From 101caf3e33a09a5808221818bd24ee17e57ad1dc Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 20 Sep 2023 10:18:44 +0200 Subject: [PATCH 01/19] Switch to official v1.11 CAPZ image --- .../cluster-api-provider-azure/Chart.yaml | 8 +- .../scripts/Makefile | 4 +- .../templates/azurecluster-crd.yaml | 18 +- .../templates/azureclusteridentity-crd.yaml | 6 +- .../templates/azureclustertemplate-crd.yaml | 18 +- .../templates/azuremachine-crd.yaml | 4 +- .../templates/azuremachinepool-crd.yaml | 4 +- .../azuremachinepoolmachine-crd.yaml | 4 +- .../templates/azuremachinetemplate-crd.yaml | 4 +- .../azuremanagedcontrolplane-crd.yaml | 37 ++ .../azuremanagedmachinepool-crd.yaml | 3 + .../templates/resourcegroup-crd.yaml | 510 ++++++++++++++++++ 12 files changed, 599 insertions(+), 21 deletions(-) create mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml index 21308854a..116887011 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml @@ -3,8 +3,8 @@ name: cluster-api-provider-azure description: A Helm chart for Kubernetes type: application version: 0.1.11 -appVersion: v1.10.2 +appVersion: v1.11.0 dependencies: -- name: cluster-api-provider-azure - version: 0.1.8 - repository: https://pluralsh.github.io/capi-helm-charts + - name: cluster-api-provider-azure + version: 0.1.8 + repository: https://pluralsh.github.io/capi-helm-charts diff --git a/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile b/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile index dc82a1047..cb8cf8391 100644 --- a/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile +++ b/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile @@ -1,10 +1,10 @@ -AZURE_VERSION=v1.9.14 +AZURE_VERSION=v1.11.0 azure: # Clean current CRDs rm -rf ../templates/*-crd.yaml mkdir tmp - wget https://github.com/pluralsh/cluster-api-provider-azure/releases/download/${AZURE_VERSION}/infrastructure-components.yaml + wget https://github.com/kubernetes-sigs/cluster-api-provider-azure/releases/download/${AZURE_VERSION}/infrastructure-components.yaml # This rewrites the data to stringData in the secret yq 'select(.kind == "Secret") | .stringData += .data | del(.data)' infrastructure-components.yaml > tmp.yaml # This removes the Secret from the yaml diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml index 774ba1e96..549bd4aef 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: azureclusters.infrastructure.cluster.x-k8s.io annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-serving-cert' + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' controller-gen.kubebuilder.io/version: v0.9.2 labels: clusterctl.cluster.x-k8s.io: "" @@ -18,7 +18,7 @@ spec: clientConfig: caBundle: Cg== service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-webhook-service' + name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' namespace: '{{ .Release.Namespace }}' path: /convert conversionReviewVersions: @@ -275,6 +275,13 @@ spec: items: description: SecurityRule defines an Azure security rule for security groups. properties: + action: + default: Allow + description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". + enum: + - Allow + - Deny + type: string description: description: A description for this rule. Restricted to 140 chars. type: string @@ -835,6 +842,13 @@ spec: items: description: SecurityRule defines an Azure security rule for security groups. properties: + action: + default: Allow + description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". + enum: + - Allow + - Deny + type: string description: description: A description for this rule. Restricted to 140 chars. type: string diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml index 77777cf56..6077347c3 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: azureclusteridentities.infrastructure.cluster.x-k8s.io annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-serving-cert' + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' controller-gen.kubebuilder.io/version: v0.9.2 labels: clusterctl.cluster.x-k8s.io: "" @@ -18,7 +18,7 @@ spec: clientConfig: caBundle: Cg== service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-webhook-service' + name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' namespace: '{{ .Release.Namespace }}' path: /convert conversionReviewVersions: @@ -122,7 +122,7 @@ spec: description: TenantID is the service principal primary tenant id. type: string type: - description: Type is the type of Azure Identity used. ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI or ManualServicePrincipal. + description: Type is the type of Azure Identity used. ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity. enum: - ServicePrincipal - UserAssignedMSI diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml index 012c267f2..4a12f0101 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: azureclustertemplates.infrastructure.cluster.x-k8s.io annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-serving-cert' + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' controller-gen.kubebuilder.io/version: v0.9.2 labels: clusterctl.cluster.x-k8s.io: "" @@ -18,7 +18,7 @@ spec: clientConfig: caBundle: Cg== service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-webhook-service' + name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' namespace: '{{ .Release.Namespace }}' path: /convert conversionReviewVersions: @@ -160,6 +160,13 @@ spec: items: description: SecurityRule defines an Azure security rule for security groups. properties: + action: + default: Allow + description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". + enum: + - Allow + - Deny + type: string description: description: A description for this rule. Restricted to 140 chars. type: string @@ -495,6 +502,13 @@ spec: items: description: SecurityRule defines an Azure security rule for security groups. properties: + action: + default: Allow + description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". + enum: + - Allow + - Deny + type: string description: description: A description for this rule. Restricted to 140 chars. type: string diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml index 243ee0903..810e21c78 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: azuremachines.infrastructure.cluster.x-k8s.io annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-serving-cert' + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' controller-gen.kubebuilder.io/version: v0.9.2 labels: clusterctl.cluster.x-k8s.io: "" @@ -18,7 +18,7 @@ spec: clientConfig: caBundle: Cg== service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-webhook-service' + name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' namespace: '{{ .Release.Namespace }}' path: /convert conversionReviewVersions: diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml index d2c215a4c..083afb293 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: azuremachinepools.infrastructure.cluster.x-k8s.io annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-serving-cert' + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' controller-gen.kubebuilder.io/version: v0.9.2 labels: clusterctl.cluster.x-k8s.io: "" @@ -18,7 +18,7 @@ spec: clientConfig: caBundle: Cg== service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-webhook-service' + name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' namespace: '{{ .Release.Namespace }}' path: /convert conversionReviewVersions: diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml index 4d4f81649..e4c5e418f 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: azuremachinepoolmachines.infrastructure.cluster.x-k8s.io annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-serving-cert' + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' controller-gen.kubebuilder.io/version: v0.9.2 labels: clusterctl.cluster.x-k8s.io: "" @@ -18,7 +18,7 @@ spec: clientConfig: caBundle: Cg== service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-webhook-service' + name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' namespace: '{{ .Release.Namespace }}' path: /convert conversionReviewVersions: diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml index b832b1ba1..5a6be532c 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: azuremachinetemplates.infrastructure.cluster.x-k8s.io annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-serving-cert' + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' controller-gen.kubebuilder.io/version: v0.9.2 labels: clusterctl.cluster.x-k8s.io: "" @@ -18,7 +18,7 @@ spec: clientConfig: caBundle: Cg== service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-webhook-service' + name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' namespace: '{{ .Release.Namespace }}' path: /convert conversionReviewVersions: diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml index f126b7e18..de648f1c6 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml @@ -202,6 +202,24 @@ spec: dnsServiceIP: description: DNSServiceIP is an IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. Immutable. type: string + httpProxyConfig: + description: HTTPProxyConfig is the HTTP proxy configuration for the cluster. Immutable. + properties: + httpProxy: + description: HTTPProxy is the HTTP proxy server endpoint to use. + type: string + httpsProxy: + description: HTTPSProxy is the HTTPS proxy server endpoint to use. + type: string + noProxy: + description: NoProxy indicates the endpoints that should not go through proxy. + items: + type: string + type: array + trustedCa: + description: TrustedCA is the alternative CA cert to use for connecting to proxy servers. + type: string + type: object identity: description: Identity configuration used by the AKS control plane. properties: @@ -285,6 +303,11 @@ spec: - azure - kubenet type: string + networkPluginMode: + description: NetworkPluginMode is the mode the network plugin should use. Allowed value is "overlay". + enum: + - overlay + type: string networkPolicy: description: NetworkPolicy used for building Kubernetes network. Allowed values are "azure", "calico". Immutable. enum: @@ -294,6 +317,13 @@ spec: nodeResourceGroupName: description: NodeResourceGroupName is the name of the resource group containing cluster IaaS resources. Will be populated to default in webhook. Immutable. type: string + oidcIssuerProfile: + description: OIDCIssuerProfile is the OIDC issuer profile of the Managed Cluster. + properties: + enabled: + description: Enabled is whether the OIDC issuer is enabled. + type: boolean + type: object outboundType: description: Outbound configuration used by Nodes. Immutable. enum: @@ -495,6 +525,13 @@ spec: - type type: object type: array + oidcIssuerProfile: + description: OIDCIssuerProfile is the OIDC issuer profile of the Managed Cluster. + properties: + issuerURL: + description: IssuerURL is the OIDC issuer url of the Managed Cluster. + type: string + type: object ready: description: Ready is true when the provider resource is ready. type: boolean diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml index 19774035a..4e7d1c828 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml @@ -53,6 +53,9 @@ spec: items: type: string type: array + enableFIPS: + description: EnableFIPS indicates whether FIPS is enabled on the node pool. Immutable. + type: boolean enableNodePublicIP: description: EnableNodePublicIP controls whether or not nodes in the pool each have a public IP address. Immutable. type: boolean diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml new file mode 100644 index 000000000..e74218b2e --- /dev/null +++ b/bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml @@ -0,0 +1,510 @@ +{{- if .Values.crds.create -}} +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: resourcegroups.resources.azure.com + annotations: + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-azureserviceoperator-serving-cert' + controller-gen.kubebuilder.io/version: v0.13.0 + labels: + clusterctl.cluster.x-k8s.io: "" + {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: '{{ include "cluster-api-provider-azure.fullname" . }}-azureserviceoperator-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: resources.azure.com + names: + kind: ResourceGroup + listKind: ResourceGroupList + plural: resourcegroups + singular: resourcegroup + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20200601 + schema: + openAPIV3Schema: + description: 'Generator information: - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + azureName: + description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + maxLength: 90 + minLength: 1 + type: string + location: + description: 'Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be one of the supported Azure locations.' + type: string + managedBy: + description: 'ManagedBy: The ID of the resource that manages this resource group.' + type: string + tags: + additionalProperties: + type: string + description: 'Tags: The tags attached to the resource group.' + type: object + required: + - location + type: object + status: + description: Resource group information. + properties: + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + id: + description: 'Id: The ID of the resource group.' + type: string + location: + description: 'Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be one of the supported Azure locations.' + type: string + managedBy: + description: 'ManagedBy: The ID of the resource that manages this resource group.' + type: string + name: + description: 'Name: The name of the resource group.' + type: string + properties: + description: 'Properties: The resource group properties.' + properties: + provisioningState: + description: 'ProvisioningState: The provisioning state.' + type: string + type: object + tags: + additionalProperties: + type: string + description: 'Tags: The tags attached to the resource group.' + type: object + type: + description: 'Type: The type of the resource group.' + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1api20200601storage + schema: + openAPIV3Schema: + description: 'Storage version of v1api20200601.ResourceGroup Generator information: - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Storage version of v1api20200601.ResourceGroup_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + type: object + azureName: + description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + maxLength: 90 + minLength: 1 + type: string + location: + type: string + managedBy: + type: string + originalVersion: + type: string + tags: + additionalProperties: + type: string + type: object + type: object + status: + description: Storage version of v1api20200601.ResourceGroup_STATUS Resource group information. + properties: + $propertyBag: + additionalProperties: + type: string + description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + type: object + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + id: + type: string + location: + type: string + managedBy: + type: string + name: + type: string + properties: + description: Storage version of v1api20200601.ResourceGroupProperties_STATUS The resource group properties. + properties: + $propertyBag: + additionalProperties: + type: string + description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + type: object + provisioningState: + type: string + type: object + tags: + additionalProperties: + type: string + type: object + type: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta20200601 + schema: + openAPIV3Schema: + description: Deprecated version of ResourceGroup. Use v1api20200601.ResourceGroup instead + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + azureName: + description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + maxLength: 90 + minLength: 1 + type: string + location: + type: string + managedBy: + type: string + tags: + additionalProperties: + type: string + type: object + required: + - location + type: object + status: + description: Deprecated version of ResourceGroup_STATUS. Use v1api20200601.ResourceGroup_STATUS instead + properties: + conditions: + description: 'Conditions: The observed state of the resource' + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + id: + type: string + location: + type: string + managedBy: + type: string + name: + type: string + properties: + description: Deprecated version of ResourceGroupProperties_STATUS. Use v1api20200601.ResourceGroupProperties_STATUS instead + properties: + provisioningState: + type: string + type: object + tags: + additionalProperties: + type: string + type: object + type: + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].severity + name: Severity + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta20200601storage + schema: + openAPIV3Schema: + description: Storage version of v1beta20200601.ResourceGroup Deprecated version of ResourceGroup. Use v1api20200601.ResourceGroup instead + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Storage version of v1beta20200601.ResourceGroup_Spec + properties: + $propertyBag: + additionalProperties: + type: string + description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + type: object + azureName: + description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' + maxLength: 90 + minLength: 1 + type: string + location: + type: string + managedBy: + type: string + originalVersion: + type: string + tags: + additionalProperties: + type: string + type: object + type: object + status: + description: Storage version of v1beta20200601.ResourceGroup_STATUS Deprecated version of ResourceGroup_STATUS. Use v1api20200601.ResourceGroup_STATUS instead + properties: + $propertyBag: + additionalProperties: + type: string + description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + type: object + conditions: + items: + description: Condition defines an extension to status (an observation) of a resource + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: Message is a human readable message indicating details about the transition. This field may be empty. + type: string + observedGeneration: + description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + type: integer + reason: + description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. + type: string + severity: + description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown + type: string + status: + description: Status of the condition, one of True, False, or Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + id: + type: string + location: + type: string + managedBy: + type: string + name: + type: string + properties: + description: Storage version of v1beta20200601.ResourceGroupProperties_STATUS Deprecated version of ResourceGroupProperties_STATUS. Use v1api20200601.ResourceGroupProperties_STATUS instead + properties: + $propertyBag: + additionalProperties: + type: string + description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions + type: object + provisioningState: + type: string + type: object + tags: + additionalProperties: + type: string + type: object + type: + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +{{- end -}} \ No newline at end of file From 2aefa43a9f90c8b0e45134d57fc0cc9be599b02b Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 20 Sep 2023 10:54:22 +0200 Subject: [PATCH 02/19] Bump controller version as well --- bootstrap/helm/cluster-api-provider-azure/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml b/bootstrap/helm/cluster-api-provider-azure/values.yaml index 48b41b5cb..42461f788 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml @@ -11,8 +11,8 @@ cluster-api-provider-azure: controllerManager: manager: image: - repository: ghcr.io/pluralsh/cluster-api-azure-controller - tag: v1.9.14 + repository: ghcr.io/kubernetes-sigs/cluster-api-azure-controller + tag: v1.11.0 job: enabled: true From b5abe21df2e7e6b1713b1d76ddaabf9126bec54c Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 27 Sep 2023 11:09:45 +0200 Subject: [PATCH 03/19] Bump helm chart version --- .../helm/cluster-api-provider-azure/Chart.lock | 6 +++--- .../helm/cluster-api-provider-azure/Chart.yaml | 6 +++--- .../cluster-api-provider-azure-0.1.11.tgz | Bin 0 -> 78909 bytes .../charts/cluster-api-provider-azure-0.1.8.tgz | Bin 57928 -> 0 bytes .../cluster-api-provider-azure/scripts/Makefile | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) create mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.11.tgz delete mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.8.tgz diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.lock b/bootstrap/helm/cluster-api-provider-azure/Chart.lock index d4b06aca3..8e3cfb9c3 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.lock +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: cluster-api-provider-azure repository: https://pluralsh.github.io/capi-helm-charts - version: 0.1.8 -digest: sha256:a121b432405288d78644e268fab20ac4369a2bfd13084094b9de9e0f65c05ad1 -generated: "2023-08-24T17:11:19.117169+02:00" + version: 0.1.11 +digest: sha256:22d24daa6833ec0f73923efa012a593ebc2c1311ad21f6c2cacd5b8b2bd7889f +generated: "2023-09-27T11:01:12.760986+02:00" diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml index 116887011..ef8117c02 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: cluster-api-provider-azure description: A Helm chart for Kubernetes type: application -version: 0.1.11 -appVersion: v1.11.0 +version: 0.2.0 +appVersion: v1.11.1 dependencies: - name: cluster-api-provider-azure - version: 0.1.8 + version: 0.1.11 repository: https://pluralsh.github.io/capi-helm-charts diff --git a/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.11.tgz b/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.11.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e378ea8e489362fd221b06dd3a19a87f1f076d29 GIT binary patch literal 78909 zcmZ6yWl$YKyS0rw1b4UKuyJ>1Sb!QI{63GVJ8xVyVM1lQm%d7g9XJN3=KuCA$? z>FK#;U8{+rV9-JSU7yq-w1$#OOvaM3>_87LHX{}_CKF{gOD$zCc6l{5c3E{BD?>XI z4;4jwK1ov>Tafej*Q9m!)a#hz<!7#TCwl;HbdQy;AbQ>G=H?5v=l*our%(4bs0m{kpPwGVsPFL! zT3C(cz}|@=)%gibW9p3;@@#>GVew}Io;<8h^c%p}{{E(z>3=eDH%H#_$R0g-|FYWn z`syWs+5Pv2Go^A%q5BY_k^4meXRHE98>zWld#ZC@rH88xkKDt&;^&oMvanST=>5WH z<=tJS)w`eX?pb%rxBLUPUOEy*h$JFVDC=~cJP*R2bSA~cljf&&BJ*6gEQZ}-3K)L! zgFA5fJrB^)vsXlfIf!~_1~^}{TlHyhMbS$E@)IO62gL0;5K+O71dMR12_*{TV1eC} zT{4pMZAFMva8n1bi+b`DsTs_wU6%xIN_0RXua4Ir;u{o?AvWz2DmX*Z4?dYx;vH5$ z-w{G11D}h{$@jsKZq6hnDybxpIUSqemheNd6lz~768f&l9#rvXqV=4dSo>hx_`lld zlod=NqXclo5r$ycQqn`5PmFKRa<^fuk^J#6kl&WKDo+S`XXJQH z{XF!LOP9A6y}RhUR{N@F{#ZGFkX7I|zHNBSJ0Gi04?3p@UqgvA8IU*L+s-arx5}L~ zW07S0@}oWO(1ZVe#59)`{e;mB1oI@j=q(;3A6*>PuBZkkQxBl&cx_L1XJMJiEXDgE z>)&0OWZi4MOuG?{J#PsPA?roq4^+Ankc6-Px?c0TCI7sn)WxK?eom7|4zjYM-i3mK zHQDnLj3|rREJmfbYX_#KVIi81p|L0bsdZ>4IcT9Lqi)eWlX-SgwE)@EXM3MoVPgaV zXcWKzATap*g9m4pD<*IvV8n znzN&68(|8r^J<2PPD#6XNT*<3HF2eO1^e3L18Vl#-lZg#tY7{R(>?a2U37C>2VDHz z%hZR3>A%JExI23g;P3KzI3nV(*Z1*$Co10F>VChEQ@8i^e(HL>7*_XN^c%mmmBs?O z(am)gO9Z)n5i>>>)RS$`^G(D{uJZGDW9oR^>U{q=7Wn3}9c*^_iUYDsN4bj-g3K~N zn7d0~(fRl4ZSXLFQLq2I_21hN9Q`Rv?w-w!aS8LzL$s8lBX=0RpAY(ifj!KLCH{H) z5Vj;{#EF{z+An~{ML$90`j|5&gSOCaRD{K=7UC6R1Oa5!Lw#r|s$ghX2n4eW_nX)v ztgk(={o&ivC|Yue*T&S?awMrOu_B4d~P;9tYI<*@kc^%`-U;}VBE?4 z?5D89%Q=yMq9&DMmaPGLfA9<4(go&Y%qOp(qvGXfjy|29PRB=H%(Q(s-|PIU zwPHD6OF+SgrwPSJPCNcL$-I5QUNL&^`{^o?U-tXs`ULzgoZ$(drTNHqds$ZEr{}kp z>j;iDjV6PJ!v(=>!wrP4_&cn!K-6lx1V#XpE7yw`egW`mMhh2ml3({ z9~@g~A(!8`t~MZdd%S!}J|bE;POU=tz2wd0yJlyVu$ksj#G6X4l1NK`_Bm*LlqNjY zs(-e>=9<<&IY7^-f9g*hFTVIWUVep>>5&Kh2)sFZ93NgTn$@3oSd2$CAM1a^Up^n55garsKaCQHiBz^7%e9U>U!7MVXBc4_>hMSs6JNpeVmz^v+ivQqf`(X}i6oRA& z+ZZ7$7fMXtFI$3|b77bq4(%4M0;le2eY?H-R{P|2W0m_hj&?OFz`Z_r1eSP_x?>Y; z5I=W|QvLuXuAOI>8xg4E)%|{S+H|E^?^B+>M8=Aj|3Wgpp&mbOb61g0c-$Sp`8d9> zF<5nP-_6E*`|C+YTBDi1Rwf}pl2e;sQpkgCgtSat`?%2hRpXb|wPvB3lZnK9s;0%F z4u3E;IH&*N-0#{jE^{)8(jR&8P4sXC_%1Es0<7-mu~;lwzQJ^|b#;X^6J9QNNfM1x zw2Z-k0TTN)n4?gtp_5MH03$kF(S<_1L~+BdWJChYbm{`!YCT+RbXdLjr)i??kNt;l zS6f}5_i=9a_{Ld-9B?d(lbd_Au@foxk6a1w)^7rMOVS)2D1v#HnpI8DgB&Wu&rZ+RZM4j;G$ zg`}LXoBc4(NWW$DB#H|0TrXd$VV#NQZQen^OT-C$o0Cw+pgmmR#Dg&w7D9N!DPd6@jjbxSIwVom(vyXavoi^-yg=Rx)Vt+QPxkeg(64u#-Zi4g3VZJ z4r9>4SyTu&VVB0#>|^p>-{VY(>4yrDdqo0!a$o#>KRVezS-Lx%9=30i*iax3a{R|r}l>-CPixGvGW79zJru!RT_kj6i7O#O@LwH9t?QIW2Q%_fDcFP{D5 z$wk{x%T*yFB}@3=rr@?Lx^g^{8_xL*nAO@g29Br)CrSbjOPo5wpB=rM)<3=H>`r#% z^P&*Iu^lOY$Tt}EA9j8+H`nblCp&lbl>#?zY- zZcFwrlxLQ_?Hh)|3f2YW)WU{Zcn6)7D;kS>TlRw>v!oBe7R0}998&#k1x(^jE+kLY z9Lh}_`J^@&|HP2q;R`37Rm%;Jk>+O8D$ni<%^?l8H>8?Q<-*`e`C-+h%oT#j1Ixv_ z(sLc`PeZ$CQ7)YbE{ov`MdT=~HWKM_e_w`M^mi)~gBZy;&<28E1jDLvoS`=WigcaR zH0N(<_?9p}`8T6&_z?E0rZ_cKWwxR^qskUE2>(2rpjcz4^IaH6%=4I ze!h$`gjv=4+!uS3*p14NI=tcTOsgwJ~3ihI1qCGqE@G0QuEYY#Edr9>mpiN4A-RC?6O#$&xXMlU{dPMq8Y}$`V6yb zQ75L2xLj>jdp0e>f~z4iVI*9T#J(*zPAEbHdy$b$!Fz`c0a~PzfzMB$)MBN{X6e-@ zBJ0^X2oXm2QkU#A+!3vKTX=iEJ3EdG2Bk)9Q1r_-LCS{JLjAt#Lrl%U@&b3f(nx~L|W=^O(#xbiS&}lFljG$ zqxR%p_H3HFzVT4nHBQZPNEV#P|63u-zm;)v`GKr(34p# zvw}BQuz98A#Tif`+o2r21A9iwGpnnN<4|ZL;tb{r+x`aqI0u}9mAw5$jEEdBu$ zt-2cJC%USW;@23((aSO@&M31Nm(JJ0=vH7R>fpxwwW=HQCl& z%3DFPN=b6+iB<~a(s(SA)n3+EUqXx{?EU-QYL}mda8OOT*O@6};j|hHIQ%KQskM$&MuS^YnhZ>^k1vlWJA3 zyV=uG6ovaAh>)Cp_&u$Un`&0kj5TbD$7VifCe*^6rf5=CD}d}{Atd;yOU_t`>UX2! z4!!^Ee1lqL(sCRU=X0AmIV_Fr0Mk+YwKEm^f;XdinqoA)bKoO>g~6{w+_|+T)7+N@ zpvK9fUAt~#A@=zJ_4$lSe_3gtsUVYV>rx9U?yOROX9_eD3w10qNX>W|T)r-qsO=m6X zl1>0H!GF8d4NP7RL99nfLRcv6l2?4T{V^V#UL)!BEfIOQ`6O;-Ww5i>sCjpINOTyW zb(odZYxf%S`vGUHBPB4& zgyuwyh7(K?6iVAYa!KjlsyQulD08qSPku%xM9H>gjiSzsYHKSu`zKuS8bY&-!K4B} zMs7xlr+N)oTvTU9o4JvbU+t>ZyechaIH`8d!Xu=8(PY(_l4$fpTMQyt1{oATTT-H< zNMTXTf2<7@5BDo*fz<=cpaYO+FnSw^g z#>kKPr5AxJG6v%c=unn{D?!C#)UPy4Ms?B!``GlKe@wD9x>L1|=mY>Aw)+s9piuIb zDwPFF?@%eX(=D<;j6`%V)*i5@&U)0@uF%-?OCDlPJCyNGP8Dj0gI&XXXfpB^PUN%f z_@J6NF;zyNo5Z=bQvTHEO*+O&FO{;r%~t5df!ZR4sx=8W>cK0jzF$W7w| z4kHjGsm~TJb(MV^EHQ7Um04m{D*8n=17{Ick#yxObAM_!re={Ic zoTBE9+&-C2dLpEjHrTe_<^h6X8yo}Usl~ji)^2AE#VG;FrA0xK*54|B`y_f4kp``KW6G64iH%R4lS)`h5fNp+j+4ROg z{U=Quv;e6_1K4%d#AK=CKtNDHb z``A^*X6gwIW=Al;;{6-& z(v&{B5O59NoFU0lP;H;*B41#*YU!Lw53Kb4y~HP;rF_r@(QAt<0a1$sY=Je|(9Fx; zUr=qGUh;_}>b?IVg33;^-ukD~{4MslT1#M?8Jsk|PMOW4Fww`=&Ud83Q4@?QMhFbB zzb*7t8?=P30xj3fk7B=9ue~tDFadi|#olt1k^FNiRS`~C&5xIkZ8UJi{h84Rf;Bjc zoZF=7TWBfj4NEWtQQ8|_^2Md?S}CP8W^p zJ-PAJ#;03(#KzgqmW+NMHL=sVkJazS$6vcA7wkQmiN|-@fXP@o>5e`T!ou--PoiiG=gfm{;%|#U~*1xW9nj zZI`s@y=Z2ts(~Ca{bPeE zrP_BgFAwRB*^gzZP0b5S!KoruR%Y~<2Gxg@J@ds)Mf!1ky+oASG^)eotH^{G|!UB@CgepUOR23 z>B`Xn=|iEt*vkbbz14#uNv4K*-!-#mNvZ6PM!oV0Lk2^2zkR%Y_d~xuZmaa&h4(+o z&a&Lir7{$D-=9@J9Xpuz97u@T8SWIGx_9Whn6=yV|05W`eO3?;wj*pM;DxVA9wmha|ILv7M3s?h)B!dIPtgp5~Bd2)n z$BjeYezoQa)meuKuQvUqSoPIqf2fR1G0tSAd6BldC+j|OS7_Qe%SyVEQxx}B$G1`} z@_4_wsFb&F6!87Hru-~K*Nq6T(Mx5SE~E;!SErp-^16ZzjY}-0Ffm}wSJ@r@F1PvcXW4k6vc@`fvH&E$?OR)cJEaer8M|zdeemZ*BX5BMWxhFiH$3{Tv`ZU zKGF{tu?*^Yn6yF&BWz(ylKy$!-a$6%*{CbNJFq~&w@w08$w!qY#m{nINq+OxT{JXo zPjT+au|GkTfBr|A(Z$Zsqm#cYNpT<$cq{13bW_JsnqVTLF#`adY{r3SQW;zPv+`g4 z=()4KF;Z$a61}ltE}N}}q|!2DrGXMIeBH*T!_vXm^azIwsfKDQvq^@))x-DBwJ#!@B;{xj)7DYtwouq3pxiA3oO_;_zA5j4!A0A_f0b_ zxNK-egNjc40^RBQndjFqj_lmLq-4vx0QrDZq&VT=L8Le?UY)Sg9E^Da!Vruo0z&7i zHY9l-+94iZI68J7-XjY~f?RF}#-WSraD>=}T@;UBNO7i~;)P~`O}tLhx2JB(%Dfew zj=y-VOw8~`;XwYPdS~<%Bo|6jVb2JjDIH0bRTwPW)7Yx04BH| zz^0nZN4!zC#wi$$oS;FZ&JqzGCHX@WfSZ7CYhf$uN@y;csCyH|WC{WuXl}!I%B(n@ zkVwBLt(@4`97UaD)-fqBM=!T$GQKtFgyaK%?t-xKt?aua=$tE4hZ&cpk-#nORrsLB zh$|=bWA!iAh{o29QOh0|x>J)pp?4-L40uqlBV;@%#jp}A%f$4i+$j+R=NvC5#Ozl& z-IVS%P9f?_9qBCR8e}{f*oG5qC&WNx-I;T*)CX7M1rqxwr`lg~MCodaCk@v$8zB8U z(?~r9z^Yz5X343dEn8>}kEl4WLN3(fj-kwYX3LtuU~2^UCzNDl4!Z5xB%Ql~SLdUj z$OOPB>5uAVWwn@h;BsZ${2V~{6kr$L3ueM@((&+3*u=-%D7hiY@UXWbQE6yU zHbG{fk9!Cf6TeK@#OM*4heS;IjD;lFM=m;uf6b-7Q(>4YEU<1T9mOPv2_9ckqeZ5W zE-s#I)}^RlP*b{yo%FCugc!<-dm7LDGqi0Gku;6PI z%-d&tq5T}sr+jA{NApA#6IbDH?K5;Zbnx?W*wPO;w}+drrZAyf?-WfrLQWpng6Nsw zEm{q~sD|CIN&7ES%fEAfBkK7fUhUhijLS zFlBUc|3WFdb#X!qJ)7NPT83R}$7ZTYkIVuk8$<00Pf(LPP@HRX3!Sz4Z<2~bj#pL2X#nhbWq^L zmm95r=?&-j9In&e(>bw3R~*J}%8z9j5Gf*sY}KL8V3ii}#Bi|U`Ao_p(Zdfh5ZvGb zwm#&U8^^lv)=6KtdCC%CynSUiP+q>x=h8;#@y(ml%IrHAE>-1y zX$jKG{)Gmj`S@G51h_t;Ph~mFV;hfVPIiQI=iTp$qkaa}x0^ynRXnUCg|gQ$k1vWx#En&a5s^P@aB(m+I|Mx)V%ML+LfD&gps@D$yxqMf zK%k#i{-Vx_3OmjolJvmIVm~qp>+TMR)Fz2xlCH)bAn;VoduIN8);JU2WxhEO_5A#k z(`1dGhFCJ*j>Jq>f+dIXNIj}@4*~=Ei=2ta7N7^dM;e@6CC@?^KPPk%3`JFnXqMAl zkaQn<_Znc5Zmize`H&f@b|YXaem9*sDQ?&FQJf{XshW;4U#u>5Ej{AS$D+l_p3 zcIbres>q3Jm2@;JG!GlY7xrM3uzczO?f)MS6&Yh`%^EJiVPNE zKNx}uh!zx+D{iI_VweKPwc{CpS0A!4X7@7F-r_`b{-xB!ZJL;6c!P$ULOL2e1g0pZ z2Rno?A*fTc^CFjI?A`}h(T0H+oF+9oP=FBn|>>QDAJjI!1GAheO1WegYm-^Od z9IT+$=8Uo^h&)_qyC%tH*U?^o($d9beyF2DWOejCPsW|V@^O`1$?nBNK010z;7Qrk z2h8)w$Ogi_!O@Tnjl3z6r_H5KVLO%wrPwRi z8z-H`6|?cr{B93A_MpP%Ng=?Obx??JK$M!P?duw{yQ$hy8aIgqS%lw>w-Tk1=Z2DM zKc@y$Ik{{*Js66Wx0<${v*BW7OK$Nu$h0$TII{ntGAGR?o7vzbMaXCPyihyZqn%<& zf2+pg^7CoLJKgSBE4+TQE2cl*dih5=Gn#K}j|ue$VHgRPzjcA}C<_5S1Q8D7aU~SE zITOrP(4-kUKeI&~2ZBU;!9yt9MrPw*J6|^agJqY^eu|)l0YeFjc3;Z0mv+*%zpVT- zixIS@-c+LPTd^rNiWARo*?wqfHYY$jk~v1vHDb{t4=P-q6e2$SIor4$DO?C`CkjL^ z9(^Npti~zP6wAr1vJ7swhHpfz*SoRZy+h8}jBZ<^7-x$GCt;cAZgFx&o!r+b~g_g0a{6WT-GX6z#YHfqH_)5R!2i5oX zj@SrXv@c5%Dt0_MYuvEhwH;RR}piGLj1E zTsSVa-vkV7I#mDh85yTJCC5`s zB@Z_*`S*Gm?3JZPXNcb@gO+M~NXX;y85^?5>fuvW=PP6~09c)A#nBj*-bCw1lfPQ7 zIpq(QP$nUFK3rf-yKHjxQ3L0~!KoJGQPe7`g54=1z^OF}{ft(a-rw17uS`VMba*&6 z4tX9!>QV@mv=g&-639a-WSPj1VT9}AcJiZ8`Ps}Qk!Bl+Q#HmB+lXqu5jvZbQH%{K z-#!EDs9bjb*W!RoUmwH~8_nb>w~w1K1z0j7-~6>|X1S7MbReperjeqHV>|I{Bq5+I zoapqRYopn443R@fu>|<5V>)*XC8X{&=_-q^RZR`TJclMf1V8?IIC(i4|?)Coo|;4xBK8%Vf_MhJF4EenRW2s2Se z9J4H-W{n-NWCf&`T4tlCQr0Erp)zJ;SSgCCE{gzC@$1s_kkRG8St-=$Y)b%A5$m$^ z!(kB@thUL~-Far@Y8#=MxB#;AGHOF(KbaUQ*NxoF0FW5*DbWPSs-{LG6Mb1MW=!^_ zXvx@h&3X747;Wng_lE9PGtthCqs+ckV&Q)wc{X%(I)pPxA)Su>hg}l#DHdt@c76oA ztk1OTR4@ZDo3D*Fys-4BHF~dbjF(xUf(9wy2ZUx~#uM2pw{PQAA1pgjL+h|s15bV>ons|((Y14f`&)V!ec#$N^`qk9xgg-k z+4$cKH&eon)EcicZoOx-IKFT3r{p3Hy~G%m@<2YDMiWXxi9_luH)AJ|llbkCk1}&6 zvPu@P>dp}h0a~9=G|Dr4P@+@d4*c=p@CmrCtwwLgMW!JQDLxLYGz)!1+o_g(k7q{U zG?r=4g-nVr4Ineg9>FJ#4!Hf-3^M*as~R+H9J0X2|M}x0Y+RG19x&u|HATl-qrLns z=J`X1OlbIYBqku~Pw&NWYI}{gfPpenijH|Tbo1SycaaC*S5?$uXZ2VEZ61;3$n8W= zPEaerfuvod&5_J*{QDPX-?{7U(9f}lhaZy6ONZ7ZqjuBw_=!5u3R&d)?>%x=v2z6Y zNq}WqUKmc}91)+hF8}Ls7YyxZT36R}eegBnH7oOa62E2brjXbOkS;u8ZIrh%>~>^5 zcuH`9HwUmK@UNnwlVT@75USsupn-1q29wD-;LUIXC;R|9$ecR4Rd#zn>Tnh}h-&nJ zZHoCz*5S>_Xdig?-aUSPF@?MbSou|%A34|=Jn5&lgBKsvP9zja^McV>J;tW+X*^R{ z>DKnJ0Gy2rb&`n>74tq&Ptg>mcs{g(fHKelaG-~WL*We&Oh$weiT4p8N=vJ|O1+0j zJ0PJpNrFB9x(O`HZ+(LM%aA=Oj?jPNfB!eVUZI!{Q_ z;T}Y(B_RDLNV@LkdfL2-pw;3wiK;LSF}92Z0lai{lFBGZZv?W+@_K?Y>30YOI#9N@ z>tCeqr1|J)-2AxDb%gSN%y`+lbb^0>_ah5iv&E5(WyJEfzG?cu$~$idKE3bUm@Bhl zik&6Cm+tv2qSOk?j`gTp#eFl@@a}T7zOO1_xIy2LSxxThy`VK+P+?^TLn;W+I9_n# zuNyM-XwdHDpEXT6#HPnU&b3U-UovC}Xmz3}wRy?vOY{TKdQbC%S~8)^WYyK!{~{j~ zSn^L|N^<7dWKu8EFZR!)Af4~PIzj-9-YifQE++ROtxIE-1YZPbn;N-gBnND`){)JYN7^JN{zWdrdsKMP>vklO=( z`Ua1w`^WADpJ@Vv^PmO^_)IdJMX&BO0W|Eh-qQ^pGUfX?1TwekNpzu_Z+atI`DSOGSN8 zO0#}cOvyW9^JpR5jnJzOHpPm^ySg^zh+n_F&S($baQS;L2-w`U4j!@#vq$jP3A3jH zn(=u5)>u8ijzLWSb8VU5BAhT9-ig9Q5f@=poZ8b{1ddjW7r!DTeQ*!yPcgoGZ8c~e z-CHi+5ewjCgVMEgumaI7fiA@zZQ%VHt9*?)<)Q4u&x*&Eb{0--+I!0h`>-`)i8?DY zfXNj~DERVPyrTl=3KXAz!B!IecwPG<(H3PH^OYdi@fFnXT*%H^Gyoh$TZ1vxfCm&D zr=YVS4`#NC8ky7_Ll>Foc1IV2wFx9OmjE-jCM(gA4TnYKo{1QBmtIrb9xKtBjqpW6 zNu1wkH-F(PY<3@DpsSPDtF`Riz)-*zHa6vi@u9^>wevDt!iKt+sOQ&r6@Sl z849g1e^6ryJ5?&h0r@y=)#qW+X+9nHDQ_Kgyg_y1)y#~&HY)ZI=ZuB!Fd19^iZ6AN zi2-N}f|bcl%uI~T!n#hOAc&C53!yVS{PxmVH(4d35E6TVve20=gB=hN~uAfdbu*VN%-9nP^ivxVT-73BL@#m?3cDsMAYNKe{yT?aQNR0qMh*Tz2m&4X=GcD9ZG@Y$0LUGREbdR*HFI%bU zLzmJYbG_%Oj;eI?luYhB?Dh~1J@x6zKLo(kRYoB&(4fh{%A?Bh;?vtaCIey^;^LfJ z^Tx(^{n`J38wpS4abU+PmN@BOl$y4xjRt~Z{<}`@G$^eeU6Q<9(<^BOa+Y5S7kiaP z&69O+AQbi{>#F|%%kF80nYEYuJJHE!W4wU|+RXmvF(U&*<;UmXVBfPJ9?@buIs^H> z6GV4?mel4m!ZbXL+5cGOraq$$n3IwgBVeb6jj^xKS48OG_dX#-sf#-KeRsx8iyu9} zK0v-zkzq3>rY|$6y@_PCc4llbyO^TMpcf>sDIjeFT4=-1Rv6+2}io^h2XhBvt>_&qIj4d zuWp3f)coFVq8T82MJW3mCFuKu6J}!Yt*-Xd?d#L7e^x%j|GU5G?9)1(scA2Vq7e`< zw!rxyFrWf4(V%Q<2b{2nANBFX;%&~zs1;>yJw>I&W|nOHn89m+gfZuXJ2h{dQr&X& zOyki9|6P(P??=Py5HC2}+WxrU)GONgXngm%BCz)Hi6lw|5v{)b#s+1Cz?~A5Phcxt z`q{0eqceqt@%j07wm0^lRsFSCJ)-9Nmg#-ksBAOTpfrv$!DwYh<<;x}wbynphj$!XdlYq>RT_Qn zb}5xxtB-oQ9HQJ^k?|O;bR5K|Jf$8c&%l;^s0d^~BT)tJ$MhxBy#G}wU*oJmDwfXi zv$$5edv?1Mqx41L-K4(z)Oc zWHWJ~E5lWBR3Q*tOaz~4%lxXTM)bdNQsp0|1#9SI$Q(QU9f@W@MT4^K(d z+m164SLpBrmvM26K8llr^p;qP^mse+>rbF!7yNEPSv1CFn8v#GPAFwZd05yafuBCv zQKO)31s8(co#6rg%BRxTK{OnZ&ruG^_QM2dSa??AUBA8kwCB-BnEm4 zBET^pW?nCxOn1U1Aea|VHy<7?tf7rT0S#v8mmnNE<}bk`7)RZF2AycP0CXKX*MN!L zy$(U$w)877>duvOunh1amw?Q04}cSv^iKHv(xWfK)Mb=2@*xBHGP&rKns`Se9sRN-?4+EZ+{~_?B10LD zn?HvZf%~$s<(e8-$mJQo2orol#ZAm3CwSS_`iAb72c_EoS@&kJb9nJNk|f`W7xV*k zWqCdTZS9#zA#iZ$drXugD@xWW5jyuOJ5={R8_DQ3E7`+e{)RK=h3M>Q>?kN@xk8jE z#ot5N-n?q9LM@JCxaty9`g#-QBn7RZj~HE@>90EY4~@WwdJDXBQ42^#Kt1N;3+_G0|y9;l8)99CSVH@>VVaG_~X4GRPMEAxSlTy(VBK=ct8YLn&~K zgDr#^Ju^ljX+}J8$PxK{^0|`^zPNekngiE!10T7a$g$a>v8_TsR5Bz?Bvku*or!rf zCd6x<+4N1+lR`53LcOOKzl01(TI9o4NhGtf(_X?SoBxY&wyq3MIcqWhq# zCO3om&9n(YRj!x|&zxP-F#M4E6zGm!WBlTwKB{C2!w;&)`G?-B-%XC6DJ;p_t8_lf z-D{jhu!^~$TR61I{?@aP#a>N`?@fBJ@!e|lVIT=13reG*_EPkb^jY5>G#|2h+-kue zja0@t;t-W7P!P2us?)Nhx?OD{5NmgLO5saQj{;=Uzvk|03Qw>IjVxUEC|*Q7Z?nICm-wk}*TU|Kp# zY@|i_2R0#k%>Be*pH?yKW~HPWPP-o2rdfDhE>8e46# zYZfi>8J&ehMAS6M;{gXY?%neP{Fm(>SA&IoC z8>{mpc~r*b-P&DMt!YD6e#Yv(I>P)co!VW}d!dbVxY=JI4cLWol8NwhE(y$j;1ATn zr(^|(d-pVYjmd-?CC@sckW5G+LS^mS+Q&d&%UZqU(ScX2KpUa>?g--qCQBG2;Z^Pc zTX3Q2VcZzsEzI*vblgyxap(Q*%hQ6bUWAw#GJEohatVHyE<&GeZ%*6LQej-d${&p- zQ!B=o_K3sQ!5Ilq1GpVJ%ERaNPrtbp(T2m1*Yzb}dR3l>;|5f0bp&1M>V`6?EeFq6 zc2~n^+No^yA!4Acb?*rPW_T#PSREI=**7pXQNPHboyZ!F_u9ojB3I$}gDfi!jE5X5 z2pK#Z;}T}us^Kg4#caq(kG?#LJsEl(4m8GAWJX7%jY7dO^@+R5p^M_=lY@r3O)(sG zOYyz1qNa8h7vw9rWa2!Nz0Ei6&M50!=$VKca(3Rf-j6!it>0Xa3fq(Ljqr#Bu-4f~ zEj(u{2y~E4_W=xA!8)k6I$1YHzWgG=wsXZlO|idXQy04AJDsr){#Th?Rrf`F1d_vn z>k>l{uygbSRi|&IcY|+Mj;i=GV1fQcD-)|}!VUTf!1o;Xmnv3)xmHULM;9sv)k6Xf z47(PHTB){)3-oxZ#8N3-@-ntK%lZX91c?*|Rhy*vAHO4%#Yv1yE;&wmt5Q#~`gDKm zAPw04qakx&G{m#*9}S`VM?)B`?$a!e*BW1`5cU?yeYGUnQhN-G0#Ho<$A@ca)bKF> z)oJ-xDG?86Lpd9>r)WLP=J70BTuSH#F8!HZpQ1}+^lzvlj-^LzQG!cCu0amnr5P-N z9$|IP=69A2ae8aM<3KV_IvlB=>y0e#`7<8Ts*_$Eq%Pbh8o88S$~LZ|`FJ2$QFe7g zowI4~t)zwF6Rc^;_A0XLI6voe63xb_8+ekAHc#p3#4-=n!%QG>n&2AkFb3zz(1AO# z7v3YAMH41R#Lb?wjCItIU3gY%8_acvYABIe#4eSRRlJo&-Z;PTZlIZ0N|?jKq4*ox zwXh|llv$OJ-LvLl1C5_7Y4LqTGpm}AfR#g+4}|gVZt-^+fq9>&&G|<3gCK-NpG^l9 zmrjR6Jw~vPP<dX97-uWF`%)T;HTR zM(T_3{J}e-jMe!fJSMCOLO2nM2D#rzTmzFOe-qG}s)@p7GJG9UU0F#qgayhzCYP1d zUd>P!8n1N&r|LQ5lp?GVp(ravwG$#TOW|dQg8LRH-V)HBA?^7GIn#)g-*(0Vs3Xd7utx&KIXv-{*8jz3}a1UAri@6B3!;jVh zFa4JK)1ouvyUgxiPV9Dfoh(A_k5dbj=aFEpxMpZ)O5$dXG6CHzJqJnyE9$21dT_CHl53ak}p)?fcl>FzyfqH2sdwTkr1JGL% zyNSyDE?j~rX_6Z@SFgN!lhA$zc#{e;kwGdZF+WyBKr>z`E)%YPMrTt#R(TXTz~tWu zU^R*{=hwURj+8VxX&cVb&<`*6tqEbLjQMt-ed}&HktJD8K=sR3GE~Yk-WoC`)SG~| zUvo9kAc)D2xEH3DWz;q;ox$vhyq&F0GW_3CFW4(eWD(~ad)0FDwK@N$jSrH7ryN_q zPmTdsrFo$LJ+!9nxWaQWU5qPtK|pSHp+_+2bo_&@4$*Q*_WQv%ZVi zn!u}<&Pc}gr&&`#JDZhd*oa+_uZ`AQcr_tXKv`oKARC3Qh|G(w894&-iqR==-x76= zSmrHtI=6`lVQbaq>_GG{rd_7%9c_^YE83Z2E1lB6%t1QnB3iWAPR>_^FsM`?kfdZn z-I*EN2^l^I(iH^Kdg`P2ev3H2>+!Q_J|TFsDq@{&*=HIK*KwVAaE_Pqv+nFlkO$&# zR+?>B=jjIS)$Krx|Kz*@Ngo=knrAJgx4S1!6;zyD2rv;f6hJ^E4FnS%AcS4}N}-|( z+V@KmvTpJ-r~pW5NIHQizky7u-_baU<`EI6O?Yiw=e|S77IcV|!sc8Y&$f+<$s=Y8 z+e-k^0O_&fK!z`dgYL;=lo=kO$&AY!a$XK-RNfGphd`9Q6b~wi=VP;Q{VD)6^S=;} z#SD5wDb%E#BebmDR@&Vlo!kt8!OVHv)%bHCBYaEX_;|l#xy6NsVq8Zp_VBrZgKLY8 zHR1jj3@BUuLOkgm2Dmvzmc|FzXXYcH_TI4tcNLG}idu20JCs}eLG@+qE=K!6#zJm zb?|t;ocw&&55;TP>ZF`hEhk1|#%TCIhzGem@?aEMWquvB5G*M^SqLgsd~;gvM1@L` z)zzEzPH0eI_^0Tbb70k1H<((iyFnXRs@8|l z^mYqr=?9E*%oQ#U$Et#g1`$y)@_`>>iC*!+FtvkGEDQNkYMBG_keT9}1bjaCDqT2u zC1V`QW|g-wBGrMotwul0EjGmiR2W=@Pta+2M75Admq`Wjhahk|`08VU6lv6?D)fOO z6^PV{%y>Z6#tc%GW@gR`l?o;UO6Up-5uTsQB;vCxH$QI^=+6jxXI04MLy{}j{%utY z581YM7vo77wgYz6|Hsuk24~Vm4ZE?OiEZ1qZQHhOPi%W)+fME{nb@A#*2(j}=Q~y3 z=^tIyU0v1x_TFnpm_mfzt_>H{cfjP`~m(GO7J|PRy!A%4_PMT_H;{O(9 zOuGycy~umSuz6z@2@&W_f1>0!_)1IArDxld(9^+Tu86K+&Oq$$bgf|3LJ4t6wGpOf z0+BEx?RfoZ6--_e*?N^EnHYh`3M+r(4->V?=pR%V6zrt0I*=Bm)Z{*Vp#T>~2+bZB z)2Ba!u{LYI0^6Iz@R6jO^;sb&EpnIVW&p8#o1*4#n*yaY*~|r|KZW5$48u#~%=8QT zTJ$~4az>_h7RVf%;1oK*V~rqsR^I2ot?O5btq96P6=O?7?l>Le5_2}E{^K3z?pxqH zS=i~HgeW+2gf!ZakP1X{apPaH(8=S5`;0$~C!^W$|1h4n7t@LkKje%b#*=|FgNw%l zWixR%Sv(7FiUxMXtkcvZ-jTKJ?=e5VptYiKQEFO^U>ufB@&q@Xbl4dRy2`wYQGH|D zfohpXwDNwwH)_~cHyC&Hm8WH|E1?jPjqL3ihlE#d!vUdGtI)=v55eQ|87s$S>%7&b zzdnO;-*Eh;Ixq2Ws$#8+KbOr_{A|6Y-?bZmo71!7_qOBi)Z?=@VbjJX4kYc$`(nt1 zE=4^!d6(aSlcBTTATVR*HI{plTMEK{Mn;GKe$Z6rIsIA4GkBX_@yr6AE)SN z;4g@$m_4dhyVHa;RTCu&#HP3R8Zqd9ir#2&JlVsq5>qBIN(9dq4T$|HsjbEgQWLCB zIVoKPy(XB7Xn|v61;wO3L@}w(FCr_DT_7ESL|UZ?4V{EB;X-?U&b+lZb&P*A_e}qs z(T5#W1GKP-jWXxksVx}Me*Zuo`^wG#3-Vy~R zK$PGQBVNkvl6HkV+?s!+|b{P;0N-EkJaXFJZSzv9?)ud z#{UcQoNnE$d&$SO{6L=F^}zoR@|2{ktkMlfY;*q&(~4r+qB$4k`~*s=w38W8))9)~PBin%1M|F&cd6&}hQ$Vlb=@NJyB@f`$nBXwkcS!e^@us)oZm~k!H z2BanlHLH@ODt!oe890MC-}2%~Y1*tvH#K@UVL=q|FE!uK@CY(o4!=&q%TklZbPetF zxGQiC@3gfm(7aa4Lr+joJ=Oylr=wv595;k$1sr!Kd5_+ZL5saB(1hi9sGd5Vptx%PC zJ1wI2PYo@kFx`Ti9dTV46UTHFUl-vL~<+Yul6BFjP+IFM57}Yqmo9q=aYz zwpUWlHv1sfVr2&7CH`qW`~>i)KI-560y(j{g9yLHIsc*5i1Y_`sPs@5P~Me8##MeC zfc(R!$0--5kIp@zNw9^V4$}SAHPxYbwlh@9PQ292myC;1=AHs8hldJ|8kw1ejLJ#~ zp^yh!dvHKb2)hs01+I3s>Mt}s$rY|t&$-Ex5`;O)hACD!&EfmlE^zsW|Nm8eR0k=4 z1KW~J^B&*7e!L!)zI^-g*L?+i{Wwkje{5&px8Vhl9k1(tD@6r5p>ZE_Ux{u{oUb?1 zb^LYpUvo^?g!pk=0x-V40S146Mmo=ZHx#WADfK^xzUk&+07d)U4qvPz6w^I@kH8ma zF%w)n;S-V!*=JuMW!PWHln*uYoYaXEsTY#Xc!?jQO(H!pVFnp#)(CR{4fi)o@Pw@V z6)EV$6xsJ&S>4G9snNsRMSxS{B_LY$hYgW@gSRFUA8lrT-bO_IXa0EI@d6M+N2q@F zzWvauSp(j>zu)&K7`0zIuTUi#;K4#Dci)2jgcKLDZis~9H!LBV%?tnA>!Y>DqFV z0kd8U$h<1lmS?}z;{CM_Xt+;$ENq1(?^R{V%#olWe6>$5-7&L>GDUg|&ED;*?_pL3 zAwD9N_&!jq1;xNeA@7e>G(p~xw!V*9u~bcVexlLeeeRfYbn-1bK}UUQEUYFl#&-Yq zCuRZi-f7+de1;WJ>sz`P{t+XvAC7h&@VT;oE?w>C*iE->D$~!$`cECi!3ruZy`E8~ zMPZ)XVjvOO_+9<^09w?D z&A0FtR7K%#{e|9)~X`2H3Ry{-FxdmsVZ8(MVu$}6QdBlc&> z5CZ{5<5){+T=g>}j;Aa6RXsWS*6^U0LzqPPaU{geNPYT~{V4yzVIvAQq$ z3RhHLs310Nm(QO=_co&L+TSDsn?q#+{Z6hvV{0i6Kc02UObN2X3eo`AQ7%Vfd=+CS zR(g@Y@@IF1b;gh}jx_M|d`^$aURcrZAS81L{xiltmyGC1lN2c+gD~gwxR+}X8I6iE z6pGfX;hz#I_1c4L+5#eGJfPurB1pz@iOUI;F_>=MhN zHmp%|JE{f#+k?sezS*=JJMoTWy%mAx9^!YOMgkwTOalw~cl5@=!A7>iNJ1iOd-Ekd z)mCO^Hq;)PL$;?hzB3FJW0l4}BG!>7tDZgb!S!|eFXhpl!0R4#;F`8jeQcK^ksY6i zo)tsb;uYRi%#HEQEZ5Pvatm{|;5za&cV+)^lc6+^BK3}JObD_M5lN*%C$sKvA@$O~ z{!*4MN2qA^k<9!-ZkHN$zrva){xOQHWJ+_v?AA*dzotqMp)O^74@1r7eJiBca>$-e zY|H+mBM2osob{r8uZeIh^w5ujZo`HWc~ykcAdJf}SZqFGgO<6G-QMR(LFx|6SgKKU z(oTKom^_@(^rp_}V@irvb{?iWc~AE25+12WX@oc2?s3%AqSlY4D~$b4gks@GUf?g8 zgaQ{nPIllMWM`b%OoT-7yqxY{!3hnLbj;;zdOwchxc`Dnrt2>S18DGuC5^d>v~Ewm zzaGyXB9IsDmb$hOC?{`SC1RkCI>~TYr<0of9SK zio6IG?&kOIc1#dCz#N>f9BUMM(@B?^UhH*QBPePl!Cac+Fge&Xb%#ALm%9Kp%p{f3 z797}hNZd+^vo8Q;*841OO{^QHSk`f&54@C=00pv{Bt0y}hoY^U^D$h6-u*sj#xp`m z(0ItU^4l>7plntw19T!U&%59A-k+-lLS@I`^o@f7WAxVBw3;P$Lhy@&gSeCx&fX_U zwff;|h@$?f5uR#+|JqX=zaRxn^6#$CF#E#nBxRjMZ=Tg*M9}ZbxuQFj+U;8U7(=y} z+o|im_x=%f^a9U;-sdNl)luYY_s<=IkIrmcMYU@-s;CHz3!?DUB(t!+yI;BAcw{Ml zK+rxfnI7J9=d&WB_@57{hNEuh3in8D?@VfKqvHisM3N{sbBVPZOP-yh|2T%GR3Plu zolj}ed*s;GgRgJUPA>`6A*+o<0j=PYf#Ig%BYAlILsztKHfWju8 zk)iEZ9?n$C6a-_+o?a3IP9V3WjG^hgm7o{uImgve1 z-Y#<08J0U%=3RSRVH))nrVB!wqo(^1ne5qJ4M1AI8#_jFSe&|a12`x6d=;nsI9?<~ z`q9|Jfpkdg~&tyduvAIsl_qTaRX`C&-S^$&;_}N zZp1*Ea5uaSu_=TI27C?6l5|vLt~;ef;V83O>%nAc+HJjc#dNnN(I!^=OhvOxgKAvN zl4y2wHAJ%}Gk@X3+6)yP>8%SDoqvbm(&KHjWP7~`!7qtKs>UR#>6H*@lESJ%b>&AA z>QH{@)5QD{=-6BT{`mXZ&p^G2^{D4)nnNL@?%(s@5=bEK{@V4A*be3F?3u{5thc4ueI9yEf8BqyUByD)T-2EvXR| zz#rw|_!dBu4$*MjF;me74gsg+F5chbr7Iz?5O1aJygZ#FxgC9=I0int9e2B%h9Y8~-T3oU`PP|8v;{Z{j(7~s+_HRMD5YjTsymhzT8Wj(pFwqCo| z-Frl&y0znV9o?BRmeYPB*w3>v0iFt`GDFYf`Fs9Z`$aNYM$?2D&j6oR@Y@S?{s&K5 zc)RnWQe_<^58m_y%kl1E36z0wXmX;_A8(D{H6Qd|+pD!Pem88iA`YSZo2R8H#k`~2VMFTK16Uw+B0NIcDUS z#F{L&OVB#7OO<^Wlj&y3ioZ4d^-iFm$L^F$`fPVJv2)*S$$nJ<^R|0mkg=MqKBN|i zI?b<0jxm;?LJ1UxP|N|v+LDR1dD_Bf(LcAL6rOhw`w8rFT ze>F!qMuIeq3Ool9LmbW+Oce<24gZffWykp-Atg${nc~z(VS6IK6!C-V-H$Xq{irmT zU&EprgUQtO4?jDpaLBJ>g9TgDfA|gX)C!KOgXIk{$`=cp<%|T45oSS-oqExuO6mn8 zy6T0KuahUe&*)${(3#W%`iE4%|> zIwAM~Rsjf)i_S|er~;qKS0E(=EwZiiK0S>%Yu)Jvn)p1w?7k<$;kUbN%NsU(B5$<8 zgc{3Ig>S)@L7b8b*c{plH{p4*P*Yl01wPu>`07%qnr=cte-qIhOZ&V&E}ZN|s$18P zneiH3O*KbUut~H;$P!)h*k7Dtxb@wdDAbxSX-SoK-*-zO zCe z1qTuhcwZv!S0TKlm*qSeq?ERmx<}xjbv$`?T&YFfjchz>LQ_^?&LYH#Ai|L&Sic7O z#_8T)_kLxj0JZcI5akCxl7;0O4&>9bOkwj(8nm2xqne;V?dG; z%VI?qSt!e$^-#b?58S3Xn}$tKF{EEcqk5(xt`W(s6|(*M@vUmjdVxCr^YH_Uk_mCs{`NH8_p-Q@R8N`U4WI{G=Uz=75-|+G~#Pc+##%}eE#8k@S zW7T0YkDUwoe6RHnUF&r$+a&zum~KjBfrmxt#JpEWuzieXsoS)ALvUyzVVofGZ-xW9 zMf3+qQDtllZDkX@eogBrfx%DcEt z=ymD-e)6Z6^z6g;amzzvcJEcj)5-0NwpR}Wau;0eGi5gr{)m zSApq*rI27Nf^>ie?N_NICdSd|SaV1 ztZEgK%bihEwZT3a*q|h$L z^1JVkbLm@x2aY!RHFoJfex9wKeRN&|6UvPmqn7V2)l?|bGd!|f18g0M*6MwVBa%5o zad&Xs7-yL!rk-wp#^+1{X%+xB0AZvz39v~vn6OEH%!5YmSxWi+Q{N`4Vz2d`4J3L4 zarI35hGxCag@Y`FY>b%IVf9khTi7`h#69iQeoQn~Yt$Z|-0Ty+qtC&se2MeRN6NjS zn{zT9(x5AsLhCqB)AictTJ&KyWDe}^0V(3n2&TzT-sJ!!z=!|$hjMYS=;Lb{Exw$npPOoE`GA%94im$L>Zbv^mK#FKHPUi z2iuk6OwJZWlOfoE68me0PN6i1nQn{lIgwK^5tm%zFRZi&(gi=C1b!Rt!OkCM4}`V( z&n~+#;nTE=Mf@UlDDlE}szQP5@@sWw7N>r`wge0k%JRGz9uVG8su04d-orAPJJ62a zY4*x-)H@HJP%Ob!(7R=c>+j8vhp)B#sK2xV{X)2lyddB?uJz89Uqc^Ktm ziv>gBZ}%^cop+BUPepwCM?3!qQKxPHui8Xj!a=aP055%W(Rir09G?G8RF;k;gAnwZy*M@6V`bw+>zWL86a~+{utmUGsXPU&dT< zLy@{!QWNOj&y3OL3vHp>e4Yu#(F-ZWq?8C+inVbs4~yCPwPyAoEj3Q~=G90ZXFw5J zC4}1@o0AU;9d_N3kcXrT)My%LZ1IMV_4<87g;@9BQxGyTsppm)WR~diO{v~*`j=+z zX!a{I$49VIgyFwHFf!Yx7K=>ErIYhsM`-m1VC*J* zXA=Wno_*G+?Kb>0TW4nh=1WRS^7HyFjZKr9*b(c&oI2JZm}|?wW$gu&D@nd>Ppe1W z5U)L`+-iLifZfRbZ@>|mlG-*tZhG|Flgno!CeB#&q$Sj^@EK<1FL^@xzy|1s_aGNq z8hcy234Ms)jVfsA134dzzf{7j!;`$Dy?yfJH+}J?q?R_j&GdRaXt-2TA@O(2eJT&L zZf(D%f89E2J=}<3is0Ve1nze7HhfL=6OCgJHC2TgZohjy7Y=3h$N?c5sw7|YV&K9e|NPDIyn(%d8w54e&eJ-|RJRJw5l$qxOCg|3}EK z6Xmb)SP!;BRbzF=U0SQM{^69nP*&6_UvZvd{pa$(S7#maR&0sqDd+?%RBpKoV_Q@s zq`1pieg@tJU8sPtwnsiaj(U6T6?oUJ{?Yhz2zIn3H&8teMG?FIUJ1^+fmTK7a@4=H z+ZUWe@L$;*qI2|m1>Em|dFX0wxB_S0DN-%Jr|tsu>+f>Mehk$YEiM!rel>-=ak5;d zWvpGlr0u81z3cU!C;#PJlB8PkAvV6F;M9OhD`xl-B<`yBWk0w_=A59lJjZ6ys#ea9tyL`pkhHW~DOSH&)DFkh@eWpg#SW_d9tcwKI$f0(Bp zz7hH5{<)#7H|fAJIm^eb%k*T?zsvWJ7r(Da|4UNDvd+yR*`A{Gd#0?A;pwwVVOyKJ zEG^@B7_2Eilr_PXAu?<8-y=>s%((Wp zV2}n{0{zmLJnB4?S~(}mJ%YZuc0My8-Sdw-AUVPR)Np?^VwRiLs?;O#r4gx(1^e9* zAKnfL6oW|NtUSh~hq=-fLJ$2u=^2bar^+c2*&L-d9#x)zogX3BMHm>s1?^Bx`|bix zyixaWY>W#fb$U|zb+v9#q_ys3ZGd^1eOKq~(QC1z;uL8wV9WxN`n!<40Do+0%>R5z zvkJl|pZ!Lt*H=o}A3b6LEzKf{m0L%2#P37praJRVfY3KvkLb>O?8(3Gk5<}U>)mJu z1uZ?jQt}o2p+Clp`>7uOIAA7`5)UDlYQn(NNh$U$gStD2FPg1efKoWv!{MpR<$QK+ zXbI-&*yc^{%U%>>|GJbDm7=S^@W&%(aT|&1T#07p;fkDA{`cQ@D_gr}Pg(eB1ZWz?TUL6zbo_2W;X0KFnENsEr=I#dYYADZHE^Gtm-mIPJm+rMGH zGZMJa4GG5Q9DfvRrov}s_gmE?$*RUCmF`8C7N#>N-UJ{N0@=9)crr8g_P+G6QLan# z(MuO4{!IM*X;6Y!VHS>jX48E)#yf5+tqIz3g}N4?!Ah>L8g9Dd)v^GP6;!`di_jT* zP!J(9>U>E~cnT+t4L?U9df_@K3sa3jC8H$cGSKA8)J#iRjhBT2-m?XK3^;apKBr68 zDmDxK7G5s&tJXrCxYBQBJ*QfzZw z^_9?FwAAQN81mn@e}q`1@>+z{7QASd&+79l0@7oId<1f{(=&7o3W&aa#m}4> zKPK-)_pQVv#jAf9&@<_z+#RYQ3A`@*+__MGJ=3q=ecyL}lp|B$mKR*7z4IQ;7TQbK zHkvP#2Q27Vv(&RsJh{hfxRT(U-N6Ei1B=iE)`0qb+LD|yyT3vATA(aUtx{4!X zuq9ENk1rXomq|@|qO+6TS2+@XBJP?L@}^5s5y;O+LzX2>?uz?*VUn8B1uCaFx#LP! zNdFe`sK;{sr=Ai0roi{uNpEL5^KU>Qqv&016C$YhI;bG^j_DBJq&@Ts`miw}WVH`4 zf5)ZyTKC)ynH@(eBuz0_X4f>L6T`7{>XDsjo`{AX+K$ywAt3@sh$z#bREAJf%vc5(4?_9zTGgLYb}Pww%kzLTBl z*RvIZzpm3m4Y0a+U6`W_Px!8cU5%jiTKv%nmQST&Zc8Apc`w(Obz_DF<|Cs$+p7Ct zTDC{zA`YF~lr>t`r=}8mru($+7FQCJ6v=iy5}c_OC{*Z^%~n^hP1XJ9+GSMH5&)ue zm~}udO3`najJO*~TGQFA!G>K2=x7=8^ka+A4hk4IQqrKo2~5b}>@J1YWtFf_soyf! z+?k4{ch!#>_?Nuu+3~JNVvnaqFqo<6&I*g(uhEA-H>YtpB0HNm+3FmZgBeD9Utc)1 zYHEpl)p)eJC|AQ47ir{qjO)l`ZBEDbZZ-MV;R-8NNTJOH+PPGR^4u+Dm)upe~G+SI=?#DuzKEnARO;~#*Ic_6S~|#2Qrk^bdSX0&}1V)`k9e~xD9b5&bc#WiwSl)Kx75KUH#AY ztAch}m4FTeR=0D^iJ+XTz=I03VtYgkzLQ4bc-{&i^1Q1GZ2PI@9VfXL;^+da7+mx8ZB%>`zG+YUf&vxtA;&k3II=g;*$B1BuunT ziP|u`;BHJT|28{EGqcFeJ-i6qA`DaF=(j2$WBL8{-lYg$FhAX!lyqS_ju<7juS^LP zCR}({Vc(^!P*b2oKuH5cw$<;yVG2pKe5X(C)By1dXic}pYImbVha)`!*0c;M%!h~#H!kEw*hkmZM*zLOy&5wMB8cY zOs6xa5|r7~5}^1Hs%qy~RaG$$qqSr459;?pnLV0{F%QwKLVQe|{iuwS0g;{?O{WaB z{GWv<+ymvD`{Nibtl~gwc+14A%pnBf_cC483a)HNyubyb5+&UWCRHdRg30`t46_Lo zdFCB!SD}$jo?%5#eI|*O(u5Td1a%?jBX-V&BOF%RY^Sv0TC@aIrD1eT-bF_36K`~t zY4Ng=<&$c3t<=^rO7+b~hPxDOyWr7+vJOenb17?aOcpt>BB)$|?tv%Y?A9s5klg8l zV_GTfmZznMaz0aKR*&H%Gp1=375+ZeKHL?xrX_I2jijhbT6Y0Va}u#IPT7OVd75VAwQ!_kM$q ziY6)VewHY-T4khEI*W7oM+{+s!rmu`2Cd4?s(3N%FKJbzyfWHj)h5#@A8{*4)l)O{ zl@7O1j%b^b>Be-esS#c+;z>Tg@sebZWS4S8VSj;DG0Kd-uU2@-;%qxM2_e))MeT7d zFZj!Y;)B?n5O(;(i)0Uw(EfGT7T~1R^k-+_9t>qF-2rp|cC8oZDWq^)+=&N5%{>ZL z+KJT_{OsTJVi=!JMnp7rd|q{@r*bpY#8Rh_}eo7QYg&vETxRmrI=(q!Hm<&VKc4PFNzli_Sn^| zR9)WwqKj181Xu@3ofldzoj$Svl6g%S%%r_?JLfc#>H1p2;s#NR)!r!P!DXlKGhDbcwhID-fMzBv!I24ircdj$2%hlIKjZS-(_}*Y4NLQ z+k_o#uI&kx#%!{acTX!N-0N`rpi>~nBz3Os!O14_>2%#f38ix%6Md)5VmPTOrX^uc zQ+H=W8t-}Cunaxxq($1kec`EpQJ25aY02VcxF%rfs(-5C6m59iIkpsxL_aa{2%qLV zY(nCbIfA{RUB;l@!bv_UD#LT7Glk8<(i14lN{WQGGkEPF{M%x#uxU2Y43-y8-S#4E zfA17F!;GcEyC)6+ZT=N&D@z`Wmk3*farSSQ(1;cFASJto$^sh!#d_2=p&?X98PQVk z`JV<=2KEGvi;U6ApJ$-&+)_-+YL!c!@m#6| zDWe{y#e-R~xusa?l3o%Snc`?CB(#VJ}y1qM*y!rA>-33BnM= zHDn#|Xgwv1G9vUI(2c*|@2Do4LK%%77BfB;|5QqT-|J4Ylr`f$uCHrmW2oBIYb?2| zKdoaYyKs$7hIq_5ad@fN>_}^6mIAi&Nz~aRQN3c7!H7~aS6pi% zQ@T1mq6F;UCY4Ef5Jdc32K;_7-vYe6)gRxt$>kC8y`B#bYkP|fh=_>!yr26ww~G`3 zuXnJ{o&<2?sby;z5jf9kc$?RUChRQviMKwCAF;)>?BBqgJ3s#g?c8<0CP41oy$CS} zAsu+RtFxXu8dxfZq?AK~Tcd(zSc`>4B1Kd#t601d%q3=3A4y!JY#b+mbml94U8f!BVP8z^Omxju$T+=VA2;*#-(6PdIn&+IdlA2dbtG^ zM&UM#!U1u|KQ%QQ))&$NcLz8!<3Lu!w*!F>h-Tu0MO*{WVTZ_px+(bJ!bS zZ1U^~uY#qz&bVtCvDE|KEZ_y0NCVhLoJgCwvMcT6{UBRvQOOjGulRWSdAq_rkS&l)BRCyLs})?HgK3PKi!H2 z@DZ|qVmyIareFWpp!g^_>ZE+^I$u`Wpsm}TN884Bz%U-MOc@OoVOG2M_ASQWF`QMP z`x@K2L6r*zuFs?aui(UG6dg-N_TRpmc6&9aBeH2G3}Mi8Ett-T?u~(;4Zb7Z18&^- zb};!1LNJ0lm0nV8rn?ki}B_pTFTDIugxp0#5mDfG1f%+cAEFvrLHG_MlnQPz@h)rM4{ktn9O? z-;=d7elWd@nU~HlHSlcsnDz{&nDwJialT_(Z2SShpF1l+i}PxeIRudSbZ^*x7#n`_ z!Gg;L9?P1eN*vt%TLaf$tI9BqT=@&4HAV`zY)7)pO=85Milr${a)m=Zc%%@#gew)iQ&^@U}NJ#xB)8gOb3j5l$ebgn~P$Rb>BYqJ#a? zq^eaD15^ng!LXV%e%yIV3--{w?(Vk8umH#n%Cd$GuATwbo?YV z7{ZY>5BiyQhdP2J?z_GdUM*druO%E`aD<@^sb zO-pWDxP^OmqTcyaqQ|m5fXM6~fbg|T?<}%M^Vwo5RkTSL> zKH94nFIeEzM+nqigCs>%=9q&dx*Cnn`a1Di$59j>x2cq1Vf7H}!a9fHDYA3XRvP#v zMZ-s3+@{yTvNXdHMp(sRofvm#T`bXB3$sFBq9zYC=H=>A*j}Ir@ix3%|F=AH-Y2=; zPA>HK!??f40d@S2#bKGRo>ZCMBy7GeHlX6n5b!J9L`35m0vjS>YOn23v)Cl7p^4b; zx^Kic=FD;>9U$;3l1#$!U7hT-Jf`aV;xaC+R0%~du=?^SE)8sLVslD4VxbbGW>_W8 zbMqr~MqG%3!>5oR3kHk%iiNdo zUPvmbQRz-~BRac@_HJ~>YkN`D<3d4jJ=jPik6s9iS-!4;WSH`DRV+`sZAVjI!snJvYIJN zMxTF?;>5PR;J;^9W6fkmr;c4|tBK9Sx732Xf7Po90DcO#watON@H6Q^dk3c2ySWpd z?mO2qi&zni@~O4ZI+en0QO2rfavhIh*$DGQKb&NageRRp7ClF6;(=vCFG*K2fZKAW82DH-BdqMYN*Pl@K96hwzRAK z_1u&?;{LHXz~EwsvH$(@V3@a@hPB5@ZH<%O5HGbWUT9UaGX0;&s@F@G80n49`mZ4V zkWYcFwzi}1*MAd>V*wSn-@Kb|0o!9ID(?YrVy$l9o1FpnTLRaMpZA;gd@mi_pNnW# zZr=|&m?yoFT~n&|gmWjDhXtr9_a5*wS?xfFWf0^nru4MZ70y41ZktJn4G= zF(&oKuPhv1e^g$7{V19|sYK>^5N#bU4eCd1lRN`b=7{-sQU8mM#|gfrZ@lbGV7fUQPqxVIUH%^0(6nSc%t~Y065}NWNy$ zV1Bqut}^0>TZcSeBg~kd6`KG=o@p*ZpXv@OwZQwib`g!^qwFFGBjO_1)M8_cnB=uOjMwE`Gz zr(%{bA=Fxb3zz2o-JrMUiTBHwm5c+m9FGo7*;ZgKxmo1l!@EM;@5wo?hpdq&z54NQWOm zlVy;-N1yqx5ymL6>9|)!b>{qpg;U^GGu!*A>DF?^upZoSIh#T_EpZQ{rirb(v!;n7 z7B7t?GbT_oD%oUsHx>}AN_?AH+SLVN;78QZ>rxYaRovN!FU?72@iZ2N*0+hepKw`{ zA8^~AMlHPy7y`%{K6czdl30Ajmy&#L`FBw(tEOhwxTc&QW{PQbfRUv&EM{OEr^Ujt zn(45W1-j0K47z?DC(uvQVwr)U^VdP$1j||6M>Z2)DmE4QBtwFxuo2nv+Juf^8lQ+L zvVNE>@uX5WPt0WK#n5vY>v#n`q;lN^O=j1qpinUSz0l^KP`oPXvi8B``C|=@$n=%F z)t#xwUM#9ji`845@+VbxMMt6TXEswFUVgvdS*HmH1z*E3S(R`PFMm(_s)0Op(Fl4- zBRW_Z?8sp?!(g+l#>A=wjFUpvO@M)rMve$h;p$C%r$wq-6<<@9>P20|1_XiS8I39E3Pcg-hf)q-%buZQg6P^ zu&ZnhGZ0krab(Y-eef-%_&iTwOZ}9cv}RN8&13JVU7N}IEu zcy<*?qb$Y*_3RHXn*JGsX+iaQlNHs`%SjxchrdlQ35ksjSPHj2F)B+E z8ckvoXG-}hthlSn2QJ1+lkR()Fm3!Dbt_9=J*o>kofu)uPwvof!4;~tbG{_!rz^i@ zAsQO{ertKCn=T&scf0AgA94pQY6T1(v&~JP={%L(aQ1}9Vc{&BdgIB(R^_K%JNnTd zuE}JgN{!3@Lils=L`=W=v5Z$H3&r6-8D{LwAWSI&A#VBN+Cz?c*xVc>E`F(L;v#mO zoYM7hnvo>~sUjq1s!YHgy9oKw%Vm~f-M^vmNLf%=2DIS#Dd;Ob0OJS=O(rlG-KNGJ zDy>GV`4M?7pWw>3ST!S=$V{q;)y+>*_%lP|DwtnZc8IzImH5dl=9DoPus6l!5u}|3 zYXzk}r-W=6A@Hd*A--D82RVqrWi$@)CcYk_ZrUka{A5^YF6`v9z~pzJYoCksqUM5w z3xrYN#_IE=MDlz5YW`Hk`4J&}J9On$TU%{2D0O6UeTC3y$dm2^;Px1B)4``p`~oAk zIe_ZxCY9$DL6g)C>2YsKUSgK9fT1WZh=c(SQ@{h8NiZ%*d9Ux&#Y7WPlWA7p7}+#S zYuR6fjuUO@xw65{QAbL&dcn|`iYc*fhYWHT_yEp5UUHtX7Z$*F+tafTN=xhYz$0$v zGn>;nCb_kWgJJ|GusAgAFcP-!Wb|-P&6L=vnGU6ColxGoxMKmaLb+r60fe7xq|U?X zo`%8i2^ws@UEvmLI(~P~tAZ|!!=5&~-_VtDzw~y9%WSz_Gy=!ry7!P2mGp7Mz$g`k zUa7JtViRHc`zZYhlG})l_4R=FfYLxkc6zI(M{+2)68Oq44+i5q<`nSj*z$41wiQJx z(h_kWzQoiie&JM%Tdc4raFFwy%o|(eUv$Up1&k?Ke>s#)>cw)8iL3AnwUqMi$y3~MPg_(Wc>UDXpsr2}bqwX|c2=6&9u*O@ z@N;-WiV(c{p!SYuPcKzU&C4^YPreEy5VQU5m8@hu9XjK3vr()8MwhGJ4LviQybuhz z;;v)K&Jvw)OtUq|Cd)m2tjaG;1fuDwX-d&pyv4}#L{FcME&6WNUgX^F3ihK|AAWUI zwkk4)YAy%zI(RhlRYAZ-CNmnexTl3%v;`-UtuMv~=S)a)R$13|nfIgiDwi-JO^3Xg@MI&8Ag0%T||X!49-4gjrR9!2jQwRT4DQs^79mM)%bYto7ctPm{|Lc^7S zR>&7}A>nd?U8QT-fZ3renSLYId3H&!Io~VYitzI}vw*KWKV6Cl`&HABeI+t- zXBS@>4}twhd`SKbeCfC-K=f;8DF5qY!}6K{k>Jad^X=?JK;Xj)?)znNTj0sxCE&x$ z;d*a~pikiS>f>Q)*7v%NKrByx-=L50BeCbL!-B-e=ljJVwpfnWR>sFP)jt>oAC**DJ3TWtIQNmzQO#(s zMSxMXp-w64+_QN+(q9{E1lvJ=TFsIwi}#%K7+;u-fB|mi2%pP_07kjP2SWd+6^r?U zA&U53?+@Fz!>WH(W3#=!9}g3I2WtmoO?_XFYv~ua8b52t7-Y<3M})ZWRO2_(LBwAC z$(?|{fWNrEp;2wd@<5>zwU#&BfEKZmmSDgLQ0iQB`Q3;x$VxjDQDJk+1QNfhHNIo1 za~T4@fZwv&Ill8m9Cf=4ABKCXgc+W(nbGqiakz>?W#jN78?C69B%!=tz|P^kS^n-r z{R)wTyj{;%!Yy}6a@XbCH&5=vW#fs}f18sju!V2$zQvFVx$<5;Q z9$}T50Y|jiqv<5*hnSas+4Mm zpt+K&7vc`_N}4vM*_=ST5_h^g8!9Q2-Aw4hUK)mVGGF^+b0<%G+0b=-W*HPz`wLlM zR~Q9&(MJ}g6EOqX1AThcZz3iIZZp}G)-NI5n4?nM~K)I;MFSwHZ%hqG5&?tns zq+Wj6&Jh+;5CgGa$47xI-p0=o)xogE*wL4%p^Mm!y_f5C#Q&(Oi;N2oV3=LMmJcp7 zgRYAJoQCz(K%^|DLf2l$^pUxo0SoL@=-$Ig1nWy0CBEJt_i5fVEJiH!7u-qkv7Tp3 z5aP6Od*>MK%NWcpA|xVtC8?96d{sJ>${qX?9dqRWJUskYT$h_e(nkicpA!m+i; z71^RASe@CouXs)={%LJSLf3*2f3cC7DKAil(XlL4h5q{;1P=`Y%w1wL!cpUY8~fu? zj?<YGX<9)+wYUNtR6Q!)V1Z$!T}3 zlTCmS=~`CbrT zwyUG-$;u7y1(5eX2*hBaClKvS>!!r`KB88$+mfV`*(Y0^CG`C#@Fm8RhAE}WHMU;& zIA}v$L}#52gj~zR#rbgMn!3;lj=bZD+|>mLHZD^}U#lL@IpFZZXPuoI?@YA)txaDMpV6jb}p7(&Vi*9 zZyMtml%4e0)hN8aWzH2h1}G>WVNhLKg8l`0fW)-ru)yptvo#nEy{nHn%s%9uGU5~V zh>6kfZxOAfe_ny}WD<)2PK#`fi z5^su)289}d1GgG2x1BB0fzXbF_Nn_D%3Zf9`W7sBB^jhd;ob8W6(SfE-X#zVCBLD^ zzVEVF8jH2dupH%zQgJ{btm&5k1}KG>gox_3!HnP)*?E!JOBMX3g`h@ITj(SJ!w`erNv1#Ur`PgW@KF=^&c0eayXpp_$`ghj7yvU38HQs(08 zJr5`HM(d2Bl(Jn1TzS2p^t)mM{ zP45`Dv*ypQoaJV0Xi$tKIPaFM%)U}XrB$m3ysjw@ zV^!Tqc-UI!Kfgw2o877zIq>MZoxNv8cr)w2Hl3N(FW{i+CQN(~dMaB~^sHRdoS%)` zR*K5>#VzKHO;Tn!caoX zWL;f%Vnq|oS?m48ly*GT#1BSt2@NV~TNJup4o6~121I1UI5_le_*-x5&tAjn-PvAq zw12@kpSH7t6;eiyNN13DzyIdp;rX~bRet&2-8Fpt_Ve(5d59F3&&B8ayt}!%8JlN7 zAmsm=(Eqvv=j@t~Uze|81@!#hXsbQj@ueVaEPRQI+7@OWbW9pL;s>f{>S*^sIHnn)X(JA4>+^U5Y-b5Z@7Q{hYBLOeaRf;<&svg^@rhW|Myey1RnAm=D>Q89vzik9 zf^?-h3WL}vL1!e&LmwbT7_ZZ&pJx##<~Rk0mUG1OR}(^|lSvmpCN~<95Gi4XO4^3Q zRbGS(d)+UFKPrxzp`(KTk4s<1nRPg>Pkw2Pv0}N`rG^Bww`mbv{O5?BIS8|+A%a>yf?#Dl@uVj zd%F)1(cwJ(?CTyTh_4i1QE=&3I*TD|H`seUy?v)hoLgR$R;03rt_8)c8?P^nOe+@u zut8gs=+?}q5|_k&-axWK-jlvAc)^dnT#3T~ifMh-=lv@v2L-mIDtPjRKEXLKfDt!_gUlP;ev)3TO{zVOWfCJEjFRDS(49aLZcSv z1+|-(%(G7G$xaD7fYn4Skken=^_vY6k6PK=3runC8@J6`3;|k{U(uM4*EH-{K#}In zu0>yoOK?84z&!;2GeIJJIz+JGZ4eIaOMA-H`i?W73A=!`tGBQGDUEN818hz3y)H7I zJLif4)Y}LdvOcV?2zr$`j*%I1#%@H5r>~0?2G{Q`qix|Yfj_GbF@#SrSPQ8j{07=m z>~7i=Em>r$uF@p*gLuUC?55Q>F80Obi5#_%&fp@kZ1yW^eLhxV)#;(a_jWP zjl2r6f)$8IwU`e++(lf^Alj@I7Rf~e5jOwclw zdy@CApR1k@eQB`+e%VRLaC|B_ySn{iZD|qb+|PP^)z{NIbltB+=bz3bWLf~%1^+Yw zZ}pmA4xh)JiS>7T>~v|%ciUl8GstEs`U$RyXC~7qhGjGK>zH*ToUD)jvn^4BFp;uL z?UIuoPbw~ZMj?R^nQVSYRPuDy&ULxoqHc%w*iv9qGm$NwM60o211=hzBtkzhBdm$P z>;+8hZ4H71Wq7L5gq5}99i2pi#NQYsdhfLsPozds;?(l=jB&kVxB;aFDWg-2WPZE} zqRs`aXU!oL49j%*v(t>*SJCL%Dpo3ffnT``veJQ$DI!N}5dvN`cYDk`8E#ZUAm>O? zS1)SEONxNQnzjYi`J8pB_4myu-)H-eQ@?NN^3_+HmwUhW&+FMj^Vl4|%ARk2ucyPO zFE_$mdDrj83CZXQ%;MxuwM}?NqjZ8|l^IUGgEmGGd$iej#o?IItC3g}?_m_Prt*P2 zA7|&ATjSdGWm$q(0^enZtQ4)QTXP4h#tvZ|4+g~bv>u%c3S1Gw~?49;Mkp}e!um0%IdOnKJ zT&W0UgA*+DM8|xKkC)i6Z*!Z4%-Y^9USn3htE*2NXbVRK zr|IuOjhPOrTKXpAD5n>qWGEX{h9NQ9PyD+b-_TdxuBMP_2oi;tZnk=ydl%V$BzM0Y z`_jF7hhEvWZ_aDoY)H7h_+!;Wk?a7`CGRh$fCqXFR#&H4%)XdGYFroY-QJ~Yn)zE* zoR1T3_#WJ?OU@t4j~^PkM{E?Hx`W?Gjk?TiSd(L^Y8b5b@f43LAY3Gn4MbX8< zsNOMTy17~xC=Nj-X>j-P;BM`|fkV^^F$#c-bDhvcY%zKrk-43uRd+snWd(0>v6ogv zs}IJO{q4IijK)pt(8&Pc!L^;TF!=)yCP_p@P#Mg7fhx-7SFXx4-(pZH#N;K2=`xP0 zcYUa0W@1~6gf@&xq^JSXf50dYr2e#BfcBlT@W?Fvd3p1VU^9{dX zn?goJ_+@7FPTAd9CRhz0M&jvQ@c`pDZCpzhI~a1dvSlvL4oB%w$8*3Owrw~6Y?F+# znFI|`zvQHO-m9gT&Sh;=UF8LK-YHqnZxLGd3Zul?F5es!C_3ZPSJvIxTgzp&YP1nX zRWuJfN%V5n{o*{T*ijHE)SkXJzuKU-uGkIuAxe79>$jZ|H6FQuJ7QI{T42YDh!8J1xJ&_$C&im{*}4` z?Y>T}S)%ifHfG(JVe%1o$?(R00pMsbK&99&^vQfDA@i3_3LdZRmR7&{eU``u47D zgUAG-L2gL1EG|9jc^%T2P8nm^_VT;xnbng^m6K)iLJf8N+lx`~T1hlPZK)xDN9q!7 zOa8&GS8ca$Hx^qb4}lSo*#OPIqu#j&zORKBJyUF_zq6#1JFS6RGJ@5YdF|HTTq)D} zGQ)8fa8w0pH-I17X2{ScZ< zLmBEnI-op}~lZd75&02x&j3mB5K=@GXQtenER52@p8^e)6}}(HM&R0JNCAeZPNy zROh{2%fc21aoQp=6z*gwzB|wQ6h;>X90HJ2m`a_0B_Ams1KKGy0b`h715FUm7L((> zM&n#L$iMyoomNK|`QsC?-_PWfdHE_;rQ4Um+f$ncQ7ir>O6HP*G7M#_Mp4DluFgle z5}3jvj)agD!Q_HW>^4e|XJcND)WIBnl2R6dIoW3aD>XtZf1_hI@68uBd?2Gg9~Do< z#w97_jI4`PgVtrc!B^Y)Dhm;jc-P*k6#wrCBq`8!zdlhsaClau zD6DQOGRJdDSs;_eN2rE}(A?&*&T_SKBiY0HNSEKIwQF=M8{ch%L28;L(aO}VD$P$z zv?kfTjx%k*vwa6yHlcW%r?-uwrngvH8?eND_kL}x@JfY%}!4U5+0Yiq$$m==uFm!G_9}>@95~+VuOVf$gfEp$CpSknl z>GnL5J3@F1SpRU#y-3P;bc-2B>UuYUY*G_no{Ep;c=8DMujT0M>|Nkd3&~CLbqD;@ z`SIMu!(ww=QgjunHOXT}znz`ew7OEImf(N=*3wk^i?cutA$jZt)kk^clWl6_v$1x z)UQ^#xegd9C4EWhyih)&_?Mi^#lAsc0;;@2IamI2-znT zM#<*Y<^D}(w~NWT8_#MY!kpc4F@A#z1nd7y7de(b$)4H=cBdqwI?9OGbMh+-d9o@1>fJNgI~U?F;eC zcB&FSV8|m^A=Me2F?jQQ>weyN;wUPBBf>{RJsC z15TFM=P3eWjx>sbu7qqPc)=BmMQxOkM&~c{OcAlDu$MppdD2m1&LE|hrcpb>)+HV- zkt}7KsSa;p&}fo1 zz$P5`1Lpo%ZxB|~L8wu>1QR+MYxVC*;5CvZTE?eP$F8X;%$;2ZY&K%|oG7#IL57cb zbeZL-s;+MyttynR6!peUD-+F99YH<%au+;c{X{4KPqM_#1T-`F%C7df?YTuJeMm+B zb#!)#jys!0;)Jjl`-4_h!I}S6*o>%<_S|`DqBWTcS{EyNzXzQ(w^PJpXIq~gmV>4T z>~g@{qkt_rG-udw*a~C@JxYtc8&QS&`vGKE+)nPLmP@YY zuTMZyP7iPt=bt}k7|D}IDmVIy$^8IB&bjV`Dv~c-2(dX{vW>&p0Rb@UL+NU;g>zEj9-{y6b zA+u#-!L;Y=vD}S1E#-jWuv&Wz*mx+4MURfzSM<-XgKBsC6i!}^P0ZY`E)ePD4Fp&h z)6VIEVQYl^PONFwY;Mnefh=uL4-6aJp+epKCVv|N)A?d)!PVG^nZK)+`>6CL>|f-^ z(7$u83LxLEu>7_tZn*iT4Sy-KnIX$t8tGartaPl>`ur&k1LL~{&ezkvt=|u}3Pb`E zadw|+GaAs0krA%h^>I^0P~rH+mfxOoq#_K9;c1V`#ln%1r#oQNm;~i|DVfnAQ6k2} z>6Bsq=!$SluRYu)DsMfu$>l_XWA|#|>rl&A&q0$tZ;H&Uy!?kmI8bywC{%&rx*8ZV zd1=9yyD58Gd%m4*vr)UVoe*%;0U*od z?AmA>DTA(YHM4CC0k6y@mNYS}K(|Ja#dj}vWKSKyV@br`rHf_qNjTfM3%D>%=$LFh zzPY}^vs+s0WPLKT^(hqA(w&JK`h*wjOso@Hc02`iX-ur`>KrnnOsJG&6-NCwX`&y9 z@J2aDX|S@^!4W&T7My^_f7s+i8ctNWi{vEny`AnZ9ig90)X`@&r2F?&@b-1E^EqaM z;vU=~PTsFEX;cM5GtRX*5D^HE8ayZ;)9c(2N6ifID9CmfoYKgcnVyL2oL#)_L9f3} zIeoSjEJroa_Hpn09HVFn_DT5D&X#Pe`j9aVQPPmWXg{|r&3)9e_?kkfz5~mpH@RKa zhYwb;%1zV`*1Um!@7oPU49Rc=ooSg6N%XQsPog2XUQtq~`yIBQTi&2XKdhL-$V zp8P|dB_J|nGU~$SDnDn%>CB=v%cju*Z76}t1!6=FYWaQYbP_3pDcgKtR5rzw**ezF zq7h;hlCU)t_qy7Yty8Joll$)1$Q5V#8B{od)>Le%h6LF`l(-muD&F3D*eb?dWag#p z#Aj25@XFrei_}I_F|EYWPFW&yTh7kGWnR~nK*2E;An5a@f zD;mU(`(*)vWd0yY8EpN|(k)EJ=eu?t3|AaXhXV}P5&KaiHW1`{55h* zn*r5?MPOqi$}6#|^nrb>`Y+PF(ta>iD~fp7xh=Vy3`5iHDQoOmlQ0>qdq!pG!gQ=s zp7Ejt7Ty?>h?_ykr4h#i2MGl4PLgslC=~-S?umW?JkKu9=_SlF(D>EN&KjQmx*_%@ zNXrV)(%$92;l3{e(q-^&qoXscPw>Mi9!}QFJP}v=jAmAsAXb;Lb2nr;4Em3rO!0BQC04Y5F12Jf1LAF6!ewiK zBCgu_bKU~wI(6V@3aIPkS4(H00;hREj6rRijR7VDj5s4Yk7xGxfVK*An&xvsRaGj= zQBkAxHT;u`W>z<9OwgnVN!9Wb0edWWI&*Z(dEsZiXU-1LR0?x8(7%t=Ggv&W=Zpr{ zVFpqvy-LVK`Rn3UI9)((X6$$hm*TQiAPt;X@ehnO?djK+M=RN2hq&ZlJimq2^SM~t z1)?s6nw0C|T=PN*l2g79@G~9Fr3Fx%#HCF!A0j5A9R8?KtMSx<&8I~MQ-#O}yZ)u4 z%f-brUAtg1#jnec<6YAO4IJh=O69>)AuQU7gM_c>*^Y+pZPM3PL2;(n&(6)sBk=Yy ze6lmSI@RcCYL$??b(8Jy=(qh0WSO@I7Te&*%1~%Ga3(C}JUvW2L{Tn1a#3dW2b|Um<#@~;T3w0!9M&;z5deQWy$sn<);SQ zVH>P@A=*$pb<3f83NZeeBD7eXqO&K5vh^yTcIuKE4h* z@8{L|@4L5s(L6l=`h7m#h(Dbj=R{vze(w7%CfpmU9Q-D9%ok_I{WTHTl(SoETUY`6 z&;L7TaX>lv-Q_N~r%Ya!` z4Txoe0Qm%^eB=gmpw6guu-q)EzCbH$AgDgfF^RU!ULLN=I=90;fXN%7Cz=)Sv4~BN zyR)R?wFk!z-Pr@e6o$FEy64;An*_087g!J?Vs+)%*T!kJlDUKOT5auCnnHtxA1-&l z-wMNBzsY{CQU!8viTfjHa4#Iz2K}rseH|p_1znT6EJiDrA|30HUHmM7iVx&E9=T>E zUKYh;M+;9d@-ejl!DHn@cYC6d;COqTf9c?0PKVe-W~-aqw>?6mO`dYBEZh_ZTx~yf z&2BClbYvlLlO(rqz*RoGZ9F9s^oOhLk#AgA>bzQ#dh^_YWN98$x!g zkn%SUk45~chrfdJMWd5jc$8anGE&+|`)oDPLlSfGvcN-D(8Ow#=mceb&b0qnYeRty zKS5b6U705KSVOoe9a{knw#qQ?C%8q?D?08FPf*qA1nByH85YD56#i?LJ|yOyXHl`w zEzaRWvTjU4aIHgAE{QIDE1 zf6KEcqS=oJg9peCMdZ*YYS`ueo_hCk#}piIiFctzm@dj=x{D_#AVb=FZQraJA~2h^ zEEh}z@l4rM{4#E-)Csc|)TR+`+T3I4Iy>y;AkAw9L(t1y;vxBH@gL<=(JCT|B z`Et|AjR|=_mve0>E`H+BMfB=A(xaPebfcZd?8)0ES;CQ@q~ArRX&D=DHU)s6z0-m? z1aBsbQXe5LwX_v$jrdF!mE+n>=vK1lOXZrYP!jEBJujr|DHk*KA?WaZ5H;CH47u;J zRKgW6P=h%c+T8D!w})${(6*;RR=<^I?x#QhW?go2_YCX|t;@S8fhL;Zu+RuafNMej zZCV&k=c2un>+BR$ZbmY{*TKDD_I-`{CPIIg1e3soGYHyKec{b83B?O_p>kyLM(NIn z@X4ms5!@Q?qG-Nmk}AYV2~uZNgPPUvapYv z;dhyYEz^OZqa;v9*{0UrVx#GEbl-v$*h&Na&Qq{jMQa90g!Vpzmg|5x7|0^0D% z;c;b@{QQe;C`lAePx^nCy~nhf?BW37AuMcMALFQbg}D5ur^?z!rpTf+G9D17iTRL8 zR@*7WhIo`Z&;JQ}uLV`>!XGGPnLC?^UG+@UCv8@hyvrxn9Kl`PtqZ2GwytOR1IWe5 zWl&QRCK-A5{&M$jB(|+K&s3=DKo1=ZsMBWRw1@LhP#-%a1T4ssk`sfJ;{2AL>=;*O zl}XGMp+vpBwH_+?g$LG}9ZM5hUrN8p^f$sA4n-14;ILwz&6cc-Ym@kBDJVi{} zH8^wWfFgYw>oN#KFWZ1k{P*o+@?SjWNxJS(3O%DE^SD7VKq*LY9{ms72E~##K z6-erikpiv9BSJIF?)Ym)vn*8N7wFy+vpP1lCshvveESkYY>fcvG|Jvaz?Y>+xol;k zwa0K$OQD`N#rDf#$%hFS`LR=sx&%XDmVxjfrXH1P3j0ud8|>wOg|3jEb-(U@g_%2s ztF2l%9^T^{rjCKEA8mAj_r1=F*m+68!JyIK-d-wf*KcQcxWgh@2_ayVFawqMrBAcm ze>-{Y@@X+w&E-TiOj3dtumE%~^ogc{4GT0jY{%QMFZdaE)Hvq+ztvVf3b*e1v zZ27~Vb$hC_?RzK(w-tx2@0MMTYS!58cVv73FuOc<9i|WRTu+t&+$^@{xL6KEm`YeJ z9!;B)jg+nfVm@MS_b7%0p2EMMEOlv#gnqvM_>C)kAbY8V{4r3dOxT+n-u0i}HH49p z>;5&mcj{rsCv{uO%JYaO3N5yo81 zA1Ud*qtQRqafb*|zfitd#Jw_@=F{hLy0(3;IML5^ea~BeR0dLNFnk8hQ4AgPo+p3R z3II7(oavr3jM&wS%*smLt`b0Y93pe4@?wY6tpRsSY8)9Xu7V6?SC_@EKC7HY_dK;5 z@dG3mHD4#t$u5`PN^TqG9B*Z7^`H&7YAf=ieL_Wr(cmxmKT0b7jvez%!x6g&BB`W{ z(kfL0H|h<@qO|w6qzv`xp1GU1teUD1FKf%?9I^15M58 z^LyTI2@$`iS1vk#cqlZ^+UmPU7jxEGj*huRztfG~zugB04OYEdmf@?3yb?$4S36VrAB3O0KIrUo$6{!D*E{J;6=tstw^s zFVY_Gh)Mg%&iel_KIpF8>+W<;@Kx@_qR}tYoyZXK?WHyEzTNA-)82pM}S2K z5*{)F$|kq}eY1SBnUVQ6j!qD>fkB_ivV7PN0n5wx?QX_Z=)-vhg=I&U!cYOjj*H>Q zhZaP zr$_&j82cDjkFPOOELL-9)|EAZ8A{r~m2ha;RHX$$pazvkQ!Yj?jXFra^iTkFYQ&FXh4Za(?!6 zl7)290s{dl<&-!#fd;AmK4ST8epy()rf+GuY&tdbfI?iZ@z2Pakz;ko$~GmJDAAA1 zAVUV|+#*mzd_C){|M<)K4Rln3%eoV3v2m0k?gB|6jb(u>DmXiwX0*Ue@m+6YM{+e2 z4abfU-+%3Mq{VAT5I5J#B|qC)jAY#PL0IFQdenx+D%zX5jHqy_d+K)u?co{xcbuBP*WHx&s78P%dy-yYf#6 zyMJT%oEv$h=0R^}G9IZ%k5TD4&a7s6#TKXf7NK%0xchu}Ox8CWZVsl~QKDvn(@7he zHZcU1NV~yC{($kUrX_HeRoZ^_YQ>cY&@`va&x+dzC0~KSS z2dF}&QsnJVl0F0th~fvU1cAr28W>FZr+9X(HJb8}Nj@$wz0ViWmRik6A;KGgd{VF> zN0}UTu3%5eBx6_Andd;eQt5;-JVb!E;uzrpK5uN+AQZ^ECTTB4*tgd<*W-`A%x(yL zOlgowFICUFbx%qIOJ8hRlKgmkE5%^73Z83Y#k!E9dyrL6p%phlC;*JIgv|V zuF{eILH=`?7-{N8nNysX2uJmL}1`T-)sv-ZG}}s2Y)Y#qP~vo#1J+ z#f*lv=Ffa9)o1G4;co-^^=S3A1~j{eA35bYZ{WH;y-AXzRN5%kvXMevbY}di3YiR? z&Tw2NgS1Xkb)Q}qOSR)KU2C^AHzRpQHq9ry)pCG(OJd{zjms{R2QpC!vkDpPws$R+ z^I~BwJKogQ+PRRo55cHE+vtzs454k(N5{N_fqkAOjOWBp80`>7uCBOi6espJWHu zeehD$A$vo}UMWqyqV$o1dLEmfg+>`?B&F}$CNEcl@S4(jY4}6p#&FBkL+ox`M~$xJ zR)TBO+g%E5rrXvv`G2~C1brKV%kiDYP3Rt-zFmlyvUXh)DAn`VziwS~8#7n`i5oNF z_(?uf)(*;w^{SCcL*v|?zk&FjYsw|HfRHaFt?#?BPsa|HQ#1IHW%=$^YpO@t0}e*S zz2oE<=M@FX>8g<2pPduH>99Zf1zuc3V<@IuMjI->u$lACo-Xzb;qT;Q2iJrxT$7O4 zT&Ki1L);L!Raz5(OD-Gj8u{l2`KQg7OX=6Y={~T$nz=LIiR+=jzd(!Yy662eMa3NRc~@qxd9S82dI6#5Ur(X%{#>9A z&%LWDGT(mRxxMH~-`%!?j|OU9F+SlaH*T53#NeFpqFkkgs~(|!t8&Le)PO=g_J9Hx z(SqS!hD%OBX{R7{|QFn)@M$4EyOR1>`HUQEQDLM2( z4yg`RIDZ>%&+|U7rZA~0BYI_Wq>M+LIkKWl9#Wsk5r|{Sq}x?C6(0G#0Drr0l?V{Y4k8#uNd{il`c7l3Mo^XM4G^%Xrl{6_) zg3ziuZ7or+yN^u=W5c-1E$rtXQ;wiR57syJsfNSl&QAU>p098w+wg!UV9&Cb`k4+^fOEOwWr@w-f2OFDPvgmlCPGjf1zf zx#ik#jCR-&me>#4GVcQGQAD0Z^)kl|l_J-<4h%Wqc~-UuW;J_V z%R(v=SrV9B7(nG{zF$s%zEOn;@2V%mMHjYOJFyB4pLI(VJ{sTuopKwSq)FzpG%A7? zYB}SL*~o!^FYfUV3^(ANwenm$_5D!a-wXdy-@WN#&-&Q|%4U3Tg8!)RPRQX8_-*H! zL(NCwr~93Jc&QIu(PT8COO1)$D|C&~~%ye>w8C7`{TN?GP6wAr}Q0s#VZSd9=Bx3qgJMIi@`{$0q;$mwhYg&W64fe-@wW~GX zh93ToGsDr~T>gw}FXd%TXP1==ng%r9C8}>XiVaS<2jPpQwiuL&a#hv~5Wwj<;xx;3&>h!5!`Ibma8b$JxiMq%@MGTXWrmE*U-K-ZXn{KH z`_O6o_rrd>h7t^weAl6OJ-1^Zp#W)9EWoeRjWTANTf4ey4DW46OK#^rogk>1H5%RZ zuZ&91-frGj4~0=wA#pZX$EO=~k>F}#rOZw}2aFrM2Q^4?8%eh5uWAt7x2hG64sHGI zH)~i03kzeYI_3@)&sd`80gd^C-70|F%EQhVu!31BsZ`l=sw0G35D;9Dk#ykxXWp#g zH?Y=iNeeGbF@0+duh_gNzF(KTDMFLxEaCF40YJR%4-HBH3R6-W$9|=hSuhG$vOa-| zn4PH{M5jp4q!Y1-?LE3a=#Rk3R@5#s&DoB7Eiu;BU#P=cj^;>?!^6L$@LJ{r?A=Hg zq4rk+qvo9M@_|97GytEjvw#7w2KCl3wI@dM=YHuGAiCYlf1zAo24JKHkBZkN)aD0c z`IeA~z+rS765_oY-+Ut?wZFf$BktU2R~*FQ;o`qG3f|wnRGy%9zGQ?_yu3OeA82vW zX8n3^KR%D`qcy(#N+rGw9Y1^uU-%Q@1w+Md5W~0iIXwMvJA0!yuhBcV8Jzs0+dkO} zpX@(fu(9ygE58YRq!+i;&G|1gZbn_}VxSwB1GsncvQ-e*Vgw%9Y5`RZgPvz~f)OzT z#uM0s2BkePa*DmXHa4yX!I9@-#y{K^1j%3!;{8b#6#;&^6QX~E-l&@m8g;KM2J4QG zou!o+B8}9QLNGfN+>s!Qq|yRBLq{RZ(IQNGh?x;?T|{qg3fyDFY-96s;x(+~B2dpU z9l0h(YAC`j%|OaIp0W5Qd6vGj_|PNrTQ2posEVc;t*PLP%^%9fhT2>xiYgNvV6@bmU<;No#^-o7?l?hO?8Wq&TmOZXbXaMPg8?m5i3a`m;q zch_hl{Muot0jbh>icL0r&sngUip1Q1f>(4Q(&ZO8sunOI17%te{?`z3V!UROH-^f{ zlC5jOf8aLrt)FJp3XZfRPN^R>Y!h9usdC(>Vf`d9f|KNDv(?RAn|uKf8Ll38w*xTb zs`i~QuYS=W#jTHGrP-SS)l)9V%$D_3zrbW$ef0b&3_W7Cocp1& z@BUSR(MfwS_|VJfthO^xOtLDa630I%XVnaj5XF3%144PCU z6X0HV1^k$fcmQW>p1WVuM3n^FvUi}@Msyhe=WFZi7C!;s$F0LpzVGMzGLQ9jTiWe+ z@p<(1a=*1T7{>4GcenX^TABO0WzQeM)BUg4*XxDE>(O~y?CI(2wiidTBT@uiO4lFN z;(^zCh2yZB?^RxZ!~7=agMuqp>>z>eGWaTJ=lkw7{IA4tNF_c9SZXfz$N?MXE2Q=Q z4K%b7_Mv6GuXY@)2Yf@YWdcK-$uKBTTU=Z#D&io^CL5hr<>;2mYWsav41Ra zR!?FWr}((@B{fLCTT0zaoS+-{k>1)DFwJ1=QR(=|O~K-x{upN3t~CyVd+cG*pKvO} z;?tvpNwCe!1Bqt!PRTuQdFcwg^3^}I@K(!>Ozp!a9&8^-tga2%{$vz&W)@C~ANJn0 zi=WD3{aXIzej4eDa;qY(D&f}e6+FDGSzDXwmrwD(<2UX`3oXHn=>u6$I6Wg|J+qP}nwrv{| zzOii^lVoC_{OkMb)Hz-IqHACDO;>f-{;jp1C5s}EWei?3!&?T{dfqDU`9`;&9G5`3qyhjU6SR}uKD<{{IP`ZG;3sdd#TR(Ad!e&>}JKjeOtLN^eX zNq3=S_*BAYtinp&N6q=w*s(hJ`M(h45SV{KWi+0GslKia*v??eW)D>RCU35{9DEH5MwzP?u1_x%4+$FRMB63v?b zM;5jAUwHg0YHcYBmRCRBxkJ({O>K0#sdTO+kR2@87ZlRUmTny;S(iJ_%BWQ-nnaa+2UkQbdX*bPE(YEGIy9pKw-fldYpR2i-UNB&8U zb-88jC{a0O8DM5+imcrNyj$c!;+-aBD@>PLm90DaONJ6<%2y`f(Rz9(I`8Q;T5d`N z6Q@*ABm1w>=u1?)7$jR6nucWj7&vvP)27B!0;y6R*?&>0^Pxz>TJLviY@D-2v*y@h ziF%@!Sv|unGc)Y9VsKj+mrwLDj-{%`axXT#_t&iwq^u$ssjn|l9Oj0}>QK91(eYW& z=~}Tj@_OFbB2@E4bwsp0;#1q|KMTM`+y5tzzPokXf4{u95&8@J{tZ)D6lH;Nkbzc? zO^FHO_u#>3uH!*0+8gK7qlC5*=^R5kn5ds3U<{$-;hJVGW=$QcnpyJueUn_Vzmvq` z(#PjE*zcP(4BLAv>cvyt(pR$saeyvXoAdE?-Jce`Aup}@bcW2E~aXipL1 zVZX4bjQl@JfO~mvZWe=>AYDFpCGdCZhUKlH-bpTjzaq3G)U6 za$IxPb-8(mRN{Q^!YI(FF?Dn@sS*5uZF6ACn@uUXoi-8Yt)c9?khjnZDFoz9rjkyh zMF+F<+o%LVmaSB+$WIOpbW7~A`mlt_8lx=0tE<}KjA25P8MmE^}lB-p(U5x~4uhX18 zLw%SmM`c-i;-)_zy3~3@WT~?ia}^baCvYd}8icNEg!GRJk2COS3(sIdn#xg@)%6b2 z&ljOq1Z+C7py}~V910tuO>MQPFmD~1)t#~_9q}UckA@Kb@in;COD-R1evRKa> zv~|7DOS5l6u-4d#?i7>s$oDBHzN*qx_ao-Q(AetNx4K@}WydG`rj0?b35H*-+aSJF3CKxR>|rBtt?z)6~I08Dgl=N09h)Uu%p_ zaz+EUYm~BLZm1N-|5({!Fw;M*?2TP}c89XjKtFQvSE^?1wH!w5)gE#cH{w_%R2XDY zPVIR0DCh^T&}&vjh5BMso5b4)x8D)wZ5fBq6vJ52h%R&C;uxKII^ESvE#@Z{L&jDr zPFBk}JC*Ak_SZuGH~gNhlTOFdCei`LW{#~xKd|liYG>l+#>k_?>0lxmB;gQE8@2>m z&v8*75x2Q=-^3#<*{giP49?fPQ;0RjXj=Q*$#{J6kjRV}JG(z?es8`uYJLB)wl{+y zCmi<}pil=rH9Q*<77CkVifHiYEwfx6{y*V<;v3)p^=eXFpU3O%>h?VS2g5C&=jZtH zlKGm6y8{90RBHJI*dOs#g?Q$E&EOp}H~GLLvKdiC&;ACgxIQ~M0oHZs2E;+?-hy1& z`n;;Mp8VUpm16{k=Bm$e;fA-(!y?@l8EWiDi#1~@>BIb-jPKyee% zo9g@8@V8yAy=@pi{(qyw4H{bLiW+``j{qc20kIC^7K2HwANbEkzWUQMQl}T{$D%CE zmROatc00a^qnlXRF4MjHG7^*rQcj(!vs1<}!@iXNuG$5wdY20a`?aYK7zWegz#ShE zi*Csa%72=@rZLP(M0|-NKhMx1gq~>-xHzc~52S<-VKNWepY9~Q)+!Fone5GH%Bj5Q z9s2LM$t&OUZZzJih4pr*-0%XT<4TbaYXMW%Y9~#K;~lLQDO8Ff(xjOn`z}bKV?36j zXL8o`fDt=&Iy_S3LHjNV2TX3Qu$vAz>R1^~B7jcq!ZAE5b;?%T3)C|}UTmQ=6@P0x zK}S01(=O2wN`m;S(*_gc6I6Aq^;h%=wTF@$lnmxI z#1SZA#9hI@6J{xM;kf*2z?`Cvky5*`--ugc_HPU=QyDa*nafCk^kPN+4E@r^+bnTl{U#T z3#Kj|qM-KHvd**&-pCD*1PVAM&JxAYVNOthI05=)L^!A&yZFNY(Q4Oza?;^c8nRdx zI(d>aAmI2b_gFhIUny zs}r478CaOf7zIXQ2%<+FU?nc2GT2EaxUPED=2Fw$Q8sDForcCQx9#8 zAUnw#P)ZI5Rhz_L?PEdOCIhrhd+3@D(KH&`Cebtz7)7*A1h4Kw=pRFcO1^FuPBYQh zPYTCh4$dooHND&UT4_xl?~1p*=5|scY_s)8KD+6XYA+8~TpcgFI8w%HFO9Al+UugN ztxry#oJOpY3e(t`(}Y4Vzs+y-+Yj3sMHM@~{rsSPX0V0b+BH;@Ov&fh)_c(;9b0U4 z+oaq^E?nATi4;{eh=AFErK(DNzw#kC>D}^iyN zFilAp3U$}dP^SnvLht+EXiZ^nt&4xiNENOt;OXQh^kSegkzFPADP75QRs`Qywx3tV zRov4u9%?WFDMx?*Wc4*O20lu+@*^Al$+R`8$I1ksxNYJBx$%#ioeit+L?X^mDRjsa z3mM0)j-A7g+Yt=G%0(uGC}T~E$anXrxiG8{($3>9t0zOoW$HsD4TS6{cd zAt1`b9m*M4$mz~v$AKR`?~}?8H5~K+`6TX^YEAnHKOCNRp`~BRFYqRY&UBEANjT&4 zxVwlEmoavdm|kRyY+V2t+vqAmsArLgb!8mz;d99ig3ncjLEz z%&GI{x4A?cw; zH7iARd8WA8@YpHi7@qIm{aO9SMPL#GL$^@uk(qe{0s<_4R59s%NWeab=~*!=gc|0Z zBlo*67}6cl;88!_w0MD9TYmSjevc9Aax6b;byaiE`8T(X=7^IY2#viJv_@-u9YWyXCF{I110ej)N>KU zNU+!g2847E2S*U!z`bu}#Uf z5St@vb(i_xPLr(Wcy3C~FSpN-)v_==!1g98Nx%C*+eggC6j zP!r=(oP<5ICOHH^m`8uO>!MLt7qNHEVy*glSV?ilRvxh?KRtKm7onI{LPOcPrxYV! ztRW*GOdhH0^%vO z@T0bT9gDyEo2rr=&NOKBu-JIpSbKiqXa~(YixI|rYDAfbI&;=Baa?R-QBa(VG%<~y zgmUdb092wC$UQM2%K92BF;mKh*a5G*G>C$XV-GCOJQU9%c!qms$|##K-0MJ${w<6C z4lU1DjmujBGm?|r(`FkCO2bp)aeR0iqP$0DsKTSoCPnRSD09Tk6zRm;buTrb5a}-kq9OrKYbXf7FRY^e~5#xO?po&RC$ruMo`T5)C zXX&(3w$;Q9ZQfHClZo`Af1?}&NQoql%vIdyxc%zXjO_6~{5UaD&;uk@^2LS^#R!eD z0T0A~AYbQ}uBresEpB?@p1li8GSMq#%pjh|;)@}rit5jJT!*xiMlia_xH-)YocF-Zp`l*09W5H5%YduC~T!eMj?ZQ`~y*+#yw zqX#Huv{1}eWY27-WW1rG@d>jP@xm!gRJpgwfX+@R&5AL%FvfVj4(*~n8Dl6WxmU{Iq ziqjYZ0_g;rGZpMrkEN_*Hc7@O{!8DoE`Sl>(MgfhPZ5W`5s9P!RV$u!{%Seyy`-X6QZ7*X~IT z9>*8_U@3HROuVIpP+D{`_+6x%A0w$rL2p#{$xpQx!; zlrzXxe~{AqaI$}a+f}D#?WG!kt(&s!Yd)JV8<9G18GddP@ua!zP`;?a+@%NttGej;}77O{P3c zaQdc?(EEitYI~Bo51VHmZ8Z#dPW>g%abu7Qog5bUYG9DLQIe7T&j7}`4((-7cTsA{ zV~60MBTegZAVFkNBv*on9f|5w=pO9b?6j0j0?r=&7|C*?JXrpOc8-PpJy0lz>DN|< zFwYV8gFZwHktTJh6cu{_NYPLVqM5e983%6-Uyc&Yo!`0Zwqt9k6 za|{^_G0==50EHSGoH^P222Ap5^zUNbF6XJ{NT;}D`8QtaH4k?*onuGID`c9EzWJ3L zB;%;3%n9RQ6Sb6OZ@1x}tGubtH>J*Q)_tHz2imKfX15`nN1=t)r<8Q&|i zPmAf~FYy+JWf@x6KOeKeI=Mc12?Mn=@_Ys&@ccq5wUG2N3j-%+%Sy(r>MTY0xv}&0 zImav6Mgd>Z<^5N(m2d+i$ssRH?YB8J3S+OWtf7jgf7EsEM1_cRXyzJeEkF_1M-qpV zX-NOolfg&q5k}N8i+$c+M_vfcvo8b0Kdenx!&M}XJPo>Uw^vqX`(XVR*%r8b0Es3L}fgepIsd_92YHB(poX^YC zCETZNP;iX&|9Eu^5Nz>~Ts(e4Xte1OL~Kxba+UVB;l_B707A+)6Ra|+rDdmP^1FBS ztQ6dXgf|_yq0{*gCRbAK?>o+s^X;YSMea30s z4D{Q+$|e>=DCrCc)sAG12_4#C=t>!jF2;>#Olu|8x%#X|++pfmuL8}mVS&nub6{`(@$J($jR5J3eR^d_0DJuD@ z$Oz#Rl-I>!2A`-7qthlQ>vFo_%v`tRgo)Q~b<1oqN9s}QjA`F+>05)sJS!TtAZ7P2 zoPSl9g{!pd_vzU|US_@{`kBJ6x66>6UM*f?Wf;ci=OazQH@UguDW+EkT=eF)fd|-S zJE&z>_i`lgj^*0|oC2a1!b2CW3UD2n->bfkA=@2;rgyk?#*ZFhvPWDEcW{rd1!{sO zqY;Jc1}3BdP*lU|3n>E4`I~3tzJyEs@7qRcnzAiD89X@8&;i{Iu9peR8tU1%2@RBR z!*9h*USL2GmoA}|@w+|LiK;kDOCEz4$pa&#LllGGwQFG4MYW971w!`-4jgC=W~bQ$ z7PH>otUF@e#kuyq#59fa86QLmW|=TF{e|M4uyF4>QT2RR+ zV+CkYBT&5qO#H)BcgwOU=^9k(?Yik$Wv*6-LdQ;R8C!dk*Ci*nzA>I`VZc_o1+MP& zby}2hMn??30?jPR2wC91_>m1uF-Mgf`@zZ+9!xKMrG%I}_Lj3xwSiwfv3uQW&X+=% zI;TF^`*Rr!k%5fu+9u1ieJ3vy+@RAPTsFcl#59UPd{qgxCINBwkj=>A%L%p~n^6L| zE9s7r4pg07rL9NG-l4=is_e4mx)H*Vj(~pN1$av#A3Vw?i}1zX4TPbVhg8RDuiNg} zM5%2eKu(Np@ePTrE;y5Ea)ue1f0IC|i1efI1z1HhRvKouxBZ1LiX&C+Ir>5}_lK`T z7{bWm^C>ufI*LyP)bqiYA9>EM@PNdOC9=+*2%X$UC>v)_%nJfo<7D7-)tV;fd|)b= zrbwu6*drq0*cH*JA+6A2x&rm&B)~^Gk6=UCbA2{knjc{}!lXq>ryS?&5Mj*UWjE<< zC!xz;+}c!W7?+$xLrhD- zRyl}(#0I3?mxaUR)ig8XKr%|WQc`zpCNmi_ocJ>)D{ZGwK8#|nH5#$US03aRuAt6N zahF|UHcXvnAN_!mhv>o6SP56>(n?=E-4ZPhovy!pp}8*_s|9$WRED8mT7Pm>2a!4p zFKPmdEp@|ZRRK)j5WhEIX!M1cQYlR38gPQk0t%Rkkit5~2rDgTL-?3?<>_2RuBH;1 zav6S7u4`a<8*H}H0&cY0G7u_3y!J9aFu%`1p=ypTh)jOD$g$75tQ5^VZx(`#@m_Ig z3+A8B)(@Kh7UW5baZ_bJcweDM+a-)#&tzo)WUqaJ5`l(9{ml;_k=2gHEh-b75mJCx6QJ%b!E@x^E-Z zsmXoes8)NrTpbQ*ih)@oRJ*i@AK~A_^qQ%-C(uq##>cpB-;{n<1L<5!?I9Qge;nXf7B4bMZ8Efka(lUQ+PKG05vcPM};F^2N9ZIXz%cvC;~C z6erO`jwoqQq23K}m>7+hNS8Jjb^%OF3ACt=;azkj%!hwzomaRmzw3k_E+xu258yn2lTd;$~o*_4ubgiID89j@T@0VFk9dmS~9{AE*^oQ9CoBC}RP zZ*f?lDnv$$#cgNnX3Lfq%nJaI|KD)4>ebG>@TJ>wGA>J^7VFQ-R<>4-igP1 zdaBw*@O5<1V&x-{TC2C%wtcR&eVG-MnU#)N8CMbGwz7<{l!{Yi_jGD97e8}hi;{Lh z$0&SxO0AskOu$BECGxTQ;3zhU7?cjmDa0@s9E8ogqUP=G&C{j0G^9Ii84V@;CN}pY zHsbNbK3r8{7s=860+%hb>lFG7JbU43rzXZjoJ?ivZ%Z^OblTmModTmi1sZh$uF34C z1js_w8*nrX@UP!tPQFKOqIjLf4V)9ZLSVJ75vNM#|0Yd}91K?+LMPn3CF-ZGQEFk8 zrge04F1&}Yb>_o@az*SX0@9*yQyV3Eo$OW2chN@Y=&6;fO@ z2u#^=h#t*yhP!yWopStrCtBuYBNhL`ZN>_8(JDyW74yqFI$t(vyRqp=WW`C+2h3Z+ zyz$j*Hm3v>eXc5${|f$~WI}o8A|*tsUc%vka4hM(i!eyU)(yx`Mb>5Zo1BZe7oew# zcz&py5Wb)nn8Y+QedyTM6`Q0hO@w`nGw1Z270`lC!R4Iyalgjj>5P( zcLFSCPbqy9^Kq3VFk>4B^0!o!@3N@ShjD zv3%TBV1miwq*FOooYd}YY^{VV+YDnOr&3^Gt9Ygz+C_FxJ6D2c*m`J?QJ-qAd`3ES z@sc`#w*md0<;0te_GGT@OfdR7eLC-(z^r;7cdB9ADGBUgJ2D1zz%IxdQC8N$iPek;;17e26tVitL{4R$no9F z#QY#umO4a6kNqm-k}7L0FdOeo)>5Q{xrOw%N$!mm^(9ciicUK+WWvcWYhhr$K+DUN z7Z`q)Jbc9Nj-bc{n_X}gGDbB_G`fFl(4k@`l#BZX<-PDvq`icC0w`nt-I!T;y*}7@ zDGyCsUqhUIk0k6_TJ(UntHFEW4aoIlST}0{eUnCO!xc!EWR8KzevO!owJMqm>i(bd z--^r&HC0suS1>Wyq4gt~9s{Cq4eLf0Z7-72fnE|Oudiac-bwoi#&6az znO9(P+!{QG*z>oF&wB5Tu7199r=;R3)ypt20teh z`|ptlzTr!l^~mSv?PX+bH^e*0IM=y5e8yrb@b#>F7Coo8UAGdFJ9%yBcVy@ZP@K37lPebD9l%p_7T4E-EiJ6W1 zGGqI2ulWWkM39rTxVpaofu+_pZ7KR7?6$csKCpNUtE_i!W+p_wxgx$FMF{~qnL=0$ zC@7!CaVQvlM}?c~Ln@ZpUYWytdpM6I8nwbk>@McX;F@d9!G6<7!jfmw8xx*^#PzZq z#%PcrLjw0v#VBBxCEZaXgfVHet7QGmyBFaS*%0Pf5RWOaNeknsto;~<-rF-GG`b4r zpNcJAlc(w18`NITOorUNj~EU4t&`K^&q&up*ZrYZo_@|%pf>_omPJkqGl5&xug{rQ zmC?rzHIFBU1NAa5=dt}st#An7%f=E%whtJr+ zsX%*@=_TV9ZjWigp`x~|#nmMQgMzStM?Q0LFqVw;EQK7*XyLTz8Y?x;;e{tkN$l9@ z?C1?~C}1nWf#PgxD3ZVYf(b0BF~f^NqpbID@m{rzMvLl@yh;YOzy&%5bxK>O2tju! z8^UCOrEP2!lR8jGn5~}5k%1aPk&RXJtjXXYO?yTgW2u#Sv5 zozh+10?j$Y=(uPER%7OT)szDzmPBh*FeIS0EihoJh(ajGn;>I`FcB21AelmnG%v*D zhg2jd%s#a~kj)4NKVf8{N^g99kmFh0X+1ubDxm1w=bk&RdLuL{4>~k*6xO8qnc8qz zhjL$Xqd-73P&IVs7H!jRYSE2LiMiaPc6jY?ZnZ(Q4k!a=a?J+2Ky8D{KZ9A)dXf}! zP%x%cfaVPYwZ#T%B(uq(n%v{iqAuL5rqgadU(%|Jk)VEQRvwlc6Ttm^I+u5>*7^D> zheDgH%uDZodf#28*Sm_9dhSc-uK%;M^^JG-`Uv4D{3%wm2W98a}#w@*L|Q7J_KaBQ(gZJyUCk%-^V^d5iG344DbrM zIGoh{0ZCPBLO48poQ;iL?Cu4tM*H^3zKx2kF$|}xFvg1hk`^2h7n=EXS7!xnyua=P z_EBNJ4a1))`8n*s-?+G~x}MoSd>eL2tk%lP6R-u}+Y73p`ukh}PkmL-OOO=Ak?VOA z=#|1uhYI3fGKnfb$;;a$Bn|L$p)9LOJX_+4CdZ#ofH2~C|5`Sddu~~^DM|?k^Lr~e z*fHmcDIrr`=ivp0Pu6sQL66mT^=4D7#_n1^wdr8*`#Iagd`N{QD4n^|{19XTjcoP; z*1tKNrrU>gY-1~#ESk`kaGQHnMSNL4%V(gPabW!d@O7YmOA7ZZvmQnXt9ELQY)94Q ziV4ul3~Qf7d>Do2iIlVk8sJD}2>k&54@2L4KW`Y@ z6SNg&!m|3OKC=k=ZiSO|abX8A^5)E&ic>^&;zJ45@xQbJj+OQiOiUeiCg(kwjwIFs(F0kPmfR2-hlou1 z5tbrCxfu_Gt0C{2<7YV4#PFS9^VmP>p!Ch8$tgAiw0x$RMkj2pQHn`*C>RKeN zRI3gm-$Lb6*D<`$4c;{hlk^fYKJt-mO0c|ID`a(3T9&b*|2x5{gczo3HD!Gjt^;wO zJKO9?)Hkq>hvc%KOw5kngF&t2Lf1z`Xlsv5PwGygE`(>Sh{R{mL8uezfmsrTFdT*E zvoq4sm75$YaEcz-TpM}Yh-`izcnr!X)LPljZUerY`hycn$+h8)prx&k@C6Qco(FMr zt|}fYi3Co3dFIgyQm{c})s(aEv^1IHi!LIn{U&Rbb;RZ+X`(SlLPS($DCNyI=9-v*M6 zd!Yqw;mVLo!Ugj!@jBdya{UR%dzU+~GFM;S1uS~FY$@WBUm7;|Il$m1F7s-H)9g2IC65DIFv;C$S^1#S~r zSTY6cPoR*T@#sXSFE3UFY*;)xTNmysA-5t6?LS9S(ZuoI5_gICQbSA^aOV0@To-4O zO08$eV+ldP`b<^9jl~@?5hPygENeXc?@&^mCAJvZR-Aarwp7}?AoVl)3mB|vy}R}V z@dYP3{+LZeWtQkqg=~r#_LV_#nz6I&BSw`7Be%IKQ0bq-!2X=M0-BPwT7U>pg3(w; z*hG*sB<0Zw5(6M%3V3~>Yb}weT3%f?=jwG#TH|?KILcv#1AUdr{qIpd$1Hyysd!ZA zez^J(M#4}l)HxAez8nEXd%K&FZa+22pY6#h1RR`lx5DZd)haTxgN1i zH1J&34~Cx$$C@McpEd;xi{fm~LYc{m1IRo(OeURdqA+#`S0`DhA1(G&X$(EGUpt4* zoDD|V*WvPVsPaY<>!X(8r|!Da=*Ej?toSAYw_EIQa|EAhF->N^;Kt5J%#s6L%jWR{}8f0dZ$-wRmmhvPvl-C&CvR9MvFBcxfBA#xsE*_Vp^e-@U8-+709Bho0n z6DnJU8~VT|n}$FW)YnC(MgoG6^fzuZW|~++w6#*x8w^9a+O*Kct2&CW?(E}>4#r!L z%93IgPooQThSM~s#eQX)Z_Kr5$6FfHv7$N!Th%rpSq*a0(lvhw^OosiEK}P9d2%wq z)5$vruOt)K_R53~mcCh7A_Oa@mynUz(kkgDRkkh3j-`-^Eo1N8qeTf|fXcS>+%y>Wax-u>2l7?{@ zpei3E2kCMQV~}t#(4(FGn51m28L+C)w(N8!CuQeG{yPQ0={qNL46W@2aMl@Bv?oe@ zat;n^U0e*KBAK~Jh2UnaND%q$e3}AffjNa2Ycw{vSmkWR#J1`>R>i_7s;x2+VFGv< zf>)m5BkKd904Gw&3)W5Xc~oY@=WpzQYCo^2Jj>qz<;VNVzYNS_?)Cznqg+SELgvgM zf-|RFSiL@Vb{`45^ORFEQ#CngR0v0>+xmG$<^WH^+(vKp(ezTG>ATKp^d%*HK@aya8y0sW=vNw=4|=q{x2!f00dhBTB) zW;zS_YVotKVQOlZXQ>>rx!aSd7J#Tk_y~ogyD~(t==+7H)T45O;zq%sIy@;r5(14ceuhz)BhKd7Hm11jJV( zx&u3S2p)d=Nbjf8opYZOhR%b?8|!FAErbPbV>+UAK7@qqJ&rDF#2iAMpbd$F49d%& zE5OZ;*}cPwPk|P3UztTIWPf?bf<Pw1Cd=qbRYE@_!+@R;0=ZFL_HU&IOZjOY@Lr!E2^E{TcM zjaT8IXQ|R}q8uH9&vi$9EyFkj%FTUgTFXzZuKQ0R@(m}puG4{+>2A`Qpu24MOy|dJ z_a|6~P3H8MwGFx;44Y<}Ha(BS!kfkl+y#QUz>a^C$&0!}cjfX+bh;bb%5^`iQ^RxN zHkz4#%m~agsKB#4$7WU7w@jceHT6SA_`JQOLS;tJ=WJe54R80AFfpYqYGl&mq8T$5 zt1>fNO`dNIkfQ}<2V-Bd&1l%M%dOZciB`8!vW6mjx|Wpp4zPgdvia0NhlyZ1wv!s2 z9U^)UDUNY{g&M zRB_6*qglKum&#i!c^7b82n`gPmM9(KhSTOlpn1P_dPkDBRusVN3*^pdJW76rrt_pu zV;pI+e`RgOX?ZPs!f9pG* zgbt!}>vJ!#_S$cW2~zeC6%@Q^xwgcPLs~5&EQMM-azHI=xB|tY$UN$8uyN&<02r8c zgK1FNcFEXgkcpYPLp!tSxQALv(MXy~k$>e_utIef3$b}-Up@p&duP0}Nc=(Q)MqY+ z4=7M`6_#h@m^;T?suEaDFF6P6Kv zoU4<> ze`U0tmt=M!5|cFSV}e8|0mp{G;P8URMyiB6G72^78vkyi;jVC{V76^8;@~?2Tyr#k zOGpfx`q{zFCH`p?4%E{;><0a{Zr*BRLt5e%w*{f?y?8qg2yA=2mK#D@ayF}u?HS3Legv6`err695Xm@dOUow2LrW_#6x;LM|EYIvdT zv@(WQTSdS`nyBp}3U&oGv|~)SB{+5axwXKJz*LgP!EE3@E)O+yyP$kAt9=F$_dG%n zSDWBrTb0JXIL~~yRR_s}&_`|njd%nsC7m);##&a?Md_3*P*&U5RT%I_U+i>Xx{y2Zk8Sj z4xOn_d`~wbbhJbNk!IrNY-5Vtls%L*hcm9;{kj8{p9+95?Ks@w}L-LD4NB!KizB^vIS3(8|@CJ((G zHme-TEP+HiJfGdB!qG~V88%{=1r<`>qiRv~h=JW;c`^1@ND%!YojNQu>_NXs^GoBd zdKKV|BibFL4T3n0MO749gQh-%hMOi6yOZxsCt-G2DC$XyPwb!s**^_fgq^1#0tO_7!1S7jv=o9fzloYwX{+fs(4%eKlN8vX)3J;--&qpm{=w0w zgcKb1L#KP7TL63S#@`su+%~A@q{|8@s}%jKR_9) z{CmVWiAve(;sgkV?W_bi+!&si-TTs+DF5| zIQ)L3?stONVsx7*@T^osa|A}jyI)p^B0V*&>>`6s22IpiNb5fmt2-fw4uBWvI45un z;fUba=sr^=<}x69nofCyB0E?6FQ|`u_gYPRELvheyBc`4zCeUu2Y1!q9uf7)_1}gR zhl53(AjqbaP>Ahbx!jrDZr0eCPI&bbC7(cFRV!{|n6(CxiE&ot06>lF9G6Bsp821F zM@T5xx+k+8z#mm*YF3$j3Aj~EJxu0u7O2`vls9|Vs|**>%A<4<3FgaG%1b9GIxbrw z@Uy5{7UBfS4Vv&eD=Y+iKs#1EhuC+jmQ219WO91P-_h!Ok=zk_-zj}9S-mFB`k68y zi;agv*Mpp=*0I4)mGq*Sx7WKglTPIxi&@g?fx7U7aI(4A<+j)^ADmx^=x9Xud}Epw zZBEzW;IF}_b$7%$v3;N@PTObQlkL7&JvQrIhLj6y?hbN!Iu3+F5#J~C zauw@;=I-l{hKkAWoK};cS1ohYkImU#h%|%no*7~^mvXx91bXP$0u7}R5NXN_8s1rb z6*P2yUX7&+NB3;(lhr>>MVOLJp8bd)U1jc#%lvRQh0(Gds=OUnrgzrwBR z4o6%R=;C_@xg|_0j$>rF_w&lQJ~~)y7$>1LAx1=?T^NXEs+N1ThD(-(>lBOD4&yZ3 zuUFJ~_;Yk(xXpZX&|Hl6w6-(-u1)G$gOu368Yv!RtWpl0l&@vYSicF%t+rK{M z;2%N5-bUCX%TligTD9M5BAt|7l$%GZXrNS!vx{|o2zQs+qr{>Qp&$C=*fz1eG^1LN z23l3242_@2pzo>VV|;H6`4GbpAt#9S_Ocp33js(;M|Ak*+d~FLye}|S+~>D7<0ocx z@`XyG)K_MN_(@GliB%ELBZ!Zc7~IFk0m5fuQ%Hk+rp?C_rqZYax&47PDz zIS!oqXHiU;PndgvOG6(s0k|a?QQ)JlZJj8?!U?+k{_Ok4Z|SzmpiE}3pV`ECj1W={ zTF&^AlIzpQ)9BKJ(hB;5z5~eht%`A}W@yUd{Zh3mqHC6|BYH;YI37LUSNXU}VYdv4 zLh11^mnNP?WPL>b{ly^m9kd!E>v<6TH8+CFj$|pz;95WqQ-P)gP^n8RS;KnyB}s9E z0y2#Cr!JTW48qkBy73FVdne~#h+tD-d7?*G?3e+YfV{g{u|!RZ@<_b$G!U6=q05Ds zUPTZOX0vCw(Wle0#!(HWZIfEjYDo75<0NI-{tNo(sqaDVR|49~xf_~xCC30ssIP1@7C-l>zCYK9EN zIvJ?i`vDc#CsBW!Rm>MeD4OB*MNYWRkTDV}&s1STT=a`|7 zb(qp{%76X^h4a#)gK^l zN3B-Q2kY1OJ@CEyB)44KN94fhY&=Mrw!#(7$S_Ix}*7hDLc z*b=jgjRbukZJm#|w$auViDI7MWU(~>S1y_mfljHPaKWc?kg;&av|;FsNAa&Wl-!~z z!C=~>oqq*!fDNFCp z$Gt9?Z{4z`1=ax@bP;quR=|~%%>>Zh;;r)@cTL48sH;qG&i?7RP{SE?nV$z91lai7 zQeYp$jp*CFmQom*D;TC{GL=(&X9T=_ipu?Fw(lT1P<`_$l6J*lUpyNI$#X-7 zCj?=s6a1r{`{Jio{F=Z>p0zF>8VR4L1|U2eS^cYQWbmP$TV8^?uSVQOZ()L#ACyos zLqT<&(TM4+;i@5hrs9C|Q+#*U5Vx%|wjZ(zrSVnIV*$B^yjvO&gvEmS^Mo^=3PgD( z!LMOWQ+(GO>ZW`Z=nlZue)r~>1)0P{mC?9jI3J(}Hq!exnk>}Gln^Ymyb1nnTu>ep zX5=X`Ng^si*-}}+Z+5=j^>%hgqfy%e!eAqOx3=Z8J$A338sI&b?}Twlr;Ag3_fC-H zCoKJWo8xC`F>7m=o$m|Fif&CIoM%f0ssMXzfR3?0*JZS{CY{a01^RY`CJRY~P8jrJ z*PBpjFhT1lZNZ&ag_5uKoRT#w{Pj0GyDvxH?&#aEcV6x`E-}^997Oo;Ln=t}!AxRp zOKt|xz2bVn_gwR{+_LxHW);-3O4{Fb@5#Eos z#We1zODqmVe?s}DRIL;II1G{0#S21W!!Ff;es|=(+?DJ`F>437DkQDM|G0 z;F;FcqliR2`}90J%wkoJt3@23G5m{)6{ygmry(WYl-wd;vngB~)gp2y6EI8BR%HSu zB*Zp@s20T8xLBr}nr*%J&B)u^`F8KcXs-hgH~`_pI`_8exX)mfU79mkf&}fpe;xc5N_gDxR z?z&cD>5X{Vx(y$11=h;Ke-7x6d4%tL&iZn8XQgVbCtEdqQjyIt2cCAqTc8=eAq*^5 z3Ao@{YIVR+8Y?OZ;_1vJBa_c)&p3V1#yG(dQ3qi$0F-X^+3xdaR{@JWXxek>4X;sqvQzvN_gar>v6>k49 zbor-M=<-jkbor6M|GOs2C-KeR$;DglgvkCO$uI=leU$Gf8o zBojQHQeP+eg?Jr6C{mm+e|_-1cF z;}0;q4{CNFAhBRGp7e?3uHk(~=xlE2&TC(5o_Cg8vf3ufn@HoCbG#BJ6KaK>CTNUV zf`iKouR_7RMs$8{Z?Q7Sz~fx^9mIy4dK39hqKTu}!)GoI!g{mcb972Fs zxPQ=yfI~(S&oLu`d+&jbmXHWjW|!%Qld}&$9h_W!*fkz0nXTy-1P4phmB6U4^l403 zohbIDSILH3Sxo82AEuOjFnM>^sc!1Azt*&RZwQHTNN>nR!Y92IO=nH@8&yr$wj7Fe zLB%a8o>d^8%59V~Nkd2sM0^MdR!VB1j>?2zlR6`|9dD;WWL{XSYzQCp5Z1R~JtXJ# zn*DpMS6fiR?$uJY%R#HvcEQpZ6c&~TVQ2kp^gWQ9=dYdIg4GpzG4l3a>~_<~;xeg? zwLUQ@^xwTuFYYY@HLyO#cjEgguQiA#e^7QqfDsGbw7I2rKrl8NUrl zFw-XO)=Sd11=%?%VbX|asIdL26$j%-66kPgt|h>P%qT-a!sA#q(PEXMnA=YIONJd0 zzWX2+>@#Xf*2CNCCBC}-J_QZaD)^CAF3SmV=%9w$M7NkqBO4HCPC~e@Y6U+MG)hB> z8R4l27afaCBjP!Y=}>ri$i;vNneYW5R)B7C0-{Ep4S_Y7bc{wLZ)b0r<(Ib~CVJxQ zqu_fzSO1$e=*Y|pUfo`jR4h-!O}$L=Ai36dsXr3Zg>?tlNTXXPVBe#WQJ-4~k z6iVBXRTEy@KKS}EIGHmdr!!rzHOCx3T zMq@-e$6}6j4nr%kW77}5t&Acbq#@C}$mfZU8cT$#LB+g$x-MX&setAt-8$yVQ|IW z&#D+mX|(lwb<4ik8GXI$?Tq%mdHMD73%pi=x*kK1Jq%;M*Ye&(r}*v^$A>&+eQ*Bn zPn|lQi)bt~A{;9?W7mc)!a6-!4&j>!i~%DYfACf74f}B9?Y`RG+1u-OBU=Idy6Jv< z>wa9sO*Fp6inAu7FU@>^npbg?`pjkt5eg3Q!B8~A$x{aA{=mVT)c`f_0R2d3bCOu- z0>^J{d`nGkqmbX`MFV0=f%YQ;MBv)9v6suAyWk?5&^qO3-RpPXwR=AmhuEK!3k9Y$ z>B|DXKP^`*Z6V_)s4nLw;WpR<*f%-jct(!MG{FtxfTBmvRa0eW)oo}HXE}}T5S)qgod{uEa+>P%D8{~xM+0Reo)9!o zX9RY59-G_sr_l!gxkpX@JNK!%y}cb6OI4oCh5`47a~Xw09m{G6NkzR`N&_;Cq9H&? z^$NBiUpZgB>=Pg#49{eF7}WdOwD}im$Kr;M0hu&wB>K?hKbsOg!u#_s$mv*A!WpqoQJ~8KN_eEtC-P#YP3;# zwJ$o>XzNsg*mEM#K`j&d&kb$V=(#%vN!&JiCrC2bs&v=n+^Vb9d{FH)OtThK>toVa zqtSbXc;Z%Ys^5 z{F*9d)-ww`7DItT3RKNXzCSf!F&v8GNKP)akMOEX&&3fH*JJuCd0pe>TnxNE&WqY` zqTpo@cYd{gipVc)J|V48rlO4I3!Y{nen#6_>=qoy;i6y;sfVUp&oT^Ii`kn<4J6+$ zt@B@3DG@<*IX4qYZ_Lgx5} z@}z+2x|=ps-#Q}JA9hP&{Fbh=wbh>$%Uh`ZSUb@c@Cp-Q^&+9XKC500l$`P<%24@i zBELCMx+D-^ycJBQjE2!T=5lMx*}eUNW!kCZXk*@#d!-Rhly!w;8S7Fdpjf<7UoyuQ zQFC#sG~OQjBGPdYdtA{?1Vy`>s{(KnLxpQ3_snP?DpF!ZS>J){lG(s3#?y~E@D^5A zT&G>A@#dYKMHXvjPSE?)%3(MFUKo+_? z!gnZ!HOSOvSQcwg3yg$VQ_tI%fS!5{`I+yq%m`CNc{slJz(t z$lKXAu+B~9$qhvDf>dnas|^)&_*7ljZckOqnpr!^J@Y~^7gIQYixDIQ#YuqPpIR9= zgvX--qTOw)BQ)e}X6~qoVq<(9V_(rt#iZ&Gnz?wiN*;8u-F@_bp8fN0|Ms5${n@jh zN8Y!;{O#F42k^&Vpa1>&zwM8|J%9e}+0SoIUte7u|3aVt`)8I$*ZSALpZ!dZf9cuC z^XGs6kIGOAIl(EDiU-mtq+wIaX;tL- zj`(Q}t7S`EfV8l)sZRH#Ytk>#@f)(R$ICUz^loiH=6+99?e_G*8ZRG9rsHeM`yZ8KK6;8bc+#W4rSkc^c`}ww=f6U#j7>KGP7vv5 zlg+<=wwrAJ@NBaAm!C~G|JA^@$>zVw=3jcgylnm?NqBPFM6rvsnk@`DQ%eRFjYE-6 z$seSNJ&;Oy<@wZJ{j!D9$*!1_ayGlv+4j#Z3#DjIXO^(HjTMo=H(5$2c%hEKw(S1GkoQFv`p~5M z&oft$J6Q%~$a%afr>T?k+ng*$$%`dM3_O@jG^Ex+L&y#@&YVi=5fT_&t+iC>cW<$(oy*jUzrK|7BZe``0*TOVfw-jz+JNU<2 zlI2(t{bpk2cZNIBL)bi6VH+VlU9UXFH0rTqUd_jX=v^8Y`^^V#zM*P)XbU>rCf2F-c@6~5wF zVJry-1-t2elrsATissh|Z$=mto}@GkNCFeE)4LfBUJgc2kg;mj-I(p+%dnDCKciWd zbpLiAm9z5eef0pz|C^x3%2XB@qzfLLn4-rP@=&If(!Z`;eNzA0wbTbgF?WAm!Cu+> zZGwH>=&HH(>tEA>V;ixEYDIu3BRRuBAczzL%R?H#ChV)_tcP9; z1d&bv`Jf&lja}bMja<8~T2WA-&>~YFSXowG%?AZ=ld7W;YHPV?Z7xxpXZ=sF`=5{F zUpDO=*gh0ygkLfselQF}M{ zzL_OFB$ouNnsH3E@VyzZPb}qj;F^JPYkhE3quP2RQXQpY|A}Y1HS+WWAHv2g-LvY- zVbK z|BvykPX8a2@F$uO-jC|vpO~j10cvSUxsgWINkX6GDpylVXS=p9gG?eSv~+7?ip_|G ze?ux{wJYG^OAV_VZc7{L4@e2xuQfsZgvgo(tJ7`}GnN_zpxRRAXcd(&lsNC21c=Uv zw*I;~A|BxBPya)L)i+`?JuGnmbkP6Zozbfj{omW&-SGd9@+?XJ*H8E>X!S)?{yGAx z4cv;stwo_L=3WQEm!kZWGuqOa?& z_qnccYrDJE0cUf0+dL2Q^gsV2jVsGs{LIsS{_pJU?v?LG-cbxbuVAIjxttuVn~RT(K&uj_W#|5FA80UYDqOb+3_h_iqDM7Jl^WGe?${dpACD5I3OmV%br2 zqipX16$W#^C8*uxJm`4?s5Doki9HYu(AyNN+lG}-wX=Ny`f;zBeCfk$MVZPl*3`MP zc^o|c62Vk6($5XC-vOvTD~!Hy_SFaH&IIq7e={mYYezmu=q5qHa6db&Rhzj**LS|IRq@HO% zHF)roMuS5a3)alOw_;qKSGZ3SX&DtYXv!2<>-pH5COm?{)UuevdyEpOFq?U*@4~@! z??c8+TPq^%+FX(wN^aj5yraP{TKzL2605(p2dQ3~{mi+{3BrE=`-5E*)9{wla3@1= z%EnmE_t6lRnRun6+71T}b&qn-%+7PA=uZ%uVj6-IU`YMNKKcRE@CnlHoA%xDzfyXG zL*iUxOd^hf+t{Fo@IdQ@5h`7-`-vW02k)#}zG%n^9%jEDULGG@9h)ETE{^PvQnZz- z>O;_g=%CbMADwYVHaOIPL-v?kD=yha|1db^3a~f0)rnh1l(-(8GL8NIami5>ZE&bB z4y~6yl^XrS;M9gbEs0wdB~c@O)nZXq$Mi=)rCKH52A%q%lcPXe7qzM==Ke5fR?>@Z zu&nQa*ot1wM;@d$`U4g8ttKgQE*{~wY>>NGZM_WF4^*}2{S0TWr6G;f`}&!CCX8HgKy>rs1yk47h) zhr%@mLq|NqloU#N^gQb+d!@|J*y_&-wJH|2BH% z@*3a{{qNq3-7^38>g$dE_i>)(^}p{kJa~8wa2L*PbijWQae!IqN7e#60eLry;0+>K z7stiA5i0XN{-YpP!A*37VUK8R(12lo9DUx#-e5HZyRXGT8L>7-2Y+rvT05oMSRQN; ztj3?WLz7pjLQH-mKOdTu**)IMQ~n``lWU-_O%u|5w&X_csCQ^#31~ z^FO_KvA41Rc$BBjm4Cguyb}I=ejk2oBBB%VIW`n(xJI{WATfaS``{^WlR-Z8ux&qY zn?n%9JdtAm$^TC^*)n!0hW>56|MO;cHwpj#^iMDPA7B!3CdiU@fA;C1|F1?b%JhHd z#b`tSALS_~c#lPH=Wzs!J|_1Fq_{(hSyfg1pivh~4657NumkVJVC7YEx>MRApN0nbOQP#lhk6QT83_OysZ$|CMq{3TOXW zL(NiMU2ayHMv&~e#E9C#!Ph}TVlJrU$pU@)wBK4(;u-q4^@Ku$ z!#Pgm;2@3-xv%tmk%pla8MHN=mvfs4=?!5-hzo_{?#d~|e@$d@F^$Y)PH-sazZO67 zMDC-)_CN?S=i%^(gm^I~K4*d0M>`{@L`)LOgX~*gSudSScXG)>At+YOe6x}cf!P_k z(-y=}6Dk*noJn#gJ6p^s(YRQ#v4a~PrV%-X0ADVRh}0Xs8HP#9hIbNALLvqs_pcqW z=-Ja)e=U40wn3ynG`Lc!Zr*!p)trwB!NEBT7f#0V)^>+#4}_%JzIkskO~RcsQ(o1_EBVLY`KBf z^>+%^omdFP3FUwkAr?ZL%Zr7OB!aWa^AjqmkHaSx_sY@n)*NF`J(7n-iJe+t0|vqwo+?f_4`V9b3_wBhDAePHT$k_Up0HJb85wH__;48o99uUe)oS8hkOwc zwweH-{rgDds^8Nqi#{c(mo|gN6w&-gU0ARsAL%c(hSSO9LIKZXu`>3}3L&R^z zf*)pm)dz0v89}u>a%*j0tA}j0cin`zrA0yN^3RgI0&fmscl0oE%y!kabM4wdseRrG9#$ZFQU38Gf4?mq>zIl6oaP;Bi z==khPk#0rA*D(8DjeikfxHvz`w`BLsdni)v&3cfji7TBxy4JH+V37s%Xjg;wsJkY; zXm?MKr6}ETUe_v0UyVwV{-PWrGbGGcKD+f_Kques?Y($X-UqHdr_&Zfal$3{dAN_R z4lkM;Esb0^Y9s|}Kr6L4sIk1XZLF;x&uaFqzBz)7D1ATGLW{vPOwidisnbzR;-vM)DRa< z``nYo0Pd6rWFPJAx`&z@O0h`KJf~5woo>bn|8L?;67=oV^~AD06v2F@2zQy$#A!eY z^VL9Nx<4EqsNozOLD}Owe~#IVl&X-sm}+~I445xojYg$X`rs|iuAG4Q!PS{y&)lic ztSG0-)ocMh4bQ53pz>i8iG&O2{XAh)Dt?z7EMe2%H;XPOMOVYtE zgXYixjO&&s*CEHjz!n^)g6yNGir;yfm0jHuy*D8LQ2JR{w_5mMZ%1m?w0<_^J`U$x z$f_E5N-)55h9wc-oofHv3(mvu+-(BZWAAZ7wSgVEixaBIE)EA#UIl&nw0-bqY!$UX z!o9C=JNQ}@E2`FxgBke;XQXclgO?Nrg-GRJ^Bj zsZZrKn%#d1@}=sRrET$dzDV)Yw|je4VNrFqk0K{pFOa+a8y;GY)ZWK~2$CL5#?vLS zGPbgPgw=wxF@W3%`PHBj(;gT5NDiSaxP1t6vX#=6kjBKO2fjw(bnmgDU&oJ zM+JlV$MJLMd7=N^`a`T!@X(mUp;i1)LjOOc5JJ!Ka~pLp@$|C)x2M7^;c4voNwCiR zKd*Ma-YeVxzZmUo{Qn>2flKZ*KMayU{f}TtkoW0RNuEZ@og@r`J5|y`9Hv6@$X?5i z$P`$Z+Jq1VbP|Ia1Kw5gIy45_S~0N$7QB$xVapY+g(UH2gaIL*q%;gn#-z+7d^Fh6 zHsLjq4%CIeEWy}EPoJ(cK7r4f9gLP4$OKC=TkInf9R}VS8lFq1$^p|*HE0^TZ{Rcq z*oL@iXvx@VIT;@62^Unnz+2~cha4o;=y3>T5##_Xb0jTdCBxaFs?ok`X|DLNH`Q-% zsnCOq!!*HRc^BwKqHLCiI4OO6f{^gJ;*Sc!1#Sw_?{E-MZ9H<3P$o%os5pQ;&f0$q z&NK@W==f6MuUl8KxyYIFx)g@)?`7fr_6L-Pkn`MN6VG}a3z7?xD*If=}h(GAks&;dQ7+=#5@^qn*5gfr1k9(81*?dUtuUkA@6$qQEdKNh_)hh*$%j5A? zM$t6DHEi>uA_ubq5oJ@7=#mO)p%ub{m{TU4P*sP;VIzt19Mrk;uh9$a&JM7?7wZFAgfV<8(Zl^WxHer z(bb#)UD8{FgEJC%G-Abp&%#T_P+c_U9z9 zWV`1aDq9i(`Jo9Z5lb&ysa_i!xQrHZds)OD=ae7xqz5?%(}eI78--)@(Nqt4${s*RvFI=F=Qh8WD5qZdw4g3N+ai{s=Mj@ocQA&v)OU zt0c7)j3$Vwr4NlRc%jkexd9IVMzJLkm5LL&ofC#i4K)vfkr{3r#1A+W>lp>KxqFm)2yJq~Bt-Q)Lhj!B%>psmk%;2Pa)`km`{uE@$4~Jh>N^Cz%hnW#*=^~YQGVX;0TGu94@LE!P9JQDipQji8CFL zP6QA*I9xdF_+(*E>D+Q*Titv4twLYb$TST@G^GIv)eSu1DGQKHXzUn9RIgVp49rHo zw8E8cwM$V;EuPRBWjL%oO*-m6ARFC?H>;{YmZb<+2UqXLYfzeO=*7C|MVtC*qcGYi zj5Z3Rjl!tM%4`%y8->wEVYE>gp)Xot^krNQ>eU(R&_pc9j_1s=Wz5@^7fb3c+Ie)e z1fSjko*F>>&iQrJh4#HQLtmgSXKC%rgDFn(HygdlA6RcPArjx)mE(xS3GqSG;ZWBC zJsqHTg0!kp6x&X4u+c(nv=AFD#KxN(??Lqq@7ziJEstG31JK4h zpaTZ_*$8`EX1NjeZiKxXVedxRyAk$oguP32xe@j*QRzz)_V(aSD-zyLF10EXuH#p` z#<>wsHny~}>)yyGTjZ1XHSDg{0J$BMB$6Ak=0>c!5o><2#?{R`cVk_>v9A8Jiktt` z*41q!L38Y%U1+_bHyi8hjljNjmK%ZnMqs}Y*lz^(8-e{sV829{8-e{2mA*8A{gUi_ zRTTe4OZ+$H-Wzl8KZrghKXI_{lUS1Atej!ssZM)o(+0p#=dy-={^g18nFLuz1NGA8 zHT6DyYRUi6lK*8eCt*Zqj3?xNIY!#^zl=sNUzGB{?7Vt4+S%lPd5q^Pbb+NL34{Bq zUTw`)L0S_AQ zJ937e#R-|xJH_@XF8Tlee1OhbxB&hs);22Tb@;}7akBTv3UhdhcnL+=mA zigJo4gBg`W_`e?hlfmTIWC;JaFXpqM`k(zNZrCtyXoCIgG)7Yz67l4(192Na`RibU zub=#NAS3lRPw4E)U;nQsU!nInp*$7nYiirDPex|LL zoj7uhjm2yL@`+e4@R!+qK!!(>a{7?VGFdX9lH{`+uPd;l?f4-zU$(IDJ zYW=h0K?i4&Av;o(JzY}~b&t5%zOl;OG5!%N46H|Qq^yubEw7Ir_9%Uf)$r&yY(8bH z=X@d`ob6>fCFxdGmUvbq6kg$}ZtUnA5F2Y?N?UrmP{r#wFA=a{=70*)xTZdE!OGa+ zV~cj68}guCW3eAAI$~^jw-)6=q~IBi9fd^1n{pikMbuAF5ZX*s^DgRYPcmq)=`Tn! z+5csgRfM`8dckdTT>{JC=G_Cb;TW>P_5MY04vx~>Lp|6>NyolL)->Jtpnm&XYYY0= z>8F=|O%5+rTkmrIt^%BmJX`1CQfIeD?`{+3|}r_rTV`_-;)riu~qxGS!tsMCVQ=AOV@Lpb3DF<-@ZNI39j) zT-TqCK|CO@g;g-Kt^v|*o4q&)M3UpyB-WHD=6W)V=K5K54<^M)O~iIDSwrDX+|o8@ z?MF{1ZhkDqd6ct8)y>IjD?-z*>B&#bqWSprhMxU@ck=Q17jmLO1{q|KTad2+00960 LAjJZ20OSk+OHHl*40YB@2#is zqajcL{xg0l0jLcnlo*U9WZ7gqIa!UE)fh~aSuM4cIoagZ)YxRzZLAFKOgvQ-?Rh0k zZEOLqdN18JIhrW8`o2*#c0RS+ylLK%$QQ3&Kc*b7WJbFWhsT^2E@k9zF(X1qVkiTI z1KgI*dp_G0IuJ@c0FR{?yod24MGurHP@q&pg;Z0HgpzCml({6B{iKbb4_A4Jy~~+% z#`l3{lkIO_uWoN|`#89QeqUc-tAB6#H-8V=!NtY>c|7h9)_~nI8rAy}Rn*bN`NXN~~OsL@8UT<%2!z#Zq zp)|wlHf5r)9}$s`L6lnx5!V2$ceE5J!#$B;vg(=iMwCsmd)8tV*tp^cp_p2CJ8@sLG+ zGtx^Dm0$tvFcB%{DRy!k%Ou4s`HMo3L-ut~ozcqvP3b{Glxr~41l55Mlg#aRzwq4Rup3(8J9Ta)U@A^kw`&Y zRhjR<-r@K;Sc$iess0&k{5TXM&auwm{FUTPX%e=$7&9Cq8HKzpF9exK}hA?}a~G&eWr=lf!Le0^8EUan5=SLx&BW%+qm zeui#lm#(*$>zy)(iuL*W()6#L?K!HuoIYmCMD+W$m0Su90OoT|iJB&- z>Db2IDRdq-`xg7Z)1Q4Lk1PX85xsr05=luiFs5Bm6myNg{JX!0hMvFtJZro9x4-fa zJ|8Ww*Q3?(lxB=c%s?bjZy-Nlg#I1(*E^@P*!g_03NmCVh%M_f%)+X^$gojR9P%Vs zR;mxRR^D%d(WzBO-P%c}EM#ZwqGdEf^mzmME_@T@$RCKdaBPW|(G42koqz!OgG9n> z&kWdR2H!4Io&_5T`)|1E<5vMl3*NDI|>o9K>1h zi5QY`M=?+>ym|mmGdpoAniFLbB_tb|b~*A2Vn{)u14Zi+A&O~xxT$AxWRO_MDbS$h z0vG}8b1ws}RcfQ`xg1X$@o*z$5{It|loBD%rHy5mS{%~! z-azSQDdUhEU%$h9zsT9CZ7${eDC)oFk#N0`YL|b{%B-9WlVC^Alo|-1vMnk!rkq?| z_zs?T#X`mV0BH4cbtos+eKQVfcQ8P(&y3 zz+t^80HdjhX4rnkp8K3B<_=6pHak?S&yZH`S#_e)u8aoX z3$dF}&RxB=cC<15rCO_l^HG3KP2&f0tkj%r@bgK5jMNmFD1JnD*ygIVV-U*|(tuWp z8aoMk!s(z->a{frKQ`MuUpVoJZcco$VzXZ0)ees=sZCRV_6pcqlfTwh%evYZ ztM$Xy);aEi>hJbe&4HP-v!_OOHXl!RcHA8p9%5BrU&~RKAKn4v!Y`DnfB%UKLs`Ex z*gA$d;mJPS_wC-^h@$8(x0hQ>-^y>^!Tqei0iPqCIZtt4km67lwLLtW9Yu6*=6)3U zQE6FFEN3FeC=xz5uy{eh{&mUOWQ5}J`@1AW7DyHgkqTo6PJEHYV&D>vpw8L2z;vW3fK7QueeHNEJ4bA`{{&8{1jKK^F z4bSs8qktkE3BGoELH{BLiH5*A+VRn{wG@dr{z4%-cTjT8)G%ed_SV9mjv=P3(AKi& zfGn`|@YutYv6qT+$E^Sr?FpM&qjPA|9qxL~2Sy@G*sQicy7rjy&ms5z&zos6O&#U( z64bx^Z->!C{A$O)L+JD?55LJgsFyM+BZFFFEwGJico!P^?aTm^&3;7YamULx$b6iU zhMB?e)jfZl{#LyLCyfU-##>mIBsqX1;>j@a*(374s%;hu9GET!Ubs(kLR##`45TnH z#Kk#h4P)V%3;)^1_k;g~#oDb&l3Y4~^%}bTlvB#p4sJ|zKfuW3&olgoLJ29*7|h%) zWv(*;GtH!nLyZ3%*vi8it~&P;BqLvL;P@|h;TXL$8u<}MuAKkdKrhRY zIOWEjuI<0z5MzuCKsh>QDUwOK40fdLS`FG1qDwZh)9zZ#Fs@+bkh{G6*@S@!3}=O zNU*hA5KLyKARo{V{IyHs;}3pn7bYsNmZfq?b~s7jC%Y;7V5~ZNU|!yW>5yh1y+)1` zl*yAM@B|sX5EC0kLzw7IAj+kQKMcByoPv&d1AkG3BO=_~l=$}r>YJ3b)hcSsH&Bpf zCrKO*ETo4}j4SoeWM`XRIG0N}1K%p(Dd zk|!Svt*NFxq?(!@@iD&m-Zl+w$F!l?oD*thmt0Q6^pnE8P;EB}QQ!8BSpb zqRI=H%iYYFg)k%EQs(t_t%bVl5I~xGMEZj<8`2u*b@(BTp65hTW+sz9B_Mv&kaDI*x~yRfRF;KI*y3YUAxB`K5I@USJJvW*B3 z(!)&u+0vt}xj*u4FftsJF^s(NVFzZ7;Y3&Z{tFPBJ-1=XCuad-Yj;CLXHLR=1+gE4Qw+$Js~A?;-&m>K zvn~Sslx5;PB?a1}UKO%B<|x~45wH`l_o$sT&@X+Q#%E*4DkDTo8{4RGhD%GEP5RYG zBSkbwloN%6!8s^dq=A@C#aFC1k|rjDT6iYzT$)uHqLrRZjIyY<{o2K97X{2;fGh=) zbf;g`{QmOmrHhZ5by9SWeCaY)g8@x?I($vI^ zp^6v&gnv=yuXN7%h=u}0tqSQxD=C8=xx4H*$a=5 zU{7Ej;_RG+5!xXQojuH5XC^U1+U(}sDqln3QGi*V_HD;ccPF$gO z*Iiq}BF7h|{drmNaGGrWnb|s*(gnLR!VM(1Ng;##Ems?mI%fy5C6t*|CiBTs%*?rX z5D=ziwx(0e>n~o5Xvh;*!^=!JhoXl#H?!2hCZl3L4Rm|n=(GP6@_XBx?7z2!FQ;~8 z%0S3!Ww{bIc5fJ#GDD{X_W210cSqJVvEN6I&c-~9CNJG(tDsX&zs5C zEX%?Wx%Nx;%_Wxd75M55t@8MkGzto>^7N7vG7he$!X44Rc-jfA^86|nvjWcd;>sEokFXlR{1x*)mwH1NJI0hgc9lA z@Iu0C2|?k=Y$*YTAaI1!XS8WIXEpH!9-5UGl9-UF27qj}-OfOTwgsUB(9)5`neIaz zCgr#Gz7+u*6mHp0H$8WRvIu$r zB~^H>SV!z3OFI_2;?oTE^z;O;wQ=DkhL(lMs#3}sZ%PzMR8;FLL3x#>=zizD*JBQ2 zPg&>SF9+?d=hA$x^?WpIw^yChdlK@S_eQXQ?*SXqV{14!#8|1Ofa4Zee(DYY5X;Gbo>P(5@U*Q`N8es=TWf3v(e1xw943i|?n{O$Us59d8!sJQeutnW zA)FL$b;uhFa;Ar6+W;2oWvOT(I&;0K&GAPK1Gd7SLhu!(>9@bEqlUod2{4+j$ zA&)Hj?ikIF3)4W^V=q}egbyyNfCaeJ9{z*_cPl{@d<-hUt~jDV#vp<&BI|bIy(TZm#;PEvFlqG;kdjPD3C$Wx2TMkC(H~t+ zy<}AW_`;X_J?A@i#3Yj^;*AeCXweM99Eelq+BwECrmR5kdfnFaLCnDx z@y@@hkb!M{b229!jArY#x`%b&VTW&|atzTDZJ_KtZT%*b5jr=Ilns8GA?$j%&vO!@ z`S*%2H*Gx49%{sSREfJig2qI*5QY}`3=aqIkLI(VQ(z$$emo}gGS!&XhT|(@DI+XE z;P>5_fbC2O1SqEghv-0MDifnT=J$0%aI>Ue0!%~6kg;JFk2?N4D*5cYnYY=6#FWJkh2h3^XD~hd?L3RA~d9zBhYMspu2Uou!7m7@S7ZoaFzUH4;YGM zxG89W7l%B)EavpOJA?FjQKNg!TJGj}aid~)2Y`bH3yPhoSztyTg*Tl59 zmld+cbm_kM;pwUc;OILaY)jsyuT+cPPg2Tk3!C1agEd!sFF*BaHUg(7Syg{N#MV(l z2znQy1kaUmCqJ(yjxckpe6!E0Q{qQKSn1Tz`Nc$i?Pb7*`iujMTou zIoq;(g3TY!ZRH$Pnxb~sDwJA{;ux+ldtHHw`CguU{&sYFYB-wQ_M7{+H$s)f+8Mu8 zyfbc%)}YHHB>Lfo|FRB5;{in79b$wx%_M;>?9Q&sLiATV%z5hzViO>DHT|567+MFW z#XF>bEP%ky4Yb-Uq+*$*^$y5uU$BL+P;`rCQNJ4?#6Q`x)nP|K1_OZg<30J>W3TtO zFp8{-`5e(`Qh;T|%aV5~FV-y}-_!mp%6jV9#C_ywG}1U%&_dk^OT^7^sa-MxQK&8D zVV6N72PkQ&E@x6{G=}9E19_ncRL8c6oFc?RPy~4aGD-_3TrP|*1f60@))x(+p3rWwf3((HP-i2 zHRW|_o70f4w0$2H!Za-HG3y7qlL=sfX)%Ipa%o1DEEC30yPN)>L-xVB{I>SLJ^XJ! z>HIdowh;b4-H+wDyI1l2S64Rnzh8$VmzR_3eRH|HerE4qV!t1@pXLu2>HT7EZa+`? zu>`4Z&=W@i=D@sA>7(>0o4=yVXDc0kP&)dEnXMD?+Z|VH$;=LARHubc`D&WYJ@b0& zWdcETKr)t>J#Kwj%9`uCvCt$lB(V=5<_Mos*D|5OPu1rLq?W!hCY7MpL`!bckj_d#pa*k$wNcq?z_DHf^dE0vw8S8 zrR>V+9ID`qKiydTF#a6JzxOA1oF9=DvC6i4odnmxi)yhZ`%d6;NOkP$*HmgDbysOZPM?vVkT?%NI&imun( z9D_F_;ah+e_P?fh+by9?cixbU5ADwn%3`MFbsoEQKexvf)zNX=lKh3K~eps|)gnE+Dd>UUFD@-cynZti_i&9WPhy7qT~uViC(53wo=KS6pLCzqg2f889?DzpWmUXoy%hD&^Xf+&?7ZRn0Xs2l7_BE zRCYkx<{YTZcx!f;KZ+s9OhnborF}^PJlN3?vK2ZYFKGSQT{5nPVefu)f>x-AA>=s!cXXa;&y}r=OC7%!U&z0s*1eg%pAa_tm1&zNxL!8 zV4c-IWh}%BD$UxzOt0g|oD1jotQHA9g?Z0z2-qYC@W7(^p!E=9?f#OVKRZ1HV1J`Q zZu->jUI^_az7dn(WDip>oN}h5?!k;7lp2Fr0=9Hu?DQgMo$oJN=yh4`&!*>#w*2g9 z$I)PKLQF}!tl;*Q%Bn@Rz(kiXp{1I27zOGNDBr2=I}Yc$!q}p!P5;0$YG_f+l!Y>J zqH5o{=%p-?S7K%+!~~FIxKB-|JqV##vsHMIL|YV1AE^{np!EOo;5s;F8xE)k)no+E zCg0hX1TMgiljEka5|Ts`&iKCh(>_Dq#T*e=#}J|<^)%lM%@9w4oV2&rqf#+x!&0v6 zJSiBiPG6TUC4)J5hDOdJ_RH$^>UPVzny|k4i*V>Im$BtKBSH4{D&dPc!&r<=bTro@ z#&rL#vmZ<%w)-jbA34D+|Wuf(Y$n*>|R~J34*lBE{7DSas|rov|gzqkPAFgK8$` zNpS$72KfGdmoD3)i-%rBLxw+J822C(igg&rxEBeU{8ntmoaHE(!8e+y(`^RDM}8JZ zGA{6#hOxaL+D2ui5+t!_cjnCrUbmau%e~TDX_?JLZ6;G;bdfP4rWC-rif;H*d5gpC zDS%HT>-5)I*?!=n;Q1H?;MwG-m@zF4Z51858K0x0U)Sogw%)W2wl1fG{{%4ug*Zv7 zam+qdMd;?`#=}i`-K7A+y1-ofN^rEW_c!2I4KI488ij)(*XA5jtn>rXn;Lc^YiG#w zd*$yiYsE@!2`80f6K5Q2^^nc|nMk!lx_Q;@NWb3CFpZi&G*yXLA5z^zS+%w4SI?^* z7atYnsY|KqdKFXJm4b5)mO3)cyAS1#oik5S+E47IjX+&MyXbg=4xm;6+w|)UT!KbvxpH;hUc94=u!hh0CeLO17PJiPqu~`NIs#g;iZ2rh zHh>96fyKyN+w%a8RDsr0nxW_^vagaUXuPg-xzuM&_9wMu(Xi>QjR8CZrnIi|VPCug6{fLS@U0c5Jbo9u_;m(*c%FP&((cZ6|Wg15NygpNRD!C?^q za$htFsv7|6f|2?Xg6QvFs?o+1 z^u*^8p{I9zg+9m5ok0(;&^@1)O7F%sB>f#EBM@XW%dk<(M`h$7-dm#`y90%zmfOXn{ddsnB3~N*91iRFvR;4Vzo7JQ)!~S~?ux4HA zQkzoLs-#8Rq9(QdZ);WRysuqp!edJw(^tD{t}di%G}~pi6{{m=Z?Kt^93tK_-_J4{Y%?2xgi;VPx;_~q&c1K8 zaQ?oYTBnq(W+~ml1H1Rrce&j@093htjG6Tqqw>Is5J<7;n2DL5%cUA%fz#m{E&+Sp zY3OAhI^T?z0!wCr@EuHn@?mRPyS}8sb~FDCm|WjT;@-i^;|I#4T`JZBFZF?3RpLVa zbhnX(SLWHCU$#@Y}u;KQ{k*6GHB~nx$c)~I`$^C_4$XOaZ2!!Qb3Q=>SGUAnx({0PbhT^YtOu()|8dSxb<|Qs+q?NOtRe|LLHU z0>%E*K@Y$?x4W=9l$YM$XpF~<*%ITW%#LeG$2BHgSHc8Cv_*t$0o%4oL3++1CEfk} zkj2xxQ|!kcBEpgSrN1;O>0B6aQD)jml{~mTVcD*p=I*@fF3ORHzo^UdjkE~uTDyKw7CZvF3ZKZ`dsx7r$j#)PxEHk)dmVGnnJ9eFmkGjXB z%*#sDn?=^i^{*z=b8uB}QRTl{{a3qL`LGt0_}mCcVjbNgK@7i4sUnnyg%@y zUC*`|t75auC9j*PWfmpu7Y`tsl>OHS`n3Q7Gvr!yiMD#BzH~;N*}8!| z#mcSl)R3HqkK%^TSn${!8@yOn1MH(D%riHJ%YQK*2Xz&#EG#8HN-fo#JB z!Nwh^{>vd}fxtQ=!{II3`t8V4ILf$mmrdadE5Qj9l8Pwils$nb9H7|%d2UE|>h8|t zIE+uPaagKUYB0cI+Z!HxHyU$~DF<97n#%)SsNuf3#Z(GxT;l7*YvFEjO@F8Xhu=!$ z2c}_o_o^Uy`yC`MD9j1IK4!VP0Iz4EZ&MxY0LE}&@wpXOLTmn5SOK=;>)B~4du<^h zzx7Ah^fi`b21qil<-`GmmR`blu%bAbR{+f{>fl`*3GoW4w9wXv_Yi31wug5TZP-0Q z{9#oAq}%&Y0I;DXys)MS)Xh3@#hZFb9v~%lA0O-x8Rtd6E_2+zhE`r?) zo<98;C)5lL8oZ>!vIkXv8gK0^81Z?JWZ&IPh2+nQl!N_POLCXmL{(e!p_~n4xf8dK zPX_|qb$Sw864u0uqYr=;((Q;!2ES_Wazm)sM>AGVCbr)yrdbj9xDW5>gl)=p*fc4R z10zyFs&;6PV+olgJ_qS~@p`$S*t(4~klo+v!jigDFrkYQv|N&_8C>mPY!G+71yN*J z8K?_>o>3>kx&mS5?{CKEKN~`sE>jL=FU9gaIm?ToZJCHHl6Ol-=b%^2^tEqL&1Z? zUtz0=W--#p@G^uo8;EjDL5HAOhOLmBmksbT5Cfxxv9PVRAzQ?iZ{P2#xdw_-Jbg%u zSB1J(f>n$1rC@ILWvO(zI+gWEyypUTl4O6shr_GG#MF@SvrMbi_Kj%yYDU6a-x|>H zR}O~y0^bna#1zpOZ@jhUZPlStpt_C&n*bD&V5c_8xFML*@}+2fDPrbvn0aa&YfZ$oxJm&D6GXy18Q+f+3UdUv@30xTJK+v;W zcNq!YX?e^U$CE&>OzKo~C3m@o4J?!Ib{YJ}42(@F(A@%oHR=RInR0V?TY!9sq9m$r z4OwDVy7ERek^-$7pE;^S)u%V>yH&TE%-?aSErG@e%GRZAN0U`z8OV?pMF@CKI+qSz zIoi9qVcg@;p_)zdCPrnukw0P#=C44tPX_w6RUP?R^79600Ygp#p~6M}b3#ZXKt)OS zIhaCuR*ZQX#9^o&j?CZ$3zG;10=a3Nl&BF&!8yZ_95P%LOKO8*dFqFODD`aXcwNH* zayDp%xwEjAM_B?HTOpzt6iQLY{s`H%@D{yimofKYPbWdP*8nTdJe|TI?7~ORIFdvH z-D?)o!U&H$Tg1d3cPHf#TSDZWH;k*M63`sI!)yRVJ+zFrStYX*jp9Y$kt9E0#jr(21#9J&zhQ)Ru^|tO*bW3z%hl-@WSL}s6f?_Mi;ONry8fVg9OYDHhgnmTcn`5}B*x15l0Y4xBKKeSgT^#ToN0aQJ`&H&Qofi8 z0-Ix=rm-p6D@uRI90JCO`ukD8u`bC54ksUbXz$51K#-_>zO{z3b{Kk%b`H_umTiGA z+U&H$HR0sYhh(Zw546tg?~Gk2l`h)g(EELzsUVqljopZqo3a|8rCZ=T1joAhQN4lX z(gJ^J>|UC^S%%Dyko;HqjwX$nX&18yS#2@Sjh2LRCZz`7I8sq0gQff{h0sQunfs>5 zL<>k>I5As+)$LxfFxQlc$U+D;J)A<6p@|R+(J97EsqDbRo}Q4yc!*O~I$55?hD0OQ zlAainwcy4O{$`*)2a$2FT}qnJUF!z$OIw;zfK4yu4JIQ5jR7K&DiImLO(|?Wv>!`t zUt&`4hgKxnfvtA}v)JZi#)`%&y51NpH9<=jHL<__MX%SduwqVh#Zbz>ajLwgBQl&Kyd|%9$4O;Q-=TGYCTY!7}EjQbZN@SCZ}>6>%ZP%ha-F z8oKJGNqyN(?PUY2$eM3?BG`GZF{`Jl)w+Xb_GHi^zrWf-CPO8M#@WWosV@)|6RLYU z1ht&S_99z_Cg4@U7J${ZyxH|;=Gxh?cw$LLG`BzPv({(r)^ihBQA$dai{#QZpwEh5Qa8bUJj{tcgr&YO7 zdwa~dSz;O5O=1p{>K7xx)=!D6frV{xFO}q( zMd2tEtzA}f!sEmk(d5z5|5(x;|NU>Ei;Lg={`~m;<3Z-Lae4mE4lYk)!RYjP*Zkfu z(?9$3^ZP&S7Qd7T3DA+v_Aj^F>aGrb$>Ox+T!KUJ240wAnl(RxYc>DA%I+XFeZeip zQF>HN0<&^(cf!qB;&c0AAY5;byS`$#Xl^2eNpt)Uaji{g5X==|ITeY(OmdyiRq^11 zcTtbXWIPwL*N_lp;+!$}$_NT)8W{ycz>{I-;}_S;=g-|mk$^xmfuMne|K{`G`hJ)U z!52@TurlNvNfrg{hzLKuKLWHtv*A|wwJzyr5P&HUhOxhA#QaAk4AmVeF@KMkD{r>C5@Q z_ViY_Vi#OmS~p0rG{DNXYo)pch-ga=)8!j;aEp0kfxC;*Fgl5(eqA=x-}waE!FTfA z#00!*XRNlV3`W$jC{-S(&e?#E3I{fAzKc7Zhx+%M7oz-aXdc3#G&f2w)$8)yC(1m7 znm2^1m=PUG%{f#?u_3m-Dlk)MOb{4eQ^?Y~x5k<43(xyUKn($hdp6CIHpPB5vm5Osn^ng$DN>o?Glx+8$FI+86h*+@m~QSzaa z6eV&KJC*f4rPjue-^0y|7cSG3&7iGgVbQMkc2uH_2KPC}S@r4-yt&0617FjE)Y7ST z|18`}*npkg`lRte|!mY zvrXRvnToVVJDs!^#8ZTw1(}P~s_J1>m8op#G9Em7&Q$1J4g3g~W1nSN3wnx5MW!>933&JyilsgDHZ%w3KI$4-VJB)IWPh1Ph2$tJ`z5F=bu z9JaeAzI@d&DzBzS46D)p6h>Ku`TcUa*9xt=)9JCfI|ObTuqQ6YVhI6c;F)zuP_KwL zn?V_?%?MBrUT0%@z?xCj0}Rck!%Q!ao%Ft_3za}CKR*@RVf@Ro5@V2TPq19n3r`DNmxt_qJ!d_h@q5VB{|g9Gi|cbH>>q|1rv2^Zo6Le z729;1F^KDjwAKbp|5RBvjWe3DU#esunlR{cUi#{KD{M*dUO$RCT1yfeDRw0QbOrQUXyNb`!(S-c-)Y+90On)Dog96ci?873iP2Y%2B=<{}--3Me4r(+kFG zbTV!L$}mk3VxI{6C@6O(BbdAvN_&tSU3~Xhcp&02I9(tnX zVIFh>L#7$9jm6qJ*kHK4)Q0(m980KGZknR0#^KX4#pkC48kOfHXCvqN~X<(Vgl zvJQr=norGzpOPjqz33&v5)yp=X zpyryn#5IRnBFy_;w(M9Mt;@+y`XQNSw?^7otrTj9bxYgJMYncnkK}1pbLkqkt~>-> z2%o{FeNAdKOnxek0G?A;ld=Ir18$W!c%S%N9OtD5*WWE+ZZh-gs~h z>F;*y`PTZ%JDpbJQMCN|Z2j|Dn*Y3A|9?KEr`Fw{t!^ma?4Dkq{u}M^$G@I;S9j|_ z_~~E#ukb5B`SSNZmcR1iCf2XBt)HhG-;ej({Poj8!L!dd`E3%_pXJ&eUK`fE{HF8j z?XRap-0T~UARO#n^EJBIt97x~tD{Q$pB-!)q#Z{a7|4Y#gAAGEuu9!%oj0F(F|>z`>}!*RAJ6MSz2^3UmmFl5FCCOK^YwiW4&BK} zB%}JnU=Iy;3<&3PPM~li;uN`hkmz6zJ$G>JHERvg6wZeYUn#-7Tyd_XhxMNEL-r-@ z`RZ3`W;xT4){to0>*`d`ShraDWIW;X-5_484Rx)?nQ4~KFvdYh zv+UlEwaA>#up(`{ZcGo#PdQ-C(6Siq*7-XatZ?aLvTdhe>P@Kv6~af*=c`|!XaH6; z3dmwYypX^ri$wGbDHk2~VLo}4j0d~T4DTfDMG(6ZfKV~1@G7xOBkOaN8ql7Kh!!M{ zvKAhR0k|JONP+QOX0!x-XpwpjFAo_<`nU{P#k%2va)1E zDwVEYmxO_v`qf?4963Wzy?$NMFj|R*KYm=kDsoZ&I`~)}>ZJcIVsON2_(rJu2+}V8 zx6*rpThBN-wX(6WtCF_Z^PNdwCoh)|xdDmIcBw73@h(ieh&py1M2(tdj-IKDv%@8~ zL`rZluyfyf)I-s#EGMTQ$DSFv8fQ~T3KU%|Jd!iyQ8|_b`VfdwgqR31HPwQX&cy$} z@@@-qObHMJWL}5G=-tK&6ANk{Oj$kW!o#IjoL_chUKZpK-w)e9S0i~-Ku@THnf(XM``NcB%+1`rca0i94T|X3>YMVP|BH-k)lL=SEs-YTRq#=UT5v>k$Oixz4&zQT%{@^?v_54XT;Ljp^#Y;nBEz z3H4(iIv+KSLalFl!n(42i|`Smr{=wvstwN@EXumW=9@-iGh{BHePc+|&afU>weWE7d zFKM)#CDBftUa@WZVYSKZx~IaYwm;>BkaH@zuSoqypfL6*G?C&%QMd8QXpSHvsZrYe z99Bf(*HfA=mfail|8(Abi}5BFm6w z{e9u*l_n!%Qq#^#RjFVe>h&73Mg92%;F1D9-+hhB$rqAohU_>(u0TzHyv5}vt;1Tl zO`;wcAa2LMn{rJ`tECQXn7(WF#&Y(l&Y^bKS;&vw0FT9K-R>>PMx## zjM(Ws(7fJfc}NyDL`@$R;Wh9)&2Q=%85iE7cVMxRJ;Wh}zWqzlr?dIIx6IO2@8l$w zS(cCwerwIO9)#gv!%h8}QELnlO^maeJ=F=L&XD{z4+n%BJgfQa%cs-sC!c2eIU&#h zBg_J2w>!@?8S<=-)fVNgp70H@*Z^6Tow2vt-xJ;A$%^i2swhH%4^0?DXRZ_^RApZ)~KyQ>QY$UpbV%mt>tk zx28$r-Rp%DSa=G#5~KduY=YhWBX3+%?C$d?pBO*f@h2DlBeH*diP)TQLn&mBxo!`C zT$kp&)Hgob)(5J8G(AzRGY|EY`4)_%JqK%Lj!d%Z)o`2)X)DL^*g*H?>W`H0UTXF_ z-Hsn)vv;Z#3y~Ok13ejJzgxX;`&s!t4ersqI>PfnFcjiDu&QkqtccPpiUVM z`0~t&rIJyt5Hv#2~QE8zaC-H!Zc&c*Tpx5ER&<>mJ3m;#97W{d`u=ZG0BtP3gjJ$)?e z9?z^tZ|x-0<~w2`Q|i}q+FIrv&MU3}tmwwh3dXr0AXj0BL5Ru>oRy__Oz^|I_f@PWW|yJ(KU|*UbOZ z(A@lQBOblJo?ic3$ldQV^Y{__`?CEyf4o{B2z!0~ebL`7NNr=AA{jUj_NhYafd)l> z`|1l_wODs{dX1T+NMSAT z@>u2Z!O*m95*=vh4a;e0wek&S%ctk@NOU9#r@W^D;nEX4R3dVt+q*N*^xE$DBy81# z8xSNnRB=;GqsWG#l8B$VVk&w^hv)9{jZ-!;Uw`_?GqR(wrd{iN=JGZ@{|O7-j_9%L zk6*nwp>CKh+2=)fdD_(r)BLxnSM~2L=k#Uy!>4DW>}MRmPR=XSRw&ov3fJ6w z%{F~i?H>sHLg4y0>$Pz(-bkW6=Dd&uWd~*E_Auo}quwvdc)JvXkeG>|t%Clfyr*Lt z69iz6vpe2*3ku2(34|TxzU|vBcykycgt3xeWsfVak%zriD*w(!=}@Ull;?_dgp}>% z%bvVM(Cg)HvAfE%liA1E9Amb!+-S455T&{4;Y;$`DE3(iglZh{MIc^!i6XYKrvZAS z%8%-M4z+~mG`d$M#x5*i#;<|rrOw$Z&rvNAho#>5=&jC(_lQiBW(d_L(5^(m7uBv} zL~=w~=G`2rXj*rZ>#~W=+Tf0l{&|2&n!3~h1FjiAU`kA&Z(*|+hm5uvax91lR>(+n zWvM63Zs^s>|AAOD5$|o*H)&@Esi`?S7~4V{qrX_a-rcWR*(xAp27n?`Iml%0xz6d3 zMI1pf=Fa0j~fBC#v+s7 z!YFpaW4SGb?Ef-ufEYHOeI#pP=CjYYy+Cd*0eTb)qniw%b4SNLgYNuGsS+lD)`n>f zoxqWxWe^Va46|8lAVO3@k4}g5+2-9mbt0NFd_=;z?yyj;Vz}85Cxaxv5Fae3ItXO) zA0_H^EkW~!! zJtK7Fla9!AqhXQR#|c>+x+N(bU}?hDZOMP}V^y14F#0qY7E!^sozu6yE~~|DgXxz3 z7XZCLLccyW?wChl(~C$d#U8&U*)1h^dv`p$p=>%(ggDUDA@(4s^WJ~Je-Adsmdtj| z1J!Y^pJ23*wR-PC25W8P{r8xyk zu=h4Giw7=AO0;+o9OkqaBY0ojdw<*|k<$lR^+7sHzl5Xu=??uA0H1N0?h$VEZBZj6 z+^AMmOgHxqFq%>wDErOJe&U?1W$jMOM_^VIaJQ4o$5s#Jl0f5xT+=z>xjbhVl;twy z=%FHLFE>%~@0a?s8`$;fCG_mYJm@yB^}FZN#|SHK^1k6!e|*1ub+kdKfCY z)y*X+-@Gg-oehAhG7ku8pbaGQLIBv?cD+{7X>9|27L>cISYBDq<1D5V&Cj*tm$z)S zSC>6(2Dw<@6oZH!&MvZTEh@=k2VeldVkHoE1A&#rAk3faV_z!O3O)bw{?dyE+Rz1)*}#n1nGqv!Xy4%E{LqR$PL)qMjVE@pnO z;q{A`|47mD`#Plc31rc8visbq3cd{5%e`ck`1oH_bo?F*@d+d2_rI3-08#OOk1_Fk zU#nc{Qf2=ul@AdM|0|A!zXBHfN5TIBG4NLy*Q)XF*U|4+jD6oPF4WV+y7tZr{6ytu?aGVd4fpZcO|8 z#0L+I_x<9!1drlg0bK&))jvtJ z`tVyofsyL_$EoiVrM}mK=^df|>xxg`R{~loHvJciOy5&(`7%-IR}(^4j!6H+@#t6F zeO8V|zm7!zSo5$#xYYkSG3ZxC-)iyazxL?!{ewoY7I}WfxbrJcR)5{`=_AgsIJDKG z&97t4cRZ^{nqM`}{Ay9=zi5p4RhUKJ`11Xu%dZeyzJFx-6<6yjQRUY$$kESmgExauECeziFAt3;9S88Cf?2=Xh~)cPC3?;kt97b5N(H@;8Q`1{3-Ux8pB zI9~ipR>{EPt3-WcNaG2;8%W>$y~|Fs@+_l^tS8?L_Q|9%nS`-M;cs!t5U z2eLXle$c=_LGj-oG&&Hv2bu$hv>IM-Syvdy5;Ob2bd2z3*MH5-Oem@DTf3-VIPM<) z^&#H%6)>OH%|4i`_TpOM%RVJUwb&Pxm!?{sC$#-!PM{gNOH8nO5?7I}O(o1>AgOFMIsr%I`=P3?#RkIbq%Ixz=FXkAD-B0-=Pz9} zQIBR_|M4-I3vvYj7&2KMgYT;?l}XJEb80{O#Ku`Y9chyuL6ZbeA%qoy@KrL)iH;pm zvse&!D7CCpsicYE@?!!8=wzuQoMZ&Y3pB%OM>NnqHi7iEJ!ved?X1tum5PU*--HusNBAz^1sL01|P;EDDIuX@QUB$UZ?dMiNn_C_L7h8JW*jjx{0~gh0qqCKz zmx5%sB=$0!m{bqujgVO8K#6K^NhOIP%B%(e!Vja(P56-}d4?17GvZ9svp7aS|FWT5 zC9#Rls$YKkG(d#KXz=;-H|uA$#|Y#DoYHCrHcJyiCsebs=m$|24;Ofz1oyGOzrX+D z=m`Gb-`}tP|Hs4qqi+t5j{bP?;>EN5XV1RbKYX@-aQF?{f7FqiCl?ZD-|XMJuj=4_ zCy!b~bb^K-Afw$d%3}2o#90`8{=DG@?ngMKkgow2pp9>Qd$6Gwv5sD0_2x4&p$yjV z#+*nTV~N#@2j^SllM^Lkh;f|q*wUA2SuqS|4}uK4P(*6N7R19+WZ`3!Gy4UKdb#wb zghAnPPLr5q0JR;{?f&rjaDM}#1dmB#x-n}alF88gIs7=#P&sB*{ot|>9wW*o85T0j zA*QolOdALRrgiiawAsAuh8mJhG(^84Mw!A2Izpd6ZwM0|7_1M+s0nMV%3ezuAK-mL zh5T{(+Z!rmi4#{QN^^J0rg?(1@>kWah`8DsTo7?J5x16KZ`kwKV|06<8;WLRj_pRo zQ^HOz&p$jHm0nlXpi=S*T6e?Th{F~xq(~3B*(l_XdP71}qKb0xYXztY6J9zA)$d4b z#-?F`=;0;_r~}bU44|W{3h(~*Ey*Ng;+Qf>R;^oe(K&!8OC8pMDb-Fb-6G?5Mj&lK z&b$_MzRE|BRc@ucO2F<0$!R(FKuxXz?VhBwWoVajhfFJ5UcDM!`#0pNDDqp_RU`F*NU1rOlmG)(4u6dpNc(UCT0Xi(rmp zyCKy{_SHjQ=k1neltnbf$q>EMm*!HO;kmv62;*8<;zK8AC?*oqq~=_^4YK?rO(@P5 z*MwmvYr{;`xxf{$6-^)sZ6F#iyG%76@VBZnEKeX?e?z{)X5CdUoK9rFF4b!{JvZMgs=YsC zZppYTJ1!-L;_^kd35*1Zvd(ym9lB{pGLR(zH6Z0EE;w?~79rmZaBvbb&xPiSFtQck zY*B&hd00oKj6mGFn%Qc<(Gx`c^_P0GP;LXXkA2#A8yM|J?b7g%-s~gI=)A-{`gL0y zhj?j>c6qB2^2|YT*|^A>vD>s`Ir~Bb809?+O4|fd_E-<-#I#h{Q|lI7%MPXUHYVh1 zMY3z7s}<;fZM<1O0Z)JX&zQ29vS|-9P>22J`N2`u{&V!~=*8Op^AyjQw*OdiT3dmh z(hBraBfZTSWQw%fgxut{S%${0uctN;nIWLDcBqzoS{#roG^(v0E=Q_DDUXEi|K!coW!uKC@tw)bsAtqGC7!I zhNoJQqf9ZpL4*fN7&}H=pFW}C6-kJarV4}h=g)heJ_TuClRQau#`+=p{CNOp18h1_ z{ciPCEWaNfK8a#kQ|I+8Hr=eD^BwGn0JL|=Q5bL^O5&m!{NW_>hn~SUL|3^PhV(E5^k+TB@pc1VEBzC`@ddUf@H__$zyAtLIxS!5@CuG>vTT{4!h`g1B9j6e8) z47(hG)=O$RZfV=4szNY3#VH=sgx32ul@VE6$q)YG3ZTd@p@YW75P6*n^EWHqbDP&; zydCT6$rG93(dg`z?jgX(>3z9|flYX@nT^DiEXJ~MJh}>YDN7z?a+UQU%f-|)SI$%FD<*MPUafatas_hW6qo{>sk1Q0K_|e6@^=2q!UJ?t7 zr_o3D$v~=G&|Q%ZBB(mOu64w#f&a89Um1dF$zBeegWS>3WLuo?0eZ_D^YjcrNq@(Z zrt7Y{z)u;KO-*#(z*MMJD#q)VK^Qr6#objB`m2(F(Ce2lec-%kr^-!U6KX=@#CJ!8 zPx8hz66I{UIYXn;G$wpXBb*>5q}kB@=Gd-)U0>;TE7(%1KF*sgd=mAN8hp60j4{*U z_sh<{z$plhW<~WTTHaHdW%(H0##wk7Qw6B{72Y2y<=e!v%Ub((78W zqz@ObmHv#z2_JWbF6a}PsGIPYaQCH%AN7k75gfk3l57EanN5NJ& zvUm$ap{a=9qGtamDraW$!4|H=or81e@nwRg+A}YB?B(Y%HU!C$(R<4c*A06Y6}UZ-f8oMU zNNCmgT|E)xCFk0!>K*`{OB;Cylt6_eSi#;BMISCYL&%0?qZurrva>=Rik@=s(7rn- zQN(j5yOv8p&z-$09e0#ZCiG*F#Prq`cLKHkr4z~HG$kx9GVL1WM{ClOqbXrv|I#v) zT3PCg$u#ADyTE9a8Nm?!FVm9h|9}7ee-%*w?B&1{<;b;nJLG4u7c z;f*Uc+;l=CUxhSDHec zLI0*nEp$xsMDNRFoKL6F7@x>HoDnp}N+wBg&Y~HjLcrO^!{fRe->4@$Det>W6;Z4d zpgBk4NDsf+CDRX?d%pO+SN-$31HTF(No|&d9Yd2C*;I)w~GxQRxLY`yE1Rh zxC@ha%S876>byh0C>@WCs+H}wqW(03Tr2Qkb5MolBBc>dl7(A5|FB0~|7*T5)l4nL zzyJ3TME;0pWOzqe%!*A zdiv&Eb)oo<>f#^x*QHeoSqKJ$f8``w{IIq4^Do0s`pjGXyNfod&}768v?w3-rD*{&0&@Q_{s41506^QrdUdnv19b#c1~N12Z?0ep#lfXwB511 zTLi7H*m29ey5$I{Rl2DC7&BpxnY*Nmwh~PrTv7caI>a2H$Erm^zHc;j9Cy? z3Hpom6*JD@NWcmZaIggjfQ1ZEYW6(+@Io))Q=HI~hc* zzpQ2MrU4Y|x5mV5EY#HcKe)5Gx&-;V2;1B$5G&Z8?wwqo8#HGGyiv@-qQ=jOzT%-z z#{OD&l+i+ywDBI0If^{4KOHF>c`Bi;ti{6JM|3u=2D#Q$*%~c`By$^mVaw*&oTmwm zsPq!bxSOL;*=k_1cLUOfp|-&)FdBK*Bjh=QKsG2J3O@qGmi36iEXIji0vhRVM==sg zT$1A;imvV1v63Yu*2{4X=TQSx#!gKEAMjp8Fvrubuo&m6jDPlG25!R$*-%MPOmc{X z6Kkd9!-aEr1GPbyvGtS;!sk>0fnGViO>MSPy-lDx)>)imU!E+0^qD)=rX6>K;5_y%&*y0%T1E~vrx#!lyyIWg!y%0qkB^V$eS)d4*XplO0z(&(3yXeF2x zxKtIvc`ciF=@qL9&83!fnDXTfE&6|zU9RE{ollppzri_>hy?+8zFU|VFcfE&54Z4`%gh0p@LK?|EU zEsEy-S`fNWD{Xi|8PA36Z3D-x})Ay9mDP<2hYORgFnR=QuGgG-7DnY!v4?8$=DJgX10iFesDrY&+>OODoo9Z`SFNArPu^@zP$=o~MK zD>HRnHzLF%+5i}Qxja|`_A0F?{dPz@U$><5V6tbobn`Tl%|i{SRhs$AC7Fl9ft=AS zzQmbaoYyPo1wM?K1`J?fXuB>q?jqB8s-2<@OISetSc8O8Rjr^oZR*fUjkUQH=9mf3 z5N$b(2}z#wz#FpTN#Z77@58^teYja_?~>S?rS*Gl(qe`)5{Da%wnl!1uIw!#Tcd7A;EPwtk4&+E@@P)jZ6Ii{XIxIzJtEq2mJda82v--5&v+x|;Tq{rZ9%DHU~74Jz5LM^wuF5Vx?G#e)*^b%a}QHliJ3Ra z@TC>=(Bgc{$EENE9Vg~*m%<%*tl2pr*+jI|7IS{RI&>VIm?vZ+QO>-}_lAssfTlzu z46&{fQqvx|+PLrMmpYJ{yI7Nt8S&kC&HEzdIpeV_rUN#>nzV^H{Ejr^2X7df3Auza zubXYkV)7B~@3@4|RMc1s!Y(;iQSI&=;bnZRa%nj*N=6N2_2Ds^BR6$RH|x6?#i(}PO3TrY7Z^z$5Rke zDRRbv;>#t6`1WD8UHR3E?QM>9qM8@#_6by=Y6hkJQFd$0Ia7!Oq(OdE>^g;w2F- z>hCs}_1aN;5CiL6rq;0*Bn5a&=?gecx~Pw&(BTo(6|vyK;}taf_qW6<=!jI%6{nzM zZeu!`K;Qv$OCtevx4ndWuz7i4ELpO(5HSq#K&1~49+P9k04anwu zk0`*nW@kRo%&|4{$~R2>wYP^Zhw6}MrekautR1t3w*pP*QEu>$-jfNnwghd0cF|JF z4Bt|oAu5hb#fk$KZyIx!5Fzvtp&_w_!E=M7Oq)HXECV(aGF#glh@i2G`6c%T6%r}f z$3cUr?^a_%Z_H~Gl|=2!x7U{!S`NOOskK`=pY2?^C@hkP69rmhATNz>RITR?(XM8H zJT)u1K7zApSqCw>C7B((Rf-Z8;65oH@cm^Y0igrXVe0!}jw#e3HsMeY(oL^I5$1o2yv!Exa(it;QY zOeV(3Dz03YzNcg6bvo}iaUY5rHB$y87d}@YkLq~U(wXnPk`Rbr>V;RJa;~MyIl&?~ zHdrs3Fh)0w-!U}hJl2y3W*@za@q|VTIBiMXwdKaoB{fpf2hOOl_ufmrgV%ymuE@V~ z!X)}|0X+j)EH_KWg7xf`%$(lxBGLUNJ=$Qcl*0Tyt$>3>h==oDuCy|Dpe?D3UK>l{bsBM5DL=* z-Ild0LScEHk%UMPan6Vh>D~YMqNv+gKy|aq9y!M!FEiS7T?MnnyGavN-A8hRfH2Nw zGp`1wG!Jw9k#Sv`y zoLL{)ViJ34kZtF{&6=Zs9Q+VzIO;)bR6Dz-s##z4mx@xJL70L}ZOi9By8nR-vf%=P z^klQK%lO#jvR6fPQQlJ8`I%*`nHz@7@n9qituLB0>1C)rcIzDe!C`SgnQj&8YcsbA zSmG$MR8SnZ9#0ZB$W3O{Jym=F-XjA|u>+GIa?iFnfEMeOq7Hu8>|Gz^S+D2c**{jq zZXOotny(j8r#z2+QcG z3a4oTiV4?3sIKe{x}2fO@}4>b6n*>7TfV7(1st^S^xTV3bMA6+cd(52wUu;W9_vQ8 z6riV+AH60-&o#K5O-Qte665&{G5MA#O7-Ic^^p`S%19Q)UDi?~vXVh%80as6BS~+` zAf_4QN?+`m9tXuRbb8Q%%lWl8<97qe&573_$F}TZ5G8a8qhXG8HK;C&lC?N$M6wB> z>qSB;M^CCX&UYCO+HAfxL)uz4{aTx^QNIiRT^^l9fLx7^zU>~{XjWoYi;1s^VoqP70CMXqN{eX$q2xzlnLwoE)I+FjDzmi^(PfNT|_ zZ@a7(w4t{4jzUg^(u_-@l*4vIWO(AOz`)njo`mV@7|gxS8N*P>4^c$`~KjK^e4*bY~^@t~^)EvIYK zV_SbH*ykW#g9irEiqTWG1qabIWBlnu7!E~-ti zkk=Vz0)V)tfilw@ETq0*2QD9O5Yjb8Vy*BgD$`tQIRtWHY;)IBa~6{{DAs8FUI7)&d$%SI7NW!uF+>*O3`Nd~ILRadCV{vUSr z3C;33W+)>#h68+4+4^3n5xO9-W1ef%M}hO9@2@e(3pk6Ir*$^IK15FNFe7C={xGb;+_? z_~#m)jBVi{D}x~H8o`-Kl$eXNzf{X9d5!#wWX$%6Dv~xp+?&tP8bLU1%3_X&71%Ri z&as}oR%UUXW6OXz6lnne2Z-~;!a#fakV&U+#^)vPK=iYL-TU1SZO@P0Y^zaJnwW;t z!o%y@HRKPh^DJk31jyMVZv+T|Pk(?q*PKEsg)7+152PuQLmT@Krm8UKIu%PY^tFfJ zE{kb|A;KCKveIVaXp~7+I3Qbplcz3Lc@I)kOjtzWwKSV>ozZL=oO8~yX>-)?vhJp;WyH|akjaekcG~p45S)MLrrfGA2kQ*rhtEW$GF{JtqR0WGjf7&FoODkgQ zd6vn{mMz7Xx~v_SV28IR>Wtz24*e5oVr0T3VJXQB!y}%!^UFPnn_Ua7TE&%6OfG!M zvWbz4$aA7{4ksB%-9%y{B5(H_56EE>W=aNGH~WEgwu(jAki z$R~i0U_K2pyI!E>0PROper?2YDL~(QIFKFdJ%tLD%r%`cvkc9mw&+XV*ATleBmaSRpV;elMSqp=R;rl*vOoF*9MX(kW0dEqHCB+qek zqjYi;Y1wq;lo>AY4JF9l02TZl-Z`Q!ShVM4K#@~g*qGqJr8b~dx@cv!FcQN|d@wOw zE0#>jgnZ)}FF=vSU>qMO;KSV|;nDI%g7C zZi|d*dcRBWcj=#VmnKroUgtt^F?;3it>BQ|bt!+*Sdl1t>0EU23$roMm}I&eWLT}Z zC@ZT|FC9nBu(-$zpGm>4b(NEel#5NT_dn#?Ch027U62IN!ZN{&hiE0*CN2az3)K)Q zWI)_T<|;!)FU9xRkZbMm=n6#gEFsPv=zokTwP|&7EnhRG?Wi}_$#48}Q+_fXl5;u3 zE2I}ePOzcj3$K(iOPk_c+=X^}vw`(OUTeW!myjYdx%J%ay_Mx*lo4;~*pJb3)o!J|iCA3S;TaP;uuSEIv+ zkDeTUMMj@`@aB^%O|!2?H}0!CxIf6p>{mV|!?$pe8Ae%b{saD@gO48{&;_^K`-sp5 zFMNWA7vHEMm;09o4^Utr!h=&x3h&+rDbv(xm6%Jmx}4OIi)luc&hiLOZM!Ik*8}Xu z2r3~YUWBcfidd$t%U)&(;lc>WK|}}BOr}R<`@;t^e2sXlLlAEZ8Zq+mo|M7qjnDQPBKzhya|49TF zM#mzL$j6Tl%+>b@&x4Y)h|(F=Y_>ciKeNePO7vg2!hgGCC`!zo6%pi$b2p;j=ORwn z5qUQI?mPdrRY=0~8JE!ZW|L@X8Q6BWEA7G(X<0g9`32SUBeIV?aHn;_k=N{!vnziz z+TRD{@*w!9n-NgetFv0S3q)~DM~2lh^B1`R3D^)EbcBxpfn5!O%Z2QaWTsinyuD+;9R%1lgV}QL9In`da7n!`f4QQh-CEx?URF9TzUkE~0ZivrHMFtM zuxN;)f&GWyboK8%4zvvMp;ve@VTlwowMvjX46JZ*Yy1~nok+Cu`R54F76FyxhB*=v_jU%mU=&i@&jefQmWTR}rxyT1-shEv^>n+z#f z4&IG8oc;xihAV!?*nPRu=3SG(C#~AG(;$Z>&o$S7SabdU&v^=YanTs2xQLifj*IuP zni*}GNmtjjtF)75j@qZQ@(zjJmcgG3QEp`1oTc7|CKpURJv({(a9sMj#T^e;o(sK$ zO5UikB8$PF!8ciN+Y3~<(q*&k+iz&JZkwSapcT$6w!`wA&DbJis)*i0RD9S~L*i1z z+cye(MuK^ACLo*~Tl2PN3k}Y#ZyB1^(X^k^CCM1<)?5TFpyho?P9-=APGu3UHRIZ; zr;$w4TyVYI5Asy2{g_>{WMA>wfM(I0YX&FozEL26Sa>{8!!-VjzeaD@+|*aD@Nnd| zaM_%>E)OwL=ldXu*r1*?v=L60^GJfe`&1l@V2M4O+2=-ndM#UA0p zQ{}d*1ZTw91}J&pm}Ou9^B_;;WJ)H|8g$_|r$0ESq>z^-002PB({zS*V6Y0ud&GIv3@~;F;lQCc&jS=hUKBs^1x%-^{0J2aU z5K(!MwElXP*O(c;71|%!a5f}YOzB*$V&t|EA!N*sGs;0dk$DY9SNWiMSt;+Aq0}@X zG&NTg*!<|LYold@w`f=*YQY4&fyS9l-9v$rGH4WTIj+cPkED#+6hF2}aA&vAs?Z9H zVK*C^sIb{M5}tDHvNXJWb^aV3)2jn01OOay?=SKRi*$nRk^%VR%3Qx+EB;<)(VT(h zf=h8KxM|c<2yPyQ^Nq!sSdn4H=@$AC=Sq{5YMUFtzfYM~sUnIo z;e83rjN`$hNF+0K28k_b3H1~h1%F$u610ZTL66|_+K0J6BHp62JvQ#%8vYnr$HnXo zD7{Tc0}0d2Vh52|Nz7Dz*j!4l$9XnmP5FRQdi_TD#6m}8)Hq+SL#o;tk79U{$R(f~ zI41b4OA@S7G-8BZa|PFns`l!=fk4L+>?iIegCe^v5jHf!O zswD^y3up!)Qt%=k%PXNGnn3oMx8S`Nc#vm8xafGWJ zATcbUMSwEaG2E`q3P?js0i>;^KnDRmf@}Q_ZEU0k+KTjqw<7%@u1L6)niGhXrR;ft zd{rdd@$ny+%+3NiM{^eEiBat*@{*M>*;{92c!SJYfnhisx>c+a5smN5EREDd0OcZ>LpQ**;PT`3%Z>wNhWhV zH1kCze~@?dJaP^r2<&H({2q?}_nvj?yK=j2%mU6)z&2f!VrjhRNmdqIO4Cd$>*M2< zUevM+KFcJATaW3{vniIq6?Ppl7L$XAqyJsU%^`UOStpZ#!H}e5VpNI?o&Xkj*HET; zrspi%BTOjg8fs{*(CK?{-i9<#(gUATJ9u;X(yC9- zWW&9j2b*PO5}k94N?Vq~ zjh@EKy&hEfJvWs$>E>if>@jWjtgr8Z9y=_k33ZQbb~!y$EDyOO*m?P&GoEf+TLyx&c7#v_`LTyP!e z&gHS-4aHl&+zR)mwqR)oQts`kd%Moq)a(G4;mw93nSIJ=G%u>#tjEk@W1r%Qf*rfs z6Q-}sg?EcGr3^6KUzqG^o3o9cX?TlINh|y1%_)1E9_T-2LBeOQ!$-`0d{d%KxKnLG@r( zdyajG67YAM#v%nd4MjSqquF_ez}Ze`LMqLpUN(WEbVZ`Z;VuSfou3AhL-q(KQb$M3-7#9 zEOS5JJO#CFsiRcTXGcjluGV5b4}rYsb&WX;Xbtd0N#=smoNR}b96tX_c}{ODv3_|m zzIlDp;~rE_hFfjG9b4v~VQ!J8fq-qr6xPdyh0k&u?!9}o`S)~btJzxSJot|xTuUOE zvEdaa8ygCy_um7ySxT4I{n+e^rOd5W)O*yC_*e#)+mA_azb#Nulg3mRFFUy*M#l7+Gby zcu#*{+09^i9t{4Gvuyd@_V&A9haWJe4Ka|m%6LLsM`g64J+cMbv!iS4h%Auw=bjCw zz{lTk4j*-vFOv4Tx$UgdTP^I;H1IQ6UGqIeL5HH(-F3Cw z+H~)|`|K#d(?+D~@o(u6}ndmuD&N*cGywa9;_!*_{Ipow|1Oz;l;ph z9IS1~aWzA2dN99x!WRi`eFv#VIwXkfi@Y|K!=x6sb;!eRTJvCk1xIK7+MyPzPEJY2 z(7g;et^DJsi@fj&eaH_oBNkD6&+cN3hTU_SLh;Y;6Q}Qtk@ZXpotcdq7}c8NNM`B@->G#{^?Cc{JB&wHkurzwu8^3B&Gi&GqXk*K&zXT6LW=; zig0k0R>i?L!_lL`i}UdwIUF5)J2wkY~46fo|NGHrQ{!gA^&zqvZn6QL46 zEjX3s?Oy?^v|`I$Di;~QMDG+lRP1rmF2j0GMJbtJWA4M6;fzZatD$biBXih6%>no+ z$JUX(t7cHWa(JbIQU!7bFIv=kw&EFsirT5!rNdJ$WH$UB+=paFwh`fBdx$^p5%?X= z^;pPMjakG~@9wIG_E~@FtNXyF0y82Y)N4>B-&phs1^3t?d49=+yTO@;T*G_raX(Nk zh13-sZ0k`=rqwfgNT#8yZu<=1uJX|54l(P{B^#ka-OtSl)Iv&I z#Y@|xUGrrAs~ocK-Y9o_g#S@Auh7BS zoim{yKPB(Y8T8&iBS98XfQ7@@NVLe?3;EmAeSnM%(r4I5bDOiohf_L-LRfLIxdM#M z@yU-)zEXu@RZdJHXDm(VpJK?pm22_mPz;Cn6Ht8a-hxyo`0jP}RbBmll?GGxnJt5# zea+sR5AUxI@VOK7Vd+q4yI+)c*QdN{bQD+#9PJZ+y%KC1h1cn1aCvFXR)!LN`X2;ST{@w-w^n*G#O#`kc3p>tA@vKre_(5slU#n7ln5^WT|+#ZYZM z)Dv5Ta$tTgTw=CaINoB(Fe$(7gmArQ#{-0BOy`+^{O4IFvu^M3E~}S)TyyKY^}bz! zi7Z#F-q?H?se8UVIWziE#*{)xHjMLh?v}*@E2C2xIbU)Z?jCYi2q$jJw#SJp~JmY&GD<{yZ9KQ(Mn2}O{pnn4)Fp48v@6f zHG=PZIF0oQZvP~q?Ohmstzqpwg4+9pwD(vFF`rH$KHUZa^yJcUrJ7I5NZ4Y|QkKyK zCw3*kK&p=5&Yll)i+YskMv7nIEx-x)zgYi1$3(9<|67XkcPzN!j#@KB`b&%M@9$CBCvf=-30dy# z?bg$?Y^{j?yN&1XKYts<^8YJE@~;=i-#3c?3)v84-3b0Q;`cX=-oKCCzmMJT6}#Ur za({!k{SBk`Z~b&xGdQ+a|2_Jas=cqye%dwRf$d-u6K1aica4K~Ts>$z0@XLXHnYkO z>#4&ADLM*|EoTgao%%dDMg4}evDtwUF0LPrDN+3jK!6P!?AupOI5b@E8U%B@i1pSa zOo*d8V#xd0%-o7t!z8gi4(c>4i1XkaSw$<*WKJE%p&c$2%fK*f6M0EH7vv3_a(A~c z=O3D|IlbgEBU~MoiWToL!Ib7AVM^gEqg{4O%kvihoi5u+SyyT)Xhr=C01>!}nIsPe z+H=-QylGIE{q9Zph5g!sG?+8%^8D-+^~bBZ+3TgJ-(EYN^anQZ$E7{@*1a2qb%Wu$ z-5-vvX6K9gg^MjCzQZNULadG%*EAuD&ji(`jGO{4_XJTd(uEXEXa#(nQ!ocR{EI~< zBeN*^G^mcP+w4SB$`e&K^@CTC)fh-Lmr}t4husxHw5!T}vfF4*#f%Yo$uf9(+#^wd zk`1q&UbujR>@E4Bo-fk%C-H4jt7iIODfXW?(Ba^bf@^Pb3ra#xQH`6kU~7t+Sjwo% zt$j6sNv7mN$SXl+QpPxuV1mKZ5Hq_>sA7plEn&?+m#$@Ity%rsJ$B9Zh{oi2G~y6;YH6wv*= zRH=j;@6X%%!yT0y4$}r*mv1bL!}i6LNJf1+W`-+KW9BB(MzwYkt?7aKw^vCnF=fCpZf4&oWdVzoabLSm<{%g-h zc6a~wzZyyU6p1R7nu8N)^b>2?H|4!P{<|;kGkA~xj?SkMxnN5>p?e_spFA2c5y`l4 zwL^g5@-yR*yx=0gwl)r*kRX;(o)+o11)0k$kR?o$d;#5J!U6M}bqj9GAxL_l?sq&h zH$$_Bug$lG$KFULo`F=em$FFj*qAnTh4Ay1>b1@p;O-n?1-QxJkkTS zFx#?og$ok5IZWuspfVmjCOat?YPW?a&0^&;eSWQ(P(4qrx2Hw%T6ZN@{A`f~;{Zmm zxB=hLktd*|8Kiz1=IwZUTF`bA*PgEEgkG@;os^KiHm5}4|L6GCOZ#l85s?f_t-iaj!JQ66UoY?e{=WU5FfykiPFNO1U)*#e)fY2=?bC)w z)+d~^9-hYQ`x#?-H*KFBYP7|@wL5UG%Ukt^E>V~1nE&4Aq_*CAp=U!ws%DoDX4vV9 zk};+C>4NWDhzsYH;+<0P1}!smiT+FFXZ|}ggR9p+TW79$&IZ;=tmX$~)yfYo6OaeF z0F0Te!+UM;-PF>mM zAWHZOR~z+*E_Rpiv9)|^WVBUtTyZUZhJQPVI%(6TX|yF+uNl(z8hO^sqjL;EON|9- zwlNRI0y!ev+b}gp`}_OhE4bSKQ1Zc#Kkk=&_tpM~(%(iQ`nc~#r}j_%Ij-LJc zowWbKQ3Wk+Z#P-yJH&XK2pIXhm*MlA%D@}D?Sw>}d z^2&Z4Lxs|cmlMUZOF&Jf8aDdMCNH($ynG`mP)F$!de3}8Pl>hi5km`)SV2s!)Y)+N z`+f`Ge__XOugpeNKEvn+8`Ea}XRJT4(Z7(kO?Gxdl|Ij?P~6=gd+qQSRB4O}0>2+W z2<@A4$yd!0folTa&ZLIm;L3}mkG9K2%(7(3#Vlymn}tuN-aAN0jb?2S6~bcNnkIlO z-=JX`KCIeS;2?`4w$N>{O3tCt9Qy;);$|D0kd!Iag7#6~8f2cQR6y=lcucgF-J39E zt#w$V6LTGh@p_&Q!*}GAF2RnOF6vTY_M|>zR5dHVD>?qLxYxq{3~nn}XaT8&3-XMn zEO|zieRZ%Ja|Bans7L#}e@T%UOu7!9$`zmq8`;QWLdh(r85Nqb*tD_24fn!&BaSF` z$uh1R?bDUJ3lwwhz1 ziD@V;JX)(=LwlIeZ%WRyob3@HXOFxQAOtq1t2xJSL+ai_DupZ9%nxLhkV6~F44P)J z!cVDKlA*6X1oySTiUtc=X)|%uC?SP|pnccT7c0O@1CVcWJF z+jcUsjfrjBm|(@WZQHhO+qRR5CbqTnJnviI-rugee)X?a)m`_h?&CPmD+(~VS9Oow z&LrCxV;BV&9JP*AnolHrd8MlFZipetB!L=45C+y+8XhpTFMboYMUMnaJl@&;Agu?_{kv@|-5 zGww|vt&y@b*bOiTklW>YCh9WG1%#-_QT4J5wWDcX>?(}MJZ=gsOC4v-q-jP0%(c^S zuAzfnr?&>PZ@EvP)Y33r58NGKkG4JF)lgH6-ZgoMTzY^hhfc=>1CAY zqAnN{31tvgBgmAQ|Kv%TY{?2vB+rVV3~ISir?_-X8^W7viz(&=mv4LuJ;K4cT@E8` ztd-x{!a10z9?Y;_?6jV~= zo7__CnHMtLI+j-Q{Ql&#`}O*4E&LVowgsPG5^099mxfk?Lxm0Q`{YIs&~+yg=}+YC zQbJn`bBHGyO4d&oG=$Q1bIPz3v!o7H%`X4s+M!S!%qBDc=i_}5D3=*b z!^)8fz?yMj+p^@=wP42&`E(}TS=i@c?=h;r>5g8519giAacK2->T2T@yTsvdB!@`3 zM*rU52_5$vShEA2-`RB1>+zc*VS3Vbi^+S+$PpliDkHS+9U7!vujZ8~qzct)%}+1x z>ZFswt4>PgtmBxVbdW?*djfK@+`@OPFOx>5p(7*|>04*dvYR*l4y|H9A-dY(u+zdB z0ZEFA`Rq4jh?NjZZxo2P3K^Jo`RU5&L(7?i{gfE=eE7q*h0Jr-OB1TrK*1eyd5q-Zx|M2{k zsNPAd-Xqci_S*tOo%@44_oa=CgBdqdg3rrKA&AN_j4^T=qTzqB{aX`50#9N1Ckqq{ z#kG&OAAaN79YpWP%^!iZu<^Zv(b_Bia~~_8USQoD|IH|<+4}1_XfzN{jq$p;h5aVD z0$Kuk^9-kl|1Y(l_(sg-@p*Vuhm0lg_P#kBADkZy)sIFXj78}Aiio-j0B&DkeYbEr z=&1;N5A>S4+E-@wf~{vCq>P;Q1=?}Bxjg{w*mG&bNAB1Izu3I_i_3QC@O`%jY@;tj z{x_+{$dM{A`<=)ngDV<)NqM2}|HbxbsGaQp!S+)Uh`&fftToq>>t(dJ(x&DHgX6UV z!w^c+Wn#ykLJ^H$aCU`4h#WCk4G#}SKM@I`FclLI1sE@s% zUxUF`SKE2g7-bP-!aheqg$#~88G%mO2EQqgb+FhHc!&x4`4nI=@bly7@y(@7RT|gt z!akHO!3%P^bVF$@H#K8t#WJ!whW}(gHZQ zvnJ>E^ZW|II@)z+Z2=S}sS3?IZ(v#XN%3pLr_}Vssh<7VahaMM15&F&=6dEC^iodz z*~z89T^wWhF&!d-KCI8I4ITQ278?^=5l4$_xe3~~VC?$F6;|~fGDs1C7G4m}=v@6# zlsi6>cwgX#*~m?3&@`+dPuH{SMMqSC`=e&C?96dcobv7@WS-oB4i01lYJjb#Awf5v zk&#RT$p5+c+ip?mCPWE(+0h4JF!Fdv$Q2{g8B)jcaP3A}mgb2v%R2TyIuN3v^Nlx8 zE%{8*Yc|xrSP3+m&9H$&H`~t05n&K_Ei*=c|E+c2WaAi3rXkB>r_*6SffIYv_Je<5 zxSeu}<*Ut&orNs~V%!>$crU0hX#9hW2^0-K!ho6BC(;$CLzIJBfp=Vz;ZU7b8IkV) z%N-)Zb+ze0I7n$riz6qzs@x#Vwu*n&j&0aenUhW*(kl z&dfoj~K*j21eJ3$`;^>UtVjJug(A331cKdexI6L}^UC2PTs!;eXuT1V# zUr{|z7_;+73Otv&IJAW=rQ9{NR}CbhJ=)o|maUIn#oU0gr)KemQgdt#C0e3CLyyss zUAfXWbMpatJwSY=;2aT<@4H3Jt)6#dn;!`2^pEX;8Lr|Ss}>qNce)Sm=o+!p04)vW zSKz=vM4J#x1Yb6tANIJ#~D19bz+Rk+`}vbz(Huk*(llqbs~JE~lC)&M?KwQN3>4I6f=YG1Y6 zHs$x(8LYu4b7*Sc+3}mzwG}VqYE@AZThLpzOTbOzQfxD9 zR7^Uqgi}~nX!tsgS^WoJBdqYKPj4SmWeC*PFDeE1miii8wC%IRt^cD*n)3wrasuP? z&@ouPNkqtJ-5%|Hn0!m<-;uZRz{zLT<@a^Z<@v|%(YLRi-OIoEKf~YO^Miwfp5Nb{ zFJ3m^zP)2t+27ay9sch7Z}&9EmYw@ubaUtTXI#wE?v;A}G26|{W#4zbVH-SNorq7f ztIzQ3|BiI9?O*wemOYP|p&B*)T*X#T?ixC0-QU5*hKGpy=S@xQ-rs-|Jz3wk}ZnkbvPe<<5|urLn&4}{aTQsl6H)7uH|aJw2b67O8U_QnDu zGnfb=ZZCB~njgVLY2HNQB28m?U`-4YF=di;g=_#LjK_W?X!;GKJM7PM$Kx!{(P<2s z3lUfJ-7G{&wEF&KgEp0@@!$Hszhf}@HKn1 zU(4+um41SH<3uyX20CnN!LNY-gz27eK^R5AzY)B6cjreQ$;rD#qTXjq;D2B8xK}Uc z>11w?xSs#bk|jcY0)U*R#FW}pf2J8^Y(Dvv0H(a<)mY6mN`hOZVAlJake&An&~E3W zDt?$s7f&(HpnW}Wln^Oh!kW9jR?g`s2jaWCT6e~qUdQ40H3~D-?d7j6xPN$+N!;`EiIj4sfVh`*S$^}gS7+5Y)U_f zldA8}6c+;MYALg8Io7Ak2C@=dlMa%`TW8C&L;5of%@=R_;%|*&|G14tlmWQmsrPsE z<6a8x7Qy>vdWRS9n`KXKOmKthWc+{3aSJljz>+BcwuHa3%f12WTkFm))w~Hz*``AA z&j9M(Ov;C46qt+9Q7_L)3Yn&stz5U#)78^U#!> z06b4MX8m2l2zdJqPW#w;|BxBd!3wP#>MKAP0O z8$yCZR=H7*-3#`rOWOemzq!E1gL_AZ4g=__Em9VO*;4j}vEi4Q$5=a@db|_K{;aC` z2ahw|!JldESFy~{3&(0Puul!>yxs2;a!#f|ol*bw`^3+2*QbcL0(M+Sz1BWeZ0v#;uQL^3%{h;O>0%5t`=le$G zEs~O40zz>6rbWhsJdP^mo25fQ{bdDSp$BqF4Plm6-%sQZG@P%&{Mg_+*}QKnq6rtm3E}SCP=lU^pyKQ)w{UvtYFYT}+DO3d_Lh3h;Ptu2D-GgOx1h}nPdf}4cug+RW@c`|S} z>*{JCQOZ@%w40L*=)1aR`ZGyJjUX&uDN zS*W>We(Q?ck$jMCS8vzq5_(ZR3Ys}!C70)eCu?+ccdaU=8L-z>roLYGgsI_|FW``& zcwM}rzJk;#nG;E=4dQN8(pkB5k*Wl%`U)zBm9l0Ama`7%_Ie4Y)2*Z>-{+#?VnPQ|IU@>RZN)k$R&ygo`)B!M>T!!6=Rt6Jp}DC;f$FE{s;)wbxAE`Ixc=k< zL#^&DXMHf-U{|`_zSUZ8F1*#$gB5=5wSVR3$8$HkJf9YJcg`9FH+R#l z)L%*e9-KpbHb)!R`PZ{)1s~y|O!B{K(CPw`{+q=YNPzDjR#u)fjq4xY5uSoX_nFCf z76mBH&<{D}G~2kcjWq_6AQclN|F+R){`?-b{nk_XCe($krMTZf?cO&<(%ICCL_c)i z7~(3a;EbE|HvAtqXeTAEKunZ*be}=Sk{(d@cTsimWE^cLF5-njpcW(?mA%o3El`)g zd_~7gS^Gw00ztK$)r^Q1WOrhVY&c6LoG!Y3We?U>))YQbG?26aHaZ6~!bFUmI8J1r zR5dy{?ne~blA;}h|A%RnKynwJpzJNm62%@XDddPeUCljInicqUFTjpwiC$J@0ZIyh zQXWW(%x>xidQ+xnwVUudA;=&6HR$d1Xh6z6`lR3K`D=zTowgddZ7+E$%N%P<#$|^x zrJb--zSHMqtB-1iR|?|uneuXEUDGLgkc@#+!_fzH0~D&B$V~(5t&Qu?(`POU3H zCBp_st-Qz1>V%@hve;I=*_S!`=8B*{{P=%lA?HW?%!h7A`M3X-g}h#WWTEW;%0kB! zg#VR=D%7M>pXU3I0HT%k>oje1vHCIN*GgzRnHCaXwNrxYnGTTs7#>KX}JU<^`XSzE^MX>ZuUcsK2IoAcGvaE@BTiVfH2 zy5D(u>Dr6HpBKwIpl+3%Pt+1KA%N;>4BO-;zPf^}Npw2Pi!0+FySaI-O<*)AFIDSZ zus*+EsOOBKVwn<7a`)}%xK+8KRbfsT4Z$C{+&!mk^`OA|9)SdK7WzHD zj>z0u093f<_-|I7`pxwrkp;zT5+5eUxlYvweJ`I*SuCfUXI*TT3=kwMR;odgg2yMeyjoF!N$oPTy-WX>xdYa->ot8>5~52ft@4?1#us{cK$fzcLGa!dY#N9rwXk+r+a=C8Jn=zdw3-b43`~D~+TkvDh0w)_YQ;{U+jx zx8pu%qXmlYXo5np4s_gDsbGNigc%+TNX6W+MGhQq+(OS@vKCxMb+r*wHG0Zw)slNh z7qV!oIVE7f&!#DC0b}m(*#;0##~%DV^OO;KDE6)Oju))j%hQr+j-MrV$}QF?HVN~Q zmbOMR5n0c@5S8&P)iiyY9x1D#F--w%k7$wN;S-E`M5-XwSf(Vslh0zM6X~L8&3bIw zq))W;W24gWoNCnonJ;Y1U-a{MLhXi=S`M)L^v8T(6S&HuTH-^Z=HJAdk&h2>^%r~3 zGc(HcT^(+jsg3M;Z6Wy_{Ylb%P4?vuY}zvWH|Q=( zjxRgIzj6QgX+i!Q*q&@u>sOQkEk-oPpnkns@OzF=vQQzFpGF|earo7^|I8`hck6>o zve_E?a!=sDdz+36s|b}H=_ZAGE>#+`vTbu($?Z)SmW&AXsDpGDk@;{>~B4=G)$XYOa9V)XEDm^a2Zi4+CLM_!rltYNd>crUMWi1|otatJ;4J4bb}~J7 zMFON+onTMP@xPc@2jxo+o>w8R)lffFK(C5FKLuHP<%dcBkG;jQf%egG%+EMfGrDu{ zV7e>u_86fgE*xn27AM9Cw$j~Bmi=`%E+pwKm>UCFL?0%SrJI{)2V%Hyz!b^T z{0fMKdy*ce6A%pwyP+QgFW>9@xK+g%=}EZDUj$Ag^M-Xdl~m=;jQi(ywB`Lz<0>D% zSnz5&gPmQHj%(y+nl`{&50LaJW^>N9Y{j#B#>Q-Rriyf^^y+qL6YBLD&QjqVOqGKC zY-%cvoyaehY)8AMY7(y+s^bGfqzzaeeU$%5T)=D5x+Qf2raux_+t`o9H7k_6zAHb2 z1h)yPbd1_RUb_kk8;XsIGrz zE8V`~W#4Fz7F!KrFfgVbtVq~0*LvVNB5Ozv$r;a>4b_-@g$r$L!>7R(0`Xy%wzZln z6A4TgGZRo_RQc+fk^JmHPncjX977p5LM5b{f_zb4&u>BARk^8BWuT9G#c)fzn>MB8 z12@!`w8kV8*8X+9aJQri$c15?+I)$*3<$=qjyBX{qSs}tT6Z-U+wM4I*_N?1CPd6! z#*FYk6NNI=oXdWvQQ@9d49|W03779KkV^1KL}PY;G6J>f-L6~~wmGH{DL>&LzHPd~ zb1+_d{8TyoDm~a*))4t|CE+v)%b#OYl<(|}H~JGt+Z$RJ76^69uV0sNHBM6ulJTT% z%sFiQ*zU;&sH#tDHZg&ZVF!FPCuJSrF^8IeC0!8+n0L2tBk`Q-!*iK??-e;4B=+P* z3$y#nXrVHmlG{l>8~kUw`xD-T$*iH0oIulxvxSMW74Qo|9DV+J0M@r=bc zr`zX8mb@<>bjLzA~rjzbOl6UL+rfk?m zQKpN7oZM|r!1mv%NAWVX68>X=33Ac7rRqOpXf0cj-eo$>>dIu)Ng{dAu&}(EBu;(yWIJ{#Z0g6d6h4i4A6PZUO!S4xjDwy}@ zQS`7;5zpse98WiFR^X@G9Nd_TcltM>7O=laOob9#OXpbPj&3jdPK9XMc#N^yqb!MP z1e>WOtwyc+tU1?c4JQe`{_Lc12Wd%sKB48JzI6yi4RXPU%MVyFprd8$q!*jwmpep%@2^dP>r!QFM98+obF%T?=7V<%8 z`IEv%xIlH%cEg&zzpDW&wcbzae{-&VZqCef&hKsNe|OwZB7NQ3cKU99mcAd7`6ZG)em3S{5s_#!t-Wa%xZ7**FD9(JOTy1ln=+xR zat;U0z1K_ZoA3j4X_BdesCS$-U6#c7pok4e!2LFEJV5YWu{8G1h7le%!#Q}Jpug@1 z@7ouv#Dbq4&uJRCGWODL{8jc0c=tfGgWuS%=|Iw7lXa=fVzhGa)3FXG_|7u_g5F@@ z?oAM`HKo1R3F>2w}WXC@w~lK$frk`xoARi>=N zN!=JNm>);dxUsY|hQl3d2idb>>M+Jv2ZGqF75X9McJ+y6RYpgC*#F@pf$G0$?$5B4 zAMm;SL*!*!`!WekWeJG3G}jmSHBT}(CZK@+Z8@v^0l6#IVZhwr>1dbIYKetMe*j(l zO-_ayf5OjW(pG3JNHFoQRp*2XHw%a|UhT&nKx}=w@-!ZBQw|prTBcMpi}(dLXj+Y{A%sxAnZK z?QFqT;FPj(j}*B_ei*1Eo>iA{eOS!c6T8g*{LlL0HqakyD5IMK z>7WO*i+irsH?5W;VX8a~H3eL7 zy_IeLEHZ2N$$U8S7Jtfoc5mQO7`DDEbA@|aU{e5&6Ue9x&F@C$nud6J`8Y5T%N&Ysjc~{RDY2$>|a00HN9q=RKgWH zZEZ6IJ8kHAwYKfkFX|=I(y|vTnqbOW?<=O17p5To-%PqH#^$G=zRwFIk<5_s4`x>P zJ&TQ|#G3;r{Cx?>fctLqw+ehfPf914GBQ*;gPivbD_X3OB9@^4Tf9*5@jEs*3Za+F z?cv{fAcZ_Z3<2MVh11Kwz1vm&_<8)O?@Ar>3~#m$d;R79PeDFF{yi0TPq5YJf3bF- z7|YAcEwHX#CqoRB?v2nlzMfZMh|ZNh0Z(6ch+YqZS3zADuS9wY)AEv)^pw7G8mFirX~i$5Qky@Paylv&dxZ48)o62^W&n1<=KUr^5yYmtpvR54d z7t$)IkTQ=I8fGI;zNYmNK!?xcQAzIU-r=67n>ra!(@}J;~J!WqHtV^7*+=QmLdyH&Ho} zdBM_XWQQsMxVckUlIJK(ir>WPCGC42?S#gk3hzvv#^XJI8-b?_I5}2{8RO|*fWpwR zd~-*9ZvlmuIMarr(*dH}1160{x@yQ{j{Y%*Iq5U!WmewcAtbhu|4UnyQ$t5G;k{Fs z9@vinrj=d^4%Iq099n+4{&S!~7=Eo`p@$-IrmQC8EEQ`MrVaZgI9SJzMvjyh+|FVY zBRI!J0MHmrTI$PyG^!gy#l3KbQs?A}))YWyD6iZM3U%6Kd`ks}`a(dJ8Z?HGdksEm zTs9g>SfmEnCTEe8fv`hDNqb3R&}DqE&Y>if+tWiSlK_-EYxT0FX6GN%oqsP{_HHH$ zXtr;EG}=#fes~gubSdaa zo+Rln_3@2p1J;a5L?rwsyGlLZ{Z>%$&pLC5w(9-neSI5W)mOjrjYUL6yuS8zy?woS z?ls`t)(7eRCvA{--n0!CXn48WZ+Dz|9TeFj{bz3Iqyrmb@Y0bN4$|9KysMXFXBT-h zspIh~tY1y%z5r|Kq7qyghhs!AMe+fBdZT{bsQ(}ok2^M(xhrp79jkD^Htcu?QvQSW z=T*{i@T=_CiT?Xh>KV<)wrwT$dJ zIw!m!+&P0qbq#X1yxC=~(@$jOn+p$@nTVfTgO8Bu-&TJPAFoa49lNM+(>AH)aY;!M zS>E?HvlkkFsk8h)Z^CJ9io6Dc0Rrn812FRfXhR5@aCUz5nSFFu#@SP)0gF6>PFIvx1yLt?rQ|b2+?M2w*i5 z;d@Bod4Q4lRD#@K*P&83@X=O|0nKN6Y(SM7|3Vgh(c`Yx&F{sq+J3Emt?aeUbCFF4 zWYYh(kdp5|?>YQ~1}->23l*TT5(QRhdfj z=zY5FToB1!bS+Nc^!iLaJd9eaZ6+0+QutlK&2MENtdXW>`R9UZ>4a^0VzjPV4lDz# z;Pt&L?P;=Qd#xGsJZyBWl<@2P@|BRV3W&-^UIbBXGj)* zp{7~@;tCc8R@8?>znB@|?6iWqhDUUoaLnu>9?EBDT**m(kkZT3m+lB4Pp!ul{#%_MeLu3A80P;mGeaI(a&R1%?g#L6n!CVx)7iMQ& zwUVo^t?d2I$Ze2fF{FBkUkFOMibq|Xy?5S4pOtmGz3%nL?>c0SOc^by+T2pu?hihB zdd98x)z2!e@e1MoCj2ONk9e8W$5`y>HCFi<;1NIKF#V<2s<)2HC0=Z{ILr~^QQz(A zSfne0!1Ya}#ez1plP<~ns)Sx8>*Tx3z)=9hUZ6iDOOO-yjf+&t0y#lC?eywq$%C|{ zL;vl9saCRDbV)#w&Y_s*x}+;|I-L- z7E5qk3M{J5XAQS=YLGB$b@l>7K*pG1SMr*%6$F^2khaM3p_X*(v{5r9!M|zRm_{j} z)XON-ht1ZaUWLb>^^)09Tv%0F$6ZB;Dq;O?QT`aP3FB?x9c4IXo?RmN!?m$3Q8XTD zH_Vslo~=JQ0oS8d4KAIv8f_O$g2q=sIZvho zAL~I_!)9f{WyB;B6an1zsk2~=UsLWGj9S z_mO4QQDUE|WygURVoSx<8Ks9YP|$qI%#$n8o=|wAtp_j-oqnW0<+myGr}qTglb+t4 z95|_H5T)g_NvVgP8f$_Fl=6sZ+$>xWBN|;V3SR@IO;SF^ARed++>LiDU}Y`{#@gmm z^JkM+Rm_+lPo|?_eqVgGvR9)h1gY76S&1Suk?jcogmg-Ooz#(<&zjb-oZ0?&x9986 zm^w00kYdDrWQkuKRvE41_u{=5JRS9n<*0+$F01Z%y4b&qgj7tvQ=QW&1=z^)CsQ&6T9)U%Fp`0zEE*K> z`LzAggZ=jY_@)#)k~eAzq?Csh_0f@GV60G6m08b+|51@5PbJ3#8i^yhJu>X`Sqtkw z7wYJZo?3a06CdYkyENuKO#2VN{?|qVdDD&svO{1U^^7Omd4nf5@cF-Oq`RS?wGi#~ z1i3aNoE==q`m5ohQW(rFB83=5r{H+uOVkq3y$0gOlVKxy=ZMFLA8n#8bA}xzUt0qR z-Ig|GvFP|DXu2b&ED(E>jxq_=uG62OcQfF@!NYe{V2;UgKf;queD+-%6aa-!WJ|hc z3d>a&Bd~bxVWSCqy4Vn8anvjvAyBF$N~fL_TO-WWK{OQr7n2N7qtcv{QO8T2)yMDU z8rYd?n(pHimyj*dnH$>JjwD5Jrks09$~fK=(T|N@u3u5_4m(ffbVF6=ST((0zT|8J zU>4u)>4i|nSqIWsy#T!Gqmr<-hA^})ajoAI8Y{gsr`!xMR)9>kFNJ>(e(CS|;>Lpi z1$#q)g4rGZUnQyCvHnL%8sYiksaRp#955d=XoMowlrlndR-xs8Enuqxm3T5c6_EeY zl8$#HXsmm7!_?iCuUeUXcfjK6bDgM8yb5*K&otBr;^a;Z4Z2&JWZcoWMw4XHYLth# z(6VzgEZ?T2A73(*)7yP+@#s8TwXa=oKD>_+(^joUl4o!N#VoOtC2+LAQ**xf7}PA? zVhP_(*NgGr?7leJuH^A?GKPa<^^ZJ=9g%a#Wu6@ntE!=HZm}K|jD?@Q<8CKQPrwo< z7&OFoauD*fX$Z5Fr+W%6@ z!MAi@%5en;wb_{Z5`142kk$pbSM9z92=tU%9K}HdBJAm!%Kj37A0^Bw(@purY|){b zV=Cqfpyg9SGbKP*!UDcJZ~>Iy{9_ir!>b)U3$xN?Dt2^kYZh<8V*B2LNv}_V-v-G4 zmcGNj#u=Zivx;AV3K*PL0Ff@Tb`cd*cB~F5MHcQ-R0dnr#+5Ze#?$-SVef!O#c?=V zVg_D3*aAT%&bX1-p+~HnZq^_&dg_3Q+#ZhT;A+-{%`!(8#;w*Jw3`fXLX{c?w&E0?JaQUTX^G&rQF>^F1SRWhO@`N%;V)(veYB> zwIJ7Nj3Unm%O7aME0GycksKJ;tN|~pfjvN+q1#-e2KIM+ID^lR<_fxP6*t9mxB4{D?X&KMCE>KsUXUbCE_n-lu^qFL$RG6 z<1{XedpqmnYjD-~HSn`i$la>!UNPM;%F|@ee4_!6s350fn}73u@Mrf2<~CLIR&(l& z2~7KDLayd}TO;=Qfm5jr6p;<-kzke$2=UGL7AllrV@Rd!OsYjs4!1Eid)CHFen9(|7R4ZEgh@0?3X#C{x2dRT2(I0+n2M7LRFgA64=0`M80E z{Au7vCS;3xo?`qTN!_(LndNn>J6T9T<4J<tnM9*Z9qcwvGbPb5W-wP~%S5 z!%L#;2#Qtt0v}iSR$23p)8((nRk|C{QBRUKbs7qvCe_N!Q#bL;4s8G9{cC8Ri4kx+ zUD1X1p;Vn}n}`8U={!O?4or#f)8SbhT(YXUZrz(j@s+=(sNuLZr9NGnj%}4cnR!RU zX*)HJ+40*5HAOe8okvPKy}wk-6-*_?&R(_B@JSA!B~P8;sued8De3_x!J_S5Bshra z3dR~4@3$mjX#8%h9o`sEGa@Ul?^{v`b=nhKs<#P}Z3}zUj{PZgN+p3E%jEHKN%S~p zD)5lJ3>ybh%`uTJ+*wkX*09zu;q)8mFt`jGa=>lVku9B=&IFjb@|O)P3(L>d8@|5+dOleF9|=E^C4QlZ{07sIp+Nz)b2X%6nJrw zPeR(>cSdG$IWy37wr1$b|WGo%Z?RSEAf*)GT}`(4i)&^p+@PUGIDT^uqd2PV%7OKRL;W zH3}VJ&zay$p2>9rV27tMTwoysqmB#`?sG%#Bi1;neVC9Nn#P->xsXKQ5(B6s`QZdO z@5^69!4NT8e53<1%H+u~cr3uS=ci;x&|*IF4vldn88l*M?E74WVItQt%#A{fX!aQt z#^Ow3AwnZoVT%fJ`7X$;@p5j4!dONC){h`@B7l2GTzbhg^=EWnn7VxKhM|P>rF_YI z1|fS8ZO9Y{>wfPlvW|}+y;KePB=s=Pp!>lwf=J;dc(*js2Yg=pzl1T$iAE$!>*8Yb z98&2_x5%t8wd^4oJrKosG>*6&77eB;F?$hKO$yJ{_Qde@a~&vpKyB6&FmQ^l#Y*Hz zgvh+KY0fYM&@y&Sa!IFP$TEzxxaN49)8rOocx2YFNC!o(rLM?s0h~;cj#Wj`Cy-$9 z4DQ%lqk=3n$gg}d%_fxS7X%5@`u=z!h@oY@jn1XkWh*>*;ot0sTDfrNZAqr#j(Wu3 zMltxA`^2kvY|0xk9!BFG1mqs2onvuXli1WCJ5VRAPRf%Z`#9axA#~7Rv0K#-RFKBS zv{A_0IuvIQk*5dPi)Zi$;@#~TAXVm`T(yl4O|!w`VH(*HTpU~f31!LMHdLmzKyoK2 z48e=>ed^~SGbg~iwIR=!tsFuJMIc$ewRe=Nb?QoOyb}iWsGNR_o%}8tT z1dhXhIfUk^a2ZsK5_{&DmMs95X|>TIrY*h*{3s^A$(paYkOI|X2&hOZGvMyuw%4wq zM_EdKzXW#l>tyPT%Z^WbyLaz>ODr(H$~7#$GAjPO#bzB@nfWAPyECK_d}#}dESCmN z-t4(B99|^peJkYRI|X;oT2yG7$)}=~^c_E_0x!+wseLiP_Jy&fjez^upcYNdRV6D2F>h`pA zbDNm5t{*@7I>ut2C-!Am{Z5`Fe|LBHGqu$*XRZ^P_L9u`WF-Igt4&Xvpbc2XNPS!i zp#7^P;NB3V1(MUX*dVd` zjhj#%I8UjH>)#?CiN{t|1r1ynbEkyP43u%{YV5CX15-9ztfXcw`E@wk!2BU7=t0q+Tz^g!+u{2prR7>SuTP3foO50#JXEP`I@)asHYEebbn zp?S#uj_V-aMnq0sX9|TK$z2MvfDuJaqv=;bX*V;Tqw_rIm+5(_ z!)?erjVmCX`LXJmEwTbNZZj_q~)rDF=cu~_5L6Oy5!+Xx!x zks^6=)>*##{)O<3k3j6aJ_Bbbv9ee{GDsmMI;=lE<0!Rk66tl$7b|&vln;J_zR0cm zA8RSB=^@6)Y;opoj>KkpOs`zMGVium_&&;xSX&&>bojZfM-Ewvv(Db!+}zJ$hhfIy z8)H=}^8pbLwwl)k$Fe^u=lwr>Woz}LJ#`uNgG^{pqvEeMg1T^Uk1gl{Fo!m;EAD}v zC5mWMswJ&}UN-t=sIZ!|`@BFu9A8yIiTVwwo#T0_KhYU`Be*P{!~DgoD*@D{MH{ux zXb_A3r`mGiE-Vo5hNk?0)OYHf3oRy|KS35#dC~|r9elSY%fwS~Sq#TLZ29nTz!rOb z0pEYA0twHWkJyUd0Ry^^?Bsc$c@3nWD6Fg4I%)lQHWAUxs`BkT#j6asc9m*o@BQj! zbFCf(G!m&yZGV|aROm!mXN%(6iFG_s-J=`s4{r}b&$y997#FP!h_v>vIa6EJRFJojfstZDPeVC&GR z-24ROb2O!=O~hXj;#CC^-6F{;E-||W{m5kgko9g zZ8C`eCr%%+;B1v{pEm6=v*26zn8$?*Pgk=(pdEuls{Ffb+RAxT0`-Y zk=UwBHLO1z4IUpn{Q8^6^=!AB#IZ-@jdxiI6fi{z|i1ABv7-4lXr4W_} zrVxAHnb~w(O3#g?T$#^<(P%Vyc=%|v0>tm8R4}7-W^5>6P`?>@Ho;-t+T2zb%kXxvgHPckWvTQ(?fS!PVaiD}i9<4m z|C4eBt`K?`vOG=M6^T$yk?7V**tO2U?*rYo6vo&Z*8Msvy{&R4D zEK_Nb@eH&kdjzAnwOq1s;aqPkqIklDPL@PxxriLjI~bs>Reoh6Ay9w-V3|Fab?O6Q9SrY%Cv= zqS3+%Udpu$0d&A(vNh$I(hyg@H6%ZnKlaFkSpa*>h&}(1J7M~YF+tuPj1C`>0eLd| z_SZuX+y;zkc$KsrYy_8vR;c9DH&4Xvi18!RUT7qx%hVWi_vpKA_mh@0X0v z=2q_f7~#wF!Fp3x+eCE};W`VBS0;4Eow3tGY}hGy`udDSG@7#^`Em8Z{Yr{$;9Zfu z)neVQHqI59utZ+jbhv1Tue(Sdelz%{{eXf=5N4=DCn0CiZyHB?YdiLvo;S&sExpE8 zt(&>Sn@|2>__`&hx<C>BW(E9(xEF^VahaP|XAYL>v` zgTukMn=gR|Ps0tCz_ao9WY4(0%Y(W!#$<8u4>HX03vZ;RKQ`3bjM;2JnXiG+CRYc}`kK{u01Tw6! z2mq8S=@5jZL7I*QfM) zycBCcan#lBd~34Co<^GxrtQ~8UJB{0sId{OG`bM->i=W!TbCQRm4ttPdJ24*t@1h9 zAtm2uy_Fx1tt8$V+bYZB)Slfc2PPp2$0Wc2q-;%g_Sv^^Bf*t5D4yUTM(kp8LJ5f( z^zPT*2A4EaG;h>Kq%+88KqZ4S8apz%^~}d0q<#`0wTe8-RE$l;#TS^*il?irq3KER zN@nHMnjLQM9q#QP)Z>@bMf* zCo~~VCI6dq>zkEG)D{{cjKn-c+lDQKD$i3k!}CxY1BNiV^+fA6>u})g9PDiG?X7kr zd&2aqrkky;&A5npIDUYFvqrq>o_TYgePU-vnNAtvVjkoRy`yPP9usNqFFAOP4S9|0 zg5U6ThM1XM$?+Q--$IjbK|mj}sy@=SeqtMRuf?rtXh z1bQbXPkseliW{r&mx(%?oBDsbP zgC0SKNc>weMI$&xr)a`pjXEIjk#k-5v4wRL8pJ}UzB`o8#Mw%eaZ<89)uUkqJrnRn z)(t5`V3tggT;W+HW80rb8T@A+HQC>pPtC)_gR3o7DVz3v>h))F81z-JsJ_h3=u8vr zqkb6n#dW%lEf#$(=qYgYCoH0{)Ni1xaOsgCN=og@BTG}{v7i<55?tg zrTgs?>Z!d3t)Lzik)Vk;aTWRKuPyqSLxyR>1s8<4in*SC1%5Nc@EwrAv!HOv?hwMq z5v_7h&Li<$RjY9l{lk%tN)h$>AB8NyX(r9g?QW?D=Ueb!@89t!I?KU(-cPedsi=sK zNAR2Mnck5d$06v!(V+}^)@RmBmJP_oRFDquGqD5_@sJEz28r(km>?&nG~iD5QqM}i zOc~2hjb*#MSQjgBv~@0~*s(&q$***5Jv+2ft>^AoYU194j~p>~tJGbcbF2ES;)Q6Z zW|)m zh9>y2DxG8=`4yiOS{pE-;ePp^lOEe zb8Zlqb_wFq)wdF&Jz~IbutLvIYL8q5FG_fd{O!N{7*XLHT;|B;>4AJl8X`4yH}`&9l=Fm{%y!3dwuz z%4Yj2r&)m9GHlZ7PA{N|pLX~Bu`jufzd2%jfoI^2Bn5>E=GFG(;lLC{N>hCkJ3|_(Y zml|IlxFJ+Q{Tj%ZI{cp@#j^HR2LKU#Q4&)}L;GA|{z6Qe0X$` zR*}a0k7g8Upp+Q`H|MF*Vx{!A7LCd@!_~=U^01^8i_2HO01q>yGhNwX(~YHU6hII8 zPlPds)v1^Z>JVA00G#?Xi|%T3>?P)}O};%;7tTmVqf*Dz8*TobJ#rLy<jzE8I*2}ez1_1YY<-(JwMH$#3B)TQhc zRfdnqOXB((BdI@F+0;shg?rR2QRI8HFl+W6rJDFT}tOJrSobkQKd`i+@*BxQaanEOX<8(N@oFrVE^H&!{$m?OV#s~ zD|ba1)hSh&WZHVuZhP0}UHa*+d`YEw{_lwTYJZLw=uwaqrleU0@a6fx2m6DaK{5aL z-p)an|NAA%tL6W$A}8)b=vyz``n=zQUST9C7Wr<@tn&yY#JrJJo2LlhcLy($BE0S7 z-*vM_id(+q)<)Dn(^ZFN=4G8iO7E(A)k(c8aj8zJeD3b5ijA^&n*`gc(WmCtt{PEZ zc#EhHI0~fuNoIE$Q4?j`r^@wK@@wGY{7i^%#&1kUrdOc|Kuqru(PAfN;111TFzM2A zcWJr1wA`De<*r)8GBJ0kGfl|FYH0%0V%AGV-FKNqN*SJFqI63F6Hu;y9hObCX1DPc zkPs`gl8DjAg_dbmTVesoD4EJHpQ}K#5)c{VhDh5o?8`;i^vbn*_Lj^bQ2FVe)nL80 z>y7TTEAgssEpj_FPj51eVy)`SXPw}>dzac-YenemB)YD&UmD4Oca+9FW-xL*hU8L% z0becmnX*Fu8yxH&7UaL(gZ;x!{(FgH3wWt4H%1;qafRge*I$j~mPrx>;sYVMeE#gH z>~_qlB%^A9YYky)sgTwW=^QyTjF@0-7DwO*v6uePh74wArfEZ!qtCayBidEx!es>i zOi=IH@!x3u`w)eKrHPxbdAqFA{~R3d7S{jv?(S~4{$HZx6+98o6gsC8>Ejmn0TSXi zRyz$NN)U;UfNBtc`*+-dky3;>5%nFcG(RyGE$N)RttnlMIG~0g1%*7n{ghEvj;k<& z=3_7*eyAABffx$_W_9aP6!_qvAV55ANHv2h4Xd4jy;B3ri;Cqn_pcyxR+JhfyAWsWV@-=7JMQL48kA(sCkGIu2`B!$Jyirv9) zm*eZ(vr)0(Ul=Wz#7i5tD>NwzJM#Gm#5R71m2~){e*R|D^!4HL z*V_-no8gBw=PRJo4`_~ps)>64@#o>y#qfGKzCHQyaeO_zx;?!-KR&x?&_||~)~3d% zR0fl_x{-PB<)=l!7(?ye(nftSuYua{v`<(mO^4_yCy_NseS!iJ4CPQ!6)31rd~EO|H$t+p8ZC7e35oA zQ-3{BcAsk?rCue)@EnO3Us}s1z+B)drvJh1B_p<*u{rT;ac@4`nLKjhoR|ZcY?HVm?u%Zow!J zD9OlP-z!O8iATTS09~>Zc~RM0xf+)CRlPJ+H>V~NSxsLROQ&gH70YGi(DEy(75=}O z{D-1|E^m$28y^7= zMxX4@@;BX%5eGI9CasOC++7Cc#?qr|Lf%WI#ujNu%K44yue0jrsHtuY5zX8etRot9 zWPPz_Z$`LEP44XDwcL@ZrrLQn(YYZOUr~bIh_qz`5-!2+1QhzNsn}0AvecTJOygP; z*|N-DVd5jXjN}e^aZq3{%(0uY+eg3#ZGHJaKv2Ld0nNP#QOvN%9f36m`ab(f=JgRr z{L#CCmC#r!0T7gPIu(cJPnL)6Px&P>!P6Vauwrk}W5lr7WntikR`i0;pWhz89~*nB z-=qlDv>kZQ^B;=VhW-@&gA&xV5#&$NCrVIWEOwmvPlM&!i{pQMyc*t)KmI&ExjGwN zpIu(uo|SYMW%-{=j{H4ZROkRCv&oaY^wQX9__Fex7Zg?FyB=N~UtG5{vKSFa;@2P3 z$%nIHTVqm2EMLr+#>11V;dOiCQuSVKY%i%-8(p5Z*OfUYU9zkzsrPKZKdBIXeH~w! zOVY?+rS)6&VM}_z72UjuX0ZHbZRMc#P9ZwazNnsZj6ljPj3f;Iwzs!i(q=uNyBVeT zjf8zvS2Sx+y(XS>>Z2pDmrF&eDyu1%f~UQ-u!kJ0X{QOjM~waxd2!yY zav1=5XF6cJQfjPTiw=t1226a6h=-(y%u&BDjZ%+KW!>SUijY(I1U*Jr`??zf*gYtv zlTh1t)fn5;|25M8+TyVgzSte~*3bm6u>aW^?C%xr|8@tR{`WP0WFD;l8I)WIdPqH;sp%s^;kMJ-DLu?aY0HA}yI?Sdq&sdFy3jt;b;yp`_sGvz&3 z{@$Z9PLMsXBU=Q9WaFf2C+vP0Ln$^Rm_BiAs4SNYR+(+Go+)z1A@(TgFpR zNXM!<_Xa+#k*Q%!uX5 zz3bah8Na;rU|lFylWb#va=>hcg33is{e}`isk!`~*nq$!dFyIb%dqsSaxiq)2-zjoECt!vm&!)i}U zr&+bjTKYc@pTYlQFgV=bDf#~&3_AVaOO!(V$2=vQNRWjabnnqnTaYVPG+6T|O{7EWwZXpfIsN^w;IVLilRC$&?heN4m|?|9IeFd8bO zwyLwY|1*w zg%vJ6Is$8O0xqSj`ZG>^_ASuOa)NnQ{ZAwPA4kE2<0(PDgE>zSTkjfRmHvNsf4iXn z+c`Y!?0;XR*!sVs3N2Onok^s(rrax$Q@aW@D^BlZEW0@Ze|3oss!PN5pD8Ffv>v={=R9*IQ6wnOR2Nrw?b1nzp#$D zUdGO#hPb|+OTF*f)Zl5fwW+Z|k)}F(gYTAxTHl{Kql1pN^3HlIuJg(Sl=Jla76_>5 zVA;`6+h!|uMATWXbmY{g?Me-ueXZsz4mcft7@pS}-+mX2!bsAiRj zXGJ|Of92laeQo5iOmcheo00FMG`jyQ-c7G*0}7NmZrVCb=s2uCz`B*TUL?D8KjGN*2E5Q z@}A&J*1tPLL5Qb>vJLm*RqKC$cR#=Ww+{}syY>Gf`Q37@wga0MmfpDG>^j>07{10AoByk}0yDL*n<|0D`8H zcL0Bj7@FWm>P$It+Ab|)m5D3nu=bnyl$1!E7_XeEMFr)iy{6!Ta8i zZXAl=l;LUb$N%lU0XL9gns9J-I^;c9Cz$BD*hjFhsx$h}o;&9r^-;g~+Q@BCmaKn| z`8?g&9FO@=3jVTs{qJud6z#tUhlA~I{l7%X=l{j%F-Amk{^h7u36E)L@=BhfiOdyM zu=pvPvMY*wP3)7VK7`WRz?jYqe4B2rbp?Gmn7FNtLK2;&5mQ~gAoCXTU zXi6E*1QTl+$R}#ZBMpUo6kr~|&prO2!ju6J1qp+J1+|hM%}|&o@TCzV$D^~G-Erjk&!x)pB{Egy8YqzLfs0~sOJwe#87VD z3bT~49Ab4oXaU3pXA^+JC|=~Z1BZ$(@}S^z+vs6LqC4UFpjA SQ2s9f0RR7=)fH&~3I+g1WVRgu diff --git a/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile b/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile index cb8cf8391..07ffd0aa9 100644 --- a/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile +++ b/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile @@ -1,4 +1,4 @@ -AZURE_VERSION=v1.11.0 +AZURE_VERSION=v1.11.1 azure: # Clean current CRDs From b793053620abfc4503571dff304e999462ea4ba2 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 27 Sep 2023 11:26:06 +0200 Subject: [PATCH 04/19] Remove local CRDs --- .../scripts/Makefile | 24 - .../templates/azurecluster-crd.yaml | 1103 ----------------- .../templates/azureclusteridentity-crd.yaml | 183 --- .../templates/azureclustertemplate-crd.yaml | 673 ---------- .../templates/azureidentity-crd.yaml | 96 -- .../templates/azureidentitybinding-crd.yaml | 66 - .../templates/azuremachine-crd.yaml | 625 ---------- .../templates/azuremachinepool-crd.yaml | 814 ------------ .../azuremachinepoolmachine-crd.yaml | 209 ---- .../templates/azuremachinetemplate-crd.yaml | 521 -------- .../templates/azuremanagedcluster-crd.yaml | 75 -- .../azuremanagedcontrolplane-crd.yaml | 550 -------- .../azuremanagedmachinepool-crd.yaml | 514 -------- .../azurepodidentityexception-crd.yaml | 62 - .../templates/resourcegroup-crd.yaml | 510 -------- .../cluster-api-provider-azure/values.yaml | 6 +- 16 files changed, 1 insertion(+), 6030 deletions(-) delete mode 100644 bootstrap/helm/cluster-api-provider-azure/scripts/Makefile delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azureidentity-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azureidentitybinding-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcluster-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/azurepodidentityexception-crd.yaml delete mode 100644 bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml diff --git a/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile b/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile deleted file mode 100644 index 07ffd0aa9..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/scripts/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -AZURE_VERSION=v1.11.1 - -azure: -# Clean current CRDs - rm -rf ../templates/*-crd.yaml - mkdir tmp - wget https://github.com/kubernetes-sigs/cluster-api-provider-azure/releases/download/${AZURE_VERSION}/infrastructure-components.yaml -# This rewrites the data to stringData in the secret - yq 'select(.kind == "Secret") | .stringData += .data | del(.data)' infrastructure-components.yaml > tmp.yaml -# This removes the Secret from the yaml - yq 'del( select(.kind == "Secret"))' infrastructure-components.yaml > tmp2.yaml - -# This combines the yaml files back together - yq eval-all tmp.yaml tmp2.yaml > infrastructure-components.yaml - - cat infrastructure-components.yaml | helmify -generate-defaults -image-pull-secrets tmp/cluster-api-provider-azure - rm infrastructure-components.yaml tmp.yaml tmp2.yaml - yq -i ".appVersion=\"${AZURE_VERSION}\"" ../Chart.yaml - -# This removes the Azure credentials from the values.yaml since it is being set by managerBootstrapCredentials.credentials instead - yq -i "del(.configVariables.azureClientIdB64) | del(.configVariables.azureClientSecretB64) | del(.configVariables.azureSubscriptionIdB64) | del(.configVariables.azureTenantIdB64)" tmp/cluster-api-provider-azure/values.yaml - - mv tmp/cluster-api-provider-azure/templates/*-crd.yaml ../templates/ - rm -rf tmp/ diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml deleted file mode 100644 index 549bd4aef..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azurecluster-crd.yaml +++ /dev/null @@ -1,1103 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azureclusters.infrastructure.cluster.x-k8s.io - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureCluster - listKind: AzureClusterList - plural: azureclusters - singular: azurecluster - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Cluster to which this AzureCluster belongs - jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name - name: Cluster - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - priority: 1 - type: string - - jsonPath: .spec.resourceGroup - name: Resource Group - priority: 1 - type: string - - jsonPath: .spec.subscriptionID - name: SubscriptionID - priority: 1 - type: string - - jsonPath: .spec.location - name: Location - priority: 1 - type: string - - description: Control Plane Endpoint - jsonPath: .spec.controlPlaneEndpoint.host - name: Endpoint - priority: 1 - type: string - - description: Time duration since creation of this AzureCluster - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureCluster is the Schema for the azureclusters API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureClusterSpec defines the desired state of AzureCluster. - properties: - additionalTags: - additionalProperties: - type: string - description: AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default. - type: object - azureEnvironment: - description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud"' - type: string - bastionSpec: - description: BastionSpec encapsulates all things related to the Bastions in the cluster. - properties: - azureBastion: - description: AzureBastion specifies how the Azure Bastion cloud component should be configured. - properties: - enableTunneling: - default: false - description: EnableTunneling enables the native client support feature for the Azure Bastion Host. Defaults to false. - type: boolean - name: - type: string - publicIP: - description: PublicIPSpec defines the inputs to create an Azure public IP address. - properties: - dnsName: - type: string - ipTags: - items: - description: IPTag contains the IpTag associated with the object. - properties: - tag: - description: 'Tag specifies the value of the IP tag associated with the public IP. Example: SQL.' - type: string - type: - description: 'Type specifies the IP tag type. Example: FirstPartyUsage.' - type: string - required: - - tag - - type - type: object - type: array - name: - type: string - required: - - name - type: object - sku: - default: Basic - description: BastionHostSkuName configures the tier of the Azure Bastion Host. Can be either Basic or Standard. Defaults to Basic. - enum: - - Basic - - Standard - type: string - subnet: - description: SubnetSpec configures an Azure subnet. - properties: - cidrBlocks: - description: CIDRBlocks defines the subnet's address space, specified as one or more address prefixes in CIDR notation. - items: - type: string - type: array - id: - description: ID is the Azure resource ID of the subnet. READ-ONLY - type: string - name: - description: Name defines a name for the subnet resource. - type: string - natGateway: - description: NatGateway associated with this subnet. - properties: - id: - description: ID is the Azure resource ID of the NAT gateway. READ-ONLY - type: string - ip: - description: PublicIPSpec defines the inputs to create an Azure public IP address. - properties: - dnsName: - type: string - ipTags: - items: - description: IPTag contains the IpTag associated with the object. - properties: - tag: - description: 'Tag specifies the value of the IP tag associated with the public IP. Example: SQL.' - type: string - type: - description: 'Type specifies the IP tag type. Example: FirstPartyUsage.' - type: string - required: - - tag - - type - type: object - type: array - name: - type: string - required: - - name - type: object - name: - type: string - required: - - name - type: object - privateEndpoints: - description: PrivateEndpoints defines a list of private endpoints that should be attached to this subnet. - items: - description: PrivateEndpointSpec configures an Azure Private Endpoint. - properties: - applicationSecurityGroups: - description: ApplicationSecurityGroups specifies the Application security group in which the private endpoint IP configuration is included. - items: - type: string - type: array - customNetworkInterfaceName: - description: CustomNetworkInterfaceName specifies the network interface name associated with the private endpoint. - type: string - location: - description: Location specifies the region to create the private endpoint. - type: string - manualApproval: - description: ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false. - type: boolean - name: - description: Name specifies the name of the private endpoint. - type: string - privateIPAddresses: - description: PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked. - items: - type: string - type: array - privateLinkServiceConnections: - description: PrivateLinkServiceConnections specifies Private Link Service Connections of the private endpoint. - items: - description: PrivateLinkServiceConnection defines the specification for a private link service connection associated with a private endpoint. - properties: - groupIDs: - description: GroupIDs specifies the ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to. - items: - type: string - type: array - name: - description: Name specifies the name of the private link service. - type: string - privateLinkServiceID: - description: PrivateLinkServiceID specifies the resource ID of the private link service. - type: string - requestMessage: - description: RequestMessage specifies a message passed to the owner of the remote resource with the private endpoint connection request. - maxLength: 140 - type: string - type: object - type: array - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - role: - description: Role defines the subnet role (eg. Node, ControlPlane) - enum: - - node - - control-plane - - bastion - type: string - routeTable: - description: RouteTable defines the route table that should be attached to this subnet. - properties: - id: - description: ID is the Azure resource ID of the route table. READ-ONLY - type: string - name: - type: string - required: - - name - type: object - securityGroup: - description: SecurityGroup defines the NSG (network security group) that should be attached to this subnet. - properties: - id: - description: ID is the Azure resource ID of the security group. READ-ONLY - type: string - name: - type: string - securityRules: - description: SecurityRules is a slice of Azure security rules for security groups. - items: - description: SecurityRule defines an Azure security rule for security groups. - properties: - action: - default: Allow - description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". - enum: - - Allow - - Deny - type: string - description: - description: A description for this rule. Restricted to 140 chars. - type: string - destination: - description: Destination is the destination address prefix. CIDR or destination IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. - type: string - destinationPorts: - description: DestinationPorts specifies the destination port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - direction: - description: Direction indicates whether the rule applies to inbound, or outbound traffic. "Inbound" or "Outbound". - enum: - - Inbound - - Outbound - type: string - name: - description: Name is a unique name within the network security group. - type: string - priority: - description: Priority is a number between 100 and 4096. Each rule should have a unique value for priority. Rules are processed in priority order, with lower numbers processed before higher numbers. Once traffic matches a rule, processing stops. - format: int32 - type: integer - protocol: - description: Protocol specifies the protocol type. "Tcp", "Udp", "Icmp", or "*". - enum: - - Tcp - - Udp - - Icmp - - '*' - type: string - source: - description: Source specifies the CIDR or source IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. - type: string - sourcePorts: - description: SourcePorts specifies source port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - required: - - description - - direction - - name - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - tags: - additionalProperties: - type: string - description: Tags defines a map of tags. - type: object - required: - - name - type: object - serviceEndpoints: - description: ServiceEndpoints is a slice of Virtual Network service endpoints to enable for the subnets. - items: - description: ServiceEndpointSpec configures an Azure Service Endpoint. - properties: - locations: - items: - type: string - type: array - service: - type: string - required: - - locations - - service - type: object - type: array - x-kubernetes-list-map-keys: - - service - x-kubernetes-list-type: map - required: - - name - - role - type: object - type: object - type: object - cloudProviderConfigOverrides: - description: 'CloudProviderConfigOverrides is an optional set of configuration values that can be overridden in azure cloud provider config. This is only a subset of options that are available in azure cloud provider config. Some values for the cloud provider config are inferred from other parts of cluster api provider azure spec, and may not be available for overrides. See: https://cloud-provider-azure.sigs.k8s.io/install/configs Note: All cloud provider config values can be customized by creating the secret beforehand. CloudProviderConfigOverrides is only used when the secret is managed by the Azure Provider.' - properties: - backOffs: - description: BackOffConfig indicates the back-off config options. - properties: - cloudProviderBackoff: - type: boolean - cloudProviderBackoffDuration: - type: integer - cloudProviderBackoffExponent: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cloudProviderBackoffJitter: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cloudProviderBackoffRetries: - type: integer - type: object - rateLimits: - items: - description: 'RateLimitSpec represents the rate limit configuration for a particular kind of resource. Eg. loadBalancerRateLimit is used to configure rate limits for load balancers. This eventually gets converted to CloudProviderRateLimitConfig that cloud-provider-azure expects. See: https://github.com/kubernetes-sigs/cloud-provider-azure/blob/d585c2031925b39c925624302f22f8856e29e352/pkg/provider/azure_ratelimit.go#L25 We cannot use CloudProviderRateLimitConfig directly because floating point values are not supported in controller-tools. See: https://github.com/kubernetes-sigs/controller-tools/issues/245' - properties: - config: - description: RateLimitConfig indicates the rate limit config options. - properties: - cloudProviderRateLimit: - type: boolean - cloudProviderRateLimitBucket: - type: integer - cloudProviderRateLimitBucketWrite: - type: integer - cloudProviderRateLimitQPS: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cloudProviderRateLimitQPSWrite: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - name: - description: Name is the name of the rate limit spec. - enum: - - defaultRateLimit - - routeRateLimit - - subnetsRateLimit - - interfaceRateLimit - - routeTableRateLimit - - loadBalancerRateLimit - - publicIPAddressRateLimit - - securityGroupRateLimit - - virtualMachineRateLimit - - storageAccountRateLimit - - diskRateLimit - - snapshotRateLimit - - virtualMachineScaleSetRateLimit - - virtualMachineSizesRateLimit - - availabilitySetRateLimit - type: string - required: - - name - type: object - type: array - type: object - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. It is not recommended to set this when creating an AzureCluster as CAPZ will set this for you. However, if it is set, CAPZ will not change it. - properties: - host: - description: The hostname on which the API server is serving. - type: string - port: - description: The port on which the API server is serving. - format: int32 - type: integer - required: - - host - - port - type: object - extendedLocation: - description: ExtendedLocation is an optional set of ExtendedLocation properties for clusters on Azure public MEC. - properties: - name: - description: Name defines the name for the extended location. - type: string - type: - description: Type defines the type for the extended location. - enum: - - EdgeZone - type: string - required: - - name - - type - type: object - identityRef: - description: IdentityRef is a reference to an AzureIdentity to be used when reconciling this cluster - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - location: - type: string - networkSpec: - description: NetworkSpec encapsulates all things related to Azure network. - properties: - apiServerLB: - description: APIServerLB is the configuration for the control-plane load balancer. - properties: - backendPool: - description: BackendPool describes the backend pool of the load balancer. - properties: - name: - description: Name specifies the name of backend pool for the load balancer. If not specified, the default name will be set, depending on the load balancer role. - type: string - type: object - frontendIPs: - items: - description: FrontendIP defines a load balancer frontend IP configuration. - properties: - name: - minLength: 1 - type: string - privateIP: - type: string - publicIP: - description: PublicIPSpec defines the inputs to create an Azure public IP address. - properties: - dnsName: - type: string - ipTags: - items: - description: IPTag contains the IpTag associated with the object. - properties: - tag: - description: 'Tag specifies the value of the IP tag associated with the public IP. Example: SQL.' - type: string - type: - description: 'Type specifies the IP tag type. Example: FirstPartyUsage.' - type: string - required: - - tag - - type - type: object - type: array - name: - type: string - required: - - name - type: object - required: - - name - type: object - type: array - frontendIPsCount: - description: FrontendIPsCount specifies the number of frontend IP addresses for the load balancer. - format: int32 - type: integer - id: - description: ID is the Azure resource ID of the load balancer. READ-ONLY - type: string - idleTimeoutInMinutes: - description: IdleTimeoutInMinutes specifies the timeout for the TCP idle connection. - format: int32 - type: integer - name: - type: string - sku: - description: SKU defines an Azure load balancer SKU. - type: string - type: - description: LBType defines an Azure load balancer Type. - type: string - type: object - controlPlaneOutboundLB: - description: ControlPlaneOutboundLB is the configuration for the control-plane outbound load balancer. This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic. - properties: - backendPool: - description: BackendPool describes the backend pool of the load balancer. - properties: - name: - description: Name specifies the name of backend pool for the load balancer. If not specified, the default name will be set, depending on the load balancer role. - type: string - type: object - frontendIPs: - items: - description: FrontendIP defines a load balancer frontend IP configuration. - properties: - name: - minLength: 1 - type: string - privateIP: - type: string - publicIP: - description: PublicIPSpec defines the inputs to create an Azure public IP address. - properties: - dnsName: - type: string - ipTags: - items: - description: IPTag contains the IpTag associated with the object. - properties: - tag: - description: 'Tag specifies the value of the IP tag associated with the public IP. Example: SQL.' - type: string - type: - description: 'Type specifies the IP tag type. Example: FirstPartyUsage.' - type: string - required: - - tag - - type - type: object - type: array - name: - type: string - required: - - name - type: object - required: - - name - type: object - type: array - frontendIPsCount: - description: FrontendIPsCount specifies the number of frontend IP addresses for the load balancer. - format: int32 - type: integer - id: - description: ID is the Azure resource ID of the load balancer. READ-ONLY - type: string - idleTimeoutInMinutes: - description: IdleTimeoutInMinutes specifies the timeout for the TCP idle connection. - format: int32 - type: integer - name: - type: string - sku: - description: SKU defines an Azure load balancer SKU. - type: string - type: - description: LBType defines an Azure load balancer Type. - type: string - type: object - nodeOutboundLB: - description: NodeOutboundLB is the configuration for the node outbound load balancer. - properties: - backendPool: - description: BackendPool describes the backend pool of the load balancer. - properties: - name: - description: Name specifies the name of backend pool for the load balancer. If not specified, the default name will be set, depending on the load balancer role. - type: string - type: object - frontendIPs: - items: - description: FrontendIP defines a load balancer frontend IP configuration. - properties: - name: - minLength: 1 - type: string - privateIP: - type: string - publicIP: - description: PublicIPSpec defines the inputs to create an Azure public IP address. - properties: - dnsName: - type: string - ipTags: - items: - description: IPTag contains the IpTag associated with the object. - properties: - tag: - description: 'Tag specifies the value of the IP tag associated with the public IP. Example: SQL.' - type: string - type: - description: 'Type specifies the IP tag type. Example: FirstPartyUsage.' - type: string - required: - - tag - - type - type: object - type: array - name: - type: string - required: - - name - type: object - required: - - name - type: object - type: array - frontendIPsCount: - description: FrontendIPsCount specifies the number of frontend IP addresses for the load balancer. - format: int32 - type: integer - id: - description: ID is the Azure resource ID of the load balancer. READ-ONLY - type: string - idleTimeoutInMinutes: - description: IdleTimeoutInMinutes specifies the timeout for the TCP idle connection. - format: int32 - type: integer - name: - type: string - sku: - description: SKU defines an Azure load balancer SKU. - type: string - type: - description: LBType defines an Azure load balancer Type. - type: string - type: object - privateDNSZoneName: - description: PrivateDNSZoneName defines the zone name for the Azure Private DNS. - type: string - subnets: - description: Subnets is the configuration for the control-plane subnet and the node subnet. - items: - description: SubnetSpec configures an Azure subnet. - properties: - cidrBlocks: - description: CIDRBlocks defines the subnet's address space, specified as one or more address prefixes in CIDR notation. - items: - type: string - type: array - id: - description: ID is the Azure resource ID of the subnet. READ-ONLY - type: string - name: - description: Name defines a name for the subnet resource. - type: string - natGateway: - description: NatGateway associated with this subnet. - properties: - id: - description: ID is the Azure resource ID of the NAT gateway. READ-ONLY - type: string - ip: - description: PublicIPSpec defines the inputs to create an Azure public IP address. - properties: - dnsName: - type: string - ipTags: - items: - description: IPTag contains the IpTag associated with the object. - properties: - tag: - description: 'Tag specifies the value of the IP tag associated with the public IP. Example: SQL.' - type: string - type: - description: 'Type specifies the IP tag type. Example: FirstPartyUsage.' - type: string - required: - - tag - - type - type: object - type: array - name: - type: string - required: - - name - type: object - name: - type: string - required: - - name - type: object - privateEndpoints: - description: PrivateEndpoints defines a list of private endpoints that should be attached to this subnet. - items: - description: PrivateEndpointSpec configures an Azure Private Endpoint. - properties: - applicationSecurityGroups: - description: ApplicationSecurityGroups specifies the Application security group in which the private endpoint IP configuration is included. - items: - type: string - type: array - customNetworkInterfaceName: - description: CustomNetworkInterfaceName specifies the network interface name associated with the private endpoint. - type: string - location: - description: Location specifies the region to create the private endpoint. - type: string - manualApproval: - description: ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false. - type: boolean - name: - description: Name specifies the name of the private endpoint. - type: string - privateIPAddresses: - description: PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked. - items: - type: string - type: array - privateLinkServiceConnections: - description: PrivateLinkServiceConnections specifies Private Link Service Connections of the private endpoint. - items: - description: PrivateLinkServiceConnection defines the specification for a private link service connection associated with a private endpoint. - properties: - groupIDs: - description: GroupIDs specifies the ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to. - items: - type: string - type: array - name: - description: Name specifies the name of the private link service. - type: string - privateLinkServiceID: - description: PrivateLinkServiceID specifies the resource ID of the private link service. - type: string - requestMessage: - description: RequestMessage specifies a message passed to the owner of the remote resource with the private endpoint connection request. - maxLength: 140 - type: string - type: object - type: array - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - role: - description: Role defines the subnet role (eg. Node, ControlPlane) - enum: - - node - - control-plane - - bastion - type: string - routeTable: - description: RouteTable defines the route table that should be attached to this subnet. - properties: - id: - description: ID is the Azure resource ID of the route table. READ-ONLY - type: string - name: - type: string - required: - - name - type: object - securityGroup: - description: SecurityGroup defines the NSG (network security group) that should be attached to this subnet. - properties: - id: - description: ID is the Azure resource ID of the security group. READ-ONLY - type: string - name: - type: string - securityRules: - description: SecurityRules is a slice of Azure security rules for security groups. - items: - description: SecurityRule defines an Azure security rule for security groups. - properties: - action: - default: Allow - description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". - enum: - - Allow - - Deny - type: string - description: - description: A description for this rule. Restricted to 140 chars. - type: string - destination: - description: Destination is the destination address prefix. CIDR or destination IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. - type: string - destinationPorts: - description: DestinationPorts specifies the destination port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - direction: - description: Direction indicates whether the rule applies to inbound, or outbound traffic. "Inbound" or "Outbound". - enum: - - Inbound - - Outbound - type: string - name: - description: Name is a unique name within the network security group. - type: string - priority: - description: Priority is a number between 100 and 4096. Each rule should have a unique value for priority. Rules are processed in priority order, with lower numbers processed before higher numbers. Once traffic matches a rule, processing stops. - format: int32 - type: integer - protocol: - description: Protocol specifies the protocol type. "Tcp", "Udp", "Icmp", or "*". - enum: - - Tcp - - Udp - - Icmp - - '*' - type: string - source: - description: Source specifies the CIDR or source IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. - type: string - sourcePorts: - description: SourcePorts specifies source port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - required: - - description - - direction - - name - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - tags: - additionalProperties: - type: string - description: Tags defines a map of tags. - type: object - required: - - name - type: object - serviceEndpoints: - description: ServiceEndpoints is a slice of Virtual Network service endpoints to enable for the subnets. - items: - description: ServiceEndpointSpec configures an Azure Service Endpoint. - properties: - locations: - items: - type: string - type: array - service: - type: string - required: - - locations - - service - type: object - type: array - x-kubernetes-list-map-keys: - - service - x-kubernetes-list-type: map - required: - - name - - role - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - vnet: - description: Vnet is the configuration for the Azure virtual network. - properties: - cidrBlocks: - description: CIDRBlocks defines the virtual network's address space, specified as one or more address prefixes in CIDR notation. - items: - type: string - type: array - id: - description: ID is the Azure resource ID of the virtual network. READ-ONLY - type: string - name: - description: Name defines a name for the virtual network resource. - type: string - peerings: - description: Peerings defines a list of peerings of the newly created virtual network with existing virtual networks. - items: - description: VnetPeeringSpec specifies an existing remote virtual network to peer with the AzureCluster's virtual network. - properties: - forwardPeeringProperties: - description: ForwardPeeringProperties specifies VnetPeeringProperties for peering from the cluster's virtual network to the remote virtual network. - properties: - allowForwardedTraffic: - description: AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. - type: boolean - allowGatewayTransit: - description: AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual network. - type: boolean - allowVirtualNetworkAccess: - description: AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. - type: boolean - useRemoteGateways: - description: UseRemoteGateways specifies if remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. - type: boolean - type: object - remoteVnetName: - description: RemoteVnetName defines name of the remote virtual network. - type: string - resourceGroup: - description: ResourceGroup is the resource group name of the remote virtual network. - type: string - reversePeeringProperties: - description: ReversePeeringProperties specifies VnetPeeringProperties for peering from the remote virtual network to the cluster's virtual network. - properties: - allowForwardedTraffic: - description: AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. - type: boolean - allowGatewayTransit: - description: AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual network. - type: boolean - allowVirtualNetworkAccess: - description: AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. - type: boolean - useRemoteGateways: - description: UseRemoteGateways specifies if remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. - type: boolean - type: object - required: - - remoteVnetName - type: object - type: array - resourceGroup: - description: ResourceGroup is the name of the resource group of the existing virtual network or the resource group where a managed virtual network should be created. - type: string - tags: - additionalProperties: - type: string - description: Tags is a collection of tags describing the resource. - type: object - required: - - name - type: object - type: object - resourceGroup: - type: string - subscriptionID: - type: string - required: - - location - type: object - status: - description: AzureClusterStatus defines the observed state of AzureCluster. - properties: - conditions: - description: Conditions defines current service state of the AzureCluster. - items: - description: Condition defines an observation of a Cluster API resource operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - type: string - severity: - description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. - properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure domain is suitable for use by control plane machines. - type: boolean - type: object - description: 'FailureDomains specifies the list of unique failure domains for the location/region of the cluster. A FailureDomain maps to Availability Zone with an Azure Region (if the region support them). An Availability Zone is a separate data center within a region and they can be used to ensure the cluster is more resilient to failure. See: https://learn.microsoft.com/azure/reliability/availability-zones-overview This list will be used by Cluster API to try and spread the machines across the failure domains.' - type: object - longRunningOperationStates: - description: LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop. - items: - description: Future contains the data needed for an Azure long-running operation to continue across reconcile loops. - properties: - data: - description: Data is the base64 url encoded json Azure AutoRest Future. - type: string - name: - description: Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. - type: string - resourceGroup: - description: ResourceGroup is the Azure resource group for the resource. - type: string - serviceName: - description: ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. - type: string - type: - description: Type describes the type of future, such as update, create, delete, etc. - type: string - required: - - data - - name - - serviceName - - type - type: object - type: array - ready: - description: Ready is true when the provider resource is ready. - type: boolean - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml deleted file mode 100644 index 6077347c3..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azureclusteridentity-crd.yaml +++ /dev/null @@ -1,183 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azureclusteridentities.infrastructure.cluster.x-k8s.io - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureClusterIdentity - listKind: AzureClusterIdentityList - plural: azureclusteridentities - singular: azureclusteridentity - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Type of Azure Identity - jsonPath: .spec.type - name: Type - type: string - - description: Time duration since creation of this AzureClusterIdentity - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureClusterIdentity is the Schema for the azureclustersidentities API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureClusterIdentitySpec defines the parameters that are used to create an AzureIdentity. - properties: - allowedNamespaces: - description: AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that AzureClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity. - nullable: true - properties: - list: - description: A nil or empty list indicates that AzureCluster cannot use the identity from any namespace. - items: - type: string - nullable: true - type: array - selector: - description: "Selector is a selector of namespaces that AzureCluster can use this Identity from. This is a standard Kubernetes LabelSelector, a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. \n A nil or empty selector indicates that AzureCluster cannot use this AzureClusterIdentity from any namespace." - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: object - clientID: - description: ClientID is the service principal client ID. Both User Assigned MSI and SP can use this field. - type: string - clientSecret: - description: ClientSecret is a secret reference which should contain either a Service Principal password or certificate secret. - properties: - name: - description: name is unique within a namespace to reference a secret resource. - type: string - namespace: - description: namespace defines the space within which the secret name must be unique. - type: string - type: object - x-kubernetes-map-type: atomic - resourceID: - description: ResourceID is the Azure resource ID for the User Assigned MSI resource. Only applicable when type is UserAssignedMSI. - type: string - tenantID: - description: TenantID is the service principal primary tenant id. - type: string - type: - description: Type is the type of Azure Identity used. ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity. - enum: - - ServicePrincipal - - UserAssignedMSI - - ManualServicePrincipal - - ServicePrincipalCertificate - - WorkloadIdentity - type: string - required: - - clientID - - tenantID - - type - type: object - status: - description: AzureClusterIdentityStatus defines the observed state of AzureClusterIdentity. - properties: - conditions: - description: Conditions defines current service state of the AzureClusterIdentity. - items: - description: Condition defines an observation of a Cluster API resource operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - type: string - severity: - description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml deleted file mode 100644 index 4a12f0101..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azureclustertemplate-crd.yaml +++ /dev/null @@ -1,673 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azureclustertemplates.infrastructure.cluster.x-k8s.io - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureClusterTemplate - listKind: AzureClusterTemplateList - plural: azureclustertemplates - singular: azureclustertemplate - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureClusterTemplate is the Schema for the azureclustertemplates API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureClusterTemplateSpec defines the desired state of AzureClusterTemplate. - properties: - template: - description: AzureClusterTemplateResource describes the data needed to create an AzureCluster from a template. - properties: - spec: - description: AzureClusterTemplateResourceSpec specifies an Azure cluster template resource. - properties: - additionalTags: - additionalProperties: - type: string - description: AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default. - type: object - azureEnvironment: - description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - GermanCloud: "AzureGermanCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud"' - type: string - bastionSpec: - description: BastionSpec encapsulates all things related to the Bastions in the cluster. - properties: - azureBastion: - description: AzureBastionTemplateSpec specifies a template for an Azure Bastion host. - properties: - subnet: - description: SubnetTemplateSpec specifies a template for a subnet. - properties: - cidrBlocks: - description: CIDRBlocks defines the subnet's address space, specified as one or more address prefixes in CIDR notation. - items: - type: string - type: array - name: - description: Name defines a name for the subnet resource. - type: string - natGateway: - description: NatGateway associated with this subnet. - properties: - name: - type: string - required: - - name - type: object - privateEndpoints: - description: PrivateEndpoints defines a list of private endpoints that should be attached to this subnet. - items: - description: PrivateEndpointSpec configures an Azure Private Endpoint. - properties: - applicationSecurityGroups: - description: ApplicationSecurityGroups specifies the Application security group in which the private endpoint IP configuration is included. - items: - type: string - type: array - customNetworkInterfaceName: - description: CustomNetworkInterfaceName specifies the network interface name associated with the private endpoint. - type: string - location: - description: Location specifies the region to create the private endpoint. - type: string - manualApproval: - description: ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false. - type: boolean - name: - description: Name specifies the name of the private endpoint. - type: string - privateIPAddresses: - description: PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked. - items: - type: string - type: array - privateLinkServiceConnections: - description: PrivateLinkServiceConnections specifies Private Link Service Connections of the private endpoint. - items: - description: PrivateLinkServiceConnection defines the specification for a private link service connection associated with a private endpoint. - properties: - groupIDs: - description: GroupIDs specifies the ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to. - items: - type: string - type: array - name: - description: Name specifies the name of the private link service. - type: string - privateLinkServiceID: - description: PrivateLinkServiceID specifies the resource ID of the private link service. - type: string - requestMessage: - description: RequestMessage specifies a message passed to the owner of the remote resource with the private endpoint connection request. - maxLength: 140 - type: string - type: object - type: array - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - role: - description: Role defines the subnet role (eg. Node, ControlPlane) - enum: - - node - - control-plane - - bastion - type: string - securityGroup: - description: SecurityGroup defines the NSG (network security group) that should be attached to this subnet. - properties: - securityRules: - description: SecurityRules is a slice of Azure security rules for security groups. - items: - description: SecurityRule defines an Azure security rule for security groups. - properties: - action: - default: Allow - description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". - enum: - - Allow - - Deny - type: string - description: - description: A description for this rule. Restricted to 140 chars. - type: string - destination: - description: Destination is the destination address prefix. CIDR or destination IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. - type: string - destinationPorts: - description: DestinationPorts specifies the destination port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - direction: - description: Direction indicates whether the rule applies to inbound, or outbound traffic. "Inbound" or "Outbound". - enum: - - Inbound - - Outbound - type: string - name: - description: Name is a unique name within the network security group. - type: string - priority: - description: Priority is a number between 100 and 4096. Each rule should have a unique value for priority. Rules are processed in priority order, with lower numbers processed before higher numbers. Once traffic matches a rule, processing stops. - format: int32 - type: integer - protocol: - description: Protocol specifies the protocol type. "Tcp", "Udp", "Icmp", or "*". - enum: - - Tcp - - Udp - - Icmp - - '*' - type: string - source: - description: Source specifies the CIDR or source IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. - type: string - sourcePorts: - description: SourcePorts specifies source port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - required: - - description - - direction - - name - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - tags: - additionalProperties: - type: string - description: Tags defines a map of tags. - type: object - type: object - serviceEndpoints: - description: ServiceEndpoints is a slice of Virtual Network service endpoints to enable for the subnets. - items: - description: ServiceEndpointSpec configures an Azure Service Endpoint. - properties: - locations: - items: - type: string - type: array - service: - type: string - required: - - locations - - service - type: object - type: array - x-kubernetes-list-map-keys: - - service - x-kubernetes-list-type: map - required: - - name - - role - type: object - type: object - type: object - cloudProviderConfigOverrides: - description: 'CloudProviderConfigOverrides is an optional set of configuration values that can be overridden in azure cloud provider config. This is only a subset of options that are available in azure cloud provider config. Some values for the cloud provider config are inferred from other parts of cluster api provider azure spec, and may not be available for overrides. See: https://cloud-provider-azure.sigs.k8s.io/install/configs Note: All cloud provider config values can be customized by creating the secret beforehand. CloudProviderConfigOverrides is only used when the secret is managed by the Azure Provider.' - properties: - backOffs: - description: BackOffConfig indicates the back-off config options. - properties: - cloudProviderBackoff: - type: boolean - cloudProviderBackoffDuration: - type: integer - cloudProviderBackoffExponent: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cloudProviderBackoffJitter: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cloudProviderBackoffRetries: - type: integer - type: object - rateLimits: - items: - description: 'RateLimitSpec represents the rate limit configuration for a particular kind of resource. Eg. loadBalancerRateLimit is used to configure rate limits for load balancers. This eventually gets converted to CloudProviderRateLimitConfig that cloud-provider-azure expects. See: https://github.com/kubernetes-sigs/cloud-provider-azure/blob/d585c2031925b39c925624302f22f8856e29e352/pkg/provider/azure_ratelimit.go#L25 We cannot use CloudProviderRateLimitConfig directly because floating point values are not supported in controller-tools. See: https://github.com/kubernetes-sigs/controller-tools/issues/245' - properties: - config: - description: RateLimitConfig indicates the rate limit config options. - properties: - cloudProviderRateLimit: - type: boolean - cloudProviderRateLimitBucket: - type: integer - cloudProviderRateLimitBucketWrite: - type: integer - cloudProviderRateLimitQPS: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cloudProviderRateLimitQPSWrite: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - name: - description: Name is the name of the rate limit spec. - enum: - - defaultRateLimit - - routeRateLimit - - subnetsRateLimit - - interfaceRateLimit - - routeTableRateLimit - - loadBalancerRateLimit - - publicIPAddressRateLimit - - securityGroupRateLimit - - virtualMachineRateLimit - - storageAccountRateLimit - - diskRateLimit - - snapshotRateLimit - - virtualMachineScaleSetRateLimit - - virtualMachineSizesRateLimit - - availabilitySetRateLimit - type: string - required: - - name - type: object - type: array - type: object - extendedLocation: - description: ExtendedLocation is an optional set of ExtendedLocation properties for clusters on Azure public MEC. - properties: - name: - description: Name defines the name for the extended location. - type: string - type: - description: Type defines the type for the extended location. - enum: - - EdgeZone - type: string - required: - - name - - type - type: object - identityRef: - description: IdentityRef is a reference to an AzureIdentity to be used when reconciling this cluster - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - location: - type: string - networkSpec: - description: NetworkSpec encapsulates all things related to Azure network. - properties: - apiServerLB: - description: APIServerLB is the configuration for the control-plane load balancer. - properties: - idleTimeoutInMinutes: - description: IdleTimeoutInMinutes specifies the timeout for the TCP idle connection. - format: int32 - type: integer - sku: - description: SKU defines an Azure load balancer SKU. - type: string - type: - description: LBType defines an Azure load balancer Type. - type: string - type: object - controlPlaneOutboundLB: - description: ControlPlaneOutboundLB is the configuration for the control-plane outbound load balancer. This is different from APIServerLB, and is used only in private clusters (optionally) for enabling outbound traffic. - properties: - idleTimeoutInMinutes: - description: IdleTimeoutInMinutes specifies the timeout for the TCP idle connection. - format: int32 - type: integer - sku: - description: SKU defines an Azure load balancer SKU. - type: string - type: - description: LBType defines an Azure load balancer Type. - type: string - type: object - nodeOutboundLB: - description: NodeOutboundLB is the configuration for the node outbound load balancer. - properties: - idleTimeoutInMinutes: - description: IdleTimeoutInMinutes specifies the timeout for the TCP idle connection. - format: int32 - type: integer - sku: - description: SKU defines an Azure load balancer SKU. - type: string - type: - description: LBType defines an Azure load balancer Type. - type: string - type: object - privateDNSZoneName: - description: PrivateDNSZoneName defines the zone name for the Azure Private DNS. - type: string - subnets: - description: Subnets is the configuration for the control-plane subnet and the node subnet. - items: - description: SubnetTemplateSpec specifies a template for a subnet. - properties: - cidrBlocks: - description: CIDRBlocks defines the subnet's address space, specified as one or more address prefixes in CIDR notation. - items: - type: string - type: array - name: - description: Name defines a name for the subnet resource. - type: string - natGateway: - description: NatGateway associated with this subnet. - properties: - name: - type: string - required: - - name - type: object - privateEndpoints: - description: PrivateEndpoints defines a list of private endpoints that should be attached to this subnet. - items: - description: PrivateEndpointSpec configures an Azure Private Endpoint. - properties: - applicationSecurityGroups: - description: ApplicationSecurityGroups specifies the Application security group in which the private endpoint IP configuration is included. - items: - type: string - type: array - customNetworkInterfaceName: - description: CustomNetworkInterfaceName specifies the network interface name associated with the private endpoint. - type: string - location: - description: Location specifies the region to create the private endpoint. - type: string - manualApproval: - description: ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false. - type: boolean - name: - description: Name specifies the name of the private endpoint. - type: string - privateIPAddresses: - description: PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked. - items: - type: string - type: array - privateLinkServiceConnections: - description: PrivateLinkServiceConnections specifies Private Link Service Connections of the private endpoint. - items: - description: PrivateLinkServiceConnection defines the specification for a private link service connection associated with a private endpoint. - properties: - groupIDs: - description: GroupIDs specifies the ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to. - items: - type: string - type: array - name: - description: Name specifies the name of the private link service. - type: string - privateLinkServiceID: - description: PrivateLinkServiceID specifies the resource ID of the private link service. - type: string - requestMessage: - description: RequestMessage specifies a message passed to the owner of the remote resource with the private endpoint connection request. - maxLength: 140 - type: string - type: object - type: array - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - role: - description: Role defines the subnet role (eg. Node, ControlPlane) - enum: - - node - - control-plane - - bastion - type: string - securityGroup: - description: SecurityGroup defines the NSG (network security group) that should be attached to this subnet. - properties: - securityRules: - description: SecurityRules is a slice of Azure security rules for security groups. - items: - description: SecurityRule defines an Azure security rule for security groups. - properties: - action: - default: Allow - description: Action specifies whether network traffic is allowed or denied. Can either be "Allow" or "Deny". Defaults to "Allow". - enum: - - Allow - - Deny - type: string - description: - description: A description for this rule. Restricted to 140 chars. - type: string - destination: - description: Destination is the destination address prefix. CIDR or destination IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. - type: string - destinationPorts: - description: DestinationPorts specifies the destination port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - direction: - description: Direction indicates whether the rule applies to inbound, or outbound traffic. "Inbound" or "Outbound". - enum: - - Inbound - - Outbound - type: string - name: - description: Name is a unique name within the network security group. - type: string - priority: - description: Priority is a number between 100 and 4096. Each rule should have a unique value for priority. Rules are processed in priority order, with lower numbers processed before higher numbers. Once traffic matches a rule, processing stops. - format: int32 - type: integer - protocol: - description: Protocol specifies the protocol type. "Tcp", "Udp", "Icmp", or "*". - enum: - - Tcp - - Udp - - Icmp - - '*' - type: string - source: - description: Source specifies the CIDR or source IP range. Asterix '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. - type: string - sourcePorts: - description: SourcePorts specifies source port or range. Integer or range between 0 and 65535. Asterix '*' can also be used to match all ports. - type: string - required: - - description - - direction - - name - - protocol - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - tags: - additionalProperties: - type: string - description: Tags defines a map of tags. - type: object - type: object - serviceEndpoints: - description: ServiceEndpoints is a slice of Virtual Network service endpoints to enable for the subnets. - items: - description: ServiceEndpointSpec configures an Azure Service Endpoint. - properties: - locations: - items: - type: string - type: array - service: - type: string - required: - - locations - - service - type: object - type: array - x-kubernetes-list-map-keys: - - service - x-kubernetes-list-type: map - required: - - name - - role - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - vnet: - description: Vnet is the configuration for the Azure virtual network. - properties: - cidrBlocks: - description: CIDRBlocks defines the virtual network's address space, specified as one or more address prefixes in CIDR notation. - items: - type: string - type: array - peerings: - description: Peerings defines a list of peerings of the newly created virtual network with existing virtual networks. - items: - description: VnetPeeringClassSpec specifies a virtual network peering class. - properties: - forwardPeeringProperties: - description: ForwardPeeringProperties specifies VnetPeeringProperties for peering from the cluster's virtual network to the remote virtual network. - properties: - allowForwardedTraffic: - description: AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. - type: boolean - allowGatewayTransit: - description: AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual network. - type: boolean - allowVirtualNetworkAccess: - description: AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. - type: boolean - useRemoteGateways: - description: UseRemoteGateways specifies if remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. - type: boolean - type: object - remoteVnetName: - description: RemoteVnetName defines name of the remote virtual network. - type: string - resourceGroup: - description: ResourceGroup is the resource group name of the remote virtual network. - type: string - reversePeeringProperties: - description: ReversePeeringProperties specifies VnetPeeringProperties for peering from the remote virtual network to the cluster's virtual network. - properties: - allowForwardedTraffic: - description: AllowForwardedTraffic specifies whether the forwarded traffic from the VMs in the local virtual network will be allowed/disallowed in remote virtual network. - type: boolean - allowGatewayTransit: - description: AllowGatewayTransit specifies if gateway links can be used in remote virtual networking to link to this virtual network. - type: boolean - allowVirtualNetworkAccess: - description: AllowVirtualNetworkAccess specifies whether the VMs in the local virtual network space would be able to access the VMs in remote virtual network space. - type: boolean - useRemoteGateways: - description: UseRemoteGateways specifies if remote gateways can be used on this virtual network. If the flag is set to true, and allowGatewayTransit on remote peering is also set to true, the virtual network will use the gateways of the remote virtual network for transit. Only one peering can have this flag set to true. This flag cannot be set if virtual network already has a gateway. - type: boolean - type: object - required: - - remoteVnetName - type: object - type: array - tags: - additionalProperties: - type: string - description: Tags is a collection of tags describing the resource. - type: object - type: object - type: object - subscriptionID: - type: string - required: - - location - type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azureidentity-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azureidentity-crd.yaml deleted file mode 100644 index f228c0275..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azureidentity-crd.yaml +++ /dev/null @@ -1,96 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azureidentities.aadpodidentity.k8s.io - annotations: - api-approved.kubernetes.io: unapproved - controller-gen.kubebuilder.io/version: v0.5.0 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - group: aadpodidentity.k8s.io - names: - kind: AzureIdentity - listKind: AzureIdentityList - plural: azureidentities - singular: azureidentity - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: AzureIdentity is the specification of the identity data structure. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureIdentitySpec describes the credential specifications of an identity on Azure. - properties: - adEndpoint: - type: string - adResourceID: - description: For service principal. Option param for specifying the AD details. - type: string - auxiliaryTenantIDs: - description: Service principal auxiliary tenant ids - items: - type: string - nullable: true - type: array - clientID: - description: Both User Assigned MSI and SP can use this field. - type: string - clientPassword: - description: Used for service principal - properties: - name: - description: Name is unique within a namespace to reference a secret resource. - type: string - namespace: - description: Namespace defines the space within which the secret name must be unique. - type: string - type: object - metadata: - type: object - replicas: - format: int32 - nullable: true - type: integer - resourceID: - description: User assigned MSI resource id. - type: string - tenantID: - description: Service principal primary tenant id. - type: string - type: - description: UserAssignedMSI or Service Principal - type: integer - type: object - status: - description: AzureIdentityStatus contains the replica status of the resource. - properties: - availableReplicas: - format: int32 - type: integer - metadata: - type: object - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azureidentitybinding-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azureidentitybinding-crd.yaml deleted file mode 100644 index 7e9570d8a..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azureidentitybinding-crd.yaml +++ /dev/null @@ -1,66 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azureidentitybindings.aadpodidentity.k8s.io - annotations: - api-approved.kubernetes.io: unapproved - controller-gen.kubebuilder.io/version: v0.5.0 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - group: aadpodidentity.k8s.io - names: - kind: AzureIdentityBinding - listKind: AzureIdentityBindingList - plural: azureidentitybindings - singular: azureidentitybinding - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: AzureIdentityBinding brings together the spec of matching pods and the identity which they can use. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureIdentityBindingSpec matches the pod with the Identity. Used to indicate the potential matches to look for between the pod/deployment and the identities present. - properties: - azureIdentity: - type: string - metadata: - type: object - selector: - type: string - weight: - description: Weight is used to figure out which of the matching identities would be selected. - type: integer - type: object - status: - description: AzureIdentityBindingStatus contains the status of an AzureIdentityBinding. - properties: - availableReplicas: - format: int32 - type: integer - metadata: - type: object - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml deleted file mode 100644 index 810e21c78..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachine-crd.yaml +++ /dev/null @@ -1,625 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azuremachines.infrastructure.cluster.x-k8s.io - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureMachine - listKind: AzureMachineList - plural: azuremachines - singular: azuremachine - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - priority: 1 - type: string - - description: Azure VM provisioning state - jsonPath: .status.vmState - name: State - type: string - - description: Cluster to which this AzureMachine belongs - jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name - name: Cluster - priority: 1 - type: string - - description: Machine object to which this AzureMachine belongs - jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name - name: Machine - priority: 1 - type: string - - description: Azure VM ID - jsonPath: .spec.providerID - name: VM ID - priority: 1 - type: string - - description: Azure VM Size - jsonPath: .spec.vmSize - name: VM Size - priority: 1 - type: string - - description: Time duration since creation of this AzureMachine - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureMachine is the Schema for the azuremachines API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureMachineSpec defines the desired state of AzureMachine. - properties: - acceleratedNetworking: - description: 'Deprecated: AcceleratedNetworking should be set in the networkInterfaces field.' - type: boolean - additionalCapabilities: - description: AdditionalCapabilities specifies additional capabilities enabled or disabled on the virtual machine. - properties: - ultraSSDEnabled: - description: UltraSSDEnabled enables or disables Azure UltraSSD capability for the virtual machine. Defaults to true if Ultra SSD data disks are specified, otherwise it doesn't set the capability on the VM. - type: boolean - type: object - additionalTags: - additionalProperties: - type: string - description: AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine's value takes precedence. - type: object - allocatePublicIP: - description: AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true. - type: boolean - dataDisks: - description: DataDisk specifies the parameters that are used to add one or more data disks to the machine - items: - description: DataDisk specifies the parameters that are used to add one or more data disks to the machine. - properties: - cachingType: - description: CachingType specifies the caching requirements. - enum: - - None - - ReadOnly - - ReadWrite - type: string - diskSizeGB: - description: DiskSizeGB is the size in GB to assign to the data disk. - format: int32 - type: integer - lun: - description: Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. The value must be between 0 and 63. - format: int32 - type: integer - managedDisk: - description: ManagedDisk specifies the Managed Disk parameters for the data disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityProfile: - description: SecurityProfile specifies the security profile for the managed disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityEncryptionType: - description: SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. - enum: - - VMGuestStateOnly - - DiskWithVMGuestState - type: string - type: object - storageAccountType: - type: string - type: object - nameSuffix: - description: NameSuffix is the suffix to be appended to the machine name to generate the disk name. Each disk name will be in format _. - type: string - required: - - diskSizeGB - - nameSuffix - type: object - type: array - diagnostics: - description: Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled. - properties: - boot: - description: Boot configures the boot diagnostics settings for the virtual machine. This allows to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues. If not specified then Boot diagnostics (Managed) will be enabled. - properties: - storageAccountType: - description: StorageAccountType determines if the storage account for storing the diagnostics data should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). - enum: - - Managed - - UserManaged - - Disabled - type: string - userManaged: - description: UserManaged provides a reference to the user-managed storage account. - properties: - storageAccountURI: - description: 'StorageAccountURI is the URI of the user-managed storage account. The URI typically will be `https://.blob.core.windows.net/` but may differ if you are using Azure DNS zone endpoints. You can find the correct endpoint by looking for the Blob Primary Endpoint in the endpoints tab in the Azure console or with the CLI by issuing `az storage account list --query=''[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}''`.' - maxLength: 1024 - pattern: ^https:// - type: string - required: - - storageAccountURI - type: object - required: - - storageAccountType - type: object - type: object - dnsServers: - description: DNSServers adds a list of DNS Server IP addresses to the VM NICs. - items: - type: string - type: array - enableIPForwarding: - description: EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller manager). Default is false for disabled. - type: boolean - failureDomain: - description: FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. This relates to an Azure Availability Zone - type: string - identity: - default: None - description: Identity is the type of identity used for the virtual machine. The type 'SystemAssigned' is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type 'UserAssigned' is a standalone Azure resource provided by the user and assigned to the VM - enum: - - None - - SystemAssigned - - UserAssigned - type: string - image: - description: Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace "capi" offer, which is based on Ubuntu. - properties: - computeGallery: - description: ComputeGallery specifies an image to use from the Azure Compute Gallery - properties: - gallery: - description: Gallery specifies the name of the compute image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - plan: - description: Plan contains plan information. - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - required: - - offer - - publisher - - sku - type: object - resourceGroup: - description: ResourceGroup specifies the resource group containing the private compute gallery. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the private compute gallery. - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - version - type: object - id: - description: ID specifies an image to use by ID - type: string - marketplace: - description: Marketplace specifies an image to use from the Azure Marketplace - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - thirdPartyImage: - default: false - description: ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. - type: boolean - version: - description: Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - offer - - publisher - - sku - - version - type: object - sharedGallery: - description: 'SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead.' - properties: - gallery: - description: Gallery specifies the name of the shared image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - publisher: - description: Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - resourceGroup: - description: ResourceGroup specifies the resource group containing the shared image gallery - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the shared image gallery - minLength: 1 - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - resourceGroup - - subscriptionID - - version - type: object - type: object - networkInterfaces: - description: NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster's node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list. - items: - description: NetworkInterface defines a network interface. - properties: - acceleratedNetworking: - description: AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on whether the requested VMSize supports accelerated networking. If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. - type: boolean - privateIPConfigs: - description: PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. Defaults to 1 if not specified. - type: integer - subnetName: - description: SubnetName specifies the subnet in which the new network interface will be placed. - type: string - type: object - type: array - osDisk: - description: OSDisk specifies the parameters for the operating system disk of the machine - properties: - cachingType: - description: CachingType specifies the caching requirements. - enum: - - None - - ReadOnly - - ReadWrite - type: string - diffDiskSettings: - description: DiffDiskSettings describe ephemeral disk settings for the os disk. - properties: - option: - description: Option enables ephemeral OS when set to "Local" See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details - enum: - - Local - type: string - required: - - option - type: object - diskSizeGB: - description: DiskSizeGB is the size in GB to assign to the OS disk. Will have a default of 30GB if not provided - format: int32 - type: integer - managedDisk: - description: ManagedDisk specifies the Managed Disk parameters for the OS disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityProfile: - description: SecurityProfile specifies the security profile for the managed disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityEncryptionType: - description: SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. - enum: - - VMGuestStateOnly - - DiskWithVMGuestState - type: string - type: object - storageAccountType: - type: string - type: object - osType: - type: string - required: - - osType - type: object - providerID: - description: ProviderID is the unique identifier as specified by the cloud provider. - type: string - roleAssignmentName: - description: 'Deprecated: RoleAssignmentName should be set in the systemAssignedIdentityRole field.' - type: string - securityProfile: - description: SecurityProfile specifies the Security profile settings for a virtual machine. - properties: - encryptionAtHost: - description: This field indicates whether Host Encryption should be enabled or disabled for a virtual machine or virtual machine scale set. This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. Default is disabled. - type: boolean - securityType: - description: 'SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set.' - enum: - - ConfidentialVM - - TrustedLaunch - type: string - uefiSettings: - description: UefiSettings specifies the security settings like secure boot and vTPM used while creating the virtual machine. - properties: - secureBootEnabled: - description: SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. - type: boolean - vTpmEnabled: - description: VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to Enabled if SecurityEncryptionType is defined. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. - type: boolean - type: object - type: object - spotVMOptions: - description: SpotVMOptions allows the ability to specify the Machine should use a Spot VM - properties: - evictionPolicy: - description: EvictionPolicy defines the behavior of the virtual machine when it is evicted. It can be either Delete or Deallocate. - enum: - - Deallocate - - Delete - type: string - maxPrice: - anyOf: - - type: integer - - type: string - description: MaxPrice defines the maximum price the user is willing to pay for Spot VM instances - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - sshPublicKey: - description: SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances. - type: string - subnetName: - description: 'Deprecated: SubnetName should be set in the networkInterfaces field.' - type: string - systemAssignedIdentityRole: - description: SystemAssignedIdentityRole defines the role and scope to assign to the system-assigned identity. - properties: - definitionID: - description: 'DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles' - type: string - name: - description: Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. If not specified, a random UUID will be generated. - type: string - scope: - description: Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. If not specified, the scope will be the subscription. - type: string - type: object - userAssignedIdentities: - description: UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachine. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli - items: - description: UserAssignedIdentity defines the user-assigned identities provided by the user to be assigned to Azure resources. - properties: - providerID: - description: 'ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: ''azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''' - type: string - required: - - providerID - type: object - type: array - vmExtensions: - description: VMExtensions specifies a list of extensions to be added to the virtual machine. - items: - description: VMExtension specifies the parameters for a custom VM extension. - properties: - name: - description: Name is the name of the extension. - type: string - protectedSettings: - additionalProperties: - type: string - description: ProtectedSettings is a JSON formatted protected settings for the extension. - type: object - publisher: - description: Publisher is the name of the extension handler publisher. - type: string - settings: - additionalProperties: - type: string - description: Settings is a JSON formatted public settings for the extension. - type: object - version: - description: Version specifies the version of the script handler. - type: string - required: - - name - - publisher - - version - type: object - type: array - vmSize: - type: string - required: - - osDisk - - vmSize - type: object - status: - description: AzureMachineStatus defines the observed state of AzureMachine. - properties: - addresses: - description: Addresses contains the Azure instance associated addresses. - items: - description: NodeAddress contains information for the node's address. - properties: - address: - description: The node address. - type: string - type: - description: Node address type, one of Hostname, ExternalIP or InternalIP. - type: string - required: - - address - - type - type: object - type: array - conditions: - description: Conditions defines current service state of the AzureMachine. - items: - description: Condition defines an observation of a Cluster API resource operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - type: string - severity: - description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - failureMessage: - description: "ErrorMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." - type: string - failureReason: - description: "ErrorReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." - type: string - longRunningOperationStates: - description: LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop. - items: - description: Future contains the data needed for an Azure long-running operation to continue across reconcile loops. - properties: - data: - description: Data is the base64 url encoded json Azure AutoRest Future. - type: string - name: - description: Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. - type: string - resourceGroup: - description: ResourceGroup is the Azure resource group for the resource. - type: string - serviceName: - description: ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. - type: string - type: - description: Type describes the type of future, such as update, create, delete, etc. - type: string - required: - - data - - name - - serviceName - - type - type: object - type: array - ready: - description: Ready is true when the provider resource is ready. - type: boolean - vmState: - description: VMState is the provisioning state of the Azure virtual machine. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml deleted file mode 100644 index 083afb293..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepool-crd.yaml +++ /dev/null @@ -1,814 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azuremachinepools.infrastructure.cluster.x-k8s.io - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureMachinePool - listKind: AzureMachinePoolList - plural: azuremachinepools - shortNames: - - amp - singular: azuremachinepool - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: AzureMachinePool replicas count - jsonPath: .status.replicas - name: Replicas - type: string - - description: AzureMachinePool replicas count - jsonPath: .status.ready - name: Ready - type: string - - description: Azure VMSS provisioning state - jsonPath: .status.provisioningState - name: State - type: string - - description: Cluster to which this AzureMachinePool belongs - jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name - name: Cluster - priority: 1 - type: string - - description: MachinePool object to which this AzureMachinePool belongs - jsonPath: .metadata.ownerReferences[?(@.kind=="MachinePool")].name - name: MachinePool - priority: 1 - type: string - - description: Azure VMSS ID - jsonPath: .spec.providerID - name: VMSS ID - priority: 1 - type: string - - description: Azure VM Size - jsonPath: .spec.template.vmSize - name: VM Size - priority: 1 - type: string - - description: Time duration since creation of this AzureMachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureMachinePool is the Schema for the azuremachinepools API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureMachinePoolSpec defines the desired state of AzureMachinePool. - properties: - additionalTags: - additionalProperties: - type: string - description: AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine's value takes precedence. - type: object - identity: - default: None - description: Identity is the type of identity used for the Virtual Machine Scale Set. The type 'SystemAssigned' is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type 'UserAssigned' is a standalone Azure resource provided by the user and assigned to the VM - enum: - - None - - SystemAssigned - - UserAssigned - type: string - location: - description: Location is the Azure region location e.g. westus2 - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' - type: string - orchestrationMode: - default: Uniform - description: OrchestrationMode specifies the orchestration mode for the Virtual Machine Scale Set - enum: - - Flexible - - Uniform - type: string - providerID: - description: ProviderID is the identification ID of the Virtual Machine Scale Set - type: string - providerIDList: - description: ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. - items: - type: string - type: array - roleAssignmentName: - description: 'Deprecated: RoleAssignmentName should be set in the systemAssignedIdentityRole field.' - type: string - strategy: - default: - rollingUpdate: - deletePolicy: Oldest - maxSurge: 1 - maxUnavailable: 0 - type: RollingUpdate - description: The deployment strategy to use to replace existing AzureMachinePoolMachines with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. - properties: - deletePolicy: - default: Oldest - description: DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. Valid values are "Random, "Newest", "Oldest" When no value is supplied, the default is Oldest - enum: - - Random - - Newest - - Oldest - type: string - maxSurge: - anyOf: - - type: integer - - type: string - default: 1 - description: 'The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - default: 0 - description: 'The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines.' - x-kubernetes-int-or-string: true - type: object - type: - default: RollingUpdate - description: Type of deployment. Currently the only supported strategy is RollingUpdate - enum: - - RollingUpdate - type: string - type: object - systemAssignedIdentityRole: - description: SystemAssignedIdentityRole defines the role and scope to assign to the system assigned identity. - properties: - definitionID: - description: 'DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles' - type: string - name: - description: Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. If not specified, a random UUID will be generated. - type: string - scope: - description: Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. If not specified, the scope will be the subscription. - type: string - type: object - template: - description: Template contains the details used to build a replica virtual machine within the Machine Pool - properties: - acceleratedNetworking: - description: 'Deprecated: AcceleratedNetworking should be set in the networkInterfaces field.' - type: boolean - dataDisks: - description: DataDisks specifies the list of data disks to be created for a Virtual Machine - items: - description: DataDisk specifies the parameters that are used to add one or more data disks to the machine. - properties: - cachingType: - description: CachingType specifies the caching requirements. - enum: - - None - - ReadOnly - - ReadWrite - type: string - diskSizeGB: - description: DiskSizeGB is the size in GB to assign to the data disk. - format: int32 - type: integer - lun: - description: Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. The value must be between 0 and 63. - format: int32 - type: integer - managedDisk: - description: ManagedDisk specifies the Managed Disk parameters for the data disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityProfile: - description: SecurityProfile specifies the security profile for the managed disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityEncryptionType: - description: SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. - enum: - - VMGuestStateOnly - - DiskWithVMGuestState - type: string - type: object - storageAccountType: - type: string - type: object - nameSuffix: - description: NameSuffix is the suffix to be appended to the machine name to generate the disk name. Each disk name will be in format _. - type: string - required: - - diskSizeGB - - nameSuffix - type: object - type: array - diagnostics: - description: Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled. - properties: - boot: - description: Boot configures the boot diagnostics settings for the virtual machine. This allows to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues. If not specified then Boot diagnostics (Managed) will be enabled. - properties: - storageAccountType: - description: StorageAccountType determines if the storage account for storing the diagnostics data should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). - enum: - - Managed - - UserManaged - - Disabled - type: string - userManaged: - description: UserManaged provides a reference to the user-managed storage account. - properties: - storageAccountURI: - description: 'StorageAccountURI is the URI of the user-managed storage account. The URI typically will be `https://.blob.core.windows.net/` but may differ if you are using Azure DNS zone endpoints. You can find the correct endpoint by looking for the Blob Primary Endpoint in the endpoints tab in the Azure console or with the CLI by issuing `az storage account list --query=''[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}''`.' - maxLength: 1024 - pattern: ^https:// - type: string - required: - - storageAccountURI - type: object - required: - - storageAccountType - type: object - type: object - image: - description: Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace "capi" offer, which is based on Ubuntu. - properties: - computeGallery: - description: ComputeGallery specifies an image to use from the Azure Compute Gallery - properties: - gallery: - description: Gallery specifies the name of the compute image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - plan: - description: Plan contains plan information. - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - required: - - offer - - publisher - - sku - type: object - resourceGroup: - description: ResourceGroup specifies the resource group containing the private compute gallery. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the private compute gallery. - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - version - type: object - id: - description: ID specifies an image to use by ID - type: string - marketplace: - description: Marketplace specifies an image to use from the Azure Marketplace - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - thirdPartyImage: - default: false - description: ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. - type: boolean - version: - description: Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - offer - - publisher - - sku - - version - type: object - sharedGallery: - description: 'SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead.' - properties: - gallery: - description: Gallery specifies the name of the shared image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - publisher: - description: Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - resourceGroup: - description: ResourceGroup specifies the resource group containing the shared image gallery - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the shared image gallery - minLength: 1 - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - resourceGroup - - subscriptionID - - version - type: object - type: object - networkInterfaces: - description: NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster's node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list. - items: - description: NetworkInterface defines a network interface. - properties: - acceleratedNetworking: - description: AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on whether the requested VMSize supports accelerated networking. If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. - type: boolean - privateIPConfigs: - description: PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. Defaults to 1 if not specified. - type: integer - subnetName: - description: SubnetName specifies the subnet in which the new network interface will be placed. - type: string - type: object - type: array - osDisk: - description: OSDisk contains the operating system disk information for a Virtual Machine - properties: - cachingType: - description: CachingType specifies the caching requirements. - enum: - - None - - ReadOnly - - ReadWrite - type: string - diffDiskSettings: - description: DiffDiskSettings describe ephemeral disk settings for the os disk. - properties: - option: - description: Option enables ephemeral OS when set to "Local" See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details - enum: - - Local - type: string - required: - - option - type: object - diskSizeGB: - description: DiskSizeGB is the size in GB to assign to the OS disk. Will have a default of 30GB if not provided - format: int32 - type: integer - managedDisk: - description: ManagedDisk specifies the Managed Disk parameters for the OS disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityProfile: - description: SecurityProfile specifies the security profile for the managed disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityEncryptionType: - description: SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. - enum: - - VMGuestStateOnly - - DiskWithVMGuestState - type: string - type: object - storageAccountType: - type: string - type: object - osType: - type: string - required: - - osType - type: object - securityProfile: - description: SecurityProfile specifies the Security profile settings for a virtual machine. - properties: - encryptionAtHost: - description: This field indicates whether Host Encryption should be enabled or disabled for a virtual machine or virtual machine scale set. This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. Default is disabled. - type: boolean - securityType: - description: 'SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set.' - enum: - - ConfidentialVM - - TrustedLaunch - type: string - uefiSettings: - description: UefiSettings specifies the security settings like secure boot and vTPM used while creating the virtual machine. - properties: - secureBootEnabled: - description: SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. - type: boolean - vTpmEnabled: - description: VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to Enabled if SecurityEncryptionType is defined. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. - type: boolean - type: object - type: object - spotVMOptions: - description: SpotVMOptions allows the ability to specify the Machine should use a Spot VM - properties: - evictionPolicy: - description: EvictionPolicy defines the behavior of the virtual machine when it is evicted. It can be either Delete or Deallocate. - enum: - - Deallocate - - Delete - type: string - maxPrice: - anyOf: - - type: integer - - type: string - description: MaxPrice defines the maximum price the user is willing to pay for Spot VM instances - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - sshPublicKey: - description: SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances. - type: string - subnetName: - description: 'Deprecated: SubnetName should be set in the networkInterfaces field.' - type: string - terminateNotificationTimeout: - description: TerminateNotificationTimeout enables or disables VMSS scheduled events termination notification with specified timeout allowed values are between 5 and 15 (mins) - type: integer - vmExtensions: - description: VMExtensions specifies a list of extensions to be added to the scale set. - items: - description: VMExtension specifies the parameters for a custom VM extension. - properties: - name: - description: Name is the name of the extension. - type: string - protectedSettings: - additionalProperties: - type: string - description: ProtectedSettings is a JSON formatted protected settings for the extension. - type: object - publisher: - description: Publisher is the name of the extension handler publisher. - type: string - settings: - additionalProperties: - type: string - description: Settings is a JSON formatted public settings for the extension. - type: object - version: - description: Version specifies the version of the script handler. - type: string - required: - - name - - publisher - - version - type: object - type: array - vmSize: - description: VMSize is the size of the Virtual Machine to build. See https://learn.microsoft.com/rest/api/compute/virtualmachines/createorupdate#virtualmachinesizetypes - type: string - required: - - osDisk - - vmSize - type: object - userAssignedIdentities: - description: UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachinePool. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli - items: - description: UserAssignedIdentity defines the user-assigned identities provided by the user to be assigned to Azure resources. - properties: - providerID: - description: 'ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: ''azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''' - type: string - required: - - providerID - type: object - type: array - required: - - location - - template - type: object - status: - description: AzureMachinePoolStatus defines the observed state of AzureMachinePool. - properties: - conditions: - description: Conditions defines current service state of the AzureMachinePool. - items: - description: Condition defines an observation of a Cluster API resource operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - type: string - severity: - description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - failureMessage: - description: "FailureMessage will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a more verbose string suitable for logging and human consumption. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachinePool's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output." - type: string - failureReason: - description: "FailureReason will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a succinct value suitable for machine interpretation. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachinePool's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output." - type: string - image: - description: Image is the current image used in the AzureMachinePool. When the spec image is nil, this image is populated with the details of the defaulted Azure Marketplace "capi" offer. - properties: - computeGallery: - description: ComputeGallery specifies an image to use from the Azure Compute Gallery - properties: - gallery: - description: Gallery specifies the name of the compute image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - plan: - description: Plan contains plan information. - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - required: - - offer - - publisher - - sku - type: object - resourceGroup: - description: ResourceGroup specifies the resource group containing the private compute gallery. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the private compute gallery. - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - version - type: object - id: - description: ID specifies an image to use by ID - type: string - marketplace: - description: Marketplace specifies an image to use from the Azure Marketplace - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - thirdPartyImage: - default: false - description: ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. - type: boolean - version: - description: Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - offer - - publisher - - sku - - version - type: object - sharedGallery: - description: 'SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead.' - properties: - gallery: - description: Gallery specifies the name of the shared image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - publisher: - description: Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - resourceGroup: - description: ResourceGroup specifies the resource group containing the shared image gallery - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the shared image gallery - minLength: 1 - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - resourceGroup - - subscriptionID - - version - type: object - type: object - instances: - description: Instances is the VM instance status for each VM in the VMSS - items: - description: AzureMachinePoolInstanceStatus provides status information for each instance in the VMSS. - properties: - instanceID: - description: InstanceID is the identification of the Machine Instance within the VMSS - type: string - instanceName: - description: InstanceName is the name of the Machine Instance within the VMSS - type: string - latestModelApplied: - description: LatestModelApplied indicates the instance is running the most up-to-date VMSS model. A VMSS model describes the image version the VM is running. If the instance is not running the latest model, it means the instance may not be running the version of Kubernetes the Machine Pool has specified and needs to be updated. - type: boolean - providerID: - description: ProviderID is the provider identification of the VMSS Instance - type: string - provisioningState: - description: ProvisioningState is the provisioning state of the Azure virtual machine instance. - type: string - version: - description: Version defines the Kubernetes version for the VM Instance - type: string - required: - - latestModelApplied - type: object - type: array - longRunningOperationStates: - description: LongRunningOperationStates saves the state for Azure long-running operations so they can be continued on the next reconciliation loop. - items: - description: Future contains the data needed for an Azure long-running operation to continue across reconcile loops. - properties: - data: - description: Data is the base64 url encoded json Azure AutoRest Future. - type: string - name: - description: Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. - type: string - resourceGroup: - description: ResourceGroup is the Azure resource group for the resource. - type: string - serviceName: - description: ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. - type: string - type: - description: Type describes the type of future, such as update, create, delete, etc. - type: string - required: - - data - - name - - serviceName - - type - type: object - type: array - provisioningState: - description: ProvisioningState is the provisioning state of the Azure virtual machine. - type: string - ready: - description: Ready is true when the provider resource is ready. - type: boolean - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - version: - description: Version is the Kubernetes version for the current VMSS model - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml deleted file mode 100644 index e4c5e418f..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinepoolmachine-crd.yaml +++ /dev/null @@ -1,209 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azuremachinepoolmachines.infrastructure.cluster.x-k8s.io - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureMachinePoolMachine - listKind: AzureMachinePoolMachineList - plural: azuremachinepoolmachines - shortNames: - - ampm - singular: azuremachinepoolmachine - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Kubernetes version - jsonPath: .status.version - name: Version - type: string - - description: Flag indicating infrastructure is successfully provisioned - jsonPath: .status.ready - name: Ready - type: string - - description: Azure VMSS VM provisioning state - jsonPath: .status.provisioningState - name: State - type: string - - description: Cluster to which this AzureMachinePoolMachine belongs - jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name - name: Cluster - priority: 1 - type: string - - description: Azure VMSS VM ID - jsonPath: .spec.providerID - name: VMSS VM ID - priority: 1 - type: string - - description: Time duration since creation of this AzureMachinePoolMachine - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureMachinePoolMachine is the Schema for the azuremachinepoolmachines API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureMachinePoolMachineSpec defines the desired state of AzureMachinePoolMachine. - properties: - instanceID: - description: InstanceID is the identification of the Machine Instance within the VMSS - type: string - providerID: - description: ProviderID is the identification ID of the Virtual Machine Scale Set - type: string - required: - - providerID - type: object - status: - description: AzureMachinePoolMachineStatus defines the observed state of AzureMachinePoolMachine. - properties: - conditions: - description: Conditions defines current service state of the AzureMachinePool. - items: - description: Condition defines an observation of a Cluster API resource operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - type: string - severity: - description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - failureMessage: - description: "FailureMessage will be set in the event that there is a terminal problem reconciling the MachinePool and will contain a more verbose string suitable for logging and human consumption. \n Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output." - type: string - failureReason: - description: "FailureReason will be set in the event that there is a terminal problem reconciling the MachinePool machine and will contain a succinct value suitable for machine interpretation. \n Any transient errors that occur during the reconciliation of MachinePools can be added as events to the MachinePool object and/or logged in the controller's output." - type: string - instanceName: - description: InstanceName is the name of the Machine Instance within the VMSS - type: string - latestModelApplied: - description: LatestModelApplied indicates the instance is running the most up-to-date VMSS model. A VMSS model describes the image version the VM is running. If the instance is not running the latest model, it means the instance may not be running the version of Kubernetes the Machine Pool has specified and needs to be updated. - type: boolean - longRunningOperationStates: - description: LongRunningOperationStates saves the state for Azure long running operations so they can be continued on the next reconciliation loop. - items: - description: Future contains the data needed for an Azure long-running operation to continue across reconcile loops. - properties: - data: - description: Data is the base64 url encoded json Azure AutoRest Future. - type: string - name: - description: Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. - type: string - resourceGroup: - description: ResourceGroup is the Azure resource group for the resource. - type: string - serviceName: - description: ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. - type: string - type: - description: Type describes the type of future, such as update, create, delete, etc. - type: string - required: - - data - - name - - serviceName - - type - type: object - type: array - nodeRef: - description: NodeRef will point to the corresponding Node if it exists. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - provisioningState: - description: ProvisioningState is the provisioning state of the Azure virtual machine instance. - type: string - ready: - description: Ready is true when the provider resource is ready. - type: boolean - version: - description: Version defines the Kubernetes version for the VM Instance - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml deleted file mode 100644 index 5a6be532c..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremachinetemplate-crd.yaml +++ /dev/null @@ -1,521 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azuremachinetemplates.infrastructure.cluster.x-k8s.io - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-capz-serving-cert' - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-capz-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureMachineTemplate - listKind: AzureMachineTemplateList - plural: azuremachinetemplates - singular: azuremachinetemplate - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureMachineTemplate is the Schema for the azuremachinetemplates API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureMachineTemplateSpec defines the desired state of AzureMachineTemplate. - properties: - template: - description: AzureMachineTemplateResource describes the data needed to create an AzureMachine from a template. - properties: - metadata: - description: "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. This is a copy of customizable fields from metav1.ObjectMeta. \n ObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` and `MachineSet.Template`, which are not top-level Kubernetes objects. Given that metav1.ObjectMeta has lots of special cases and read-only fields which end up in the generated CRD validation, having it as a subset simplifies the API and some issues that can impact user experience. \n During the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054) for v1alpha2, we noticed a failure would occur running Cluster API test suite against the new CRDs, specifically `spec.metadata.creationTimestamp in body must be of type string: \"null\"`. The investigation showed that `controller-tools@v2` behaves differently than its previous version when handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) package. \n In more details, we found that embedded (non-top level) types that embedded `metav1.ObjectMeta` had validation properties, including for `creationTimestamp` (metav1.Time). The `metav1.Time` type specifies a custom json marshaller that, when IsZero() is true, returns `null` which breaks validation because the field isn't marked as nullable. \n In future versions, controller-tools@v2 might allow overriding the type and validation for embedded types. When that happens, this hack should be revisited." - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: Spec is the specification of the desired behavior of the machine. - properties: - acceleratedNetworking: - description: 'Deprecated: AcceleratedNetworking should be set in the networkInterfaces field.' - type: boolean - additionalCapabilities: - description: AdditionalCapabilities specifies additional capabilities enabled or disabled on the virtual machine. - properties: - ultraSSDEnabled: - description: UltraSSDEnabled enables or disables Azure UltraSSD capability for the virtual machine. Defaults to true if Ultra SSD data disks are specified, otherwise it doesn't set the capability on the VM. - type: boolean - type: object - additionalTags: - additionalProperties: - type: string - description: AdditionalTags is an optional set of tags to add to an instance, in addition to the ones added by default by the Azure provider. If both the AzureCluster and the AzureMachine specify the same tag name with different values, the AzureMachine's value takes precedence. - type: object - allocatePublicIP: - description: AllocatePublicIP allows the ability to create dynamic public ips for machines where this value is true. - type: boolean - dataDisks: - description: DataDisk specifies the parameters that are used to add one or more data disks to the machine - items: - description: DataDisk specifies the parameters that are used to add one or more data disks to the machine. - properties: - cachingType: - description: CachingType specifies the caching requirements. - enum: - - None - - ReadOnly - - ReadWrite - type: string - diskSizeGB: - description: DiskSizeGB is the size in GB to assign to the data disk. - format: int32 - type: integer - lun: - description: Lun Specifies the logical unit number of the data disk. This value is used to identify data disks within the VM and therefore must be unique for each data disk attached to a VM. The value must be between 0 and 63. - format: int32 - type: integer - managedDisk: - description: ManagedDisk specifies the Managed Disk parameters for the data disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityProfile: - description: SecurityProfile specifies the security profile for the managed disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityEncryptionType: - description: SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. - enum: - - VMGuestStateOnly - - DiskWithVMGuestState - type: string - type: object - storageAccountType: - type: string - type: object - nameSuffix: - description: NameSuffix is the suffix to be appended to the machine name to generate the disk name. Each disk name will be in format _. - type: string - required: - - diskSizeGB - - nameSuffix - type: object - type: array - diagnostics: - description: Diagnostics specifies the diagnostics settings for a virtual machine. If not specified then Boot diagnostics (Managed) will be enabled. - properties: - boot: - description: Boot configures the boot diagnostics settings for the virtual machine. This allows to configure capturing serial output from the virtual machine on boot. This is useful for debugging software based launch issues. If not specified then Boot diagnostics (Managed) will be enabled. - properties: - storageAccountType: - description: StorageAccountType determines if the storage account for storing the diagnostics data should be disabled (Disabled), provisioned by Azure (Managed) or by the user (UserManaged). - enum: - - Managed - - UserManaged - - Disabled - type: string - userManaged: - description: UserManaged provides a reference to the user-managed storage account. - properties: - storageAccountURI: - description: 'StorageAccountURI is the URI of the user-managed storage account. The URI typically will be `https://.blob.core.windows.net/` but may differ if you are using Azure DNS zone endpoints. You can find the correct endpoint by looking for the Blob Primary Endpoint in the endpoints tab in the Azure console or with the CLI by issuing `az storage account list --query=''[].{name: name, "resource group": resourceGroup, "blob endpoint": primaryEndpoints.blob}''`.' - maxLength: 1024 - pattern: ^https:// - type: string - required: - - storageAccountURI - type: object - required: - - storageAccountType - type: object - type: object - dnsServers: - description: DNSServers adds a list of DNS Server IP addresses to the VM NICs. - items: - type: string - type: array - enableIPForwarding: - description: EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller manager). Default is false for disabled. - type: boolean - failureDomain: - description: FailureDomain is the failure domain unique identifier this Machine should be attached to, as defined in Cluster API. This relates to an Azure Availability Zone - type: string - identity: - default: None - description: Identity is the type of identity used for the virtual machine. The type 'SystemAssigned' is an implicitly created identity. The generated identity will be assigned a Subscription contributor role. The type 'UserAssigned' is a standalone Azure resource provided by the user and assigned to the VM - enum: - - None - - SystemAssigned - - UserAssigned - type: string - image: - description: Image is used to provide details of an image to use during VM creation. If image details are omitted the image will default the Azure Marketplace "capi" offer, which is based on Ubuntu. - properties: - computeGallery: - description: ComputeGallery specifies an image to use from the Azure Compute Gallery - properties: - gallery: - description: Gallery specifies the name of the compute image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - plan: - description: Plan contains plan information. - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - required: - - offer - - publisher - - sku - type: object - resourceGroup: - description: ResourceGroup specifies the resource group containing the private compute gallery. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the private compute gallery. - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - version - type: object - id: - description: ID specifies an image to use by ID - type: string - marketplace: - description: Marketplace specifies an image to use from the Azure Marketplace - properties: - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer - minLength: 1 - type: string - publisher: - description: Publisher is the name of the organization that created the image - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter - minLength: 1 - type: string - thirdPartyImage: - default: false - description: ThirdPartyImage indicates the image is published by a third party publisher and a Plan will be generated for it. - type: boolean - version: - description: Version specifies the version of an image sku. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - offer - - publisher - - sku - - version - type: object - sharedGallery: - description: 'SharedGallery specifies an image to use from an Azure Shared Image Gallery Deprecated: use ComputeGallery instead.' - properties: - gallery: - description: Gallery specifies the name of the shared image gallery that contains the image - minLength: 1 - type: string - name: - description: Name is the name of the image - minLength: 1 - type: string - offer: - description: Offer specifies the name of a group of related images created by the publisher. For example, UbuntuServer, WindowsServer This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - publisher: - description: Publisher is the name of the organization that created the image. This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - resourceGroup: - description: ResourceGroup specifies the resource group containing the shared image gallery - minLength: 1 - type: string - sku: - description: SKU specifies an instance of an offer, such as a major release of a distribution. For example, 18.04-LTS, 2019-Datacenter This value will be used to add a `Plan` in the API request when creating the VM/VMSS resource. This is needed when the source image from which this SIG image was built requires the `Plan` to be used. - type: string - subscriptionID: - description: SubscriptionID is the identifier of the subscription that contains the shared image gallery - minLength: 1 - type: string - version: - description: Version specifies the version of the marketplace image. The allowed formats are Major.Minor.Build or 'latest'. Major, Minor, and Build are decimal numbers. Specify 'latest' to use the latest version of an image available at deploy time. Even if you use 'latest', the VM image will not automatically update after deploy time even if a new version becomes available. - minLength: 1 - type: string - required: - - gallery - - name - - resourceGroup - - subscriptionID - - version - type: object - type: object - networkInterfaces: - description: NetworkInterfaces specifies a list of network interface configurations. If left unspecified, the VM will get a single network interface with a single IPConfig in the subnet specified in the cluster's node subnet field. The primary interface will be the first networkInterface specified (index 0) in the list. - items: - description: NetworkInterface defines a network interface. - properties: - acceleratedNetworking: - description: AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on whether the requested VMSize supports accelerated networking. If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error. - type: boolean - privateIPConfigs: - description: PrivateIPConfigs specifies the number of private IP addresses to attach to the interface. Defaults to 1 if not specified. - type: integer - subnetName: - description: SubnetName specifies the subnet in which the new network interface will be placed. - type: string - type: object - type: array - osDisk: - description: OSDisk specifies the parameters for the operating system disk of the machine - properties: - cachingType: - description: CachingType specifies the caching requirements. - enum: - - None - - ReadOnly - - ReadWrite - type: string - diffDiskSettings: - description: DiffDiskSettings describe ephemeral disk settings for the os disk. - properties: - option: - description: Option enables ephemeral OS when set to "Local" See https://learn.microsoft.com/azure/virtual-machines/ephemeral-os-disks for full details - enum: - - Local - type: string - required: - - option - type: object - diskSizeGB: - description: DiskSizeGB is the size in GB to assign to the OS disk. Will have a default of 30GB if not provided - format: int32 - type: integer - managedDisk: - description: ManagedDisk specifies the Managed Disk parameters for the OS disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityProfile: - description: SecurityProfile specifies the security profile for the managed disk. - properties: - diskEncryptionSet: - description: DiskEncryptionSet specifies the customer-managed disk encryption set resource id for the managed disk that is used for Customer Managed Key encrypted ConfidentialVM OS Disk and VMGuest blob. - properties: - id: - description: ID defines resourceID for diskEncryptionSet resource. It must be in the same subscription - type: string - type: object - securityEncryptionType: - description: SecurityEncryptionType specifies the encryption type of the managed disk. It is set to DiskWithVMGuestState to encrypt the managed disk along with the VMGuestState blob, and to VMGuestStateOnly to encrypt the VMGuestState blob only. When set to VMGuestStateOnly, VirtualizedTrustedPlatformModule should be set to Enabled. When set to DiskWithVMGuestState, EncryptionAtHost should be disabled, SecureBoot and VirtualizedTrustedPlatformModule should be set to Enabled. It can be set only for Confidential VMs. - enum: - - VMGuestStateOnly - - DiskWithVMGuestState - type: string - type: object - storageAccountType: - type: string - type: object - osType: - type: string - required: - - osType - type: object - providerID: - description: ProviderID is the unique identifier as specified by the cloud provider. - type: string - roleAssignmentName: - description: 'Deprecated: RoleAssignmentName should be set in the systemAssignedIdentityRole field.' - type: string - securityProfile: - description: SecurityProfile specifies the Security profile settings for a virtual machine. - properties: - encryptionAtHost: - description: This field indicates whether Host Encryption should be enabled or disabled for a virtual machine or virtual machine scale set. This should be disabled when SecurityEncryptionType is set to DiskWithVMGuestState. Default is disabled. - type: boolean - securityType: - description: 'SecurityType specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings. The default behavior is: UefiSettings will not be enabled unless this property is set.' - enum: - - ConfidentialVM - - TrustedLaunch - type: string - uefiSettings: - description: UefiSettings specifies the security settings like secure boot and vTPM used while creating the virtual machine. - properties: - secureBootEnabled: - description: SecureBootEnabled specifies whether secure boot should be enabled on the virtual machine. Secure Boot verifies the digital signature of all boot components and halts the boot process if signature verification fails. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. - type: boolean - vTpmEnabled: - description: VTpmEnabled specifies whether vTPM should be enabled on the virtual machine. When true it enables the virtualized trusted platform module measurements to create a known good boot integrity policy baseline. The integrity policy baseline is used for comparison with measurements from subsequent VM boots to determine if anything has changed. This is required to be set to Enabled if SecurityEncryptionType is defined. If omitted, the platform chooses a default, which is subject to change over time, currently that default is false. - type: boolean - type: object - type: object - spotVMOptions: - description: SpotVMOptions allows the ability to specify the Machine should use a Spot VM - properties: - evictionPolicy: - description: EvictionPolicy defines the behavior of the virtual machine when it is evicted. It can be either Delete or Deallocate. - enum: - - Deallocate - - Delete - type: string - maxPrice: - anyOf: - - type: integer - - type: string - description: MaxPrice defines the maximum price the user is willing to pay for Spot VM instances - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - sshPublicKey: - description: SSHPublicKey is the SSH public key string, base64-encoded to add to a Virtual Machine. Linux only. Refer to documentation on how to set up SSH access on Windows instances. - type: string - subnetName: - description: 'Deprecated: SubnetName should be set in the networkInterfaces field.' - type: string - systemAssignedIdentityRole: - description: SystemAssignedIdentityRole defines the role and scope to assign to the system-assigned identity. - properties: - definitionID: - description: 'DefinitionID is the ID of the role definition to create for a system assigned identity. It can be an Azure built-in role or a custom role. Refer to built-in roles: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles' - type: string - name: - description: Name is the name of the role assignment to create for a system assigned identity. It can be any valid UUID. If not specified, a random UUID will be generated. - type: string - scope: - description: Scope is the scope that the role assignment or definition applies to. The scope can be any REST resource instance. If not specified, the scope will be the subscription. - type: string - type: object - userAssignedIdentities: - description: UserAssignedIdentities is a list of standalone Azure identities provided by the user The lifecycle of a user-assigned identity is managed separately from the lifecycle of the AzureMachine. See https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-cli - items: - description: UserAssignedIdentity defines the user-assigned identities provided by the user to be assigned to Azure resources. - properties: - providerID: - description: 'ProviderID is the identification ID of the user-assigned Identity, the format of an identity is: ''azure:///subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}''' - type: string - required: - - providerID - type: object - type: array - vmExtensions: - description: VMExtensions specifies a list of extensions to be added to the virtual machine. - items: - description: VMExtension specifies the parameters for a custom VM extension. - properties: - name: - description: Name is the name of the extension. - type: string - protectedSettings: - additionalProperties: - type: string - description: ProtectedSettings is a JSON formatted protected settings for the extension. - type: object - publisher: - description: Publisher is the name of the extension handler publisher. - type: string - settings: - additionalProperties: - type: string - description: Settings is a JSON formatted public settings for the extension. - type: object - version: - description: Version specifies the version of the script handler. - type: string - required: - - name - - publisher - - version - type: object - type: array - vmSize: - type: string - required: - - osDisk - - vmSize - type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcluster-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcluster-crd.yaml deleted file mode 100644 index e8924440d..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcluster-crd.yaml +++ /dev/null @@ -1,75 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azuremanagedclusters.infrastructure.cluster.x-k8s.io - annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureManagedCluster - listKind: AzureManagedClusterList - plural: azuremanagedclusters - shortNames: - - amc - singular: azuremanagedcluster - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureManagedCluster is the Schema for the azuremanagedclusters API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureManagedClusterSpec defines the desired state of AzureManagedCluster. - properties: - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. Immutable, populated by the AKS API at create. - properties: - host: - description: The hostname on which the API server is serving. - type: string - port: - description: The port on which the API server is serving. - format: int32 - type: integer - required: - - host - - port - type: object - type: object - status: - description: AzureManagedClusterStatus defines the observed state of AzureManagedCluster. - properties: - ready: - description: Ready is true when the provider resource is ready. - type: boolean - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml deleted file mode 100644 index de648f1c6..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedcontrolplane-crd.yaml +++ /dev/null @@ -1,550 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io - annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureManagedControlPlane - listKind: AzureManagedControlPlaneList - plural: azuremanagedcontrolplanes - shortNames: - - amcp - singular: azuremanagedcontrolplane - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureManagedControlPlane is the Schema for the azuremanagedcontrolplanes API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureManagedControlPlaneSpec defines the desired state of AzureManagedControlPlane. - properties: - aadProfile: - description: AadProfile is Azure Active Directory configuration to integrate with AKS for aad authentication. - properties: - adminGroupObjectIDs: - description: AdminGroupObjectIDs - AAD group object IDs that will have admin role of the cluster. - items: - type: string - type: array - managed: - description: Managed - Whether to enable managed AAD. - type: boolean - required: - - adminGroupObjectIDs - - managed - type: object - additionalTags: - additionalProperties: - type: string - description: AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default. - type: object - addonProfiles: - description: AddonProfiles are the profiles of managed cluster add-on. - items: - description: AddonProfile represents a managed cluster add-on. - properties: - config: - additionalProperties: - type: string - description: Config - Key-value pairs for configuring the add-on. - type: object - enabled: - description: Enabled - Whether the add-on is enabled or not. - type: boolean - name: - description: Name - The name of the managed cluster add-on. - type: string - required: - - enabled - - name - type: object - type: array - apiServerAccessProfile: - description: APIServerAccessProfile is the access profile for AKS API server. Immutable except for `authorizedIPRanges`. - properties: - authorizedIPRanges: - description: AuthorizedIPRanges - Authorized IP Ranges to kubernetes API server. - items: - type: string - type: array - enablePrivateCluster: - description: EnablePrivateCluster - Whether to create the cluster as a private cluster or not. - type: boolean - enablePrivateClusterPublicFQDN: - description: EnablePrivateClusterPublicFQDN - Whether to create additional public FQDN for private cluster or not. - type: boolean - privateDNSZone: - description: PrivateDNSZone - Private dns zone mode for private cluster. - enum: - - System - - None - type: string - type: object - autoscalerProfile: - description: AutoscalerProfile is the parameters to be applied to the cluster-autoscaler when enabled - properties: - balanceSimilarNodeGroups: - description: BalanceSimilarNodeGroups - Valid values are 'true' and 'false'. The default is false. - enum: - - "true" - - "false" - type: string - expander: - description: Expander - If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information. - enum: - - least-waste - - most-pods - - priority - - random - type: string - maxEmptyBulkDelete: - description: MaxEmptyBulkDelete - The default is 10. - type: string - maxGracefulTerminationSec: - description: MaxGracefulTerminationSec - The default is 600. - pattern: ^(\d+)$ - type: string - maxNodeProvisionTime: - description: MaxNodeProvisionTime - The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. - pattern: ^(\d+)m$ - type: string - maxTotalUnreadyPercentage: - description: MaxTotalUnreadyPercentage - The default is 45. The maximum is 100 and the minimum is 0. - maxLength: 3 - minLength: 1 - pattern: ^(\d+)$ - type: string - newPodScaleUpDelay: - description: NewPodScaleUpDelay - For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc). - type: string - okTotalUnreadyCount: - description: OkTotalUnreadyCount - This must be an integer. The default is 3. - pattern: ^(\d+)$ - type: string - scaleDownDelayAfterAdd: - description: ScaleDownDelayAfterAdd - The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. - pattern: ^(\d+)m$ - type: string - scaleDownDelayAfterDelete: - description: ScaleDownDelayAfterDelete - The default is the scan-interval. Values must be an integer followed by an 's'. No unit of time other than seconds (s) is supported. - pattern: ^(\d+)s$ - type: string - scaleDownDelayAfterFailure: - description: ScaleDownDelayAfterFailure - The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. - pattern: ^(\d+)m$ - type: string - scaleDownUnneededTime: - description: ScaleDownUnneededTime - The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. - pattern: ^(\d+)m$ - type: string - scaleDownUnreadyTime: - description: ScaleDownUnreadyTime - The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported. - pattern: ^(\d+)m$ - type: string - scaleDownUtilizationThreshold: - description: ScaleDownUtilizationThreshold - The default is '0.5'. - type: string - scanInterval: - description: ScanInterval - How often cluster is reevaluated for scale up or down. The default is '10s'. - pattern: ^(\d+)s$ - type: string - skipNodesWithLocalStorage: - description: SkipNodesWithLocalStorage - The default is false. - enum: - - "true" - - "false" - type: string - skipNodesWithSystemPods: - description: SkipNodesWithSystemPods - The default is true. - enum: - - "true" - - "false" - type: string - type: object - azureEnvironment: - description: 'AzureEnvironment is the name of the AzureCloud to be used. The default value that would be used by most users is "AzurePublicCloud", other values are: - ChinaCloud: "AzureChinaCloud" - PublicCloud: "AzurePublicCloud" - USGovernmentCloud: "AzureUSGovernmentCloud"' - type: string - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. Immutable, populated by the AKS API at create. - properties: - host: - description: The hostname on which the API server is serving. - type: string - port: - description: The port on which the API server is serving. - format: int32 - type: integer - required: - - host - - port - type: object - dnsServiceIP: - description: DNSServiceIP is an IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr. Immutable. - type: string - httpProxyConfig: - description: HTTPProxyConfig is the HTTP proxy configuration for the cluster. Immutable. - properties: - httpProxy: - description: HTTPProxy is the HTTP proxy server endpoint to use. - type: string - httpsProxy: - description: HTTPSProxy is the HTTPS proxy server endpoint to use. - type: string - noProxy: - description: NoProxy indicates the endpoints that should not go through proxy. - items: - type: string - type: array - trustedCa: - description: TrustedCA is the alternative CA cert to use for connecting to proxy servers. - type: string - type: object - identity: - description: Identity configuration used by the AKS control plane. - properties: - type: - description: Type - The Identity type to use. - enum: - - SystemAssigned - - UserAssigned - type: string - userAssignedIdentityResourceID: - description: UserAssignedIdentityResourceID - Identity ARM resource ID when using user-assigned identity. - type: string - type: object - identityRef: - description: IdentityRef is a reference to a AzureClusterIdentity to be used when reconciling this cluster - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - kubeletUserAssignedIdentity: - description: KubeletUserAssignedIdentity is the user-assigned identity for kubelet. For authentication with Azure Container Registry. - type: string - loadBalancerProfile: - description: LoadBalancerProfile is the profile of the cluster load balancer. - properties: - allocatedOutboundPorts: - description: AllocatedOutboundPorts - Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports. - format: int32 - type: integer - idleTimeoutInMinutes: - description: IdleTimeoutInMinutes - Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes. - format: int32 - type: integer - managedOutboundIPs: - description: ManagedOutboundIPs - Desired managed outbound IPs for the cluster load balancer. - format: int32 - type: integer - outboundIPPrefixes: - description: OutboundIPPrefixes - Desired outbound IP Prefix resources for the cluster load balancer. - items: - type: string - type: array - outboundIPs: - description: OutboundIPs - Desired outbound IP resources for the cluster load balancer. - items: - type: string - type: array - type: object - loadBalancerSKU: - description: LoadBalancerSKU is the SKU of the loadBalancer to be provisioned. Immutable. - enum: - - Basic - - Standard - type: string - location: - description: 'Location is a string matching one of the canonical Azure region names. Examples: "westus2", "eastus". Immutable.' - type: string - networkPlugin: - description: NetworkPlugin used for building Kubernetes network. Allowed values are "azure", "kubenet". Immutable. - enum: - - azure - - kubenet - type: string - networkPluginMode: - description: NetworkPluginMode is the mode the network plugin should use. Allowed value is "overlay". - enum: - - overlay - type: string - networkPolicy: - description: NetworkPolicy used for building Kubernetes network. Allowed values are "azure", "calico". Immutable. - enum: - - azure - - calico - type: string - nodeResourceGroupName: - description: NodeResourceGroupName is the name of the resource group containing cluster IaaS resources. Will be populated to default in webhook. Immutable. - type: string - oidcIssuerProfile: - description: OIDCIssuerProfile is the OIDC issuer profile of the Managed Cluster. - properties: - enabled: - description: Enabled is whether the OIDC issuer is enabled. - type: boolean - type: object - outboundType: - description: Outbound configuration used by Nodes. Immutable. - enum: - - loadBalancer - - managedNATGateway - - userAssignedNATGateway - - userDefinedRouting - type: string - resourceGroupName: - description: ResourceGroupName is the name of the Azure resource group for this AKS Cluster. Immutable. - type: string - sku: - description: SKU is the SKU of the AKS to be provisioned. - properties: - tier: - description: Tier - Tier of an AKS cluster. - enum: - - Free - - Paid - type: string - required: - - tier - type: object - sshPublicKey: - description: SSHPublicKey is a string literal containing an ssh public key base64 encoded. Use empty string to autogenerate new key. Use null value to not set key. Immutable. - type: string - subscriptionID: - description: SubscriptionID is the GUID of the Azure subscription to hold this cluster. Immutable. - type: string - version: - description: Version defines the desired Kubernetes version. - minLength: 2 - type: string - virtualNetwork: - description: VirtualNetwork describes the vnet for the AKS cluster. Will be created if it does not exist. Immutable except for `subnet`. - properties: - cidrBlock: - type: string - name: - type: string - resourceGroup: - description: ResourceGroup is the name of the Azure resource group for the VNet and Subnet. - type: string - subnet: - description: Immutable except for `serviceEndpoints`. - properties: - cidrBlock: - type: string - name: - type: string - privateEndpoints: - description: PrivateEndpoints is a slice of Virtual Network private endpoints to create for the subnets. - items: - description: PrivateEndpointSpec configures an Azure Private Endpoint. - properties: - applicationSecurityGroups: - description: ApplicationSecurityGroups specifies the Application security group in which the private endpoint IP configuration is included. - items: - type: string - type: array - customNetworkInterfaceName: - description: CustomNetworkInterfaceName specifies the network interface name associated with the private endpoint. - type: string - location: - description: Location specifies the region to create the private endpoint. - type: string - manualApproval: - description: ManualApproval specifies if the connection approval needs to be done manually or not. Set it true when the network admin does not have access to approve connections to the remote resource. Defaults to false. - type: boolean - name: - description: Name specifies the name of the private endpoint. - type: string - privateIPAddresses: - description: PrivateIPAddresses specifies the IP addresses for the network interface associated with the private endpoint. They have to be part of the subnet where the private endpoint is linked. - items: - type: string - type: array - privateLinkServiceConnections: - description: PrivateLinkServiceConnections specifies Private Link Service Connections of the private endpoint. - items: - description: PrivateLinkServiceConnection defines the specification for a private link service connection associated with a private endpoint. - properties: - groupIDs: - description: GroupIDs specifies the ID(s) of the group(s) obtained from the remote resource that this private endpoint should connect to. - items: - type: string - type: array - name: - description: Name specifies the name of the private link service. - type: string - privateLinkServiceID: - description: PrivateLinkServiceID specifies the resource ID of the private link service. - type: string - requestMessage: - description: RequestMessage specifies a message passed to the owner of the remote resource with the private endpoint connection request. - maxLength: 140 - type: string - type: object - type: array - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - serviceEndpoints: - description: ServiceEndpoints is a slice of Virtual Network service endpoints to enable for the subnets. - items: - description: ServiceEndpointSpec configures an Azure Service Endpoint. - properties: - locations: - items: - type: string - type: array - service: - type: string - required: - - locations - - service - type: object - type: array - x-kubernetes-list-map-keys: - - service - x-kubernetes-list-type: map - required: - - cidrBlock - - name - type: object - required: - - cidrBlock - - name - type: object - required: - - location - - resourceGroupName - - version - type: object - status: - description: AzureManagedControlPlaneStatus defines the observed state of AzureManagedControlPlane. - properties: - conditions: - description: Conditions defines current service state of the AzureManagedControlPlane. - items: - description: Condition defines an observation of a Cluster API resource operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - type: string - severity: - description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - initialized: - description: Initialized is true when the control plane is available for initial contact. This may occur before the control plane is fully ready. In the AzureManagedControlPlane implementation, these are identical. - type: boolean - longRunningOperationStates: - description: LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop. - items: - description: Future contains the data needed for an Azure long-running operation to continue across reconcile loops. - properties: - data: - description: Data is the base64 url encoded json Azure AutoRest Future. - type: string - name: - description: Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. - type: string - resourceGroup: - description: ResourceGroup is the Azure resource group for the resource. - type: string - serviceName: - description: ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. - type: string - type: - description: Type describes the type of future, such as update, create, delete, etc. - type: string - required: - - data - - name - - serviceName - - type - type: object - type: array - oidcIssuerProfile: - description: OIDCIssuerProfile is the OIDC issuer profile of the Managed Cluster. - properties: - issuerURL: - description: IssuerURL is the OIDC issuer url of the Managed Cluster. - type: string - type: object - ready: - description: Ready is true when the provider resource is ready. - type: boolean - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml deleted file mode 100644 index 4e7d1c828..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azuremanagedmachinepool-crd.yaml +++ /dev/null @@ -1,514 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azuremanagedmachinepools.infrastructure.cluster.x-k8s.io - annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - cluster.x-k8s.io/v1beta1: v1beta1 - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: AzureManagedMachinePool - listKind: AzureManagedMachinePoolList - plural: azuremanagedmachinepools - shortNames: - - ammp - singular: azuremanagedmachinepool - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.mode - name: Mode - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: AzureManagedMachinePool is the Schema for the azuremanagedmachinepools API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzureManagedMachinePoolSpec defines the desired state of AzureManagedMachinePool. - properties: - additionalTags: - additionalProperties: - type: string - description: AdditionalTags is an optional set of tags to add to Azure resources managed by the Azure provider, in addition to the ones added by default. - type: object - availabilityZones: - description: AvailabilityZones - Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType. Immutable. - items: - type: string - type: array - enableFIPS: - description: EnableFIPS indicates whether FIPS is enabled on the node pool. Immutable. - type: boolean - enableNodePublicIP: - description: EnableNodePublicIP controls whether or not nodes in the pool each have a public IP address. Immutable. - type: boolean - enableUltraSSD: - description: EnableUltraSSD enables the storage type UltraSSD_LRS for the agent pool. Immutable. - type: boolean - kubeletConfig: - description: KubeletConfig specifies the kubelet configurations for nodes. Immutable. - properties: - allowedUnsafeSysctls: - description: AllowedUnsafeSysctls - Allowlist of unsafe sysctls or unsafe sysctl patterns (ending in `*`). Valid values match `kernel.shm*`, `kernel.msg*`, `kernel.sem`, `fs.mqueue.*`, or `net.*`. - items: - type: string - type: array - containerLogMaxFiles: - description: ContainerLogMaxFiles - The maximum number of container log files that can be present for a container. The number must be ≥ 2. - format: int32 - minimum: 2 - type: integer - containerLogMaxSizeMB: - description: ContainerLogMaxSizeMB - The maximum size in MB of a container log file before it is rotated. - format: int32 - type: integer - cpuCfsQuota: - description: CPUCfsQuota - Enable CPU CFS quota enforcement for containers that specify CPU limits. - type: boolean - cpuCfsQuotaPeriod: - description: CPUCfsQuotaPeriod - Sets CPU CFS quota period value. Must end in "ms", e.g. "100ms" - type: string - cpuManagerPolicy: - description: CPUManagerPolicy - CPU Manager policy to use. - enum: - - none - - static - type: string - failSwapOn: - description: FailSwapOn - If set to true it will make the Kubelet fail to start if swap is enabled on the node. - type: boolean - imageGcHighThreshold: - description: ImageGcHighThreshold - The percent of disk usage after which image garbage collection is always run. Valid values are 0-100 (inclusive). - format: int32 - maximum: 100 - minimum: 0 - type: integer - imageGcLowThreshold: - description: ImageGcLowThreshold - The percent of disk usage before which image garbage collection is never run. Valid values are 0-100 (inclusive) and must be less than `imageGcHighThreshold`. - format: int32 - maximum: 100 - minimum: 0 - type: integer - podMaxPids: - description: PodMaxPids - The maximum number of processes per pod. Must not exceed kernel PID limit. -1 disables the limit. - format: int32 - minimum: -1 - type: integer - topologyManagerPolicy: - description: TopologyManagerPolicy - Topology Manager policy to use. - enum: - - none - - best-effort - - restricted - - single-numa-node - type: string - type: object - kubeletDiskType: - description: "KubeletDiskType specifies the kubelet disk type. Default to OS. Possible values include: 'OS', 'Temporary'. Requires Microsoft.ContainerService/KubeletDisk preview feature to be set. Immutable. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/rest/api/aks/agent-pools/create-or-update?tabs=HTTP#kubeletdisktype" - enum: - - OS - - Temporary - type: string - linuxOSConfig: - description: LinuxOSConfig specifies the custom Linux OS settings and configurations. Immutable. - properties: - swapFileSizeMB: - description: "SwapFileSizeMB specifies size in MB of a swap file will be created on the agent nodes from this node pool. Max value of SwapFileSizeMB should be the size of temporary disk(/dev/sdb). Must be at least 1. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#temporary-disk" - format: int32 - minimum: 1 - type: integer - sysctls: - description: Sysctl specifies the settings for Linux agent nodes. - properties: - fsAioMaxNr: - description: FsAioMaxNr specifies the maximum number of system-wide asynchronous io requests. Valid values are 65536-6553500 (inclusive). Maps to fs.aio-max-nr. - format: int32 - maximum: 6553500 - minimum: 65536 - type: integer - fsFileMax: - description: FsFileMax specifies the max number of file-handles that the Linux kernel will allocate, by increasing increases the maximum number of open files permitted. Valid values are 8192-12000500 (inclusive). Maps to fs.file-max. - format: int32 - maximum: 12000500 - minimum: 8192 - type: integer - fsInotifyMaxUserWatches: - description: FsInotifyMaxUserWatches specifies the number of file watches allowed by the system. Each watch is roughly 90 bytes on a 32-bit kernel, and roughly 160 bytes on a 64-bit kernel. Valid values are 781250-2097152 (inclusive). Maps to fs.inotify.max_user_watches. - format: int32 - maximum: 2097152 - minimum: 781250 - type: integer - fsNrOpen: - description: FsNrOpen specifies the maximum number of file-handles a process can allocate. Valid values are 8192-20000500 (inclusive). Maps to fs.nr_open. - format: int32 - maximum: 20000500 - minimum: 8192 - type: integer - kernelThreadsMax: - description: KernelThreadsMax specifies the maximum number of all threads that can be created. Valid values are 20-513785 (inclusive). Maps to kernel.threads-max. - format: int32 - maximum: 513785 - minimum: 20 - type: integer - netCoreNetdevMaxBacklog: - description: NetCoreNetdevMaxBacklog specifies maximum number of packets, queued on the INPUT side, when the interface receives packets faster than kernel can process them. Valid values are 1000-3240000 (inclusive). Maps to net.core.netdev_max_backlog. - format: int32 - maximum: 3240000 - minimum: 1000 - type: integer - netCoreOptmemMax: - description: NetCoreOptmemMax specifies the maximum ancillary buffer size (option memory buffer) allowed per socket. Socket option memory is used in a few cases to store extra structures relating to usage of the socket. Valid values are 20480-4194304 (inclusive). Maps to net.core.optmem_max. - format: int32 - maximum: 4194304 - minimum: 20480 - type: integer - netCoreRmemDefault: - description: NetCoreRmemDefault specifies the default receive socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.rmem_default. - format: int32 - maximum: 134217728 - minimum: 212992 - type: integer - netCoreRmemMax: - description: NetCoreRmemMax specifies the maximum receive socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.rmem_max. - format: int32 - maximum: 134217728 - minimum: 212992 - type: integer - netCoreSomaxconn: - description: NetCoreSomaxconn specifies maximum number of connection requests that can be queued for any given listening socket. An upper limit for the value of the backlog parameter passed to the listen(2)(https://man7.org/linux/man-pages/man2/listen.2.html) function. If the backlog argument is greater than the somaxconn, then it's silently truncated to this limit. Valid values are 4096-3240000 (inclusive). Maps to net.core.somaxconn. - format: int32 - maximum: 3240000 - minimum: 4096 - type: integer - netCoreWmemDefault: - description: NetCoreWmemDefault specifies the default send socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.wmem_default. - format: int32 - maximum: 134217728 - minimum: 212992 - type: integer - netCoreWmemMax: - description: NetCoreWmemMax specifies the maximum send socket buffer size in bytes. Valid values are 212992-134217728 (inclusive). Maps to net.core.wmem_max. - format: int32 - maximum: 134217728 - minimum: 212992 - type: integer - netIpv4IPLocalPortRange: - description: NetIpv4IPLocalPortRange is used by TCP and UDP traffic to choose the local port on the agent node. PortRange should be specified in the format "first last". First, being an integer, must be between [1024 - 60999]. Last, being an integer, must be between [32768 - 65000]. Maps to net.ipv4.ip_local_port_range. - type: string - netIpv4NeighDefaultGcThresh1: - description: NetIpv4NeighDefaultGcThresh1 specifies the minimum number of entries that may be in the ARP cache. Garbage collection won't be triggered if the number of entries is below this setting. Valid values are 128-80000 (inclusive). Maps to net.ipv4.neigh.default.gc_thresh1. - format: int32 - maximum: 80000 - minimum: 128 - type: integer - netIpv4NeighDefaultGcThresh2: - description: NetIpv4NeighDefaultGcThresh2 specifies soft maximum number of entries that may be in the ARP cache. ARP garbage collection will be triggered about 5 seconds after reaching this soft maximum. Valid values are 512-90000 (inclusive). Maps to net.ipv4.neigh.default.gc_thresh2. - format: int32 - maximum: 90000 - minimum: 512 - type: integer - netIpv4NeighDefaultGcThresh3: - description: NetIpv4NeighDefaultGcThresh3 specified hard maximum number of entries in the ARP cache. Valid values are 1024-100000 (inclusive). Maps to net.ipv4.neigh.default.gc_thresh3. - format: int32 - maximum: 100000 - minimum: 1024 - type: integer - netIpv4TCPFinTimeout: - description: NetIpv4TCPFinTimeout specifies the length of time an orphaned connection will remain in the FIN_WAIT_2 state before it's aborted at the local end. Valid values are 5-120 (inclusive). Maps to net.ipv4.tcp_fin_timeout. - format: int32 - maximum: 120 - minimum: 5 - type: integer - netIpv4TCPKeepaliveProbes: - description: NetIpv4TCPKeepaliveProbes specifies the number of keepalive probes TCP sends out, until it decides the connection is broken. Valid values are 1-15 (inclusive). Maps to net.ipv4.tcp_keepalive_probes. - format: int32 - maximum: 15 - minimum: 1 - type: integer - netIpv4TCPKeepaliveTime: - description: NetIpv4TCPKeepaliveTime specifies the rate at which TCP sends out a keepalive message when keepalive is enabled. Valid values are 30-432000 (inclusive). Maps to net.ipv4.tcp_keepalive_time. - format: int32 - maximum: 432000 - minimum: 30 - type: integer - netIpv4TCPMaxSynBacklog: - description: NetIpv4TCPMaxSynBacklog specifies the maximum number of queued connection requests that have still not received an acknowledgment from the connecting client. If this number is exceeded, the kernel will begin dropping requests. Valid values are 128-3240000 (inclusive). Maps to net.ipv4.tcp_max_syn_backlog. - format: int32 - maximum: 3240000 - minimum: 128 - type: integer - netIpv4TCPMaxTwBuckets: - description: NetIpv4TCPMaxTwBuckets specifies maximal number of timewait sockets held by system simultaneously. If this number is exceeded, time-wait socket is immediately destroyed and warning is printed. Valid values are 8000-1440000 (inclusive). Maps to net.ipv4.tcp_max_tw_buckets. - format: int32 - maximum: 1440000 - minimum: 8000 - type: integer - netIpv4TCPTwReuse: - description: NetIpv4TCPTwReuse is used to allow to reuse TIME-WAIT sockets for new connections when it's safe from protocol viewpoint. Maps to net.ipv4.tcp_tw_reuse. - type: boolean - netIpv4TCPkeepaliveIntvl: - description: NetIpv4TCPkeepaliveIntvl specifies the frequency of the probes sent out. Multiplied by tcpKeepaliveprobes, it makes up the time to kill a connection that isn't responding, after probes started. Valid values are 1-75 (inclusive). Maps to net.ipv4.tcp_keepalive_intvl. - format: int32 - maximum: 75 - minimum: 1 - type: integer - netNetfilterNfConntrackBuckets: - description: NetNetfilterNfConntrackBuckets specifies the size of hash table used by nf_conntrack module to record the established connection record of the TCP protocol. Valid values are 65536-147456 (inclusive). Maps to net.netfilter.nf_conntrack_buckets. - format: int32 - maximum: 147456 - minimum: 65536 - type: integer - netNetfilterNfConntrackMax: - description: NetNetfilterNfConntrackMax specifies the maximum number of connections supported by the nf_conntrack module or the size of connection tracking table. Valid values are 131072-1048576 (inclusive). Maps to net.netfilter.nf_conntrack_max. - format: int32 - maximum: 1048576 - minimum: 131072 - type: integer - vmMaxMapCount: - description: VMMaxMapCount specifies the maximum number of memory map areas a process may have. Maps to vm.max_map_count. Valid values are 65530-262144 (inclusive). - format: int32 - maximum: 262144 - minimum: 65530 - type: integer - vmSwappiness: - description: VMSwappiness specifies aggressiveness of the kernel in swapping memory pages. Higher values will increase aggressiveness, lower values decrease the amount of swap. Valid values are 0-100 (inclusive). Maps to vm.swappiness. - format: int32 - maximum: 100 - minimum: 0 - type: integer - vmVfsCachePressure: - description: VMVfsCachePressure specifies the percentage value that controls tendency of the kernel to reclaim the memory, which is used for caching of directory and inode objects. Valid values are 1-500 (inclusive). Maps to vm.vfs_cache_pressure. - format: int32 - maximum: 500 - minimum: 1 - type: integer - type: object - transparentHugePageDefrag: - description: "TransparentHugePageDefrag specifies whether the kernel should make aggressive use of memory compaction to make more hugepages available. See also [Linux doc]. \n [Linux doc]: https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge for more details." - enum: - - always - - defer - - defer+madvise - - madvise - - never - type: string - transparentHugePageEnabled: - description: "TransparentHugePageEnabled specifies various modes of Transparent Hugepages. See also [Linux doc]. \n [Linux doc]: https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge for more details." - enum: - - always - - madvise - - never - type: string - type: object - maxPods: - description: "MaxPods specifies the kubelet `--max-pods` configuration for the node pool. Immutable. See also [AKS doc], [K8s doc]. \n [AKS doc]: https://learn.microsoft.com/azure/aks/configure-azure-cni#configure-maximum---new-clusters [K8s doc]: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/" - format: int32 - type: integer - mode: - description: 'Mode - represents mode of an agent pool. Possible values include: System, User.' - enum: - - System - - User - type: string - name: - description: Name - name of the agent pool. If not specified, CAPZ uses the name of the CR as the agent pool name. Immutable. - type: string - nodeLabels: - additionalProperties: - type: string - description: "Node labels - labels for all of the nodes present in node pool. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/azure/aks/use-labels" - type: object - nodePublicIPPrefixID: - description: NodePublicIPPrefixID specifies the public IP prefix resource ID which VM nodes should use IPs from. Immutable. - type: string - osDiskSizeGB: - description: OSDiskSizeGB is the disk size for every machine in this agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. Immutable. - format: int32 - type: integer - osDiskType: - default: Managed - description: "OsDiskType specifies the OS disk type for each node in the pool. Allowed values are 'Ephemeral' and 'Managed' (default). Immutable. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/azure/aks/cluster-configuration#ephemeral-os" - enum: - - Ephemeral - - Managed - type: string - osType: - description: "OSType specifies the virtual machine operating system. Default to Linux. Possible values include: 'Linux', 'Windows'. 'Windows' requires the AzureManagedControlPlane's `spec.networkPlugin` to be `azure`. Immutable. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/rest/api/aks/agent-pools/create-or-update?tabs=HTTP#ostype" - enum: - - Linux - - Windows - type: string - providerIDList: - description: ProviderIDList is the unique identifier as specified by the cloud provider. - items: - type: string - type: array - scaleDownMode: - default: Delete - description: 'ScaleDownMode affects the cluster autoscaler behavior. Default to Delete. Possible values include: ''Deallocate'', ''Delete''' - enum: - - Deallocate - - Delete - type: string - scaleSetPriority: - description: 'ScaleSetPriority specifies the ScaleSetPriority value. Default to Regular. Possible values include: ''Regular'', ''Spot'' Immutable.' - enum: - - Regular - - Spot - type: string - scaling: - description: Scaling specifies the autoscaling parameters for the node pool. - properties: - maxSize: - description: MaxSize is the maximum number of nodes for auto-scaling. - format: int32 - type: integer - minSize: - description: MinSize is the minimum number of nodes for auto-scaling. - format: int32 - type: integer - type: object - sku: - description: SKU is the size of the VMs in the node pool. Immutable. - type: string - spotMaxPrice: - anyOf: - - type: integer - - type: string - description: SpotMaxPrice defines max price to pay for spot instance. Possible values are any decimal value greater than zero or -1. If you set the max price to be -1, the VM won't be evicted based on price. The price for the VM will be the current price for spot or the price for a standard VM, which ever is less, as long as there's capacity and quota available. - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - subnetName: - description: SubnetName specifies the Subnet where the MachinePool will be placed Immutable. - type: string - taints: - description: "Taints specifies the taints for nodes present in this agent pool. See also [AKS doc]. \n [AKS doc]: https://learn.microsoft.com/azure/aks/use-multiple-node-pools#setting-node-pool-taints" - items: - description: Taint represents a Kubernetes taint. - properties: - effect: - description: Effect specifies the effect for the taint - enum: - - NoSchedule - - NoExecute - - PreferNoSchedule - type: string - key: - description: Key is the key of the taint - type: string - value: - description: Value is the value of the taint - type: string - required: - - effect - - key - - value - type: object - type: array - required: - - mode - - sku - type: object - status: - description: AzureManagedMachinePoolStatus defines the observed state of AzureManagedMachinePool. - properties: - conditions: - description: Conditions defines current service state of the AzureManagedControlPlane. - items: - description: Condition defines an observation of a Cluster API resource operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. - type: string - severity: - description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - errorMessage: - description: Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output. - type: string - errorReason: - description: Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output. - type: string - longRunningOperationStates: - description: LongRunningOperationStates saves the states for Azure long-running operations so they can be continued on the next reconciliation loop. - items: - description: Future contains the data needed for an Azure long-running operation to continue across reconcile loops. - properties: - data: - description: Data is the base64 url encoded json Azure AutoRest Future. - type: string - name: - description: Name is the name of the Azure resource. Together with the service name, this forms the unique identifier for the future. - type: string - resourceGroup: - description: ResourceGroup is the Azure resource group for the resource. - type: string - serviceName: - description: ServiceName is the name of the Azure service. Together with the name of the resource, this forms the unique identifier for the future. - type: string - type: - description: Type describes the type of future, such as update, create, delete, etc. - type: string - required: - - data - - name - - serviceName - - type - type: object - type: array - ready: - description: Ready is true when the provider resource is ready. - type: boolean - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/azurepodidentityexception-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/azurepodidentityexception-crd.yaml deleted file mode 100644 index 7cd1dba6b..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/azurepodidentityexception-crd.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: azurepodidentityexceptions.aadpodidentity.k8s.io - annotations: - api-approved.kubernetes.io: unapproved - controller-gen.kubebuilder.io/version: v0.5.0 - labels: - clusterctl.cluster.x-k8s.io: "" - cluster.x-k8s.io/provider: infrastructure-azure - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - group: aadpodidentity.k8s.io - names: - kind: AzurePodIdentityException - listKind: AzurePodIdentityExceptionList - plural: azurepodidentityexceptions - singular: azurepodidentityexception - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: AzurePodIdentityException contains the pod selectors for all pods that don't require NMI to process and request token on their behalf. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AzurePodIdentityExceptionSpec matches pods with the selector defined. If request originates from a pod that matches the selector, nmi will proxy the request and send response back without any validation. - properties: - metadata: - type: object - podLabels: - additionalProperties: - type: string - type: object - type: object - status: - description: AzurePodIdentityExceptionStatus contains the status of an AzurePodIdentityException. - properties: - metadata: - type: object - status: - type: string - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml deleted file mode 100644 index e74218b2e..000000000 --- a/bootstrap/helm/cluster-api-provider-azure/templates/resourcegroup-crd.yaml +++ /dev/null @@ -1,510 +0,0 @@ -{{- if .Values.crds.create -}} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: resourcegroups.resources.azure.com - annotations: - cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "cluster-api-provider-azure.fullname" . }}-azureserviceoperator-serving-cert' - controller-gen.kubebuilder.io/version: v0.13.0 - labels: - clusterctl.cluster.x-k8s.io: "" - {{- include "cluster-api-provider-azure.labels" . | nindent 4 }} -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: '{{ include "cluster-api-provider-azure.fullname" . }}-azureserviceoperator-webhook-service' - namespace: '{{ .Release.Namespace }}' - path: /convert - port: 443 - conversionReviewVersions: - - v1 - group: resources.azure.com - names: - kind: ResourceGroup - listKind: ResourceGroupList - plural: resourcegroups - singular: resourcegroup - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20200601 - schema: - openAPIV3Schema: - description: 'Generator information: - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' - maxLength: 90 - minLength: 1 - type: string - location: - description: 'Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be one of the supported Azure locations.' - type: string - managedBy: - description: 'ManagedBy: The ID of the resource that manages this resource group.' - type: string - tags: - additionalProperties: - type: string - description: 'Tags: The tags attached to the resource group.' - type: object - required: - - location - type: object - status: - description: Resource group information. - properties: - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - id: - description: 'Id: The ID of the resource group.' - type: string - location: - description: 'Location: The location of the resource group. It cannot be changed after the resource group has been created. It must be one of the supported Azure locations.' - type: string - managedBy: - description: 'ManagedBy: The ID of the resource that manages this resource group.' - type: string - name: - description: 'Name: The name of the resource group.' - type: string - properties: - description: 'Properties: The resource group properties.' - properties: - provisioningState: - description: 'ProvisioningState: The provisioning state.' - type: string - type: object - tags: - additionalProperties: - type: string - description: 'Tags: The tags attached to the resource group.' - type: object - type: - description: 'Type: The type of the resource group.' - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1api20200601storage - schema: - openAPIV3Schema: - description: 'Storage version of v1api20200601.ResourceGroup Generator information: - Generated from: /resources/resource-manager/Microsoft.Resources/stable/2020-06-01/resources.json - ARM URI: /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Storage version of v1api20200601.ResourceGroup_Spec - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' - maxLength: 90 - minLength: 1 - type: string - location: - type: string - managedBy: - type: string - originalVersion: - type: string - tags: - additionalProperties: - type: string - type: object - type: object - status: - description: Storage version of v1api20200601.ResourceGroup_STATUS Resource group information. - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - id: - type: string - location: - type: string - managedBy: - type: string - name: - type: string - properties: - description: Storage version of v1api20200601.ResourceGroupProperties_STATUS The resource group properties. - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - provisioningState: - type: string - type: object - tags: - additionalProperties: - type: string - type: object - type: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1beta20200601 - schema: - openAPIV3Schema: - description: Deprecated version of ResourceGroup. Use v1api20200601.ResourceGroup instead - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' - maxLength: 90 - minLength: 1 - type: string - location: - type: string - managedBy: - type: string - tags: - additionalProperties: - type: string - type: object - required: - - location - type: object - status: - description: Deprecated version of ResourceGroup_STATUS. Use v1api20200601.ResourceGroup_STATUS instead - properties: - conditions: - description: 'Conditions: The observed state of the resource' - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - id: - type: string - location: - type: string - managedBy: - type: string - name: - type: string - properties: - description: Deprecated version of ResourceGroupProperties_STATUS. Use v1api20200601.ResourceGroupProperties_STATUS instead - properties: - provisioningState: - type: string - type: object - tags: - additionalProperties: - type: string - type: object - type: - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].severity - name: Severity - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].message - name: Message - type: string - name: v1beta20200601storage - schema: - openAPIV3Schema: - description: Storage version of v1beta20200601.ResourceGroup Deprecated version of ResourceGroup. Use v1api20200601.ResourceGroup instead - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Storage version of v1beta20200601.ResourceGroup_Spec - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - azureName: - description: 'AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn''t have to be.' - maxLength: 90 - minLength: 1 - type: string - location: - type: string - managedBy: - type: string - originalVersion: - type: string - tags: - additionalProperties: - type: string - type: object - type: object - status: - description: Storage version of v1beta20200601.ResourceGroup_STATUS Deprecated version of ResourceGroup_STATUS. Use v1api20200601.ResourceGroup_STATUS instead - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - conditions: - items: - description: Condition defines an extension to status (an observation) of a resource - properties: - lastTransitionTime: - description: LastTransitionTime is the last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: Message is a human readable message indicating details about the transition. This field may be empty. - type: string - observedGeneration: - description: ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: Reason for the condition's last transition. Reasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty. - type: string - severity: - description: Severity with which to treat failures of this type of condition. For conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True For conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False. This is omitted in all cases when Status == Unknown - type: string - status: - description: Status of the condition, one of True, False, or Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - id: - type: string - location: - type: string - managedBy: - type: string - name: - type: string - properties: - description: Storage version of v1beta20200601.ResourceGroupProperties_STATUS Deprecated version of ResourceGroupProperties_STATUS. Use v1api20200601.ResourceGroupProperties_STATUS instead - properties: - $propertyBag: - additionalProperties: - type: string - description: PropertyBag is an unordered set of stashed information that used for properties not directly supported by storage resources, allowing for full fidelity round trip conversions - type: object - provisioningState: - type: string - type: object - tags: - additionalProperties: - type: string - type: object - type: - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -{{- end -}} \ No newline at end of file diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml b/bootstrap/helm/cluster-api-provider-azure/values.yaml index 42461f788..2abdab432 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml @@ -1,10 +1,6 @@ -crds: - create: true - cluster-api-provider-azure: bootstrapMode: false # we should never set this to true since it uses a deprecated method for setting the credentials crds: - create: false configVariables: exprimental: machinePool: true @@ -12,7 +8,7 @@ cluster-api-provider-azure: manager: image: repository: ghcr.io/kubernetes-sigs/cluster-api-azure-controller - tag: v1.11.0 + tag: v1.11.1 job: enabled: true From f2ae616f5eb09e1980724968c05750d325912133 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 27 Sep 2023 12:41:40 +0200 Subject: [PATCH 05/19] Fix SKU tier and wait job --- bootstrap/helm/cluster-api-cluster/Chart.yaml | 2 +- bootstrap/helm/cluster-api-cluster/values.yaml | 2 +- bootstrap/helm/cluster-api-provider-azure/Chart.yaml | 2 +- bootstrap/helm/cluster-api-provider-azure/templates/job.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/bootstrap/helm/cluster-api-cluster/Chart.yaml b/bootstrap/helm/cluster-api-cluster/Chart.yaml index c6faac7e0..1b8fa0021 100644 --- a/bootstrap/helm/cluster-api-cluster/Chart.yaml +++ b/bootstrap/helm/cluster-api-cluster/Chart.yaml @@ -2,5 +2,5 @@ apiVersion: v2 name: cluster-api-cluster description: A Helm chart for Kubernetes type: application -version: 0.1.42 +version: 0.1.44 appVersion: v1.24.16 diff --git a/bootstrap/helm/cluster-api-cluster/values.yaml b/bootstrap/helm/cluster-api-cluster/values.yaml index 43ff61eae..aa0cf2f39 100644 --- a/bootstrap/helm/cluster-api-cluster/values.yaml +++ b/bootstrap/helm/cluster-api-cluster/values.yaml @@ -186,7 +186,7 @@ cluster: type: SystemAssigned # SKU of the AKS to be provisioned. sku: - tier: Paid + tier: Standard # SKU of the loadBalancer to be provisioned. # One of: Basic, Standard. loadBalancerSKU: Standard diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml index ef8117c02..b0d320fd9 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: cluster-api-provider-azure description: A Helm chart for Kubernetes type: application -version: 0.2.0 +version: 0.1.12 appVersion: v1.11.1 dependencies: - name: cluster-api-provider-azure diff --git a/bootstrap/helm/cluster-api-provider-azure/templates/job.yaml b/bootstrap/helm/cluster-api-provider-azure/templates/job.yaml index a789ce19d..88905662b 100644 --- a/bootstrap/helm/cluster-api-provider-azure/templates/job.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/templates/job.yaml @@ -15,7 +15,7 @@ spec: image: {{ .Values.job.image.repository }}:{{ .Values.job.image.tag }} imagePullPolicy: {{ .Values.job.image.pullPolicy }} command: ["kubectl"] - args: ["wait", "--for=condition=Available", "--timeout=600s", "deployment/{{ include "cluster-api-provider-azure.fullname" (index .Subcharts "cluster-api-provider-azure") }}-controller-manager", "-n", "{{ .Release.namespace }}"] + args: ["wait", "--for=condition=Available", "--timeout=600s", "deployment/{{ include "cluster-api-provider-azure.fullname" (index .Subcharts "cluster-api-provider-azure") }}-capz-controller-manager", "-n", "{{ .Release.namespace }}"] restartPolicy: Never serviceAccountName: {{ include "cluster-api-provider-azure-plural.fullname" . }}-wait-for-provider backoffLimit: 4 From e32c31efbdc4cc08feaaada3b170edd07019777e Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 27 Sep 2023 12:49:46 +0200 Subject: [PATCH 06/19] Fix typo --- bootstrap/helm/cluster-api-provider-azure/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml b/bootstrap/helm/cluster-api-provider-azure/values.yaml index 2abdab432..2fc261db3 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml @@ -1,6 +1,5 @@ cluster-api-provider-azure: bootstrapMode: false # we should never set this to true since it uses a deprecated method for setting the credentials - crds: configVariables: exprimental: machinePool: true From 184e1b4d09554035c905a6eade018c92f7ae6877 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 27 Sep 2023 14:07:16 +0200 Subject: [PATCH 07/19] Enable OIDC issuer --- .../cluster-api-cluster/templates/azure/control-plane.yaml | 4 ++++ bootstrap/helm/cluster-api-cluster/values.yaml | 3 +++ 2 files changed, 7 insertions(+) diff --git a/bootstrap/helm/cluster-api-cluster/templates/azure/control-plane.yaml b/bootstrap/helm/cluster-api-cluster/templates/azure/control-plane.yaml index 842739cfa..ccb77dc53 100644 --- a/bootstrap/helm/cluster-api-cluster/templates/azure/control-plane.yaml +++ b/bootstrap/helm/cluster-api-cluster/templates/azure/control-plane.yaml @@ -42,6 +42,10 @@ spec: {{- toYaml . | nindent 4 }} {{- end }} loadBalancerSKU: {{ .Values.cluster.azure.loadBalancerSKU }} + {{- with .Values.cluster.azure.oidcIssuerProfile }} + oidcIssuerProfile: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.cluster.azure.aadProfile }} aadProfile: {{- toYaml . | nindent 4 }} diff --git a/bootstrap/helm/cluster-api-cluster/values.yaml b/bootstrap/helm/cluster-api-cluster/values.yaml index b365d640f..9088063e8 100644 --- a/bootstrap/helm/cluster-api-cluster/values.yaml +++ b/bootstrap/helm/cluster-api-cluster/values.yaml @@ -190,6 +190,9 @@ cluster: # SKU of the loadBalancer to be provisioned. # One of: Basic, Standard. loadBalancerSKU: Standard + # OIDC issuer profile of the cluster. + oidcIssuerProfile: + enabled: true # Azure Active Directory configuration to integrate with AKS for AAD authentication. aadProfile: {} # Profile of the cluster load balancer. From 0557252e1e7f56685a1621ad76debf223f772a72 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 27 Sep 2023 16:45:14 +0200 Subject: [PATCH 08/19] Update cluster-api-provider-azure --- .../helm/cluster-api-provider-azure/Chart.lock | 6 +++--- .../helm/cluster-api-provider-azure/Chart.yaml | 2 +- .../cluster-api-provider-azure-0.1.11.tgz | Bin 78909 -> 0 bytes .../cluster-api-provider-azure-0.1.12.tgz | Bin 0 -> 78783 bytes 4 files changed, 4 insertions(+), 4 deletions(-) delete mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.11.tgz create mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.12.tgz diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.lock b/bootstrap/helm/cluster-api-provider-azure/Chart.lock index 8e3cfb9c3..d4cf36d0b 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.lock +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: cluster-api-provider-azure repository: https://pluralsh.github.io/capi-helm-charts - version: 0.1.11 -digest: sha256:22d24daa6833ec0f73923efa012a593ebc2c1311ad21f6c2cacd5b8b2bd7889f -generated: "2023-09-27T11:01:12.760986+02:00" + version: 0.1.12 +digest: sha256:1a90cfeb6a4a70849663f14939ed7df9509bbfca6bedf19ca06b7ca84afd8cce +generated: "2023-09-27T16:43:32.485776+02:00" diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml index b0d320fd9..8802c46d7 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml @@ -6,5 +6,5 @@ version: 0.1.12 appVersion: v1.11.1 dependencies: - name: cluster-api-provider-azure - version: 0.1.11 + version: 0.1.12 repository: https://pluralsh.github.io/capi-helm-charts diff --git a/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.11.tgz b/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.11.tgz deleted file mode 100644 index e378ea8e489362fd221b06dd3a19a87f1f076d29..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 78909 zcmZ6yWl$YKyS0rw1b4UKuyJ>1Sb!QI{63GVJ8xVyVM1lQm%d7g9XJN3=KuCA$? z>FK#;U8{+rV9-JSU7yq-w1$#OOvaM3>_87LHX{}_CKF{gOD$zCc6l{5c3E{BD?>XI z4;4jwK1ov>Tafej*Q9m!)a#hz<!7#TCwl;HbdQy;AbQ>G=H?5v=l*our%(4bs0m{kpPwGVsPFL! zT3C(cz}|@=)%gibW9p3;@@#>GVew}Io;<8h^c%p}{{E(z>3=eDH%H#_$R0g-|FYWn z`syWs+5Pv2Go^A%q5BY_k^4meXRHE98>zWld#ZC@rH88xkKDt&;^&oMvanST=>5WH z<=tJS)w`eX?pb%rxBLUPUOEy*h$JFVDC=~cJP*R2bSA~cljf&&BJ*6gEQZ}-3K)L! zgFA5fJrB^)vsXlfIf!~_1~^}{TlHyhMbS$E@)IO62gL0;5K+O71dMR12_*{TV1eC} zT{4pMZAFMva8n1bi+b`DsTs_wU6%xIN_0RXua4Ir;u{o?AvWz2DmX*Z4?dYx;vH5$ z-w{G11D}h{$@jsKZq6hnDybxpIUSqemheNd6lz~768f&l9#rvXqV=4dSo>hx_`lld zlod=NqXclo5r$ycQqn`5PmFKRa<^fuk^J#6kl&WKDo+S`XXJQH z{XF!LOP9A6y}RhUR{N@F{#ZGFkX7I|zHNBSJ0Gi04?3p@UqgvA8IU*L+s-arx5}L~ zW07S0@}oWO(1ZVe#59)`{e;mB1oI@j=q(;3A6*>PuBZkkQxBl&cx_L1XJMJiEXDgE z>)&0OWZi4MOuG?{J#PsPA?roq4^+Ankc6-Px?c0TCI7sn)WxK?eom7|4zjYM-i3mK zHQDnLj3|rREJmfbYX_#KVIi81p|L0bsdZ>4IcT9Lqi)eWlX-SgwE)@EXM3MoVPgaV zXcWKzATap*g9m4pD<*IvV8n znzN&68(|8r^J<2PPD#6XNT*<3HF2eO1^e3L18Vl#-lZg#tY7{R(>?a2U37C>2VDHz z%hZR3>A%JExI23g;P3KzI3nV(*Z1*$Co10F>VChEQ@8i^e(HL>7*_XN^c%mmmBs?O z(am)gO9Z)n5i>>>)RS$`^G(D{uJZGDW9oR^>U{q=7Wn3}9c*^_iUYDsN4bj-g3K~N zn7d0~(fRl4ZSXLFQLq2I_21hN9Q`Rv?w-w!aS8LzL$s8lBX=0RpAY(ifj!KLCH{H) z5Vj;{#EF{z+An~{ML$90`j|5&gSOCaRD{K=7UC6R1Oa5!Lw#r|s$ghX2n4eW_nX)v ztgk(={o&ivC|Yue*T&S?awMrOu_B4d~P;9tYI<*@kc^%`-U;}VBE?4 z?5D89%Q=yMq9&DMmaPGLfA9<4(go&Y%qOp(qvGXfjy|29PRB=H%(Q(s-|PIU zwPHD6OF+SgrwPSJPCNcL$-I5QUNL&^`{^o?U-tXs`ULzgoZ$(drTNHqds$ZEr{}kp z>j;iDjV6PJ!v(=>!wrP4_&cn!K-6lx1V#XpE7yw`egW`mMhh2ml3({ z9~@g~A(!8`t~MZdd%S!}J|bE;POU=tz2wd0yJlyVu$ksj#G6X4l1NK`_Bm*LlqNjY zs(-e>=9<<&IY7^-f9g*hFTVIWUVep>>5&Kh2)sFZ93NgTn$@3oSd2$CAM1a^Up^n55garsKaCQHiBz^7%e9U>U!7MVXBc4_>hMSs6JNpeVmz^v+ivQqf`(X}i6oRA& z+ZZ7$7fMXtFI$3|b77bq4(%4M0;le2eY?H-R{P|2W0m_hj&?OFz`Z_r1eSP_x?>Y; z5I=W|QvLuXuAOI>8xg4E)%|{S+H|E^?^B+>M8=Aj|3Wgpp&mbOb61g0c-$Sp`8d9> zF<5nP-_6E*`|C+YTBDi1Rwf}pl2e;sQpkgCgtSat`?%2hRpXb|wPvB3lZnK9s;0%F z4u3E;IH&*N-0#{jE^{)8(jR&8P4sXC_%1Es0<7-mu~;lwzQJ^|b#;X^6J9QNNfM1x zw2Z-k0TTN)n4?gtp_5MH03$kF(S<_1L~+BdWJChYbm{`!YCT+RbXdLjr)i??kNt;l zS6f}5_i=9a_{Ld-9B?d(lbd_Au@foxk6a1w)^7rMOVS)2D1v#HnpI8DgB&Wu&rZ+RZM4j;G$ zg`}LXoBc4(NWW$DB#H|0TrXd$VV#NQZQen^OT-C$o0Cw+pgmmR#Dg&w7D9N!DPd6@jjbxSIwVom(vyXavoi^-yg=Rx)Vt+QPxkeg(64u#-Zi4g3VZJ z4r9>4SyTu&VVB0#>|^p>-{VY(>4yrDdqo0!a$o#>KRVezS-Lx%9=30i*iax3a{R|r}l>-CPixGvGW79zJru!RT_kj6i7O#O@LwH9t?QIW2Q%_fDcFP{D5 z$wk{x%T*yFB}@3=rr@?Lx^g^{8_xL*nAO@g29Br)CrSbjOPo5wpB=rM)<3=H>`r#% z^P&*Iu^lOY$Tt}EA9j8+H`nblCp&lbl>#?zY- zZcFwrlxLQ_?Hh)|3f2YW)WU{Zcn6)7D;kS>TlRw>v!oBe7R0}998&#k1x(^jE+kLY z9Lh}_`J^@&|HP2q;R`37Rm%;Jk>+O8D$ni<%^?l8H>8?Q<-*`e`C-+h%oT#j1Ixv_ z(sLc`PeZ$CQ7)YbE{ov`MdT=~HWKM_e_w`M^mi)~gBZy;&<28E1jDLvoS`=WigcaR zH0N(<_?9p}`8T6&_z?E0rZ_cKWwxR^qskUE2>(2rpjcz4^IaH6%=4I ze!h$`gjv=4+!uS3*p14NI=tcTOsgwJ~3ihI1qCGqE@G0QuEYY#Edr9>mpiN4A-RC?6O#$&xXMlU{dPMq8Y}$`V6yb zQ75L2xLj>jdp0e>f~z4iVI*9T#J(*zPAEbHdy$b$!Fz`c0a~PzfzMB$)MBN{X6e-@ zBJ0^X2oXm2QkU#A+!3vKTX=iEJ3EdG2Bk)9Q1r_-LCS{JLjAt#Lrl%U@&b3f(nx~L|W=^O(#xbiS&}lFljG$ zqxR%p_H3HFzVT4nHBQZPNEV#P|63u-zm;)v`GKr(34p# zvw}BQuz98A#Tif`+o2r21A9iwGpnnN<4|ZL;tb{r+x`aqI0u}9mAw5$jEEdBu$ zt-2cJC%USW;@23((aSO@&M31Nm(JJ0=vH7R>fpxwwW=HQCl& z%3DFPN=b6+iB<~a(s(SA)n3+EUqXx{?EU-QYL}mda8OOT*O@6};j|hHIQ%KQskM$&MuS^YnhZ>^k1vlWJA3 zyV=uG6ovaAh>)Cp_&u$Un`&0kj5TbD$7VifCe*^6rf5=CD}d}{Atd;yOU_t`>UX2! z4!!^Ee1lqL(sCRU=X0AmIV_Fr0Mk+YwKEm^f;XdinqoA)bKoO>g~6{w+_|+T)7+N@ zpvK9fUAt~#A@=zJ_4$lSe_3gtsUVYV>rx9U?yOROX9_eD3w10qNX>W|T)r-qsO=m6X zl1>0H!GF8d4NP7RL99nfLRcv6l2?4T{V^V#UL)!BEfIOQ`6O;-Ww5i>sCjpINOTyW zb(odZYxf%S`vGUHBPB4& zgyuwyh7(K?6iVAYa!KjlsyQulD08qSPku%xM9H>gjiSzsYHKSu`zKuS8bY&-!K4B} zMs7xlr+N)oTvTU9o4JvbU+t>ZyechaIH`8d!Xu=8(PY(_l4$fpTMQyt1{oATTT-H< zNMTXTf2<7@5BDo*fz<=cpaYO+FnSw^g z#>kKPr5AxJG6v%c=unn{D?!C#)UPy4Ms?B!``GlKe@wD9x>L1|=mY>Aw)+s9piuIb zDwPFF?@%eX(=D<;j6`%V)*i5@&U)0@uF%-?OCDlPJCyNGP8Dj0gI&XXXfpB^PUN%f z_@J6NF;zyNo5Z=bQvTHEO*+O&FO{;r%~t5df!ZR4sx=8W>cK0jzF$W7w| z4kHjGsm~TJb(MV^EHQ7Um04m{D*8n=17{Ick#yxObAM_!re={Ic zoTBE9+&-C2dLpEjHrTe_<^h6X8yo}Usl~ji)^2AE#VG;FrA0xK*54|B`y_f4kp``KW6G64iH%R4lS)`h5fNp+j+4ROg z{U=Quv;e6_1K4%d#AK=CKtNDHb z``A^*X6gwIW=Al;;{6-& z(v&{B5O59NoFU0lP;H;*B41#*YU!Lw53Kb4y~HP;rF_r@(QAt<0a1$sY=Je|(9Fx; zUr=qGUh;_}>b?IVg33;^-ukD~{4MslT1#M?8Jsk|PMOW4Fww`=&Ud83Q4@?QMhFbB zzb*7t8?=P30xj3fk7B=9ue~tDFadi|#olt1k^FNiRS`~C&5xIkZ8UJi{h84Rf;Bjc zoZF=7TWBfj4NEWtQQ8|_^2Md?S}CP8W^p zJ-PAJ#;03(#KzgqmW+NMHL=sVkJazS$6vcA7wkQmiN|-@fXP@o>5e`T!ou--PoiiG=gfm{;%|#U~*1xW9nj zZI`s@y=Z2ts(~Ca{bPeE zrP_BgFAwRB*^gzZP0b5S!KoruR%Y~<2Gxg@J@ds)Mf!1ky+oASG^)eotH^{G|!UB@CgepUOR23 z>B`Xn=|iEt*vkbbz14#uNv4K*-!-#mNvZ6PM!oV0Lk2^2zkR%Y_d~xuZmaa&h4(+o z&a&Lir7{$D-=9@J9Xpuz97u@T8SWIGx_9Whn6=yV|05W`eO3?;wj*pM;DxVA9wmha|ILv7M3s?h)B!dIPtgp5~Bd2)n z$BjeYezoQa)meuKuQvUqSoPIqf2fR1G0tSAd6BldC+j|OS7_Qe%SyVEQxx}B$G1`} z@_4_wsFb&F6!87Hru-~K*Nq6T(Mx5SE~E;!SErp-^16ZzjY}-0Ffm}wSJ@r@F1PvcXW4k6vc@`fvH&E$?OR)cJEaer8M|zdeemZ*BX5BMWxhFiH$3{Tv`ZU zKGF{tu?*^Yn6yF&BWz(ylKy$!-a$6%*{CbNJFq~&w@w08$w!qY#m{nINq+OxT{JXo zPjT+au|GkTfBr|A(Z$Zsqm#cYNpT<$cq{13bW_JsnqVTLF#`adY{r3SQW;zPv+`g4 z=()4KF;Z$a61}ltE}N}}q|!2DrGXMIeBH*T!_vXm^azIwsfKDQvq^@))x-DBwJ#!@B;{xj)7DYtwouq3pxiA3oO_;_zA5j4!A0A_f0b_ zxNK-egNjc40^RBQndjFqj_lmLq-4vx0QrDZq&VT=L8Le?UY)Sg9E^Da!Vruo0z&7i zHY9l-+94iZI68J7-XjY~f?RF}#-WSraD>=}T@;UBNO7i~;)P~`O}tLhx2JB(%Dfew zj=y-VOw8~`;XwYPdS~<%Bo|6jVb2JjDIH0bRTwPW)7Yx04BH| zz^0nZN4!zC#wi$$oS;FZ&JqzGCHX@WfSZ7CYhf$uN@y;csCyH|WC{WuXl}!I%B(n@ zkVwBLt(@4`97UaD)-fqBM=!T$GQKtFgyaK%?t-xKt?aua=$tE4hZ&cpk-#nORrsLB zh$|=bWA!iAh{o29QOh0|x>J)pp?4-L40uqlBV;@%#jp}A%f$4i+$j+R=NvC5#Ozl& z-IVS%P9f?_9qBCR8e}{f*oG5qC&WNx-I;T*)CX7M1rqxwr`lg~MCodaCk@v$8zB8U z(?~r9z^Yz5X343dEn8>}kEl4WLN3(fj-kwYX3LtuU~2^UCzNDl4!Z5xB%Ql~SLdUj z$OOPB>5uAVWwn@h;BsZ${2V~{6kr$L3ueM@((&+3*u=-%D7hiY@UXWbQE6yU zHbG{fk9!Cf6TeK@#OM*4heS;IjD;lFM=m;uf6b-7Q(>4YEU<1T9mOPv2_9ckqeZ5W zE-s#I)}^RlP*b{yo%FCugc!<-dm7LDGqi0Gku;6PI z%-d&tq5T}sr+jA{NApA#6IbDH?K5;Zbnx?W*wPO;w}+drrZAyf?-WfrLQWpng6Nsw zEm{q~sD|CIN&7ES%fEAfBkK7fUhUhijLS zFlBUc|3WFdb#X!qJ)7NPT83R}$7ZTYkIVuk8$<00Pf(LPP@HRX3!Sz4Z<2~bj#pL2X#nhbWq^L zmm95r=?&-j9In&e(>bw3R~*J}%8z9j5Gf*sY}KL8V3ii}#Bi|U`Ao_p(Zdfh5ZvGb zwm#&U8^^lv)=6KtdCC%CynSUiP+q>x=h8;#@y(ml%IrHAE>-1y zX$jKG{)Gmj`S@G51h_t;Ph~mFV;hfVPIiQI=iTp$qkaa}x0^ynRXnUCg|gQ$k1vWx#En&a5s^P@aB(m+I|Mx)V%ML+LfD&gps@D$yxqMf zK%k#i{-Vx_3OmjolJvmIVm~qp>+TMR)Fz2xlCH)bAn;VoduIN8);JU2WxhEO_5A#k z(`1dGhFCJ*j>Jq>f+dIXNIj}@4*~=Ei=2ta7N7^dM;e@6CC@?^KPPk%3`JFnXqMAl zkaQn<_Znc5Zmize`H&f@b|YXaem9*sDQ?&FQJf{XshW;4U#u>5Ej{AS$D+l_p3 zcIbres>q3Jm2@;JG!GlY7xrM3uzczO?f)MS6&Yh`%^EJiVPNE zKNx}uh!zx+D{iI_VweKPwc{CpS0A!4X7@7F-r_`b{-xB!ZJL;6c!P$ULOL2e1g0pZ z2Rno?A*fTc^CFjI?A`}h(T0H+oF+9oP=FBn|>>QDAJjI!1GAheO1WegYm-^Od z9IT+$=8Uo^h&)_qyC%tH*U?^o($d9beyF2DWOejCPsW|V@^O`1$?nBNK010z;7Qrk z2h8)w$Ogi_!O@Tnjl3z6r_H5KVLO%wrPwRi z8z-H`6|?cr{B93A_MpP%Ng=?Obx??JK$M!P?duw{yQ$hy8aIgqS%lw>w-Tk1=Z2DM zKc@y$Ik{{*Js66Wx0<${v*BW7OK$Nu$h0$TII{ntGAGR?o7vzbMaXCPyihyZqn%<& zf2+pg^7CoLJKgSBE4+TQE2cl*dih5=Gn#K}j|ue$VHgRPzjcA}C<_5S1Q8D7aU~SE zITOrP(4-kUKeI&~2ZBU;!9yt9MrPw*J6|^agJqY^eu|)l0YeFjc3;Z0mv+*%zpVT- zixIS@-c+LPTd^rNiWARo*?wqfHYY$jk~v1vHDb{t4=P-q6e2$SIor4$DO?C`CkjL^ z9(^Npti~zP6wAr1vJ7swhHpfz*SoRZy+h8}jBZ<^7-x$GCt;cAZgFx&o!r+b~g_g0a{6WT-GX6z#YHfqH_)5R!2i5oX zj@SrXv@c5%Dt0_MYuvEhwH;RR}piGLj1E zTsSVa-vkV7I#mDh85yTJCC5`s zB@Z_*`S*Gm?3JZPXNcb@gO+M~NXX;y85^?5>fuvW=PP6~09c)A#nBj*-bCw1lfPQ7 zIpq(QP$nUFK3rf-yKHjxQ3L0~!KoJGQPe7`g54=1z^OF}{ft(a-rw17uS`VMba*&6 z4tX9!>QV@mv=g&-639a-WSPj1VT9}AcJiZ8`Ps}Qk!Bl+Q#HmB+lXqu5jvZbQH%{K z-#!EDs9bjb*W!RoUmwH~8_nb>w~w1K1z0j7-~6>|X1S7MbReperjeqHV>|I{Bq5+I zoapqRYopn443R@fu>|<5V>)*XC8X{&=_-q^RZR`TJclMf1V8?IIC(i4|?)Coo|;4xBK8%Vf_MhJF4EenRW2s2Se z9J4H-W{n-NWCf&`T4tlCQr0Erp)zJ;SSgCCE{gzC@$1s_kkRG8St-=$Y)b%A5$m$^ z!(kB@thUL~-Far@Y8#=MxB#;AGHOF(KbaUQ*NxoF0FW5*DbWPSs-{LG6Mb1MW=!^_ zXvx@h&3X747;Wng_lE9PGtthCqs+ckV&Q)wc{X%(I)pPxA)Su>hg}l#DHdt@c76oA ztk1OTR4@ZDo3D*Fys-4BHF~dbjF(xUf(9wy2ZUx~#uM2pw{PQAA1pgjL+h|s15bV>ons|((Y14f`&)V!ec#$N^`qk9xgg-k z+4$cKH&eon)EcicZoOx-IKFT3r{p3Hy~G%m@<2YDMiWXxi9_luH)AJ|llbkCk1}&6 zvPu@P>dp}h0a~9=G|Dr4P@+@d4*c=p@CmrCtwwLgMW!JQDLxLYGz)!1+o_g(k7q{U zG?r=4g-nVr4Ineg9>FJ#4!Hf-3^M*as~R+H9J0X2|M}x0Y+RG19x&u|HATl-qrLns z=J`X1OlbIYBqku~Pw&NWYI}{gfPpenijH|Tbo1SycaaC*S5?$uXZ2VEZ61;3$n8W= zPEaerfuvod&5_J*{QDPX-?{7U(9f}lhaZy6ONZ7ZqjuBw_=!5u3R&d)?>%x=v2z6Y zNq}WqUKmc}91)+hF8}Ls7YyxZT36R}eegBnH7oOa62E2brjXbOkS;u8ZIrh%>~>^5 zcuH`9HwUmK@UNnwlVT@75USsupn-1q29wD-;LUIXC;R|9$ecR4Rd#zn>Tnh}h-&nJ zZHoCz*5S>_Xdig?-aUSPF@?MbSou|%A34|=Jn5&lgBKsvP9zja^McV>J;tW+X*^R{ z>DKnJ0Gy2rb&`n>74tq&Ptg>mcs{g(fHKelaG-~WL*We&Oh$weiT4p8N=vJ|O1+0j zJ0PJpNrFB9x(O`HZ+(LM%aA=Oj?jPNfB!eVUZI!{Q_ z;T}Y(B_RDLNV@LkdfL2-pw;3wiK;LSF}92Z0lai{lFBGZZv?W+@_K?Y>30YOI#9N@ z>tCeqr1|J)-2AxDb%gSN%y`+lbb^0>_ah5iv&E5(WyJEfzG?cu$~$idKE3bUm@Bhl zik&6Cm+tv2qSOk?j`gTp#eFl@@a}T7zOO1_xIy2LSxxThy`VK+P+?^TLn;W+I9_n# zuNyM-XwdHDpEXT6#HPnU&b3U-UovC}Xmz3}wRy?vOY{TKdQbC%S~8)^WYyK!{~{j~ zSn^L|N^<7dWKu8EFZR!)Af4~PIzj-9-YifQE++ROtxIE-1YZPbn;N-gBnND`){)JYN7^JN{zWdrdsKMP>vklO=( z`Ua1w`^WADpJ@Vv^PmO^_)IdJMX&BO0W|Eh-qQ^pGUfX?1TwekNpzu_Z+atI`DSOGSN8 zO0#}cOvyW9^JpR5jnJzOHpPm^ySg^zh+n_F&S($baQS;L2-w`U4j!@#vq$jP3A3jH zn(=u5)>u8ijzLWSb8VU5BAhT9-ig9Q5f@=poZ8b{1ddjW7r!DTeQ*!yPcgoGZ8c~e z-CHi+5ewjCgVMEgumaI7fiA@zZQ%VHt9*?)<)Q4u&x*&Eb{0--+I!0h`>-`)i8?DY zfXNj~DERVPyrTl=3KXAz!B!IecwPG<(H3PH^OYdi@fFnXT*%H^Gyoh$TZ1vxfCm&D zr=YVS4`#NC8ky7_Ll>Foc1IV2wFx9OmjE-jCM(gA4TnYKo{1QBmtIrb9xKtBjqpW6 zNu1wkH-F(PY<3@DpsSPDtF`Riz)-*zHa6vi@u9^>wevDt!iKt+sOQ&r6@Sl z849g1e^6ryJ5?&h0r@y=)#qW+X+9nHDQ_Kgyg_y1)y#~&HY)ZI=ZuB!Fd19^iZ6AN zi2-N}f|bcl%uI~T!n#hOAc&C53!yVS{PxmVH(4d35E6TVve20=gB=hN~uAfdbu*VN%-9nP^ivxVT-73BL@#m?3cDsMAYNKe{yT?aQNR0qMh*Tz2m&4X=GcD9ZG@Y$0LUGREbdR*HFI%bU zLzmJYbG_%Oj;eI?luYhB?Dh~1J@x6zKLo(kRYoB&(4fh{%A?Bh;?vtaCIey^;^LfJ z^Tx(^{n`J38wpS4abU+PmN@BOl$y4xjRt~Z{<}`@G$^eeU6Q<9(<^BOa+Y5S7kiaP z&69O+AQbi{>#F|%%kF80nYEYuJJHE!W4wU|+RXmvF(U&*<;UmXVBfPJ9?@buIs^H> z6GV4?mel4m!ZbXL+5cGOraq$$n3IwgBVeb6jj^xKS48OG_dX#-sf#-KeRsx8iyu9} zK0v-zkzq3>rY|$6y@_PCc4llbyO^TMpcf>sDIjeFT4=-1Rv6+2}io^h2XhBvt>_&qIj4d zuWp3f)coFVq8T82MJW3mCFuKu6J}!Yt*-Xd?d#L7e^x%j|GU5G?9)1(scA2Vq7e`< zw!rxyFrWf4(V%Q<2b{2nANBFX;%&~zs1;>yJw>I&W|nOHn89m+gfZuXJ2h{dQr&X& zOyki9|6P(P??=Py5HC2}+WxrU)GONgXngm%BCz)Hi6lw|5v{)b#s+1Cz?~A5Phcxt z`q{0eqceqt@%j07wm0^lRsFSCJ)-9Nmg#-ksBAOTpfrv$!DwYh<<;x}wbynphj$!XdlYq>RT_Qn zb}5xxtB-oQ9HQJ^k?|O;bR5K|Jf$8c&%l;^s0d^~BT)tJ$MhxBy#G}wU*oJmDwfXi zv$$5edv?1Mqx41L-K4(z)Oc zWHWJ~E5lWBR3Q*tOaz~4%lxXTM)bdNQsp0|1#9SI$Q(QU9f@W@MT4^K(d z+m164SLpBrmvM26K8llr^p;qP^mse+>rbF!7yNEPSv1CFn8v#GPAFwZd05yafuBCv zQKO)31s8(co#6rg%BRxTK{OnZ&ruG^_QM2dSa??AUBA8kwCB-BnEm4 zBET^pW?nCxOn1U1Aea|VHy<7?tf7rT0S#v8mmnNE<}bk`7)RZF2AycP0CXKX*MN!L zy$(U$w)877>duvOunh1amw?Q04}cSv^iKHv(xWfK)Mb=2@*xBHGP&rKns`Se9sRN-?4+EZ+{~_?B10LD zn?HvZf%~$s<(e8-$mJQo2orol#ZAm3CwSS_`iAb72c_EoS@&kJb9nJNk|f`W7xV*k zWqCdTZS9#zA#iZ$drXugD@xWW5jyuOJ5={R8_DQ3E7`+e{)RK=h3M>Q>?kN@xk8jE z#ot5N-n?q9LM@JCxaty9`g#-QBn7RZj~HE@>90EY4~@WwdJDXBQ42^#Kt1N;3+_G0|y9;l8)99CSVH@>VVaG_~X4GRPMEAxSlTy(VBK=ct8YLn&~K zgDr#^Ju^ljX+}J8$PxK{^0|`^zPNekngiE!10T7a$g$a>v8_TsR5Bz?Bvku*or!rf zCd6x<+4N1+lR`53LcOOKzl01(TI9o4NhGtf(_X?SoBxY&wyq3MIcqWhq# zCO3om&9n(YRj!x|&zxP-F#M4E6zGm!WBlTwKB{C2!w;&)`G?-B-%XC6DJ;p_t8_lf z-D{jhu!^~$TR61I{?@aP#a>N`?@fBJ@!e|lVIT=13reG*_EPkb^jY5>G#|2h+-kue zja0@t;t-W7P!P2us?)Nhx?OD{5NmgLO5saQj{;=Uzvk|03Qw>IjVxUEC|*Q7Z?nICm-wk}*TU|Kp# zY@|i_2R0#k%>Be*pH?yKW~HPWPP-o2rdfDhE>8e46# zYZfi>8J&ehMAS6M;{gXY?%neP{Fm(>SA&IoC z8>{mpc~r*b-P&DMt!YD6e#Yv(I>P)co!VW}d!dbVxY=JI4cLWol8NwhE(y$j;1ATn zr(^|(d-pVYjmd-?CC@sckW5G+LS^mS+Q&d&%UZqU(ScX2KpUa>?g--qCQBG2;Z^Pc zTX3Q2VcZzsEzI*vblgyxap(Q*%hQ6bUWAw#GJEohatVHyE<&GeZ%*6LQej-d${&p- zQ!B=o_K3sQ!5Ilq1GpVJ%ERaNPrtbp(T2m1*Yzb}dR3l>;|5f0bp&1M>V`6?EeFq6 zc2~n^+No^yA!4Acb?*rPW_T#PSREI=**7pXQNPHboyZ!F_u9ojB3I$}gDfi!jE5X5 z2pK#Z;}T}us^Kg4#caq(kG?#LJsEl(4m8GAWJX7%jY7dO^@+R5p^M_=lY@r3O)(sG zOYyz1qNa8h7vw9rWa2!Nz0Ei6&M50!=$VKca(3Rf-j6!it>0Xa3fq(Ljqr#Bu-4f~ zEj(u{2y~E4_W=xA!8)k6I$1YHzWgG=wsXZlO|idXQy04AJDsr){#Th?Rrf`F1d_vn z>k>l{uygbSRi|&IcY|+Mj;i=GV1fQcD-)|}!VUTf!1o;Xmnv3)xmHULM;9sv)k6Xf z47(PHTB){)3-oxZ#8N3-@-ntK%lZX91c?*|Rhy*vAHO4%#Yv1yE;&wmt5Q#~`gDKm zAPw04qakx&G{m#*9}S`VM?)B`?$a!e*BW1`5cU?yeYGUnQhN-G0#Ho<$A@ca)bKF> z)oJ-xDG?86Lpd9>r)WLP=J70BTuSH#F8!HZpQ1}+^lzvlj-^LzQG!cCu0amnr5P-N z9$|IP=69A2ae8aM<3KV_IvlB=>y0e#`7<8Ts*_$Eq%Pbh8o88S$~LZ|`FJ2$QFe7g zowI4~t)zwF6Rc^;_A0XLI6voe63xb_8+ekAHc#p3#4-=n!%QG>n&2AkFb3zz(1AO# z7v3YAMH41R#Lb?wjCItIU3gY%8_acvYABIe#4eSRRlJo&-Z;PTZlIZ0N|?jKq4*ox zwXh|llv$OJ-LvLl1C5_7Y4LqTGpm}AfR#g+4}|gVZt-^+fq9>&&G|<3gCK-NpG^l9 zmrjR6Jw~vPP<dX97-uWF`%)T;HTR zM(T_3{J}e-jMe!fJSMCOLO2nM2D#rzTmzFOe-qG}s)@p7GJG9UU0F#qgayhzCYP1d zUd>P!8n1N&r|LQ5lp?GVp(ravwG$#TOW|dQg8LRH-V)HBA?^7GIn#)g-*(0Vs3Xd7utx&KIXv-{*8jz3}a1UAri@6B3!;jVh zFa4JK)1ouvyUgxiPV9Dfoh(A_k5dbj=aFEpxMpZ)O5$dXG6CHzJqJnyE9$21dT_CHl53ak}p)?fcl>FzyfqH2sdwTkr1JGL% zyNSyDE?j~rX_6Z@SFgN!lhA$zc#{e;kwGdZF+WyBKr>z`E)%YPMrTt#R(TXTz~tWu zU^R*{=hwURj+8VxX&cVb&<`*6tqEbLjQMt-ed}&HktJD8K=sR3GE~Yk-WoC`)SG~| zUvo9kAc)D2xEH3DWz;q;ox$vhyq&F0GW_3CFW4(eWD(~ad)0FDwK@N$jSrH7ryN_q zPmTdsrFo$LJ+!9nxWaQWU5qPtK|pSHp+_+2bo_&@4$*Q*_WQv%ZVi zn!u}<&Pc}gr&&`#JDZhd*oa+_uZ`AQcr_tXKv`oKARC3Qh|G(w894&-iqR==-x76= zSmrHtI=6`lVQbaq>_GG{rd_7%9c_^YE83Z2E1lB6%t1QnB3iWAPR>_^FsM`?kfdZn z-I*EN2^l^I(iH^Kdg`P2ev3H2>+!Q_J|TFsDq@{&*=HIK*KwVAaE_Pqv+nFlkO$&# zR+?>B=jjIS)$Krx|Kz*@Ngo=knrAJgx4S1!6;zyD2rv;f6hJ^E4FnS%AcS4}N}-|( z+V@KmvTpJ-r~pW5NIHQizky7u-_baU<`EI6O?Yiw=e|S77IcV|!sc8Y&$f+<$s=Y8 z+e-k^0O_&fK!z`dgYL;=lo=kO$&AY!a$XK-RNfGphd`9Q6b~wi=VP;Q{VD)6^S=;} z#SD5wDb%E#BebmDR@&Vlo!kt8!OVHv)%bHCBYaEX_;|l#xy6NsVq8Zp_VBrZgKLY8 zHR1jj3@BUuLOkgm2Dmvzmc|FzXXYcH_TI4tcNLG}idu20JCs}eLG@+qE=K!6#zJm zb?|t;ocw&&55;TP>ZF`hEhk1|#%TCIhzGem@?aEMWquvB5G*M^SqLgsd~;gvM1@L` z)zzEzPH0eI_^0Tbb70k1H<((iyFnXRs@8|l z^mYqr=?9E*%oQ#U$Et#g1`$y)@_`>>iC*!+FtvkGEDQNkYMBG_keT9}1bjaCDqT2u zC1V`QW|g-wBGrMotwul0EjGmiR2W=@Pta+2M75Admq`Wjhahk|`08VU6lv6?D)fOO z6^PV{%y>Z6#tc%GW@gR`l?o;UO6Up-5uTsQB;vCxH$QI^=+6jxXI04MLy{}j{%utY z581YM7vo77wgYz6|Hsuk24~Vm4ZE?OiEZ1qZQHhOPi%W)+fME{nb@A#*2(j}=Q~y3 z=^tIyU0v1x_TFnpm_mfzt_>H{cfjP`~m(GO7J|PRy!A%4_PMT_H;{O(9 zOuGycy~umSuz6z@2@&W_f1>0!_)1IArDxld(9^+Tu86K+&Oq$$bgf|3LJ4t6wGpOf z0+BEx?RfoZ6--_e*?N^EnHYh`3M+r(4->V?=pR%V6zrt0I*=Bm)Z{*Vp#T>~2+bZB z)2Ba!u{LYI0^6Iz@R6jO^;sb&EpnIVW&p8#o1*4#n*yaY*~|r|KZW5$48u#~%=8QT zTJ$~4az>_h7RVf%;1oK*V~rqsR^I2ot?O5btq96P6=O?7?l>Le5_2}E{^K3z?pxqH zS=i~HgeW+2gf!ZakP1X{apPaH(8=S5`;0$~C!^W$|1h4n7t@LkKje%b#*=|FgNw%l zWixR%Sv(7FiUxMXtkcvZ-jTKJ?=e5VptYiKQEFO^U>ufB@&q@Xbl4dRy2`wYQGH|D zfohpXwDNwwH)_~cHyC&Hm8WH|E1?jPjqL3ihlE#d!vUdGtI)=v55eQ|87s$S>%7&b zzdnO;-*Eh;Ixq2Ws$#8+KbOr_{A|6Y-?bZmo71!7_qOBi)Z?=@VbjJX4kYc$`(nt1 zE=4^!d6(aSlcBTTATVR*HI{plTMEK{Mn;GKe$Z6rIsIA4GkBX_@yr6AE)SN z;4g@$m_4dhyVHa;RTCu&#HP3R8Zqd9ir#2&JlVsq5>qBIN(9dq4T$|HsjbEgQWLCB zIVoKPy(XB7Xn|v61;wO3L@}w(FCr_DT_7ESL|UZ?4V{EB;X-?U&b+lZb&P*A_e}qs z(T5#W1GKP-jWXxksVx}Me*Zuo`^wG#3-Vy~R zK$PGQBVNkvl6HkV+?s!+|b{P;0N-EkJaXFJZSzv9?)ud z#{UcQoNnE$d&$SO{6L=F^}zoR@|2{ktkMlfY;*q&(~4r+qB$4k`~*s=w38W8))9)~PBin%1M|F&cd6&}hQ$Vlb=@NJyB@f`$nBXwkcS!e^@us)oZm~k!H z2BanlHLH@ODt!oe890MC-}2%~Y1*tvH#K@UVL=q|FE!uK@CY(o4!=&q%TklZbPetF zxGQiC@3gfm(7aa4Lr+joJ=Oylr=wv595;k$1sr!Kd5_+ZL5saB(1hi9sGd5Vptx%PC zJ1wI2PYo@kFx`Ti9dTV46UTHFUl-vL~<+Yul6BFjP+IFM57}Yqmo9q=aYz zwpUWlHv1sfVr2&7CH`qW`~>i)KI-560y(j{g9yLHIsc*5i1Y_`sPs@5P~Me8##MeC zfc(R!$0--5kIp@zNw9^V4$}SAHPxYbwlh@9PQ292myC;1=AHs8hldJ|8kw1ejLJ#~ zp^yh!dvHKb2)hs01+I3s>Mt}s$rY|t&$-Ex5`;O)hACD!&EfmlE^zsW|Nm8eR0k=4 z1KW~J^B&*7e!L!)zI^-g*L?+i{Wwkje{5&px8Vhl9k1(tD@6r5p>ZE_Ux{u{oUb?1 zb^LYpUvo^?g!pk=0x-V40S146Mmo=ZHx#WADfK^xzUk&+07d)U4qvPz6w^I@kH8ma zF%w)n;S-V!*=JuMW!PWHln*uYoYaXEsTY#Xc!?jQO(H!pVFnp#)(CR{4fi)o@Pw@V z6)EV$6xsJ&S>4G9snNsRMSxS{B_LY$hYgW@gSRFUA8lrT-bO_IXa0EI@d6M+N2q@F zzWvauSp(j>zu)&K7`0zIuTUi#;K4#Dci)2jgcKLDZis~9H!LBV%?tnA>!Y>DqFV z0kd8U$h<1lmS?}z;{CM_Xt+;$ENq1(?^R{V%#olWe6>$5-7&L>GDUg|&ED;*?_pL3 zAwD9N_&!jq1;xNeA@7e>G(p~xw!V*9u~bcVexlLeeeRfYbn-1bK}UUQEUYFl#&-Yq zCuRZi-f7+de1;WJ>sz`P{t+XvAC7h&@VT;oE?w>C*iE->D$~!$`cECi!3ruZy`E8~ zMPZ)XVjvOO_+9<^09w?D z&A0FtR7K%#{e|9)~X`2H3Ry{-FxdmsVZ8(MVu$}6QdBlc&> z5CZ{5<5){+T=g>}j;Aa6RXsWS*6^U0LzqPPaU{geNPYT~{V4yzVIvAQq$ z3RhHLs310Nm(QO=_co&L+TSDsn?q#+{Z6hvV{0i6Kc02UObN2X3eo`AQ7%Vfd=+CS zR(g@Y@@IF1b;gh}jx_M|d`^$aURcrZAS81L{xiltmyGC1lN2c+gD~gwxR+}X8I6iE z6pGfX;hz#I_1c4L+5#eGJfPurB1pz@iOUI;F_>=MhN zHmp%|JE{f#+k?sezS*=JJMoTWy%mAx9^!YOMgkwTOalw~cl5@=!A7>iNJ1iOd-Ekd z)mCO^Hq;)PL$;?hzB3FJW0l4}BG!>7tDZgb!S!|eFXhpl!0R4#;F`8jeQcK^ksY6i zo)tsb;uYRi%#HEQEZ5Pvatm{|;5za&cV+)^lc6+^BK3}JObD_M5lN*%C$sKvA@$O~ z{!*4MN2qA^k<9!-ZkHN$zrva){xOQHWJ+_v?AA*dzotqMp)O^74@1r7eJiBca>$-e zY|H+mBM2osob{r8uZeIh^w5ujZo`HWc~ykcAdJf}SZqFGgO<6G-QMR(LFx|6SgKKU z(oTKom^_@(^rp_}V@irvb{?iWc~AE25+12WX@oc2?s3%AqSlY4D~$b4gks@GUf?g8 zgaQ{nPIllMWM`b%OoT-7yqxY{!3hnLbj;;zdOwchxc`Dnrt2>S18DGuC5^d>v~Ewm zzaGyXB9IsDmb$hOC?{`SC1RkCI>~TYr<0of9SK zio6IG?&kOIc1#dCz#N>f9BUMM(@B?^UhH*QBPePl!Cac+Fge&Xb%#ALm%9Kp%p{f3 z797}hNZd+^vo8Q;*841OO{^QHSk`f&54@C=00pv{Bt0y}hoY^U^D$h6-u*sj#xp`m z(0ItU^4l>7plntw19T!U&%59A-k+-lLS@I`^o@f7WAxVBw3;P$Lhy@&gSeCx&fX_U zwff;|h@$?f5uR#+|JqX=zaRxn^6#$CF#E#nBxRjMZ=Tg*M9}ZbxuQFj+U;8U7(=y} z+o|im_x=%f^a9U;-sdNl)luYY_s<=IkIrmcMYU@-s;CHz3!?DUB(t!+yI;BAcw{Ml zK+rxfnI7J9=d&WB_@57{hNEuh3in8D?@VfKqvHisM3N{sbBVPZOP-yh|2T%GR3Plu zolj}ed*s;GgRgJUPA>`6A*+o<0j=PYf#Ig%BYAlILsztKHfWju8 zk)iEZ9?n$C6a-_+o?a3IP9V3WjG^hgm7o{uImgve1 z-Y#<08J0U%=3RSRVH))nrVB!wqo(^1ne5qJ4M1AI8#_jFSe&|a12`x6d=;nsI9?<~ z`q9|Jfpkdg~&tyduvAIsl_qTaRX`C&-S^$&;_}N zZp1*Ea5uaSu_=TI27C?6l5|vLt~;ef;V83O>%nAc+HJjc#dNnN(I!^=OhvOxgKAvN zl4y2wHAJ%}Gk@X3+6)yP>8%SDoqvbm(&KHjWP7~`!7qtKs>UR#>6H*@lESJ%b>&AA z>QH{@)5QD{=-6BT{`mXZ&p^G2^{D4)nnNL@?%(s@5=bEK{@V4A*be3F?3u{5thc4ueI9yEf8BqyUByD)T-2EvXR| zz#rw|_!dBu4$*MjF;me74gsg+F5chbr7Iz?5O1aJygZ#FxgC9=I0int9e2B%h9Y8~-T3oU`PP|8v;{Z{j(7~s+_HRMD5YjTsymhzT8Wj(pFwqCo| z-Frl&y0znV9o?BRmeYPB*w3>v0iFt`GDFYf`Fs9Z`$aNYM$?2D&j6oR@Y@S?{s&K5 zc)RnWQe_<^58m_y%kl1E36z0wXmX;_A8(D{H6Qd|+pD!Pem88iA`YSZo2R8H#k`~2VMFTK16Uw+B0NIcDUS z#F{L&OVB#7OO<^Wlj&y3ioZ4d^-iFm$L^F$`fPVJv2)*S$$nJ<^R|0mkg=MqKBN|i zI?b<0jxm;?LJ1UxP|N|v+LDR1dD_Bf(LcAL6rOhw`w8rFT ze>F!qMuIeq3Ool9LmbW+Oce<24gZffWykp-Atg${nc~z(VS6IK6!C-V-H$Xq{irmT zU&EprgUQtO4?jDpaLBJ>g9TgDfA|gX)C!KOgXIk{$`=cp<%|T45oSS-oqExuO6mn8 zy6T0KuahUe&*)${(3#W%`iE4%|> zIwAM~Rsjf)i_S|er~;qKS0E(=EwZiiK0S>%Yu)Jvn)p1w?7k<$;kUbN%NsU(B5$<8 zgc{3Ig>S)@L7b8b*c{plH{p4*P*Yl01wPu>`07%qnr=cte-qIhOZ&V&E}ZN|s$18P zneiH3O*KbUut~H;$P!)h*k7Dtxb@wdDAbxSX-SoK-*-zO zCe z1qTuhcwZv!S0TKlm*qSeq?ERmx<}xjbv$`?T&YFfjchz>LQ_^?&LYH#Ai|L&Sic7O z#_8T)_kLxj0JZcI5akCxl7;0O4&>9bOkwj(8nm2xqne;V?dG; z%VI?qSt!e$^-#b?58S3Xn}$tKF{EEcqk5(xt`W(s6|(*M@vUmjdVxCr^YH_Uk_mCs{`NH8_p-Q@R8N`U4WI{G=Uz=75-|+G~#Pc+##%}eE#8k@S zW7T0YkDUwoe6RHnUF&r$+a&zum~KjBfrmxt#JpEWuzieXsoS)ALvUyzVVofGZ-xW9 zMf3+qQDtllZDkX@eogBrfx%DcEt z=ymD-e)6Z6^z6g;amzzvcJEcj)5-0NwpR}Wau;0eGi5gr{)m zSApq*rI27Nf^>ie?N_NICdSd|SaV1 ztZEgK%bihEwZT3a*q|h$L z^1JVkbLm@x2aY!RHFoJfex9wKeRN&|6UvPmqn7V2)l?|bGd!|f18g0M*6MwVBa%5o zad&Xs7-yL!rk-wp#^+1{X%+xB0AZvz39v~vn6OEH%!5YmSxWi+Q{N`4Vz2d`4J3L4 zarI35hGxCag@Y`FY>b%IVf9khTi7`h#69iQeoQn~Yt$Z|-0Ty+qtC&se2MeRN6NjS zn{zT9(x5AsLhCqB)AictTJ&KyWDe}^0V(3n2&TzT-sJ!!z=!|$hjMYS=;Lb{Exw$npPOoE`GA%94im$L>Zbv^mK#FKHPUi z2iuk6OwJZWlOfoE68me0PN6i1nQn{lIgwK^5tm%zFRZi&(gi=C1b!Rt!OkCM4}`V( z&n~+#;nTE=Mf@UlDDlE}szQP5@@sWw7N>r`wge0k%JRGz9uVG8su04d-orAPJJ62a zY4*x-)H@HJP%Ob!(7R=c>+j8vhp)B#sK2xV{X)2lyddB?uJz89Uqc^Ktm ziv>gBZ}%^cop+BUPepwCM?3!qQKxPHui8Xj!a=aP055%W(Rir09G?G8RF;k;gAnwZy*M@6V`bw+>zWL86a~+{utmUGsXPU&dT< zLy@{!QWNOj&y3OL3vHp>e4Yu#(F-ZWq?8C+inVbs4~yCPwPyAoEj3Q~=G90ZXFw5J zC4}1@o0AU;9d_N3kcXrT)My%LZ1IMV_4<87g;@9BQxGyTsppm)WR~diO{v~*`j=+z zX!a{I$49VIgyFwHFf!Yx7K=>ErIYhsM`-m1VC*J* zXA=Wno_*G+?Kb>0TW4nh=1WRS^7HyFjZKr9*b(c&oI2JZm}|?wW$gu&D@nd>Ppe1W z5U)L`+-iLifZfRbZ@>|mlG-*tZhG|Flgno!CeB#&q$Sj^@EK<1FL^@xzy|1s_aGNq z8hcy234Ms)jVfsA134dzzf{7j!;`$Dy?yfJH+}J?q?R_j&GdRaXt-2TA@O(2eJT&L zZf(D%f89E2J=}<3is0Ve1nze7HhfL=6OCgJHC2TgZohjy7Y=3h$N?c5sw7|YV&K9e|NPDIyn(%d8w54e&eJ-|RJRJw5l$qxOCg|3}EK z6Xmb)SP!;BRbzF=U0SQM{^69nP*&6_UvZvd{pa$(S7#maR&0sqDd+?%RBpKoV_Q@s zq`1pieg@tJU8sPtwnsiaj(U6T6?oUJ{?Yhz2zIn3H&8teMG?FIUJ1^+fmTK7a@4=H z+ZUWe@L$;*qI2|m1>Em|dFX0wxB_S0DN-%Jr|tsu>+f>Mehk$YEiM!rel>-=ak5;d zWvpGlr0u81z3cU!C;#PJlB8PkAvV6F;M9OhD`xl-B<`yBWk0w_=A59lJjZ6ys#ea9tyL`pkhHW~DOSH&)DFkh@eWpg#SW_d9tcwKI$f0(Bp zz7hH5{<)#7H|fAJIm^eb%k*T?zsvWJ7r(Da|4UNDvd+yR*`A{Gd#0?A;pwwVVOyKJ zEG^@B7_2Eilr_PXAu?<8-y=>s%((Wp zV2}n{0{zmLJnB4?S~(}mJ%YZuc0My8-Sdw-AUVPR)Np?^VwRiLs?;O#r4gx(1^e9* zAKnfL6oW|NtUSh~hq=-fLJ$2u=^2bar^+c2*&L-d9#x)zogX3BMHm>s1?^Bx`|bix zyixaWY>W#fb$U|zb+v9#q_ys3ZGd^1eOKq~(QC1z;uL8wV9WxN`n!<40Do+0%>R5z zvkJl|pZ!Lt*H=o}A3b6LEzKf{m0L%2#P37praJRVfY3KvkLb>O?8(3Gk5<}U>)mJu z1uZ?jQt}o2p+Clp`>7uOIAA7`5)UDlYQn(NNh$U$gStD2FPg1efKoWv!{MpR<$QK+ zXbI-&*yc^{%U%>>|GJbDm7=S^@W&%(aT|&1T#07p;fkDA{`cQ@D_gr}Pg(eB1ZWz?TUL6zbo_2W;X0KFnENsEr=I#dYYADZHE^Gtm-mIPJm+rMGH zGZMJa4GG5Q9DfvRrov}s_gmE?$*RUCmF`8C7N#>N-UJ{N0@=9)crr8g_P+G6QLan# z(MuO4{!IM*X;6Y!VHS>jX48E)#yf5+tqIz3g}N4?!Ah>L8g9Dd)v^GP6;!`di_jT* zP!J(9>U>E~cnT+t4L?U9df_@K3sa3jC8H$cGSKA8)J#iRjhBT2-m?XK3^;apKBr68 zDmDxK7G5s&tJXrCxYBQBJ*QfzZw z^_9?FwAAQN81mn@e}q`1@>+z{7QASd&+79l0@7oId<1f{(=&7o3W&aa#m}4> zKPK-)_pQVv#jAf9&@<_z+#RYQ3A`@*+__MGJ=3q=ecyL}lp|B$mKR*7z4IQ;7TQbK zHkvP#2Q27Vv(&RsJh{hfxRT(U-N6Ei1B=iE)`0qb+LD|yyT3vATA(aUtx{4!X zuq9ENk1rXomq|@|qO+6TS2+@XBJP?L@}^5s5y;O+LzX2>?uz?*VUn8B1uCaFx#LP! zNdFe`sK;{sr=Ai0roi{uNpEL5^KU>Qqv&016C$YhI;bG^j_DBJq&@Ts`miw}WVH`4 zf5)ZyTKC)ynH@(eBuz0_X4f>L6T`7{>XDsjo`{AX+K$ywAt3@sh$z#bREAJf%vc5(4?_9zTGgLYb}Pww%kzLTBl z*RvIZzpm3m4Y0a+U6`W_Px!8cU5%jiTKv%nmQST&Zc8Apc`w(Obz_DF<|Cs$+p7Ct zTDC{zA`YF~lr>t`r=}8mru($+7FQCJ6v=iy5}c_OC{*Z^%~n^hP1XJ9+GSMH5&)ue zm~}udO3`najJO*~TGQFA!G>K2=x7=8^ka+A4hk4IQqrKo2~5b}>@J1YWtFf_soyf! z+?k4{ch!#>_?Nuu+3~JNVvnaqFqo<6&I*g(uhEA-H>YtpB0HNm+3FmZgBeD9Utc)1 zYHEpl)p)eJC|AQ47ir{qjO)l`ZBEDbZZ-MV;R-8NNTJOH+PPGR^4u+Dm)upe~G+SI=?#DuzKEnARO;~#*Ic_6S~|#2Qrk^bdSX0&}1V)`k9e~xD9b5&bc#WiwSl)Kx75KUH#AY ztAch}m4FTeR=0D^iJ+XTz=I03VtYgkzLQ4bc-{&i^1Q1GZ2PI@9VfXL;^+da7+mx8ZB%>`zG+YUf&vxtA;&k3II=g;*$B1BuunT ziP|u`;BHJT|28{EGqcFeJ-i6qA`DaF=(j2$WBL8{-lYg$FhAX!lyqS_ju<7juS^LP zCR}({Vc(^!P*b2oKuH5cw$<;yVG2pKe5X(C)By1dXic}pYImbVha)`!*0c;M%!h~#H!kEw*hkmZM*zLOy&5wMB8cY zOs6xa5|r7~5}^1Hs%qy~RaG$$qqSr459;?pnLV0{F%QwKLVQe|{iuwS0g;{?O{WaB z{GWv<+ymvD`{Nibtl~gwc+14A%pnBf_cC483a)HNyubyb5+&UWCRHdRg30`t46_Lo zdFCB!SD}$jo?%5#eI|*O(u5Td1a%?jBX-V&BOF%RY^Sv0TC@aIrD1eT-bF_36K`~t zY4Ng=<&$c3t<=^rO7+b~hPxDOyWr7+vJOenb17?aOcpt>BB)$|?tv%Y?A9s5klg8l zV_GTfmZznMaz0aKR*&H%Gp1=375+ZeKHL?xrX_I2jijhbT6Y0Va}u#IPT7OVd75VAwQ!_kM$q ziY6)VewHY-T4khEI*W7oM+{+s!rmu`2Cd4?s(3N%FKJbzyfWHj)h5#@A8{*4)l)O{ zl@7O1j%b^b>Be-esS#c+;z>Tg@sebZWS4S8VSj;DG0Kd-uU2@-;%qxM2_e))MeT7d zFZj!Y;)B?n5O(;(i)0Uw(EfGT7T~1R^k-+_9t>qF-2rp|cC8oZDWq^)+=&N5%{>ZL z+KJT_{OsTJVi=!JMnp7rd|q{@r*bpY#8Rh_}eo7QYg&vETxRmrI=(q!Hm<&VKc4PFNzli_Sn^| zR9)WwqKj181Xu@3ofldzoj$Svl6g%S%%r_?JLfc#>H1p2;s#NR)!r!P!DXlKGhDbcwhID-fMzBv!I24ircdj$2%hlIKjZS-(_}*Y4NLQ z+k_o#uI&kx#%!{acTX!N-0N`rpi>~nBz3Os!O14_>2%#f38ix%6Md)5VmPTOrX^uc zQ+H=W8t-}Cunaxxq($1kec`EpQJ25aY02VcxF%rfs(-5C6m59iIkpsxL_aa{2%qLV zY(nCbIfA{RUB;l@!bv_UD#LT7Glk8<(i14lN{WQGGkEPF{M%x#uxU2Y43-y8-S#4E zfA17F!;GcEyC)6+ZT=N&D@z`Wmk3*farSSQ(1;cFASJto$^sh!#d_2=p&?X98PQVk z`JV<=2KEGvi;U6ApJ$-&+)_-+YL!c!@m#6| zDWe{y#e-R~xusa?l3o%Snc`?CB(#VJ}y1qM*y!rA>-33BnM= zHDn#|Xgwv1G9vUI(2c*|@2Do4LK%%77BfB;|5QqT-|J4Ylr`f$uCHrmW2oBIYb?2| zKdoaYyKs$7hIq_5ad@fN>_}^6mIAi&Nz~aRQN3c7!H7~aS6pi% zQ@T1mq6F;UCY4Ef5Jdc32K;_7-vYe6)gRxt$>kC8y`B#bYkP|fh=_>!yr26ww~G`3 zuXnJ{o&<2?sby;z5jf9kc$?RUChRQviMKwCAF;)>?BBqgJ3s#g?c8<0CP41oy$CS} zAsu+RtFxXu8dxfZq?AK~Tcd(zSc`>4B1Kd#t601d%q3=3A4y!JY#b+mbml94U8f!BVP8z^Omxju$T+=VA2;*#-(6PdIn&+IdlA2dbtG^ zM&UM#!U1u|KQ%QQ))&$NcLz8!<3Lu!w*!F>h-Tu0MO*{WVTZ_px+(bJ!bS zZ1U^~uY#qz&bVtCvDE|KEZ_y0NCVhLoJgCwvMcT6{UBRvQOOjGulRWSdAq_rkS&l)BRCyLs})?HgK3PKi!H2 z@DZ|qVmyIareFWpp!g^_>ZE+^I$u`Wpsm}TN884Bz%U-MOc@OoVOG2M_ASQWF`QMP z`x@K2L6r*zuFs?aui(UG6dg-N_TRpmc6&9aBeH2G3}Mi8Ett-T?u~(;4Zb7Z18&^- zb};!1LNJ0lm0nV8rn?ki}B_pTFTDIugxp0#5mDfG1f%+cAEFvrLHG_MlnQPz@h)rM4{ktn9O? z-;=d7elWd@nU~HlHSlcsnDz{&nDwJialT_(Z2SShpF1l+i}PxeIRudSbZ^*x7#n`_ z!Gg;L9?P1eN*vt%TLaf$tI9BqT=@&4HAV`zY)7)pO=85Milr${a)m=Zc%%@#gew)iQ&^@U}NJ#xB)8gOb3j5l$ebgn~P$Rb>BYqJ#a? zq^eaD15^ng!LXV%e%yIV3--{w?(Vk8umH#n%Cd$GuATwbo?YV z7{ZY>5BiyQhdP2J?z_GdUM*druO%E`aD<@^sb zO-pWDxP^OmqTcyaqQ|m5fXM6~fbg|T?<}%M^Vwo5RkTSL> zKH94nFIeEzM+nqigCs>%=9q&dx*Cnn`a1Di$59j>x2cq1Vf7H}!a9fHDYA3XRvP#v zMZ-s3+@{yTvNXdHMp(sRofvm#T`bXB3$sFBq9zYC=H=>A*j}Ir@ix3%|F=AH-Y2=; zPA>HK!??f40d@S2#bKGRo>ZCMBy7GeHlX6n5b!J9L`35m0vjS>YOn23v)Cl7p^4b; zx^Kic=FD;>9U$;3l1#$!U7hT-Jf`aV;xaC+R0%~du=?^SE)8sLVslD4VxbbGW>_W8 zbMqr~MqG%3!>5oR3kHk%iiNdo zUPvmbQRz-~BRac@_HJ~>YkN`D<3d4jJ=jPik6s9iS-!4;WSH`DRV+`sZAVjI!snJvYIJN zMxTF?;>5PR;J;^9W6fkmr;c4|tBK9Sx732Xf7Po90DcO#watON@H6Q^dk3c2ySWpd z?mO2qi&zni@~O4ZI+en0QO2rfavhIh*$DGQKb&NageRRp7ClF6;(=vCFG*K2fZKAW82DH-BdqMYN*Pl@K96hwzRAK z_1u&?;{LHXz~EwsvH$(@V3@a@hPB5@ZH<%O5HGbWUT9UaGX0;&s@F@G80n49`mZ4V zkWYcFwzi}1*MAd>V*wSn-@Kb|0o!9ID(?YrVy$l9o1FpnTLRaMpZA;gd@mi_pNnW# zZr=|&m?yoFT~n&|gmWjDhXtr9_a5*wS?xfFWf0^nru4MZ70y41ZktJn4G= zF(&oKuPhv1e^g$7{V19|sYK>^5N#bU4eCd1lRN`b=7{-sQU8mM#|gfrZ@lbGV7fUQPqxVIUH%^0(6nSc%t~Y065}NWNy$ zV1Bqut}^0>TZcSeBg~kd6`KG=o@p*ZpXv@OwZQwib`g!^qwFFGBjO_1)M8_cnB=uOjMwE`Gz zr(%{bA=Fxb3zz2o-JrMUiTBHwm5c+m9FGo7*;ZgKxmo1l!@EM;@5wo?hpdq&z54NQWOm zlVy;-N1yqx5ymL6>9|)!b>{qpg;U^GGu!*A>DF?^upZoSIh#T_EpZQ{rirb(v!;n7 z7B7t?GbT_oD%oUsHx>}AN_?AH+SLVN;78QZ>rxYaRovN!FU?72@iZ2N*0+hepKw`{ zA8^~AMlHPy7y`%{K6czdl30Ajmy&#L`FBw(tEOhwxTc&QW{PQbfRUv&EM{OEr^Ujt zn(45W1-j0K47z?DC(uvQVwr)U^VdP$1j||6M>Z2)DmE4QBtwFxuo2nv+Juf^8lQ+L zvVNE>@uX5WPt0WK#n5vY>v#n`q;lN^O=j1qpinUSz0l^KP`oPXvi8B``C|=@$n=%F z)t#xwUM#9ji`845@+VbxMMt6TXEswFUVgvdS*HmH1z*E3S(R`PFMm(_s)0Op(Fl4- zBRW_Z?8sp?!(g+l#>A=wjFUpvO@M)rMve$h;p$C%r$wq-6<<@9>P20|1_XiS8I39E3Pcg-hf)q-%buZQg6P^ zu&ZnhGZ0krab(Y-eef-%_&iTwOZ}9cv}RN8&13JVU7N}IEu zcy<*?qb$Y*_3RHXn*JGsX+iaQlNHs`%SjxchrdlQ35ksjSPHj2F)B+E z8ckvoXG-}hthlSn2QJ1+lkR()Fm3!Dbt_9=J*o>kofu)uPwvof!4;~tbG{_!rz^i@ zAsQO{ertKCn=T&scf0AgA94pQY6T1(v&~JP={%L(aQ1}9Vc{&BdgIB(R^_K%JNnTd zuE}JgN{!3@Lils=L`=W=v5Z$H3&r6-8D{LwAWSI&A#VBN+Cz?c*xVc>E`F(L;v#mO zoYM7hnvo>~sUjq1s!YHgy9oKw%Vm~f-M^vmNLf%=2DIS#Dd;Ob0OJS=O(rlG-KNGJ zDy>GV`4M?7pWw>3ST!S=$V{q;)y+>*_%lP|DwtnZc8IzImH5dl=9DoPus6l!5u}|3 zYXzk}r-W=6A@Hd*A--D82RVqrWi$@)CcYk_ZrUka{A5^YF6`v9z~pzJYoCksqUM5w z3xrYN#_IE=MDlz5YW`Hk`4J&}J9On$TU%{2D0O6UeTC3y$dm2^;Px1B)4``p`~oAk zIe_ZxCY9$DL6g)C>2YsKUSgK9fT1WZh=c(SQ@{h8NiZ%*d9Ux&#Y7WPlWA7p7}+#S zYuR6fjuUO@xw65{QAbL&dcn|`iYc*fhYWHT_yEp5UUHtX7Z$*F+tafTN=xhYz$0$v zGn>;nCb_kWgJJ|GusAgAFcP-!Wb|-P&6L=vnGU6ColxGoxMKmaLb+r60fe7xq|U?X zo`%8i2^ws@UEvmLI(~P~tAZ|!!=5&~-_VtDzw~y9%WSz_Gy=!ry7!P2mGp7Mz$g`k zUa7JtViRHc`zZYhlG})l_4R=FfYLxkc6zI(M{+2)68Oq44+i5q<`nSj*z$41wiQJx z(h_kWzQoiie&JM%Tdc4raFFwy%o|(eUv$Up1&k?Ke>s#)>cw)8iL3AnwUqMi$y3~MPg_(Wc>UDXpsr2}bqwX|c2=6&9u*O@ z@N;-WiV(c{p!SYuPcKzU&C4^YPreEy5VQU5m8@hu9XjK3vr()8MwhGJ4LviQybuhz z;;v)K&Jvw)OtUq|Cd)m2tjaG;1fuDwX-d&pyv4}#L{FcME&6WNUgX^F3ihK|AAWUI zwkk4)YAy%zI(RhlRYAZ-CNmnexTl3%v;`-UtuMv~=S)a)R$13|nfIgiDwi-JO^3Xg@MI&8Ag0%T||X!49-4gjrR9!2jQwRT4DQs^79mM)%bYto7ctPm{|Lc^7S zR>&7}A>nd?U8QT-fZ3renSLYId3H&!Io~VYitzI}vw*KWKV6Cl`&HABeI+t- zXBS@>4}twhd`SKbeCfC-K=f;8DF5qY!}6K{k>Jad^X=?JK;Xj)?)znNTj0sxCE&x$ z;d*a~pikiS>f>Q)*7v%NKrByx-=L50BeCbL!-B-e=ljJVwpfnWR>sFP)jt>oAC**DJ3TWtIQNmzQO#(s zMSxMXp-w64+_QN+(q9{E1lvJ=TFsIwi}#%K7+;u-fB|mi2%pP_07kjP2SWd+6^r?U zA&U53?+@Fz!>WH(W3#=!9}g3I2WtmoO?_XFYv~ua8b52t7-Y<3M})ZWRO2_(LBwAC z$(?|{fWNrEp;2wd@<5>zwU#&BfEKZmmSDgLQ0iQB`Q3;x$VxjDQDJk+1QNfhHNIo1 za~T4@fZwv&Ill8m9Cf=4ABKCXgc+W(nbGqiakz>?W#jN78?C69B%!=tz|P^kS^n-r z{R)wTyj{;%!Yy}6a@XbCH&5=vW#fs}f18sju!V2$zQvFVx$<5;Q z9$}T50Y|jiqv<5*hnSas+4Mm zpt+K&7vc`_N}4vM*_=ST5_h^g8!9Q2-Aw4hUK)mVGGF^+b0<%G+0b=-W*HPz`wLlM zR~Q9&(MJ}g6EOqX1AThcZz3iIZZp}G)-NI5n4?nM~K)I;MFSwHZ%hqG5&?tns zq+Wj6&Jh+;5CgGa$47xI-p0=o)xogE*wL4%p^Mm!y_f5C#Q&(Oi;N2oV3=LMmJcp7 zgRYAJoQCz(K%^|DLf2l$^pUxo0SoL@=-$Ig1nWy0CBEJt_i5fVEJiH!7u-qkv7Tp3 z5aP6Od*>MK%NWcpA|xVtC8?96d{sJ>${qX?9dqRWJUskYT$h_e(nkicpA!m+i; z71^RASe@CouXs)={%LJSLf3*2f3cC7DKAil(XlL4h5q{;1P=`Y%w1wL!cpUY8~fu? zj?<YGX<9)+wYUNtR6Q!)V1Z$!T}3 zlTCmS=~`CbrT zwyUG-$;u7y1(5eX2*hBaClKvS>!!r`KB88$+mfV`*(Y0^CG`C#@Fm8RhAE}WHMU;& zIA}v$L}#52gj~zR#rbgMn!3;lj=bZD+|>mLHZD^}U#lL@IpFZZXPuoI?@YA)txaDMpV6jb}p7(&Vi*9 zZyMtml%4e0)hN8aWzH2h1}G>WVNhLKg8l`0fW)-ru)yptvo#nEy{nHn%s%9uGU5~V zh>6kfZxOAfe_ny}WD<)2PK#`fi z5^su)289}d1GgG2x1BB0fzXbF_Nn_D%3Zf9`W7sBB^jhd;ob8W6(SfE-X#zVCBLD^ zzVEVF8jH2dupH%zQgJ{btm&5k1}KG>gox_3!HnP)*?E!JOBMX3g`h@ITj(SJ!w`erNv1#Ur`PgW@KF=^&c0eayXpp_$`ghj7yvU38HQs(08 zJr5`HM(d2Bl(Jn1TzS2p^t)mM{ zP45`Dv*ypQoaJV0Xi$tKIPaFM%)U}XrB$m3ysjw@ zV^!Tqc-UI!Kfgw2o877zIq>MZoxNv8cr)w2Hl3N(FW{i+CQN(~dMaB~^sHRdoS%)` zR*K5>#VzKHO;Tn!caoX zWL;f%Vnq|oS?m48ly*GT#1BSt2@NV~TNJup4o6~121I1UI5_le_*-x5&tAjn-PvAq zw12@kpSH7t6;eiyNN13DzyIdp;rX~bRet&2-8Fpt_Ve(5d59F3&&B8ayt}!%8JlN7 zAmsm=(Eqvv=j@t~Uze|81@!#hXsbQj@ueVaEPRQI+7@OWbW9pL;s>f{>S*^sIHnn)X(JA4>+^U5Y-b5Z@7Q{hYBLOeaRf;<&svg^@rhW|Myey1RnAm=D>Q89vzik9 zf^?-h3WL}vL1!e&LmwbT7_ZZ&pJx##<~Rk0mUG1OR}(^|lSvmpCN~<95Gi4XO4^3Q zRbGS(d)+UFKPrxzp`(KTk4s<1nRPg>Pkw2Pv0}N`rG^Bww`mbv{O5?BIS8|+A%a>yf?#Dl@uVj zd%F)1(cwJ(?CTyTh_4i1QE=&3I*TD|H`seUy?v)hoLgR$R;03rt_8)c8?P^nOe+@u zut8gs=+?}q5|_k&-axWK-jlvAc)^dnT#3T~ifMh-=lv@v2L-mIDtPjRKEXLKfDt!_gUlP;ev)3TO{zVOWfCJEjFRDS(49aLZcSv z1+|-(%(G7G$xaD7fYn4Skken=^_vY6k6PK=3runC8@J6`3;|k{U(uM4*EH-{K#}In zu0>yoOK?84z&!;2GeIJJIz+JGZ4eIaOMA-H`i?W73A=!`tGBQGDUEN818hz3y)H7I zJLif4)Y}LdvOcV?2zr$`j*%I1#%@H5r>~0?2G{Q`qix|Yfj_GbF@#SrSPQ8j{07=m z>~7i=Em>r$uF@p*gLuUC?55Q>F80Obi5#_%&fp@kZ1yW^eLhxV)#;(a_jWP zjl2r6f)$8IwU`e++(lf^Alj@I7Rf~e5jOwclw zdy@CApR1k@eQB`+e%VRLaC|B_ySn{iZD|qb+|PP^)z{NIbltB+=bz3bWLf~%1^+Yw zZ}pmA4xh)JiS>7T>~v|%ciUl8GstEs`U$RyXC~7qhGjGK>zH*ToUD)jvn^4BFp;uL z?UIuoPbw~ZMj?R^nQVSYRPuDy&ULxoqHc%w*iv9qGm$NwM60o211=hzBtkzhBdm$P z>;+8hZ4H71Wq7L5gq5}99i2pi#NQYsdhfLsPozds;?(l=jB&kVxB;aFDWg-2WPZE} zqRs`aXU!oL49j%*v(t>*SJCL%Dpo3ffnT``veJQ$DI!N}5dvN`cYDk`8E#ZUAm>O? zS1)SEONxNQnzjYi`J8pB_4myu-)H-eQ@?NN^3_+HmwUhW&+FMj^Vl4|%ARk2ucyPO zFE_$mdDrj83CZXQ%;MxuwM}?NqjZ8|l^IUGgEmGGd$iej#o?IItC3g}?_m_Prt*P2 zA7|&ATjSdGWm$q(0^enZtQ4)QTXP4h#tvZ|4+g~bv>u%c3S1Gw~?49;Mkp}e!um0%IdOnKJ zT&W0UgA*+DM8|xKkC)i6Z*!Z4%-Y^9USn3htE*2NXbVRK zr|IuOjhPOrTKXpAD5n>qWGEX{h9NQ9PyD+b-_TdxuBMP_2oi;tZnk=ydl%V$BzM0Y z`_jF7hhEvWZ_aDoY)H7h_+!;Wk?a7`CGRh$fCqXFR#&H4%)XdGYFroY-QJ~Yn)zE* zoR1T3_#WJ?OU@t4j~^PkM{E?Hx`W?Gjk?TiSd(L^Y8b5b@f43LAY3Gn4MbX8< zsNOMTy17~xC=Nj-X>j-P;BM`|fkV^^F$#c-bDhvcY%zKrk-43uRd+snWd(0>v6ogv zs}IJO{q4IijK)pt(8&Pc!L^;TF!=)yCP_p@P#Mg7fhx-7SFXx4-(pZH#N;K2=`xP0 zcYUa0W@1~6gf@&xq^JSXf50dYr2e#BfcBlT@W?Fvd3p1VU^9{dX zn?goJ_+@7FPTAd9CRhz0M&jvQ@c`pDZCpzhI~a1dvSlvL4oB%w$8*3Owrw~6Y?F+# znFI|`zvQHO-m9gT&Sh;=UF8LK-YHqnZxLGd3Zul?F5es!C_3ZPSJvIxTgzp&YP1nX zRWuJfN%V5n{o*{T*ijHE)SkXJzuKU-uGkIuAxe79>$jZ|H6FQuJ7QI{T42YDh!8J1xJ&_$C&im{*}4` z?Y>T}S)%ifHfG(JVe%1o$?(R00pMsbK&99&^vQfDA@i3_3LdZRmR7&{eU``u47D zgUAG-L2gL1EG|9jc^%T2P8nm^_VT;xnbng^m6K)iLJf8N+lx`~T1hlPZK)xDN9q!7 zOa8&GS8ca$Hx^qb4}lSo*#OPIqu#j&zORKBJyUF_zq6#1JFS6RGJ@5YdF|HTTq)D} zGQ)8fa8w0pH-I17X2{ScZ< zLmBEnI-op}~lZd75&02x&j3mB5K=@GXQtenER52@p8^e)6}}(HM&R0JNCAeZPNy zROh{2%fc21aoQp=6z*gwzB|wQ6h;>X90HJ2m`a_0B_Ams1KKGy0b`h715FUm7L((> zM&n#L$iMyoomNK|`QsC?-_PWfdHE_;rQ4Um+f$ncQ7ir>O6HP*G7M#_Mp4DluFgle z5}3jvj)agD!Q_HW>^4e|XJcND)WIBnl2R6dIoW3aD>XtZf1_hI@68uBd?2Gg9~Do< z#w97_jI4`PgVtrc!B^Y)Dhm;jc-P*k6#wrCBq`8!zdlhsaClau zD6DQOGRJdDSs;_eN2rE}(A?&*&T_SKBiY0HNSEKIwQF=M8{ch%L28;L(aO}VD$P$z zv?kfTjx%k*vwa6yHlcW%r?-uwrngvH8?eND_kL}x@JfY%}!4U5+0Yiq$$m==uFm!G_9}>@95~+VuOVf$gfEp$CpSknl z>GnL5J3@F1SpRU#y-3P;bc-2B>UuYUY*G_no{Ep;c=8DMujT0M>|Nkd3&~CLbqD;@ z`SIMu!(ww=QgjunHOXT}znz`ew7OEImf(N=*3wk^i?cutA$jZt)kk^clWl6_v$1x z)UQ^#xegd9C4EWhyih)&_?Mi^#lAsc0;;@2IamI2-znT zM#<*Y<^D}(w~NWT8_#MY!kpc4F@A#z1nd7y7de(b$)4H=cBdqwI?9OGbMh+-d9o@1>fJNgI~U?F;eC zcB&FSV8|m^A=Me2F?jQQ>weyN;wUPBBf>{RJsC z15TFM=P3eWjx>sbu7qqPc)=BmMQxOkM&~c{OcAlDu$MppdD2m1&LE|hrcpb>)+HV- zkt}7KsSa;p&}fo1 zz$P5`1Lpo%ZxB|~L8wu>1QR+MYxVC*;5CvZTE?eP$F8X;%$;2ZY&K%|oG7#IL57cb zbeZL-s;+MyttynR6!peUD-+F99YH<%au+;c{X{4KPqM_#1T-`F%C7df?YTuJeMm+B zb#!)#jys!0;)Jjl`-4_h!I}S6*o>%<_S|`DqBWTcS{EyNzXzQ(w^PJpXIq~gmV>4T z>~g@{qkt_rG-udw*a~C@JxYtc8&QS&`vGKE+)nPLmP@YY zuTMZyP7iPt=bt}k7|D}IDmVIy$^8IB&bjV`Dv~c-2(dX{vW>&p0Rb@UL+NU;g>zEj9-{y6b zA+u#-!L;Y=vD}S1E#-jWuv&Wz*mx+4MURfzSM<-XgKBsC6i!}^P0ZY`E)ePD4Fp&h z)6VIEVQYl^PONFwY;Mnefh=uL4-6aJp+epKCVv|N)A?d)!PVG^nZK)+`>6CL>|f-^ z(7$u83LxLEu>7_tZn*iT4Sy-KnIX$t8tGartaPl>`ur&k1LL~{&ezkvt=|u}3Pb`E zadw|+GaAs0krA%h^>I^0P~rH+mfxOoq#_K9;c1V`#ln%1r#oQNm;~i|DVfnAQ6k2} z>6Bsq=!$SluRYu)DsMfu$>l_XWA|#|>rl&A&q0$tZ;H&Uy!?kmI8bywC{%&rx*8ZV zd1=9yyD58Gd%m4*vr)UVoe*%;0U*od z?AmA>DTA(YHM4CC0k6y@mNYS}K(|Ja#dj}vWKSKyV@br`rHf_qNjTfM3%D>%=$LFh zzPY}^vs+s0WPLKT^(hqA(w&JK`h*wjOso@Hc02`iX-ur`>KrnnOsJG&6-NCwX`&y9 z@J2aDX|S@^!4W&T7My^_f7s+i8ctNWi{vEny`AnZ9ig90)X`@&r2F?&@b-1E^EqaM z;vU=~PTsFEX;cM5GtRX*5D^HE8ayZ;)9c(2N6ifID9CmfoYKgcnVyL2oL#)_L9f3} zIeoSjEJroa_Hpn09HVFn_DT5D&X#Pe`j9aVQPPmWXg{|r&3)9e_?kkfz5~mpH@RKa zhYwb;%1zV`*1Um!@7oPU49Rc=ooSg6N%XQsPog2XUQtq~`yIBQTi&2XKdhL-$V zp8P|dB_J|nGU~$SDnDn%>CB=v%cju*Z76}t1!6=FYWaQYbP_3pDcgKtR5rzw**ezF zq7h;hlCU)t_qy7Yty8Joll$)1$Q5V#8B{od)>Le%h6LF`l(-muD&F3D*eb?dWag#p z#Aj25@XFrei_}I_F|EYWPFW&yTh7kGWnR~nK*2E;An5a@f zD;mU(`(*)vWd0yY8EpN|(k)EJ=eu?t3|AaXhXV}P5&KaiHW1`{55h* zn*r5?MPOqi$}6#|^nrb>`Y+PF(ta>iD~fp7xh=Vy3`5iHDQoOmlQ0>qdq!pG!gQ=s zp7Ejt7Ty?>h?_ykr4h#i2MGl4PLgslC=~-S?umW?JkKu9=_SlF(D>EN&KjQmx*_%@ zNXrV)(%$92;l3{e(q-^&qoXscPw>Mi9!}QFJP}v=jAmAsAXb;Lb2nr;4Em3rO!0BQC04Y5F12Jf1LAF6!ewiK zBCgu_bKU~wI(6V@3aIPkS4(H00;hREj6rRijR7VDj5s4Yk7xGxfVK*An&xvsRaGj= zQBkAxHT;u`W>z<9OwgnVN!9Wb0edWWI&*Z(dEsZiXU-1LR0?x8(7%t=Ggv&W=Zpr{ zVFpqvy-LVK`Rn3UI9)((X6$$hm*TQiAPt;X@ehnO?djK+M=RN2hq&ZlJimq2^SM~t z1)?s6nw0C|T=PN*l2g79@G~9Fr3Fx%#HCF!A0j5A9R8?KtMSx<&8I~MQ-#O}yZ)u4 z%f-brUAtg1#jnec<6YAO4IJh=O69>)AuQU7gM_c>*^Y+pZPM3PL2;(n&(6)sBk=Yy ze6lmSI@RcCYL$??b(8Jy=(qh0WSO@I7Te&*%1~%Ga3(C}JUvW2L{Tn1a#3dW2b|Um<#@~;T3w0!9M&;z5deQWy$sn<);SQ zVH>P@A=*$pb<3f83NZeeBD7eXqO&K5vh^yTcIuKE4h* z@8{L|@4L5s(L6l=`h7m#h(Dbj=R{vze(w7%CfpmU9Q-D9%ok_I{WTHTl(SoETUY`6 z&;L7TaX>lv-Q_N~r%Ya!` z4Txoe0Qm%^eB=gmpw6guu-q)EzCbH$AgDgfF^RU!ULLN=I=90;fXN%7Cz=)Sv4~BN zyR)R?wFk!z-Pr@e6o$FEy64;An*_087g!J?Vs+)%*T!kJlDUKOT5auCnnHtxA1-&l z-wMNBzsY{CQU!8viTfjHa4#Iz2K}rseH|p_1znT6EJiDrA|30HUHmM7iVx&E9=T>E zUKYh;M+;9d@-ejl!DHn@cYC6d;COqTf9c?0PKVe-W~-aqw>?6mO`dYBEZh_ZTx~yf z&2BClbYvlLlO(rqz*RoGZ9F9s^oOhLk#AgA>bzQ#dh^_YWN98$x!g zkn%SUk45~chrfdJMWd5jc$8anGE&+|`)oDPLlSfGvcN-D(8Ow#=mceb&b0qnYeRty zKS5b6U705KSVOoe9a{knw#qQ?C%8q?D?08FPf*qA1nByH85YD56#i?LJ|yOyXHl`w zEzaRWvTjU4aIHgAE{QIDE1 zf6KEcqS=oJg9peCMdZ*YYS`ueo_hCk#}piIiFctzm@dj=x{D_#AVb=FZQraJA~2h^ zEEh}z@l4rM{4#E-)Csc|)TR+`+T3I4Iy>y;AkAw9L(t1y;vxBH@gL<=(JCT|B z`Et|AjR|=_mve0>E`H+BMfB=A(xaPebfcZd?8)0ES;CQ@q~ArRX&D=DHU)s6z0-m? z1aBsbQXe5LwX_v$jrdF!mE+n>=vK1lOXZrYP!jEBJujr|DHk*KA?WaZ5H;CH47u;J zRKgW6P=h%c+T8D!w})${(6*;RR=<^I?x#QhW?go2_YCX|t;@S8fhL;Zu+RuafNMej zZCV&k=c2un>+BR$ZbmY{*TKDD_I-`{CPIIg1e3soGYHyKec{b83B?O_p>kyLM(NIn z@X4ms5!@Q?qG-Nmk}AYV2~uZNgPPUvapYv z;dhyYEz^OZqa;v9*{0UrVx#GEbl-v$*h&Na&Qq{jMQa90g!Vpzmg|5x7|0^0D% z;c;b@{QQe;C`lAePx^nCy~nhf?BW37AuMcMALFQbg}D5ur^?z!rpTf+G9D17iTRL8 zR@*7WhIo`Z&;JQ}uLV`>!XGGPnLC?^UG+@UCv8@hyvrxn9Kl`PtqZ2GwytOR1IWe5 zWl&QRCK-A5{&M$jB(|+K&s3=DKo1=ZsMBWRw1@LhP#-%a1T4ssk`sfJ;{2AL>=;*O zl}XGMp+vpBwH_+?g$LG}9ZM5hUrN8p^f$sA4n-14;ILwz&6cc-Ym@kBDJVi{} zH8^wWfFgYw>oN#KFWZ1k{P*o+@?SjWNxJS(3O%DE^SD7VKq*LY9{ms72E~##K z6-erikpiv9BSJIF?)Ym)vn*8N7wFy+vpP1lCshvveESkYY>fcvG|Jvaz?Y>+xol;k zwa0K$OQD`N#rDf#$%hFS`LR=sx&%XDmVxjfrXH1P3j0ud8|>wOg|3jEb-(U@g_%2s ztF2l%9^T^{rjCKEA8mAj_r1=F*m+68!JyIK-d-wf*KcQcxWgh@2_ayVFawqMrBAcm ze>-{Y@@X+w&E-TiOj3dtumE%~^ogc{4GT0jY{%QMFZdaE)Hvq+ztvVf3b*e1v zZ27~Vb$hC_?RzK(w-tx2@0MMTYS!58cVv73FuOc<9i|WRTu+t&+$^@{xL6KEm`YeJ z9!;B)jg+nfVm@MS_b7%0p2EMMEOlv#gnqvM_>C)kAbY8V{4r3dOxT+n-u0i}HH49p z>;5&mcj{rsCv{uO%JYaO3N5yo81 zA1Ud*qtQRqafb*|zfitd#Jw_@=F{hLy0(3;IML5^ea~BeR0dLNFnk8hQ4AgPo+p3R z3II7(oavr3jM&wS%*smLt`b0Y93pe4@?wY6tpRsSY8)9Xu7V6?SC_@EKC7HY_dK;5 z@dG3mHD4#t$u5`PN^TqG9B*Z7^`H&7YAf=ieL_Wr(cmxmKT0b7jvez%!x6g&BB`W{ z(kfL0H|h<@qO|w6qzv`xp1GU1teUD1FKf%?9I^15M58 z^LyTI2@$`iS1vk#cqlZ^+UmPU7jxEGj*huRztfG~zugB04OYEdmf@?3yb?$4S36VrAB3O0KIrUo$6{!D*E{J;6=tstw^s zFVY_Gh)Mg%&iel_KIpF8>+W<;@Kx@_qR}tYoyZXK?WHyEzTNA-)82pM}S2K z5*{)F$|kq}eY1SBnUVQ6j!qD>fkB_ivV7PN0n5wx?QX_Z=)-vhg=I&U!cYOjj*H>Q zhZaP zr$_&j82cDjkFPOOELL-9)|EAZ8A{r~m2ha;RHX$$pazvkQ!Yj?jXFra^iTkFYQ&FXh4Za(?!6 zl7)290s{dl<&-!#fd;AmK4ST8epy()rf+GuY&tdbfI?iZ@z2Pakz;ko$~GmJDAAA1 zAVUV|+#*mzd_C){|M<)K4Rln3%eoV3v2m0k?gB|6jb(u>DmXiwX0*Ue@m+6YM{+e2 z4abfU-+%3Mq{VAT5I5J#B|qC)jAY#PL0IFQdenx+D%zX5jHqy_d+K)u?co{xcbuBP*WHx&s78P%dy-yYf#6 zyMJT%oEv$h=0R^}G9IZ%k5TD4&a7s6#TKXf7NK%0xchu}Ox8CWZVsl~QKDvn(@7he zHZcU1NV~yC{($kUrX_HeRoZ^_YQ>cY&@`va&x+dzC0~KSS z2dF}&QsnJVl0F0th~fvU1cAr28W>FZr+9X(HJb8}Nj@$wz0ViWmRik6A;KGgd{VF> zN0}UTu3%5eBx6_Andd;eQt5;-JVb!E;uzrpK5uN+AQZ^ECTTB4*tgd<*W-`A%x(yL zOlgowFICUFbx%qIOJ8hRlKgmkE5%^73Z83Y#k!E9dyrL6p%phlC;*JIgv|V zuF{eILH=`?7-{N8nNysX2uJmL}1`T-)sv-ZG}}s2Y)Y#qP~vo#1J+ z#f*lv=Ffa9)o1G4;co-^^=S3A1~j{eA35bYZ{WH;y-AXzRN5%kvXMevbY}di3YiR? z&Tw2NgS1Xkb)Q}qOSR)KU2C^AHzRpQHq9ry)pCG(OJd{zjms{R2QpC!vkDpPws$R+ z^I~BwJKogQ+PRRo55cHE+vtzs454k(N5{N_fqkAOjOWBp80`>7uCBOi6espJWHu zeehD$A$vo}UMWqyqV$o1dLEmfg+>`?B&F}$CNEcl@S4(jY4}6p#&FBkL+ox`M~$xJ zR)TBO+g%E5rrXvv`G2~C1brKV%kiDYP3Rt-zFmlyvUXh)DAn`VziwS~8#7n`i5oNF z_(?uf)(*;w^{SCcL*v|?zk&FjYsw|HfRHaFt?#?BPsa|HQ#1IHW%=$^YpO@t0}e*S zz2oE<=M@FX>8g<2pPduH>99Zf1zuc3V<@IuMjI->u$lACo-Xzb;qT;Q2iJrxT$7O4 zT&Ki1L);L!Raz5(OD-Gj8u{l2`KQg7OX=6Y={~T$nz=LIiR+=jzd(!Yy662eMa3NRc~@qxd9S82dI6#5Ur(X%{#>9A z&%LWDGT(mRxxMH~-`%!?j|OU9F+SlaH*T53#NeFpqFkkgs~(|!t8&Le)PO=g_J9Hx z(SqS!hD%OBX{R7{|QFn)@M$4EyOR1>`HUQEQDLM2( z4yg`RIDZ>%&+|U7rZA~0BYI_Wq>M+LIkKWl9#Wsk5r|{Sq}x?C6(0G#0Drr0l?V{Y4k8#uNd{il`c7l3Mo^XM4G^%Xrl{6_) zg3ziuZ7or+yN^u=W5c-1E$rtXQ;wiR57syJsfNSl&QAU>p098w+wg!UV9&Cb`k4+^fOEOwWr@w-f2OFDPvgmlCPGjf1zf zx#ik#jCR-&me>#4GVcQGQAD0Z^)kl|l_J-<4h%Wqc~-UuW;J_V z%R(v=SrV9B7(nG{zF$s%zEOn;@2V%mMHjYOJFyB4pLI(VJ{sTuopKwSq)FzpG%A7? zYB}SL*~o!^FYfUV3^(ANwenm$_5D!a-wXdy-@WN#&-&Q|%4U3Tg8!)RPRQX8_-*H! zL(NCwr~93Jc&QIu(PT8COO1)$D|C&~~%ye>w8C7`{TN?GP6wAr}Q0s#VZSd9=Bx3qgJMIi@`{$0q;$mwhYg&W64fe-@wW~GX zh93ToGsDr~T>gw}FXd%TXP1==ng%r9C8}>XiVaS<2jPpQwiuL&a#hv~5Wwj<;xx;3&>h!5!`Ibma8b$JxiMq%@MGTXWrmE*U-K-ZXn{KH z`_O6o_rrd>h7t^weAl6OJ-1^Zp#W)9EWoeRjWTANTf4ey4DW46OK#^rogk>1H5%RZ zuZ&91-frGj4~0=wA#pZX$EO=~k>F}#rOZw}2aFrM2Q^4?8%eh5uWAt7x2hG64sHGI zH)~i03kzeYI_3@)&sd`80gd^C-70|F%EQhVu!31BsZ`l=sw0G35D;9Dk#ykxXWp#g zH?Y=iNeeGbF@0+duh_gNzF(KTDMFLxEaCF40YJR%4-HBH3R6-W$9|=hSuhG$vOa-| zn4PH{M5jp4q!Y1-?LE3a=#Rk3R@5#s&DoB7Eiu;BU#P=cj^;>?!^6L$@LJ{r?A=Hg zq4rk+qvo9M@_|97GytEjvw#7w2KCl3wI@dM=YHuGAiCYlf1zAo24JKHkBZkN)aD0c z`IeA~z+rS765_oY-+Ut?wZFf$BktU2R~*FQ;o`qG3f|wnRGy%9zGQ?_yu3OeA82vW zX8n3^KR%D`qcy(#N+rGw9Y1^uU-%Q@1w+Md5W~0iIXwMvJA0!yuhBcV8Jzs0+dkO} zpX@(fu(9ygE58YRq!+i;&G|1gZbn_}VxSwB1GsncvQ-e*Vgw%9Y5`RZgPvz~f)OzT z#uM0s2BkePa*DmXHa4yX!I9@-#y{K^1j%3!;{8b#6#;&^6QX~E-l&@m8g;KM2J4QG zou!o+B8}9QLNGfN+>s!Qq|yRBLq{RZ(IQNGh?x;?T|{qg3fyDFY-96s;x(+~B2dpU z9l0h(YAC`j%|OaIp0W5Qd6vGj_|PNrTQ2posEVc;t*PLP%^%9fhT2>xiYgNvV6@bmU<;No#^-o7?l?hO?8Wq&TmOZXbXaMPg8?m5i3a`m;q zch_hl{Muot0jbh>icL0r&sngUip1Q1f>(4Q(&ZO8sunOI17%te{?`z3V!UROH-^f{ zlC5jOf8aLrt)FJp3XZfRPN^R>Y!h9usdC(>Vf`d9f|KNDv(?RAn|uKf8Ll38w*xTb zs`i~QuYS=W#jTHGrP-SS)l)9V%$D_3zrbW$ef0b&3_W7Cocp1& z@BUSR(MfwS_|VJfthO^xOtLDa630I%XVnaj5XF3%144PCU z6X0HV1^k$fcmQW>p1WVuM3n^FvUi}@Msyhe=WFZi7C!;s$F0LpzVGMzGLQ9jTiWe+ z@p<(1a=*1T7{>4GcenX^TABO0WzQeM)BUg4*XxDE>(O~y?CI(2wiidTBT@uiO4lFN z;(^zCh2yZB?^RxZ!~7=agMuqp>>z>eGWaTJ=lkw7{IA4tNF_c9SZXfz$N?MXE2Q=Q z4K%b7_Mv6GuXY@)2Yf@YWdcK-$uKBTTU=Z#D&io^CL5hr<>;2mYWsav41Ra zR!?FWr}((@B{fLCTT0zaoS+-{k>1)DFwJ1=QR(=|O~K-x{upN3t~CyVd+cG*pKvO} z;?tvpNwCe!1Bqt!PRTuQdFcwg^3^}I@K(!>Ozp!a9&8^-tga2%{$vz&W)@C~ANJn0 zi=WD3{aXIzej4eDa;qY(D&f}e6+FDGSzDXwmrwD(<2UX`3oXHn=>u6$I6Wg|J+qP}nwrv{| zzOii^lVoC_{OkMb)Hz-IqHACDO;>f-{;jp1C5s}EWei?3!&?T{dfqDU`9`;&9G5`3qyhjU6SR}uKD<{{IP`ZG;3sdd#TR(Ad!e&>}JKjeOtLN^eX zNq3=S_*BAYtinp&N6q=w*s(hJ`M(h45SV{KWi+0GslKia*v??eW)D>RCU35{9DEH5MwzP?u1_x%4+$FRMB63v?b zM;5jAUwHg0YHcYBmRCRBxkJ({O>K0#sdTO+kR2@87ZlRUmTny;S(iJ_%BWQ-nnaa+2UkQbdX*bPE(YEGIy9pKw-fldYpR2i-UNB&8U zb-88jC{a0O8DM5+imcrNyj$c!;+-aBD@>PLm90DaONJ6<%2y`f(Rz9(I`8Q;T5d`N z6Q@*ABm1w>=u1?)7$jR6nucWj7&vvP)27B!0;y6R*?&>0^Pxz>TJLviY@D-2v*y@h ziF%@!Sv|unGc)Y9VsKj+mrwLDj-{%`axXT#_t&iwq^u$ssjn|l9Oj0}>QK91(eYW& z=~}Tj@_OFbB2@E4bwsp0;#1q|KMTM`+y5tzzPokXf4{u95&8@J{tZ)D6lH;Nkbzc? zO^FHO_u#>3uH!*0+8gK7qlC5*=^R5kn5ds3U<{$-;hJVGW=$QcnpyJueUn_Vzmvq` z(#PjE*zcP(4BLAv>cvyt(pR$saeyvXoAdE?-Jce`Aup}@bcW2E~aXipL1 zVZX4bjQl@JfO~mvZWe=>AYDFpCGdCZhUKlH-bpTjzaq3G)U6 za$IxPb-8(mRN{Q^!YI(FF?Dn@sS*5uZF6ACn@uUXoi-8Yt)c9?khjnZDFoz9rjkyh zMF+F<+o%LVmaSB+$WIOpbW7~A`mlt_8lx=0tE<}KjA25P8MmE^}lB-p(U5x~4uhX18 zLw%SmM`c-i;-)_zy3~3@WT~?ia}^baCvYd}8icNEg!GRJk2COS3(sIdn#xg@)%6b2 z&ljOq1Z+C7py}~V910tuO>MQPFmD~1)t#~_9q}UckA@Kb@in;COD-R1evRKa> zv~|7DOS5l6u-4d#?i7>s$oDBHzN*qx_ao-Q(AetNx4K@}WydG`rj0?b35H*-+aSJF3CKxR>|rBtt?z)6~I08Dgl=N09h)Uu%p_ zaz+EUYm~BLZm1N-|5({!Fw;M*?2TP}c89XjKtFQvSE^?1wH!w5)gE#cH{w_%R2XDY zPVIR0DCh^T&}&vjh5BMso5b4)x8D)wZ5fBq6vJ52h%R&C;uxKII^ESvE#@Z{L&jDr zPFBk}JC*Ak_SZuGH~gNhlTOFdCei`LW{#~xKd|liYG>l+#>k_?>0lxmB;gQE8@2>m z&v8*75x2Q=-^3#<*{giP49?fPQ;0RjXj=Q*$#{J6kjRV}JG(z?es8`uYJLB)wl{+y zCmi<}pil=rH9Q*<77CkVifHiYEwfx6{y*V<;v3)p^=eXFpU3O%>h?VS2g5C&=jZtH zlKGm6y8{90RBHJI*dOs#g?Q$E&EOp}H~GLLvKdiC&;ACgxIQ~M0oHZs2E;+?-hy1& z`n;;Mp8VUpm16{k=Bm$e;fA-(!y?@l8EWiDi#1~@>BIb-jPKyee% zo9g@8@V8yAy=@pi{(qyw4H{bLiW+``j{qc20kIC^7K2HwANbEkzWUQMQl}T{$D%CE zmROatc00a^qnlXRF4MjHG7^*rQcj(!vs1<}!@iXNuG$5wdY20a`?aYK7zWegz#ShE zi*Csa%72=@rZLP(M0|-NKhMx1gq~>-xHzc~52S<-VKNWepY9~Q)+!Fone5GH%Bj5Q z9s2LM$t&OUZZzJih4pr*-0%XT<4TbaYXMW%Y9~#K;~lLQDO8Ff(xjOn`z}bKV?36j zXL8o`fDt=&Iy_S3LHjNV2TX3Qu$vAz>R1^~B7jcq!ZAE5b;?%T3)C|}UTmQ=6@P0x zK}S01(=O2wN`m;S(*_gc6I6Aq^;h%=wTF@$lnmxI z#1SZA#9hI@6J{xM;kf*2z?`Cvky5*`--ugc_HPU=QyDa*nafCk^kPN+4E@r^+bnTl{U#T z3#Kj|qM-KHvd**&-pCD*1PVAM&JxAYVNOthI05=)L^!A&yZFNY(Q4Oza?;^c8nRdx zI(d>aAmI2b_gFhIUny zs}r478CaOf7zIXQ2%<+FU?nc2GT2EaxUPED=2Fw$Q8sDForcCQx9#8 zAUnw#P)ZI5Rhz_L?PEdOCIhrhd+3@D(KH&`Cebtz7)7*A1h4Kw=pRFcO1^FuPBYQh zPYTCh4$dooHND&UT4_xl?~1p*=5|scY_s)8KD+6XYA+8~TpcgFI8w%HFO9Al+UugN ztxry#oJOpY3e(t`(}Y4Vzs+y-+Yj3sMHM@~{rsSPX0V0b+BH;@Ov&fh)_c(;9b0U4 z+oaq^E?nATi4;{eh=AFErK(DNzw#kC>D}^iyN zFilAp3U$}dP^SnvLht+EXiZ^nt&4xiNENOt;OXQh^kSegkzFPADP75QRs`Qywx3tV zRov4u9%?WFDMx?*Wc4*O20lu+@*^Al$+R`8$I1ksxNYJBx$%#ioeit+L?X^mDRjsa z3mM0)j-A7g+Yt=G%0(uGC}T~E$anXrxiG8{($3>9t0zOoW$HsD4TS6{cd zAt1`b9m*M4$mz~v$AKR`?~}?8H5~K+`6TX^YEAnHKOCNRp`~BRFYqRY&UBEANjT&4 zxVwlEmoavdm|kRyY+V2t+vqAmsArLgb!8mz;d99ig3ncjLEz z%&GI{x4A?cw; zH7iARd8WA8@YpHi7@qIm{aO9SMPL#GL$^@uk(qe{0s<_4R59s%NWeab=~*!=gc|0Z zBlo*67}6cl;88!_w0MD9TYmSjevc9Aax6b;byaiE`8T(X=7^IY2#viJv_@-u9YWyXCF{I110ej)N>KU zNU+!g2847E2S*U!z`bu}#Uf z5St@vb(i_xPLr(Wcy3C~FSpN-)v_==!1g98Nx%C*+eggC6j zP!r=(oP<5ICOHH^m`8uO>!MLt7qNHEVy*glSV?ilRvxh?KRtKm7onI{LPOcPrxYV! ztRW*GOdhH0^%vO z@T0bT9gDyEo2rr=&NOKBu-JIpSbKiqXa~(YixI|rYDAfbI&;=Baa?R-QBa(VG%<~y zgmUdb092wC$UQM2%K92BF;mKh*a5G*G>C$XV-GCOJQU9%c!qms$|##K-0MJ${w<6C z4lU1DjmujBGm?|r(`FkCO2bp)aeR0iqP$0DsKTSoCPnRSD09Tk6zRm;buTrb5a}-kq9OrKYbXf7FRY^e~5#xO?po&RC$ruMo`T5)C zXX&(3w$;Q9ZQfHClZo`Af1?}&NQoql%vIdyxc%zXjO_6~{5UaD&;uk@^2LS^#R!eD z0T0A~AYbQ}uBresEpB?@p1li8GSMq#%pjh|;)@}rit5jJT!*xiMlia_xH-)YocF-Zp`l*09W5H5%YduC~T!eMj?ZQ`~y*+#yw zqX#Huv{1}eWY27-WW1rG@d>jP@xm!gRJpgwfX+@R&5AL%FvfVj4(*~n8Dl6WxmU{Iq ziqjYZ0_g;rGZpMrkEN_*Hc7@O{!8DoE`Sl>(MgfhPZ5W`5s9P!RV$u!{%Seyy`-X6QZ7*X~IT z9>*8_U@3HROuVIpP+D{`_+6x%A0w$rL2p#{$xpQx!; zlrzXxe~{AqaI$}a+f}D#?WG!kt(&s!Yd)JV8<9G18GddP@ua!zP`;?a+@%NttGej;}77O{P3c zaQdc?(EEitYI~Bo51VHmZ8Z#dPW>g%abu7Qog5bUYG9DLQIe7T&j7}`4((-7cTsA{ zV~60MBTegZAVFkNBv*on9f|5w=pO9b?6j0j0?r=&7|C*?JXrpOc8-PpJy0lz>DN|< zFwYV8gFZwHktTJh6cu{_NYPLVqM5e983%6-Uyc&Yo!`0Zwqt9k6 za|{^_G0==50EHSGoH^P222Ap5^zUNbF6XJ{NT;}D`8QtaH4k?*onuGID`c9EzWJ3L zB;%;3%n9RQ6Sb6OZ@1x}tGubtH>J*Q)_tHz2imKfX15`nN1=t)r<8Q&|i zPmAf~FYy+JWf@x6KOeKeI=Mc12?Mn=@_Ys&@ccq5wUG2N3j-%+%Sy(r>MTY0xv}&0 zImav6Mgd>Z<^5N(m2d+i$ssRH?YB8J3S+OWtf7jgf7EsEM1_cRXyzJeEkF_1M-qpV zX-NOolfg&q5k}N8i+$c+M_vfcvo8b0Kdenx!&M}XJPo>Uw^vqX`(XVR*%r8b0Es3L}fgepIsd_92YHB(poX^YC zCETZNP;iX&|9Eu^5Nz>~Ts(e4Xte1OL~Kxba+UVB;l_B707A+)6Ra|+rDdmP^1FBS ztQ6dXgf|_yq0{*gCRbAK?>o+s^X;YSMea30s z4D{Q+$|e>=DCrCc)sAG12_4#C=t>!jF2;>#Olu|8x%#X|++pfmuL8}mVS&nub6{`(@$J($jR5J3eR^d_0DJuD@ z$Oz#Rl-I>!2A`-7qthlQ>vFo_%v`tRgo)Q~b<1oqN9s}QjA`F+>05)sJS!TtAZ7P2 zoPSl9g{!pd_vzU|US_@{`kBJ6x66>6UM*f?Wf;ci=OazQH@UguDW+EkT=eF)fd|-S zJE&z>_i`lgj^*0|oC2a1!b2CW3UD2n->bfkA=@2;rgyk?#*ZFhvPWDEcW{rd1!{sO zqY;Jc1}3BdP*lU|3n>E4`I~3tzJyEs@7qRcnzAiD89X@8&;i{Iu9peR8tU1%2@RBR z!*9h*USL2GmoA}|@w+|LiK;kDOCEz4$pa&#LllGGwQFG4MYW971w!`-4jgC=W~bQ$ z7PH>otUF@e#kuyq#59fa86QLmW|=TF{e|M4uyF4>QT2RR+ zV+CkYBT&5qO#H)BcgwOU=^9k(?Yik$Wv*6-LdQ;R8C!dk*Ci*nzA>I`VZc_o1+MP& zby}2hMn??30?jPR2wC91_>m1uF-Mgf`@zZ+9!xKMrG%I}_Lj3xwSiwfv3uQW&X+=% zI;TF^`*Rr!k%5fu+9u1ieJ3vy+@RAPTsFcl#59UPd{qgxCINBwkj=>A%L%p~n^6L| zE9s7r4pg07rL9NG-l4=is_e4mx)H*Vj(~pN1$av#A3Vw?i}1zX4TPbVhg8RDuiNg} zM5%2eKu(Np@ePTrE;y5Ea)ue1f0IC|i1efI1z1HhRvKouxBZ1LiX&C+Ir>5}_lK`T z7{bWm^C>ufI*LyP)bqiYA9>EM@PNdOC9=+*2%X$UC>v)_%nJfo<7D7-)tV;fd|)b= zrbwu6*drq0*cH*JA+6A2x&rm&B)~^Gk6=UCbA2{knjc{}!lXq>ryS?&5Mj*UWjE<< zC!xz;+}c!W7?+$xLrhD- zRyl}(#0I3?mxaUR)ig8XKr%|WQc`zpCNmi_ocJ>)D{ZGwK8#|nH5#$US03aRuAt6N zahF|UHcXvnAN_!mhv>o6SP56>(n?=E-4ZPhovy!pp}8*_s|9$WRED8mT7Pm>2a!4p zFKPmdEp@|ZRRK)j5WhEIX!M1cQYlR38gPQk0t%Rkkit5~2rDgTL-?3?<>_2RuBH;1 zav6S7u4`a<8*H}H0&cY0G7u_3y!J9aFu%`1p=ypTh)jOD$g$75tQ5^VZx(`#@m_Ig z3+A8B)(@Kh7UW5baZ_bJcweDM+a-)#&tzo)WUqaJ5`l(9{ml;_k=2gHEh-b75mJCx6QJ%b!E@x^E-Z zsmXoes8)NrTpbQ*ih)@oRJ*i@AK~A_^qQ%-C(uq##>cpB-;{n<1L<5!?I9Qge;nXf7B4bMZ8Efka(lUQ+PKG05vcPM};F^2N9ZIXz%cvC;~C z6erO`jwoqQq23K}m>7+hNS8Jjb^%OF3ACt=;azkj%!hwzomaRmzw3k_E+xu258yn2lTd;$~o*_4ubgiID89j@T@0VFk9dmS~9{AE*^oQ9CoBC}RP zZ*f?lDnv$$#cgNnX3Lfq%nJaI|KD)4>ebG>@TJ>wGA>J^7VFQ-R<>4-igP1 zdaBw*@O5<1V&x-{TC2C%wtcR&eVG-MnU#)N8CMbGwz7<{l!{Yi_jGD97e8}hi;{Lh z$0&SxO0AskOu$BECGxTQ;3zhU7?cjmDa0@s9E8ogqUP=G&C{j0G^9Ii84V@;CN}pY zHsbNbK3r8{7s=860+%hb>lFG7JbU43rzXZjoJ?ivZ%Z^OblTmModTmi1sZh$uF34C z1js_w8*nrX@UP!tPQFKOqIjLf4V)9ZLSVJ75vNM#|0Yd}91K?+LMPn3CF-ZGQEFk8 zrge04F1&}Yb>_o@az*SX0@9*yQyV3Eo$OW2chN@Y=&6;fO@ z2u#^=h#t*yhP!yWopStrCtBuYBNhL`ZN>_8(JDyW74yqFI$t(vyRqp=WW`C+2h3Z+ zyz$j*Hm3v>eXc5${|f$~WI}o8A|*tsUc%vka4hM(i!eyU)(yx`Mb>5Zo1BZe7oew# zcz&py5Wb)nn8Y+QedyTM6`Q0hO@w`nGw1Z270`lC!R4Iyalgjj>5P( zcLFSCPbqy9^Kq3VFk>4B^0!o!@3N@ShjD zv3%TBV1miwq*FOooYd}YY^{VV+YDnOr&3^Gt9Ygz+C_FxJ6D2c*m`J?QJ-qAd`3ES z@sc`#w*md0<;0te_GGT@OfdR7eLC-(z^r;7cdB9ADGBUgJ2D1zz%IxdQC8N$iPek;;17e26tVitL{4R$no9F z#QY#umO4a6kNqm-k}7L0FdOeo)>5Q{xrOw%N$!mm^(9ciicUK+WWvcWYhhr$K+DUN z7Z`q)Jbc9Nj-bc{n_X}gGDbB_G`fFl(4k@`l#BZX<-PDvq`icC0w`nt-I!T;y*}7@ zDGyCsUqhUIk0k6_TJ(UntHFEW4aoIlST}0{eUnCO!xc!EWR8KzevO!owJMqm>i(bd z--^r&HC0suS1>Wyq4gt~9s{Cq4eLf0Z7-72fnE|Oudiac-bwoi#&6az znO9(P+!{QG*z>oF&wB5Tu7199r=;R3)ypt20teh z`|ptlzTr!l^~mSv?PX+bH^e*0IM=y5e8yrb@b#>F7Coo8UAGdFJ9%yBcVy@ZP@K37lPebD9l%p_7T4E-EiJ6W1 zGGqI2ulWWkM39rTxVpaofu+_pZ7KR7?6$csKCpNUtE_i!W+p_wxgx$FMF{~qnL=0$ zC@7!CaVQvlM}?c~Ln@ZpUYWytdpM6I8nwbk>@McX;F@d9!G6<7!jfmw8xx*^#PzZq z#%PcrLjw0v#VBBxCEZaXgfVHet7QGmyBFaS*%0Pf5RWOaNeknsto;~<-rF-GG`b4r zpNcJAlc(w18`NITOorUNj~EU4t&`K^&q&up*ZrYZo_@|%pf>_omPJkqGl5&xug{rQ zmC?rzHIFBU1NAa5=dt}st#An7%f=E%whtJr+ zsX%*@=_TV9ZjWigp`x~|#nmMQgMzStM?Q0LFqVw;EQK7*XyLTz8Y?x;;e{tkN$l9@ z?C1?~C}1nWf#PgxD3ZVYf(b0BF~f^NqpbID@m{rzMvLl@yh;YOzy&%5bxK>O2tju! z8^UCOrEP2!lR8jGn5~}5k%1aPk&RXJtjXXYO?yTgW2u#Sv5 zozh+10?j$Y=(uPER%7OT)szDzmPBh*FeIS0EihoJh(ajGn;>I`FcB21AelmnG%v*D zhg2jd%s#a~kj)4NKVf8{N^g99kmFh0X+1ubDxm1w=bk&RdLuL{4>~k*6xO8qnc8qz zhjL$Xqd-73P&IVs7H!jRYSE2LiMiaPc6jY?ZnZ(Q4k!a=a?J+2Ky8D{KZ9A)dXf}! zP%x%cfaVPYwZ#T%B(uq(n%v{iqAuL5rqgadU(%|Jk)VEQRvwlc6Ttm^I+u5>*7^D> zheDgH%uDZodf#28*Sm_9dhSc-uK%;M^^JG-`Uv4D{3%wm2W98a}#w@*L|Q7J_KaBQ(gZJyUCk%-^V^d5iG344DbrM zIGoh{0ZCPBLO48poQ;iL?Cu4tM*H^3zKx2kF$|}xFvg1hk`^2h7n=EXS7!xnyua=P z_EBNJ4a1))`8n*s-?+G~x}MoSd>eL2tk%lP6R-u}+Y73p`ukh}PkmL-OOO=Ak?VOA z=#|1uhYI3fGKnfb$;;a$Bn|L$p)9LOJX_+4CdZ#ofH2~C|5`Sddu~~^DM|?k^Lr~e z*fHmcDIrr`=ivp0Pu6sQL66mT^=4D7#_n1^wdr8*`#Iagd`N{QD4n^|{19XTjcoP; z*1tKNrrU>gY-1~#ESk`kaGQHnMSNL4%V(gPabW!d@O7YmOA7ZZvmQnXt9ELQY)94Q ziV4ul3~Qf7d>Do2iIlVk8sJD}2>k&54@2L4KW`Y@ z6SNg&!m|3OKC=k=ZiSO|abX8A^5)E&ic>^&;zJ45@xQbJj+OQiOiUeiCg(kwjwIFs(F0kPmfR2-hlou1 z5tbrCxfu_Gt0C{2<7YV4#PFS9^VmP>p!Ch8$tgAiw0x$RMkj2pQHn`*C>RKeN zRI3gm-$Lb6*D<`$4c;{hlk^fYKJt-mO0c|ID`a(3T9&b*|2x5{gczo3HD!Gjt^;wO zJKO9?)Hkq>hvc%KOw5kngF&t2Lf1z`Xlsv5PwGygE`(>Sh{R{mL8uezfmsrTFdT*E zvoq4sm75$YaEcz-TpM}Yh-`izcnr!X)LPljZUerY`hycn$+h8)prx&k@C6Qco(FMr zt|}fYi3Co3dFIgyQm{c})s(aEv^1IHi!LIn{U&Rbb;RZ+X`(SlLPS($DCNyI=9-v*M6 zd!Yqw;mVLo!Ugj!@jBdya{UR%dzU+~GFM;S1uS~FY$@WBUm7;|Il$m1F7s-H)9g2IC65DIFv;C$S^1#S~r zSTY6cPoR*T@#sXSFE3UFY*;)xTNmysA-5t6?LS9S(ZuoI5_gICQbSA^aOV0@To-4O zO08$eV+ldP`b<^9jl~@?5hPygENeXc?@&^mCAJvZR-Aarwp7}?AoVl)3mB|vy}R}V z@dYP3{+LZeWtQkqg=~r#_LV_#nz6I&BSw`7Be%IKQ0bq-!2X=M0-BPwT7U>pg3(w; z*hG*sB<0Zw5(6M%3V3~>Yb}weT3%f?=jwG#TH|?KILcv#1AUdr{qIpd$1Hyysd!ZA zez^J(M#4}l)HxAez8nEXd%K&FZa+22pY6#h1RR`lx5DZd)haTxgN1i zH1J&34~Cx$$C@McpEd;xi{fm~LYc{m1IRo(OeURdqA+#`S0`DhA1(G&X$(EGUpt4* zoDD|V*WvPVsPaY<>!X(8r|!Da=*Ej?toSAYw_EIQa|EAhF->N^;Kt5J%#s6L%jWR{}8f0dZ$-wRmmhvPvl-C&CvR9MvFBcxfBA#xsE*_Vp^e-@U8-+709Bho0n z6DnJU8~VT|n}$FW)YnC(MgoG6^fzuZW|~++w6#*x8w^9a+O*Kct2&CW?(E}>4#r!L z%93IgPooQThSM~s#eQX)Z_Kr5$6FfHv7$N!Th%rpSq*a0(lvhw^OosiEK}P9d2%wq z)5$vruOt)K_R53~mcCh7A_Oa@mynUz(kkgDRkkh3j-`-^Eo1N8qeTf|fXcS>+%y>Wax-u>2l7?{@ zpei3E2kCMQV~}t#(4(FGn51m28L+C)w(N8!CuQeG{yPQ0={qNL46W@2aMl@Bv?oe@ zat;n^U0e*KBAK~Jh2UnaND%q$e3}AffjNa2Ycw{vSmkWR#J1`>R>i_7s;x2+VFGv< zf>)m5BkKd904Gw&3)W5Xc~oY@=WpzQYCo^2Jj>qz<;VNVzYNS_?)Cznqg+SELgvgM zf-|RFSiL@Vb{`45^ORFEQ#CngR0v0>+xmG$<^WH^+(vKp(ezTG>ATKp^d%*HK@aya8y0sW=vNw=4|=q{x2!f00dhBTB) zW;zS_YVotKVQOlZXQ>>rx!aSd7J#Tk_y~ogyD~(t==+7H)T45O;zq%sIy@;r5(14ceuhz)BhKd7Hm11jJV( zx&u3S2p)d=Nbjf8opYZOhR%b?8|!FAErbPbV>+UAK7@qqJ&rDF#2iAMpbd$F49d%& zE5OZ;*}cPwPk|P3UztTIWPf?bf<Pw1Cd=qbRYE@_!+@R;0=ZFL_HU&IOZjOY@Lr!E2^E{TcM zjaT8IXQ|R}q8uH9&vi$9EyFkj%FTUgTFXzZuKQ0R@(m}puG4{+>2A`Qpu24MOy|dJ z_a|6~P3H8MwGFx;44Y<}Ha(BS!kfkl+y#QUz>a^C$&0!}cjfX+bh;bb%5^`iQ^RxN zHkz4#%m~agsKB#4$7WU7w@jceHT6SA_`JQOLS;tJ=WJe54R80AFfpYqYGl&mq8T$5 zt1>fNO`dNIkfQ}<2V-Bd&1l%M%dOZciB`8!vW6mjx|Wpp4zPgdvia0NhlyZ1wv!s2 z9U^)UDUNY{g&M zRB_6*qglKum&#i!c^7b82n`gPmM9(KhSTOlpn1P_dPkDBRusVN3*^pdJW76rrt_pu zV;pI+e`RgOX?ZPs!f9pG* zgbt!}>vJ!#_S$cW2~zeC6%@Q^xwgcPLs~5&EQMM-azHI=xB|tY$UN$8uyN&<02r8c zgK1FNcFEXgkcpYPLp!tSxQALv(MXy~k$>e_utIef3$b}-Up@p&duP0}Nc=(Q)MqY+ z4=7M`6_#h@m^;T?suEaDFF6P6Kv zoU4<> ze`U0tmt=M!5|cFSV}e8|0mp{G;P8URMyiB6G72^78vkyi;jVC{V76^8;@~?2Tyr#k zOGpfx`q{zFCH`p?4%E{;><0a{Zr*BRLt5e%w*{f?y?8qg2yA=2mK#D@ayF}u?HS3Legv6`err695Xm@dOUow2LrW_#6x;LM|EYIvdT zv@(WQTSdS`nyBp}3U&oGv|~)SB{+5axwXKJz*LgP!EE3@E)O+yyP$kAt9=F$_dG%n zSDWBrTb0JXIL~~yRR_s}&_`|njd%nsC7m);##&a?Md_3*P*&U5RT%I_U+i>Xx{y2Zk8Sj z4xOn_d`~wbbhJbNk!IrNY-5Vtls%L*hcm9;{kj8{p9+95?Ks@w}L-LD4NB!KizB^vIS3(8|@CJ((G zHme-TEP+HiJfGdB!qG~V88%{=1r<`>qiRv~h=JW;c`^1@ND%!YojNQu>_NXs^GoBd zdKKV|BibFL4T3n0MO749gQh-%hMOi6yOZxsCt-G2DC$XyPwb!s**^_fgq^1#0tO_7!1S7jv=o9fzloYwX{+fs(4%eKlN8vX)3J;--&qpm{=w0w zgcKb1L#KP7TL63S#@`su+%~A@q{|8@s}%jKR_9) z{CmVWiAve(;sgkV?W_bi+!&si-TTs+DF5| zIQ)L3?stONVsx7*@T^osa|A}jyI)p^B0V*&>>`6s22IpiNb5fmt2-fw4uBWvI45un z;fUba=sr^=<}x69nofCyB0E?6FQ|`u_gYPRELvheyBc`4zCeUu2Y1!q9uf7)_1}gR zhl53(AjqbaP>Ahbx!jrDZr0eCPI&bbC7(cFRV!{|n6(CxiE&ot06>lF9G6Bsp821F zM@T5xx+k+8z#mm*YF3$j3Aj~EJxu0u7O2`vls9|Vs|**>%A<4<3FgaG%1b9GIxbrw z@Uy5{7UBfS4Vv&eD=Y+iKs#1EhuC+jmQ219WO91P-_h!Ok=zk_-zj}9S-mFB`k68y zi;agv*Mpp=*0I4)mGq*Sx7WKglTPIxi&@g?fx7U7aI(4A<+j)^ADmx^=x9Xud}Epw zZBEzW;IF}_b$7%$v3;N@PTObQlkL7&JvQrIhLj6y?hbN!Iu3+F5#J~C zauw@;=I-l{hKkAWoK};cS1ohYkImU#h%|%no*7~^mvXx91bXP$0u7}R5NXN_8s1rb z6*P2yUX7&+NB3;(lhr>>MVOLJp8bd)U1jc#%lvRQh0(Gds=OUnrgzrwBR z4o6%R=;C_@xg|_0j$>rF_w&lQJ~~)y7$>1LAx1=?T^NXEs+N1ThD(-(>lBOD4&yZ3 zuUFJ~_;Yk(xXpZX&|Hl6w6-(-u1)G$gOu368Yv!RtWpl0l&@vYSicF%t+rK{M z;2%N5-bUCX%TligTD9M5BAt|7l$%GZXrNS!vx{|o2zQs+qr{>Qp&$C=*fz1eG^1LN z23l3242_@2pzo>VV|;H6`4GbpAt#9S_Ocp33js(;M|Ak*+d~FLye}|S+~>D7<0ocx z@`XyG)K_MN_(@GliB%ELBZ!Zc7~IFk0m5fuQ%Hk+rp?C_rqZYax&47PDz zIS!oqXHiU;PndgvOG6(s0k|a?QQ)JlZJj8?!U?+k{_Ok4Z|SzmpiE}3pV`ECj1W={ zTF&^AlIzpQ)9BKJ(hB;5z5~eht%`A}W@yUd{Zh3mqHC6|BYH;YI37LUSNXU}VYdv4 zLh11^mnNP?WPL>b{ly^m9kd!E>v<6TH8+CFj$|pz;95WqQ-P)gP^n8RS;KnyB}s9E z0y2#Cr!JTW48qkBy73FVdne~#h+tD-d7?*G?3e+YfV{g{u|!RZ@<_b$G!U6=q05Ds zUPTZOX0vCw(Wle0#!(HWZIfEjYDo75<0NI-{tNo(sqaDVR|49~xf_~xCC30ssIP1@7C-l>zCYK9EN zIvJ?i`vDc#CsBW!Rm>MeD4OB*MNYWRkTDV}&s1STT=a`|7 zb(qp{%76X^h4a#)gK^l zN3B-Q2kY1OJ@CEyB)44KN94fhY&=Mrw!#(7$S_Ix}*7hDLc z*b=jgjRbukZJm#|w$auViDI7MWU(~>S1y_mfljHPaKWc?kg;&av|;FsNAa&Wl-!~z z!C=~>oqq*!fDNFCp z$Gt9?Z{4z`1=ax@bP;quR=|~%%>>Zh;;r)@cTL48sH;qG&i?7RP{SE?nV$z91lai7 zQeYp$jp*CFmQom*D;TC{GL=(&X9T=_ipu?Fw(lT1P<`_$l6J*lUpyNI$#X-7 zCj?=s6a1r{`{Jio{F=Z>p0zF>8VR4L1|U2eS^cYQWbmP$TV8^?uSVQOZ()L#ACyos zLqT<&(TM4+;i@5hrs9C|Q+#*U5Vx%|wjZ(zrSVnIV*$B^yjvO&gvEmS^Mo^=3PgD( z!LMOWQ+(GO>ZW`Z=nlZue)r~>1)0P{mC?9jI3J(}Hq!exnk>}Gln^Ymyb1nnTu>ep zX5=X`Ng^si*-}}+Z+5=j^>%hgqfy%e!eAqOx3=Z8J$A338sI&b?}Twlr;Ag3_fC-H zCoKJWo8xC`F>7m=o$m|Fif&CIoM%f0ssMXzfR3?0*JZS{CY{a01^RY`CJRY~P8jrJ z*PBpjFhT1lZNZ&ag_5uKoRT#w{Pj0GyDvxH?&#aEcV6x`E-}^997Oo;Ln=t}!AxRp zOKt|xz2bVn_gwR{+_LxHW);-3O4{Fb@5#Eos z#We1zODqmVe?s}DRIL;II1G{0#S21W!!Ff;es|=(+?DJ`F>437DkQDM|G0 z;F;FcqliR2`}90J%wkoJt3@23G5m{)6{ygmry(WYl-wd;vngB~)gp2y6EI8BR%HSu zB*Zp@s20T8xLBr}nr*%J&B)u^`F8KcXs-hgH~`_pI`_8exX)mfU79mkf&}fpe;xc5N_gDxR z?z&cD>5X{Vx(y$11=h;Ke-7x6d4%tL&iZn8XQgVbCtEdqQjyIt2cCAqTc8=eAq*^5 z3Ao@{YIVR+8Y?OZ;_1vJBa_c)&p3V1#yG(dQ3qi$0F-X^+3xdaR{@JWXxek>4X;sqvQzvN_gar>v6>k49 zbor-M=<-jkbor6M|GOs2C-KeR$;DglgvkCO$uI=leU$Gf8o zBojQHQeP+eg?Jr6C{mm+e|_-1cF z;}0;q4{CNFAhBRGp7e?3uHk(~=xlE2&TC(5o_Cg8vf3ufn@HoCbG#BJ6KaK>CTNUV zf`iKouR_7RMs$8{Z?Q7Sz~fx^9mIy4dK39hqKTu}!)GoI!g{mcb972Fs zxPQ=yfI~(S&oLu`d+&jbmXHWjW|!%Qld}&$9h_W!*fkz0nXTy-1P4phmB6U4^l403 zohbIDSILH3Sxo82AEuOjFnM>^sc!1Azt*&RZwQHTNN>nR!Y92IO=nH@8&yr$wj7Fe zLB%a8o>d^8%59V~Nkd2sM0^MdR!VB1j>?2zlR6`|9dD;WWL{XSYzQCp5Z1R~JtXJ# zn*DpMS6fiR?$uJY%R#HvcEQpZ6c&~TVQ2kp^gWQ9=dYdIg4GpzG4l3a>~_<~;xeg? zwLUQ@^xwTuFYYY@HLyO#cjEgguQiA#e^7QqfDsGbw7I2rKrl8NUrl zFw-XO)=Sd11=%?%VbX|asIdL26$j%-66kPgt|h>P%qT-a!sA#q(PEXMnA=YIONJd0 zzWX2+>@#Xf*2CNCCBC}-J_QZaD)^CAF3SmV=%9w$M7NkqBO4HCPC~e@Y6U+MG)hB> z8R4l27afaCBjP!Y=}>ri$i;vNneYW5R)B7C0-{Ep4S_Y7bc{wLZ)b0r<(Ib~CVJxQ zqu_fzSO1$e=*Y|pUfo`jR4h-!O}$L=Ai36dsXr3Zg>?tlNTXXPVBe#WQJ-4~k z6iVBXRTEy@KKS}EIGHmdr!!rzHOCx3T zMq@-e$6}6j4nr%kW77}5t&Acbq#@C}$mfZU8cT$#LB+g$x-MX&setAt-8$yVQ|IW z&#D+mX|(lwb<4ik8GXI$?Tq%mdHMD73%pi=x*kK1Jq%;M*Ye&(r}*v^$A>&+eQ*Bn zPn|lQi)bt~A{;9?W7mc)!a6-!4&j>!i~%DYfACf74f}B9?Y`RG+1u-OBU=Idy6Jv< z>wa9sO*Fp6inAu7FU@>^npbg?`pjkt5eg3Q!B8~A$x{aA{=mVT)c`f_0R2d3bCOu- z0>^J{d`nGkqmbX`MFV0=f%YQ;MBv)9v6suAyWk?5&^qO3-RpPXwR=AmhuEK!3k9Y$ z>B|DXKP^`*Z6V_)s4nLw;WpR<*f%-jct(!MG{FtxfTBmvRa0eW)oo}HXE}}T5S)qgod{uEa+>P%D8{~xM+0Reo)9!o zX9RY59-G_sr_l!gxkpX@JNK!%y}cb6OI4oCh5`47a~Xw09m{G6NkzR`N&_;Cq9H&? z^$NBiUpZgB>=Pg#49{eF7}WdOwD}im$Kr;M0hu&wB>K?hKbsOg!u#_s$mv*A!WpqoQJ~8KN_eEtC-P#YP3;# zwJ$o>XzNsg*mEM#K`j&d&kb$V=(#%vN!&JiCrC2bs&v=n+^Vb9d{FH)OtThK>toVa zqtSbXc;Z%Ys^5 z{F*9d)-ww`7DItT3RKNXzCSf!F&v8GNKP)akMOEX&&3fH*JJuCd0pe>TnxNE&WqY` zqTpo@cYd{gipVc)J|V48rlO4I3!Y{nen#6_>=qoy;i6y;sfVUp&oT^Ii`kn<4J6+$ zt@B@3DG@<*IX4qYZ_Lgx5} z@}z+2x|=ps-#Q}JA9hP&{Fbh=wbh>$%Uh`ZSUb@c@Cp-Q^&+9XKC500l$`P<%24@i zBELCMx+D-^ycJBQjE2!T=5lMx*}eUNW!kCZXk*@#d!-Rhly!w;8S7Fdpjf<7UoyuQ zQFC#sG~OQjBGPdYdtA{?1Vy`>s{(KnLxpQ3_snP?DpF!ZS>J){lG(s3#?y~E@D^5A zT&G>A@#dYKMHXvjPSE?)%3(MFUKo+_? z!gnZ!HOSOvSQcwg3yg$VQ_tI%fS!5{`I+yq%m`CNc{slJz(t z$lKXAu+B~9$qhvDf>dnas|^)&_*7ljZckOqnpr!^J@Y~^7gIQYixDIQ#YuqPpIR9= zgvX--qTOw)BQ)e}X6~qoVq<(9V_(rt#iZ&Gnz?wiN*;8u-F@_bp8fN0|Ms5${n@jh zN8Y!;{O#F42k^&Vpa1>&zwM8|J%9e}+0SoIUte7u|3aVt`)8I$*ZSALpZ!dZf9cuC z^XGs6kIGOAIl(EDiU-mtq+wIaX;tL- zj`(Q}t7S`EfV8l)sZRH#Ytk>#@f)(R$ICUz^loiH=6+99?e_G*8ZRG9rsHeM`yZ8KK6;8bc+#W4rSkc^c`}ww=f6U#j7>KGP7vv5 zlg+<=wwrAJ@NBaAm!C~G|JA^@$>zVw=3jcgylnm?NqBPFM6rvsnk@`DQ%eRFjYE-6 z$seSNJ&;Oy<@wZJ{j!D9$*!1_ayGlv+4j#Z3#DjIXO^(HjTMo=H(5$2c%hEKw(S1GkoQFv`p~5M z&oft$J6Q%~$a%afr>T?k+ng*$$%`dM3_O@jG^Ex+L&y#@&YVi=5fT_&t+iC>cW<$(oy*jUzrK|7BZe``0*TOVfw-jz+JNU<2 zlI2(t{bpk2cZNIBL)bi6VH+VlU9UXFH0rTqUd_jX=v^8Y`^^V#zM*P)XbU>rCf2F-c@6~5wF zVJry-1-t2elrsATissh|Z$=mto}@GkNCFeE)4LfBUJgc2kg;mj-I(p+%dnDCKciWd zbpLiAm9z5eef0pz|C^x3%2XB@qzfLLn4-rP@=&If(!Z`;eNzA0wbTbgF?WAm!Cu+> zZGwH>=&HH(>tEA>V;ixEYDIu3BRRuBAczzL%R?H#ChV)_tcP9; z1d&bv`Jf&lja}bMja<8~T2WA-&>~YFSXowG%?AZ=ld7W;YHPV?Z7xxpXZ=sF`=5{F zUpDO=*gh0ygkLfselQF}M{ zzL_OFB$ouNnsH3E@VyzZPb}qj;F^JPYkhE3quP2RQXQpY|A}Y1HS+WWAHv2g-LvY- zVbK z|BvykPX8a2@F$uO-jC|vpO~j10cvSUxsgWINkX6GDpylVXS=p9gG?eSv~+7?ip_|G ze?ux{wJYG^OAV_VZc7{L4@e2xuQfsZgvgo(tJ7`}GnN_zpxRRAXcd(&lsNC21c=Uv zw*I;~A|BxBPya)L)i+`?JuGnmbkP6Zozbfj{omW&-SGd9@+?XJ*H8E>X!S)?{yGAx z4cv;stwo_L=3WQEm!kZWGuqOa?& z_qnccYrDJE0cUf0+dL2Q^gsV2jVsGs{LIsS{_pJU?v?LG-cbxbuVAIjxttuVn~RT(K&uj_W#|5FA80UYDqOb+3_h_iqDM7Jl^WGe?${dpACD5I3OmV%br2 zqipX16$W#^C8*uxJm`4?s5Doki9HYu(AyNN+lG}-wX=Ny`f;zBeCfk$MVZPl*3`MP zc^o|c62Vk6($5XC-vOvTD~!Hy_SFaH&IIq7e={mYYezmu=q5qHa6db&Rhzj**LS|IRq@HO% zHF)roMuS5a3)alOw_;qKSGZ3SX&DtYXv!2<>-pH5COm?{)UuevdyEpOFq?U*@4~@! z??c8+TPq^%+FX(wN^aj5yraP{TKzL2605(p2dQ3~{mi+{3BrE=`-5E*)9{wla3@1= z%EnmE_t6lRnRun6+71T}b&qn-%+7PA=uZ%uVj6-IU`YMNKKcRE@CnlHoA%xDzfyXG zL*iUxOd^hf+t{Fo@IdQ@5h`7-`-vW02k)#}zG%n^9%jEDULGG@9h)ETE{^PvQnZz- z>O;_g=%CbMADwYVHaOIPL-v?kD=yha|1db^3a~f0)rnh1l(-(8GL8NIami5>ZE&bB z4y~6yl^XrS;M9gbEs0wdB~c@O)nZXq$Mi=)rCKH52A%q%lcPXe7qzM==Ke5fR?>@Z zu&nQa*ot1wM;@d$`U4g8ttKgQE*{~wY>>NGZM_WF4^*}2{S0TWr6G;f`}&!CCX8HgKy>rs1yk47h) zhr%@mLq|NqloU#N^gQb+d!@|J*y_&-wJH|2BH% z@*3a{{qNq3-7^38>g$dE_i>)(^}p{kJa~8wa2L*PbijWQae!IqN7e#60eLry;0+>K z7stiA5i0XN{-YpP!A*37VUK8R(12lo9DUx#-e5HZyRXGT8L>7-2Y+rvT05oMSRQN; ztj3?WLz7pjLQH-mKOdTu**)IMQ~n``lWU-_O%u|5w&X_csCQ^#31~ z^FO_KvA41Rc$BBjm4Cguyb}I=ejk2oBBB%VIW`n(xJI{WATfaS``{^WlR-Z8ux&qY zn?n%9JdtAm$^TC^*)n!0hW>56|MO;cHwpj#^iMDPA7B!3CdiU@fA;C1|F1?b%JhHd z#b`tSALS_~c#lPH=Wzs!J|_1Fq_{(hSyfg1pivh~4657NumkVJVC7YEx>MRApN0nbOQP#lhk6QT83_OysZ$|CMq{3TOXW zL(NiMU2ayHMv&~e#E9C#!Ph}TVlJrU$pU@)wBK4(;u-q4^@Ku$ z!#Pgm;2@3-xv%tmk%pla8MHN=mvfs4=?!5-hzo_{?#d~|e@$d@F^$Y)PH-sazZO67 zMDC-)_CN?S=i%^(gm^I~K4*d0M>`{@L`)LOgX~*gSudSScXG)>At+YOe6x}cf!P_k z(-y=}6Dk*noJn#gJ6p^s(YRQ#v4a~PrV%-X0ADVRh}0Xs8HP#9hIbNALLvqs_pcqW z=-Ja)e=U40wn3ynG`Lc!Zr*!p)trwB!NEBT7f#0V)^>+#4}_%JzIkskO~RcsQ(o1_EBVLY`KBf z^>+%^omdFP3FUwkAr?ZL%Zr7OB!aWa^AjqmkHaSx_sY@n)*NF`J(7n-iJe+t0|vqwo+?f_4`V9b3_wBhDAePHT$k_Up0HJb85wH__;48o99uUe)oS8hkOwc zwweH-{rgDds^8Nqi#{c(mo|gN6w&-gU0ARsAL%c(hSSO9LIKZXu`>3}3L&R^z zf*)pm)dz0v89}u>a%*j0tA}j0cin`zrA0yN^3RgI0&fmscl0oE%y!kabM4wdseRrG9#$ZFQU38Gf4?mq>zIl6oaP;Bi z==khPk#0rA*D(8DjeikfxHvz`w`BLsdni)v&3cfji7TBxy4JH+V37s%Xjg;wsJkY; zXm?MKr6}ETUe_v0UyVwV{-PWrGbGGcKD+f_Kques?Y($X-UqHdr_&Zfal$3{dAN_R z4lkM;Esb0^Y9s|}Kr6L4sIk1XZLF;x&uaFqzBz)7D1ATGLW{vPOwidisnbzR;-vM)DRa< z``nYo0Pd6rWFPJAx`&z@O0h`KJf~5woo>bn|8L?;67=oV^~AD06v2F@2zQy$#A!eY z^VL9Nx<4EqsNozOLD}Owe~#IVl&X-sm}+~I445xojYg$X`rs|iuAG4Q!PS{y&)lic ztSG0-)ocMh4bQ53pz>i8iG&O2{XAh)Dt?z7EMe2%H;XPOMOVYtE zgXYixjO&&s*CEHjz!n^)g6yNGir;yfm0jHuy*D8LQ2JR{w_5mMZ%1m?w0<_^J`U$x z$f_E5N-)55h9wc-oofHv3(mvu+-(BZWAAZ7wSgVEixaBIE)EA#UIl&nw0-bqY!$UX z!o9C=JNQ}@E2`FxgBke;XQXclgO?Nrg-GRJ^Bj zsZZrKn%#d1@}=sRrET$dzDV)Yw|je4VNrFqk0K{pFOa+a8y;GY)ZWK~2$CL5#?vLS zGPbgPgw=wxF@W3%`PHBj(;gT5NDiSaxP1t6vX#=6kjBKO2fjw(bnmgDU&oJ zM+JlV$MJLMd7=N^`a`T!@X(mUp;i1)LjOOc5JJ!Ka~pLp@$|C)x2M7^;c4voNwCiR zKd*Ma-YeVxzZmUo{Qn>2flKZ*KMayU{f}TtkoW0RNuEZ@og@r`J5|y`9Hv6@$X?5i z$P`$Z+Jq1VbP|Ia1Kw5gIy45_S~0N$7QB$xVapY+g(UH2gaIL*q%;gn#-z+7d^Fh6 zHsLjq4%CIeEWy}EPoJ(cK7r4f9gLP4$OKC=TkInf9R}VS8lFq1$^p|*HE0^TZ{Rcq z*oL@iXvx@VIT;@62^Unnz+2~cha4o;=y3>T5##_Xb0jTdCBxaFs?ok`X|DLNH`Q-% zsnCOq!!*HRc^BwKqHLCiI4OO6f{^gJ;*Sc!1#Sw_?{E-MZ9H<3P$o%os5pQ;&f0$q z&NK@W==f6MuUl8KxyYIFx)g@)?`7fr_6L-Pkn`MN6VG}a3z7?xD*If=}h(GAks&;dQ7+=#5@^qn*5gfr1k9(81*?dUtuUkA@6$qQEdKNh_)hh*$%j5A? zM$t6DHEi>uA_ubq5oJ@7=#mO)p%ub{m{TU4P*sP;VIzt19Mrk;uh9$a&JM7?7wZFAgfV<8(Zl^WxHer z(bb#)UD8{FgEJC%G-Abp&%#T_P+c_U9z9 zWV`1aDq9i(`Jo9Z5lb&ysa_i!xQrHZds)OD=ae7xqz5?%(}eI78--)@(Nqt4${s*RvFI=F=Qh8WD5qZdw4g3N+ai{s=Mj@ocQA&v)OU zt0c7)j3$Vwr4NlRc%jkexd9IVMzJLkm5LL&ofC#i4K)vfkr{3r#1A+W>lp>KxqFm)2yJq~Bt-Q)Lhj!B%>psmk%;2Pa)`km`{uE@$4~Jh>N^Cz%hnW#*=^~YQGVX;0TGu94@LE!P9JQDipQji8CFL zP6QA*I9xdF_+(*E>D+Q*Titv4twLYb$TST@G^GIv)eSu1DGQKHXzUn9RIgVp49rHo zw8E8cwM$V;EuPRBWjL%oO*-m6ARFC?H>;{YmZb<+2UqXLYfzeO=*7C|MVtC*qcGYi zj5Z3Rjl!tM%4`%y8->wEVYE>gp)Xot^krNQ>eU(R&_pc9j_1s=Wz5@^7fb3c+Ie)e z1fSjko*F>>&iQrJh4#HQLtmgSXKC%rgDFn(HygdlA6RcPArjx)mE(xS3GqSG;ZWBC zJsqHTg0!kp6x&X4u+c(nv=AFD#KxN(??Lqq@7ziJEstG31JK4h zpaTZ_*$8`EX1NjeZiKxXVedxRyAk$oguP32xe@j*QRzz)_V(aSD-zyLF10EXuH#p` z#<>wsHny~}>)yyGTjZ1XHSDg{0J$BMB$6Ak=0>c!5o><2#?{R`cVk_>v9A8Jiktt` z*41q!L38Y%U1+_bHyi8hjljNjmK%ZnMqs}Y*lz^(8-e{sV829{8-e{2mA*8A{gUi_ zRTTe4OZ+$H-Wzl8KZrghKXI_{lUS1Atej!ssZM)o(+0p#=dy-={^g18nFLuz1NGA8 zHT6DyYRUi6lK*8eCt*Zqj3?xNIY!#^zl=sNUzGB{?7Vt4+S%lPd5q^Pbb+NL34{Bq zUTw`)L0S_AQ zJ937e#R-|xJH_@XF8Tlee1OhbxB&hs);22Tb@;}7akBTv3UhdhcnL+=mA zigJo4gBg`W_`e?hlfmTIWC;JaFXpqM`k(zNZrCtyXoCIgG)7Yz67l4(192Na`RibU zub=#NAS3lRPw4E)U;nQsU!nInp*$7nYiirDPex|LL zoj7uhjm2yL@`+e4@R!+qK!!(>a{7?VGFdX9lH{`+uPd;l?f4-zU$(IDJ zYW=h0K?i4&Av;o(JzY}~b&t5%zOl;OG5!%N46H|Qq^yubEw7Ir_9%Uf)$r&yY(8bH z=X@d`ob6>fCFxdGmUvbq6kg$}ZtUnA5F2Y?N?UrmP{r#wFA=a{=70*)xTZdE!OGa+ zV~cj68}guCW3eAAI$~^jw-)6=q~IBi9fd^1n{pikMbuAF5ZX*s^DgRYPcmq)=`Tn! z+5csgRfM`8dckdTT>{JC=G_Cb;TW>P_5MY04vx~>Lp|6>NyolL)->Jtpnm&XYYY0= z>8F=|O%5+rTkmrIt^%BmJX`1CQfIeD?`{+3|}r_rTV`_-;)riu~qxGS!tsMCVQ=AOV@Lpb3DF<-@ZNI39j) zT-TqCK|CO@g;g-Kt^v|*o4q&)M3UpyB-WHD=6W)V=K5K54<^M)O~iIDSwrDX+|o8@ z?MF{1ZhkDqd6ct8)y>IjD?-z*>B&#bqWSprhMxU@ck=Q17jmLO1{q|KTad2+00960 LAjJZ20OSk+OHWU!N~8XR!7N(rYF)M{Jq$F2Cb$2mmn=cHw%4S0sA(=5t#czc%`hxm4$8 zy}|$?s9Xrh1%)tUV*`VOC)mV71q|m3F1DQ^LjxZ%@f8uQEAHdF&j&E;wa_v9HJL6l zNpT>Y)tBJ5!*m=VEy)Xo%L?KS>rC-?JlUPC)A!tr>vmlcwf=BmbHlZV$D+6bq1l27G z7Fgai{{>=}h{ynkOI^DMRoU6eY;Gw~p;NxF84XtQn+Tq!JcyOfHl|@I= z+-rExl^|s!Xhfv!++Fp33|9R0#$Jb->2Py{P_E5MRzG!;? zeC&_n$6@ONaJ@4J+{`$fTy^?Zp4t(I`M~ePW?$r~LiA*(I6XZy=%@AuzrmLM1=h`C6&zY9T>{!8-ne^$vkv&Fgs0z}VR6unX1;TnMZ^`9;W% zw{tVn0aO0_nL2s_U~q5ox0Gh=W^Y-I^>qCF-8mWzXb-o)n%Su+qbUM?Q7XTBA^WLH zrCpjuq*IH(_4GNe-TU^DntHR-=Q^S7*AL;&*QxQwe@-GVI}6$Q8yy_akCzL^t9GAl zG%^8E)X5DP;zCT1#2CRSQoKZ-kAiqipI=d_Ae4UQ-~wgLKOk$)rhh>SP+q8`idin28@%+ zv~`eJ^s%1;u@c>RN_ep0Q3Vyga~2EvCjEjpr0{i>%!@T_8$~>1*DB#LxkU!F1*RI( zpk!v9bjU?jZ%b&EBRAXQ~P1ggUqObGy&pYHkIq8 z^0V#}`aDPg*eln80BMHKkU!=~p}6Y%S9K1$%c-zdZL8mPPI6f$-7? zsJgV{IxI4W^-k6fcl}}H;Uhep9`NuJ5Ys|qt+7j7N;!Iq=1zw9SZyM8XYT$!>J z|GRu5jDWjlMuTG0s8pC2FRj(YpbAAuwMli*qEFu^r z$c87y2XU@xGLzbWk%;zlK}a&#;nLFx9J=nBJg=~wgx#+3!(>idbT>pBj0h;KPz5+^ zjMNN%KUH$~MO;X5*{elv)#dpy3w61~3@gl@Fe`1G zHSSDpziPX-lk^H;<4{+Nj}plgVHTI;jS?zX|IE1Z)1f5S>AobD_1lUK^VsrF7ANZ7 zScH=v`{NDb^_<4M4vpqG1--p+&pQFu;qxQG#iy_JiX!4vYHWK<{BB0;FDG?gv!jg7ITsnyf$mTX~ zQpVPG7rN0umYX)c&+G-1%(da(%=d3kf$ne18B3a>FgY4NBQSULOM<-q^fb(B?kjQY ze;>`K8W{Pm#tf`f{D})dbU(6;@KZJ{8G?@t=+pmx--%Y$BYwDEHilSf5I(DAUh5?@ z?M#vO`41%d(o`|aPV_g=-$3X}?z^?IB}odESB&b=*xPK9EPVlgY}nk!t45$W2sZ&r z;boW>&btE3USSh~@piQHufRaUzhBaQknoK0Vggc*1CoD6Lx*uW)E;Hw`-(#&*u_@M z?PO_NXYKw5;f`2jCs#kCi?~He9e-Y%Z(I{-joy)pP4T!YR&)fmG8~P&Pyus?2GSD8 zUT{2u)bKlDkT!<{`mErI4*mr4u>h6D35^>9+`JEgg%)K~k zWyO{SBk(aW1?@olD;g)iEpj;F#R`7484WLrac0Z`fyu;pQQrmneES7! zTp1X7#ku4MKIIqK<=h!hpbv`_PZI}Hl|h$E{C3NX?Vuw!I{tdAF!KivgxoJ-Jhia4 z(N);jm0M=mr(vt?yhp7J#Cdxm{MIDZM_7{=o2KM!9cJK4l&A`b#Eb`vnT{ZSo0Fo}&{>zAv zinp=K8Mc0CouRYw*}oAXTc{f~vMOKbdS&1w-bzxz8=0+It8*C>R^nBTFGVt&jFMDQn_sJr$L8)u`VT~}M3{dgE53%=w#1d&+O|7pR96k|wE%a*?!YIc`{xhvCb$Kg zK#OluM}D#JRZ_^@q7~c9hlJpWG%rJFFv+*IwAekVw7~Z4mi;10O5O(1_Kem*kcSx~ zN7hN-I^qtT6O!EmqW^rC=%0GE?x<%MR5;Ob5Eiqk>hhX5N9`}pN%;XyZAaY^%Dnz8 zx{tA8@1lBTa1mXr1#w9&yjZ@eH}~VZqT_Z(b_(e4tL~<5S7<7);7bh4&6;eWKcXO( zvuTtjj}on@X$I6>B6Bwih4;b08!-EVrq?8Xh3A(k~~N*_3j^| z)+J767+cT7dq5>kSUTQn-%?2=wNYsE)T1$hh~AUSVzOc`$;1-RcIU1Tk}!KI?BcGH z@!isT@98#CD%?Fh)W6q9*y3#bX;-}?B2;>kRJhHrU|h`}z0l!V)3z9P;YRM2j`hSu z_3-rMUO?|^UTd=A=lyz6ed$og;$uYvCRvG<`U_tfo z>$G&8*UODC8cK8Aa(di3pF7;bp%#nH zS``rC3zWm+C0@!b7C#%AF45PQj>uww4y%BkOwElXIWPMIuxumK00Gk10BqK*cmtw{ zj

jRP=khFsU3gK7P%53vYW|)7lFv$=}2TT?7eOG^ah!U(CN8)sawTt?I?n7}A-V%y>*Ax$9(&uJF}G$Z(}(NsQIKq9o3=tFgdmjsr`=(&z}W*un<( z1J~VVgN}mO{Lc0RP%7z!^#=+cRGXp8pdDG12p>|#ErcszmEnNsJxdl2Fn+O`P+PNK zGK0i^IM6pBu!?`NGh+>Y*CpETbvKk&Xpq;EV zdZv&^GpWAx`~E8`bt=MY+B%ObyT218le)m**qpb;ZxAB;X=UmqbE1%U-)T%Y`eOWS zB3f za(Q`7;13CLb^fq%6Dy*HtnM4k>frvFtlW0VCPoQ)dbi#&aEeeHm+t%43%ae zRjKZ!LFhO<_HKQj3vigXvU~p+)*%efqvnTun0Z*Bq}cZZwW3>_o^e+%JooGDEk4Ut ztnWsFh`WDm(ho}->n4HxlH;EV|1sN6`J~4ttb|OnDv!L)A6+N1#u@nON{6vkd_|02jwWEa zhz+dEIA*#H3VR?Y{d>`f-JTjH`y!n20RRXRPf&#wAQsna(bIMeJO34s{QMEk)|uHG zC7SsMp8Ceyq+?PS5y|vE?uWcL)B-tW`SBVqhSj1{UOO8;6iq(%7Ybu}Y6Xj!13D%{ zdEy*G>U=~Mi<%8Ratcu~4hmBhmX21#tUM+I>+9PKRLx_cH6qVC(^d@+|ICjHxWlGP zoCK$)tKMzb^+xZgVBYtXI33+r5gB&cpC|VRall0;Y(asD-|ICDxa+*i3b-V4ipfp_2(n&r8c}bBZ40z`jar7?1W<0pVewlKY2plF~(DJ24(_wXEgeZLQx}?o_1M8%1=~? zoUq_2z{IIl4|QCW-^M=zpRz~#^gHS-^c;aql{Evrd zV@zDCtqpEk1D>d+lej{2U)7W&?>v@Wo~?QB&cW(^Y{qwveO4(S6gElad+~2C^;Qw^ z%O|zNpSh$SiFH2UBu0vFJrOp5uvL~LDniQ9k&p>AWw+t|h1vM&1+}7?{WscDnWFi2 zApt-%=D6J64!b|apaB|~;D>FdGFwSP;zL8#&r5rW`=q1%RW1Bn#_j=#1!gGF`e&p^i+{4d+u|zK zNYmh-B-U2})%GSNl>vPtZj~=7c%eZ)ReuNy%%gk$zO8XYPKl#}>skWI8%Fx4bPKCA^mw_er}&17t_+Lv?4N(? zXQpoRPLHVWvql{D{+;;AD+Yyv%N3oL%hiO|eRiQyd{;@;r`?iS zW>xZG52m3}im3qMo}Luv7SR4M`QhI-L(*z|vs(-aRCl-bDTq$P+sqaYP(a59wQNs@ zo)4>pXDCvlZYE_XVbaz-I3%BmVX~1sV!MS^?EX;u{Y2t6`{$s$EulAPi$2m_2}C^j zxP@t@@0o4Be)C8rIi($Tg*VcfwdvXW!#hwF%BXKC3Sbt|OiJfkp*y%rMbL!)+;#fuenESBHZtMn)r3pV0TvLK7D%UAs@sa$BGdW4es&`_@ndY~(EXm9$3N z&ld8h48LS_eWj{Kz1RST|2WF;s#6av=8FRcf+LojHzT6|(%hcuUo)m~;}&&^j^g(G z!p=pQnm9>tJ?}DOrX!4I169}31&wpkg_4jyedeW@g;g389 z1B$-Lugg$4hoz^;@EPN|id>=^66CupUdsS&ENgM`;V+v0$~7}LAV#&-)@EvgK@jXt7=<6@CX9cTQsx9Mirqd zoVc%*&KG)-!JmuuzVex%aWWXxSP;9kBAJ(`u9(Hp0&fgw+3b{RKsC}^wn)-}XpH-+Vfs({?U%x_c-P5!xP)Gauegc@H zn4U%9cZJpkU~sB$;k4a0GF?~43ugNSV5ds0Z(`c>Yg1;n729#Gq!<}8G(PUJa9@g_ z=~!OPb|xdKtMovt#KI`h@9Ai6^?rrQ@)xZ^t->1Cau!grfb$XLnS6=t+5}5DZ3YYOixw0qAxNiwdOim{~CDlDV zDi!_h;=)X!dTt=rHLYvXfCTMxmvqh=uiO)G){>oIMQ6DWju)%$zQj0tStDAwu&J~k zve@LeU4zdSc1pwwOKpfnMY%P;YxW9+)jzCws!zt%q4n0nUCQhDB#5Y+62=pQBoV>N zJ|DotUoY_295gfO-xnfS1k8!j>Ueu~*d8swCY1k1J8F+}VEbf3Yn z>Qz(*dEH-lBpq<3VWNDV00ZS8iV=v(Yq+4`>O(?&clA1GqNv7Q5Ga^`VwDiz8Vsg< z8%V%(U=)OGad<4`K?!&)6p0AL{UC^ztTVs=jFT*oby-6ecq|m9tmL*gq@3t#w2mNn-Bja3M)nyOhQ3e z2v&55P++8mp+Nt}Y?NW%kRjvX-i)f?g^1bTL`HL(Zd-%5(%(zxDLIuj%E^wvXO2+H zg*YlEw&raH>{)l(_YuxaoK-3>H^~fOnu^d3&*Q5ZE}`w!GYReell__hN778l;QO*2 z@e-@R?d7B%&-{qO!nz&Dxx~55(!_{BtQVA}9y&G#?Uy;(7#A)|PuI{%{tQrw}FVW$xP8&ppfsK!}n*Zu0abPMqwi_tahSaWSsy@D0ZPg zfp-qYlD27(w`i=BrM)QWJJUzn0mP-)L#x{Nzc$-m24&;|(V2Eo!$3U+$Z2)yfon?PlMrVf6 zu&i;L^duphks`+$JX8$#($vR<1|`wrIjScyFUN%8yg21p!v*Dd3mhi0Ov}dRj5^26Ex`}W-2k-0 zb^O+FEy%5nD-Cw{>4QF|q8?QrQ%S>mG{hKwI;|gW8grFnVJ@aj)zq#5Vy zHiBwS+gB=swCVTW?@8~6AsX^3q_-l)3jj*aCLYmfdq!(zM}GFBhtbuhxkMd?{fooP zO(&4G6~o^wxX=_RepYwHP(>P7Wa&y>g`<-~{AfV;(|t$^nvIn*!J%}5BTHt2L^F#z zK|$x9?AsqUIfzE6RS?CTrWbt-W$PU4PxyhuX~tUnotsxd2SH|B^^1LK$1;Q+)4)B^ zE^_?>0%1OfXApA|m9yg`8@AUo$MItSPTaBlPVOJB{a5o{bA8O-zG??%q|pEe1?t55 zg=Pb~^vWAEQ~aw)QyX?n!)nu?Jr&)t-fbG;c`w=ddCuk?M1M6=d;e?N$2O+z-l=I3 z#Zjq!!)k<6vtj6S7p*1OIM*$6b0r&4r0Ji(*NXh+A7>y`w0}6rM(tb&pklPpfNwnC zg+sV>L+DGUIb?YwZ#q?-AL%MLD#$%F2iihFdrwiR)at#3Ixcol3%{kDFVx{U;z^bU z1Riq+@|r!6K3PUO&GyBu5Rz7J$2oxAW%vAMp{Ae6*0ilG+h9gvvcqIOz^W7Ij>QE3 z+U`m+vYG5;4IbHGK0T^#l95?Zcu8RXeCN;`+B0`##$>OYPeG0ze|j>a4S!HJ~CdK0-0dvxs z?DS3F+bddekC|wYO~&K%$WSc5gQR4B;e{?)TCSpeu~(X`(%)NI-0DfR(?^Mg^IxUH zGmUoBMmTs#*(lF(It2)dH&A);^Kbw^v~VhQ5ieIrTZq? z{zuqU=XyR>k9h^LCd&JiNma_qyF-FoRHi3`Vga_yyTqf5CM%f=8O4=-4hwd-GmB>D zsTE)fvEb?fxvBpZ%5JQQ}-*$qlG9+($C8 zG(g!Yx)A>nW$QLaUE;;G42Aj-oFehEGoqbP4!cpsfSk^W2+&7GgrvAQL4g{QFMXpt znuXfP7*?QU8up+SLgsDUT4g{W!ZwUB8P!gLaR&1>4JfJr^(=2H_`^@ zuc0El|0OUhGmONI(AyIMp<{p-RdijF*#eyjuS`ZOx#b_Tg6D5#FVT(1h9-$t8&rbT zXh!&fd8pmAVg<@9+>x=PEQ8@mN0vF$ArCRh)~)EYlfZ+B_+-Z*mBLBd9*ug#Mfhr7 z!ZFU6!xR#2^cJ;@9W5^VhPY+67g{!@jmjQ|13X2 z?M|^vT-QBv8Mf70zrS=RYj?dWux>r^#r(?34}a5-RZq^17drnRM(c{I+eTCwLmx^g zZIJ#PU1e0qt>?EK9c)68y>n^B_Qi||?}kLrRBe$-yP-q|C6VH3C@yBALZOV2)??H+ zBW}KGlZen$NyZX5Gv{ZHO!1VH_yLVT-->P(Zm=$J7F+DeSqC{d)nP+{a_|vhwq?eY zlMeX=T$3)}r$AH`NszY7o5N@NzD zkgI=Jt4@#`wPeELQCRsDRGm>~9~O7%Jt~cQYE{(W#J9q$@foQmV2j%*N*6seI46hp z%EA7NjiR#d{x;WrY^g~s#X%~)Ur+`I^OeGW{r96X>jvcE;n9kU-wb-QW{!GpcDLzW zYM+dSKDvHt`n${($E_^BOS;rnA|QUs+F8>R#MV>9f6auh^gdTplqr#lfGlQQ9|5iJ z4&ols4Ud7_rnrwBkh`Ty+hufMbGRuFWf*+rTELk*@C5`p_-|fZ~zVA>h1%~ zRZae|#7ex>cOT9U+^#T0asg%O zzMtNEYOUI=e2BgmWH2@rvAd85HA5a?Md`cN<6E$9h{Csdn znT0e?Y|RkNLEJ;p4&}d-S=pF5zJ{V z-A-KBUy^|HL9S1E3q+FL&hkDXKkSiHoXH_uib;ORClukE^0lZmOK$0$ss$#a;rvcQ0JEUb%;#iGX^3?h!c-Fn9m$2Cbb%27{ zEU)+=7EV>Y2@khce1aH(W(TCdOi+to8MCZvRE*1Dv647UH>I5=GIC^GieDI65pn~M z>w87Ahsv2b$s{uz^f}H5*Hp!|m;%J$MzM!V3SOAO5I-65N~PU}Q=%)@p|NWqLDOw zi^V5zWzdEHcF*5SF&kdE10oc@N*#iaf#3851&eVMMTwAp;u8vuz`RWY(TueXltV^% z8xiEqw2B86%0OvBjIsN0SE{If`Qn4)V)QazABLGO9MEw87uz|`8rWOMOFfYdEkbig zM0{sDpWVVpRQ>cr!t7Zr(fIrj8738?wpHZ=*fN-`Hsm2U;ZZK)J<6EicN3f+++4j$ z2?-yPXlN`qlp*F_5xDAM=^fi8P0dNYW$o`}5{fXq=a(qJpnf7wS5O4ak*y?3cYk=a zS(|&>d$o@LFH}~iwM2dw9?W%Q1}DLM{;rtjpTZPyK6T&>(eyy6)u zQc?FwhaQRc4Z0HNU}5rp@rX08phUB$D7D0m0^7$6%-oB_?^cJmWL&84DDsmGN^HF} zqLe*b3_(6MZQ|W&4j@uMhT+Lu$yZSIq6FVlw)biQ0k>>)VdD0^zdwf~T&%u#LX7C4 zhfOe%+D`%3S^a~(DWrfk*OtOp`vl)Zbkf`F$-15*HXX3)U!Bc zAMm2EuQ1<`o|zx7Q$dB1doWT-%&yl>I=1RnfNE&mhA5}{2VHao+HAnlG`O2Rh)T@m zc@=O}H`6B^Bv6jog;yZ6OL40lq^SrL%_!W9X-sad&lEI1=4|c%)8CXqS7G>gn&v!9 z#-wz+^LI8mrv{l7Hm|yt4)kS*#hj{{TIfd;}eM%mrIMN zOw1c~d4t^oF>GTp#r|^ERNva-8*O|7ee@zpaa<)pf z8%DBV+)JXuLtbVHjZf&TqUz;#yLHUXL#DtNvYv943)x3nlvvx)0pK>Bq)`Ge=|%<{ ze*t+_tXKDg6_r#WuGM+e4C^QKdvh}P-emT;yxg1^vIHEhJ3c|%*1{Pk`5G1qVLz^h zu<6f^s*fzp5 z4P`V)AV8>f7E+G53ilm|#+r1-$RW9jSPim-eDMMxe%{6T5}pDV*}`3hd=(Xmyr|aN zZyhZrYUWeQtu+T_W45#uwiU>2mFsX!3%*0G2&gf+v$2H`s~bFAngOAD`=SLJYY6B! zM=Idq-mRqq*D^g#)BO$RkCZisoarxQO*)>n_OQlr&h*8@^k@c?{+8YDmS*mGnW87Q zDIU-^90cdlPYSdJqNngtPfT=^(AnCrQ`6tHo>t#P|9V02Aj{Lr(QXb+K%(Zaecv1E zh3OX(%J}vs^iz0upIi->WetWT$-kb8eU$-gr*WqOz}U$KNT~6M6jGh1aN#(783>ln zYWDFLvf#u9yZj@RFAA&Lf;@*g6bm#>K6koREM%1K)wd=Zc;mruO(a~80yZ>DoIR&$ z!|$8+Li}K;%_^Cl$-rBLF0@ryv{4UV^_%}44QneADq`YQ=eB0Gy&nmSLuh#SHX-C4 zJUSlq~fk;h{T1AlD9;RN~_#$NxxUIhbGNE`y&pt&}mj_=R4a3mQD7mH%1<(N(h7j<+4tN1KsuI&zD+=|IxfcLsd zdo>8jD|CvK5fKx;H&N78vtW;9&h*HNz6nTl1{KImfuZcZUaS$U35Eog03Ea>bN=}T z{Pxc>2moh!wumXG3=ykp69QHm9l?5IGtSMH{PvqM5h|zFzHyeHDH)}>n2!eb0?qfT z7~Yb=|7ucX_V{_(-^_CRgFk;Q`N};+XeIKt+4=R=ImlbNHQm6W3@TTRz=_g|2!jvD zsnNhx+wC6)0y58lhJfEZDGFVRU%sMejr)gPFIG;aJIJOPXZ;~%;r}VN6h)rJnWQI8 zLDe3Blps^Nvi!uk8s|~u|Ie(WRzv2j>@3&UReQ$Y!=jj__Grxb^kD}HZzoY%G>QR4 zk26ec9Oj(o)`E@D4f4e%!NU;|Q97jX`cDNnJj(e0nc!{SF4qeuM?OA69eyqke~+r5 z;rD)ficfZT`vjcWhdOh)$D_QCbop3UPLve}|934wbN~1HX`klm*~HT`p)T;aUEBFV z7T&8lf&$g)n&-68xRVdnS8P|}pq)(jj0PS4vbS|dAn=)UW?E{uG72zm0&JU1=Sa~e zTp$nGILDS=j?DO^Gf5qoGhhj{LS#_B+sJRpv}%q2LaHeP_64=bHwR7 z-cPWrV{YMZdyKfzNc58Rsgfm3~L|G1uh7h#vaP=|By~t9%0&T2U{4o0H zUZb4s?<*1_o_Uc-0Pgreji(gcWr%Yj!l8@!gj=TSYkiFV5E>eh^g$q6vR3sd*W@`i zBMfOVSbC>7^Z8PS{N>jf3=($GhuaJ6>e15YKM(ch^;~R} zfX&Jv=8O8a^n@6kvgLYIN#j@BGxLvc2D~<9Z-YwYs|q!)kusvJfOL@3<>pNpF3iw4 zZxALXT=NLCljYZof{awF6qr@!zn+^hP+Agc{u~Wx)!JwtqiVN`IBdy+xlm7l1`;LS z$#6OilL0A);6?=oL2CGC?Fx!z!Mfie(fM+1P&FpnWPKSY;u7`GPtvDQv!l5`uOdN! zhoG-#S%BV@m3`SgNxQ)?y{AAAH#cv$q(&I;5-%^~lSseJFBp^!AzY!K@BI|V3q4Y= zF%h=WF&Hc${K4dG+yyWgb}aYs42-xCDI8+_A0(>k{xQxXBGPZd=J<0I5^sUcv`Cf{ z1RgK1a(DdaBQVDD&81--5ASWwjA+rPn_LsLs`(yoYiyr^-?`yWR#EcaET7XpGR>X6 zmbm3`{$B!dZZ-kL7Er8$n!20@y=jB8X*RNQrQ>8=xcw3`=!6)#KRTufk4vcEt-KT_aJVy5x`bydNdkKnN?AI}vayQm=4(FuRjO#DZmNCgd_-I|F#3%(5 zn|7lY(pg;5TN#+WJqs?kw&JG#wMs^L?lWeX+u4}D8YlT6<56QsO!q%1Q`)6OEB0N8 zjLtlx84ayamFo@4ocA!9M+yOUOuB(R6!<6T_#fypaPU7cVUp5i^o3Z6_3qtBO^Jn6o2a}EPlR+C|L@wQ2qVu` z^%aP@kS>!Dqd8{f!%EB0U~#p*P)YQ`TPKBbRm9L9-9pp|u@IykNFBW%Q%H|_i>hQF z_%g(WPnQ5(GRFCstvy{uB4|F%Dl&j6y*)$AHi#NY8xm~nvsN#N!d+q>j9L0^ekPq$ zYTqZ|Dg66G!wa=*W}Qt+8fkxkY+^l8+3(*3vt~2Cqvtd5z@KsZkFClLOYyZj?nh94 zraziG91C7Q{5xKtMF;=2q>%rp30ca3iWwXKTIx*Vcyo^M?p@p~@f`6SMkZX)ahBYNGNFSWcqRDl_xE+)_k?IH^BQ@;j~y zw@+8%nM9(}hJE8l`EdRcDOG{?uGn^okl|0&68*SmCJDoJy&{SSi;AU@?jZ=fm^Vkt za-q#fJn5iOgH+y(-zxk?@8{Pe8Nps@!*l?)8$_RRf(4MNsLEC6I9HiMr?7oYB(dYJkTi{OpTD3dwk z8y~%~nU^;b${l;d{m}bi-fGqA=zG2~S zY=(HDCCVo4Pt1R81~QOv{(;k+^M7ncw@+qV?TgocY~}-|LHiqkZ5lSkBR8U%2si91iu$_C`WX=x7-+%m_gd?-iM~@9az-MdLc&?bEa#l`=}COp6fu zx|tmQCLWtmMzZ&*6V?L!>B2iglV{Zbu&o*OKR8oN7vvW9CVB0PX=%+JifOHYKZ$;0 z;ER=k3hcdL+X^s#-yUa^jm0wea9&x$U8Hr6cfPp#zlJ4`75GUx&j?q9ms6NIrnV>w z==Sqbzqsfq_xHApRy!+|dS`+>?7yO(h`8El@YlBYKec;6QTKR!_}D#rdupY4Z$yeR zq};2fhmzBkccTpMokU1Qmqf)=-bJBS(sCSUG5u=JPS2#D*dduJ;S#w+&8WW%?tvLBq)^5?ac^{*d)@jt@T%kYY14y$0MJYgmO(8#FLPo1g?c8OD~a zo$o|n@F5{`@AV~p=Z>tr(~DgW_7S`akVa0?t+Tcs?(QC5PJCtkj_>byh`CxbQ$nq2rDGM+Fez8KS^qL^~Q~5 zyiqqC6UysH*K;N955xwEJ|Is&)cT~^JAPM%`-Nwt)nF(7GkIF|Q7NpQgPyuFK%)0P zxwjH=NXfW$CYvSSrB9Xj4Ua9sCQM~c1wA8VaJH?Pbw_(=>Lm^`5a!NAxpLe%dQ{nQ zNk93;f1rWJ=TNC%&>u3R$q&XC(8ep>1J>_W2d`-VHbUrV)jLO6!|2(xd@OOUZfRI(R z;)a|<@psKo++tyMN~602%G)R^jF+M}vXj>&oNAz!fZ8yIQHh{J?Y115%6^0=x%epf zLLV#7!Uw=POyxQv=kdRnh|K(OM6G`3BZE*9rw6gi@0?|J`9M)L?yHQFDR4yn`R+lj zEFBp;G|X@z!2EcqprBvgYVVECFhpHwec=572Q&5AW(gUOV|DxiO}@f%J4QaENN5$J z@*v>QlNcYH)M?F7`eC&MRYUK-mJOT8*z*OUzkwk&`_`lXnM^L=tSQhW}p2q@Q$mZQf=P3zbFFhc1z&dCWBS z7Ntb3c)(H?)7n0Mtbh4!htrRq!Noz8ujG=-qz^8IrAby<3F$v!v*fl!&L2FX6i=HlS1qd|aNj+swosg^XC|he6Rxu*R5z{Zym@q{i zL_O!E_?o#JaVKQ-F!Esa?dn?bY$Nph$t4+c?FeZt>7{%WwS1?qw2-@)40M~T)Tb?Y zj{B2&T9H&$O*FK~oa=&5Gu3`Xzk&xZdg*|NX^!@8B2z}q+J2(6S3LMG1E6NUL8F<` zj9$!*qP-lv9L#lyct{v|1%D%;;@F+$!}}K{)g~|_@2xU9X#|uR24hl0{6kVS?G>;B zB4F+`oA^m@lhpLEuoxnWWGh*vq_$)ZoQITU&&Gc2iuq#|@kTj}FNC?BDW4-OFtnyb z`*p&KHcKwX*AvqaBns0wdyAJ*$>CB6PmvhWE;)N?_tq^nG0jyftH?jPD!*f(#ZG{{ zs{t9Jd)$64R(#8VRh#LD;_}Tsr^`Q85m1ijFR%*nH?>)B-lJ*;M;6ND1>l;lMrj0- zN+>%ZX(C_QK8Z!qJ31hMBN|wI-Rymlr$#1k4*u|n*~o4-Tai#!xP1jnj1h6PelodR zzwr@JU^nm%bHmO|>XYXRTh9Qy5h&}07T<*b?q<}uti_ePZw8-^R#b?%yQSXITnf!wO<*CW_XD4`}21#dTsfA}p=QB3UV-vty- z5{^Tt>kZYQnS&%`(jA6>C$qT`u&`mDk2T(c8MzwxbPcS5eZIBzxgRFluEA4C7&5=BKJz!?ZSExz;>_ly7}+uRnxj8{%nfkoW@KTsU(L%PO*vZjd;#i3QR3jDg_4pN_w^ ze*A`&P=;yO7E)Pjp)JaqDFz**fZpJAQ$bI1FlXb-Nk?hE&3l3wD#CuHDA@+HW41cO zRi#xZ`i%z=IB+)$55zHZ@z(zS$TB+0%b~DBgoM`CY?A{A0EAN&2H=ct;!=}if0#TC zl??PEVJ5Mc3Rx<4xEQo06ZCx_%E$u6!6QE^?h70I?NP29c!q_K2Cd%)?X3!cA&cZB z__JmR5~II7AgKJOSXj)b^*wJq#={G8Q^+e=(litiiM6x19UQpdu?;E};t_m9H}E(d z-`||28HBBA`*&A+?)z`GXh>Lk8!c$)_OcHsJPKZNY^)f$ckde&ctnZJ?8B}ihrCzz zK^bYmGvyb=WULtlaao^L5@#%b>t%_I8Bx^cSB_AyzJI{agy}VCqXutK@+fjrvQ6IQyrOZUvL_y#vEpERP66)r^$TU+! z+HfT~3H$B@!Fo1ecYY`U;&k9!|M9JV@X&|=jO(y3l0+q z2|2HuO=+J#h9%OppWv{RF2oV??>W>1WQnhI>-iz#v8<;1p4d_g3+32=uNVX}VNf>x zVt?vJq{4)tM^uhdWz0A*Ibp~Ol1 znUl=$|3bmPME{o9i}YxZk4@UU(<2^#T8u32GgEch$L~HWkvCbmWH-#F>mn%Qx>*IC zpch!*_Dnzgc@_ij+x&k3sz6o0mt-(tc*j5n2ZL@IFo^}b_6(Ha!Q`faGE5A&YoG^Q zShQ`R5gR7=4KxE~u#E$~qsE?{0~rXJ-8zr~%%FP*Oya|?%>x-Y7~4INLBc@W2TWqX zmi+@2+BdR+pb7*1?;z+22^MT2$l#%mJp>t048MuMBr+`AMNk8e{%|o;Kv;_eGdl_D z05QN;f*x^U!(M_qc=WNEpbjm=?wex8+6K8g98e$DL(hJ>9fJ22b9R zu*lG5>DTsvD1W2>gZ;9MA2|||LD@JIbixB;L9hA*hEgyv2&lIzU5E2>I*T8hU6u86 zI&(90S^Tv%2ug}KEWt6b?jp zu2RbphYzTXtUa_XlF9<0uMjE+i9N2fMHZbZ3Gd9IX6*w^$CRN~M*l4LAoY)jJ z)#1c^>{JVyy@XJGBFMr>sx_R<1yt=Zbp&pYt>IO=*u97Kc_p+54X{e;KSfwZfMLWf zu7}4^esQlLvBNR0hl&Z$xE?A)xyHRh#SY)N1yoEr$8B&kuy;HFh^%styCTYjf7}^X z13Ab;W9!H~WVFN}pfSbL*{tbwmJ~BIXEmM9+@xYR%RzgPRKM0RLp3$9n<=i`1{fs$ z%ODPPl6wGxUi}FPc_jQARL*IOY7E_mr6#TwLFTewgZBE)mF<5%I_Az94o<<+*1SsNO|vwD%LhW z7?rlcO6+h7Fbe^Nn2X;a_UM!8ZL+QF92<*Lf0}Pf>jJ_sgoiYsNYC>Z*KgD*~iXCUEru^HYr;%& z*3RgWb8P4BRN^PTRMmWt6yK^kbdY4`VpZ#cq%s&750XkDF>H|32RtkblA54mI7n&) z&5%J--|(?2NGb)=0tH6>+*0^xm5dZLdJ9fafsCyH9SAV8sw04nYKN`h=_MIcik*EV zWBS03mC2Y=>=;kRl;URKWK18Bu`L#2?o=@b*LCB|Jx%%tVsa3 zM2oQua9i9AlL8(HL6+oz>#$@vIa3FtVY4$mLddf8OdWg-=4a}lGgyMAN7UGpp=k>k zvo})hf5FU9;5oJ=jdndrV5av0F)j}H$z^GAb?M>sFd!C$6ZQWt=(4JF$z)9t5%D03g-ytVf8WgD{T zm!`IwN>1%iH{zydRivU3hX=1>!Q;^?H}-`LcV?Yx-@RF{>(rgQYJB(poYi$-9ondt zt9tZTr;qmWf{1ZQCm=+Vkdg=Fi!VY|&pBL&0pO552aM!F>pp>X(6Wx{bUMAcx|07- zr_=oZ)0>MIU(K$rr`OZV7nd)tzM5WKUR+#$} z#N4@Z{`ljJh0qg(_)`dP9bp&$0)hxK7clZyRdLL&D~gC$gfR}F#|c%&z$2Jb5=_DX zV0fE+4IrJUNd?-0&xG=iRs1?mNGNBwXa7r(tY%i0a(;I>`7f{zG%6R)p1TpE<;G z(01>?V=f}kQ=9QRVw|i$#>4O%xIh@mqr5AONDL?DBD|o0aTsO;_7ODCTfvK?B-Ql)*mF3F^q(~2}K*f zSCfVOMfJ{CLKv^rBl&ZH82@wO(T|9!Mub5`L6GaJO2-Hr2I3- zdB{Xg!1tv|0Ko@}Fo*Ot38MAJxA$S1;lFiajvP*$#})Ec4qqXbVb+<$fT-Jo#OI%k z;15zAZens`1Sc~5A0@>95#1sYlaOU5WYdL|cpZ#Wb$^rKQmcn?z$4~*1gnOzzy15y z|3B%5{M)}h`v`&m^z56z$E7lr$Y%ztpb#*5YeJ@q%}*xkSVP9ZGApc~GQWis5sLWJ ztut#^ZwNg%3EX~&&)n8qpq@DTqpj-D=Z@aJ$y9Pz_Gqh00+L=ux*`8#_QzI)v)w?A zG0q3!yE<>N9}XD8c`j5R^b z;VbB<7n}v5@@vKbIES+66E_|tOt>$F>?NivdpP6~wQq zR&0bReiHKd`1bBonn6+mSF+s{Wg9UI5h1(~W0NQ;Tuw;^#{EiuQC^P2qWKzep}$`v z$hgpe>%5i@tuu#C6beN9uJaB%ufZAyuZ6SGw~&Q2*+dAhotSkGK3`bLNqdm^h7~%| zyWCv}y$t+)$Pg898L(Gd($Qi9%`NU)jW2`I{Of*I!*-8O%Ch+}9YFDxtcS61b+(2~n&;m-gs&it&5;8rymcnd>lMO47PyVy+5B?uOq?Ge zT?3pcp#3CDXm#9{RO?KfU+#V&50J`+XUY{GoIk5jLMfK!fC=&56}nA9{@-s(IuLsx zWRW!F4hRBaittj{8S#^!U?hHp3H&IlRMM54+U}GBC8kyOysVGM#icz!3j~?7B99uj zljokqibvKV!O~)`5=?k9M2sl(i~Kh8EItr}c>q5}7{dVJWmPdJf#$8V00DzF#k5ww z%@U6*OL_!H585CQhJJ!Rd@a{vM>@=Z#h>I6YJHlb4S`}xP08WgYe8qY9K^QX%8LMt_v&JPun7yxU zcFU%V4+_f%kxUs5*9}E-QhN8{6IeR&MhGRJccLN(Fh)Eid+;OTD`n@Em)AhQooLjD zgPN{T!SXY~-li{0XI0wq*zUjkAjpB% zLYQk=+!#SmEltlA;ex#Ix)fcn{iK|Zdw2oOi>I`P#vY?4;G%ecX!Iff-3WvTe?WMMgG zXktr82t{kxVZlQ_{XQVxeS?L}reEH@`KVsXjAn|XXDk`A9GUU_HZ>!@1DJ5og$maq zm`loq6fV$bC>=6E+ev0N>g{{0A*QvhY1f}ogC)w2Xm65WARE|-2QlhnEjl0HzIrqH z`TdXoWnz48HaZzLWzS3$2~^;ccw>scl=FIpv}TY0062UEPo0=dUMd+*5o_!YPA7Mu zNzDcJTB!Q{t542SHKDD(oo<6A3OjP$uVb2gx_DtN9o6L1$rEblxTa;>SeN9}wG?rb=jVG69y;qm%y~7;R z1@K^7_ahqFu<&$W%hWjq%XyN!di zVhwNvf>&Wk$pZ*Fx8spJD@^L(ZG4y0>K~e}q=(Bh(#}^^3;vskvu`MQY`k6b3 zJDf()d0au9(LM0j2s=K3OcZuj-~l?o^F%DnNnDFwaXLp$;hOMGbkQj@o|kTYj(qcJ zJ0cfj${g^u39;TW5m)f;!z&e~w2VDUMg)yS(Jut)qaF zb9s7}zgc&Zvy{rKl>TF(^K4cK386Whw2j6)CJCIKBHGpwl+!7Sa<;VGI^NpLYm4R= z?Zmq`TQ;rO(cZl&crb;$-QX>bmqo?PNVjb3#|#mzmB5MDtU4iJY_lqYJmSq{OuqM2 z4qUpaiTQ3Xn>G0SBg9L-x^-q()BZ%-F=f%dyS1O4Y>`tiJoD%{pC|Xx98wH9WD^l@ zPu3uu+{32^i`9bLB5B3c8iY0PQ4(~Sm-t8mSTeyR$v9ubrR%&WKKwRW4J;StLP^BoCou0Q#N?%nC?zdNo_cH~;j-VU6|FTrO|6VP zhsX3JPzUs6l1CW;y}$dx`8o-9vZ-tkF1zl%mub~m@9ePNyS%QF5mXJ zf^t<%(g!&Oiv{we=0qjXcL;TSh!OPFN}6~X%^W)Cl8tjw;QS55Pv_Z0QvA5BBiB5t zZa$Mv5|}uGyG|2R9o#})zFVn8{~9NN5R)i$osUp(;>F93XIE3lTLIb%irY4ZBiuTh zTWHLi&HIUQ)JW!*>bPo|j>Old%)1W`1$YTv=N03SqR-B=KRt6ifE^I9blJNQhdf?I zuFy^l?+2DbP;Clekto5OXMaJIM<9qZ>(9Q8SKR+dfd4%R0QMk#CO7FklUa8Rd9ltR zr2au2aIl-`C6Qc6s*6~zm?kulvuN>BL~Zde&K&Yb2(dGj61lm)zP#?D4SD=Rf5Ji( zcC?zhl#;g{gni`6HU5bWls=#^{&EHlN+X8woJ83FRtSegTz*N6r0bl&Q;(Gm{5gK! zlgW$gYF$2Ir!Pfx$qp5BL((;fF#0u$GeeJvuTXY^Bj-N#)sS?T<~EJ_5WlP%groIb z4vwk=&8DggT}@x!xXxSPtrWmwr&i6_BvMdIV#ENDFyuPQjRI=Fk_Tm`1>v-SL#W)s zBoixQw5Bl!Oe;T!3qql@Ld(_Wx$FFlJ(v#nvh&Kcj^OXxXmRw}zw!+Ta?iSLk({RitdIPc<}#%lK> z!b|A{sh*Z`#VIT};)J557`LI?4cnU$RI=FK{kYq_ueB+b@Q59bE-U6Td->ayPu!7K zrCTj269p4v);dkyGOOKX3TfNCvD3b(+vSfPwVJifN~)IInG4jrKrDOwgRnlE0}9Y}YnR|L$_H<}ymLd3N5X4x^g6)|LU1c=Kp(FG7PnyRZDqaay_Z zFIg?n$I8ECAyzAp9>)5Ol0&EraM6B7EfrZ~$;}Cj%}gG|^jjN-x3Qo*?;@PYxwp#4 zjUucqQ1ei3hyM_t`=Aa<`}qM06xMI~K% zDho~4#;B7bLLj_7(bV{y9}uF=%c^qW3vQ0TiO*))Fexe~i6C9)4#Lg3ERvbRA)#oQ z9*~GI;~)s0D>j+)o^U9W;}z|Q8ykyXE!&kR@XVj$Lzd!0YZ&w>Z3v?f;8J>rS#BLe?K4 zr?viLvn(6NWGdIgtx=V4U+ZgT2ilJbDd|CP&InW4d9{LWjd*T!jaRV(%8?fZfXd^` z#K^Q+{-d9=leR8Xd)}&OCmX#UnC&fS9Wl`%B1Kay*=(l^HS8 z+G10z{D6`H&Vipp=<)nmxI}yv&0UYIpKG`fgJJ0~`FtLb`E&pJyKC=adO3S}aXr6$ z>Ak$TzPY%%oL($0E*9T?cYOmdUc$@ki|66}GCcrSok;x;(SF%{cS-)`$BS#{uTTt} zVgQdAtZ$skY6MTt9C|>MUIau9u4=X4=7cHf5X5KrsMNN0@GqA)7`2x}?#<_ju?Vu~ z7gyI+NzFFFm6tnBw*kO;S!BoD0)XpB-S%8M`M#g>(e7x2HrqJL>3<)2_jRXH=(V&- z^4Hb!SBiLJthj4c|L?+~kSlE4l`nN= zYTrnXn~OK1wQRD!bhF(n4=O496Yy3Dx0S5A9r%^H9k|^)K4SMRsbdhb6=_K~%m1AR z0(b|vdl&r%Tgo}kh@b%Rr^zApcjTgb*Lf$sf8m5uD9S_ZtCty!_j$=|PMRD_()h{2)_^&$Uw!y* z=Me?L<{c3)JdwzC{*yey2YJTq!cl<+gZx|V6;ZRdl5?P_WGbNE^IH*C;df={lvYp{ zRpwUTkN@h!yZFX7#hSc?qulg1fKB-CEm=`>!CSJ?yuPG#n$}9?+`~{7T33B$J$oA)R5_ z3Rl&q@MLlI6lPhG*Hv|7rP{BUIB)$W{BKgRO{caEb%-l9z7@yl)F2M|5Oc(zKEe|J zH@jtFQ&P>OQn-K=%9UUwHEu~M?UZR{28E5p9tu>N95Khs+(EGUG#q(cag2W{%fdLs zNB3{G6-uTnrcN6WwLmcN=5PvVF##7Af5kv_w)PbKM=)Pa)5(8rhN@D|2AEW6rbRJC!V-#fYAan z?#9$0Wq-T)yX*W1p$=4sOMROhJ&~TbpXeH?10tOC-DL44a6;n8Osn(5Ik=aD28fp@ z2IwB%I_K$?7^>f7_Y>tA=GxE2Kzn?o_XWQiQ=hxwo5WND^z?d_(7mW^vUNiNIO|F&+6x*DrxgVcRl z1GGwB%Km(-MkT5D_O|}nU3@e}{@vV7RT)dR2EHK2oZt{&?wZi|ZcV zZ%Veg?m;=!G5O9HJcLNyZu8^!?cANDbdn}3&U9&ktlB-Eot@ft27eB`dx-rHq;6$> zVR=FPM*Lu|EiQoAcS7+fhHMKa+cD~Fc{*|Vc_bND6Y*wwb>1!1OjY7|d>iknQftQJ z{VPEr++`Wz`!Iyq7w!SUMS61mlYv8!Tcl?flwcA4y!%ii&BmpG8BzX6N>V?FG1I=J z*1`dQCZ@UC>^oW`oSq5NYPzUJia$LJtlb1u8;Xq=fT+*lr!99`blTyh-)ht|XM1D=8y7h(?qpo@_@64!;r(}^Cdy5B4w)DZ;?c;1SmtJ?QO4s95 za!y(EX(}yXiTnV5LTgAO{to|yaK!7Zb}pM*d^M*Qt{$i2|MdEUtWi7gYzQUnd{tS) ztv>obm_PqgJXCIw6qJ^KPC;o|Q%^zZDJX5h_9-Ym1*Og@D9sl-1*Pfd6qKHVQoDmv zO#E)a==;nI^+Bj0UKM+u!oZ?vPhsFG3@rVe!oaeop2EOW7}$dCQy6#(1D#VCm@jk+ z1Jlnb3_OK_c87tn-}vVJ-G38Yb7gJW1!&q!8DH-=f^&PpvUeW8d4IRn&YgJobqfaX zRLL$grSYXuYGXzm!Pea`)BZ#o#Z2XSkoA|?v^t;!`SkmMc=zqYq}T7>d{nQL+>G^% zrS~+*<^SJm`)vSogmwva)`Y^`eGZU02&;3MG2x9dRSVa+<C!}k6 zZ^Y!jB%)rfxEevrTo0aZx5+t-c9=*Nwl~+2cJ%yRuD7)To_^OId&RA*Xa@QCM zA9-{3N#Q2s{H%oVSP=Gt$ZvB2S?lq!lksbBM%0(zi+jH#T_0Inq;0Oe-!jO^&(BfvLOe=oM zysWharRO~)*L#Dc5Qfla@ew1w2r3l^!IOwCG2yOr2f2f|Jfm)NsCJ@n;I9#Od;-hq={Xd+OUbi$RxUumT3pNC{>;p_BS{_(X9cw-37jNd}k9`@i`Ki!=Ym)g~HQ|Vsyil!yDM5S>5A7=@Ptq zv)!FrKg2KRJJ_4A**A%9WCim3T%L&&U*J$;3FEVPB6tZN4wp9dSknx`&69N8Kt^AlF zp|uY<>-e`2FqT9>&>@dl%~+Q8lgi;pHzzUIZKbjXpVLJ_SJQq(*(rI@wp$H-nOHl% zw!1Z{k;|>FOCmx0%>G9bz>+B$NyPaYE?v0}^V`hUz;9}ZH=mV^iC@>^Np_yBw&WZz zUVoKgE5L3}Lhc~8~B&+Yex^05~IwQWzMB;jgw5uCIglCcRx5^ zm)|@6&8V@HyF>e+;j>Yzy!X13DDLz(bJs-1Gwq2as4OC)f~;^F=gL|-vz2@m*Lq}l z+J>dB5eMjSb$+~rT;8Zg9=lJvz4CIIt>mKp{2j+g9=t{#q3;mt_z)xLyUuHX9f;%$ zbLgB)Ce%gyZyUb+aTVAHzy%`+gmRZt5Gu~|8PK=&LFt-%NO|J*n%N+0>;XTW{!@b^B zLeF3Aomar&-0|I2OvxSG+sG$*SG(sav2xOL6J}k`Jwa)v5SDwQz7=9AoRHz1zf+Hu zl}mP8^6T zl@jVh`mIW5h|!nE95AiCx&qZ%q2+4x+;x7IN5;p)x9p@cnIic6HhEhfdCo~2AI53D zqFDd5SzWAul3Ve&Qj~f%Xa5q4@uHOTPhNQbt#kg1FaLYzt;PSMFaN2BPW;Jhy5&A8 z`HSDSq+q#a(Pw{Zx74O%Z&Ks!7Am?^19etGi5HNL;s@&hIPVt9FH`q_AiR|BjOtMt z7kYCPaoPh3MN2Ubi?D{0buVU4$zfYZ;%@V{)|yzhBXu3xuLqmx!e~=EaVuJsZLxGp zUSkuRs+Ni0R$1cqQ!m@zV&AfX+vH^(wHC8^<&f_qb;j9;4v}^TAZ2f|5te1Mgli2# znaBalMgSk&cC&b1sQZ$(yWESpY)))$lSACoxm;~|8&T)bN_NyR(-$CRjdfv*WAL3UxSFq^^6J z+|`@co0)yR^+}J`TfK73wb=93g0~Pt@w6?#KE%b#mYpY$Vp(GN7(B)6S^Wa@G7AAe zBPQ?J%ss6cxVxPXBl>I1vK+9rl^}Rid%WNy&mt$XO`G)}`cW7b?^{ejtiAD zgU%uV%lL9-i6I(6b$)pX=pB-ZE-`I#`k9gJ>tzG1?8y;Ri^)??v#SL2@5sSgRqZ-I zM#n^SWqB*bB(kp282eJ-8#y5z6 zt;&NqapouYmYNg>&Kh8_EXl2GmM+KHm)(vytDQ9KI$hSvmnlw>$tfX^1VOy~DxM@u zPI{KZf+nb@2G@Y29*i{!=UU1&4;ye+BQO@tQ#qCG2djLwyp5abld~4AGY)u^Q+0N% z)3RlEvT!CRP38>J2k1*en`PVa3t0tLdwU+i3V$V_%U`Y)7fiWOH+%DRLNR3|pX)24 zsWJ;$UZ=hgT(uh{C|i~_*8 zJS{Sr=7<}?Q&P#UQZY6u97v}F6XCeT!_dYErF;1!>_Zwn$&oCj>a74?rVC<#oL&(_ z*F7eWSPrb%iCEIXC0i*$A+iO6fuB&3cEa;u`2Vr@uH9|iNZxo}`%~a(c8{bPk&HWyl9V-zcH+2?smjW$7JP}5u_qV*&-BaE4*JW+&B zWv+3&p6Bj#hvBAlX*kQ$g>F2wJE_kYRn18hyh{s8WJmQ)}3010yNtZKniu{WppiklbH&-lE@YqJ9a}-Kc5T2$i z=2Wv}iF-zA2UO{07T39Tgg1(7q|LIISoPjnCiabY1VZ6=OJnN-RPdPNd`!N{{q$`d0M_Q*6h z3pt|Z;y|-0*BQ;0!8sRPb!K@&b`)b|EM&~aI1L3EY8US%bjlO64zwgOi=>z(JOVMx z(}m15ZT3;=;BcF&G^#m$YKtM&wLdk$r1em=>h$^<5g7c!;1PF?7$$(G;R!bahV z(JK9u=$xe#q-A)(TOvq|RE)`y#%rf?fwzf~2wH|4|6E=fU4L1vZB%00wpkQKZccNp z7j~(wqc~8lGd^vDpB|?6_fY!FXQl5S75`brz^Ilw2f2bkbe^4MROu{_bdKKdMjmG* z<@0k5H*lG`#oE5qTkZv6TGw7eC5+iNCp*hhknr3({+1^b3=%ol-i^(WJzctP3Bne; zW1@W&&6o4mQI-)IODnq?2;|=UZ8So4T^0!Mc>L{Kd@CpRty)clt04)V08OH`JXDJ5CrpuC?0h7=Y2B8*4pwImpe&E-gDA-;PZ z(SY@4=`552q>uq|Ye{ZHMK9^}!jQ{df-J?pd_wXpAxs$kG$#Kvsw&d|EZ6dsDQ!o+ zwl>!01yvjDRkfX!y|%{WOwRH0;2m__P2SYnvr<-Osj|0EkX1ZpLK{hzc`-G+*}!@k z3cJmO6{j>b_01|4z#Cj`fHiHevvuyy?Q`LvfNG|q&ggl6Q!-5RFQ<#s_A-DZ?D@E# zd=XR4_N+~HkHjot=KoALBs;&M{%p2#?GFtW$Wb`Q_n=S1`$318KZQ32vwljTj$T9a ztDP%sZPUWy*i~@#Bav5tGsN^%tAZ@BCxc!4X~Xkz3&- zRPHoO7l~13P}#F3QSRyGD9YmTlBP*_9|s2q2VXvU0{=faIH>&p(c>ov55IW$j!kf?cP5mbivsN%>+n-@x@=&n9KdkhYwJiAQ-Y!5?-(w7a&L;q)bz%;ek3uYL*jc zYFxe%kKKjq!w9=FqD(jsek;f#mgy0`C}xHlE{q5rMRYXFWO_)pKYk?RQ&%z8*z%@#_dqEHNLM&hg?=SV2Z}CdL=}ludJ< z#7NYoW8me%`0Meb2ZSVa$`UsO>^#!R%80#)uKuv^s64Eg5s>QoI+qWpOw)&l#Qx&} zAu#zpxPbH;9{ffG7iP-H6LNk1z+A8o@z`*qw8xdXs?L{(y~2OH(<*{% z=W~ciDURfbew&LpVTa`T{F`t5*EQi;xR|zYFq4*`k!^gt(l{)ZmPHhnUr>F1NcNEt z?qo06a>~p-*dL?z_Yt{#82r;s3uw{Rsjb@&qBznc!*7}SJJyH3nreO9KCxyDSh4Y+U;nqu?2%YKA1{X zOgKDi`Nr!n`oS5}{P4bQsKrv{C@}nv#dd(6&ly`}OfjL0S83t0;=o0aWh#IKHoFpR z6?4IV^{sipbXor;;%_mKig9RTc)bIoIxdjAWYT zg6riz91?t*YniG2m|e1DU-9{fX3;s<4EFfGky}8lfJ1Ja#((lk{&vkhV&#?wo4kd~ zW`|pQB2=}QES{O}$@=u=lxyX% zXUz-%jGBE5#S3dZCP$^`*gIyj;ieiH=JjK9sMAynuR5LBL$YB`>Nep@GOY#8Xv#D^ zvz${64|LABTS>3w+UV&ek#ts+ZrPO(J-%QL<%I`?2Ly|2Gua4WT@B$?ZSRKv} zl7a+tRi>Cwu`CEEuu@#BiU^+U5g|h=D~{7-$EC!dvU7ULWuEO7Z!gZpz-$$(-Nd`( zS-B16@S+*qdl4U>!ysP<>YHVF^lv&7fhKmgvQuajE z(fP{{<{SZ?4+O%q*Ds9N|4CG*-w(3)5@^uE>ej1w+&avlaFmqnGc zw5E90B1?;J0;V3olW-?8rxdIJSNHIc>ySg?kJ7iYkMoV+HDUhQ03tmnVbFnqI zMbJ^4MTAErWf`P$(9!uVVL1;##OVk8(l55*g0;0V@@#D>bW2eW!2$Cro&Ljfjt9tC zAB|Xq#dA#-lxJ#8o`IDlVWr=!vKBUDTHuP9`M9Ks_0ph%umr`jJ6(e_Wsh8)ONCO_ ztBhM0Y`L|!vf8(f#MYiqC|+9MUb=(d1H~6345~op9<4HscUE8{z66DEwX^EYK!6ohI&CeYt>{ zHWgjHNm0^hVs?Mao1AXl>E{>+3(L0M?nbmKW^A>R*bc-? zAx}!U5w;dNmt8Jo{lTy?FIu-7RM|QTm3mTdySVK<_I)xTH4dO5D-u$AKgp27Pw(_> zWO&xjA!*vk4f8QKq$xtS_JCqtrFuXbX>D_7<CW|aS!fzSZVg)TMC|60)PD=h=)!8IR zCzULFTsaF>i;v{$XV66AXYj@gtM!$>_=&*WYtsQh%IFzwN9w8jlux|ICM#3pAj7#U zgR*>8F0RhbkO^3en+`p0Z7#f$Zqb#-YysYi8|Wt)T?!6d&lcu_M0@6_uNmWUshM(; z1pAmREM_`&h0GOP**i=u0anm7k}R#m!{wMY#TA~6Hov+;yu6mj{${TC%}C)s!;arNwWqRyf(zokuOZvv(aAH^Ooto?^(R)) zRArz?Cr-I|FZF~&-XP~;8H&crs--s? z>U#Paen2fcdNH_OgaIy0Cz*Psav6daXl!kQ_s1j{Npqdb=y57dKUli>)=Yyc>%G=`@-yLC{7G;i3NJhn+ zjma~BiTpse|GW*68IZ6vNMeDQRWwP6Q@Br*U&`p`;b70V%js&j_pGzTD@o&TX+lNB zvTbmI+Xh3kV0yLBPca)OGVA;7)IBB8Smm}7vK|tT$jtHIaAJ-DWbh4{GJVCEAP2yy zFP}br{B+1Hnda|tN%M@YDYZlHxmE(SsW7)O97+W&5aD7fa}n}5B`9F{%HPpUHsxaxp>N$05 zP^|$LO|0OA>R`+4K!ff&uQN9_iIU+gxtVE{bf(v@euhQ@tn{|dQeI8RUwGnKTs||3 z{@ZFz<9P21_MPY^&WDpq6BR?CJq5^XuMgv!a^Q$42@^h>XJNqZ$)@#v4=a>6`X0J> z{`>Gfbgo>3*6Qc&u~8F7dk54Ff1~oO?p?!<1=Z%QxB-)0jTPVLc0+9nt6~iu!AkAQG(4- zZD=7~@S-wyZdBwV#@GhH7DSqkrDJ3z+b|GQ4c}LM?ja|*P?{#mK9Z@(YpEH$xipN! z4%X$_1utU=bDl13`W_n@Y@s^Qka12$JSJTW0A>a>cJFbjJOFELY@utcCTFqx^gFDk zG`e^*n{^17N@N;T!Eu!E^cgfak~6n}-4eU4AgtS_>4KX=)>9$wge*te&C z)}XqcUVd0e(HgtyK2$8<^cebRpn+;M?4({$Z7%wU+^gHn18`KGKYKZ zvA;h}qk$&eDvh;!K2xuN3*~F_34-F(bw$p(?|P@ zi@AqJLd>%NHRFfjkLU7FuO2-mKe8}aOzYs#IF&3thTtrbs4SqrVt`6$+Ee*rA%SaL zgpg2L%47&1DmC}HQaMxmkDfg3vULx+Llv9hrHX%WMzCskSE=^7TI zJR}gOzQ1qt=%P<>df4lbH>b8Y1A9>h9}CR%Vf2LN}EO(~7k^s#OP`>Nq%P zjo>zBHW~26Z?jmpB^?0VXc!-yvCJtsZ`C;|9}y1m#B-l5BG9V_%D6U+HUOgjHrpf!9 z%2HUkp3px4A@C9)$}g-Emwe`;hbBB`Kg8Tbnw~MuUa`)Xe?>2!;=-4cukY7#8qh?l zhHeTA!1w^s*BTgnv?&#w0bs&ZFQY{i|L_QQa;Vuh@7U|G2Nbu!9j%SW1545pK^ZXM z+V%3PF&R7i7kz$Ntn+0MA_6c&ak8Ul?O}I{S(0i~Oq*NxvQ*8aec8;0q7uqlkm6#K zrpDDj^pe}@-uThm%s@t|01~8AB74qqyJ>t*K^C=0lS~RxBE=vCWau&wf0Vh9%e;belW679py~Lra36R^UFONH zq5&}ohvDfFD|1KvWpw2}c;Gyw0c3O-58e)eL1HE{mR}`}re>I{2=4NGd_Y^HjE%BK zY=l2VG`w~&8ELy+L7(91y9F>%QJG&(W zy4`MMr{Bggv@=~l9wuw@hHLi<)pqXlnBCz!BP|0areCO_ZPIt&6PM==t=k zQypJ0{WRuiv4Zp5rR@CT>cVS=?Pz;WcNk>?%G4b~)4ZCLO3`t2ZT2H=gr++tZbT4k zv8h~`R!(9WG!L2$|E1l(Hk}|G;sf=g;~`Y56^GZLQYq#SPa{Eg|mRZ>j<8} zRLmHuNR{H&^9n0PsH4z?(;lZowI4qlicD)462^&70gY?|*|UOcqF$r% z>0IdhlsDTU4KI-4qx0`Hh$RXgbz?fF-UJxNB)7nLg z4w6T96;m#K>M5S%m}tc(2ahW9*%BG`$2W%mBOsfXKOhIVEz0&`y^bT5P*mL|9$sYm zYwybPpQ}Znbo@0VEQ7MM9=lqZ_mj=p!kR!CrBhVWb5p<{!1ti27VM^|oE0_(W8pXT z;rp3;JTu1Jd>*mUTK$azwNx)_ux+;B8wGUHu(>;#sIz>SY!BD^jh*CVi9Q%%mqXU2eM&SS~M@uah%G7=|VIe>p?}J%Zm{jW&XB-h?bIuRxh0br{t?)Mu z^OA{R;H9`jLn8Xdo*{sRsnnn#Kk4PXa@9y7%K;#m9^`Kj`y2o?C+Y2*Yp-Xf?W{x*JQ5mzGSTGPd9$l7LVZAE-aw=zjGG{F3FZ|Fu`0>aL&Yx?6K>0BgO; zFFO$6vev5G5HQQT)WohpD82@*z*xbE0ihdiW@ETGSZ1fgv{cuQIEJ-ZlAJxXnG5v(ee zML#MI5~@6wu|ha&#IQ6vl8!CJ_Wi0@1z^1kj3RRZAAGE(Nl~?9OEY$Xiqb zaQUgTb0ZjF5Z1wp1o%~(7YmFW5JP%pt~JNt_Ghr}p8w(`{~K6C4`+vJLW#caM=KYsggJxkXO78Z0UhW&0)H0Vj_`B$?w!efi(p5$7y z>zu1zuF^5Eos(^TfDjl@dWeb^IO2 zTg#@r>)$2A$@Qpxy@W#V-?^gEF`9g*K58R>m6FCRLis<_ri2TP{~}~>@#Gt{yG54- zBI2l>xnGh}z8))F1V#sHepmhCDR~L6z>!cFCvbgMrZ|A8Xo$c)EgrxnFi^K^l4305 z7%{1bSsBRlif${=#&uVa?Z$r_2@NDs-6rZFYZsCbitI?TR@xj2c$-`8RHxGd(Xtw@ zb@&(;t`gyH6HFqv{&qO6&#ii%%MP|QcE}boH7U5UozIAFS(q(}ZmpGZW4o9&%i6h^ zVb}|4uy$OfW_`1j_}ZCW^kl#;@T%%f?7mSXNEmjnTxzA$a=MJOd>937dYP&x%YEgo z4^(hrF7v#hNL@}o)Q%nyBIN(5YJ;QkMNQ`NA}cfXsA#TN^XNQUE?f4r$z>4!uvlA z>rHL3CbEc=g2%TjJzR>s8^3L3RoL+j0XuR=LvpL01YMeko73~fUGcrclalI)cF$!O zNR`vo8L{y(JU2!NyPTbx<%ojvAO~BBR>=EI2c_4j9v6E7sPB&Lr;?m;3^Jgvg9>7+ z*El_tgvJTbW1^lFehP?5gSa4!0iCzeCCc~$GbkGIKjx%d>;|WFJ^07oZ(tP zHVwi>ZBT&X%})Fkm|W^Xeb^64a~r!*>w7e&y2!E`kY+ zFHK!cl~JtDgRfdglg818U}Jgg$V|VL3bC!iqQxa#5f^XoJIJNa4jLvpqTZab^tL|4 zR-h@%@U9%j$^tFl{UvC`uS})f#{Eps~TUb@S-Uqvq!m zA)khx1+Z0asMQX>zW1u-imERR8h%uCDd`?#)rKa-c`{?im5nF`v)r)60h!gY?PA1H zH7u-g(kuiv{RATKcvrOoND~jgasCI*qW> z&WaCq_$9&^%2s7_7W(W_Xv}e0n7o9NIib-JGxe)ig_=w1wQ55>feno~HuS=kdfX)# zsBnU?J-`$Yrap4#fKgW^FcQ>$@oK}mW|lW}0*PV)aWHglOZD}rb^Mr#Wl2fH3TIFq zN^^pGhsY89DAO2S^Rka>eXxk8X^>}!p|`KD5ev1j_;4x>+SE8 z%Td4d{%$Zmo7#W2Mo$vAel8sq5AH=Qj%rlgfTPt*#3)gn|Dto!MfYKgI2$L`3pae- z5o6{y1Y_D%FqrH8N8?v7o>?aohvqD=^;T92!|8l+`+)<}Vx>KWj#1S0Mp5GL;PYxcNl;he|Tfx zd9AgogR+OU+0iGX6(rtxbuD)ArnJ!gWAFyLbP{H~quag-!K)>^Mrx*Z6Ua>mc*5;9 zIPBM9QP2K<{e`f36@$f-n!chYO0p~R^z0X{Rdc;;=U35t)mg3SHYw+mxz+kHXMlR0 zGi#DiI*|A+M>-72;2a$}-X_no{bO|U6CLCEFwMSE8a*<3wUujA4!+mnzk?UNE}w^1 zJ1;U)b`O`;6SZHtaXKh8m&(OS=X2ulJvMmktM+7cf1TFn%aG`=?jACFLY1C+M)Hb# z2GM(V{=iAc>*Qzeid-Xk5hblbl-*tSCy<-8YR+Nun_T;azrTB><`Q5L(4y(9W|~?o ztNURm+*=&S{(Rfcp=TQH^Ei`sV{G|)_8^%sSnEM_(dV(i)DxWsi@W_4T7T3a8QYnA zuXnkcdhyN#>+_Twwg-Fr3R4a<;O{oIDWzG;eJ1M z%ho{Qe0~I=ol(FRCXSt1V4c>CcQx_|pLv+MQG2@l zWD#X`p_^7jVF<~TW$(2aUg5H?&!(5*!McgFFn);@fh54+y$b2MP7dYlvsm>`dLytJ zYWR{H}k*4en)Amog>0mr3R4$Z9#11$|^{w3(I`v~=`Wsx$X5APn51WnP|hl{~t zV&pnn&5AgK$_j_=q$)+KF{yziJVekGGOs`f-`#Ng_k51*D1~jtE_8l27jxEu=%(<_ zbKe6gl>?fK(IwKE2MCIXX)%X*^ixcb3ZsEvrfTAviqKJVg{_y}@yf0Fod^g-WnBD~ zF5{K?KOPD_OduNx&{)!fH|FLIus>dZbSFoQWr*8~dJ!d*Flf+T84rFl17^mg2Q{6B zU%xkWaXj{-KJt*hE9d>kUUmi^1F#D-srWr)s?LJ&cVbX-4`a?qCnyu01j&jmqz|*i zSO`TWoZ`Np0c-Pcg}cAtT&Yp(iffaro#a)YziGK+)tW0J2Qy+Lhn)GSlAaMUrR(vLv`4 z4<|b4ma4AZ7}gu7uojK77>=#_0CC*OJ{&@hHi)`D0$XoqAifsb{_46nciXpv?W?+@ zlGO1n_;#-?!HBtIz-*5X3vuR<{s%0wVgB&0D_EuwNGgqjA z+1EuQ!yA-sNk^KsY4qLs?n|jrK|^*=ssoh1`8%Eod2L0Uu#M|ycRg#IF=l~Y)Q>P! za2?V+&?(paI?iwzzFh}rJC2srYQfY@lm3rQK|`tkoUsX&j<$bZcW4`e1-6 z^w6$_bn$2B=fw_m$KfaI1eV6`Z(THJHgq{lESKGk$hf6! z&nNl#=@_aNzIk32$4GHMwZCyI9SHbnWM7?QGK3i9L5^TjE(m>^N2Et&> zss6Vc@{ZF)x?j16iTM9MtB4H7EcMxK7BbeV@Y z9IQlU9}#BJl7FWpkkca0vTcgDEe;=D*T?Lb6tWX1*ODSgnb7i3>yWt`=+YE_C{hN@ zwP=}NUJ>D7=do1b&>9{FzOCG9-RDI=@UR}Ca>l08-yMgU8Xi>Zr@mIbHJfsgiAxz; zk|5qKD33l)9de0(d)Yu zjrt$I>5Vh2+#`hxYc;N<(zPmcH8$E9^ty85^ok*n&ZEbFk~t~ZnQd*R;-{F<&h|m= zIzaGU`!t#xF0=|kb5`?o!a{eQ-w3qevpeYH{l%e3kr{YBhacZ6i5ElSxl5w-PHU+< zQ5uk=MgLRpe42WFe9a!jz8>3rcZ#)4%(ZESnLupwHh^kY7Fu1*4P$@s{OMb{xVqA_ z#H$>TljQF*G_0A0A0G@7lhd4}D_f>P{yofZ=d_{SmLk0fMZl@9x%zvxRbcL7Fi|~m zo@TNABpnujtEQck1gVt&7iFtFXBeRAIiH zbSuxpRX^6f6Nzfz*2IlyNJL#YB`YtK(|&3h58p_mMJusC=A3*&E8aR!1V+`@p;`wJ8R)O_KzDutu3r%G1N5Tnm zlY5_CimVUI{k1uxLSm&K*{Z?1msQttXp&9K2MtzT+u0XI28e5d{xI`}qEK~WtK$p_ zak*Q9YYC2%)ZxYVVS+UL2~iGKN7$Gl4vkDBGleEt{E9GSO=>F|1?;G~Sc^(PC0o95 zfW1*5Ry>xK35dHDj3Ow0p!1I=RwDEEst0!S7lLDfjI@AE<6zYNoiDt?*xT6jG1X>I z37C#FnX&i5dIvt+S8j#Sa278E&qRcXMO%nEcD4Rsg_zdH*}7}Q2X$?+ zx0~)L5nEz8s-)smNTCX)CP1-&+Dt{VR*6{;v)TziuyLuG>yRRSItEGuy1u43Zg8!a zNab7JdKr~cqU*wTj34FmVtdl6D!2%|2%i$=)1Ey|jyEGwLFr~h?slaV<8lta>uBq< z!?aa(1zZSxdFHVt24}4~k&D_=(T7$~0iQsFPV~7k5nlq!phIpnaw9BN^4=5cir>z< z(ss;N#eJJf%IyG*WVLa*L`j-DQN7ldP5jpM;hgC@x-km;o~vT4ABMG}GMeBfWtGxM zDyPb2CM10?;v{0|22v9rL(R$|oEK~Oy{_E#C(c(kj^lYa-`-x#LswV~1^28-+&Ccy zI<$OVr^;-YoD=E&y#M1ym6p0sy@Dg*xL56BpUlFmx{i|5)eR_? zv<(C8XxK6{IA9H%(}_N5n8EFKAef=;=7DaB*`KeG*A!sOYdBjd&bt&7IbFSMx?@CV z!v6i*Kyc(*=Yf5^qWNzSUvYC!>f*|=8pBIj>giZ4t+%XGdO8+`fpVYy{{ z1tEY6IC;#qnf7SJN(fhOb2_QOD>CCU=Cq}pD)K?0yIUc%)3Igd=nPskBtbgwNn|ug zl!$Y1IHwyuxx?I3X^plEN}CUDaoZ7LTfJHM+thMbGm~e|8X(fkFFN80`wOlFh09W3 zmi>bytt@+S*Jn z^uJbJRc$wo{(-1*H?nOG1TM+NlQb|aMY4vKz;*rO$doepn?4?Wn=+clC*flICh*K8 zp>vq&^y=mg$8L3{gXPuO;#(-JnY|c2`~@qzkyt0R;&3+Ir9Qd7r+vhLG^t#UQ5el( z+(b7J>5X)O)L?0(jU{?|BRC0(`?$r4Fp?;LAH_-RdpFxnE=D(%sGZGhKs)qY@P6(7 zvvp^T#8@`L2U(THlJ?36VZJ8eR8pi3f*{wi%l^+d~8JAnSw zozbrw$PFRf^v3@X>7S$8)W;K1I8Ij@xpj#IUEr=)XS6=xbUGPIT@8}zB3|42>rSjJ z!t@mQ@}W|{5WDV&Pdt>)*ebekAJ}Rl9jVwVB9!lK=wA8)H4Svf+8&W9{#bvF9LTgv zOmUuGoKx}=-*I@&y-{}FQ4R$rYtqu75eqRp2rnq-paG&fc?9o3vl%Og6lYi%!(a=q zwubaJuH0*_DG)kzI_BEirZ8{)(Z6|H&Nb6LibztWQ<%Tm2sJNRi|K?cMqIPO@tHJ} z#>;qHbEdEj@O-wg?AuzCmafH$Pp*f;f47_zmk<$no3ilb>f=A?~>arq%`8D`W48D?RophHv~Nn`s+;N!j+%ur;og@ig1VeI8)Po zq9cod>?mRS?$$+k6NJLVc)d7j>uavJOu4RI4!+jH9J992=A% zi83?FdL&7Znt9@kqwIyfRL35S?ZsVwxQZ#pAe8k*yQTzXV!IEpE^MG)114?d_cwEH zw+u3^gIYTPt4FaTV*`H_#%rHECZtzZKA|Tu-@o=X1tG1qn=dcS!7j{^)^Y=4*+S;@ z!+K2XFcN@$I|Z7Yo;)w3rhj7&6}>oWo$oRI!;akh_Q!aio)RR?!90Pd&*)HwywIStjufM}}&+Z?FQh5;rjukm8&>@*4nULW)o|f zCuC~}qUbpIcHf8Qx^iR{h^px0GszVqhTwaEh=y%i`pcRKIcSdKv{czU&3;gkQ}eF| zTt%fgj{rTw#L_LVa(Q91TpLE7icF=r0Jz&=w>e9tNCtlEW9sA-PCF-S35H~OQo!hT zvu4o08aI$q;Y(5kCCnDT-trb`H)G9Spc$XF7-HAMX?bx)ZG~LJxDakJFwQ(0l zC**wY5Qnh^dR}&zX*B@NQ(5ynvDJDcn-)-J4v#iDdr^vxd0@$)T>Y*ON!o}GsRV@& zah}jw-Ity0bHLX|L1L=i+r!l{ z+Vgg)eXXYdQTT_q0{*u%s*(Xv}V+?GA;pnPro31X(j1cb5OSOY?c`6PpE zNL-_WaAPxij-(%sD4niIU&u&t#tDke0Q|mT%-Hz1R~dAv{t04>+cb&1!ukOGp=2po z+?lR8a0RAwKgeDz`Qs15JSVD?=ppIkZo7T#ACDBqeB=vbRJDO(yVEp}7V$8d&CUYR z>7@RI3x2h{SR&o#=i|;i5`a6aO?OagrGHdPqAIpFb$}TRr07DrkW8seBjdo0@HvJ| zd-F)TT1faUo3Bo1SQg9R(`}9pH^tliR{h#FtG$k7EFNw!yuccGxnOuc!-_$GYhyB5 z7j0zkJtPXat#4IF{`H6_y^Wx4*UUAV;$PPo(>*$JZHaZ(zz8nk4LT9mv&kBYCGj1n zH*inK31TH1$m(jm#@~~QA&MmcetgULBW3>fX=tY{-kpXxEho?^46sx)(8mPbVf=b1 zF4)j%w#%HvO7D9l2Qqt9zY374jIwjz1neh&2f9p;__PI{qDNr4ha{R^^jNe$1-XDl zl?2dXuPPn3?U2fEpFDv0wYM|+-Wb=P`d=N0{^QfE-`bl6%+Kq?HNUH$li#O_o159m z7yRf>Zg$sa`px&V?%^5e_tVCV*Yo{JPR!-?_W{4<_!|S2V^(b29C3O~oQa_3?CoNU z!V;%p-%p?A9_4@!*BiawztWQQ&s5=%UVSNU2QPxWUT-Etq6CM%+)(pbSFJV_tV2}v zH*hPp02T>?M3baa5nD{bnIlx8Qu74*JT0vL0Q!)Jcv>=tIoO6P+_tx43_kE3QLMk7 z3s|+;I!a64da$jL?L0wDpy}(XJAQRP@!)H>{sh3o)|XEFZ0(mSm^w*r)K{k=$W`h1 zp|f}Ttk7Nb>+EML6~GP`xZnK-4nv?VP*3wyHh@x}ku<2vVb!yV($S8Y#4bB1_yI3t z5NelWWD%Qgw14x4-=!47c&wjmZjLl!A8xMjtsEUK=;C?E>~`?F)kSDFiIa?#hnPZu zD(|Fh*w01+j4b=Fk3_{PuzCBK-c>}xWG_+ z!e+Gc%l%;Sn#LY^1j;z?HQKrVjBKn+LQEZOo~i_XYA(w6bINoQ+-bN;zx_-uW&;*tddh(Z!i8ePV-OwVI`K{P3ouC()Z}Xjwp)m zM^n4y&uT65$NTB&TJ4U=2R^RK+`_XfvhrSxe6X4#b4?4+D)1$f&zTde+gPC6sK~sg z-#XDnqn3|@|JJ5O`+2Jj5Y@WQ!e{)~bz7cww#W`z)$)aa%~kfJ2co92BC`{xHT$1u zxvr(gou$+)CQNsP&zHk#t4=Xipi#qem79i~EOQUbi{BbR{Ntkt!V~2o$jQLnP8V`X zpM^JzT(qvZt^O=$kU|)Ek^XyI&1;bOZbGC2-oNd%Z3Z@P{~ZU0r;hY5!CM*Ycu?!5 zIG(pGM3iSw#;~0X1`m)P{gFkTq_fLHT72_$!x5S7igl+%nXJgAyZuW=N({IC+_Tp_ zh+{luT`Q6c=$^GBD>P!Q)eg53>E2h--LjZ|RbS1&uyK;NLWuqd*8I$1umz**fcUtU zHJ6?@J|EG}hYR_#l6`3`C3R)jf%oh_-K|+m%4JR>hi=rZYgSYMq#DHJJhZ z??nS-7ow9oN_mQ~%Em#e`R_-XgcAE|N~fxgP%__SnY_Rd=1n}%tDyM~ zO4QwenJT7axeCPL!0Pd!k`rPhjfNv5yylY}yBPD0gL%!-?IVaAtbyQ~46;Cq-CP|E zE`~L={e&o@)@e&0|H&ba(zIyFu!~#S^!E<^V?@>oB`S##ODMRv*4mqH8loq{YWdXs zqr$B>&bw8SGo&5jS;5T6O5%I8!jh5*M-T>;(k8SDf6xXLnx+7iKPx(Bc|S!^hX}~8 z?RS)&4N(lG(^!M{(+O6Nti?Vq zSrFkFus>ZQDJ`n8S9ubXQ{-EO$<*r)ssuK{^|YCJ3_%u~38UB`)FmdviTbQAbz|F1 zy@>!$B#ZwK@Q{b0LEir{`!@cTHNUU*U4I>Sww#RGwk%Ol$w&)Z?CrT+Vcml-Yos*t z0{tJW?-qXE3~OneDt>vbGf?np)^w)YW?(tHBpt7{cKGb1z! zMk#j?!<16!bc^*Y{6kU6zVkCBEtv8iaFu?d1$_4L%Z12Q&vX-}MiZ&KVmhl)($&4{ z2reV{Uf~~*42*OJ8Ffjf!P{{1>rY3yebW`8N>v9^ltgH~25ZYhqWi3}tU(DdMfUi# zaEL6+T^hy88v z=vGc?aR(UGy}bbK`oem+!;;dZ$Sg99BMUP47LPqjCNlb88-cSUvc;P7Q4%KIEiCES zHUR1;?lxxuoqE%Wu|T|%=4#q*Uol&rN{6{gGXv6~v^N8zHg(F>SW*B`vcu?i5_Rq; zRjA9YG|iQArU=$dQ*;53llbFms!m=`!04XBA#JGgUcyVez^3GgkNIks-HJH^>&yVY1{#a3e}Y=-1?N^|LD_oaHW7$SQ7G=|=G)l51_$_9~9hOO(FY3etln+4JE zCkuLD)El;&9cb8PjnrG^$bS~zlY%I{w3vVqlEp2GLCawg4UKHiGY-ShVG-R|X{cvG zHO_SLcJ&v}ADtSTgqnd(P>EX_8sskbaMc2veWAQYdDwU%u%T*`8YbmOMQ=R}$7)yR$k`L7r7~i^c@*nzInnnHID})??PPZn zVE1?6IrNCCQ+jXe)SGH_SH3241~ru+R*klIOYR`1QFC%Enf}g#%pSOTFLICl?O!J3 z=5AGahZZ{*UuZE>y+UKM7W;sCkK)A zkg>DR*YNQ}yDtsdS~%V7*cGXB)cOjI4!{T=m-3oOR~!?jhz5`D0?XOTX#ek(Dwosu z0}lr`@#FXUxOX6?=W};Ez8F*r9^32rxs*r`hsW!Cf0X*GA?U>Gdi(!r2q^#45VZ9~ z7t*l(0M^d^8is*8c3qY5kveum$md@7Yb~dazK;gMDaa63`pbz!F+5s zk9i{EDNY0h>EK6xAtEmUNxo7_8=?M5ysWC|<*@A&_|257_=L1@#l?j-Ulx-LJ|5CX zEO>BV*UK)@f|dI%HljAhQ{?{$5T>eM5Ml!pa>Exem#lkuNcbDh+LKN@>_dKB$>o#M zE~o-WQN?Wk^iGRp)d}Bwe^0Z2TUAB{i!s*}USUrak(wK0@6@osMHQPMh8&?Q=i(>$ z7zcA#L$_o#NX^uI&YSz;$4`d!^KUizSLkN1cYF~<8gVgwrlj|d#fbMs?GnK270MO; zajy)f{t~{Lt!-Nc~4L(zx>7FwJ-_?uA!a~)q z96)-~E`6{3YKzsa4s%Ch^gAqNL;%~mEH<@yN|nIPdVSJptpol&qMz|_ z+SceGEvN;HkCq);Cc3@;rGp#Sc|0TvpR%LrP{LoQiL8#0&(k+P_m7$N^A`J#H7Kmj z)i;kWrmTxx4Ret`r#t(;{rfM1tbN5adO4E3aFYSbZL(aEO~py&S<(J6nBM!!y+gU* zFJP2*KxE9tLBBC#WnO1Wtf{e3vml?wX`Vek!bR$&4dO>H*c@wfO7XpnHU)@+cgMqyh5-+cEC8p_f0FOr379>&>633)u;?r-mCJ-v}Z%fivxV`8oVI4c36Fe6(~i>*;`x#Lp{heGUPt441(o( zvQod>_Mfb8fChPN1O<<{rf<*Wl{C&C)OGwdcRn&T=`-zW!^0K?LgOi2A4#jPH;c^QhbITfvy0>|?712pByZO35{{kW1fn%66JHmiSP39;z9kt_wcoUc` zl|EO=`m?wADut+NLbt5V3kFON#N8*FCl_wtr`M#MrEB5x5CH6lz8vG_G>VX|Q=|Lv z)sEj&1@B&%qGmAD=-W_6nQDAs>NdWscbU_Rue$t{Z0eA3mCoaeN(4$VPP;jKq*lTC zWX{>dk?&}`+5su_jf~BI7@vtQQEP##tO#aMz}RCnq57u_?R)Aukg1ufIJSiN_q8n& z6m6V$wo zF|NXOq!2@w#1Zlo>@OtWMFL1AN({!Ylriu^M8)fATOiK}(iIeITmCUtHw$LRrM^pQ zF8Epoce(#L{$rqJk6x9@-p?K=GCcZ<0EnC_~^m-EFrU%{|U88;EHXZ_RT$`nbMX ztR?Q1HrN-rfnz`gE)D~2jz|FW0>f6#6tpP67+_&pF)zp;ufN$hjE!vp$VS9-Kr7xC zL5)OPavE}ILh+eKpoc2q>h%>~+SDu{tI!GUBtqe;^gbb(uAx%JVCfL>9x`8vG*SDb zh>!bnkkF$eYL^o_MMT=1D-1ivYIzaR1RwA7q=uJJrgFK<-oKMGDL9Yg?|7qRm^^)i z<5UgQyYAf8Z?Hi6L4Gsm}Iw#_fPx32_2^`888B5h^SMevqP=V+q}Qg1YhCZRM1Q!-m5^pUB= zbg~#IpOLj}KGR+GrJ1|dJZ_Zffa|Ww(m~bEg^V70_@_qJCrGKF;jRlf-j3QcSLxm&!so{z^_NYUgMDat)$YjG*{g9-cRawU16(p0#V+N!rDKi*mgTi>s zl+dc=qsm~O?CgZ>%REwBuX(g5-Xga#q3+V zp*sBhqsHpofGAd@jOAq zsnEegm|=RnUbwgt$55>?ChDAD{KquWLI2up31?slCFi0Vi*QKd-j9Y~pC8LcdCRh3TG#!#Tc-F2H;H6`0XHHkt5Tt%bC1|I>96OH?amfd8=I#* zZeM=epNRe=@MPH7&?PT^fYyykbk!gAYpDP6_p+BVVtQSUdwY2X1@O+0e+Jpx*sf-}6bI}x{Ud7YS<>2aQg&7AF z^*&lNfY!9O`dN6GxaKDLx(^R&|E^cVe$#xMQ|J?(+uN_I7PM$D7g%nYHFX|%{|JT^ ztZcb7Z>&4tbbnk@^eu`Oo!^Ua6+a}in%H_EMY9^E|qh1TKa;gwbs(d$Jy8219K&YLprs)gH6{q-}#AkG3Wr7<|U? z+a|u{&bX-m-`ID1OC{#2@q0n-B|rw$^p8NBsxBHF<^GQBjO3^Mdu08YBy?^C5Chh?*wTuQpH! z?oc8NV}lA*D`Y^1+lH2Xcvw?`ZG*V0dvTXsZh5dSZzc3MQSevbQ-G`17(VuxXRVQH z3dr*;QyM%|^NpO~k0$&rY&rhFER_I_NII1RQ&Nu9g{e)Jh? zr@NOk>2tBU33^kQk5PW2fiwjG&|&rQ=JBoQ_im#f0GOCXvvsk@Y-SPgrOt36b^H2G zpct8ng*VyW#ZZG4S!qK5(O&-HI4|mzeYt#$zwF5J-q$;U%H*$X9q$!2JsQRRNj`>? zyX1O}*bjTh=K#50jQA;VAuS&w7H(TdDuso8lDp=)w-?F!ivm+0eR3O2LIjzHM?+z! z=4o~5WbI`j=)K${pzLND@_jpU>M~xtD2IOhT>U&SeC~v~P-q>D9WZ_ns~yz{tuttY z_8O~$%Uh-Y6cCSj4t|-h_5WkO7jq0nzWFck*3}JN;sw1EshJ=ZaN$}t`3-#fm|H@> z5jamdO}~WG&KAS})rG}rhS4kdLh)Pi=5#-yxNsdLj6G_+^8oT!WTXzWwEPQxMJT|J zPXx6-5WoPH0RpW$X>rfMANw zA+9gq2wKa;B5aFZVYh*@`sl~JnftX8P^-0SjsGOlG8t5%x`82@Sw|0!8E{|y5At`=HX+w z+9lkr3&B1+MZefNNjpV7@sm>c{tL>!sQ@fo#NT@Q{f(FG1C+|27kN63^|FROZy)$%eXZYeZeEkx&sYh(xwM-R{-p%gT-ujzFSb8ErWLJ$6)=^rME(_ zeZ9$$Tbr>)_!8qUxczh2p0}P9&)j#ELv$|E5f=zq?H_xBGSv_FV;Da^MkC1wU14;= z#yuZ>|0h}IYZuj+6$~j`s(d$K@H&!UUFC>x&Bj@FI1ABZoXOo|lUTt&0k$?hjw8v@wKK*h1sVL~i}BIg zX+ZrH&Rq&k3UYaewE`u{ zGB(^Im`-;aOb=}5~?)iSB=jM;u z!}r_%8ojo=j_tj?zP{}G*?awHOibl}*xK2S;_2?|_1*B8)&1UVjNjVw`xGOVaEmV! zDtEF6it*Kl{V3^LA^$mw`heL^{1G}?4A-tJ&Yt5%_|)UWWJDZqvu_sm-@Ru(NbA}s z`q8(+;Ug5JDdeGDu!DA_s})FLkhuqSj)DZAvRkHYqYWcC3+ULno7#k##_M6*LBsPR zPIm`WoYtKr>NYZ3|A#s-t68zaW#->$6mJ)$Q;?#c$=FC7m~tx)KQ~}KIfF_kzIn`$ zpBp&wdP}(`(JtRf%VU8?oq9G2p8>h_@Xymt8>QAo&2V@YO@aYVA0!I<78ch7h$}$iGXy%**jSG~7)awL55K}*dgCW$nd_y5e_8)i~5 z;l}EgPg_0!Zd@=v-CZ9aAJ1L`W1OfC0}TZ4`z6Tbe3@@nxokWQ*Y-1>?pW|I%p>=< z>(@AzO~c*I-1aq-T2G;L3aMwoKkFw&E!&>?X2QZ1rm66zn`e;;jKwc!fj3&=&?m|J z*^0Mdw9L*C-%3Yj-_*=Ol`H&OW;Gr&qRSFh$Kb|G6Y#Xiap3KTHon#Cyd6OQ+B6|s zbGg;j6we+C^lg~FnC;WE>&-Dq*`Ppf5!D*l(tUZ%iI_*pN%|jNL5f9r^abN6+Ps$M z0V6~+^cobVn9(fKXn(r7Tw|J=W;Y76IvOSwl5SCJ*v{c~F6nlR ztls{OnO7dS?Q6cn{J0{xER;wsnoHH`G8bI|dMr;CI>87?#eiD0Fv1T5aguCoFtCRG zzNkIww)G$N`~KM47pa~P%O9gNyFvt=o6h<2FQZ=Bs>*;uvtD2FD?evtL8*-mnUps; z#%;0zF~FCL8bq7@R*A>u7j`23%(BS$c)6vgJh4$prEIkng|+Oi20e25{HFaQ<@!q` zd8P8un4X4lsVjE+9r6D~);k4>5-r-6W!u&++qP}nwr$(CZPzZ_w(VWEy3V;BFW&8r zSRWbrojQDRc(!IO)wP8P<3Y&HZvv1SKk$m94Ly-GLXqwYyEKCd8CkhR*(x zW{n@rOL*%?x?-E0oE-U*Sw>0}x0g{}u1{1IETh1_n^Abdk5cV>6(`}n%)U0J3PSew z`-8KhYsdcsLrwRKGG5@26pJ*lg+uBw+Dah_CfUr@L*c7hQQ5}|!)ctgsuP{enMc3J zn%j3qNQq4(Tk?I9+rT(xl_&|^sJKZtCVnrI8do^0=PNp52i*+dVgdJIP(1=CWI&rWag7!0WnxZE++ zTyTuFF++iI?qW35w7T_%`hKXFLHB==DCTO+^ZCR!C^WeLYG6J5@AbEK5;?YLKi#2lmS%h6YxgKu?AQZFd3%*<30}h(9{OpYHAnCo%ibJ|bw@_*#{ z1qNzq))OwGO(ym$Z_!)nr21kEq9ecXJbF<+zQFaRvX1+I+m1tZdlO8XJl~hlgetB4 z7M}izSXqdG<~9eQ5jx#DV{6xX9WrL1_!sWrdfqb)aFdHFen;i)+ZZ>9wW+a zL86_Z*1Hv$U_%R&n>PP7USARyJK|R02z!7rwj*Nr1H!#O7-6WYmP>mZ|0)rjIFC1= z%8qp);JvBQVT^Hm;%JSOh0bn(DS+HQ+dcjZM*~CE;(y_2up>p|T5mxj?qyp*<^RA@ zjOm3|dX^nzsQ*8`pnvH&rTW74I@i-`&rZT*FP@lqu#lQ5_q-Qz6}bm|SKg?w>S%1Gh8=ScJg zN}cp#O^kH|QoeMYT2v`h;|czhiT13(Upg8=9NO|9I_jJ?j5X8xOGlxVT0TN9Ffnd7 zqHvoVl#X{XjwUKcaxB)m?N+T2CN9AnYOF1j?^Fj#Yg4#f(eqf(Xj`(@a{s=xhN<9* zXbW$=$ECE^dF6)=w~eKjX8CljxA}egY{vH%@VW_=pA%(*vXh2Xh)Rm~)W&Sy>-sF+#y#=b}_+1p8Ab?V`B8SL>&7>4S; z67l4!Z0M=l0X|%}LfFXl*i%KIvY<;`NuU+aRuas|M5iRF63*_ZO{w0a3{`&0@; z@~Cg4gIza?$IcmX=k$PK3pdTe&R@C0-PO`}vVt_By~Mh%#?)F{!Y*xzHU`0kI+Jp= ze}I5*W66cJK6qGhwv~FhTCu$pt#7UPYqn&}YA1Ej;62JJ&oN2#pJwFe%i+w>;E!b$ zgY-T)wQE@2EUaagZaj!H1zu{2JGg( zxmgTkgmC`a702JH9+I>A|72P_1-`uiKX>_a?B3?Zgxz@Jx*ToUzzyzaU^lg+F=J-# z*t9GeH7wfmfW4kdwiWcd*}D&`uKz-*!3O_s^f<0Kn7Um*!YFav4`UZ9SL@q5nACE= zf;KzQX3wOST#eZX3D=RdpG(@S1s4Kvq%uh5(x5@w`EFE#Kq^wfA!U!U=fxhhDPW$lYQn-SYsM@&!ZKTf?e%EsU(%AF z4bn$Nar6y8m9bQ-5Uqd9BbPP>ejb=Q+SJ{_T^FgoKmcb4KJBZ_0U#( zF_vjy=`KU2I4Nr<+-YAUPA{ufx>PX|DLg9)@(uD}u^y0M>5kd@erS-N2$iAEQOZ(K z=@^3^qv_{8s}#~EIyT&fsJ(IY7oe&bVpv|=+0qppLQgbLLBF51N%1svpo5(0%wVv#KbX5PI%LF>a8q8 zb9rE<43Diu_1b&Cpfh^iyFLxJGD$pVh)^#?13$X~Y#MS(9_y(?L}TT7iJMgD{h+-j zdRa z_2mluo1;B*b4;#d>jb-I76(uQC?cUGHjCok0eSG;&QtP5t>k)1R zVYft6nTkM#+Y$VZqNoCpd@hRZQQF}ZV>SS&7z`z`zj(dBUm{NUr@ zD1ZN)O_u5Leje;6m4VB_^*-j1Um?eSv7Q^_>Z!P#!9x!Ct6#jP`W zi;mn744C4WG`zw4Z^YKt;m?7#X3|*2Ue2IOijjeVwkE>(!>qqGE_VL+u(OKH4a5U3Tmky3Rf?s(Udkl+aDOK{9ojL z7(JdrJoEoY?rHz)+&2Edo!h?ub#C8vhfiTnXJF_ZDS-hv{-s=3z?MDTZ z?MazUHK^hG|F>~lbsGv^N?Uf5EnPxtZj7}@#{vgUYLW1dX>FdAt6QsGd>xtnaVZqnm{tBFt*yJs4n?Xs!|B(F7tpLN2#7#85 z{hrrxan82;pf2o0D~bC5kbFRkA-*)&!$QA&sE$_sd3R8`3EBe7?tPH#yX1tm;d4q_ zqBO65%=j#gjRDEkU<+M~Oj=22zO1w|c2}oZK6J+@fKQtX8$-wbp{ArFw>YwrIxf8S zEhziGarsp}$4p{4fQ47M3mUfoPNmMzWS&=;VHQ#oDin2V@bmSY29XhE!2akN40{VK zWas>Qap`AwfWt#={#romX>j1p7eoZJK+-eU0J|*;oy2GXZ+qH6GDUrP8beZe z9?sog7GEjyKP(=<8I^asWopTHidLhs?$ukk=`7m{49RjAC!e4CH(ud@^)s$_*=l7Q zOQj~sZll?5J%btj*am=orgxBWj^`t*Cp!aG1VFzvBK}cWso!LPhz<|~J3@z^)b}4K zPmqgzfqPP#=~$Cp6`2vh-~mTz`YJCRE6FeEHf8MJh4Vk&Z(TL$I>Av5n;HXIEY<_# z{=x;>@QlD@#F#yYQJ2;tQzOsKs{60MWNmBB8@V5xc<)$*m{snT$o}KG^`t@ium&;! zL9p_nZ6PFQsY9Icfxv3RU>f#8)a?RjTLjRy@t|yDfh{7eV}b638wAjaeq_e|d^nWL zW?`hKf7fi`RsO-VnO*0$xLqo33aaAsZNz|I>-g+S<~URg+>`dN3JLD7RPF=xUmf2$8EfeT6s%&k}e&fY&<5JX)ps$i(rt zDD!Y}REjc~T8~VT_|zSbfA>_Yzvp-itKOR<(>zp-{eQ9`F6(x=po1 z1zd0sSqOj4W9bE-Uk2#WK>yK>sjDNZnTx6j?(n^PL|rA1nmkH82XG56W6#+g>X-@Z zK*{j=(_Cp&lFm6k{4~APZ8~hO6_RiH@$rH3n#B-yX;o8>Hzt{1UF}2?b8WQJN|A6G zxo~cZCX`cBCjevtkfk^Tee^e9NWu>L1r>c(3W9=Y@ zTtwT5VR(`(u(uCFT1A%ggT07`t|%yQ>t^C+UR>-f*G;Dy6O`J4Ei96#BCALbSz+1< z>!^?K?^^-RD zY2<1tvOJ&~xVtwDAw>BH>-O?eP77snJY~f<`FIAZmH7qsQ!j&?3n)xXJedu2EX=(WJi#~PQ z{4o=6W%%C3__2%r!C!p+nV9C#vU{_OYR>#J(^9YVsWIqH+HKve^!rjBcE#h7j%-@D zzKURb9>VrI5ZwP*L*Arm&t_<-Sza|=`nMBnC8dL&>Oukerel+HBwCtxepS7q4E`|P zsi#V;1OK>Dz{e9N!cL+|WoDJRWo{5|D54rn9AFfTQX&{A?XWqRbMgkZ)mIcdK{*#jhyaN> zpodR$w|4;Y3D`@6N;v+zs2aqe8mt))f&@jHOrHl3ALn?PkhkETy63N6)37f^a$4}J z$JWKi=VU&`o#S7kMO%9Zk`qxd$O&`E3=_sxl;$wiV=-DXyE^zT*iuO)S8paFvC4=1XBL9^{7kzP!V{SH-`fbm&z$@xhW69g4*&g zkFxJ4I5z`qx#|>aATL`jZ%XqB&D`-8>Ku8lhBFI4WSQQK2W0s$uMx)o7${K~jDsU-^cC3qHX` zg?5}3GzVUj597>}je82oeqnEUQ?f5{wDPn9)y)@NC{bZ^@>3m4bbrv;3 z2NMi6b!?%X{3?Q3hP>mU=8~zg5a9_C7yfrjqH#e`XJa2ApS|y150E>?oxf~<5+N6t zq_<{wx|V{OUFw2AOwMsRx=E3*#E`Z{znSK|5{$tyte%ey+5nO7ez0SqVAksi*2J^p zJG8*;-gB9OoZ!LaDV+Zukcj%b(?bN=0Oa4I9EnC6N@;9+Cp`lfX62g(dL4^Dl-Uk6 z<^kBOX$x0ZPCV<>ZZKwu#}asw9fX|77h+W2dBK?~9Df$d4Lw6WcN`ZLah6z)uBb-o z)6Q?mE{H0TiGd4j=V*#@A&ng$`Gy);L+rKzhQ0W0OkSoYpa^zp1kwu$5t2Fc2R>`c z)-n02ekd!*U`+x?4~vYpjkM+$j&{(kG8v%Frbd*wsWN6A62?U*76rsONfJ`&h$+?% z_<_Y+0NfJ%BdxA66EY;N|JdVol?0NLvhRV!nuXxm2hDKJOc`bohIt-{(!FQW-J$0C zsB(JAV?=Opd020QK&pF)KaCGdBptO<$^_(LB(@k_qM-JI$9YIIX$Y-@gp=J=&*2xWbvqh7 zQA_GY${<=VZ1fK8@$jV>&plCT5}kNJOd({~1MZBVzh|1tD-=o_-zsKPon`0)GkSnr zN(0GcN%}%-Ldp{&5*I&P9w(H{NSSk+G~CevsZl=W8p;r-+pbl(Cv61jAy{g8s@@UN zP&?BIYP^h?iuB>sbhDHJv+C{S!_-11yn{3_2chZrbnw8hTNMBtLL*hvXQ5lytT2tv z&!0x1F;mV~`BcI(W}RqsLI#bolRoy3lI5dhPB7!!A0d=j)B*1-gj54opV{%SfFP?* ztH)|$QWm?VcK@;=93fZ1D&d$hTs6bu~a5P0K$j`tKcV$eO-F1tx5$j;yM@ zMZ7qY3;(y+uA#0IbtYBybsh2hUCW4gba|5Nt9gUBW zhC?q)yJH;J@W$}l<7JIhKO1Y%1HETEmbz@70CSA*r>HZ*uDs2xir~v~w7Y!X?Qfp% zDD$s%8sMDu1~5yn?cu%i%A}vSO{JpCU(7LL$JldZ&$ktE4m4D0y8O@dHn6dhIY&7A zI=n3`+R&&o} z_;Q_WtY}i<>y$`W8kDDFgP$SEa~WufpS+|5@3BZGaN704lar^JqvEOxXOk$-;vIkJ z!gWDWMr}?q_F;0(qAZ7oUs6Ej*l+YxpprrZ-t_e|Hj2}e?)9OaYEfSYbQUEC-FFD? z9jIH50|+7tBRJ!QZHZN$L-t_aXQw5lBc<5b~AAFswfpS(9?n4(Fc z{{YMw3?oxvfiWeS-GEA5js9D#-Q_sd80ip`DEq-Hx#s4IqIGC5euGHW)-$`3gG_-m)XwqFjqk6Sk>k}DhT{`Zu7RM7Ug$qDT~;(|QDZK|&xx6*%RXMo zGW7qBD(kzFsetVtNeX^tY`e{-mLGd-VF^(%=~2_Z`&Bn&Q_nTfm;)oMk0cBwQIp)$ zk-~-V5r)??iGJN~M_dTbvn>ykeM*_EhAE35dFXfDZm+D!@xl8pvo3IY4=);$hnIZ} z^CNGbQP|(PYRkPSREPOy2MD0P+E`sGMKP}U5P7GOWa3``d#Xe>qL3JPp8sjE+N#=6 zthT_973I@)p?f68=E0cu9VCa}ujD-&Nc?&sN1;zz>1BIyW^H|*V~0RN1&%&aT2pvO z=IoHiM*5ggdCk-QdooTFN*~En=Br(iem*Zp8~>2H zLC!wXr)sR84{w8q=r5)(Yrw zFAw1ws}S{u^dcelx}0U`$6TrZsn3LG=LDi;tn&6{v&BcGAlG6ka6&TQ+N{I6Dd2}q zrF8_FP{J7iiVevc6B@MM;JE?@U6c#YnC5b#L&bTei07uk0(xJt*87N^D?d0aM1kCy zHWp9-Kn16=MhPm`n7uB)Z&grQWz$Kt5-VVRX4UmfhetVBQ%b~?Cgu!gt7ZZW#d#KTk>A?v{COs(MP@fEHg4CKY2S4)?@i; zE-UrwZBj;nr-}ElZmNLu)iM}|N0aBzVpPMUv(bA0%goH52}W0koV2D^eg{}3J1C`R z4>F{%_C?!#oP46C0)r>baD(AE&_12DPM0yu>fd!+@wH?y!!HF) z9w2}rm(GEuQM=u=u}WA=OKyXwas9(Y1C;$ARqH_4`IU53`GPla_G~EiriW?$=F{#j zEW4uZ`I)vI#MCu1XUIis2q+<2fji z!{8nL41B|r*Nf5!De9D}&Du$rMa~w70!I!lY1`XlS4F2+-Vtu>L4X$7xy~+hwHg#L z2FG;Xe2vU;aG9W?ztg3!3*8-2;fZm06{Wv_pi!?S^}J7GcbUym2TR&4cH<*I@>l?-T8&Jg?g$;w82T zhO#5A^KOZyw7?mS64Fdbd>Z+Rg(dHVE}7aqMzV_YsY+gXaiHKkOM|(F-de@e_rQnq|O! z;%niu-sgAY*iuam{7K273yEB?m`tQeF=Eb`Ei@gzc~J_u)@ViV-guCjxcysOe>!gv zv0-X8dg%BS-$nKxM2kB+7M6J9XccL2Xm#B324uaft>ohbQ|bkIX!K?%_rtg3T~_+$ zn`;M8D-AP#g5a(}Q|SmZB$FA*)?x&d_~$SaAcVA!;+LAu1oJX($j~{7Tu;O^WHB7J zajk*mY_eKO2)a^fN`Wc+bJ<9HLSi2SKvo=?5gUOx%d*Tkt>(`Uc=Po!6^vFO2x`SE2(AJJRp z9Hx*dHayGmt^a9OB8QqcGffX9VA>Zp31`S6q-?H~tH3IU83t1uNem?U>YDo$dx<7k zIP@yX%1SJUv<;OfV^hls0jabl-8A%Dp9%AG-Vdu$@nuE=_4 zt5AJBSsC(cjDTJsRJk;Z9pc-=@R%)m#Mg|E$3;D>W;X~5 ze}_c(rX(zFlHE75?%=^rvrcchbl5)!5P*VOM458zcWiUo^4b2>FU}L#+r_mjECcDW z>#Ot%uHwYcT7&1Kl!Vd1cQD1DE;}0*Zz+<)vzpl9O#SXpdC!&W2BxZ^s7?eO&vZS6 z`t_s@*-K7lTt3GDJb(`SYD`EwLLv{92$A#n0+bxDxDM}0__fYSOoGd5l3FjIH#^Kx z5+q&w%?OJwQ)=X3{=Ji(_l8|D{#1xt9=BU^@u6a5xOoN%2gtB93`(#2QCoe-@vw}u`%P34~ zLbZ(6jQ@H`IpUsb-v}0|2&6XR0oX7w6u9-PoZ9`>?c=G4B)AJrDHSEmCML%dHr(;} z7HnBw2kG9!BBwQj(-hh)ENkvzs~Xxo}c=e#|*Zle3sl$b46g*R{Q|0DN7+j zsJNUr^ikCtisGA;6Ga=vNi=N+2xXyWEy2r9>qnSz?3bU z=>9ZYsFS#dfK!I#WTmy9tZZ7&xeQ3x?7?Cs< zI1m;E8z_`b!7N!VI9B9_W4GA!OU5t+hBSQH7S4h?ilMcd#rW5u>1V~r!X&5=&&q^W za!Q`{M(m3!18o3aT89xFbV@YFsZ=Mk6b~x>Y;tNUXT876NKl&};laW{R<6Rfe_VIk$%kyyx@cnxE`{t+Z>#pr| zHjn4y{Q5krD(W!r{K4;MXyHur=l!KAZ|rWC2ixQO^X6xsvzlvmd|oo+(fweZxacp>TzUL%FNl4FyP*D_RrL*fGv1cQ$)Ir`2#?a zTXKn;sIRL8!71x+cxaJ)He_Zld-npt5~+m2Im$<0o4u*^>&eAtDBY~C%f4vtTJU!UPXma~sdJmqc1~Rc{ ze(}b0la56gv67q95!GT&?9=oyoQl4_jUwqbs3(~nE!;8c!7D+5hTX~;vMH$$g^Q{K zJoP9KtOuSXG$(Vd$Nb^vNmDt`t?QJf$v+Z@QlxE~hy&0$R_NV+evZm9Al)(alJwB- zAfT1L6+XmRIRJpcdO$=*YXmDO{5NRBQY!+W1Nvs_;fL(OQMjv9oxfJw!+Uq{WAlBO z=_+99oi;0wi^|LufGj*SnG4}|rsfjA#+jFv6c+$~t6D8c5b=k=mI8pfzGfH6&k%g9 zS@>`r?S5hLRy$y;WSi@M++i8}~%`H)AwIxsSEy1cOPlAap2 zKl|Cco{88pHED)guKRC7h=N48})y_^^OjE|x%1YKUsU_?R54j}L)el5J z_nGSyFVXq$XTh?7$-u?!B90t4=P*^eDy&8vz1gS5I%8#)MPzRY>$0_~?k0v2M;z2sUsT(a+$+W(g@VM^Phw1`vk4kz z44kO49jGVr=Wv;}=_#RI6_v^Di{X?)!cEKNG06}O@xGs*l69&erGMq?eZNgIWMW5!DP@p-ds z{z%K|PAf_)Lf7kk^}L}g+V0L#E9%Xk|1b4NP*?;kMjl0 z2f6ga&v^LtyorpX)P((v7;7=}1XtUO2s{zS#wGXoz0lgtdL&G1=Y@nA0ZiSn5zT2O z1Irl!XtD?bol)E)jm$`Y1MZglPu#|4q#X@7E9Tm)gYqw?LC~eMASnebaAM!sRlA*N zkR5oJ90Jr`aByp_?QWVuNmaCJGM{l;jgK-;%?|yOi>)iE@Ij7`@wa;*LSOcq0T#kz zvj;HTqkCQ<;5(aPa>XXrhEVUC@G=(=e-zEz8p&bab)hX)s=kP*vl2Yv6cp?-g~{JQ&oAx-Sa1Dx}mKmHT9rQ>X+k(8;Kho7zP2+k#nP zCVkDVq9Peo0NR7Bbd-+tR0s;JE$e2C1_r5G(wpguElnbv5#=Z=$6Av<@BwE6+Gr4# zh%j@ILSgJg`-Esm{Q=ea6x^VHef3=ULV`Arp22xoW@q)+3=0$}DOP)d;G1RG-v z@yZIYPp%^i&Tk2NbJ@+!P*d$yTE&^n9$^f}QZ3fFdf?Cpi5EHVO zH=vM*;0*?_!uqQtv&yEJ*yGfs%w4Ob)vP;P(x{0RqkgVa7?K$i#QJ_+%Q;kOe}9)j zqRv(1ru994?5@)3Ud2eh^rm$cp=W*U8gb`+eV^tpo*=!7=mFvCmR*ycp;-08byDqm zlSOaRhR7o4U7DUrx6MAyqICht-WAB{T&^ zxy8U?)IS4`tHG6LC@;`b*K8*0Dx&PhD}Qweu&+FW`uY_r?RTBVha;RE065Ok_kL6^ zK%to}+=6yL*WaHIGhK71)eUypy2+g#Q)yvMSY~@R@E)aEB_LdOP_4s;-g10b7o{7- z{a6G$lJ*9v`R7+|T+~WsmozK3Dbr|bV=0*d_}Ht}S$RvPUB-S>MQNwwk2KKElPTTL z$&3u=QtVHWc%fvAq{|32NuVRHWV2pmBdoz{>xJY1L4=9n#dKJ^=-gr*h+<~iyW*eE zJ^Ghgc!b4G`zuhc2@@k(t;Wkms}=DQ`@^Y3y4{U$JCrvQfyJipSenuk12DP7LWxrd z&r=F5msiV3Iz}R?B>p+x=C@%`G){Jn=g-2i2fajq4Zse29J?LO1}1Us3TnkvTZyIO zL4fKMWA|OBTc@A?UArBW1HXBH(2Bblx~*AhKGpT$b^Mvg*Y{+r^z z!yp7?kdhHb5C5~QQ+#)(;n803Z*|mZeGQS9pPkIV9k9E2eZp=n7XMHrMD&Fy5BVFs z%Zi$5WXek!Jf1_hmWe`<*MIDh#|IzGe^+E@y8oFSONQb)rrMY_CyFu-xY;3HC0StU z3fux!3%$I3g{tVaadxT|h3Uv~{NJACZO)gsaho-=7poyjdbV&yxkBOzd zM!c6E+YsAk`YDP-4!I#F{4uXic;U4rsv(TKrpcBGJTP-zjf3Rj5!f&axRXwW2|bfduZ8Pttbd0oC%Tp_j-j^dWppPnG>{fPzgiR4+x3V4Hi4Nr zL!j;i6442dR%H6}VwK;T*}bD>;jRK=E26;eYa|6#4DUT)mxwnd*kl2Ft{2&5aVD|E zYKAO^5D28#LwBM<48a$6^aUV2|Xy%mjD=biw* zz(jkG=`>_UvEEehrm#V8F(ij68}mLwWU&xZtBX9P-YGPU2^^t+W0Gbw00D9kD)R`d zFjBgN92!A_KLm6>k2h3}1tMkhoAc&eowjjH9Je!j8H`YXj}n>R1B%C(g+Xtr!coD? zA=_stF@23-$3$4!ayTT-?QVLS-P9ysmIsF*U{Lbu5*ZmfuDP2t>r5opv`;Qm9YU)} zz`2btG#@9n6?@9P7CAGs!ff_Jsqu92Wf~e4c1giG#!#}8@u(K zHG1jy;PP^a(ncc7lcvF!&bs30#;Zn**d_s&YYeU#y!W)I1`}^kL&p9 z215*05LTU^a`X%C0w&wxcwloE$f7zWCY9I-NhU?GtUG7cr2=2i!qU(O&yY`eDuq{k zMT<~8ahpEV$Q-PtnUYp-5W?B2i6&OrUUYS57gu;N-f~o$ z7^83+m9IUNsxd7Jnqjsv*Q^z1VMNP<;uvIE(}-v}z)3^f^eMzss)N2vWe4EFK@UeO z=M=P(^rxm#^H~aXE)1lwBW1 z=^!akhkXd0n4O*u^$f|d$Hs~tv+8WiR(o<%W^Uw%hnEk#XP?v|w4oo+Nqbn{?oYzI zQ*cPj(sBd^(bQQo1P6Uhg79ba#{&Q}N{-12N$=in5^PB-8&?qz%&WX?1M z2uI$f@#B3*=bezRSQ$MNLzAOwId^=XtDkRVF6wEB^Tv-9BT6AN<)-G;Z$wV+W!-p(uXUHU7#>wXU?qU z){xX`b{RyMRkGKrh!a>1xK!!-@?-}8__{xNw_dsX%}!aPsAq3wVB56VICiW^Pt)!7 z$SXZaP!G#*+u4zK;AR%@=L%BG)wN;-0?*%4y_y|&_?yY@LJI7Url(wp!Tb^+9`ujJ z_nL;CHQ$cf4YcQPNJYW0L=pD6Vz{Q^pg%Q0xW&A;=&bGaVH)}0Xv*SGz9i};G8|}8 zw;ngaroQsZvgeXrjmya`2vs}-4QA@T<9{^a3QHtIg;y91aieE8Pck(^o8H-5FKG4O zmru>-^M+ot{A<1pT>G>WF;N*UoEK|BmB$?Psb@Sj*Sf1##;mWVW($!a9}Q>@EMefd z*qM{O2-)S1gUhJf_ad%L;eqM93viwg>4Nfux&R$)?O#Fobm+8cm!(L;)mN+WgE2pK5Vu`yh+bx3&yKhy#8Y%%hCrRB zNVfA=W% ziTwl`LRE6bt3VLteJE8~hoZ{9PHio#8An6^YPCEpR_W?U< zz%}fGMs{+xV9Hm&DsxF=ug3(Yl5CP;#O0tsoQWk>{#l(9l;kne?3<&>nBwTwRbd#h z*vo@Rcs`zN>V*~1HA$%BP=ceQ^4lXBD&!u%V^STeH(|i z82D|iqW5h>5rnHE+YIk3i&%qRQ2#srx zL$Q_TZhK6iqJNlxz+KCQId&4_QYn5p^y+~Q zjCD4NsIe=w6Pu1}sFf6@xUm!o6#Kj-lA~CN^*!tAIe6ML{fkAsH@;)9sVFXhK+Q#H zuAzPYB2T$WKrNlbBILWhsI#Gcj)?Vfe0Vx=&}YyoTXQf>K96lHFg$7z^d*>1x?X8Dq7$N%9xj_ zomS}WMj}27bc&{Fx91H*lhp>zy5wnwl=B)wuwmB-r?rNw{H46+X=ZD)}XYsjJ9quT93>H8lYC2n}e;xrDXeg6{kkV5xM%9irl=HPK|Vgzus2=7Le zY3xdi%nmwq5Y6#?<@!(v#(oLbYpn=Nec~&!q_W% zq7xl5)~)wSvv|vuQ?yiMN`Z)?l24sz}(+ zf0;?GSuQ<#Rw;84Ak1!Cu7rm3_}4s6YMGOEqXdfVAyk9Y|HC1nt2W(a1TdGFDJ=r#RSd zmgl8ppXEZqa~BbOwRhb#7B`yl$Sw10DKlzKLjA6!)H0nVzjV|o(c+i_6H(FgWRU?rhom1f=@YRzZ-2b_Baz5a4c@tf#CxfYLI}qhJKKE=afKIXpDBn9Op2 zrU)cb;rQ&<xc}4e%5&ZK|MVnB_(j^3e##$9a zLnX2u_`)F^g%UNBzOd4xWel*#@LbtCqJ%D#B0dqI6QFTlQFJU{-?#}j#c!t?^~%S^ z*7B@?LNE&zgn=SSAkjT%AuNPoO&_Bsl-sI%^z|s4PbK)*skP1H%?=m&Ieqwg6cGZ$ zzo@m(bc!LL-Rd@nGPd=rIA}BdODjbFsg^mIZ)%F^l2ELR(r4Q|<^m$BduUI~4!YP5 zdSA$spa=Cg$r1A6W5|g>AY7i9^jimjXxj4C`=(oWW7CmiKN!$^0o{=mRs>v{IlY%#_+>iNZ*hDR%F{N%w(t2nD$n;Hwt?g zsl|;KU5siK0i2Z#Zwf~b|M1OhSD>S!ky)hIPN$AM3vRh5w!9OxZy)vq9_IjzCL9qM z8{KEDz*ruRnx<76Ak^lq4K>HQE|r8M6yc<2zm}HA+YnX zStjBbu}!LwT1#|T+rehE7*5fTBu%LtMew+k_RHb2N1^Ot8t(~R4JqAvwVIg{0JF{e z9jAlrho5xi+1IDLRO1$fZu4p4iT4&&m}l0vJp9AAt+zZ}=Z#{&@5DvEyo->|J?>znr}exX#hUTF z?cbc2h|Is!a+;T>MZvnIS=$T2dI+u~1FVK>E|={9cMWrZ{!}77by*3cYm4tf$JRQ& zx@O=pJc|+?d)r1yyZ@dxh9)VK6j#;*M~RZ0$ZjV|yM@PRb#DLQ)ZD<}cl^qZSnNfC z4(@xX8-j#_R3^sjV6V)J+ryRm5o$7HTnuE2x&CPS3e^`WVt4$%n1I4;BO7A>v2 zzq}n7Zd32Nwc_VlhaFSF`0BPXK>XP5>EIf0Ci=XH6x@R1aBgnLl$&N4`%0|Dt`eqYTwU(rKTUliiS zzB0oE?`o2YjPm#%fxHYv;C?ptAl_qZf*QngZr-kuH@d52bannO^`)5+LDo(y#{pCK z=0${gggFN|)O67k!?y$@^1M_vEfb}f*nyWnU%fy0&0Uu16iIA#Gn?p7;eslG%jw^O zvb}nE>Ycifnt|Uycf+#1tD>AL=^8S4pemMyv`sR#L@)5|$D`-_%AaNvS{ZDfKIkxb#H$yTN$@Oy!D<1ajxwj#&p=Z#hiI^B&y@&yF+Cre+eb>oX!OFN&@&1 z>zxAiUTqdM4lBv5>Xb8<{aVi{$4CqIp5Z%>JomD?rUB0FT0<&Svh?D5cv}mMLI^#p zr&f;qd~g*>@oaJ7GV!g0_5eK%*m3hEoO{(_M z&ZyphAS18!pF1NyYVf?{w<`eEtLM%Lc<#pu_qAhX48$lfR8z;V@CgZ!W{c3p$&se|1LW>DfJUB_*4!u7S5P944v^P{`H2ETQnsYOnbER zuOM!G7M%hfhk~P@4&IJY!2O>G=$|bAl?%f{f)h4~vd(=T4b@@|aZHE!S`6Xl=Yh<2 zs8uc=PdqJc`@6&w@!bzsR~KIys3@Q)m{ggPrkG&oQlgc?@4K9VJ6>D~Fb*9G&P zTeh^oI$(n?g3iYZxRSD&0J>Yeb>8EysTc)ymFdmdKOGlpID;|?kQ zeVf-(3L|p`!}Lt1a*FSafR|5Ex!=t89YhDJZ$3rRt{Ci#XTyNp3`H<`ZpiS2AS`u) zf3$O7{M3qH6Bx;}*2P03;q%l0gl8kGf0d04KGbu|OHlXKh`Z=5OwjU!5=v$$sID^_ zF`YGBHKfl}98i9W@6HFw*LY+(r!9vTM;LpYdC>_5J_FUAS5>IQVr;LN8Zbw7hiw#vL5Va)0j5bO5t?3-N4_yAEq-R z4|zh)hz!WhDZcw2``00_VW(?X;HRGXJO{kFjSX-Njja9MBfgcX-z$f zNW`;G&$GiUR^_-_!~q(^zo=M&3LSbHQsPa?E%G&+!nIK?B6l(YvlMMrCQw2`Y%_>z zL7a_?WxA=^)_dQKyuF=o_g;+lI`Du45I(MRZ<~($Z0@~p)`9?+5s8e{VmTCWDwdGI z#(XzB(*V1G36yC@qizLucE44ebU@{nK!S#Z$#8*W zk}}^Wi~s?Yk;+#vb8qzRtDc8+*5%`$&1#hEK*=9hCCxu}l4e0z@UT?j_76jse_Vww z|JX{G9|`=wYodG--|U@SyyHF&FL)v^F>8yES6+j<+8O^iS)i-K3lM$0Ke|9N!P6=A zb&_9**8zl5)rD+>Rblx6<&EZ2@I3#qO%ec=*k5R<^c0Af2+ zkFSTh6usc6q966Qa4=I2C9@LVjyWu8}FO;0}2*_si_Vug`D{x zrJn8DcI-DjZ;~xrdWo%Cw{pApU;JHHyTzxnhPmpu`s&XblMAaC%Mn0FC3=Yj@i_~G zF^5SA*7@!9>N_K;L4lV$yWY2}qd`Skb z4Y#tG(vLq*Df?*h?ygha)MJ0GY4zR`6628Gkc)&*dMldFn(8;Inyzg*6zhVDTT(o$ zKs=S(C}om{kQj*g5E87E)Ic4T3BM+FMr=FYPJ_t2uvXa+KI$Q?Z^3#<&g(V%_gJsC zpoHD4rD~UhR;%rTr7P6 zd!b(3TLfxgeTwhK3%0b1qpo(RuE_{{8f8M@93-TomyBmp)Ibqd>|Zl}8!O zq-_hbb5g>j5zkOz`&BCr#*ZY>;nG}7fC-sVhJu90v1+2lDnl{1o${9qJ0g7dQ7qVJ z)RL@+x7AC0b^Cn^8m3k7Bdc7N6XMW84Yi4GF_lI(AkdtIa9!03ek5p=h7vQvQxPsY z7MVuGa~jj3@bZw00TD9c3qY&@-Qom9jXE0wYcS~;jYi(i-ZINCZ$D1-#Mei`_j<1W zH*3(5nH9Xcy(Fnvo`#!xndCuot?g2OB=F_x=;J-$03(0zJbEzqw620-` zgiG%85ZzF6YjVNVu7kY&2z_PU@oDiZO}sH4!L{^Juz~qie8watW`A#LKo6nH4byhr4Za z<+D9YoYZfJ9q;SqSQ)A&ytaMt^-nZ1pC)Zlfjlo%I1y6h;)v{ z9O)c}R$|AdAAMUHMLbADqIZ$c6CE{{2vviMdHHmO5(b|XuVi;lquJrk-q(9CUp22S zvlAM)qj~^Jr-sqJ%J;WKY*^`~#NG`Jbn-(kofBys>wBNEY^z&!n+?L?io2gxF_6+| z>-XxGeX%q8de_?-?S1p|>*W`CtpasDh8}wu#(b~ky@^io-6@U_dCL0U{6CyJbvhT( zSZG8zR&d6y4O@hDda@kCHxU>EMmYZHtJWL#;mF&4wY#&o*X>5O0{C^){r1-VxQLr* ze2W!lO+;Us`QbFL;wJT(%@QIM9N>eYXoi!g49xw3gEy-IYTN<(fzIY6vCsvM-`e<= zn%qVqzs-vV#FPTKPMLoOli`W1^jSY zu2|Ya#!paP&P~E?um`YlBqU*h%LbW6)(2jQslNB=b>6mqg@(xlPiG^p1~+ro8r>l{6X!b-!nou#)#p)+eH)Jk%0@gPXr9gp?C?A` zx9d-%4gPbFn*4X}Q*(QJJ1~~2Jedsx?hofO3WqwD)ew@3db5-UWEe$5fRO4HY(c(q zzIxdwKt33r$?`C$_p@p9FVv334IcwCZCGFP?QandZm4MTP;CDS?zb)2)2Ifm!5$rv zppQ3k9r~Es4*uNWgz{73;qZ$vnZS>RIZ^Vkua`;*dvm|FaXrt#d`c?kUP-M^Z7`gRK zq(zbUnfH<>u^LdWP)7_CwFL?D2}D%GEbv0gh$lG@g_nOcP#IP+qy5xqqw;EBbga?V zsRFU*M4*FOCiI^h+NjZUcMOuaZS-D{WUy7~uF1JoSF8D;+G&_(EvDATq_0M!_X_dM z3sIY>?pkdRLbPwYc~-Rm!Yq z7IrL#0)-T)nw9);YQSPR6vdI8TxcKRRhOQNBPy=P^cV7`#>=@Fczv7~wc$j;%O39h zYW)pshe{DEAJmKNk%V3(m)RumTN6?9Vm6J2C18HjbHlFW5Sc=OiKt4!7VQv1Nv` zg`SzwJzrzs0q3kTk$wwD=2yfH#^W_Rs)-0^Q>gjY1ld-E?h`}ed|a~-#$`Q2V3TBp z%`#U`Cz1rPZEe9MpupBP+WL{QfZvL(LH?&r*&tf;>}(123Bm}QB=i?yI-~592`cdk zmgCcB4lKdNa`7YpDmCv7WR_WJ8y)oI=p7X`0<==jX}7Q?U)97RSU84FM%?L#JPoq$ z9zHau@Nr0v_$@naV4e)!IfBd~9n96(Z4BY*l=#xvhM44!IF%f_OwfeP@eSok0n>Fi zZK%F=M65sTmcsZgU1e*lKP#5EQ2ViVqAlPRCc^4PLV0~wy&5Pvtgg6DyHMlp zdpnCP*36us52u;k=Q6Q?>v1&ZQeESd+Pv48EzYNPo1}fx-VzsI(X=imPAJ^%Z&XFrX+Z-4&V zvwsfYkH0?u`}2R>AAfuP{Moag-k!d>x;XxsKL7VmERC-9uYW)Li5&mjvytb||NbA9 zp%ik0QzjJ;q*2DnQRJX1pAryu% zqI&K1)K|%*NPy$&l|=3sik4um>u1{*#?jDNv+P#UyE8ua=OjqOrj*mF$nhQV(;8OG zmbd_EVP{jF?n&3AU!vo;WMPk&Ym({R+JMm6H4xoiokKb!+kL^G_Z|aiPu8bbyY|yH zsSDce>47y~K9)?!*Od1^D#v{E6mRgPM}JG@^LO)PESt`Mg;W`vZ2p}f($6NFfBkGX z+5F+zWb-dSn{588fo+q`f0NC>^n7{Q{7I7VhT3@RFjBAt>yNE3S? zmGa8-slEDT3#F4?VWIBZOlCRmPOZ8^Cvw9q7;?xJGRuP=a#i!Ah^N%fy+t{``^ z49Jl4cvVhQC+D|0S&WhwON+$m6 z+Y!Bi{IGpyc?S$~UitX|!%B+`@M7kGCYtu_F4- z#LDjsccO=|jYR6t6?N5G-E9+CbsGhsZ`(#h`VVrTtF2u7L4mgZY|q#15f1pzo<3g< zL9ze1>#(^r#WGD27uq=)Vz^}jlU%W6+g+cL%qG?UpZ@8e|3Bt|CW&%E?$jz$&OAQ} z1`8a8t$noT{~x^^?T*U%|Mzyk-sJy(jOVlE|F1(QF~B%*J`9@k{wsXNvBFpq3<`GB z`zU4h3lz<-6W)w4C_G7N7?1=eV5fI88oV5go*-k@s=G1U!(|YwcwdTnfCLG_zbiLvj=2qEA8_s44lEKnJ3Rpt0^^tosULK#4Ap0P;aS zLK?fimm0ZtUA3a1K%qsZJg~B?x|$CP;3ic^Bh=P%&)Qs~HqZK>UiUvA$G>VRgCnD8RD)ygvrduOVKky-J%+fupu1pT(VoPV) zaJK99aEZ??LzN(@Fnd?v?2Oi&wAqHuV27p4I99 zgA)Ek6TPfRigiUyDv8U|D!xh(*N}n{t8-s(UiZAfNBG`BDK;g zv}%2ygMDu44p3?kxZ{2l-swyIsb#|YkjTDklaME#=RH|rwIAe~SGVZvy6b(eE8N=d zZgs%fT;4X%gFOAu|48G?G8aGdw4eVwJG*=3``_-XomZRl|1q8~<^Gpp*B|NluRXZ) zgV{N)m$nbQFNnh?*SDC zbH631-Q+yzc>}04SEPwO5Dd`U6sy~Yl~1*^eE|A#ubF)5!)ryE$}rZ{xwCm3JpK~F zR5Q}g4YA(=s6H!DIzv_+9E7>}!YO8Hl%HuC^%%4%c^u*|8QrTx z{hToST~N@Q{Lt1!u2A9kE?!=@g^&xI zjdb}>`z$a26?i%6Z@2x==tV{T`(m__|31o7^8XWsy(-*oY~2D&UV#}gFAgP>8Q5DfkWM++%vQDTq*h!gr=B=-~<>_f3c5VV;Vj|+I`c$JN{QnZ*WMQYm7<6 zF>o6j^bj6sy)Z(h%XL4|gX`d(Rm&F*Il;s1*Tc)>gR5inNQ$c5p1RfP4B}s2JP>23!^x|dN|L?`uFE;+)kMg+k zzq0f!6ZxIMdaqZwS3#%s%Fb*kG1bi&y4gp+ZZsN|XPNz<%Q@HS|1;Xz-PtYcf4?5> zZ1(?SJiYe+AxWf8W3y(jpNEs3+x;Ifk%dX~*2((}ni!pdxbe3hwKw=^bi#QkTw^eF z#3M|ZVZbz{HP%PgvgpK;-*s?^6|%ksMA%PEZcS7-J6QkEy%YYNPk;JvqgO7k0q)TM z?!DM8^M9|t-spcH=UHC=`ys=Fht~ji;oL?C{09*Sn1z01EwB@iccTd2Ad+=)T&x?R zGT-Ar3St%9L^l}rh{gsD81~1}=WXl_RztA+S{#%SYh!fq=SHNpQ>u;S!3M!<{CPVx zc~vYbI0OF?u&C^Vy+NV}F<@!Jq>T;B2B+3;#nOOmzgI&R4;>x9JKk8eJSfN2!>*-) zr}}f4wro(R6?M8UfKKksYOTTb!k^FY!*5MQbRs^-hC&V3=r#=`29SOqJmqaN$cG-b?dM%{2!fa= zQtUtZ|EVTh#ty~MzpeLw-puYM;oqPB=|%qoOd`$%S<>#$J{|P`)#yc;{_nil-O&F> zd5Q_%W0Bi=9KoWG$vr~3)ExsXqH9R!=kqA$j4-*6bc0TYzdV%`yq8q9#CWjQL!)>M zfHgnbvwH_KlucF_*MSAWV{M zG9JRo%$b^pJWq|}yZ?B0c7AmH@$BIA_<7-Lc60F}RnCYz3Pq+o@kt?xeg17OWvu2g zA)Y#qzx!tN&C9F+VK?qj^d5VCetCGT#xcG)I6OYez9XH995&&_3a>fJJmb z*v$aOlU+pv3mLbQAI`^DA5SjIjlWKKwC}t`Xi7;KWQL=q_ZM)5)v*ExF%O&uZATeY z*V9!@{DE381?@^-@6O+Re0Tie_}vOH3;FCFxglX4u-?A^{`m6j`09B4@$lXI@zwF= z$D{MpgOjr!{WRO3mq0r!PjuSaJ zh+{+UD?MMNVQ57LZ4Kw;+$KVLLl_a_LZP_3atiU^5LsMIBlDOO9Lo7G#ZNqu`>3!z z5Q5BkI6NXDUW|#)Ss?b&&d4bdlZ5gh`<7SMOXt#^T(VFIid8e;tfWI=c1G^B1@Y5_ z%EcjPlHAG87BfmTE>>*p;D(23L{1^VmrEle^+s=oVUn`poy3!nh(XBxYX>ZP_B7UC z3m=PZ5a|yMu2ia<_nulc=VL-}aL&Sold-(D-J#k8A*r@+-W$`-t{ws=ESj3F^qM9@ z{z&Eg2QK7U*1=r=y5-4rp@9sG$2t#20o}_Voh=knA>kVJzlFPf6d4*@ZlHDjoq}~I z7D91CIUq%dh0x~mVj(1n;B4~zgi7k;@QKB}a&){k$JkSkq6R zz^y$asCGwgt?g^|kgfKvn~*r9J}z=JwSC!=bu#TbVMdQN`HX@Io8imEc;80~(QLfx zJn*|I9LFVo!qJRo9*O$8&y$vFH<{jKckp5`a>N~dfVF0EM~x#C@KNc6_%bYw+%gu~ zZDb$0Lt9>S5)qkDUwAkOlJEAv8GSP<3P0eUmw(+Ud?ieAROPg%g(5fK?G}FfNuanQ zNfP#5Ovl2A!9U(#9)CQ1cXE7o_3@-4W~quNv@`2lvZxVJ0NdK!V$N%= zg?hSpT>g4swp|t{8#}r$ee&|{1rx)5*$NBN%U_Acu{BrG7 zsiTiC2q*{duYNecJh}R>k3XD`*GI(~oBe{OetA4Te}8#+{PFbQ?BLDu<;UZ*ql@#C zv-LrtPY+)*Kn~s?ogAMXu8&mo>ER0k$koB+o8zmGnUZL{z5}nNT=NHG92Uq8p zA5YJZ)`ta6t$slhAOF|c;m3>P%aijpvI4bjei4&?KR*8W`{?TMqPfx1 z$aSMeQlJL3Qj4QXi&iwztI34mfG)i{s@7r+i_@-{Zbi8DXsTPgco5a~4NgEEr-`%} zN`6h4s4SwE%{k#Y+y(2@LCYu}UVkIJBE}Bgpgq+tO(>t%j_O2V0B7QbR7k==^}L(!9D9gb zN!OP_$W=?16YO6k{BE%lIj?JB38J1WJH2FreRXc%Eqar}Z|X>)T03!{ZCsqv18(MG zM@w$$$2Od(ok6!1#XamIu;52}&|PK`B#9^kY5SW5`{bf%ew1y+idjMpanZETJy{Ik zPI*A~(cZ3msJWpOi}cKM8ui-gW}NWDveiX5<&nNYT<;G147;^kbT`TZzy5g*|^#;Zi*n?B#p>X!C?Mz z{2Y2-=zq8V5bG2?H0E$<6+e{F{|_mI&~yCUM%_z1z3l((sW3};8hd^ctTX@5tDUb$ z<^2CIM!Tbp{r_V;aLJwKhd~mk{}C(+@_zfRBu}H{P7(&eohoS|4pSj{WUpmMWC|=y zZ9<3wI*CDz0q-h#9U22|t(e#W3tq_Uu;mKZLXvnh!hjG@QW^#(V^U@kJ{s(3oA8=Q z2kOFKmSF6or%%@zpTOtL4o1riWP&A`E%uR#4g+ru4bP=h<$!6Z8Z-^%fzx0t=Cd`J zZwiTqmJExQQ`n)NOF?@JY;%4s$Y)y(42Mt_91ajJ$G;-NF`S*38l$U5wu5JDoIL{zHv`&UYYR4Xt*hrkt}2|;Nb zD8wJ26NV0PM8ZRLkUTVy6*PsXfY%SqWu=K*Si{M^;5cIawta%EvIH(;r4N`Nf;Cossh$~tf}(b>^6!fsYFzwfD^&Cwj`S48>05k zgbcPSBaQIgJHlp)5`SC1Tp<)uX20%KJ~qHxJt6lsf$V_HJ6jF_V{29B2lQ-!P9*X( z9YFmk6;PYA42mL+6)Qsmy#U!LL=CiBrfh-{eZT0M z^J!KPCVg^LnXa5;Y1$K(fEFOJ)W9U3RZtfd_?adI?`XI@u`AUP%t>{Lu$0)JlfaVg zo^z;dNd)AFCZt3xy=&#L)`a;=*H z!5IUbXs=lsu2rAx^EAQ?WYCHWwCy0u0_sD~MHCQ;X($k$@Khhp`J~NZ0qQ`LM1_Z9SlDAkOK_r@BK?0Pb4ke?A$WJF=A#5DN4e*i{9c zR_n5!3DS>ObK=$(D@baJp9=D*;wLq-M%J)~U&}w@B*BZ)H(E1=B71ZaG_uAk@V}e8 zNb{T@`!2$I+?G2o$}9BR#;z9ocJ4wjg3>bP4b=>wohgR%Q1RWA%@nO_ARd+Blq$if z+_p3YuNh7UOj@_^@Bhl!M4(IELv`rhQ0e=jTJ3NuFEs<|SY-&w6R?q+s^dw&N++e{ zE7@s?e*JBuk@&-CB+S~cu9z6>2CVR1A#tIDK|xK1HhPSW9%G}&_!H_eO1GtDh{nfp zO#Gfg(El)>7T@F9W3Uhxd3S(g45f@G0ZG(;BOt*M5{o%pR5OC7+1gYnYR402Iv|}0 zASQ6QaM!=IuduxWiKwZw#+Ls4YoaApddXqn}-ef`~zPBsK5s4GxgQmlwt_6BJ zK<@=KopdpE+~jj(qk?A-`^m*{dM>|LVLmnQ7(!JAejyq#QXRVG}=uXc@d zBc5z*X=B&Dkx#bBC+}<6U8@0dJ19vcH)73=SaT!R{9=u(n|JQUx_V<>{bv<7|EaC3 z+em`u*gw0_dP8qE*4Z0@ed{bY0{e}?ej~8o2<$fk`;EYUi7qz+`z0!UX#)Et+4-s{ z{)?9QZ_K?n=H7o0eM)}fVBaUPB*9rZ!@yIW(bA?3fS=A~4gK`<6WucjvWy1mrA=At z{r1~^^MADDe;Le47||Ky3AtY%?fG9uqn9sU7W2RCyn40sa+Ck%F`lo`1(uQ|3@*8P zwKeMnX-yPGim`uHq)p0Xk>l0+_5=4+*JzLr57JJQ*B~KdO_DJoyS8@+jgAeK;H| z@+zJTW>gO0|9bdO29sZsA^hLIn9qjlfA*)iVZ*$k3HGnk7)@zN#FM`c#BKcKuY(D` ze)89WjMU#ep|dA{{lA`kg+Abf@>HOcqhs-8U@}-e8PI^>p)Q{A|9&#K5k3#d@X6<1 z+#XNM{`ZqWWQlc`&-#=<9sB>~&a0hL{-@E`qutH^e~f3%37)E1oBHQV+J$^cTAyvv zP7GRdCS}QvOkSV1qJ{iEiu;}MBx6K8cPuY@!rC`gU?Nl@k!9p}@q^@SNA*B~L2f7#-yDIswb7pxBsN|px!mZWOk;9To; zwX6I^yIq6@jg$S@q$4hlyuB3z!9oKc3hx^2CU6+fvCbp4im8MhW)`AJ z5d|eNPaH|r=QD9A>%!Jy@KC;-Z_FQ>%pc0oUyCtBsnI{5X@pBkTGs8tDQ2}Jq^cvg ztquB&vw8=u3hs(sNhj!Q))g8Pl8x`GDk_`)f66aXNQ7MUo1ca>qyWi2#5lB!V8H?_ zR8XCpoS$2epO>0f0yBZAU?~SR{-OO|@U?%qtyKy~Q;Q{PAmZg2sYR(M;f6Wg32kzK za%VZT1EQzknFg6DKrNQBtHu)Wkn~mz8>EIis8~-SCJ$*;4XGIb4z`?1P(c9d Date: Wed, 27 Sep 2023 17:42:56 +0200 Subject: [PATCH 09/19] update CAPZ service account name add ASO identity to service account --- bootstrap/terraform/azure-bootstrap/main.tf | 29 ++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/bootstrap/terraform/azure-bootstrap/main.tf b/bootstrap/terraform/azure-bootstrap/main.tf index e7f63460d..43e5cb2eb 100644 --- a/bootstrap/terraform/azure-bootstrap/main.tf +++ b/bootstrap/terraform/azure-bootstrap/main.tf @@ -195,7 +195,34 @@ resource "azurerm_federated_identity_credential" "capz" { audience = ["api://AzureADTokenExchange"] issuer = var.cluster_api ? one(data.azurerm_kubernetes_cluster.cluster[*].oidc_issuer_url) : one(module.aks[*].oidc_issuer_url) parent_id = azurerm_user_assigned_identity.capz.id - subject = "system:serviceaccount:${var.namespace}:bootstrap-cluster-api-provider-azure" + subject = "system:serviceaccount:${var.namespace}:bootstrap-capz-capz-manager" +} + +resource "azurerm_user_assigned_identity" "aso" { + location = data.azurerm_resource_group.group.location + name = "${var.name}-capz-aso" + resource_group_name = data.azurerm_resource_group.group.name +} + +resource "azurerm_role_assignment" "rg-contributor" { + scope = data.azurerm_resource_group.group.id + role_definition_name = "Contributor" + principal_id = azurerm_user_assigned_identity.aso.principal_id +} + +resource "azurerm_role_assignment" "node-rg-contributor" { + scope = data.azurerm_resource_group.node_group.id + role_definition_name = "Contributor" + principal_id = azurerm_user_assigned_identity.aso.principal_id +} + +resource "azurerm_federated_identity_credential" "aso" { + name = "${var.name}-aso-federated-identity" + resource_group_name = data.azurerm_resource_group.group.name + audience = ["api://AzureADTokenExchange"] + issuer = var.cluster_api ? one(data.azurerm_kubernetes_cluster.cluster[*].oidc_issuer_url) : one(module.aks[*].oidc_issuer_url) + parent_id = azurerm_user_assigned_identity.aso.id + subject = "system:serviceaccount:${var.namespace}:bootstrap-capz-aso-default" } resource "kubernetes_namespace" "bootstrap" { From 895d5ec831d7bd6a569ccfc25715789610c9a05c Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 27 Sep 2023 17:44:55 +0200 Subject: [PATCH 10/19] fix duplicated name --- bootstrap/terraform/azure-bootstrap/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bootstrap/terraform/azure-bootstrap/main.tf b/bootstrap/terraform/azure-bootstrap/main.tf index 43e5cb2eb..54eae3833 100644 --- a/bootstrap/terraform/azure-bootstrap/main.tf +++ b/bootstrap/terraform/azure-bootstrap/main.tf @@ -204,13 +204,13 @@ resource "azurerm_user_assigned_identity" "aso" { resource_group_name = data.azurerm_resource_group.group.name } -resource "azurerm_role_assignment" "rg-contributor" { +resource "azurerm_role_assignment" "aso-rg-contributor" { scope = data.azurerm_resource_group.group.id role_definition_name = "Contributor" principal_id = azurerm_user_assigned_identity.aso.principal_id } -resource "azurerm_role_assignment" "node-rg-contributor" { +resource "azurerm_role_assignment" "aso-node-rg-contributor" { scope = data.azurerm_resource_group.node_group.id role_definition_name = "Contributor" principal_id = azurerm_user_assigned_identity.aso.principal_id From c16182fca31cec510f74279e3535d01a05862831 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 4 Oct 2023 10:56:20 +0200 Subject: [PATCH 11/19] bump cluster-api-provider-azure --- .../helm/cluster-api-provider-azure/Chart.lock | 6 +++--- .../helm/cluster-api-provider-azure/Chart.yaml | 2 +- .../cluster-api-provider-azure-0.1.12.tgz | Bin 78783 -> 0 bytes .../cluster-api-provider-azure-0.1.14.tgz | Bin 0 -> 78882 bytes 4 files changed, 4 insertions(+), 4 deletions(-) delete mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.12.tgz create mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.14.tgz diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.lock b/bootstrap/helm/cluster-api-provider-azure/Chart.lock index d4cf36d0b..d6dce37f3 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.lock +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: cluster-api-provider-azure repository: https://pluralsh.github.io/capi-helm-charts - version: 0.1.12 -digest: sha256:1a90cfeb6a4a70849663f14939ed7df9509bbfca6bedf19ca06b7ca84afd8cce -generated: "2023-09-27T16:43:32.485776+02:00" + version: 0.1.14 +digest: sha256:9c1de7994f14b1d263b1c967ddb2ada476065c964dd953521cb5b2a8b92091f7 +generated: "2023-10-04T10:55:48.444139+02:00" diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml index 8802c46d7..c6513869b 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml @@ -6,5 +6,5 @@ version: 0.1.12 appVersion: v1.11.1 dependencies: - name: cluster-api-provider-azure - version: 0.1.12 + version: 0.1.14 repository: https://pluralsh.github.io/capi-helm-charts diff --git a/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.12.tgz b/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.12.tgz deleted file mode 100644 index ceeea1e50ac9b04fccae4e2e9d0aead5b95bcd82..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 78783 zcmY(qbxa)J8@IiWU!N~8XR!7N(rYF)M{Jq$F2Cb$2mmn=cHw%4S0sA(=5t#czc%`hxm4$8 zy}|$?s9Xrh1%)tUV*`VOC)mV71q|m3F1DQ^LjxZ%@f8uQEAHdF&j&E;wa_v9HJL6l zNpT>Y)tBJ5!*m=VEy)Xo%L?KS>rC-?JlUPC)A!tr>vmlcwf=BmbHlZV$D+6bq1l27G z7Fgai{{>=}h{ynkOI^DMRoU6eY;Gw~p;NxF84XtQn+Tq!JcyOfHl|@I= z+-rExl^|s!Xhfv!++Fp33|9R0#$Jb->2Py{P_E5MRzG!;? zeC&_n$6@ONaJ@4J+{`$fTy^?Zp4t(I`M~ePW?$r~LiA*(I6XZy=%@AuzrmLM1=h`C6&zY9T>{!8-ne^$vkv&Fgs0z}VR6unX1;TnMZ^`9;W% zw{tVn0aO0_nL2s_U~q5ox0Gh=W^Y-I^>qCF-8mWzXb-o)n%Su+qbUM?Q7XTBA^WLH zrCpjuq*IH(_4GNe-TU^DntHR-=Q^S7*AL;&*QxQwe@-GVI}6$Q8yy_akCzL^t9GAl zG%^8E)X5DP;zCT1#2CRSQoKZ-kAiqipI=d_Ae4UQ-~wgLKOk$)rhh>SP+q8`idin28@%+ zv~`eJ^s%1;u@c>RN_ep0Q3Vyga~2EvCjEjpr0{i>%!@T_8$~>1*DB#LxkU!F1*RI( zpk!v9bjU?jZ%b&EBRAXQ~P1ggUqObGy&pYHkIq8 z^0V#}`aDPg*eln80BMHKkU!=~p}6Y%S9K1$%c-zdZL8mPPI6f$-7? zsJgV{IxI4W^-k6fcl}}H;Uhep9`NuJ5Ys|qt+7j7N;!Iq=1zw9SZyM8XYT$!>J z|GRu5jDWjlMuTG0s8pC2FRj(YpbAAuwMli*qEFu^r z$c87y2XU@xGLzbWk%;zlK}a&#;nLFx9J=nBJg=~wgx#+3!(>idbT>pBj0h;KPz5+^ zjMNN%KUH$~MO;X5*{elv)#dpy3w61~3@gl@Fe`1G zHSSDpziPX-lk^H;<4{+Nj}plgVHTI;jS?zX|IE1Z)1f5S>AobD_1lUK^VsrF7ANZ7 zScH=v`{NDb^_<4M4vpqG1--p+&pQFu;qxQG#iy_JiX!4vYHWK<{BB0;FDG?gv!jg7ITsnyf$mTX~ zQpVPG7rN0umYX)c&+G-1%(da(%=d3kf$ne18B3a>FgY4NBQSULOM<-q^fb(B?kjQY ze;>`K8W{Pm#tf`f{D})dbU(6;@KZJ{8G?@t=+pmx--%Y$BYwDEHilSf5I(DAUh5?@ z?M#vO`41%d(o`|aPV_g=-$3X}?z^?IB}odESB&b=*xPK9EPVlgY}nk!t45$W2sZ&r z;boW>&btE3USSh~@piQHufRaUzhBaQknoK0Vggc*1CoD6Lx*uW)E;Hw`-(#&*u_@M z?PO_NXYKw5;f`2jCs#kCi?~He9e-Y%Z(I{-joy)pP4T!YR&)fmG8~P&Pyus?2GSD8 zUT{2u)bKlDkT!<{`mErI4*mr4u>h6D35^>9+`JEgg%)K~k zWyO{SBk(aW1?@olD;g)iEpj;F#R`7484WLrac0Z`fyu;pQQrmneES7! zTp1X7#ku4MKIIqK<=h!hpbv`_PZI}Hl|h$E{C3NX?Vuw!I{tdAF!KivgxoJ-Jhia4 z(N);jm0M=mr(vt?yhp7J#Cdxm{MIDZM_7{=o2KM!9cJK4l&A`b#Eb`vnT{ZSo0Fo}&{>zAv zinp=K8Mc0CouRYw*}oAXTc{f~vMOKbdS&1w-bzxz8=0+It8*C>R^nBTFGVt&jFMDQn_sJr$L8)u`VT~}M3{dgE53%=w#1d&+O|7pR96k|wE%a*?!YIc`{xhvCb$Kg zK#OluM}D#JRZ_^@q7~c9hlJpWG%rJFFv+*IwAekVw7~Z4mi;10O5O(1_Kem*kcSx~ zN7hN-I^qtT6O!EmqW^rC=%0GE?x<%MR5;Ob5Eiqk>hhX5N9`}pN%;XyZAaY^%Dnz8 zx{tA8@1lBTa1mXr1#w9&yjZ@eH}~VZqT_Z(b_(e4tL~<5S7<7);7bh4&6;eWKcXO( zvuTtjj}on@X$I6>B6Bwih4;b08!-EVrq?8Xh3A(k~~N*_3j^| z)+J767+cT7dq5>kSUTQn-%?2=wNYsE)T1$hh~AUSVzOc`$;1-RcIU1Tk}!KI?BcGH z@!isT@98#CD%?Fh)W6q9*y3#bX;-}?B2;>kRJhHrU|h`}z0l!V)3z9P;YRM2j`hSu z_3-rMUO?|^UTd=A=lyz6ed$og;$uYvCRvG<`U_tfo z>$G&8*UODC8cK8Aa(di3pF7;bp%#nH zS``rC3zWm+C0@!b7C#%AF45PQj>uww4y%BkOwElXIWPMIuxumK00Gk10BqK*cmtw{ zj

jRP=khFsU3gK7P%53vYW|)7lFv$=}2TT?7eOG^ah!U(CN8)sawTt?I?n7}A-V%y>*Ax$9(&uJF}G$Z(}(NsQIKq9o3=tFgdmjsr`=(&z}W*un<( z1J~VVgN}mO{Lc0RP%7z!^#=+cRGXp8pdDG12p>|#ErcszmEnNsJxdl2Fn+O`P+PNK zGK0i^IM6pBu!?`NGh+>Y*CpETbvKk&Xpq;EV zdZv&^GpWAx`~E8`bt=MY+B%ObyT218le)m**qpb;ZxAB;X=UmqbE1%U-)T%Y`eOWS zB3f za(Q`7;13CLb^fq%6Dy*HtnM4k>frvFtlW0VCPoQ)dbi#&aEeeHm+t%43%ae zRjKZ!LFhO<_HKQj3vigXvU~p+)*%efqvnTun0Z*Bq}cZZwW3>_o^e+%JooGDEk4Ut ztnWsFh`WDm(ho}->n4HxlH;EV|1sN6`J~4ttb|OnDv!L)A6+N1#u@nON{6vkd_|02jwWEa zhz+dEIA*#H3VR?Y{d>`f-JTjH`y!n20RRXRPf&#wAQsna(bIMeJO34s{QMEk)|uHG zC7SsMp8Ceyq+?PS5y|vE?uWcL)B-tW`SBVqhSj1{UOO8;6iq(%7Ybu}Y6Xj!13D%{ zdEy*G>U=~Mi<%8Ratcu~4hmBhmX21#tUM+I>+9PKRLx_cH6qVC(^d@+|ICjHxWlGP zoCK$)tKMzb^+xZgVBYtXI33+r5gB&cpC|VRall0;Y(asD-|ICDxa+*i3b-V4ipfp_2(n&r8c}bBZ40z`jar7?1W<0pVewlKY2plF~(DJ24(_wXEgeZLQx}?o_1M8%1=~? zoUq_2z{IIl4|QCW-^M=zpRz~#^gHS-^c;aql{Evrd zV@zDCtqpEk1D>d+lej{2U)7W&?>v@Wo~?QB&cW(^Y{qwveO4(S6gElad+~2C^;Qw^ z%O|zNpSh$SiFH2UBu0vFJrOp5uvL~LDniQ9k&p>AWw+t|h1vM&1+}7?{WscDnWFi2 zApt-%=D6J64!b|apaB|~;D>FdGFwSP;zL8#&r5rW`=q1%RW1Bn#_j=#1!gGF`e&p^i+{4d+u|zK zNYmh-B-U2})%GSNl>vPtZj~=7c%eZ)ReuNy%%gk$zO8XYPKl#}>skWI8%Fx4bPKCA^mw_er}&17t_+Lv?4N(? zXQpoRPLHVWvql{D{+;;AD+Yyv%N3oL%hiO|eRiQyd{;@;r`?iS zW>xZG52m3}im3qMo}Luv7SR4M`QhI-L(*z|vs(-aRCl-bDTq$P+sqaYP(a59wQNs@ zo)4>pXDCvlZYE_XVbaz-I3%BmVX~1sV!MS^?EX;u{Y2t6`{$s$EulAPi$2m_2}C^j zxP@t@@0o4Be)C8rIi($Tg*VcfwdvXW!#hwF%BXKC3Sbt|OiJfkp*y%rMbL!)+;#fuenESBHZtMn)r3pV0TvLK7D%UAs@sa$BGdW4es&`_@ndY~(EXm9$3N z&ld8h48LS_eWj{Kz1RST|2WF;s#6av=8FRcf+LojHzT6|(%hcuUo)m~;}&&^j^g(G z!p=pQnm9>tJ?}DOrX!4I169}31&wpkg_4jyedeW@g;g389 z1B$-Lugg$4hoz^;@EPN|id>=^66CupUdsS&ENgM`;V+v0$~7}LAV#&-)@EvgK@jXt7=<6@CX9cTQsx9Mirqd zoVc%*&KG)-!JmuuzVex%aWWXxSP;9kBAJ(`u9(Hp0&fgw+3b{RKsC}^wn)-}XpH-+Vfs({?U%x_c-P5!xP)Gauegc@H zn4U%9cZJpkU~sB$;k4a0GF?~43ugNSV5ds0Z(`c>Yg1;n729#Gq!<}8G(PUJa9@g_ z=~!OPb|xdKtMovt#KI`h@9Ai6^?rrQ@)xZ^t->1Cau!grfb$XLnS6=t+5}5DZ3YYOixw0qAxNiwdOim{~CDlDV zDi!_h;=)X!dTt=rHLYvXfCTMxmvqh=uiO)G){>oIMQ6DWju)%$zQj0tStDAwu&J~k zve@LeU4zdSc1pwwOKpfnMY%P;YxW9+)jzCws!zt%q4n0nUCQhDB#5Y+62=pQBoV>N zJ|DotUoY_295gfO-xnfS1k8!j>Ueu~*d8swCY1k1J8F+}VEbf3Yn z>Qz(*dEH-lBpq<3VWNDV00ZS8iV=v(Yq+4`>O(?&clA1GqNv7Q5Ga^`VwDiz8Vsg< z8%V%(U=)OGad<4`K?!&)6p0AL{UC^ztTVs=jFT*oby-6ecq|m9tmL*gq@3t#w2mNn-Bja3M)nyOhQ3e z2v&55P++8mp+Nt}Y?NW%kRjvX-i)f?g^1bTL`HL(Zd-%5(%(zxDLIuj%E^wvXO2+H zg*YlEw&raH>{)l(_YuxaoK-3>H^~fOnu^d3&*Q5ZE}`w!GYReell__hN778l;QO*2 z@e-@R?d7B%&-{qO!nz&Dxx~55(!_{BtQVA}9y&G#?Uy;(7#A)|PuI{%{tQrw}FVW$xP8&ppfsK!}n*Zu0abPMqwi_tahSaWSsy@D0ZPg zfp-qYlD27(w`i=BrM)QWJJUzn0mP-)L#x{Nzc$-m24&;|(V2Eo!$3U+$Z2)yfon?PlMrVf6 zu&i;L^duphks`+$JX8$#($vR<1|`wrIjScyFUN%8yg21p!v*Dd3mhi0Ov}dRj5^26Ex`}W-2k-0 zb^O+FEy%5nD-Cw{>4QF|q8?QrQ%S>mG{hKwI;|gW8grFnVJ@aj)zq#5Vy zHiBwS+gB=swCVTW?@8~6AsX^3q_-l)3jj*aCLYmfdq!(zM}GFBhtbuhxkMd?{fooP zO(&4G6~o^wxX=_RepYwHP(>P7Wa&y>g`<-~{AfV;(|t$^nvIn*!J%}5BTHt2L^F#z zK|$x9?AsqUIfzE6RS?CTrWbt-W$PU4PxyhuX~tUnotsxd2SH|B^^1LK$1;Q+)4)B^ zE^_?>0%1OfXApA|m9yg`8@AUo$MItSPTaBlPVOJB{a5o{bA8O-zG??%q|pEe1?t55 zg=Pb~^vWAEQ~aw)QyX?n!)nu?Jr&)t-fbG;c`w=ddCuk?M1M6=d;e?N$2O+z-l=I3 z#Zjq!!)k<6vtj6S7p*1OIM*$6b0r&4r0Ji(*NXh+A7>y`w0}6rM(tb&pklPpfNwnC zg+sV>L+DGUIb?YwZ#q?-AL%MLD#$%F2iihFdrwiR)at#3Ixcol3%{kDFVx{U;z^bU z1Riq+@|r!6K3PUO&GyBu5Rz7J$2oxAW%vAMp{Ae6*0ilG+h9gvvcqIOz^W7Ij>QE3 z+U`m+vYG5;4IbHGK0T^#l95?Zcu8RXeCN;`+B0`##$>OYPeG0ze|j>a4S!HJ~CdK0-0dvxs z?DS3F+bddekC|wYO~&K%$WSc5gQR4B;e{?)TCSpeu~(X`(%)NI-0DfR(?^Mg^IxUH zGmUoBMmTs#*(lF(It2)dH&A);^Kbw^v~VhQ5ieIrTZq? z{zuqU=XyR>k9h^LCd&JiNma_qyF-FoRHi3`Vga_yyTqf5CM%f=8O4=-4hwd-GmB>D zsTE)fvEb?fxvBpZ%5JQQ}-*$qlG9+($C8 zG(g!Yx)A>nW$QLaUE;;G42Aj-oFehEGoqbP4!cpsfSk^W2+&7GgrvAQL4g{QFMXpt znuXfP7*?QU8up+SLgsDUT4g{W!ZwUB8P!gLaR&1>4JfJr^(=2H_`^@ zuc0El|0OUhGmONI(AyIMp<{p-RdijF*#eyjuS`ZOx#b_Tg6D5#FVT(1h9-$t8&rbT zXh!&fd8pmAVg<@9+>x=PEQ8@mN0vF$ArCRh)~)EYlfZ+B_+-Z*mBLBd9*ug#Mfhr7 z!ZFU6!xR#2^cJ;@9W5^VhPY+67g{!@jmjQ|13X2 z?M|^vT-QBv8Mf70zrS=RYj?dWux>r^#r(?34}a5-RZq^17drnRM(c{I+eTCwLmx^g zZIJ#PU1e0qt>?EK9c)68y>n^B_Qi||?}kLrRBe$-yP-q|C6VH3C@yBALZOV2)??H+ zBW}KGlZen$NyZX5Gv{ZHO!1VH_yLVT-->P(Zm=$J7F+DeSqC{d)nP+{a_|vhwq?eY zlMeX=T$3)}r$AH`NszY7o5N@NzD zkgI=Jt4@#`wPeELQCRsDRGm>~9~O7%Jt~cQYE{(W#J9q$@foQmV2j%*N*6seI46hp z%EA7NjiR#d{x;WrY^g~s#X%~)Ur+`I^OeGW{r96X>jvcE;n9kU-wb-QW{!GpcDLzW zYM+dSKDvHt`n${($E_^BOS;rnA|QUs+F8>R#MV>9f6auh^gdTplqr#lfGlQQ9|5iJ z4&ols4Ud7_rnrwBkh`Ty+hufMbGRuFWf*+rTELk*@C5`p_-|fZ~zVA>h1%~ zRZae|#7ex>cOT9U+^#T0asg%O zzMtNEYOUI=e2BgmWH2@rvAd85HA5a?Md`cN<6E$9h{Csdn znT0e?Y|RkNLEJ;p4&}d-S=pF5zJ{V z-A-KBUy^|HL9S1E3q+FL&hkDXKkSiHoXH_uib;ORClukE^0lZmOK$0$ss$#a;rvcQ0JEUb%;#iGX^3?h!c-Fn9m$2Cbb%27{ zEU)+=7EV>Y2@khce1aH(W(TCdOi+to8MCZvRE*1Dv647UH>I5=GIC^GieDI65pn~M z>w87Ahsv2b$s{uz^f}H5*Hp!|m;%J$MzM!V3SOAO5I-65N~PU}Q=%)@p|NWqLDOw zi^V5zWzdEHcF*5SF&kdE10oc@N*#iaf#3851&eVMMTwAp;u8vuz`RWY(TueXltV^% z8xiEqw2B86%0OvBjIsN0SE{If`Qn4)V)QazABLGO9MEw87uz|`8rWOMOFfYdEkbig zM0{sDpWVVpRQ>cr!t7Zr(fIrj8738?wpHZ=*fN-`Hsm2U;ZZK)J<6EicN3f+++4j$ z2?-yPXlN`qlp*F_5xDAM=^fi8P0dNYW$o`}5{fXq=a(qJpnf7wS5O4ak*y?3cYk=a zS(|&>d$o@LFH}~iwM2dw9?W%Q1}DLM{;rtjpTZPyK6T&>(eyy6)u zQc?FwhaQRc4Z0HNU}5rp@rX08phUB$D7D0m0^7$6%-oB_?^cJmWL&84DDsmGN^HF} zqLe*b3_(6MZQ|W&4j@uMhT+Lu$yZSIq6FVlw)biQ0k>>)VdD0^zdwf~T&%u#LX7C4 zhfOe%+D`%3S^a~(DWrfk*OtOp`vl)Zbkf`F$-15*HXX3)U!Bc zAMm2EuQ1<`o|zx7Q$dB1doWT-%&yl>I=1RnfNE&mhA5}{2VHao+HAnlG`O2Rh)T@m zc@=O}H`6B^Bv6jog;yZ6OL40lq^SrL%_!W9X-sad&lEI1=4|c%)8CXqS7G>gn&v!9 z#-wz+^LI8mrv{l7Hm|yt4)kS*#hj{{TIfd;}eM%mrIMN zOw1c~d4t^oF>GTp#r|^ERNva-8*O|7ee@zpaa<)pf z8%DBV+)JXuLtbVHjZf&TqUz;#yLHUXL#DtNvYv943)x3nlvvx)0pK>Bq)`Ge=|%<{ ze*t+_tXKDg6_r#WuGM+e4C^QKdvh}P-emT;yxg1^vIHEhJ3c|%*1{Pk`5G1qVLz^h zu<6f^s*fzp5 z4P`V)AV8>f7E+G53ilm|#+r1-$RW9jSPim-eDMMxe%{6T5}pDV*}`3hd=(Xmyr|aN zZyhZrYUWeQtu+T_W45#uwiU>2mFsX!3%*0G2&gf+v$2H`s~bFAngOAD`=SLJYY6B! zM=Idq-mRqq*D^g#)BO$RkCZisoarxQO*)>n_OQlr&h*8@^k@c?{+8YDmS*mGnW87Q zDIU-^90cdlPYSdJqNngtPfT=^(AnCrQ`6tHo>t#P|9V02Aj{Lr(QXb+K%(Zaecv1E zh3OX(%J}vs^iz0upIi->WetWT$-kb8eU$-gr*WqOz}U$KNT~6M6jGh1aN#(783>ln zYWDFLvf#u9yZj@RFAA&Lf;@*g6bm#>K6koREM%1K)wd=Zc;mruO(a~80yZ>DoIR&$ z!|$8+Li}K;%_^Cl$-rBLF0@ryv{4UV^_%}44QneADq`YQ=eB0Gy&nmSLuh#SHX-C4 zJUSlq~fk;h{T1AlD9;RN~_#$NxxUIhbGNE`y&pt&}mj_=R4a3mQD7mH%1<(N(h7j<+4tN1KsuI&zD+=|IxfcLsd zdo>8jD|CvK5fKx;H&N78vtW;9&h*HNz6nTl1{KImfuZcZUaS$U35Eog03Ea>bN=}T z{Pxc>2moh!wumXG3=ykp69QHm9l?5IGtSMH{PvqM5h|zFzHyeHDH)}>n2!eb0?qfT z7~Yb=|7ucX_V{_(-^_CRgFk;Q`N};+XeIKt+4=R=ImlbNHQm6W3@TTRz=_g|2!jvD zsnNhx+wC6)0y58lhJfEZDGFVRU%sMejr)gPFIG;aJIJOPXZ;~%;r}VN6h)rJnWQI8 zLDe3Blps^Nvi!uk8s|~u|Ie(WRzv2j>@3&UReQ$Y!=jj__Grxb^kD}HZzoY%G>QR4 zk26ec9Oj(o)`E@D4f4e%!NU;|Q97jX`cDNnJj(e0nc!{SF4qeuM?OA69eyqke~+r5 z;rD)ficfZT`vjcWhdOh)$D_QCbop3UPLve}|934wbN~1HX`klm*~HT`p)T;aUEBFV z7T&8lf&$g)n&-68xRVdnS8P|}pq)(jj0PS4vbS|dAn=)UW?E{uG72zm0&JU1=Sa~e zTp$nGILDS=j?DO^Gf5qoGhhj{LS#_B+sJRpv}%q2LaHeP_64=bHwR7 z-cPWrV{YMZdyKfzNc58Rsgfm3~L|G1uh7h#vaP=|By~t9%0&T2U{4o0H zUZb4s?<*1_o_Uc-0Pgreji(gcWr%Yj!l8@!gj=TSYkiFV5E>eh^g$q6vR3sd*W@`i zBMfOVSbC>7^Z8PS{N>jf3=($GhuaJ6>e15YKM(ch^;~R} zfX&Jv=8O8a^n@6kvgLYIN#j@BGxLvc2D~<9Z-YwYs|q!)kusvJfOL@3<>pNpF3iw4 zZxALXT=NLCljYZof{awF6qr@!zn+^hP+Agc{u~Wx)!JwtqiVN`IBdy+xlm7l1`;LS z$#6OilL0A);6?=oL2CGC?Fx!z!Mfie(fM+1P&FpnWPKSY;u7`GPtvDQv!l5`uOdN! zhoG-#S%BV@m3`SgNxQ)?y{AAAH#cv$q(&I;5-%^~lSseJFBp^!AzY!K@BI|V3q4Y= zF%h=WF&Hc${K4dG+yyWgb}aYs42-xCDI8+_A0(>k{xQxXBGPZd=J<0I5^sUcv`Cf{ z1RgK1a(DdaBQVDD&81--5ASWwjA+rPn_LsLs`(yoYiyr^-?`yWR#EcaET7XpGR>X6 zmbm3`{$B!dZZ-kL7Er8$n!20@y=jB8X*RNQrQ>8=xcw3`=!6)#KRTufk4vcEt-KT_aJVy5x`bydNdkKnN?AI}vayQm=4(FuRjO#DZmNCgd_-I|F#3%(5 zn|7lY(pg;5TN#+WJqs?kw&JG#wMs^L?lWeX+u4}D8YlT6<56QsO!q%1Q`)6OEB0N8 zjLtlx84ayamFo@4ocA!9M+yOUOuB(R6!<6T_#fypaPU7cVUp5i^o3Z6_3qtBO^Jn6o2a}EPlR+C|L@wQ2qVu` z^%aP@kS>!Dqd8{f!%EB0U~#p*P)YQ`TPKBbRm9L9-9pp|u@IykNFBW%Q%H|_i>hQF z_%g(WPnQ5(GRFCstvy{uB4|F%Dl&j6y*)$AHi#NY8xm~nvsN#N!d+q>j9L0^ekPq$ zYTqZ|Dg66G!wa=*W}Qt+8fkxkY+^l8+3(*3vt~2Cqvtd5z@KsZkFClLOYyZj?nh94 zraziG91C7Q{5xKtMF;=2q>%rp30ca3iWwXKTIx*Vcyo^M?p@p~@f`6SMkZX)ahBYNGNFSWcqRDl_xE+)_k?IH^BQ@;j~y zw@+8%nM9(}hJE8l`EdRcDOG{?uGn^okl|0&68*SmCJDoJy&{SSi;AU@?jZ=fm^Vkt za-q#fJn5iOgH+y(-zxk?@8{Pe8Nps@!*l?)8$_RRf(4MNsLEC6I9HiMr?7oYB(dYJkTi{OpTD3dwk z8y~%~nU^;b${l;d{m}bi-fGqA=zG2~S zY=(HDCCVo4Pt1R81~QOv{(;k+^M7ncw@+qV?TgocY~}-|LHiqkZ5lSkBR8U%2si91iu$_C`WX=x7-+%m_gd?-iM~@9az-MdLc&?bEa#l`=}COp6fu zx|tmQCLWtmMzZ&*6V?L!>B2iglV{Zbu&o*OKR8oN7vvW9CVB0PX=%+JifOHYKZ$;0 z;ER=k3hcdL+X^s#-yUa^jm0wea9&x$U8Hr6cfPp#zlJ4`75GUx&j?q9ms6NIrnV>w z==Sqbzqsfq_xHApRy!+|dS`+>?7yO(h`8El@YlBYKec;6QTKR!_}D#rdupY4Z$yeR zq};2fhmzBkccTpMokU1Qmqf)=-bJBS(sCSUG5u=JPS2#D*dduJ;S#w+&8WW%?tvLBq)^5?ac^{*d)@jt@T%kYY14y$0MJYgmO(8#FLPo1g?c8OD~a zo$o|n@F5{`@AV~p=Z>tr(~DgW_7S`akVa0?t+Tcs?(QC5PJCtkj_>byh`CxbQ$nq2rDGM+Fez8KS^qL^~Q~5 zyiqqC6UysH*K;N955xwEJ|Is&)cT~^JAPM%`-Nwt)nF(7GkIF|Q7NpQgPyuFK%)0P zxwjH=NXfW$CYvSSrB9Xj4Ua9sCQM~c1wA8VaJH?Pbw_(=>Lm^`5a!NAxpLe%dQ{nQ zNk93;f1rWJ=TNC%&>u3R$q&XC(8ep>1J>_W2d`-VHbUrV)jLO6!|2(xd@OOUZfRI(R z;)a|<@psKo++tyMN~602%G)R^jF+M}vXj>&oNAz!fZ8yIQHh{J?Y115%6^0=x%epf zLLV#7!Uw=POyxQv=kdRnh|K(OM6G`3BZE*9rw6gi@0?|J`9M)L?yHQFDR4yn`R+lj zEFBp;G|X@z!2EcqprBvgYVVECFhpHwec=572Q&5AW(gUOV|DxiO}@f%J4QaENN5$J z@*v>QlNcYH)M?F7`eC&MRYUK-mJOT8*z*OUzkwk&`_`lXnM^L=tSQhW}p2q@Q$mZQf=P3zbFFhc1z&dCWBS z7Ntb3c)(H?)7n0Mtbh4!htrRq!Noz8ujG=-qz^8IrAby<3F$v!v*fl!&L2FX6i=HlS1qd|aNj+swosg^XC|he6Rxu*R5z{Zym@q{i zL_O!E_?o#JaVKQ-F!Esa?dn?bY$Nph$t4+c?FeZt>7{%WwS1?qw2-@)40M~T)Tb?Y zj{B2&T9H&$O*FK~oa=&5Gu3`Xzk&xZdg*|NX^!@8B2z}q+J2(6S3LMG1E6NUL8F<` zj9$!*qP-lv9L#lyct{v|1%D%;;@F+$!}}K{)g~|_@2xU9X#|uR24hl0{6kVS?G>;B zB4F+`oA^m@lhpLEuoxnWWGh*vq_$)ZoQITU&&Gc2iuq#|@kTj}FNC?BDW4-OFtnyb z`*p&KHcKwX*AvqaBns0wdyAJ*$>CB6PmvhWE;)N?_tq^nG0jyftH?jPD!*f(#ZG{{ zs{t9Jd)$64R(#8VRh#LD;_}Tsr^`Q85m1ijFR%*nH?>)B-lJ*;M;6ND1>l;lMrj0- zN+>%ZX(C_QK8Z!qJ31hMBN|wI-Rymlr$#1k4*u|n*~o4-Tai#!xP1jnj1h6PelodR zzwr@JU^nm%bHmO|>XYXRTh9Qy5h&}07T<*b?q<}uti_ePZw8-^R#b?%yQSXITnf!wO<*CW_XD4`}21#dTsfA}p=QB3UV-vty- z5{^Tt>kZYQnS&%`(jA6>C$qT`u&`mDk2T(c8MzwxbPcS5eZIBzxgRFluEA4C7&5=BKJz!?ZSExz;>_ly7}+uRnxj8{%nfkoW@KTsU(L%PO*vZjd;#i3QR3jDg_4pN_w^ ze*A`&P=;yO7E)Pjp)JaqDFz**fZpJAQ$bI1FlXb-Nk?hE&3l3wD#CuHDA@+HW41cO zRi#xZ`i%z=IB+)$55zHZ@z(zS$TB+0%b~DBgoM`CY?A{A0EAN&2H=ct;!=}if0#TC zl??PEVJ5Mc3Rx<4xEQo06ZCx_%E$u6!6QE^?h70I?NP29c!q_K2Cd%)?X3!cA&cZB z__JmR5~II7AgKJOSXj)b^*wJq#={G8Q^+e=(litiiM6x19UQpdu?;E};t_m9H}E(d z-`||28HBBA`*&A+?)z`GXh>Lk8!c$)_OcHsJPKZNY^)f$ckde&ctnZJ?8B}ihrCzz zK^bYmGvyb=WULtlaao^L5@#%b>t%_I8Bx^cSB_AyzJI{agy}VCqXutK@+fjrvQ6IQyrOZUvL_y#vEpERP66)r^$TU+! z+HfT~3H$B@!Fo1ecYY`U;&k9!|M9JV@X&|=jO(y3l0+q z2|2HuO=+J#h9%OppWv{RF2oV??>W>1WQnhI>-iz#v8<;1p4d_g3+32=uNVX}VNf>x zVt?vJq{4)tM^uhdWz0A*Ibp~Ol1 znUl=$|3bmPME{o9i}YxZk4@UU(<2^#T8u32GgEch$L~HWkvCbmWH-#F>mn%Qx>*IC zpch!*_Dnzgc@_ij+x&k3sz6o0mt-(tc*j5n2ZL@IFo^}b_6(Ha!Q`faGE5A&YoG^Q zShQ`R5gR7=4KxE~u#E$~qsE?{0~rXJ-8zr~%%FP*Oya|?%>x-Y7~4INLBc@W2TWqX zmi+@2+BdR+pb7*1?;z+22^MT2$l#%mJp>t048MuMBr+`AMNk8e{%|o;Kv;_eGdl_D z05QN;f*x^U!(M_qc=WNEpbjm=?wex8+6K8g98e$DL(hJ>9fJ22b9R zu*lG5>DTsvD1W2>gZ;9MA2|||LD@JIbixB;L9hA*hEgyv2&lIzU5E2>I*T8hU6u86 zI&(90S^Tv%2ug}KEWt6b?jp zu2RbphYzTXtUa_XlF9<0uMjE+i9N2fMHZbZ3Gd9IX6*w^$CRN~M*l4LAoY)jJ z)#1c^>{JVyy@XJGBFMr>sx_R<1yt=Zbp&pYt>IO=*u97Kc_p+54X{e;KSfwZfMLWf zu7}4^esQlLvBNR0hl&Z$xE?A)xyHRh#SY)N1yoEr$8B&kuy;HFh^%styCTYjf7}^X z13Ab;W9!H~WVFN}pfSbL*{tbwmJ~BIXEmM9+@xYR%RzgPRKM0RLp3$9n<=i`1{fs$ z%ODPPl6wGxUi}FPc_jQARL*IOY7E_mr6#TwLFTewgZBE)mF<5%I_Az94o<<+*1SsNO|vwD%LhW z7?rlcO6+h7Fbe^Nn2X;a_UM!8ZL+QF92<*Lf0}Pf>jJ_sgoiYsNYC>Z*KgD*~iXCUEru^HYr;%& z*3RgWb8P4BRN^PTRMmWt6yK^kbdY4`VpZ#cq%s&750XkDF>H|32RtkblA54mI7n&) z&5%J--|(?2NGb)=0tH6>+*0^xm5dZLdJ9fafsCyH9SAV8sw04nYKN`h=_MIcik*EV zWBS03mC2Y=>=;kRl;URKWK18Bu`L#2?o=@b*LCB|Jx%%tVsa3 zM2oQua9i9AlL8(HL6+oz>#$@vIa3FtVY4$mLddf8OdWg-=4a}lGgyMAN7UGpp=k>k zvo})hf5FU9;5oJ=jdndrV5av0F)j}H$z^GAb?M>sFd!C$6ZQWt=(4JF$z)9t5%D03g-ytVf8WgD{T zm!`IwN>1%iH{zydRivU3hX=1>!Q;^?H}-`LcV?Yx-@RF{>(rgQYJB(poYi$-9ondt zt9tZTr;qmWf{1ZQCm=+Vkdg=Fi!VY|&pBL&0pO552aM!F>pp>X(6Wx{bUMAcx|07- zr_=oZ)0>MIU(K$rr`OZV7nd)tzM5WKUR+#$} z#N4@Z{`ljJh0qg(_)`dP9bp&$0)hxK7clZyRdLL&D~gC$gfR}F#|c%&z$2Jb5=_DX zV0fE+4IrJUNd?-0&xG=iRs1?mNGNBwXa7r(tY%i0a(;I>`7f{zG%6R)p1TpE<;G z(01>?V=f}kQ=9QRVw|i$#>4O%xIh@mqr5AONDL?DBD|o0aTsO;_7ODCTfvK?B-Ql)*mF3F^q(~2}K*f zSCfVOMfJ{CLKv^rBl&ZH82@wO(T|9!Mub5`L6GaJO2-Hr2I3- zdB{Xg!1tv|0Ko@}Fo*Ot38MAJxA$S1;lFiajvP*$#})Ec4qqXbVb+<$fT-Jo#OI%k z;15zAZens`1Sc~5A0@>95#1sYlaOU5WYdL|cpZ#Wb$^rKQmcn?z$4~*1gnOzzy15y z|3B%5{M)}h`v`&m^z56z$E7lr$Y%ztpb#*5YeJ@q%}*xkSVP9ZGApc~GQWis5sLWJ ztut#^ZwNg%3EX~&&)n8qpq@DTqpj-D=Z@aJ$y9Pz_Gqh00+L=ux*`8#_QzI)v)w?A zG0q3!yE<>N9}XD8c`j5R^b z;VbB<7n}v5@@vKbIES+66E_|tOt>$F>?NivdpP6~wQq zR&0bReiHKd`1bBonn6+mSF+s{Wg9UI5h1(~W0NQ;Tuw;^#{EiuQC^P2qWKzep}$`v z$hgpe>%5i@tuu#C6beN9uJaB%ufZAyuZ6SGw~&Q2*+dAhotSkGK3`bLNqdm^h7~%| zyWCv}y$t+)$Pg898L(Gd($Qi9%`NU)jW2`I{Of*I!*-8O%Ch+}9YFDxtcS61b+(2~n&;m-gs&it&5;8rymcnd>lMO47PyVy+5B?uOq?Ge zT?3pcp#3CDXm#9{RO?KfU+#V&50J`+XUY{GoIk5jLMfK!fC=&56}nA9{@-s(IuLsx zWRW!F4hRBaittj{8S#^!U?hHp3H&IlRMM54+U}GBC8kyOysVGM#icz!3j~?7B99uj zljokqibvKV!O~)`5=?k9M2sl(i~Kh8EItr}c>q5}7{dVJWmPdJf#$8V00DzF#k5ww z%@U6*OL_!H585CQhJJ!Rd@a{vM>@=Z#h>I6YJHlb4S`}xP08WgYe8qY9K^QX%8LMt_v&JPun7yxU zcFU%V4+_f%kxUs5*9}E-QhN8{6IeR&MhGRJccLN(Fh)Eid+;OTD`n@Em)AhQooLjD zgPN{T!SXY~-li{0XI0wq*zUjkAjpB% zLYQk=+!#SmEltlA;ex#Ix)fcn{iK|Zdw2oOi>I`P#vY?4;G%ecX!Iff-3WvTe?WMMgG zXktr82t{kxVZlQ_{XQVxeS?L}reEH@`KVsXjAn|XXDk`A9GUU_HZ>!@1DJ5og$maq zm`loq6fV$bC>=6E+ev0N>g{{0A*QvhY1f}ogC)w2Xm65WARE|-2QlhnEjl0HzIrqH z`TdXoWnz48HaZzLWzS3$2~^;ccw>scl=FIpv}TY0062UEPo0=dUMd+*5o_!YPA7Mu zNzDcJTB!Q{t542SHKDD(oo<6A3OjP$uVb2gx_DtN9o6L1$rEblxTa;>SeN9}wG?rb=jVG69y;qm%y~7;R z1@K^7_ahqFu<&$W%hWjq%XyN!di zVhwNvf>&Wk$pZ*Fx8spJD@^L(ZG4y0>K~e}q=(Bh(#}^^3;vskvu`MQY`k6b3 zJDf()d0au9(LM0j2s=K3OcZuj-~l?o^F%DnNnDFwaXLp$;hOMGbkQj@o|kTYj(qcJ zJ0cfj${g^u39;TW5m)f;!z&e~w2VDUMg)yS(Jut)qaF zb9s7}zgc&Zvy{rKl>TF(^K4cK386Whw2j6)CJCIKBHGpwl+!7Sa<;VGI^NpLYm4R= z?Zmq`TQ;rO(cZl&crb;$-QX>bmqo?PNVjb3#|#mzmB5MDtU4iJY_lqYJmSq{OuqM2 z4qUpaiTQ3Xn>G0SBg9L-x^-q()BZ%-F=f%dyS1O4Y>`tiJoD%{pC|Xx98wH9WD^l@ zPu3uu+{32^i`9bLB5B3c8iY0PQ4(~Sm-t8mSTeyR$v9ubrR%&WKKwRW4J;StLP^BoCou0Q#N?%nC?zdNo_cH~;j-VU6|FTrO|6VP zhsX3JPzUs6l1CW;y}$dx`8o-9vZ-tkF1zl%mub~m@9ePNyS%QF5mXJ zf^t<%(g!&Oiv{we=0qjXcL;TSh!OPFN}6~X%^W)Cl8tjw;QS55Pv_Z0QvA5BBiB5t zZa$Mv5|}uGyG|2R9o#})zFVn8{~9NN5R)i$osUp(;>F93XIE3lTLIb%irY4ZBiuTh zTWHLi&HIUQ)JW!*>bPo|j>Old%)1W`1$YTv=N03SqR-B=KRt6ifE^I9blJNQhdf?I zuFy^l?+2DbP;Clekto5OXMaJIM<9qZ>(9Q8SKR+dfd4%R0QMk#CO7FklUa8Rd9ltR zr2au2aIl-`C6Qc6s*6~zm?kulvuN>BL~Zde&K&Yb2(dGj61lm)zP#?D4SD=Rf5Ji( zcC?zhl#;g{gni`6HU5bWls=#^{&EHlN+X8woJ83FRtSegTz*N6r0bl&Q;(Gm{5gK! zlgW$gYF$2Ir!Pfx$qp5BL((;fF#0u$GeeJvuTXY^Bj-N#)sS?T<~EJ_5WlP%groIb z4vwk=&8DggT}@x!xXxSPtrWmwr&i6_BvMdIV#ENDFyuPQjRI=Fk_Tm`1>v-SL#W)s zBoixQw5Bl!Oe;T!3qql@Ld(_Wx$FFlJ(v#nvh&Kcj^OXxXmRw}zw!+Ta?iSLk({RitdIPc<}#%lK> z!b|A{sh*Z`#VIT};)J557`LI?4cnU$RI=FK{kYq_ueB+b@Q59bE-U6Td->ayPu!7K zrCTj269p4v);dkyGOOKX3TfNCvD3b(+vSfPwVJifN~)IInG4jrKrDOwgRnlE0}9Y}YnR|L$_H<}ymLd3N5X4x^g6)|LU1c=Kp(FG7PnyRZDqaay_Z zFIg?n$I8ECAyzAp9>)5Ol0&EraM6B7EfrZ~$;}Cj%}gG|^jjN-x3Qo*?;@PYxwp#4 zjUucqQ1ei3hyM_t`=Aa<`}qM06xMI~K% zDho~4#;B7bLLj_7(bV{y9}uF=%c^qW3vQ0TiO*))Fexe~i6C9)4#Lg3ERvbRA)#oQ z9*~GI;~)s0D>j+)o^U9W;}z|Q8ykyXE!&kR@XVj$Lzd!0YZ&w>Z3v?f;8J>rS#BLe?K4 zr?viLvn(6NWGdIgtx=V4U+ZgT2ilJbDd|CP&InW4d9{LWjd*T!jaRV(%8?fZfXd^` z#K^Q+{-d9=leR8Xd)}&OCmX#UnC&fS9Wl`%B1Kay*=(l^HS8 z+G10z{D6`H&Vipp=<)nmxI}yv&0UYIpKG`fgJJ0~`FtLb`E&pJyKC=adO3S}aXr6$ z>Ak$TzPY%%oL($0E*9T?cYOmdUc$@ki|66}GCcrSok;x;(SF%{cS-)`$BS#{uTTt} zVgQdAtZ$skY6MTt9C|>MUIau9u4=X4=7cHf5X5KrsMNN0@GqA)7`2x}?#<_ju?Vu~ z7gyI+NzFFFm6tnBw*kO;S!BoD0)XpB-S%8M`M#g>(e7x2HrqJL>3<)2_jRXH=(V&- z^4Hb!SBiLJthj4c|L?+~kSlE4l`nN= zYTrnXn~OK1wQRD!bhF(n4=O496Yy3Dx0S5A9r%^H9k|^)K4SMRsbdhb6=_K~%m1AR z0(b|vdl&r%Tgo}kh@b%Rr^zApcjTgb*Lf$sf8m5uD9S_ZtCty!_j$=|PMRD_()h{2)_^&$Uw!y* z=Me?L<{c3)JdwzC{*yey2YJTq!cl<+gZx|V6;ZRdl5?P_WGbNE^IH*C;df={lvYp{ zRpwUTkN@h!yZFX7#hSc?qulg1fKB-CEm=`>!CSJ?yuPG#n$}9?+`~{7T33B$J$oA)R5_ z3Rl&q@MLlI6lPhG*Hv|7rP{BUIB)$W{BKgRO{caEb%-l9z7@yl)F2M|5Oc(zKEe|J zH@jtFQ&P>OQn-K=%9UUwHEu~M?UZR{28E5p9tu>N95Khs+(EGUG#q(cag2W{%fdLs zNB3{G6-uTnrcN6WwLmcN=5PvVF##7Af5kv_w)PbKM=)Pa)5(8rhN@D|2AEW6rbRJC!V-#fYAan z?#9$0Wq-T)yX*W1p$=4sOMROhJ&~TbpXeH?10tOC-DL44a6;n8Osn(5Ik=aD28fp@ z2IwB%I_K$?7^>f7_Y>tA=GxE2Kzn?o_XWQiQ=hxwo5WND^z?d_(7mW^vUNiNIO|F&+6x*DrxgVcRl z1GGwB%Km(-MkT5D_O|}nU3@e}{@vV7RT)dR2EHK2oZt{&?wZi|ZcV zZ%Veg?m;=!G5O9HJcLNyZu8^!?cANDbdn}3&U9&ktlB-Eot@ft27eB`dx-rHq;6$> zVR=FPM*Lu|EiQoAcS7+fhHMKa+cD~Fc{*|Vc_bND6Y*wwb>1!1OjY7|d>iknQftQJ z{VPEr++`Wz`!Iyq7w!SUMS61mlYv8!Tcl?flwcA4y!%ii&BmpG8BzX6N>V?FG1I=J z*1`dQCZ@UC>^oW`oSq5NYPzUJia$LJtlb1u8;Xq=fT+*lr!99`blTyh-)ht|XM1D=8y7h(?qpo@_@64!;r(}^Cdy5B4w)DZ;?c;1SmtJ?QO4s95 za!y(EX(}yXiTnV5LTgAO{to|yaK!7Zb}pM*d^M*Qt{$i2|MdEUtWi7gYzQUnd{tS) ztv>obm_PqgJXCIw6qJ^KPC;o|Q%^zZDJX5h_9-Ym1*Og@D9sl-1*Pfd6qKHVQoDmv zO#E)a==;nI^+Bj0UKM+u!oZ?vPhsFG3@rVe!oaeop2EOW7}$dCQy6#(1D#VCm@jk+ z1Jlnb3_OK_c87tn-}vVJ-G38Yb7gJW1!&q!8DH-=f^&PpvUeW8d4IRn&YgJobqfaX zRLL$grSYXuYGXzm!Pea`)BZ#o#Z2XSkoA|?v^t;!`SkmMc=zqYq}T7>d{nQL+>G^% zrS~+*<^SJm`)vSogmwva)`Y^`eGZU02&;3MG2x9dRSVa+<C!}k6 zZ^Y!jB%)rfxEevrTo0aZx5+t-c9=*Nwl~+2cJ%yRuD7)To_^OId&RA*Xa@QCM zA9-{3N#Q2s{H%oVSP=Gt$ZvB2S?lq!lksbBM%0(zi+jH#T_0Inq;0Oe-!jO^&(BfvLOe=oM zysWharRO~)*L#Dc5Qfla@ew1w2r3l^!IOwCG2yOr2f2f|Jfm)NsCJ@n;I9#Od;-hq={Xd+OUbi$RxUumT3pNC{>;p_BS{_(X9cw-37jNd}k9`@i`Ki!=Ym)g~HQ|Vsyil!yDM5S>5A7=@Ptq zv)!FrKg2KRJJ_4A**A%9WCim3T%L&&U*J$;3FEVPB6tZN4wp9dSknx`&69N8Kt^AlF zp|uY<>-e`2FqT9>&>@dl%~+Q8lgi;pHzzUIZKbjXpVLJ_SJQq(*(rI@wp$H-nOHl% zw!1Z{k;|>FOCmx0%>G9bz>+B$NyPaYE?v0}^V`hUz;9}ZH=mV^iC@>^Np_yBw&WZz zUVoKgE5L3}Lhc~8~B&+Yex^05~IwQWzMB;jgw5uCIglCcRx5^ zm)|@6&8V@HyF>e+;j>Yzy!X13DDLz(bJs-1Gwq2as4OC)f~;^F=gL|-vz2@m*Lq}l z+J>dB5eMjSb$+~rT;8Zg9=lJvz4CIIt>mKp{2j+g9=t{#q3;mt_z)xLyUuHX9f;%$ zbLgB)Ce%gyZyUb+aTVAHzy%`+gmRZt5Gu~|8PK=&LFt-%NO|J*n%N+0>;XTW{!@b^B zLeF3Aomar&-0|I2OvxSG+sG$*SG(sav2xOL6J}k`Jwa)v5SDwQz7=9AoRHz1zf+Hu zl}mP8^6T zl@jVh`mIW5h|!nE95AiCx&qZ%q2+4x+;x7IN5;p)x9p@cnIic6HhEhfdCo~2AI53D zqFDd5SzWAul3Ve&Qj~f%Xa5q4@uHOTPhNQbt#kg1FaLYzt;PSMFaN2BPW;Jhy5&A8 z`HSDSq+q#a(Pw{Zx74O%Z&Ks!7Am?^19etGi5HNL;s@&hIPVt9FH`q_AiR|BjOtMt z7kYCPaoPh3MN2Ubi?D{0buVU4$zfYZ;%@V{)|yzhBXu3xuLqmx!e~=EaVuJsZLxGp zUSkuRs+Ni0R$1cqQ!m@zV&AfX+vH^(wHC8^<&f_qb;j9;4v}^TAZ2f|5te1Mgli2# znaBalMgSk&cC&b1sQZ$(yWESpY)))$lSACoxm;~|8&T)bN_NyR(-$CRjdfv*WAL3UxSFq^^6J z+|`@co0)yR^+}J`TfK73wb=93g0~Pt@w6?#KE%b#mYpY$Vp(GN7(B)6S^Wa@G7AAe zBPQ?J%ss6cxVxPXBl>I1vK+9rl^}Rid%WNy&mt$XO`G)}`cW7b?^{ejtiAD zgU%uV%lL9-i6I(6b$)pX=pB-ZE-`I#`k9gJ>tzG1?8y;Ri^)??v#SL2@5sSgRqZ-I zM#n^SWqB*bB(kp282eJ-8#y5z6 zt;&NqapouYmYNg>&Kh8_EXl2GmM+KHm)(vytDQ9KI$hSvmnlw>$tfX^1VOy~DxM@u zPI{KZf+nb@2G@Y29*i{!=UU1&4;ye+BQO@tQ#qCG2djLwyp5abld~4AGY)u^Q+0N% z)3RlEvT!CRP38>J2k1*en`PVa3t0tLdwU+i3V$V_%U`Y)7fiWOH+%DRLNR3|pX)24 zsWJ;$UZ=hgT(uh{C|i~_*8 zJS{Sr=7<}?Q&P#UQZY6u97v}F6XCeT!_dYErF;1!>_Zwn$&oCj>a74?rVC<#oL&(_ z*F7eWSPrb%iCEIXC0i*$A+iO6fuB&3cEa;u`2Vr@uH9|iNZxo}`%~a(c8{bPk&HWyl9V-zcH+2?smjW$7JP}5u_qV*&-BaE4*JW+&B zWv+3&p6Bj#hvBAlX*kQ$g>F2wJE_kYRn18hyh{s8WJmQ)}3010yNtZKniu{WppiklbH&-lE@YqJ9a}-Kc5T2$i z=2Wv}iF-zA2UO{07T39Tgg1(7q|LIISoPjnCiabY1VZ6=OJnN-RPdPNd`!N{{q$`d0M_Q*6h z3pt|Z;y|-0*BQ;0!8sRPb!K@&b`)b|EM&~aI1L3EY8US%bjlO64zwgOi=>z(JOVMx z(}m15ZT3;=;BcF&G^#m$YKtM&wLdk$r1em=>h$^<5g7c!;1PF?7$$(G;R!bahV z(JK9u=$xe#q-A)(TOvq|RE)`y#%rf?fwzf~2wH|4|6E=fU4L1vZB%00wpkQKZccNp z7j~(wqc~8lGd^vDpB|?6_fY!FXQl5S75`brz^Ilw2f2bkbe^4MROu{_bdKKdMjmG* z<@0k5H*lG`#oE5qTkZv6TGw7eC5+iNCp*hhknr3({+1^b3=%ol-i^(WJzctP3Bne; zW1@W&&6o4mQI-)IODnq?2;|=UZ8So4T^0!Mc>L{Kd@CpRty)clt04)V08OH`JXDJ5CrpuC?0h7=Y2B8*4pwImpe&E-gDA-;PZ z(SY@4=`552q>uq|Ye{ZHMK9^}!jQ{df-J?pd_wXpAxs$kG$#Kvsw&d|EZ6dsDQ!o+ zwl>!01yvjDRkfX!y|%{WOwRH0;2m__P2SYnvr<-Osj|0EkX1ZpLK{hzc`-G+*}!@k z3cJmO6{j>b_01|4z#Cj`fHiHevvuyy?Q`LvfNG|q&ggl6Q!-5RFQ<#s_A-DZ?D@E# zd=XR4_N+~HkHjot=KoALBs;&M{%p2#?GFtW$Wb`Q_n=S1`$318KZQ32vwljTj$T9a ztDP%sZPUWy*i~@#Bav5tGsN^%tAZ@BCxc!4X~Xkz3&- zRPHoO7l~13P}#F3QSRyGD9YmTlBP*_9|s2q2VXvU0{=faIH>&p(c>ov55IW$j!kf?cP5mbivsN%>+n-@x@=&n9KdkhYwJiAQ-Y!5?-(w7a&L;q)bz%;ek3uYL*jc zYFxe%kKKjq!w9=FqD(jsek;f#mgy0`C}xHlE{q5rMRYXFWO_)pKYk?RQ&%z8*z%@#_dqEHNLM&hg?=SV2Z}CdL=}ludJ< z#7NYoW8me%`0Meb2ZSVa$`UsO>^#!R%80#)uKuv^s64Eg5s>QoI+qWpOw)&l#Qx&} zAu#zpxPbH;9{ffG7iP-H6LNk1z+A8o@z`*qw8xdXs?L{(y~2OH(<*{% z=W~ciDURfbew&LpVTa`T{F`t5*EQi;xR|zYFq4*`k!^gt(l{)ZmPHhnUr>F1NcNEt z?qo06a>~p-*dL?z_Yt{#82r;s3uw{Rsjb@&qBznc!*7}SJJyH3nreO9KCxyDSh4Y+U;nqu?2%YKA1{X zOgKDi`Nr!n`oS5}{P4bQsKrv{C@}nv#dd(6&ly`}OfjL0S83t0;=o0aWh#IKHoFpR z6?4IV^{sipbXor;;%_mKig9RTc)bIoIxdjAWYT zg6riz91?t*YniG2m|e1DU-9{fX3;s<4EFfGky}8lfJ1Ja#((lk{&vkhV&#?wo4kd~ zW`|pQB2=}QES{O}$@=u=lxyX% zXUz-%jGBE5#S3dZCP$^`*gIyj;ieiH=JjK9sMAynuR5LBL$YB`>Nep@GOY#8Xv#D^ zvz${64|LABTS>3w+UV&ek#ts+ZrPO(J-%QL<%I`?2Ly|2Gua4WT@B$?ZSRKv} zl7a+tRi>Cwu`CEEuu@#BiU^+U5g|h=D~{7-$EC!dvU7ULWuEO7Z!gZpz-$$(-Nd`( zS-B16@S+*qdl4U>!ysP<>YHVF^lv&7fhKmgvQuajE z(fP{{<{SZ?4+O%q*Ds9N|4CG*-w(3)5@^uE>ej1w+&avlaFmqnGc zw5E90B1?;J0;V3olW-?8rxdIJSNHIc>ySg?kJ7iYkMoV+HDUhQ03tmnVbFnqI zMbJ^4MTAErWf`P$(9!uVVL1;##OVk8(l55*g0;0V@@#D>bW2eW!2$Cro&Ljfjt9tC zAB|Xq#dA#-lxJ#8o`IDlVWr=!vKBUDTHuP9`M9Ks_0ph%umr`jJ6(e_Wsh8)ONCO_ ztBhM0Y`L|!vf8(f#MYiqC|+9MUb=(d1H~6345~op9<4HscUE8{z66DEwX^EYK!6ohI&CeYt>{ zHWgjHNm0^hVs?Mao1AXl>E{>+3(L0M?nbmKW^A>R*bc-? zAx}!U5w;dNmt8Jo{lTy?FIu-7RM|QTm3mTdySVK<_I)xTH4dO5D-u$AKgp27Pw(_> zWO&xjA!*vk4f8QKq$xtS_JCqtrFuXbX>D_7<CW|aS!fzSZVg)TMC|60)PD=h=)!8IR zCzULFTsaF>i;v{$XV66AXYj@gtM!$>_=&*WYtsQh%IFzwN9w8jlux|ICM#3pAj7#U zgR*>8F0RhbkO^3en+`p0Z7#f$Zqb#-YysYi8|Wt)T?!6d&lcu_M0@6_uNmWUshM(; z1pAmREM_`&h0GOP**i=u0anm7k}R#m!{wMY#TA~6Hov+;yu6mj{${TC%}C)s!;arNwWqRyf(zokuOZvv(aAH^Ooto?^(R)) zRArz?Cr-I|FZF~&-XP~;8H&crs--s? z>U#Paen2fcdNH_OgaIy0Cz*Psav6daXl!kQ_s1j{Npqdb=y57dKUli>)=Yyc>%G=`@-yLC{7G;i3NJhn+ zjma~BiTpse|GW*68IZ6vNMeDQRWwP6Q@Br*U&`p`;b70V%js&j_pGzTD@o&TX+lNB zvTbmI+Xh3kV0yLBPca)OGVA;7)IBB8Smm}7vK|tT$jtHIaAJ-DWbh4{GJVCEAP2yy zFP}br{B+1Hnda|tN%M@YDYZlHxmE(SsW7)O97+W&5aD7fa}n}5B`9F{%HPpUHsxaxp>N$05 zP^|$LO|0OA>R`+4K!ff&uQN9_iIU+gxtVE{bf(v@euhQ@tn{|dQeI8RUwGnKTs||3 z{@ZFz<9P21_MPY^&WDpq6BR?CJq5^XuMgv!a^Q$42@^h>XJNqZ$)@#v4=a>6`X0J> z{`>Gfbgo>3*6Qc&u~8F7dk54Ff1~oO?p?!<1=Z%QxB-)0jTPVLc0+9nt6~iu!AkAQG(4- zZD=7~@S-wyZdBwV#@GhH7DSqkrDJ3z+b|GQ4c}LM?ja|*P?{#mK9Z@(YpEH$xipN! z4%X$_1utU=bDl13`W_n@Y@s^Qka12$JSJTW0A>a>cJFbjJOFELY@utcCTFqx^gFDk zG`e^*n{^17N@N;T!Eu!E^cgfak~6n}-4eU4AgtS_>4KX=)>9$wge*te&C z)}XqcUVd0e(HgtyK2$8<^cebRpn+;M?4({$Z7%wU+^gHn18`KGKYKZ zvA;h}qk$&eDvh;!K2xuN3*~F_34-F(bw$p(?|P@ zi@AqJLd>%NHRFfjkLU7FuO2-mKe8}aOzYs#IF&3thTtrbs4SqrVt`6$+Ee*rA%SaL zgpg2L%47&1DmC}HQaMxmkDfg3vULx+Llv9hrHX%WMzCskSE=^7TI zJR}gOzQ1qt=%P<>df4lbH>b8Y1A9>h9}CR%Vf2LN}EO(~7k^s#OP`>Nq%P zjo>zBHW~26Z?jmpB^?0VXc!-yvCJtsZ`C;|9}y1m#B-l5BG9V_%D6U+HUOgjHrpf!9 z%2HUkp3px4A@C9)$}g-Emwe`;hbBB`Kg8Tbnw~MuUa`)Xe?>2!;=-4cukY7#8qh?l zhHeTA!1w^s*BTgnv?&#w0bs&ZFQY{i|L_QQa;Vuh@7U|G2Nbu!9j%SW1545pK^ZXM z+V%3PF&R7i7kz$Ntn+0MA_6c&ak8Ul?O}I{S(0i~Oq*NxvQ*8aec8;0q7uqlkm6#K zrpDDj^pe}@-uThm%s@t|01~8AB74qqyJ>t*K^C=0lS~RxBE=vCWau&wf0Vh9%e;belW679py~Lra36R^UFONH zq5&}ohvDfFD|1KvWpw2}c;Gyw0c3O-58e)eL1HE{mR}`}re>I{2=4NGd_Y^HjE%BK zY=l2VG`w~&8ELy+L7(91y9F>%QJG&(W zy4`MMr{Bggv@=~l9wuw@hHLi<)pqXlnBCz!BP|0areCO_ZPIt&6PM==t=k zQypJ0{WRuiv4Zp5rR@CT>cVS=?Pz;WcNk>?%G4b~)4ZCLO3`t2ZT2H=gr++tZbT4k zv8h~`R!(9WG!L2$|E1l(Hk}|G;sf=g;~`Y56^GZLQYq#SPa{Eg|mRZ>j<8} zRLmHuNR{H&^9n0PsH4z?(;lZowI4qlicD)462^&70gY?|*|UOcqF$r% z>0IdhlsDTU4KI-4qx0`Hh$RXgbz?fF-UJxNB)7nLg z4w6T96;m#K>M5S%m}tc(2ahW9*%BG`$2W%mBOsfXKOhIVEz0&`y^bT5P*mL|9$sYm zYwybPpQ}Znbo@0VEQ7MM9=lqZ_mj=p!kR!CrBhVWb5p<{!1ti27VM^|oE0_(W8pXT z;rp3;JTu1Jd>*mUTK$azwNx)_ux+;B8wGUHu(>;#sIz>SY!BD^jh*CVi9Q%%mqXU2eM&SS~M@uah%G7=|VIe>p?}J%Zm{jW&XB-h?bIuRxh0br{t?)Mu z^OA{R;H9`jLn8Xdo*{sRsnnn#Kk4PXa@9y7%K;#m9^`Kj`y2o?C+Y2*Yp-Xf?W{x*JQ5mzGSTGPd9$l7LVZAE-aw=zjGG{F3FZ|Fu`0>aL&Yx?6K>0BgO; zFFO$6vev5G5HQQT)WohpD82@*z*xbE0ihdiW@ETGSZ1fgv{cuQIEJ-ZlAJxXnG5v(ee zML#MI5~@6wu|ha&#IQ6vl8!CJ_Wi0@1z^1kj3RRZAAGE(Nl~?9OEY$Xiqb zaQUgTb0ZjF5Z1wp1o%~(7YmFW5JP%pt~JNt_Ghr}p8w(`{~K6C4`+vJLW#caM=KYsggJxkXO78Z0UhW&0)H0Vj_`B$?w!efi(p5$7y z>zu1zuF^5Eos(^TfDjl@dWeb^IO2 zTg#@r>)$2A$@Qpxy@W#V-?^gEF`9g*K58R>m6FCRLis<_ri2TP{~}~>@#Gt{yG54- zBI2l>xnGh}z8))F1V#sHepmhCDR~L6z>!cFCvbgMrZ|A8Xo$c)EgrxnFi^K^l4305 z7%{1bSsBRlif${=#&uVa?Z$r_2@NDs-6rZFYZsCbitI?TR@xj2c$-`8RHxGd(Xtw@ zb@&(;t`gyH6HFqv{&qO6&#ii%%MP|QcE}boH7U5UozIAFS(q(}ZmpGZW4o9&%i6h^ zVb}|4uy$OfW_`1j_}ZCW^kl#;@T%%f?7mSXNEmjnTxzA$a=MJOd>937dYP&x%YEgo z4^(hrF7v#hNL@}o)Q%nyBIN(5YJ;QkMNQ`NA}cfXsA#TN^XNQUE?f4r$z>4!uvlA z>rHL3CbEc=g2%TjJzR>s8^3L3RoL+j0XuR=LvpL01YMeko73~fUGcrclalI)cF$!O zNR`vo8L{y(JU2!NyPTbx<%ojvAO~BBR>=EI2c_4j9v6E7sPB&Lr;?m;3^Jgvg9>7+ z*El_tgvJTbW1^lFehP?5gSa4!0iCzeCCc~$GbkGIKjx%d>;|WFJ^07oZ(tP zHVwi>ZBT&X%})Fkm|W^Xeb^64a~r!*>w7e&y2!E`kY+ zFHK!cl~JtDgRfdglg818U}Jgg$V|VL3bC!iqQxa#5f^XoJIJNa4jLvpqTZab^tL|4 zR-h@%@U9%j$^tFl{UvC`uS})f#{Eps~TUb@S-Uqvq!m zA)khx1+Z0asMQX>zW1u-imERR8h%uCDd`?#)rKa-c`{?im5nF`v)r)60h!gY?PA1H zH7u-g(kuiv{RATKcvrOoND~jgasCI*qW> z&WaCq_$9&^%2s7_7W(W_Xv}e0n7o9NIib-JGxe)ig_=w1wQ55>feno~HuS=kdfX)# zsBnU?J-`$Yrap4#fKgW^FcQ>$@oK}mW|lW}0*PV)aWHglOZD}rb^Mr#Wl2fH3TIFq zN^^pGhsY89DAO2S^Rka>eXxk8X^>}!p|`KD5ev1j_;4x>+SE8 z%Td4d{%$Zmo7#W2Mo$vAel8sq5AH=Qj%rlgfTPt*#3)gn|Dto!MfYKgI2$L`3pae- z5o6{y1Y_D%FqrH8N8?v7o>?aohvqD=^;T92!|8l+`+)<}Vx>KWj#1S0Mp5GL;PYxcNl;he|Tfx zd9AgogR+OU+0iGX6(rtxbuD)ArnJ!gWAFyLbP{H~quag-!K)>^Mrx*Z6Ua>mc*5;9 zIPBM9QP2K<{e`f36@$f-n!chYO0p~R^z0X{Rdc;;=U35t)mg3SHYw+mxz+kHXMlR0 zGi#DiI*|A+M>-72;2a$}-X_no{bO|U6CLCEFwMSE8a*<3wUujA4!+mnzk?UNE}w^1 zJ1;U)b`O`;6SZHtaXKh8m&(OS=X2ulJvMmktM+7cf1TFn%aG`=?jACFLY1C+M)Hb# z2GM(V{=iAc>*Qzeid-Xk5hblbl-*tSCy<-8YR+Nun_T;azrTB><`Q5L(4y(9W|~?o ztNURm+*=&S{(Rfcp=TQH^Ei`sV{G|)_8^%sSnEM_(dV(i)DxWsi@W_4T7T3a8QYnA zuXnkcdhyN#>+_Twwg-Fr3R4a<;O{oIDWzG;eJ1M z%ho{Qe0~I=ol(FRCXSt1V4c>CcQx_|pLv+MQG2@l zWD#X`p_^7jVF<~TW$(2aUg5H?&!(5*!McgFFn);@fh54+y$b2MP7dYlvsm>`dLytJ zYWR{H}k*4en)Amog>0mr3R4$Z9#11$|^{w3(I`v~=`Wsx$X5APn51WnP|hl{~t zV&pnn&5AgK$_j_=q$)+KF{yziJVekGGOs`f-`#Ng_k51*D1~jtE_8l27jxEu=%(<_ zbKe6gl>?fK(IwKE2MCIXX)%X*^ixcb3ZsEvrfTAviqKJVg{_y}@yf0Fod^g-WnBD~ zF5{K?KOPD_OduNx&{)!fH|FLIus>dZbSFoQWr*8~dJ!d*Flf+T84rFl17^mg2Q{6B zU%xkWaXj{-KJt*hE9d>kUUmi^1F#D-srWr)s?LJ&cVbX-4`a?qCnyu01j&jmqz|*i zSO`TWoZ`Np0c-Pcg}cAtT&Yp(iffaro#a)YziGK+)tW0J2Qy+Lhn)GSlAaMUrR(vLv`4 z4<|b4ma4AZ7}gu7uojK77>=#_0CC*OJ{&@hHi)`D0$XoqAifsb{_46nciXpv?W?+@ zlGO1n_;#-?!HBtIz-*5X3vuR<{s%0wVgB&0D_EuwNGgqjA z+1EuQ!yA-sNk^KsY4qLs?n|jrK|^*=ssoh1`8%Eod2L0Uu#M|ycRg#IF=l~Y)Q>P! za2?V+&?(paI?iwzzFh}rJC2srYQfY@lm3rQK|`tkoUsX&j<$bZcW4`e1-6 z^w6$_bn$2B=fw_m$KfaI1eV6`Z(THJHgq{lESKGk$hf6! z&nNl#=@_aNzIk32$4GHMwZCyI9SHbnWM7?QGK3i9L5^TjE(m>^N2Et&> zss6Vc@{ZF)x?j16iTM9MtB4H7EcMxK7BbeV@Y z9IQlU9}#BJl7FWpkkca0vTcgDEe;=D*T?Lb6tWX1*ODSgnb7i3>yWt`=+YE_C{hN@ zwP=}NUJ>D7=do1b&>9{FzOCG9-RDI=@UR}Ca>l08-yMgU8Xi>Zr@mIbHJfsgiAxz; zk|5qKD33l)9de0(d)Yu zjrt$I>5Vh2+#`hxYc;N<(zPmcH8$E9^ty85^ok*n&ZEbFk~t~ZnQd*R;-{F<&h|m= zIzaGU`!t#xF0=|kb5`?o!a{eQ-w3qevpeYH{l%e3kr{YBhacZ6i5ElSxl5w-PHU+< zQ5uk=MgLRpe42WFe9a!jz8>3rcZ#)4%(ZESnLupwHh^kY7Fu1*4P$@s{OMb{xVqA_ z#H$>TljQF*G_0A0A0G@7lhd4}D_f>P{yofZ=d_{SmLk0fMZl@9x%zvxRbcL7Fi|~m zo@TNABpnujtEQck1gVt&7iFtFXBeRAIiH zbSuxpRX^6f6Nzfz*2IlyNJL#YB`YtK(|&3h58p_mMJusC=A3*&E8aR!1V+`@p;`wJ8R)O_KzDutu3r%G1N5Tnm zlY5_CimVUI{k1uxLSm&K*{Z?1msQttXp&9K2MtzT+u0XI28e5d{xI`}qEK~WtK$p_ zak*Q9YYC2%)ZxYVVS+UL2~iGKN7$Gl4vkDBGleEt{E9GSO=>F|1?;G~Sc^(PC0o95 zfW1*5Ry>xK35dHDj3Ow0p!1I=RwDEEst0!S7lLDfjI@AE<6zYNoiDt?*xT6jG1X>I z37C#FnX&i5dIvt+S8j#Sa278E&qRcXMO%nEcD4Rsg_zdH*}7}Q2X$?+ zx0~)L5nEz8s-)smNTCX)CP1-&+Dt{VR*6{;v)TziuyLuG>yRRSItEGuy1u43Zg8!a zNab7JdKr~cqU*wTj34FmVtdl6D!2%|2%i$=)1Ey|jyEGwLFr~h?slaV<8lta>uBq< z!?aa(1zZSxdFHVt24}4~k&D_=(T7$~0iQsFPV~7k5nlq!phIpnaw9BN^4=5cir>z< z(ss;N#eJJf%IyG*WVLa*L`j-DQN7ldP5jpM;hgC@x-km;o~vT4ABMG}GMeBfWtGxM zDyPb2CM10?;v{0|22v9rL(R$|oEK~Oy{_E#C(c(kj^lYa-`-x#LswV~1^28-+&Ccy zI<$OVr^;-YoD=E&y#M1ym6p0sy@Dg*xL56BpUlFmx{i|5)eR_? zv<(C8XxK6{IA9H%(}_N5n8EFKAef=;=7DaB*`KeG*A!sOYdBjd&bt&7IbFSMx?@CV z!v6i*Kyc(*=Yf5^qWNzSUvYC!>f*|=8pBIj>giZ4t+%XGdO8+`fpVYy{{ z1tEY6IC;#qnf7SJN(fhOb2_QOD>CCU=Cq}pD)K?0yIUc%)3Igd=nPskBtbgwNn|ug zl!$Y1IHwyuxx?I3X^plEN}CUDaoZ7LTfJHM+thMbGm~e|8X(fkFFN80`wOlFh09W3 zmi>bytt@+S*Jn z^uJbJRc$wo{(-1*H?nOG1TM+NlQb|aMY4vKz;*rO$doepn?4?Wn=+clC*flICh*K8 zp>vq&^y=mg$8L3{gXPuO;#(-JnY|c2`~@qzkyt0R;&3+Ir9Qd7r+vhLG^t#UQ5el( z+(b7J>5X)O)L?0(jU{?|BRC0(`?$r4Fp?;LAH_-RdpFxnE=D(%sGZGhKs)qY@P6(7 zvvp^T#8@`L2U(THlJ?36VZJ8eR8pi3f*{wi%l^+d~8JAnSw zozbrw$PFRf^v3@X>7S$8)W;K1I8Ij@xpj#IUEr=)XS6=xbUGPIT@8}zB3|42>rSjJ z!t@mQ@}W|{5WDV&Pdt>)*ebekAJ}Rl9jVwVB9!lK=wA8)H4Svf+8&W9{#bvF9LTgv zOmUuGoKx}=-*I@&y-{}FQ4R$rYtqu75eqRp2rnq-paG&fc?9o3vl%Og6lYi%!(a=q zwubaJuH0*_DG)kzI_BEirZ8{)(Z6|H&Nb6LibztWQ<%Tm2sJNRi|K?cMqIPO@tHJ} z#>;qHbEdEj@O-wg?AuzCmafH$Pp*f;f47_zmk<$no3ilb>f=A?~>arq%`8D`W48D?RophHv~Nn`s+;N!j+%ur;og@ig1VeI8)Po zq9cod>?mRS?$$+k6NJLVc)d7j>uavJOu4RI4!+jH9J992=A% zi83?FdL&7Znt9@kqwIyfRL35S?ZsVwxQZ#pAe8k*yQTzXV!IEpE^MG)114?d_cwEH zw+u3^gIYTPt4FaTV*`H_#%rHECZtzZKA|Tu-@o=X1tG1qn=dcS!7j{^)^Y=4*+S;@ z!+K2XFcN@$I|Z7Yo;)w3rhj7&6}>oWo$oRI!;akh_Q!aio)RR?!90Pd&*)HwywIStjufM}}&+Z?FQh5;rjukm8&>@*4nULW)o|f zCuC~}qUbpIcHf8Qx^iR{h^px0GszVqhTwaEh=y%i`pcRKIcSdKv{czU&3;gkQ}eF| zTt%fgj{rTw#L_LVa(Q91TpLE7icF=r0Jz&=w>e9tNCtlEW9sA-PCF-S35H~OQo!hT zvu4o08aI$q;Y(5kCCnDT-trb`H)G9Spc$XF7-HAMX?bx)ZG~LJxDakJFwQ(0l zC**wY5Qnh^dR}&zX*B@NQ(5ynvDJDcn-)-J4v#iDdr^vxd0@$)T>Y*ON!o}GsRV@& zah}jw-Ity0bHLX|L1L=i+r!l{ z+Vgg)eXXYdQTT_q0{*u%s*(Xv}V+?GA;pnPro31X(j1cb5OSOY?c`6PpE zNL-_WaAPxij-(%sD4niIU&u&t#tDke0Q|mT%-Hz1R~dAv{t04>+cb&1!ukOGp=2po z+?lR8a0RAwKgeDz`Qs15JSVD?=ppIkZo7T#ACDBqeB=vbRJDO(yVEp}7V$8d&CUYR z>7@RI3x2h{SR&o#=i|;i5`a6aO?OagrGHdPqAIpFb$}TRr07DrkW8seBjdo0@HvJ| zd-F)TT1faUo3Bo1SQg9R(`}9pH^tliR{h#FtG$k7EFNw!yuccGxnOuc!-_$GYhyB5 z7j0zkJtPXat#4IF{`H6_y^Wx4*UUAV;$PPo(>*$JZHaZ(zz8nk4LT9mv&kBYCGj1n zH*inK31TH1$m(jm#@~~QA&MmcetgULBW3>fX=tY{-kpXxEho?^46sx)(8mPbVf=b1 zF4)j%w#%HvO7D9l2Qqt9zY374jIwjz1neh&2f9p;__PI{qDNr4ha{R^^jNe$1-XDl zl?2dXuPPn3?U2fEpFDv0wYM|+-Wb=P`d=N0{^QfE-`bl6%+Kq?HNUH$li#O_o159m z7yRf>Zg$sa`px&V?%^5e_tVCV*Yo{JPR!-?_W{4<_!|S2V^(b29C3O~oQa_3?CoNU z!V;%p-%p?A9_4@!*BiawztWQQ&s5=%UVSNU2QPxWUT-Etq6CM%+)(pbSFJV_tV2}v zH*hPp02T>?M3baa5nD{bnIlx8Qu74*JT0vL0Q!)Jcv>=tIoO6P+_tx43_kE3QLMk7 z3s|+;I!a64da$jL?L0wDpy}(XJAQRP@!)H>{sh3o)|XEFZ0(mSm^w*r)K{k=$W`h1 zp|f}Ttk7Nb>+EML6~GP`xZnK-4nv?VP*3wyHh@x}ku<2vVb!yV($S8Y#4bB1_yI3t z5NelWWD%Qgw14x4-=!47c&wjmZjLl!A8xMjtsEUK=;C?E>~`?F)kSDFiIa?#hnPZu zD(|Fh*w01+j4b=Fk3_{PuzCBK-c>}xWG_+ z!e+Gc%l%;Sn#LY^1j;z?HQKrVjBKn+LQEZOo~i_XYA(w6bINoQ+-bN;zx_-uW&;*tddh(Z!i8ePV-OwVI`K{P3ouC()Z}Xjwp)m zM^n4y&uT65$NTB&TJ4U=2R^RK+`_XfvhrSxe6X4#b4?4+D)1$f&zTde+gPC6sK~sg z-#XDnqn3|@|JJ5O`+2Jj5Y@WQ!e{)~bz7cww#W`z)$)aa%~kfJ2co92BC`{xHT$1u zxvr(gou$+)CQNsP&zHk#t4=Xipi#qem79i~EOQUbi{BbR{Ntkt!V~2o$jQLnP8V`X zpM^JzT(qvZt^O=$kU|)Ek^XyI&1;bOZbGC2-oNd%Z3Z@P{~ZU0r;hY5!CM*Ycu?!5 zIG(pGM3iSw#;~0X1`m)P{gFkTq_fLHT72_$!x5S7igl+%nXJgAyZuW=N({IC+_Tp_ zh+{luT`Q6c=$^GBD>P!Q)eg53>E2h--LjZ|RbS1&uyK;NLWuqd*8I$1umz**fcUtU zHJ6?@J|EG}hYR_#l6`3`C3R)jf%oh_-K|+m%4JR>hi=rZYgSYMq#DHJJhZ z??nS-7ow9oN_mQ~%Em#e`R_-XgcAE|N~fxgP%__SnY_Rd=1n}%tDyM~ zO4QwenJT7axeCPL!0Pd!k`rPhjfNv5yylY}yBPD0gL%!-?IVaAtbyQ~46;Cq-CP|E zE`~L={e&o@)@e&0|H&ba(zIyFu!~#S^!E<^V?@>oB`S##ODMRv*4mqH8loq{YWdXs zqr$B>&bw8SGo&5jS;5T6O5%I8!jh5*M-T>;(k8SDf6xXLnx+7iKPx(Bc|S!^hX}~8 z?RS)&4N(lG(^!M{(+O6Nti?Vq zSrFkFus>ZQDJ`n8S9ubXQ{-EO$<*r)ssuK{^|YCJ3_%u~38UB`)FmdviTbQAbz|F1 zy@>!$B#ZwK@Q{b0LEir{`!@cTHNUU*U4I>Sww#RGwk%Ol$w&)Z?CrT+Vcml-Yos*t z0{tJW?-qXE3~OneDt>vbGf?np)^w)YW?(tHBpt7{cKGb1z! zMk#j?!<16!bc^*Y{6kU6zVkCBEtv8iaFu?d1$_4L%Z12Q&vX-}MiZ&KVmhl)($&4{ z2reV{Uf~~*42*OJ8Ffjf!P{{1>rY3yebW`8N>v9^ltgH~25ZYhqWi3}tU(DdMfUi# zaEL6+T^hy88v z=vGc?aR(UGy}bbK`oem+!;;dZ$Sg99BMUP47LPqjCNlb88-cSUvc;P7Q4%KIEiCES zHUR1;?lxxuoqE%Wu|T|%=4#q*Uol&rN{6{gGXv6~v^N8zHg(F>SW*B`vcu?i5_Rq; zRjA9YG|iQArU=$dQ*;53llbFms!m=`!04XBA#JGgUcyVez^3GgkNIks-HJH^>&yVY1{#a3e}Y=-1?N^|LD_oaHW7$SQ7G=|=G)l51_$_9~9hOO(FY3etln+4JE zCkuLD)El;&9cb8PjnrG^$bS~zlY%I{w3vVqlEp2GLCawg4UKHiGY-ShVG-R|X{cvG zHO_SLcJ&v}ADtSTgqnd(P>EX_8sskbaMc2veWAQYdDwU%u%T*`8YbmOMQ=R}$7)yR$k`L7r7~i^c@*nzInnnHID})??PPZn zVE1?6IrNCCQ+jXe)SGH_SH3241~ru+R*klIOYR`1QFC%Enf}g#%pSOTFLICl?O!J3 z=5AGahZZ{*UuZE>y+UKM7W;sCkK)A zkg>DR*YNQ}yDtsdS~%V7*cGXB)cOjI4!{T=m-3oOR~!?jhz5`D0?XOTX#ek(Dwosu z0}lr`@#FXUxOX6?=W};Ez8F*r9^32rxs*r`hsW!Cf0X*GA?U>Gdi(!r2q^#45VZ9~ z7t*l(0M^d^8is*8c3qY5kveum$md@7Yb~dazK;gMDaa63`pbz!F+5s zk9i{EDNY0h>EK6xAtEmUNxo7_8=?M5ysWC|<*@A&_|257_=L1@#l?j-Ulx-LJ|5CX zEO>BV*UK)@f|dI%HljAhQ{?{$5T>eM5Ml!pa>Exem#lkuNcbDh+LKN@>_dKB$>o#M zE~o-WQN?Wk^iGRp)d}Bwe^0Z2TUAB{i!s*}USUrak(wK0@6@osMHQPMh8&?Q=i(>$ z7zcA#L$_o#NX^uI&YSz;$4`d!^KUizSLkN1cYF~<8gVgwrlj|d#fbMs?GnK270MO; zajy)f{t~{Lt!-Nc~4L(zx>7FwJ-_?uA!a~)q z96)-~E`6{3YKzsa4s%Ch^gAqNL;%~mEH<@yN|nIPdVSJptpol&qMz|_ z+SceGEvN;HkCq);Cc3@;rGp#Sc|0TvpR%LrP{LoQiL8#0&(k+P_m7$N^A`J#H7Kmj z)i;kWrmTxx4Ret`r#t(;{rfM1tbN5adO4E3aFYSbZL(aEO~py&S<(J6nBM!!y+gU* zFJP2*KxE9tLBBC#WnO1Wtf{e3vml?wX`Vek!bR$&4dO>H*c@wfO7XpnHU)@+cgMqyh5-+cEC8p_f0FOr379>&>633)u;?r-mCJ-v}Z%fivxV`8oVI4c36Fe6(~i>*;`x#Lp{heGUPt441(o( zvQod>_Mfb8fChPN1O<<{rf<*Wl{C&C)OGwdcRn&T=`-zW!^0K?LgOi2A4#jPH;c^QhbITfvy0>|?712pByZO35{{kW1fn%66JHmiSP39;z9kt_wcoUc` zl|EO=`m?wADut+NLbt5V3kFON#N8*FCl_wtr`M#MrEB5x5CH6lz8vG_G>VX|Q=|Lv z)sEj&1@B&%qGmAD=-W_6nQDAs>NdWscbU_Rue$t{Z0eA3mCoaeN(4$VPP;jKq*lTC zWX{>dk?&}`+5su_jf~BI7@vtQQEP##tO#aMz}RCnq57u_?R)Aukg1ufIJSiN_q8n& z6m6V$wo zF|NXOq!2@w#1Zlo>@OtWMFL1AN({!Ylriu^M8)fATOiK}(iIeITmCUtHw$LRrM^pQ zF8Epoce(#L{$rqJk6x9@-p?K=GCcZ<0EnC_~^m-EFrU%{|U88;EHXZ_RT$`nbMX ztR?Q1HrN-rfnz`gE)D~2jz|FW0>f6#6tpP67+_&pF)zp;ufN$hjE!vp$VS9-Kr7xC zL5)OPavE}ILh+eKpoc2q>h%>~+SDu{tI!GUBtqe;^gbb(uAx%JVCfL>9x`8vG*SDb zh>!bnkkF$eYL^o_MMT=1D-1ivYIzaR1RwA7q=uJJrgFK<-oKMGDL9Yg?|7qRm^^)i z<5UgQyYAf8Z?Hi6L4Gsm}Iw#_fPx32_2^`888B5h^SMevqP=V+q}Qg1YhCZRM1Q!-m5^pUB= zbg~#IpOLj}KGR+GrJ1|dJZ_Zffa|Ww(m~bEg^V70_@_qJCrGKF;jRlf-j3QcSLxm&!so{z^_NYUgMDat)$YjG*{g9-cRawU16(p0#V+N!rDKi*mgTi>s zl+dc=qsm~O?CgZ>%REwBuX(g5-Xga#q3+V zp*sBhqsHpofGAd@jOAq zsnEegm|=RnUbwgt$55>?ChDAD{KquWLI2up31?slCFi0Vi*QKd-j9Y~pC8LcdCRh3TG#!#Tc-F2H;H6`0XHHkt5Tt%bC1|I>96OH?amfd8=I#* zZeM=epNRe=@MPH7&?PT^fYyykbk!gAYpDP6_p+BVVtQSUdwY2X1@O+0e+Jpx*sf-}6bI}x{Ud7YS<>2aQg&7AF z^*&lNfY!9O`dN6GxaKDLx(^R&|E^cVe$#xMQ|J?(+uN_I7PM$D7g%nYHFX|%{|JT^ ztZcb7Z>&4tbbnk@^eu`Oo!^Ua6+a}in%H_EMY9^E|qh1TKa;gwbs(d$Jy8219K&YLprs)gH6{q-}#AkG3Wr7<|U? z+a|u{&bX-m-`ID1OC{#2@q0n-B|rw$^p8NBsxBHF<^GQBjO3^Mdu08YBy?^C5Chh?*wTuQpH! z?oc8NV}lA*D`Y^1+lH2Xcvw?`ZG*V0dvTXsZh5dSZzc3MQSevbQ-G`17(VuxXRVQH z3dr*;QyM%|^NpO~k0$&rY&rhFER_I_NII1RQ&Nu9g{e)Jh? zr@NOk>2tBU33^kQk5PW2fiwjG&|&rQ=JBoQ_im#f0GOCXvvsk@Y-SPgrOt36b^H2G zpct8ng*VyW#ZZG4S!qK5(O&-HI4|mzeYt#$zwF5J-q$;U%H*$X9q$!2JsQRRNj`>? zyX1O}*bjTh=K#50jQA;VAuS&w7H(TdDuso8lDp=)w-?F!ivm+0eR3O2LIjzHM?+z! z=4o~5WbI`j=)K${pzLND@_jpU>M~xtD2IOhT>U&SeC~v~P-q>D9WZ_ns~yz{tuttY z_8O~$%Uh-Y6cCSj4t|-h_5WkO7jq0nzWFck*3}JN;sw1EshJ=ZaN$}t`3-#fm|H@> z5jamdO}~WG&KAS})rG}rhS4kdLh)Pi=5#-yxNsdLj6G_+^8oT!WTXzWwEPQxMJT|J zPXx6-5WoPH0RpW$X>rfMANw zA+9gq2wKa;B5aFZVYh*@`sl~JnftX8P^-0SjsGOlG8t5%x`82@Sw|0!8E{|y5At`=HX+w z+9lkr3&B1+MZefNNjpV7@sm>c{tL>!sQ@fo#NT@Q{f(FG1C+|27kN63^|FROZy)$%eXZYeZeEkx&sYh(xwM-R{-p%gT-ujzFSb8ErWLJ$6)=^rME(_ zeZ9$$Tbr>)_!8qUxczh2p0}P9&)j#ELv$|E5f=zq?H_xBGSv_FV;Da^MkC1wU14;= z#yuZ>|0h}IYZuj+6$~j`s(d$K@H&!UUFC>x&Bj@FI1ABZoXOo|lUTt&0k$?hjw8v@wKK*h1sVL~i}BIg zX+ZrH&Rq&k3UYaewE`u{ zGB(^Im`-;aOb=}5~?)iSB=jM;u z!}r_%8ojo=j_tj?zP{}G*?awHOibl}*xK2S;_2?|_1*B8)&1UVjNjVw`xGOVaEmV! zDtEF6it*Kl{V3^LA^$mw`heL^{1G}?4A-tJ&Yt5%_|)UWWJDZqvu_sm-@Ru(NbA}s z`q8(+;Ug5JDdeGDu!DA_s})FLkhuqSj)DZAvRkHYqYWcC3+ULno7#k##_M6*LBsPR zPIm`WoYtKr>NYZ3|A#s-t68zaW#->$6mJ)$Q;?#c$=FC7m~tx)KQ~}KIfF_kzIn`$ zpBp&wdP}(`(JtRf%VU8?oq9G2p8>h_@Xymt8>QAo&2V@YO@aYVA0!I<78ch7h$}$iGXy%**jSG~7)awL55K}*dgCW$nd_y5e_8)i~5 z;l}EgPg_0!Zd@=v-CZ9aAJ1L`W1OfC0}TZ4`z6Tbe3@@nxokWQ*Y-1>?pW|I%p>=< z>(@AzO~c*I-1aq-T2G;L3aMwoKkFw&E!&>?X2QZ1rm66zn`e;;jKwc!fj3&=&?m|J z*^0Mdw9L*C-%3Yj-_*=Ol`H&OW;Gr&qRSFh$Kb|G6Y#Xiap3KTHon#Cyd6OQ+B6|s zbGg;j6we+C^lg~FnC;WE>&-Dq*`Ppf5!D*l(tUZ%iI_*pN%|jNL5f9r^abN6+Ps$M z0V6~+^cobVn9(fKXn(r7Tw|J=W;Y76IvOSwl5SCJ*v{c~F6nlR ztls{OnO7dS?Q6cn{J0{xER;wsnoHH`G8bI|dMr;CI>87?#eiD0Fv1T5aguCoFtCRG zzNkIww)G$N`~KM47pa~P%O9gNyFvt=o6h<2FQZ=Bs>*;uvtD2FD?evtL8*-mnUps; z#%;0zF~FCL8bq7@R*A>u7j`23%(BS$c)6vgJh4$prEIkng|+Oi20e25{HFaQ<@!q` zd8P8un4X4lsVjE+9r6D~);k4>5-r-6W!u&++qP}nwr$(CZPzZ_w(VWEy3V;BFW&8r zSRWbrojQDRc(!IO)wP8P<3Y&HZvv1SKk$m94Ly-GLXqwYyEKCd8CkhR*(x zW{n@rOL*%?x?-E0oE-U*Sw>0}x0g{}u1{1IETh1_n^Abdk5cV>6(`}n%)U0J3PSew z`-8KhYsdcsLrwRKGG5@26pJ*lg+uBw+Dah_CfUr@L*c7hQQ5}|!)ctgsuP{enMc3J zn%j3qNQq4(Tk?I9+rT(xl_&|^sJKZtCVnrI8do^0=PNp52i*+dVgdJIP(1=CWI&rWag7!0WnxZE++ zTyTuFF++iI?qW35w7T_%`hKXFLHB==DCTO+^ZCR!C^WeLYG6J5@AbEK5;?YLKi#2lmS%h6YxgKu?AQZFd3%*<30}h(9{OpYHAnCo%ibJ|bw@_*#{ z1qNzq))OwGO(ym$Z_!)nr21kEq9ecXJbF<+zQFaRvX1+I+m1tZdlO8XJl~hlgetB4 z7M}izSXqdG<~9eQ5jx#DV{6xX9WrL1_!sWrdfqb)aFdHFen;i)+ZZ>9wW+a zL86_Z*1Hv$U_%R&n>PP7USARyJK|R02z!7rwj*Nr1H!#O7-6WYmP>mZ|0)rjIFC1= z%8qp);JvBQVT^Hm;%JSOh0bn(DS+HQ+dcjZM*~CE;(y_2up>p|T5mxj?qyp*<^RA@ zjOm3|dX^nzsQ*8`pnvH&rTW74I@i-`&rZT*FP@lqu#lQ5_q-Qz6}bm|SKg?w>S%1Gh8=ScJg zN}cp#O^kH|QoeMYT2v`h;|czhiT13(Upg8=9NO|9I_jJ?j5X8xOGlxVT0TN9Ffnd7 zqHvoVl#X{XjwUKcaxB)m?N+T2CN9AnYOF1j?^Fj#Yg4#f(eqf(Xj`(@a{s=xhN<9* zXbW$=$ECE^dF6)=w~eKjX8CljxA}egY{vH%@VW_=pA%(*vXh2Xh)Rm~)W&Sy>-sF+#y#=b}_+1p8Ab?V`B8SL>&7>4S; z67l4!Z0M=l0X|%}LfFXl*i%KIvY<;`NuU+aRuas|M5iRF63*_ZO{w0a3{`&0@; z@~Cg4gIza?$IcmX=k$PK3pdTe&R@C0-PO`}vVt_By~Mh%#?)F{!Y*xzHU`0kI+Jp= ze}I5*W66cJK6qGhwv~FhTCu$pt#7UPYqn&}YA1Ej;62JJ&oN2#pJwFe%i+w>;E!b$ zgY-T)wQE@2EUaagZaj!H1zu{2JGg( zxmgTkgmC`a702JH9+I>A|72P_1-`uiKX>_a?B3?Zgxz@Jx*ToUzzyzaU^lg+F=J-# z*t9GeH7wfmfW4kdwiWcd*}D&`uKz-*!3O_s^f<0Kn7Um*!YFav4`UZ9SL@q5nACE= zf;KzQX3wOST#eZX3D=RdpG(@S1s4Kvq%uh5(x5@w`EFE#Kq^wfA!U!U=fxhhDPW$lYQn-SYsM@&!ZKTf?e%EsU(%AF z4bn$Nar6y8m9bQ-5Uqd9BbPP>ejb=Q+SJ{_T^FgoKmcb4KJBZ_0U#( zF_vjy=`KU2I4Nr<+-YAUPA{ufx>PX|DLg9)@(uD}u^y0M>5kd@erS-N2$iAEQOZ(K z=@^3^qv_{8s}#~EIyT&fsJ(IY7oe&bVpv|=+0qppLQgbLLBF51N%1svpo5(0%wVv#KbX5PI%LF>a8q8 zb9rE<43Diu_1b&Cpfh^iyFLxJGD$pVh)^#?13$X~Y#MS(9_y(?L}TT7iJMgD{h+-j zdRa z_2mluo1;B*b4;#d>jb-I76(uQC?cUGHjCok0eSG;&QtP5t>k)1R zVYft6nTkM#+Y$VZqNoCpd@hRZQQF}ZV>SS&7z`z`zj(dBUm{NUr@ zD1ZN)O_u5Leje;6m4VB_^*-j1Um?eSv7Q^_>Z!P#!9x!Ct6#jP`W zi;mn744C4WG`zw4Z^YKt;m?7#X3|*2Ue2IOijjeVwkE>(!>qqGE_VL+u(OKH4a5U3Tmky3Rf?s(Udkl+aDOK{9ojL z7(JdrJoEoY?rHz)+&2Edo!h?ub#C8vhfiTnXJF_ZDS-hv{-s=3z?MDTZ z?MazUHK^hG|F>~lbsGv^N?Uf5EnPxtZj7}@#{vgUYLW1dX>FdAt6QsGd>xtnaVZqnm{tBFt*yJs4n?Xs!|B(F7tpLN2#7#85 z{hrrxan82;pf2o0D~bC5kbFRkA-*)&!$QA&sE$_sd3R8`3EBe7?tPH#yX1tm;d4q_ zqBO65%=j#gjRDEkU<+M~Oj=22zO1w|c2}oZK6J+@fKQtX8$-wbp{ArFw>YwrIxf8S zEhziGarsp}$4p{4fQ47M3mUfoPNmMzWS&=;VHQ#oDin2V@bmSY29XhE!2akN40{VK zWas>Qap`AwfWt#={#romX>j1p7eoZJK+-eU0J|*;oy2GXZ+qH6GDUrP8beZe z9?sog7GEjyKP(=<8I^asWopTHidLhs?$ukk=`7m{49RjAC!e4CH(ud@^)s$_*=l7Q zOQj~sZll?5J%btj*am=orgxBWj^`t*Cp!aG1VFzvBK}cWso!LPhz<|~J3@z^)b}4K zPmqgzfqPP#=~$Cp6`2vh-~mTz`YJCRE6FeEHf8MJh4Vk&Z(TL$I>Av5n;HXIEY<_# z{=x;>@QlD@#F#yYQJ2;tQzOsKs{60MWNmBB8@V5xc<)$*m{snT$o}KG^`t@ium&;! zL9p_nZ6PFQsY9Icfxv3RU>f#8)a?RjTLjRy@t|yDfh{7eV}b638wAjaeq_e|d^nWL zW?`hKf7fi`RsO-VnO*0$xLqo33aaAsZNz|I>-g+S<~URg+>`dN3JLD7RPF=xUmf2$8EfeT6s%&k}e&fY&<5JX)ps$i(rt zDD!Y}REjc~T8~VT_|zSbfA>_Yzvp-itKOR<(>zp-{eQ9`F6(x=po1 z1zd0sSqOj4W9bE-Uk2#WK>yK>sjDNZnTx6j?(n^PL|rA1nmkH82XG56W6#+g>X-@Z zK*{j=(_Cp&lFm6k{4~APZ8~hO6_RiH@$rH3n#B-yX;o8>Hzt{1UF}2?b8WQJN|A6G zxo~cZCX`cBCjevtkfk^Tee^e9NWu>L1r>c(3W9=Y@ zTtwT5VR(`(u(uCFT1A%ggT07`t|%yQ>t^C+UR>-f*G;Dy6O`J4Ei96#BCALbSz+1< z>!^?K?^^-RD zY2<1tvOJ&~xVtwDAw>BH>-O?eP77snJY~f<`FIAZmH7qsQ!j&?3n)xXJedu2EX=(WJi#~PQ z{4o=6W%%C3__2%r!C!p+nV9C#vU{_OYR>#J(^9YVsWIqH+HKve^!rjBcE#h7j%-@D zzKURb9>VrI5ZwP*L*Arm&t_<-Sza|=`nMBnC8dL&>Oukerel+HBwCtxepS7q4E`|P zsi#V;1OK>Dz{e9N!cL+|WoDJRWo{5|D54rn9AFfTQX&{A?XWqRbMgkZ)mIcdK{*#jhyaN> zpodR$w|4;Y3D`@6N;v+zs2aqe8mt))f&@jHOrHl3ALn?PkhkETy63N6)37f^a$4}J z$JWKi=VU&`o#S7kMO%9Zk`qxd$O&`E3=_sxl;$wiV=-DXyE^zT*iuO)S8paFvC4=1XBL9^{7kzP!V{SH-`fbm&z$@xhW69g4*&g zkFxJ4I5z`qx#|>aATL`jZ%XqB&D`-8>Ku8lhBFI4WSQQK2W0s$uMx)o7${K~jDsU-^cC3qHX` zg?5}3GzVUj597>}je82oeqnEUQ?f5{wDPn9)y)@NC{bZ^@>3m4bbrv;3 z2NMi6b!?%X{3?Q3hP>mU=8~zg5a9_C7yfrjqH#e`XJa2ApS|y150E>?oxf~<5+N6t zq_<{wx|V{OUFw2AOwMsRx=E3*#E`Z{znSK|5{$tyte%ey+5nO7ez0SqVAksi*2J^p zJG8*;-gB9OoZ!LaDV+Zukcj%b(?bN=0Oa4I9EnC6N@;9+Cp`lfX62g(dL4^Dl-Uk6 z<^kBOX$x0ZPCV<>ZZKwu#}asw9fX|77h+W2dBK?~9Df$d4Lw6WcN`ZLah6z)uBb-o z)6Q?mE{H0TiGd4j=V*#@A&ng$`Gy);L+rKzhQ0W0OkSoYpa^zp1kwu$5t2Fc2R>`c z)-n02ekd!*U`+x?4~vYpjkM+$j&{(kG8v%Frbd*wsWN6A62?U*76rsONfJ`&h$+?% z_<_Y+0NfJ%BdxA66EY;N|JdVol?0NLvhRV!nuXxm2hDKJOc`bohIt-{(!FQW-J$0C zsB(JAV?=Opd020QK&pF)KaCGdBptO<$^_(LB(@k_qM-JI$9YIIX$Y-@gp=J=&*2xWbvqh7 zQA_GY${<=VZ1fK8@$jV>&plCT5}kNJOd({~1MZBVzh|1tD-=o_-zsKPon`0)GkSnr zN(0GcN%}%-Ldp{&5*I&P9w(H{NSSk+G~CevsZl=W8p;r-+pbl(Cv61jAy{g8s@@UN zP&?BIYP^h?iuB>sbhDHJv+C{S!_-11yn{3_2chZrbnw8hTNMBtLL*hvXQ5lytT2tv z&!0x1F;mV~`BcI(W}RqsLI#bolRoy3lI5dhPB7!!A0d=j)B*1-gj54opV{%SfFP?* ztH)|$QWm?VcK@;=93fZ1D&d$hTs6bu~a5P0K$j`tKcV$eO-F1tx5$j;yM@ zMZ7qY3;(y+uA#0IbtYBybsh2hUCW4gba|5Nt9gUBW zhC?q)yJH;J@W$}l<7JIhKO1Y%1HETEmbz@70CSA*r>HZ*uDs2xir~v~w7Y!X?Qfp% zDD$s%8sMDu1~5yn?cu%i%A}vSO{JpCU(7LL$JldZ&$ktE4m4D0y8O@dHn6dhIY&7A zI=n3`+R&&o} z_;Q_WtY}i<>y$`W8kDDFgP$SEa~WufpS+|5@3BZGaN704lar^JqvEOxXOk$-;vIkJ z!gWDWMr}?q_F;0(qAZ7oUs6Ej*l+YxpprrZ-t_e|Hj2}e?)9OaYEfSYbQUEC-FFD? z9jIH50|+7tBRJ!QZHZN$L-t_aXQw5lBc<5b~AAFswfpS(9?n4(Fc z{{YMw3?oxvfiWeS-GEA5js9D#-Q_sd80ip`DEq-Hx#s4IqIGC5euGHW)-$`3gG_-m)XwqFjqk6Sk>k}DhT{`Zu7RM7Ug$qDT~;(|QDZK|&xx6*%RXMo zGW7qBD(kzFsetVtNeX^tY`e{-mLGd-VF^(%=~2_Z`&Bn&Q_nTfm;)oMk0cBwQIp)$ zk-~-V5r)??iGJN~M_dTbvn>ykeM*_EhAE35dFXfDZm+D!@xl8pvo3IY4=);$hnIZ} z^CNGbQP|(PYRkPSREPOy2MD0P+E`sGMKP}U5P7GOWa3``d#Xe>qL3JPp8sjE+N#=6 zthT_973I@)p?f68=E0cu9VCa}ujD-&Nc?&sN1;zz>1BIyW^H|*V~0RN1&%&aT2pvO z=IoHiM*5ggdCk-QdooTFN*~En=Br(iem*Zp8~>2H zLC!wXr)sR84{w8q=r5)(Yrw zFAw1ws}S{u^dcelx}0U`$6TrZsn3LG=LDi;tn&6{v&BcGAlG6ka6&TQ+N{I6Dd2}q zrF8_FP{J7iiVevc6B@MM;JE?@U6c#YnC5b#L&bTei07uk0(xJt*87N^D?d0aM1kCy zHWp9-Kn16=MhPm`n7uB)Z&grQWz$Kt5-VVRX4UmfhetVBQ%b~?Cgu!gt7ZZW#d#KTk>A?v{COs(MP@fEHg4CKY2S4)?@i; zE-UrwZBj;nr-}ElZmNLu)iM}|N0aBzVpPMUv(bA0%goH52}W0koV2D^eg{}3J1C`R z4>F{%_C?!#oP46C0)r>baD(AE&_12DPM0yu>fd!+@wH?y!!HF) z9w2}rm(GEuQM=u=u}WA=OKyXwas9(Y1C;$ARqH_4`IU53`GPla_G~EiriW?$=F{#j zEW4uZ`I)vI#MCu1XUIis2q+<2fji z!{8nL41B|r*Nf5!De9D}&Du$rMa~w70!I!lY1`XlS4F2+-Vtu>L4X$7xy~+hwHg#L z2FG;Xe2vU;aG9W?ztg3!3*8-2;fZm06{Wv_pi!?S^}J7GcbUym2TR&4cH<*I@>l?-T8&Jg?g$;w82T zhO#5A^KOZyw7?mS64Fdbd>Z+Rg(dHVE}7aqMzV_YsY+gXaiHKkOM|(F-de@e_rQnq|O! z;%niu-sgAY*iuam{7K273yEB?m`tQeF=Eb`Ei@gzc~J_u)@ViV-guCjxcysOe>!gv zv0-X8dg%BS-$nKxM2kB+7M6J9XccL2Xm#B324uaft>ohbQ|bkIX!K?%_rtg3T~_+$ zn`;M8D-AP#g5a(}Q|SmZB$FA*)?x&d_~$SaAcVA!;+LAu1oJX($j~{7Tu;O^WHB7J zajk*mY_eKO2)a^fN`Wc+bJ<9HLSi2SKvo=?5gUOx%d*Tkt>(`Uc=Po!6^vFO2x`SE2(AJJRp z9Hx*dHayGmt^a9OB8QqcGffX9VA>Zp31`S6q-?H~tH3IU83t1uNem?U>YDo$dx<7k zIP@yX%1SJUv<;OfV^hls0jabl-8A%Dp9%AG-Vdu$@nuE=_4 zt5AJBSsC(cjDTJsRJk;Z9pc-=@R%)m#Mg|E$3;D>W;X~5 ze}_c(rX(zFlHE75?%=^rvrcchbl5)!5P*VOM458zcWiUo^4b2>FU}L#+r_mjECcDW z>#Ot%uHwYcT7&1Kl!Vd1cQD1DE;}0*Zz+<)vzpl9O#SXpdC!&W2BxZ^s7?eO&vZS6 z`t_s@*-K7lTt3GDJb(`SYD`EwLLv{92$A#n0+bxDxDM}0__fYSOoGd5l3FjIH#^Kx z5+q&w%?OJwQ)=X3{=Ji(_l8|D{#1xt9=BU^@u6a5xOoN%2gtB93`(#2QCoe-@vw}u`%P34~ zLbZ(6jQ@H`IpUsb-v}0|2&6XR0oX7w6u9-PoZ9`>?c=G4B)AJrDHSEmCML%dHr(;} z7HnBw2kG9!BBwQj(-hh)ENkvzs~Xxo}c=e#|*Zle3sl$b46g*R{Q|0DN7+j zsJNUr^ikCtisGA;6Ga=vNi=N+2xXyWEy2r9>qnSz?3bU z=>9ZYsFS#dfK!I#WTmy9tZZ7&xeQ3x?7?Cs< zI1m;E8z_`b!7N!VI9B9_W4GA!OU5t+hBSQH7S4h?ilMcd#rW5u>1V~r!X&5=&&q^W za!Q`{M(m3!18o3aT89xFbV@YFsZ=Mk6b~x>Y;tNUXT876NKl&};laW{R<6Rfe_VIk$%kyyx@cnxE`{t+Z>#pr| zHjn4y{Q5krD(W!r{K4;MXyHur=l!KAZ|rWC2ixQO^X6xsvzlvmd|oo+(fweZxacp>TzUL%FNl4FyP*D_RrL*fGv1cQ$)Ir`2#?a zTXKn;sIRL8!71x+cxaJ)He_Zld-npt5~+m2Im$<0o4u*^>&eAtDBY~C%f4vtTJU!UPXma~sdJmqc1~Rc{ ze(}b0la56gv67q95!GT&?9=oyoQl4_jUwqbs3(~nE!;8c!7D+5hTX~;vMH$$g^Q{K zJoP9KtOuSXG$(Vd$Nb^vNmDt`t?QJf$v+Z@QlxE~hy&0$R_NV+evZm9Al)(alJwB- zAfT1L6+XmRIRJpcdO$=*YXmDO{5NRBQY!+W1Nvs_;fL(OQMjv9oxfJw!+Uq{WAlBO z=_+99oi;0wi^|LufGj*SnG4}|rsfjA#+jFv6c+$~t6D8c5b=k=mI8pfzGfH6&k%g9 zS@>`r?S5hLRy$y;WSi@M++i8}~%`H)AwIxsSEy1cOPlAap2 zKl|Cco{88pHED)guKRC7h=N48})y_^^OjE|x%1YKUsU_?R54j}L)el5J z_nGSyFVXq$XTh?7$-u?!B90t4=P*^eDy&8vz1gS5I%8#)MPzRY>$0_~?k0v2M;z2sUsT(a+$+W(g@VM^Phw1`vk4kz z44kO49jGVr=Wv;}=_#RI6_v^Di{X?)!cEKNG06}O@xGs*l69&erGMq?eZNgIWMW5!DP@p-ds z{z%K|PAf_)Lf7kk^}L}g+V0L#E9%Xk|1b4NP*?;kMjl0 z2f6ga&v^LtyorpX)P((v7;7=}1XtUO2s{zS#wGXoz0lgtdL&G1=Y@nA0ZiSn5zT2O z1Irl!XtD?bol)E)jm$`Y1MZglPu#|4q#X@7E9Tm)gYqw?LC~eMASnebaAM!sRlA*N zkR5oJ90Jr`aByp_?QWVuNmaCJGM{l;jgK-;%?|yOi>)iE@Ij7`@wa;*LSOcq0T#kz zvj;HTqkCQ<;5(aPa>XXrhEVUC@G=(=e-zEz8p&bab)hX)s=kP*vl2Yv6cp?-g~{JQ&oAx-Sa1Dx}mKmHT9rQ>X+k(8;Kho7zP2+k#nP zCVkDVq9Peo0NR7Bbd-+tR0s;JE$e2C1_r5G(wpguElnbv5#=Z=$6Av<@BwE6+Gr4# zh%j@ILSgJg`-Esm{Q=ea6x^VHef3=ULV`Arp22xoW@q)+3=0$}DOP)d;G1RG-v z@yZIYPp%^i&Tk2NbJ@+!P*d$yTE&^n9$^f}QZ3fFdf?Cpi5EHVO zH=vM*;0*?_!uqQtv&yEJ*yGfs%w4Ob)vP;P(x{0RqkgVa7?K$i#QJ_+%Q;kOe}9)j zqRv(1ru994?5@)3Ud2eh^rm$cp=W*U8gb`+eV^tpo*=!7=mFvCmR*ycp;-08byDqm zlSOaRhR7o4U7DUrx6MAyqICht-WAB{T&^ zxy8U?)IS4`tHG6LC@;`b*K8*0Dx&PhD}Qweu&+FW`uY_r?RTBVha;RE065Ok_kL6^ zK%to}+=6yL*WaHIGhK71)eUypy2+g#Q)yvMSY~@R@E)aEB_LdOP_4s;-g10b7o{7- z{a6G$lJ*9v`R7+|T+~WsmozK3Dbr|bV=0*d_}Ht}S$RvPUB-S>MQNwwk2KKElPTTL z$&3u=QtVHWc%fvAq{|32NuVRHWV2pmBdoz{>xJY1L4=9n#dKJ^=-gr*h+<~iyW*eE zJ^Ghgc!b4G`zuhc2@@k(t;Wkms}=DQ`@^Y3y4{U$JCrvQfyJipSenuk12DP7LWxrd z&r=F5msiV3Iz}R?B>p+x=C@%`G){Jn=g-2i2fajq4Zse29J?LO1}1Us3TnkvTZyIO zL4fKMWA|OBTc@A?UArBW1HXBH(2Bblx~*AhKGpT$b^Mvg*Y{+r^z z!yp7?kdhHb5C5~QQ+#)(;n803Z*|mZeGQS9pPkIV9k9E2eZp=n7XMHrMD&Fy5BVFs z%Zi$5WXek!Jf1_hmWe`<*MIDh#|IzGe^+E@y8oFSONQb)rrMY_CyFu-xY;3HC0StU z3fux!3%$I3g{tVaadxT|h3Uv~{NJACZO)gsaho-=7poyjdbV&yxkBOzd zM!c6E+YsAk`YDP-4!I#F{4uXic;U4rsv(TKrpcBGJTP-zjf3Rj5!f&axRXwW2|bfduZ8Pttbd0oC%Tp_j-j^dWppPnG>{fPzgiR4+x3V4Hi4Nr zL!j;i6442dR%H6}VwK;T*}bD>;jRK=E26;eYa|6#4DUT)mxwnd*kl2Ft{2&5aVD|E zYKAO^5D28#LwBM<48a$6^aUV2|Xy%mjD=biw* zz(jkG=`>_UvEEehrm#V8F(ij68}mLwWU&xZtBX9P-YGPU2^^t+W0Gbw00D9kD)R`d zFjBgN92!A_KLm6>k2h3}1tMkhoAc&eowjjH9Je!j8H`YXj}n>R1B%C(g+Xtr!coD? zA=_stF@23-$3$4!ayTT-?QVLS-P9ysmIsF*U{Lbu5*ZmfuDP2t>r5opv`;Qm9YU)} zz`2btG#@9n6?@9P7CAGs!ff_Jsqu92Wf~e4c1giG#!#}8@u(K zHG1jy;PP^a(ncc7lcvF!&bs30#;Zn**d_s&YYeU#y!W)I1`}^kL&p9 z215*05LTU^a`X%C0w&wxcwloE$f7zWCY9I-NhU?GtUG7cr2=2i!qU(O&yY`eDuq{k zMT<~8ahpEV$Q-PtnUYp-5W?B2i6&OrUUYS57gu;N-f~o$ z7^83+m9IUNsxd7Jnqjsv*Q^z1VMNP<;uvIE(}-v}z)3^f^eMzss)N2vWe4EFK@UeO z=M=P(^rxm#^H~aXE)1lwBW1 z=^!akhkXd0n4O*u^$f|d$Hs~tv+8WiR(o<%W^Uw%hnEk#XP?v|w4oo+Nqbn{?oYzI zQ*cPj(sBd^(bQQo1P6Uhg79ba#{&Q}N{-12N$=in5^PB-8&?qz%&WX?1M z2uI$f@#B3*=bezRSQ$MNLzAOwId^=XtDkRVF6wEB^Tv-9BT6AN<)-G;Z$wV+W!-p(uXUHU7#>wXU?qU z){xX`b{RyMRkGKrh!a>1xK!!-@?-}8__{xNw_dsX%}!aPsAq3wVB56VICiW^Pt)!7 z$SXZaP!G#*+u4zK;AR%@=L%BG)wN;-0?*%4y_y|&_?yY@LJI7Url(wp!Tb^+9`ujJ z_nL;CHQ$cf4YcQPNJYW0L=pD6Vz{Q^pg%Q0xW&A;=&bGaVH)}0Xv*SGz9i};G8|}8 zw;ngaroQsZvgeXrjmya`2vs}-4QA@T<9{^a3QHtIg;y91aieE8Pck(^o8H-5FKG4O zmru>-^M+ot{A<1pT>G>WF;N*UoEK|BmB$?Psb@Sj*Sf1##;mWVW($!a9}Q>@EMefd z*qM{O2-)S1gUhJf_ad%L;eqM93viwg>4Nfux&R$)?O#Fobm+8cm!(L;)mN+WgE2pK5Vu`yh+bx3&yKhy#8Y%%hCrRB zNVfA=W% ziTwl`LRE6bt3VLteJE8~hoZ{9PHio#8An6^YPCEpR_W?U< zz%}fGMs{+xV9Hm&DsxF=ug3(Yl5CP;#O0tsoQWk>{#l(9l;kne?3<&>nBwTwRbd#h z*vo@Rcs`zN>V*~1HA$%BP=ceQ^4lXBD&!u%V^STeH(|i z82D|iqW5h>5rnHE+YIk3i&%qRQ2#srx zL$Q_TZhK6iqJNlxz+KCQId&4_QYn5p^y+~Q zjCD4NsIe=w6Pu1}sFf6@xUm!o6#Kj-lA~CN^*!tAIe6ML{fkAsH@;)9sVFXhK+Q#H zuAzPYB2T$WKrNlbBILWhsI#Gcj)?Vfe0Vx=&}YyoTXQf>K96lHFg$7z^d*>1x?X8Dq7$N%9xj_ zomS}WMj}27bc&{Fx91H*lhp>zy5wnwl=B)wuwmB-r?rNw{H46+X=ZD)}XYsjJ9quT93>H8lYC2n}e;xrDXeg6{kkV5xM%9irl=HPK|Vgzus2=7Le zY3xdi%nmwq5Y6#?<@!(v#(oLbYpn=Nec~&!q_W% zq7xl5)~)wSvv|vuQ?yiMN`Z)?l24sz}(+ zf0;?GSuQ<#Rw;84Ak1!Cu7rm3_}4s6YMGOEqXdfVAyk9Y|HC1nt2W(a1TdGFDJ=r#RSd zmgl8ppXEZqa~BbOwRhb#7B`yl$Sw10DKlzKLjA6!)H0nVzjV|o(c+i_6H(FgWRU?rhom1f=@YRzZ-2b_Baz5a4c@tf#CxfYLI}qhJKKE=afKIXpDBn9Op2 zrU)cb;rQ&<xc}4e%5&ZK|MVnB_(j^3e##$9a zLnX2u_`)F^g%UNBzOd4xWel*#@LbtCqJ%D#B0dqI6QFTlQFJU{-?#}j#c!t?^~%S^ z*7B@?LNE&zgn=SSAkjT%AuNPoO&_Bsl-sI%^z|s4PbK)*skP1H%?=m&Ieqwg6cGZ$ zzo@m(bc!LL-Rd@nGPd=rIA}BdODjbFsg^mIZ)%F^l2ELR(r4Q|<^m$BduUI~4!YP5 zdSA$spa=Cg$r1A6W5|g>AY7i9^jimjXxj4C`=(oWW7CmiKN!$^0o{=mRs>v{IlY%#_+>iNZ*hDR%F{N%w(t2nD$n;Hwt?g zsl|;KU5siK0i2Z#Zwf~b|M1OhSD>S!ky)hIPN$AM3vRh5w!9OxZy)vq9_IjzCL9qM z8{KEDz*ruRnx<76Ak^lq4K>HQE|r8M6yc<2zm}HA+YnX zStjBbu}!LwT1#|T+rehE7*5fTBu%LtMew+k_RHb2N1^Ot8t(~R4JqAvwVIg{0JF{e z9jAlrho5xi+1IDLRO1$fZu4p4iT4&&m}l0vJp9AAt+zZ}=Z#{&@5DvEyo->|J?>znr}exX#hUTF z?cbc2h|Is!a+;T>MZvnIS=$T2dI+u~1FVK>E|={9cMWrZ{!}77by*3cYm4tf$JRQ& zx@O=pJc|+?d)r1yyZ@dxh9)VK6j#;*M~RZ0$ZjV|yM@PRb#DLQ)ZD<}cl^qZSnNfC z4(@xX8-j#_R3^sjV6V)J+ryRm5o$7HTnuE2x&CPS3e^`WVt4$%n1I4;BO7A>v2 zzq}n7Zd32Nwc_VlhaFSF`0BPXK>XP5>EIf0Ci=XH6x@R1aBgnLl$&N4`%0|Dt`eqYTwU(rKTUliiS zzB0oE?`o2YjPm#%fxHYv;C?ptAl_qZf*QngZr-kuH@d52bannO^`)5+LDo(y#{pCK z=0${gggFN|)O67k!?y$@^1M_vEfb}f*nyWnU%fy0&0Uu16iIA#Gn?p7;eslG%jw^O zvb}nE>Ycifnt|Uycf+#1tD>AL=^8S4pemMyv`sR#L@)5|$D`-_%AaNvS{ZDfKIkxb#H$yTN$@Oy!D<1ajxwj#&p=Z#hiI^B&y@&yF+Cre+eb>oX!OFN&@&1 z>zxAiUTqdM4lBv5>Xb8<{aVi{$4CqIp5Z%>JomD?rUB0FT0<&Svh?D5cv}mMLI^#p zr&f;qd~g*>@oaJ7GV!g0_5eK%*m3hEoO{(_M z&ZyphAS18!pF1NyYVf?{w<`eEtLM%Lc<#pu_qAhX48$lfR8z;V@CgZ!W{c3p$&se|1LW>DfJUB_*4!u7S5P944v^P{`H2ETQnsYOnbER zuOM!G7M%hfhk~P@4&IJY!2O>G=$|bAl?%f{f)h4~vd(=T4b@@|aZHE!S`6Xl=Yh<2 zs8uc=PdqJc`@6&w@!bzsR~KIys3@Q)m{ggPrkG&oQlgc?@4K9VJ6>D~Fb*9G&P zTeh^oI$(n?g3iYZxRSD&0J>Yeb>8EysTc)ymFdmdKOGlpID;|?kQ zeVf-(3L|p`!}Lt1a*FSafR|5Ex!=t89YhDJZ$3rRt{Ci#XTyNp3`H<`ZpiS2AS`u) zf3$O7{M3qH6Bx;}*2P03;q%l0gl8kGf0d04KGbu|OHlXKh`Z=5OwjU!5=v$$sID^_ zF`YGBHKfl}98i9W@6HFw*LY+(r!9vTM;LpYdC>_5J_FUAS5>IQVr;LN8Zbw7hiw#vL5Va)0j5bO5t?3-N4_yAEq-R z4|zh)hz!WhDZcw2``00_VW(?X;HRGXJO{kFjSX-Njja9MBfgcX-z$f zNW`;G&$GiUR^_-_!~q(^zo=M&3LSbHQsPa?E%G&+!nIK?B6l(YvlMMrCQw2`Y%_>z zL7a_?WxA=^)_dQKyuF=o_g;+lI`Du45I(MRZ<~($Z0@~p)`9?+5s8e{VmTCWDwdGI z#(XzB(*V1G36yC@qizLucE44ebU@{nK!S#Z$#8*W zk}}^Wi~s?Yk;+#vb8qzRtDc8+*5%`$&1#hEK*=9hCCxu}l4e0z@UT?j_76jse_Vww z|JX{G9|`=wYodG--|U@SyyHF&FL)v^F>8yES6+j<+8O^iS)i-K3lM$0Ke|9N!P6=A zb&_9**8zl5)rD+>Rblx6<&EZ2@I3#qO%ec=*k5R<^c0Af2+ zkFSTh6usc6q966Qa4=I2C9@LVjyWu8}FO;0}2*_si_Vug`D{x zrJn8DcI-DjZ;~xrdWo%Cw{pApU;JHHyTzxnhPmpu`s&XblMAaC%Mn0FC3=Yj@i_~G zF^5SA*7@!9>N_K;L4lV$yWY2}qd`Skb z4Y#tG(vLq*Df?*h?ygha)MJ0GY4zR`6628Gkc)&*dMldFn(8;Inyzg*6zhVDTT(o$ zKs=S(C}om{kQj*g5E87E)Ic4T3BM+FMr=FYPJ_t2uvXa+KI$Q?Z^3#<&g(V%_gJsC zpoHD4rD~UhR;%rTr7P6 zd!b(3TLfxgeTwhK3%0b1qpo(RuE_{{8f8M@93-TomyBmp)Ibqd>|Zl}8!O zq-_hbb5g>j5zkOz`&BCr#*ZY>;nG}7fC-sVhJu90v1+2lDnl{1o${9qJ0g7dQ7qVJ z)RL@+x7AC0b^Cn^8m3k7Bdc7N6XMW84Yi4GF_lI(AkdtIa9!03ek5p=h7vQvQxPsY z7MVuGa~jj3@bZw00TD9c3qY&@-Qom9jXE0wYcS~;jYi(i-ZINCZ$D1-#Mei`_j<1W zH*3(5nH9Xcy(Fnvo`#!xndCuot?g2OB=F_x=;J-$03(0zJbEzqw620-` zgiG%85ZzF6YjVNVu7kY&2z_PU@oDiZO}sH4!L{^Juz~qie8watW`A#LKo6nH4byhr4Za z<+D9YoYZfJ9q;SqSQ)A&ytaMt^-nZ1pC)Zlfjlo%I1y6h;)v{ z9O)c}R$|AdAAMUHMLbADqIZ$c6CE{{2vviMdHHmO5(b|XuVi;lquJrk-q(9CUp22S zvlAM)qj~^Jr-sqJ%J;WKY*^`~#NG`Jbn-(kofBys>wBNEY^z&!n+?L?io2gxF_6+| z>-XxGeX%q8de_?-?S1p|>*W`CtpasDh8}wu#(b~ky@^io-6@U_dCL0U{6CyJbvhT( zSZG8zR&d6y4O@hDda@kCHxU>EMmYZHtJWL#;mF&4wY#&o*X>5O0{C^){r1-VxQLr* ze2W!lO+;Us`QbFL;wJT(%@QIM9N>eYXoi!g49xw3gEy-IYTN<(fzIY6vCsvM-`e<= zn%qVqzs-vV#FPTKPMLoOli`W1^jSY zu2|Ya#!paP&P~E?um`YlBqU*h%LbW6)(2jQslNB=b>6mqg@(xlPiG^p1~+ro8r>l{6X!b-!nou#)#p)+eH)Jk%0@gPXr9gp?C?A` zx9d-%4gPbFn*4X}Q*(QJJ1~~2Jedsx?hofO3WqwD)ew@3db5-UWEe$5fRO4HY(c(q zzIxdwKt33r$?`C$_p@p9FVv334IcwCZCGFP?QandZm4MTP;CDS?zb)2)2Ifm!5$rv zppQ3k9r~Es4*uNWgz{73;qZ$vnZS>RIZ^Vkua`;*dvm|FaXrt#d`c?kUP-M^Z7`gRK zq(zbUnfH<>u^LdWP)7_CwFL?D2}D%GEbv0gh$lG@g_nOcP#IP+qy5xqqw;EBbga?V zsRFU*M4*FOCiI^h+NjZUcMOuaZS-D{WUy7~uF1JoSF8D;+G&_(EvDATq_0M!_X_dM z3sIY>?pkdRLbPwYc~-Rm!Yq z7IrL#0)-T)nw9);YQSPR6vdI8TxcKRRhOQNBPy=P^cV7`#>=@Fczv7~wc$j;%O39h zYW)pshe{DEAJmKNk%V3(m)RumTN6?9Vm6J2C18HjbHlFW5Sc=OiKt4!7VQv1Nv` zg`SzwJzrzs0q3kTk$wwD=2yfH#^W_Rs)-0^Q>gjY1ld-E?h`}ed|a~-#$`Q2V3TBp z%`#U`Cz1rPZEe9MpupBP+WL{QfZvL(LH?&r*&tf;>}(123Bm}QB=i?yI-~592`cdk zmgCcB4lKdNa`7YpDmCv7WR_WJ8y)oI=p7X`0<==jX}7Q?U)97RSU84FM%?L#JPoq$ z9zHau@Nr0v_$@naV4e)!IfBd~9n96(Z4BY*l=#xvhM44!IF%f_OwfeP@eSok0n>Fi zZK%F=M65sTmcsZgU1e*lKP#5EQ2ViVqAlPRCc^4PLV0~wy&5Pvtgg6DyHMlp zdpnCP*36us52u;k=Q6Q?>v1&ZQeESd+Pv48EzYNPo1}fx-VzsI(X=imPAJ^%Z&XFrX+Z-4&V zvwsfYkH0?u`}2R>AAfuP{Moag-k!d>x;XxsKL7VmERC-9uYW)Li5&mjvytb||NbA9 zp%ik0QzjJ;q*2DnQRJX1pAryu% zqI&K1)K|%*NPy$&l|=3sik4um>u1{*#?jDNv+P#UyE8ua=OjqOrj*mF$nhQV(;8OG zmbd_EVP{jF?n&3AU!vo;WMPk&Ym({R+JMm6H4xoiokKb!+kL^G_Z|aiPu8bbyY|yH zsSDce>47y~K9)?!*Od1^D#v{E6mRgPM}JG@^LO)PESt`Mg;W`vZ2p}f($6NFfBkGX z+5F+zWb-dSn{588fo+q`f0NC>^n7{Q{7I7VhT3@RFjBAt>yNE3S? zmGa8-slEDT3#F4?VWIBZOlCRmPOZ8^Cvw9q7;?xJGRuP=a#i!Ah^N%fy+t{``^ z49Jl4cvVhQC+D|0S&WhwON+$m6 z+Y!Bi{IGpyc?S$~UitX|!%B+`@M7kGCYtu_F4- z#LDjsccO=|jYR6t6?N5G-E9+CbsGhsZ`(#h`VVrTtF2u7L4mgZY|q#15f1pzo<3g< zL9ze1>#(^r#WGD27uq=)Vz^}jlU%W6+g+cL%qG?UpZ@8e|3Bt|CW&%E?$jz$&OAQ} z1`8a8t$noT{~x^^?T*U%|Mzyk-sJy(jOVlE|F1(QF~B%*J`9@k{wsXNvBFpq3<`GB z`zU4h3lz<-6W)w4C_G7N7?1=eV5fI88oV5go*-k@s=G1U!(|YwcwdTnfCLG_zbiLvj=2qEA8_s44lEKnJ3Rpt0^^tosULK#4Ap0P;aS zLK?fimm0ZtUA3a1K%qsZJg~B?x|$CP;3ic^Bh=P%&)Qs~HqZK>UiUvA$G>VRgCnD8RD)ygvrduOVKky-J%+fupu1pT(VoPV) zaJK99aEZ??LzN(@Fnd?v?2Oi&wAqHuV27p4I99 zgA)Ek6TPfRigiUyDv8U|D!xh(*N}n{t8-s(UiZAfNBG`BDK;g zv}%2ygMDu44p3?kxZ{2l-swyIsb#|YkjTDklaME#=RH|rwIAe~SGVZvy6b(eE8N=d zZgs%fT;4X%gFOAu|48G?G8aGdw4eVwJG*=3``_-XomZRl|1q8~<^Gpp*B|NluRXZ) zgV{N)m$nbQFNnh?*SDC zbH631-Q+yzc>}04SEPwO5Dd`U6sy~Yl~1*^eE|A#ubF)5!)ryE$}rZ{xwCm3JpK~F zR5Q}g4YA(=s6H!DIzv_+9E7>}!YO8Hl%HuC^%%4%c^u*|8QrTx z{hToST~N@Q{Lt1!u2A9kE?!=@g^&xI zjdb}>`z$a26?i%6Z@2x==tV{T`(m__|31o7^8XWsy(-*oY~2D&UV#}gFAgP>8Q5DfkWM++%vQDTq*h!gr=B=-~<>_f3c5VV;Vj|+I`c$JN{QnZ*WMQYm7<6 zF>o6j^bj6sy)Z(h%XL4|gX`d(Rm&F*Il;s1*Tc)>gR5inNQ$c5p1RfP4B}s2JP>23!^x|dN|L?`uFE;+)kMg+k zzq0f!6ZxIMdaqZwS3#%s%Fb*kG1bi&y4gp+ZZsN|XPNz<%Q@HS|1;Xz-PtYcf4?5> zZ1(?SJiYe+AxWf8W3y(jpNEs3+x;Ifk%dX~*2((}ni!pdxbe3hwKw=^bi#QkTw^eF z#3M|ZVZbz{HP%PgvgpK;-*s?^6|%ksMA%PEZcS7-J6QkEy%YYNPk;JvqgO7k0q)TM z?!DM8^M9|t-spcH=UHC=`ys=Fht~ji;oL?C{09*Sn1z01EwB@iccTd2Ad+=)T&x?R zGT-Ar3St%9L^l}rh{gsD81~1}=WXl_RztA+S{#%SYh!fq=SHNpQ>u;S!3M!<{CPVx zc~vYbI0OF?u&C^Vy+NV}F<@!Jq>T;B2B+3;#nOOmzgI&R4;>x9JKk8eJSfN2!>*-) zr}}f4wro(R6?M8UfKKksYOTTb!k^FY!*5MQbRs^-hC&V3=r#=`29SOqJmqaN$cG-b?dM%{2!fa= zQtUtZ|EVTh#ty~MzpeLw-puYM;oqPB=|%qoOd`$%S<>#$J{|P`)#yc;{_nil-O&F> zd5Q_%W0Bi=9KoWG$vr~3)ExsXqH9R!=kqA$j4-*6bc0TYzdV%`yq8q9#CWjQL!)>M zfHgnbvwH_KlucF_*MSAWV{M zG9JRo%$b^pJWq|}yZ?B0c7AmH@$BIA_<7-Lc60F}RnCYz3Pq+o@kt?xeg17OWvu2g zA)Y#qzx!tN&C9F+VK?qj^d5VCetCGT#xcG)I6OYez9XH995&&_3a>fJJmb z*v$aOlU+pv3mLbQAI`^DA5SjIjlWKKwC}t`Xi7;KWQL=q_ZM)5)v*ExF%O&uZATeY z*V9!@{DE381?@^-@6O+Re0Tie_}vOH3;FCFxglX4u-?A^{`m6j`09B4@$lXI@zwF= z$D{MpgOjr!{WRO3mq0r!PjuSaJ zh+{+UD?MMNVQ57LZ4Kw;+$KVLLl_a_LZP_3atiU^5LsMIBlDOO9Lo7G#ZNqu`>3!z z5Q5BkI6NXDUW|#)Ss?b&&d4bdlZ5gh`<7SMOXt#^T(VFIid8e;tfWI=c1G^B1@Y5_ z%EcjPlHAG87BfmTE>>*p;D(23L{1^VmrEle^+s=oVUn`poy3!nh(XBxYX>ZP_B7UC z3m=PZ5a|yMu2ia<_nulc=VL-}aL&Sold-(D-J#k8A*r@+-W$`-t{ws=ESj3F^qM9@ z{z&Eg2QK7U*1=r=y5-4rp@9sG$2t#20o}_Voh=knA>kVJzlFPf6d4*@ZlHDjoq}~I z7D91CIUq%dh0x~mVj(1n;B4~zgi7k;@QKB}a&){k$JkSkq6R zz^y$asCGwgt?g^|kgfKvn~*r9J}z=JwSC!=bu#TbVMdQN`HX@Io8imEc;80~(QLfx zJn*|I9LFVo!qJRo9*O$8&y$vFH<{jKckp5`a>N~dfVF0EM~x#C@KNc6_%bYw+%gu~ zZDb$0Lt9>S5)qkDUwAkOlJEAv8GSP<3P0eUmw(+Ud?ieAROPg%g(5fK?G}FfNuanQ zNfP#5Ovl2A!9U(#9)CQ1cXE7o_3@-4W~quNv@`2lvZxVJ0NdK!V$N%= zg?hSpT>g4swp|t{8#}r$ee&|{1rx)5*$NBN%U_Acu{BrG7 zsiTiC2q*{duYNecJh}R>k3XD`*GI(~oBe{OetA4Te}8#+{PFbQ?BLDu<;UZ*ql@#C zv-LrtPY+)*Kn~s?ogAMXu8&mo>ER0k$koB+o8zmGnUZL{z5}nNT=NHG92Uq8p zA5YJZ)`ta6t$slhAOF|c;m3>P%aijpvI4bjei4&?KR*8W`{?TMqPfx1 z$aSMeQlJL3Qj4QXi&iwztI34mfG)i{s@7r+i_@-{Zbi8DXsTPgco5a~4NgEEr-`%} zN`6h4s4SwE%{k#Y+y(2@LCYu}UVkIJBE}Bgpgq+tO(>t%j_O2V0B7QbR7k==^}L(!9D9gb zN!OP_$W=?16YO6k{BE%lIj?JB38J1WJH2FreRXc%Eqar}Z|X>)T03!{ZCsqv18(MG zM@w$$$2Od(ok6!1#XamIu;52}&|PK`B#9^kY5SW5`{bf%ew1y+idjMpanZETJy{Ik zPI*A~(cZ3msJWpOi}cKM8ui-gW}NWDveiX5<&nNYT<;G147;^kbT`TZzy5g*|^#;Zi*n?B#p>X!C?Mz z{2Y2-=zq8V5bG2?H0E$<6+e{F{|_mI&~yCUM%_z1z3l((sW3};8hd^ctTX@5tDUb$ z<^2CIM!Tbp{r_V;aLJwKhd~mk{}C(+@_zfRBu}H{P7(&eohoS|4pSj{WUpmMWC|=y zZ9<3wI*CDz0q-h#9U22|t(e#W3tq_Uu;mKZLXvnh!hjG@QW^#(V^U@kJ{s(3oA8=Q z2kOFKmSF6or%%@zpTOtL4o1riWP&A`E%uR#4g+ru4bP=h<$!6Z8Z-^%fzx0t=Cd`J zZwiTqmJExQQ`n)NOF?@JY;%4s$Y)y(42Mt_91ajJ$G;-NF`S*38l$U5wu5JDoIL{zHv`&UYYR4Xt*hrkt}2|;Nb zD8wJ26NV0PM8ZRLkUTVy6*PsXfY%SqWu=K*Si{M^;5cIawta%EvIH(;r4N`Nf;Cossh$~tf}(b>^6!fsYFzwfD^&Cwj`S48>05k zgbcPSBaQIgJHlp)5`SC1Tp<)uX20%KJ~qHxJt6lsf$V_HJ6jF_V{29B2lQ-!P9*X( z9YFmk6;PYA42mL+6)Qsmy#U!LL=CiBrfh-{eZT0M z^J!KPCVg^LnXa5;Y1$K(fEFOJ)W9U3RZtfd_?adI?`XI@u`AUP%t>{Lu$0)JlfaVg zo^z;dNd)AFCZt3xy=&#L)`a;=*H z!5IUbXs=lsu2rAx^EAQ?WYCHWwCy0u0_sD~MHCQ;X($k$@Khhp`J~NZ0qQ`LM1_Z9SlDAkOK_r@BK?0Pb4ke?A$WJF=A#5DN4e*i{9c zR_n5!3DS>ObK=$(D@baJp9=D*;wLq-M%J)~U&}w@B*BZ)H(E1=B71ZaG_uAk@V}e8 zNb{T@`!2$I+?G2o$}9BR#;z9ocJ4wjg3>bP4b=>wohgR%Q1RWA%@nO_ARd+Blq$if z+_p3YuNh7UOj@_^@Bhl!M4(IELv`rhQ0e=jTJ3NuFEs<|SY-&w6R?q+s^dw&N++e{ zE7@s?e*JBuk@&-CB+S~cu9z6>2CVR1A#tIDK|xK1HhPSW9%G}&_!H_eO1GtDh{nfp zO#Gfg(El)>7T@F9W3Uhxd3S(g45f@G0ZG(;BOt*M5{o%pR5OC7+1gYnYR402Iv|}0 zASQ6QaM!=IuduxWiKwZw#+Ls4YoaApddXqn}-ef`~zPBsK5s4GxgQmlwt_6BJ zK<@=KopdpE+~jj(qk?A-`^m*{dM>|LVLmnQ7(!JAejyq#QXRVG}=uXc@d zBc5z*X=B&Dkx#bBC+}<6U8@0dJ19vcH)73=SaT!R{9=u(n|JQUx_V<>{bv<7|EaC3 z+em`u*gw0_dP8qE*4Z0@ed{bY0{e}?ej~8o2<$fk`;EYUi7qz+`z0!UX#)Et+4-s{ z{)?9QZ_K?n=H7o0eM)}fVBaUPB*9rZ!@yIW(bA?3fS=A~4gK`<6WucjvWy1mrA=At z{r1~^^MADDe;Le47||Ky3AtY%?fG9uqn9sU7W2RCyn40sa+Ck%F`lo`1(uQ|3@*8P zwKeMnX-yPGim`uHq)p0Xk>l0+_5=4+*JzLr57JJQ*B~KdO_DJoyS8@+jgAeK;H| z@+zJTW>gO0|9bdO29sZsA^hLIn9qjlfA*)iVZ*$k3HGnk7)@zN#FM`c#BKcKuY(D` ze)89WjMU#ep|dA{{lA`kg+Abf@>HOcqhs-8U@}-e8PI^>p)Q{A|9&#K5k3#d@X6<1 z+#XNM{`ZqWWQlc`&-#=<9sB>~&a0hL{-@E`qutH^e~f3%37)E1oBHQV+J$^cTAyvv zP7GRdCS}QvOkSV1qJ{iEiu;}MBx6K8cPuY@!rC`gU?Nl@k!9p}@q^@SNA*B~L2f7#-yDIswb7pxBsN|px!mZWOk;9To; zwX6I^yIq6@jg$S@q$4hlyuB3z!9oKc3hx^2CU6+fvCbp4im8MhW)`AJ z5d|eNPaH|r=QD9A>%!Jy@KC;-Z_FQ>%pc0oUyCtBsnI{5X@pBkTGs8tDQ2}Jq^cvg ztquB&vw8=u3hs(sNhj!Q))g8Pl8x`GDk_`)f66aXNQ7MUo1ca>qyWi2#5lB!V8H?_ zR8XCpoS$2epO>0f0yBZAU?~SR{-OO|@U?%qtyKy~Q;Q{PAmZg2sYR(M;f6Wg32kzK za%VZT1EQzknFg6DKrNQBtHu)Wkn~mz8>EIis8~-SCJ$*;4XGIb4z`?1P(c9dYk~Zs_yE!d+%$lO%{uU1NGkqp@(8LlT~N4kX7PV^yT9+=hSAi)Znty*Wlw;(bncx z(s8smbGG!=RC5uMwQ_WVI(rMqSm#b=jX&I4{}Ed8xVdY|ZLV>GI2 z<}#UHQ@CW`sBA|P=FvjL9JR|oq|(OhaV0&!p<6OF|)JuTXC z@OKY?{~jNYq7P!{)J<8A+SBDX971jClOy@>!Ay;;TJ)D$sGJ`!u6FP9E~zL%g5Uz- zst{mjW*|Ronoj*8J?(<`5HaE4WFEMt#3x}u5DY$(na@{iJt&KQNu83mr3{fNrc+S% zK!V41AkyfejqzZkA=cyL*CT0=`E)MMzllAKahPtEeBtmT%x72REj7F+(d;DnEBZKv z2%wLM1>~6$bS9FBam;Du8sN~tmMk?x$h706&rgoSjwQUMufWrc*}k1SNxAox4JSyY zpU;&qTSR1-mA$^Jg_Pv0pPkAy6|Q{oOvGo6G^r$wd{VMH(7FJe(K1d3KaJ>v);-{`^D4Qjd^MIx9{tbL`IVC9LBNg zK#THG?LH-OfH3yWHYMz@mU0^_@H=uNu>H<>EKCDcHnTn@PSZh;&KivOv!&ak+e5t} zLSaN0T=4ATuINX3ez+0k`0Fu|Jv^frp(ut&I5cy^w{7X!_hvodvx>~pS&9lU%->FK zhqMD^`PW-C`Y86k7K_rkRY^xDgW5?RCB6Cdhif;*UQsoLTx;$LtVP_%s{0eBsrWv`aH|a8JzczCUk(s0>)P-qzrK5 z)oS3A^0ppH^gfi~lhxmHit)Ss6*b253Gdj)@PO@BsHSs8lXA+jf`#`Xt>?gR`g9oM z>XR{yI>=XD-=#OZ18)-&E{%KMhTl4u$+rI49IU>27rbA;oU3?WqV@#(zb!xLr>~{b zK>ZyqJqrzI*?Wsc=#A*gaTf^4M@nT13QzcWf;YQg-!sTMvR%Y2ZUdl$d62<8Vx)tB zhC|dYX};e>>Nh+Snp*tX-kn|vE5R8XO3``)p zcynYXw23w}>Cv#RHUv3jTD!V0coXYgnoTpv0MpieFNpfP}pdYsCGihVMUl<4z>9|QJOLRRBLg5~>Vem+TfO5m@{t2GE&eu|0 z3@r21onnYw%MXFs-JpN}kOqLhf~~N9E;g|vk4+*41qGAHW~mY6PtiWe8vz2p5d!T0 ziXbe9VBnYHL7-9<1(91uQC^?{RgUa7?l+aR@3$YI%2}f#*@OlqA+Jnq^oH~RXiQJs5$}`QjTLoF< zF&+uG1s>8MbuLYoJz>{gmi&eZXq}=x+-lxYM`Am`d};2z^wrnUF<%*fuabhCzliW` zrK~(&I74N>Koo{YA0gwbRS=Au<8}z6@b7d4(W03Gc-8A)Wyq?}e>M;_)#shy*6tw} z7Tqs)V-RDL{nwt`oBgu|NYoSf9dh9TRj+ddF;5=8SlDtaH=y-t+t;MHyruuUC|X!I zyq_3UPRNwF)Z2O6bngJ?-z+-QBnkwVuh;}dB)8H{`=E8{Eo4jJN#f|IelOyPriQN< zoq4Q;7pDueJaXF|)&}dFOczABZg%$^T45UNe-6Ijd05@(M=8R9{#J%>!)Gg~M-wP9 z;V0hhG6~`-%ZIOohr4BOGqU`}ZbohWnaqLO{Ja0AG<*#G>sB#e8)V6Ncr>;lZgcoD zitQ={mGctytH1LqnU&h}Zuz$=Q)+C27^@afM}24B(Zpn~)+mSP0st76 z5Gi_xMj_g?lSqCrmI%B@m@%9EPaq%C5~!l(@&4m*=~={n`1cJ$@_qI;uf$BW-E+*I zAN*U3k`7)m=wmTv)y}yVa&BcNaJWbLhOH?wl(vqtXTI8{TrvF2355H?osc#qAM~t# zGj_T31Jmrep-WbZpJLPUoe7zGgZ!aT-YU;>xi#ra_fCp>ouzd}8I#3wbyonA20}e* zQ|(t1Pmd|T2jydK7P~aOwbj$_(*A!v(Mws{KoX9fa;X;_TmiW?&9rKS&$Yx znCr6z-=ChZx7QmL&W(x3hw5weC(1BeGynGAH$>iFZihu6Pq(LSA3y(k@mA5P0=Z9E z?(u(__B^0HHp4D!yY6{B-{J|-{~c7^SstqK)wyO-OzF9xrY6VmpSM>)3?%Z|atWd| zO$vN)X0{`nT1te*U~~PNK5^Pi{FY`m^|G5Fhb}zI)|5pm+{9$|&mi$Z4-F= z()Lqg0+Kg4Y9!*C?ARc%y9j;D@k=+L=4ez7#2H1ST9VAuTcQLUx;0Q+{tY5i zdmhF%y*P2?$jWtM-Mvhb9k`=E@imMvj>aYn3`cE{Wlr~1nxAH>0oRolu{O8d{U-Q! z010Qo)*bQTcRTs+QFcFWz)Q($o^4)KNtHY56SL*pE_4r3et^(Re#dydG{jvB;+y*K z3i!xh3kn@_A55lDz#=8RyFsMo$2z6{d*vo}$D?;T0s89@%V$>jJnwMsI!Nc(I%M_k zBo#uk*ED&v-jS;|m)FW|F!?6`<5x0OKG2{AGn6W&D}zdf0X)Q6xB3l-gi+IY1L&;f z)X5cE``W`wVwaR44(II#L-Yc1{GyQwajP@Qe}MoC;?ZNi4F7FW|{IHbQkjovVG z05+pujK2vt$S?<7h>^M5)EnI6r9ywwa#gFWz;$~vfP@i~A#$@^rZ=>S15P+&r0#Sam#l1Za1c?@?| zP1Csc7Bk#31R+UTK==kmE{IGL1^5+OOoCU~h@d)oyu3FahT@dmyyfa17!bUIR`9zU z4<#ybj@xiwN=w}ws7Dg#BTvl{3>@UMKm@^$${7Q$fBYH`F$d1z^2NO;bEISp9f)1R z_)3CegUJeXyn*JU4XJp_@7FUF?$B-bQ6YsWON5f?pVqZJue0(-FU}*wQ<=JOa1el- z4-;vYV;l)w(ab^@ElVo6Rx{*69*o^F&K@t4DY?m$mRx6phm?b>+t5~vd2L-?Hwlk4 zpXW^9(moCD4;~u|%!ai#}vM4-p zShBiPCrh)zc-+*+V5^5>p}e<FICAF#xQ_IEV43+La@$aW01!$eaF$(92B{vL-{N1 z0M_dS4467Bwpr9LK#J^E{RGOF;8>%1R8GD`leshs;8baG>Snstu(a#QHEPKg?=yfi z-RsZ9Vp~Vt9P~1}IuLirD#LRIf8yzVgU`lJS{ByBa4)pev^Ej{br8{K8{ zt&MF1Uy1S6JFPlV9?m@?q(4KCwJ3iH8@B;OHmAJ(DOe@;vv_ZfOG8q*-1KjNb0MJk z!QDe%w|{9OZvBX)jLNqC5A#w zdK40Gy6Y(Mf-t#x&#M- zcGPqK1SDiLA%8I%I}0gAsIk@si8MKorscwa?ZiK?C-v};;*Oy+$YC`Me6kAZlcq6n}MMl+q2!4LynI^)MZqTWIu0&{t+%IB`~_+>Z&i)DJZK~^p9Ot>zp zqr#;6l8EUi)dzKAu3zvs$Qd!WG(b4VoD@OK~32F}X(1b>}w zc3mZ(YvhScJ{MD}KJ=|lTo2Ybd?swl7Rc58iB_OA#}r^ghm5)~?BIkUTgYI5dozx6 zY+^Y3M}`F@_%I?7-OZ<;TM<`Mi;gX`Fcio#b2yN!(XWw~Id}L=fu0I83^0K~1uCo8 z`01_W`?*wiupo+tcvSNn_%F;aREEp6`jmZ+~h|CPbH8Hsbj-cs&;s|-hN!9vYZWDJk2RsID7iI_F%Vzomrta%5=!a63q z5y9%fHF0MX?>0NTQPvw*=q&V@YNHl&+tYJ>BjFKK&G|}odRjVcU8{xtO4!`zs}(A# zyu%7R(?>QmQ{0lg@S5NF#ncFaIj7Aj$#3J0oC@&6RL=o2s|zL*91D~B=PO5te$!vP zF#MJFxfQj*GN%ElPS1XDD-omyZljKMs-$O{CPI$dD9t-9Vv@wZvI}2KDJC1VsQdjJ z#3Y9lpb|_WSpt86oO|e=*Bf;J?dXP=2oPKc-=PCS?zJ_`89^{~%-uR>h0 z13mn5WKuRVY3U!g+#@+cIvP(DU%%$fGTlZ%9G~5}$F{I!h{{!RpDT&@(6{?Of~nRs z?$M6pdm(Uso$QD-)vJBrI&#m!n^;+aV-~b9V6`ZwD|M8HFQeykrK=ti8=5E*`)-fe zS>&`t*{Y}88r4BI4`SNA#hwLzDBn%{6g^@un@)}G-zK@Kv`aLQ)e-DiA`y_I7nHZ5 zSDk27J_0n?huTXS?weBBimXCW+ebm8_%7xG*b1#+P_yg8?IO{k^XcM~w8MR>PSkDq z15{U-Y7>wgO}o(s{kmzCkiAL_7+_)9c^B+EtFD(2H$}F=onvI=1D~O<7o8pr-|u&` zV})A1;gm5Y|M|7m^Tgkz3DmpzC`GbgErtJJ{mff&02-Aa3IFEZ4%q3yKPT6B%82$p z3<&Y}>DAR*bpYD__ob|kDR_Owi)~e`^cqzHReKY?FREjQSQbr@8>w|Kq6nT5Plwcb zdirXae9Ce4m%MvrSu6j~GYTys2R8u^W*%r#7J1HpTqB$YUw$ML+m?L)#L_9NHQuW4 z6=6?u+AA}_baOPMVr)D*Er7C55Ei^t?cRHCk@xf1Xf`wwgVL!8* zZ~@FRi&I=M@|*qeVE=ULJK_DmQi>Y7*m5iHNC8N6&0DlRx9%o+!so(^CqGSHNuGiq zm5W}%(2-Z}H*klH;-oYzeW=ZGd+3g@1mEAP`H6?!oa^caA@RGGke-hA4!7JNdpxCoMj@vMW1R0 z`-pH6{Jz;U|NTiln90_jp0{kH#{$qZFXf#^@_^-X>$Aj6ZrLtdFf??WE=3}|a__HM za=6*mM!n6pKcMuNyrN&y6;u{ho@N@q#~f5-kU*hCx7o{Bz=@ULmAUx`hgA*}9~4y7 zHD_zL+X!u1V{j^d1W*p_=eUtGH^9b(usKoO*GP5mqQYgY{Wc4LO}n!-O*C60 z#s_E7oYWOoY!O@9CLkc`)g=%kYaDWj!3+W-#lUom55gyIudLX-IE+UG*u~DwnRI3w zlBRbEU`&{u6=>IE!(#w4Tsue{Ms1d!>ZsIo0~Atx1}y;-kj+C+rD|Fz@Udevl`X_T zpoxG(0W?R!p`b?sknf=TDigQod{G0Vq|CViE)b96g>+` zP$R<;kN?JOmID?D5io!YV=9=T(vEjg(d_0swrtyJ%+mS%JX4-nAC2GLUOb$b0FA8E zvO|yiXOmX5m?LX%En3Iy5_6OWJYcCqbY=Bv_>FFA{>|6YH5I4gR?<54vzFKz+`Jbb z8)k=-y|R;wmW;=u$CA?nOA^WNo@tr4Cv#aoVBw=xnY)v@20kwPVXsylZ@K5lTJaw& zc}83;K3tOHIAOtc;BpcR!+GT24YmUNk561IjeOVF{SMo8z@?uzoC@AZ=cgmPdq26c zU>D&1{pT%U$LfLeWb`yx7YU?98tl`tOQu!yp+U!rPGZhblPX>lr}EYb#}GTE#L3;0;`vcPv~4tt(` zf6F+VP)iZT1{G||DG?K`{(<`v^K*-6FH4e7MXpPhzKs3zRBg^*P?25@+Y9t$_!GXT zV$GbOY{J$QZzF1>ddN@e(bY$Yf8>UEy3H0YvO>uOa7CJ@=Tzb&PuqlQhi>W6a4*cO zYbguS^cy&SNkuyOeo870>C+J7Z*lo^v}M9kiH;5%|6bv#it00%K}(@X(Cd7xIkS*d z0US^Mo9@o+A)Z^8SEg_dBSQkE{%HLcj%j11Q@W>b4kwPKqaYxu+5b8O9verdY9Wty zQT1WTQwyYSg&%?Oqe(M~K8FgW2t{E@*6-LYzMG63J<#EQK&1M{27_rAUXFpqFe+p& zZnX;+!=O5dqfk58!ujoz{-9-Li5)Fjy33-dEBRS8+K2OAMEIL!r6 zNG@bXrjT_ids#}X^s8`QNW#5DiA=quR1XAVA#B7LD6sB!9{h=-^Vy48*v%fvIZ!Xg zLLidn2NnHoLBNw7pY+Hh^_fS`x}eT9xvmoR4^0;D;5#KZIc|82ewI_0y$4Hp{C zsz8}jTH3==rC$|&k6k-6;8$*TIxDCqkvX_Z9Euj!Z?YD|jQVt7g| zl61qYM5NsqCNKHO;_QlVjji;P_+Q&)%Zi*pJQ?bqAQhSYgS{(TL`Bxo2l=P7^|xb8 z#YjIfubH`Hz+#bog0NabFvm1k^+2*SMisis*DtAlgQ<4!>IWQ$#@48hxoC5~eNDcb zYG{IF69%3nJeYZ}UF?xFkYA z=sfvX`6*0HIVydsrN`46Tk<1tInB}zI-YQpOIUOJb-rk*-fcEyH~_!N-Zot9@W1?J zb(XfN%0uXv@-#nGodU)8eO)fGl_|{fhsdl4e7c}AyP&^!emeMjSv-gs4xt%?IkYgY z(U;>XV|SpE#uzuV(hdUJX46&_xn@In%#uWQB^f!M-U`*jr0uE|77OSlq8Mp3T#swE z+$=tpUGqk{qMjEbBBFxhS`2Qhg<<%#xlfsB7-OioSR@DKtLE>n|8yA~Qj>n3 zzzdZ8j>^KvA8Ozu4H|Ogp`pqpl~R}(xBo4les=_wYytVH*1+c__h?xv?~BotWPjfo z+W-A{1VH7NoiGt>QGlJyZ)ScHXDQHY`=GK0vL(A1BTwX*{8}}j8zf4|qYsE23?4cd zQH-07l!E-RMBw|Hox2eI3D$;|2(#GBuaST)Y+B_Zo~(q1j%a7$aK(#GBQ-$c;*xfA8^aTTO;+HpWM4;_O&p~qC_6pA{Sk*^cp>`=t~TwUXQGzd#rX8~ zBI@BtyIc+|a-Ggi_(e>6lN%=hf+RBGVy|v+g>8AcJGwM2DPaqdyr@C zI%Aol!o{gA2BjM?4~nSi*AQi~);`Y0I@=TRhmtjyx$ReS9b+i~8K#7_W8?lp$JWe3`H{+I}~tZ92a$LMmVY5*WO1y#wDv%3;|2x>itf0eeFa zuo#s8RuD7+mMRYiqYrVpDG|q`8BYDPiBpc#`26xNpUh&?8MWQ*`tAe{*Rp85a|QeO z!Ze4?CfC}yl7Q`RP_y@(rSrd0Xp_*40l2?4C*IX$fZWdxfl4UZxvf01`b+8^il zUVMq%w^-_IE)lweVD-Zi1Se;!d@5wdy32-2J22%It-Z5^bFU5xo=!02E3=6)a&io& zD?Q|GK+`f%E&I|h>2ROXJ>wd)lGeJ(+AeGjRr-p5M^PAlMh>K_dJKn#hyAaZIruFR zcg0a|;FY!Nc_Z167!doJS5AOh?i|HgpR#1~^_x!qIkBWOp(Vd89oc8fB~)GWxnacY zQZw2sV4Rn6TKcex_!~YbwRMslr_AElP>6h)FF9q}*qmMETqL%Tg%-Rqx>@}RA`e2m zcG}Y{r=gbk5&2L}x2mT<>?Z_;BM^pp}6A@%0z~3 z6RFvbU!?n4z6O_}GfPCwJt%{S6yY^M-thhhj}&Xn0#;(I%}lnpnU#tvb@&4vxC|r$ z>+4zRN=t_$BhYpuLqZ}G0zyF4LfmYQ_&fl>8Rsb~fd054#BAUvw5iX&BCQyh6go`* zHtt7mRbH6@62SNzJ&bsHI6mabw9l}ng@$am34yWZh>XB5p7gtOa1r@25ok9uYIbEN zCyQZtxDdJ8n9W>0znYkqa9(SloPfn)5mh`+&NyvA!seium<*PN%?}#P=Nso9exzuV zN@>~qU78h%owi*q9+<}$?;Z}wJo(7C4=e@8FmJ%(pP)qo$7P<1cq(yf2`aE}(if1_NJziI{YVi$pLm87ziyz(4sr@<6xwhpS`mX4O*@-g&Hu z3>bQ}4J12KZvJ1`S-9I3j*nipHyj%6e(()W+60VGi!(6@RW?g3Aw-*zAtshgMo(dW zFbOC9-~eR?zG~#jOQn!_y?xkQ?l@4GsrQ6>y)!Yj_CZK9J8H&sL!+IbJjvWqK;Oxm4rv~v; z$d)qYRJ>Tu;hVFP%T7BfNYU*v5Kw-;QDOr!P?^J;Qk#t9_o>^4fo%JN?G)qW9UX1s z;gL~>BaeiPTPnBM_K*_bp?zB?!=WcxtQT8JD~JiH)4t)dSShiiikp`;eb*2$$62F< z1&_7U`+%2o;6R3j(}WF)MFOPcdn>}`IHf$5C&Gdf)Pj4*1opqO0in>tHdJ_3_M14x z$t2D?VExlNAe)teECQ4t-m8r$+mU@xo+z7Ldk_Ks=ekE$*g;p+_peY9?2PY3Aw_PZ zL7egk2De)RmWq0J1$_xiS`dO}K*yO0Ew7^fV?keNT?B*xAJBYbLJKva`(je$N8$jf zftrE*h2)#M-qk=jO^?i;gAgzWen6IyQFpna7EDWcRO4{aBKt+hX@dDb1L{!=WmJhF z+`;^gcl8*B=nMlca7UPYGQY6Naj~y3%Wd1un=PFk8K#!~sLl(O6{K8=KfgPa6b`U zOh&-LV;Up@-)Jl=9c0YlWl_Ao5p(~3zz39?P~zVslZplH1t&SN;Zw!Ijhtgrg}#r7 zQLLMOtjOOE7SPmsf3FIdFO0>*2xlSW)tAbb*w9uK5A8~%@u4ReI#+VVB-fxsVH7ko zfj%=jkJt7mncNhM6q{Q9bP+Euz-akt z7sfWyzpc~bUY@N}e7H%^N5Xupmh*nnrt_uF5z;ilo-uTkaYJJ!nYAt2*~+;fQ~b&_ zO#|A&G{y6C#1-%Tz_UjvV&X%ejY4t;q@4mv#1sM;0sSg_pxM3dtK>3~PyQb{0ushQ z_A8`^f{%LUBQ%HkHBOmhPlzhb@XUkA%+jZ;KP3t!Dj@5QOU{esiu25kh(l^>ie5P+ z)xg(J*(W+y=UYwohuO*CdZp0AT{Cv(WYwa!+SYT1eJM&wiVg8X0_O>il>o2|viu`= zI;mr)b#5z|*;>o~N!wFOycN+L2})vrg&5#kn<9g6FMuu-77Dme+9n@w5|b4L`NMSoc=Qa%`fJe_GSno*;ZJHeBDvgn|%MYl)61+|;Taze$ znwl$;pb%P4C;Wt!W+v(_s~HnzCQ&S0Z>A}`5RUx|q(*5T35b3fiWdW^(Z_rmSw3D# zH8HKpwH-od|p*R~!tSKrIN)_l`ACf$eVR;c~jO0T~1di2FvO`i> z0=9pDFIAw_{Ji;V7AdnRndR5O&~_=RmFZ>=#&>NF^u^Z7W0l@) z0=6kd?>DkRBW_G|UTuhyiwbWhnV7c$XW7$#(u>6IvpP8t7Jp4SaKtMgC8sXRz1p%wf8p{d~T&<&-ipwQ_*!hE-E=^0pc2~>Etrb!7en!WaNEBtI87}i|YsK(%%rL|s zCR4jf_S_GFcV8^hY`5NYYfl%FI;*}O=I3g8ni%QT#MHdp=zM+u87N5rp#8t7;ioGL zz9FKpX`(Td{L{enbc!pw;eWwCix+SF?jJ*=Xb8#hC`9C!ukY>R-N~9SUk;y+&XmrS zBXd`&ZKd)}`NSmy1ua*k9Dapo-lb#J(v$$GtGL2JbMhq6f3HM%cKc5V^QrM_VkfcW-%&=QaaJq&02Y(^{I%7q(Fl{CNJj~$C%t#L6;fKVgd^guhZ3t|` z|IdlTCFFFt876bO+v%rykLB0Wbr;v`?ZPBO}TUBh}NtdpM(9Z{44L ze#f}6TZC-&CKkbCq~E>3F_ga?LrBZ}&C&_hguz zA6SSkn)tRPWZ7)q|1Ev)R@iuopFn!!y+0-xOo;!oeQMLUW*g=}#Bo6T z5A!T&@wa{bU_0_F|l_jO;X_m3g7?FVOhY^2x8#~K)(DU42}wj$rM$%}=CqH_5}bg5`oUyK0U8bAM$N?L2m|DjI5gg)4k&Oe*pfI7M+BcV zNE|k5ba}9e-ptIyb$J5;hB0Bxcksxen?SMtviK7E2_!5W5(f+{oB#}bsw0hVJ+aVG zxbu%)ICL0XfGiuMtZHJRh^%TMn`L4l25KZca>mqnei)qEKz=Bk+9SQ}O!T*RHg<6) zVorqQXB{UEWQM-L0l1cOjocZnNkZ6&;xWW%oaWQ5RMjFRgl`Svn1C=i)U`fS`DRtP zuqoFfaHQE^_;Xh_8dKQ}i#wj$LTz@RkwWdj7=q^h5*gh%OmrDI*dKR4E!@zpfywZ5 zsoKdhCPO$?=YHpS`3K_)B^jI%riN8Zu?%~ieC&ADM?T%pY zRZ%Kt;B`6Oa^Fk}TG+f{484*lT3;2b-Zq zX8l=ysl__av0j%M-=jV7q`i1rgLY)yOB8TkMu zafs^Kq~g36Yh+Fy%F3N-Ks8iz5aj}Ps&cDszc>rZ|KJRjaPEKass)Vd>TGF@>aoZy z=<3gXMMCmA^q1bM8hm_cHhyBoPUJOVm7ZT_@fIXue>G_ZJ$t^_^Jx6Xm}G;SgF-oWS7Z=B>KJ)6LzG7JMkyBPE3 z@BMgO=Bl>5>}%CBUV|+?DSJoEV0yI{6F+Q!W+&vXFpft<8umW0Vg#rwEHNqw{wy;XHkV?a+T^UEhr-jV_tcPW2CQaxnND`y{1Rx~jV4LCKw)|+`w+pdh zhWYpf=S|+mtfW!N0;N63PHusJQ?1fnVGyPiWaw~=kAn!*;=MhtMY*;n3}E8^f!XE5 ziBDH%;ThI`+%QEbJXGgnN*wUITvkO)DpK)yxNkcRf;sw3N&Dnl zI({7SdHa<6Uh2@#63HnwnNIjUOPb@Bj`pmo=e{??yp*d*z7DR$nf>D>GYe6jHkm~H z-P5HaDTr5U)b{xUn6Tu}hMc4~simW`1ytT;wN2l_7nFThq9kqjPJT^BB($QLBj)u|@;V+0+srAWU?j2T|q1~;prI-bw#@KeV}N~8u(ACqgy zyitw|ipW3C^_nHt*Q_NtzTxks+8%%Zr(nY^7G7K2UXJ{fF*T76S4E=p$9SH4pXgwT z>kl8P$5+7<8t0GksIxWND@GHb=Ln03Sk=`0nO?UvAx7&QH; z5*b>@P2=tnOVvt#Tgn1#9plFbGo5sge!LGY4I#!lNGcONyA_o+!+f*fQ4wRPZzt#O@b6VmEi|H?%_(%@lB3Md$1YNc%#*7In&jR6TKP zd1AUmnLdPuU!uldI?Bf(Ve!-V*bIdeHeYDc>;x_@DJAn8`K& zZ{QOzpg?NYM7Nq3;gnzYxTEyEX-d{Fi;=|D3F*C~f+};*06J)Vn zsptk-{IMNA3X#LTP20TX2}o0pPOO|Mf`MD9N%=4fZNdPFIN|*ye3cM&h}ml|lx zeJ;A(s`ogOj#A=xIl%mGqB(a{x&;nt9~>ex3e)7`U)xk5VQHVzuAI1-kTW?iuM+90 z(SFOp9W2EXELLoO{o4HA7DNy+yyp~%_BF9bGHW$ z?v%eldZt+;TjI!MslDbe4-;A2Ntw|307|MV=?EZo!M_pqysvN-SSg9v1ZQ7HtD!pc z4(lHXmozOu&Dy!93!^4GKWjzQ*h;Q&9v-`dL>ExBGuX)J#4YL`@CRSEO~MvI40%IL zRaN~G8G!)*dq}5vW)ILjJcE6|+F+?Xg%(TL)^MTk<7O+_>(tK^5<6|Wbj3Oyj=0Yk zVk^^;iBK+K7@MyRN9BB=ntva8#`k;lHoYEb$DXATMd>JBD?E7e5nO-JDaXJhA)tFFn^rJqI_OK=8qN& z2IdOR5-0V*=sNXYQoR(x1;1#;%dZz-!l}tRFuhA0Ut-o|?y*&NwVr6gZKH1=TG12g zlfJ)A3rA;p|yOjN~R-3ex-t&PKeP=Pb+4ARa8c_Z=V$=r4*~<)U*~0mV>&}aqd#xx``|HdK7~6LEz3 z`mC@y!;u<)s9yi6(1n{!dyM~8JQ$(jI-QiD;rr_Wa^W$yW#?a2qfed#WBf0OQTYSt zHAJRN%6^EWKQYaD1wYf)j)6FAFRJk}Gt>GRqGF~LwfU4I6>RTeu)=Qi_mO6^XX&Cw zf}_9vM{@#8h^h4Fi9cu#+xjf3tfIVMYM7+M#mA?x<)VJj(Q;Xd?umlMiBi1@TOU(4 zM;Oe%JET!^k|Q&N$=uAdRDyXBg?lfi9?cmoozl*Ll{0QAdXYAi(4v_6DM(-O*_;sl zGPXem<8(Vo4x#L}(FK$frax!A9>T+A^Y3(B)wb6^v#I`X(EA15Wg3b?BG9sM;+0Mwi!F(Wr(YOI^o-JdB?)f&no zv?=?%n`Gu#Bm3GTn^EEw^2e~1LJ_tSWn8!z!E?iQQL1-INYZPWOYUAE0jHyTPi8m; z3pqq>-qJrNJ^Tc$n$+l6{E&id4gM8OuH-F>JDXTz6?Zhk(@aM7^R476l zf|C3Ih9A^mLBEc)UU!HY_CYF#s;7&V zpW=A)Dcdi#{ts986eU}ZG zY_QFR!{&T|Wd<;aM2iOI=76~P zW9U;0#TrOgw;PQEb{+Y z4Kn%Pz=T7Qmi=I4sX|T{VHEp-XLzjUmO=sf5fX za0z;nXsD10f_Y&W<;b`%5Pl#3;i0lpL{6;19Mjk6bx}s{zF({9If+wV@PcsrB@Kl* zIORu_Pvt#hKSp`}F-BIDioV32@G>C&K`^l|{gI;AG9dEzfui5Y12*kb5OPvr30L-6 zT#lt+V;Vw*90(?cWOHazkADSkNo?O0BWsrwdgn_WUv2PnKA`Ha)j&u?Gc>ggKiy(X z&|jmHm~xCf$Ak5lp$Z95JS12;*vE{iF`z{pwXs1VzcJiF zK4u9FslzcH15R90WK?26$x=SEKrqtuX=u#}81nJS+p!REAo(J_vx1@F85qEoPXjk_ zjuZL_Ojbp%;BSgssy(dFINz#G&Mr0ssw*s<&luN=WkUW>t1-EpwX;yUG4IOwwHgeK z|5y#Yxr#E6s`ancNZ6CUp!~;b+(b~Vu<@gRt%k()|FD{l*724aCu@dZt4UD*|Exwc z`K6I{$yvphGm**?2RruHYLFuTU#r1qfVxZ2|Fs$t4Ey0{iXy6CmR*? z|Ho?HwnC6Di~<5D8YCtDV>P|zW2+2EBEMDxiTXcQqi3AF%!K6pYc)thV3IM>9K?p+ zL?m8rn*3lz>Z1~KzgDBLhC!9bc+E0$XGZ^Dt4WJ-8s7gOtD$qZA8<`&__dlakzcEM zsHtV?`?Z>a-+b(^)ogqO1uKqA>=(4`fuKt01Y!!PulnYY%@r-<0(!IAFrrFW`S&B; z&#ReLDTNkj%a~W4l&--k)f3PDoO$&rT47QeGs$oih&~LP$fQfoY+&*_#$I*hNPP~a zRb0R)9%!kA!6iOwS6OPuD}w?5K5mpGp|FYX{$U1!ipa_=;F2-3nrY#!MwB+#5-Z z#ch}zn2X@Xf22oP{)(Q`62zoqQeiG~J4VZn$b+2#w+&g+5)c0=fh2EgllR4hV7{M3 zBoO!IwEQd@{jk&{C{)B_daGRVn)tR93>>?TI}Lyv(O#XXi* zvQS%2(IW`_7BL^|<_6)B11EW6)9CN-P@?ua{Eg4|*zEdhuHb8`8aJpy?=%Egy!6Km z21v7K>wY9dHdo>`|4>&tq$Fpd$W`0NYdJ01PMy!Av2%ePCactqOI#YBA^%1o8wU*K z{ctd7;&WdA5OPM^={D^=bqN$=H8b%l?fh9uHhDwNen<1;tpRrZQCde!2DH?)44YA> zkxFPjygx{d@$}9-1^YuNle`DUkT#pPl~hqcGcZ|0(-7Oq-lQib=ua#8&4|K^&C z|DS8_^PBVfH|#XR4moC~ms4JM9kM@vW~Togt1VVqogQ1CXzOt5aW+n_JHMwKKW@3+ z{qK!EvnBXDj+4*+b#7MMqwUA6#{OO%t>u#DMzb?Cli*HgQ8ll}lS4vlPsH$=r_1_{ z$JnQ-Hea>|!Mx!aE+$`hqnNPylaT){<=LY927N^=V#`0OZ8%8R$wJ?+wKw|r+b<)J z1)QdjhUACz3NW~NR0%&Ak*y5DeVZZwT_3482_-RhcD4Rr-Mb4LW482Fv`3dZ+t=8-pq zGEV|wAeVFi{yNEm8z(Zv4|0d~LEtzM$tBjy`N3qGYPUDy8{cWl%MJf`dKf9%|%&Obo&iB1Yd^*tnM6?n^$`Sa8%F54-GEtoREHxVqKZHLc3v_;|z9PzOM7MN6If}0TX@IyXTEDvMqBeLuSnGBup z{rXt_;olGa-0basg$Q{0Jjm)DEoMpyH^ZugAk05l3I2ncmFK)vADSF!qN>hs;tMS# zA~ck1S8dVh34FF8x%VvWebTZ4^fsi3Z=({%<>vgtrZn!eURX_aC+UfL9{L%#j<1C{ z;|k0J9dt zLKDf`ToOih=wTDGQmI{K<`)&V{Hu*6%tJ*?{ zX%$#DtU8xS|66MnS&Ip5-u-QFR$3GoFD^jS+p-PhYF$6Z z>k6^kcTY3Ga}}$5i_qA)CZZ|@kJQiHdqi+Nyu#6nCL`M1W>gfZVFdeG;uF_EIIkWA z#b1vh2?=_hSBNj@$W&y64(g$Nj19V1d)oBj`|p(I7kUeuxU3;@aJ3=Rm1xR#VZpKPH@1DBkq|_zDuYSca;}LNn&a6Xaw`*hUuR`hOXbB2*p2m11w?ggOI<+mIVj z^;eP@)Ey{yqFD=~{UAdyWp2?)And9mo=ig+5I}7Y-Pn4w zwU95tF=_y3P~?3NNRzp2r7N1rR_I^&Y$I73NF-Y54E4?CB*TvY%n9E&k|C6DV6wtc6=+(^3eX$M zDw49=JB<`iE%gy16fZ@P077D{3KV3Eq_js=72!vcqOrO)5!rwWg!$N}RZ)H#@{X_% zwKzC$NuXe0Xk3oKvwu5`Yn@W)4FR1#-8DE!qJ?UP4lo;o^DffmB>=k-K~Z!2z%&Lr zl)*=D^IxjWDLzUvJW&P{ObvGAQIYe@KC-&zofrgV9=C1+CV$qS5vyygYA&Le&KCT>(RPMiZJ~Q zhs4MKzOnt^(!mq#?L?N*AgjH=>cEBQxf#Mom(c(Z%yr0n-a};;q}(vs%~?k4h6-s= zce^QQMqos(&mjmcuDEF0#-Mv&B0lEy2^-JTI$QCNr8DOLI6elF38#`W{y0d*jQ~mnJwu@G!SoWl3B zjJnnC%KG~L9QvJOeAw@Z_f9@8=N&3>uf8e zZ;w}FWO=rKlk-wzZ7h_YkM>Hc+>~nX7oK6S7w@(UbZl_;jFg94rU7R*pi$$3=*$5%#iS^HyG|);GC0gfuaH3QjBjjV;{F0;W<^Qx3Al@x%A4IK>-8%#2qak`FcR*br`n_ zSZgaOj{jsS&PdVWB}>z_(dW`I`h(IsWTi`p_r#bt+!qlsW_&qg=x}3A(w&T;PB!jL zPCi~U1nmR0)m48a#6(a@9*f}VZIhp3dSIU0r@<9)mbW5WlUtBBKICX+P3@g-pbePt zpd)w21T`7L+Jk(q3L+$m@44Ad%4Mvkpb?%Qwt*O(MXm%EA%xBq-f72<3TuuB{Y)8Y z{TX^>ZbWEQ#}K@<0Cf<1`Q3E2_5e}TUDFH@HwRoju4f>2ptT%6$8mvJ4Yv6kC7W^A z<$URMlqI)`*p8ue;$QnG{3$k~EwB^5)+Bj>>6ro(5d}%K7ojLF(Z7AITkFaCauJG8 znm|Gsl)!kM1TaiNeW$qX=?T#nBk3w;^OksE{NjckyUVV!%F!}%CviUu{g3LSmgPJy zz=mK=wZ|;knlZEC;v^!tqFDQTQb+-2Qi?GCT7|`?NbW#Po7X0x;|b6$>hg3=t%gSkc?`TxqD zkn`;1RtYkA_|L+kRf4vPE+m$-LRjuVN9>yD9uVIdjDsW*82P}awLImz-)GxoaOIOH@k{`meSN{NtV-4;$>91pfrL-AnB(Mcl)V`_UI=`ZDlZ>wyZf}w z21OVT--(eO$O9w#84oWR($zH&YL9P{g+))kZp2n!-@)2%lFiV#yiHl{lFM!Wq3UsU zdTS{~MX5AQaHCEs(>nw~_zM)$@`UIpyXC%q_c&3%g$ki1=&(7$ z5Uge91Rdki>A}w!3pKu_h^s}ni1@mZ-2R~-0zhA2(_I1+de-=KAV*Jwt`GgnqVqg6 zOc<+%NZo`y_z_Tokemf%J|r!FIjko?MzlAY@r1rRLVfK=()WS)+ugz7O~`iMg`nXE zqftLYSoAH3XJ40f2AZHPQ4y(Ll}=_rWVUla8n8hhR8~h}7QR)6;eR7uMlZ z$ZtT1@Si!W3MHwX7KGOrs?{elHifr92_xlABz;NpZ!n zpParsN#jwMmO6X}rSziC<8Y`>!UL?~4DYOw%))Zv)$*=^#HV~u%kj=>Cu}iq2)#7e z!G%xSFtH85GPvs@HQ8$HEl+T5)R1*+REFzcz#h5lQ$M?wh}f*iE^ z3G&tkND-)fnqiFK%9Q+J&`3g7A*q$qPMhzToea3wqNk`9xHG%0CO{qKcZH9Xw14@_R;+;I|0g_=#z{dRjE4D2E9}bB5vYizrZiq)ZOl6 zjoQ5s_lxZVjpZiW4hU&D4oF0#`D}&Tv0K=QDNO3SKOA~J^emKU_7S;pbX2EIp6^?! z^V*23rCK!=N1(|@s$4QVOjJ83Q5IS}j4FMUS|{T=m}4 z4x1d0^%^wu<5K*_g{o8uc%z@NNyFqV_WpiFYf?3gBxWIFWM%M#pSQBX*cl1B?TB(9 zI@zVfVT-D3<)0L+!TsjzUIg(HpC5=}gpX2OYW@X&v$Ni)W=kdLtYhU>5S*}Rw-Y8v z0O1WCz(5(`9i@I9*+-^_+W16niwAz0*#Z=LXh&4BluRCq+(N|D!{{PUdo_eYYDGBE z&{Ca6DrpQD+eGtF5&>*&9?Hbbz5xPmbkR_s_UxU!X1!Xc!X|YYCPFN_0+Iyt(?GxgPLrBqZfNm&H6_?5bOnuSJ}St#hbSMPNJ@ z=S%lZAn1X}*I}_sZO&cL*@(xZPNBxi3BWtTl=`8vCT)8U_{`ziugRw$$QyOOMQs(VQlHJq;~l z0dhY4@1ldMe4VV#(W&&D4S<6_>R-ARfc;n5X09~#?u!!N2CmJVDYiK0*A4MY!8Hq1 zb1IwUcZcRT7SRd@^|j{m&xif4vgqI$3BS!~nf1Bq-4$T0+I{1387Y6tg?aIFk}MS; z_gRq&TcHJBoAWh$FQEWq^g-J;mZ!|3Ws-4@GE~9FfZ?)P=U<15I-PyzOI2{TA*fB) zV`-g?4fe#tlY(NZR?kb!aoz=AX}&dHl);c;J&nW;I=QZVQ0e97Z@PUqM8fS z_kK4(_&bAFJEFb)sgAMCL}TLr+D&X|t(BB2YSD_wRxaAHeXzR~*TCRg%W^?8c?(Y%2?oFT$eRPSklE}gmS$rMqSo2r1 zR`I_#f9pwmJ;FwzXGt2We@NtR6|xyS>x}aS2|rXlLRSCP4B=2vWk8j^e5wYkzUr)V z7Neqw7PqUs9R6Oz(RbI#G?3Hmle2cf>KuN$NvR#_+@;wvSJRf_ZkBNk4JpIgEBT## zJNvY@4i5xxMkjRc)(d5whN%OLjT4a> ziPo<2=M!l^e6?R@q`|G#6MGAdyG}$s7YrqCa$}qgHLF> zt4?zCY4jIm#NoD%6N+heY}eF}zqMzkWm0G@D6cw$rwm(RXTXis&(B6<8JejXg!!Ti&6uMTyhZRY`Daj1{L;w|lKv zhD*$*$at3zo`a~=dFxPJL@+!AJvoj#a=DEsAze(zEBf8;icNx=QL}Y? z7rm9gYJ~JUeT$`XqNknRrQX)4xYE(?^tN(Jy|LAvq!Re8(@p;I-zXv7mj{ydUg)~f zpOSE0{)8mJz290Jl3UTvFT@7p|(|dU@liI@0)*&e6t3rOlbW*?#E z>MD8~`taRw{Hc^-Py{d4KK$W$n|@<%v1(d5aytGvl0i$N9h%yeZJ`-u(%%@-T`pC- zDbG&t!N-;k8e-3Xif*s*5VVWPSNJVBK-xt;T@jI{3iCSQSr@Feq0$kL{fbDIgD{w{ zq%CQ2ZcB|aE2n!3SqIKD2&zk>G>cvr2m3Z;1ey!h+yTQsVSG0n(?m;gWi_vxVw=7w zCpUA`mp36Nx8>R|oICFKv#Yy?>qWL_RPa8Pk7sBvT>mKgsWV0w?^+NDDC zR(dx~t7G7;Cs=h#yaK_~9HR-;Uakena~$_=U{W*|J??RGu+`(*d~{)wJLdNzc1Osn z7THSTr`bnIM&sZGEiTP(`gDSln#}Zsl9Cg&fNqf!Jg1~+mKC(lKScpcWqm>c%N^)Lv(6jnQ^GLM8R+va zP{K&}l{MI-gkj-^iT)aCy}9|x+RLQ2nxqp@(w%tq>_yDpgih^#c)j}gsCK;`>a5jb zaHp4c&7h2-4@tykK7eSs_RV-E-;gk+nhmPz9V%G{B>i8*3%);|PA|`e-o;0zRp>0; zrGhj+KdS3?z-7bD(n3};Lg}5efQrxt9(2rPRg5K;`&g|w9h>g3Ppco!J!|5Y)ypA# z)mZai2q7}wS?5;cSEl3b;+@PRz5pYV+fm)WzD@Sj5-F zb~AjGTfy0RDSLR(12y;_Hgp75ynL=qzE{)XJW8B9x*loS{>w8KV`3C3!T00EuV+7x zZM5fbX>fr#wN*C+#TU4h%~yYBoyPSDdZJr-N8xmDK5GGE{eQS1gzh0Ux2lpYhUGHS zQd;sKyTXnLDh29uQVz23CY>R1;GRNe-agqqRQIh{9sa9Prk&1@eim)cC72Vb0Q}! zC^w|QjC2{g+eBzPSP5D?`&wgftcj@k#EG0ZoTo_C+&vYdEz=#{fwfpFy?7|J13Ozc zx7(kDKOK95y1z1glg`AH33_ISGdS)*;Yd>%_@czKc#2D|Y_xEJT&=<= z8cm{&uDoqb8dX&9mQPbs+H>t+Tr0&;JD0XM1L+mV5@9z~@qz^>d;^ogU$vU=jY5ML z`1Gp}cYy>fkN^dvcnmm=G*;xO!ibl%hqPN$Ca}C^(Lr@Mzrq`o?(=P0vEG^LUA=AG ztQ3jUv~!y$IK#qtQu6&0Ec!VsKo*#WQ?B+*U( zz3np)(r@@d-#vJ+IUw`fp4v9|rh6?ETp>q2EE`~zHXoKqxj?i2-t~i_6IbOnSH#EK z?GJ;lOVnbIYXsKrnU1fg^&wiP645g6TpwHwA5j9^iz!?^dD}Ek{BIy`G-)8cSYy;=>W zGLNk?YFW;a`dc+JvG(Mjo)DvMvg7wS>`ZU-jNjdmpWAij&+Ny2p6A(6-d2g$by8xl zyN$GCsur5hU8$?I4c9Xn=ZpvYqptj+(g@4 zR$=%eo`g`-(IEr8l~BX=@RTH{^`*p?-Hxgz@}z4~jqt~lKC%jijTE`9XjB7js%(Un zwV~27)7>VO^p@|1$)?snEjIhCt}4=1L$+F+dmfTmj*mIQg=>JKe==-a4c4jl)q(^_ zocik!dqJDFXtU5RdJC?3UW{qe5z{t~;a*&6l{9w5_c$G&6|b6@t~&FnhYgORT1<8| zUZPqJdu5;)FWs($EAb<`i>@n_sEWev>4SrL`Ie?lowQr$seKXYSrzVU6b)nsE~rYd zmD@-6;g#1cGZ+EA`ePTZ8Ir^ZyU-dwVZqB4H?8Xz%cg~Du{j2=-mIDhaHo+=F7!E_ zo)4ajjkT?O=kuPGYO(ETUOk$(XaZw-Eud>*ZSLz04@U|#(lB|Sr|!I!YWljygnMQp z!@ODTrL4eit-njKelZ$oz%30(Aa<5<=-x*f#v)A?jo-rEP>-NCtK&wLtvDzD?I%EQ z+}Z)0wweu$;`sz^%{5*OJ>oVlohDKXv|Ek|;<_vI)&(;q zah+~7}UF~Y>cc-3>1n|!!~f$Hx)2|=y3g?Hm$b;;DJQh4HM>y49Ub?%-Vi3ti7fO16I zd(+lZ=js6UPN9Y3D{LfGF{!RvJwwD0e9@5l_fF}HG@cL|=YtcPq%bOX2)fabsSH7@ z{U8(X_J%%r3_%ZH56Cmx#7H_u8^iaE#DAA2z*T4Ch$&IyO0tcWAP+a;{hF#aTEDNJ z(P&eWT<%J7eClX}O>7n3C*mv9`TPeI4H*URa0oQ12J(pjbhEAr$Ol30mCg!W;NmDD z6$JmA%>6k+v#O{qi3Oe6I&6!X|A(L>C0^m+pa6L@krm;V@t)%Nvzia<5lk4;*$$6S z9d3Qfr~IMXJTpA*!_f{;{<43>m%RlJycOo^grb3Nw7MR7(xoU}o4<}f#sz@6OYq%H z1#dWHKxz%kQv_*^Jd2qpI83bb?HMr3TdbcC2pGp9tw%&niZaq$GaR)W} zG-jMhYzrbSN!ls(wnpMWkPY{z?GOoG7@Iix`Z%r*T=+*L+L%(s4fK{t2LX8K5emNp zkHKTWP=8oeBngggO$yR6ffnJhJ2yOSx8T`q+5WLiE~(Ac2l zqE*lHMAB%A31|m_caQ`PiwytBvgmTBKzGSRi_9@?z5X@`oxM+5+7u#fwoLz}aCFMF z>aLTv!5t2;%(=6`{(NL;?hRYeTZDSMq|0uyUq;v7Q-`TOvXrclbvqsZyem;IiD zm@-e#vMpe8igx9>c*l_*VzJ{HiOOKAg>zjaH8A*e<*t<{LqC43{n^$!^xye{i!?&Z z8ZPoxp?ObsYivXGn7ZcrvH-!$iCrOL#btwl`{?1#+<_Knz1_0qeOH&?)W3m^)&qp$ z6~Bx^Ktj#zxNT0h)=@J;&(sO@J&h`QjShaYSy378GtDtH7UmA$KdhvP$QwQPPJ(4t z)46Svi58GNuqw89AzLShP&p<{CGG<;$>8Rc80+bOFu2LmH0hV__6-Ki$wnyIwUlO9 za7dP-&l!v$TZ`}({IBQj6d70(S5Hz0Y~^nNzqzFu<=J#nk6_Y+QyCzd8K}q+{x!pR zK?Sf@5hbX0e`=x05DkCwpa(|1X}K9OihJiUlglkDVVpDlamZpVjUn3b)J})aJnn4;2oRu=Z;TKjAea$-2&SosQ zE?HR_+33nQ_v@-`YOGsX{h>R;p@-iQ9Nj*WsRpJtF-fKJ`T)@wHX>_EFwQ_%YMcgJ znUr6%A*YiC?=Wd-12?DCfh~z3f9h4bonC{J{lii#INVMNO z^t~7T!^&O9whWBa7@YCLydD3~Tlj0;`gjBX_w7W5_ObW^d7&>saEyL%b}*)2$pX0D zp(kqGYHK@G9q?brKIT@25__n!{MDP#~})+r(B*Q22kNa7Sr$`@}1a)?+b zBbZs~cEd-n2c8UqbubmkvcY>%jS(jwA@op~g<;Xff@6ueGEJCx$vW}*6Yn^sF;uK! zfDp9dZSCOseVxOXjY~b?qs=@LG5)%ZrEl%T5_P=VfRLxA$Nf2VzoV!kDC9&wtn{8J z;gmBZx!7R5eK-GndL1VgLgF%szy@-~J2y5N(iKtj<8W5SQ=5X2aQR*OA5|(jKQuD@ zxeG@~|HRW4@Pvi;B@cvVHaVhf@AfgKTN`z^Zd2GeoX}P|oiw^9&eE0g0Nvf$>)p0M z?Qebn6)8dycNFQJ7R|0Rx;OluX8*p-yrt3p(}_J*L~3q~y<5!!7gcP67;=oRtcRB* zY#hwJ4&9Q?>;(TjTK455QiBivFi>8`5Z(M`#5&1W%?b>qIK8Dde3uI%#&8N6uVTYs|TX$l?)qcH$M0a23!>j8qyopSCw%G8c-! zMN^og;-y#+u?;!5e=B<05EuM{q$V%wAPRN5bpufjGeYM!`GBZl25RTekP35cH`kFCd*YtzbFU_T!I zpJFO9oZM#b!zc8wJs1mL_g&T{!*WLy4Bt^hZh_g;Xj-O{^ts{6CVLHsJ)$utQ~{tY z9mtl*_PyS>6`nn=Gfu38Zcv$9ToBwU#SRio=Bq?)5ZXPZ@$~G8=!|YE=%Dp%D>ptd zCK;#xr+WlANWSUjsU?G{8V$#?S8tKVvqUQ}ug|$LS_0KRLU!3hzdNaK+i70I<5aM$ zu8>L7FfA`4<>qvn+>Gn-_s``cA`qREiTf6c3Me*gGzUf_wC2f=7|$sU7M{Qqh2zC! ztK&MeX&8X$OdsfBXe%Bv^5WAqFVlwo5-iMxMwS+En(-@p;2)B56C>dQqTB<{mn(7k%39 z)&g!q1iWAn+~4u3AtW#gM^sxF9-8u=%x<`UzW8qpCcks7f(aO!yQ{S}cC-2xh!k2K zcLqK&5X4EPBwfCq27;naQM)n{A{PgNP?(B3cF}mYcqp$y+H=|@7Z=5jerCAO8ntqJ z=;O#^UU#q8P{a7k{)<3w5L?1DK-^ytc`~!3T)o*koF{;Nw-0IFE(5XB=n+EQ*OtSi zY$zhoEhtse!MCvavW$tkIj1$$%rz@~lT(Q6i*0-3Uw;NJzs9r7*td%AdovD|>XoEN zo(_iqJ`j8>OVl_#A4EZM2vHSDsy{*yLN#CR z4?vh$D{hYOdoCHzv&>!xCnES!%+iTpEuVd1NXDBxWrim)tGAOGuox2<>?#)_;aEEV zrf`VLTN}hI7V%ne0+y@xJJYQxlT1-N5Ui2}qflID2OAByvFd@Cv{MUZ{NGn-U0Ecj zde&CaIfZP|U~v)?%p%9R`D0uIPI!T#bMVgv`j-93=4QrwYa2>uaRvB(zz52l??I*`Cuy`~Gs{1@K`A5##k*AvXlzEBdy(mHZ6y&;3;BU{Aj1vZIzi0G{#)8o zA&M)N(cEg*?M`(K8*Z{gGXZiGx|+MX9YMRtaGx!WJB&-n2BpOUkm%&a(9luB&3`;t zhF*Z_3tSw)P1q^4rf`w2V|)`F5br=`wrrk{j?=xVpGZAQ)x~nDhff2CkDMKWv~#jk zROr*=N=^qhibKEts3$KQd@Uiwh;Dnp{>-dJoBR=(I&r3{A~Fr#RtfM#sbl7!09CmV zGX?O#%b*4B>7Qcj;);KM=vdGA%K~SRcXK7&`QkuT!>I{o1Qoh|Vmnu#1MOwU50nt^ z$VZRmVHtIlk;;LQ%*||XY&Eyup%7|~G+H^6V}A|Jc8I`*Yz=kcBQKj9aGMtr3n^^&pK~~+pcP(++$s@(7LgOqS6)r z-NwD{emcsK9#6U5O`lmu^)j9Jvv8^gN%GJW8_@#f1-DvWUa3e(TqeSE!1EC;y0ygF zMfvNrnzCdH7dfSNTeH$v$3>w%>WtYA3I{8MZRz`kVBUNh+7>&dB}Qsftk|Y-p+&*M z_`e@3->#gZq&7S1z9aa8zWBFW-Hw0WUMEZCzB>+n-j4P1tiSm24<5?D_`irYJN#_7 z`CG5^;LpE33|jF%wQs)9Bbz$>-f5$q^e(^3qk1~J`EPdG=VJ=PoC@)$SDGCzH`-im zXi#^Cn&)l$QCCOODV-k5*-bk%ePS|fUtHf9R-E^h)1-_|Fo?P@tj}p;&oqxZ@!y$R zCPw>>YfGT|T0zloZX_<<$u6JUD0k-R`54D`9*{^^^o9T5(!9 z&wPk_q1W8cEF&F}U`Ftgmiw8D6fLYY4?1a{I|=m3z0gRPQ=mfhFp&oG#aeZc65re2cXyd$!gMLy9*5T1z(^E;{V*xD`y@1OF0;T-B4tha1#hpP@pSF0jz z2DnomNkXy@tPrI&OomkPW3ZiwUb+TRX^9so%3au?yXB1b$dMI|0J0d13Q6IUVJg0! z=j6t~%x-X!$Y8HC;5!Lt5*b^;Q>>^|fEOjKpp|;i9_W||r6eMP-x(xO1B90ELXrJ0 zIA9JrG|W7{$SF#_mm-r6-UlO1CHly?^jgOcmuAv-E{W*OP|_fs1hSaf-Azb0m&_M) z* z$T&KxjyH^^G|D%>O4Rs*$&mPh*>%-v>YYdBK}>bC;Q|yz=gzwp<#x!u4Ov+?FtNfh zWp^@BOsX9pT>OK{@NaHApF3PR8L&D>)3KOB+pBI1@J*aA-s^kvHlUMeGK+oBWXw&? zq$HQDi(4NsEKyP$)9z2{9vni_2bCcnU*O`29uKw{Z~<)|ErknLqLZM(>=+Ud0!p(N z+Rz<{RUuW<-XAxAsH7g6wDS08cjCDljdIQW@3mUViwc{fjezeJs{uDRn^%0=dCWoH z&k$5b1f8e`AN z!339e55@CrNs{KSB}1<)EF)<5rKkEM9NH_^=M8UanKP)L9P9CpPlK3Zr#oMbD!b90yJ7k| zagW_oDgG`~!y5Xy z@xxMa_|f}-&``%_!cC9#a^v`V;}`{)Vn6eW&kM6Y^U&gjT3@D&DkDRlG{{QERUs$i zxarX&*jJh`hRcucj`Fz4@{j27cn5yGnC#01i1-b!m3n%j7Xu=d0#Q@g?=%{&;s|%< zx7>ek+D4>aGv7HIyP;MJv6&A%n14N&;czzUbP*!v(S4#b@SVU!qa!s;g{cvQ-fRmU#F=LDIE8IiMx z_nZ#?dX`521K{K?>6?)zOXW7f4*l{t)7aD_K+T)i%*I3%e(IC5$~)TUv1SR`&s%x! zL#?`C%yw;eJDBcYB(QZFz?l}R#0xn(v%Z}RwHUw7Jh?A+W5zM^r^Ty)pU zQb1(5PS@7=Tg;`w(7kb5njXWP@#N!rk&9$r<){Uz0Usf5eDZ3?!8i)Q^cwmnqsQP+ zJn`O=+H9`RoAnq?#tFW?gyDCsqIYTQWjua>j!oDGu6CyrF$+-3)zAQ)F z_zdKCbi+&a*H?f@^_7=BulR|u%obN@#Ksc#5}}yC!T=CsFxYMb(VafEQ-Z@f8q~T~ zyjcq(PTANZCC+u5AU^&+nvdt>lbX?eq*z*;e6>_m9BwT4*)^!gjZKzOpe3>BYHK)U z*31?v0TZwt2Z(YqyBH!Ml(M|?2$|6tSat( zc*z!7T~?4|7rApG@9Q~@)2R|ZF%QBw?WrKyV zWv7dkd`)1QO!a=q<^I(50I+QrT{AY;h{S!G^(hu9uEk3=eqmxjRZlH5%G#1cdY(HP zx;#wLADiY9hb}kJ580-Ohy9`jkzoXLIl%jo%fZ(Y91bF>f#BH_4U9Uk1`D6vL8#-H zp0MkjA3|^V9O~8l=64S->!slN9blKi-7=m^uhlx@w+9|;Sj;&xpst^zM;;Zi+m2<8 zsuvWPzF-?#6jG+RS!)vX(2U-0Q;m^BHbVK>I?wq9G2t$a^_SHVQ9@m|zta-d1f~En z!Zz`_Q-?%@1T6{zjlg3FBIRqcb&CY(ATDL>IX1G!7l1B204h2P=IBCt%LnF_GFs7@GiVff9@L&e2uI*kFbg`yY|ByhkADQi~*N= zX`v2l{T)1=dnPajGmFJCyGF!8w94dIOmyYpqeWJLeN+A;*SxYR;QG}uw9YZhM>MW^ zzG2JBVrq6~jc|ZU5r2ZHIAW1<`GQWw98b{dv<%%)hg3FVLg6^Go$6vbC#ehrbU0!KYP3Le(pcae{Q_I_;F); zzK`j>_~Z8Re>#3%zIM0q{nmGPH$Tq97H{ZhbiW2({C*^l&QZUgK6d2(Ez|R2ukZeR z{9KS!J9jt~h%;gDmuV_mqvUn0zscE(b>?KvI@r!+%y^z3e|hXEt&a6I(jV)%RqJy3 zXgF}V$qdSnNo)edNt|J)JL=4%RqfJGv&7v8oBDeomZ)MTsXZ`C0yXB`P)rRR*~tp3 zxo>1u7+YRaRT|V;k+F;@PGzXVDS>QK<@ooodj;p~Dmm#RKO6KD>F{ozYU`aS^?gFG zByet7#eEH05S51AHTLpG<>L6fyfmgxE7`g|R&tI6g1dOR9GAC3RB^YeN}^}1*M zxL;2i9A4fMCMGmp_shB)yd8CVqp!{5A?9yjQ2TSaH^-4e!yCFslTb#J-)rbEWxk>G zW=I%dr5zkEuQ_21fltK>->%516egF;ciG?q-+m;9x>cMD-8oU%09W5o_hErJSWd2@ zad3`>_LqkQp|q#h?%}LL&fatFGM>G(Mb~f29d}{;%k}FgN9Nsi{efk8c8Gk}?K7P5P7F)FXQiL^`7~v?MwN<>+M=wo$MrMJ2TsMU& z!-}mcl2r%3@+b&smEa~&HYwoAQl(v&6&)b#P#7P)f$T8}PxT24A5j+3#7n;w0`QY3 z(wGj6&Og1fGN2o>Lq5$>pa1wyhA6WRaYN+qRQCwr$(V#Ky$j`LFft{jBwVcl8(O>guXr zU&ncz*99LoDCI`_a4iq$wG{G=N{MC=np=r_LCyf*#7RTSwaKq%5-y)dL#3rsTge?* zs{`b;6p2SOI2N1mhx z&!g9O;jPt?{wAv~)GIi`Vex!B-9Jt5KQA0-*QuicC1x-eAapsU4bNr^T4p8x;y3ye zXJbXHB*6D-BHfdORgZ-Mk2?`6&gWtkM1l@+=MuGL1%stkh(s*ENMmYD(0pAC-D@~% z44FJ!coAo6wsjrP_W->q1Y~+TcVHE4X*SO^Vr%BjAC^r(;<^XAR@^3t9^hlTRUh3~icue;8ul}S zSk2zX-5I-#jCviT9YO-YyFj_`gnfg2cQ!J$kg{3hQwnDb^qCVGyzb|~uB?xR@sIQr!jyvk{QNZhnmg zy>BCP^(N`;Uc@rfuG0E;DD-;Hndy{55>EF}Sw0A54o5{^nHpKIgNsK$tnR`qooLgU zxoP@2E(JpC6jNfi5#)QU{(f2bpEw2D<4} zEQfiR%S!1oaFWGoAjmlTloKjy_>5-Bu{Y)42qSiq1wxZfbf3S0#qp`t5_6)MjGIhd`DlNWe^ zLc*_Zq-{mUr%uMZ&U7QlpiLej>0TdCd>L*5?}LSm=S7?B1CNaBMOq2hI`r@j@{e5| zJ@REo1>9G81l)?WRUNSEX9pGBH3Y}4?;@6UAXb|LbB0c%LV7&I)q zaALbzb=54{=mBE~$Dqp@Ut|oBj%O*gd;D+k&mwdBtRL^$v33Wyb?(u-m&b(ZnI%p|rg`P;N{m3vMc~7HF_*;($Iel$MIX z2S_QrI`rDmGB|Yxi#~2DP>8~V+5~!iIMDN3wYX^%a9G2kQb~}|VyHD*p+0Pwr`ROW zYLmcg4ey*LpgaXdf0xheYYw75dyy^daUg!RxX^w{Ac#e_hZ-}?k8j56kJ&em@^8Tv zj8V79`z4smZ`p$UF$n8xrsBsJPr4390jYt@Zb8A9V@?EAQ*@4Mp5IxpgSrHW((@F_ zg~G>!Bgzk{l|jX--!{GaQ%#)7DP}F2Ih&pD;~h9qu1RZCV6*^c92v4pP&NPG+ON%{ z30qlyG&F1Q`=Y`rnh{Wyi58He#7b}cxfEv1odp`!5!e8Z)X--g5u<)YQ26YW`n@gr z?%q_mz#SDDZK}={_>JoerwQ*po0-_eVGQ>&-OZaD4;?GExL_dV!^qdHu9L-grK7#* zXo&cw>PON5H9Kz&-spD6xM*$bG0}!nt%jqL7^aS~a`{h%vI{N^+p0@6{?>YFXbd&} zFiF4$r@qj5pV?$Pv^O?+N{!fT|AjY;>T>g1-7U8oMj-CC`|2;J!TANAQ4E=-My!in z0Sc$#nE;?p>6MecPD`ny64Nj)H-XS7naDSnU~)b&Q|KH}T`bUQ=A0wg0Afpan1tLC zS?9oK|HPwnwn~UU!P*6z?PX1uWok8`+~}@+RPK^8T}`+=Y@O=3S&|OWEP69q+n?K{j$@WKP*|&`OnUN})3DDW$=L-3j)(2O|+r zOFKOpY(~E{?I$|iUWX)F<+%H-QmI@y&SyMCj4mp8;5KK@xnm~gRJYeFd9+;0a#XZj z%&M-fmvff6yO(ne`k+mgPXT(4Z=30F-8nVymOs&XbswsrlOhT7h)3N#(nH41 zUhl(CP8bALxpAj~YDqWkXoZYvxl$sGkqz!$KO5CMpXkhq1K%A@3 zR#b#ezt|>ONewb!#*|`fJoM4y$FY(4g4<6sYP3kTW-*PU$3*8qN~ycu(ml)msnl)Y zJd`gtp|Dwy&uKuTl;j7so0TrI&g#j~3)_PMBA3YNZ*2Qb2Z_fl?d$|+xDSll=FNwv zTa;c=nNK#|Xm*8r>QN*cjt^U1mOaE|g4D@4{!w_^`Ud>sDbqL}khvxe+d(y)IMe-@LbswS~U~ zk{jKli=3jf7EwX?4YZ}&-X)wcNKUaHNlw$a;h4Na=Gte{F{I}UuM$TuaSfq0p~)b^ z*&yQAa?7*vKey`I{>~+J&a4YnPMPM=*y7BY`cgfYx|gkw=2eTFjTz(3$@YiJ$_|JD ziNU8wn;~2whBH&Hz{yzN%C8hFT!VO2ed$!J-A3HTHBrWqF*Y*w4kXKi8z7Gg`d^Ly052q z=%!z(_K@}zWO@MirNAt{K+T3R_! zLyFpIX4Xd^zNUaN_yFnoZp}%LJ8j!F^H@))6xI-QW>x;iz}_-X6}K~6GA)>emB6NE z!tEIFaa(ytQZ6vaKH7L-_IeuLkxp*H0z%zLx~iJt@m4}fVlr;wwp)wMbAu`L2<=i+ zOKPti7APqNnuroDO4m#)&4de_f z8j!1+v8YLZtDO=k=xPzhjuWjMEpfKA&cBLkGG4YcHaBjY@7n@*W#69+C8j5h`?KFy z&%L8@d3?Ta)sEj@_m@>gSD!aOkAC@OmX?H_#_)&6t)>G6h73Dw=wrFo_ptq z=f|OtZ5o>kfIu#zG;X@)*Ox<@n|zlAsvBMjOXa$^1#9G4NwV7Q72MZmj!ijMuRr7I z->#_B*7k4|S83g;-q#U7ogfu|D|5G?j3%%c>x0gek-L&&kN=ONdmTBFJXmv?{T%7L z5U$(6vTrWoFuu=9hj&gppGE9jIV^9rO?CCK68tfiH@~TD+dH&+KP$dkZdxq2=>#5a zTz9WU!c^M4dj12;<=(z2sb>5OjFhEELJIE|cb~sz*UC9|y&Jt|%)7R>zlT#jQ2{V7 zR|@5D;FfpTI>yn|H+^TFlsz3${Ip;`6-kQ=Zulp0ytdbFDgxv;a?qEMEYRU0YVO{E zM2{TVz}|U;kxjy+})xr{OW#Y&@k56Wv>C~BD9u_kA zScPcZ)DGponu2K3JUV7LVK-IL^^*d zR=Jnj^s9y#J_XXBCR23nOjb;dZTumkjAjrltOE-iH^>D7T=t4mebLn%xbv(|Q^+}s zQ6#0+)`j8k$lgq_(b`bwPvevJ7&E1oq|K`|NLj!U(vjpDfDSbQ(T_8!sf9;h&L_f$ zFQw6T?nfd4h|G%CmNE0pT%G6Zf6RqNc8;pjz7BL0Cngh&W+HPRkr~a;E^O5VgrA~* z`pXU`5w|-N&CKh4zd-u}Rx~6YMx1_yqa+S!Z68|l#S*CygD(w28!j6tV(zj9ezrb4 z*(jGA&=QsnPrpKojMAxiRiMD6^jX1wi%)Ib>J|oS>nwtcG~N#3>ekA`jN3#i|i0Atn3-@MLoD0Ecf~NCyvscAQ8B?FR0&-WC^g z_I{~GNN#gKi%AuO8VfO{(rE`MD#s}?$2bhrjNo#ke&0qKQo4$e;j($Hr+$gb%{d(? zC?w?^y`_%B<+<-dN?Sby|SbIzgO1k3JoL)ZF@vM_pWgx(PM*=udETc}k#c)46u#xBRU1x7y#y zbOG6tJP(Hx9rVl9*KUj(jZ@f*M%j$VR(-&@?&R+dAxE3UUGIUdw=+JgnrM?z3K*>)9Z|BkehY!h3MI|Fl*H^7x6=n4}5v+ zv9Oyf0AT+Lp_Ahe%C=-6GgvqJ?tb;90#wjZ+>`5orElcMH=(bsND_DQeC@7hjWfqA zFpB#ThYGJldIvh?nqS5lFT;20;BCjzlUpsAn`twa*cCLC`p=n~(CF#@HB)_oqf`G>(Xd6Jjyp>Gb{P*SsM#F! z8MOb~RrgNF(318}mA9FhQo@4t@T!Irk}|yMJ_@}E^%4BF!@v4Xq>`SppmTs=PrTNu zSm?J50hVJPHU^p|I7qVA-;YjqBga!<@@`y#Ra4i{D2x|{e}5^+kb9y)>QvC#A{Cd* zZGqu~thOL6@YJCyWbaW8)M9J7~)H zCTOXH0h-9YT?^UbcklOeFPieV*P`&5zAVnrBxRfF(wDaLt~rT?zK2t=$<&#)M2W|e zhZFrDRj2!qUdEb!KJ3Q(+Vlol)87(!f}U0+RQh3I)0gWgF1vD(Z2#bz_hm|~<;kd# ziWS44iKgmGRSN$YRk1DglCFG>9F0CR_}x=~_fe0Do?hE1abt zLFZ0dXU?9?rDvbvWHK?Ah*3zI(-%q&qy)Ccbe_0y^o|QUDDu0hQ75ix`zy}LzD#xK z3lj;~ql#@>X0(sS*_(&2)H&A0cc(q+y+aO1v2Q%j<*VKPHl0~Yqe)HZc8fH*9z9+x z{QPP438^pnJtrqc#SuF~%opsU`>^Dc3$l@YhT?ei%4tLsCNrsf1enrdxp_P5JQ97n z{wO~1Rq({mP^RfL8vaHYSBrS>Cb zVei=|PUWzqP3Qkek#>TUb1;8ktMZ|8vU+5(!ofJ6DrS?+Z%-EtWtILv1;mL!D+gfL(HZpFuo{IdL~0glq@g?DHX3x?{W7r>|k^p zb-ttdv@uB&cK!Kk3AiRxcQ3EM9wuK%dOWhe@#AxtS+8dtuzr3UFa1}}PdB(+??(6$ zkZvDc-JVx7M=NiW77%JP(l36paxbUjiz^KReAdC)|c# z5Y9)(5rs@#L!d*}$HV7t^sCALbf6+~LygD^sCu{k4pK*KA$!;AO0xhMoy?;R!k6^e^xUVg+23#W=dE z#e_Gd?Q^elG&-bPq-i11KHRCbDi{u69*n(S9i< zr0ms(CXzDs-YA&MP~fzbR(rg1J%lCG#CR63>!C53qv5&~k3H`KL97>9(_o+cGhzcs zSI9z77eU`480fEcfar4u+QP2%*%?k>I*VGFt-`pqEciE^3f2~GD#^CgH9tf-;2u~c z>*E$cTv{EJ_%B&B;{4u1DRJSOX_PcHZEqsHec&HTu&2ce!MBa~gY(0ip`&0fF5j2u zL!u=%QvreV!n<~`el}h2yUC(!M#sczFaM(~_+sKmNtX)^mwt7+!$_6rNNojua2MLm zG;VSz)9Q=H{3~zVK&gF$i0as89g4Z+`7Y= zit=3niJOhb#(N@UYGn7A7kG40=Rt56?_d@Z%y;yJi`KYug!V6$Of^glwiZWLN$vGR zd|w$K;gS^%ziYO<3}T?aIXnXPsx;?hg2fn{_a0y(;GDdeoON{}+tR#W_{K)q>{tw? zNh;kY6}jJ*S5gUmd?}nlT=rk}&NR`E$z*!#sRdoTmbmTjK{|qIgzIIBC({zA4q9Q; z^A1~Mi8^zyImGj$ZnnMrh0G1Ru$F%wR@`o-UanRg2u15#%l?|p8ME3+?KJqOQn|xs ztc#OLZ<8MV2v()Qpy~oGI>|WCm~8#aGu3ddb^4D=q!F~z&4$wj6`%}kGslYQMyAXp zT}Mo%a*8=T{PEq=ifXS1MbLweA&!~YQNf_FNZ=r z60@Ypt3%dwm3Q;-djxW%LE_|}$4D`wG@@1XMK#Ja)fMUt0_|VM$Dd`<6-9pn$W15= zV^~rsZys2V939;JO~mXw%%25xlrA9FRS0&i0XdO?z=<)?NU?$lxk9qtYD8nDPXB7yC0nt;KW&#)Hw zyQI`*KJ_h+eET|vnw#?1k>~wF@3`BziBdil9_hgZVeiXzrs5iimA?(*fSpa&HPD!w z#>ZfK7mR)KAvOnC(t>{mW>-}|F^M~;5L|%KJ^vmrFQ~@HFT!dkI;9%Jf{*Ismc&H_ z@KyC|OmOiAW3^oEPZ-{RIS=@;ptPxvO^wYQLo7rCm+xzTg z&%hR7EqahgZy9TlH$I()vj1?xTL-JQyB$r{Mw*n$RuTfo%iN^OSpU<4qYwAU5M|*R zck4sPaiSidbQ_}Hw)LH+Ex9W0U^?BH+94UOi9locSZ=I<3uxIL_z4_@P`04o#g%b3 z^t)CRSA-BV?NgUV%A{!SQU*Y=tMumysNB4P9f&a3xIeO0Z!dUNK4?WgOj*8>tr33~ z@U4H0;#q%0S_(D)C%!?HRBA&sIVTTI0)t}n@2@9!G+_`=Z0Vnc+Q{vMS65)QSgKD~ zU8zViu4BPW2rMa#nGp^@r6AN?i$6{blz_Ln53V?T*x_6&Poib8Ah>B$BktB#9||C0 z2Vjqoe~AwVn7(VlOP#0JkAl;u+mW?~y^Irc)LF1H1prp`vh6isZ;ymo92oZ?(@2gSgx(1%>$pzD=rgtoidOBu~Ng4 zkg59EP6>=9w-Iyn^(9A6K}FJ8e5KW(?5GXmn^uBz>Z2ctkU{4`sJQp}Ld(ycO#5n2 zR#ATpXO1qS8kLrU?C7U==(=ZJueBEt#s{lFYB0xWin5e1z(t%pxp3vCWdY*$Ep#N| z<7|_{h?!igtVCiHig4@4rorUUu88B#MBpgcNshXTbkCDG%%66?Dw-@fcX1DxOz(S$2m zhk%-?WQN#zVK2{8mKA=6?X14eWBhCFAGALiARn*lewald0|uJ;oA+0d4r{p#8Uw85 zoD3O35BOi+3QIP$`W+f4(b8vOjnNz-Rr2-TJXVF3?~=Alpd;3jK@J=f= z`0Md%0*Uj1%c@DDqu$iJuDfFZ-kt+Mew*H$^nUPfe82DP$cY!#`n^u>%o@Fn_FjMc ze7il5>ODO_Kl#4xKfFgZs`cJ}?)o8nc!v0W_B^9_Jxa}rJw1Pa^;(Xaq2x-pVF19EvlNt7X_gU^!4ft@sBIqrZm1cZ|iG=hTO7S>A66W`MavKsSI_&3# zn$NmwwV`4kvSGYJTB!xFN)jfSB$tWWVhPb7!3md{Co<$~VfP0xg#1gOBX^jCYq-K| zdp*YFhujs#j`du?uFcU=TK3k1YmIE@4Ppk**ihZ|tNTuXT)*`v1Rb`%bP`~1zf{4} zNp_>TIxIn{&L9Y#z0+rd>0;R6I8&(vb-2L$>Njv00&n^CI6q|rEcFpdi>5qUGn*tG z?U+UKIEP9Q@H_^kb~#2K!Rt&Hn?L*}r4Ytz{RFr<(un(ab46g~=x9Noz)OC!lhdUw zO3O=_Y^*%Q90F2xCuPHNHWFZD*?*lNr*F_%CaZlUCSHld*T?*(B8m|OMo*5MB43RQ z+mT%`KAy`Bf$9@Bqg7Dh2Z!G@_P{Gx&UL5J&hvYubK?)x)WO!NDv;-&j0Gz~Px`(i z>ybi}Wc69IzC$eyg;D~9rBU>y>S$w)p@vlK`4m{{gWN9=)`gGE7{gqlm4~B(D+gs* zP^aKn@0r>`DG!!~g&y}9$MXq#afJaj&W+gwKdsqJ`}yrsEz0}b=_yzBu4otmp32<9wJnPBz8K{IO$C;k7XBr$YfjI7 zdnS)@|NCO0d5wTg!sB{P4`-k4b(8kvCOI(L6}`pRn6ICve9KIs9gOOQOMc6f>{}NU z9dkuSJ8laO@jJ!N`TEVdlxzkpFVxphlp|)l2s^;2eyP$;Lr%7dx7h{4^AX|S{ZPCV z_1|C*_7z)$0 z+ij`2sCnzheEybDxe$#~|xRxV;N|t;H12Z)$qC>yexpZyC z0;WDBJ%KOc2FI{r*KLMMsG=nrNIPT8>+O>E5Uo_I_EeDS=i>DEloxKM6&EjGzmABy zyz3%Z{1FZ-tq3H<=CAAqg(36~y4zVUu2JR21Ph04Jj=%KXBZ#iG><>vhcJC$<0`>VAc-K?+_hr9C!R58wkm z#=Tg#GC^PEYJm+GNr1TZ^XHVKg>5QB$Z&qMbyT>A|1E&C*1hY!`t-3j-GVJz5@A6} z$J+(a5&7!t7;|(L^v?#pm-R<%`vzTVKSoug((X6)C6r0P-CXlyR0-i)tx!*_ujPYq z(~u^CMOvwgPhm$9FOset0A7E~;&rQ^fQ-*HoFM*HTe6;f5p6oTm+h1)lT~CY$0Rl) zwu^bdifUZ`8FYSOJw;4q3LPgnb?;2XB9rwm$hsJ;I+wqBIQ|?`9*vgx(;{h#z9u|J zO@o|8s|8i>yunpF2yZ8|oF(*`=Rqz%A_00axP+7iHqQO;48t?2tt(xVC7PNrQ~NF3 zWT_ZE@odBdSGF;s3ra*pcwYs?400pj9u;o!&#d5UMT;(YTbVBRoTceb!(w>Zm*tKK>XQ5B7zit>>SLF^fQjT+@5~ER0-Yqx)YR z9DgV{5>jP2WHa_bcI5*v;pF>w_j5?j14SWaAyBzWLSmrdwJkw4OQKX&VMv&!h9FS} zn+?aKrLidGvD_}@+V96}4b>rMhZkg!{L6jOF=@1qaSQFL+Tior$*)+l*6^C(AB$D-Ky^S`kG?yaKF^la zZ~t-f&Ro-M-Oloy(#RF3W}S%I(tBN=Rqe;FJCb{Ct0hpoUFkbsLe??OrJ1*5n5$K_ zlT(%}(qc(W)wK^pW{dR+oKun_lA~N|pLdTo$j_*!bmGBg2blY#!pzAw$mzkjVU`i8 zj0LwekEumO8HS%rh*mfD=h4CsHH5Qy=Dsl%EEmrYHFH@?uF6+e#yNc3sRS}&$3wCY z&=#TyDc0t0L)89cl*l;HUkmeWTI+YmuWH(_wpC)~hUjFW5krc1e}QADFA_)d<6c0lhp#Tn2B=Fw&OdgY64 zm%Xeh2JnuMV+p`1hf{<7v37T)_aMw<=>B8v4x9&~%b{mcwUX7gg~yG<;~zwk&YBy3 z!_pofmg(UejMBEm`M>-xX*cg;)G#sTG%#*USGcuYWO@Ny|FS?NMP~?xDoG)E_<&3% z$@hOtyC2`9v-p0mhqZdVzHgVOwQ@fLho5lw@O%3QcI9JC_f0i78b-IUhqpkLQ z?~9P2QR+21dUx>A1lOeg6~R3u*4B<-9=tW{EqxB0fj3}8%}>dQ9-)>%K$t0@4PF+H z%G;BmL|Um#$`E4x+)>ep-V{rPdy<5+>Z%ae57U4_j2D{d?#(JhX^7bd?~z#q3PX(c ze`~vib+JO_bml{2S6BO^aluiP<3?hxnQ7ndsT2_fZeh{mS67sUQM+RHw2`l4&anXf z;chclGehqbxpmeP$>`r)2)`VCSigQCA`%gFPQwr!Fi)Iw1G6E6Yn6bzS&NaPDYl}H z-pSitvc=m=`kEgvG1zf8Bu2dMV9;*F-axt9f1A6u-J|ZP$sfOyXUa|g9WlKo$S{=r zUJb$dXypkg9MV=p`l%9hBzd!;{~L^#gz?X==T1*chm<$d0q@F|F)1}a!N$9Ffs-~h zRTMQ@KS^btRo-mpxN^P~1BL=nPCZ3C|k;y-!!yMh7 zWd3Jem7(lUSmcfnrWs4c! zmP(@RYSXuMtSuN)Ev|P{)Jr1&p&&I2PUOck$>|J!J1^_K`OK?dcl+U?D6CD5-;?ep zoXdReGx32(d)wiIXL@z!U4PA@x6^29cG;l47bOjuIjmsSX#!?X!Bm- zkqDiZ(%O;k?_vhC5{z;);K4~oRy!-!1^w-hbRv!1nNLbTo^jB2W>h|SQ&-%01sFwt z2JJxeu{Mt=TcSlK3?MB`DA&>jv(YLQmztkop0?vKvp>Siya|dB9UozdGv<3(ugJ~H z_MAq|ozqdP&3Z;V4HAd;;pO8X<1G5=sEtIwEk(VjoO;b#eQ0>fMC=)uO?n7sJf!7? z=TyB}M;R1Si z1_-CWrkc8vkv~thiVeMaj+}>{-Mwm&{&GG0={$LWII3c1KF@5l`9CGZZmq)(PC{+> z$}QEDz389ZKN$jUBP^^w{$WJ+)R?kn5dFvT1LR3E>U{$k5RimN=FB`itm=OH>|S~32(;H-7*z6esAxtwc zQVOKxMXj1gOvZs$!Dm9uiIL-A^2{=|m@N#F@W`c!7*{z3b8Y`AH36#~_0cDDawd6j z>2V}T7J-k8O_TL4I-JyRx^#bzInKrkFG_huh?oJoQ8X@YLaHM6;W!)Qt@W!$>ZSq1 zwdqiDYHRk`;4c0<6~vKD z`##W9(FgrS5~M875D|3d(2uB?;C^Z~$gF)Q`Qr8-SA$ywNOtpBgg93VGBX70m6 zW=_|9sk(0ovX_GUkDpo0qbs2<2xc7x()Q?0v>_?;J+PVd+jO)mSf_!D$oDEtsw_Xp z5;`GwbwL)Ogg}ft^&Kd*d9a4rF36kaz98=t+;}edu^Ajw*0>zdhM=Jv!iTK*VI+W~ z|4^MjI`D-0sC_3h4IvyIczjDL2p-r26yTAksXhVSoMr)KC-Nbvjd)+tQkGCPwE+Y8 zUM0bLbkt9unFr<&SEqqfF4|HcWwqKlL8sdNRS zO?SBohIgtYY%Bg^k(m;00L`Vykh(O!pT|S*MH?5n9npm`G9zZ9vvkZKhhdaHkQ?j? z+Sv!PNq8ufiS|%zO&aGn{OndDxa5bvvL*N(?Jrizl7;C*4k5GZ0Q=Cq39h&HtD_F1 zZ8QxhhLe6%jf`Ng&5jE@2`5}OJ0HY;*Tt~Sr}CQ?Hmw4Onyem~v)&bkQDCnP+pdMw z68oaEyZd}dG~e0jVwnyu9b~VcQCB;4plXX*3?-F0w36upX@E>6wwuL3`GSmf`-RR% z0Mq=X_F1b!Cwx~!jy9@p0ZiO@6cAHN0ky`)Be}WLzLZLYB z9Bag&wh6$kWBv%Cu&4OjJi$XDbgIz8^^73&M=z*Kd^{(qDt$%(h8n(6tcO6ir@xEz zL=eUyHZ45MC)(SHZ7C0ebFmer4DB7~DHHQ4HJBlIr`TY?2C5>kqfU0*ZDcefiyL3q zH32b0tR%H)4mLu+JR@GY2v6IjYv~n(*hN_%Bo~%5D4I-Z-4f_f1#}{!HJQUYKx$q^ z28E|Je%~$LT+b)qE~IJ-h!*D^vbVUD`N4)Qxm^9ZPi-n%PHWX(>-y)*G0qidF6`Lv zlFySi8pwfa_v%Qqm9-IAf+x}bTy}lMZN$$70M5$*_|G{28I-0dGce)-9y^@z)Az1Q^U!EM&@~O`9Y9E;Qbb5_ys1jPMSCU61J1MfulD}^Y)S!@}Ntb z4kh2c-Hbo=Tho&T?%dWCGE;Bl5Y4>p+RknbsGJ4J?VDpW@$CD@h1&f!@!f4B^r)}u z73&j@eCw7qLJZCYC(2z`wC)kww=R1kOg&ws%N|hZELu3S&v3;hpav@kw#Oi(82kg} zmArQ4GG!220h>e06Ftzky~C(}=;P!Pm#dtzI%&1=*EaMa>9p9SNIK@;U-Gmp_b^Bn zzrtQpXp2DJ7#w>wjCncV*IC8qSjo)ZLQSEZkdwe1<&XiWLj+q0yYF|o)kKNZ>5Mfg3GL3e=~KMa4L3R`t1Ig1Qgf`tYEdpu7r+?fI+}n?z(`v%QMBi=BU}^>m|e zX5>7#f+oi8tKiyuS;mJlpGTHEahz&+%=(=yWzLTT;0YzITdDm~I)=P0$)8&=WhA zN+n7_r&?0n^ssH5YK$ml(v8!o%@NJFk3^LI9|V6%ld2Z4*Tv7IgQ;QC@sje@(va1E z&x`#@Vzz#twY{C^i{&?z&ORi#L3IFqg_|}X2|osJJ{t?jF=`N8(DPtV2Wjo>>}}~{ z?v(q#I&cw%9M2?%De=<3yyNEJ86upvSA!eykz zgXea{Y2Xc_1-os$1sZ}Q)mWzmy>k!X9A(@&!Rm=m2069)Ejl%Rd+?9Jan3KZu9d*S zhR5)lwt^MLn?jF}Yn8yNoAFdUSJW2Bi*eK*rh%IpyfSTfCVLD>D;!7dY56StDT3Tv zQDLoJp~?h!XySL`TA3rpieVkR`?@R${7bw2(`r4QCE?|9tZ~eaG~lunzYpgG4E_Ry zS6R~`VoQQGo#^>GNO~p8uXUfl4>?TCQ^j)`>*WCoHC(aA>}7%9rgsDeMjG&sTDi|$ z`YtI5xaWsqZfJKWirs7Gj>#MF{BeoNUvX1Y*ako~wyLsIXkyd@{R*0Bao_Cxp4^^3 zOk9L=vG{&`o|0@a>2rD33J)rj`dfG=8~4~DM@uR_?c56}1;_$)oGC|Fdcc)UhLbwf z7+AexH>kYImktZ`gPyXYR2lk4*Mph+(tpsZ3T%f-oYsV zEc@sy1z;f|p0kxF+R?rR2YOwmcXgN!Z0|{n0QNzj+X%{2h0lM%w>*}YuuM19=?KcQ zPb=P@x{%6fkS@-twEBeJsCt|_g{8ZlCdSAYT%R0+SrV1h{4Kef2fRtIR@2I*6|={g zN{ETu$LsC!ok8DVbvM7{FN9)yBhX#`TkX5n*1Ilq;maOzSp~gZYWM=eUeWpYTkoEh zzbHdDmlcQl*Vh_U5SEPc`<4o^ja1GHDP(`jN;N?%kin=tY0Q7HuMIH}gzk#!M?pXA z7!PcN4t~Y86T*aln%z0|?m3Vj2wwhY%lt{{yzgWi3Yn13LiF$;tW9T9o#HCem56X% zYO_hlL_uDAg(B16^(hKEh-*2s6pp8|199J`Sy1t@yWe@%H`^9uF=Q%(?bb zUIE^_ES*u+p>eNJe7ljYvBNzGUM#f4pp2EOvtJPL;855XNikCP{yvwr?Hx;_{CatZ zuChSL4*a;GFiQ{Xhh#WZ>KEn^OWQ{P)^bDpyRvSGNe|<-*72UqO+Aop#;fERVk5-i z^&cOPYr_o>J9LTR;VYmqZjB2>aKTdwoukFn(eN~!|w$nxDV~2&YCx7g;x&`7t5Q%NV2d5 zd-Ol&>(pTonj$4EEIa$eM=@P0_m^*L)T)@GU|K2;ktdURP<_%d>H%w72TXna% zyjNcQ6TTGDaU<4H*`}a>uC}K}#c>ida!cFKzCrUqlul%QLKSg)vsuV?QNBOUB*S)h z=zCzkLdToXJBiii+a7cznV0d3XV_Qq`ApmpvtIQqr3eXVd8F9edGH`E$^tA z30!5~j=9#wLN~4k@a*O1C?jmd3O=&cPFFV!dY;z_MaB*oO=1n|m-YOTRp{NfwszGI zj=Bgl`lH+nf~Y?T@&2TO0uQ&^3DLhrZ`jQSjqDKnuz|3J5H>H2^E3*Dy7(|48}c|?87 zrd<_R(=?+t6@Ib#Ls=V=j|T-jWj7<+VK15VdZGB5^tKSf9Zz-iaPo+L-W@MoJ}xZU z)#k{)f#SRzEaZBL+&~y?>$llHhZ$9^zZUxL8%~Db*iSbgRvFE($%OxP5^AO*G4r3~ z6J3h>54qI@CSagS55oHzCQeGwNcKio9$m3hrx~+^CGAL7><10oMiXkP zn(%4ZJWY(`BKc8EZ|~g&3xUXRba}e%fg#s>OeK2+JzOWHstrMP{l`luy+7u=z`t9{w4_5js{J;Y`pE>|aD=>6ET8j1Z+Wm=;I_ zn3&egMbl8pYtcW#$Nu!b416W96pX(sovt4T*U#bIrqZTjM-Ph4{OuYIVF_Jim_S~0 z$ePuJr|2>p_M01SJAj#co=uw$l9RJeO4-01moPyZoUoTrQpCXLg=K~(MAtG4JS*8`FM`Qsuhk* z$rO*?X*JDjjyboFXJjoPm|@vPA$p!xlaM*lA**H5q!}6m_qxmD#dai2bG7EX`!!8g zOR%ka2YPMA{Qn^LTaupfBdbulK+EROBUBsgCO^L&3V1u@^?ThDoO)v?(6lt6cmf4} zSCx^F6JucjT%i!PeNAzbR<#cas$&KzNW=dFYu{}C18c{SOC@{!ZJGA{U#C03TaOS) z`Q)E@ax=0D)(2OQI|q#HNKs}5E7x%}iruWGvpR%dM5P`zPhjocXzy+6t(K6jSxjAj z&mrTV0c)n)thWz7ZiO%{6G-qQU9K(f00c>n@7ePiq58D)>A`mTd8x z^>MAw#_d?gDA&cl1@G1@=47Wur(5|v`t!(Us`%!o{G*o$- zo?xnN5sl2~55WSsKocUy49zf4$sU}h=_&FjLrUJO-4rZ9_uD$B{g?|!gQ7l@AYO$= zph;Q~|1h!jwb}Cd^q2gBCE1qmwYH9A$!t_$^Y{ZppNZ>#={?qVo^O_=YO~n*j6M#r?ko zxNW0cz`4HDJFezPiKM6|^B~gdjOAlfXh|}QUZ#ky-*Yi`tczuKy z73MJg@_JwimjE9>w07_O)@U43pofq4^}1>>uB10c*xBn;tPEc6le-=O5t}>smgD>~ zuK-SWbt`@(S34!9+|zdofwO4(X;v*zH{ToI;^OKmoYM0njBafccwODDDqBQDgY*&zKwV`y zj;l>01z3UX&J>64?M*}##kEX|PBj>h5A&KYXNAa_?(j%R#F*M3q74{sWs>{T?&cd{ z@mFuC?h!^2x6Ikp|CuS6$9*SR{OgI66`xGC9QdTLgMG*>SK+@^bDM5X)5&2lrg>2( zR(8w{fAILjLvO~YbOP~Mbe2j6E+u_N$}LrW)f_*J9BM<}v9?s|=0FsoF%H3HH0}eb z{~x~IF-DZI(Xwvawr$(CZQHhO+qP}nwocpbK7AU~@7()+HfeN*oPI@|0tyVli&CG!DhS4Rs}sqi~yLs>8ln zPVI(9g9E4sHN;1QjPD>*G@9e}C!50L6#o`wG6NSu_1G|&e4unCjsT!R0vXN&jGgg1 z)a)E}jiUulkS+m~=8W#lAeT1j{QsHg+Tff2e=*UP#o4wjWybs!4tf18h2CWIGR$g7F$p_Cl;43wJ4bDBFEqu57NIa}=`q_}kq|%TQREDNf-$itVk8FPIUJ5O zQd7^PyH9x63`ttV8&c!IIui8R*6cLHxIcBWLCQwwFvJu@?wIeLBU^0DIvXPhBg(`A89 zJ`$iZQU!)I7B|u5mbIru<&7DF&qSJ6WEEW9DsYHn!yhfofQR!xsXkly`lJRHY)S*h7nM?_!PIY7lrBLTbl7zM1 z>(Jb|WRGIawZ#${0&lFgu}XQ6 z8z!qu<#t2QXFsQF&EClCfo}^}#S_&L+4_i2ZL9Y#2pesm$SB+P?cQzo|MuNZ=r81R z7p}M<$^zve3#}BB5*x(l&5PDl$AeJ3KL)5r0c9)FIfigNQ8!D#5JJbxJvK z{O_GRG_CKJHnLk^V&N|EAi??OO@QI;b-R*5fPY-ZO8JA*p323+eqc}=`Tdsy^zz=| zEd?<_y1wO0;O*6q%3DKxlUzGlQ*BkBv*y9dn(PvO^Zv-<%EV`&zi6YS7EweOhzX532$Z>ynS*Kv)ID$%XQ9(>S&W3(hm;V8@Q`T`o@i%>5HFqvM^^!y|W zfsNFnwpv!4w~EZ_PTi1-_z-%gA%uTC@=I}jv;pWZuWa=_D>1c8aol5 zVUQmCzUIVNRhsI4##|a2TY>(F>vdgqe6jxr#>)WFf&p@`Jl@yv8mM{19aXH8E;W_4 z?=ezNvCoIvw%Ab(4aL2OXD1mF@|mU%1RfR@A2SH3Zo-;tA40&pJHY6++ zHpdjv;L%%VxjZ|%xVSv8E|=f`{3-yZe)4@@uB*rYFK%xxE-v3kAPzqmpktZk>)7I` zzdHCO$Y(ZxkBQkI4w3DcGJ47nV8z|l>nno3W7lXbgx&+-jjjJB8{5g#^IQLCr!7Np ztXh+HMh*V@pfJti;>Ao+T58By$%xhzOPza!SV8P&`)%-VWF}$?Nx-Z%ArTv8wplP{ z7KTF;SBoLy&N5}<{a3*kM_*u!z!Htc==eVsU-2Q)lw(F>?%8ewp6TR~gkIsX<5xG7 z#Zh}=j=!V7Rp0UPHzKD0Cij>CB!r4`bIDi559`LxVk9n8NbDfjJWG>P5xq1u-v@}Q zGmA(}u$6W7&R-r=EWSQ6*Zg>hK+F5V&=U2BgLfhhhAa~QB@Tc_!!7oq%QcfSS84wH znDIGLmaas!we(vR#)VcK%3R1WZR7y?Ke)XsH4lv==l_G-L(u*=w?9k$A8y~Cc)7B6 z1Fo2pn|Rnh^Qr490;C60ZoQg=L&hl6vBck!>NT56hdU?hjfp;3I^*Kd6AvMaPWe6Z zAN%&N{+jcM*m4Da{{B5tJ+oj?5fUFB2uXi}L_YMcu0*_+N-pi`^wk%v`K;(|y8jQ8 zxBiEnXnd8+tFF))VTFVz72*$;g63?M4w_VFJ6bIg=#)cb$1b^RwTlQ;k*{%}{c?|@#) zTs$hj9x$VIx1Wpk%ZvFv`iFXF<1Z!Z$hq2ig z7s!FkD%b|?b1Zj}WCD8_?1a!7xIbs)OciU1$mDrF_i?VvtwNh*nFU>+7G6+$XIW=b z4rlB(n=CwfLYysFGbrf?-4OUe znwNPycmB3=Qp5laIAjysLRSUNhK=q3u&`n9>&yTlI|@ApddN|@V_;wX6@Tlf&cMV> zLMt#1hZ8v|0V#EvlL7CXOfb~rXA8e{X?dV>%~@H)IxjUKl0&1Vx(Utvz9}p~;<;;^ zaapmKxAju-PkB2>%T`}^)*lwuAtp6Om2&}PUPD+hL98LHfiP?Wn0lyb1lvj00#R@} zsM;oiv`q$Sn-0)49inMEMA2$!n?%t@pcm0J6F!*Si}-PSj#8lcjHTmktZ9|MPB0}%ic_|=-QG2TZH3an!S^n?KgA}5 z#?mZApw?caGn+ECeYSSXzuGZ8&FDJ*tWdvh;a59>!+k+|`11wpF;fhcbw)j8CcgY& z%&C3+*Fg#fVj-~5P*lfIGZoU~a`OJ`gx<%F7`{oq1o8?m;1AoLyO@gqIL8`7b)`l} ze&+Z3?Z<72V~gHD|2-)mocUN!<{@@#H`$PDaeKEBQO32^PM4?UzQ~eoizT1i`49oZ z0ZLt(IDPZOJLz5XOlnd9ka(E4Yc(aaG^^E+Inw?P$%J-U%*GyD#MwiPxQext!0;wp zV(%V>wu!D5fN&xjy{6FN*3ZSyy}8<3ZJNzAB`PNbwzN&Ej;ba*VuS4@tfxNKtJwow zE#lY#O=n*4{W=rAWMfH!l=ccC+V#%cGvK48Dt9f_*&NFArT-I&CO=NU z5pT?~AHve1XU~Jo|D(C}z2A3Z{kd=Y)8E|O{pM6}^3(rjWNvT#^Mf&e*7h@>U}OB* z&-lHM@xx#C@ROSD+_v|)k7mjGZ@#TT@1NGNA9=rRyXwzJZPX2qR|blC^X3M!{dFY! z>qzL(TO)a!wgacJk#=?cY{hObu937ZdYUUG<=@?HuE|(A{_f`H_A;&v`?aqostd1z zb-1q!PMRUg#dfE*vdLJqFbXvjQ3)gtF$qN~l5>>ySiE7JOdu!gQ`!T^a8v;S=LP zFh4*Dg}e&$S&~sG8BeW^-jqPJ$^r<=FNB+Cl-=8yu zj885=X}^ApF=Q9AFt{s*m}Lf>+ZerD-tgr|Gw|>SoIAT>?Ev<~xhe$= zW-#J_Rmgi3N#+p?_?VZy8)eF;!uWxlbv!Vr6fS9l4OLK9y!x&L`jkJ< zv{dNzsw4cI^n97D5yfj*TY$4=LO2weAxt8Pan>Hb6Zs4#`P_7_Uf&XfOtc&V`6x+y zOx|=&4mq$sgxk$h8OjaqTs6>E3daEzrc}kR8G|)=nH3xJvRk)BM_Js|xdbRpC}J)Y zG^?sJD|f4AhKgvn0ECN9C>0%v0vKmhg`LiVy zH*S+36NeVlECTU#jn1u*F!RCRHoSA6J&6t?1FjI|*2P6MJ; zbMyR*N%Ib4j%W(GC&fwFxl9Fq?Y%FOmD)*+gfr?g^U70NcG^+FuY^ONGptj_pIRB!Df@9_BEV2c9iQYT$0?BIq-b7Jxi&9H_yR14Sb*G z&Tcmuim9H#a5d2FFruQ+5*w3ambq>-2YEXct<6RbFtQ%fVTBJ;LV9Jx?+PbVRO}Fo@5Ln z%|gbX(7sO_DoI?kHAYb>hs5-J);$0Y2xezy$$Vk~bm_Gs)>XMC{!qhbsD;!}Z1#As zbf%=d;T-W1^TjbjNvssvuZe@5oe&yzbB^J35!ziECC8G6P<}$?2B(^xacxzzEue;L zNXf|G?lqSyS#XB^D7%uE@G%V`Ol;w!8a*HU@dJxPVWVjUD(Cb?3VYQD5X1#C=_JOh zSW90kc!rGA%&#fnFgEhKPN`WRiZY=E|z{;K{i5SxQ1LbElZV3#}Q*qK3-RB5U@1Si7mAHVGh55O~25 z$B#qw%vhEm#q!hP15C+CR*3HccuiFxI&Dh=HN)?AHY9Cd!D3T3G$%H7z5+hnJb#N< z&88|O8g5OqzHmxR*`P!ydIYE8RGjJz%(4Zx>bR|xs>tZxb7rRs>IG%&g4%x)T7NFK zKXBWsl+1$^L$nQ3w=>ojdnw{uD5zRQGImfjqLk}O-ZOz}OL+lOGA>51Xv1N*rCkwj z8~86U`jX{Lm44fcP{JKYx>tKGUqP}=ex~ShK<=H5?ek$vvUR&W{_QTG9%xH1^;+Pq zG{Z}7(zpgV$58oNh(z8l zq;;O+jmnE@KwRK*TYs|z7(%271sN_eFyO<`C}*QME8*D~&b316C$QGC#hk$s;g2h6<3S`* zWK{r59*ZfN>O;&G{Or_>fOG=})GWrJ6UP(GcHN6Z~-%piXL4 zswi;+rXb*wfka$$UwQ^w%vT} zGGt)(eAP=B@w?```N(z7GtKc%arwAY+?s1{K1T|d&Wbmfd~qGS4MA|u88^Wrra@Me zy4r<(Iynv|TI%cPxuC2^?LD4~-7r@Cvc%Y4lMIBDL`{p{$oSZh{g})m|BAOTtjg57 z^!b|)jF9V-moQj6C(maf0>>|?QVT&pQyM%wTh%&dRc|4}&xKvA&oN!gJ__)KE+4p= zt%MyEOAh&9YIn$~S&;B#Z4FgCm@igFexLsSD?}ztUWn1F<9#uZ7fFS=C9Z1%;sC;mA z(~);utO5VU0US(qzrD6ro;I!V7J09mX5rS-yt}Cgd2?e+_z!`C3JgP%yrKAo{Q0qvuS^62 zNq59whp0I@IBk&9x#=Rk>HS&8%i*8nBk#N&BZ%S+=gaZbs7>CFNl>RfC2Y`fjEyK5 z=;y*&;vl$rxwe)QB*hW3!DY&q+8c)%;6e@((R`X=mB=nFyH}F$d#U6kVH~CWYQuM) zEQPXKiGyUW$c02mLWfCZNf0lynkuI)7mP=g74@;9F$?shv(420OW!DA!5X28;KEDi zQcD`~c#javeVsr1-LBV%#JGdPn(^(NLX=JF@BePveML+2ELVc2tO{(*JMEeSf7n&q#-Ir$ zT>#MSNH&wWi?RAN%>fZCN1YF=jb3~hHsFcSH>HE zpg4|B*q*JZKnLd(z9pwjKKB*1%olT{9>>m^_J=6=YE+zOMWq&`NDhYeTzZ|$O22-d zlojM@=0B*PD&YFC3dP~o<|ST?YIt=uULSaypCOuJc6Z1f*3c^G46kGlrTFeeju76q zU{iosK)70H^rBS(vOoQFfr@X$QbR|=ISbYTO~fS*GYd{k1t6B-{3euE0=Zg9OySk+L^zE5bNgdO=PX7U07h`4eI zt&HFAqfb=DURm)Nx=bD%BORs~`l;Ojxhbk;q%IJ8f_LCRZ7@5#8nl@Ac4yra>n_f< z?;)mXl+XAiN-)C&L_1h0)(H#q4LQ1U@ilUo4@m#JjP%hYAtcpE4~y9%wa8J(u5lWk z!P(bkd4wc=vS+()8fKZh)uGUt^J~R^cjB((^uagIi!}_;BDdJxjjmRUD#qZH!C#=6 zJsy?~P7^1hVI}sga(h2WVakK)leUBid(+-(_O&kHwM&xfmJ9 z*rsi|Ow)JvImrz))4^>c{6tKn0KiwBP-7ApXAjYgEw-9q>#$|_07+c~@oX7*vg>*r^G@5nh2 zmhC`)d*eR*#DfxZl1n}SB6o6Js%x1%G+ps8h|q=WQ6HU~iiE2nn;@dPW~vE?5Hv&Q zgtJD?LKCW`qgQ{D^$fCzpPu&P)A{fu5F;s0J>uHE$M+ZbF4mU1q$YHg7PmH48o?na z(a;m@WObu~_z<7$IijM&wQ!F6q5v88VKtjZ|! zCm8MqG>x7xQ!0gtd?Qv+SzrM(5kgq!IN|p!Tqr;DjvSqf$n8`jQx4;|=V}8aZ=2ml zO3$G~kS|15$ zih*7sRJ*c>ALBp3@S3Z5BG67w#z((tN+BT70@sCOIv zlNgPcNSD?Dy9%tO1Xw1D?p<^&%!hByIKOaPe%BE{Ty7yFfkwwi!eJO3@d1hMLq%BD zEO%&Z)5(jSZj;e^<#>1jAP5Duj56ai=+y4KKTzczQq6^* zy#dcpB?Y62?`VcUTYf$&(ON8zXFavYmG(WD`jIE!3rt;0S(5}hndSBes?n@(#6fC0 z^XfGg;0bipPjgDf2@-jvRG5O-51{m9&298R(!Xs%avEGti_B&Ty~S~XiZD41Cc`D) zK{DImKUZ%s=?i>ni%~&|cZj4{1F}`91X1t!k~5Bu%iDJKydB*xbMCJAnYFN5`!2ca z@?Rm)=~Q*xkjCuI-3*lX1C(6RiCYY3Y8xaxq?_GJk#{#+dFP(5X({TL!B^42ixn?` z-$H8fZTnm)yK*bY?+PfhGVWr=ZDkoDDOG2Pjq^##+`J4$?HU@zZR0SdX|-}XbAg*x zmB`=J`$n+HPLR6DCt$0fFyOYY3L1}h_kSeYt}|$JaO{O=oto&+c`}u&xEItZG+KSLy@I2Dg&KZ<7c}-$LPQ~bUhEYe4EJ{o zDObhq)Q=Omp|gtLa6}fh!o2BR$@*l-q0r4>h*aA*guQI_vMo#!tj?~ERVNYKokg&q z+>v`JfVAj`)W(TkCwmn$UOIJmGP_F9?s=>!MSR5(mYU$a-Gq_YGj?L6aEV197)#m@ zlqK)k=L!yrGnj@-PS+8&on=IP0r{hJHJ)@&yHtBOiz zs>LvoPsH3>uZ)D$DAgP2j3Azc9S?z4*$M5?tW;z@W{;WWh<7du`jW?|>M8LBy2BKv zsqrg*25rTPYLz{<-q1zA|5)CVw#sUw@s$c_+ zvMrP?rv=ZB+<4>`pK;9;j>wpXFaO{wtfw5=s9jEYADMksiYiKm3iYZ=Y@?v!-E6|X ztTxmE;G=UK!$GG)W12~GHc$1WHpro%p?1+vv4RY}@f8sw3S{LbVjG?Lsy}>er!^c`_bAbwDw$ z4QH^(%nWGTw?7fQ%=>z>|9Q>(`PyvG7u#d!|GC-Z2frWJ&;R-Q+kX?^&+Gqvy(w=m zzptZ<^COf0^N&1DZ2e=sKmSW4&i{6E;_1x)Cw|Rv*HbP|ZK`A(d7g|@)qJ8CA}r%7 zN8Dc0dV?}uFUEhO%7k)toPWbcV%@|L%?leYMco_EkPqI8TO(I?#6~z99HY0GrkDAn zSsIA5ofE1f|98X7CG7N5EnFd)BDPTb8u-spX6wy7`aeA+Z~X2UGs#`nc@1-}o>xNl zs4w62Hck5jyTOocn5=~PMyLA9@k3L=wx$4sHy%6#n3i}-M^D2?FEnHMxa+_KljUir za?CiX>9aAl5-#ksj0v2|fq|`JnRcib**$IC37X++A;HFduUz?zbSUS_`Y3M$+EdG! zHyN#&Lfge)wC&K@yyuQ>>dJKSq_K1v`&Ob5bgp$eub=PZ3M@!3Y{L`-w0j6Bl`o}# z7A#zVKoI>PB4Z7LHIxB+v{C6b!B8QCa}5aNju1h(>oZ+-*8qPWJ$z1fhA^|#!83a7 z*CAGVt+aq`ymDA8kq_q<(!M9T_Se$I*C-#*{VaI+3EUh( zkqI~ZU@c^fY8a?=jvG;-VkeZ!h6Uxlaj&JlgnI(W5`NqmS$MtvvhYw`n09`JJNsQp z+Syt4qHH%o&%;|1o1`;u)B^e@j@E^05--Refsg|kGg=v6nJVgo%H?whWmVd#)M*BWYjshg&j3Lx||xAxpjT z1)AWmdGKstGH^+|m{X_ic}&&r3ac?EU(PA9?s(bdpOT$u!gE%tmKj;|90$pi`#pKV zULT=-(sAY9KpHrCe4QU}A3rmT(3MCam&&Tt%Or#=$CsV$#rFPedo~G{aT*B8BM#Gg z>%vj=&c2)JD$qaT8q0Zeq0`-Hmyd3m_^iN+;pE!=@3_7>OKWa>F&Ff-CQZm3HwF(e z)*{2=yWThBYkyhYF9FR|^w`_f_LIU%B99tsE^BN{AC(f0!$9JirZHwS*oBNThfdXy z9BCvA=5U+0>nWjMf48LXiQ$$(!cWWRGszH*@V}m)kawvdXZ#lE{l8X)LqI2fe{lLg z0rCHcpC4v;rI9ZajV;inFLGljj;P%y8#D|kZWPBaTCjMvwuAq~i4{Ng)9c5&{WLYd zIX!#1ySKEne@t7r+ne95>Mxulp8lk(NaTE)y4>|mCI8Fif$F_Lf#nm3`wq+px%4l{ zeDM2s0~uGj3HuLXoaM|5d|f{p@MJhUm)y(Wa$67EiDas3r#f(U?6p}3buXr2(3OiYIVB8G(!j)RhrM`^J$RQK zBGf}jNL#)AZn|MfRg8KHpUKb~A62}XUB)*zI~Ow1!yG@8KaT)}!Q3wc420KqF94W# zuiPTwI~K!KN=w-LynR29!l|YVu#tNzxDpt5y0S2yH1mPvPbklE%s^qfm@ilCLzmgX^C&djJ36j z3TMy&>y1-UQ8+VDqNy^re==n>GfvT#*veIIZ4%^&sY6{p*1dOx2)q%~K!UVEfLw;> z2;w9>BSAbI38*Zgot4hm?()l@O9)y}7}r*)*v>Oi8cK6hNn)qA0F`CwtOldz`EUWpCDYmuHy?i2`# z2CIfH-J)&VOf8V&P-3k0s~-QRWn{HUkZrICl-nf>F-`_kU5AOr4zk9&-lBy`TVX zpY*TO>-G5QCjIE$#_8D{_m6w*W7KI9guUjUAWCi z&`mC6+TlMeZTCYRieav>hb{6)88pm>k&1#&pjmTWo?<%E|oF0uFk_d1^wyT%YLp z0L?dJW}v9odb@11AzovDJ+sPmxby3R^<^Qn+6tJ?RC#6qqOe{ra|z>lPNU)RZ5zwL zN+y#gydm7?5nVYW%Wv@pSUV1&R|vKNIABTPc4OYdAZgu3t(onpvQjw-RGVS#yNCy^ z@OIs@LEzy&*|LW{#j2HFlId`iVJ&w7XuIW|--%Anl1k%e|0c3qAgfkhy%Z7uiJHij zH-Zf1t4vNOj|$}N>=>~T8!0c1-#M5_;Q0pxDpR1pQXK(aVwdv*Y~vQ)Qu&C@#}-CoJG#== z%$JIDWJSVTDb?9SN)h)`%LoRx9y^1>pT-&n#>q$5s}P{hw<+o z&-$;fuK25RvxWS4DfepOmNn{SBNRli#Ti4(dp z+A}e88O0-3k7ZYw|O_N6pS8!|)u_ZOmF1V$8#CcF5OB7T9_M55Tp;f1iHC zRrT7qyVZ)r_d4*$2ln$l*L--%C%0zV#Z-aQ%a*XJkfbq9xw>reUsYtAbA$5?>df= z!*4LRc=QrS$Yj`0_Gy7C`t4Aaz3Ev-TK=vAQ;Bgj6?)2M`s@cnA$K-eiRdq&U5^Ph zz}Xm`y$6FDiB)e8h>(uK*&dXm!ktKu1kp+Nki(ECWDD~ovLQHf4bNv}W2-kgBp^)v zAUU>@F437H;ot@2_o#KUorx{Da_aBSNF|pBFM^h~{=)az97Uc4ZH21%%p{T+S!@?E zm9I)>)gTIM7v_zr2qB5`NRgDnnrgW2@-ZSmw1w_N&9sf6E4m2z%&Z-?68#L=M%cEq zFVURx$c?cP&-wKtOYg1Gjp01C&DNDQ2cE5H1st{6hM+|BcyV2TSvU{cU>2?nsU(~b z9~LiTt*BQNJLhk5hgJqF{~T%om6tKAafKP44sOrD!lwmfTZCt?p`T@H09YI8DtzND zGsvieW>xA28_@kRK)mN&n7Z zsrK>E`Yo>l{lt3y9qajQ&P*ppVUX~Y^L27s40IDW|5H=Z**WigiaOLr!O%NfdSBe! z7^Y0wA1Wk_{4zsnD`f^tj^NvzaIu8KSrX_?zV1?}9}VVA`6oJLpB4_=t_@oG=kW4! zh|+d4%d58GyUwQ4*!J@}R(zX)+btH?9NuSEOp}=}xUusEqvS}}@-4v2JCiY%IvA_o zUnS-ZcL|gI&tyfZ@qXT@DDw5BY$-OeT>2m< zL~S!xY*dpxOX1~PZy9Xo%EAO}73`kL$IKJ_OU9e73O!HYiRnN`2hS|*mOPw` z?P(PXovQe>R|X7MNh_hHHKJA0Oe^W#5E)6KjCx}gtvr+n*S-}@_bT$V--kQ@QliP3 zD&g*(zgs@MQat#=?PdVASuv`^C~VJbem?>SLHZeJ+B3edU9POFc?1DG#z@LXsR26t zJqQH+v=m5JXr|p3mdqG6cRSYFw-a*fy?^}7e3*TQWR8K2!yv92{4A+3vx zQ8WZI7l{zOj5R4D-_0LyKo+QTSg}S!gNs$pZftC;j$?H!l%m=i6EVgJFGJ9}Q~1c* zK&TN>Qpij8by0aVhC}zK%42muugLr(?x^zPuZnvH=5RNX!d@fX-;9OL7=eVRPB}69 zeCkO2M{cgr%*f2tW}%b7&z9eK)pHF8eF?MM-Q|0eN(Coh`=$_@%n|o$8UI-jLvER* zlWh^ThsXjgr0{%*l6bpE;i-XOr5b8626@vlm4mCFOJBXW@-!Q;Gly%69OZCf=fzZV z>58Z}yU!sDXnX1hh6`?oUh8(fxO2lky?x!h8ScKb)2vwF=wxo^qS`iD`hHgBU(g+N zD=WUpQVgoUuVG2sg_2me{~ep+K=`lN6tu_bb1njkUyNp@--tu0N&wnV1L74DDMo=OM8J()f@F7mF-lcM##K3Im=UU zk&~4AR%&foO{m5VVjS=Aqcq;469TO&6G>AX;+28R9^3j1Q_kvmqiR#Yg?fIms6Wyl zd!V-0@J&ExNi&s+l115WGzG%(z($TMOT)K1t>1_;Gk>%k$wGK*L^UJF^}&M7ZRi0{ zDso=aK@fRUx}cq{sKj!?Zj1(&tb|e1-FcCPkDCLi6?ULeQUQE9u*Dghb2#-G@G2A{ zpD3{?hTcuA81XZVj~Hk#;rx|KrAk2}At5B9B}J%}Ouboy0Y?!Z+;AvvD%Xag2z>FH zQjWJoorQ=8mHb9!-|ximesY!-oJ(gQS60|3+D8C1ZJv;WuXFk;c9%C)7k9U>!9Syv z)^7m-X0}hXdO5m}fU6dzNx-xhsEL3wzVv4`-E9kA=Rce8bVy94?!5|!JxY~uh;noZ z-`5@RwG89oD>wJ0X)S)VyMO%(k!?A#cb^PCU%!yd2j6f0&2)a;czc6&++Y&&wY5bb zfNs}B*Q)P%oO9Dqg|kq&5Y+iB9lNYMd|n{8UeVp;QmQ-9#x*<>YNMI|%?!shj|wo) zb7EG7^~eO|T03gk5SO=)OsL%O?TXDqs`>W01TwDFrcN$BCXz94u_iOO+vM@Z2r*Vr zc69kE+k}c8ld1`umSFW5En^_cuWL#1`2L<|AEV-Ppw;(LdW27}WPm?*#(XaPn9J4&ghe&)q znVpx9gM&V~p;-kNIh4+nZueVhMJ!Vw_usoL(Yz{>eDaAoDLjeGs^*Yu#j$=>sFQcp z_O4>z@eB~1l*%69g|gv}?;Si>?T;E*Zu{Z=o$lTelqNxY9&fbxmc~d_{|XeYET~53lpPGk=u}O0nM4CS%mdHrQHWT{UmsCs2b7sbJ#aJw9ZLJy z=a^#erQI1jlnV$SJk+~URct$>s*s&qK$jIgY>_cm1?=EsQe|YleeME>K78c@+oZ7J zlfA(p6Eh(r;rwReHexMIJ>e`(3dOP5PH`LuwRs#<*NjYe6L7ms@R#n`Z#IStAV|xe z*vo1%Fy@WG4791AWRm=R7<18c*cEAPb;hsI3g1-q>(OGF)VfU_of6;fY&UD z3;FHYV&L7){K?X;X3m?Z+DyVm;-xok7SM`4?uEcT#sw-9NOp@$EK4QL;-W;V6jA7y zVmc2o@yxZw?yl{CYl$*2zr(&)gs|T=o8EmG1};mB($vLq>csQyWvsC7(AX1kVNx{G zuykmQ?pmU1!j1mssXq24&uO>^(Pm988Cg|)8!@#5L z*~&^N24P_A8iD`VbsreG~`u4OXX=z}1=-FT*_gb)$k zle2X|T#Eoas26GKT^zAV{%TTdYQh$$6TZ!j>@Ybx_!deBx4b$osC!j9S)w*Q_txX3 z+fA$T;%W}fa}f66T*m0Jc(S8m9cigbK|<3NeWqO&V}J4WRz@KHsYlP$&`SGpO(L(B zs-TG!QTurm#0GL$@3>Ba;LQEk4gycSU`ZNBv%UMIJmm2GlJe!e_BnXm+ZaZCZGwk! zRT}&9BJ;ye9Rv$}Ke+)V!tsN&bjq9=Z&^_nrBk$ES?q9EVZaA{ynVr!$TUwSAQRHPyC z6Wy55@f_o4nx(DIZkz>=iB6K?*bY3N+(1HZ@8XBx1~;tf{!MclNP@N0wg%HKRAque zzpE@7txB1(%PQH601*!R3MDn17u41trB*n>Z9F+p!EKQaUjo5ymLW00Z6<&#l$KhZ z6;B->zP8_jwfa7<_icM4Q$tG{6Y)PMcY}3+^xY8Mzv|4XI>T>bQ43JzZO{p)c-UUn z*Oio<)uN$GS5vOK7v8!`yRFAePQjh@xeFGd9=CF9d2XsdhH4DhiEXKAn2NJtsgzaR z;9*|kfpZ`8UEtv`tL}NTgM02l`if%?6`jV&#wcSQQX%IE(4MIVWCjScin3EuWHcpk z+(s%)Y);kwiy93q{&SIB!@sWluc@_&XNoQy@tZE^VL~~0wiUH0vg%)|bLWcY^u zb&x1#5n_mt6lo+n=e)!vu_76Z^i;~bO&>wNl?!>~fWP+ELczRPdEkrZuXiay2%wMO z8}5l@8~c9yWpmeH+Ov*}AS|-9PW9Ze!rN;ek5rPAY(a-M#cwbX154p)%L+fsAOwNMfSVMg6XJ(?)BztKLBhs9*$ALu<167$ z(ER$jC3a@o_o?rFUY;vy%fxm6NxJGk8IImRC!D~9Kc{yAqSr@0C9RG`fYQ5j*k5k} zTC((7XrnmvgfPT-1a{n&M`EKiFD1gZS&zuqWgo4`3L5hWp^q zC08m!>e;wuGKpONfY;BL4^;*|Nfb=zTX?y_@y$4@cbUh*I{_bdp6vjYDpF&Bb zl#&SS>|O0l?%ZiF4h zd7}SQo9$U)2qk9KG4?Q=$yp+4DU&8dit89?1P!#TzHQnzCCl_HGNJMtp0pF?)V>VIbRw`BF4H0$Nc1}d=Z#;;dC zYpEASgRSU7aUENXZzq|~Jreb%vxIZw4dHPLls_yRXaAdz|L5<{-+Ww`trGw5q-Fm6%h0X^o)Dy$&HP-Y+R6M~ z)Ae#e+1s-U+PCIqq5741yGtR4zg)+LSdBH@r1JtjG%NuI(unXh)Fq9tEdGj|J?r`E zTYx6@=1EXj@Tah9@MdU?~}2?$k-3xa;Zuj+(LxG2!Y z_Y84Mm{g!f%5Wd%m2rJ`wB|5QLu!JLi9oq95X)4p_G*oktb*1lnr;X~)FfB8X3o8l zqyLH1#5V`c#prl-lIeGATE~*5fQL{5mxQnH^GdC^Ltu&wEH*Lkx%eXmI=vS8sES7u z7kf}F776isHuk;8Wp;YH_m(sKPl3#X=hmr&hYp3!wKho0TnHdFk@n$X_k@Fg3>9k^ z{(vk?y&hoQez%EqS!P*oalO2OQZ3Fd*7Z63P3C|SlRkugxX-a|YIS8!wH_6?szMnG zKaoM-Q_08p$r$1}h9N>u5cA`CU49;XG$kFu0o1pP43hXzV5Yd=Z)?s^%;@wRg+!^p z%n0F&nv@c=BA!PuA0siipUvZg*Tklf2I-uek9*X8f1RAZKH#mPEGshD#(C`|aOTmX zm@uC(_XtOZdL}pOP%wtnM@>r~JKM|#qVDH+(ZGM5p`%uNutp1W>CzVVp!}bxh(|>@LUk<+fh+lcnVANY1 z%QLK^GX4DiAL9pl51GvrGCm!It&Agb;u?rDxK~qv7NM%liIrqjZlHcb$Ri)2K+fS6 z*MzWx0(v>Zm3_n2ETudK3AP7TWchXkj2ZB=i#bcwh!m&kC&wy`!4is8x!rLn)kH93 zwmZcdy?U(ZT-FlVmG)zngF3Gn=O_!#{?U7ne9!V-^AOi=oe?!Ec}7VCyqzUR5rqEL zKWk?JLHMea1dhZAxx|i9N8tV@tfWPV`3dYFaIS3nWcSOGvMfU2MmeymS3iMKR;fW0 zXn9f+pR#YAw@5RN%nE;Bys)tueaF2+T0MxA5*vltF`h>^sYQJC(!4B{o8nx>-e3VS zy(@lqF`tzK&vAQofGX{3)UvQBH{jGn?4;+=N;SF+W-1W#IZm^4W!y5BoX32BKqI`I zqi*Oe>iAVrwT_3Kc;s8_`ALijMT3emIE6!GB!XGA!sujT*%$DMZN=);r@@aGUwEH- zzDZkj5t4Y%3G-;vi$_&mUQqI5=KQF4+&V2HG;AzHCf0At;-L z#A9iMJ(lY*OCVbDI?{*?M^s$*2!HkTZLxTR`~mx1f>dq1qZMe+#{+c1g`kQpF}v7k z(D%{S`FLv^ZC#Nl<_S&~TLbXbq6rb`l==x5d@2VS3ukN>hR%2t|9V5oEt(PxwmaIp zR}ePMIwIC!W@}{axaT`1XgZtBbD;R1{DYOsY&tQ%tb)am~vNLJg~2AIXxk^zMAzOTc{R zmMtx?j>w>kp!2Z;uB2=xfbJHh&U?t3icwIaOmEKq>9|nC8FZPS2Ob32_}fzC9>a}j zXOJR4d4t88TOp`Ke_g1WCp+(mC?g4Q3DP%=Y7CC+HX zbk=aym_1W*K=~=YJ8OvBRvFv(S%uR0s^_tQ+(OkV~Nz6x{);A+2nbIgKF{>SRg?7Fyo~e>N^Cj|nsSl$azD zm2lZoS-`J%zS;G5c1NR8+XBL1BYd~E<+D9@ub&#=J(urb zXK68OYnQ$23(JabO(C3TO9rX{du)J?u|L;kw6-Rl&BF!yW`rgSNrX-q^kUbWP-!qh z-%r|tJFf~QU+p<1YgYL6*E_o}N8aw}o7X!pcN>?O>S+!leD^UGB>8A2v9={Q1L$6H zJ>Yw;`B`!vla_!*rA5}oJE>%0(_$;cfUeT+)22P95WaPfvE-xLvulL+qir#bdrFAK zf#^>t-tiHCh5H*rJ_OFQ)+XyZxG9LBh?Be|u5;P#&xp8P7 z1t}pup*QL<($&!vgC{AdLd({$qcPv7pmY~rjW5s32I`6R%Fx+*m#L^q_ zvUM9i-U_Uhh5sDTAM*&``JDCT?9NKnT2HoWe54|qVGca)Ww$^xdP5jktP=3Cv()N< zp)^)h64cX~Nk*oh(XMa$pp9{YBccw%VuUB%>a*SF&#Yo4!tC{cC$k}_&D2jX#xt!( z*&XWggWbVgM&WZbO_{G9@lT5V;bfM=Ju4Mx23(Ulf;G7{P%@zmsN51r(2y`0E|5%8 z=G%l3pnx)3`3h$4jlOx+^N`NEeEhRnjdC3*`Qxgj`NvMuEC>r8mMYx-Vd(OYtI*{i zTj}y6f&X_+luzQDy_1V~+{fVsPvj+LZ6WZ=Yfx7^;~ysrbai+Es*m?a7f2>}I;Fl& z@(TeufKaNskZrK4EFYk}(Oe6j=RdYdf&s+n>69iyLMVWz1N6Q6v5h9gWN0ve*v>9; zCq&*7!q87Uquo8^p;x1CzWL_o0Ys$fRqw^_>sMc^iZ4f_(a%NXpz+P#fW{wTb|2O3 zK0;!_W<2Q=tX;$VjL_NK(49BFzIonRZpmt!C~qQ-XU_3Tm`tcucABU#W(f{1FOZM@ zIT@fg)eHAq&b9z{d8%s@gSpx`6=*_2ers}vYdw6OAi4Xs_jUUL1&hGcR0ozq&is#3 z&vtD)_UoRKWXqObVyo7z-0uAsf7iX;;!|0}T=iRh^=FOAg}oQc5kQ9>dWi(_ISYg_ zhe-(5`R(-TJ0qz3MlYRKNNVmvlePyw|+0~j{+|o!aB!E(1HTh zWv|im?CyCxqt#dE#rlraQD0rpZnH*UiS@ZUy!f6nlc#pMbtzOW(c=&zxPtsaBLWT? zNj%4l1g_iz8!aIbrpzwW_a|o`e>^z3`nYR6QZif9Er|Y=D3QQiU+L4BusT)jORtg* zx3ZYhk3UW+`)Km+uJgL7$NpN=>b)f-#v#2S7YU#AzGymYs^56kbZyI_SQk{>lHyqf z;;Gz5DU&pW%s<43m|vx=1?s3w_%*3BV%za{8dTUt8Bdc826XMW84Yi4GF_lI)AkdtIAg<~Qek5p=h7vQvQxPsY z7MVuGa~jjJ?(&$50TD9c3qY&@-QomPjXK={YcS~;jYi(i-ZINCZ$D1-#Mei`_j<1W z*K4>VGb?y?dr4BUJPkMXGR=eJ`nF5`k-(R$lhb2QaY5OdgZ~=2Eo9@l&9$a@O7zB$ z6E3;WLv%yQtx5J$yAJa9BlOiJ@Bp!T$BqWU!@?vU#I1BAsI~ zM>_j>Q;tLC+3 zc0vPpR1ZMu)G)eN`TmxO4J*Br+Pk5FPJYOxb0UpnE%zDAwz^ff=^hNOxcgZZ11*iV zey?uX7dxZZyWY-d@9USZmtWwuD%ABDdhB5s^Sze$COXA;r#L?3DeEiwe>ipObS|Q? z(1>uX;EY`xwg~I|V>yIxA}|JwaQx9%tvBq$k+=J5cV};}+l_1m@av}g?XCN95jWBJ z7Awx0h`u!Q!)ac{&Dt}YB}6DVzz0Lo3@1++nEL|Ik`|^N|U}U;D^(4 z#nKiseu7FkHyO3T9>B(tkc0&;8)Oz)A9x|ATJF>9ylwpo4U-9;&PH7gZior-rNRdc zj>9}4#yP51!t)wUNpGUT%~X5@&FaV4Oly5+jlBfAd#q+h(ie!_ALE2D`9nG*7kEaF z$TYzX>VTq0&Q()oXVqrbN%{&SC-{CDnCb9;L`FqW!3nGFN(59cxphdP$k5VD4Pvy=v87)3*Xkm?m|LB4Xn zdf6vHJ{X=!<1ncAvuX1$)Q-gs9|JONSYPw)ZxIe|sA%#~Z2t=Gw=LMycnw;EJvt&m zA8+D1^f9#^{JFsi<*86y5D_{}KvoO=V3FZZfC3M)ge}w|!gm+E&ON!fh^M+(gOlhd z4;+D}J<<-9ESfi~| z1!B*MKnJx<=s!2KQKRSX7&LL)=)EAxV5`zylXI)CR`Wr%(=g3iOsx+(Ukx|!6#|wQ zqBc!Iubf?~ZllA4i+`v?ry3Rg@DgEBY5@xL2>w(*d>)W@PE1qxS%0{=r)O$)bxcx7 z#sPnTnPr&8zt-NbHXIOT?mk?Hd#c)TsUV&Sjk*lwVNQ&(i-b(+U0s^f;^Nm-DYKqg z*s&N26mpzuR`SEC0gK^K6i0G$p?!o`U3xB#sJI@}U&xypFXv)p^>JR*h7$!Zdyx6n z`Y9s6unB|og)$XoG+*#E3-L4B&SJOVI1U#Db4Wcj-FlWn$Xd+aL~0=UercWm>f}q0 zp(!eXwgR=W+B>lRTr@;1I3MT13N#q8KiBx~#HbtCIA*R~uyq{INkkGHZh;)JWrnha zo|(}-Ut{0_=d3c3ehWwDSHup+<25^~i3n#?sQK0e*;a(^6GP&BT(c0yWj#Y+lSPHi zGFMI~k_51AZNVg}SSE#MUKXNE3VTn)Oh>e z&LWF7GbiZ7X=eAiOf2Af9F4hDVti7Y*c!9N`Lu46v`^YwLSPv?1IR*mNB9oK@J4bJ z;{`018Y-epNX+~iim6yO%obpw7ujg^MaQgPNWu|MkhhaF%S2`YMY0|z1bI8#2G+UB zJh_1=UXW`Ie6^v14xg&)+U==oSu<-VduLt<=3)xxZ!v<5pEwE7hf}NLhVXb)K(xDU zb%chT&5VqiC^p8&G4>VRR7|Q4p_!{ktK>lk+ucY1=h;91_HXa`-=97EY2jV5{jx2>j9n!ZhA^Uf z?e)}GNtH-|1_ayGlv>GaPn3#DjIXO^&cjTMo=H(5$2c%hEKw)FkNkoQFv`q1R^&oft$J6Q%~ z$a%afr>V2=+ng-sk{3&i7=!BP1}mT5HoT9<-X5uVD&DYPd#f zn_xj+?LlH~!qkBoK#oo`{)1HVOCqG1^~%RXz4=GY(Ax9dXW92_65U%dL)Ch`1ow7C zZy-NxpBY}dHSAQ2)6>~zvms`)UY*y<^3nHXx3cohYhfC#TMDC+Rw*G9-*X$7v_|KjnUkyRA z|G4Y0xirPHnR0#gc7zeMT~yT>gLhr+@zcmfY^-29}*HRx0#oYaM1$$-hw+Z%jqpRlD zubWX(UW$2u1PQ^vD>rP8xea36RAM$)6&IxC!R z((-T8@^8}e-!CnH-5!R-{EEA> zV;ixEYDK$p7lSy_^d zA^A=tK#hF&>#x0}n`s(`s)CYle*4X9L9%+GYzcu2q3f@Ok{9<;dpGx%%n}}wO9EES zIHp?p-VE3$mU26A&A_;|J~*mTZ9NgGj#9Dz#53I*efoh9VPlr=S#@P{AQxLY%Z9UM z#ZV>J>6QnVBqWMg&E!2*?sIR1Kk2hF{qI5d?bAvBU+$IY|BF{IcQ^F^F`m`w|AP|# zL=(dMQT_W9^E4ztEiEZG+Ne5B=#%`))s)iNuIO(cb3#e~jl#k^eI6`Xe3xwFh^8FgvI9 z67pI`kV}2`mmg~-K4-{*joEU~(XSvc7No-b-7s?ySwZMstJs=-xz~^;oJ%1S99OK0 zs^hv&CjUfpXX-Tm8um4zSu`pl7K<=%}?9K;Q%yjXS=-6-38K!w5FZwYEQ zIS+bD0F~y7G_ePQ0eYKab=$D=sdlyxKtJv^lP`UEtte9&#+o{JHjjhHUm}=lM*6uS z_B#O8XNA!h4xi5on@pB!{&KG~WYxhzn2Rr*VwOhvnU+zHL7S4tA^wuly*kv-3A5h? z1+9$qo)F7=85m_7kE(s!pJ2uR@UU57OiR(E<@L)CZB67V6@KsP<#k&Kxv<%2m;bcS z^7>zam(%`s+y9JSRP?{QuQ&SNM|n#Af1bwMtl^f0Udam+H}}o44Gn-~7+djhmb2;h!bwe<~qBop(zn zbIz}e86?`ygpT{a(d&x;_p7~~4gG(Vr{LfnL{z9h6EdShCiP7FslkIEH5wecSg>aH zy%po?yuy8wNXw|GK~tujTzc{i#O3_xTS091~LJo+lxghuk4w%)(FTY5;?R2OQ>oEE3{Gw6 z(~`JVxg=`DuUags-ZA|VP^tEkZ-Y*K(aE_$TNkyeT+IDp(5!SXy1}x(2VyIFH6MA9 z+UO5}JndMstp2CJ{!fr_D(H-nz@tK>BhN7@dK*@wXneH~47og!53i#$f1(N0>6h zfN4r=tdFc^(TOF$>);S8WPJ;Wu%DRRny7Aeu>PNWC;T~|{`B8QuU!5Hxa0nJ@5OGJ z|9ka%bN~A|&+_-bA2K|6_#5CZoZH+1|3TCNW}zSX7T5{MySWJ7Ad+=)T&x?RGT-Ar z3St%9L^l}rh{gsD81~1x&)e7=tcGCswKymv*2d`I&y7fHr&JrugAIb!`15w$@}L}754)BIp6btG z+Ok2NR@CVd0G-^M)mnq=$?pwE+T^;=eXH{OdHUb~m2af`n}Brs|BuS~pI*G!+t`0R z%G2h`zuvpN68?OCAAV~hq7(5sHWX^O=5EtKVgTv)!BgHQgM8>=+kW0PhaiY~BE|lb z|DS5IW$aK4{o8u~=gsVH68`<^pI-Doz$D^KkR|Q@?9)O2UyWXr>Hp4)(T4s%%2Q16 z9*f-0;|LagOzsiNrS2GD5nV$%Kc7c2XN1Xpq#JZH{N<^n;Ju`(CB}ob9va1C0Mr4+ zq`Rxks&-zb8La07d8JPfyT#2cO384;QWoLWrqnR0%Cy!qv9I;Sin*js0%4M5lkpHv zX3o?+uk)#5`~sv>jzoT~Ajr z@ds+X6tpXSy*q#N@!j!<<992-EabCy|0)0FP%$wa?L^^C|1pUvyu*h*%`Uh7Q{~zDi?>G zNpdGUTg)iYxLC2VgBu>E5jlkbUoMS^)Em7ShDpkXcM?xRA_gJ%uN|=H+0$5mEqpAt zL8L!4xKgQZ-g|1*oR0~?!8r>TPR8=qc86*YgrwTOd2dWRyLt$iuxM(w()TnG@<%G? zKX4(>vJU3@*DX)33k_sgJl1(I3g}+`=xm{o3JGG={}%4{QDkUrxq;U8cM8^>SO~=l z<$x3+7DAiLi-nLRg0so<6Dp~X!zUK^%F*%G9Ai&Cl7~f&omyZ5y0(3E#>f7g1ZkMB z{xw`>Ws@ZFuQ!8%6&n=j2o=185$^Rq{`6420H3dMs{J;C^ z5>T5)qkDUwAkOl5h9F9(_G3DnCHZ%fIdvz7nQ5s&d-XLXn$qcMHG$Bv4$DBnkVr zCauBn(!7KF>vlEE!9U(#9)CQ1cXE7o_3@;lW~r(tv@`2lvZzr}0NdK!V$N%=g?k3XD`*GI(~oBe{OetA4Te}8#+{PFbQ?BLDu<;UZ*ql@#Cv-Lrt zPY+)*Kn~s?ogAMXu8&mo>ER0k$koB+o8zmG*(K3!;cromnY|IWCd#5{30g(eti7#$Meg#@6Hd7KAs#MpIs@^t%&#< zX5XvvF9Hk~=STUL?4Eg#i&QIF53+0GN~e#0>shO?$O3w_UxW6jyQX{5?w%g&qIAc3 zU3*dbYE;tn7xfUCAz{Aqnbdy)oqV&m_u@%;AGr3MPFo1Y376dG;Xb-Lyl8H;G;-aj z(G;iwt<>VE(xO#O^lCC8IG{_fj;gg-!{W4GOt&K3dTy#)yLgbR>l>WFb(|*BVkr4F zVWP5#S~ur}=WrLS^A1`@@$mX<;T17<=mzbnc4ZMC}Z^ttjqc7l8#o(u3|Yiy%ov8ED(zB-kexMf0O#{ROtrm92Fw?)Mx#{^jV|6lHIDKjZc$Zlk9Lh(-`NA*qt_zH|R^dHY^h>&fT?Wme0T|aU zPp(6bgMlqLOa<9TPZhuOG%LHhC3)Q^# z7R8FHwc}t${=pgP+Xx9}->pByIu#F%IUHKm4<+>fLnc=Uq0bYdn!h1TG4Gjn zueL)wp0k`%J<*5INuhW))6Cp^{Q|*fT>oDC-*Sbsgr~9RC&4=Nf4$myJsOqcKaEDO zHv9iE9#C>kbA(O;^*@3oLEdk_mGtS9+)2V9xLYMH%wZ}dkE~keh)h9*sZ9t|KqoP% zG2mY%uS;W~y%iI?V8IJ{UAA21dPov)Mi?++laz*m$(WY8gp39|+9#xjDAp6Wr%%@z zpTy_P4o2$?Wr8J{E%uR#4h3%w50`7F%K;NnHE1Hr11G{*%xCK`(-aaBEg2Ru=dgx) zE(Pli5Sw$gKt9`QU`T|r;E;fDIsO$9j^T`7))-xNB2gmN+v>M>ROrFQVVdBujNlsn zl+Dr*C#8>15E4FDr%oYm$W0-zB@P0r?ZPe+$|Ok+6?315Q2cMfnU+omCI*LMTA_;g z>F>|}7ep`n_S>yXf`i4@^Pf$rC+=FpH!I`7F(_nW-KJLQg4~cKzjM@`jEgVV(N99K z$ee|;spPNL(MLptz?qPsJ2@@9tMp>RweH}U?v8d9i>nQRgg+-yc89`a!VWG@KD-zg zUMn$3_z4ALzio#I6mxh={e%lXm4nNykN{uy zp&Fq#dgYCF@&*P9O2|V8m#66c<;gx8igc0f1U)t6?p_P{55fRh(c~>XUB=6 z7LpdFIp?e?NLoc;D0mspDNu(D5lGI7-7zFEAVz$Og*Um zphJ=fB<4H~14Bk6N{G*AjQ*0fCXnRN4e&z}!7gMt)Vk?ygjs+hyg&(2?V^-9E!^mn z6`k^gzycb3k^SLtM&%&mU85*vR4%kMPbaD5i5LdthJ-^wXC6-cIh6!>(xEyLV6Y5U zV-N*jWh=K;0A2+%^#c^H1^g!Vi52A(2iZD%JY^Dj&oYrKww3!^u@}IM;e@`vlp`QV?BAA1d1=D~PV<1n8398YEvf$`BMA zpewa3Y7M87FeoHc1+4d2Q{}grHVREriKs*YCxUHlNi@edMD3jk8EjQX8sWQlgv}Hs z{-&&4K`5fke%+~jY=F0VLhfq<*#Vh%wj2P))~d`8=-B|BNaSb8r&6Q7wxG3VH^ou^Ix*_ciMGuu3jsn1u@lcafVyMY$^wtbXkFLqIkQQBso`yo?T$!WBB{I z1_$E^WMwfx2WCWo)8Q>%2xN36!M0&D0Yz_V7$S3i-w#i%Xxj@0R^-*=zMWHl4vVPx z0-LBoWWoxB8Ryd+R2mU;>TX&9whD|?DEtv(=;PT~Q=f0YMOR5`DHu%S4$W}%`D9~qMR~2+xt;>2QNIzc9iCbH& zps6W-D(It%pVY`2S;HEBE&qs<1TRY8Xw4Lg?9oZk$QrM}|88WF<~cvMEW&z7%N>I9 z3ca?mtHr(@SqMf@TE@JgngO&k#c&=fzMHa{qE!vVqcWUQB^Z_4mZsn}!|8xY>-PQq zi;PVKy3{>XhwcrPz8|X94yW=`GoX%DmXJIF8`-Hkp7g79QcAv*ordVw-!?ZAf0!Ey zv-YcBOpJ8{R{5@wxX{6%a7~6b_ZXXdjLkj9pYR@|BrPpNG(L`F;`da7{)hRr_zuq= zgN3-ry8|3!C}lheNTT)|0S%6jSj<6C%?O@mYg3`99Z#I;fOaB)nBd{UVaF#6drIe) z3)@QW<+lobRU^|h4AGPZBvcZ3!c!I?nb6oVjHrrNEey=&dT9lbZZ)B(r4~=ajAL3!}}2 z(dNQvb76$O=nJDSLpZ3v&REAy#B%I-&Kz6Dy#4ZG$-9eo9vv;gr+0v-1`xkD!kFyEw_;Z0=3|!1pE-BJsUlIgUu25Fc(j9O_!2rvvm}kk)Gy#kLb1 zY;GYow-B3Kh>bTz2A$u#y8Cl*3y)&n--GHK-noh98do>(+>Leh#=82?s&4*MTUWP{1kJI3cBS=( z-fXP1HwydKS#A{e8-@KwVZTw>Zxr?$h5Zs;ZWQ)QRQl2s_Diz!RaN{Kt?}QOdvDCW z{~-4%`H6#lpTv>`XXOk7PjyCHn>GM`I>H+I>E|c9XA)!?4b)4Uve^6WxBKS*XvzOF zn3FJ~GsY8gzdpM1KfQcW%KxeXnI|LIYluh0dSk|Yd-T)ozs55n z22Z}y9GjtK0*N^ZLo^HdMCZDuY_^RO5*ii~%enI&v*5{BhQZ_vJ&O}ErFV)qRIK#> z|M>u&vv2`SR;-7Fl-v+fMg~s?N8^v`Z)k%3>oi7F8WQp3uLE%#Kl$rmg0G+abs!`4H&5v7$zT7k zCtsltIH5ch=;Y{FJQ!qq zr(^%W+? zkK%r3Jjoal4>{YwIiIuKZ>W&`$G)!Q{mDkH`GYLwPn@@N|7<@+k&s3N1*uU#3Cet; z<9r&nzAyvi8YE=;FI!wSB_xjGg7v{c$?_n;l2ol59I;MUyUJg*+eNr(_zEqQM&90v zfncG54~2J)b`vJ8AzIN?!Va^b7-uqB{C`r&gv`OgJcziL5YcNNxFrtgb79n2@POVq zA6@={Yxx6u=u>4e1e&2EZ)pU|jh?vUEdWUwY<46SbB-K-=Pfbr#O#A&4&0$yRf2Tr zE8HrD;M7#O`$8~>%F^1lcBUrG&3Kdl6CgZfljo(bQsz8i;s#Mru(iO1NQ8cS4&Spxjvw?SSYhc&0&S3Q&t> z?5eQ@JS4pp!v?A04l34Dh{;15RYPh9fP*ck5>ya?IyvYA7a6Gv&X9J8f@6RutS&Nv zI4Lo?L;)1tN%>`|kmI_+ZbP%%8pBM~8ImMWd6b)91|3{iNGkvj~3f>AIEMgal<0ssL2|6hIWUjUR00PYTid;kCd literal 0 HcmV?d00001 From 1bd5909e963f5461b3cd4d877b5be72e547681e8 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 4 Oct 2023 10:57:24 +0200 Subject: [PATCH 12/19] bump cluster-api-azure-controller --- bootstrap/helm/cluster-api-provider-azure/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml b/bootstrap/helm/cluster-api-provider-azure/values.yaml index 64419e8b8..7ee9e3a98 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml @@ -7,7 +7,7 @@ cluster-api-provider-azure: manager: image: repository: ghcr.io/kubernetes-sigs/cluster-api-azure-controller - tag: v1.11.1 + tag: v1.11.2 job: enabled: true From 888037b8093c91eb5eaf2ef32b7840bd9c4e86bc Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Wed, 4 Oct 2023 13:45:24 +0200 Subject: [PATCH 13/19] update aso roles --- bootstrap/terraform/azure-bootstrap/main.tf | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/bootstrap/terraform/azure-bootstrap/main.tf b/bootstrap/terraform/azure-bootstrap/main.tf index 54eae3833..d2945cd1d 100644 --- a/bootstrap/terraform/azure-bootstrap/main.tf +++ b/bootstrap/terraform/azure-bootstrap/main.tf @@ -1,3 +1,6 @@ +data "azurerm_subscription" "sub" { +} + data "azurerm_resource_group" "group" { name = var.resource_group } @@ -204,14 +207,8 @@ resource "azurerm_user_assigned_identity" "aso" { resource_group_name = data.azurerm_resource_group.group.name } -resource "azurerm_role_assignment" "aso-rg-contributor" { - scope = data.azurerm_resource_group.group.id - role_definition_name = "Contributor" - principal_id = azurerm_user_assigned_identity.aso.principal_id -} - -resource "azurerm_role_assignment" "aso-node-rg-contributor" { - scope = data.azurerm_resource_group.node_group.id +resource "azurerm_role_assignment" "aso-sub-contributor" { + scope = data.azurerm_subscription.sub.id role_definition_name = "Contributor" principal_id = azurerm_user_assigned_identity.aso.principal_id } From 3f22e897259515eba96d410f91824d6e3814c1b7 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Thu, 5 Oct 2023 12:36:54 +0200 Subject: [PATCH 14/19] add aso controller settings without clientId --- bootstrap/helm/cluster-api-provider-azure/values.yaml | 5 +++++ bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml b/bootstrap/helm/cluster-api-provider-azure/values.yaml index 7ee9e3a98..45f4808d4 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml @@ -8,6 +8,11 @@ cluster-api-provider-azure: image: repository: ghcr.io/kubernetes-sigs/cluster-api-azure-controller tag: v1.11.2 + asoControllerSettings: + azureClientId: "" + azureSubscriptionId: "" + azureTenantId: "" + azureClientSecret: "" job: enabled: true diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl b/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl index 0967ef424..e8875bbe5 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl @@ -1 +1,4 @@ -{} +cluster-api-provider-azure: + asoControllerSettings: + azureSubscriptionId: {{ .Context.SubscriptionId }} + azureTenantId: {{ .Context.TenantId }} From 56dcdcf3403babf4c36920b2470e1361aeae59c6 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Thu, 5 Oct 2023 13:44:20 +0200 Subject: [PATCH 15/19] add and use aso_assigned_identity_client_id output --- bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl | 1 + bootstrap/terraform/azure-bootstrap/deps.yaml | 1 + bootstrap/terraform/azure-bootstrap/outputs.tf | 4 ++++ 3 files changed, 6 insertions(+) diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl b/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl index e8875bbe5..d2e586964 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl @@ -2,3 +2,4 @@ cluster-api-provider-azure: asoControllerSettings: azureSubscriptionId: {{ .Context.SubscriptionId }} azureTenantId: {{ .Context.TenantId }} + azureClientId: {{ importValue "Terraform" "aso_assigned_identity_client_id" }} \ No newline at end of file diff --git a/bootstrap/terraform/azure-bootstrap/deps.yaml b/bootstrap/terraform/azure-bootstrap/deps.yaml index 321dde70a..323657a80 100644 --- a/bootstrap/terraform/azure-bootstrap/deps.yaml +++ b/bootstrap/terraform/azure-bootstrap/deps.yaml @@ -17,6 +17,7 @@ spec: kubelet_msi_id: kubelet_msi_id node_resource_group: node_resource_group capz_assigned_identity_client_id: capz_assigned_identity_client_id + aso_assigned_identity_client_id: aso_assigned_identity_client_id provider_wirings: cluster: module.azure-bootstrap.cluster provider_vsn: "0.1.4" diff --git a/bootstrap/terraform/azure-bootstrap/outputs.tf b/bootstrap/terraform/azure-bootstrap/outputs.tf index efe752e56..b2e16e4f0 100644 --- a/bootstrap/terraform/azure-bootstrap/outputs.tf +++ b/bootstrap/terraform/azure-bootstrap/outputs.tf @@ -31,3 +31,7 @@ output "network" { output "capz_assigned_identity_client_id" { value = azurerm_user_assigned_identity.capz.client_id } + +output "aso_assigned_identity_client_id" { + value = azurerm_user_assigned_identity.aso.client_id +} From 787180cdadd8d820c1fdafffa41c14f13e0b0d19 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Thu, 5 Oct 2023 17:09:20 +0200 Subject: [PATCH 16/19] use signle identity --- .../values.yaml.tpl | 2 +- bootstrap/terraform/azure-bootstrap/deps.yaml | 1 - bootstrap/terraform/azure-bootstrap/main.tf | 24 +++---------------- .../terraform/azure-bootstrap/outputs.tf | 3 --- 4 files changed, 4 insertions(+), 26 deletions(-) diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl b/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl index d2e586964..e688b83aa 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml.tpl @@ -2,4 +2,4 @@ cluster-api-provider-azure: asoControllerSettings: azureSubscriptionId: {{ .Context.SubscriptionId }} azureTenantId: {{ .Context.TenantId }} - azureClientId: {{ importValue "Terraform" "aso_assigned_identity_client_id" }} \ No newline at end of file + azureClientId: {{ importValue "Terraform" "capz_assigned_identity_client_id" }} \ No newline at end of file diff --git a/bootstrap/terraform/azure-bootstrap/deps.yaml b/bootstrap/terraform/azure-bootstrap/deps.yaml index 323657a80..321dde70a 100644 --- a/bootstrap/terraform/azure-bootstrap/deps.yaml +++ b/bootstrap/terraform/azure-bootstrap/deps.yaml @@ -17,7 +17,6 @@ spec: kubelet_msi_id: kubelet_msi_id node_resource_group: node_resource_group capz_assigned_identity_client_id: capz_assigned_identity_client_id - aso_assigned_identity_client_id: aso_assigned_identity_client_id provider_wirings: cluster: module.azure-bootstrap.cluster provider_vsn: "0.1.4" diff --git a/bootstrap/terraform/azure-bootstrap/main.tf b/bootstrap/terraform/azure-bootstrap/main.tf index d2945cd1d..c354bb632 100644 --- a/bootstrap/terraform/azure-bootstrap/main.tf +++ b/bootstrap/terraform/azure-bootstrap/main.tf @@ -180,14 +180,8 @@ resource "azurerm_user_assigned_identity" "capz" { resource_group_name = data.azurerm_resource_group.group.name } -resource "azurerm_role_assignment" "rg-contributor" { - scope = data.azurerm_resource_group.group.id - role_definition_name = "Contributor" - principal_id = azurerm_user_assigned_identity.capz.principal_id -} - -resource "azurerm_role_assignment" "node-rg-contributor" { - scope = data.azurerm_resource_group.node_group.id +resource "azurerm_role_assignment" "capz-sub-contributor" { + scope = data.azurerm_subscription.sub.id role_definition_name = "Contributor" principal_id = azurerm_user_assigned_identity.capz.principal_id } @@ -201,24 +195,12 @@ resource "azurerm_federated_identity_credential" "capz" { subject = "system:serviceaccount:${var.namespace}:bootstrap-capz-capz-manager" } -resource "azurerm_user_assigned_identity" "aso" { - location = data.azurerm_resource_group.group.location - name = "${var.name}-capz-aso" - resource_group_name = data.azurerm_resource_group.group.name -} - -resource "azurerm_role_assignment" "aso-sub-contributor" { - scope = data.azurerm_subscription.sub.id - role_definition_name = "Contributor" - principal_id = azurerm_user_assigned_identity.aso.principal_id -} - resource "azurerm_federated_identity_credential" "aso" { name = "${var.name}-aso-federated-identity" resource_group_name = data.azurerm_resource_group.group.name audience = ["api://AzureADTokenExchange"] issuer = var.cluster_api ? one(data.azurerm_kubernetes_cluster.cluster[*].oidc_issuer_url) : one(module.aks[*].oidc_issuer_url) - parent_id = azurerm_user_assigned_identity.aso.id + parent_id = azurerm_user_assigned_identity.capz.id subject = "system:serviceaccount:${var.namespace}:bootstrap-capz-aso-default" } diff --git a/bootstrap/terraform/azure-bootstrap/outputs.tf b/bootstrap/terraform/azure-bootstrap/outputs.tf index b2e16e4f0..dd327d132 100644 --- a/bootstrap/terraform/azure-bootstrap/outputs.tf +++ b/bootstrap/terraform/azure-bootstrap/outputs.tf @@ -32,6 +32,3 @@ output "capz_assigned_identity_client_id" { value = azurerm_user_assigned_identity.capz.client_id } -output "aso_assigned_identity_client_id" { - value = azurerm_user_assigned_identity.aso.client_id -} From 280f163b4c962d99260dce2f1a262616403a121f Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Thu, 5 Oct 2023 17:14:39 +0200 Subject: [PATCH 17/19] remove duplicated line --- bootstrap/terraform/azure-bootstrap/outputs.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/bootstrap/terraform/azure-bootstrap/outputs.tf b/bootstrap/terraform/azure-bootstrap/outputs.tf index dd327d132..efe752e56 100644 --- a/bootstrap/terraform/azure-bootstrap/outputs.tf +++ b/bootstrap/terraform/azure-bootstrap/outputs.tf @@ -31,4 +31,3 @@ output "network" { output "capz_assigned_identity_client_id" { value = azurerm_user_assigned_identity.capz.client_id } - From 8ec01f5a1c5d8a08b6e1f033b2545d31d9f8e9c3 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Tue, 10 Oct 2023 11:05:33 +0200 Subject: [PATCH 18/19] bump CAPZ to v1.11.3 --- .../helm/cluster-api-provider-azure/Chart.lock | 6 +++--- .../helm/cluster-api-provider-azure/Chart.yaml | 2 +- .../cluster-api-provider-azure-0.1.14.tgz | Bin 78882 -> 0 bytes .../cluster-api-provider-azure-0.1.15.tgz | Bin 0 -> 78882 bytes .../helm/cluster-api-provider-azure/values.yaml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) delete mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.14.tgz create mode 100644 bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.15.tgz diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.lock b/bootstrap/helm/cluster-api-provider-azure/Chart.lock index d6dce37f3..2a4cd353f 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.lock +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: cluster-api-provider-azure repository: https://pluralsh.github.io/capi-helm-charts - version: 0.1.14 -digest: sha256:9c1de7994f14b1d263b1c967ddb2ada476065c964dd953521cb5b2a8b92091f7 -generated: "2023-10-04T10:55:48.444139+02:00" + version: 0.1.15 +digest: sha256:8075f30bf9379c8649ec9a5b02594c83623825c52db08d8e67df16a0b5664692 +generated: "2023-10-10T11:04:49.657598+02:00" diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml index c6513869b..abd23db0d 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml @@ -6,5 +6,5 @@ version: 0.1.12 appVersion: v1.11.1 dependencies: - name: cluster-api-provider-azure - version: 0.1.14 + version: 0.1.15 repository: https://pluralsh.github.io/capi-helm-charts diff --git a/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.14.tgz b/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.14.tgz deleted file mode 100644 index fff8656f3eeafed51fa488df1be7aec65a90d91a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 78882 zcmYhiWl$V#7jBK~0D}dW!Ciy9ySux)1qrT$1b2501Sd%F;O-JExVs1D@VsArr%wOq z>Yk~Zs_yE!d+%$lO%{uU1NGkqp@(8LlT~N4kX7PV^yT9+=hSAi)Znty*Wlw;(bncx z(s8smbGG!=RC5uMwQ_WVI(rMqSm#b=jX&I4{}Ed8xVdY|ZLV>GI2 z<}#UHQ@CW`sBA|P=FvjL9JR|oq|(OhaV0&!p<6OF|)JuTXC z@OKY?{~jNYq7P!{)J<8A+SBDX971jClOy@>!Ay;;TJ)D$sGJ`!u6FP9E~zL%g5Uz- zst{mjW*|Ronoj*8J?(<`5HaE4WFEMt#3x}u5DY$(na@{iJt&KQNu83mr3{fNrc+S% zK!V41AkyfejqzZkA=cyL*CT0=`E)MMzllAKahPtEeBtmT%x72REj7F+(d;DnEBZKv z2%wLM1>~6$bS9FBam;Du8sN~tmMk?x$h706&rgoSjwQUMufWrc*}k1SNxAox4JSyY zpU;&qTSR1-mA$^Jg_Pv0pPkAy6|Q{oOvGo6G^r$wd{VMH(7FJe(K1d3KaJ>v);-{`^D4Qjd^MIx9{tbL`IVC9LBNg zK#THG?LH-OfH3yWHYMz@mU0^_@H=uNu>H<>EKCDcHnTn@PSZh;&KivOv!&ak+e5t} zLSaN0T=4ATuINX3ez+0k`0Fu|Jv^frp(ut&I5cy^w{7X!_hvodvx>~pS&9lU%->FK zhqMD^`PW-C`Y86k7K_rkRY^xDgW5?RCB6Cdhif;*UQsoLTx;$LtVP_%s{0eBsrWv`aH|a8JzczCUk(s0>)P-qzrK5 z)oS3A^0ppH^gfi~lhxmHit)Ss6*b253Gdj)@PO@BsHSs8lXA+jf`#`Xt>?gR`g9oM z>XR{yI>=XD-=#OZ18)-&E{%KMhTl4u$+rI49IU>27rbA;oU3?WqV@#(zb!xLr>~{b zK>ZyqJqrzI*?Wsc=#A*gaTf^4M@nT13QzcWf;YQg-!sTMvR%Y2ZUdl$d62<8Vx)tB zhC|dYX};e>>Nh+Snp*tX-kn|vE5R8XO3``)p zcynYXw23w}>Cv#RHUv3jTD!V0coXYgnoTpv0MpieFNpfP}pdYsCGihVMUl<4z>9|QJOLRRBLg5~>Vem+TfO5m@{t2GE&eu|0 z3@r21onnYw%MXFs-JpN}kOqLhf~~N9E;g|vk4+*41qGAHW~mY6PtiWe8vz2p5d!T0 ziXbe9VBnYHL7-9<1(91uQC^?{RgUa7?l+aR@3$YI%2}f#*@OlqA+Jnq^oH~RXiQJs5$}`QjTLoF< zF&+uG1s>8MbuLYoJz>{gmi&eZXq}=x+-lxYM`Am`d};2z^wrnUF<%*fuabhCzliW` zrK~(&I74N>Koo{YA0gwbRS=Au<8}z6@b7d4(W03Gc-8A)Wyq?}e>M;_)#shy*6tw} z7Tqs)V-RDL{nwt`oBgu|NYoSf9dh9TRj+ddF;5=8SlDtaH=y-t+t;MHyruuUC|X!I zyq_3UPRNwF)Z2O6bngJ?-z+-QBnkwVuh;}dB)8H{`=E8{Eo4jJN#f|IelOyPriQN< zoq4Q;7pDueJaXF|)&}dFOczABZg%$^T45UNe-6Ijd05@(M=8R9{#J%>!)Gg~M-wP9 z;V0hhG6~`-%ZIOohr4BOGqU`}ZbohWnaqLO{Ja0AG<*#G>sB#e8)V6Ncr>;lZgcoD zitQ={mGctytH1LqnU&h}Zuz$=Q)+C27^@afM}24B(Zpn~)+mSP0st76 z5Gi_xMj_g?lSqCrmI%B@m@%9EPaq%C5~!l(@&4m*=~={n`1cJ$@_qI;uf$BW-E+*I zAN*U3k`7)m=wmTv)y}yVa&BcNaJWbLhOH?wl(vqtXTI8{TrvF2355H?osc#qAM~t# zGj_T31Jmrep-WbZpJLPUoe7zGgZ!aT-YU;>xi#ra_fCp>ouzd}8I#3wbyonA20}e* zQ|(t1Pmd|T2jydK7P~aOwbj$_(*A!v(Mws{KoX9fa;X;_TmiW?&9rKS&$Yx znCr6z-=ChZx7QmL&W(x3hw5weC(1BeGynGAH$>iFZihu6Pq(LSA3y(k@mA5P0=Z9E z?(u(__B^0HHp4D!yY6{B-{J|-{~c7^SstqK)wyO-OzF9xrY6VmpSM>)3?%Z|atWd| zO$vN)X0{`nT1te*U~~PNK5^Pi{FY`m^|G5Fhb}zI)|5pm+{9$|&mi$Z4-F= z()Lqg0+Kg4Y9!*C?ARc%y9j;D@k=+L=4ez7#2H1ST9VAuTcQLUx;0Q+{tY5i zdmhF%y*P2?$jWtM-Mvhb9k`=E@imMvj>aYn3`cE{Wlr~1nxAH>0oRolu{O8d{U-Q! z010Qo)*bQTcRTs+QFcFWz)Q($o^4)KNtHY56SL*pE_4r3et^(Re#dydG{jvB;+y*K z3i!xh3kn@_A55lDz#=8RyFsMo$2z6{d*vo}$D?;T0s89@%V$>jJnwMsI!Nc(I%M_k zBo#uk*ED&v-jS;|m)FW|F!?6`<5x0OKG2{AGn6W&D}zdf0X)Q6xB3l-gi+IY1L&;f z)X5cE``W`wVwaR44(II#L-Yc1{GyQwajP@Qe}MoC;?ZNi4F7FW|{IHbQkjovVG z05+pujK2vt$S?<7h>^M5)EnI6r9ywwa#gFWz;$~vfP@i~A#$@^rZ=>S15P+&r0#Sam#l1Za1c?@?| zP1Csc7Bk#31R+UTK==kmE{IGL1^5+OOoCU~h@d)oyu3FahT@dmyyfa17!bUIR`9zU z4<#ybj@xiwN=w}ws7Dg#BTvl{3>@UMKm@^$${7Q$fBYH`F$d1z^2NO;bEISp9f)1R z_)3CegUJeXyn*JU4XJp_@7FUF?$B-bQ6YsWON5f?pVqZJue0(-FU}*wQ<=JOa1el- z4-;vYV;l)w(ab^@ElVo6Rx{*69*o^F&K@t4DY?m$mRx6phm?b>+t5~vd2L-?Hwlk4 zpXW^9(moCD4;~u|%!ai#}vM4-p zShBiPCrh)zc-+*+V5^5>p}e<FICAF#xQ_IEV43+La@$aW01!$eaF$(92B{vL-{N1 z0M_dS4467Bwpr9LK#J^E{RGOF;8>%1R8GD`leshs;8baG>Snstu(a#QHEPKg?=yfi z-RsZ9Vp~Vt9P~1}IuLirD#LRIf8yzVgU`lJS{ByBa4)pev^Ej{br8{K8{ zt&MF1Uy1S6JFPlV9?m@?q(4KCwJ3iH8@B;OHmAJ(DOe@;vv_ZfOG8q*-1KjNb0MJk z!QDe%w|{9OZvBX)jLNqC5A#w zdK40Gy6Y(Mf-t#x&#M- zcGPqK1SDiLA%8I%I}0gAsIk@si8MKorscwa?ZiK?C-v};;*Oy+$YC`Me6kAZlcq6n}MMl+q2!4LynI^)MZqTWIu0&{t+%IB`~_+>Z&i)DJZK~^p9Ot>zp zqr#;6l8EUi)dzKAu3zvs$Qd!WG(b4VoD@OK~32F}X(1b>}w zc3mZ(YvhScJ{MD}KJ=|lTo2Ybd?swl7Rc58iB_OA#}r^ghm5)~?BIkUTgYI5dozx6 zY+^Y3M}`F@_%I?7-OZ<;TM<`Mi;gX`Fcio#b2yN!(XWw~Id}L=fu0I83^0K~1uCo8 z`01_W`?*wiupo+tcvSNn_%F;aREEp6`jmZ+~h|CPbH8Hsbj-cs&;s|-hN!9vYZWDJk2RsID7iI_F%Vzomrta%5=!a63q z5y9%fHF0MX?>0NTQPvw*=q&V@YNHl&+tYJ>BjFKK&G|}odRjVcU8{xtO4!`zs}(A# zyu%7R(?>QmQ{0lg@S5NF#ncFaIj7Aj$#3J0oC@&6RL=o2s|zL*91D~B=PO5te$!vP zF#MJFxfQj*GN%ElPS1XDD-omyZljKMs-$O{CPI$dD9t-9Vv@wZvI}2KDJC1VsQdjJ z#3Y9lpb|_WSpt86oO|e=*Bf;J?dXP=2oPKc-=PCS?zJ_`89^{~%-uR>h0 z13mn5WKuRVY3U!g+#@+cIvP(DU%%$fGTlZ%9G~5}$F{I!h{{!RpDT&@(6{?Of~nRs z?$M6pdm(Uso$QD-)vJBrI&#m!n^;+aV-~b9V6`ZwD|M8HFQeykrK=ti8=5E*`)-fe zS>&`t*{Y}88r4BI4`SNA#hwLzDBn%{6g^@un@)}G-zK@Kv`aLQ)e-DiA`y_I7nHZ5 zSDk27J_0n?huTXS?weBBimXCW+ebm8_%7xG*b1#+P_yg8?IO{k^XcM~w8MR>PSkDq z15{U-Y7>wgO}o(s{kmzCkiAL_7+_)9c^B+EtFD(2H$}F=onvI=1D~O<7o8pr-|u&` zV})A1;gm5Y|M|7m^Tgkz3DmpzC`GbgErtJJ{mff&02-Aa3IFEZ4%q3yKPT6B%82$p z3<&Y}>DAR*bpYD__ob|kDR_Owi)~e`^cqzHReKY?FREjQSQbr@8>w|Kq6nT5Plwcb zdirXae9Ce4m%MvrSu6j~GYTys2R8u^W*%r#7J1HpTqB$YUw$ML+m?L)#L_9NHQuW4 z6=6?u+AA}_baOPMVr)D*Er7C55Ei^t?cRHCk@xf1Xf`wwgVL!8* zZ~@FRi&I=M@|*qeVE=ULJK_DmQi>Y7*m5iHNC8N6&0DlRx9%o+!so(^CqGSHNuGiq zm5W}%(2-Z}H*klH;-oYzeW=ZGd+3g@1mEAP`H6?!oa^caA@RGGke-hA4!7JNdpxCoMj@vMW1R0 z`-pH6{Jz;U|NTiln90_jp0{kH#{$qZFXf#^@_^-X>$Aj6ZrLtdFf??WE=3}|a__HM za=6*mM!n6pKcMuNyrN&y6;u{ho@N@q#~f5-kU*hCx7o{Bz=@ULmAUx`hgA*}9~4y7 zHD_zL+X!u1V{j^d1W*p_=eUtGH^9b(usKoO*GP5mqQYgY{Wc4LO}n!-O*C60 z#s_E7oYWOoY!O@9CLkc`)g=%kYaDWj!3+W-#lUom55gyIudLX-IE+UG*u~DwnRI3w zlBRbEU`&{u6=>IE!(#w4Tsue{Ms1d!>ZsIo0~Atx1}y;-kj+C+rD|Fz@Udevl`X_T zpoxG(0W?R!p`b?sknf=TDigQod{G0Vq|CViE)b96g>+` zP$R<;kN?JOmID?D5io!YV=9=T(vEjg(d_0swrtyJ%+mS%JX4-nAC2GLUOb$b0FA8E zvO|yiXOmX5m?LX%En3Iy5_6OWJYcCqbY=Bv_>FFA{>|6YH5I4gR?<54vzFKz+`Jbb z8)k=-y|R;wmW;=u$CA?nOA^WNo@tr4Cv#aoVBw=xnY)v@20kwPVXsylZ@K5lTJaw& zc}83;K3tOHIAOtc;BpcR!+GT24YmUNk561IjeOVF{SMo8z@?uzoC@AZ=cgmPdq26c zU>D&1{pT%U$LfLeWb`yx7YU?98tl`tOQu!yp+U!rPGZhblPX>lr}EYb#}GTE#L3;0;`vcPv~4tt(` zf6F+VP)iZT1{G||DG?K`{(<`v^K*-6FH4e7MXpPhzKs3zRBg^*P?25@+Y9t$_!GXT zV$GbOY{J$QZzF1>ddN@e(bY$Yf8>UEy3H0YvO>uOa7CJ@=Tzb&PuqlQhi>W6a4*cO zYbguS^cy&SNkuyOeo870>C+J7Z*lo^v}M9kiH;5%|6bv#it00%K}(@X(Cd7xIkS*d z0US^Mo9@o+A)Z^8SEg_dBSQkE{%HLcj%j11Q@W>b4kwPKqaYxu+5b8O9verdY9Wty zQT1WTQwyYSg&%?Oqe(M~K8FgW2t{E@*6-LYzMG63J<#EQK&1M{27_rAUXFpqFe+p& zZnX;+!=O5dqfk58!ujoz{-9-Li5)Fjy33-dEBRS8+K2OAMEIL!r6 zNG@bXrjT_ids#}X^s8`QNW#5DiA=quR1XAVA#B7LD6sB!9{h=-^Vy48*v%fvIZ!Xg zLLidn2NnHoLBNw7pY+Hh^_fS`x}eT9xvmoR4^0;D;5#KZIc|82ewI_0y$4Hp{C zsz8}jTH3==rC$|&k6k-6;8$*TIxDCqkvX_Z9Euj!Z?YD|jQVt7g| zl61qYM5NsqCNKHO;_QlVjji;P_+Q&)%Zi*pJQ?bqAQhSYgS{(TL`Bxo2l=P7^|xb8 z#YjIfubH`Hz+#bog0NabFvm1k^+2*SMisis*DtAlgQ<4!>IWQ$#@48hxoC5~eNDcb zYG{IF69%3nJeYZ}UF?xFkYA z=sfvX`6*0HIVydsrN`46Tk<1tInB}zI-YQpOIUOJb-rk*-fcEyH~_!N-Zot9@W1?J zb(XfN%0uXv@-#nGodU)8eO)fGl_|{fhsdl4e7c}AyP&^!emeMjSv-gs4xt%?IkYgY z(U;>XV|SpE#uzuV(hdUJX46&_xn@In%#uWQB^f!M-U`*jr0uE|77OSlq8Mp3T#swE z+$=tpUGqk{qMjEbBBFxhS`2Qhg<<%#xlfsB7-OioSR@DKtLE>n|8yA~Qj>n3 zzzdZ8j>^KvA8Ozu4H|Ogp`pqpl~R}(xBo4les=_wYytVH*1+c__h?xv?~BotWPjfo z+W-A{1VH7NoiGt>QGlJyZ)ScHXDQHY`=GK0vL(A1BTwX*{8}}j8zf4|qYsE23?4cd zQH-07l!E-RMBw|Hox2eI3D$;|2(#GBuaST)Y+B_Zo~(q1j%a7$aK(#GBQ-$c;*xfA8^aTTO;+HpWM4;_O&p~qC_6pA{Sk*^cp>`=t~TwUXQGzd#rX8~ zBI@BtyIc+|a-Ggi_(e>6lN%=hf+RBGVy|v+g>8AcJGwM2DPaqdyr@C zI%Aol!o{gA2BjM?4~nSi*AQi~);`Y0I@=TRhmtjyx$ReS9b+i~8K#7_W8?lp$JWe3`H{+I}~tZ92a$LMmVY5*WO1y#wDv%3;|2x>itf0eeFa zuo#s8RuD7+mMRYiqYrVpDG|q`8BYDPiBpc#`26xNpUh&?8MWQ*`tAe{*Rp85a|QeO z!Ze4?CfC}yl7Q`RP_y@(rSrd0Xp_*40l2?4C*IX$fZWdxfl4UZxvf01`b+8^il zUVMq%w^-_IE)lweVD-Zi1Se;!d@5wdy32-2J22%It-Z5^bFU5xo=!02E3=6)a&io& zD?Q|GK+`f%E&I|h>2ROXJ>wd)lGeJ(+AeGjRr-p5M^PAlMh>K_dJKn#hyAaZIruFR zcg0a|;FY!Nc_Z167!doJS5AOh?i|HgpR#1~^_x!qIkBWOp(Vd89oc8fB~)GWxnacY zQZw2sV4Rn6TKcex_!~YbwRMslr_AElP>6h)FF9q}*qmMETqL%Tg%-Rqx>@}RA`e2m zcG}Y{r=gbk5&2L}x2mT<>?Z_;BM^pp}6A@%0z~3 z6RFvbU!?n4z6O_}GfPCwJt%{S6yY^M-thhhj}&Xn0#;(I%}lnpnU#tvb@&4vxC|r$ z>+4zRN=t_$BhYpuLqZ}G0zyF4LfmYQ_&fl>8Rsb~fd054#BAUvw5iX&BCQyh6go`* zHtt7mRbH6@62SNzJ&bsHI6mabw9l}ng@$am34yWZh>XB5p7gtOa1r@25ok9uYIbEN zCyQZtxDdJ8n9W>0znYkqa9(SloPfn)5mh`+&NyvA!seium<*PN%?}#P=Nso9exzuV zN@>~qU78h%owi*q9+<}$?;Z}wJo(7C4=e@8FmJ%(pP)qo$7P<1cq(yf2`aE}(if1_NJziI{YVi$pLm87ziyz(4sr@<6xwhpS`mX4O*@-g&Hu z3>bQ}4J12KZvJ1`S-9I3j*nipHyj%6e(()W+60VGi!(6@RW?g3Aw-*zAtshgMo(dW zFbOC9-~eR?zG~#jOQn!_y?xkQ?l@4GsrQ6>y)!Yj_CZK9J8H&sL!+IbJjvWqK;Oxm4rv~v; z$d)qYRJ>Tu;hVFP%T7BfNYU*v5Kw-;QDOr!P?^J;Qk#t9_o>^4fo%JN?G)qW9UX1s z;gL~>BaeiPTPnBM_K*_bp?zB?!=WcxtQT8JD~JiH)4t)dSShiiikp`;eb*2$$62F< z1&_7U`+%2o;6R3j(}WF)MFOPcdn>}`IHf$5C&Gdf)Pj4*1opqO0in>tHdJ_3_M14x z$t2D?VExlNAe)teECQ4t-m8r$+mU@xo+z7Ldk_Ks=ekE$*g;p+_peY9?2PY3Aw_PZ zL7egk2De)RmWq0J1$_xiS`dO}K*yO0Ew7^fV?keNT?B*xAJBYbLJKva`(je$N8$jf zftrE*h2)#M-qk=jO^?i;gAgzWen6IyQFpna7EDWcRO4{aBKt+hX@dDb1L{!=WmJhF z+`;^gcl8*B=nMlca7UPYGQY6Naj~y3%Wd1un=PFk8K#!~sLl(O6{K8=KfgPa6b`U zOh&-LV;Up@-)Jl=9c0YlWl_Ao5p(~3zz39?P~zVslZplH1t&SN;Zw!Ijhtgrg}#r7 zQLLMOtjOOE7SPmsf3FIdFO0>*2xlSW)tAbb*w9uK5A8~%@u4ReI#+VVB-fxsVH7ko zfj%=jkJt7mncNhM6q{Q9bP+Euz-akt z7sfWyzpc~bUY@N}e7H%^N5Xupmh*nnrt_uF5z;ilo-uTkaYJJ!nYAt2*~+;fQ~b&_ zO#|A&G{y6C#1-%Tz_UjvV&X%ejY4t;q@4mv#1sM;0sSg_pxM3dtK>3~PyQb{0ushQ z_A8`^f{%LUBQ%HkHBOmhPlzhb@XUkA%+jZ;KP3t!Dj@5QOU{esiu25kh(l^>ie5P+ z)xg(J*(W+y=UYwohuO*CdZp0AT{Cv(WYwa!+SYT1eJM&wiVg8X0_O>il>o2|viu`= zI;mr)b#5z|*;>o~N!wFOycN+L2})vrg&5#kn<9g6FMuu-77Dme+9n@w5|b4L`NMSoc=Qa%`fJe_GSno*;ZJHeBDvgn|%MYl)61+|;Taze$ znwl$;pb%P4C;Wt!W+v(_s~HnzCQ&S0Z>A}`5RUx|q(*5T35b3fiWdW^(Z_rmSw3D# zH8HKpwH-od|p*R~!tSKrIN)_l`ACf$eVR;c~jO0T~1di2FvO`i> z0=9pDFIAw_{Ji;V7AdnRndR5O&~_=RmFZ>=#&>NF^u^Z7W0l@) z0=6kd?>DkRBW_G|UTuhyiwbWhnV7c$XW7$#(u>6IvpP8t7Jp4SaKtMgC8sXRz1p%wf8p{d~T&<&-ipwQ_*!hE-E=^0pc2~>Etrb!7en!WaNEBtI87}i|YsK(%%rL|s zCR4jf_S_GFcV8^hY`5NYYfl%FI;*}O=I3g8ni%QT#MHdp=zM+u87N5rp#8t7;ioGL zz9FKpX`(Td{L{enbc!pw;eWwCix+SF?jJ*=Xb8#hC`9C!ukY>R-N~9SUk;y+&XmrS zBXd`&ZKd)}`NSmy1ua*k9Dapo-lb#J(v$$GtGL2JbMhq6f3HM%cKc5V^QrM_VkfcW-%&=QaaJq&02Y(^{I%7q(Fl{CNJj~$C%t#L6;fKVgd^guhZ3t|` z|IdlTCFFFt876bO+v%rykLB0Wbr;v`?ZPBO}TUBh}NtdpM(9Z{44L ze#f}6TZC-&CKkbCq~E>3F_ga?LrBZ}&C&_hguz zA6SSkn)tRPWZ7)q|1Ev)R@iuopFn!!y+0-xOo;!oeQMLUW*g=}#Bo6T z5A!T&@wa{bU_0_F|l_jO;X_m3g7?FVOhY^2x8#~K)(DU42}wj$rM$%}=CqH_5}bg5`oUyK0U8bAM$N?L2m|DjI5gg)4k&Oe*pfI7M+BcV zNE|k5ba}9e-ptIyb$J5;hB0Bxcksxen?SMtviK7E2_!5W5(f+{oB#}bsw0hVJ+aVG zxbu%)ICL0XfGiuMtZHJRh^%TMn`L4l25KZca>mqnei)qEKz=Bk+9SQ}O!T*RHg<6) zVorqQXB{UEWQM-L0l1cOjocZnNkZ6&;xWW%oaWQ5RMjFRgl`Svn1C=i)U`fS`DRtP zuqoFfaHQE^_;Xh_8dKQ}i#wj$LTz@RkwWdj7=q^h5*gh%OmrDI*dKR4E!@zpfywZ5 zsoKdhCPO$?=YHpS`3K_)B^jI%riN8Zu?%~ieC&ADM?T%pY zRZ%Kt;B`6Oa^Fk}TG+f{484*lT3;2b-Zq zX8l=ysl__av0j%M-=jV7q`i1rgLY)yOB8TkMu zafs^Kq~g36Yh+Fy%F3N-Ks8iz5aj}Ps&cDszc>rZ|KJRjaPEKass)Vd>TGF@>aoZy z=<3gXMMCmA^q1bM8hm_cHhyBoPUJOVm7ZT_@fIXue>G_ZJ$t^_^Jx6Xm}G;SgF-oWS7Z=B>KJ)6LzG7JMkyBPE3 z@BMgO=Bl>5>}%CBUV|+?DSJoEV0yI{6F+Q!W+&vXFpft<8umW0Vg#rwEHNqw{wy;XHkV?a+T^UEhr-jV_tcPW2CQaxnND`y{1Rx~jV4LCKw)|+`w+pdh zhWYpf=S|+mtfW!N0;N63PHusJQ?1fnVGyPiWaw~=kAn!*;=MhtMY*;n3}E8^f!XE5 ziBDH%;ThI`+%QEbJXGgnN*wUITvkO)DpK)yxNkcRf;sw3N&Dnl zI({7SdHa<6Uh2@#63HnwnNIjUOPb@Bj`pmo=e{??yp*d*z7DR$nf>D>GYe6jHkm~H z-P5HaDTr5U)b{xUn6Tu}hMc4~simW`1ytT;wN2l_7nFThq9kqjPJT^BB($QLBj)u|@;V+0+srAWU?j2T|q1~;prI-bw#@KeV}N~8u(ACqgy zyitw|ipW3C^_nHt*Q_NtzTxks+8%%Zr(nY^7G7K2UXJ{fF*T76S4E=p$9SH4pXgwT z>kl8P$5+7<8t0GksIxWND@GHb=Ln03Sk=`0nO?UvAx7&QH; z5*b>@P2=tnOVvt#Tgn1#9plFbGo5sge!LGY4I#!lNGcONyA_o+!+f*fQ4wRPZzt#O@b6VmEi|H?%_(%@lB3Md$1YNc%#*7In&jR6TKP zd1AUmnLdPuU!uldI?Bf(Ve!-V*bIdeHeYDc>;x_@DJAn8`K& zZ{QOzpg?NYM7Nq3;gnzYxTEyEX-d{Fi;=|D3F*C~f+};*06J)Vn zsptk-{IMNA3X#LTP20TX2}o0pPOO|Mf`MD9N%=4fZNdPFIN|*ye3cM&h}ml|lx zeJ;A(s`ogOj#A=xIl%mGqB(a{x&;nt9~>ex3e)7`U)xk5VQHVzuAI1-kTW?iuM+90 z(SFOp9W2EXELLoO{o4HA7DNy+yyp~%_BF9bGHW$ z?v%eldZt+;TjI!MslDbe4-;A2Ntw|307|MV=?EZo!M_pqysvN-SSg9v1ZQ7HtD!pc z4(lHXmozOu&Dy!93!^4GKWjzQ*h;Q&9v-`dL>ExBGuX)J#4YL`@CRSEO~MvI40%IL zRaN~G8G!)*dq}5vW)ILjJcE6|+F+?Xg%(TL)^MTk<7O+_>(tK^5<6|Wbj3Oyj=0Yk zVk^^;iBK+K7@MyRN9BB=ntva8#`k;lHoYEb$DXATMd>JBD?E7e5nO-JDaXJhA)tFFn^rJqI_OK=8qN& z2IdOR5-0V*=sNXYQoR(x1;1#;%dZz-!l}tRFuhA0Ut-o|?y*&NwVr6gZKH1=TG12g zlfJ)A3rA;p|yOjN~R-3ex-t&PKeP=Pb+4ARa8c_Z=V$=r4*~<)U*~0mV>&}aqd#xx``|HdK7~6LEz3 z`mC@y!;u<)s9yi6(1n{!dyM~8JQ$(jI-QiD;rr_Wa^W$yW#?a2qfed#WBf0OQTYSt zHAJRN%6^EWKQYaD1wYf)j)6FAFRJk}Gt>GRqGF~LwfU4I6>RTeu)=Qi_mO6^XX&Cw zf}_9vM{@#8h^h4Fi9cu#+xjf3tfIVMYM7+M#mA?x<)VJj(Q;Xd?umlMiBi1@TOU(4 zM;Oe%JET!^k|Q&N$=uAdRDyXBg?lfi9?cmoozl*Ll{0QAdXYAi(4v_6DM(-O*_;sl zGPXem<8(Vo4x#L}(FK$frax!A9>T+A^Y3(B)wb6^v#I`X(EA15Wg3b?BG9sM;+0Mwi!F(Wr(YOI^o-JdB?)f&no zv?=?%n`Gu#Bm3GTn^EEw^2e~1LJ_tSWn8!z!E?iQQL1-INYZPWOYUAE0jHyTPi8m; z3pqq>-qJrNJ^Tc$n$+l6{E&id4gM8OuH-F>JDXTz6?Zhk(@aM7^R476l zf|C3Ih9A^mLBEc)UU!HY_CYF#s;7&V zpW=A)Dcdi#{ts986eU}ZG zY_QFR!{&T|Wd<;aM2iOI=76~P zW9U;0#TrOgw;PQEb{+Y z4Kn%Pz=T7Qmi=I4sX|T{VHEp-XLzjUmO=sf5fX za0z;nXsD10f_Y&W<;b`%5Pl#3;i0lpL{6;19Mjk6bx}s{zF({9If+wV@PcsrB@Kl* zIORu_Pvt#hKSp`}F-BIDioV32@G>C&K`^l|{gI;AG9dEzfui5Y12*kb5OPvr30L-6 zT#lt+V;Vw*90(?cWOHazkADSkNo?O0BWsrwdgn_WUv2PnKA`Ha)j&u?Gc>ggKiy(X z&|jmHm~xCf$Ak5lp$Z95JS12;*vE{iF`z{pwXs1VzcJiF zK4u9FslzcH15R90WK?26$x=SEKrqtuX=u#}81nJS+p!REAo(J_vx1@F85qEoPXjk_ zjuZL_Ojbp%;BSgssy(dFINz#G&Mr0ssw*s<&luN=WkUW>t1-EpwX;yUG4IOwwHgeK z|5y#Yxr#E6s`ancNZ6CUp!~;b+(b~Vu<@gRt%k()|FD{l*724aCu@dZt4UD*|Exwc z`K6I{$yvphGm**?2RruHYLFuTU#r1qfVxZ2|Fs$t4Ey0{iXy6CmR*? z|Ho?HwnC6Di~<5D8YCtDV>P|zW2+2EBEMDxiTXcQqi3AF%!K6pYc)thV3IM>9K?p+ zL?m8rn*3lz>Z1~KzgDBLhC!9bc+E0$XGZ^Dt4WJ-8s7gOtD$qZA8<`&__dlakzcEM zsHtV?`?Z>a-+b(^)ogqO1uKqA>=(4`fuKt01Y!!PulnYY%@r-<0(!IAFrrFW`S&B; z&#ReLDTNkj%a~W4l&--k)f3PDoO$&rT47QeGs$oih&~LP$fQfoY+&*_#$I*hNPP~a zRb0R)9%!kA!6iOwS6OPuD}w?5K5mpGp|FYX{$U1!ipa_=;F2-3nrY#!MwB+#5-Z z#ch}zn2X@Xf22oP{)(Q`62zoqQeiG~J4VZn$b+2#w+&g+5)c0=fh2EgllR4hV7{M3 zBoO!IwEQd@{jk&{C{)B_daGRVn)tR93>>?TI}Lyv(O#XXi* zvQS%2(IW`_7BL^|<_6)B11EW6)9CN-P@?ua{Eg4|*zEdhuHb8`8aJpy?=%Egy!6Km z21v7K>wY9dHdo>`|4>&tq$Fpd$W`0NYdJ01PMy!Av2%ePCactqOI#YBA^%1o8wU*K z{ctd7;&WdA5OPM^={D^=bqN$=H8b%l?fh9uHhDwNen<1;tpRrZQCde!2DH?)44YA> zkxFPjygx{d@$}9-1^YuNle`DUkT#pPl~hqcGcZ|0(-7Oq-lQib=ua#8&4|K^&C z|DS8_^PBVfH|#XR4moC~ms4JM9kM@vW~Togt1VVqogQ1CXzOt5aW+n_JHMwKKW@3+ z{qK!EvnBXDj+4*+b#7MMqwUA6#{OO%t>u#DMzb?Cli*HgQ8ll}lS4vlPsH$=r_1_{ z$JnQ-Hea>|!Mx!aE+$`hqnNPylaT){<=LY927N^=V#`0OZ8%8R$wJ?+wKw|r+b<)J z1)QdjhUACz3NW~NR0%&Ak*y5DeVZZwT_3482_-RhcD4Rr-Mb4LW482Fv`3dZ+t=8-pq zGEV|wAeVFi{yNEm8z(Zv4|0d~LEtzM$tBjy`N3qGYPUDy8{cWl%MJf`dKf9%|%&Obo&iB1Yd^*tnM6?n^$`Sa8%F54-GEtoREHxVqKZHLc3v_;|z9PzOM7MN6If}0TX@IyXTEDvMqBeLuSnGBup z{rXt_;olGa-0basg$Q{0Jjm)DEoMpyH^ZugAk05l3I2ncmFK)vADSF!qN>hs;tMS# zA~ck1S8dVh34FF8x%VvWebTZ4^fsi3Z=({%<>vgtrZn!eURX_aC+UfL9{L%#j<1C{ z;|k0J9dt zLKDf`ToOih=wTDGQmI{K<`)&V{Hu*6%tJ*?{ zX%$#DtU8xS|66MnS&Ip5-u-QFR$3GoFD^jS+p-PhYF$6Z z>k6^kcTY3Ga}}$5i_qA)CZZ|@kJQiHdqi+Nyu#6nCL`M1W>gfZVFdeG;uF_EIIkWA z#b1vh2?=_hSBNj@$W&y64(g$Nj19V1d)oBj`|p(I7kUeuxU3;@aJ3=Rm1xR#VZpKPH@1DBkq|_zDuYSca;}LNn&a6Xaw`*hUuR`hOXbB2*p2m11w?ggOI<+mIVj z^;eP@)Ey{yqFD=~{UAdyWp2?)And9mo=ig+5I}7Y-Pn4w zwU95tF=_y3P~?3NNRzp2r7N1rR_I^&Y$I73NF-Y54E4?CB*TvY%n9E&k|C6DV6wtc6=+(^3eX$M zDw49=JB<`iE%gy16fZ@P077D{3KV3Eq_js=72!vcqOrO)5!rwWg!$N}RZ)H#@{X_% zwKzC$NuXe0Xk3oKvwu5`Yn@W)4FR1#-8DE!qJ?UP4lo;o^DffmB>=k-K~Z!2z%&Lr zl)*=D^IxjWDLzUvJW&P{ObvGAQIYe@KC-&zofrgV9=C1+CV$qS5vyygYA&Le&KCT>(RPMiZJ~Q zhs4MKzOnt^(!mq#?L?N*AgjH=>cEBQxf#Mom(c(Z%yr0n-a};;q}(vs%~?k4h6-s= zce^QQMqos(&mjmcuDEF0#-Mv&B0lEy2^-JTI$QCNr8DOLI6elF38#`W{y0d*jQ~mnJwu@G!SoWl3B zjJnnC%KG~L9QvJOeAw@Z_f9@8=N&3>uf8e zZ;w}FWO=rKlk-wzZ7h_YkM>Hc+>~nX7oK6S7w@(UbZl_;jFg94rU7R*pi$$3=*$5%#iS^HyG|);GC0gfuaH3QjBjjV;{F0;W<^Qx3Al@x%A4IK>-8%#2qak`FcR*br`n_ zSZgaOj{jsS&PdVWB}>z_(dW`I`h(IsWTi`p_r#bt+!qlsW_&qg=x}3A(w&T;PB!jL zPCi~U1nmR0)m48a#6(a@9*f}VZIhp3dSIU0r@<9)mbW5WlUtBBKICX+P3@g-pbePt zpd)w21T`7L+Jk(q3L+$m@44Ad%4Mvkpb?%Qwt*O(MXm%EA%xBq-f72<3TuuB{Y)8Y z{TX^>ZbWEQ#}K@<0Cf<1`Q3E2_5e}TUDFH@HwRoju4f>2ptT%6$8mvJ4Yv6kC7W^A z<$URMlqI)`*p8ue;$QnG{3$k~EwB^5)+Bj>>6ro(5d}%K7ojLF(Z7AITkFaCauJG8 znm|Gsl)!kM1TaiNeW$qX=?T#nBk3w;^OksE{NjckyUVV!%F!}%CviUu{g3LSmgPJy zz=mK=wZ|;knlZEC;v^!tqFDQTQb+-2Qi?GCT7|`?NbW#Po7X0x;|b6$>hg3=t%gSkc?`TxqD zkn`;1RtYkA_|L+kRf4vPE+m$-LRjuVN9>yD9uVIdjDsW*82P}awLImz-)GxoaOIOH@k{`meSN{NtV-4;$>91pfrL-AnB(Mcl)V`_UI=`ZDlZ>wyZf}w z21OVT--(eO$O9w#84oWR($zH&YL9P{g+))kZp2n!-@)2%lFiV#yiHl{lFM!Wq3UsU zdTS{~MX5AQaHCEs(>nw~_zM)$@`UIpyXC%q_c&3%g$ki1=&(7$ z5Uge91Rdki>A}w!3pKu_h^s}ni1@mZ-2R~-0zhA2(_I1+de-=KAV*Jwt`GgnqVqg6 zOc<+%NZo`y_z_Tokemf%J|r!FIjko?MzlAY@r1rRLVfK=()WS)+ugz7O~`iMg`nXE zqftLYSoAH3XJ40f2AZHPQ4y(Ll}=_rWVUla8n8hhR8~h}7QR)6;eR7uMlZ z$ZtT1@Si!W3MHwX7KGOrs?{elHifr92_xlABz;NpZ!n zpParsN#jwMmO6X}rSziC<8Y`>!UL?~4DYOw%))Zv)$*=^#HV~u%kj=>Cu}iq2)#7e z!G%xSFtH85GPvs@HQ8$HEl+T5)R1*+REFzcz#h5lQ$M?wh}f*iE^ z3G&tkND-)fnqiFK%9Q+J&`3g7A*q$qPMhzToea3wqNk`9xHG%0CO{qKcZH9Xw14@_R;+;I|0g_=#z{dRjE4D2E9}bB5vYizrZiq)ZOl6 zjoQ5s_lxZVjpZiW4hU&D4oF0#`D}&Tv0K=QDNO3SKOA~J^emKU_7S;pbX2EIp6^?! z^V*23rCK!=N1(|@s$4QVOjJ83Q5IS}j4FMUS|{T=m}4 z4x1d0^%^wu<5K*_g{o8uc%z@NNyFqV_WpiFYf?3gBxWIFWM%M#pSQBX*cl1B?TB(9 zI@zVfVT-D3<)0L+!TsjzUIg(HpC5=}gpX2OYW@X&v$Ni)W=kdLtYhU>5S*}Rw-Y8v z0O1WCz(5(`9i@I9*+-^_+W16niwAz0*#Z=LXh&4BluRCq+(N|D!{{PUdo_eYYDGBE z&{Ca6DrpQD+eGtF5&>*&9?Hbbz5xPmbkR_s_UxU!X1!Xc!X|YYCPFN_0+Iyt(?GxgPLrBqZfNm&H6_?5bOnuSJ}St#hbSMPNJ@ z=S%lZAn1X}*I}_sZO&cL*@(xZPNBxi3BWtTl=`8vCT)8U_{`ziugRw$$QyOOMQs(VQlHJq;~l z0dhY4@1ldMe4VV#(W&&D4S<6_>R-ARfc;n5X09~#?u!!N2CmJVDYiK0*A4MY!8Hq1 zb1IwUcZcRT7SRd@^|j{m&xif4vgqI$3BS!~nf1Bq-4$T0+I{1387Y6tg?aIFk}MS; z_gRq&TcHJBoAWh$FQEWq^g-J;mZ!|3Ws-4@GE~9FfZ?)P=U<15I-PyzOI2{TA*fB) zV`-g?4fe#tlY(NZR?kb!aoz=AX}&dHl);c;J&nW;I=QZVQ0e97Z@PUqM8fS z_kK4(_&bAFJEFb)sgAMCL}TLr+D&X|t(BB2YSD_wRxaAHeXzR~*TCRg%W^?8c?(Y%2?oFT$eRPSklE}gmS$rMqSo2r1 zR`I_#f9pwmJ;FwzXGt2We@NtR6|xyS>x}aS2|rXlLRSCP4B=2vWk8j^e5wYkzUr)V z7Neqw7PqUs9R6Oz(RbI#G?3Hmle2cf>KuN$NvR#_+@;wvSJRf_ZkBNk4JpIgEBT## zJNvY@4i5xxMkjRc)(d5whN%OLjT4a> ziPo<2=M!l^e6?R@q`|G#6MGAdyG}$s7YrqCa$}qgHLF> zt4?zCY4jIm#NoD%6N+heY}eF}zqMzkWm0G@D6cw$rwm(RXTXis&(B6<8JejXg!!Ti&6uMTyhZRY`Daj1{L;w|lKv zhD*$*$at3zo`a~=dFxPJL@+!AJvoj#a=DEsAze(zEBf8;icNx=QL}Y? z7rm9gYJ~JUeT$`XqNknRrQX)4xYE(?^tN(Jy|LAvq!Re8(@p;I-zXv7mj{ydUg)~f zpOSE0{)8mJz290Jl3UTvFT@7p|(|dU@liI@0)*&e6t3rOlbW*?#E z>MD8~`taRw{Hc^-Py{d4KK$W$n|@<%v1(d5aytGvl0i$N9h%yeZJ`-u(%%@-T`pC- zDbG&t!N-;k8e-3Xif*s*5VVWPSNJVBK-xt;T@jI{3iCSQSr@Feq0$kL{fbDIgD{w{ zq%CQ2ZcB|aE2n!3SqIKD2&zk>G>cvr2m3Z;1ey!h+yTQsVSG0n(?m;gWi_vxVw=7w zCpUA`mp36Nx8>R|oICFKv#Yy?>qWL_RPa8Pk7sBvT>mKgsWV0w?^+NDDC zR(dx~t7G7;Cs=h#yaK_~9HR-;Uakena~$_=U{W*|J??RGu+`(*d~{)wJLdNzc1Osn z7THSTr`bnIM&sZGEiTP(`gDSln#}Zsl9Cg&fNqf!Jg1~+mKC(lKScpcWqm>c%N^)Lv(6jnQ^GLM8R+va zP{K&}l{MI-gkj-^iT)aCy}9|x+RLQ2nxqp@(w%tq>_yDpgih^#c)j}gsCK;`>a5jb zaHp4c&7h2-4@tykK7eSs_RV-E-;gk+nhmPz9V%G{B>i8*3%);|PA|`e-o;0zRp>0; zrGhj+KdS3?z-7bD(n3};Lg}5efQrxt9(2rPRg5K;`&g|w9h>g3Ppco!J!|5Y)ypA# z)mZai2q7}wS?5;cSEl3b;+@PRz5pYV+fm)WzD@Sj5-F zb~AjGTfy0RDSLR(12y;_Hgp75ynL=qzE{)XJW8B9x*loS{>w8KV`3C3!T00EuV+7x zZM5fbX>fr#wN*C+#TU4h%~yYBoyPSDdZJr-N8xmDK5GGE{eQS1gzh0Ux2lpYhUGHS zQd;sKyTXnLDh29uQVz23CY>R1;GRNe-agqqRQIh{9sa9Prk&1@eim)cC72Vb0Q}! zC^w|QjC2{g+eBzPSP5D?`&wgftcj@k#EG0ZoTo_C+&vYdEz=#{fwfpFy?7|J13Ozc zx7(kDKOK95y1z1glg`AH33_ISGdS)*;Yd>%_@czKc#2D|Y_xEJT&=<= z8cm{&uDoqb8dX&9mQPbs+H>t+Tr0&;JD0XM1L+mV5@9z~@qz^>d;^ogU$vU=jY5ML z`1Gp}cYy>fkN^dvcnmm=G*;xO!ibl%hqPN$Ca}C^(Lr@Mzrq`o?(=P0vEG^LUA=AG ztQ3jUv~!y$IK#qtQu6&0Ec!VsKo*#WQ?B+*U( zz3np)(r@@d-#vJ+IUw`fp4v9|rh6?ETp>q2EE`~zHXoKqxj?i2-t~i_6IbOnSH#EK z?GJ;lOVnbIYXsKrnU1fg^&wiP645g6TpwHwA5j9^iz!?^dD}Ek{BIy`G-)8cSYy;=>W zGLNk?YFW;a`dc+JvG(Mjo)DvMvg7wS>`ZU-jNjdmpWAij&+Ny2p6A(6-d2g$by8xl zyN$GCsur5hU8$?I4c9Xn=ZpvYqptj+(g@4 zR$=%eo`g`-(IEr8l~BX=@RTH{^`*p?-Hxgz@}z4~jqt~lKC%jijTE`9XjB7js%(Un zwV~27)7>VO^p@|1$)?snEjIhCt}4=1L$+F+dmfTmj*mIQg=>JKe==-a4c4jl)q(^_ zocik!dqJDFXtU5RdJC?3UW{qe5z{t~;a*&6l{9w5_c$G&6|b6@t~&FnhYgORT1<8| zUZPqJdu5;)FWs($EAb<`i>@n_sEWev>4SrL`Ie?lowQr$seKXYSrzVU6b)nsE~rYd zmD@-6;g#1cGZ+EA`ePTZ8Ir^ZyU-dwVZqB4H?8Xz%cg~Du{j2=-mIDhaHo+=F7!E_ zo)4ajjkT?O=kuPGYO(ETUOk$(XaZw-Eud>*ZSLz04@U|#(lB|Sr|!I!YWljygnMQp z!@ODTrL4eit-njKelZ$oz%30(Aa<5<=-x*f#v)A?jo-rEP>-NCtK&wLtvDzD?I%EQ z+}Z)0wweu$;`sz^%{5*OJ>oVlohDKXv|Ek|;<_vI)&(;q zah+~7}UF~Y>cc-3>1n|!!~f$Hx)2|=y3g?Hm$b;;DJQh4HM>y49Ub?%-Vi3ti7fO16I zd(+lZ=js6UPN9Y3D{LfGF{!RvJwwD0e9@5l_fF}HG@cL|=YtcPq%bOX2)fabsSH7@ z{U8(X_J%%r3_%ZH56Cmx#7H_u8^iaE#DAA2z*T4Ch$&IyO0tcWAP+a;{hF#aTEDNJ z(P&eWT<%J7eClX}O>7n3C*mv9`TPeI4H*URa0oQ12J(pjbhEAr$Ol30mCg!W;NmDD z6$JmA%>6k+v#O{qi3Oe6I&6!X|A(L>C0^m+pa6L@krm;V@t)%Nvzia<5lk4;*$$6S z9d3Qfr~IMXJTpA*!_f{;{<43>m%RlJycOo^grb3Nw7MR7(xoU}o4<}f#sz@6OYq%H z1#dWHKxz%kQv_*^Jd2qpI83bb?HMr3TdbcC2pGp9tw%&niZaq$GaR)W} zG-jMhYzrbSN!ls(wnpMWkPY{z?GOoG7@Iix`Z%r*T=+*L+L%(s4fK{t2LX8K5emNp zkHKTWP=8oeBngggO$yR6ffnJhJ2yOSx8T`q+5WLiE~(Ac2l zqE*lHMAB%A31|m_caQ`PiwytBvgmTBKzGSRi_9@?z5X@`oxM+5+7u#fwoLz}aCFMF z>aLTv!5t2;%(=6`{(NL;?hRYeTZDSMq|0uyUq;v7Q-`TOvXrclbvqsZyem;IiD zm@-e#vMpe8igx9>c*l_*VzJ{HiOOKAg>zjaH8A*e<*t<{LqC43{n^$!^xye{i!?&Z z8ZPoxp?ObsYivXGn7ZcrvH-!$iCrOL#btwl`{?1#+<_Knz1_0qeOH&?)W3m^)&qp$ z6~Bx^Ktj#zxNT0h)=@J;&(sO@J&h`QjShaYSy378GtDtH7UmA$KdhvP$QwQPPJ(4t z)46Svi58GNuqw89AzLShP&p<{CGG<;$>8Rc80+bOFu2LmH0hV__6-Ki$wnyIwUlO9 za7dP-&l!v$TZ`}({IBQj6d70(S5Hz0Y~^nNzqzFu<=J#nk6_Y+QyCzd8K}q+{x!pR zK?Sf@5hbX0e`=x05DkCwpa(|1X}K9OihJiUlglkDVVpDlamZpVjUn3b)J})aJnn4;2oRu=Z;TKjAea$-2&SosQ zE?HR_+33nQ_v@-`YOGsX{h>R;p@-iQ9Nj*WsRpJtF-fKJ`T)@wHX>_EFwQ_%YMcgJ znUr6%A*YiC?=Wd-12?DCfh~z3f9h4bonC{J{lii#INVMNO z^t~7T!^&O9whWBa7@YCLydD3~Tlj0;`gjBX_w7W5_ObW^d7&>saEyL%b}*)2$pX0D zp(kqGYHK@G9q?brKIT@25__n!{MDP#~})+r(B*Q22kNa7Sr$`@}1a)?+b zBbZs~cEd-n2c8UqbubmkvcY>%jS(jwA@op~g<;Xff@6ueGEJCx$vW}*6Yn^sF;uK! zfDp9dZSCOseVxOXjY~b?qs=@LG5)%ZrEl%T5_P=VfRLxA$Nf2VzoV!kDC9&wtn{8J z;gmBZx!7R5eK-GndL1VgLgF%szy@-~J2y5N(iKtj<8W5SQ=5X2aQR*OA5|(jKQuD@ zxeG@~|HRW4@Pvi;B@cvVHaVhf@AfgKTN`z^Zd2GeoX}P|oiw^9&eE0g0Nvf$>)p0M z?Qebn6)8dycNFQJ7R|0Rx;OluX8*p-yrt3p(}_J*L~3q~y<5!!7gcP67;=oRtcRB* zY#hwJ4&9Q?>;(TjTK455QiBivFi>8`5Z(M`#5&1W%?b>qIK8Dde3uI%#&8N6uVTYs|TX$l?)qcH$M0a23!>j8qyopSCw%G8c-! zMN^og;-y#+u?;!5e=B<05EuM{q$V%wAPRN5bpufjGeYM!`GBZl25RTekP35cH`kFCd*YtzbFU_T!I zpJFO9oZM#b!zc8wJs1mL_g&T{!*WLy4Bt^hZh_g;Xj-O{^ts{6CVLHsJ)$utQ~{tY z9mtl*_PyS>6`nn=Gfu38Zcv$9ToBwU#SRio=Bq?)5ZXPZ@$~G8=!|YE=%Dp%D>ptd zCK;#xr+WlANWSUjsU?G{8V$#?S8tKVvqUQ}ug|$LS_0KRLU!3hzdNaK+i70I<5aM$ zu8>L7FfA`4<>qvn+>Gn-_s``cA`qREiTf6c3Me*gGzUf_wC2f=7|$sU7M{Qqh2zC! ztK&MeX&8X$OdsfBXe%Bv^5WAqFVlwo5-iMxMwS+En(-@p;2)B56C>dQqTB<{mn(7k%39 z)&g!q1iWAn+~4u3AtW#gM^sxF9-8u=%x<`UzW8qpCcks7f(aO!yQ{S}cC-2xh!k2K zcLqK&5X4EPBwfCq27;naQM)n{A{PgNP?(B3cF}mYcqp$y+H=|@7Z=5jerCAO8ntqJ z=;O#^UU#q8P{a7k{)<3w5L?1DK-^ytc`~!3T)o*koF{;Nw-0IFE(5XB=n+EQ*OtSi zY$zhoEhtse!MCvavW$tkIj1$$%rz@~lT(Q6i*0-3Uw;NJzs9r7*td%AdovD|>XoEN zo(_iqJ`j8>OVl_#A4EZM2vHSDsy{*yLN#CR z4?vh$D{hYOdoCHzv&>!xCnES!%+iTpEuVd1NXDBxWrim)tGAOGuox2<>?#)_;aEEV zrf`VLTN}hI7V%ne0+y@xJJYQxlT1-N5Ui2}qflID2OAByvFd@Cv{MUZ{NGn-U0Ecj zde&CaIfZP|U~v)?%p%9R`D0uIPI!T#bMVgv`j-93=4QrwYa2>uaRvB(zz52l??I*`Cuy`~Gs{1@K`A5##k*AvXlzEBdy(mHZ6y&;3;BU{Aj1vZIzi0G{#)8o zA&M)N(cEg*?M`(K8*Z{gGXZiGx|+MX9YMRtaGx!WJB&-n2BpOUkm%&a(9luB&3`;t zhF*Z_3tSw)P1q^4rf`w2V|)`F5br=`wrrk{j?=xVpGZAQ)x~nDhff2CkDMKWv~#jk zROr*=N=^qhibKEts3$KQd@Uiwh;Dnp{>-dJoBR=(I&r3{A~Fr#RtfM#sbl7!09CmV zGX?O#%b*4B>7Qcj;);KM=vdGA%K~SRcXK7&`QkuT!>I{o1Qoh|Vmnu#1MOwU50nt^ z$VZRmVHtIlk;;LQ%*||XY&Eyup%7|~G+H^6V}A|Jc8I`*Yz=kcBQKj9aGMtr3n^^&pK~~+pcP(++$s@(7LgOqS6)r z-NwD{emcsK9#6U5O`lmu^)j9Jvv8^gN%GJW8_@#f1-DvWUa3e(TqeSE!1EC;y0ygF zMfvNrnzCdH7dfSNTeH$v$3>w%>WtYA3I{8MZRz`kVBUNh+7>&dB}Qsftk|Y-p+&*M z_`e@3->#gZq&7S1z9aa8zWBFW-Hw0WUMEZCzB>+n-j4P1tiSm24<5?D_`irYJN#_7 z`CG5^;LpE33|jF%wQs)9Bbz$>-f5$q^e(^3qk1~J`EPdG=VJ=PoC@)$SDGCzH`-im zXi#^Cn&)l$QCCOODV-k5*-bk%ePS|fUtHf9R-E^h)1-_|Fo?P@tj}p;&oqxZ@!y$R zCPw>>YfGT|T0zloZX_<<$u6JUD0k-R`54D`9*{^^^o9T5(!9 z&wPk_q1W8cEF&F}U`Ftgmiw8D6fLYY4?1a{I|=m3z0gRPQ=mfhFp&oG#aeZc65re2cXyd$!gMLy9*5T1z(^E;{V*xD`y@1OF0;T-B4tha1#hpP@pSF0jz z2DnomNkXy@tPrI&OomkPW3ZiwUb+TRX^9so%3au?yXB1b$dMI|0J0d13Q6IUVJg0! z=j6t~%x-X!$Y8HC;5!Lt5*b^;Q>>^|fEOjKpp|;i9_W||r6eMP-x(xO1B90ELXrJ0 zIA9JrG|W7{$SF#_mm-r6-UlO1CHly?^jgOcmuAv-E{W*OP|_fs1hSaf-Azb0m&_M) z* z$T&KxjyH^^G|D%>O4Rs*$&mPh*>%-v>YYdBK}>bC;Q|yz=gzwp<#x!u4Ov+?FtNfh zWp^@BOsX9pT>OK{@NaHApF3PR8L&D>)3KOB+pBI1@J*aA-s^kvHlUMeGK+oBWXw&? zq$HQDi(4NsEKyP$)9z2{9vni_2bCcnU*O`29uKw{Z~<)|ErknLqLZM(>=+Ud0!p(N z+Rz<{RUuW<-XAxAsH7g6wDS08cjCDljdIQW@3mUViwc{fjezeJs{uDRn^%0=dCWoH z&k$5b1f8e`AN z!339e55@CrNs{KSB}1<)EF)<5rKkEM9NH_^=M8UanKP)L9P9CpPlK3Zr#oMbD!b90yJ7k| zagW_oDgG`~!y5Xy z@xxMa_|f}-&``%_!cC9#a^v`V;}`{)Vn6eW&kM6Y^U&gjT3@D&DkDRlG{{QERUs$i zxarX&*jJh`hRcucj`Fz4@{j27cn5yGnC#01i1-b!m3n%j7Xu=d0#Q@g?=%{&;s|%< zx7>ek+D4>aGv7HIyP;MJv6&A%n14N&;czzUbP*!v(S4#b@SVU!qa!s;g{cvQ-fRmU#F=LDIE8IiMx z_nZ#?dX`521K{K?>6?)zOXW7f4*l{t)7aD_K+T)i%*I3%e(IC5$~)TUv1SR`&s%x! zL#?`C%yw;eJDBcYB(QZFz?l}R#0xn(v%Z}RwHUw7Jh?A+W5zM^r^Ty)pU zQb1(5PS@7=Tg;`w(7kb5njXWP@#N!rk&9$r<){Uz0Usf5eDZ3?!8i)Q^cwmnqsQP+ zJn`O=+H9`RoAnq?#tFW?gyDCsqIYTQWjua>j!oDGu6CyrF$+-3)zAQ)F z_zdKCbi+&a*H?f@^_7=BulR|u%obN@#Ksc#5}}yC!T=CsFxYMb(VafEQ-Z@f8q~T~ zyjcq(PTANZCC+u5AU^&+nvdt>lbX?eq*z*;e6>_m9BwT4*)^!gjZKzOpe3>BYHK)U z*31?v0TZwt2Z(YqyBH!Ml(M|?2$|6tSat( zc*z!7T~?4|7rApG@9Q~@)2R|ZF%QBw?WrKyV zWv7dkd`)1QO!a=q<^I(50I+QrT{AY;h{S!G^(hu9uEk3=eqmxjRZlH5%G#1cdY(HP zx;#wLADiY9hb}kJ580-Ohy9`jkzoXLIl%jo%fZ(Y91bF>f#BH_4U9Uk1`D6vL8#-H zp0MkjA3|^V9O~8l=64S->!slN9blKi-7=m^uhlx@w+9|;Sj;&xpst^zM;;Zi+m2<8 zsuvWPzF-?#6jG+RS!)vX(2U-0Q;m^BHbVK>I?wq9G2t$a^_SHVQ9@m|zta-d1f~En z!Zz`_Q-?%@1T6{zjlg3FBIRqcb&CY(ATDL>IX1G!7l1B204h2P=IBCt%LnF_GFs7@GiVff9@L&e2uI*kFbg`yY|ByhkADQi~*N= zX`v2l{T)1=dnPajGmFJCyGF!8w94dIOmyYpqeWJLeN+A;*SxYR;QG}uw9YZhM>MW^ zzG2JBVrq6~jc|ZU5r2ZHIAW1<`GQWw98b{dv<%%)hg3FVLg6^Go$6vbC#ehrbU0!KYP3Le(pcae{Q_I_;F); zzK`j>_~Z8Re>#3%zIM0q{nmGPH$Tq97H{ZhbiW2({C*^l&QZUgK6d2(Ez|R2ukZeR z{9KS!J9jt~h%;gDmuV_mqvUn0zscE(b>?KvI@r!+%y^z3e|hXEt&a6I(jV)%RqJy3 zXgF}V$qdSnNo)edNt|J)JL=4%RqfJGv&7v8oBDeomZ)MTsXZ`C0yXB`P)rRR*~tp3 zxo>1u7+YRaRT|V;k+F;@PGzXVDS>QK<@ooodj;p~Dmm#RKO6KD>F{ozYU`aS^?gFG zByet7#eEH05S51AHTLpG<>L6fyfmgxE7`g|R&tI6g1dOR9GAC3RB^YeN}^}1*M zxL;2i9A4fMCMGmp_shB)yd8CVqp!{5A?9yjQ2TSaH^-4e!yCFslTb#J-)rbEWxk>G zW=I%dr5zkEuQ_21fltK>->%516egF;ciG?q-+m;9x>cMD-8oU%09W5o_hErJSWd2@ zad3`>_LqkQp|q#h?%}LL&fatFGM>G(Mb~f29d}{;%k}FgN9Nsi{efk8c8Gk}?K7P5P7F)FXQiL^`7~v?MwN<>+M=wo$MrMJ2TsMU& z!-}mcl2r%3@+b&smEa~&HYwoAQl(v&6&)b#P#7P)f$T8}PxT24A5j+3#7n;w0`QY3 z(wGj6&Og1fGN2o>Lq5$>pa1wyhA6WRaYN+qRQCwr$(V#Ky$j`LFft{jBwVcl8(O>guXr zU&ncz*99LoDCI`_a4iq$wG{G=N{MC=np=r_LCyf*#7RTSwaKq%5-y)dL#3rsTge?* zs{`b;6p2SOI2N1mhx z&!g9O;jPt?{wAv~)GIi`Vex!B-9Jt5KQA0-*QuicC1x-eAapsU4bNr^T4p8x;y3ye zXJbXHB*6D-BHfdORgZ-Mk2?`6&gWtkM1l@+=MuGL1%stkh(s*ENMmYD(0pAC-D@~% z44FJ!coAo6wsjrP_W->q1Y~+TcVHE4X*SO^Vr%BjAC^r(;<^XAR@^3t9^hlTRUh3~icue;8ul}S zSk2zX-5I-#jCviT9YO-YyFj_`gnfg2cQ!J$kg{3hQwnDb^qCVGyzb|~uB?xR@sIQr!jyvk{QNZhnmg zy>BCP^(N`;Uc@rfuG0E;DD-;Hndy{55>EF}Sw0A54o5{^nHpKIgNsK$tnR`qooLgU zxoP@2E(JpC6jNfi5#)QU{(f2bpEw2D<4} zEQfiR%S!1oaFWGoAjmlTloKjy_>5-Bu{Y)42qSiq1wxZfbf3S0#qp`t5_6)MjGIhd`DlNWe^ zLc*_Zq-{mUr%uMZ&U7QlpiLej>0TdCd>L*5?}LSm=S7?B1CNaBMOq2hI`r@j@{e5| zJ@REo1>9G81l)?WRUNSEX9pGBH3Y}4?;@6UAXb|LbB0c%LV7&I)q zaALbzb=54{=mBE~$Dqp@Ut|oBj%O*gd;D+k&mwdBtRL^$v33Wyb?(u-m&b(ZnI%p|rg`P;N{m3vMc~7HF_*;($Iel$MIX z2S_QrI`rDmGB|Yxi#~2DP>8~V+5~!iIMDN3wYX^%a9G2kQb~}|VyHD*p+0Pwr`ROW zYLmcg4ey*LpgaXdf0xheYYw75dyy^daUg!RxX^w{Ac#e_hZ-}?k8j56kJ&em@^8Tv zj8V79`z4smZ`p$UF$n8xrsBsJPr4390jYt@Zb8A9V@?EAQ*@4Mp5IxpgSrHW((@F_ zg~G>!Bgzk{l|jX--!{GaQ%#)7DP}F2Ih&pD;~h9qu1RZCV6*^c92v4pP&NPG+ON%{ z30qlyG&F1Q`=Y`rnh{Wyi58He#7b}cxfEv1odp`!5!e8Z)X--g5u<)YQ26YW`n@gr z?%q_mz#SDDZK}={_>JoerwQ*po0-_eVGQ>&-OZaD4;?GExL_dV!^qdHu9L-grK7#* zXo&cw>PON5H9Kz&-spD6xM*$bG0}!nt%jqL7^aS~a`{h%vI{N^+p0@6{?>YFXbd&} zFiF4$r@qj5pV?$Pv^O?+N{!fT|AjY;>T>g1-7U8oMj-CC`|2;J!TANAQ4E=-My!in z0Sc$#nE;?p>6MecPD`ny64Nj)H-XS7naDSnU~)b&Q|KH}T`bUQ=A0wg0Afpan1tLC zS?9oK|HPwnwn~UU!P*6z?PX1uWok8`+~}@+RPK^8T}`+=Y@O=3S&|OWEP69q+n?K{j$@WKP*|&`OnUN})3DDW$=L-3j)(2O|+r zOFKOpY(~E{?I$|iUWX)F<+%H-QmI@y&SyMCj4mp8;5KK@xnm~gRJYeFd9+;0a#XZj z%&M-fmvff6yO(ne`k+mgPXT(4Z=30F-8nVymOs&XbswsrlOhT7h)3N#(nH41 zUhl(CP8bALxpAj~YDqWkXoZYvxl$sGkqz!$KO5CMpXkhq1K%A@3 zR#b#ezt|>ONewb!#*|`fJoM4y$FY(4g4<6sYP3kTW-*PU$3*8qN~ycu(ml)msnl)Y zJd`gtp|Dwy&uKuTl;j7so0TrI&g#j~3)_PMBA3YNZ*2Qb2Z_fl?d$|+xDSll=FNwv zTa;c=nNK#|Xm*8r>QN*cjt^U1mOaE|g4D@4{!w_^`Ud>sDbqL}khvxe+d(y)IMe-@LbswS~U~ zk{jKli=3jf7EwX?4YZ}&-X)wcNKUaHNlw$a;h4Na=Gte{F{I}UuM$TuaSfq0p~)b^ z*&yQAa?7*vKey`I{>~+J&a4YnPMPM=*y7BY`cgfYx|gkw=2eTFjTz(3$@YiJ$_|JD ziNU8wn;~2whBH&Hz{yzN%C8hFT!VO2ed$!J-A3HTHBrWqF*Y*w4kXKi8z7Gg`d^Ly052q z=%!z(_K@}zWO@MirNAt{K+T3R_! zLyFpIX4Xd^zNUaN_yFnoZp}%LJ8j!F^H@))6xI-QW>x;iz}_-X6}K~6GA)>emB6NE z!tEIFaa(ytQZ6vaKH7L-_IeuLkxp*H0z%zLx~iJt@m4}fVlr;wwp)wMbAu`L2<=i+ zOKPti7APqNnuroDO4m#)&4de_f z8j!1+v8YLZtDO=k=xPzhjuWjMEpfKA&cBLkGG4YcHaBjY@7n@*W#69+C8j5h`?KFy z&%L8@d3?Ta)sEj@_m@>gSD!aOkAC@OmX?H_#_)&6t)>G6h73Dw=wrFo_ptq z=f|OtZ5o>kfIu#zG;X@)*Ox<@n|zlAsvBMjOXa$^1#9G4NwV7Q72MZmj!ijMuRr7I z->#_B*7k4|S83g;-q#U7ogfu|D|5G?j3%%c>x0gek-L&&kN=ONdmTBFJXmv?{T%7L z5U$(6vTrWoFuu=9hj&gppGE9jIV^9rO?CCK68tfiH@~TD+dH&+KP$dkZdxq2=>#5a zTz9WU!c^M4dj12;<=(z2sb>5OjFhEELJIE|cb~sz*UC9|y&Jt|%)7R>zlT#jQ2{V7 zR|@5D;FfpTI>yn|H+^TFlsz3${Ip;`6-kQ=Zulp0ytdbFDgxv;a?qEMEYRU0YVO{E zM2{TVz}|U;kxjy+})xr{OW#Y&@k56Wv>C~BD9u_kA zScPcZ)DGponu2K3JUV7LVK-IL^^*d zR=Jnj^s9y#J_XXBCR23nOjb;dZTumkjAjrltOE-iH^>D7T=t4mebLn%xbv(|Q^+}s zQ6#0+)`j8k$lgq_(b`bwPvevJ7&E1oq|K`|NLj!U(vjpDfDSbQ(T_8!sf9;h&L_f$ zFQw6T?nfd4h|G%CmNE0pT%G6Zf6RqNc8;pjz7BL0Cngh&W+HPRkr~a;E^O5VgrA~* z`pXU`5w|-N&CKh4zd-u}Rx~6YMx1_yqa+S!Z68|l#S*CygD(w28!j6tV(zj9ezrb4 z*(jGA&=QsnPrpKojMAxiRiMD6^jX1wi%)Ib>J|oS>nwtcG~N#3>ekA`jN3#i|i0Atn3-@MLoD0Ecf~NCyvscAQ8B?FR0&-WC^g z_I{~GNN#gKi%AuO8VfO{(rE`MD#s}?$2bhrjNo#ke&0qKQo4$e;j($Hr+$gb%{d(? zC?w?^y`_%B<+<-dN?Sby|SbIzgO1k3JoL)ZF@vM_pWgx(PM*=udETc}k#c)46u#xBRU1x7y#y zbOG6tJP(Hx9rVl9*KUj(jZ@f*M%j$VR(-&@?&R+dAxE3UUGIUdw=+JgnrM?z3K*>)9Z|BkehY!h3MI|Fl*H^7x6=n4}5v+ zv9Oyf0AT+Lp_Ahe%C=-6GgvqJ?tb;90#wjZ+>`5orElcMH=(bsND_DQeC@7hjWfqA zFpB#ThYGJldIvh?nqS5lFT;20;BCjzlUpsAn`twa*cCLC`p=n~(CF#@HB)_oqf`G>(Xd6Jjyp>Gb{P*SsM#F! z8MOb~RrgNF(318}mA9FhQo@4t@T!Irk}|yMJ_@}E^%4BF!@v4Xq>`SppmTs=PrTNu zSm?J50hVJPHU^p|I7qVA-;YjqBga!<@@`y#Ra4i{D2x|{e}5^+kb9y)>QvC#A{Cd* zZGqu~thOL6@YJCyWbaW8)M9J7~)H zCTOXH0h-9YT?^UbcklOeFPieV*P`&5zAVnrBxRfF(wDaLt~rT?zK2t=$<&#)M2W|e zhZFrDRj2!qUdEb!KJ3Q(+Vlol)87(!f}U0+RQh3I)0gWgF1vD(Z2#bz_hm|~<;kd# ziWS44iKgmGRSN$YRk1DglCFG>9F0CR_}x=~_fe0Do?hE1abt zLFZ0dXU?9?rDvbvWHK?Ah*3zI(-%q&qy)Ccbe_0y^o|QUDDu0hQ75ix`zy}LzD#xK z3lj;~ql#@>X0(sS*_(&2)H&A0cc(q+y+aO1v2Q%j<*VKPHl0~Yqe)HZc8fH*9z9+x z{QPP438^pnJtrqc#SuF~%opsU`>^Dc3$l@YhT?ei%4tLsCNrsf1enrdxp_P5JQ97n z{wO~1Rq({mP^RfL8vaHYSBrS>Cb zVei=|PUWzqP3Qkek#>TUb1;8ktMZ|8vU+5(!ofJ6DrS?+Z%-EtWtILv1;mL!D+gfL(HZpFuo{IdL~0glq@g?DHX3x?{W7r>|k^p zb-ttdv@uB&cK!Kk3AiRxcQ3EM9wuK%dOWhe@#AxtS+8dtuzr3UFa1}}PdB(+??(6$ zkZvDc-JVx7M=NiW77%JP(l36paxbUjiz^KReAdC)|c# z5Y9)(5rs@#L!d*}$HV7t^sCALbf6+~LygD^sCu{k4pK*KA$!;AO0xhMoy?;R!k6^e^xUVg+23#W=dE z#e_Gd?Q^elG&-bPq-i11KHRCbDi{u69*n(S9i< zr0ms(CXzDs-YA&MP~fzbR(rg1J%lCG#CR63>!C53qv5&~k3H`KL97>9(_o+cGhzcs zSI9z77eU`480fEcfar4u+QP2%*%?k>I*VGFt-`pqEciE^3f2~GD#^CgH9tf-;2u~c z>*E$cTv{EJ_%B&B;{4u1DRJSOX_PcHZEqsHec&HTu&2ce!MBa~gY(0ip`&0fF5j2u zL!u=%QvreV!n<~`el}h2yUC(!M#sczFaM(~_+sKmNtX)^mwt7+!$_6rNNojua2MLm zG;VSz)9Q=H{3~zVK&gF$i0as89g4Z+`7Y= zit=3niJOhb#(N@UYGn7A7kG40=Rt56?_d@Z%y;yJi`KYug!V6$Of^glwiZWLN$vGR zd|w$K;gS^%ziYO<3}T?aIXnXPsx;?hg2fn{_a0y(;GDdeoON{}+tR#W_{K)q>{tw? zNh;kY6}jJ*S5gUmd?}nlT=rk}&NR`E$z*!#sRdoTmbmTjK{|qIgzIIBC({zA4q9Q; z^A1~Mi8^zyImGj$ZnnMrh0G1Ru$F%wR@`o-UanRg2u15#%l?|p8ME3+?KJqOQn|xs ztc#OLZ<8MV2v()Qpy~oGI>|WCm~8#aGu3ddb^4D=q!F~z&4$wj6`%}kGslYQMyAXp zT}Mo%a*8=T{PEq=ifXS1MbLweA&!~YQNf_FNZ=r z60@Ypt3%dwm3Q;-djxW%LE_|}$4D`wG@@1XMK#Ja)fMUt0_|VM$Dd`<6-9pn$W15= zV^~rsZys2V939;JO~mXw%%25xlrA9FRS0&i0XdO?z=<)?NU?$lxk9qtYD8nDPXB7yC0nt;KW&#)Hw zyQI`*KJ_h+eET|vnw#?1k>~wF@3`BziBdil9_hgZVeiXzrs5iimA?(*fSpa&HPD!w z#>ZfK7mR)KAvOnC(t>{mW>-}|F^M~;5L|%KJ^vmrFQ~@HFT!dkI;9%Jf{*Ismc&H_ z@KyC|OmOiAW3^oEPZ-{RIS=@;ptPxvO^wYQLo7rCm+xzTg z&%hR7EqahgZy9TlH$I()vj1?xTL-JQyB$r{Mw*n$RuTfo%iN^OSpU<4qYwAU5M|*R zck4sPaiSidbQ_}Hw)LH+Ex9W0U^?BH+94UOi9locSZ=I<3uxIL_z4_@P`04o#g%b3 z^t)CRSA-BV?NgUV%A{!SQU*Y=tMumysNB4P9f&a3xIeO0Z!dUNK4?WgOj*8>tr33~ z@U4H0;#q%0S_(D)C%!?HRBA&sIVTTI0)t}n@2@9!G+_`=Z0Vnc+Q{vMS65)QSgKD~ zU8zViu4BPW2rMa#nGp^@r6AN?i$6{blz_Ln53V?T*x_6&Poib8Ah>B$BktB#9||C0 z2Vjqoe~AwVn7(VlOP#0JkAl;u+mW?~y^Irc)LF1H1prp`vh6isZ;ymo92oZ?(@2gSgx(1%>$pzD=rgtoidOBu~Ng4 zkg59EP6>=9w-Iyn^(9A6K}FJ8e5KW(?5GXmn^uBz>Z2ctkU{4`sJQp}Ld(ycO#5n2 zR#ATpXO1qS8kLrU?C7U==(=ZJueBEt#s{lFYB0xWin5e1z(t%pxp3vCWdY*$Ep#N| z<7|_{h?!igtVCiHig4@4rorUUu88B#MBpgcNshXTbkCDG%%66?Dw-@fcX1DxOz(S$2m zhk%-?WQN#zVK2{8mKA=6?X14eWBhCFAGALiARn*lewald0|uJ;oA+0d4r{p#8Uw85 zoD3O35BOi+3QIP$`W+f4(b8vOjnNz-Rr2-TJXVF3?~=Alpd;3jK@J=f= z`0Md%0*Uj1%c@DDqu$iJuDfFZ-kt+Mew*H$^nUPfe82DP$cY!#`n^u>%o@Fn_FjMc ze7il5>ODO_Kl#4xKfFgZs`cJ}?)o8nc!v0W_B^9_Jxa}rJw1Pa^;(Xaq2x-pVF19EvlNt7X_gU^!4ft@sBIqrZm1cZ|iG=hTO7S>A66W`MavKsSI_&3# zn$NmwwV`4kvSGYJTB!xFN)jfSB$tWWVhPb7!3md{Co<$~VfP0xg#1gOBX^jCYq-K| zdp*YFhujs#j`du?uFcU=TK3k1YmIE@4Ppk**ihZ|tNTuXT)*`v1Rb`%bP`~1zf{4} zNp_>TIxIn{&L9Y#z0+rd>0;R6I8&(vb-2L$>Njv00&n^CI6q|rEcFpdi>5qUGn*tG z?U+UKIEP9Q@H_^kb~#2K!Rt&Hn?L*}r4Ytz{RFr<(un(ab46g~=x9Noz)OC!lhdUw zO3O=_Y^*%Q90F2xCuPHNHWFZD*?*lNr*F_%CaZlUCSHld*T?*(B8m|OMo*5MB43RQ z+mT%`KAy`Bf$9@Bqg7Dh2Z!G@_P{Gx&UL5J&hvYubK?)x)WO!NDv;-&j0Gz~Px`(i z>ybi}Wc69IzC$eyg;D~9rBU>y>S$w)p@vlK`4m{{gWN9=)`gGE7{gqlm4~B(D+gs* zP^aKn@0r>`DG!!~g&y}9$MXq#afJaj&W+gwKdsqJ`}yrsEz0}b=_yzBu4otmp32<9wJnPBz8K{IO$C;k7XBr$YfjI7 zdnS)@|NCO0d5wTg!sB{P4`-k4b(8kvCOI(L6}`pRn6ICve9KIs9gOOQOMc6f>{}NU z9dkuSJ8laO@jJ!N`TEVdlxzkpFVxphlp|)l2s^;2eyP$;Lr%7dx7h{4^AX|S{ZPCV z_1|C*_7z)$0 z+ij`2sCnzheEybDxe$#~|xRxV;N|t;H12Z)$qC>yexpZyC z0;WDBJ%KOc2FI{r*KLMMsG=nrNIPT8>+O>E5Uo_I_EeDS=i>DEloxKM6&EjGzmABy zyz3%Z{1FZ-tq3H<=CAAqg(36~y4zVUu2JR21Ph04Jj=%KXBZ#iG><>vhcJC$<0`>VAc-K?+_hr9C!R58wkm z#=Tg#GC^PEYJm+GNr1TZ^XHVKg>5QB$Z&qMbyT>A|1E&C*1hY!`t-3j-GVJz5@A6} z$J+(a5&7!t7;|(L^v?#pm-R<%`vzTVKSoug((X6)C6r0P-CXlyR0-i)tx!*_ujPYq z(~u^CMOvwgPhm$9FOset0A7E~;&rQ^fQ-*HoFM*HTe6;f5p6oTm+h1)lT~CY$0Rl) zwu^bdifUZ`8FYSOJw;4q3LPgnb?;2XB9rwm$hsJ;I+wqBIQ|?`9*vgx(;{h#z9u|J zO@o|8s|8i>yunpF2yZ8|oF(*`=Rqz%A_00axP+7iHqQO;48t?2tt(xVC7PNrQ~NF3 zWT_ZE@odBdSGF;s3ra*pcwYs?400pj9u;o!&#d5UMT;(YTbVBRoTceb!(w>Zm*tKK>XQ5B7zit>>SLF^fQjT+@5~ER0-Yqx)YR z9DgV{5>jP2WHa_bcI5*v;pF>w_j5?j14SWaAyBzWLSmrdwJkw4OQKX&VMv&!h9FS} zn+?aKrLidGvD_}@+V96}4b>rMhZkg!{L6jOF=@1qaSQFL+Tior$*)+l*6^C(AB$D-Ky^S`kG?yaKF^la zZ~t-f&Ro-M-Oloy(#RF3W}S%I(tBN=Rqe;FJCb{Ct0hpoUFkbsLe??OrJ1*5n5$K_ zlT(%}(qc(W)wK^pW{dR+oKun_lA~N|pLdTo$j_*!bmGBg2blY#!pzAw$mzkjVU`i8 zj0LwekEumO8HS%rh*mfD=h4CsHH5Qy=Dsl%EEmrYHFH@?uF6+e#yNc3sRS}&$3wCY z&=#TyDc0t0L)89cl*l;HUkmeWTI+YmuWH(_wpC)~hUjFW5krc1e}QADFA_)d<6c0lhp#Tn2B=Fw&OdgY64 zm%Xeh2JnuMV+p`1hf{<7v37T)_aMw<=>B8v4x9&~%b{mcwUX7gg~yG<;~zwk&YBy3 z!_pofmg(UejMBEm`M>-xX*cg;)G#sTG%#*USGcuYWO@Ny|FS?NMP~?xDoG)E_<&3% z$@hOtyC2`9v-p0mhqZdVzHgVOwQ@fLho5lw@O%3QcI9JC_f0i78b-IUhqpkLQ z?~9P2QR+21dUx>A1lOeg6~R3u*4B<-9=tW{EqxB0fj3}8%}>dQ9-)>%K$t0@4PF+H z%G;BmL|Um#$`E4x+)>ep-V{rPdy<5+>Z%ae57U4_j2D{d?#(JhX^7bd?~z#q3PX(c ze`~vib+JO_bml{2S6BO^aluiP<3?hxnQ7ndsT2_fZeh{mS67sUQM+RHw2`l4&anXf z;chclGehqbxpmeP$>`r)2)`VCSigQCA`%gFPQwr!Fi)Iw1G6E6Yn6bzS&NaPDYl}H z-pSitvc=m=`kEgvG1zf8Bu2dMV9;*F-axt9f1A6u-J|ZP$sfOyXUa|g9WlKo$S{=r zUJb$dXypkg9MV=p`l%9hBzd!;{~L^#gz?X==T1*chm<$d0q@F|F)1}a!N$9Ffs-~h zRTMQ@KS^btRo-mpxN^P~1BL=nPCZ3C|k;y-!!yMh7 zWd3Jem7(lUSmcfnrWs4c! zmP(@RYSXuMtSuN)Ev|P{)Jr1&p&&I2PUOck$>|J!J1^_K`OK?dcl+U?D6CD5-;?ep zoXdReGx32(d)wiIXL@z!U4PA@x6^29cG;l47bOjuIjmsSX#!?X!Bm- zkqDiZ(%O;k?_vhC5{z;);K4~oRy!-!1^w-hbRv!1nNLbTo^jB2W>h|SQ&-%01sFwt z2JJxeu{Mt=TcSlK3?MB`DA&>jv(YLQmztkop0?vKvp>Siya|dB9UozdGv<3(ugJ~H z_MAq|ozqdP&3Z;V4HAd;;pO8X<1G5=sEtIwEk(VjoO;b#eQ0>fMC=)uO?n7sJf!7? z=TyB}M;R1Si z1_-CWrkc8vkv~thiVeMaj+}>{-Mwm&{&GG0={$LWII3c1KF@5l`9CGZZmq)(PC{+> z$}QEDz389ZKN$jUBP^^w{$WJ+)R?kn5dFvT1LR3E>U{$k5RimN=FB`itm=OH>|S~32(;H-7*z6esAxtwc zQVOKxMXj1gOvZs$!Dm9uiIL-A^2{=|m@N#F@W`c!7*{z3b8Y`AH36#~_0cDDawd6j z>2V}T7J-k8O_TL4I-JyRx^#bzInKrkFG_huh?oJoQ8X@YLaHM6;W!)Qt@W!$>ZSq1 zwdqiDYHRk`;4c0<6~vKD z`##W9(FgrS5~M875D|3d(2uB?;C^Z~$gF)Q`Qr8-SA$ywNOtpBgg93VGBX70m6 zW=_|9sk(0ovX_GUkDpo0qbs2<2xc7x()Q?0v>_?;J+PVd+jO)mSf_!D$oDEtsw_Xp z5;`GwbwL)Ogg}ft^&Kd*d9a4rF36kaz98=t+;}edu^Ajw*0>zdhM=Jv!iTK*VI+W~ z|4^MjI`D-0sC_3h4IvyIczjDL2p-r26yTAksXhVSoMr)KC-Nbvjd)+tQkGCPwE+Y8 zUM0bLbkt9unFr<&SEqqfF4|HcWwqKlL8sdNRS zO?SBohIgtYY%Bg^k(m;00L`Vykh(O!pT|S*MH?5n9npm`G9zZ9vvkZKhhdaHkQ?j? z+Sv!PNq8ufiS|%zO&aGn{OndDxa5bvvL*N(?Jrizl7;C*4k5GZ0Q=Cq39h&HtD_F1 zZ8QxhhLe6%jf`Ng&5jE@2`5}OJ0HY;*Tt~Sr}CQ?Hmw4Onyem~v)&bkQDCnP+pdMw z68oaEyZd}dG~e0jVwnyu9b~VcQCB;4plXX*3?-F0w36upX@E>6wwuL3`GSmf`-RR% z0Mq=X_F1b!Cwx~!jy9@p0ZiO@6cAHN0ky`)Be}WLzLZLYB z9Bag&wh6$kWBv%Cu&4OjJi$XDbgIz8^^73&M=z*Kd^{(qDt$%(h8n(6tcO6ir@xEz zL=eUyHZ45MC)(SHZ7C0ebFmer4DB7~DHHQ4HJBlIr`TY?2C5>kqfU0*ZDcefiyL3q zH32b0tR%H)4mLu+JR@GY2v6IjYv~n(*hN_%Bo~%5D4I-Z-4f_f1#}{!HJQUYKx$q^ z28E|Je%~$LT+b)qE~IJ-h!*D^vbVUD`N4)Qxm^9ZPi-n%PHWX(>-y)*G0qidF6`Lv zlFySi8pwfa_v%Qqm9-IAf+x}bTy}lMZN$$70M5$*_|G{28I-0dGce)-9y^@z)Az1Q^U!EM&@~O`9Y9E;Qbb5_ys1jPMSCU61J1MfulD}^Y)S!@}Ntb z4kh2c-Hbo=Tho&T?%dWCGE;Bl5Y4>p+RknbsGJ4J?VDpW@$CD@h1&f!@!f4B^r)}u z73&j@eCw7qLJZCYC(2z`wC)kww=R1kOg&ws%N|hZELu3S&v3;hpav@kw#Oi(82kg} zmArQ4GG!220h>e06Ftzky~C(}=;P!Pm#dtzI%&1=*EaMa>9p9SNIK@;U-Gmp_b^Bn zzrtQpXp2DJ7#w>wjCncV*IC8qSjo)ZLQSEZkdwe1<&XiWLj+q0yYF|o)kKNZ>5Mfg3GL3e=~KMa4L3R`t1Ig1Qgf`tYEdpu7r+?fI+}n?z(`v%QMBi=BU}^>m|e zX5>7#f+oi8tKiyuS;mJlpGTHEahz&+%=(=yWzLTT;0YzITdDm~I)=P0$)8&=WhA zN+n7_r&?0n^ssH5YK$ml(v8!o%@NJFk3^LI9|V6%ld2Z4*Tv7IgQ;QC@sje@(va1E z&x`#@Vzz#twY{C^i{&?z&ORi#L3IFqg_|}X2|osJJ{t?jF=`N8(DPtV2Wjo>>}}~{ z?v(q#I&cw%9M2?%De=<3yyNEJ86upvSA!eykz zgXea{Y2Xc_1-os$1sZ}Q)mWzmy>k!X9A(@&!Rm=m2069)Ejl%Rd+?9Jan3KZu9d*S zhR5)lwt^MLn?jF}Yn8yNoAFdUSJW2Bi*eK*rh%IpyfSTfCVLD>D;!7dY56StDT3Tv zQDLoJp~?h!XySL`TA3rpieVkR`?@R${7bw2(`r4QCE?|9tZ~eaG~lunzYpgG4E_Ry zS6R~`VoQQGo#^>GNO~p8uXUfl4>?TCQ^j)`>*WCoHC(aA>}7%9rgsDeMjG&sTDi|$ z`YtI5xaWsqZfJKWirs7Gj>#MF{BeoNUvX1Y*ako~wyLsIXkyd@{R*0Bao_Cxp4^^3 zOk9L=vG{&`o|0@a>2rD33J)rj`dfG=8~4~DM@uR_?c56}1;_$)oGC|Fdcc)UhLbwf z7+AexH>kYImktZ`gPyXYR2lk4*Mph+(tpsZ3T%f-oYsV zEc@sy1z;f|p0kxF+R?rR2YOwmcXgN!Z0|{n0QNzj+X%{2h0lM%w>*}YuuM19=?KcQ zPb=P@x{%6fkS@-twEBeJsCt|_g{8ZlCdSAYT%R0+SrV1h{4Kef2fRtIR@2I*6|={g zN{ETu$LsC!ok8DVbvM7{FN9)yBhX#`TkX5n*1Ilq;maOzSp~gZYWM=eUeWpYTkoEh zzbHdDmlcQl*Vh_U5SEPc`<4o^ja1GHDP(`jN;N?%kin=tY0Q7HuMIH}gzk#!M?pXA z7!PcN4t~Y86T*aln%z0|?m3Vj2wwhY%lt{{yzgWi3Yn13LiF$;tW9T9o#HCem56X% zYO_hlL_uDAg(B16^(hKEh-*2s6pp8|199J`Sy1t@yWe@%H`^9uF=Q%(?bb zUIE^_ES*u+p>eNJe7ljYvBNzGUM#f4pp2EOvtJPL;855XNikCP{yvwr?Hx;_{CatZ zuChSL4*a;GFiQ{Xhh#WZ>KEn^OWQ{P)^bDpyRvSGNe|<-*72UqO+Aop#;fERVk5-i z^&cOPYr_o>J9LTR;VYmqZjB2>aKTdwoukFn(eN~!|w$nxDV~2&YCx7g;x&`7t5Q%NV2d5 zd-Ol&>(pTonj$4EEIa$eM=@P0_m^*L)T)@GU|K2;ktdURP<_%d>H%w72TXna% zyjNcQ6TTGDaU<4H*`}a>uC}K}#c>ida!cFKzCrUqlul%QLKSg)vsuV?QNBOUB*S)h z=zCzkLdToXJBiii+a7cznV0d3XV_Qq`ApmpvtIQqr3eXVd8F9edGH`E$^tA z30!5~j=9#wLN~4k@a*O1C?jmd3O=&cPFFV!dY;z_MaB*oO=1n|m-YOTRp{NfwszGI zj=Bgl`lH+nf~Y?T@&2TO0uQ&^3DLhrZ`jQSjqDKnuz|3J5H>H2^E3*Dy7(|48}c|?87 zrd<_R(=?+t6@Ib#Ls=V=j|T-jWj7<+VK15VdZGB5^tKSf9Zz-iaPo+L-W@MoJ}xZU z)#k{)f#SRzEaZBL+&~y?>$llHhZ$9^zZUxL8%~Db*iSbgRvFE($%OxP5^AO*G4r3~ z6J3h>54qI@CSagS55oHzCQeGwNcKio9$m3hrx~+^CGAL7><10oMiXkP zn(%4ZJWY(`BKc8EZ|~g&3xUXRba}e%fg#s>OeK2+JzOWHstrMP{l`luy+7u=z`t9{w4_5js{J;Y`pE>|aD=>6ET8j1Z+Wm=;I_ zn3&egMbl8pYtcW#$Nu!b416W96pX(sovt4T*U#bIrqZTjM-Ph4{OuYIVF_Jim_S~0 z$ePuJr|2>p_M01SJAj#co=uw$l9RJeO4-01moPyZoUoTrQpCXLg=K~(MAtG4JS*8`FM`Qsuhk* z$rO*?X*JDjjyboFXJjoPm|@vPA$p!xlaM*lA**H5q!}6m_qxmD#dai2bG7EX`!!8g zOR%ka2YPMA{Qn^LTaupfBdbulK+EROBUBsgCO^L&3V1u@^?ThDoO)v?(6lt6cmf4} zSCx^F6JucjT%i!PeNAzbR<#cas$&KzNW=dFYu{}C18c{SOC@{!ZJGA{U#C03TaOS) z`Q)E@ax=0D)(2OQI|q#HNKs}5E7x%}iruWGvpR%dM5P`zPhjocXzy+6t(K6jSxjAj z&mrTV0c)n)thWz7ZiO%{6G-qQU9K(f00c>n@7ePiq58D)>A`mTd8x z^>MAw#_d?gDA&cl1@G1@=47Wur(5|v`t!(Us`%!o{G*o$- zo?xnN5sl2~55WSsKocUy49zf4$sU}h=_&FjLrUJO-4rZ9_uD$B{g?|!gQ7l@AYO$= zph;Q~|1h!jwb}Cd^q2gBCE1qmwYH9A$!t_$^Y{ZppNZ>#={?qVo^O_=YO~n*j6M#r?ko zxNW0cz`4HDJFezPiKM6|^B~gdjOAlfXh|}QUZ#ky-*Yi`tczuKy z73MJg@_JwimjE9>w07_O)@U43pofq4^}1>>uB10c*xBn;tPEc6le-=O5t}>smgD>~ zuK-SWbt`@(S34!9+|zdofwO4(X;v*zH{ToI;^OKmoYM0njBafccwODDDqBQDgY*&zKwV`y zj;l>01z3UX&J>64?M*}##kEX|PBj>h5A&KYXNAa_?(j%R#F*M3q74{sWs>{T?&cd{ z@mFuC?h!^2x6Ikp|CuS6$9*SR{OgI66`xGC9QdTLgMG*>SK+@^bDM5X)5&2lrg>2( zR(8w{fAILjLvO~YbOP~Mbe2j6E+u_N$}LrW)f_*J9BM<}v9?s|=0FsoF%H3HH0}eb z{~x~IF-DZI(Xwvawr$(CZQHhO+qP}nwocpbK7AU~@7()+HfeN*oPI@|0tyVli&CG!DhS4Rs}sqi~yLs>8ln zPVI(9g9E4sHN;1QjPD>*G@9e}C!50L6#o`wG6NSu_1G|&e4unCjsT!R0vXN&jGgg1 z)a)E}jiUulkS+m~=8W#lAeT1j{QsHg+Tff2e=*UP#o4wjWybs!4tf18h2CWIGR$g7F$p_Cl;43wJ4bDBFEqu57NIa}=`q_}kq|%TQREDNf-$itVk8FPIUJ5O zQd7^PyH9x63`ttV8&c!IIui8R*6cLHxIcBWLCQwwFvJu@?wIeLBU^0DIvXPhBg(`A89 zJ`$iZQU!)I7B|u5mbIru<&7DF&qSJ6WEEW9DsYHn!yhfofQR!xsXkly`lJRHY)S*h7nM?_!PIY7lrBLTbl7zM1 z>(Jb|WRGIawZ#${0&lFgu}XQ6 z8z!qu<#t2QXFsQF&EClCfo}^}#S_&L+4_i2ZL9Y#2pesm$SB+P?cQzo|MuNZ=r81R z7p}M<$^zve3#}BB5*x(l&5PDl$AeJ3KL)5r0c9)FIfigNQ8!D#5JJbxJvK z{O_GRG_CKJHnLk^V&N|EAi??OO@QI;b-R*5fPY-ZO8JA*p323+eqc}=`Tdsy^zz=| zEd?<_y1wO0;O*6q%3DKxlUzGlQ*BkBv*y9dn(PvO^Zv-<%EV`&zi6YS7EweOhzX532$Z>ynS*Kv)ID$%XQ9(>S&W3(hm;V8@Q`T`o@i%>5HFqvM^^!y|W zfsNFnwpv!4w~EZ_PTi1-_z-%gA%uTC@=I}jv;pWZuWa=_D>1c8aol5 zVUQmCzUIVNRhsI4##|a2TY>(F>vdgqe6jxr#>)WFf&p@`Jl@yv8mM{19aXH8E;W_4 z?=ezNvCoIvw%Ab(4aL2OXD1mF@|mU%1RfR@A2SH3Zo-;tA40&pJHY6++ zHpdjv;L%%VxjZ|%xVSv8E|=f`{3-yZe)4@@uB*rYFK%xxE-v3kAPzqmpktZk>)7I` zzdHCO$Y(ZxkBQkI4w3DcGJ47nV8z|l>nno3W7lXbgx&+-jjjJB8{5g#^IQLCr!7Np ztXh+HMh*V@pfJti;>Ao+T58By$%xhzOPza!SV8P&`)%-VWF}$?Nx-Z%ArTv8wplP{ z7KTF;SBoLy&N5}<{a3*kM_*u!z!Htc==eVsU-2Q)lw(F>?%8ewp6TR~gkIsX<5xG7 z#Zh}=j=!V7Rp0UPHzKD0Cij>CB!r4`bIDi559`LxVk9n8NbDfjJWG>P5xq1u-v@}Q zGmA(}u$6W7&R-r=EWSQ6*Zg>hK+F5V&=U2BgLfhhhAa~QB@Tc_!!7oq%QcfSS84wH znDIGLmaas!we(vR#)VcK%3R1WZR7y?Ke)XsH4lv==l_G-L(u*=w?9k$A8y~Cc)7B6 z1Fo2pn|Rnh^Qr490;C60ZoQg=L&hl6vBck!>NT56hdU?hjfp;3I^*Kd6AvMaPWe6Z zAN%&N{+jcM*m4Da{{B5tJ+oj?5fUFB2uXi}L_YMcu0*_+N-pi`^wk%v`K;(|y8jQ8 zxBiEnXnd8+tFF))VTFVz72*$;g63?M4w_VFJ6bIg=#)cb$1b^RwTlQ;k*{%}{c?|@#) zTs$hj9x$VIx1Wpk%ZvFv`iFXF<1Z!Z$hq2ig z7s!FkD%b|?b1Zj}WCD8_?1a!7xIbs)OciU1$mDrF_i?VvtwNh*nFU>+7G6+$XIW=b z4rlB(n=CwfLYysFGbrf?-4OUe znwNPycmB3=Qp5laIAjysLRSUNhK=q3u&`n9>&yTlI|@ApddN|@V_;wX6@Tlf&cMV> zLMt#1hZ8v|0V#EvlL7CXOfb~rXA8e{X?dV>%~@H)IxjUKl0&1Vx(Utvz9}p~;<;;^ zaapmKxAju-PkB2>%T`}^)*lwuAtp6Om2&}PUPD+hL98LHfiP?Wn0lyb1lvj00#R@} zsM;oiv`q$Sn-0)49inMEMA2$!n?%t@pcm0J6F!*Si}-PSj#8lcjHTmktZ9|MPB0}%ic_|=-QG2TZH3an!S^n?KgA}5 z#?mZApw?caGn+ECeYSSXzuGZ8&FDJ*tWdvh;a59>!+k+|`11wpF;fhcbw)j8CcgY& z%&C3+*Fg#fVj-~5P*lfIGZoU~a`OJ`gx<%F7`{oq1o8?m;1AoLyO@gqIL8`7b)`l} ze&+Z3?Z<72V~gHD|2-)mocUN!<{@@#H`$PDaeKEBQO32^PM4?UzQ~eoizT1i`49oZ z0ZLt(IDPZOJLz5XOlnd9ka(E4Yc(aaG^^E+Inw?P$%J-U%*GyD#MwiPxQext!0;wp zV(%V>wu!D5fN&xjy{6FN*3ZSyy}8<3ZJNzAB`PNbwzN&Ej;ba*VuS4@tfxNKtJwow zE#lY#O=n*4{W=rAWMfH!l=ccC+V#%cGvK48Dt9f_*&NFArT-I&CO=NU z5pT?~AHve1XU~Jo|D(C}z2A3Z{kd=Y)8E|O{pM6}^3(rjWNvT#^Mf&e*7h@>U}OB* z&-lHM@xx#C@ROSD+_v|)k7mjGZ@#TT@1NGNA9=rRyXwzJZPX2qR|blC^X3M!{dFY! z>qzL(TO)a!wgacJk#=?cY{hObu937ZdYUUG<=@?HuE|(A{_f`H_A;&v`?aqostd1z zb-1q!PMRUg#dfE*vdLJqFbXvjQ3)gtF$qN~l5>>ySiE7JOdu!gQ`!T^a8v;S=LP zFh4*Dg}e&$S&~sG8BeW^-jqPJ$^r<=FNB+Cl-=8yu zj885=X}^ApF=Q9AFt{s*m}Lf>+ZerD-tgr|Gw|>SoIAT>?Ev<~xhe$= zW-#J_Rmgi3N#+p?_?VZy8)eF;!uWxlbv!Vr6fS9l4OLK9y!x&L`jkJ< zv{dNzsw4cI^n97D5yfj*TY$4=LO2weAxt8Pan>Hb6Zs4#`P_7_Uf&XfOtc&V`6x+y zOx|=&4mq$sgxk$h8OjaqTs6>E3daEzrc}kR8G|)=nH3xJvRk)BM_Js|xdbRpC}J)Y zG^?sJD|f4AhKgvn0ECN9C>0%v0vKmhg`LiVy zH*S+36NeVlECTU#jn1u*F!RCRHoSA6J&6t?1FjI|*2P6MJ; zbMyR*N%Ib4j%W(GC&fwFxl9Fq?Y%FOmD)*+gfr?g^U70NcG^+FuY^ONGptj_pIRB!Df@9_BEV2c9iQYT$0?BIq-b7Jxi&9H_yR14Sb*G z&Tcmuim9H#a5d2FFruQ+5*w3ambq>-2YEXct<6RbFtQ%fVTBJ;LV9Jx?+PbVRO}Fo@5Ln z%|gbX(7sO_DoI?kHAYb>hs5-J);$0Y2xezy$$Vk~bm_Gs)>XMC{!qhbsD;!}Z1#As zbf%=d;T-W1^TjbjNvssvuZe@5oe&yzbB^J35!ziECC8G6P<}$?2B(^xacxzzEue;L zNXf|G?lqSyS#XB^D7%uE@G%V`Ol;w!8a*HU@dJxPVWVjUD(Cb?3VYQD5X1#C=_JOh zSW90kc!rGA%&#fnFgEhKPN`WRiZY=E|z{;K{i5SxQ1LbElZV3#}Q*qK3-RB5U@1Si7mAHVGh55O~25 z$B#qw%vhEm#q!hP15C+CR*3HccuiFxI&Dh=HN)?AHY9Cd!D3T3G$%H7z5+hnJb#N< z&88|O8g5OqzHmxR*`P!ydIYE8RGjJz%(4Zx>bR|xs>tZxb7rRs>IG%&g4%x)T7NFK zKXBWsl+1$^L$nQ3w=>ojdnw{uD5zRQGImfjqLk}O-ZOz}OL+lOGA>51Xv1N*rCkwj z8~86U`jX{Lm44fcP{JKYx>tKGUqP}=ex~ShK<=H5?ek$vvUR&W{_QTG9%xH1^;+Pq zG{Z}7(zpgV$58oNh(z8l zq;;O+jmnE@KwRK*TYs|z7(%271sN_eFyO<`C}*QME8*D~&b316C$QGC#hk$s;g2h6<3S`* zWK{r59*ZfN>O;&G{Or_>fOG=})GWrJ6UP(GcHN6Z~-%piXL4 zswi;+rXb*wfka$$UwQ^w%vT} zGGt)(eAP=B@w?```N(z7GtKc%arwAY+?s1{K1T|d&Wbmfd~qGS4MA|u88^Wrra@Me zy4r<(Iynv|TI%cPxuC2^?LD4~-7r@Cvc%Y4lMIBDL`{p{$oSZh{g})m|BAOTtjg57 z^!b|)jF9V-moQj6C(maf0>>|?QVT&pQyM%wTh%&dRc|4}&xKvA&oN!gJ__)KE+4p= zt%MyEOAh&9YIn$~S&;B#Z4FgCm@igFexLsSD?}ztUWn1F<9#uZ7fFS=C9Z1%;sC;mA z(~);utO5VU0US(qzrD6ro;I!V7J09mX5rS-yt}Cgd2?e+_z!`C3JgP%yrKAo{Q0qvuS^62 zNq59whp0I@IBk&9x#=Rk>HS&8%i*8nBk#N&BZ%S+=gaZbs7>CFNl>RfC2Y`fjEyK5 z=;y*&;vl$rxwe)QB*hW3!DY&q+8c)%;6e@((R`X=mB=nFyH}F$d#U6kVH~CWYQuM) zEQPXKiGyUW$c02mLWfCZNf0lynkuI)7mP=g74@;9F$?shv(420OW!DA!5X28;KEDi zQcD`~c#javeVsr1-LBV%#JGdPn(^(NLX=JF@BePveML+2ELVc2tO{(*JMEeSf7n&q#-Ir$ zT>#MSNH&wWi?RAN%>fZCN1YF=jb3~hHsFcSH>HE zpg4|B*q*JZKnLd(z9pwjKKB*1%olT{9>>m^_J=6=YE+zOMWq&`NDhYeTzZ|$O22-d zlojM@=0B*PD&YFC3dP~o<|ST?YIt=uULSaypCOuJc6Z1f*3c^G46kGlrTFeeju76q zU{iosK)70H^rBS(vOoQFfr@X$QbR|=ISbYTO~fS*GYd{k1t6B-{3euE0=Zg9OySk+L^zE5bNgdO=PX7U07h`4eI zt&HFAqfb=DURm)Nx=bD%BORs~`l;Ojxhbk;q%IJ8f_LCRZ7@5#8nl@Ac4yra>n_f< z?;)mXl+XAiN-)C&L_1h0)(H#q4LQ1U@ilUo4@m#JjP%hYAtcpE4~y9%wa8J(u5lWk z!P(bkd4wc=vS+()8fKZh)uGUt^J~R^cjB((^uagIi!}_;BDdJxjjmRUD#qZH!C#=6 zJsy?~P7^1hVI}sga(h2WVakK)leUBid(+-(_O&kHwM&xfmJ9 z*rsi|Ow)JvImrz))4^>c{6tKn0KiwBP-7ApXAjYgEw-9q>#$|_07+c~@oX7*vg>*r^G@5nh2 zmhC`)d*eR*#DfxZl1n}SB6o6Js%x1%G+ps8h|q=WQ6HU~iiE2nn;@dPW~vE?5Hv&Q zgtJD?LKCW`qgQ{D^$fCzpPu&P)A{fu5F;s0J>uHE$M+ZbF4mU1q$YHg7PmH48o?na z(a;m@WObu~_z<7$IijM&wQ!F6q5v88VKtjZ|! zCm8MqG>x7xQ!0gtd?Qv+SzrM(5kgq!IN|p!Tqr;DjvSqf$n8`jQx4;|=V}8aZ=2ml zO3$G~kS|15$ zih*7sRJ*c>ALBp3@S3Z5BG67w#z((tN+BT70@sCOIv zlNgPcNSD?Dy9%tO1Xw1D?p<^&%!hByIKOaPe%BE{Ty7yFfkwwi!eJO3@d1hMLq%BD zEO%&Z)5(jSZj;e^<#>1jAP5Duj56ai=+y4KKTzczQq6^* zy#dcpB?Y62?`VcUTYf$&(ON8zXFavYmG(WD`jIE!3rt;0S(5}hndSBes?n@(#6fC0 z^XfGg;0bipPjgDf2@-jvRG5O-51{m9&298R(!Xs%avEGti_B&Ty~S~XiZD41Cc`D) zK{DImKUZ%s=?i>ni%~&|cZj4{1F}`91X1t!k~5Bu%iDJKydB*xbMCJAnYFN5`!2ca z@?Rm)=~Q*xkjCuI-3*lX1C(6RiCYY3Y8xaxq?_GJk#{#+dFP(5X({TL!B^42ixn?` z-$H8fZTnm)yK*bY?+PfhGVWr=ZDkoDDOG2Pjq^##+`J4$?HU@zZR0SdX|-}XbAg*x zmB`=J`$n+HPLR6DCt$0fFyOYY3L1}h_kSeYt}|$JaO{O=oto&+c`}u&xEItZG+KSLy@I2Dg&KZ<7c}-$LPQ~bUhEYe4EJ{o zDObhq)Q=Omp|gtLa6}fh!o2BR$@*l-q0r4>h*aA*guQI_vMo#!tj?~ERVNYKokg&q z+>v`JfVAj`)W(TkCwmn$UOIJmGP_F9?s=>!MSR5(mYU$a-Gq_YGj?L6aEV197)#m@ zlqK)k=L!yrGnj@-PS+8&on=IP0r{hJHJ)@&yHtBOiz zs>LvoPsH3>uZ)D$DAgP2j3Azc9S?z4*$M5?tW;z@W{;WWh<7du`jW?|>M8LBy2BKv zsqrg*25rTPYLz{<-q1zA|5)CVw#sUw@s$c_+ zvMrP?rv=ZB+<4>`pK;9;j>wpXFaO{wtfw5=s9jEYADMksiYiKm3iYZ=Y@?v!-E6|X ztTxmE;G=UK!$GG)W12~GHc$1WHpro%p?1+vv4RY}@f8sw3S{LbVjG?Lsy}>er!^c`_bAbwDw$ z4QH^(%nWGTw?7fQ%=>z>|9Q>(`PyvG7u#d!|GC-Z2frWJ&;R-Q+kX?^&+Gqvy(w=m zzptZ<^COf0^N&1DZ2e=sKmSW4&i{6E;_1x)Cw|Rv*HbP|ZK`A(d7g|@)qJ8CA}r%7 zN8Dc0dV?}uFUEhO%7k)toPWbcV%@|L%?leYMco_EkPqI8TO(I?#6~z99HY0GrkDAn zSsIA5ofE1f|98X7CG7N5EnFd)BDPTb8u-spX6wy7`aeA+Z~X2UGs#`nc@1-}o>xNl zs4w62Hck5jyTOocn5=~PMyLA9@k3L=wx$4sHy%6#n3i}-M^D2?FEnHMxa+_KljUir za?CiX>9aAl5-#ksj0v2|fq|`JnRcib**$IC37X++A;HFduUz?zbSUS_`Y3M$+EdG! zHyN#&Lfge)wC&K@yyuQ>>dJKSq_K1v`&Ob5bgp$eub=PZ3M@!3Y{L`-w0j6Bl`o}# z7A#zVKoI>PB4Z7LHIxB+v{C6b!B8QCa}5aNju1h(>oZ+-*8qPWJ$z1fhA^|#!83a7 z*CAGVt+aq`ymDA8kq_q<(!M9T_Se$I*C-#*{VaI+3EUh( zkqI~ZU@c^fY8a?=jvG;-VkeZ!h6Uxlaj&JlgnI(W5`NqmS$MtvvhYw`n09`JJNsQp z+Syt4qHH%o&%;|1o1`;u)B^e@j@E^05--Refsg|kGg=v6nJVgo%H?whWmVd#)M*BWYjshg&j3Lx||xAxpjT z1)AWmdGKstGH^+|m{X_ic}&&r3ac?EU(PA9?s(bdpOT$u!gE%tmKj;|90$pi`#pKV zULT=-(sAY9KpHrCe4QU}A3rmT(3MCam&&Tt%Or#=$CsV$#rFPedo~G{aT*B8BM#Gg z>%vj=&c2)JD$qaT8q0Zeq0`-Hmyd3m_^iN+;pE!=@3_7>OKWa>F&Ff-CQZm3HwF(e z)*{2=yWThBYkyhYF9FR|^w`_f_LIU%B99tsE^BN{AC(f0!$9JirZHwS*oBNThfdXy z9BCvA=5U+0>nWjMf48LXiQ$$(!cWWRGszH*@V}m)kawvdXZ#lE{l8X)LqI2fe{lLg z0rCHcpC4v;rI9ZajV;inFLGljj;P%y8#D|kZWPBaTCjMvwuAq~i4{Ng)9c5&{WLYd zIX!#1ySKEne@t7r+ne95>Mxulp8lk(NaTE)y4>|mCI8Fif$F_Lf#nm3`wq+px%4l{ zeDM2s0~uGj3HuLXoaM|5d|f{p@MJhUm)y(Wa$67EiDas3r#f(U?6p}3buXr2(3OiYIVB8G(!j)RhrM`^J$RQK zBGf}jNL#)AZn|MfRg8KHpUKb~A62}XUB)*zI~Ow1!yG@8KaT)}!Q3wc420KqF94W# zuiPTwI~K!KN=w-LynR29!l|YVu#tNzxDpt5y0S2yH1mPvPbklE%s^qfm@ilCLzmgX^C&djJ36j z3TMy&>y1-UQ8+VDqNy^re==n>GfvT#*veIIZ4%^&sY6{p*1dOx2)q%~K!UVEfLw;> z2;w9>BSAbI38*Zgot4hm?()l@O9)y}7}r*)*v>Oi8cK6hNn)qA0F`CwtOldz`EUWpCDYmuHy?i2`# z2CIfH-J)&VOf8V&P-3k0s~-QRWn{HUkZrICl-nf>F-`_kU5AOr4zk9&-lBy`TVX zpY*TO>-G5QCjIE$#_8D{_m6w*W7KI9guUjUAWCi z&`mC6+TlMeZTCYRieav>hb{6)88pm>k&1#&pjmTWo?<%E|oF0uFk_d1^wyT%YLp z0L?dJW}v9odb@11AzovDJ+sPmxby3R^<^Qn+6tJ?RC#6qqOe{ra|z>lPNU)RZ5zwL zN+y#gydm7?5nVYW%Wv@pSUV1&R|vKNIABTPc4OYdAZgu3t(onpvQjw-RGVS#yNCy^ z@OIs@LEzy&*|LW{#j2HFlId`iVJ&w7XuIW|--%Anl1k%e|0c3qAgfkhy%Z7uiJHij zH-Zf1t4vNOj|$}N>=>~T8!0c1-#M5_;Q0pxDpR1pQXK(aVwdv*Y~vQ)Qu&C@#}-CoJG#== z%$JIDWJSVTDb?9SN)h)`%LoRx9y^1>pT-&n#>q$5s}P{hw<+o z&-$;fuK25RvxWS4DfepOmNn{SBNRli#Ti4(dp z+A}e88O0-3k7ZYw|O_N6pS8!|)u_ZOmF1V$8#CcF5OB7T9_M55Tp;f1iHC zRrT7qyVZ)r_d4*$2ln$l*L--%C%0zV#Z-aQ%a*XJkfbq9xw>reUsYtAbA$5?>df= z!*4LRc=QrS$Yj`0_Gy7C`t4Aaz3Ev-TK=vAQ;Bgj6?)2M`s@cnA$K-eiRdq&U5^Ph zz}Xm`y$6FDiB)e8h>(uK*&dXm!ktKu1kp+Nki(ECWDD~ovLQHf4bNv}W2-kgBp^)v zAUU>@F437H;ot@2_o#KUorx{Da_aBSNF|pBFM^h~{=)az97Uc4ZH21%%p{T+S!@?E zm9I)>)gTIM7v_zr2qB5`NRgDnnrgW2@-ZSmw1w_N&9sf6E4m2z%&Z-?68#L=M%cEq zFVURx$c?cP&-wKtOYg1Gjp01C&DNDQ2cE5H1st{6hM+|BcyV2TSvU{cU>2?nsU(~b z9~LiTt*BQNJLhk5hgJqF{~T%om6tKAafKP44sOrD!lwmfTZCt?p`T@H09YI8DtzND zGsvieW>xA28_@kRK)mN&n7Z zsrK>E`Yo>l{lt3y9qajQ&P*ppVUX~Y^L27s40IDW|5H=Z**WigiaOLr!O%NfdSBe! z7^Y0wA1Wk_{4zsnD`f^tj^NvzaIu8KSrX_?zV1?}9}VVA`6oJLpB4_=t_@oG=kW4! zh|+d4%d58GyUwQ4*!J@}R(zX)+btH?9NuSEOp}=}xUusEqvS}}@-4v2JCiY%IvA_o zUnS-ZcL|gI&tyfZ@qXT@DDw5BY$-OeT>2m< zL~S!xY*dpxOX1~PZy9Xo%EAO}73`kL$IKJ_OU9e73O!HYiRnN`2hS|*mOPw` z?P(PXovQe>R|X7MNh_hHHKJA0Oe^W#5E)6KjCx}gtvr+n*S-}@_bT$V--kQ@QliP3 zD&g*(zgs@MQat#=?PdVASuv`^C~VJbem?>SLHZeJ+B3edU9POFc?1DG#z@LXsR26t zJqQH+v=m5JXr|p3mdqG6cRSYFw-a*fy?^}7e3*TQWR8K2!yv92{4A+3vx zQ8WZI7l{zOj5R4D-_0LyKo+QTSg}S!gNs$pZftC;j$?H!l%m=i6EVgJFGJ9}Q~1c* zK&TN>Qpij8by0aVhC}zK%42muugLr(?x^zPuZnvH=5RNX!d@fX-;9OL7=eVRPB}69 zeCkO2M{cgr%*f2tW}%b7&z9eK)pHF8eF?MM-Q|0eN(Coh`=$_@%n|o$8UI-jLvER* zlWh^ThsXjgr0{%*l6bpE;i-XOr5b8626@vlm4mCFOJBXW@-!Q;Gly%69OZCf=fzZV z>58Z}yU!sDXnX1hh6`?oUh8(fxO2lky?x!h8ScKb)2vwF=wxo^qS`iD`hHgBU(g+N zD=WUpQVgoUuVG2sg_2me{~ep+K=`lN6tu_bb1njkUyNp@--tu0N&wnV1L74DDMo=OM8J()f@F7mF-lcM##K3Im=UU zk&~4AR%&foO{m5VVjS=Aqcq;469TO&6G>AX;+28R9^3j1Q_kvmqiR#Yg?fIms6Wyl zd!V-0@J&ExNi&s+l115WGzG%(z($TMOT)K1t>1_;Gk>%k$wGK*L^UJF^}&M7ZRi0{ zDso=aK@fRUx}cq{sKj!?Zj1(&tb|e1-FcCPkDCLi6?ULeQUQE9u*Dghb2#-G@G2A{ zpD3{?hTcuA81XZVj~Hk#;rx|KrAk2}At5B9B}J%}Ouboy0Y?!Z+;AvvD%Xag2z>FH zQjWJoorQ=8mHb9!-|ximesY!-oJ(gQS60|3+D8C1ZJv;WuXFk;c9%C)7k9U>!9Syv z)^7m-X0}hXdO5m}fU6dzNx-xhsEL3wzVv4`-E9kA=Rce8bVy94?!5|!JxY~uh;noZ z-`5@RwG89oD>wJ0X)S)VyMO%(k!?A#cb^PCU%!yd2j6f0&2)a;czc6&++Y&&wY5bb zfNs}B*Q)P%oO9Dqg|kq&5Y+iB9lNYMd|n{8UeVp;QmQ-9#x*<>YNMI|%?!shj|wo) zb7EG7^~eO|T03gk5SO=)OsL%O?TXDqs`>W01TwDFrcN$BCXz94u_iOO+vM@Z2r*Vr zc69kE+k}c8ld1`umSFW5En^_cuWL#1`2L<|AEV-Ppw;(LdW27}WPm?*#(XaPn9J4&ghe&)q znVpx9gM&V~p;-kNIh4+nZueVhMJ!Vw_usoL(Yz{>eDaAoDLjeGs^*Yu#j$=>sFQcp z_O4>z@eB~1l*%69g|gv}?;Si>?T;E*Zu{Z=o$lTelqNxY9&fbxmc~d_{|XeYET~53lpPGk=u}O0nM4CS%mdHrQHWT{UmsCs2b7sbJ#aJw9ZLJy z=a^#erQI1jlnV$SJk+~URct$>s*s&qK$jIgY>_cm1?=EsQe|YleeME>K78c@+oZ7J zlfA(p6Eh(r;rwReHexMIJ>e`(3dOP5PH`LuwRs#<*NjYe6L7ms@R#n`Z#IStAV|xe z*vo1%Fy@WG4791AWRm=R7<18c*cEAPb;hsI3g1-q>(OGF)VfU_of6;fY&UD z3;FHYV&L7){K?X;X3m?Z+DyVm;-xok7SM`4?uEcT#sw-9NOp@$EK4QL;-W;V6jA7y zVmc2o@yxZw?yl{CYl$*2zr(&)gs|T=o8EmG1};mB($vLq>csQyWvsC7(AX1kVNx{G zuykmQ?pmU1!j1mssXq24&uO>^(Pm988Cg|)8!@#5L z*~&^N24P_A8iD`VbsreG~`u4OXX=z}1=-FT*_gb)$k zle2X|T#Eoas26GKT^zAV{%TTdYQh$$6TZ!j>@Ybx_!deBx4b$osC!j9S)w*Q_txX3 z+fA$T;%W}fa}f66T*m0Jc(S8m9cigbK|<3NeWqO&V}J4WRz@KHsYlP$&`SGpO(L(B zs-TG!QTurm#0GL$@3>Ba;LQEk4gycSU`ZNBv%UMIJmm2GlJe!e_BnXm+ZaZCZGwk! zRT}&9BJ;ye9Rv$}Ke+)V!tsN&bjq9=Z&^_nrBk$ES?q9EVZaA{ynVr!$TUwSAQRHPyC z6Wy55@f_o4nx(DIZkz>=iB6K?*bY3N+(1HZ@8XBx1~;tf{!MclNP@N0wg%HKRAque zzpE@7txB1(%PQH601*!R3MDn17u41trB*n>Z9F+p!EKQaUjo5ymLW00Z6<&#l$KhZ z6;B->zP8_jwfa7<_icM4Q$tG{6Y)PMcY}3+^xY8Mzv|4XI>T>bQ43JzZO{p)c-UUn z*Oio<)uN$GS5vOK7v8!`yRFAePQjh@xeFGd9=CF9d2XsdhH4DhiEXKAn2NJtsgzaR z;9*|kfpZ`8UEtv`tL}NTgM02l`if%?6`jV&#wcSQQX%IE(4MIVWCjScin3EuWHcpk z+(s%)Y);kwiy93q{&SIB!@sWluc@_&XNoQy@tZE^VL~~0wiUH0vg%)|bLWcY^u zb&x1#5n_mt6lo+n=e)!vu_76Z^i;~bO&>wNl?!>~fWP+ELczRPdEkrZuXiay2%wMO z8}5l@8~c9yWpmeH+Ov*}AS|-9PW9Ze!rN;ek5rPAY(a-M#cwbX154p)%L+fsAOwNMfSVMg6XJ(?)BztKLBhs9*$ALu<167$ z(ER$jC3a@o_o?rFUY;vy%fxm6NxJGk8IImRC!D~9Kc{yAqSr@0C9RG`fYQ5j*k5k} zTC((7XrnmvgfPT-1a{n&M`EKiFD1gZS&zuqWgo4`3L5hWp^q zC08m!>e;wuGKpONfY;BL4^;*|Nfb=zTX?y_@y$4@cbUh*I{_bdp6vjYDpF&Bb zl#&SS>|O0l?%ZiF4h zd7}SQo9$U)2qk9KG4?Q=$yp+4DU&8dit89?1P!#TzHQnzCCl_HGNJMtp0pF?)V>VIbRw`BF4H0$Nc1}d=Z#;;dC zYpEASgRSU7aUENXZzq|~Jreb%vxIZw4dHPLls_yRXaAdz|L5<{-+Ww`trGw5q-Fm6%h0X^o)Dy$&HP-Y+R6M~ z)Ae#e+1s-U+PCIqq5741yGtR4zg)+LSdBH@r1JtjG%NuI(unXh)Fq9tEdGj|J?r`E zTYx6@=1EXj@Tah9@MdU?~}2?$k-3xa;Zuj+(LxG2!Y z_Y84Mm{g!f%5Wd%m2rJ`wB|5QLu!JLi9oq95X)4p_G*oktb*1lnr;X~)FfB8X3o8l zqyLH1#5V`c#prl-lIeGATE~*5fQL{5mxQnH^GdC^Ltu&wEH*Lkx%eXmI=vS8sES7u z7kf}F776isHuk;8Wp;YH_m(sKPl3#X=hmr&hYp3!wKho0TnHdFk@n$X_k@Fg3>9k^ z{(vk?y&hoQez%EqS!P*oalO2OQZ3Fd*7Z63P3C|SlRkugxX-a|YIS8!wH_6?szMnG zKaoM-Q_08p$r$1}h9N>u5cA`CU49;XG$kFu0o1pP43hXzV5Yd=Z)?s^%;@wRg+!^p z%n0F&nv@c=BA!PuA0siipUvZg*Tklf2I-uek9*X8f1RAZKH#mPEGshD#(C`|aOTmX zm@uC(_XtOZdL}pOP%wtnM@>r~JKM|#qVDH+(ZGM5p`%uNutp1W>CzVVp!}bxh(|>@LUk<+fh+lcnVANY1 z%QLK^GX4DiAL9pl51GvrGCm!It&Agb;u?rDxK~qv7NM%liIrqjZlHcb$Ri)2K+fS6 z*MzWx0(v>Zm3_n2ETudK3AP7TWchXkj2ZB=i#bcwh!m&kC&wy`!4is8x!rLn)kH93 zwmZcdy?U(ZT-FlVmG)zngF3Gn=O_!#{?U7ne9!V-^AOi=oe?!Ec}7VCyqzUR5rqEL zKWk?JLHMea1dhZAxx|i9N8tV@tfWPV`3dYFaIS3nWcSOGvMfU2MmeymS3iMKR;fW0 zXn9f+pR#YAw@5RN%nE;Bys)tueaF2+T0MxA5*vltF`h>^sYQJC(!4B{o8nx>-e3VS zy(@lqF`tzK&vAQofGX{3)UvQBH{jGn?4;+=N;SF+W-1W#IZm^4W!y5BoX32BKqI`I zqi*Oe>iAVrwT_3Kc;s8_`ALijMT3emIE6!GB!XGA!sujT*%$DMZN=);r@@aGUwEH- zzDZkj5t4Y%3G-;vi$_&mUQqI5=KQF4+&V2HG;AzHCf0At;-L z#A9iMJ(lY*OCVbDI?{*?M^s$*2!HkTZLxTR`~mx1f>dq1qZMe+#{+c1g`kQpF}v7k z(D%{S`FLv^ZC#Nl<_S&~TLbXbq6rb`l==x5d@2VS3ukN>hR%2t|9V5oEt(PxwmaIp zR}ePMIwIC!W@}{axaT`1XgZtBbD;R1{DYOsY&tQ%tb)am~vNLJg~2AIXxk^zMAzOTc{R zmMtx?j>w>kp!2Z;uB2=xfbJHh&U?t3icwIaOmEKq>9|nC8FZPS2Ob32_}fzC9>a}j zXOJR4d4t88TOp`Ke_g1WCp+(mC?g4Q3DP%=Y7CC+HX zbk=aym_1W*K=~=YJ8OvBRvFv(S%uR0s^_tQ+(OkV~Nz6x{);A+2nbIgKF{>SRg?7Fyo~e>N^Cj|nsSl$azD zm2lZoS-`J%zS;G5c1NR8+XBL1BYd~E<+D9@ub&#=J(urb zXK68OYnQ$23(JabO(C3TO9rX{du)J?u|L;kw6-Rl&BF!yW`rgSNrX-q^kUbWP-!qh z-%r|tJFf~QU+p<1YgYL6*E_o}N8aw}o7X!pcN>?O>S+!leD^UGB>8A2v9={Q1L$6H zJ>Yw;`B`!vla_!*rA5}oJE>%0(_$;cfUeT+)22P95WaPfvE-xLvulL+qir#bdrFAK zf#^>t-tiHCh5H*rJ_OFQ)+XyZxG9LBh?Be|u5;P#&xp8P7 z1t}pup*QL<($&!vgC{AdLd({$qcPv7pmY~rjW5s32I`6R%Fx+*m#L^q_ zvUM9i-U_Uhh5sDTAM*&``JDCT?9NKnT2HoWe54|qVGca)Ww$^xdP5jktP=3Cv()N< zp)^)h64cX~Nk*oh(XMa$pp9{YBccw%VuUB%>a*SF&#Yo4!tC{cC$k}_&D2jX#xt!( z*&XWggWbVgM&WZbO_{G9@lT5V;bfM=Ju4Mx23(Ulf;G7{P%@zmsN51r(2y`0E|5%8 z=G%l3pnx)3`3h$4jlOx+^N`NEeEhRnjdC3*`Qxgj`NvMuEC>r8mMYx-Vd(OYtI*{i zTj}y6f&X_+luzQDy_1V~+{fVsPvj+LZ6WZ=Yfx7^;~ysrbai+Es*m?a7f2>}I;Fl& z@(TeufKaNskZrK4EFYk}(Oe6j=RdYdf&s+n>69iyLMVWz1N6Q6v5h9gWN0ve*v>9; zCq&*7!q87Uquo8^p;x1CzWL_o0Ys$fRqw^_>sMc^iZ4f_(a%NXpz+P#fW{wTb|2O3 zK0;!_W<2Q=tX;$VjL_NK(49BFzIonRZpmt!C~qQ-XU_3Tm`tcucABU#W(f{1FOZM@ zIT@fg)eHAq&b9z{d8%s@gSpx`6=*_2ers}vYdw6OAi4Xs_jUUL1&hGcR0ozq&is#3 z&vtD)_UoRKWXqObVyo7z-0uAsf7iX;;!|0}T=iRh^=FOAg}oQc5kQ9>dWi(_ISYg_ zhe-(5`R(-TJ0qz3MlYRKNNVmvlePyw|+0~j{+|o!aB!E(1HTh zWv|im?CyCxqt#dE#rlraQD0rpZnH*UiS@ZUy!f6nlc#pMbtzOW(c=&zxPtsaBLWT? zNj%4l1g_iz8!aIbrpzwW_a|o`e>^z3`nYR6QZif9Er|Y=D3QQiU+L4BusT)jORtg* zx3ZYhk3UW+`)Km+uJgL7$NpN=>b)f-#v#2S7YU#AzGymYs^56kbZyI_SQk{>lHyqf z;;Gz5DU&pW%s<43m|vx=1?s3w_%*3BV%za{8dTUt8Bdc826XMW84Yi4GF_lI)AkdtIAg<~Qek5p=h7vQvQxPsY z7MVuGa~jjJ?(&$50TD9c3qY&@-QomPjXK={YcS~;jYi(i-ZINCZ$D1-#Mei`_j<1W z*K4>VGb?y?dr4BUJPkMXGR=eJ`nF5`k-(R$lhb2QaY5OdgZ~=2Eo9@l&9$a@O7zB$ z6E3;WLv%yQtx5J$yAJa9BlOiJ@Bp!T$BqWU!@?vU#I1BAsI~ zM>_j>Q;tLC+3 zc0vPpR1ZMu)G)eN`TmxO4J*Br+Pk5FPJYOxb0UpnE%zDAwz^ff=^hNOxcgZZ11*iV zey?uX7dxZZyWY-d@9USZmtWwuD%ABDdhB5s^Sze$COXA;r#L?3DeEiwe>ipObS|Q? z(1>uX;EY`xwg~I|V>yIxA}|JwaQx9%tvBq$k+=J5cV};}+l_1m@av}g?XCN95jWBJ z7Awx0h`u!Q!)ac{&Dt}YB}6DVzz0Lo3@1++nEL|Ik`|^N|U}U;D^(4 z#nKiseu7FkHyO3T9>B(tkc0&;8)Oz)A9x|ATJF>9ylwpo4U-9;&PH7gZior-rNRdc zj>9}4#yP51!t)wUNpGUT%~X5@&FaV4Oly5+jlBfAd#q+h(ie!_ALE2D`9nG*7kEaF z$TYzX>VTq0&Q()oXVqrbN%{&SC-{CDnCb9;L`FqW!3nGFN(59cxphdP$k5VD4Pvy=v87)3*Xkm?m|LB4Xn zdf6vHJ{X=!<1ncAvuX1$)Q-gs9|JONSYPw)ZxIe|sA%#~Z2t=Gw=LMycnw;EJvt&m zA8+D1^f9#^{JFsi<*86y5D_{}KvoO=V3FZZfC3M)ge}w|!gm+E&ON!fh^M+(gOlhd z4;+D}J<<-9ESfi~| z1!B*MKnJx<=s!2KQKRSX7&LL)=)EAxV5`zylXI)CR`Wr%(=g3iOsx+(Ukx|!6#|wQ zqBc!Iubf?~ZllA4i+`v?ry3Rg@DgEBY5@xL2>w(*d>)W@PE1qxS%0{=r)O$)bxcx7 z#sPnTnPr&8zt-NbHXIOT?mk?Hd#c)TsUV&Sjk*lwVNQ&(i-b(+U0s^f;^Nm-DYKqg z*s&N26mpzuR`SEC0gK^K6i0G$p?!o`U3xB#sJI@}U&xypFXv)p^>JR*h7$!Zdyx6n z`Y9s6unB|og)$XoG+*#E3-L4B&SJOVI1U#Db4Wcj-FlWn$Xd+aL~0=UercWm>f}q0 zp(!eXwgR=W+B>lRTr@;1I3MT13N#q8KiBx~#HbtCIA*R~uyq{INkkGHZh;)JWrnha zo|(}-Ut{0_=d3c3ehWwDSHup+<25^~i3n#?sQK0e*;a(^6GP&BT(c0yWj#Y+lSPHi zGFMI~k_51AZNVg}SSE#MUKXNE3VTn)Oh>e z&LWF7GbiZ7X=eAiOf2Af9F4hDVti7Y*c!9N`Lu46v`^YwLSPv?1IR*mNB9oK@J4bJ z;{`018Y-epNX+~iim6yO%obpw7ujg^MaQgPNWu|MkhhaF%S2`YMY0|z1bI8#2G+UB zJh_1=UXW`Ie6^v14xg&)+U==oSu<-VduLt<=3)xxZ!v<5pEwE7hf}NLhVXb)K(xDU zb%chT&5VqiC^p8&G4>VRR7|Q4p_!{ktK>lk+ucY1=h;91_HXa`-=97EY2jV5{jx2>j9n!ZhA^Uf z?e)}GNtH-|1_ayGlv>GaPn3#DjIXO^&cjTMo=H(5$2c%hEKw)FkNkoQFv`q1R^&oft$J6Q%~ z$a%afr>V2=+ng-sk{3&i7=!BP1}mT5HoT9<-X5uVD&DYPd#f zn_xj+?LlH~!qkBoK#oo`{)1HVOCqG1^~%RXz4=GY(Ax9dXW92_65U%dL)Ch`1ow7C zZy-NxpBY}dHSAQ2)6>~zvms`)UY*y<^3nHXx3cohYhfC#TMDC+Rw*G9-*X$7v_|KjnUkyRA z|G4Y0xirPHnR0#gc7zeMT~yT>gLhr+@zcmfY^-29}*HRx0#oYaM1$$-hw+Z%jqpRlD zubWX(UW$2u1PQ^vD>rP8xea36RAM$)6&IxC!R z((-T8@^8}e-!CnH-5!R-{EEA> zV;ixEYDK$p7lSy_^d zA^A=tK#hF&>#x0}n`s(`s)CYle*4X9L9%+GYzcu2q3f@Ok{9<;dpGx%%n}}wO9EES zIHp?p-VE3$mU26A&A_;|J~*mTZ9NgGj#9Dz#53I*efoh9VPlr=S#@P{AQxLY%Z9UM z#ZV>J>6QnVBqWMg&E!2*?sIR1Kk2hF{qI5d?bAvBU+$IY|BF{IcQ^F^F`m`w|AP|# zL=(dMQT_W9^E4ztEiEZG+Ne5B=#%`))s)iNuIO(cb3#e~jl#k^eI6`Xe3xwFh^8FgvI9 z67pI`kV}2`mmg~-K4-{*joEU~(XSvc7No-b-7s?ySwZMstJs=-xz~^;oJ%1S99OK0 zs^hv&CjUfpXX-Tm8um4zSu`pl7K<=%}?9K;Q%yjXS=-6-38K!w5FZwYEQ zIS+bD0F~y7G_ePQ0eYKab=$D=sdlyxKtJv^lP`UEtte9&#+o{JHjjhHUm}=lM*6uS z_B#O8XNA!h4xi5on@pB!{&KG~WYxhzn2Rr*VwOhvnU+zHL7S4tA^wuly*kv-3A5h? z1+9$qo)F7=85m_7kE(s!pJ2uR@UU57OiR(E<@L)CZB67V6@KsP<#k&Kxv<%2m;bcS z^7>zam(%`s+y9JSRP?{QuQ&SNM|n#Af1bwMtl^f0Udam+H}}o44Gn-~7+djhmb2;h!bwe<~qBop(zn zbIz}e86?`ygpT{a(d&x;_p7~~4gG(Vr{LfnL{z9h6EdShCiP7FslkIEH5wecSg>aH zy%po?yuy8wNXw|GK~tujTzc{i#O3_xTS091~LJo+lxghuk4w%)(FTY5;?R2OQ>oEE3{Gw6 z(~`JVxg=`DuUags-ZA|VP^tEkZ-Y*K(aE_$TNkyeT+IDp(5!SXy1}x(2VyIFH6MA9 z+UO5}JndMstp2CJ{!fr_D(H-nz@tK>BhN7@dK*@wXneH~47og!53i#$f1(N0>6h zfN4r=tdFc^(TOF$>);S8WPJ;Wu%DRRny7Aeu>PNWC;T~|{`B8QuU!5Hxa0nJ@5OGJ z|9ka%bN~A|&+_-bA2K|6_#5CZoZH+1|3TCNW}zSX7T5{MySWJ7Ad+=)T&x?RGT-Ar z3St%9L^l}rh{gsD81~1x&)e7=tcGCswKymv*2d`I&y7fHr&JrugAIb!`15w$@}L}754)BIp6btG z+Ok2NR@CVd0G-^M)mnq=$?pwE+T^;=eXH{OdHUb~m2af`n}Brs|BuS~pI*G!+t`0R z%G2h`zuvpN68?OCAAV~hq7(5sHWX^O=5EtKVgTv)!BgHQgM8>=+kW0PhaiY~BE|lb z|DS5IW$aK4{o8u~=gsVH68`<^pI-Doz$D^KkR|Q@?9)O2UyWXr>Hp4)(T4s%%2Q16 z9*f-0;|LagOzsiNrS2GD5nV$%Kc7c2XN1Xpq#JZH{N<^n;Ju`(CB}ob9va1C0Mr4+ zq`Rxks&-zb8La07d8JPfyT#2cO384;QWoLWrqnR0%Cy!qv9I;Sin*js0%4M5lkpHv zX3o?+uk)#5`~sv>jzoT~Ajr z@ds+X6tpXSy*q#N@!j!<<992-EabCy|0)0FP%$wa?L^^C|1pUvyu*h*%`Uh7Q{~zDi?>G zNpdGUTg)iYxLC2VgBu>E5jlkbUoMS^)Em7ShDpkXcM?xRA_gJ%uN|=H+0$5mEqpAt zL8L!4xKgQZ-g|1*oR0~?!8r>TPR8=qc86*YgrwTOd2dWRyLt$iuxM(w()TnG@<%G? zKX4(>vJU3@*DX)33k_sgJl1(I3g}+`=xm{o3JGG={}%4{QDkUrxq;U8cM8^>SO~=l z<$x3+7DAiLi-nLRg0so<6Dp~X!zUK^%F*%G9Ai&Cl7~f&omyZ5y0(3E#>f7g1ZkMB z{xw`>Ws@ZFuQ!8%6&n=j2o=185$^Rq{`6420H3dMs{J;C^ z5>T5)qkDUwAkOl5h9F9(_G3DnCHZ%fIdvz7nQ5s&d-XLXn$qcMHG$Bv4$DBnkVr zCauBn(!7KF>vlEE!9U(#9)CQ1cXE7o_3@;lW~r(tv@`2lvZzr}0NdK!V$N%=g?k3XD`*GI(~oBe{OetA4Te}8#+{PFbQ?BLDu<;UZ*ql@#Cv-Lrt zPY+)*Kn~s?ogAMXu8&mo>ER0k$koB+o8zmG*(K3!;cromnY|IWCd#5{30g(eti7#$Meg#@6Hd7KAs#MpIs@^t%&#< zX5XvvF9Hk~=STUL?4Eg#i&QIF53+0GN~e#0>shO?$O3w_UxW6jyQX{5?w%g&qIAc3 zU3*dbYE;tn7xfUCAz{Aqnbdy)oqV&m_u@%;AGr3MPFo1Y376dG;Xb-Lyl8H;G;-aj z(G;iwt<>VE(xO#O^lCC8IG{_fj;gg-!{W4GOt&K3dTy#)yLgbR>l>WFb(|*BVkr4F zVWP5#S~ur}=WrLS^A1`@@$mX<;T17<=mzbnc4ZMC}Z^ttjqc7l8#o(u3|Yiy%ov8ED(zB-kexMf0O#{ROtrm92Fw?)Mx#{^jV|6lHIDKjZc$Zlk9Lh(-`NA*qt_zH|R^dHY^h>&fT?Wme0T|aU zPp(6bgMlqLOa<9TPZhuOG%LHhC3)Q^# z7R8FHwc}t${=pgP+Xx9}->pByIu#F%IUHKm4<+>fLnc=Uq0bYdn!h1TG4Gjn zueL)wp0k`%J<*5INuhW))6Cp^{Q|*fT>oDC-*Sbsgr~9RC&4=Nf4$myJsOqcKaEDO zHv9iE9#C>kbA(O;^*@3oLEdk_mGtS9+)2V9xLYMH%wZ}dkE~keh)h9*sZ9t|KqoP% zG2mY%uS;W~y%iI?V8IJ{UAA21dPov)Mi?++laz*m$(WY8gp39|+9#xjDAp6Wr%%@z zpTy_P4o2$?Wr8J{E%uR#4h3%w50`7F%K;NnHE1Hr11G{*%xCK`(-aaBEg2Ru=dgx) zE(Pli5Sw$gKt9`QU`T|r;E;fDIsO$9j^T`7))-xNB2gmN+v>M>ROrFQVVdBujNlsn zl+Dr*C#8>15E4FDr%oYm$W0-zB@P0r?ZPe+$|Ok+6?315Q2cMfnU+omCI*LMTA_;g z>F>|}7ep`n_S>yXf`i4@^Pf$rC+=FpH!I`7F(_nW-KJLQg4~cKzjM@`jEgVV(N99K z$ee|;spPNL(MLptz?qPsJ2@@9tMp>RweH}U?v8d9i>nQRgg+-yc89`a!VWG@KD-zg zUMn$3_z4ALzio#I6mxh={e%lXm4nNykN{uy zp&Fq#dgYCF@&*P9O2|V8m#66c<;gx8igc0f1U)t6?p_P{55fRh(c~>XUB=6 z7LpdFIp?e?NLoc;D0mspDNu(D5lGI7-7zFEAVz$Og*Um zphJ=fB<4H~14Bk6N{G*AjQ*0fCXnRN4e&z}!7gMt)Vk?ygjs+hyg&(2?V^-9E!^mn z6`k^gzycb3k^SLtM&%&mU85*vR4%kMPbaD5i5LdthJ-^wXC6-cIh6!>(xEyLV6Y5U zV-N*jWh=K;0A2+%^#c^H1^g!Vi52A(2iZD%JY^Dj&oYrKww3!^u@}IM;e@`vlp`QV?BAA1d1=D~PV<1n8398YEvf$`BMA zpewa3Y7M87FeoHc1+4d2Q{}grHVREriKs*YCxUHlNi@edMD3jk8EjQX8sWQlgv}Hs z{-&&4K`5fke%+~jY=F0VLhfq<*#Vh%wj2P))~d`8=-B|BNaSb8r&6Q7wxG3VH^ou^Ix*_ciMGuu3jsn1u@lcafVyMY$^wtbXkFLqIkQQBso`yo?T$!WBB{I z1_$E^WMwfx2WCWo)8Q>%2xN36!M0&D0Yz_V7$S3i-w#i%Xxj@0R^-*=zMWHl4vVPx z0-LBoWWoxB8Ryd+R2mU;>TX&9whD|?DEtv(=;PT~Q=f0YMOR5`DHu%S4$W}%`D9~qMR~2+xt;>2QNIzc9iCbH& zps6W-D(It%pVY`2S;HEBE&qs<1TRY8Xw4Lg?9oZk$QrM}|88WF<~cvMEW&z7%N>I9 z3ca?mtHr(@SqMf@TE@JgngO&k#c&=fzMHa{qE!vVqcWUQB^Z_4mZsn}!|8xY>-PQq zi;PVKy3{>XhwcrPz8|X94yW=`GoX%DmXJIF8`-Hkp7g79QcAv*ordVw-!?ZAf0!Ey zv-YcBOpJ8{R{5@wxX{6%a7~6b_ZXXdjLkj9pYR@|BrPpNG(L`F;`da7{)hRr_zuq= zgN3-ry8|3!C}lheNTT)|0S%6jSj<6C%?O@mYg3`99Z#I;fOaB)nBd{UVaF#6drIe) z3)@QW<+lobRU^|h4AGPZBvcZ3!c!I?nb6oVjHrrNEey=&dT9lbZZ)B(r4~=ajAL3!}}2 z(dNQvb76$O=nJDSLpZ3v&REAy#B%I-&Kz6Dy#4ZG$-9eo9vv;gr+0v-1`xkD!kFyEw_;Z0=3|!1pE-BJsUlIgUu25Fc(j9O_!2rvvm}kk)Gy#kLb1 zY;GYow-B3Kh>bTz2A$u#y8Cl*3y)&n--GHK-noh98do>(+>Leh#=82?s&4*MTUWP{1kJI3cBS=( z-fXP1HwydKS#A{e8-@KwVZTw>Zxr?$h5Zs;ZWQ)QRQl2s_Diz!RaN{Kt?}QOdvDCW z{~-4%`H6#lpTv>`XXOk7PjyCHn>GM`I>H+I>E|c9XA)!?4b)4Uve^6WxBKS*XvzOF zn3FJ~GsY8gzdpM1KfQcW%KxeXnI|LIYluh0dSk|Yd-T)ozs55n z22Z}y9GjtK0*N^ZLo^HdMCZDuY_^RO5*ii~%enI&v*5{BhQZ_vJ&O}ErFV)qRIK#> z|M>u&vv2`SR;-7Fl-v+fMg~s?N8^v`Z)k%3>oi7F8WQp3uLE%#Kl$rmg0G+abs!`4H&5v7$zT7k zCtsltIH5ch=;Y{FJQ!qq zr(^%W+? zkK%r3Jjoal4>{YwIiIuKZ>W&`$G)!Q{mDkH`GYLwPn@@N|7<@+k&s3N1*uU#3Cet; z<9r&nzAyvi8YE=;FI!wSB_xjGg7v{c$?_n;l2ol59I;MUyUJg*+eNr(_zEqQM&90v zfncG54~2J)b`vJ8AzIN?!Va^b7-uqB{C`r&gv`OgJcziL5YcNNxFrtgb79n2@POVq zA6@={Yxx6u=u>4e1e&2EZ)pU|jh?vUEdWUwY<46SbB-K-=Pfbr#O#A&4&0$yRf2Tr zE8HrD;M7#O`$8~>%F^1lcBUrG&3Kdl6CgZfljo(bQsz8i;s#Mru(iO1NQ8cS4&Spxjvw?SSYhc&0&S3Q&t> z?5eQ@JS4pp!v?A04l34Dh{;15RYPh9fP*ck5>ya?IyvYA7a6Gv&X9J8f@6RutS&Nv zI4Lo?L;)1tN%>`|kmI_+ZbP%%8pBM~8ImMWd6b)91|3{iNGkvj~3f>AIEMgal<0ssL2|6hIWUjUR00PYTid;kCd diff --git a/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.15.tgz b/bootstrap/helm/cluster-api-provider-azure/charts/cluster-api-provider-azure-0.1.15.tgz new file mode 100644 index 0000000000000000000000000000000000000000..cc409c4c393f76472ce610774563278a6087b03e GIT binary patch literal 78882 zcmZ77bx<2&qXzl_A-G#`cbDR>!M#9ffuJo=+=>(n?(VL|tx()uiWVr);_mKT`kn9G zIrrv|&CKp>W_EV>-8awgS;`1xe89iY3p0Qf3en;+gQ)VWd=YwM%KMhfT>H(ZciKYy z>TlojtLoWWL+#AJ=xExDK`d-P0}h|;Qj`X@W+HVBYqCP6Fd>-_f$bJ%P z6gUtG+c#6ABN+-~W-{Xl8mwHzYZ zNEu-`>U3D*GOe-q9ee)i;=!BTWglS1YWb7+%%02rrSWqbZL2ZVZH|&)&=5jET*L!x^qYvY)jUy1@`k>| zo2M5FAdWc*T~g+yGy7-t#na2(T=NUoIb38LL#j3|F!mY9r7z{_ye0@R>#@)?6PQSm z;2_)Kc-Iw!w(66+c~QW$E=Upf@W6ga6MkDjg(%^CHR~ve9UFp$zfu6GS~cAE2Qcy0 z0pS82nNj^;crhs?aC=@55M#x7Fa-oKOX64p_)QS)r>Ci*p?LQm8x^AaH0LS~jiDN= zGAu9IlZdClbP0(8PRE)S$K#UY!|ALKOe~SIvw>{Xq`4UDirTti#|#nuWgWY zNB0y!VNjX5ZXdl7G!^A6mSs0>%1^=pc zW)zziuntKK<@DQIt9Vu(?zCbpdfHR(AXl4XXc1H+0J(j4{tBvR({--MN4S`ei{Amc zhf?0++vO=xr*tC7n;TcyCy_bUe{N}MVf&=5Ra5xEHz?u_wYx3>bKRDXaaqoVtQhw5 zuj%8V7}OmfQuCs<6_#foXckhox87r z@0hU4wZ_9)^-xZqD&+sPc|OI&*c-Rs4IVA&Q5wHkZ7)7Fr)ZMEi!*~3`0A1>x3IyamFM&L4U~5Ry0h?Aa_whdzs8_it z2DQnVStsl=JD;9RS;JCC1!RF*pF}r7eF)uhqRE}-qPS3c^sXV&A3#lP_e|59(K*hf zsv8I+1>GhSt?WyJo$*aRGyDQgcIp}9MLH)XPCT`51L}zX3IsQ0g=n| zYh?6k!Ryn2Z^z*9%czL&dv4F(m`=<`C@^OVoY>15!1OTD@@}HM&g}Lyz>;02%mW6P zgzCw|f3e*uG_VEHm{h)<0JZ_c-eaGM4D40)!-&TR--Ur$bDA{$Ek~Z4Y$wJ$zt20K zo3a($oIT(N!=0LJ`+SPY5jpDUp57~o$gLQx8m4zHcRURm`##_9Q2Kto+NM1D z)8_NCw^H(QKUi)o{$wS5k#JcP_G_u{Z^-pYhIr+=#Nr3-?me-lx&7SY$Dea^7w;e4 zU45cog73_Ky^M1lV_(~oSx|ED$0ATVI5@|R9W;4V&MxH}MI5Smtm!9dJ8P}mGAw4r@Y$zJ)?-R`a0cedHt#W1Ab8J5>vbg^?Qadaec z#fT4omdfEbZ(-n(@Z>9=v9t>Kgv&Ua7XZU8$04x{f}=%&8|*(gAriHj7^2KWl1O1*`SSO znU>IqN~)9>q|k2?6o8vwLYAMEEMrQUz*E}yBXZWYV>anu*97HU z=rMe(D~i-P^&4&(FMsq&56pyVTV=6U8vmgIe<7JkM3W;}QyI{H<`^L_eQ~dQ!NNZi zKYY1lv463e8LfY!Tz8hemXMkkJnBp*i1n4v<9rrXo2gd3>r?IgHC?|~ec#adGJI|f z5;fdkg(?*>5)+pyADnq|h`EWf1c5I*|YJmF z0(9}bnO)LW&FCKTS#p8n2j|VhCdK#5W-J7z%x=3m2{W?O(trqQvC7b1uh1{eGw(e9 z(!%bMcSOIFN$m~mcy&AWD)%=L#QaLm!ej7h9<^8yWyo1ftbhM&qJGeJu;l7CN9DJx z>N8)|OMUt1XwT!x=rh)tQ2e8McokfNL>`G9ZCN@=H7P?znWGTLkYJt|x>xX> zSEDQ#xGMlLu!s|;EaqghG{(&cq7@0@#N5_*&p1z6J>`UAhL$6dN|D z<*_kjWnnmi;lV+o+oQ{{_uU&Q$}7%TH(Puz8ecML0JbwkCLD~-fA@Hw(xi#sWa z^sUn%V=aRs25laF{wW;LpNus|R-QOpsVI@18$FI?pe<>R zC*MZcA#Uo9?RBYn>;-i|W{Q?ZQZEGpOR*o)eb2yI)A&f(URZ3t2b!&c6)io@1=fuKt{Ys9@D^?Uf*BkTia)eC}h-rNEL;GaQI94mOWXkA+a3Q|}qt2ZEyqOb3y-z*T~#q~nINbbqDkkk&6 zN+)L&<`Ftnf;}17#ug3JqaLM3Eu5jV#iz8vW@A9IIJg6P_!Jwlt#~#Fk*y+UuAy-~ zfPz3QB9SxE)6`nZ7#U155l2tIDKlU35DMwvj-soA)BbrzAUuy4(IIO+ZtRX|LWIzQ zH>^Pf1ZO|J!UH^}K&F2rM5-QR7jG42Y77^pU7?Yitn z4XsTwPpAutFA1%m{m${s)1$D})o9Tam8txfRDWB6X*udhMx%c_6I-~nhaCGPuoyAbq&LY^H1L%P^1~=Gsi?kJX}8ww zLke{^Svkw%aS?_NQe$;6sht-L6uvWXi6PifIW|}_a^f5f$7&5{p7M;D|Lj12t6Wuh z7+a^JM45rC-BCv0#O{RcPcDXPBlwwm)~vfofh&SP@H0JMj|JMEoX}azu|;H`;}DS}bGExH43K*J~}T z*qYiXwh0LP`I+K4mVa=$YN5Wgqsp=6JVsqu6c@@JTVFX+;An-7S`!!3W3nhmhP;zC z37--UvqL*#)oG>&4=aE8@Ok!6M$?urs7Ood_LXb!R5$NpwN&M8)D zxM?WHhf+2%p`rg8uG9BGhCa&&3qDpLaMIIgbz(7K006m@w6hW{-5+grhasFinLna6 z->L?XyjS|8X*yy9OLPawegWIAaw{oslxrDzrghUb-g(2;mD0-M=Nh|A0&q8urchWc z%9J#g-~&-uHZPIszi*W(>AVZ;Ht*kk!Wpq1)lI5szzrM@_kF#9%GvdF>!y`1Im-P2 zzHsni9UiA4(qpg2w(a3GK8P49XGf>juMxLCD`L`LtPXGp0p~xkAtE64Yi4LD%eR?(*i1u%M;WMY{26_u%*% zS)aCF*P+0&dR^*HmAL1A0(SV#JnUQXAluMhJU3_=RhhJZH;_QUPu0q9Mf}JKSXUX$pGf(DyRJngzu7OMjrZu;(&$xclLLT*-q-eVO zQ0uujt8m;Oi1&{|Q>!A$Rz0Gh49HGXQ>(_FNxFBDElL;4k_{id^$jpwlIQGfbw@{r z;PhI#-yBMP0(scR=MP`Zpx1b1f@;F2)Oy~SqEDd)=8n7mRvdn|SWGJlFpGceD6!q= zv?SiQtaP)zbZ)n5Z9(cNb|NZf=`*_&A8GVnK{%AksSYx4)MLVOE2}2vXGQ#d`kRU- z+MCWsgePu$p$r$=u|P$GNAIWZaLPnx7bU z{nRTOLqWCT!o7>hD+~q#?Oy>?^>6aLW$UW9o3c)A{!r@N4<{32OOC|oZWgKV4>vy+ zNd=8Ecd-HSO*y^>E)>Mb6fLSa{-)bb7eGq7^1(NObi*S`@2CJwQp~N?Cp|hrrA|R0oL{*D!6#kXNu}t2Q2#`; z;{TD5kpDz*TNbNdyNs=+JkcZ~Kb&;_mb(4CP6l$C>eI`?v9>1KeOOjwCT)UZMKI0E zDinGcy_9#bJ9xF#;V9i*_BC9KK=Js`iLrN<0ZS;`jmJkEcKAB59m=xN;hRtn?aNqG zveOO+?MOH5%G%Ms){72VI8oDz{lhoNeE&9@+i>-LK4eHeq?*1B%0n!-3&ECIalkBu zV;}_@p7%@!=ti){H0@a3+F)BX9!k**&1xCqy?2W%OZ)yKtNCpPAcm-j_?cugjonK_ z5wk(_7jnvnLThuw$`0x8(XQCJP{J=R8;qRQn>%7b=b=(V*1AHg*R^WPmyH$`ctmIo z=Ws{}s{V%~2Hz`qimnru5Gva9buC1b{p{|EbiCe8BS?RW^!Hc`+Yt7BNn}-HOawaM z%(!O)*i5KMFSbSt2|ir~Q$4l@;#^a2Pb6IoQW6E6D*V82z)hQPc<6CN9al5Fn^ob> zF{=4^roQXw=FA;d-l|Kx%lf9wtqOy9hxj3OB?1N(-VZp=cy#^~l6kVkk71fg+WSc@biyG~Qpol9nii zV5BNLXQ}#i+4_@__P96f23fq1Bw}#*VKHdK11=zy)q)Ayw-$LHpKfaK=@F8ZBl(eK z_4cOZH)~WfKL;s%M~7p!VpcZ_a&Kgvjv*t(qRO!qmF&fyw|IN@L>&u(R2sM>8Gwir z^xt?@0)WavW<|T~x7pN`(Z`F#qxWpWpKPvw)@`GvUg;HEr}vx`{H1h-CxS@l>BneHWCWnEmS}V zM4!3tlAPez$Zs&eAdNsdutFq?8MK71TF>Qq_PsK~Wa8ET0# z$%na;`cIKk$s@zGk-D}nN6aBq!x%WYL*WzDQjCZhm?(S}SYX`LnKo5we-OgV>mm?N z2Hu&ghM8{C#6*;C(t*nyVuFeMHVBw9L-Z63tP4O00@fWnzpezg!E?(Zb@S`vr(C{|XDo#eB z@XTKg-uEQPE7NtgnvpOYo7V~cmGxR zgil+2GKTB9mg~*$(TB;0VOQrm6k4MeCENRRC*d=kR^IxU-L0)zg4tBk`9-4@`YqB% z)b_T_<8sI0a{70cV3@5c`Vkl}U5zPPZi%_Gq}nlUJS>Lj55PXEraLLephf26Us(#q z!S6|66AJ8&3}RA^;GooJ2zQ)=@A*RN@E4;7I93^)$B4bLq)pJ|<5*u?mFe{+fmq6- zuvvKWCP@2oS=MfXMJ|K#ENK9V@+_+KPa{qzIs${jqZS*w!1|3pijDl^-DSTE2d&Q$ ziI8@U2X|I0;&dR@dcTVu4N|PdBdj|%I}^%qQjl;UaaJ(zHu319(U3N)F25MK`BjBw zIe1gul08Pzn5#b8O44d_Q<%c5t(yd#>WFl($_0~Hpk-roK%Qadl@X%K`U7Z&Yj1IO z%FU{ZD)M*n?A^Q1MBcABppbv*)|O)UZojho*O;di6B8l&dB;Tq&7&`ck>)iYG}_ad zv@KJkeoMc_z9qj61AY)tPH9Gr76ud^kKd!vc8_#GhQIfr!sx1!9Yc3vSW!4xDZCJC zDcrxgr~1MLk6LzU8i->mES-rS8Ghinbau{=0RE{tp=3cb)9<#?PL*+Fa2UyX_ITQ!YESVIfehTFqM zEKjMau*X{c^ya(>-3op|f>dsM_p(W6kBb?+=!z!kOjN1ct_v!&MN-dknzFL|DcZ6+ zC_fd;xOpn(kZVr}`KXK9L_w+|ES02lzs9LFu3TX@b2)Vj0W-O4qtI5#7cTViNjFR9biyeD=riav z%q8JcaOd6`czKC}+APjjBy6F>EP@q+o_p$(#I`8<`E$59RJtgBLc=pDDJv;M+YSOY z*3?hx_4uQ`e(@#A_s3QVDLTuagO~LxJU4t1vtI8>gYd+4~xp-pAG3fRxJm?kchnS=Amr+~A_vC#>kpP|qq&&E7tx(a1pdMp~Vm}nm(q!1)E zKM$~aXe%J`NWF~M?{X51DOK3j-$9#$8$M;btlflp!eUgj)ybVaQxnCD8#H2&>t=uM zv2*K4zaY0|J6o3;k6o@JkXt#G`id^@<6PxXSi@Dw+$-z=r!*XRj@ijA!b^Si7q>-- zjs6OtqhHV6DYAnC129>$Y<#)1)UnqNK0+f|6DKqnsK7)CP*s#i`Qul zwTIlJ91S1_=r8atkeQ09we*|RPT2)K&$zq z!Dn5%5D~IAHui~_C_@$X;myMDg@ zfO?gbo7uNP>T+Gzjlr2Orz69G`Ez9_+-y~wz)3uTKD#klbS+8_oZ#1tCKykYos~=? zd4$A*zRI(E;^P^V5ftobt2UTZyBw7#J8AYYNY0=@e>k3kT+-<1jF@+pIWSByjJuq6m<@=L0cNtMLn`EBF8lvLPSQ z9}Avb$V?5Z{aurqlQBlMBbkuEFlD-SXih5~siw}4V0n5s{O8PU4roD}c~90FZ4q8) z56M!f6=z`1$m3gJvp50NnWop_@DJ=TlTy2+hK+Qrng3O>AZWPv|LH+(%8U+ja#9;= zs$D7K7J{aQjIQz~2Xi~6YbT#ln0Dk3ai$Gsmu2J+gQ#d(ON#f?KPtvFe;TixGk%so z^1hlKI+_eO8|9l2M2WL{e-gis{Jr|N5rj|&j368H>8bLOiN_v;4t*(b ziWnY^P4bW@jr7(vKql(ZGixW$m$4`V{4lB`p^|d~2WY(V>FxCeq4mbRFu+065Mrf* zK9zHcJ3Dx~nUE)OKy${6>lKxL4^6vDO{*#nSQ{%G%}5k+&T{JI5dSdr8Le~mw4z$K zk)E>Gav3i9u-;Yuhy7T!$i00tt7 z4E+=QmlwXSLW3xm{KEYYhr2}=v*Vl_xy0`3R0T<<(~gK`8283$#wM-Dl{wf`eFR=7 z!|@_&6srL;mg`(`=pO`%N0(u7zlNB6@;JtZb=o+^aXZv0Ko@&1;#m>K(g7IcjI@d^ z%)``))%(kO2ZqV&1}7uY*OM>G$XMn8C2Mg*zeWg`4ZKTw;3A-Xx*lif+cT#4AGEE+ zY-YFb-{ID4Vbv`I2HKX9Yp16DIUS?Ch0ng6$`$V|dV>7M@Kis-N$=t#}ydXYw zTfZiGef$#enyyOIK2QDPrvIdfa|9nyQGkAU8P)C`ZNd0MlwS4`xvU+jxdWrh)Pf4Hr)YLJ;dNEv0Gnt=XdNsI8k&Qj>3a)bmo0e6bC=6-N=JEy)Ic<>sD+j537@67b4}_0IfqUQ(7+hB{h{Q{V#JKNG)7ao&NQ)-H9~ zMbd6lU#k(8*6m@Wc;=m-s!d9M}<9sOZpVshER$yHc52nuH3NcQ*l-S+XPrWfPqvL$W;pmUbg zD?+BkRwqAZpKZBpTkc`P2c|sqQVm{xGoupM=bE=J7#_T>=pJFYR|rlkKq@CSVTRnx z5B*q!zTqFUEFL-I{uoe36uFRC!ZH}v?V>9L2_AiS6@YCMueWu|mDbEOIOvBGX#_A; zrzjw!W|$$~LMG-apF)#9RJ2Q^?K6*lU5ijG>?sv0MjYb=Tc#bM#qP65ME-jPN;1`@ z?N?EhQKJ++$FKcw;^ru!)*O$~>UE-kQ`WH4Tm?4!|O~&Sl^T?WiX#x|l-C4RxeyXsZ z^%&;s!##yf(MVFD`k!bIr3#g9BFBJ;5j)u7;OTKf$k`jaBWh0EA$5^?gC%CQ}-YLB!h{Gen8(z~)wCS_p$1$VUveRO8?b44{$F zlI$IvVrztK zAm7;zjbiLV$7K)!Mz+Kl8E^^Goe8npg@uTU$yCqBO4Y31MsCvR_GU=C z)b$>rPT8yw!8h8X4FkFkO<&NFK_8Cnagq7iZ#WSGyRV)t{J?hIzF4_6mi@l8T<9Ek z_VU9fHqTxmk?axAytmvf`x1f4QYlXvz!24gXI_1-@23(7f&OowGk|{N$}g-s_NGU^ z1b}>!YG1E>LFi&^FF&bFZ?9e$pwJbNABpWHC_FB|TMG%!hr$~#G`7R$8I!0C!FTc|Q#8CeWzOh!%a+)A69&sJp({Bol zE&EH~F{9+OgkUKi+>8N#HFp!LUEQ2GjQ}7B?&?=jgtd{H)tOnrLHX;qT`*fjXQRBN z;#u$&ALy5+xq&$Gk+O6|>9T94>deE;jPRI8tl@~AlEEq!v;=`r$@r54Y17;ZS_J#e zwRC`gXf=vlry_CsZ%uu;cLHA=7w7l=0adIsJ*%tU5!x6<>6@Lnu7lr&Rkox=r?w%pyD4WkY*&zXHtE`E=lL&7?FDA;D2m_i$li)LP__NClUk;!}_MK*Ke)eWrFVjl%{wO)j>dHhiEzB-8U2Rp&M(W8uAC6WhIb6XX|?=&-9OB|U-h!9Sx{{&~F14H$&*A=-Wh z$V`3jA3?PWlo%)0pFeCZaOtdIqxri~B7(JQB>i`FRa|N@_?$1ig(6v4$VfxW(xF%| z698Dj2m&!7V<$O^1IX+wP@p4MCU`-j$V0NFq=N4u4zXK{G;~y`l#Vrr=hTu8{IzpZ9qsSS;IT@#J$ZuuV(UOTYd zn)RSd6wOJ#D{oF^W}bY8y=j3fHidU_r?EC-PuzlzmY>bNu;Wp=c%5iS#9I+p(48fs0-g&Gz*>z=U1*isyBnP6ETv%&n>QhYgO z{8SfP<=TQdZmqsu_8JPt$VxbJ5PMxQURR`bNY>CE?Vc8DrVQPOdq8xMVv5#ks#;58 zfaPkTGNnf?>)tdnL7=-mAG~F0q4G&ht>9jdp#J3v!a-6bK35t;W?p^=Is*7=3usc% zk;&yTE#s!j=`n?ZmG)=uKy1eyqpRzEKocgejD?36EQFr~5#7z1>li_ey@Sm9AWDfnA&bhD@mxgAKk?-H5Vkca#8l z@LQVz0uY(YxycgZ1dsM^Sy4IsQvEMDN8Aum*x6tHyKOWCv2luBsEa+rE|bytTme6Fl5B12!ozf0mM!^@yG z8roYhU%h%J`-ap@!m_nit>NTr#k}kB(8_GPyZQu6OLdj4PQR|tT{(hp89Gz#(* zUEwCh-FgJ}#D8M`*Agdyc71JU5ak2l=W7!@SDF0(Qw0B+-Rbc>cewA#pYhXjp0lbW zePZWgaZ7Kaq0`b{;{O)G7inGw;zkg0jPb(1CP=!UbeM6_{5-ZIaz}m;n6N=iiJ|i& zA|3KS<+q=vxZjEhtRa#Wcgfa482unGMP=l%{$qmDSB1|7rmHbu5k1DW^D$qV_B?;*7dDLlz*gR6f__s?_Z5AUyyujMJ1 zjrjCfaEjPM)Y1FZUzUQ=3S1?0sW7;%Q-(VdNnuUiZ?iB9DD|bR>m#=ghT{u-05Z=M zr3CW!`rFogKM$!NlW>=UdE3n@OfUNVl^ZY^YQaS(aG2$-1@Vr1NWu$zhGYS^JA?1z zl>AHOgG69=d>%pYGmx85>h~WI-_^_L!NL32;%Y~B*24=nW&4X)>^X3hIAuLc=ZB`V zhF^k#0L|WEe!8K-c+^FaZb;4HOy0|k7fcTiE!nH&(s;`GrI) zI+;eF=Kyavb-(20AyqNN08zKH&e$%g>8Q@@vOYNj*A#74}AhXy;`LKC-W_phsnI*Y52k ztQl<(4vbgDxOEW-?s+}aIUXi;h2{nDojm1_hv1OfA9E~$Ldin8`Zf;mJzND<)6FZd zscX5;z_6WyEZtQL@w#1{pz}rM_iW)ZpIWHWt>??9!uZBWpMe_kchk*3j8^ltB}9!} z>?Zua!9|KwYnU1q&zuz3Ym8S7y%#s>`MGlCa2N1pYOmGco=w1Tii9J{e(pD6R)P;s zf=wvm$FK)OUkB!Is~R56&@J>-r!F>_o$`FaL^1D`OU%k5q7BV(i?Bg)$9IrStxNB; zHbRrO`K=gquH?ZT{lKV1B=Y=<-cBZWZ>i;%p)fJ6GR-*UAAw#_kC0Q1Z=?4^Z>sgA8$f z#>17)GvBVv`x~e^giVP-Soc0h6m02)(rPQzM>ZWx14?M!#6W~kL7@qMbBP|27WVyE zw_+(Q>Y0mMnk`ct#Ie;)xE%mgv=60Po9>&!cLSoNM@J!{q<0{pwkZn2NZv&XQquJ z-2Jr|*k0_MIjK7iLI}zqK?=iunAHu!?w=wA({C4kI%LutvT?e!@=P>_-`3u1X@ADx4!UG1AKPj(qE${wCVq+tD+LI4)67yV0!Ybdx!>=1|e?QO{3a{9N+STzT~On;*lp-+=< zSGIX%(<076+BZT94S_8Wr$Eq8+%%wHP_|^umwaJa^j(xpUb#x_03k`R7K|8afi;Ue zU3E@zsBBYdw|{Ilj_S}7g}13o3n_B8-9Vz6PJfYztvOjAKECgaCk8j`JP(?G;WVI# zpti0|PN7_qV?1(%Smu{Uyqn@==ua1x3yLaCKb~arsfSwL7lrwN6lvMu;h?5kyW$HRROj z6;#{Q)Kb3sisgdDv#&UV_w^NLzOqHqd7~4`zv2v+JdWu?Pon8o4Pi0X?1Bw+dsvrK zj5rFTN$ zAn9849s+dJUtjSkI!MG4Dc#G=4B@S(;^vQ?>)z6k(U0j8>h2yzB4hI(R9wvLJ{0-l zDfPJAcU#ER5>68^Hn(pd6<+4PA55ux*5LuU6K8(zpB zW25y{s|*#zP)*oBZ~Z&Sy>Dp6V+o{>j#B)LS#<2x6Y^HhRA3-7+16PNNhE?kk5m%p zlqhLK@!8W?yFlrh!d7pmNKCTKXy4aixXzx4P9-~ovHbjszQZ-h|n(+Ug`P_(n{$oWAo zu3o^fHyw85@5YQ3zM%iHiz%%gS;>;MJ&_t9-~&zGb$BM*9v5rCHQ{{Ht+SE-9zUsZ zuL|>KqNgnXD${ct-ctq~yy$Q$_*w2fz%H{At8r%ZA`p?)aIrv4AqFcbGGRtj7{tud z##CuV7NVLrt zI6J$2_3ToSV7^lVlK&>y$5H>~DeJn+vk#twJMeqfj7hDVQY{NiaJ2u1sfFa0?g>ls z>CoPO-ur4vh?Pmt^M&zyRJIm|bmTq6)k7%LeU{df?G?^_}FzXofgAOEE=# z#-NniEu{+B1_u|HDO@byR*^+>okvRT7cSSZ$gQSJeIbhnF`=!3-i#rNwMkIphxYxQ5VU?7D0l2JLN&m0Ze1w1gCp7_MQLJ{=d#_UCd;mHo zi)j`kcl{r!nb7;M)G#6blN!qj$ArWcGK+1y=1*9GuTs+}`YJVY(%D}!sA~U5YT*A# z4e>aYAj<)mNaa;(K69ri9f*&= z#KQEDpY3qo#KvYLupfh_B=Ygcq}FfvC7d3?yh$wPvs_BegkH^v-)aDfX3!#LiTGgE z+p8!_tsTt@DxC1Q<$sXse4H3OfvvN+Gd$Z}p}-bJ%JsIu6q4X<8a&{1 zG2M%A2@*w0@8v@Qvodm%N}0M5))Vsvs+(P7QjczPlj6)BP`R=3ruh`?i)LQ&r7T7k zcQf#M4aU;fr$r5MOJpsE=J$?ST}LsIGV+yA&fx_NMBv)QaV7RTOMjhMZ08oPPE#0L z#mfkWI+gKe{4dpa$XO@+Ki9$Q+ z8Nx_|gv!qoID~5hz)Y1S2($MAo`D;h#TyG3?6|}wUf>Y^>mStw{14SEkFC2)&8U7F zNPndoUYUPXAfx_y8l&K~SE`Bfd!?Fy1lTQj?UibHSwMA+ zb8}H7LRM%AI3fQE$gx$hmivCq;xbJ$rlt6q0d*dckF!~GVVK)L_mi^8fBQ7pdjre5 zdM9bsC6H@B_kHV%q%LWMXF>S#{fVj%x2X{hEMt%qDAXtxxMOQ|@BBF|7Z;cxC_L58 z=5MsOh>zdki$rFq$+7q=ThK1)zmBaH4a#>#?kh6wVDj^e-G_h#9;3Mc6OA7bLp#>6L#$jHGSUa0CG?0q^w>Yam|vmP`>kT1!)@g|Aq{{|&K)YqJNj z;$1P%8TW%~!}!8IzCiKN@{j#rrA(}U+t@6O@#zkK7dwIg0DMo_y%>|PvbU|^q+k;k z?$a8y(4>X{#VDq+o3#AX>EU{60hVv1DQ`F$7M zBd6Pt4}GA2`dW>2)iSxd?|6)!1N&l~*7U4x|4d^<49s19=@P7ZrngPs9j&7O8WX+yetg)H= zFV?tT!vY}Lm--H`Si{ftKUm`&(qsjQqn6;&c*PnL@GI7Mn18CUnT>tL8j{EVgEdkO zn@lkvGQ^I`?*GA>NRlY_sak;K#)96PPcdrSXb2;Zgs^8i~@xw*p$5iB0|RRO4H2qww#Q~z;6qtYpNHjlk6c}-h91R*3bNQ73<%NsQwfqkPU&!r zf3O&<8GbUw3y1jyc*!K3F~7qtqm`B$sf+rp&X7udEfavg0;el0Qg=e*-Z_EH#8|tJaU|XJaMAWU;7bJNY!R zprEj^mZrFZxiJsIk@WU^I#QIpw>fx9s0j)83^ggXhyLCc7n8VWqgy)qC;=qxIaPkv zE95dFlRc3)Z!^TE?Ail#=Ug08h8qk%1dEy|g!Y1g>?{Og-q-l}l~ zVnOhdSgcf!N*AI{#c$gr^g#T@(~TTk4_Jy#EKZKuf=mJp>t048MuM zBr+`AMNk8e{%|o;Kv;_eGdl_D05QN;f*x^U!(M_qc=WNEpbjm=?wex8+6K8g98)6MM(hJ>9fJ22b9Ru*lG5>DTsvD1W2>gZ;9MpEwedLD@JIbixB;L9hA@ zhEgyv2&lI%U5E2>I*T8hU6u86I&(90S^Tv%2ug}KEWt6b?jpu2RbphYzTXtUa_XlF9<0uMjE+i37$?WTqH{cB%!We^8C$pZjEul|gLJQ98lD(AFCHHL1(QWMvTAamKT zL3@4Y%Jx4W9dl`sikWB>MvO}y%qu)YekAJ8@@y9v?g93o&({#?*5(DOOlB)s1k>I1qw@tY40S61fOfIO+Q632lQg&_B{_tLE+nUFQp0nRt zhOWLH*s7XFhaQVv+EfS&;N3-GK=6t~x}lH@m#sg)rB%J7@n+h##$sf#HKF_v(5k3- ztk|kA$Gj7r;JC3ZLkn1z5s%*AgId-T!tHrdv7jtxfD4Y3kS z_fdc$1q&32uEj(@+dxBC<(DI=qQ=__r$d3dHS)Q!|1ETN&1cBjm7fPs)1qwRLHX#9p_s{!9L%xQQAfmvwO{gFd zUyum<{UW2RmXV;Nly#dBGDvD<#2FFm6Cv5V)A}(W#X3fUjuOVL!p2bfjB%$iPCt9W z2?eXtT{hDz0T=ZgcpiyN!9x&svxHgly*(sK$~T;MePsX^S*|UG0b2xQ5!c=yB(zFK z3J<*nXQ)8t5zGO?ruOSJfhMi)1mLr6i>*M~01Q@8jJ_sgoiYsNYC>Z*KgD*~iXCkEru^HYr;%&*3RgWb86@9RN^PTRMmWt6yK^kbdY4`VpZ#cq%s&7 z50XkDF>H|32RtkblA54mI7n&)&5%J--|(?2NGb)=5(P&6+*0^xm5dZLdJE1_fsCyI z9SAV8suO^XYKN`h=_MIcik(9wWBS03mC2Y=>=;kRl;URKWK18Bu`L#$@vIa3FtVY4$mLddf8 zOdWg-=4a}lGgyMAN7UGpp=k>kvo}&5e!J>zf_27p8M z3^0-ht@{WzLCZR()9Lj2)s_5zI-TbKpFW?z_-b}_J)6yEv+EaEUrpzi^V!u`&a~&Y z%TL5OpkGb*t}EZTk$krO@J3j+JB0lk=QhqQZy*Q4)4fSeLK}N_;WzI19zclTXAZF(wB5V!n2X4>)MmVn7$=*L@i6=bE)hoZDDMg*62pnP z2rnsMoJJm(4ubmK{X9`MTsRKEm~h<<@F3+$-xW+C{7>ldi3cW2N;Wm_)3YyMTJ`c} z6a<1-(ZB!rW8#7EH)Y-MY9cCss@oM|NLCQLchLeaA{6+Fsr%HdPTiO8JYyAw11T%_ zcu;8Zjq~J*UM79;EaCFT$qG$zUH*>ps%AH_do?p@lRbiyRw^HuQ^4Ws@y3abo%}T( z9um*E=sL?^!S@mN19;=SUj5s@r9bDqYR$9WLz5N$cUK==^TU-Oc+$dDEXDXCadovn z6Sc@AcJrz&>kpF27)C z!y0*Ohp!RKFzYN}K-6tP;`2{N@CT_5H!(Ref)g43j}qelh;EUHNysu2vgtxfybi{x zy1z+qsnx?c;1P2@f>p!V-~RpU|DSY2{_WqMeuTh(eEQAb<5HPQ1a3dXXKw2)P){8F(N1;fb4TyqWGcBW zd$dy}0ZFeS-ID(?`(rD@*>0f580UlVU7fes4++A&2zkjuJRr%kNl|xA7|-yOBhsCx zPiO-jKT?soFbE!Wq|YF}l4Y@{*7VTiJwcOku*pK;Rf;XelMlH1Ax==Fwo{m&HQa#2 z#F7x=S0CQ}Lk4gJA zSMgK9n=0k_!c~H*^4MNNKW)+7r2c=+KCg&tX9 z^jk`e31cd%kzPG_qz%R(aPEck_pJl4?`*)ML!qGSL|CJ6ulz&jCqkhZqR5T2<~(FK z&z`LiPrN~oY&H=_{PCHDB3eY8Q1;A+_b_%L&3I(El*LjDX*I)yK*TUK8TgXD1 zY$Al$PRzOopD(QBq&-M{!wQ|~UG6r7UIzX?WQYp5auI)!Wu~;7AzI$~WCu*Wj89-y zcS|Z4tHF?mmojms>Ry?u^36>UfonXR~A!0aO9+HXPJN54ApVmu?mBN2 zC(=|%X3E>{q@Y?558*O!t8x*vs*S@d{9_Eh-AuexM?VolhV5npTNqAH$o`+yb~2U zfHC4B*@GVtUn@JWyu1eb?L?zK9Mp7$3YMP=_O^XlI;+x-$9DhS2SK*90jYvr=j~^( z2?G&!{l6dGqM0mVwVj%@!rdG87{Xl3;>HMi8qfcMDB~Xh<&VFJpw~42!bKF`Pg4sf zg16=}k72bP(|IfP49W@uO2K1Ixq4IMv=v6P7$%OEw5h74wpr{hYB3gk4;b>=nZ4MC z3ln~O7YXaL9laE!ID$0eBjxP=YkGuKg?iws)HvRJM%}4c8W;9bA zJ!Q#|<;aZZx2YNN9l(TxE>yS?!CX=0ogidbWJa5}jIO=>Q%*Fx3rUwv{`stIlN?Q|O~QP`2|ejU@~)5QyG z>8K{3PM%OZ$2Be6#=0b*z8%@*(@m7>)6%gmZOVZh+?4fh>eXJ_y}^AtzI(K*ts|U# z+Bn2o*=EN$`LuSBvoACatjVW&?8?$@Da7{TYjC8qwYL&OyC$`6PP?YGXhzE>gcRKa zo=%;0aTGt~Ue&ye05O>Xj;W{f1We^Xw+S!6Iq=p=_O9hf-#z<~W3|%lj?1O>%F>6?;YllE`bNzx*yq?sFGApxh+3sUe{WLl#k;PjG-r63z9+@ zLZ8KRIlc&K6%WCqh;1>E)6d*N+~G8W&chnwjP8NILD=yLWTLRM2KUebo+n~qPU2eh ziqko23O9srql-?N@w{~FbL87k+Yz}KQ|5rLO^Ef5iMWDyA6}^_rDg0n+}QRaQAQ zO>fEYEea+p`W?OK9suni*Vepe6Ktv(vFR0v11Y0I{mH`6jLFKO5A4*mT_R8EM!b8| zAyUmq<%jt7e5ZT!HTx#flB`00U&zz5{O!7voTXG=rSu;QooBm3NC?g0q-`|bF-hR; z716eipqx%ol(VDd*74R}UOP0uXeZvi*|BNGj`r?N!GkH}?FMggyeukSM!I8LKW2z% ztprZIX4MG+W7|~`Ic7La1dA)APJd$IxH*0j zNyhmau3YCm@!_}0YGAp*_nTVs^>cu6+lgP__DOc@TtnG-C6kGH6G|cuKY>L@Ato6>v&eut>lT96ca{`FUwrCun z+N$|ua_T_+r&QJQ-FSU?AcBcx#qm}q@=yaAe`LkfVlJ??!(7SRHiwMM_}Y!F?(q%q z+9u8%efi9*ARrIBOe((ea{0E0HI%Djl0L{OST2z#H76>8zC)Ckad(!Cj|`sSa+TF5jJ0qJNDOK!`~cy3R)^ zIPv0T$Fr-c7SlD9>5L=Si0<8h(jK)B3Ec9hW7(YA*eP5ut=0(&eOjj$|DfOnf0gN#w+fB zB*6b31OR)GK9!qvp31B{hP+tk5K{l34mj9P^pZ#}B-KSMS4_C8DZ>8?F3nvU^C5m&H3&zWg&Z7J2bxV)7rL6heC|4Lfwxuwi=A3EW0OchEr}5W zK*EsgC^rhI{YoB`nHGf80uG^a3zJN&h|!wH95Ai?0xk)K&Kj-O+vl$HGxlIQ+{?}@ z(>j8`ZftBdsRsoT9?i%Q^d)(2N)8 zJo)5>Prh}Y{Nl_1-gz7Gzv$(E>ZyBw^6HWv*|NX*?aK<*TNi%%r?v}_I`=X)M(?Du zTQ$6A6_)r8>DYg?ZiDkK-f66MFCx5>PLS$p8CRUbf+J2ST8VKRs@<@?89^nB-QADd z?fY7rVhNAf;pnnrF0+@vUHQZvX;r$_k}^>+F=nmP)Gf2xU8azB%^N%Io4Q;6*ioxl z+pMH&xt+N{y$i&$$3F<`vt8b{0b#Pgxf$NAH936RP|kMkvh?pZ_i8Sq6q{$~ed;i( znQLtsAc;4R=Jp~q$g}&(zZ|EPEB}(!0)4FfOBQ0a0_kzA-zYhR$^aMbXVg-WHJ03- zz}U>>QB1$JVR#n{y7w-^iJW_@eB3C)+5$BX<#zZF@wpG`khGugA*IMK>s;9d{jY1@ ztvHn;yRtPtRYA^acxpo;Q3QO59_+4cGY;yN?71kHP>(i?|Y1X-rqd ziQpcfKpMOznzv*F6SflLSXxxlm8Y`MWNnN(DIx^I+Y?QV&-no%+Pvqc>>Sk zF+OA|KD35Gk3t?t&TD{u*J%QP)QogZ({-9L6;yEoNkXh-&quw{UjXm!=jF1(0OU5$ z%A$&2E#)P+5M(A~nE*9`(yj+WWO|pVmn@e}$0O7)9xbEzChkv7lT4pjP?MAW?a1l}7IRF2z|L0$SpM3N0Uw{3#>Ez|#|MlztapfO>`sUxi z`91mauit$0_1Ay<^G`o~`tbJe=$qgFhNI1$`u6+Re}ixT-jc{S-~9Xku4E}QS|H3P zgicf|ZsZc>4$}U=NVM)O>mg+Q5pr7VKQ_y1E1(>CQ2?kszD$fv+coZQSFRIid7HE%VW5+oLh7+=RjJWYyy`6C zcUe3l!+VIiTCu-^oF&J@DO#BkBdskq#mWyT8Q>iFIfNe1kA*A5*U`fD$mW@b3o#g$ z4wKIo0a-lrufMzY=F`jB%lY-<@}>83e*JuYbvd0c=kw)v-(5e4^Ox}Qdj2fDTcro! zsuQXIA=)pS@2<$d{5ZdM{tCswDF*O}!TQFjtVZzYET9KO>19CF;Hp;pZBLkz4ncf| zk4kN82mf+;gHd}qgi#Hov;AN@}(VuDsl7x(xu%%OX4G764p7>bB?7$@l$~ zk9J2JwAsc{PXGJJyQ@2mLa(JwlE1E&zf!~-W5s=|`hOp8o2qCSoz$o87?myED!x6! z@k)Jm9JSP^QXQ?-e%49FXAhmU%4Rgp1DDSI<~IarhEX23TSKpDT5Xc7lS&~}TUf68 zY*#c+9kwf+Zr$p@hFoFWu6(I0Q~O48++4g7t!0z-rJL?ZB_p z?ZEBc@e#XgNgacbtw~F|S^jT55Wriw+q>vD*iz1MMg#?jKenu`g>7m|)zv2ITIS)( zQy% zG3^_O`M2p}r1%8)Tk*u*0F0K9aW|$0Df`>}@2>M7ggQ_iF7<74^hA2zexhrn4v28l zcaz1JzzK;TGp)`K=ip8b8X#Vt7@#|N<2*^P#86d#5lH^yiSxBu!}LVm3M4B`51r7x z{cXi+Lp4RK6{KS172Wk7V*ZUosNf$HtuT&*hwV|2c}D&=|N9f?>ukFmgnjtgnX7}k z5fg3vCQjh7N6f)zLDO3k2CjkYE+VXZ*S|L-o{5$L>pcSHvsHppKlI-6F*cX2@#JKoRyAQMS`9<5T+AEYJv{SFF4H+|es0|3? zr6z!rP2tGo>LaCU>W`Pswz%%${kCMA>mHOt9h2{T!9$4D?KVGt-_G4hN+)Tu;!Kwo z$g17r+1aUGXYd!myMx&OKqZ^RE4+TsF;eJ2!;V#u~&vK^z&j;9lspGT5m zH4$%?SLfYQ%~U0h$G7pGDz#=j-oFwA!d;dTz7Io)ec>JuT%;%0KN&a#xkY+*NeLFw z&$|yb(rjD`m=WcFq$Kr&7&GllYAqb_XJVSG&Ay`z!s(eHt)`1wr1;arz}ihfwV~K} z0f_nxe%f-EMW-E3TJE%twEZc|yPlZU+X>6vPr2%Jy7KXyt-QmrMBUC+9{g10&MoS8 zqH_E5lslZJ+}puK?e}>0vNqe?X-949Y^<+UUCqMPM&#Eds#|YZG3u(<^3IIfcuJO; zvA1}zWJ@2c-9FAXbLn-*s&qY0CFhhipQh3RmdFp_C$xbi;_vWJ2uHlmYUi@4#aDA` z;p%ZJ{!gzz$Qrc+&xTOK-dB}1-0Gw6gZc9>#j{ni-r?<^e`&gTt(KYkAtZak@b{Ui zfeMC1nLRjaFbw*9XR;^1RV?_r^u;b=VR~XguID7%34F9vSp>DJUkg6flKo_5q|Az{ zedqGrzI3+f>tvoPc>G54AU9jdxF>&D!Z|1{aC#0(&p~PV=Ny!lHT4{no`cdBY@dVD zb5QD>gVKDVb5NRo&OzxpD78B%#l-IxjK0sjP#=T};#INdISed{_8bPD!@$zdISedo z>NyNNhk-5FK8JzlFwi-Nf%!t`Ffjd`!@zSGXm=PG`;Bkj-~KnjHCNV_U4W*&l=1a` zBRIDgEPLnioAaQOs1H2U&lKO{)V+ zkWar4hk&9w%-OYM`)K&XG18=-RA(AgRnZ6857FF&d*8+j|E{bi2ODekhLBkI~l+BW<;H- z9B;3Dmz;pr&S}U-D3yfr$))({|Ma*m9jmqNOwV)4Um(7Uw>`%W zUhn*G0FFTLDhw&P2Q6+^%CzFA%*$F^PhiWJK2L1+N$0tyotDvsZQfFsy64#d44ZANM{mXCHdKo%zr2lDEe{5+;6cPx9Y*pr!{<3%2!BA&f?HQVRa@+sj)>& z-p4-%%Nq0kBf@v_6(X;<*xpS=<+L7u^| zQYbvVC`LC-IlO@#n${~o);P(eY%)-JfBS>;b@{#1-;5eNxjVFv8a`XK%6qRniQ-m&Gj~m7Jky>? zg32NyD#!|_ajvYTGh4}5aji#&r(Ia;8gYOQSLeq|$mNY{SdiH(jbbs6qc4CtQ%ae%f_DLcxU>A9OdnnmXPZ(3Y1ecW(wqxMh~K(2O_Rw-ckM z5zH+`antL;^)g3%M|jWj?r^VnmC*B7d*>B!Ja>F|6;pBt_b&2D-qr4TO01mp+=N+| zb5Bs3DTL*osBeW>3MXVZPu{7=%E~3Xt$HwOaXl?dCyewV{Px+H(raXZ6Jhjg1e0w} z@)T=5pPX}l`e;H(5fN4F(2Ni9tEwsSI_adN%%-ZVTuom-cb&JuTPrxlj;NaPNZPL! zf(YZDu;V()6#^6rAHjn%zo8CsQI!(vL;9^sXNb|4#vCxMyt)F_S)klx%u2b4m`oIuf_rx3$*9 zvK^`G(0)DGL>ESz(urHqqHK$$Q}P;{*i^Ml{I<#xx1W01^%nb<4csL!>!`Ju%`1m| zAE`6WK6Hq*I{+zrlZ~(}+a+8Z5XwXjSTzFp=(d~1^FrO1wB6=j%w=<8bDJFEp3dcJ z%iD-Lhc3S=zE*}^SG480tX$ES%$u8D(UvSYY5~SWuU&{WWU$w?opnlu)KD(w@c1XF zni=hG3-`Jua3bfXDjqh9tVvj1#Z<#;H@V#7symG{M&K_P^7?IN$_T{wLRQ});k4@e zZMJ%~+31yHXP6ydjaI0`xgvGl%jB-!yxz?0>#a|EwBG8KW3I)XuNJ(85Q?X50rnv- zUbgH!c@)bM!-wE8UeD?mn3q`y_!%*I&t~pv&A{F5d>GMRW0vKBt*r#X+uGv=A9)rz zk!{+p|In`jeahN(@>t3(hxsL;4}khH%k3S|?DqT$B3kP;xqQf8EE#KYyK2mqq>NGpkQ&jVZgzV}*BZ#RDnKXAfXZczlSP z5Lmt<5KsvGM`sPhAe`)BHVlN;$sr{TF|4%N{F7U(slS>!7C3W{<1R+CLv*Pesm8@c zCA@2ICf;T0SE~JAgEr(IQU>>PA3jzP+0A{Z_N{82i?jQ1b|22}!`Xc}yAKw)5AEhC zvM$EHvlY#GrIubnvpf9Q9zVNjTS1u6fvivl@Z1XpzdP zY(H4#tL1InPM=(~V4ZQmqnxU|?D$==bL%s!6oWHhmCy`t=_GfvI~>;@@}x&iJ6S~BD4 zzrPDr02~EjZBNJ&si<9Ds7KZthi-g zEK3)<@zCz1K4Vlhd%>1v zFvwO@Jj7GP8QfN|&;nB7k%*=&c|jFuB}IfbOqroRx{y*auk0cQgw<@`!*bmZno7N1x-vtX(4CjHMED1jx%x&+BA@}N8Sk# z0&CON21r(3-pd8_UPz^I1)KTdX5q^*Lm0AgB-8z1g`ZHdBx7HDY&u34UG&F=g{-uh zI2vVADKF?1N%$or&#x#?j8xbo)7&iNh?dlEf^MVwUg-#4Jx2GSjr#N2Pt~cFdB$GKl=3=tp|2)eerpRGg(pU<^iQG-mQs+G;Q?=nATd%gCdV4DoyrB?CPpG? z8E*Uwd2Mw4Wwo|ZiEZ0vQ53m3&9z?GrM8aZK()^Jv<-fGnA+b%=`Wv^zJFBwXBh*d zTIw9+3Ifr2c9v14vpmu{dcPZaoRO5zFErf1W#$%Z`%-VY7ldhDdkK{=X4{AEEdTkMXB_E9un&Ra)WMr16l>}nv8d-J!^2-S62AiU%8 zw{P*SoY=Q&HF;j%KW27e?OSn(V(Y)m(SQ&w&d2Tyo7>^D5Isxf3-Bz~7cAW!ljowQ z9ds>Z3z`{SKc;afQw@8B;vrM#=-U6pU<4 zCX5}C3#}LGXn#LpG!x^Lo2@Bl8V(X_#l%FcIXSm3nDUcDtK5CMgvoGQaN4+VLvL-&L z-^K3x90W}XUl!JqU@SJ5BbkNx?sY^1)|;iXPzsPj2E?r;xeXP)q|-}7E_VsC6#M!q z$+LtoVf53O{Etypk^bkomS;?9JLTZrJ<>BRh`LyfK*dQv!AL8k%42Tw!~woNQKUYUy7260M9!KmmTCWk%;L{3f6J z`Sww;`c05{>x9F zMudr&jBake+I;@tAFB?I=z@>j3Ll|zr&+p4j534Do-K)TPcKJN7LS)SO}hIyI5;@? z`sq{n|G~jQ<^PYLJUux4>hS5a!^6jihtK}{^s9r%PoEw<`HCDo1OsxVY4+8@t^2AD z?ho=Yo0-qZ_&peY#!(iV{{Wot=;r1TU2wbij|g3G_E9qdl3;xKH#O#R|LX7&N)rS_ zc1praHsb;W$)l8M>NGr1r%26m;!KUpH{!9oaD5zMS4NZx=fQ6US;R6u!WYHNP{V~0 zp`(b7W|>Tn$o8jCWPHXFMim=_00h^Ao16VlpB!Q}*=pVc<5`|0hUhIaCO0>uh%SB` z!HFg2BhxuvJPIqwXwJm=GM}<(&XX94x^fJ>Iv9U5e*B1#gicxFhJc+%I$0U97tz%p z_8pZ+6*B@-U0>(waLP12JRKz2 z%vE*1JR(1_>4lV+@a;AJ+nrVsTsvPtL`rcaNA$Z~#0fhhFXrEV>%XoE&%(vDeT$j2 z1dVLt+m*&)v9v6ru>6ARizBj+jBqD=!Im>-?!o>TwZD(Z)nV{YH!Yw=SEsgaKZxQ; zj|{(M=I>Y|67V88^us5@V=KzxXLCFMv9ZW&u5?LTsNcgl`CQENgl4scOlK;RM&I$Q zj2{tl6|iPhveW_E@(Y>dsqkZ~HH4#jUm6sFJK-tJ&Dbo~aiC7(`Z+JYSkZi|9r2Wr z*ac51E+Xr!;LSu_H8Z$GixY}tSKqX)H1)^^NZj*znKq-$KPrAMmW*NQ1xx)kS}vG) zetP`=$)xmk%WJozwZ;|<_V{2bRWaf4tmPZ8zvu^NNb|${wxJeFm7~D$I~LmkdOl}t zkuk-DE?%XD%ZdXRL6)fi64>lYuvN?j|IN4N0oOs#(TMCVXoBw`=wOx7CCQj+m*gU7 z0iR07{VG9%;sFX^D&ZXnhUO%`*29`X|83a_G5O%l6}SJBbr4QTr=3?`$ld7 zu>uacaT@=NSMs-O?hz}uG}z=VTsAx0+7qFw#boi!bWhf2uO{aq=rUK9w?$D^u-UMP ziy5=1UEXihW6q-C5v+_VpQc!op*74&(vyjf3< z7Hbt*dUJ{`5?G$`bpS-|RWevlL-n5#0ygoCC`iY0{<1uBI}3i2l*P_Kr#zF0t}j1*3?bKs%1mu z3B36RmWY1Kj949`N5JxP!zn{0P87Twv`mWg8?9YOm079nyfr+t+eF;X5z^_m>DFcs z&TRR~vTs86ukzBbd!pHyS(dZWxjmNQ&z(2%kxs*WyReKh9?=zJg$p1*l%#Qx8sI{ki-y_Z0P7FM?& zwrY9a9jH+qLQhxQm67u>7`ZH}oTW9zvldxed=oIOvF~AV$In{`sH``b0RNJNnvhu> zmuzXh(uI9Ba)mRN*r{Wt6cn-=R11B5BW5mHC$e2>sD=Wo=i->n7dEv7D~4HsBHmfF zljF)Day=^x!mYk}+tw)(Htg#{AhHDy+)KMR?X2!6uB}SHFtPbm^hG;D6&TII0#%3&IB4ReD zV__9BGwiMk)T4l%`cW>ZQr9vA$n(f-8So8ew&B%*w4c|_&J?9_2>X0*AKJZ-Q*q7F zG8j`Z%rYYrE2W=3|1nse-&uy{h9lgkSO0%VHknmyq zwBC7R)lSXJ{u*VQwMALA`_OO0y_IiX6nk;6%Dp|C>9ShK?BSnec9}>T*V~9lBe?Hq zg@T$Q6*_84)DzaDw_vRx z^T}VIZTvqU;`6!vKm8)xxPNZkKR52559$7SZnqx%T<`wrinO|a`YnueU+ev;i@v(O zKkweT(T$^rbE6;4#}e`b)q=Os$4 zzlZ}Aac(exxTmEd2T&SHuUE>$5l)xEKH) zS3HvNUnZzer>bqxXsY&SB%Bt0~G!Fc^DGRtL|JN~Nu7jVrPRt)1r6 zgh$Zk)*b;vbzq@6A|vwRf(r@-j%=Ocn=LXTKd>yNqEsOG%9IHDII8KEjL5sm5Aup- zFz`~jl^?d6b3pc3b5p7S=b>?juFT7KMGeA4L>DSYg@PuDIYq?WdTqJv{LEGHxVcdi zhM)WNbBu$9W!r9dBU%+RwpvMS2jZoWCneknTZ>%CE*G-?VAz-!t=kQ%Y#oJ4J*l@{ z+;txNKADgj2hfle2`PP;WJuwscX~E5JZtBWG;QRT`IsBh6d_xCK(Ve;Js^#=wm8je z5$`G!s+5d4h!2Zg0WeJcRxla7ipe03lXa%Qf09ztKb}5c;kiD`buB?L}2c< z=>Q;Q^o+J6_0)aJCthQdm8o%%;oOx$S-vV4S7&F)1gynPhaR^!7hX%Z=t^U@0B^+& z^s|gE1qZI@3v)rDJ#*C8jPaz@OgTw{easdXGo89Z<_fOt9VV6lD`*-?me%26OeRbd zt}CcLK6OBxazSFr&?N>E61apD()JQ|tSXt}3QtCxUtJ+yUdv;DGuQiOq;Q{M$8Vk5 zQ`tbl1@XbxknQmJ^f_v#Lym*`6Dw${GSK5wr~k47;Bi%a^pYIr&b+jlEMOHbXr>(( zt^SBf4r-4D06-L%f2K3Qj`1}Ym)2qPMX`TwJE`@p2J`FG5L3{*u7^eMV1ci}|K4M% zIFF-KSCN;Odcq-Zkn^w%MPp^v(pwF6J^c(npcWm!99*x$tsiVN)lK|zNA0@Vgs$N4 zsixe!Pu56k7thDl>Sin+PYg4A#P_X!)>s<&S#yJim4|Ip{0u!q@UzZI60X6WIGQtl?*bLtTBqA^bbvyU;PXi z&9GGZ)lVjqbxe$BGGR65T4;{!u=$w00iWd%W_`C;H}!Ejb)OLtGVaHtk#k)d0aAO< zI`&26K1`%4w8*T%|B^+gG!btmKad@tYpi6?*}YTy+i)$)QFE3jLsYNYfkPYC3nDT4 zqK`52W6q$6Q8CMGXa!;@e+KJ5jkJd0JT-LQj?DE{S{ek@ zXGX+OJ+RW+CwVvzx0=H6PiuSN3Rd-)oH0XLWM6;}pB|9tf@Xu3_H75LxfpDyTp8rc zq8;aa5HwwRdmQ7tBdpV+%<(D7sF<@cc@8jn!nF()c@?P!X|g8(iSF!O$$2UhVU9%*LtA`aU~#PYEluj%xw&Z zQUMD@xR}aZ#CwKmGS~2j6V79@b&Nlw?0sv0e;`q7`yO1+k@-*)w~k?=HuVN|h!J3v zus{r7BOYhnY#i+X5bBnfQs_kC?Y_C3d&E}OlFK+@cBjY`4xkvZ66nY%!PjPc&+*5DD;LJO0|sSp!YAbI-%G|MLxT> zfxI!GyiW7QszV;pl-mS$b5QPZCzq}&8C$ui$c)d8-oem^{=tMV^5*tx z)ud=A7^~&{pGc7!YF{K(nDk-woVqor)&PqpR&YXfuw{0jL3f?kncJE~$#9n3&NNCo z)9Y71Ln8rJdRu2HucqTKJn<|ppBY8}ZMCLxymtlrPIMdR!%3xyiXqUR0_2U?hw)80 za72`Z37^fgFkts&)B3)L70MfZ58XTeL--y#SFS;8^~?6ys0pLJ2kM5uQF&JPu3<;= z=Xux~GN9WC@cxt2^HdqZ>sDv6-cv9D6SlQbl*l|jwUJyHX8!hyWf_m#gg`mM>P1T% z4e@4W-(MRSg?QPBHY2ftm;p2nwLy9^kBbb0*hT@(4j@AirD8k5PJ>(!)S=#VwmFfh z2h{NZRCPt6T?l>6JV+VX!4}jg!Dgs7w2&@%Q5icoDsmBHYy)5mB2CBAF|v|v7>KEc z?<+p{kP}=eO_O9F$yDTx)C}HS8pdG<>+oIs{B5G7YNWI7)c>44NCsnOneaiQQEY zS7|pII^=BD7umX>yKG$#FYP|;+fzSlP+d>2J}#tajoow~Dwc1141F}vKs6e6QZJ}B z7yTph|8{=<%kQJzzwhjPI2e8N%U^bW9>YKWb@%VPzq>#Fvb(#p^Wn#nAI?u-{la&D z{~+@8694*r=L387OV37jcmMvsI!P;?Zd~Y*%tkn>mJ}Psr*3xslbg|Q=H^SBn=_`f zUV3?dp7+!>GVtt6dDmU5mrh?+9L`+RaFYqrHozki`Ua+4SF{D|_e(R)qdcJ*U|xi& zRmSAid`yzSZ09=)voQIaQ_vNj_NFSC+PcbW80?A(jj3;m|Z_lE~2Tu;adHihppo=ki}(KYm7jVqvbB*1@51 zDp`6A!C4|vSwMfq0F}_Rr}D)@0@t_*A)&OC$q+tNYVLETa;EklKYi9^>mG8+jVicH zJr{PBM`ayiWnuTzB8F2>sH7rDVNFYvqf8XWNWuM^mu-74PPHnyZl<_*Gll$%Z z|2v)Z?Xu@-il3opYPr@R`@|P~zT)SWr!0ONr*F`*+05bRo5Mj?tG;d&wXPG@P>w*5 zL)P3L?e=|L9yvEjza)EA%4DwDuqxJcJ*<)s3S5J{b2?21)~i+JdevM29F7lt9LSo` zPkLC@D||#aL6q%*-690=^C*(J7`Ompt}X}mCg?(4$btQo$2W;+!Y1r?ZSddN!1=M3 zG60(%*!uuk+Se4^%Md)!zT0k8y;GDZL6>e@wr$(4UB)ikwr%dRZQHhO+qP}{*5BRd z+|%)%4>?9;jL0?Tx0c4u90vc~Fpc*Xrk!rQTMg9`R%I*o5Y!dQwLEW1l@q;UEB@G6 z1$v9H^?CB)R4toMEZ0J{VS9uA2s@H7fXocJKx1@_u z<0F>k3*Ol(Zq(`pAz~Hv)=>kGA#J!?*v^PBtS1m%y|Mm#t3v)M00vyuDrQ7ssGGlw zef6eA&r!P#kfb&4_``xBc%p_7O1~cGwzo&M(da3F_}j-qqZjvIA^;N<2OGLS1MDs_ zixRDJ>2s^z=4x4t9~;@Q)PkAw5}a%j)dYqoJ~G?gYd-?(naF4rK>SRKWRKad*Y&Sy z$YRzB3Vo(hXLZ(5#^(bEy2FPaX^0v2`ZIY}Zi|X7Y<~>&5p-KdyP9L`NU;ckSi6iw zp5-rO(r+Q#^D!ypyb(d9$hjmHAp$^MG@Alev& ztt*taaXm$qrepu|-;ah#iq@p431PIIbE#MF!}bsQ>rPfw9ch{V13%*aC!h#4Ds3(2llmsG4z*=c~R6~MqDf8H;N#cgxg10dgbQ4wzTr@pInP1O@Z@@ zCvg?l7r>A}PvPm-ZD#5I$#3+=!X6o-PH;_lWDa=--{au+_*+NlXkXW1J{m-#05hQ5 zqOaMbB^k9rv-s-P$w#X8ldx~JeKo92>pr`nG3nT1_fRTZ?Q|C>6l-^^@n7XkfxXwW z$MSINbf>DFoq}YX#v1Q_AoqFr=sY)sqN#E2)z;)|HZ&jX;YCqx{V$05DT~k zB^OW&h!{X7@C<$gw~VyhS_ID+1h*{a!3c(aVxWXywpZ#BZV&J&HUifz59}!*0oOGP z57;1V`}Uj1u8aWbu(1f>voHu?UBKD|s_@=Q1al3*cI!EVu?fI*yHEnt6(b60a<}Us z0rQzf0c(-av!f5mwpr-9Jm6TwRvwh=+gj`k>ToD(si%GU8^(i>#P6x-m`>4wyXF11_dg7(|?L5xDijcMhN}bR6Ml{9Rgwp=ftmnazEHP z#4JI7^#a(R@;y*NY1DHyHGEsaId<{9=L$VC4K1Ypeo>{u(ZiKb-4(d68aX4)cSzZ! zpzJpo0~H%e-Shk>-s8d67<7ZMQ>;{h8c{%*=_*&uNMdK?;ZVwCg(ZSke&A_%{3GT|>y!2~?whQMjSnn*yE zv}uQ6eni%cAh8(*a?U;v{xOFqEM;I)!RpzoO+}68g^FcBT<8wGgcc%oe~Eo~3aZK+ zE`XXedk`fxA(+?oW7t$Cie6J{+&L0M7M*x#3mGBFEid}mzGm{nc#i4dKuYCJ$^o)Y z2}Qx!?j$>%gW<5}#qDl&RzoNayYY6{w?VO%8O~nnWJ(wI^J(?Jh8JaAup86ooKfSm zB3o;vT-eSfS<2YXrUlnlzy01gyOy%_dm)XNPOEht-ZxU;yRxc2EZD?e)VwGIP71`x z!k%;*Y>k@_7fBZ`V_@%h)AW^jp8_nPE6$CSKF+DOSuK2QNE_RZ5XI_}YOpmcY|Re| zJ@K5I>+g#U)=(n?SlHNVLcT=I%N^Cij;++q(0~gWkO0&cj4YwQ)kxe$kUvaGK&wri zg?K;jAvBHag7$~#`Mj_Y$qbm<+ukf5+9G0P8royp~5qStEzmgPiz zk|}pR>g-(a)5`PqznGapN1X@J{MhQZZnHHh!*whrUv0q*vn!QkZD_MDebK)g%w`}V?U-kEMI<?IUH0BzAf4QxcH6eHS2Sz7OuhHIZ(+muH-}iu#=LJn;a<# zT~&JFqE6CIIIUi)k!U)DWW2iuc{AcClb~W8QsYg>zoo*V^j#7At~AYte>DL9Y#;kP zk$`a!BB-f?=6$HrEW`#H(-FvWG#~q^^OIQ$Jt7?En>O3TS@9UgG7_N+K&O^JZtI_C zO{?}<*v=NHEXXVtrtzDSN+tTk9cQP>EO2|Ua=`Z?wo)l%w03rYX23=eRCIL#a$H2l z?1>bhvTw*7DUN1Z8n#Wr@JnTMp&$J+;#*79Lr`h;dw;6uHza+QT8_k?toM8kz#Q9c zpIb1iChrd5{K&o-(B?Sj%R0;L8;KOQ3QsOGwx_vO4!0_cL0SvWs4YLGk`vV&->#bt zq64CR==8`jO_)5**~nsyPsjs}_94;i9umfdL~_=eP3y!XeD{9yW^Pk|DD4Oag%bqT zSrrxmmPP@$&U5~y*Ug=OZHVsiv*!I+3d(FdM)n6zOdtPGC7+$>!N>uI$jSkV4T|Mo ztJ0qUwFs6>g`#R>6~};btS|%YMa{h%i7uDFPL7H4)+}*RX?Kvxo@^+@M-f8Ai4`T$y4AdY*gvJ2)Snd|kjeL?goe_m?f@Ki@snjP!+jqfSlqNFz(p08ZJ-=q_ zMD*|ul3!3;>s>9_U3~yY!fRfwkH_@w8^+x=l5ht*YeEZjF^RNvO+gqRm;JHcG@9D9 z=B(>%%JYl7PXjH|zGiqC1;6+mf2F2+!KO6<8AQp2?9zN(Z>gzjS@{!1Y5H(>hiUVZ z=78wPh_45BUi-t%<*Cv1!|iqdsAu@&9y)W<{L^~WSO>&Yhqr z0Y=(O7v7qn{x5-|Q_Zr24tEMRTY3SWAgOd-P-N0f8XWLbXdsJeAgc_Dj4BI9H0*!xBH^UUW*vTW_m>h;0rE|ui=0vGk7QHEXtcF?=JPst{zyL(H!x#;smaKY7eeoe+V$g~6fJ(Z@@tu}9ge|2 zbWvCQZ@SLXLiIYLy)AH8EWhcTI9+P;P&7wTjIN;5-?H**>)M=W@(I+R8}UGwzjH(+ zvx?}>`17p!;|!|;Se|oWws3; zF8G|4{aX(~Quj)3^FN~E_E0dm1qMuXC{ge}J8yi31>2qIHdB`Rb})Yu1cVsne!S-}qO6`p zs%&%3TIIadu3Tu&BgmQ;2P)?JW(5eS1L#-^8b3XURB~VH4_oXF80#!g9>3L3y-6Qic90F1Q0k`9wgq(sCXjfFf! zPoNXkZ3cmsqiYn+tiva1xY|xuYfs;WQ&Z)Xwbes|T2gE7)({#yu?;GGHNnb<0TUo` z&>c3Dv)Z0%$;BS8IRwA8FyX=HNfA4xw?kRpz0IB#0j+J(>tF+vl*;L&8f)Bi z>D&2BKe%<>bq8fN%k;TKb4MJ(aGZv?&4VCyGQxAU+MP=%aY+mPJM+h6FNXMYHYao- zK@jDWlO{TM*2f--an)cwO$UJh%2Qle>E=D3m{IJt)Jk)Zl*bk#bEtqJAUMc8c;8 z2Niioleh=y6x!aU>Rv6rHr?s`vp;MN+Ytlg!f)fjbv?a6P@ujGFq|n8_)f@*KS`nW zq_NEAA=z5$D@Ex`UvMHG$?AsxB9VtZVgL97&lvGl*LrFOy6WDdZDZ!?Vy)as)-*60Qpg-v z{wx^&YKvXBs%|fBXndH#xO3RceY9)-_iWO|$)pLtc-N9jjVHLdzld}dBUl==IwI{W zr?tB_0lwKT@NY=63ObH-VJdpHWYIs9quembiFtb8IR$g)BCX>` zea*GhhGIW6tj8XIZhpROL6?5E8|64t7r^eApsF#O_|Ui5*Tt~ZwsG_^9XZhz%<-JJ zGb7@cGClX`r7Z1YhATg*iz^Q>5f#8=x7Wp>R`>Loxt@i#o)QeEJpWp|DN)ho>J@c@fqH@QjF+UxJ8ylTu8KiyGy)~Ng zk&DRaTTvoDE+~vg71W8r>t~_!JY|;nvYEaIYPs`Hua4_4)T_2pKP*pnc)#1Y$8~XW zUAO8cW{Z+7jbE!V{xpVbQQzq~G6X$2^bx0%NcOmUJIiYQB-2^5YEF#a_}~YO%gy^f=u)xg!(6s6l&*N3{rnt1^F{1+ z;mh;Y75o3*y)F{HxbXFNYn1Ko0LRFR-_p9SmCVY9QuA55wf>eC(QTt!^e4l^pfDJQ z^q47k#d|3cZfil|eS_fSEuP)(zAZQV>CO6y%|}CxIGxv$_Q(Oy0B$tV5}4C0i$|l| z1d_6QbV!)M9YdaUn_5<_T1J0HQPbvx7){m8WG^g6U04a}n5K?K}8d z#mcA&&FcCM|7|^80qZy99wV3H2+9z+b+P?h>76)^^kWbAQWN^-9?^sM#QdmfFNsWM z9m6K}_f+{_Ux}-aD*P3Zk61Z0XZiiE0wXdqz46@x)#ke*8GEA>Jiz9hFFj|YC*UTsP* zp^~arGs4;_8YPy-#R@9e4^Hc!INbrj6fK>0do={N2?)h8OF~ghs<%JrM(OUekGs9Q z?rW^YQxGtkXgOsSiv0=oaH2B+t!^jSAX$tK8HKSHe(GwGZ9%E!=g=MHFM3cRP#J4 z>qgkex6yRU+aUO!LCNCF}5`V@LN{ZGfTkVQ65Zm zmUGCir;yj?wU$tL=Q~avyhYN&WK?zY_Lrlddf(d_2A37BnIZQ$yzARzFGx{Z2!;I0 zP1rsm0y(gH+oI2Co>(;Q{(dTRrAkdcq(7?C90N2Qie%QIW%3qwCOoWivrXpUQQJb# z>FflOOxlElb~5gm=^wU)%lp8XQO@G}cfg;i`Oh8A3VWzPJFn5#ir;vlNK#-eCVVz* z&HMnF&WP=s?ga8rwoL)}`!j~mHt{VN?~Fd7BC83aths@<+2U&Z8jY88NeBq<6=0r@ z=3U)EpoKpIh>)Y(Y^y=PdbHHv>OCG;WjG~vLe{*t&1#ixH%lsO`mMw?&vg!JB4K}$F?{fh_P(m%)IStcf_!cDQ3q9an=bmQQ)^rB7<#@$25w@D`=%;H~IR zLwl<+!(#Nl*IjjPwvLoSR=b#3w+4Y$6fEg!b#)0mD#hU^y4rmVD8bzFnYzG zZ{GP`8ppR!vY*`I-{ROTuXnIKn^=FTgfzD2Vn%#mM>dn|2UQ=;XSmlTHx0Cn>yspx zDKLs)+K-xP2co{wERz~74Y#sH&hq&uBXgd1I1)sX=N+m#ihQ2uc*w?Rr;@jI>-B4d zUI{;ajeUP4jFH?zILAo&*QE}rfvO}rmj|JOVv|9HilM ze6|AV&fXb(n}A*uAWUroj**rgRj0mO2qSQ~G0Lt=C1`>4y|`fZ0i`obQ|M`vRu=Qv zHQn{#=Mbf*!T)v=^AED=eEuLpZI7*^5B7zvCD)dSt|dnK+=U%rE>cxPb7~k6p5%=W z(9VHKufUQN=pi_vs_>db)IJ*F6qw+VXR@HE2pKUGv4Qvp%*Iv6FrB;;xePuK&8=9T-z?LDk)tA0F3Jb)(%)^$R4$Z;-}=}*Ifc{8&Rl{a zS+3wWyxpuG@U6o2rwtv*T~VXDxylJ#H19A80)`=`Kk#^gv3q zO?`dXh0zW=pFIR(Y=)kb8Dd)XL;I(s@txpmHJn8YC_RfuoAe*;nYn*SzD(_|7fH&H z4yhQ07jd1mxzW?cF44SUB+AN>O+2_2swY>Ob zo2Rq)KmUKXPeE%PMK5d9S(5LB?rzGtsKD;VP6-xWdZ9M#AqQn^V^0v%&Bh>%Z3gNP zg3Q0&g9gRa%Lz9&BWFqa;E2-b3iSjH6{ew~*!02g>qm`@&~S1vQjv|Ms6T5A8F+%RijCsfxMyRU&MYdsW!_T#ES2CEC-tpK^zV>t(?s2K}+=Y+CvJZ(gyXY}! zz4Eet3(E1JLmrjdY}-K<-(I-@acggH^gS^yKi$6?h~DEAz0ca4JIv4P%C9l+9pEob=?Nbkv@AUoggqO)weM zoM%9GLqr)p6!3?*BB%u7_xt@UG)!zb$OkK*XTy3= z!7O$~>kz+68+4w;PbyhH8?DV4q%C#@A}e3K+t(3g!|)Zy z6W#pJxwvJgi;J}KgBR;2)$u*dIEs;lrq@s3wD%GMWa|t zk8=#UM_f+ZpyF>#{x~jQ%Ylr8oyHx@RSD3h-7&K zo*cjgTVvrgZ*Dn!O}Pf9cw@u~4GSSvrqW1{cj#HM2Wqx(cQEyZl#k{Sc}AE?M9zDT zo@e^QCo##7eb(_Z>JA)XNZma%KGAk8l@#SM4Lnw+HK0>4F)`!ELX88@l)c=kV@>A5 zE9HfnhPU+#SHhl&0!Nr$YXbp~svq0BKhdMlY*JHm-{0P?j*H(V@ii8n4Z8QX${#rr zKG^bZ2MfpLU&uW&mlp*Eraj*1S3V9(0+JgW(sDs9f`~feQ?2XwdhoRsk4ZC2n}pEY zIVi%GU*-{&Gd52{fG&;t!(F9|`{T&S+kmwHh_RO--)zC&FfN;!~4H zwOa^le0M4{-m1C|<3_szw>b$dwwHKI5I7M;?*=y=-30!q5bI!ptMXOG zIUiMds*jg#NRSu1(6O&)!XrbaBqDPt({!{uOGur3Y}upmyzuT9$0Rfw_}RvOMF>Pqreza+dM?O#CdHZ!|Wg)`GR@_UmVSU}!n4Fol2mj+Pp z78qc1(yOiNrNkDt%G&_?$xLvRV#Q8FTiMEE`|#Ha_vt7daKs zD`65{5bb-gKdp(IC+!q2jNru9l|5$`QIdiav#sdjzr%j;lqRu#`%jaQ600W%*V^3G?so=<8h8s8C&aiT) zt@aD3fC;RMf|!!Y8_-REE6|!A!n~o6rCuQ_lUVz%0%maMGBbv5>Dt;+~E}zrPPJ?npiR%vgWKXGaaYv%^epnDTYT^Pq7U%gZ*KeI#j)~ zqSQ%-X!a08)wAi0ip?FpV>KxOD@tUo84KS5l|UoJeCA0SB&iK9l#|CMlWB)i+ADEY z^+H<6&Lj7};J%Q}42=3&^eM++28gp;A0~LhGPI$qG=`Gor06_{>dWFHMji7V;K(t> zwuB6bi0sP!8U`yXxP=E;-qZt`=J0w{Xt4SP>^9z74KO^;=W!ECN6CF-^mt*JK3e%F z0M}zoJ_`^>iU7QB_V`^YUr?x&m{y#oCz)6x*7NDzb^l%pjwR;dhY<3hGX|{)iQUI1 zWe!BpY#uWZ4lybPhJZT^MGtevW@IZ+Ii%|)mZWj79tV|-rgrvEMa_>%7aA`#DVntQ zvL_OF04v?Px}Ai!>&;~+01C^P>l^w5r>y&`oaHAi^^3tU-}MdJRjDx%D}q5O4dZ?& zR(sx8U@Z4J)-@_xqnZC%U<$vVB%CwUb@BTLmK`V>*MgxCB)NS8WKWIxlBfUBtz96n z*h%iKxkjUPP(^rC?lP0jYDUGXxtv`OUvH?4C#)sJX6WhOz-fx4W)l%<-o93pq5Xcc zSrmry(4YlDcWk@Wg^E+(L3dPxP5m3;&5WS))@K95N|16bfT=)5H#T-YFFFXtL_>Gq zW2Rgc)jl#JIx^V0_u{6LE0IpMBt)b-=OGf3;2=+6g%AL&2#N#6mPX^`}j5z!COB# zcz-#}k>llj2MIBjvYmU@h#CKwT_YA3e26Pbvf@5#AWhx@ZzVq0x$S&&;P9ubR_;q zA<)wOui&n)>goRkcguc*ySM$wX8(U`Hym=%+3s9yZ{dT&IGs})iFs5dB>~HkaiVly z9j{N_8vW??0K$WDUmPNAMVC60DB1j?GzC+zmBGLsWp0ip;p~4fAwrNdjG(muv53uo zKp~NqkT@Q5{Zi-WNCUSxOqZsSl#PuDqV^}7zoGmuFm!YRrM~7V;6Of@@EkAZkToC~ zcbAK;2)JWE7>R)pKTRaHfmn4fOh`iXsMGxF<7&W-V_Jwkf9F&UQ7k^&L#+F86M~rZ zfTttq3I^{%?hBHy8C7&}d>GyQ7jsKN@fJprB|mjML41##p(7Sn4gDYF2qYZVR!!ul zWq&C0zmmJn?P6{$2b}BOLsA<4BF%SK5(l+v8ffxr-U3fUh-;!EtqbjX{{7$*`rdDq9bhoJxKs8xGTe2Uoz8R z<(ujK{4&Qct{7n2zn-V4I#TLHLt0fxhtZ(a`kPoknCNdaB35n2IGYNwG8-*lHgWcl z@YQ%eEfLSL{AYh@ZP{VmY1Legkp|bRW1g$r7&fbl5#uZKE7^s$ zhaZz_yH&E+2W-@`HM0{)V}II^i&}OA=I_ozo%09{hwreE(h7I`5Ye9zW00K&4NNe! z++McI>uYhF`ad~ifozK={08dZ z+!ZhW98LRfdS6(FZ6gE$8Xo-OpQxW9-GUZNn{#Saw?7V=tya@oDd5;NkFTExX=jno zN3Fzqtx0O#rBtg{YJ)?Q#v(6(tWtx}V?oWYT(>H@_vYhG4z8U<7|se1=YeJA;vGXYi>KpNm$JG_JEgv^}56F@fsA|`>0U(~3&N2MKT=6%IQ zoftYyB~C9xc%z7ib@er<2Gim)O{SeR7zp6ogR>`#+FUF-HPKj_1Y&mY*F)O)h_>^Y`Pr_wvA!|XM}|IeDY~S^fFTzq4Z!1C#3z-! zR<$JfWbUn|)9(R`9uK(okfCwo0*2o>q01~xxx@EC^2%#vThPnY-|S>ElfgnyyFUtX04Mi;ouL z=qlI?ylJPuX}dIL>QK}LUYIPu28&uH^DJly>0yOIr3qS9rH21)t*;3H5h(qBT_+k< zKBQ5OJN&k#ANbocCV}H+TowDI8QyQU2Rdv=@RXe}f>`SaAWR>S7AUbUde6mJg&#`; ziolu{loR3$OUbbqg~HF z8)M0vsz&XMs6zu)MH-JF2Z2+WX{<^1ykUSBFV3_BBD+CPeK4@tv30K1ga=pd`F7Xm zW*vFH(P9c3yfx#mI7IkCDtC<W)Q$Ypu%4d|9k3P}P7Uiw>pJl`nSKRk{QM3CnO zF>hJ8@0V=n^A48|>wchV`Cc~dL<95A6LA$ZEr|sw>WhPeB%Q^2Xx<5uV9l7bxdzJQ zUesqs0~)fB-zQyh*+&j(jk2VG!2ZTZm&sGoxdW-~YX40;O6%5J!_yb!Sdsf{86>k4 z@W58+7mxRvxZamBkwaFd)SmW9b{ffwFnz1YA==Z}rR7@LL1cM-#Jx&GonU9H>G}n0 z9$j!;1y8hU^KQ3+_qf$;Ld{a`ywF1Vweo)SM^APmN_D*+#paPk=lUtP|E4XiQJlR* z(jdmXfm~I1cKo>#krb3xe_Se^q*h${fKD1ixjl^5wM&wVfh;|X`isqC#ZR?4A)=q! zX^+tzk)W7Ki4=Orvxd@fsi1}pXZm{mLeSF-bJUl0)DHLt4BMy|mT4CZ^R_P*aI3&0 zB=%3s5S0K0nn-UEPL4sj>B(k2l-uO*adq-1K<9Q^$8()@(6_R7%BAEzv!VsWhLi`P z(XjkXvYO7L$ic~&T0|eb9ZY~fbqQhMZZiYUW-R=!vAIXYQjeH%YSdC#OEcDA$G{s7 zf|G8cB4ROD8WGkj-pTnGvI=uT+X#9{R+XqAc`~n>-|~C5R?ZPk{`0ZJ!-*uMv1nNq z@r=AJ%6jVze}K?gyCc4n^vdk%h!&mgrgKNyVVXESR?80ebo!`n7j{UqdlTxVxLMB} zT;cjF%%fv^b@CD*Wp65&D9vl!%t>CUMLi~MV3@ZL8I;SVsYFUQ1NsZF@%t$uv zehMqPCg)$nio$uusI4B}AU!qiNo`(ywmNiAYG)8I6Z-SC_8$UcQ&{?IR(o>q;K}3N zp$?{8K6|Q}y-SiV_E9K&z7sOS0X8VidiBxtGhR!zM)CJH@%OdQGnucj96v~Y?V>(& z{yRtdlNsN^+%^*zE{VWWe&4j^%(fF-hBEfvu@a z{)dUwP9WHouPaz=0B5k>>mL(Mrmvq5pC3(ux1JW-QoKovnL2oRpl_Q6wL*fDJh2le z7OokDKO1LSVnyzY6J&CU)nbc(K8tuxPQv%X06s~@!fVrTJuGhC#T(A{mYp+FCDzyh zzg<)JXNcB7!oILZ$}aAg`nsly5E6s~Nb;ehX7Iy}MZ5`#r1ubd;*FK~e}u2uBO<{~ z`7(|n(u)tJbQfUsWeno^uf_Y5{9gk;_B{Bu6Ig{5Ko#pW+C~$>-O&(*!Jz=9jOY+d z$30KB)B5%MzpBZYFQz3wYPPzF>|k>SXOVPoMNLR;_p)5Wjju;GN^+ZNofDznFDcH3 zmozF*2xHN^;8F*CmjPrGjp!(*#$3e4_8w{yPadn0E>h4BIvNh}UUD6nHZ6d!SDAib z93xm@L9D2YYjx;oJd-!a?v2_jW>+1CW{iyb`NuJHO z|Be-{OKfWj{};n~|KIo>(Yavw@Mjz+u@ci2qmpSttuSIV^DLf3!M|vItm7t<{lG&=91o~lceTJ9K;pHcPZPZy7m0r~@3 zjD=tfF->Fcys82wjXAtEpsTgHCTAfuv3KejFvVRHkB^mPRg)L-vym04$=?er2e;d2 zV}oa0J$Se}y7EQM?e`$KZGT+2F?Xr+uokbf)0PZRW4WU|&2t~*6kVD~%}P}$-78w0 z$pKiJ${j(9e`m(A;K@ZfZ=4i*n+e}6iN1Qpj2Yw_PbG@UcA4F% zZI+tZE(yCQp0)ac=>BItp0s{;k=L%KgG6Y0u%Y+zm=+5GZv)8PVrCayVyyFo z0!F%rO=UP_O|2Dw@mv;q1HNc+vYsqMG)g%+h%x`ZFzq(p$K=r6_me*o{*qrcp(~z_ z2u3WI8Dpp+z7E;UZf23-G!#x|Y*vPH){(f$W2M_2nr~t&nu$E`i3eWrO1cNXzgeHJ z)kNP~<>=Vb(Fz-VC-U+0KXGa5#4x!_Q{!Q6{bIs@{zz2p-`f7V+yyHq2|V|&ySEv0 zlI7-uf!|gU`89%o2iFt}$tx5zC3FuP6~sJOW<009Oc`Gre3zh1y&Q-XXLU0#xd|x=4qc62t1J08Ms9_VSVwv6M@|PP> zXE2l&WhUuxbLsRmm}7!A$^8t4tsL!$*6&=?)j z`9xtRSZ(JG(^s3M5MI|%_Yk@@2-I_L8<|`*g>@>Ob-b(c8K ze}((-vGo}W!Ypz+Bnqv|kaG?RTIbWB4$ufLF~SSug344Xr9paoC)UIHSW*GqLj;;9 zh?l&s1u$>#rL~W-ad%~Nfg5+&-Zxp+Z82T*NlKy9>)cZFtUZua&N=hF#2}XIo267a z9+}ydsYJLl-U^3$zuqbxM%$z0udg9~3e0r!0vfnX1^K)syje|WYrZid>qCKPaE3+l zg|~G^cXBR)jf`S>2YAyrGD&$e=Q&XN!vm&J^{ix~eeCX&s9-7_44^m+%>{o@{$6Kk zMev0f{MnY`zjJqkR><1jI6bdue>X`2Q+!UN4ao7DvY8CYr~vlF8}wA;L|MN^FWPd> zQH_cQqV_BB>aS7tmj-6M0p_!wfbg>lPeR7eFVOEdNk7a-()#=cLEp?Y7X zMFQSY{dXYtJ!qS+wrTvHDD0a`*9N(ilfb4ec>LYh*an-1a}{ zckK=!4|BntjNr%pm;7#UbxxccJd$#R(q$-uAcCw>P-g-h}_w3%;a|x9{o&X?;6rZUt+3o4B+~ zR?H)&2;pH3W`Dt&fM1rbt5WGf91~Jgt2WV?r7uhyk|DO7xV7OVU^5?&v^{RW#SPjH zsE6R;3dB}irO~D<8Bw}jUL9^bVOMWW!V$mb zU+%5n<Moq*DaEbU-GSs!Czb-CLpBR_fl8Ir2j^~A-)4>HiZScl|DI!zdfse zaE0Hv&^8@JVPWFF=kq^4Jd~axwY~)flRZ2-o*rqiQRaSX?>@gyY@^h^eTv1t_3b~s z3SN6+VFiLkZs9|BblLy;Ab0eHZQY=D?9e;-M74gg7Chg4I$>hqY*hTH$K~8vy%wRz`+{UFiVp+oUt-VueKBFO9~y=VfDVAp%P!X(kuQ3I?^u%OtKa z15MYG3$Zr~ksM-TfY}hznV$xAA2He7x|(nJ*MkNA;ExhkxrZbE6y|7P`t*c_IM2M505uq54PDV^|s`7d%SfHj%s{2y}re(+0f zFN#Wbbbf=$;B2=eMLaLT+pzuZeRf;d@FOY>55iylL&=Ccd*Q}}DkGVe=?Ft7{uYWN z(*P+R;ic$jf>30QK)gC~4B%X!5yE7|4HR!QrO{OzmqN_r$jWR_0jjY}82<%s!Qncn z{moR9K8#xaFStFjj}ZctVC!`Gw+94Q?|K;W@0Z)k?tkQ~Og;7~T=LoG4)hU&u52Ho zB?e~ZW3ij|Eu*m3CCVphepmn`NR1W6uJ}(DMcNbffdrHgnz*DX3?W5m^r!pKX-`aQ zMMyTCe6|HqaG`FrUsynYF^OnAzj- zMr`LqED0Bmtfw~ortFAz`0T8`*)hByr}SKYatHf-UR>|E`ndXh8oRoho(#m0^JV6AzX#oX ze+wL*k$yjYOoKn4r({Q6UVnf2u*N&#hfyWA1CY<2iZ0jMj(d3B<9D~t?DD+9JMl)1 zl4`C)ZUOiGJS`w1$3;S`a)Ch5@i9k_S<>CdED!G?BMmZ*FA#k-6QJK?89^?P=<>Iu z+Vy^#Z250EK*Zyfe&EhbPR(BKSw3j*)v?EinG!5rM$yc3u@y^e6Ml9U{i|{WYvn?F zYhFdQfNaKO<{~nKjClm0oov3;+VdZ@hC_bGER77A8I>6iTDRU4Z%}KK(DhoBD$Oog z{z%AotLi|a_HGvQw+A3r+w`?P8%3U-gHhmvesJmJqcrP?vXoVI60BJbl#vkA%~&8x zNKY$h{1{*1i+knAQduZZ7VkHj{o!!`80OWq5F!~+sJOWXZe7qny*S$1*=gB97NIK* zMNS5tLvP6vdm5V5{b<~abB=Lb9$0W|&0$P-U2wUPE1QLYW=A}xk>bAH%rTteC$#3KJH;;ZvFSw;C!5Z zVr7&yXyMJTQuR5@1n3?sxqZA+zEwcYA61cL_tEC)Oq#??54B9Tzz3eP_Fwe3fFA(g zp42koY$Sk;$U^8+&^2yZtM^WJ&QqUrl-rJ8GW!lD^rX=BB!_v)1|UE(Y7N z{``BsaGn1q7e#Gs?AkI)yFoaxCh|nF>$%37BlFG>vi0&I25Jr~FU5aT(vJD(RLQdB zZj70{{~cmZ6%fQlvDTJEAk__zPz^f-ze1H)#tKlKv%JdkqqL~ z`;(y2cAQj~RTQKe(vvFz%RhjcKALx(4xMo#o)rBdSJ@VgH{1P&fRHu4Nk9oA!rn3+ zpx!ee*!Z>9LenpRCVW-!_m7?Rg1ZRFp{3t2zv^;3 zkkGPf04po~;!ottgC|ZmafuV8%cPTh3e^8c)j9Tv7H!+MY}>YN+qP}jE_0X7UAAr8 zwr$(it8;F0^KLRftY5H_F?t)VH;_MJ7L;qg>5kpS4t1ejn>%Rt2|-Jc>cpY5n2tf0 zUsePzr4pwy3G=R>d`UIp#`q{XW;tl`J=fc`ak+(=>O=C_vW;& zuzsU!UuLK5Bb!(NPOrl(0K!@}-6>9AY^4`8B}$z>Ghc#=Ae;>avssovR9~T?geadY z#?~58H5QFgsf_RfF-S@rkSpvLXLP+baETpdG(~rpvHx)%n`h08Mq2{8q8OXdm`o0H zz=C30xz)V?{(U7PH2aAW8hCU^Wfsg%pR_I6{wEe~eS!ct z?xs(o18wBQc%+uluy$@UOFdj)(?KRiEryhqG}FMl8_Y8Js|VU+Kk=qGy|`dI>N8UJ`B7xjuZz)3#)!KEI-=8 ztu(y<8;`bR_YaqC3t-)!KLkKt^0*dYY( z@WPpOtsu+CJi^rVF~SX0fweG$wd0M2+t%rL@v^{_E(!OkfrNQN;D@}!Y}MT#3vT`9 zVrTPq^A^_!hV&_2*izMuw|>^Nj(x!!5m4Sl6z?=hsQ1CWUx2n#QtB3*KQyE1nJ&6Z zQ@dx0aEo}aHzmzxcdts?Ex}+nXS(%KeAemvadcNdm+1LK9&2{u;hT__B2ZxEC;S&` zmHO;VuAQl;V=u0cj?jB(3ofg~KI}p7{h?iaOUCyR`LpuSN`2z$j6im?Svxh9`s<_e zYbYX1ObYqntX0=v#|2%ET;T3rpRRCN5(q0{ATY-@cU_U2VMsF8?l|tP`!-*@UT@ z6xr#&iF8>|%{54>M7JEh`_2cB(U>5Gqb$4S189IRLOtitWO_!^`4j&idp2s5W$9^? z$dvB*6{(0f;co~Z`hL$Z#r2+ZqLqya7+#>~1>CgOm5I86)*>H-vR!E2eWS=^}ia-CR4`~``^xY_9n9u_@akz=H( zXUBF|CKmWhFXmp=tfiLIn5Ei7zVuQIiXjru&(7sQId=0b7lm8$ZV@_Y?4`gt@-%Al+ zWsIb?zx_YH?ROs=wH`#>+xU$Di1E4`21t~C4-JpnxcR(>sC*hcddu`bkB$xw4!2JW zCAU9;fq~;c_Mjm` zaj|R6-eSWyg#BhXrgd-d{_8Pzc6f83E!vl1v!L|7+rue-%EojrHE{TQ#X~4Wa!a0; z)kd}Y_(d|xCFFrhQdr6Vo8159GFmzQP42mwnS>$2`?S=IL}(V!Xvvr#9SlvDDDn$5 z$rgy~zs`^`bM~M|F-WEY#G*DgFa6#{TEh}}%uFgg(4)*f5-{ppMpHL8qlnsHZ9&L; zQe$OKUSIV@j-!rcqUawef&EEH#>YIITo}I1Y^KBhf8%ya@Dl!Se$A;RR7|+^i1FgvtF*fXBa+V`GLl435m5f+(I2aU}UK& zV)zESgf4D^kGU5!8$fG*8PQ5{8etBIoPdFv_kySOMwSIA{OlucjR=(9zqSnXp@Nek_Eo*AtSM!;~=mx zQm^g^aj!yT9#r0Lq`X$Dj`f-BEjP-kyy#u}-?%AjAM^%wx2kn`q)38x{>1MxxHiJv}qMh;8LhjwAtP`?d>td3o^gh%jb9d37dif#}^S z-X%T!f!sKZbU`jEgAUIX*ph+w^1K%|0Ay)6QH$$xtKAu}bu@*86i z{Nz{pJy0-mD1tRdWOhGV@G#ZpTCPR1z=Ezr|01Zpx1cj2b2V}qLHZFfBhC^@*J?(P z_dEp%H7FF+f>m85sYKW&r#p&BMG^Ftb)M=3$5e5VC<` zsjq@+!$z|Ylv~&LdSrx@8it+#J?JddHL$6oT%F{s%E-(>MlUb~gC8;K2q|%vod)BO zLOjsvYXi4*VYR1v%283pIw?6ImPw23V329IZIDT7Q3$m4<0j}h*TfRyFZ5Id1J{o{+(g$0= z3#M7yJPM|XKre!AB6vR&MDtoAT=c#_dzgv7v6VOeb#`32)$r`=W2HTMejwg)m)k`T zzs}YZ73!u-g1s^neX&36;z$wy`?+ptr-Qz-JUMlB6tzV1i*lIJ1Vg1XElF2Ynm`;` zRre^w++v#8e~%_r$NOH@*PJ1iCYS$8HkK%cqoz{Z3Tu+Mkm)XN-0`pOxjjEkFJiLZoT= zY-|?)l2bhOXu5t(&|hYempXy{J;8c-vw15~6AY!*#+_s)-hAN9|9bc@0~8I!f?%Ma zsrR9#N~K0aM|y1Hv+i4?_{R7WMoK+_-)%cDqDrOn&cthjbtQ(r{hq&lxb3hlQHD-- za&mz9Pqd|9a2qn#0J}pTS>aFQL_iQn8UFHn#j0l*lKvn z)L~9k%G}i4bGJ^@$!^q`qTlUSP=1i48H(GX2#~c4ZQ*GvwmGI8ynnQcB*XxO?FsNx z%Z_AoIp-v_{dt6FQ2GknlS-`b6!FvQVQtpBRN6`ylKPt<$}w9A*Dw@FTm^({5%v{q zF5(W~&^v(=_iaR~QPd@bXxBAk&w!7Xq})DVZL=rOm+~PJNq(4eC0>_l-;bq3&z=pL zbD+8Yz0-YV{kdcM)6>w<@#0it^3(HTbn-O({ll0&WBZdsxHkOiXZ+d2`0Xci@I%dh zV$*fhLpyKvoMUU)_1qNlCFi?gSMmL%jk@9S+YmQx)=)>jy^3sq84ewMV=QmevguPRpFYCgvQ~6=4I{ze4gZsYVtP!M~Z+~PX zn}|&dqgXi_5l7+>6_>9fF-vKO%^SkW1iHx3-%_U*SnrwcVImggjTd-52hJD!onM7V z0SVkdy(nSl3ifu}dz;6hg(M4sL8lPHr|E1EjF{8hup^FuNKYgKcRBA3WMv8+75*?J z2SF~Pjd8yUy>#p_q`=$<=qYR;23f0tNvGo(s&mfrhw+XQEB7hK8F6dc?E=k}IZ3xNH3;9YUuE~Au}?Yt3vz3zuON4SX85?s3B zco0j=bqkb%5qAS|ut0c@K*#oFL18Z6UY}6Gr3keVT3u7cy7-Ux_&mes$%6d4Q9?a7 z5lI&2P8lai7Rak_Ip7jG3!yUu1H`Ecb%zjy`BWUyy`zvFg}gH^xP`%SD(HHlM7(Yn zqwjp_^8>T+yrT?kO*~D=-IGigg0QNEd&2|H&}vV}Z0e86c_Ba`qcI1JLeBkSvC(An z0`qVhxknVhQ%=Tqq$!^&!#8sJL2sW@sDv#xR9NYr~0JO;a=y(Lxa9qa^JSdBX)6WZz0ZZaZsP z5I3}QMPG9v94AzWQaPVSGAp8+?AR+3WEI{ z5DprlbYvJRV2p9TCy<&^%$M~@gkD}^ZUlenx}gg`!FgHONK-IQ>>3~DiD%IPRb9s$ z$L^^Cg=rcNa;|kfL#1YraRJQ&y6LLv1i`{-|N65mTG%Eg7#f=R9DAvCSc42jn_FwEOXp9%cZ1*_uD2QgI+F# zw4WW{oe0NYw?<~kX3=0vV3HS9HF4o5Jm`faw)}p~l>oF>L*jpC<~bK*W^KkCkreXx z3gfVIX$t&Wdmki=mE)N4$5h4Ur6;uPv_pcr!qeSOFwSY;zWE@ESp=96E(2Rk=V=0D z;y=PT*2=HTunPZxt*AT9)zkpq>>&G5VE^VW0-_$<^G;2_YJRCp@>)_L^Wfp*Uf^v+ zB$K^#Yb-=*au~B^?`w{E$3)7oD`mrR%~OUq`Vva^p@Cxwl!L~J0#Q{rnTwcF)kXJu zTqZ;1r|$YAb7Z4>`h#S-Wu^_W3Bx@NM(aJY>hDwYd{q8<&SgMycD-M1heWEqk2_Bc z?|_%{Sc5ItU#nNtx`H>yigbC0Pm~)s1DdO_XDu@D;@KOff$!Gb-fAaDHPJKdF9*Kr zM^qGEU}JJfH`i(4ByXmswOPvqLefXxE%iZ)OD?VZT4si6Ba(~r8{ls{m4=d9Vp$*` z$72)whDU=DUtEzC^cFGR^8}#Siz5+hD=e{iUHc%NP|CQFxT?x_=3+XMR(vzg+zpdR zXvJL0`UAIHk%TcuyfXt6AvhxW;sS6?xfEg6MKGne`;wC&x3LK0hV zg;`L@Avr#qaRY!0g3+2*G!vHxU3jI4eNn7|KT!7?WGUSrl|I%bohB)7I7fWQe13pX z6!p6`HgUAG6GEe^&oZ1WK)+6=;8@TQ%8n~r=Tx&ds;p?R0n~H}DjNLWyySKv3rw{i zWLNeQI;16piOzjer{{w|d}4LTtu-w}<(RriVk>_Gf;dGYnZSG!YwB(UOOth){4@a^ zz(!uvEi&st(V|$uSLlx$)X4<*%#&0D#)#f@rx-oHNWMwGuU`hh9Q-^qy9SyEglQ=7QpBaIp8tcL3TEK9~*Xp4!VHYp%bAXx4I$EQQY^hmld#r*5u zBW&SddXV=#cx8n@8f{ZN6~otN1|)4y-fVpa6el)yjv_wX3}2I1<*EuKI&Niyo^Voh zaj!%$S~#b{RIJK0?7RiG%9yRRs>smpLu#8U>N#c9g8Fv?dUqzaA8^Z(lXTOs0CFo=410#;xog0#zW&OL!@V@WP@0uE-ENZnq$rF{WTGx$9?UExBiYLCrD zFu{%^-IJZRj{tcZA9G|eAotGN`ssir`HEc*-)4tTCzOSkdL{5yibIGc_a^Yp31y;B z%Ni2#IWJZSF_T=0vS$lQsC%;N1PH>Hw3qNeQA{12Ly&wGWIRs?@-k1sdfE8|04{Ke zt)F>33;|NOQQX`Q18v#&&&kM7eC)TME1{nJZWFoZLhMPHZPn2Ip3C_lS91AU{45{f z5c6I5Ia0V37X07K&5NilNWx=|*fAb44YK@y%N^Lq6Jy|_g+6{B z^U8YEo?}VabtC!j3k=Owi9omsR5a*yj8AnLkBO}E@Az~5D$GrbZ}Q^#UW!xv&Bz*y2d?_5VhDQaK0$LUY@vF`fq8$jhNccT~`G zZt0VB@s$YUPySx@w`gngfAPGkZb)3*qRL0+5oBMZ1IyYJl=Kd5IPz|Z*WtZ8f`O_2 z*2z@K)27s2Bky(4%w1Zz)u?A-NJ}C$$9~7^9_TG48_9k+u)N=ud*zX@o%UHgV~cq} zs6Pp!Ctvo6=lQ2Kes{H%G}JYP4h!a%Vi=I*^vBHS%#H=Wry>waxFSC6p=4#@G($*b zrHFPV_hc9^hW?BVz3{XRA&AwTEXGo!Hh4WILLYV(u|dT!)}msfoeF1&gWzUo*;r1H z=7-4!lqjETZ|tRl3pq+e@M(sWA-ObdUP^xMC6SSaauo8Z58QgN+r4C#8)m~`!KKG1j42`SNW-R*<)W@1SNfkL%Sc z2!~gTmv|wv?(vWDTHnj`H1Rl-t7BHbrgm;?NEv%DyvklS8-)Q^N8So}3B5pC5DKKJcKp6$X?tjG~>0g^-{8oPz zelE#}Xd2QjJXk&0u2BKp3@?@mE9$D*_6QA?vBI9jO&=iu5LV8hl<|9f^oc6iO3Uto zmdFF6r9%{hezfZ#*G09B)dYf%@pm1l45p@60_U<{uB|$wUB$U~+{HDFav0u338t8U zXnOO++hAZnAcj`X-UoNH0qGw~NFPn(gZ>%mV=-AIN{TuVd$KAW9`kR&WHbHY|%DZqU||;9p?s~ zYUQ#KekG<+1mG)=t1|KbonafW#Fyf1-8aewaF$aX!yTyFxQd#NmA!(Ac~ldM7w85F zgIbMt@hn4G2>D`BG#dxb^sYh;wcgKvLG0J9VTmHUcq6&t<~g^7VmjcodPy1PM1IX& zrTn6ILKmRLH5lorsiX`~X(G8IR!KtMwt*dR^H&2NUq8EBN6x;`bO-wD8@K*9UX-ZA zOtL;uxx@WJUCYFQiP9ed#10(ynux3O$wqG0WqHVVrUjwVeS@)|YCRM$q-v zFuD_`fwrbA3+k$rl>D-%cQMijGc{9-xtkQs_~t}Cj?}z7YXl6-@@){52 zgomTXOb!rr#cZXkcTS8{z%zzQ`EtYq)x;UtokUu2>iTxmk3N7{iu6(V>{ZIKVuhO9iYATj~{Bga1TXE}e)c_R;Kl=qTDTQKKjrl#K^w43-k0~ zV&+{D^Khmt0;-lO#R{xaxFHD5;e;Uaug=+biY&>6TxOOa(=pXV-J)k@PlUpq2<;k6ID}Yl3prhZUZ#qbJpk8h5B0i!Cdf2^u?>t zC1N#&83{q31CXb|EPuHYgxe8!QaZrC0;MII7~iqN zLLiw)x@VEGP;b6vqwKsb`5j06Q2DvkI2s*q35R|##3y9BR}~={^Q``nRVObtx-|yt zm4p5TzyK7KV#?H`fFrw;){pkLJ_-KcB^UR$h&-(Kj=$;)gt`kKTOGcy%0G;HzWqtQ zbosf+cq{Q7p5=dCE;L_()K9!Qp5SU)${M8539MJcsK1`H@V$S@%qv&efXC1gU-kde z4w1;hq(c=vKLMmBs;(mX62EQo5|iOG8)a4t=`9X&RfWiCF&WPI_7d3o{_{M+rO)xH zEQbUnUmy}64agUv;zc}Ti%vLNPp@0lbGCHa&AB>ar&mHM?K&F-;lV1{U`d7Q)f^9&CADJIUe0yxY3jc`9utuAR_~ za|7KeZ<sEmS7 zT#;F=P)|A+vK|>SD0DMeB9-P1VNYAV3=7jZtK;*1l?lWaXHje@SEMdVU@f|S^63~_VjZyhTp04!C=PX$EdNbks3Jxt>LHtrN_#viQnMuRwhQ8O$35)u-l zBv0TIf*2NdJVY8LXY^gOB9WD-9VV6op4mvKb6%hF`?z=LR#TXUTD<5SXrqpP>`Vp2 zgE16OaBE@-^Vgbx4B>p4LNg4NG}*Wqy0yVUkuahutZ*Q#indTF8$ua!+Hh>hbw_S7 zsTWM42#hKCa!)Qo`pRK-+9iZ{;Tcy&D5B)3P){nvwu&mA^``8L>I1C+-a7kHoOCKQ zCaJV1(^L;?y&Q@fYNy>4OGr=~A7McvK-R7zHW6tb`U6L{E@&!SH3u-Uw_Bn@9h)$W z+L`hlVmm((8`?y&5_edF@XfW^h}{K>Sa}%TCW=0#$0PpKyA;D(@P@NY%z(B%JL7?i zyuUgA_Z9EYM}s+kbf>-V_eO&s+-__S-_OT`-v+*)*Z1dIL(X<~cUwEhcN*W%i#$zq z^;3->|3^5^&t^mX$;{6;e$_zxLncnuKgn3~Y+0xB={PS$7{(RO*zJVnT4lN}jGs8w zF{ScYzuL99>al*BM>ZUanrEJVZ@fd-TCR++wGcLV22XKKPxD9f6c8snXA}qi=zE=0 zn5nlaxI8jNEa8?_@Zn%)>x~@x=Pr_GK3B}CgkMU!Zu*b=m9QPk#|NEl!*=gh0Avd$ z3t^7&k)Cqwz(jzJDPZ5V2Tw1C1-|nBegEMT&2To(8ZhBlamtY#GfqwT<$}W3Dx^x&!!G)7^<|6 z8dIZS#TUth24+8Vt)@JNxC6=({9GAXcs|}+x+~02IDNpMd@d($ZZ3LKHk+bnOwb&SMzB{0+liG1#{)F@q`3*66uWdM_dOV~#r zI&I8is&G=A%mVOsZuYI5-uN{x3v`5`?2rX#972>A|wntj_a)mMbbO@Y^10{569LP z^JYP(xX~^iUDfkhf#t)=H~ZdkzjG8-U3FqE=xdFdkUOmR?PIQlg~YbMtjAV8SYIy! zPnLGt*;I9t!b>6z8EP(RZb%&!5sbk?;+Uo|rZd_H4Kf8!Rgvs#BnV`2o3-dGqg@u1 z$nS~c6hp#I$>%W35)JabpPi7mt0JX-}(HWfsCZJ1^n0Z z2C`_(5(|N=xCetvt}!R;V;u=|wn=APXeJ`Z<9sQ-LA(qR%xgJFZi_7Gwjv?4NwZxU z>sR)J2$#sZFvq-jRIW{O2uE4f=OERtKrI5}b07Zku+k-YvcAJ!)%m1k(3QuaaX%cL z9A75}x?YN|Z^gpIHCL|Q@X(ShQbLFc>`J8i^f47qxTsGMR+-_DPIP2ieFDm(g};1Y z#v=zIQ4ixBqWmreEAyV%ZCT5UQwVwm zq1}5PQ#ok%^nba^*$82hITg+3Dq8(}4-`_ENs)Pp7s4>WPQv|pxyS^^B6(KpL4C?-iv#Db zi)J}v|AIB`7;TNEmZs6pNb;35QtYcVF z-~XVR)Fy29T5D)-Wih-=|JXq=$v)b4l?s(!? zJLfi=Opc{;OOtPO&7GDyX73hyYZ=?}Y}DwHTt~SW<=^2ziI6I}qU>5mUA05l_9XgB zkDIXU{nE-TBTatKK}^osAQvfZkoo3-7PX!wg&Y)&DHWi2Lx63u0P4tWGN~qZIa<_& zTGVx$%@)dvf}=7yg#+@2dlJoewIL@&X#2h8FYNUybndL)JWg&Ol-|n zM1Q_u%$TSA;QU#K_^aQDaC*ySn~sRBOF#2ex&du6xAjpr*YpjIIbplj*)_3Q%$3}7#R^& z8a&;zqrU^y3Dl>raB+|89y~arseynKTrD4`RVxauT)q~x$La3w=0 z0$UMHHajmQM+hQJ3@_$`>ID)lHo*wy27PM*g=}LzG@=76O!c1K1sgE1Bh?GNtz_H5 z_u+3HTIB03`Ifv`G7(v92hPL@JTU-M+x36baiQA@!6h@x7|O=;CX|J|CK)AR@0*8- zuJFC-IJclyaj*cHAx@j7>|KNI;yH3))9F>&E?oWpG2VvJuT*|ewPEYj_+kV60yjgOW`+E__T5|N1 z)Tyx7#>YEt%lw%$?Xp6+ol8=#Hi6@&Ly8v^C-cYC(5hhs+4L{mg%yz=9uZ>pWVv8 zn~Os$tf+D3`nmp)kCC3Jcm9jf4Zi+UcJXYgz5^q}aYa?B>#oZs3Bo$jh2*M~DJ>vF zb=|DPy}Rx4X~5>=NtJ+ANcQ>pS0p9@!js-i#fY$uPQ$>)_}j*`J=UcWJdc1p){Q!F zos-EjO7);hpJ?vf_NWC$jogAQRrktE_Y1|bvld?~a0w#UMw0=)Cc`MAdVwub%oDU% zDvd>19KQ8kVL3UR^N&1P{`lf@KA~?`@Z^L!FvOK{1{$IvdoSQWWgur8oXL1{VJR+m zIL)diM=#5V*R}}okZAKAs=yW$h>nC^so+o7b=m9dJbCrohjYxn>J>CvK{qi48g$*# z1J+lEo6>yL>P(k$4K~~bNp>W}-Y;Z*d}+mds37#cTz_(Q>@}WTDhj+cCo_iY`3N_zL37=KSO z#hqWM5jMU2YML%;;3PQb<3X3K$1g9ybi!`4WSQ^ty9Lzo5?l@j#K;_Xv6Io6Hjje9znYM zn<&{6ng`CH{Nw^ua4Y#Js;=xIe1XMT;0M_n&y7P!AcYsmvKW{2#%+=S#<{*|nvnt+ z?j?yBO(`bI53a-GPkTro<=mS|oBi9N_nnKuT2Rl>&4g_Vs@i-RPb`U=5#zrfk|eNt zTp6F^N?crNlTdkTmVr=8T$n2b4u=L5*##1beJ22_;EEGSzyYMs5R zfLssGw)h^5M-an*_1YumNcA&a!EW{-lUkaO&9j~)4kG{t?9@{Q))jC>ffstOu&8zR zyvC1nl3Zh8TesmM+m&nU2GPqHDx@|o^XlIIN*+yh^c#+YWajD3`fbZ=_2+|d8nDwH zAVlZ$AUC)ul4>46Lw+YNfi+25Er7W2J}CBKHW8#$NqMx~cz+0J2d`HYtpzF-i-)u3 zJpHzDD}0Yr2RY0TppRm??_&^n(WTd+8;PP+H8in<+IRje@UZ6@R^%b6iJw0==qp8BdQ*6Xtw=ma%8INY1Yl;Du zG^z2?XsZZw@GPXfxijziNDm9^oiDs2e!l5Ap2^BO;i`Us>DnIPX@w1unXy1$7`?5# zjJYOOKW){x^lGgTt~PBXvFfJc^J|N^;@zQ^lk(Vb>4T^OozX<4SwX-gv#rItPpqXe z9V?1cpjA~pqE$Z^EnUN>FmJIg`VzH0fCnc79G$##;Bq3dk5?L0u=La1JRVp9ousV9 zx>jL3iLz~3MjWLi#Dhze)I=gs-E<1qf!xy|(!TStGOnbn9OymnkNL|P!;=NWRyA&` z5t|gE`sA$k%^P++uu-_40q4!!%kr3tTQbJJzoJaIJe2Dmf_~g?Z>LJGbl6*SRi8;^ zzH^6T6+OEk_RsGOVDlQ1F^D+~20rPCD%=$X-gCAyn}8*O_bhjuC6Y(OQA7*ojW(4${T&k_AY-ja2wE#MM0&pv|FwKQ5|wHpqca1 zUT&*eo3Obao6m)Vyw{>RvVw);;`~PM2$>~L{mN)Mw<6C>qg7Q9mROA$h|&d+k}}V@ zx+u{zaMc2~#0oM0L9sBA zkPs5V7AZuZEy4T;Nf(N92?#zRP-ngEEsMuNj^RE8Y_n1 zC*O6esEhdss(J`9na^ZmpN9W|;XnrQc2e1{xEzq4Szts92kqnZj24jzwL`vTPB~yH zM_$)}#>LvS{+~|JS(NM4;UsNF34EXfj1^VP^$v@6-ke7Gk^^QLSj{Sm*x^D_G86oW zg10@EE+#|?_|^!O3&eLzW2;wR`3mYN4q6_UvAxpG}Sp&ri_znijg5+~c?R(V#A zTvJm>@Ux?YPxrRVvMn7b5MJDbQ`i@s!s1fdl)uqZ$-3eCsU1oq%^F{y`(>ek0Drm) z?i(y^;UaS}D9l#ESmwipD*f*n(I+zDe0S&D+t{38UT0R(yFZ0DrSsWxY&%;&%K71p zb{31ZE{kP$Y#mSIrlK?INLjM+6yEp~rJc3>QwTSFErq5fa;v!El=%Q~Hm*)rU&7|H z0$7bh)~x2O1T_@B2UP~>p;lwXVeM%Y$+EFCD(}b?+JX%tszdaj)q{X$)5U$RD-3hq z$o%$dC$focqd7f3S#^}pv|aqF;^2=4RiC?Vd5Oe^Sf-wxo!s%xgcCug$Oi&s#E$w(fe=^_Gp_1C_nLNkS7cIRLRoG^wh zBAGv5(Y;X`V(58FeR)8C_1Gi(p#crx@wE(}U#lEZ zQDGOgV;pUC)L=(Z_&HjdLBbxYn(fkkTnJr0H%E=Q*jMIXrQzKA^%uxxXftP>A9He+ zJD|2<-Wku#2Tk#k3bC}aHBaBv&k7JS+L&w)X@qTZhU_p^MOSPfMu$d8Gfk#`^bJ5_ z)Hkqe@k4l(AO+!69?=YYFVp9W4URE+Q(Z7bf z#M-UTsHOg~Do(I|-IhSq+FNu5oZmDSwvXmzB{gp%JW)Eo;6UNjVsk{TAfo=>2R0wvg*sKjXnoTbPi})n zjw>@!LW?8O@h25sE_bDa1Uoe;2ZcXKahiIi4TOkY_LF4=92mz^Ay|N;E=J{$A_P|X zLQV0l^fB=#y;F&VJ>r6NU!2ZHYk^5GK{SgKmKHBzw<*2zP-TV*8)QL&kasU{kUV5y zH&|MTz7-NgyQWu8! zDiiSy3m#2^^Nyfn{q)9*vn6pid!=7IB)*(s{o4;SM?nNQln?~nWggTR55fE{YFe(X zre8~sy8b|tYlB9|GTLxwNs!fzuTKdfDBy=i_eeJn^6@M3T}<0DsNkea_b)CJy>=;a zwAjFs*CVA|6JyA&yEhCJ3WSl@H^6W?j(LWY64suaR{7j*Yk)LHyVi}eV zDKzVU=MVG9bU1)8y^>;;-#lg-yO^jK=mUv_QH zSBa60SD(2T_pQXfyU*&VSD%hiw|fM460OTk5M7LJ8wnJXf)Ij8kMQ!v;uvV8rj=f7 z*vcS@HV0{aB)PaByc-+&1eV|ogdrUD6Bj#R%EU_57db_zJWP?1rF{*oZX@pada8O@Xyh3P6sf&{vSx#hF2DM+J}!d7KRgE&3K^?{B`BB z>nKK*L3lizXUWn~rOPZ=ax9*Cci$5PBuup$(~Z$id0Glqu|r{qH4J@JnsR#3@*?C{ z3zw@5TY<{GG*MyN)A&D^womjdHbUS(L+0s-qb#<`!s<;?z^(fmQ3E&yKT@>C@{}TT z(mFSXOCI@h2Pu5V^i^c^YnAHe$^b03F9$B?na@q5`GBe^`O_TlcgZGg%AFQ7q*Hy> zp>g7Lvu7*KQ!a08Py|*~AlE)|4GOkL>+rDe;4``h;vCq1;AqF~b1x}3@2ehb^)3TS zg>^S^v%H^?>|-f&_~dW*=(jXkKWn4^7*7mm9%ppla`d}aJru`(I$z$OCS<=)M%?+_ zzRkh2*v@i#4j*SqJoD%{;PXU$p3O^Ctnba;)}AaC5GIcF1@jpJ=;F}Iw)o*|Y^c?Ec|=o?9IUzvXQ3wRvPlei95`T6 zaDJeoM(?NsJ4nW8mtqam{=HSHuiho!I|)3}nE16+ktpD+t*)mfCataQh4il27ILV}XHp~9F={SR!U4VjOqj$jO#leD}tT#Shw zaPjli^Ml{mVUp^M-d;{GL$@MI#aj2%QRd7MM z6@??2Wq1o-<2y{mE)0~t&irH7eM2F4zuQh0%O zxCX$xg&9p$rzD5TFUJa;$`U+ZhV79Db#E|vj2rPZp=uo8P~157p4>^csT!*(#|S&p z!ohcgeDnBGSu594u_`qLNk(}YsErju(ZBNky^f-``U9d z24WN#s;L81_=E&Vvqk9QXk@+XWHHV;=I^Vp+O;RaZ~J z$-I9A3Oyl0dSp7SOZJ1TfwoMjFB{WL2+C$5@mLyRkL5bd5{Op3jx-{}5f#@x!e2do zTP)rnf51MMAXOXhXa(By@c>^nJ8-KHl0!TUR8Cd4iM0)&P99XhH-! zrGCN%pUOeT!Wr9zp)(%Ezur)Ci>3sF?T+^D6~qm|qEo=*P;m6q!P_wkxc~D2{gdUt za%EUZaKZ*r*16B4p<1jVj_D9ziy=sU9_Va``pU)QiKn$~f0uY7zWw3q>f$Q{6$KOp zlPXiv6cg-xT=O!6P{S(MN3x_Wy*nTG5-{JnWlIaJBQoeB=zOezD=C`^pu0t>^B%IM zVic4p)0?w@Ixf_323_Xofd>IL{Uk_6w~%*B1A?$vFn^wK##4bP&ouZo%+9NqFJHX!)c;?W!-${aScjhw15CLW;X98t zn602*ONv}J$8_0T(5^p>u(4Pd9%!(u-E@lYdPCimuL9ixxZ3aD9J3(Pc&IWOR}AL^ z)WAl1-$s*#I++rJh1NI0pN$L3W5SF+B_>HkC0w>t7VztxZ+5+%-O*^&wtz6$2;Z%3 z`D~Bf>!${I&*eK|T+->{6yLoUB>53bf8OTVSz656+GX$h!m^@UQwZnTl7T9~9vh%z z?9X)>t*uFC^KgN_8KKES5}^|Yz1a08R2ods_mj5Z&Z|PnS9?y$niYQi_0I0gk+(bg z=Jn3Y-Nq%RdYXd>-+fF4Nj{oMtZm870J>LP5BQ#IewLiaq$OZcX_0mDPAXa0wAczU zpsTd|v}unigm2wrEcvMR>>A%^x20;G;KyNzq%K}i5*v1@2K2il z@8!;m*I&P^2fNucrp>idINfbG@OSTr>5Rxjo{%#l19EeU@4mzSb;xVj>Dm=ItFP@W zM2+N*{c9q{HiAovj7L2=yLf+v1P#b`ZXB9NK}v{E=#4szbagbv;7JOq5OdzC)wEkm z&K0Gstmn>XH1b~T?u{y0OYD*|qL|Kv3>Zx6qoQXMJ*~B^tr>EM~ZsYelsc=qXec9_Mg99N4tKx6n96)RAoLr+6W zyeYXwzGhRnwwgucP9|WMqOHmVN=S%p22rhuvw^QnH#OUO@9UAbxAV>3i_u;O9&iA{ z$93*)({Z28z4!H65a2Q*k7ifGRBs|0-PEVVjdD2)}B1od=gl9B0WwCkHbXk(nj1zJi&1qi{;`uZ3&Mhjr3$xy7`pu9Ds=hBR=WI1;Qw6{<&*ek@8seg_i=c^6M2bQ zTL`@J8r0R!_{YftT^(M4>f`;<1(FG#PN}bx{6atuAe5>uWE-q1%LgcLG}nUX`HyXq zU;r_CI;Dw_5DMVw0DZ51Y@-P=85#^AwzG@e36ZyiF!a;TXm<~J=+)?(Z@&3?01;_= z)qAn~`qkH};>*!!^m7q8XneCbpz%kT-A6UMkC0ff8Bh8IYuE5TBXl-5bmxt)Z=QFS zTe8|F%9}{znRC1nCKGCvohB-bS%QPh3*=*eP6p^r^}_v@vn_yKp6c4fV6HY!1)7kM z-26LqreM?u+DK3w4gwB*=zJXyL;ZwX!X^3vA!d9)K}ND+pG~- zVtuX-FTSVD%4C2vA@=|dT$Ad zaY%2-MZzb&FPhGp>Nj3BUE6Xf)&&)}qK|(5e$#|wk4HRL;{x##bAqi&Mq}_T++O{A&CnZc8^$ZoZU$x?3{73>F56!g% zn2;G|C`fo5t0r2kG8A*$sej3^Bf@td#e#jtTaxwgwt9)LZof<6hG`Z2$SRlhggA6i zLv5m4Or_Bc2s9@lh^zX79|;SY+ zqfU3g8caGyqmj3>x6Ja(+m91H@%2&gy`HQ8^&0NT%nDxJUXoNSPs2^UO!FYQzU@+f zB=F_x=;J-$03)y&XbFC?!620-`giG%85ZzF6Ym&Xxu7kY&2z_bCw0+n#h66+ znh2D}dAMB3(KT2-xrEn*+GSgc%!-(U!`-$K`E1V;C-vK5$9ugTD?`>dKdXT(P3eU zP&KHSmrqwHVem=uN_OWonjP-!z21BIs(EdhozTD?)dNsEHH_|6zP}}6!%8ou_HJmP zlOJ;FoJiwX%YDYOt!~wAx(9o->X~p#m?yUuD3JV`}*bUka#G{JQCWd+UB#85#fq~gqA$(-aGFNe2AM_H z2VRJ&mizQNZ(F}Y!(@V|vr$)r8)8Cysqg`V<1i11agM5$@VrJ-(wk^-GZh~}v-&YM z(^{WdV=sa39;?}r^aUdK$2cKO{*cbd1)h;3GEH!UI-uy0bJbMYS#=v4#92;rcL>hJ z`A&o|E;&v0c@$&c#-o9<5l;x3r!xXOJP*F@`qOBG|J}jHN11X2XE{ z!?}#Yp^jxWgsh?7ETsV%M$r%;qc`6haM1)Qgkkvvz zSY-GUpumGHVGDJL@ZANkb5AZV;;Amy;3WFV14pHp2jWvHJ9U=fwJwxVjfdPe`swZ0 zVnt^;d@Y7q7Bd~R(eoMoDt~7vvgdh>+HdM`*a z*s65b6uzx9g`H2aljv7W*KJjueJB94F^P-yARjlo~m|S zDu`!7qb@^vm=j~{A|X?HSC{6rxcD_y%B*J=b}WVhg&e1vmHcpOz+yNQ#gUv`XdmHK zm!69wDz3-$7xJdY%efd?eViAy;Y7j99%O#Ceu~I1Y{DRYp-e>?%@;h)Li~)jv)C;- zj>AR498wQWx1OaCvKF&9ks3(8Us~tCI{DILXo^aptw3$8_71E+7Yz{$&c}JM0u4s& z&o#a~G3o|3j+rYLY#qmQ5|IRlTOdblnW1c{2*DQo_SLl`1F|rOK`DVJPCkG&3glxWmeio2R%7@ zM@5YSt&~*SEo{kGH8Thnj$xBgclseugRHxU56vlj9Fik`%T61ZCqs9RAT>w_b2WAw zLwGtRzBINWCc7g}C5J8(G$C_*LwQobblpuGs&5?;>kqr7Fn&u{+1l#QisdcTeyp8n z3wVWzuzHbDUY|Cv21-u(5@o1-Hj&>PC|weWFWw3!Q%1vR9CNv~PDOs4tmgi>MKtDvh_tzKC>O#2zBLiJ)kAb5#LuVyJM98)Hc6+K?*38<; z-kBGIxtPNFTZ|y%Cr$$N;neE5Av_)x5bbVT9ibs-Gb5uWijDDcjD1Bn6_ct%Xy)qC zDtXYscK6Z$dG^o0{o8x~_h-+38hPLR{I_TS9Kauceg607|F%E=_Wb#?XFt6?eRFkj z{4;(2@1Iy2UF%=}e)bbN{<&u(&!7MOKPp2hB>kpLDjrCqjFW`OK~+e0U!VP~h*DX> z@<{_9(5(WTNd%SWaIgy&hu9~<@1WDw@xWN(&i-u zV$W%&^ef}+k-zfv@T$CMzif*zV^;}!U_ik-K z=6+99?e_G*8ikJ~^X)Yy_K(UjA3enzJn7Nj zQVILrJQ>U8>t7*N#wJ~VCy4a3N!MRL+fBNDcsA+!%g-iV|7u{{r0d_L>n}ZDUb=pg zBs@87qS!@R%@&57sU?Go#-T{(+z-;k9!RCc@qB7Uzigp&vMVfP8^{maXNH$<4LjB1^mMk_Y>3&cSLd~| zeDpopt*m_WT9`)bmclJ;2mg3WvK%X--%PCj&TuDs2-`@c{#;R4eXF}|0;_JL0Pfqi z5t06b9O!B**M3l-tv}oIHG6~u{7V~U=7A=OazXCYDpJloKM4j49EGiYwCDdHy&Ub1O8Ng^?(L2?`Trl| z`E2?B>(EIIFb4FC*rs%PSJd`P= z^sg&dpVYs0E%m`r%-vsCuvhken_yozx@vCyx)~MarI-gukP!U4a>M4B+c5S4*S_t* zBB8U>6EGn#j+v19LC5+)l3x>MBt5FFv%={nE&nDh|0XT}{nGN+?O{mFADL7xuvs19 zTW@BwRrD2;-K0FBGs?6&N38^g{cqwP>ek#gwh@b{w&aKtez!1Uq;5-X00={?178Ro z$r%O$L8KU19?}3dVc%QMdg!%45a|Sv59$%p*!8`xk!#mgUlbH5w8$8hgm2;lZU-UUuk@7UUT=I~7rxBn=zWeppUee7p4MSBy$v40K=CvSM zy->D4H}drM{s56L9~t7aTit$c3=>=R459k^y-+*%(T)u^_fh*U?Z z*ni@gZjC{po*5u=++!riUdCfDZb@=o~*Fi4?pcXw)cPvgSp=l)NXPf^ppT9%@t{44+I1BHpS|;VdYcpY#)Gr z+-oLZ`tVv&rZS8*b?$5)2amr*Fx8Cob3^QR0IJUlqc0pjpA|NlEYGlh zVXq2z8(X))l2>3x%u57gWkTMAa(sRwuA2ZalRls`i84$@B>8{gC~Rt#ut5JPIXy1b zqf<9;xmUmWpPw5yH_yXAOVIyRLV!B&mQ3cHUl%h-w4DhZ_kW|;760#7dpjHY|0qwv z!8?ekP=6+5Mukl3nf6nI2R~{wICQaK&Fp(C#?^U+`y`Q;QBi}YOmVfIkG*NaBN$9A zi#fc z*zYet*flW?Z#fNjGW4cwjOBbE4PlvyS30WgaNtn)DEG|lJXeeU1feOWAvghs)L-nQ z?=cOZAnm?s-yQ!er8hVvju>MSaSYtX20fGq`d%2Jl5pKm_24>qXVvmWLr(B8`}Oeh z_~7c;{CIzHWPg;RtyHf*1PzD|N-g%$8E0gJLk&1&kGZwtl5O-4gHx^odxKk@xMfs{ z>%l40*zX^goQt9j4)w*M_0p$OqkkBj+R&#ZajSAk)QDfTSX8}Z`XiuH?Iqs^o%*7a zbAh%lYE`+I`@^7F>0We$Wql9CR`hB<@*uU*9{_pUv1VEQPk;TNAmLQd86$y5g-A)# z`x>a@{%7>!W!eAl#p~UT|M#OjuKusAJLX}!8L8%j)dGlp*V(XX2u zjmopk{?GNC>-7H_?dw72HHO81{(91`QbY$GOkj*c+^dVE45+ zC?nR!=-|(dNNcB58_RI4Ou*Nbo}mkW7YDY99Iv!mIj{c&tclKL7i6A=@I~)+?&-}gX_uf4M*DKy3c*9 z^80!E-~W|wr2CtIbo&2~%K4vOym+~>|9F(A&6R(>cX=iJ`TRco)tsy zCijtU(8=(Zr;>vAlB$*%57v5U6psN=2NaX;t}?6Id6j0co)hGiK0)jjH?t@u!wpMW zgjbtV!=x(HTF=D3))On{k~Rs1Ns>**LpYf^Q}dALsgZp9AJ5LtkB&c{9h@FNFMQ1; z7cWxfjJl&xWXcnt6q4BI-{w-rY915fsq^^TuSZ|M%nA^8;|@jdvG30>50BM2#uo>N z$4A+Bq%)DjCj3{*B`KW!XAvE+hzjJl-@PAS9bbMtIzK%)IqT6+vt4dhnMRQ8xx|Rt!NJ!-LSinc z<=I=m ze4jXDRI3j-=n{#}{i1aN-_wwsCx28i_0?4pv=&NSm_3f)>uXRqX zxD7wIV6u50<>@E?lQ`syh_KZZ0PXVs?yHx(FU#`(%Z>l<<2)_$f41mrQvhJWJwv=h zl2|8=vO2(}?)#{={6oZV#eyGZebonU?HNI}J92AnU#o{~wX$wP;*k2d$kEjHWlPrS zwCj`^J=WwiDkf}(FB9W^A1Oq$@v8H{@1}4Zm-q?iW;F9i)Z#u*TB_Y-_a?i87lVpdDTfoWI}!6;UGx9-T!*@^{A-)068!J zx>NW{nBu6)X-^A9Zob_u{PvSTaYd3O?Aw~O2E$A94(_kp)hq}9cz=2P@$lWr@!8eK zlZu+9s-Do!tZ&JpMnwT^YjcY^ueBEXDTtINNnOjF#>a=3$5-o~SEbd5o|}F+q=v^~ zMdoxTesz3yu-?V2Yw>XxbNv3h@!{pk#ns9A**a&|-0tJf&!E-e@#WRY_a}$e3S=Eq zY;F3XXQ`iFXj>iU$BTpU_{a0hwNs^zKE5EJ9K65!;r#OC>c2kza6Voi6>Dtv3!3`n z@%a4x<>B$i(}S~vH^-MBkI#-S&QH$P2ZcU8e8~Vgcz<+qe0I1#QqiY}F9;x42bXV- zuRdm%MC0`xcr7h|K>#?vIKDi%I=}pQdVaJ%ENE)=3!3=&zs?RnUL0SZoUf4;sBQC$ znDqPc@y8#}FWM;=+S-++N188?nS$MdaR4m9p`oJMd_ArvQEa-WC$=<4vIxzWsc!A!L9VWEa01tHnn;VG#v1Z#Mq%5 zw5Qso3FXt;QJpFb;7q)b3P~8KyoeCrjt21G{@3nKQpM9)$b{hNTZLfz!{N^EYbd${ zTC`!IY{+Ml3mK3k`L;A&&%627v4^PDbbT3wT(xvL!Tv?U?-nbO^STz6AnN&LrkeMQ>90bsZ^GYbWlrjf+!yz|CCjXvr=8*oG6eGw8OWxQAT?7W_yLy2~trBoSqx zZGV$spIj8pkFu>;F-xc+E}HhaCyN2xDG$g#+S_#xH8+%Ek)C-@qh34Rj1&If#Fr%K z+o|h`WqT-s`AQM)GNXypfD-1bfy8uwI6P3pIXHr{$9Mi5vl%H>A$Kv=_9huHU%VQP zN~QF{Tbf-t0r7)hXM#O*=Y3}7a;jX-7SPl1>~#-RUd=YTc>mNm%7?f`RlPmhHEMll z4|I=O-`TPksViEA_gv90=?-=oG=~OYT(>;A4ml16w%{-oWFI|M{La&??CO^2y#e`$ zx}SCLRtq1jbfi{I-_M5J$Kjj{S-r-c5)3e%VM)Zdr`rGag7ffOcbkCq*aw_YZD2?4 z;)E))i^D;bS3$r1wtet+Y%gkm0J*PkJNQ}@E2`FxgBke;XQXcsR*tNtH|WRJ^BlsZZrKn%#d1`lafZrET$dzDV`cH+y?kWl?pukD@19 zFOa+a8y;GZ)ZWK~D3Tsb$J3>;GPbgP^j02}>gw=wxF@V8W)~45$G?;vh%?SEIhQ3+ z3gY`biZ2pArD0*;XzTRLlt~(qqk_Tw&*Z4YUlN6RF3~N+S%Fc|HpVh$u-RpItkSO2$lqSzx`Iyr&Dq# z34`Enm9#L2sgOLfYMCQ41req;Axr_C#GuB2f0ev0je+)7OzeUMFXVOEa+T{LNxT_h zz=%y!8U`j~TILcm8tiDFkQ$;`PvD+DU1xj}pEElctuvGfmSncrMY^#AG5z2x?0>b6^S4235 zGk#fPbk&JOiCAx|-`-K72N#EFg2OU`Yxq+(OGBKLK0ZN6_*|Vjg}5O%g}|0L2&lFT zyGSULBso;feI7#bzXfMnIvto89Exd$D&nWVKl@)0z3kg>w=M||7F*AMHl?1pYYE@1 zj04A@kcoAhTBQqeLz4W?QFk&fzFbE?3Be+B7RsiQzgkBh5fK7sLW1t(wD7LdiwW1d zgJZfo+EpyBHUtv>oJ83j3XcgpxH$RnVqAEw#311(6pR7)(bgNn^xjgO3{N7g-+Rb> zAOX@OFgvL8BimBU;VJbKF8EXqF0(=ceA$O;gx=_tH`>V?7$_(q4;@^dqW704`)DZA zNj4}k{MG$=68u)=5ybG<#N8nZxt*OICyH7~T9oFTv!)?9M7?2wh4h5ZgIPvFH65vUP>O_FSGFXj46nvGf+*Sd270lERP`DN-D=LSmK-g5( zv&ey|UMYB79*?gwilzasVVf5fIhYlQD4UW*msCg#tq>N(oH7YN^dW>qI*F)M>-Vpe z2&qL7V&AS-AJPXVtVn9G-@Zea~4SHa<2>$U9@ zWG_oWbSZtPY?rJcx|$Q9OL}XNeAy^NP;7v%)Uv2GoJzu=kWdw{-eXOb-)7njT)iPxhjO@Eb*PKtYf-vcmqsnyU981%lumrRKiKPZ6@vMTnsKC!OA$Ui_<%wOX zj$lrzON6Dw{+tAsZ1*L2ei z1O0?p$g2c10o`BGIucnk;CGd3iVo@{Uq~d?3pky!iOH3b>F(!2b%LsaZ?;Rr zQRi6z)YxM%HfyD*M2`D(9qkraD7D_pAQj~2Lkt&A4LRKLX; zZV9ug9AwgE1;UBq?P8MTTpfCLfrXFZ@8=pEj3bbh#Q+_c5dltzw|F6t(Uk<-hRp;N zy`^D@%=vvkJhh^2FBn*nSC9L4PW?G7qT&l|q6U!(D-dR!PjgUdM9itXX#vOQ1c)dnc>Dk ze2+u1o>4$c4u5J&QHF3BA|DGP%2nR8YsPQc%Bx&+Xg95~?$d0;3{KmY(^DYa)>GI< zJh3BN83Ca{pMhOf&}p?U>zN?^cr_<(ZLxx;rueC#k1BprBWq+0YxuSNBTf>$D1Dme<72+Aw;+QzOH`*vg@7(rj8QR=qZ0<2O z_ZWY|dyJB_v<%VsIF5 zc$%$Eg`##mai#;>i2!1PhYN=tpDgStom(z!E4i27D)d#2Ow%w#QyP#^N#F@jS%73h zW5+O}DqgiPFq`Y86-2t#grb&OJfSnna9Deqbku!7Ho6gSR=xgMmLgmoT)iK!;nHM7 zFV;mb+OD5A7e<>4qs@iU=EA7Q%4{x-HWx;l3!}}25&EJpjJ^!vp#C~z9XAonvEw;& zY#HOZTx`A=|1BKQP^)3_8W!$Mq$5E*l!f} zOLVzW*e_A(OHzcCJHcCin zSV%1A&U?&)Ctn!`lQZ-zPRNwrDc(@A(*OVG19Z;91u$8$9uiV=Lr57JJQ*B~KdO_D zJoyS8@+jgAeK;H|@+zJTW>gO0|9bdO29sZsA^hLIn9qjlfA*)iVZ*$k3HGnk7)@zN z#FM`c#BKcKuY(D`e)89WjMU#ep|dA{{lA`kg+Abf@>HOcqhs-8U^3V}8PI^>p)Q{A z|9&#K5k3#d@N?#M>ie|pe?JNG)NjjYeafGX{r__3)lMn@)9BUf7n}Y67|)s$JXNzc z_0N~I3;B}teYQnAF=)w|lqEYdd41Z77V`Tj?svwMj1lpWvkjc{Im`Wq3dw)$>q_3A zY}A@R$Ws2qc{}&d_EQuIX+%(v8ugQ)%qKd|r(x?0GeE9ELZ<(+#Z^;6;wUay9~_h{ z4+1Pn)w;nE>vXlN{6)K6gqw!1&_ZeC?X4IH78>|ac-Lq*VbU6+6-_1VFbj%tCX)rC z|DPapa4-)d?j=O@+6Qil1NvMTH5NRecg{zbKj2#afFAl(Sqy<@=*U|dfpViK?syA8 zQU;qHNyVHahu?Wij5{&=pqK-9s8*FA9r_BlN+CEk74E(e%%QTh{33-!$VK1zX-Go~ zknBT@L(2#jEU-ca)w#*}xdr)osd*(Z6Nn0ya!}(R+V2Hl`-j_FrEoO0SfU0ZUY?O! zl!_8=nA4rmCI={YmP0!rdJ3LtkeLG1Vi~(?ECCNmZ^f`dYPf@n^%P?AkVe&zngQTo z%c%qv1fWh1`oKj-s)945-J#$Z;0ddXOdw85OfFFXMR!tuSt{hXZm`?X?6$@*6Lp3p z2~-~C=9fVS*A>!AL0J=d;18_BF~C!aaD-C4DPEy^K<~O81*2dTjDk^s0Du4h0RR6~ Kie!NRlnekdO$vVi literal 0 HcmV?d00001 diff --git a/bootstrap/helm/cluster-api-provider-azure/values.yaml b/bootstrap/helm/cluster-api-provider-azure/values.yaml index 45f4808d4..ec2640074 100644 --- a/bootstrap/helm/cluster-api-provider-azure/values.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/values.yaml @@ -7,7 +7,7 @@ cluster-api-provider-azure: manager: image: repository: ghcr.io/kubernetes-sigs/cluster-api-azure-controller - tag: v1.11.2 + tag: v1.11.3 asoControllerSettings: azureClientId: "" azureSubscriptionId: "" From a9d5f93bd353fa994b59baf487a9daa17460f977 Mon Sep 17 00:00:00 2001 From: Marcin Maciaszczyk Date: Tue, 10 Oct 2023 15:14:23 +0200 Subject: [PATCH 19/19] bump versions --- bootstrap/helm/cluster-api-cluster/Chart.yaml | 2 +- bootstrap/helm/cluster-api-provider-azure/Chart.yaml | 4 ++-- bootstrap/terraform/azure-bootstrap/deps.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/bootstrap/helm/cluster-api-cluster/Chart.yaml b/bootstrap/helm/cluster-api-cluster/Chart.yaml index bd724fd2a..356e6ebe5 100644 --- a/bootstrap/helm/cluster-api-cluster/Chart.yaml +++ b/bootstrap/helm/cluster-api-cluster/Chart.yaml @@ -2,5 +2,5 @@ apiVersion: v2 name: cluster-api-cluster description: A Helm chart for Kubernetes type: application -version: 0.1.45 +version: 0.1.46 appVersion: v1.24.16 diff --git a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml index abd23db0d..4ea5bdded 100644 --- a/bootstrap/helm/cluster-api-provider-azure/Chart.yaml +++ b/bootstrap/helm/cluster-api-provider-azure/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: cluster-api-provider-azure description: A Helm chart for Kubernetes type: application -version: 0.1.12 -appVersion: v1.11.1 +version: 0.1.13 +appVersion: v1.11.3 dependencies: - name: cluster-api-provider-azure version: 0.1.15 diff --git a/bootstrap/terraform/azure-bootstrap/deps.yaml b/bootstrap/terraform/azure-bootstrap/deps.yaml index 321dde70a..24bf8ef1f 100644 --- a/bootstrap/terraform/azure-bootstrap/deps.yaml +++ b/bootstrap/terraform/azure-bootstrap/deps.yaml @@ -2,7 +2,7 @@ apiVersion: plural.sh/v1alpha1 kind: Dependencies metadata: description: Creates an AKS cluster and prepares it for bootstrapping - version: 0.2.0 + version: 0.2.1 spec: dependencies: [] providers: