1P_;$QoV%um#tJ^-kIXa(gF8MavUX~Bco2Ds~iB#>ZL zX3~W|3J>G&pUg?zxW`{)(?Y)e@Sz09KDYNX-8!7Mp{6672v9)|(QuLy#ZVvI?N}kF z{}?V?InU@nF&CPA?knjSibrcd1YcPBYBZV zW)Yy2Aml({n5b40`gR=+G-C-xx5T&8xYPh0uq$g>FO17ox{7wvdC;RhyLK%EN0uNX zrN(*e9?WC|xbSTyXL~fDj{{mXX;$ep8Ot`Z{(rdi{!35{L`u%%rpIZTm|wSJRSmQY zN(KsP31g)@OG!y_3ZJxQO|s+Ip@EKCnwqq+0D-T&uD$TAm*;7-ik&@r_Dm+KSK<}2 zB8TUSBHtnDX>kmMmdgWIeD zB-gTP!!MSMPZ}t9ULXuL}8&}Rgla&I&#Dh$V)|` zf9DpK7SU2Od*jd7U;a=Rf=!2L4=xSRgO7z66Y0ijfJSl+MiY2}plS(V6G6enuIIMh zNuB`NLF58xAolN#yAX*>L$yAcDrV$yAVc`32X6y5PL6*Nxi;?*D;zl)?ivn(j<~k* z0G*nJ`_gFuPEv##fDpVyRQ_mM8W?UFX8V%e1OrHYqB-!LU=qAn5!hu-klMHTaaenY^2Ok>Jo2@}64;X+x?! zsqECpA))y5EavU7+0B|2`s6&)^!zBFE0!4dw`&+T=7pQLnr#T1TGpA#h^dh3fNT$Q zErBxe!I%Ktfj&qy5H!}E2CtZpRZ12oZ#+ivNz3NpU}E4&@VLmwx7c5H1w6SE*y0GqexXEE?x}lxf(CYoE(~k#p zx{VmoIsSpi)5|o*f^`0w=1~$0+14zjx;>V*h~s>Nj6>H1ZyfY3wo_Wgpklxbrn%=wCTz`MyT}@;ww_%TsO^)lupU!TZUp(6E z+5?U(M7NV05qC5OJss*BIisLCxUFJ+UHXpgN6{ujlj;SqRg+vjI|7! zj*84|(IRay9zWt&7_C!#U(>!<^Gc*rTKW&+AJt7<)EG$M!S)YaPZVAoA-+)D8aLqc~a-d#=xEC7o23hiBfF;36b>TwC7oXh*H`fDV#WN+(M25?;ShDbZZzm z_)IpAJfZ_ke}iq5N-y82Rme5Nd}B}{B4X|(kH#`@kgXobO%61{TfIn&5v?&0J%6Dr z_y7J{G;L|Fr3}L%54j!VPN&bd#@h;HDKHn665o77<=X_Z`uPy-F)Y`F0Handp4u_= zQWSy6oP{>eSPeU|r<=(E92snUgJM&90?PG{m)IWS*q>)D7zn;i>0_<5{Aj8dUkB?uwb`YNF?xY?| zZG>l~a%1}Z0RzxN-wNoGNn!u!qQ~j;lj`Xt*;T-hc{-D3&)#nr0#A;vbQhR2>N%eF z*yH1YOXbG_7*QpmLOuFnYFzFBE@H{uP*dCh{9c>}FAW-02#<^e9{e%8+0^iWLl54<@e{mACfJs^+BeC%iQfVTjGxf$c#qz5 z7KV(u^?LzKEwgV5KUL8-wH|qV(!UaM@;w$)*oMjIiNE|^rZ)69}#E=+Et6u z?w&ANvaxe}V2Z^|3U6_mJ@4} zEmfS_SR%#Ci6j=`aw>DLWC`(haLE$G!Ag-W8WWmKcg0e~eGtbIm^9Ts-0b$j5WCXE zNQ~(wEM83aU}JY+Yv2>H{fUFK@Ws!;t&D3lHWU7wuRJokrOdFsRVk>McIt0QMz8RmsTY?Q_q1F!&>+(GZ3r4HB(l8efir5sZtdK6o;D-6rE=} zl0EGeG4uoB9>rusY|KfHV{NO2yw;+a5Q3FgTW*`I4K9r`SmYGkm5GtbqDnzwKyQ*p z2E2sFb1F_aFd|HJ`v@LbAFQA6H5n#?yR(aQb$=<)vVx3{6ygSX4Wt)I)-?>X#F(Z{ zpDTe#63ESvcx?8$mR3QKw)LzP9$fkxNdOhY4sST7Ks@RDMWDjI+tWJY z_OEK@k5SS$8o*MOr_F>i(NW98l~aUsgYfX|O;rYzM50c193(^56Rtgyv~dI>`LC-b zO&jwQ1Sm7BJwI-Ip~Zb7u5!WO zBcShw0jri1doa@#&lc7v8aWOkPwg`$GMS<~bTjQeKi~XLNh!wcL*qkajPIltC4l7h zIlJ`JbhgK5WKyht35#m7|DGi-OZ4Tm*hd@Xa1T&4fG)hQsP)AJ+NaOB7TyY+S>z-v z1SKzPkzT6O+|1S0mGY0HQ%j+5ua2`u%=O7oo)MhB|H96!${w$mPwZ>eMq&wwK@g`O zeIX>75MCe`zcpR%j6h+Q;LW#dzvNAwMB_vCC6Q&~Lg#803{v-?8kRsENEF^YX1`oX zSZ~F@;O19Btia8jKYt6ho@`;xq4Zz(Z19c_hSnvXUkR;A2gpjZX=Jzs?TjyVHlPfQ z4hw||fxGK9`(H4N`$M9rbnHmCsSMk~nO$$%5?fcc@Ord!Wn%tLlX0pzsp4LNp@;FcD=!;2VJMd12iHFd0TyC3GZ3lx|uW` z=#Tt$GdZGolL~dHe?^tDSdnh z=ty|jW9_~57i3ryv|?Pqu55@&l9i}eS;|zT+C6(>hhjq%V=&eN_AP9{v?2T{EriHq z>UCv3G&RkB%%N(+aV{i-9-Vz+shMN9n5(^q51&196F3?vImx(oQ`}@QG}LET6Pj>p z9P|oNQ6~;4lZ`>up9=tF9pC9xHmRMI%6Yv*IqJzz9~Goc5s_c<^K^|qiX^>UG&f?&& z7iVtxy75Eooek^qYaHLV(A@nn#nnuC%%puZ^t5WhDyOx5g34fRn0nxJy8QX2jrmdJ zmS4U+cg{VHyeU1b+JGQ(Fu4s!4xhF%rtMM6>Xn;}Z9eb-?(8z4di^@51%T|ah!t2t4@w`b*=DSQdLy^rPh<>95{4v23ew@61iv! zc)yLtqVsA6;I@AKIV1JytuKF|4FG(?n^EcdpS=T=s9}eJ_xrV0noI^V10ekT{SPtg zfyTSC!i&`;IS`vR8MF9BV8*$pn~D5y3L^;7*wI!~q)(0f`lNV`JnWtmLbotl_25Bo z-Uq{wW4IZK$C2ru0F4R9k2eXJ>wp3hM5;gL#b`h{K8xYfL?~F6+7&G)3lJ>k4 z!>1OavI58?;BdmSWyFc}(@OfArqOAYjfKSyyAZ$)sj5JQ{J{gT{Fi-J{?WC$`|jPl z*@$`i7-rQ~!5F48yyyOi35rf+WAz8jsGHJTYz9A-a}^`#lqsT_$P%Qolt zSvXXF-?-l=dhBWAUiA#bo9u1DEjqV04R?-d_P=w!CI(k5fUsx^3_CP$@x7UU*#WTb z-(wU4#}319R<@^H2=TLLXH1Mji6C?=StgW;q=NtQ?R)?!rD!Y}E&^xkWIS7^|4KB8 z_<8|hERQ`~K1e-mz=DSCD_|=}gXi7I&6XT4ikO-4Rn3Y$c6_ssvcivO{!0>^J=#r`7z?LuP{3GZACj_Gd+|CQRbdrIg{D|wftfhS z6AR`NF+it@6A9=idGoKIDjvDq1X&jGGMwy=@7#R}2|CDtcCqk|9h>kzt3~mPiQ$8+ zT0AumzU5O!;Avu2dxml@9X-c*d_u8HS>BQV(#*z;@p%%g>eTM;KmW)CP?jvO(V+tw z@n1b!D1v&Bduj=c}O0Z(1#j z{FVC9&|<6e?w!55cDR{pZ}4LCF+cwv>-N50rzqYD?+0Hjwx|5r_V{}DSe1fa8-DsJ znzWc#Q9Z4o&rkic-o;3%g_#XAc z@)VrVyzIWY?cNemb_0lHUkX^NqvkBCvmHB*Y(1axI_8Y~@b&$iU2gu-XjjAK<1f8A zb8=14fl;mJ77k2b{bFrVRiCk1XM01KPy9{j6%_hib~JvUxwOV1s_IGqx<`+nekk>L zw<5oILSBV^esM)!1^>LZ%A=3jvwz5Cp$HKTIslp7@%HteClkUQ-&cLV_^p{+_6Zu> zdm)WK)i#>Y)i8aVra|-Q25(*TFE^;!t}%W<{HTm?8wb5JURyTA;d)s2|ETF~>MFO( zIYq->Wt2?WY$G<|GrAj?hu}A3;f)^KOqFy_9{#qeYc1c9e>lO*9$@$yZ`v~)Us8#eH-`YCq0b|^qErQsj%bhWsSL4#=8AV{-4g5 zcX~S%X1<&nrDYX6{k{GF%81{IztRlL$bvM(((^h9wx=#U_$I7Zy-jBSi*BQBMkVe= zT%mFj@&6v{UNQM&b(+_Vwl3`W`%88={`%y{+Ui&ETlA-DE+h@SG_RCmj`=bp0zQgW_qy%-<=H9GjY z!ms~4AKue%quCM;kaq3mXRl{ zu=Y%ytne*5DtWv00gntztK#T44M!^frn%#ET6a9Wz%wcA=~}J!!DDx~^HvTkY23BU+)|-y9bS#F2JCh5j?otfPZue=k$;V`EzohKbWB(PaiKSH=$DPNA z=|DX%uV=$YciZv*kL3Qp;@8iVo^P;C!+sVTuYHSQ+k&*={ozR4qp?I@3c{cL%~o69 zjI4x{CkN1)K*!upcD#tEhZJ#ScO(W7N>_S*sG4qX9QnfvcHp_XjzZaz%^Cn1nhXtf zw%cCbgWdcFs#nM*W|NPdH}6H7-u)(4XX@`6h%@*pKMF$_;fNOJd^PM}a>(){kXQi= za44pWh7^NL{ry~u=#jJoN~eAe4ROJc3qrATZ;5&Qg9Z9wlT~vUtUv6vcza4wFY`C! zO(QfQe!Ugjp{6e=Zztv(e=_sV9$q#m+;vWb@_pY`Ig?MiUY_S@sNMoUs}LO>J2HAP zqsUppLcs6429{ntvHkaRJd$%gS7TyaE-a}6B^4u6EA(C>LTBKn*v`j|gSu)3PJ5$B zLsxeXJrB+=)L}cuu2F>$Y+ST0dU}1RnPf=uA9U_q^(Xi@V#3^$GKav&ETW#_Mv2B% zn(1#pm<~gBiQ^zbDQ<(>OB{}bEzY^x8`=PUy2ouk_tVY4e#mfZvPDE%1|}daEG6Rf z3zqFHhAmq)>&-x`AnVW}gD-BZ9DU-)nU$?V$hxEx5C~MdY=X=2Z!TRQHa5sWZ>TgqeA~Y85JCP zE5Kir5H$L}Oz#9gLMslyME@o*2qs(c`jE2C9l!l z&9lc_S;b&30JSwt&1A?U=Q(t=($_j`gPs#raP@J%58B*k;9aWF9vxq5SL^zNa7r~bisn|r1MDFilp9{&H!|S z8{%97N`vkuCL4zP(xoo@?n>}+(dQA*Zr)9&l3DzRIXs_l=3qo9uEw=5cr`M8KvhaQT z7Z;X>D!RivNa!$$fa9sL0G|POSZ_p!c#_Sy1k;Sn50^j)te^mGmo8nB5w`RaUx++C zAW>%Avf_|=S%kDuAl8S8Jvy~rX3F6zLai@$9m((p5v@;~Anm(8&s!$R{QQnxZG#l% z?e+hf$$WSQuTQ;TO zehjaw%~*v{?wf7lNLvqUw<}Rg=fzL)K^qLvOm4Iy?MGBv``34>26`4|7$@m8r|Dh* z*hd~^x9US1SIn`V@w2FR|CnDHysxC@9!W@O@RB4S#?i6v2QJ*tyJN7lXU#E(pUXb} zxD#;mPS$>h^3Tf(M^;7DYJM9T>;|7g80_z?Q`SmU%13jRW07<0$eNRmPmU|S6@Rf16~JtAp`#q#^XeQHIR@AUU)V%dMx3eP@^wfzMQ$Y!umpGHvq4C z6}wxH5iwz)oUyU7p_JOdO1G2u(s;?JMghEGuIjNznHvM+wtRWH@8U$d@ZYld2hX1eWEKmV>+^$on@oW}oXu*5ktg*Q=6%3D`f+#%5eJ@^vUba5(UIx$xX$$c5;BDip3r{6v zBcPaGO^-l$Dx(vRUTWVxrgAECv@nI0g%tXg@guA>S_^+pAxwC2HfAW^aw0UMKBexo z%<9#%C#f2+=!a2eGE8NbF2PKY9TEh+v6oqf3-B4VFKp&s?Pl0~UVNOn{WF9a4K=TN zYU)sgAe<=E;-?`ZfX(1V%XeVvjqEZwoTw6MR{G9Nf&hS!pNM}EauvlY%qw}I+%mr3 zde)U3m*$Nd3I)Wf2M&OvNBsdJ&uX2qz0>g-iPn{Q#AbAz%C~a2Nj8xfg34ZBz1lTj z$DzjO)(UVK3u6ZV2*I0J*m2X1Hb$kLTl#Exx5!qI;Q9_8E8G0jkEJg}Tnu)OQS%L+ ztV~uoPl_zg&OnQkCIuP=oAa{}><8aDxGIq>K9(p-@>!=AHeoZRVW>=1n%9r?Vq&Ff zI%Oy?AqN=}mi6oBH-h(?l6W1J9lvhm&hs7HiSRo{XP5dks~{0o*InBgx8CZ;_N2*4 z;k-jrawnU&MMPdGOAUJu0(hMG_k4XTh*|&GfnYQw72)=1|0q-M4ofj35W_% zw-6;OP>|$E!b^9+XGCu#{xvd<6<9hDPibVs0-(X-5fKV3{?inF7Tfz_Lhac4!HfX* zE;2jeA|Jhh?%a!^v5GNDLDzreX7MacpThx;sTL5Tm z9?V~a$LS>b^mLn8$JQVbz)k-<45iC^tF6khxpxyqzGTQrdJhSa*(0kvBRA-^!iz^HlcuzxvUs`=-u^r9SDhL#fc#z{ z6;_=!#S`Egt+U|UIi#Hcfr;BuQttlC{FTe*m2qVbB^!12WJ3D*E`iE1FDzjHhBm!6Xbvce z>}0WXhVmL7*iq8h7!@X3PI|w!+S)*_b_M2*psoIcqP`t1YpQdo4(hy#Q4N9g`qQ=J+DcI3060qtW zd6I>D4_*~Ng$UMWHo63O02@DPWTh&ot}rWru#l=)k}mQ(YECTbJC@^auu09eRwy1Q zkRc)+SFW5MTsM36YzhZJ)FX|W^VIKnH*3ohy;fQ=keY|3%sl$w;O*Du6R|qynI-7; z1|Rf-@q;r4lkvm@7WX22OfNyhPcOKk$k{kR^Ao`(>{GOfk#I{pt~7f1Q)kMsAYb(NXlnZ!c-6M~971UqTl_U!?p4JZsnPQx+p{KBgmt)--J zJR(L>VpcdQ*v@69>>}F|*rHDLvA=|)5x6r9?Hkt}{4fUlD1KP@g-p4KlGk0owbFoq zXM2=bSV?Fk=)Qic1>@J9Qj!@DginO9Z<88E@L8~$L*}gO2*W^u!x2lNLEXx>qNJ?M zS?iEuC+?^Q;%bkM-tzWAJc%lIZr_$U!Wh&my_!gvv>2KBw4CP<4WgWqQtZag7Ls$p zu_9suV6I!#fw$-V{Gx`iAgy@cY}6UUR^1H8vBzJEd`R{NevD9IvgV;+yO02jBkSnd zpY2ptWjBFj`o0x?5n*kL)PwX40(PN*k~~RX@6CIm#<=~c$ROYlrb+&74Wn>JqZyPK z+a;&N$e9ryl}{mA;n!vB=TXS+o2+XL1)Vt2jrIc)d1mmW>9Wq!%egtT%aGe6}?^{f9FVk8G|9qWRdO%DvvR$)= z>nh9fn<|M@n;6A~TQX+;b(TOPkh}WfAfVJF*0QA>0(`}z10*UFG)3SBPr(^-ibDNA zGoLMz0F1`Geq@W!B3y_M2!gqf8}gf8B^^7KU+Yc27&08W90>qNVZ#B$X5U zzeH_1r~k%ZIO#p6D3jr+P$!ZIg@KjMgi;g`R@ z9H$|X2hy^o%sfR*fpSIkcg$tx4-~KR!KC^pBNhCiTS(k=HVKv*1(fvFV$}x5C*=PI z8<{Qcd)CH(+Q0^5E==muvMDe{S?p_~?lD6VPAI|-ZZKLKHi09@j{TSajw%v`9#c3l z-cc$DBQGv}c2R9BO|~MYRW}mF2fMIPD0o>(CV<3%gJ=$Cf#AaVXhnZG7y7#2v43iB zP3PG>;f~Z#J(jl~f|^}Q*bJ%znko_~`d_ZmoN4dU1cf@8qQ0V|l%HJv%~m98HAnNE zXpc)t9#4O}7D7;Lt7x5RI@p5bm&0o}hbQJS$+_iP{P)bG_bznv{G`A;k=3@0rj$`Vmf*Z(+?+K_E9$vZDLd&2)0Q0i{cNl@334UY91r zxO*JXJAppRD>>SalqC1r#hl`qQ6_^19W40@k;=5s>%1z+xF#z^>-1 zgz%Zmlqv+hYSTuN7NBApAcs8SVduOyUyb?fx|zI#j8C%*m|QkS=bR3KAT;u)PzSwq z%$iMEPcpfM4RY-cHa^sA%*j~LH=MLjJw59d4|(zpI8|rPZuG2vz6?-3{dth~k=n^I z&wVL%(4bJsY1y6P`O!l=t(FnJriQ8YPt^O_`7svV;&qg;6AFQpS|Mz2|dg?s?w#e%|*zp5r;*IgYtC zx9hsPuK)G_{eI{9J-VB-ChaC&9AwY$kQ)?4CucbH1nEqiRxKqO@Cl}jcJ2IOv_Kn} z8Rmj{>^GwK7Qdad#XXma3so?0UHp&xVk~WDocje^!64OMEAv{0jtC#MCLrlj>jh(M zCr&3={1u!mrb3B>MtYtJNKpyHMjzQL&wn(a_=Sr zo7pqoj_B34ITegV1vmgf&|GwfOT_t89US%vX#`#ib1ttQbvm_5lTqEo>7D&K6i+3e zW|eX{+oq)^_e(#&u&IlXn++>X%@r2@rAu7FoL< z3^9M%S?w#q9;~F;D=iu~;{19#&qMf70;w>(9|pr$u)i7jj+-$3`aY#WT7;T6ZR$ za3>DHg-ll@xTFYfCACsHb;-KY34ew+U!S3UB?Q>2j(9C99XV?*l%9%J;3fcUT%2f| zvq1rC5~qjnU3G=ES`r;LtH~VNMOIvk^C7?XNmKq*T`SuzPi~`q=~(jx;hvF}{uME8 zd+0v8y`&)4uz7ZySB9$sA!Kb?#^O4UWI zodLDKD&;$CT)PMm2Xw`hj~#fzzJ8SN*xnZak1U2ADY}|L@fSAIgeb5rqG*ukvfibY zz)^sGZ(RJAw`WU%C^OL_NQ4!lkm#&CWL9F-Qq?MYiSDY4oKsv!iAaaIFihcI@u!%l zv)N_9g`vIRu|E`P>@JhY9=+5D3^>cq!MQ1kVUz*l&d9wws$0uuZYWav4;j*K;&f~$ zB6;5e5AvZn5jazpFumivUc0u|^y2S9?Zz8zYGU+aCqrgj+}qn6r0z$NzMrR5{5(5C z@AnTnNAANw#KoI+vV_qoFvPk))^zzLBWvkdH>^Y1Z^RP3MG^q4@cJYc0nV=UdIWyX zoZC2qjF7x@4_CAjLKnE7+N@f=>3T-HGtNM&UIa=9k}N@-LwCXFNX-!Y=LJ{%9$h@tX-wB1FYBnSXWrMTFgRU57|i^_0Y#(S4h>)BW|P`2 z&L2rYTAkHmlFI`S6#6!_-(vJGS&FG20$orMac%5fT`e!G_8QyRpnc1eI$`3)ir0Yf ztZq0bNj9aUnxYHb9bh3}`3kY?yfIV_QMAM@*L^EnlmJJ1tDwLLZ8 zGJO0%Py3!ui(p=q20F2_GYvkqrB@wr1A69&v2KkJ&oT9^mEq@<(*-h+?i(+|QoX`O*gyuykQGO5h=8 z6RByE2~Q`;Y2sJ&A)Q6o$NS~xpcxuh+pQe^dCf^h1@8MrVAZ0zq6|CL>1x2n+=rDd zcIoa0i=haV9=Diq^+5e;Q?Qkw(T1-msul@Xk&Ji7G zy;rY2IaoE^F6v?R+f^5H^!@OUfIRduQn|Jz7oQ`D{Slf!QNKA)Qabfs4(XFAKr-7F zUK$2pvS+B3u8Gk5X#V-4tFtM$^Wy7WFy@=O?2R`7G{bhaRNb+GxGA77pq}89g0#{2 zv*a=7<2Zx;ie8L+o(qF<8T_WKyu4q}Yy1v7$8!N62-CEu@7VGqE?(@(JA#1A!+@C~ zEdWsSL|`*8BTgf)zqIf#rEm2R3wFtq@={Eo)rVR{3B?!l>Qf~Yeu*075^?pq?wlCf zcrj-y`R7hfnhXz|6lX799FcOujSSswi9zGy6bU**iUicj4#sr|Ex+J2vIiR_$;LB_ zyTDEWkd(w0;%W37+?6T!xHAEq;1_}Z^21ILzMuG%zknLHXr{7$AWx*D=XR! zCtssToFzu*ycEM-E(JgZgA58EmM}*;Ml_oW5gfmWc0(IPa_VjM%`;HgBe8)4W zM|ehQh$r_^X&GfUM5a>7iEGkm|@6`ej~AFE8YL zoc_?x*iIkj=1zqTZywzV1p${$3bniAIO+I;_|Oz|rORHxY+bwd@@i-H)hxVm(V%gR z!W?+?_;F+TCh+m@ZT-oHBNk+z;Ms|Bk*w2f! z+AO=#mu3p-T)G88r!cbg%R)FK9LU>m8G_g%Q3)9_o>kMQ!T@U8N_>lfkPRy!@acYS8n zU;y8tl5bL4N~>i3^!Jw_BWN&TzsV^U7guDB4D`>(Jj}o^zKtpcPyP?{ol7SS?3`XV z*5E_c5|5ps8a{eCPZis?6?+-sw9@8N+Xy&BQ*iV%nF#682MQ+?>E}E>`c^M`-+A|l zTCOa3ECw&LC%y1LS{3qOScQRC^{?lGwQc_x@!`4U?9*8#ON7Udq9!Dy7oD46DWm$j zRC#_|)4$a9&wQig*GvFumD!$A5;;v>rqccxt$S)}>WsRI8RO^y=gfjJ!Yck0c-Z_+?5hdOFDtr)RvUb2kA(Qp z*Uw^ZRh~nziGK96@+Vl}%e!b;(Xj-st z?fleZsajuZhHtYU=-2&5N~iDB%;Nu!Fg>J0xasIoJpvDRG-{u^)M$BxVp!8Tx*p%< z(`}}mDS^SeYgcErH@FB8=CX_W62!csCal@wQbnfc+aC4^rEnp0yu;4mHXB_R?Q;lb zu`}`pB-C>rGP~g3-|m@Aup=Mwm605I>21djo7;p8&bWQX3nQ;ZrKY;JckT?0F#FO`%S=cG<;n`e3@Fs8`pXG%AXz19Rw>Tn^u zcI}$S{9oJb=(Z3mf$p4b2z^fgPqA-wI0->!bA$%fB#V+-1~4l0U0?VK8NZYV2d#Y2 z_0I9@2~aCyb0Tt_SPQTu@MF8vP#2?P$kv+vsLN{EtSYR5vtx5W8JZ%Glj#O}Z5S@D zM>`I2+F1T2N@K@`@NsQSnl4X^d}XinwOmK#^Cj(1?ez9n*9^Bfan|eC2Y;-=Ig3(= zO`oX*96<$oMoK_NP6#6bp&opE^xYe`P5lp-I6J{%F_9zghGw4`nax2giQu|}34r1> zh|;PZe<0qjZ$?WC09n?Ixpg95=j|da^g@O{+$IUlt1(6PrJ^WkrJ)CCV-~JUXe*QQ{5J)pRT!8il-)Gd5$)?xkjK;d!Kf4+f_fcU|~(NpWA^uF-$l$iR{xGIuuskrHy!g$IiVXH12 z8uFW2I7yDTjIJokPvwgoU zUHVzO$n}N?YDdjNS934)KXHY zd9t-vVzWhqf0%*DnZaifg276qiUL!U*QcZuNRiwrqMq=)nZ$^Wcgyj*tKd{@{A+PR zhwwX~m#;3#jkJo6PEL!NT8LRf17IYCbGCTKPa7g%Y!dLSw(1K!E@?MyHF%x=*gpcJ(wJBgeP#jgFdUw%M?Mna149lea$u3R@vLYM=gNI>@ z=cdiA1O=Oe+>n15-?%e{5|cA@RVen#{E9~tOu?=wX*tpza>c)gcwLi3SKb~NSRR8^ zF8|sIYmM0G#3_O=31bkk?;G-^Rr`|MOKmPXLdmgX+Eicv^)Cb69mChYs_+i# zwcjl0&YR}@_B8F(Z|kwmS?gD*SS7Ci&2H}cw^}TLL6LdTYSc80te`qXTn>2TBj9(8rUrRWT>)7YC|9W%wvET#DU(Z9Tp z`tL5D7-M|~zXxfwlhs#LxH0WO1HE-hRNsF6HWS#e2aVM0zy5katcDNsrdEoICQ()i zNGpZnM4jU5;bD()9_A9Z&Rh0tH;?K_)sBf|h_79gRfnEEcP1t2aEb+_sUAvOoIo&) zitUrl%J&*bAe?<17GXcjq z)-q{Q`Zl*opkEA66d2*^E>Sx$Ws6ZbsUdE;E0g$=ZnNp3FLx-qdw@RM?ayb!I=60S zXJ;o1hHs!#uU_}Srml)j1+(ff|EhtACi^2&@jrcy`30zmWFx~^o55IsTsBf8JF*M8 z+ce)ld|(rp?yjZT1KCDoJ_Kaze#}R770P4H7A{ngF%^>lP|Dl$1I2xCSP$h#3JN_c zOeYv}itmNL(`Q|co6Pm-ZTj@-1CF#60Vtl#K1?_dr0f*6f_#d2SN5C}0F;Wy+f=^D^7$I%+zp5u=G(rPvo&`^qe5@NDCBR8wHRx6lquOx zqZsbs5@2LxBqKTKfxwf-ieI-X2aI$!*IaO^vvQWd#lUSdVsrSy>`Io;sc7b&JP)K$7zXH& zH`vB4r8Z&gCUj9&vtMZ7ld7>5W0l`|l?+f<-$EK&fOwd4#O?m&;9INe^?U8@VUn@0 z86d^kym|BOMoU3K!5-jD-i>>h?^Um08+Y)#s7`ln)j7X>C379m7`ttfNyP}B%BrDd zTx|BP{PWcEX<9cyxykdH2naMKY9E}r8Gp6H`99Kr5(|R!q#=%#^@J{X|8BQ)g}vfh z6y@4^;DR3z@QI`I3`#*Z)BwNphf=g|>CfI+KJ|EfT$}^wFW67A*L}92KmIWJ&fI$W z^5t}$gUv5~`}Qp(rni>erO9|iap3Vm+P2#FYMq6%Ye~;LMea1ghY`Np#?4YZ%HGZm zLUE6LXZVs=sh!8~T9u{LzuCCQfm*fmdsO5@?j>m6z*L1TCVt!T^^O&9w!2_P1zKaA z(t%hx0~1$#1jM=;c@V!8&d(B7e}2il7;DYsQD*vfF;mz01V^=Y{k8R##KZ%V2XpBX zrcP|y9YJ8nk5@qVBI7f2V!*%NVyu3V?7SG4@91;QZQK*`4YS;Ms(%dk~NJ~!-C@(Lc zu52!kR8+i`n|lO)AM~A~>f8K$_3HS}t+&imQcQKpd+`GNNNQU4QZW`6KM;|`!*>Nn zyKwR1?v!82HMjl`EZTwxIao_$&C7a1!TY;E-o%$m=}M#je4Qxl^ILRQ&;}j6R=u>tvK)r_fl0=m8l9xs{iR7cZ=My)V?Zo zJ>m*<*L)q^dQ0O#6SdQoe-sp`u6x98wh7*I1{VA^^~Yw#iYAP%i!&DL@&vpl7-_$O zW}+aD&vb_vWWlv!EBRPgT~=6JoZiX8z>on1pH22XT))Jk`9avYOhy^PnV?xkKzXNA zz}BQ&l@%32c-#BSFFS1GNLUbsqa52%BC$VE#-PJ6+)|T^gjhZqk2JVhPURwC$GK0MA3P=gUv?0jBVt2^p0vCLuC1EH@Z4roo$tQMYA`bq!^t1MGa`l%-KuOL<+U(Td8- z%0ko%>OC4>>EJoPt%oLZr_t{?gHa4m47U`vA5rP*#pQYQ5P+~B|NMsB6Q)y4eEh+m zZZ~n?xq<@+gB+?TLNChToJuM~QE(kFf-t-yA8C|E8(M32!7wWveh0^bk}n%9sRnb% z0nVGN_TWXuF&cLfA<(UIj>D)`S5aAyn6aEVh3VGTWQOdY>v+7YMwFE)oJ-O5GqR+* zLuOByFoqeU5XWYeXg6Q?Y|}S3C&;u*U!-^;T-^^1=#CCKZljrea&?2rZ`P}rq0w1d zFYI&)Qx+HblE+b!ZYjzI#&VV4IPz%?Wmm+jjOesTRflf#`cqU=L(=Ba6pCFoDaUs{ zmt;XXwZ|@Bw^vYy+$qII;g+{80>p58af0jDKW%)kn?R?M_e|}tBW0PF*N4~zwL2ii zh$Fr@ij#E4phdQg++^)-2NeLgfNmIp)um@i=Bs`ZnPzcY@pwz9DqIKZOo<}#ySLZpIV(CCX*1C#$^ zw2UG8UOU()Ik6;m-PPOsCk%;YwTe{-J)C*i*!#?U%RhW5AXNkwgjCclU<}mS2`}A- z;UH>QSkJrkgMki*v8nSLDnDju!vh&W&LbXYB04}SA^a*>v{FADaZcIJXn{G4Nv{kH zof@pgb=~?(r40=RY7KM|Sk7;lM`OAM4D^7OJ(GS^65x{Z+}pTZsr`{9#djn`TUem{ zLy=1}D`*FE1zx8O_qRmOmgAvD%tDarkPHlc$HEd4-wU)lzmf7FeWkI|7|9EvP!>c0Uw;XL8v8pP z_lE^K?~+dkibV=7$l$ajqrdt5eU28i^mazvAn1?uWz(!+_kfTtpLc$}TRdG~H5W_JAg%Enrnn)@y`xxaJ- zwWZ`jGA4l5kVfv<8xJpfzE?-O|4OCr#|M+f4_J+MXiHkbD`qpGS9=Z|*utc?MR{3n zl9IQ#x5$oA*)-U2cIEsP=QoTG1zBWA2UUbVa6CR4 zPnn%Mb~HlxL-#j{0%OP<*}^Vd=*FOu+a1y}WsShj0N8+~l8VY*OLW*X=0h<)q#&ZIGcYg^J~E8*UAuM-+rPd=)23nxM#IYAQ`{aS-~P#P z$9i_Gk7bk7Iz#dkfRfG+cEGE$GHs=~&|V91H!FrB^5%tiKBXuAP5oNT=*T++9|KTw z_-+pBUU0n`rx>cS;~{(2l<%5Sk`Eu8%7)P*q&)T@r`yk7LVh7cA`mh@r~%G*s&T7Z zZ`nxGDK3aGEszRGB6iajEjo4SG7-8KN?q!8z&3HsK-t3CvL8RH2@^Kwz39=t{rF|e zP8uv90|f%U9Wz9zYLU2s@Icz9bGC6c$Ht&$M~j7bA?hCCRo(e=?qt~3Gr8}@E269{ z6YH#dpkWwbUd_tdFIysQiVT1;Zn%WICU&)Wz_f>j4vwk8$W!!A6fgwNuKi+ z^R=&%ecZR$l8(iF3+KLAKT-kjA5ngBp4Lm>;@-(-Tt1ksDxodbvxcyW+QA8jjbESH zPcVbz5Yc<%SO`3q_3(XOU~8V=cbe@P+c=O?5ehgu?o}R)!jvwQ=?tKn0=ueM2e_|&l9i=4&aaJ{ zX}$w{fiQW6Ny@GWedHcKpN%tRgUwQsP zxnb;~)nN&CJq=vfo%^$PQ*_w6L&JZ6ze;a%b!z$uzaQUv>&>=Gj@sTXE$M)r@;lw* zpEOpkiy6KyH~GNiHs`0#zdY2_eXB}M`^P>BwEQTFgtiV<`B*|i2ZeFt#&Nu}Xer%q zznCxeUqr;>+g7vEnh5=h{gaUd6o!sq(a4ER&b6OBqI)!OY!fAet3Zp-NcMt9$(|`V zQG9%Vc1b1h0uegKzU431x z@P`>5^19+S%05+0olpdSQ%uZc2N%4yJYS5z{0UmO8N zc*A=|NIUpTo{w8H20tNV)*M{FUV)D%{>w;;IbD<6f(F*W zIV2sTEoKk_0WClQ;Rw(X@@r_z_lAbvry`XO^h0^MiiXBE*0=Afq^uI5qXMd)U-A3( zxh|L04^6dI?~i{G+XP;A4ecTNi5`I_iZ>vXorFe5^)EK1uZf!Pc_y!qiuNX*=a2n2 zZ5lf;GiplIYjifRX;)>1VH!$Et@`O8`=QFBll_X8<=MS!6-@50d6DeZ5au+(6U(EW&NoN*%;B*I@g z+S=dW|46*2D$d_U)nnTvgI{vyP*SHaPGC>bb9>!XtdVh2;VfsWGzmxz%!vt@RGMJm z8-RSA65apG<7Peo!kL)b5DuwRv9U$*iJZJL!=i*|9Avyy>uFBTqbEzHf4MUZdJr$_E!_+JXh+mehx>tJCAa z5DXhMUU*bai9%B62uIveG}Ca$&Yki+&LpbhR|N%z;1G1ag%uwPjcso+Y;|;YUWyhI zeEF_#x7^%Z=Emrr?^HuYdd1g3r%yz9I+q;V9&t=%FX3?KLcpNHpD+z%f^jPc9)mIt z?rwXpACHL<0(xcMDo;;KOUv;DVDNA_LjuXV7Br?@WV?WO#g^WLsld7O=ka0jr!&)A zTQ!mGAExnKJHZ`l|AnLZjQ;I^f?>ul-FOeRv6)z zpYN6XC}_EBrS_NZQ*wjOmnqxMdelsFUfhksfbYHtx(%Kk!US>qC-s){q5p-9dGD7|FIZBO3@c4yx*7daq1yF>D|2Z*}x?!jtN*{<>m+QXXlV@dUV# zjr@(-CmvtVsS5GnV@IdgbyqIkQ2R}#<)JMs4=_}T>p_V7_AS0k^Gg=<{D1$vVBTa$4*L33p9(Fs@ldeuA#&@?dcXjr6Jz-3{X3_B~{O9&*{8m_w6mthBf@c z3e#;ngn{$1{n@`6IRE!+BZP>dLH{y!S=8&F#Ek#x#s2^Lf^|wsS%)U{{Mq-Nf`Y;h zhdHK8r%hAP{r zguI5j=fpXlOBQ)L=<_%Hp)h>t@KHmC4I464$9mXM{b8f@M~xUXbg2H&p&55ZSp9EL zSn0CFajEaWKVhW)$Wh;)P&GKmlP75W^BX)JS2}ojE?VjO@6XZEAEEpGIYW94aN{{0 zt4@ z<4?;x6^#G&lZv6M>k0=IQ)hdv!76gyRzK7n$8&ngtIBhhIC$8*JGy$xTQi%aGSkf3 z%Fx8reB%Bu787_}H+h`TN>}~=)5mbHSIYP=kNLMx;a%*k#$$T?>vjIu5AmPhbk?gg RemqLSbfWo$c%y|I{{xqOR dataset[0] -> hasPolicy[0] -> @id", - " const datasets = json.dataset || [];", - " const firstDataset = datasets[0] || {};", - " const policies = firstDataset.hasPolicy || [];", - " const firstPolicy = policies[0] || {};", - " const policyId = firstPolicy['@id'];", - "", - " if (policyId && typeof policyId === 'string') {", - " pm.collectionVariables.set('POLICY_ID', policyId);", - " console.log('POLICY_ID set to:', policyId);", - " } else {", - " console.warn('Policy ID not found in response at dataset[0].hasPolicy[0][\"@id\"]');", - " }", - "", - " // Optional: assertion to ensure it exists", - " pm.test('Policy ID is present and stored', function () {", - " pm.expect(policyId, 'Policy ID should exist').to.be.a('string').and.not.empty;", - " });", - "", - "} catch (e) {", - " console.error('Failed to parse response or set POLICY_ID:', e);", - " pm.test('Response is valid JSON', function () {", - " throw e;", - " });", - "}" - ], - "type": "text/javascript", - "packages": {}, - "requests": {} - } - } - ], - "request": { - "method": "POST", - "header": [], - "body": { - "mode": "raw", - "raw": "{\n\"counterPartyDid\":\"did:web:identityhub.edc-v.svc.cluster.local%3A7083:provider\"\n}", - "options": { - "raw": { - "language": "json" + "name": "Get Catalog", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "try {", + " const json = pm.response.json();", + "", + " // Navigate the expected structure: Catalog -> dataset[0] -> hasPolicy[0] -> @id", + " const datasets = json.dataset || [];", + " const firstDataset = datasets[0] || {};", + " const policies = firstDataset.hasPolicy || [];", + " const firstPolicy = policies[0] || {};", + " const policyId = firstPolicy['@id'];", + "", + " if (policyId && typeof policyId === 'string') {", + " pm.collectionVariables.set('POLICY_ID', policyId);", + " console.log('POLICY_ID set to:', policyId);", + " } else {", + " console.warn('Policy ID not found in response at dataset[0].hasPolicy[0][\"@id\"]');", + " }", + "", + " // Optional: assertion to ensure it exists", + " pm.test('Policy ID is present and stored', function () {", + " pm.expect(policyId, 'Policy ID should exist').to.be.a('string').and.not.empty;", + " });", + "", + "} catch (e) {", + " console.error('Failed to parse response or set POLICY_ID:', e);", + " pm.test('Response is valid JSON', function () {", + " throw e;", + " });", + "}" + ], + "type": "text/javascript", + "packages": {}, + "requests": {} + } } - } - }, - "url": { - "raw": "{{baseURL}}/cp/api/mgmt/v1alpha/participants/consumer/catalog", - "host": [ - "{{baseURL}}" ], - "path": [ - "cp", - "api", - "mgmt", - "v1alpha", - "participants", - "consumer", - "catalog" - ] + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n\"counterPartyDid\":\"did:web:identityhub.edc-v.svc.cluster.local%3A7083:provider\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{baseURL}}/cp/api/mgmt/v1alpha/participants/consumer/catalog", + "host": [ + "{{baseURL}}" + ], + "path": [ + "cp", + "api", + "mgmt", + "v1alpha", + "participants", + "consumer", + "catalog" + ] + } + }, + "response": [] + }, + { + "name": "Get Data", + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"providerId\":\"did:web:identityhub.edc-v.svc.cluster.local%3A7083:provider\",\n \"policyId\": \"{{POLICY_ID}}\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{baseURL}}/cp/api/mgmt/v1alpha/participants/consumer/data", + "host": [ + "{{baseURL}}" + ], + "path": [ + "cp", + "api", + "mgmt", + "v1alpha", + "participants", + "consumer", + "data" + ] + } + }, + "response": [] } - }, - "response": [] + ] }, { - "name": "Get Data", - "request": { - "method": "POST", - "header": [], - "body": { - "mode": "raw", - "raw": "{\n \"providerId\":\"did:web:identityhub.edc-v.svc.cluster.local%3A7083:provider\",\n \"policyId\": \"{{POLICY_ID}}\"\n}", - "options": { - "raw": { - "language": "json" + "name": "Experimental", + "item": [ + { + "name": "Get Asset (using new Mgmt API)", + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "clientSecret", + "value": "JjG3hNm99h7b3JBxbAyqn8kPiCPiVkvQ", + "type": "string" + }, + { + "key": "accessTokenUrl", + "value": "http://keycloak.localhost/realms/edcv/protocol/openid-connect/token", + "type": "string" + }, + { + "key": "scope", + "value": "management-api:write management-api:read", + "type": "string" + }, + { + "key": "clientId", + "value": "consumer", + "type": "string" + }, + { + "key": "grant_type", + "value": "client_credentials", + "type": "string" + }, + { + "key": "tokenName", + "value": "edc-v-access", + "type": "string" + }, + { + "key": "addTokenTo", + "value": "header", + "type": "string" + } + ] + }, + "method": "GET", + "header": [], + "url": { + "raw": "http://localhost:8081/api/mgmt/v4alpha/participants/consumer/assets/asset-1", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "api", + "mgmt", + "v4alpha", + "participants", + "consumer", + "assets", + "asset-1" + ] } - } + }, + "response": [] }, - "url": { - "raw": "{{baseURL}}/cp/api/mgmt/v1alpha/participants/consumer/data", - "host": [ - "{{baseURL}}" - ], - "path": [ - "cp", - "api", - "mgmt", - "v1alpha", - "participants", - "consumer", - "data" - ] + { + "name": "Create Asset (using new Mgmt API)", + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "accessTokenUrl", + "value": "http://keycloak.localhost/realms/edcv/protocol/openid-connect/token", + "type": "string" + }, + { + "key": "clientSecret", + "value": "1KjSm7GixsOp4PDG4fyqGNbFJKiiuisH", + "type": "string" + }, + { + "key": "scope", + "value": "management-api:write management-api:read", + "type": "string" + }, + { + "key": "clientId", + "value": "consumer", + "type": "string" + }, + { + "key": "grant_type", + "value": "client_credentials", + "type": "string" + }, + { + "key": "tokenName", + "value": "edc-v-access", + "type": "string" + }, + { + "key": "addTokenTo", + "value": "header", + "type": "string" + } + ] + }, + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"@context\": [\n \"https://w3id.org/edc/connector/management/v0.0.1\"\n ],\n \"@id\": \"asset-1\",\n \"@type\": \"Asset\",\n \"properties\": {\n \"description\": \"This asset requires Membership to view and negotiate.\"\n },\n \"dataAddress\": {\n \"@type\": \"DataAddress\",\n \"type\": \"HttpData\",\n \"baseUrl\": \"https://jsonplaceholder.typicode.com/todos\",\n \"proxyPath\": \"true\",\n \"proxyQueryParams\": \"true\"\n }\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://localhost:8081/api/mgmt/v4alpha/participants/consumer/assets", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "api", + "mgmt", + "v4alpha", + "participants", + "consumer", + "assets" + ] + } + }, + "response": [] } - }, - "response": [] + ] } ], "event": [